From fc37cc4a02ed13d1a73b941a9f80975600fd1b99 Mon Sep 17 00:00:00 2001 From: David Foerster Date: Tue, 10 May 2016 20:20:14 +0200 Subject: Normalize all line terminators --- License.txt | 1006 +- README.md | 528 +- Tests/bench.bat | 642 +- Translations/Language.ar.xml | 2912 +- Translations/Language.be.xml | 2910 +- Translations/Language.bg.xml | 2910 +- Translations/Language.ca.xml | 2910 +- Translations/Language.cs.xml | 2912 +- Translations/Language.da.xml | 2910 +- Translations/Language.de.xml | 2916 +- Translations/Language.el.xml | 2912 +- Translations/Language.es.xml | 2912 +- Translations/Language.et.xml | 2910 +- Translations/Language.eu.xml | 2916 +- Translations/Language.fa.xml | 2910 +- Translations/Language.fi.xml | 2912 +- Translations/Language.fr.xml | 2912 +- Translations/Language.hu.xml | 2910 +- Translations/Language.id.xml | 2910 +- Translations/Language.it.xml | 2912 +- Translations/Language.ja.xml | 2912 +- Translations/Language.ka.xml | 2910 +- Translations/Language.ko.xml | 2912 +- Translations/Language.lv.xml | 2910 +- Translations/Language.my.xml | 2916 +- Translations/Language.nl.xml | 2912 +- Translations/Language.nn.xml | 2912 +- Translations/Language.pl.xml | 2914 +- Translations/Language.pt-br.xml | 2912 +- Translations/Language.ru.xml | 2912 +- Translations/Language.sk.xml | 2910 +- Translations/Language.sl.xml | 2902 +- Translations/Language.sv.xml | 2912 +- Translations/Language.tr.xml | 2908 +- Translations/Language.uk.xml | 2912 +- Translations/Language.uz.xml | 2910 +- Translations/Language.vi.xml | 2910 +- Translations/Language.zh-cn.xml | 2912 +- Translations/Language.zh-hk.xml | 2910 +- Translations/Language.zh-tw.xml | 2906 +- src/Boot/Windows/Bios.h | 64 +- src/Boot/Windows/Boot.vcproj | 492 +- src/Boot/Windows/BootCommon.h | 164 +- src/Boot/Windows/BootConfig.cpp | 204 +- src/Boot/Windows/BootConfig.h | 92 +- src/Boot/Windows/BootConsoleIo.cpp | 678 +- src/Boot/Windows/BootConsoleIo.h | 144 +- src/Boot/Windows/BootCrt.asm | 54 +- src/Boot/Windows/BootDebug.cpp | 362 +- src/Boot/Windows/BootDebug.h | 120 +- src/Boot/Windows/BootDefs.h | 398 +- src/Boot/Windows/BootDiskIo.cpp | 982 +- src/Boot/Windows/BootDiskIo.h | 240 +- src/Boot/Windows/BootEncryptedIo.cpp | 264 +- src/Boot/Windows/BootEncryptedIo.h | 44 +- src/Boot/Windows/BootMain.cpp | 2538 +- src/Boot/Windows/BootMain.h | 68 +- src/Boot/Windows/BootMemory.cpp | 172 +- src/Boot/Windows/BootMemory.h | 56 +- src/Boot/Windows/BootSector.asm | 488 +- src/Boot/Windows/BootStrings.h | 40 +- src/Boot/Windows/Decompressor.c | 130 +- src/Boot/Windows/IntFilter.cpp | 1290 +- src/Boot/Windows/IntFilter.h | 40 +- src/Boot/Windows/Makefile | 404 +- src/Boot/Windows/Platform.cpp | 460 +- src/Boot/Windows/Platform.h | 232 +- src/Build/Tools/MacOSX/nasm | Bin 1818752 -> 1818750 bytes src/Common/Apidrvr.h | 688 +- src/Common/BaseCom.cpp | 492 +- src/Common/BaseCom.h | 238 +- src/Common/BootEncryption.cpp | 5626 +- src/Common/BootEncryption.h | 510 +- src/Common/Cache.c | 230 +- src/Common/Cache.h | 50 +- src/Common/Cmdline.c | 368 +- src/Common/Cmdline.h | 86 +- src/Common/Combo.c | 516 +- src/Common/Combo.h | 58 +- src/Common/Common.h | 190 +- src/Common/Common.rc | 1206 +- src/Common/Crc.c | 270 +- src/Common/Crc.h | 74 +- src/Common/Crypto.c | 2116 +- src/Common/Crypto.h | 726 +- src/Common/Dictionary.c | 174 +- src/Common/Dictionary.h | 68 +- src/Common/Dlgcode.c | 23780 ++++----- src/Common/Dlgcode.h | 1186 +- src/Common/EncryptionThreadPool.c | 1022 +- src/Common/EncryptionThreadPool.h | 84 +- src/Common/Endian.c | 118 +- src/Common/Endian.h | 298 +- src/Common/Exception.h | 246 +- src/Common/Fat.c | 898 +- src/Common/Fat.h | 138 +- src/Common/Format.c | 2108 +- src/Common/Format.h | 152 +- src/Common/GfMul.c | 1536 +- src/Common/GfMul.h | 148 +- src/Common/Inflate.c | 2642 +- src/Common/Inflate.h | 102 +- src/Common/Keyfiles.c | 1556 +- src/Common/Keyfiles.h | 108 +- src/Common/Language.c | 1166 +- src/Common/Language.h | 86 +- src/Common/Language.xml | 2912 +- src/Common/Makefile | 2 +- src/Common/Password.c | 982 +- src/Common/Password.h | 104 +- src/Common/Pkcs5.c | 1918 +- src/Common/Pkcs5.h | 96 +- src/Common/Progress.c | 268 +- src/Common/Progress.h | 66 +- src/Common/Random.c | 1796 +- src/Common/Random.h | 152 +- src/Common/Registry.c | 598 +- src/Common/Registry.h | 74 +- src/Common/Resource.h | 422 +- src/Common/SecurityToken.cpp | 1570 +- src/Common/SecurityToken.h | 452 +- src/Common/Sources | 34 +- src/Common/Tcdefs.h | 646 +- src/Common/Tests.c | 2310 +- src/Common/Tests.h | 62 +- src/Common/Volumes.c | 2540 +- src/Common/Volumes.h | 310 +- src/Common/Wipe.c | 396 +- src/Common/Wipe.h | 90 +- src/Common/Xml.c | 536 +- src/Common/Xml.h | 58 +- src/Common/Xts.c | 1500 +- src/Common/Xts.h | 168 +- src/Crypto/Aes.h | 430 +- src/Crypto/AesSmall.c | 1906 +- src/Crypto/AesSmall.h | 338 +- src/Crypto/AesSmall_x86.asm | 2888 +- src/Crypto/Aes_hw_cpu.asm | 660 +- src/Crypto/Aes_hw_cpu.h | 48 +- src/Crypto/Aes_x64.asm | 1814 +- src/Crypto/Aes_x86.asm | 1292 +- src/Crypto/Aescrypt.c | 622 +- src/Crypto/Aeskey.c | 1146 +- src/Crypto/Aesopt.h | 1468 +- src/Crypto/Aestab.c | 856 +- src/Crypto/Aestab.h | 348 +- src/Crypto/Crypto.vcproj | 1034 +- src/Crypto/Makefile | 2 +- src/Crypto/Makefile.inc | 30 +- src/Crypto/Rmd160.c | 996 +- src/Crypto/Rmd160.h | 66 +- src/Crypto/Serpent.c | 1876 +- src/Crypto/Serpent.h | 40 +- src/Crypto/Sha2.c | 1506 +- src/Crypto/Sha2.h | 310 +- src/Crypto/Sha2Small.c | 468 +- src/Crypto/Sha2Small.h | 26 +- src/Crypto/Sources | 40 +- src/Crypto/Twofish.c | 1098 +- src/Crypto/Twofish.h | 112 +- src/Crypto/Whirlpool.h | 54 +- src/Crypto/cpu.c | 462 +- src/Crypto/cpu.h | 616 +- src/Driver/BuildDriver.cmd | 332 +- src/Driver/DriveFilter.c | 4306 +- src/Driver/DriveFilter.h | 180 +- src/Driver/Driver.rc | 202 +- src/Driver/Driver.vcproj | 796 +- src/Driver/DumpFilter.c | 496 +- src/Driver/DumpFilter.h | 50 +- src/Driver/EncryptedIoQueue.c | 2098 +- src/Driver/EncryptedIoQueue.h | 330 +- src/Driver/Makefile | 2 +- src/Driver/Ntdriver.c | 7126 +-- src/Driver/Ntdriver.h | 378 +- src/Driver/Ntvol.c | 1800 +- src/Driver/Ntvol.h | 44 +- src/Driver/Resource.h | 32 +- src/Driver/Sources | 42 +- src/Driver/VolumeFilter.c | 598 +- src/Driver/VolumeFilter.h | 46 +- src/ExpandVolume/DlgExpandVolume.cpp | 1552 +- src/ExpandVolume/ExpandVolume.c | 42 +- src/ExpandVolume/ExpandVolume.rc | 596 +- src/ExpandVolume/ExpandVolume.vcproj | 1954 +- src/ExpandVolume/InitDataArea.c | 30 +- src/ExpandVolume/InitDataArea.h | 24 +- src/ExpandVolume/WinMain.cpp | 846 +- src/ExpandVolume/resource.h | 294 +- src/Format/Format.manifest | 64 +- src/Format/Format.rc | 1494 +- src/Format/Format.vcproj | 2056 +- src/Format/FormatCom.cpp | 496 +- src/Format/FormatCom.h | 72 +- src/Format/FormatCom.idl | 106 +- src/Format/InPlace.c | 4586 +- src/Format/InPlace.h | 104 +- src/Format/Resource.h | 318 +- src/Format/Tcformat.c | 20466 ++++---- src/Format/Tcformat.h | 218 +- src/License.html | 358 +- src/License.txt | 1404 +- src/Main/Forms/Forms.cpp | 7050 +-- src/Main/Forms/Forms.h | 2194 +- src/Main/Forms/TrueCrypt.fbp | 57476 ++++++++++----------- src/Mount/Favorites.cpp | 2048 +- src/Mount/Favorites.h | 174 +- src/Mount/Hotkeys.c | 1222 +- src/Mount/Hotkeys.h | 104 +- src/Mount/MainCom.cpp | 588 +- src/Mount/MainCom.h | 70 +- src/Mount/MainCom.idl | 114 +- src/Mount/Mount.c | 22048 ++++---- src/Mount/Mount.h | 266 +- src/Mount/Mount.manifest | 64 +- src/Mount/Mount.rc | 1426 +- src/Mount/Mount.vcproj | 2054 +- src/Mount/Resource.h | 526 +- src/PKCS11/cryptoki.h | 132 +- src/PKCS11/pkcs11.h | 598 +- src/PKCS11/pkcs11f.h | 1824 +- src/PKCS11/pkcs11t.h | 3770 +- src/Platform/Buffer.cpp | 280 +- src/Platform/Buffer.h | 218 +- src/Platform/Directory.h | 46 +- src/Platform/Event.cpp | 82 +- src/Platform/Event.h | 160 +- src/Platform/Exception.cpp | 92 +- src/Platform/Exception.h | 208 +- src/Platform/File.h | 208 +- src/Platform/FileCommon.cpp | 162 +- src/Platform/FileStream.h | 104 +- src/Platform/FilesystemPath.h | 134 +- src/Platform/Finally.h | 80 +- src/Platform/ForEach.h | 224 +- src/Platform/Functor.h | 46 +- src/Platform/Memory.cpp | 104 +- src/Platform/Memory.h | 336 +- src/Platform/MemoryStream.cpp | 82 +- src/Platform/MemoryStream.h | 60 +- src/Platform/Mutex.h | 110 +- src/Platform/Platform.h | 44 +- src/Platform/Platform.make | 78 +- src/Platform/PlatformBase.h | 256 +- src/Platform/PlatformTest.cpp | 688 +- src/Platform/PlatformTest.h | 74 +- src/Platform/Serializable.cpp | 66 +- src/Platform/Serializable.h | 152 +- src/Platform/Serializer.cpp | 586 +- src/Platform/Serializer.h | 136 +- src/Platform/SerializerFactory.cpp | 96 +- src/Platform/SerializerFactory.h | 174 +- src/Platform/SharedPtr.h | 312 +- src/Platform/SharedVal.h | 130 +- src/Platform/Stream.h | 56 +- src/Platform/StringConverter.cpp | 810 +- src/Platform/StringConverter.h | 112 +- src/Platform/SyncEvent.h | 82 +- src/Platform/System.h | 20 +- src/Platform/SystemException.h | 80 +- src/Platform/SystemInfo.h | 44 +- src/Platform/SystemLog.h | 72 +- src/Platform/TextReader.cpp | 62 +- src/Platform/TextReader.h | 58 +- src/Platform/Thread.h | 136 +- src/Platform/Time.h | 48 +- src/Platform/User.h | 52 +- src/Readme.txt | 530 +- src/Release/Setup Files/LICENSE | 378 +- src/Release/Setup Files/License.txt | 1404 +- src/Release/Setup Files/NOTICE | 268 +- src/Resources/Icons/VeraCrypt-128x128.xpm | 2592 +- src/Resources/Icons/VeraCrypt-16x16.xpm | 210 +- src/Resources/Icons/VeraCrypt-256x256.xpm | 4058 +- src/Resources/Icons/VeraCrypt-48x48.xpm | 972 +- src/Setup/ComSetup.cpp | 206 +- src/Setup/ComSetup.h | 24 +- src/Setup/ComSetup.rgs | 182 +- src/Setup/Dir.c | 220 +- src/Setup/Dir.h | 46 +- src/Setup/Resource.h | 128 +- src/Setup/SelfExtract.c | 1576 +- src/Setup/SelfExtract.h | 86 +- src/Setup/Setup.c | 5264 +- src/Setup/Setup.h | 380 +- src/Setup/Setup.manifest | 64 +- src/Setup/Setup.rc | 654 +- src/Setup/Setup.vcproj | 968 +- src/Setup/Wizard.c | 2390 +- src/Setup/Wizard.h | 62 +- src/Signing/GlobalSign_R1Cross.cer | 52 +- src/Signing/GlobalSign_Root_CA_MS_Cross_Cert.crt | 60 +- src/Signing/Thawt_CodeSigning_CA.crt | 52 +- src/Signing/sign.bat | 54 +- src/Signing/sign_test.bat | 62 +- src/Signing/thawte_Primary_MS_Cross_Cert.cer | 64 +- src/VeraCrypt.sln | 948 +- 297 files changed, 202290 insertions(+), 202290 deletions(-) diff --git a/License.txt b/License.txt index bc979440..b2103ab4 100644 --- a/License.txt +++ b/License.txt @@ -1,503 +1,503 @@ -TrueCrypt License Version 3.0 - -Software distributed under this license is distributed on an "AS -IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND -DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO -USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE -SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE -BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT -ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE -SOFTWARE, NOR ANY PART(S) THEREOF. - - -I. Definitions - -1. "This Product" means the work (including, but not limited to, -source code, graphics, texts, and accompanying files) made -available under and governed by this version of this license -("License"), as may be indicated by, but is not limited to, -copyright notice(s) attached to or included in the work. - -2. "You" means (and "Your" refers to) an individual or a legal -entity (e.g., a non-profit organization, commercial -organization, government agency, etc.) exercising permissions -granted by this License. - -3. "Modification" means (and "modify" refers to) any alteration -of This Product, including, but not limited to, addition to or -deletion from the substance or structure of This Product, -translation into another language, repackaging, alteration or -removal of any file included with This Product, and addition of -any new files to This Product. - -4. "Your Product" means This Product modified by You, or any -work You derive from (or base on) any part of This Product. In -addition, "Your Product" means any work in which You include any -(modified or unmodified) portion of This Product. However, if -the work in which you include it is an aggregate software -distribution (such as an operating system distribution or a -cover CD-ROM of a magazine) containing multiple separate -products, then the term "Your Product" includes only those -products (in the aggregate software distribution) that use, -include, or depend on a modified or unmodified version of This -Product (and the term "Your Product" does not include the whole -aggregate software distribution). For the purposes of this -License, a product suite consisting of two or more products is -considered a single product (operating system distributions and -cover media of magazines are not considered product suites). - -5. "Distribution" means (and "distribute" refers to), regardless -of means or methods, conveyance, transfer, providing, or making -available of This/Your Product or portions thereof to third -parties (including, but not limited to, making This/Your -Product, or portions thereof, available for download to third -parties, whether or not any third party has downloaded the -product, or any portion thereof, made available for download). - - - -II. Use, Copying, and Distribution of This Product - -1. Provided that You comply with all applicable terms and -conditions of this License, You may make copies of This Product -(unmodified) and distribute copies of This Product (unmodified) -that are not included in another product forming Your Product -(except as permitted under Chapter III). Note: For terms and -conditions for copying and distribution of modified versions of -This Product, see Chapter III. - -2. Provided that You comply with all applicable terms and -conditions of this License, You may use This Product freely (see -also Chapter III) on any number of computers/systems for non- -commercial and/or commercial purposes. - - - -III. Modification, Derivation, and Inclusion in Other Products - -1. If all conditions specified in the following paragraphs in -this Chapter (III) are met (for exceptions, see Section III.2) -and if You comply with all other applicable terms and conditions -of this License, You may modify This Product (thus forming Your -Product), derive new works from This Product or portions thereof -(thus forming Your Product), include This Product or portions -thereof in another product (thus forming Your Product, unless -defined otherwise in Chapter I), and You may use (for non- -commercial and/or commercial purposes), copy, and/or distribute -Your Product. - - a. The name of Your Product (or of Your modified version of - This Product) must not contain the name TrueCrypt (for - example, the following names are not allowed: TrueCrypt, - TrueCrypt+, TrueCrypt Professional, iTrueCrypt, etc.) nor - any other names confusingly similar to the name TrueCrypt - (e.g., True-Crypt, True Crypt, TruKrypt, etc.) - - All occurrences of the name TrueCrypt that could reasonably - be considered to identify Your Product must be removed from - Your Product and from any associated materials. Logo(s) - included in (or attached to) Your Product (and in/to - associated materials) must not incorporate and must not be - confusingly similar to any of the TrueCrypt logos - (including, but not limited to, the non-textual logo - consisting primarily of a key in stylized form) or - portion(s) thereof. All graphics contained in This Product - (logos, icons, etc.) must be removed from Your Product (or - from Your modified version of This Product) and from any - associated materials. - - b. The following phrases must be removed from Your Product - and from any associated materials, except the text of this - License: "A TrueCrypt Foundation Release", "Released by - TrueCrypt Foundation", "This is a TrueCrypt Foundation - release." - - c. Phrase "Based on TrueCrypt, freely available at - http://www.truecrypt.org/" must be displayed by Your Product - (if technically feasible) and contained in its - documentation. Alternatively, if This Product or its portion - You included in Your Product constitutes only a minor - portion of Your Product, phrase "Portions of this product - are based in part on TrueCrypt, freely available at - http://www.truecrypt.org/" may be displayed instead. In each - of the cases mentioned above in this paragraph, - "http://www.truecrypt.org/" must be a hyperlink (if - technically feasible) pointing to http://www.truecrypt.org/ - and You may freely choose the location within the user - interface (if there is any) of Your Product (e.g., an - "About" window, etc.) and the way in which Your Product will - display the respective phrase. - - Your Product (and any associated materials, e.g., the - documentation, the content of the official web site of Your - Product, etc.) must not present any Internet address - containing the domain name truecrypt.org (or any domain name - that forwards to the domain name truecrypt.org) in a manner - that might suggest that it is where information about Your - Product may be obtained or where bugs found in Your Product - may be reported or where support for Your Product may be - available or otherwise attempt to indicate that the domain - name truecrypt.org is associated with Your Product. - - d. The complete source code of Your Product must be freely - and publicly available (for exceptions, see Section III.2) - at least until You cease to distribute Your Product. This - condition can be met in one or both of the following ways: - (i) You include the complete source code of Your Product - with every copy of Your Product that You make and distribute - and You make all such copies of Your Product available to - the general public free of charge, and/or (ii) You include - information (valid and correct at least until You cease to - distribute Your Product) about where the complete source - code of Your Product can be obtained free of charge (e.g., - an Internet address) or for a reasonable reproduction fee - with every copy of Your Product that You make and distribute - and, if there is a web site officially associated with Your - Product, You include the aforementioned information about - the source code on a freely and publicly accessible web - page to which such web site links via an easily viewable - hyperlink (at least until You cease to distribute Your - Product). - - The source code of Your Product must not be deliberately - obfuscated and it must not be in an intermediate form (e.g., - the output of a preprocessor). Source code means the - preferred form in which a programmer would usually modify - the program. - - Portions of the source code of Your Product not contained in - This Product (e.g., portions added by You in creating Your - Product, whether created by You or by third parties) must be - available under license(s) that (however, see also - Subsection III.1.e) allow(s) anyone to modify and derive new - works from the portions of the source code that are not - contained in This Product and to use, copy, and redistribute - such modifications and/or derivative works. The license(s) - must be perpetual, non-exclusive, royalty-free, no-charge, - and worldwide, and must not invalidate, weaken, restrict, - interpret, amend, modify, interfere with or otherwise affect - any part, term, provision, or clause of this License. The - text(s) of the license(s) must be included with every copy - of Your Product that You make and distribute. - - e. You must not change the license terms of This Product in - any way (adding any new terms is considered changing the - license terms even if the original terms are retained), - which means, e.g., that no part of This Product may be put - under another license. You must keep intact all the legal - notices contained in the source code files. You must include - the following items with every copy of Your Product that You - make and distribute: a clear and conspicuous notice stating - that Your Product or portion(s) thereof is/are governed by - this version of the TrueCrypt License, a verbatim copy of - this version of the TrueCrypt License (as contained herein), - a clear and conspicuous notice containing information about - where the included copy of the License can be found, and an - appropriate copyright notice. - - -2. You are not obligated to comply with Subsection III.1.d if -Your Product is not distributed (i.e., Your Product is available -only to You). - - - -IV. Disclaimer of Liability, Disclaimer of Warranty, -Indemnification - -You expressly acknowledge and agree to the following: - -1. IN NO EVENT WILL ANY (CO)AUTHOR OF THIS PRODUCT, OR ANY -APPLICABLE INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY WHO -MAY COPY AND/OR (RE)DISTRIBUTE THIS PRODUCT OR PORTIONS THEREOF, -AS MAY BE PERMITTED HEREIN, BE LIABLE TO YOU OR TO ANY OTHER -PARTY FOR ANY DAMAGES, INCLUDING, BUT NOT LIMITED TO, ANY -DIRECT, INDIRECT, GENERAL, SPECIAL, INCIDENTAL, PUNITIVE, -EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED -TO, CORRUPTION OR LOSS OF DATA, ANY LOSSES SUSTAINED BY YOU OR -THIRD PARTIES, A FAILURE OF THIS PRODUCT TO OPERATE WITH ANY -OTHER PRODUCT, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR -BUSINESS INTERRUPTION), WHETHER IN CONTRACT, STRICT LIABILITY, -TORT (INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE) OR OTHERWISE, -ARISING OUT OF THE USE, COPYING, MODIFICATION, OR -(RE)DISTRIBUTION OF THIS PRODUCT (OR A PORTION THEREOF) OR OF -YOUR PRODUCT (OR A PORTION THEREOF), OR INABILITY TO USE THIS -PRODUCT (OR A PORTION THEREOF), EVEN IF SUCH DAMAGES (OR THE -POSSIBILITY OF SUCH DAMAGES) ARE/WERE PREDICTABLE OR KNOWN TO -ANY (CO)AUTHOR, INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY. - -2. THIS PRODUCT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY -KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT -LIMITED TO, THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A -PARTICULAR PURPOSE, AND NON-INFRINGEMENT. THE ENTIRE RISK AS TO -THE QUALITY AND PERFORMANCE OF THIS PRODUCT IS WITH YOU. SHOULD -THIS PRODUCT PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL -NECESSARY SERVICING, REPAIR, OR CORRECTION. - -3. THIS PRODUCT MAY INCORPORATE IMPLEMENTATIONS OF CRYPTOGRAPHIC -ALGORITHMS THAT ARE REGULATED (E.G., SUBJECT TO EXPORT/IMPORT -CONTROL REGULATIONS) OR ILLEGAL IN SOME COUNTRIES. IT IS SOLELY -YOUR RESPONSIBILITY TO VERIFY THAT IT IS LEGAL TO IMPORT AND/OR -(RE)EXPORT AND/OR USE THIS PRODUCT (OR PORTIONS THEREOF) IN -COUNTRIES WHERE YOU INTEND TO USE IT AND/OR TO WHICH YOU INTEND -TO IMPORT IT AND/OR FROM WHICH YOU INTEND TO EXPORT IT, AND IT -IS SOLELY YOUR RESPONSIBILITY TO COMPLY WITH ANY APPLICABLE -REGULATIONS, RESTRICTIONS, AND LAWS. - -4. YOU SHALL INDEMNIFY, DEFEND AND HOLD ALL (CO)AUTHORS OF THIS -PRODUCT, AND APPLICABLE INTELLECTUAL-PROPERTY OWNERS, HARMLESS -FROM AND AGAINST ANY AND ALL LIABILITY, DAMAGES, LOSSES, -SETTLEMENTS, PENALTIES, FINES, COSTS, EXPENSES (INCLUDING -REASONABLE ATTORNEYS' FEES), DEMANDS, CAUSES OF ACTION, CLAIMS, -ACTIONS, PROCEEDINGS, AND SUITS, DIRECTLY RELATED TO OR ARISING -OUT OF YOUR USE, INABILITY TO USE, COPYING, (RE)DISTRIBUTION, -IMPORT AND/OR (RE)EXPORT OF THIS PRODUCT (OR PORTIONS THEREOF) -AND/OR YOUR BREACH OF ANY TERM OF THIS LICENSE. - - - -V. Trademarks - -This License does not grant permission to use trademarks -associated with (or applying to) This Product, except for fair -use as defined by applicable law and except for use expressly -permitted or required by this License. Any attempt otherwise to -use trademarks associated with (or applying to) This Product -automatically and immediately terminates Your rights under This -License and may constitute trademark infringement (which may be -prosecuted). - - - -VI. General Terms and Conditions, Miscellaneous Provisions - -1. ANYONE WHO USES AND/OR COPIES AND/OR MODIFIES AND/OR CREATES -DERIVATIVE WORKS OF AND/OR (RE)DISTRIBUTES THIS PRODUCT, OR ANY -PORTION(S) THEREOF, IS, BY SUCH ACTION(S), AGREEING TO BE BOUND -BY AND ACCEPTING ALL TERMS AND CONDITIONS OF THIS LICENSE (AND -THE RESPONSIBILITIES AND OBLIGATIONS CONTAINED IN THIS LICENSE). -IF YOU DO NOT ACCEPT (AND AGREE TO BE BOUND BY) ALL TERMS AND -CONDITIONS OF THIS LICENSE, DO NOT USE, COPY, MODIFY, CREATE -DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY -PORTION(S) THEREOF. - -2. YOU MAY NOT USE, MODIFY, COPY, CREATE DERIVATIVE WORKS OF, -(RE)DISTRIBUTE, OR SUBLICENSE THIS PRODUCT, OR PORTION(S) -THEREOF, EXCEPT AS EXPRESSLY PROVIDED IN THIS LICENSE (EVEN IF -APPLICABLE LAW GIVES YOU MORE RIGHTS). ANY ATTEMPT (EVEN IF -PERMITTED BY APPLICABLE LAW) OTHERWISE TO USE, MODIFY, COPY, -CREATE DERIVATIVE WORKS OF, (RE)DISTRIBUTE, OR SUBLICENSE THIS -PRODUCT, OR PORTION(S) THEREOF, AUTOMATICALLY AND IMMEDIATELY -TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN CONSTITUTE -COPYRIGHT INFRINGEMENT (WHICH MAY BE PROSECUTED). ANY CONDITIONS -AND RESTRICTIONS CONTAINED IN THIS LICENSE ARE ALSO LIMITATIONS -ON THE SCOPE OF THIS LICENSE AND ALSO DEFINE THE SCOPE OF YOUR -RIGHTS UNDER THIS LICENSE. YOUR FAILURE TO COMPLY WITH THE TERMS -AND CONDITIONS OF THIS LICENSE OR FAILURE TO PERFORM ANY -APPLICABLE OBLIGATION IMPOSED BY THIS LICENSE AUTOMATICALLY AND -IMMEDIATELY TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN -CAUSE OR BE CONSIDERED COPYRIGHT INFRINGEMENT (WHICH MAY BE -PROSECUTED). NOTHING IN THIS LICENSE SHALL IMPLY OR BE CONSTRUED -AS A PROMISE, OBLIGATION, OR COVENANT NOT TO SUE FOR COPYRIGHT -OR TRADEMARK INFRINGEMENT IF YOU DO NOT COMPLY WITH THE TERMS -AND CONDITIONS OF THIS LICENSE. - -3. This License does not constitute or imply a waiver of any -intellectual property rights except as may be otherwise -expressly provided in this License. This License does not -transfer, assign, or convey any intellectual property rights -(e.g., it does not transfer ownership of copyrights or -trademarks). - -4. Subject to the terms and conditions of this License, You may -allow a third party to use Your copy of This Product (or a copy -that You make and distribute, or Your Product) provided that the -third party explicitly accepts and agrees to be bound by all -terms and conditions of this License and the third party is not -prohibited from using This Product (or portions thereof) by this -License (see, e.g., Section VI.7) or by applicable law. However, -You are not obligated to ensure that the third party accepts -(and agrees to be bound by all terms of) this License if You -distribute only the self-extracting package (containing This -Product) that does not allow the user to install (nor extract) -the files contained in the package until he or she accepts and -agrees to be bound by all terms and conditions of this License. - -5. Without specific prior written permission from the authors of -This Product (or from their common representative), You must not -use the name of This Product, the names of the authors of This -Product, or the names of the legal entities (or informal groups) -of which the authors were/are members/employees, to endorse or -promote Your Product or any work in which You include a modified -or unmodified version of This Product, or to endorse or promote -You or Your affiliates, or in a way that might suggest that Your -Product (or any work in which You include a modified or -unmodified version of This Product), You, or Your affiliates -is/are endorsed by one or more authors of This Product, or in a -way that might suggest that one or more authors of This Product -is/are affiliated with You (or Your affiliates) or directly -participated in the creation of Your Product or of any work in -which You include a modified or unmodified version of This -Product. - -6. IF YOU ARE NOT SURE WHETHER YOU UNDERSTAND ALL PARTS OF THIS -LICENSE OR IF YOU ARE NOT SURE WHETHER YOU CAN COMPLY WITH ALL -TERMS AND CONDITIONS OF THIS LICENSE, YOU MUST NOT USE, COPY, -MODIFY, CREATE DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS -PRODUCT, NOR ANY PORTION(S) OF IT. YOU SHOULD CONSULT WITH A -LAWYER. - -7. IF (IN RELEVANT CONTEXT) ANY PROVISION OF CHAPTER IV OF THIS -LICENSE IS UNENFORCEABLE, INVALID, OR PROHIBITED UNDER -APPLICABLE LAW IN YOUR JURISDICTION, YOU HAVE NO RIGHTS UNDER -THIS LICENSE AND YOU MUST NOT USE, COPY, MODIFY, CREATE -DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY -PORTION(S) THEREOF. - -8. Except as otherwise provided in this License, if any -provision of this License, or a portion thereof, is found to be -invalid or unenforceable under applicable law, it shall not -affect the validity or enforceability of the remainder of this -License, and such invalid or unenforceable provision shall be -construed to reflect the original intent of the provision and -shall be enforced to the maximum extent permitted by applicable -law so as to effect the original intent of the provision as -closely as possible. - -____________________________________________________________ - - -Third-Party Licenses - -This Product contains components that were created by third -parties and that are governed by third-party licenses, which are -contained hereinafter (separated by lines consisting of -underscores). Each of the third-party licenses applies only to -(portions of) the source code file(s) in which the third-party -license is contained or in which it is explicitly referenced, -and to compiled or otherwise processed forms of such source -code. None of the third-party licenses applies to This Product -as a whole, even when it uses terms such as "product", -"program", or any other equivalent terms/phrases. This Product -as a whole is governed by the TrueCrypt License (see above). -Some of the third-party components have been modified by the -authors of This Product. Unless otherwise stated, such -modifications and additions are governed by the TrueCrypt -License (see above). Note: Unless otherwise stated, graphics and -files that are not part of the source code are governed by the -TrueCrypt License. - -____________________________________________________________ - -License agreement for Encryption for the Masses. - -Copyright (C) 1998-2000 Paul Le Roux. All Rights Reserved. - -This product can be copied and distributed free of charge, -including source code. - -You may modify this product and source code, and distribute such -modifications, and you may derive new works based on this -product, provided that: - -1. Any product which is simply derived from this product cannot -be called E4M, or Encryption for the Masses. - -2. If you use any of the source code in your product, and your -product is distributed with source code, you must include this -notice with those portions of this source code that you use. - -Or, - -If your product is distributed in binary form only, you must -display on any packaging, and marketing materials which -reference your product, a notice which states: - -"This product uses components written by Paul Le Roux -" - -3. If you use any of the source code originally by Eric Young, -you must in addition follow his terms and conditions. - -4. Nothing requires that you accept this License, as you have -not signed it. However, nothing else grants you permission to -modify or distribute the product or its derivative works. - -These actions are prohibited by law if you do not accept this -License. - -5. If any of these license terms is found to be to broad in -scope, and declared invalid by any court or legal process, you -agree that all other terms shall not be so affected, and shall -remain valid and enforceable. - -6. THIS PROGRAM IS DISTRIBUTED FREE OF CHARGE, THEREFORE THERE -IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY -APPLICABLE LAW. UNLESS OTHERWISE STATED THE PROGRAM IS PROVIDED -"AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR -IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE -ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS -WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE -COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - -7. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN -WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY -MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE -LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, -INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR -INABILITY TO USE THE PROGRAM, INCLUDING BUT NOT LIMITED TO LOSS -OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH -ANY OTHER PROGRAMS, EVEN IF SUCH HOLDER OR OTHER PARTY HAD -PREVIOUSLY BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. -____________________________________________________________ - -Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. -All rights reserved. - -LICENSE TERMS - -The free distribution and use of this software is allowed (with -or without changes) provided that: - - 1. source code distributions include the above copyright - notice, this list of conditions and the following - disclaimer; - - 2. binary distributions include the above copyright notice, - this list of conditions and the following disclaimer in - their documentation; - - 3. the name of the copyright holder is not used to endorse - products built using this software without specific written - permission. - -DISCLAIMER - -This software is provided 'as is' with no explicit or implied -warranties in respect of its properties, including, but not -limited to, correctness and/or fitness for purpose. -____________________________________________________________ - -Copyright (C) 2002-2004 Mark Adler, all rights reserved -version 1.8, 9 Jan 2004 - -This software is provided 'as-is', without any express or -implied warranty. In no event will the author be held liable -for any damages arising from the use of this software. - -Permission is granted to anyone to use this software for any -purpose, including commercial applications, and to alter it and -redistribute it freely, subject to the following restrictions: - -1. The origin of this software must not be misrepresented; you - must not claim that you wrote the original software. If you - use this software in a product, an acknowledgment in the - product documentation would be appreciated but is not - required. -2. Altered source versions must be plainly marked as such, and - must not be misrepresented as being the original software. -3. This notice may not be removed or altered from any source - distribution. -____________________________________________________________ +TrueCrypt License Version 3.0 + +Software distributed under this license is distributed on an "AS +IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND +DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO +USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE +SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE +BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT +ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE +SOFTWARE, NOR ANY PART(S) THEREOF. + + +I. Definitions + +1. "This Product" means the work (including, but not limited to, +source code, graphics, texts, and accompanying files) made +available under and governed by this version of this license +("License"), as may be indicated by, but is not limited to, +copyright notice(s) attached to or included in the work. + +2. "You" means (and "Your" refers to) an individual or a legal +entity (e.g., a non-profit organization, commercial +organization, government agency, etc.) exercising permissions +granted by this License. + +3. "Modification" means (and "modify" refers to) any alteration +of This Product, including, but not limited to, addition to or +deletion from the substance or structure of This Product, +translation into another language, repackaging, alteration or +removal of any file included with This Product, and addition of +any new files to This Product. + +4. "Your Product" means This Product modified by You, or any +work You derive from (or base on) any part of This Product. In +addition, "Your Product" means any work in which You include any +(modified or unmodified) portion of This Product. However, if +the work in which you include it is an aggregate software +distribution (such as an operating system distribution or a +cover CD-ROM of a magazine) containing multiple separate +products, then the term "Your Product" includes only those +products (in the aggregate software distribution) that use, +include, or depend on a modified or unmodified version of This +Product (and the term "Your Product" does not include the whole +aggregate software distribution). For the purposes of this +License, a product suite consisting of two or more products is +considered a single product (operating system distributions and +cover media of magazines are not considered product suites). + +5. "Distribution" means (and "distribute" refers to), regardless +of means or methods, conveyance, transfer, providing, or making +available of This/Your Product or portions thereof to third +parties (including, but not limited to, making This/Your +Product, or portions thereof, available for download to third +parties, whether or not any third party has downloaded the +product, or any portion thereof, made available for download). + + + +II. Use, Copying, and Distribution of This Product + +1. Provided that You comply with all applicable terms and +conditions of this License, You may make copies of This Product +(unmodified) and distribute copies of This Product (unmodified) +that are not included in another product forming Your Product +(except as permitted under Chapter III). Note: For terms and +conditions for copying and distribution of modified versions of +This Product, see Chapter III. + +2. Provided that You comply with all applicable terms and +conditions of this License, You may use This Product freely (see +also Chapter III) on any number of computers/systems for non- +commercial and/or commercial purposes. + + + +III. Modification, Derivation, and Inclusion in Other Products + +1. If all conditions specified in the following paragraphs in +this Chapter (III) are met (for exceptions, see Section III.2) +and if You comply with all other applicable terms and conditions +of this License, You may modify This Product (thus forming Your +Product), derive new works from This Product or portions thereof +(thus forming Your Product), include This Product or portions +thereof in another product (thus forming Your Product, unless +defined otherwise in Chapter I), and You may use (for non- +commercial and/or commercial purposes), copy, and/or distribute +Your Product. + + a. The name of Your Product (or of Your modified version of + This Product) must not contain the name TrueCrypt (for + example, the following names are not allowed: TrueCrypt, + TrueCrypt+, TrueCrypt Professional, iTrueCrypt, etc.) nor + any other names confusingly similar to the name TrueCrypt + (e.g., True-Crypt, True Crypt, TruKrypt, etc.) + + All occurrences of the name TrueCrypt that could reasonably + be considered to identify Your Product must be removed from + Your Product and from any associated materials. Logo(s) + included in (or attached to) Your Product (and in/to + associated materials) must not incorporate and must not be + confusingly similar to any of the TrueCrypt logos + (including, but not limited to, the non-textual logo + consisting primarily of a key in stylized form) or + portion(s) thereof. All graphics contained in This Product + (logos, icons, etc.) must be removed from Your Product (or + from Your modified version of This Product) and from any + associated materials. + + b. The following phrases must be removed from Your Product + and from any associated materials, except the text of this + License: "A TrueCrypt Foundation Release", "Released by + TrueCrypt Foundation", "This is a TrueCrypt Foundation + release." + + c. Phrase "Based on TrueCrypt, freely available at + http://www.truecrypt.org/" must be displayed by Your Product + (if technically feasible) and contained in its + documentation. Alternatively, if This Product or its portion + You included in Your Product constitutes only a minor + portion of Your Product, phrase "Portions of this product + are based in part on TrueCrypt, freely available at + http://www.truecrypt.org/" may be displayed instead. In each + of the cases mentioned above in this paragraph, + "http://www.truecrypt.org/" must be a hyperlink (if + technically feasible) pointing to http://www.truecrypt.org/ + and You may freely choose the location within the user + interface (if there is any) of Your Product (e.g., an + "About" window, etc.) and the way in which Your Product will + display the respective phrase. + + Your Product (and any associated materials, e.g., the + documentation, the content of the official web site of Your + Product, etc.) must not present any Internet address + containing the domain name truecrypt.org (or any domain name + that forwards to the domain name truecrypt.org) in a manner + that might suggest that it is where information about Your + Product may be obtained or where bugs found in Your Product + may be reported or where support for Your Product may be + available or otherwise attempt to indicate that the domain + name truecrypt.org is associated with Your Product. + + d. The complete source code of Your Product must be freely + and publicly available (for exceptions, see Section III.2) + at least until You cease to distribute Your Product. This + condition can be met in one or both of the following ways: + (i) You include the complete source code of Your Product + with every copy of Your Product that You make and distribute + and You make all such copies of Your Product available to + the general public free of charge, and/or (ii) You include + information (valid and correct at least until You cease to + distribute Your Product) about where the complete source + code of Your Product can be obtained free of charge (e.g., + an Internet address) or for a reasonable reproduction fee + with every copy of Your Product that You make and distribute + and, if there is a web site officially associated with Your + Product, You include the aforementioned information about + the source code on a freely and publicly accessible web + page to which such web site links via an easily viewable + hyperlink (at least until You cease to distribute Your + Product). + + The source code of Your Product must not be deliberately + obfuscated and it must not be in an intermediate form (e.g., + the output of a preprocessor). Source code means the + preferred form in which a programmer would usually modify + the program. + + Portions of the source code of Your Product not contained in + This Product (e.g., portions added by You in creating Your + Product, whether created by You or by third parties) must be + available under license(s) that (however, see also + Subsection III.1.e) allow(s) anyone to modify and derive new + works from the portions of the source code that are not + contained in This Product and to use, copy, and redistribute + such modifications and/or derivative works. The license(s) + must be perpetual, non-exclusive, royalty-free, no-charge, + and worldwide, and must not invalidate, weaken, restrict, + interpret, amend, modify, interfere with or otherwise affect + any part, term, provision, or clause of this License. The + text(s) of the license(s) must be included with every copy + of Your Product that You make and distribute. + + e. You must not change the license terms of This Product in + any way (adding any new terms is considered changing the + license terms even if the original terms are retained), + which means, e.g., that no part of This Product may be put + under another license. You must keep intact all the legal + notices contained in the source code files. You must include + the following items with every copy of Your Product that You + make and distribute: a clear and conspicuous notice stating + that Your Product or portion(s) thereof is/are governed by + this version of the TrueCrypt License, a verbatim copy of + this version of the TrueCrypt License (as contained herein), + a clear and conspicuous notice containing information about + where the included copy of the License can be found, and an + appropriate copyright notice. + + +2. You are not obligated to comply with Subsection III.1.d if +Your Product is not distributed (i.e., Your Product is available +only to You). + + + +IV. Disclaimer of Liability, Disclaimer of Warranty, +Indemnification + +You expressly acknowledge and agree to the following: + +1. IN NO EVENT WILL ANY (CO)AUTHOR OF THIS PRODUCT, OR ANY +APPLICABLE INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY WHO +MAY COPY AND/OR (RE)DISTRIBUTE THIS PRODUCT OR PORTIONS THEREOF, +AS MAY BE PERMITTED HEREIN, BE LIABLE TO YOU OR TO ANY OTHER +PARTY FOR ANY DAMAGES, INCLUDING, BUT NOT LIMITED TO, ANY +DIRECT, INDIRECT, GENERAL, SPECIAL, INCIDENTAL, PUNITIVE, +EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +TO, CORRUPTION OR LOSS OF DATA, ANY LOSSES SUSTAINED BY YOU OR +THIRD PARTIES, A FAILURE OF THIS PRODUCT TO OPERATE WITH ANY +OTHER PRODUCT, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR +BUSINESS INTERRUPTION), WHETHER IN CONTRACT, STRICT LIABILITY, +TORT (INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE) OR OTHERWISE, +ARISING OUT OF THE USE, COPYING, MODIFICATION, OR +(RE)DISTRIBUTION OF THIS PRODUCT (OR A PORTION THEREOF) OR OF +YOUR PRODUCT (OR A PORTION THEREOF), OR INABILITY TO USE THIS +PRODUCT (OR A PORTION THEREOF), EVEN IF SUCH DAMAGES (OR THE +POSSIBILITY OF SUCH DAMAGES) ARE/WERE PREDICTABLE OR KNOWN TO +ANY (CO)AUTHOR, INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY. + +2. THIS PRODUCT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY +KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT +LIMITED TO, THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A +PARTICULAR PURPOSE, AND NON-INFRINGEMENT. THE ENTIRE RISK AS TO +THE QUALITY AND PERFORMANCE OF THIS PRODUCT IS WITH YOU. SHOULD +THIS PRODUCT PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL +NECESSARY SERVICING, REPAIR, OR CORRECTION. + +3. THIS PRODUCT MAY INCORPORATE IMPLEMENTATIONS OF CRYPTOGRAPHIC +ALGORITHMS THAT ARE REGULATED (E.G., SUBJECT TO EXPORT/IMPORT +CONTROL REGULATIONS) OR ILLEGAL IN SOME COUNTRIES. IT IS SOLELY +YOUR RESPONSIBILITY TO VERIFY THAT IT IS LEGAL TO IMPORT AND/OR +(RE)EXPORT AND/OR USE THIS PRODUCT (OR PORTIONS THEREOF) IN +COUNTRIES WHERE YOU INTEND TO USE IT AND/OR TO WHICH YOU INTEND +TO IMPORT IT AND/OR FROM WHICH YOU INTEND TO EXPORT IT, AND IT +IS SOLELY YOUR RESPONSIBILITY TO COMPLY WITH ANY APPLICABLE +REGULATIONS, RESTRICTIONS, AND LAWS. + +4. YOU SHALL INDEMNIFY, DEFEND AND HOLD ALL (CO)AUTHORS OF THIS +PRODUCT, AND APPLICABLE INTELLECTUAL-PROPERTY OWNERS, HARMLESS +FROM AND AGAINST ANY AND ALL LIABILITY, DAMAGES, LOSSES, +SETTLEMENTS, PENALTIES, FINES, COSTS, EXPENSES (INCLUDING +REASONABLE ATTORNEYS' FEES), DEMANDS, CAUSES OF ACTION, CLAIMS, +ACTIONS, PROCEEDINGS, AND SUITS, DIRECTLY RELATED TO OR ARISING +OUT OF YOUR USE, INABILITY TO USE, COPYING, (RE)DISTRIBUTION, +IMPORT AND/OR (RE)EXPORT OF THIS PRODUCT (OR PORTIONS THEREOF) +AND/OR YOUR BREACH OF ANY TERM OF THIS LICENSE. + + + +V. Trademarks + +This License does not grant permission to use trademarks +associated with (or applying to) This Product, except for fair +use as defined by applicable law and except for use expressly +permitted or required by this License. Any attempt otherwise to +use trademarks associated with (or applying to) This Product +automatically and immediately terminates Your rights under This +License and may constitute trademark infringement (which may be +prosecuted). + + + +VI. General Terms and Conditions, Miscellaneous Provisions + +1. ANYONE WHO USES AND/OR COPIES AND/OR MODIFIES AND/OR CREATES +DERIVATIVE WORKS OF AND/OR (RE)DISTRIBUTES THIS PRODUCT, OR ANY +PORTION(S) THEREOF, IS, BY SUCH ACTION(S), AGREEING TO BE BOUND +BY AND ACCEPTING ALL TERMS AND CONDITIONS OF THIS LICENSE (AND +THE RESPONSIBILITIES AND OBLIGATIONS CONTAINED IN THIS LICENSE). +IF YOU DO NOT ACCEPT (AND AGREE TO BE BOUND BY) ALL TERMS AND +CONDITIONS OF THIS LICENSE, DO NOT USE, COPY, MODIFY, CREATE +DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY +PORTION(S) THEREOF. + +2. YOU MAY NOT USE, MODIFY, COPY, CREATE DERIVATIVE WORKS OF, +(RE)DISTRIBUTE, OR SUBLICENSE THIS PRODUCT, OR PORTION(S) +THEREOF, EXCEPT AS EXPRESSLY PROVIDED IN THIS LICENSE (EVEN IF +APPLICABLE LAW GIVES YOU MORE RIGHTS). ANY ATTEMPT (EVEN IF +PERMITTED BY APPLICABLE LAW) OTHERWISE TO USE, MODIFY, COPY, +CREATE DERIVATIVE WORKS OF, (RE)DISTRIBUTE, OR SUBLICENSE THIS +PRODUCT, OR PORTION(S) THEREOF, AUTOMATICALLY AND IMMEDIATELY +TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN CONSTITUTE +COPYRIGHT INFRINGEMENT (WHICH MAY BE PROSECUTED). ANY CONDITIONS +AND RESTRICTIONS CONTAINED IN THIS LICENSE ARE ALSO LIMITATIONS +ON THE SCOPE OF THIS LICENSE AND ALSO DEFINE THE SCOPE OF YOUR +RIGHTS UNDER THIS LICENSE. YOUR FAILURE TO COMPLY WITH THE TERMS +AND CONDITIONS OF THIS LICENSE OR FAILURE TO PERFORM ANY +APPLICABLE OBLIGATION IMPOSED BY THIS LICENSE AUTOMATICALLY AND +IMMEDIATELY TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN +CAUSE OR BE CONSIDERED COPYRIGHT INFRINGEMENT (WHICH MAY BE +PROSECUTED). NOTHING IN THIS LICENSE SHALL IMPLY OR BE CONSTRUED +AS A PROMISE, OBLIGATION, OR COVENANT NOT TO SUE FOR COPYRIGHT +OR TRADEMARK INFRINGEMENT IF YOU DO NOT COMPLY WITH THE TERMS +AND CONDITIONS OF THIS LICENSE. + +3. This License does not constitute or imply a waiver of any +intellectual property rights except as may be otherwise +expressly provided in this License. This License does not +transfer, assign, or convey any intellectual property rights +(e.g., it does not transfer ownership of copyrights or +trademarks). + +4. Subject to the terms and conditions of this License, You may +allow a third party to use Your copy of This Product (or a copy +that You make and distribute, or Your Product) provided that the +third party explicitly accepts and agrees to be bound by all +terms and conditions of this License and the third party is not +prohibited from using This Product (or portions thereof) by this +License (see, e.g., Section VI.7) or by applicable law. However, +You are not obligated to ensure that the third party accepts +(and agrees to be bound by all terms of) this License if You +distribute only the self-extracting package (containing This +Product) that does not allow the user to install (nor extract) +the files contained in the package until he or she accepts and +agrees to be bound by all terms and conditions of this License. + +5. Without specific prior written permission from the authors of +This Product (or from their common representative), You must not +use the name of This Product, the names of the authors of This +Product, or the names of the legal entities (or informal groups) +of which the authors were/are members/employees, to endorse or +promote Your Product or any work in which You include a modified +or unmodified version of This Product, or to endorse or promote +You or Your affiliates, or in a way that might suggest that Your +Product (or any work in which You include a modified or +unmodified version of This Product), You, or Your affiliates +is/are endorsed by one or more authors of This Product, or in a +way that might suggest that one or more authors of This Product +is/are affiliated with You (or Your affiliates) or directly +participated in the creation of Your Product or of any work in +which You include a modified or unmodified version of This +Product. + +6. IF YOU ARE NOT SURE WHETHER YOU UNDERSTAND ALL PARTS OF THIS +LICENSE OR IF YOU ARE NOT SURE WHETHER YOU CAN COMPLY WITH ALL +TERMS AND CONDITIONS OF THIS LICENSE, YOU MUST NOT USE, COPY, +MODIFY, CREATE DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS +PRODUCT, NOR ANY PORTION(S) OF IT. YOU SHOULD CONSULT WITH A +LAWYER. + +7. IF (IN RELEVANT CONTEXT) ANY PROVISION OF CHAPTER IV OF THIS +LICENSE IS UNENFORCEABLE, INVALID, OR PROHIBITED UNDER +APPLICABLE LAW IN YOUR JURISDICTION, YOU HAVE NO RIGHTS UNDER +THIS LICENSE AND YOU MUST NOT USE, COPY, MODIFY, CREATE +DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY +PORTION(S) THEREOF. + +8. Except as otherwise provided in this License, if any +provision of this License, or a portion thereof, is found to be +invalid or unenforceable under applicable law, it shall not +affect the validity or enforceability of the remainder of this +License, and such invalid or unenforceable provision shall be +construed to reflect the original intent of the provision and +shall be enforced to the maximum extent permitted by applicable +law so as to effect the original intent of the provision as +closely as possible. + +____________________________________________________________ + + +Third-Party Licenses + +This Product contains components that were created by third +parties and that are governed by third-party licenses, which are +contained hereinafter (separated by lines consisting of +underscores). Each of the third-party licenses applies only to +(portions of) the source code file(s) in which the third-party +license is contained or in which it is explicitly referenced, +and to compiled or otherwise processed forms of such source +code. None of the third-party licenses applies to This Product +as a whole, even when it uses terms such as "product", +"program", or any other equivalent terms/phrases. This Product +as a whole is governed by the TrueCrypt License (see above). +Some of the third-party components have been modified by the +authors of This Product. Unless otherwise stated, such +modifications and additions are governed by the TrueCrypt +License (see above). Note: Unless otherwise stated, graphics and +files that are not part of the source code are governed by the +TrueCrypt License. + +____________________________________________________________ + +License agreement for Encryption for the Masses. + +Copyright (C) 1998-2000 Paul Le Roux. All Rights Reserved. + +This product can be copied and distributed free of charge, +including source code. + +You may modify this product and source code, and distribute such +modifications, and you may derive new works based on this +product, provided that: + +1. Any product which is simply derived from this product cannot +be called E4M, or Encryption for the Masses. + +2. If you use any of the source code in your product, and your +product is distributed with source code, you must include this +notice with those portions of this source code that you use. + +Or, + +If your product is distributed in binary form only, you must +display on any packaging, and marketing materials which +reference your product, a notice which states: + +"This product uses components written by Paul Le Roux +" + +3. If you use any of the source code originally by Eric Young, +you must in addition follow his terms and conditions. + +4. Nothing requires that you accept this License, as you have +not signed it. However, nothing else grants you permission to +modify or distribute the product or its derivative works. + +These actions are prohibited by law if you do not accept this +License. + +5. If any of these license terms is found to be to broad in +scope, and declared invalid by any court or legal process, you +agree that all other terms shall not be so affected, and shall +remain valid and enforceable. + +6. THIS PROGRAM IS DISTRIBUTED FREE OF CHARGE, THEREFORE THERE +IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. UNLESS OTHERWISE STATED THE PROGRAM IS PROVIDED +"AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR +IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE +ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS +WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE +COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + +7. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN +WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY +MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE +LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, +INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR +INABILITY TO USE THE PROGRAM, INCLUDING BUT NOT LIMITED TO LOSS +OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH +ANY OTHER PROGRAMS, EVEN IF SUCH HOLDER OR OTHER PARTY HAD +PREVIOUSLY BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. +____________________________________________________________ + +Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. +All rights reserved. + +LICENSE TERMS + +The free distribution and use of this software is allowed (with +or without changes) provided that: + + 1. source code distributions include the above copyright + notice, this list of conditions and the following + disclaimer; + + 2. binary distributions include the above copyright notice, + this list of conditions and the following disclaimer in + their documentation; + + 3. the name of the copyright holder is not used to endorse + products built using this software without specific written + permission. + +DISCLAIMER + +This software is provided 'as is' with no explicit or implied +warranties in respect of its properties, including, but not +limited to, correctness and/or fitness for purpose. +____________________________________________________________ + +Copyright (C) 2002-2004 Mark Adler, all rights reserved +version 1.8, 9 Jan 2004 + +This software is provided 'as-is', without any express or +implied warranty. In no event will the author be held liable +for any damages arising from the use of this software. + +Permission is granted to anyone to use this software for any +purpose, including commercial applications, and to alter it and +redistribute it freely, subject to the following restrictions: + +1. The origin of this software must not be misrepresented; you + must not claim that you wrote the original software. If you + use this software in a product, an acknowledgment in the + product documentation would be appreciated but is not + required. +2. Altered source versions must be plainly marked as such, and + must not be misrepresented as being the original software. +3. This notice may not be removed or altered from any source + distribution. +____________________________________________________________ diff --git a/README.md b/README.md index 08be3b07..e795ad21 100644 --- a/README.md +++ b/README.md @@ -1,264 +1,264 @@ -This archive contains the source code of VeraCrypt. -It is based on original TrueCrypt 7.1a with security enhancements and modifications. - - -Important -========= - -You may use the source code contained in this archive only if you accept and -agree to the license terms contained in the file 'License.txt', which is -included in this archive. - -Note that the license specifies, for example, that a derived work must not be -called 'TrueCrypt' or 'VeraCrypt' - - - -Contents -======== - -I. Windows - Requirements for Building VeraCrypt for Windows - Instructions for Building VeraCrypt for Windows - Instructions for Signing and Packaging VeraCrypt for Windows - -II. Linux and Mac OS X - Requirements for Building VeraCrypt for Linux and Mac OS X - Instructions for Building VeraCrypt for Linux and Mac OS X - Mac OS X specifics - -III. FreeBSD and OpenSolaris - -IV. Third-Party Developers (Contributors) - -V. Legal Information - -VI. Further Information - - - -I. Windows -========== - -Requirements for Building VeraCrypt for Windows: ------------------------------------------------- - -- Microsoft Visual C++ 2008 SP1 (Professional Edition or compatible) -- Microsoft Visual C++ 1.52 (available from MSDN Subscriber Downloads) -- Microsoft Windows SDK for Windows 7 (configured for Visual C++) -- Microsoft Windows SDK for Windows 8.1 (needed for SHA-256 code signing) -- Microsoft Windows Driver Kit 7.1.0 (build 7600.16385.1) -- RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20 - header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20) -- NASM assembler 2.08 or compatible -- gzip compressor -- upx packer (available at http://upx.sourceforge.net/) - -IMPORTANT: - -The 64-bit editions of Windows Vista and later versions of Windows, and in -some cases (e.g. playback of HD DVD content) also the 32-bit editions, do not -allow the VeraCrypt driver to run without an appropriate digital signature. -Therefore, all .sys files in official VeraCrypt binary packages are digitally -signed with the digital certificate of the IDRIX, which was -issued by Thawte certification authority. At the end of each official .exe and -.sys file, there are embedded digital signatures and all related certificates -(i.e. all certificates in the relevant certification chain, such as the -certification authority certificates, CA-MS cross-certificate, and the -IDRIX certificate). -Keep this in mind if you compile VeraCrypt -and compare your binaries with the official binaries. If your binaries are -unsigned, the sizes of the official binaries will usually be approximately -10 KB greater than sizes of your binaries (there may be further differences -if you use a different version of the compiler, or if you install a different -or no service pack for Visual Studio, or different hotfixes for it, or if you -use different versions of the required SDKs). - - -Instructions for Building VeraCrypt for Windows: ------------------------------------------------- - -1) Create an environment variable 'MSVC16_ROOT' pointing to the folder 'MSVC15' - extracted from the Visual C++ 1.52 self-extracting package. - - Note: The 16-bit installer MSVC15\SETUP.EXE cannot be run on 64-bit Windows, - but it is actually not necessary to run it. You only need to extract the - folder 'MSVC15', which contains the 32-bit binaries required to build the - VeraCrypt Boot Loader. - -2) If you have installed the Windows Driver Development Kit in another - directory than '%SYSTEMDRIVE%\WinDDK', create an environment variable - 'WINDDK_ROOT' pointing to the DDK installation directory. - -3) Copy the PKCS #11 header files to a standard include path or create an - environment variable 'PKCS11_INC' pointing to the directory where - the PKCS #11 header files are installed. - -4) Open the solution file 'VeraCrypt.sln' in Microsoft Visual Studio 2008. - -5) Select 'All' as the active solution configuration. - -6) Build the solution. - -7) If successful, there should be newly built VeraCrypt binaries in the - 'Release' folder. - -Instructions for Signing and Packaging VeraCrypt for Windows: -------------------------------------------------------------- - -First, create an environment variable 'WSDK81' pointing to the Windows SDK -for Windows 8.1 installation directory. -The folder "Signing" contains a batch file (sign.bat) that will sign all -VeraCrypt components using a code signing certificate present on the -certificate store and also build the final installation setup. -The batch file suppose that the code signing certificate is issued by Thawt. -This is the case for IDRIX's certificate. If yours is issued by another CA, -then you should put the Root and Intermediate certificates in the "Signing" -folder and then modify sign.bat accordingly. - - -II. Linux and Mac OS X -====================== - -Requirements for Building VeraCrypt for Linux and Mac OS X: ------------------------------------------------------------ - -- GNU Make -- GNU C++ Compiler 4.0 or compatible -- Apple Xcode (Mac OS X only) -- NASM assembler 2.08 or compatible (x86/x64 architecture only) -- pkg-config -- makeself (Linux only) -- wxWidgets 3.0 shared library and header files installed or - wxWidgets 3.0 library source code (available at http://www.wxwidgets.org) -- FUSE library and header files (available at https://github.com/libfuse/libfuse - and https://osxfuse.github.io/) -- RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20 - header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20). - They are already included in the source tree under the directory PKCS11 but - it is possible to override it using the environment variable 'PKCS11_INC'. - - -Instructions for Building VeraCrypt for Linux and Mac OS X: ------------------------------------------------------------ - -1) Change the current directory to the root of the VeraCrypt source code. - -2) If you have no wxWidgets shared library installed, run the following - command to configure the wxWidgets static library for VeraCrypt and to - build it: - - $ make WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild - - The variable WX_ROOT must point to the location of the source code of the - wxWidgets library. Output files will be placed in the './wxrelease/' - directory. - -3) To build VeraCrypt, run the following command: - - $ make - - or if you have no wxWidgets shared library installed: - - $ make WXSTATIC=1 - -4) If successful, the VeraCrypt executable should be located in the directory - 'Main'. - -By default, a universal executable supporting both graphical and text user -interface (through the switch --text) is built. -On Linux, a console-only executable, which requires no GUI library, can be -built using the 'NOGUI' parameter: - - $ make NOGUI=1 WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild - $ make NOGUI=1 WXSTATIC=1 - -On MacOSX, building a console-only executable is not supported. - -Mac OS X specifics: ------------------------------------------------------------ - -Under MacOSX, the SDK for OSX 10.7 is used by default. To use another version -of the SDK (i.e. 10.6), you can export the environment variable VC_OSX_TARGET: - - $ export VC_OSX_TARGET=10.6 - - -Before building under MacOSX, pkg-config must be installed if not yet available. -Get it from http://pkgconfig.freedesktop.org/releases/pkg-config-0.28.tar.gz and -compile using the following commands : - - $ ./configure --with-internal-glib - $ make - $ sudo make install - -After making sure pkg-config is available, download and install OSXFuse from -https://osxfuse.github.io/ (MacFUSE compatibility layer must selected) - -The script build_veracrypt_macosx.sh available under "src/Build" performs the -full build of VeraCrypt including the creation of the installer pkg. It expects -to find the wxWidgets 3.0.2 sources at the same level as where you put -VeraCrypt sources (i.e. if "src" path is "/Users/joe/Projects/VeraCrypt/src" -then wxWidgets should be at "/Users/joe/Projects/wxWidgets-wxWidgets-3.0.2") - -The build process uses Code Signing certificates whose ID is specified in -src/Main/Main.make (lines 167 & 169). You'll have to modify these lines to put -the ID of your Code Signing certificates or comment them if you don't have one. - -Because of incompatibility issues with OSXFUSE, the SDK 10.9 generates a -VeraCrypt binary that has issues communicating with the OSXFUSE kernel extension. -Thus, we recommend to use the SDK 10.8 or earlier for building VeraCrypt. - - - -III. FreeBSD and OpenSolaris -============================ - -FreeBSD and OpenSolaris are not yet supported. - - - -IV. Third-Party Developers (Contributors) -========================================= - -If you intend to implement a feature, please contact us first to make sure: - -1) That the feature has not been implemented (we may have already implemented - it, but haven't released the code yet). -2) That the feature is acceptable. -3) Whether we need help of third-party developers with implementing the feature. - -Information on how to contact us can be found at: -https://veracrypt.codeplex.com/ - - - -V. Legal Information -==================== - -Copyright Information ---------------------- - -This software as a whole: -Copyright (c) 2013-2015 IDRIX. All rights reserved. - -Portions of this software: -Copyright (c) 2003-2012 TrueCrypt Developers Association. All rights reserved. -Copyright (c) 1998-2000 Paul Le Roux. All rights reserved. -Copyright (c) 1998-2008 Brian Gladman, Worcester, UK. All rights reserved. -Copyright (c) 2002-2004 Mark Adler. All rights reserved. -For more information, please see the legal notices attached to parts of the -source code. - -Trademark Information ---------------------- - -Any trademarks contained in the source code, binaries, and/or in the -documentation, are the sole property of their respective owners. - - - -VI. Further Information -======================= - -http://www.veracrypt.fr +This archive contains the source code of VeraCrypt. +It is based on original TrueCrypt 7.1a with security enhancements and modifications. + + +Important +========= + +You may use the source code contained in this archive only if you accept and +agree to the license terms contained in the file 'License.txt', which is +included in this archive. + +Note that the license specifies, for example, that a derived work must not be +called 'TrueCrypt' or 'VeraCrypt' + + + +Contents +======== + +I. Windows + Requirements for Building VeraCrypt for Windows + Instructions for Building VeraCrypt for Windows + Instructions for Signing and Packaging VeraCrypt for Windows + +II. Linux and Mac OS X + Requirements for Building VeraCrypt for Linux and Mac OS X + Instructions for Building VeraCrypt for Linux and Mac OS X + Mac OS X specifics + +III. FreeBSD and OpenSolaris + +IV. Third-Party Developers (Contributors) + +V. Legal Information + +VI. Further Information + + + +I. Windows +========== + +Requirements for Building VeraCrypt for Windows: +------------------------------------------------ + +- Microsoft Visual C++ 2008 SP1 (Professional Edition or compatible) +- Microsoft Visual C++ 1.52 (available from MSDN Subscriber Downloads) +- Microsoft Windows SDK for Windows 7 (configured for Visual C++) +- Microsoft Windows SDK for Windows 8.1 (needed for SHA-256 code signing) +- Microsoft Windows Driver Kit 7.1.0 (build 7600.16385.1) +- RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20 + header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20) +- NASM assembler 2.08 or compatible +- gzip compressor +- upx packer (available at http://upx.sourceforge.net/) + +IMPORTANT: + +The 64-bit editions of Windows Vista and later versions of Windows, and in +some cases (e.g. playback of HD DVD content) also the 32-bit editions, do not +allow the VeraCrypt driver to run without an appropriate digital signature. +Therefore, all .sys files in official VeraCrypt binary packages are digitally +signed with the digital certificate of the IDRIX, which was +issued by Thawte certification authority. At the end of each official .exe and +.sys file, there are embedded digital signatures and all related certificates +(i.e. all certificates in the relevant certification chain, such as the +certification authority certificates, CA-MS cross-certificate, and the +IDRIX certificate). +Keep this in mind if you compile VeraCrypt +and compare your binaries with the official binaries. If your binaries are +unsigned, the sizes of the official binaries will usually be approximately +10 KB greater than sizes of your binaries (there may be further differences +if you use a different version of the compiler, or if you install a different +or no service pack for Visual Studio, or different hotfixes for it, or if you +use different versions of the required SDKs). + + +Instructions for Building VeraCrypt for Windows: +------------------------------------------------ + +1) Create an environment variable 'MSVC16_ROOT' pointing to the folder 'MSVC15' + extracted from the Visual C++ 1.52 self-extracting package. + + Note: The 16-bit installer MSVC15\SETUP.EXE cannot be run on 64-bit Windows, + but it is actually not necessary to run it. You only need to extract the + folder 'MSVC15', which contains the 32-bit binaries required to build the + VeraCrypt Boot Loader. + +2) If you have installed the Windows Driver Development Kit in another + directory than '%SYSTEMDRIVE%\WinDDK', create an environment variable + 'WINDDK_ROOT' pointing to the DDK installation directory. + +3) Copy the PKCS #11 header files to a standard include path or create an + environment variable 'PKCS11_INC' pointing to the directory where + the PKCS #11 header files are installed. + +4) Open the solution file 'VeraCrypt.sln' in Microsoft Visual Studio 2008. + +5) Select 'All' as the active solution configuration. + +6) Build the solution. + +7) If successful, there should be newly built VeraCrypt binaries in the + 'Release' folder. + +Instructions for Signing and Packaging VeraCrypt for Windows: +------------------------------------------------------------- + +First, create an environment variable 'WSDK81' pointing to the Windows SDK +for Windows 8.1 installation directory. +The folder "Signing" contains a batch file (sign.bat) that will sign all +VeraCrypt components using a code signing certificate present on the +certificate store and also build the final installation setup. +The batch file suppose that the code signing certificate is issued by Thawt. +This is the case for IDRIX's certificate. If yours is issued by another CA, +then you should put the Root and Intermediate certificates in the "Signing" +folder and then modify sign.bat accordingly. + + +II. Linux and Mac OS X +====================== + +Requirements for Building VeraCrypt for Linux and Mac OS X: +----------------------------------------------------------- + +- GNU Make +- GNU C++ Compiler 4.0 or compatible +- Apple Xcode (Mac OS X only) +- NASM assembler 2.08 or compatible (x86/x64 architecture only) +- pkg-config +- makeself (Linux only) +- wxWidgets 3.0 shared library and header files installed or + wxWidgets 3.0 library source code (available at http://www.wxwidgets.org) +- FUSE library and header files (available at https://github.com/libfuse/libfuse + and https://osxfuse.github.io/) +- RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20 + header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20). + They are already included in the source tree under the directory PKCS11 but + it is possible to override it using the environment variable 'PKCS11_INC'. + + +Instructions for Building VeraCrypt for Linux and Mac OS X: +----------------------------------------------------------- + +1) Change the current directory to the root of the VeraCrypt source code. + +2) If you have no wxWidgets shared library installed, run the following + command to configure the wxWidgets static library for VeraCrypt and to + build it: + + $ make WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild + + The variable WX_ROOT must point to the location of the source code of the + wxWidgets library. Output files will be placed in the './wxrelease/' + directory. + +3) To build VeraCrypt, run the following command: + + $ make + + or if you have no wxWidgets shared library installed: + + $ make WXSTATIC=1 + +4) If successful, the VeraCrypt executable should be located in the directory + 'Main'. + +By default, a universal executable supporting both graphical and text user +interface (through the switch --text) is built. +On Linux, a console-only executable, which requires no GUI library, can be +built using the 'NOGUI' parameter: + + $ make NOGUI=1 WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild + $ make NOGUI=1 WXSTATIC=1 + +On MacOSX, building a console-only executable is not supported. + +Mac OS X specifics: +----------------------------------------------------------- + +Under MacOSX, the SDK for OSX 10.7 is used by default. To use another version +of the SDK (i.e. 10.6), you can export the environment variable VC_OSX_TARGET: + + $ export VC_OSX_TARGET=10.6 + + +Before building under MacOSX, pkg-config must be installed if not yet available. +Get it from http://pkgconfig.freedesktop.org/releases/pkg-config-0.28.tar.gz and +compile using the following commands : + + $ ./configure --with-internal-glib + $ make + $ sudo make install + +After making sure pkg-config is available, download and install OSXFuse from +https://osxfuse.github.io/ (MacFUSE compatibility layer must selected) + +The script build_veracrypt_macosx.sh available under "src/Build" performs the +full build of VeraCrypt including the creation of the installer pkg. It expects +to find the wxWidgets 3.0.2 sources at the same level as where you put +VeraCrypt sources (i.e. if "src" path is "/Users/joe/Projects/VeraCrypt/src" +then wxWidgets should be at "/Users/joe/Projects/wxWidgets-wxWidgets-3.0.2") + +The build process uses Code Signing certificates whose ID is specified in +src/Main/Main.make (lines 167 & 169). You'll have to modify these lines to put +the ID of your Code Signing certificates or comment them if you don't have one. + +Because of incompatibility issues with OSXFUSE, the SDK 10.9 generates a +VeraCrypt binary that has issues communicating with the OSXFUSE kernel extension. +Thus, we recommend to use the SDK 10.8 or earlier for building VeraCrypt. + + + +III. FreeBSD and OpenSolaris +============================ + +FreeBSD and OpenSolaris are not yet supported. + + + +IV. Third-Party Developers (Contributors) +========================================= + +If you intend to implement a feature, please contact us first to make sure: + +1) That the feature has not been implemented (we may have already implemented + it, but haven't released the code yet). +2) That the feature is acceptable. +3) Whether we need help of third-party developers with implementing the feature. + +Information on how to contact us can be found at: +https://veracrypt.codeplex.com/ + + + +V. Legal Information +==================== + +Copyright Information +--------------------- + +This software as a whole: +Copyright (c) 2013-2015 IDRIX. All rights reserved. + +Portions of this software: +Copyright (c) 2003-2012 TrueCrypt Developers Association. All rights reserved. +Copyright (c) 1998-2000 Paul Le Roux. All rights reserved. +Copyright (c) 1998-2008 Brian Gladman, Worcester, UK. All rights reserved. +Copyright (c) 2002-2004 Mark Adler. All rights reserved. +For more information, please see the legal notices attached to parts of the +source code. + +Trademark Information +--------------------- + +Any trademarks contained in the source code, binaries, and/or in the +documentation, are the sole property of their respective owners. + + + +VI. Further Information +======================= + +http://www.veracrypt.fr diff --git a/Tests/bench.bat b/Tests/bench.bat index ec21ed02..392c0a49 100644 --- a/Tests/bench.bat +++ b/Tests/bench.bat @@ -1,321 +1,321 @@ -@echo off - -setlocal - -call :freedrive mydriveletter && goto :cont -echo ERROR: No free drive letter found. -goto :exit -:cont - -echo Using drive letter %mydriveletter%: for our tests -echo. - -IF NOT EXIST test.sha512.hc GOTO :whirlpool - -rem Get start time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Mount SHA-512 container (Normal) -"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.sha512.hc /hash sha512 /l %mydriveletter% /password test /q /silent /m ro - -rem Get end time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Get elapsed time: -set /A elapsed=end-start - -rem Show elapsed time: -set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 -if %hh% lss 10 set hh=0%hh% -if %mm% lss 10 set mm=0%mm% -if %ss% lss 10 set ss=0%ss% -if %cc% lss 10 set cc=0%cc% -echo SHA-512 (Normal) = %hh%:%mm%:%ss%,%cc% - -"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q - -rem Get start time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Mount SHA-512 container (Hidden) -"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.sha512.hc /hash sha512 /l %mydriveletter% /password testhidden /q /silent /m ro - -rem Get end time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Get elapsed time: -set /A elapsed=end-start - -rem Show elapsed time: -set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 -if %hh% lss 10 set hh=0%hh% -if %mm% lss 10 set mm=0%mm% -if %ss% lss 10 set ss=0%ss% -if %cc% lss 10 set cc=0%cc% -echo SHA-512 (Hidden) = %hh%:%mm%:%ss%,%cc% -echo. - -"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q - -:whirlpool - -IF NOT EXIST test.whirlpool.hc GOTO :sha256 - -rem Get start time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Mount Whirlpool container (Normal). -"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.whirlpool.hc /hash whirlpool /l %mydriveletter% /password test /q /silent /m ro - -rem Get end time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Get elapsed time: -set /A elapsed=end-start - -rem Show elapsed time: -set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 -if %hh% lss 10 set hh=0%hh% -if %mm% lss 10 set mm=0%mm% -if %ss% lss 10 set ss=0%ss% -if %cc% lss 10 set cc=0%cc% -echo Whirlpool (Normal) = %hh%:%mm%:%ss%,%cc% - -"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q - -rem Get start time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Mount Whirlpool container (Hidden). -"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.whirlpool.hc /hash whirlpool /l %mydriveletter% /password testhidden /q /silent /m ro - -rem Get end time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Get elapsed time: -set /A elapsed=end-start - -rem Show elapsed time: -set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 -if %hh% lss 10 set hh=0%hh% -if %mm% lss 10 set mm=0%mm% -if %ss% lss 10 set ss=0%ss% -if %cc% lss 10 set cc=0%cc% -echo Whirlpool (Hidden) = %hh%:%mm%:%ss%,%cc% -echo. - -"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q - -:sha256 - -IF NOT EXIST test.sha256.hc GOTO :ripemd160 - -rem Get start time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Mount SHA-256 container (Normal) -"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.sha256.hc /hash sha256 /l %mydriveletter% /password test /q /silent /m ro - -rem Get end time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Get elapsed time: -set /A elapsed=end-start - -rem Show elapsed time: -set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 -if %hh% lss 10 set hh=0%hh% -if %mm% lss 10 set mm=0%mm% -if %ss% lss 10 set ss=0%ss% -if %cc% lss 10 set cc=0%cc% -echo SHA-256 (Normal) = %hh%:%mm%:%ss%,%cc% - -"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q - -rem Get start time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Mount SHA-256 container (Hidden) -"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.sha256.hc /hash sha256 /l %mydriveletter% /password testhidden /q /silent /m ro - -rem Get end time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Get elapsed time: -set /A elapsed=end-start - -rem Show elapsed time: -set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 -if %hh% lss 10 set hh=0%hh% -if %mm% lss 10 set mm=0%mm% -if %ss% lss 10 set ss=0%ss% -if %cc% lss 10 set cc=0%cc% -echo SHA-256 (Hidden) = %hh%:%mm%:%ss%,%cc% -echo. - -"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q - -:ripemd160 - -IF NOT EXIST test.ripemd160.hc GOTO :autodetect - -rem Get start time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Mount RIPEMD-160 container (Normal) -"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.ripemd160.hc /hash ripemd160 /l %mydriveletter% /password test /q /silent /m ro - -rem Get end time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Get elapsed time: -set /A elapsed=end-start - -rem Show elapsed time: -set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 -if %hh% lss 10 set hh=0%hh% -if %mm% lss 10 set mm=0%mm% -if %ss% lss 10 set ss=0%ss% -if %cc% lss 10 set cc=0%cc% -echo RIPEMD-160 (Normal) = %hh%:%mm%:%ss%,%cc% - -"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q - -rem Get start time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Mount RIPEMD-160 container (Hidden) -"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.ripemd160.hc /hash ripemd160 /l %mydriveletter% /password testhidden /q /silent /m ro - -rem Get end time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Get elapsed time: -set /A elapsed=end-start - -rem Show elapsed time: -set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 -if %hh% lss 10 set hh=0%hh% -if %mm% lss 10 set mm=0%mm% -if %ss% lss 10 set ss=0%ss% -if %cc% lss 10 set cc=0%cc% -echo RIPEMD-160 (Hidden) = %hh%:%mm%:%ss%,%cc% -echo. - -"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q - -:autodetect - -call :availablevolume testvolume && goto :contautodetect -goto :exit -:contautodetect - -rem Get start time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Try to mount with a wrong password and PRF autodetection -"c:\Program Files\VeraCrypt\veracrypt.exe" /volume %testvolume% /l %mydriveletter% /password wrongpassword /q /silent /m ro - -rem Get end time: -for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( - set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" -) - -rem Get elapsed time: -set /A elapsed=end-start - -rem Show elapsed time: -set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 -if %hh% lss 10 set hh=0%hh% -if %mm% lss 10 set mm=0%mm% -if %ss% lss 10 set ss=0%ss% -if %cc% lss 10 set cc=0%cc% -echo Wrong Password (PRF Auto-detection)= %hh%:%mm%:%ss%,%cc% -echo. - - -goto :exit - -rem Finds a free drive letter. -rem -rem Parameters: -rem %1 = Output variable name. -rem -rem Example: -rem call :freedrive mydriveletter && goto :cont -rem echo ERROR: No free drive letter found. -rem goto :EOF -rem :cont -rem echo Found drive letter: %mydriveletter% -:freedrive -setlocal EnableDelayedExpansion -set exitcode=0 -set "output_var=%~1" -for %%i in (C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z) do ( - set "drive=%%i:" - rem If 'subst' fails, the drive letter is already in use. - rem This way we can even detect optical drives that have a drive - rem letter but no media in them, a case that goes undetected when - rem using 'if exist'. - subst !drive! %SystemDrive%\ >nul - if !errorlevel! == 0 ( - subst !drive! /d >nul - set "drive=%%i" - goto :freedrive0 - ) -) -set exitcode=1 -set drive= -:freedrive0 -endlocal & set "%output_var%=%drive%" & exit /b %exitcode% - -:availablevolume -setlocal EnableDelayedExpansion -set exitcode=0 -set "output_var=%~1" -for %%i in (test.sha512.hc,test.sha256.hc,test.whirlpool.hc,test.ripemd160.hc) do ( - if exist %%i ( - set "volume=%%i" - goto :availablevolume0 - ) -) -set exitcode=1 -set volume= -:availablevolume0 -endlocal & set "%output_var%=%volume%" & exit /b %exitcode% - -:exit +@echo off + +setlocal + +call :freedrive mydriveletter && goto :cont +echo ERROR: No free drive letter found. +goto :exit +:cont + +echo Using drive letter %mydriveletter%: for our tests +echo. + +IF NOT EXIST test.sha512.hc GOTO :whirlpool + +rem Get start time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Mount SHA-512 container (Normal) +"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.sha512.hc /hash sha512 /l %mydriveletter% /password test /q /silent /m ro + +rem Get end time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Get elapsed time: +set /A elapsed=end-start + +rem Show elapsed time: +set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 +if %hh% lss 10 set hh=0%hh% +if %mm% lss 10 set mm=0%mm% +if %ss% lss 10 set ss=0%ss% +if %cc% lss 10 set cc=0%cc% +echo SHA-512 (Normal) = %hh%:%mm%:%ss%,%cc% + +"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q + +rem Get start time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Mount SHA-512 container (Hidden) +"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.sha512.hc /hash sha512 /l %mydriveletter% /password testhidden /q /silent /m ro + +rem Get end time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Get elapsed time: +set /A elapsed=end-start + +rem Show elapsed time: +set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 +if %hh% lss 10 set hh=0%hh% +if %mm% lss 10 set mm=0%mm% +if %ss% lss 10 set ss=0%ss% +if %cc% lss 10 set cc=0%cc% +echo SHA-512 (Hidden) = %hh%:%mm%:%ss%,%cc% +echo. + +"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q + +:whirlpool + +IF NOT EXIST test.whirlpool.hc GOTO :sha256 + +rem Get start time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Mount Whirlpool container (Normal). +"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.whirlpool.hc /hash whirlpool /l %mydriveletter% /password test /q /silent /m ro + +rem Get end time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Get elapsed time: +set /A elapsed=end-start + +rem Show elapsed time: +set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 +if %hh% lss 10 set hh=0%hh% +if %mm% lss 10 set mm=0%mm% +if %ss% lss 10 set ss=0%ss% +if %cc% lss 10 set cc=0%cc% +echo Whirlpool (Normal) = %hh%:%mm%:%ss%,%cc% + +"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q + +rem Get start time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Mount Whirlpool container (Hidden). +"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.whirlpool.hc /hash whirlpool /l %mydriveletter% /password testhidden /q /silent /m ro + +rem Get end time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Get elapsed time: +set /A elapsed=end-start + +rem Show elapsed time: +set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 +if %hh% lss 10 set hh=0%hh% +if %mm% lss 10 set mm=0%mm% +if %ss% lss 10 set ss=0%ss% +if %cc% lss 10 set cc=0%cc% +echo Whirlpool (Hidden) = %hh%:%mm%:%ss%,%cc% +echo. + +"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q + +:sha256 + +IF NOT EXIST test.sha256.hc GOTO :ripemd160 + +rem Get start time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Mount SHA-256 container (Normal) +"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.sha256.hc /hash sha256 /l %mydriveletter% /password test /q /silent /m ro + +rem Get end time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Get elapsed time: +set /A elapsed=end-start + +rem Show elapsed time: +set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 +if %hh% lss 10 set hh=0%hh% +if %mm% lss 10 set mm=0%mm% +if %ss% lss 10 set ss=0%ss% +if %cc% lss 10 set cc=0%cc% +echo SHA-256 (Normal) = %hh%:%mm%:%ss%,%cc% + +"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q + +rem Get start time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Mount SHA-256 container (Hidden) +"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.sha256.hc /hash sha256 /l %mydriveletter% /password testhidden /q /silent /m ro + +rem Get end time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Get elapsed time: +set /A elapsed=end-start + +rem Show elapsed time: +set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 +if %hh% lss 10 set hh=0%hh% +if %mm% lss 10 set mm=0%mm% +if %ss% lss 10 set ss=0%ss% +if %cc% lss 10 set cc=0%cc% +echo SHA-256 (Hidden) = %hh%:%mm%:%ss%,%cc% +echo. + +"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q + +:ripemd160 + +IF NOT EXIST test.ripemd160.hc GOTO :autodetect + +rem Get start time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Mount RIPEMD-160 container (Normal) +"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.ripemd160.hc /hash ripemd160 /l %mydriveletter% /password test /q /silent /m ro + +rem Get end time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Get elapsed time: +set /A elapsed=end-start + +rem Show elapsed time: +set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 +if %hh% lss 10 set hh=0%hh% +if %mm% lss 10 set mm=0%mm% +if %ss% lss 10 set ss=0%ss% +if %cc% lss 10 set cc=0%cc% +echo RIPEMD-160 (Normal) = %hh%:%mm%:%ss%,%cc% + +"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q + +rem Get start time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Mount RIPEMD-160 container (Hidden) +"c:\Program Files\VeraCrypt\veracrypt.exe" /volume test.ripemd160.hc /hash ripemd160 /l %mydriveletter% /password testhidden /q /silent /m ro + +rem Get end time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Get elapsed time: +set /A elapsed=end-start + +rem Show elapsed time: +set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 +if %hh% lss 10 set hh=0%hh% +if %mm% lss 10 set mm=0%mm% +if %ss% lss 10 set ss=0%ss% +if %cc% lss 10 set cc=0%cc% +echo RIPEMD-160 (Hidden) = %hh%:%mm%:%ss%,%cc% +echo. + +"c:\Program Files\VeraCrypt\veracrypt.exe" /dismount %mydriveletter% /silent /q + +:autodetect + +call :availablevolume testvolume && goto :contautodetect +goto :exit +:contautodetect + +rem Get start time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "start=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Try to mount with a wrong password and PRF autodetection +"c:\Program Files\VeraCrypt\veracrypt.exe" /volume %testvolume% /l %mydriveletter% /password wrongpassword /q /silent /m ro + +rem Get end time: +for /F "tokens=1-4 delims=:.," %%a in ("%time%") do ( + set /A "end=(((%%a*60)+1%%b %% 100)*60+1%%c %% 100)*100+1%%d %% 100" +) + +rem Get elapsed time: +set /A elapsed=end-start + +rem Show elapsed time: +set /A hh=elapsed/(60*60*100), rest=elapsed%%(60*60*100), mm=rest/(60*100), rest%%=60*100, ss=rest/100, cc=rest%%100 +if %hh% lss 10 set hh=0%hh% +if %mm% lss 10 set mm=0%mm% +if %ss% lss 10 set ss=0%ss% +if %cc% lss 10 set cc=0%cc% +echo Wrong Password (PRF Auto-detection)= %hh%:%mm%:%ss%,%cc% +echo. + + +goto :exit + +rem Finds a free drive letter. +rem +rem Parameters: +rem %1 = Output variable name. +rem +rem Example: +rem call :freedrive mydriveletter && goto :cont +rem echo ERROR: No free drive letter found. +rem goto :EOF +rem :cont +rem echo Found drive letter: %mydriveletter% +:freedrive +setlocal EnableDelayedExpansion +set exitcode=0 +set "output_var=%~1" +for %%i in (C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z) do ( + set "drive=%%i:" + rem If 'subst' fails, the drive letter is already in use. + rem This way we can even detect optical drives that have a drive + rem letter but no media in them, a case that goes undetected when + rem using 'if exist'. + subst !drive! %SystemDrive%\ >nul + if !errorlevel! == 0 ( + subst !drive! /d >nul + set "drive=%%i" + goto :freedrive0 + ) +) +set exitcode=1 +set drive= +:freedrive0 +endlocal & set "%output_var%=%drive%" & exit /b %exitcode% + +:availablevolume +setlocal EnableDelayedExpansion +set exitcode=0 +set "output_var=%~1" +for %%i in (test.sha512.hc,test.sha256.hc,test.whirlpool.hc,test.ripemd160.hc) do ( + if exist %%i ( + set "volume=%%i" + goto :availablevolume0 + ) +) +set exitcode=1 +set volume= +:availablevolume0 +endlocal & set "%output_var%=%volume%" & exit /b %exitcode% + +:exit diff --git a/Translations/Language.ar.xml b/Translations/Language.ar.xml index abc7678e..785b08fb 100644 --- a/Translations/Language.ar.xml +++ b/Translations/Language.ar.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - ‮ألغِ - ‮نصِّب ل&كل المستخدمين - ‮ت&صفح… - ‮أضف أيقونة ڤيراكربت إلى &سطح المكتب - Donate now... - ‮اربط ا&متداد الاسم .hc بڤيراكربت - ‮افتح الموضع ال&وجهة عند الانتهاء - ‮أضف ڤيراكربت إلى &قائمة ابدأ - ‮أنشئ &نقطة استرجاع للنظام - ‮أ&زِل - ‮است&خرج - ‮&نصِّب - ‮مرشد تنصيب ڤيراكربت - ‮أزل ڤيراكربت - ‮&مساعدة - ‮اختر أو أدخل الموضع الذي تريد استخراج الملفات إليها: - ‮اختر أو أدخل الموضع الذي تريد فيه تنصيب ملفات برمجية ڤيراكربت. إن كان الدليل المختار غير موجود فسيُنشأ آليا. - ‮انقر 'أزل' لإزالة ڤيراكربت من هذا النظام. - ‮أجهض - &Benchmark - ‮ا&ختبر - ‮أنشئ مجلدا معمّى و هيّئه - ‮عمّ قسما في موضعه - ‮اعرض المفاتيح المولدة (حصتيهما) - ‮اعرض محتويات المُجمّع - ‮أنزل برمجية تسجيل سي‌دي/دي‌ڤي‌دي - ‮أنشئ ملفًا حاويًا معمّى - ‮&GB - &TB - ‮مزيد من المعلومات - ‮مجلد ڤيراكربت م&خفي - ‮مزيد من المعلومات عن المجلدات المخفية - ‮الطور المباشر - ‮الطور العادي - &KB - ‮ا&ستخدم الملفات المفاتيح - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - ‮الملفات ال&مفاتيح… - ‮معلومات حوْل خوازميات التلبيد - المزيد من المعلومات - Information on PIM - &MB - ‮مزيد من المعلومات - ‮مزيد من المعلومات عن تعمية النظام - ‮مزيد من المعلومات - ‮إقلاع متعدد - ‮عمّ غير مجلد\\سواقة النظام - ‮لا &تحفظ التأريخ أبدًا - ‮أوصل مجلدا خارجيا - ‮&جمِّد - Use P&IM - Use PIM - ‮تهيئة سريعة - ‮أ&ظهر كلمة السر - ‮أ&ظهر كلمة السر - &Display PIM - ‮إقلاع أحادي - ‮مجلد ڤيراكربت عادي - ‮م&خفيّ - ‮عاديّ - ‮عمّ قسم النظام أو سواقة النظام بكاملها - ‮عمّ قسم نظام ويندوز - ‮عمّ السواقة بكاملها - مرشد إنشاء مجلد ڤيراكربت - ‮عنقود - ‮هام: حرّك الفأرة عشوائيا بقدر الإمكان في إطار هذه النافذة، كلما طال تحريكك لها كان ذلك أفضل؛ هذا يزيد بشدة من القوة التعموية لمفاتيح التعمية. ثم انقر 'اللاحق' للمواصلة. - ‮أ&كِّد: - ‮تمّ - Drive letter: - ‮خوارزميّة التعمية - ‮نظام الملفات - ‮ينشئ قرصا افتراضيا معمى في ملف. مُحبَّذٌ للمستخدمين غير الخبراء. - ‮خيارات - ‮خوارزميّة التلبيد - ‮مفتاح الترويسة: - ‮الباقي - ‮المفتاح الرئيسي: - ‮اختر هذا إن كان يوجد نظاما تشغيل أو أكثر مُنصَّبين على هذا الحاسوب.\n‮\n‮مثلا:\n‮-ويندوز إكس‌پي و ويندوز إكس‌پي\n‮-ويندوز إكس‌پي و ويندوز ڤيستا\n‮- ويندوز و ماك أوإس\n‮- ويندوز و لينكس\n‮- ويندوز و لينكس و ماك أوإس - ‮يعمّي مجلّدا غير المنصَّب فيه النظام، في أي سواقة داخلية أو خارجية (مثل شريحة ذاكرة). يمكن كذلك إنشاء مجلد مخفي. - ‮محتويات المجمع الحالية (جزئيا) - ‮مرّة - ‮كلمة السر: - Volume PIM: - Volume PIM: - ‮الإنجاز: - ‮مجمّع عشوائي: - ‮اختر هذا إن كان يوجد نظام تشغيل واحد فقط منصَّب على هذا الحاسوب (حتى لو كان له عدة مستخدمين). - ‮السرعة - ‮الحالة - ‮المفاتيح و البذرة و بيانات أخرى تم توليدها جميعا بنجاح. إن أردت توليد مفاتيح جديدة فانقر 'ارجع' ثم 'اللاحق'. و إلا فانقر 'اللاحق' للمواصلة. - ‮يعمّي القسم\\السواقة المنصّب فيها ويندوز. من يريد تشغيل النظام و النفاذ إلى الملفات سيكون عليه إدخال كلمة السر في كل مرة قبل إقلاع ويندوز، كما يمكن اختياريا إنشاء نظام مخفي. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - ‮طور المحو: - ‮أغلق - ‮اسمح بتجاوز الاستيثاق عند الاستيثاق بضغط مفتاح Esc (هذا يفعّل مدير الإقلاع) - ‮لا تفعل شيئا - ‮أو&صل مجلد ڤيراكربت تلقائيا (محدد أدناه) - ‮&شغِّل ڤيراكربت - ‮&تحسس المكتبة ذاتيا - ‮&احفظ كلمة سر استيثاق ما قبل الإقلاع في في ذاكرة المشغل (لوصل مجلدات غير النظام) - ‮تصفح… - ‮تصفح… - ‮خزِّن كلمات السر و الم&لفات المفاتيح مؤقتا في الذاكرة - ‮اخرج عندما لا توجد مجلدات موصولة - ‮أ&نهِ جلسة الأمارة (اخرج) بعد وصل مجلد بنجاح - Include VeraCrypt Volume Expander - ‮اشمل مُساعد ڤيراكربت لإنشاء المجلدات - ‮أنشئ - ‮أ&نشئ مجلدا - ‮لا &تظهر أية نصوص في شاشة استيثاق ما قبل الإقلاع (ما عدا الرسالة المدخلة أدناه) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - ‮استخدم الملفات المفاتيح - ‮استخدم الملفات المفاتيح - ‮ا&خرج - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - ‮Alt - Ctrl - ‮Shift - ‮Win - ‮خصّص - ‮أزِل - ‮الملفات المفاتيح… - Do not use the following number of processors for encryption/decryption: - More information - More information - ‮مزيد من التضبيطات… - ‮أوصل النبائط &تلقائيا - ‮خ&يارات الوصل… - ‮أوصل المجلد &للقراءة فقط - ‮الملفات المفاتيح… - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - ‮مُفعّل - ‮خزّن كلمات السرّ مؤقتا في ذاكرة المُشغِّل - ‮افصل المجلد تلقائيا عندما لا تُكتب/تُقرأ بيانات منه - ‮خروج المستخدم - User session locked - ‮الدخول في طور حِفظ الطاقة - ‮اشتغال حافظة الشاشة - ‮أجبر الفصل التلقائي حتى إن وجدت ملفات أو أدلّة مفتوحة في المجلد - ‮أوصل كل مجلدات ڤيراكربت المستضافة في نبائط - ‮شغِّل مهمة ڤيراكربت التي في الخلفية - ‮أوصل المجلدات للقراءة فقط - ‮أوصل المجلدات كوسائط قابلة للفصل - ‮افتح نافذة إكسبلورر للمجلدات التي نجح وصلها - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - ‮امحُ كلمات السر المخزّنة مؤقتا عند الفصل التلقائي - ‮امحُ كلمات السر المخزّنة مؤقتا عند الخروج - Preserve modification timestamp of file containers - ‮صفّر - ‮اختر &نبيطة… - ‮اختر &ملفا… - ‮ا&ختر مكتبة… - ‮أظهر كلمة السر - ‮أظهر كلمة السر - ‮افتح &نافذة إكسبلورر للمجلدات الموصولة - ‮خزّن كلمات السرّ &مؤقتا في ذاكرة المُشغِّل - TrueCrypt Mode - ‮ا&فصل الكل - ‮خ&صائص المجلد… - ‮أ&دوات المجلد… - ‮ا&مح المخبئية - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - ‮ڤيراكربت - أزرار الاختصار العامة للنظام - ‮ڤيراكربت - ‮غيّر كلمة السر أو ملفات المفاتيح - ‮أدخل كلمة سر مجلد ڤيراكربت - VeraCrypt - Performance and Driver Options - ‮ڤيراكربت - التفضيلات - ‮ڤيراكربت - تضبيطات تعمية النظام - ‮ڤيراكربت - تفضيلات أمارات الأمان - ‮إعداد قرص ڤيراكربت الجوال - ‮خصائص مجلد ڤيراكربت - ‮عن ڤيراكربت… - ‮أضف/احذف الملفات المفاتيح إلى/من المجلد… - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - ‮انسخ ترويسة المجلد احتياطيا… - ‮مقايسة الأداء… - ‮غيّر خوارزمية اشتقاق مفتاح الترويسة… - ‮غيّر كلمة سر المجلد… - ‮اضبط خوارزمية اشتقاق مفتاح الترويسة… - ‮غيّر كلمة السر… - ‮احذف تأريخ المجلدات - ‮أنهِ جلسات كل الأمارات - ‮التواصل… - ‮أنشئ نظام تشغيل مخفي… - ‮أنشئ قرص إنقاذ… - ‮أنشئ مجلدا جديدا… - Permanently Decrypt... - ‮الملفات المفاتيح المبدئية… - Default Mount Parameters... - Donate now... - ‮عمّ قسم\\سواقة النظام… - ‮الأسئلة المتكررة - ‮دليل المستخدم - ‮الموقع على ال&وب - ‮أزرار الاختصار… - ‮مُوِّلد الملفات المفاتيح - ‮اللغة… - ‮إخطار قانوني - ‮أدر ملفات مفاتيح أمارات الأمان… - ‮أوصل كل المجلدات المستضافة في نبائط تلقائيا - ‮أوصل المجلدات المفضّلة - ‮أوصل دون ا&ستيثاق قبل الإقلاع - ‮أوصل المجلدات - ‮أوصل المجلدات بالخيارات - ‮أخبار - ‮مساعدة على الوب - ‮شرح على الوب - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - ‮ظهّر نهائيا قسم\\سواقة النظام - ‮التفضيلات… - ‮أنعش أحرف السواقات - ‮احذف كل الملفات المفاتيح من المجلد - ‮استرجع ترويسة المجلد… - ‮عاود الصيرورة المقاطَعة - ‮اختر نبيطة… - ‮اختر ملفا… - ‮عاود الصيرورة المقاطعة - ‮تعمية النظام… - ‮خصائص… - ‮تضبيطات… - System Favorite Volumes... - ‮التّنزيلات - ‮معاملات الاختبار… - ‮أمارات الأمان… - ‮إعداد قرص الجوال… - ‮افصل كل المجلدات الموصولة - ‮افصل المجلد - ‮اختبر قرص الإنقاذ - اختبر صورة لقرص الإنقاذ - ‮تأريخ الإصدارات - توسعة المجلد - ‮خصائص المجلد - ‮مرشد إنشاء المجلدات - ‮موقع ڤيراكربت على الوب - ‮امحُ كلمات السر المخزنة مؤقتا - ‮موافق - Hardware Acceleration - ‮اختصار - ‮تضبيطات التشغيل التلقائي (autorun.inf) - ‮افصل تلقائيًا - ‮افصل الكل عندما: - ‮خيارات شاشة مُحمِّل الإقلاع - ‮أكّد كلمة السرّ: - ‮الحالي - ‮اعرض هذه الرسالة في شاشة استيثاق ما قبل الإقلاع (بحد أقصى 24 حرفا): - ‮خيارات الوصل المبدئية - ‮خيارات أزرار الاختصار - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - ‮تضبيطات الملف - ‮الزر المخصص: - Processor (CPU) in this computer supports hardware acceleration for AES: - ‮اجراءات تنفّذ عند الولوج إلى ويندوز - ‮دقائق - ‮أوصل المجلد معرّفا بالحرف: - ‮تضبيطات الوصل - ‮جديد - ‮كلمة السر: - Thread-Based Parallelization - ‮مسار مكتبة ‪PKCS #11‬ - PKCS-5 PRF: - PKCS-5 PRF: - ‮ذاكرة كلمات السّر - ‮خيارات الأمان - ‮مهمّة الخلفية لڤيراكربت - ‮مجلد ڤيراكربت لوصله (نسبة إلى جذر قرص الجوّال): - ‮عند إدخال قرص الجوال: - ‮أنشئ ملفات قرص الجوّال في (الدليل الجذر لقرص الجوال): - المجلد - ‮تضبيطات تخصُّ ويندوز - ‮أضف &مسارا… - ‮ا&ختبر الكل تلقائيا - &Continue - ‮ظ&هّر - ‮ا&حذف - ‮ع&مِّ - ‮&صدِّر… - ‮ولِّد و احفظ ملفا مفتاحا… - ‮ولِّد ملفا مفتاحا &عشوائيا… - ‮نزِّل حزمة لغة - Hardware-accelerated AES: - ‮است&ورد ملف مفتاح إلى الأمارة… - ‮أ&ضف ملفات… - ‮ا&ستخدم الملفات المفاتيح - ‮ملفات ال&مفاتيح… - ‮ا&حذف - ‮احذف ال&كل - ‮ما هي حماية المجلد المخفي؟ - ‮مزيد من المعلومات عن الملفات المفاتيح - ‮أوصل المجلد ك&وسط قابل للفصل - ‮أوصل قسما ي&ستخدم تعمية النظام دون استيثاق ما قبل الإقلاع - Parallelization: - ‮مقايسة الأداء - ‮ا&طبع - ‮ا&حمِ المجلد المخفي من التلف الناجم عن الكتابة على المجلد الخارجي - ‮&صفّر - ‮أ&ظهر كلمة السر - ‮أضف ملفات أ&مارة… - ‮استخدم الترويسة الا&حتياطية المُضمَّنة في المجلد إن وجدت - ‮طور ‪XTS‬ - ‮عن ڤيراكربت - ‮ڤيراكربت - مقايسة أداء خوارزمية التعمية - ‮ڤيراكربت - معاملات الاختبار - ‮مساعدة سطر الأوامر - ‮ڤيراكربت - الملفات المفاتيح - ‮ڤيراكربت - مولِّد الملفات المفاتيح - ‮ڤيراكربت - اللغة - ‮ڤيراكربت - خيارات الوصل - ‮خصائص ملفات مفاتيح أمارة الأمان الجديدة - VeraCrypt - Random Pool Enrichment - ‮اختر قسما أو نبيطة - VeraCrypt - ‮ملفات مفاتيح أمارات الأمان - ‮كلمة سر أو رقم تعرُّف الأمارة مطلوب - ‮حزمة اللغة المفعَّلة - ‮تتأثر السرعة بحِمل المعالج و خصائص وسيط التخزين.\n‮\n‮ تجري هذه الإختبارات في ذاكرة RAM. - ‮حجم المخزون: - ‮شفرة: - ‮كلمة سر للمجلد المخفي:\n‮(إذا كانت خاوية فسيستخدم ما في الذاكرة المؤقتة) - ‮حماية المجلد المخفي - ‮طول المفتاح: - ‮هام: حرّك الفأرة عشوائيا بقدر الإمكان في إطار هذه النافذة، كلما طال تحريكك لها كان ذلك أفضل؛ هذا يزيد بشدة من القوة التعموية للملف المفتاح. - ‮تحذير: إذا فَقدّت الملف المفتاح أو تغيرت أي بتة من أوّل ‪1024‬ كيلوبايت منه فسيكون من المستحيل وصل المجلدات التي تستخدم ذلك المفتاح! - ‮بتات - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - ‮ترجمه: - ‮حجم النص الصريح: - ‮بتات - ‮محتوى المجمّع الحالي - ‮يخلط ‪PRF‬: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - ‮المفتاح الثانوي (ستعشري) - ‮أمارة الأمان: - ‮طريقة الترتيب: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - ‮رقم الكتلة: - ‮النص المعمى (ستعشري) - ‮رقم وحدة البيانات (ستعشري من ‪64‬ بتة، حجم وحدة البيانات ‪512‬ بايت) - ‮مفتاح (ستعشري) - ‮النص الصريح (ستعشري) - ‮اسم الملف الفمتاح: - ‮طور XTS - ‮ن&ظام - ‮ال&مجلدات - Favor&ites - ‮أ&دوات - ‮ت&ضبيطات - ‮&مساعدة - ‮ صفحة ال&وب - - ‮&عن ڤيراكربت… - ‮تعذَّر تغيير خاصية للقراءة فقط في المجلد العتيق. رجاءً تحقق من صلاحيات النفاذ للملف. - ‮عُطل: رُفض النفاذ. ‮ ‮القسم الذي تحاول النفاذ إليه إما طول قطاعه 0، أو هي نبيطة إقلاع. - Administrator - ‮لتُحمّل مشغّل ڤيراكربت تحتاج للولوج إلى حساب له صلاحيات المدير. - ‮لاحظ أنه لكي تعمي/تُهيئ قسما/نبيطة فإنه يتوجب عليك الولوج إلى حساب له صلاحيات المدير. ‮ ‮ هذا لا ينطبق على المجلدات المستضافة في ملفات. - ‮لإنشاء مجلد مخفي يجب الولوج إلى حساب له صلاحيات المدير. ‮ ‮أأتابع؟ - ‮رجاءً لاحظ أنه يجب عليك الولوج إلى حساب له صلاحيات المدير لتتمكّن من تهيئة المجلد بنظام‍ ‪NTFS‬. ‮ ‮ يمكنك أن تُهيء المجلد بنظام ‪FAT‬ دون صلاحيات المدير. - ‮شفرة مقبولة لدى ‪FIPS‬ (‪Rijndael‬ المنشورة في ‪1998‬) يمكن لوكالات و إدارات حكومة الولايات المتحدة الأمريكية استخدامها لحماية المعلومات المصنفة حتى مستوى 'سري للغاية'. ‮مفتاح بطول ‪256‬ بتة؛ كتلة ‪128‬ بتة؛ ‪14‬ دورة (‪AES‬ ‪256‬)؛ تعمل في طور ‪XTS‬. - ‮المجلد مُوصَل بالفعل - ‮تنبيه: فشلت خوارزمية تعمية أو تلبيد واحدة على الأقل في الاختبارات الذاتية! ‮ ‮ ربما تَلفت تنصيبة ڤيراكربت. - ‮تنبيه: لا توجد قيم كافية في مجمّع مولِّد الأرقام العشوائية لتوفير كمية القيم العشوائية المطلوبة. ‮ ‮ يجب ألا تواصل بعد هذه الخطوة. من فضلك اختر 'أبلغ عن علّة' من قائمة 'مساعدة' وأبلغ عن هذا العطل. - ‮إما السواقة معطوبة (يوجد عيب مادي فيها)، أو الكابل معطوب، أو يوجد عيب في الذاكرة. ‮ ‮لاحظ أن هذا عطل في عتادك و ليس في ڤيراكربت. لذا فرجاء لا تبلغ عن هذا كعلة\\مشكلة في ڤيراكربت و رجاء لا تطلب مساعدة بشأنه في منتديات ڤيراكربت. اتصل بفني صيانة الحواسيب الذي تتعامل معه لطلب المساعدة. شكرا. ‮ ‮ملاحظة: إن كان العطل يتكرر دوريا في نفس الوضع فمن المرجح أنه بسبب عطل في القرص، و هو ما يمكن إصلاحه باستخدام برمجيات فحص الوسائط (لاحظ أنه في حالات كثيرة فإن أمر '‪chkdsk /r‬' لا يمكنه تصحيح العطل لأنه يعمل على مستوى نظام الملفات، و أحيانا لا يمكن لأمر '‪chkdsk‬' حتى تحسس العطل). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - ‮حرف نبيطة غير صحيح. - ‮مسار غير صحيح. - ‮ألغِ - ‮تعذَّر النفاذ للنبيطة. تحقق من وجود النبيطة المختارة و أنها ليست قيد الاستخدام من قبل النظام. - ‮تنبيه:مفتاح ‪Caps Lock‬ مفعَّل. ربما يجعلك هذا تدخل كلمة السر بطريقة غير صحيحة. - ‮نوع المجلد - ‮قد يحدث أن يجبرك أحد على الإفصاح عن كلمة سر مجلد معمّى، فهناك مواقف لا يمكنك فيها رفض ذلك (تحت التهديد مثلا). تحسبا لذلك، يجعل لك استخدام ما يعرف بالمجلد المخفيّ مخرَجا من مثل تلك الظروف دون الكشف عن محتوى المجلد. - ‮اختر هذا إن أردت إنشاء مجلد ڤيراكربت عادي. - ‮لاحظ أنك إن أردت تنصيب نظام تشغيل في مجلد مخفي مستضاف في قسم فإنه لا يمكن تعمية سواقة النظام بكاملها باستخدام مفتاح واحد. - ‮خيارات تعمية المجلد الخارجي - ‮خيارات تعمية المجلد المخفي - ‮خيارات التعمية - ‮تنبيه: فشل محو مسار آخر مجلد\\ملف مفتاح اخترته (مما يتذكّره مُنتقي الملفات)! - ‮عُطل: ضُغطت الحاوية على مستوى نظام الملفات. لا يدعم ڤيراكربت الحاويات المضغوطة (لاحظ أن ضغط البيانات المعمَّاة غير مُجدٍ وبلا فائدة). ‮ ‮ من فضلك عطّل ضغط الحاوية باتباع هذه الخطوات: 1) انقر باليمين على الحاوية في إكسبلورر ويندوز (وليس في ڤيراكربت). 2) اختر 'خصائص'. 3) في صندوق الحوار 'خصائص'، انقر 'متقدم' . 4) في صندوق الحوار 'الصفات المتقدمة' عطّل الخيار 'اضغط المحتويات لتوفر مساحة القرص' ثم انقر 'موافق'. 5) انقر 'موافق في صندوق الحوار 'خصائص'. - ‮فشل إنشاء المجلد ‪%s‬ - ‮حجم ‪%s‬ هو ‪%.2f‬ بايت - ‮حجم ‪%s‬ هو ‪%.2f‬ كيلوبايت - ‮حجم ‪%s‬ هو ‪%.2f‬ ميجابايت - ‮حجم ‪%s‬ هو ‪%.2f‬ جيجابايت - ‮حجم ‪%s‬ هو ‪%.2f‬ ت.بايت - ‮حجم ‪%s‬ هو ‪%.2f‬ ب.بايت - ‮تحذير: النبيطة\\القسم قيد الاستخدام بواسطة نظام التشغيل أو تطبيق ما. قد تسبب تهيئة النبيطة\\القسم فساد البيانات وعدم استقرار النظام. ‮ ‮أأواصل؟ - ‮تحذير: هذا القسم قيد الاستخدام بواسطة نظام التشغيل أو تطبيق ما. ينبغي أن تغلق كل التطبيقات التي يمكن أن تكون مستخدمة القسم (بما في ذلك مضادات الفيروسات). ‮ ‮أأواصل؟ - ‮عُطل: تحتوي النبيطة\\القسم على نظام ملفات تعذَّر فصله. ربما يستخدم نظامُ التشغيل نظامَ الملفات. ستسبب تهيئة النبيطة\\القسم تلف البيانات وعدم استقرار النظام. ‮ ‮ لحل هذه المشكلة ننصحك بأن تحذف القسم أولًا ثم تعيد إنشاءه دون تهيئة. لفعل هذا اتبع الخطوات التالية: 1) انقر باليمين أيقونة 'الحاسوب' (أو 'حاسوبي') في 'قائمة ابدأ' واختر 'أدر'. ستظهر نافذة 'إدارة الحاسوب'. 2) من نافذة 'إدارة الحاسوب' اختر 'تخزين' > 'إدارة القرص'. 3) انقر باليمين على القسم الذي تريد تعميته واختر إمَّا 'احذف القسم' أو 'احذف المجلد'، أو'احذف المجلد المنطقي'. 4) انقر 'نعم'. إذا سألك ويندوز إعادة تشغيل الحاسوب فافعل ذلك. ثم أعد الخطوتين 1 و 2 وواصل من الخطوة 5. 5) انقر باليمين على المساحة غير المخصصة\\الشاغرة ثم اختر إما 'قسم جديد'، أو 'مجلد جديد بسيط' أو 'مجلد منطقي جديد'. 6) ستظهر الآن نافذة 'مرشد القسم الجديد' أو 'مرشد المجلد البسيط الجديد'، اتبع التعليمات. في صفحة المعالج المعنونة 'هيّء القسم'، اختر إما 'لا تهيء هذا القسم' أو 'لا تهيء هذا المجلد'. في المرشد ذاته انقر 'اللاحق' ثم 'أنه'. 7) لاحظ أن مسار النبيطة التي كنت قد اخترتها في المرشد ربما أضحى غير صحيح الآن. لذا اخرج من مرشد إنشاء مجلد ڤيراكربت (إذا كان لا يزال يعمل) ثم ابدأه مجددا. 8) جرب تعمية النبيطة\\القسم مجددا. ‮ ‮ إذا تكرر فشل ڤيراكربت في تعمية المجلد فقد ترى إنشاء ملفٍ حاوٍ بدلا من هذا. - ‮عطل: تعذّر قفل نظام الملفات و\\أو فصله. قد يكون قيد الاستخدام بواسطة نظام التشغيل أو تطبيق ما (كمضاد فيروسات مثلا). مواصلة تعمية القسم قد تسبب تلف البيانات و عدم استقرار النظام. ‮ ‮أغلق كل التطبيقات التي يمكن أن تكون مستخدمة نظام الملفات (بما في ذلك مضادات الفيروسات) و حاول مجددا.. إن لم تنحل المشكلة فاتّبع الخطوات التالية. - ‮تحذير: بعض النبائط\\الأقسام الموصولة قيد الاستخدام! ‮ ‮ سيسبب تجاهل هذا نتائج غير مرغوبة تشمل عدم استقرار النظام. ‮ ‮ ننصح بشدة بغلق أي تطبيق يستخدم النبائط\\الأقسام. - ‮النبيطة المختارة تحوي أقساما. ‮ ‮ ربما تسبب تهيئة تلك النبيطة عدم استقرار النظام و/أو تلف البيانات. عليك إمَّا أن تختار قسما على النبيطة، أو أن تحذف كل الأقسام لتمكن ڤيراكربت من تهيئتها بأمان. - ‮النبيطة المختارة لا تحوي نظام تشغيل و تحوي أقساما. ‮ ‮مجلدات ڤيراكربت المعماة المستضافة في نبائط يمكن إنشاؤها حصرا في نبائط لا تحوي أية أقسام مسبقا (بما في ذلك الاقراص الصلبة و شرائح الذاكرة). لا يمكن تعمية نبيطة تحوي أقساما في موضعها (باستخدام مفتاح واحد رئيسي) إلا إن كانت السواقة المنصب فيها ويندوز و منها يقلع. ‮ ‮إن أردت تعمية النبيطة المختارة باستخدام مفتاح واحد رئيسي فتنبغي إزالة كل الأقسام من النبيطة أولا لتمكين ڤيراكربت من تهيئتها بأمان (تهيئة نبيطة تحوي أقساما قد تؤدي إلى عدم استقرار النظام و\\أو تلف البيانات). عوضا عن هذا يمكنك تعمية كل قسم على النبيطة على حدى (و سيكون لكل منها مفتاح). ‮ ‮ملاحظة:إن أردت إزالة كل الأقسام من قرص ‪GPT‬ فقد تضطر إلى تحويله إلى قرص ‪MBR‬ (مثلا باستخدام أداة إدارة الوسائط) لكي تتمكن من إزالة الأقسام المخفية منه. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - ‮القسم المختار لا يبدو أنه يحوي نظام ملفات ‪NTFS‬. وحدها الأقسام المحتوية على نظام ملفات ‪NTFS‬ يمكن تعميتها في موضعها. ‮ ‮ملاحظة: السبب هو أن ويندوز لا يدعم تقليص نظام الملفات من الأنواع الأخرى (يجب تقليص حجم نظام الملفات للإفساح لترويسة المجلد و نسختها الاحتياطية). - ‮القسم المختار لا يبدو أنه يحوي نظام ملفات ‪NTFS‬. وحدها الأقسام المحتوية على نظام ملفات ‪NTFS‬ يمكن تعميتها في موضعها. ‮ ‮إن أردت إنشاء مجلد ڤيراكربت معمّى في هذا القسم فاختر 'أنشئ مجلدا معمى و هيئه' (عوضا عن خيار 'عمِّ قسما في موضعه'). - ‮عطل: القسم صغير جدا. لا يمكن لڤيراكربت تعميته في موضعه. - ‮لتعمية البيانات التي في هذا القسم اتَّبع الخطوات التالية: ‮ ‮1) أنشئ مجلد ڤيراكربت في قسم\\نبيطة شاغرة و أوصله. ‮ ‮2) انسخ كل الملفات من القسم الذي أردت تعميته في الأصل إلى قسم ڤيراكربت الموصول (الذي أنشأته و وصلته في الخطوة الأولى). بهذه الطريقة تكون قد حفظت نسخة احتياطية معماة من البيانات التي تريد تعميتها. ‮ ‮3) أنشئ مجلد ڤيراكربت في القسم الذي أردت تعميته في الأصل و تذكَّر (في مرشد ڤيراكربت) أن تختار 'أنشئ مجلدا معمّى و هيّئه' بدلا من خيار 'عمِ قسما في موضعه'). لاحظ أن كل البيانات المحفوظة في القسم ستُمحى. أوصل المجلد بعد إنشائه. ‮ ‮4) انسخ كل الملفات من النسخة الاحتياطية في المجلد الموصول التي أنشأته في الخطوة الأولى) إلى مجلد ڤيراكربت الذي أنشأته و وصلته في الخطوة الثالثة. ‮ ‮بعد إتمام هذه الخطوات تكون البيانات قد عميت و حفظت في ذات موضعها الأصلي، كما ستوجد نسخة احتياطية منها. - ‮ڤيراكربت يمكنه أن يعمي في الموضع حصرا الأقسام أو المجلدات الدينامية أو سواقة النظام بكاملها. ‮ ‮إن أردت إنشاء مجلد ڤيراكربت في النبيطة المختارة التي تخص النظام فاختر 'أنشئ مجلدا معمى و هيئه' (بدلا من 'عمّ قسما في موضعه'). - ‮عطل: ڤيراكربت يمكنه أن يعمي في الموضع حصرا الأقسام أو المجلدات الدينامية أو سواقة النظام بكاملها. تحقق من صحة المسار المختار. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - ‮المساحة الشاغرة على السواقة ‪%s‬ هي ‪%.2f‬ بايت. - ‮المساحة الشاغرة على السواقة ‪%s‬ هي ‪%.2f‬ كيلوبايت. - ‮المساحة الشاغرة على السواقة ‪%s‬ هي ‪%.2f‬ م.بايت. - ‮المساحة الشاغرة على السواقة ‪%s‬ هي ‪%.2f‬ جيجابايت. - ‮المساحة الشاغرة على السواقة ‪%s‬ هي ‪%.2f‬ ت.بايت. - ‮المساحة الشاغرة على السواقة ‪%s‬ هي ‪%.2f‬ ب.بايت. - ‮تعذَّر جلب أحرف السواقات المتوفرة. - ‮عطل: تعذّر إيجاد مشغل ڤيراكربت. ‮ ‮انسخ الملفات ‪'veracrypt.sys'‬ و ‪'veracrypt-x64'‬ إلى الدليل الذي فيه ملف تطبيق ڤيراكربت ‪'VeraCrypt.exe'‬. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - ‮عُطل: فشل استبداء الشفرة. - ‮عُطل: اكتُشِف مفتاح ضعيف أو محتمل الضعف. سيُغفل المفتاح. من فضلك حاول مجددا. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - ‮حدث عطل حرج و ينبغي إغلاق ڤيراكربت. لاحظ أن هذا العطل لم يسببه ڤيراكربت (لذا فإن مطوري ڤيراكربت ليس بوسعهم علاجه). افحص نظامك بحثا عن مشكلات (مثلا، إعدادات النظام، الاتصال بالشبكة، العتاد المعطل). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - ‮عُطل حرج في ڤيراكربت - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - ‮&عمِّ - ‮ّظهِّر - ‮ظهِّر &نهائيا - ‮اخرج - ‮من فضلك أنشئ سواقة منطقية لهذا القسم الممتد، وحاول مرة أخرى. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - ‮مجلدات ڤيراكربت المعماة المستضافة في نبائط يمكن إنشاؤها في أقسام الأقراص الصلبة أو شرائح ذاكرة يو إس‌بي أو أي وسيط تخزين آخر يمكن لنظامك التعامل معه. كما أن الأقسام يمكن تعميتها في موضعها. ‮ ‮إضافة إلى ذلك، فإن مجلدات ڤيراكربت المعماة المستضافة في نباشط يمكن إنشاؤها في نباشط لا تحوي أية أقسام (بما في ذلك الأقراص الصلبة). ‮ ‮ملاحظة: النبيطة التي تحوي أقساما لا يمكن تعميتها بكاملها في موضعها (باستخدام مفتاح واحد) إلا إن كانت هي السواقة المنصب فيها ويندوز و منها يقلع. - ‮مجلد ڤيراكربت المعمى المستضاف في نبيطة يمكن إنشاؤه في قسم على القرص الصلب أو شريحة ذاكرة أو أي وسيط تخزين آخر. ‮ ‮تحذير: لاحظ أن القسم\\النبيطة ستتم تهيأتها و أن كل البيانات المحفوظة عليها ستمحى. - \nn‮اختر الموضع الذي سينشأ فيه المجلد الخارجي (في داخل هذا المجلد سينشأ لاحقا المجلد المخفي). ‮ ‮المجلد الخارجي يمكن إنشاؤه في قسم قرص صلب أو شريحة ذاكرة أو أي وسيط تخزين يدعمه النظام. يمكن كذلك أن ينشأ المجلد الخارجي في نبائط لا تحوي أبة أقسام (بما في ذلك الأقراص الصلبة). ‮ ‮تحذير: لاحظ أن القسم\\النبيطة ستتم تهيأتها و أن البيانات المحفوظة فيها ستمحى. - ‮من فضلك اختر موضع مجلد ڤيراكربت الذي ترغب في إنشاء مجلد مخفي في داخله. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - ‮عُطل: تعذَّر وصل المجلد. الملف\\النبيطة المضيفة قيد الاستخدام. فشلت أيضا محاولة وصله دون نفاذ حصري. - ‮تعذَّر فتح الملف. - ‮موضع المُجلَّد - ‮الملفات الكبيرة - ‮هل تنوي حفظ ملفات حجم الواحد منها أكبر من 4 جيجابايتات في مجلد ڤيراكربت هذا؟ - ‮بناء على اختيارك أعلاه سيختار ڤيراكربت نظام ملفات مبدئيا مناسبا لمجلد ڤيراكربت (سكون بوسعك اختيار نظام الملفات الذي تريد في الخطوة اللاحقة). - ‮بما أنك تنشأ مجلدا خارجيا فعليك أن تفكر في اختيار 'لا'. إن اخترت 'نعم' فإن نظام الملفات المبدئي سيكون ‪NTFS‬ و هو ليس مناسبا للمجلدات الخارجية بقدر ‪FAT‬ (مثلا، سيكون الحجم الأقصى الممكن للمجلد المخفي أكبر بقدر ملحوظ لو كان المجلد الخارجي بنظام ‪FAT‬). عادة ما يكون ‪FAT‬ هو النظام المبدئي لكل من المجلدين الخارجي و المخفي (كما أن المجلدات بنظام ‪FAT‬ أقل إثارة للريبة). إلا أن المستخدم الذي يبدي نيته في حفظ ملفات حجم الواحد منها أكبر من 4 جيجابايتات (و هو ما لا يتيحه نظام ‪FAT‬) فإن نظام ‪FAT‬ لا يعود هو المبدئي. - ‮أمتأكد من أنك تريد اختيار 'نعم'؟ - ‮طور إنشاء المجلد - ‮هذه أسرع طريقة لإنشاء مجلد ڤيراكربت مستضاف في قسم أو في نبيطة (التعمية في الموضع، و هي الخيار الآخر، أبطأ لأن محتويات كل قطاع تنبغي أولا قراءتها ثم تعميتها ثم حفظها). كل البيانات المحفوظة حاليا في القيم\\النبيطة المختارة ستمحى. (لن تُعمى تلك البيانات، بل ستطمس ببيانات عشوائية). إن أردت تعمية بيانات موجودة في قسم فاختر الخيار الآخر. - ‮القسم المختار كله و كل البيانات المحفوظة فيه ستعمى في موضعها. إن كان القسم خاويا فمن الأفضل أن تختار الخيار الآخر (ليجري إنشاء المجلد أسرع كثيرا). - ‮ملاحظة: - ‮&عاود - ‮&أرجئ - ‮ا&بدأ - ‮&واصل - ‮ه&يّء - ‮ا&مح - ‮أأُجهض التهيئة؟ - ‮أظهر مزيدا من المعلومات - ‮لا تظهر هذا مجددا - ‮محتويات القسم\\النبيطة تم محوها بنجاح. - ‮محتوى القسم الذي حوى النظام الأصلي (الذي نسخ إلى النظام المخفي) قد تم محوه بنجاح. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - ‮تم بنجاح تظهير قسم\\سواقة النظام. - \nn‮ ‮أُنشئ مجلد ڤيراكربت و هو جاهز للاستخدام. إذا أردت إنشاء مجلد آخر انقر 'اللاحق' و إلا فانقر 'اخرج'. - \nn‮ ‮مجلد ڤيراكربت المخفي تم إنشاؤه بنجاح (سيوجد نظام التشغيل المخفي داخل هذا المجلد المخفي). ‮ ‮انقر 'اللاحق' للمواصلة. - ‮تمت تعمية المجلد بكامله - Volume Fully Decrypted - ‮هام: لوصل مجلد ڤيراكربت الجديد هذا و للنفاذ إلى البيانات المحفوظة فيه انقر 'أوصل النبائط تلقائيا' في نافذة ڤيراكربت الرئيسية. بعد إدخال كلمة السر الصحيحة (و\\أو تقديم الملفات المفاتيح) فإن المجلد سيوصل بحرف السواقة الذي تختاره من القائمة في نافذة ڤيراكربت الرئيسية (و سيكون بوسعك النفاذ إلى البيانات المعماة عبر حرف السواقة المختار). ‮ ‮تذكَّر أو اكتب الخطوات السابقة إذ أنه ينبغي اتباعها كلما أردت وصل المجلد و النفاذ إلى البيانات المحفوظة فيه. عوضا عن هذا فاختر 'اختر نبيطة' في نافذة ڤيراكربت الرئيسية ثم اختر هذا القسم\\النبيطة و انقر 'أوصل'. ‮ ‮القسم\\المجلد تمت عمي بنجاح (و هو يحوي مجلد ڤيراكربت معمى كامل الآن) و جاهز للاستخدام. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - ‮أُنشئ مجلد ڤيراكربت بنجاح. - ‮أُنشئ المجلد - ‮هام: حرّك الفأرة عشوائيا بقدر الإمكان في إطار هذه النافذة، كلما طال تحريكك لها كان ذلك أفضل؛ هذا يزيد بشدة من القوة التعموية لمفاتيح التعمية. ثم انقر 'هيء' لتنشئ المجلد. - ‮انقر 'هيّء' لتنشئ المجلد الخارجي. لمزيد من المعلومات ارجع للوثائق. - ‮تهيئة المجلد الخارجي - ‮تهيئة المجلد المخفي - ‮تهيئة المجلد - ‮تحتاج لقارئ أدوبي (أو أداة متوافقة) لطبع دليل مستخدم ڤيراكربت. يمكن تنزيل قارئ أدوبي (برمجية مجانية) من: ‪www.adobe.com‬ ‮ ‮أتريد عرض التوثيق على الوب بدلا من هذا؟ - ‮إن اخترت هذا فسيساعدك المرشد أولا على إنشاء مجلد ڤيراكربت عادي ثم مجلدا مخفيا داخله. ينبغي للمستخدمين غير ذوي الخبرة اختيار هذا الخيار دوما. - ‮إن اخترت هذا فستنشئ مجلدا مخفيا داخل مجلد ڤيراكربت قائم. سيفترض أنك قد أنشأت بالفعل مجلدا مناسبا لاستضافة المجلد المخفي. - ‮طور إنشاء مجلد - ‮أُنشئ المجلد المخفي - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - ‮لقد شغلت نظام التشغيل المخفي. و ربما لاحظت فإن نظام التشغيل المخفي يظهر كأنه منصب في ذات القسم المنصب فيه نظام التشغيل الأصلي. لكن الحقيقة هي أنه منصب في القسم الذي يليه (في المجلد المخفي). كل عمليات القراءة و الكتابة يجري تحويلها بشفافية من قسم نظام التشغيل الأصلي إلى المجلد المخفي. ‮ ‮لن يدرك كل من نظام التشغيل و لا التطبيقات أن البيانات المقروءة و المكتوبة في قسم النظام تكتب و تقرأ من القسم الذي يليه (من و إلى مجلد مخفي). كل تلك البيانات تُعمَّى و تُظهَّر لحظيا كالمعتاد (بمفتاح تعمية غير الذي يستخدم لنظام التشغيل التمويه). ‮ ‮انقر 'اللاحق' للمواصلة. - ‮المجاد الخارجي تم إنشاؤه و وصله بحرف السواقة ‪%hc‬:‬، و ينبغي لك أن تنسخ إليه بعض الملفات التي تبدو هامة لكنك حقيقة لا تهتم لإخفاءها، ليعثر عليها من يرغمك على الإفصاح عن كلمة سر القسم الأول الذي يلي قسم النظام، و الذي سيوجد فيه كلا من المجلد الخارجي و المجلد المخفي (الذي يحوي نظام التشغيل المخفي). يمكنك عندها أن تفصح عن كلمة السر لهذا المجلد الخارجي و سيظل وجود المجلد المخفي (و نظام التشغيل المخفي) سرا. ‮ ‮هام: الملفات التس تنسخها إلى المجلد الخارجي ينبغي ألا تشغل ما يزيد على ‪%s‬. و إلا فإنه قد لا تبقى مساحة شاغرة كافية في المجلد الخارجي لإنشاء المجلد المخفي (و لن تمكن المواصلة). بعد أن تنهي النسخ انقر 'اللاحق' (لا تفصل المجلد). - ‮لقد أنشئ المجلد الخارجي بنجاح و أوصل معرفا بالحرف ‪%hc‬:. يجب عليك الآن أن تنسخ إلى هذا المجلد بعض الملفات التي تبدو كأنها حساسة لكنك في الحقيقة لا تهتم بإخفائها. سيجد هذه الملفات من يجبرك على الإفصاح عن كلمة سرّك حيث يجب عليك عندئذ الإفصاح عن كلمة السر لهذا المجلد الخارجي و ليس المخفي. الملفات التي تهمك سريتها حقا ستظل محفوظة في المجلد المخفي الذي سيُنشأ لاحقًا. عندما تنتهي من نسخ الملفات، انقر 'اللاحق'. لا تفصل المجلد. ‮ ‮ملاحظة: بعد أن تنقر 'اللاحق' سيجري فحص خارطة عناقيد المجلد الخارجي لتحديد المساحة الشاغرة المتصلة التي تتماس نهايتها مع نهاية المجلد الخارجي. ستحوي هذه المساحة المجلد المخفي و ستحدد أقصى حجم ممكن له. يضمن فحص خارطة العناقيد أن لا يطمس المجلد المخفي أيا من البيانات على المجلد الخارجي لتبقى بنيته سليمة. - ‮محتويات المجلد الخارجي - \nn‮ ‮في الخطوات التالية ستضبط خيارات المجلد الخارجي (الذي سيُنشأ داخله المجلد المخفي لاحقًا) - \nn‮ ‮في الخطوات التالية ستنشئ ما يسمى مجلد ڤيراكربت خارجي في أول قسم يلي قسم النظام (كما شُرح في واحدة من الخطوات السابقة). - ‮المجلد الخارجي - \nn‮ ‮في الخطوات التالية ستضبط خيارات و كلمة سر المجلد المخفي الذي سيحوي نظام التشغيل المخفي. ‮ ‮ملاحظة: خريطة عناقيد المجلد الخارجي تم مسحها لإيجاد حجم المساحة المتصلة الشاغرة التي تتماس نهايتها مع نهاية المجلد الخارجي. ستضم هذه المساحة المجلد المخفي لذا فهي ما يحدد حجمه الأقصى الممكن. الحجم الأقصى الممكن للمجلد المخفي تم إيجاده و توكيد أنه أكبر من حجم قسم النظام (و هو ضروري لأن محتويات قسم النظام كلها ستنسخ إلى المجلج المخفي). يضمن هذا ألا تطمس أبة بيانات مخزنة حاليا في المجلد الخارجي ببيانات من منطقة المجلد المخفي. - ‮هام: رجاء تذكَّر الخوارزميات التي تختارها في هذه الخطوة. سكون عليك أن تختار الخوارزميات ذاتها لنظلم التمويه، و إلا فإن النظام المخفي لن يمكن النفاذ إليه! (نظام التمويه تجب تعميته بخوارزمية التعمية ذاتها المعمى بها النظام المخفي) ‮ ‮ملاحظة: السبب هو أن نظام التمويه و النظام المخفي سيتشاركان في مُحمِّل إقلاع واحد و هو الذي لا يدعم سوى خوارزمية واحدة يختارها المستخدم (لكل خوارزمية توجد إصدارة خاصة من محمّل إقلاع ڤيراكربت). - \nn‮ ‮تم فحص خارطة عناقيد المجلد و حُددت أقصى مساحة للمجلد المخفي. في الخطوات التالية ستضبط الخيارات و المساحة و كلمة سر المجلد المخفي. - ‮المجلد المخفي - ‮المجلد المخفي محمي الآن من التلف حتى يتم فصل المجلد الخارجي. ‮ ‮تنبيه: إذا جرت محاولة كتابة أي بيانات في منطقة المجلد المخفي فإن ڤيراكربت سيشرع في حماية المجلد كله من الكتابة (بكلا جزئيه الخارجي و المخفي) حتى يتم الفصل. قد يسبب هذا تلف نظام ملفات المجلد الخارجي، و هذا إن تكرر قد يؤثر سلبا على حجية إنكار المجلد المخفي. لذا يجب أن تبذل ما في وسعك لتجنب الكتابة في منطقة المجلد المخفي. أي بيانات يجري حفظها في منطقة المجلد المخفي لن يتم حفظها و ستضيع. قد يبلغ ويندوز عن هذا كعطل كتابة ("فشلت الكتابة المرجأة" أو "المعامل غير صحيح"). - ‮المجلدات المخفية داخل كل المجلدات الموصولة مؤخرا محمية الآن من التلف حتى يتم فصلها. ‮ ‮تنبيه: إذا جرت محاولة كتابة أي بيانات في منطقة أي من المجلدات المخفية داخل تلك المجلدات فإن ڤيراكربت سيشرع في حماية المجلد كله من الكتابة (بكلا جزئيه الخارجي و المخفي) حتى يتم الفصل. قد يسبب هذا تلف نظام ملفات المجلد الخارجي، و هذا إن تكرر قد يؤثر سلبا على حجية إنكار المجلد المخفي. لذا يجب أن تبذل ما في وسعك لتجنب الكتابة في منطقة المجلد المخفي. أي بيانات يجري حفظها في منطقة مجلد مخفي لن يتم حفظها و ستضيع. قد يبلغ ويندوز عن هذا كعطل كتابة ("فشلت الكتابة المُرجأة" أو "المعامل غير صحيح"). - ‮تنبيه: جرت محاولة كتابة بيانات في منطقة المجلد المخفي داخل المجلد الموصول بالحرف ‪%c‬! لقد حال ڤيراكربت دون حفظ تلك البيانات للحفاظ على المجلد المخفي. قد يكون هذا قد تسبب في تلف نظام الملفات في المجلد الخارجي و قد يكون ويندوز قد أبلغ عن عطل كتابة (فشلت الكتابة المرجأة" أو "المعامل غير صحيح"). المجلد كله (بجزئيه الخارجي و المخفي) ستتم حمايته حتى فصله. إن لم تكن هذه هي المرة الأولى التي يحول ڤيراكربت فيها دون كتابة بيانات في منطقة المجلد المخفي داخل هذا المجلد فإن حجية إنكار وجود المجلد المخفي قد تتأثر سلبا بشدة (بسبب أعطال مترابطة غير عادية في نظام ملفات المجلد الخارجي). لذا ينبغي لك أن تأخذ في الاعتبار إنشاء مجلد ڤيراكربت جديد (مع تعطيل التهيئة السريعة) و نقل الملفات من هذا المجلد إليه؛ كما ينبغي محو هذا المجلد محوا آمنا (بكلا جزئيه الخارجي و المخفي). ننصح بشدة أن تعيد بدء نظام التشغيل الآن. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS/exFAT, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS/exFAT. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS/exFAT volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - ‮لدواعي الأمان فإنه عندما يكون نظام التشغيل المخفي عاملا فإن نظم الملفات المحلية غير المعماة و مجلدات ڤيراكربت غير المخفية توصل للقراءة فقط. (لا يمكن كتابة أية بيانات فيها). ‮ ‮لا تمكن الكتابة إلا في نظم الملفات المحتواة في مجلدات ڤيراكربت مخفية (طالما لم يكن المجلد المخفي محتوى في حاوية محفوظة في نظام ملفات غير معمّى أو أي نظام ملفات آخر للقراءة فقط). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - ‮ملاحظة: إن أردت نقل ملفات بأمان من نظام التشغيل التمويهي إلى النظام المخفي فاتبع هذه الخطوات: ‮1) أقلع النظام التمويه. ‮2) احفظ المفات في مجلد غير معمى أو مجلد ڤيراكربت خارجي\\عادي. ‮3) أقلع النظام المخفي. ‮4) إن كنت حفظت الملفات في مجلد ڤيراكربت فأوصله (و سيوصل للقراءة فقط). ‮5) انسخ الملفات إلى قسم النظام المخفي أو إلى مجلد مخفي غيره. - ‮تنبغي إعادة بدء حاسوبك. ‮ ‮أتود فعل ذلك الآن؟ - ‮طرأ عطل أثناء جلب حالة تعمية النظام. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - ‮تعذّر استبداء مكونات التطبيق لتعمية النظام. - ‮فشل استبداء مُولِّد الأرقام العشوائيّة! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - ‮تعذَّر استبداء التطبيق. فشل تسجيل فئة الحوار. - ‮عطل: تعذَّر تحميل مكتبة التحرير الغني. - ‮مرشِد ڤيراكربت لإنشاء المجلدات - ‮أقصى حجم للمجلد المخفي لهذا المجلد هو ‪%.2f‬ بايت. - ‮أقصى حجم للمجلد المخفي لهذا المجلد هو ‪%.2f‬ كيلوبايت. - ‮أقصى حجم للمجلد المخفي لهذا المجلد هو ‪%.2f‬ م.بايت. - ‮أقصى حجم للمجلد المخفي في هذا المجلد هو ‪%.2f‬ جيجابايت. - ‮‮أقصى حجم للمجلد المخفي في هذا المجلد هو ‪%.2f‬ تيرابايت. - ‮لا يمكن تغيير كلمة سر أو الملفات المفتاح للمجلد و هو موصول. افصل المجلد أولًا. - ‮لا يمكن تغيير خوارزمية اشتقاق مفتاح ترويسة المجلد و هو موصول. افصل المجلد أولًا. - ‮&أوصل - ‮مطلوب إصدارة أحدث من ڤيراكربت لوصل هذا المجلد. - ‮عُطل: تعذَّر إيجاد مساعد إنشاء المجلدات. ‮ ‮من فضلك تحقق من وجود الملف '‪VeraCrypt Format.exe‬' في ذات دليل الذي شُغَّل منه ‪VeraCrypt.exe‬. إن لم يكن موجودا فأعد تنصيب ڤيراكربت أو ابحث عن '‪VeraCrypt Format.exe‬' في ملفاتك و شغله. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - ‮ال&لاحق> - ‮ا&نهِ - ‮&نصِّب - ‮است&خرج - ‮تعذّر الاتصال بمشغل ڤيراكربت. لا يستطيع ڤيراكربت العمل إن لم يكن المشغل عاملا. ‮ ‮رجاءً لاحظ أنه بسبب مشكلات في ويندوز فقد يلزم أن تخرج من حسابك أو تعيد تشغيل النظام ليمكن تحميل المشغّل. - ‮حدث عُطل أثناء تحميل/إعداد الخطوط. - ‮حرف السواقة لم يعثر عليه أو لم يُعيَّن حرف سواقة. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - ‮حرف السواقة غير متاح. - ‮لم تختر ملفا! - ‮لا توجد أية أحرف سواقات متاحة. - ‮لا يوجد حرف سواقة شاغر للمجلد الخارجي! لا يمكن مواصلة إنشاء المجلد. - ‮تعذَّر تحديد إصدارة نظام تشغيلك أو أنك تستخدم نظام تشغيل غير مدعوم. - ‮لم تختر مسارا! - ‮لا توجد مساحة شاغرة كافية للمجلد المخفي! لا يمكن متابعة إنشاء المجلد. - ‮عطل: الملفات التي نسختها إلى المجلد الخارجي تشغل حيزا أكبر من اللازم، لذا لا توجد مساحة شاغرة كافية فيه للمجلد المخفي. ‮ ‮لاحظ أن المجلد المخفي ينبغي أن يكون بحجم قسم النظام (القسم المنصب فيه نظام التشغيل العامل حاليا). السبب هو أن نظام التشغيل المخفي سينشأ بنسخ محتوى قسم النظام إلى المجلد المخفي. ‮ ‮لا يمكن مواصلة صيرورة إنشاء نظام التشغيل المخفي. - ‮لا يستطيع المشغل فصل المجلد. يحتمل أن تكون بعض الملفات الموجودة على المجلد لا تزال مفتوحة. - ‮تعذَّر قفل المجلد. ما زالت بعض الملفات على المجلد مفتوحة. لذا لا يمكن فصله. - ‮تعذَّر على ڤيراكربت قفل المجلد لأنه قيد الاستخدام بواسطة النظام أو تطبيقات (ربما توجد ملفات مفتوحة على المجلد). ‮ ‮أتريد إجبار فصل المجلد؟ - ‮اختر مجلد ڤيراكربت - ‮عيِّن المسار و اسم الملف - ‮اختر مكتبة ‪PKCS #11‬ - ‮نفذت الذّاكرة - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - ‮تحذير: الملف '‪%s‬' موجود بالفعل! ‮ ‮هام: لن يعمي ڤيراكربت الملف بل سيحذفه. أمتأكد أنك تريد حذف الملف و استبداله بحاوية ڤيراكربت جديدة؟ - ‮تنبيه: كل الملفات المخزنة حاليا على ‪%s‬ '‪%s‬'‪%s‬ المختار ستحذف و تضيع محتوياتها (لن تتم تعميتها)! ‮ ‮أمتأكد أنك تريد مواصلة التهيئة؟ - ‮تحذير: لن يكون بوسعك وصل المجلد أو النفاذ إلى الملفات المحفوظة فيه حتى تتم تعميته بكامله. ‮ ‮أمتأكد أنك تريد البدء بتعمية ‪%s‬ المختار '‪%s‬'‪%s‬؟ - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - ‮تحذير: لاحظ أنه إن انقطعت الطاقة فجأة أثناء تعمية البيانات في موضعها، أو إن انهار نظام التشغيل بسبب علات في البرمجيات أو قصور العتاد أثناء إجراء ڤيراكربت لتعمية البيانات في موضعها فإن بعضا من البيانات ستتلف أو تضيع. لذا فقبل أن تشرع في التعمية تثَبَّت من أن لديك نسخة احتياطية من الملفات التي تريد تعميتها. ‮ ‮هل لديك نسخة احتياطية؟ - ‮تحذير: كل الملفات المخزنة في القسم '‪%s‬'‪%s‬ (أول قسم يلي قسم النظام) ستمحى و تفقد (لن تعمّى)! ‮ ‮أمتأكد أنك تريد الشروع في التهيئة؟ - ‮تحذير: القسم المختار يحوي قدرا كبيرا من البيانات! كل الملفات المخزنة في القسم ستمحى و تفقد (لن تعمى)! - ‮امح أية ملفات مخزنة في القسم بإنشاء مجلد ڤيراكربت فيه - ‮كلمة السّر - PIM - ضبط خوارزمية اشتقاق مفتاح الترويسة - ‮أضف/احذف الملفات المفاتيح من/إلى المجلد - ‮احذف كل الملفات المفاتيح من المجلد - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - ‮هام: إذا لم تدمر قرص إنقاذ ڤيراكربت فإنه يمكن تظهير قسم\\نبيطة النظام باستخدام كلمة السر العتيقة (بإقلاع قرص إنقاذ ڤيراكربت و إدخال كلمة السر العتيقة). لذا ينبغي إنشاء قرص إنقاذ ڤيراكربت حديث ثم إتلاف العتيق. ‮ ‮أتريد إنشاء قرص ڤيراكربت حديث؟ - ‮لاحظ أن قرص ڤيراكربت لازال يستخدم الخوارزمية السابقة. إن كنت تعد الخوارزمية السابقة غير آمنة فينبغي لك أن تنشئ قرص إنقاذ ڤيراكربت جديد ثم تدمر العتيق. ‮ ‮أتريد إنشاء قرص إنقاذ ڤيراكربت جديد؟ - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - ‮أضيفت/أزيلت الملفات المفاتيح بنجاح. - ‮تم تصدير الملف المفتاح. - ‮تم ضبط خوارزمية اشتقاق مفتاح الترويسة بنجاح. - ‮أدخل كلمة السر و\\أو ملفات المفاتيح للمجلد الذي لغير نظام التشغيل الذي تريد معاودة صيرورة تعميته في موضعه. ‮ ‮ملاحظة: بعد أن تنقر 'اللاحق' فإن ڤيراكربت سيحاول إيجاد المجلدات التي لغير النظام التي قوطعت صيرورة تعميتها و التي يمكن تظهير ترويستها باستخدام كلمة السر و\\أو الملفات المفاتيح المعطاة. إن وجد أكثر من مجلد بهذه الصفة فسيكون عليك أن تختار أحدها في الخطوة التالية. - ‮أدخل أحد المجلدات المدرجة. تحوي القائمة كل مجلدات غير النظام التي يمكن النفاذ إليها و التي قوطعت صيرورة تعميتها و التي أمكن تظهير ترويستها باستخدام كلمة السر و\\أو الملفات المفاتيح المعطاة. - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - ‮من المهم أن تضع كلمة سر جيدة. تجنب وضع كلمة سر تحوي كلمات من المعجم (أو توافيق من كلمتين أو ثلاثة أو أربعة)، كما أنها ينبغي ألا تحوي أية أسماء أو تواريخ ميلاد؛ فيجب ألا يَسهُل تخمينها. كلمة السر الجيدة تتألف من توفيقة عشوائية من الأحرف و الأرقام و المحارف الخاصة، مثل @ ^ = $ * + إلخ. نوصي بوضع كلمة سر تتألف من أكثر من 20 خانة (كلما طالت كان أفضل). الطول الأقصى المسموح به هو 64 خانة. - ‮اختر كلمة سر للمجلد المخفي. - ‮ضع كلمة سر لنظام التشغيل المخفي (أي للمجلد المخفي). - ‮هام: كلمة السر التي تضعها لنظام التشغيل المخفي في هذه الخطوة يجب أن تختلف كليا عن كلمتي السر الأخريين (أي عن كلمة سر المجلد الخارجي، و عن كلمة سر نظام التشغيل التمويهي). - ‮أدخل كلمة سر المجلد الذى تريد أن تنشئ المجلد المخفي داخله. ‮ ‮بعد أن تنقر 'اللاحق'، سيحاول ڤيراكربت وصل المجلد. بمجرد وصل المجلد فإن خارطة بتات عناقيده ستفحص لتحديد حجم المساحة المتصلة الشاغرة (إن وُجدت) التي تتماس نهايتها مع نهاية المجلد. ستحوي هذه المساحة المجلد المخفي، لذا ستحدد حجمه الأقصى الممكن. فحص خارطة بتات العناقيد ضروري لضمان أن البيانات في المجلد الخارجي لن يطمسها المجلد المخفي. - \nn‮ضع كلمة سر للمجلد الخارجي. هذه هي كلمة السر التي سيكون بوسعك الإفصاح عنها إن اضطررت أو أجبرت. ‮ ‮هام: كلمة السر هذه يجب أن تختلف كليا عن التي تضعها للمجلد المخفي. ‮ ‮ملاحظة: الطول الأقصى لكلمة السر هو 64 خانة. - ‮ضع كلمة سر للمجلد الخارجي. هذه هي كلمة السر التي يمكنك كشفها لمن يجبرك على الإفصاح عن كلمة سر أول قسم يلي قسم النظام و الذي سيكون فيه كل من المجلدين الخارجي و المخفي (الذي يحوي نظام التخزين المخفي)، و سيظل وجود المجلد المخفي (و نظام التشغيل المخفي بداخله) سرا. لاحظ أن كلمة السر هذه ليست لنظام التشغيل التمويهي. ‮ ‮هام: يجب أن تختلف كلمة السر هذه كليا عن التي ستضعها للمجلد المخفي (أي التي لنظام التشغيل المخفي). - ‮كلمة سر المجلد الخارجي - ‮كلمة سر المجلد المخفي - ‮كلمة سر نظام التشغيل المخفي - ‮تحذير: كلمات السر القصيرة يسهل كسرها باستخدام تقنيات القوة الغاشمة! ‮ ‮ننصح بوضع كلمة سر أطول من ‪20‬ خانة. أمتأكد من رغبتك في استخدام كلمة سر قصيرة؟ - ‮كلمة سر المجلد - ‮كلمة سر غير صحيحة أو ليس مجلد ڤيراكربت. - ‮ملفات مفتاح و/أو كلمة سر غير صحيحة أو ليس مجلد ڤيراكربت. - ‮طور وصل غير صحيح، أو كلمة سر غير صحيحة أو ليس مجلد ڤيراكربت. - ‮طور وصل غير صحيح، أو ملف مفتاح غير صحيحة و/أو كلمة سر غير صحيحة، أو ليس مجلد ڤيراكربت. - ‮كلمة سر غير صحيحة أو لا يوجد مجلد ڤيراكربت. - ‮ملفات مفتاح/كلمة سر غير صحيحة أو لا يوجد مجلد ڤيراكربت. - \nn‮ ‮تنبيه: مفتاح ‪Caps Lock‬ مفعَّل. قد يُسبب هذا أن تُدخلَ كلمة السر على نحو غير صحيح. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - ‮لم يجد ڤيراكربت أي مجلدات لغير النظام و قد قوطعت تعميتها و أمكن تظهير ترويستها باستخدام كلمة السر و\\أو الملفات المفاتح المعطاة. ‮ ‮تحقق من أن كلمة السر و\\أو ملفات المفاتيح صحيحة و أن القسم\\المجلد ليس قيد الاستخدام من قبل النظام أو تطبيقات (بما في ذلك مضادات الفيروسات). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \nn‮ ‮ملاحظة: إن كنت تحاول وصل مجلد موضوع في سواقة نظام معماة دون استيثاق ما قبل الإقلاع، أو إن كنت تحاول وصل قسم النظام المعمى لنظام تشغيل غير عامل فيمكنك فعل ذلك باختيار 'نظام' > 'أوصل دون استيثاق ما قبل الإقلاع'. - ‮في هذا الطور لا يمكن وصل قسم من سواقة يكون أي جزء منها قيد تعمية النظام. ‮ ‮قبل أن يمكن وصل هذا القسم في هذا الطور ينبغي أن تقلع نظام تشغيل مُنَصَّب على سواقة أخرى (معماة أو غير معماة) أو إقلاع نظام تشغيل غير معمى. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - ‮< السا&بق - ‮تعذَّر سرد النبائط الخام المنصّبة على نظامك. - ‮المجلد '‪%s‬' موجود و مسموح فقط بالقراءة منه. أمتأكد أنك ترغب في استبداله؟ - ‮اختر الدليل الوجهة - ‮اختر الملف المفتاح - ‮اختر مسار البحث عن الملفات المفتاح. تنبيه: لاحظ المسار و حسب هو ما سيُحفظ و ليس أسماء الملفات. - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - ‮صممها رُس أندرسُن و إلي بيهام و لارس نودسٍن، و نشرت في ‪1998‬. مفتاح بطول ‪256‬ بتة؛ كتلة ‪128‬ بتة؛ تعمل في طور ‪XTS‬. كان ‪Serpent‬ أحد الواصلين لنهائيات ‪AES‬. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an exFAT volume is 424 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - ‮حجمُ المُجلَّدِ الخارجيِّ - ‮حجمُ المُجلَّدِ المخفيِّ - ‮تحقق من صحة النبيطة\\القسم المذكور أعلاه و انقر 'اللاحق'. - ‮المجلد الخارجي و المجلد المخفي (الذي يحوي نظام التشغيل المخفي) سيحتويان في القسم المعين بالأعلى، و ينبغي أن يكون هو أول قسم تال لقسم النظام. ‮ ‮تحقق أن حجم المجلد و رقمه المعيَّن أعلاه صحيحان، و إن كانا كذلك انقر 'اللاحق'. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - ‮حَجْمُ المُجلَّدِ - ‮ديناميّ - ‮تنبيه: فشل الاختبار الذاتي. - ‮نجحت الاختبارات الذاتية لكل الخوارزميات - ‮رقم وحدة البيانات التي أدخلته أطول أو أقصر من اللازم. - ‮المفتاح الثانوي الذي أدخلته أطول أو أقصر من اللازم. - ‮النص المُعمّى الاختباريّ الذي أدخلته إما طويل جدا أو قصير جدا. - ‮المفتاح الاختباري الذي عيَّنته إما طويل جدا أو قصير جدًا. - ‮النص الصريح الاختباريّ الذي أدخلته إما طويل جدا أو قصير جدًا. - ‮شفرتان تعملان بالتتابع في طور ‪XST‬. كل كتلة تعمى أولا باستخدام ‪%s‬ (مفتاح ‪%d‬ بتة) ثم باستخدام ‪%s‬ (مفتاح ‪%d‬ بتة). لكل شفرة مفتاحها الخاص، و كلا المفتاحين مستقل عن الآخر. - ‮ثلاث شفرات تعمل بالتتابع في طور ‪XST‬. كل كتلة تعمى أولا باستخدام ‪%s‬ (مفتاح ‪%d‬ بتة) ثم باستخدام ‪%s‬ (مفتاح ‪%d‬ بتة) و أخيرا باستخدام ‪%s‬ (مفتاح ‪%d‬ بتة). لكل شفرة مفتاحها الخاص، و كل مفتاح مستقل عن غيره. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - ‮قرص ڤيراكربت الجوال - ‮صممها بروس شنايَر و جون كِلسِي و دوجلاس وَيتِنج و ديفيد فاجْنَر و كريستوفر هُول و نيلز فِرجِسُن، و نشرت في ‪1998‬. مفتاح بطول ‪256‬ بتة؛ كتلة ‪128‬ بتة؛ تعمل في طور ‪XTS‬. كان ‪Twofish‬ أحد الواصلين لنهائيات ‪AES‬. - المزيد من المعلومات عن %s - ‮غير معلوم - An unspecified or unknown error occurred (%d). - ‮تحوي بعض المجلدات ملفات أو أدلة تستخدمها التطبيقات أو النظام. ‮ ‮أأجبر الفصل؟ - ‮ا&فصل - ‮فشل الفصل! - ‮يحوي المجلد ملفات أو أدلة تستخدمها التطبيقات أو النظام. ‮ ‮أأجبر الفصل؟ - No volume is mounted to the specified drive letter. - ‮المجلد الذي تحاول وصله موصول بالفعل. - ‮طرأ عطل أثناء محاولة وصل المجلد. - ‮خطأ عند البحث عن موضع في المجلد. - ‮عُطل: حجم المجلد غير صحيح. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - ‮لا يستطيع ڤيراكربت تغيير كلمة سر مجلد غريب. - ‮اختر من القائمة حرف نبيطة غير مُستخدم. - ‮اختر من قائمة أحرف السواقات مجلدا موصولا. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - ‮عُطل: تعذَّر إنشاء ‪autorun.inf‬ - ‮عُطل أثناء معالجة الملف المفتاح! - ‮عُطل أثناء معالجة مسار الملف المفتاح! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - ‮لا يدعم ڤيراكربت نظام التشغيل هذا. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - ‮عُطل: تعذَّر تحصيص الذاكرة. - ‮عُطل: تعذَّر جلب قيمة عداد الأداء. - ‮عطل: هيئة مجلد غير صحيحة. - ‮عطل: أدخلت كلمة سر تخص مجلدا مخفيا (و ليس مجلدا عاديا). - ‮لدواعي الأمان لا يمكن إنشاء مجلد مخفي في مجلد ڤيراكربت يحوي نظام ملفات جرت تعميته في موضعه (لأن المساحة الشاغرة في المجلد لم تطمس ببيانات عشوائية). - ‮ڤيراكربت - تنويهات قانونية - ‮كل الملفات - ‮مجلدات ڤيراكربت - ‮وحدات المكتبات - ‮تعذَّر إتمام تهيئة ‪NTFS‬. - ‮تعذَّر وصل المجلد. - ‮تعذَّر فصل المجلد. - ‮فشل ويندوز في تهيئة المجلد بنظام ‪NTFS‬. ‮ ‮اختر نظام ملفات مختلف (إن أمكن) وحاول مجددا. أو يمكنك ترك المجلد دون تهيئة (اختر نوع نظام الملفات 'لا شيء') واخرج من هذا المرشد ثم أوصل المجلد واستخدم أداة النظام أو أداة أخرى لتهيئة المجلد الموصول (سيبقى المجلد معمّى). - ‮فشل ويندوز في تهيئة المجلد في هيئة ‪NTFS‬. ‮ ‮أتريد تهيئة المجلد على هيئة ‪FAT‬ بدلا من هذا؟ - ‮المبدئيّ - ‮قسم - ‮قسم - ‮النبيطة - ‮نبيطة - ‮نبيطة - المجلد - ‮مجلد - ‮مجلد - Label - ‮حجم العنقود المختار صغير جدًا على حجم هذا المجلد. سيُستخدم بدلًا منه حجم عنقود أكبر. - ‮عُطل: تعذَّر إيجاد حجم المجلد! ‮ ‮تحقق من أن المجلد المنتقى لا يستخدمه النظام أو تطبيق ما. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - ‮لا يمكن لمرشد إنشاء مجلد ڤيراكربت أن ينشئ مجلدا مخفيا سوى داخل مجلدات ‪FAT‬ أو ‪NTFS‬. - ‮في ويندوز ‪2000‬ لا يمكن لمرشد إنشاء مجلد ڤيراكربت أن ينشئ مجلدا مخفيا سوى داخل مجلدات ‪FAT‬. - ‮ملاحظة: نظام الملفات ‪FAT‬ أكثر ملائمة للمجلدات الخارجية من نظام ملفات ‪NTFS‬ (مثلا، الحجم الأقصى الممكن للمجلد المخفي كان سيزيد بقدر ملحوظ لو كان المجلد الخارجي مهيئا بنظام ‪FAT‬). - ‮لاحظ أن نظام الملفات ‪FAT‬ أنسب للمجلدات الخارجية من نظام الملفات ‪NTFS‬. مثلا الحجم الأقصى الممكن للمجلد المخفي كان من الأرجح أنه سيزيد بقدر ملحوظ لو كان المجلد الخارجي مهيئا بنظام ‪FAT‬ (السبب هو أن نظام الملفات ‪NTFS‬ يحفظ دوما بياناته الداخلية في منتصف المجلد لذا لا يمكن للمجلد المخفي أن يشغل سوى النصف الثاني من المجلد الخارجي). ‮ ‮أمتأكد أنك تريد تهيئة المجلد الخارجي بنظام ‪NTFS‬؟ - ‮أتريد تهيئة المجلد بنظام ‪FAT‬ إذن؟ - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - ‮عطل: قسم نظام التشغيل المخفي (أول قسم يلي قسم النظام) يجب أن يكون أكبر من قسم النظام بما لا يقل عن ‪5%‬ (قسم النظام هو المنصب فيه حاليا نظام التشغيل). - ‮عطل: قسم نظام التشغيل المخفي (أول قسم يلي قسم نظام التشغيل) يجب أن يكون أكبر بما لا يقل عن ‪110%‬ (‪2.1‬ مرة) من قسم النظام (القسم المُنصَّب فيه نظام التشغيل العامل حاليا). السبب هو أن نظام الملفات ‪NTFS‬ دوما يحفظ بياناته الداخلية في منتصف المجلد لذا لا يمكن أن يشغل المجلد المخفي (الذي سيحوي نسخة من محتوى قسم النظام) سوى النصف الثاني من القسم. - ‮عطل: إن كان المجلد الخارجي مهيئا بنظام ‪NTFS‬ فينبغي أن يكون أكبر بما لا يقل عن ‪110%‬ (‪2.1‬ مرة). السبب هو أن نظام الملفات ‪NTFS‬ دوما يحفظ بياناته الداخلية في منتصف المجلد لذا لا يمكن أن يشغل المجلد المخفي (الذي سيحوي نسخة من محتوى قسم النظام) سوى النصف الثاني من المجلد الخارجي. ‮ ‮ملاحظة: المجلد الخارجي ينبغي أن يوجد في القسم ذاته الذي يوجد فيه نظام التشغيل المخفي (أول قسم يلي قسم النظام). - ‮عطل: لا يوجد قسم يلي قسم النظام. ‮ ‮لاحظ أنه قبل أن يمكن إنشاء نظام تشغيل مخفي فإنه ينبغي إنشاء قسم له على سواقة النظام، و أنه ينبغي أن يكون القسم الأول التالي لقسم النظام و ينبغي أن يكون أكبر منه بما لا يقل عن ‪5%‬ (قسم النظام هو القسم المنصب فيه نظام التشغيل العامل حاليا). لكن إن كان المجلد الخارجي (لا تخلط بينه و قسم النظام) مهيئا بنظام ‪NTFS‬ فإن قسم نظام التشغيل المخفي يجب أن يكون أكبر بما لا يقل عن ‪110%‬ (‪2.1‬ مرة) من قسم النظام (السبب هو أن نظام الملفات ‪NTFS‬ دوما يخزن بياناته الداخلية في منتصف المجلد لذا لا يمكن للمجلد المخفي الذي سيحوي نسخة من قسم النظام أن يشغل سوى النصف الثاني من القسم). - ‮ملاحظة: ليس من العملي (لذا هو غير مدعوم) تنصيب نظامي تشغيل في مجلدي ڤيراكربت محتوَيان في قسم واحد لأن استخدام نظام التشغيل الخارجي سيتطلب غالبا كتابة بيانات في منطقة نظام التشغيل المخفي (و إن حدث و مَنعت هذه العملياتُ وظيفةَ حماية نظام التشغيل المخفي فإنها ستتسبب في انهيار النظام). - ‮لمعلومات عن كيفية إنشاء و إدارة الأقسام ارجع إلى الوثائق المرفقة بنظام التشغيل أو اتصل بفني صيانة الحواسيب الذي تتعامل معه أو ابحث في الشروح و الأدلة على الوب أو استعن بصديق ذي خبرة. - ‮عطل: نظام التشغيل العامل حاليا ليس مُنَصَّبا في قسم الإقلاع (القسم النشط الأول)؛ و هذا غير مدعوم. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - ‮عُطل: تعذَّر النفاذ إلى للمجلد! ‮ ‮تحقق من أن المجلد المختار موجود، و أنه ليس موصولا أو يستخدمه النظام أو تطبيق ما، وأنك تملك صلاحيات القراءة\\الكتابة للمجلد، وأنه ليس محميا من الكتابة. - Error: Cannot obtain volume properties. - ‮عطل: تعذَّر النفاذ إلى المجلد و\\أو إيجاد معلومات عنه. ‮ ‮تحقق من وجود المجلد المختار، و أنه ليس قيد الاستخدام بواسطة النزام أو تطبيقات، و أن لديك صلاحية القراءة\\الكتابة فيه، و أنه ليس محميا من الكتابة. - ‮عطل: تعذَّر النفاذ إلى المجلد و\\أو إيجاد معلومات عنه. ‮ ‮تحقق من وجود المجلد المختار، و أنه ليس قيد الاستخدام بواسطة النزام أو تطبيقات، و أن لديك صلاحية القراءة\\الكتابة فيه، و أنه ليس محميا من الكتابة. ‮ ‮إن لم تنحل المشكلة فقد يفيد اتباع الخطوات التالية. - ‮منع عطلٌ تروركبت من تعمية القسم. حاول إصلاح الأعطال المقررة مسبقا ثم حاول مجدا. إن تكررت المشكلة يفيد اتِّباع الخطوات التالية. - ‮منع عطلُ ڤيراكربت من معاودة صيرورة تعمية القسم. ‮ ‮حاول إصلاح المشكلات المقررة مسبقا ثم حاول مجددا معاودة الصيرورة. لاحظ أن المجلد لا يمكن وصله حتى تمام تعميته. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - ‮عُطل: تعذَّر فصل المجلد الخارجي! ‮ ‮لا يمكن فصل المجلد إذا حوى ملفات أو أدلة يستخدمها تطبيق أو النظام. ‮ ‮أغلق كل البرمجيات التي قد تكون مستخدمة ملفات أو أدلة على المجلد ثم انقر 'حاول مجددا'. - ‮عطل: تعذّر جلب معلومات عن المجلد الخارجي! لا تمكن مواصلة إنشاء المجلد. - ‮عُطل: تعذَّر النفاذ للمجلد الخارجي! لا يمكن متابعة إنشاء المجلد. - ‮عُطل: تعذَّر وصل المجلد الخارجي! لا يمكن متابعة إنشاء المجلد. - ‮عُطل: تعذَّر إيجاد خارطة عناقيد المجلد! لا يمكن متابعة إنشاء المجلد. - ‮ألفبائي/مُصنَّف - ‮السرعة المتوسطة (تنازلي) - ‮الخوارزمية - ‮التعمية - ‮التظهير - ‮المتوسط - ‮المشغّل - ‮الحجم - ‮خوارزميّة التعمية - ‮خوارزمية التعمية - ‮النوع - ‮القيمة - ‮خاصية - ‮الموضع - ‮بايتات - ‮مخفي - ‮خارجي - ‮عادي - ‮نظام - ‮مخفي (نظام) - ‮للقراءة فقط - ‮سواقة النظام - ‮سواقة النظام (تجري التعمية - ‪%.2f‬%%‬ تمت) - ‮سواقة النظام (يجري التظهير - ‪%.2f‬%%‬ تمت) - ‮سواقة النظام (تمت تعمية ‪%.2f‬%%‬) - ‮قسم النظام - ‮قسم نظام مخفي - ‮قسم النظام (تجري التعمية - ‪%.2f‬%%‬ تمت) - ‮قسم النظام (يجري التظهير - ‪%.2f‬%%‬ تمت) - ‮قسم النظام (تمت تعمية ‪%.2f‬%%‬) - ‮نعم (تم تفادي التلف!) - ‮لا شيء - ‮حجم المفتاح الرئيسي - ‮حجم المفتاح الثانوي (طور ‪XTS‬) - ‮ضبط حجم المفتاح (طور ‪LRW‬) - ‮بتات - ‮حجم الكتلة - ‮PKCS-5 PRF - ‮عدد دورات ‪PKCS-5‬ - ‮أُنشئ المجلد - ‮آخر تعديل للترويسة - ‮ (منذ ‪%I64d‬ يوم) - ‮إصدارة صيغة المجلد - ‮الترويسة الاحتياطية المُضمَّنة - VeraCrypt Boot Loader Version - ‮أول المتاح - ‮قرص محمول - ‮قرص صلب - ‮لم يتغيّر - اكتشاف تلقائي - ‮طور المرشد - ‮اختر أحد الأطوار. إن لم تعرف أيها تختار فدعه على الخيار المبدئي. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - ‮خيارات الإعداد - ‮يمكنك هنا ضبط الخيارات المختلفة التي تتحكم في صيرورة التنصيب. - ‮يجري التنصيب - ‮رجاءً انتظر حتى يتم تنصيب ڤيراكربت. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - ‮خيارات الاستخراج - ‮يمكنك هنا ضبط خيارات عدة للتحكم في صيرورة الاستخراج. - ‮رجاءً انتظر حتى يتم استخراج الملفات. - Files successfully extracted - ‮تم بنجاح استخراج كل الملفات إلى الموضع الوجهة. - ‮إن لم يكن الدليل المعيَّن موجودا فسينشأ تلقائيا. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - ‮أتريد مطالعة ملحوظات الإصدارة الحالية (الأحدث المستقرة) من ڤيراكربت؟ - ‮إن كنت لم تستخدم ڤيراكربت أبدا من قبل ننصحك بأن تقرأ فصل 'شرح المبتدئين في دليل مستخدم ڤيراكربت'. أتريد مطالعة الشرح؟ - ‮اختر فعلا من التالية لأداءه: - ‮أصلح/أعد التنصيب - Upgrade - ‮أزِل - ‮تنصيب أو إزالة ڤيراكربت يتطلب صلاحيات الإدارة. أتريد المواصلة؟ - ‮أداة تنصيب ڤيراكربت عاملة حاليا في هذا النظام و تجري أو تهيئ تنصيبا أو تحديثا. قبل المواصلة انتظر حتى تتم عملها أو أغلقها. إن تعذّر إغلاقها فأعد تشغيل النظام. - ‮فشل التنصيب. - ‮فشلت الإزالة. - ‮حزمة التوزيع هذه معطوبة. حاول تنزيلها مجددا (يستحسن من موقع ڤيراكربت الرسمي في ‪https://veracrypt.codeplex.com‬). - ‮تعذّرت كتابة الملف ‪%s‬ - ‮يجري الاستحراج - ‮تعذّرت قراءة البيانات من الحزمة. - ‮تعذّر التحقق من سلامة حزمة التوزيع هذه. - ‮فشل الاستخراح - ‮استرجع أثر التنصيب. - ‮ثُبِّت ڤيراكربت بنجاح. - ‮تم بنجاح تحديث ڤيراكربت. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - ‮أُزيل ڤيراكربت بنجاح. ‮ ‮انقر 'انهِ' لتحذف مُنصِّب ڤيراكربت و الدليل ‪%s‬. لاحظ أن الدليل لن يُحذف إذا كان يحوي أية ملفات لم يثَبِّتها مُنصِّب ڤيراكربت أو لم يُنشئها ڤيراكربت. - ‮تجري إزالة مدخلات تسجيل ڤيراكربت - ‮تجري إضافة مدخلة تسجيل - ‮تجري إزالة بيانات خاصة بالتطبيق - ‮يجري التنصيب - ‮يجري الإيقاف - ‮تجري الإزالة - ‮تجري إضافة أيقونة - ‮يجري إنشاء نقطة استرجاع للنظام - ‮فشل إنشاء نقطة استعادة للنظام! - ‮يجري تحديث مُحمِّل الإقلاع - ‮فشل تنصيب ‪'‪%s‬'‬. ‪%s‬ أتريد مواصلة التنصيب؟ - ‮فشلت إزالة ‪'‪%s‬'‬. ‪%s‬ أتريد مواصلة الإزالة؟ - ‮تم التنصيب. - ‮تعذَّر إنشاء الدليل '‪%s‬' - ‮تعذَّر إفراغ مُشغِّل ڤيراكربت. ‮ ‮أغلق كل نوافذ ڤيراكربت المفتوحة أولا. إذا لم ينجح هذا أعد تشغيل ويندوز و حاول مجددا. - ‮يجب أن تُفصل كل مجلدات ڤيراكربت قبل تنصيب ‌أو إزالة ڤيراكربت. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - ‮فشل تنصيب مدخلات التسجيل - ‮فشل تنصيب مشغل النبيطة. أعد تشغيل ويندوز ثم حاول تنصيب ڤيراكربت مجددًا. - ‮يجري بدء مشغل نبيطة ڤيراكربت - ‮فشلت إزالة مشغل النبيطة. رجاءً لاحظ أنه بسبب مشكلات في ويندوز فقد يلزم أن تخرج من حسابك أو تعيد تشغيل النظام لتمكن إزالة المشغّل (أو أعادة تنصيبه). - ‮يجري تنصيب مشغل نبيطة ڤيراكربت - ‮يجري إيقاف مشغل نبيطة ڤيراكربت - ‮تجري إزالة مشغل نبيطة ڤيراكربت - ‮فشل تسجيل مكتبة دعم التحكم في حسابات المستخدمين. - ‮فشلت إزالة تسجيل مكتبة دعم الحكم في حسابات المستخدمين. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - ‮تحذير: يعمل مرشد إنشاء المجلدات حاليا بصلاحيات الإدارة. ‮ ‮قد يؤدي هذا إلى إنشاء مجلد بصلاحيات تمنعك من الكتابة إليه عند وصله لاحقا. لتفادي هذا أغلق المرشد الآن و شغّله مرة أخرى دون صلاحيات الإدارة. ‮ ‮أتريد غلق مرشد إنشاء المجلدات؟ - ‮عطل: تعذّر عرض الترخيص. - ‮خارجي(!) - ‮أيّام - ‮ساعات - ‮دقائق - ‮ث - ‮افتح - ‮افصل - ‮أظهر ڤيراكربت - ‮اخفِ ڤيراكربت - ‮البيانات التي قُرأت منذ الوصل - ‮البيانات التي كُتِبت منذ الوصل - ‮الجزء المعمّى - ‮‪100%‬ (معمى بالكامل) - ‮‪0%‬ (غير معمى) - %.3f%% - 100% - ‮في الانتظار - ‮يجري التجهيز - ‮يجري التحجيم - ‮تجري التعمية - ‮يجري التظهير - ‮يجري الإتمام - ‮جُمِّد - ‮تمّ - ‮عُطل - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - ‮أدخل كلمة سرّ ‪%s‬ - Enter password for '%s' - ‮أدخل كلمة سرِّ المجلد العادي\\الخارجيّ - ‮أدخل كلمة سرِّ المجلد المخفي - ‮أدخل كلمة سر الترويسة المحفوظة في الملف - ‮أُنشئ ملف المفتاح بنجاح. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - ‮تنبيه: ترويسة هذا المجلد تالفة! ڤيراكربت تلقائيا النسخة الاحتياطية من الترويسة المضمَّنة في المجلد. ‮ ‮ينبغي إصلاح ترويسة المجلد باختيار 'أدوات' > 'استرجع ترويسة المجلد'. - ‮أُنشئت نسخة احتياطية من ترويسة المجلد بنجاح. ‮ ‮هام: استرجاع ترويسة الحجم من النسخة الاختياطية سيستعيد كذلك كلمة سر المجلد الحالية. إضافة إلى ذلك، إذا تطلب وصل المجلد ملفات مفاتيح، فإن ذات الملفات المفاتيح ستكون مطلوبة لوصل المجلد بعد استعادة ترويسته. ‮ ‮تنبيه:لا يمكن استخدام نسخة ترويسة المجلد الاحتياطية هذه إلا لاسترجاع ترويسة هذا المجلد بعينه. إذا استخدمتها لاستعادة ترويسة مجلد آخر فسيمكنك وصله إلا أنه لن يمكنك تظهير أية بيانات مخزنة فيه (لأنك ستكون قد غيّرت مفتاحه الرئيسي). - ‮استرجعت ترويسة المجلد بنجاح. ‮ ‮هام: لاحظ أنه قد تكون استعيدت كلمة سر سابقة كذلك. إضافة إلى ذلك، إذا تطلّب وصل المجلد ملفات مفاتيح فإن ذات الملفات المفاتيح ستكون مطلوبة لوصل المجلد حاليا. - ‮لدواعي الأمان سيكون عليك إدخال كلمة السر الصحيحة (و\\أو تقديم الملفات المفاتيح) التي تخصُّ. ‮ ‮ملاحظة: إن كان المجلد يحوي مجلدا مخفيا سيكون عليك أن تدخل كلمة السر الصحيحة (و\\أو تقديم الملفات المفاتيح) للمجلد الخارجي أولا. بعدها إن أردت حفظ نسخة احتياطية من ترويسة المجلد المخفي فسيكون عليك إدخال كلمة السر (و\\أو تقديم الملفات المفاتيح) للمجلد المخفي. - ‮أمتأكد أنك تريد حفظ نسخة احتياطية من ترويسة ‪%s‬؟ ‮ ‮بعد أن تنقر 'نعم' سيطلب من اسم ملف للترويسة الاحتياطية. ‮ ‮ملاحظة: كل من الترويستين العادية و المخفية سيعاد تعميتهما باستخدام بادئ جديد و حفظها في الملف. إن كان لا يوجد مجلد مخفي في هذا المجلد فإن المنطقة المخصصة لترويسة المجلد المخفي في الملف الاحتياطي ستملأ ببيانات عشوائية (لضمان حجية الإنكار). عند استعادة ترويسة مجلد من نسخة احتياطية فسيكون عليك إدخال كلمة السر الصحيحة (و\\أو تقديم الملفات المفاتيح) التي كانت صحيحة عندما حفظت الترويسة الاحتياطية. كلمة السر (و\\أو الملفات المفاتيح) هي ما سيحدد أي ترويسة يجب استرجاعها، اي العادية أو المخفية (لاحظ أن ڤيراكربت يكتشف ذلك عن طريق التجربة و الخطأ). - ‮أمتأكد أنك تريد استعادة ترويسة المجلد ‪%s‬؟ ‮ ‮تنبيه: استعادة ترويسة المجلد تستعيد كذلك كلمات السر التي كانت سارية عند إنشاء النسخة الاحتياطيّة. إضافة إلى ذلك، فإنه إن كان وصل المجلد - عندما أخذت النسخة الاحتياطية - يتطلب ملفات مفاتيح فإن ذات الملفات المفاتيح ستكون مطلوبة لوصل المجلد بعد استعادة ترويسته. ‮ ‮بعد أن تنقر 'نعم' ستختار ملف نسخة الترويسة الاحتياطية. - ‮هل يحوي المجلد مجلدا مخفيا؟ - ‮المجلد يحوي مجلدا مخفيا - ‮المجلد لا يحوي مجلدا مخفيا - ‮اختر نوع ترويسة المجلد الاحتياطية التي تريد: - ‮استرجع الترويسة من النسخة الاحتياطية المُضمَّنة في المجلد - ‮استرجع الترويسة من نسخة احتياطية في ملف خارجي - ‮حجم ملف ترويسة المجلد الاحتياطية غير صحيح. - ‮لا توجد نسخة ترويسة احتياطية مُضمَّنة في هذا المجلد (لاحظ أن المجلدات المنشأة بڤيراكربت ‪6.0‬ أو ما يليه وحدها تحوي نسخا احتياطية من الترويسة). - ‮تحاول حفظ ترويسة قسم\\نبيطة النظام؛ و هذا غير مسموح به. عمليات الحفظ\\الاسترجاع المتعلقة بقسم\\نبيطة النظام لا يمكن أداؤها إلا باستخدام قرص إنقاذ ڤيراكربت. ‮ ‮أتريد إنشاء قرص إنقاذ ڤيراكربت؟ - ‮تحاول استرجاع ترويسة مجلد ڤيراكربت افتراضي إلا أنك اخترت قسم\\نبيطة النظام؛ و هذا غير مسموح به. عمليات الحفظ\\الاسترجاع المتعلقة بقسم\\نبيطة النظام لا يمكن أداؤها إلا باستخدام قرص إنقاذ ڤيراكربت. ‮ ‮أتريد إنشاء قرص إنقاذ ڤيراكربت؟ - ‮بعد أن تنقر 'موافق' فستختار اسم ملف لصورة ‪ISO‬ الجديدة لقرص إنقاذ ڤيراكربت و موضع حفظها. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - ‮أدخل قرص إنقاذ ڤيراكربت في سواقة أقراص سي‌دي/دي‌ڤي‌دي و انقر 'موافق' لفحصه. - ‮تم بنجاح التحقق من سلامة قرص إنقاذ ڤيراكربت. - ‮تعذّر توكيد أن قرص إنقاذ ڤيراكربت قد تم تسجيله كما ينبغي. ‮ ‮إن كنت أتممت التسجيل على هذا القرص فأخرجه من السواقة ثم أعد إدخاله و اختبره مجددا. إن لم تنحل المشكلة فجرب برمجية تسجيل أقراص أخرى أو/و قرصا آخر. ‮ ‮إن كنت تحاول فحص قرص إنقاذ ڤيراكربت أُنشئ لأجل مفتاح رئيسي آخر أو بكلمة سر أو بذرة مختلفة، إلخ، فاعلم أن هذا القرص سيفشل دوما في هذا الفحص. لتنشئ قرص إنقاذ جديد متوافق مع إعداداتك الحالية اختر 'نظام' > 'أنشئ قرص إنقاذ'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - ‮عطل إثناء إنشاء قرص إنقاذ ڤيراكربت. - ‮لا يمكن إنشاء قرص إنقاذ ڤيراكربت في نظام تشغيل مخفي عامل. ‮ ‮لإنشاء قرص إنقاذ ڤيراكربت أقلع نظام التشغيل التمويهي ثم اختر 'نظام' > 'أنشئ قرص إنقاذ'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - ‮افصل المجلد قبل الاستمرار. - ‮عطل: تعذّر شبط المؤقِّت. - ‮افحص نظام الملفات - ‮أصلح نظام الملفات - Add to Favorites... - Add to System Favorites... - P&roperties... - ‮تمت حماية المجلد المخفي - ‮غير متاح - ‮نعم - ‮لا - Disabled - ‮واحدة - ‮اثنتين أو أكثر - ‮طور التشغيل - ‮العنوان: - ‮الحجم: - ‮المسار: - ‮حرف السواقة: - ‮عُطل: يجب أن تتألف كلمة السر من محارف أسكي (‪ASCII‬) حصرا. ‮ ‮غير محارف أسكي (‪non-ASCII‬) قد تجعل من غير الممكن وصل المجلد عندما تتغير إعدادات نظامك. ‮ ‮المحارف التالية مسموح بها: ‮ ‮ ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; > = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\\\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - ‮تنبيه: تضم كلمة السر غير محارف أسكي (‪non-ASCII‬). قد يجعل هذا من غير الممكن وصل المجلد عندما تتغير إعدادات نظامك. ‮ ‮ينبغي أن تستبدل كل المحارف غير أسكي في كلمة السر بمحارف أسكي. لتفعل هذا، انقر 'المجلدات' -> 'غير كلمة سر المجلد'. ‮ ‮المحارف التالية مسموح بها: ‮ ‮ ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; > = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\\\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - ‮الموقع على الوب - ‮تحذير: يبدو أنك لم تُثَبِّت حزمة الخدمة لتنصيبة ويندوز هذه. ينبغي ألا تكتب على أقراص ‪IDE‬ أكبر من 128 جيجابايت في ويندوز إكس‌بي دون حزمة الخدمة 1 (‪Service Pack 1‬) أو ما يليها! إذا فعلت هذا فقد تتلف البيانات على القرص (سواء كان مجلد ڤيراكربت أم لا). لاحظ أن هذا قصور في ويندوز وليس علّة في ڤيراكربت. - ‮تحذير: يبدو أنك لم تُثَبِّت حزمة الخدمة 3 (‪Service Pack 3‬) لتنصيبة ويندوز هذه. ينبغي ألا تكتب على أقراص ‪IDE‬ أكبر من ‪128‬ جيجابايت في ويندوز ‪2000‬ دون حزمة الخدمة 3 (‪Service Pack 3‬) أو ما يليها. إذا فعلت هذا فقد تتلف البيانات على القرص (سواء كان مجلد ڤيراكربت أم لا). لاحظ أن هذا عيب في ويندوز وليس علّة في ڤيراكربت. ‮ ‮ملاحظة: قد تحتاج كذلك إلى تفعيل دعم ‪48-bit LBA‬ في السِّجل؛ للمزيد من المعلومات راجع ‪http://support.microsoft.com/kb/305098/EN-US‬ - ‮تحذير: دعم ‪48‬-بتة ‪LBA ATAPI‬ مُعطَّل في نظامك. لذا يجب ألا تكتب على أقراص ‪IDE‬ أكبر من ‪128‬ جيجابايت. إذا فعلت هذا قد تتلف البيانات على القرص (سواء كان مجلد ڤيراكربت أم لا). لاحظ أن هذا عيب في ويندوز وليس علّة في ڤيراكربت. ‮ ‮لتفعيل دعم ‪LBA ATAPI‬ ‪48‬-بتة أضف قيمة السجل '‪EnableBigLba‬' في مفتاح السجل ‪HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Services\\\\atapi\\\\Parameters‬ واضبطه على 1. ‮ ‮لمزيد من المعلومات راجع ‪http://support.microsoft.com/kb/305098‬ - ‮عُطل: الملفات الأكبر من 4 جيجابايتات لا يمكن حفظها في نظام ملفات ‪FAT32‬، لذا فمجلدات ڤيراكربت المستضافة في ملفات (حاويات) محفوظة في نظام ملفات ‪FAT32‬ لا يمكن أن تكون أكبر من 4 جيجابايتات. ‮ ‮إن أردت حجما أكبر للمجلد فأنشئه في نظام ملفات ‪NTFS‬ (أو إن كنت تستخدم ويندوز فسبا ‪SP1‬ أو ما بعدها ففي نظام ملفات ‪exFAT‬) أو بدلا من إنشاء مجلد مستضاف في ملف عمّ قسما بكامله أو نبيطة. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - ‮تحذير: إن كنت تنوي إضافة مزيد من الملفات\\البيانات في المجلد الخارجي مستقبلا فربما عليك الأخذ في الاعتبار اختيار حجم أصغر للمجلد المخفي. ‮ ‮أمتأكد أنك تريد الاستمرار بالحجم الذي عيَّنته؟ - ‮لم تختر أي مجلد. ‮ ‮انقر 'اختر نبيطة' أو 'اختر ملفا' لتختار مجلد ڤيراكربت. - ‮لم يُختر أي قسم. ‮ ‮انقر 'اختر نبيطة' لتختار قسما مفصولا يتطلب عادة استيثاق ما قبل الإقلاع (مثل قسمٍ على سواقة النظام المعمّاة لنظام تشغيل آخر غير عامل أو قسم النظام لنظام تشغيل آخر). ‮ ‮ملاحظة: القسم المختار سيوصل كمجلد ڤيراكربت عادي دون استيثاق ما قبل الإقلاع. هذا مفيد للنسخ الاحتياطي أو لعمليات الإصلاح. - ‮تنبيه: إن كانت ملفات مفاتيح مبدئية قد ضُبطت و فُعلِّت فإن المجلدات التي لا تستخدم تلك الملفات المفاتيح لن يمكن وصلها. لذا فبعد أن تفعِّل الملفات المفاتيح المبدئية خذ في الاعتبار أن تزيل تأشير 'استخدم الملفات المفاتيح' (أسفل حقل إدخال كلمة السر) كلما عزمت وصل مثل تلك المجلدات. ‮ ‮ أمتأكد أنك تريد حفظ الملفات المفاتيح\\المسارات المختارة كمبدئية؟ - ‮أوصل النبائط تلقائيا - ‮افصل الكل - ‮امحُ الذّاكرة المخبئية - Dismount All & Wipe Cache - ‮أجبر فصل الكل و امحُ الذّاكرة المخبئية - ‮أجبر فصل الكل و امحُ الذّاكرة المخبئية و اخرج - ‮أوصل المجلدات المفضّلة - ‮أظهر/اخف نافذة ڤيراكربت الرئيسية - ‮(انقر هنا و اضغط زرا) - ‮إجراء - ‮اختصار - ‮عُطل: هذا الاختصار محجوز. اختر اختصارًا آخر. - ‮عُطل: الاختصار مستخدم بالفعل. - ‮تنبيه: لن يعمل واحد أو أكثر من أزرار اختصارات ڤيراكربت على مستوى النظام! ‮ ‮تحقق من أن أيا من التطبيقات الأخرى و نظام التشغيل لا يستخدم اختصارات ڤيراكربت ذاتها. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - ‮منع عُطلٌ أو عدمُ توافقية ڤيراكربت من تعمية ملف السبات، لذا فقد عُطل السبات. ‮ ‮ملاحظة: عندما يسبت حاسوب (أو يدخل طور توفير الطاقة) فإن محتويات ذاكرة النظام تحفظ في ملف تخزين للسبات يوجد على سواقة النظام. لا يمكن لتروكربيت أن يحول دون حفظ مفاتيح التعمية و محتويات الملفات الحساسة المفتوحة في الذاكرة إلى ملف السبات غير معماة. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - ‮تحذير: إذا عُطِّل هذا الخيار فلن يمكن تلقائيا فصل المجلدات التي تحوي ملفات\\أدلة مفتوحة. ‮ ‮أمتأكد أنك تريد تعطيل هذا الخيار؟ - ‮تنبيه: المجلدات التي تحوي ملفات\\أدلة مفتوحة لن تُفصل تلقائيا. ‮ ‮للحول دون هذا فعّل الخيار التالي في نافذة الحوار هذه: 'أجبر الفصل التلقائي حتى إذا حوى المجلد ملفات أو أدلة مفتوحة' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - ‮كنت قد جدولت صيرورة تعمية قسم\\مجلد، و لم تتم تلك الصيرورة. ‮ ‮أتريد معاودة الصيرورة الآن؟ - ‮كنت قد جدولت صيرورة تعمية أو تظهير قسم\\سواقة النظام، إلا أن هذه الصيرورة لم تتم بعد. ‮ ‮أتريد معاودة الصيرورة الآن؟ - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption/decryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption/decryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - ‮كنت قد جدولت صيرورة تعمية أو تظهير قسم\\سواقة النظام، إلا أن استيثاق ما قبل الإقلاع فشل (أو تم تخطيه). ‮ ‮ملاحظة: إن ظهَّرت قسم\\سواقة النظام في بيئة ما قبل الإقلاع فإنك قد تحتاج إلى إتمام الصيرورة باختيار 'نظام' > 'ظهّر نهائيا قسم\\سواقة النظام' من قائمة نافذة ڤيراكربت الرئيسية. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - ‮أخرج؟ - ‮ليس لدى ڤيراكربت معلومات تكفي لتحديد ما إن كان المطلوب التعمية أو التظهير. - ‮ليس لدى ڤيراكربت معلومات تكفي لتحديد ما إن كان المطلوب التعمية أو التظهير. ‮ ‮ملاحظة: إن ظهّرت قسم\\نبيطة النظام في بيئة ما قبل الإقلاع فإن قد تحتاج إلى إتمام الصيرورة بنقر 'ظهّر'. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - ‮أتريد مقاطعة و تأجيل صيرورة تعمية القسم\\المجلد؟ ‮ ‮ملاحظة: راع أنه لا يمكن وصل المجلد حتى تمام تعميته. سيطون بوسعك معاودة صيرورة التعمية من حيث توقفت. يمكنك عمل ذلك باختيار 'مجلدات' > 'عاود الصيرورة المقاطعة' من القائمة في نافذة ڤيراكربت الرئيسية. - ‮أتريد مقاطعة و تأجيل صيرورة تعمية قسم\\نبيطة النظام؟ ‮ ‮ملاحظة: سيكون بوسعك معاودة الصيرورة و ستواصل من حيث توقفت. يمكنك عمل ذلك باختيار 'نظام' > 'عاود الصيرورة المقاطعة' من قائمة نافذة ڤيراكربت الرئيسية. إن كنت تريد إنهاء أو عكس صيرورة التعمية فاختر 'نظام' > 'ظهّر نهائيا قسم\\نبيطة النظام'. - ‮أتريد مقاطعة و تأجيل صيرورة تظهير قسم\\نبيطة النظام؟ ‮ ‮ملاحظة: سيكون بوسعك معاودة الصيرورة و ستواصل من حيث توقفت. يمكنك عمل ذلك باختيار 'نظام' > 'عاود الصيرورة المقاطعة' من قائمة نافذة ڤيراكربت الرئيسية. إن كنت تريد عكس صيرورة التظهير (أي بدء التعمية) فاختر 'نظام' > 'عمِّ قسم\\نبيطة النظام'. - ‮عطل: تعذّرت مقاطعة صيرورة تعمية/تظهير قسم\\سواقة النظام. - ‮عطل: تعذَّرت مقاطعة صيرورة المحو. - ‮عطل: تعذّرت معاودة صيرورة تعمية/تظهير قسم\\سواقة النظام. - ‮عطل: تعذَّر بدء صيرورة المحو. - ‮تم حل عدم الاتساق. ‮ ‮ ‮(إن أبلغت عن علة بهذا الشأن فرجاءً ضمِّن البيانات التقنية التالية في البلاغ: ‪%hs‬) - ‮عطل: حالة غير متوقعة. ‮ ‮ ‮(إن أبلغت عن علة ذات علاقة بهذا فرجاء ضمِّن التقرير البيانات التقنية التالية: ‮‪%hs‬) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - ‮تحذير: عُطِّلت مهمة ڤيراكربت الخلفية. بعد أن تغلق ڤيراكربت لن تُبلغ إن أحيل دون تلف في مجلد مخفي ‮ ‮ملاحظة: يمكنك إغلاق المهمة الخلفية في أي وقت بالنقر باليمين على أيقونة ڤيراكربت في اللوحة و اختيار 'اخرج'. ‮ ‮أأفعِّل مهمة ڤيراكربت الخلفية؟ - ‮إصدارة حزمة اللغة: ‪%s‬ - ‮يجري فحص نظام الملفات في مجلد ڤيراكربت الموصول معرفا بالحرف ‪%s‬… - ‮تجري محاولة إصلاح نظام الملفات في قسم ڤيراكربت الموصول معرفا بالحرف ‪%s‬… - ‮تحذير: عُمِّي هذا المجلد بخوارزمية تعمية عتيقة. ‮ ‮كل خوارزميات التعمية لكتل ‪64‬ بتة (مثل ‪Blowfish‬، و ‪CAST-128‬، و ‪Triple DES‬) قد ألغيت. سيظل من الممكن وصل هذا المجلد باستخدام الإصدارات المستقبلية من ڤيراكربت لكن لن تكون هناك أية تحسينات في تطبيق تلك الخوارزميات العتيقة. ننصحك بأن تنشئ مجلد ڤيراكربت جديد مُعمّى بخوارزمية كتلة ‪128‬ بتة (مثل ‪AES‬، و ‪Serpent‬، و ‪Twofish‬، الخ…) و أن تنقل كل الملفات من هذا المجلد إلى المجلد الجديد. - ‮نظامك ليس مضبوطا ليوصِّل المجلدات الجديدة تلقائيا. قد يتعذَّر وصل مجلدات ڤيراكربت المستضافة في نبائط. يمكن تفعيل الوصل الآلي بتنفيذ الأمر التالي ثم إعادة تشغيل النظام. ‮ ‮‪mountvol.exe /E‬ - ‮خصِّص حرفا للقسم\\النبيطة قبل المواصلة ('لوحة التحكم' > 'النظام و الإدارة' > 'أدوات الإدارة' - 'أنشئ و هيء أقسام القرص الصلب'). ‮ ‮لاحظ أن هذا من متطلبات النظام. - ‮أوصل مجلد ڤيراكربت - ‮افصل كل مجلدات ڤيراكربت - ‮فشل ڤيراكربت في الحصول على صلاحيات الإدارة. - ‮منع النظامُ النفاذ. ‮ ‮السبب المحتمل: يتطلب النظام أن تكون لديك صلاحية القراءة\\الكتابة (أو صلاحية الإدارة) لأدلة و ملفات و نبائط معينة ليُسمح لك بقراءة و كتابة بيانات إليها/منها. عادة ما يُسمح للمستخدم دون صلاحيات الإدارة أن يُنشئ و يقرأ و يعدل الملفات في دليل الوثائق الخاص به. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - ‮يتطلب مُحمِّل إقلاع ڤيراكربت ما لا يقل عن 32 كيلوبايت من المساحة الشاغرة في بداية سواقة النظام (حيث ينبغي تخزين مُحمِّل الإقلاع). للأسف لا تلبي هذه السواقة ذاك الشرط. ‮ ‮رجاءً لا تبلغ عن هذا كعلة\\مشكلة في ڤيراكربت. لحل هذه المشكلة سيكون عليك إعادة تقسيم القرص و ترك أول 32 كيلوبايت من القرص شاغرة (في الأغلب ستضطر إلى حذف و إعادة إنشاء القسم الأول). نوصي باستخدام أداة ميكروسوفت لإدارة الاقسام المتاحة عند تنصيب ويندوز. - ‮هذه الخاصية غير مدعومة في هذه الإصدارة من نظام التشغيل الذي تيتخدمه حاليا. - ‮لا يدعم ڤيراكربت تعمية قسم\\سواقة النظام في هذه الإصدارة من نظام التشغيل الذي تستخدمه. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - ‮لسواقة النظام جدول أقسام معتمد على ‪GUID‬ (‪GPT‬). حاليا السواقات ذات جداول الأقسام من نوع ‪MBR‬ وحدها المدعومة. - ‮تنبيه: مُحمِّل إقلاع ڤيراكربت منصّب بالفعل في سواقة النظام! ‮ ‮ربما يوجد نظام تشغيل آخر مُعمّى بالفعل. ‮ ‮تحذير: مواصلة تعمية النظام العامل حاليا قد يجعل من غير الممكن تشغيل النظم الأخرى أو النفاذ إلى بياناتها. ‮ ‮أمتأكد أنك تريد المواصلة؟ - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - ‮مُحمِّل النظام الأصلي لن يُحفظ على قرص الإنقاذ (سبب محتمل: ملف محفوظة مفقود). - ‮تعذّرت كتابة قطاع ‪MBR‬. ‮ ‮ربما كان ‪BIOS‬ مضبوطا بحيث يحمي قطاع ‪MBR‬. تَفَحَّص تضبيطات ‪BIOS‬ المتعلقة بحماية ‪MBR‬ أو مضاد الفيروسات (بضغط ‪F2‬ أو ‪delete‬ أو ‪Esc‬ بعد تشغيل الحاسوب). - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - ‮ملاحظة: في بعض الحالات قد ترغب في منع شخص (خصم) يراقبك و أنت تشغل الحاسوب من معرفة أنك تستخدم ڤيراكربت. الخيارات في الأعلى تمكنك من هذا بطريق تطويع شاشة مُحمِّل إقلاع ڤيراكربت. إن فعَّلت الخيار الأول فلن يُظهر مُحمِّل الإقلاع أية نصوص (و لا حتى عندما تدخل كلمة السر)، و سيبدو أن الحاسوب متجمد في حين سيكون بوسعك إدخال كلمة السر. إضافة إلى ذلك يمكن عرض رسالة مطوعة لتضليل الخصم؛ كرسالة خطأ زائفة مثل "لا يوجد نظام تشغيل" (و هي التي يعرضها عادة مُحمِّل إقلاع ويندوز إذا لم يجد قسم إقلاع ويندوز). لكن من المهم ملاحظة أنه إذا كان بوسع الخصم تحليل محتويات سواقة الأقراص فسيكون بوسعه معرفة أنه يحوي مُحمِّل إقلاع ڤيراكربت. - ‮تحذير: راع أنك إن فعَّلت هذا الخيار فإن مُحمِّل إقلاع ڤيراكربت لن يعرض أية نصوص (و لا حتى عندما تدخل كلمة السر)، و سيبدو أن الحاسوب "متجمدا" (لا يستجيب) في حين سيمكنك إدخال كلمة السر (لن تتحرك المشيرة و لن تظهر نجمات عندما تضغط المفاتيح). ‮ ‮أمتأكد أنك تريد تفعيل هذا الخيار؟ - ‮يبدو أن قسم\\سواقة النظام مُعمّاة بالكامل. - ‮لا يدعم ڤيراكربت تعمية سواقة نظام سبق تحويلها إلى قرص ديناميَ. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - ‮هل تريد تعمية قسم النظام بدلا من السواقة كلها؟ ‮ ‮لاحظ أنه بوسعك إنشاء مجلدات ڤيراكربت مستضافة في أي قسم لا يخص النظام على السواقة (إضافة إلى تعمية قسم النظام). - ‮حيث أن نظامك يحوي قسما واحدا يَشغَل السواقة بكاملها يفضل (و هو أكثر أمنا) أن تعمي السواقة بكاملها بما في ذلك المساحة المهملة التي عادة ما تحيط بمثل هذا القسم. ‮ ‮أتريد تعمية سواقة النظام بكاملها؟ - ‮نظامك مضبوط بحيث يحفظ ملفات مؤقتة في غير قسم النظام. ‮ ‮الملفات المؤقتة ينبغي حفظها في قسم النظام. - ‮ملفات حسابات المستخدمين محفوظة في غير قسم النظام. ‮ ‮ينبغي حفظ ملفات حسابات المستخدمين في قسم النظام. - ‮يوجد ملف مبادلة أو أكثر في غير قسم النظام. ‮ ‮ملفات المبادلة ينبغي حفظها في قسم النظام. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - ‮ و إلا فإن حجية إنكار وجود نظام التشغيل المخفي قد تضعف بشدة. ‮ ‮ملاحظة: إن حلل خصم محتوى تلك الملفات (الموجودة في غير قسم النظام) فإنه قد يكتشف مثلا أنك استخدمت هذا المرشد في طور إنشاء نظام مخفي (و هو ما قد يشير إلى وجود نظام تشغيل مخفي في الحاسوب). لاحظ كذلك أن تلك الملفات إن حزنت في قسم النظام سنمحا تلقائيا بواسطة ڤيراكربت أثناء صيرورة إنشاء نظام التشغيل المخفي. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - ‮تحذير: توجد مساحة غير مخصصة بين قسم النظام و القسم الذي يليه. بعد إنشاء نظام التشغيل المخفي ينبغي ألا تنشئ أية أقسام جديدة في هذه المساحة غير المخصصة و إلا فلن يمكن إقلاع نظام التشغيل (حتى تحذف تلك الأقسام المنشأة حديثا). - ‮هذه الخوارزمية ليست مدعومة حاليا لتعمية النظام. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - ‮لا يمكن حاليا استخدام الملفات المفاتيح عند تعمية النظام. - تنبيه: تعذَّر على ڤيراكربت استعادة النسق الأصلي للوحة المفاتيح مما قد يؤدي إلى أن تُدخلَ كلمة السر على نحو غير صحيح. - ‮عطل: تعذّر ضبط هيئة لوحة المفاتيح لڤيراكربت إلى التوزيع القياسي للولايات المتحدة. ‮ ‮لاحظ أن كلمة السر يجب أن تدخل في بيئة ما قبل الإقلاع (قبل أن يبدأ ويندوز) حيث لا يتاح سوى لوحات مفاتيح ويندوز الولايات المتحدة. لذا يجب أن تدخل كلمة السر دوما باستخدام هيئة لوحة مفاتيح الولايات المتحدة القياسية. - ‮حيث أن ڤيراكربت قد غير هيئة لوحة المفاتيح إلى الهيئة القياسية في الولايات المتحدة فليس ممكنا إدخل محارف بطريق ضغط الأزرار مع زر ‪Alt‬. مع هذا يمكنك إدخال معظم تلك المحارف بطريق ضغط المفتاح المناسب مع مفتاح ‪Shift‬. - ‮حال ڤيراكربت دون تغيير هيئة لوجة المفاتيح. - ‮ملاحظة: ستحتاج إلى أن تدخل كلمة السر في بيئة ما قبل الإقلاع (قبل أن يبدأ ويندوز) حيث لا يتاح سوى لوحات مفاتيح ويندوز الولايات المتحدة. لذا يجب أن تدخل كلمة السر دوما باستخدام هيئة لوحة مفاتيح الولايات المتحدة القياسية. لكن لاحظ أنك لا تحتاج إلى لوحة مفاتيح حقيقية على هيئة الولايات المتحدة إذا أن ڤيراكربت يتحقق من أن كلمة السر يمكن إدخالها كما ينبغي (الآن و في بيئة قبل الإقلاع) حتى لو لم تكن لديك لوحة مفاتيح حقيقية على هيئة الولايات المتحدة. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - ‮تحذير: إن كنت أنشأت بالفعل قرص إنقاذ ڤيراكربت فيما مضى فاعلم أنه لا يمكن استخدامه لقسم\\سواقة النظام هذه لأنه أنشئ لمفتاح رئيسي مختلف! في كل مرة تعمّي قسم\\سواقة نظام ينبغي إنشاء قرص إنقاذ ڤيراكربت حديث لها حتى إذا استخدمت كلمة السر ذاتها. - ‮عطل: تعذّر حفظ تضبيطات تعمية النظام. - ‮تعذّر استبداء الاختبار المبدئي لتعمية النظام. - ‮تعذَّر استبداء صيرورة إنشاء نظام التشغيل المخفي. - ‮طور المحو - ‮في بعض أنواع وسائط التخزين عندما تطمس البيانات ببيانات أخرى فقد يكون من الممكن استرجاع البيانات المطموسة باستخدام تقنيات مثل مجاهير الطاقة المغناطيسية. ينطبق هذا كذلك على البيانات التي تنطمس بنسخ معماة منها (و هو ما يحدث عندما يعمّي ڤيراكربت قسما غير معمّى أو سواقة). طبقا لبعض الدراسات و المنشورات الحكومية فإن استرجاع البيانات قد يمكن الحول دونه (أو تصعيبه) بطمس البيانات ببيانات شبه عشوائية و بيانات عشوائية بعدد معين من المرات. لذا إن كنت تعتقد أن خصمك قد يلجأ لمثل تلك الأساليب لاسترجاع البيانات التي تنوي تعميتها فقد تحب اختيار أحد أطوار المحو (البيانات الحالية لن تفقد). لاحظ أن المحو لا يمكن إجراؤه بعد تعمية القسم\\السواقة. عندما تم تعمية القسم\\السواقة فلن تكتب أية بيانات غير معماة إليها. كل البيانات التي تكتب إليها تعمى أولا لحظيا في الذاكرة ثم تكتب هذه البيانات المعماة على القرص. - ‮في بعض أنواع وسائط التخزين عندما تطمس البيانات ببيانات أخرى (مثلا عند حذف البيانات) فقد يكون من الممكن استرجاع البيانات المطموسة باستخدام تقنيات مثل مجاهير الطاقة المغناطيسية. طبقا لبعض الدراسات و المنشورات الحكومية فإن استرجاع البيانات قد يمكن الحول دونه (أو تصعيبه) بطمس البيانات ببيانات شبه عشوائية و بيانات عشوائية بعدد معين من المرات. لذا إن كنت تعتقد أن خصمك قد يلجأ لمثل تلك الأساليب لاسترجاع البيانات التي ستحذف فقد تحب اختيار أحد أطوار المحو عديدة المرات. لاحظ أنه كلما زادت مرات المحو ازدادت المدة المطلوبة لإتمام لمحو البيانات. - ‮المحو - \nn‮ملاحظة: تمكن مقاطعة صيرورة المحو و إطفاء الحاسوب ثم تشغيل النظام المخفي مجددا و معاودة الصيرورة (هذا المرشد سيشتغل تلقائيا). لكن إن قوطعَت الصيرورة فإنه سيتوجب بدؤها من جديد. - \nn‮ ‮ملاحظة: إن قوطعت صيرورة المحو ثم عوودت فإن الصيرورة ستتوجب إعادة بدئها من جديد. - ‮أتريد إجهاض صيرورة المحو؟ - ‮تحذير: كل محتويات القسم\\النبيطة المختارة ستُمحى و تُفقد. - ‮كل محتويات القسم الذي فيه النظام الأصلي ستُمحى. ‮ ‮ملاحظة: كل محتويات القسم الذي سيُمحى قد تم نسخها إلى قسم النظام المخفي. - ‮تنبيه: لاحظ أنه مثلا عند اختيار طور المحو ذي المرات الثلاث فإن الزمن المطلوب لتعمية القسم\\السواقة سيزيد أربع مرات. كذلك إن اخترت طور المحو ذي ‪35‬ مرة فإن المدة سيكون أطول ‪36‬ مرة (و قد يستغرق عدة أسابيع). ‮ ‮لكن لاحظ أن المحو لا يمكن إجراؤه بعد تمام تعمية القسم\\السواقة. فبعد تعمية القسم\\السواقة لن تكتب إليه أية بيانات غير معمّاة. كل البيانات التي تكتب إليه ستعمى أولا لحظيا في الذاكرة قبل أن تكتب إلى القرص (لذا فإن الأداء لن يتأثر). ‮ ‮أمتأكد أنك تريد استخدام طور المحو؟ - ‮بلا (الأسرع) - ‮مرة واحدة (بيانات عشوائية) - ‮3 مرّات (‪US DoD 5220.22-M‬) - ‮7 مرّات (‪US DoD 5220.22-M‬) - ‮‪35‬ مرة (Gutmann) - ‮‪256‬ مرة - ‮عدد نظم التشغيل - ‮تحذير: ينبغي ألا يعمي المستخدمون غير ذوي الخبرة ويندوز في التجهيزات عديدة الإقلاع. ‮ ‮أأواصل؟ - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - ‮سواقة الإقلاع - ‮هل نظام التشغيل العامل حاليا منصّب على سواقة الإقلاع؟ ‮ ‮ملاحظة: أحيانا لا يكون ويندوز منصّبا على ذات السواقة التي عليها مُحمِّل إقلاع ويندوز (قسم الإقلاع). إن كان هذا هو الحال، انقر 'لا'. - ‮لا يدعم ڤيراكربت حاليا تعمية نظام تشغيل لا يُقلع من السواقة التي هو منصّب عليها. - ‮عدد سواقات النظام - ‮كم سواقة تحوي نظام تشغيل؟ ‮ ‮ملاحظة: مثلا إن كان أي من نظم التشغيل (مثل: ويندوز أو ماك أوإس أو لينكس، إلخ) مُنَصَّبا على السواقة الرئيسية و توجد أي نظم تشغيل إضافية منصّبة على السواقة الثانوية فاختر 'اثنتين أو أكثر'. - ‮لا يدعم ڤيراكربت حاليا تعمية السواقة بكاملها إن كانت تحوي عدة نظم تشغيل. ‮ ‮حلول ممكنة: ‮ ‮- لا يزال بوسعك تعمية أحد النظم إن رجعت لخيار تعمية قسم نظام واحد (بدلا من خيار تعمية سواقة النظام بكاملها). ‮ ‮- أو يمكنك تعمية السواقة بكاملها إن نقلت النظم الأخرى إلى سواقات أخرى تاركا نظاما واحدا و حسب على السواقة التي تريد تعميتها. - ‮عدة نظم على سواقة واحدة - ‮هل توجد نظم تشغيل أخرى منصّبة على السواقة المنصّب عليها نظام التشغيل العامل حاليا؟ ‮ ‮ملاحظة: مثلا إن كان نظام التشغيل العامل حاليا منصّبا على السواقة رقم 0 و التي تحوي عدة أقسام، و إذا كان أحد تلك الأقسام يحوي ويندوز و قسم آخر يحوي أي نظام تشغيل آخر (مثلا: ويندوز أو ماك أوإس أو لينكس، إلخ) فاختر 'نعم'. - ‮مُحمِّل إقلاع غير ويندوز - ‮هل سجل الإقلاع الرئيسي ‪MBR‬ منصب فيه مُحمِّل إقلاع لغير ويندوز (أو مدير إقلاع ما)؟ ‮ ‮ملاحظة: مثلا، إن كان المسار الأول لسواقة الإقلاع يحوي ‪GRUB‬ أو ‪LILO‬ أو ‪XOSL‬ أو محمل إقلاع أو مدير إقلاع لا يخص ويندوز، فانقر 'نعم'. - ‮عديد الإقلاع - ‮لا يدعم ڤيراكربت حاليا التجهيزات عديدة الإقلاع المنصّب فيها مُحمِّل إقلاع غير الذي يخصُّ ويندوز في سجّل الإقلاع الرئيسي. ‮ ‮الحلول الممكنة: ‮ ‮- إن كنت تستخدم مدير إقلاع لإقلاع كل من ويندوز و لينكس فانقل مدير الإقلاع (عادة هو ‪GRUB‬) من سِجِّل الإقلاع الرئيسي إلى قسمٍ. ثم شغل هذا المرشد مجددا و عمِّ قسم\\سواقة النظام. لاحظ أن مُحمِّل إقلاع ڤيراكربت سيصبح هو مدير الإقلاع الرئيسي و أنه سيسمح لك بتشغيل مدير الإقلاع الأصلي (مثلا: ‪GRUB‬) كمدير إقلاع ثانوي (بضغط ‪Esc‬ في شاشة محمِّل إقلاع ڤيراكربت) و بهذا سيمكنك تشغيل لينكس. - ‮إن كان نظام التشغيل العامل حاليا منصبا في قسم الإقلاع فسيتوجب عليك بعد تعميته أن تدخل كلمة السر الصحيحة حتى إن أردت تشغيل أي نظام ويندوز آخر غير معمى (لأنها ستتشارك جميعها في مُحمِّل إقلاع وحيد معمى). ‮ ‮على العكس من ذلك إن كان نظام التشغيل العامل حاليا ليس منصبا في قسم الإقلاع (أو إن كان مُحمِّل إقلاع ويندوز لا يستخدمه أي نظام تشغيل آخر) فإنك بعد تعمية هذا النظام لن تضطر إلى إدخال كلمة السر الصحيحة لإقلاع نظم التشغيل الأخرى غير المعماة. لن يكون عليك سوى ضغط مفتاح ‪Esc‬ لبدء النظام غير المعمى (إن وجد أكثر من نظام غير معمّى فسيمكنك اختيار أيها يقلع من قائمة مدير إقلاع ڤيراكربت). ‮ ‮ملاحظة: عادة ما يُنصَّب أوّل نظام ويندوز يُنصَّب في قسم الإقلاع. - ‮تعمية المنطقة المحمية المضيفة - ‮في آخر عديد من السواقات توجد منطقة عادة ما تكون محجوبة عن نظام التشغيل (يشار إليها بالمناطق المحمية من المضيف)، إلا أن بعض البرمجيات يمكنها القراءة و الكتابة في تلك المناطق. ‮ ‮تحذير: يستخدم بعض مصنِّعو الحواسيب تلك المناطق لتخزين أدوات و بيانات لمصفوفات RAID أو لاسترجاع النظام أو لتجهيز النظام أو الفحص أو لأغراض أخرى. إن توجَّب النفاذ إلى أي من تلك الأدوات قبل الإقلاع فإن المنطقة المحجوبة يجب ألا تعمى (اختر 'لا' في الأعلى). ‮ ‮أتريد من ڤيراكربت أن يتحسس و يعميّ تلك المنطقة (إن وجدت) التي في آخر سواقة النظام؟ - ‮نوع تعمية النظام - ‮اختر هذا إن كنت تريد تعمية قسم النظام أو سواقة النظام بكاملها. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - ‮نظام التشغيل المخفي - ‮في الخطوات التالية ستنشئ مجلدَي ڤيراكربت (خارجي و مخفي) في القسم الأول التالي لقسم النظام. القسم المخفي سيحوي نظام التشغيل المخفي. سينشئ ڤيراكربت النظام المخفي بنسخ محتويات قسم النظام (حيث يوجد نظام التشغيل العامل حاليا) إلى المجلد المخفي. في المجلد الخارجي ستَنسَخ بعض الملفات التي تبدو حسّاسة لكنك لا تهتم حقا بإخفائها، و ستكون بمثابة تمويه لمن يجبرك على الإفصاح عن كلمة سر النظام المخفي، إذ يمكنك عندها الكشف عن كلمة سر المجلد الخارجي الموجود في قسم نظام التشغيل المخفي (و سيبقى وجود نظام التشغيل المخفي سريا). ‮ ‮و أخيرا ستنصِّب في قسم النظام العامل حاليا نظام تشغيل يسمى النظام التمويهي و تعمِّيَه، و يجب ألا يحوي أية بيانات حساسة و سيكون لتمويه من يجبرك على الكشف عن كلمة سر استيثاق ما قبل الإقلاع. في المجمل ستوجد ثلاث كلمات سرّ، اثنتان منها يمكن الكشف عنهما (النظام التمويهي، و المجلد الخارجي)؛ لكن إن أدخلت الثالثة فسيشتغل نظام التشغيل المخفي. - ‮يجري تحسس القطاعات المخفية - ‮انتظر حتى يتحسس ڤيراكربت وجود قطاعات مخفية في آخر سواقة النظام. لاحظ أن هذا قد يستغرق وقتا طويلا ليتم. ‮ ‮ملاحظة:في بعض الحالات النادرة و في بعض الحواسيب قد يصبح النظام غير مستجيب أثناء صيرورة التحسس. إن حدث هذا فأعد تشغيل الحاسوب و شغِّل ڤيراكربت و أعد الخطوات السابقة مع تجاوز هذه الخطوة. لاحظ أن هذا لا تسببه علة في ڤيراكربت. - ‮المنطقة التي ستُعمَّى - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - ‮يجري جمع العشوائية - ‮تم توليد المفاتيح - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - ‮يجري تسجيل قرص الإنقاذ - ‮تم إنشاء قرص الإنقاذ - ‮الاختبار المبدئي لتعمية النظام - ‮تم اختبار قرص الإنقاذ - \nn‮تم اختبار قرص إنقاذ ڤيراكربت بنجاح. رجاء أزل القرص من السواقة الآن و احفظه في مكان آمن. ‮ ‮انقر 'اللاحق' للمواصلة. - ‮تحذير: أثناء الخطوات التالية يجب ألا يكون قرص إنقاذ ڤيراكربت في السواقة و إلا فلن يمكن إتمام الخطوات بنجاح. ‮ ‮تحقق من إزالة القرص من السواقة الآن و احفظه في مكان مناسب، ثم اضغط 'موافق'. - ‮تحذير: بسبب قصور تقني في بيئة ما قبل الإقلاع فإن النصوص المعروضة في بيئة قبل الإقلاع (قبل أن يبدأ ويندوز) لا تمكن ترجمتها، لذا فواجهة بيئة قبل الإقلاع هي بالإنجليزية بالكامل. ‮ ‮أأواصل؟ - ‮قبل تعمية قسم أو سواقة النظام يحتاج ڤيراكربت للتحقق من أن كل شيء يعمل كما ينبغي. ‮ ‮بعد أن تنقر 'اختبر' كل المكونات (مثلا مكون استيثاق ما قبل الإقلاع، أي مُحمِّل إقلاع ڤيراكربت) ستُنصَّب و سيعاد تشغيل حاسوبك. بعدها سيتوجب عليك إدخال كلمة السر في شاشة مُحمِّل إقلاع ڤيراكربت التي ستظهر قبل بدء ويندوز. بعد أن يبدأ ويندوز ستُبلغ تلقائيا بنتيجة هذا الاختبار المبدئي. ‮ ‮النبيطة التالية ستُعدَّل: السواقة رقم ‪%d‬ ‮ ‮إذا نقرت 'ألغِ' الآن فلن يُنصَّب شيء و لن يُجرى الاختبار المبدئي. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - ‮تم الاختبار المبدئي - ‮تم الاختبار المبدئي بنجاح. ‮ ‮تحذير: لاحظ أنه إذا انقطعت الطاقة أثناء تعمية البيانات في موضعها أو إذا انهار نظام التشغيل بسبب عطل برمجي أو عتادي أثناء عمل ڤيراكربت على تعمية بيانات في موضعها فإن بعضا من البيانات ستتلف أو تُفقد. لذا فقبل البدء بالتعمية تحقق من أن لديك نسخة احتياطية من الملفات التي ستعميها، و إذا ما كانت لديك فاتِّخذ نسخة احتياطية الآن (يمكنك نقر 'أرجئ' و نسخ الملفات ثم تشغيل ڤيراكربت مجددا في أي وقت و اختيار 'نظام' > 'عاود الصيرورة المقاطعة' لبدء التعمية). ‮ ‮عندما تكون جاهزا اضغط 'عمِّ' لبدء التعمية. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \nn‮ ‮يمكنك أن تضغط 'جمِّد' أو 'أرجئ' في أي وقت لمقاطعة صيرورة التعمية، ثم تصرف المرشد، ثم تعيد تشغيل الحاسوب أو تطفئه، ثم معاودة الصيرورة التي ستواصل من حيث توقفت. لاحظ أن المجلد لا يمكن وصله حتى تمام تعميته. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - ‮اشتغل النظام المخفي - ‮النظام الأصلي - ‮ينشئ ويندوز (عادة دون استشارتك) ملفات سجلات عديدة، و ملفات مؤقتة و غيرها في قسم ويندوز، كما يحفظ محتويات ذاكرة RAM عند السُبات و كذلك في ملف المبادلة الذي عادة ما يوجد في قسم النظام. لذا، إن تمكن خصم من تحليل الملفات المخزنة في القسم الذي يوجد فيه النظام ااصلي (و الذي استنسخ منه النظام المخفي) فإنه قد يعرف أنك استخدمت مرشد ڤيراكربت في طور إنشاء نظام مخفي (و هو ما قد يدل على وجود نظام تشغيل مخفي في حاسوبك). ‮ ‮للحول دون مثل هذه الملابسات فإن ڤيراكربت في الخطوات التالية سيمحو محوا آمنا كل محتوى القسم الذي كان يوجد فيه النظام الاصلي. بعدها، و لأجل تحقيق حجية الإنكار يتوجب ليك تثبيت نظام تشغيل جديد في القسم ثم تعميته، و بهذا يصير لديك نظام تمويه و بهذا تتم صيرورة إنشاء نظام التشغيل المخفي. - ‮تم بنجاح إنشاء نظام التشغيل المخفي. لكن قبل أن تشرع في استخدامه (و لتحقيق حجية الإنكار) ينبغي (باستخدام ڤيراكربت) محو كل محتوى القسم المنصب فيه نظام التشغيل العامل حاليا. قبل أن يمكن عمل هذا تنبغي إعادة تشغيل النظام و في شاشة مُحمل إقلاع ڤيراكربت (التي تظهر قبل أن يشتغل ويندوز) أدخل كلمة سر استيثاق ما قبل الإقلاع لنظام التشغيل المخفي، و بعد أن يشتغل النظام فإن مرشد ڤيراكربت سيشتغل تلقائيا. ‮ ‮ملاحظة: إن اخترت إنهاء صيرورة إنشاء نظام التشغيل المخفي الآن فلن يكون بوسعك معاودتها لاحقا و لن يمكن النفاذ إلى نظام التشغيل المخفي (لأن مُحمِّل إقلاع ڤيراكربت سيُزال). - ‮كنت قد جدولت سيرورة إنشاء نظام تشغيل مخفي، و هذه الصيرورة لم تتم بعد. لإتمامها تنبغي إعادة تشغيل الحاسوب و في شاشة مُحمِّل إقلاع ڤيراكربت (التي تظهر قبل أن يشتغل ويندوز) أدخل كلمة سر نظام التشغيل المخفي. ‮ ‮ملاحظة: إن اخترت إنهاء صيرورة إنشاء نظام التشغيل المخفي الآن فلن يكون بوسعك معاودتها لاحقا. - ‮أعد تشغيل الحاسوب ثم واصل - ‮أنه نهائيا صيرورة إنشاء نظام التشغيل المخفي - ‮لا تفعل شيئا الآن و اسألني لاحقا - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - ‮استنساخ نظام تشغيل - ‮في الخطوات التالية سينشئ ڤيراكربت نظام التشغيل المخفي بنسخ محتوى قسم النظام إلى المجلد المخفي (البيانات المنسوخة ستُعمى لحظيا بمفتاح تعمية يختلف عن الذي سيستخدم لنظام التشغيل التمويهي). ‮ ‮لاحظ أن هذه الصيرورة ستجري في بيئة ما قبل الإقلاع (قبل أن يشتغل ويندوز) و أنها قد تستغرق وقتا طويلا حتى تتم؛ بضع ساعات أو حتى أياما (حسب حجم قسم النظام و قوة الحاسوب). ‮ ‮سيكون بوسعك مقاطعة الصيرورة و إطفاء الحاسوب ثم بدء نظام التشغيل و معاودة الصيرورة لاحقا. إلا أنك إذا ما قاطعت صيرورة نسخ نظام التشغيل فإنها ستبدأ من البداية عند معاودتها (لأن محتويات قسم النظام ينبغي ألا تتغير أثناء النسخ). - ‮أتريد إلغاء صيرورة إنشاء نظام التسغيل المخفي كلية؟ ‮ ‮ملاحظة: لن يمكنك معاودة الصيرورة إن ألغيتها الآن. - ‮أتريد إلغاء الاختبار المبدئي لتعمية النظام؟ - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - ‮لا يبدو أن قسم\\سواقة النظام مُعمّاة (لا جزئيا و لا بالكامل). - ‮قسم\\سواقة النظام مُعمّاة (جزئيا أو بالكامل). ‮ ‮ظهِّر قسم\\سواقة النظام كُليّا قبل المواصلة. لفعل هذا اختر 'نظام' > 'ظهِّر نهائيا قسم\\سواقة النظام' من قائمة نافذة ڤيراكربت الرئيسية. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - ‮يجري حاليا تظهير أو تعمية قسم\\سواقة النظام أو تعديلها على نحو ما. قاطع صيرورة التعمية\\التظهير\\التعديل (أو انتظر حتى تمامها) قبل المواصلة. - ‮توجد نسخة من مرشد إنشاء مجلد ڤيراكربت تعمل في هذا النظام أو تعد لتعمية أو تظهير قسم\\سواقة النظام. قبل أن تمكن المواصلة ينبغي انتظاره حتى ينتهي أو إغلاقه. إن لم يكن يوسعك إغلاقه فأعد تشغيل الحاسوب قبل المواصلة. - ‮لم تتم صيرورة تعمية أو تظهير قسم\\سواقة النظام. انتظر حتى تمامها قبل المواصلة. - ‮عطل: لم تتم صيرورة تعمية أو تظهير قسم\\سواقة النظام. يجب أن تتم أولا. - ‮ععطل: صيرورة تعمية القسم\\المجلد لم تتم؛ و ينبغي أن تتم أولا. ‮ ‮ملاحظة: لمعاودة الصيرورة اختر 'مجلدات' > 'عاود الصيرورة المقاطعة' من قائمة نافذة ڤيراكربت الرئيسية. - ‮كلمة السر صحيحة، و قد ظهَّر ڤيراكربت ترويسة المجلد و تحسَّس أنه مجلد نظام مخفي، لكن لا يمكن تعديل ترويسة مجلد نظام مخفي بهذه الطريقة. ‮ ‮لتعيير كلمة السر لمجلد نظام مخفي أقلع نظام التشغيل الكائن في المجلد المخفي ثم اختر 'نظام' > 'غيِّر كلمة السر' من قائمة نافذة تروركبت الرئيسية. ‮ ‮لضبط خوارزمية اشتقاق مفتاح الترويسة، أقلع نظام التشغيل و اختر 'نظام' > 'اضبط خوارزمية اشتقاق مفتاح الترويسة'. - ‮لا يدعم ڤيراكربت التظهير في الموضع لقسم نظام تشغيل مخفي. ‮ ‮ملاحظة: إذا أردت تظهير قسم نظام التشغيل التمويهي فأقلع النظام التمويهي ثم اختر 'نظام' > 'ظهّر نهائيا قسم\\سواقة النظام' من قائمة نافذة ڤيراكربت الرئيسية. - ‮عطل: معطى غير صحيح/خاطئ. - ‮لقد اخترت قسما أو نبيطة إلا أن طور المُرشد الذي اخترت لا يناسب سوى ملفات الحاويات. ‮ ‮أتريد تغيير طور المرشد؟ - ‮أتريد إنشاء ملف حاوية ڤيراكربت بدلا من هذا؟ - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - ‮أمتأكد أنك تريد تظهير قسم\\سواقة النظام نهائيا؟ - ‮تنبيه: إن ظهَّرت قسم\\سواقة النظام نهائيا فإن بيانات غير معماة ستكتب عليها. ‮ ‮أتريد حقا تظهير قسم\\سواقة النظام نهائيا؟ - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - ‮إن واجهتك أي من المشكلات سابقة الذكر فظهِّر قسم\\سواقة النظام (إن كانت معمّاة) و حاول تعميتها مجددا باستخدام خوارزمية تعمية غير متوالية (مثل ‪AES‬). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - ‮رقم إصدارة مُحمِل إقلاع ڤيراكربت الذي أقلع نظام التشغيل هذا يختلف عن رقم إصدارة مُشغِّل ڤيراكربت (و تطبيقات ڤيراكربت) المثبتة في هذا النظام. ‮ ‮ينبغي أن تشغل مُنَصِّب ڤيراكربت (الذي يتطابق رقم إصدارته مع رقم إصدارة مُحمِل إقلاع ڤيراكربت) و ذلك لتحديث ڤيراكربت في هذا النظام. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - ‮تمت ترقية مُحمِّل إقلاع ڤيراكربت. ‮ ‮من المحبذ بشدة أن تنشئ قرص إنقاذ ڤيراكربت جديد (ليحوي الإصدارة الجديدة من مُحمِّل إقلاع ڤيراكربت) باختيار 'نظام' > 'أنشئ قرص إنقاذ' بعد أن تعيد تشغيل الحاسوب. - ‮مُحمِل إقلاع ڤيراكربت تمت ترقيته. ‮ ‮من المحبذ بشدة أن تُقلع نظام التشغيل التمويهي و أن تنشئ قرص إنقاذ ڤيراكربت حديث (و هو الذي سيحوي الإصدارة الجديدة من مُحمِّل إقلاع ڤيراكربت) باختيار 'نظام' > 'أنشئ قرص إنقاذ'. - ‮فشلت ترقية مُحمِّل إقلاع ڤيراكربت. - ‮فشل تروكرمبت في تحسُّس الحجم الفعلي لسواقة النظام، لذا فسيستخدم الحجم الذي يقرره نظام التشغيل (و هو الذي يمكن أن يكون أصغر من الحجم الحقيقي). لاحظ أن هذه ليست علة في ڤيراكربت. - ‮تنبيه: يبدو أن ڤيراكربت قد حاول مسبقا تحسُّس القطاعات المخفية في سواقة النظام هذه. إن كانت قد واجهتك أية مشكلات أثناء عملية التحسس السابقة فيمكنك تلافي المشكلات بتجاوز تحسس القطاعات المخفية الآن. لاحظ أنك إن فعلت هذا فإن ڤيراكربت سيستخدم الحجم المبلغ من قبل النظام (و هو قد يكون أصغر من حجم السواقة الحقيقي). ‮ ‮لاحظ أن هذه ليست علة في ڤيراكربت. - ‮تجاوز تحسس القطاعات المخفية (استخدم الحجم الذي أبلغ به نظام التشغيل) - ‮حاول تحسس القطاعات المخفية مجددا - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - ‮ملاحظة: استبدل تروركبت محتوى ‪%I64d‬ قطاعا(ت) غير مقروء(ة) (‪%s‬) بكتل من صريحة الأصفار المعماة. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - ‮أدخل كلمة السر\\رقم التعريف للأمارة '‪%s‬': - ‮لتمكين ڤيراكربت من النفاذ إلى أمارة أمان أو بطاقة ذكية ينبغي أولا تنصيب مكتبة ‪PKCS #11‬ البرمجية الخاصة بالأمارة أو البطاقة. مثل تلك المكتبة قد تكون مضمنة مع الجهاز أو قد تكون متاحة للتنزيل من موقع الصانع على الوب أو من أطراف آخرين. ‮ ‮بعد تنصيب المكتبة يمكنك إما أن تختارها يدويا بنقر 'اختر مكتبة' أو أن تدع ڤيراكربت ليجدها و يختارها تلقائيا بنقر 'تحسس المكتبة تلقائيا' (لن يبحث سوى في دليل نظام ويندوز). - ‮ملاحظة: فيما يخص اسم و موضع ملف مكتبة ‪PKCS #11‬ المنصبة لأمارة الأمان أو البطاقة الذاتية التي تستخدمها ارجع للوثائق المصاحبة للأمارة أو البطاقة أو البرمجيات الخارجية. ‮ ‮انقر 'موافق' لتختار المسا رو اسم الملف. - ‮لتمكين ڤيراكربت من النفاذ إلى أمارة أمان أو بطاقة ذكية ينبغي اختيار مكتبة ‪PKCS #11‬ البرمجية الخاصة بالأمارة أو البطاقة. لعمل ذلك اختر 'تضبيطات' > 'أمارات الأمان'. - ‮تعذَّر استبداء مكتبة ‪PKCS #11‬ لأمارة الأمان. ‮ ‮تحقق من أن المسار و اسم الملف المعينان يعودان لمكتبة ‪PKCS #11‬. لتعين مسار و اسم ملف مكتبة ‪PKCS #11‬ اختر 'تضبيطات' > 'أمارات الأمان'. - ‮لم يُعثر على أي مكتبات ‪PKCS #11‬ في دليل نظام ويندوز. ‮ ‮تحقق من وجود مكتبة ‪PKCS #11‬ لأمارة الأمان التي تستخدمها أو للبطاقة الذكية (مثل تلك المكتبة قد تكون مرفقة مه الأمارة\\البطاقة أو قد تكون متاحة للتنزيل من موقع الصانع على الوب أو من طرف آخر). إن كانت المكتبة مثبتة في دليل غير دليل نظام ويندوز فانقر 'اختر مكتبة' لتعيينها (مثلا قد تكون في الدليل المنصبة فيه برمجيات الأمارة\\البطاقة). - ‮لم يُعثر على أمارة أمان. ‮ ‮تحقق من اتصال أمارة الأمان بالحاسوب و من أن مشغلها البرمجي مُنصَّب. - ‮لم يُعثر على ملف مفتاح أمارة الأمان. - ‮يوجد بالفعل ملف مفتاح أمارة أمان بالاسم ذاته. - ‮أتريد حذف الملفات المختارة؟ - ‮مسار ملف مفتاح أمارة الأمان غير صحيح. - ‮عطل متعلق بأمارة الأمان - ‮كلمة سر أمارة الأمان غير صحيحة. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - ‮كل جلسات أمارات الأمان المفتوحة تم إنهاؤها. - ‮اختر ملفات مفاتيح أمارات الأمان - ‮فتحة - ‮اسم الأمارة - ‮اسم الملف - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - ‮عطل في تحليل سطر الأوامر. - ‮قرص الإنقاذ - ‮اختر &ملفا و أوصل… - ‮اختر &نبيطة و أوصل… - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - ‮تحذير: نظام الملفات في المجلد الموصول باسم '‪%s‬' لم يفصل كما ينبغي المرة السابقة و قد يحوي أعطالا. استخدام نظام ملفات معطوب قد يؤدي إلى ضياع البيانات أو تلفها. ‮ ‮ملاحظة: قبل أن تطفئ أو تفصل عن الحاسوب نبيطة (مثل شريحة ذاكرة USB أو سواقة أقراص خارجية) تحوي مجلد ڤيراكربت تأكد من أن تفصل المجلد أولا في ڤيراكربت. ‮ ‮ ‮أتريد أن يحاول ويندوز تحسس و إصلاح الأعطال (إن وجدت) في نظام الملفات هذا؟ - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - ‮المجلد '‪%s‬' وُصل للقراءة فقط لأن النفاذ بالكتابة قد مُنع. ‮ ‮تحقق من أنه ما من برمجيات أخرى (مثل مضاد الفيروسات) تنفذ إلى القسم\\النبيطة المستضاف فيها المجلد. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - ‮اختبر - ‮ملف مفتاح - Backspace - Tab - Clear - Enter - Pause - Caps Lock - ‮مسطرة المسافات - Page Up - Page Down - End - Home - ‮السهم لليسار - ‮السهم لأعلى - ‮السهم لليمين - ‮السهم لأسفل - ‮مفتاح‪Select‬ - ‮مفتاح ‪Print‬ - ‮مفتاح ‪Execute‬ - Print Screen - Insert - Delete - Applications Key - Sleep - Num Lock - Scroll Lock - ‮التصفح رجوعا - ‮التصفح قدما - ‮تجديد الصفحة - ‮وقف التصفح - ‮بحث التصفح - ‮تفضيلات التصفح - ‮الصفحة الأولى - ‮اصمت - ‮اخفض الصوت - ‮ارفع الصوت - ‮المقطوعة اللاحقة - ‮المقطوعة السابقة - ‮أوقف الوسائط - ‮شغل/أوقف الوسائط - ‮مفتاح تشغيل البريد - ‮مفتاح اختيار الوسائط - ‮تطبيق 1 - ‮تطبيق 2 - Attn - CrSel - ExSel - ‮شغِّل - ‮كبَّر - NumPad - Shift - Control - Alt - Win - ‮ب - ‮كيلوبايت - ‮ميجابايت - ‮جيجابايت - ‮ت.بايت - ‮پ.بايت - ‮بايت/ث - ‮كيلوبايت/ث - ‮ميجابايت/ث - ‮جيجابايت/ث - ‮ت.بايت/ث - ‮پ.بايت/ث - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + ‮ألغِ + ‮نصِّب ل&كل المستخدمين + ‮ت&صفح… + ‮أضف أيقونة ڤيراكربت إلى &سطح المكتب + Donate now... + ‮اربط ا&متداد الاسم .hc بڤيراكربت + ‮افتح الموضع ال&وجهة عند الانتهاء + ‮أضف ڤيراكربت إلى &قائمة ابدأ + ‮أنشئ &نقطة استرجاع للنظام + ‮أ&زِل + ‮است&خرج + ‮&نصِّب + ‮مرشد تنصيب ڤيراكربت + ‮أزل ڤيراكربت + ‮&مساعدة + ‮اختر أو أدخل الموضع الذي تريد استخراج الملفات إليها: + ‮اختر أو أدخل الموضع الذي تريد فيه تنصيب ملفات برمجية ڤيراكربت. إن كان الدليل المختار غير موجود فسيُنشأ آليا. + ‮انقر 'أزل' لإزالة ڤيراكربت من هذا النظام. + ‮أجهض + &Benchmark + ‮ا&ختبر + ‮أنشئ مجلدا معمّى و هيّئه + ‮عمّ قسما في موضعه + ‮اعرض المفاتيح المولدة (حصتيهما) + ‮اعرض محتويات المُجمّع + ‮أنزل برمجية تسجيل سي‌دي/دي‌ڤي‌دي + ‮أنشئ ملفًا حاويًا معمّى + ‮&GB + &TB + ‮مزيد من المعلومات + ‮مجلد ڤيراكربت م&خفي + ‮مزيد من المعلومات عن المجلدات المخفية + ‮الطور المباشر + ‮الطور العادي + &KB + ‮ا&ستخدم الملفات المفاتيح + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + ‮الملفات ال&مفاتيح… + ‮معلومات حوْل خوازميات التلبيد + المزيد من المعلومات + Information on PIM + &MB + ‮مزيد من المعلومات + ‮مزيد من المعلومات عن تعمية النظام + ‮مزيد من المعلومات + ‮إقلاع متعدد + ‮عمّ غير مجلد\\سواقة النظام + ‮لا &تحفظ التأريخ أبدًا + ‮أوصل مجلدا خارجيا + ‮&جمِّد + Use P&IM + Use PIM + ‮تهيئة سريعة + ‮أ&ظهر كلمة السر + ‮أ&ظهر كلمة السر + &Display PIM + ‮إقلاع أحادي + ‮مجلد ڤيراكربت عادي + ‮م&خفيّ + ‮عاديّ + ‮عمّ قسم النظام أو سواقة النظام بكاملها + ‮عمّ قسم نظام ويندوز + ‮عمّ السواقة بكاملها + مرشد إنشاء مجلد ڤيراكربت + ‮عنقود + ‮هام: حرّك الفأرة عشوائيا بقدر الإمكان في إطار هذه النافذة، كلما طال تحريكك لها كان ذلك أفضل؛ هذا يزيد بشدة من القوة التعموية لمفاتيح التعمية. ثم انقر 'اللاحق' للمواصلة. + ‮أ&كِّد: + ‮تمّ + Drive letter: + ‮خوارزميّة التعمية + ‮نظام الملفات + ‮ينشئ قرصا افتراضيا معمى في ملف. مُحبَّذٌ للمستخدمين غير الخبراء. + ‮خيارات + ‮خوارزميّة التلبيد + ‮مفتاح الترويسة: + ‮الباقي + ‮المفتاح الرئيسي: + ‮اختر هذا إن كان يوجد نظاما تشغيل أو أكثر مُنصَّبين على هذا الحاسوب.\n‮\n‮مثلا:\n‮-ويندوز إكس‌پي و ويندوز إكس‌پي\n‮-ويندوز إكس‌پي و ويندوز ڤيستا\n‮- ويندوز و ماك أوإس\n‮- ويندوز و لينكس\n‮- ويندوز و لينكس و ماك أوإس + ‮يعمّي مجلّدا غير المنصَّب فيه النظام، في أي سواقة داخلية أو خارجية (مثل شريحة ذاكرة). يمكن كذلك إنشاء مجلد مخفي. + ‮محتويات المجمع الحالية (جزئيا) + ‮مرّة + ‮كلمة السر: + Volume PIM: + Volume PIM: + ‮الإنجاز: + ‮مجمّع عشوائي: + ‮اختر هذا إن كان يوجد نظام تشغيل واحد فقط منصَّب على هذا الحاسوب (حتى لو كان له عدة مستخدمين). + ‮السرعة + ‮الحالة + ‮المفاتيح و البذرة و بيانات أخرى تم توليدها جميعا بنجاح. إن أردت توليد مفاتيح جديدة فانقر 'ارجع' ثم 'اللاحق'. و إلا فانقر 'اللاحق' للمواصلة. + ‮يعمّي القسم\\السواقة المنصّب فيها ويندوز. من يريد تشغيل النظام و النفاذ إلى الملفات سيكون عليه إدخال كلمة السر في كل مرة قبل إقلاع ويندوز، كما يمكن اختياريا إنشاء نظام مخفي. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + ‮طور المحو: + ‮أغلق + ‮اسمح بتجاوز الاستيثاق عند الاستيثاق بضغط مفتاح Esc (هذا يفعّل مدير الإقلاع) + ‮لا تفعل شيئا + ‮أو&صل مجلد ڤيراكربت تلقائيا (محدد أدناه) + ‮&شغِّل ڤيراكربت + ‮&تحسس المكتبة ذاتيا + ‮&احفظ كلمة سر استيثاق ما قبل الإقلاع في في ذاكرة المشغل (لوصل مجلدات غير النظام) + ‮تصفح… + ‮تصفح… + ‮خزِّن كلمات السر و الم&لفات المفاتيح مؤقتا في الذاكرة + ‮اخرج عندما لا توجد مجلدات موصولة + ‮أ&نهِ جلسة الأمارة (اخرج) بعد وصل مجلد بنجاح + Include VeraCrypt Volume Expander + ‮اشمل مُساعد ڤيراكربت لإنشاء المجلدات + ‮أنشئ + ‮أ&نشئ مجلدا + ‮لا &تظهر أية نصوص في شاشة استيثاق ما قبل الإقلاع (ما عدا الرسالة المدخلة أدناه) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + ‮استخدم الملفات المفاتيح + ‮استخدم الملفات المفاتيح + ‮ا&خرج + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + ‮Alt + Ctrl + ‮Shift + ‮Win + ‮خصّص + ‮أزِل + ‮الملفات المفاتيح… + Do not use the following number of processors for encryption/decryption: + More information + More information + ‮مزيد من التضبيطات… + ‮أوصل النبائط &تلقائيا + ‮خ&يارات الوصل… + ‮أوصل المجلد &للقراءة فقط + ‮الملفات المفاتيح… + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + ‮مُفعّل + ‮خزّن كلمات السرّ مؤقتا في ذاكرة المُشغِّل + ‮افصل المجلد تلقائيا عندما لا تُكتب/تُقرأ بيانات منه + ‮خروج المستخدم + User session locked + ‮الدخول في طور حِفظ الطاقة + ‮اشتغال حافظة الشاشة + ‮أجبر الفصل التلقائي حتى إن وجدت ملفات أو أدلّة مفتوحة في المجلد + ‮أوصل كل مجلدات ڤيراكربت المستضافة في نبائط + ‮شغِّل مهمة ڤيراكربت التي في الخلفية + ‮أوصل المجلدات للقراءة فقط + ‮أوصل المجلدات كوسائط قابلة للفصل + ‮افتح نافذة إكسبلورر للمجلدات التي نجح وصلها + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + ‮امحُ كلمات السر المخزّنة مؤقتا عند الفصل التلقائي + ‮امحُ كلمات السر المخزّنة مؤقتا عند الخروج + Preserve modification timestamp of file containers + ‮صفّر + ‮اختر &نبيطة… + ‮اختر &ملفا… + ‮ا&ختر مكتبة… + ‮أظهر كلمة السر + ‮أظهر كلمة السر + ‮افتح &نافذة إكسبلورر للمجلدات الموصولة + ‮خزّن كلمات السرّ &مؤقتا في ذاكرة المُشغِّل + TrueCrypt Mode + ‮ا&فصل الكل + ‮خ&صائص المجلد… + ‮أ&دوات المجلد… + ‮ا&مح المخبئية + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + ‮ڤيراكربت - أزرار الاختصار العامة للنظام + ‮ڤيراكربت + ‮غيّر كلمة السر أو ملفات المفاتيح + ‮أدخل كلمة سر مجلد ڤيراكربت + VeraCrypt - Performance and Driver Options + ‮ڤيراكربت - التفضيلات + ‮ڤيراكربت - تضبيطات تعمية النظام + ‮ڤيراكربت - تفضيلات أمارات الأمان + ‮إعداد قرص ڤيراكربت الجوال + ‮خصائص مجلد ڤيراكربت + ‮عن ڤيراكربت… + ‮أضف/احذف الملفات المفاتيح إلى/من المجلد… + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + ‮انسخ ترويسة المجلد احتياطيا… + ‮مقايسة الأداء… + ‮غيّر خوارزمية اشتقاق مفتاح الترويسة… + ‮غيّر كلمة سر المجلد… + ‮اضبط خوارزمية اشتقاق مفتاح الترويسة… + ‮غيّر كلمة السر… + ‮احذف تأريخ المجلدات + ‮أنهِ جلسات كل الأمارات + ‮التواصل… + ‮أنشئ نظام تشغيل مخفي… + ‮أنشئ قرص إنقاذ… + ‮أنشئ مجلدا جديدا… + Permanently Decrypt... + ‮الملفات المفاتيح المبدئية… + Default Mount Parameters... + Donate now... + ‮عمّ قسم\\سواقة النظام… + ‮الأسئلة المتكررة + ‮دليل المستخدم + ‮الموقع على ال&وب + ‮أزرار الاختصار… + ‮مُوِّلد الملفات المفاتيح + ‮اللغة… + ‮إخطار قانوني + ‮أدر ملفات مفاتيح أمارات الأمان… + ‮أوصل كل المجلدات المستضافة في نبائط تلقائيا + ‮أوصل المجلدات المفضّلة + ‮أوصل دون ا&ستيثاق قبل الإقلاع + ‮أوصل المجلدات + ‮أوصل المجلدات بالخيارات + ‮أخبار + ‮مساعدة على الوب + ‮شرح على الوب + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + ‮ظهّر نهائيا قسم\\سواقة النظام + ‮التفضيلات… + ‮أنعش أحرف السواقات + ‮احذف كل الملفات المفاتيح من المجلد + ‮استرجع ترويسة المجلد… + ‮عاود الصيرورة المقاطَعة + ‮اختر نبيطة… + ‮اختر ملفا… + ‮عاود الصيرورة المقاطعة + ‮تعمية النظام… + ‮خصائص… + ‮تضبيطات… + System Favorite Volumes... + ‮التّنزيلات + ‮معاملات الاختبار… + ‮أمارات الأمان… + ‮إعداد قرص الجوال… + ‮افصل كل المجلدات الموصولة + ‮افصل المجلد + ‮اختبر قرص الإنقاذ + اختبر صورة لقرص الإنقاذ + ‮تأريخ الإصدارات + توسعة المجلد + ‮خصائص المجلد + ‮مرشد إنشاء المجلدات + ‮موقع ڤيراكربت على الوب + ‮امحُ كلمات السر المخزنة مؤقتا + ‮موافق + Hardware Acceleration + ‮اختصار + ‮تضبيطات التشغيل التلقائي (autorun.inf) + ‮افصل تلقائيًا + ‮افصل الكل عندما: + ‮خيارات شاشة مُحمِّل الإقلاع + ‮أكّد كلمة السرّ: + ‮الحالي + ‮اعرض هذه الرسالة في شاشة استيثاق ما قبل الإقلاع (بحد أقصى 24 حرفا): + ‮خيارات الوصل المبدئية + ‮خيارات أزرار الاختصار + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + ‮تضبيطات الملف + ‮الزر المخصص: + Processor (CPU) in this computer supports hardware acceleration for AES: + ‮اجراءات تنفّذ عند الولوج إلى ويندوز + ‮دقائق + ‮أوصل المجلد معرّفا بالحرف: + ‮تضبيطات الوصل + ‮جديد + ‮كلمة السر: + Thread-Based Parallelization + ‮مسار مكتبة ‪PKCS #11‬ + PKCS-5 PRF: + PKCS-5 PRF: + ‮ذاكرة كلمات السّر + ‮خيارات الأمان + ‮مهمّة الخلفية لڤيراكربت + ‮مجلد ڤيراكربت لوصله (نسبة إلى جذر قرص الجوّال): + ‮عند إدخال قرص الجوال: + ‮أنشئ ملفات قرص الجوّال في (الدليل الجذر لقرص الجوال): + المجلد + ‮تضبيطات تخصُّ ويندوز + ‮أضف &مسارا… + ‮ا&ختبر الكل تلقائيا + &Continue + ‮ظ&هّر + ‮ا&حذف + ‮ع&مِّ + ‮&صدِّر… + ‮ولِّد و احفظ ملفا مفتاحا… + ‮ولِّد ملفا مفتاحا &عشوائيا… + ‮نزِّل حزمة لغة + Hardware-accelerated AES: + ‮است&ورد ملف مفتاح إلى الأمارة… + ‮أ&ضف ملفات… + ‮ا&ستخدم الملفات المفاتيح + ‮ملفات ال&مفاتيح… + ‮ا&حذف + ‮احذف ال&كل + ‮ما هي حماية المجلد المخفي؟ + ‮مزيد من المعلومات عن الملفات المفاتيح + ‮أوصل المجلد ك&وسط قابل للفصل + ‮أوصل قسما ي&ستخدم تعمية النظام دون استيثاق ما قبل الإقلاع + Parallelization: + ‮مقايسة الأداء + ‮ا&طبع + ‮ا&حمِ المجلد المخفي من التلف الناجم عن الكتابة على المجلد الخارجي + ‮&صفّر + ‮أ&ظهر كلمة السر + ‮أضف ملفات أ&مارة… + ‮استخدم الترويسة الا&حتياطية المُضمَّنة في المجلد إن وجدت + ‮طور ‪XTS‬ + ‮عن ڤيراكربت + ‮ڤيراكربت - مقايسة أداء خوارزمية التعمية + ‮ڤيراكربت - معاملات الاختبار + ‮مساعدة سطر الأوامر + ‮ڤيراكربت - الملفات المفاتيح + ‮ڤيراكربت - مولِّد الملفات المفاتيح + ‮ڤيراكربت - اللغة + ‮ڤيراكربت - خيارات الوصل + ‮خصائص ملفات مفاتيح أمارة الأمان الجديدة + VeraCrypt - Random Pool Enrichment + ‮اختر قسما أو نبيطة + VeraCrypt + ‮ملفات مفاتيح أمارات الأمان + ‮كلمة سر أو رقم تعرُّف الأمارة مطلوب + ‮حزمة اللغة المفعَّلة + ‮تتأثر السرعة بحِمل المعالج و خصائص وسيط التخزين.\n‮\n‮ تجري هذه الإختبارات في ذاكرة RAM. + ‮حجم المخزون: + ‮شفرة: + ‮كلمة سر للمجلد المخفي:\n‮(إذا كانت خاوية فسيستخدم ما في الذاكرة المؤقتة) + ‮حماية المجلد المخفي + ‮طول المفتاح: + ‮هام: حرّك الفأرة عشوائيا بقدر الإمكان في إطار هذه النافذة، كلما طال تحريكك لها كان ذلك أفضل؛ هذا يزيد بشدة من القوة التعموية للملف المفتاح. + ‮تحذير: إذا فَقدّت الملف المفتاح أو تغيرت أي بتة من أوّل ‪1024‬ كيلوبايت منه فسيكون من المستحيل وصل المجلدات التي تستخدم ذلك المفتاح! + ‮بتات + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + ‮ترجمه: + ‮حجم النص الصريح: + ‮بتات + ‮محتوى المجمّع الحالي + ‮يخلط ‪PRF‬: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + ‮المفتاح الثانوي (ستعشري) + ‮أمارة الأمان: + ‮طريقة الترتيب: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + ‮رقم الكتلة: + ‮النص المعمى (ستعشري) + ‮رقم وحدة البيانات (ستعشري من ‪64‬ بتة، حجم وحدة البيانات ‪512‬ بايت) + ‮مفتاح (ستعشري) + ‮النص الصريح (ستعشري) + ‮اسم الملف الفمتاح: + ‮طور XTS + ‮ن&ظام + ‮ال&مجلدات + Favor&ites + ‮أ&دوات + ‮ت&ضبيطات + ‮&مساعدة + ‮ صفحة ال&وب + + ‮&عن ڤيراكربت… + ‮تعذَّر تغيير خاصية للقراءة فقط في المجلد العتيق. رجاءً تحقق من صلاحيات النفاذ للملف. + ‮عُطل: رُفض النفاذ. ‮ ‮القسم الذي تحاول النفاذ إليه إما طول قطاعه 0، أو هي نبيطة إقلاع. + Administrator + ‮لتُحمّل مشغّل ڤيراكربت تحتاج للولوج إلى حساب له صلاحيات المدير. + ‮لاحظ أنه لكي تعمي/تُهيئ قسما/نبيطة فإنه يتوجب عليك الولوج إلى حساب له صلاحيات المدير. ‮ ‮ هذا لا ينطبق على المجلدات المستضافة في ملفات. + ‮لإنشاء مجلد مخفي يجب الولوج إلى حساب له صلاحيات المدير. ‮ ‮أأتابع؟ + ‮رجاءً لاحظ أنه يجب عليك الولوج إلى حساب له صلاحيات المدير لتتمكّن من تهيئة المجلد بنظام‍ ‪NTFS‬. ‮ ‮ يمكنك أن تُهيء المجلد بنظام ‪FAT‬ دون صلاحيات المدير. + ‮شفرة مقبولة لدى ‪FIPS‬ (‪Rijndael‬ المنشورة في ‪1998‬) يمكن لوكالات و إدارات حكومة الولايات المتحدة الأمريكية استخدامها لحماية المعلومات المصنفة حتى مستوى 'سري للغاية'. ‮مفتاح بطول ‪256‬ بتة؛ كتلة ‪128‬ بتة؛ ‪14‬ دورة (‪AES‬ ‪256‬)؛ تعمل في طور ‪XTS‬. + ‮المجلد مُوصَل بالفعل + ‮تنبيه: فشلت خوارزمية تعمية أو تلبيد واحدة على الأقل في الاختبارات الذاتية! ‮ ‮ ربما تَلفت تنصيبة ڤيراكربت. + ‮تنبيه: لا توجد قيم كافية في مجمّع مولِّد الأرقام العشوائية لتوفير كمية القيم العشوائية المطلوبة. ‮ ‮ يجب ألا تواصل بعد هذه الخطوة. من فضلك اختر 'أبلغ عن علّة' من قائمة 'مساعدة' وأبلغ عن هذا العطل. + ‮إما السواقة معطوبة (يوجد عيب مادي فيها)، أو الكابل معطوب، أو يوجد عيب في الذاكرة. ‮ ‮لاحظ أن هذا عطل في عتادك و ليس في ڤيراكربت. لذا فرجاء لا تبلغ عن هذا كعلة\\مشكلة في ڤيراكربت و رجاء لا تطلب مساعدة بشأنه في منتديات ڤيراكربت. اتصل بفني صيانة الحواسيب الذي تتعامل معه لطلب المساعدة. شكرا. ‮ ‮ملاحظة: إن كان العطل يتكرر دوريا في نفس الوضع فمن المرجح أنه بسبب عطل في القرص، و هو ما يمكن إصلاحه باستخدام برمجيات فحص الوسائط (لاحظ أنه في حالات كثيرة فإن أمر '‪chkdsk /r‬' لا يمكنه تصحيح العطل لأنه يعمل على مستوى نظام الملفات، و أحيانا لا يمكن لأمر '‪chkdsk‬' حتى تحسس العطل). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + ‮حرف نبيطة غير صحيح. + ‮مسار غير صحيح. + ‮ألغِ + ‮تعذَّر النفاذ للنبيطة. تحقق من وجود النبيطة المختارة و أنها ليست قيد الاستخدام من قبل النظام. + ‮تنبيه:مفتاح ‪Caps Lock‬ مفعَّل. ربما يجعلك هذا تدخل كلمة السر بطريقة غير صحيحة. + ‮نوع المجلد + ‮قد يحدث أن يجبرك أحد على الإفصاح عن كلمة سر مجلد معمّى، فهناك مواقف لا يمكنك فيها رفض ذلك (تحت التهديد مثلا). تحسبا لذلك، يجعل لك استخدام ما يعرف بالمجلد المخفيّ مخرَجا من مثل تلك الظروف دون الكشف عن محتوى المجلد. + ‮اختر هذا إن أردت إنشاء مجلد ڤيراكربت عادي. + ‮لاحظ أنك إن أردت تنصيب نظام تشغيل في مجلد مخفي مستضاف في قسم فإنه لا يمكن تعمية سواقة النظام بكاملها باستخدام مفتاح واحد. + ‮خيارات تعمية المجلد الخارجي + ‮خيارات تعمية المجلد المخفي + ‮خيارات التعمية + ‮تنبيه: فشل محو مسار آخر مجلد\\ملف مفتاح اخترته (مما يتذكّره مُنتقي الملفات)! + ‮عُطل: ضُغطت الحاوية على مستوى نظام الملفات. لا يدعم ڤيراكربت الحاويات المضغوطة (لاحظ أن ضغط البيانات المعمَّاة غير مُجدٍ وبلا فائدة). ‮ ‮ من فضلك عطّل ضغط الحاوية باتباع هذه الخطوات: 1) انقر باليمين على الحاوية في إكسبلورر ويندوز (وليس في ڤيراكربت). 2) اختر 'خصائص'. 3) في صندوق الحوار 'خصائص'، انقر 'متقدم' . 4) في صندوق الحوار 'الصفات المتقدمة' عطّل الخيار 'اضغط المحتويات لتوفر مساحة القرص' ثم انقر 'موافق'. 5) انقر 'موافق في صندوق الحوار 'خصائص'. + ‮فشل إنشاء المجلد ‪%s‬ + ‮حجم ‪%s‬ هو ‪%.2f‬ بايت + ‮حجم ‪%s‬ هو ‪%.2f‬ كيلوبايت + ‮حجم ‪%s‬ هو ‪%.2f‬ ميجابايت + ‮حجم ‪%s‬ هو ‪%.2f‬ جيجابايت + ‮حجم ‪%s‬ هو ‪%.2f‬ ت.بايت + ‮حجم ‪%s‬ هو ‪%.2f‬ ب.بايت + ‮تحذير: النبيطة\\القسم قيد الاستخدام بواسطة نظام التشغيل أو تطبيق ما. قد تسبب تهيئة النبيطة\\القسم فساد البيانات وعدم استقرار النظام. ‮ ‮أأواصل؟ + ‮تحذير: هذا القسم قيد الاستخدام بواسطة نظام التشغيل أو تطبيق ما. ينبغي أن تغلق كل التطبيقات التي يمكن أن تكون مستخدمة القسم (بما في ذلك مضادات الفيروسات). ‮ ‮أأواصل؟ + ‮عُطل: تحتوي النبيطة\\القسم على نظام ملفات تعذَّر فصله. ربما يستخدم نظامُ التشغيل نظامَ الملفات. ستسبب تهيئة النبيطة\\القسم تلف البيانات وعدم استقرار النظام. ‮ ‮ لحل هذه المشكلة ننصحك بأن تحذف القسم أولًا ثم تعيد إنشاءه دون تهيئة. لفعل هذا اتبع الخطوات التالية: 1) انقر باليمين أيقونة 'الحاسوب' (أو 'حاسوبي') في 'قائمة ابدأ' واختر 'أدر'. ستظهر نافذة 'إدارة الحاسوب'. 2) من نافذة 'إدارة الحاسوب' اختر 'تخزين' > 'إدارة القرص'. 3) انقر باليمين على القسم الذي تريد تعميته واختر إمَّا 'احذف القسم' أو 'احذف المجلد'، أو'احذف المجلد المنطقي'. 4) انقر 'نعم'. إذا سألك ويندوز إعادة تشغيل الحاسوب فافعل ذلك. ثم أعد الخطوتين 1 و 2 وواصل من الخطوة 5. 5) انقر باليمين على المساحة غير المخصصة\\الشاغرة ثم اختر إما 'قسم جديد'، أو 'مجلد جديد بسيط' أو 'مجلد منطقي جديد'. 6) ستظهر الآن نافذة 'مرشد القسم الجديد' أو 'مرشد المجلد البسيط الجديد'، اتبع التعليمات. في صفحة المعالج المعنونة 'هيّء القسم'، اختر إما 'لا تهيء هذا القسم' أو 'لا تهيء هذا المجلد'. في المرشد ذاته انقر 'اللاحق' ثم 'أنه'. 7) لاحظ أن مسار النبيطة التي كنت قد اخترتها في المرشد ربما أضحى غير صحيح الآن. لذا اخرج من مرشد إنشاء مجلد ڤيراكربت (إذا كان لا يزال يعمل) ثم ابدأه مجددا. 8) جرب تعمية النبيطة\\القسم مجددا. ‮ ‮ إذا تكرر فشل ڤيراكربت في تعمية المجلد فقد ترى إنشاء ملفٍ حاوٍ بدلا من هذا. + ‮عطل: تعذّر قفل نظام الملفات و\\أو فصله. قد يكون قيد الاستخدام بواسطة نظام التشغيل أو تطبيق ما (كمضاد فيروسات مثلا). مواصلة تعمية القسم قد تسبب تلف البيانات و عدم استقرار النظام. ‮ ‮أغلق كل التطبيقات التي يمكن أن تكون مستخدمة نظام الملفات (بما في ذلك مضادات الفيروسات) و حاول مجددا.. إن لم تنحل المشكلة فاتّبع الخطوات التالية. + ‮تحذير: بعض النبائط\\الأقسام الموصولة قيد الاستخدام! ‮ ‮ سيسبب تجاهل هذا نتائج غير مرغوبة تشمل عدم استقرار النظام. ‮ ‮ ننصح بشدة بغلق أي تطبيق يستخدم النبائط\\الأقسام. + ‮النبيطة المختارة تحوي أقساما. ‮ ‮ ربما تسبب تهيئة تلك النبيطة عدم استقرار النظام و/أو تلف البيانات. عليك إمَّا أن تختار قسما على النبيطة، أو أن تحذف كل الأقسام لتمكن ڤيراكربت من تهيئتها بأمان. + ‮النبيطة المختارة لا تحوي نظام تشغيل و تحوي أقساما. ‮ ‮مجلدات ڤيراكربت المعماة المستضافة في نبائط يمكن إنشاؤها حصرا في نبائط لا تحوي أية أقسام مسبقا (بما في ذلك الاقراص الصلبة و شرائح الذاكرة). لا يمكن تعمية نبيطة تحوي أقساما في موضعها (باستخدام مفتاح واحد رئيسي) إلا إن كانت السواقة المنصب فيها ويندوز و منها يقلع. ‮ ‮إن أردت تعمية النبيطة المختارة باستخدام مفتاح واحد رئيسي فتنبغي إزالة كل الأقسام من النبيطة أولا لتمكين ڤيراكربت من تهيئتها بأمان (تهيئة نبيطة تحوي أقساما قد تؤدي إلى عدم استقرار النظام و\\أو تلف البيانات). عوضا عن هذا يمكنك تعمية كل قسم على النبيطة على حدى (و سيكون لكل منها مفتاح). ‮ ‮ملاحظة:إن أردت إزالة كل الأقسام من قرص ‪GPT‬ فقد تضطر إلى تحويله إلى قرص ‪MBR‬ (مثلا باستخدام أداة إدارة الوسائط) لكي تتمكن من إزالة الأقسام المخفية منه. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + ‮القسم المختار لا يبدو أنه يحوي نظام ملفات ‪NTFS‬. وحدها الأقسام المحتوية على نظام ملفات ‪NTFS‬ يمكن تعميتها في موضعها. ‮ ‮ملاحظة: السبب هو أن ويندوز لا يدعم تقليص نظام الملفات من الأنواع الأخرى (يجب تقليص حجم نظام الملفات للإفساح لترويسة المجلد و نسختها الاحتياطية). + ‮القسم المختار لا يبدو أنه يحوي نظام ملفات ‪NTFS‬. وحدها الأقسام المحتوية على نظام ملفات ‪NTFS‬ يمكن تعميتها في موضعها. ‮ ‮إن أردت إنشاء مجلد ڤيراكربت معمّى في هذا القسم فاختر 'أنشئ مجلدا معمى و هيئه' (عوضا عن خيار 'عمِّ قسما في موضعه'). + ‮عطل: القسم صغير جدا. لا يمكن لڤيراكربت تعميته في موضعه. + ‮لتعمية البيانات التي في هذا القسم اتَّبع الخطوات التالية: ‮ ‮1) أنشئ مجلد ڤيراكربت في قسم\\نبيطة شاغرة و أوصله. ‮ ‮2) انسخ كل الملفات من القسم الذي أردت تعميته في الأصل إلى قسم ڤيراكربت الموصول (الذي أنشأته و وصلته في الخطوة الأولى). بهذه الطريقة تكون قد حفظت نسخة احتياطية معماة من البيانات التي تريد تعميتها. ‮ ‮3) أنشئ مجلد ڤيراكربت في القسم الذي أردت تعميته في الأصل و تذكَّر (في مرشد ڤيراكربت) أن تختار 'أنشئ مجلدا معمّى و هيّئه' بدلا من خيار 'عمِ قسما في موضعه'). لاحظ أن كل البيانات المحفوظة في القسم ستُمحى. أوصل المجلد بعد إنشائه. ‮ ‮4) انسخ كل الملفات من النسخة الاحتياطية في المجلد الموصول التي أنشأته في الخطوة الأولى) إلى مجلد ڤيراكربت الذي أنشأته و وصلته في الخطوة الثالثة. ‮ ‮بعد إتمام هذه الخطوات تكون البيانات قد عميت و حفظت في ذات موضعها الأصلي، كما ستوجد نسخة احتياطية منها. + ‮ڤيراكربت يمكنه أن يعمي في الموضع حصرا الأقسام أو المجلدات الدينامية أو سواقة النظام بكاملها. ‮ ‮إن أردت إنشاء مجلد ڤيراكربت في النبيطة المختارة التي تخص النظام فاختر 'أنشئ مجلدا معمى و هيئه' (بدلا من 'عمّ قسما في موضعه'). + ‮عطل: ڤيراكربت يمكنه أن يعمي في الموضع حصرا الأقسام أو المجلدات الدينامية أو سواقة النظام بكاملها. تحقق من صحة المسار المختار. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + ‮المساحة الشاغرة على السواقة ‪%s‬ هي ‪%.2f‬ بايت. + ‮المساحة الشاغرة على السواقة ‪%s‬ هي ‪%.2f‬ كيلوبايت. + ‮المساحة الشاغرة على السواقة ‪%s‬ هي ‪%.2f‬ م.بايت. + ‮المساحة الشاغرة على السواقة ‪%s‬ هي ‪%.2f‬ جيجابايت. + ‮المساحة الشاغرة على السواقة ‪%s‬ هي ‪%.2f‬ ت.بايت. + ‮المساحة الشاغرة على السواقة ‪%s‬ هي ‪%.2f‬ ب.بايت. + ‮تعذَّر جلب أحرف السواقات المتوفرة. + ‮عطل: تعذّر إيجاد مشغل ڤيراكربت. ‮ ‮انسخ الملفات ‪'veracrypt.sys'‬ و ‪'veracrypt-x64'‬ إلى الدليل الذي فيه ملف تطبيق ڤيراكربت ‪'VeraCrypt.exe'‬. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + ‮عُطل: فشل استبداء الشفرة. + ‮عُطل: اكتُشِف مفتاح ضعيف أو محتمل الضعف. سيُغفل المفتاح. من فضلك حاول مجددا. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + ‮حدث عطل حرج و ينبغي إغلاق ڤيراكربت. لاحظ أن هذا العطل لم يسببه ڤيراكربت (لذا فإن مطوري ڤيراكربت ليس بوسعهم علاجه). افحص نظامك بحثا عن مشكلات (مثلا، إعدادات النظام، الاتصال بالشبكة، العتاد المعطل). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + ‮عُطل حرج في ڤيراكربت + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + ‮&عمِّ + ‮ّظهِّر + ‮ظهِّر &نهائيا + ‮اخرج + ‮من فضلك أنشئ سواقة منطقية لهذا القسم الممتد، وحاول مرة أخرى. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + ‮مجلدات ڤيراكربت المعماة المستضافة في نبائط يمكن إنشاؤها في أقسام الأقراص الصلبة أو شرائح ذاكرة يو إس‌بي أو أي وسيط تخزين آخر يمكن لنظامك التعامل معه. كما أن الأقسام يمكن تعميتها في موضعها. ‮ ‮إضافة إلى ذلك، فإن مجلدات ڤيراكربت المعماة المستضافة في نباشط يمكن إنشاؤها في نباشط لا تحوي أية أقسام (بما في ذلك الأقراص الصلبة). ‮ ‮ملاحظة: النبيطة التي تحوي أقساما لا يمكن تعميتها بكاملها في موضعها (باستخدام مفتاح واحد) إلا إن كانت هي السواقة المنصب فيها ويندوز و منها يقلع. + ‮مجلد ڤيراكربت المعمى المستضاف في نبيطة يمكن إنشاؤه في قسم على القرص الصلب أو شريحة ذاكرة أو أي وسيط تخزين آخر. ‮ ‮تحذير: لاحظ أن القسم\\النبيطة ستتم تهيأتها و أن كل البيانات المحفوظة عليها ستمحى. + \nn‮اختر الموضع الذي سينشأ فيه المجلد الخارجي (في داخل هذا المجلد سينشأ لاحقا المجلد المخفي). ‮ ‮المجلد الخارجي يمكن إنشاؤه في قسم قرص صلب أو شريحة ذاكرة أو أي وسيط تخزين يدعمه النظام. يمكن كذلك أن ينشأ المجلد الخارجي في نبائط لا تحوي أبة أقسام (بما في ذلك الأقراص الصلبة). ‮ ‮تحذير: لاحظ أن القسم\\النبيطة ستتم تهيأتها و أن البيانات المحفوظة فيها ستمحى. + ‮من فضلك اختر موضع مجلد ڤيراكربت الذي ترغب في إنشاء مجلد مخفي في داخله. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + ‮عُطل: تعذَّر وصل المجلد. الملف\\النبيطة المضيفة قيد الاستخدام. فشلت أيضا محاولة وصله دون نفاذ حصري. + ‮تعذَّر فتح الملف. + ‮موضع المُجلَّد + ‮الملفات الكبيرة + ‮هل تنوي حفظ ملفات حجم الواحد منها أكبر من 4 جيجابايتات في مجلد ڤيراكربت هذا؟ + ‮بناء على اختيارك أعلاه سيختار ڤيراكربت نظام ملفات مبدئيا مناسبا لمجلد ڤيراكربت (سكون بوسعك اختيار نظام الملفات الذي تريد في الخطوة اللاحقة). + ‮بما أنك تنشأ مجلدا خارجيا فعليك أن تفكر في اختيار 'لا'. إن اخترت 'نعم' فإن نظام الملفات المبدئي سيكون ‪NTFS‬ و هو ليس مناسبا للمجلدات الخارجية بقدر ‪FAT‬ (مثلا، سيكون الحجم الأقصى الممكن للمجلد المخفي أكبر بقدر ملحوظ لو كان المجلد الخارجي بنظام ‪FAT‬). عادة ما يكون ‪FAT‬ هو النظام المبدئي لكل من المجلدين الخارجي و المخفي (كما أن المجلدات بنظام ‪FAT‬ أقل إثارة للريبة). إلا أن المستخدم الذي يبدي نيته في حفظ ملفات حجم الواحد منها أكبر من 4 جيجابايتات (و هو ما لا يتيحه نظام ‪FAT‬) فإن نظام ‪FAT‬ لا يعود هو المبدئي. + ‮أمتأكد من أنك تريد اختيار 'نعم'؟ + ‮طور إنشاء المجلد + ‮هذه أسرع طريقة لإنشاء مجلد ڤيراكربت مستضاف في قسم أو في نبيطة (التعمية في الموضع، و هي الخيار الآخر، أبطأ لأن محتويات كل قطاع تنبغي أولا قراءتها ثم تعميتها ثم حفظها). كل البيانات المحفوظة حاليا في القيم\\النبيطة المختارة ستمحى. (لن تُعمى تلك البيانات، بل ستطمس ببيانات عشوائية). إن أردت تعمية بيانات موجودة في قسم فاختر الخيار الآخر. + ‮القسم المختار كله و كل البيانات المحفوظة فيه ستعمى في موضعها. إن كان القسم خاويا فمن الأفضل أن تختار الخيار الآخر (ليجري إنشاء المجلد أسرع كثيرا). + ‮ملاحظة: + ‮&عاود + ‮&أرجئ + ‮ا&بدأ + ‮&واصل + ‮ه&يّء + ‮ا&مح + ‮أأُجهض التهيئة؟ + ‮أظهر مزيدا من المعلومات + ‮لا تظهر هذا مجددا + ‮محتويات القسم\\النبيطة تم محوها بنجاح. + ‮محتوى القسم الذي حوى النظام الأصلي (الذي نسخ إلى النظام المخفي) قد تم محوه بنجاح. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + ‮تم بنجاح تظهير قسم\\سواقة النظام. + \nn‮ ‮أُنشئ مجلد ڤيراكربت و هو جاهز للاستخدام. إذا أردت إنشاء مجلد آخر انقر 'اللاحق' و إلا فانقر 'اخرج'. + \nn‮ ‮مجلد ڤيراكربت المخفي تم إنشاؤه بنجاح (سيوجد نظام التشغيل المخفي داخل هذا المجلد المخفي). ‮ ‮انقر 'اللاحق' للمواصلة. + ‮تمت تعمية المجلد بكامله + Volume Fully Decrypted + ‮هام: لوصل مجلد ڤيراكربت الجديد هذا و للنفاذ إلى البيانات المحفوظة فيه انقر 'أوصل النبائط تلقائيا' في نافذة ڤيراكربت الرئيسية. بعد إدخال كلمة السر الصحيحة (و\\أو تقديم الملفات المفاتيح) فإن المجلد سيوصل بحرف السواقة الذي تختاره من القائمة في نافذة ڤيراكربت الرئيسية (و سيكون بوسعك النفاذ إلى البيانات المعماة عبر حرف السواقة المختار). ‮ ‮تذكَّر أو اكتب الخطوات السابقة إذ أنه ينبغي اتباعها كلما أردت وصل المجلد و النفاذ إلى البيانات المحفوظة فيه. عوضا عن هذا فاختر 'اختر نبيطة' في نافذة ڤيراكربت الرئيسية ثم اختر هذا القسم\\النبيطة و انقر 'أوصل'. ‮ ‮القسم\\المجلد تمت عمي بنجاح (و هو يحوي مجلد ڤيراكربت معمى كامل الآن) و جاهز للاستخدام. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + ‮أُنشئ مجلد ڤيراكربت بنجاح. + ‮أُنشئ المجلد + ‮هام: حرّك الفأرة عشوائيا بقدر الإمكان في إطار هذه النافذة، كلما طال تحريكك لها كان ذلك أفضل؛ هذا يزيد بشدة من القوة التعموية لمفاتيح التعمية. ثم انقر 'هيء' لتنشئ المجلد. + ‮انقر 'هيّء' لتنشئ المجلد الخارجي. لمزيد من المعلومات ارجع للوثائق. + ‮تهيئة المجلد الخارجي + ‮تهيئة المجلد المخفي + ‮تهيئة المجلد + ‮تحتاج لقارئ أدوبي (أو أداة متوافقة) لطبع دليل مستخدم ڤيراكربت. يمكن تنزيل قارئ أدوبي (برمجية مجانية) من: ‪www.adobe.com‬ ‮ ‮أتريد عرض التوثيق على الوب بدلا من هذا؟ + ‮إن اخترت هذا فسيساعدك المرشد أولا على إنشاء مجلد ڤيراكربت عادي ثم مجلدا مخفيا داخله. ينبغي للمستخدمين غير ذوي الخبرة اختيار هذا الخيار دوما. + ‮إن اخترت هذا فستنشئ مجلدا مخفيا داخل مجلد ڤيراكربت قائم. سيفترض أنك قد أنشأت بالفعل مجلدا مناسبا لاستضافة المجلد المخفي. + ‮طور إنشاء مجلد + ‮أُنشئ المجلد المخفي + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + ‮لقد شغلت نظام التشغيل المخفي. و ربما لاحظت فإن نظام التشغيل المخفي يظهر كأنه منصب في ذات القسم المنصب فيه نظام التشغيل الأصلي. لكن الحقيقة هي أنه منصب في القسم الذي يليه (في المجلد المخفي). كل عمليات القراءة و الكتابة يجري تحويلها بشفافية من قسم نظام التشغيل الأصلي إلى المجلد المخفي. ‮ ‮لن يدرك كل من نظام التشغيل و لا التطبيقات أن البيانات المقروءة و المكتوبة في قسم النظام تكتب و تقرأ من القسم الذي يليه (من و إلى مجلد مخفي). كل تلك البيانات تُعمَّى و تُظهَّر لحظيا كالمعتاد (بمفتاح تعمية غير الذي يستخدم لنظام التشغيل التمويه). ‮ ‮انقر 'اللاحق' للمواصلة. + ‮المجاد الخارجي تم إنشاؤه و وصله بحرف السواقة ‪%hc‬:‬، و ينبغي لك أن تنسخ إليه بعض الملفات التي تبدو هامة لكنك حقيقة لا تهتم لإخفاءها، ليعثر عليها من يرغمك على الإفصاح عن كلمة سر القسم الأول الذي يلي قسم النظام، و الذي سيوجد فيه كلا من المجلد الخارجي و المجلد المخفي (الذي يحوي نظام التشغيل المخفي). يمكنك عندها أن تفصح عن كلمة السر لهذا المجلد الخارجي و سيظل وجود المجلد المخفي (و نظام التشغيل المخفي) سرا. ‮ ‮هام: الملفات التس تنسخها إلى المجلد الخارجي ينبغي ألا تشغل ما يزيد على ‪%s‬. و إلا فإنه قد لا تبقى مساحة شاغرة كافية في المجلد الخارجي لإنشاء المجلد المخفي (و لن تمكن المواصلة). بعد أن تنهي النسخ انقر 'اللاحق' (لا تفصل المجلد). + ‮لقد أنشئ المجلد الخارجي بنجاح و أوصل معرفا بالحرف ‪%hc‬:. يجب عليك الآن أن تنسخ إلى هذا المجلد بعض الملفات التي تبدو كأنها حساسة لكنك في الحقيقة لا تهتم بإخفائها. سيجد هذه الملفات من يجبرك على الإفصاح عن كلمة سرّك حيث يجب عليك عندئذ الإفصاح عن كلمة السر لهذا المجلد الخارجي و ليس المخفي. الملفات التي تهمك سريتها حقا ستظل محفوظة في المجلد المخفي الذي سيُنشأ لاحقًا. عندما تنتهي من نسخ الملفات، انقر 'اللاحق'. لا تفصل المجلد. ‮ ‮ملاحظة: بعد أن تنقر 'اللاحق' سيجري فحص خارطة عناقيد المجلد الخارجي لتحديد المساحة الشاغرة المتصلة التي تتماس نهايتها مع نهاية المجلد الخارجي. ستحوي هذه المساحة المجلد المخفي و ستحدد أقصى حجم ممكن له. يضمن فحص خارطة العناقيد أن لا يطمس المجلد المخفي أيا من البيانات على المجلد الخارجي لتبقى بنيته سليمة. + ‮محتويات المجلد الخارجي + \nn‮ ‮في الخطوات التالية ستضبط خيارات المجلد الخارجي (الذي سيُنشأ داخله المجلد المخفي لاحقًا) + \nn‮ ‮في الخطوات التالية ستنشئ ما يسمى مجلد ڤيراكربت خارجي في أول قسم يلي قسم النظام (كما شُرح في واحدة من الخطوات السابقة). + ‮المجلد الخارجي + \nn‮ ‮في الخطوات التالية ستضبط خيارات و كلمة سر المجلد المخفي الذي سيحوي نظام التشغيل المخفي. ‮ ‮ملاحظة: خريطة عناقيد المجلد الخارجي تم مسحها لإيجاد حجم المساحة المتصلة الشاغرة التي تتماس نهايتها مع نهاية المجلد الخارجي. ستضم هذه المساحة المجلد المخفي لذا فهي ما يحدد حجمه الأقصى الممكن. الحجم الأقصى الممكن للمجلد المخفي تم إيجاده و توكيد أنه أكبر من حجم قسم النظام (و هو ضروري لأن محتويات قسم النظام كلها ستنسخ إلى المجلج المخفي). يضمن هذا ألا تطمس أبة بيانات مخزنة حاليا في المجلد الخارجي ببيانات من منطقة المجلد المخفي. + ‮هام: رجاء تذكَّر الخوارزميات التي تختارها في هذه الخطوة. سكون عليك أن تختار الخوارزميات ذاتها لنظلم التمويه، و إلا فإن النظام المخفي لن يمكن النفاذ إليه! (نظام التمويه تجب تعميته بخوارزمية التعمية ذاتها المعمى بها النظام المخفي) ‮ ‮ملاحظة: السبب هو أن نظام التمويه و النظام المخفي سيتشاركان في مُحمِّل إقلاع واحد و هو الذي لا يدعم سوى خوارزمية واحدة يختارها المستخدم (لكل خوارزمية توجد إصدارة خاصة من محمّل إقلاع ڤيراكربت). + \nn‮ ‮تم فحص خارطة عناقيد المجلد و حُددت أقصى مساحة للمجلد المخفي. في الخطوات التالية ستضبط الخيارات و المساحة و كلمة سر المجلد المخفي. + ‮المجلد المخفي + ‮المجلد المخفي محمي الآن من التلف حتى يتم فصل المجلد الخارجي. ‮ ‮تنبيه: إذا جرت محاولة كتابة أي بيانات في منطقة المجلد المخفي فإن ڤيراكربت سيشرع في حماية المجلد كله من الكتابة (بكلا جزئيه الخارجي و المخفي) حتى يتم الفصل. قد يسبب هذا تلف نظام ملفات المجلد الخارجي، و هذا إن تكرر قد يؤثر سلبا على حجية إنكار المجلد المخفي. لذا يجب أن تبذل ما في وسعك لتجنب الكتابة في منطقة المجلد المخفي. أي بيانات يجري حفظها في منطقة المجلد المخفي لن يتم حفظها و ستضيع. قد يبلغ ويندوز عن هذا كعطل كتابة ("فشلت الكتابة المرجأة" أو "المعامل غير صحيح"). + ‮المجلدات المخفية داخل كل المجلدات الموصولة مؤخرا محمية الآن من التلف حتى يتم فصلها. ‮ ‮تنبيه: إذا جرت محاولة كتابة أي بيانات في منطقة أي من المجلدات المخفية داخل تلك المجلدات فإن ڤيراكربت سيشرع في حماية المجلد كله من الكتابة (بكلا جزئيه الخارجي و المخفي) حتى يتم الفصل. قد يسبب هذا تلف نظام ملفات المجلد الخارجي، و هذا إن تكرر قد يؤثر سلبا على حجية إنكار المجلد المخفي. لذا يجب أن تبذل ما في وسعك لتجنب الكتابة في منطقة المجلد المخفي. أي بيانات يجري حفظها في منطقة مجلد مخفي لن يتم حفظها و ستضيع. قد يبلغ ويندوز عن هذا كعطل كتابة ("فشلت الكتابة المُرجأة" أو "المعامل غير صحيح"). + ‮تنبيه: جرت محاولة كتابة بيانات في منطقة المجلد المخفي داخل المجلد الموصول بالحرف ‪%c‬! لقد حال ڤيراكربت دون حفظ تلك البيانات للحفاظ على المجلد المخفي. قد يكون هذا قد تسبب في تلف نظام الملفات في المجلد الخارجي و قد يكون ويندوز قد أبلغ عن عطل كتابة (فشلت الكتابة المرجأة" أو "المعامل غير صحيح"). المجلد كله (بجزئيه الخارجي و المخفي) ستتم حمايته حتى فصله. إن لم تكن هذه هي المرة الأولى التي يحول ڤيراكربت فيها دون كتابة بيانات في منطقة المجلد المخفي داخل هذا المجلد فإن حجية إنكار وجود المجلد المخفي قد تتأثر سلبا بشدة (بسبب أعطال مترابطة غير عادية في نظام ملفات المجلد الخارجي). لذا ينبغي لك أن تأخذ في الاعتبار إنشاء مجلد ڤيراكربت جديد (مع تعطيل التهيئة السريعة) و نقل الملفات من هذا المجلد إليه؛ كما ينبغي محو هذا المجلد محوا آمنا (بكلا جزئيه الخارجي و المخفي). ننصح بشدة أن تعيد بدء نظام التشغيل الآن. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS/exFAT, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS/exFAT. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS/exFAT volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + ‮لدواعي الأمان فإنه عندما يكون نظام التشغيل المخفي عاملا فإن نظم الملفات المحلية غير المعماة و مجلدات ڤيراكربت غير المخفية توصل للقراءة فقط. (لا يمكن كتابة أية بيانات فيها). ‮ ‮لا تمكن الكتابة إلا في نظم الملفات المحتواة في مجلدات ڤيراكربت مخفية (طالما لم يكن المجلد المخفي محتوى في حاوية محفوظة في نظام ملفات غير معمّى أو أي نظام ملفات آخر للقراءة فقط). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + ‮ملاحظة: إن أردت نقل ملفات بأمان من نظام التشغيل التمويهي إلى النظام المخفي فاتبع هذه الخطوات: ‮1) أقلع النظام التمويه. ‮2) احفظ المفات في مجلد غير معمى أو مجلد ڤيراكربت خارجي\\عادي. ‮3) أقلع النظام المخفي. ‮4) إن كنت حفظت الملفات في مجلد ڤيراكربت فأوصله (و سيوصل للقراءة فقط). ‮5) انسخ الملفات إلى قسم النظام المخفي أو إلى مجلد مخفي غيره. + ‮تنبغي إعادة بدء حاسوبك. ‮ ‮أتود فعل ذلك الآن؟ + ‮طرأ عطل أثناء جلب حالة تعمية النظام. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + ‮تعذّر استبداء مكونات التطبيق لتعمية النظام. + ‮فشل استبداء مُولِّد الأرقام العشوائيّة! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + ‮تعذَّر استبداء التطبيق. فشل تسجيل فئة الحوار. + ‮عطل: تعذَّر تحميل مكتبة التحرير الغني. + ‮مرشِد ڤيراكربت لإنشاء المجلدات + ‮أقصى حجم للمجلد المخفي لهذا المجلد هو ‪%.2f‬ بايت. + ‮أقصى حجم للمجلد المخفي لهذا المجلد هو ‪%.2f‬ كيلوبايت. + ‮أقصى حجم للمجلد المخفي لهذا المجلد هو ‪%.2f‬ م.بايت. + ‮أقصى حجم للمجلد المخفي في هذا المجلد هو ‪%.2f‬ جيجابايت. + ‮‮أقصى حجم للمجلد المخفي في هذا المجلد هو ‪%.2f‬ تيرابايت. + ‮لا يمكن تغيير كلمة سر أو الملفات المفتاح للمجلد و هو موصول. افصل المجلد أولًا. + ‮لا يمكن تغيير خوارزمية اشتقاق مفتاح ترويسة المجلد و هو موصول. افصل المجلد أولًا. + ‮&أوصل + ‮مطلوب إصدارة أحدث من ڤيراكربت لوصل هذا المجلد. + ‮عُطل: تعذَّر إيجاد مساعد إنشاء المجلدات. ‮ ‮من فضلك تحقق من وجود الملف '‪VeraCrypt Format.exe‬' في ذات دليل الذي شُغَّل منه ‪VeraCrypt.exe‬. إن لم يكن موجودا فأعد تنصيب ڤيراكربت أو ابحث عن '‪VeraCrypt Format.exe‬' في ملفاتك و شغله. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + ‮ال&لاحق> + ‮ا&نهِ + ‮&نصِّب + ‮است&خرج + ‮تعذّر الاتصال بمشغل ڤيراكربت. لا يستطيع ڤيراكربت العمل إن لم يكن المشغل عاملا. ‮ ‮رجاءً لاحظ أنه بسبب مشكلات في ويندوز فقد يلزم أن تخرج من حسابك أو تعيد تشغيل النظام ليمكن تحميل المشغّل. + ‮حدث عُطل أثناء تحميل/إعداد الخطوط. + ‮حرف السواقة لم يعثر عليه أو لم يُعيَّن حرف سواقة. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + ‮حرف السواقة غير متاح. + ‮لم تختر ملفا! + ‮لا توجد أية أحرف سواقات متاحة. + ‮لا يوجد حرف سواقة شاغر للمجلد الخارجي! لا يمكن مواصلة إنشاء المجلد. + ‮تعذَّر تحديد إصدارة نظام تشغيلك أو أنك تستخدم نظام تشغيل غير مدعوم. + ‮لم تختر مسارا! + ‮لا توجد مساحة شاغرة كافية للمجلد المخفي! لا يمكن متابعة إنشاء المجلد. + ‮عطل: الملفات التي نسختها إلى المجلد الخارجي تشغل حيزا أكبر من اللازم، لذا لا توجد مساحة شاغرة كافية فيه للمجلد المخفي. ‮ ‮لاحظ أن المجلد المخفي ينبغي أن يكون بحجم قسم النظام (القسم المنصب فيه نظام التشغيل العامل حاليا). السبب هو أن نظام التشغيل المخفي سينشأ بنسخ محتوى قسم النظام إلى المجلد المخفي. ‮ ‮لا يمكن مواصلة صيرورة إنشاء نظام التشغيل المخفي. + ‮لا يستطيع المشغل فصل المجلد. يحتمل أن تكون بعض الملفات الموجودة على المجلد لا تزال مفتوحة. + ‮تعذَّر قفل المجلد. ما زالت بعض الملفات على المجلد مفتوحة. لذا لا يمكن فصله. + ‮تعذَّر على ڤيراكربت قفل المجلد لأنه قيد الاستخدام بواسطة النظام أو تطبيقات (ربما توجد ملفات مفتوحة على المجلد). ‮ ‮أتريد إجبار فصل المجلد؟ + ‮اختر مجلد ڤيراكربت + ‮عيِّن المسار و اسم الملف + ‮اختر مكتبة ‪PKCS #11‬ + ‮نفذت الذّاكرة + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + ‮تحذير: الملف '‪%s‬' موجود بالفعل! ‮ ‮هام: لن يعمي ڤيراكربت الملف بل سيحذفه. أمتأكد أنك تريد حذف الملف و استبداله بحاوية ڤيراكربت جديدة؟ + ‮تنبيه: كل الملفات المخزنة حاليا على ‪%s‬ '‪%s‬'‪%s‬ المختار ستحذف و تضيع محتوياتها (لن تتم تعميتها)! ‮ ‮أمتأكد أنك تريد مواصلة التهيئة؟ + ‮تحذير: لن يكون بوسعك وصل المجلد أو النفاذ إلى الملفات المحفوظة فيه حتى تتم تعميته بكامله. ‮ ‮أمتأكد أنك تريد البدء بتعمية ‪%s‬ المختار '‪%s‬'‪%s‬؟ + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + ‮تحذير: لاحظ أنه إن انقطعت الطاقة فجأة أثناء تعمية البيانات في موضعها، أو إن انهار نظام التشغيل بسبب علات في البرمجيات أو قصور العتاد أثناء إجراء ڤيراكربت لتعمية البيانات في موضعها فإن بعضا من البيانات ستتلف أو تضيع. لذا فقبل أن تشرع في التعمية تثَبَّت من أن لديك نسخة احتياطية من الملفات التي تريد تعميتها. ‮ ‮هل لديك نسخة احتياطية؟ + ‮تحذير: كل الملفات المخزنة في القسم '‪%s‬'‪%s‬ (أول قسم يلي قسم النظام) ستمحى و تفقد (لن تعمّى)! ‮ ‮أمتأكد أنك تريد الشروع في التهيئة؟ + ‮تحذير: القسم المختار يحوي قدرا كبيرا من البيانات! كل الملفات المخزنة في القسم ستمحى و تفقد (لن تعمى)! + ‮امح أية ملفات مخزنة في القسم بإنشاء مجلد ڤيراكربت فيه + ‮كلمة السّر + PIM + ضبط خوارزمية اشتقاق مفتاح الترويسة + ‮أضف/احذف الملفات المفاتيح من/إلى المجلد + ‮احذف كل الملفات المفاتيح من المجلد + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + ‮هام: إذا لم تدمر قرص إنقاذ ڤيراكربت فإنه يمكن تظهير قسم\\نبيطة النظام باستخدام كلمة السر العتيقة (بإقلاع قرص إنقاذ ڤيراكربت و إدخال كلمة السر العتيقة). لذا ينبغي إنشاء قرص إنقاذ ڤيراكربت حديث ثم إتلاف العتيق. ‮ ‮أتريد إنشاء قرص ڤيراكربت حديث؟ + ‮لاحظ أن قرص ڤيراكربت لازال يستخدم الخوارزمية السابقة. إن كنت تعد الخوارزمية السابقة غير آمنة فينبغي لك أن تنشئ قرص إنقاذ ڤيراكربت جديد ثم تدمر العتيق. ‮ ‮أتريد إنشاء قرص إنقاذ ڤيراكربت جديد؟ + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + ‮أضيفت/أزيلت الملفات المفاتيح بنجاح. + ‮تم تصدير الملف المفتاح. + ‮تم ضبط خوارزمية اشتقاق مفتاح الترويسة بنجاح. + ‮أدخل كلمة السر و\\أو ملفات المفاتيح للمجلد الذي لغير نظام التشغيل الذي تريد معاودة صيرورة تعميته في موضعه. ‮ ‮ملاحظة: بعد أن تنقر 'اللاحق' فإن ڤيراكربت سيحاول إيجاد المجلدات التي لغير النظام التي قوطعت صيرورة تعميتها و التي يمكن تظهير ترويستها باستخدام كلمة السر و\\أو الملفات المفاتيح المعطاة. إن وجد أكثر من مجلد بهذه الصفة فسيكون عليك أن تختار أحدها في الخطوة التالية. + ‮أدخل أحد المجلدات المدرجة. تحوي القائمة كل مجلدات غير النظام التي يمكن النفاذ إليها و التي قوطعت صيرورة تعميتها و التي أمكن تظهير ترويستها باستخدام كلمة السر و\\أو الملفات المفاتيح المعطاة. + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + ‮من المهم أن تضع كلمة سر جيدة. تجنب وضع كلمة سر تحوي كلمات من المعجم (أو توافيق من كلمتين أو ثلاثة أو أربعة)، كما أنها ينبغي ألا تحوي أية أسماء أو تواريخ ميلاد؛ فيجب ألا يَسهُل تخمينها. كلمة السر الجيدة تتألف من توفيقة عشوائية من الأحرف و الأرقام و المحارف الخاصة، مثل @ ^ = $ * + إلخ. نوصي بوضع كلمة سر تتألف من أكثر من 20 خانة (كلما طالت كان أفضل). الطول الأقصى المسموح به هو 64 خانة. + ‮اختر كلمة سر للمجلد المخفي. + ‮ضع كلمة سر لنظام التشغيل المخفي (أي للمجلد المخفي). + ‮هام: كلمة السر التي تضعها لنظام التشغيل المخفي في هذه الخطوة يجب أن تختلف كليا عن كلمتي السر الأخريين (أي عن كلمة سر المجلد الخارجي، و عن كلمة سر نظام التشغيل التمويهي). + ‮أدخل كلمة سر المجلد الذى تريد أن تنشئ المجلد المخفي داخله. ‮ ‮بعد أن تنقر 'اللاحق'، سيحاول ڤيراكربت وصل المجلد. بمجرد وصل المجلد فإن خارطة بتات عناقيده ستفحص لتحديد حجم المساحة المتصلة الشاغرة (إن وُجدت) التي تتماس نهايتها مع نهاية المجلد. ستحوي هذه المساحة المجلد المخفي، لذا ستحدد حجمه الأقصى الممكن. فحص خارطة بتات العناقيد ضروري لضمان أن البيانات في المجلد الخارجي لن يطمسها المجلد المخفي. + \nn‮ضع كلمة سر للمجلد الخارجي. هذه هي كلمة السر التي سيكون بوسعك الإفصاح عنها إن اضطررت أو أجبرت. ‮ ‮هام: كلمة السر هذه يجب أن تختلف كليا عن التي تضعها للمجلد المخفي. ‮ ‮ملاحظة: الطول الأقصى لكلمة السر هو 64 خانة. + ‮ضع كلمة سر للمجلد الخارجي. هذه هي كلمة السر التي يمكنك كشفها لمن يجبرك على الإفصاح عن كلمة سر أول قسم يلي قسم النظام و الذي سيكون فيه كل من المجلدين الخارجي و المخفي (الذي يحوي نظام التخزين المخفي)، و سيظل وجود المجلد المخفي (و نظام التشغيل المخفي بداخله) سرا. لاحظ أن كلمة السر هذه ليست لنظام التشغيل التمويهي. ‮ ‮هام: يجب أن تختلف كلمة السر هذه كليا عن التي ستضعها للمجلد المخفي (أي التي لنظام التشغيل المخفي). + ‮كلمة سر المجلد الخارجي + ‮كلمة سر المجلد المخفي + ‮كلمة سر نظام التشغيل المخفي + ‮تحذير: كلمات السر القصيرة يسهل كسرها باستخدام تقنيات القوة الغاشمة! ‮ ‮ننصح بوضع كلمة سر أطول من ‪20‬ خانة. أمتأكد من رغبتك في استخدام كلمة سر قصيرة؟ + ‮كلمة سر المجلد + ‮كلمة سر غير صحيحة أو ليس مجلد ڤيراكربت. + ‮ملفات مفتاح و/أو كلمة سر غير صحيحة أو ليس مجلد ڤيراكربت. + ‮طور وصل غير صحيح، أو كلمة سر غير صحيحة أو ليس مجلد ڤيراكربت. + ‮طور وصل غير صحيح، أو ملف مفتاح غير صحيحة و/أو كلمة سر غير صحيحة، أو ليس مجلد ڤيراكربت. + ‮كلمة سر غير صحيحة أو لا يوجد مجلد ڤيراكربت. + ‮ملفات مفتاح/كلمة سر غير صحيحة أو لا يوجد مجلد ڤيراكربت. + \nn‮ ‮تنبيه: مفتاح ‪Caps Lock‬ مفعَّل. قد يُسبب هذا أن تُدخلَ كلمة السر على نحو غير صحيح. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + ‮لم يجد ڤيراكربت أي مجلدات لغير النظام و قد قوطعت تعميتها و أمكن تظهير ترويستها باستخدام كلمة السر و\\أو الملفات المفاتح المعطاة. ‮ ‮تحقق من أن كلمة السر و\\أو ملفات المفاتيح صحيحة و أن القسم\\المجلد ليس قيد الاستخدام من قبل النظام أو تطبيقات (بما في ذلك مضادات الفيروسات). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \nn‮ ‮ملاحظة: إن كنت تحاول وصل مجلد موضوع في سواقة نظام معماة دون استيثاق ما قبل الإقلاع، أو إن كنت تحاول وصل قسم النظام المعمى لنظام تشغيل غير عامل فيمكنك فعل ذلك باختيار 'نظام' > 'أوصل دون استيثاق ما قبل الإقلاع'. + ‮في هذا الطور لا يمكن وصل قسم من سواقة يكون أي جزء منها قيد تعمية النظام. ‮ ‮قبل أن يمكن وصل هذا القسم في هذا الطور ينبغي أن تقلع نظام تشغيل مُنَصَّب على سواقة أخرى (معماة أو غير معماة) أو إقلاع نظام تشغيل غير معمى. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + ‮< السا&بق + ‮تعذَّر سرد النبائط الخام المنصّبة على نظامك. + ‮المجلد '‪%s‬' موجود و مسموح فقط بالقراءة منه. أمتأكد أنك ترغب في استبداله؟ + ‮اختر الدليل الوجهة + ‮اختر الملف المفتاح + ‮اختر مسار البحث عن الملفات المفتاح. تنبيه: لاحظ المسار و حسب هو ما سيُحفظ و ليس أسماء الملفات. + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + ‮صممها رُس أندرسُن و إلي بيهام و لارس نودسٍن، و نشرت في ‪1998‬. مفتاح بطول ‪256‬ بتة؛ كتلة ‪128‬ بتة؛ تعمل في طور ‪XTS‬. كان ‪Serpent‬ أحد الواصلين لنهائيات ‪AES‬. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an exFAT volume is 424 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + ‮حجمُ المُجلَّدِ الخارجيِّ + ‮حجمُ المُجلَّدِ المخفيِّ + ‮تحقق من صحة النبيطة\\القسم المذكور أعلاه و انقر 'اللاحق'. + ‮المجلد الخارجي و المجلد المخفي (الذي يحوي نظام التشغيل المخفي) سيحتويان في القسم المعين بالأعلى، و ينبغي أن يكون هو أول قسم تال لقسم النظام. ‮ ‮تحقق أن حجم المجلد و رقمه المعيَّن أعلاه صحيحان، و إن كانا كذلك انقر 'اللاحق'. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + ‮حَجْمُ المُجلَّدِ + ‮ديناميّ + ‮تنبيه: فشل الاختبار الذاتي. + ‮نجحت الاختبارات الذاتية لكل الخوارزميات + ‮رقم وحدة البيانات التي أدخلته أطول أو أقصر من اللازم. + ‮المفتاح الثانوي الذي أدخلته أطول أو أقصر من اللازم. + ‮النص المُعمّى الاختباريّ الذي أدخلته إما طويل جدا أو قصير جدا. + ‮المفتاح الاختباري الذي عيَّنته إما طويل جدا أو قصير جدًا. + ‮النص الصريح الاختباريّ الذي أدخلته إما طويل جدا أو قصير جدًا. + ‮شفرتان تعملان بالتتابع في طور ‪XST‬. كل كتلة تعمى أولا باستخدام ‪%s‬ (مفتاح ‪%d‬ بتة) ثم باستخدام ‪%s‬ (مفتاح ‪%d‬ بتة). لكل شفرة مفتاحها الخاص، و كلا المفتاحين مستقل عن الآخر. + ‮ثلاث شفرات تعمل بالتتابع في طور ‪XST‬. كل كتلة تعمى أولا باستخدام ‪%s‬ (مفتاح ‪%d‬ بتة) ثم باستخدام ‪%s‬ (مفتاح ‪%d‬ بتة) و أخيرا باستخدام ‪%s‬ (مفتاح ‪%d‬ بتة). لكل شفرة مفتاحها الخاص، و كل مفتاح مستقل عن غيره. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + ‮قرص ڤيراكربت الجوال + ‮صممها بروس شنايَر و جون كِلسِي و دوجلاس وَيتِنج و ديفيد فاجْنَر و كريستوفر هُول و نيلز فِرجِسُن، و نشرت في ‪1998‬. مفتاح بطول ‪256‬ بتة؛ كتلة ‪128‬ بتة؛ تعمل في طور ‪XTS‬. كان ‪Twofish‬ أحد الواصلين لنهائيات ‪AES‬. + المزيد من المعلومات عن %s + ‮غير معلوم + An unspecified or unknown error occurred (%d). + ‮تحوي بعض المجلدات ملفات أو أدلة تستخدمها التطبيقات أو النظام. ‮ ‮أأجبر الفصل؟ + ‮ا&فصل + ‮فشل الفصل! + ‮يحوي المجلد ملفات أو أدلة تستخدمها التطبيقات أو النظام. ‮ ‮أأجبر الفصل؟ + No volume is mounted to the specified drive letter. + ‮المجلد الذي تحاول وصله موصول بالفعل. + ‮طرأ عطل أثناء محاولة وصل المجلد. + ‮خطأ عند البحث عن موضع في المجلد. + ‮عُطل: حجم المجلد غير صحيح. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + ‮لا يستطيع ڤيراكربت تغيير كلمة سر مجلد غريب. + ‮اختر من القائمة حرف نبيطة غير مُستخدم. + ‮اختر من قائمة أحرف السواقات مجلدا موصولا. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + ‮عُطل: تعذَّر إنشاء ‪autorun.inf‬ + ‮عُطل أثناء معالجة الملف المفتاح! + ‮عُطل أثناء معالجة مسار الملف المفتاح! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + ‮لا يدعم ڤيراكربت نظام التشغيل هذا. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + ‮عُطل: تعذَّر تحصيص الذاكرة. + ‮عُطل: تعذَّر جلب قيمة عداد الأداء. + ‮عطل: هيئة مجلد غير صحيحة. + ‮عطل: أدخلت كلمة سر تخص مجلدا مخفيا (و ليس مجلدا عاديا). + ‮لدواعي الأمان لا يمكن إنشاء مجلد مخفي في مجلد ڤيراكربت يحوي نظام ملفات جرت تعميته في موضعه (لأن المساحة الشاغرة في المجلد لم تطمس ببيانات عشوائية). + ‮ڤيراكربت - تنويهات قانونية + ‮كل الملفات + ‮مجلدات ڤيراكربت + ‮وحدات المكتبات + ‮تعذَّر إتمام تهيئة ‪NTFS‬. + ‮تعذَّر وصل المجلد. + ‮تعذَّر فصل المجلد. + ‮فشل ويندوز في تهيئة المجلد بنظام ‪NTFS‬. ‮ ‮اختر نظام ملفات مختلف (إن أمكن) وحاول مجددا. أو يمكنك ترك المجلد دون تهيئة (اختر نوع نظام الملفات 'لا شيء') واخرج من هذا المرشد ثم أوصل المجلد واستخدم أداة النظام أو أداة أخرى لتهيئة المجلد الموصول (سيبقى المجلد معمّى). + ‮فشل ويندوز في تهيئة المجلد في هيئة ‪NTFS‬. ‮ ‮أتريد تهيئة المجلد على هيئة ‪FAT‬ بدلا من هذا؟ + ‮المبدئيّ + ‮قسم + ‮قسم + ‮النبيطة + ‮نبيطة + ‮نبيطة + المجلد + ‮مجلد + ‮مجلد + Label + ‮حجم العنقود المختار صغير جدًا على حجم هذا المجلد. سيُستخدم بدلًا منه حجم عنقود أكبر. + ‮عُطل: تعذَّر إيجاد حجم المجلد! ‮ ‮تحقق من أن المجلد المنتقى لا يستخدمه النظام أو تطبيق ما. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + ‮لا يمكن لمرشد إنشاء مجلد ڤيراكربت أن ينشئ مجلدا مخفيا سوى داخل مجلدات ‪FAT‬ أو ‪NTFS‬. + ‮في ويندوز ‪2000‬ لا يمكن لمرشد إنشاء مجلد ڤيراكربت أن ينشئ مجلدا مخفيا سوى داخل مجلدات ‪FAT‬. + ‮ملاحظة: نظام الملفات ‪FAT‬ أكثر ملائمة للمجلدات الخارجية من نظام ملفات ‪NTFS‬ (مثلا، الحجم الأقصى الممكن للمجلد المخفي كان سيزيد بقدر ملحوظ لو كان المجلد الخارجي مهيئا بنظام ‪FAT‬). + ‮لاحظ أن نظام الملفات ‪FAT‬ أنسب للمجلدات الخارجية من نظام الملفات ‪NTFS‬. مثلا الحجم الأقصى الممكن للمجلد المخفي كان من الأرجح أنه سيزيد بقدر ملحوظ لو كان المجلد الخارجي مهيئا بنظام ‪FAT‬ (السبب هو أن نظام الملفات ‪NTFS‬ يحفظ دوما بياناته الداخلية في منتصف المجلد لذا لا يمكن للمجلد المخفي أن يشغل سوى النصف الثاني من المجلد الخارجي). ‮ ‮أمتأكد أنك تريد تهيئة المجلد الخارجي بنظام ‪NTFS‬؟ + ‮أتريد تهيئة المجلد بنظام ‪FAT‬ إذن؟ + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + ‮عطل: قسم نظام التشغيل المخفي (أول قسم يلي قسم النظام) يجب أن يكون أكبر من قسم النظام بما لا يقل عن ‪5%‬ (قسم النظام هو المنصب فيه حاليا نظام التشغيل). + ‮عطل: قسم نظام التشغيل المخفي (أول قسم يلي قسم نظام التشغيل) يجب أن يكون أكبر بما لا يقل عن ‪110%‬ (‪2.1‬ مرة) من قسم النظام (القسم المُنصَّب فيه نظام التشغيل العامل حاليا). السبب هو أن نظام الملفات ‪NTFS‬ دوما يحفظ بياناته الداخلية في منتصف المجلد لذا لا يمكن أن يشغل المجلد المخفي (الذي سيحوي نسخة من محتوى قسم النظام) سوى النصف الثاني من القسم. + ‮عطل: إن كان المجلد الخارجي مهيئا بنظام ‪NTFS‬ فينبغي أن يكون أكبر بما لا يقل عن ‪110%‬ (‪2.1‬ مرة). السبب هو أن نظام الملفات ‪NTFS‬ دوما يحفظ بياناته الداخلية في منتصف المجلد لذا لا يمكن أن يشغل المجلد المخفي (الذي سيحوي نسخة من محتوى قسم النظام) سوى النصف الثاني من المجلد الخارجي. ‮ ‮ملاحظة: المجلد الخارجي ينبغي أن يوجد في القسم ذاته الذي يوجد فيه نظام التشغيل المخفي (أول قسم يلي قسم النظام). + ‮عطل: لا يوجد قسم يلي قسم النظام. ‮ ‮لاحظ أنه قبل أن يمكن إنشاء نظام تشغيل مخفي فإنه ينبغي إنشاء قسم له على سواقة النظام، و أنه ينبغي أن يكون القسم الأول التالي لقسم النظام و ينبغي أن يكون أكبر منه بما لا يقل عن ‪5%‬ (قسم النظام هو القسم المنصب فيه نظام التشغيل العامل حاليا). لكن إن كان المجلد الخارجي (لا تخلط بينه و قسم النظام) مهيئا بنظام ‪NTFS‬ فإن قسم نظام التشغيل المخفي يجب أن يكون أكبر بما لا يقل عن ‪110%‬ (‪2.1‬ مرة) من قسم النظام (السبب هو أن نظام الملفات ‪NTFS‬ دوما يخزن بياناته الداخلية في منتصف المجلد لذا لا يمكن للمجلد المخفي الذي سيحوي نسخة من قسم النظام أن يشغل سوى النصف الثاني من القسم). + ‮ملاحظة: ليس من العملي (لذا هو غير مدعوم) تنصيب نظامي تشغيل في مجلدي ڤيراكربت محتوَيان في قسم واحد لأن استخدام نظام التشغيل الخارجي سيتطلب غالبا كتابة بيانات في منطقة نظام التشغيل المخفي (و إن حدث و مَنعت هذه العملياتُ وظيفةَ حماية نظام التشغيل المخفي فإنها ستتسبب في انهيار النظام). + ‮لمعلومات عن كيفية إنشاء و إدارة الأقسام ارجع إلى الوثائق المرفقة بنظام التشغيل أو اتصل بفني صيانة الحواسيب الذي تتعامل معه أو ابحث في الشروح و الأدلة على الوب أو استعن بصديق ذي خبرة. + ‮عطل: نظام التشغيل العامل حاليا ليس مُنَصَّبا في قسم الإقلاع (القسم النشط الأول)؛ و هذا غير مدعوم. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + ‮عُطل: تعذَّر النفاذ إلى للمجلد! ‮ ‮تحقق من أن المجلد المختار موجود، و أنه ليس موصولا أو يستخدمه النظام أو تطبيق ما، وأنك تملك صلاحيات القراءة\\الكتابة للمجلد، وأنه ليس محميا من الكتابة. + Error: Cannot obtain volume properties. + ‮عطل: تعذَّر النفاذ إلى المجلد و\\أو إيجاد معلومات عنه. ‮ ‮تحقق من وجود المجلد المختار، و أنه ليس قيد الاستخدام بواسطة النزام أو تطبيقات، و أن لديك صلاحية القراءة\\الكتابة فيه، و أنه ليس محميا من الكتابة. + ‮عطل: تعذَّر النفاذ إلى المجلد و\\أو إيجاد معلومات عنه. ‮ ‮تحقق من وجود المجلد المختار، و أنه ليس قيد الاستخدام بواسطة النزام أو تطبيقات، و أن لديك صلاحية القراءة\\الكتابة فيه، و أنه ليس محميا من الكتابة. ‮ ‮إن لم تنحل المشكلة فقد يفيد اتباع الخطوات التالية. + ‮منع عطلٌ تروركبت من تعمية القسم. حاول إصلاح الأعطال المقررة مسبقا ثم حاول مجدا. إن تكررت المشكلة يفيد اتِّباع الخطوات التالية. + ‮منع عطلُ ڤيراكربت من معاودة صيرورة تعمية القسم. ‮ ‮حاول إصلاح المشكلات المقررة مسبقا ثم حاول مجددا معاودة الصيرورة. لاحظ أن المجلد لا يمكن وصله حتى تمام تعميته. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + ‮عُطل: تعذَّر فصل المجلد الخارجي! ‮ ‮لا يمكن فصل المجلد إذا حوى ملفات أو أدلة يستخدمها تطبيق أو النظام. ‮ ‮أغلق كل البرمجيات التي قد تكون مستخدمة ملفات أو أدلة على المجلد ثم انقر 'حاول مجددا'. + ‮عطل: تعذّر جلب معلومات عن المجلد الخارجي! لا تمكن مواصلة إنشاء المجلد. + ‮عُطل: تعذَّر النفاذ للمجلد الخارجي! لا يمكن متابعة إنشاء المجلد. + ‮عُطل: تعذَّر وصل المجلد الخارجي! لا يمكن متابعة إنشاء المجلد. + ‮عُطل: تعذَّر إيجاد خارطة عناقيد المجلد! لا يمكن متابعة إنشاء المجلد. + ‮ألفبائي/مُصنَّف + ‮السرعة المتوسطة (تنازلي) + ‮الخوارزمية + ‮التعمية + ‮التظهير + ‮المتوسط + ‮المشغّل + ‮الحجم + ‮خوارزميّة التعمية + ‮خوارزمية التعمية + ‮النوع + ‮القيمة + ‮خاصية + ‮الموضع + ‮بايتات + ‮مخفي + ‮خارجي + ‮عادي + ‮نظام + ‮مخفي (نظام) + ‮للقراءة فقط + ‮سواقة النظام + ‮سواقة النظام (تجري التعمية - ‪%.2f‬%%‬ تمت) + ‮سواقة النظام (يجري التظهير - ‪%.2f‬%%‬ تمت) + ‮سواقة النظام (تمت تعمية ‪%.2f‬%%‬) + ‮قسم النظام + ‮قسم نظام مخفي + ‮قسم النظام (تجري التعمية - ‪%.2f‬%%‬ تمت) + ‮قسم النظام (يجري التظهير - ‪%.2f‬%%‬ تمت) + ‮قسم النظام (تمت تعمية ‪%.2f‬%%‬) + ‮نعم (تم تفادي التلف!) + ‮لا شيء + ‮حجم المفتاح الرئيسي + ‮حجم المفتاح الثانوي (طور ‪XTS‬) + ‮ضبط حجم المفتاح (طور ‪LRW‬) + ‮بتات + ‮حجم الكتلة + ‮PKCS-5 PRF + ‮عدد دورات ‪PKCS-5‬ + ‮أُنشئ المجلد + ‮آخر تعديل للترويسة + ‮ (منذ ‪%I64d‬ يوم) + ‮إصدارة صيغة المجلد + ‮الترويسة الاحتياطية المُضمَّنة + VeraCrypt Boot Loader Version + ‮أول المتاح + ‮قرص محمول + ‮قرص صلب + ‮لم يتغيّر + اكتشاف تلقائي + ‮طور المرشد + ‮اختر أحد الأطوار. إن لم تعرف أيها تختار فدعه على الخيار المبدئي. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + ‮خيارات الإعداد + ‮يمكنك هنا ضبط الخيارات المختلفة التي تتحكم في صيرورة التنصيب. + ‮يجري التنصيب + ‮رجاءً انتظر حتى يتم تنصيب ڤيراكربت. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + ‮خيارات الاستخراج + ‮يمكنك هنا ضبط خيارات عدة للتحكم في صيرورة الاستخراج. + ‮رجاءً انتظر حتى يتم استخراج الملفات. + Files successfully extracted + ‮تم بنجاح استخراج كل الملفات إلى الموضع الوجهة. + ‮إن لم يكن الدليل المعيَّن موجودا فسينشأ تلقائيا. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + ‮أتريد مطالعة ملحوظات الإصدارة الحالية (الأحدث المستقرة) من ڤيراكربت؟ + ‮إن كنت لم تستخدم ڤيراكربت أبدا من قبل ننصحك بأن تقرأ فصل 'شرح المبتدئين في دليل مستخدم ڤيراكربت'. أتريد مطالعة الشرح؟ + ‮اختر فعلا من التالية لأداءه: + ‮أصلح/أعد التنصيب + Upgrade + ‮أزِل + ‮تنصيب أو إزالة ڤيراكربت يتطلب صلاحيات الإدارة. أتريد المواصلة؟ + ‮أداة تنصيب ڤيراكربت عاملة حاليا في هذا النظام و تجري أو تهيئ تنصيبا أو تحديثا. قبل المواصلة انتظر حتى تتم عملها أو أغلقها. إن تعذّر إغلاقها فأعد تشغيل النظام. + ‮فشل التنصيب. + ‮فشلت الإزالة. + ‮حزمة التوزيع هذه معطوبة. حاول تنزيلها مجددا (يستحسن من موقع ڤيراكربت الرسمي في ‪https://veracrypt.codeplex.com‬). + ‮تعذّرت كتابة الملف ‪%s‬ + ‮يجري الاستحراج + ‮تعذّرت قراءة البيانات من الحزمة. + ‮تعذّر التحقق من سلامة حزمة التوزيع هذه. + ‮فشل الاستخراح + ‮استرجع أثر التنصيب. + ‮ثُبِّت ڤيراكربت بنجاح. + ‮تم بنجاح تحديث ڤيراكربت. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + ‮أُزيل ڤيراكربت بنجاح. ‮ ‮انقر 'انهِ' لتحذف مُنصِّب ڤيراكربت و الدليل ‪%s‬. لاحظ أن الدليل لن يُحذف إذا كان يحوي أية ملفات لم يثَبِّتها مُنصِّب ڤيراكربت أو لم يُنشئها ڤيراكربت. + ‮تجري إزالة مدخلات تسجيل ڤيراكربت + ‮تجري إضافة مدخلة تسجيل + ‮تجري إزالة بيانات خاصة بالتطبيق + ‮يجري التنصيب + ‮يجري الإيقاف + ‮تجري الإزالة + ‮تجري إضافة أيقونة + ‮يجري إنشاء نقطة استرجاع للنظام + ‮فشل إنشاء نقطة استعادة للنظام! + ‮يجري تحديث مُحمِّل الإقلاع + ‮فشل تنصيب ‪'‪%s‬'‬. ‪%s‬ أتريد مواصلة التنصيب؟ + ‮فشلت إزالة ‪'‪%s‬'‬. ‪%s‬ أتريد مواصلة الإزالة؟ + ‮تم التنصيب. + ‮تعذَّر إنشاء الدليل '‪%s‬' + ‮تعذَّر إفراغ مُشغِّل ڤيراكربت. ‮ ‮أغلق كل نوافذ ڤيراكربت المفتوحة أولا. إذا لم ينجح هذا أعد تشغيل ويندوز و حاول مجددا. + ‮يجب أن تُفصل كل مجلدات ڤيراكربت قبل تنصيب ‌أو إزالة ڤيراكربت. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + ‮فشل تنصيب مدخلات التسجيل + ‮فشل تنصيب مشغل النبيطة. أعد تشغيل ويندوز ثم حاول تنصيب ڤيراكربت مجددًا. + ‮يجري بدء مشغل نبيطة ڤيراكربت + ‮فشلت إزالة مشغل النبيطة. رجاءً لاحظ أنه بسبب مشكلات في ويندوز فقد يلزم أن تخرج من حسابك أو تعيد تشغيل النظام لتمكن إزالة المشغّل (أو أعادة تنصيبه). + ‮يجري تنصيب مشغل نبيطة ڤيراكربت + ‮يجري إيقاف مشغل نبيطة ڤيراكربت + ‮تجري إزالة مشغل نبيطة ڤيراكربت + ‮فشل تسجيل مكتبة دعم التحكم في حسابات المستخدمين. + ‮فشلت إزالة تسجيل مكتبة دعم الحكم في حسابات المستخدمين. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + ‮تحذير: يعمل مرشد إنشاء المجلدات حاليا بصلاحيات الإدارة. ‮ ‮قد يؤدي هذا إلى إنشاء مجلد بصلاحيات تمنعك من الكتابة إليه عند وصله لاحقا. لتفادي هذا أغلق المرشد الآن و شغّله مرة أخرى دون صلاحيات الإدارة. ‮ ‮أتريد غلق مرشد إنشاء المجلدات؟ + ‮عطل: تعذّر عرض الترخيص. + ‮خارجي(!) + ‮أيّام + ‮ساعات + ‮دقائق + ‮ث + ‮افتح + ‮افصل + ‮أظهر ڤيراكربت + ‮اخفِ ڤيراكربت + ‮البيانات التي قُرأت منذ الوصل + ‮البيانات التي كُتِبت منذ الوصل + ‮الجزء المعمّى + ‮‪100%‬ (معمى بالكامل) + ‮‪0%‬ (غير معمى) + %.3f%% + 100% + ‮في الانتظار + ‮يجري التجهيز + ‮يجري التحجيم + ‮تجري التعمية + ‮يجري التظهير + ‮يجري الإتمام + ‮جُمِّد + ‮تمّ + ‮عُطل + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + ‮أدخل كلمة سرّ ‪%s‬ + Enter password for '%s' + ‮أدخل كلمة سرِّ المجلد العادي\\الخارجيّ + ‮أدخل كلمة سرِّ المجلد المخفي + ‮أدخل كلمة سر الترويسة المحفوظة في الملف + ‮أُنشئ ملف المفتاح بنجاح. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + ‮تنبيه: ترويسة هذا المجلد تالفة! ڤيراكربت تلقائيا النسخة الاحتياطية من الترويسة المضمَّنة في المجلد. ‮ ‮ينبغي إصلاح ترويسة المجلد باختيار 'أدوات' > 'استرجع ترويسة المجلد'. + ‮أُنشئت نسخة احتياطية من ترويسة المجلد بنجاح. ‮ ‮هام: استرجاع ترويسة الحجم من النسخة الاختياطية سيستعيد كذلك كلمة سر المجلد الحالية. إضافة إلى ذلك، إذا تطلب وصل المجلد ملفات مفاتيح، فإن ذات الملفات المفاتيح ستكون مطلوبة لوصل المجلد بعد استعادة ترويسته. ‮ ‮تنبيه:لا يمكن استخدام نسخة ترويسة المجلد الاحتياطية هذه إلا لاسترجاع ترويسة هذا المجلد بعينه. إذا استخدمتها لاستعادة ترويسة مجلد آخر فسيمكنك وصله إلا أنه لن يمكنك تظهير أية بيانات مخزنة فيه (لأنك ستكون قد غيّرت مفتاحه الرئيسي). + ‮استرجعت ترويسة المجلد بنجاح. ‮ ‮هام: لاحظ أنه قد تكون استعيدت كلمة سر سابقة كذلك. إضافة إلى ذلك، إذا تطلّب وصل المجلد ملفات مفاتيح فإن ذات الملفات المفاتيح ستكون مطلوبة لوصل المجلد حاليا. + ‮لدواعي الأمان سيكون عليك إدخال كلمة السر الصحيحة (و\\أو تقديم الملفات المفاتيح) التي تخصُّ. ‮ ‮ملاحظة: إن كان المجلد يحوي مجلدا مخفيا سيكون عليك أن تدخل كلمة السر الصحيحة (و\\أو تقديم الملفات المفاتيح) للمجلد الخارجي أولا. بعدها إن أردت حفظ نسخة احتياطية من ترويسة المجلد المخفي فسيكون عليك إدخال كلمة السر (و\\أو تقديم الملفات المفاتيح) للمجلد المخفي. + ‮أمتأكد أنك تريد حفظ نسخة احتياطية من ترويسة ‪%s‬؟ ‮ ‮بعد أن تنقر 'نعم' سيطلب من اسم ملف للترويسة الاحتياطية. ‮ ‮ملاحظة: كل من الترويستين العادية و المخفية سيعاد تعميتهما باستخدام بادئ جديد و حفظها في الملف. إن كان لا يوجد مجلد مخفي في هذا المجلد فإن المنطقة المخصصة لترويسة المجلد المخفي في الملف الاحتياطي ستملأ ببيانات عشوائية (لضمان حجية الإنكار). عند استعادة ترويسة مجلد من نسخة احتياطية فسيكون عليك إدخال كلمة السر الصحيحة (و\\أو تقديم الملفات المفاتيح) التي كانت صحيحة عندما حفظت الترويسة الاحتياطية. كلمة السر (و\\أو الملفات المفاتيح) هي ما سيحدد أي ترويسة يجب استرجاعها، اي العادية أو المخفية (لاحظ أن ڤيراكربت يكتشف ذلك عن طريق التجربة و الخطأ). + ‮أمتأكد أنك تريد استعادة ترويسة المجلد ‪%s‬؟ ‮ ‮تنبيه: استعادة ترويسة المجلد تستعيد كذلك كلمات السر التي كانت سارية عند إنشاء النسخة الاحتياطيّة. إضافة إلى ذلك، فإنه إن كان وصل المجلد - عندما أخذت النسخة الاحتياطية - يتطلب ملفات مفاتيح فإن ذات الملفات المفاتيح ستكون مطلوبة لوصل المجلد بعد استعادة ترويسته. ‮ ‮بعد أن تنقر 'نعم' ستختار ملف نسخة الترويسة الاحتياطية. + ‮هل يحوي المجلد مجلدا مخفيا؟ + ‮المجلد يحوي مجلدا مخفيا + ‮المجلد لا يحوي مجلدا مخفيا + ‮اختر نوع ترويسة المجلد الاحتياطية التي تريد: + ‮استرجع الترويسة من النسخة الاحتياطية المُضمَّنة في المجلد + ‮استرجع الترويسة من نسخة احتياطية في ملف خارجي + ‮حجم ملف ترويسة المجلد الاحتياطية غير صحيح. + ‮لا توجد نسخة ترويسة احتياطية مُضمَّنة في هذا المجلد (لاحظ أن المجلدات المنشأة بڤيراكربت ‪6.0‬ أو ما يليه وحدها تحوي نسخا احتياطية من الترويسة). + ‮تحاول حفظ ترويسة قسم\\نبيطة النظام؛ و هذا غير مسموح به. عمليات الحفظ\\الاسترجاع المتعلقة بقسم\\نبيطة النظام لا يمكن أداؤها إلا باستخدام قرص إنقاذ ڤيراكربت. ‮ ‮أتريد إنشاء قرص إنقاذ ڤيراكربت؟ + ‮تحاول استرجاع ترويسة مجلد ڤيراكربت افتراضي إلا أنك اخترت قسم\\نبيطة النظام؛ و هذا غير مسموح به. عمليات الحفظ\\الاسترجاع المتعلقة بقسم\\نبيطة النظام لا يمكن أداؤها إلا باستخدام قرص إنقاذ ڤيراكربت. ‮ ‮أتريد إنشاء قرص إنقاذ ڤيراكربت؟ + ‮بعد أن تنقر 'موافق' فستختار اسم ملف لصورة ‪ISO‬ الجديدة لقرص إنقاذ ڤيراكربت و موضع حفظها. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + ‮أدخل قرص إنقاذ ڤيراكربت في سواقة أقراص سي‌دي/دي‌ڤي‌دي و انقر 'موافق' لفحصه. + ‮تم بنجاح التحقق من سلامة قرص إنقاذ ڤيراكربت. + ‮تعذّر توكيد أن قرص إنقاذ ڤيراكربت قد تم تسجيله كما ينبغي. ‮ ‮إن كنت أتممت التسجيل على هذا القرص فأخرجه من السواقة ثم أعد إدخاله و اختبره مجددا. إن لم تنحل المشكلة فجرب برمجية تسجيل أقراص أخرى أو/و قرصا آخر. ‮ ‮إن كنت تحاول فحص قرص إنقاذ ڤيراكربت أُنشئ لأجل مفتاح رئيسي آخر أو بكلمة سر أو بذرة مختلفة، إلخ، فاعلم أن هذا القرص سيفشل دوما في هذا الفحص. لتنشئ قرص إنقاذ جديد متوافق مع إعداداتك الحالية اختر 'نظام' > 'أنشئ قرص إنقاذ'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + ‮عطل إثناء إنشاء قرص إنقاذ ڤيراكربت. + ‮لا يمكن إنشاء قرص إنقاذ ڤيراكربت في نظام تشغيل مخفي عامل. ‮ ‮لإنشاء قرص إنقاذ ڤيراكربت أقلع نظام التشغيل التمويهي ثم اختر 'نظام' > 'أنشئ قرص إنقاذ'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + ‮افصل المجلد قبل الاستمرار. + ‮عطل: تعذّر شبط المؤقِّت. + ‮افحص نظام الملفات + ‮أصلح نظام الملفات + Add to Favorites... + Add to System Favorites... + P&roperties... + ‮تمت حماية المجلد المخفي + ‮غير متاح + ‮نعم + ‮لا + Disabled + ‮واحدة + ‮اثنتين أو أكثر + ‮طور التشغيل + ‮العنوان: + ‮الحجم: + ‮المسار: + ‮حرف السواقة: + ‮عُطل: يجب أن تتألف كلمة السر من محارف أسكي (‪ASCII‬) حصرا. ‮ ‮غير محارف أسكي (‪non-ASCII‬) قد تجعل من غير الممكن وصل المجلد عندما تتغير إعدادات نظامك. ‮ ‮المحارف التالية مسموح بها: ‮ ‮ ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; > = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\\\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + ‮تنبيه: تضم كلمة السر غير محارف أسكي (‪non-ASCII‬). قد يجعل هذا من غير الممكن وصل المجلد عندما تتغير إعدادات نظامك. ‮ ‮ينبغي أن تستبدل كل المحارف غير أسكي في كلمة السر بمحارف أسكي. لتفعل هذا، انقر 'المجلدات' -> 'غير كلمة سر المجلد'. ‮ ‮المحارف التالية مسموح بها: ‮ ‮ ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; > = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\\\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + ‮الموقع على الوب + ‮تحذير: يبدو أنك لم تُثَبِّت حزمة الخدمة لتنصيبة ويندوز هذه. ينبغي ألا تكتب على أقراص ‪IDE‬ أكبر من 128 جيجابايت في ويندوز إكس‌بي دون حزمة الخدمة 1 (‪Service Pack 1‬) أو ما يليها! إذا فعلت هذا فقد تتلف البيانات على القرص (سواء كان مجلد ڤيراكربت أم لا). لاحظ أن هذا قصور في ويندوز وليس علّة في ڤيراكربت. + ‮تحذير: يبدو أنك لم تُثَبِّت حزمة الخدمة 3 (‪Service Pack 3‬) لتنصيبة ويندوز هذه. ينبغي ألا تكتب على أقراص ‪IDE‬ أكبر من ‪128‬ جيجابايت في ويندوز ‪2000‬ دون حزمة الخدمة 3 (‪Service Pack 3‬) أو ما يليها. إذا فعلت هذا فقد تتلف البيانات على القرص (سواء كان مجلد ڤيراكربت أم لا). لاحظ أن هذا عيب في ويندوز وليس علّة في ڤيراكربت. ‮ ‮ملاحظة: قد تحتاج كذلك إلى تفعيل دعم ‪48-bit LBA‬ في السِّجل؛ للمزيد من المعلومات راجع ‪http://support.microsoft.com/kb/305098/EN-US‬ + ‮تحذير: دعم ‪48‬-بتة ‪LBA ATAPI‬ مُعطَّل في نظامك. لذا يجب ألا تكتب على أقراص ‪IDE‬ أكبر من ‪128‬ جيجابايت. إذا فعلت هذا قد تتلف البيانات على القرص (سواء كان مجلد ڤيراكربت أم لا). لاحظ أن هذا عيب في ويندوز وليس علّة في ڤيراكربت. ‮ ‮لتفعيل دعم ‪LBA ATAPI‬ ‪48‬-بتة أضف قيمة السجل '‪EnableBigLba‬' في مفتاح السجل ‪HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Services\\\\atapi\\\\Parameters‬ واضبطه على 1. ‮ ‮لمزيد من المعلومات راجع ‪http://support.microsoft.com/kb/305098‬ + ‮عُطل: الملفات الأكبر من 4 جيجابايتات لا يمكن حفظها في نظام ملفات ‪FAT32‬، لذا فمجلدات ڤيراكربت المستضافة في ملفات (حاويات) محفوظة في نظام ملفات ‪FAT32‬ لا يمكن أن تكون أكبر من 4 جيجابايتات. ‮ ‮إن أردت حجما أكبر للمجلد فأنشئه في نظام ملفات ‪NTFS‬ (أو إن كنت تستخدم ويندوز فسبا ‪SP1‬ أو ما بعدها ففي نظام ملفات ‪exFAT‬) أو بدلا من إنشاء مجلد مستضاف في ملف عمّ قسما بكامله أو نبيطة. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + ‮تحذير: إن كنت تنوي إضافة مزيد من الملفات\\البيانات في المجلد الخارجي مستقبلا فربما عليك الأخذ في الاعتبار اختيار حجم أصغر للمجلد المخفي. ‮ ‮أمتأكد أنك تريد الاستمرار بالحجم الذي عيَّنته؟ + ‮لم تختر أي مجلد. ‮ ‮انقر 'اختر نبيطة' أو 'اختر ملفا' لتختار مجلد ڤيراكربت. + ‮لم يُختر أي قسم. ‮ ‮انقر 'اختر نبيطة' لتختار قسما مفصولا يتطلب عادة استيثاق ما قبل الإقلاع (مثل قسمٍ على سواقة النظام المعمّاة لنظام تشغيل آخر غير عامل أو قسم النظام لنظام تشغيل آخر). ‮ ‮ملاحظة: القسم المختار سيوصل كمجلد ڤيراكربت عادي دون استيثاق ما قبل الإقلاع. هذا مفيد للنسخ الاحتياطي أو لعمليات الإصلاح. + ‮تنبيه: إن كانت ملفات مفاتيح مبدئية قد ضُبطت و فُعلِّت فإن المجلدات التي لا تستخدم تلك الملفات المفاتيح لن يمكن وصلها. لذا فبعد أن تفعِّل الملفات المفاتيح المبدئية خذ في الاعتبار أن تزيل تأشير 'استخدم الملفات المفاتيح' (أسفل حقل إدخال كلمة السر) كلما عزمت وصل مثل تلك المجلدات. ‮ ‮ أمتأكد أنك تريد حفظ الملفات المفاتيح\\المسارات المختارة كمبدئية؟ + ‮أوصل النبائط تلقائيا + ‮افصل الكل + ‮امحُ الذّاكرة المخبئية + Dismount All & Wipe Cache + ‮أجبر فصل الكل و امحُ الذّاكرة المخبئية + ‮أجبر فصل الكل و امحُ الذّاكرة المخبئية و اخرج + ‮أوصل المجلدات المفضّلة + ‮أظهر/اخف نافذة ڤيراكربت الرئيسية + ‮(انقر هنا و اضغط زرا) + ‮إجراء + ‮اختصار + ‮عُطل: هذا الاختصار محجوز. اختر اختصارًا آخر. + ‮عُطل: الاختصار مستخدم بالفعل. + ‮تنبيه: لن يعمل واحد أو أكثر من أزرار اختصارات ڤيراكربت على مستوى النظام! ‮ ‮تحقق من أن أيا من التطبيقات الأخرى و نظام التشغيل لا يستخدم اختصارات ڤيراكربت ذاتها. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + ‮منع عُطلٌ أو عدمُ توافقية ڤيراكربت من تعمية ملف السبات، لذا فقد عُطل السبات. ‮ ‮ملاحظة: عندما يسبت حاسوب (أو يدخل طور توفير الطاقة) فإن محتويات ذاكرة النظام تحفظ في ملف تخزين للسبات يوجد على سواقة النظام. لا يمكن لتروكربيت أن يحول دون حفظ مفاتيح التعمية و محتويات الملفات الحساسة المفتوحة في الذاكرة إلى ملف السبات غير معماة. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + ‮تحذير: إذا عُطِّل هذا الخيار فلن يمكن تلقائيا فصل المجلدات التي تحوي ملفات\\أدلة مفتوحة. ‮ ‮أمتأكد أنك تريد تعطيل هذا الخيار؟ + ‮تنبيه: المجلدات التي تحوي ملفات\\أدلة مفتوحة لن تُفصل تلقائيا. ‮ ‮للحول دون هذا فعّل الخيار التالي في نافذة الحوار هذه: 'أجبر الفصل التلقائي حتى إذا حوى المجلد ملفات أو أدلة مفتوحة' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + ‮كنت قد جدولت صيرورة تعمية قسم\\مجلد، و لم تتم تلك الصيرورة. ‮ ‮أتريد معاودة الصيرورة الآن؟ + ‮كنت قد جدولت صيرورة تعمية أو تظهير قسم\\سواقة النظام، إلا أن هذه الصيرورة لم تتم بعد. ‮ ‮أتريد معاودة الصيرورة الآن؟ + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption/decryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption/decryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + ‮كنت قد جدولت صيرورة تعمية أو تظهير قسم\\سواقة النظام، إلا أن استيثاق ما قبل الإقلاع فشل (أو تم تخطيه). ‮ ‮ملاحظة: إن ظهَّرت قسم\\سواقة النظام في بيئة ما قبل الإقلاع فإنك قد تحتاج إلى إتمام الصيرورة باختيار 'نظام' > 'ظهّر نهائيا قسم\\سواقة النظام' من قائمة نافذة ڤيراكربت الرئيسية. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + ‮أخرج؟ + ‮ليس لدى ڤيراكربت معلومات تكفي لتحديد ما إن كان المطلوب التعمية أو التظهير. + ‮ليس لدى ڤيراكربت معلومات تكفي لتحديد ما إن كان المطلوب التعمية أو التظهير. ‮ ‮ملاحظة: إن ظهّرت قسم\\نبيطة النظام في بيئة ما قبل الإقلاع فإن قد تحتاج إلى إتمام الصيرورة بنقر 'ظهّر'. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + ‮أتريد مقاطعة و تأجيل صيرورة تعمية القسم\\المجلد؟ ‮ ‮ملاحظة: راع أنه لا يمكن وصل المجلد حتى تمام تعميته. سيطون بوسعك معاودة صيرورة التعمية من حيث توقفت. يمكنك عمل ذلك باختيار 'مجلدات' > 'عاود الصيرورة المقاطعة' من القائمة في نافذة ڤيراكربت الرئيسية. + ‮أتريد مقاطعة و تأجيل صيرورة تعمية قسم\\نبيطة النظام؟ ‮ ‮ملاحظة: سيكون بوسعك معاودة الصيرورة و ستواصل من حيث توقفت. يمكنك عمل ذلك باختيار 'نظام' > 'عاود الصيرورة المقاطعة' من قائمة نافذة ڤيراكربت الرئيسية. إن كنت تريد إنهاء أو عكس صيرورة التعمية فاختر 'نظام' > 'ظهّر نهائيا قسم\\نبيطة النظام'. + ‮أتريد مقاطعة و تأجيل صيرورة تظهير قسم\\نبيطة النظام؟ ‮ ‮ملاحظة: سيكون بوسعك معاودة الصيرورة و ستواصل من حيث توقفت. يمكنك عمل ذلك باختيار 'نظام' > 'عاود الصيرورة المقاطعة' من قائمة نافذة ڤيراكربت الرئيسية. إن كنت تريد عكس صيرورة التظهير (أي بدء التعمية) فاختر 'نظام' > 'عمِّ قسم\\نبيطة النظام'. + ‮عطل: تعذّرت مقاطعة صيرورة تعمية/تظهير قسم\\سواقة النظام. + ‮عطل: تعذَّرت مقاطعة صيرورة المحو. + ‮عطل: تعذّرت معاودة صيرورة تعمية/تظهير قسم\\سواقة النظام. + ‮عطل: تعذَّر بدء صيرورة المحو. + ‮تم حل عدم الاتساق. ‮ ‮ ‮(إن أبلغت عن علة بهذا الشأن فرجاءً ضمِّن البيانات التقنية التالية في البلاغ: ‪%hs‬) + ‮عطل: حالة غير متوقعة. ‮ ‮ ‮(إن أبلغت عن علة ذات علاقة بهذا فرجاء ضمِّن التقرير البيانات التقنية التالية: ‮‪%hs‬) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + ‮تحذير: عُطِّلت مهمة ڤيراكربت الخلفية. بعد أن تغلق ڤيراكربت لن تُبلغ إن أحيل دون تلف في مجلد مخفي ‮ ‮ملاحظة: يمكنك إغلاق المهمة الخلفية في أي وقت بالنقر باليمين على أيقونة ڤيراكربت في اللوحة و اختيار 'اخرج'. ‮ ‮أأفعِّل مهمة ڤيراكربت الخلفية؟ + ‮إصدارة حزمة اللغة: ‪%s‬ + ‮يجري فحص نظام الملفات في مجلد ڤيراكربت الموصول معرفا بالحرف ‪%s‬… + ‮تجري محاولة إصلاح نظام الملفات في قسم ڤيراكربت الموصول معرفا بالحرف ‪%s‬… + ‮تحذير: عُمِّي هذا المجلد بخوارزمية تعمية عتيقة. ‮ ‮كل خوارزميات التعمية لكتل ‪64‬ بتة (مثل ‪Blowfish‬، و ‪CAST-128‬، و ‪Triple DES‬) قد ألغيت. سيظل من الممكن وصل هذا المجلد باستخدام الإصدارات المستقبلية من ڤيراكربت لكن لن تكون هناك أية تحسينات في تطبيق تلك الخوارزميات العتيقة. ننصحك بأن تنشئ مجلد ڤيراكربت جديد مُعمّى بخوارزمية كتلة ‪128‬ بتة (مثل ‪AES‬، و ‪Serpent‬، و ‪Twofish‬، الخ…) و أن تنقل كل الملفات من هذا المجلد إلى المجلد الجديد. + ‮نظامك ليس مضبوطا ليوصِّل المجلدات الجديدة تلقائيا. قد يتعذَّر وصل مجلدات ڤيراكربت المستضافة في نبائط. يمكن تفعيل الوصل الآلي بتنفيذ الأمر التالي ثم إعادة تشغيل النظام. ‮ ‮‪mountvol.exe /E‬ + ‮خصِّص حرفا للقسم\\النبيطة قبل المواصلة ('لوحة التحكم' > 'النظام و الإدارة' > 'أدوات الإدارة' - 'أنشئ و هيء أقسام القرص الصلب'). ‮ ‮لاحظ أن هذا من متطلبات النظام. + ‮أوصل مجلد ڤيراكربت + ‮افصل كل مجلدات ڤيراكربت + ‮فشل ڤيراكربت في الحصول على صلاحيات الإدارة. + ‮منع النظامُ النفاذ. ‮ ‮السبب المحتمل: يتطلب النظام أن تكون لديك صلاحية القراءة\\الكتابة (أو صلاحية الإدارة) لأدلة و ملفات و نبائط معينة ليُسمح لك بقراءة و كتابة بيانات إليها/منها. عادة ما يُسمح للمستخدم دون صلاحيات الإدارة أن يُنشئ و يقرأ و يعدل الملفات في دليل الوثائق الخاص به. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + ‮يتطلب مُحمِّل إقلاع ڤيراكربت ما لا يقل عن 32 كيلوبايت من المساحة الشاغرة في بداية سواقة النظام (حيث ينبغي تخزين مُحمِّل الإقلاع). للأسف لا تلبي هذه السواقة ذاك الشرط. ‮ ‮رجاءً لا تبلغ عن هذا كعلة\\مشكلة في ڤيراكربت. لحل هذه المشكلة سيكون عليك إعادة تقسيم القرص و ترك أول 32 كيلوبايت من القرص شاغرة (في الأغلب ستضطر إلى حذف و إعادة إنشاء القسم الأول). نوصي باستخدام أداة ميكروسوفت لإدارة الاقسام المتاحة عند تنصيب ويندوز. + ‮هذه الخاصية غير مدعومة في هذه الإصدارة من نظام التشغيل الذي تيتخدمه حاليا. + ‮لا يدعم ڤيراكربت تعمية قسم\\سواقة النظام في هذه الإصدارة من نظام التشغيل الذي تستخدمه. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + ‮لسواقة النظام جدول أقسام معتمد على ‪GUID‬ (‪GPT‬). حاليا السواقات ذات جداول الأقسام من نوع ‪MBR‬ وحدها المدعومة. + ‮تنبيه: مُحمِّل إقلاع ڤيراكربت منصّب بالفعل في سواقة النظام! ‮ ‮ربما يوجد نظام تشغيل آخر مُعمّى بالفعل. ‮ ‮تحذير: مواصلة تعمية النظام العامل حاليا قد يجعل من غير الممكن تشغيل النظم الأخرى أو النفاذ إلى بياناتها. ‮ ‮أمتأكد أنك تريد المواصلة؟ + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + ‮مُحمِّل النظام الأصلي لن يُحفظ على قرص الإنقاذ (سبب محتمل: ملف محفوظة مفقود). + ‮تعذّرت كتابة قطاع ‪MBR‬. ‮ ‮ربما كان ‪BIOS‬ مضبوطا بحيث يحمي قطاع ‪MBR‬. تَفَحَّص تضبيطات ‪BIOS‬ المتعلقة بحماية ‪MBR‬ أو مضاد الفيروسات (بضغط ‪F2‬ أو ‪delete‬ أو ‪Esc‬ بعد تشغيل الحاسوب). + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + ‮ملاحظة: في بعض الحالات قد ترغب في منع شخص (خصم) يراقبك و أنت تشغل الحاسوب من معرفة أنك تستخدم ڤيراكربت. الخيارات في الأعلى تمكنك من هذا بطريق تطويع شاشة مُحمِّل إقلاع ڤيراكربت. إن فعَّلت الخيار الأول فلن يُظهر مُحمِّل الإقلاع أية نصوص (و لا حتى عندما تدخل كلمة السر)، و سيبدو أن الحاسوب متجمد في حين سيكون بوسعك إدخال كلمة السر. إضافة إلى ذلك يمكن عرض رسالة مطوعة لتضليل الخصم؛ كرسالة خطأ زائفة مثل "لا يوجد نظام تشغيل" (و هي التي يعرضها عادة مُحمِّل إقلاع ويندوز إذا لم يجد قسم إقلاع ويندوز). لكن من المهم ملاحظة أنه إذا كان بوسع الخصم تحليل محتويات سواقة الأقراص فسيكون بوسعه معرفة أنه يحوي مُحمِّل إقلاع ڤيراكربت. + ‮تحذير: راع أنك إن فعَّلت هذا الخيار فإن مُحمِّل إقلاع ڤيراكربت لن يعرض أية نصوص (و لا حتى عندما تدخل كلمة السر)، و سيبدو أن الحاسوب "متجمدا" (لا يستجيب) في حين سيمكنك إدخال كلمة السر (لن تتحرك المشيرة و لن تظهر نجمات عندما تضغط المفاتيح). ‮ ‮أمتأكد أنك تريد تفعيل هذا الخيار؟ + ‮يبدو أن قسم\\سواقة النظام مُعمّاة بالكامل. + ‮لا يدعم ڤيراكربت تعمية سواقة نظام سبق تحويلها إلى قرص ديناميَ. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + ‮هل تريد تعمية قسم النظام بدلا من السواقة كلها؟ ‮ ‮لاحظ أنه بوسعك إنشاء مجلدات ڤيراكربت مستضافة في أي قسم لا يخص النظام على السواقة (إضافة إلى تعمية قسم النظام). + ‮حيث أن نظامك يحوي قسما واحدا يَشغَل السواقة بكاملها يفضل (و هو أكثر أمنا) أن تعمي السواقة بكاملها بما في ذلك المساحة المهملة التي عادة ما تحيط بمثل هذا القسم. ‮ ‮أتريد تعمية سواقة النظام بكاملها؟ + ‮نظامك مضبوط بحيث يحفظ ملفات مؤقتة في غير قسم النظام. ‮ ‮الملفات المؤقتة ينبغي حفظها في قسم النظام. + ‮ملفات حسابات المستخدمين محفوظة في غير قسم النظام. ‮ ‮ينبغي حفظ ملفات حسابات المستخدمين في قسم النظام. + ‮يوجد ملف مبادلة أو أكثر في غير قسم النظام. ‮ ‮ملفات المبادلة ينبغي حفظها في قسم النظام. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + ‮ و إلا فإن حجية إنكار وجود نظام التشغيل المخفي قد تضعف بشدة. ‮ ‮ملاحظة: إن حلل خصم محتوى تلك الملفات (الموجودة في غير قسم النظام) فإنه قد يكتشف مثلا أنك استخدمت هذا المرشد في طور إنشاء نظام مخفي (و هو ما قد يشير إلى وجود نظام تشغيل مخفي في الحاسوب). لاحظ كذلك أن تلك الملفات إن حزنت في قسم النظام سنمحا تلقائيا بواسطة ڤيراكربت أثناء صيرورة إنشاء نظام التشغيل المخفي. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + ‮تحذير: توجد مساحة غير مخصصة بين قسم النظام و القسم الذي يليه. بعد إنشاء نظام التشغيل المخفي ينبغي ألا تنشئ أية أقسام جديدة في هذه المساحة غير المخصصة و إلا فلن يمكن إقلاع نظام التشغيل (حتى تحذف تلك الأقسام المنشأة حديثا). + ‮هذه الخوارزمية ليست مدعومة حاليا لتعمية النظام. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + ‮لا يمكن حاليا استخدام الملفات المفاتيح عند تعمية النظام. + تنبيه: تعذَّر على ڤيراكربت استعادة النسق الأصلي للوحة المفاتيح مما قد يؤدي إلى أن تُدخلَ كلمة السر على نحو غير صحيح. + ‮عطل: تعذّر ضبط هيئة لوحة المفاتيح لڤيراكربت إلى التوزيع القياسي للولايات المتحدة. ‮ ‮لاحظ أن كلمة السر يجب أن تدخل في بيئة ما قبل الإقلاع (قبل أن يبدأ ويندوز) حيث لا يتاح سوى لوحات مفاتيح ويندوز الولايات المتحدة. لذا يجب أن تدخل كلمة السر دوما باستخدام هيئة لوحة مفاتيح الولايات المتحدة القياسية. + ‮حيث أن ڤيراكربت قد غير هيئة لوحة المفاتيح إلى الهيئة القياسية في الولايات المتحدة فليس ممكنا إدخل محارف بطريق ضغط الأزرار مع زر ‪Alt‬. مع هذا يمكنك إدخال معظم تلك المحارف بطريق ضغط المفتاح المناسب مع مفتاح ‪Shift‬. + ‮حال ڤيراكربت دون تغيير هيئة لوجة المفاتيح. + ‮ملاحظة: ستحتاج إلى أن تدخل كلمة السر في بيئة ما قبل الإقلاع (قبل أن يبدأ ويندوز) حيث لا يتاح سوى لوحات مفاتيح ويندوز الولايات المتحدة. لذا يجب أن تدخل كلمة السر دوما باستخدام هيئة لوحة مفاتيح الولايات المتحدة القياسية. لكن لاحظ أنك لا تحتاج إلى لوحة مفاتيح حقيقية على هيئة الولايات المتحدة إذا أن ڤيراكربت يتحقق من أن كلمة السر يمكن إدخالها كما ينبغي (الآن و في بيئة قبل الإقلاع) حتى لو لم تكن لديك لوحة مفاتيح حقيقية على هيئة الولايات المتحدة. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + ‮تحذير: إن كنت أنشأت بالفعل قرص إنقاذ ڤيراكربت فيما مضى فاعلم أنه لا يمكن استخدامه لقسم\\سواقة النظام هذه لأنه أنشئ لمفتاح رئيسي مختلف! في كل مرة تعمّي قسم\\سواقة نظام ينبغي إنشاء قرص إنقاذ ڤيراكربت حديث لها حتى إذا استخدمت كلمة السر ذاتها. + ‮عطل: تعذّر حفظ تضبيطات تعمية النظام. + ‮تعذّر استبداء الاختبار المبدئي لتعمية النظام. + ‮تعذَّر استبداء صيرورة إنشاء نظام التشغيل المخفي. + ‮طور المحو + ‮في بعض أنواع وسائط التخزين عندما تطمس البيانات ببيانات أخرى فقد يكون من الممكن استرجاع البيانات المطموسة باستخدام تقنيات مثل مجاهير الطاقة المغناطيسية. ينطبق هذا كذلك على البيانات التي تنطمس بنسخ معماة منها (و هو ما يحدث عندما يعمّي ڤيراكربت قسما غير معمّى أو سواقة). طبقا لبعض الدراسات و المنشورات الحكومية فإن استرجاع البيانات قد يمكن الحول دونه (أو تصعيبه) بطمس البيانات ببيانات شبه عشوائية و بيانات عشوائية بعدد معين من المرات. لذا إن كنت تعتقد أن خصمك قد يلجأ لمثل تلك الأساليب لاسترجاع البيانات التي تنوي تعميتها فقد تحب اختيار أحد أطوار المحو (البيانات الحالية لن تفقد). لاحظ أن المحو لا يمكن إجراؤه بعد تعمية القسم\\السواقة. عندما تم تعمية القسم\\السواقة فلن تكتب أية بيانات غير معماة إليها. كل البيانات التي تكتب إليها تعمى أولا لحظيا في الذاكرة ثم تكتب هذه البيانات المعماة على القرص. + ‮في بعض أنواع وسائط التخزين عندما تطمس البيانات ببيانات أخرى (مثلا عند حذف البيانات) فقد يكون من الممكن استرجاع البيانات المطموسة باستخدام تقنيات مثل مجاهير الطاقة المغناطيسية. طبقا لبعض الدراسات و المنشورات الحكومية فإن استرجاع البيانات قد يمكن الحول دونه (أو تصعيبه) بطمس البيانات ببيانات شبه عشوائية و بيانات عشوائية بعدد معين من المرات. لذا إن كنت تعتقد أن خصمك قد يلجأ لمثل تلك الأساليب لاسترجاع البيانات التي ستحذف فقد تحب اختيار أحد أطوار المحو عديدة المرات. لاحظ أنه كلما زادت مرات المحو ازدادت المدة المطلوبة لإتمام لمحو البيانات. + ‮المحو + \nn‮ملاحظة: تمكن مقاطعة صيرورة المحو و إطفاء الحاسوب ثم تشغيل النظام المخفي مجددا و معاودة الصيرورة (هذا المرشد سيشتغل تلقائيا). لكن إن قوطعَت الصيرورة فإنه سيتوجب بدؤها من جديد. + \nn‮ ‮ملاحظة: إن قوطعت صيرورة المحو ثم عوودت فإن الصيرورة ستتوجب إعادة بدئها من جديد. + ‮أتريد إجهاض صيرورة المحو؟ + ‮تحذير: كل محتويات القسم\\النبيطة المختارة ستُمحى و تُفقد. + ‮كل محتويات القسم الذي فيه النظام الأصلي ستُمحى. ‮ ‮ملاحظة: كل محتويات القسم الذي سيُمحى قد تم نسخها إلى قسم النظام المخفي. + ‮تنبيه: لاحظ أنه مثلا عند اختيار طور المحو ذي المرات الثلاث فإن الزمن المطلوب لتعمية القسم\\السواقة سيزيد أربع مرات. كذلك إن اخترت طور المحو ذي ‪35‬ مرة فإن المدة سيكون أطول ‪36‬ مرة (و قد يستغرق عدة أسابيع). ‮ ‮لكن لاحظ أن المحو لا يمكن إجراؤه بعد تمام تعمية القسم\\السواقة. فبعد تعمية القسم\\السواقة لن تكتب إليه أية بيانات غير معمّاة. كل البيانات التي تكتب إليه ستعمى أولا لحظيا في الذاكرة قبل أن تكتب إلى القرص (لذا فإن الأداء لن يتأثر). ‮ ‮أمتأكد أنك تريد استخدام طور المحو؟ + ‮بلا (الأسرع) + ‮مرة واحدة (بيانات عشوائية) + ‮3 مرّات (‪US DoD 5220.22-M‬) + ‮7 مرّات (‪US DoD 5220.22-M‬) + ‮‪35‬ مرة (Gutmann) + ‮‪256‬ مرة + ‮عدد نظم التشغيل + ‮تحذير: ينبغي ألا يعمي المستخدمون غير ذوي الخبرة ويندوز في التجهيزات عديدة الإقلاع. ‮ ‮أأواصل؟ + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + ‮سواقة الإقلاع + ‮هل نظام التشغيل العامل حاليا منصّب على سواقة الإقلاع؟ ‮ ‮ملاحظة: أحيانا لا يكون ويندوز منصّبا على ذات السواقة التي عليها مُحمِّل إقلاع ويندوز (قسم الإقلاع). إن كان هذا هو الحال، انقر 'لا'. + ‮لا يدعم ڤيراكربت حاليا تعمية نظام تشغيل لا يُقلع من السواقة التي هو منصّب عليها. + ‮عدد سواقات النظام + ‮كم سواقة تحوي نظام تشغيل؟ ‮ ‮ملاحظة: مثلا إن كان أي من نظم التشغيل (مثل: ويندوز أو ماك أوإس أو لينكس، إلخ) مُنَصَّبا على السواقة الرئيسية و توجد أي نظم تشغيل إضافية منصّبة على السواقة الثانوية فاختر 'اثنتين أو أكثر'. + ‮لا يدعم ڤيراكربت حاليا تعمية السواقة بكاملها إن كانت تحوي عدة نظم تشغيل. ‮ ‮حلول ممكنة: ‮ ‮- لا يزال بوسعك تعمية أحد النظم إن رجعت لخيار تعمية قسم نظام واحد (بدلا من خيار تعمية سواقة النظام بكاملها). ‮ ‮- أو يمكنك تعمية السواقة بكاملها إن نقلت النظم الأخرى إلى سواقات أخرى تاركا نظاما واحدا و حسب على السواقة التي تريد تعميتها. + ‮عدة نظم على سواقة واحدة + ‮هل توجد نظم تشغيل أخرى منصّبة على السواقة المنصّب عليها نظام التشغيل العامل حاليا؟ ‮ ‮ملاحظة: مثلا إن كان نظام التشغيل العامل حاليا منصّبا على السواقة رقم 0 و التي تحوي عدة أقسام، و إذا كان أحد تلك الأقسام يحوي ويندوز و قسم آخر يحوي أي نظام تشغيل آخر (مثلا: ويندوز أو ماك أوإس أو لينكس، إلخ) فاختر 'نعم'. + ‮مُحمِّل إقلاع غير ويندوز + ‮هل سجل الإقلاع الرئيسي ‪MBR‬ منصب فيه مُحمِّل إقلاع لغير ويندوز (أو مدير إقلاع ما)؟ ‮ ‮ملاحظة: مثلا، إن كان المسار الأول لسواقة الإقلاع يحوي ‪GRUB‬ أو ‪LILO‬ أو ‪XOSL‬ أو محمل إقلاع أو مدير إقلاع لا يخص ويندوز، فانقر 'نعم'. + ‮عديد الإقلاع + ‮لا يدعم ڤيراكربت حاليا التجهيزات عديدة الإقلاع المنصّب فيها مُحمِّل إقلاع غير الذي يخصُّ ويندوز في سجّل الإقلاع الرئيسي. ‮ ‮الحلول الممكنة: ‮ ‮- إن كنت تستخدم مدير إقلاع لإقلاع كل من ويندوز و لينكس فانقل مدير الإقلاع (عادة هو ‪GRUB‬) من سِجِّل الإقلاع الرئيسي إلى قسمٍ. ثم شغل هذا المرشد مجددا و عمِّ قسم\\سواقة النظام. لاحظ أن مُحمِّل إقلاع ڤيراكربت سيصبح هو مدير الإقلاع الرئيسي و أنه سيسمح لك بتشغيل مدير الإقلاع الأصلي (مثلا: ‪GRUB‬) كمدير إقلاع ثانوي (بضغط ‪Esc‬ في شاشة محمِّل إقلاع ڤيراكربت) و بهذا سيمكنك تشغيل لينكس. + ‮إن كان نظام التشغيل العامل حاليا منصبا في قسم الإقلاع فسيتوجب عليك بعد تعميته أن تدخل كلمة السر الصحيحة حتى إن أردت تشغيل أي نظام ويندوز آخر غير معمى (لأنها ستتشارك جميعها في مُحمِّل إقلاع وحيد معمى). ‮ ‮على العكس من ذلك إن كان نظام التشغيل العامل حاليا ليس منصبا في قسم الإقلاع (أو إن كان مُحمِّل إقلاع ويندوز لا يستخدمه أي نظام تشغيل آخر) فإنك بعد تعمية هذا النظام لن تضطر إلى إدخال كلمة السر الصحيحة لإقلاع نظم التشغيل الأخرى غير المعماة. لن يكون عليك سوى ضغط مفتاح ‪Esc‬ لبدء النظام غير المعمى (إن وجد أكثر من نظام غير معمّى فسيمكنك اختيار أيها يقلع من قائمة مدير إقلاع ڤيراكربت). ‮ ‮ملاحظة: عادة ما يُنصَّب أوّل نظام ويندوز يُنصَّب في قسم الإقلاع. + ‮تعمية المنطقة المحمية المضيفة + ‮في آخر عديد من السواقات توجد منطقة عادة ما تكون محجوبة عن نظام التشغيل (يشار إليها بالمناطق المحمية من المضيف)، إلا أن بعض البرمجيات يمكنها القراءة و الكتابة في تلك المناطق. ‮ ‮تحذير: يستخدم بعض مصنِّعو الحواسيب تلك المناطق لتخزين أدوات و بيانات لمصفوفات RAID أو لاسترجاع النظام أو لتجهيز النظام أو الفحص أو لأغراض أخرى. إن توجَّب النفاذ إلى أي من تلك الأدوات قبل الإقلاع فإن المنطقة المحجوبة يجب ألا تعمى (اختر 'لا' في الأعلى). ‮ ‮أتريد من ڤيراكربت أن يتحسس و يعميّ تلك المنطقة (إن وجدت) التي في آخر سواقة النظام؟ + ‮نوع تعمية النظام + ‮اختر هذا إن كنت تريد تعمية قسم النظام أو سواقة النظام بكاملها. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + ‮نظام التشغيل المخفي + ‮في الخطوات التالية ستنشئ مجلدَي ڤيراكربت (خارجي و مخفي) في القسم الأول التالي لقسم النظام. القسم المخفي سيحوي نظام التشغيل المخفي. سينشئ ڤيراكربت النظام المخفي بنسخ محتويات قسم النظام (حيث يوجد نظام التشغيل العامل حاليا) إلى المجلد المخفي. في المجلد الخارجي ستَنسَخ بعض الملفات التي تبدو حسّاسة لكنك لا تهتم حقا بإخفائها، و ستكون بمثابة تمويه لمن يجبرك على الإفصاح عن كلمة سر النظام المخفي، إذ يمكنك عندها الكشف عن كلمة سر المجلد الخارجي الموجود في قسم نظام التشغيل المخفي (و سيبقى وجود نظام التشغيل المخفي سريا). ‮ ‮و أخيرا ستنصِّب في قسم النظام العامل حاليا نظام تشغيل يسمى النظام التمويهي و تعمِّيَه، و يجب ألا يحوي أية بيانات حساسة و سيكون لتمويه من يجبرك على الكشف عن كلمة سر استيثاق ما قبل الإقلاع. في المجمل ستوجد ثلاث كلمات سرّ، اثنتان منها يمكن الكشف عنهما (النظام التمويهي، و المجلد الخارجي)؛ لكن إن أدخلت الثالثة فسيشتغل نظام التشغيل المخفي. + ‮يجري تحسس القطاعات المخفية + ‮انتظر حتى يتحسس ڤيراكربت وجود قطاعات مخفية في آخر سواقة النظام. لاحظ أن هذا قد يستغرق وقتا طويلا ليتم. ‮ ‮ملاحظة:في بعض الحالات النادرة و في بعض الحواسيب قد يصبح النظام غير مستجيب أثناء صيرورة التحسس. إن حدث هذا فأعد تشغيل الحاسوب و شغِّل ڤيراكربت و أعد الخطوات السابقة مع تجاوز هذه الخطوة. لاحظ أن هذا لا تسببه علة في ڤيراكربت. + ‮المنطقة التي ستُعمَّى + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + ‮يجري جمع العشوائية + ‮تم توليد المفاتيح + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + ‮يجري تسجيل قرص الإنقاذ + ‮تم إنشاء قرص الإنقاذ + ‮الاختبار المبدئي لتعمية النظام + ‮تم اختبار قرص الإنقاذ + \nn‮تم اختبار قرص إنقاذ ڤيراكربت بنجاح. رجاء أزل القرص من السواقة الآن و احفظه في مكان آمن. ‮ ‮انقر 'اللاحق' للمواصلة. + ‮تحذير: أثناء الخطوات التالية يجب ألا يكون قرص إنقاذ ڤيراكربت في السواقة و إلا فلن يمكن إتمام الخطوات بنجاح. ‮ ‮تحقق من إزالة القرص من السواقة الآن و احفظه في مكان مناسب، ثم اضغط 'موافق'. + ‮تحذير: بسبب قصور تقني في بيئة ما قبل الإقلاع فإن النصوص المعروضة في بيئة قبل الإقلاع (قبل أن يبدأ ويندوز) لا تمكن ترجمتها، لذا فواجهة بيئة قبل الإقلاع هي بالإنجليزية بالكامل. ‮ ‮أأواصل؟ + ‮قبل تعمية قسم أو سواقة النظام يحتاج ڤيراكربت للتحقق من أن كل شيء يعمل كما ينبغي. ‮ ‮بعد أن تنقر 'اختبر' كل المكونات (مثلا مكون استيثاق ما قبل الإقلاع، أي مُحمِّل إقلاع ڤيراكربت) ستُنصَّب و سيعاد تشغيل حاسوبك. بعدها سيتوجب عليك إدخال كلمة السر في شاشة مُحمِّل إقلاع ڤيراكربت التي ستظهر قبل بدء ويندوز. بعد أن يبدأ ويندوز ستُبلغ تلقائيا بنتيجة هذا الاختبار المبدئي. ‮ ‮النبيطة التالية ستُعدَّل: السواقة رقم ‪%d‬ ‮ ‮إذا نقرت 'ألغِ' الآن فلن يُنصَّب شيء و لن يُجرى الاختبار المبدئي. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + ‮تم الاختبار المبدئي + ‮تم الاختبار المبدئي بنجاح. ‮ ‮تحذير: لاحظ أنه إذا انقطعت الطاقة أثناء تعمية البيانات في موضعها أو إذا انهار نظام التشغيل بسبب عطل برمجي أو عتادي أثناء عمل ڤيراكربت على تعمية بيانات في موضعها فإن بعضا من البيانات ستتلف أو تُفقد. لذا فقبل البدء بالتعمية تحقق من أن لديك نسخة احتياطية من الملفات التي ستعميها، و إذا ما كانت لديك فاتِّخذ نسخة احتياطية الآن (يمكنك نقر 'أرجئ' و نسخ الملفات ثم تشغيل ڤيراكربت مجددا في أي وقت و اختيار 'نظام' > 'عاود الصيرورة المقاطعة' لبدء التعمية). ‮ ‮عندما تكون جاهزا اضغط 'عمِّ' لبدء التعمية. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \nn‮ ‮يمكنك أن تضغط 'جمِّد' أو 'أرجئ' في أي وقت لمقاطعة صيرورة التعمية، ثم تصرف المرشد، ثم تعيد تشغيل الحاسوب أو تطفئه، ثم معاودة الصيرورة التي ستواصل من حيث توقفت. لاحظ أن المجلد لا يمكن وصله حتى تمام تعميته. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + ‮اشتغل النظام المخفي + ‮النظام الأصلي + ‮ينشئ ويندوز (عادة دون استشارتك) ملفات سجلات عديدة، و ملفات مؤقتة و غيرها في قسم ويندوز، كما يحفظ محتويات ذاكرة RAM عند السُبات و كذلك في ملف المبادلة الذي عادة ما يوجد في قسم النظام. لذا، إن تمكن خصم من تحليل الملفات المخزنة في القسم الذي يوجد فيه النظام ااصلي (و الذي استنسخ منه النظام المخفي) فإنه قد يعرف أنك استخدمت مرشد ڤيراكربت في طور إنشاء نظام مخفي (و هو ما قد يدل على وجود نظام تشغيل مخفي في حاسوبك). ‮ ‮للحول دون مثل هذه الملابسات فإن ڤيراكربت في الخطوات التالية سيمحو محوا آمنا كل محتوى القسم الذي كان يوجد فيه النظام الاصلي. بعدها، و لأجل تحقيق حجية الإنكار يتوجب ليك تثبيت نظام تشغيل جديد في القسم ثم تعميته، و بهذا يصير لديك نظام تمويه و بهذا تتم صيرورة إنشاء نظام التشغيل المخفي. + ‮تم بنجاح إنشاء نظام التشغيل المخفي. لكن قبل أن تشرع في استخدامه (و لتحقيق حجية الإنكار) ينبغي (باستخدام ڤيراكربت) محو كل محتوى القسم المنصب فيه نظام التشغيل العامل حاليا. قبل أن يمكن عمل هذا تنبغي إعادة تشغيل النظام و في شاشة مُحمل إقلاع ڤيراكربت (التي تظهر قبل أن يشتغل ويندوز) أدخل كلمة سر استيثاق ما قبل الإقلاع لنظام التشغيل المخفي، و بعد أن يشتغل النظام فإن مرشد ڤيراكربت سيشتغل تلقائيا. ‮ ‮ملاحظة: إن اخترت إنهاء صيرورة إنشاء نظام التشغيل المخفي الآن فلن يكون بوسعك معاودتها لاحقا و لن يمكن النفاذ إلى نظام التشغيل المخفي (لأن مُحمِّل إقلاع ڤيراكربت سيُزال). + ‮كنت قد جدولت سيرورة إنشاء نظام تشغيل مخفي، و هذه الصيرورة لم تتم بعد. لإتمامها تنبغي إعادة تشغيل الحاسوب و في شاشة مُحمِّل إقلاع ڤيراكربت (التي تظهر قبل أن يشتغل ويندوز) أدخل كلمة سر نظام التشغيل المخفي. ‮ ‮ملاحظة: إن اخترت إنهاء صيرورة إنشاء نظام التشغيل المخفي الآن فلن يكون بوسعك معاودتها لاحقا. + ‮أعد تشغيل الحاسوب ثم واصل + ‮أنه نهائيا صيرورة إنشاء نظام التشغيل المخفي + ‮لا تفعل شيئا الآن و اسألني لاحقا + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + ‮استنساخ نظام تشغيل + ‮في الخطوات التالية سينشئ ڤيراكربت نظام التشغيل المخفي بنسخ محتوى قسم النظام إلى المجلد المخفي (البيانات المنسوخة ستُعمى لحظيا بمفتاح تعمية يختلف عن الذي سيستخدم لنظام التشغيل التمويهي). ‮ ‮لاحظ أن هذه الصيرورة ستجري في بيئة ما قبل الإقلاع (قبل أن يشتغل ويندوز) و أنها قد تستغرق وقتا طويلا حتى تتم؛ بضع ساعات أو حتى أياما (حسب حجم قسم النظام و قوة الحاسوب). ‮ ‮سيكون بوسعك مقاطعة الصيرورة و إطفاء الحاسوب ثم بدء نظام التشغيل و معاودة الصيرورة لاحقا. إلا أنك إذا ما قاطعت صيرورة نسخ نظام التشغيل فإنها ستبدأ من البداية عند معاودتها (لأن محتويات قسم النظام ينبغي ألا تتغير أثناء النسخ). + ‮أتريد إلغاء صيرورة إنشاء نظام التسغيل المخفي كلية؟ ‮ ‮ملاحظة: لن يمكنك معاودة الصيرورة إن ألغيتها الآن. + ‮أتريد إلغاء الاختبار المبدئي لتعمية النظام؟ + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + ‮لا يبدو أن قسم\\سواقة النظام مُعمّاة (لا جزئيا و لا بالكامل). + ‮قسم\\سواقة النظام مُعمّاة (جزئيا أو بالكامل). ‮ ‮ظهِّر قسم\\سواقة النظام كُليّا قبل المواصلة. لفعل هذا اختر 'نظام' > 'ظهِّر نهائيا قسم\\سواقة النظام' من قائمة نافذة ڤيراكربت الرئيسية. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + ‮يجري حاليا تظهير أو تعمية قسم\\سواقة النظام أو تعديلها على نحو ما. قاطع صيرورة التعمية\\التظهير\\التعديل (أو انتظر حتى تمامها) قبل المواصلة. + ‮توجد نسخة من مرشد إنشاء مجلد ڤيراكربت تعمل في هذا النظام أو تعد لتعمية أو تظهير قسم\\سواقة النظام. قبل أن تمكن المواصلة ينبغي انتظاره حتى ينتهي أو إغلاقه. إن لم يكن يوسعك إغلاقه فأعد تشغيل الحاسوب قبل المواصلة. + ‮لم تتم صيرورة تعمية أو تظهير قسم\\سواقة النظام. انتظر حتى تمامها قبل المواصلة. + ‮عطل: لم تتم صيرورة تعمية أو تظهير قسم\\سواقة النظام. يجب أن تتم أولا. + ‮ععطل: صيرورة تعمية القسم\\المجلد لم تتم؛ و ينبغي أن تتم أولا. ‮ ‮ملاحظة: لمعاودة الصيرورة اختر 'مجلدات' > 'عاود الصيرورة المقاطعة' من قائمة نافذة ڤيراكربت الرئيسية. + ‮كلمة السر صحيحة، و قد ظهَّر ڤيراكربت ترويسة المجلد و تحسَّس أنه مجلد نظام مخفي، لكن لا يمكن تعديل ترويسة مجلد نظام مخفي بهذه الطريقة. ‮ ‮لتعيير كلمة السر لمجلد نظام مخفي أقلع نظام التشغيل الكائن في المجلد المخفي ثم اختر 'نظام' > 'غيِّر كلمة السر' من قائمة نافذة تروركبت الرئيسية. ‮ ‮لضبط خوارزمية اشتقاق مفتاح الترويسة، أقلع نظام التشغيل و اختر 'نظام' > 'اضبط خوارزمية اشتقاق مفتاح الترويسة'. + ‮لا يدعم ڤيراكربت التظهير في الموضع لقسم نظام تشغيل مخفي. ‮ ‮ملاحظة: إذا أردت تظهير قسم نظام التشغيل التمويهي فأقلع النظام التمويهي ثم اختر 'نظام' > 'ظهّر نهائيا قسم\\سواقة النظام' من قائمة نافذة ڤيراكربت الرئيسية. + ‮عطل: معطى غير صحيح/خاطئ. + ‮لقد اخترت قسما أو نبيطة إلا أن طور المُرشد الذي اخترت لا يناسب سوى ملفات الحاويات. ‮ ‮أتريد تغيير طور المرشد؟ + ‮أتريد إنشاء ملف حاوية ڤيراكربت بدلا من هذا؟ + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + ‮أمتأكد أنك تريد تظهير قسم\\سواقة النظام نهائيا؟ + ‮تنبيه: إن ظهَّرت قسم\\سواقة النظام نهائيا فإن بيانات غير معماة ستكتب عليها. ‮ ‮أتريد حقا تظهير قسم\\سواقة النظام نهائيا؟ + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + ‮إن واجهتك أي من المشكلات سابقة الذكر فظهِّر قسم\\سواقة النظام (إن كانت معمّاة) و حاول تعميتها مجددا باستخدام خوارزمية تعمية غير متوالية (مثل ‪AES‬). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + ‮رقم إصدارة مُحمِل إقلاع ڤيراكربت الذي أقلع نظام التشغيل هذا يختلف عن رقم إصدارة مُشغِّل ڤيراكربت (و تطبيقات ڤيراكربت) المثبتة في هذا النظام. ‮ ‮ينبغي أن تشغل مُنَصِّب ڤيراكربت (الذي يتطابق رقم إصدارته مع رقم إصدارة مُحمِل إقلاع ڤيراكربت) و ذلك لتحديث ڤيراكربت في هذا النظام. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + ‮تمت ترقية مُحمِّل إقلاع ڤيراكربت. ‮ ‮من المحبذ بشدة أن تنشئ قرص إنقاذ ڤيراكربت جديد (ليحوي الإصدارة الجديدة من مُحمِّل إقلاع ڤيراكربت) باختيار 'نظام' > 'أنشئ قرص إنقاذ' بعد أن تعيد تشغيل الحاسوب. + ‮مُحمِل إقلاع ڤيراكربت تمت ترقيته. ‮ ‮من المحبذ بشدة أن تُقلع نظام التشغيل التمويهي و أن تنشئ قرص إنقاذ ڤيراكربت حديث (و هو الذي سيحوي الإصدارة الجديدة من مُحمِّل إقلاع ڤيراكربت) باختيار 'نظام' > 'أنشئ قرص إنقاذ'. + ‮فشلت ترقية مُحمِّل إقلاع ڤيراكربت. + ‮فشل تروكرمبت في تحسُّس الحجم الفعلي لسواقة النظام، لذا فسيستخدم الحجم الذي يقرره نظام التشغيل (و هو الذي يمكن أن يكون أصغر من الحجم الحقيقي). لاحظ أن هذه ليست علة في ڤيراكربت. + ‮تنبيه: يبدو أن ڤيراكربت قد حاول مسبقا تحسُّس القطاعات المخفية في سواقة النظام هذه. إن كانت قد واجهتك أية مشكلات أثناء عملية التحسس السابقة فيمكنك تلافي المشكلات بتجاوز تحسس القطاعات المخفية الآن. لاحظ أنك إن فعلت هذا فإن ڤيراكربت سيستخدم الحجم المبلغ من قبل النظام (و هو قد يكون أصغر من حجم السواقة الحقيقي). ‮ ‮لاحظ أن هذه ليست علة في ڤيراكربت. + ‮تجاوز تحسس القطاعات المخفية (استخدم الحجم الذي أبلغ به نظام التشغيل) + ‮حاول تحسس القطاعات المخفية مجددا + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + ‮ملاحظة: استبدل تروركبت محتوى ‪%I64d‬ قطاعا(ت) غير مقروء(ة) (‪%s‬) بكتل من صريحة الأصفار المعماة. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + ‮أدخل كلمة السر\\رقم التعريف للأمارة '‪%s‬': + ‮لتمكين ڤيراكربت من النفاذ إلى أمارة أمان أو بطاقة ذكية ينبغي أولا تنصيب مكتبة ‪PKCS #11‬ البرمجية الخاصة بالأمارة أو البطاقة. مثل تلك المكتبة قد تكون مضمنة مع الجهاز أو قد تكون متاحة للتنزيل من موقع الصانع على الوب أو من أطراف آخرين. ‮ ‮بعد تنصيب المكتبة يمكنك إما أن تختارها يدويا بنقر 'اختر مكتبة' أو أن تدع ڤيراكربت ليجدها و يختارها تلقائيا بنقر 'تحسس المكتبة تلقائيا' (لن يبحث سوى في دليل نظام ويندوز). + ‮ملاحظة: فيما يخص اسم و موضع ملف مكتبة ‪PKCS #11‬ المنصبة لأمارة الأمان أو البطاقة الذاتية التي تستخدمها ارجع للوثائق المصاحبة للأمارة أو البطاقة أو البرمجيات الخارجية. ‮ ‮انقر 'موافق' لتختار المسا رو اسم الملف. + ‮لتمكين ڤيراكربت من النفاذ إلى أمارة أمان أو بطاقة ذكية ينبغي اختيار مكتبة ‪PKCS #11‬ البرمجية الخاصة بالأمارة أو البطاقة. لعمل ذلك اختر 'تضبيطات' > 'أمارات الأمان'. + ‮تعذَّر استبداء مكتبة ‪PKCS #11‬ لأمارة الأمان. ‮ ‮تحقق من أن المسار و اسم الملف المعينان يعودان لمكتبة ‪PKCS #11‬. لتعين مسار و اسم ملف مكتبة ‪PKCS #11‬ اختر 'تضبيطات' > 'أمارات الأمان'. + ‮لم يُعثر على أي مكتبات ‪PKCS #11‬ في دليل نظام ويندوز. ‮ ‮تحقق من وجود مكتبة ‪PKCS #11‬ لأمارة الأمان التي تستخدمها أو للبطاقة الذكية (مثل تلك المكتبة قد تكون مرفقة مه الأمارة\\البطاقة أو قد تكون متاحة للتنزيل من موقع الصانع على الوب أو من طرف آخر). إن كانت المكتبة مثبتة في دليل غير دليل نظام ويندوز فانقر 'اختر مكتبة' لتعيينها (مثلا قد تكون في الدليل المنصبة فيه برمجيات الأمارة\\البطاقة). + ‮لم يُعثر على أمارة أمان. ‮ ‮تحقق من اتصال أمارة الأمان بالحاسوب و من أن مشغلها البرمجي مُنصَّب. + ‮لم يُعثر على ملف مفتاح أمارة الأمان. + ‮يوجد بالفعل ملف مفتاح أمارة أمان بالاسم ذاته. + ‮أتريد حذف الملفات المختارة؟ + ‮مسار ملف مفتاح أمارة الأمان غير صحيح. + ‮عطل متعلق بأمارة الأمان + ‮كلمة سر أمارة الأمان غير صحيحة. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + ‮كل جلسات أمارات الأمان المفتوحة تم إنهاؤها. + ‮اختر ملفات مفاتيح أمارات الأمان + ‮فتحة + ‮اسم الأمارة + ‮اسم الملف + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + ‮عطل في تحليل سطر الأوامر. + ‮قرص الإنقاذ + ‮اختر &ملفا و أوصل… + ‮اختر &نبيطة و أوصل… + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + ‮تحذير: نظام الملفات في المجلد الموصول باسم '‪%s‬' لم يفصل كما ينبغي المرة السابقة و قد يحوي أعطالا. استخدام نظام ملفات معطوب قد يؤدي إلى ضياع البيانات أو تلفها. ‮ ‮ملاحظة: قبل أن تطفئ أو تفصل عن الحاسوب نبيطة (مثل شريحة ذاكرة USB أو سواقة أقراص خارجية) تحوي مجلد ڤيراكربت تأكد من أن تفصل المجلد أولا في ڤيراكربت. ‮ ‮ ‮أتريد أن يحاول ويندوز تحسس و إصلاح الأعطال (إن وجدت) في نظام الملفات هذا؟ + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + ‮المجلد '‪%s‬' وُصل للقراءة فقط لأن النفاذ بالكتابة قد مُنع. ‮ ‮تحقق من أنه ما من برمجيات أخرى (مثل مضاد الفيروسات) تنفذ إلى القسم\\النبيطة المستضاف فيها المجلد. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + ‮اختبر + ‮ملف مفتاح + Backspace + Tab + Clear + Enter + Pause + Caps Lock + ‮مسطرة المسافات + Page Up + Page Down + End + Home + ‮السهم لليسار + ‮السهم لأعلى + ‮السهم لليمين + ‮السهم لأسفل + ‮مفتاح‪Select‬ + ‮مفتاح ‪Print‬ + ‮مفتاح ‪Execute‬ + Print Screen + Insert + Delete + Applications Key + Sleep + Num Lock + Scroll Lock + ‮التصفح رجوعا + ‮التصفح قدما + ‮تجديد الصفحة + ‮وقف التصفح + ‮بحث التصفح + ‮تفضيلات التصفح + ‮الصفحة الأولى + ‮اصمت + ‮اخفض الصوت + ‮ارفع الصوت + ‮المقطوعة اللاحقة + ‮المقطوعة السابقة + ‮أوقف الوسائط + ‮شغل/أوقف الوسائط + ‮مفتاح تشغيل البريد + ‮مفتاح اختيار الوسائط + ‮تطبيق 1 + ‮تطبيق 2 + Attn + CrSel + ExSel + ‮شغِّل + ‮كبَّر + NumPad + Shift + Control + Alt + Win + ‮ب + ‮كيلوبايت + ‮ميجابايت + ‮جيجابايت + ‮ت.بايت + ‮پ.بايت + ‮بايت/ث + ‮كيلوبايت/ث + ‮ميجابايت/ث + ‮جيجابايت/ث + ‮ت.بايت/ث + ‮پ.بايت/ث + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.be.xml b/Translations/Language.be.xml index 179343da..50dfaf3e 100644 --- a/Translations/Language.be.xml +++ b/Translations/Language.be.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Адмена - Усталяваць для ўсіх карыстачоў - Агляд... - Значок VeraCrypt на працоўны стол - Donate now... - Адкрываць VeraCrypt для ўсіх файлаў з пашырэннем '.hc' - Па заканчэнню адкрыць тэчку ўсталёўкі - Дадаць VeraCrypt у меню 'Пуск' - Стварыць пункт аднаўлення сістэмы - Выдаліць - Выняць - Усталяваць - Майстар усталёўкі VeraCrypt - Выдаленне VeraCrypt - Даведка - Абярыце або ўвядзіце месца прызначэння для вынятых файлаў: - Абярыце або ўвядзіце месца на дыску, дзе Вы жадаеце ўсталяваць праграмныя файлы VeraCrypt. Калі азначанай тэчкі не існуе, яна будзе створана аўтаматычна. - Націсніце 'Дэўсталяваць' для выдалення VeraCrypt з сістэмы. - Спыніць - &Benchmark - Тэст - Create encrypted volume and format it - Encrypt partition in place - Паказаць створаныя ключы (іх часткі) - Паказваць пул - Спампаваць ПЗ для запісу CD/DVD - Create an encrypted file container - &GB - &TB - More information - Схаваны том VeraCrypt - Што такое 'Схаваны том'? - Прамы рэжым - Звычайны рэжым - &Кб - Ключавыя файлы - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - Файлы... - Звесткі пра хэш-алгарытмы - Дэталёва - Information on PIM - &Мб - Дэталёва - Звесткі пра шыфраванне сістэмы - Дэталёва - Мультызагрузка - Encrypt a non-system partition/drive - Не захоўваць гісторыю - Адкрыць вонкавы том - Паўза - Use P&IM - Use PIM - Хуткае фарматаванне - Паказаць пароль - &Display password - &Display PIM - Адзінкавая загрузка - Звычайны том VeraCrypt - Hi&dden - Normal - Зашыфраваць падзел або сістэмны дыск цалкам - Зашыфраваць сістэмны падзел Windows - Зашыфраваць дыск цалкам - Майстар стварэння тамоў VeraCrypt - Кластэр - ВАЖНА: Хаатычна рухайце мышкай у гэтым акне. Чым даўжэй, тым лепш. Гэта значна павялічыць крыптатрываласць ключоў шыфравання. Затым націсніце 'Далей' для працягу. - Пацвердзіце: - Гатова - Drive letter: - Алгарытм шыфравання - Файлавая сістэма: - Стварыць віртуальны зашыфраваны дыск усярэдзіне файла. Рэкамендуецца дасведчаным карыстачам. - Налады - Хэш-алгарытм - Ключ заг-ка: - Засталося - Галоўны ключ: - Абярыце гэтую наладу, калі ў ПК усталявана дзве ці больш АС.\n\nНапрыклад:\n- Windows XP і Windows XP\n- Windows XP і Windows Vista\n- Windows і Mac OS X\n- Windows і Linux\n- Windows, Linux і Mac OS X - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - Бягучае змесціва пула (частка) - Pass - Пароль: - Volume PIM: - Volume PIM: - Ход працы: - Выпадкова: - Абярыце гэтую наладу, калі ў ПК усталяваная толькі адна АС (нават калі яна з некалькімі карыстачамі). - Хуткасць - Стан - Ключы, 'соль' і іншыя дадзеныя паспяхова згенераваныя. Калі вы жадаеце згенераваць новыя ключы, націсніце 'Назад', а затым 'Далей'. Калі ж не, то націсніце 'Далей' для працягу. - Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Рэжым ачысткі: - Зачыніць - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - Няма дзеяння - Аўтамантаванне азначанага тома VeraCrypt - Запуск VeraCrypt - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - Агляд... - Агляд... - Кэшаваць паролі і ключавыя файлы ў памяці - Выйсці, калі няма змантаваных тамоў - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - З майстрам стварэння тамоў VeraCrypt - Стварыць - Стварыць том - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Выкарыстоўваць ключавыя файлы - Выкарыстоўваць ключавыя файлы - Выйсці - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Прызначыць - Прыбраць - Ключавыя файлы... - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - Аўтамантаванне - Налады... - Мантаваць як том толькі для чытання - Ключавыя файлы... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Уключана - Кэшаваць паролі ў памяці прывада - Аўтаматычна размантаваць пры неактыўнасці на працягу - заканчэнні сеансу - User session locked - рэжыму энэргазахавання - запуску экраннай застаўкі - Аўтаразмантаваць том нават пры адкрытых файлах/тэчках - Мантаваць усе тамы на прыладах - Start VeraCrypt Background Task - Мантаваць як тамы толькі для чытання - Мантаваць як зменныя носьбіты - Адчыніць акно Аглядальніка пасля паспяховага мантавання тома - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Ачысціць кэш пароляў пры аўтаразмантаванні - Ачысціць кэш пароляў на выхадзе - Preserve modification timestamp of file containers - Скід - Дыск... - Файл... - Select &Library... - Паказаць пароль - Паказаць пароль - Адчыніць змантаваны том у акне Аглядальніка - Кэшаваць пароль у памяці драйвера - TrueCrypt Mode - Размантаваць усе - Уласцівасці тома... - Аперацыі... - Ачысціць кэш - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - агульнасістэмныя хуткія клавішы - VeraCrypt - Змена пароля ці ключавых файлаў - Увядзіце пароль для тома - VeraCrypt - Performance and Driver Options - VeraCrypt - Налады - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - Наладка пераноснага дыска VeraCrypt - Уласцівасці тома VeraCrypt - Пра праграму... - Дадаць/выдаліць ключавыя файлы ў/з том(а)... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Стварыць рэзервовую копію загалоўка тома... - Тэст хуткасці... - Прызначыць алгарытм вылічэння ключа загалоўка... - Змяніць пароль тома... - Прызначыць алгарытм дэрывацыі ключа загалоўка... - Змяніць пароль... - Ачысціць гісторыю тамоў - Close All Security Token Sessions - Сувязь з аўтарамі... - Create Hidden Operating System... - Стварыць дыск узнаўлення... - Стварыць новы том... - Permanently Decrypt... - Прадвызначаныя ключавыя файлы... - Default Mount Parameters... - Donate now... - Зашыфраваць сістэмны падзел/дыск... - Пытанні і адказы - Дапаможнік карыстача - Хатняя старонка - Хуткія клавішы... - Генератар ключавых файлаў - Мова (language)... - Юрыдычная інфармацыя - Manage Security Token Keyfiles... - Аўтамантаванне ўсіх тамоў на прыладах - Змантаваць абраныя тамы - Mount Without Pre-Boot &Authentication... - Змантаваць том - Змантаваць том з наладамі - Навіны - Даведка з Сеціва - Падручнік для пачаткоўцаў - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Назаўсёды расшыфраваць сістэмны падзел/дыск - Налады... - Абнавіць літары дыскаў - Выдаліць усе ключавыя файлы тома... - Аднавіць загаловак тома з рэзервовай копіі.. - Resume Interrupted Process - Абраць дыск... - Абраць файл... - Узнавіць перапынены працэс - System Encryption... - Properties... - Settings... - System Favorite Volumes... - Запампоўка ПЗ - Тэст генеравання вектараў... - Security Tokens... - Наладка пераноснага дыска... - Размантаваць усе змантаваныя тамы - Размантаваць том - Праверыць дыск узнаўлення - Verify Rescue Disk ISO Image - Гісторыя версій - Volume Expander - Налады тома - Майстар стварэння тамоў - Сайт VeraCrypt - Ачысціць кэш пароляў - OK - Hardware Acceleration - Хуткая клавіша - Налады аўтазапуску (файл autorun.inf) - Аўтаматычнае размантаванне - Размантаваць усе тамы падчас: - Boot Loader Screen Options - Пацвердзіце пароль: - Бягучы - Display this custom message in the pre-boot authentication screen (24 characters maximum): - Прадвызначаныя налады мантавання - Дадатковыя налады - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Налады файла - Клавіша: - Processor (CPU) in this computer supports hardware acceleration for AES: - Выконваць пры ўваходзе ў Windows - хв - Літара дыска: - Налады мантавання - Новы - Пароль: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - Кэшаванне пароляў - Security Options - Праца VeraCrypt у фоне - Том для мантавання (адносна кораня пераноснага дыска): - Падчас устаўкі пераноснага дыска: - Стварыць файлы пераноснага дыска (каранёвая тэчка пераноснага дыска) у: - Том - Вокны - Тэчка... - Аўтатэст усіх - &Continue - Расшыфраваць - &Delete - Зашыфраваць - &Export... - Стварыць і захаваць файл... - Выпадковы ключавы файл... - Загрузіць моўныя модулі з сайта - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - Ключавыя файлы - Ключавыя файлы... - Выдаліць - Выдаліць усе - Што такое 'Засцярога ўтоеных тамоў'? - More information on keyfiles - Мантаваць том як зменны носьбіт - Mount partition &using system encryption without pre-boot authentication - Parallelization: - Тэст хуткасці - Друк - Засцерагчы ўтоены том ад пашкоджання падчас запісу ў вонкавы том - Скід - Паказаць пароль - Add &Token Files... - Use backup header embedded in &volume if available - XTS-рэжым - Пра VeraCrypt - VeraCrypt - Тэст хуткасці алгарытмаў шыфравання - VeraCrypt - Тэст вектараў - Даведка па каманднаму радку - VeraCrypt - Ключавыя файлы - VeraCrypt - Генератар ключавых файлаў - VeraCrypt - Мова інтэрфейса - Налады мантавання - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Абраць дыскавы падзел ці прыладу - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Звесткі пра абраны моўны модуль - Хуткасць залежыць ад загрузкі працэсара і хуткасці прылад захавання дадзеных.\n\nГэтыя тэсты выконваюцца толькі ў аператыўнай памяці. - Памер буферу: - Шыфр: - Пароль утоенага тома:\n(калі пуста, то з кэша) - Засцярога ўтоенага тома - Памер ключа: - ВАЖНА: Хаатычна перасоўвайце мыш у межах гэтага акна. Чым даўжэй, тым лепш. Гэта значна павялічыць крыптаўстойлівасць ключавога файла. - УВАГА: Пры страце ключавога файла, ці пашкоджанні яго першых 1024 кілабайт - мантаванне тамоў, што яго выкарыстоўваюць, будзе немагчымае! - біт - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Аўтар перакладу: - Памер: - біт - Бягучае змесціва пула - Мікшэр паўтору: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Другасны ключ (16-ковы) - Security token: - Сартаванне: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Block number: - Шыфраваны тэкст (шаснаццатковы) - Лік адзінак з дадзенымі (64-біт 16-ковы, памер адзінкі з дадзенымі - 512 байтаў) - Ключ (шаснаццатковы) - Незашыфраваны тэкст (шаснаццатковы) - Keyfile name: - XTS-рэжым - S&ystem - Тамы - Favor&ites - Прылады - Settin&gs - Даведка - Хатняя старонка - - Пра праграму... - Немагчыма зняць атрыбут 'толькі для чынання'. Калі ласка, праверце магчымасць запісу файла. - Памылка: доступ забаронены.\n\nПадзел, які вы спрабуеце выкарыстаць, мае даўжыню 0 сектараў, або гэта загрузная прылада. - Administrator - Каб можна было загрузіць драйвер VeraCrypt, вы павінны мець правы адміністратара. - Майце на ўвазе, што каб выкарыстоўваць шыфраванне падзелу ці дыску, вы павінны мець правы адміністратара.\n\nГэта не тычыцца томоў у файлах. - Каб стварыць утоены том, вы павінны мець правы адміністратара.\n\nПрацягваць ? - Майце на ўвазе, што каб фарматаваць том у NTFS, вы павінны мець правы адміністратара.\n\nБез правоў адміністратара вы можаце фарматаваць дыск толькі ў FAT. - Зацверджаны FIPS (ЗША) алгарытм шыфравання (Rijndael, апублікаваны ў 1998 г.), дазволены да ўжывання ў федэральных структурах ЗША для засцярогі найважнай інфармацыі. 256-бітны ключ, 128-бітны блок, 14 цыклаў (AES-256). Рэжым працы -- XTS. - Том ужо змантаваны. - АСЦЯРОЖНА: Прынамсі адзін алгарытм шыфравання або хэшавання не прайшоў аўтаматычнага саматэставання.\n\nМагчыма, ўсталёўка VeraCrypt пашкоджана. - АСЦЯРОЖНА: У пуле генератара выпадковых лікаў не хапае дадзеных для падання патрэбнага аб'ёму выпадковай інфармацыі.\n\nПрацягваць далей не варта. Абярыце ў меню 'Даведка' пункт 'Паведаміць пра памылку' і апавясціце аўтараў. - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Памылковая літара дыску. - Invalid path. - Адмена - Няма доступу да прылады. Праверце, ці існуе гэты дыск і ці не заняты ён. - Увага! Націснута клавіша Caps Lock. Гэта можа прывесці да няправільнага ўводу пароля. - Тып тома - Можа так здарыцца, што хтосьці вымусіць вас паведаміць пароль да зашыфраванага тома. У шэрагу сітуацый вы проста не зможаце адмовіцца выдаць пароль (напрыклад, у выніку вымагальніцтва). У падобных выпадках дапаможа так званы 'утоены том', які дазваляе не выдаваць пароля да сапраўды каштоўных дадзеных. - Абярыце гэтую наладу, каб стварыць звычайны том VeraCrypt. - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - Шыфраванне вонкавага тома - Шыфраванне ўтоенага тома - Налады шыфравання - УВАГА: Памылка ачысткі шляху да апошняга абранага тома/ключавога файла (запомненаму селектарам файлаў)! - ПАМЫЛКА: Кантэйнер быў сціснуты на ўзроўні файлавай сістэмы. VeraCrypt не падтрымлівае сціснутыя кантэйнеры (сціск зашыфраваных дадзеных неэфектыўны і залішні).\n\nАдключыце сціск кантэйнера, выканаўшы наступныя крокі: 1) Пстрыкніце правай кнопкай мышы ў Аглядальніку Windows (не ў VeraCrypt). 2) Абярыце пункт 'Уласцівасці'. 3) У дыялогавым акне 'Уласцівасці' націсніце кнопку 'Дадаткова'. 4) У дыялогавым акне 'Дадатковыя атрыбуты' выключыце параметр 'Сціскаць змесціва для эканоміі месца на дыску' і націсніце 'OK'. 5) Націсніце 'OK' у дыялогавым акне 'Уласцівасці'. - Памылка стварэння тома %s - Памер %s - %.2f байт - Памер %s - %.2f Кб - Памер %s - %.2f Мб - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - УВАГА: Прылада/падзел выкарыстоўваецца аперацыйнай сістэмай ці прыкладаннямі. Фарматаванне прылады/падзелу можа прывесці да страты дадзеных ці нестабільнасці сістэмы.\n\nПрацягнуць? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - ПАМЫЛКА: Прылада/падзел мае файлавую сістэму, якая не можа быць размантаваная. Магчыма, яна выкарыстоўваецца аперацыйнай сістэмай. Фарматаванне прылады/падзела хутчэй за ўсё выкліча пашкоджанне дадзеных і нестабільнасць сістэмы.\n\nДля вырашэння гэтай праблемы мы рэкамендуем спачатку выдаліць гэты падзел, затым ізноў стварыць яго без фарматавання. Вось як гэта зрабіць: 1) Пстрыкніце правай кнопкай мышы па цэтліку 'Кампутар' (ці 'Мой кампутар') в меню 'Пуск' і абярыце 'Кіраванне'. Павінна адчыніцца акно 'Кіраванне кампутарам'. 2) У акне 'Кіраванне кампутарам', абярыце 'Запамінальныя прылады' > 'Кіраванне дыскамі'. 3) Пстрыкніце правай кнопкай мышы па падзелу, які вы жадаеце зашыфраваць, і абярыце альбо 'Выдаліць падзел', альбо 'Выдаліць том', альбо 'Выдаліць лагічны дыск'. 4) Націсніце 'Так'. Калі Windows спытае перазагрузіць кампутар, зрабіце гэта. Затым паўтарыце крокі 1 і 2 і пераходзьце да крока 5. 5) Пстрыкніце правай кнопкай мышы на ўчастку з пустым месцам (ён павінен мець надпіс 'Не размеркавана'), і абярыце 'Асноўны падзел', 'Дадатковы падзел', ці 'Лагічны дыск'. 6) Павінна з'явіцца акно майстра стварэння падзелаў ці тамоў; выканайце яго інструкцыі. У акне майстра на старонцы 'Фарматаванне падзелу' абярыце альбо 'Не фарматаваць гэты падзел', альбо 'Не фарматаваць гэты том'. У тым жа акне майстра націсніце кнопку 'Далей' і затым 'Гатова'. 7) Майце на ўвазе, што абраны вамі ў VeraCrypt шлях да прылады можа быць зараз няслушным. Таму скончыце працу майстра стварэння тамоў VeraCrypt (калі ён усё яшчэ выконваецца) і запусціце яго зноў. 8) Паспрабуйце зноў зашыфраваць прыладу/падзел у VeraCrypt.\n\nКалі VeraCrypt па-ранейшаму адмовіцца шыфраваць прыладу/падзел, адкарэктуйце свае планы і стварыце замест гэтага файлавы кантэйнер. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - УВАГА: Некаторыя змантаваныя прылады/падзелы ўжо выкарыстоўваюцца.\n\nІгнараванне гэтага можа прывесці да непажаданых наступстваў, у тым ліку да нестабільнасці сістэмы.\n\nНастойліва рэкамендуецца зачыніць усе вокны, што выкарыстоўваюць гэтыя прылады/падзелы. - Абраная прылада ўтрымоўвае падзелы.\n\nФарматаванне гэтай прылады можа прывесці да нестабільнасці сістэмы і/ці пашкоджання дадзеных. Абярыце падзел на гэтай прыладзе, альбо выдаліце ўсе падзелы на ёй, каб даць магчымасць VeraCrypt бяспечна яго адфарматаваць. - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - На дыску %s вольна %.2f байт - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - Не магу атрымаць вольныя літары дыскаў. - Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Памылка ініцыявання шыфра. - Памылка: слабы ці патэнцыйна слабы ключ! Гэты ключ не прыняты. Паўтарыце спробу. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - Крытычная памылка VeraCrypt - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - Шыфраванне - Расшыфраванне - Расшыфраваць назаўсёды - Выйсці - Стварыце лагічны дыск для гэтага пашыранага падзелу і паўтарыце спробу. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - Абярыце шыфраваны том, усярэдзіне якога вы жадаеце стварыць схаваны том. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - Памылка! Немагчыма змантаваць том. Хост-файл/прылада ўжо выкарыстоўваецца. Спроба мантавання без выключнага доступу таксама патрывала няўдачу. - Немагчыма адкрыць файл. - Месцазнаходжанне тома - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Note: - Працягнуць - Адкласці - &Start - &Continue - &Фарматаваць - &Wipe - Перапыніць фарматаванне? - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - Сістэмны падзел/дыск паспяхова расшыфраваны. - \n\nТом VeraCrypt створаны і гатовы да выкарыстання. Калі вы жадаеце стварыць яшчэ адзін том VeraCrypt, націсніце кнопку 'Далей'. Інакш націсніце 'Выйсці'. - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - Том VeraCrypt паспяхова створаны. - Том створаны - ВАЖНА: Хаатычна перасоўвайце мышку ў межах гэтага акна. Чым даўжэй, тым лепш. Гэта значна павялічыць крыптаўстойлівасць ключоў шыфравання. Затым націсніце 'Размеціць', каб стварыць том. - Націсніце 'Размеціць', каб стварыць вонкавы том. Падрабязнасці гл. у дакументацыі. - Фарматаванне вонкавага тома - Фарматаванне ўтоенага тома - Фарматаванне тома - Праграма Adobe Reader (або іншы чытач) неабходны для прагляду ці друку Дапаможніка карыстача. Adobe Reader можа быць спампаваны з www.adobe.com\n\nЦі жадаеце вы замест гэтага адкрыць дапаможнік у Сеціве ? - Калі абраць гэтую наладу, майстар спачатку дапаможа вам стварыць звычайны том VeraCrypt, а затым усярэдзіне яго - утоены том. Гэты варыянт прызначаны для карыстачоў-пачаткоўцаў. - Абярыце гэтую наладу, каб стварыць утоены том усярэдзіне ўжо наяўнага тома VeraCrypt (г.зн. у вас ужо павінен быць раней створаны том VeraCrypt, прыдатны для захоўвання ўтоенага тома). - Рэжым стварэння тома - Утоены том створаны - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - Вонкавы том паспяхова створаны і змантаваны як дыск %hc:. У гэты том цяпер варта скапіяваць якія-небудзь што асэнсавана выглядаюць файлы, якія на самай справе вам хаваць НЕ трэба, каб збянтэжыць нядобразычліўца, калі ён вымусіць вас паведаміць пароль. У гэтым выпадку вы скажаце толькі пароль для гэтага вонкавага тома, але не для ўтоенага. Сапраўды каштоўныя для вас файлы будуць захоўвацца ва ўтоеным томе, створаным пазней. Калі скончыце капіяваць файлы, націсніце 'Далей'. Не размантоўвайце гэты том. НАТАТКА: Націск 'Далей' запусціць сканаванне карты кластараў вонкавага тома для высвятлення памеру бесперапыннай вольнай вобласці, канец якой стане канцом тома. Гэты ўчастак будзе прыстасаваны пад утоены том, г.зн. менавіта ім вызначаецца яго максімальна магчымы памер. Сканаванне карты кластараў гарантуе, што ніякія дадзеныя ў вонкавым томе не будуць перазапісаныя ўтоеным томам. - Змесьціва вонкавага тому - \n\nЗараз трэба вызначыць параметры для вонкавага тому, усярэдзіне якога будзе пазней створаны ўтоены том. - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - Вонкавы том - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nКарта кластараў прагледжана і максімальны памер утоенага тому вызначаны. Далей трэба вызначыць параметры, памер і пароль для ўтоенага тому. - Утоены том - Цяпер утоены том засцярожаны ад пашкоджанняў да размантавання вонкавага тома.\n\nУВАГА: Пры спробе запісу дадзеных у вобласць утоенага тома, VeraCrypt забароніць запіс на ўвесь том (вонкавы і ўтоены) да яго размантавання, бо гэта можа пашкодзіць файлавую сістэму вонкавага тома, што, у сваю чаргу, негатыўна адаб'ецца на праўдападобнасці адмаўлення наяўнасці ўтоенага тома. Таму вам варта ўсяляк перашкаджаць запіс у вобласць, дзе знаходзіцца ўтоены том. Любыя дадзеныя, якія запісваюцца ў вобласць, займаную ўтоеным томам, будуць СТРАЧАНЫЯ. Windows можа паведамляць пра гэта як пра памылку адкладзенага запісу ці няслушны параметр. - Усе ўтоеныя тамы ў зноўку змантаваных тамах засцярожаныя ад пашкоджанняў да размантавання.\n\nУВАГА: Пры спробе запісу дадзеных у вобласць утоенага тома, VeraCrypt забароніць запіс на ўвесь том (вонкавы і ўтоены) да яго размантавання, бо гэта можа пашкодзіць файлавую сістэму вонкавага тома, што, у сваю чаргу, негатыўна адаб'ецца на праўдападобнасці адмаўлення наяўнасці ўтоенага тома. Таму вам варта ўсяляк перашкаджаць запіс у вобласць, дзе знаходзіцца ўтоены том. Любыя дадзеныя, якія запісваюцца ў вобласць, займаную ўтоеным томам, будуць СТРАЧАНЫЯ. Windows можа паведамляць пра гэта як пра памылку адкладзенага запісу ці няслушны параметр. - УВАГА: Спроба запісу дадзеных у вобласць утоенага тома ў томе, змантаваным як %c:! Для засцярогі ўтоенага тома запіс гэтых дадзеных быў забаронены. Гэта магло пашкодзіць файлавую сістэму вонкавага тома, Windows можа паведамляць пра памылку адкладзенага запісу ці няслушны параметр. Запіс на ўвесь том (вонкавую і ўтоеную часткі) забаронены да яго размантавання. Калі VeraCrypt не ў першы раз перашкаджае запісы ў вобласць утоенага тома ў дадзеным томе, гэта можа неспрыяльна паўплываць на праўдападобнасць адмаўлення наяўнасці ўтоенага тома (з-за магчымых дзіўных неадпаведнасцяў у файлавай сістэме вонкавага тома). Таму мае сэнс стварыць новы том VeraCrypt (з выключаным хуткім фарматаваннем) і перанесці файлы з гэтага тома ў новы створаны; гэты том варта затым надзейна зацерці (яго вонкавую і ўнутраную часткі). Зараз настойліва рэкамендуем перазагрузіць аперацыйную сістэму. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - Патрабуецца перазагрузіць кампутар.\n\nЖадаеце перазагрузіць яго зараз? - Памылка атрымання стану сістэмнага шыфравання. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Немагчыма ініцыялізаваць кампаненты прыкладання для сістэмнага шыфравання. - Памылка ініцыялізацыі генератара выпадковых лікаў. - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Памылка ініцыялізацыі прыкладання. Немагчыма зарэгістраваць клас Dialog. - Error: Failed to load the Rich Edit system library. - Майстар стварэння шыфраванага тома - Найбольшы магчымы памер для гэтага ўтоенага тому - %.2f байт - Найбольшы магчымы памер для гэтага ўтоенага тому - %.2f Кб - Найбольшы магчымы памер для гэтага ўтоенага тому - %.2f Мб - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - Пакуль том змантаваны, змяняць пароль/ключавыя файлы гэтага тома немагчыма. Спачатку неабходна размантаваць том. - Пакуль том змантаваны, змяняць алгарытм вылічэння ключа загалоўка гэтага тома немагчыма. Спачатку неабходна размантаваць том. - Змантаваць - Для мантавання гэтага тома патрабуецца навейшая версія VeraCrypt. - Памылка: Майстар стварэння шыфраванага тома не знойдзены.\n\nУпэўніцеся, што файл 'VeraCrypt Format.exe' існуе побач з 'VeraCrypt.exe'. Калі не - усталюйце VeraCrypt ізноў, ці знайдзіце 'VeraCrypt Format.exe' і запусціце яго. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - Далей > - &Гатова - Усталяваць - Выняць - Не атрымалася падлучыцца да драйвера прылад VeraCrypt. Калі драйвер не запушчаны, праца VeraCrypt немагчыма.\n\nЗ-за асаблівасцяў Windows для загрузкі драйвера спачатку можа запатрабавацца завяршэнне сеансу ці перазагрузка сістэмы. - Памылка загрузкі/падрыхтоўкі шрыфтоў. - The drive letter was not found or no drive letter was specified. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Літара дыска недаступна. - Не абраны файл. - Няма даступных літар дыскаў. - Няма вольнай літары дыска для вонкавага тома. Стварэнне тома не можа быць працягнута. - Не атрымалася вызначыць версію АС, альбо вы выкарыстоўваеце непадтрыманую АС. - Не азначаны шлях. - Не хапае вольнага месца для ўтоенага тома. Працягнуць стварэнне тома немагчыма. - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - Драйвер не можа размантаваць том. Верагодна, на гэтым томе ёсць адкрытыя файлы. - Немагчыма заблакаваць том. На гэтым томе ёсць адкрытыя файлы, таму яго нельга размантаваць. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - Абярыце том VeraCrypt - Азначце шлях і імя файла - Select PKCS #11 Library - Мала памяці - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - УВАГА: Файл '%s' ужо існуе!\n\nВАЖНА: VERACRYPT НЕ БУДЗЕ ШЫФРАВАЦЬ ГЭТЫ ФАЙЛ, ЁН ЯГО ВЫДАЛІЦЬ. Вы сапраўды жадаеце выдаліць гэты файл і замяніць яго новым кантэйнерам VeraCrypt? - АСЦЯРОЖНА: УСЕ ДАДЗЕНЫЯ, ЯКІЯ УТРЫМОЎВАЕ %s '%s'%s, БУДУЦЬ ЗНІШЧАНЫЯ (А НЕ ЗАШЫФРАВАНЫЯ)!\n\nВы настойваеце на фарматаванні? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - Пароль - PIM - Алгарытм вылічэння ключа загалоўка - Дадаць/выдаліць ключавы файл для тома - Выдаліць усе ключавыя файлы з тома - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Звярніце ўвагу, што ваш дыск узнаўлення VeraCrypt (Rescue Disk) усё яшчэ выкарыстоўвае ранейшы алгарытм. Калі вы лічыце гэты алгарытм нядосыць надзейным, стварыце новы дыск узнаўлення VeraCrypt, пасля чаго знішчыце стары.\n\nХочаце стварыць новы дыск узнаўлення VeraCrypt? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Ключавыя файлы паспяхова дададзеныя/выдаленыя. - Keyfile exported. - Алгарытм вылічэння ключа загалоўка паспяхова ўсталяваны. - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. - Абярыце пароль для ўтоенага тома. - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - Увядзіце пароль для тома, усярэдзіне якога вы жадаеце стварыць утоены том.\n\nПасля націску 'Далей' VeraCrypt паспрабуе змантаваць том, пасля чаго праглядзіць карту кластараў змантаванага тома ў пошуку бесперапыннай вольнай вобласці, у канцы якой будзе канец тома. У гэтай вобласці размесціцца ўтоены том, г.зн. яна вызначае яго найбольшы памер. Прагляд карты патрэбен для гарантыі таго, што дадзеныя ў вонкавым томе не будуць перазапісаныя ўкладзеным томам. - \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - Пароль вонкавага тома - Пароль утоенага тома - Password for Hidden Operating System - УВАГА: Кароткія паролі лёгка ўзламаць з дапамогай тэхнік перабору.\n\nРэкамендуецца ўжываць паролі з 20 знакаў і больш.\n\nВы сапраўды жадаеце выкарыстаць кароткі пароль? - Пароль тома - Няслушны пароль, альбо гэта не том VeraCrypt. - Няслушныя ключавыя файлы і/ці пароль, або гэта не том VeraCrypt. - Wrong mount mode, incorrect password, or not a VeraCrypt volume. - Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. - Няслушны пароль, або не знойдзены том VeraCrypt. - Няслушныя ключавыя файлы/пароль, альбо не знойдзены том VeraCrypt. - \n\nУвага! Націснута клавіша Caps Lock. Гэта можа прывесці да няправільнага ўводу пароля. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < Назад - Немагчыма паказаць спіс усталяваных у сістэме raw-прылад. - Том '%s' існуе і прызначаны толькі для чытання. Вы сапраўды жадаеце яго замяніць? - Абярыце тэчку прызначэння - Абярыце ключавы файл - Абярыце шлях пошуку ключавых файлаў. УВАГА: Запамінаецца толькі шлях, але не імёны файлаў. - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Аўтары: Ross Anderson, Eli Biham і Lars Knudsen. Апублікаваны ў 1998 г. 256-бітны ключ, 128-бітны блок. Рэжым працы -- XTS. Алгарытм Serpent -- адзін з фіналістаў AES. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Памер вонкавага тома - Памер утоенага тома - Please verify that the size of the selected device/partition shown above is correct and click Next. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Памер тома - Дынамічны - Увага! ПАМЫЛКА тэсту. - Тэст усіх алгарытмаў пройдзены - Азначаная вамі колькасць адзінак дадзеных занадта доўгая або кароткая. - Азначаны вамі другасны ключ занадта доўгі або кароткі. - Няслушная даўжыня тэставага зашыфраванага тэксту. - Няслушная даўжыня тэставага ключа. - Няслушная даўжыня тэставага незашыфраванага тэксту. - Два шыфра, якія паслядоўна аперуюць у рэжыме XTS. Кожны блок спачатку шыфруецца %s (%d-бітны ключ), а затым %s (%d-бітны ключ). Кожны шыфр ужывае свой уласны ключ. Усе ключы ўзаемна незалежныя. - Тры шыфра, якія паслядоўна аперуюць у рэжыме XTS. Кожны блок спачатку шыфруецца %s (%d-бітны ключ), затым %s (%d-бітны ключ), і, нарэшце, %s (%d-бітны ключ). Кожны шыфр ужывае свой уласны ключ. Усе ключы ўзаемна незалежныя. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - Пераносны дыск VeraCrypt - Аўтары: Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall і Niels Ferguson. Апублікаваны ў 1998 г. 256-бітны ключ, 128-бітны блок. Рэжым працы -- XTS. Twofish -- адзін з фіналістаў AES. - Дэталёва пра %s - Невядома - An unspecified or unknown error occurred (%d). - Некаторыя тамы ўтрымоўваюць файлы ці тэчкі, што выкарыстоўваюцца прыкладаннямі ці сістэмай.\n\nПрадоўжыць размантаванне? - Раз&мантаваць - Памылка размантавання. - Том утрымоўвае файлы ці тэчкі, што выкарыстоўваюцца прыкладаннямі ці сістэмай.\n\nПрадоўжыць размантаванне? - No volume is mounted to the specified drive letter. - Гэты том ужо змантаваны. - Памылка пры спробе мантавання тома. - Памылка пошуку месцазнаходжання ўсярэдзіне тома. - Памылка: няслушны памер тома. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt не можа змяніць пароль для чужога яму тома. - Абярыце са спісу вольную літару дыска. - Абярыце ў спісе літар дыскаў змантаваны том. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Памылка: немагчыма стварыць autorun.inf - Памылка апрацоўкі ключавога файла. - Памылка апрацоўкі шляху ключавога файла. - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt не працуе ў гэтай аперацыйнай сістэме. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Памылка: немагчыма размеркаваць памяць. - Памылка: немагчыма аднавіць значэнне лічыльніка прадукцыйнасці. - Памылка! Дрэнны фармат тома. - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - Юрыдычныя нататкі - Усе файлы - Тамы VeraCrypt - Library Modules - Працяг NTFS-фарматавання немагчымы. - Немагчыма змантаваць том. - Немагчыма размантаваць том. - Windows не можа адфарматаваць гэты том як NTFS.\n\nАбярыце іншы тып файлавай сістэмы (калі магчыма) і паўтарыце спробу. Альбо вы можаце пакінуць гэты том нефарматаваным (у поле выбару файлавай сістэмы азначце 'Не'), зачыніць акно майстра, змантаваць том, а затым з дапамогай сістэмнай ці іншай утыліты адфарматаваць змантаваны том (ён пры гэтым застанецца зашыфраваным). - Windows не можа адфарматаваць гэты том як NTFS.\n\nЖадаеце замест гэтага адфарматаваць том як FAT? - Па змаўчанні - partition - ПАДЗЕЛ - Прылада - device - ПРЫЛАДА - Том - volume - VOLUME - Label - Для гэтага тома абраны занадта маленькі памер кластараў. Будуць скарыстаныя кластары большага памеру. - Памылка! Немагчыма атрымаць памер тома.\n\nПраверце, ці не выкарыстоўваецца абраны том сістэмай ці якой-небудзь праграмай. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - Майстар стварэння тамоў VeraCrypt здольны ствараць утоены том толькі ўсярэдзіне тамоў FAT ці NTFS. - У асяроддзі Windows 2000 майстар стварэння тамоў VeraCrypt здольны ствараць утоены том толькі ўсярэдзіне тамоў FAT. - Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). - Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Памылка! Няма доступу да тома.\n\nПраверце, ці існуе гэты том, ці не змантаваны ён, ці не выкарыстоўваецца сістэмай або якой-небудзь праграмай, якой вы далі правы чытання/запісу гэтага тома, і ці не засцярожаны ён ад запісу. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Памылка! Немагчыма размантаваць вонкавы том.\n\nТом нельга размантаваць, калі ён утрымоўвае файлы ці тэчкі, што выкарыстоўваюцца якой-небудзь праграмай ці сістэмай.\n\nЗачыніце ўсе праграмы, якія могуць выкарыстоўваць файлы і тэчкі на гэтым томе, і націсніце 'Паўтор'. - Памылка! Немагчыма атрымаць інфармацыю пра вонкавы том. Стварэнне тома спынена. - Памылка! Няма доступу да вонкавага тома. Працяг стварэння тома немагчымы. - Памылка! Немагчыма змантаваць вонкавы том. Стварэнне тома не можа быць працягнута. - Памылка! Немагчыма атрымаць карту кластараў тома. Стварэнне тома не можа быць працягнута. - Па алфавіце/катэгорыям - Сярэдняя хуткасць (змяншэнне) - Алгарытм - Шыфраванне - Дэшыфраванне - Сярэдняе - Дыск - Памер - Алгарытм шыфравання - Алгарытм шыфравання - Тып - Значэнне - Уласцівасць - Размяшчэнне - байт - Утоены - Вонкавы - Звычайны - Сістэма - Hidden (system) - Толькі для чытання - Сістэмны дыск - Сістэмны дыск (шыфраванне - %.2f%% гатова) - Сістэмны дыск (дэшыфраванне - %.2f%% гатова) - Сістэмны дыск (%.2f%% зашыфравана) - Сістэмны падзел - Hidden system partition - Сістэмны падзел (шыфраванне - %.2f%% гатова) - Сістэмны падзел (дэшыфраванне - %.2f%% гатова) - Сістэмны падзел (%.2f%% зашыфравана) - Так (засцярога ад пашкоджанняў!) - Не - Primary Key Size - Secondary Key Size (XTS Mode) - Tweak Key Size (LRW Mode) - біт - Памер блока - PKCS-5 PRF - Лік ітэрацый PKCS-5 - Том створаны - Апошняя змена загалоўка - (прайшло дзён: %I64d) - Volume Format Version - Embedded Backup Header - VeraCrypt Boot Loader Version - 1-ая даступная - Removable Disk - Цвёрды дыск - Не змяняць - Autodetection - Рэжым майстра - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Параметры ўсталёўкі - Тут можна абраць розныя параметры, якія ўплываюць на ўсталёўку праграмы. - Усталёўка - Пачакайце, ідзе ўсталёўка VeraCrypt. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Параметры вымання - Тут можна абраць розныя параметры, якія ўплываюць на выманне файлаў. - Пачакайце, ідзе выманне файлаў. - Files successfully extracted - Усе файлы паспяхова вынятыя ў азначанае месца прызначэння. - Калі азначанай тэчкі не існуе, яна будзе створаная аўтаматычна. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Паказаць нататкі да бягучай (апошняй стабільнай) версіі VeraCrypt? - Калі вы ніколі раней не працавалі з VeraCrypt, рэкамендуецца азнаёміцца з падзелам для пачаткоўцаў у Кіраўніцтве карыстача VeraCrypt. Жадаеце прачытаць дакументацыю? - Абярыце жаданае дзеянне: - Аднавіць/пераўсталяваць - Upgrade - Выдаліць - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - Усталёўка не выкананая. - Выдаленне не выканана. - Гэты дыстрыбутыўны пакет пашкоджаны. Загрузіце яго ізноў (пажадана з афіцыйнага сайта VeraCrypt - https://veracrypt.codeplex.com). - Немагчыма запісаць файл %s - Выманне - Немагчыма прачытаць дадзеныя з дыстрыбутыва. - Немагчыма праверыць цэласнасць гэтага дыстрыбутыўнага пакета. - Выманне не выканана. - Усталёўка звернута назад. - Праграма VeraCrypt паспяхова ўсталяваная. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - Праграма VeraCrypt паспяхова выдаленая.\n\nНацісніце 'Гатова', каб выдаліць усталёўнік VeraCrypt і тэчку %s. Тэчка не будзе выдаленая, калі ў ёй утрымоўваюцца якія-небудзь файлы, створаныя не ўсталёўнікам і не самой праграмай VeraCrypt. - Выдаленне запісаў VeraCrypt у рэестры - Даданне элемента ў рэестр - Выдаленне датычных праграмы дадзеных - Усталёўка - Прыпыненне - Выдаленне - Даданне значка - Стварэнне пункта аднаўлення сістэмы - Памылка стварэння пункта аднаўлення сістэмы. - Updating boot loader - Failed to install '%s'. %s\nDo you want to continue installing? - Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? - Усталёўка завершаная. - Не атрымалася стварыць тэчку '%s' - Немагчыма выгрузіць драйвер VeraCrypt.\n\nСпачатку зачыніце ўсе адчыненыя вокны VeraCrypt. Калі гэта не дапаможа, перазагрузіце Windows і паспрабуйце яшчэ раз. - Перш чым працягнуць усталёўку ці выдаленне VeraCrypt, трэба размантаваць усе VeraCrypt-тамы. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - Памылка ўсталёўкі элементаў у рэестры - Памылка ўсталёўкі драйвера прылады. Перазагрузіце Windows і паспрабуйце ўсталяваць VeraCrypt яшчэ раз. - Запуск драйвера VeraCrypt - Памылка выдалення драйвера прылад. Звярніце ўвагу, што з-за асаблівасцяў Windows для выдалення (або пераўсталёўкі) драйвера можа запатрабавацца завяршыць сеанс працы ці перазагрузіць сістэму. - Усталёўка драйвера VeraCrypt - Прыпыненне драйвера VeraCrypt - Выдаленне драйвера VeraCrypt - Памылка рэгістрацыі бібліятэкі падтрымкі кіравання ўліковымі запісамі карыстачоў (User Account Control). - Памылка адмены рэгістрацыі бібліятэкі падтрымкі кіравання ўліковымі запісамі карыстачоў (User Account Control). - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - Памылка адлюстравання ліцэнзіі. - Вонкавы(!) - дн. - г. - хв. - c. - Адкрыць - Размантаваць - Паказаць VeraCrypt - Схаваць VeraCrypt - Счытана дадзеных пасля мантавання - Запісана дадзеных пасля мантавання - Зашыфраваная частка - 100% (цалкам зашыфравана) - 0% (не зашыфравана) - %.3f%% - 100% - Чаканне - Preparing - Resizing - Шыфраванне - Дэшыфраванне - Finalizing - Прыпынена - Скончана - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Увядзіце пароль для %s - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - Ключавы файл паспяхова створаны. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - Рэзервовая копія загалоўка тома паспяхова створаная.\n\nВАЖНА: Пры аднаўленні загалоўка з гэтай рэзервовай копіі таксама будзе адноўлены і бягучы пароль тома. Больш таго, калі для мантавання тома патрабуюцца ключавыя файлы, пасля аднаўлення загалоўка з копіі для мантавання тома спатрэбяцца тыя ж ключавыя файлы.\n\nУВАГА: Гэтую копію загалоўка тома можна выкарыстаць для аднаўлення загалоўка ТОЛЬКІ гэтага пэўнага тома. Калі ўжыць гэтую копію для аднаўлення загалоўка іншага тома, змантаваць том вы зможаце, але вам НЕ атрымаецца расшыфраваць ніякіх дадзеных, якія захоўваюцца ў гэтым томе (бо гэта зменіць яго майстар-ключ). - Загаловак тома паспяхова адноўлены.\n\nВАЖНА: Майце на ўвазе, што разам з загалоўкам таксама мог быць адноўлены і ранейшы пароль. Больш таго, калі на момант стварэння рэзервовай копіі для мантавання тома таксама патрабаваліся ключавыя файлы, гэтыя ж ключавыя файлы спатрэбяцца для мантавання дадзенага тома цяпер. - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - Вы сапраўды жадаеце аднавіць загаловак тома %s?\n\nУВАГА: Пры аднаўленні загалоўка таксама будзе адноўлены пароль тома, які дзейнічаў на момант стварэння рэзервовай копіі. Больш таго, калі на момант стварэння рэзервовай копіі для мантавання тома таксама патрабаваліся ключавыя файлы, пасля аднаўлення загалоўка для мантавання дадзенага тома спатрэбяцца гэтыя ж ключавыя файлы.\n\nНацісніце 'Так', каб абраць файл з рэзервовай копіяй загалоўка. - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - Вы спрабуеце зрабіць рэзервовую копію загалоўка сістэмнага падзелу/дыска. Гэта не дазволена. Аперацыі рэзервовага капіявання/узнаўлення, якія тычацца сістэмнага падзелу/дыску, можна выконваць толькі з дапамогай дыска ўзнаўлення VeraCrypt (Rescue Disk).\n\nСтварыць дыск узнаўлення VeraCrypt? - Вы спрабуеце аднавіць з рэзервовай копіі загаловак віртуальнага тома VeraCrypt, але абралі сістэмны падзел/дыск. Гэта не дазволена. Аперацыі рэзервовага капіявання/узнаўлення, якія тычацца сістэмнага падзелу/дыску, можна выконваць толькі з дапамогай дыска ўзнаўлення VeraCrypt (Rescue Disk).\n\nСтварыць дыск узнаўлення VeraCrypt? - Пасля націску OK абярыце імя файла для ISO-выявы новага дыска ўзнаўлення VeraCrypt (Rescue Disk) і месца, дзе яго трэба захаваць. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Каб праверыць дыск узнаўлення VeraCrypt, устаўце яго ў CD/DVD-назапашвальнік і націсніце OK. - Дыск узнаўлення VeraCrypt паспяхова прайшоў праверку. - Немагчыма праверыць правільнасць запісу дыска ўзнаўлення.\n\nКалі вы запісалі дыск узнаўлення, дастаньце CD/DVD з назапашвальніка і ўстаўце зноў; затым націсніце 'Далей', каб паўтарыць спробу. Калі гэта не дапаможа, паспрабуйце скарыстацца іншым ПЗ для запісу CD/DVD і/ці іншым CD/DVD.\n\nКалі вы спрабавалі праверыць дыск узнаўлення VeraCrypt, створаны з іншым майстар-ключом, паролем, 'соллю' і г.д., ведайце, што такі дыск узнаўлення не пройдзе гэтую праверку ніколі. Каб стварыць новы дыск узнаўлення, цалкам сумяшчальны з бягучай канфігурацыяй, абярыце меню 'Сістэма' > 'Стварыць дыск узнаўлення'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Памылка стварэння дыска аварыйнага ўзнаўлення VeraCrypt. - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Перш чым працягнуць, размантуйце том. - ПАМЫЛКА: Немагчыма ўсталяваць таймер. - Праверка файлавай сістэмы - Рамонт файлавай сістэмы - Add to Favorites... - Add to System Favorites... - P&roperties... - Утоены том абаронены - N/A - Так - Не - Disabled - 1 - 2 і больш - Рэжым аперацыі - Label: - Size: - Path: - Drive Letter: - Памылка! Пароль павінен утрымоўваць толькі знакі стандартнага набору ASCII.\n\nЗнакі не з набору ASCII могуць прывесці да немагчымасці мантавання тома пры змене налад у канфігурацыі сістэмы.\n\nДазваляецца выкарыстоўваць наступныя знакі:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Увага! Пароль утрымоўвае не-ASCII знакі. Гэта можа прывесці да немагчымасці мантавання тома пры змене канфігурацыі сістэмы.\n\nВам варта замяніць усе не-ASCII знакі ў паролі на знакі ASCII. Для гэтага пстрыкніце на меню 'Тамы' -> 'Змяніць пароль тома'.\n\nЗнакамі ASCII лічацца:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Хатняя старонка - УВАГА: У сістэме не ўсталявана ніводнага пакета абнаўленняў (Service Pack) Windows. Калі ў Windows XP не ўсталяваны Service Pack 1 (ці навейшы), не варта выконваць запіс на дыскі IDE аб'ёмам больш 128 Гб, інакш магчыма пашкоджанне дадзеных (усё роўна, з'яўляюцца яны тамамі VeraCrypt ці не). Гэтае абмежаванне Windows, а не памылка ў VeraCrypt. - УВАГА: У сістэме не ўсталяваны пакет абнаўленняў Windows Service Pack 3 (ці навейшы). Калі ў Windows 2000 не ўсталяваны Service Pack 3 (ці навейшы), не варта выконваць запіс на дыскі IDE аб'ёмам больш 128 Гб, інакш магчыма пашкоджанне дадзеных (усё роўна, з'яўляюцца яны тамамі VeraCrypt ці не). Гэтае абмежаванне Windows, а не памылка ў VeraCrypt. Акрамя таго, можа запатрабавацца ўключыць у рэестры падтрымку 48-бітнага адрасавання LBA; падрабязнасці гл. на http://support.microsoft.com/kb/305098/EN-US - УВАГА: У вашай сістэме адключаная падтрымка 48-біт LBA ATAPI. Таму вам не варта выконваць запіс на IDE-дыскі аб'ёмам большым за 128 Гбайт! У адваротным выпадку гэта можа выклікаць пашкоджанне дадзеных на дыску (як на томе VeraCrypt, гэтак і на звычайным падзеле). Гэта - абмежаванне Windows, якое не мае ніякага дачынення да VeraCrypt.\n\nКаб уключыць падтрымку 48-біт рэжыму LBA, дадайце ў рэестр у ключ HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters значэнне 'EnableBigLba', і дайце яму значэнне 1.\n\nГл. падрабязнасці тут: http://support.microsoft.com/kb/305098 - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - УВАГА: Калі вам запатрабуецца пазней дадаваць у вонкавы том яшчэ дадзеныя/файлы, варта падбаць пра памяншэнне памеру ўтоенага тома.\n\nВы жадаеце працягнуць і выкарыстаць паказаны вамі памер? - Не абраны том.\n\nНацісніце кнопку 'Прылада' ці 'Файл' і абярыце том VeraCrypt. - No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. - УВАГА: Калі ўсталяваныя і актываваныя ключавыя файлы па змаўчанні, мантаваць тамы, што іх НЕ выкарыстоўваюць, будзе немагчыма. Пры мантаванні такіх тамоў не забывайце выключаць наладу 'Ключавыя файлы' (ніжэй поля ўводу пароля).\n\nВы сапраўды жадаеце захаваць абраныя ключавыя файлы/шляхі як выкарыстаныя па змаўчанні? - Аўтамантаванне прылад - Размантаваць усё - Ачыстка кэша - Dismount All & Wipe Cache - Размантаваць усё і ачысціць кэш - Размантаваць усё, ачысціць кэш і выйсці - Змантаваць абраныя тамы - Паказаць/схаваць галоўнае акно VeraCrypt - (пстрыкніце тут і націсніце клавішу) - Дзеянне - Хуткі выклік - Памылка! Гэтая хуткая клавіша зарэзерваваная. Абярыце іншую. - Памылка! Гэтая хуткая клавіша ўжо выкарыстоўваецца. - УВАГА: Некаторыя агульнасістэмныя хуткія клавішы VeraCrypt не будуць працаваць!\n\nПраверце, ці не выкарыстоўваюцца тыя ж клавішы іншымі прыкладаннямі ці аперацыйнай сістэмай. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - УВАГА: Калі выключыць гэты параметр, стане немагчыма аўтаматычна размантаваць тамы, што утрымоўваюць адкрытыя файлы/тэчкі.\n\nВы сапраўды жадаеце выключыць гэты параметр? - УВАГА: Тамы з адкрытымі файламі/тэчкамі НЕ будуць аўтаматычна размантоўвацца.\n\nКаб пазбегнуць такога эфекту, уключыце ў гэтым акне наступны параметр: 'Аўтаразмантаваць тамы нават пры адкрытых файлах/тэчках' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - Вы запланавалі шыфраванне ці дэшыфраванне сістэмнага падзелу/дыска. Гэты працэс пакуль яшчэ не завершаны.\n\nЖадаеце пачаць (працягнуць) працэс цяпер? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Выйсці? - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Жадаеце перапыніць і адкласці працэс шыфравання сістэмнага падзелу/дыска?\n\nНататка: пазней працэс можна будзе аднавіць з той кропкі, дзе ён быў прыпынены. Гэта можна зрабіць, напрыклад, абраўшы ў галоўным акне VeraCrypt меню 'Сістэма' > 'Працягнуць перапынены працэс'. Калі вы жадаеце канчаткова перапыніць працэс або зусім адмовіцца ад шыфравання, абярыце 'Сістэма' > 'Назаўсёды расшыфраваць сістэмны падзел/дыск'. - Жадаеце перапыніць і адкласці працэс дэшыфравання сістэмнага падзелу/дыска?\n\nНататка: пазней працэс можна будзе аднавіць з той кропкі, дзе ён быў прыпынены. Гэта можна зрабіць, напрыклад, абраўшы ў галоўным акне VeraCrypt меню 'Сістэма' > 'Працягнуць перапынены працэс'. Калі вы жадаеце адмовіцца ад дэшыфравання (і пачаць шыфраванне), абярыце 'Сістэма' > 'Зашыфраваць сістэмны падзел/дыск'. - Памылка! Не атрымалася перапыніць шыфраванне/дэшыфраванне сістэмнага падзелу/дыска. - Error: Failed to interrupt the process of wiping. - Памылка! Не атрымалася аднавіць перапыненае шыфраванне/дэшыфраванне сістэмнага падзелу/дыска. - Error: Failed to start the process of wiping. - Неадпаведнасць ухілена.\n\n\n(Калі вы паведамляеце пра датычную гэтага памылку, дадайце да сваёй справаздачы наступную тэхнічную інфармацыю: %hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - УВАГА: Фонавы працэс VeraCrypt адключаны. Пры выхадзе з VeraCrypt вы не будзеце апавешчаныя аб прадухіленні пашкоджання ўтоенага тома.\n\nНататка: фонавы працэс можна закрыць у любы момант, пстрыкнуўшы правай кнопкай мышы на значку VeraCrypt у сістэмным латку і абраўшы 'Выйсці'.\n\nУключыць фонавы працэс VeraCrypt? - Версія моўнага модуля: %s - Праверка файлавай сістэмы тома VeraCrypt, змантаванага як %s... - Спроба паправіць файлавую сістэму тома VeraCrypt, змантаванага як %s... - УВАГА: Гэты том зашыфраваны з выкарыстаннем састарэлага алгарытму.\n\nУсе алгарытмы шыфравання з 64-біт блокамі (напрыклад, Blowfish, CAST-128, Triple DES) вышлі з выкарыстання. У наступных версіях VeraCrypt мантаванне гэтага тома будзе магчыма, аднак ніякіх паляпшэнняў у рэалізацыі гэтых састарэлых алгарытмаў шыфравання не прадбачыцца. Рэкамендуем вам стварыць новы том VeraCrypt з шыфраваннем па алгарытму з 128-бітнымі блокамі (напрыклад, AES, Serpent, Twofish і інш.) і перанесці ўсе файлы з гэтага тома ў новы. - Ваша сістэма не наладжаная на аўтамантаванне новых тамоў. Мантаванне тамоў VeraCrypt на аснове прылад можа стаць немагчымым. Каб уключыць аўтамантаванне, выканайце наступную каманду і перазагрузіце сістэму:\n\nmountvol.exe /E - Перш чым працягнуць, прысвойце падзелу/прыладзе літару дыска ('Панэль кіравання' > 'Адміністраванне' > 'Кіраванне кампутарам' - 'Кіраванне дыскамі').\n\nЗаўвага: гэта патрабаванне аперацыйнай сістэмы. - Змантаваць том VeraCrypt - Размантаваць усе тамы VeraCrypt - VeraCrypt не можа атрымаць правы адміністратара. - Доступ забаронены аперацыйнай сістэмай.\n\nМагчымы чыннік: для чытання/запісу дадзеных у некаторых тэчках, файлах і прыладах аперацыйная сістэма патрабуе ў вас наяўнасці правоў чытання/запісу system (прывілеяў адміністратара). Па змаўчанні карыстачу без правоў адміністратара дазваляецца ствараць, чытаць і змяняць файлы толькі ў тэчцы з яго дакументамі ('Мае дакументы'). - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - Для загрузніка VeraCrypt неабходна не меней за 32 Кбайт вольнага месца ў пачатку сістэмнага дыска (загрузнік VeraCrypt павінен размяшчацца ў гэтай вобласці). Ваш дыск гэтай умове не задавальняе.\n\nКалі ласка, НЕ паведамляйце нам пра гэта як пра памылку/праблему ў працы VeraCrypt. Каб вырашыць гэтую праблему, вам трэба пераразмеціць свой дыск, пакінуўшы вольнымі першыя 32 Кбайт (у большасці выпадкаў досыць выдаліць і ізноў стварыць першы падзел). Рэкамендуем выкарыстаць для гэтага дыспетчар падзелаў Microsoft, усталяваны разам з Windows. - Гэтая функцыя не падтрымліваецца аперацыйнай сістэмай той версіі, якую вы цяпер выкарыстоўваеце. - У гэтай версіі аперацыйнай сістэмы VeraCrypt не падтрымлівае шыфраванне сістэмнага падзелу/дыска. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Ваш сістэмны дыск мае табліцу падзелаў GUID (GPT). Пакуль падтрымліваюцца толькі дыскі з табліцай падзелаў MBR. - АСЦЯРОЖНА: На сістэмным дыску ўжо ўсталяваны загрузнік VeraCrypt!\n\nМагчыма, у вашым кампутары ёсць іншая ўжо зашыфраваная сістэма.\n\nУВАГА: У ВЫПАДКУ ПРАЦЯГУ ШЫФРАВАННЯ БЯГУЧАЙ СІСТЭМЫ ЁСЦЬ ВЕРАГОДНАСЦЬ, ШТО ІНШЫЯ СІСТЭМЫ НЕ ЗМОГУЦЬ ЗАГРУЖАЦЦА, А ІХ ДАДЗЕНЫЯ СТАНУЦЬ НЕДАСТУПНЫМІ.\n\nВы сапраўды жадаеце працягнуць? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - Зыходны сістэмны загрузнік не будзе захаваны на дыску ўзнаўлення (магчымы чыннік: няма файла з рэзервовай копіяй). - Памылка запісу сектара MBR.\n\nBIOS у вашым ПК можа быць наладжаная на засцярогу сектара MBR. Праверце ў наладах BIOS (націсніце клавішу F2, Delete ці Esc адразу пасля ўключэння кампутара), ці не ўключаная антывірусная/MBR засцярога. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - Сістэмны падзел/дыск выглядае як цалкам зашыфраваны. - VeraCrypt не падтрымлівае шыфраванне сістэмнага дыска, які быў ператвораны ў дынамічны дыск. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Жадаеце зашыфраваць замест усяго дыска толькі сістэмны падзел?\n\nЗвярніце ўвагу, што вы можаце ствараць тамы VeraCrypt на аснове падзелаў усярэдзіне любых не-сістэмных падзелаў на дыску (у дадатак да шыфравання сістэмнага падзелу). - Паколькі сістэмны дыск утрымоўвае толькі адзін падзел, які займае ўвесь дыск, пераважней (больш бяспечна) зашыфраваць увесь дыск, у тым ліку вольнае "рэзервовае" месца, якое звычайна атачае такі падзел.\n\nЖадаеце зашыфраваць увесь сістэмны дыск? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - У дадзены момант гэты алгарытм для шыфравання сістэмы не падтрымліваецца. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. - Памылка! Немагчыма ўсталяваць раскладку клавіятуры для VeraCrypt у стандартную амерыканскую (US).\n\nЗвярніце ўвагу, што пароль уводзіцца ДА загрузкі Windows, калі любыя раскладкі клавіятуры, адрозныя ад амерыканскай, яшчэ недаступныя. Таму пароль заўсёды павінен уводзіцца пры стандартнай амерыканскай раскладцы. - As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. - VeraCrypt prevented change of keyboard layout. - Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - Памылка! Немагчыма захаваць усталёўкі сістэмнага шыфравання. - Немагчыма ініцыяваць перад-тэст сістэмнага шыфравання. - Cannot initiate the process of creation of the hidden operating system. - Рэжым ачысткі - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - Не (самы хуткі) - 1-pass (random data) - 3 праходы (US DoD 5220.22-M) - 7 праходаў (US DoD 5220.22-M) - 35-pass ("Gutmann") - 256-pass - Лік аперацыйных сістэм - УВАГА: Неспрактыкаваным карыстачам не варта спрабаваць шыфраваць Windows у мультызагрузных канфігурацыях.\n\nПрацягнуць? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Загрузны дыск - Запушчаная ў дадзены момант аперацыйная сістэма ўсталяваная на загрузным дыску?\n\nНататка: часам Windows бывае ўсталяваная не на тым дыску, з якога яна грузіцца (дзе знаходзіцца загрузны падзел). Калі гэта ваш выпадак, то абярыце 'Не'. - У дадзены момант VeraCrypt не падтрымлівае шыфраванне аперацыйнай сістэмы, якая загружаецца не з таго ж дыска, на якім яна ўсталяваная. - Лік сістэмных дыскаў - Колькі дыскаў утрымоўвае аперацыйная сістэма?\n\nНататка: напрыклад, калі ў вас адна аперацыйная сістэма (скажам, Windows, Mac OS X, Linux і г.д.) усталяваная на першасным дыску, а іншая -- на другасным, абярыце '2 ці больш'. - У дадзены момант VeraCrypt не падтрымлівае шыфраванне ўсяго дыска, які ўтрымоўвае некалькі аперацыйных сістэм.\n\nМагчымыя варыянты:\n\n- Вы можаце зашыфраваць адну з сістэм, калі вернецеся назад і абярэце шыфраванне толькі аднаго сістэмнага падзелу (а не ўсяго сістэмнага дыска).\n\n- Вы зможаце зашыфраваць увесь дыск, калі перамесціце некаторыя сістэмы на іншыя дыскі, пакінуўшы толькі адну АС на дыску, якую жадаеце зашыфраваць. - Некалькі сістэм на адным дыску - На дыску, дзе ўсталяваная бягучая АС, ёсць іншыя аперацыйныя сістэмы?\n\nНататка: напрыклад, калі бягучая АС усталяваная на дыску #0, які мае некалькі падзелаў, і калі на адным з падзелаў знаходзіцца Windows, а на іншым -- яшчэ адна АС (скажам, Windows, Mac OS X, Linux і г.д.), то абярыце 'Так'. - Адрозны ад Windows загрузнік - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - Мультызагрузка - Пакуль VeraCrypt не падтрымлівае мультызагрузныя канфігурацыі, дзе ў галоўным загрузным запісе (MBR) усталяваны не стандартны загрузнік Windows.\n\nМагчымыя варыянты:\n\n- Калі вы выкарыстоўваеце загрузны мэнэджар для загрузкі Windows і Linux, перанясіце яго (звычайна гэта GRUB) з MBR у падзел. Затым запусціце зноў гэты майстар і зашыфруйце сістэмны падзел/дыск. Звярніце ўвагу, што загрузнік VeraCrypt стане асноўным загрузным мэнэджарам і дазволіць вам запускаць зыходны загрузны мэнэджар (скажам, GRUB) як другасны (націскам Esc пры адлюстраванні экрана загрузніка VeraCrypt) і, такім чынам, запускаць Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - Пошук утоеных сектараў - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - Вобласць шыфравання - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Збор выпадковых дадзеных - Згенераваныя ключы - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Запіс дыска ўзнаўлення - Rescue Disk Created - Перад-тэст шыфравання сістэмы - Дыск узнаўлення правераны - \nДыск узнаўлення VeraCrypt (Rescue Disk) паспяхова прайшоў праверку. Дастаньце яго з назапашвальніка і пакладзіце ў надзейнае месца.\n\nНацісніце 'Далей' для працягу. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - Увага! З прычыны тэхнічных абмежаванняў асяроддзя да загрузкі АС, паведамленні VeraCrypt на гэтым этапе (г.зн. да старту Windows), не падлягаюць лакалізацыі. Карыстацкі інтэрфейс загрузніка VeraCrypt цалкам на ангельскай мове.\n\nПрацягнуць? - Перш чым зашыфраваць сістэмны падзел ці дыск, VeraCrypt павінен праверыць, што ўсё працуе як трэба.\n\nПасля націску 'Тэст' будуць усталяваныя ўсе неабходныя кампаненты (напрыклад, перадзагрузны ідэнтыфікатар, г.зн. загрузнік VeraCrypt), і кампутар перазагрузіцца. Затым на экране загрузніка (VeraCrypt Boot Loader), які з'явіцца да старту Windows, вам запатрабуецца ўвесці свой пароль. Пасля запуску Windows вам аўтаматычна паведамяць пра вынікі гэтага папярэдняга тэсту.\n\nБудзе зменена наступная прылада: Дыск #%d\n\n\nКалі вы цяпер націснеце 'Адмена', то нічога ўсталявана не будзе, і перад-тэст не будзе выконвацца. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Перад-тэст выкананы - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - Вы жадаеце адмяніць перад-тэст шыфравання сістэмы? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - The system partition/drive does not appear to be encrypted (neither partially nor fully). - Сістэмны падзел/дыск зашыфраваны (часткова ці цалкам).\n\nПерш чым працягнуць, цалкам дэшыфруйце сістэмны падзел/дыск. Каб гэта зрабіць, абярыце ў галоўным акне VeraCrypt меню 'Сістэма' > 'Permanently Decrypt System Partition/Drive'. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - У дадзены момант ідзе шыфраванне, дэшыфраванне ці іншая мадыфікацыя сістэмнага падзелу/дыска. Перш чым працягнуць, перапыніце працэс шыфравання/дэшыфраванні/мадыфікацыі (ці дачакайцеся яго заканчэння). - У сістэме ўжо запушчаная копія майстра стварэння тамоў VeraCrypt, яна выконвае ці падрыхтоўвае шыфраванне/дэшыфраванне сістэмнага падзелу/дыска. Перш чым працягнуць, дачакайцеся завяршэння працы майстра ці закрыйце яго. Калі закрыць майстра не атрымоўваецца, перазагрузіце кампутар і працягніце. - Шыфраванне ці дэшыфраванне сістэмнага падзелу/дыска не завершанае. Перш чым працягнуць, дачакайцеся заканчэння гэтага працэсу. - Error: The process of encryption of the partition/drive has not been completed. It must be completed first. - Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - Error: Incorrect/invalid parameter. - Вы абралі падзел ці прыладу, але абраны рэжым майстра падыходзіць толькі для файлавых кантэйнераў.\n\nЖадаеце змяніць рэжым майстра? - Жадаеце замест гэтага стварыць файлавы кантэйнер VeraCrypt? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Вы сапраўды жадаеце назаўсёды дэшыфраваць сістэмны падзел/дыск? - АСЦЯРОЖНА: Калі вы назаўсёды дэшыфруеце сістэмны падзел/дыск, дадзеныя на яго будуць запісвацца ў незашыфраваным выглядзе.\n\nВы сапраўды жадаеце назаўсёды дэшыфраваць сістэмны падзел/дыск? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Памылка абнаўлення загрузніка VeraCrypt. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. - Skip detection of hidden sectors (use the size reported by the operating system) - Try to detect hidden sectors again - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Дыск узнаўлення - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Тэст - Ключавы файл - Backspace - Tab - Ачысціць - Enter - Pause - Caps Lock - Прабел - Page Up - Page Down - End - Home - Стрэлка налева - Стрэлка ўверх - Стрэлка направа - Стрэлка ўніз - Клавіша выбару - Клавіша друку - Клавіша выканання - Print Screen - Insert - Delete - Клавіша прыкладанняў - Сон - Num Lock - Scroll Lock - Аглядальнік - назад - Аглядальнік - наперад - Аглядальнік - абнавіць - Аглядальнік - стоп - Аглядальнік - пошук - Аглядальнік - Абранае - Аглядальнік - Пачатковая старонка - Без гуку - Паменшыць гучнасць - Павялічыць гучнасць - Наступны трэк - Папярэдні трэк - Стоп - Пуск/паўза - Клавіша запуску пошты - Клавіша выбару носьбіта - Прыкладанне 1 - Прыкладанне 2 - Attn - СтвВыл - РасВыл - Пуск - Зум - NumPad - Shift - Control - Alt - Win - б - Кб - Мб - Гб - Тб - Пб - б/с - Кб/с - Мб/с - Гб/с - Тб/с - Пб/с - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Адмена + Усталяваць для ўсіх карыстачоў + Агляд... + Значок VeraCrypt на працоўны стол + Donate now... + Адкрываць VeraCrypt для ўсіх файлаў з пашырэннем '.hc' + Па заканчэнню адкрыць тэчку ўсталёўкі + Дадаць VeraCrypt у меню 'Пуск' + Стварыць пункт аднаўлення сістэмы + Выдаліць + Выняць + Усталяваць + Майстар усталёўкі VeraCrypt + Выдаленне VeraCrypt + Даведка + Абярыце або ўвядзіце месца прызначэння для вынятых файлаў: + Абярыце або ўвядзіце месца на дыску, дзе Вы жадаеце ўсталяваць праграмныя файлы VeraCrypt. Калі азначанай тэчкі не існуе, яна будзе створана аўтаматычна. + Націсніце 'Дэўсталяваць' для выдалення VeraCrypt з сістэмы. + Спыніць + &Benchmark + Тэст + Create encrypted volume and format it + Encrypt partition in place + Паказаць створаныя ключы (іх часткі) + Паказваць пул + Спампаваць ПЗ для запісу CD/DVD + Create an encrypted file container + &GB + &TB + More information + Схаваны том VeraCrypt + Што такое 'Схаваны том'? + Прамы рэжым + Звычайны рэжым + &Кб + Ключавыя файлы + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + Файлы... + Звесткі пра хэш-алгарытмы + Дэталёва + Information on PIM + &Мб + Дэталёва + Звесткі пра шыфраванне сістэмы + Дэталёва + Мультызагрузка + Encrypt a non-system partition/drive + Не захоўваць гісторыю + Адкрыць вонкавы том + Паўза + Use P&IM + Use PIM + Хуткае фарматаванне + Паказаць пароль + &Display password + &Display PIM + Адзінкавая загрузка + Звычайны том VeraCrypt + Hi&dden + Normal + Зашыфраваць падзел або сістэмны дыск цалкам + Зашыфраваць сістэмны падзел Windows + Зашыфраваць дыск цалкам + Майстар стварэння тамоў VeraCrypt + Кластэр + ВАЖНА: Хаатычна рухайце мышкай у гэтым акне. Чым даўжэй, тым лепш. Гэта значна павялічыць крыптатрываласць ключоў шыфравання. Затым націсніце 'Далей' для працягу. + Пацвердзіце: + Гатова + Drive letter: + Алгарытм шыфравання + Файлавая сістэма: + Стварыць віртуальны зашыфраваны дыск усярэдзіне файла. Рэкамендуецца дасведчаным карыстачам. + Налады + Хэш-алгарытм + Ключ заг-ка: + Засталося + Галоўны ключ: + Абярыце гэтую наладу, калі ў ПК усталявана дзве ці больш АС.\n\nНапрыклад:\n- Windows XP і Windows XP\n- Windows XP і Windows Vista\n- Windows і Mac OS X\n- Windows і Linux\n- Windows, Linux і Mac OS X + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + Бягучае змесціва пула (частка) + Pass + Пароль: + Volume PIM: + Volume PIM: + Ход працы: + Выпадкова: + Абярыце гэтую наладу, калі ў ПК усталяваная толькі адна АС (нават калі яна з некалькімі карыстачамі). + Хуткасць + Стан + Ключы, 'соль' і іншыя дадзеныя паспяхова згенераваныя. Калі вы жадаеце згенераваць новыя ключы, націсніце 'Назад', а затым 'Далей'. Калі ж не, то націсніце 'Далей' для працягу. + Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Рэжым ачысткі: + Зачыніць + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + Няма дзеяння + Аўтамантаванне азначанага тома VeraCrypt + Запуск VeraCrypt + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + Агляд... + Агляд... + Кэшаваць паролі і ключавыя файлы ў памяці + Выйсці, калі няма змантаваных тамоў + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + З майстрам стварэння тамоў VeraCrypt + Стварыць + Стварыць том + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Выкарыстоўваць ключавыя файлы + Выкарыстоўваць ключавыя файлы + Выйсці + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Прызначыць + Прыбраць + Ключавыя файлы... + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + Аўтамантаванне + Налады... + Мантаваць як том толькі для чытання + Ключавыя файлы... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Уключана + Кэшаваць паролі ў памяці прывада + Аўтаматычна размантаваць пры неактыўнасці на працягу + заканчэнні сеансу + User session locked + рэжыму энэргазахавання + запуску экраннай застаўкі + Аўтаразмантаваць том нават пры адкрытых файлах/тэчках + Мантаваць усе тамы на прыладах + Start VeraCrypt Background Task + Мантаваць як тамы толькі для чытання + Мантаваць як зменныя носьбіты + Адчыніць акно Аглядальніка пасля паспяховага мантавання тома + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Ачысціць кэш пароляў пры аўтаразмантаванні + Ачысціць кэш пароляў на выхадзе + Preserve modification timestamp of file containers + Скід + Дыск... + Файл... + Select &Library... + Паказаць пароль + Паказаць пароль + Адчыніць змантаваны том у акне Аглядальніка + Кэшаваць пароль у памяці драйвера + TrueCrypt Mode + Размантаваць усе + Уласцівасці тома... + Аперацыі... + Ачысціць кэш + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - агульнасістэмныя хуткія клавішы + VeraCrypt + Змена пароля ці ключавых файлаў + Увядзіце пароль для тома + VeraCrypt - Performance and Driver Options + VeraCrypt - Налады + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + Наладка пераноснага дыска VeraCrypt + Уласцівасці тома VeraCrypt + Пра праграму... + Дадаць/выдаліць ключавыя файлы ў/з том(а)... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Стварыць рэзервовую копію загалоўка тома... + Тэст хуткасці... + Прызначыць алгарытм вылічэння ключа загалоўка... + Змяніць пароль тома... + Прызначыць алгарытм дэрывацыі ключа загалоўка... + Змяніць пароль... + Ачысціць гісторыю тамоў + Close All Security Token Sessions + Сувязь з аўтарамі... + Create Hidden Operating System... + Стварыць дыск узнаўлення... + Стварыць новы том... + Permanently Decrypt... + Прадвызначаныя ключавыя файлы... + Default Mount Parameters... + Donate now... + Зашыфраваць сістэмны падзел/дыск... + Пытанні і адказы + Дапаможнік карыстача + Хатняя старонка + Хуткія клавішы... + Генератар ключавых файлаў + Мова (language)... + Юрыдычная інфармацыя + Manage Security Token Keyfiles... + Аўтамантаванне ўсіх тамоў на прыладах + Змантаваць абраныя тамы + Mount Without Pre-Boot &Authentication... + Змантаваць том + Змантаваць том з наладамі + Навіны + Даведка з Сеціва + Падручнік для пачаткоўцаў + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Назаўсёды расшыфраваць сістэмны падзел/дыск + Налады... + Абнавіць літары дыскаў + Выдаліць усе ключавыя файлы тома... + Аднавіць загаловак тома з рэзервовай копіі.. + Resume Interrupted Process + Абраць дыск... + Абраць файл... + Узнавіць перапынены працэс + System Encryption... + Properties... + Settings... + System Favorite Volumes... + Запампоўка ПЗ + Тэст генеравання вектараў... + Security Tokens... + Наладка пераноснага дыска... + Размантаваць усе змантаваныя тамы + Размантаваць том + Праверыць дыск узнаўлення + Verify Rescue Disk ISO Image + Гісторыя версій + Volume Expander + Налады тома + Майстар стварэння тамоў + Сайт VeraCrypt + Ачысціць кэш пароляў + OK + Hardware Acceleration + Хуткая клавіша + Налады аўтазапуску (файл autorun.inf) + Аўтаматычнае размантаванне + Размантаваць усе тамы падчас: + Boot Loader Screen Options + Пацвердзіце пароль: + Бягучы + Display this custom message in the pre-boot authentication screen (24 characters maximum): + Прадвызначаныя налады мантавання + Дадатковыя налады + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Налады файла + Клавіша: + Processor (CPU) in this computer supports hardware acceleration for AES: + Выконваць пры ўваходзе ў Windows + хв + Літара дыска: + Налады мантавання + Новы + Пароль: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + Кэшаванне пароляў + Security Options + Праца VeraCrypt у фоне + Том для мантавання (адносна кораня пераноснага дыска): + Падчас устаўкі пераноснага дыска: + Стварыць файлы пераноснага дыска (каранёвая тэчка пераноснага дыска) у: + Том + Вокны + Тэчка... + Аўтатэст усіх + &Continue + Расшыфраваць + &Delete + Зашыфраваць + &Export... + Стварыць і захаваць файл... + Выпадковы ключавы файл... + Загрузіць моўныя модулі з сайта + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + Ключавыя файлы + Ключавыя файлы... + Выдаліць + Выдаліць усе + Што такое 'Засцярога ўтоеных тамоў'? + More information on keyfiles + Мантаваць том як зменны носьбіт + Mount partition &using system encryption without pre-boot authentication + Parallelization: + Тэст хуткасці + Друк + Засцерагчы ўтоены том ад пашкоджання падчас запісу ў вонкавы том + Скід + Паказаць пароль + Add &Token Files... + Use backup header embedded in &volume if available + XTS-рэжым + Пра VeraCrypt + VeraCrypt - Тэст хуткасці алгарытмаў шыфравання + VeraCrypt - Тэст вектараў + Даведка па каманднаму радку + VeraCrypt - Ключавыя файлы + VeraCrypt - Генератар ключавых файлаў + VeraCrypt - Мова інтэрфейса + Налады мантавання + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Абраць дыскавы падзел ці прыладу + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Звесткі пра абраны моўны модуль + Хуткасць залежыць ад загрузкі працэсара і хуткасці прылад захавання дадзеных.\n\nГэтыя тэсты выконваюцца толькі ў аператыўнай памяці. + Памер буферу: + Шыфр: + Пароль утоенага тома:\n(калі пуста, то з кэша) + Засцярога ўтоенага тома + Памер ключа: + ВАЖНА: Хаатычна перасоўвайце мыш у межах гэтага акна. Чым даўжэй, тым лепш. Гэта значна павялічыць крыптаўстойлівасць ключавога файла. + УВАГА: Пры страце ключавога файла, ці пашкоджанні яго першых 1024 кілабайт - мантаванне тамоў, што яго выкарыстоўваюць, будзе немагчымае! + біт + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Аўтар перакладу: + Памер: + біт + Бягучае змесціва пула + Мікшэр паўтору: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Другасны ключ (16-ковы) + Security token: + Сартаванне: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Block number: + Шыфраваны тэкст (шаснаццатковы) + Лік адзінак з дадзенымі (64-біт 16-ковы, памер адзінкі з дадзенымі - 512 байтаў) + Ключ (шаснаццатковы) + Незашыфраваны тэкст (шаснаццатковы) + Keyfile name: + XTS-рэжым + S&ystem + Тамы + Favor&ites + Прылады + Settin&gs + Даведка + Хатняя старонка + + Пра праграму... + Немагчыма зняць атрыбут 'толькі для чынання'. Калі ласка, праверце магчымасць запісу файла. + Памылка: доступ забаронены.\n\nПадзел, які вы спрабуеце выкарыстаць, мае даўжыню 0 сектараў, або гэта загрузная прылада. + Administrator + Каб можна было загрузіць драйвер VeraCrypt, вы павінны мець правы адміністратара. + Майце на ўвазе, што каб выкарыстоўваць шыфраванне падзелу ці дыску, вы павінны мець правы адміністратара.\n\nГэта не тычыцца томоў у файлах. + Каб стварыць утоены том, вы павінны мець правы адміністратара.\n\nПрацягваць ? + Майце на ўвазе, што каб фарматаваць том у NTFS, вы павінны мець правы адміністратара.\n\nБез правоў адміністратара вы можаце фарматаваць дыск толькі ў FAT. + Зацверджаны FIPS (ЗША) алгарытм шыфравання (Rijndael, апублікаваны ў 1998 г.), дазволены да ўжывання ў федэральных структурах ЗША для засцярогі найважнай інфармацыі. 256-бітны ключ, 128-бітны блок, 14 цыклаў (AES-256). Рэжым працы -- XTS. + Том ужо змантаваны. + АСЦЯРОЖНА: Прынамсі адзін алгарытм шыфравання або хэшавання не прайшоў аўтаматычнага саматэставання.\n\nМагчыма, ўсталёўка VeraCrypt пашкоджана. + АСЦЯРОЖНА: У пуле генератара выпадковых лікаў не хапае дадзеных для падання патрэбнага аб'ёму выпадковай інфармацыі.\n\nПрацягваць далей не варта. Абярыце ў меню 'Даведка' пункт 'Паведаміць пра памылку' і апавясціце аўтараў. + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Памылковая літара дыску. + Invalid path. + Адмена + Няма доступу да прылады. Праверце, ці існуе гэты дыск і ці не заняты ён. + Увага! Націснута клавіша Caps Lock. Гэта можа прывесці да няправільнага ўводу пароля. + Тып тома + Можа так здарыцца, што хтосьці вымусіць вас паведаміць пароль да зашыфраванага тома. У шэрагу сітуацый вы проста не зможаце адмовіцца выдаць пароль (напрыклад, у выніку вымагальніцтва). У падобных выпадках дапаможа так званы 'утоены том', які дазваляе не выдаваць пароля да сапраўды каштоўных дадзеных. + Абярыце гэтую наладу, каб стварыць звычайны том VeraCrypt. + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + Шыфраванне вонкавага тома + Шыфраванне ўтоенага тома + Налады шыфравання + УВАГА: Памылка ачысткі шляху да апошняга абранага тома/ключавога файла (запомненаму селектарам файлаў)! + ПАМЫЛКА: Кантэйнер быў сціснуты на ўзроўні файлавай сістэмы. VeraCrypt не падтрымлівае сціснутыя кантэйнеры (сціск зашыфраваных дадзеных неэфектыўны і залішні).\n\nАдключыце сціск кантэйнера, выканаўшы наступныя крокі: 1) Пстрыкніце правай кнопкай мышы ў Аглядальніку Windows (не ў VeraCrypt). 2) Абярыце пункт 'Уласцівасці'. 3) У дыялогавым акне 'Уласцівасці' націсніце кнопку 'Дадаткова'. 4) У дыялогавым акне 'Дадатковыя атрыбуты' выключыце параметр 'Сціскаць змесціва для эканоміі месца на дыску' і націсніце 'OK'. 5) Націсніце 'OK' у дыялогавым акне 'Уласцівасці'. + Памылка стварэння тома %s + Памер %s - %.2f байт + Памер %s - %.2f Кб + Памер %s - %.2f Мб + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + УВАГА: Прылада/падзел выкарыстоўваецца аперацыйнай сістэмай ці прыкладаннямі. Фарматаванне прылады/падзелу можа прывесці да страты дадзеных ці нестабільнасці сістэмы.\n\nПрацягнуць? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + ПАМЫЛКА: Прылада/падзел мае файлавую сістэму, якая не можа быць размантаваная. Магчыма, яна выкарыстоўваецца аперацыйнай сістэмай. Фарматаванне прылады/падзела хутчэй за ўсё выкліча пашкоджанне дадзеных і нестабільнасць сістэмы.\n\nДля вырашэння гэтай праблемы мы рэкамендуем спачатку выдаліць гэты падзел, затым ізноў стварыць яго без фарматавання. Вось як гэта зрабіць: 1) Пстрыкніце правай кнопкай мышы па цэтліку 'Кампутар' (ці 'Мой кампутар') в меню 'Пуск' і абярыце 'Кіраванне'. Павінна адчыніцца акно 'Кіраванне кампутарам'. 2) У акне 'Кіраванне кампутарам', абярыце 'Запамінальныя прылады' > 'Кіраванне дыскамі'. 3) Пстрыкніце правай кнопкай мышы па падзелу, які вы жадаеце зашыфраваць, і абярыце альбо 'Выдаліць падзел', альбо 'Выдаліць том', альбо 'Выдаліць лагічны дыск'. 4) Націсніце 'Так'. Калі Windows спытае перазагрузіць кампутар, зрабіце гэта. Затым паўтарыце крокі 1 і 2 і пераходзьце да крока 5. 5) Пстрыкніце правай кнопкай мышы на ўчастку з пустым месцам (ён павінен мець надпіс 'Не размеркавана'), і абярыце 'Асноўны падзел', 'Дадатковы падзел', ці 'Лагічны дыск'. 6) Павінна з'явіцца акно майстра стварэння падзелаў ці тамоў; выканайце яго інструкцыі. У акне майстра на старонцы 'Фарматаванне падзелу' абярыце альбо 'Не фарматаваць гэты падзел', альбо 'Не фарматаваць гэты том'. У тым жа акне майстра націсніце кнопку 'Далей' і затым 'Гатова'. 7) Майце на ўвазе, што абраны вамі ў VeraCrypt шлях да прылады можа быць зараз няслушным. Таму скончыце працу майстра стварэння тамоў VeraCrypt (калі ён усё яшчэ выконваецца) і запусціце яго зноў. 8) Паспрабуйце зноў зашыфраваць прыладу/падзел у VeraCrypt.\n\nКалі VeraCrypt па-ранейшаму адмовіцца шыфраваць прыладу/падзел, адкарэктуйце свае планы і стварыце замест гэтага файлавы кантэйнер. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + УВАГА: Некаторыя змантаваныя прылады/падзелы ўжо выкарыстоўваюцца.\n\nІгнараванне гэтага можа прывесці да непажаданых наступстваў, у тым ліку да нестабільнасці сістэмы.\n\nНастойліва рэкамендуецца зачыніць усе вокны, што выкарыстоўваюць гэтыя прылады/падзелы. + Абраная прылада ўтрымоўвае падзелы.\n\nФарматаванне гэтай прылады можа прывесці да нестабільнасці сістэмы і/ці пашкоджання дадзеных. Абярыце падзел на гэтай прыладзе, альбо выдаліце ўсе падзелы на ёй, каб даць магчымасць VeraCrypt бяспечна яго адфарматаваць. + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + На дыску %s вольна %.2f байт + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + Не магу атрымаць вольныя літары дыскаў. + Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Памылка ініцыявання шыфра. + Памылка: слабы ці патэнцыйна слабы ключ! Гэты ключ не прыняты. Паўтарыце спробу. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + Крытычная памылка VeraCrypt + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + Шыфраванне + Расшыфраванне + Расшыфраваць назаўсёды + Выйсці + Стварыце лагічны дыск для гэтага пашыранага падзелу і паўтарыце спробу. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + Абярыце шыфраваны том, усярэдзіне якога вы жадаеце стварыць схаваны том. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + Памылка! Немагчыма змантаваць том. Хост-файл/прылада ўжо выкарыстоўваецца. Спроба мантавання без выключнага доступу таксама патрывала няўдачу. + Немагчыма адкрыць файл. + Месцазнаходжанне тома + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Note: + Працягнуць + Адкласці + &Start + &Continue + &Фарматаваць + &Wipe + Перапыніць фарматаванне? + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + Сістэмны падзел/дыск паспяхова расшыфраваны. + \n\nТом VeraCrypt створаны і гатовы да выкарыстання. Калі вы жадаеце стварыць яшчэ адзін том VeraCrypt, націсніце кнопку 'Далей'. Інакш націсніце 'Выйсці'. + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + Том VeraCrypt паспяхова створаны. + Том створаны + ВАЖНА: Хаатычна перасоўвайце мышку ў межах гэтага акна. Чым даўжэй, тым лепш. Гэта значна павялічыць крыптаўстойлівасць ключоў шыфравання. Затым націсніце 'Размеціць', каб стварыць том. + Націсніце 'Размеціць', каб стварыць вонкавы том. Падрабязнасці гл. у дакументацыі. + Фарматаванне вонкавага тома + Фарматаванне ўтоенага тома + Фарматаванне тома + Праграма Adobe Reader (або іншы чытач) неабходны для прагляду ці друку Дапаможніка карыстача. Adobe Reader можа быць спампаваны з www.adobe.com\n\nЦі жадаеце вы замест гэтага адкрыць дапаможнік у Сеціве ? + Калі абраць гэтую наладу, майстар спачатку дапаможа вам стварыць звычайны том VeraCrypt, а затым усярэдзіне яго - утоены том. Гэты варыянт прызначаны для карыстачоў-пачаткоўцаў. + Абярыце гэтую наладу, каб стварыць утоены том усярэдзіне ўжо наяўнага тома VeraCrypt (г.зн. у вас ужо павінен быць раней створаны том VeraCrypt, прыдатны для захоўвання ўтоенага тома). + Рэжым стварэння тома + Утоены том створаны + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + Вонкавы том паспяхова створаны і змантаваны як дыск %hc:. У гэты том цяпер варта скапіяваць якія-небудзь што асэнсавана выглядаюць файлы, якія на самай справе вам хаваць НЕ трэба, каб збянтэжыць нядобразычліўца, калі ён вымусіць вас паведаміць пароль. У гэтым выпадку вы скажаце толькі пароль для гэтага вонкавага тома, але не для ўтоенага. Сапраўды каштоўныя для вас файлы будуць захоўвацца ва ўтоеным томе, створаным пазней. Калі скончыце капіяваць файлы, націсніце 'Далей'. Не размантоўвайце гэты том. НАТАТКА: Націск 'Далей' запусціць сканаванне карты кластараў вонкавага тома для высвятлення памеру бесперапыннай вольнай вобласці, канец якой стане канцом тома. Гэты ўчастак будзе прыстасаваны пад утоены том, г.зн. менавіта ім вызначаецца яго максімальна магчымы памер. Сканаванне карты кластараў гарантуе, што ніякія дадзеныя ў вонкавым томе не будуць перазапісаныя ўтоеным томам. + Змесьціва вонкавага тому + \n\nЗараз трэба вызначыць параметры для вонкавага тому, усярэдзіне якога будзе пазней створаны ўтоены том. + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + Вонкавы том + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nКарта кластараў прагледжана і максімальны памер утоенага тому вызначаны. Далей трэба вызначыць параметры, памер і пароль для ўтоенага тому. + Утоены том + Цяпер утоены том засцярожаны ад пашкоджанняў да размантавання вонкавага тома.\n\nУВАГА: Пры спробе запісу дадзеных у вобласць утоенага тома, VeraCrypt забароніць запіс на ўвесь том (вонкавы і ўтоены) да яго размантавання, бо гэта можа пашкодзіць файлавую сістэму вонкавага тома, што, у сваю чаргу, негатыўна адаб'ецца на праўдападобнасці адмаўлення наяўнасці ўтоенага тома. Таму вам варта ўсяляк перашкаджаць запіс у вобласць, дзе знаходзіцца ўтоены том. Любыя дадзеныя, якія запісваюцца ў вобласць, займаную ўтоеным томам, будуць СТРАЧАНЫЯ. Windows можа паведамляць пра гэта як пра памылку адкладзенага запісу ці няслушны параметр. + Усе ўтоеныя тамы ў зноўку змантаваных тамах засцярожаныя ад пашкоджанняў да размантавання.\n\nУВАГА: Пры спробе запісу дадзеных у вобласць утоенага тома, VeraCrypt забароніць запіс на ўвесь том (вонкавы і ўтоены) да яго размантавання, бо гэта можа пашкодзіць файлавую сістэму вонкавага тома, што, у сваю чаргу, негатыўна адаб'ецца на праўдападобнасці адмаўлення наяўнасці ўтоенага тома. Таму вам варта ўсяляк перашкаджаць запіс у вобласць, дзе знаходзіцца ўтоены том. Любыя дадзеныя, якія запісваюцца ў вобласць, займаную ўтоеным томам, будуць СТРАЧАНЫЯ. Windows можа паведамляць пра гэта як пра памылку адкладзенага запісу ці няслушны параметр. + УВАГА: Спроба запісу дадзеных у вобласць утоенага тома ў томе, змантаваным як %c:! Для засцярогі ўтоенага тома запіс гэтых дадзеных быў забаронены. Гэта магло пашкодзіць файлавую сістэму вонкавага тома, Windows можа паведамляць пра памылку адкладзенага запісу ці няслушны параметр. Запіс на ўвесь том (вонкавую і ўтоеную часткі) забаронены да яго размантавання. Калі VeraCrypt не ў першы раз перашкаджае запісы ў вобласць утоенага тома ў дадзеным томе, гэта можа неспрыяльна паўплываць на праўдападобнасць адмаўлення наяўнасці ўтоенага тома (з-за магчымых дзіўных неадпаведнасцяў у файлавай сістэме вонкавага тома). Таму мае сэнс стварыць новы том VeraCrypt (з выключаным хуткім фарматаваннем) і перанесці файлы з гэтага тома ў новы створаны; гэты том варта затым надзейна зацерці (яго вонкавую і ўнутраную часткі). Зараз настойліва рэкамендуем перазагрузіць аперацыйную сістэму. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + Патрабуецца перазагрузіць кампутар.\n\nЖадаеце перазагрузіць яго зараз? + Памылка атрымання стану сістэмнага шыфравання. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Немагчыма ініцыялізаваць кампаненты прыкладання для сістэмнага шыфравання. + Памылка ініцыялізацыі генератара выпадковых лікаў. + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Памылка ініцыялізацыі прыкладання. Немагчыма зарэгістраваць клас Dialog. + Error: Failed to load the Rich Edit system library. + Майстар стварэння шыфраванага тома + Найбольшы магчымы памер для гэтага ўтоенага тому - %.2f байт + Найбольшы магчымы памер для гэтага ўтоенага тому - %.2f Кб + Найбольшы магчымы памер для гэтага ўтоенага тому - %.2f Мб + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + Пакуль том змантаваны, змяняць пароль/ключавыя файлы гэтага тома немагчыма. Спачатку неабходна размантаваць том. + Пакуль том змантаваны, змяняць алгарытм вылічэння ключа загалоўка гэтага тома немагчыма. Спачатку неабходна размантаваць том. + Змантаваць + Для мантавання гэтага тома патрабуецца навейшая версія VeraCrypt. + Памылка: Майстар стварэння шыфраванага тома не знойдзены.\n\nУпэўніцеся, што файл 'VeraCrypt Format.exe' існуе побач з 'VeraCrypt.exe'. Калі не - усталюйце VeraCrypt ізноў, ці знайдзіце 'VeraCrypt Format.exe' і запусціце яго. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + Далей > + &Гатова + Усталяваць + Выняць + Не атрымалася падлучыцца да драйвера прылад VeraCrypt. Калі драйвер не запушчаны, праца VeraCrypt немагчыма.\n\nЗ-за асаблівасцяў Windows для загрузкі драйвера спачатку можа запатрабавацца завяршэнне сеансу ці перазагрузка сістэмы. + Памылка загрузкі/падрыхтоўкі шрыфтоў. + The drive letter was not found or no drive letter was specified. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Літара дыска недаступна. + Не абраны файл. + Няма даступных літар дыскаў. + Няма вольнай літары дыска для вонкавага тома. Стварэнне тома не можа быць працягнута. + Не атрымалася вызначыць версію АС, альбо вы выкарыстоўваеце непадтрыманую АС. + Не азначаны шлях. + Не хапае вольнага месца для ўтоенага тома. Працягнуць стварэнне тома немагчыма. + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + Драйвер не можа размантаваць том. Верагодна, на гэтым томе ёсць адкрытыя файлы. + Немагчыма заблакаваць том. На гэтым томе ёсць адкрытыя файлы, таму яго нельга размантаваць. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + Абярыце том VeraCrypt + Азначце шлях і імя файла + Select PKCS #11 Library + Мала памяці + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + УВАГА: Файл '%s' ужо існуе!\n\nВАЖНА: VERACRYPT НЕ БУДЗЕ ШЫФРАВАЦЬ ГЭТЫ ФАЙЛ, ЁН ЯГО ВЫДАЛІЦЬ. Вы сапраўды жадаеце выдаліць гэты файл і замяніць яго новым кантэйнерам VeraCrypt? + АСЦЯРОЖНА: УСЕ ДАДЗЕНЫЯ, ЯКІЯ УТРЫМОЎВАЕ %s '%s'%s, БУДУЦЬ ЗНІШЧАНЫЯ (А НЕ ЗАШЫФРАВАНЫЯ)!\n\nВы настойваеце на фарматаванні? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + Пароль + PIM + Алгарытм вылічэння ключа загалоўка + Дадаць/выдаліць ключавы файл для тома + Выдаліць усе ключавыя файлы з тома + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Звярніце ўвагу, што ваш дыск узнаўлення VeraCrypt (Rescue Disk) усё яшчэ выкарыстоўвае ранейшы алгарытм. Калі вы лічыце гэты алгарытм нядосыць надзейным, стварыце новы дыск узнаўлення VeraCrypt, пасля чаго знішчыце стары.\n\nХочаце стварыць новы дыск узнаўлення VeraCrypt? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Ключавыя файлы паспяхова дададзеныя/выдаленыя. + Keyfile exported. + Алгарытм вылічэння ключа загалоўка паспяхова ўсталяваны. + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. + Абярыце пароль для ўтоенага тома. + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + Увядзіце пароль для тома, усярэдзіне якога вы жадаеце стварыць утоены том.\n\nПасля націску 'Далей' VeraCrypt паспрабуе змантаваць том, пасля чаго праглядзіць карту кластараў змантаванага тома ў пошуку бесперапыннай вольнай вобласці, у канцы якой будзе канец тома. У гэтай вобласці размесціцца ўтоены том, г.зн. яна вызначае яго найбольшы памер. Прагляд карты патрэбен для гарантыі таго, што дадзеныя ў вонкавым томе не будуць перазапісаныя ўкладзеным томам. + \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + Пароль вонкавага тома + Пароль утоенага тома + Password for Hidden Operating System + УВАГА: Кароткія паролі лёгка ўзламаць з дапамогай тэхнік перабору.\n\nРэкамендуецца ўжываць паролі з 20 знакаў і больш.\n\nВы сапраўды жадаеце выкарыстаць кароткі пароль? + Пароль тома + Няслушны пароль, альбо гэта не том VeraCrypt. + Няслушныя ключавыя файлы і/ці пароль, або гэта не том VeraCrypt. + Wrong mount mode, incorrect password, or not a VeraCrypt volume. + Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. + Няслушны пароль, або не знойдзены том VeraCrypt. + Няслушныя ключавыя файлы/пароль, альбо не знойдзены том VeraCrypt. + \n\nУвага! Націснута клавіша Caps Lock. Гэта можа прывесці да няправільнага ўводу пароля. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < Назад + Немагчыма паказаць спіс усталяваных у сістэме raw-прылад. + Том '%s' існуе і прызначаны толькі для чытання. Вы сапраўды жадаеце яго замяніць? + Абярыце тэчку прызначэння + Абярыце ключавы файл + Абярыце шлях пошуку ключавых файлаў. УВАГА: Запамінаецца толькі шлях, але не імёны файлаў. + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Аўтары: Ross Anderson, Eli Biham і Lars Knudsen. Апублікаваны ў 1998 г. 256-бітны ключ, 128-бітны блок. Рэжым працы -- XTS. Алгарытм Serpent -- адзін з фіналістаў AES. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Памер вонкавага тома + Памер утоенага тома + Please verify that the size of the selected device/partition shown above is correct and click Next. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Памер тома + Дынамічны + Увага! ПАМЫЛКА тэсту. + Тэст усіх алгарытмаў пройдзены + Азначаная вамі колькасць адзінак дадзеных занадта доўгая або кароткая. + Азначаны вамі другасны ключ занадта доўгі або кароткі. + Няслушная даўжыня тэставага зашыфраванага тэксту. + Няслушная даўжыня тэставага ключа. + Няслушная даўжыня тэставага незашыфраванага тэксту. + Два шыфра, якія паслядоўна аперуюць у рэжыме XTS. Кожны блок спачатку шыфруецца %s (%d-бітны ключ), а затым %s (%d-бітны ключ). Кожны шыфр ужывае свой уласны ключ. Усе ключы ўзаемна незалежныя. + Тры шыфра, якія паслядоўна аперуюць у рэжыме XTS. Кожны блок спачатку шыфруецца %s (%d-бітны ключ), затым %s (%d-бітны ключ), і, нарэшце, %s (%d-бітны ключ). Кожны шыфр ужывае свой уласны ключ. Усе ключы ўзаемна незалежныя. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + Пераносны дыск VeraCrypt + Аўтары: Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall і Niels Ferguson. Апублікаваны ў 1998 г. 256-бітны ключ, 128-бітны блок. Рэжым працы -- XTS. Twofish -- адзін з фіналістаў AES. + Дэталёва пра %s + Невядома + An unspecified or unknown error occurred (%d). + Некаторыя тамы ўтрымоўваюць файлы ці тэчкі, што выкарыстоўваюцца прыкладаннямі ці сістэмай.\n\nПрадоўжыць размантаванне? + Раз&мантаваць + Памылка размантавання. + Том утрымоўвае файлы ці тэчкі, што выкарыстоўваюцца прыкладаннямі ці сістэмай.\n\nПрадоўжыць размантаванне? + No volume is mounted to the specified drive letter. + Гэты том ужо змантаваны. + Памылка пры спробе мантавання тома. + Памылка пошуку месцазнаходжання ўсярэдзіне тома. + Памылка: няслушны памер тома. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt не можа змяніць пароль для чужога яму тома. + Абярыце са спісу вольную літару дыска. + Абярыце ў спісе літар дыскаў змантаваны том. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Памылка: немагчыма стварыць autorun.inf + Памылка апрацоўкі ключавога файла. + Памылка апрацоўкі шляху ключавога файла. + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt не працуе ў гэтай аперацыйнай сістэме. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Памылка: немагчыма размеркаваць памяць. + Памылка: немагчыма аднавіць значэнне лічыльніка прадукцыйнасці. + Памылка! Дрэнны фармат тома. + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - Юрыдычныя нататкі + Усе файлы + Тамы VeraCrypt + Library Modules + Працяг NTFS-фарматавання немагчымы. + Немагчыма змантаваць том. + Немагчыма размантаваць том. + Windows не можа адфарматаваць гэты том як NTFS.\n\nАбярыце іншы тып файлавай сістэмы (калі магчыма) і паўтарыце спробу. Альбо вы можаце пакінуць гэты том нефарматаваным (у поле выбару файлавай сістэмы азначце 'Не'), зачыніць акно майстра, змантаваць том, а затым з дапамогай сістэмнай ці іншай утыліты адфарматаваць змантаваны том (ён пры гэтым застанецца зашыфраваным). + Windows не можа адфарматаваць гэты том як NTFS.\n\nЖадаеце замест гэтага адфарматаваць том як FAT? + Па змаўчанні + partition + ПАДЗЕЛ + Прылада + device + ПРЫЛАДА + Том + volume + VOLUME + Label + Для гэтага тома абраны занадта маленькі памер кластараў. Будуць скарыстаныя кластары большага памеру. + Памылка! Немагчыма атрымаць памер тома.\n\nПраверце, ці не выкарыстоўваецца абраны том сістэмай ці якой-небудзь праграмай. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + Майстар стварэння тамоў VeraCrypt здольны ствараць утоены том толькі ўсярэдзіне тамоў FAT ці NTFS. + У асяроддзі Windows 2000 майстар стварэння тамоў VeraCrypt здольны ствараць утоены том толькі ўсярэдзіне тамоў FAT. + Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). + Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Памылка! Няма доступу да тома.\n\nПраверце, ці існуе гэты том, ці не змантаваны ён, ці не выкарыстоўваецца сістэмай або якой-небудзь праграмай, якой вы далі правы чытання/запісу гэтага тома, і ці не засцярожаны ён ад запісу. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Памылка! Немагчыма размантаваць вонкавы том.\n\nТом нельга размантаваць, калі ён утрымоўвае файлы ці тэчкі, што выкарыстоўваюцца якой-небудзь праграмай ці сістэмай.\n\nЗачыніце ўсе праграмы, якія могуць выкарыстоўваць файлы і тэчкі на гэтым томе, і націсніце 'Паўтор'. + Памылка! Немагчыма атрымаць інфармацыю пра вонкавы том. Стварэнне тома спынена. + Памылка! Няма доступу да вонкавага тома. Працяг стварэння тома немагчымы. + Памылка! Немагчыма змантаваць вонкавы том. Стварэнне тома не можа быць працягнута. + Памылка! Немагчыма атрымаць карту кластараў тома. Стварэнне тома не можа быць працягнута. + Па алфавіце/катэгорыям + Сярэдняя хуткасць (змяншэнне) + Алгарытм + Шыфраванне + Дэшыфраванне + Сярэдняе + Дыск + Памер + Алгарытм шыфравання + Алгарытм шыфравання + Тып + Значэнне + Уласцівасць + Размяшчэнне + байт + Утоены + Вонкавы + Звычайны + Сістэма + Hidden (system) + Толькі для чытання + Сістэмны дыск + Сістэмны дыск (шыфраванне - %.2f%% гатова) + Сістэмны дыск (дэшыфраванне - %.2f%% гатова) + Сістэмны дыск (%.2f%% зашыфравана) + Сістэмны падзел + Hidden system partition + Сістэмны падзел (шыфраванне - %.2f%% гатова) + Сістэмны падзел (дэшыфраванне - %.2f%% гатова) + Сістэмны падзел (%.2f%% зашыфравана) + Так (засцярога ад пашкоджанняў!) + Не + Primary Key Size + Secondary Key Size (XTS Mode) + Tweak Key Size (LRW Mode) + біт + Памер блока + PKCS-5 PRF + Лік ітэрацый PKCS-5 + Том створаны + Апошняя змена загалоўка + (прайшло дзён: %I64d) + Volume Format Version + Embedded Backup Header + VeraCrypt Boot Loader Version + 1-ая даступная + Removable Disk + Цвёрды дыск + Не змяняць + Autodetection + Рэжым майстра + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Параметры ўсталёўкі + Тут можна абраць розныя параметры, якія ўплываюць на ўсталёўку праграмы. + Усталёўка + Пачакайце, ідзе ўсталёўка VeraCrypt. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Параметры вымання + Тут можна абраць розныя параметры, якія ўплываюць на выманне файлаў. + Пачакайце, ідзе выманне файлаў. + Files successfully extracted + Усе файлы паспяхова вынятыя ў азначанае месца прызначэння. + Калі азначанай тэчкі не існуе, яна будзе створаная аўтаматычна. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Паказаць нататкі да бягучай (апошняй стабільнай) версіі VeraCrypt? + Калі вы ніколі раней не працавалі з VeraCrypt, рэкамендуецца азнаёміцца з падзелам для пачаткоўцаў у Кіраўніцтве карыстача VeraCrypt. Жадаеце прачытаць дакументацыю? + Абярыце жаданае дзеянне: + Аднавіць/пераўсталяваць + Upgrade + Выдаліць + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + Усталёўка не выкананая. + Выдаленне не выканана. + Гэты дыстрыбутыўны пакет пашкоджаны. Загрузіце яго ізноў (пажадана з афіцыйнага сайта VeraCrypt - https://veracrypt.codeplex.com). + Немагчыма запісаць файл %s + Выманне + Немагчыма прачытаць дадзеныя з дыстрыбутыва. + Немагчыма праверыць цэласнасць гэтага дыстрыбутыўнага пакета. + Выманне не выканана. + Усталёўка звернута назад. + Праграма VeraCrypt паспяхова ўсталяваная. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + Праграма VeraCrypt паспяхова выдаленая.\n\nНацісніце 'Гатова', каб выдаліць усталёўнік VeraCrypt і тэчку %s. Тэчка не будзе выдаленая, калі ў ёй утрымоўваюцца якія-небудзь файлы, створаныя не ўсталёўнікам і не самой праграмай VeraCrypt. + Выдаленне запісаў VeraCrypt у рэестры + Даданне элемента ў рэестр + Выдаленне датычных праграмы дадзеных + Усталёўка + Прыпыненне + Выдаленне + Даданне значка + Стварэнне пункта аднаўлення сістэмы + Памылка стварэння пункта аднаўлення сістэмы. + Updating boot loader + Failed to install '%s'. %s\nDo you want to continue installing? + Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? + Усталёўка завершаная. + Не атрымалася стварыць тэчку '%s' + Немагчыма выгрузіць драйвер VeraCrypt.\n\nСпачатку зачыніце ўсе адчыненыя вокны VeraCrypt. Калі гэта не дапаможа, перазагрузіце Windows і паспрабуйце яшчэ раз. + Перш чым працягнуць усталёўку ці выдаленне VeraCrypt, трэба размантаваць усе VeraCrypt-тамы. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + Памылка ўсталёўкі элементаў у рэестры + Памылка ўсталёўкі драйвера прылады. Перазагрузіце Windows і паспрабуйце ўсталяваць VeraCrypt яшчэ раз. + Запуск драйвера VeraCrypt + Памылка выдалення драйвера прылад. Звярніце ўвагу, што з-за асаблівасцяў Windows для выдалення (або пераўсталёўкі) драйвера можа запатрабавацца завяршыць сеанс працы ці перазагрузіць сістэму. + Усталёўка драйвера VeraCrypt + Прыпыненне драйвера VeraCrypt + Выдаленне драйвера VeraCrypt + Памылка рэгістрацыі бібліятэкі падтрымкі кіравання ўліковымі запісамі карыстачоў (User Account Control). + Памылка адмены рэгістрацыі бібліятэкі падтрымкі кіравання ўліковымі запісамі карыстачоў (User Account Control). + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + Памылка адлюстравання ліцэнзіі. + Вонкавы(!) + дн. + г. + хв. + c. + Адкрыць + Размантаваць + Паказаць VeraCrypt + Схаваць VeraCrypt + Счытана дадзеных пасля мантавання + Запісана дадзеных пасля мантавання + Зашыфраваная частка + 100% (цалкам зашыфравана) + 0% (не зашыфравана) + %.3f%% + 100% + Чаканне + Preparing + Resizing + Шыфраванне + Дэшыфраванне + Finalizing + Прыпынена + Скончана + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Увядзіце пароль для %s + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + Ключавы файл паспяхова створаны. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + Рэзервовая копія загалоўка тома паспяхова створаная.\n\nВАЖНА: Пры аднаўленні загалоўка з гэтай рэзервовай копіі таксама будзе адноўлены і бягучы пароль тома. Больш таго, калі для мантавання тома патрабуюцца ключавыя файлы, пасля аднаўлення загалоўка з копіі для мантавання тома спатрэбяцца тыя ж ключавыя файлы.\n\nУВАГА: Гэтую копію загалоўка тома можна выкарыстаць для аднаўлення загалоўка ТОЛЬКІ гэтага пэўнага тома. Калі ўжыць гэтую копію для аднаўлення загалоўка іншага тома, змантаваць том вы зможаце, але вам НЕ атрымаецца расшыфраваць ніякіх дадзеных, якія захоўваюцца ў гэтым томе (бо гэта зменіць яго майстар-ключ). + Загаловак тома паспяхова адноўлены.\n\nВАЖНА: Майце на ўвазе, што разам з загалоўкам таксама мог быць адноўлены і ранейшы пароль. Больш таго, калі на момант стварэння рэзервовай копіі для мантавання тома таксама патрабаваліся ключавыя файлы, гэтыя ж ключавыя файлы спатрэбяцца для мантавання дадзенага тома цяпер. + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + Вы сапраўды жадаеце аднавіць загаловак тома %s?\n\nУВАГА: Пры аднаўленні загалоўка таксама будзе адноўлены пароль тома, які дзейнічаў на момант стварэння рэзервовай копіі. Больш таго, калі на момант стварэння рэзервовай копіі для мантавання тома таксама патрабаваліся ключавыя файлы, пасля аднаўлення загалоўка для мантавання дадзенага тома спатрэбяцца гэтыя ж ключавыя файлы.\n\nНацісніце 'Так', каб абраць файл з рэзервовай копіяй загалоўка. + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + Вы спрабуеце зрабіць рэзервовую копію загалоўка сістэмнага падзелу/дыска. Гэта не дазволена. Аперацыі рэзервовага капіявання/узнаўлення, якія тычацца сістэмнага падзелу/дыску, можна выконваць толькі з дапамогай дыска ўзнаўлення VeraCrypt (Rescue Disk).\n\nСтварыць дыск узнаўлення VeraCrypt? + Вы спрабуеце аднавіць з рэзервовай копіі загаловак віртуальнага тома VeraCrypt, але абралі сістэмны падзел/дыск. Гэта не дазволена. Аперацыі рэзервовага капіявання/узнаўлення, якія тычацца сістэмнага падзелу/дыску, можна выконваць толькі з дапамогай дыска ўзнаўлення VeraCrypt (Rescue Disk).\n\nСтварыць дыск узнаўлення VeraCrypt? + Пасля націску OK абярыце імя файла для ISO-выявы новага дыска ўзнаўлення VeraCrypt (Rescue Disk) і месца, дзе яго трэба захаваць. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Каб праверыць дыск узнаўлення VeraCrypt, устаўце яго ў CD/DVD-назапашвальнік і націсніце OK. + Дыск узнаўлення VeraCrypt паспяхова прайшоў праверку. + Немагчыма праверыць правільнасць запісу дыска ўзнаўлення.\n\nКалі вы запісалі дыск узнаўлення, дастаньце CD/DVD з назапашвальніка і ўстаўце зноў; затым націсніце 'Далей', каб паўтарыць спробу. Калі гэта не дапаможа, паспрабуйце скарыстацца іншым ПЗ для запісу CD/DVD і/ці іншым CD/DVD.\n\nКалі вы спрабавалі праверыць дыск узнаўлення VeraCrypt, створаны з іншым майстар-ключом, паролем, 'соллю' і г.д., ведайце, што такі дыск узнаўлення не пройдзе гэтую праверку ніколі. Каб стварыць новы дыск узнаўлення, цалкам сумяшчальны з бягучай канфігурацыяй, абярыце меню 'Сістэма' > 'Стварыць дыск узнаўлення'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Памылка стварэння дыска аварыйнага ўзнаўлення VeraCrypt. + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Перш чым працягнуць, размантуйце том. + ПАМЫЛКА: Немагчыма ўсталяваць таймер. + Праверка файлавай сістэмы + Рамонт файлавай сістэмы + Add to Favorites... + Add to System Favorites... + P&roperties... + Утоены том абаронены + N/A + Так + Не + Disabled + 1 + 2 і больш + Рэжым аперацыі + Label: + Size: + Path: + Drive Letter: + Памылка! Пароль павінен утрымоўваць толькі знакі стандартнага набору ASCII.\n\nЗнакі не з набору ASCII могуць прывесці да немагчымасці мантавання тома пры змене налад у канфігурацыі сістэмы.\n\nДазваляецца выкарыстоўваць наступныя знакі:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Увага! Пароль утрымоўвае не-ASCII знакі. Гэта можа прывесці да немагчымасці мантавання тома пры змене канфігурацыі сістэмы.\n\nВам варта замяніць усе не-ASCII знакі ў паролі на знакі ASCII. Для гэтага пстрыкніце на меню 'Тамы' -> 'Змяніць пароль тома'.\n\nЗнакамі ASCII лічацца:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Хатняя старонка + УВАГА: У сістэме не ўсталявана ніводнага пакета абнаўленняў (Service Pack) Windows. Калі ў Windows XP не ўсталяваны Service Pack 1 (ці навейшы), не варта выконваць запіс на дыскі IDE аб'ёмам больш 128 Гб, інакш магчыма пашкоджанне дадзеных (усё роўна, з'яўляюцца яны тамамі VeraCrypt ці не). Гэтае абмежаванне Windows, а не памылка ў VeraCrypt. + УВАГА: У сістэме не ўсталяваны пакет абнаўленняў Windows Service Pack 3 (ці навейшы). Калі ў Windows 2000 не ўсталяваны Service Pack 3 (ці навейшы), не варта выконваць запіс на дыскі IDE аб'ёмам больш 128 Гб, інакш магчыма пашкоджанне дадзеных (усё роўна, з'яўляюцца яны тамамі VeraCrypt ці не). Гэтае абмежаванне Windows, а не памылка ў VeraCrypt. Акрамя таго, можа запатрабавацца ўключыць у рэестры падтрымку 48-бітнага адрасавання LBA; падрабязнасці гл. на http://support.microsoft.com/kb/305098/EN-US + УВАГА: У вашай сістэме адключаная падтрымка 48-біт LBA ATAPI. Таму вам не варта выконваць запіс на IDE-дыскі аб'ёмам большым за 128 Гбайт! У адваротным выпадку гэта можа выклікаць пашкоджанне дадзеных на дыску (як на томе VeraCrypt, гэтак і на звычайным падзеле). Гэта - абмежаванне Windows, якое не мае ніякага дачынення да VeraCrypt.\n\nКаб уключыць падтрымку 48-біт рэжыму LBA, дадайце ў рэестр у ключ HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters значэнне 'EnableBigLba', і дайце яму значэнне 1.\n\nГл. падрабязнасці тут: http://support.microsoft.com/kb/305098 + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + УВАГА: Калі вам запатрабуецца пазней дадаваць у вонкавы том яшчэ дадзеныя/файлы, варта падбаць пра памяншэнне памеру ўтоенага тома.\n\nВы жадаеце працягнуць і выкарыстаць паказаны вамі памер? + Не абраны том.\n\nНацісніце кнопку 'Прылада' ці 'Файл' і абярыце том VeraCrypt. + No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. + УВАГА: Калі ўсталяваныя і актываваныя ключавыя файлы па змаўчанні, мантаваць тамы, што іх НЕ выкарыстоўваюць, будзе немагчыма. Пры мантаванні такіх тамоў не забывайце выключаць наладу 'Ключавыя файлы' (ніжэй поля ўводу пароля).\n\nВы сапраўды жадаеце захаваць абраныя ключавыя файлы/шляхі як выкарыстаныя па змаўчанні? + Аўтамантаванне прылад + Размантаваць усё + Ачыстка кэша + Dismount All & Wipe Cache + Размантаваць усё і ачысціць кэш + Размантаваць усё, ачысціць кэш і выйсці + Змантаваць абраныя тамы + Паказаць/схаваць галоўнае акно VeraCrypt + (пстрыкніце тут і націсніце клавішу) + Дзеянне + Хуткі выклік + Памылка! Гэтая хуткая клавіша зарэзерваваная. Абярыце іншую. + Памылка! Гэтая хуткая клавіша ўжо выкарыстоўваецца. + УВАГА: Некаторыя агульнасістэмныя хуткія клавішы VeraCrypt не будуць працаваць!\n\nПраверце, ці не выкарыстоўваюцца тыя ж клавішы іншымі прыкладаннямі ці аперацыйнай сістэмай. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + УВАГА: Калі выключыць гэты параметр, стане немагчыма аўтаматычна размантаваць тамы, што утрымоўваюць адкрытыя файлы/тэчкі.\n\nВы сапраўды жадаеце выключыць гэты параметр? + УВАГА: Тамы з адкрытымі файламі/тэчкамі НЕ будуць аўтаматычна размантоўвацца.\n\nКаб пазбегнуць такога эфекту, уключыце ў гэтым акне наступны параметр: 'Аўтаразмантаваць тамы нават пры адкрытых файлах/тэчках' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + Вы запланавалі шыфраванне ці дэшыфраванне сістэмнага падзелу/дыска. Гэты працэс пакуль яшчэ не завершаны.\n\nЖадаеце пачаць (працягнуць) працэс цяпер? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Выйсці? + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Жадаеце перапыніць і адкласці працэс шыфравання сістэмнага падзелу/дыска?\n\nНататка: пазней працэс можна будзе аднавіць з той кропкі, дзе ён быў прыпынены. Гэта можна зрабіць, напрыклад, абраўшы ў галоўным акне VeraCrypt меню 'Сістэма' > 'Працягнуць перапынены працэс'. Калі вы жадаеце канчаткова перапыніць працэс або зусім адмовіцца ад шыфравання, абярыце 'Сістэма' > 'Назаўсёды расшыфраваць сістэмны падзел/дыск'. + Жадаеце перапыніць і адкласці працэс дэшыфравання сістэмнага падзелу/дыска?\n\nНататка: пазней працэс можна будзе аднавіць з той кропкі, дзе ён быў прыпынены. Гэта можна зрабіць, напрыклад, абраўшы ў галоўным акне VeraCrypt меню 'Сістэма' > 'Працягнуць перапынены працэс'. Калі вы жадаеце адмовіцца ад дэшыфравання (і пачаць шыфраванне), абярыце 'Сістэма' > 'Зашыфраваць сістэмны падзел/дыск'. + Памылка! Не атрымалася перапыніць шыфраванне/дэшыфраванне сістэмнага падзелу/дыска. + Error: Failed to interrupt the process of wiping. + Памылка! Не атрымалася аднавіць перапыненае шыфраванне/дэшыфраванне сістэмнага падзелу/дыска. + Error: Failed to start the process of wiping. + Неадпаведнасць ухілена.\n\n\n(Калі вы паведамляеце пра датычную гэтага памылку, дадайце да сваёй справаздачы наступную тэхнічную інфармацыю: %hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + УВАГА: Фонавы працэс VeraCrypt адключаны. Пры выхадзе з VeraCrypt вы не будзеце апавешчаныя аб прадухіленні пашкоджання ўтоенага тома.\n\nНататка: фонавы працэс можна закрыць у любы момант, пстрыкнуўшы правай кнопкай мышы на значку VeraCrypt у сістэмным латку і абраўшы 'Выйсці'.\n\nУключыць фонавы працэс VeraCrypt? + Версія моўнага модуля: %s + Праверка файлавай сістэмы тома VeraCrypt, змантаванага як %s... + Спроба паправіць файлавую сістэму тома VeraCrypt, змантаванага як %s... + УВАГА: Гэты том зашыфраваны з выкарыстаннем састарэлага алгарытму.\n\nУсе алгарытмы шыфравання з 64-біт блокамі (напрыклад, Blowfish, CAST-128, Triple DES) вышлі з выкарыстання. У наступных версіях VeraCrypt мантаванне гэтага тома будзе магчыма, аднак ніякіх паляпшэнняў у рэалізацыі гэтых састарэлых алгарытмаў шыфравання не прадбачыцца. Рэкамендуем вам стварыць новы том VeraCrypt з шыфраваннем па алгарытму з 128-бітнымі блокамі (напрыклад, AES, Serpent, Twofish і інш.) і перанесці ўсе файлы з гэтага тома ў новы. + Ваша сістэма не наладжаная на аўтамантаванне новых тамоў. Мантаванне тамоў VeraCrypt на аснове прылад можа стаць немагчымым. Каб уключыць аўтамантаванне, выканайце наступную каманду і перазагрузіце сістэму:\n\nmountvol.exe /E + Перш чым працягнуць, прысвойце падзелу/прыладзе літару дыска ('Панэль кіравання' > 'Адміністраванне' > 'Кіраванне кампутарам' - 'Кіраванне дыскамі').\n\nЗаўвага: гэта патрабаванне аперацыйнай сістэмы. + Змантаваць том VeraCrypt + Размантаваць усе тамы VeraCrypt + VeraCrypt не можа атрымаць правы адміністратара. + Доступ забаронены аперацыйнай сістэмай.\n\nМагчымы чыннік: для чытання/запісу дадзеных у некаторых тэчках, файлах і прыладах аперацыйная сістэма патрабуе ў вас наяўнасці правоў чытання/запісу system (прывілеяў адміністратара). Па змаўчанні карыстачу без правоў адміністратара дазваляецца ствараць, чытаць і змяняць файлы толькі ў тэчцы з яго дакументамі ('Мае дакументы'). + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + Для загрузніка VeraCrypt неабходна не меней за 32 Кбайт вольнага месца ў пачатку сістэмнага дыска (загрузнік VeraCrypt павінен размяшчацца ў гэтай вобласці). Ваш дыск гэтай умове не задавальняе.\n\nКалі ласка, НЕ паведамляйце нам пра гэта як пра памылку/праблему ў працы VeraCrypt. Каб вырашыць гэтую праблему, вам трэба пераразмеціць свой дыск, пакінуўшы вольнымі першыя 32 Кбайт (у большасці выпадкаў досыць выдаліць і ізноў стварыць першы падзел). Рэкамендуем выкарыстаць для гэтага дыспетчар падзелаў Microsoft, усталяваны разам з Windows. + Гэтая функцыя не падтрымліваецца аперацыйнай сістэмай той версіі, якую вы цяпер выкарыстоўваеце. + У гэтай версіі аперацыйнай сістэмы VeraCrypt не падтрымлівае шыфраванне сістэмнага падзелу/дыска. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Ваш сістэмны дыск мае табліцу падзелаў GUID (GPT). Пакуль падтрымліваюцца толькі дыскі з табліцай падзелаў MBR. + АСЦЯРОЖНА: На сістэмным дыску ўжо ўсталяваны загрузнік VeraCrypt!\n\nМагчыма, у вашым кампутары ёсць іншая ўжо зашыфраваная сістэма.\n\nУВАГА: У ВЫПАДКУ ПРАЦЯГУ ШЫФРАВАННЯ БЯГУЧАЙ СІСТЭМЫ ЁСЦЬ ВЕРАГОДНАСЦЬ, ШТО ІНШЫЯ СІСТЭМЫ НЕ ЗМОГУЦЬ ЗАГРУЖАЦЦА, А ІХ ДАДЗЕНЫЯ СТАНУЦЬ НЕДАСТУПНЫМІ.\n\nВы сапраўды жадаеце працягнуць? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + Зыходны сістэмны загрузнік не будзе захаваны на дыску ўзнаўлення (магчымы чыннік: няма файла з рэзервовай копіяй). + Памылка запісу сектара MBR.\n\nBIOS у вашым ПК можа быць наладжаная на засцярогу сектара MBR. Праверце ў наладах BIOS (націсніце клавішу F2, Delete ці Esc адразу пасля ўключэння кампутара), ці не ўключаная антывірусная/MBR засцярога. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + Сістэмны падзел/дыск выглядае як цалкам зашыфраваны. + VeraCrypt не падтрымлівае шыфраванне сістэмнага дыска, які быў ператвораны ў дынамічны дыск. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Жадаеце зашыфраваць замест усяго дыска толькі сістэмны падзел?\n\nЗвярніце ўвагу, што вы можаце ствараць тамы VeraCrypt на аснове падзелаў усярэдзіне любых не-сістэмных падзелаў на дыску (у дадатак да шыфравання сістэмнага падзелу). + Паколькі сістэмны дыск утрымоўвае толькі адзін падзел, які займае ўвесь дыск, пераважней (больш бяспечна) зашыфраваць увесь дыск, у тым ліку вольнае "рэзервовае" месца, якое звычайна атачае такі падзел.\n\nЖадаеце зашыфраваць увесь сістэмны дыск? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + У дадзены момант гэты алгарытм для шыфравання сістэмы не падтрымліваецца. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. + Памылка! Немагчыма ўсталяваць раскладку клавіятуры для VeraCrypt у стандартную амерыканскую (US).\n\nЗвярніце ўвагу, што пароль уводзіцца ДА загрузкі Windows, калі любыя раскладкі клавіятуры, адрозныя ад амерыканскай, яшчэ недаступныя. Таму пароль заўсёды павінен уводзіцца пры стандартнай амерыканскай раскладцы. + As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. + VeraCrypt prevented change of keyboard layout. + Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + Памылка! Немагчыма захаваць усталёўкі сістэмнага шыфравання. + Немагчыма ініцыяваць перад-тэст сістэмнага шыфравання. + Cannot initiate the process of creation of the hidden operating system. + Рэжым ачысткі + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + Не (самы хуткі) + 1-pass (random data) + 3 праходы (US DoD 5220.22-M) + 7 праходаў (US DoD 5220.22-M) + 35-pass ("Gutmann") + 256-pass + Лік аперацыйных сістэм + УВАГА: Неспрактыкаваным карыстачам не варта спрабаваць шыфраваць Windows у мультызагрузных канфігурацыях.\n\nПрацягнуць? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Загрузны дыск + Запушчаная ў дадзены момант аперацыйная сістэма ўсталяваная на загрузным дыску?\n\nНататка: часам Windows бывае ўсталяваная не на тым дыску, з якога яна грузіцца (дзе знаходзіцца загрузны падзел). Калі гэта ваш выпадак, то абярыце 'Не'. + У дадзены момант VeraCrypt не падтрымлівае шыфраванне аперацыйнай сістэмы, якая загружаецца не з таго ж дыска, на якім яна ўсталяваная. + Лік сістэмных дыскаў + Колькі дыскаў утрымоўвае аперацыйная сістэма?\n\nНататка: напрыклад, калі ў вас адна аперацыйная сістэма (скажам, Windows, Mac OS X, Linux і г.д.) усталяваная на першасным дыску, а іншая -- на другасным, абярыце '2 ці больш'. + У дадзены момант VeraCrypt не падтрымлівае шыфраванне ўсяго дыска, які ўтрымоўвае некалькі аперацыйных сістэм.\n\nМагчымыя варыянты:\n\n- Вы можаце зашыфраваць адну з сістэм, калі вернецеся назад і абярэце шыфраванне толькі аднаго сістэмнага падзелу (а не ўсяго сістэмнага дыска).\n\n- Вы зможаце зашыфраваць увесь дыск, калі перамесціце некаторыя сістэмы на іншыя дыскі, пакінуўшы толькі адну АС на дыску, якую жадаеце зашыфраваць. + Некалькі сістэм на адным дыску + На дыску, дзе ўсталяваная бягучая АС, ёсць іншыя аперацыйныя сістэмы?\n\nНататка: напрыклад, калі бягучая АС усталяваная на дыску #0, які мае некалькі падзелаў, і калі на адным з падзелаў знаходзіцца Windows, а на іншым -- яшчэ адна АС (скажам, Windows, Mac OS X, Linux і г.д.), то абярыце 'Так'. + Адрозны ад Windows загрузнік + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + Мультызагрузка + Пакуль VeraCrypt не падтрымлівае мультызагрузныя канфігурацыі, дзе ў галоўным загрузным запісе (MBR) усталяваны не стандартны загрузнік Windows.\n\nМагчымыя варыянты:\n\n- Калі вы выкарыстоўваеце загрузны мэнэджар для загрузкі Windows і Linux, перанясіце яго (звычайна гэта GRUB) з MBR у падзел. Затым запусціце зноў гэты майстар і зашыфруйце сістэмны падзел/дыск. Звярніце ўвагу, што загрузнік VeraCrypt стане асноўным загрузным мэнэджарам і дазволіць вам запускаць зыходны загрузны мэнэджар (скажам, GRUB) як другасны (націскам Esc пры адлюстраванні экрана загрузніка VeraCrypt) і, такім чынам, запускаць Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + Пошук утоеных сектараў + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + Вобласць шыфравання + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Збор выпадковых дадзеных + Згенераваныя ключы + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Запіс дыска ўзнаўлення + Rescue Disk Created + Перад-тэст шыфравання сістэмы + Дыск узнаўлення правераны + \nДыск узнаўлення VeraCrypt (Rescue Disk) паспяхова прайшоў праверку. Дастаньце яго з назапашвальніка і пакладзіце ў надзейнае месца.\n\nНацісніце 'Далей' для працягу. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + Увага! З прычыны тэхнічных абмежаванняў асяроддзя да загрузкі АС, паведамленні VeraCrypt на гэтым этапе (г.зн. да старту Windows), не падлягаюць лакалізацыі. Карыстацкі інтэрфейс загрузніка VeraCrypt цалкам на ангельскай мове.\n\nПрацягнуць? + Перш чым зашыфраваць сістэмны падзел ці дыск, VeraCrypt павінен праверыць, што ўсё працуе як трэба.\n\nПасля націску 'Тэст' будуць усталяваныя ўсе неабходныя кампаненты (напрыклад, перадзагрузны ідэнтыфікатар, г.зн. загрузнік VeraCrypt), і кампутар перазагрузіцца. Затым на экране загрузніка (VeraCrypt Boot Loader), які з'явіцца да старту Windows, вам запатрабуецца ўвесці свой пароль. Пасля запуску Windows вам аўтаматычна паведамяць пра вынікі гэтага папярэдняга тэсту.\n\nБудзе зменена наступная прылада: Дыск #%d\n\n\nКалі вы цяпер націснеце 'Адмена', то нічога ўсталявана не будзе, і перад-тэст не будзе выконвацца. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Перад-тэст выкананы + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + Вы жадаеце адмяніць перад-тэст шыфравання сістэмы? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + The system partition/drive does not appear to be encrypted (neither partially nor fully). + Сістэмны падзел/дыск зашыфраваны (часткова ці цалкам).\n\nПерш чым працягнуць, цалкам дэшыфруйце сістэмны падзел/дыск. Каб гэта зрабіць, абярыце ў галоўным акне VeraCrypt меню 'Сістэма' > 'Permanently Decrypt System Partition/Drive'. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + У дадзены момант ідзе шыфраванне, дэшыфраванне ці іншая мадыфікацыя сістэмнага падзелу/дыска. Перш чым працягнуць, перапыніце працэс шыфравання/дэшыфраванні/мадыфікацыі (ці дачакайцеся яго заканчэння). + У сістэме ўжо запушчаная копія майстра стварэння тамоў VeraCrypt, яна выконвае ці падрыхтоўвае шыфраванне/дэшыфраванне сістэмнага падзелу/дыска. Перш чым працягнуць, дачакайцеся завяршэння працы майстра ці закрыйце яго. Калі закрыць майстра не атрымоўваецца, перазагрузіце кампутар і працягніце. + Шыфраванне ці дэшыфраванне сістэмнага падзелу/дыска не завершанае. Перш чым працягнуць, дачакайцеся заканчэння гэтага працэсу. + Error: The process of encryption of the partition/drive has not been completed. It must be completed first. + Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + Error: Incorrect/invalid parameter. + Вы абралі падзел ці прыладу, але абраны рэжым майстра падыходзіць толькі для файлавых кантэйнераў.\n\nЖадаеце змяніць рэжым майстра? + Жадаеце замест гэтага стварыць файлавы кантэйнер VeraCrypt? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Вы сапраўды жадаеце назаўсёды дэшыфраваць сістэмны падзел/дыск? + АСЦЯРОЖНА: Калі вы назаўсёды дэшыфруеце сістэмны падзел/дыск, дадзеныя на яго будуць запісвацца ў незашыфраваным выглядзе.\n\nВы сапраўды жадаеце назаўсёды дэшыфраваць сістэмны падзел/дыск? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Памылка абнаўлення загрузніка VeraCrypt. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. + Skip detection of hidden sectors (use the size reported by the operating system) + Try to detect hidden sectors again + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Дыск узнаўлення + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Тэст + Ключавы файл + Backspace + Tab + Ачысціць + Enter + Pause + Caps Lock + Прабел + Page Up + Page Down + End + Home + Стрэлка налева + Стрэлка ўверх + Стрэлка направа + Стрэлка ўніз + Клавіша выбару + Клавіша друку + Клавіша выканання + Print Screen + Insert + Delete + Клавіша прыкладанняў + Сон + Num Lock + Scroll Lock + Аглядальнік - назад + Аглядальнік - наперад + Аглядальнік - абнавіць + Аглядальнік - стоп + Аглядальнік - пошук + Аглядальнік - Абранае + Аглядальнік - Пачатковая старонка + Без гуку + Паменшыць гучнасць + Павялічыць гучнасць + Наступны трэк + Папярэдні трэк + Стоп + Пуск/паўза + Клавіша запуску пошты + Клавіша выбару носьбіта + Прыкладанне 1 + Прыкладанне 2 + Attn + СтвВыл + РасВыл + Пуск + Зум + NumPad + Shift + Control + Alt + Win + б + Кб + Мб + Гб + Тб + Пб + б/с + Кб/с + Мб/с + Гб/с + Тб/с + Пб/с + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.bg.xml b/Translations/Language.bg.xml index 42e159bc..fb178133 100644 --- a/Translations/Language.bg.xml +++ b/Translations/Language.bg.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Отказ - Инсталиране &за всички потребители - Из&бор... - Добавяне на VeraCrypt икон на &десктопа - Donate now... - Асоцииране на '.hc' файлови раз&ширения с VeraCrypt - &Отваряне на целевата директория след приключване - Добавяне на VeraCrypt в &Start менюто - Създаване на System &Restore point - &Деинсталиране - &Извличане - &Инсталиране - VeraCrypt Инсталатор - Деинсталиране на VeraCrypt - &Помощ - Моля изберете или напишете директорията в която желаете да бъдат поставени извлечените файлове: - Моля изберете или напишете директорията в която желаете да бъдат инсталирани програмните файлове на VeraCrypt. Ако зададената директория не съществува, тя ще бъде създадена автоматично. - Натиснете Деинсталиране за да премахнете VeraCrypt от тази система. - Отмяна - &Benchmark - &Тест - Създаване и форматиране на криптиран том - Криптиране на дял на място - Показване на генерираните ключове (техните части) - Показване на запаса - Сваляне на софтуер за запис на CD/DVD - Създаване на криптиран контейнер-файл - &GB - &TB - Повече информация - Ск&рит VeraCrypt том - Повече информация за скрити томове - Директен режим - Нормален режим - &KB - &Ключ-файлове - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - &Ключ-файлове.. - Информация за хеш алгоритми - Повече информация - Information on PIM - &MB - Повече информация - Повече информация за криптиране на системата - Повече информация - Много ОС (Multi-Boot) - Криптиране на несистемен дял/устройство - Историята да не &се запазва - Отваряне на външен том - &Пауза - Use P&IM - Use PIM - Бърз формат - Видима &парола - Видима &парола - &Display PIM - Една ОС (Single-boot) - Стандартен VeraCrypt том - Скри&т - Нормален - Криптиране на системния дял или цялото системно устройство - Криптиране на Windows системния дял - Криптиране на цялото устройство - VeraCrypt - Помощник за създаване на томове - Клъстер - ВАЖНО: Движете мишкта в този прозорец колкото се може по-случайно. Колкото по-дълго я движите, толкова по-добре. Това значително повишава криптографската сила на ключ-файла. След това натиснете Напред за да продължите. - &Парола пак: - Готов - Drive letter: - Криптиращ алгоритъм - ФС - Създаване на виртуален криптиран диск във файл. Препоръчва се за начинаещи потребители. - Опции - Хеш алгоритъм - Заглавен ключ: - Остава - Главен ключ: - Изберете тази опция, ако има две или повече операционни системи инсталирани на този компютър.\n\nНапример:\n- Windows XP и Windows XP\n- Windows XP и Windows Vista\n- Windows и Mac OS X\n- Windows и Linux\n- Windows, Linux и Mac OS X - Криптира несистемен дял на външно или вътрешно устройство (например флаш памет). Може да създава и скрит том. - Съдържание на текущия запас (частично) - Пас - Парола: - Volume PIM: - Volume PIM: - Прогрес: - Случайност: - Изберете тази опция, ако на този компютър има инсталирана само една операционна система (дори тя да има много потребители). - Скорост - Статус - Ключовете, солта, и други данни са генерирани успешно. Ако желаете да генерирате нови ключове, натиснете Назад и след това Напред. В противен случай, натиснете Напред за да продължите. - Криптиране на дяла/устройството където Windows е инсталиран. Всеки, който иска да получи достъп и да използва системата, да чете и записва файлове, и т.н., ще трябва да въведе правилната парола всеки път преди Windows да стартира. Може да създава скрит том. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Изчистващ режим: - Затваряне - Позволява pre-boot &автентикацията да бъде прескочена при натискане на клавиш Esc (активира boot мениджъра) - Да не се прави нищо - &Авто-монтиране на VeraCrypt том (зададен по-долу) - &Стартиране на VeraCrypt - Автоматично &намиране на библиотека - &Кеширане на паролата за pre-boot автентикация в паметта на драйвера (за монтиране на несистемни томове) - Избор... - Избор... - Кеширане на паролите и ключ-файлов&ете в паметта - Изход когато няма монтирани томове - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - Включване на VeraCrypt Помощник за създаване на томове - Създаване - &Създаване на том - Да не се &показват никакви текстове в екрана за pre-boot автентикация (с изключение на по-долу зададеното съобщение) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Ключ-файлове - Ключ-файлове - Из&ход - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Присвояване - Премахване - Ключ-файлове... - Do not use the following number of processors for encryption/decryption: - More information - More information - Още настройки... - &Авто-монтиране - &Опции... - Монтиране като "сам&о за четене" - Ключ-файлове... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Разрешен - Кеширане на пароли в паметта - Авто-демонтиране след като няма четене/запис в продължение на - Потребителят се изключи - User session locked - Влизане в енергопестящ режим - Скрийнсейвърът се стартира - Принудително авто-демонтиране дори ако има отворени файлове или директории - Монтиране на всички VeraCrypt томове-устройства - Стартиране на VeraCrypt фонов процес - Монтиране като "само за четене" - Монтиране като "преносима медия" - Отваряне на Explorer прозорец за успешно монтиран том - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Заличаване на кешираните пароли при авто-демонтиране - Заличаване при изход - Preserve modification timestamp of file containers - Изчистване - У&стройство... - &Файл... - Избор на биб&лиотека... - Видима парола - Видима парола - Отваряне на &Explorer прозорец за монтирания том - &Кеширане на паролата в паметта на драйвера - TrueCrypt Mode - &Демонтиране - всички - &Свойства на тома... - &Инструменти за том... - &Заличаване на кеша - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - Системни клавиши - VeraCrypt - Смяна на паролата или ключ-файловете - Въведете парола за VeraCrypt тома - VeraCrypt - Performance and Driver Options - VeraCrypt - Предпочитания - VeraCrypt - Настройки на системното криптиране - VeraCrypt - Security Token Preferences - VeraCrypt - Настройка на пътен диск - Свойства на VeraCrypt тома - Относно... - Добавяне/Премахване на ключ-файлове на том... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Архивиране на заглавната част на том... - Тест на скоростта... - Задаване на алгоритъмът за деривация на ключа на заглавната част... - Смяна на паролата на том... - Задаване на алгоритъмът за деривация на ключа на заглавната част... - Смяна на паролата... - Изтриване на историята на тома - Close All Security Token Sessions - За връзка... - Създаване на Скрита Операционна Система... - Създаване на Спасителен Диск... - Създаване на нов том... - Permanently Decrypt... - Ключ-файлове по подразбиране... - Default Mount Parameters... - Donate now... - Криптиране на системен дял/устройство... - Често задавани въпроси - Ръководство на потребителя - &Начална страница - Клавиши... - Генератор на ключ-файлове - Език (Language)... - Юридически бележки - Manage Security Token Keyfiles... - Авто-монтиране на всички томове които са устройства - Монтиране на любимите томове - Монтиране без Pre-Boot &автентикация... - Монтиране на том - Монтиране на том (с опции) - Новини - Online помощ - Напътствия за начинаещи - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Декриптиране на системния дял/устройство за постоянно - Предпочитания... - Опресняване на буквите за устройства - Премахване на всички ключ-файлове от том... - Възстановяване на заглавната част на том... - Продължаване на прекъснат процес - Избор на Устройство... - Избор на Файл... - Продължаване на прекъснат процес - Системно криптиране... - Свойства... - Настройки... - System Favorite Volumes... - Изтегляния - Тест на генериране на вектори... - Security Tokens... - Настройка на пътен диск... - Демонтиране на всички монтирани томове - Демонтиране на том - Проверка на Спасителен Диск - Verify Rescue Disk ISO Image - История на версиите - Volume Expander - Свойства на тома - Помощник за създаване на томове - VeraCrypt уебстраница - Заличаване на кешираните пароли - OK - Hardware Acceleration - Клавишна комбинация - Конфигурация на АвтоСтарт (autorun.inf) - Авто-демонтиране - Демонтиране на всички когато: - Опци на Boot Loader екрана - Парола пак: - Текуща - Показване на това потребителско съобщение на екрана за pre-boot автентикация (най-много 24 знака): - Подразбиращи се опции при монтиране - Опции на системните клавиши - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Настройка на файловете - Клавиш за присвояване: - Processor (CPU) in this computer supports hardware acceleration for AES: - Действия които ще се извършат при влизане в Windows - минути - Монтиране на том като буква за устройство: - Настройки на монтирането - Нова - Парола: - Thread-Based Parallelization - Път към PKCS #11 библиотека - PKCS-5 PRF: - PKCS-5 PRF: - Кеширане на паролите - Опции на сигурността - VeraCrypt фонов процес - VeraCrypt том за монтиране (относително от началото на пътния диск): - При поставяне на пътен диск: - Създаване на файловете на пътния диск на (начало на пътния диск): - Том - Windows - &Директория... - &Авто-тест - всички - &Продължаване - &Декриптиране - &Изтриване - &Криптиране - &Експорт... - Генериране и запазване на ключ-файл... - &Случаен ключ-файл... - Изтегляне на езиков пакет - Hardware-accelerated AES: - &Import Keyfile to Token... - Добавяне на &файлове... - &Ключ-файлове - &Ключ-файлове... - &Премахване - Премахване &вс. - Какво е защита на скрит том? - Повече информация за ключ-файлове - Монтиране като "преносима &медия" - Монтиране на системен дял без pre-boot &автентикация - Parallelization: - Тест - &Печат - За&щита срещу повреди причинени от запис във външния том - &Рестартиране - &Видима парола - Add &Token Files... - Използване на архивно копие на заглавна част вградено в &том ако е възможно - XTS режим - За VeraCrypt - VeraCrypt - Тест на скоростта - VeraCrypt - Тест на генериране на вектори - Помощ за командния ред - VeraCrypt - Ключ-файлове - VeraCrypt - Генератор на ключ-файлове - VeraCrypt - Език - VeraCrypt - Опции при монтиране - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Избор на дял или устройство - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Активен езиков пакет - Скоростта се влияе от натоварването на процесора и от някои характеристики на устройството за съхранение.\n\nТези тестове заемат място в оперативната памет. - Буфер: - Шифър: - П&арола за скрития том:\n(ако не, използва се кеша) - Защита на скрит том - Размер: - ВАЖНО: Движете мишкта в този прозорец колкото се може по-случайно. Колкото по-дълго я движите, толкова по-добре. Това значително повишава криптографската сила на ключ-файла. - ВНИМАНИЕ: Ако изгубите ключ-файл или ако първите му 1024 KB са повредени, няма да е възможно да се монтират томове, които го използват! - битов - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Превод: - Размер: - битов - Съдържание на текущия запас - PRF миксиране: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Вторичен ключ (шестнадесетичен) - Security token: - Сортиране: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Номер на блок: - Шифрован текст (шестнадесетичен) - Номер на единица данни (64-битов 16ичен, размера на единица данни е 512 байта) - Ключ (шестнадесетичен) - Чист текст (шестнадесетичен) - Име на ключ-файл: - XTS режим - С&истема - &Томове - Favor&ites - &Инструменти - &Настройки - &Помощ - Уе&бстраница - - &Относно... - Атрибута "само за четене" на вашия стар том не може да бъде променен. Моля, проверете правата за достъп на файла. - Грешка: Достъп отказан.\n\nДялът, който опитвате да достъпите или има размер 0 сектора, или е boot устройство. - Administrator - За да се зареди VeraCrypt драйвера, трябва да сте влезли с акаунт, който има администраторски права. - Моля, обърнете внимание на това, че за да криптирате/форматирате дял/устройство, трябва да сте влезли с акаунт, който има администраторски права.\n\nТова не се отнася за томове които се намират във файл-контейнери. - За да създадете скрит том трябва да сте влезли с акаунт, който има администраторски права.\n\nЩе продължите ли? - Моля, обърнете внимание на това, че за да форматирате том като NTFS, трябва да сте влезли с акаунт, който има администраторски права.\n\nБез администраторски права можете да форматирате тома като FAT. - Шифър одобрен от FIPS (Rijndael, публикуван през 1998) който може да се използва от правителствените организации и служби на САЩ за защита на класифицирана информация до ниво Строго Секретно. 256-битов ключ, 128-битов блок, 14 кръга (AES-256). Режимът на работа е XTS. - Томът вече е монтиран. - ВНИМАНИЕ: Поне един криптиращ или хеш алгоритъм не е успял да премине вградените автоматични тестове!\n\nИнсталацията на VeraCrypt може да е повредена. - ВНИМАНИЕ: Няма достатъчно данни в запаса на Генератора на Случайни Числа за да се предостави изискваното количество случайни данни.\n\nНе трябва да продължавате нататък. Моля, изберете 'Докладване за бъг' от менюто Помощ, и докладвайте за тази грешка. - Устройството е повредено (има физически дефект) или кабелът е повреден или паметта не функционира правилно.\n\nИмайте предвид, че проблемът е във вашия хардуер, не в VeraCrypt. Така че, моля, НЕ докладвайте това като дефект/проблем в VeraCrypt и НЕ търсете помош за това във форумите на VeraCrypt. Моля, обърнете се към сервиза на вашия компютърен доставчик. Благодаря.\n\nЗабележка: Ако грешката постоянно се появява на същото място, най-вероятно е причинена от лош блок на диска, който може да се поправи с помощта на специализиран софтуер от трето лице (имайте предвид че, в много случаи, командата 'chkdsk /r' не може да го поправи, тъй като работи само на ниво файлова система; в някои случаи, инструмента 'chkdsk' дори не може да го открие). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Вашата система изглежда използва специфични драйвери за дънната платка в които има проблем възпрепятстващ криптирането на цялото системно устройство.\n\nМоля, опитайте да обновите или да деинсталирате специфичните (не Microsoft) драйвери за дънната платка преди да продължите. АКо това не помага, опитайте да криптирате само системния дял. - Невалидна буква за устройство. - Невалиден път. - Отказ - Няма достъп до устройството. Проверете дали избраното устройство съществува и дали не се използва от системата. - Внимание: Caps Lock е включен. Това може да причини невярно въвеждане на паролата. - Тип на том - Може да се случи така, че да бъдете принудени от някого да издадете паролата за криптиран том. Има много ситуации в които не можете да откажете да издадете паролата (например чрез насилие). Използването на така наречният скрит том ви позволява да се измъкнете от такава ситуация без да издавате паролата. - Изберете тази опция, ако искате да създадете нормален VeraCrypt том. - Забележете, че ако желаете операционна система да бъде инсталирана в скрит том на устройство, тогава цялото системно устройство не може да бъде криптирано само с един ключ. - Опции за криптиране на външен том - Опции за криптиране на скрит том - Опции за криптиране - ВНИМАНИЕ: Неуспешен опит за изчистване на пътят до последно избрания том/ключ-файл (запомнен от селектора на файлове)! - Грешка: Томът е компресиран на ниво файлова система. VeraCrypt не поддържа компресирани контейнери (обърнете внимание на това, че компресията на криптирани данни е неефективна и излишна).\n\nМоля, изключете компресията за контейнера като следвате тези стъпки: 1) Натиснете десен бутон върху контейнера в Windows Explorer (не в VeraCrypt). 2) Изберете 'Properties'. 3) В диалога 'Properties', натиснете 'Advanced'. 4) В диалога 'Advanced Attributes', изключете опцията 'Compress contents to save disk space' и натиснете 'OK'. 5) В диалога 'Properties', натиснете 'OK'. - Неуспешно създаване на том %s - Размера на %s е %.2f байта - Размера на %s е %.2f KB - Размера на %s е %.2f MB - Размера на %s е %.2f GB - Размера на %s е %.2f TB - Размера на %s е %.2f PB - ВНИМАНИЕ: Устройството в момента се използва!\n\nУстройството което ще се форматира в момента се използва от системата или от приложения. Форматирането му може да доведе до загуба на данни или нестабилност на системата.\n\nДа продължи ли форматирането? - Внимание: Този дял се използва от операционната система или от някое приложение. Трябва да затворите всички приложения които биха могли да използват дяла (включително и антивирусни програми).\n\nЖелаете ли да продължите? - Грешка: Устройството/дяла съдържа файлова система която не може да бъде демонтирана. Файловата система може да се използва от операционната система. Форматирането на устройството/дяла е мнго вероятно да причини повреда на данните и нестабилност на системата.\n\nЗа да разрешите този проблем, препоръчваме първо да изтриете дяла и след това да го създадете на ново без форматиране. За да направите това, следвайте тези стъпки: 1) Натиснете десен бутон върху иконата на 'Computer' (или 'My Computer') в 'Start Menu' и изберете 'Manage'. Трябва да се появи прозореца 'Computer Management'. 2) В прозореца 'Computer Management', изберете 'Storage' > 'Disk Management'. 3) Натиснете десен бутон върху дяла, който желаете да криптирате и изберете или 'Delete Partition', или 'Delete Volume', или 'Delete Logical Drive'. 4) Натиснете 'Yes'. Ако Windows пожелае да рестартирате компютъра, направете го. Тогава повторете стъпки 1 и 2 и продължете от стъпка 5. 5) Натиснете десен бутон върху зоната с неалокирано/свободно място и изберете или 'New Partition', или 'New Simple Volume', или 'New Logical Drive'. 6) Сега би трябвало да се появи прозорец 'New Partition Wizard' или 'New Simple Volume Wizard'; следвайте неговите инструкции. На страницата на помощника озоглавена 'Format Partition', изберете или 'Do not format this partition' или 'Do not format this volume'. В същия помощник, натиснете 'Next' и след това 'Finish'. 7) Имайте предвид, че пътят до устройството, който сте били избрали в VeraCrypt сега може да е грешен. За това, излезте от VeraCrypt помощника за създаване на томове (ако все още е стартиран) и след това го стартирайте отново. 8) Опитайте да криптирате устройството/дяла отново.\n\nАко VeraCrypt продължава да не успява да криптира устройството/дяла, можете да помислите за създаване на контейнер-файл вместо това. - Грешка: Файловата система не може да бъде заключена и/или демонтирана. Може би се използва от операционната система или от някое приложение (например антивирусна програма). Криптирането на дяла може да причини повреда на данните и нестабилност на системата.\n\nМоля, затворете всички приложения, които биха могли да използват файловата система (включително антивирусни програми) и опитайте отново. Ако това не помогне, моля, следвайте следните съпки. - ВНИМАНИЕ: Някои от монтираните дялове/устройства вече се използваха!\n\nПренебрегването на това може да доведе до нежелани последствия, включително нестабилност на системата.\n\nСилно препоръчваме да затворите всички приложения, които биха могли да използват устройствата/дяловете. - Избраното устройство съдържа дялове.\n\nФорматирането на устройството може да доведе до нестабилност на системата и/или повреда на данн. Моля, или изберете дял от устройството, или премахнете всички дялове от устройството за да позволите на VeraCrypt да го форматира безопасно. - Избраното несистемно устройство съдържа дялове.\n\nКриптирани VeraCrypt томове-устройства могат да бъдат създадени в устройства които не съдържат никакви дялове (включително хард дискове и solid-state устройства). Устройство, което съдържа дялове може да бъде цялостно криптирано на място (използвайки само един главен ключ) само ако това е устройството, където е инсталиран Windows и откъдето се зарежда.\n\nАко искате да криптирате избраното несистемно устройство използвайки само един главен ключ, най-напред ще трябва да премахнете всички дялове от устройството за да позволите на VeraCrypt да го форматира безопасно (форматирането на устройство, което съдържа дялове може да причини нестабилност на системата и/или повреда на данните). Алтернативата е да криптирате всеки дял на устройството по отделно (всеки дял ще бъде криптиран с различен главен ключ).\n\nЗабележка: Ако искате да премахнете всички дялове от GPT диск, може би ще трябва да го конвертирате в MBR диск (с помощта на Computer Management инструмента например) за да премахнете скрити дялове. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - Криптиране на място на несистемни томове не се поддържа от версията на операционната система, която използвате в момента (поддържа се само от Windows Vista и по-късни версии на Windows).\n\nПричината е, че Windows не поддържа смаляване на други типове файлови системи (файловата система трябва да бъде смалена за да се освободи място за заглавната част на тома и заглавната част за бекъп). - Избраното устройство изглежда не съдържа NTFS файлова система. Само устройства, които съдържат NTFS файлова система могат да бъдат криптирани на място.\n\nЗабележка: Причината е, че Windows не поддържа смаляване на други типове файлови системи (файловата система трябва да бъде смалена за да се освободи място за заглавната част на тома и заглавната част за бекъп). - Избраният дял изглежда не съдържа NTFS файлова система. Само дялове, които съдържат NTFS файлова система могат да бъдат криптирани на място.\n\nАко искате да създадете криптиран VeraCrypt том в този дял, изберете опцията "Създаване и форматиране на криптиран том" (вместо опцията "Криптиране на дял на място"). - Грешка: Дялът е твърде малък. VeraCrypt не може да го криптира на място. - За да криптирате данните на този дял, моля, следвайте тези стъпки:\n\n1) Създайте VeraCrypt том на празен дял/устройство и след това го монтирайте.\n\n2) Копирайте всички файлове от дяла (който първоначално сте възнамерявали да криптирате) на монтирания VeraCrypt том (който беше създаден и монтиран в стъпка 1). По този начин ще създадете VeraCrypt криптирано бекъп копие на данните.\n\n3) Създайте VeraCrypt том на дяла, който първоначално сте възнамерявали да криптирате и се уверете, че (в VeraCrypt помощника) сте избрали опцията "Създаване и форматиране на криптиран том" (а не опцията "Криптиране на дял на място"). Имайте предвид, че всички данни съхранявани на дяла ще бъдат изтрити. Монтирайте тома след като бъде създаден.\n\n4) Копирайте всички файлове от монтирания VeraCrypt бекъп том (който беше създаден и монтиран в стъпка 1) на монтирания VeraCrypt том, който беше създаден (и монтиран) в стъпка 3.\n\nСлед като изпълните тези стъпки, данните ще бъдат криптирани и в допълнение на това ще разполагате с криптирано бекъп копие на данните. - VeraCrypt може да криптира на място само дял, динамичен том, или цяло системно устройство.\n\nАко желаете да съдадете криптиран VeraCrypt том в избраното несистемно устройство, изберете опцията "Създаване и форматиране на криптиран том" (а не опцията "Криптиране на дял на място"). - Грешка: VeraCrypt може да криптира на място само дял, динамичен том, или цяло системно устройство. Моля, уверете се, че зададеният път е валиден. - Грешка: Файловата система не може да бъде смалена (файловата система трябва да бъде смалена за да се освободи място за заглавната част на тома и заглавната част за бекъп).\n\nВъзможни причини и решения:\n\n- Няма достатъчно свободно място на тома. Моля, уверете се, че други приложения не записват по файловата система.\n\n- Повредена файлова система. Опитайте да я проверите и да поправите евентуални грешки (натиснете с десния бутон върху буквата на съответното устройство в списъка 'Computer', след това изберете Properties > Tools > 'Check Now', уверете се, че опцията 'Automatically fix file system errors' е избрана и натиснете Start).\n\nАко по-горните стъпки не помагат, моля, следвайте по-долните стъпки. - Грешка: Няма достатъчно свободно място на тома и поради това файловата система не може да бъде смалена (файловата система трябва да бъде смалена за да се освободи място за заглавната част на тома и заглавната част за бекъп).\n\nМоля, изтрийте всички ненужни файлове и изпразнете кошчето за да се освободят поне 256 KB и опитайте отново. Имайте предвид, че поради проблем в Windows, количеството свободно място според Windows Explorer може да е невярно докато операционната система не се рестартира. Ако рестартиране на системата не помага, файловата система може да е повредена. Опитайте да я проверите и да поправите евентуални грешки (натиснете с десния бутон върху буквата на съответното устройство в списъка 'Computer', след това изберете Properties > Tools > 'Check Now', уверете се, че опцията 'Automatically fix file system errors' е избрана и натиснете Start).\n\nАко по-горните стъпки не помагат, моля, следвайте по-долните стъпки. - Свободното място на устройство %s е %.2f байта. - Свободното място на устройство %s е %.2f KB - Свободното място на устройство %s е %.2f MB - Свободното място на устройство %s е %.2f GB - Свободното място на устройство %s е %.2f TB - Свободното място на устройство %s е %.2f PB - Няма налични букви за устройства. - Грешка: VeraCrypt драйвера не е намерен!\n\nМоля копирайте файловете 'veracrypt.sys' и 'veracrypt-x64.sys' в директорията, където се намира главното VeraCrypt приложение (VeraCrypt.exe). - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Грешка: Неуспешна инициализация на шифъра. - Грешка: Открит е слаб или потенциално слаб ключ. Ключът ще бъде отхвърлен. Моля, опитайте отново. - Възникна критична грешка и VeraCrypt трябва да бъде спрян. Ако това е причинено от проблем в VeraCrypt, ние бихме желали да го поправим. За да ни помогнете, можете да ни изпратите автоматично генериран репорт за грешки съдържащ следните данни:\n\n- Версия на програмата\n- Версия на операционната система\n- Тип на процесора (CPU)\n- Име на VeraCrypt компонента\n- Контролна сума на VeraCrypt изпълнимия файл\n- Символно име на диалоговия прозорец\n- Категория на грешката\n- Адрес на грешката\n- VeraCrypt стек с извиквания\n\nАко изберете 'Да', следният адрес (който съдържа цялият репорт за грешка) ще бъде отворен във вашия Internet браузър (имайте предвид, че понякога това може да отнеме до 30 секунди).\n\n%hs\n\nЖелаете ли да изпратите по-горния репорт за грешка? - Възникна критична грешка във вашата система и VeraCrypt трябва да бъде спрян.\n\nИмайте предвид, че тази грешка не е причинена от VeraCrypt (така, че VeraCrypt разработчиците не могат да я поправят). Моля, проверете вашата система за възможни проблеми (например конфигурация на системата, мрежови връзки, проблемни хардуерни компоненти). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt Критична грешка - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Криптиране - &Декриптиране - &Декриптиране за постоянно - Изход - Моля създайте логическо устройство за този разширен дял и опитайте пак. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Криптирани VeraCrypt томове разполагащи се на устройство могат да бъдат създавани в дялове на твърди дискове, solid-state устройства, USB флаш памети, и на всякакви други поддържани устройства за съхранение. Дяловете също така могат да бъдат криптирани на място.\n\nВ допълнение на това, криптирани VeraCrypt томове разполагащи се на устройство могат да бъдат създавани в устройства devices, които не съдържат дялове (включително твърди дискове и solid-state устройства).\n\nЗабележка: Устройство което съдържа дялове може да бъде изцяло криптирано на място (като се използва единствен ключ) само ако то е устройството, където е инсталиран и от където се зарежда Windows . - VeraCrypt том разполагащ се на устройство може да бъде създаден в дял на твърд диск, solid-state устройство, USB флаш памет, и други устройства за съхранение.\n\nВНИМАНИЕ: Имайте предвид, че дяла/устройството ще бъде форматиран и всички данни записани на него ще бъдат изгубени. - \nИзберете местоположението, където да бъде създаден външния том (скритият том ще бъде създаден в този том по-късно).\n\nВъншни томове могат да бъдат създавани в дялове на твърди дискове, solid-state устройства, USB флаш памети, и на всякакви други поддържани устройства за съхранение. Външни томове могат да бъдат създавани също така в устройства, които не съдържат дялове (включително твърди дискове и solid-state устройства).\n\nВНИМАНИЕ: Имайте предвид, че дяла/устройството ще бъде форматиран и всички данни записани на него ще бъдат изгубени. - \nИзберете местоположението на VeraCrypt тома в, който искате да създадете скрит том. - ВНИМАНИЕ: Файлът/устройството вече се използва!\n\nПренебрегването на това може да доведе до нежелани последсвия включително нестабилност на системата. Всички приложения които биха могли да използват Файла/устройството (например, антивирусен или back-up софтуер) трябва да се затворят преди монтиране на тома.\n\nДа продължи ли монтирането? - Грешка: Томът не може да се монтира. Файлът/устройството се използва. Опитът за монтиране без ексклузивни права също е неуспешен. - Файлът не може да бъде отворен. - Местоположение на том - Големи файлове - Имате ли намерение да съхранявате файлове по-големи от 4 GB на този VeraCrypt том? - В зависимост от по-горния избор, VeraCrypt ще избере подходяща файлова система по подразбиране за VeraCrypt тома (на следващата стъпка ще можете да изберете файлова система). - Понеже създавате външен том, би трябвало да изберете 'Не'. Ако изберете 'Да', по подразбиране файловата система ще бъде NTFS, която не е толкова подходяща за външен том както FAT (например, максималният възможен размер на скрития том ще бъде значително по-голям, ако външният том е форматиран като FAT). Обикновено, по подразбиране се задава FAT и за скрития и за нормалния том (така че FAT томовете не са подозрителни). Въпреки това, ако потребителят има намерение да съхранява файлове по големи от 4 GB (което FAT файловата система не позволява), тогава FAT не се задава по подразбиране. - Сигурни ли сте, че желаете да изберете 'Да'? - Режим създаване на том - Това е най-бързият начин за създаване на VeraCrypt том разполагащ се в дял/устройство (криптиране на място, което е другата опция, е по-бавно, защото съдържанието на всеки сектор трябва първо да се прочете, да се криптира и след това да се запише). Данните съхранени на избрания дял/устройство ще бъдат изгубени (данните НЯМА да бъдат криптирани; те ще бъдат препокрити със случайни данни). Ако искате да криптирате данни съществуващи върху дял, изберете другата опция. - Целият ибран дял и всички данни съхранени в него ще бъдат криптирани на място. Ако дяла е празен, би трябвало да изберете другата опция (томът ще бъде създаден много по-бързо). - Забележка: - П&родължаване - &Отлагане - &Старт - &Продължаване - &Формат - &Заличаване - Прекратяване на форматирането? - Показване на повече информация - Това да не се показва отново - Съдържанието на дяла/устройството беше изтрито успешно. - Съдържанието на дяла, където оригиналната система (от която е клонирана скритата система) е разположена беше изтрит успешно. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - Системният дял/устройство е декриптиран успешно. - \n\nVeraCrypt томът е създаден и е готов за употреба. За да създадете друг VeraCrypt том, натиснете Напред. В противен случай, натиснете Изход. - \n\nСкритият VeraCrypt том е създаден успешно (скритата операционна система ще се намира в този скрит том).\n\nНатиснете Напред за да продължите. - Тома е напълно криптиран - Volume Fully Decrypted - ВАЖНО: ЗА ДА МОНТИРАТЕ ТОЗИ НОВОСЪЗДАДЕН VERACRYPT ТОМ И ДА ДОСТЪПВАТЕ ДАННИТЕ В НЕГО, НАТИСНЕТЕ 'Авто-монтиране на устройствата' В ГЛАВНИЯ ПРОЗОРЕЦ НА VERACRYPT. След като въведете правилната парола (и/или предоставите правилните ключ-файлове), томът ще бъде монтиран на буквата, която ще изберете от списъка в главния прозорец на VeraCrypt (и ще можете да достъпвате криптираните данни чрез избраната буква).\n\nМОЛЯ, ЗАПОМНЕТЕ ИЛИ СИ ЗАПИШЕТЕ ПО-ГОРНИТЕ СТЪПКИ. ТРЯБВА ДА ГИ СЛЕДВАТЕ ВИНАГИ КОГАТО ИСКАТЕ ДА МОНТИРАТЕ ТОМА И ДА ДОСТЪПИТЕ ДАННИТЕ В НЕГО. Алтернативно, в главния прозорец на VeraCrypt, натиснете 'Избор на Устройство', след това изберете този дял/устройство, и натиснете 'Монтиране'.\n\nДялът/устройството е криптиран успешно (сега съдържа напълно криптиран VeraCrypt том) и е готов за употреба. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCrypt тома е създаден успешно. - Томът е създаден - ВАЖНО: Движете мишкта в този прозорец колкото се може по-случайно. Колкото по-дълго я движите, толкова по-добре. Това значително повишава криптографската сила на ключ-файла. След това натиснете Формат за да създадете тома. - Натиснете Формат за да създадете външния том. За повече информация, моля обърнете се към документацията. - Форматиране на външен том - Форматиране на скрит том - Форматиране на том - Adobe Reader (или съвместим инструмент) е необходим за да се чете или разпечатва VeraCrypt ръководството на потребители. Adobe Reader (безплатна програма) може да бъде свалена от: www.adobe.com\n\nЖелаете ли вместо това да погледнете online документацията? - Ако изберете тази опция, помощникът първо ще ви помогне да създадете нормален VeraCrypt том и след това скрит VeraCrypt том в него. Начинаещите потребители би трябвало да изберат тази опция. - Ако изберете тази опция, ще създадете скрит VeraCrypt том във вече съществуващ нормален VeraCrypt том. Предполага се, че вече сте създали VeraCrypt том, който е подходящ да съдържа скрит том. - Режим създаване на томове - Създаден е скрит том - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - Стартирали сте скритата операционна система. Както може да сте забелязали, скритата операционна система изглежда, че е инсталирана на същия дял, където е и оригиналната операционна система. В действителност тя е инсталирана в дяла след него (в скрития том). Всички операции за четене и запис незабележимо се пренасочват от оригиналния системен дял към скрития том.\n\nНито операционната система, нито приложенията ще знаят, че данните четени от и записвани на системния дял всъщност се записват на и четат от дяла след него (скрития том). Всички такива данни се криптират и декриптират на момента, както обикновено (с криптиращ ключ различен от този използван за заблуждаващата операционна система).\n\n\nМоля натиснете Напред за да продължите. - Външният том е създаден и монтиран като буква %hc:. На този том сега ще трябва да копирате някакви важно изглеждащи файлове, които всъщност НЕ иската да криете. Те ще бъдат там за заблуда на всеки, който ви принуждава да издадете паролата за първия дял след системния дял, където ще се намират и външния том и скрития том (съдържащ скритата операционна система). Вие ще можете да разкриете паролата за този външен том, и съществуването на скрития том (и на скритата операционна система) ще останат тайни.\n\nВАЖНО: Файловете, които копирате върху външния том не трябва да заемат повече от %s. В противен случай на външния том може да няма достатъчно свободно място за скрития том (и няма да можете да продължите). След като приключите с копирането, натиснете Напред (не демонтирайте тома). - Външен том е успешно създаден и монтиран като устройство %hc:. На този том би трябвало да копирате някакви файлове, които изглеждат като поверителни и всъщност НЕ искате да ги скриете. Тези файлове ще бъдат там за заблуда на някой, който ви принуждава да си издадете паролата. Вие ще издадете паролата само за този външен том, но не и за скрития. Файловете, за които наистина ви е грижа, ще бъдат съхранени в скрития том, който ще бъде създаден малко по-късно. Когато приключите с копирането, натиснете Напред. Не демонтирайте тома.\n\nЗабележка: След като натиснете Напред, картата с клъстерите на външния том ще бъде сканирана за да се определи размера на некриптираната зона на свободното пространство, чийто край е напаснат с края на тома. Тази зона ще се приспособи към скрития том, така, че ще ограничи максималният му възможен размер. Сканирането на картата на клъстерите осигурява това, че данни от външния том няма да бъдат препокрити от скрития том. - Съдържание на външния том - \n\nВ следващите стъпки ще настроите опциите за външния том (в който скритият том ще бъде създаден малко по-късно). - \n\nВ следващите стъпки, ще създадете така нареченият външен VeraCrypt том в първия дял след системния дял (както беше обяснено в една от предишните стъпки). - Външен том - По време на следните стъпки ще зададете настройките и паролата за скрития том,който ще съдържа скритата операционна система.\n\nПояснение: Картата на клъстерите на външния том е сканирана за да се определи размера на непрекъснатата област от свободно пространство, чийто край съвпада с края на външния том. Тази област ще побере скрития том, така че тя ограничава максималния му възможен размер. Максималният възможен размер на скрития том е определен и потвърдено, че е по-голям от размера на системния дял (което се изисква, защото цялото съдържание на системния дял ще трябва да бъде копирано в скрития том). Така се осигурява това, че данните, които в момента се съхраняват на външния том няма да бъдат препокрити от данни записани в областта на скрития том. - ВАЖНО: Моля, запомнете алгоритмите, които сте избрали в тази стъпка. Ще трябва да изберете същите алгоритми за системата за заблуда. В противен случай, скритата система ще бъде недостъпна! (Системата за заблуда трябва да бъде криптирана със същият криптиращ алгоритъм, както и скритата система.)\n\nЗабележка: Причината е това, че системата за заблуда и скритата система ще споделят една и съща програма за зареждане (boot loader), която поддържа само един алгоритъм, избран от потребителя, има специална верси на VeraCrypt Boot Loader). - \n\nКартата на клъстерите е сканирана и максималния възможен размер на скрития том е определен. В следващите стъпки ще настроите опциите, размера, и паролата за скрития том. - Скрит том - Скритият том сега е защитен от повреда докато външният том не е демонтиран.\n\nВНИМАНИЕ: При опит за запис на някакви данни върху скрития том, VeraCrypt ще започне да защитава от запис целия том (и външната и скритата част) докато не бъде демонтиран. Това може да доведе до грешки във файловата система на външния том, което (ако се повтори) може да засегне правдоподобната отказваемост на скрития том. За това, трябва да положите всички усилия да не записвате върху зоната на скрития том. Всички данни записвани върху зоната на скрития том няма да бъдат записани и ще бъдат изгубени. Windows може да докладва за това като грешка при запис ("Delayed Write Failed" или "The parameter is incorrect"). - Всеки от скритите томове в току що монтираните томове е защитен от повреда докато не е демонтиран.\n\nВНИМАНИЕ: При опит за запис на някакви данни върху някой от скритите томове, VeraCrypt ще започне да защитава от запис целия том (и външната и скритата част) докато не бъде демонтиран. За това, трябва да положите всички усилия да не записвате върху зоната на скрития том. Всички данни записвани върху зоната на скрития том няма да бъдат записани и ще бъдат изгубени. Windows може да докладва за това като грешка при запис ("Delayed Write Failed" или "The parameter is incorrect"). - ВНИМАНИЕ: Има опит за запис на данни в скрития том в тома монтиран като %c:! VeraCrypt предотврати запис на тези данни за да защити скрития том. Това може да е довело до грешки във файловата система на външния том и Windows може да го е докладвал като грешка при запис ("Delayed Write Failed" или "The parameter is incorrect"). Целият том (и външната и скритата част) ще бъдат защитени от запис докато не бъдат демонтирани. Ако това не е първият път когато VeraCrypt предотвратява запис на данни върху скрития том на този том, правдоподобната отказваемост на този скрит том може да е засегната (поради вероятна необичайна корелативна неконсистентност във файловата система на външния том). За това, трябва да помислите за създаване на нов VeraCrypt том (като опцията за бързо форматиране е изключена) и да преместите файловете от този том в новия том; този том би трябвало да бъде невъзстановимо изтрит (и външната и скритата част). Силно препоръчваме да рестартирате операционната система сега. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - Поради съображения за сигурност, когато е стартирана скрита операционна система, локални некриптирани файлови системи и нескрити VeraCrypt томове се монтират 'само за четене' (не могат да се записват данни върху такива файлови системи или VeraCrypt томове).\n\nДАнни могат да се записват върху всяка файлова система, която се намира в скрит VeraCrypt том (в случай, че скритият том не се намира в контейнер съхраняван върху некриптирана файлова система или на файлова система 'само за четене'). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Забележка: Ако искате да осъществите подсигурен трансфер на файлове от заблуждаващата система на скритата система, следвайте тези стъпки:\n1) Стартирайте заблуждаващата система.\n2) Запишете файловете върху некриптиран том или върху външен/нормален VeraCrypt том.\n3) Стартирайте скритата система.\n4) Ако сте записали файловете върху VeraCrypt том, монтирайте го (автоматично ще бъде монтиран 'само за четене').\n5) Копирайте файловете върху скрития системен дял или върху друг скрит том. - Вашият компютър трябва да бъде рестартиран.\n\nЖелаете ли да го рестартирате сега? - Грешка при опит за получаване на статуса на системното криптиране. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Компонентите за систено криптиране не могат да бъдат инициализирани . - Неуспешно инициализиране на генератора за случайни числа! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Инициализацията на приложението е невъзможна. Деуспешно регистриране на Dialog класа. - Грешка: Не може да се зареди Rich Edit системната библиотека. - VeraCrypt помощник за създаване на томове - Максималния възможен размер на скрития том за този том е %.2f байта. - Максималния възможен размер на скрития том за този том е %.2f KB. - Максималния възможен размер на скрития том за този том е %.2f MB. - Максималния възможен размер на скрития том за този том е %.2f GB. - Максималния възможен размер на скрития том за този том е %.2f TB. - Паролата/ключ-файловете на тома не могат да бъдат сменяни докато тома е монтиран. Моля, най-напред демонтирайте тома. - Алгоритъмът за деривация на ключа на заглавната част не може да бъде сменян докато тома е монтиран. Моля, най-напред демонтирайте тома. - &Монтиране - По-нова версия на VeraCrypt е необходима за да се монтира този том. - Грешка: Помощника за създаване на томове не е намерен.\n\nМоля, убедете се, че файла 'VeraCrypt Format.exe' е в директорията от която се стартира 'VeraCrypt.exe'. Ако не е, моля, преинсталирайте VeraCrypt, или намерете 'VeraCrypt Format.exe' на вашия диск и го стартирайте. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Напред > - &Край - &Инсталация - И&звличане - Връзката с VeraCrypt драйвера е невъзможна. VeraCrypt не може да работи, ако драйвера не е стартиран. - Грешка при зареждането/подготовката на шрифтове. - Зададената от вас буква за устройство не е намерена или не е задедан буква за устройство. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Буквата за устройство не е достъпна. - Няма избран файл! - Няма налична буква за устройство. - Няма налична буква за външния том! Създаването на том не може да продължи. - Не може да се определи версията на операционната ви система или използвате операционна система която не се поддържа. - Няма избран път! - Няма достатъчно свободно място за скрития том! Създаването на том не може да продължи. - Грешка: Файловете, които копирахте на външния том заемат твърде много място. Поради това на външния том няма достатъчно свободно място за скрития том.\n\nЗабележете, че скритият том трябва да бъде голям колкото системния дял (дяла където е инсталирана текущо стартираната операционна система). Причината е, че скритата операционна система трябва да бъде създадена чрез копиране на съдържанието от системния дял върху скрития том.\n\n\nПроцесът на създаване на скритата операционна система не може да продължи. - Драйвера не може да демонтира тома. Някои файлове разположени върху тома най-вероятно са все още отворени. - Не е възможно да се заключи тома. Все още на тома има отворени файлове. За това тома не може да бъде демонтиран. - VeraCrypt не може да заключи тома, тъй като се използва от системата или от някое приложение (може да има отворени файлове на тома).\n\nЖелаете ли да демонтирате тома принудително? - Изберете VeraCrypt том - Задайте път и файлово име - Избор на PKCS #11 библиотека - Няма достатъчно памет - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - ВНИМАНИЕ: Файлът '%s' вече съществува!\n\nВАЖНО: VERACRYPT НЯМА ДА КРИПТИРА ФАЙЛА, НО ЩЕ ГО ИЗТРИЕ. Сигурни ли сте, че желаете да изтриете файла и да го заместите с нов VeraCrypt контейнер? - ВНИМАНИЕ: ВСИЧКИ ФАЙЛОВЕ, КОИТО СЕ СЪДЪРЖАТ НА %s '%s'%s ЩЕ БЪДАТ ИЗТРИТИ И ИЗГУБЕНИ (НЯМА ДА БЪДАТ КРИПТИРАНИ)!\n\nСигурни ли сте че желаете да продължите с форматирането? - ВНИМАНИЕ: Няма да можете да монтирате тома или да достъпите файлове съхранени в него докато не е изцяло криптиран.\n\nСигурни ли сте, че желаете да стартирате криптирането на %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - ВНИМАНИЕ: Забележете, че ако захранването прекъсне внезапно докато се криптират на място съществуващите данни, или ако операционната система забие поради софтуерна грешка или хардуерна неизправност, докато VeraCrypt криптира на място съществуващи данни, части от данните ще бъдат повредени или изгубени. За това, преди да започнете криптиране, моля, уверете се, че имате бекъп копие на файловете, които желаете да криптирате.\n\nИмате ли такова бекъп копие? - ВНИМАНИЕ: ВСЯКАКВИ ФАЙЛОВЕ СЪХРАНЯВАНИ В МОМЕНТА НА ДЯЛ '%s'%s (Т.Е. НА ПЪРВИЯ ДЯЛ СЛЕД СИСТЕМНИЯ ДЯЛ) ЩЕ БЪДАТ ИЗТРИТИ И ИЗГУБЕНИ (НЯМА ДА БЪДАТ КРИПТИРАНИ)!\n\nСигурни ли сте, че желаете да продължите с форматирането? - ВНИМАНИЕ: ИЗБРАНИЯТ ДЯЛ СЪДЪРЖА ГОЛЯМ ОБЕМ ДАННИ! Всякакви файлове съхранени на дяла ще бъдат изтрити и изгубени (няма да бъдат криптирани)! - Изтриване на всякакви файлове съхранени на дяла чрез създаване на VeraCrypt том в него - Парола - PIM - Задаване на алгоритъмът за деривация на ключа на заглавната част - Добавяне/Премахване на ключ-файлове на том - Премахване на всички ключ-файлове от том - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - ВАЖНО: Ако не сте унищожили вашия VeraCrypt Спасителен Диск, вашият системен дял/устойство все още може да бъде декриптиран с помощта на старата парола (като стартирате от VeraCrypt Спасителния Диск и въведете старата парола). Би трябвало да създадете нов VeraCrypt Спасителен Диск и след това да унищожите стария.\n\nЖелаете ли да създадете нов VeraCrypt Спасителен Диск? - Обърнете внимание на това, че вашият VeraCrypt Спасителен Диск все още използва предишният алгоритъм. Ако смятате, че предишният алгоритъм е несигурен, би трябвало да създадете нов VeraCrypt Спасителен Диск и след това да унищожите стария.\n\nЖелаете ли да създадете нов VeraCrypt Спасителен Диск? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Ключ-файла(овете) е добавен/премахнат успешно. - Ключ-файла е експортиран. - Алгоритъмът за деривация на ключа на заглавната част е зададен успешно. - Моля, въведете паролата и/или ключ-файла(овете) за несистемния том, за който желаете да продължите процеса на криптиране на място.\n\n\nЗабележка: След като натиснете Напред, VeraCrypt ще опита ад намери всички несистемни томове, за които има прекъснат процес на криптиране и където VeraCrypt заглавната част на тома може да бъде декриптирана с помощта на зададените парола и/или ключ-файл(ове). Ако са открити повече от един такъв том, ще трябва да изберете един от тях на следващата стъпка. - Моля, изберете един от изброените томове. Списъкът съдържа всички достъпни несистемни томове, за които има прекъснат процес на криптиране и чиито заглавни части могат да бъдат декриптирани с помощта на зададените парола и/или ключ-файл(ове). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - Много е важно да изберете добра парола. Трябва да избягвате пароли, които се състоят от една единствена дума, която може да бъде намерена в речник (или комбинация от 2, 3, или 4 такива думи). Не трябва да съдържа имена или дати на раждане. Не трябва да бъде лесна за познаване. Добра парола е случайна комбинация от главни и малки букви, цифри, и специални символи като @ ^ = $ * + и т.н. Препоръчваме избор на парола състояща се от повече от 20 знака (колкото по-дълга, толкова по-добре). Максималната възможна дължина е 64 знака. - Моля, изберете парола за скрития том. - Моля, изберете парола за скритата операционна система (т.е. за скрития том). - ВАЖНО: Паролата, която избирате за скритата операционна система в тази стъпка трябва да бъде значително по-различна от другите две пароли (т.е. от паролата за външния том и от паролата за заблуждаващата операционна система). - Моля, въведете паролата за тома, в който желаете да създадете скрит том.\n\nСлед като натиснете Напред, VeraCrypt ще се опита да монтира тома. Когато тома бъде монтиран, неговата карта на клъстерите ще бъде сканирана за да се определи размера на непрекъснатата зона от свободно пространство (ако има такава), чийто край е напаснат с края на тома. Тази зона ще се приспособи към скрития том, така, че ще ограничи максималният му възможен размер. Сканирането на картата на клъстерите осигурява това, че данни от външния том няма да бъдат препокрити от скрития том. - \nМоля, изберете парола за външния том. Това ще бъде паролата, която ще можете да разкриете на неприятел ако сте накарани или принудени да го направите.\n\nВАЖНО: Паролата трябва да бъде значително по-различна от паролата, която ще изберете за скрития том.\n\nЗабележка: Максималната възможна дължина за парола е 64 знака. - Моля, изберете парола за външния том. Това ще бъде паролата, която ще можете да разкриете на някой който ви принуждава да издадете паролата за първия дял след системния дял, където и външния и скрития том (съдържащ скритата операционна система) ще се намират. Съществуването на скрития том (и на скритата операционна система) ще останат в тайна. Забележете, че тази парола не е за заблуждаващата операционна система.\n\nВАЖНО: Паролата трябва да е значиелно по-различна от паролата, която ще изберете за скрития том (т.е. за скритата операционна система). - Парола за външния том - Парола за скрития том - Парола за скритата Операционна Система - ВНИМАНИЕ: Късите пароли са лесни за разбиване с помощта на техники на "грубата сила" (brute force)!\n\nПрепоръчваме избор на парола състояща се от повече от 20 символа. Сигурни ли сте, че желаете да използвате къса парола? - Парола на тома - Грешна парола или това не е VeraCrypt том. - Грешен ключ-файл(ове) и/или парола или това не е VeraCrypt том. - Грешен режим на монтиране, грешна парола, или това не е VeraCrypt том. - Грешен режим на монтиране, грешен ключ-файл(ове) и/или парола, или това не е VeraCrypt том. - Грешна парола или не е намерен VeraCrypt том. - Грешен ключ-файл(ове)/парола или не е намерен VeraCrypt том. - \n\nВнимание: Caps Lock е включен. Възможно е да въведете паролата си грешно заради това. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - Ако се опитвате да защитите скрит том съдържащ скрита система, моля, уверете се, че използвате стандартната US клавишна подредба, когато въвеждате паролата за скрития том. Това се изисква въпреки факта, че паролата трябва да бъде въведена в средата преди стартиране (преди да стартира Windows), където не-US Windows клавишна подредба не е достъпна. - VeraCrypt не намира том, където има прекъснато несистемно криптиране и където заглавната част на тома може да бъде декриптирана с помощта на зададените парола и/или ключ-файл(ове).\n\nМоля, уверете се, че паролата и/или ключ-файла(овете) са правилни и че дялът/томът не се използва от системата или от приложение (включително антивирусен софтуер). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nЗабележка: Ако опитвате да монтирате дял разположен върху криптирано системно устройство без pre-boot автентикация или да монтирате криптирания системен дял на операционна система, която не е стартирана, можете да направите това като изберете 'Система' > 'Монтиране без Pre-Boot автентикация'. - В този режим не може да монтирате дял намиращ се върху устройство, чиято част е в обхвата на активното системно криптиране.\n\nПреди да можете да монтирате този дял в този режим, трябва или да стартирате операционна система инсталирана на друго устройство (криптирано или некриптирано) или да стартирате некриптирана операционна система. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Назад - Не е възможно да се направи списък с устройствата инсталирани на вашата система! - Томът '%s' съществува, и е "само за четене". Сигурни ли сте, че желаете да го замените? - Изберете целева директория - Изберете ключ-файл - Изберете път за търсене на ключ-файлове. ВНИМАНИЕ: Имайте предвид, че само пътят ще бъде запомнен, не и имената на файловете в него! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Разработен от Ross Anderson, Eli Biham, и Lars Knudsen. Публикуван през 1998. 256-битов ключ, 128-битов блок. Режима на работа е XTS. Serpent е един от финалистите на AES. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Размер на външния том - Размер на скрития том - Моля, потвърдете, че размерът на избраното устройство/дял показано по-горе е верен и натиснете Напред. - Външният том и скритият том (съдържащ скритата операционна система) ще се намират в по-горния дял. Това трябва да е първият дял след системния дял.\n\nМоля, потвърдете, че размерът на дяла и неговият номер посочени по-горе са правилни, и ако са, натиснете Напред. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Размер на тома - Динамичен - ВНИМАНИЕ: НЕУСПЕШЕН АВТО-ТЕСТ! - Авто-тестът на всички алгоритми е преминат - Размера на единицата данни, който сте задали е твърде дълъг или твърде къс. - Вторичният ключ, който сте задали е твърде дълъг или твърде къс. - Тестовият шифърен текст, който сте задали е твърде дълъг или твърде къс. - Тестовият ключ, който сте задали е твърде дълъг или твърде къс. - Тестовият чист текст, който сте задали е твърде дълъг или твърде къс. - Два шифъра в каскадно действие в XTS режим. Всеки блок първо се криптира с %s (%d-битов ключ) и след това с %s (%d-битов ключ). Всеки шифър използва свой собствен ключ. Всички ключове са взаимно независими. - Три шифъра в каскадно действие в XTS режим. Всеки блок първо се криптира с %s (%d-битов ключ), след това с %s (%d-битов ключ) и най-накрая с %s (%d-битов ключ). Всеки шифър използва свой собствен ключ. Всички ключове са взаимно независими. - Забележете, че в зависимост от конфигурацията на операционната система, опциите авто-старт и авто-монтиране може да работят само когато файловете на пътния диск са създадени на незаписваем носител подобен на CD/DVD. Също така, забележете, че това не е проблем на VeraCrypt (това е ограничение на Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt пътен диск - Разработен от Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Публикуван през 1998. 256-битов ключ, 128-битов блок. Режимът на работа е XTS. Twofish е един от финалистите на AES. - Повече информация за %s - Неизвестен - An unspecified or unknown error occurred (%d). - Някои томове съдържат файлове или директории които се използват от приложения или от системата.\n\nДа се демонтират ли принудително? - &Демонтиране - Неуспешно демонтиране! - Томът съдържа файлове или директории които се използват от приложения или от системата.\n\nДа се демонтира ли принудително? - No volume is mounted to the specified drive letter. - Тома който се опитвате да монтирате вече е монтиран. - Грешка при опит за монтиране на том. - Грешка при търсене в том. - Грешка: Неправилен размер на тома. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Динамичният контейнер е предварително разположен NTFS sparse файл, чийто физически размер (реално използвано дисково пространство) нараства с добавянето на нови данни в него.\n\nВНИМАНИЕ: Продуктивността на томове съхранявани като sparse-файлове е значително по-лоша от тази на обикновени томове. Също така, томовете съхранявани като sparse-файлове са по-малко сигурни, защото е възможно да се каже кои сектори на тома са неизползвани. При това томовете съхранявани като sparse-файлове не могат да осигурят правдоподобна отказваемост (да съдържат скрит том). Освен това, ако се запишат данни в том, който е sparse-файл, когато няма достатъчно свободно пространство във файловата система на носителя, криптираната файлова система може да се повреди.\n\nСигурни ли сте, че желаете да създадете том съхраняван като sparse-файл? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt не може да смени паролата на чужд том. - Моля изберете свободна буква от списъка. - Моля изберете монтиран том от списъка с букви на устройства. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Грешка: Не може да се създаде autorun.inf - Грешка при обработката на ключ-файл! - Грешка при обработката на пътя на ключ-файл! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt не поддържа тази операционна система. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Грешка: Не може да се задели памет. - Грешка: Не може да се получи стойност от индикатора на производителността. - Грешка: Лош формат на тома. - Грешка: Задали сте парола за скрит том (не за нормален том). - Поради съображения за сигурност, скрит том не може да бъде създаван в VeraCrypt том съдържащ файлова система, която е била криптирана на място (защото свободното място на тома не е било запълнено със случайни данни). - VeraCrypt - Законово известие - Всички файлове - VeraCrypt томове - Библиотечни модули - NTFS форматирането не може да продължи. - Тома не може да се монтира. - Тома не може да се демонтира. - Windows не успя да форматира тома като NTFS.\n\nМоля, изберете друг тип файлова система (ако е възможно) и опитайте отново. Също така, можете да оставите тома неформатиран (изберете 'None' за файлова система), излезте от този помощник, монтирайте тома, и тогава използвайте или системен инструмент или инструмент от "трета страна" за да форматирате монтирания том (тома ще остане криптиран). - Windows не успя да форматира тома като NTFS.\n\nЖелаете ли вместо това да форматирате тома като FAT? - По подразбиране - дял - ДЯЛ - Устройство - устройство - УСТРОЙСТВО - Том - том - ТОМ - Label - Избраният размер за клъстер е прекалено малък за том с такъв размер. Ще се използва по-голям размер за клъстер вместо избрания. - Грешка: Не може да се провери размера на тома!\n\nУбедете се че избраният том не се използва от системата или от някое приложение. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - VeraCrypt помощникът за създаване на томове може да създаде скрит том само във FAT или NTFS том. - Под Windows 2000, VeraCrypt помощникът за създаване на томове може да създаде скрит том само във FAT том. - Забележка: FAT файловата система е по-подходяща за външни томове отколкото NTFS файловата система (например, максималният възможен размер на скрития том много вероятно би бил значително по-голям, ако външният том е форматиран като FAT). - Забележете, че FAT файловата система е по-подходяща за външни томове отколкото NTFS файловата система. Например, максималният възможен размер на скрития том много вероятно би бил значително по-голям, ако външният том е форматиран като FAT (причината е, че NTFS файловата система винаги съхранява вътрешнни данни точно по средата на тома и затова скритият том може да се разположи във втората половина на външния том).\n\nСигурни ли сте, че желаете да форматирате външния том като NTFS? - Желаете ли вместо това да форматирате тома като FAT? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Грешка: Дялът за скритата операционна система (т.е. първият дял след системния дял) трябва да бъде поне 5% по-голям от системния дял (системият дял е този, където текущо стартираната операционна система е инсталирана). - Грешка: Дялът за скритата операционна система (т.е. първият дял след системния дял) трябва да бъде поне 110% (2.1 пъти) по-голям от системния дял (системият дял е този, където текущо стартираната операционна система е инсталирана). Причината е, че NTFS файловата система винаги съхранява вътрешни данни точно по средата на тома и за това скрития том (който ще съдържа точно копие на системния дял) може да се разположи във втората половина на дяла. - Грешка: Ако външният том се форматира като NTFS, той трябва да е поне 110% (2.1 пъти) по-голям от системния дял. Причината е, че NTFS файловата система винаги съхранява вътрешни данни точно по средата на тома и за това скрития том (който ще съдържа точно копие на системния дял) може да се разположи във втората половина на външния том.\n\nЗабележка: Външният том трябва да се разположи в същия дял където е и скритата операционна система (т.е. в първия дял след системния дял). - Грешка: Няма дял след системния дял.\n\nЗабележете, че преди да можете да създадете скрита операционна система, трябва да създадете на системното устройство дял за нея. Това трябва да е първия дял след системния дял и трябва да е поне 5% по-голям от системния дял (системият дял е този, където текущо стартираната операционна система е инсталирана). В случай, че външният том (да не се бърка със системния дял) е форматиран като, дялът за скритата операционна система трябва да бъде поне 110% (2.1 пъти) по-голям от системния дял (причината е, че NTFS файловата система винаги съхранява вътрешни данни точно по средата на тома и за това скрития том, който ще съдържа точно копие на системния дял, може да се разположи във втората половина на дяла). - Забележка: Не е практично (и затова не се поддържа) да се инсталират операционни системи в два VeraCrypt тома, които са разположени в един дял, защото използването на външната операционна система често може да изисква записване на данни в зоната на скритата операционна система (и ако такива записи са предотваратени от опцията за защита на скрития том, е много вероятно да се предизвика системен срив, т.е. 'Син екран'). - За информация как да създадете и поддържате дялове, моля, погледнете документацията на вашата операционна система или се свържете със сервиза по поддръжка към вашия компютърен доставчик. - Грешка: Текущо стартираната операционна система не е инсталирана на зареждащия (boot) дял (първият активен дял). Това не се поддържа. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Грешка: Томът не може да бъде достъпен!\n\nУбедете се, че избраният том съществува, не е монтиран или използван от системата или приложение, имате права за четене/запис за тома и, че не е защитен срещу запис. - Error: Cannot obtain volume properties. - Грешка: Не може да се достъпи тома и/или да се получи информация за тома.\n\nУверете се, че избраният том съществува, че не се използва от системата или от приложение, че имате права за четене/запис за тома, и че тома не е защитен от запис. - Грешка:Не може да се достъпи тома и/или да се получи информация за тома. Уверете се, че избраният том съществува, че не се използва от системата или от приложение, че имате права за четене/запис за тома, и че тома не е защитен от запис.\n\nАко проблемът не се реши, следните стъпки може да помогнат. - VeraCrypt не може да криптира дяла поради грешка. Моля, опитайте да разрешите всички проблеми появили се до момента и опитайте отново. Ако проблемът не се реши, следните стъпки може да помогнат. - VeraCrypt не може да продължи процеса на криптиране на дяла поради грешка.\n\nМоля, опитайте да разрешите всички проблеми появили се до момента и опитайте отново. Имайте предвид, че томът не може да бъде монтиран докато не е криптиран напълно. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Грешка: Външният том не може да бъде демонтиран!\n\nТом не може да бъде демонтиран, ако съдържа файлове или директории, които се използват от приложение или от системата.\n\nМоля, затворете всяка програма, която би могла да използва файлове или директории на тома и натиснете Опитай пак. - Грешка: Не може да се получи информация за външния том! Създаването на том не може да продължи. - Грешка: Външният том не може да бъде достъпен! Създаването на том не може да продължи. - Грешка: Външният том не може да бъде монтиран! Създаването на том не може да продължи. - Грешка: Не може да се достъпи картата с клъстерите на тома! Създаването на том не може да продължи. - По азбучен ред/По категории - Средна скорост (низходящ ред) - Алгоритъм - Криптиране - Декриптиране - Средна скорост - Буква - Размер - Алгоритъм за криптиране - Алгоритъм за криптиране - Тип - Стойност - Свойство - Местоположение - байта - Скрит - Външен - Нормален - Системен - Скрита (система) - Само за четене - Системно устройство - Системно устройство (криптиране - %.2f%% готово) - Системно устройство (декриптиране - %.2f%% готово) - Системно устройство (%.2f%% криптирано) - Системен дял - Скрит системен дял - Системен дял (криптиране - %.2f%% готов) - Системен дял (декриптиране - %.2f%% готов) - Системен дял (%.2f%% криптиран) - Да (предотвратена повреда!) - Никакъв - Размер на пъвичния ключ - Размер на вторичния ключ (XTS режим) - Размер на tweak ключа (LRW режим) - бита - Размер на блока - PKCS-5 PRF - PKCS-5 брой на повторенията - Томът е създаден на - Последна промяна на заглавната част - (преди %I64d дни) - Версия на формат на тома - Вградена заглавна част за Backup - VeraCrypt Boot Loader Version - Първа свободна буква - Преносим диск - Твърд диск - Непроменен - Autodetection - Режим - помощник - Изберете един от режимите. Ако не сте сигурни кой да изберете, използвайте режима по подразбиране. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Опции на инсталацията - Тук можете да настройвате разнообразни опции за да контролирате процеса на инсталация. - Инсталиране - Моля, изчакайте докато VeraCrypt се инсталира. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Опции на извличането - Тук можете да настройвате разнообразни опции за да контролирате процеса на извличане. - Моля, изчакайте докато файловете се извличат. - Files successfully extracted - Всички файлове са извлечени успешно в целевото местонахождение. - Ако указаната директория не съществува, ще бъде създадена автоматично. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Желаете ли да погледнете Release бележките за текущата (най-последна стабилна) версия на VeraCrypt? - Ако никога не сте използвали VeraCrypt преди, препоръчваме ви да прочетете главата Beginner's Tutorial в VeraCrypt ръководството на потребителя. Желаете ли да погледнете инструкциите? - Моля, изберете действие за изпълнение от следните: - Поправка/Преинсталация - Upgrade - Деинсталация - За да инсталирате/деинсталирате VeraCrypt успешно, трябва да имате администраторски права. Желаете ли да продължите? - Инсталатора на VeraCrypt в момента е стартиран на тази система и подготвя или извършва инсталация или обновяване на VeraCrypt. Преди да продължите, моля изчакайте го да свърши или го затворете. Ако не можете да го затворите, моля рестартирайте вашия компютър преди да продължите. - Инсталацията неуспешна. - Деинсталация неуспешна. - Този пакет за дистрибуция е повреден. Моля, опитайте да го изтеглите отново (за предпочитане от официалния уебсайт на VeraCrypt - https://veracrypt.codeplex.com). - Не може да се запише файл %s - Извличане - Не може да се чете от пакета. - Не може да се провери целостта на този пакет за дистрибуция. - Извличането неуспешно. - Инсталацията е върната назад. - VeraCrypt е инсталиран успешно. - VeraCrypt е обновен успешно. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt е деинсталиран успешно.\n\nНатиснете 'Край' за да премахнете VeraCrypt инсталатора и директорията %s. Забележете, че директорията няма да бъде премахната ако съдържа някакви файлове, които не са били инсталирани от VeraCrypt инсталатора или създаден от VeraCrypt. - Премахване на записите на VeraCrypt в регистрите - Добавяне на записи в регистрите - Премахване на данните специфични за приложението - Инсталиране - Спиране - Премахване - Добавяне на икона - Създаване на System Restore point - Неуспешно създаване на System Restore point! - Обновяване на boot зареждащата програма - Неуспешно инсталиране на '%s'. %s Желаете ли инсталацият да продължи? - Неуспешно деинсталиране на '%s'. %s Желаете ли инсталацият да продължи? - Инсталацията е изпълнена. - Директория '%s' не може да бъде създадена - VeraCrypt драйвера не може да бъде спрян.\n\nМоля, най-напред затворете всички отворени VeraCrypt процорци. Ако това не помага, моля рестартирайте Windows и опитайте отново. - Всички VeraCrypt томове трябва да бъдат демонтирани преди инсталиране или деинсталиране на VeraCrypt. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - Неуспешно инсталиране на записите в регистрите - Неуспешно инсталиране на VeraCrypt драйвера. Моля, рестартирайте Windows и след това опитайте да инсталирате VeraCrypt отново. - Стартиране на VeraCrypt драйвера - Неуспешно деинсталиране на VeraCrypt драйвера. Моля, имайте предвид, че поради Windows проблем, може да е необходимо да излезете или да рестартирате системата преди драйвера да бъде деинсталиран (или ). - Инсталиране на VeraCrypt драйвера - Спиране на VeraCrypt драйвера - Деинсталиране на VeraCrypt драйвера - Неуспешна регистрация на библиотеката за контрол на потребителския акаунт. - Неуспешна дерегистрация на библиотеката за контрол на потребителския акаунт. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Внимание: Тази инстанция на Помощника за Създаване на Томове има администраторски права.\n\nВашият нов том може да се създаде с права, които няма да ви позволят да записвате върху тома след като е монтиран. Ако искате да предотвратите това, затворете тази инстанция на Помощника за Създаване на Томове и стартирайте нова без администраторски права.\n\nЖелаете ли да затворите тази инстанция на Помощника за Създаване на Томове? - Грешка: Лицензът не може да бъде показан. - Външен(!) - дни - часове - минути - с - Отваряне - Демонтиране - Показване на VeraCrypt - Скриване на VeraCrypt - Данни прочетени след монтирането - Данни записани след монтирането - Криптирана част - 100% (напълно криптирано) - 0% (некриптирано) - %.3f%% - 100% - Изчакване - Подготвяне - Преоразмеряване - Криптиране - Декриптиране - Финализиране - Пауза - Готово - Грешка - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Въведете парола за %s - Enter password for '%s' - Въведете парола за нормалния/външния том - Въведете парола за скрития том - Въведете парола за заглавната част съхранена в бекъп файл - Ключ-файла е създаден успешно. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - ВНИМАНИЕ: Заглавната част на този том е повредена! VeraCrypt автоматично използва вграденото в тома бекъп копие на заглавната част на тома.\n\nТрябва да поправите заглавната част на тома, като изберете 'Инструменти' > 'Възстановяване на заглавната част на том'. - Архивно копие на заглавната част на тома е създадено успешно.\n\nВАЖНО: Възстановяването на заглавната част на тома с помощта на това архивно копие също ще възстанови текущата парола на тома. Освен това, ако ключ-файл(ове) е необходим за монтиране на тома, същият ключ-файл(ове) ще бъде необходим за монтиране на тома отново, когато заглавната част на тома бъде възстановена.\n\nВНИМАНИЕ: Това архивно копие на заглавна част на том може да бъде използвано за възстановяване на заглавната част САМО на този индивидуален том. Ако използвате това архивно копие на заглавна част за да възстановите заглавната част на друг том, ще можете да монтирате тома, но НЯМА да можете да декриптирате никакви данни съхранени в тома (защото ще промените неговия главен ключ). - Заглавната част на тома е възстановена успешно.\n\nВАЖНО: Моля, забележете, че старата парола също така може да е била възстановена. Освен това, ако ключ-файл(ове) е бил необходим за монтиране на тома, когато архивното копие е било създадено, същият ключ-файл(ове) сега е необходим за монтиранена тома отново. - Поради съображения за сигурност, ще трябва да въведете правилната парола (и/или да предоставите правилните ключ-файлове) за тома.\n\nЗабележка: Ако тома съдържа скрит том, най-напред ще трябва да въведете правилната парола (и/или да предоставите правилните ключ-файлове) за външния том. След това, ако изберете да направите бекъп копие на заглавната част на скрития том, ще трябва да въведете правилната парола (и/или да предоставите правилните ключ-файлове) за скрития том. - Сигурни ли сте, че желаете да напрвавите бекъп копие на заглавната част на тома %s?\n\nСлед като натиснете Да, ще бъдете попитани за име на бекъп файл за заглавната част на тома.\n\nЗабележка: Заглавните части и стандартния и на скрития том ще бъдат прекриптирани с нова сол и ще бъдат съхранени в бекъп файла. Ако в този том няма скрит том, зоната в бекъп файла запазена за заглавната част на скрития том ще бъде запълнена със случайни данни (за да се запази правдоподобната отказваемост). Когато се възстановява заглавна част на том от бекъп файл, ще трябва да въведете правилната парола (и/или да предоставите правилните ключ-файлове), които са били валидни, когато е бил създаден бекъп файла на заглавната часдт на тома. Паролата (и/или ключ-файловете) автоматично ще определят типа на заглавната част на тома, която трябва да се възстанови, т.е. стандартен или скрит (обърнете внимание на това, че VeraCrypt определя типа по метода проба и грешка). - Сигурни ли сте, че желаете да възстановите заглавната част на том %s?\n\nВНИМАНИЕ: Възстановяването на заглавна част на том също така възстановява паролата на тома, която е била валидна, когато архивното копие е било създадено. Освен това, ако ключ-файл(ове) е бил необходим за монтиране на тома, когато архивното копие е било създадено, същият ключ-файл(ове) ще бъде необходим за монтиране на тома отново след като заглавната част на тома е възстановена.\n\nСлед като натиснете Да, ще изберете файла с архивното копие. - Томът съдържа ли скрит том? - Томът съдържа скрит том - Томът не съдържа скрит том - Моля, изберете типа на бекъп на заглавна част на тома, който иската да използвате: - Възстановяване на заглавна част на тома от бекъп копие вградено в тома - Възстановяване на заглавна част на тома от външен бекъп файл - Размера на бекъп файла на заглавна част на тома е неправилен. - В този том няма вградено бекъп копие на заглавната част на тома (имайте предвид, че само томове създадени от VeraCrypt 6.0 или по-късни версии съдържат вградено бекъп копие на заглавната част на тома). - Опитвате се да архивирате заглавната част на системен дял/устройство. Това не е позволено. Операциите на архивиране/възстановяване отнасящи се до системния дял/устройство могат да бъдат извършени само с помощта на VeraCrypt Спасителния Диск.\n\nЖелаете ли да създадете VeraCrypt Спасителен Диск? - Опитвате се да възстановите заглавната част на виртуален VeraCrypt том, но сте избрали системеният дял/устройство. Това не е позволено. Операциите на архивиране/възстановяване отнасящи се до системния дял/устройство могат да бъдат извършени само с помощта на VeraCrypt Спасителния Диск.\n\nЖелаете ли да създадете VeraCrypt Спасителен Диск? - След като натиснете OK, ще изберете име на файл за ISO изображението на новия VeraCrypt Спасителен Диск и местоположението, където искате да го поставите. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Моля, поставете вашия VeraCrypt Спасителен Диск във вашето CD/DVD устройство и натиснете OK за да го проверите. - VeraCrypt Спасителният Диск е проверен успешно. - Не може да се провери дали Спасителният Диск е бил записан успешно.\n\nАко сте записали Спасителния Диск, моля извадете и поставете отново CD/DVD диска; след това опитайте отново. Ако това не помага, моля опитайте друг софтуер за записване на CD/DVD и/или друг CD/DVD носител.\n\nАко сте опитали да проверите VeraCrypt Спасителен Диск създаден за различен главен ключ, парола, сол, и др., моля, забележете, че такъв Спасителен Диск никога няма да успява на тази проверка. За да създадете нов Спасителен Диск напълно съвместим с текущата ви конфигурация, изберете 'Система' > 'Създаване на Спасителен Диск'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Грешка при създаването на VeraCrypt Спасителен Диск. - VeraCrypt Спасителен Диск не може да бъде създаден, когато е стартирана скрита операционна система.\n\nЗа да създадете VeraCrypt Спасителен Диск, стартирайте заблуждаващата операционна система и след това изберете 'Система' > 'Създаване на Спасителен Диск'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Моля демонтирайте тома преди да продължите. - Грешка: Не може да се настрои таймер. - Проверка на файловата система - Поправка на файловата система - Add to Favorites... - Add to System Favorites... - P&roperties... - Скритият том е защитен - - - Да - Не - Disabled - 1 - 2 или повече - Режим на операция - Етикет: - Размер: - Път: - Буква: - Грешка: Паролата трябва да съдържа само ASCII символи.\n\nНаличието на не-ASCII символи в паролата може да направи невъзможно монтирането на том, когато има промяна в системната конфигурация.\n\nРазрешени са следните символи:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Внимание: Паролата съдържа не-ASCII символи. Това може да направи невъзможно монтирането на том, когато има промяна в системната конфигурация.\n\nБи трябвало да замените всички не-ASCII символи в паролата с ASCII символи. За да направите това, изберете 'Томове' -> 'Смяна на паролата на том'.\n\nСледните са ASCII символи:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - ВНИМАНИЕ: Силно препоръчваме да избягвате файлови разширения, които се използват за изпълними файлове (като .exe, .sys, или .dll) и други подобни проблематични файлови разширения. Използването на такива файлови разширения кара Windows и антивирусните програми да взаимодействат с контейнера, което е неблагоприятно за производителността на тома и също така може да създаде други сериозни проблеми.\n\nСилно препоръчваме да премахнете файловото разширение или да го смените (например на '.hc').\n\nСигурни ли сте, че желаете да използвате проблематичното файлово разширение? - ВНИМАНИЕ: Този контейнер има файлово разширение, което се използва за изпълними файлове (като .exe, .sys, или .dll) или някое друг файлово разширение, което също е проблематично. Много е вероятно това да накара Windows и антивирусният софтуер да взаимодействат с контейнера, което ще окаже неблагоприятен ефект върху производителността на тома и също може да причини други сериозни проблеми.\n\nСилно препоръчваме да премахнете файловото разширение или да го смените (например на '.hc') след като демонтирате тома. - Начална страница - ВНИМАНИЕ: Изглежда, че не сте прилагали никакъв Service Pack към вашата Windows инсталация. Не трябва да записвате върху IDE диск по-голям от 128 GB под Windows XP, към който не сте приложили Service Pack 1 или по-късен! Ако го направите, данните на диска (няма значение дали е VeraCrypt том или не) могат да се объркат. Забележете, че това е ограничение на Windows, а не бъг в VeraCrypt. - ВНИМАНИЕ: Изглежда, че не сте приложили Service Pack 3 към вашата Windows инсталация. Не трябва да записвате върху IDE диск по-голям от 128 GB под Windows 2000, към който не сте приложили Service Pack 3 или по-късен! Ако го направите, данните на диска (няма значение дали е VeraCrypt том или не) могат да се объркат. Забележете, че това е ограничение на Windows, а не бъг в VeraCrypt.\n\nЗабележка: Също така, може да се наложи да разрешите поддръжката на 48-бит LBA в регистрите; за повече информация, погледнете http://support.microsoft.com/kb/305098/EN-US - ВНИМАНИЕ: Поддръжката на 48-бит LBA ATAPI от вашата система е изключена. По тази причина, не трябва да записвате върху IDE диск по-голям от 128 GB! Ако го направите, данните на диска (няма значение дали е VeraCrypt том или не) могат да се объркат. Забележете, че това е ограничение на Windows, а не ограничение на VeraCrypt.\n\nЗа да разрешите поддръжката на 48-бит LBA, добавете стойността 'EnableBigLba' към ключа в регистрите HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nЗа повече информация, погледнете http://support.microsoft.com/kb/305098 - Грешка: Файлове по-големи от 4 GB не могат да бъдат съхранявани на FAT32 файлова система. За това, VeraCrypt файл-контейнери съхранявани върху FAT32 файлова система не могат да бъдат по-големи от 4 GB.\n\nАко се нуждаете от по-голям том, създайте го на NTFS файлова система (или, ако използвате Windows Vista SP1 или по-късна версия, на exFAT файлова система) или вместо да създавате файл-контейнер, криптирайте цял дял или устройство. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - ВНИМАНИЕ: Ако желаете за напред да можете да добавяте повече данни/файлове във външния том, трябва да изберете по-малък размер за скрития том.\n\nСигурни ли сте, че желаете да продължите с указания размер? - Не е избран том.\n\nНатиснете 'Устройство' или 'Файл' за да изберете VeraCrypt том. - Не е избран дял.\n\nНатиснете 'Устройство' за да изберете демонтиран дял, който нормално изисква pre-boot автентикация (например, дял разположен върху криптираното системно устройство на друга операционна система, която не е стартирана, или криптирания системен дял на друга операционна система).\n\nЗабележка: Избраният дял ще бъде монтиран като обикновен VeraCrypt том без pre-boot автентикация. Това е полезно, например при архивиране (backup) или операции за поправка. - ВНИМАНИЕ: Ако ключ-файлове по подразбиране са настроени и разрешени, томове които не използват тези ключ-файлове няма да могат да се монтират. По тази причина, след като разрешите ключ-файлове по подразбиране, имайте предвид да махнете отметката 'Ключ-файлове' (под полето за въвеждане на парола) когато монтирате такива томове.\n\nСигурни ли сте, че желаете да запазите избраните ключ-файлове/пътищата като такива по подразбиране? - Авто-монтиране на устройствата - Демонтиране на всички - Изчистване на кеша - Демонтиране на всички & Заличаване на кеша - Принудително демонтиране на всички & Заличаване на кеша - Принудително демонтиране на всички, Заличаване на кеша & Изход - Монтиране на любимите томове - Показване/Скриване на главния прозорец на VeraCrypt - (Кликнете тук и натиснете клавиш) - Действие - Клавиш - Грешка: Тази клавишна комбинация е запазена. Моля изберете друга клавишна комбинация. - Грешка: Клавишната комбинация вече се използва. - ВНИМАНИЕ: Един или повече VeraCrypt системни клавиши няма да работят!\n\nМоля, убедете се, че други приложения и операционната система не използват същия клавиш(и) като VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - Грешка или несъвместимост пречат на VeraCrypt да криптира хибернационния файл. Затова хибернацията е изключена.\n\nЗабележка: Когато компютър премине в режим на хибернация (или енергоспестяващ режим), съдържанието на системната памет се записва в хибернационен файл намиращ се на системното устройство. VeraCrypt няма да може да предотврати некриптиран запис в хибернационния файл на ключове за криптиране и съдържанието на важни файлове отворени в RAM паметта. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - ВНИМАНИЕ: Ако изключите тази опция, томовете съдържащи отворени файлове/директории няма да могат да бъдат авто-демонтирани.\n\nСигурни ли сте, че желаете да изключите тази опция? - ВНИМАНИЕ: Томове съдържащи отворени файлове/директории НЯМА да бъдат авто-демонтирани.\n\nЗа да предотвратите това, включете следните опции в този диалогов прозорец: 'Принудително авто-демонтиране дори ако тома съдържа отворени файлове или директории' - ВНИМАНИЕ: При силно изтощена батерията на лаптоп, Windows може да не успее да изпрати съответните съобщения до работещите програми когато компютъра преминава в енергоспестяващ режим. В такъв случай VeraCrypt може да не успее да демонтира томовете. - Задали сте процес на криптиране на дял/устройство. Процеса все още не е приключил.\n\nЖелаете ли да продължите процеса сега? - Били сте задали процес на криптиране или декриптиране на системният дял/устройство. Процесът все още не е бил завършен.\n\nЖелаете ли да стартирате (продължите) процеса сега? - Желаете ли да ви бъде напомняно дали желаете да продължите текущо зададен процес на криптиране на несистемни дялове/томове? - Да, желая да ми се напомня - Не, не желая да ми се напомня - ВАЖНО: Помнете, че можете да продължите процеса на криптиране на който да било несистемен дял/том като изберете 'Томове' > 'Продължаване на прекъснат процес' от менюто на главния прозорец на VeraCrypt. - Били сте задали процес на криптиране или декриптиране на системният дял/устройство. Както и да е, pre-boot автентикацията е неуспешна (или е била подмината).\n\nЗабележка: Ако сте декриптирали системния дял/устройство в pre-boot средата, може да трябва да завършите процеса като изберете 'Система' > 'Декриптиране на системния дял/устройство за постоянно' от менюто на главния прозорец на VeraCrypt. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Изход? - VeraCrypt няма достатъчно информация за да реши дали да криптира или декриптира. - VeraCrypt няма достатъчно информация за да реши дали да криптира или декриптира.\n\nЗабележка: Ако сте декриптирали системния дял/устройство в pre-boot средата, може да трябва да завършите процеса като изберете Декриптиране. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Желаете ли да прекъснете и отложите процеса на криптиране на дяла/тома?\n\nЗабележка: Помнете, че томът не може да бъде монтиран докато не е криптиран напълно. Ще можете да продължите процеса на криптиране и той ще продължи от мястото, където е бил спрян. Можете да направите това, например като изберете 'Томове' > 'Продължаване на прекъснат процес' от менюто на главния прозорец на VeraCrypt. - Желаете ли да прекъснете и отложите процеса на криптиране на системният дял/устройство?\n\nЗабележка: Ще можете да продължите процеса и той ще продължи от точката, в която е бил прекъснат. Можете да направите това, например, като изберете 'Система' > 'Продължаване на прекъснат процес' от менюто на главния прозорец на VeraCrypt. Ако желаете за постоянно да прекратите или да върнете процеса на криптиране, изберете 'Система' > 'Декриптиране на системния дял/устройство за постоянно'. - Желаете ли да прекъснете и отложите процеса на декриптиране на системният дял/устройство?\n\nЗабележка: Ще можете да продължите процеса и той ще продължи от точката, в която е бил прекъснат. Можете да направите това, например, като изберете 'Система' > 'Продължаване на прекъснат процес' от менюто на главния прозорец на VeraCrypt. Ако желаете да върнете процеса на декриптиране (и да започнете да криптирате), изберете 'Система' > 'Криптиране на системен дял/устройство'. - Грешка: Неуспешен опит за прекъсване на процеса на криптиране/декриптиране на системен дял/устройство. - Грешка: Неуспешен опит за прекъсване на процеса на заличаване. - Грешка: Неуспешен опит за продължаване на процеса на криптиране/декриптиране на системен дял/устройство. - Грешка: Неуспешен опит за стартиране на процеса на заличаване. - Проблем с неконсистентност е решен.\n\n\n(Ако докладвате бъг във връзка с това, моля включете следната техническа информация в доклада за бъга: %hs) - Грешка: Неочаквано състояние.\n\n\n(Ако докладвате за проблем във връзка с това, моля включете следната техническа информация в доклада:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - ВНИМАНИЕ: Фоновият процес на VeraCrypt е забранен. След като затворите VeraCrypt, няма да има нотификация в случай, че е предовратена повреда в скрития том.\n\nЗабележка: Можете да спрете фоновата задача по всяко време като натиснете десен бутон върху VeraCrypt системната иконата и изберете 'Изход'.\n\nДа се включи ли фоновият процес на VeraCrypt? - Версия на езиковия пакет: %s - Проверка на файловата система на VeraCrypt тома монтиран като %s... - Опит да се поправи файловата система на VeraCrypt тома монтиран като %s... - Внимание: Този том е криптиран с остарял криптиращ алгоритъм.\n\nВсички криптиращи алгоритми с 64-битов блок (като Blowfish, CAST-128, или Triple DES) са остарели. Монтирането на този том с помощта на бъдещи версии на VeraCrypt ще бъде възможно. както и да е, няма да има бъдещи разширения в реализацията на тези остарели криптиращи алгоритми. Препоръчваме ви да създадете нов VeraCrypt том криптиран с криптиращ алгоритъм с 128-битов блок (като AES, Serpent, Twofish, и др.) и да преместите всички файлове от този том в новия том. - Вашата система не е конфигурирана за авто-монтиране на нови томове. Може да е невъзможно да се монтира VeraCrypt том, който е устройство. Авто-монтирането може да се разреши като се изпълни следната команда и се рестартира системата.\n\nmountvol.exe /E - Моля, задайте буква за дяла/устройството преди да продължите ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nЗабележете, че това е изискване на операционната система. - Монтиране на VeraCrypt том - Демонтиране на всички VeraCrypt томове - VeraCrypt не успява да получи администрароски права. - Достъпът е отказан от операционната система.\n\nВероятна причина: Операционната система изисква да имате права за четене/запис (или администраторски права) за конкретни директории, файлове, и устройства, за да ви бъде разрешено да четете и записвате данни от/в тях. Нормално, на потребител без администраторски права му е разрешено да създава, чете и променя файлове в неговата Documents директория. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - Boot Loader-ът на VeraCrypt изисква поне 32 KБайта свободно пространство в началото на системното устройство (Boot Loader-ът на VeraCrypt трябва съхранен в тази зона). За съжаление, вашето устройство не изпълнява тези условия.\n\nМоля, НЕ докладвайте това като бъг/проблем в VeraCrypt. За да решите този проблем, ще трябва да преразделите вашия диск и да оставите първите 32 KБайта от диска свободни (в повечето случаи, ще трябва да изтриете и създадете на ново първият дял). Препоръчваме ви да използвате Microsoft partition manager, който е на разположение т.е. когато инсталирате Windows. - Функционалността не се поддържа от версията на операционната система, която използвате в момента. - VeraCrypt не поддържа криптиране на системен дял/устройство на версията на операционната система, която използвате в момента. - Преди да можете да криптирате системния дял/устройство на Windows Vista, трябва да инсталирате Service Pack 1 (или по-късна версия) за Windows Vista (на тази система все още няма инсталиран такъв Service Pack).\n\nЗабележка: Service Pack 1 за Windows Vista разрешава проблем причиняващ недостиг на свободна памет по време на зараждане на системата. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Вашето системно устройство има GUID таблица на дяловете (GPT). За момента се поддържат само устройства с MBR таблица на дяловете. - ВНИМАНИЕ: VeraCrypt Boot Loader-ът вече е инсталиран на вашето системно устройство!\n\nВъзможно е друга система на вашия компютър да е вече криптирана.\n\nВНИМАНИЕ: ПРОДЪЛЖАВАНЕТО С КРИПТИРАНЕТО НА СТАРТИРАНАТА В МОМЕНТА СИСТЕМА МОЖЕ ДА НАПРАВИ НЕВЪЗМОЖНО СТАРТИРАНЕТО НА ДРУГА СИСТЕМА(И) И СЪОТВЕТНИТЕ ДАННИ НЕДОСТЪПНИ.\n\nСигурни ли сте, че желаете да продължите? - Неуспешен опит за възстановяване на оригиналния system loader.\n\nМоля, използвайте вашият VeraCrypt Спасителен Диск ('Repair Options' > 'Restore original system loader') или Windows инсталационен носител за да подмените VeraCrypt зареждащата програма (Boot Loader) със Windows system loader. - Оригиналният system loader няма да бъде съхранен на Спасителния Диск (вероятна причина: липсващ архивен (backup) файл). - Неуспешен опит за запис върху MBR сектора.\n\nМоже би вашият BIOS е конфигуриран да предпазва MBR сектора. Проверете настройките на вашия BIOS (натиснете F2, Delete, или Esc, веднага след включване на вашия компътър) за MBR/антивирус защита. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - Необходимата версия на VeraCrypt Boot Loader в момента не е инсталирана. Това може да попречи на някои от настройките да бъдат съхранени. - Забележка: В някои случаи, може да иската да попречите на някого (неприятел) да разбере че използвате VeraCrypt, докато ви гледа когато стартирате компютъра. По-горната опция ви позволява да направите това като промените екрана на VeraCrypt зареждащата програма (boot loader). Ако разрешите първата опция, зареждащата програма няма да показва никакъв текст (дори когато въведете грешна парола). Компютърът ще изглежда като "неработещ", но в същото време можете да въведете паролата си. В допълнение на това, може да бъде показано съобщение по ваше желание с цел да заблуди неприятеля. Например, фалшиви съобщения за грешка, като "Missing operating system" ("Липсва операционна система"), което обикновено се показва от зареждащата програма (boot loader) на Windows ако не е намерен Windows зареждащ (boot) дял. Все пак е важно да се знае, че ако неприятелят може да анализира съдържанието на твърдия диск, ще открие, че съдържа VeraCrypt зареждащата програма (boot loader). - ВНИМАНИЕ: Моля, помнете, че ако разрешите тази опция, VeraCrypt зареждащата програма (boot loader) няма да показва никакви текстове (дори когато въведете грешна парола). Компютърът ще изглежда като "неработещ" (нереагиращ), но в същото време можете да въведете паролата си (курсора НЯМА да се движи и няма да се появяват звездички (*) когато натискате клавиши).\n\nСигурни ли сте, че желаете да разрешите тази опция? - Изглежда, че вашият системен дял/устройство е напълно криптиран. - VeraCrypt не поддържа криптиране на системно устройство, което е било конвертирано като динамичен диск. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Желаете ли да криптирате системният дял вместо цялото устройство?\n\nЗабележете, че можете да създадете VeraCrypt томове съхранявани като дял, във всеки не-системен дял на устройството (в допълнение на криптирането на системния дял). - Тъй като, вашето системно устройство съдържа само един единствен дял, който заема цялото устройство, за предпочитане е (по-сигурно) да криптирате цялото устройство включирвлно и свободното "неприкрепено" пространство, което обикновено заобикаля такъв дял.\n\nЖелаете ли да криптирате цялото системно устройство? - Вашата система е конфигурирана да съхранява временни файлове върху несистемен дял.\n\nВременни файлове могат да се съхраняват само върху системния дял. - Вашите файлове с потребителски профили не се съхраняват върху системния дял.\n\nФайлове с потребителски профили могат да се съхраняват само върху системния дял. - Има странициращ (paging) файл(ове) върху несистемни дялове.\n\nСтранициращи файлове могат да се разполагат само върху системния дял. - Желаете ли сега да конфигурирате Windows така, че да създава странициращи (paging) файлове само върху Windows дяла?\n\nИмайте предвид, че ако натиснете 'Да', компютърът ще бъде рестартиран. След това стартирайте VeraCrypt и отново опитайте да създадете скритата операционна система. - В противен случай, правдоподобната отказваемост на скритата операционна система може да бъде засегната неприятно.\n\nЗабележка: Ако неприятел анализира съдържанието на такива дайлове (намиращи се на несистемен дял), може да открие, че сте използвали този помощник в режим за създаване на скрита операционна система (което може да подскаже за съществуването на скрита операционна система на вашия компютър). Също така имайте предвид, че по време на процеса на създаване на скритата операционна система, VeraCrypt необратимо ще изтрие всички подобни файлове съхранявани върху системния дял. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Внимание: Има неразпределено пространство между системния дял и първия дял след него. След като създадете скритата операционна система, не трябва да създавате нови дялове в това неразпределено пространство. В противен случай, няма да бъде възможно да се стартира скритата операционна система (докато не изтриете такива новосъздадени дялове). - За момента този алгоритъм не се поддържа з системно криптиране. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - За сега ключ-файлове не се поддържат за системно криптиране. - Внимание: VeraCrypt не може да възстанови оригиналната подредба на клавиатурата. Заради това може да въведете някоя парола грешно. - Грешка: Подредбата на клавиатурата за VeraCrypt не може да се зададе да бъде стандартна US клавиатурна подредба.\n\nЗабележете, че паролата трябва да бъде въведена в pre-boot средата (преди стартирането на Windows), където не-US Windows клавиатурни подредби не са достъпни. Поради тази причина, паролата винаги трябва да бъде въвеждана, като се използва стандартна US клавиатурна подредба. - Тъй като VeraCrypt временно е сменил клавиатурната подредба на стандартна US клавиатурна подредба, не е възможно да въвеждате символи чрез натискане на клавиши докато десният Alt клавиш е задържан натиснат. Както и да е, можете да въвеждате повечето такива символи, като натискате съответните клавиши докато Shift клавиша е задържан натиснат. - VeraCrypt предотврати смяна на клавиатурната подредба. - Бележка: Паролата трябва да бъде въведена в pre-boot средата (преди стартирането на Windows), където не-US Windows клавиатурна подредба не е достъпна. Поради това, паролата винаги трябва да бъде въвеждане, като се използва стандартн US клавиатурна подредба. Както и да е, важно е да знаете, че НЕ ви е необходима истинска US клавиатура. VeraCrypt автоматично се уверява в това, че можете безопасно да въведете паролата (точно сега и в pre-boot средата), дори ако НЯМАТЕ истинска истинска US клавиатура. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - ВНИМАНИЕ: Ако вече сте създали VeraCrypt Спасителен Диск преди време, той не може да се преизползва за това системно устройство/дял, защото е създаден за различен главен ключ! Всеки път когато криптирате системно устройство/дял, трябва да създавате нов VeraCrypt Спасителен Диск за него дори ако използвате същата парола. - Грешка: Настройките на системното криптиране не могат да бъдат записани. - Не може да се стартира предварителния тест на системното криптиране. - Не може да се инициализира процеса на създаване на скритата операционна система. - Режим на заличаване - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - Никакъв (най-бързо) - 1-пасов (случайни данни) - 3-пасов (US DoD 5220.22-M) - 7-пасов (US DoD 5220.22-M) - 35-пасов ("Gutmann") - 256-пасов - Брой операционни системи - ВНИМАНИЕ: Начинаещи потребители никога не трябва да опитват да криптират Windows в multi-boot конфигурации.\n\nПродължаване? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Boot устройство - Текущо стартираната операционна система на boot устройство ли е инсталирана?\n\nЗабележка: Понякога, Windows не е инсталиран на същото устройство, където е Windows boot loader (boot дял). Ако случаят е такъв, изберете 'Не'. - За момента VeraCrypt не поддържа криптиране на операционна система, която не стартира от устройството, на което е инсталирана. - Брой системни устройства - Колко устройства съдържат операционни системи?\n\nЗабележка: Примерно, ако имате някаква операционна система (например Windows, Mac OS X, Linux, и т.н.) инсталирана на вашето първично устройство и някаква друга операционна система инсталирана на вашето вторично устройство, изберете '2 или повече'. - За момента VeraCrypt не поддържа криптиране на цяло устройство, което съдържа няколко операционни системи.\n\nВъзможни решения:\n\n- Все още можете да криптирате една от системите, ако се върнете назад и изберете криптиране на системен дял (а не на цялото системно устройство).\n\n- Алтернативно, ще можете да криптирате цялото устройство, ако преместите някои от системите на други устройства, така че да оставите само една система на устройството, което искате да криптирате. - Няколко системи на едно устройство - Има ли други операционни системи, инсталирани на устройството, на което стартираната в момента операционна система е инсталирана?\n\nЗабележка: Примерно, ако стартираната в момента операционна система е инсталирана на устройство #0, което съдържа няколко дяла, и ако един от дяловете съдържа Windows и друг дял съдържа някаква друга операционна система (например Windows, Mac OS X, Linux, и т.н.), изберете 'Да'. - Не-Windows Boot Loader - Инсталирана ли е не-Windows boot зареждаща програма (или boot мениджър) в главния boot запис (MBR)?\n\nЗабележка: Например, ако първата писта на boot устройството съдържа GRUB, LILO, XOSL, или някой друг не-Windows boot мениджър (или boot зареждаща програма), изберете 'Да'. - Multi-Boot - За момента VeraCrypt не поддържа multi-boot конфигурации, където не-Windows boot loader е инсталиран в Master Boot Record.\n\nВъзможни решения:\n\n- Ако използвате boot мениджър за да стартирате Windows и Linux, преместете boot мениджъра (най-често, GRUB) от Master Boot Record в дял. След това стартирайте този помощник отново и криптирайте системния дял/устройство. Забележете, че VeraCrypt Boot Loader ще стане вашият първичен boot мениджър и ще ви позволи да стартирате оригиналния boot мениджър (например GRUB), като ваш вторичен boot мениджър (като натиснете Esc в екрана на VeraCrypt Boot Loader) и по този начин ще можете да стартирате Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - Откриване на скрити сектори - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - Зона за криптиране - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Събиране на случайни данни - Ключовете са генерирани - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Запис на Спасителен Диск - Спасителният Диск е създаден - Предварителен тест на системното криптиране - Спасителният Диск е проверен - \nVeraCrypt Спасителният Диск е проверен успешно. Моля, извадето го от устройството и го съхранявайте на сигурно място.\n\nНатиснете Напред за да продължите. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - Внимание: Поради технически ограничения в pre-boot средата, текстовете показвани от VeraCrypt в pre-boot средата (т.е. преди Windows да стартира) не могат да бъдат преведени. Потребителският интерфейс на VeraCrypt Boot Loader е изцяло на английски.\n\nПродължаване? - Преди да криптира вашия системен дял или устройство, VeraCrypt трябва да провери дали всичко работи правилно.\n\nСлед като натиснете Тест, всички необходими компоненти (например, компонента за pre-boot автентикация, т.е. VeraCrypt Boot Loader) ще бъдат инсталирани и вашият компютър ще бъде рестартиран. Тогава ще трябва да въведете вашата парола в екрана на VeraCrypt Boot Loader, който ще се появи преди Windows да стартира. След като Windows стартира, автоматично ще бъдете информирани за резултатите от този предварителен тест.\n\nСледните устройства ще бъдат променени: Устройство #%d\n\n\nАко натиснете Отказ сега, нищо няма да бъде инсталирано и предварителния тест няма да бъде изпълнен. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Предварителният тест е завършен - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - Желаете ли да прекратите предварителният тест на системното криптиране? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - Изглежда, че системният дял/устройство не е криптиран (нито частично, нито изцяло). - Вашият системен дял/устройство е криптиран (частично или изцяло).\n\nМоля, декриптирайте вашият системен дял/устройство изцяло преди да продължите. За да направите това, изберете 'Система' > 'Декриптиране на системния дял/устройство за постоянно' от менюто на гавния процорез на VeraCrypt. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - В момента вашият системен дял/устройство се криптира, декриптира, или изобщо се модифицра. Моля, прекъснете процеса на криптиране/декриптиране/модификация (или изчакайте докато приключи) преди да продължите. - В момента има стартиран VeraCrypt помощник за създаване на томове, който извършва или подготвя криптиране/декриптиране на системния дял/устройство. Преди да продължите, моля, изчакайте го да свърши или го затворете. Ако не можете да го затворите, моля, рестаритрайте вашия компютър преди да продължите. - Процеса на криптиране или декриптиране на дял/устройство не е завършен. Моля, изчакайте докато завърши, преди да продължите. - Грешка: Процеса на криптиране на дял/устройство не е завършен. Първо трябва да бъде завършен. - Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - Грешка: Неправилен/невалиден параметър. - Избрали сте дял или устройство, но режима на помощника, който сте избрали е подходящ само за файл-контейнери.\n\nЖелаете ли да смените режима на помощника? - Желаете ли да създадете VeraCrypt файл-контейнер вместо това? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Сигурни ли сте, че желаете да декриптирате системният дял/устройство за постоянно? - ВНИМАНИЕ: Ако декриптирате системният дял/устройство за постоянно, некриптирани данни ще бъдат записани върху него.\n\nНаистина лис те сигурни, че желаете да декриптирате системният дял/устройство за постоянно? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - Ако ви се случат някои от вече описаните проблеми, декриптирайте дяла/устройството (ако е криптиран) и и опитайте да го криптирате отново, каот използвате не-каскаден криптиращ алгоритъм (т.е. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - VeraCrypt Boot Loader е обновен.\n\nСилно се препоръчва да създадете нов VeraCrypt Спасителен Диск (който ще съдържа новата версия на VeraCrypt Boot Loader) като изберете 'Система' > 'Създаване на Спасителен Диск' след като рестартирате вашия компютър. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Неуспешен опит за обновяване на VeraCrypt Boot Loader. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - ВНИМАНИЕ: Изглежда, че VeraCrypt вече е опитал да открие скрити сектори на това системно устройство. Ако сте срещнали някакви проблеми по време на предишния процес на откриване, можете да избегнете проблемите, като сега прескочите откриването на скрити сектори. Имайте предвид, че ако го направите, VeraCrypt ще използва размера докладван от операционната система (който може да е по-малък от реалния размер).\n\nИмайте предвид, че този проблем не е причинен от бъг в VeraCrypt. - Прескачане на откриването на скрити сектори (използване на размера докладван от операционната система) - Нов опит за откриване на скрити сектори - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Спасителен Диск - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Тест - Ключ-файл (КФ) - Backspace - Tab - Clear - Enter - Pause - Caps Lock - Spacebar - Page Up - Page Down - End - Home - Left Arrow - Up Arrow - Right Arrow - Down Arrow - Select Key - Print Key - Execute Key - Print Screen - Insert - Delete - Applications Key - Sleep - Num Lock - Scroll Lock - Browser Back - Browser Forward - Browser Refresh - Browser Stop - Browser Search - Browser Favorites - Browser Home - Mute - Volume Down - Volume Up - Next Track - Previous Track - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Application 1 - Application 2 - Attn - CrSel - ExSel - Play - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Отказ + Инсталиране &за всички потребители + Из&бор... + Добавяне на VeraCrypt икон на &десктопа + Donate now... + Асоцииране на '.hc' файлови раз&ширения с VeraCrypt + &Отваряне на целевата директория след приключване + Добавяне на VeraCrypt в &Start менюто + Създаване на System &Restore point + &Деинсталиране + &Извличане + &Инсталиране + VeraCrypt Инсталатор + Деинсталиране на VeraCrypt + &Помощ + Моля изберете или напишете директорията в която желаете да бъдат поставени извлечените файлове: + Моля изберете или напишете директорията в която желаете да бъдат инсталирани програмните файлове на VeraCrypt. Ако зададената директория не съществува, тя ще бъде създадена автоматично. + Натиснете Деинсталиране за да премахнете VeraCrypt от тази система. + Отмяна + &Benchmark + &Тест + Създаване и форматиране на криптиран том + Криптиране на дял на място + Показване на генерираните ключове (техните части) + Показване на запаса + Сваляне на софтуер за запис на CD/DVD + Създаване на криптиран контейнер-файл + &GB + &TB + Повече информация + Ск&рит VeraCrypt том + Повече информация за скрити томове + Директен режим + Нормален режим + &KB + &Ключ-файлове + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + &Ключ-файлове.. + Информация за хеш алгоритми + Повече информация + Information on PIM + &MB + Повече информация + Повече информация за криптиране на системата + Повече информация + Много ОС (Multi-Boot) + Криптиране на несистемен дял/устройство + Историята да не &се запазва + Отваряне на външен том + &Пауза + Use P&IM + Use PIM + Бърз формат + Видима &парола + Видима &парола + &Display PIM + Една ОС (Single-boot) + Стандартен VeraCrypt том + Скри&т + Нормален + Криптиране на системния дял или цялото системно устройство + Криптиране на Windows системния дял + Криптиране на цялото устройство + VeraCrypt - Помощник за създаване на томове + Клъстер + ВАЖНО: Движете мишкта в този прозорец колкото се може по-случайно. Колкото по-дълго я движите, толкова по-добре. Това значително повишава криптографската сила на ключ-файла. След това натиснете Напред за да продължите. + &Парола пак: + Готов + Drive letter: + Криптиращ алгоритъм + ФС + Създаване на виртуален криптиран диск във файл. Препоръчва се за начинаещи потребители. + Опции + Хеш алгоритъм + Заглавен ключ: + Остава + Главен ключ: + Изберете тази опция, ако има две или повече операционни системи инсталирани на този компютър.\n\nНапример:\n- Windows XP и Windows XP\n- Windows XP и Windows Vista\n- Windows и Mac OS X\n- Windows и Linux\n- Windows, Linux и Mac OS X + Криптира несистемен дял на външно или вътрешно устройство (например флаш памет). Може да създава и скрит том. + Съдържание на текущия запас (частично) + Пас + Парола: + Volume PIM: + Volume PIM: + Прогрес: + Случайност: + Изберете тази опция, ако на този компютър има инсталирана само една операционна система (дори тя да има много потребители). + Скорост + Статус + Ключовете, солта, и други данни са генерирани успешно. Ако желаете да генерирате нови ключове, натиснете Назад и след това Напред. В противен случай, натиснете Напред за да продължите. + Криптиране на дяла/устройството където Windows е инсталиран. Всеки, който иска да получи достъп и да използва системата, да чете и записва файлове, и т.н., ще трябва да въведе правилната парола всеки път преди Windows да стартира. Може да създава скрит том. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Изчистващ режим: + Затваряне + Позволява pre-boot &автентикацията да бъде прескочена при натискане на клавиш Esc (активира boot мениджъра) + Да не се прави нищо + &Авто-монтиране на VeraCrypt том (зададен по-долу) + &Стартиране на VeraCrypt + Автоматично &намиране на библиотека + &Кеширане на паролата за pre-boot автентикация в паметта на драйвера (за монтиране на несистемни томове) + Избор... + Избор... + Кеширане на паролите и ключ-файлов&ете в паметта + Изход когато няма монтирани томове + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + Включване на VeraCrypt Помощник за създаване на томове + Създаване + &Създаване на том + Да не се &показват никакви текстове в екрана за pre-boot автентикация (с изключение на по-долу зададеното съобщение) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Ключ-файлове + Ключ-файлове + Из&ход + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Присвояване + Премахване + Ключ-файлове... + Do not use the following number of processors for encryption/decryption: + More information + More information + Още настройки... + &Авто-монтиране + &Опции... + Монтиране като "сам&о за четене" + Ключ-файлове... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Разрешен + Кеширане на пароли в паметта + Авто-демонтиране след като няма четене/запис в продължение на + Потребителят се изключи + User session locked + Влизане в енергопестящ режим + Скрийнсейвърът се стартира + Принудително авто-демонтиране дори ако има отворени файлове или директории + Монтиране на всички VeraCrypt томове-устройства + Стартиране на VeraCrypt фонов процес + Монтиране като "само за четене" + Монтиране като "преносима медия" + Отваряне на Explorer прозорец за успешно монтиран том + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Заличаване на кешираните пароли при авто-демонтиране + Заличаване при изход + Preserve modification timestamp of file containers + Изчистване + У&стройство... + &Файл... + Избор на биб&лиотека... + Видима парола + Видима парола + Отваряне на &Explorer прозорец за монтирания том + &Кеширане на паролата в паметта на драйвера + TrueCrypt Mode + &Демонтиране - всички + &Свойства на тома... + &Инструменти за том... + &Заличаване на кеша + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - Системни клавиши + VeraCrypt + Смяна на паролата или ключ-файловете + Въведете парола за VeraCrypt тома + VeraCrypt - Performance and Driver Options + VeraCrypt - Предпочитания + VeraCrypt - Настройки на системното криптиране + VeraCrypt - Security Token Preferences + VeraCrypt - Настройка на пътен диск + Свойства на VeraCrypt тома + Относно... + Добавяне/Премахване на ключ-файлове на том... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Архивиране на заглавната част на том... + Тест на скоростта... + Задаване на алгоритъмът за деривация на ключа на заглавната част... + Смяна на паролата на том... + Задаване на алгоритъмът за деривация на ключа на заглавната част... + Смяна на паролата... + Изтриване на историята на тома + Close All Security Token Sessions + За връзка... + Създаване на Скрита Операционна Система... + Създаване на Спасителен Диск... + Създаване на нов том... + Permanently Decrypt... + Ключ-файлове по подразбиране... + Default Mount Parameters... + Donate now... + Криптиране на системен дял/устройство... + Често задавани въпроси + Ръководство на потребителя + &Начална страница + Клавиши... + Генератор на ключ-файлове + Език (Language)... + Юридически бележки + Manage Security Token Keyfiles... + Авто-монтиране на всички томове които са устройства + Монтиране на любимите томове + Монтиране без Pre-Boot &автентикация... + Монтиране на том + Монтиране на том (с опции) + Новини + Online помощ + Напътствия за начинаещи + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Декриптиране на системния дял/устройство за постоянно + Предпочитания... + Опресняване на буквите за устройства + Премахване на всички ключ-файлове от том... + Възстановяване на заглавната част на том... + Продължаване на прекъснат процес + Избор на Устройство... + Избор на Файл... + Продължаване на прекъснат процес + Системно криптиране... + Свойства... + Настройки... + System Favorite Volumes... + Изтегляния + Тест на генериране на вектори... + Security Tokens... + Настройка на пътен диск... + Демонтиране на всички монтирани томове + Демонтиране на том + Проверка на Спасителен Диск + Verify Rescue Disk ISO Image + История на версиите + Volume Expander + Свойства на тома + Помощник за създаване на томове + VeraCrypt уебстраница + Заличаване на кешираните пароли + OK + Hardware Acceleration + Клавишна комбинация + Конфигурация на АвтоСтарт (autorun.inf) + Авто-демонтиране + Демонтиране на всички когато: + Опци на Boot Loader екрана + Парола пак: + Текуща + Показване на това потребителско съобщение на екрана за pre-boot автентикация (най-много 24 знака): + Подразбиращи се опции при монтиране + Опции на системните клавиши + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Настройка на файловете + Клавиш за присвояване: + Processor (CPU) in this computer supports hardware acceleration for AES: + Действия които ще се извършат при влизане в Windows + минути + Монтиране на том като буква за устройство: + Настройки на монтирането + Нова + Парола: + Thread-Based Parallelization + Път към PKCS #11 библиотека + PKCS-5 PRF: + PKCS-5 PRF: + Кеширане на паролите + Опции на сигурността + VeraCrypt фонов процес + VeraCrypt том за монтиране (относително от началото на пътния диск): + При поставяне на пътен диск: + Създаване на файловете на пътния диск на (начало на пътния диск): + Том + Windows + &Директория... + &Авто-тест - всички + &Продължаване + &Декриптиране + &Изтриване + &Криптиране + &Експорт... + Генериране и запазване на ключ-файл... + &Случаен ключ-файл... + Изтегляне на езиков пакет + Hardware-accelerated AES: + &Import Keyfile to Token... + Добавяне на &файлове... + &Ключ-файлове + &Ключ-файлове... + &Премахване + Премахване &вс. + Какво е защита на скрит том? + Повече информация за ключ-файлове + Монтиране като "преносима &медия" + Монтиране на системен дял без pre-boot &автентикация + Parallelization: + Тест + &Печат + За&щита срещу повреди причинени от запис във външния том + &Рестартиране + &Видима парола + Add &Token Files... + Използване на архивно копие на заглавна част вградено в &том ако е възможно + XTS режим + За VeraCrypt + VeraCrypt - Тест на скоростта + VeraCrypt - Тест на генериране на вектори + Помощ за командния ред + VeraCrypt - Ключ-файлове + VeraCrypt - Генератор на ключ-файлове + VeraCrypt - Език + VeraCrypt - Опции при монтиране + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Избор на дял или устройство + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Активен езиков пакет + Скоростта се влияе от натоварването на процесора и от някои характеристики на устройството за съхранение.\n\nТези тестове заемат място в оперативната памет. + Буфер: + Шифър: + П&арола за скрития том:\n(ако не, използва се кеша) + Защита на скрит том + Размер: + ВАЖНО: Движете мишкта в този прозорец колкото се може по-случайно. Колкото по-дълго я движите, толкова по-добре. Това значително повишава криптографската сила на ключ-файла. + ВНИМАНИЕ: Ако изгубите ключ-файл или ако първите му 1024 KB са повредени, няма да е възможно да се монтират томове, които го използват! + битов + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Превод: + Размер: + битов + Съдържание на текущия запас + PRF миксиране: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Вторичен ключ (шестнадесетичен) + Security token: + Сортиране: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Номер на блок: + Шифрован текст (шестнадесетичен) + Номер на единица данни (64-битов 16ичен, размера на единица данни е 512 байта) + Ключ (шестнадесетичен) + Чист текст (шестнадесетичен) + Име на ключ-файл: + XTS режим + С&истема + &Томове + Favor&ites + &Инструменти + &Настройки + &Помощ + Уе&бстраница + + &Относно... + Атрибута "само за четене" на вашия стар том не може да бъде променен. Моля, проверете правата за достъп на файла. + Грешка: Достъп отказан.\n\nДялът, който опитвате да достъпите или има размер 0 сектора, или е boot устройство. + Administrator + За да се зареди VeraCrypt драйвера, трябва да сте влезли с акаунт, който има администраторски права. + Моля, обърнете внимание на това, че за да криптирате/форматирате дял/устройство, трябва да сте влезли с акаунт, който има администраторски права.\n\nТова не се отнася за томове които се намират във файл-контейнери. + За да създадете скрит том трябва да сте влезли с акаунт, който има администраторски права.\n\nЩе продължите ли? + Моля, обърнете внимание на това, че за да форматирате том като NTFS, трябва да сте влезли с акаунт, който има администраторски права.\n\nБез администраторски права можете да форматирате тома като FAT. + Шифър одобрен от FIPS (Rijndael, публикуван през 1998) който може да се използва от правителствените организации и служби на САЩ за защита на класифицирана информация до ниво Строго Секретно. 256-битов ключ, 128-битов блок, 14 кръга (AES-256). Режимът на работа е XTS. + Томът вече е монтиран. + ВНИМАНИЕ: Поне един криптиращ или хеш алгоритъм не е успял да премине вградените автоматични тестове!\n\nИнсталацията на VeraCrypt може да е повредена. + ВНИМАНИЕ: Няма достатъчно данни в запаса на Генератора на Случайни Числа за да се предостави изискваното количество случайни данни.\n\nНе трябва да продължавате нататък. Моля, изберете 'Докладване за бъг' от менюто Помощ, и докладвайте за тази грешка. + Устройството е повредено (има физически дефект) или кабелът е повреден или паметта не функционира правилно.\n\nИмайте предвид, че проблемът е във вашия хардуер, не в VeraCrypt. Така че, моля, НЕ докладвайте това като дефект/проблем в VeraCrypt и НЕ търсете помош за това във форумите на VeraCrypt. Моля, обърнете се към сервиза на вашия компютърен доставчик. Благодаря.\n\nЗабележка: Ако грешката постоянно се появява на същото място, най-вероятно е причинена от лош блок на диска, който може да се поправи с помощта на специализиран софтуер от трето лице (имайте предвид че, в много случаи, командата 'chkdsk /r' не може да го поправи, тъй като работи само на ниво файлова система; в някои случаи, инструмента 'chkdsk' дори не може да го открие). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Вашата система изглежда използва специфични драйвери за дънната платка в които има проблем възпрепятстващ криптирането на цялото системно устройство.\n\nМоля, опитайте да обновите или да деинсталирате специфичните (не Microsoft) драйвери за дънната платка преди да продължите. АКо това не помага, опитайте да криптирате само системния дял. + Невалидна буква за устройство. + Невалиден път. + Отказ + Няма достъп до устройството. Проверете дали избраното устройство съществува и дали не се използва от системата. + Внимание: Caps Lock е включен. Това може да причини невярно въвеждане на паролата. + Тип на том + Може да се случи така, че да бъдете принудени от някого да издадете паролата за криптиран том. Има много ситуации в които не можете да откажете да издадете паролата (например чрез насилие). Използването на така наречният скрит том ви позволява да се измъкнете от такава ситуация без да издавате паролата. + Изберете тази опция, ако искате да създадете нормален VeraCrypt том. + Забележете, че ако желаете операционна система да бъде инсталирана в скрит том на устройство, тогава цялото системно устройство не може да бъде криптирано само с един ключ. + Опции за криптиране на външен том + Опции за криптиране на скрит том + Опции за криптиране + ВНИМАНИЕ: Неуспешен опит за изчистване на пътят до последно избрания том/ключ-файл (запомнен от селектора на файлове)! + Грешка: Томът е компресиран на ниво файлова система. VeraCrypt не поддържа компресирани контейнери (обърнете внимание на това, че компресията на криптирани данни е неефективна и излишна).\n\nМоля, изключете компресията за контейнера като следвате тези стъпки: 1) Натиснете десен бутон върху контейнера в Windows Explorer (не в VeraCrypt). 2) Изберете 'Properties'. 3) В диалога 'Properties', натиснете 'Advanced'. 4) В диалога 'Advanced Attributes', изключете опцията 'Compress contents to save disk space' и натиснете 'OK'. 5) В диалога 'Properties', натиснете 'OK'. + Неуспешно създаване на том %s + Размера на %s е %.2f байта + Размера на %s е %.2f KB + Размера на %s е %.2f MB + Размера на %s е %.2f GB + Размера на %s е %.2f TB + Размера на %s е %.2f PB + ВНИМАНИЕ: Устройството в момента се използва!\n\nУстройството което ще се форматира в момента се използва от системата или от приложения. Форматирането му може да доведе до загуба на данни или нестабилност на системата.\n\nДа продължи ли форматирането? + Внимание: Този дял се използва от операционната система или от някое приложение. Трябва да затворите всички приложения които биха могли да използват дяла (включително и антивирусни програми).\n\nЖелаете ли да продължите? + Грешка: Устройството/дяла съдържа файлова система която не може да бъде демонтирана. Файловата система може да се използва от операционната система. Форматирането на устройството/дяла е мнго вероятно да причини повреда на данните и нестабилност на системата.\n\nЗа да разрешите този проблем, препоръчваме първо да изтриете дяла и след това да го създадете на ново без форматиране. За да направите това, следвайте тези стъпки: 1) Натиснете десен бутон върху иконата на 'Computer' (или 'My Computer') в 'Start Menu' и изберете 'Manage'. Трябва да се появи прозореца 'Computer Management'. 2) В прозореца 'Computer Management', изберете 'Storage' > 'Disk Management'. 3) Натиснете десен бутон върху дяла, който желаете да криптирате и изберете или 'Delete Partition', или 'Delete Volume', или 'Delete Logical Drive'. 4) Натиснете 'Yes'. Ако Windows пожелае да рестартирате компютъра, направете го. Тогава повторете стъпки 1 и 2 и продължете от стъпка 5. 5) Натиснете десен бутон върху зоната с неалокирано/свободно място и изберете или 'New Partition', или 'New Simple Volume', или 'New Logical Drive'. 6) Сега би трябвало да се появи прозорец 'New Partition Wizard' или 'New Simple Volume Wizard'; следвайте неговите инструкции. На страницата на помощника озоглавена 'Format Partition', изберете или 'Do not format this partition' или 'Do not format this volume'. В същия помощник, натиснете 'Next' и след това 'Finish'. 7) Имайте предвид, че пътят до устройството, който сте били избрали в VeraCrypt сега може да е грешен. За това, излезте от VeraCrypt помощника за създаване на томове (ако все още е стартиран) и след това го стартирайте отново. 8) Опитайте да криптирате устройството/дяла отново.\n\nАко VeraCrypt продължава да не успява да криптира устройството/дяла, можете да помислите за създаване на контейнер-файл вместо това. + Грешка: Файловата система не може да бъде заключена и/или демонтирана. Може би се използва от операционната система или от някое приложение (например антивирусна програма). Криптирането на дяла може да причини повреда на данните и нестабилност на системата.\n\nМоля, затворете всички приложения, които биха могли да използват файловата система (включително антивирусни програми) и опитайте отново. Ако това не помогне, моля, следвайте следните съпки. + ВНИМАНИЕ: Някои от монтираните дялове/устройства вече се използваха!\n\nПренебрегването на това може да доведе до нежелани последствия, включително нестабилност на системата.\n\nСилно препоръчваме да затворите всички приложения, които биха могли да използват устройствата/дяловете. + Избраното устройство съдържа дялове.\n\nФорматирането на устройството може да доведе до нестабилност на системата и/или повреда на данн. Моля, или изберете дял от устройството, или премахнете всички дялове от устройството за да позволите на VeraCrypt да го форматира безопасно. + Избраното несистемно устройство съдържа дялове.\n\nКриптирани VeraCrypt томове-устройства могат да бъдат създадени в устройства които не съдържат никакви дялове (включително хард дискове и solid-state устройства). Устройство, което съдържа дялове може да бъде цялостно криптирано на място (използвайки само един главен ключ) само ако това е устройството, където е инсталиран Windows и откъдето се зарежда.\n\nАко искате да криптирате избраното несистемно устройство използвайки само един главен ключ, най-напред ще трябва да премахнете всички дялове от устройството за да позволите на VeraCrypt да го форматира безопасно (форматирането на устройство, което съдържа дялове може да причини нестабилност на системата и/или повреда на данните). Алтернативата е да криптирате всеки дял на устройството по отделно (всеки дял ще бъде криптиран с различен главен ключ).\n\nЗабележка: Ако искате да премахнете всички дялове от GPT диск, може би ще трябва да го конвертирате в MBR диск (с помощта на Computer Management инструмента например) за да премахнете скрити дялове. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + Криптиране на място на несистемни томове не се поддържа от версията на операционната система, която използвате в момента (поддържа се само от Windows Vista и по-късни версии на Windows).\n\nПричината е, че Windows не поддържа смаляване на други типове файлови системи (файловата система трябва да бъде смалена за да се освободи място за заглавната част на тома и заглавната част за бекъп). + Избраното устройство изглежда не съдържа NTFS файлова система. Само устройства, които съдържат NTFS файлова система могат да бъдат криптирани на място.\n\nЗабележка: Причината е, че Windows не поддържа смаляване на други типове файлови системи (файловата система трябва да бъде смалена за да се освободи място за заглавната част на тома и заглавната част за бекъп). + Избраният дял изглежда не съдържа NTFS файлова система. Само дялове, които съдържат NTFS файлова система могат да бъдат криптирани на място.\n\nАко искате да създадете криптиран VeraCrypt том в този дял, изберете опцията "Създаване и форматиране на криптиран том" (вместо опцията "Криптиране на дял на място"). + Грешка: Дялът е твърде малък. VeraCrypt не може да го криптира на място. + За да криптирате данните на този дял, моля, следвайте тези стъпки:\n\n1) Създайте VeraCrypt том на празен дял/устройство и след това го монтирайте.\n\n2) Копирайте всички файлове от дяла (който първоначално сте възнамерявали да криптирате) на монтирания VeraCrypt том (който беше създаден и монтиран в стъпка 1). По този начин ще създадете VeraCrypt криптирано бекъп копие на данните.\n\n3) Създайте VeraCrypt том на дяла, който първоначално сте възнамерявали да криптирате и се уверете, че (в VeraCrypt помощника) сте избрали опцията "Създаване и форматиране на криптиран том" (а не опцията "Криптиране на дял на място"). Имайте предвид, че всички данни съхранявани на дяла ще бъдат изтрити. Монтирайте тома след като бъде създаден.\n\n4) Копирайте всички файлове от монтирания VeraCrypt бекъп том (който беше създаден и монтиран в стъпка 1) на монтирания VeraCrypt том, който беше създаден (и монтиран) в стъпка 3.\n\nСлед като изпълните тези стъпки, данните ще бъдат криптирани и в допълнение на това ще разполагате с криптирано бекъп копие на данните. + VeraCrypt може да криптира на място само дял, динамичен том, или цяло системно устройство.\n\nАко желаете да съдадете криптиран VeraCrypt том в избраното несистемно устройство, изберете опцията "Създаване и форматиране на криптиран том" (а не опцията "Криптиране на дял на място"). + Грешка: VeraCrypt може да криптира на място само дял, динамичен том, или цяло системно устройство. Моля, уверете се, че зададеният път е валиден. + Грешка: Файловата система не може да бъде смалена (файловата система трябва да бъде смалена за да се освободи място за заглавната част на тома и заглавната част за бекъп).\n\nВъзможни причини и решения:\n\n- Няма достатъчно свободно място на тома. Моля, уверете се, че други приложения не записват по файловата система.\n\n- Повредена файлова система. Опитайте да я проверите и да поправите евентуални грешки (натиснете с десния бутон върху буквата на съответното устройство в списъка 'Computer', след това изберете Properties > Tools > 'Check Now', уверете се, че опцията 'Automatically fix file system errors' е избрана и натиснете Start).\n\nАко по-горните стъпки не помагат, моля, следвайте по-долните стъпки. + Грешка: Няма достатъчно свободно място на тома и поради това файловата система не може да бъде смалена (файловата система трябва да бъде смалена за да се освободи място за заглавната част на тома и заглавната част за бекъп).\n\nМоля, изтрийте всички ненужни файлове и изпразнете кошчето за да се освободят поне 256 KB и опитайте отново. Имайте предвид, че поради проблем в Windows, количеството свободно място според Windows Explorer може да е невярно докато операционната система не се рестартира. Ако рестартиране на системата не помага, файловата система може да е повредена. Опитайте да я проверите и да поправите евентуални грешки (натиснете с десния бутон върху буквата на съответното устройство в списъка 'Computer', след това изберете Properties > Tools > 'Check Now', уверете се, че опцията 'Automatically fix file system errors' е избрана и натиснете Start).\n\nАко по-горните стъпки не помагат, моля, следвайте по-долните стъпки. + Свободното място на устройство %s е %.2f байта. + Свободното място на устройство %s е %.2f KB + Свободното място на устройство %s е %.2f MB + Свободното място на устройство %s е %.2f GB + Свободното място на устройство %s е %.2f TB + Свободното място на устройство %s е %.2f PB + Няма налични букви за устройства. + Грешка: VeraCrypt драйвера не е намерен!\n\nМоля копирайте файловете 'veracrypt.sys' и 'veracrypt-x64.sys' в директорията, където се намира главното VeraCrypt приложение (VeraCrypt.exe). + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Грешка: Неуспешна инициализация на шифъра. + Грешка: Открит е слаб или потенциално слаб ключ. Ключът ще бъде отхвърлен. Моля, опитайте отново. + Възникна критична грешка и VeraCrypt трябва да бъде спрян. Ако това е причинено от проблем в VeraCrypt, ние бихме желали да го поправим. За да ни помогнете, можете да ни изпратите автоматично генериран репорт за грешки съдържащ следните данни:\n\n- Версия на програмата\n- Версия на операционната система\n- Тип на процесора (CPU)\n- Име на VeraCrypt компонента\n- Контролна сума на VeraCrypt изпълнимия файл\n- Символно име на диалоговия прозорец\n- Категория на грешката\n- Адрес на грешката\n- VeraCrypt стек с извиквания\n\nАко изберете 'Да', следният адрес (който съдържа цялият репорт за грешка) ще бъде отворен във вашия Internet браузър (имайте предвид, че понякога това може да отнеме до 30 секунди).\n\n%hs\n\nЖелаете ли да изпратите по-горния репорт за грешка? + Възникна критична грешка във вашата система и VeraCrypt трябва да бъде спрян.\n\nИмайте предвид, че тази грешка не е причинена от VeraCrypt (така, че VeraCrypt разработчиците не могат да я поправят). Моля, проверете вашата система за възможни проблеми (например конфигурация на системата, мрежови връзки, проблемни хардуерни компоненти). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt Критична грешка + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Криптиране + &Декриптиране + &Декриптиране за постоянно + Изход + Моля създайте логическо устройство за този разширен дял и опитайте пак. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Криптирани VeraCrypt томове разполагащи се на устройство могат да бъдат създавани в дялове на твърди дискове, solid-state устройства, USB флаш памети, и на всякакви други поддържани устройства за съхранение. Дяловете също така могат да бъдат криптирани на място.\n\nВ допълнение на това, криптирани VeraCrypt томове разполагащи се на устройство могат да бъдат създавани в устройства devices, които не съдържат дялове (включително твърди дискове и solid-state устройства).\n\nЗабележка: Устройство което съдържа дялове може да бъде изцяло криптирано на място (като се използва единствен ключ) само ако то е устройството, където е инсталиран и от където се зарежда Windows . + VeraCrypt том разполагащ се на устройство може да бъде създаден в дял на твърд диск, solid-state устройство, USB флаш памет, и други устройства за съхранение.\n\nВНИМАНИЕ: Имайте предвид, че дяла/устройството ще бъде форматиран и всички данни записани на него ще бъдат изгубени. + \nИзберете местоположението, където да бъде създаден външния том (скритият том ще бъде създаден в този том по-късно).\n\nВъншни томове могат да бъдат създавани в дялове на твърди дискове, solid-state устройства, USB флаш памети, и на всякакви други поддържани устройства за съхранение. Външни томове могат да бъдат създавани също така в устройства, които не съдържат дялове (включително твърди дискове и solid-state устройства).\n\nВНИМАНИЕ: Имайте предвид, че дяла/устройството ще бъде форматиран и всички данни записани на него ще бъдат изгубени. + \nИзберете местоположението на VeraCrypt тома в, който искате да създадете скрит том. + ВНИМАНИЕ: Файлът/устройството вече се използва!\n\nПренебрегването на това може да доведе до нежелани последсвия включително нестабилност на системата. Всички приложения които биха могли да използват Файла/устройството (например, антивирусен или back-up софтуер) трябва да се затворят преди монтиране на тома.\n\nДа продължи ли монтирането? + Грешка: Томът не може да се монтира. Файлът/устройството се използва. Опитът за монтиране без ексклузивни права също е неуспешен. + Файлът не може да бъде отворен. + Местоположение на том + Големи файлове + Имате ли намерение да съхранявате файлове по-големи от 4 GB на този VeraCrypt том? + В зависимост от по-горния избор, VeraCrypt ще избере подходяща файлова система по подразбиране за VeraCrypt тома (на следващата стъпка ще можете да изберете файлова система). + Понеже създавате външен том, би трябвало да изберете 'Не'. Ако изберете 'Да', по подразбиране файловата система ще бъде NTFS, която не е толкова подходяща за външен том както FAT (например, максималният възможен размер на скрития том ще бъде значително по-голям, ако външният том е форматиран като FAT). Обикновено, по подразбиране се задава FAT и за скрития и за нормалния том (така че FAT томовете не са подозрителни). Въпреки това, ако потребителят има намерение да съхранява файлове по големи от 4 GB (което FAT файловата система не позволява), тогава FAT не се задава по подразбиране. + Сигурни ли сте, че желаете да изберете 'Да'? + Режим създаване на том + Това е най-бързият начин за създаване на VeraCrypt том разполагащ се в дял/устройство (криптиране на място, което е другата опция, е по-бавно, защото съдържанието на всеки сектор трябва първо да се прочете, да се криптира и след това да се запише). Данните съхранени на избрания дял/устройство ще бъдат изгубени (данните НЯМА да бъдат криптирани; те ще бъдат препокрити със случайни данни). Ако искате да криптирате данни съществуващи върху дял, изберете другата опция. + Целият ибран дял и всички данни съхранени в него ще бъдат криптирани на място. Ако дяла е празен, би трябвало да изберете другата опция (томът ще бъде създаден много по-бързо). + Забележка: + П&родължаване + &Отлагане + &Старт + &Продължаване + &Формат + &Заличаване + Прекратяване на форматирането? + Показване на повече информация + Това да не се показва отново + Съдържанието на дяла/устройството беше изтрито успешно. + Съдържанието на дяла, където оригиналната система (от която е клонирана скритата система) е разположена беше изтрит успешно. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + Системният дял/устройство е декриптиран успешно. + \n\nVeraCrypt томът е създаден и е готов за употреба. За да създадете друг VeraCrypt том, натиснете Напред. В противен случай, натиснете Изход. + \n\nСкритият VeraCrypt том е създаден успешно (скритата операционна система ще се намира в този скрит том).\n\nНатиснете Напред за да продължите. + Тома е напълно криптиран + Volume Fully Decrypted + ВАЖНО: ЗА ДА МОНТИРАТЕ ТОЗИ НОВОСЪЗДАДЕН VERACRYPT ТОМ И ДА ДОСТЪПВАТЕ ДАННИТЕ В НЕГО, НАТИСНЕТЕ 'Авто-монтиране на устройствата' В ГЛАВНИЯ ПРОЗОРЕЦ НА VERACRYPT. След като въведете правилната парола (и/или предоставите правилните ключ-файлове), томът ще бъде монтиран на буквата, която ще изберете от списъка в главния прозорец на VeraCrypt (и ще можете да достъпвате криптираните данни чрез избраната буква).\n\nМОЛЯ, ЗАПОМНЕТЕ ИЛИ СИ ЗАПИШЕТЕ ПО-ГОРНИТЕ СТЪПКИ. ТРЯБВА ДА ГИ СЛЕДВАТЕ ВИНАГИ КОГАТО ИСКАТЕ ДА МОНТИРАТЕ ТОМА И ДА ДОСТЪПИТЕ ДАННИТЕ В НЕГО. Алтернативно, в главния прозорец на VeraCrypt, натиснете 'Избор на Устройство', след това изберете този дял/устройство, и натиснете 'Монтиране'.\n\nДялът/устройството е криптиран успешно (сега съдържа напълно криптиран VeraCrypt том) и е готов за употреба. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCrypt тома е създаден успешно. + Томът е създаден + ВАЖНО: Движете мишкта в този прозорец колкото се може по-случайно. Колкото по-дълго я движите, толкова по-добре. Това значително повишава криптографската сила на ключ-файла. След това натиснете Формат за да създадете тома. + Натиснете Формат за да създадете външния том. За повече информация, моля обърнете се към документацията. + Форматиране на външен том + Форматиране на скрит том + Форматиране на том + Adobe Reader (или съвместим инструмент) е необходим за да се чете или разпечатва VeraCrypt ръководството на потребители. Adobe Reader (безплатна програма) може да бъде свалена от: www.adobe.com\n\nЖелаете ли вместо това да погледнете online документацията? + Ако изберете тази опция, помощникът първо ще ви помогне да създадете нормален VeraCrypt том и след това скрит VeraCrypt том в него. Начинаещите потребители би трябвало да изберат тази опция. + Ако изберете тази опция, ще създадете скрит VeraCrypt том във вече съществуващ нормален VeraCrypt том. Предполага се, че вече сте създали VeraCrypt том, който е подходящ да съдържа скрит том. + Режим създаване на томове + Създаден е скрит том + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + Стартирали сте скритата операционна система. Както може да сте забелязали, скритата операционна система изглежда, че е инсталирана на същия дял, където е и оригиналната операционна система. В действителност тя е инсталирана в дяла след него (в скрития том). Всички операции за четене и запис незабележимо се пренасочват от оригиналния системен дял към скрития том.\n\nНито операционната система, нито приложенията ще знаят, че данните четени от и записвани на системния дял всъщност се записват на и четат от дяла след него (скрития том). Всички такива данни се криптират и декриптират на момента, както обикновено (с криптиращ ключ различен от този използван за заблуждаващата операционна система).\n\n\nМоля натиснете Напред за да продължите. + Външният том е създаден и монтиран като буква %hc:. На този том сега ще трябва да копирате някакви важно изглеждащи файлове, които всъщност НЕ иската да криете. Те ще бъдат там за заблуда на всеки, който ви принуждава да издадете паролата за първия дял след системния дял, където ще се намират и външния том и скрития том (съдържащ скритата операционна система). Вие ще можете да разкриете паролата за този външен том, и съществуването на скрития том (и на скритата операционна система) ще останат тайни.\n\nВАЖНО: Файловете, които копирате върху външния том не трябва да заемат повече от %s. В противен случай на външния том може да няма достатъчно свободно място за скрития том (и няма да можете да продължите). След като приключите с копирането, натиснете Напред (не демонтирайте тома). + Външен том е успешно създаден и монтиран като устройство %hc:. На този том би трябвало да копирате някакви файлове, които изглеждат като поверителни и всъщност НЕ искате да ги скриете. Тези файлове ще бъдат там за заблуда на някой, който ви принуждава да си издадете паролата. Вие ще издадете паролата само за този външен том, но не и за скрития. Файловете, за които наистина ви е грижа, ще бъдат съхранени в скрития том, който ще бъде създаден малко по-късно. Когато приключите с копирането, натиснете Напред. Не демонтирайте тома.\n\nЗабележка: След като натиснете Напред, картата с клъстерите на външния том ще бъде сканирана за да се определи размера на некриптираната зона на свободното пространство, чийто край е напаснат с края на тома. Тази зона ще се приспособи към скрития том, така, че ще ограничи максималният му възможен размер. Сканирането на картата на клъстерите осигурява това, че данни от външния том няма да бъдат препокрити от скрития том. + Съдържание на външния том + \n\nВ следващите стъпки ще настроите опциите за външния том (в който скритият том ще бъде създаден малко по-късно). + \n\nВ следващите стъпки, ще създадете така нареченият външен VeraCrypt том в първия дял след системния дял (както беше обяснено в една от предишните стъпки). + Външен том + По време на следните стъпки ще зададете настройките и паролата за скрития том,който ще съдържа скритата операционна система.\n\nПояснение: Картата на клъстерите на външния том е сканирана за да се определи размера на непрекъснатата област от свободно пространство, чийто край съвпада с края на външния том. Тази област ще побере скрития том, така че тя ограничава максималния му възможен размер. Максималният възможен размер на скрития том е определен и потвърдено, че е по-голям от размера на системния дял (което се изисква, защото цялото съдържание на системния дял ще трябва да бъде копирано в скрития том). Така се осигурява това, че данните, които в момента се съхраняват на външния том няма да бъдат препокрити от данни записани в областта на скрития том. + ВАЖНО: Моля, запомнете алгоритмите, които сте избрали в тази стъпка. Ще трябва да изберете същите алгоритми за системата за заблуда. В противен случай, скритата система ще бъде недостъпна! (Системата за заблуда трябва да бъде криптирана със същият криптиращ алгоритъм, както и скритата система.)\n\nЗабележка: Причината е това, че системата за заблуда и скритата система ще споделят една и съща програма за зареждане (boot loader), която поддържа само един алгоритъм, избран от потребителя, има специална верси на VeraCrypt Boot Loader). + \n\nКартата на клъстерите е сканирана и максималния възможен размер на скрития том е определен. В следващите стъпки ще настроите опциите, размера, и паролата за скрития том. + Скрит том + Скритият том сега е защитен от повреда докато външният том не е демонтиран.\n\nВНИМАНИЕ: При опит за запис на някакви данни върху скрития том, VeraCrypt ще започне да защитава от запис целия том (и външната и скритата част) докато не бъде демонтиран. Това може да доведе до грешки във файловата система на външния том, което (ако се повтори) може да засегне правдоподобната отказваемост на скрития том. За това, трябва да положите всички усилия да не записвате върху зоната на скрития том. Всички данни записвани върху зоната на скрития том няма да бъдат записани и ще бъдат изгубени. Windows може да докладва за това като грешка при запис ("Delayed Write Failed" или "The parameter is incorrect"). + Всеки от скритите томове в току що монтираните томове е защитен от повреда докато не е демонтиран.\n\nВНИМАНИЕ: При опит за запис на някакви данни върху някой от скритите томове, VeraCrypt ще започне да защитава от запис целия том (и външната и скритата част) докато не бъде демонтиран. За това, трябва да положите всички усилия да не записвате върху зоната на скрития том. Всички данни записвани върху зоната на скрития том няма да бъдат записани и ще бъдат изгубени. Windows може да докладва за това като грешка при запис ("Delayed Write Failed" или "The parameter is incorrect"). + ВНИМАНИЕ: Има опит за запис на данни в скрития том в тома монтиран като %c:! VeraCrypt предотврати запис на тези данни за да защити скрития том. Това може да е довело до грешки във файловата система на външния том и Windows може да го е докладвал като грешка при запис ("Delayed Write Failed" или "The parameter is incorrect"). Целият том (и външната и скритата част) ще бъдат защитени от запис докато не бъдат демонтирани. Ако това не е първият път когато VeraCrypt предотвратява запис на данни върху скрития том на този том, правдоподобната отказваемост на този скрит том може да е засегната (поради вероятна необичайна корелативна неконсистентност във файловата система на външния том). За това, трябва да помислите за създаване на нов VeraCrypt том (като опцията за бързо форматиране е изключена) и да преместите файловете от този том в новия том; този том би трябвало да бъде невъзстановимо изтрит (и външната и скритата част). Силно препоръчваме да рестартирате операционната система сега. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + Поради съображения за сигурност, когато е стартирана скрита операционна система, локални некриптирани файлови системи и нескрити VeraCrypt томове се монтират 'само за четене' (не могат да се записват данни върху такива файлови системи или VeraCrypt томове).\n\nДАнни могат да се записват върху всяка файлова система, която се намира в скрит VeraCrypt том (в случай, че скритият том не се намира в контейнер съхраняван върху некриптирана файлова система или на файлова система 'само за четене'). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Забележка: Ако искате да осъществите подсигурен трансфер на файлове от заблуждаващата система на скритата система, следвайте тези стъпки:\n1) Стартирайте заблуждаващата система.\n2) Запишете файловете върху некриптиран том или върху външен/нормален VeraCrypt том.\n3) Стартирайте скритата система.\n4) Ако сте записали файловете върху VeraCrypt том, монтирайте го (автоматично ще бъде монтиран 'само за четене').\n5) Копирайте файловете върху скрития системен дял или върху друг скрит том. + Вашият компютър трябва да бъде рестартиран.\n\nЖелаете ли да го рестартирате сега? + Грешка при опит за получаване на статуса на системното криптиране. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Компонентите за систено криптиране не могат да бъдат инициализирани . + Неуспешно инициализиране на генератора за случайни числа! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Инициализацията на приложението е невъзможна. Деуспешно регистриране на Dialog класа. + Грешка: Не може да се зареди Rich Edit системната библиотека. + VeraCrypt помощник за създаване на томове + Максималния възможен размер на скрития том за този том е %.2f байта. + Максималния възможен размер на скрития том за този том е %.2f KB. + Максималния възможен размер на скрития том за този том е %.2f MB. + Максималния възможен размер на скрития том за този том е %.2f GB. + Максималния възможен размер на скрития том за този том е %.2f TB. + Паролата/ключ-файловете на тома не могат да бъдат сменяни докато тома е монтиран. Моля, най-напред демонтирайте тома. + Алгоритъмът за деривация на ключа на заглавната част не може да бъде сменян докато тома е монтиран. Моля, най-напред демонтирайте тома. + &Монтиране + По-нова версия на VeraCrypt е необходима за да се монтира този том. + Грешка: Помощника за създаване на томове не е намерен.\n\nМоля, убедете се, че файла 'VeraCrypt Format.exe' е в директорията от която се стартира 'VeraCrypt.exe'. Ако не е, моля, преинсталирайте VeraCrypt, или намерете 'VeraCrypt Format.exe' на вашия диск и го стартирайте. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Напред > + &Край + &Инсталация + И&звличане + Връзката с VeraCrypt драйвера е невъзможна. VeraCrypt не може да работи, ако драйвера не е стартиран. + Грешка при зареждането/подготовката на шрифтове. + Зададената от вас буква за устройство не е намерена или не е задедан буква за устройство. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Буквата за устройство не е достъпна. + Няма избран файл! + Няма налична буква за устройство. + Няма налична буква за външния том! Създаването на том не може да продължи. + Не може да се определи версията на операционната ви система или използвате операционна система която не се поддържа. + Няма избран път! + Няма достатъчно свободно място за скрития том! Създаването на том не може да продължи. + Грешка: Файловете, които копирахте на външния том заемат твърде много място. Поради това на външния том няма достатъчно свободно място за скрития том.\n\nЗабележете, че скритият том трябва да бъде голям колкото системния дял (дяла където е инсталирана текущо стартираната операционна система). Причината е, че скритата операционна система трябва да бъде създадена чрез копиране на съдържанието от системния дял върху скрития том.\n\n\nПроцесът на създаване на скритата операционна система не може да продължи. + Драйвера не може да демонтира тома. Някои файлове разположени върху тома най-вероятно са все още отворени. + Не е възможно да се заключи тома. Все още на тома има отворени файлове. За това тома не може да бъде демонтиран. + VeraCrypt не може да заключи тома, тъй като се използва от системата или от някое приложение (може да има отворени файлове на тома).\n\nЖелаете ли да демонтирате тома принудително? + Изберете VeraCrypt том + Задайте път и файлово име + Избор на PKCS #11 библиотека + Няма достатъчно памет + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + ВНИМАНИЕ: Файлът '%s' вече съществува!\n\nВАЖНО: VERACRYPT НЯМА ДА КРИПТИРА ФАЙЛА, НО ЩЕ ГО ИЗТРИЕ. Сигурни ли сте, че желаете да изтриете файла и да го заместите с нов VeraCrypt контейнер? + ВНИМАНИЕ: ВСИЧКИ ФАЙЛОВЕ, КОИТО СЕ СЪДЪРЖАТ НА %s '%s'%s ЩЕ БЪДАТ ИЗТРИТИ И ИЗГУБЕНИ (НЯМА ДА БЪДАТ КРИПТИРАНИ)!\n\nСигурни ли сте че желаете да продължите с форматирането? + ВНИМАНИЕ: Няма да можете да монтирате тома или да достъпите файлове съхранени в него докато не е изцяло криптиран.\n\nСигурни ли сте, че желаете да стартирате криптирането на %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + ВНИМАНИЕ: Забележете, че ако захранването прекъсне внезапно докато се криптират на място съществуващите данни, или ако операционната система забие поради софтуерна грешка или хардуерна неизправност, докато VeraCrypt криптира на място съществуващи данни, части от данните ще бъдат повредени или изгубени. За това, преди да започнете криптиране, моля, уверете се, че имате бекъп копие на файловете, които желаете да криптирате.\n\nИмате ли такова бекъп копие? + ВНИМАНИЕ: ВСЯКАКВИ ФАЙЛОВЕ СЪХРАНЯВАНИ В МОМЕНТА НА ДЯЛ '%s'%s (Т.Е. НА ПЪРВИЯ ДЯЛ СЛЕД СИСТЕМНИЯ ДЯЛ) ЩЕ БЪДАТ ИЗТРИТИ И ИЗГУБЕНИ (НЯМА ДА БЪДАТ КРИПТИРАНИ)!\n\nСигурни ли сте, че желаете да продължите с форматирането? + ВНИМАНИЕ: ИЗБРАНИЯТ ДЯЛ СЪДЪРЖА ГОЛЯМ ОБЕМ ДАННИ! Всякакви файлове съхранени на дяла ще бъдат изтрити и изгубени (няма да бъдат криптирани)! + Изтриване на всякакви файлове съхранени на дяла чрез създаване на VeraCrypt том в него + Парола + PIM + Задаване на алгоритъмът за деривация на ключа на заглавната част + Добавяне/Премахване на ключ-файлове на том + Премахване на всички ключ-файлове от том + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + ВАЖНО: Ако не сте унищожили вашия VeraCrypt Спасителен Диск, вашият системен дял/устойство все още може да бъде декриптиран с помощта на старата парола (като стартирате от VeraCrypt Спасителния Диск и въведете старата парола). Би трябвало да създадете нов VeraCrypt Спасителен Диск и след това да унищожите стария.\n\nЖелаете ли да създадете нов VeraCrypt Спасителен Диск? + Обърнете внимание на това, че вашият VeraCrypt Спасителен Диск все още използва предишният алгоритъм. Ако смятате, че предишният алгоритъм е несигурен, би трябвало да създадете нов VeraCrypt Спасителен Диск и след това да унищожите стария.\n\nЖелаете ли да създадете нов VeraCrypt Спасителен Диск? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Ключ-файла(овете) е добавен/премахнат успешно. + Ключ-файла е експортиран. + Алгоритъмът за деривация на ключа на заглавната част е зададен успешно. + Моля, въведете паролата и/или ключ-файла(овете) за несистемния том, за който желаете да продължите процеса на криптиране на място.\n\n\nЗабележка: След като натиснете Напред, VeraCrypt ще опита ад намери всички несистемни томове, за които има прекъснат процес на криптиране и където VeraCrypt заглавната част на тома може да бъде декриптирана с помощта на зададените парола и/или ключ-файл(ове). Ако са открити повече от един такъв том, ще трябва да изберете един от тях на следващата стъпка. + Моля, изберете един от изброените томове. Списъкът съдържа всички достъпни несистемни томове, за които има прекъснат процес на криптиране и чиито заглавни части могат да бъдат декриптирани с помощта на зададените парола и/или ключ-файл(ове). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + Много е важно да изберете добра парола. Трябва да избягвате пароли, които се състоят от една единствена дума, която може да бъде намерена в речник (или комбинация от 2, 3, или 4 такива думи). Не трябва да съдържа имена или дати на раждане. Не трябва да бъде лесна за познаване. Добра парола е случайна комбинация от главни и малки букви, цифри, и специални символи като @ ^ = $ * + и т.н. Препоръчваме избор на парола състояща се от повече от 20 знака (колкото по-дълга, толкова по-добре). Максималната възможна дължина е 64 знака. + Моля, изберете парола за скрития том. + Моля, изберете парола за скритата операционна система (т.е. за скрития том). + ВАЖНО: Паролата, която избирате за скритата операционна система в тази стъпка трябва да бъде значително по-различна от другите две пароли (т.е. от паролата за външния том и от паролата за заблуждаващата операционна система). + Моля, въведете паролата за тома, в който желаете да създадете скрит том.\n\nСлед като натиснете Напред, VeraCrypt ще се опита да монтира тома. Когато тома бъде монтиран, неговата карта на клъстерите ще бъде сканирана за да се определи размера на непрекъснатата зона от свободно пространство (ако има такава), чийто край е напаснат с края на тома. Тази зона ще се приспособи към скрития том, така, че ще ограничи максималният му възможен размер. Сканирането на картата на клъстерите осигурява това, че данни от външния том няма да бъдат препокрити от скрития том. + \nМоля, изберете парола за външния том. Това ще бъде паролата, която ще можете да разкриете на неприятел ако сте накарани или принудени да го направите.\n\nВАЖНО: Паролата трябва да бъде значително по-различна от паролата, която ще изберете за скрития том.\n\nЗабележка: Максималната възможна дължина за парола е 64 знака. + Моля, изберете парола за външния том. Това ще бъде паролата, която ще можете да разкриете на някой който ви принуждава да издадете паролата за първия дял след системния дял, където и външния и скрития том (съдържащ скритата операционна система) ще се намират. Съществуването на скрития том (и на скритата операционна система) ще останат в тайна. Забележете, че тази парола не е за заблуждаващата операционна система.\n\nВАЖНО: Паролата трябва да е значиелно по-различна от паролата, която ще изберете за скрития том (т.е. за скритата операционна система). + Парола за външния том + Парола за скрития том + Парола за скритата Операционна Система + ВНИМАНИЕ: Късите пароли са лесни за разбиване с помощта на техники на "грубата сила" (brute force)!\n\nПрепоръчваме избор на парола състояща се от повече от 20 символа. Сигурни ли сте, че желаете да използвате къса парола? + Парола на тома + Грешна парола или това не е VeraCrypt том. + Грешен ключ-файл(ове) и/или парола или това не е VeraCrypt том. + Грешен режим на монтиране, грешна парола, или това не е VeraCrypt том. + Грешен режим на монтиране, грешен ключ-файл(ове) и/или парола, или това не е VeraCrypt том. + Грешна парола или не е намерен VeraCrypt том. + Грешен ключ-файл(ове)/парола или не е намерен VeraCrypt том. + \n\nВнимание: Caps Lock е включен. Възможно е да въведете паролата си грешно заради това. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + Ако се опитвате да защитите скрит том съдържащ скрита система, моля, уверете се, че използвате стандартната US клавишна подредба, когато въвеждате паролата за скрития том. Това се изисква въпреки факта, че паролата трябва да бъде въведена в средата преди стартиране (преди да стартира Windows), където не-US Windows клавишна подредба не е достъпна. + VeraCrypt не намира том, където има прекъснато несистемно криптиране и където заглавната част на тома може да бъде декриптирана с помощта на зададените парола и/или ключ-файл(ове).\n\nМоля, уверете се, че паролата и/или ключ-файла(овете) са правилни и че дялът/томът не се използва от системата или от приложение (включително антивирусен софтуер). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nЗабележка: Ако опитвате да монтирате дял разположен върху криптирано системно устройство без pre-boot автентикация или да монтирате криптирания системен дял на операционна система, която не е стартирана, можете да направите това като изберете 'Система' > 'Монтиране без Pre-Boot автентикация'. + В този режим не може да монтирате дял намиращ се върху устройство, чиято част е в обхвата на активното системно криптиране.\n\nПреди да можете да монтирате този дял в този режим, трябва или да стартирате операционна система инсталирана на друго устройство (криптирано или некриптирано) или да стартирате некриптирана операционна система. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Назад + Не е възможно да се направи списък с устройствата инсталирани на вашата система! + Томът '%s' съществува, и е "само за четене". Сигурни ли сте, че желаете да го замените? + Изберете целева директория + Изберете ключ-файл + Изберете път за търсене на ключ-файлове. ВНИМАНИЕ: Имайте предвид, че само пътят ще бъде запомнен, не и имената на файловете в него! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Разработен от Ross Anderson, Eli Biham, и Lars Knudsen. Публикуван през 1998. 256-битов ключ, 128-битов блок. Режима на работа е XTS. Serpent е един от финалистите на AES. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Размер на външния том + Размер на скрития том + Моля, потвърдете, че размерът на избраното устройство/дял показано по-горе е верен и натиснете Напред. + Външният том и скритият том (съдържащ скритата операционна система) ще се намират в по-горния дял. Това трябва да е първият дял след системния дял.\n\nМоля, потвърдете, че размерът на дяла и неговият номер посочени по-горе са правилни, и ако са, натиснете Напред. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Размер на тома + Динамичен + ВНИМАНИЕ: НЕУСПЕШЕН АВТО-ТЕСТ! + Авто-тестът на всички алгоритми е преминат + Размера на единицата данни, който сте задали е твърде дълъг или твърде къс. + Вторичният ключ, който сте задали е твърде дълъг или твърде къс. + Тестовият шифърен текст, който сте задали е твърде дълъг или твърде къс. + Тестовият ключ, който сте задали е твърде дълъг или твърде къс. + Тестовият чист текст, който сте задали е твърде дълъг или твърде къс. + Два шифъра в каскадно действие в XTS режим. Всеки блок първо се криптира с %s (%d-битов ключ) и след това с %s (%d-битов ключ). Всеки шифър използва свой собствен ключ. Всички ключове са взаимно независими. + Три шифъра в каскадно действие в XTS режим. Всеки блок първо се криптира с %s (%d-битов ключ), след това с %s (%d-битов ключ) и най-накрая с %s (%d-битов ключ). Всеки шифър използва свой собствен ключ. Всички ключове са взаимно независими. + Забележете, че в зависимост от конфигурацията на операционната система, опциите авто-старт и авто-монтиране може да работят само когато файловете на пътния диск са създадени на незаписваем носител подобен на CD/DVD. Също така, забележете, че това не е проблем на VeraCrypt (това е ограничение на Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt пътен диск + Разработен от Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Публикуван през 1998. 256-битов ключ, 128-битов блок. Режимът на работа е XTS. Twofish е един от финалистите на AES. + Повече информация за %s + Неизвестен + An unspecified or unknown error occurred (%d). + Някои томове съдържат файлове или директории които се използват от приложения или от системата.\n\nДа се демонтират ли принудително? + &Демонтиране + Неуспешно демонтиране! + Томът съдържа файлове или директории които се използват от приложения или от системата.\n\nДа се демонтира ли принудително? + No volume is mounted to the specified drive letter. + Тома който се опитвате да монтирате вече е монтиран. + Грешка при опит за монтиране на том. + Грешка при търсене в том. + Грешка: Неправилен размер на тома. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Динамичният контейнер е предварително разположен NTFS sparse файл, чийто физически размер (реално използвано дисково пространство) нараства с добавянето на нови данни в него.\n\nВНИМАНИЕ: Продуктивността на томове съхранявани като sparse-файлове е значително по-лоша от тази на обикновени томове. Също така, томовете съхранявани като sparse-файлове са по-малко сигурни, защото е възможно да се каже кои сектори на тома са неизползвани. При това томовете съхранявани като sparse-файлове не могат да осигурят правдоподобна отказваемост (да съдържат скрит том). Освен това, ако се запишат данни в том, който е sparse-файл, когато няма достатъчно свободно пространство във файловата система на носителя, криптираната файлова система може да се повреди.\n\nСигурни ли сте, че желаете да създадете том съхраняван като sparse-файл? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt не може да смени паролата на чужд том. + Моля изберете свободна буква от списъка. + Моля изберете монтиран том от списъка с букви на устройства. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Грешка: Не може да се създаде autorun.inf + Грешка при обработката на ключ-файл! + Грешка при обработката на пътя на ключ-файл! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt не поддържа тази операционна система. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Грешка: Не може да се задели памет. + Грешка: Не може да се получи стойност от индикатора на производителността. + Грешка: Лош формат на тома. + Грешка: Задали сте парола за скрит том (не за нормален том). + Поради съображения за сигурност, скрит том не може да бъде създаван в VeraCrypt том съдържащ файлова система, която е била криптирана на място (защото свободното място на тома не е било запълнено със случайни данни). + VeraCrypt - Законово известие + Всички файлове + VeraCrypt томове + Библиотечни модули + NTFS форматирането не може да продължи. + Тома не може да се монтира. + Тома не може да се демонтира. + Windows не успя да форматира тома като NTFS.\n\nМоля, изберете друг тип файлова система (ако е възможно) и опитайте отново. Също така, можете да оставите тома неформатиран (изберете 'None' за файлова система), излезте от този помощник, монтирайте тома, и тогава използвайте или системен инструмент или инструмент от "трета страна" за да форматирате монтирания том (тома ще остане криптиран). + Windows не успя да форматира тома като NTFS.\n\nЖелаете ли вместо това да форматирате тома като FAT? + По подразбиране + дял + ДЯЛ + Устройство + устройство + УСТРОЙСТВО + Том + том + ТОМ + Label + Избраният размер за клъстер е прекалено малък за том с такъв размер. Ще се използва по-голям размер за клъстер вместо избрания. + Грешка: Не може да се провери размера на тома!\n\nУбедете се че избраният том не се използва от системата или от някое приложение. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + VeraCrypt помощникът за създаване на томове може да създаде скрит том само във FAT или NTFS том. + Под Windows 2000, VeraCrypt помощникът за създаване на томове може да създаде скрит том само във FAT том. + Забележка: FAT файловата система е по-подходяща за външни томове отколкото NTFS файловата система (например, максималният възможен размер на скрития том много вероятно би бил значително по-голям, ако външният том е форматиран като FAT). + Забележете, че FAT файловата система е по-подходяща за външни томове отколкото NTFS файловата система. Например, максималният възможен размер на скрития том много вероятно би бил значително по-голям, ако външният том е форматиран като FAT (причината е, че NTFS файловата система винаги съхранява вътрешнни данни точно по средата на тома и затова скритият том може да се разположи във втората половина на външния том).\n\nСигурни ли сте, че желаете да форматирате външния том като NTFS? + Желаете ли вместо това да форматирате тома като FAT? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Грешка: Дялът за скритата операционна система (т.е. първият дял след системния дял) трябва да бъде поне 5% по-голям от системния дял (системият дял е този, където текущо стартираната операционна система е инсталирана). + Грешка: Дялът за скритата операционна система (т.е. първият дял след системния дял) трябва да бъде поне 110% (2.1 пъти) по-голям от системния дял (системият дял е този, където текущо стартираната операционна система е инсталирана). Причината е, че NTFS файловата система винаги съхранява вътрешни данни точно по средата на тома и за това скрития том (който ще съдържа точно копие на системния дял) може да се разположи във втората половина на дяла. + Грешка: Ако външният том се форматира като NTFS, той трябва да е поне 110% (2.1 пъти) по-голям от системния дял. Причината е, че NTFS файловата система винаги съхранява вътрешни данни точно по средата на тома и за това скрития том (който ще съдържа точно копие на системния дял) може да се разположи във втората половина на външния том.\n\nЗабележка: Външният том трябва да се разположи в същия дял където е и скритата операционна система (т.е. в първия дял след системния дял). + Грешка: Няма дял след системния дял.\n\nЗабележете, че преди да можете да създадете скрита операционна система, трябва да създадете на системното устройство дял за нея. Това трябва да е първия дял след системния дял и трябва да е поне 5% по-голям от системния дял (системият дял е този, където текущо стартираната операционна система е инсталирана). В случай, че външният том (да не се бърка със системния дял) е форматиран като, дялът за скритата операционна система трябва да бъде поне 110% (2.1 пъти) по-голям от системния дял (причината е, че NTFS файловата система винаги съхранява вътрешни данни точно по средата на тома и за това скрития том, който ще съдържа точно копие на системния дял, може да се разположи във втората половина на дяла). + Забележка: Не е практично (и затова не се поддържа) да се инсталират операционни системи в два VeraCrypt тома, които са разположени в един дял, защото използването на външната операционна система често може да изисква записване на данни в зоната на скритата операционна система (и ако такива записи са предотваратени от опцията за защита на скрития том, е много вероятно да се предизвика системен срив, т.е. 'Син екран'). + За информация как да създадете и поддържате дялове, моля, погледнете документацията на вашата операционна система или се свържете със сервиза по поддръжка към вашия компютърен доставчик. + Грешка: Текущо стартираната операционна система не е инсталирана на зареждащия (boot) дял (първият активен дял). Това не се поддържа. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Грешка: Томът не може да бъде достъпен!\n\nУбедете се, че избраният том съществува, не е монтиран или използван от системата или приложение, имате права за четене/запис за тома и, че не е защитен срещу запис. + Error: Cannot obtain volume properties. + Грешка: Не може да се достъпи тома и/или да се получи информация за тома.\n\nУверете се, че избраният том съществува, че не се използва от системата или от приложение, че имате права за четене/запис за тома, и че тома не е защитен от запис. + Грешка:Не може да се достъпи тома и/или да се получи информация за тома. Уверете се, че избраният том съществува, че не се използва от системата или от приложение, че имате права за четене/запис за тома, и че тома не е защитен от запис.\n\nАко проблемът не се реши, следните стъпки може да помогнат. + VeraCrypt не може да криптира дяла поради грешка. Моля, опитайте да разрешите всички проблеми появили се до момента и опитайте отново. Ако проблемът не се реши, следните стъпки може да помогнат. + VeraCrypt не може да продължи процеса на криптиране на дяла поради грешка.\n\nМоля, опитайте да разрешите всички проблеми появили се до момента и опитайте отново. Имайте предвид, че томът не може да бъде монтиран докато не е криптиран напълно. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Грешка: Външният том не може да бъде демонтиран!\n\nТом не може да бъде демонтиран, ако съдържа файлове или директории, които се използват от приложение или от системата.\n\nМоля, затворете всяка програма, която би могла да използва файлове или директории на тома и натиснете Опитай пак. + Грешка: Не може да се получи информация за външния том! Създаването на том не може да продължи. + Грешка: Външният том не може да бъде достъпен! Създаването на том не може да продължи. + Грешка: Външният том не може да бъде монтиран! Създаването на том не може да продължи. + Грешка: Не може да се достъпи картата с клъстерите на тома! Създаването на том не може да продължи. + По азбучен ред/По категории + Средна скорост (низходящ ред) + Алгоритъм + Криптиране + Декриптиране + Средна скорост + Буква + Размер + Алгоритъм за криптиране + Алгоритъм за криптиране + Тип + Стойност + Свойство + Местоположение + байта + Скрит + Външен + Нормален + Системен + Скрита (система) + Само за четене + Системно устройство + Системно устройство (криптиране - %.2f%% готово) + Системно устройство (декриптиране - %.2f%% готово) + Системно устройство (%.2f%% криптирано) + Системен дял + Скрит системен дял + Системен дял (криптиране - %.2f%% готов) + Системен дял (декриптиране - %.2f%% готов) + Системен дял (%.2f%% криптиран) + Да (предотвратена повреда!) + Никакъв + Размер на пъвичния ключ + Размер на вторичния ключ (XTS режим) + Размер на tweak ключа (LRW режим) + бита + Размер на блока + PKCS-5 PRF + PKCS-5 брой на повторенията + Томът е създаден на + Последна промяна на заглавната част + (преди %I64d дни) + Версия на формат на тома + Вградена заглавна част за Backup + VeraCrypt Boot Loader Version + Първа свободна буква + Преносим диск + Твърд диск + Непроменен + Autodetection + Режим - помощник + Изберете един от режимите. Ако не сте сигурни кой да изберете, използвайте режима по подразбиране. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Опции на инсталацията + Тук можете да настройвате разнообразни опции за да контролирате процеса на инсталация. + Инсталиране + Моля, изчакайте докато VeraCrypt се инсталира. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Опции на извличането + Тук можете да настройвате разнообразни опции за да контролирате процеса на извличане. + Моля, изчакайте докато файловете се извличат. + Files successfully extracted + Всички файлове са извлечени успешно в целевото местонахождение. + Ако указаната директория не съществува, ще бъде създадена автоматично. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Желаете ли да погледнете Release бележките за текущата (най-последна стабилна) версия на VeraCrypt? + Ако никога не сте използвали VeraCrypt преди, препоръчваме ви да прочетете главата Beginner's Tutorial в VeraCrypt ръководството на потребителя. Желаете ли да погледнете инструкциите? + Моля, изберете действие за изпълнение от следните: + Поправка/Преинсталация + Upgrade + Деинсталация + За да инсталирате/деинсталирате VeraCrypt успешно, трябва да имате администраторски права. Желаете ли да продължите? + Инсталатора на VeraCrypt в момента е стартиран на тази система и подготвя или извършва инсталация или обновяване на VeraCrypt. Преди да продължите, моля изчакайте го да свърши или го затворете. Ако не можете да го затворите, моля рестартирайте вашия компютър преди да продължите. + Инсталацията неуспешна. + Деинсталация неуспешна. + Този пакет за дистрибуция е повреден. Моля, опитайте да го изтеглите отново (за предпочитане от официалния уебсайт на VeraCrypt - https://veracrypt.codeplex.com). + Не може да се запише файл %s + Извличане + Не може да се чете от пакета. + Не може да се провери целостта на този пакет за дистрибуция. + Извличането неуспешно. + Инсталацията е върната назад. + VeraCrypt е инсталиран успешно. + VeraCrypt е обновен успешно. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt е деинсталиран успешно.\n\nНатиснете 'Край' за да премахнете VeraCrypt инсталатора и директорията %s. Забележете, че директорията няма да бъде премахната ако съдържа някакви файлове, които не са били инсталирани от VeraCrypt инсталатора или създаден от VeraCrypt. + Премахване на записите на VeraCrypt в регистрите + Добавяне на записи в регистрите + Премахване на данните специфични за приложението + Инсталиране + Спиране + Премахване + Добавяне на икона + Създаване на System Restore point + Неуспешно създаване на System Restore point! + Обновяване на boot зареждащата програма + Неуспешно инсталиране на '%s'. %s Желаете ли инсталацият да продължи? + Неуспешно деинсталиране на '%s'. %s Желаете ли инсталацият да продължи? + Инсталацията е изпълнена. + Директория '%s' не може да бъде създадена + VeraCrypt драйвера не може да бъде спрян.\n\nМоля, най-напред затворете всички отворени VeraCrypt процорци. Ако това не помага, моля рестартирайте Windows и опитайте отново. + Всички VeraCrypt томове трябва да бъдат демонтирани преди инсталиране или деинсталиране на VeraCrypt. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + Неуспешно инсталиране на записите в регистрите + Неуспешно инсталиране на VeraCrypt драйвера. Моля, рестартирайте Windows и след това опитайте да инсталирате VeraCrypt отново. + Стартиране на VeraCrypt драйвера + Неуспешно деинсталиране на VeraCrypt драйвера. Моля, имайте предвид, че поради Windows проблем, може да е необходимо да излезете или да рестартирате системата преди драйвера да бъде деинсталиран (или ). + Инсталиране на VeraCrypt драйвера + Спиране на VeraCrypt драйвера + Деинсталиране на VeraCrypt драйвера + Неуспешна регистрация на библиотеката за контрол на потребителския акаунт. + Неуспешна дерегистрация на библиотеката за контрол на потребителския акаунт. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Внимание: Тази инстанция на Помощника за Създаване на Томове има администраторски права.\n\nВашият нов том може да се създаде с права, които няма да ви позволят да записвате върху тома след като е монтиран. Ако искате да предотвратите това, затворете тази инстанция на Помощника за Създаване на Томове и стартирайте нова без администраторски права.\n\nЖелаете ли да затворите тази инстанция на Помощника за Създаване на Томове? + Грешка: Лицензът не може да бъде показан. + Външен(!) + дни + часове + минути + с + Отваряне + Демонтиране + Показване на VeraCrypt + Скриване на VeraCrypt + Данни прочетени след монтирането + Данни записани след монтирането + Криптирана част + 100% (напълно криптирано) + 0% (некриптирано) + %.3f%% + 100% + Изчакване + Подготвяне + Преоразмеряване + Криптиране + Декриптиране + Финализиране + Пауза + Готово + Грешка + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Въведете парола за %s + Enter password for '%s' + Въведете парола за нормалния/външния том + Въведете парола за скрития том + Въведете парола за заглавната част съхранена в бекъп файл + Ключ-файла е създаден успешно. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + ВНИМАНИЕ: Заглавната част на този том е повредена! VeraCrypt автоматично използва вграденото в тома бекъп копие на заглавната част на тома.\n\nТрябва да поправите заглавната част на тома, като изберете 'Инструменти' > 'Възстановяване на заглавната част на том'. + Архивно копие на заглавната част на тома е създадено успешно.\n\nВАЖНО: Възстановяването на заглавната част на тома с помощта на това архивно копие също ще възстанови текущата парола на тома. Освен това, ако ключ-файл(ове) е необходим за монтиране на тома, същият ключ-файл(ове) ще бъде необходим за монтиране на тома отново, когато заглавната част на тома бъде възстановена.\n\nВНИМАНИЕ: Това архивно копие на заглавна част на том може да бъде използвано за възстановяване на заглавната част САМО на този индивидуален том. Ако използвате това архивно копие на заглавна част за да възстановите заглавната част на друг том, ще можете да монтирате тома, но НЯМА да можете да декриптирате никакви данни съхранени в тома (защото ще промените неговия главен ключ). + Заглавната част на тома е възстановена успешно.\n\nВАЖНО: Моля, забележете, че старата парола също така може да е била възстановена. Освен това, ако ключ-файл(ове) е бил необходим за монтиране на тома, когато архивното копие е било създадено, същият ключ-файл(ове) сега е необходим за монтиранена тома отново. + Поради съображения за сигурност, ще трябва да въведете правилната парола (и/или да предоставите правилните ключ-файлове) за тома.\n\nЗабележка: Ако тома съдържа скрит том, най-напред ще трябва да въведете правилната парола (и/или да предоставите правилните ключ-файлове) за външния том. След това, ако изберете да направите бекъп копие на заглавната част на скрития том, ще трябва да въведете правилната парола (и/или да предоставите правилните ключ-файлове) за скрития том. + Сигурни ли сте, че желаете да напрвавите бекъп копие на заглавната част на тома %s?\n\nСлед като натиснете Да, ще бъдете попитани за име на бекъп файл за заглавната част на тома.\n\nЗабележка: Заглавните части и стандартния и на скрития том ще бъдат прекриптирани с нова сол и ще бъдат съхранени в бекъп файла. Ако в този том няма скрит том, зоната в бекъп файла запазена за заглавната част на скрития том ще бъде запълнена със случайни данни (за да се запази правдоподобната отказваемост). Когато се възстановява заглавна част на том от бекъп файл, ще трябва да въведете правилната парола (и/или да предоставите правилните ключ-файлове), които са били валидни, когато е бил създаден бекъп файла на заглавната часдт на тома. Паролата (и/или ключ-файловете) автоматично ще определят типа на заглавната част на тома, която трябва да се възстанови, т.е. стандартен или скрит (обърнете внимание на това, че VeraCrypt определя типа по метода проба и грешка). + Сигурни ли сте, че желаете да възстановите заглавната част на том %s?\n\nВНИМАНИЕ: Възстановяването на заглавна част на том също така възстановява паролата на тома, която е била валидна, когато архивното копие е било създадено. Освен това, ако ключ-файл(ове) е бил необходим за монтиране на тома, когато архивното копие е било създадено, същият ключ-файл(ове) ще бъде необходим за монтиране на тома отново след като заглавната част на тома е възстановена.\n\nСлед като натиснете Да, ще изберете файла с архивното копие. + Томът съдържа ли скрит том? + Томът съдържа скрит том + Томът не съдържа скрит том + Моля, изберете типа на бекъп на заглавна част на тома, който иската да използвате: + Възстановяване на заглавна част на тома от бекъп копие вградено в тома + Възстановяване на заглавна част на тома от външен бекъп файл + Размера на бекъп файла на заглавна част на тома е неправилен. + В този том няма вградено бекъп копие на заглавната част на тома (имайте предвид, че само томове създадени от VeraCrypt 6.0 или по-късни версии съдържат вградено бекъп копие на заглавната част на тома). + Опитвате се да архивирате заглавната част на системен дял/устройство. Това не е позволено. Операциите на архивиране/възстановяване отнасящи се до системния дял/устройство могат да бъдат извършени само с помощта на VeraCrypt Спасителния Диск.\n\nЖелаете ли да създадете VeraCrypt Спасителен Диск? + Опитвате се да възстановите заглавната част на виртуален VeraCrypt том, но сте избрали системеният дял/устройство. Това не е позволено. Операциите на архивиране/възстановяване отнасящи се до системния дял/устройство могат да бъдат извършени само с помощта на VeraCrypt Спасителния Диск.\n\nЖелаете ли да създадете VeraCrypt Спасителен Диск? + След като натиснете OK, ще изберете име на файл за ISO изображението на новия VeraCrypt Спасителен Диск и местоположението, където искате да го поставите. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Моля, поставете вашия VeraCrypt Спасителен Диск във вашето CD/DVD устройство и натиснете OK за да го проверите. + VeraCrypt Спасителният Диск е проверен успешно. + Не може да се провери дали Спасителният Диск е бил записан успешно.\n\nАко сте записали Спасителния Диск, моля извадете и поставете отново CD/DVD диска; след това опитайте отново. Ако това не помага, моля опитайте друг софтуер за записване на CD/DVD и/или друг CD/DVD носител.\n\nАко сте опитали да проверите VeraCrypt Спасителен Диск създаден за различен главен ключ, парола, сол, и др., моля, забележете, че такъв Спасителен Диск никога няма да успява на тази проверка. За да създадете нов Спасителен Диск напълно съвместим с текущата ви конфигурация, изберете 'Система' > 'Създаване на Спасителен Диск'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Грешка при създаването на VeraCrypt Спасителен Диск. + VeraCrypt Спасителен Диск не може да бъде създаден, когато е стартирана скрита операционна система.\n\nЗа да създадете VeraCrypt Спасителен Диск, стартирайте заблуждаващата операционна система и след това изберете 'Система' > 'Създаване на Спасителен Диск'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Моля демонтирайте тома преди да продължите. + Грешка: Не може да се настрои таймер. + Проверка на файловата система + Поправка на файловата система + Add to Favorites... + Add to System Favorites... + P&roperties... + Скритият том е защитен + - + Да + Не + Disabled + 1 + 2 или повече + Режим на операция + Етикет: + Размер: + Път: + Буква: + Грешка: Паролата трябва да съдържа само ASCII символи.\n\nНаличието на не-ASCII символи в паролата може да направи невъзможно монтирането на том, когато има промяна в системната конфигурация.\n\nРазрешени са следните символи:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Внимание: Паролата съдържа не-ASCII символи. Това може да направи невъзможно монтирането на том, когато има промяна в системната конфигурация.\n\nБи трябвало да замените всички не-ASCII символи в паролата с ASCII символи. За да направите това, изберете 'Томове' -> 'Смяна на паролата на том'.\n\nСледните са ASCII символи:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + ВНИМАНИЕ: Силно препоръчваме да избягвате файлови разширения, които се използват за изпълними файлове (като .exe, .sys, или .dll) и други подобни проблематични файлови разширения. Използването на такива файлови разширения кара Windows и антивирусните програми да взаимодействат с контейнера, което е неблагоприятно за производителността на тома и също така може да създаде други сериозни проблеми.\n\nСилно препоръчваме да премахнете файловото разширение или да го смените (например на '.hc').\n\nСигурни ли сте, че желаете да използвате проблематичното файлово разширение? + ВНИМАНИЕ: Този контейнер има файлово разширение, което се използва за изпълними файлове (като .exe, .sys, или .dll) или някое друг файлово разширение, което също е проблематично. Много е вероятно това да накара Windows и антивирусният софтуер да взаимодействат с контейнера, което ще окаже неблагоприятен ефект върху производителността на тома и също може да причини други сериозни проблеми.\n\nСилно препоръчваме да премахнете файловото разширение или да го смените (например на '.hc') след като демонтирате тома. + Начална страница + ВНИМАНИЕ: Изглежда, че не сте прилагали никакъв Service Pack към вашата Windows инсталация. Не трябва да записвате върху IDE диск по-голям от 128 GB под Windows XP, към който не сте приложили Service Pack 1 или по-късен! Ако го направите, данните на диска (няма значение дали е VeraCrypt том или не) могат да се объркат. Забележете, че това е ограничение на Windows, а не бъг в VeraCrypt. + ВНИМАНИЕ: Изглежда, че не сте приложили Service Pack 3 към вашата Windows инсталация. Не трябва да записвате върху IDE диск по-голям от 128 GB под Windows 2000, към който не сте приложили Service Pack 3 или по-късен! Ако го направите, данните на диска (няма значение дали е VeraCrypt том или не) могат да се объркат. Забележете, че това е ограничение на Windows, а не бъг в VeraCrypt.\n\nЗабележка: Също така, може да се наложи да разрешите поддръжката на 48-бит LBA в регистрите; за повече информация, погледнете http://support.microsoft.com/kb/305098/EN-US + ВНИМАНИЕ: Поддръжката на 48-бит LBA ATAPI от вашата система е изключена. По тази причина, не трябва да записвате върху IDE диск по-голям от 128 GB! Ако го направите, данните на диска (няма значение дали е VeraCrypt том или не) могат да се объркат. Забележете, че това е ограничение на Windows, а не ограничение на VeraCrypt.\n\nЗа да разрешите поддръжката на 48-бит LBA, добавете стойността 'EnableBigLba' към ключа в регистрите HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nЗа повече информация, погледнете http://support.microsoft.com/kb/305098 + Грешка: Файлове по-големи от 4 GB не могат да бъдат съхранявани на FAT32 файлова система. За това, VeraCrypt файл-контейнери съхранявани върху FAT32 файлова система не могат да бъдат по-големи от 4 GB.\n\nАко се нуждаете от по-голям том, създайте го на NTFS файлова система (или, ако използвате Windows Vista SP1 или по-късна версия, на exFAT файлова система) или вместо да създавате файл-контейнер, криптирайте цял дял или устройство. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + ВНИМАНИЕ: Ако желаете за напред да можете да добавяте повече данни/файлове във външния том, трябва да изберете по-малък размер за скрития том.\n\nСигурни ли сте, че желаете да продължите с указания размер? + Не е избран том.\n\nНатиснете 'Устройство' или 'Файл' за да изберете VeraCrypt том. + Не е избран дял.\n\nНатиснете 'Устройство' за да изберете демонтиран дял, който нормално изисква pre-boot автентикация (например, дял разположен върху криптираното системно устройство на друга операционна система, която не е стартирана, или криптирания системен дял на друга операционна система).\n\nЗабележка: Избраният дял ще бъде монтиран като обикновен VeraCrypt том без pre-boot автентикация. Това е полезно, например при архивиране (backup) или операции за поправка. + ВНИМАНИЕ: Ако ключ-файлове по подразбиране са настроени и разрешени, томове които не използват тези ключ-файлове няма да могат да се монтират. По тази причина, след като разрешите ключ-файлове по подразбиране, имайте предвид да махнете отметката 'Ключ-файлове' (под полето за въвеждане на парола) когато монтирате такива томове.\n\nСигурни ли сте, че желаете да запазите избраните ключ-файлове/пътищата като такива по подразбиране? + Авто-монтиране на устройствата + Демонтиране на всички + Изчистване на кеша + Демонтиране на всички & Заличаване на кеша + Принудително демонтиране на всички & Заличаване на кеша + Принудително демонтиране на всички, Заличаване на кеша & Изход + Монтиране на любимите томове + Показване/Скриване на главния прозорец на VeraCrypt + (Кликнете тук и натиснете клавиш) + Действие + Клавиш + Грешка: Тази клавишна комбинация е запазена. Моля изберете друга клавишна комбинация. + Грешка: Клавишната комбинация вече се използва. + ВНИМАНИЕ: Един или повече VeraCrypt системни клавиши няма да работят!\n\nМоля, убедете се, че други приложения и операционната система не използват същия клавиш(и) като VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + Грешка или несъвместимост пречат на VeraCrypt да криптира хибернационния файл. Затова хибернацията е изключена.\n\nЗабележка: Когато компютър премине в режим на хибернация (или енергоспестяващ режим), съдържанието на системната памет се записва в хибернационен файл намиращ се на системното устройство. VeraCrypt няма да може да предотврати некриптиран запис в хибернационния файл на ключове за криптиране и съдържанието на важни файлове отворени в RAM паметта. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + ВНИМАНИЕ: Ако изключите тази опция, томовете съдържащи отворени файлове/директории няма да могат да бъдат авто-демонтирани.\n\nСигурни ли сте, че желаете да изключите тази опция? + ВНИМАНИЕ: Томове съдържащи отворени файлове/директории НЯМА да бъдат авто-демонтирани.\n\nЗа да предотвратите това, включете следните опции в този диалогов прозорец: 'Принудително авто-демонтиране дори ако тома съдържа отворени файлове или директории' + ВНИМАНИЕ: При силно изтощена батерията на лаптоп, Windows може да не успее да изпрати съответните съобщения до работещите програми когато компютъра преминава в енергоспестяващ режим. В такъв случай VeraCrypt може да не успее да демонтира томовете. + Задали сте процес на криптиране на дял/устройство. Процеса все още не е приключил.\n\nЖелаете ли да продължите процеса сега? + Били сте задали процес на криптиране или декриптиране на системният дял/устройство. Процесът все още не е бил завършен.\n\nЖелаете ли да стартирате (продължите) процеса сега? + Желаете ли да ви бъде напомняно дали желаете да продължите текущо зададен процес на криптиране на несистемни дялове/томове? + Да, желая да ми се напомня + Не, не желая да ми се напомня + ВАЖНО: Помнете, че можете да продължите процеса на криптиране на който да било несистемен дял/том като изберете 'Томове' > 'Продължаване на прекъснат процес' от менюто на главния прозорец на VeraCrypt. + Били сте задали процес на криптиране или декриптиране на системният дял/устройство. Както и да е, pre-boot автентикацията е неуспешна (или е била подмината).\n\nЗабележка: Ако сте декриптирали системния дял/устройство в pre-boot средата, може да трябва да завършите процеса като изберете 'Система' > 'Декриптиране на системния дял/устройство за постоянно' от менюто на главния прозорец на VeraCrypt. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Изход? + VeraCrypt няма достатъчно информация за да реши дали да криптира или декриптира. + VeraCrypt няма достатъчно информация за да реши дали да криптира или декриптира.\n\nЗабележка: Ако сте декриптирали системния дял/устройство в pre-boot средата, може да трябва да завършите процеса като изберете Декриптиране. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Желаете ли да прекъснете и отложите процеса на криптиране на дяла/тома?\n\nЗабележка: Помнете, че томът не може да бъде монтиран докато не е криптиран напълно. Ще можете да продължите процеса на криптиране и той ще продължи от мястото, където е бил спрян. Можете да направите това, например като изберете 'Томове' > 'Продължаване на прекъснат процес' от менюто на главния прозорец на VeraCrypt. + Желаете ли да прекъснете и отложите процеса на криптиране на системният дял/устройство?\n\nЗабележка: Ще можете да продължите процеса и той ще продължи от точката, в която е бил прекъснат. Можете да направите това, например, като изберете 'Система' > 'Продължаване на прекъснат процес' от менюто на главния прозорец на VeraCrypt. Ако желаете за постоянно да прекратите или да върнете процеса на криптиране, изберете 'Система' > 'Декриптиране на системния дял/устройство за постоянно'. + Желаете ли да прекъснете и отложите процеса на декриптиране на системният дял/устройство?\n\nЗабележка: Ще можете да продължите процеса и той ще продължи от точката, в която е бил прекъснат. Можете да направите това, например, като изберете 'Система' > 'Продължаване на прекъснат процес' от менюто на главния прозорец на VeraCrypt. Ако желаете да върнете процеса на декриптиране (и да започнете да криптирате), изберете 'Система' > 'Криптиране на системен дял/устройство'. + Грешка: Неуспешен опит за прекъсване на процеса на криптиране/декриптиране на системен дял/устройство. + Грешка: Неуспешен опит за прекъсване на процеса на заличаване. + Грешка: Неуспешен опит за продължаване на процеса на криптиране/декриптиране на системен дял/устройство. + Грешка: Неуспешен опит за стартиране на процеса на заличаване. + Проблем с неконсистентност е решен.\n\n\n(Ако докладвате бъг във връзка с това, моля включете следната техническа информация в доклада за бъга: %hs) + Грешка: Неочаквано състояние.\n\n\n(Ако докладвате за проблем във връзка с това, моля включете следната техническа информация в доклада:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + ВНИМАНИЕ: Фоновият процес на VeraCrypt е забранен. След като затворите VeraCrypt, няма да има нотификация в случай, че е предовратена повреда в скрития том.\n\nЗабележка: Можете да спрете фоновата задача по всяко време като натиснете десен бутон върху VeraCrypt системната иконата и изберете 'Изход'.\n\nДа се включи ли фоновият процес на VeraCrypt? + Версия на езиковия пакет: %s + Проверка на файловата система на VeraCrypt тома монтиран като %s... + Опит да се поправи файловата система на VeraCrypt тома монтиран като %s... + Внимание: Този том е криптиран с остарял криптиращ алгоритъм.\n\nВсички криптиращи алгоритми с 64-битов блок (като Blowfish, CAST-128, или Triple DES) са остарели. Монтирането на този том с помощта на бъдещи версии на VeraCrypt ще бъде възможно. както и да е, няма да има бъдещи разширения в реализацията на тези остарели криптиращи алгоритми. Препоръчваме ви да създадете нов VeraCrypt том криптиран с криптиращ алгоритъм с 128-битов блок (като AES, Serpent, Twofish, и др.) и да преместите всички файлове от този том в новия том. + Вашата система не е конфигурирана за авто-монтиране на нови томове. Може да е невъзможно да се монтира VeraCrypt том, който е устройство. Авто-монтирането може да се разреши като се изпълни следната команда и се рестартира системата.\n\nmountvol.exe /E + Моля, задайте буква за дяла/устройството преди да продължите ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nЗабележете, че това е изискване на операционната система. + Монтиране на VeraCrypt том + Демонтиране на всички VeraCrypt томове + VeraCrypt не успява да получи администрароски права. + Достъпът е отказан от операционната система.\n\nВероятна причина: Операционната система изисква да имате права за четене/запис (или администраторски права) за конкретни директории, файлове, и устройства, за да ви бъде разрешено да четете и записвате данни от/в тях. Нормално, на потребител без администраторски права му е разрешено да създава, чете и променя файлове в неговата Documents директория. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + Boot Loader-ът на VeraCrypt изисква поне 32 KБайта свободно пространство в началото на системното устройство (Boot Loader-ът на VeraCrypt трябва съхранен в тази зона). За съжаление, вашето устройство не изпълнява тези условия.\n\nМоля, НЕ докладвайте това като бъг/проблем в VeraCrypt. За да решите този проблем, ще трябва да преразделите вашия диск и да оставите първите 32 KБайта от диска свободни (в повечето случаи, ще трябва да изтриете и създадете на ново първият дял). Препоръчваме ви да използвате Microsoft partition manager, който е на разположение т.е. когато инсталирате Windows. + Функционалността не се поддържа от версията на операционната система, която използвате в момента. + VeraCrypt не поддържа криптиране на системен дял/устройство на версията на операционната система, която използвате в момента. + Преди да можете да криптирате системния дял/устройство на Windows Vista, трябва да инсталирате Service Pack 1 (или по-късна версия) за Windows Vista (на тази система все още няма инсталиран такъв Service Pack).\n\nЗабележка: Service Pack 1 за Windows Vista разрешава проблем причиняващ недостиг на свободна памет по време на зараждане на системата. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Вашето системно устройство има GUID таблица на дяловете (GPT). За момента се поддържат само устройства с MBR таблица на дяловете. + ВНИМАНИЕ: VeraCrypt Boot Loader-ът вече е инсталиран на вашето системно устройство!\n\nВъзможно е друга система на вашия компютър да е вече криптирана.\n\nВНИМАНИЕ: ПРОДЪЛЖАВАНЕТО С КРИПТИРАНЕТО НА СТАРТИРАНАТА В МОМЕНТА СИСТЕМА МОЖЕ ДА НАПРАВИ НЕВЪЗМОЖНО СТАРТИРАНЕТО НА ДРУГА СИСТЕМА(И) И СЪОТВЕТНИТЕ ДАННИ НЕДОСТЪПНИ.\n\nСигурни ли сте, че желаете да продължите? + Неуспешен опит за възстановяване на оригиналния system loader.\n\nМоля, използвайте вашият VeraCrypt Спасителен Диск ('Repair Options' > 'Restore original system loader') или Windows инсталационен носител за да подмените VeraCrypt зареждащата програма (Boot Loader) със Windows system loader. + Оригиналният system loader няма да бъде съхранен на Спасителния Диск (вероятна причина: липсващ архивен (backup) файл). + Неуспешен опит за запис върху MBR сектора.\n\nМоже би вашият BIOS е конфигуриран да предпазва MBR сектора. Проверете настройките на вашия BIOS (натиснете F2, Delete, или Esc, веднага след включване на вашия компътър) за MBR/антивирус защита. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + Необходимата версия на VeraCrypt Boot Loader в момента не е инсталирана. Това може да попречи на някои от настройките да бъдат съхранени. + Забележка: В някои случаи, може да иската да попречите на някого (неприятел) да разбере че използвате VeraCrypt, докато ви гледа когато стартирате компютъра. По-горната опция ви позволява да направите това като промените екрана на VeraCrypt зареждащата програма (boot loader). Ако разрешите първата опция, зареждащата програма няма да показва никакъв текст (дори когато въведете грешна парола). Компютърът ще изглежда като "неработещ", но в същото време можете да въведете паролата си. В допълнение на това, може да бъде показано съобщение по ваше желание с цел да заблуди неприятеля. Например, фалшиви съобщения за грешка, като "Missing operating system" ("Липсва операционна система"), което обикновено се показва от зареждащата програма (boot loader) на Windows ако не е намерен Windows зареждащ (boot) дял. Все пак е важно да се знае, че ако неприятелят може да анализира съдържанието на твърдия диск, ще открие, че съдържа VeraCrypt зареждащата програма (boot loader). + ВНИМАНИЕ: Моля, помнете, че ако разрешите тази опция, VeraCrypt зареждащата програма (boot loader) няма да показва никакви текстове (дори когато въведете грешна парола). Компютърът ще изглежда като "неработещ" (нереагиращ), но в същото време можете да въведете паролата си (курсора НЯМА да се движи и няма да се появяват звездички (*) когато натискате клавиши).\n\nСигурни ли сте, че желаете да разрешите тази опция? + Изглежда, че вашият системен дял/устройство е напълно криптиран. + VeraCrypt не поддържа криптиране на системно устройство, което е било конвертирано като динамичен диск. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Желаете ли да криптирате системният дял вместо цялото устройство?\n\nЗабележете, че можете да създадете VeraCrypt томове съхранявани като дял, във всеки не-системен дял на устройството (в допълнение на криптирането на системния дял). + Тъй като, вашето системно устройство съдържа само един единствен дял, който заема цялото устройство, за предпочитане е (по-сигурно) да криптирате цялото устройство включирвлно и свободното "неприкрепено" пространство, което обикновено заобикаля такъв дял.\n\nЖелаете ли да криптирате цялото системно устройство? + Вашата система е конфигурирана да съхранява временни файлове върху несистемен дял.\n\nВременни файлове могат да се съхраняват само върху системния дял. + Вашите файлове с потребителски профили не се съхраняват върху системния дял.\n\nФайлове с потребителски профили могат да се съхраняват само върху системния дял. + Има странициращ (paging) файл(ове) върху несистемни дялове.\n\nСтранициращи файлове могат да се разполагат само върху системния дял. + Желаете ли сега да конфигурирате Windows така, че да създава странициращи (paging) файлове само върху Windows дяла?\n\nИмайте предвид, че ако натиснете 'Да', компютърът ще бъде рестартиран. След това стартирайте VeraCrypt и отново опитайте да създадете скритата операционна система. + В противен случай, правдоподобната отказваемост на скритата операционна система може да бъде засегната неприятно.\n\nЗабележка: Ако неприятел анализира съдържанието на такива дайлове (намиращи се на несистемен дял), може да открие, че сте използвали този помощник в режим за създаване на скрита операционна система (което може да подскаже за съществуването на скрита операционна система на вашия компютър). Също така имайте предвид, че по време на процеса на създаване на скритата операционна система, VeraCrypt необратимо ще изтрие всички подобни файлове съхранявани върху системния дял. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Внимание: Има неразпределено пространство между системния дял и първия дял след него. След като създадете скритата операционна система, не трябва да създавате нови дялове в това неразпределено пространство. В противен случай, няма да бъде възможно да се стартира скритата операционна система (докато не изтриете такива новосъздадени дялове). + За момента този алгоритъм не се поддържа з системно криптиране. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + За сега ключ-файлове не се поддържат за системно криптиране. + Внимание: VeraCrypt не може да възстанови оригиналната подредба на клавиатурата. Заради това може да въведете някоя парола грешно. + Грешка: Подредбата на клавиатурата за VeraCrypt не може да се зададе да бъде стандартна US клавиатурна подредба.\n\nЗабележете, че паролата трябва да бъде въведена в pre-boot средата (преди стартирането на Windows), където не-US Windows клавиатурни подредби не са достъпни. Поради тази причина, паролата винаги трябва да бъде въвеждана, като се използва стандартна US клавиатурна подредба. + Тъй като VeraCrypt временно е сменил клавиатурната подредба на стандартна US клавиатурна подредба, не е възможно да въвеждате символи чрез натискане на клавиши докато десният Alt клавиш е задържан натиснат. Както и да е, можете да въвеждате повечето такива символи, като натискате съответните клавиши докато Shift клавиша е задържан натиснат. + VeraCrypt предотврати смяна на клавиатурната подредба. + Бележка: Паролата трябва да бъде въведена в pre-boot средата (преди стартирането на Windows), където не-US Windows клавиатурна подредба не е достъпна. Поради това, паролата винаги трябва да бъде въвеждане, като се използва стандартн US клавиатурна подредба. Както и да е, важно е да знаете, че НЕ ви е необходима истинска US клавиатура. VeraCrypt автоматично се уверява в това, че можете безопасно да въведете паролата (точно сега и в pre-boot средата), дори ако НЯМАТЕ истинска истинска US клавиатура. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + ВНИМАНИЕ: Ако вече сте създали VeraCrypt Спасителен Диск преди време, той не може да се преизползва за това системно устройство/дял, защото е създаден за различен главен ключ! Всеки път когато криптирате системно устройство/дял, трябва да създавате нов VeraCrypt Спасителен Диск за него дори ако използвате същата парола. + Грешка: Настройките на системното криптиране не могат да бъдат записани. + Не може да се стартира предварителния тест на системното криптиране. + Не може да се инициализира процеса на създаване на скритата операционна система. + Режим на заличаване + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + Никакъв (най-бързо) + 1-пасов (случайни данни) + 3-пасов (US DoD 5220.22-M) + 7-пасов (US DoD 5220.22-M) + 35-пасов ("Gutmann") + 256-пасов + Брой операционни системи + ВНИМАНИЕ: Начинаещи потребители никога не трябва да опитват да криптират Windows в multi-boot конфигурации.\n\nПродължаване? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Boot устройство + Текущо стартираната операционна система на boot устройство ли е инсталирана?\n\nЗабележка: Понякога, Windows не е инсталиран на същото устройство, където е Windows boot loader (boot дял). Ако случаят е такъв, изберете 'Не'. + За момента VeraCrypt не поддържа криптиране на операционна система, която не стартира от устройството, на което е инсталирана. + Брой системни устройства + Колко устройства съдържат операционни системи?\n\nЗабележка: Примерно, ако имате някаква операционна система (например Windows, Mac OS X, Linux, и т.н.) инсталирана на вашето първично устройство и някаква друга операционна система инсталирана на вашето вторично устройство, изберете '2 или повече'. + За момента VeraCrypt не поддържа криптиране на цяло устройство, което съдържа няколко операционни системи.\n\nВъзможни решения:\n\n- Все още можете да криптирате една от системите, ако се върнете назад и изберете криптиране на системен дял (а не на цялото системно устройство).\n\n- Алтернативно, ще можете да криптирате цялото устройство, ако преместите някои от системите на други устройства, така че да оставите само една система на устройството, което искате да криптирате. + Няколко системи на едно устройство + Има ли други операционни системи, инсталирани на устройството, на което стартираната в момента операционна система е инсталирана?\n\nЗабележка: Примерно, ако стартираната в момента операционна система е инсталирана на устройство #0, което съдържа няколко дяла, и ако един от дяловете съдържа Windows и друг дял съдържа някаква друга операционна система (например Windows, Mac OS X, Linux, и т.н.), изберете 'Да'. + Не-Windows Boot Loader + Инсталирана ли е не-Windows boot зареждаща програма (или boot мениджър) в главния boot запис (MBR)?\n\nЗабележка: Например, ако първата писта на boot устройството съдържа GRUB, LILO, XOSL, или някой друг не-Windows boot мениджър (или boot зареждаща програма), изберете 'Да'. + Multi-Boot + За момента VeraCrypt не поддържа multi-boot конфигурации, където не-Windows boot loader е инсталиран в Master Boot Record.\n\nВъзможни решения:\n\n- Ако използвате boot мениджър за да стартирате Windows и Linux, преместете boot мениджъра (най-често, GRUB) от Master Boot Record в дял. След това стартирайте този помощник отново и криптирайте системния дял/устройство. Забележете, че VeraCrypt Boot Loader ще стане вашият първичен boot мениджър и ще ви позволи да стартирате оригиналния boot мениджър (например GRUB), като ваш вторичен boot мениджър (като натиснете Esc в екрана на VeraCrypt Boot Loader) и по този начин ще можете да стартирате Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + Откриване на скрити сектори + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + Зона за криптиране + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Събиране на случайни данни + Ключовете са генерирани + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Запис на Спасителен Диск + Спасителният Диск е създаден + Предварителен тест на системното криптиране + Спасителният Диск е проверен + \nVeraCrypt Спасителният Диск е проверен успешно. Моля, извадето го от устройството и го съхранявайте на сигурно място.\n\nНатиснете Напред за да продължите. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + Внимание: Поради технически ограничения в pre-boot средата, текстовете показвани от VeraCrypt в pre-boot средата (т.е. преди Windows да стартира) не могат да бъдат преведени. Потребителският интерфейс на VeraCrypt Boot Loader е изцяло на английски.\n\nПродължаване? + Преди да криптира вашия системен дял или устройство, VeraCrypt трябва да провери дали всичко работи правилно.\n\nСлед като натиснете Тест, всички необходими компоненти (например, компонента за pre-boot автентикация, т.е. VeraCrypt Boot Loader) ще бъдат инсталирани и вашият компютър ще бъде рестартиран. Тогава ще трябва да въведете вашата парола в екрана на VeraCrypt Boot Loader, който ще се появи преди Windows да стартира. След като Windows стартира, автоматично ще бъдете информирани за резултатите от този предварителен тест.\n\nСледните устройства ще бъдат променени: Устройство #%d\n\n\nАко натиснете Отказ сега, нищо няма да бъде инсталирано и предварителния тест няма да бъде изпълнен. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Предварителният тест е завършен + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + Желаете ли да прекратите предварителният тест на системното криптиране? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + Изглежда, че системният дял/устройство не е криптиран (нито частично, нито изцяло). + Вашият системен дял/устройство е криптиран (частично или изцяло).\n\nМоля, декриптирайте вашият системен дял/устройство изцяло преди да продължите. За да направите това, изберете 'Система' > 'Декриптиране на системния дял/устройство за постоянно' от менюто на гавния процорез на VeraCrypt. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + В момента вашият системен дял/устройство се криптира, декриптира, или изобщо се модифицра. Моля, прекъснете процеса на криптиране/декриптиране/модификация (или изчакайте докато приключи) преди да продължите. + В момента има стартиран VeraCrypt помощник за създаване на томове, който извършва или подготвя криптиране/декриптиране на системния дял/устройство. Преди да продължите, моля, изчакайте го да свърши или го затворете. Ако не можете да го затворите, моля, рестаритрайте вашия компютър преди да продължите. + Процеса на криптиране или декриптиране на дял/устройство не е завършен. Моля, изчакайте докато завърши, преди да продължите. + Грешка: Процеса на криптиране на дял/устройство не е завършен. Първо трябва да бъде завършен. + Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + Грешка: Неправилен/невалиден параметър. + Избрали сте дял или устройство, но режима на помощника, който сте избрали е подходящ само за файл-контейнери.\n\nЖелаете ли да смените режима на помощника? + Желаете ли да създадете VeraCrypt файл-контейнер вместо това? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Сигурни ли сте, че желаете да декриптирате системният дял/устройство за постоянно? + ВНИМАНИЕ: Ако декриптирате системният дял/устройство за постоянно, некриптирани данни ще бъдат записани върху него.\n\nНаистина лис те сигурни, че желаете да декриптирате системният дял/устройство за постоянно? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + Ако ви се случат някои от вече описаните проблеми, декриптирайте дяла/устройството (ако е криптиран) и и опитайте да го криптирате отново, каот използвате не-каскаден криптиращ алгоритъм (т.е. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + VeraCrypt Boot Loader е обновен.\n\nСилно се препоръчва да създадете нов VeraCrypt Спасителен Диск (който ще съдържа новата версия на VeraCrypt Boot Loader) като изберете 'Система' > 'Създаване на Спасителен Диск' след като рестартирате вашия компютър. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Неуспешен опит за обновяване на VeraCrypt Boot Loader. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + ВНИМАНИЕ: Изглежда, че VeraCrypt вече е опитал да открие скрити сектори на това системно устройство. Ако сте срещнали някакви проблеми по време на предишния процес на откриване, можете да избегнете проблемите, като сега прескочите откриването на скрити сектори. Имайте предвид, че ако го направите, VeraCrypt ще използва размера докладван от операционната система (който може да е по-малък от реалния размер).\n\nИмайте предвид, че този проблем не е причинен от бъг в VeraCrypt. + Прескачане на откриването на скрити сектори (използване на размера докладван от операционната система) + Нов опит за откриване на скрити сектори + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Спасителен Диск + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Тест + Ключ-файл (КФ) + Backspace + Tab + Clear + Enter + Pause + Caps Lock + Spacebar + Page Up + Page Down + End + Home + Left Arrow + Up Arrow + Right Arrow + Down Arrow + Select Key + Print Key + Execute Key + Print Screen + Insert + Delete + Applications Key + Sleep + Num Lock + Scroll Lock + Browser Back + Browser Forward + Browser Refresh + Browser Stop + Browser Search + Browser Favorites + Browser Home + Mute + Volume Down + Volume Up + Next Track + Previous Track + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Application 1 + Application 2 + Attn + CrSel + ExSel + Play + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.ca.xml b/Translations/Language.ca.xml index 48d11633..c2b5273e 100644 --- a/Translations/Language.ca.xml +++ b/Translations/Language.ca.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Cancel·lar - Instal·lar &per tots els usuaris - Exa&minar... - Afegir l'icona del VeraCrypt a l'&escriptori - Donate now... - Associar l'&extensió de fitxers .hc al VeraCrypt - Obre la ubicació de destí en acabar - Afegir el VeraCrypt al menú d'&inici - Crear un punt de &restauració de sistema - &Desinstal·lar - &Extreure - &Instal·lar - Assistent d'instal·lació de VeraCrypt - Desinstal·lar VeraCrypt - &Ajuda - Si us plau seleccioni o escrigui la ubicació on desitja extreure els fitxers: - Si us plau seleccioni o escrigui la ubicació on desitja instal·lar els fitxers de VeraCrypt. Si la carpeta especificada no existeix, es crearà automàticament. - Faci clic a Desinstal·lar per eliminar VeraCrypt del sistema. - Aturar - Provar &rendiment - &Vector de prova - Crear un volum xifrat i donar-li format - Xifrar la partició in situ - Veure les claus generades (les seves parts) - Mostrar el contingut - Descarregar un programa de gravació de CD/DVD - Crear un contenidor de fitxers xifrats - &GB - &TB - Més informació - Volum &ocult - Més informació sobre els volums ocults - Mètode directe - Mètode normal - &KB - &Usar fitxers de claus - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - Fitxers de &claus... - Més informació - Més informació - Information on PIM - &MB - Més informació - Més informació sobre els algorismes de xifrat - Més informació - Arrancada múltiple - Xifrar una partició/unitat que no és de sistema - &No guardar l'historial - Obrir el volum extern - &Pausar - Use P&IM - Use PIM - Format ràpid - &Veure contrasenya - &Veure contrasenya - &Display PIM - Arrencada simple - Volum normal - &Ocult - Normal - Xifrar la partició de sistema o un disc sencer - Xifrar la partició de sistema de Windows - Xifrar el disc sencer - Assistent de creació de volums VeraCrypt - Clúster - IMPORTANT: Mogui el seu ratolí tant aleatòriament com pugui en aquesta finestra. Com més el mogui, millor. Això incrementarà significativament la força de les claus de xifrat. Després faci clic a Següent per continuar. - &Confirmar: - Fet - Drive letter: - Algorisme de xifrat - Sistema de fitxers - Crea un disc virtual xifrat dins d'un fitxer. Recomanat per a usuaris inexperts. - Opcions - Algorisme de hash - Capçalera: - Falten - Clau mestra: - Seleccioni aquesta opció si hi ha dos o més sistemes operatius instal·lats en aquest ordinador.\n\nPer example:\n- Windows XP i Windows XP\n- Windows XP i Windows Vista\n- Windows i Mac OS X\n- Windows i Linux\n- Windows, Linux i Mac OS X - Xifra una partició de dades o un disc intern o extern (i. g. un llapis de memòria). Opcionalment, crea un volum ocult. - Contingut (parcial) actual - Passat - Contrasenya: - Volume PIM: - Volume PIM: - Progrés: - Contingut aleatòri: - Seleccioni aquesta opció si nomhés hi ha un sistema operatiu instal·lat en aquest ordinador (encara que tingui més d'un usuari). - Velocitat - Estat - Les claus i la resta de dades s'han generat satisfactòriament. Si vol generar unes noves claus, faci clic a Enrere i després a Següent. Si no, faci clic a Següent per continuar. - Xifrar la partició/unitat on hi ha el sistema operatiu instal·lat. Tothom que vulgui accedir i utilitzar el sistema, llegir i escriure fitxers, etc., haurà d'introduïr la contrasenya cada vegada que s'inicii el Windows. Opcionalment, crea un sistema ocult. - Seleccioni aquesta opció per xifrar la partició on hi ha instal·lat el sistema operatiu Windows actual. - Volume Label in Windows: - Tipus de neteja: - Tancar - Permet saltar-se l'&autenticació abans d'arrencar prement la tecla Esc (activa el gestor d'arrencada) - No fer res - Muntar &automàticament el volum VeraCrypt (especificat a sota) - &Engegar VeraCrypt - Dectectar automàticament - Guardar la contrasenya de prearrencada a la memòria del controlador (per muntar volums simples) - Examinar... - Examinar... - &Recordar contrasenyes i fitxers de claus - Sortir quan no hi hagi volums muntats - Tancar la sessió del testimoni després de muntar un volum - Include VeraCrypt Volume Expander - Inclou l'assistent de creació de volums VeraCrypt - Crear - C&rear un volum - No &mostris cap text a la pantalla d'autenticació abans d'arrencar (excepte el missatge personalitzat de sota) - Disable "Evil Maid" attack detection - Accelerar les operacions de xifratge fent servir les instruccions del processador (si és possible) - Utilitzar fitxers de claus - Utilitzar fitxers de claus - &Sortir - Ajuda sobre els volums favorits - Evitar muntar el volum seleccionat quan s'utilitzi la &drecera de teclat 'Muntar volums favorits' - Muntar el volum seleccionat quan es &connecti el seu disc contenidor - Muntar el volum seleccionat a l'iniciar la sessió - Muntar el volum seleccionat en mode només lectura - Muntar el volum seleccionat com a mitjà e&xtraïble - Moure a&vall - Moure &amunt - Obir una &finestra del volum seleccionat quan es munti amb èxit - &Eliminar - Use favorite label as Explorer drive label - Configuració global - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Majúscules - Win - Assignar - Eliminar - Seleccionar... - No utilitzar el següent número de processadors per xifrar/desxifrar: - Més informació - Més informació - Més opcions... - Munt&ar dispositius - Opci&ons... - Muntar el volum en mode &només lectura - Seleccionar... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Activat - Guardar contrasenyes al controlador - Desmuntar el volum automàticament quan no s'hi llegeixi/escrigui durant - L'usuari tanqui la sessió - User session locked - S'entri en el mode d'estalvi d'energia - S'activi el protector de pantalla - Forçar el desmuntatge automàtic encara que el volum tingui fitxers o directoris oberts - Muntar tots els volums de dispositiu - Engega VeraCrypt en segon pla - Muntar els volums en mode només lectura - Muntar els volums com a mitjans extraïbles - Obrir una finestra pels volums muntats satisfactòriament - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Oblidar les contrasenyes guardades quan es desmunti automàticament - Oblidar les contrasenyes guardades al sortir - Preservar la data i hora de modificació dels contenidors d'arxius - Per defecte - Triar &dispositiu... - &Triar fitxer... - Buscar &biblioteca... - Veure contrasenya - Veure contrasenya - Obrir una finestra de l'&exporador pel volum muntat - Guardar contrassenyes a la memòria del controlador - TrueCrypt Mode - &Desmuntar-ho tot - Propietats del &volum... - &Eines de volum... - &Buidar la memòria cau - VeraCrypt - Mount Parameters - VeraCrypt - Volums favorits - VeraCrypt - Dreceres de teclat - VeraCrypt - Canviar la contrasenya o els fitxers de claus - Introdueixi la contrasenya del volum VeraCrypt - VeraCrypt - Opcions de rendiment - VeraCrypt - Preferències - VeraCrypt - Opcions de xifratge del sistema - VeraCrypt - Preferències dels testimonis de seguretat - Configuració del disc de viatge VeraCrypt - Propietats del volum VeraCrypt - Sobre el VeraCrypt... - Afegir/Esborrar fitxers de claus a/desde un volum... - Afegir el volum muntat a favorits... - Afegir als volums favorits del sistema... - Analitzar aturades del sistema... - Fer còpia de seguretat de la capçalera... - Prova de rendiment... - Algorisme de derivació de la clau de la capçalera... - Canviar la contrasenya del volum... - Algorisme de derivació de la clau de la capçalera... - Canviar contrasenya... - Esborrar l'historial de volums - Tancar totes les sessions de testimonis de seguretat - Contacte... - Crear un sistema operatiu ocult... - Crear un disc de recuperació... - Crear un volum nou... - Permanently Decrypt... - Fitxers de claus per defecte... - Default Mount Parameters... - Donate now... - Xifrar la partició/unitat del sistema... - Preguntes més freqüents - Guia d'usuari - &Pàgina principal - Dreceres de teclat... - Generador de fitxers de claus - Idioma... - Notes legals - Gestionar els fitxers de claus de testimonis... - Muntar tots els volums de dispositiu - Muntar els volums favorits - Muntar sense l'&autenticació prearrencada... - Muntar el volum - Muntar el volum amb opcions - Noticies - Ajuda en línia - Tutorial per a principiants - Organitzar els volums favorits... - Organitzar els volums favorits del sistema... - Rendiment... - Desxifrar la partició/unitat del sistema permanentment - Preferències... - Actualitzar les lletres d'unitat - Esborrar tots els fitxers de claus d'un volum... - Restaurar la capçalera... - Continuar una tasca interrompuda - Selecionar un dispositiu... - Seleccionar un fitxer... - Continuar una tasca interrompuda - Xifratge del sistema... - Propietats... - Configuració... - Volums favorits del sistema... - Descàrregues - Vectors de prova... - Testimonis de seguretat... - Crear un disc de viatge... - Desmuntar tots els volums - Desmuntar el volum - Verificar el disc de recuperació - Verify Rescue Disk ISO Image - Historial de versions - Volume Expander - Propietats del volum - Assistent de creació de volums - Lloc web de VeraCrypt - Oblidar les contrasenyes guardades - OK - Acceleració per maquinari - Drecera de teclat - Configuració d'inici automàtic (autorun.inf) - Desmuntar automàticament - Desmuntar-ho tot quan: - Opcions de la pantalla de gestió d'arrencada - Confirmació: - Actual - Mostrar aquest missatge personalitzat a la pantalla d'autenticació prearrencada (com a màxim 24 caràcters): - Opcions de muntatge per defecte - Opcions de les dreceres de teclat - Driver Configuration - Enable extended disk control codes support - Etiqueta del volum seleccionat: - Configuració dels fitxers - Tecla a assignar: - Processor (CPU) in this computer supports hardware acceleration for AES: - Accions a realitzar després d'iniciar sesió - minuts - Muntar a la unitat: - Opcions de muntatge - Nova - Contrasenya: - Paral·lelització per fils - Ubicació de la biblioteca PKCS #11 - PKCS-5 PRF: - PKCS-5 PRF: - Recordar contrasenyes - Opcions de seguretat - VeraCrypt en segon pla - Volum VeraCrypt a muntar (ruta relativa al directori arrel del disc): - Després d'inserir el disc de viatge: - Crear els fitxers del disc de viatge a (directori arrel del disc de viatge): - Volum - Finestres - Afegir &ruta... - Provar &algorismes - &Continuar - &Desxifrar - E&sborrar - &Xifrar - E&xportar... - Generar i guardar el fitxer de claus... - &Generar un fitxer de claus aleatòri... - Descarregar paquet d'idioma - AES accelerat per maquinari: - &Importar fitxer de claus al testimoni... - Afegir &fitxers... - U&ititzar fitxer de claus - Fitxer de &claus... - &Esborrar - Esborrar-los &tots - Què és la protecció de volums ocults? - Més informació - Muntar el volum com a mitjà extraïble - M&untar la partició de sistema amb el xifrat sense autenticació prearrencada - Paral.lelització: - Executar prova - Im&rimir - &Protegir el volum ocult de danys causat per l'escriptura a un volum extern - &Reiniciar - &Veure contrasenya - Afegir &testimonis... - Utilitzar la còpia de seguretat de la capçalera inclosa al &volum si està disponible - mode XTS - Sobre el VeraCrypt - VeraCrypt - Prova de rendiment d'algorismes de xifrat - VeraCrypt - Vectors de prova - Ajuda de línia de comandes - VeraCrypt - Fitxers de claus - VeraCrypt - Generador de fitxers de claus - VeraCrypt - Idioma - VeraCrypt - Opcions de muntatge - Propietats del nou fitxer de claus del testimoni - VeraCrypt - Generador aleatòri - Seleccioni una partició o un dispositiu - VeraCrypt - Fitxers de claus del testimonis - És necessari el PIN/contrasenya del testimoni - Paquet d'idioma actual - La velocitat es veu afectada per la càrrega a la CPU i les característiques de les unitats d' emmagatzematge.\n\nAquestes proves es dúen a terme a la memòria RAM. - Ús de memòria: - Tipus de xifrat: - &Contrasenya del volum ocult: - Protecció de volums ocults - Mida del volum: - IMPORTANT: Mogui el seu ratolí tant aleatòriament com pugui en aquesta finestra. Com més el mogui, millor. Això incrementarà significativament la força de les claus de xifrat. - ATENCIÓ: Si perd un fitxer de claus o si canvia algun dels seus primers 1024 kilobytes, serà impossible de muntar els volums que utilitzin aquest fitxer de claus! - bits - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Traduït per: - Mida del text pla: - bits - Contingut actual - Tipus de PRF: - IMPORTANT: Mogui el seu ratolí tant aleatòriament com pugui en aquesta finestra. Com més el mogui, millor. Això incrementarà significativament la seguretat. Després faci clic a 'Següent' per continuar.. - Clau secundària (hexadecimal) - Testimoni de seguretat: - Mètode d'ordenació: - Si us plau, esperi. Aquest procés pot trigar molt de temps... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Número de bloc: - Text xifrat (hexadecimal) - número de dades per unitat (La mida per a 64-bit hexadecimal és 512 bytes) - Clau (hexadecimal) - Text pla (hexadecimal) - Fitxer de claus: - mode XTS - &Sistema - &Volums - &Favorits - &Eines - &Configuració - &Ajuda - Lloc &web - - &Sobre... - No s'ha pogut canviar l'atribut de 'només lectura' al volum antic. Si us plau, revisi els permisos del fitxer. - Error: S'ha denegat l'accés.\n\nLa partició a la que s'intenta accedir té una mida de 0 sectors o és la unitat d'arranc. - Administrador - Per carregar el controlador VeraCrypt és necessari que entri al sistema amb un compte amb privilegis d'administrador. - Si us plau, tingui en compte que per xifrar/desxifrar/donar format a una partició/unitat és necessari que s'utilitzi un compte d'usuari amb privilegis d'administrador.\n\nAixò no s'aplica als volums de dispositiu. - Per a crear un volum ocult és necessàri utilitzar un compte d'usuari amb privilegis d'administrador.\n\nVol continuar? - Tingui en compte que per donar format NTFS a un volum és necessàri utilitzar un compte d'usuari amb privilegis d'administrador.\n\nSense privilegis d'administrador pot donar format FAT al volum. - Un xifrat aprovat pel FIPS (el 1998 amb el nom de Rijndael) que està autoritzat pels departaments i les agències del govern dels EUA per protegir informació classificada fins al nivell de Top Secret. Clau de 256 bits, bloc de 128 bits, 14 rondes (AES-256). Treballa en mode XTS. - El volum ja està muntat. - ATENCIÓ: Ha fallat almenys un dels testos automàtics dels algorismes de hash i de xifrat!\n\nPot ser que la instal·lació del VeraCrypt estigui corrupta. - ATENCIÓ: No hi han prous dades al generador de números aleatòris per a poder satisfer la necessitat de dades aleatòries.\n\nSi us plau, no segueixi endavant. Seleccioni 'Reportar incidències' des del menú d'ajuda i informi d'aquest error. - La unitat està espatllada (té algun desperfecte físic) o el cable està malmès o la memòria no funciona correctament.\n\nTingui en compte que això és un problema del seu maquinari, no del VeraCrypt. Per tant, NO informi d'això com a un error/problema del VeraCrypt i si us plau No demani ajuda sobre això als fòrums del VeraCrypt. Si us plau, contacti amb l'equip de suport del proveïdor de l'ordinador per demanar assistència. Moltes gràcies.\n\nNota: Si l'error apareix repetidament al mateix lloc, és molt probable que sigui culpa d'un bloc erròni del disc, cosa que podria reparar-se utilitzant algun programari de tercers (la majoria d'ocasions la comanda 'chekdsk /r' no pot arreglar-ho ja que només treballa a nivell de sistema de fitxers; en alguns casos, l'eina 'chkdsk' no pot ni detectar-ho). - Si està accedint a una unitat extraïble, si us plau asseguri's que el dispositiu està connectat. Pot ser que el mitjà estigui espatllat (pot tenir algun dany físic) o pot ser que el cable estigui malmès o desconnectat. - Sembla que el seu sistema utilitza controladors propis del joc de xips que contenen un error que evita que es pugui xifrar la unitat de sistema sencera.\n\nSi us plau, intenti actualitzar o desinstal·lar tots els controladors propis (que no siguin de Microsoft) del joc de xips abans de continuar. Si això no serveix, intenti xifrar només la partició del sistema. - Lletra d'unitat incorrecta. - Ruta incorrecta. - Cancel·lar - No es pot accedir a la unitat. Asseguri's que la unitat seleccionada existeix i no s'utilitza des del sistema. - Atenció: el bloqueig de majúscules està activat. Això pot fer que no introdueixi la contrasenya correctament. - Tipus de volum - És possible que es vegi forçat per algú a revelar la contrasenya d'un volum xifrat. Hi ha moltes situacions en les quals no es pot negar a revelar la contrasenya (per exemple, sota extorsió). L'ús dels anomenats volums ocults li permet resoldre aquest tipus de situacions sense revelar la contrasenya del seu volum. - Seleccioni aquesta opció si vol crear un volum VeraCrypt normal. - Tingui en compte que si vol instal·lar un sistema operatiu a una partició de volum oculta no podrà xifrar la partició de sistema sencera utilitzant una clau simple. - Opcions de xifrat del volum exterior - Opcions de xifrat del volum ocult - Opcions de xifrat - ATENCIÓ: No s'ha pogut netejar la ruta de l'últim volum/fitxer de claus seleccionat (arxivat pel selector de fitxers)! - Error: El contenidor està comprimit a nivell de sistema de fitxers. El VeraCrypt no suporta contenidors comprimits (tingui en compte que la compressió de dades xifrades és inefectiva i redundant).\n\nSi us plau, desactivi la compressió del contenidor seguint aquests passos:\n1) Faci clic amb el botó dret al contenidor amb l'Explorador de Windows (no al VeraCrypt)\n2)Seleccioni 'Propietats'.\n3)Seleccioni 'Opvions avançades' a la finestra de 'Propietats'\n4) Desactivi l'opvió 'Comprimir el contingut per estalviar espai de disc' a l'apartat 'Atributs avançats'\n5) Tanqui la finestra de propietats. - Error al crear el volum %s - %s ocupa %.2f bytes - %s ocupa %.2f KB - %s ocupa %.2f MB - %s ocupa %.2f GB - %s ocupa %.2f TB - %s ocupa %.2f PB - ATENCIÓ: El disc/partició s'està utilitzant pel sistema operatiu o per una aplicació. Donar format al disc/partició pot causar la corrupció de dades i la inestabilitat del sistema.\n\nVol continuar? - ATENCIÓ: La partició s'està utilitzant pel sistema operatiu o per una aplicació. Hauria de tancar totes les aplicacions que puguin estar utilitzant la partició (incloent els antivirus).\n\nVol continuar? - Error: La unitat/partició conté un sistema de fitxers que no es pot desmuntar. El sistema de fitxers pot estar en ús pel sistema operatiu. Donar format a la unitat/partició causarà segurament la corrupció de les dades i la inestabilitat del sistema.\n\nPer arreglar aquest problema, és molt recomanable que primer elimini la partició i que la torni a crear sense donar-li format. Per fer-ho, segueixi aquests passos:\n1) Fer clic dret a 'El meu ordinador' al menú d'inici i seleccioni 'Administrar'.\n2) A la finestra d'administració del sistema, seleccionar 'Emmagatzematge' > 'Administrador de discos'.\n3) Fer clic dret a la partició i seleccionar tant 'Esborrar partició' com 'Esborrar volum' com 'Esborrar unitat lògica'.\n4) Fer clic a 'Si'. Si el Windows suggereix reiniciar l'ordinador, fer-ho. Després repetir els passos 1 i 2 i continuar des del pas 5.\n5) Fer clic dret a l'espai sense assignar i seleccionar tant 'Nova partició' com 'Nou volum simple' com 'Nova unitat lògica'.\n6) Seguir les instruccions de l'assistent que apareixerà. Seleccionar l'opció 'No donar format a aquesta partició' o 'No donar format al volum'.\n7)Pot ser que la ruta que s'ha especificat al VeraCrypt ara estigui malament. S'ha de tancar l'assistent de creació de volums (si encara està engegat) i tornar-lo a iniciar.\n8) Provar de xifrar la partició/unitat un altre cop.\n\nSi el VeraCrypt falla repetidament alhora de xifrar la partició/unitat, potser haurà de considerar crear un contenidor de fitxers en comptes d'això. - Error: No es pot bloquejar i/o desmuntar el sistema de fitxers. És possible que el sistema operatiu o alguna aplicació (per exemple, un antivirus) l'estiguin utilitzant. Xifrar la partició pot causar la inestabilitat del sistema i la corrupció de les dades.\n\nSi us plau, tanqui totes les aplicacions que puguin estar utilitzant el sistema de fitxers (incloent els antivirus) i torni-ho a provar. Si el problema persisteix, segueixi els passos següents. - ATENCIÓ: Alguns dels dispositius o de les particions s'estan utilitzant!\n\nIgnorar aquest avís pot causar resultats no desitjats, incloent la inestabilitat del sistema.\n\nÉs molt recomanable que tenqui totes les aplicacions que puguin estar utilitzant els dispositius o les particions. - El dispositiu seleccionat conté particions.\n\nDonar un format al dispositiu pot causar la inestabilitat del sistema i/o la corrupció de les dades. Si us plau, seleccioni una partició dins el dispositiu o elimini totes les particions del dispositiu per permetre que el TrueCrtypt li doni format de forma segura. - La unitat seleccionada conté particions.\n\nEls volums de dispositiu xifrats es poden crear dins de dispositius que no continguin particions. Un dispositiu que contingui particions pot ser xifrat in situ (utilitzant una clau mestra simple) només si és la unitat ón està instal·lat el Windows i des d'on arrenca.\n\nSi vol xifrar aquesta partició (no de sistema) utilitzant una clau mestra simple, haurà d'eliminar totes les particions del dispositiu. També pot xifrar cada partició dins el dispositiu individualment (cada partició utilitzarà una clau mestra diferent).\n\nNota: si vol eliminar totes les particions d'un disc GPT, l'haurà de convertir primer en un disc MBR per a poder eliminar les particions ocultes. - ATENCIÓ: Si xifra el dispositiu sencer (en comptes de xifrar-ne només una partició), els sistemes operatius consideraran que el dispositiu és nou, buit o que no té format (ja que no tindrà taula de particions) i poden inicialitzar espontàneament el dispositiu (o preguntar si ho han de fer), cosa que pot malmetre el volum. D'altre banda, no serà possible muntar de manera consistent el volum com a favorit (per exemple, quan canvii el número de dispositius) o assignar-hi una etiqueta de volum favorit.\n\nPer evitar això hauria de considerar crear una partició al dispositiu i xifrar la partició en comptes del dispositiu sencer.\n\nSegur que vol xifrar el dispositiu sencer? - IMPORTANT: Tingui en compte que aquest volum no és accessible/muntable utilitzant la lletra d'unitat %c, que té actualment assignada!\n\nPer muntar aquest volum, favi clic a 'Muntar dispositius' a la pantalla principal del VeraCrypt. El volum es pot muntar a una lletra d'unitat diferent de la que seleccionat de la llista de lletres d'unitat.\n\nLa lletra original %c: pot utilitzar-se només en cas de necessitar treure el xifrat de la partició/unitat. En aquest cas, faci clic amb el botó dret a la lletra d'unitat %c: a 'El Meu Ordinador' i seleccioni 'Donar format'. D'altre manera la lletra d'unitat %c: no es podrà utilitzar mai (a no ser que l'esborri com es descriu, per exemple, a les preguntes més freqüents del VeraCrypt i l'assigni a una altre partició/unitat). - No és possible Xifrar volums in situ amb aquesta versió del sistema operatiu (només funciona amb Windows Vista o versions posteriors).\n\nLa raó és que aquesta versió de Windows no permet la reducció d'un sistema de fitxers (és necessàris reduïr el sistema de fitxers per encabir-hi la capçalera i la còpia de seguretat de la capçalera). - No sembla que la partició seleccionada tingui un format NTFS. Només les particions que continguin un sistema de fitxers NTFS es poden xifrar in situ.\n\nNota: La raó és que aquesta versió de Windows no permet la reducció d'altres tipus de sistemes de fitxers (és necessàris reduïr el sistema de fitxers per encabir-hi la capçalera i la còpia de seguretat de la capçalera). - No sembla que la partició seleccionada tingui un format NTFS. Només les particions que continguin un sistema de fitxers NTFS es poden xifrar in situ.\n\nSi vol crear un volum xifrat dins d'aquesta partició, esculli la opció "Crear un volum xifrat i formatar-lo" (en comptes de l'opció "Xifrar la partició in situ"). - Error: La partició és massa petita. El VeraCrypt no la pot xifrar al in situ. - Per xifrar les dades d'aquesta partició, si us plau segueixi aquests passos:\n\n1) Crear un volum VeraCrypt a una partició/unitat que estigui buida i muntar-lo.\n\n2) Copiar tots els fitxers des de la partició que es vol xifrar cap al nou volum muntat. En aquest punt, s'ha creat una còpia de seguretat xifrada de les dades.\n\n3) Crear un volum xifrat a la partició que es volia xifrar originalment i assegurar-se que (a l'assistent de creació de volums) s'escull l'opció 'Crear un volum xifrat i donar-li format' (en comptes de ('Xifrar una partició in situ'). Recordi que totes les dades que hi haguessin a la partició s'esborraran. Després de crear el volum, s'ha de mnutar.\n\n4) Copiar tots els fitxers des de volum creat al pas 1 al nou volum creat al pas 3.\n\nDesprés de completar aquests passos les dades estaran xifrades i, a més, en tindrà una copia de seguretat xifrada. - El VeraCrypt només pot xifrar in situ una partició, un volum dinàmic o una unitat de sistema sencera.\n\nSi vol crear un volum xifrat a dins d'aquest dispositiu, esculli l'opció 'Crear un volum xifrat i formatar-lo' (en comptes de l'opció 'Xifrar la partició in situ'). - Error: El VeraCrypt només pot xifrar in situ una partició, un volum dinàmic o una unitat de sistema sencera.\n\n Si us plau, asseguri's que la ruta especificada és vàlida. - Error: no s'ha pogut reduïr el sistema de fitxers (és necessàris reduïr el sistema de fitxers per encabir-hi la capçalera i la còpia de seguretat de la capçalera).\n\nPossibles causes i solucions:\n\n- No hi ha prou espai al volum. Si us plau, asseguri's que no hi ha cap altre aplicació escrivint al sistema de fitxers.\n\n- Sistema de fitxers corrupte. Intenti comprovar i reparar els errors (clic dret a la lletra d'unitat corresponent a la llista dins 'El meu ordinador', seleccionar 'Propietats' > 'Eines' > 'Comprovar ara'. Asseguri's que l'opció 'Reparar automàticament els errors del sistema de fitxers' està activada.\n\nSi aquests passos no arreglen el problema, si us plau segueixi els passos següents. - Error: No hi ha prou espai al volum i el sistema de fitxers no es pot reduïr (és necessàris reduïr el sistema de fitxers per encabir-hi la capçalera i la còpia de seguretat de la capçalera)\n\nSi us plau, esborri qualsevol fitxer redundant i buidi la paperera de reciclatge per deixar lliure almenys 256 KB d'espai i torni-ho a provar. Tingui en compte que degut a un problema del Windows, la quantitat d'espai lliure de la que informa l'explorador de Windows pot ser incorrecte fins que es reinicii el sistema. Si després de reiniciar el sistema el problema no s'ha solucionat, pot ser que el sistema de fitxers estigui corrupte. Intenti comprovar i reparar els errors (clic dret a la lletra d'unitat corresponent a la llista dins 'El meu ordinador', seleccionar 'Propietats' > 'Eines' > 'Comprovar ara'. Asseguri's que l'opció 'Reparar automàticament els errors del sistema de fitxers' està activada.\n\nSi aquests passos no arreglen el problema, si us plau segueixi els passos següents. - La unitat %s té %.2f bytes lliures. - La unitat %s té %.2f KB lliures. - La unitat %s té %.2f MB lliures. - La unitat %s té %.2f GB lliures. - La unitat %s té %.2f TB lliures. - La unitat %s té %.2f PB lliures. - No s'han pogut obtenir les lletres d'unitat disponibles. - Error: No s'ha pogut trobar el controlador VeraCrypt.\n\nSi us plau, copii els fitxers 'veracrypt.sys' i 'truecrypy-x64.sys' al directori on es trobi l'executable del VeraCrypt (VeraCrypt.exe). - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Error: No s'ha pogut inicialitzar el xifrat. - Error: S'ha detectat una clau vulnerable o potencialment vulnerable. La clau s'ha descartat. Si us plau, torni-ho a provar. - S'ha produït un error crític i el VeraCrypt s'ha de tancar. Si això s'ha degut a un error en el VeraCrypt, ens agradaria arreglar-lo. Per ajudar-nos, pot enviar un informe de l'error generat automàticament que conté la següent informació:\n\n- Versió del programa\n- Versió del sistema operatiu\n- Tipus de CPU\n- Nom del component VeraCrypt\n- Suma de verificació de l'executable\n- El nom simbòlic de la finestra de diàleg.\n- Direcció de l'error\n- Estat de la pila del VeraCrypt.\n\nSi fa clic a 'Si', la següent URL (que conté l'informe complet) s'obirarà al seu navegador per defecte.\n\n%hs\n\nVol enviar-nos aquest informa d'error? - S'ha produït un error crític i el VeraCrypt s'ha de tancar.\n\nAquest error no ha estat causat pel VeraCrypt (i per tant els desenvolupadors del programa no el poden arreglar). Si us plau, comprovi el seu sistema per detectar possibles errors (la configuració del sistema, la connexió de xarxa, components de maquinari que fallin, etc.). - S'ha produït un error crític i el VeraCrypt s'ha de tancar.\n\nSi aquest problema persisteix, potser vol deshabilitat o desinstal·lar algunes aplicacions que puguin estar-lo causant, com ara un antivirus o un programa de seguretat, programes d'optimització del sistema, etc. Si això no soluciona el problema, és bona idea reinstal·lar el sistema operatiu (aquest problema pot ser causat per programes de malware). - Error crític del VeraCrypt - El VeraCrypt ha detectat que el sistema operatiu ha fallat recentment. Hi ha moltes raons potencials per les quals el sistema pot haver fallat (un component que falli, un error en un controlador de dispositiu, etc.)\n\nVol que el VeraCrypt comprovi si la fallada la pot haver causat un error al VeraCrypt? - Vol que el VeraCrypt segueixi detectant les fallades del sistema? - No s'ha trobat cap fitxer minidump de fallada del sistema. - Do you want to delete the Windows crash dump file to free up disk space? - Per tal d'analitzar la fallada del sistema, el VeraCrypt necessita instal·lar abans les eines de depuració per Windows de Microsoft.\n\nDesprés de fer clic a 'OK', l'instal·lador de windows descarregarà el paquet de les eines de depuració de windows (16 MB) des d'un servidor de Microsoft i les instal·larà (l'instal·lador de Windows arribarà la URL del servidor de Microsoft a través del servidor treucrypt.org, la qual cosa permet que això funcioni encara que Microsoft canvii l'ubicació del paquet d'instal·lació). - Després de fer clic a 'OK', el VeraCrypt analitzarà la fallda del sistema. Això pot trigar diversos minuts. - Si us plau, asseguri's que la variable d'entorn 'PATH' inclou la ruta cap a 'kd.exe' (Kernel Debugger). - Sembla que el VeraCrypt no ha causat la fallada del sistema. Hi ha moltes raons potencials per les quals el sistema pot haver fallat (un component que falli, un error en un controlador de dispositiu, etc.) - Els resultats de l'anàlisi indiquen que actualitzar el següent controlador solucionaria el problema: - Per ajudar-nos a determinar si hi ha un error al VeraCrypt, pot enviar un informe de l'error generat automàticament que conté la següent informació:\n\n- Versió del programa\n- Versió del sistema operatiu\n- Tipus de CPU- Tipus l'error\n-Nom i versió del controlador\n- Estat de la pila del sistema.\n\nSi fa clic a 'Si', la següent URL (que conté l'informe complet) s'obirarà al seu navegador per defecte.\n\nVol enviar-nos aquest informa d'error? - Vol enviar-nos l'informe de l'error? - &Xifrar - &Desxifrar - Desxifrar de manera &permanent - Sortir - Si us plau, creï una unitat lògica per aquesta partició extesa i torni-ho a provar. - Un volum VeraCrypt pot allotjar-se en un fitxer (anomenat contenidor VeraCrypt), que pot estar a un disc dur, a un llàpis de memòria, etc. Un contenidor és com un fitxer normal (per exemple, es pot moure o esborrar com qualsevol fitxer). Faci clic a 'Triar fitxer' per triar el nom del contenidor i seleccionar la ubicació on es crearà.\n\nATENCIÓ: Si selecciona un fitxer existent, el VeraCrypt NO el xifrarà; el fitxer s'esborrarà i serà substituït per un contenidor nou. Vostè podrà xifrar un fitxer existent (després) movent-lo al contenidor VeraCrypt que es crearà ara. - Seleccioni l'ubicació ón es crearà el volum exterior (a dins del qual es crearà després el volum ocult).\n\nUn volum VeraCrypt pot ubicar-se dins un fitxer (anomenat contenidor VeraCrypt), que pot estar dins d'un disc dur, en un llàpis òptic, etc. Un contenidor VeraCrypt es pot moure o eliminar com un fitxer normal. Faci clic a 'Triar fitxer' per triar el nom del contenidor i seleccionar la ubicació on es crearà. Si selecciona un fitxer existent, el VeraCrypt NO el xifrarà; el fitxer s'esborrarà i serà substituït per un contenidor nou. Vostè podrà xifrar un fitxer existent (després) movent-lo al contenidor VeraCrypt que es crearà ara. - Els volums de dispositiu es poden crear a particions o discos durs, unitats d'estat sòlid, llàpis de memòria i d'altres dispositius d'emmagatzematge suportats. Les particions també es poden xifrar in situ.\n\nA més, els volums de dispositiu xifrats es poden crear a dins de dispositius que no continguin particions (incloent discos durs i unitats d'estat sòlid)\n\nNota:Un dispositiu que contingui particions pot ser xifrat completament in situ (utilitzant una clau simple) només si és a unitat on hi ha instal·lat el windows i és des de la que arranca. - Els volums de dispositiu es poden crear a particions o discos durs, unitats d'estat sòlid, llàpis de memòria i d'altres dispositius d'emmagatzematge suportats.\n\nATENCIÓ: Tingui en compte que es donarà format a la partició/unitat i totes les dades que hi hagi es perdran. - \nseleccioni l'ubicació ón es crearà el volum exterior (a dins del qual es crearà després el volum ocult).\n\nEls volums exteriors es poden crear a particions o discos durs, unitats d'estat sòlid, llàpis de memòria i d'altres dispositius d'emmagatzematge suportats. A més, els volums exteriors xifrats es poden crear a dins de dispositius que no continguin particions (incloent discos durs i unitats d'estat sòlid)\n\nATENCIÓ: Tingui en compte que es donarà format a la partició/unitat i totes les dades que hi hagi es perdran. - \nSeleccioni la ubicació del volum VeraCrypt ón es crearà el volum ocult. - ATENCIÓ: Aquest fitxer o unitat s'està utilitzant actualment!\n\nNo fer cas d'això pot provocar resultats indesitjats incloent la inestabilitat del sistema. Totes les aplicacions que estiguin utilitzant aquest fitxer o unitat (per exemple, un antivirus o una aplicació de còpia de seguretat) s'haurien de tancar abans de muntar el volum\n\nVol muntar el volum ara? - Error: No s'ha pogut muntar el volum. El fitxer/dispositiu ja s'està utilitzant. També ha fallat l'intent de muntar-lo sense accés exclusiu. - No s'ha pogut obrir el fitxer. - Ubicació del volum - Fitxers grans - Voldrà guardar fitxers més grans de 4 GB en aquest volum? - Tenint en compte les decisions anterior, el VeraCrypt seleccionarà un sistema de fitxers per defecte adecuat per al volum VeraCrypt (podrà seleccionar un sistema de fitxers al pas següent). - Ja que està creant un volum exterior, hauria de considerar fer clic a 'No'. Si fa clic a 'Si', el sistema d'arxius per defecte serà NTFS, que no és tan adecuat pels volums exteriors com FAT (per exemple, l'espai disponible pel volum ocult serà significativament més gran si el volum exterior té un format FAT). Normalment, FAT és el sistema d'arxius per defecte tant pels volums normals com pels ocults (ja que els volums FAT no son sospitosos). No obstant això, si es té l'intenció de guardar fitxers més grans de 4 GB (que el sistema de fitxers FAT no permet), FAT no pot ser el sistema d'arxius per defecte. - Segur que vol escollir 'Si'? - Mode de creació del volum - Aquest és el camí més ràpid per crear un volum de partició o de volum (el xifrat in situ, l'altre opció, és més lenta ja que cada sector s'ha de llegir, xifrar i després escriure; es sobreescriu amb dades aleatòries). Si vol xifrar les dades existents en una partició, seleccioni l'altre opció. - Es xifraran la partició seleccionada i totes les dades que contingui. Si la partició està buida, hauria de triar l'opció anterior (el volum es crearà molt més ràpid). - Nota: - &Reprendre - &Ajornar - &Començar - C&ontiuar - &Formatar - &Netejar - Aturar el procés de formateig? - Més informació - No ho tornis a mostrar - S'ha esborrat el contingut de la partició/unitat amb èxit. - El contingut de la partició ón hi havia el sistema original (que s'ha copiat al sistema ocult) s'ha esborrat amb èxit. - Si us plau, asseguri's que la versió del Windows que instal·larà (a la partició neta) és la mateixa versió del Windows que s'utilitza actualment. Això és necessari degut a que tots dos sistemes compartiran una partició d'arranc comuna. - La partició/unitat de sistema s'ha desxifrat amb èxit.\n\nNota: Si hi ha volums que no són aquest que és necessari muntar cada vegada que s'inicii el Windows, pot configurar-ho muntant-los tots i seleccionant 'Favorits' > 'Afegir als volums favorits del sistema'. - La partició/unitat de sistema s'ha desxifrat amb èxit. - \n\nS'ha creat el volum i ja es pot utilitzar. Si vol crear un altre volum, faci clic a 'Següent'. Si no, faci clic a 'Sortir'. - \n\nEl volum ocult s'ha creat amb èxit (el sistema operatiu ocult residirà dins aquest volum ocult).\n\nFaci clic a 'Següent' per continuar. - Volum completament xifrat - Volume Fully Decrypted - IMPORTANT: PER MUNTAR AQUEST VOLUM ACABAT DE CREAR I ACCEDIR A LES DADES QUE CONTÉ, FACI CLIC A '' A LA FINESTRA PRINCIPAL DEL VERACRYPT. Després d'introduïr la contrassenya correcte (i/o proporcionar els fitxers de claus correctes) el volum es muntarà a la lletra d'unitat que s'hagi seleccionat de la llista de la finestra principal del VeraCrypt (i serà possible accedir a les dades xifrades a través de la lletra d'unitat).\n\nSI US PLAU, RECORDI O ANOTI AQUESTS PASSOS. HAURÀ DE SEGUIR-LOS CADA COP QUE VULGUI MUNTAR EL VOLUM O ACCEDIR A LES DADES QUE CONTÉ. D'altra banda, també pot accedir a 'Triar dispositiu' des de la finestra principal del programa i després seleccionar la partició/volum i fer clic a 'Muntar'.\n\nLa partició/unitat s'ha xifrat amb èxit (ara conté un volum VeraCrypt completament xifrat) i està a punt per utilitzar-se. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - S'ha creat el volum VeraCrypt amb èxit. - S'ha creat el volum - IMPORTANT: Mogui el seu ratolí tant aleatòriament com pugui en aquesta finestra. Com més el mogui, millor. Això incrementarà significativament la força de les claus de xifrat. Després faci clic a Formatar per continuar. - Faci clic a 'Formatar' per crear el volum exterior. Per a més informació, vegeu la documetnació. - ´Format del volum exterior - Format del volum ocult - Format del volum - Es necessita l'Adobe Reader (o una eina compatible) per a poder veure o imprimir la guia d'usuari del VeraCrypt. Es pot descarregar l'Adobe Reader (freeware) des de: www.adobe.com\n\nVol veure el document en línia en comptes d'això? - Si selecciona aquesta opció, l'assistent l'ajudarà a crear un volum VeraCrypt normal i després un volum ocult a dins d'aquest. És la opció recomanada pels usuaris sense experiència. - Si selecciona aquesta opció, es crearà un nou volum ocult a dins d'un volum VeraCrypt existent. S'assumeix que ja s'ha creat un volum VeraCrypt capaç d'allotjar el volum ocult. - Mètode de creació del volum - Volum ocult creat - S'ha creat el volum ocult i ja es pot utilitzar. Si s'han seguit totes les instruccions i s'han pres les precaucions i requeriments que es llisten a la secció 'Requeriments de seguretat i precaucions per als volums ocults' de la guia d'usuari del VeraCrypt, no hauria de ser possible demostrar que el volum ocult existeix, encara que es monti el volum exterior.\n\nATENCIÓ: SI NO PROTEGEIX EL VOLUM OCULT (PER TROBAR INFORMACIÓ SOBRE AIXÒ, CONSULTI LA SECCIÓ 'PROTECCIÓ DELS VOLUMS OCULTS' A LA GUIA D'USUARI DEL VERACRYPT), NO ESCRIGUI AL VOLUM EXTERIOR. SI HO FA, PODRIA MALMETRE EL VOLUM OCULT! - Ha iniciat el sistema operatiu ocult. Com haurà notat, el sistema operatiu iocult sembla instal·lat a la mateixa partició que el sistema operatiu original. No obstant, en realitat, està instal·lat en una partició a dins seu (al volum ocult). Totes les operacions de lectura i escriptura seran redirigides de forma transparent des de la partició de sistema original cap al volum ocult.\n\nNi el sistema operatiu ni les aplicacións saben que les dades que s'escriuen i es llegeixen de la partició de sistema s'estan llegint i escrivint des de la partició que hi ha a dins (el volum ocult). Totes les dades són xifrades i desxifrades al vol com és habitual (amb una clau de xifrat diferent de la que s'utilitza al sistema operatiu esquer).\n\nSi us plau, faci clic a 'Següent' per continuar. - S'ha creat el volum exterior i muntat a la unitat %hc:. Ara ha de de copiar alguns fitxers que semblin confidencials i que NO vulgui amagar en aquest volum exterior. Seran allà per qualsevol que l'obligui a revelar la contrasenya de la primera partició després de la partició de sisetma, on hi ha el volum exterior i l'ocult (que conté el sistema operatiu ocult). Podrà revelar la contrasenya del volum exterior i l'existència del volum ocult (i el sistema operatiu ocult) es mantindran en secret.\n\nIMPORTANT: Els fitxers que copii al volum exterior no poden ocupar més de %s. Si no és així, no hi haurà prou espai lliure al volum exterior pel volum ocult (i no serà possible continuar). Quan acabi de copiar els fitxers, faci clic a 'Següent' (no desmunti el volum). - El volum exterior s'ha creat amb èxit i s'ha muntat a la unitat %hc:. Ara hauria de copiar alguns fitxers que semblin confidencials i que NO vulgui amagar cap aquest volum exterior, no a l'ocult. Els fitxers que vulgui mantenir segurs els ha de guardar al volum ocult, que es crearà després Quan acabi de copiar, faci clic a 'Següent'. No desmunti el volum.\n\nNota: Després de fer clic a 'Següent, s'escannejarà el mapa de bits del clúster per determinar la mida d'espai lliure ininterromput més gran el final de la qual estigui alineada amb el final del volum. Aquesta àrea allotjarà el volum ocult. Per tant, limitarà la seva mida màxima. L'escanneig del mapa de bits del clúster assegura que no se sobreescriguin dades del volum ocult des del volum exterior. - Contingut del volum ocult - \n\nAls següents passos s'especificaran les opcions pel volum exterion (que contindrà el volum ocult que es crearà després). - \n\nAls propers passos es crearà l'anomenat volum exterior a la primera partició després de la partició de sistema (com s'ha explicat als passos anteriors). - Volum exterior - Als passos següents, configurarà les opcions i contrasenyes pel volum ocult, que contindrà el sistema operatiu ocult.\n\nObservació: El mapa de bits del clúster ha estat escannejat per determinar la mida màxima del volum ocult, que s'ha determinat i confirmat que és més gran que la partició de sistema (cosa que ha de passar, ja que el contingut sencer de la partició de sistema s'ha de copiar al volum ocult). Això assegura que no se sobreescriguin dades del volum ocult des del volum exterior. - IMPORTANT: Si us plau, recordi l'algorisme que ha seleccionat en aquest pas. Haurà de seleccionar el mateix algorisme pel sistema esquer. Si no és així, no es podrà accedir al sistema ocult! (El sistema esquer s'ha de xifrar amb el mateix algorisme de xifrat que el sistema ocult.) \n\nNota: La raó d'això és que el sistema esquer i el sistema ocult comprartiran el gestor d'arranc, que suporta l'ús de només un algorisme, seleccionat per l'usuari (hi ha una versió especial del gestor d'arranc VeraCrypt per a cada algorisme). - \n\nS'ha escannejat i s'ha determinat la mida màxima del volum ocult. Als següents passos podrà configurar les opcions, la mida i la contrasenya del volum ocult. - Volum ocult - Ara el volum ocult està protegit contra danys fins que es desmunti el volum exterior.\n\nATENCIÓ: Si s'intenta escriure dades a l'area del volum ocult, el VeraCrypt engegarà la protecció contra escriptura a tot el volum (tant la part exterior com l'oculta) fins que es desmunti. Això pot ocasionar la corrupció del sistema de fitxers del volum exterior, la qual cosa (si es va repetint) pot afectar negativament la visibilitat del volum ocult. Per tant, hauria de fer tot el possible per evitar escriure a l'area del volum ocult. Totes les dades escrites a l'area del volum ocult no es gravaran i es perdran. El Windows pot identificar això com un error d'escriptura ("Delayed Write Failed" o "The parameter is incorrect"). - Ara tots els volums ocults dels volums acabats de muntar està protegit contra danys fins que es desmunti.\n\nATENCIÓ: Si s'intenta escriure dades a l'area del volum ocult de qualsevol d'aquests volums , el VeraCrypt engegarà la protecció contra escriptura a tot el volum (tant la part exterior com l'oculta) fins que es desmunti. Això pot ocasionar la corrupció del sistema de fitxers del volum exterior, la qual cosa (si es va repetint) pot afectar negativament la visibilitat del volum ocult. Per tant, hauria de fer tot el possible per evitar escriure a l'area del volum ocult. Totes les dades escrites a l'area del volum ocult no es gravaran i es perdran. El Windows pot identificar això com un error d'escriptura ("Delayed Write Failed" o "The parameter is incorrect"). - ATENCIÓ: S'ha intentat gravar dades a l'àrea del volum ocult del volum muntat com a %c:! El VeraCrypt ha evitat que es gravin aquestes dades per protegir el volum ocult. Això podria causar corrupció del sistema de fitxers al volum ocult i el Windows podria reportar un error d'escriptura. El volum sencer (tant la part exterior com la oculta) es protegiran contra escriptura fins que es desmuntin. Si aquesta no és la primera vegada que el VeraCrypt evita que es gravin dades a l'àrea del volum ocult d'aquest volum, la veracitat d'aquest volum es pot veure afectada (degut a les inconsistències inusuals del sistema de fitxers del volum exterior). Per tant, hauria de considerar crear un nou volum (sense el format ràpid) i moure els fitxers des d'aquest volum cap al nou; Aquest volum s'haurà de borrar de manera segura (tant la part exterior com la oculta). És molt recomanable reiniciar el sistema ara. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - Per motius de seguretat, quan s'està executant un sistema operatiu ocult els volums ocults només es poden crear en mode directe (ja que els volums exteriors sempre es munten en mode de només lectura). Per crear un volum ocult de manera segura, segueixi aquests passos:\n\nEngegar el sistema esquer\n\n2) Crear un volum VeraCrypt normal i, en aquest volum, copiar-hi alguns fitxers que semblin confidencials i que NO vulgui amagar (el volum serà l'exterior).\n\n3)Arrancar el sistema ocult i engegar l'assistent de creació de volum. Si el volum és sobre un fitxer, moure'l a la partició de sistema d'un altre volum ocult (d'altre manera, el nou volum es muntaria en mode només lectura i no se li podria donar format). Segueir les instruccions de l'assistent per a seleccionar el mode directe de creació de volums ocults.\n\n4) A l'assistent, seleccionar el volum creat al pas 2 i després seguir les instruccions per crear-hi un volum ocult a dins - Per motius de seguretat, quan s'està executant un sistema operatiu ocult els sistemes de fitxers locals no xifrats i els volums visibles del VeraCrypt es munten en mode de només lectura (no s'hi poden escriure dades).\n\nEs poden escriure dades a qualsevol sistema de fitxers que estigui dins d'un volum ocult (sempre que el volum ocult no estigui ubicat en un contenidor guardat dins d'un sistema de fitxers no xifrat o en algun altre sistema de fitxers de només lectura). - Hi ha tres motius principals per implementar aquestes mesures de seguretat\n\n- Permeten la creació d'una plataforma segura per mutnar volums ocults. Tingui en compte que recomanem oficialment que els volums ocults només es muntin quan s'està executant un sistema operatiu ocult (Per a més informació, vegi la subsecció 'Requisits de seguretat i precaucions dels volums ocults' a la documentació).\n\n- En alguns casos, és possible d'assegurar que, en un moment determinat un sistema de fitxers en concret no s'ha muntat sota una instància concreta d'un sistema operatiu (analitzant i comparant els diaris del sistema de fitxers, les dates de modificació dels fitxers, registres, etc.). Això pot indicar que hi ha un sistema operatiu ocult instal·lat al sistema. \n\n- Preveuen la corrupció de dades i permeten la hibernació segura. Quan el windows s'engega després d'una hibernació, assumeix que tots els sistemes de fitxers muntats estan en el mateix estat que quan es va entrar en hibernació. El VeraCrypt assegura això donant protecció sobre escriptura tant als sistemes esquer com als ocults. Sense aquesta protecció, els sistemes de fitxers es podrien corrompre quan es muntessin en un sistema mentre l'altre està hibernat. - Nota: Si necessita transferir fitxers de manera segura des del sistema esquer cap al sistema ocult, segueixi aquests passos:\n1) Engegui el sistema esquer.\n2) Guardi els fitxers en un volum no xifrat o a un volum de VeraCrypt extern/normal.\n3) Engegi el sistema ocult.\n4) Si ha guardat els fitxers en un volum VeraCrypt, munti'l (es muntarà automàticament en mode només lectura).\n5) Copii els fitxers cap a la partició del sistema ocult o cap a un altre volum ocult. - És necessari reiniciar l'ordinador.\n\nVol fer-ho ara? - S'ha produït un error quan s'intentava obtenir l'estat de xifratge del sistema. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - No s'han pogut inicialitzar els components de l'aplicació per xifrar el sistema. - No s'ha pogut inicialitzar el generador de números aleatòris! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - No es pot inicialitzar l'aplicació. No es pot registrar la classe Dialog. - Error: no s'ha pogut carregar la biblioteca d'edició enriquida del sistema. - Assistent de creació de volums - El màxim que pot ocupar aquest volum és %.2f bytes. - El màxim que pot ocupar aquest volum és %.2f KB. - El màxim que pot ocupar aquest volum és %.2f MB. - El màxim que pot ocupar aquest volum és %.2f GB. - El màxim que pot ocupar aquest volum és %.2f TB. - Les contrasenyes/fitxers de claus no es poden canviar amb el volum muntat. Si us plau, desmunti el volum abans. - L'algorisme de derivació de la clau de capçalera no es pot canviar mentre el volum estigui muntat. Si us plau, desmunti primer el volum. - &Muntar - És necessària una versió més nova del VeraCrypt per muntar aquest volum. - Error: No es troba l'assistent de creació de volums.\n\nSi us plau, asseguri's que el fitxer 'VeraCrypt Format.exe' és al directori des d'ón s'ha executat el 'VeraCrypt.exe'. Si no hi és, si us plau reinstal·li el TrueCrpyt o localitzi el fitxer 'VeraCrypt Format.exe' al seu disc i executi'l. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Següent > - &Acabar - &Instal·lar - E&xtreure - No s'ha pogut connectar amb el controlador de dispositius del VeraCrypt. El VeraCrypt no pot funcionar sense el controlador de dispositius.\n\nTingui en compte que, degut a un problema del Windows, pot ser necessari tancar la sessió o reiniciar el sistema perquè es pugui carregar el controlador de dispositius. - S'ha produït un error quan es carregaven/preparaven les fonts. - No s'ha trobat la lletra d'unitat especificada o bé no se n'ha especificat cap. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Lletra d'unitat no disponible. - No s'ha seleccionat cap fitxer! - No hi ha lletres d'unitat disponibles. - No hi ha lletres d'unitat lliures pel volum extern! La creacío del volum no pot continuar. - No s'ha pogut determinar la versió del seu sistema operatiu o bé està utiltizant un sistema operatiu no suportat. - No hi ha cap ruta! - No hi ha prou espai pel volum ocult! La creacío del volum no pot continuar. - Error: Els fitxers que s'han copiat al volum extern ocupen massa espai. Per tant, no hi ha prou espai al volum exterior pel volum ocult\n\nTingui en compte que el sistema ocult ha de ser tant gran com la partició de sistema (la partició on hi ha instal·lat el sistema operatiu que s'executa actualment). La raó d'això és que el sistema operatiu ocult necessita crear-se copiant el contingut de la partició de sistema al volum ocult.\n\n\nNo es pot segir amb el procés de creació del sistema operatiu ocult. - El controlador no pot desmuntar el volum. Probablement alguns fitxers dins el volum estan oberts. - No s'ha pogut bloquejar el volum. Hi ha fitxers oberts dins el volum. Per tant, no es pot desmuntar. - El VeraCrypt no ha pogut bloquejar el volum ja que el sistema o alguna aplicació l'està utilitzant (poden haver-hi fitxers oberts).\n\nVol forçar el desmuntatge del volum? - Seleccioni el volum VeraCrypt - Ubicació i nom del fitxer - Seleccioni la bilioteca PKCS #11 - Sense memòria - IMPORTANT: És molt recomanable per als usuaris sense experiència crear un contenidor de fitxers Veracrypt dins el disc/partició seleccionat en compte de xifrar el disc/partició sencer.\n\nQuan es crea un contenidor de fitxers (al contrari que quan es xifra un disc o una partició) no hi ha, per exemple, risc de destruïr un gran número de fitxers. Per a més informació, consulti el capítol 'Tutorial per a principiants' a la guia d'usuari de TrueCrtpy.\n\nEstà segur que vol xifrar el disc/partició sencer? - ATENCIÓ: El fitxer '%s' ja existeix!\n\nIMPORTANT: EL VERACRYPT NO XIFRARÀ EL FITXER, L'ESBORRARÀ. Està segur que vol esborrar el fitxer i substituïr-lo per un nou contenidor VeraCrypt? - ATENCIÓ: TOTS ELS FITXERS QUE HI HAGI A (%s) '%s'%s S'ESBORRARAN (NO ES XIFRARAN)!\n\nSegur que vol seguir amb el formateig? - ATENCIÓ: No serà posible muntar ni accedir a cap fitxer del volum mentre no estigui xifrat completament.\n\nSegur que vol xifrar (%s) '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - ATENCIÓ: Tingui en compte que si el subministrament d'energia s'interromp o si el sistema operatiu falla degut a un error mentre s'està xifrat les dades in situ, algunes parts de les dades es corrompran o perdran. Per tant, abans de començar a xifrar, asseguri's que té còpies de seguretat dels fitxers que vol xifrar. Té una còpia de seguretat? - PRECAUCIÓ: TOTS ELS FITXERS EMMAGATZEMATS DINS DE LA PARTICIÓ '%s'%s (LA PRIMERA DESPRÉS DE LA PARTICIÓ DE SISTEMA) S'ESBORRARAN I ES PERDRAN (NO ES XIFRARAN)\n\nVol continuar donant format a la partició? - ATENCIÓ: LA PARTICIÓ SELECCIONADA CONTÉ MOLTES DADES! Es perdran tots els fitxers dins la partició (NO es xifraran)! - Esborrar tots els fitxers guardats a la partició creant-hi un volum a dins - Contrasenya - PIM - Establir l'algorisme de derivació de la clau de la capçalera - Afegir/Eliminar fitxers de claus a/d'un volum - Eliminar tots els fitxers de claus d'un volum - La contrasenya, PIM i/o els fitxers de claus s'han canviat amb èxit.\n\nIMPORTANT: Si us plau, assegureu-vos d'haver llegit 'Canviar contrasenyes i fitxers de claus' al capítol 'Requisits de seguretat i precaucions' de la guia d'usuari del VeraCrypt. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: Si no ha destruït el disc de recuperació del VeraCrypt, la seva partició/unitat de sistema es podrà desxifrar utilitzant la contrasenya antiga (introduïnt el disc de ercuperació antic i la contrasenya antiga). Hauria de crear un nou disc de recuperació i destruïr l'antic.\n\nVol crear un nou disc de recuperació? - Tingui en compte que el seu disc de recuperació encara utilitza l'algorisme anterior. Si considera que l'algorisme anterior és insegur, hauria de crear un nou disc de recuperació i destruïr l'antic.\n\nVol crear un nou disc de recuperació? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - S'han afegit/eliminat el(s) fitxer(s) de claus. - S'ha exportat el fitxer de claus. - S'ha establert l'algorisme de derivació de la clau de capçalera. - Si us plau, introdueixi la contrasenya i/o el(s) fitxer(s) de claus pel volum del que vol continuar el procés de xifrat in-situ.\n\nObservació: Quan faci clic a 'Següent' el VeraCrypt provarà de buscar tots els volums que no siguin de sistema que hagin interromput el procés de xifrat i que es puguin desxifrar amb les dades proporcionades. Si hi ha més d'un volum que cumpleix aquests requisits haurà de seleccionar-ne un al següent pas. - Si us plau, seleccioni un volum de la llista. La llista conté tots els volums accessibles que han interromput el procés de xifrat i capçalera dels quals pot ser desxifrada utilitzant la contrasenya i/o els fitxers de claus que s'han proporcionat. - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - És molt important triar una bona contrasenya. Hauria d'evitat escollir-ne una que només contingui una paraula que es pot trobar a un diccionari (o una combinació de 2, 3 o 4 d'aquestes paraules). No hauria de contenir noms o dates de naixement. Ha de ser dificil d'endevinar. Una bona contrasenya és una combinació aleatòria de lletres majúscules i minúscules, números i caràcters especials, com ara @, ^, =, $, *, +, etc. Recomenem escollir una contrasenya de més de 20 caràcters (com més llarga, millor). La mida màxima de la contrasenya és de 64 caràcters. - Esculli la contrasenya del volum ocult. - Esculli la contrasenya del sistema operatiu ocult (o sigui, pel volum ocult). - IMPORTANT: La contrasenya triada pel sistema operatiu ocult en aquest punt ha de ser substancialment diferent de les altres dues contrasenyes (la contrasenya del volum exterior i la del sistema operatiu esquer). - Si us plau, introdueixi la contrasenya del volum ón vol crear el nou volum ocult.\n\nDesprés de fer clic a 'Següent', el VeraCrypt intentarà muntar el volum. Tan aviat com el volum estigui muntat, s'escannejarà per determinar la mida de l'area ininterrompuda d'espai lliure (si hi és) el final de la qual s'alinii amb el final del volum. Aquesta àrea allotjarà el volum ocult i per tant delimitarà la seva mida màxima. Aquest escanneig és necessari per assegurar que no se sobreescriguin dades del volum ocult des del volum exterior. - \nEsculli la contrassenya del volum exterior. Aquesta és la contrasenya que podria revelar quan se li pregunti o el forcin a fer-ho.\n\nIMPORTANT: La contrasenya hauria de ser substancialment diferent de la que es trii pel volum ocult.\n\nNota: La contrasenya pot tenir fins a 64 caràcters. - Esculli la contrassenya del volum exterior. Aquesta és la contrasenya que podrà rebelar si algú el força a dir la contrasenya de la primera partició després de la partició de sistema, ón hi ha tant el volum exterior com l'ocult (que conté el sistema operatiu ocult). L'existència del volum ocult romandrà en secret. Aquesta contrasenya no és pel sistema operatiu esquer.\n\nIMPORANT: Aquesta contrasenya ha de ser significativament diferent de la que esculli pel volum ocult. - Contrasenya del volum exterior - Contrasenya del volum ocult - Contrasenya del sistema operatiu ocult - ATENCIÓ: Les contrasenyes curtes són fàcils de trencar fent servir tècniques de força bruta!\n\nRecomanem escollir una contrasenya de més de 20 caràcters. Està segur que vol fer servir una contrassenya curta? - Contrasenya del volum - El(s) fitxer(s) de claus i/o la contrassenya són incorrectes, o no és un volum VeraCrypt. - El(s) fitxer(s) de claus i/o la contrassenya són incorrectes, o no és un volum VeraCrypt. - El mode de muntatge és erroni, la contrassenya és incorrecte, o no és un volum VeraCrypt. - El mode de muntatge és erroni, el(s) fitxer(s) de claus i/o la contrassenya són incorrectes, o no és un volum VeraCrypt. - La contrassenya és incorrecte o no és un volum VeraCrypt. - El(s) fitxer(s) de claus i/o la contrassenya són incorrectes, o no és un volum VeraCrypt. - ATENCIÓ: Hi ha el bloqueig de majúscules activat. Això pot fer que introdueixi la contressenya incorrectament. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - Si està intentant protegir un volum ocult que conté un sistema ocult, si us plau asseguri's d'utilitzar la disposició de teclat estàndard als EUA quan escrigui la contrasenya pel volum ocult. Això és necessari degut al fet que la contrasenya s'ha d'escriuer en un entor de prearrencada (abans d'engegar el Windows) on només hi ha aquesta disposició de teclat disponible. - No s'ha trobat cap volum que hagués interromput el xifrat i que es pugui desxifrar amb la contrasenya i/o fitxer(s) de claus que ha introduït.\n\nSi us plau asseguri's que aquestes dades són correctes i que la partició/volum no s'està utilitzant pel sistema o per alguna aplicació (incloent l'antivirus) - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNota: Si està intentant muntar una partició dins d'una unitat de sistema xifrada sense l'autenticació de prearrencada o muntar una partició de sistema xifrrada d'un sistema operatiu que no s'està executant, pot fer-ho a través de 'Sistema' > 'Muntar sense l'autenticació prearrencada'. - En aquesta modalitat, no pot muntar una partició allotjada a un dispositiu que és dins de l'àmbit de la clau del sistema xifrat actual.\n\nAbans de muntar la partició en aquesta modalitat, ha d'arrencar un sistema operatiu en una altre unitat (xifrat o no) o arrencar un sistema operatiu no xifrat. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Anterior - No s'ha pogut llistar els dispositius en brut instal·lats al sistema! - El volum '%s' ja existeix i està en mode només lectura. Està segur que el vol substituïr? - Seleccioni la ubicació de destí - Seleccioni fitxers de claus - Seleccioni la ruta de cerca dels fitxers de claus. ATENCIÓ: Només es guardarà la ruta, no els noms dels fitxers! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Dissenyat per Ross Anderson, Eli Biham i Lars Knudsen. Publicat el 1998. Clau de 256 bits, bloc de 128 bits. Mode XTS. Va ser un dels finalistes d'AES. - Si us plau, especifiqui la mida del nou contenidor.\n\nSi crea un contenidor dinàmic (fitxer ampliable), aquest paràmetre ha d'especificat la seva mida màxima.\n\nTingui en compte que la mida mínima d'un volum FAT és de 292 KB. La mida mínima possible d'un volum NTFS és de 3792 KB. - Si us plau, especifiqui la mida del volum exterior a crear (primer es crea el volum exterior i després el volum ocult a dins). La mida mínima possible d'un volum que hagi de contenir un volum ocult és de 340KB. - Si us plau, especifiqui la mida del nou volum ocult. La mida mínima possible per un volum ocult és de 40 KB (o 3664 KB si es formata com a NTFS). La mida màxima que pot especificar es mostra a sobre. - Mida del volum exterior - Mida del volum ocult - Si us plau, verifiqui que la mida del disc/partició indicada a dalt és correcte i premi Següent. - El volum extern i el volum ocult (que conté el sistema operatiu ocult) han d'estar a la partició de dalt. Ha de ser la primera partició després de la partició de sistema.\n\nSi us plau, verifiqui que la mida i el número de la partició són correctes i, si ho són, faci clic a Següent. - \n\nTingui en compte que la mida mínima d'un volum que hostatji un volum ocult és de 340 KB. - Mida del volum - Dinàmic - ATENCIÓ: PROVA FALLADA! - Proves dels algorismes passades - El número de dades per unitat especificat és massa llarg o massa curt. - La clau secundària de prova és massa llarga o massa curta. - El text xifrat de prova és massa llarg o massa curt. - La clau de prova és massa llarga o massa curta. - El text pla de prova és massa llarg o massa curt. - Dos xifrats en cascada treballant en mode XTS. Cada bloc es xifra primer amb %s (clau de %d bits) i després amb %s (clau de %d bits). Cada xifrat utilitza la seva pròpia clau. Les claus són independents entre si. - Tres xifrats en cascada treballant en mode XTS. Cada bloc es xifra primer amb %s (clau de %d bits), després amb %s (clau de %d bits) i finalment amb %s (clau de %d bits). Cada xifrat utilitza la seva pròpia clau. Les claus són independents entre si. - Tingui en compte que, depenent de la configuració del sistema operatiu, pot ser que les opcions d'automuntatge i d'autoarrencada només funcionin si el disc de viatge es crea en un mitjà de només lectura coma ra un CD o DVD. Això no és un error al VeraCrypt (és una limitació del Windows). - S'ha creat un disc de viatge VeraCrypt amb èxit.\n\nRecordi que és necessari tenir privilegis d'administrador per executar el VeraCrypt en mode portable. Tingui en compte també que, després d'examinar el fitxer de registres, és possible saber que el VeraCrypt s'ha executat en un sistema Windows encara que s'executi en mode portable. - Disc de viatge VeraCrypt - Dissenyat per Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall i Niels Ferguson. Publicat el 1998. Clau de 256 bits, bloc de 128 bits. Mode XTS. Va ser un dels finalistes d'AES. - Més informació sobre %s - Desconegut - S'ha produït un error desconegut o no especificat(%d). - Alguns volums contenen fitxers o directoris que estan sent utilitzats per aplicacions o pel sistema.\n\nVol forçar el desmuntatge? - &Desmuntar - Error al desmuntar! - El volum conté fitxers o directoris que estan sent utilitzats per altres aplicacions o pel sistema.\n\nVol forçar el desmuntatge? - No volume is mounted to the specified drive letter. - El volum que intenta muntar ja està muntat. - S'ha produït un error a l'intentar muntar el volum. - Error en buscar ubicació dins el volum. - Error: la mida del volum és incorrecte. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Un contenidor dimànic és un fitxer NTFS dispers preubicat la mida física del qual (l'espai de disc utilitzat) s'amplia quan s'hi afegeixen dades.\n\nATENCIÓ: El rendiment dels volumns en fitxers dispersos és significativament pitjor que el dels volums normals. Aquests volums també són menys segurs, ja que és possible determinal quins sectors del volum no s'estan utilitzant. A més a més, aquests volums no poden allotjar un volum ocult. Tingui en compte que si s'estiuen dades a un fitxer dispers quan no hi ha prou espai al seu sistema de fitxers, el sistema de fitxers xifrat es pot corrompre.\n\nSegur que vol crear un volum de fitxer dispers? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - El VeraCrypt no pot canviar la contrasenya d'un volum extern. - Si us plau, seleccioni una lletra d'unitat lliure de la llista. - Si us plau, seleccioni un volum muntat a la llista de lletres d'unitat. - Hi ha dos volums muntats diferents seleccionats (un a la llista de lletres d'unitat i l'altre al camp d'entrada a sota la llista).\n\nSi us plau, esculli el volum que vulgui seleccionar: - Error: no s'ha pogut crear el fitxer autorun.inf - Error processant el fitxer de claus! - Error processant l'ubicació del fitxer de claus! - La ubicació no conté fitxers.\n\nTingui en compte que els directoris (i els fitxers que contenen) que es troben en aquesta ubicació s'han ignorat. - El VeraCrypt no és compatible amb aquest sistema operatiu. - Error: el VeraCrypt només és compatible amb versions estables d'aquest sistema operatiu (Les versions beta/RC no són compatibles). - Error: No es pot assignar memòria. - Error: No s'ha pogut recuperar el valor de comptador de rendiment. - Error: volum mal formatat. - Error: S'ha proporcionat una contrasenya per un volum ocult (no per un volum normal). - Per motius de seguretat, un volum ocult no es pot crear dins d'un altre volum que contingui un sistema operatiu i que s'hagi xifrat in situ (ja que l'espai lliure del volum no s'ha omplert amb dades aleatòries). - VeraCrypt - Notes legals - Tots els fitxers - Volums VeraCrypt - Mòduls de la biblioteca - El procés de format NTFS no pot continuar. - No s'ha pogut muntar el volum. - No s'ha pogut desmuntar el volum. - El Windows no ha pogut donar format NTFS al volum.\n\nSi us plau, seleccioni un altre tipus de sistema de fitxers (si és possible) i torni-ho a provar. També hi ha l'opció de deixar el volum sense format (seleccionant 'Cap' sistema de fitxers), sortir de l'assistent, muntar el volum i després utilitzar una eina de sistema o de tercers per donar format al volum (que es mantindrà xifrat). - El Windows no ha pogut formatar el volum amb NTFS.\n\nEl vol formatar amb FAT en comptes d'això? - Per defecte - partició - PARTICIÓ - Dispositiu - dispositiu - DISPOSITIU - Volum - volum - VOLUM - Etiqueta - La mida de clúster seleccionada és massa petita per aquesta mida de volum. S'ha d'utilitzar una mida de clúster més gran. - Error: No s'ha pogut obtenir la mida del volum!\n\nAssegui's que el volum seleccionat no està sent utilitzant pel sistema o per una aplicació. - Els volums ocults no es poden crear a dins de contenidors dinàmics. Per aconseguir una negació plausible, el volum ocult s'ha de crear dins un contenidor que no sigui dinàmic. - L'assistent de creació de volums VeraCrypt només pot crear volums ocults dins de volums FAT o NTFS - Sobre Windows 2000, l'assistent de creació de volums VeraCrypt només pot crear volums ocults dins de volums FAT. - Nota: El sistema de fitxers FAT és més adecuat per volums exteriors que el sistema de fitxers NTFS (per exemple, la mida màxim del volum ocult podria ser segurament molt més gran si el volum exterior tingués un format FAT). - Nota: El sistema de fitxers FAT és més adecuat per volums exteriors que el sistema de fitxers NTFS. Per exemple, la mida màxim del volum ocult podrà ser segurament molt més gran si el volum exterior té un format FAT (això és degut a que el sistema de fitxers NTFS sempre emmagatzema les dades internes exactament a la meitat del volum i, per tant, el volum ocult només es pot ubicar a la segona meitat del volum exterior)\n\nSegur que vol donar un format NTFS al volum? - Prefereix formatar el volum amb FAT? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: La partició pel sistema operatiu ocult (la primera després de la partició de sistema) ha de ser almenys un 5% més gran que la partició de sistema (la partició de sistema la que té instal·lat el sistema operatiu actual). - Error: La partició pel sistema operatiu ocult (la primera partició després de la partició de sistema) ha de ser com a mínim un 110% (2.1 vegades) més gran que la partició de sistema. La raó d'això és que el sistema de fitxers NTFS sempre emmagatzema les dades exactament a la meitat del volum i, per tant el volum ocult (que conté una còpia de la partició de sistema) només pot estar a la segona meitat de la partició. - Error: Si el volum exterior té un format NTFS ha de ser com a mínim un 110% (2.1 vegades) més gran que la partició de sistema. La raó d'això és que el sistema de fitxers NTFS sempre emmagatzema les dades exactament a la meitat del volum i, per tant el volum ocult (que conté una còpia de la partició de sistema) només pot estar a la segona meitat de la partició.\n\nNota: El volum exterior ha d'estar a la mateixa partició que el sistema operatiu ocult (la primera partició després de la partició del sistema). - Error: No hi ha cap partició després de la partició del sistema.\n\nTingui en compte que abans de crear un sistema operatiu ocult, és necessari crear una partició per ell a la unitat de sistema. Ha de ser la primera partició després de la partició de sistema i ha de ser almenys un 5% més gran que la partició de sistema (la partició de sistema és la que té instal·lat el sistema operatiu que s'està executant actualment). No obstant, si el volum exterior (no confondre amb la partició de sistema) té un format NTFS, la partició pel sistema operatiu ocult (la primera partició després de la partició de sistema) ha de ser com a mínim un 110% (2.1 vegades) més gran que la partició de sistema. La raó d'això és que el sistema de fitxers NTFS sempre emmagatzema les dades exactament a la meitat del volum i, per tant el volum ocult (que conté una còpia de la partició de sistema) només pot estar a la segona meitat de la partició. - Observació: Instal·lar sistemes operatius a dos volums que estiguin dincs d'una mateixa partició no és pràctic (ni està suportat) ja que utilitzar el sistema operatiu exterior requeriria escriure dades a l'àrea del sistema operatiu ocult (i si aquestes operacions estan protegides utilitzant la protecció de volums ocults, pot causar fallades del sistema i pantalles blaves d'errors). - Per trobar informació sobre la creació i administració de particions consulti la documentació del seu sistema operatiu o contacti amb l'equip de suport del proveïdor de l'ordinador per demanar assistència. - Error: El sistema operatiu actual no està instal·lat a la partició d'arranc (la primera partició activa). Això no està suportat. - Ha indicat que té intenció de guardar fitxers més grans de 4 GB dins el volum. Tot i això, ha escollit el sistema de fitxers FAT, que no permet emmagatzemar fitxers més grans de 4 GB.\n\nSegur que vol donar un format FAT al volum? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Error: No s'ha pogut accedir al volum!\n\nAsseguri's que el volum seleccionat existeix, que no està muntat ni sent utilitzat pel sistema o alguna aplicació, que té permisos de lectura i escriptura sobre el volum i que no està protegit contra escriptura. - Error: Cannot obtain volume properties. - Error: No s'ha pogut accedir al volum ni/o obtenir informació sobre el volum.\n\nAsseguri's que el volum seleccionat existeix, que no està muntat ni sent utilitzat pel sistema o alguna aplicació, que té permisos de lectura i escriptura sobre el volum i que no està protegit contra escriptura. - Error: No s'ha pogut accedir al volum!\n\nAsseguri's que el volum seleccionat existeix, que no està muntat ni sent utilitzat pel sistema o alguna aplicació, que té permisos de lectura i escriptura sobre el volum i que no està protegit contra escriptura.\n\nSi el problema persisteix, pot ser d'ajuda seguir els passos següents. - Un error ha evitat que el VeraCrypt xifri la partició. Si us plau, intenti arreglar qualsevol problema notificat anteriorment i torni-ho a provar. Si el problema persisteix, pot ser d'ajuda seguir els passos següents. - Un error ha evitat que el VeraCrypt recuperi el procés de xifrat de la partició. Si us plau, intenti arreglar qualsevol problema notificat anteriorment i torni-ho a provar. Recordi que no es pot muntar un volum fins que no està completament xifrat. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Error: No s'ha pogut desmuntar el volum ocult!\n\nEl volum no es pot desmuntar si conté fitxers o directoris que estiguin sent utilitzats pel sistema o una aplicació.\n\nSi us plau tenqui tots els programes que puguin estar utilitzant els fitxers o directoris del volum i torni-ho a provar. - Error: No s'ha pogut obtenir informació sobre el volum exterior!\nLa creació del volum no pot continuar. - Error: No s'ha pogut accedir al volum exterior! La creació del volum no pot continuar. - Error: No s'ha pogut muntar al volum exterior! La creació del volum no pot continuar. - Error: No s'ha pogut obtenir el mapa de bits del clúster del volum! La creació del volum no pot continuar. - Alfabètic/Categoritzat - Velocitat mitjana(Descendent) - Algorisme - Xifratge - Desxifratge - Mitjana - Unitat - Mida - Algorisme de xifrat - Algorisme de xifrat - Tipus - Valor - Propietat - Ubicació - bytes - Ocult - Exterior - Normal - De sistema - Ocult (sistema) - Només lectura - Unitat de sistema - Unitat de sistema (xifrant - %.2f%% fet) - Unitat de sistema (desxifrant - %.2f%% fet) - Unitat de sistema (%.2f%% xifrat) - Partició de sistema - Partició de sistema oculta - Partició de sistema (xifrant - %.2f%% fet) - Partició de sistema (desxifrant - %.2f%% fet) - Partició de sistema (%.2f%% xifrat) - Si (s'han evitat els danys!) - Cap - Mida de la clau primària - Mida de la clau secundària (mode XTS) - Mida de la clau d'ajust (mode LRW) - bits - Mida del bloc - PKCS-5 PRF - Comptador d'iteracions PKCS-5 - Data de creació - Capçalera modificada - (fa %I64d dies) - Versió de format - Còpia de la capçalera inclosa - Versió del gestor d'arranc - primera disponible - Disc extraïble - Disc dur - Sense canvis - Autodetection - Assistent - Seleccioni una de les modalitats. Si no està segur de quina escollir, trii l'opció per defecte. - Seleccioni aquesta opció si vol instal·lar el VeraCrypt al seu sistema. - Nota: Pot actualitzar sense desxifrar encara si la partció/unitat de sistema està xifrada o està utilitzant un sistema operatiu ocult. - Si selecciona aquesta opció, s'extrauran tots els fitxers però no s'instal·larà res al sistema. No seleccioni aquesta opció si vol xifrar la partició o la unitat de sistema. Escollir aquesta opció pot ser útil, per exemple, si vol executar el VeraCrypt en l'anomenat mode portable. No és necessari instal·lar el VeraCrypt al sistema operatiu sobre el qual s'executarà. Després d'extreure tots els fitxers podrà executar el fitxer 'VeraCrypt.exe' (això executarà el VeraCrypt en mode portable) - Opcions de configuració - Aqui pot establir les diferents opcions per controlar la instal·lació. - Instal·lant - Esperi mentre s'instal·la el VeraCrypt. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Opcions d'extracció - Aqui pot configurar diverses opcions per controlar el procés d'extracció. - Esperi mentre s'extreuen els fitxers. - Files successfully extracted - Tots els fitxers s'han extret amb èxit al directori de destí. - Si el directori especificat no existeix, es crearà automàticament. - Els fitxers del VeraCrypt s'actualitzaran a l'ubicació on hi ha el programa instal·lat. Si vol seleccionar una ubicació diferent, desinstal·li el VeraCrypt abans. - Vol veure les notes de la versió actual (la última estable) del VeraCrypt? - Si no ha utilitzat mai el VeraCrypt, li recomanem que llegeixi el capítol 'Tutorial per a principiants' a la guia d'usuari del VeraCrypt. Vol veure el tutorial ara? - Seleccioni una acció a realitzar entre les següents: - Reparar/Reinstal·lar - Actualitzar - Desinstal·lar - Per instal·lar o desinstal·lar el TrueCypt són necessaris privilegis d'administrador. Vol continuar? - L'instal·lador del VeraCrypt està realitzant una instal·lació o actualització del programa. Abans de continuar, si us plau esperi que acabi o tenqui'l. Si no el pot tancar, reinicii l'ordinador abans de continuar. - La instal·lació ha fallat. - La desinstal·lació ha fallat. - Aquest paquet de distribució està malmès. Si us plau, torni'l a descarregar (preferentment des del lloc web oficial del VeraCrypt, a https://veracrypt.codeplex.com). - No s'ha pogut escriure el fitxer %s - Extraient - No s'han pogut llegir dades del paquet. - No s'ha pogut verificat la integritat d'aquest paquet de distribució. - Ha fallat l'extracció. - La instal·lació s'ha desfet. - S'ha instal·lat el VeraCrypt amb èxit. - S'ha actualitzat el VeraCrypt amb èxit. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - El VeraCrypt s'ha desinstal·lat amb èxit.\n\nFaci clic a 'Acabar' per eliminar l'instal·lador del VeraCrypt i el directori %s. Tingui en compte que el directori no s'esborrarà si conté fitxers que no hagi instal·lat o creat el VeraCrypt. - Eliminant les entrades al registre del TruCrypt - Afegint l'entrada al registre - Eliminant les dades de l'aplicació - Instal·lant - Aturant - Eliminant - Afegint la icona - Creant un punt de restauració del sistema - No s'ha pogut crear un punt de restauració del sistema! - Actualitzant el gestor d'arranc - No s'ha pogut instal·lar '%s'. %s\nVol seguir amb la instal·lació? - No s'ha pogut desinstal·lar '%s'. %s\nVol seguir amb la desinstal·lació? - Instal·lació finalitzada. - No s'ha pogut crear el directori '%s' - No s'ha pogut desmuntar el controlador de dispositius del VeraCrypt.\n\nSi us plau, tenqui abans totes les finestres del VeraCrypt. Si això no funciona, reinicii el Windows i torni-ho a provar. - S'han de desmuntar tots els volums VeraCrypt abans d'instal·lar o desinstal·lar el programa. - Actualment hi ha una versió obsoleta del VeraCrypt instal·lada al sistema. És necessari desinstal·lar-la abans de poder instal·lar aquesta versió més nova del VeraCrypt.\n\nDesprés de tancar aquest missatge es llançarà el desinstal·lador de la versió antiga. Recordi que no es desxifrarà cap volum quan es desinstal·li el VeraCrypt. Després de desinstal·lar la versió antiga del VeraCrypt, torni a executar la instal·lació de la nova versió. - Ha fallat la instal·lació de les entrades al registre - Ha fallat la instal·lació del controlador de dispositius. Si us plau, reinicii el Windows i torni a provar d'instal·lar el VeraCrypt. - Engegant el controlador de dispositius del VeraCrypt - La desinstal·lació del controlador de dispositius del VeraCrypt ha fallat. Tingui en compte que degut a un error de Windows, pot ser necessari tancar la sessió o reiniciar el sistema abans de poder desinstal·lar (o reinstal·lar) el controlador de dispositius. - Instal·lant el controlador de dispositius del VeraCrypt - Aturant el controlador de dispositius del VeraCrypt - Desinstal·lant el controlador de dispositius del VeraCrypt - Ha fallat el registre de la biblioteca de suport del control d'autenticació d'usuaris. - Ha fallat l'anul·lació del registre de la biblioteca de suport del control d'autenticació d'usuaris. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Tingui en compte que si decideix executar el VeraCrypt en mode portable (en comptes d'una còpia instal·lada del VeraCrypt) el sistema li demarà permisos (UAC) per executar el VeraCrypt cada cop que el vulgui executar.\n\nAixò és perquè cada vegada que s'executa en mode portable, el VeraCrypt ha de carregar i engegar el controlador de dispositius. El controlador és necessari per proporcionar la possibilitat de xifrar/desxifrar de manera transparent i els usuaris sense privilegis d'administrador no el poden executar en Windows.\n\nTingui en compte que si instal·la el VeraCrypt el sistema NO li requerirà permisos (UAC) cada vegada que l'executi.\n\nSegur que vol extreure els fitxers? - ATENCIÓ: Aquesta instància de l'assistent de creació de volums té privilegis d'administrador.\n\nPot ser que els nous volums es creîn amb permisos que no li permetin escriure-hi quan es muntin. Si vol evitar això, tanqui aquesta instància de l'assistent de creació de volums i engegui'n una altre sense privilegis d'administrador.\n\nVol tancar aquestà instància de l'assistent de creació de volums? - Error: No es pot mostrar la llicència. - Exterior(!) - dies - hores - minuts - s - Obrir - Desmuntar - Veure el VeraCrypt - Amagar el VeraCrypt - Dades llegides des del muntatge - Dades escrites des del muntatge - Percentatge de xifrat - 100% (xifrat del tot) - 0% (no xifrat) - %.3f%% - 100% - Esperant - Preparant - Redimensionant - Xifrant - Desxifrant - Finalitzant - Aturat - Acabat - Error - Dispositiu desconnectat - S'han guardat els volums favorits del sistema.\n\nPer activar el muntatge dels volums favorits del sistema quan aquest arranqui, seleccioni 'Configuració' > 'Volums favorits del sistema' > 'Muntar els volums favorits del sistema quan s'engegui el Windows'. - El volum que està afegint als favorits no és ni una partició ni un volum dinàmic. Per tant, el VeraCrypt no podrà muntar aquest volum favorit si el número de dispositiu canvia. - El volum que està afegint a favorits és una partició que el Windows no reconeix.\n\nEl VeraCrypt no podrà muntar aquesta unitat favorita si el número de dispositius canvia. Si us plau, estableixi el tipus de partició a un que pugui reconeixer el Windows (utilitzi la comanda 'SETID' de l'eina de 'diskpart' de Windows). Després, torni a afegir la partició als favorits. - La tasca en segon pla del VeraCrypt està desactivada o està configurada per tancar-se quan no hi hagi volums muntats (o s'està executant el VeraCrypt en mode portable). Això pot evitar que els volums favorits es muntin quan es connectin els dispositius que els contenen.\n\nNota: Per activar la tasca en segon pla, seleccioni 'Configuració' > 'Preferències' i asseguri's que la casella 'Activat' està marcada a la secció 'VeraCrypt en segon pla'. - Un contenidor emmagatzemat en un sistema de fitxers remot compartit per xarxa no es pot muntar automàticament quan el dispositiu que l'allotja es connecti. - El dispositiu que es mostra a continuació no és ni una partició ni un volum dinàmic. Per tant, el volum allotjat al dispositiu no es podrà muntar automàticament quan es connecti el dispositiu. - Si us plau, estableixi el tipus de la partició que es mostra a continuació a un que pugui reconeixer el Windows (utilitzi la comanda 'SETID' de l'eina de 'diskpart' de Windows). Després, esborri la partició als favorits i torni-la a afegir. Axiò permetrà al volum allotjat al dispositiu muntar-se automàticament cada cop que es connecti. - El dispositiu que es mostra a continuació no és ni una partició ni un volum dinàmic. Per tant, no se li pot assignar una etiqueta. - Si us plau, estableixi el tipus de la partició que es mostra a continuació a un que pugui reconeixer el Windows (utilitzi la comanda 'SETID' de l'eina de 'diskpart' de Windows). Després, esborri la partició als favorits i torni-la a afegir. Això permetrà al VeraCrypt assignar-li una etiqueta. - Degut a una limitació del Windows, un contenidor emmagatzemat en un sistema de fitxers remot compartit per xarxa no es pot muntar com a volum favorit del sistema (no obstant, si que es pot muntar com un volum favorit normal quan l'usuari inicia la sessió). - Introdueixi la contrassenya per a %s - Introdueixi la contrassenya per a '%s' - Introdueixi la contrasenya del volum normal/exterior - Introdueixi la contrasenya del volum ocult - Introdueixi la contrasenya de la capçalera guardada a la còpia de seguretat - El fitxer de claus s'ha creat amb èxit. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - ATENCIÓ: La capçalera d'aquest volum està malmesa! El VeraCrypt ha utilitzat automàticament la còpia de seguretat inclosa al volum.\n\nHa de reparar la capçalera del volum seleccionant 'Eines' > 'Restaurar la capçalera' - S'ha creat amb èxit la còpia de seguretat de la capçalera.\n\nIMPORTANT: Restaurar la capçalera utilitzant aquesta còpia de seguretat també restaurarà la contrasenya actual. D'altre banda, si es necessiten fitxers de claus per muntar el volum, seràn necessàris els mateixos fitxers de claus per muntar el volum quan es restauri la capçalera.\n\nATENCIÓ: Aquesta còpia de seguretat de la capçalera NOMÉS es pot utilitzar per restaurar la capçalera d'aquest volum en particular. Si utilitza aquesta còpia de seguretat per restaurar la capçalera d'un volum diferent, podrà muntar el volum, però NO serà possible desxifrar-ne el contingut que hi hagi emmagatzemat (ja que s'haurà canviat la clau mestra). - S'ha restaurat la capçalera del volum.\n\nIMPORTANT: Si us plau, recordi que també s'ha restaurat l'antiga contrasenya. A més, si era necessari algun fitxer de claus per muntar el volum quan es va crear, ara tornaran a ser-ho. - Per motius de seguretat, haurà d'introduïr la contrasenya correcte (i/o proporcionar els fitxers de claus correctes) pel volum.\n\nNota: Si el volum conté un volum ocult, primer haurà d'introduïr la contrasenya correcte (i/o proporcionar els fitxers de claus correctes) pel volum exterior. Posteriorment, si vol fer una còpia de seguretat de la capçalera del volum ocult, haurà d'introduïr la contrasenya correcte (i/o proporcionar els fitxers de claus correctes) pel volum ocult. - Segur que vol crear una còpia de seguretat de la capçalera de %s?\n\nQuan faci clic a 'Si', se li demanarà un nom de fitxer per la còpia de seguretat de la capçalera.\n\nNota: Tan les capçaleres del volum normal com les del volum ocult es tornen a xifrar i es guarden a la còpia de seguretat. Si no hi ha cap volum ocult a dins d'aquest volum, l'àrea reservada a la capçalera del volum ocult dins la còpia de seguretat s'omplirà amb dades aleatòries. Quan es restauri la capçalera des de la còpia de seguretat, s'haurà de proporcionar la contrasenya correcte (i/o els fitxers de claus) que fós vàlida quan es va crear la còpia de seguretat de la capçalera. La contrasenya (i/o els fitxers de claus) determinaran automàticament quina capçalera es restaurarà, si la del volum normal o l'oclt (el VeraCrypt en determina el tipus fent servir el mètode d'assaig i error). - Segur que vol restaurar la capçalera del volum %s?\n\nATENCIÓ: Restaurar la capçalera d'un volum també restaura la contrasenya que era vàlida quan es va crear la còpia. A més, el(s) fitxer(s) de claus que eren necessaris quan es va fer la còpia de seguretat seran els necessaris per muntar el volum quan es restauri la capçalera.\n\nDesprés de fer clic a 'Si', haurà de seleccionar el fitxer de còpia de seguretat de la capçalera. - El volum conté un volum ocult? - El volum conté un volum ocult - El volum no conté cap volum ocult - Si us plau, seleccioni el tipus de còpia de seguretat que vol utilitzar: - Restaurar la capçalera des de la còpia de seguretat inclosa al volum - Restaurar la capçaelera del volum des d'una còpia de seguretat externa - La mida de la còpia de seguretat de la capçalera és incorrecte. - No hi ha una còpia de seguretat inclosa en aquest volum (tingui en compte que només els volums creats amb un VeraCrypt 6.0 o superiro tenen aquestes còpies). - Està intentant fer una còpia de seguretat de la partició/unitat de sistema. Això no està permés. Les operacions de còpia de seguretat i restauració de les particions/unitats de sistema només es poden realitzar a través dels discos de recuperació del VeraCrypt.\n\nVol crear un disc de recuperació? - Està intentant restaurar una còpia de seguretat de la partició/unitat de sistema. Això no està permés. Les operacions de còpia de seguretat i restauració de les particions/unitats de sistema només es poden realitzar a través dels discos de recuperació del VeraCrypt.\n\nVol crear un disc de recuperació? - Després de fer clic a 'OK', haurà de seleccionar un nom de fitxer per el nou fitxer ISO del disc de recuperació i la ubicació on vol guardar-lo. - S'ha creat la imatge del disc de recuperació i s'ha guardat a:\n%s\n\nAra ha de gravar la imatge a un CD o DVD.\nIMPORTANT: Tingui en compte que el fitxer s'ha de gravar a un CD/DVD com a imatge ISO (no com un fitxer individual).\n\nDesprés de gravar el disc de recuperació, seleccioni 'Sistema' > 'Verificar el disc de recuperació' per verificar que s'ha gravat correctament. - S'ha creat la imatge del disc de recuperació i s'ha guardat a:\n%s\n\nAra ha de gravar la imatge a un CD o DVD.\n\nVol executar el gravador d'imatges de disc de Microsoft Windows?\n\nDesprés de gravar el disc de recuperació, seleccioni 'Sistema' > 'Verificar el disc de recuperació' per verificar que s'ha gravat correctament. - Si us plau, introdueixi el disc de recuperació del VeraCrypt a la unitat de CD/DVD i faci clic a 'OK' per verificar-lo. - S'ha verificat el disc de recuperació del VeraCrypt amb èxit. - No s'ha pogut verificar que el disc de recuperació s'hagi gravat correctament.\n\nSi ha gravat el disc de recuperació, si us plau expulsi el CD/DVD de l'unitat i torni'l a posar; torni a provar la verificació. Si això no soluciona el problema, intenti gravar el disc de recuperació amb un altre programa o a un altre tipus de mitjà.\n\nSi està intentant verificar un disc de recuperació que s'ha creat amb una clau mestra, contrasenya, etc. diferent aquesta verificació sempre fallarà. Per a crear un nou disc de recuperació completament compatible amb la configuració actual, seleccioni 'Sistema' > 'Crear un disc de recuperació'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Error al crear un disc de recuperació VeraCrypt. - No es pot crear un disc de recuperació mentre s'està executant un sistema operatiu ocult\n\nPer crear un disc de recuperació, engegui el sistema operatiu esquer i faci clic a 'Sistema' > 'Crear un disc de recuperació'. - No s'ha pogut verificar que el disc de recuperació s'hagi gravat correctament.\n\nSi ha gravat el disc de recuperació, si us plau expulsi el CD/DVD de l'unitat i torni'l a posar; torni a provar la verificació. Si això no soluciona el problema, intenti gravar el disc de recuperació en un altre tipus de mitjà%s.\n\nSi encara no ha gravat el disc de recuperació, faci-ho ara i després faci clic a 'Següent'.\n\nSi està intentant verificar un disc de recuperació creat abans d'engegar aquest assistent tingui en compte que aquest disc no serà usable, ja que es va crear amb una clau mestra diferent. És necessari gravar el disc de recuperació nou. - i/o altre programari d'enregistrament de CD/DVD - VeraCrypt - Volums favorits del sistema - Què son els volums favorits del sistema? - La partició/unitat de sistema sembla no estar xifrada.\n\nEls volums de sistema favorits només es poden muntar utilitzant les contrasenyes de prearrencada. Per tant, per habilitar l'ús dels volums de sistema favorits necessita xifrar abans la partició/unitat de sistema. - Si us plau, desmunti el volum abans de continuar. - Error: No s'ha pogut configurar el temps. - Comprovar el sistema de fitxers - Reparar el sistema de fitxers - Afegir als favorits... - Afegir als volums favorits del sistema... - P&ropietats... - Volum ocult protegit - N/A - Si - No - Desactivat - 1 - 2 o més - Mètode de treball - Etiqueta: - Mida: - Ubicació: - Lletra d'unitat: - Error: La contrasenya només pot contenir caràcters ASCII.\n\nEls caràcters fora d'ASCII poden causar que el volum sigui impossible de muntar quan canvii la configuració del sistema.\n\nEls següents caràcters són vàlids:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - ATENCIÓ: La contrasenya només pot contenir caràcters ASCII.\n\nEls caràcters fora d'ASCII poden causar que el volum sigui impossible de muntar quan canvii la configuració del sistema.\n\nHa de sustituïr tots els caràcters fora d'ASCII de la contrasenya per caràcters ASCII. Per fer-ho, faci clic a 'Volums' -> 'Canviar la contrasenya del volum'.\n\nEls següents caràcters són vàlids:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - ATENCIÓ: És molt recomanable evitar les extensions de fitxer que utilitzen els executables (.exe, .sys o .dll) i d'altres extensions problemàtiques similars. Utilitzar aquest tipus d'extensions provoca que el Windows i els programes antivirus monitoritzin el contenidor, cosa que afecta el rendiment del volum i pot causar d'altres problemes greus.\n\nÉs molt recomanable que elimini l'extensió del fitxer o la canvii (per exemple, a .hc).\n\nSegur que vol utilitzar aquest tipus d'extensió problemàtica? - ATENCIÓ: Aquest contenidor té una extensió de fitxer que utilitzen els executables (.exe, .sys o .dll) i d'altres extensions problemàtiques similars. Utilitzar aquest tipus d'extensions provoca que el Windows i els programes antivirus monitoritzin el contenidor, cosa que afecta el rendiment del volum i pot causar d'altres problemes greus. És molt recomanable que elimini l'extensió del fitxer o la canvii (per exemple, a .hc) després de desmuntar el volum. - Pàgina principal - ATENCIÓ: Sembla que no ha aplicat cap Service Pack a la instal·lació de Windows. No podrà escriure en discos IDE més grans de 128 GB amb el Windows XP si no aplica el Service Pack 1 o superior! Si ho fa, les dades al disc (sense importar si és un volum VeraCrypt o no) es poden corrompre. Això és una limitació del Windows, no un error al VeraCrypt. - ATENCIÓ: Sembla que no ha aplicat el Service Pack 3 a la instal·lació de Windows. No podrà escriure en discos IDE més grans de 128 GB amb el Windows 2000 si no aplica el Service Pack 3 o superior! Si ho fa, les dades al disc (sense importar si és un volum VeraCrypt o no) es poden corrompre. Això és una limitació del Windows, no un error al VeraCrypt.\n\nNota: també pot ser necessari habilitar el suport LBA 48-bit al registre; per a més informació, visiti http://support.microsoft.com/kb/305098/EN-US - ATENCIÓ: El sistema no té activat el suport 48-bit LBA ATAPI. Per tant, no podrà escriure en discos IDE més grans de 128 GB! Si ho fa, les dades al disc (sense importar si és un volum VeraCrypt o no) es poden corrompre. Això és una limitació del Windows, no un error al VeraCrypt\n\nPer activar el suport 48-bit LBA ATAPI, afegeixi el valor 'EnableBigLba' a la clau de registre HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters i estableixi el seu valor a 1. Per a més informació, visiti http://support.microsoft.com/kb/305098/EN-US - Error: No es poden guardar fitxers més grans de 4 GB en sistemes de fitxers FAT32. Per tant, els volums de fitxer (contenidors) allotjans dins un sistema de fitxers FAT32 no poden ser més grans de 4 GB.\n\nSi necessita un volum més gran, l'haurà de crear en un sistema de fitxers NTFS (o, si utilitza Windows Vista o superior, en un sistema de fitxers exFAT) o, en comptes d'això, xifri la partició o dispositiu sencer. - Error. El Windows XP no suporta fitxers més grans de 2048 GB. Per tant, no pot crear un volum de fitxer (contenidor) més gran de 2048 GB sota Windows XP.\n\nTingui en compte que si que és possible xifrar la unitat sencera o crear un volum de partició més gran de 2048 GB sota Windows XP. - ATENCIÓ: Si vol poder afegir més dades/fitxers al volum exterior en un futur, consideri especificar una mida més petita pel volum ocult.\n\nSegur que vol continuar amb la mida especificada? - No hi ha cap volum seleccionat.\n\nFaci clic a 'Triar fitxer' o 'Triar dispositiu' per seleccionar un volum VeraCrypt. - No s'ha seleccionat cap partició. Faci clic a 'Triar dispositiu' per seleccionar una partició desmuntada que normalment requereixi d'autenticació prearrenada (per exemple, una partició ubicada a la unitat xifrada d'un altre sistema operatiu, que no s'estigui executant, o la partició xifrada d'un altre sistema operatiu).\n\nNota: La partició seleccionada es muntarà com un volum normal de VeraCrypt, sense l'autenticació prearrencada. Això és útil, per exemple, per a fer tasques de còpia de segurett o restauració. - ATENCIÓ: Si s'activen els fitxers de claus per defecte, els volums que no facin servir aquests fitxers de clau no es podran muntar. Per tant, després d'activar els fitxers de claus per defecte recordi de desmarcar l'opció 'Usar fitxers de claus' (sóta el camp d'entrada de contrasenyes) quan munti aquests volums.\n\nSegur que vol guardar els fitxers/rutes com a opcions per defecte? - Muntar automàticament - Desmuntar-ho tot - Buidar memòria cau - Desmuntar-ho tot & buidar memòria cau - Forçar desmuntar-ho tot & buidar memòria cau - Forçar desmuntar-ho tot, buidar memòria cau & sortir - Muntar els volums favorits - Mostrar/Amagar la finestra del VeraCrypt - (Faci clic aqui i premi una tecla) - Acció - Drecera - Error: Aquesta drecera està reservada. Si us plau, esculli'n una altre. - Error: Aquesta drecera ja s'està utilitzant. - ATENCIÓ: Una o més dreceres de teclat del VeraCrypt no funcionen!\n\nSi us plau, asseguri's que d'altres aplicacions o el sistema operatiu no fan servir les mateixes dreceres de teclat que el VeraCrypt. - S'ha impedit la creació d'un fitxer de paginació.\n\nDegut a un problema de Windows, els fitxers de paginació no es poden ubicar a volums que no siguin de sistema (inclosos els favorits del sistema). El VeraCrypt permet la creació de fitxers de paginació només en una partició/unitat de sistema xifrada. - Un error o una incompatibilitat ha evitat que el VeraCrypt xifrés el fitxer d'hibernació. Per tant, s'ha evitat l'hibernació.\n\nNota: Quan un ordinador hiberna (o entra en un mode d'estalvi d'energia) el contingut de la memòria del sistema s'escriu a un fitxer d'hibernació dins la unitat de sistema. El VeraCrypt no podria evitar que les claus de xifrat i el contingut dels fitxers sensibles oberts a la RAM es guardessin sense xifrar al fitxer d'hibernació. - S'ha evitat l'hibernació.\n\nEl VeraCrypt no permet l'hibernació d'un sistema operatiu ocult que utilitza particions d'arranc extra. Tingui en compte que la partició d'arranc és compartida pel fitxer esquer i pel sistema ocult. Per tant, per evitar fugues de dades i problemes quan es restaura la hibernació, el VeraCrypt ha d'evitar que el sistema operatiu ocult escrigui a la partició d'arranc i que hiberni. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - ATENCIÓ: Si la tasca en segon pla del VeraCrypt està desactivada, les següents funcionalitats també ho estaran:\n\n1) Dreceres de teclat\n2) Desmuntatge automàtic\n3) Muntatge automàtic dels volums automàtics\n4) Notificacions\n5)Icona a la safata\n\nNota: Es pot aturar la tasca en segon pla del VeraCrypt fent clic amb el botó dret a l'icona a la safata i seleccionant 'Sortir'.\n\nEstà segur que vol desactivar permanentment la tasca en segon pla? - ATENCIÓ: Si aquesta opció es desactiva, els volums que continguin fitxers/directoris oberts no es podran desmuntar automàticament.\n\nSegur que vol desactivar aquesta opció? - ATENCIÓ: Els volums que tinguin fitxers/directoris oberts no es desmuntaran automàticament.\n\nPer evitar això, habiliti l'opció 'Forçar el desmuntatge automàtic encara que el volum tingui fitxers o directoris oberts' en aquesta finestra. - ATENCIÓ: Quan queda poca bateria al portàtil, el Windows pot ometre els missatges oportuns a les aplicacions que s'estigui executant quan s'entra en mode d'estalvi d'energia. Per tant, el desmuntatge automàtic del VeraCrypt pot fallar en aquests casos. - Hi ha un procés de xifrat d'una partició/volum encuat. Aquest procés no s'ha acabat.\n\nVol reprendre el procés ara? - Hi ha un procés de xifrat o desxifrat de la partició/unitat de sistema. Aquest procés no s'ha acabat.\n\nVol engegar (reprendre) el procés ara? - Vol que se li torni a preguntar si vol reprendre els processos programats de xifrat de particions/volums? - Si, torna-m'ho a preguntar - No, no ho tornis a preguntar - IMPORTANT: Recordi que pot reprendre el procés de xifrat d'una partició/volum norma seleccionant 'Volums' > 'Continuar una tasca interrompuda' des del menú principal del VeraCrypt. - Ha encuat el procés de xifrat o desxifrat de la partició/unitat de sistema. Per tant, el procés d'autenticació de prearrencada (o s'ha evitat).\n\nNota: Si desxifra la partició/unitat de sistema a l'entorn de prearrencada és possible que hagi de finalitzar el procés selecionant 'Sistema' > 'Desxifrar la partició/unitat del sistema permanentment' al menú principal de la finestra del VeraCrypt. - ATENCIÓ: Si tanca VeraCrypt, les següents funcionalitats es desactivaran:\n\n1) Dreceres de teclat\n2) Desmuntatge automàtic\n3) Muntatge automàtic dels volums automàtics\n4) Notificacions\n\nNota: Si no vol que el VeraCrypt s'executi en segon pla, desactivi la tasca en segon pla des de les preferències (i, si és necessari, desactivi també l'inici automàtic del VeraCrypt).\n\nSegur que vol tancar el VeraCrypt. - Sortir? - El VeraCrypt no té prou informació per saber si ha de xifrar o desxifrar. - El VeraCrypt no té prou informació per saber si ha de xifrar o desxifrar.\n\nNota: Si ha desxifrat la partició/unitat de sistema a l'entorn de prearrencada, és possible que hagi de finalitzar el procés fent clic a 'Desxifrar'. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Vol interrompre i posposar el procés de xifrat de la partició/volum?\n\nNota: Tercordi que el volum no es pot muntar fins que s'hagi xifrat completament. Podrà reprendre el procés de xifrat i continuarà des del punt on s'ha aturat. Pot fer-ho, per exemple, seleccionant 'Volums' > 'Continuar una tasca interrompuda' al menú principal de la finestra del VeraCrypt. - Vol interrompre i posposar el procés de xifrat de la partició/volum de sistema?\n\nNota: Recordi que el volum no es pot muntar fins que s'hagi xifrat completament. Podrà reprendre el procés de xifrat i continuarà des del punt on s'ha aturat. Pot fer-ho, per exemple, seleccionant 'Sistema' > 'Continuar una tasca interrompuda' al menú principal de la finestra del VeraCrypt. Si vol revertir o evitar el procés de xifrat, seleccioni 'Sistema' > 'Desxifrar la partició/unitat del sistema permanentment'. - Vol interrompre i posposar el procés de desxifrat de la partició/volum de sistema?\n\nNota: Recordi que el volum no es pot muntar fins que s'hagi xifrat completament. Podrà reprendre el procés i continuarà des del punt on s'ha aturat. Pot fer-ho, per exemple, seleccionant 'Sistema' > 'Continuar una tasca interrompuda' al menú principal de la finestra del VeraCrypt. Si vol revertir el procés de desxifrat (i començar el de xifrat) seleccioni 'Sistema' > 'Xifrar la partició/unitat del sistema'. - Error: No s'ha pogut interrompre el procés de xifrat/desxifrat de la unitat/partició de sistema. - Error: No s'ha pogut interrompre el procés de neteja. - >Error: No s'ha pogut rependre el procés de xifrat/desxifrat de la unitat/partició de sistema. - Error: no s'ha pogut engegar el procés de neteja. - S'ha resolt la inconsistència.\n\n\n(Si reporta un error relacionat amb això, si us plau inclogui la següent informació tècnica:\n%hs) - Estat inesperat.\n\n\n(Si reporta un error relacionat amb això, si us plau inclogui la següent informació tècnica:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - ATENCIÓ: La tasca en segon pla del VeraCrypt està desactivada. Després de sortir del VeraCrypt, no rebrà notificacions si s'evita el dany a un volum ocult.\n\nNota: Es pot aturar la tasca en segon pla del VeraCrypt fent clic amb el botó dret a l'icona a la safata i seleccionant 'Sortir'.\n\nVol activar la tasca en segon pla del VeraCrypt? - Versió del paquet d'idioma: %s - Comprovant el sistema de fitxers del volum VeraCrypt muntat com %s... - Intentant reparar el sistema de fitxers del volum VeraCrypt muntat com %s... - ATENCIÓ: Aquest volum està xifrat amb un algorisme de xifrat antic.\n\nTots els algorismes de xifrat de blocs de 64 bits (Blowfish, CAST-128, Triple DES, etc.) estan descontinuats. Serà possible muntar aquest volum utilitzant versions posteriors del VeraCrypt. No obstant, no hi haurà més millores a les implementacions d'aquests algorismes de xifrats. És molt recomanable crear un nou volum xifrat amb un algorisme de blocs de 128 bits (AES, Serpent, Tworfish, etc.) i moure tots els fitxers des del volum antic al nou. - El sistema no està configurat per muntar automàticament els nous volums. Pot ser impossible muntar els volums de dispositiu. El muntatge automàtic es pot activar executant la següent comanda i reiniciant el sistema.\n\nmountvol.exe /E - Si us plau, assigni una lletra d'unitat a la partició/dispositiu abans de continuar ('Eines administratives' - 'Crear i donar format a les particions de disc').\n\nAixò és un requeriment del sistema operatiu. - Muntar el volum VeraCrypt - Desmuntar tots els volums VeraCrypt - El VeraCrypt no ha pogut obtenir privilegis d'administrador. - El sistema operatiu ha denegat l'accés.\n\nCausa possible: El sistema operatiu requereix tenir permisos de lectura i escriptura (o privilegis d'administrador) per alguns directoris, fitxers i dispositius per tal de poder llegir-hi/escriure-hi dades. Normalment un usuari sense privilegis d'administrador pot crear, llegir i modificar fitxers dins de la seva carpeta de documents. - Error: El controlador utilitza una mida de sector no suportada.\n\nActualment no és possible crear volums de partició o dispositiu en unitats que utilitzin sectors més grans de 4096 bytes. No obstant, és possible crear volums de fixer (contenidors) en aquestes unitats. - Actualment no és possible xifrar un sistema instal·lat en un disc que utilitzi una mida de sector diferent a 512 bytes. - El gestor d'arranc necessita com a mínim 32 KBytes d'espai lliure a l'inici de la unitat de sistema (s'ha de guardar en aquesta àrea). Desafortunadament, el seu disc no cumpleix aquesta condició.\n\nSi us plau, no notifiqui això com un error/problema del VeraCrypt. Per solucionar aquest problema, ha de tornar a particionar el disc i deixar lliures els primer 32 KBytes del disc (la majoria de casos es necessari esborrar i tornar a crear la primera partició). Es molt recomanable utilitzar el gestor de particions de Microsoft que està disponible, per exemple, quan s'instal·la en Windows. - Aquesta característica no està suportada per la versió actual del sistema operatiu. - El VeraCrypt no suporta el xifrat de la partició/unitat del sistema en aquesta versió del sistema operatiu que s'està executant. - Abans de poder xifrar la partició/unitat de sistema amb Windows Vista, és necessari instal·lar el Service Pack 1 o superior per Windows Vista (no hi ha cap Service Pack instal·lat en aquests moments).\n\nNota: El Service Pack 1 arregla un problema de manca de memòria base durant l'arrencada del sistema. - El VeraCrypt ja no suporta el xifrat d'una partició/unitat de sistema amb Windows Vista sense Service Pack. Abans d'actualitzar el VeraCrypt, si us plau instal·li el Service Pack 1 o superiro pel Windows Vista. - Error: Aquesta característica requereix instal·lar el VeraCrypt al sistema (està utilitzant el TrueCrypy en mode portable).\n\nSi us plau, instal·li el VeraCrypt i torni-ho a provar. - ATENCIÓ: Sembla que el Windows no està instal·lat a la unitat que l'arranca. Això no està suportat.\n\nNomés hauria de continuar si està segur que el Windows està instal·lat a la unitat que l'arranca.\n\nVol continuar? - La seva unitat de sistema té una taula de particions GUID (GTP). Actualment, només es suporten unitats amb una taula de particions MBR. - PRECAUCIÓ: El gestor d'arranc del VeraCrypt ja està instal·lat a la seva unitat de sistema!\n\nÉs possible que un altre sistema en aquest ordinador ja estigui xifrat.\n\nATENCIÓ: SEGUIR AMB EL XIFRATGE DEL SISTEMA OPERATIU ACTUAL POT OCASIONAR QUE D'ALTRES SISTEMES NO PUGUIN ENGEGAR I QUE ES PERDIN LES SEVES DADES.\n\nSegur que vol continuar? - No s'ha pogut restaurar el carregador de sistema original.\n\nSi us plau, utilitzi el seu disc de recuperació ('Repair Options' > 'Restore original system loader) o el mitjà d'instal·lació de Windows per reemplaçar el gestor d'arranc pel carregador de sistema de Windows. - El carregador del sistema original no s'ha pogut guardar al disc de recuperació (causa probable: no hi ha còpia de seguretat) - No s'ha pogut escriure al sector MBR.\n\nPotser la seva BIOS està configurada per protegir el sector MBR. Comprovi la configuració de la BIOS (premi F2, Esc o Suprimir quan s'engegui l'ordinador) per si té protecció pel sector MBR. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - No està instal·lada la versió requerida del gestor d'arranc VeraCrypt. Això pot evitar que es guardin algunes configuracions. - Nota: En algunes situacions, potser voldrà evitar que una altre persona (un adversari) que l'estigui mirant s'adoni que està utilitzant el VeraCrypt. Aquestes opcions li permetran fer-ho personalitzant la pantalla del gestor d'arranc. Si activa la primera opció, no es mostarà cap text al gestor d'arranc (encara que introdueixi una contrassenya equivocada). L'ordinador semblarà 'congelat' mentre no introdueixi la seva contrasenya. A part d'això, es pot mostrar un missatge personalitzat per confondre l'adversari. Per exemple, un fals missatge d'error com ara "Missing operating system" (que normalment mostra el gestor d'arranc del Windows si no troba la partició d'arranc del Windows). És important remarcar que si l'adversari pot analitzar el contingut del disc dur, encara podrà saber que conté el gestor d'arranc del VeraCrypt. - ATENCIÓ: Si us plau, recordi que si activa aquesta opció, el gestor d'arrancada no mostrarà cap text (encara que introdueixi una contrassenya errònia). L'ordinador semblarà "congelat" (sense donar resposta) mentre no escrigui la contrasenya (el cursor NO es mourà i no es mostraran asteriscos quan es premin tecles).\n\nSegur que vol habilitar aquesta opció? - La partició/unitat sembla completament xifrada. - El VeraCrypt no permet xifrar una unitat de sistema que s'ha convertit en un disc dinàmic. - La unitat de sistema conté particions exteses (lògiques).\n\nPot xifrar la unitat de sistema sencera incloent les particions exteses (lògiques) només amb Windows Vista o versions posteriors del Windows. Amb el Windows XP, pot xifrar una unitat de sistema sencera que contingui només particions primàries.\n\nNota: Si que pot xifrar la partició de sistema en comptes de tota la unitat (i, a més d'això, també pot crear un volum de partició en qualsevol de les particions que no siguin de sistema de la unitat). - ATENCIÓ: Està utilitzant un Windows XP/2003. Després de començar a xifrar la unitat, NO podrà crear cap unitat extesa (lògica) a dins (només pot crear particions primaries). Qualsevol partició extesa (lògica) dins la unitat no serà exessible després de començar a xifrar (la unitat no conté actualment cap d'aquestes particions).\n\nNota: Si aquesta limitació no li sembla acceptable, pot anar cap enrrere i escollir xifrar només la partició de sistema en comptes de la unitat sencera (i, a més d'això, pot crear volum de partició en qualsevol de les particions que no siguin de sistema de la unitat).\n\nA part d'això, també pot considerar actualitzar-se a Windows Vista o una versió posterior de Windows (en aquestes versiones no hi ha aquesta limitació). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Vol xifrar la partició de sistema en comptes del volum sencer?\n\nTingui en compte que pot crearun volum de partició en qualsevol de les particions que no siguin de sistema de la unitat (a més de xifrar la partició de sistema). - Com que la seva unitat se sistema només conté una partició que ocupa tota la unitat, és preferible (més segur) xifrar el disc sencer incloent l'espai lliure que habitualment queda al voltant d'aquesta partició.\n\nVol xifrar la unitat de sistema sencera? - El seu sistema està configurat per guardar els fitxers temporals a una partició que no es la de sistema.\n\nEls fitxers temporals s'han de guardar només a la partició de sistema - Els perfils d'usuari no es guarden a la partició de sistema.\n\nEls perfils d'usuari s'han de guardar a la partició de sistema. - Hi ha fitxers de paginació guardats a una partició que no es la de sistema.\n\nEls fitxers de paginació s'han de guardar a la partició de sistema. - Vol configurar ara el Windows per crear els fitxers de paginació només a la partició de Windows?\n\nSi fa clic a 'Si', es reiniciarà l'ordinador. Després d'això, engegui el VeraCrypt i torni a crear el sitema operatiu ocult - D'altre manera, la credibilitat del sistema operatiu ocult es pot veure afectada negativament.\n\nNota: Si un adversari analitza el contingut d'aquests fitxers (ubicats fora de la partició de sistema), pot trobar evidències de l'ús de l'assistent de creació de volums que li indiquin que hi ha un sistema operatiu ocult a l'ordinador. Tingui en compte també que aquests tipus de fitxers guardats a la partició de sistema s'esborraran de forma segura pel VeraCrypt durant el procés de creació del sistema operatiu ocult. - ATENCIÓ: Durant el procés de creació del sistema operatiu ocult, se li demanarà que reinstali completament el sistema actual (per crear un sistema esquer segur).\n\nNota: El sistema operatiu actual i tot el contingut de la partició de sistema es copiaran al volum ocult (per crear un sistema ocult).\n\n\nSegur que podrà instal·lar el Windows fent servir el mitjà d'instal·lació (o una partició de servei)? - Per motius de seguretat, si el sistema operatiu actual requereix d'activació, s'ha d'activar abans de continuar. Tingui en compte que el sistema operatiu ocult es crearà copiant el contingut de la partició de sistema a un volum ocult (per tant, si aquest sistema operatiu no està activat, el sistema operatiu ocult tampoc ho estarà). Per a més informació, pot veure la secció 'Requisits de seguretat i precaucions dels volums ocults' a la guia d'usuari del VeraCrypt.\n\nEl sistema operatiu actual compleix aquesta condició? - El seu sistema utilitza una partició d'arranc extra. El VeraCrypt no dóna suport a la hibernació de sistemes operatius ocults que utilitzin particions d'arranc extres (els sistemes esquer poden hibernar sense cap problema).\n\nTingui en compte que la partició d'arranc és compartida pel fitxer esquer i pel sistema ocult. Per tant, per evitar fugues de dades i problemes quan es restaura la hibernació, el VeraCrypt ha d'evitar que el sistema operatiu ocult escrigui a la partició d'arranc i que hiberni.\n\nVol continuar? Si selecciona 'No', es mostraran les instruccions per eliminar la partició d'arranc extra. - La partició d'arranc extra es pot eliminar abans d'instal·lar el Windows. Per a fer-ho, segueixi aquests passos:\n\n1) Arrenqui el disc d'instal·ació de Windwows.\n\n2) A la pantalla d'instal·lació faci clic a 'Install now' > 'Custom (advanced)'.\n\n3) Faci clic a 'Drive Options'.\n\n seleccioni la partició de sistema principal i elimini-la.\n\n5) seleccioni la partició reservada pel sistema i faci clic a 'Extend' per incrementar l'espai on es pot instal·lar wl Windows.\n\n6) Faci clic a 'Apply' i a 'OK'.\n\n7) Instal·li el Windows a la partició reservada.\n\n\nLi podrien preguntar perquè ha esborrat la partició d'arranc extra. Pot respondre que volia evitar qualsevol fuga de dades cap a la partició d'arranc sense xifrar.\n\nNota: Pot imprimir aquest text fent clic a 'Imprimir'. Si guarda alguna còpia d'aquest text o l'imprimeix (molt recomanat a no ser que la seva impressora guardi copies dels documents que imprimeix en una unitat interna), hauria de destruïr totes les còpies després d'esborrar la partició d'arranc extra. - ATENCIÓ: Hi ha espai no assignat entre la partició del sistema i la primera partició després d'ella. Després de crear el sistema operatiu ocult, no podrà crear cap nova partició en aquest espai. Si ho fa, el sistema operatiu ocult no es podrà engegar (fins que esborri aquestes noves particions). - Aquest algorisme de xifrat no està suportat per al xifrat del sistema - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Els fitxers de claus no estan suportats per al xifrat del sistema. - ATENCIÓ: El VeraCrypt no ha pogut restaurar la disposició de teclat orignal. Això pot provocar que introdueixi la contrasenya incorrectament. - Error: No s'ha pogut establir la disposició de teclat estàndard als EUA pel VeraCrypt.\n\nTingui en compte que la contrasenya s'haurà d'esciure a l'entorn de prearrencada (abans que arrenqui el windows) on no hi haurà altres disposicions de teclat disponibles. Per tant, la contrasenya s'ha d'escriure sempre amb la disposició de teclat estàndard als EUA. - Com que el VeraCrypt ha canviat la disposició de teclat a la estàndard als EUA. No és possible escriure caràcters prement tecles mentre la tecla Alternativa dreta estigui premuda. No obstant, pot escriure la majoria d'aquests caràcters prement les tecles apropiades amb la tecla de Shift premuda. - El VeraCrypt ha evitat el canvi de disposició de teclat. - Nota: La contrasenya s'haurà d'esciure a l'entorn de prearrencada (abans que arrenqui el windows) on no hi haurà altres disposicions de teclat disponibles. Per tant, la contrasenya s'ha d'escriure sempre amb la disposició de teclat estàndard als EUA. Tanmateix, és important remarcar que NO és necessari un teclat real dels EUA. El VeraCrypt s'assegura que pugui escriure la contrasenya de manera segura (ara i a l'entorn de prearrencada) encara que no tingui un teclat real dels EUA. - Abans de poder xifrar la partició/unitat ha de crear un disc de recuperació del TrueCrypr, que té les següents funcions:\n\n- Si el gestor d'arranc, la clau mestra o altres dades crítiques es malmeten, el disc de recuperació li permet restaurar-les (tot i que haurà d'introduïr la contrasenya correcta).\n\n- Si el Windows no pot arrencar, el disc de recuperació permet desxifrar la partició/unitat abans que arranqui el Windows.\n\n- El disc de recuperació conté una còpia de seguretat de la primera pista de la unitat (que normalment conté el gestor d'arranc o el carregador del sistema) i permet restaurar-lo si és necessari.\n\nLa imatge ISO del fitxer de recuperació es crearà a la ubicació especificada a sota. - Quan faci clic a 'Ok' es llançarà el gravador d'imatges ISO de Microsoft Windows. Si us plau, utilitzi'l per gravar la imatge iso del disc de recuperació a un CD o DVD.\n\nDesprés de fer-ho, torni a l'assistent de creació de volums de VeraCrypt i segueixi les instruccions. - La imatge del disc de recuperació s'ha creat i guardat al fitxer \n%s\n\nAra és necessàri gravar-la a un CD o DVD.\n\n%lsDesprés de gravar el disc de recuperació faci clic a 'Següent' per verificar que s'ha gravat correctament. - La imatge del disc de recuperació s'ha creat i guardat al fitxer \n%s\n\nAra és necessàri gravar-la a un CD o DVD o guardar-la en un lloc segur per utiltizar-la més tard.\n\n%lsFaci clic a 'Següent' per verificar que s'ha gravat correctament. - nIMPORTANT: Tingui en compte que el fitxer s'ha de gravar a un CD/DVD com a imatge ISO (no com un fitxer individual). Per informar-se sobre com fer això, consulti la documentació de l'aplicació per gravar CD/DVD. Si no té cap aplicació per gravar-lo, faci cli al link següent per descarregar-ne de programari lliure.\n\n - Engega el gravador de discos de Microsoft Windows - ATENCIÓ: Si ja havia creat un disc de recuperació, aquest no es pot reutilitzar per aquesta partició/unitat de sistema ja que s'ha creat per a una clau mestre diferent! Cada cop que xifri la partició/unitat de sistema haurà de crear un nou disc de recuperació per ella encara que utilitzi la mateixa contrasenya. - Error: No s'han pogut guardar la configuració de xifrat. - No s'ha pogut iniciar la prova prèvia de xifrat del sistema - No s'ha pogut iniciar la creació del sistema operatiu ocult. - Tipus de neteja - En alguns tipus de suports d'emmagatzematge, quan les dades es sobreescriuen amb altres dades és possible recuperar les dades sobreescrites utilitzant tècniques com ara forces magnètiques microscòpiques. Això també s'aplica a les dades que s'han sobreescrit en la seva forma xifrada (cosa que passa quan el VeraCrypt xifra inicialment una partició o unitat no xifrada). Tenint en compte alguns estudis i publicacions gubernamentals, es pot dificultar o impossibilitar la recuperació de dades sobreescrites sobreescribint dades pseudoaleatòries i normals un cert número de vegades. Per tant, si vostè creu que un adversari pot utilitzar aquest tipus de tècniques per recuperar les dades que intenta xifrar, segurament voldrà seleccionar algun dels mètodes de neteja (les dades existens NO s'esborraran). Tingui en compte que la neteja NO es pot dur a terme després de xifrar la partició/unitat. Quan una partició/unitat està xifrada completament no s'hi escriuen dades no xifrades. Totes les dades que s'hi escriuen es xifren al vol a la memòria i només després s'escriuen al disc. - En alguns tipus de suports d'emmagatzematge, quan les dades es sobreescriuen amb altres dades és possible recuperar les dades sobreescrites utilitzant tècniques com ara forces magnètiques microscòpiques. Tenint en compte alguns estudis i publicacions gubernamentals, es pot dificultar o impossibilitar la recuperació de dades sobreescrites sobreescribint dades pseudoaleatòries i normals un cert número de vegades. Per tant, si vostè creu que un adversari pot utilitzar aquest tipus de tècniques per recuperar les dades que intenta xifrar, segurament voldrà seleccionar algun dels mètodes de neteja.\n\nNota: Com és passades utilitzi, més estona trigarà a esborrar les dades. - Netejant - \nNota: Pot interrompre el procés de neteja, apagar l'ordinador, engegar el sistema oepratiu ocult una altre vegada i reprender el procés (l'assistent s'engegarà automàticament). De totes maneres, si l'interromp s'haurà de tornar a començar des del principi tot el procés de neteja. - \n\nNota: Si intenta interrompre el procés de neteja i reprendre'l haurà de tornar a començar el procés des del principi. - Vol aturar el procés de neteja? - ATENCIÓ: S'esborrarà i es perdrà el contingut de la partició/unitat seleccionada. - S'esborrarà tot el contingut de la partició on hi ha el sistema original.\n\nNota: Tot el contingut de la partició que s'esborrarà s'ha copiat a la seva partició de sistema oculta. - ATENCIÓ: Tingui en compte que si escull, per exemple, una neteja de 3 passades, el temps necessàri per xifrar la partició/unitat serà fins a 4 vegades més llarg. De la mateixa manera, si escull una neteja de 35 passades, serà fins a 36 vegades més gran (podria estar-hi setmanes).\n\nTanmateix, tingui en compte que la neteja no es farà un cop la partició/unitat estigui xifrada. Quan una partició/unitat està xifrada completament no s'hi escriuen dades no xifrades. Totes les dades que s'hi escriuen es xifren al vol a la memòria i només després s'escriuen al disc.\n\nSegur que vol utilitzar la neteja? - Cap (el més ràpid) - 1 passada (dades aleatòries) - 3 passades (US DoD 5220.22-M) - 7 passades (US DoD 5220.22-M) - 35 passades ("Gutmann") - 256 passades - Número de sistemes operatius - ATENCIÓ: Els usuaris sense experiència no haurien d'intentar xifrar el Windows en una màquina amb arrencada múltiple.\n\nVol continuar? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Unitat d'arranc - Aquest sistema operatiu està instal·lat a la partició d'arranc?\n\nNota: A vegades, el Windows no està instal·lat a la mateixa unitat que el gestor d'arranc de Windows (a la partició d'arranc). Si aquest és el cas, seleccioni 'No'. - Actualment el VeraCrypt no suporta el xifratge de sistemes operatius que no arrenquin des de l'unitat ón estan instal·lats. - Número d'unitats de sistema - Quantes unitat contenen sistemes operatius?\n\n:Nota: Per exemple, si té algun sistema operatiu (Windows, Mac OS X, Linux, etc.) instal·lat a la unitat primària i algun altre sistema operatiu instal·lat a una unitat secundaria, seleccioni '2 o més'. - El VeraCrypt no suporta el xifrat d'un disc sencer que contingui més d'un sistema operatiu.\n\nAlgunes solucions:\n\n- Pot xifrar un dels sitemes si torna enrera i triant l'opció de xifrar només una partició de sistema (en comptes de xifrar tota la unitat de sistema).\n\nTambé pot xifrar tota la unitat si mou alguns dels sistemes cap a altres unitats deixant només un sistema a la unitat que es vol xifrar. - Diversos sistemes en una unitat - Hi ha altres sistemes operatius instal·lats a la unitat on hi ha instal·lat el sistema operatiu actual?\n\nNota: Per exemple, si el sistema operatiu actual està instal·lat a la unitat #0, que conté diferents particions, i una de les particions conté un Windows i una altre un altre sistema operatiu (Windows, Mac OS X, Linux, etc.), seleccioni 'Si'. - Gestor d'arrencada - Hi ha algún carregador (o gestor) d'arrencada insal·lat al master boot record que no sigui el de Windows?\n\nNota: Per exemple, si la primera pista de l'unitat d'arranc conté GRUB, LILO, XOSL o d'altres gestors d'arranc, seleccioni 'Si'. - Arrencada múltiple - El VeraCrypt no suporta l'arrencada múltiple quan no hi ha el gestor d'arranc del Windows al Master Boot Record.\n\nPossibles solucions:\n\n- Si utilitza un gestor d'arranc per arrancar Windows i Linux, mogui el gestor d'arranc (normalment el GRUB) des del MBR cap a una partició. Després torni a executar l'assistent i xifri la partició/unitat de sistema. Tingui en compte que el gestor d'arranc del VeraCrypt serà el gestor d'arranc primari i li permetrà executar el gestor d'arranc original com a gestor d'arranc secundari (prement Esc a la pantalla del gestor d'arranc del VeraCrypt) i podrà arrancar el Linux. - Si el sistema operatiu actual està instal·lat a la partició d'arrant després de xifrar-la haurà d'introduïr la contrasenya correcta encara que vulgui engegar qualsevol altre sistema Windos sense xifrar (ja que comparteixen el mateix gestor d'arranc de Windows xifrat).\n\nEn canvi, si el sistema operatiu actual no està instal·lat a la partició d'arranc (o si el gestor d'arranc de Windows no s'utilitza per cap altre sistema), no serà necessari introduïr la contrasenya per arrencar altres sistemes operatius sense xifrar un cop xifrat -- haurà de prémer la tecla Esc per engegar el sistema sense xifrar (si hi ha més d'un sistema sense xifrar, l'haurà de triar).\n\nNota: Normalment, les versiones més noves de Windos s'instal·len a la partició d'arranc. - Xifrat de l'àrea protegida - Al final de moltes unitats hi ha una àrea generalment oculta al sistema operatiu (normalment anomenades àrees protegides). Tot i això, alguns programes poden llegir i escriure dades en aquestes arees.\n\nATENCIÓ: Alguns fabricants utilitzen aquestes àrees per emmagatzemar-hi eines i dades pel RAID, la recuperació del sistema, la configuració o el diagnòstic, etc. Si aquestes eines o dades han de ser accessibles abans d'arrencar, l'àrea protegida NO s'ha de xifrar (esculli 'No').\n\nVol que el VeraCrypt detecti i xifri qualsevol àrea oculta que trobi al final de la unitat de sistema? - Tipus de xifrat del sistema - Seleccioni aquesta opció si només vol xifrar la partició del sistema o tota la unitat del sistema. - És possible que es vegi forçat per algú a desxifrar el sistema operatiu. Hi ha moltes situacions en les quals no es pot negar a fer-ho (per exemple, sota extorsió). Si escull aquesta opció, podrà crear un sistema operatiu ocult del qual serà gairebé impossible provar-ne l'existència (sempre que es respectin certes directrius). Per tant, no s'hauria de veure obligat a desxifrar ni a revelar la contrasenya del sistema operatiu ocult. Per a veure una explicació detallada, faci clic a l'enllaç següent. - És possible que es vegi forçat per algú a desxifrar el sistema operatiu. Hi ha moltes situacions en les quals no es pot negar a fer-ho (per exemple, sota extorsió).\n\nA través d'aquest assistent, vostè podrà crear un sistema operatiu ocult del qual serà gairebé impossible provar-ne l'existència (sempre que es respectin certes directrius). Per tant, no s'hauria de veure obligat a desxifrar ni a revelar la contrasenya del sistema operatiu ocult. - Sistema operatiu ocult - Als passos següents es crearan dos volums de VeraCrypt (exterior i ocult) a la primera partició després de la partició de sistema. El volum ocult contindrà el sistema operatiu ocult. El VeraCrypt crearà el sistema operatiu ocult copiant el contingut de la partició de sistema (on hi ha el sistema operatiu actual instal·lat) cap al volum ocult. Al volum exterior hi haurà de copiar alguns fitxers que semblin confidencials i que NO vulgui amagar. Podria haver-hi algú que l'obligui a desbloquejar la contrasenya del sistema operatiu ocult. Podrà revelar la contrasenya del volum ocult i l'existència del sistema operatiu ocult seguirà sent secreta.\n\nFinalment, a la partició de sistema del sistema operatiu actual, haurà d'instal·lar i xifrar un sistema operatiu nou, que s'anomena sistema esquer. No haurà de contenir dades confidencials i es mantindrà allà per si algú l'obliga a revelar la contrasenya de prearrencada. En total, hi haurà cuatre contrasenyes. Dues d'elles es poden revelar (per el sistema operatiu esquer i el volum exterior). Si utilitza la tercera, s'engegarà el sistema operatiu ocult. - Detectant sectors ocults - Si us plau, esperi mentre el VeraCrypt detecta possibles sectors ocults al final de la unitat de sistema. Tingui en compte que això pot trigar força temps.\n\nEn casos molt rars, en alguns ordinadors, el sistema pot deixar de respondre durant aquest procés. Si això succeeix, reinicii l'ordinador, engegi el VeraCrypt i repeteixi els passos anteriors però salti's aquest procés de detecció. Aquest problema no està causat per un error al VeraCrypt. - Area a xifrar - Seleccioni aquesta opció si vol xifrar la unitat on està instal·lat el Windows que s'està executant ara mateix. Tota la unitat, incloent totes les seves particions es xifraran exeptuant la primera pista on s'intal·larà el gestor d'arranc del VeraCrypt. Qualsevol que vulgui accedir al sistema instal·lat en aquesta unitat o als fitxers que hi ha haurà d'introduïr la contrasenya correcta cada vegada que s'inicia el sistema. Aquesta opció no es pot utilitzar per xifara una unitat secundària o externa si no hi ha un Windows instal·lat que arrenca des d'allà. - Generant dades aleatòries - S'han generat les claus - El VeraCrypt no ha trovat cap gravadora de CD/DVD connectada a aquest ordinador. El VeraCrypt necessita una gravadora de CD/DVD per poder gravar el disc de recuperació que conté la còpia de seguretat de les claus de xifrat, el gestor d'arranc del VeraCrypt, el gestor d'arranc original, etc.\n\nÉs molt recomanable que gravi el disc de recuperació. - No tinc cap gravadora de CD/DVD però guardaré la imatge ISO del disc de recuperació en un mitja extraïble (com un llàpis USB). - Després connectaré una gravadora de CD/DVD a l'ordinador. Acabar ara el procés. - Hi ha una gravadora de CD/DVD connectada a l'ordinador. Continuar i gravar el disc de recuperació. - Si us plau, segueixi aquests passos:\n\n1) Connecti una unitat extraïble, com ara un llàpis òptic, a l'ordinador.\n\n2) Copii la imatge del disc de recuperació (%s) a la unitat extraïble.\n\nEn cas que sigui necessari utilitzar el disc de recuperació en un futur, podrà connectar la unitat extraïble a un ordinador amb una gravadora de CD/DVD i gravar el disc de recuperació. IMPORTANT: Tingui en compte que el fitxer s'ha de gravar a un CD/DVD com a imatge ISO (no com un fitxer individual). - Gravació del disc de recuperació - S'ha creat el disc de recuperació - Prova prèvia - S'ha verifiat el disc de recuperació - S'ha verificat amb èxit el disc de recuperació. Si us plau, expulsi ara el disc de la unitat i guardi'l a un lloc segur. Després faci clic a OK. - Durant els següents passos el disc de recuperació no ha de ser a la unitat. D'altre manera, no serà possible completar correctament els passos.\n\nSi us plau, expulsi ara el disc de la unitat i guardi'l a un lloc segur. Després faci clic a OK. - ATENCIÓ: Degut a limitacions tècniques de l'entorn de prearrencada, els textos mostrats en aquest entorn (abans d'arrencar el Windows) no es poden localitzar. La interficie del gestor d'arranc és tota en Anglès.\n\nVol continuar? - Abans de xifrar la partició o unitat del sistema, el VeraCrypt ha de verificar que tot funciona correctament\n\nDesprés de fer click a 'Prova', s'instal·larant tots els components necessaris (per exemple, el gestor d'arrencada del VeraCrypt) i després es reiniciarà l'ordinador. Llavors haurà d'introduïr la contrasenya a la pantalla del gestor d'arranc que sortirà abans d'iniciar el windows. Quan arrenqui el Windows, se l'informarà automàticament del resultat de la prova prèvia.\n\nEs modificarà el següent dispositiu: Unitat #%d\n\n\nSi fa clic a 'Cancel'lar' no s'instal·larà res i la prova prèvia no es farà. - NOTES IMPORTANTS -- SI US PLAU, LLEGEIXI-LES O IMPRIMEIXI-LES (faci clic a 'Imprimir'):\n\nTingui en compte que cap fitxer es xifrarà abans de després de reinciar l'ordinador i engegar el Windows. Per tant, si alguna cosa falla, les seves dades NO es perdran. Tot i això, si alguna cosa no funciona pot trobar dificultats arrancant el Windows. Per tant, llegeixi (i si és possible, imprimeixi) les instruccions següents sobre què fer si el Windows no es pot engegar després de reiniciar l'ordinador.\n\n - Què fer si el Windows no es pot engegar\n------------------------------------------------\n\nNota: Aquestes instruccions només són vàlides si no s'ha començat a xifrar.\n\n- Si el Windows no s'engega després d'introduïr la contrasenya correcta (o després d'introduïr repetidament la contrasenya correcta però el VeraCrypt diu que no és correcte), no s'alarmi. Reinicii (apagui i torni a encendre) l'ordinador i a la pantalla del gestor d'arranc del VeraCrypt premi la tecla Esc del teclat. Després d'això el Windows s'hauria d'engegar (sempre que no estigui xifrat) i el VeraCrypt preguntarà automàticament si vol desinstal·lar el component d'autenticació prearrencada. Tingui en compte que els passos anterior NO funcionaran si la partició/unitat del sistema està xifrada (ningú pot engegar el Windows ni accedir a les dades xifrades sense la contrasenya correcta).\n\n - -Si els passos anteriors no solucionen el problema o si no apareix el gestor d'arranc del VeraCrypt (abans d'engegar el Windows), inserti el disc de recuperació de VeraCrypt a la unitat de CD/DVD i reinicii l'ordinador. Si no apareix la pantalla del disc de recuperació (o si no pot veure les 'Repair Options' dins de la secció 'Keyboard Controls' de la pantalla del disc de recuperació), és possible que la BIOS estigui configurada per intentar arrencar abans des dels disc durs que des de les unitats de CD/DVD. Si aquest és el cas, reinicii el seu ordinador i premi 'F2' o 'Suprimir' (tan aviat com vegi la pantalla d'inici de la BIOS), i esperi fins que aparegui la pantalla de configuració. Si no apareix, reinicii l'ordinador i vagi prement 'F2' i 'Suprimir' repetidament tan aviat com s'engegui l'ordinador. Quan apareixi la pantalla de configuració de la BIOS, configuri la BIOS perquè s'engegui primer des de les unitats de CD/DVD (per saber com fer-ho, consulti la documentació de la BIOS/placa mare). Després reinicii l'ordinador. Ara hauria d'apareixer la pantalla del disc de recuperació. Dins d'aquesta pantalla, seleccioni 'Repair Options' prement 'F8' al teclat. Al menú de 'Repair Options' seleccioni 'Restore original system loader'. Després tregui el disc de recuperació de la unitat de CD/DVD i reinicii l'ordinador. El Windows hauria d'iniciar-se ara normalment (sempre que no estigui xifrat).\n\n - Tingui en compte que els passos anterior NO funcionaran si la partició/unitat del sistema està xifrada (ningú pot engegar el Windows ni accedir a les dades xifrades sense la contrasenya correcta)\n\nAixò és aixi encara que perdi el seu disc de recuperació i un atacant el trobi. L'atacant NO podrà desxifrar la unitat o partició del sistema sense la contrasenya correcta. - S'ha completat la prova prèvia - S'ha completat la prova prèvia amb èxit.\n\nATENCIÓ: Tingui en compte que si el subministrament d'energia s'interromp o si el sistema operatiu falla degut a un error mentre s'està xifrat les dades in situ, algunes parts de les dades es corrompran o perdran. Per tant, abans de començar a xifrar, asseguri's que té còpies de seguretat dels fitxers que vol xifrar. Si no en té; si us plau faci'n una ara (pot fer clic a 'Ajornar', fer la còpia de seguretat i després executar el VeraCrypt altre vegada i seleccionar 'Sistema' > 'Continuar una tasca interrompuda' i començar a xifrar).\n\nQuan estigui llest, faci clic a 'Xifrar' per començar. - Pot fer clic a 'Pausar' o 'Ajornar' en qualsevol moment per interrompre el procés de xifrat o desxifrat, sortir de l'assistent, reiniciar o apagar l'ordinador i després reprendre el procés, que continuarà des del punt on s'ha aturat. Per evitar la desacceleració quan el sistema o les aplicacions llegeixen o escriuen dades des del disc de sistema, el VeraCrypt espera fins que s'ha acabat de llegir o escriure, moment en el qual segueix xifrant o desxifrant. - \n\nPot fer clic a 'Pausar' o 'Ajornar' en qualsevol moment per interrompre el procés de xifrat o desxifrat, sortir de l'assistent, reiniciar o apagar l'ordinador i després reprendre el procés, que continuarà des del punt on s'ha aturat. Tingui en compte que no es podrà muntar el volum fins que no estigui completament xifrat. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - S'ha iniciat el sistema ocult - Sistema original - El Windows crea (normalment sense avís ni consentiment) diversos fitxers de registre, temporals, etc. a la partició de sistema. També guarda contingut de la RAm per hivernar i fitxers de paginació a la partició de sistema. Per tant, si un adversari analitza els fitxers emmagatzemats a la partició on hi ha el sistema operatiu original (del qual el sistema ocult és un clon) podria saber, per exemple, que s'ha utilitzat l'assistent del VeraCrypt per a fer un sistema operatiu ocult (cosa que pot indiciar l'existència d'un sistema operatiu ocult dins el sistema).\n\nPer evitar aquests problemes, durant els passos següents, el VeraCrypt esborrarà de forma segura tot el contingut de la partició on hi ha el sistema operatiu original. Després d'això, per a mantenir la credibilitat, hauria d'instal·lar un nou sistema a la partició i xifar-lo. Així es crearà un sistema esquer i es completarà el procés de creació del sistema operatiu ocult. - S'ha creat amb èxit el sistema operatiu ocult. Tot i això, abans de començar a utilitzar-lo (i aconseguir que sigui creïble), a de borrar de forma segura (amb el VeraCrypt) el contingut sencer de la partició on hi ha instal·lat el sistema operatiu actual. Abans de fer això, és necessari reiniciar l'ordinador i, a la finestra del gestor d'arranc VeraCrypt, introduïr la contrasenya de prearranc del sistema operatiu ocult. Llavors, després d'arrencar el sistema operatiu ocult, l'assistent s'executarà automàticament.\n\nNota: Si decidieix acabar el procés de creació del sistema operatiu ocult ara, NO podrà reprendre el procés i el sistema operatiu ocult no serà accessible (ja que s'esborrarà el gestor d'arranc). - He inciat el procés de creació d'un sistema operatiu ocult. El procés encara no ha acabat. Per completar-lo, és necessari reiniciar l'ordinador i, a la finestra del gestor d'arranc VeraCrypt, introduïr la contrasenya de prearranc del sistema operatiu ocult.\n\nNota: Si decidieix acabar el procés de creació del sistema operatiu ocult ara, NO podrà reprendre el procés. - Reiniciar l'ordinador i continuar - Atura permanentment el procés de creació del sistema operatiu ocult - No facis res ara i torna-ho a preguntar després - \nSI ÉS POSSIBLE, IMPRIMEIXI AQUEST TEXT (faci clic a 'Imprimir).\n\n\nCom i quan utilitzar el disc de recuperació del VeraCrypt (després de xifrar)\n-----------------------------------------------------------------------------------\n\n - I. Com arrancar el disc de recuperació del VeraCrypt\n\nPer arrancar el disc de recuperació del VeraCrypt, inserti'l dins la unitat de CD/DVD i reinicii l'ordinador. Si no apareix la pantalla del disc de recuperació (o si no pot veure les 'Repair Options' dins de la secció 'Keyboard Controls' de la pantalla del disc de recuperació), és possible que la BIOS estigui configurada per intentar arrencar abans des dels disc durs que des de les unitats de CD/DVD. Si aquest és el cas, reinicii el seu ordinador i premi 'F2' o 'Suprimir' (tan aviat com vegi la pantalla d'inici de la BIOS), i esperi fins que aparegui la pantalla de configuració. Si no apareix, reinicii l'ordinador i vagi prement 'F2' i 'Suprimir' repetidament tan aviat com s'engegui l'ordinador. Quan apareixi la pantalla de configuració de la BIOS, configuri la BIOS perquè s'engegui primer des de les unitats de CD/DVD (per saber com fer-ho, consulti la documentació de la BIOS/placa mare). Després reinicii l'ordinador. Ara hauria d'apareixer la pantalla del disc de recuperació. Dins d'aquesta pantalla, seleccioni 'Repair Options' prement 'F8' al teclat.\n\n\n - II. Com i quan utilitzar el disc de recuperació del VeraCrypt (després de xifrar)\n\n - 1) Si no apareix la pantalla del gestor d'arranc del VeraCrypt quan inicii l'ordinador (o si el Windows no s'engega), pot ser que el gestor d'arranc estigui malmès. El disc de recuperació permet restaurar-lo recuperar l'accés al sistema xifrat i les seves dades (tot i això, recordi que haurà d'introduïr la contrasenya correcta). A la pantalla del disc de recuperació seleccioni 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Després premi 'Y' per confirmar l'acció, tregui el disc de recuperació de la unitat de CD/DDD i reinicii l'ordinador.\n\n - 2) Si introdueix repetidament la contrasenya correcte però el VeraCrypt li diu que no ho és, pot ser que la clau mestre o d'altres dades crítiques estiguin malmeses. El disc de recuperació permet restaurar-lo recuperar l'accés al sistema xifrat i les seves dades (tot i això, recordi que haurà d'introduïr la contrasenya correcta). A la pantalla del disc de recuperació seleccioni 'Repair Options' > 'Restore key data'. Després introdueix la seva contrasenya, premi 'Y' per confirmar l'acció, tregui el disc de recuperació de la unitat de CD/DDD i reinicii l'ordinador.\n\n - 3) Si el gestor d'arranc del VeraCrypt està malmès, pot evitar executar-lo engegant directament des del disc de recuperació. Inserti el disc de recat a la unitat de CD/DVD i introdueixi la contrassenya a la pantalla del disc de recuperació.\n\n - 4) Si el Windows està malmès i no es pot iniciar, el disc de recuperació li permet desxifrar la partició/unitat permanentment abans d'arrencar el Windows. A la pantalla del disc de recuperació seleccioni 'Repair Options' > 'Permanently decrypt system partition/drive'. Introdueixi la contrasenya correcta i esperi mentra s'acaba el procés. Després podrà, per exemple, arrencar el CD/DVD del MS Windows per reparar l'instal·lació de Windows.\n\n - Nota: D'altre banda, si el Windows està malmès (no pot engegar-se) i necessita reparar-lo (o accedir als fitxers que hi ha a dins) pot evitar desxifrar la partició/unitat seguint aquests passos: Si té més d'un sistema operatiu instal·lats a l'ordinador, engegui un dels que no necessiti l'autenticació prearrencada. Si no té més d'un sistema operatiu, pot arrencar un CD/DVD WinPE o un BartPE o pot connectar el disc dur a un altre ordinador i després engegar el sistema operatiu d'aquest ordinador. Després d'iniciar un sistema, engegi el VeraCrypt, faci clic a 'Triar dispositiu', seleccioni la partició afectada, faci clic a 'OK', seleccioni 'Sistema' > 'Muntar sense l'autenticació de prearrencada', introdueixi la contrasenya de prearrencada i faci clic a 'OK'. Es muntarà la partició com si fos un volum regular (les dades es xifraran/desxifraran al vol a la RAM, com és habitual).\n\n\n - Tingui en compte que encara el seu disc de recuperació i un atacant el trobi, l'atacant NO podrà desxifrar la unitat o partició del sistema sense la contrasenya correcta. - \n\nI M P O R T A N T -- SI ÉS POSSIBLE, IMPRIMEIXI AQUEST TEXT (faci clic a 'Imprimir').\n\nAquest text es mostrarà automàticament cada cop que inicii el sistema operatiu ocult fins que instal·li el sistema operatiu esquer.\n\n\n - Com crear un sistema operatiu esquer d'una manera segura i fiable\n----------------------------------------------------------------------------\n\nPer poder tenir credibilitat, necessita crear un sistema operatiu esquer. Per a fer-ho, segueixi els passos següents:\n\n - 1) Per motius de seguretat, aturi l'ordinador i deixi'l apagat durant uns minuts (com més millor). Això és necessàri per netejar la memòria, que conté dades sensibles. Després engegui l'ordinador però no engegui el sistema operatiu ocult.\n\n - 2) Instal·li el Windows a la partició que s'ha esborrat (la partició on hi havia originalment el sistema operatiu que s'ha clonat al volum ocult).\n\nIMPORTANT: QUAN COMENCI A INSTAL·LAR EL SISTEMA. EL SISTEMA OCLULT *NO* ES PODRÀ INICIAR (ja que el gestor d'arranc del VeraCrypt serà substituït per l'instal·lador de windows). AIXÒ ÉS NORMAL I ESPERAT. NO ES PREOCUPI. PODRÀ INICIAR EL SISTEMA OCULT TAN AVIAT COM COMENCI A XIFRAR EL VOLUM ESQUER! (ja que el VeraCrypt 'instal·larà automàticament el gestor d'arranc del VeraCrypt a la unitat de sistema).\n\nIMPORTANT: La mida del volum esquer s'ha de mantenir igual que el volum ocult (això es cumpleix ara). A més, no ha de crear cap partició entre el sistema esquer i la partició on hi ha el sistema ocult.\n\n - 3) Arranqui el sistema esquer (el que ha creat al pas 2) i instal·li-hi el VeraCrypt.\n\nRecordi que aquest sistema esquer no ha de contenir mai dades sensibles.\n\n - 4) Al sistema esquer, executi el VeraCrypt i seleccioni 'Sistema' > 'Xifrar la partició/unitat de sistema'. Els següents passos s'aplioquen a l'assistent de creació de volums que apareixerà.\n\n - 5) A l'assisten de creació de volums no seleccioni la opció 'Ocult'. Deixi seleccionada la opció 'Normal' i faci clic a 'Següent'.\n\n - 6) Seleccioni l'opció 'Xifrar la partició de sistema de Windows' i faci clic a 'Següent'.\n\n - 7) Si només hi ha el sistema operatiu ocult i l'esquer instal·lats a l'ordinador, seleccioni l'opció 'Arrencada simple' (si n'hi ha més, ha de seleccionar 'Arrencada múltiple'). Després faci clic a 'Següent'.\n\n - 8) IMPORTANT: en aquest pas HA DE SELECCIONAR ELS MATEIXOS ALGORISMES DE XIFRAT I DE HASH PER EL SISTEMA ESQUER QUE HA seleccionat PEL SISTEMA OCULT! SI NO HO FA AIXÍ, EL SISTEMA OCULT NO SERÀ ACCESSIBLE! Nota: Ha de ser així perquè el sistema operatiu ocult i l'esquer comparteixen el gestor d'arranc, que només pot utilitzar un algorisme seleccionat per l'usuari (hi ha una versió especial del gestor d'arranc per a cada algorisme).\n\n - 9) En aquest pas ha d'escullir la contrasenya pel sistema operatiu esquer. Podrà divulgar aquesta contrasenya a un adversari si li pregunten o l'obliguen a revelar la contrasenya de l'entorn de prearrancada (també pot revelar la contrasenya del volum ocult). L'existència d'una tercera contrasenya (la contrasenya de prearrencada del sistema operatiu ocult) s'ha de mantenir en secret.\n\nImportant: La contrasenya que esculli pel sistema esquer ha de ser substancialment diferent de l'escollida pel volum ocult.\n\n - 10) Segueixi les instruccions restants de l'assisten per tal de xifrar el sistema operatiu esquer.\n\n\n\n - \n\nDesprés de crear el sistema esquer\n------------------------------------------------\n\nDesprés de xifrar el sistema esquer, s'haurà completat el procés de creació d'un sistema operatiu ocult i podrà utilitzar les tres contrasenyes:\n\n1) La contrasenya de prearrancada pel sistema operatiu ocult.\n\n2) La contrasenya de prearrancada pel sistema operatiu esquer.\n\n3) La contrasenya del volum ocult.\n\n - Si vol engegar el sistema operatiu ocult, només ha d'introduïr la contrasenya del sistema operatiu ocult a la pantalla del gestor d'arranc (que apareix quan engega o reinicia l'ordinador).\n\n vol engegar el sistema operatiu esquer, ha d'introduïr la contrasenya del sistema operatiu ocult a la pantalla del gestor d'arranc\n\nEs pot revelar la contrasenya del sistema esquer a qualsevol que el forci a revelar la contrasenya de prearrencada. L'existència del volum ocult (i el sistema operatiu ocult) s'ha de mantenir en secret.\n\n - La tercera contrasenya (la del volum exterior) es pot divulgar a qualsevol que el forci a revelar la contrasenya per la primera partició després de la partició de sistema, on hi ha tant el volum exterior com el volum ocult (que té el sistema operatiu ocult). L'existència del volum ocult (i el sistema operatiu ocult) s'ha de mantenir en secret.\n\n\n - Si revela la contrasenya del sistema operatiu ocult a un adversari i li pregunta perquè l'espai lliure a la partició de sistema (esquer) conté dades aleatòries pot respondre, per exemple: "La partició contenia un sistema xifrat amb el VeraCrypt, però vaig perdre la contrasenya de prearrancada (o el sistema està malmès i no arranca) i he hagut de tornar a instal·lar el Windows i tornar a xifrar la partició"\n\n\n - Si s'han seguit totes les instruccions i s'han seguit les precaucions i requisits que es llisten a la secció 'Requisits de seguretat i precaucions dels volums ocults' del manual d'usuari VeraCrypt hauria de ser impossible provar que el sistema operatiu ocult existeix, encara que el volum exterior estigui muntat o que el sistema operatiu esquer estigui desxifrat o engegat.\n\nSi guarda alguna còpia d'aquest text o l'imprimeix (molt recomanat a no ser que la seva impressora guardi copies dels documents que imprimeix en una unitat interna), hauria de destruïr totes les còpies després de crear el sistema operatiu esquer i d'haver entès tota la informació del text (si es troba una còpia d'aquestes instruccions es podria sospitar que hi ha un sistema operatiu ocult en aquest ordinador).\n\n - ATENCIÓ: SI NO PROTEGEIX EL VOLUM OCULT (per informar-se sobre com fer-ho, pot consultar la secció 'Protecció dels volums ocults contra danys' a la guia d'usuari del VeraCrypt), NO ESCRIGUI AL VOLUM OCULT (el sistema operatiu esquer NO està instal·lat al volum ocult). SI HO FA, POT SOBREESCRIURE I MALMETRE EL VOLUM OCULT (I EL SISTEMA OPERATIU OCULT QUE HI HA A DINS)! - Clonar el sistema operatiu - Als passos següents, el VeraCrypt crearà un sistema operatiu ocult copiant el contingut de la partició de sistema al volum ocult (les dades copiades es xifraran al vol amb una clau de xifrat diferent a la que s'utilitza pel sistema operatiu esquer).\n\nAquest procés es durà a terme a l'entorn de prearrencada (abans d'iniciar el Windows) i pot trigar força estona a acabar-se; diverses hores o dies (depenent de la mida de la partició de sistema i del rendiment de l'ordinador).\n\nPorà interrompre el procés, apagar l'ordinador, engegar el sistema operatiu i després continuar el procés. No obstant, si l'interromp, el procés de copiar el sistema haurà de tornar a començar des del principi (ja que el contingut de la partició de sistema no haurien de canviar durant la còpia). - Vol cancel·lar el procés de creació d'un sistema operatiu ocult?\n\nNota: No podrà continuar aquest procés si el cancel·la ara. - Vol cancelar la prova prèvia de xifrat del sistema? - Ha fallat la prova prèvia de xifrat del sistema. Vol tornar-ho a provar?\n\nSi selecciona 'No', es desinstal·larà el component d'autenticació prearrencada.\n\nNots.\n\n- Si el gestor d'arranc del VeraCrypt no li demana la contrasenya abans d'engegar el Windows és possible que el seu sistema operatiu no engegui des del disc dur on es troba instal·lat. Això no està suportat.\n\n- Si utilitza un algorisme de xifrat que no sigui AES i la prova prèvia falla (i ha introduït la contrasenya) pot ser degut a un controlador defectuós. Seleccioni 'No' i provi de tornar a xifrar la partició/unitat una altre vegada, però utilitzant l'algorisme de xifrat AES (que necessita menys memòria).\n\n- Per a més possibles causes i solucions, vegi: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - La partició/unitat de sistema sembla no estar xifrada (ni parcial ni completament). - La partició/unitat de sistema està xifrada (parcial o completament).\n\nSi us plau, desxifri completament la partició/unitat abans de continuar. Per a fer-ho, seleccioni 'Sistema' > 'Desxifrar la partició/unitat del sistema permenentment'. - Quan la partició/unitat de sistema està xifrada (parcial o completament) no és possible baixar la versió del VeraCrypt (però es pot actualitzar o reinstal·lar la mateixa versió). - La partició de sistema s'està xifrant, desxifrant o modificant d'altre manera. Si us plau, interrompi el procés de xifrat/desxifrat/modificació (o esperi que s'acabi) abans de continuar. - S'està executant una instància de l'assistent de creació de volums VeraCrypt i està preparant o realitzat un xifratge/desxifratge de la partició/unitat de sistema. Abans de seguir, si us plau esperi que acabi o tanqui-la. Si no pot tancar la instància, si us plau reinicii l'ordinador abans de continuar. - No s'ha completat el procés de xifrat o desxifrat de la partició/unitat de sistema. Si us plau, esperi que acabi abans de continuar. - Error: No s'ha completat el procés de xifrat de la partició/unitat. Si us plau, esperi que acabi abans de continuar. - Error: No s'ha completat el procés de xifrat de la partició/unitat. Si us plau, esperi que acabi abans de continuar.\n\nNota: Per continuar el procés, seleccioni 'Volums' > 'Continuar una tasca interrompuda'. - La contrasenya és correcta. El VeraCrypt ha desxifrat la capçalera del volum i ha detectar que és un volum de sistema ocult. No obstant, no pot modificar la capçalera del volum de sistema ocult d'aquesta manera.\n\nPer canviar la contrasenya d'un volum de sistema ocult, engegui el sistema operatiu que hi ha dins el volum i després seleccioni 'Sistema' > 'Canviar contrasenya' des del menú de VeraCrypt.\n\nPer canviar l'algorisma de derivació de la clau de capçalera, engegi el sistema operatiu i després seleccioni 'Sistema' > 'Algorisme de derivació de la clau de capçalera'. - El VeraCrypt no permet el desxifrat in situ de particions de sistema ocultes.\n\nNote: si vol desxifrar la partició de sistema esquer, engegui el sistema esquer i després seleccioni 'Sistema' > 'Desxifra la partició/unitat de sistema permanentment'. - Error: Paràmetre incorrecte/invàlid. - Ha seleccionat una partició o una unitat però en aquests punt l'assistent només pot seleccionar contenidors de fitxers.\n\nVol canviar el mode de l'assistent? - Vol crear un contenidor de fitxers en comptes d'això? - Ha seleccionat la partició/unitat de sistema (o la partició d'arranc) però en aquest punt l'assisten només pot seleccionar particions/unitats que no siguin de sistema\n\nVol configurar la contrasenya de prearrancada el que significa que haurà d'entrar la contrasenya cada vegada abans d'iniciar el Windows) i xifrar la partició/unitat de sistema? - Està segur que vol desxifrar de forma permanent la partició/unitat del sistema? - ATENCIÓ: Si desxifra de forma permanent la unitat/partició de sistema, s'hi escriuran dades sense xifrar.\n\nSegur que vol desxifrar permenentment la unitat/partició de sistema? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - ATENCIÓ: Si utilitza xifrats en cascada per xifrar el sistema es pot trobar amb els següents problemes:\n\n1) El gestor d'arranc del TrueCrypr és més gran del normal i, per tant, no hi ha prou espai a la primera pista de la unitat per la còpia del gestor d'arranc. Per tant, cada cop que es malmeti (cosa que passa sovint, per exemple, durant el procés antipirateria d'alguns programes mal dissenyats), haurà d'utilitzar el disc de recuperació per arrencar o reparar el gestor d'arranc.\n\n2) En alguns ordinadors, engegar després de la hivernació triga molt de temps.\n\nAquests problemes potencials poden evitarse seleccionant un algorisme de xifrat que no sigui en cascada (per exemple, l'AES).\n\nSegur que vol fer servir un xifrat en cascada - Si es troba amb algun dels problemes descrits anteriorment, desxifri la partició/unitat (si està xifrada) i provi de xifrar-la un altre cop fent servir un algorisme de xifrat que no sigui en cascada (per exemple, AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - El número de versió del gestor d'arranc VeraCrypt que ha iniciat aquest sistema és diferent del número de versió del controlador TrueCrtypy (i de les aplicacions VeraCrypt) instal·lat en aquest sistema.\n\nHauria d'executar l'instal·lador (la versió del qual és la mateixa que la del gestor d'arranc) per actualitzar el VeraCrypt en aquest sistema. - El número de versió del gestor d'arranc VeraCrypt que ha iniciat aquest sistema és diferent del número de versió del controlador TrueCrtypy (i de les aplicacions VeraCrypt) instal·lat en aquest sistema. Tingui en compte que versions antigues poden corretgir errors ja resolts en versions poteriors.\n\nSi no ha arrencat des del disc de recuperació, hauria de reinstal·lar o actualitzar el VeraCrypt a la última versió (el gestor d'arranc també s'actualitzarà).\n\nSi ha arrencat des del disc de recuperació, hauria d'actualitzar-lo ('Sistema' > 'Crear un disc de recuperació'). - S'ha actualitzat el gestor d'arranc del VeraCrypt.\n\nÉs molt recomanable crear un nou disc de recuperació (que contingui la nova versió del gestor d'arranc) seleccionant 'Sistema' > 'Crear un disc de recuperació' després de reiniciar l'ordinador. - S'ha actualitzat el gestor d'arranc del VeraCrypt.\n\nÉs molt recomanable engegar el sistema operatiu esquer i crear un nou disc de recuperació (que contingui la nova versió del gestor d'arranc) seleccionant 'Sistema' > 'Crear un disc de recuperació'. - No s'ha pogut actualitzar el gestor d'arranc VeraCrypt. - El VeraCrypt no ha pogut detectar la mida real de la unitat de sistema, i, per tant, s'utilitzarà la mida proporcionada pel sistema operatiu (que pot ser més petita que la real). Tingui en compte que això no és un error del VeraCrypt. - ATENCIÓ: Sembla que el VeraCrypt ja ha intentat detectar sectors ocults en aquesta unitat de sistema. Si s'ha trobat amb algun problema durant els anteriors processos de selecció pot evitar els problemes saltant-se la detecció de sectors ocults. Tingui en compte que si ho fa, el VeraCrypt utilitzarà la mida proporcionada pel sistema operatiu (que pot ser més petita que la real)\n\nTingui en compte que això no és un error del VeraCrypt. - Saltar-se la detecció de sectors ocults( s'utilitzarà la mida proporcionada pel sistema operatiu) - Tornar a provar de detectar sectors ocults - Error: No es pot llegir el contingut d'un o més sectors del disc (probablement per un defecte físic al disc).\n\nEl procés de xifrat in-situ pot continuar només quan els sectors tornin a ser llegibles. El VeraCrypt pot intentar fer aquests sectors llegibles escribint-hi zeros. No obstant, tingui en compte que es perdran totes les dades que hi haguessin als sectors il·legibles. Per evitar això, pot provar de recuperar les porcions corruptes fent servir les eines de tercers adecuades.\n\nNota: En cas de sectors malmesos físicament (en comptes de simplement dades corrputes i errors de comprovació) la majoria de tipus de dispositius d'emmagatzematge reubiquen internament el contingut que s'hi inenta escriure (i per tant les dades que hi ha als sectors malmesos poden restar sense xifrar).\n\nVol que el VeraCrypt ompli de zeros els sectors il·legibles? - Error: No es pot llegir el contingut d'un o més sectors del disc (probablement per un defecte físic al disc).\n\nPer poder seguir amb el procés de desxifrat, el VeraCrypt haurà de descartar el contingut dels sector il·legibles (el contingut es canviarà per dades pseudoaleatòries). Després de fer això podrà intentar recuperar porcions de qualsevol dada corrupta utilitzat el programari de tercers apropiat.\n\nVol que el VeraCrypt descarti les dades dels sectors il·legibles? - Nota: El VeraCrypt ha substituït el contingut de %I64d sector(s) (%s) amb blocs de zeros xifrats. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Introdueixi la contrasenya/PIN pel testimoni '%s': - Per tal que el VeraCrypt pugui accedir a un testimoni de seguretat o a una targeta intel·ligent és necessàri instal·lar una biblioteca PKCS #11 per a aquests dispositius. Aquesta biblioteca pot ser subministrada amb el dispositiu o pot estar disponible per a descarregar del lloc web del proveïdor o de tercers.\n\nDesprés d'instal·lar la bilioteca, pot seleccionar-la manualment fent clic a 'Buscar biblioteca' o pot deixar que el VeraCrypt la busqui i seleccioni automàticament fent clic a 'Detectar automàticament' (només es buscarà al directòri de sistema de windows). - Nota: Per saber el nom de fitxer i la ubicació de la bilioteca PKCS #11 pel seu testimoni de seguretat o targeta intel·ligent vegeu la documentació proporcionada amb el testimoni, targeta o programari de tercers. - Per tal que el VeraCrypt pugui accedir a un testimoni de seguretat o a una targeta intel·ligent és necessàri instal·lar una biblioteca PKCS #11 per a aquests dispositius. Per fer-ho, seleccioni 'Configuració' > 'Testimonis de seguretat'. - No s'ha pogut inicialitzar la biblioteca PKCS #11 del testimoni de seguretat. Si us plau, asseguri's que la ruta i el nom del fitxer apunten a una biblioteca vàlida. Per especificar una biblioteca PKCS #11 seleccioni 'Configuració' > 'Testimonis de seguretat'. - No s'ha trobat cap biblioteca PKCS #11 al directòri de sistema de Windows.\n\nSi us plau, asseguri's que la biblioteca PKCS #11 pel seu testimoni de seguretat (o targeta intel·ligent) està instal·lada (aquest tipus de biblioteques acostumes a subministrar-se amb el testimoni/targeta o es poden descarregar des del lloc web del fabricant o de tercers). Si està instal·lada en un directori diferent al de sistema de Windows, faci clic a 'Buscar biblioteca' per buscar-la (per exemple, al directòri on hi ha instal·lat el programari pel testimoni/targeta). - No s'ha trobat cap testimoni de seguretat.\n\nSi us plau, asseguri's que el testimoni està connectat a l'ordinador i que el controlador de dispositius adecuat està instal·lat. - No es troba el fitxer de claus del testimoni. - Ja existeix un fitxer de claus del testimoni de seguretat amb el mateix nom. - Vol esborrar els fitxers seleccionats? - La ruta del fitxer de claus del testimoni de seguretat no és vàlida. - Error del testimoni de seguretat - La contrasenya del testimoni de seguretat no és vàlida. - El testimoni de seguretat no té prou memòria/espai per realitzar l'operació demanada.\n\nSi està intentant importar un fitxer de claus, hauria de seleccionar un fitxer més petit o fer servir un fitxer de claus generat pel VeraCrypt ('Eines' > 'Generar fitxers de claus'). - S'han tancat totes les sessions de testimonis de seguretat. - Seleccionar fitxers de claus - Ranura - Nom del testimoni - Fitxer - IMPORTANT: Si us plau, tingui en compte que la contrasenya de l'autenticació prearrencada sempre s'escriu fent servir la disposició de teclat estàndard als EUA. Per tant, un volum que utilitzi una contrasenya escrita amb una altre disposició de teclat pot ser impossible de muntar utilitzant la contrasenya a l'autenticació prearrencada (tingui en compte que això no és un error del VeraCrypt). Per permetre que aquest volum es pugui muntar utilitzant la contrasenya d'autenticació prearrencada, segueixi aquests passos:\n\n1) Faci clic a 'Triar fitxer' o 'Triar dispositiu' i seleccioni el volum.\n2) seleccioni 'Volums' > 'Canviar la contrasenya del volum'.\n3) Introdueixi la contrasenya actual del volum.\n4) Canvii la disposició de teclat a Anglès (EUA) fent clic a l'icona d'idioma a la barra de tasques de Windows i seleccionant 'EN English (United States)'.\n5) Al VeraCrypt, al camp per la nova contrasenya, escrigui la contrasenya de prearrencada.\n6) Confirmi la nova contrasenya tornant a escriure-la al camp de confirmació i faci clic a 'OK'.\nATENCIÓ: Si us plau, recordi que si segueix aquests passos, la contrasenya del volum sempre s'haurà d'escriure fent servir la disposició de teclat estàndard als EUA (que només està garantit a l'entorn de prearrencada). - Els volums favorits del sistema es muntaran utilitzant la contrasenya de prearrancada. Si algun volum favorit del sistema no fa servir aquesta contrasenya, no es muntarà - Tingui en compte que per evitar que les accions normals del VeraCrypt (com ara 'Desmuntar-ho tot', desmuntar automàticament, etc.) afectiu als volums favorits del sistema ha d'activar la opció 'Permetre veure i desmuntar els favorits del sistema al VeraCrypt només als administradors'. A més d'això, quan s'executi el VeraCrypt sense permisos d'administrador (per defecte en un Windows Vista o superior) els volums favorits del sistema no es mostraran a la llista de lletres d'unitat a la finestra principal del VeraCrypt. - IMPORTANT: Recordi que si aquesta opció està activada i el VeraCrypt no té privilegis d'administrador, els volums favorits del sistema no es mostraran a la llista de lletres d'unitat a la finestra principal del VeraCrypt i no es podran desmuntar. Per tant, si necessita, per exemple, desmuntar un volum favorit del sistema, faci clic amb el botó dret a la icona del VeraCrypt al menú d'inici i seleccioni 'Executar com a administrador'. La mateixa limitació s'aplica la funció 'Desmuntar-ho tot', la funcio de desmuntar automàticament, la drecera de 'Desmuntar-ho tot', etc. - Tingui en compte que aquesta configuració s'aplicarà després de reiniciar el sistema. - Error analitzant la línia de comandes. - Disc de recuperació - Triar &fitxer i muntar-lo... - Triar &dispositiu i muntar-lo... - Permetre veure i desmuntar els favorits del sistema al VeraCrypt només als administradors - Muntar els volums favorits del sistema quan s'engegui el Windows (a la fase inicial del procés d'arrencada) - ATENCIÓ: El sistema de fitxers muntat com a '%s' no s'ha desmuntat netament i pot contenir error. Utilitzar un sistema de fitxers corrupte pot causar la pèrdua o la corrupció de els dades.\n\n:Abans de treure o apagar físicament un dispositiu (com un llàpis òptic o un disc dur extern) on hi ha un volum VeraCrypt, hauria de desmuntar sempre primer el volum al VeraCrypt.\n\nVol que el Windows intenti detectar i arreglar els errors del sistema de fitxers? - ATENCIÓ: Un o més dels volums favorits del sistema no s'han desmuntat netament i poden contenir error. Si us plau, consulti el registrre de successos del sistema per a més detalls.\n\nUtilitzar un sistema de fitxers corrupte pot causar la pèrdua o la corrupció de els dades. Hauria de revisar els volums de sistema afectats en busca d'errors (fer clic dret a sobre dells al VeraCrypt i seleccionar 'Reparar sistema de fitxers'). - ATENCIÓ: Reparar un sistema de fitxers malmès utilitzant l'eina 'chkdsk' de Microsoft pot provocar la pèrdua de fitxers a les àreas afectades. Per tant, és recomanable que primer faci una còpia de seguretat dels fitxers guardat en un volum en un altre volum.\n\nVol reparar el sistema de fitxers? - El volum '%s' s'ha muntat en mode de només lectura perquè s'ha denegat l'accés.\n\nSi us plau assegui's que els permisos de seguretat del fitxer contenidor li permeten escriure-hi (faci clic dret sobre el contenidor i seleccioni 'Propietats' > 'Seguretat').\n\nTingui en compte que, degut a un error de Windows, pot ser que li aparegui aquesta alerta fins i tot després d'assignar els permisos corretes. Això no és causa d'un error al VeraCrypt. Una possible solució és moure el cotnenidor, per exemple, a la seva carpeta de documents.\n\nSi intenta mantenir el seu contenidor en mode de només lectura, estableixi l'atribut de només lectura al contenidor (faci clic dret sobre el contenidor i seleccioni 'Propietats' > 'Només lecura'), la qual cosa anularà aquesta alerta. - El volum '%s' s'ha muntat en mode només lectura perquè s'ha denegat l'escriptra.\n\nSi us plau, asseguri's que cap altre aplicació (com ara un antivirus) està accedint a la partició/unitat on hi ha el volum. - El volum '%s' s'ha muntat en mode de només lectura perquè que el seu dispositiu està protegit contra escriptura.\n\nSi us plau, tingui en compte que alguns jocs de xips poden causar que els mitjants apareguin falsament marcats com a protegits contra escriptura. Això no és causa d'un error al VeraCrypt. Això es pot solucionar actualitzant o desinstal·lant qualsevol controlador del joc de xips que estigui instal·lat i no sigui de Microsoft. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d fils - Tingui en compte que l'acceleració per maquinari de l'AES està desactivada, la qual cosa afecta al resultat de les proves (menys rendiment).\n\nPer activar l'acceleració per maquinari seleccioni 'Configuració' > 'Rendiment' i activi l'opció corresponent. - Tingui en compte que el número de fils està actualment limitat, la qual cosa afecta al resultat de les proves (menys rendiment).\n\nPer utilitzar tota la potencia del(s) processador(s) seleccioni 'Configuració' > 'Rendiment' i desactivi l'opció corresponent. - Vol que el VeraCrypt intenti desactivar la protecció d'escriptura de la partició/unitat? - ATENCIÓ: Aquesta configuració pot afectar al rendiment.\n\n Segur que vol utilitzar-la? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Prova - Fitxer de claus - Retrocés - Tabulació - Netejar - Retorn - Pausa - Fixació de majúscules - Espai - Retrocedir pàgina - Avançar pàgina - Fi - Inici - Esquerra - Amunt - Dreta - Avall - Seleccionar - Imprimir - Tecla d'execució - Imprimir pantalla - Insertar - Esborrar - Applications Key - Suspendre - Fixació de teclat numèric - Bloquejar desplaçament - Enrera al navegador - Endavant al navegaodr - Torna a carregar al navegador - Aturar al navegador - Buscar al navegador - Favorits del navegador - Pàgina d'inici - Silenci - Abaixar volum - Apujar volum - Següent cançó - Cançó anterior - Aturar reproducció - Iniciar/pausar reproducció - Correu electrònic - Escollir element a reproduïr - Aplicació 1 - Aplicació 2 - Attn - CrSel - ExSel - Reproduïr - Apropar - Teclat numèric - Majúscules - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Cancel·lar + Instal·lar &per tots els usuaris + Exa&minar... + Afegir l'icona del VeraCrypt a l'&escriptori + Donate now... + Associar l'&extensió de fitxers .hc al VeraCrypt + Obre la ubicació de destí en acabar + Afegir el VeraCrypt al menú d'&inici + Crear un punt de &restauració de sistema + &Desinstal·lar + &Extreure + &Instal·lar + Assistent d'instal·lació de VeraCrypt + Desinstal·lar VeraCrypt + &Ajuda + Si us plau seleccioni o escrigui la ubicació on desitja extreure els fitxers: + Si us plau seleccioni o escrigui la ubicació on desitja instal·lar els fitxers de VeraCrypt. Si la carpeta especificada no existeix, es crearà automàticament. + Faci clic a Desinstal·lar per eliminar VeraCrypt del sistema. + Aturar + Provar &rendiment + &Vector de prova + Crear un volum xifrat i donar-li format + Xifrar la partició in situ + Veure les claus generades (les seves parts) + Mostrar el contingut + Descarregar un programa de gravació de CD/DVD + Crear un contenidor de fitxers xifrats + &GB + &TB + Més informació + Volum &ocult + Més informació sobre els volums ocults + Mètode directe + Mètode normal + &KB + &Usar fitxers de claus + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + Fitxers de &claus... + Més informació + Més informació + Information on PIM + &MB + Més informació + Més informació sobre els algorismes de xifrat + Més informació + Arrancada múltiple + Xifrar una partició/unitat que no és de sistema + &No guardar l'historial + Obrir el volum extern + &Pausar + Use P&IM + Use PIM + Format ràpid + &Veure contrasenya + &Veure contrasenya + &Display PIM + Arrencada simple + Volum normal + &Ocult + Normal + Xifrar la partició de sistema o un disc sencer + Xifrar la partició de sistema de Windows + Xifrar el disc sencer + Assistent de creació de volums VeraCrypt + Clúster + IMPORTANT: Mogui el seu ratolí tant aleatòriament com pugui en aquesta finestra. Com més el mogui, millor. Això incrementarà significativament la força de les claus de xifrat. Després faci clic a Següent per continuar. + &Confirmar: + Fet + Drive letter: + Algorisme de xifrat + Sistema de fitxers + Crea un disc virtual xifrat dins d'un fitxer. Recomanat per a usuaris inexperts. + Opcions + Algorisme de hash + Capçalera: + Falten + Clau mestra: + Seleccioni aquesta opció si hi ha dos o més sistemes operatius instal·lats en aquest ordinador.\n\nPer example:\n- Windows XP i Windows XP\n- Windows XP i Windows Vista\n- Windows i Mac OS X\n- Windows i Linux\n- Windows, Linux i Mac OS X + Xifra una partició de dades o un disc intern o extern (i. g. un llapis de memòria). Opcionalment, crea un volum ocult. + Contingut (parcial) actual + Passat + Contrasenya: + Volume PIM: + Volume PIM: + Progrés: + Contingut aleatòri: + Seleccioni aquesta opció si nomhés hi ha un sistema operatiu instal·lat en aquest ordinador (encara que tingui més d'un usuari). + Velocitat + Estat + Les claus i la resta de dades s'han generat satisfactòriament. Si vol generar unes noves claus, faci clic a Enrere i després a Següent. Si no, faci clic a Següent per continuar. + Xifrar la partició/unitat on hi ha el sistema operatiu instal·lat. Tothom que vulgui accedir i utilitzar el sistema, llegir i escriure fitxers, etc., haurà d'introduïr la contrasenya cada vegada que s'inicii el Windows. Opcionalment, crea un sistema ocult. + Seleccioni aquesta opció per xifrar la partició on hi ha instal·lat el sistema operatiu Windows actual. + Volume Label in Windows: + Tipus de neteja: + Tancar + Permet saltar-se l'&autenticació abans d'arrencar prement la tecla Esc (activa el gestor d'arrencada) + No fer res + Muntar &automàticament el volum VeraCrypt (especificat a sota) + &Engegar VeraCrypt + Dectectar automàticament + Guardar la contrasenya de prearrencada a la memòria del controlador (per muntar volums simples) + Examinar... + Examinar... + &Recordar contrasenyes i fitxers de claus + Sortir quan no hi hagi volums muntats + Tancar la sessió del testimoni després de muntar un volum + Include VeraCrypt Volume Expander + Inclou l'assistent de creació de volums VeraCrypt + Crear + C&rear un volum + No &mostris cap text a la pantalla d'autenticació abans d'arrencar (excepte el missatge personalitzat de sota) + Disable "Evil Maid" attack detection + Accelerar les operacions de xifratge fent servir les instruccions del processador (si és possible) + Utilitzar fitxers de claus + Utilitzar fitxers de claus + &Sortir + Ajuda sobre els volums favorits + Evitar muntar el volum seleccionat quan s'utilitzi la &drecera de teclat 'Muntar volums favorits' + Muntar el volum seleccionat quan es &connecti el seu disc contenidor + Muntar el volum seleccionat a l'iniciar la sessió + Muntar el volum seleccionat en mode només lectura + Muntar el volum seleccionat com a mitjà e&xtraïble + Moure a&vall + Moure &amunt + Obir una &finestra del volum seleccionat quan es munti amb èxit + &Eliminar + Use favorite label as Explorer drive label + Configuració global + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Majúscules + Win + Assignar + Eliminar + Seleccionar... + No utilitzar el següent número de processadors per xifrar/desxifrar: + Més informació + Més informació + Més opcions... + Munt&ar dispositius + Opci&ons... + Muntar el volum en mode &només lectura + Seleccionar... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Activat + Guardar contrasenyes al controlador + Desmuntar el volum automàticament quan no s'hi llegeixi/escrigui durant + L'usuari tanqui la sessió + User session locked + S'entri en el mode d'estalvi d'energia + S'activi el protector de pantalla + Forçar el desmuntatge automàtic encara que el volum tingui fitxers o directoris oberts + Muntar tots els volums de dispositiu + Engega VeraCrypt en segon pla + Muntar els volums en mode només lectura + Muntar els volums com a mitjans extraïbles + Obrir una finestra pels volums muntats satisfactòriament + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Oblidar les contrasenyes guardades quan es desmunti automàticament + Oblidar les contrasenyes guardades al sortir + Preservar la data i hora de modificació dels contenidors d'arxius + Per defecte + Triar &dispositiu... + &Triar fitxer... + Buscar &biblioteca... + Veure contrasenya + Veure contrasenya + Obrir una finestra de l'&exporador pel volum muntat + Guardar contrassenyes a la memòria del controlador + TrueCrypt Mode + &Desmuntar-ho tot + Propietats del &volum... + &Eines de volum... + &Buidar la memòria cau + VeraCrypt - Mount Parameters + VeraCrypt - Volums favorits + VeraCrypt - Dreceres de teclat + VeraCrypt + Canviar la contrasenya o els fitxers de claus + Introdueixi la contrasenya del volum VeraCrypt + VeraCrypt - Opcions de rendiment + VeraCrypt - Preferències + VeraCrypt - Opcions de xifratge del sistema + VeraCrypt - Preferències dels testimonis de seguretat + Configuració del disc de viatge VeraCrypt + Propietats del volum VeraCrypt + Sobre el VeraCrypt... + Afegir/Esborrar fitxers de claus a/desde un volum... + Afegir el volum muntat a favorits... + Afegir als volums favorits del sistema... + Analitzar aturades del sistema... + Fer còpia de seguretat de la capçalera... + Prova de rendiment... + Algorisme de derivació de la clau de la capçalera... + Canviar la contrasenya del volum... + Algorisme de derivació de la clau de la capçalera... + Canviar contrasenya... + Esborrar l'historial de volums + Tancar totes les sessions de testimonis de seguretat + Contacte... + Crear un sistema operatiu ocult... + Crear un disc de recuperació... + Crear un volum nou... + Permanently Decrypt... + Fitxers de claus per defecte... + Default Mount Parameters... + Donate now... + Xifrar la partició/unitat del sistema... + Preguntes més freqüents + Guia d'usuari + &Pàgina principal + Dreceres de teclat... + Generador de fitxers de claus + Idioma... + Notes legals + Gestionar els fitxers de claus de testimonis... + Muntar tots els volums de dispositiu + Muntar els volums favorits + Muntar sense l'&autenticació prearrencada... + Muntar el volum + Muntar el volum amb opcions + Noticies + Ajuda en línia + Tutorial per a principiants + Organitzar els volums favorits... + Organitzar els volums favorits del sistema... + Rendiment... + Desxifrar la partició/unitat del sistema permanentment + Preferències... + Actualitzar les lletres d'unitat + Esborrar tots els fitxers de claus d'un volum... + Restaurar la capçalera... + Continuar una tasca interrompuda + Selecionar un dispositiu... + Seleccionar un fitxer... + Continuar una tasca interrompuda + Xifratge del sistema... + Propietats... + Configuració... + Volums favorits del sistema... + Descàrregues + Vectors de prova... + Testimonis de seguretat... + Crear un disc de viatge... + Desmuntar tots els volums + Desmuntar el volum + Verificar el disc de recuperació + Verify Rescue Disk ISO Image + Historial de versions + Volume Expander + Propietats del volum + Assistent de creació de volums + Lloc web de VeraCrypt + Oblidar les contrasenyes guardades + OK + Acceleració per maquinari + Drecera de teclat + Configuració d'inici automàtic (autorun.inf) + Desmuntar automàticament + Desmuntar-ho tot quan: + Opcions de la pantalla de gestió d'arrencada + Confirmació: + Actual + Mostrar aquest missatge personalitzat a la pantalla d'autenticació prearrencada (com a màxim 24 caràcters): + Opcions de muntatge per defecte + Opcions de les dreceres de teclat + Driver Configuration + Enable extended disk control codes support + Etiqueta del volum seleccionat: + Configuració dels fitxers + Tecla a assignar: + Processor (CPU) in this computer supports hardware acceleration for AES: + Accions a realitzar després d'iniciar sesió + minuts + Muntar a la unitat: + Opcions de muntatge + Nova + Contrasenya: + Paral·lelització per fils + Ubicació de la biblioteca PKCS #11 + PKCS-5 PRF: + PKCS-5 PRF: + Recordar contrasenyes + Opcions de seguretat + VeraCrypt en segon pla + Volum VeraCrypt a muntar (ruta relativa al directori arrel del disc): + Després d'inserir el disc de viatge: + Crear els fitxers del disc de viatge a (directori arrel del disc de viatge): + Volum + Finestres + Afegir &ruta... + Provar &algorismes + &Continuar + &Desxifrar + E&sborrar + &Xifrar + E&xportar... + Generar i guardar el fitxer de claus... + &Generar un fitxer de claus aleatòri... + Descarregar paquet d'idioma + AES accelerat per maquinari: + &Importar fitxer de claus al testimoni... + Afegir &fitxers... + U&ititzar fitxer de claus + Fitxer de &claus... + &Esborrar + Esborrar-los &tots + Què és la protecció de volums ocults? + Més informació + Muntar el volum com a mitjà extraïble + M&untar la partició de sistema amb el xifrat sense autenticació prearrencada + Paral.lelització: + Executar prova + Im&rimir + &Protegir el volum ocult de danys causat per l'escriptura a un volum extern + &Reiniciar + &Veure contrasenya + Afegir &testimonis... + Utilitzar la còpia de seguretat de la capçalera inclosa al &volum si està disponible + mode XTS + Sobre el VeraCrypt + VeraCrypt - Prova de rendiment d'algorismes de xifrat + VeraCrypt - Vectors de prova + Ajuda de línia de comandes + VeraCrypt - Fitxers de claus + VeraCrypt - Generador de fitxers de claus + VeraCrypt - Idioma + VeraCrypt - Opcions de muntatge + Propietats del nou fitxer de claus del testimoni + VeraCrypt - Generador aleatòri + Seleccioni una partició o un dispositiu + VeraCrypt + Fitxers de claus del testimonis + És necessari el PIN/contrasenya del testimoni + Paquet d'idioma actual + La velocitat es veu afectada per la càrrega a la CPU i les característiques de les unitats d' emmagatzematge.\n\nAquestes proves es dúen a terme a la memòria RAM. + Ús de memòria: + Tipus de xifrat: + &Contrasenya del volum ocult: + Protecció de volums ocults + Mida del volum: + IMPORTANT: Mogui el seu ratolí tant aleatòriament com pugui en aquesta finestra. Com més el mogui, millor. Això incrementarà significativament la força de les claus de xifrat. + ATENCIÓ: Si perd un fitxer de claus o si canvia algun dels seus primers 1024 kilobytes, serà impossible de muntar els volums que utilitzin aquest fitxer de claus! + bits + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Traduït per: + Mida del text pla: + bits + Contingut actual + Tipus de PRF: + IMPORTANT: Mogui el seu ratolí tant aleatòriament com pugui en aquesta finestra. Com més el mogui, millor. Això incrementarà significativament la seguretat. Després faci clic a 'Següent' per continuar.. + Clau secundària (hexadecimal) + Testimoni de seguretat: + Mètode d'ordenació: + Si us plau, esperi. Aquest procés pot trigar molt de temps... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Número de bloc: + Text xifrat (hexadecimal) + número de dades per unitat (La mida per a 64-bit hexadecimal és 512 bytes) + Clau (hexadecimal) + Text pla (hexadecimal) + Fitxer de claus: + mode XTS + &Sistema + &Volums + &Favorits + &Eines + &Configuració + &Ajuda + Lloc &web + + &Sobre... + No s'ha pogut canviar l'atribut de 'només lectura' al volum antic. Si us plau, revisi els permisos del fitxer. + Error: S'ha denegat l'accés.\n\nLa partició a la que s'intenta accedir té una mida de 0 sectors o és la unitat d'arranc. + Administrador + Per carregar el controlador VeraCrypt és necessari que entri al sistema amb un compte amb privilegis d'administrador. + Si us plau, tingui en compte que per xifrar/desxifrar/donar format a una partició/unitat és necessari que s'utilitzi un compte d'usuari amb privilegis d'administrador.\n\nAixò no s'aplica als volums de dispositiu. + Per a crear un volum ocult és necessàri utilitzar un compte d'usuari amb privilegis d'administrador.\n\nVol continuar? + Tingui en compte que per donar format NTFS a un volum és necessàri utilitzar un compte d'usuari amb privilegis d'administrador.\n\nSense privilegis d'administrador pot donar format FAT al volum. + Un xifrat aprovat pel FIPS (el 1998 amb el nom de Rijndael) que està autoritzat pels departaments i les agències del govern dels EUA per protegir informació classificada fins al nivell de Top Secret. Clau de 256 bits, bloc de 128 bits, 14 rondes (AES-256). Treballa en mode XTS. + El volum ja està muntat. + ATENCIÓ: Ha fallat almenys un dels testos automàtics dels algorismes de hash i de xifrat!\n\nPot ser que la instal·lació del VeraCrypt estigui corrupta. + ATENCIÓ: No hi han prous dades al generador de números aleatòris per a poder satisfer la necessitat de dades aleatòries.\n\nSi us plau, no segueixi endavant. Seleccioni 'Reportar incidències' des del menú d'ajuda i informi d'aquest error. + La unitat està espatllada (té algun desperfecte físic) o el cable està malmès o la memòria no funciona correctament.\n\nTingui en compte que això és un problema del seu maquinari, no del VeraCrypt. Per tant, NO informi d'això com a un error/problema del VeraCrypt i si us plau No demani ajuda sobre això als fòrums del VeraCrypt. Si us plau, contacti amb l'equip de suport del proveïdor de l'ordinador per demanar assistència. Moltes gràcies.\n\nNota: Si l'error apareix repetidament al mateix lloc, és molt probable que sigui culpa d'un bloc erròni del disc, cosa que podria reparar-se utilitzant algun programari de tercers (la majoria d'ocasions la comanda 'chekdsk /r' no pot arreglar-ho ja que només treballa a nivell de sistema de fitxers; en alguns casos, l'eina 'chkdsk' no pot ni detectar-ho). + Si està accedint a una unitat extraïble, si us plau asseguri's que el dispositiu està connectat. Pot ser que el mitjà estigui espatllat (pot tenir algun dany físic) o pot ser que el cable estigui malmès o desconnectat. + Sembla que el seu sistema utilitza controladors propis del joc de xips que contenen un error que evita que es pugui xifrar la unitat de sistema sencera.\n\nSi us plau, intenti actualitzar o desinstal·lar tots els controladors propis (que no siguin de Microsoft) del joc de xips abans de continuar. Si això no serveix, intenti xifrar només la partició del sistema. + Lletra d'unitat incorrecta. + Ruta incorrecta. + Cancel·lar + No es pot accedir a la unitat. Asseguri's que la unitat seleccionada existeix i no s'utilitza des del sistema. + Atenció: el bloqueig de majúscules està activat. Això pot fer que no introdueixi la contrasenya correctament. + Tipus de volum + És possible que es vegi forçat per algú a revelar la contrasenya d'un volum xifrat. Hi ha moltes situacions en les quals no es pot negar a revelar la contrasenya (per exemple, sota extorsió). L'ús dels anomenats volums ocults li permet resoldre aquest tipus de situacions sense revelar la contrasenya del seu volum. + Seleccioni aquesta opció si vol crear un volum VeraCrypt normal. + Tingui en compte que si vol instal·lar un sistema operatiu a una partició de volum oculta no podrà xifrar la partició de sistema sencera utilitzant una clau simple. + Opcions de xifrat del volum exterior + Opcions de xifrat del volum ocult + Opcions de xifrat + ATENCIÓ: No s'ha pogut netejar la ruta de l'últim volum/fitxer de claus seleccionat (arxivat pel selector de fitxers)! + Error: El contenidor està comprimit a nivell de sistema de fitxers. El VeraCrypt no suporta contenidors comprimits (tingui en compte que la compressió de dades xifrades és inefectiva i redundant).\n\nSi us plau, desactivi la compressió del contenidor seguint aquests passos:\n1) Faci clic amb el botó dret al contenidor amb l'Explorador de Windows (no al VeraCrypt)\n2)Seleccioni 'Propietats'.\n3)Seleccioni 'Opvions avançades' a la finestra de 'Propietats'\n4) Desactivi l'opvió 'Comprimir el contingut per estalviar espai de disc' a l'apartat 'Atributs avançats'\n5) Tanqui la finestra de propietats. + Error al crear el volum %s + %s ocupa %.2f bytes + %s ocupa %.2f KB + %s ocupa %.2f MB + %s ocupa %.2f GB + %s ocupa %.2f TB + %s ocupa %.2f PB + ATENCIÓ: El disc/partició s'està utilitzant pel sistema operatiu o per una aplicació. Donar format al disc/partició pot causar la corrupció de dades i la inestabilitat del sistema.\n\nVol continuar? + ATENCIÓ: La partició s'està utilitzant pel sistema operatiu o per una aplicació. Hauria de tancar totes les aplicacions que puguin estar utilitzant la partició (incloent els antivirus).\n\nVol continuar? + Error: La unitat/partició conté un sistema de fitxers que no es pot desmuntar. El sistema de fitxers pot estar en ús pel sistema operatiu. Donar format a la unitat/partició causarà segurament la corrupció de les dades i la inestabilitat del sistema.\n\nPer arreglar aquest problema, és molt recomanable que primer elimini la partició i que la torni a crear sense donar-li format. Per fer-ho, segueixi aquests passos:\n1) Fer clic dret a 'El meu ordinador' al menú d'inici i seleccioni 'Administrar'.\n2) A la finestra d'administració del sistema, seleccionar 'Emmagatzematge' > 'Administrador de discos'.\n3) Fer clic dret a la partició i seleccionar tant 'Esborrar partició' com 'Esborrar volum' com 'Esborrar unitat lògica'.\n4) Fer clic a 'Si'. Si el Windows suggereix reiniciar l'ordinador, fer-ho. Després repetir els passos 1 i 2 i continuar des del pas 5.\n5) Fer clic dret a l'espai sense assignar i seleccionar tant 'Nova partició' com 'Nou volum simple' com 'Nova unitat lògica'.\n6) Seguir les instruccions de l'assistent que apareixerà. Seleccionar l'opció 'No donar format a aquesta partició' o 'No donar format al volum'.\n7)Pot ser que la ruta que s'ha especificat al VeraCrypt ara estigui malament. S'ha de tancar l'assistent de creació de volums (si encara està engegat) i tornar-lo a iniciar.\n8) Provar de xifrar la partició/unitat un altre cop.\n\nSi el VeraCrypt falla repetidament alhora de xifrar la partició/unitat, potser haurà de considerar crear un contenidor de fitxers en comptes d'això. + Error: No es pot bloquejar i/o desmuntar el sistema de fitxers. És possible que el sistema operatiu o alguna aplicació (per exemple, un antivirus) l'estiguin utilitzant. Xifrar la partició pot causar la inestabilitat del sistema i la corrupció de les dades.\n\nSi us plau, tanqui totes les aplicacions que puguin estar utilitzant el sistema de fitxers (incloent els antivirus) i torni-ho a provar. Si el problema persisteix, segueixi els passos següents. + ATENCIÓ: Alguns dels dispositius o de les particions s'estan utilitzant!\n\nIgnorar aquest avís pot causar resultats no desitjats, incloent la inestabilitat del sistema.\n\nÉs molt recomanable que tenqui totes les aplicacions que puguin estar utilitzant els dispositius o les particions. + El dispositiu seleccionat conté particions.\n\nDonar un format al dispositiu pot causar la inestabilitat del sistema i/o la corrupció de les dades. Si us plau, seleccioni una partició dins el dispositiu o elimini totes les particions del dispositiu per permetre que el TrueCrtypt li doni format de forma segura. + La unitat seleccionada conté particions.\n\nEls volums de dispositiu xifrats es poden crear dins de dispositius que no continguin particions. Un dispositiu que contingui particions pot ser xifrat in situ (utilitzant una clau mestra simple) només si és la unitat ón està instal·lat el Windows i des d'on arrenca.\n\nSi vol xifrar aquesta partició (no de sistema) utilitzant una clau mestra simple, haurà d'eliminar totes les particions del dispositiu. També pot xifrar cada partició dins el dispositiu individualment (cada partició utilitzarà una clau mestra diferent).\n\nNota: si vol eliminar totes les particions d'un disc GPT, l'haurà de convertir primer en un disc MBR per a poder eliminar les particions ocultes. + ATENCIÓ: Si xifra el dispositiu sencer (en comptes de xifrar-ne només una partició), els sistemes operatius consideraran que el dispositiu és nou, buit o que no té format (ja que no tindrà taula de particions) i poden inicialitzar espontàneament el dispositiu (o preguntar si ho han de fer), cosa que pot malmetre el volum. D'altre banda, no serà possible muntar de manera consistent el volum com a favorit (per exemple, quan canvii el número de dispositius) o assignar-hi una etiqueta de volum favorit.\n\nPer evitar això hauria de considerar crear una partició al dispositiu i xifrar la partició en comptes del dispositiu sencer.\n\nSegur que vol xifrar el dispositiu sencer? + IMPORTANT: Tingui en compte que aquest volum no és accessible/muntable utilitzant la lletra d'unitat %c, que té actualment assignada!\n\nPer muntar aquest volum, favi clic a 'Muntar dispositius' a la pantalla principal del VeraCrypt. El volum es pot muntar a una lletra d'unitat diferent de la que seleccionat de la llista de lletres d'unitat.\n\nLa lletra original %c: pot utilitzar-se només en cas de necessitar treure el xifrat de la partició/unitat. En aquest cas, faci clic amb el botó dret a la lletra d'unitat %c: a 'El Meu Ordinador' i seleccioni 'Donar format'. D'altre manera la lletra d'unitat %c: no es podrà utilitzar mai (a no ser que l'esborri com es descriu, per exemple, a les preguntes més freqüents del VeraCrypt i l'assigni a una altre partició/unitat). + No és possible Xifrar volums in situ amb aquesta versió del sistema operatiu (només funciona amb Windows Vista o versions posteriors).\n\nLa raó és que aquesta versió de Windows no permet la reducció d'un sistema de fitxers (és necessàris reduïr el sistema de fitxers per encabir-hi la capçalera i la còpia de seguretat de la capçalera). + No sembla que la partició seleccionada tingui un format NTFS. Només les particions que continguin un sistema de fitxers NTFS es poden xifrar in situ.\n\nNota: La raó és que aquesta versió de Windows no permet la reducció d'altres tipus de sistemes de fitxers (és necessàris reduïr el sistema de fitxers per encabir-hi la capçalera i la còpia de seguretat de la capçalera). + No sembla que la partició seleccionada tingui un format NTFS. Només les particions que continguin un sistema de fitxers NTFS es poden xifrar in situ.\n\nSi vol crear un volum xifrat dins d'aquesta partició, esculli la opció "Crear un volum xifrat i formatar-lo" (en comptes de l'opció "Xifrar la partició in situ"). + Error: La partició és massa petita. El VeraCrypt no la pot xifrar al in situ. + Per xifrar les dades d'aquesta partició, si us plau segueixi aquests passos:\n\n1) Crear un volum VeraCrypt a una partició/unitat que estigui buida i muntar-lo.\n\n2) Copiar tots els fitxers des de la partició que es vol xifrar cap al nou volum muntat. En aquest punt, s'ha creat una còpia de seguretat xifrada de les dades.\n\n3) Crear un volum xifrat a la partició que es volia xifrar originalment i assegurar-se que (a l'assistent de creació de volums) s'escull l'opció 'Crear un volum xifrat i donar-li format' (en comptes de ('Xifrar una partició in situ'). Recordi que totes les dades que hi haguessin a la partició s'esborraran. Després de crear el volum, s'ha de mnutar.\n\n4) Copiar tots els fitxers des de volum creat al pas 1 al nou volum creat al pas 3.\n\nDesprés de completar aquests passos les dades estaran xifrades i, a més, en tindrà una copia de seguretat xifrada. + El VeraCrypt només pot xifrar in situ una partició, un volum dinàmic o una unitat de sistema sencera.\n\nSi vol crear un volum xifrat a dins d'aquest dispositiu, esculli l'opció 'Crear un volum xifrat i formatar-lo' (en comptes de l'opció 'Xifrar la partició in situ'). + Error: El VeraCrypt només pot xifrar in situ una partició, un volum dinàmic o una unitat de sistema sencera.\n\n Si us plau, asseguri's que la ruta especificada és vàlida. + Error: no s'ha pogut reduïr el sistema de fitxers (és necessàris reduïr el sistema de fitxers per encabir-hi la capçalera i la còpia de seguretat de la capçalera).\n\nPossibles causes i solucions:\n\n- No hi ha prou espai al volum. Si us plau, asseguri's que no hi ha cap altre aplicació escrivint al sistema de fitxers.\n\n- Sistema de fitxers corrupte. Intenti comprovar i reparar els errors (clic dret a la lletra d'unitat corresponent a la llista dins 'El meu ordinador', seleccionar 'Propietats' > 'Eines' > 'Comprovar ara'. Asseguri's que l'opció 'Reparar automàticament els errors del sistema de fitxers' està activada.\n\nSi aquests passos no arreglen el problema, si us plau segueixi els passos següents. + Error: No hi ha prou espai al volum i el sistema de fitxers no es pot reduïr (és necessàris reduïr el sistema de fitxers per encabir-hi la capçalera i la còpia de seguretat de la capçalera)\n\nSi us plau, esborri qualsevol fitxer redundant i buidi la paperera de reciclatge per deixar lliure almenys 256 KB d'espai i torni-ho a provar. Tingui en compte que degut a un problema del Windows, la quantitat d'espai lliure de la que informa l'explorador de Windows pot ser incorrecte fins que es reinicii el sistema. Si després de reiniciar el sistema el problema no s'ha solucionat, pot ser que el sistema de fitxers estigui corrupte. Intenti comprovar i reparar els errors (clic dret a la lletra d'unitat corresponent a la llista dins 'El meu ordinador', seleccionar 'Propietats' > 'Eines' > 'Comprovar ara'. Asseguri's que l'opció 'Reparar automàticament els errors del sistema de fitxers' està activada.\n\nSi aquests passos no arreglen el problema, si us plau segueixi els passos següents. + La unitat %s té %.2f bytes lliures. + La unitat %s té %.2f KB lliures. + La unitat %s té %.2f MB lliures. + La unitat %s té %.2f GB lliures. + La unitat %s té %.2f TB lliures. + La unitat %s té %.2f PB lliures. + No s'han pogut obtenir les lletres d'unitat disponibles. + Error: No s'ha pogut trobar el controlador VeraCrypt.\n\nSi us plau, copii els fitxers 'veracrypt.sys' i 'truecrypy-x64.sys' al directori on es trobi l'executable del VeraCrypt (VeraCrypt.exe). + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Error: No s'ha pogut inicialitzar el xifrat. + Error: S'ha detectat una clau vulnerable o potencialment vulnerable. La clau s'ha descartat. Si us plau, torni-ho a provar. + S'ha produït un error crític i el VeraCrypt s'ha de tancar. Si això s'ha degut a un error en el VeraCrypt, ens agradaria arreglar-lo. Per ajudar-nos, pot enviar un informe de l'error generat automàticament que conté la següent informació:\n\n- Versió del programa\n- Versió del sistema operatiu\n- Tipus de CPU\n- Nom del component VeraCrypt\n- Suma de verificació de l'executable\n- El nom simbòlic de la finestra de diàleg.\n- Direcció de l'error\n- Estat de la pila del VeraCrypt.\n\nSi fa clic a 'Si', la següent URL (que conté l'informe complet) s'obirarà al seu navegador per defecte.\n\n%hs\n\nVol enviar-nos aquest informa d'error? + S'ha produït un error crític i el VeraCrypt s'ha de tancar.\n\nAquest error no ha estat causat pel VeraCrypt (i per tant els desenvolupadors del programa no el poden arreglar). Si us plau, comprovi el seu sistema per detectar possibles errors (la configuració del sistema, la connexió de xarxa, components de maquinari que fallin, etc.). + S'ha produït un error crític i el VeraCrypt s'ha de tancar.\n\nSi aquest problema persisteix, potser vol deshabilitat o desinstal·lar algunes aplicacions que puguin estar-lo causant, com ara un antivirus o un programa de seguretat, programes d'optimització del sistema, etc. Si això no soluciona el problema, és bona idea reinstal·lar el sistema operatiu (aquest problema pot ser causat per programes de malware). + Error crític del VeraCrypt + El VeraCrypt ha detectat que el sistema operatiu ha fallat recentment. Hi ha moltes raons potencials per les quals el sistema pot haver fallat (un component que falli, un error en un controlador de dispositiu, etc.)\n\nVol que el VeraCrypt comprovi si la fallada la pot haver causat un error al VeraCrypt? + Vol que el VeraCrypt segueixi detectant les fallades del sistema? + No s'ha trobat cap fitxer minidump de fallada del sistema. + Do you want to delete the Windows crash dump file to free up disk space? + Per tal d'analitzar la fallada del sistema, el VeraCrypt necessita instal·lar abans les eines de depuració per Windows de Microsoft.\n\nDesprés de fer clic a 'OK', l'instal·lador de windows descarregarà el paquet de les eines de depuració de windows (16 MB) des d'un servidor de Microsoft i les instal·larà (l'instal·lador de Windows arribarà la URL del servidor de Microsoft a través del servidor treucrypt.org, la qual cosa permet que això funcioni encara que Microsoft canvii l'ubicació del paquet d'instal·lació). + Després de fer clic a 'OK', el VeraCrypt analitzarà la fallda del sistema. Això pot trigar diversos minuts. + Si us plau, asseguri's que la variable d'entorn 'PATH' inclou la ruta cap a 'kd.exe' (Kernel Debugger). + Sembla que el VeraCrypt no ha causat la fallada del sistema. Hi ha moltes raons potencials per les quals el sistema pot haver fallat (un component que falli, un error en un controlador de dispositiu, etc.) + Els resultats de l'anàlisi indiquen que actualitzar el següent controlador solucionaria el problema: + Per ajudar-nos a determinar si hi ha un error al VeraCrypt, pot enviar un informe de l'error generat automàticament que conté la següent informació:\n\n- Versió del programa\n- Versió del sistema operatiu\n- Tipus de CPU- Tipus l'error\n-Nom i versió del controlador\n- Estat de la pila del sistema.\n\nSi fa clic a 'Si', la següent URL (que conté l'informe complet) s'obirarà al seu navegador per defecte.\n\nVol enviar-nos aquest informa d'error? + Vol enviar-nos l'informe de l'error? + &Xifrar + &Desxifrar + Desxifrar de manera &permanent + Sortir + Si us plau, creï una unitat lògica per aquesta partició extesa i torni-ho a provar. + Un volum VeraCrypt pot allotjar-se en un fitxer (anomenat contenidor VeraCrypt), que pot estar a un disc dur, a un llàpis de memòria, etc. Un contenidor és com un fitxer normal (per exemple, es pot moure o esborrar com qualsevol fitxer). Faci clic a 'Triar fitxer' per triar el nom del contenidor i seleccionar la ubicació on es crearà.\n\nATENCIÓ: Si selecciona un fitxer existent, el VeraCrypt NO el xifrarà; el fitxer s'esborrarà i serà substituït per un contenidor nou. Vostè podrà xifrar un fitxer existent (després) movent-lo al contenidor VeraCrypt que es crearà ara. + Seleccioni l'ubicació ón es crearà el volum exterior (a dins del qual es crearà després el volum ocult).\n\nUn volum VeraCrypt pot ubicar-se dins un fitxer (anomenat contenidor VeraCrypt), que pot estar dins d'un disc dur, en un llàpis òptic, etc. Un contenidor VeraCrypt es pot moure o eliminar com un fitxer normal. Faci clic a 'Triar fitxer' per triar el nom del contenidor i seleccionar la ubicació on es crearà. Si selecciona un fitxer existent, el VeraCrypt NO el xifrarà; el fitxer s'esborrarà i serà substituït per un contenidor nou. Vostè podrà xifrar un fitxer existent (després) movent-lo al contenidor VeraCrypt que es crearà ara. + Els volums de dispositiu es poden crear a particions o discos durs, unitats d'estat sòlid, llàpis de memòria i d'altres dispositius d'emmagatzematge suportats. Les particions també es poden xifrar in situ.\n\nA més, els volums de dispositiu xifrats es poden crear a dins de dispositius que no continguin particions (incloent discos durs i unitats d'estat sòlid)\n\nNota:Un dispositiu que contingui particions pot ser xifrat completament in situ (utilitzant una clau simple) només si és a unitat on hi ha instal·lat el windows i és des de la que arranca. + Els volums de dispositiu es poden crear a particions o discos durs, unitats d'estat sòlid, llàpis de memòria i d'altres dispositius d'emmagatzematge suportats.\n\nATENCIÓ: Tingui en compte que es donarà format a la partició/unitat i totes les dades que hi hagi es perdran. + \nseleccioni l'ubicació ón es crearà el volum exterior (a dins del qual es crearà després el volum ocult).\n\nEls volums exteriors es poden crear a particions o discos durs, unitats d'estat sòlid, llàpis de memòria i d'altres dispositius d'emmagatzematge suportats. A més, els volums exteriors xifrats es poden crear a dins de dispositius que no continguin particions (incloent discos durs i unitats d'estat sòlid)\n\nATENCIÓ: Tingui en compte que es donarà format a la partició/unitat i totes les dades que hi hagi es perdran. + \nSeleccioni la ubicació del volum VeraCrypt ón es crearà el volum ocult. + ATENCIÓ: Aquest fitxer o unitat s'està utilitzant actualment!\n\nNo fer cas d'això pot provocar resultats indesitjats incloent la inestabilitat del sistema. Totes les aplicacions que estiguin utilitzant aquest fitxer o unitat (per exemple, un antivirus o una aplicació de còpia de seguretat) s'haurien de tancar abans de muntar el volum\n\nVol muntar el volum ara? + Error: No s'ha pogut muntar el volum. El fitxer/dispositiu ja s'està utilitzant. També ha fallat l'intent de muntar-lo sense accés exclusiu. + No s'ha pogut obrir el fitxer. + Ubicació del volum + Fitxers grans + Voldrà guardar fitxers més grans de 4 GB en aquest volum? + Tenint en compte les decisions anterior, el VeraCrypt seleccionarà un sistema de fitxers per defecte adecuat per al volum VeraCrypt (podrà seleccionar un sistema de fitxers al pas següent). + Ja que està creant un volum exterior, hauria de considerar fer clic a 'No'. Si fa clic a 'Si', el sistema d'arxius per defecte serà NTFS, que no és tan adecuat pels volums exteriors com FAT (per exemple, l'espai disponible pel volum ocult serà significativament més gran si el volum exterior té un format FAT). Normalment, FAT és el sistema d'arxius per defecte tant pels volums normals com pels ocults (ja que els volums FAT no son sospitosos). No obstant això, si es té l'intenció de guardar fitxers més grans de 4 GB (que el sistema de fitxers FAT no permet), FAT no pot ser el sistema d'arxius per defecte. + Segur que vol escollir 'Si'? + Mode de creació del volum + Aquest és el camí més ràpid per crear un volum de partició o de volum (el xifrat in situ, l'altre opció, és més lenta ja que cada sector s'ha de llegir, xifrar i després escriure; es sobreescriu amb dades aleatòries). Si vol xifrar les dades existents en una partició, seleccioni l'altre opció. + Es xifraran la partició seleccionada i totes les dades que contingui. Si la partició està buida, hauria de triar l'opció anterior (el volum es crearà molt més ràpid). + Nota: + &Reprendre + &Ajornar + &Començar + C&ontiuar + &Formatar + &Netejar + Aturar el procés de formateig? + Més informació + No ho tornis a mostrar + S'ha esborrat el contingut de la partició/unitat amb èxit. + El contingut de la partició ón hi havia el sistema original (que s'ha copiat al sistema ocult) s'ha esborrat amb èxit. + Si us plau, asseguri's que la versió del Windows que instal·larà (a la partició neta) és la mateixa versió del Windows que s'utilitza actualment. Això és necessari degut a que tots dos sistemes compartiran una partició d'arranc comuna. + La partició/unitat de sistema s'ha desxifrat amb èxit.\n\nNota: Si hi ha volums que no són aquest que és necessari muntar cada vegada que s'inicii el Windows, pot configurar-ho muntant-los tots i seleccionant 'Favorits' > 'Afegir als volums favorits del sistema'. + La partició/unitat de sistema s'ha desxifrat amb èxit. + \n\nS'ha creat el volum i ja es pot utilitzar. Si vol crear un altre volum, faci clic a 'Següent'. Si no, faci clic a 'Sortir'. + \n\nEl volum ocult s'ha creat amb èxit (el sistema operatiu ocult residirà dins aquest volum ocult).\n\nFaci clic a 'Següent' per continuar. + Volum completament xifrat + Volume Fully Decrypted + IMPORTANT: PER MUNTAR AQUEST VOLUM ACABAT DE CREAR I ACCEDIR A LES DADES QUE CONTÉ, FACI CLIC A '' A LA FINESTRA PRINCIPAL DEL VERACRYPT. Després d'introduïr la contrassenya correcte (i/o proporcionar els fitxers de claus correctes) el volum es muntarà a la lletra d'unitat que s'hagi seleccionat de la llista de la finestra principal del VeraCrypt (i serà possible accedir a les dades xifrades a través de la lletra d'unitat).\n\nSI US PLAU, RECORDI O ANOTI AQUESTS PASSOS. HAURÀ DE SEGUIR-LOS CADA COP QUE VULGUI MUNTAR EL VOLUM O ACCEDIR A LES DADES QUE CONTÉ. D'altra banda, també pot accedir a 'Triar dispositiu' des de la finestra principal del programa i després seleccionar la partició/volum i fer clic a 'Muntar'.\n\nLa partició/unitat s'ha xifrat amb èxit (ara conté un volum VeraCrypt completament xifrat) i està a punt per utilitzar-se. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + S'ha creat el volum VeraCrypt amb èxit. + S'ha creat el volum + IMPORTANT: Mogui el seu ratolí tant aleatòriament com pugui en aquesta finestra. Com més el mogui, millor. Això incrementarà significativament la força de les claus de xifrat. Després faci clic a Formatar per continuar. + Faci clic a 'Formatar' per crear el volum exterior. Per a més informació, vegeu la documetnació. + ´Format del volum exterior + Format del volum ocult + Format del volum + Es necessita l'Adobe Reader (o una eina compatible) per a poder veure o imprimir la guia d'usuari del VeraCrypt. Es pot descarregar l'Adobe Reader (freeware) des de: www.adobe.com\n\nVol veure el document en línia en comptes d'això? + Si selecciona aquesta opció, l'assistent l'ajudarà a crear un volum VeraCrypt normal i després un volum ocult a dins d'aquest. És la opció recomanada pels usuaris sense experiència. + Si selecciona aquesta opció, es crearà un nou volum ocult a dins d'un volum VeraCrypt existent. S'assumeix que ja s'ha creat un volum VeraCrypt capaç d'allotjar el volum ocult. + Mètode de creació del volum + Volum ocult creat + S'ha creat el volum ocult i ja es pot utilitzar. Si s'han seguit totes les instruccions i s'han pres les precaucions i requeriments que es llisten a la secció 'Requeriments de seguretat i precaucions per als volums ocults' de la guia d'usuari del VeraCrypt, no hauria de ser possible demostrar que el volum ocult existeix, encara que es monti el volum exterior.\n\nATENCIÓ: SI NO PROTEGEIX EL VOLUM OCULT (PER TROBAR INFORMACIÓ SOBRE AIXÒ, CONSULTI LA SECCIÓ 'PROTECCIÓ DELS VOLUMS OCULTS' A LA GUIA D'USUARI DEL VERACRYPT), NO ESCRIGUI AL VOLUM EXTERIOR. SI HO FA, PODRIA MALMETRE EL VOLUM OCULT! + Ha iniciat el sistema operatiu ocult. Com haurà notat, el sistema operatiu iocult sembla instal·lat a la mateixa partició que el sistema operatiu original. No obstant, en realitat, està instal·lat en una partició a dins seu (al volum ocult). Totes les operacions de lectura i escriptura seran redirigides de forma transparent des de la partició de sistema original cap al volum ocult.\n\nNi el sistema operatiu ni les aplicacións saben que les dades que s'escriuen i es llegeixen de la partició de sistema s'estan llegint i escrivint des de la partició que hi ha a dins (el volum ocult). Totes les dades són xifrades i desxifrades al vol com és habitual (amb una clau de xifrat diferent de la que s'utilitza al sistema operatiu esquer).\n\nSi us plau, faci clic a 'Següent' per continuar. + S'ha creat el volum exterior i muntat a la unitat %hc:. Ara ha de de copiar alguns fitxers que semblin confidencials i que NO vulgui amagar en aquest volum exterior. Seran allà per qualsevol que l'obligui a revelar la contrasenya de la primera partició després de la partició de sisetma, on hi ha el volum exterior i l'ocult (que conté el sistema operatiu ocult). Podrà revelar la contrasenya del volum exterior i l'existència del volum ocult (i el sistema operatiu ocult) es mantindran en secret.\n\nIMPORTANT: Els fitxers que copii al volum exterior no poden ocupar més de %s. Si no és així, no hi haurà prou espai lliure al volum exterior pel volum ocult (i no serà possible continuar). Quan acabi de copiar els fitxers, faci clic a 'Següent' (no desmunti el volum). + El volum exterior s'ha creat amb èxit i s'ha muntat a la unitat %hc:. Ara hauria de copiar alguns fitxers que semblin confidencials i que NO vulgui amagar cap aquest volum exterior, no a l'ocult. Els fitxers que vulgui mantenir segurs els ha de guardar al volum ocult, que es crearà després Quan acabi de copiar, faci clic a 'Següent'. No desmunti el volum.\n\nNota: Després de fer clic a 'Següent, s'escannejarà el mapa de bits del clúster per determinar la mida d'espai lliure ininterromput més gran el final de la qual estigui alineada amb el final del volum. Aquesta àrea allotjarà el volum ocult. Per tant, limitarà la seva mida màxima. L'escanneig del mapa de bits del clúster assegura que no se sobreescriguin dades del volum ocult des del volum exterior. + Contingut del volum ocult + \n\nAls següents passos s'especificaran les opcions pel volum exterion (que contindrà el volum ocult que es crearà després). + \n\nAls propers passos es crearà l'anomenat volum exterior a la primera partició després de la partició de sistema (com s'ha explicat als passos anteriors). + Volum exterior + Als passos següents, configurarà les opcions i contrasenyes pel volum ocult, que contindrà el sistema operatiu ocult.\n\nObservació: El mapa de bits del clúster ha estat escannejat per determinar la mida màxima del volum ocult, que s'ha determinat i confirmat que és més gran que la partició de sistema (cosa que ha de passar, ja que el contingut sencer de la partició de sistema s'ha de copiar al volum ocult). Això assegura que no se sobreescriguin dades del volum ocult des del volum exterior. + IMPORTANT: Si us plau, recordi l'algorisme que ha seleccionat en aquest pas. Haurà de seleccionar el mateix algorisme pel sistema esquer. Si no és així, no es podrà accedir al sistema ocult! (El sistema esquer s'ha de xifrar amb el mateix algorisme de xifrat que el sistema ocult.) \n\nNota: La raó d'això és que el sistema esquer i el sistema ocult comprartiran el gestor d'arranc, que suporta l'ús de només un algorisme, seleccionat per l'usuari (hi ha una versió especial del gestor d'arranc VeraCrypt per a cada algorisme). + \n\nS'ha escannejat i s'ha determinat la mida màxima del volum ocult. Als següents passos podrà configurar les opcions, la mida i la contrasenya del volum ocult. + Volum ocult + Ara el volum ocult està protegit contra danys fins que es desmunti el volum exterior.\n\nATENCIÓ: Si s'intenta escriure dades a l'area del volum ocult, el VeraCrypt engegarà la protecció contra escriptura a tot el volum (tant la part exterior com l'oculta) fins que es desmunti. Això pot ocasionar la corrupció del sistema de fitxers del volum exterior, la qual cosa (si es va repetint) pot afectar negativament la visibilitat del volum ocult. Per tant, hauria de fer tot el possible per evitar escriure a l'area del volum ocult. Totes les dades escrites a l'area del volum ocult no es gravaran i es perdran. El Windows pot identificar això com un error d'escriptura ("Delayed Write Failed" o "The parameter is incorrect"). + Ara tots els volums ocults dels volums acabats de muntar està protegit contra danys fins que es desmunti.\n\nATENCIÓ: Si s'intenta escriure dades a l'area del volum ocult de qualsevol d'aquests volums , el VeraCrypt engegarà la protecció contra escriptura a tot el volum (tant la part exterior com l'oculta) fins que es desmunti. Això pot ocasionar la corrupció del sistema de fitxers del volum exterior, la qual cosa (si es va repetint) pot afectar negativament la visibilitat del volum ocult. Per tant, hauria de fer tot el possible per evitar escriure a l'area del volum ocult. Totes les dades escrites a l'area del volum ocult no es gravaran i es perdran. El Windows pot identificar això com un error d'escriptura ("Delayed Write Failed" o "The parameter is incorrect"). + ATENCIÓ: S'ha intentat gravar dades a l'àrea del volum ocult del volum muntat com a %c:! El VeraCrypt ha evitat que es gravin aquestes dades per protegir el volum ocult. Això podria causar corrupció del sistema de fitxers al volum ocult i el Windows podria reportar un error d'escriptura. El volum sencer (tant la part exterior com la oculta) es protegiran contra escriptura fins que es desmuntin. Si aquesta no és la primera vegada que el VeraCrypt evita que es gravin dades a l'àrea del volum ocult d'aquest volum, la veracitat d'aquest volum es pot veure afectada (degut a les inconsistències inusuals del sistema de fitxers del volum exterior). Per tant, hauria de considerar crear un nou volum (sense el format ràpid) i moure els fitxers des d'aquest volum cap al nou; Aquest volum s'haurà de borrar de manera segura (tant la part exterior com la oculta). És molt recomanable reiniciar el sistema ara. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + Per motius de seguretat, quan s'està executant un sistema operatiu ocult els volums ocults només es poden crear en mode directe (ja que els volums exteriors sempre es munten en mode de només lectura). Per crear un volum ocult de manera segura, segueixi aquests passos:\n\nEngegar el sistema esquer\n\n2) Crear un volum VeraCrypt normal i, en aquest volum, copiar-hi alguns fitxers que semblin confidencials i que NO vulgui amagar (el volum serà l'exterior).\n\n3)Arrancar el sistema ocult i engegar l'assistent de creació de volum. Si el volum és sobre un fitxer, moure'l a la partició de sistema d'un altre volum ocult (d'altre manera, el nou volum es muntaria en mode només lectura i no se li podria donar format). Segueir les instruccions de l'assistent per a seleccionar el mode directe de creació de volums ocults.\n\n4) A l'assistent, seleccionar el volum creat al pas 2 i després seguir les instruccions per crear-hi un volum ocult a dins + Per motius de seguretat, quan s'està executant un sistema operatiu ocult els sistemes de fitxers locals no xifrats i els volums visibles del VeraCrypt es munten en mode de només lectura (no s'hi poden escriure dades).\n\nEs poden escriure dades a qualsevol sistema de fitxers que estigui dins d'un volum ocult (sempre que el volum ocult no estigui ubicat en un contenidor guardat dins d'un sistema de fitxers no xifrat o en algun altre sistema de fitxers de només lectura). + Hi ha tres motius principals per implementar aquestes mesures de seguretat\n\n- Permeten la creació d'una plataforma segura per mutnar volums ocults. Tingui en compte que recomanem oficialment que els volums ocults només es muntin quan s'està executant un sistema operatiu ocult (Per a més informació, vegi la subsecció 'Requisits de seguretat i precaucions dels volums ocults' a la documentació).\n\n- En alguns casos, és possible d'assegurar que, en un moment determinat un sistema de fitxers en concret no s'ha muntat sota una instància concreta d'un sistema operatiu (analitzant i comparant els diaris del sistema de fitxers, les dates de modificació dels fitxers, registres, etc.). Això pot indicar que hi ha un sistema operatiu ocult instal·lat al sistema. \n\n- Preveuen la corrupció de dades i permeten la hibernació segura. Quan el windows s'engega després d'una hibernació, assumeix que tots els sistemes de fitxers muntats estan en el mateix estat que quan es va entrar en hibernació. El VeraCrypt assegura això donant protecció sobre escriptura tant als sistemes esquer com als ocults. Sense aquesta protecció, els sistemes de fitxers es podrien corrompre quan es muntessin en un sistema mentre l'altre està hibernat. + Nota: Si necessita transferir fitxers de manera segura des del sistema esquer cap al sistema ocult, segueixi aquests passos:\n1) Engegui el sistema esquer.\n2) Guardi els fitxers en un volum no xifrat o a un volum de VeraCrypt extern/normal.\n3) Engegi el sistema ocult.\n4) Si ha guardat els fitxers en un volum VeraCrypt, munti'l (es muntarà automàticament en mode només lectura).\n5) Copii els fitxers cap a la partició del sistema ocult o cap a un altre volum ocult. + És necessari reiniciar l'ordinador.\n\nVol fer-ho ara? + S'ha produït un error quan s'intentava obtenir l'estat de xifratge del sistema. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + No s'han pogut inicialitzar els components de l'aplicació per xifrar el sistema. + No s'ha pogut inicialitzar el generador de números aleatòris! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + No es pot inicialitzar l'aplicació. No es pot registrar la classe Dialog. + Error: no s'ha pogut carregar la biblioteca d'edició enriquida del sistema. + Assistent de creació de volums + El màxim que pot ocupar aquest volum és %.2f bytes. + El màxim que pot ocupar aquest volum és %.2f KB. + El màxim que pot ocupar aquest volum és %.2f MB. + El màxim que pot ocupar aquest volum és %.2f GB. + El màxim que pot ocupar aquest volum és %.2f TB. + Les contrasenyes/fitxers de claus no es poden canviar amb el volum muntat. Si us plau, desmunti el volum abans. + L'algorisme de derivació de la clau de capçalera no es pot canviar mentre el volum estigui muntat. Si us plau, desmunti primer el volum. + &Muntar + És necessària una versió més nova del VeraCrypt per muntar aquest volum. + Error: No es troba l'assistent de creació de volums.\n\nSi us plau, asseguri's que el fitxer 'VeraCrypt Format.exe' és al directori des d'ón s'ha executat el 'VeraCrypt.exe'. Si no hi és, si us plau reinstal·li el TrueCrpyt o localitzi el fitxer 'VeraCrypt Format.exe' al seu disc i executi'l. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Següent > + &Acabar + &Instal·lar + E&xtreure + No s'ha pogut connectar amb el controlador de dispositius del VeraCrypt. El VeraCrypt no pot funcionar sense el controlador de dispositius.\n\nTingui en compte que, degut a un problema del Windows, pot ser necessari tancar la sessió o reiniciar el sistema perquè es pugui carregar el controlador de dispositius. + S'ha produït un error quan es carregaven/preparaven les fonts. + No s'ha trobat la lletra d'unitat especificada o bé no se n'ha especificat cap. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Lletra d'unitat no disponible. + No s'ha seleccionat cap fitxer! + No hi ha lletres d'unitat disponibles. + No hi ha lletres d'unitat lliures pel volum extern! La creacío del volum no pot continuar. + No s'ha pogut determinar la versió del seu sistema operatiu o bé està utiltizant un sistema operatiu no suportat. + No hi ha cap ruta! + No hi ha prou espai pel volum ocult! La creacío del volum no pot continuar. + Error: Els fitxers que s'han copiat al volum extern ocupen massa espai. Per tant, no hi ha prou espai al volum exterior pel volum ocult\n\nTingui en compte que el sistema ocult ha de ser tant gran com la partició de sistema (la partició on hi ha instal·lat el sistema operatiu que s'executa actualment). La raó d'això és que el sistema operatiu ocult necessita crear-se copiant el contingut de la partició de sistema al volum ocult.\n\n\nNo es pot segir amb el procés de creació del sistema operatiu ocult. + El controlador no pot desmuntar el volum. Probablement alguns fitxers dins el volum estan oberts. + No s'ha pogut bloquejar el volum. Hi ha fitxers oberts dins el volum. Per tant, no es pot desmuntar. + El VeraCrypt no ha pogut bloquejar el volum ja que el sistema o alguna aplicació l'està utilitzant (poden haver-hi fitxers oberts).\n\nVol forçar el desmuntatge del volum? + Seleccioni el volum VeraCrypt + Ubicació i nom del fitxer + Seleccioni la bilioteca PKCS #11 + Sense memòria + IMPORTANT: És molt recomanable per als usuaris sense experiència crear un contenidor de fitxers Veracrypt dins el disc/partició seleccionat en compte de xifrar el disc/partició sencer.\n\nQuan es crea un contenidor de fitxers (al contrari que quan es xifra un disc o una partició) no hi ha, per exemple, risc de destruïr un gran número de fitxers. Per a més informació, consulti el capítol 'Tutorial per a principiants' a la guia d'usuari de TrueCrtpy.\n\nEstà segur que vol xifrar el disc/partició sencer? + ATENCIÓ: El fitxer '%s' ja existeix!\n\nIMPORTANT: EL VERACRYPT NO XIFRARÀ EL FITXER, L'ESBORRARÀ. Està segur que vol esborrar el fitxer i substituïr-lo per un nou contenidor VeraCrypt? + ATENCIÓ: TOTS ELS FITXERS QUE HI HAGI A (%s) '%s'%s S'ESBORRARAN (NO ES XIFRARAN)!\n\nSegur que vol seguir amb el formateig? + ATENCIÓ: No serà posible muntar ni accedir a cap fitxer del volum mentre no estigui xifrat completament.\n\nSegur que vol xifrar (%s) '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + ATENCIÓ: Tingui en compte que si el subministrament d'energia s'interromp o si el sistema operatiu falla degut a un error mentre s'està xifrat les dades in situ, algunes parts de les dades es corrompran o perdran. Per tant, abans de començar a xifrar, asseguri's que té còpies de seguretat dels fitxers que vol xifrar. Té una còpia de seguretat? + PRECAUCIÓ: TOTS ELS FITXERS EMMAGATZEMATS DINS DE LA PARTICIÓ '%s'%s (LA PRIMERA DESPRÉS DE LA PARTICIÓ DE SISTEMA) S'ESBORRARAN I ES PERDRAN (NO ES XIFRARAN)\n\nVol continuar donant format a la partició? + ATENCIÓ: LA PARTICIÓ SELECCIONADA CONTÉ MOLTES DADES! Es perdran tots els fitxers dins la partició (NO es xifraran)! + Esborrar tots els fitxers guardats a la partició creant-hi un volum a dins + Contrasenya + PIM + Establir l'algorisme de derivació de la clau de la capçalera + Afegir/Eliminar fitxers de claus a/d'un volum + Eliminar tots els fitxers de claus d'un volum + La contrasenya, PIM i/o els fitxers de claus s'han canviat amb èxit.\n\nIMPORTANT: Si us plau, assegureu-vos d'haver llegit 'Canviar contrasenyes i fitxers de claus' al capítol 'Requisits de seguretat i precaucions' de la guia d'usuari del VeraCrypt. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: Si no ha destruït el disc de recuperació del VeraCrypt, la seva partició/unitat de sistema es podrà desxifrar utilitzant la contrasenya antiga (introduïnt el disc de ercuperació antic i la contrasenya antiga). Hauria de crear un nou disc de recuperació i destruïr l'antic.\n\nVol crear un nou disc de recuperació? + Tingui en compte que el seu disc de recuperació encara utilitza l'algorisme anterior. Si considera que l'algorisme anterior és insegur, hauria de crear un nou disc de recuperació i destruïr l'antic.\n\nVol crear un nou disc de recuperació? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + S'han afegit/eliminat el(s) fitxer(s) de claus. + S'ha exportat el fitxer de claus. + S'ha establert l'algorisme de derivació de la clau de capçalera. + Si us plau, introdueixi la contrasenya i/o el(s) fitxer(s) de claus pel volum del que vol continuar el procés de xifrat in-situ.\n\nObservació: Quan faci clic a 'Següent' el VeraCrypt provarà de buscar tots els volums que no siguin de sistema que hagin interromput el procés de xifrat i que es puguin desxifrar amb les dades proporcionades. Si hi ha més d'un volum que cumpleix aquests requisits haurà de seleccionar-ne un al següent pas. + Si us plau, seleccioni un volum de la llista. La llista conté tots els volums accessibles que han interromput el procés de xifrat i capçalera dels quals pot ser desxifrada utilitzant la contrasenya i/o els fitxers de claus que s'han proporcionat. + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + És molt important triar una bona contrasenya. Hauria d'evitat escollir-ne una que només contingui una paraula que es pot trobar a un diccionari (o una combinació de 2, 3 o 4 d'aquestes paraules). No hauria de contenir noms o dates de naixement. Ha de ser dificil d'endevinar. Una bona contrasenya és una combinació aleatòria de lletres majúscules i minúscules, números i caràcters especials, com ara @, ^, =, $, *, +, etc. Recomenem escollir una contrasenya de més de 20 caràcters (com més llarga, millor). La mida màxima de la contrasenya és de 64 caràcters. + Esculli la contrasenya del volum ocult. + Esculli la contrasenya del sistema operatiu ocult (o sigui, pel volum ocult). + IMPORTANT: La contrasenya triada pel sistema operatiu ocult en aquest punt ha de ser substancialment diferent de les altres dues contrasenyes (la contrasenya del volum exterior i la del sistema operatiu esquer). + Si us plau, introdueixi la contrasenya del volum ón vol crear el nou volum ocult.\n\nDesprés de fer clic a 'Següent', el VeraCrypt intentarà muntar el volum. Tan aviat com el volum estigui muntat, s'escannejarà per determinar la mida de l'area ininterrompuda d'espai lliure (si hi és) el final de la qual s'alinii amb el final del volum. Aquesta àrea allotjarà el volum ocult i per tant delimitarà la seva mida màxima. Aquest escanneig és necessari per assegurar que no se sobreescriguin dades del volum ocult des del volum exterior. + \nEsculli la contrassenya del volum exterior. Aquesta és la contrasenya que podria revelar quan se li pregunti o el forcin a fer-ho.\n\nIMPORTANT: La contrasenya hauria de ser substancialment diferent de la que es trii pel volum ocult.\n\nNota: La contrasenya pot tenir fins a 64 caràcters. + Esculli la contrassenya del volum exterior. Aquesta és la contrasenya que podrà rebelar si algú el força a dir la contrasenya de la primera partició després de la partició de sistema, ón hi ha tant el volum exterior com l'ocult (que conté el sistema operatiu ocult). L'existència del volum ocult romandrà en secret. Aquesta contrasenya no és pel sistema operatiu esquer.\n\nIMPORANT: Aquesta contrasenya ha de ser significativament diferent de la que esculli pel volum ocult. + Contrasenya del volum exterior + Contrasenya del volum ocult + Contrasenya del sistema operatiu ocult + ATENCIÓ: Les contrasenyes curtes són fàcils de trencar fent servir tècniques de força bruta!\n\nRecomanem escollir una contrasenya de més de 20 caràcters. Està segur que vol fer servir una contrassenya curta? + Contrasenya del volum + El(s) fitxer(s) de claus i/o la contrassenya són incorrectes, o no és un volum VeraCrypt. + El(s) fitxer(s) de claus i/o la contrassenya són incorrectes, o no és un volum VeraCrypt. + El mode de muntatge és erroni, la contrassenya és incorrecte, o no és un volum VeraCrypt. + El mode de muntatge és erroni, el(s) fitxer(s) de claus i/o la contrassenya són incorrectes, o no és un volum VeraCrypt. + La contrassenya és incorrecte o no és un volum VeraCrypt. + El(s) fitxer(s) de claus i/o la contrassenya són incorrectes, o no és un volum VeraCrypt. + ATENCIÓ: Hi ha el bloqueig de majúscules activat. Això pot fer que introdueixi la contressenya incorrectament. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + Si està intentant protegir un volum ocult que conté un sistema ocult, si us plau asseguri's d'utilitzar la disposició de teclat estàndard als EUA quan escrigui la contrasenya pel volum ocult. Això és necessari degut al fet que la contrasenya s'ha d'escriuer en un entor de prearrencada (abans d'engegar el Windows) on només hi ha aquesta disposició de teclat disponible. + No s'ha trobat cap volum que hagués interromput el xifrat i que es pugui desxifrar amb la contrasenya i/o fitxer(s) de claus que ha introduït.\n\nSi us plau asseguri's que aquestes dades són correctes i que la partició/volum no s'està utilitzant pel sistema o per alguna aplicació (incloent l'antivirus) + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNota: Si està intentant muntar una partició dins d'una unitat de sistema xifrada sense l'autenticació de prearrencada o muntar una partició de sistema xifrrada d'un sistema operatiu que no s'està executant, pot fer-ho a través de 'Sistema' > 'Muntar sense l'autenticació prearrencada'. + En aquesta modalitat, no pot muntar una partició allotjada a un dispositiu que és dins de l'àmbit de la clau del sistema xifrat actual.\n\nAbans de muntar la partició en aquesta modalitat, ha d'arrencar un sistema operatiu en una altre unitat (xifrat o no) o arrencar un sistema operatiu no xifrat. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Anterior + No s'ha pogut llistar els dispositius en brut instal·lats al sistema! + El volum '%s' ja existeix i està en mode només lectura. Està segur que el vol substituïr? + Seleccioni la ubicació de destí + Seleccioni fitxers de claus + Seleccioni la ruta de cerca dels fitxers de claus. ATENCIÓ: Només es guardarà la ruta, no els noms dels fitxers! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Dissenyat per Ross Anderson, Eli Biham i Lars Knudsen. Publicat el 1998. Clau de 256 bits, bloc de 128 bits. Mode XTS. Va ser un dels finalistes d'AES. + Si us plau, especifiqui la mida del nou contenidor.\n\nSi crea un contenidor dinàmic (fitxer ampliable), aquest paràmetre ha d'especificat la seva mida màxima.\n\nTingui en compte que la mida mínima d'un volum FAT és de 292 KB. La mida mínima possible d'un volum NTFS és de 3792 KB. + Si us plau, especifiqui la mida del volum exterior a crear (primer es crea el volum exterior i després el volum ocult a dins). La mida mínima possible d'un volum que hagi de contenir un volum ocult és de 340KB. + Si us plau, especifiqui la mida del nou volum ocult. La mida mínima possible per un volum ocult és de 40 KB (o 3664 KB si es formata com a NTFS). La mida màxima que pot especificar es mostra a sobre. + Mida del volum exterior + Mida del volum ocult + Si us plau, verifiqui que la mida del disc/partició indicada a dalt és correcte i premi Següent. + El volum extern i el volum ocult (que conté el sistema operatiu ocult) han d'estar a la partició de dalt. Ha de ser la primera partició després de la partició de sistema.\n\nSi us plau, verifiqui que la mida i el número de la partició són correctes i, si ho són, faci clic a Següent. + \n\nTingui en compte que la mida mínima d'un volum que hostatji un volum ocult és de 340 KB. + Mida del volum + Dinàmic + ATENCIÓ: PROVA FALLADA! + Proves dels algorismes passades + El número de dades per unitat especificat és massa llarg o massa curt. + La clau secundària de prova és massa llarga o massa curta. + El text xifrat de prova és massa llarg o massa curt. + La clau de prova és massa llarga o massa curta. + El text pla de prova és massa llarg o massa curt. + Dos xifrats en cascada treballant en mode XTS. Cada bloc es xifra primer amb %s (clau de %d bits) i després amb %s (clau de %d bits). Cada xifrat utilitza la seva pròpia clau. Les claus són independents entre si. + Tres xifrats en cascada treballant en mode XTS. Cada bloc es xifra primer amb %s (clau de %d bits), després amb %s (clau de %d bits) i finalment amb %s (clau de %d bits). Cada xifrat utilitza la seva pròpia clau. Les claus són independents entre si. + Tingui en compte que, depenent de la configuració del sistema operatiu, pot ser que les opcions d'automuntatge i d'autoarrencada només funcionin si el disc de viatge es crea en un mitjà de només lectura coma ra un CD o DVD. Això no és un error al VeraCrypt (és una limitació del Windows). + S'ha creat un disc de viatge VeraCrypt amb èxit.\n\nRecordi que és necessari tenir privilegis d'administrador per executar el VeraCrypt en mode portable. Tingui en compte també que, després d'examinar el fitxer de registres, és possible saber que el VeraCrypt s'ha executat en un sistema Windows encara que s'executi en mode portable. + Disc de viatge VeraCrypt + Dissenyat per Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall i Niels Ferguson. Publicat el 1998. Clau de 256 bits, bloc de 128 bits. Mode XTS. Va ser un dels finalistes d'AES. + Més informació sobre %s + Desconegut + S'ha produït un error desconegut o no especificat(%d). + Alguns volums contenen fitxers o directoris que estan sent utilitzats per aplicacions o pel sistema.\n\nVol forçar el desmuntatge? + &Desmuntar + Error al desmuntar! + El volum conté fitxers o directoris que estan sent utilitzats per altres aplicacions o pel sistema.\n\nVol forçar el desmuntatge? + No volume is mounted to the specified drive letter. + El volum que intenta muntar ja està muntat. + S'ha produït un error a l'intentar muntar el volum. + Error en buscar ubicació dins el volum. + Error: la mida del volum és incorrecte. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Un contenidor dimànic és un fitxer NTFS dispers preubicat la mida física del qual (l'espai de disc utilitzat) s'amplia quan s'hi afegeixen dades.\n\nATENCIÓ: El rendiment dels volumns en fitxers dispersos és significativament pitjor que el dels volums normals. Aquests volums també són menys segurs, ja que és possible determinal quins sectors del volum no s'estan utilitzant. A més a més, aquests volums no poden allotjar un volum ocult. Tingui en compte que si s'estiuen dades a un fitxer dispers quan no hi ha prou espai al seu sistema de fitxers, el sistema de fitxers xifrat es pot corrompre.\n\nSegur que vol crear un volum de fitxer dispers? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + El VeraCrypt no pot canviar la contrasenya d'un volum extern. + Si us plau, seleccioni una lletra d'unitat lliure de la llista. + Si us plau, seleccioni un volum muntat a la llista de lletres d'unitat. + Hi ha dos volums muntats diferents seleccionats (un a la llista de lletres d'unitat i l'altre al camp d'entrada a sota la llista).\n\nSi us plau, esculli el volum que vulgui seleccionar: + Error: no s'ha pogut crear el fitxer autorun.inf + Error processant el fitxer de claus! + Error processant l'ubicació del fitxer de claus! + La ubicació no conté fitxers.\n\nTingui en compte que els directoris (i els fitxers que contenen) que es troben en aquesta ubicació s'han ignorat. + El VeraCrypt no és compatible amb aquest sistema operatiu. + Error: el VeraCrypt només és compatible amb versions estables d'aquest sistema operatiu (Les versions beta/RC no són compatibles). + Error: No es pot assignar memòria. + Error: No s'ha pogut recuperar el valor de comptador de rendiment. + Error: volum mal formatat. + Error: S'ha proporcionat una contrasenya per un volum ocult (no per un volum normal). + Per motius de seguretat, un volum ocult no es pot crear dins d'un altre volum que contingui un sistema operatiu i que s'hagi xifrat in situ (ja que l'espai lliure del volum no s'ha omplert amb dades aleatòries). + VeraCrypt - Notes legals + Tots els fitxers + Volums VeraCrypt + Mòduls de la biblioteca + El procés de format NTFS no pot continuar. + No s'ha pogut muntar el volum. + No s'ha pogut desmuntar el volum. + El Windows no ha pogut donar format NTFS al volum.\n\nSi us plau, seleccioni un altre tipus de sistema de fitxers (si és possible) i torni-ho a provar. També hi ha l'opció de deixar el volum sense format (seleccionant 'Cap' sistema de fitxers), sortir de l'assistent, muntar el volum i després utilitzar una eina de sistema o de tercers per donar format al volum (que es mantindrà xifrat). + El Windows no ha pogut formatar el volum amb NTFS.\n\nEl vol formatar amb FAT en comptes d'això? + Per defecte + partició + PARTICIÓ + Dispositiu + dispositiu + DISPOSITIU + Volum + volum + VOLUM + Etiqueta + La mida de clúster seleccionada és massa petita per aquesta mida de volum. S'ha d'utilitzar una mida de clúster més gran. + Error: No s'ha pogut obtenir la mida del volum!\n\nAssegui's que el volum seleccionat no està sent utilitzant pel sistema o per una aplicació. + Els volums ocults no es poden crear a dins de contenidors dinàmics. Per aconseguir una negació plausible, el volum ocult s'ha de crear dins un contenidor que no sigui dinàmic. + L'assistent de creació de volums VeraCrypt només pot crear volums ocults dins de volums FAT o NTFS + Sobre Windows 2000, l'assistent de creació de volums VeraCrypt només pot crear volums ocults dins de volums FAT. + Nota: El sistema de fitxers FAT és més adecuat per volums exteriors que el sistema de fitxers NTFS (per exemple, la mida màxim del volum ocult podria ser segurament molt més gran si el volum exterior tingués un format FAT). + Nota: El sistema de fitxers FAT és més adecuat per volums exteriors que el sistema de fitxers NTFS. Per exemple, la mida màxim del volum ocult podrà ser segurament molt més gran si el volum exterior té un format FAT (això és degut a que el sistema de fitxers NTFS sempre emmagatzema les dades internes exactament a la meitat del volum i, per tant, el volum ocult només es pot ubicar a la segona meitat del volum exterior)\n\nSegur que vol donar un format NTFS al volum? + Prefereix formatar el volum amb FAT? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: La partició pel sistema operatiu ocult (la primera després de la partició de sistema) ha de ser almenys un 5% més gran que la partició de sistema (la partició de sistema la que té instal·lat el sistema operatiu actual). + Error: La partició pel sistema operatiu ocult (la primera partició després de la partició de sistema) ha de ser com a mínim un 110% (2.1 vegades) més gran que la partició de sistema. La raó d'això és que el sistema de fitxers NTFS sempre emmagatzema les dades exactament a la meitat del volum i, per tant el volum ocult (que conté una còpia de la partició de sistema) només pot estar a la segona meitat de la partició. + Error: Si el volum exterior té un format NTFS ha de ser com a mínim un 110% (2.1 vegades) més gran que la partició de sistema. La raó d'això és que el sistema de fitxers NTFS sempre emmagatzema les dades exactament a la meitat del volum i, per tant el volum ocult (que conté una còpia de la partició de sistema) només pot estar a la segona meitat de la partició.\n\nNota: El volum exterior ha d'estar a la mateixa partició que el sistema operatiu ocult (la primera partició després de la partició del sistema). + Error: No hi ha cap partició després de la partició del sistema.\n\nTingui en compte que abans de crear un sistema operatiu ocult, és necessari crear una partició per ell a la unitat de sistema. Ha de ser la primera partició després de la partició de sistema i ha de ser almenys un 5% més gran que la partició de sistema (la partició de sistema és la que té instal·lat el sistema operatiu que s'està executant actualment). No obstant, si el volum exterior (no confondre amb la partició de sistema) té un format NTFS, la partició pel sistema operatiu ocult (la primera partició després de la partició de sistema) ha de ser com a mínim un 110% (2.1 vegades) més gran que la partició de sistema. La raó d'això és que el sistema de fitxers NTFS sempre emmagatzema les dades exactament a la meitat del volum i, per tant el volum ocult (que conté una còpia de la partició de sistema) només pot estar a la segona meitat de la partició. + Observació: Instal·lar sistemes operatius a dos volums que estiguin dincs d'una mateixa partició no és pràctic (ni està suportat) ja que utilitzar el sistema operatiu exterior requeriria escriure dades a l'àrea del sistema operatiu ocult (i si aquestes operacions estan protegides utilitzant la protecció de volums ocults, pot causar fallades del sistema i pantalles blaves d'errors). + Per trobar informació sobre la creació i administració de particions consulti la documentació del seu sistema operatiu o contacti amb l'equip de suport del proveïdor de l'ordinador per demanar assistència. + Error: El sistema operatiu actual no està instal·lat a la partició d'arranc (la primera partició activa). Això no està suportat. + Ha indicat que té intenció de guardar fitxers més grans de 4 GB dins el volum. Tot i això, ha escollit el sistema de fitxers FAT, que no permet emmagatzemar fitxers més grans de 4 GB.\n\nSegur que vol donar un format FAT al volum? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Error: No s'ha pogut accedir al volum!\n\nAsseguri's que el volum seleccionat existeix, que no està muntat ni sent utilitzat pel sistema o alguna aplicació, que té permisos de lectura i escriptura sobre el volum i que no està protegit contra escriptura. + Error: Cannot obtain volume properties. + Error: No s'ha pogut accedir al volum ni/o obtenir informació sobre el volum.\n\nAsseguri's que el volum seleccionat existeix, que no està muntat ni sent utilitzat pel sistema o alguna aplicació, que té permisos de lectura i escriptura sobre el volum i que no està protegit contra escriptura. + Error: No s'ha pogut accedir al volum!\n\nAsseguri's que el volum seleccionat existeix, que no està muntat ni sent utilitzat pel sistema o alguna aplicació, que té permisos de lectura i escriptura sobre el volum i que no està protegit contra escriptura.\n\nSi el problema persisteix, pot ser d'ajuda seguir els passos següents. + Un error ha evitat que el VeraCrypt xifri la partició. Si us plau, intenti arreglar qualsevol problema notificat anteriorment i torni-ho a provar. Si el problema persisteix, pot ser d'ajuda seguir els passos següents. + Un error ha evitat que el VeraCrypt recuperi el procés de xifrat de la partició. Si us plau, intenti arreglar qualsevol problema notificat anteriorment i torni-ho a provar. Recordi que no es pot muntar un volum fins que no està completament xifrat. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Error: No s'ha pogut desmuntar el volum ocult!\n\nEl volum no es pot desmuntar si conté fitxers o directoris que estiguin sent utilitzats pel sistema o una aplicació.\n\nSi us plau tenqui tots els programes que puguin estar utilitzant els fitxers o directoris del volum i torni-ho a provar. + Error: No s'ha pogut obtenir informació sobre el volum exterior!\nLa creació del volum no pot continuar. + Error: No s'ha pogut accedir al volum exterior! La creació del volum no pot continuar. + Error: No s'ha pogut muntar al volum exterior! La creació del volum no pot continuar. + Error: No s'ha pogut obtenir el mapa de bits del clúster del volum! La creació del volum no pot continuar. + Alfabètic/Categoritzat + Velocitat mitjana(Descendent) + Algorisme + Xifratge + Desxifratge + Mitjana + Unitat + Mida + Algorisme de xifrat + Algorisme de xifrat + Tipus + Valor + Propietat + Ubicació + bytes + Ocult + Exterior + Normal + De sistema + Ocult (sistema) + Només lectura + Unitat de sistema + Unitat de sistema (xifrant - %.2f%% fet) + Unitat de sistema (desxifrant - %.2f%% fet) + Unitat de sistema (%.2f%% xifrat) + Partició de sistema + Partició de sistema oculta + Partició de sistema (xifrant - %.2f%% fet) + Partició de sistema (desxifrant - %.2f%% fet) + Partició de sistema (%.2f%% xifrat) + Si (s'han evitat els danys!) + Cap + Mida de la clau primària + Mida de la clau secundària (mode XTS) + Mida de la clau d'ajust (mode LRW) + bits + Mida del bloc + PKCS-5 PRF + Comptador d'iteracions PKCS-5 + Data de creació + Capçalera modificada + (fa %I64d dies) + Versió de format + Còpia de la capçalera inclosa + Versió del gestor d'arranc + primera disponible + Disc extraïble + Disc dur + Sense canvis + Autodetection + Assistent + Seleccioni una de les modalitats. Si no està segur de quina escollir, trii l'opció per defecte. + Seleccioni aquesta opció si vol instal·lar el VeraCrypt al seu sistema. + Nota: Pot actualitzar sense desxifrar encara si la partció/unitat de sistema està xifrada o està utilitzant un sistema operatiu ocult. + Si selecciona aquesta opció, s'extrauran tots els fitxers però no s'instal·larà res al sistema. No seleccioni aquesta opció si vol xifrar la partició o la unitat de sistema. Escollir aquesta opció pot ser útil, per exemple, si vol executar el VeraCrypt en l'anomenat mode portable. No és necessari instal·lar el VeraCrypt al sistema operatiu sobre el qual s'executarà. Després d'extreure tots els fitxers podrà executar el fitxer 'VeraCrypt.exe' (això executarà el VeraCrypt en mode portable) + Opcions de configuració + Aqui pot establir les diferents opcions per controlar la instal·lació. + Instal·lant + Esperi mentre s'instal·la el VeraCrypt. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Opcions d'extracció + Aqui pot configurar diverses opcions per controlar el procés d'extracció. + Esperi mentre s'extreuen els fitxers. + Files successfully extracted + Tots els fitxers s'han extret amb èxit al directori de destí. + Si el directori especificat no existeix, es crearà automàticament. + Els fitxers del VeraCrypt s'actualitzaran a l'ubicació on hi ha el programa instal·lat. Si vol seleccionar una ubicació diferent, desinstal·li el VeraCrypt abans. + Vol veure les notes de la versió actual (la última estable) del VeraCrypt? + Si no ha utilitzat mai el VeraCrypt, li recomanem que llegeixi el capítol 'Tutorial per a principiants' a la guia d'usuari del VeraCrypt. Vol veure el tutorial ara? + Seleccioni una acció a realitzar entre les següents: + Reparar/Reinstal·lar + Actualitzar + Desinstal·lar + Per instal·lar o desinstal·lar el TrueCypt són necessaris privilegis d'administrador. Vol continuar? + L'instal·lador del VeraCrypt està realitzant una instal·lació o actualització del programa. Abans de continuar, si us plau esperi que acabi o tenqui'l. Si no el pot tancar, reinicii l'ordinador abans de continuar. + La instal·lació ha fallat. + La desinstal·lació ha fallat. + Aquest paquet de distribució està malmès. Si us plau, torni'l a descarregar (preferentment des del lloc web oficial del VeraCrypt, a https://veracrypt.codeplex.com). + No s'ha pogut escriure el fitxer %s + Extraient + No s'han pogut llegir dades del paquet. + No s'ha pogut verificat la integritat d'aquest paquet de distribució. + Ha fallat l'extracció. + La instal·lació s'ha desfet. + S'ha instal·lat el VeraCrypt amb èxit. + S'ha actualitzat el VeraCrypt amb èxit. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + El VeraCrypt s'ha desinstal·lat amb èxit.\n\nFaci clic a 'Acabar' per eliminar l'instal·lador del VeraCrypt i el directori %s. Tingui en compte que el directori no s'esborrarà si conté fitxers que no hagi instal·lat o creat el VeraCrypt. + Eliminant les entrades al registre del TruCrypt + Afegint l'entrada al registre + Eliminant les dades de l'aplicació + Instal·lant + Aturant + Eliminant + Afegint la icona + Creant un punt de restauració del sistema + No s'ha pogut crear un punt de restauració del sistema! + Actualitzant el gestor d'arranc + No s'ha pogut instal·lar '%s'. %s\nVol seguir amb la instal·lació? + No s'ha pogut desinstal·lar '%s'. %s\nVol seguir amb la desinstal·lació? + Instal·lació finalitzada. + No s'ha pogut crear el directori '%s' + No s'ha pogut desmuntar el controlador de dispositius del VeraCrypt.\n\nSi us plau, tenqui abans totes les finestres del VeraCrypt. Si això no funciona, reinicii el Windows i torni-ho a provar. + S'han de desmuntar tots els volums VeraCrypt abans d'instal·lar o desinstal·lar el programa. + Actualment hi ha una versió obsoleta del VeraCrypt instal·lada al sistema. És necessari desinstal·lar-la abans de poder instal·lar aquesta versió més nova del VeraCrypt.\n\nDesprés de tancar aquest missatge es llançarà el desinstal·lador de la versió antiga. Recordi que no es desxifrarà cap volum quan es desinstal·li el VeraCrypt. Després de desinstal·lar la versió antiga del VeraCrypt, torni a executar la instal·lació de la nova versió. + Ha fallat la instal·lació de les entrades al registre + Ha fallat la instal·lació del controlador de dispositius. Si us plau, reinicii el Windows i torni a provar d'instal·lar el VeraCrypt. + Engegant el controlador de dispositius del VeraCrypt + La desinstal·lació del controlador de dispositius del VeraCrypt ha fallat. Tingui en compte que degut a un error de Windows, pot ser necessari tancar la sessió o reiniciar el sistema abans de poder desinstal·lar (o reinstal·lar) el controlador de dispositius. + Instal·lant el controlador de dispositius del VeraCrypt + Aturant el controlador de dispositius del VeraCrypt + Desinstal·lant el controlador de dispositius del VeraCrypt + Ha fallat el registre de la biblioteca de suport del control d'autenticació d'usuaris. + Ha fallat l'anul·lació del registre de la biblioteca de suport del control d'autenticació d'usuaris. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Tingui en compte que si decideix executar el VeraCrypt en mode portable (en comptes d'una còpia instal·lada del VeraCrypt) el sistema li demarà permisos (UAC) per executar el VeraCrypt cada cop que el vulgui executar.\n\nAixò és perquè cada vegada que s'executa en mode portable, el VeraCrypt ha de carregar i engegar el controlador de dispositius. El controlador és necessari per proporcionar la possibilitat de xifrar/desxifrar de manera transparent i els usuaris sense privilegis d'administrador no el poden executar en Windows.\n\nTingui en compte que si instal·la el VeraCrypt el sistema NO li requerirà permisos (UAC) cada vegada que l'executi.\n\nSegur que vol extreure els fitxers? + ATENCIÓ: Aquesta instància de l'assistent de creació de volums té privilegis d'administrador.\n\nPot ser que els nous volums es creîn amb permisos que no li permetin escriure-hi quan es muntin. Si vol evitar això, tanqui aquesta instància de l'assistent de creació de volums i engegui'n una altre sense privilegis d'administrador.\n\nVol tancar aquestà instància de l'assistent de creació de volums? + Error: No es pot mostrar la llicència. + Exterior(!) + dies + hores + minuts + s + Obrir + Desmuntar + Veure el VeraCrypt + Amagar el VeraCrypt + Dades llegides des del muntatge + Dades escrites des del muntatge + Percentatge de xifrat + 100% (xifrat del tot) + 0% (no xifrat) + %.3f%% + 100% + Esperant + Preparant + Redimensionant + Xifrant + Desxifrant + Finalitzant + Aturat + Acabat + Error + Dispositiu desconnectat + S'han guardat els volums favorits del sistema.\n\nPer activar el muntatge dels volums favorits del sistema quan aquest arranqui, seleccioni 'Configuració' > 'Volums favorits del sistema' > 'Muntar els volums favorits del sistema quan s'engegui el Windows'. + El volum que està afegint als favorits no és ni una partició ni un volum dinàmic. Per tant, el VeraCrypt no podrà muntar aquest volum favorit si el número de dispositiu canvia. + El volum que està afegint a favorits és una partició que el Windows no reconeix.\n\nEl VeraCrypt no podrà muntar aquesta unitat favorita si el número de dispositius canvia. Si us plau, estableixi el tipus de partició a un que pugui reconeixer el Windows (utilitzi la comanda 'SETID' de l'eina de 'diskpart' de Windows). Després, torni a afegir la partició als favorits. + La tasca en segon pla del VeraCrypt està desactivada o està configurada per tancar-se quan no hi hagi volums muntats (o s'està executant el VeraCrypt en mode portable). Això pot evitar que els volums favorits es muntin quan es connectin els dispositius que els contenen.\n\nNota: Per activar la tasca en segon pla, seleccioni 'Configuració' > 'Preferències' i asseguri's que la casella 'Activat' està marcada a la secció 'VeraCrypt en segon pla'. + Un contenidor emmagatzemat en un sistema de fitxers remot compartit per xarxa no es pot muntar automàticament quan el dispositiu que l'allotja es connecti. + El dispositiu que es mostra a continuació no és ni una partició ni un volum dinàmic. Per tant, el volum allotjat al dispositiu no es podrà muntar automàticament quan es connecti el dispositiu. + Si us plau, estableixi el tipus de la partició que es mostra a continuació a un que pugui reconeixer el Windows (utilitzi la comanda 'SETID' de l'eina de 'diskpart' de Windows). Després, esborri la partició als favorits i torni-la a afegir. Axiò permetrà al volum allotjat al dispositiu muntar-se automàticament cada cop que es connecti. + El dispositiu que es mostra a continuació no és ni una partició ni un volum dinàmic. Per tant, no se li pot assignar una etiqueta. + Si us plau, estableixi el tipus de la partició que es mostra a continuació a un que pugui reconeixer el Windows (utilitzi la comanda 'SETID' de l'eina de 'diskpart' de Windows). Després, esborri la partició als favorits i torni-la a afegir. Això permetrà al VeraCrypt assignar-li una etiqueta. + Degut a una limitació del Windows, un contenidor emmagatzemat en un sistema de fitxers remot compartit per xarxa no es pot muntar com a volum favorit del sistema (no obstant, si que es pot muntar com un volum favorit normal quan l'usuari inicia la sessió). + Introdueixi la contrassenya per a %s + Introdueixi la contrassenya per a '%s' + Introdueixi la contrasenya del volum normal/exterior + Introdueixi la contrasenya del volum ocult + Introdueixi la contrasenya de la capçalera guardada a la còpia de seguretat + El fitxer de claus s'ha creat amb èxit. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + ATENCIÓ: La capçalera d'aquest volum està malmesa! El VeraCrypt ha utilitzat automàticament la còpia de seguretat inclosa al volum.\n\nHa de reparar la capçalera del volum seleccionant 'Eines' > 'Restaurar la capçalera' + S'ha creat amb èxit la còpia de seguretat de la capçalera.\n\nIMPORTANT: Restaurar la capçalera utilitzant aquesta còpia de seguretat també restaurarà la contrasenya actual. D'altre banda, si es necessiten fitxers de claus per muntar el volum, seràn necessàris els mateixos fitxers de claus per muntar el volum quan es restauri la capçalera.\n\nATENCIÓ: Aquesta còpia de seguretat de la capçalera NOMÉS es pot utilitzar per restaurar la capçalera d'aquest volum en particular. Si utilitza aquesta còpia de seguretat per restaurar la capçalera d'un volum diferent, podrà muntar el volum, però NO serà possible desxifrar-ne el contingut que hi hagi emmagatzemat (ja que s'haurà canviat la clau mestra). + S'ha restaurat la capçalera del volum.\n\nIMPORTANT: Si us plau, recordi que també s'ha restaurat l'antiga contrasenya. A més, si era necessari algun fitxer de claus per muntar el volum quan es va crear, ara tornaran a ser-ho. + Per motius de seguretat, haurà d'introduïr la contrasenya correcte (i/o proporcionar els fitxers de claus correctes) pel volum.\n\nNota: Si el volum conté un volum ocult, primer haurà d'introduïr la contrasenya correcte (i/o proporcionar els fitxers de claus correctes) pel volum exterior. Posteriorment, si vol fer una còpia de seguretat de la capçalera del volum ocult, haurà d'introduïr la contrasenya correcte (i/o proporcionar els fitxers de claus correctes) pel volum ocult. + Segur que vol crear una còpia de seguretat de la capçalera de %s?\n\nQuan faci clic a 'Si', se li demanarà un nom de fitxer per la còpia de seguretat de la capçalera.\n\nNota: Tan les capçaleres del volum normal com les del volum ocult es tornen a xifrar i es guarden a la còpia de seguretat. Si no hi ha cap volum ocult a dins d'aquest volum, l'àrea reservada a la capçalera del volum ocult dins la còpia de seguretat s'omplirà amb dades aleatòries. Quan es restauri la capçalera des de la còpia de seguretat, s'haurà de proporcionar la contrasenya correcte (i/o els fitxers de claus) que fós vàlida quan es va crear la còpia de seguretat de la capçalera. La contrasenya (i/o els fitxers de claus) determinaran automàticament quina capçalera es restaurarà, si la del volum normal o l'oclt (el VeraCrypt en determina el tipus fent servir el mètode d'assaig i error). + Segur que vol restaurar la capçalera del volum %s?\n\nATENCIÓ: Restaurar la capçalera d'un volum també restaura la contrasenya que era vàlida quan es va crear la còpia. A més, el(s) fitxer(s) de claus que eren necessaris quan es va fer la còpia de seguretat seran els necessaris per muntar el volum quan es restauri la capçalera.\n\nDesprés de fer clic a 'Si', haurà de seleccionar el fitxer de còpia de seguretat de la capçalera. + El volum conté un volum ocult? + El volum conté un volum ocult + El volum no conté cap volum ocult + Si us plau, seleccioni el tipus de còpia de seguretat que vol utilitzar: + Restaurar la capçalera des de la còpia de seguretat inclosa al volum + Restaurar la capçaelera del volum des d'una còpia de seguretat externa + La mida de la còpia de seguretat de la capçalera és incorrecte. + No hi ha una còpia de seguretat inclosa en aquest volum (tingui en compte que només els volums creats amb un VeraCrypt 6.0 o superiro tenen aquestes còpies). + Està intentant fer una còpia de seguretat de la partició/unitat de sistema. Això no està permés. Les operacions de còpia de seguretat i restauració de les particions/unitats de sistema només es poden realitzar a través dels discos de recuperació del VeraCrypt.\n\nVol crear un disc de recuperació? + Està intentant restaurar una còpia de seguretat de la partició/unitat de sistema. Això no està permés. Les operacions de còpia de seguretat i restauració de les particions/unitats de sistema només es poden realitzar a través dels discos de recuperació del VeraCrypt.\n\nVol crear un disc de recuperació? + Després de fer clic a 'OK', haurà de seleccionar un nom de fitxer per el nou fitxer ISO del disc de recuperació i la ubicació on vol guardar-lo. + S'ha creat la imatge del disc de recuperació i s'ha guardat a:\n%s\n\nAra ha de gravar la imatge a un CD o DVD.\nIMPORTANT: Tingui en compte que el fitxer s'ha de gravar a un CD/DVD com a imatge ISO (no com un fitxer individual).\n\nDesprés de gravar el disc de recuperació, seleccioni 'Sistema' > 'Verificar el disc de recuperació' per verificar que s'ha gravat correctament. + S'ha creat la imatge del disc de recuperació i s'ha guardat a:\n%s\n\nAra ha de gravar la imatge a un CD o DVD.\n\nVol executar el gravador d'imatges de disc de Microsoft Windows?\n\nDesprés de gravar el disc de recuperació, seleccioni 'Sistema' > 'Verificar el disc de recuperació' per verificar que s'ha gravat correctament. + Si us plau, introdueixi el disc de recuperació del VeraCrypt a la unitat de CD/DVD i faci clic a 'OK' per verificar-lo. + S'ha verificat el disc de recuperació del VeraCrypt amb èxit. + No s'ha pogut verificar que el disc de recuperació s'hagi gravat correctament.\n\nSi ha gravat el disc de recuperació, si us plau expulsi el CD/DVD de l'unitat i torni'l a posar; torni a provar la verificació. Si això no soluciona el problema, intenti gravar el disc de recuperació amb un altre programa o a un altre tipus de mitjà.\n\nSi està intentant verificar un disc de recuperació que s'ha creat amb una clau mestra, contrasenya, etc. diferent aquesta verificació sempre fallarà. Per a crear un nou disc de recuperació completament compatible amb la configuració actual, seleccioni 'Sistema' > 'Crear un disc de recuperació'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Error al crear un disc de recuperació VeraCrypt. + No es pot crear un disc de recuperació mentre s'està executant un sistema operatiu ocult\n\nPer crear un disc de recuperació, engegui el sistema operatiu esquer i faci clic a 'Sistema' > 'Crear un disc de recuperació'. + No s'ha pogut verificar que el disc de recuperació s'hagi gravat correctament.\n\nSi ha gravat el disc de recuperació, si us plau expulsi el CD/DVD de l'unitat i torni'l a posar; torni a provar la verificació. Si això no soluciona el problema, intenti gravar el disc de recuperació en un altre tipus de mitjà%s.\n\nSi encara no ha gravat el disc de recuperació, faci-ho ara i després faci clic a 'Següent'.\n\nSi està intentant verificar un disc de recuperació creat abans d'engegar aquest assistent tingui en compte que aquest disc no serà usable, ja que es va crear amb una clau mestra diferent. És necessari gravar el disc de recuperació nou. + i/o altre programari d'enregistrament de CD/DVD + VeraCrypt - Volums favorits del sistema + Què son els volums favorits del sistema? + La partició/unitat de sistema sembla no estar xifrada.\n\nEls volums de sistema favorits només es poden muntar utilitzant les contrasenyes de prearrencada. Per tant, per habilitar l'ús dels volums de sistema favorits necessita xifrar abans la partició/unitat de sistema. + Si us plau, desmunti el volum abans de continuar. + Error: No s'ha pogut configurar el temps. + Comprovar el sistema de fitxers + Reparar el sistema de fitxers + Afegir als favorits... + Afegir als volums favorits del sistema... + P&ropietats... + Volum ocult protegit + N/A + Si + No + Desactivat + 1 + 2 o més + Mètode de treball + Etiqueta: + Mida: + Ubicació: + Lletra d'unitat: + Error: La contrasenya només pot contenir caràcters ASCII.\n\nEls caràcters fora d'ASCII poden causar que el volum sigui impossible de muntar quan canvii la configuració del sistema.\n\nEls següents caràcters són vàlids:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + ATENCIÓ: La contrasenya només pot contenir caràcters ASCII.\n\nEls caràcters fora d'ASCII poden causar que el volum sigui impossible de muntar quan canvii la configuració del sistema.\n\nHa de sustituïr tots els caràcters fora d'ASCII de la contrasenya per caràcters ASCII. Per fer-ho, faci clic a 'Volums' -> 'Canviar la contrasenya del volum'.\n\nEls següents caràcters són vàlids:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + ATENCIÓ: És molt recomanable evitar les extensions de fitxer que utilitzen els executables (.exe, .sys o .dll) i d'altres extensions problemàtiques similars. Utilitzar aquest tipus d'extensions provoca que el Windows i els programes antivirus monitoritzin el contenidor, cosa que afecta el rendiment del volum i pot causar d'altres problemes greus.\n\nÉs molt recomanable que elimini l'extensió del fitxer o la canvii (per exemple, a .hc).\n\nSegur que vol utilitzar aquest tipus d'extensió problemàtica? + ATENCIÓ: Aquest contenidor té una extensió de fitxer que utilitzen els executables (.exe, .sys o .dll) i d'altres extensions problemàtiques similars. Utilitzar aquest tipus d'extensions provoca que el Windows i els programes antivirus monitoritzin el contenidor, cosa que afecta el rendiment del volum i pot causar d'altres problemes greus. És molt recomanable que elimini l'extensió del fitxer o la canvii (per exemple, a .hc) després de desmuntar el volum. + Pàgina principal + ATENCIÓ: Sembla que no ha aplicat cap Service Pack a la instal·lació de Windows. No podrà escriure en discos IDE més grans de 128 GB amb el Windows XP si no aplica el Service Pack 1 o superior! Si ho fa, les dades al disc (sense importar si és un volum VeraCrypt o no) es poden corrompre. Això és una limitació del Windows, no un error al VeraCrypt. + ATENCIÓ: Sembla que no ha aplicat el Service Pack 3 a la instal·lació de Windows. No podrà escriure en discos IDE més grans de 128 GB amb el Windows 2000 si no aplica el Service Pack 3 o superior! Si ho fa, les dades al disc (sense importar si és un volum VeraCrypt o no) es poden corrompre. Això és una limitació del Windows, no un error al VeraCrypt.\n\nNota: també pot ser necessari habilitar el suport LBA 48-bit al registre; per a més informació, visiti http://support.microsoft.com/kb/305098/EN-US + ATENCIÓ: El sistema no té activat el suport 48-bit LBA ATAPI. Per tant, no podrà escriure en discos IDE més grans de 128 GB! Si ho fa, les dades al disc (sense importar si és un volum VeraCrypt o no) es poden corrompre. Això és una limitació del Windows, no un error al VeraCrypt\n\nPer activar el suport 48-bit LBA ATAPI, afegeixi el valor 'EnableBigLba' a la clau de registre HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters i estableixi el seu valor a 1. Per a més informació, visiti http://support.microsoft.com/kb/305098/EN-US + Error: No es poden guardar fitxers més grans de 4 GB en sistemes de fitxers FAT32. Per tant, els volums de fitxer (contenidors) allotjans dins un sistema de fitxers FAT32 no poden ser més grans de 4 GB.\n\nSi necessita un volum més gran, l'haurà de crear en un sistema de fitxers NTFS (o, si utilitza Windows Vista o superior, en un sistema de fitxers exFAT) o, en comptes d'això, xifri la partició o dispositiu sencer. + Error. El Windows XP no suporta fitxers més grans de 2048 GB. Per tant, no pot crear un volum de fitxer (contenidor) més gran de 2048 GB sota Windows XP.\n\nTingui en compte que si que és possible xifrar la unitat sencera o crear un volum de partició més gran de 2048 GB sota Windows XP. + ATENCIÓ: Si vol poder afegir més dades/fitxers al volum exterior en un futur, consideri especificar una mida més petita pel volum ocult.\n\nSegur que vol continuar amb la mida especificada? + No hi ha cap volum seleccionat.\n\nFaci clic a 'Triar fitxer' o 'Triar dispositiu' per seleccionar un volum VeraCrypt. + No s'ha seleccionat cap partició. Faci clic a 'Triar dispositiu' per seleccionar una partició desmuntada que normalment requereixi d'autenticació prearrenada (per exemple, una partició ubicada a la unitat xifrada d'un altre sistema operatiu, que no s'estigui executant, o la partició xifrada d'un altre sistema operatiu).\n\nNota: La partició seleccionada es muntarà com un volum normal de VeraCrypt, sense l'autenticació prearrencada. Això és útil, per exemple, per a fer tasques de còpia de segurett o restauració. + ATENCIÓ: Si s'activen els fitxers de claus per defecte, els volums que no facin servir aquests fitxers de clau no es podran muntar. Per tant, després d'activar els fitxers de claus per defecte recordi de desmarcar l'opció 'Usar fitxers de claus' (sóta el camp d'entrada de contrasenyes) quan munti aquests volums.\n\nSegur que vol guardar els fitxers/rutes com a opcions per defecte? + Muntar automàticament + Desmuntar-ho tot + Buidar memòria cau + Desmuntar-ho tot & buidar memòria cau + Forçar desmuntar-ho tot & buidar memòria cau + Forçar desmuntar-ho tot, buidar memòria cau & sortir + Muntar els volums favorits + Mostrar/Amagar la finestra del VeraCrypt + (Faci clic aqui i premi una tecla) + Acció + Drecera + Error: Aquesta drecera està reservada. Si us plau, esculli'n una altre. + Error: Aquesta drecera ja s'està utilitzant. + ATENCIÓ: Una o més dreceres de teclat del VeraCrypt no funcionen!\n\nSi us plau, asseguri's que d'altres aplicacions o el sistema operatiu no fan servir les mateixes dreceres de teclat que el VeraCrypt. + S'ha impedit la creació d'un fitxer de paginació.\n\nDegut a un problema de Windows, els fitxers de paginació no es poden ubicar a volums que no siguin de sistema (inclosos els favorits del sistema). El VeraCrypt permet la creació de fitxers de paginació només en una partició/unitat de sistema xifrada. + Un error o una incompatibilitat ha evitat que el VeraCrypt xifrés el fitxer d'hibernació. Per tant, s'ha evitat l'hibernació.\n\nNota: Quan un ordinador hiberna (o entra en un mode d'estalvi d'energia) el contingut de la memòria del sistema s'escriu a un fitxer d'hibernació dins la unitat de sistema. El VeraCrypt no podria evitar que les claus de xifrat i el contingut dels fitxers sensibles oberts a la RAM es guardessin sense xifrar al fitxer d'hibernació. + S'ha evitat l'hibernació.\n\nEl VeraCrypt no permet l'hibernació d'un sistema operatiu ocult que utilitza particions d'arranc extra. Tingui en compte que la partició d'arranc és compartida pel fitxer esquer i pel sistema ocult. Per tant, per evitar fugues de dades i problemes quan es restaura la hibernació, el VeraCrypt ha d'evitar que el sistema operatiu ocult escrigui a la partició d'arranc i que hiberni. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + ATENCIÓ: Si la tasca en segon pla del VeraCrypt està desactivada, les següents funcionalitats també ho estaran:\n\n1) Dreceres de teclat\n2) Desmuntatge automàtic\n3) Muntatge automàtic dels volums automàtics\n4) Notificacions\n5)Icona a la safata\n\nNota: Es pot aturar la tasca en segon pla del VeraCrypt fent clic amb el botó dret a l'icona a la safata i seleccionant 'Sortir'.\n\nEstà segur que vol desactivar permanentment la tasca en segon pla? + ATENCIÓ: Si aquesta opció es desactiva, els volums que continguin fitxers/directoris oberts no es podran desmuntar automàticament.\n\nSegur que vol desactivar aquesta opció? + ATENCIÓ: Els volums que tinguin fitxers/directoris oberts no es desmuntaran automàticament.\n\nPer evitar això, habiliti l'opció 'Forçar el desmuntatge automàtic encara que el volum tingui fitxers o directoris oberts' en aquesta finestra. + ATENCIÓ: Quan queda poca bateria al portàtil, el Windows pot ometre els missatges oportuns a les aplicacions que s'estigui executant quan s'entra en mode d'estalvi d'energia. Per tant, el desmuntatge automàtic del VeraCrypt pot fallar en aquests casos. + Hi ha un procés de xifrat d'una partició/volum encuat. Aquest procés no s'ha acabat.\n\nVol reprendre el procés ara? + Hi ha un procés de xifrat o desxifrat de la partició/unitat de sistema. Aquest procés no s'ha acabat.\n\nVol engegar (reprendre) el procés ara? + Vol que se li torni a preguntar si vol reprendre els processos programats de xifrat de particions/volums? + Si, torna-m'ho a preguntar + No, no ho tornis a preguntar + IMPORTANT: Recordi que pot reprendre el procés de xifrat d'una partició/volum norma seleccionant 'Volums' > 'Continuar una tasca interrompuda' des del menú principal del VeraCrypt. + Ha encuat el procés de xifrat o desxifrat de la partició/unitat de sistema. Per tant, el procés d'autenticació de prearrencada (o s'ha evitat).\n\nNota: Si desxifra la partició/unitat de sistema a l'entorn de prearrencada és possible que hagi de finalitzar el procés selecionant 'Sistema' > 'Desxifrar la partició/unitat del sistema permanentment' al menú principal de la finestra del VeraCrypt. + ATENCIÓ: Si tanca VeraCrypt, les següents funcionalitats es desactivaran:\n\n1) Dreceres de teclat\n2) Desmuntatge automàtic\n3) Muntatge automàtic dels volums automàtics\n4) Notificacions\n\nNota: Si no vol que el VeraCrypt s'executi en segon pla, desactivi la tasca en segon pla des de les preferències (i, si és necessari, desactivi també l'inici automàtic del VeraCrypt).\n\nSegur que vol tancar el VeraCrypt. + Sortir? + El VeraCrypt no té prou informació per saber si ha de xifrar o desxifrar. + El VeraCrypt no té prou informació per saber si ha de xifrar o desxifrar.\n\nNota: Si ha desxifrat la partició/unitat de sistema a l'entorn de prearrencada, és possible que hagi de finalitzar el procés fent clic a 'Desxifrar'. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Vol interrompre i posposar el procés de xifrat de la partició/volum?\n\nNota: Tercordi que el volum no es pot muntar fins que s'hagi xifrat completament. Podrà reprendre el procés de xifrat i continuarà des del punt on s'ha aturat. Pot fer-ho, per exemple, seleccionant 'Volums' > 'Continuar una tasca interrompuda' al menú principal de la finestra del VeraCrypt. + Vol interrompre i posposar el procés de xifrat de la partició/volum de sistema?\n\nNota: Recordi que el volum no es pot muntar fins que s'hagi xifrat completament. Podrà reprendre el procés de xifrat i continuarà des del punt on s'ha aturat. Pot fer-ho, per exemple, seleccionant 'Sistema' > 'Continuar una tasca interrompuda' al menú principal de la finestra del VeraCrypt. Si vol revertir o evitar el procés de xifrat, seleccioni 'Sistema' > 'Desxifrar la partició/unitat del sistema permanentment'. + Vol interrompre i posposar el procés de desxifrat de la partició/volum de sistema?\n\nNota: Recordi que el volum no es pot muntar fins que s'hagi xifrat completament. Podrà reprendre el procés i continuarà des del punt on s'ha aturat. Pot fer-ho, per exemple, seleccionant 'Sistema' > 'Continuar una tasca interrompuda' al menú principal de la finestra del VeraCrypt. Si vol revertir el procés de desxifrat (i començar el de xifrat) seleccioni 'Sistema' > 'Xifrar la partició/unitat del sistema'. + Error: No s'ha pogut interrompre el procés de xifrat/desxifrat de la unitat/partició de sistema. + Error: No s'ha pogut interrompre el procés de neteja. + >Error: No s'ha pogut rependre el procés de xifrat/desxifrat de la unitat/partició de sistema. + Error: no s'ha pogut engegar el procés de neteja. + S'ha resolt la inconsistència.\n\n\n(Si reporta un error relacionat amb això, si us plau inclogui la següent informació tècnica:\n%hs) + Estat inesperat.\n\n\n(Si reporta un error relacionat amb això, si us plau inclogui la següent informació tècnica:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + ATENCIÓ: La tasca en segon pla del VeraCrypt està desactivada. Després de sortir del VeraCrypt, no rebrà notificacions si s'evita el dany a un volum ocult.\n\nNota: Es pot aturar la tasca en segon pla del VeraCrypt fent clic amb el botó dret a l'icona a la safata i seleccionant 'Sortir'.\n\nVol activar la tasca en segon pla del VeraCrypt? + Versió del paquet d'idioma: %s + Comprovant el sistema de fitxers del volum VeraCrypt muntat com %s... + Intentant reparar el sistema de fitxers del volum VeraCrypt muntat com %s... + ATENCIÓ: Aquest volum està xifrat amb un algorisme de xifrat antic.\n\nTots els algorismes de xifrat de blocs de 64 bits (Blowfish, CAST-128, Triple DES, etc.) estan descontinuats. Serà possible muntar aquest volum utilitzant versions posteriors del VeraCrypt. No obstant, no hi haurà més millores a les implementacions d'aquests algorismes de xifrats. És molt recomanable crear un nou volum xifrat amb un algorisme de blocs de 128 bits (AES, Serpent, Tworfish, etc.) i moure tots els fitxers des del volum antic al nou. + El sistema no està configurat per muntar automàticament els nous volums. Pot ser impossible muntar els volums de dispositiu. El muntatge automàtic es pot activar executant la següent comanda i reiniciant el sistema.\n\nmountvol.exe /E + Si us plau, assigni una lletra d'unitat a la partició/dispositiu abans de continuar ('Eines administratives' - 'Crear i donar format a les particions de disc').\n\nAixò és un requeriment del sistema operatiu. + Muntar el volum VeraCrypt + Desmuntar tots els volums VeraCrypt + El VeraCrypt no ha pogut obtenir privilegis d'administrador. + El sistema operatiu ha denegat l'accés.\n\nCausa possible: El sistema operatiu requereix tenir permisos de lectura i escriptura (o privilegis d'administrador) per alguns directoris, fitxers i dispositius per tal de poder llegir-hi/escriure-hi dades. Normalment un usuari sense privilegis d'administrador pot crear, llegir i modificar fitxers dins de la seva carpeta de documents. + Error: El controlador utilitza una mida de sector no suportada.\n\nActualment no és possible crear volums de partició o dispositiu en unitats que utilitzin sectors més grans de 4096 bytes. No obstant, és possible crear volums de fixer (contenidors) en aquestes unitats. + Actualment no és possible xifrar un sistema instal·lat en un disc que utilitzi una mida de sector diferent a 512 bytes. + El gestor d'arranc necessita com a mínim 32 KBytes d'espai lliure a l'inici de la unitat de sistema (s'ha de guardar en aquesta àrea). Desafortunadament, el seu disc no cumpleix aquesta condició.\n\nSi us plau, no notifiqui això com un error/problema del VeraCrypt. Per solucionar aquest problema, ha de tornar a particionar el disc i deixar lliures els primer 32 KBytes del disc (la majoria de casos es necessari esborrar i tornar a crear la primera partició). Es molt recomanable utilitzar el gestor de particions de Microsoft que està disponible, per exemple, quan s'instal·la en Windows. + Aquesta característica no està suportada per la versió actual del sistema operatiu. + El VeraCrypt no suporta el xifrat de la partició/unitat del sistema en aquesta versió del sistema operatiu que s'està executant. + Abans de poder xifrar la partició/unitat de sistema amb Windows Vista, és necessari instal·lar el Service Pack 1 o superior per Windows Vista (no hi ha cap Service Pack instal·lat en aquests moments).\n\nNota: El Service Pack 1 arregla un problema de manca de memòria base durant l'arrencada del sistema. + El VeraCrypt ja no suporta el xifrat d'una partició/unitat de sistema amb Windows Vista sense Service Pack. Abans d'actualitzar el VeraCrypt, si us plau instal·li el Service Pack 1 o superiro pel Windows Vista. + Error: Aquesta característica requereix instal·lar el VeraCrypt al sistema (està utilitzant el TrueCrypy en mode portable).\n\nSi us plau, instal·li el VeraCrypt i torni-ho a provar. + ATENCIÓ: Sembla que el Windows no està instal·lat a la unitat que l'arranca. Això no està suportat.\n\nNomés hauria de continuar si està segur que el Windows està instal·lat a la unitat que l'arranca.\n\nVol continuar? + La seva unitat de sistema té una taula de particions GUID (GTP). Actualment, només es suporten unitats amb una taula de particions MBR. + PRECAUCIÓ: El gestor d'arranc del VeraCrypt ja està instal·lat a la seva unitat de sistema!\n\nÉs possible que un altre sistema en aquest ordinador ja estigui xifrat.\n\nATENCIÓ: SEGUIR AMB EL XIFRATGE DEL SISTEMA OPERATIU ACTUAL POT OCASIONAR QUE D'ALTRES SISTEMES NO PUGUIN ENGEGAR I QUE ES PERDIN LES SEVES DADES.\n\nSegur que vol continuar? + No s'ha pogut restaurar el carregador de sistema original.\n\nSi us plau, utilitzi el seu disc de recuperació ('Repair Options' > 'Restore original system loader) o el mitjà d'instal·lació de Windows per reemplaçar el gestor d'arranc pel carregador de sistema de Windows. + El carregador del sistema original no s'ha pogut guardar al disc de recuperació (causa probable: no hi ha còpia de seguretat) + No s'ha pogut escriure al sector MBR.\n\nPotser la seva BIOS està configurada per protegir el sector MBR. Comprovi la configuració de la BIOS (premi F2, Esc o Suprimir quan s'engegui l'ordinador) per si té protecció pel sector MBR. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + No està instal·lada la versió requerida del gestor d'arranc VeraCrypt. Això pot evitar que es guardin algunes configuracions. + Nota: En algunes situacions, potser voldrà evitar que una altre persona (un adversari) que l'estigui mirant s'adoni que està utilitzant el VeraCrypt. Aquestes opcions li permetran fer-ho personalitzant la pantalla del gestor d'arranc. Si activa la primera opció, no es mostarà cap text al gestor d'arranc (encara que introdueixi una contrassenya equivocada). L'ordinador semblarà 'congelat' mentre no introdueixi la seva contrasenya. A part d'això, es pot mostrar un missatge personalitzat per confondre l'adversari. Per exemple, un fals missatge d'error com ara "Missing operating system" (que normalment mostra el gestor d'arranc del Windows si no troba la partició d'arranc del Windows). És important remarcar que si l'adversari pot analitzar el contingut del disc dur, encara podrà saber que conté el gestor d'arranc del VeraCrypt. + ATENCIÓ: Si us plau, recordi que si activa aquesta opció, el gestor d'arrancada no mostrarà cap text (encara que introdueixi una contrassenya errònia). L'ordinador semblarà "congelat" (sense donar resposta) mentre no escrigui la contrasenya (el cursor NO es mourà i no es mostraran asteriscos quan es premin tecles).\n\nSegur que vol habilitar aquesta opció? + La partició/unitat sembla completament xifrada. + El VeraCrypt no permet xifrar una unitat de sistema que s'ha convertit en un disc dinàmic. + La unitat de sistema conté particions exteses (lògiques).\n\nPot xifrar la unitat de sistema sencera incloent les particions exteses (lògiques) només amb Windows Vista o versions posteriors del Windows. Amb el Windows XP, pot xifrar una unitat de sistema sencera que contingui només particions primàries.\n\nNota: Si que pot xifrar la partició de sistema en comptes de tota la unitat (i, a més d'això, també pot crear un volum de partició en qualsevol de les particions que no siguin de sistema de la unitat). + ATENCIÓ: Està utilitzant un Windows XP/2003. Després de començar a xifrar la unitat, NO podrà crear cap unitat extesa (lògica) a dins (només pot crear particions primaries). Qualsevol partició extesa (lògica) dins la unitat no serà exessible després de començar a xifrar (la unitat no conté actualment cap d'aquestes particions).\n\nNota: Si aquesta limitació no li sembla acceptable, pot anar cap enrrere i escollir xifrar només la partició de sistema en comptes de la unitat sencera (i, a més d'això, pot crear volum de partició en qualsevol de les particions que no siguin de sistema de la unitat).\n\nA part d'això, també pot considerar actualitzar-se a Windows Vista o una versió posterior de Windows (en aquestes versiones no hi ha aquesta limitació). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Vol xifrar la partició de sistema en comptes del volum sencer?\n\nTingui en compte que pot crearun volum de partició en qualsevol de les particions que no siguin de sistema de la unitat (a més de xifrar la partició de sistema). + Com que la seva unitat se sistema només conté una partició que ocupa tota la unitat, és preferible (més segur) xifrar el disc sencer incloent l'espai lliure que habitualment queda al voltant d'aquesta partició.\n\nVol xifrar la unitat de sistema sencera? + El seu sistema està configurat per guardar els fitxers temporals a una partició que no es la de sistema.\n\nEls fitxers temporals s'han de guardar només a la partició de sistema + Els perfils d'usuari no es guarden a la partició de sistema.\n\nEls perfils d'usuari s'han de guardar a la partició de sistema. + Hi ha fitxers de paginació guardats a una partició que no es la de sistema.\n\nEls fitxers de paginació s'han de guardar a la partició de sistema. + Vol configurar ara el Windows per crear els fitxers de paginació només a la partició de Windows?\n\nSi fa clic a 'Si', es reiniciarà l'ordinador. Després d'això, engegui el VeraCrypt i torni a crear el sitema operatiu ocult + D'altre manera, la credibilitat del sistema operatiu ocult es pot veure afectada negativament.\n\nNota: Si un adversari analitza el contingut d'aquests fitxers (ubicats fora de la partició de sistema), pot trobar evidències de l'ús de l'assistent de creació de volums que li indiquin que hi ha un sistema operatiu ocult a l'ordinador. Tingui en compte també que aquests tipus de fitxers guardats a la partició de sistema s'esborraran de forma segura pel VeraCrypt durant el procés de creació del sistema operatiu ocult. + ATENCIÓ: Durant el procés de creació del sistema operatiu ocult, se li demanarà que reinstali completament el sistema actual (per crear un sistema esquer segur).\n\nNota: El sistema operatiu actual i tot el contingut de la partició de sistema es copiaran al volum ocult (per crear un sistema ocult).\n\n\nSegur que podrà instal·lar el Windows fent servir el mitjà d'instal·lació (o una partició de servei)? + Per motius de seguretat, si el sistema operatiu actual requereix d'activació, s'ha d'activar abans de continuar. Tingui en compte que el sistema operatiu ocult es crearà copiant el contingut de la partició de sistema a un volum ocult (per tant, si aquest sistema operatiu no està activat, el sistema operatiu ocult tampoc ho estarà). Per a més informació, pot veure la secció 'Requisits de seguretat i precaucions dels volums ocults' a la guia d'usuari del VeraCrypt.\n\nEl sistema operatiu actual compleix aquesta condició? + El seu sistema utilitza una partició d'arranc extra. El VeraCrypt no dóna suport a la hibernació de sistemes operatius ocults que utilitzin particions d'arranc extres (els sistemes esquer poden hibernar sense cap problema).\n\nTingui en compte que la partició d'arranc és compartida pel fitxer esquer i pel sistema ocult. Per tant, per evitar fugues de dades i problemes quan es restaura la hibernació, el VeraCrypt ha d'evitar que el sistema operatiu ocult escrigui a la partició d'arranc i que hiberni.\n\nVol continuar? Si selecciona 'No', es mostraran les instruccions per eliminar la partició d'arranc extra. + La partició d'arranc extra es pot eliminar abans d'instal·lar el Windows. Per a fer-ho, segueixi aquests passos:\n\n1) Arrenqui el disc d'instal·ació de Windwows.\n\n2) A la pantalla d'instal·lació faci clic a 'Install now' > 'Custom (advanced)'.\n\n3) Faci clic a 'Drive Options'.\n\n seleccioni la partició de sistema principal i elimini-la.\n\n5) seleccioni la partició reservada pel sistema i faci clic a 'Extend' per incrementar l'espai on es pot instal·lar wl Windows.\n\n6) Faci clic a 'Apply' i a 'OK'.\n\n7) Instal·li el Windows a la partició reservada.\n\n\nLi podrien preguntar perquè ha esborrat la partició d'arranc extra. Pot respondre que volia evitar qualsevol fuga de dades cap a la partició d'arranc sense xifrar.\n\nNota: Pot imprimir aquest text fent clic a 'Imprimir'. Si guarda alguna còpia d'aquest text o l'imprimeix (molt recomanat a no ser que la seva impressora guardi copies dels documents que imprimeix en una unitat interna), hauria de destruïr totes les còpies després d'esborrar la partició d'arranc extra. + ATENCIÓ: Hi ha espai no assignat entre la partició del sistema i la primera partició després d'ella. Després de crear el sistema operatiu ocult, no podrà crear cap nova partició en aquest espai. Si ho fa, el sistema operatiu ocult no es podrà engegar (fins que esborri aquestes noves particions). + Aquest algorisme de xifrat no està suportat per al xifrat del sistema + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Els fitxers de claus no estan suportats per al xifrat del sistema. + ATENCIÓ: El VeraCrypt no ha pogut restaurar la disposició de teclat orignal. Això pot provocar que introdueixi la contrasenya incorrectament. + Error: No s'ha pogut establir la disposició de teclat estàndard als EUA pel VeraCrypt.\n\nTingui en compte que la contrasenya s'haurà d'esciure a l'entorn de prearrencada (abans que arrenqui el windows) on no hi haurà altres disposicions de teclat disponibles. Per tant, la contrasenya s'ha d'escriure sempre amb la disposició de teclat estàndard als EUA. + Com que el VeraCrypt ha canviat la disposició de teclat a la estàndard als EUA. No és possible escriure caràcters prement tecles mentre la tecla Alternativa dreta estigui premuda. No obstant, pot escriure la majoria d'aquests caràcters prement les tecles apropiades amb la tecla de Shift premuda. + El VeraCrypt ha evitat el canvi de disposició de teclat. + Nota: La contrasenya s'haurà d'esciure a l'entorn de prearrencada (abans que arrenqui el windows) on no hi haurà altres disposicions de teclat disponibles. Per tant, la contrasenya s'ha d'escriure sempre amb la disposició de teclat estàndard als EUA. Tanmateix, és important remarcar que NO és necessari un teclat real dels EUA. El VeraCrypt s'assegura que pugui escriure la contrasenya de manera segura (ara i a l'entorn de prearrencada) encara que no tingui un teclat real dels EUA. + Abans de poder xifrar la partició/unitat ha de crear un disc de recuperació del TrueCrypr, que té les següents funcions:\n\n- Si el gestor d'arranc, la clau mestra o altres dades crítiques es malmeten, el disc de recuperació li permet restaurar-les (tot i que haurà d'introduïr la contrasenya correcta).\n\n- Si el Windows no pot arrencar, el disc de recuperació permet desxifrar la partició/unitat abans que arranqui el Windows.\n\n- El disc de recuperació conté una còpia de seguretat de la primera pista de la unitat (que normalment conté el gestor d'arranc o el carregador del sistema) i permet restaurar-lo si és necessari.\n\nLa imatge ISO del fitxer de recuperació es crearà a la ubicació especificada a sota. + Quan faci clic a 'Ok' es llançarà el gravador d'imatges ISO de Microsoft Windows. Si us plau, utilitzi'l per gravar la imatge iso del disc de recuperació a un CD o DVD.\n\nDesprés de fer-ho, torni a l'assistent de creació de volums de VeraCrypt i segueixi les instruccions. + La imatge del disc de recuperació s'ha creat i guardat al fitxer \n%s\n\nAra és necessàri gravar-la a un CD o DVD.\n\n%lsDesprés de gravar el disc de recuperació faci clic a 'Següent' per verificar que s'ha gravat correctament. + La imatge del disc de recuperació s'ha creat i guardat al fitxer \n%s\n\nAra és necessàri gravar-la a un CD o DVD o guardar-la en un lloc segur per utiltizar-la més tard.\n\n%lsFaci clic a 'Següent' per verificar que s'ha gravat correctament. + nIMPORTANT: Tingui en compte que el fitxer s'ha de gravar a un CD/DVD com a imatge ISO (no com un fitxer individual). Per informar-se sobre com fer això, consulti la documentació de l'aplicació per gravar CD/DVD. Si no té cap aplicació per gravar-lo, faci cli al link següent per descarregar-ne de programari lliure.\n\n + Engega el gravador de discos de Microsoft Windows + ATENCIÓ: Si ja havia creat un disc de recuperació, aquest no es pot reutilitzar per aquesta partició/unitat de sistema ja que s'ha creat per a una clau mestre diferent! Cada cop que xifri la partició/unitat de sistema haurà de crear un nou disc de recuperació per ella encara que utilitzi la mateixa contrasenya. + Error: No s'han pogut guardar la configuració de xifrat. + No s'ha pogut iniciar la prova prèvia de xifrat del sistema + No s'ha pogut iniciar la creació del sistema operatiu ocult. + Tipus de neteja + En alguns tipus de suports d'emmagatzematge, quan les dades es sobreescriuen amb altres dades és possible recuperar les dades sobreescrites utilitzant tècniques com ara forces magnètiques microscòpiques. Això també s'aplica a les dades que s'han sobreescrit en la seva forma xifrada (cosa que passa quan el VeraCrypt xifra inicialment una partició o unitat no xifrada). Tenint en compte alguns estudis i publicacions gubernamentals, es pot dificultar o impossibilitar la recuperació de dades sobreescrites sobreescribint dades pseudoaleatòries i normals un cert número de vegades. Per tant, si vostè creu que un adversari pot utilitzar aquest tipus de tècniques per recuperar les dades que intenta xifrar, segurament voldrà seleccionar algun dels mètodes de neteja (les dades existens NO s'esborraran). Tingui en compte que la neteja NO es pot dur a terme després de xifrar la partició/unitat. Quan una partició/unitat està xifrada completament no s'hi escriuen dades no xifrades. Totes les dades que s'hi escriuen es xifren al vol a la memòria i només després s'escriuen al disc. + En alguns tipus de suports d'emmagatzematge, quan les dades es sobreescriuen amb altres dades és possible recuperar les dades sobreescrites utilitzant tècniques com ara forces magnètiques microscòpiques. Tenint en compte alguns estudis i publicacions gubernamentals, es pot dificultar o impossibilitar la recuperació de dades sobreescrites sobreescribint dades pseudoaleatòries i normals un cert número de vegades. Per tant, si vostè creu que un adversari pot utilitzar aquest tipus de tècniques per recuperar les dades que intenta xifrar, segurament voldrà seleccionar algun dels mètodes de neteja.\n\nNota: Com és passades utilitzi, més estona trigarà a esborrar les dades. + Netejant + \nNota: Pot interrompre el procés de neteja, apagar l'ordinador, engegar el sistema oepratiu ocult una altre vegada i reprender el procés (l'assistent s'engegarà automàticament). De totes maneres, si l'interromp s'haurà de tornar a començar des del principi tot el procés de neteja. + \n\nNota: Si intenta interrompre el procés de neteja i reprendre'l haurà de tornar a començar el procés des del principi. + Vol aturar el procés de neteja? + ATENCIÓ: S'esborrarà i es perdrà el contingut de la partició/unitat seleccionada. + S'esborrarà tot el contingut de la partició on hi ha el sistema original.\n\nNota: Tot el contingut de la partició que s'esborrarà s'ha copiat a la seva partició de sistema oculta. + ATENCIÓ: Tingui en compte que si escull, per exemple, una neteja de 3 passades, el temps necessàri per xifrar la partició/unitat serà fins a 4 vegades més llarg. De la mateixa manera, si escull una neteja de 35 passades, serà fins a 36 vegades més gran (podria estar-hi setmanes).\n\nTanmateix, tingui en compte que la neteja no es farà un cop la partició/unitat estigui xifrada. Quan una partició/unitat està xifrada completament no s'hi escriuen dades no xifrades. Totes les dades que s'hi escriuen es xifren al vol a la memòria i només després s'escriuen al disc.\n\nSegur que vol utilitzar la neteja? + Cap (el més ràpid) + 1 passada (dades aleatòries) + 3 passades (US DoD 5220.22-M) + 7 passades (US DoD 5220.22-M) + 35 passades ("Gutmann") + 256 passades + Número de sistemes operatius + ATENCIÓ: Els usuaris sense experiència no haurien d'intentar xifrar el Windows en una màquina amb arrencada múltiple.\n\nVol continuar? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Unitat d'arranc + Aquest sistema operatiu està instal·lat a la partició d'arranc?\n\nNota: A vegades, el Windows no està instal·lat a la mateixa unitat que el gestor d'arranc de Windows (a la partició d'arranc). Si aquest és el cas, seleccioni 'No'. + Actualment el VeraCrypt no suporta el xifratge de sistemes operatius que no arrenquin des de l'unitat ón estan instal·lats. + Número d'unitats de sistema + Quantes unitat contenen sistemes operatius?\n\n:Nota: Per exemple, si té algun sistema operatiu (Windows, Mac OS X, Linux, etc.) instal·lat a la unitat primària i algun altre sistema operatiu instal·lat a una unitat secundaria, seleccioni '2 o més'. + El VeraCrypt no suporta el xifrat d'un disc sencer que contingui més d'un sistema operatiu.\n\nAlgunes solucions:\n\n- Pot xifrar un dels sitemes si torna enrera i triant l'opció de xifrar només una partició de sistema (en comptes de xifrar tota la unitat de sistema).\n\nTambé pot xifrar tota la unitat si mou alguns dels sistemes cap a altres unitats deixant només un sistema a la unitat que es vol xifrar. + Diversos sistemes en una unitat + Hi ha altres sistemes operatius instal·lats a la unitat on hi ha instal·lat el sistema operatiu actual?\n\nNota: Per exemple, si el sistema operatiu actual està instal·lat a la unitat #0, que conté diferents particions, i una de les particions conté un Windows i una altre un altre sistema operatiu (Windows, Mac OS X, Linux, etc.), seleccioni 'Si'. + Gestor d'arrencada + Hi ha algún carregador (o gestor) d'arrencada insal·lat al master boot record que no sigui el de Windows?\n\nNota: Per exemple, si la primera pista de l'unitat d'arranc conté GRUB, LILO, XOSL o d'altres gestors d'arranc, seleccioni 'Si'. + Arrencada múltiple + El VeraCrypt no suporta l'arrencada múltiple quan no hi ha el gestor d'arranc del Windows al Master Boot Record.\n\nPossibles solucions:\n\n- Si utilitza un gestor d'arranc per arrancar Windows i Linux, mogui el gestor d'arranc (normalment el GRUB) des del MBR cap a una partició. Després torni a executar l'assistent i xifri la partició/unitat de sistema. Tingui en compte que el gestor d'arranc del VeraCrypt serà el gestor d'arranc primari i li permetrà executar el gestor d'arranc original com a gestor d'arranc secundari (prement Esc a la pantalla del gestor d'arranc del VeraCrypt) i podrà arrancar el Linux. + Si el sistema operatiu actual està instal·lat a la partició d'arrant després de xifrar-la haurà d'introduïr la contrasenya correcta encara que vulgui engegar qualsevol altre sistema Windos sense xifrar (ja que comparteixen el mateix gestor d'arranc de Windows xifrat).\n\nEn canvi, si el sistema operatiu actual no està instal·lat a la partició d'arranc (o si el gestor d'arranc de Windows no s'utilitza per cap altre sistema), no serà necessari introduïr la contrasenya per arrencar altres sistemes operatius sense xifrar un cop xifrat -- haurà de prémer la tecla Esc per engegar el sistema sense xifrar (si hi ha més d'un sistema sense xifrar, l'haurà de triar).\n\nNota: Normalment, les versiones més noves de Windos s'instal·len a la partició d'arranc. + Xifrat de l'àrea protegida + Al final de moltes unitats hi ha una àrea generalment oculta al sistema operatiu (normalment anomenades àrees protegides). Tot i això, alguns programes poden llegir i escriure dades en aquestes arees.\n\nATENCIÓ: Alguns fabricants utilitzen aquestes àrees per emmagatzemar-hi eines i dades pel RAID, la recuperació del sistema, la configuració o el diagnòstic, etc. Si aquestes eines o dades han de ser accessibles abans d'arrencar, l'àrea protegida NO s'ha de xifrar (esculli 'No').\n\nVol que el VeraCrypt detecti i xifri qualsevol àrea oculta que trobi al final de la unitat de sistema? + Tipus de xifrat del sistema + Seleccioni aquesta opció si només vol xifrar la partició del sistema o tota la unitat del sistema. + És possible que es vegi forçat per algú a desxifrar el sistema operatiu. Hi ha moltes situacions en les quals no es pot negar a fer-ho (per exemple, sota extorsió). Si escull aquesta opció, podrà crear un sistema operatiu ocult del qual serà gairebé impossible provar-ne l'existència (sempre que es respectin certes directrius). Per tant, no s'hauria de veure obligat a desxifrar ni a revelar la contrasenya del sistema operatiu ocult. Per a veure una explicació detallada, faci clic a l'enllaç següent. + És possible que es vegi forçat per algú a desxifrar el sistema operatiu. Hi ha moltes situacions en les quals no es pot negar a fer-ho (per exemple, sota extorsió).\n\nA través d'aquest assistent, vostè podrà crear un sistema operatiu ocult del qual serà gairebé impossible provar-ne l'existència (sempre que es respectin certes directrius). Per tant, no s'hauria de veure obligat a desxifrar ni a revelar la contrasenya del sistema operatiu ocult. + Sistema operatiu ocult + Als passos següents es crearan dos volums de VeraCrypt (exterior i ocult) a la primera partició després de la partició de sistema. El volum ocult contindrà el sistema operatiu ocult. El VeraCrypt crearà el sistema operatiu ocult copiant el contingut de la partició de sistema (on hi ha el sistema operatiu actual instal·lat) cap al volum ocult. Al volum exterior hi haurà de copiar alguns fitxers que semblin confidencials i que NO vulgui amagar. Podria haver-hi algú que l'obligui a desbloquejar la contrasenya del sistema operatiu ocult. Podrà revelar la contrasenya del volum ocult i l'existència del sistema operatiu ocult seguirà sent secreta.\n\nFinalment, a la partició de sistema del sistema operatiu actual, haurà d'instal·lar i xifrar un sistema operatiu nou, que s'anomena sistema esquer. No haurà de contenir dades confidencials i es mantindrà allà per si algú l'obliga a revelar la contrasenya de prearrencada. En total, hi haurà cuatre contrasenyes. Dues d'elles es poden revelar (per el sistema operatiu esquer i el volum exterior). Si utilitza la tercera, s'engegarà el sistema operatiu ocult. + Detectant sectors ocults + Si us plau, esperi mentre el VeraCrypt detecta possibles sectors ocults al final de la unitat de sistema. Tingui en compte que això pot trigar força temps.\n\nEn casos molt rars, en alguns ordinadors, el sistema pot deixar de respondre durant aquest procés. Si això succeeix, reinicii l'ordinador, engegi el VeraCrypt i repeteixi els passos anteriors però salti's aquest procés de detecció. Aquest problema no està causat per un error al VeraCrypt. + Area a xifrar + Seleccioni aquesta opció si vol xifrar la unitat on està instal·lat el Windows que s'està executant ara mateix. Tota la unitat, incloent totes les seves particions es xifraran exeptuant la primera pista on s'intal·larà el gestor d'arranc del VeraCrypt. Qualsevol que vulgui accedir al sistema instal·lat en aquesta unitat o als fitxers que hi ha haurà d'introduïr la contrasenya correcta cada vegada que s'inicia el sistema. Aquesta opció no es pot utilitzar per xifara una unitat secundària o externa si no hi ha un Windows instal·lat que arrenca des d'allà. + Generant dades aleatòries + S'han generat les claus + El VeraCrypt no ha trovat cap gravadora de CD/DVD connectada a aquest ordinador. El VeraCrypt necessita una gravadora de CD/DVD per poder gravar el disc de recuperació que conté la còpia de seguretat de les claus de xifrat, el gestor d'arranc del VeraCrypt, el gestor d'arranc original, etc.\n\nÉs molt recomanable que gravi el disc de recuperació. + No tinc cap gravadora de CD/DVD però guardaré la imatge ISO del disc de recuperació en un mitja extraïble (com un llàpis USB). + Després connectaré una gravadora de CD/DVD a l'ordinador. Acabar ara el procés. + Hi ha una gravadora de CD/DVD connectada a l'ordinador. Continuar i gravar el disc de recuperació. + Si us plau, segueixi aquests passos:\n\n1) Connecti una unitat extraïble, com ara un llàpis òptic, a l'ordinador.\n\n2) Copii la imatge del disc de recuperació (%s) a la unitat extraïble.\n\nEn cas que sigui necessari utilitzar el disc de recuperació en un futur, podrà connectar la unitat extraïble a un ordinador amb una gravadora de CD/DVD i gravar el disc de recuperació. IMPORTANT: Tingui en compte que el fitxer s'ha de gravar a un CD/DVD com a imatge ISO (no com un fitxer individual). + Gravació del disc de recuperació + S'ha creat el disc de recuperació + Prova prèvia + S'ha verifiat el disc de recuperació + S'ha verificat amb èxit el disc de recuperació. Si us plau, expulsi ara el disc de la unitat i guardi'l a un lloc segur. Després faci clic a OK. + Durant els següents passos el disc de recuperació no ha de ser a la unitat. D'altre manera, no serà possible completar correctament els passos.\n\nSi us plau, expulsi ara el disc de la unitat i guardi'l a un lloc segur. Després faci clic a OK. + ATENCIÓ: Degut a limitacions tècniques de l'entorn de prearrencada, els textos mostrats en aquest entorn (abans d'arrencar el Windows) no es poden localitzar. La interficie del gestor d'arranc és tota en Anglès.\n\nVol continuar? + Abans de xifrar la partició o unitat del sistema, el VeraCrypt ha de verificar que tot funciona correctament\n\nDesprés de fer click a 'Prova', s'instal·larant tots els components necessaris (per exemple, el gestor d'arrencada del VeraCrypt) i després es reiniciarà l'ordinador. Llavors haurà d'introduïr la contrasenya a la pantalla del gestor d'arranc que sortirà abans d'iniciar el windows. Quan arrenqui el Windows, se l'informarà automàticament del resultat de la prova prèvia.\n\nEs modificarà el següent dispositiu: Unitat #%d\n\n\nSi fa clic a 'Cancel'lar' no s'instal·larà res i la prova prèvia no es farà. + NOTES IMPORTANTS -- SI US PLAU, LLEGEIXI-LES O IMPRIMEIXI-LES (faci clic a 'Imprimir'):\n\nTingui en compte que cap fitxer es xifrarà abans de després de reinciar l'ordinador i engegar el Windows. Per tant, si alguna cosa falla, les seves dades NO es perdran. Tot i això, si alguna cosa no funciona pot trobar dificultats arrancant el Windows. Per tant, llegeixi (i si és possible, imprimeixi) les instruccions següents sobre què fer si el Windows no es pot engegar després de reiniciar l'ordinador.\n\n + Què fer si el Windows no es pot engegar\n------------------------------------------------\n\nNota: Aquestes instruccions només són vàlides si no s'ha començat a xifrar.\n\n- Si el Windows no s'engega després d'introduïr la contrasenya correcta (o després d'introduïr repetidament la contrasenya correcta però el VeraCrypt diu que no és correcte), no s'alarmi. Reinicii (apagui i torni a encendre) l'ordinador i a la pantalla del gestor d'arranc del VeraCrypt premi la tecla Esc del teclat. Després d'això el Windows s'hauria d'engegar (sempre que no estigui xifrat) i el VeraCrypt preguntarà automàticament si vol desinstal·lar el component d'autenticació prearrencada. Tingui en compte que els passos anterior NO funcionaran si la partició/unitat del sistema està xifrada (ningú pot engegar el Windows ni accedir a les dades xifrades sense la contrasenya correcta).\n\n + -Si els passos anteriors no solucionen el problema o si no apareix el gestor d'arranc del VeraCrypt (abans d'engegar el Windows), inserti el disc de recuperació de VeraCrypt a la unitat de CD/DVD i reinicii l'ordinador. Si no apareix la pantalla del disc de recuperació (o si no pot veure les 'Repair Options' dins de la secció 'Keyboard Controls' de la pantalla del disc de recuperació), és possible que la BIOS estigui configurada per intentar arrencar abans des dels disc durs que des de les unitats de CD/DVD. Si aquest és el cas, reinicii el seu ordinador i premi 'F2' o 'Suprimir' (tan aviat com vegi la pantalla d'inici de la BIOS), i esperi fins que aparegui la pantalla de configuració. Si no apareix, reinicii l'ordinador i vagi prement 'F2' i 'Suprimir' repetidament tan aviat com s'engegui l'ordinador. Quan apareixi la pantalla de configuració de la BIOS, configuri la BIOS perquè s'engegui primer des de les unitats de CD/DVD (per saber com fer-ho, consulti la documentació de la BIOS/placa mare). Després reinicii l'ordinador. Ara hauria d'apareixer la pantalla del disc de recuperació. Dins d'aquesta pantalla, seleccioni 'Repair Options' prement 'F8' al teclat. Al menú de 'Repair Options' seleccioni 'Restore original system loader'. Després tregui el disc de recuperació de la unitat de CD/DVD i reinicii l'ordinador. El Windows hauria d'iniciar-se ara normalment (sempre que no estigui xifrat).\n\n + Tingui en compte que els passos anterior NO funcionaran si la partició/unitat del sistema està xifrada (ningú pot engegar el Windows ni accedir a les dades xifrades sense la contrasenya correcta)\n\nAixò és aixi encara que perdi el seu disc de recuperació i un atacant el trobi. L'atacant NO podrà desxifrar la unitat o partició del sistema sense la contrasenya correcta. + S'ha completat la prova prèvia + S'ha completat la prova prèvia amb èxit.\n\nATENCIÓ: Tingui en compte que si el subministrament d'energia s'interromp o si el sistema operatiu falla degut a un error mentre s'està xifrat les dades in situ, algunes parts de les dades es corrompran o perdran. Per tant, abans de començar a xifrar, asseguri's que té còpies de seguretat dels fitxers que vol xifrar. Si no en té; si us plau faci'n una ara (pot fer clic a 'Ajornar', fer la còpia de seguretat i després executar el VeraCrypt altre vegada i seleccionar 'Sistema' > 'Continuar una tasca interrompuda' i començar a xifrar).\n\nQuan estigui llest, faci clic a 'Xifrar' per començar. + Pot fer clic a 'Pausar' o 'Ajornar' en qualsevol moment per interrompre el procés de xifrat o desxifrat, sortir de l'assistent, reiniciar o apagar l'ordinador i després reprendre el procés, que continuarà des del punt on s'ha aturat. Per evitar la desacceleració quan el sistema o les aplicacions llegeixen o escriuen dades des del disc de sistema, el VeraCrypt espera fins que s'ha acabat de llegir o escriure, moment en el qual segueix xifrant o desxifrant. + \n\nPot fer clic a 'Pausar' o 'Ajornar' en qualsevol moment per interrompre el procés de xifrat o desxifrat, sortir de l'assistent, reiniciar o apagar l'ordinador i després reprendre el procés, que continuarà des del punt on s'ha aturat. Tingui en compte que no es podrà muntar el volum fins que no estigui completament xifrat. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + S'ha iniciat el sistema ocult + Sistema original + El Windows crea (normalment sense avís ni consentiment) diversos fitxers de registre, temporals, etc. a la partició de sistema. També guarda contingut de la RAm per hivernar i fitxers de paginació a la partició de sistema. Per tant, si un adversari analitza els fitxers emmagatzemats a la partició on hi ha el sistema operatiu original (del qual el sistema ocult és un clon) podria saber, per exemple, que s'ha utilitzat l'assistent del VeraCrypt per a fer un sistema operatiu ocult (cosa que pot indiciar l'existència d'un sistema operatiu ocult dins el sistema).\n\nPer evitar aquests problemes, durant els passos següents, el VeraCrypt esborrarà de forma segura tot el contingut de la partició on hi ha el sistema operatiu original. Després d'això, per a mantenir la credibilitat, hauria d'instal·lar un nou sistema a la partició i xifar-lo. Així es crearà un sistema esquer i es completarà el procés de creació del sistema operatiu ocult. + S'ha creat amb èxit el sistema operatiu ocult. Tot i això, abans de començar a utilitzar-lo (i aconseguir que sigui creïble), a de borrar de forma segura (amb el VeraCrypt) el contingut sencer de la partició on hi ha instal·lat el sistema operatiu actual. Abans de fer això, és necessari reiniciar l'ordinador i, a la finestra del gestor d'arranc VeraCrypt, introduïr la contrasenya de prearranc del sistema operatiu ocult. Llavors, després d'arrencar el sistema operatiu ocult, l'assistent s'executarà automàticament.\n\nNota: Si decidieix acabar el procés de creació del sistema operatiu ocult ara, NO podrà reprendre el procés i el sistema operatiu ocult no serà accessible (ja que s'esborrarà el gestor d'arranc). + He inciat el procés de creació d'un sistema operatiu ocult. El procés encara no ha acabat. Per completar-lo, és necessari reiniciar l'ordinador i, a la finestra del gestor d'arranc VeraCrypt, introduïr la contrasenya de prearranc del sistema operatiu ocult.\n\nNota: Si decidieix acabar el procés de creació del sistema operatiu ocult ara, NO podrà reprendre el procés. + Reiniciar l'ordinador i continuar + Atura permanentment el procés de creació del sistema operatiu ocult + No facis res ara i torna-ho a preguntar després + \nSI ÉS POSSIBLE, IMPRIMEIXI AQUEST TEXT (faci clic a 'Imprimir).\n\n\nCom i quan utilitzar el disc de recuperació del VeraCrypt (després de xifrar)\n-----------------------------------------------------------------------------------\n\n + I. Com arrancar el disc de recuperació del VeraCrypt\n\nPer arrancar el disc de recuperació del VeraCrypt, inserti'l dins la unitat de CD/DVD i reinicii l'ordinador. Si no apareix la pantalla del disc de recuperació (o si no pot veure les 'Repair Options' dins de la secció 'Keyboard Controls' de la pantalla del disc de recuperació), és possible que la BIOS estigui configurada per intentar arrencar abans des dels disc durs que des de les unitats de CD/DVD. Si aquest és el cas, reinicii el seu ordinador i premi 'F2' o 'Suprimir' (tan aviat com vegi la pantalla d'inici de la BIOS), i esperi fins que aparegui la pantalla de configuració. Si no apareix, reinicii l'ordinador i vagi prement 'F2' i 'Suprimir' repetidament tan aviat com s'engegui l'ordinador. Quan apareixi la pantalla de configuració de la BIOS, configuri la BIOS perquè s'engegui primer des de les unitats de CD/DVD (per saber com fer-ho, consulti la documentació de la BIOS/placa mare). Després reinicii l'ordinador. Ara hauria d'apareixer la pantalla del disc de recuperació. Dins d'aquesta pantalla, seleccioni 'Repair Options' prement 'F8' al teclat.\n\n\n + II. Com i quan utilitzar el disc de recuperació del VeraCrypt (després de xifrar)\n\n + 1) Si no apareix la pantalla del gestor d'arranc del VeraCrypt quan inicii l'ordinador (o si el Windows no s'engega), pot ser que el gestor d'arranc estigui malmès. El disc de recuperació permet restaurar-lo recuperar l'accés al sistema xifrat i les seves dades (tot i això, recordi que haurà d'introduïr la contrasenya correcta). A la pantalla del disc de recuperació seleccioni 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Després premi 'Y' per confirmar l'acció, tregui el disc de recuperació de la unitat de CD/DDD i reinicii l'ordinador.\n\n + 2) Si introdueix repetidament la contrasenya correcte però el VeraCrypt li diu que no ho és, pot ser que la clau mestre o d'altres dades crítiques estiguin malmeses. El disc de recuperació permet restaurar-lo recuperar l'accés al sistema xifrat i les seves dades (tot i això, recordi que haurà d'introduïr la contrasenya correcta). A la pantalla del disc de recuperació seleccioni 'Repair Options' > 'Restore key data'. Després introdueix la seva contrasenya, premi 'Y' per confirmar l'acció, tregui el disc de recuperació de la unitat de CD/DDD i reinicii l'ordinador.\n\n + 3) Si el gestor d'arranc del VeraCrypt està malmès, pot evitar executar-lo engegant directament des del disc de recuperació. Inserti el disc de recat a la unitat de CD/DVD i introdueixi la contrassenya a la pantalla del disc de recuperació.\n\n + 4) Si el Windows està malmès i no es pot iniciar, el disc de recuperació li permet desxifrar la partició/unitat permanentment abans d'arrencar el Windows. A la pantalla del disc de recuperació seleccioni 'Repair Options' > 'Permanently decrypt system partition/drive'. Introdueixi la contrasenya correcta i esperi mentra s'acaba el procés. Després podrà, per exemple, arrencar el CD/DVD del MS Windows per reparar l'instal·lació de Windows.\n\n + Nota: D'altre banda, si el Windows està malmès (no pot engegar-se) i necessita reparar-lo (o accedir als fitxers que hi ha a dins) pot evitar desxifrar la partició/unitat seguint aquests passos: Si té més d'un sistema operatiu instal·lats a l'ordinador, engegui un dels que no necessiti l'autenticació prearrencada. Si no té més d'un sistema operatiu, pot arrencar un CD/DVD WinPE o un BartPE o pot connectar el disc dur a un altre ordinador i després engegar el sistema operatiu d'aquest ordinador. Després d'iniciar un sistema, engegi el VeraCrypt, faci clic a 'Triar dispositiu', seleccioni la partició afectada, faci clic a 'OK', seleccioni 'Sistema' > 'Muntar sense l'autenticació de prearrencada', introdueixi la contrasenya de prearrencada i faci clic a 'OK'. Es muntarà la partició com si fos un volum regular (les dades es xifraran/desxifraran al vol a la RAM, com és habitual).\n\n\n + Tingui en compte que encara el seu disc de recuperació i un atacant el trobi, l'atacant NO podrà desxifrar la unitat o partició del sistema sense la contrasenya correcta. + \n\nI M P O R T A N T -- SI ÉS POSSIBLE, IMPRIMEIXI AQUEST TEXT (faci clic a 'Imprimir').\n\nAquest text es mostrarà automàticament cada cop que inicii el sistema operatiu ocult fins que instal·li el sistema operatiu esquer.\n\n\n + Com crear un sistema operatiu esquer d'una manera segura i fiable\n----------------------------------------------------------------------------\n\nPer poder tenir credibilitat, necessita crear un sistema operatiu esquer. Per a fer-ho, segueixi els passos següents:\n\n + 1) Per motius de seguretat, aturi l'ordinador i deixi'l apagat durant uns minuts (com més millor). Això és necessàri per netejar la memòria, que conté dades sensibles. Després engegui l'ordinador però no engegui el sistema operatiu ocult.\n\n + 2) Instal·li el Windows a la partició que s'ha esborrat (la partició on hi havia originalment el sistema operatiu que s'ha clonat al volum ocult).\n\nIMPORTANT: QUAN COMENCI A INSTAL·LAR EL SISTEMA. EL SISTEMA OCLULT *NO* ES PODRÀ INICIAR (ja que el gestor d'arranc del VeraCrypt serà substituït per l'instal·lador de windows). AIXÒ ÉS NORMAL I ESPERAT. NO ES PREOCUPI. PODRÀ INICIAR EL SISTEMA OCULT TAN AVIAT COM COMENCI A XIFRAR EL VOLUM ESQUER! (ja que el VeraCrypt 'instal·larà automàticament el gestor d'arranc del VeraCrypt a la unitat de sistema).\n\nIMPORTANT: La mida del volum esquer s'ha de mantenir igual que el volum ocult (això es cumpleix ara). A més, no ha de crear cap partició entre el sistema esquer i la partició on hi ha el sistema ocult.\n\n + 3) Arranqui el sistema esquer (el que ha creat al pas 2) i instal·li-hi el VeraCrypt.\n\nRecordi que aquest sistema esquer no ha de contenir mai dades sensibles.\n\n + 4) Al sistema esquer, executi el VeraCrypt i seleccioni 'Sistema' > 'Xifrar la partició/unitat de sistema'. Els següents passos s'aplioquen a l'assistent de creació de volums que apareixerà.\n\n + 5) A l'assisten de creació de volums no seleccioni la opció 'Ocult'. Deixi seleccionada la opció 'Normal' i faci clic a 'Següent'.\n\n + 6) Seleccioni l'opció 'Xifrar la partició de sistema de Windows' i faci clic a 'Següent'.\n\n + 7) Si només hi ha el sistema operatiu ocult i l'esquer instal·lats a l'ordinador, seleccioni l'opció 'Arrencada simple' (si n'hi ha més, ha de seleccionar 'Arrencada múltiple'). Després faci clic a 'Següent'.\n\n + 8) IMPORTANT: en aquest pas HA DE SELECCIONAR ELS MATEIXOS ALGORISMES DE XIFRAT I DE HASH PER EL SISTEMA ESQUER QUE HA seleccionat PEL SISTEMA OCULT! SI NO HO FA AIXÍ, EL SISTEMA OCULT NO SERÀ ACCESSIBLE! Nota: Ha de ser així perquè el sistema operatiu ocult i l'esquer comparteixen el gestor d'arranc, que només pot utilitzar un algorisme seleccionat per l'usuari (hi ha una versió especial del gestor d'arranc per a cada algorisme).\n\n + 9) En aquest pas ha d'escullir la contrasenya pel sistema operatiu esquer. Podrà divulgar aquesta contrasenya a un adversari si li pregunten o l'obliguen a revelar la contrasenya de l'entorn de prearrancada (també pot revelar la contrasenya del volum ocult). L'existència d'una tercera contrasenya (la contrasenya de prearrencada del sistema operatiu ocult) s'ha de mantenir en secret.\n\nImportant: La contrasenya que esculli pel sistema esquer ha de ser substancialment diferent de l'escollida pel volum ocult.\n\n + 10) Segueixi les instruccions restants de l'assisten per tal de xifrar el sistema operatiu esquer.\n\n\n\n + \n\nDesprés de crear el sistema esquer\n------------------------------------------------\n\nDesprés de xifrar el sistema esquer, s'haurà completat el procés de creació d'un sistema operatiu ocult i podrà utilitzar les tres contrasenyes:\n\n1) La contrasenya de prearrancada pel sistema operatiu ocult.\n\n2) La contrasenya de prearrancada pel sistema operatiu esquer.\n\n3) La contrasenya del volum ocult.\n\n + Si vol engegar el sistema operatiu ocult, només ha d'introduïr la contrasenya del sistema operatiu ocult a la pantalla del gestor d'arranc (que apareix quan engega o reinicia l'ordinador).\n\n vol engegar el sistema operatiu esquer, ha d'introduïr la contrasenya del sistema operatiu ocult a la pantalla del gestor d'arranc\n\nEs pot revelar la contrasenya del sistema esquer a qualsevol que el forci a revelar la contrasenya de prearrencada. L'existència del volum ocult (i el sistema operatiu ocult) s'ha de mantenir en secret.\n\n + La tercera contrasenya (la del volum exterior) es pot divulgar a qualsevol que el forci a revelar la contrasenya per la primera partició després de la partició de sistema, on hi ha tant el volum exterior com el volum ocult (que té el sistema operatiu ocult). L'existència del volum ocult (i el sistema operatiu ocult) s'ha de mantenir en secret.\n\n\n + Si revela la contrasenya del sistema operatiu ocult a un adversari i li pregunta perquè l'espai lliure a la partició de sistema (esquer) conté dades aleatòries pot respondre, per exemple: "La partició contenia un sistema xifrat amb el VeraCrypt, però vaig perdre la contrasenya de prearrancada (o el sistema està malmès i no arranca) i he hagut de tornar a instal·lar el Windows i tornar a xifrar la partició"\n\n\n + Si s'han seguit totes les instruccions i s'han seguit les precaucions i requisits que es llisten a la secció 'Requisits de seguretat i precaucions dels volums ocults' del manual d'usuari VeraCrypt hauria de ser impossible provar que el sistema operatiu ocult existeix, encara que el volum exterior estigui muntat o que el sistema operatiu esquer estigui desxifrat o engegat.\n\nSi guarda alguna còpia d'aquest text o l'imprimeix (molt recomanat a no ser que la seva impressora guardi copies dels documents que imprimeix en una unitat interna), hauria de destruïr totes les còpies després de crear el sistema operatiu esquer i d'haver entès tota la informació del text (si es troba una còpia d'aquestes instruccions es podria sospitar que hi ha un sistema operatiu ocult en aquest ordinador).\n\n + ATENCIÓ: SI NO PROTEGEIX EL VOLUM OCULT (per informar-se sobre com fer-ho, pot consultar la secció 'Protecció dels volums ocults contra danys' a la guia d'usuari del VeraCrypt), NO ESCRIGUI AL VOLUM OCULT (el sistema operatiu esquer NO està instal·lat al volum ocult). SI HO FA, POT SOBREESCRIURE I MALMETRE EL VOLUM OCULT (I EL SISTEMA OPERATIU OCULT QUE HI HA A DINS)! + Clonar el sistema operatiu + Als passos següents, el VeraCrypt crearà un sistema operatiu ocult copiant el contingut de la partició de sistema al volum ocult (les dades copiades es xifraran al vol amb una clau de xifrat diferent a la que s'utilitza pel sistema operatiu esquer).\n\nAquest procés es durà a terme a l'entorn de prearrencada (abans d'iniciar el Windows) i pot trigar força estona a acabar-se; diverses hores o dies (depenent de la mida de la partició de sistema i del rendiment de l'ordinador).\n\nPorà interrompre el procés, apagar l'ordinador, engegar el sistema operatiu i després continuar el procés. No obstant, si l'interromp, el procés de copiar el sistema haurà de tornar a començar des del principi (ja que el contingut de la partició de sistema no haurien de canviar durant la còpia). + Vol cancel·lar el procés de creació d'un sistema operatiu ocult?\n\nNota: No podrà continuar aquest procés si el cancel·la ara. + Vol cancelar la prova prèvia de xifrat del sistema? + Ha fallat la prova prèvia de xifrat del sistema. Vol tornar-ho a provar?\n\nSi selecciona 'No', es desinstal·larà el component d'autenticació prearrencada.\n\nNots.\n\n- Si el gestor d'arranc del VeraCrypt no li demana la contrasenya abans d'engegar el Windows és possible que el seu sistema operatiu no engegui des del disc dur on es troba instal·lat. Això no està suportat.\n\n- Si utilitza un algorisme de xifrat que no sigui AES i la prova prèvia falla (i ha introduït la contrasenya) pot ser degut a un controlador defectuós. Seleccioni 'No' i provi de tornar a xifrar la partició/unitat una altre vegada, però utilitzant l'algorisme de xifrat AES (que necessita menys memòria).\n\n- Per a més possibles causes i solucions, vegi: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + La partició/unitat de sistema sembla no estar xifrada (ni parcial ni completament). + La partició/unitat de sistema està xifrada (parcial o completament).\n\nSi us plau, desxifri completament la partició/unitat abans de continuar. Per a fer-ho, seleccioni 'Sistema' > 'Desxifrar la partició/unitat del sistema permenentment'. + Quan la partició/unitat de sistema està xifrada (parcial o completament) no és possible baixar la versió del VeraCrypt (però es pot actualitzar o reinstal·lar la mateixa versió). + La partició de sistema s'està xifrant, desxifrant o modificant d'altre manera. Si us plau, interrompi el procés de xifrat/desxifrat/modificació (o esperi que s'acabi) abans de continuar. + S'està executant una instància de l'assistent de creació de volums VeraCrypt i està preparant o realitzat un xifratge/desxifratge de la partició/unitat de sistema. Abans de seguir, si us plau esperi que acabi o tanqui-la. Si no pot tancar la instància, si us plau reinicii l'ordinador abans de continuar. + No s'ha completat el procés de xifrat o desxifrat de la partició/unitat de sistema. Si us plau, esperi que acabi abans de continuar. + Error: No s'ha completat el procés de xifrat de la partició/unitat. Si us plau, esperi que acabi abans de continuar. + Error: No s'ha completat el procés de xifrat de la partició/unitat. Si us plau, esperi que acabi abans de continuar.\n\nNota: Per continuar el procés, seleccioni 'Volums' > 'Continuar una tasca interrompuda'. + La contrasenya és correcta. El VeraCrypt ha desxifrat la capçalera del volum i ha detectar que és un volum de sistema ocult. No obstant, no pot modificar la capçalera del volum de sistema ocult d'aquesta manera.\n\nPer canviar la contrasenya d'un volum de sistema ocult, engegui el sistema operatiu que hi ha dins el volum i després seleccioni 'Sistema' > 'Canviar contrasenya' des del menú de VeraCrypt.\n\nPer canviar l'algorisma de derivació de la clau de capçalera, engegi el sistema operatiu i després seleccioni 'Sistema' > 'Algorisme de derivació de la clau de capçalera'. + El VeraCrypt no permet el desxifrat in situ de particions de sistema ocultes.\n\nNote: si vol desxifrar la partició de sistema esquer, engegui el sistema esquer i després seleccioni 'Sistema' > 'Desxifra la partició/unitat de sistema permanentment'. + Error: Paràmetre incorrecte/invàlid. + Ha seleccionat una partició o una unitat però en aquests punt l'assistent només pot seleccionar contenidors de fitxers.\n\nVol canviar el mode de l'assistent? + Vol crear un contenidor de fitxers en comptes d'això? + Ha seleccionat la partició/unitat de sistema (o la partició d'arranc) però en aquest punt l'assisten només pot seleccionar particions/unitats que no siguin de sistema\n\nVol configurar la contrasenya de prearrancada el que significa que haurà d'entrar la contrasenya cada vegada abans d'iniciar el Windows) i xifrar la partició/unitat de sistema? + Està segur que vol desxifrar de forma permanent la partició/unitat del sistema? + ATENCIÓ: Si desxifra de forma permanent la unitat/partició de sistema, s'hi escriuran dades sense xifrar.\n\nSegur que vol desxifrar permenentment la unitat/partició de sistema? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + ATENCIÓ: Si utilitza xifrats en cascada per xifrar el sistema es pot trobar amb els següents problemes:\n\n1) El gestor d'arranc del TrueCrypr és més gran del normal i, per tant, no hi ha prou espai a la primera pista de la unitat per la còpia del gestor d'arranc. Per tant, cada cop que es malmeti (cosa que passa sovint, per exemple, durant el procés antipirateria d'alguns programes mal dissenyats), haurà d'utilitzar el disc de recuperació per arrencar o reparar el gestor d'arranc.\n\n2) En alguns ordinadors, engegar després de la hivernació triga molt de temps.\n\nAquests problemes potencials poden evitarse seleccionant un algorisme de xifrat que no sigui en cascada (per exemple, l'AES).\n\nSegur que vol fer servir un xifrat en cascada + Si es troba amb algun dels problemes descrits anteriorment, desxifri la partició/unitat (si està xifrada) i provi de xifrar-la un altre cop fent servir un algorisme de xifrat que no sigui en cascada (per exemple, AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + El número de versió del gestor d'arranc VeraCrypt que ha iniciat aquest sistema és diferent del número de versió del controlador TrueCrtypy (i de les aplicacions VeraCrypt) instal·lat en aquest sistema.\n\nHauria d'executar l'instal·lador (la versió del qual és la mateixa que la del gestor d'arranc) per actualitzar el VeraCrypt en aquest sistema. + El número de versió del gestor d'arranc VeraCrypt que ha iniciat aquest sistema és diferent del número de versió del controlador TrueCrtypy (i de les aplicacions VeraCrypt) instal·lat en aquest sistema. Tingui en compte que versions antigues poden corretgir errors ja resolts en versions poteriors.\n\nSi no ha arrencat des del disc de recuperació, hauria de reinstal·lar o actualitzar el VeraCrypt a la última versió (el gestor d'arranc també s'actualitzarà).\n\nSi ha arrencat des del disc de recuperació, hauria d'actualitzar-lo ('Sistema' > 'Crear un disc de recuperació'). + S'ha actualitzat el gestor d'arranc del VeraCrypt.\n\nÉs molt recomanable crear un nou disc de recuperació (que contingui la nova versió del gestor d'arranc) seleccionant 'Sistema' > 'Crear un disc de recuperació' després de reiniciar l'ordinador. + S'ha actualitzat el gestor d'arranc del VeraCrypt.\n\nÉs molt recomanable engegar el sistema operatiu esquer i crear un nou disc de recuperació (que contingui la nova versió del gestor d'arranc) seleccionant 'Sistema' > 'Crear un disc de recuperació'. + No s'ha pogut actualitzar el gestor d'arranc VeraCrypt. + El VeraCrypt no ha pogut detectar la mida real de la unitat de sistema, i, per tant, s'utilitzarà la mida proporcionada pel sistema operatiu (que pot ser més petita que la real). Tingui en compte que això no és un error del VeraCrypt. + ATENCIÓ: Sembla que el VeraCrypt ja ha intentat detectar sectors ocults en aquesta unitat de sistema. Si s'ha trobat amb algun problema durant els anteriors processos de selecció pot evitar els problemes saltant-se la detecció de sectors ocults. Tingui en compte que si ho fa, el VeraCrypt utilitzarà la mida proporcionada pel sistema operatiu (que pot ser més petita que la real)\n\nTingui en compte que això no és un error del VeraCrypt. + Saltar-se la detecció de sectors ocults( s'utilitzarà la mida proporcionada pel sistema operatiu) + Tornar a provar de detectar sectors ocults + Error: No es pot llegir el contingut d'un o més sectors del disc (probablement per un defecte físic al disc).\n\nEl procés de xifrat in-situ pot continuar només quan els sectors tornin a ser llegibles. El VeraCrypt pot intentar fer aquests sectors llegibles escribint-hi zeros. No obstant, tingui en compte que es perdran totes les dades que hi haguessin als sectors il·legibles. Per evitar això, pot provar de recuperar les porcions corruptes fent servir les eines de tercers adecuades.\n\nNota: En cas de sectors malmesos físicament (en comptes de simplement dades corrputes i errors de comprovació) la majoria de tipus de dispositius d'emmagatzematge reubiquen internament el contingut que s'hi inenta escriure (i per tant les dades que hi ha als sectors malmesos poden restar sense xifrar).\n\nVol que el VeraCrypt ompli de zeros els sectors il·legibles? + Error: No es pot llegir el contingut d'un o més sectors del disc (probablement per un defecte físic al disc).\n\nPer poder seguir amb el procés de desxifrat, el VeraCrypt haurà de descartar el contingut dels sector il·legibles (el contingut es canviarà per dades pseudoaleatòries). Després de fer això podrà intentar recuperar porcions de qualsevol dada corrupta utilitzat el programari de tercers apropiat.\n\nVol que el VeraCrypt descarti les dades dels sectors il·legibles? + Nota: El VeraCrypt ha substituït el contingut de %I64d sector(s) (%s) amb blocs de zeros xifrats. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Introdueixi la contrasenya/PIN pel testimoni '%s': + Per tal que el VeraCrypt pugui accedir a un testimoni de seguretat o a una targeta intel·ligent és necessàri instal·lar una biblioteca PKCS #11 per a aquests dispositius. Aquesta biblioteca pot ser subministrada amb el dispositiu o pot estar disponible per a descarregar del lloc web del proveïdor o de tercers.\n\nDesprés d'instal·lar la bilioteca, pot seleccionar-la manualment fent clic a 'Buscar biblioteca' o pot deixar que el VeraCrypt la busqui i seleccioni automàticament fent clic a 'Detectar automàticament' (només es buscarà al directòri de sistema de windows). + Nota: Per saber el nom de fitxer i la ubicació de la bilioteca PKCS #11 pel seu testimoni de seguretat o targeta intel·ligent vegeu la documentació proporcionada amb el testimoni, targeta o programari de tercers. + Per tal que el VeraCrypt pugui accedir a un testimoni de seguretat o a una targeta intel·ligent és necessàri instal·lar una biblioteca PKCS #11 per a aquests dispositius. Per fer-ho, seleccioni 'Configuració' > 'Testimonis de seguretat'. + No s'ha pogut inicialitzar la biblioteca PKCS #11 del testimoni de seguretat. Si us plau, asseguri's que la ruta i el nom del fitxer apunten a una biblioteca vàlida. Per especificar una biblioteca PKCS #11 seleccioni 'Configuració' > 'Testimonis de seguretat'. + No s'ha trobat cap biblioteca PKCS #11 al directòri de sistema de Windows.\n\nSi us plau, asseguri's que la biblioteca PKCS #11 pel seu testimoni de seguretat (o targeta intel·ligent) està instal·lada (aquest tipus de biblioteques acostumes a subministrar-se amb el testimoni/targeta o es poden descarregar des del lloc web del fabricant o de tercers). Si està instal·lada en un directori diferent al de sistema de Windows, faci clic a 'Buscar biblioteca' per buscar-la (per exemple, al directòri on hi ha instal·lat el programari pel testimoni/targeta). + No s'ha trobat cap testimoni de seguretat.\n\nSi us plau, asseguri's que el testimoni està connectat a l'ordinador i que el controlador de dispositius adecuat està instal·lat. + No es troba el fitxer de claus del testimoni. + Ja existeix un fitxer de claus del testimoni de seguretat amb el mateix nom. + Vol esborrar els fitxers seleccionats? + La ruta del fitxer de claus del testimoni de seguretat no és vàlida. + Error del testimoni de seguretat + La contrasenya del testimoni de seguretat no és vàlida. + El testimoni de seguretat no té prou memòria/espai per realitzar l'operació demanada.\n\nSi està intentant importar un fitxer de claus, hauria de seleccionar un fitxer més petit o fer servir un fitxer de claus generat pel VeraCrypt ('Eines' > 'Generar fitxers de claus'). + S'han tancat totes les sessions de testimonis de seguretat. + Seleccionar fitxers de claus + Ranura + Nom del testimoni + Fitxer + IMPORTANT: Si us plau, tingui en compte que la contrasenya de l'autenticació prearrencada sempre s'escriu fent servir la disposició de teclat estàndard als EUA. Per tant, un volum que utilitzi una contrasenya escrita amb una altre disposició de teclat pot ser impossible de muntar utilitzant la contrasenya a l'autenticació prearrencada (tingui en compte que això no és un error del VeraCrypt). Per permetre que aquest volum es pugui muntar utilitzant la contrasenya d'autenticació prearrencada, segueixi aquests passos:\n\n1) Faci clic a 'Triar fitxer' o 'Triar dispositiu' i seleccioni el volum.\n2) seleccioni 'Volums' > 'Canviar la contrasenya del volum'.\n3) Introdueixi la contrasenya actual del volum.\n4) Canvii la disposició de teclat a Anglès (EUA) fent clic a l'icona d'idioma a la barra de tasques de Windows i seleccionant 'EN English (United States)'.\n5) Al VeraCrypt, al camp per la nova contrasenya, escrigui la contrasenya de prearrencada.\n6) Confirmi la nova contrasenya tornant a escriure-la al camp de confirmació i faci clic a 'OK'.\nATENCIÓ: Si us plau, recordi que si segueix aquests passos, la contrasenya del volum sempre s'haurà d'escriure fent servir la disposició de teclat estàndard als EUA (que només està garantit a l'entorn de prearrencada). + Els volums favorits del sistema es muntaran utilitzant la contrasenya de prearrancada. Si algun volum favorit del sistema no fa servir aquesta contrasenya, no es muntarà + Tingui en compte que per evitar que les accions normals del VeraCrypt (com ara 'Desmuntar-ho tot', desmuntar automàticament, etc.) afectiu als volums favorits del sistema ha d'activar la opció 'Permetre veure i desmuntar els favorits del sistema al VeraCrypt només als administradors'. A més d'això, quan s'executi el VeraCrypt sense permisos d'administrador (per defecte en un Windows Vista o superior) els volums favorits del sistema no es mostraran a la llista de lletres d'unitat a la finestra principal del VeraCrypt. + IMPORTANT: Recordi que si aquesta opció està activada i el VeraCrypt no té privilegis d'administrador, els volums favorits del sistema no es mostraran a la llista de lletres d'unitat a la finestra principal del VeraCrypt i no es podran desmuntar. Per tant, si necessita, per exemple, desmuntar un volum favorit del sistema, faci clic amb el botó dret a la icona del VeraCrypt al menú d'inici i seleccioni 'Executar com a administrador'. La mateixa limitació s'aplica la funció 'Desmuntar-ho tot', la funcio de desmuntar automàticament, la drecera de 'Desmuntar-ho tot', etc. + Tingui en compte que aquesta configuració s'aplicarà després de reiniciar el sistema. + Error analitzant la línia de comandes. + Disc de recuperació + Triar &fitxer i muntar-lo... + Triar &dispositiu i muntar-lo... + Permetre veure i desmuntar els favorits del sistema al VeraCrypt només als administradors + Muntar els volums favorits del sistema quan s'engegui el Windows (a la fase inicial del procés d'arrencada) + ATENCIÓ: El sistema de fitxers muntat com a '%s' no s'ha desmuntat netament i pot contenir error. Utilitzar un sistema de fitxers corrupte pot causar la pèrdua o la corrupció de els dades.\n\n:Abans de treure o apagar físicament un dispositiu (com un llàpis òptic o un disc dur extern) on hi ha un volum VeraCrypt, hauria de desmuntar sempre primer el volum al VeraCrypt.\n\nVol que el Windows intenti detectar i arreglar els errors del sistema de fitxers? + ATENCIÓ: Un o més dels volums favorits del sistema no s'han desmuntat netament i poden contenir error. Si us plau, consulti el registrre de successos del sistema per a més detalls.\n\nUtilitzar un sistema de fitxers corrupte pot causar la pèrdua o la corrupció de els dades. Hauria de revisar els volums de sistema afectats en busca d'errors (fer clic dret a sobre dells al VeraCrypt i seleccionar 'Reparar sistema de fitxers'). + ATENCIÓ: Reparar un sistema de fitxers malmès utilitzant l'eina 'chkdsk' de Microsoft pot provocar la pèrdua de fitxers a les àreas afectades. Per tant, és recomanable que primer faci una còpia de seguretat dels fitxers guardat en un volum en un altre volum.\n\nVol reparar el sistema de fitxers? + El volum '%s' s'ha muntat en mode de només lectura perquè s'ha denegat l'accés.\n\nSi us plau assegui's que els permisos de seguretat del fitxer contenidor li permeten escriure-hi (faci clic dret sobre el contenidor i seleccioni 'Propietats' > 'Seguretat').\n\nTingui en compte que, degut a un error de Windows, pot ser que li aparegui aquesta alerta fins i tot després d'assignar els permisos corretes. Això no és causa d'un error al VeraCrypt. Una possible solució és moure el cotnenidor, per exemple, a la seva carpeta de documents.\n\nSi intenta mantenir el seu contenidor en mode de només lectura, estableixi l'atribut de només lectura al contenidor (faci clic dret sobre el contenidor i seleccioni 'Propietats' > 'Només lecura'), la qual cosa anularà aquesta alerta. + El volum '%s' s'ha muntat en mode només lectura perquè s'ha denegat l'escriptra.\n\nSi us plau, asseguri's que cap altre aplicació (com ara un antivirus) està accedint a la partició/unitat on hi ha el volum. + El volum '%s' s'ha muntat en mode de només lectura perquè que el seu dispositiu està protegit contra escriptura.\n\nSi us plau, tingui en compte que alguns jocs de xips poden causar que els mitjants apareguin falsament marcats com a protegits contra escriptura. Això no és causa d'un error al VeraCrypt. Això es pot solucionar actualitzant o desinstal·lant qualsevol controlador del joc de xips que estigui instal·lat i no sigui de Microsoft. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d fils + Tingui en compte que l'acceleració per maquinari de l'AES està desactivada, la qual cosa afecta al resultat de les proves (menys rendiment).\n\nPer activar l'acceleració per maquinari seleccioni 'Configuració' > 'Rendiment' i activi l'opció corresponent. + Tingui en compte que el número de fils està actualment limitat, la qual cosa afecta al resultat de les proves (menys rendiment).\n\nPer utilitzar tota la potencia del(s) processador(s) seleccioni 'Configuració' > 'Rendiment' i desactivi l'opció corresponent. + Vol que el VeraCrypt intenti desactivar la protecció d'escriptura de la partició/unitat? + ATENCIÓ: Aquesta configuració pot afectar al rendiment.\n\n Segur que vol utilitzar-la? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Prova + Fitxer de claus + Retrocés + Tabulació + Netejar + Retorn + Pausa + Fixació de majúscules + Espai + Retrocedir pàgina + Avançar pàgina + Fi + Inici + Esquerra + Amunt + Dreta + Avall + Seleccionar + Imprimir + Tecla d'execució + Imprimir pantalla + Insertar + Esborrar + Applications Key + Suspendre + Fixació de teclat numèric + Bloquejar desplaçament + Enrera al navegador + Endavant al navegaodr + Torna a carregar al navegador + Aturar al navegador + Buscar al navegador + Favorits del navegador + Pàgina d'inici + Silenci + Abaixar volum + Apujar volum + Següent cançó + Cançó anterior + Aturar reproducció + Iniciar/pausar reproducció + Correu electrònic + Escollir element a reproduïr + Aplicació 1 + Aplicació 2 + Attn + CrSel + ExSel + Reproduïr + Apropar + Teclat numèric + Majúscules + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.cs.xml b/Translations/Language.cs.xml index 129088b2..d52b22d1 100644 --- a/Translations/Language.cs.xml +++ b/Translations/Language.cs.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Zrušit - &Instalovat pro všechny uživatele - P&rocházet… - Přidat ikonu VeraCrypt na p&lochu - Podpořte nás... - Asociovat pří&ponu .hc s programem VeraCrypt - &Otevřít cílovou složku po dokončení - Přidat VeraCrypt do &Start menu - Vytvořit bod o&bnovení - Odinsta&lovat - &Rozbalit - &Instalovat - Průvodce instalací programu VeraCrypt - Odinstalovat VeraCrypt - &Nápověda - Vyberte nebo zadejte prosím složku, kam chcete umístit rozbalené soubory: - Vyberte nebo zadejte prosím složku, kam chcete program Veracrypt nainstalovat. Pokud daná složka neexistuje, bude automaticky vytvořena. - Klikněte Odinstalovat pro odstranění programu VeraCrypt z tohoto systému. - Přerušit - &Test výkonu - &Otestovat - Vytvořit zašifrovaný svazek a naformátovat ho - Zašifrovat existující oddíl - Zobrazit generované klíče (jejich části) - Zobrazit generovaný obsah - Stáhnout software pro vypalování CD/DVD - Vytvořit zašifrovaný souborový svazek - &GB - &TB - Více informací - S&krytý svazek VeraCrypt - Více informací o skrytých svazcích - Přímý mód - Normální mód - &KB - &Použít souborové klíče - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - Souborové &klíče… - Informace o hash. algoritmech - Více informací - Information on PIM - &MB - Více informací - Více informací o zašifrování systému - Více informací - Vícesystémové bootování - Zašifrovat nesystémový oddíl/disk - Neukládat &historii - Otevřít vnější svazek - &Pauza - Use P&IM - Use PIM - Rychle zformátovat - &Ukázat heslo - &Zobrazit heslo - &Display PIM - Jednoduché bootování - Standardní svazek VeraCrypt - S&krytý - Normální - Zašifrovat celý oddíl nebo systémový disk - Zašifrovat systémový oddíl s Windows - Zašifrovat celý disk - Průvodce vytvořením svazku VeraCrypt - Cluster - DŮLEŽITÉ: Pohybujte s myší v tomto okně co nejnáhodněji. Čím déle s ní budete hýbat, tím lépe. Kryptografická síla šifrovacích klíčů se tím výrazně zvýší. Pro pokračování klikněte na Další. - &Potvrdit: - Hotovo - Drive letter: - Šifrovací algoritmus - Systém souborů - Vytvoří virtuální zašifrovaný disk uvnitř souboru. Doporučené pro nezkušené uživatele. - Předvolby - Hashovací algoritmus - Klíč hlavičky: - Zbývá - Hlavní klíč: - Vyberte tuto volbu, je-li na tomto počítači nainstalováno více operačních systémů.\n\nNapříklad:\n- Windows XP a Windows XP\n- Windows XP a Windows Vista\n- Windows a Mac OS X\n- Windows a Linux\n- Windows, Linux a Mac OS X - Zašifruje nesystémový oddíl na jakémkoliv interním nebo externím disku (např. flash disk). Volitelně může vytvořit skrytý svazek. - Momentálně generovaný obsah (částečný) - Schváleno - Heslo: - Volume PIM: - Volume PIM: - Průběh: - Náhodný výběr: - Vyberte tuto volbu, pokud je na tomto počítači nainstalován pouze jeden operační systém (i v případě, že má více uživatelů). - Rychlost - Stav - Klíče, sůl (=náhodná data), a další data byla úspěšně vygenerována. Chcete-li vygenerovat nové klíče, vyberte Zpět a poté Další. Jinak klikněte na Další pro pokračování. - Zašifruje oddíl/disk, kde jsou nainstalovány Windows. Kdokoliv kdo bude chtít získat přístup a používat systém, číst a zapisovat soubory atd., musí zadat správné heslo před každým naběhnutím Windows. Volitelně lze vytvořit skrytý systém. - Zvolte tuto možnost pro zašifrování oddílu, kde je aktuálně nainstalován operační systém Windows. - Volume Label in Windows: - Čistící mód: - Zavřít - Povolit přeskočení před-bootovací &autentifikace stisknutím klávesy Esc (zapne boot manažera) - Nedělat nic - &Automaticky připojit svazek VeraCrypt (uvedeno níže) - &Spustit VeraCrypt - &Detekovat knihovny automaticky - &Ukládat před-bootovací autentifikační heslo v mezipaměti ovladače (pro připojení nesystémových svazků) - Procházet… - Procházet… - Ukládat &hesla a soub. klíče do mezipaměti - Skončit pokud neexistuje žádný připoj. svazek - &Zavřít relaci tokenu (odhlášení) po úspěšném odpojení svazku - Include VeraCrypt Volume Expander - Zahrnout průvodce vytvořením svazku VeraCrypt - Vytvořit - V&ytvořit svazek - &Nezobrazovat žádné texty na před-bootovací autentifikační obrazovce (kromě volitelného textu níže) - Disable "Evil Maid" attack detection - Urychlit AES šifrování/dešifrování použitím AES instrukcí procesoru (jsou-li k dispozici) - Použít soubor. klíče - Použít soubor. klíče - &Konec - Nápověda k oblíbeným svazkům - Nepřipojovat vybraný svazek, pokud dojde ke zmáčknutí zkratkové &klávesy pro 'Připojit oblíbené svazky' - Připojit vybraný svazek, dojde-li k připojení jeho hostitelského &zařízení - Připojit vybraný &svazek při přihlášení - Připojit &vybraný svazek pouze pro čtení - Připojit vybraný svazek jako &odpojitelné médium - Posunout &dolů - Posunout &nahoru - Otevřít okno p&růzkumníka pro vybraný svazek, dojde-li k úspěšnému připojení - &Odstranit - Use favorite label as Explorer drive label - Globální nastavení - Zobrazit bublinovou nápovědu po úspěšném odpojení - Přehrát zvuk systémové notifikace po úspěšném odpojení - Alt - Ctrl - Shift - Win - Přiřadit - Odstranit - Soubor. klíče… - Nepoužívat následující počet procesorů pro šifrování/dešifrování: - Více informací - Více informací - Více informací... - &Autom. připojit zařízení - Volby připojení - Připojit svazek jen &pro čtení - Soubor. klíče… - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Povoleno - Ukládat hesla do paměti ovladače - Autom. odpojit svazek pokud z/do něj nebylo čteno/zapisováno - Uživatel se odhlašuje - User session locked - Přecházím do úsporného režimu - Je spuštěn spořič obrazovky - Vynutit automatické odpojení, i když svazek obsahuje otevřené soubory nebo adresáře - Připojit všechny svazky na zařízeních - Spustit VeraCrypt službu na pozadí - Připojit svazky jen pro čtení - Připojit svazky jako výměnná média - Otevřít okno Průzkumníka pro úspěšně připojený svazek - Temporary Cache password during "Mount Favorite Volumes" operations - Použít jinou ikonu na hlavním panelu, pokud jsou k dispozici připojené svazky - Odstranit hesla z mezipaměti a automaticky odpojit - Odstranit hesla z mezipaměti při ukončení - Zachovat časové razítko změny souborového svazku - Vymazat - Vybrat &zařízení… - Vybrat &soubor… - Vybrat &knihovnu... - Zobrazit heslo - Zobrazit heslo - Otevřít okno &Průzkumníka pro připojený svazek - &Ukládat hesla do mezipaměti - TrueCrypt Mode - O&dpojit vše - Vlastnos&ti svazku… - &Nástroje svazku… - Vyčistit &mezipaměť - VeraCrypt - Mount Parameters - VeraCrypt - Oblíbené svazky - VeraCrypt - Systémové klávesové zkratky - VeraCrypt - Změnit heslo nebo souborové klíče - Zadejte heslo svazku VeraCrypt - VeraCrypt - Volby výkonu - VeraCrypt - Předvolby - VeraCrypt - Volby systémového šifrování - VeraCrypt - Volby bezpečnostního tokenu - Nastavení cestovního disk VeraCrypt - Vlastnosti svazku VeraCrypt - O aplikaci… - Přidat/Odebrat souborové klíče do/z svazku… - Přidat připojený oddíl do Oblíbených.. - Přidat připojený oddíl do Systémových oblíbených... - Analyzovat pád systému... - Zálohovat hlavičku svazku… - Test rychlosti… - Zadat derivační algoritmus pro klíč hlavičky… - Změnit heslo svazku… - Zadejte hlavičku klíče derivačního algoritmu… - Změnit heslo… - Vymazat historii svazku - Zavřít všechny relace bezpečnostních tokenů - Kontakt… - Vytvořit skrytý operační systém... - Vytvořit záchranný disk… - Vytvořit nový svazek… - Permanently Decrypt... - Výchozí souborové klíče… - Default Mount Parameters... - Podpořte nás... - Zašifrovat systémový oddíl/disk… - Často kladené dotazy - Uživatelská příručka - &Domovská stránka - Klávesové zkratky… - Generátor souborového klíče - Jazyk… - Licence - Spravovat souborové klíče bezpečnostních tokenů... - Automaticky připojit všechny svazky na zařízení - Připojit oblíbené svazky - Připojit bez před-bootovací &autentifikace... - Připojit svazek - Připojit svazky s předvolbami - Novinky - Online nápověda - Návod pro začátečníky - Uspořádat Oblíbené svazky... - Uspořádat Oblíbené systémové svazky... - Výkon... - Natrvalo dešifrovat systémový oddíl/disk - Předvolby… - Obnovit písmena disků - Odstranit všechny souborové klíče ze svazku… - Obnovit hlavičku svazku… - Obnovit přerušený proces - Vybrat zařízení… - Vybrat soubor… - Obnovit přerušený proces - Systémové šifrování... - Vlastnosti... - Předvolby... - Oblíbené systémové svazky... - Ke stažení - Testovací vektory… - Bezpečnostní tokeny... - Cestovní disk… - Odpojit všechny připojené svazky - Odpojit svazek - Ověřit záchranný disk - Verify Rescue Disk ISO Image - Historie verzí - Volume Expander - Vlastnosti svazku - Průvodce vytvořením svazku - Domovská stránka VeraCrypt - Odstranit hesla z mezipaměti - OK - Hardwarová akcelerace - Klávesová zkratka - Konfigurace automatického spouštění (autorun.inf) - Automatické odpojení - Odpojit vše když: - Volby obrazovky bootovacího zavaděče - Potvrdit heslo: - Aktuální - Zobrazit volitelný text na obrazovce s před-bootovací autentifikací (maximálně 24 znaků): - Výchozí předvolby připojení - Předvolby klávesových zkratek - Driver Configuration - Enable extended disk control codes support - Jmenovka vybraného oblíbeného svazku: - Nastavení souboru - Klávesa k přiřazení: - Procesor (CPU) v tomto počítači podporuje hardwarovou akceleraci pro AES: - Akce k provedení po přihlášení do Windows - minut - Připojit svazek s písm. disku: - Předvolby připojování - Nové - Heslo: - Paralelizace založená na vláknech - PKCS #11 cesta ke knihovně - PKCS-5 PRF: - PKCS-5 PRF: - Mezipaměť pro hesla - Volby zabezpečení - VeraCrypt služba na pozadí - Svazek VeraCrypt, který má být připojen (relativní ke kořeni cest. disku): - Po připojení cestovního disku: - Vytvořit soubory cestovního disku v (kořenový adresář cestovního disku): - Svazek - Windows - Přidat &cestu… - &Auto-test všech - &Pokračovat - &Dešifrovat - &Smazat - Š&ifrovat - &Exportovat... - Generovat a uložit souborový klíč… - &Generovat náhodný soub. klíč… - Stáhnout jazykový balíček - Hardwarová akcel. AES: - &Importovat soub. klíč do tokenu... - Přidat &soubory... - &Použít souborové klíče - Soubor. k&líče… - &Odstranit - Odstranit &všechny - Co je ochrana skrytého svazku? - Více informací o souborových klíčích - Připojit svazek jako výměnné &médium - Připojit oddíl s &použitím systémového šifrování bez před-bootovací autentifikace - Paralelizace: - Test rychlosti - &Tisknout - &Chránit skrytý svazek proti poškození způsob. zápisem do vnějšího svazku - &Vynulovat - &Zobrazit heslo - &Soubor tokenu... - Použít záložní hlavičku uloženou ve svazku, &pokud je to možné - XTS mód - O programu VeraCrypt - VeraCrypt - test rychlosti šifrovacích algoritmů - VeraCrypt - test vektorů - Nápověda příkazové řádky - VeraCrypt - souborové klíče - VeraCrypt - generátor souborových klíčů - VeraCrypt - jazyk - VeraCrypt - volby připojení - Vlastnosti nového souborového klíče tokenu - VeraCrypt - rozšíření náhodné oblasti - Vyberte oddíl nebo zařízení - VeraCrypt - Bezpečnostní souborové klíče tokenu - Je nutné bezpečnostní heslo/PIN tokenu - Aktivní jazykový balíček - Rychlost je ovlivněna zátěží procesoru a vlastnostmi úložného zařízení.\n\nTyto testy probíhají v paměti RAM. - Velikost bufferu: - Algoritmus: - H&eslo pro skrytý svazek:\n(mezipam., když je prázdné) - Ochrana skrytého svazku - Velikost klíče: - DŮLEŽITÉ: Pohybujte s myší v tomto okně co nejnáhodněji. Čím déle s ní budete hýbat, tím lépe. Kryptografická síla souborového klíče se tak výrazně zvýší. - VAROVÁNÍ: Ztratíte-li soub. klíč nebo změní-li se jediný bit z prvních 1024 kilobytů, bude nemožné připojit svazek používající soubor. klíč! - bitů - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Přeložil: - Velikost textu: - bitů - Aktuální generovaný obsah - Mixovací PRF: - DŮLEŽITÉ: Pohybujte co nejrůzněji s myší v tomto okně. Čím déle s ní budete pohybovat, tím lépe. Tím zvýšíte bezpečnost. Až budete hotovi, klikněte na 'Pokračovat'. - Sekundární klíč (hexadecimálně) - Bezpečnostní token: - Metoda třídění: - Čekejte prosím. Tento proces může trvat delší dobu... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Číslo bloku: - Šifrovaný text (hexadecimálně) - Číslo datové jednotky (64-bit hexadecimálně, velikost datové jednotky je 512 bajtů) - Klíč (hexadecimálně) - Obyčejný text (hexadecimálně) - Jméno soub. klíče: - XTS mód - S&ystém - &Svazky - &Oblíbené - &Nástroje - N&astavení - Náp&ověda - &Domovská stránka - - &O aplikaci… - Atribut pro čtení na vašem starém svazku nemohl být změněn. Zkontrolujte prosím přístupová práva k souboru. - Chyba: Přístup odmítnut.\n\nOddíl, na který se snažíte přistupovat má buď 0 sektorů, nebo je to zaváděcí zařízení. - Administrátor - Pro nahrání ovladače VeraCrypt musíte být přihlášeni jako administrátor. - Pro šifrování/formátování oddílu/zařízení musíte být přihlášeni s administrátorskými právy.\n\nTo se netýká svazků, které jsou vytvořeny ze souborů. - Pro vytvoření skrytého svazku musíte být přihlášeni s administrátorskými právy.\n\nPokračovat? - Pro zformátování svazku systémem NTFS musíte být přihlášeni s administrátorskými právy.\n\nBez administrátorských práv můžete svazek zformátovat systémem souborů FAT. - Šifra povolená FIPS (Rijndael, zveřejněno v roce 1998) kterou mohou používat úřady a agentury vlády Spojených států k ochraně utajovaných informací až k úrovni přísně tajné. 256-bitový klíč, 128-bitové bloky, 14 iterací (AES-256). Operační mód je XTS. - Svazek je již připojen. - UPOZORNĚNÍ: Alespoň jeden šifrovací nebo hashovací algoritmus selhal při interním automatickém testování!\n\nVeraCrypt instalace může být poškozena. - UPOZORNĚNÍ: Ve shromažďovači náhodných čísel není dost informací k poskytnutí požadovaného množství náhodných dat.\n\nDále byste neměli pokračovat. Vyberte 'Ohlásit chybu' z menu Nápovědy a oznamte tuto chybu. - Disk je poškozený (je na něm fyzická vada) nebo je poškozený kabel nebo selhává paměť.\n\nJde o problém s vaším hardwarem, nikoliv s programem VeraCrypt. Proto tuto skutečnost NEHLAŠTE jako vadu/problém v programu VeraCrypt a NEŽÁDEJTE o pomoc s tímto problémem na VeraCrypt fórech. Kontaktujte, prosím, oddělení podpory vašeho dodavatele PC pro další pomoc. Děkujeme.\n\nPoznámka: Pokud se chyba opakuje na tom samém místě, je to pravděpodobně způsobeno špatným blokem na disku, což by mělo být možné opravit použitím softwaru třetí strany (v mnoha případech nestačí příkaz 'chkdsk /r', protože funguje jen na úrovní operačního systému; nástroj 'chkdsk' tuto chybu v některých případech ani nenajde). - Pokud přistupujete k výměnnému médiu, ujistěte se prosím, že je médium vloženo. Zařízení/medium může být také poškozené (může se jednat o jeho fyzickou vadu) nebo může být poškozen/odpojen kabel. - Váš systém pravděpodobně používá upravený ovladač chipsetu, který obsahuje chybu. Ta zabraňuje zašifrování celého systémového disku.\n\nNež budete pokračovat, pokuste se aktualizovat nebo odinstalovat jakékoliv upravené ovladače chipsetu (ne-Microsoftí). Pokud to nepomůže, pokuste se zašifrovat pouze systémový oddíl. - Neplatné písmeno disku. - Neplatná cesta. - Zrušit - Zařízení není přístupné. Ujistěte se, že vybrané zařízení existuje a není používáno systémem. - UPOZORNĚNÍ: Caps Lock je zapnutý. To by mohlo způsobit zadání špatného hesla. - Typ svazku - Může se stát, že budete někým donuceni prozradit heslo k zašifrovanému svazku. Je mnoho situací, kdy nemůžete odmítnout prozradit heslo (například kvůli vydírání). Použitím tzv. skrytého svazku vám pomůže vyřešit takovéto situace bez prozrazení hesla k vašemu svazku. - Vyberte tuto volbu, chcete-li vytvořit normální svazek VeraCrypt. - Chcete-li nainstalovat operační systém na skrytý svazek, pak nelze zašifrovat celý systémový disk použitím jednoho klíče. - Šifrovací předvolby vnějšího svazku - Šifrovací předvolby skrytého svazku - Předvolby šifrování - UPOZORNĚNÍ: Nepodařilo se vyčistit cestu naposledy vybraného svazku/souborového klíče (zapamatované při výběru souboru)! - Chyba: Souborový svazek byl zkomprimován na úrovni systému souborů. VeraCrypt nepodporuje zkomprimované souborové svazky (poznámka: komprese zašifrovaných dat je neefektivní a zbytečná).\n\nVypněte, prosím, kompresi pro souborový svazek dle následujících kroků: 1) Klikněte pravým tlačítkem myši na souborový svazek v Průzkumníku Windows (ne v programu VeraCrypt). 2) Vyberte 'Vlastnosti'. 3) V dialogovém okně 'Vlastnosti' klikněte 'Upřesnit'. 4) V dialogovém okně 'Upřesnit atributy', zrušte volbu 'Komprimovat obsah a šetřit tak místo na disku' a klikněte 'OK'. 5) V dialogovém okně 'Vlastnosti' klikněte 'OK'. - Vytvoření svazku %s selhalo - Velikost %s je %.2f bajtů - Velikost %s je %.2f KB - Velikost %s je %.2f MB - Velikost %s je %.2f GB - Velikost %s je %.2f TB - Velikost %s je %.2f PB - VAROVÁNÍ: Zařízení/oddíl je používán operačním systémem nebo aplikacemi. Formátování zařízení/oddílu může způsobit poškození dat nebo systémovou nestabilitu.\n\nPokračovat? - Varování: Oddíl je právě používán operačním systémem nebo aplikacemi. Měli byste zavřít všechny aplikace, které by mohly oddíl používat (včetně antivirového programu).\n\nPokračovat? - Chyba: Zařízení/oddíl obsahuje souborový systém, který nelze připojit. Systém souborů může být používán operačním systémem. Formátování zařízení/oddílu by pravděpodobně způsobilo poškození dat a systémovou nestabilitu.\n\nPro vyřešení tohoto problému doporučujeme nejdříve smazat oddíl a poté ho znovu vytvořit bez formátování. Postupujte následovně: 1) Pravý-klik myši na ikonu 'Počítač' (nebo 'Tento počítač') ve 'Start' menu a vyberte 'Spravovat'. Objeví se okno 'Správa počítače'. 2) V okně 'Správa počítače' vyberte 'Uložení' > 'Správa disků'. 3) Pravý-klik myši na oddíl, který chcete zašifrovat a vyberte buď 'Smazat oddíl' nebo 'Smazat svazek' nebo 'Smazat logický disk'. 4) Klikněte 'Ano'. Pokud se Windows zeptají na restart počítače, učiňte tak. Poté zopakujte kroky 1 a 2 a pokračujte od kroku 5. 5) Pravý-klik na nealokované/volné místo a vyberte buď 'Nový oddíl' nebo 'Nový obyčejný svazek' nebo 'Nový logický disk'. 6) Objeví se okno 'Průvodce vytvořením nového oddílu' nebo 'Průvodce nového jednoduchého svazku'; následujte jejich instrukce. Na stránce průvodce nazvané 'Zformátovat oddíl' vyberte buď 'Neformátovat tento oddíl' nebo 'Neformátovat tento svazek'. Ve stejném průvodci klikněte 'Další' a poté 'Dokončit'. 7) Cesta k zařízení, kterou jste vybrali v programu VeraCrypt může být nyní špatně. Ukončete proto průvodce vytvořením oddílu VeraCrypt (pokud stále běží) a spusťte ho znovu. 8) Zkuste zašifrovat zařízení/oddíl znovu.\n\nPokud VeraCrypt opakovaně selhává při šifrování zařízení/oddílu, zvažte místo toho vytvoření souborového svazku. - Chyba: Systém souborů nemohl být uzamknut a/nebo odpojen. Možná je používán operačním systémem nebo aplikacemi (např. antivirový program). Zašifrování oddílu může způsobit poškození dat a systémovou nestabilitu.\n\nZavřete, prosím, všechny aplikace, které mohou používat systém souborů (včetně antivirového programu) a zkuste to znovu. Pokud to nepomůže, následujte kroky uvedené níže. - UPOZORNĚNÍ: Některé z připojených zařízení/oddílů byly již používány!\n\nIgnorování může způsobit nežádoucí následky včetně nestability systému.\n\nDůrazně doporučujeme zavřít všechny aplikace, které by mohly zařízení/oddíly používat. - Vybrané zařízení obsahuje oddíly.\n\nZformátování zařízení by mohlo způsobit systémovou nestabilitu a/nebo poškození dat. Vyberte prosím oddíl na zařízení nebo odstraňte všechny oddíly na zařízení, aby ho mohl VeraCrypt bezpečně zformátovat. - Vybrané ne-systémové zařízení obsahuje oddíly.\n\nZašifrované svazky umístěné na zařízeních mohou být vytvořeny na zařízeních, které neobsahují žádné oddíly (včetně pevných disků a solid-state disků). Zařízení, které obsahuje oddíly, může být úplně zašifrováno ta, jak je (s použitím jednoho hlavního klíče) pouze tehdy, pokud se jedná o jednotku, kde jsou nainstalovány Windows a pokud z této jednotky také bootují.\n\nPokud chcete zašifrovat vybrané ne-systémové zařízení s použitím jednoho hlavního klíče, musíte na zařízení nejprve odstranit všechny oddíly, aby mohl VeraCrypt toto zařízení bezpečně naformátovat (formátování zařízení, které obsahuje oddíly, může způsobit systémovou nestability a/nebo poškození dat). Případně můžete zašifrovat každý oddíl na disku zvlášť (každý oddíl bude zašifrován jiným hlavním klíčem).\n\nPoznámka: Pokud chcete odstranit všechny oddíly z GPT disku, je možné, že ho budete nejprve muset převést na MBR disk (s použitím např. nástroje Správy počítače), abyste mohli odstranit skryté oddíly. - Varování: Pokud zašifrujete celé zařízení (oproti zašifrování pouze jednoho oddílu na něm), operační systém bude zařízení považovat za nové, prázdné a nenaformátované (protože nebude obsahovat žádnou tabulku oddílů) a může tak spontánně inicializovat toto zařízení (nebo se vás zeptá, zda tak chcete učinit), což může svazek poškodit. Navíc, nebude možné trvale připojovat svazek jako oblíbený (např. pokud se změní číslo jednotky) nebo mu přidělit jmenovku oblíbeného svazku.\n\nAbyste se tomu vyhnuli, zvažte, zda místo toho nechcete na zařízení vytvořit pouze oddíl a pak ho zašifrovat.\n\nJste si jisti, že chcete zašifrovat celé zařízení? - DŮLEŽITÉ: Mějte prosím na paměti, že tento svazek NEMŮŽE být připojen s použitím písmena jednotky %c:, které má již přiděleno!\n\nPro připojení tohoto svazku klikněte na 'Autom. připojit zařízení' v hlavním okně VeraCryptu (případně v hlavním okně VeraCryptu zvolte 'Vybrat zařízení', pak vyberte oddíl/zařízení a klikněte na 'Připojit'). Svazek bude připojen k jinému písmenu disku, které vyberete ze seznamu v hlavním okně VeraCryptu.\n\nPůvodní písmeno %c: by se mělo použít pouze v případě, že potřebujete z oddílu/zařízení odstranit šifrování (např. pokud již nepotřebujete šifrování). V tom případě klikněte pravým tlačítkem myši na písmeno jednotky %c: v seznamu 'Počítač' (nebo 'Tento počítač') a vyberte 'Formátovat'. V opačném případě by nemělo být písmeno %c: nikdy použito (pokud ho neodstraníte, jak je popsáno ve FAQ VeraCryptu, a nepřiřadíte k jinému oddílu/zařízení). - Šifrování ne-systémových svazků tak, jak jsou, není podporováno pro operační systém, který momentálně používáte (lze tak učinit pouze na Windows Vista a pozdějších verzích Windows).\n\nDůvodem je, že tato verze Windows nepodporuje zmenšování systému souborů (systém souborů musí být zmenšen, aby se vytvořil prostor pro hlavičku svazku a hlavičku se zálohou). - Vybraný oddíl pravděpodobně neobsahuje systém souborů NTFS. Pouze NTFS oddíly mohou být zašifrovány tak, jak jsou.\n\nPoznámka: Důvodem je, že tato verze Windows nepodporuje zmenšování systému souborů (systém souborů musí být zmenšen, aby se vytvořil prostor pro hlavičku svazku a hlavičku se zálohou). - >Vybraný oddíl pravděpodobně neobsahuje systém souborů NTFS. Pouze NTFS oddíly mohou být zašifrovány tak, jak jsou.\n\nPokud chcete vytvořit zašifrovaný svazek VeraCrypt v tomto oddílu, vyberte volbu "Vytvořit zašifrovaný svazek a naformátovat ho" (místo volby "Zašifrovat oddíl tak, jak je"). - Chyba: Oddíl je příliš malý. VeraCrypt ho nemůže zašifrovat tak, jak je. - Pro zašifrování dat na tomto oddílu pokračujte dle následujících kroků:\n\n1) Vytvořte svazek VeraCrypt na prázdném oddílu/zařízení, a pak jej připojte.\n\n2) Zkopírujte všechny soubory z oddílu, který jste původně chtěli zašifrovat, do připojeného oddílu (ten, který jste vytvořili a připojili v kroku 1). Tím vytvoříte VeraCryptem zašifrovanou zálohu dat.\n\n3) Vytvořte svazek VeraCrypt na oddílu, který jste původně chtěli zašifrovat a ujistěte se, že (v průvodci VeraCryptu) vyberete volbu "Vytvořit zašifrovaný svazek a naformátovat ho" (místo volby "Zašifrovat svazek tak, jak je"). Všechna data uložená na oddílu budou smazána. Až bude svazek vytvořen, připojte jej.\n\n4) Zkopírujte všechny soubory z připojeného záložního svazku VeraCrypt (vytvořeném a připojeném v kroku 1) do připojeného VeraCrypt svazku, který byl vytvořen (a připojen) v kroku 3.\n\nAž dokončíte tyto kroky, data budou zašifrována a navíc budete mít k dispozici i zašifrovanou zálohu dat. - VeraCrypt může zašifrovat za běhu pouze oddíl, dynamický svazek, a nebo celý systémový disk.\n\nChcete-li vytvořit zašifrovaný svazek VeraCrypt uvnitř vybraného ne-systémového zařízení, vyberte možnost "Vytvořit zašifrovaný svazek a naformátovat ho" (místo volby "Zašifrovat oddíl tak, jak je"). - Chyba: VeraCrypt může za běhu zašifrovat jen oddíl, dynamický svazek nebo celý systémový disk. Ujistěte se, že zadaná cesta je planá. - Chyba: Systém souborů nelze zmenšit (systém souborů musí být zmenšen, aby se vytvořilo místo pro hlavičku svazku a záložní hlavičku).\n\nMožné příčiny a řešení:\n\n- Málo volného místa na svazku. Ujistěte se, že žádná další aplikace nezapisuje do systému souborů.\n\n- Poškozený systém souborů. Zkuste jej zkontrolovat a opravte chyby (klikněte na dané písmeno disku pravým tlačítkem myši v seznamu, vyberte Vlastnosti > Nástroje > 'Zkontrolovat', a ujistěte se, že jste vybrali volbu 'Automaticky opravovat chyby systému souborů' a klikněte na Start).\n\nPokud výše uvedené kroky nepomohly, následujte kroky uvedené níže. - Chyba: Na svazku není dostatek volného místa a systém souborů tak nemůže být zmenšen (systém souborů musí být zmenšen, aby se vytvořilo místo pro záložní hlavičku svazku).\n\nSmažte všechny zbytečné soubory a vyprázdněte koš, aby zbylo aspoň 256 KB volného místa a pak to zkuste znovu. Kvůli problému Windows se může stát, že Windows Explorer vám ukáže jinou hodnotu volného místa, dokud se systém nerestartuje. Pokud restart systému nepomůže, systém souborů může být poškozený. Zkuste jej zkontrolovat a opravit případné chyby (klikněte na dané písmeno disku pravým tlačítkem myši v seznamu, vyberte Vlastnosti > Nástroje > 'Zkontrolovat', a ujistěte se, že jste vybrali volbu 'Automaticky opravovat chyby systému souborů' a klikněte na Start).\n\nPokud kroky uvedené výše nepomohly, pokračujte kroky uvedenými níže. - Volné místo na disku %s je %.2f bytů. - Volné místo na disku %s je %.2f KB - Volné místo na disku %s je %.2f MB - Volné místo na disku %s je %.2f GB - Volné místo na disku %s je %.2f TB - Volné místo na disku %s je %.2f PB - Nelze získat volná písmena disků. - Chyba: Ovladač VeraCrypt nebyl nalezen.\n\nZkopírujte soubory 'veracrypt.sys' a 'veracrypt-x64.sys' do adresáře, kde je umístěna hlavní aplikace VeraCrypt (VeraCrypt.exe). - Chyba: Aktuálně je spuštěna nekompatibilní verze ovladače VeraCrypt.\n\nPokud se snažíte spustit VeraCrypt v cestovním módu (např. bez instalace) a máte přitom již nainstalovanou jinou verzi VeraCryptu, musíte ji nejprve odinstalovat (nebo aktualizovat pomocí VeraCrypt instalátoru). Pro odinstalaci následujte tyto kroky: Na Windows Vista nebo novější vyberte 'Menu Start' > Počítač > 'Odinstalovat nebo změnit program' > VeraCrypt > Odinstalace; na Windows XP, vyberte 'Menu Start' > Nastavení > 'Ovládací panely' > 'Přidat nebo odebrat programy' > VeraCrypt > Odstranit.\n\nVelmi podobně, pokud se snažíte spustit VeraCrypt v cestovním módu (např. bez instalace) a jiná verze programu VeraCrypt již běží v cestovním módu, musíte nejprve restartovat systém a pak spustit pouze tuto novou verzi. - Chyba: Selhala inicializace šifry. - Chyba: Byl detekován slabý nebo potenciálně slabý klíč. Klíč bude zahozen. Zkuste to prosím znovu. - Došlo ke kritické chybě a VeraCrypt musí být ukončen. Pokud to bylo způsobeno chybou v VeraCryptu, rádi bychom ji opravili. Můžete nám poslat automaticky vygenerovanou zprávu, která obsahuje následující položky:\n\n- Verze programu\n- Verze operačního systému\n- Typ procesoru\n- Název komponenty VeraCrypt\n- Kontrolní součet spustitelného souboru VeraCrypt\n- Symbolický název okna dialogu\n- Typ chyby\n- Adresa chyby\n- Zásobník VeraCryptu\n\nZvolíte-li 'Ano', následující URL odkaz (který obsahuje celou zprávu o chybě) se otevře ve vašem výchozím internetovém prohlížeči.\n\n%hs\n\nChcete nám poslat výše uvedenou zprávu o chybě? - Došlo ke kritické chybě v systému, což zapříčinilo ukončení VeraCryptu.\n\nTato chyba nebyla způsobena VeraCryptem (takže ji ani vývojáři nemohou opravit). Zkontrolujte váš systém pro případné problémy (např. konfigurace systému, síťové připojení, selhávající hardwarová komponenta). - Ve vašem systému došlo ke kritické chybě. VeraCrypt musí být ukončen.\n\nPokud problém přetrvá, zkuste vypnout nebo odinstalovat aplikace, které by mohly případně způsobovat tento problém, např. antivir nebo program pro zabezpečení internetu, systémové "vylepšovače", "optimalizátory" nebo "tweakovací programy", atd. Pokud to nepomůže, zkuste přeinstalovat váš operační systém (tento problém může také být způsoben malwarem). - Kritická chyba programu VeraCrypt - VeraCrypt rozpoznal, že operační systém nedávno havaroval. Existuje mnoho důvodů, proč systém může spadnout (například selhávající hardware, chyba v ovladači atd.)\n\nChcete, aby VeraCrypt zjistil, zda se jedná o chybu v jeho programu, která způsobila pád systému? - Chcete, aby VeraCrypt dále detekoval pády systému? - VeraCrypt nenalezl žádný soubor-minidump o pádu systému. - Chcete smazat Windows soubor s informacemi o pádu systému, abyste uvolnili místo na disku? - Aby bylo možné pád systému analyzovat, VeraCrypt musí nejprve nainstalovat Microsoft Debugging Tools pro Windows.\n\nJakmile kliknete na OK, Windows instalátor stáhne instalační balíček Microsoft Debugging Tools (16 MB) ze serveru Microsoft a nainstaluje ho (Windows instalátor bude přeposlán ze serveru veracrypt.org na adresu Microsoft serveru, což zajistí, že tato funkce bude fungovat i v případě, že Microsoft změní umístění instalačního balíčku). - Jakmile kliknete na OK, VeraCrypt zanalyzuje pád systému. To může trvat několik minut. - Ujistěte se, prosím, že proměnná systému 'PATH' obsahuje cestu k souboru 'kd.exe' (Kernel Debugger). - Zdá se, že VeraCrypt pravděpodobně nezpůsobil pád systému. Existuje mnoho důvodů, proč mohl systém spadnout (například chybný hardware, chyba v ovladači, apod.) - Výsledek analýzy naznačuje, že tento problém by mohla vyřešit aktualizace následujícího ovladače: - Pokud nám chcete pomoci zjistit, zda se jedná o chybu v VeraCryptu, můžete nám poslat automaticky vygenerovanou chybovou zprávu, která obsahuje následující položky:\n- Verze programu\n- Verze operačního systému\n- Typ procesoru\n- Kategorie chyby\n- Jméno ovladače a jeho verzi\n- Systémový zásobník\n\nVyberete-li 'Ano', následující URL odkaz (který obsahuje celou chybovou zprávu) se otevře ve vašem výchozím prohlížeči internetu. - Chcete nám poslat výše uvedenou zprávu? - &Zašifrovat - &Dešifrovat - &Dešifrovat trvale - &Konec - Vytvořte prosím logický disk pro tento rozšířený oddíl a poté to zkuste znovu. - Svazek VeraCrypt může být umístěn v souboru (tzv. VeraCrypt souborový svazek), který může zůstat na pevném disku, USB flash disku, atd. Souborový svazek VeraCrypt je jako každý jiný obyčejný soubor (může být například přemístěn nebo smazán jako normální soubor). Klikněte na 'Vybrat soubor' pro výběr jména souboru pro souborový svazek a zvolte také umístění, kde ho chcete vytvořit.\n\nVAROVÁNÍ: Vyberete-li již existující soubor, VeraCrypt ho NEZAŠIFRUJE; soubor bude smazán a nahrazen nově vytvořeným souborovým svazkem VeraCrypt. Existující soubory budete moci zašifrovat (později) jejich přesunutím do souborového svazku VeraCrypt, který se nyní chystáte vytvořit. - Vyberte umístění vnějšího svazku, který se má vytvořit (uvnitř tohoto svazku bude později vytvořen skrytý svazek).\n\nSvazek VeraCrypt může být umístěn v souboru (tzv. VeraCrypt souborový svazek), který může zůstat na pevném disku, USB flash disku, atd. Souborový svazek VeraCrypt je jako každý jiný obyčejný soubor (může být například přemístěn nebo smazán jako normální soubor). Klikněte na 'Vybrat soubor' pro výběr jména souboru pro souborový svazek a zvolte také umístění, kde ho chcete vytvořit.\n\nVAROVÁNÍ: Vyberete-li již existující soubor, VeraCrypt ho NEZAŠIFRUJE; soubor bude smazán a nahrazen nově vytvořeným souborovým svazkem VeraCrypt. Existující soubory budete moci zašifrovat (později) jejich přesunutím do souborového svazku VeraCrypt, který se nyní chystáte vytvořit. - Zašifrované VeraCrypt svazky umístěné na zařízeních mohou být vytvořeny uvnitř oddílů na pevných discích, solid-state discích, USB pamětích, a na dalších podporovaných úložných zařízeních. Oddíly mohou být také zašifrovány za běhu.\n\nNavíc, zašifrované VeraCrypt svazky na zařízeních mohou být vytvořeny na takových zařízeních, které neobsahují žádné oddíly (včetně pevných disků a solid-state disků).\n\nPoznámka: Zařízení, které obsahuje oddíly, může být úplně zašifrováno za běhu (s pomocí jednoho klíče) pouze tehdy, pokud jde o disk, kde jsou Windows nainstalovány a odkud také nabíhají. - Zašifrované VeraCrypt svazky umístěné na zařízeních mohou být vytvořeny uvnitř oddílů na pevných discích, solid-state discích, USB pamětích, a na dalších podporovaných úložných zařízeních.\n\nVAROVÁNÍ: Mějte na paměti, že oddíl/zařízení bude zformátováno a všechna aktuální data ztracena. - \nVyberte umístění vnějšího svazku, který se má vytvořit (uvnitř tohoto svazku bude později vytvořen svazek skrytý).\n\nVnější svazky mohou být vytvořeny uvnitř oddílů na pevných discích, solid-state discích, USB pamětích a na dalších podporovaných úložných zařízeních. Vnější svazky mohou být také vytvořeny na takových zařízeních, které neobsahují žádné oddíly (včetně pevných disků a solid-state disků).\n\nVAROVÁNÍ: Mějte na paměti, že oddíl/zařízení bude zformátováno a všechna aktuální data na něm budou ztracena. - Zvolte umístění svazku VeraCrypt, uvnitř kterého chcete vytvořit skrytý svazek. - VAROVÁNÍ: Hostitelský soubor/zařízení se již používá!\n\nPokud to budete ignorovat, může dojít k neočekávaným výsledkům včetně nestability systému. Všechny aplikace, které by mohly používat hostitelský soubor/zařízení (např. antivir nebo zálohovací aplikace) by měly být ukončeny ještě před připojením svazku.\n\nPokračovat v připojení? - Chyba: Svazek nelze připojit. Hostitelský soubor/zařízení je již používáno. Pokus o připojení bez výhradních práv selhal také. - Tento soubor nemohl být otevřen. - Umístění svazku - Velké soubory - Budete ukládat na tento VeraCrypt svazek soubory větší než 4 GB? - Dle vašeho výběru výše, VeraCrypt vybere vhodný systém souborů pro svazek VeraCrypt (budete moci vybrat systém souborů v dalším kroku). - Protože vytváříte vnější svazek, měli byste zvážit volbu 'Ne'. Pokud zvolíte 'Ano', předvolený systém souborů bude NTFS, který není tak vhodný pro externí svazky jako FAT (např. maximální možná velikost skrytého svazku bude mnohem větší, pokud bude svazek naformátován jako FAT). Standardně je zvolen FAT pro skrytý i normální svazek (tím nejsou FAT svazky tak podezřelé). Pokud ale bude chtít uživatel ukládat soubory větší než 4 GB (což souborový systém FAT nedovoluje), FAT nebude předvoleným systémem souborů. - Jste si jisti volbou 'Ano'? - Mód vytvoření svazku - Toto je nejrychlejší cesta, jak vytvořit VeraCrypt svazek sídlící v oddílu nebo celém zařízení (šifrování za běhu, což je druhá volba, je pomalejší, protože obsah každého sektoru se musí nejprve přečíst, pak zašifrovat a nakonec zapsat). Jakákoliv data aktuálně uložená v oddílu/zařízení, budou ztracena (data NEBUDOU zašifrována; budou přepsána náhodnými daty). Pokud chcete zašifrovat data přítomna v oddílu, zvolte druhou volbu. - Vybraný oddíl a všechna data uložena na něm budou zašifrována za běhu. Je-li oddíl prázdný, měli byste vybrat druhou volbu (svazek bude vytvořen mnohem rychleji). - Poznámka: - &Pokračovat - &Pozdržet - &Začít - P&okračovat - &Formátovat - &Vyčistit - Přerušit formátování? - Ukázat více informací - Znovu již neukazovat - Obsah oddílu/zařízení byl úspěšně vymazán. - Obsah oddílu, kde je umístěn originální systém (jehož klonem je skrytý systém), byl úspěšně vymazán. - Ujistěte se, prosím, že verze Windows, kterou se chystáte nainstalovat, (na vyčištěném oddílu) je ta samá, jako verze Windows která je aktuálně spuštěna. To je nutné, protože oba systémy budou sdílet společný bootovací oddíl. - Systémový oddíl/disk byl úspěšně zašifrován.\n\nPoznámka: Pokud existují nějaké ne-systémové svazky VeraCrypt u kterých chcete, aby se připojovaly automaticky při každém spuštění Windows, můžete tak učinit tím, že každý z nich připojíte a vyberete 'Oblíbené' > 'Přidat připojený svazek do systémových oblíbených'). - Systémový oddíl/disk byl úspěšně dešifrován. - \n\nVeraCrypt svazek byl vytvořen a je připraven k použití. Pokud chcete vytvořit další svazek VeraCrypt, klikněte Další. Jinak klikněte Konec. - \n\nSkrytý svazek VeraCrypt byl úspěšně vytvořen (skrytý operační systém bude umístěn v tomto skrytém svazku).\n\nKlikněte na Další pro pokračování. - Svazek plně zašifrován - Volume Fully Decrypted - DŮLEŽITÉ: PRO PŘIPOJENÍ TOHOTO NOVĚ VYTVOŘENÉHO SVAZKU VERACRYPT A PRO PŘÍSTUP K DATŮM NA NĚM, KLIKNĚTE NA 'Autom. připojit zařízení' V HLAVNÍM OKNĚ VERACRYPT. Jakmile zadáte správné heslo (a/nebo přiložíte správný souborový klíč/e), svazek bude připojen k písmenu jednotky, které jste vybrali v seznamu v hlavním okně VeraCryptu (a budete moci přistupovat k zašifrovaným datům přes toto vybrané písmeno jednotky).\n\nZAPAMATUJTE SI PROSÍM, NEBO ZAPIŠTE, VÝŠE UVEDENÉ KROKY. TĚMITO KROKY SE MUSÍTE ŘÍDIT KDYKOLIV, KDYŽ BUDETE CHTÍT SVAZEK PŘIPOJIT A PŘISTUPOVAT K DATŮM NA NĚM. Případně můžete v hlavním okně VeraCryptu kliknout na 'Vybrat zařízení', pak vybrat tento oddíl/svazek a kliknout na 'Připojit'.\n\nOddíl/svazek byl úspěšně zašifrován (obsahuje nyní úplně zašifrovaný svazek VeraCrypt) a je připraven k použití. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - Svazek VeraCrypt byl úspěšně vytvořen. - Svazek byl vytvořen - DŮLEŽITÉ: Pohybujte s myší v tomto okně co nejnáhodněji. Čím déle s ní budete hýbat, tím lépe. Kryptografická síla šifrovacích klíčů se tak výrazně zvýší. Pak klikněte Formátovat pro vytvoření svazku. - Klikněte Formátovat pro vytvoření vnějšího svazku. Pro více informací, viz dokumentace. - Formát vnějšího svazku - Formát skrytého svazku - Formát svazku - Pro čtení nebo tisk Uživatelské příručky VeraCrypt je nutný prohlížeč Adobe Reader (nebo jiný kompatibilní nástroj). Adobe Reader (freeware) lze stáhnout na adrese: www.adobe.com\n\nChcete si raději prohlédnout online dokumentaci? - Zvolíte-li tuto možnost, průvodce vám nejdříve pomůže vytvořit běžný svazek VeraCrypt a poté skrytý svazek uvnitř. Nezkušení uživatelé by vždy měli vybrat tuto volbu. - Zvolíte-li tuto možnost, vytvoříte skrytý svazek uvnitř existujícího svazku VeraCrypt. Předpokládá se, že jste již vytvořili svazek VeraCrypt, do kterého lze umístit skrytý svazek. - Mód vytvoření svazku - Skrytý svazek byl vytvořen - Skrytý svazek VeraCrypt byl úspěšně vytvořen a je připraven k použití. Pokud jste postupovali dle instrukcí, a pokud jste si dali pozor na požadavky a opatření uvedená v sekci "Bezpečnostní požadavky a opatření týkající se skrytých svazků" v uživatelské příručce VeraCrypt, mělo by být nemožné prokázat, že skrytý svazek existuje, i když je připojený externí svazek.\n\nVAROVÁNÍ: POKUD NEBUDETE CHRÁNIT SKRYTÝ SVAZEK (PRO VÍCE INFORMACÍ, JAK TAK UČINIT, VIZ SEKCE "OCHRANA SKYTÝCH SVAZKŮ PROTI POŠKOZENÍ" V UŽIVATELSKÉ PŘÍRUČCE VERACRYPT), NEZAPISUJTE DO VNĚJŠÍHO SVAZKU. JINAK MŮŽETE PŘEPSAT A POŠKODIT SKRYTÝ SVAZEK! - Spustili jste operační systém na skrytém svazku. Jak jste si asi všimli, skrytý operační systém vypadá tak, jako by byl nainstalován na stejném oddílu původního operačního systému. Ale v reálu je nainstalován uvnitř oddílu za ním (ve skrytém svazku). Všechny operace pro čtení a zapisování jsou transparentně přesměrovány z původního oddílu systému do skrytého svazku.\n\nAni operační systém, ani aplikace nebudou vědět, data čtená a zapisovaná do systémového oddílu jsou ve skutečnosti zapisována a čtena z oddílu za ním (z/do skrytého svazku). Jakákoliv taková data jsou zašifrována a dešifrována za běhu, jako obvykle (s jiným šifrovacím klíčem, než je klíč použitý pro operační systém, který odláká pozornost).\n\n\nKlikněte na Další pro pokračování. - Vnější svazek byl vytvořen a připojen jako disk %hc:. Do tohoto vnějšího svazku byste nyní měli nakopírovat nějaká citlivě vypadající soubory, které ve skutečnosti NECHCETE skrýt. Budou tam umístěny pro kohokoliv, kdo by vás nutil prozradit heslo k prvnímu oddílu za oddílem s operačním systémem, kde budou umístěny jak vnější svazek, tak skrytý svazek (obsahující skrytý operační systém). Budete moci odhalit heslo pro tento vnější svazek a existence skrytého svazku (a skrytého operačního systému) zůstane utajena.\n\nDŮLEŽITÉ: Soubory, které nakopírujete do vnějšího svazku, by neměly zabírat více než %s. Jinak by nemusel být k dispozici dostatek volného místa na vnějším svazku pro skrytý svazek (a nebudete moci pokračovat). Jakmile dokončíte kopírování, klikněte na Další (neodpojujte svazek). - Vnější svazek byl úspěšně vytvořen a připojen jako jednotka %hc:. Do tohoto svazku byste nyní měli nakopírovat nějaké citlivě-vypadající soubory, které ve skutečnosti NECHCETE skrýt. Soubory tam budou uloženy pro kohokoliv, kdo by Vás nutil odhalit heslo. Odhalíte jen heslo pro tento vnější svazek, ne pro skrytý. Soubory, o které Vám jde ve skutečnosti, budou uloženy ve skrytém svazku, který se vytvoří později. Jakmile data dokopírujete, klikněte Další. Svazek neodpojujte.\n\nPoznámka: Až kliknete Další, clusterová bitmapa vnějšího svazku bude oskenována pro určení velikosti nepřerušené oblasti volného místa, jehož konec se nachází na konci svazku. Tato oblast bude obsahovat skrytý svazek, takže tím omezí svou maximální možnou velikost. Skenování clusterové bitmapy zajistí, že žádná data na vnějším svazku nebudou přepsána vnějším svazkem. - Obsah vnějšího svazku - \n\nV dalším kroku zadáte volby pro vnější svazek (uvnitř kterého bude později vytvořen skrytý svazek). - \n\nV dalších krocích vytvoříte tzv. externí svazek VeraCrypt uvnitř prvního oddílu za systémovým oddílem (jak bylo vysvětleno v jednom z předchozích kroků). - Vnější svazek - V následujících krocích zadáte volby a heslo pro skrytý svazek, který bude obsahovat skrytý operační systém.\n\nPoznámka: Clusterová bitmapa vnějšího svazku byla oskenována, aby se zjistila velikost nepřerušovaného volného místa, jehož konec bude uspořádán s koncem vnějšího svazku. V této oblasti bude umístěn skrytý svazek, omezuje tedy jeho maximální možnou velikost. Maximální možná velikost skrytého svazku byla vypočtena a potvrzena tak, že musí být větší, než velikost systémového oddílu (což je nutné, protože celý obsah systémového oddílu bude muset být zkopírován na skrytý svazek). Tím se zajistí, že žádná data, která jsou aktuálně uložena na vnějším svazku, nebudou přepsána daty zapsanými do oblasti skrytého svazku. - DŮLEŽITÉ: Zapamatujte si, prosím, algoritmy, které vyberete v tomto kroku. Budete muset vybrat úplně stejné algoritmy pro klamný systém. Jinak bude skryté systém nepřístupný! (Klamný systém musí být zašifrován stejným šifrovacím algoritmem jako skrytý systém.)\n\nPoznámka: Důvodem je, že klamný systém a skrytý systém budou sdílet společný bootovací zavaděč, který podporuje jen jeden algoritmus, vybraný uživatelem (pro každý algoritmus existuje speciální verze bootovacího zavaděče VeraCryptu). - \n\nBitmapový cluster svazku byl oskenován a maximální možná velikost skrytého svazku byla určena. V dalším kroku zadáte volby, velikost a heslo pro skrytý svazek. - Skrytý svazek - Skrytý svazek je nyní chráněn proti poškození, dokud nebude odpojen vnější svazek.\n\nVAROVÁNÍ: Bude-li zaznamenána snaha zapsat data do skrytého svazku, VeraCrypt začne chránit proti zápisu celý svazek (jak vnější tak skrytou část) dokud nebude odpojen. To může způsobit poškození souborového systému vnějšího svazku, což může (pokud se tak bude dít opakovaně) nepříznivě ovlivnit hodnověrnost popření skrytého svazku. Proto byste měli zajistit, aby do skryté části svazku nebylo zapisováno. Jakákoliv data uložená do skrytého svazku nebudou uložena a ztratí se. Windows to mohou hlásit jako chybu zápisu ("Zpožděný zápis selhal" nebo "Parametr je nesprávný"). - Každý skrytý svazek uvnitř nově připojených svazků je nyní chráněn proti poškození, dokud nebude odpojen.\n\nVAROVÁNÍ: Bude-li zaznamenána snaha uložit data do chráněného oblasti skrytého svazku jakéhokoliv z těchto svazků, VeraCrypt začne chránit proti zápisu celý svazek (jak vnější tak skrytou část) dokud nebude odpojen. To může způsobit poškození souborového systému vnějšího svazku, což může (pokud se tak bude dít opakovaně) nepříznivě ovlivnit hodnověrnost popření skrytého svazku. Proto byste měli zajistit, aby do skryté části svazku nebylo zapisováno. Jakákoliv data uložená do skrytého svazku nebudou uložena a ztratí se. Windows to mohou hlásit jako chybu zápisu ("Zpožděný zápis selhal" nebo "Parametr je nesprávný"). - VAROVÁNÍ: Byl zaznamenán pokus o zapsání dat do skryté oblasti svazku připojeného jako %c:! VeraCrypt zabránil zápisu těchto dat, aby skrytý svazek chránil. To mohlo způsobit poškození souborového systému vnějšího svazku a Windows to mohou hlásit jako chybu zápisu ("Zpožděný zápis selhal" nebo "Parametr je nesprávný"). Celý svazek (jak vnější tak skrytá část) bude chráněn proti zápisu, dokud nebude odpojen. Pokud to není první případ, kdy VeraCrypt chránil skrytou část svazku před zápisem, hodnověrnost popření skrytého svazku může být nepříznivě ovlivněna (kvůli možné neobvyklé korelované inkonzistenci uvnitř vnějšího svazku souborového systému). Proto byste měli zvážit vytvoření nového svazku VeraCrypt (s vypnutou funkcí Rychlého formátování) a přesunout soubory z tohoto svazku do nového; tento svazek by měl být bezpečně vymazán (jak vnější tak skrytá část). Důrazně doporučujeme, abyste nyní operační systém restartovali. - Naznačili jste, že na svazek hodláte ukládat soubory větší než 4 GB. V tom případě musí být svazek naformátován systémem souborů NTFS, což bohužel nebude možné. - Mějte prosím na paměti, že pokud běží skrytý operační systém, ne-skryté svazky VeraCrypt nemohou být naformátovány jako NTFS. Důvodem je, že by svazek musel být dočasně připojen bez ochrany proti zápisu, aby ho mohl operační systém naformátovat jako NTFS (přičemž formátování jako FAT je prováděno VeraCryptem, nikoliv operačním systémem a bez toho, aby musel být svazek připojen). Pro více technických informací, viz níže. Ne-skrytý NTFS svazek můžete vytvořit z klamného operačního systému. - Z bezpečnostních důvodů, pokud je spuštěn skrytý operační systém, skryté svazky mohou být vytvořeny pouze 'přímým' módem (protože vnější svazky musí být vždy připojeny pouze pro čtení). Abyste vytvořili skrytý svazek bezpečně, postupujte dle těchto kroků:\n\n1) Spusťte klamný systém.\n\n2) Vytvořte běžný svazek VeraCrypt a do tohoto svazku nakopírujte nějaká citlivě vypadající data, která ve skutečnosti NECHCETE skrýt (svazek se stane vnějším svazkem).\n\n3) Spusťte skrytý systém a spusťte Průvodce vytvořením svazku VeraCrypt. Pokud jde o svazek umístěny v souboru, přesuňte ho do systémového oddílu nebo do jiného skrytého svazku (jinak bude nově vytvořený svazek připojen pouze pro čtení a nemohl by být zformátován). Postupujte podle instrukcí v průvodci až k výběru 'přímého' módu pro vytvoření skrytého svazku.\n\n4) V průvodci vyberte svazek, který jste vytvořili v kroku 2, a pak postupujte dle instrukcí a vytvořte v něm skrytý svazek. - Z bezpečnostních důvodů, pokud je skrytý operační systém spuštěn, lokální nezašifrované systémy souborů a neskryté svazky VeraCrypt jsou připojeny pouze pro čtení (do těchto systémů souborů nebo svazků VeraCrypt nemůžete zapisovat).\n\nData můžete zapisovat do jakéhokoliv systému souborů, který je umístěn uvnitř skrytého svazku VeraCrypt (za předpokladu, že skrytý svazek není umístěn v souborovém svazku, který je umístěn na nezašifrovaném systému souborů nebo na jiném systému souborů, který je pouze pro čtení). - Jsou 3 hlavní důvody, proč byla takováto protiopatření implementována:\n\n- Umožňuje vytvoření bezpečné platformy pro připojení skrytých svazků VeraCrypt. Oficiálně doporučujeme připojit skryté svazky pouze pokud běží skrytý operační systém. (Pro více informací, viz podsekce 'Bezpečnostní požadavky a prevence ohledně skrytých svazků' v dokumentaci.)\n\n- V některých případech je možné zjistit, že v určitém čase nebyl konkrétní systém souborů připojen k (nebo že příslušný soubor na systému souborů nebyl uložen nebo k němu nebyl přístup přímo) příslušné instanci operačního systému (např. analyzováním a porovnáním žurnálů systému souborů, časových razítek souborů, aplikačních logů, chybových logů, apod.). To vše může naznačit, že je na počítači nainstalován skrytý operační systém. Protiopatření přecházejí těmto problémům.\n\n- Zabraňuje poškození dat a umožňuje bezpečnou hibernaci. Když Windows přejdou z hibernace, předpokládají, že všechny připojené systémy souborů jsou ve stejném stavu, jako když systém přešel do hibernace. VeraCrypt toto zabezpečuje tím, že chrání proti zápisu jakýkoliv systém souborů ať už v klamném nebo skrytém systému. Bez této ochrany by mohlo u připojeného systému dojít k poškození souborů, pokud by byl druhý systém hibernován. - Poznámka: Pokud potřebujete bezpečně přesunout soubory z klamného systému do skrytého systému, dbejte následujících kroků: 1) Spusťte klamný systém. 2) Uložte soubory na nezašifrovaný svazek nebo na vnější/normální svazek VeraCrypt. 3) Spusťte skrytý systém. 4) Uložili jste-li soubory na svazek VeraCrypt, připojte ho (bude automaticky připojen jen pro čtení). 5) Zkopírujte soubory do skrytého systémového oddílu nebo na jiný svazek. - Váš počítač musí být restartován.\n\nChcete nyní provést restart? - Nastala chyba při získávání informací o stavu zašifrovaného systému. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Nelze inicializovat aplikační komponenty pro systémové šifrování. - Selhala inicializace generátoru náhodných čísel! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Aplikace nemohla být inicializována. Selhala registrace Dialogové třídy. - Chyba: Systémová knihovna Rich Edit nemohla být načtena. - Průvodce vytvořením svazku VeraCrypt - Maximální možná velikost skrytého svazku pro tento svazek je %.2f bytů. - Maximální možná velikost skrytého svazku pro tento svazek je %.2f KB. - Maximální možná velikost skrytého svazku pro tento svazek je %.2f MB. - Maximální možná velikost skrytého svazku pro tento svazek je %.2f GB. - Maximální možná velikost skrytého svazku pro tento svazek je %.2f TB. - Heslo/souborový klíč svazku nemůže být změněn během jeho připojení. Svazek nejdříve odpojte. - Derivační algoritmus pro klíč hlavičky nemůže být změněn během připojování svazku. Svazek nejdříve odpojte. - &Připojit - Pro připojení tohoto oddílu je potřeba novější verze programu VeraCrypt. - Chyba: Průvodce vytvořením svazku nebyl nalezen.\n\nUjistěte se prosím, že soubor 'VeraCrypt Format.exe' je ve složce, ze které byl 'VeraCrypt.exe' spuštěn. Pokud není, přeinstalujte prosím VeraCrypt nebo najděte 'VeraCrypt Format.exe' na vašem disku a spusťte jej. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Další > - &Dokončit - &Instalovat - &Rozbalit - Nelze připojit k ovladači zařízení VeraCrypt. VeraCrypt nemůže pracovat, pokud ovladač zařízení neběží.\n\nKvůli architektuře Windows bude pravděpodobně nutné se odhlásit nebo restartovat systém, aby mohl být ovladač zařízení načten. - Nastala chyba při nahrávání/připravování fontů. - Písmeno disku nebylo nalezeno nebo nebylo specifikováno. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Písmeno jednotky není k dispozici. - Nebyl vybrán žádný soubor! - Žádné písmeno disku není k dispozici. - Není k dispozici žádné volné písmeno disku pro vnější svazek! Vytvoření svazku nelze dokončit. - Verze vašeho operačního systému nebyla rozpoznána nebo používáte nepodporovaný operační systém. - Nebyla vybrána cesta! - Pro skrytý svazek není dostatek volného místa! Vytvoření svazku nelze dokončit. - Chyba: Soubory, které jste nakopírovali do vnějšího svazku, zabírají příliš moc místa. Tím pádem není na vnějším svazku ani dost místa pro skrytý svazek.\n\nSkrytý svazek musí být stejně velký jako systémový oddíl (oddíl, kde je nainstalován momentálně běžící operační systém). Důvodem je, že skrytý operační systém musí být vytvořen zkopírováním obsahu systémového oddílu do skrytého svazku.\n\n\nProces vytváření skrytého operačního systému nemůže pokračovat. - Ovladač nemůže odpojit svazek. Některé soubory umístěné na svazku jsou pravděpodobně ještě otevřené. - Svazek nemohl být uzamknut. Na svazku jsou stále otevřené soubory. Proto nemůže být odpojen. - VeraCrypt nemůže zamknout tento svazek, protože je používán systémem nebo aplikacemi (na tomto svazku mohou existovat otevřené soubory).\n\nChcete vynutit odpojení tohoto svazku? - Vyberte svazek VeraCrypt - Zadejte cestu a jméno souboru - Vybrat knihovnu PKCS #11 - Nedostatek paměti - DŮLEŽITÉ: Důrazně doporučujeme, aby nezkušení uživatelé vytvořili souborový svazek VeraCrypt na vybraném zařízení/oddílu, místo zašifrování celého zařízení/oddílu.\n\nPokud vytvoříte souborový svazek VeraCrypt (oproti zašifrování zařízení nebo oddílu), neriskujete například ztrátu velkého množství souborů. Souborový svazek VeraCrypt (ačkoliv obsahuje virtuální zašifrovaný disk) se chová je ve skutečnosti jako obyčejný soubor. Pro více informací viz kapitola Návod pro začátečníky v uživatelské příručce VeraCryptu.\n\nJste si jisti, že chcete zašifrovat celé zařízení/oddíl? - VAROVÁNÍ: Soubor '%s' již existuje!\n\nDŮLEŽITÉ: VERACRYPT TENTO SOUBOR NEZAŠIFRUJE, ALE SMAŽE HO. Jste si jisti, že chcete tento soubor smazat a nahradit ho novým souborovým svazkem VeraCrypt? - VAROVÁNÍ: VŠECHNY SOUBORY, KTERÉ JSOU MOMENTÁLNĚ ULOŽENY NA VÁMI VYBRANÉM %s '%s'%s BUDOU VYMAZÁNY A ZTRACENY (NEBUDOU ZAŠIFROVÁNY)!\n\nJste si jisti, že chcete pokračovat s formátováním? - VAROVÁNÍ: Nebudete moci na svazek přistoupit ani přistupovat k souborům na něm do té doby, než bude plně zašifrován.\n\nJste si jisti, že chcete začít zašifrovávat vybraný %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - VAROVÁNÍ: Pokud dojde při šifrování dat za běhu k náhlému výpadku proudu, nebo pokud systém spadne kvůli softwarové chybě nebo hardwarovému selhání, část dat bude poškozena nebo ztracena. Než začnete zašifrovávat, ujistěte se, že máte záložní kopie souborů, které chcete zašifrovat.\n\nMáte takovou zálohu? - VAROVÁNÍ: JAKÉKOLIV SOUBORY ULOŽENÉ NA ODDÍLU '%s'%s (NAPŘ. NA PRVNÍM ODDÍLU ZA SYSTÉMOVÝM ODDÍLEM) BUDOU VYMAZÁNA A ZTRACENA (NEBUDOU ZAŠIFROVÁNA)!\n\nJste si jisti, že chcete pokračovat ve formátování? - VAROVÁNÍ: VYBRANÝ ODDÍL OBSAHUJE VELKÉ MNOŽSTVÍ DAT! Všechny soubory uložené na tomto oddílu budou smazány a ztraceny (NEBUDOU zašifrovány)! - Smaž všechny soubory uložené na oddílu tím, že se uvnitř vytvoří svazek VeraCrypt - Heslo - PIM - Zadejte hlavičku klíče derivačního algoritmu - Přidat/Odebrat souborové klíče do/ze svazku - Odstranit všechny souborové klíče ze svazku - Heslo a souborový klíč/e byly úspěšně změněny.\n\nDŮLEŽITÉ: Ujistěte se, prosím, že jste si přečetli sekci 'Změna hesel a souborových klíčů' v kapitole 'Bezpečnostní požadavky a opatření' v uživatelské příručce VeraCryptu. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - DŮLEŽITÉ: Pokud jste nezničili váš Záchranný disk VeraCrypt, váš systémový oddíl/disk může být stále dešifrován použitím starého hesla (nabootováním Záchranného disku VeraCrypt a zadáním starého hesla). Měli byste vytvořit nový Záchranný disk VeraCrypt a pak zničit starý.\n\nChcete vytvořit nový Záchranný disk VeraCrypt? - Záchranný disk VeraCrypt stále používá předchozí algoritmus. Považujete-li předchozí algoritmus za nedostatečně bezpečný, měli byste vytvořit nový záchranný disk VeraCrypt a pak starý zničit.\n\nChcete vytvořit nový Záchranný disk VeraCrypt? - Jakýkoliv typ souboru (například .mp3, .jpg, .zip, .avi) může být použit jako souborový klíč VeraCryptu. Vězte, že VeraCrypt nikdy nemění obsah souborového klíče. Můžete vybrat více než jen jeden souborový klíč (na pořadí nezáleží). Pokud zadáte adresář, všechny neskryté soubory nalezené uvnitř, budou použity jako souborové klíče. Klikněte na 'Přidat soubory tokenu' a vyberte souborové klíče uložené na bezpečnostních tokenech nebo smart kartách (nebo k importu souborových klíčů na bezpečnostní tokeny nebo na smart karty). - Souborový klíč(e) byl úspěšně přidán/odstraněn. - Souborový klíč exportován. - Klíč hlavičky derivačního algoritmu byl úspěšně zadán. - Zadejte prosím heslo a/nebo souborový klíč/e k nesystémovému svazku, u kterého chcete pokračovat v procesu šifrování za běhu.\n\n\nPoznámka: Až kliknete na Další, VeraCrypt se pokusí najít všechny nesystémové svazky, u kterých byl přerušen proces šifrování a u kterých může být VeraCrypt hlavička dešifrována použitím uvedeného hesla a/nebo souborového klíče/ů. Pokud bude nalezeno více než jeden svazek, budete muset v příštím kroku vybrat jeden z nich. - Vyberte, prosím, jeden svazek ze seznamu. Seznam obsahuje všechny přístupné ne-systémové svazky, kde byl přerušen proces šifrování a jejichž hlavičky mohou být dešifrovány s použitím použitého hesla a souborového klíče. - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - Je velmi důležité, abyste zadali dobré heslo. Měli byste se vyvarovat takového hesla, které obsahuje jen jedno slovo nebo může být nalezeno ve slovníku (nebo kombinace 2, 3 nebo 4 takovýchto slov). Nemělo by obsahovat žádná jména nebo data narození. Nemělo by být lehce uhodnutelné. Dobré heslo se skládá z kombinace různých velkých a malých písmen, čísel a speciálních znaků jako např. @ ^ = $ * + atd. Doporučujeme zvolit heslo skládající se z 20 znaků a více (čím delší, tím lepší). Maximální možná délka je 64 znaků. - Zadejte heslo pro skrytý svazek. - Zadejte, prosím, heslo pro skrytý operační systém (např. pro skrytý svazek). - DŮLEŽITÉ: Heslo, které vyberete v tomto kroku pro skrytý operační systém, musí být podstatně odlišné od ostatních dvou hesel (např. od hesla k vnějšímu svazku a hesla pro klamný operační systém). - Zadejte prosím heslo pro svazek, ve kterém si přejete vytvořit skrytý svazek.\n\nPo kliknutí Další se VeraCrypt pokusí svazek připojit. Jakmile bude svazek připojen, jeho clusterová bitmapa bude oskenována pro zjištění velikosti nepřerušené oblasti volného místa (pokud takové vůbec je) jehož konec tvoří i konec svazku. Tato oblast bude obsahovat skrytý svazek, a proto bude jeho maximální velikost omezena. Skenování clusterové mapy je nutné, aby bylo zajištěno, že žádná data na vnějším disku nebudou přepsána skrytým svazkem. - \nZadejte heslo pro vnější svazek. Toto heslo budete moci prozradit útočníkovi, pokud vás k tomu donutí.\n\nDŮLEŽITÉ: Heslo musí být úplně odlišné od toho, které zvolíte pro skrytý svazek.\n\nPoznámka: Maximální možná délka hesla je 64 znaků. - Zadejte heslo pro vnější svazek. Toto heslo budete moci prozradit komukoliv, kdo by po vás chtěl vědět heslo k prvnímu oddílu za systémovým oddílem, kde je umístěn jak vnější tak skrytý svazek (bude obsahovat skrytý operační systém). Existence skrytého svazku (a skrytého operačního systému) zůstane utajena. Toto heslo není pro klamný operační systém.\n\nDŮLEŽITÉ: Heslo musí být úplně odlišné od toho, které zvolíte pro skrytý svazek. (např. pro skrytý operační systém). - Heslo vnějšího svazku - Heslo skrytého svazku - Heslo pro skrytý operační systém - UPOZORNĚNÍ: Krátká hesla se dají jednoduše prolomit použitím metody hrubé síly!\n\nDoporučujeme vybrat heslo skládající se z více než 20 znaků.\n\nJste si jisti, že chcete použít kratší heslo? - Heslo svazku - Nesprávné heslo nebo se nejedná o svazek VeraCrypt. - Špatný souborový klíč(y) a/nebo heslo nebo se nejedná o svazek VeraCrypt. - Špatný mód připojení, nesprávné heslo nebo se nejedná o svazek VeraCrypt. - Špatný mód připojení, nesprávný souborový klíč/e a/nebo špatné heslo nebo se nejedná o svazek VeraCrypt. - Špatné heslo nebo nebyl nalezen žádný svazek VeraCrypt. - Špatný souborový klíč/heslo nebo nebyl nalezen žádný svazek VeraCrypt. - \n\nUpozornění: Caps Lock je zapnutý. Tím můžete špatně zadat heslo. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nVAROVÁNÍ: V cestě k souborovým klíčům byl nalezen skrytý soubor/y. Tyto skryté soubory nemohou být použity jako souborové klíče. Pokud je potřebujete použít jako souborové klíče, odstraňte jejich 'Skrytý' atribut (pravým tlačítkem myši na něj klikněte, vyberte 'Vlastnosti', odškrtněte 'Skrytý' a potvrďte OK). Poznámka: Skryté soubory jsou viditelné jen tehdy, pokud je daná volba zapnuta (Ovládací panely > 'Možnosti složky' > Zobrazit). - Pokud se snažíte ochránit skrytý svazek, který obsahuje skrytý systém, ujistěte se, že používáte při zadávání hesla ke skrytému svazku standardní US rozložení klávesnice. Je to nutné vzhledem k tomu, že hesla musí být zadávána v před-bootovacím prostředí (než se spustí Windows), kde nejsou ne-US rozložení klávesnice k dispozici. - VeraCrypt nenašel žádný svazek, kde by bylo přerušeno nesystémové šifrování a kde by bylo možné dešifrovat hlavičku svazku s pomocí dodaného hesla a/nebo souborového klíče/ů.\n\nUjistěte se, prosím, že heslo a/nebo souborový klíč/e jsou správné a že oddíl/svazek není používán systémem nebo aplikacemi (včetně antivirového programu). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nPoznámka: Snažíte-li se připojit oddíl umístěný na zašifrovaném systémovém disku bez před-bootovací autentifikace nebo snažíte-li se připojit zašifrovaný systémový oddíl operačního systému, který neběží, můžete tak učinit přes 'Systém' > 'Připojit bez před-bootovací autentifikace.' - V tomto módu nemůžete připojit oddíl umístěný na disku, jehož část je součástí aktivního systémového šifrování.\n\nNež budete moci připojit oddíl v tomto módu, musíte buď nabootovat z operačního systému nainstalovaném na odlišném disku (zašifrovaném nebo nezašifrovaném) nebo nabootovat z nezašifrovaného operačního systému. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Zpět - Seznam základních zařízení instalovaných na vašem systému nemohl být vytvořen! - Svazek '%s' již existuje a je jen pro čtení. Jste si jistí, že ho chcete nahradit? - Vyberte cílový adresář - Vyberte souborový klíč - Zvolte cestu pro hledání souborového klíče. UPOZORNĚNÍ: Zapamatována bude pouze cesta, nikoliv název souboru! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Navrhnuta Rossem Andersonem, Elim Bihamem a Larsem Knudsenem. Zveřejněna v roce 1998. 256-bitový klíč, 128-bitové bloky. Operační mód je XTS. Serpent byla jedním z finalistů AES. - Definujte, prosím, velikost svazku, který chcete vytvořit.\n\nVytvoříte-li dynamický (rozptýlený soubor) svaze, tento parametr určí jeho maximální možnou velikost.\n\nMinimální možná velikost FAT svazku je 292 KB. Minimální možná velikost NTFS svazku je 3792 KB. - Definujte, prosím, velikost vnějšího svazku, který se má vytvořit (nejdříve vytvoříte vnější svazek a pak skrytý uvnitř něj). Minimální možná velikost svazku, v němž má být vytvořen svazek skrytý, je 340 KB. - Zadejte, prosím, velikost skrytého svazku, který se má vytvořit. Minimální možná velikost skrytého svazku je 40 KB (nebo 3664 KB pokud je naformátován jako NTFS). Maximální možná velikost skrytého svazku je uvedena výše. - Velikost vnějšího svazku - Velikost skrytého svazku - Ověřte, prosím, že velikost vybraného zařízení/oddílu uvedená výše je správná a klikněte na Další. - Vnější svazek a skrytý svazek (obsahující skrytý operační systém) bude umístěn ve výše zmíněném oddílu. Měl by to být první oddíl hned za systémovým oddílem.\n\nOvěřte, zda je velikost oddílu a jeho číslo (viz výše) správně a pak klikněte na Další. - \n\nMinimální možná velikost svazku, v němž má být vytvořen svazek skrytý, je 340 KB. - Velikost svazku - Dynamický - VAROVÁNÍ: AUTOTEST SELHAL! - Autotesty všech šifer proběhly v pořádku - Číslo datové jednotky je příliš dlouhé nebo krátké. - Sekundární klíč, který jste zadali, je příliš dlouhý nebo příliš krátký. - Testovací šifrovaný text, který jste zadali, je příliš dlouhý nebo krátký. - Testovací klíč, který jste zadali, je příliš dlouhý nebo krátký. - Testovací čistý text, který jste zadali, je příliš dlouhý nebo krátký. - Dvě šifry v kaskádě operující v LRW módu. Každý blok je nejprve zašifrován s %s (%d-bitový klíč) a poté s %s (%d-bitový klíč). Každá šifra používá svůj vlastní klíč. Všechny klíče jsou vzájemně nezávislé. - Tři šifry v kaskádě operující v módu LRW. Každý blok je nejprve zašifrován s %s (%d-bitový klíč) a poté s %s (%d-bitový klíč) a nakonec s %s (%d-bitový klíč). Každá šifra používá svůj vlastní klíč. Všechny klíče jsou vzájemně nezávislé. - Podle konfigurace operačního systému můžou tyto funkce pro automatické spuštění a automatické připojení fungovat pouze pokud jsou data cestovních disků vytvořena na nezapisovatelném CD/DVD médiu. Toto není chyba v VeraCryptu (jde o omezení Windows). - Cestovní disk VeraCrypt byl úspěšně vytvořen.\n\nPro spuštění VeraCryptu v přenosném módu potřebujete administrátorská oprávnění. Měli byste také vědět, že prozkoumáním registrů se dá zjistit, že byl VeraCrypt spuštěn na systému Windows, i když běžel v přenosném módu. - Cestovní disk VeraCrypt - Navrhnuta Brucem Schneierem, Johnem Kelseyem, Dougem Whitingem, Davidem Wagnerem, Chrisem Hallem a Nielsem Fergusonem. Zveřejněna v roce 1998. 256-bitový klíč, 128-bitové bloky. Operační mód je XTS. Twofish byla jedním z finalistů AES. - Více informací o %s - Neznámý - Nastala nespecifikovaná nebo neznámá chyba (%d). - Některé svazky obsahují soubory nebo adresáře používané aplikacemi nebo systémem.\n\nVynutit odpojení? - &Odpojit - Odpojení selhalo! - Svazek obsahuje soubory nebo složky používané aplikacemi nebo systémem.\n\nVynutit odpojení? - K uvedenému písmenu disku není připojen žádný svazek. - Svazek, který se snažíte připojit, je již připojen. - Došlo k chybě při pokusu o připojení svazku. - Chyba při hledání umístění uvnitř svazku. - Chyba: Nesprávná velikost svazku. - VAROVÁNÍ: Rychlé formátování byste měli použít jen v těchto případech:\n\n1) Zařízení obsahuje náhodná data (např. již bylo bezpečně a úplně zašifrováno).\n2) Chcete využít ihned veškeré volné místo.\n3) Nezajímá vás otázka bezpečnosti (testování).\n\nJste si jisti, že chcete použít Rychlé formátování? - Dynamický souborový svazek je před-přidělený rozptýlený NTFS soubor, jehož fyzická velikost (platné místo na disku, které zabírá) se zvyšuje tak, jak se do něj přidávají data.\n\nVAROVÁNÍ: Výkonnost rozptýlených souborových svazků je podstatně horší než u běžných svazků. Rozptýlené souborové svazky jsou také méně bezpečné, protože je možné zjistit, které sektory svazku jsou nepoužívané. Navíc tyto svazky nemohou poskytnout hodnověrné popření (neobsahují skrytý svazek). Pokud jsou data zapsána do rozptýleného souborového svazku a na původním systému souborů není dostatek místa, zašifrovaný systém souborů se může poškodit.\n\nJste si jisti, že chcete vytvořit rozptýlený souborový svazek? - Velikost dynamického svazku, vykazovaná systémem Windows a VeraCryptem, bude vždy rovna jeho maximální velikosti. Pro zjištění aktuální fyzické velikosti svazku (místo na disku, které zabírá), klikněte pravým tlačítkem myši na soubor svazku (v okně Průzkumníka Windows, ne v VeraCryptu), pak vyberte 'Vlastnosti' a prohlédněte si hodnotu 'Velikost na disku'.\n\nMějte na paměti, že pokud přesunete dynamický svazek na jiný svazek nebo jednotku, fyzická velikost souborového svazku se zvýší na maximum. (Tomu můžete zabránit tím, že vytvoříte nový dynamický svazek v cílové oblasti, připojíte ho a pak přesunete soubory ze starého svazku do nového.) - Mezipaměť hesla vyčištěna - Hesla (a/nebo zpracovaný obsah souborového klíče) uložená v ovladači mezipaměti programu VeraCrypt byla pročištěna. - VeraCrypt nemůže změnit heslo pro cizí svazek. - Vyberte prosím volné písmeno disku ze seznamu. - Vyberte prosím nejdříve připojený svazek ze seznamu písmen jednotek. - Momentálně jsou vybrány dva připojené svazky (jeden v písmenném seznamu jednotek a druhý ve vstupním políčku pod seznamem).\n\nVyberte, prosím, který svazek chcete zvolit. - Chyba: Nelze vytvořit autorun.inf - Chyba při zpracování souborového klíče! - Chyba při zpracování cesty k souborovému klíči! - Cesta k souborovému klíči neobsahuje žádný soubor.\n\nAdresáře (a soubory, které obsahují) nalezené v cestě k souborovému klíči jsou ignorovány. - VeraCrypt nepodporuje tento operační systém. - Chyba: VeraCrypt podporuje pouze stabilní verze tohoto operačního systému (beta/RC verze nejsou podporovány). - Chyba: Nelze přidělit paměť. - Chyba: Hodnota výkonnostního čítače nemohla být zjištěna. - Chyba: Špatný formát svazku. - Chyba: Zadali jste heslo pro skrytý svazek (ne pro normální svazek). - Z bezpečnostních důvodů nemůže být skrytý svazek vytvořit uvnitř takového svazku VeraCrypt, který obsahuje systém souborů, jenž byl zašifrován za běhu (protože volné místo na svazku nebylo vyplněno libovolnými daty). - VeraCrypt - právní upozornění - Všechny soubory - Svazky VeraCrypt - Knihovny - NTFS formátování nemůže pokračovat. - Svazek nelze připojit. - Svazek nelze odpojit. - Windows nemohl zformátovat svazek jako NTFS.\n\nVyberte prosím jiný systému souborů (je-li to možné) a zkuste to znovu. Popřípadě můžete nechat svazek nenaformátovaný (vyberte 'Žádný' systém souborů), ukončete tohoto průvodce, připojte svazek a pak použijte buď systémový nástroj, nebo nástroj třetí strany k zformátování připojeného svazku (svazek zůstane zašifrovaný). - Windows nemohl naformátovat svazek jako NTFS.\n\nChcete místo toho svazek naformátovat jako FAT? - Předvolený - oddíl - ODDÍL - Zařízení - zařízení - ZAŘÍZENÍ - Oddíl - svazek - SVAZEK - Jmenovka - Vybraná velikost clusteru je pro tento svazek příliš malá. Použije se větší velikost clusteru. - Chyba: Nelze zjistit velikost svazku!\n\nUjistěte se, že vybraný svazek není používán systémem nebo aplikací. - Skryté svazky nesmí být vytvořeny uvnitř dynamických (rozptýlený soubor) svazků. Abyste dosáhli hodnověrného popření, skrytý svazek musí být vytvořit uvnitř ne-dynamického svazku. - Průvodce vytvořením svazku VeraCrypt může vytvořit skrytý svazek pouze uvnitř svazků typu FAT nebo NTFS. - V systému Windows 2000 může Průvodce vytvořením svazku VeraCrypt vytvořit skrytý svazek pouze uvnitř svazku typu FAT. - Poznámka: Systém souborů FAT je vhodnější pro vnější svazky než NTFS (například maximální možná velikost skrytého svazku by byla s největší pravděpodobností mnohem větší, pokud by byl vnější svazek naformátován jako FAT). - Systém souborů FAT je mnohem vhodnější pro vnější svazky než NTFS. Například maximální možná velikost skrytého svazku by byla s největší pravděpodobností mnohem větší, pokud by byl vnější svazek naformátován jako FAT (důvodem je, že NTFS vždy ukládá vnitřní data do poloviny svazku, a proto může být skrytý svazek umístěn jen do druhé poloviny vnějšího svazku).\n\nJste si jisti, že chcete naformátovat vnější svazek jako NTFS? - Chcete místo toho naformátovat svazek jako FAT? - Poznámka: Tento svazek nemůže být naformátován jako FAT, protože jeho velikost překračuje maximální povolenou velikost podporovanou systémem souborů FAT32 při zvolené velikosti sektorů (2 TB pro 512-bajtové sektory a 16 TB pro 4096-bajtové sektory). - Chyba: Oddíl pro skrytý operační systém (např. první oddíl hned za systémovým oddílem) musí být alespoň o 5% větší než systémový oddíl (systémový oddíl je ten, kde je nainstalován momentálně běžící operační systém). - Chyba: Oddíl pro skrytý operační systém (např. první oddíl hned za systémovým oddílem) musí být alespoň o +110% (2,1 krát) větší než systémový oddíl (systémový oddíl je ten, kde je nainstalován momentálně běžící operační systém). Důvodem je skutečnost, že systém souborů NTFS vždy ukládá vnitřní data přesně doprostřed svazku, a proto může být skrytý svazek (který bude obsahovat klon systémového oddílu) umístěn jen v druhé půlce oddílu. - Chyba: Je-li vnější svazek naformátován jako NTFS, musí být alespoň o +110% (2,1 krát) větší než systémový oddíl. Důvodem je skutečnost, že systém souborů NTFS vždy ukládá vnitřní data přesně doprostřed svazku, a proto může být skrytý svazek (který bude obsahovat klon systémového oddílu) umístěn jen v druhé půlce oddílu.\n\nPoznámka: Vnější svazek musí být umístěn ve stejném oddílu jako skrytý operační systém (např. uvnitř prvního oddílu hned za systémovým oddílem). - Chyba: Za systémovým oddílem není žádný další oddíl.\n\nNež budete moci vytvořit skrytý operační systém, musíte pro něj vytvořit oddíl na systémovém disku. Musí to být první oddíl hned za systémovým oddílem a musí být alespoň o 5% větší než systémový oddíl (systémový oddíl je ten, kde je nainstalován momentálně běžící operační systém). Pokud je ale vnější svazek (nezaměňte se systémovým oddílem) naformátován jako NTFS, oddíl pro skrytý operační systém musí být o 110% (2,1 krát) větší než systémový oddíl (důvodem je skutečnost, že systém souborů NTFS vždy ukládá vnitřní data přesně doprostřed svazku, a proto může být skrytý svazek, který bude obsahovat klon systémového oddílu, umístěn jen v druhé půlce oddílu.). - Poznámka: Není praktické (a proto ani podporované) instalovat operační systémy do dvou svazků VeraCrypt, které jsou umístěny uvnitř jednoho oddílu, protože používání vnějšího operačního systému by vyžadovalo zápis dat do oblasti skrytého operačního systému (a pokud by byly tyto zapisovací operace zamezeny použitím ochranného prvku skrytého svazku, došlo by k selhání systému, např. chyby s modrou obrazovkou). - Pro informace jak vytvořit a spravovat oddíly, viz dodaná dokumentace k vašemu operačnímu systému nebo kontaktujte technickou podporu prodejce vašeho počítače pro asistenci. - Chyba: Momentálně běžící operační systém není nainstalován na bootovacím svazku (první aktivní oddíl). To není podporováno. - Uvedli jste, že chcete v tomto svazku VeraCrypt ukládat soubory větší než 4 GB. Vybrali jste ale systém souborů FAT, kde soubory větší než 4 GB nemohou být uloženy.\n\nJste si jisti, že chcete svazek naformátovat na FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Chyba: Ke svazku nelze přistoupit!\n\nUjistěte se, že vybraný svazek existuje, že není připojený používaný systémem nebo aplikací, že máte práva pro čtení/zápis ke svazku a že svazek není chráněn proti zápisu. - Error: Cannot obtain volume properties. - Chyba: Ke svazku se nelze připojit a/nebo o něm nelze zjistit informace.\n\nUjistěte se, že vámi vybraný svazek existuje, že není používán systémem nebo aplikacemi a že máte práva pro čtení/zapisování ke svazku a že není chráněn proti zápisu. - Chyba: Ke svazku se nelze připojit a/nebo o něm nelze zjistit informace. Ujistěte se, že vámi vybraný svazek existuje, že není používán systémem nebo aplikacemi a že máte práva pro čtení/zapisování ke svazku a že není chráněn proti zápisu.\n\nPokud problém přetrvává, mohou vám pomoci kroky uvedené níže. - Svazek nemohl být VeraCryptem zašifrován, protože nastala nějaká chyba. Zkuste, prosím, nejdříve opravit všechny předešlé ohlášené chyby, a pak to zkuste znovu. Pokud problém přetrvává, mohou vám pomoci kroky uvedené níže. - VeraCrypt nemohl pokračovat v šifrování oddílu, protože nastala nějaká chyba.\n\nZkuste, prosím, nejdříve opravit všechny předešlé ohlášené chyby, a pak zkuste v procesu pokračovat. Svazek nelze připojit, dokud nebude úplně zašifrován. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Chyba: Vnější svazek nelze odpojit!\n\nSvazek nemůže být odpojen, pokud obsahuje soubory nebo složky používané programem nebo systémem.\n\nZavřete prosím jakýkoliv program, který by mohl soubory nebo adresáře na svazku používat a klikněte Znovu. - Chyba: Nelze získat informace o vnějším svazku! Vytváření svazku nemůže pokračovat. - Chyba: Nelze přistupovat na vnější svazek! Vytváření svazku nelze dokončit. - Chyba: Nemohu připojit vnější svazek! Vytváření svazku nelze dokončit. - Chyba: Nelze získat bitmapu clusteru svazku! Vytváření svazku nelze dokončit. - Abecedně/dle kategorií - Průměrná rychlost (sestupně) - Algoritmus - Šifrování - Dešifrování - Průměr - Disk - Velikost - Šifrovací algoritmus - Šifrovací algoritmus - Typ - Hodnota - Vlastnost - Oblast - bytů - Skrytý - Vnější - Normální - Systémový - Skrytý (systém) - Jen pro čtení - Systémový disk - Systémový disk (šifruji - %.2f%% hotovo) - Systémový disk (dešifruji - %.2f%% hotovo) - Systémový disk (%.2f%% zašifrováno) - Systémový oddíl - Skrytý systémový oddíl - Systémový oddíl (šifruji - %.2f%% hotovo) - Systémový oddíl (dešifruji - %.2f%% hotovo) - Systémový oddíl (%.2f%% zašifrováno) - Ano (poškození zabráněno!) - Žádný - Velikost primárního klíče - Velikost sekundárního klíče (XTS Mód) - Velikost vylepšeného klíče (LRW Mód) - bitů - Velikost bloku - PKCS-5 PRF - PKCS-5 počet iterací - Oddíl byl vytvořen - Hlavička byla naposledy změněna - (před %I64d dny) - Verze formátování svazku - Vnořená záložní hlavička - Verze bootovacího zavaděče VeraCryptu - První možné - Vyjímatelný disk - Hard disk - Nezměněný - Autodetection - Průvodcovský mód - Vyberte jeden z módů. Pokud nevíte, který zvolit, vyberte předvolený. - Zvolte tuto možnost, pokud chcete VeraCrypt nainstalovat na tento systém. - Poznámka: Aktualizaci můžete provést i bez dešifrování, i když je systémový oddíl/disk zašifrován nebo pokud používáte skrytý operační systém. - Zvolíte-li tuto možnost, budou rozbaleny všechny soubory z tohoto balíčku, ale nic nebude na systém nainstalováno. Nevybírejte tuto volbu, pokud chcete zašifrovat systémový oddíl nebo systémový disk. Výběr této možnosti může být užitečný, pokud například chcete spouštět VeraCrypt v takzvaném přenosném módu. VeraCrypt nemusí být nainstalovaný na operačním systému, pod kterým běží. Až budou všechny soubory rozbaleny, můžete rovnou spustit soubor 'VeraCrypt.exe' (pak VeraCrypt poběží v přenosném módu). - Volby nastavení - Zde můžete zadat různé volby pro kontrolu instalačního procesu. - Instaluji - Čekejte prosím, program VeraCrypt se instaluje. - VeraCrypt byl úspěšně nainstalován - VeraCrypt byl úspěšně aktualizován - Zvažte, prosím, příspěvek na podporu VeraCryptu. Pro zavření instalátoru stačí kliknout na tlačítko Dokončit. - Volby rozbalení - Zde si můžete vybrat různé volby pro kontrolu rozbalovacího procesu. - Čekejte prosím, soubory se rozbalují. - Soubory úspěšně rozbaleny - Všechny soubory byly úspěšně rozbaleny do cílového umístění. - Pokud zadaný adresář neexistuje, bude vytvořen automaticky. - Soubory programu VeraCrypt budou aktualizovány v místě, kde je VeraCrypt nainstalován. Pokud chcete vybrat jiné umístění, odinstalujte nejdříve VeraCrypt. - Chcete zobrazit poznámky k vydání aktuální (poslední stabilní) verze programu VeraCrypt? - Pokud jste ještě nikdy nepoužívali VeraCrypt, doporučujeme Vám přečíst si kapitolu Příručka pro nové uživatele v Uživatelské příručce. Chcete si přečíst průvodce? - Vyberte prosím jednu z následujících voleb: - Opravit/Přeinstalovat - Aktualizovat - Odinstalovat - Pro úspěšnou instalaci/odinstalaci VeraCryptu potřebujete administrátorská práva. Chcete pokračovat? - Instalátor programu VeraCrypt momentálně běží na tomto systému a provádí nebo připravuje instalaci nebo update programu VeraCrypt. Než budete pokračovat, počkejte na dokončení nebo jej zavřete. Pokud ho nemůžete zavřít, restartujte prosím počítač, než budete pokračovat. - Instalace selhala. - Odinstalace selhala. - Distribuční balíček je poškozený. Stáhněte jej prosím znovu (nejlépe z oficiálních stránek programu VeraCrypt na adrese https://veracrypt.codeplex.com). - Nelze zapsat soubor %s - Rozbalení - Nelze přečíst data z balíčku. - Nelze ověřit integritu tohoto distribučního balíčku. - Rozbalení selhalo. - Instalace byla vrácena zpět. - VeraCrypt byl úspěšně nainstalován. - VeraCrypt byl úspěšně aktualizován. - VeraCrypt byl aktualizován na novější verzi. Před použitím musí být váš počítač restartován.\n\nChcete ho nyní restartovat? - Aktualizace VeraCryptu selhala!\n\nDŮLEŽITÉ: Před tím, než vypnete nebo restartujete systém, doporučujeme vám použít systémový bod obnovy (nabídka Start > Všechny programy > Příslušenství > Systémové nástroje > Obnovení systému) pro obnovení systému do bodu nazvaného 'VeraCrypt instalace'. Pokud není bod obnovení k dispozici, měli byste znovu zkusit instalaci originální nebo nové verze VeraCryptu ještě před tím, než vypnete nebo restartujete systém. - VeraCrypt byl úspěšně odinstalován.\n\nKlikněte 'Dokončit' pro odstranění instalátoru VeraCrypt a složky %s. Složka nebude odstraněna, pokud obsahuje jakékoliv soubory, které nebyly nainstalovány instalátorem nebo programem VeraCrypt. - Odstraňuji záznamy v registrech o programu VeraCrypt - Přidávám záznamy do registru - Odstraňuji specifická data aplikace - Instaluji - Pozastavuji - Odstraňuji - Přidávám ikonu - Vytvářím bod obnovení - Bod obnovení se nepodařilo vytvořit! - Aktualizuji bootovací zavaděč - Instalace '%s' selhala. %s Chcete pokračovat v instalaci? - Odinstalace '%s' selhala. %s Chcete pokračovat v odinstalaci? - Instalace dokončena. - Složka '%s' nemohla být vytvořena - Ovladač zařízení VeraCrypt nemůže být odstraněn.\n\nZavřete prosím nejdříve všechny okna VeraCrypt. Pokud to nepomůže, restartujte prosím Windows a zkuste to znovu. - Všechny svazky VeraCrypt musí být odpojeny před instalací nebo odinstalací programu VeraCrypt. - Na tomto systému je aktuálně nainstalována zastaralá verze VeraCryptu. Před instalací nové verze musí být nejprve odinstalována.\n\nJakmile zavřete tento dialog, spustí se odinstalátor staré verze. Při odinstalaci VeraCryptu nedojde k dešifrování žádného svazku. Po odinstalaci staré verze VeraCryptu spusťte znovu instalátor nové verze. - Instalace záznamů do registru selhala - Instalace ovladače zařízení selhala. Restartujte prosím Windows a zkuste poté nainstalovat VeraCrypt znovu. - Startuji ovladač VeraCrypt zařízení - Odinstalace ovladače zařízení selhala. Pro odinstalaci (reinstalaci) ovladače zařízení se budete muset odhlásit nebo restartovat celý systém. - Instaluji ovladač VeraCrypt zařízení - Zastavuji ovladač VeraCrypt zařízení - Odinstalovávám ovladač VeraCrypt zařízení - Registrace podpůrné knihovny pro kontrolu uživatelského účtu selhala. - Odregistrace podpůrné knihovny pro kontrolu uživatelského účtu selhala. - Poznámka o přenosném módu:\n\nMějte na paměti, že operační systém vyžaduje, aby v něm před startem byly registrovány ovladače. Z toho plyne, že ovladač VeraCryptu není (a nemůže být) plně přenositelný (přičemž aplikace VeraCrypt jsou přenositelné úplně, např. nemusí být nainstalovány nebo registrovány v operačním systému). VeraCrypt také vyžaduje ovladač pro možnost šifrování/dešifrování za běhu. - Pokud se rozhodnete spouštět VeraCrypt v přenosném módu (oproti spouštění instalované verze VeraCryptu), systém se vás zeptá pokaždé, když se pokusíte VeraCrypt spustit (UAC prompt).\n\nDůvodem je, že pokud spouštíte VeraCrypt v přenosném módu, program si musí nahrát a spustit ovladač zařízení VeraCrypt. VeraCrypt tento ovladač potřebuje, aby poskytl jasné šifrování/dešifrování za běhu a aby uživatelé bez administrátorských oprávnění nemohli spouštět ovladače zařízení ve Windows. Proto se vás systém zeptá na oprávnění, aby mohl VeraCrypt běžet s administrátorskými oprávněními (UAC prompt).\n\nPokud VeraCrypt nainstalujete na systém (oproti spouštění VeraCryptu v přenosném módu), systém se vás NEBUDE ptát na povolení ke spuštění VeraCryptu (UAC prompt) pokaždé, když se ho pokusíte spustit.\n\nJste si jisti, že chcete soubory rozbalit? - Varování: Tato instance Průvodce vytvořením svazku má administrátorská oprávnění.\n\nVáš nový svazek může být vytvořen s takovými oprávněními, které vám nedovolí do něj zapisovat, pokud je připojen. Pokud se tomu chcete vyhnout, zavřete tuto instanci Průvodce vytvořením svazku a spusťte nový bez administrátorských oprávnění.\n\nChcete zavřít tuto instanci Průvodce vytvořením svazku? - Chyba: Nelze zobrazit licenci. - Vnější(!) - dnů - hodin - minut - s - Otevřít - Odpojit - Zobrazit VeraCrypt - Skrýt VeraCrypt - Přečteno dat od připojení - Zapsáno dat od připojení - Zašifrovaná část - 100% (plně zašifrován) - 0% (nezašifrován) - %.3f%% - 100% - Čekám - Připravuji - Měním velikost - Šifruji - Dešifruji - Dokončuji - Pozastaveno - Hotovo - Chyba - Zařízení odpojeno - Oblíbené systémové svazky byly uloženy.\n\nPro umožnění připojení systémových oblíbených svazků při startu systému vyberte 'Nastavení' > 'Oblíbené systémové svazky' > 'Připojit oblíbené systémové svazky při startu Windows'. - Svazek, který se snažíte přidat do oblíbených, není ani oddíl, ani dynamický svazek. VeraCrypt ho proto nebude moci připojit jako oblíbený, pokud se změní číslo zařízení. - Svazek, který se snažíte přidat do oblíbených, je oddíl, který Windows nerozpoznaly.\n\nVeraCrypt ho nebude moci připojit jako oblíbený, pokud se změní číslo zařízení. Zadejte takový typ oddílu, který Windows rozpoznají (použijte příkaz SETID v nástroji 'diskpart' ve Windows). Pak přidejte oddíl od oblíbených znovu. - VeraCrypt služba na pozadí je vypnuta nebo je nastavena tak, aby se vypnula, pokud neexistují žádné svazky k připojení (nebo VeraCrypt běží v přenosném módu). To může bránit vašim oblíbeným svazkům, aby byly automaticky připojeny při připojení hostujícího zařízení.\n\nPoznámka: Pro povolení VeraCrypt služby na pozadí, vyberte Nastavení > Předvolby a zaškrtněte 'Povoleno' u 'VeraCrypt služba na pozadí'. - Souborový svazek uložený na vzdáleném systému souborů, který je sdílen přes síť, nemůže být automaticky připojen, i když se připojí jeho hostitelské zařízení. - Zařízení zobrazené níže není ani oddíl ani dynamický svazek. Svazek umístěný na tomto zařízení nemůže být automaticky připojen, i když se připojí zařízení samotné. - Zadejte takový typ oddílu, který Windows rozpoznají (použijte příkaz SETID v nástroji 'diskpart' ve Windows). Pak odstraňte oddíl z oblíbených a přidejte jej znovu. To umožní, aby svazek umístěný na jiném zařízení, mohl být automaticky připojen při připojení zařízení. - Zařízení zobrazené níže není ani oddíl ani dynamický svazek. Proto mu nemůže být přidělena žádná jmenovka. - Zadejte takový typ oddílu, který Windows rozpoznají (použijte příkaz SETID v nástroji 'diskpart' ve Windows). Pak odstraňte oddíl z oblíbených a přidejte jej znovu. Tím bude moci VeraCryptu přiřadit oddílu jmenovku. - Kvůli omezení Windows nemůže být souborový svazek, který je uložen ve vzdáleném systému souborů - sdílen po síti, připojen jako oblíbený systémový svazek (ale může být připojen jako nesystémový oblíbený svazek, když se uživatel přihlásí). - Zadejte heslo pro %s - Zadejte heslo pro '%s' - Zadejte heslo pro normální/vnější svazek - Zadejte heslo pro skrytý svazek - Zadejte heslo pro hlavičku uloženou v záložním souboru - Souborový klíč byl úspěšně vytvořen. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - VAROVÁNÍ: Hlavička tohoto svazku je poškozena! VeraCrypt automaticky použil zálohu hlavičky svazku umístěnou uvnitř svazku.\n\nMěli byste opravit hlavičku pomocí 'Nástroje' > 'Obnovit hlavičku svazku'. - Záloha hlavičky svazku byla úspěšně vytvořena.\n\nDŮLEŽITÉ: Obnovením hlavičky svazku s použitím této zálohy se také obnoví aktuální heslo pro svazek. Navíc, pokud je/jsou potřeba souborový klíč(e) pro připojení svazku, ten samý souborový klíč/e bude potřeba pro připojení svazku znovu, až bude hlavička opět vytvořena.\n\nVAROVÁNÍ: Tato záloha hlavičky svazku může být použita k obnovení JEN tohoto svazku. Pokud použijete tuto zálohu hlavičky k obnovení hlavičky jiného svazku, budete moci svazek připojit, ale NEBUDETE schopni dešifrovat jakákoliv data uložená na svazku (protože změníte jeho hlavní klíč). - Hlavička svazku byla úspěšně obnovena.\n\nDŮLEŽITÉ: Staré heslo mohlo být obnoveno také. Navíc, pokud byl v době zálohy potřeba k připojení svazku souborový klíč(e), stejný souborový klíč(e) bude nyní potřeba opětnému připojení svazku. - Z bezpečnostních důvodů musíte zadat ke svazku správné heslo (a dodat správné souborové klíče).\n\nPoznámka: Pokud svazek obsahuje skrytý svazek, budete muset nejdříve zadat správné heslo (a dodat správné souborové klíče) k vnějšímu svazku. Pak, pokud zvolíte zazálohovat hlavičku skrytého svazku, budete muset zadat správné heslo (a dodat správné souborové klíče) ke skrytému svazku. - Jste si jisti, že chcete vytvořit zálohu hlavičky svazku pro %s?\n\nJakmile kliknete na Ano, zadejte jméno souboru pro zálohu hlavičky.\n\nPoznámka: Hlavičky jak standardních, tak skrytých svazků budou pře-šifrovány použitím nového řetězce a uloženy v záložním souboru. Pokud se uvnitř tohoto svazku nenachází žádný skrytý svazek, místo určené pro hlavičku skrytého svazku v záložním souboru bude vyplněno náhodnými daty (k zachování hodnověrnosti popření). Při obnově hlavičky svazku ze záložního souboru budete muset zadat správné heslo (a dodat správné souborové klíče), které bylo platné při vytvoření zálohy hlavičky svazku. Heslo (a souborové klíče) automaticky určí, jaký typ hlavičky svazku se má obnovit, např. standardní nebo skrytý (VeraCrypt zjistí typ pomocí metody pokusu a omylu). - Opravdu chcete obnovit hlavičku svazku pro %s?\n\nUPOZORNĚNÍ: Obnovením hlavičky svazku obnovíte také jeho heslo, které bylo platné v době vytvoření zálohy. Pokud byl potřeba souborový klíč(e) k připojení svazku v době vytvoření zálohy, stejný souborový klíč(e) bude potřeba k opětovnému připojení svazku po obnovení hlavičky svazku.\n\nJakmile kliknete Ano, zvolte záložní soubor hlavičky. - Obsahuje svazek skrytý svazek? - Svazek obsahuje skrytý svazek - Svazek neobsahuje skrytý svazek - Zvolte, prosím, typ zálohy hlavičky svazku, který chcete použít: - Obnovit hlavičku svazku ze zálohy uložené v tomto svazku - Obnovit hlavičku svazku z externího záložního souboru - Velikost souboru se zálohou hlavičky svazku je nesprávná. - V tomto svazku není žádná vnořená záložní hlavička (pouze svazky vytvořené programem VeraCrypt 6.0 a vyšším obsahují vnořené zálohy hlaviček). - Pokoušíte se zazálohovat hlavičku systémového oddílu/disku. To není povoleno. Zálohovací/obnovovací operace týkající se systémového oddílu/disku mohou být provedeny pouze s použitím Záchranného disku VeraCrypt.\n\nChcete vytvořit Záchranný disk VeraCrypt? - Pokoušíte se obnovit hlavičku virtuálního svazku VeraCrypt, ale vybrali jste systémový oddíl/disk. To není povoleno. Zálohovací/obnovovací operace týkající se systémového oddílu/disku mohou být provedeny pouze s použitím Záchranného disku VeraCrypt.\n\nChcete vytvořit Záchranný disk VeraCrypt? - Po kliknutí na OK zvolíte soubor pro nový obraz Záchranného disku VeraCrypt a místo, kam ho chcete uložit. - Obraz Záchranného disku byl vytvořen a uložen v tomto souboru:\n%s\n\nNyní musíte vypálit obraz Záchranného disku na CD nebo DVD.\n\nDŮLEŽÍTÉ: Soubor musí být na CD/DVD zapsán jako obraz disku (ne jako samostatný soubor). Pro více informací, viz dokumentace k vašemu CD/DVD vypalovacímu softwaru.\n\nAž Záchranný disk vypálíte, vyberte 'Systém' > 'Ověřit záchranný disk', abyste zjistili, zda byl správně vypálen. - Obraz Záchranného disku byl vytvořen a uložen v tomto souboru:\n%s\n\nNyní musíte vypálit obraz Záchranného disku na CD nebo DVD.\n\nChcete nyní spustit program Microsoft Windows Disc Image Burner?\n\nPoznámka: Až Záchranný disk vypálíte, vyberte 'Systém' > 'Ověřit záchranný disk', abyste zjistili, zda byl správně vypálen. - Vložte, prosím, Záchranný disk VeraCrypt do vaší CD/DVD mechaniky a klikněte OK pro jeho ověření. - Záchranný disk VeraCrypt byl úspěšně ověřen. - Nelze ověřit, zda byl Záchranný disk správně vypálen.\n\nPokud jste Záchranný disk vypálili, vložte ho prosím znovu do CD/DVD mechaniky a zkuste to znovu. Pokud to nepomůže, zkuste jiný vypalovací software a/nebo médium.\n\nPokusíte-li se ověřit Záchranný disk VeraCrypt vytvořený pro jiný hlavní klíč, heslo apod., mějte na vědomí, že takovéto ověřování Záchranného disku selže vždy. Pro vytvoření nového Záchranného disku, který je plně kompatibilní s aktuální konfigurací, vyberte 'Systém' > 'Vytvořit Záchranný disk'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Chyba při vytváření Záchranného disku VeraCrypt. - Záchranný disk VeraCrypt nemůže být vytvořen, pokud běží skrytý operační systém.\n\nPro vytvoření Záchranného disku VeraCrypt nabootujte klamný operační systém a vyberte 'Systém' > 'Vytvořit Záchranný disk'. - Nelze ověřit, zda byl Záchranný disk správně vypálen.\n\nPokud jste Záchranný disk vypálili, vysuňte a znovu vložte CD/DVD; pak klikněte na Další a zkuste to znovu. Pokud to nepomůže, zkuste prosím jiné médium%s.\n\nPokud jste Záchranný disk ještě nevypálili, učiňte tak a klikněte na Další.\n\nPokud jste se pokusili ověřit VeraCrypt záchranný disk, který byl vytvořen ještě před tím, než jste spustili tohoto průvodce, vězte, že takový Záchranný disk nemůže být použit, protože byl vytvořen pro jiný hlavní klíč. Musíte vypálit nově vygenerovaný Záchranný disk. - a/nebo jiný CD/DVD vypalovací software - VeraCrypt - Oblíbené systémové svazky - Co jsou oblíbené systémové svazky? - Zdá se, že systémový oddíl/disk není zašifrován.\n\nOblíbené systémové svazky mohou být připojeny pouze s použitím před-bootovacího autentifikačního hesla. Abyste mohli používat oblíbené systémové svazky, musíte nejdříve zašifrovat systémový oddíl/disk. - Před pokračováním odpojte prosím svazek. - Chyba: Nelze nastavit časovač. - Zkontrolovat systém souborů - Opravit systém souborů - Přidat do oblíbených... - Přidat do systémových oblíbených... - V&lastnosti... - Skrytý svazek je chráněn - nedostupné - Ano - Ne - Vypnuto - 1 - 2 a více - Operační mód - Jmenovka: - Velikost: - Cesta: - Písmeno jednotky: - Chyba: Heslo musí obsahovat jen ASCII znaky.\n\nNe-ASCII znaky v hesle mohou způsobit nemožnost připojení svazku při změně vaší systémové konfigurace.\n\nPovoleny jsou následující znaky:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Upozornění: Heslo obsahuje ne-ASCII znaky. To může způsobit nemožnost připojení svazku při změně vaší systémové konfigurace.\n\nMěli byste zaměnit všechny ne-ASCII znaky v hesle za ASCII znaky. Klikněte 'Svazky' -> 'Změnit heslo svazku'.\n\nToto jsou ASCII znaky:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - VAROVÁNÍ: Důrazně doporučujeme, abyste se vyhnuli souborům s příponami spustitelných souborů (např. .exe, .sys, nebo .dll) a ostatním stejně problematickým příponám. Použití takovýchto přípon způsobuje, že Windows a antivirové programy ruší souborový svazek, což nepříznivě ovlivňuje výkonnost svazku a může také způsobit další závažné problémy.\n\nDůrazně doporučujeme, abyste příponu odstranili nebo ji změnili (například na '.hc').\n\nJste si jisti, že chcete použít problematickou příponu souboru? - VAROVÁNÍ: Tento souborový svazek má příponu souborů, které se používají jako spustitelné (např. .exe, .sys, or .dll) nebo má jinou problematickou příponu. Velmi pravděpodobně to způsobí, že Windows a antivirové programy budou rušit souborový svazek, což nepříznivě ovlivní výkonnost svazku a může také způsobit další závažné problémy.\n\nDůrazně doporučujeme, abyste příponu svazku po odpojení odstranili nebo ji změnili (např. na '.hc'). - Domovská stránka - UPOZORNĚNÍ: Zdá se, že jste nenainstalovali žádný Service Pack ve vaší instalaci Windows. Neměli byst zapisovat na IDE disky větší než 128 GB v systému Windows XP, ve kterém jste nenainstalovali Service Pack 1 nebo novější! Pokud tak učiníte, data na disku (bez ohledu na to, zda jde o svazek VeraCrypt nebo ne) se mohou poškodit. Jde o omezení Windows, ne chyba programu VeraCrypt. - UPOZORNĚNÍ: Zdá se, že jste nenainstalovali Service Pack 3 nebo novější ve vaší instalaci Windows. Neměli byste zapisovat na disky větší než 128 GB v systému Windows 2000, ve kterém jste nenainstalovali Service Pack 3 nebo novější! Pokud tak učiníte, data na disku (bez ohledu na to, zda jde o svazek VeraCrypt nebo ne) se mohou poškodit. Jde o omezení Windows, ne chyba programu VeraCrypt.\n\nPoznámka: Možná také bude potřeba zapnout podporu 48-bit LBA v registrech; pro více informací viz http://support.microsoft.com/kb/305098/EN-US - VAROVÁNI: Podpora 48-bit LBA ATAPI je na vašem systému zakázána. Proto byste neměli zapisovat na IDE disky větší než 128 GB! Pokud tak učiníte, data na disku (ať už je to VeraCrypt svazek nebo ne) se mohou poškodit. Jde o omezení Windows, ne programu VeraCrypt.\n\nPro povolení podpory 48-bit LBA, přidejte hodnotu 'EnableBigLba' do registrů v registry klíči HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters a udejte mu hodnotu 1.\n\nPro více informací viz http://support.microsoft.com/kb/305098 - Chyba: Soubory větší než 4 GB nemohou být uloženy na systému souborů FAT32. Proto nemohou být souborové svazky VeraCrypt - uložené na systému souborů FAT32 - větší než 4 GB.\n\nPokud potřebujete větší svazek, vytvořte ho na systému souborů NTFS (nebo, používáte-li Windows Vista SP1 a pozdější, na exFAT souborovém systému) nebo místo vytváření souborového svazku zašifrujte celý oddíl nebo zařízení. - Varování: Windows XP nepodporují soubory větší než 2048 GB (ohlásí, že "Není dostatek volného místa"). Z tohoto důvodu nemůžete pod Windows XP vytvořit souborový svazek VeraCrypt větší než 2048 GB.\n\nStále ale můžete ve Windows XP zašifrovat celý disk nebo vytvořit VeraCrypt svazek umístěný na oddílu, který bude větší než 2048 GB. - UPOZORNĚNÍ: Pokud budete chtít v budoucnu přidávat více dat/souborů na vnější svazek, měli byste zvážit, zda nevybrat menší velikost skrytého svazku.\n\nJste si jisti, že chcete pokračovat se zadanou velikostí? - Není vybrán žádný svazek.\n\nKlikněte 'Vybrat zařízení' nebo 'Vybrat soubor' pro výběr svazku VeraCrypt. - Nebyl vybrán žádný oddíl.\n\nKlikněte 'Vybrat zařízení' pro výběr odpojeného oddílu, který běžně vyžaduje před-bootovací autentifikaci (např. oddíl umístěný na zašifrovaném systémovém disku jiného operačního systému, který neběží nebo zašifrovaný systémový oddíl jiného operačního systému).\n\nPoznámka: Vybraný oddíl bude připojen jako běžný svazek VeraCrypt bez před-bootovací autentifikace. To je vhodné např. pro zálohování nebo opravy. - VAROVÁNÍ: Jsou-li zadány a povoleny předvolené souborové klíče, svazky, které nebudou tyto souborové klíče používat, nebude možné připojit. Proto jakmile povolíte předvolené souborové klíče, pamatujte na zrušení volby 'Používat souborové klíče' (pod místem, kde se zadává heslo) kdykoliv budete používat takové svazky.\n\nJste si jisti, že chcete uložit vybrané souborové klíče/cesty jako předvolené? - Autom. připojit zařízení - Odpojit vše - Vyčistit mezipaměť - Odpojit vše & vyčistit mezipaměť - Vynutit odpojení všech & Vyčistit mezipaměť - Vynutit odpojení všech, Vyčistit mezipaměť & Konec - Připojit oblíbené oddíly - Zobrazit/skrýt hlavní okno programu VeraCrypt - (Klikněte sem a stiskněte klávesu) - Akce - Klávesová zkratka - Chyba: Tato klávesová zkratka je rezervována. Vyberte prosím jinou klávesovou zkratku. - Chyba: Klávesová zkratka je již používána. - VAROVÁNÍ: Jedna nebo více VeraCrypt systémových klávesových zkratek nebude fungovat!\n\nUjistěte se, že další aplikace a operační systém nepoužívají stejné klávesové zkratky jako VeraCrypt. - Došlo k zabránění vytvoření stránkovacího souboru.\n\nKvůli problémům ve Windows nemohou být stránkovací soubory umístěny na nesystémových svazcích VeraCrypt (včetně oblíbených systémových svazků). VeraCrypt podporuje vytvoření stránkovacích souborů pouze na nezašifrovaných systémových oddílech/discích. - Chyba nebo nekompatibilita zabraňuje programu VeraCrypt zašifrovat hibernační soubor (slouží k uspání počítače). Uspávací režim byl proto zamezen.\n\nPoznámka: Když počítač přejde do režimu spánku (nebo se přepne do režimu úspory energie), obsah operační paměti je zapsán do hibernačního souboru uloženém na disku. VeraCrypt by nemohl zabránit uložení nezašifrovaných šifrovacích klíčů a obsahu citlivých souborů do souboru pro spací režim. - Hibernaci bylo zabráněno.\n\nVeraCrypt nepodporuje hibernaci na skrytých operačních systémech, které používají dodatečný oddíl pro bootování. Bootovací oddíl je sdílen jak klamným, tak skrytým systémem. Aby se předešlo úniku dat a problémům spojených s hibernací, VeraCrypt musí zabránit skrytému systému v zapisování do sdíleného bootovacího oddílu a v hibernování. - Svazek VeraCrypt připojený jako %c: byl odpojen. - Svazky VeraCrypt byly odpojeny. - Svazky VeraCrypt byly odpojeny a mezipaměť hesla byla pročištěna. - Úspěšně odpojeno - VAROVÁNÍ: Pokud je vypnuta VeraCrypt služba na pozadí, následující funkce budou vypnuty:\n\n1) Zkratkové klávesy\n2) Automatické odpojení (např. při odhlášení, nevratném odpojení zařízení, časové prodlevě apod)\n3) Automatické připojení oblíbených svazků\n4) Upozornění (např. při předejití poškození skrytého svazku)\n5) Ikona na hlavní liště\n\nPoznámka: Službu na pozadí můžete kdykoliv vypnout kliknutím pravým tlačítkem myši na ikonu VeraCryptu vpravo dole a vyberte 'Konec'.\n\nJste si jisti, že chcete natrvalo vypnout VeraCrypt službu na pozadí? - UPOZORNĚNÍ: Pokud je tato volba vypnuta, svazky obsahující otevřené soubory/adresáře nebude možné automaticky odpojit.\n\nJste si jisti, že chcete tuto volbu vypnout? - UPOZORNĚNÍ: Svazky obsahující otevřené soubory/adresáře NEBUDOU automaticky odpojeny.\n\nAbyste tomu zabránili, povolte následující volbu v tomto dialogovém okně: 'Vynutit automatické odpojení, i když svazek obsahuje otevřené soubory nebo adresáře' - VAROVÁNÍ: Pokud je v notebooku slabá baterie, Windows mohou při přechodu do spořícího režimu zapomenout poslat vhodnou zprávu běžícím aplikacím. V takových případech se může stát, že selže automatické odpojení VeraCrypt svazků. - Naplánovali jste proces zašifrování oddílu/svazku. Proces nebyl ještě dokončen.\n\nChcete nyní proces obnovit? - Naplánovali jste proces šifrování nebo dešifrování systémového oddílu/disku. Proces ještě nebyl dokončen.\n\nChcete začít (navázat) v procesu nyní? - Chcete být upozorněn, zda chcete pokračovat v naplánovaném procesu, který má zašifrovat nesystémové oddíly/svazky? - Ano, i nadále mě upozorňuj - Ne, již mě neupozorňuj - DŮLEŽITÉ: Mějte na paměti, že proces šifrování na nesystémových oddílech/svazcích můžete obnovit z hlavní obrazovky VeraCryptu přes 'Svazky' > 'Obnovit přerušený proces'. - Naplánovali jste proces šifrování nebo dešifrování systémového oddílu/disku. Před-bootovací autentifikace ale selhala (nebo byla vynechána).\n\nPoznámka: Pokud jste dešifrovali systémový oddíl/disk v před-bootovacím prostředí, bude možná nutné dokončit tento proces přes 'Systém' > 'Trvale dešifrovat systémový oddíl/disk' z hlavního menu okna programu VeraCrypt. - VAROVÁNÍ: Pokud bude nyní VeraCrypt ukončen, následující funkce budou vypnuty:\n\n1) Zkratkové klávesy\n2) Automatické odpojení (např. při odhlášení, nevratném odpojení zařízení, časové prodlevě apod)\n3) Automatické připojení oblíbených svazků\n4) Upozornění (např. při předejití poškození skrytého svazku)\n\nPoznámka: Pokud si nepřejete, aby byl VeraCrypt spuštěn na pozadí, vypněte VeraCrypt službu na pozadí v Předvolbách (a pokud je to nutné, vypněte i automatický start VeraCryptu, také v Předvolbách).\n\nChcete nyní opravdu ukončit VeraCrypt? - Ukončit? - VeraCrypt nemá dostatek informací, aby určil, zda má šifrovat nebo dešifrovat. - VeraCrypt nemá dostatečné informace pro stanovení, zda šifrovat nebo dešifrovat.\n\nPoznámka: Pokud jste dešifrovali systémový oddíl/disk v před-bootovacím prostředí, bude možná nutné dokončit proces kliknutím na Dešifrovat. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Chcete přerušit a odložit proces šifrování oddílu/svazku?\n\nPoznámka: Vězte, že svazek nemůže být připojen, dokud nebude úplně zašifrován. Proces šifrování budete moci obnovit, naváže tam, kde naposledy skončil. Můžete tak učinit přes lištu v hlavním okně VeraCryptu - 'Svazky' > 'Obnovit přerušený proces'. - Chcete přerušit a odložit proces šifrování systémového oddílu/disku?\n\nV procesu budete moci pokračovat z místa, kde byl zastaven. Můžete tak učinit kliknutím na 'Systém' > 'Obnovit přerušený proces' z hlavního menu v okně programu VeraCrypt. Chcete-li trvale ukončit nebo vrátit proces šifrování, vyberte 'Systém' > 'Trvale dešifrovat systémový oddíl/disk'. - Chcete přerušit a odložit proces dešifrování systémového oddílu/disku?\n\nV procesu budete moci pokračovat z místa, kde byl zastaven. Můžete tak učinit kliknutím na 'Systém' > 'Obnovit přerušený proces' z hlavního menu v okně programu VeraCrypt. Chcete-li zvrátit proces dešifrování (a začít šifrovat) vyberte 'Systém' > 'Zašifrovat systémový oddíl/disk'. - Chyba: Nepodařilo se přerušit proces šifrování/dešifrování systémového oddílu/disku. - Chyba: Proces čištění nemohl být přerušen. - Chyba: Nepodařilo se pokračovat v procesu šifrování/dešifrování systémového oddílu/disku. - Chyba: Nepodařilo se spustit proces čištění. - Nekonzistence vyřešena.\n\n\n(Pokud chcete ohlásit chybu ve spojitosti s touto událostí, přiložte prosím tuto technickou informaci do zprávy o chybě: %hs) - Chyba: Neočekávaný stav.\n\n\n(Pokud budete chtít nahlásit chybu spojenou s tímto problémem, nezapomeňte do zprávy přiložit následující technické informace:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - UPOZORNĚNÍ: VeraCrypt služba na pozadí je vypnuta. Po ukončení programu VeraCrypt nebudete upozorněni, zda bylo zabráněno poškození skrytého svazku.\n\nPoznámka: Službu na pozadí můžete kdykoliv zavřít kliknutím pravého tlačítka myši na ikonu programu VeraCrypt v pravém dolním rohu a vyberte 'Konec'.\n\nPovolit VeraCrypt službu na pozadí? - Verze jazykového balíčku: %s - Kontroluji systém souborů na svazku VeraCrypt připojeném jako %s… - Pokouším se opravit souborový systém na svazku VeraCrypt připojeném jako %s… - Varování: Tento svazek je zašifrováno odkazovaným šifrovacím algoritmem.\n\nVšechny 64-bit-blokové šifrovací algoritmy (např. Blowfish, CAST-128 nebo Triple DES) jsou neschválené. Tento svazek bude možné připojit použitím budoucí verze programu VeraCrypt. Nicméně nebudou žádná další vylepšení těchto odkazovaných šifrovacích algoritmů. Doporučujeme vám vytvořit nový VeraCrypt svazek zašifrovaný 128-bit-blokovým šifrovacím algoritmem (např. AES, Serpent, Twofish, apod.) a přesuňte všechny souboru z tohoto svazku do nového. - Váš systém není nakonfigurován k autom. připojení nových svazků. Může se stát, že svazky VeraCrypt umístěné na zařízeních nebude možné připojit. Autom. připojení může být povoleno spuštěním následujícího příkazu a restartování systému.\n\nmountvol.exe /E - Přiřaďte prosím písmeno jednotky oddílu/zařízení než budete pokračovat ('Ovládací panely' > 'Systém a údržba' > 'Administrativní nástroje' - 'Vytvořit a formátovat oddíly pevného disku').\n\nJde o požadavek operačního systému. - Připojit svazek VeraCrypt - Odpojit všechny svazky VeraCrypt - VeraCrypt nemohl získat Administrátorská práva. - Přístup byl odepřen operačním systémem.\n\nMožná příčina: Operační systém vyžaduje, abyste měli práva pro čtení/zápis (nebo administrátorská oprávnění) pro určité složky, soubory a zařízení, abyste mohli číst a zapisovat data do/z nich. Uživatel bez administrátorských oprávnění může běžně vytvářet, číst a měnit soubory ve své složce s dokumenty. - Chyba: Disk používá nepodporovanou velikost sektorů.\n\nV současné době není možné vytvořit oddíl/svazky na discích, které používají sektory větší než 4096 bajtů. Na těchto discích ale můžete vytvořit souborové svazky. - V současné době není možné zašifrovat systém, který je nainstalovaný na disku, který má jinou velikost sektorů než 512 bajtů. - Bootovací zavaděč VeraCryptu potřebuje alespoň 32 Kbytů neobsazeného místa na začátku systémového disku. - Tato volba není podporována ve verzi operačního systému, který právě používáte. - VeraCrypt nepodporuje šifrování systémového oddílu/disku ve verzi operačního systému, který právě používáte. - Než budete moci zašifrovat systémový oddíl/disk na Windows Vista, musíte nainstalovat Service Pack 1 nebo vyšší (žádný takovýto Service Pack nebyl na tomto systému zatím nainstalován).\n\nPoznámka: Service Pack 1 pro Windows Vista řeší problém se zmenšením volné paměti při nabíhání systému. - VeraCrypt na Windows Vista, kde není nainstalován žádný Service Pack, již nepodporuje šifrování systémových oddílů/disků. Před aktualizací VeraCryptu si prosím nainstalujte Service Pack 1 nebo vyšší. - Chyba: Tato vlastnost vyžaduje, aby byl VeraCrypt nainstalován na vašem systému (aktuálně běží VeraCrypt v přenosném módu).\n\nNainstalujte, prosím, VeraCrypt, a pak to zkuste znovu. - VAROVÁNÍ: Zdá se, že Windows nejsou nainstalovány na stejném disku, jako odkud se spouští. To není podporováno.\n\nMěli byste pokračovat pouze tehdy, pokud jste si jisti, že Windows jsou nainstalovány na disku, odkud bootují.\n\nChcete pokračovat? - Váš systémový disk obsahuje GUID tabulku oddílů (GPT). Momentálně jsou podporovány jen disky s MBR tabulkou oddílů. - VAROVÁNÍ: Bootovací zavaděč VeraCryptu je již na vašem systémovém disku nainstalován!\n\nJe možné, že jiný systém na vašem počítači je již zašifrován.\n\nVAROVÁNÍ: BUDETE-LI POKRAČOVAT V ŠIFROVÁNÍ NYNÍ BĚŽÍCÍHO SYTÉMU, OSTATNÍ SYSTÉM NEMUSÍ POTÉ NABĚHNOUT A JEJICH DATA MOHOU BÝT NEPŘÍSTUPNÁ.\n\nJste si jisti, že chcete pokračovat? - Obnovení původního systémového zavaděče selhalo.\n\nPoužijte prosím váš Záchranný disk VeraCrypt ('Volby opravy' > 'Obnovit původní systémový zavaděč') nebo instalační médium Windows a nahraďte bootovací zavaděč VeraCryptu systémovým zavaděčem Windows. - Původní systémový zavaděč nebude uložen na Záchranném disku (pravděpodobná příčina: chybějící záložní soubor). - Zápis do MBR sektoru selhal.\n\nVáš BIOS může mít nastavenu ochranu zápisu MBR sektoru. Zkontrolujte nastavení vašeho BIOSu (zmáčkněte klávesu F2, Delete nebo Esc po zapnutí vašeho počítače) ohledně MBR/antivirové ochrany. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - Požadovaná verze bootovacího zavaděče VeraCryptu není nainstalována. To může způsobit, že některé změny nebudou zapsány. - Poznámka: V některých případech se můžete snažit skrýt před nějakou osobou (protivník) fakt, že při startu počítače používáte VeraCrypt. Volba uvedená výše vám povolí upravit bootovací obrazovku VeraCryptu. Vyberete-li první možnost, nebudou při bootování zobrazeny žádné texty (ani když zadáte špatné heslo). Počítač bude při zadávání hesla vypadat jako by zamrznul. Navíc lze zobrazit libovolný text pro zmatení protivníka. Například falešná chybová hláška jako například "Chybějící operační systém" (která se normálně zobrazuje bootovacím zavaděčem Windows, pokud nenalezne žádný oddíl s Windows). Je potřeba ale zdůraznit, že pokud dokáže protivník analyzovat obsah disku, stále může zjistit, že obsahuje bootovací zavaděč VeraCryptu. - VAROVÁNÍ: Mějte prosím na paměti, že pokud zapnete tuto volbu, bootovací zavaděč VeraCryptu nezobrazí žádné texty (ani když zadáte špatné heslo). Počítač bude vypadat jako kdyby "zamrzl" (nereaguje) zatímco budete psát heslo (kurzor se NEBUDE hýbat a při stisku kláves se nezobrazí žádné hvězdičky).\n\nJste si jisti, že chcete zapnout tuto volbu? - Váš systémový oddíl/disk je již celý zašifrován. - VeraCrypt nepodporuje šifrování systémového disku, který byl převeden na dynamický disk. - Systémový disk obsahuje rozšířené (logické) oddíly.\n\nZašifrovat celý systémový disk, který obsahuje rozšířené (logické) oddíly, můžete pouze na Windows Vista a novějších verzích Windows. Ve Windows XP můžete zašifrovat celý systém pouze za předpokladu, že obsahuje pouze primární oddíly.\n\nPoznámka: Stále můžete zašifrovat systémový oddíl místo celého systémového disku (a navíc můžete vytvořit svazky VeraCryptu umístěné na celých ne-systémových oddílech na disku). - VAROVÁNÍ: Protože máte spuštěny Windows XP/2003, po spuštění šifrování disk, NESMÍTE na něm vytvořit žádný rozšířený (logický) oddíl (můžete vytvářet pouze primární oddíly). Jakýkoliv rozšířený (logický) oddíl na disku by byl po spuštění šifrování nepřístupný (disk teď žádné takové oddíly neobsahuje).\n\nPoznámka: Není-li toto omezení akceptovatelné, můžete se vrátit zpět a vybrat, že chcete zašifrovat pouze systémový oddíl místo celého disku (a navíc můžete vytvořit svazky VeraCryptu umístěné na celých ne-systémových oddílech na disku).\n\nPřípadně, pokud je toto omezení neakceptovatelné, zvažte upgrade na Windows Vista nebo novější verzi Windows (zašifrovat celý systémový disk, který obsahuje rozšířené/logické oddíly, můžete pouze na Windows Vista nebo novějším operačním systému). - Váš systémový disk obsahuje nestandardní oddíl.\n\nPokud používáte notebook, váš systémový disk pravděpodobně obsahuje speciální oddíl pro obnovu. Po zašifrování celého systémového disku (včetně oddílu pro obnovu) by se mohlo stát, že váš systém nenaběhne - pokud používá nesprávně navržený BIOS. Také by bylo nemožné používat jakýkoliv oddíl pro obnovu, dokud systém nebude dešifrován. Proto doporučujeme zašifrovat pouze tento systémový oddíl. - Chcete zašifrovat systémový oddíl místo celého disku?\n\nMůžete také vytvářet svazky VeraCrypt umístěné na discích v oddílech uvnitř nesystémových oddílů (jako doplněk šifrování celého systémového oddílu). - Protože váš systémový disk obsahuje pouze jeden oddíl, který zabírá celý disk, je vhodné (bezpečnější) zašifrovat celý disk včetně volného "odpadlého" místa, které běžně obklopuje takový oddíl.\n\nChcete zašifrovat celý systémový disk? - Váš systém je nakonfigurován tak, aby ukládal přechodné soubory na nesystémovém oddílu.\n\nPřechodné soubory mohou být uloženy pouze na systémovém oddílu. - Soubory vašeho uživatelského profilu nejsou uloženy na systémovém oddílu.\n\nTyto soubory mohou být uloženy pouze na systémovém oddílu. - Jeden nebo více stránkovacích souborů se nacházejí na nesystémových oddílech.\n\nStránkovací soubory mohou být uloženy pouze na systémovém oddílu. - Chcete nastavit Windows, aby byly stránkovací soubory vytvořeny pouze na oddílech s Windows?\n\nPokud zvolíte 'Ano', počítač bude restartován. Pak spusťte VeraCrypt a zkuste znovu vytvořit skrytý operační systém. - V opačném případě může být nepříznivě ovlivněna hodnověrnost popírání skrytého operačního systému.\n\nPoznámka: Pokud by nepřítel zanalyzoval obsah takových souborů (které jsou umístěny na nesystémových oddílech), mohl by zjistit, že jste použili tohoto průvodce pro vytvoření skrytého systému (což může naznačit přítomnost skrytého operačního systému na vašem počítači). Jakýkoliv takovýto soubor, uložený na systémovém oddílu, bude VeraCryptem bezpečně vymazán během procesu vytvoření skrytého operačního systému. - VAROVÁNÍ: Během procesu vytvoření skrytého operačního systému budete muset úplně přeinstalovat systém, který momentálně běží (abyste mohli bezpečně vytvořit klamný systém).\n\nPoznámka: Systém, který momentálně běží a celý obsah systémového oddílu bude zkopírován do skrytého svazku (aby byl vytvořen skrytý systém).\n\n\nJste si jisti, že budete moci nainstalovat Windows s použitím instalačního média Windows (nebo pomocí servisního oddílu)? - Pokud je nutné aktuální operační systém aktivovat, pak je potřeba jej z bezpečnostních důvodů aktivovat nyní, než budete pokračovat. Skrytý operační systém bude vytvořen zkopírováním obsahu systémového oddílu do skrytého svazku (pokud tedy tento operační systém není aktivovaný, skrytý operační systém také nebude aktivovaný). Pro více informací viz sekce "Bezpečnostní požadavky a opatření týkající se skrytých svazků" v uživatelské příručce VeraCryptu.\n\nDůležité: Před tím, než budete pokračovat, ujistěte se, že jste si přečetli sekci "Bezpečnostní požadavky a opatření týkající se skrytých svazků" v uživatelské příručce VeraCryptu.\n\n\nSplňuje systém, který momentálně běží, výše uvedené podmínky? - Váš systém používá další bootovací oddíl. VeraCrypt nepodporuje hibernaci na skrytých operačních systémech, které používají další bootovací oddíl (klamné systémy mohou být zhibernovány bez problémů).\n\nBootovací oddíl by byl sdílen jak klamným, tak skrytým operačním systémem. Aby nedošlo k úniku dat a problémům s obnovením hibernace, VeraCrypt musí zabránit skrytému systému, aby zapisoval do sdíleného bootovacího oddílu, a musí také zabránit hibernaci.\n\n\nChcete pokračovat? Pokud vyberete 'Ne', zobrazí se vám pokyny pro odstranění dodatečného bootovacího oddílu. - \nDodatečný bootovací oddíl může být před instalací Windows odstraněn. Abyste to mohli udělat, řiďte se následujícími kroky:\n\n1) Nabootujte váš instalační disk Windows.\n\n2) Na instalační obrazovce Windows klikněte na 'Nyní nainstalovat' > 'Volitelné (pokročilé)'.\n\n3) Klikněte na 'Volby disku'.\n\n4) Vyberte hlavní systémový oddíl a smažte ho kliknutím na 'Smazat' a 'OK'.\n\n5) Vyberte 'Rezervovaný systémový' oddíl, klikněte 'Rozšířit', a zvyšte jeho velikost, aby do něj mohl být nainstalován operační systém.\n\n6) Klikněte na 'Použít' a 'OK'.\n\n7) Nainstalujte Windows na 'Rezervovaný systémový' oddíl.\n\n\nPokud by se útočník ptal, proč jste odstranili dodatečný bootovací oddíl, můžete odpovědět, že jste chtěli předejít jakémukoliv možnému úniku dat do nezašifrovaného bootovacího oddílu.\n\nPoznámka: Tento text si můžete vytisknout kliknutím na tlačítko 'Tisknout' níže. Pokud si uschováte kopii tohoto textu nebo jej vytisknete (důrazně doporučujeme, pokud vaše tiskárna neukládá vytištěné dokumenty na svůj pevný disk ), měli byste zničit jakékoliv jeho kopie po odstranění dodatečného bootovacího svazku (pokud by se nalezla takováto kopie, mohla by naznačovat přítomnost skrytého svazku s operačním systémem). - Varování: Mezi systémovým oddílem a prvním oddílem za ním je nealokované místo. Po vytvoření skrytého operačního systému nesmíte vytvořit žádné nové oddíly v tomto nealokovaném prostoru. Jinak nebude možné spustit skrytý operační systém (dokud nesmažete takto nově vytvořené oddíly). - Systémové šifrování momentálně nepodporuje tento algoritmus. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Souborové klíče aktuálně nejsou podporovány pro šifrování systémů. - Varování: VeraCrypt nemohl obnovit původní nastavení klávesnice. To může způsobit, že heslo bude zadáno nesprávně. - Chyba: Nelze nastavit rozvržení klávesnice na typickou americkou klávesnici.\n\nHeslo musí být nastaveno v před-bootovacím prostředí (před startem Windows), kde nejsou ne-americké klávesnice k dispozici. Proto musí být heslo vždy nastaveno s použitím rozvržení kláves jako na americké klávesnici. - Protože VeraCrypt dočasně změnil nastavení klávesnice na standardní US rozmístění kláves, není možné psát znaky při stisknuté pravé klávese Alt. Většinu takových znaků ale můžete napsat stisknutím vhodných kláves při podržené klávese Shift. - VeraCrypt zabránil změně nastavení klávesnice. - Poznámka: Heslo bude nutné zadat v před-bootovacím prostředí (než se spustí Windows) kde nejsou k dispozici ne-US klávesnice. Proto musí být heslo vždy zadáno s použitím standardní US klávesnice. Je nutné zdůraznit, že nepotřebujete opravdovou US klávesnici. VeraCrypt automaticky zajistí, abyste mohli bezpečně zadat heslo (nyní a v před-bootovacím prostředí) i když nemáte pravou US klávesnici. - Před tím, než budete moci zašifrovat oddíl/disk, musíte vytvořit Záchranný disk VeraCrypt (VRD), který slouží k následujícím účelům:\n\n- Pokud dojde k poškození bootovacího zavaděče VeraCryptu, hlavního klíče nebo jiných kritických dat, s VRD je budete moci obnovit (stále ale budete muset uvést správné heslo).\n\n- Pokud dojde k poškození Windows a nenaběhnou, s pomocí VRD budete moci natrvalo dešifrovat oddíl/disk ještě před startem Windows.\n\n- VRD bude obsahovat přesnou zálohu obsahu první stopy na disku (která obvykle obsahuje systémový zavaděč nebo bootovacího manažera) a budete ji moci tím pádem obnovit.\n\nObraz disku Záchranného disku VeraCrypt v místě uvedeném níže. - Jakmile kliknete na OK, program Microsoft Windows Disc Image Burner bude spuštěn. Použijte ho, prosím, k vypálení obrazu Záchranného disku VeraCrypt na CD nebo DVD.\n\nAž tak učiníte, vraťte se do Průvodce vytvořením svazku VeraCrypt a pokračujte dle instrukcí. - Obraz záchranného disku byl vytvořen a uložen do tohoto souboru:\n%s\n\nTeď jej musíte vypálit na CD nebo DVD.\n\n%lsPo vypálení Záchranného disku klikněte na Další pro ověření, že byl vypálen správně. - Obraz záchranného disku byl vytvořen a uložen do tohoto souboru:\n%s\n\nNyní byste měli obraz disku buď vypálit na CD/DVD nebo jej přesunout do bezpečného umístění pro pozdější použití.\n\n%lsKlikněte na Další pro pokračování. - DŮLEŽITÉ: Soubor musí být na CD/DVD zapsán jako obraz disku (ne jako jeden soubor). Pro více informací viz dokumentace k vašemu softwaru pro vypalování CD/DVD. Pokud nevlastníte žádný CD/DVD vypalovací software, který umí zapisovat ISO obrazy disku na CD/DVD, klikněte níže na odkaz pro stažení softwaru zadarmo.\n\n - Spustit Microsoft Windows Disc Image Burner - VAROVÁNÍ: Pokud jste Záchranný disk VeraCrypt vytvořili již v minulosti, nemůže být znovu použit pro tento systémový oddíl/disk, protože byl vytvořen pro odlišný hlavní klíč! Pokaždé když zašifrujete systémový oddíl/disk, musíte pro něj vytvořit nový Záchranný disk VeraCrypt, i když použijete stejné heslo. - Chyba: Nelze uložit nastavení systémového šifrování. - Nelze načíst předtest systémového šifrování. - Nelze spustit proces vytváření skrytého operačního systému. - Čistící mód - Na některých úložných médiích mohou být data, která jsou přepsána jinými daty (např. když jsou data smazána), obnovena - s použitím technik jako např. magnetická mikroskopie. To se týká také dat, která jsou přepsána jejich zašifrovanou formou (což se děje, když VeraCrypt zašifrovává původně nezašifrovaný oddíl nebo disk). Podle některých studií a vládních publikací, obnovení dat se dá předejít (nebo to lze alespoň ztížit) přepsáním dat pseudonáhodnými a určitými ne-náhodnými daty, a to vícekrát. Pokud věříte, že by mohl váš protivník použít takovéto techniky k obnovení dat, která mají být smazána, zvažte použití jednoho z čistících módů (existující data NEBUDOU ztracena). Čištění NEBUDE provedeno po zašifrování oddílu/jednotky. Až bude oddíl/jednotka plně zašifrována, žádná další nezašifrovaná data na ní nebudou zapsána. Jakákoliv data na něj zapsaná, jsou nejprve zašifrována za běhu v paměti, a teprve potom jsou zašifrovaná data zapsána na disk. - Na některých úložných médiích mohou být data, která jsou přepsána jinými daty (např. když jsou data smazána), obnovena - s použitím technik jako např. magnetická mikroskopie. Podle některých studií a vládních publikací, obnovení dat se dá předejít (nebo to lze alespoň ztížit) přepsáním dat pseudonáhodnými a určitými ne-náhodnými daty, a to vícekrát. Pokud věříte, že by mohl váš protivník použít takovéto techniky k obnovení dat, která mají být smazána, zvažte použití jednoduchého nebo více-stopého módu mazání.\n\nPoznámka: Čím více stop použijete, tím déle bude vymazání dat trvat. - Čistím - \nPoznámka: Proces čištění můžete přerušit, vypnout počítač, spustit skrytý systém znovu a pak proces obnovit (tento průvodce se spustí automaticky). Pokud ho ale přerušíte, celý proces čištění bude muset začít od začátku. - \n\nPoznámka: Pokud proces čištění přerušte a pak se pokusíte o jeho obnovu, celý proces začne opět od začátku. - Chcete přerušit proces čištění? - Varování: Obsah celého oddílu/zařízení bude vymazán a ztracen. - Obsah celého oddílu, kde je umístěn původní systém, bude vymazán.\n\nPoznámka: Obsah celého oddílu, který má být vymazán, byl zkopírován do tohoto skrytého systémového svazku. - VAROVÁNÍ: Pokud zvolíte například 3-stopý mód čištění, čas potřebný k zašifrování oddílu/disku bude 4x delší. Velmi podobně, pokud zvolíte 35-stopý mód čištění, bude 36x delší (to může trvat i několik týdnů).\n\nČištění ale NEBUDE provedeno po plném zašifrování oddílu/disku. Když je oddíl/disk úplně zašifrován, nejsou do něj zapsána žádná nezašifrovaná data. Jakákoliv data na něj zapsaná jsou nejdříve za běhu zašifrována v paměti a teprve pak jsou data (zašifrovaná) zapsána na disk (výkonnost NEBUDE ovlivněna).\n\nJste si jisti, že chcete použít mód čištění? - Žádný (nejrychlejší) - 1-stopý (náhodná data) - 3-stopý (US DoD 5220.22-M) - 7-stopý (US DoD 5220.22-M) - 35-stopý ("Gutmann") - 256-stopý - Počet operačních systémů - VAROVÁNÍ: Nezkušení uživatelé by se nikdy neměli pokoušet zašifrovat Windows ve vícesystémové bootovací konfiguraci.\n\nPokračovat? - VeraCrypt podporuje vícesystémové bootování při vytvoření/použití skrytého operačního systému pouze za následujících podmínek:\n\n- Operační systém, který aktuálně běží, musí být nainstalován na bootovacím disku, který nesmí obsahovat žádné další operační systémy.\n\n- Operační systémy nainstalované na ostatních discích nesmí používat žádný bootovací zavaděč, který by byl umístěn na disku, kde je nainstalován systém, který nyní běží.\n\nJsou výše uvedené podmínky splněny? - VeraCrypt nepodporuje tuto více-bootovací konfiguraci, pokud vytváříte/používáte skryt operační systém. - Bootovací disk - Je momentálně běžící operační systém nainstalován na bootovacím disku?\n\nPoznámka: Někdy Windows nejsou nainstalovány na tom samém disku jako zavaděč Windows (bootovací oddíl). Je-li to tento případ, zvolte 'Ne'. - VeraCrypt momentálně nepodporuje šifrování operačního systému, který nebootuje z disku, kde je nainstalován. - Počet systémových disků - Kolik operačních systémů máte na discích?\n\nPoznámka: Např. pokud máte nainstalován libovolný operační systém (Windows, Mac OS X, Linux apod.) na primárním disku a nějaké další operační systémy nainstalované na sekundárním disku, zvolte '2 nebo více'. - VeraCrypt momentálně nepodporuje šifrování celého disku, který obsahuje více operačních systémů.\n\nMožná řešení:\n\n- Stále můžete zašifrovat jeden ze systémů, pokud se vrátíte a vyberete k zašifrování pouze jeden systémový oddíl (oproti šifrování celého systémového disku).\n\n- Eventuálně budete moci zašifrovat celý disk, přesunete-li některé ze systémů na jiné disky a ponecháte jen jeden systém na disku, který chcete zašifrovat. - Více systémů nebo jeden disk - Jsou na disku, kde běží momentálně operační systém, nainstalovány další operační systémy?\n\nPoznámka: Například pokud je nyní běžící operační systém nainstalován na disku #0, který obsahuje několik oddílů a pokud jeden z těchto oddílů obsahuje Windows a jiný oddíl obsahuje další operační systém (např. Windows, Mac OS X, Linux apod.), zvolte 'Ano'. - Non-Windows bootovací zavaděč - Je v MBR (hlavní spouštěcí záznam) nainstalován non-Windows bootovací zavaděč (nebo bootovací manažer)?\n\nPoznámka: Například pokud první stopa bootovacího disku obsahuje GRUB, LILO, XOSL nebo jiný non-Windows bootovací manažer (nebo bootovací zavaděč), vyberte 'ANO'. - Vícesystémové bootování - VeraCrypt momentálně nepodporuje konfiguraci vícesystémového bootování, kde je non-Windows bootovací zavaděč nainstalován v hlavním spouštěcím záznamu.\n\nMožná řešení:\n\n- Použijete-li bootovacího manažera pro spuštění Windows a Linux, přesuňte bootovacího manažera (většinou GRUB) z hlavního spouštěcího záznamu do oddílu. Pak spusťte tohoto průvodce znovu a zašifrujte systémový oddíl/disk. Bootovací zavaděč VeraCryptu se stane vaším hlavním bootovacím manažerem a dovolí vám spustit původního bootovacího manažera hned poté (stisknutím klávesy Esc na obrazovce Bootovacího manažera VeraCrypt) a díky tomu budete moci nabootovat z operačního systému Linux. - Je-li momentálně běžící systém nainstalován na bootovacím oddílu, po jeho zašifrování budete muset zadat správné heslo, i když budete chtít spustit jakýkoliv nezašifrovaný systém(y) Windows (budou sdílet stejný Bootovací zavaděč/manažer pro Windows).\n\nNaopak, pokud momentálně běžící operační systém není nainstalován na bootovacím oddíle (nebo pokud Bootovací zavaděč/manažer Windows není používán žádným jiným systémem), pak po zašifrování systému nebudete muset zadat správné heslo pro spuštění jiných nezašifrovaných systémů -- budete muset jen zmáčknout klávesu Esc pro spuštění nezašifrovaného systému (pokud je nezašifrovaných systémů více, budete muset také zadat, který se má spustit - v Bootovacím manažerovi VeraCrypt ).\n\nPoznámka: Běžně je na bootovacím oddíle nainstalován takový systém Windows, který byl nainstalován nejdříve. - Šifrování skryté chráněné oblasti - Na konci mnoha disků je oblast, která je běžně skryta operačnímu systému (takovéto oblasti se také říká skrytá chráněná oblast). Některé programy ale umí číst a zapisovat do/z těchto oblastí.\n\nVAROVÁNÍ: Někteří výrobci počítačů mohou tyto oblasti využívat k ukládání nástrojů a dat pro RAID, obnovu systému, nastavení systému, diagnostiku pro jiné účely. Pokud musí být takovéto nástroje nebo data přístupná před bootováním, skrytá oblast by NEMĚLA být zašifrována (výše vyberte 'NE').\n\nChcete, aby VeraCrypt detekoval a zašifroval takovouto skrytou oblast (pokud existuje) na konci systémového disku? - Typ systémového šifrování - Vyberte tuto volbu, pokud chcete pouze zašifrovat systémový oddíl nebo celý systémový disk. - Může se stát, že budete někým přinuceni dešifrovat operační systém. Je mnoho situací, kdy to nemůžete odmítnout (například vydírání). Pokud vyberete tuto možnost, vytvoříte skrytý operační systém, jehož existenci nebude možné prokázat (za předpokladu, že se budete řídit konkrétními pokyny). Tím pádem nebudete muset heslo prozradit nebo skrytý operační systém dešifrovat. Pro detailnější vysvětlení klikněte na odkaz níže. - Může se stát, že budete někým přinuceni dešifrovat operační systém. Je mnoho situací, kdy to nemůžete odmítnout (například vydírání).\n\nS použitím průvodce můžete vytvořit skrytý operační systém, jehož existenci nebude možné prokázat (za předpokladu, že se budete řídit konkrétními pokyny). Tím pádem nebudete muset heslo prozradit nebo skrytý operační systém dešifrovat. - Skrytý operační systém - V následujících krocích vytvoříte na prvním oddílu za systémovým oddílem dva svazky VeraCrypt (vnější a skrytý). Skrytý svazek bude obsahovat skrytý operační systém (OS). VeraCrypt vytvoří skrytý OS zkopírováním obsahu systémového oddílu (kde je momentálně nainstalován běžící OS) do skrytého svazku. Do vnějšího svazku zkopírujete nějaká citlivě vypadající data, která ve skutečnosti NECHCETE skrýt. Budou tam pro kohokoliv, kdo se vás přinutí přimět vyzradit heslo k oddílu se skrytým OS. Heslo k vnějšímu svazku můžete prozradit (přítomnost skrytého OS zůstane utajena).\n\nNa systémovém oddílu OS, který je momentálně spuštěn, nainstalujete nový OS, tzv. klamný OS, a zašifrujete ho. Nesmí obsahovat citlivá data a bude tam pro případ, že by vás někdo nutil vyzradit heslo k před-bootovací autentifikaci. Ve výsledku budete mít celkem 3 hesla. Dvě z nich mohou být vyzrazena (pro klamný OS a vnější svazek). Použijete-li třetí, spustí se skrytý OS. - Hledají se skryté sektory - Počkejte prosím, VeraCrypt zjišťuje možné skryté sektory na konci systémového disku. Tato operace může trvat delší dobu.\n\nPoznámka: Velmi zřídka, jen na některých počítačích, se může stát, že systém nebude odpovídat během tohoto procesu. Pokud se tak stane, restartujte počítač, spusťte VeraCrypt, opakujte předchozí kroky, ale přeskočte proces detekování skrytých sektorů. Tento problém není způsobem chybou v programu VeraCrypt. - Oblast k zašifrování - Vyberte tuto možnost, pokud chcete zašifrovat celý disk, na kterém je nainstalován aktuálně běžící systém Windows. Celý disk, včetně všech jeho oddílů, bude zašifrován, až na první stopu, kde bude umístěn bootovací zavaděč VeraCryptu. Kdokoliv, kdo by chtěl přistoupit k systému, který je nainstalován na disku, nebo k souborům uloženým na disku, bude muset zadat správné heslo pokaždé, než systém naběhne. Tato volba nemůže být použita pro zašifrování sekundárního nebo externího disku, pokud na něm nejsou nainstalovány Windows a nebootují z něj. - Sběr náhodných dat - Klíče vygenerovány - VeraCrypt nenalezl žádnou vypalovačku CD/DVD. VeraCrypt potřebuje vypalovačku CD/DVD, aby mohl vypálit Záchranný bootovací disk VeraCrypt, který obsahuje zálohu šifrovacích klíčů, bootovací zavaděč VeraCryptu, původní systémový zavaděč, apod.\n\nDůrazně doporučujeme Záchranný disk VeraCrypt vypálit. - Nemám žádnou CD/DVD vypalovačku, ale uložím si image Záchranného disku na vyjímatelný disk (např. USB flash disk). - CD/DVD vypalovačku připojím k počítači později. Proces nyní ukonči. - CD/DVD vypalovačka je nyní připojena k mému počítači. Pokračuj a zapiš Záchranný disk. - Postupujte následovně:\n\n1) Připojte k vašemu počítači odnímatelný disk, např. USB flash disk.\n\n2) Zkopírujte na něj obraz Záchranného disku VeraCrypt (%s) .\n\nV případě, že budete v budoucnu potřebovat Záchranný disk VeraCrypt, budete moci připojit váš vyjímatelný disk (který obsahuje obraz Záchranného disku VeraCrypt) k počítači s CD/DVD vypalovačkou a vytvoříte tak bootovatelný Záchranný disk VeraCrypt jeho vypálením na CD nebo DVD. DŮLEŽITÉ: Obraz Záchranného disku VeraCrypt musí být na CD/DVD zapsán jako ISO obraz disku (nikoliv jako samotný soubor). - Nahrávání záchranného disku - Záchranný disk vytvořen - Otestování systémového šifrování - Záchranný disk ověřen - \nZáchranný disk VeraCrypt byl úspěšně ověřen. Vyjměte jej nyní, prosím, z mechaniky a uložte na bezpečném místě.\n\nKlikněte Další pro pokračování. - VAROVÁNÍ: Během následujících kroků nesmí být Záchranný disk VeraCrypt v CD/DVD jednotce. Jinak nebude možné dokončit kroky v pořádku.\n\nVyjměte ho prosím z jednotky a umístěte ho na bezpečné místo. Pak potvrďte OK. - Varování: Vzhledem k technickým omezením před-bootovacího prostředí, text zobrazený programem VeraCrypt v před-bootovacím prostředí (např. před startem Windows) nemůže být přeložen. Uživatelské prostředí bootovacího zavaděče VeraCryptu je celé v angličtině.\n\nPokračovat? - Před zašifrováním vašeho systémového oddílu nebo disku potřebuje VeraCrypt ověřit, že vše pracuje správně.\n\nJakmile kliknete Testovat, všechny potřebné komponenty (např. před-bootovací autentifikační část, bootovací zavaděč VeraCryptu) budou nainstalovány a váš počítač restartován. Poté musíte zadat heslo bootovacího zavaděče VeraCryptu na stránce, která se objeví před startem Windows. Po startu Windows budete automaticky informováni o výsledku tohoto předtestu.\n\nNásledující zařízení bude pozměněno: Disk #%d\n\n\nVyberete-li nyní Zrušit, nic nebude nainstalováno a před-test nebude proveden. - DŮLEŽITÉ POZNÁMKY -- PŘEČTĚTE SI JE NEBO VYTISKNĚTE (klikněte na 'Tisknout'):\n\nŽádný ze souborů nebude zašifrován, dokud nerestartujete počítač a nenaběhnou Windows. Pokud tedy cokoliv selže, vaše data NEBUDOU ztracena. Pokud ale nastanou komplikace, můžete zaznamenat komplikace při startu Windows. Proto si pozorně přečtěte (a pokud možno vytiskněte) následující pokyny, které vám řeknou, co dělat v případě, když po restartu počítače Windows nemohou naběhnout.\n\n - Co dělat, když Windows nenaběhnou\n------------------------------------------------\n\nPoznámka: Tyto instrukce jsou platné pouze tehdy, pokud jste ještě nezačali s šifrováním.\n\n- Pokud Windows nenaběhnou poté, co jste zadali správné heslo (nebo pokud jste opakovaně zadali správné heslo, ale VeraCrypt vám říká, že heslo je neplatné), nepanikařte. Restartujte počítač (vypněte a zapněte jej) a na obrazovce bootovacího zavaděče VeraCryptu zmáčkněte klávesu Esc (a pokud máte více operačních systémů, zvolte, který má naběhnout). Potom by měly Windows naběhnout (za předpokladu, že nejsou již zašifrovány) a VeraCrypt se vás automaticky zeptá, zda chcete odinstalovat před-bootovací autentifikační komponentu. Předchozí kroky NEBUDOU fungovat, pokud je systémový oddíl/disk již zašifrovaný (nikdo nemůže bez správného hesla Windows spustit nebo přistupovat k zašifrovaným datům na disku, i když se budou řídit předešlými pokyny).\n\n - - Pokud předchozí kroky nepomohou nebo pokud se nezobrazí obrazovka bootovacího zavaděče VeraCryptu (před startem Windows), vložte do vaší CD/DVD mechaniky Záchranný disk TruCrypt a restartujte počítač. Pokud se neobjeví obrazovka Záchranného disku VeraCrypt (nebo pokud nevidíte na obrazovce Záchranného disku VeraCrypt položku 'Volby oprav' v sekci 'Ovládání klávesnice'), je možné, že váš BIOS je nakonfigurován tak, aby nejdříve bootoval z pevného disku. Pokud jde o tento případ, restartujte počítač, zmáčkněte klávesu F2 nebo Delete (jakmile uvidíte startovací obrazovku BIOSu), a počkejte, až se objeví obrazovka konfigurace BIOSu. Neobjeví-li se žádná obrazovka BIOSu, restartujte (resetujte) počítač znovu a opakovaně mačkejte klávesu F2 nebo Delete ihned po restartu počítače. Až se konfigurační obrazovka BIOSu objeví, nastavte ve vašem BIOSu, aby nejdříve bootoval z CD/DVD mechaniky (pro více informací viz dokumentace k vašemu BIOSu/základní desce nebo kontaktujte podporu svého dodavatele počítač). Pak restartujte váš počítač. Nyní byste již měli vidět obrazovku Záchranného disku VeraCrypt. Na této obrazovce vyberte 'Volby oprav' stisknutím klávesy F8. Z volby 'Volby oprav' v menu vyberte 'Obnovit původní systémový zavaděč'. Pak vyjměte CD/DVD disk z mechaniky a restartujte váš počítač. Windows by měly naběhnout normálně (za předpokladu, že nejsou zašifrovány).\n\n - Předchozí kroky NEBUDOU fungovat, pokud je již systémový oddíl/disk zašifrován (nikdo nemůže bez správného hesla Windows spustit nebo se dostat k datům na této jednotce, i když se držel předchozích kroků).\n\n\nI v případě, že ztratíte Záchranný disk VeraCrypt a útočník ho najde, on nebo ona NEBUDE moci dešifrovat systémový oddíl nebo disk bez správného hesla. - Před-testování dokončeno - Předtest byl úspěšně dokončen.\n\nVAROVÁNÍ: Vězte, že pokud dojde během šifrování dat za běhu k výpadku proudu, nebo pokud operační systém selže kvůli softwarové chybě nebo hardwarovému selhání, část dat bude poškozena nebo ztracena. Proto než začnete zašifrovávat, ujistěte se, že máte záložní kopie souborů, které chcete zašifrovat. Pokud je nemáte, zazálohujte je nyní (můžete kliknout na Odložit, zazálohovat soubory a pak znovu kdykoliv spustit VeraCrypt. Vyberte 'Systém' > 'Obnovit přerušený proces' pro spuštění šifrování).\n\nAž budete připraveni, klikněte na Zašifrovat. - Kdykoliv můžete kliknout na Pauzu nebo Odložit pro přerušení procesu šifrování nebo dešifrování. Můžete také opustit tohoto průvodce, restartovat nebo vypnout váš počítač a pak proces obnovit. Bude pokračovat z bodu, kde naposledy skončil. Aby nedošlo ke zpomalení, když systém nebo aplikace čtou nebo zapisují z/do systémového oddílu, VeraCrypt automaticky čeká, dokud nejsou data zapsána nebo přečtena (viz Status dole) a pak automaticky pokračuje v šifrování nebo dešifrování. - \n\nKdykoliv můžete kliknout na Pauzu nebo Odložit pro přerušení procesu šifrování nebo dešifrování. Můžete také opustit tohoto průvodce, restartovat nebo vypnout váš počítač a pak proces obnovit. Bude pokračovat z bodu, kde naposledy skončil. Svazek nemůže být připojen, dokud nebude úplně zašifrován. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Skrytý systém byl spuštěn - Původní systém - Windows vytváří na systémovém oddílu (většinou bez toho, aniž byste to věděli nebo odsouhlasili) různé soubory s logy, dočasné soubory apod. Také ukládá aktuální obsah RAM paměti do hibernačního a stránkovacího souboru, který je uložen na systémovém oddílu. Pokud by protivník analyzoval soubory uložené na oddílu, kde je původní systém (kde je skrytý systém klonem) uložen, mohl by například zjistit, že jste použili průvodce VeraCryptu pro vytvoření skrytého systémého svazku (což může naznačit existenci skrytého operačního systému na vašem počítači).\n\nAbyste předešli těmto problémům, VeraCrypt v příštích krocích bezpečně vymaže celý obsah oddílu, kde je uložen původní systém. A poté, aby bylo dosaženo hodnověrného popření, budete muset nainstalovat na tento oddíl nový systém a zašifrovat ho. Takto vytvoříte klamný systém a celý proces vytvoření skrytého operačního systému bude dokončen. - Skrytý operační systém byl úspěšně vytvořen. Než ho ale budete moci používat (a dosáhnout důvěryhodného popření), musíte bezpečně vymazat (s použitím VeraCryptu) celý obsah oddílu, kde je nainstalován operační systém, který je momentálně spuštěn. Než tak můžete učinit, musíte restartovat váš počítač a zadat na bootovací obrazovce VeraCryptu (která se objeví před startem Windows) před-bootovací autentifikační heslo ke skrytému operačnímu systému. Jakmile skrytý systém začne nabíhat, spustí se automaticky VeraCryptový průvodce.\n\nPoznámka: Pokud se teď rozhodnete ukončit proces vytvoření skrytého operačního systému, v procesu NEBUDETE moci pokračovat a skrytý systém NEBUDE přístupný (protože dojde k odstranění bootovacího zavaděče VeraCryptu). - Naplánovali jste proces vytvoření skrytého operačního systému. Proces nebyl ještě dokončen. Aby mohl být dokončen, musíte restartovat počítač a na obrazovce bootovacího zavaděče VeraCryptu (která se objeví před startem Windows) zadat heslo ke skrytému operačnímu systému.\n\nPoznámka: Pokud nyní přerušíte vytváření skrytého operačního systému, NEBUDETE jej moci obnovit. - Restartujte počítač a pokračujte - Natrvalo přerušit proces vytváření skrytého operačního systému - Nic nedělej a zeptej se znovu později - \nPOKUD MOŽNO SI VYTISKNĚTE TENTO TEXT (klikněte na 'Tisknout' níže).\n\n\nJak a kdy použít Záchranný disk VeraCrypt (Po zašifrování)\n-----------------------------------------------------------------------------------\n\n - I. Jak nabootovat ze Záchranného disku VeraCryptu\n\nPro spuštění Záchranného disku VeraCryptu jej vložte do CD/DVD mechaniky a restartujte počítač. Pokud se neobjeví obrazovka Záchranného disku VeraCrypt (nebo pokud nevidíte na obrazovce Záchranného disku VeraCrypt položku 'Volby oprav' v sekci 'Ovládání klávesnice'), je možné, že váš BIOS je nakonfigurován tak, aby nejdříve bootoval z pevného disku. Pokud jde o tento případ, restartujte počítač, zmáčkněte klávesu F2 nebo Delete (jakmile uvidíte startovací obrazovku BIOSu), a počkejte, až se objeví obrazovka konfigurace BIOSu. Neobjeví-li se žádná obrazovka BIOSu, restartujte (resetujte) počítač znovu a opakovaně mačkejte klávesu F2 nebo Delete ihned po restartu počítače. Až se konfigurační obrazovka BIOSu objeví, nastavte ve vašem BIOSu, aby nejdříve bootoval z CD/DVD mechaniky (pro více informací viz dokumentace k vašemu BIOSu/základní desce nebo kontaktujte podporu svého dodavatele počítač). Pak restartujte váš počítač. Nyní byste již měli vidět obrazovku Záchranného disku VeraCrypt. Poznámka: Na obrazovce Záchranného disku VeraCryptu můžete vybrat 'Volby oprav' stisknutím klávesy F8.\n\n\n - II. Jak a kdy použít Záchranný disk VeraCrypt (Po zašifrování)\n\n - 1) Pokud se po startu počítače neobjeví obrazovka bootovacího zavaděče VeraCrypt (nebo pokud nenaběhnou Windows), bootovací zavaděč VeraCryptu může být poškozený. S pomocí Záchranného disku VeraCrypt ho můžete obnovit a tím získat opět přístup k zašifrovanému systému a datům (stále ale budete muset zadat správné heslo). Na obrazovce Záchranného disku VeraCrypt vyberte 'Volby oprav' > 'Obnovit bootovací zavaděč VeraCryptu'. Pak stiskněte 'Y' pro potvrzení volby, vyjměte Záchranný disk z CD/DVD jednotky a restartujte váš počítač.\n\n - 2) Pokud opakovaně zadáte správné heslo, ale VeraCrypt říká, že je heslo neplatné, hlavní klíč nebo jiná kritická data mohou být poškozena. Se Záchranným diskem VeraCrypt je můžete opravit a tím získat opět přístup k zašifrovaným datům a systému (stále ale budete muset zadat správné heslo). Na obrazovce Záchranného disku vyberte 'Volby oprav' > 'Obnovit klíčová data'. Pak zadejte vaše heslo a stiskněte 'Y' pro potvrzení volby, vyjměte Záchranný disk z CD/DVD jednotky a restartujte váš počítač.\n\n - 3) Pokud je bootovací zavaděč VeraCryptu poškozený, můžete se vyhnout jeho spuštění bootovaním přímo ze Záchranného disku VeraCrypt. Vložte váš Záchranný disk do CD/DVD mechaniky a pak na jeho obrazovce zadejte heslo.\n\n - 4) Pokud jsou Windows poškozeny a nenabíhají, s pomocí Záchranného disku VeraCrypt můžete před spuštěním Windows dešifrovat oddíl/disk. Na obrazovce Záchranného disku vyberte 'Volby oprav' > 'Natrvalo dešifrovat systémový oddíl/disk'. Zadejte správné heslo, a počkejte na dokončení dešifrování. Pak můžete například nabootovat vaše instalační CD/DVD pro MS Windows a instalaci Windows opravit.\n\n - Poznámka: Popřípadě, pokud jsou Windows poškozené (nenabíhají) a vy je potřebujete opravit (nebo se dostat k nějakému souboru), můžete se vyhnout dešifrování systémového oddílu/disku pomocí následujících kroků: Pokud máte na počítači nainstalovaných více operačních systémů, spusťte ten, který nevyžaduje před-bootovací autentifikaci. Pokud nemáte na vašem počítači nainstalovaných více operačních systémů, můžete nabootovat WinPE nebo BartPE CD/DVD nebo můžete připojti váš systémový disk jako sekundární nebo externí disk k jinému počítači a pak spustit operační systém instalovaný na daném počítači. Až systém spustíte, spusťte VeraCrypt a klikněte na 'Vybrat zařízení', vyberte zmíněný systémový oddíl, klikněte na 'OK', vyberte 'Systém' > 'Připojit bez před-bootovací autentifikace', zadejte před-bootovací autentifikační heslo a klikněte na 'OK'. Oddíl bude připojen jako běžný svazek VeraCrypt (data budou za běhu dešifrována/zašifrována v paměti RAM, jako obvykle).\n\n\n - I když ztratíte váš Záchranný disk VeraCrypt a útočník ho najde, on nebo ona NEBUDE moci systémový oddíl nebo disk bez správného hesla dešifrovat. - \n\nD Ů L E Ž I T É -- VYTISKNĚTE SI TENTO TEXT (klikněte na 'Tisk' níže).\n\n\nPoznámka: Tento text bude automaticky zobrazen pokaždé, když spustíte skrytý systém, dokud nespustíte klamný systém.\n\n\n - Jak vytvořit klamný systém bezpečně a spolehlivě\n----------------------------------------------------------------------------\n\nAby bylo možné dosáhnout hodnověrného popření, musíte teď vytvořit klamný operační systém. Pokračujte dle následujících kroků:\n\n - 1) Z bezpečnostních důvodu vypněte váš počítač a nechte ho vypnutý alespoň na pár minut (čím déle, tím lépe). Je to nutné, aby se vyčistila paměť, která obsahuje citlivá data. Pak zapněte počítač, ale nebootujte do skrytého systému.\n\n - 2) Nainstalujte Windows do oddílu, jehož obsah byl smazán (např. do oddílu, kde byl nainstalován původního systému a jehož klonem je skrytý systém).\n\nDŮLEŽITÉ: KDYŽ SPUSTÍTE INSTALACI NA KLAMNÉM SYSTÉMU, SKRYTÝ SYSTÉM *NEBUDE* MOŽNÉ SPUSTIT (protože bootovací zavaděč VeraCryptu bude smazán zavaděčem systému Windows). TOTO CHOVÁNÍ JE V POŘÁDKU. NEPANIKAŘTE, PROSÍM. SKRYTÝ SYSTÉM BUDETE MOCI SPUSTIT ZNOVU, JAKMILE ZAČNETE ZAŠIFROVÁVAT KLAMNÝ OPERAČNÍ SYSTÉM (protože VeraCrypt pak hned nainstaluje na systémový disk bootovací zavaděč VeraCryptu).\n\nDůležité: Velikost systémového svazku klamného systému musí být stejná jako velikost skrytého svazku (tato podmínka je nyní splněna). Navíc nemusíte vytvářet žádné další oddíly mezi oddílem klamného systému a oddílem, kde je umístěn skrytý systém.\n\n - 3) Spusťte klamný systém (který jste nainstalovali v kroku 2 a do nějž jste nainstalovali Veracrypt).\n\nMějte na paměti, že klamný operační systém nesmí nikdy obsahovat citlivá data.\n\n - 4) Spusťte VeraCrypt na klamném systému a vyberte 'Systém' > 'Zašifrovat systémový oddíl/disk'. Měl by se objevit Průvodce vytvořením svazku VeraCrypt.\n\nNásledující kroky se týkají Průvodce vytvořením svazku VeraCrypt.\n\n - 5) V Průvodci vytvořením svazku VeraCrypt NEVYBÍREJTE 'Skrytou' volbu. Ponechte volbu na 'Normální' a klikněte na 'Další'.\n\n - 6) Vyberte volbu 'Zašifrovat systémový oddíl Windows' a klikněte na 'Další'.\n\n - 7) Pokud je na vašem počítač nainstalován pouze skrytý a klamný systém, vyberte variantu 'Jednoduché bootování' (pokud máte na počítači více systémů, vyberte 'Více systémů při bootování'). Pak klikněte na 'Další'.\n\n - 8) DŮLEŽITÉ: V tomto kroku MUSÍTE VYBRAT PRO KLAMNÝ SYSTÉM STEJNÝ ŠIFROVACÍ ALGORITMUS A HASHOVACÍ ALGORITMUS, KTERÝ JSTE VYBRALI PRO SKRYTÝ SYSTÉM! JINAK BUDE SKRYTÝ SYSTÉM NEPŘÍSTUPNÝ! Jinými slovy, klamný systém musí být zašifrován stejným šifrovacím algoritmem jako skrytý systém. Poznámka: Důvodem je fakt, že klamný systém a skrytý systém sdílí stejný bootovací zavaděč, což je podporováno pouze jedním algoritmem, který vybere uživatel (pro každý algoritmus existuje speciální verze bootovacího zavaděče VeraCryptur).\n\n - 9) V tomto kroku vyberte heslo pro klamný operační systém. Půjde o heslo, které budete moci odhalit případnému protivníkovi, pokud se vás bude snažit přinutit vyzradit před-bootovací autentifikační heslo (druhé heslo, které můžete prozradit je to, které patří k vnějšímu svazku). Existence třetího hesla (např. před-bootovací autentifikační heslo) zůstane utajena.\n\nDůležité: Heslo, pro klamný systém musí být naprosto odlišné od toho, které si zvolíte ke skrytému svazku (např. pro skrytý operační systém).\n\n - 10) Postupujte podle zbylých instrukcí v průvodci k dokončení zašifrování klamného operačního systému.\n\n\n\n - Po vytvoření klamného systému\n------------------------------------------------\n\nJakmile klamný systém zašifrujete, celý proces vytvoření skrytého operačního systému bude dokončen a vy budete již moci používat tyto tři hesla:\n\n1) Před-bootovací autentifikační heslo pro skrytý operační systém.\n\n2) Před-bootovací autentifikační heslo pro klamný operační systém.\n\n3) Heslo pro vnější svazek.\n\n - Pokud chcete spustit skrytý operační systém, musíte již pouze zadat heslo pro skrytý OS - na obrazovce bootovacího zavaděče VeraCryptu (která se objeví po spuštění nebo restartu počítače).\n\nPokud chcete spustit operační klamný operační systém, musíte již pouze zadat heslo pro klamný OS - na obrazovce bootovacího zavaděče VeraCryptu.\n\nHeslo pro klamný operační systém může být prozrazeno komukoliv, kdo by se ho z vás snažil dostat násilím. Existence skrytého svazku (a skrytého operačního systému) zůstane skryta.\n\n - Třetí heslo (pro vnější svazek) může být prozrazeno komukoliv, kdo by se snažil získat heslo k prvnímu oddílu za systémovým oddílem, kde jsou umístěny jak vnější svazek, tak i svazek skrytý (ten obsahuje skrytý operační systém). Existence skrytého svazku (a skrytého operačního systému) zůstane utajena.\n\n\n - Pokud jste odhalili protivníkovi heslo ke klamnému systému, a on se vás zeptá, proč je volné místo na oddílu klamného systému zaplněno náhodnými daty, můžete odpovědět např.: "Oddíl původně obsahoval zašifrovaný systémový svazek zašifrovaný VeraCryptem, ale já jsem zapomněl před-bootovací autentifikační heslo (nebo byl systém poškozen a přestal nabíhat), takže jsem musel celý systém Windows přeinstalovat a zašifrovat oddíl znovu."\n\n\n - Pokud jste se řídili všemi instrukcemi, požadavky a opatřeními uvedenými v sekci "Bezpečnostní požadavky a opatření týkající se skrytých svazků" v uživatelské příručce VeraCryptu, mělo by být nemožné prokázat, že existuje skrytý svazek a skrytý operační systém, i když bude připojen vnější svazek nebo když by byl klamný operační systémem dešifrován nebo spuštěn.\n\nPokud si uložíte kopii tohoto textu nebo si ji uložíte (důrazně doporučujeme, pokud náhodou vaše tiskárna neukládá vytištěné dokumenty do své paměti), měli byste jakékoliv takové kopie zničit poté, co klamný systém vytvoříte a pochopíte všechny informace, které jsou v textu uvedené (v opačném případě, pokud by někdo takovou kopii nalezl, mohl by to být náznak toho, že se na vašem počítači nachází skrytý operační systém).\n\n - VAROVÁNÍ: POKUD NEOCHRÁNÍTE SKRYTÝ SVAZEK (pro více informací, viz sekce "Ochrana skrytých svazků proti poškození" v uživatelské příručce VeraCrypt), NEZAPISUJTE DO VNĚJŠÍHO SVAZKU (klamný operační systém NENÍ nainstalován ve vnějším svazku). JINAK SI MŮŽETE PŘEPSAT A POŠKODIT SKRYTÝ SVAZEK (A SKRYTÝ OPERAČNÍ SYSTÉM UVNITŘ)! - Klonování operačního systému - V následujícím kroku vytvoří VeraCrypt skrytý operační systém tak, že zkopíruje obsah systémového oddílu do skrytého svazku (kopírovaná data budou zašifrována za běhu jiným šifrovacím klíčem, než je ten, co se používá pro klamný operační systém).\n\nProces bude proveden v před-bootovacím prostředí (než se Windows spustí) a může to trvat delší dobu; několik hodin nebo dokonce několik dní (záleží na velikosti systémového oddílu a na výkonu vašeho počítače).\n\nBudete moci proces přerušit, vypnout počítač a pak spustit operační systém a pokračovat v procesu. Pokud ho ale přerušíte, celý proces kopírování systému bude spuštěn úplně od začátku (protože obsah systémového oddílu se nesmí během klonování změnit). - Chcete zrušit celý proces vytváření skrytého operačního systému?\n\nPoznámka: NEBUDETE moci pokračovat, pokud ho nyní zrušíte. - Chcete zrušit před-testování šifrování systému? - Předběžná zkouška zašifrování systému selhala. Chcete to zkusit znovu?\n\nVyberete-li 'Ne', před-bootovací autentifikační komponenta bude odinstalována.\n\nPoznámka:\n\n- Pokud vás bootovací zavaděč VeraCryptu nevyzval k zadání hesla před startem Windows, je možné, že vás operační systém nebootuje z disku, na kterém je nainstalován. To není podporováno.\n\n- Pokud jste použili jiný šifrovací algoritmus než AES a předběžná zkouška selhala (a vy jste zadali heslo), může to být způsobeno nevhodně navrženým ovladačem. Vyberte 'Ne' a zkuste systémový oddíl/jednotku znovu zašifrovat, ale použijte šifrovací algoritmus AES (který má nejmenší nároky na paměť).\n\n- Pro zjištění, jaké jsou další možné příčiny a řešení, viz: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - Systémový oddíl/disk pravděpodobně není zašifrován (ani částečně ani plně). - Váš systémový oddíl/disk je zašifrován (částečně nebo plně).\n\nPřed pokračováním celý systémový oddíl/disk nejdříve dešifrujte. Pokud tak chcete učinit, zvolte 'Systém' > 'Trvale dešifrovat systémový oddíl/disk' z menu hlavního okna programu VeraCrypt. - Je-li systémový oddíl/disk zašifrován (částečně nebo úplně), nemůžete snížit verzi VeraCryptu (ale můžete jej aktualizovat nebo přeinstalovat stejnou verzi). - Váš systémový oddíl/disk je momentálně zašifrováván/dešifrováván nebo jinak pozměňován. Před pokračováním zrušte proces šifrování/dešifrování/pozměňování (nebo počkejte na jeho dokončení). - Na tomto systému již běží jiná instance Průvodce vytvořením svazku VeraCrypt a provádí nebo připravuje šifrování/dešifrování systémového oddílu/disku. Než budete pokračovat, počkejte, prosím, až skončí nebo jej zavřete. Pokud jej nemůžete zavřít, restartujte nejdříve váš počítač a pak pokračujte. - Proces šifrování nebo dešifrování systémového oddílu-disku nebyl dokončen. Počkejte, prosím, než bude dokončen. - Chyba: Proces šifrování oddílu/disku nebyl dokončen. Nejdříve je nutné jej dokončit. - Chyba: Proces šifrování oddílu/svazku nebyl dokončen. Nejdříve musí skončit. \n\nPoznámka: Pro pokračování procesu vyberte 'Svazky' > 'Obnovit přerušený proces' z menu nabídky hlavního okna VeraCryptu. - Heslo je správné, VeraCrypt úspěšně dešifrovat hlavičku svazku a zjistil, že tento svazek je skrytý operační systém. Avšak hlavička skrytého systémového svazku nemůže být takto změněna.\n\nPro změnu hesla skrytého systémového svazku nabootujte operační systém, který je umístěn ve skrytém svazku a pak vyberte 'Systém' > 'Změnit heslo' z lišty hlavního okna programu VeraCrypt.\n\nPro zadání hlavičkového klíče derivačního algoritmu nabootujte skrytý operační systém a pak vyberte 'Systém' > 'Zadat hlavičku klíče derivačního algoritmu'. - VeraCrypt nepodporuje okamžité dešifrování skrytého systémového oddílu.\n\nPoznámka: Chcete-li dešifrovat oddíl klamného operačního systému, nabootujte klamný operační systém a vyberte 'Systém' > 'Trvale dešifrovat systémový oddíl/disk' z lišty hlavního okna programu VeraCrypt. - Chyba: Nesprávný/neplatný parametr. - Vybrali jste oddíl nebo zařízení, ale zvolený průvodce je vhodný pouze pro souborové svazky.\n\nChcete změnit mód průvodce? - Chcete místo toho vytvořit souborový svazek VeraCrypt? - Vybrali jste systémový oddíl/jednotku (nebo bootovací oddíl), ale průvodce, kterého jste vybrali, je vhodný pouze pro nesystémové oddíly/jednotky.\n\nChcete nastavit před-bootovací autentifikaci (což znamená, že budete muset zadávat heslo při každém startu Windows) a zašifrovat systémový oddíl/jednotku? - Jste si jisti, že chcete trvale dešifrovat systémový oddíl/disk? - VAROVÁNÍ: Pokud trvale dešifrujete systémový oddíl/disk, budou na něj zapsána nezašifrovaná data.\n\nJste si opravdu jisti, že chcete trvale dešifrovat systémový oddíl/disk? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Varování: Použijete-li k zašifrování systému kaskádu šifer, můžete zaznamenat následující problémy:\n\n1) Bootovací zavaděč VeraCryptu je větší než obvykle, a proto není v prvním stopě disku dostatek místa pro zálohu bootovacího zavaděče VeraCryptu. Proto, pokud dojde k jeho poškození, (což se stává často, například při nevhodně navržené aktivaci protipirátské ochrany určitých programů), budete muset použít Záchranný disk VeraCrypt pro nabootování a opravě bootovacího zavaděče VeraCryptu.\n\n2) Na některých počítačích trvá obnovení z hibernace delší dobu.\n\nTěmto případným problémům můžete předejít, pokud vyberete nekaskádový šifrovací algoritmus (např. AES).\n\nJste si jisti, že chcete použít kaskádu šifer? - Zaznamenáte-li některé z popisovaných problémů, dešifrujte oddíl/disk (pokud je zašifrovaný) a pak jej zkuste zašifrovat znovu použitím ne-kaskádového šifrovacího algoritmu (např. AES). - VAROVÁNÍ: Z bezpečnostních důvodů byste měli aktualizovat VeraCrypt na klamném operačním systému před jeho aktualizací na skrytém operačním systému.\n\nAbyste tak učinili, nastartujte klamný operační systém a spusťte z něj instalátor programu VeraCrypt. Poté nastartujte skrytý systém a z něj také spusťte instalátor.\n\nPoznámka: Klamný operační systém a skrytý systém sdílejí jednotný bootovací zavaděč. Pokud jste aktualizovali VeraCrypt jen na skrytém systému (ale ne na klamném systému), klamný systém bude obsahovat ovladač programu VeraCrypt a VeraCrypt aplikace, jejichž verze budou rozdílné od Bootovacího zavaděče VeraCryptu. Takovýto rozpor by mohl být signálem, že je na vašem počítači skrytý operační systém.\n\n\nChcete pokračovat? (Nedoporučeno.) - Verze Bootovacího zavaděče VeraCryptu, který startoval tento operační systém, je jiná než ovladače VeraCrypt (a aplikace VeraCrypt) instalované na tomto systému.\n\nMěli byste spustit instalátor VeraCrypt (jehož verze je ta samá jako ta, která je v Bootovacím zavaděči VeraCryptu) pro aktualizaci programu VeraCrypt na tomto operačním systému. - Verze bootovacího zavaděče VeraCryptu, který spustil tento operační systém, je jiná, než verze ovladače VeraCryptu (a VeraCrypt aplikací) instalovaného na tomto systému. Starší verze mohou obsahovat chyby, které jsou opraveny v novějších verzích.\n\nPokud jste nebootovali ze Záchranného disku VeraCrypt, měli byste přeinstalovat VeraCrypt nebo jej aktualizovat na nejnovější stabilní verzi (bootovací zavaděč bude aktualizován také).\n\nPokud jste bootovali ze Záchranného disku VeraCrypt, měli byste jej aktualizovat ('Systém' > 'Vytvořit záchranný disk'). - Bootovací zavaděč VeraCryptu byl aktualizován.\n\nDůrazně doporučujeme vytvořit nový Záchranný disk VeraCrypt (který bude obsahovat novou verzi Bootovacího zavaděče VeraCryptu) přes 'Systém' > 'Vytvořit záchranný disk' po restartu počítače. - Bootovací zavaděč VeraCryptu byl aktualizován.\n\nDůrazně doporučujeme nabootovat klamný operační systém a vytvořit nový Záchranný disk VeraCrypt (který bude obsahovat novou verzi Bootovacího zavaděče VeraCryptu) vybráním 'Systém' > 'Vytvořit záchranný disk'. - Aktualizace bootovacího zavaděče VeraCryptu selhala. - VeraCrypt nemohl zjistit opravdovou velikost systémového disku, a proto použije velikost zjištěnou operačním systémem (což může být méně než opravdová velikost). Nejde o chybu v programu VeraCrypt. - VAROVÁNÍ: Zdá se, že VeraCrypt se již pokusil detekovat skryté sektory na tomto systémovém disku. Pokud jste zaznamenali jakékoliv problémy během předchozího detekčního procesu, můžete se nyní vyhnout těmto problémům přeskočením detekčního procesu skrytých sektorů. Pokud tak učiníte, VeraCrypt použije velikost určenou operačním systémem (která může být menší než opravdová velikost disku).\n\nToto chování není způsobenou chybou v programu VeraCrypt. - Přeskočit vyhledávání skrytých sektorů (použít velikost určenou systémem) - Zkusit znovu vyhledat skryté sektory - Chyba: Obsah jednoho nebo více sektorů na disku nemůže být přečten (pravděpodobně kvůli fyzickému poškození).\n\nProces okamžitého zašifrování může pokračovat pouze tehdy, když budou sektory opět čitelné. VeraCrypt se může pokusit změnit jejich čitelnost tím, že do nich zapíše nuly (následně všechny nulové bloky budou zašifrovány). Všechna data uložená v nečitelných sektorech tím ale budou ztracena. Pokud se tomu chcete vyhnout, můžete se pokusit opravit části poškozených dat použitím nástroje někoho jiného.\n\nPoznámka: V případě fyzického poškození sektorů (oproti obyčejnému poškození dat a chybě kontrolních součtů) se většina zařízení snaží interně přemístit tyto sektory, pokud je učiněn pokus o zápis do nich (aby existující data v poškozených sektorech zůstala nezašifrována).\n\nChcete, aby VeraCrypt zapsal nuly do nečitelných sektorů? - Chyba: Obsah jednoho nebo více sektorů na disku nemůže být přečten (pravděpodobně kvůli fyzickému poškození).\n\nAbyste mohli pokračovat s dešifrováním, VeraCrypt bude muset zničit obsah nečitelných sektorů (obsah bude vyplněn náhodnými daty). Mějte prosím na paměti, že před pokračováním se můžete ještě pokusit opravit části poškozených dat pomocí nějakého nástroje třetí strany.\n\nChcete, aby VeraCrypt nyní zničil data v nečitelných sektorech? - Poznámka: VeraCrypt nahradil obsah %I64d nečitelných sektorů (%s) šifrovanými nulovými bloky s nešifrovaným textem. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Zadejte heslo/PIN pro token '%s': - Aby mohl VeraCrypt přistupovat k bezpečnostnímu tokenu nebo smart kartě, potřebujete nejdříve pro token/smart kartu vybrat softwarovou knihovnu PKCS #11. Tato knihovna může být dodávána se zařízením nebo může být k dispozici ke stažení na stránkách výrobce nebo třetí strany.\n\nJakmile knihovnu nainstalujete, můžete ji vybrat buď manuálně přes 'Vybrat knihovnu' nebo nechte VeraCrypt, ať ji nalezne sám, a to s pomocí 'Autodetekce knihovny' (bude prohledán pouze systémový adresář Windows). - Poznámka: Název souboru a umístění vaší nainstalované knihovny PKCS #11 k bezpečnostnímu tokenu/smart kartě naleznete v dokumentaci dodané k tokenu/smart kartě.\n\nKlikněte na 'OK' a vyberte cestu a jméno souboru. - Aby mohl VeraCrypt přistupovat k bezpečnostnímu tokenu nebo smart kartě, potřebujete nejdříve pro token/smart kartu vybrat softwarovou knihovnu PKCS #11. Vyberte 'Nastavení' > 'Bezpečnostní tokeny'. - Inicializace knihovny PKCS #11 pro bezpečnostní token selhala.\n\nUjistěte se, prosím, že uvedená cesta a jméno souboru je platná pro knihovnu PKCS #11. Pro zadání názvu a cesty ke knihovně PKCS #11, vyberte 'Nastavení' > 'Bezpečnostní tokeny'. - V systémovém adresáři Windows nebyla nalezena žádná knihovna PKCS #11.\n\nUjistěte se, prosím, že knihovna PKCS #11 pro váš bezpečnostní token (nebo pro smart kartu) je nainstalována (např. knihovna, která je dodávána přímo s tokenem/kartou nebo může být ke stažení na stránce výrobce nebo třetích stran). Pokud je nainstalována do jiného než systémového adresáře Windows, zvolte 'Vybrat knihovnu' a najděte ji (např. složka, kde je nainstalován software k tokenu/kartě). - Nebyl nalezen žádný bezpečnostní token.\n\nUjistěte se, prosím, že je váš bezpečnostní token připojen k počítači a že máte nainstalován správný ovladač tohoto zařízení. - Souborový klíč bezpečnostního tokenu nebyl nalezen. - Souborový klíč bezpečnostního tokenu se stejným názvem již existuje. - Chcete smazat vybrané soubory? - Cesta k souborovému klíči bezpečnostního tokenu je neplatná. - Chyba bezpečnostního tokenu - Heslo bezpečnostního tokenu je nesprávné. - Bezpečnostní token nemá k dispozici dost paměti/místa pro provedení požadované operace.\n\nPokud se snažíte importovat souborový klíč, vyberte menší soubor nebo použijte souborový klíč vygenerovaný VeraCryptem (vyberte 'Nástroje' > 'Generátor souborového klíče'). - Všechny otevřené relace bezpečnostního tokenu byly uzavřeny. - Vyberte souborové klíče bezpečnostního tokenu - Slot - Název tokenu - Název souboru - DŮLEŽITÉ: Před-bootovací autentifikační hesla jsou vždy zadávána na klasické US klávesnici. Svazek, který používá heslo napsané na jiném rozložení klávesnice, se vám nemusí tím pádem podařit připojit (nejde o chybu VeraCryptu). Aby mohl být takovýto svazek s před-bootovacím autentifikačním heslem připojen, následujte tyto kroky:\n\n1) Klikněte na 'Vybrat soubor' nebo 'Vybrat zařízení' a vyberte svazek.\n2) Vyberte 'Svazky' > 'Změnit heslo svazku'.\n3) Zadejte současné heslo pro svazek.\n4) Změňte rozložení klávesnice na anglickou (US) kliknutím na jazykovou ikonu dole vpravo na hlavní liště Windows a vyberte 'EN Anglická (United States)'.\n5) V VeraCryptu, do políčka nové heslo, napište před-bootovací autentifikační heslo.\n6) Heslo potvrďte ještě jednou do druhého políčka a klikněte na 'OK'.\nVAROVÁNÍ: Mějte na paměti, že pokud budete pokračovat podle těchto kroků, heslo ke svazku musíte vždy napsat na americkém rozložení klávesnice (což bude automaticky nastaveno pouze v před-bootovacím prostředí). - Systémový oblíbený svazek bude připojen s použitím před-autentifikačního hesla. Pokud nějaký ze systémových oblíbených svazků používá jiné heslo, nebude připojen. - Pokud nechcete, aby běžné akce svazků VeraCrypt (např. 'Odpojit vše', automaticky-odpojit, atd.) ovlivnily oblíbené systémové svazky, měli byste zapnout volby 'Zobrazení a odpojení systémových oblíbených svazků v VeraCryptu povolit pouze administrátorům '. Navíc, pokud VeraCrypt běží bez administrátorských práv (výchozí pro Windows Vista a novější), oblíbené systémové svazky nebudou zobrazeny v písmenném seznamu disků v hlavním okně aplikace VeraCrypt. - DŮLEŽITÉ: Mějte na paměti, že pokud je tato volba zapnuta a VeraCrypt nemá administrátorská oprávnění, připojené oblíbené systémové svazky NEJSOU zobrazeny v okně aplikace VeraCrypt a nemohou být odpojeny. Proto, pokud potřebujete např. odpojit systémový oblíbený svazek, klikněte pravým tlačítkem myši na ikonu VeraCryptu (v menu Start) a vyberte 'Spustit jako správce. Stejné omezení platí pro funkce 'Odpojit vše', 'Autom.-odpojit', klávesové zkratky 'Odpojit vše' atd. - Toto nastavení se projeví až po restartu operačního systému. - Chyba při překladu příkazového řádku. - Záchranný disk - Vybrat &soubor a připojit... - Vybrat &zařízení a připojit... - Povolit zobrazení a odpojení systémových oblíbených svazků v VeraCryptu pouze administrátorům - Připojit oblíbené systémové svazky při startu Windows (v úvodní fázi startovací procedury) - Varování: Systém souborů na jednotce připojené jako '%s' nebyl čistě odpojen a může tak obsahovat chyby. Použití poškozeného systému souborů může způsobit ztrátu dat nebo jejich poškození.\n\nPoznámka: Před tím, než fyzicky odpojíte nebo vypnete zařízení (např. USB flash disk nebo externí disk), kde je uložen připojený svazek VeraCrypt, měli byste tento svazek nejdříve odpojit v VeraCryptu.\n\n\nChcete, aby se systém Windows pokusil najít a opravit chyby (pokud nějaké jsou) na souborovém systému? - Varování: Jeden nebo více oblíbených systémových svazků nebyl čistě odpojen a může tím pádem obsahovat chyby systému souborů. Pro více informací zkontrolujte log systémových událostí.\n\nPoužití poškozeného systému souborů může způsobit ztrátu dat nebo jejich poškození. Měli byste příslušný systémový oblíbený svazek zkontrolovat na chyby (pravým tlačítkem myši na něj v VeraCryptu klikněte a vyberte 'Opravit systém souborů'). - Varování: Oprava poškozeného systému souborů nástrojem Microsoft 'chkdsk' může způsobit ztrátu souborů v poškozených oblastech. Proto se doporučuje nejdříve zálohovat soubory uložené ve svazku VeraCrypt do jiného, zdravého svazku VeraCrypt.\n\nChcete nyní opravit systém souborů? - Jednotka '%s' byla připojena pouze pro čtení, protože zápis byl zamítnut. \n\nUjistěte se, prosím, že bezpečnostní oprávnění souborového svazku vám umožňuje do něj zapisovat (pravým tlačítkem myši klikněte na svazek a vyberte Vlastnosti > Zabezpečení).\n\nVzhledem k problému ve Windows se může stát, že toto varování uvidíte i po změně bezpečnostního nastaveni. Nejedná se o chybu v VeraCryptu. Možným řešením je svazek přesunout, například do složky 'Dokumenty'.\n\nPokud chcete nechat svazek nezapisovatelný, zadejte u svazku atribut pouze pro čtení (pravým tlačítkem klikněte na svazek a vyberte Vlastnosti > Pouze pro čtení), což potlačí toto varování. - Jednotka '%s' musela být připojena pouze pro čtení, protože byl zamítnut zápis.\n\nUjistěte se, prosím, že žádná další aplikace (např. antivirový program) nepřistupuje k oddílu/zařízení, na kterém je jednotka umístěna. - Jednotka '%s' byla připojena pouze pro čtení. Operační systém zjistil, že hostovací zařízení je chráněné proti zápisu.\n\nTo se může stát s upravenými ovladači chipsetu, které špatně identifikují média jako nezapisovatelná. Tento problém nezpůsobuje VeraCrypt. Můžete se ho pokusit vyřešit aktualizací nebo odinstalací jakýchkoliv upravených ovladačů chipsetu (non-Microsoft), které mate aktuálně nainstalovány na vašem systému. - Hyper-Threading technologie poskytuje více logických jader na jedno fyzické jádro. Je-li Hyper Threading zapnut, číslo uvedené nahoře ukazuje počet logických procesorů/jader. - %d vláken - Hardwarově akcelerované AES je vypnuto, což ovlivní výsledky výkonnostních testů (horší výkon).\n\nPro zapnutí hardwarové akcelerace vyberte 'Nastavení' > 'Výkon' a zapněte odpovídající volbu. - Počet vláken je momentálně omezen, což omezí výsledky výkonnostních testů (horší výkon).\n\nPro využití plného potenciálu procesoru/ů, vyberte 'Nastavení' > 'Výkon' a vypněte odpovídající nastavení. - Chcete, aby se VeraCrypt pokusil vypnout ochranu proti zapisování do tohoto oddílu/disku? - VAROVÁNÍ: Tato volba může ovlivnit výkonnost.\n\nJste si jisti, že chcete použít toto nastavení? - Varování: Svazek VeraCrypt byl automaticky odpojen - Před tím, než fyzicky odpojíte nebo vypnete zařízení, které obsahuje připojený svazek, měli byste tento svazek nejdříve odpojit v VeraCryptu.\n\nNeočekávané a nenadále odpojení je většinou způsobeno náhle selhávajícím kabelem, diskem (šuplíkem) apod. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Test - Souborový klíč - Backspace - Tab - Clear - Enter - Pauza - Caps Lock - Mezernk - Page Up - Page Down - End - Home - Šipka vlevo - Šipka nahoru - Šipka doprava - Šipka dolů - Vybrat - Klávesa pro tisk - Klávesa spustit - Print Screen - Insert - Delete - Aplikační klávesa - Uspat počítač - Num Lock - Scroll Lock - Prohlížeč - zpět - Prohlížeč - vpřed - Prohlížeč - obnovit - Prohlížeč - stop - Prohlížeč - hledat - Prohlížeč - oblíbené - Domovská stránka prohlížeče - Vypnout zvuk - Snížit hlasitost - Zvýšit hlasitost - Další stopa - Předchozí stopa - Stop - Hrát/Pauza - Emailový prohlížeč - Klávesa pro výběr média - Aplikace 1 - Aplikace 2 - Attn - CrSel - ExSel - Přehrát - Zvětšit - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Zrušit + &Instalovat pro všechny uživatele + P&rocházet… + Přidat ikonu VeraCrypt na p&lochu + Podpořte nás... + Asociovat pří&ponu .hc s programem VeraCrypt + &Otevřít cílovou složku po dokončení + Přidat VeraCrypt do &Start menu + Vytvořit bod o&bnovení + Odinsta&lovat + &Rozbalit + &Instalovat + Průvodce instalací programu VeraCrypt + Odinstalovat VeraCrypt + &Nápověda + Vyberte nebo zadejte prosím složku, kam chcete umístit rozbalené soubory: + Vyberte nebo zadejte prosím složku, kam chcete program Veracrypt nainstalovat. Pokud daná složka neexistuje, bude automaticky vytvořena. + Klikněte Odinstalovat pro odstranění programu VeraCrypt z tohoto systému. + Přerušit + &Test výkonu + &Otestovat + Vytvořit zašifrovaný svazek a naformátovat ho + Zašifrovat existující oddíl + Zobrazit generované klíče (jejich části) + Zobrazit generovaný obsah + Stáhnout software pro vypalování CD/DVD + Vytvořit zašifrovaný souborový svazek + &GB + &TB + Více informací + S&krytý svazek VeraCrypt + Více informací o skrytých svazcích + Přímý mód + Normální mód + &KB + &Použít souborové klíče + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + Souborové &klíče… + Informace o hash. algoritmech + Více informací + Information on PIM + &MB + Více informací + Více informací o zašifrování systému + Více informací + Vícesystémové bootování + Zašifrovat nesystémový oddíl/disk + Neukládat &historii + Otevřít vnější svazek + &Pauza + Use P&IM + Use PIM + Rychle zformátovat + &Ukázat heslo + &Zobrazit heslo + &Display PIM + Jednoduché bootování + Standardní svazek VeraCrypt + S&krytý + Normální + Zašifrovat celý oddíl nebo systémový disk + Zašifrovat systémový oddíl s Windows + Zašifrovat celý disk + Průvodce vytvořením svazku VeraCrypt + Cluster + DŮLEŽITÉ: Pohybujte s myší v tomto okně co nejnáhodněji. Čím déle s ní budete hýbat, tím lépe. Kryptografická síla šifrovacích klíčů se tím výrazně zvýší. Pro pokračování klikněte na Další. + &Potvrdit: + Hotovo + Drive letter: + Šifrovací algoritmus + Systém souborů + Vytvoří virtuální zašifrovaný disk uvnitř souboru. Doporučené pro nezkušené uživatele. + Předvolby + Hashovací algoritmus + Klíč hlavičky: + Zbývá + Hlavní klíč: + Vyberte tuto volbu, je-li na tomto počítači nainstalováno více operačních systémů.\n\nNapříklad:\n- Windows XP a Windows XP\n- Windows XP a Windows Vista\n- Windows a Mac OS X\n- Windows a Linux\n- Windows, Linux a Mac OS X + Zašifruje nesystémový oddíl na jakémkoliv interním nebo externím disku (např. flash disk). Volitelně může vytvořit skrytý svazek. + Momentálně generovaný obsah (částečný) + Schváleno + Heslo: + Volume PIM: + Volume PIM: + Průběh: + Náhodný výběr: + Vyberte tuto volbu, pokud je na tomto počítači nainstalován pouze jeden operační systém (i v případě, že má více uživatelů). + Rychlost + Stav + Klíče, sůl (=náhodná data), a další data byla úspěšně vygenerována. Chcete-li vygenerovat nové klíče, vyberte Zpět a poté Další. Jinak klikněte na Další pro pokračování. + Zašifruje oddíl/disk, kde jsou nainstalovány Windows. Kdokoliv kdo bude chtít získat přístup a používat systém, číst a zapisovat soubory atd., musí zadat správné heslo před každým naběhnutím Windows. Volitelně lze vytvořit skrytý systém. + Zvolte tuto možnost pro zašifrování oddílu, kde je aktuálně nainstalován operační systém Windows. + Volume Label in Windows: + Čistící mód: + Zavřít + Povolit přeskočení před-bootovací &autentifikace stisknutím klávesy Esc (zapne boot manažera) + Nedělat nic + &Automaticky připojit svazek VeraCrypt (uvedeno níže) + &Spustit VeraCrypt + &Detekovat knihovny automaticky + &Ukládat před-bootovací autentifikační heslo v mezipaměti ovladače (pro připojení nesystémových svazků) + Procházet… + Procházet… + Ukládat &hesla a soub. klíče do mezipaměti + Skončit pokud neexistuje žádný připoj. svazek + &Zavřít relaci tokenu (odhlášení) po úspěšném odpojení svazku + Include VeraCrypt Volume Expander + Zahrnout průvodce vytvořením svazku VeraCrypt + Vytvořit + V&ytvořit svazek + &Nezobrazovat žádné texty na před-bootovací autentifikační obrazovce (kromě volitelného textu níže) + Disable "Evil Maid" attack detection + Urychlit AES šifrování/dešifrování použitím AES instrukcí procesoru (jsou-li k dispozici) + Použít soubor. klíče + Použít soubor. klíče + &Konec + Nápověda k oblíbeným svazkům + Nepřipojovat vybraný svazek, pokud dojde ke zmáčknutí zkratkové &klávesy pro 'Připojit oblíbené svazky' + Připojit vybraný svazek, dojde-li k připojení jeho hostitelského &zařízení + Připojit vybraný &svazek při přihlášení + Připojit &vybraný svazek pouze pro čtení + Připojit vybraný svazek jako &odpojitelné médium + Posunout &dolů + Posunout &nahoru + Otevřít okno p&růzkumníka pro vybraný svazek, dojde-li k úspěšnému připojení + &Odstranit + Use favorite label as Explorer drive label + Globální nastavení + Zobrazit bublinovou nápovědu po úspěšném odpojení + Přehrát zvuk systémové notifikace po úspěšném odpojení + Alt + Ctrl + Shift + Win + Přiřadit + Odstranit + Soubor. klíče… + Nepoužívat následující počet procesorů pro šifrování/dešifrování: + Více informací + Více informací + Více informací... + &Autom. připojit zařízení + Volby připojení + Připojit svazek jen &pro čtení + Soubor. klíče… + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Povoleno + Ukládat hesla do paměti ovladače + Autom. odpojit svazek pokud z/do něj nebylo čteno/zapisováno + Uživatel se odhlašuje + User session locked + Přecházím do úsporného režimu + Je spuštěn spořič obrazovky + Vynutit automatické odpojení, i když svazek obsahuje otevřené soubory nebo adresáře + Připojit všechny svazky na zařízeních + Spustit VeraCrypt službu na pozadí + Připojit svazky jen pro čtení + Připojit svazky jako výměnná média + Otevřít okno Průzkumníka pro úspěšně připojený svazek + Temporary Cache password during "Mount Favorite Volumes" operations + Použít jinou ikonu na hlavním panelu, pokud jsou k dispozici připojené svazky + Odstranit hesla z mezipaměti a automaticky odpojit + Odstranit hesla z mezipaměti při ukončení + Zachovat časové razítko změny souborového svazku + Vymazat + Vybrat &zařízení… + Vybrat &soubor… + Vybrat &knihovnu... + Zobrazit heslo + Zobrazit heslo + Otevřít okno &Průzkumníka pro připojený svazek + &Ukládat hesla do mezipaměti + TrueCrypt Mode + O&dpojit vše + Vlastnos&ti svazku… + &Nástroje svazku… + Vyčistit &mezipaměť + VeraCrypt - Mount Parameters + VeraCrypt - Oblíbené svazky + VeraCrypt - Systémové klávesové zkratky + VeraCrypt + Změnit heslo nebo souborové klíče + Zadejte heslo svazku VeraCrypt + VeraCrypt - Volby výkonu + VeraCrypt - Předvolby + VeraCrypt - Volby systémového šifrování + VeraCrypt - Volby bezpečnostního tokenu + Nastavení cestovního disk VeraCrypt + Vlastnosti svazku VeraCrypt + O aplikaci… + Přidat/Odebrat souborové klíče do/z svazku… + Přidat připojený oddíl do Oblíbených.. + Přidat připojený oddíl do Systémových oblíbených... + Analyzovat pád systému... + Zálohovat hlavičku svazku… + Test rychlosti… + Zadat derivační algoritmus pro klíč hlavičky… + Změnit heslo svazku… + Zadejte hlavičku klíče derivačního algoritmu… + Změnit heslo… + Vymazat historii svazku + Zavřít všechny relace bezpečnostních tokenů + Kontakt… + Vytvořit skrytý operační systém... + Vytvořit záchranný disk… + Vytvořit nový svazek… + Permanently Decrypt... + Výchozí souborové klíče… + Default Mount Parameters... + Podpořte nás... + Zašifrovat systémový oddíl/disk… + Často kladené dotazy + Uživatelská příručka + &Domovská stránka + Klávesové zkratky… + Generátor souborového klíče + Jazyk… + Licence + Spravovat souborové klíče bezpečnostních tokenů... + Automaticky připojit všechny svazky na zařízení + Připojit oblíbené svazky + Připojit bez před-bootovací &autentifikace... + Připojit svazek + Připojit svazky s předvolbami + Novinky + Online nápověda + Návod pro začátečníky + Uspořádat Oblíbené svazky... + Uspořádat Oblíbené systémové svazky... + Výkon... + Natrvalo dešifrovat systémový oddíl/disk + Předvolby… + Obnovit písmena disků + Odstranit všechny souborové klíče ze svazku… + Obnovit hlavičku svazku… + Obnovit přerušený proces + Vybrat zařízení… + Vybrat soubor… + Obnovit přerušený proces + Systémové šifrování... + Vlastnosti... + Předvolby... + Oblíbené systémové svazky... + Ke stažení + Testovací vektory… + Bezpečnostní tokeny... + Cestovní disk… + Odpojit všechny připojené svazky + Odpojit svazek + Ověřit záchranný disk + Verify Rescue Disk ISO Image + Historie verzí + Volume Expander + Vlastnosti svazku + Průvodce vytvořením svazku + Domovská stránka VeraCrypt + Odstranit hesla z mezipaměti + OK + Hardwarová akcelerace + Klávesová zkratka + Konfigurace automatického spouštění (autorun.inf) + Automatické odpojení + Odpojit vše když: + Volby obrazovky bootovacího zavaděče + Potvrdit heslo: + Aktuální + Zobrazit volitelný text na obrazovce s před-bootovací autentifikací (maximálně 24 znaků): + Výchozí předvolby připojení + Předvolby klávesových zkratek + Driver Configuration + Enable extended disk control codes support + Jmenovka vybraného oblíbeného svazku: + Nastavení souboru + Klávesa k přiřazení: + Procesor (CPU) v tomto počítači podporuje hardwarovou akceleraci pro AES: + Akce k provedení po přihlášení do Windows + minut + Připojit svazek s písm. disku: + Předvolby připojování + Nové + Heslo: + Paralelizace založená na vláknech + PKCS #11 cesta ke knihovně + PKCS-5 PRF: + PKCS-5 PRF: + Mezipaměť pro hesla + Volby zabezpečení + VeraCrypt služba na pozadí + Svazek VeraCrypt, který má být připojen (relativní ke kořeni cest. disku): + Po připojení cestovního disku: + Vytvořit soubory cestovního disku v (kořenový adresář cestovního disku): + Svazek + Windows + Přidat &cestu… + &Auto-test všech + &Pokračovat + &Dešifrovat + &Smazat + Š&ifrovat + &Exportovat... + Generovat a uložit souborový klíč… + &Generovat náhodný soub. klíč… + Stáhnout jazykový balíček + Hardwarová akcel. AES: + &Importovat soub. klíč do tokenu... + Přidat &soubory... + &Použít souborové klíče + Soubor. k&líče… + &Odstranit + Odstranit &všechny + Co je ochrana skrytého svazku? + Více informací o souborových klíčích + Připojit svazek jako výměnné &médium + Připojit oddíl s &použitím systémového šifrování bez před-bootovací autentifikace + Paralelizace: + Test rychlosti + &Tisknout + &Chránit skrytý svazek proti poškození způsob. zápisem do vnějšího svazku + &Vynulovat + &Zobrazit heslo + &Soubor tokenu... + Použít záložní hlavičku uloženou ve svazku, &pokud je to možné + XTS mód + O programu VeraCrypt + VeraCrypt - test rychlosti šifrovacích algoritmů + VeraCrypt - test vektorů + Nápověda příkazové řádky + VeraCrypt - souborové klíče + VeraCrypt - generátor souborových klíčů + VeraCrypt - jazyk + VeraCrypt - volby připojení + Vlastnosti nového souborového klíče tokenu + VeraCrypt - rozšíření náhodné oblasti + Vyberte oddíl nebo zařízení + VeraCrypt + Bezpečnostní souborové klíče tokenu + Je nutné bezpečnostní heslo/PIN tokenu + Aktivní jazykový balíček + Rychlost je ovlivněna zátěží procesoru a vlastnostmi úložného zařízení.\n\nTyto testy probíhají v paměti RAM. + Velikost bufferu: + Algoritmus: + H&eslo pro skrytý svazek:\n(mezipam., když je prázdné) + Ochrana skrytého svazku + Velikost klíče: + DŮLEŽITÉ: Pohybujte s myší v tomto okně co nejnáhodněji. Čím déle s ní budete hýbat, tím lépe. Kryptografická síla souborového klíče se tak výrazně zvýší. + VAROVÁNÍ: Ztratíte-li soub. klíč nebo změní-li se jediný bit z prvních 1024 kilobytů, bude nemožné připojit svazek používající soubor. klíč! + bitů + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Přeložil: + Velikost textu: + bitů + Aktuální generovaný obsah + Mixovací PRF: + DŮLEŽITÉ: Pohybujte co nejrůzněji s myší v tomto okně. Čím déle s ní budete pohybovat, tím lépe. Tím zvýšíte bezpečnost. Až budete hotovi, klikněte na 'Pokračovat'. + Sekundární klíč (hexadecimálně) + Bezpečnostní token: + Metoda třídění: + Čekejte prosím. Tento proces může trvat delší dobu... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Číslo bloku: + Šifrovaný text (hexadecimálně) + Číslo datové jednotky (64-bit hexadecimálně, velikost datové jednotky je 512 bajtů) + Klíč (hexadecimálně) + Obyčejný text (hexadecimálně) + Jméno soub. klíče: + XTS mód + S&ystém + &Svazky + &Oblíbené + &Nástroje + N&astavení + Náp&ověda + &Domovská stránka + + &O aplikaci… + Atribut pro čtení na vašem starém svazku nemohl být změněn. Zkontrolujte prosím přístupová práva k souboru. + Chyba: Přístup odmítnut.\n\nOddíl, na který se snažíte přistupovat má buď 0 sektorů, nebo je to zaváděcí zařízení. + Administrátor + Pro nahrání ovladače VeraCrypt musíte být přihlášeni jako administrátor. + Pro šifrování/formátování oddílu/zařízení musíte být přihlášeni s administrátorskými právy.\n\nTo se netýká svazků, které jsou vytvořeny ze souborů. + Pro vytvoření skrytého svazku musíte být přihlášeni s administrátorskými právy.\n\nPokračovat? + Pro zformátování svazku systémem NTFS musíte být přihlášeni s administrátorskými právy.\n\nBez administrátorských práv můžete svazek zformátovat systémem souborů FAT. + Šifra povolená FIPS (Rijndael, zveřejněno v roce 1998) kterou mohou používat úřady a agentury vlády Spojených států k ochraně utajovaných informací až k úrovni přísně tajné. 256-bitový klíč, 128-bitové bloky, 14 iterací (AES-256). Operační mód je XTS. + Svazek je již připojen. + UPOZORNĚNÍ: Alespoň jeden šifrovací nebo hashovací algoritmus selhal při interním automatickém testování!\n\nVeraCrypt instalace může být poškozena. + UPOZORNĚNÍ: Ve shromažďovači náhodných čísel není dost informací k poskytnutí požadovaného množství náhodných dat.\n\nDále byste neměli pokračovat. Vyberte 'Ohlásit chybu' z menu Nápovědy a oznamte tuto chybu. + Disk je poškozený (je na něm fyzická vada) nebo je poškozený kabel nebo selhává paměť.\n\nJde o problém s vaším hardwarem, nikoliv s programem VeraCrypt. Proto tuto skutečnost NEHLAŠTE jako vadu/problém v programu VeraCrypt a NEŽÁDEJTE o pomoc s tímto problémem na VeraCrypt fórech. Kontaktujte, prosím, oddělení podpory vašeho dodavatele PC pro další pomoc. Děkujeme.\n\nPoznámka: Pokud se chyba opakuje na tom samém místě, je to pravděpodobně způsobeno špatným blokem na disku, což by mělo být možné opravit použitím softwaru třetí strany (v mnoha případech nestačí příkaz 'chkdsk /r', protože funguje jen na úrovní operačního systému; nástroj 'chkdsk' tuto chybu v některých případech ani nenajde). + Pokud přistupujete k výměnnému médiu, ujistěte se prosím, že je médium vloženo. Zařízení/medium může být také poškozené (může se jednat o jeho fyzickou vadu) nebo může být poškozen/odpojen kabel. + Váš systém pravděpodobně používá upravený ovladač chipsetu, který obsahuje chybu. Ta zabraňuje zašifrování celého systémového disku.\n\nNež budete pokračovat, pokuste se aktualizovat nebo odinstalovat jakékoliv upravené ovladače chipsetu (ne-Microsoftí). Pokud to nepomůže, pokuste se zašifrovat pouze systémový oddíl. + Neplatné písmeno disku. + Neplatná cesta. + Zrušit + Zařízení není přístupné. Ujistěte se, že vybrané zařízení existuje a není používáno systémem. + UPOZORNĚNÍ: Caps Lock je zapnutý. To by mohlo způsobit zadání špatného hesla. + Typ svazku + Může se stát, že budete někým donuceni prozradit heslo k zašifrovanému svazku. Je mnoho situací, kdy nemůžete odmítnout prozradit heslo (například kvůli vydírání). Použitím tzv. skrytého svazku vám pomůže vyřešit takovéto situace bez prozrazení hesla k vašemu svazku. + Vyberte tuto volbu, chcete-li vytvořit normální svazek VeraCrypt. + Chcete-li nainstalovat operační systém na skrytý svazek, pak nelze zašifrovat celý systémový disk použitím jednoho klíče. + Šifrovací předvolby vnějšího svazku + Šifrovací předvolby skrytého svazku + Předvolby šifrování + UPOZORNĚNÍ: Nepodařilo se vyčistit cestu naposledy vybraného svazku/souborového klíče (zapamatované při výběru souboru)! + Chyba: Souborový svazek byl zkomprimován na úrovni systému souborů. VeraCrypt nepodporuje zkomprimované souborové svazky (poznámka: komprese zašifrovaných dat je neefektivní a zbytečná).\n\nVypněte, prosím, kompresi pro souborový svazek dle následujících kroků: 1) Klikněte pravým tlačítkem myši na souborový svazek v Průzkumníku Windows (ne v programu VeraCrypt). 2) Vyberte 'Vlastnosti'. 3) V dialogovém okně 'Vlastnosti' klikněte 'Upřesnit'. 4) V dialogovém okně 'Upřesnit atributy', zrušte volbu 'Komprimovat obsah a šetřit tak místo na disku' a klikněte 'OK'. 5) V dialogovém okně 'Vlastnosti' klikněte 'OK'. + Vytvoření svazku %s selhalo + Velikost %s je %.2f bajtů + Velikost %s je %.2f KB + Velikost %s je %.2f MB + Velikost %s je %.2f GB + Velikost %s je %.2f TB + Velikost %s je %.2f PB + VAROVÁNÍ: Zařízení/oddíl je používán operačním systémem nebo aplikacemi. Formátování zařízení/oddílu může způsobit poškození dat nebo systémovou nestabilitu.\n\nPokračovat? + Varování: Oddíl je právě používán operačním systémem nebo aplikacemi. Měli byste zavřít všechny aplikace, které by mohly oddíl používat (včetně antivirového programu).\n\nPokračovat? + Chyba: Zařízení/oddíl obsahuje souborový systém, který nelze připojit. Systém souborů může být používán operačním systémem. Formátování zařízení/oddílu by pravděpodobně způsobilo poškození dat a systémovou nestabilitu.\n\nPro vyřešení tohoto problému doporučujeme nejdříve smazat oddíl a poté ho znovu vytvořit bez formátování. Postupujte následovně: 1) Pravý-klik myši na ikonu 'Počítač' (nebo 'Tento počítač') ve 'Start' menu a vyberte 'Spravovat'. Objeví se okno 'Správa počítače'. 2) V okně 'Správa počítače' vyberte 'Uložení' > 'Správa disků'. 3) Pravý-klik myši na oddíl, který chcete zašifrovat a vyberte buď 'Smazat oddíl' nebo 'Smazat svazek' nebo 'Smazat logický disk'. 4) Klikněte 'Ano'. Pokud se Windows zeptají na restart počítače, učiňte tak. Poté zopakujte kroky 1 a 2 a pokračujte od kroku 5. 5) Pravý-klik na nealokované/volné místo a vyberte buď 'Nový oddíl' nebo 'Nový obyčejný svazek' nebo 'Nový logický disk'. 6) Objeví se okno 'Průvodce vytvořením nového oddílu' nebo 'Průvodce nového jednoduchého svazku'; následujte jejich instrukce. Na stránce průvodce nazvané 'Zformátovat oddíl' vyberte buď 'Neformátovat tento oddíl' nebo 'Neformátovat tento svazek'. Ve stejném průvodci klikněte 'Další' a poté 'Dokončit'. 7) Cesta k zařízení, kterou jste vybrali v programu VeraCrypt může být nyní špatně. Ukončete proto průvodce vytvořením oddílu VeraCrypt (pokud stále běží) a spusťte ho znovu. 8) Zkuste zašifrovat zařízení/oddíl znovu.\n\nPokud VeraCrypt opakovaně selhává při šifrování zařízení/oddílu, zvažte místo toho vytvoření souborového svazku. + Chyba: Systém souborů nemohl být uzamknut a/nebo odpojen. Možná je používán operačním systémem nebo aplikacemi (např. antivirový program). Zašifrování oddílu může způsobit poškození dat a systémovou nestabilitu.\n\nZavřete, prosím, všechny aplikace, které mohou používat systém souborů (včetně antivirového programu) a zkuste to znovu. Pokud to nepomůže, následujte kroky uvedené níže. + UPOZORNĚNÍ: Některé z připojených zařízení/oddílů byly již používány!\n\nIgnorování může způsobit nežádoucí následky včetně nestability systému.\n\nDůrazně doporučujeme zavřít všechny aplikace, které by mohly zařízení/oddíly používat. + Vybrané zařízení obsahuje oddíly.\n\nZformátování zařízení by mohlo způsobit systémovou nestabilitu a/nebo poškození dat. Vyberte prosím oddíl na zařízení nebo odstraňte všechny oddíly na zařízení, aby ho mohl VeraCrypt bezpečně zformátovat. + Vybrané ne-systémové zařízení obsahuje oddíly.\n\nZašifrované svazky umístěné na zařízeních mohou být vytvořeny na zařízeních, které neobsahují žádné oddíly (včetně pevných disků a solid-state disků). Zařízení, které obsahuje oddíly, může být úplně zašifrováno ta, jak je (s použitím jednoho hlavního klíče) pouze tehdy, pokud se jedná o jednotku, kde jsou nainstalovány Windows a pokud z této jednotky také bootují.\n\nPokud chcete zašifrovat vybrané ne-systémové zařízení s použitím jednoho hlavního klíče, musíte na zařízení nejprve odstranit všechny oddíly, aby mohl VeraCrypt toto zařízení bezpečně naformátovat (formátování zařízení, které obsahuje oddíly, může způsobit systémovou nestability a/nebo poškození dat). Případně můžete zašifrovat každý oddíl na disku zvlášť (každý oddíl bude zašifrován jiným hlavním klíčem).\n\nPoznámka: Pokud chcete odstranit všechny oddíly z GPT disku, je možné, že ho budete nejprve muset převést na MBR disk (s použitím např. nástroje Správy počítače), abyste mohli odstranit skryté oddíly. + Varování: Pokud zašifrujete celé zařízení (oproti zašifrování pouze jednoho oddílu na něm), operační systém bude zařízení považovat za nové, prázdné a nenaformátované (protože nebude obsahovat žádnou tabulku oddílů) a může tak spontánně inicializovat toto zařízení (nebo se vás zeptá, zda tak chcete učinit), což může svazek poškodit. Navíc, nebude možné trvale připojovat svazek jako oblíbený (např. pokud se změní číslo jednotky) nebo mu přidělit jmenovku oblíbeného svazku.\n\nAbyste se tomu vyhnuli, zvažte, zda místo toho nechcete na zařízení vytvořit pouze oddíl a pak ho zašifrovat.\n\nJste si jisti, že chcete zašifrovat celé zařízení? + DŮLEŽITÉ: Mějte prosím na paměti, že tento svazek NEMŮŽE být připojen s použitím písmena jednotky %c:, které má již přiděleno!\n\nPro připojení tohoto svazku klikněte na 'Autom. připojit zařízení' v hlavním okně VeraCryptu (případně v hlavním okně VeraCryptu zvolte 'Vybrat zařízení', pak vyberte oddíl/zařízení a klikněte na 'Připojit'). Svazek bude připojen k jinému písmenu disku, které vyberete ze seznamu v hlavním okně VeraCryptu.\n\nPůvodní písmeno %c: by se mělo použít pouze v případě, že potřebujete z oddílu/zařízení odstranit šifrování (např. pokud již nepotřebujete šifrování). V tom případě klikněte pravým tlačítkem myši na písmeno jednotky %c: v seznamu 'Počítač' (nebo 'Tento počítač') a vyberte 'Formátovat'. V opačném případě by nemělo být písmeno %c: nikdy použito (pokud ho neodstraníte, jak je popsáno ve FAQ VeraCryptu, a nepřiřadíte k jinému oddílu/zařízení). + Šifrování ne-systémových svazků tak, jak jsou, není podporováno pro operační systém, který momentálně používáte (lze tak učinit pouze na Windows Vista a pozdějších verzích Windows).\n\nDůvodem je, že tato verze Windows nepodporuje zmenšování systému souborů (systém souborů musí být zmenšen, aby se vytvořil prostor pro hlavičku svazku a hlavičku se zálohou). + Vybraný oddíl pravděpodobně neobsahuje systém souborů NTFS. Pouze NTFS oddíly mohou být zašifrovány tak, jak jsou.\n\nPoznámka: Důvodem je, že tato verze Windows nepodporuje zmenšování systému souborů (systém souborů musí být zmenšen, aby se vytvořil prostor pro hlavičku svazku a hlavičku se zálohou). + >Vybraný oddíl pravděpodobně neobsahuje systém souborů NTFS. Pouze NTFS oddíly mohou být zašifrovány tak, jak jsou.\n\nPokud chcete vytvořit zašifrovaný svazek VeraCrypt v tomto oddílu, vyberte volbu "Vytvořit zašifrovaný svazek a naformátovat ho" (místo volby "Zašifrovat oddíl tak, jak je"). + Chyba: Oddíl je příliš malý. VeraCrypt ho nemůže zašifrovat tak, jak je. + Pro zašifrování dat na tomto oddílu pokračujte dle následujících kroků:\n\n1) Vytvořte svazek VeraCrypt na prázdném oddílu/zařízení, a pak jej připojte.\n\n2) Zkopírujte všechny soubory z oddílu, který jste původně chtěli zašifrovat, do připojeného oddílu (ten, který jste vytvořili a připojili v kroku 1). Tím vytvoříte VeraCryptem zašifrovanou zálohu dat.\n\n3) Vytvořte svazek VeraCrypt na oddílu, který jste původně chtěli zašifrovat a ujistěte se, že (v průvodci VeraCryptu) vyberete volbu "Vytvořit zašifrovaný svazek a naformátovat ho" (místo volby "Zašifrovat svazek tak, jak je"). Všechna data uložená na oddílu budou smazána. Až bude svazek vytvořen, připojte jej.\n\n4) Zkopírujte všechny soubory z připojeného záložního svazku VeraCrypt (vytvořeném a připojeném v kroku 1) do připojeného VeraCrypt svazku, který byl vytvořen (a připojen) v kroku 3.\n\nAž dokončíte tyto kroky, data budou zašifrována a navíc budete mít k dispozici i zašifrovanou zálohu dat. + VeraCrypt může zašifrovat za běhu pouze oddíl, dynamický svazek, a nebo celý systémový disk.\n\nChcete-li vytvořit zašifrovaný svazek VeraCrypt uvnitř vybraného ne-systémového zařízení, vyberte možnost "Vytvořit zašifrovaný svazek a naformátovat ho" (místo volby "Zašifrovat oddíl tak, jak je"). + Chyba: VeraCrypt může za běhu zašifrovat jen oddíl, dynamický svazek nebo celý systémový disk. Ujistěte se, že zadaná cesta je planá. + Chyba: Systém souborů nelze zmenšit (systém souborů musí být zmenšen, aby se vytvořilo místo pro hlavičku svazku a záložní hlavičku).\n\nMožné příčiny a řešení:\n\n- Málo volného místa na svazku. Ujistěte se, že žádná další aplikace nezapisuje do systému souborů.\n\n- Poškozený systém souborů. Zkuste jej zkontrolovat a opravte chyby (klikněte na dané písmeno disku pravým tlačítkem myši v seznamu, vyberte Vlastnosti > Nástroje > 'Zkontrolovat', a ujistěte se, že jste vybrali volbu 'Automaticky opravovat chyby systému souborů' a klikněte na Start).\n\nPokud výše uvedené kroky nepomohly, následujte kroky uvedené níže. + Chyba: Na svazku není dostatek volného místa a systém souborů tak nemůže být zmenšen (systém souborů musí být zmenšen, aby se vytvořilo místo pro záložní hlavičku svazku).\n\nSmažte všechny zbytečné soubory a vyprázdněte koš, aby zbylo aspoň 256 KB volného místa a pak to zkuste znovu. Kvůli problému Windows se může stát, že Windows Explorer vám ukáže jinou hodnotu volného místa, dokud se systém nerestartuje. Pokud restart systému nepomůže, systém souborů může být poškozený. Zkuste jej zkontrolovat a opravit případné chyby (klikněte na dané písmeno disku pravým tlačítkem myši v seznamu, vyberte Vlastnosti > Nástroje > 'Zkontrolovat', a ujistěte se, že jste vybrali volbu 'Automaticky opravovat chyby systému souborů' a klikněte na Start).\n\nPokud kroky uvedené výše nepomohly, pokračujte kroky uvedenými níže. + Volné místo na disku %s je %.2f bytů. + Volné místo na disku %s je %.2f KB + Volné místo na disku %s je %.2f MB + Volné místo na disku %s je %.2f GB + Volné místo na disku %s je %.2f TB + Volné místo na disku %s je %.2f PB + Nelze získat volná písmena disků. + Chyba: Ovladač VeraCrypt nebyl nalezen.\n\nZkopírujte soubory 'veracrypt.sys' a 'veracrypt-x64.sys' do adresáře, kde je umístěna hlavní aplikace VeraCrypt (VeraCrypt.exe). + Chyba: Aktuálně je spuštěna nekompatibilní verze ovladače VeraCrypt.\n\nPokud se snažíte spustit VeraCrypt v cestovním módu (např. bez instalace) a máte přitom již nainstalovanou jinou verzi VeraCryptu, musíte ji nejprve odinstalovat (nebo aktualizovat pomocí VeraCrypt instalátoru). Pro odinstalaci následujte tyto kroky: Na Windows Vista nebo novější vyberte 'Menu Start' > Počítač > 'Odinstalovat nebo změnit program' > VeraCrypt > Odinstalace; na Windows XP, vyberte 'Menu Start' > Nastavení > 'Ovládací panely' > 'Přidat nebo odebrat programy' > VeraCrypt > Odstranit.\n\nVelmi podobně, pokud se snažíte spustit VeraCrypt v cestovním módu (např. bez instalace) a jiná verze programu VeraCrypt již běží v cestovním módu, musíte nejprve restartovat systém a pak spustit pouze tuto novou verzi. + Chyba: Selhala inicializace šifry. + Chyba: Byl detekován slabý nebo potenciálně slabý klíč. Klíč bude zahozen. Zkuste to prosím znovu. + Došlo ke kritické chybě a VeraCrypt musí být ukončen. Pokud to bylo způsobeno chybou v VeraCryptu, rádi bychom ji opravili. Můžete nám poslat automaticky vygenerovanou zprávu, která obsahuje následující položky:\n\n- Verze programu\n- Verze operačního systému\n- Typ procesoru\n- Název komponenty VeraCrypt\n- Kontrolní součet spustitelného souboru VeraCrypt\n- Symbolický název okna dialogu\n- Typ chyby\n- Adresa chyby\n- Zásobník VeraCryptu\n\nZvolíte-li 'Ano', následující URL odkaz (který obsahuje celou zprávu o chybě) se otevře ve vašem výchozím internetovém prohlížeči.\n\n%hs\n\nChcete nám poslat výše uvedenou zprávu o chybě? + Došlo ke kritické chybě v systému, což zapříčinilo ukončení VeraCryptu.\n\nTato chyba nebyla způsobena VeraCryptem (takže ji ani vývojáři nemohou opravit). Zkontrolujte váš systém pro případné problémy (např. konfigurace systému, síťové připojení, selhávající hardwarová komponenta). + Ve vašem systému došlo ke kritické chybě. VeraCrypt musí být ukončen.\n\nPokud problém přetrvá, zkuste vypnout nebo odinstalovat aplikace, které by mohly případně způsobovat tento problém, např. antivir nebo program pro zabezpečení internetu, systémové "vylepšovače", "optimalizátory" nebo "tweakovací programy", atd. Pokud to nepomůže, zkuste přeinstalovat váš operační systém (tento problém může také být způsoben malwarem). + Kritická chyba programu VeraCrypt + VeraCrypt rozpoznal, že operační systém nedávno havaroval. Existuje mnoho důvodů, proč systém může spadnout (například selhávající hardware, chyba v ovladači atd.)\n\nChcete, aby VeraCrypt zjistil, zda se jedná o chybu v jeho programu, která způsobila pád systému? + Chcete, aby VeraCrypt dále detekoval pády systému? + VeraCrypt nenalezl žádný soubor-minidump o pádu systému. + Chcete smazat Windows soubor s informacemi o pádu systému, abyste uvolnili místo na disku? + Aby bylo možné pád systému analyzovat, VeraCrypt musí nejprve nainstalovat Microsoft Debugging Tools pro Windows.\n\nJakmile kliknete na OK, Windows instalátor stáhne instalační balíček Microsoft Debugging Tools (16 MB) ze serveru Microsoft a nainstaluje ho (Windows instalátor bude přeposlán ze serveru veracrypt.org na adresu Microsoft serveru, což zajistí, že tato funkce bude fungovat i v případě, že Microsoft změní umístění instalačního balíčku). + Jakmile kliknete na OK, VeraCrypt zanalyzuje pád systému. To může trvat několik minut. + Ujistěte se, prosím, že proměnná systému 'PATH' obsahuje cestu k souboru 'kd.exe' (Kernel Debugger). + Zdá se, že VeraCrypt pravděpodobně nezpůsobil pád systému. Existuje mnoho důvodů, proč mohl systém spadnout (například chybný hardware, chyba v ovladači, apod.) + Výsledek analýzy naznačuje, že tento problém by mohla vyřešit aktualizace následujícího ovladače: + Pokud nám chcete pomoci zjistit, zda se jedná o chybu v VeraCryptu, můžete nám poslat automaticky vygenerovanou chybovou zprávu, která obsahuje následující položky:\n- Verze programu\n- Verze operačního systému\n- Typ procesoru\n- Kategorie chyby\n- Jméno ovladače a jeho verzi\n- Systémový zásobník\n\nVyberete-li 'Ano', následující URL odkaz (který obsahuje celou chybovou zprávu) se otevře ve vašem výchozím prohlížeči internetu. + Chcete nám poslat výše uvedenou zprávu? + &Zašifrovat + &Dešifrovat + &Dešifrovat trvale + &Konec + Vytvořte prosím logický disk pro tento rozšířený oddíl a poté to zkuste znovu. + Svazek VeraCrypt může být umístěn v souboru (tzv. VeraCrypt souborový svazek), který může zůstat na pevném disku, USB flash disku, atd. Souborový svazek VeraCrypt je jako každý jiný obyčejný soubor (může být například přemístěn nebo smazán jako normální soubor). Klikněte na 'Vybrat soubor' pro výběr jména souboru pro souborový svazek a zvolte také umístění, kde ho chcete vytvořit.\n\nVAROVÁNÍ: Vyberete-li již existující soubor, VeraCrypt ho NEZAŠIFRUJE; soubor bude smazán a nahrazen nově vytvořeným souborovým svazkem VeraCrypt. Existující soubory budete moci zašifrovat (později) jejich přesunutím do souborového svazku VeraCrypt, který se nyní chystáte vytvořit. + Vyberte umístění vnějšího svazku, který se má vytvořit (uvnitř tohoto svazku bude později vytvořen skrytý svazek).\n\nSvazek VeraCrypt může být umístěn v souboru (tzv. VeraCrypt souborový svazek), který může zůstat na pevném disku, USB flash disku, atd. Souborový svazek VeraCrypt je jako každý jiný obyčejný soubor (může být například přemístěn nebo smazán jako normální soubor). Klikněte na 'Vybrat soubor' pro výběr jména souboru pro souborový svazek a zvolte také umístění, kde ho chcete vytvořit.\n\nVAROVÁNÍ: Vyberete-li již existující soubor, VeraCrypt ho NEZAŠIFRUJE; soubor bude smazán a nahrazen nově vytvořeným souborovým svazkem VeraCrypt. Existující soubory budete moci zašifrovat (později) jejich přesunutím do souborového svazku VeraCrypt, který se nyní chystáte vytvořit. + Zašifrované VeraCrypt svazky umístěné na zařízeních mohou být vytvořeny uvnitř oddílů na pevných discích, solid-state discích, USB pamětích, a na dalších podporovaných úložných zařízeních. Oddíly mohou být také zašifrovány za běhu.\n\nNavíc, zašifrované VeraCrypt svazky na zařízeních mohou být vytvořeny na takových zařízeních, které neobsahují žádné oddíly (včetně pevných disků a solid-state disků).\n\nPoznámka: Zařízení, které obsahuje oddíly, může být úplně zašifrováno za běhu (s pomocí jednoho klíče) pouze tehdy, pokud jde o disk, kde jsou Windows nainstalovány a odkud také nabíhají. + Zašifrované VeraCrypt svazky umístěné na zařízeních mohou být vytvořeny uvnitř oddílů na pevných discích, solid-state discích, USB pamětích, a na dalších podporovaných úložných zařízeních.\n\nVAROVÁNÍ: Mějte na paměti, že oddíl/zařízení bude zformátováno a všechna aktuální data ztracena. + \nVyberte umístění vnějšího svazku, který se má vytvořit (uvnitř tohoto svazku bude později vytvořen svazek skrytý).\n\nVnější svazky mohou být vytvořeny uvnitř oddílů na pevných discích, solid-state discích, USB pamětích a na dalších podporovaných úložných zařízeních. Vnější svazky mohou být také vytvořeny na takových zařízeních, které neobsahují žádné oddíly (včetně pevných disků a solid-state disků).\n\nVAROVÁNÍ: Mějte na paměti, že oddíl/zařízení bude zformátováno a všechna aktuální data na něm budou ztracena. + Zvolte umístění svazku VeraCrypt, uvnitř kterého chcete vytvořit skrytý svazek. + VAROVÁNÍ: Hostitelský soubor/zařízení se již používá!\n\nPokud to budete ignorovat, může dojít k neočekávaným výsledkům včetně nestability systému. Všechny aplikace, které by mohly používat hostitelský soubor/zařízení (např. antivir nebo zálohovací aplikace) by měly být ukončeny ještě před připojením svazku.\n\nPokračovat v připojení? + Chyba: Svazek nelze připojit. Hostitelský soubor/zařízení je již používáno. Pokus o připojení bez výhradních práv selhal také. + Tento soubor nemohl být otevřen. + Umístění svazku + Velké soubory + Budete ukládat na tento VeraCrypt svazek soubory větší než 4 GB? + Dle vašeho výběru výše, VeraCrypt vybere vhodný systém souborů pro svazek VeraCrypt (budete moci vybrat systém souborů v dalším kroku). + Protože vytváříte vnější svazek, měli byste zvážit volbu 'Ne'. Pokud zvolíte 'Ano', předvolený systém souborů bude NTFS, který není tak vhodný pro externí svazky jako FAT (např. maximální možná velikost skrytého svazku bude mnohem větší, pokud bude svazek naformátován jako FAT). Standardně je zvolen FAT pro skrytý i normální svazek (tím nejsou FAT svazky tak podezřelé). Pokud ale bude chtít uživatel ukládat soubory větší než 4 GB (což souborový systém FAT nedovoluje), FAT nebude předvoleným systémem souborů. + Jste si jisti volbou 'Ano'? + Mód vytvoření svazku + Toto je nejrychlejší cesta, jak vytvořit VeraCrypt svazek sídlící v oddílu nebo celém zařízení (šifrování za běhu, což je druhá volba, je pomalejší, protože obsah každého sektoru se musí nejprve přečíst, pak zašifrovat a nakonec zapsat). Jakákoliv data aktuálně uložená v oddílu/zařízení, budou ztracena (data NEBUDOU zašifrována; budou přepsána náhodnými daty). Pokud chcete zašifrovat data přítomna v oddílu, zvolte druhou volbu. + Vybraný oddíl a všechna data uložena na něm budou zašifrována za běhu. Je-li oddíl prázdný, měli byste vybrat druhou volbu (svazek bude vytvořen mnohem rychleji). + Poznámka: + &Pokračovat + &Pozdržet + &Začít + P&okračovat + &Formátovat + &Vyčistit + Přerušit formátování? + Ukázat více informací + Znovu již neukazovat + Obsah oddílu/zařízení byl úspěšně vymazán. + Obsah oddílu, kde je umístěn originální systém (jehož klonem je skrytý systém), byl úspěšně vymazán. + Ujistěte se, prosím, že verze Windows, kterou se chystáte nainstalovat, (na vyčištěném oddílu) je ta samá, jako verze Windows která je aktuálně spuštěna. To je nutné, protože oba systémy budou sdílet společný bootovací oddíl. + Systémový oddíl/disk byl úspěšně zašifrován.\n\nPoznámka: Pokud existují nějaké ne-systémové svazky VeraCrypt u kterých chcete, aby se připojovaly automaticky při každém spuštění Windows, můžete tak učinit tím, že každý z nich připojíte a vyberete 'Oblíbené' > 'Přidat připojený svazek do systémových oblíbených'). + Systémový oddíl/disk byl úspěšně dešifrován. + \n\nVeraCrypt svazek byl vytvořen a je připraven k použití. Pokud chcete vytvořit další svazek VeraCrypt, klikněte Další. Jinak klikněte Konec. + \n\nSkrytý svazek VeraCrypt byl úspěšně vytvořen (skrytý operační systém bude umístěn v tomto skrytém svazku).\n\nKlikněte na Další pro pokračování. + Svazek plně zašifrován + Volume Fully Decrypted + DŮLEŽITÉ: PRO PŘIPOJENÍ TOHOTO NOVĚ VYTVOŘENÉHO SVAZKU VERACRYPT A PRO PŘÍSTUP K DATŮM NA NĚM, KLIKNĚTE NA 'Autom. připojit zařízení' V HLAVNÍM OKNĚ VERACRYPT. Jakmile zadáte správné heslo (a/nebo přiložíte správný souborový klíč/e), svazek bude připojen k písmenu jednotky, které jste vybrali v seznamu v hlavním okně VeraCryptu (a budete moci přistupovat k zašifrovaným datům přes toto vybrané písmeno jednotky).\n\nZAPAMATUJTE SI PROSÍM, NEBO ZAPIŠTE, VÝŠE UVEDENÉ KROKY. TĚMITO KROKY SE MUSÍTE ŘÍDIT KDYKOLIV, KDYŽ BUDETE CHTÍT SVAZEK PŘIPOJIT A PŘISTUPOVAT K DATŮM NA NĚM. Případně můžete v hlavním okně VeraCryptu kliknout na 'Vybrat zařízení', pak vybrat tento oddíl/svazek a kliknout na 'Připojit'.\n\nOddíl/svazek byl úspěšně zašifrován (obsahuje nyní úplně zašifrovaný svazek VeraCrypt) a je připraven k použití. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + Svazek VeraCrypt byl úspěšně vytvořen. + Svazek byl vytvořen + DŮLEŽITÉ: Pohybujte s myší v tomto okně co nejnáhodněji. Čím déle s ní budete hýbat, tím lépe. Kryptografická síla šifrovacích klíčů se tak výrazně zvýší. Pak klikněte Formátovat pro vytvoření svazku. + Klikněte Formátovat pro vytvoření vnějšího svazku. Pro více informací, viz dokumentace. + Formát vnějšího svazku + Formát skrytého svazku + Formát svazku + Pro čtení nebo tisk Uživatelské příručky VeraCrypt je nutný prohlížeč Adobe Reader (nebo jiný kompatibilní nástroj). Adobe Reader (freeware) lze stáhnout na adrese: www.adobe.com\n\nChcete si raději prohlédnout online dokumentaci? + Zvolíte-li tuto možnost, průvodce vám nejdříve pomůže vytvořit běžný svazek VeraCrypt a poté skrytý svazek uvnitř. Nezkušení uživatelé by vždy měli vybrat tuto volbu. + Zvolíte-li tuto možnost, vytvoříte skrytý svazek uvnitř existujícího svazku VeraCrypt. Předpokládá se, že jste již vytvořili svazek VeraCrypt, do kterého lze umístit skrytý svazek. + Mód vytvoření svazku + Skrytý svazek byl vytvořen + Skrytý svazek VeraCrypt byl úspěšně vytvořen a je připraven k použití. Pokud jste postupovali dle instrukcí, a pokud jste si dali pozor na požadavky a opatření uvedená v sekci "Bezpečnostní požadavky a opatření týkající se skrytých svazků" v uživatelské příručce VeraCrypt, mělo by být nemožné prokázat, že skrytý svazek existuje, i když je připojený externí svazek.\n\nVAROVÁNÍ: POKUD NEBUDETE CHRÁNIT SKRYTÝ SVAZEK (PRO VÍCE INFORMACÍ, JAK TAK UČINIT, VIZ SEKCE "OCHRANA SKYTÝCH SVAZKŮ PROTI POŠKOZENÍ" V UŽIVATELSKÉ PŘÍRUČCE VERACRYPT), NEZAPISUJTE DO VNĚJŠÍHO SVAZKU. JINAK MŮŽETE PŘEPSAT A POŠKODIT SKRYTÝ SVAZEK! + Spustili jste operační systém na skrytém svazku. Jak jste si asi všimli, skrytý operační systém vypadá tak, jako by byl nainstalován na stejném oddílu původního operačního systému. Ale v reálu je nainstalován uvnitř oddílu za ním (ve skrytém svazku). Všechny operace pro čtení a zapisování jsou transparentně přesměrovány z původního oddílu systému do skrytého svazku.\n\nAni operační systém, ani aplikace nebudou vědět, data čtená a zapisovaná do systémového oddílu jsou ve skutečnosti zapisována a čtena z oddílu za ním (z/do skrytého svazku). Jakákoliv taková data jsou zašifrována a dešifrována za běhu, jako obvykle (s jiným šifrovacím klíčem, než je klíč použitý pro operační systém, který odláká pozornost).\n\n\nKlikněte na Další pro pokračování. + Vnější svazek byl vytvořen a připojen jako disk %hc:. Do tohoto vnějšího svazku byste nyní měli nakopírovat nějaká citlivě vypadající soubory, které ve skutečnosti NECHCETE skrýt. Budou tam umístěny pro kohokoliv, kdo by vás nutil prozradit heslo k prvnímu oddílu za oddílem s operačním systémem, kde budou umístěny jak vnější svazek, tak skrytý svazek (obsahující skrytý operační systém). Budete moci odhalit heslo pro tento vnější svazek a existence skrytého svazku (a skrytého operačního systému) zůstane utajena.\n\nDŮLEŽITÉ: Soubory, které nakopírujete do vnějšího svazku, by neměly zabírat více než %s. Jinak by nemusel být k dispozici dostatek volného místa na vnějším svazku pro skrytý svazek (a nebudete moci pokračovat). Jakmile dokončíte kopírování, klikněte na Další (neodpojujte svazek). + Vnější svazek byl úspěšně vytvořen a připojen jako jednotka %hc:. Do tohoto svazku byste nyní měli nakopírovat nějaké citlivě-vypadající soubory, které ve skutečnosti NECHCETE skrýt. Soubory tam budou uloženy pro kohokoliv, kdo by Vás nutil odhalit heslo. Odhalíte jen heslo pro tento vnější svazek, ne pro skrytý. Soubory, o které Vám jde ve skutečnosti, budou uloženy ve skrytém svazku, který se vytvoří později. Jakmile data dokopírujete, klikněte Další. Svazek neodpojujte.\n\nPoznámka: Až kliknete Další, clusterová bitmapa vnějšího svazku bude oskenována pro určení velikosti nepřerušené oblasti volného místa, jehož konec se nachází na konci svazku. Tato oblast bude obsahovat skrytý svazek, takže tím omezí svou maximální možnou velikost. Skenování clusterové bitmapy zajistí, že žádná data na vnějším svazku nebudou přepsána vnějším svazkem. + Obsah vnějšího svazku + \n\nV dalším kroku zadáte volby pro vnější svazek (uvnitř kterého bude později vytvořen skrytý svazek). + \n\nV dalších krocích vytvoříte tzv. externí svazek VeraCrypt uvnitř prvního oddílu za systémovým oddílem (jak bylo vysvětleno v jednom z předchozích kroků). + Vnější svazek + V následujících krocích zadáte volby a heslo pro skrytý svazek, který bude obsahovat skrytý operační systém.\n\nPoznámka: Clusterová bitmapa vnějšího svazku byla oskenována, aby se zjistila velikost nepřerušovaného volného místa, jehož konec bude uspořádán s koncem vnějšího svazku. V této oblasti bude umístěn skrytý svazek, omezuje tedy jeho maximální možnou velikost. Maximální možná velikost skrytého svazku byla vypočtena a potvrzena tak, že musí být větší, než velikost systémového oddílu (což je nutné, protože celý obsah systémového oddílu bude muset být zkopírován na skrytý svazek). Tím se zajistí, že žádná data, která jsou aktuálně uložena na vnějším svazku, nebudou přepsána daty zapsanými do oblasti skrytého svazku. + DŮLEŽITÉ: Zapamatujte si, prosím, algoritmy, které vyberete v tomto kroku. Budete muset vybrat úplně stejné algoritmy pro klamný systém. Jinak bude skryté systém nepřístupný! (Klamný systém musí být zašifrován stejným šifrovacím algoritmem jako skrytý systém.)\n\nPoznámka: Důvodem je, že klamný systém a skrytý systém budou sdílet společný bootovací zavaděč, který podporuje jen jeden algoritmus, vybraný uživatelem (pro každý algoritmus existuje speciální verze bootovacího zavaděče VeraCryptu). + \n\nBitmapový cluster svazku byl oskenován a maximální možná velikost skrytého svazku byla určena. V dalším kroku zadáte volby, velikost a heslo pro skrytý svazek. + Skrytý svazek + Skrytý svazek je nyní chráněn proti poškození, dokud nebude odpojen vnější svazek.\n\nVAROVÁNÍ: Bude-li zaznamenána snaha zapsat data do skrytého svazku, VeraCrypt začne chránit proti zápisu celý svazek (jak vnější tak skrytou část) dokud nebude odpojen. To může způsobit poškození souborového systému vnějšího svazku, což může (pokud se tak bude dít opakovaně) nepříznivě ovlivnit hodnověrnost popření skrytého svazku. Proto byste měli zajistit, aby do skryté části svazku nebylo zapisováno. Jakákoliv data uložená do skrytého svazku nebudou uložena a ztratí se. Windows to mohou hlásit jako chybu zápisu ("Zpožděný zápis selhal" nebo "Parametr je nesprávný"). + Každý skrytý svazek uvnitř nově připojených svazků je nyní chráněn proti poškození, dokud nebude odpojen.\n\nVAROVÁNÍ: Bude-li zaznamenána snaha uložit data do chráněného oblasti skrytého svazku jakéhokoliv z těchto svazků, VeraCrypt začne chránit proti zápisu celý svazek (jak vnější tak skrytou část) dokud nebude odpojen. To může způsobit poškození souborového systému vnějšího svazku, což může (pokud se tak bude dít opakovaně) nepříznivě ovlivnit hodnověrnost popření skrytého svazku. Proto byste měli zajistit, aby do skryté části svazku nebylo zapisováno. Jakákoliv data uložená do skrytého svazku nebudou uložena a ztratí se. Windows to mohou hlásit jako chybu zápisu ("Zpožděný zápis selhal" nebo "Parametr je nesprávný"). + VAROVÁNÍ: Byl zaznamenán pokus o zapsání dat do skryté oblasti svazku připojeného jako %c:! VeraCrypt zabránil zápisu těchto dat, aby skrytý svazek chránil. To mohlo způsobit poškození souborového systému vnějšího svazku a Windows to mohou hlásit jako chybu zápisu ("Zpožděný zápis selhal" nebo "Parametr je nesprávný"). Celý svazek (jak vnější tak skrytá část) bude chráněn proti zápisu, dokud nebude odpojen. Pokud to není první případ, kdy VeraCrypt chránil skrytou část svazku před zápisem, hodnověrnost popření skrytého svazku může být nepříznivě ovlivněna (kvůli možné neobvyklé korelované inkonzistenci uvnitř vnějšího svazku souborového systému). Proto byste měli zvážit vytvoření nového svazku VeraCrypt (s vypnutou funkcí Rychlého formátování) a přesunout soubory z tohoto svazku do nového; tento svazek by měl být bezpečně vymazán (jak vnější tak skrytá část). Důrazně doporučujeme, abyste nyní operační systém restartovali. + Naznačili jste, že na svazek hodláte ukládat soubory větší než 4 GB. V tom případě musí být svazek naformátován systémem souborů NTFS, což bohužel nebude možné. + Mějte prosím na paměti, že pokud běží skrytý operační systém, ne-skryté svazky VeraCrypt nemohou být naformátovány jako NTFS. Důvodem je, že by svazek musel být dočasně připojen bez ochrany proti zápisu, aby ho mohl operační systém naformátovat jako NTFS (přičemž formátování jako FAT je prováděno VeraCryptem, nikoliv operačním systémem a bez toho, aby musel být svazek připojen). Pro více technických informací, viz níže. Ne-skrytý NTFS svazek můžete vytvořit z klamného operačního systému. + Z bezpečnostních důvodů, pokud je spuštěn skrytý operační systém, skryté svazky mohou být vytvořeny pouze 'přímým' módem (protože vnější svazky musí být vždy připojeny pouze pro čtení). Abyste vytvořili skrytý svazek bezpečně, postupujte dle těchto kroků:\n\n1) Spusťte klamný systém.\n\n2) Vytvořte běžný svazek VeraCrypt a do tohoto svazku nakopírujte nějaká citlivě vypadající data, která ve skutečnosti NECHCETE skrýt (svazek se stane vnějším svazkem).\n\n3) Spusťte skrytý systém a spusťte Průvodce vytvořením svazku VeraCrypt. Pokud jde o svazek umístěny v souboru, přesuňte ho do systémového oddílu nebo do jiného skrytého svazku (jinak bude nově vytvořený svazek připojen pouze pro čtení a nemohl by být zformátován). Postupujte podle instrukcí v průvodci až k výběru 'přímého' módu pro vytvoření skrytého svazku.\n\n4) V průvodci vyberte svazek, který jste vytvořili v kroku 2, a pak postupujte dle instrukcí a vytvořte v něm skrytý svazek. + Z bezpečnostních důvodů, pokud je skrytý operační systém spuštěn, lokální nezašifrované systémy souborů a neskryté svazky VeraCrypt jsou připojeny pouze pro čtení (do těchto systémů souborů nebo svazků VeraCrypt nemůžete zapisovat).\n\nData můžete zapisovat do jakéhokoliv systému souborů, který je umístěn uvnitř skrytého svazku VeraCrypt (za předpokladu, že skrytý svazek není umístěn v souborovém svazku, který je umístěn na nezašifrovaném systému souborů nebo na jiném systému souborů, který je pouze pro čtení). + Jsou 3 hlavní důvody, proč byla takováto protiopatření implementována:\n\n- Umožňuje vytvoření bezpečné platformy pro připojení skrytých svazků VeraCrypt. Oficiálně doporučujeme připojit skryté svazky pouze pokud běží skrytý operační systém. (Pro více informací, viz podsekce 'Bezpečnostní požadavky a prevence ohledně skrytých svazků' v dokumentaci.)\n\n- V některých případech je možné zjistit, že v určitém čase nebyl konkrétní systém souborů připojen k (nebo že příslušný soubor na systému souborů nebyl uložen nebo k němu nebyl přístup přímo) příslušné instanci operačního systému (např. analyzováním a porovnáním žurnálů systému souborů, časových razítek souborů, aplikačních logů, chybových logů, apod.). To vše může naznačit, že je na počítači nainstalován skrytý operační systém. Protiopatření přecházejí těmto problémům.\n\n- Zabraňuje poškození dat a umožňuje bezpečnou hibernaci. Když Windows přejdou z hibernace, předpokládají, že všechny připojené systémy souborů jsou ve stejném stavu, jako když systém přešel do hibernace. VeraCrypt toto zabezpečuje tím, že chrání proti zápisu jakýkoliv systém souborů ať už v klamném nebo skrytém systému. Bez této ochrany by mohlo u připojeného systému dojít k poškození souborů, pokud by byl druhý systém hibernován. + Poznámka: Pokud potřebujete bezpečně přesunout soubory z klamného systému do skrytého systému, dbejte následujících kroků: 1) Spusťte klamný systém. 2) Uložte soubory na nezašifrovaný svazek nebo na vnější/normální svazek VeraCrypt. 3) Spusťte skrytý systém. 4) Uložili jste-li soubory na svazek VeraCrypt, připojte ho (bude automaticky připojen jen pro čtení). 5) Zkopírujte soubory do skrytého systémového oddílu nebo na jiný svazek. + Váš počítač musí být restartován.\n\nChcete nyní provést restart? + Nastala chyba při získávání informací o stavu zašifrovaného systému. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Nelze inicializovat aplikační komponenty pro systémové šifrování. + Selhala inicializace generátoru náhodných čísel! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Aplikace nemohla být inicializována. Selhala registrace Dialogové třídy. + Chyba: Systémová knihovna Rich Edit nemohla být načtena. + Průvodce vytvořením svazku VeraCrypt + Maximální možná velikost skrytého svazku pro tento svazek je %.2f bytů. + Maximální možná velikost skrytého svazku pro tento svazek je %.2f KB. + Maximální možná velikost skrytého svazku pro tento svazek je %.2f MB. + Maximální možná velikost skrytého svazku pro tento svazek je %.2f GB. + Maximální možná velikost skrytého svazku pro tento svazek je %.2f TB. + Heslo/souborový klíč svazku nemůže být změněn během jeho připojení. Svazek nejdříve odpojte. + Derivační algoritmus pro klíč hlavičky nemůže být změněn během připojování svazku. Svazek nejdříve odpojte. + &Připojit + Pro připojení tohoto oddílu je potřeba novější verze programu VeraCrypt. + Chyba: Průvodce vytvořením svazku nebyl nalezen.\n\nUjistěte se prosím, že soubor 'VeraCrypt Format.exe' je ve složce, ze které byl 'VeraCrypt.exe' spuštěn. Pokud není, přeinstalujte prosím VeraCrypt nebo najděte 'VeraCrypt Format.exe' na vašem disku a spusťte jej. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Další > + &Dokončit + &Instalovat + &Rozbalit + Nelze připojit k ovladači zařízení VeraCrypt. VeraCrypt nemůže pracovat, pokud ovladač zařízení neběží.\n\nKvůli architektuře Windows bude pravděpodobně nutné se odhlásit nebo restartovat systém, aby mohl být ovladač zařízení načten. + Nastala chyba při nahrávání/připravování fontů. + Písmeno disku nebylo nalezeno nebo nebylo specifikováno. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Písmeno jednotky není k dispozici. + Nebyl vybrán žádný soubor! + Žádné písmeno disku není k dispozici. + Není k dispozici žádné volné písmeno disku pro vnější svazek! Vytvoření svazku nelze dokončit. + Verze vašeho operačního systému nebyla rozpoznána nebo používáte nepodporovaný operační systém. + Nebyla vybrána cesta! + Pro skrytý svazek není dostatek volného místa! Vytvoření svazku nelze dokončit. + Chyba: Soubory, které jste nakopírovali do vnějšího svazku, zabírají příliš moc místa. Tím pádem není na vnějším svazku ani dost místa pro skrytý svazek.\n\nSkrytý svazek musí být stejně velký jako systémový oddíl (oddíl, kde je nainstalován momentálně běžící operační systém). Důvodem je, že skrytý operační systém musí být vytvořen zkopírováním obsahu systémového oddílu do skrytého svazku.\n\n\nProces vytváření skrytého operačního systému nemůže pokračovat. + Ovladač nemůže odpojit svazek. Některé soubory umístěné na svazku jsou pravděpodobně ještě otevřené. + Svazek nemohl být uzamknut. Na svazku jsou stále otevřené soubory. Proto nemůže být odpojen. + VeraCrypt nemůže zamknout tento svazek, protože je používán systémem nebo aplikacemi (na tomto svazku mohou existovat otevřené soubory).\n\nChcete vynutit odpojení tohoto svazku? + Vyberte svazek VeraCrypt + Zadejte cestu a jméno souboru + Vybrat knihovnu PKCS #11 + Nedostatek paměti + DŮLEŽITÉ: Důrazně doporučujeme, aby nezkušení uživatelé vytvořili souborový svazek VeraCrypt na vybraném zařízení/oddílu, místo zašifrování celého zařízení/oddílu.\n\nPokud vytvoříte souborový svazek VeraCrypt (oproti zašifrování zařízení nebo oddílu), neriskujete například ztrátu velkého množství souborů. Souborový svazek VeraCrypt (ačkoliv obsahuje virtuální zašifrovaný disk) se chová je ve skutečnosti jako obyčejný soubor. Pro více informací viz kapitola Návod pro začátečníky v uživatelské příručce VeraCryptu.\n\nJste si jisti, že chcete zašifrovat celé zařízení/oddíl? + VAROVÁNÍ: Soubor '%s' již existuje!\n\nDŮLEŽITÉ: VERACRYPT TENTO SOUBOR NEZAŠIFRUJE, ALE SMAŽE HO. Jste si jisti, že chcete tento soubor smazat a nahradit ho novým souborovým svazkem VeraCrypt? + VAROVÁNÍ: VŠECHNY SOUBORY, KTERÉ JSOU MOMENTÁLNĚ ULOŽENY NA VÁMI VYBRANÉM %s '%s'%s BUDOU VYMAZÁNY A ZTRACENY (NEBUDOU ZAŠIFROVÁNY)!\n\nJste si jisti, že chcete pokračovat s formátováním? + VAROVÁNÍ: Nebudete moci na svazek přistoupit ani přistupovat k souborům na něm do té doby, než bude plně zašifrován.\n\nJste si jisti, že chcete začít zašifrovávat vybraný %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + VAROVÁNÍ: Pokud dojde při šifrování dat za běhu k náhlému výpadku proudu, nebo pokud systém spadne kvůli softwarové chybě nebo hardwarovému selhání, část dat bude poškozena nebo ztracena. Než začnete zašifrovávat, ujistěte se, že máte záložní kopie souborů, které chcete zašifrovat.\n\nMáte takovou zálohu? + VAROVÁNÍ: JAKÉKOLIV SOUBORY ULOŽENÉ NA ODDÍLU '%s'%s (NAPŘ. NA PRVNÍM ODDÍLU ZA SYSTÉMOVÝM ODDÍLEM) BUDOU VYMAZÁNA A ZTRACENA (NEBUDOU ZAŠIFROVÁNA)!\n\nJste si jisti, že chcete pokračovat ve formátování? + VAROVÁNÍ: VYBRANÝ ODDÍL OBSAHUJE VELKÉ MNOŽSTVÍ DAT! Všechny soubory uložené na tomto oddílu budou smazány a ztraceny (NEBUDOU zašifrovány)! + Smaž všechny soubory uložené na oddílu tím, že se uvnitř vytvoří svazek VeraCrypt + Heslo + PIM + Zadejte hlavičku klíče derivačního algoritmu + Přidat/Odebrat souborové klíče do/ze svazku + Odstranit všechny souborové klíče ze svazku + Heslo a souborový klíč/e byly úspěšně změněny.\n\nDŮLEŽITÉ: Ujistěte se, prosím, že jste si přečetli sekci 'Změna hesel a souborových klíčů' v kapitole 'Bezpečnostní požadavky a opatření' v uživatelské příručce VeraCryptu. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + DŮLEŽITÉ: Pokud jste nezničili váš Záchranný disk VeraCrypt, váš systémový oddíl/disk může být stále dešifrován použitím starého hesla (nabootováním Záchranného disku VeraCrypt a zadáním starého hesla). Měli byste vytvořit nový Záchranný disk VeraCrypt a pak zničit starý.\n\nChcete vytvořit nový Záchranný disk VeraCrypt? + Záchranný disk VeraCrypt stále používá předchozí algoritmus. Považujete-li předchozí algoritmus za nedostatečně bezpečný, měli byste vytvořit nový záchranný disk VeraCrypt a pak starý zničit.\n\nChcete vytvořit nový Záchranný disk VeraCrypt? + Jakýkoliv typ souboru (například .mp3, .jpg, .zip, .avi) může být použit jako souborový klíč VeraCryptu. Vězte, že VeraCrypt nikdy nemění obsah souborového klíče. Můžete vybrat více než jen jeden souborový klíč (na pořadí nezáleží). Pokud zadáte adresář, všechny neskryté soubory nalezené uvnitř, budou použity jako souborové klíče. Klikněte na 'Přidat soubory tokenu' a vyberte souborové klíče uložené na bezpečnostních tokenech nebo smart kartách (nebo k importu souborových klíčů na bezpečnostní tokeny nebo na smart karty). + Souborový klíč(e) byl úspěšně přidán/odstraněn. + Souborový klíč exportován. + Klíč hlavičky derivačního algoritmu byl úspěšně zadán. + Zadejte prosím heslo a/nebo souborový klíč/e k nesystémovému svazku, u kterého chcete pokračovat v procesu šifrování za běhu.\n\n\nPoznámka: Až kliknete na Další, VeraCrypt se pokusí najít všechny nesystémové svazky, u kterých byl přerušen proces šifrování a u kterých může být VeraCrypt hlavička dešifrována použitím uvedeného hesla a/nebo souborového klíče/ů. Pokud bude nalezeno více než jeden svazek, budete muset v příštím kroku vybrat jeden z nich. + Vyberte, prosím, jeden svazek ze seznamu. Seznam obsahuje všechny přístupné ne-systémové svazky, kde byl přerušen proces šifrování a jejichž hlavičky mohou být dešifrovány s použitím použitého hesla a souborového klíče. + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + Je velmi důležité, abyste zadali dobré heslo. Měli byste se vyvarovat takového hesla, které obsahuje jen jedno slovo nebo může být nalezeno ve slovníku (nebo kombinace 2, 3 nebo 4 takovýchto slov). Nemělo by obsahovat žádná jména nebo data narození. Nemělo by být lehce uhodnutelné. Dobré heslo se skládá z kombinace různých velkých a malých písmen, čísel a speciálních znaků jako např. @ ^ = $ * + atd. Doporučujeme zvolit heslo skládající se z 20 znaků a více (čím delší, tím lepší). Maximální možná délka je 64 znaků. + Zadejte heslo pro skrytý svazek. + Zadejte, prosím, heslo pro skrytý operační systém (např. pro skrytý svazek). + DŮLEŽITÉ: Heslo, které vyberete v tomto kroku pro skrytý operační systém, musí být podstatně odlišné od ostatních dvou hesel (např. od hesla k vnějšímu svazku a hesla pro klamný operační systém). + Zadejte prosím heslo pro svazek, ve kterém si přejete vytvořit skrytý svazek.\n\nPo kliknutí Další se VeraCrypt pokusí svazek připojit. Jakmile bude svazek připojen, jeho clusterová bitmapa bude oskenována pro zjištění velikosti nepřerušené oblasti volného místa (pokud takové vůbec je) jehož konec tvoří i konec svazku. Tato oblast bude obsahovat skrytý svazek, a proto bude jeho maximální velikost omezena. Skenování clusterové mapy je nutné, aby bylo zajištěno, že žádná data na vnějším disku nebudou přepsána skrytým svazkem. + \nZadejte heslo pro vnější svazek. Toto heslo budete moci prozradit útočníkovi, pokud vás k tomu donutí.\n\nDŮLEŽITÉ: Heslo musí být úplně odlišné od toho, které zvolíte pro skrytý svazek.\n\nPoznámka: Maximální možná délka hesla je 64 znaků. + Zadejte heslo pro vnější svazek. Toto heslo budete moci prozradit komukoliv, kdo by po vás chtěl vědět heslo k prvnímu oddílu za systémovým oddílem, kde je umístěn jak vnější tak skrytý svazek (bude obsahovat skrytý operační systém). Existence skrytého svazku (a skrytého operačního systému) zůstane utajena. Toto heslo není pro klamný operační systém.\n\nDŮLEŽITÉ: Heslo musí být úplně odlišné od toho, které zvolíte pro skrytý svazek. (např. pro skrytý operační systém). + Heslo vnějšího svazku + Heslo skrytého svazku + Heslo pro skrytý operační systém + UPOZORNĚNÍ: Krátká hesla se dají jednoduše prolomit použitím metody hrubé síly!\n\nDoporučujeme vybrat heslo skládající se z více než 20 znaků.\n\nJste si jisti, že chcete použít kratší heslo? + Heslo svazku + Nesprávné heslo nebo se nejedná o svazek VeraCrypt. + Špatný souborový klíč(y) a/nebo heslo nebo se nejedná o svazek VeraCrypt. + Špatný mód připojení, nesprávné heslo nebo se nejedná o svazek VeraCrypt. + Špatný mód připojení, nesprávný souborový klíč/e a/nebo špatné heslo nebo se nejedná o svazek VeraCrypt. + Špatné heslo nebo nebyl nalezen žádný svazek VeraCrypt. + Špatný souborový klíč/heslo nebo nebyl nalezen žádný svazek VeraCrypt. + \n\nUpozornění: Caps Lock je zapnutý. Tím můžete špatně zadat heslo. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nVAROVÁNÍ: V cestě k souborovým klíčům byl nalezen skrytý soubor/y. Tyto skryté soubory nemohou být použity jako souborové klíče. Pokud je potřebujete použít jako souborové klíče, odstraňte jejich 'Skrytý' atribut (pravým tlačítkem myši na něj klikněte, vyberte 'Vlastnosti', odškrtněte 'Skrytý' a potvrďte OK). Poznámka: Skryté soubory jsou viditelné jen tehdy, pokud je daná volba zapnuta (Ovládací panely > 'Možnosti složky' > Zobrazit). + Pokud se snažíte ochránit skrytý svazek, který obsahuje skrytý systém, ujistěte se, že používáte při zadávání hesla ke skrytému svazku standardní US rozložení klávesnice. Je to nutné vzhledem k tomu, že hesla musí být zadávána v před-bootovacím prostředí (než se spustí Windows), kde nejsou ne-US rozložení klávesnice k dispozici. + VeraCrypt nenašel žádný svazek, kde by bylo přerušeno nesystémové šifrování a kde by bylo možné dešifrovat hlavičku svazku s pomocí dodaného hesla a/nebo souborového klíče/ů.\n\nUjistěte se, prosím, že heslo a/nebo souborový klíč/e jsou správné a že oddíl/svazek není používán systémem nebo aplikacemi (včetně antivirového programu). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nPoznámka: Snažíte-li se připojit oddíl umístěný na zašifrovaném systémovém disku bez před-bootovací autentifikace nebo snažíte-li se připojit zašifrovaný systémový oddíl operačního systému, který neběží, můžete tak učinit přes 'Systém' > 'Připojit bez před-bootovací autentifikace.' + V tomto módu nemůžete připojit oddíl umístěný na disku, jehož část je součástí aktivního systémového šifrování.\n\nNež budete moci připojit oddíl v tomto módu, musíte buď nabootovat z operačního systému nainstalovaném na odlišném disku (zašifrovaném nebo nezašifrovaném) nebo nabootovat z nezašifrovaného operačního systému. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Zpět + Seznam základních zařízení instalovaných na vašem systému nemohl být vytvořen! + Svazek '%s' již existuje a je jen pro čtení. Jste si jistí, že ho chcete nahradit? + Vyberte cílový adresář + Vyberte souborový klíč + Zvolte cestu pro hledání souborového klíče. UPOZORNĚNÍ: Zapamatována bude pouze cesta, nikoliv název souboru! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Navrhnuta Rossem Andersonem, Elim Bihamem a Larsem Knudsenem. Zveřejněna v roce 1998. 256-bitový klíč, 128-bitové bloky. Operační mód je XTS. Serpent byla jedním z finalistů AES. + Definujte, prosím, velikost svazku, který chcete vytvořit.\n\nVytvoříte-li dynamický (rozptýlený soubor) svaze, tento parametr určí jeho maximální možnou velikost.\n\nMinimální možná velikost FAT svazku je 292 KB. Minimální možná velikost NTFS svazku je 3792 KB. + Definujte, prosím, velikost vnějšího svazku, který se má vytvořit (nejdříve vytvoříte vnější svazek a pak skrytý uvnitř něj). Minimální možná velikost svazku, v němž má být vytvořen svazek skrytý, je 340 KB. + Zadejte, prosím, velikost skrytého svazku, který se má vytvořit. Minimální možná velikost skrytého svazku je 40 KB (nebo 3664 KB pokud je naformátován jako NTFS). Maximální možná velikost skrytého svazku je uvedena výše. + Velikost vnějšího svazku + Velikost skrytého svazku + Ověřte, prosím, že velikost vybraného zařízení/oddílu uvedená výše je správná a klikněte na Další. + Vnější svazek a skrytý svazek (obsahující skrytý operační systém) bude umístěn ve výše zmíněném oddílu. Měl by to být první oddíl hned za systémovým oddílem.\n\nOvěřte, zda je velikost oddílu a jeho číslo (viz výše) správně a pak klikněte na Další. + \n\nMinimální možná velikost svazku, v němž má být vytvořen svazek skrytý, je 340 KB. + Velikost svazku + Dynamický + VAROVÁNÍ: AUTOTEST SELHAL! + Autotesty všech šifer proběhly v pořádku + Číslo datové jednotky je příliš dlouhé nebo krátké. + Sekundární klíč, který jste zadali, je příliš dlouhý nebo příliš krátký. + Testovací šifrovaný text, který jste zadali, je příliš dlouhý nebo krátký. + Testovací klíč, který jste zadali, je příliš dlouhý nebo krátký. + Testovací čistý text, který jste zadali, je příliš dlouhý nebo krátký. + Dvě šifry v kaskádě operující v LRW módu. Každý blok je nejprve zašifrován s %s (%d-bitový klíč) a poté s %s (%d-bitový klíč). Každá šifra používá svůj vlastní klíč. Všechny klíče jsou vzájemně nezávislé. + Tři šifry v kaskádě operující v módu LRW. Každý blok je nejprve zašifrován s %s (%d-bitový klíč) a poté s %s (%d-bitový klíč) a nakonec s %s (%d-bitový klíč). Každá šifra používá svůj vlastní klíč. Všechny klíče jsou vzájemně nezávislé. + Podle konfigurace operačního systému můžou tyto funkce pro automatické spuštění a automatické připojení fungovat pouze pokud jsou data cestovních disků vytvořena na nezapisovatelném CD/DVD médiu. Toto není chyba v VeraCryptu (jde o omezení Windows). + Cestovní disk VeraCrypt byl úspěšně vytvořen.\n\nPro spuštění VeraCryptu v přenosném módu potřebujete administrátorská oprávnění. Měli byste také vědět, že prozkoumáním registrů se dá zjistit, že byl VeraCrypt spuštěn na systému Windows, i když běžel v přenosném módu. + Cestovní disk VeraCrypt + Navrhnuta Brucem Schneierem, Johnem Kelseyem, Dougem Whitingem, Davidem Wagnerem, Chrisem Hallem a Nielsem Fergusonem. Zveřejněna v roce 1998. 256-bitový klíč, 128-bitové bloky. Operační mód je XTS. Twofish byla jedním z finalistů AES. + Více informací o %s + Neznámý + Nastala nespecifikovaná nebo neznámá chyba (%d). + Některé svazky obsahují soubory nebo adresáře používané aplikacemi nebo systémem.\n\nVynutit odpojení? + &Odpojit + Odpojení selhalo! + Svazek obsahuje soubory nebo složky používané aplikacemi nebo systémem.\n\nVynutit odpojení? + K uvedenému písmenu disku není připojen žádný svazek. + Svazek, který se snažíte připojit, je již připojen. + Došlo k chybě při pokusu o připojení svazku. + Chyba při hledání umístění uvnitř svazku. + Chyba: Nesprávná velikost svazku. + VAROVÁNÍ: Rychlé formátování byste měli použít jen v těchto případech:\n\n1) Zařízení obsahuje náhodná data (např. již bylo bezpečně a úplně zašifrováno).\n2) Chcete využít ihned veškeré volné místo.\n3) Nezajímá vás otázka bezpečnosti (testování).\n\nJste si jisti, že chcete použít Rychlé formátování? + Dynamický souborový svazek je před-přidělený rozptýlený NTFS soubor, jehož fyzická velikost (platné místo na disku, které zabírá) se zvyšuje tak, jak se do něj přidávají data.\n\nVAROVÁNÍ: Výkonnost rozptýlených souborových svazků je podstatně horší než u běžných svazků. Rozptýlené souborové svazky jsou také méně bezpečné, protože je možné zjistit, které sektory svazku jsou nepoužívané. Navíc tyto svazky nemohou poskytnout hodnověrné popření (neobsahují skrytý svazek). Pokud jsou data zapsána do rozptýleného souborového svazku a na původním systému souborů není dostatek místa, zašifrovaný systém souborů se může poškodit.\n\nJste si jisti, že chcete vytvořit rozptýlený souborový svazek? + Velikost dynamického svazku, vykazovaná systémem Windows a VeraCryptem, bude vždy rovna jeho maximální velikosti. Pro zjištění aktuální fyzické velikosti svazku (místo na disku, které zabírá), klikněte pravým tlačítkem myši na soubor svazku (v okně Průzkumníka Windows, ne v VeraCryptu), pak vyberte 'Vlastnosti' a prohlédněte si hodnotu 'Velikost na disku'.\n\nMějte na paměti, že pokud přesunete dynamický svazek na jiný svazek nebo jednotku, fyzická velikost souborového svazku se zvýší na maximum. (Tomu můžete zabránit tím, že vytvoříte nový dynamický svazek v cílové oblasti, připojíte ho a pak přesunete soubory ze starého svazku do nového.) + Mezipaměť hesla vyčištěna + Hesla (a/nebo zpracovaný obsah souborového klíče) uložená v ovladači mezipaměti programu VeraCrypt byla pročištěna. + VeraCrypt nemůže změnit heslo pro cizí svazek. + Vyberte prosím volné písmeno disku ze seznamu. + Vyberte prosím nejdříve připojený svazek ze seznamu písmen jednotek. + Momentálně jsou vybrány dva připojené svazky (jeden v písmenném seznamu jednotek a druhý ve vstupním políčku pod seznamem).\n\nVyberte, prosím, který svazek chcete zvolit. + Chyba: Nelze vytvořit autorun.inf + Chyba při zpracování souborového klíče! + Chyba při zpracování cesty k souborovému klíči! + Cesta k souborovému klíči neobsahuje žádný soubor.\n\nAdresáře (a soubory, které obsahují) nalezené v cestě k souborovému klíči jsou ignorovány. + VeraCrypt nepodporuje tento operační systém. + Chyba: VeraCrypt podporuje pouze stabilní verze tohoto operačního systému (beta/RC verze nejsou podporovány). + Chyba: Nelze přidělit paměť. + Chyba: Hodnota výkonnostního čítače nemohla být zjištěna. + Chyba: Špatný formát svazku. + Chyba: Zadali jste heslo pro skrytý svazek (ne pro normální svazek). + Z bezpečnostních důvodů nemůže být skrytý svazek vytvořit uvnitř takového svazku VeraCrypt, který obsahuje systém souborů, jenž byl zašifrován za běhu (protože volné místo na svazku nebylo vyplněno libovolnými daty). + VeraCrypt - právní upozornění + Všechny soubory + Svazky VeraCrypt + Knihovny + NTFS formátování nemůže pokračovat. + Svazek nelze připojit. + Svazek nelze odpojit. + Windows nemohl zformátovat svazek jako NTFS.\n\nVyberte prosím jiný systému souborů (je-li to možné) a zkuste to znovu. Popřípadě můžete nechat svazek nenaformátovaný (vyberte 'Žádný' systém souborů), ukončete tohoto průvodce, připojte svazek a pak použijte buď systémový nástroj, nebo nástroj třetí strany k zformátování připojeného svazku (svazek zůstane zašifrovaný). + Windows nemohl naformátovat svazek jako NTFS.\n\nChcete místo toho svazek naformátovat jako FAT? + Předvolený + oddíl + ODDÍL + Zařízení + zařízení + ZAŘÍZENÍ + Oddíl + svazek + SVAZEK + Jmenovka + Vybraná velikost clusteru je pro tento svazek příliš malá. Použije se větší velikost clusteru. + Chyba: Nelze zjistit velikost svazku!\n\nUjistěte se, že vybraný svazek není používán systémem nebo aplikací. + Skryté svazky nesmí být vytvořeny uvnitř dynamických (rozptýlený soubor) svazků. Abyste dosáhli hodnověrného popření, skrytý svazek musí být vytvořit uvnitř ne-dynamického svazku. + Průvodce vytvořením svazku VeraCrypt může vytvořit skrytý svazek pouze uvnitř svazků typu FAT nebo NTFS. + V systému Windows 2000 může Průvodce vytvořením svazku VeraCrypt vytvořit skrytý svazek pouze uvnitř svazku typu FAT. + Poznámka: Systém souborů FAT je vhodnější pro vnější svazky než NTFS (například maximální možná velikost skrytého svazku by byla s největší pravděpodobností mnohem větší, pokud by byl vnější svazek naformátován jako FAT). + Systém souborů FAT je mnohem vhodnější pro vnější svazky než NTFS. Například maximální možná velikost skrytého svazku by byla s největší pravděpodobností mnohem větší, pokud by byl vnější svazek naformátován jako FAT (důvodem je, že NTFS vždy ukládá vnitřní data do poloviny svazku, a proto může být skrytý svazek umístěn jen do druhé poloviny vnějšího svazku).\n\nJste si jisti, že chcete naformátovat vnější svazek jako NTFS? + Chcete místo toho naformátovat svazek jako FAT? + Poznámka: Tento svazek nemůže být naformátován jako FAT, protože jeho velikost překračuje maximální povolenou velikost podporovanou systémem souborů FAT32 při zvolené velikosti sektorů (2 TB pro 512-bajtové sektory a 16 TB pro 4096-bajtové sektory). + Chyba: Oddíl pro skrytý operační systém (např. první oddíl hned za systémovým oddílem) musí být alespoň o 5% větší než systémový oddíl (systémový oddíl je ten, kde je nainstalován momentálně běžící operační systém). + Chyba: Oddíl pro skrytý operační systém (např. první oddíl hned za systémovým oddílem) musí být alespoň o +110% (2,1 krát) větší než systémový oddíl (systémový oddíl je ten, kde je nainstalován momentálně běžící operační systém). Důvodem je skutečnost, že systém souborů NTFS vždy ukládá vnitřní data přesně doprostřed svazku, a proto může být skrytý svazek (který bude obsahovat klon systémového oddílu) umístěn jen v druhé půlce oddílu. + Chyba: Je-li vnější svazek naformátován jako NTFS, musí být alespoň o +110% (2,1 krát) větší než systémový oddíl. Důvodem je skutečnost, že systém souborů NTFS vždy ukládá vnitřní data přesně doprostřed svazku, a proto může být skrytý svazek (který bude obsahovat klon systémového oddílu) umístěn jen v druhé půlce oddílu.\n\nPoznámka: Vnější svazek musí být umístěn ve stejném oddílu jako skrytý operační systém (např. uvnitř prvního oddílu hned za systémovým oddílem). + Chyba: Za systémovým oddílem není žádný další oddíl.\n\nNež budete moci vytvořit skrytý operační systém, musíte pro něj vytvořit oddíl na systémovém disku. Musí to být první oddíl hned za systémovým oddílem a musí být alespoň o 5% větší než systémový oddíl (systémový oddíl je ten, kde je nainstalován momentálně běžící operační systém). Pokud je ale vnější svazek (nezaměňte se systémovým oddílem) naformátován jako NTFS, oddíl pro skrytý operační systém musí být o 110% (2,1 krát) větší než systémový oddíl (důvodem je skutečnost, že systém souborů NTFS vždy ukládá vnitřní data přesně doprostřed svazku, a proto může být skrytý svazek, který bude obsahovat klon systémového oddílu, umístěn jen v druhé půlce oddílu.). + Poznámka: Není praktické (a proto ani podporované) instalovat operační systémy do dvou svazků VeraCrypt, které jsou umístěny uvnitř jednoho oddílu, protože používání vnějšího operačního systému by vyžadovalo zápis dat do oblasti skrytého operačního systému (a pokud by byly tyto zapisovací operace zamezeny použitím ochranného prvku skrytého svazku, došlo by k selhání systému, např. chyby s modrou obrazovkou). + Pro informace jak vytvořit a spravovat oddíly, viz dodaná dokumentace k vašemu operačnímu systému nebo kontaktujte technickou podporu prodejce vašeho počítače pro asistenci. + Chyba: Momentálně běžící operační systém není nainstalován na bootovacím svazku (první aktivní oddíl). To není podporováno. + Uvedli jste, že chcete v tomto svazku VeraCrypt ukládat soubory větší než 4 GB. Vybrali jste ale systém souborů FAT, kde soubory větší než 4 GB nemohou být uloženy.\n\nJste si jisti, že chcete svazek naformátovat na FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Chyba: Ke svazku nelze přistoupit!\n\nUjistěte se, že vybraný svazek existuje, že není připojený používaný systémem nebo aplikací, že máte práva pro čtení/zápis ke svazku a že svazek není chráněn proti zápisu. + Error: Cannot obtain volume properties. + Chyba: Ke svazku se nelze připojit a/nebo o něm nelze zjistit informace.\n\nUjistěte se, že vámi vybraný svazek existuje, že není používán systémem nebo aplikacemi a že máte práva pro čtení/zapisování ke svazku a že není chráněn proti zápisu. + Chyba: Ke svazku se nelze připojit a/nebo o něm nelze zjistit informace. Ujistěte se, že vámi vybraný svazek existuje, že není používán systémem nebo aplikacemi a že máte práva pro čtení/zapisování ke svazku a že není chráněn proti zápisu.\n\nPokud problém přetrvává, mohou vám pomoci kroky uvedené níže. + Svazek nemohl být VeraCryptem zašifrován, protože nastala nějaká chyba. Zkuste, prosím, nejdříve opravit všechny předešlé ohlášené chyby, a pak to zkuste znovu. Pokud problém přetrvává, mohou vám pomoci kroky uvedené níže. + VeraCrypt nemohl pokračovat v šifrování oddílu, protože nastala nějaká chyba.\n\nZkuste, prosím, nejdříve opravit všechny předešlé ohlášené chyby, a pak zkuste v procesu pokračovat. Svazek nelze připojit, dokud nebude úplně zašifrován. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Chyba: Vnější svazek nelze odpojit!\n\nSvazek nemůže být odpojen, pokud obsahuje soubory nebo složky používané programem nebo systémem.\n\nZavřete prosím jakýkoliv program, který by mohl soubory nebo adresáře na svazku používat a klikněte Znovu. + Chyba: Nelze získat informace o vnějším svazku! Vytváření svazku nemůže pokračovat. + Chyba: Nelze přistupovat na vnější svazek! Vytváření svazku nelze dokončit. + Chyba: Nemohu připojit vnější svazek! Vytváření svazku nelze dokončit. + Chyba: Nelze získat bitmapu clusteru svazku! Vytváření svazku nelze dokončit. + Abecedně/dle kategorií + Průměrná rychlost (sestupně) + Algoritmus + Šifrování + Dešifrování + Průměr + Disk + Velikost + Šifrovací algoritmus + Šifrovací algoritmus + Typ + Hodnota + Vlastnost + Oblast + bytů + Skrytý + Vnější + Normální + Systémový + Skrytý (systém) + Jen pro čtení + Systémový disk + Systémový disk (šifruji - %.2f%% hotovo) + Systémový disk (dešifruji - %.2f%% hotovo) + Systémový disk (%.2f%% zašifrováno) + Systémový oddíl + Skrytý systémový oddíl + Systémový oddíl (šifruji - %.2f%% hotovo) + Systémový oddíl (dešifruji - %.2f%% hotovo) + Systémový oddíl (%.2f%% zašifrováno) + Ano (poškození zabráněno!) + Žádný + Velikost primárního klíče + Velikost sekundárního klíče (XTS Mód) + Velikost vylepšeného klíče (LRW Mód) + bitů + Velikost bloku + PKCS-5 PRF + PKCS-5 počet iterací + Oddíl byl vytvořen + Hlavička byla naposledy změněna + (před %I64d dny) + Verze formátování svazku + Vnořená záložní hlavička + Verze bootovacího zavaděče VeraCryptu + První možné + Vyjímatelný disk + Hard disk + Nezměněný + Autodetection + Průvodcovský mód + Vyberte jeden z módů. Pokud nevíte, který zvolit, vyberte předvolený. + Zvolte tuto možnost, pokud chcete VeraCrypt nainstalovat na tento systém. + Poznámka: Aktualizaci můžete provést i bez dešifrování, i když je systémový oddíl/disk zašifrován nebo pokud používáte skrytý operační systém. + Zvolíte-li tuto možnost, budou rozbaleny všechny soubory z tohoto balíčku, ale nic nebude na systém nainstalováno. Nevybírejte tuto volbu, pokud chcete zašifrovat systémový oddíl nebo systémový disk. Výběr této možnosti může být užitečný, pokud například chcete spouštět VeraCrypt v takzvaném přenosném módu. VeraCrypt nemusí být nainstalovaný na operačním systému, pod kterým běží. Až budou všechny soubory rozbaleny, můžete rovnou spustit soubor 'VeraCrypt.exe' (pak VeraCrypt poběží v přenosném módu). + Volby nastavení + Zde můžete zadat různé volby pro kontrolu instalačního procesu. + Instaluji + Čekejte prosím, program VeraCrypt se instaluje. + VeraCrypt byl úspěšně nainstalován + VeraCrypt byl úspěšně aktualizován + Zvažte, prosím, příspěvek na podporu VeraCryptu. Pro zavření instalátoru stačí kliknout na tlačítko Dokončit. + Volby rozbalení + Zde si můžete vybrat různé volby pro kontrolu rozbalovacího procesu. + Čekejte prosím, soubory se rozbalují. + Soubory úspěšně rozbaleny + Všechny soubory byly úspěšně rozbaleny do cílového umístění. + Pokud zadaný adresář neexistuje, bude vytvořen automaticky. + Soubory programu VeraCrypt budou aktualizovány v místě, kde je VeraCrypt nainstalován. Pokud chcete vybrat jiné umístění, odinstalujte nejdříve VeraCrypt. + Chcete zobrazit poznámky k vydání aktuální (poslední stabilní) verze programu VeraCrypt? + Pokud jste ještě nikdy nepoužívali VeraCrypt, doporučujeme Vám přečíst si kapitolu Příručka pro nové uživatele v Uživatelské příručce. Chcete si přečíst průvodce? + Vyberte prosím jednu z následujících voleb: + Opravit/Přeinstalovat + Aktualizovat + Odinstalovat + Pro úspěšnou instalaci/odinstalaci VeraCryptu potřebujete administrátorská práva. Chcete pokračovat? + Instalátor programu VeraCrypt momentálně běží na tomto systému a provádí nebo připravuje instalaci nebo update programu VeraCrypt. Než budete pokračovat, počkejte na dokončení nebo jej zavřete. Pokud ho nemůžete zavřít, restartujte prosím počítač, než budete pokračovat. + Instalace selhala. + Odinstalace selhala. + Distribuční balíček je poškozený. Stáhněte jej prosím znovu (nejlépe z oficiálních stránek programu VeraCrypt na adrese https://veracrypt.codeplex.com). + Nelze zapsat soubor %s + Rozbalení + Nelze přečíst data z balíčku. + Nelze ověřit integritu tohoto distribučního balíčku. + Rozbalení selhalo. + Instalace byla vrácena zpět. + VeraCrypt byl úspěšně nainstalován. + VeraCrypt byl úspěšně aktualizován. + VeraCrypt byl aktualizován na novější verzi. Před použitím musí být váš počítač restartován.\n\nChcete ho nyní restartovat? + Aktualizace VeraCryptu selhala!\n\nDŮLEŽITÉ: Před tím, než vypnete nebo restartujete systém, doporučujeme vám použít systémový bod obnovy (nabídka Start > Všechny programy > Příslušenství > Systémové nástroje > Obnovení systému) pro obnovení systému do bodu nazvaného 'VeraCrypt instalace'. Pokud není bod obnovení k dispozici, měli byste znovu zkusit instalaci originální nebo nové verze VeraCryptu ještě před tím, než vypnete nebo restartujete systém. + VeraCrypt byl úspěšně odinstalován.\n\nKlikněte 'Dokončit' pro odstranění instalátoru VeraCrypt a složky %s. Složka nebude odstraněna, pokud obsahuje jakékoliv soubory, které nebyly nainstalovány instalátorem nebo programem VeraCrypt. + Odstraňuji záznamy v registrech o programu VeraCrypt + Přidávám záznamy do registru + Odstraňuji specifická data aplikace + Instaluji + Pozastavuji + Odstraňuji + Přidávám ikonu + Vytvářím bod obnovení + Bod obnovení se nepodařilo vytvořit! + Aktualizuji bootovací zavaděč + Instalace '%s' selhala. %s Chcete pokračovat v instalaci? + Odinstalace '%s' selhala. %s Chcete pokračovat v odinstalaci? + Instalace dokončena. + Složka '%s' nemohla být vytvořena + Ovladač zařízení VeraCrypt nemůže být odstraněn.\n\nZavřete prosím nejdříve všechny okna VeraCrypt. Pokud to nepomůže, restartujte prosím Windows a zkuste to znovu. + Všechny svazky VeraCrypt musí být odpojeny před instalací nebo odinstalací programu VeraCrypt. + Na tomto systému je aktuálně nainstalována zastaralá verze VeraCryptu. Před instalací nové verze musí být nejprve odinstalována.\n\nJakmile zavřete tento dialog, spustí se odinstalátor staré verze. Při odinstalaci VeraCryptu nedojde k dešifrování žádného svazku. Po odinstalaci staré verze VeraCryptu spusťte znovu instalátor nové verze. + Instalace záznamů do registru selhala + Instalace ovladače zařízení selhala. Restartujte prosím Windows a zkuste poté nainstalovat VeraCrypt znovu. + Startuji ovladač VeraCrypt zařízení + Odinstalace ovladače zařízení selhala. Pro odinstalaci (reinstalaci) ovladače zařízení se budete muset odhlásit nebo restartovat celý systém. + Instaluji ovladač VeraCrypt zařízení + Zastavuji ovladač VeraCrypt zařízení + Odinstalovávám ovladač VeraCrypt zařízení + Registrace podpůrné knihovny pro kontrolu uživatelského účtu selhala. + Odregistrace podpůrné knihovny pro kontrolu uživatelského účtu selhala. + Poznámka o přenosném módu:\n\nMějte na paměti, že operační systém vyžaduje, aby v něm před startem byly registrovány ovladače. Z toho plyne, že ovladač VeraCryptu není (a nemůže být) plně přenositelný (přičemž aplikace VeraCrypt jsou přenositelné úplně, např. nemusí být nainstalovány nebo registrovány v operačním systému). VeraCrypt také vyžaduje ovladač pro možnost šifrování/dešifrování za běhu. + Pokud se rozhodnete spouštět VeraCrypt v přenosném módu (oproti spouštění instalované verze VeraCryptu), systém se vás zeptá pokaždé, když se pokusíte VeraCrypt spustit (UAC prompt).\n\nDůvodem je, že pokud spouštíte VeraCrypt v přenosném módu, program si musí nahrát a spustit ovladač zařízení VeraCrypt. VeraCrypt tento ovladač potřebuje, aby poskytl jasné šifrování/dešifrování za běhu a aby uživatelé bez administrátorských oprávnění nemohli spouštět ovladače zařízení ve Windows. Proto se vás systém zeptá na oprávnění, aby mohl VeraCrypt běžet s administrátorskými oprávněními (UAC prompt).\n\nPokud VeraCrypt nainstalujete na systém (oproti spouštění VeraCryptu v přenosném módu), systém se vás NEBUDE ptát na povolení ke spuštění VeraCryptu (UAC prompt) pokaždé, když se ho pokusíte spustit.\n\nJste si jisti, že chcete soubory rozbalit? + Varování: Tato instance Průvodce vytvořením svazku má administrátorská oprávnění.\n\nVáš nový svazek může být vytvořen s takovými oprávněními, které vám nedovolí do něj zapisovat, pokud je připojen. Pokud se tomu chcete vyhnout, zavřete tuto instanci Průvodce vytvořením svazku a spusťte nový bez administrátorských oprávnění.\n\nChcete zavřít tuto instanci Průvodce vytvořením svazku? + Chyba: Nelze zobrazit licenci. + Vnější(!) + dnů + hodin + minut + s + Otevřít + Odpojit + Zobrazit VeraCrypt + Skrýt VeraCrypt + Přečteno dat od připojení + Zapsáno dat od připojení + Zašifrovaná část + 100% (plně zašifrován) + 0% (nezašifrován) + %.3f%% + 100% + Čekám + Připravuji + Měním velikost + Šifruji + Dešifruji + Dokončuji + Pozastaveno + Hotovo + Chyba + Zařízení odpojeno + Oblíbené systémové svazky byly uloženy.\n\nPro umožnění připojení systémových oblíbených svazků při startu systému vyberte 'Nastavení' > 'Oblíbené systémové svazky' > 'Připojit oblíbené systémové svazky při startu Windows'. + Svazek, který se snažíte přidat do oblíbených, není ani oddíl, ani dynamický svazek. VeraCrypt ho proto nebude moci připojit jako oblíbený, pokud se změní číslo zařízení. + Svazek, který se snažíte přidat do oblíbených, je oddíl, který Windows nerozpoznaly.\n\nVeraCrypt ho nebude moci připojit jako oblíbený, pokud se změní číslo zařízení. Zadejte takový typ oddílu, který Windows rozpoznají (použijte příkaz SETID v nástroji 'diskpart' ve Windows). Pak přidejte oddíl od oblíbených znovu. + VeraCrypt služba na pozadí je vypnuta nebo je nastavena tak, aby se vypnula, pokud neexistují žádné svazky k připojení (nebo VeraCrypt běží v přenosném módu). To může bránit vašim oblíbeným svazkům, aby byly automaticky připojeny při připojení hostujícího zařízení.\n\nPoznámka: Pro povolení VeraCrypt služby na pozadí, vyberte Nastavení > Předvolby a zaškrtněte 'Povoleno' u 'VeraCrypt služba na pozadí'. + Souborový svazek uložený na vzdáleném systému souborů, který je sdílen přes síť, nemůže být automaticky připojen, i když se připojí jeho hostitelské zařízení. + Zařízení zobrazené níže není ani oddíl ani dynamický svazek. Svazek umístěný na tomto zařízení nemůže být automaticky připojen, i když se připojí zařízení samotné. + Zadejte takový typ oddílu, který Windows rozpoznají (použijte příkaz SETID v nástroji 'diskpart' ve Windows). Pak odstraňte oddíl z oblíbených a přidejte jej znovu. To umožní, aby svazek umístěný na jiném zařízení, mohl být automaticky připojen při připojení zařízení. + Zařízení zobrazené níže není ani oddíl ani dynamický svazek. Proto mu nemůže být přidělena žádná jmenovka. + Zadejte takový typ oddílu, který Windows rozpoznají (použijte příkaz SETID v nástroji 'diskpart' ve Windows). Pak odstraňte oddíl z oblíbených a přidejte jej znovu. Tím bude moci VeraCryptu přiřadit oddílu jmenovku. + Kvůli omezení Windows nemůže být souborový svazek, který je uložen ve vzdáleném systému souborů - sdílen po síti, připojen jako oblíbený systémový svazek (ale může být připojen jako nesystémový oblíbený svazek, když se uživatel přihlásí). + Zadejte heslo pro %s + Zadejte heslo pro '%s' + Zadejte heslo pro normální/vnější svazek + Zadejte heslo pro skrytý svazek + Zadejte heslo pro hlavičku uloženou v záložním souboru + Souborový klíč byl úspěšně vytvořen. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + VAROVÁNÍ: Hlavička tohoto svazku je poškozena! VeraCrypt automaticky použil zálohu hlavičky svazku umístěnou uvnitř svazku.\n\nMěli byste opravit hlavičku pomocí 'Nástroje' > 'Obnovit hlavičku svazku'. + Záloha hlavičky svazku byla úspěšně vytvořena.\n\nDŮLEŽITÉ: Obnovením hlavičky svazku s použitím této zálohy se také obnoví aktuální heslo pro svazek. Navíc, pokud je/jsou potřeba souborový klíč(e) pro připojení svazku, ten samý souborový klíč/e bude potřeba pro připojení svazku znovu, až bude hlavička opět vytvořena.\n\nVAROVÁNÍ: Tato záloha hlavičky svazku může být použita k obnovení JEN tohoto svazku. Pokud použijete tuto zálohu hlavičky k obnovení hlavičky jiného svazku, budete moci svazek připojit, ale NEBUDETE schopni dešifrovat jakákoliv data uložená na svazku (protože změníte jeho hlavní klíč). + Hlavička svazku byla úspěšně obnovena.\n\nDŮLEŽITÉ: Staré heslo mohlo být obnoveno také. Navíc, pokud byl v době zálohy potřeba k připojení svazku souborový klíč(e), stejný souborový klíč(e) bude nyní potřeba opětnému připojení svazku. + Z bezpečnostních důvodů musíte zadat ke svazku správné heslo (a dodat správné souborové klíče).\n\nPoznámka: Pokud svazek obsahuje skrytý svazek, budete muset nejdříve zadat správné heslo (a dodat správné souborové klíče) k vnějšímu svazku. Pak, pokud zvolíte zazálohovat hlavičku skrytého svazku, budete muset zadat správné heslo (a dodat správné souborové klíče) ke skrytému svazku. + Jste si jisti, že chcete vytvořit zálohu hlavičky svazku pro %s?\n\nJakmile kliknete na Ano, zadejte jméno souboru pro zálohu hlavičky.\n\nPoznámka: Hlavičky jak standardních, tak skrytých svazků budou pře-šifrovány použitím nového řetězce a uloženy v záložním souboru. Pokud se uvnitř tohoto svazku nenachází žádný skrytý svazek, místo určené pro hlavičku skrytého svazku v záložním souboru bude vyplněno náhodnými daty (k zachování hodnověrnosti popření). Při obnově hlavičky svazku ze záložního souboru budete muset zadat správné heslo (a dodat správné souborové klíče), které bylo platné při vytvoření zálohy hlavičky svazku. Heslo (a souborové klíče) automaticky určí, jaký typ hlavičky svazku se má obnovit, např. standardní nebo skrytý (VeraCrypt zjistí typ pomocí metody pokusu a omylu). + Opravdu chcete obnovit hlavičku svazku pro %s?\n\nUPOZORNĚNÍ: Obnovením hlavičky svazku obnovíte také jeho heslo, které bylo platné v době vytvoření zálohy. Pokud byl potřeba souborový klíč(e) k připojení svazku v době vytvoření zálohy, stejný souborový klíč(e) bude potřeba k opětovnému připojení svazku po obnovení hlavičky svazku.\n\nJakmile kliknete Ano, zvolte záložní soubor hlavičky. + Obsahuje svazek skrytý svazek? + Svazek obsahuje skrytý svazek + Svazek neobsahuje skrytý svazek + Zvolte, prosím, typ zálohy hlavičky svazku, který chcete použít: + Obnovit hlavičku svazku ze zálohy uložené v tomto svazku + Obnovit hlavičku svazku z externího záložního souboru + Velikost souboru se zálohou hlavičky svazku je nesprávná. + V tomto svazku není žádná vnořená záložní hlavička (pouze svazky vytvořené programem VeraCrypt 6.0 a vyšším obsahují vnořené zálohy hlaviček). + Pokoušíte se zazálohovat hlavičku systémového oddílu/disku. To není povoleno. Zálohovací/obnovovací operace týkající se systémového oddílu/disku mohou být provedeny pouze s použitím Záchranného disku VeraCrypt.\n\nChcete vytvořit Záchranný disk VeraCrypt? + Pokoušíte se obnovit hlavičku virtuálního svazku VeraCrypt, ale vybrali jste systémový oddíl/disk. To není povoleno. Zálohovací/obnovovací operace týkající se systémového oddílu/disku mohou být provedeny pouze s použitím Záchranného disku VeraCrypt.\n\nChcete vytvořit Záchranný disk VeraCrypt? + Po kliknutí na OK zvolíte soubor pro nový obraz Záchranného disku VeraCrypt a místo, kam ho chcete uložit. + Obraz Záchranného disku byl vytvořen a uložen v tomto souboru:\n%s\n\nNyní musíte vypálit obraz Záchranného disku na CD nebo DVD.\n\nDŮLEŽÍTÉ: Soubor musí být na CD/DVD zapsán jako obraz disku (ne jako samostatný soubor). Pro více informací, viz dokumentace k vašemu CD/DVD vypalovacímu softwaru.\n\nAž Záchranný disk vypálíte, vyberte 'Systém' > 'Ověřit záchranný disk', abyste zjistili, zda byl správně vypálen. + Obraz Záchranného disku byl vytvořen a uložen v tomto souboru:\n%s\n\nNyní musíte vypálit obraz Záchranného disku na CD nebo DVD.\n\nChcete nyní spustit program Microsoft Windows Disc Image Burner?\n\nPoznámka: Až Záchranný disk vypálíte, vyberte 'Systém' > 'Ověřit záchranný disk', abyste zjistili, zda byl správně vypálen. + Vložte, prosím, Záchranný disk VeraCrypt do vaší CD/DVD mechaniky a klikněte OK pro jeho ověření. + Záchranný disk VeraCrypt byl úspěšně ověřen. + Nelze ověřit, zda byl Záchranný disk správně vypálen.\n\nPokud jste Záchranný disk vypálili, vložte ho prosím znovu do CD/DVD mechaniky a zkuste to znovu. Pokud to nepomůže, zkuste jiný vypalovací software a/nebo médium.\n\nPokusíte-li se ověřit Záchranný disk VeraCrypt vytvořený pro jiný hlavní klíč, heslo apod., mějte na vědomí, že takovéto ověřování Záchranného disku selže vždy. Pro vytvoření nového Záchranného disku, který je plně kompatibilní s aktuální konfigurací, vyberte 'Systém' > 'Vytvořit Záchranný disk'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Chyba při vytváření Záchranného disku VeraCrypt. + Záchranný disk VeraCrypt nemůže být vytvořen, pokud běží skrytý operační systém.\n\nPro vytvoření Záchranného disku VeraCrypt nabootujte klamný operační systém a vyberte 'Systém' > 'Vytvořit Záchranný disk'. + Nelze ověřit, zda byl Záchranný disk správně vypálen.\n\nPokud jste Záchranný disk vypálili, vysuňte a znovu vložte CD/DVD; pak klikněte na Další a zkuste to znovu. Pokud to nepomůže, zkuste prosím jiné médium%s.\n\nPokud jste Záchranný disk ještě nevypálili, učiňte tak a klikněte na Další.\n\nPokud jste se pokusili ověřit VeraCrypt záchranný disk, který byl vytvořen ještě před tím, než jste spustili tohoto průvodce, vězte, že takový Záchranný disk nemůže být použit, protože byl vytvořen pro jiný hlavní klíč. Musíte vypálit nově vygenerovaný Záchranný disk. + a/nebo jiný CD/DVD vypalovací software + VeraCrypt - Oblíbené systémové svazky + Co jsou oblíbené systémové svazky? + Zdá se, že systémový oddíl/disk není zašifrován.\n\nOblíbené systémové svazky mohou být připojeny pouze s použitím před-bootovacího autentifikačního hesla. Abyste mohli používat oblíbené systémové svazky, musíte nejdříve zašifrovat systémový oddíl/disk. + Před pokračováním odpojte prosím svazek. + Chyba: Nelze nastavit časovač. + Zkontrolovat systém souborů + Opravit systém souborů + Přidat do oblíbených... + Přidat do systémových oblíbených... + V&lastnosti... + Skrytý svazek je chráněn + nedostupné + Ano + Ne + Vypnuto + 1 + 2 a více + Operační mód + Jmenovka: + Velikost: + Cesta: + Písmeno jednotky: + Chyba: Heslo musí obsahovat jen ASCII znaky.\n\nNe-ASCII znaky v hesle mohou způsobit nemožnost připojení svazku při změně vaší systémové konfigurace.\n\nPovoleny jsou následující znaky:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Upozornění: Heslo obsahuje ne-ASCII znaky. To může způsobit nemožnost připojení svazku při změně vaší systémové konfigurace.\n\nMěli byste zaměnit všechny ne-ASCII znaky v hesle za ASCII znaky. Klikněte 'Svazky' -> 'Změnit heslo svazku'.\n\nToto jsou ASCII znaky:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + VAROVÁNÍ: Důrazně doporučujeme, abyste se vyhnuli souborům s příponami spustitelných souborů (např. .exe, .sys, nebo .dll) a ostatním stejně problematickým příponám. Použití takovýchto přípon způsobuje, že Windows a antivirové programy ruší souborový svazek, což nepříznivě ovlivňuje výkonnost svazku a může také způsobit další závažné problémy.\n\nDůrazně doporučujeme, abyste příponu odstranili nebo ji změnili (například na '.hc').\n\nJste si jisti, že chcete použít problematickou příponu souboru? + VAROVÁNÍ: Tento souborový svazek má příponu souborů, které se používají jako spustitelné (např. .exe, .sys, or .dll) nebo má jinou problematickou příponu. Velmi pravděpodobně to způsobí, že Windows a antivirové programy budou rušit souborový svazek, což nepříznivě ovlivní výkonnost svazku a může také způsobit další závažné problémy.\n\nDůrazně doporučujeme, abyste příponu svazku po odpojení odstranili nebo ji změnili (např. na '.hc'). + Domovská stránka + UPOZORNĚNÍ: Zdá se, že jste nenainstalovali žádný Service Pack ve vaší instalaci Windows. Neměli byst zapisovat na IDE disky větší než 128 GB v systému Windows XP, ve kterém jste nenainstalovali Service Pack 1 nebo novější! Pokud tak učiníte, data na disku (bez ohledu na to, zda jde o svazek VeraCrypt nebo ne) se mohou poškodit. Jde o omezení Windows, ne chyba programu VeraCrypt. + UPOZORNĚNÍ: Zdá se, že jste nenainstalovali Service Pack 3 nebo novější ve vaší instalaci Windows. Neměli byste zapisovat na disky větší než 128 GB v systému Windows 2000, ve kterém jste nenainstalovali Service Pack 3 nebo novější! Pokud tak učiníte, data na disku (bez ohledu na to, zda jde o svazek VeraCrypt nebo ne) se mohou poškodit. Jde o omezení Windows, ne chyba programu VeraCrypt.\n\nPoznámka: Možná také bude potřeba zapnout podporu 48-bit LBA v registrech; pro více informací viz http://support.microsoft.com/kb/305098/EN-US + VAROVÁNI: Podpora 48-bit LBA ATAPI je na vašem systému zakázána. Proto byste neměli zapisovat na IDE disky větší než 128 GB! Pokud tak učiníte, data na disku (ať už je to VeraCrypt svazek nebo ne) se mohou poškodit. Jde o omezení Windows, ne programu VeraCrypt.\n\nPro povolení podpory 48-bit LBA, přidejte hodnotu 'EnableBigLba' do registrů v registry klíči HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters a udejte mu hodnotu 1.\n\nPro více informací viz http://support.microsoft.com/kb/305098 + Chyba: Soubory větší než 4 GB nemohou být uloženy na systému souborů FAT32. Proto nemohou být souborové svazky VeraCrypt - uložené na systému souborů FAT32 - větší než 4 GB.\n\nPokud potřebujete větší svazek, vytvořte ho na systému souborů NTFS (nebo, používáte-li Windows Vista SP1 a pozdější, na exFAT souborovém systému) nebo místo vytváření souborového svazku zašifrujte celý oddíl nebo zařízení. + Varování: Windows XP nepodporují soubory větší než 2048 GB (ohlásí, že "Není dostatek volného místa"). Z tohoto důvodu nemůžete pod Windows XP vytvořit souborový svazek VeraCrypt větší než 2048 GB.\n\nStále ale můžete ve Windows XP zašifrovat celý disk nebo vytvořit VeraCrypt svazek umístěný na oddílu, který bude větší než 2048 GB. + UPOZORNĚNÍ: Pokud budete chtít v budoucnu přidávat více dat/souborů na vnější svazek, měli byste zvážit, zda nevybrat menší velikost skrytého svazku.\n\nJste si jisti, že chcete pokračovat se zadanou velikostí? + Není vybrán žádný svazek.\n\nKlikněte 'Vybrat zařízení' nebo 'Vybrat soubor' pro výběr svazku VeraCrypt. + Nebyl vybrán žádný oddíl.\n\nKlikněte 'Vybrat zařízení' pro výběr odpojeného oddílu, který běžně vyžaduje před-bootovací autentifikaci (např. oddíl umístěný na zašifrovaném systémovém disku jiného operačního systému, který neběží nebo zašifrovaný systémový oddíl jiného operačního systému).\n\nPoznámka: Vybraný oddíl bude připojen jako běžný svazek VeraCrypt bez před-bootovací autentifikace. To je vhodné např. pro zálohování nebo opravy. + VAROVÁNÍ: Jsou-li zadány a povoleny předvolené souborové klíče, svazky, které nebudou tyto souborové klíče používat, nebude možné připojit. Proto jakmile povolíte předvolené souborové klíče, pamatujte na zrušení volby 'Používat souborové klíče' (pod místem, kde se zadává heslo) kdykoliv budete používat takové svazky.\n\nJste si jisti, že chcete uložit vybrané souborové klíče/cesty jako předvolené? + Autom. připojit zařízení + Odpojit vše + Vyčistit mezipaměť + Odpojit vše & vyčistit mezipaměť + Vynutit odpojení všech & Vyčistit mezipaměť + Vynutit odpojení všech, Vyčistit mezipaměť & Konec + Připojit oblíbené oddíly + Zobrazit/skrýt hlavní okno programu VeraCrypt + (Klikněte sem a stiskněte klávesu) + Akce + Klávesová zkratka + Chyba: Tato klávesová zkratka je rezervována. Vyberte prosím jinou klávesovou zkratku. + Chyba: Klávesová zkratka je již používána. + VAROVÁNÍ: Jedna nebo více VeraCrypt systémových klávesových zkratek nebude fungovat!\n\nUjistěte se, že další aplikace a operační systém nepoužívají stejné klávesové zkratky jako VeraCrypt. + Došlo k zabránění vytvoření stránkovacího souboru.\n\nKvůli problémům ve Windows nemohou být stránkovací soubory umístěny na nesystémových svazcích VeraCrypt (včetně oblíbených systémových svazků). VeraCrypt podporuje vytvoření stránkovacích souborů pouze na nezašifrovaných systémových oddílech/discích. + Chyba nebo nekompatibilita zabraňuje programu VeraCrypt zašifrovat hibernační soubor (slouží k uspání počítače). Uspávací režim byl proto zamezen.\n\nPoznámka: Když počítač přejde do režimu spánku (nebo se přepne do režimu úspory energie), obsah operační paměti je zapsán do hibernačního souboru uloženém na disku. VeraCrypt by nemohl zabránit uložení nezašifrovaných šifrovacích klíčů a obsahu citlivých souborů do souboru pro spací režim. + Hibernaci bylo zabráněno.\n\nVeraCrypt nepodporuje hibernaci na skrytých operačních systémech, které používají dodatečný oddíl pro bootování. Bootovací oddíl je sdílen jak klamným, tak skrytým systémem. Aby se předešlo úniku dat a problémům spojených s hibernací, VeraCrypt musí zabránit skrytému systému v zapisování do sdíleného bootovacího oddílu a v hibernování. + Svazek VeraCrypt připojený jako %c: byl odpojen. + Svazky VeraCrypt byly odpojeny. + Svazky VeraCrypt byly odpojeny a mezipaměť hesla byla pročištěna. + Úspěšně odpojeno + VAROVÁNÍ: Pokud je vypnuta VeraCrypt služba na pozadí, následující funkce budou vypnuty:\n\n1) Zkratkové klávesy\n2) Automatické odpojení (např. při odhlášení, nevratném odpojení zařízení, časové prodlevě apod)\n3) Automatické připojení oblíbených svazků\n4) Upozornění (např. při předejití poškození skrytého svazku)\n5) Ikona na hlavní liště\n\nPoznámka: Službu na pozadí můžete kdykoliv vypnout kliknutím pravým tlačítkem myši na ikonu VeraCryptu vpravo dole a vyberte 'Konec'.\n\nJste si jisti, že chcete natrvalo vypnout VeraCrypt službu na pozadí? + UPOZORNĚNÍ: Pokud je tato volba vypnuta, svazky obsahující otevřené soubory/adresáře nebude možné automaticky odpojit.\n\nJste si jisti, že chcete tuto volbu vypnout? + UPOZORNĚNÍ: Svazky obsahující otevřené soubory/adresáře NEBUDOU automaticky odpojeny.\n\nAbyste tomu zabránili, povolte následující volbu v tomto dialogovém okně: 'Vynutit automatické odpojení, i když svazek obsahuje otevřené soubory nebo adresáře' + VAROVÁNÍ: Pokud je v notebooku slabá baterie, Windows mohou při přechodu do spořícího režimu zapomenout poslat vhodnou zprávu běžícím aplikacím. V takových případech se může stát, že selže automatické odpojení VeraCrypt svazků. + Naplánovali jste proces zašifrování oddílu/svazku. Proces nebyl ještě dokončen.\n\nChcete nyní proces obnovit? + Naplánovali jste proces šifrování nebo dešifrování systémového oddílu/disku. Proces ještě nebyl dokončen.\n\nChcete začít (navázat) v procesu nyní? + Chcete být upozorněn, zda chcete pokračovat v naplánovaném procesu, který má zašifrovat nesystémové oddíly/svazky? + Ano, i nadále mě upozorňuj + Ne, již mě neupozorňuj + DŮLEŽITÉ: Mějte na paměti, že proces šifrování na nesystémových oddílech/svazcích můžete obnovit z hlavní obrazovky VeraCryptu přes 'Svazky' > 'Obnovit přerušený proces'. + Naplánovali jste proces šifrování nebo dešifrování systémového oddílu/disku. Před-bootovací autentifikace ale selhala (nebo byla vynechána).\n\nPoznámka: Pokud jste dešifrovali systémový oddíl/disk v před-bootovacím prostředí, bude možná nutné dokončit tento proces přes 'Systém' > 'Trvale dešifrovat systémový oddíl/disk' z hlavního menu okna programu VeraCrypt. + VAROVÁNÍ: Pokud bude nyní VeraCrypt ukončen, následující funkce budou vypnuty:\n\n1) Zkratkové klávesy\n2) Automatické odpojení (např. při odhlášení, nevratném odpojení zařízení, časové prodlevě apod)\n3) Automatické připojení oblíbených svazků\n4) Upozornění (např. při předejití poškození skrytého svazku)\n\nPoznámka: Pokud si nepřejete, aby byl VeraCrypt spuštěn na pozadí, vypněte VeraCrypt službu na pozadí v Předvolbách (a pokud je to nutné, vypněte i automatický start VeraCryptu, také v Předvolbách).\n\nChcete nyní opravdu ukončit VeraCrypt? + Ukončit? + VeraCrypt nemá dostatek informací, aby určil, zda má šifrovat nebo dešifrovat. + VeraCrypt nemá dostatečné informace pro stanovení, zda šifrovat nebo dešifrovat.\n\nPoznámka: Pokud jste dešifrovali systémový oddíl/disk v před-bootovacím prostředí, bude možná nutné dokončit proces kliknutím na Dešifrovat. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Chcete přerušit a odložit proces šifrování oddílu/svazku?\n\nPoznámka: Vězte, že svazek nemůže být připojen, dokud nebude úplně zašifrován. Proces šifrování budete moci obnovit, naváže tam, kde naposledy skončil. Můžete tak učinit přes lištu v hlavním okně VeraCryptu - 'Svazky' > 'Obnovit přerušený proces'. + Chcete přerušit a odložit proces šifrování systémového oddílu/disku?\n\nV procesu budete moci pokračovat z místa, kde byl zastaven. Můžete tak učinit kliknutím na 'Systém' > 'Obnovit přerušený proces' z hlavního menu v okně programu VeraCrypt. Chcete-li trvale ukončit nebo vrátit proces šifrování, vyberte 'Systém' > 'Trvale dešifrovat systémový oddíl/disk'. + Chcete přerušit a odložit proces dešifrování systémového oddílu/disku?\n\nV procesu budete moci pokračovat z místa, kde byl zastaven. Můžete tak učinit kliknutím na 'Systém' > 'Obnovit přerušený proces' z hlavního menu v okně programu VeraCrypt. Chcete-li zvrátit proces dešifrování (a začít šifrovat) vyberte 'Systém' > 'Zašifrovat systémový oddíl/disk'. + Chyba: Nepodařilo se přerušit proces šifrování/dešifrování systémového oddílu/disku. + Chyba: Proces čištění nemohl být přerušen. + Chyba: Nepodařilo se pokračovat v procesu šifrování/dešifrování systémového oddílu/disku. + Chyba: Nepodařilo se spustit proces čištění. + Nekonzistence vyřešena.\n\n\n(Pokud chcete ohlásit chybu ve spojitosti s touto událostí, přiložte prosím tuto technickou informaci do zprávy o chybě: %hs) + Chyba: Neočekávaný stav.\n\n\n(Pokud budete chtít nahlásit chybu spojenou s tímto problémem, nezapomeňte do zprávy přiložit následující technické informace:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + UPOZORNĚNÍ: VeraCrypt služba na pozadí je vypnuta. Po ukončení programu VeraCrypt nebudete upozorněni, zda bylo zabráněno poškození skrytého svazku.\n\nPoznámka: Službu na pozadí můžete kdykoliv zavřít kliknutím pravého tlačítka myši na ikonu programu VeraCrypt v pravém dolním rohu a vyberte 'Konec'.\n\nPovolit VeraCrypt službu na pozadí? + Verze jazykového balíčku: %s + Kontroluji systém souborů na svazku VeraCrypt připojeném jako %s… + Pokouším se opravit souborový systém na svazku VeraCrypt připojeném jako %s… + Varování: Tento svazek je zašifrováno odkazovaným šifrovacím algoritmem.\n\nVšechny 64-bit-blokové šifrovací algoritmy (např. Blowfish, CAST-128 nebo Triple DES) jsou neschválené. Tento svazek bude možné připojit použitím budoucí verze programu VeraCrypt. Nicméně nebudou žádná další vylepšení těchto odkazovaných šifrovacích algoritmů. Doporučujeme vám vytvořit nový VeraCrypt svazek zašifrovaný 128-bit-blokovým šifrovacím algoritmem (např. AES, Serpent, Twofish, apod.) a přesuňte všechny souboru z tohoto svazku do nového. + Váš systém není nakonfigurován k autom. připojení nových svazků. Může se stát, že svazky VeraCrypt umístěné na zařízeních nebude možné připojit. Autom. připojení může být povoleno spuštěním následujícího příkazu a restartování systému.\n\nmountvol.exe /E + Přiřaďte prosím písmeno jednotky oddílu/zařízení než budete pokračovat ('Ovládací panely' > 'Systém a údržba' > 'Administrativní nástroje' - 'Vytvořit a formátovat oddíly pevného disku').\n\nJde o požadavek operačního systému. + Připojit svazek VeraCrypt + Odpojit všechny svazky VeraCrypt + VeraCrypt nemohl získat Administrátorská práva. + Přístup byl odepřen operačním systémem.\n\nMožná příčina: Operační systém vyžaduje, abyste měli práva pro čtení/zápis (nebo administrátorská oprávnění) pro určité složky, soubory a zařízení, abyste mohli číst a zapisovat data do/z nich. Uživatel bez administrátorských oprávnění může běžně vytvářet, číst a měnit soubory ve své složce s dokumenty. + Chyba: Disk používá nepodporovanou velikost sektorů.\n\nV současné době není možné vytvořit oddíl/svazky na discích, které používají sektory větší než 4096 bajtů. Na těchto discích ale můžete vytvořit souborové svazky. + V současné době není možné zašifrovat systém, který je nainstalovaný na disku, který má jinou velikost sektorů než 512 bajtů. + Bootovací zavaděč VeraCryptu potřebuje alespoň 32 Kbytů neobsazeného místa na začátku systémového disku. + Tato volba není podporována ve verzi operačního systému, který právě používáte. + VeraCrypt nepodporuje šifrování systémového oddílu/disku ve verzi operačního systému, který právě používáte. + Než budete moci zašifrovat systémový oddíl/disk na Windows Vista, musíte nainstalovat Service Pack 1 nebo vyšší (žádný takovýto Service Pack nebyl na tomto systému zatím nainstalován).\n\nPoznámka: Service Pack 1 pro Windows Vista řeší problém se zmenšením volné paměti při nabíhání systému. + VeraCrypt na Windows Vista, kde není nainstalován žádný Service Pack, již nepodporuje šifrování systémových oddílů/disků. Před aktualizací VeraCryptu si prosím nainstalujte Service Pack 1 nebo vyšší. + Chyba: Tato vlastnost vyžaduje, aby byl VeraCrypt nainstalován na vašem systému (aktuálně běží VeraCrypt v přenosném módu).\n\nNainstalujte, prosím, VeraCrypt, a pak to zkuste znovu. + VAROVÁNÍ: Zdá se, že Windows nejsou nainstalovány na stejném disku, jako odkud se spouští. To není podporováno.\n\nMěli byste pokračovat pouze tehdy, pokud jste si jisti, že Windows jsou nainstalovány na disku, odkud bootují.\n\nChcete pokračovat? + Váš systémový disk obsahuje GUID tabulku oddílů (GPT). Momentálně jsou podporovány jen disky s MBR tabulkou oddílů. + VAROVÁNÍ: Bootovací zavaděč VeraCryptu je již na vašem systémovém disku nainstalován!\n\nJe možné, že jiný systém na vašem počítači je již zašifrován.\n\nVAROVÁNÍ: BUDETE-LI POKRAČOVAT V ŠIFROVÁNÍ NYNÍ BĚŽÍCÍHO SYTÉMU, OSTATNÍ SYSTÉM NEMUSÍ POTÉ NABĚHNOUT A JEJICH DATA MOHOU BÝT NEPŘÍSTUPNÁ.\n\nJste si jisti, že chcete pokračovat? + Obnovení původního systémového zavaděče selhalo.\n\nPoužijte prosím váš Záchranný disk VeraCrypt ('Volby opravy' > 'Obnovit původní systémový zavaděč') nebo instalační médium Windows a nahraďte bootovací zavaděč VeraCryptu systémovým zavaděčem Windows. + Původní systémový zavaděč nebude uložen na Záchranném disku (pravděpodobná příčina: chybějící záložní soubor). + Zápis do MBR sektoru selhal.\n\nVáš BIOS může mít nastavenu ochranu zápisu MBR sektoru. Zkontrolujte nastavení vašeho BIOSu (zmáčkněte klávesu F2, Delete nebo Esc po zapnutí vašeho počítače) ohledně MBR/antivirové ochrany. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + Požadovaná verze bootovacího zavaděče VeraCryptu není nainstalována. To může způsobit, že některé změny nebudou zapsány. + Poznámka: V některých případech se můžete snažit skrýt před nějakou osobou (protivník) fakt, že při startu počítače používáte VeraCrypt. Volba uvedená výše vám povolí upravit bootovací obrazovku VeraCryptu. Vyberete-li první možnost, nebudou při bootování zobrazeny žádné texty (ani když zadáte špatné heslo). Počítač bude při zadávání hesla vypadat jako by zamrznul. Navíc lze zobrazit libovolný text pro zmatení protivníka. Například falešná chybová hláška jako například "Chybějící operační systém" (která se normálně zobrazuje bootovacím zavaděčem Windows, pokud nenalezne žádný oddíl s Windows). Je potřeba ale zdůraznit, že pokud dokáže protivník analyzovat obsah disku, stále může zjistit, že obsahuje bootovací zavaděč VeraCryptu. + VAROVÁNÍ: Mějte prosím na paměti, že pokud zapnete tuto volbu, bootovací zavaděč VeraCryptu nezobrazí žádné texty (ani když zadáte špatné heslo). Počítač bude vypadat jako kdyby "zamrzl" (nereaguje) zatímco budete psát heslo (kurzor se NEBUDE hýbat a při stisku kláves se nezobrazí žádné hvězdičky).\n\nJste si jisti, že chcete zapnout tuto volbu? + Váš systémový oddíl/disk je již celý zašifrován. + VeraCrypt nepodporuje šifrování systémového disku, který byl převeden na dynamický disk. + Systémový disk obsahuje rozšířené (logické) oddíly.\n\nZašifrovat celý systémový disk, který obsahuje rozšířené (logické) oddíly, můžete pouze na Windows Vista a novějších verzích Windows. Ve Windows XP můžete zašifrovat celý systém pouze za předpokladu, že obsahuje pouze primární oddíly.\n\nPoznámka: Stále můžete zašifrovat systémový oddíl místo celého systémového disku (a navíc můžete vytvořit svazky VeraCryptu umístěné na celých ne-systémových oddílech na disku). + VAROVÁNÍ: Protože máte spuštěny Windows XP/2003, po spuštění šifrování disk, NESMÍTE na něm vytvořit žádný rozšířený (logický) oddíl (můžete vytvářet pouze primární oddíly). Jakýkoliv rozšířený (logický) oddíl na disku by byl po spuštění šifrování nepřístupný (disk teď žádné takové oddíly neobsahuje).\n\nPoznámka: Není-li toto omezení akceptovatelné, můžete se vrátit zpět a vybrat, že chcete zašifrovat pouze systémový oddíl místo celého disku (a navíc můžete vytvořit svazky VeraCryptu umístěné na celých ne-systémových oddílech na disku).\n\nPřípadně, pokud je toto omezení neakceptovatelné, zvažte upgrade na Windows Vista nebo novější verzi Windows (zašifrovat celý systémový disk, který obsahuje rozšířené/logické oddíly, můžete pouze na Windows Vista nebo novějším operačním systému). + Váš systémový disk obsahuje nestandardní oddíl.\n\nPokud používáte notebook, váš systémový disk pravděpodobně obsahuje speciální oddíl pro obnovu. Po zašifrování celého systémového disku (včetně oddílu pro obnovu) by se mohlo stát, že váš systém nenaběhne - pokud používá nesprávně navržený BIOS. Také by bylo nemožné používat jakýkoliv oddíl pro obnovu, dokud systém nebude dešifrován. Proto doporučujeme zašifrovat pouze tento systémový oddíl. + Chcete zašifrovat systémový oddíl místo celého disku?\n\nMůžete také vytvářet svazky VeraCrypt umístěné na discích v oddílech uvnitř nesystémových oddílů (jako doplněk šifrování celého systémového oddílu). + Protože váš systémový disk obsahuje pouze jeden oddíl, který zabírá celý disk, je vhodné (bezpečnější) zašifrovat celý disk včetně volného "odpadlého" místa, které běžně obklopuje takový oddíl.\n\nChcete zašifrovat celý systémový disk? + Váš systém je nakonfigurován tak, aby ukládal přechodné soubory na nesystémovém oddílu.\n\nPřechodné soubory mohou být uloženy pouze na systémovém oddílu. + Soubory vašeho uživatelského profilu nejsou uloženy na systémovém oddílu.\n\nTyto soubory mohou být uloženy pouze na systémovém oddílu. + Jeden nebo více stránkovacích souborů se nacházejí na nesystémových oddílech.\n\nStránkovací soubory mohou být uloženy pouze na systémovém oddílu. + Chcete nastavit Windows, aby byly stránkovací soubory vytvořeny pouze na oddílech s Windows?\n\nPokud zvolíte 'Ano', počítač bude restartován. Pak spusťte VeraCrypt a zkuste znovu vytvořit skrytý operační systém. + V opačném případě může být nepříznivě ovlivněna hodnověrnost popírání skrytého operačního systému.\n\nPoznámka: Pokud by nepřítel zanalyzoval obsah takových souborů (které jsou umístěny na nesystémových oddílech), mohl by zjistit, že jste použili tohoto průvodce pro vytvoření skrytého systému (což může naznačit přítomnost skrytého operačního systému na vašem počítači). Jakýkoliv takovýto soubor, uložený na systémovém oddílu, bude VeraCryptem bezpečně vymazán během procesu vytvoření skrytého operačního systému. + VAROVÁNÍ: Během procesu vytvoření skrytého operačního systému budete muset úplně přeinstalovat systém, který momentálně běží (abyste mohli bezpečně vytvořit klamný systém).\n\nPoznámka: Systém, který momentálně běží a celý obsah systémového oddílu bude zkopírován do skrytého svazku (aby byl vytvořen skrytý systém).\n\n\nJste si jisti, že budete moci nainstalovat Windows s použitím instalačního média Windows (nebo pomocí servisního oddílu)? + Pokud je nutné aktuální operační systém aktivovat, pak je potřeba jej z bezpečnostních důvodů aktivovat nyní, než budete pokračovat. Skrytý operační systém bude vytvořen zkopírováním obsahu systémového oddílu do skrytého svazku (pokud tedy tento operační systém není aktivovaný, skrytý operační systém také nebude aktivovaný). Pro více informací viz sekce "Bezpečnostní požadavky a opatření týkající se skrytých svazků" v uživatelské příručce VeraCryptu.\n\nDůležité: Před tím, než budete pokračovat, ujistěte se, že jste si přečetli sekci "Bezpečnostní požadavky a opatření týkající se skrytých svazků" v uživatelské příručce VeraCryptu.\n\n\nSplňuje systém, který momentálně běží, výše uvedené podmínky? + Váš systém používá další bootovací oddíl. VeraCrypt nepodporuje hibernaci na skrytých operačních systémech, které používají další bootovací oddíl (klamné systémy mohou být zhibernovány bez problémů).\n\nBootovací oddíl by byl sdílen jak klamným, tak skrytým operačním systémem. Aby nedošlo k úniku dat a problémům s obnovením hibernace, VeraCrypt musí zabránit skrytému systému, aby zapisoval do sdíleného bootovacího oddílu, a musí také zabránit hibernaci.\n\n\nChcete pokračovat? Pokud vyberete 'Ne', zobrazí se vám pokyny pro odstranění dodatečného bootovacího oddílu. + \nDodatečný bootovací oddíl může být před instalací Windows odstraněn. Abyste to mohli udělat, řiďte se následujícími kroky:\n\n1) Nabootujte váš instalační disk Windows.\n\n2) Na instalační obrazovce Windows klikněte na 'Nyní nainstalovat' > 'Volitelné (pokročilé)'.\n\n3) Klikněte na 'Volby disku'.\n\n4) Vyberte hlavní systémový oddíl a smažte ho kliknutím na 'Smazat' a 'OK'.\n\n5) Vyberte 'Rezervovaný systémový' oddíl, klikněte 'Rozšířit', a zvyšte jeho velikost, aby do něj mohl být nainstalován operační systém.\n\n6) Klikněte na 'Použít' a 'OK'.\n\n7) Nainstalujte Windows na 'Rezervovaný systémový' oddíl.\n\n\nPokud by se útočník ptal, proč jste odstranili dodatečný bootovací oddíl, můžete odpovědět, že jste chtěli předejít jakémukoliv možnému úniku dat do nezašifrovaného bootovacího oddílu.\n\nPoznámka: Tento text si můžete vytisknout kliknutím na tlačítko 'Tisknout' níže. Pokud si uschováte kopii tohoto textu nebo jej vytisknete (důrazně doporučujeme, pokud vaše tiskárna neukládá vytištěné dokumenty na svůj pevný disk ), měli byste zničit jakékoliv jeho kopie po odstranění dodatečného bootovacího svazku (pokud by se nalezla takováto kopie, mohla by naznačovat přítomnost skrytého svazku s operačním systémem). + Varování: Mezi systémovým oddílem a prvním oddílem za ním je nealokované místo. Po vytvoření skrytého operačního systému nesmíte vytvořit žádné nové oddíly v tomto nealokovaném prostoru. Jinak nebude možné spustit skrytý operační systém (dokud nesmažete takto nově vytvořené oddíly). + Systémové šifrování momentálně nepodporuje tento algoritmus. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Souborové klíče aktuálně nejsou podporovány pro šifrování systémů. + Varování: VeraCrypt nemohl obnovit původní nastavení klávesnice. To může způsobit, že heslo bude zadáno nesprávně. + Chyba: Nelze nastavit rozvržení klávesnice na typickou americkou klávesnici.\n\nHeslo musí být nastaveno v před-bootovacím prostředí (před startem Windows), kde nejsou ne-americké klávesnice k dispozici. Proto musí být heslo vždy nastaveno s použitím rozvržení kláves jako na americké klávesnici. + Protože VeraCrypt dočasně změnil nastavení klávesnice na standardní US rozmístění kláves, není možné psát znaky při stisknuté pravé klávese Alt. Většinu takových znaků ale můžete napsat stisknutím vhodných kláves při podržené klávese Shift. + VeraCrypt zabránil změně nastavení klávesnice. + Poznámka: Heslo bude nutné zadat v před-bootovacím prostředí (než se spustí Windows) kde nejsou k dispozici ne-US klávesnice. Proto musí být heslo vždy zadáno s použitím standardní US klávesnice. Je nutné zdůraznit, že nepotřebujete opravdovou US klávesnici. VeraCrypt automaticky zajistí, abyste mohli bezpečně zadat heslo (nyní a v před-bootovacím prostředí) i když nemáte pravou US klávesnici. + Před tím, než budete moci zašifrovat oddíl/disk, musíte vytvořit Záchranný disk VeraCrypt (VRD), který slouží k následujícím účelům:\n\n- Pokud dojde k poškození bootovacího zavaděče VeraCryptu, hlavního klíče nebo jiných kritických dat, s VRD je budete moci obnovit (stále ale budete muset uvést správné heslo).\n\n- Pokud dojde k poškození Windows a nenaběhnou, s pomocí VRD budete moci natrvalo dešifrovat oddíl/disk ještě před startem Windows.\n\n- VRD bude obsahovat přesnou zálohu obsahu první stopy na disku (která obvykle obsahuje systémový zavaděč nebo bootovacího manažera) a budete ji moci tím pádem obnovit.\n\nObraz disku Záchranného disku VeraCrypt v místě uvedeném níže. + Jakmile kliknete na OK, program Microsoft Windows Disc Image Burner bude spuštěn. Použijte ho, prosím, k vypálení obrazu Záchranného disku VeraCrypt na CD nebo DVD.\n\nAž tak učiníte, vraťte se do Průvodce vytvořením svazku VeraCrypt a pokračujte dle instrukcí. + Obraz záchranného disku byl vytvořen a uložen do tohoto souboru:\n%s\n\nTeď jej musíte vypálit na CD nebo DVD.\n\n%lsPo vypálení Záchranného disku klikněte na Další pro ověření, že byl vypálen správně. + Obraz záchranného disku byl vytvořen a uložen do tohoto souboru:\n%s\n\nNyní byste měli obraz disku buď vypálit na CD/DVD nebo jej přesunout do bezpečného umístění pro pozdější použití.\n\n%lsKlikněte na Další pro pokračování. + DŮLEŽITÉ: Soubor musí být na CD/DVD zapsán jako obraz disku (ne jako jeden soubor). Pro více informací viz dokumentace k vašemu softwaru pro vypalování CD/DVD. Pokud nevlastníte žádný CD/DVD vypalovací software, který umí zapisovat ISO obrazy disku na CD/DVD, klikněte níže na odkaz pro stažení softwaru zadarmo.\n\n + Spustit Microsoft Windows Disc Image Burner + VAROVÁNÍ: Pokud jste Záchranný disk VeraCrypt vytvořili již v minulosti, nemůže být znovu použit pro tento systémový oddíl/disk, protože byl vytvořen pro odlišný hlavní klíč! Pokaždé když zašifrujete systémový oddíl/disk, musíte pro něj vytvořit nový Záchranný disk VeraCrypt, i když použijete stejné heslo. + Chyba: Nelze uložit nastavení systémového šifrování. + Nelze načíst předtest systémového šifrování. + Nelze spustit proces vytváření skrytého operačního systému. + Čistící mód + Na některých úložných médiích mohou být data, která jsou přepsána jinými daty (např. když jsou data smazána), obnovena - s použitím technik jako např. magnetická mikroskopie. To se týká také dat, která jsou přepsána jejich zašifrovanou formou (což se děje, když VeraCrypt zašifrovává původně nezašifrovaný oddíl nebo disk). Podle některých studií a vládních publikací, obnovení dat se dá předejít (nebo to lze alespoň ztížit) přepsáním dat pseudonáhodnými a určitými ne-náhodnými daty, a to vícekrát. Pokud věříte, že by mohl váš protivník použít takovéto techniky k obnovení dat, která mají být smazána, zvažte použití jednoho z čistících módů (existující data NEBUDOU ztracena). Čištění NEBUDE provedeno po zašifrování oddílu/jednotky. Až bude oddíl/jednotka plně zašifrována, žádná další nezašifrovaná data na ní nebudou zapsána. Jakákoliv data na něj zapsaná, jsou nejprve zašifrována za běhu v paměti, a teprve potom jsou zašifrovaná data zapsána na disk. + Na některých úložných médiích mohou být data, která jsou přepsána jinými daty (např. když jsou data smazána), obnovena - s použitím technik jako např. magnetická mikroskopie. Podle některých studií a vládních publikací, obnovení dat se dá předejít (nebo to lze alespoň ztížit) přepsáním dat pseudonáhodnými a určitými ne-náhodnými daty, a to vícekrát. Pokud věříte, že by mohl váš protivník použít takovéto techniky k obnovení dat, která mají být smazána, zvažte použití jednoduchého nebo více-stopého módu mazání.\n\nPoznámka: Čím více stop použijete, tím déle bude vymazání dat trvat. + Čistím + \nPoznámka: Proces čištění můžete přerušit, vypnout počítač, spustit skrytý systém znovu a pak proces obnovit (tento průvodce se spustí automaticky). Pokud ho ale přerušíte, celý proces čištění bude muset začít od začátku. + \n\nPoznámka: Pokud proces čištění přerušte a pak se pokusíte o jeho obnovu, celý proces začne opět od začátku. + Chcete přerušit proces čištění? + Varování: Obsah celého oddílu/zařízení bude vymazán a ztracen. + Obsah celého oddílu, kde je umístěn původní systém, bude vymazán.\n\nPoznámka: Obsah celého oddílu, který má být vymazán, byl zkopírován do tohoto skrytého systémového svazku. + VAROVÁNÍ: Pokud zvolíte například 3-stopý mód čištění, čas potřebný k zašifrování oddílu/disku bude 4x delší. Velmi podobně, pokud zvolíte 35-stopý mód čištění, bude 36x delší (to může trvat i několik týdnů).\n\nČištění ale NEBUDE provedeno po plném zašifrování oddílu/disku. Když je oddíl/disk úplně zašifrován, nejsou do něj zapsána žádná nezašifrovaná data. Jakákoliv data na něj zapsaná jsou nejdříve za běhu zašifrována v paměti a teprve pak jsou data (zašifrovaná) zapsána na disk (výkonnost NEBUDE ovlivněna).\n\nJste si jisti, že chcete použít mód čištění? + Žádný (nejrychlejší) + 1-stopý (náhodná data) + 3-stopý (US DoD 5220.22-M) + 7-stopý (US DoD 5220.22-M) + 35-stopý ("Gutmann") + 256-stopý + Počet operačních systémů + VAROVÁNÍ: Nezkušení uživatelé by se nikdy neměli pokoušet zašifrovat Windows ve vícesystémové bootovací konfiguraci.\n\nPokračovat? + VeraCrypt podporuje vícesystémové bootování při vytvoření/použití skrytého operačního systému pouze za následujících podmínek:\n\n- Operační systém, který aktuálně běží, musí být nainstalován na bootovacím disku, který nesmí obsahovat žádné další operační systémy.\n\n- Operační systémy nainstalované na ostatních discích nesmí používat žádný bootovací zavaděč, který by byl umístěn na disku, kde je nainstalován systém, který nyní běží.\n\nJsou výše uvedené podmínky splněny? + VeraCrypt nepodporuje tuto více-bootovací konfiguraci, pokud vytváříte/používáte skryt operační systém. + Bootovací disk + Je momentálně běžící operační systém nainstalován na bootovacím disku?\n\nPoznámka: Někdy Windows nejsou nainstalovány na tom samém disku jako zavaděč Windows (bootovací oddíl). Je-li to tento případ, zvolte 'Ne'. + VeraCrypt momentálně nepodporuje šifrování operačního systému, který nebootuje z disku, kde je nainstalován. + Počet systémových disků + Kolik operačních systémů máte na discích?\n\nPoznámka: Např. pokud máte nainstalován libovolný operační systém (Windows, Mac OS X, Linux apod.) na primárním disku a nějaké další operační systémy nainstalované na sekundárním disku, zvolte '2 nebo více'. + VeraCrypt momentálně nepodporuje šifrování celého disku, který obsahuje více operačních systémů.\n\nMožná řešení:\n\n- Stále můžete zašifrovat jeden ze systémů, pokud se vrátíte a vyberete k zašifrování pouze jeden systémový oddíl (oproti šifrování celého systémového disku).\n\n- Eventuálně budete moci zašifrovat celý disk, přesunete-li některé ze systémů na jiné disky a ponecháte jen jeden systém na disku, který chcete zašifrovat. + Více systémů nebo jeden disk + Jsou na disku, kde běží momentálně operační systém, nainstalovány další operační systémy?\n\nPoznámka: Například pokud je nyní běžící operační systém nainstalován na disku #0, který obsahuje několik oddílů a pokud jeden z těchto oddílů obsahuje Windows a jiný oddíl obsahuje další operační systém (např. Windows, Mac OS X, Linux apod.), zvolte 'Ano'. + Non-Windows bootovací zavaděč + Je v MBR (hlavní spouštěcí záznam) nainstalován non-Windows bootovací zavaděč (nebo bootovací manažer)?\n\nPoznámka: Například pokud první stopa bootovacího disku obsahuje GRUB, LILO, XOSL nebo jiný non-Windows bootovací manažer (nebo bootovací zavaděč), vyberte 'ANO'. + Vícesystémové bootování + VeraCrypt momentálně nepodporuje konfiguraci vícesystémového bootování, kde je non-Windows bootovací zavaděč nainstalován v hlavním spouštěcím záznamu.\n\nMožná řešení:\n\n- Použijete-li bootovacího manažera pro spuštění Windows a Linux, přesuňte bootovacího manažera (většinou GRUB) z hlavního spouštěcího záznamu do oddílu. Pak spusťte tohoto průvodce znovu a zašifrujte systémový oddíl/disk. Bootovací zavaděč VeraCryptu se stane vaším hlavním bootovacím manažerem a dovolí vám spustit původního bootovacího manažera hned poté (stisknutím klávesy Esc na obrazovce Bootovacího manažera VeraCrypt) a díky tomu budete moci nabootovat z operačního systému Linux. + Je-li momentálně běžící systém nainstalován na bootovacím oddílu, po jeho zašifrování budete muset zadat správné heslo, i když budete chtít spustit jakýkoliv nezašifrovaný systém(y) Windows (budou sdílet stejný Bootovací zavaděč/manažer pro Windows).\n\nNaopak, pokud momentálně běžící operační systém není nainstalován na bootovacím oddíle (nebo pokud Bootovací zavaděč/manažer Windows není používán žádným jiným systémem), pak po zašifrování systému nebudete muset zadat správné heslo pro spuštění jiných nezašifrovaných systémů -- budete muset jen zmáčknout klávesu Esc pro spuštění nezašifrovaného systému (pokud je nezašifrovaných systémů více, budete muset také zadat, který se má spustit - v Bootovacím manažerovi VeraCrypt ).\n\nPoznámka: Běžně je na bootovacím oddíle nainstalován takový systém Windows, který byl nainstalován nejdříve. + Šifrování skryté chráněné oblasti + Na konci mnoha disků je oblast, která je běžně skryta operačnímu systému (takovéto oblasti se také říká skrytá chráněná oblast). Některé programy ale umí číst a zapisovat do/z těchto oblastí.\n\nVAROVÁNÍ: Někteří výrobci počítačů mohou tyto oblasti využívat k ukládání nástrojů a dat pro RAID, obnovu systému, nastavení systému, diagnostiku pro jiné účely. Pokud musí být takovéto nástroje nebo data přístupná před bootováním, skrytá oblast by NEMĚLA být zašifrována (výše vyberte 'NE').\n\nChcete, aby VeraCrypt detekoval a zašifroval takovouto skrytou oblast (pokud existuje) na konci systémového disku? + Typ systémového šifrování + Vyberte tuto volbu, pokud chcete pouze zašifrovat systémový oddíl nebo celý systémový disk. + Může se stát, že budete někým přinuceni dešifrovat operační systém. Je mnoho situací, kdy to nemůžete odmítnout (například vydírání). Pokud vyberete tuto možnost, vytvoříte skrytý operační systém, jehož existenci nebude možné prokázat (za předpokladu, že se budete řídit konkrétními pokyny). Tím pádem nebudete muset heslo prozradit nebo skrytý operační systém dešifrovat. Pro detailnější vysvětlení klikněte na odkaz níže. + Může se stát, že budete někým přinuceni dešifrovat operační systém. Je mnoho situací, kdy to nemůžete odmítnout (například vydírání).\n\nS použitím průvodce můžete vytvořit skrytý operační systém, jehož existenci nebude možné prokázat (za předpokladu, že se budete řídit konkrétními pokyny). Tím pádem nebudete muset heslo prozradit nebo skrytý operační systém dešifrovat. + Skrytý operační systém + V následujících krocích vytvoříte na prvním oddílu za systémovým oddílem dva svazky VeraCrypt (vnější a skrytý). Skrytý svazek bude obsahovat skrytý operační systém (OS). VeraCrypt vytvoří skrytý OS zkopírováním obsahu systémového oddílu (kde je momentálně nainstalován běžící OS) do skrytého svazku. Do vnějšího svazku zkopírujete nějaká citlivě vypadající data, která ve skutečnosti NECHCETE skrýt. Budou tam pro kohokoliv, kdo se vás přinutí přimět vyzradit heslo k oddílu se skrytým OS. Heslo k vnějšímu svazku můžete prozradit (přítomnost skrytého OS zůstane utajena).\n\nNa systémovém oddílu OS, který je momentálně spuštěn, nainstalujete nový OS, tzv. klamný OS, a zašifrujete ho. Nesmí obsahovat citlivá data a bude tam pro případ, že by vás někdo nutil vyzradit heslo k před-bootovací autentifikaci. Ve výsledku budete mít celkem 3 hesla. Dvě z nich mohou být vyzrazena (pro klamný OS a vnější svazek). Použijete-li třetí, spustí se skrytý OS. + Hledají se skryté sektory + Počkejte prosím, VeraCrypt zjišťuje možné skryté sektory na konci systémového disku. Tato operace může trvat delší dobu.\n\nPoznámka: Velmi zřídka, jen na některých počítačích, se může stát, že systém nebude odpovídat během tohoto procesu. Pokud se tak stane, restartujte počítač, spusťte VeraCrypt, opakujte předchozí kroky, ale přeskočte proces detekování skrytých sektorů. Tento problém není způsobem chybou v programu VeraCrypt. + Oblast k zašifrování + Vyberte tuto možnost, pokud chcete zašifrovat celý disk, na kterém je nainstalován aktuálně běžící systém Windows. Celý disk, včetně všech jeho oddílů, bude zašifrován, až na první stopu, kde bude umístěn bootovací zavaděč VeraCryptu. Kdokoliv, kdo by chtěl přistoupit k systému, který je nainstalován na disku, nebo k souborům uloženým na disku, bude muset zadat správné heslo pokaždé, než systém naběhne. Tato volba nemůže být použita pro zašifrování sekundárního nebo externího disku, pokud na něm nejsou nainstalovány Windows a nebootují z něj. + Sběr náhodných dat + Klíče vygenerovány + VeraCrypt nenalezl žádnou vypalovačku CD/DVD. VeraCrypt potřebuje vypalovačku CD/DVD, aby mohl vypálit Záchranný bootovací disk VeraCrypt, který obsahuje zálohu šifrovacích klíčů, bootovací zavaděč VeraCryptu, původní systémový zavaděč, apod.\n\nDůrazně doporučujeme Záchranný disk VeraCrypt vypálit. + Nemám žádnou CD/DVD vypalovačku, ale uložím si image Záchranného disku na vyjímatelný disk (např. USB flash disk). + CD/DVD vypalovačku připojím k počítači později. Proces nyní ukonči. + CD/DVD vypalovačka je nyní připojena k mému počítači. Pokračuj a zapiš Záchranný disk. + Postupujte následovně:\n\n1) Připojte k vašemu počítači odnímatelný disk, např. USB flash disk.\n\n2) Zkopírujte na něj obraz Záchranného disku VeraCrypt (%s) .\n\nV případě, že budete v budoucnu potřebovat Záchranný disk VeraCrypt, budete moci připojit váš vyjímatelný disk (který obsahuje obraz Záchranného disku VeraCrypt) k počítači s CD/DVD vypalovačkou a vytvoříte tak bootovatelný Záchranný disk VeraCrypt jeho vypálením na CD nebo DVD. DŮLEŽITÉ: Obraz Záchranného disku VeraCrypt musí být na CD/DVD zapsán jako ISO obraz disku (nikoliv jako samotný soubor). + Nahrávání záchranného disku + Záchranný disk vytvořen + Otestování systémového šifrování + Záchranný disk ověřen + \nZáchranný disk VeraCrypt byl úspěšně ověřen. Vyjměte jej nyní, prosím, z mechaniky a uložte na bezpečném místě.\n\nKlikněte Další pro pokračování. + VAROVÁNÍ: Během následujících kroků nesmí být Záchranný disk VeraCrypt v CD/DVD jednotce. Jinak nebude možné dokončit kroky v pořádku.\n\nVyjměte ho prosím z jednotky a umístěte ho na bezpečné místo. Pak potvrďte OK. + Varování: Vzhledem k technickým omezením před-bootovacího prostředí, text zobrazený programem VeraCrypt v před-bootovacím prostředí (např. před startem Windows) nemůže být přeložen. Uživatelské prostředí bootovacího zavaděče VeraCryptu je celé v angličtině.\n\nPokračovat? + Před zašifrováním vašeho systémového oddílu nebo disku potřebuje VeraCrypt ověřit, že vše pracuje správně.\n\nJakmile kliknete Testovat, všechny potřebné komponenty (např. před-bootovací autentifikační část, bootovací zavaděč VeraCryptu) budou nainstalovány a váš počítač restartován. Poté musíte zadat heslo bootovacího zavaděče VeraCryptu na stránce, která se objeví před startem Windows. Po startu Windows budete automaticky informováni o výsledku tohoto předtestu.\n\nNásledující zařízení bude pozměněno: Disk #%d\n\n\nVyberete-li nyní Zrušit, nic nebude nainstalováno a před-test nebude proveden. + DŮLEŽITÉ POZNÁMKY -- PŘEČTĚTE SI JE NEBO VYTISKNĚTE (klikněte na 'Tisknout'):\n\nŽádný ze souborů nebude zašifrován, dokud nerestartujete počítač a nenaběhnou Windows. Pokud tedy cokoliv selže, vaše data NEBUDOU ztracena. Pokud ale nastanou komplikace, můžete zaznamenat komplikace při startu Windows. Proto si pozorně přečtěte (a pokud možno vytiskněte) následující pokyny, které vám řeknou, co dělat v případě, když po restartu počítače Windows nemohou naběhnout.\n\n + Co dělat, když Windows nenaběhnou\n------------------------------------------------\n\nPoznámka: Tyto instrukce jsou platné pouze tehdy, pokud jste ještě nezačali s šifrováním.\n\n- Pokud Windows nenaběhnou poté, co jste zadali správné heslo (nebo pokud jste opakovaně zadali správné heslo, ale VeraCrypt vám říká, že heslo je neplatné), nepanikařte. Restartujte počítač (vypněte a zapněte jej) a na obrazovce bootovacího zavaděče VeraCryptu zmáčkněte klávesu Esc (a pokud máte více operačních systémů, zvolte, který má naběhnout). Potom by měly Windows naběhnout (za předpokladu, že nejsou již zašifrovány) a VeraCrypt se vás automaticky zeptá, zda chcete odinstalovat před-bootovací autentifikační komponentu. Předchozí kroky NEBUDOU fungovat, pokud je systémový oddíl/disk již zašifrovaný (nikdo nemůže bez správného hesla Windows spustit nebo přistupovat k zašifrovaným datům na disku, i když se budou řídit předešlými pokyny).\n\n + - Pokud předchozí kroky nepomohou nebo pokud se nezobrazí obrazovka bootovacího zavaděče VeraCryptu (před startem Windows), vložte do vaší CD/DVD mechaniky Záchranný disk TruCrypt a restartujte počítač. Pokud se neobjeví obrazovka Záchranného disku VeraCrypt (nebo pokud nevidíte na obrazovce Záchranného disku VeraCrypt položku 'Volby oprav' v sekci 'Ovládání klávesnice'), je možné, že váš BIOS je nakonfigurován tak, aby nejdříve bootoval z pevného disku. Pokud jde o tento případ, restartujte počítač, zmáčkněte klávesu F2 nebo Delete (jakmile uvidíte startovací obrazovku BIOSu), a počkejte, až se objeví obrazovka konfigurace BIOSu. Neobjeví-li se žádná obrazovka BIOSu, restartujte (resetujte) počítač znovu a opakovaně mačkejte klávesu F2 nebo Delete ihned po restartu počítače. Až se konfigurační obrazovka BIOSu objeví, nastavte ve vašem BIOSu, aby nejdříve bootoval z CD/DVD mechaniky (pro více informací viz dokumentace k vašemu BIOSu/základní desce nebo kontaktujte podporu svého dodavatele počítač). Pak restartujte váš počítač. Nyní byste již měli vidět obrazovku Záchranného disku VeraCrypt. Na této obrazovce vyberte 'Volby oprav' stisknutím klávesy F8. Z volby 'Volby oprav' v menu vyberte 'Obnovit původní systémový zavaděč'. Pak vyjměte CD/DVD disk z mechaniky a restartujte váš počítač. Windows by měly naběhnout normálně (za předpokladu, že nejsou zašifrovány).\n\n + Předchozí kroky NEBUDOU fungovat, pokud je již systémový oddíl/disk zašifrován (nikdo nemůže bez správného hesla Windows spustit nebo se dostat k datům na této jednotce, i když se držel předchozích kroků).\n\n\nI v případě, že ztratíte Záchranný disk VeraCrypt a útočník ho najde, on nebo ona NEBUDE moci dešifrovat systémový oddíl nebo disk bez správného hesla. + Před-testování dokončeno + Předtest byl úspěšně dokončen.\n\nVAROVÁNÍ: Vězte, že pokud dojde během šifrování dat za běhu k výpadku proudu, nebo pokud operační systém selže kvůli softwarové chybě nebo hardwarovému selhání, část dat bude poškozena nebo ztracena. Proto než začnete zašifrovávat, ujistěte se, že máte záložní kopie souborů, které chcete zašifrovat. Pokud je nemáte, zazálohujte je nyní (můžete kliknout na Odložit, zazálohovat soubory a pak znovu kdykoliv spustit VeraCrypt. Vyberte 'Systém' > 'Obnovit přerušený proces' pro spuštění šifrování).\n\nAž budete připraveni, klikněte na Zašifrovat. + Kdykoliv můžete kliknout na Pauzu nebo Odložit pro přerušení procesu šifrování nebo dešifrování. Můžete také opustit tohoto průvodce, restartovat nebo vypnout váš počítač a pak proces obnovit. Bude pokračovat z bodu, kde naposledy skončil. Aby nedošlo ke zpomalení, když systém nebo aplikace čtou nebo zapisují z/do systémového oddílu, VeraCrypt automaticky čeká, dokud nejsou data zapsána nebo přečtena (viz Status dole) a pak automaticky pokračuje v šifrování nebo dešifrování. + \n\nKdykoliv můžete kliknout na Pauzu nebo Odložit pro přerušení procesu šifrování nebo dešifrování. Můžete také opustit tohoto průvodce, restartovat nebo vypnout váš počítač a pak proces obnovit. Bude pokračovat z bodu, kde naposledy skončil. Svazek nemůže být připojen, dokud nebude úplně zašifrován. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Skrytý systém byl spuštěn + Původní systém + Windows vytváří na systémovém oddílu (většinou bez toho, aniž byste to věděli nebo odsouhlasili) různé soubory s logy, dočasné soubory apod. Také ukládá aktuální obsah RAM paměti do hibernačního a stránkovacího souboru, který je uložen na systémovém oddílu. Pokud by protivník analyzoval soubory uložené na oddílu, kde je původní systém (kde je skrytý systém klonem) uložen, mohl by například zjistit, že jste použili průvodce VeraCryptu pro vytvoření skrytého systémého svazku (což může naznačit existenci skrytého operačního systému na vašem počítači).\n\nAbyste předešli těmto problémům, VeraCrypt v příštích krocích bezpečně vymaže celý obsah oddílu, kde je uložen původní systém. A poté, aby bylo dosaženo hodnověrného popření, budete muset nainstalovat na tento oddíl nový systém a zašifrovat ho. Takto vytvoříte klamný systém a celý proces vytvoření skrytého operačního systému bude dokončen. + Skrytý operační systém byl úspěšně vytvořen. Než ho ale budete moci používat (a dosáhnout důvěryhodného popření), musíte bezpečně vymazat (s použitím VeraCryptu) celý obsah oddílu, kde je nainstalován operační systém, který je momentálně spuštěn. Než tak můžete učinit, musíte restartovat váš počítač a zadat na bootovací obrazovce VeraCryptu (která se objeví před startem Windows) před-bootovací autentifikační heslo ke skrytému operačnímu systému. Jakmile skrytý systém začne nabíhat, spustí se automaticky VeraCryptový průvodce.\n\nPoznámka: Pokud se teď rozhodnete ukončit proces vytvoření skrytého operačního systému, v procesu NEBUDETE moci pokračovat a skrytý systém NEBUDE přístupný (protože dojde k odstranění bootovacího zavaděče VeraCryptu). + Naplánovali jste proces vytvoření skrytého operačního systému. Proces nebyl ještě dokončen. Aby mohl být dokončen, musíte restartovat počítač a na obrazovce bootovacího zavaděče VeraCryptu (která se objeví před startem Windows) zadat heslo ke skrytému operačnímu systému.\n\nPoznámka: Pokud nyní přerušíte vytváření skrytého operačního systému, NEBUDETE jej moci obnovit. + Restartujte počítač a pokračujte + Natrvalo přerušit proces vytváření skrytého operačního systému + Nic nedělej a zeptej se znovu později + \nPOKUD MOŽNO SI VYTISKNĚTE TENTO TEXT (klikněte na 'Tisknout' níže).\n\n\nJak a kdy použít Záchranný disk VeraCrypt (Po zašifrování)\n-----------------------------------------------------------------------------------\n\n + I. Jak nabootovat ze Záchranného disku VeraCryptu\n\nPro spuštění Záchranného disku VeraCryptu jej vložte do CD/DVD mechaniky a restartujte počítač. Pokud se neobjeví obrazovka Záchranného disku VeraCrypt (nebo pokud nevidíte na obrazovce Záchranného disku VeraCrypt položku 'Volby oprav' v sekci 'Ovládání klávesnice'), je možné, že váš BIOS je nakonfigurován tak, aby nejdříve bootoval z pevného disku. Pokud jde o tento případ, restartujte počítač, zmáčkněte klávesu F2 nebo Delete (jakmile uvidíte startovací obrazovku BIOSu), a počkejte, až se objeví obrazovka konfigurace BIOSu. Neobjeví-li se žádná obrazovka BIOSu, restartujte (resetujte) počítač znovu a opakovaně mačkejte klávesu F2 nebo Delete ihned po restartu počítače. Až se konfigurační obrazovka BIOSu objeví, nastavte ve vašem BIOSu, aby nejdříve bootoval z CD/DVD mechaniky (pro více informací viz dokumentace k vašemu BIOSu/základní desce nebo kontaktujte podporu svého dodavatele počítač). Pak restartujte váš počítač. Nyní byste již měli vidět obrazovku Záchranného disku VeraCrypt. Poznámka: Na obrazovce Záchranného disku VeraCryptu můžete vybrat 'Volby oprav' stisknutím klávesy F8.\n\n\n + II. Jak a kdy použít Záchranný disk VeraCrypt (Po zašifrování)\n\n + 1) Pokud se po startu počítače neobjeví obrazovka bootovacího zavaděče VeraCrypt (nebo pokud nenaběhnou Windows), bootovací zavaděč VeraCryptu může být poškozený. S pomocí Záchranného disku VeraCrypt ho můžete obnovit a tím získat opět přístup k zašifrovanému systému a datům (stále ale budete muset zadat správné heslo). Na obrazovce Záchranného disku VeraCrypt vyberte 'Volby oprav' > 'Obnovit bootovací zavaděč VeraCryptu'. Pak stiskněte 'Y' pro potvrzení volby, vyjměte Záchranný disk z CD/DVD jednotky a restartujte váš počítač.\n\n + 2) Pokud opakovaně zadáte správné heslo, ale VeraCrypt říká, že je heslo neplatné, hlavní klíč nebo jiná kritická data mohou být poškozena. Se Záchranným diskem VeraCrypt je můžete opravit a tím získat opět přístup k zašifrovaným datům a systému (stále ale budete muset zadat správné heslo). Na obrazovce Záchranného disku vyberte 'Volby oprav' > 'Obnovit klíčová data'. Pak zadejte vaše heslo a stiskněte 'Y' pro potvrzení volby, vyjměte Záchranný disk z CD/DVD jednotky a restartujte váš počítač.\n\n + 3) Pokud je bootovací zavaděč VeraCryptu poškozený, můžete se vyhnout jeho spuštění bootovaním přímo ze Záchranného disku VeraCrypt. Vložte váš Záchranný disk do CD/DVD mechaniky a pak na jeho obrazovce zadejte heslo.\n\n + 4) Pokud jsou Windows poškozeny a nenabíhají, s pomocí Záchranného disku VeraCrypt můžete před spuštěním Windows dešifrovat oddíl/disk. Na obrazovce Záchranného disku vyberte 'Volby oprav' > 'Natrvalo dešifrovat systémový oddíl/disk'. Zadejte správné heslo, a počkejte na dokončení dešifrování. Pak můžete například nabootovat vaše instalační CD/DVD pro MS Windows a instalaci Windows opravit.\n\n + Poznámka: Popřípadě, pokud jsou Windows poškozené (nenabíhají) a vy je potřebujete opravit (nebo se dostat k nějakému souboru), můžete se vyhnout dešifrování systémového oddílu/disku pomocí následujících kroků: Pokud máte na počítači nainstalovaných více operačních systémů, spusťte ten, který nevyžaduje před-bootovací autentifikaci. Pokud nemáte na vašem počítači nainstalovaných více operačních systémů, můžete nabootovat WinPE nebo BartPE CD/DVD nebo můžete připojti váš systémový disk jako sekundární nebo externí disk k jinému počítači a pak spustit operační systém instalovaný na daném počítači. Až systém spustíte, spusťte VeraCrypt a klikněte na 'Vybrat zařízení', vyberte zmíněný systémový oddíl, klikněte na 'OK', vyberte 'Systém' > 'Připojit bez před-bootovací autentifikace', zadejte před-bootovací autentifikační heslo a klikněte na 'OK'. Oddíl bude připojen jako běžný svazek VeraCrypt (data budou za běhu dešifrována/zašifrována v paměti RAM, jako obvykle).\n\n\n + I když ztratíte váš Záchranný disk VeraCrypt a útočník ho najde, on nebo ona NEBUDE moci systémový oddíl nebo disk bez správného hesla dešifrovat. + \n\nD Ů L E Ž I T É -- VYTISKNĚTE SI TENTO TEXT (klikněte na 'Tisk' níže).\n\n\nPoznámka: Tento text bude automaticky zobrazen pokaždé, když spustíte skrytý systém, dokud nespustíte klamný systém.\n\n\n + Jak vytvořit klamný systém bezpečně a spolehlivě\n----------------------------------------------------------------------------\n\nAby bylo možné dosáhnout hodnověrného popření, musíte teď vytvořit klamný operační systém. Pokračujte dle následujících kroků:\n\n + 1) Z bezpečnostních důvodu vypněte váš počítač a nechte ho vypnutý alespoň na pár minut (čím déle, tím lépe). Je to nutné, aby se vyčistila paměť, která obsahuje citlivá data. Pak zapněte počítač, ale nebootujte do skrytého systému.\n\n + 2) Nainstalujte Windows do oddílu, jehož obsah byl smazán (např. do oddílu, kde byl nainstalován původního systému a jehož klonem je skrytý systém).\n\nDŮLEŽITÉ: KDYŽ SPUSTÍTE INSTALACI NA KLAMNÉM SYSTÉMU, SKRYTÝ SYSTÉM *NEBUDE* MOŽNÉ SPUSTIT (protože bootovací zavaděč VeraCryptu bude smazán zavaděčem systému Windows). TOTO CHOVÁNÍ JE V POŘÁDKU. NEPANIKAŘTE, PROSÍM. SKRYTÝ SYSTÉM BUDETE MOCI SPUSTIT ZNOVU, JAKMILE ZAČNETE ZAŠIFROVÁVAT KLAMNÝ OPERAČNÍ SYSTÉM (protože VeraCrypt pak hned nainstaluje na systémový disk bootovací zavaděč VeraCryptu).\n\nDůležité: Velikost systémového svazku klamného systému musí být stejná jako velikost skrytého svazku (tato podmínka je nyní splněna). Navíc nemusíte vytvářet žádné další oddíly mezi oddílem klamného systému a oddílem, kde je umístěn skrytý systém.\n\n + 3) Spusťte klamný systém (který jste nainstalovali v kroku 2 a do nějž jste nainstalovali Veracrypt).\n\nMějte na paměti, že klamný operační systém nesmí nikdy obsahovat citlivá data.\n\n + 4) Spusťte VeraCrypt na klamném systému a vyberte 'Systém' > 'Zašifrovat systémový oddíl/disk'. Měl by se objevit Průvodce vytvořením svazku VeraCrypt.\n\nNásledující kroky se týkají Průvodce vytvořením svazku VeraCrypt.\n\n + 5) V Průvodci vytvořením svazku VeraCrypt NEVYBÍREJTE 'Skrytou' volbu. Ponechte volbu na 'Normální' a klikněte na 'Další'.\n\n + 6) Vyberte volbu 'Zašifrovat systémový oddíl Windows' a klikněte na 'Další'.\n\n + 7) Pokud je na vašem počítač nainstalován pouze skrytý a klamný systém, vyberte variantu 'Jednoduché bootování' (pokud máte na počítači více systémů, vyberte 'Více systémů při bootování'). Pak klikněte na 'Další'.\n\n + 8) DŮLEŽITÉ: V tomto kroku MUSÍTE VYBRAT PRO KLAMNÝ SYSTÉM STEJNÝ ŠIFROVACÍ ALGORITMUS A HASHOVACÍ ALGORITMUS, KTERÝ JSTE VYBRALI PRO SKRYTÝ SYSTÉM! JINAK BUDE SKRYTÝ SYSTÉM NEPŘÍSTUPNÝ! Jinými slovy, klamný systém musí být zašifrován stejným šifrovacím algoritmem jako skrytý systém. Poznámka: Důvodem je fakt, že klamný systém a skrytý systém sdílí stejný bootovací zavaděč, což je podporováno pouze jedním algoritmem, který vybere uživatel (pro každý algoritmus existuje speciální verze bootovacího zavaděče VeraCryptur).\n\n + 9) V tomto kroku vyberte heslo pro klamný operační systém. Půjde o heslo, které budete moci odhalit případnému protivníkovi, pokud se vás bude snažit přinutit vyzradit před-bootovací autentifikační heslo (druhé heslo, které můžete prozradit je to, které patří k vnějšímu svazku). Existence třetího hesla (např. před-bootovací autentifikační heslo) zůstane utajena.\n\nDůležité: Heslo, pro klamný systém musí být naprosto odlišné od toho, které si zvolíte ke skrytému svazku (např. pro skrytý operační systém).\n\n + 10) Postupujte podle zbylých instrukcí v průvodci k dokončení zašifrování klamného operačního systému.\n\n\n\n + Po vytvoření klamného systému\n------------------------------------------------\n\nJakmile klamný systém zašifrujete, celý proces vytvoření skrytého operačního systému bude dokončen a vy budete již moci používat tyto tři hesla:\n\n1) Před-bootovací autentifikační heslo pro skrytý operační systém.\n\n2) Před-bootovací autentifikační heslo pro klamný operační systém.\n\n3) Heslo pro vnější svazek.\n\n + Pokud chcete spustit skrytý operační systém, musíte již pouze zadat heslo pro skrytý OS - na obrazovce bootovacího zavaděče VeraCryptu (která se objeví po spuštění nebo restartu počítače).\n\nPokud chcete spustit operační klamný operační systém, musíte již pouze zadat heslo pro klamný OS - na obrazovce bootovacího zavaděče VeraCryptu.\n\nHeslo pro klamný operační systém může být prozrazeno komukoliv, kdo by se ho z vás snažil dostat násilím. Existence skrytého svazku (a skrytého operačního systému) zůstane skryta.\n\n + Třetí heslo (pro vnější svazek) může být prozrazeno komukoliv, kdo by se snažil získat heslo k prvnímu oddílu za systémovým oddílem, kde jsou umístěny jak vnější svazek, tak i svazek skrytý (ten obsahuje skrytý operační systém). Existence skrytého svazku (a skrytého operačního systému) zůstane utajena.\n\n\n + Pokud jste odhalili protivníkovi heslo ke klamnému systému, a on se vás zeptá, proč je volné místo na oddílu klamného systému zaplněno náhodnými daty, můžete odpovědět např.: "Oddíl původně obsahoval zašifrovaný systémový svazek zašifrovaný VeraCryptem, ale já jsem zapomněl před-bootovací autentifikační heslo (nebo byl systém poškozen a přestal nabíhat), takže jsem musel celý systém Windows přeinstalovat a zašifrovat oddíl znovu."\n\n\n + Pokud jste se řídili všemi instrukcemi, požadavky a opatřeními uvedenými v sekci "Bezpečnostní požadavky a opatření týkající se skrytých svazků" v uživatelské příručce VeraCryptu, mělo by být nemožné prokázat, že existuje skrytý svazek a skrytý operační systém, i když bude připojen vnější svazek nebo když by byl klamný operační systémem dešifrován nebo spuštěn.\n\nPokud si uložíte kopii tohoto textu nebo si ji uložíte (důrazně doporučujeme, pokud náhodou vaše tiskárna neukládá vytištěné dokumenty do své paměti), měli byste jakékoliv takové kopie zničit poté, co klamný systém vytvoříte a pochopíte všechny informace, které jsou v textu uvedené (v opačném případě, pokud by někdo takovou kopii nalezl, mohl by to být náznak toho, že se na vašem počítači nachází skrytý operační systém).\n\n + VAROVÁNÍ: POKUD NEOCHRÁNÍTE SKRYTÝ SVAZEK (pro více informací, viz sekce "Ochrana skrytých svazků proti poškození" v uživatelské příručce VeraCrypt), NEZAPISUJTE DO VNĚJŠÍHO SVAZKU (klamný operační systém NENÍ nainstalován ve vnějším svazku). JINAK SI MŮŽETE PŘEPSAT A POŠKODIT SKRYTÝ SVAZEK (A SKRYTÝ OPERAČNÍ SYSTÉM UVNITŘ)! + Klonování operačního systému + V následujícím kroku vytvoří VeraCrypt skrytý operační systém tak, že zkopíruje obsah systémového oddílu do skrytého svazku (kopírovaná data budou zašifrována za běhu jiným šifrovacím klíčem, než je ten, co se používá pro klamný operační systém).\n\nProces bude proveden v před-bootovacím prostředí (než se Windows spustí) a může to trvat delší dobu; několik hodin nebo dokonce několik dní (záleží na velikosti systémového oddílu a na výkonu vašeho počítače).\n\nBudete moci proces přerušit, vypnout počítač a pak spustit operační systém a pokračovat v procesu. Pokud ho ale přerušíte, celý proces kopírování systému bude spuštěn úplně od začátku (protože obsah systémového oddílu se nesmí během klonování změnit). + Chcete zrušit celý proces vytváření skrytého operačního systému?\n\nPoznámka: NEBUDETE moci pokračovat, pokud ho nyní zrušíte. + Chcete zrušit před-testování šifrování systému? + Předběžná zkouška zašifrování systému selhala. Chcete to zkusit znovu?\n\nVyberete-li 'Ne', před-bootovací autentifikační komponenta bude odinstalována.\n\nPoznámka:\n\n- Pokud vás bootovací zavaděč VeraCryptu nevyzval k zadání hesla před startem Windows, je možné, že vás operační systém nebootuje z disku, na kterém je nainstalován. To není podporováno.\n\n- Pokud jste použili jiný šifrovací algoritmus než AES a předběžná zkouška selhala (a vy jste zadali heslo), může to být způsobeno nevhodně navrženým ovladačem. Vyberte 'Ne' a zkuste systémový oddíl/jednotku znovu zašifrovat, ale použijte šifrovací algoritmus AES (který má nejmenší nároky na paměť).\n\n- Pro zjištění, jaké jsou další možné příčiny a řešení, viz: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + Systémový oddíl/disk pravděpodobně není zašifrován (ani částečně ani plně). + Váš systémový oddíl/disk je zašifrován (částečně nebo plně).\n\nPřed pokračováním celý systémový oddíl/disk nejdříve dešifrujte. Pokud tak chcete učinit, zvolte 'Systém' > 'Trvale dešifrovat systémový oddíl/disk' z menu hlavního okna programu VeraCrypt. + Je-li systémový oddíl/disk zašifrován (částečně nebo úplně), nemůžete snížit verzi VeraCryptu (ale můžete jej aktualizovat nebo přeinstalovat stejnou verzi). + Váš systémový oddíl/disk je momentálně zašifrováván/dešifrováván nebo jinak pozměňován. Před pokračováním zrušte proces šifrování/dešifrování/pozměňování (nebo počkejte na jeho dokončení). + Na tomto systému již běží jiná instance Průvodce vytvořením svazku VeraCrypt a provádí nebo připravuje šifrování/dešifrování systémového oddílu/disku. Než budete pokračovat, počkejte, prosím, až skončí nebo jej zavřete. Pokud jej nemůžete zavřít, restartujte nejdříve váš počítač a pak pokračujte. + Proces šifrování nebo dešifrování systémového oddílu-disku nebyl dokončen. Počkejte, prosím, než bude dokončen. + Chyba: Proces šifrování oddílu/disku nebyl dokončen. Nejdříve je nutné jej dokončit. + Chyba: Proces šifrování oddílu/svazku nebyl dokončen. Nejdříve musí skončit. \n\nPoznámka: Pro pokračování procesu vyberte 'Svazky' > 'Obnovit přerušený proces' z menu nabídky hlavního okna VeraCryptu. + Heslo je správné, VeraCrypt úspěšně dešifrovat hlavičku svazku a zjistil, že tento svazek je skrytý operační systém. Avšak hlavička skrytého systémového svazku nemůže být takto změněna.\n\nPro změnu hesla skrytého systémového svazku nabootujte operační systém, který je umístěn ve skrytém svazku a pak vyberte 'Systém' > 'Změnit heslo' z lišty hlavního okna programu VeraCrypt.\n\nPro zadání hlavičkového klíče derivačního algoritmu nabootujte skrytý operační systém a pak vyberte 'Systém' > 'Zadat hlavičku klíče derivačního algoritmu'. + VeraCrypt nepodporuje okamžité dešifrování skrytého systémového oddílu.\n\nPoznámka: Chcete-li dešifrovat oddíl klamného operačního systému, nabootujte klamný operační systém a vyberte 'Systém' > 'Trvale dešifrovat systémový oddíl/disk' z lišty hlavního okna programu VeraCrypt. + Chyba: Nesprávný/neplatný parametr. + Vybrali jste oddíl nebo zařízení, ale zvolený průvodce je vhodný pouze pro souborové svazky.\n\nChcete změnit mód průvodce? + Chcete místo toho vytvořit souborový svazek VeraCrypt? + Vybrali jste systémový oddíl/jednotku (nebo bootovací oddíl), ale průvodce, kterého jste vybrali, je vhodný pouze pro nesystémové oddíly/jednotky.\n\nChcete nastavit před-bootovací autentifikaci (což znamená, že budete muset zadávat heslo při každém startu Windows) a zašifrovat systémový oddíl/jednotku? + Jste si jisti, že chcete trvale dešifrovat systémový oddíl/disk? + VAROVÁNÍ: Pokud trvale dešifrujete systémový oddíl/disk, budou na něj zapsána nezašifrovaná data.\n\nJste si opravdu jisti, že chcete trvale dešifrovat systémový oddíl/disk? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Varování: Použijete-li k zašifrování systému kaskádu šifer, můžete zaznamenat následující problémy:\n\n1) Bootovací zavaděč VeraCryptu je větší než obvykle, a proto není v prvním stopě disku dostatek místa pro zálohu bootovacího zavaděče VeraCryptu. Proto, pokud dojde k jeho poškození, (což se stává často, například při nevhodně navržené aktivaci protipirátské ochrany určitých programů), budete muset použít Záchranný disk VeraCrypt pro nabootování a opravě bootovacího zavaděče VeraCryptu.\n\n2) Na některých počítačích trvá obnovení z hibernace delší dobu.\n\nTěmto případným problémům můžete předejít, pokud vyberete nekaskádový šifrovací algoritmus (např. AES).\n\nJste si jisti, že chcete použít kaskádu šifer? + Zaznamenáte-li některé z popisovaných problémů, dešifrujte oddíl/disk (pokud je zašifrovaný) a pak jej zkuste zašifrovat znovu použitím ne-kaskádového šifrovacího algoritmu (např. AES). + VAROVÁNÍ: Z bezpečnostních důvodů byste měli aktualizovat VeraCrypt na klamném operačním systému před jeho aktualizací na skrytém operačním systému.\n\nAbyste tak učinili, nastartujte klamný operační systém a spusťte z něj instalátor programu VeraCrypt. Poté nastartujte skrytý systém a z něj také spusťte instalátor.\n\nPoznámka: Klamný operační systém a skrytý systém sdílejí jednotný bootovací zavaděč. Pokud jste aktualizovali VeraCrypt jen na skrytém systému (ale ne na klamném systému), klamný systém bude obsahovat ovladač programu VeraCrypt a VeraCrypt aplikace, jejichž verze budou rozdílné od Bootovacího zavaděče VeraCryptu. Takovýto rozpor by mohl být signálem, že je na vašem počítači skrytý operační systém.\n\n\nChcete pokračovat? (Nedoporučeno.) + Verze Bootovacího zavaděče VeraCryptu, který startoval tento operační systém, je jiná než ovladače VeraCrypt (a aplikace VeraCrypt) instalované na tomto systému.\n\nMěli byste spustit instalátor VeraCrypt (jehož verze je ta samá jako ta, která je v Bootovacím zavaděči VeraCryptu) pro aktualizaci programu VeraCrypt na tomto operačním systému. + Verze bootovacího zavaděče VeraCryptu, který spustil tento operační systém, je jiná, než verze ovladače VeraCryptu (a VeraCrypt aplikací) instalovaného na tomto systému. Starší verze mohou obsahovat chyby, které jsou opraveny v novějších verzích.\n\nPokud jste nebootovali ze Záchranného disku VeraCrypt, měli byste přeinstalovat VeraCrypt nebo jej aktualizovat na nejnovější stabilní verzi (bootovací zavaděč bude aktualizován také).\n\nPokud jste bootovali ze Záchranného disku VeraCrypt, měli byste jej aktualizovat ('Systém' > 'Vytvořit záchranný disk'). + Bootovací zavaděč VeraCryptu byl aktualizován.\n\nDůrazně doporučujeme vytvořit nový Záchranný disk VeraCrypt (který bude obsahovat novou verzi Bootovacího zavaděče VeraCryptu) přes 'Systém' > 'Vytvořit záchranný disk' po restartu počítače. + Bootovací zavaděč VeraCryptu byl aktualizován.\n\nDůrazně doporučujeme nabootovat klamný operační systém a vytvořit nový Záchranný disk VeraCrypt (který bude obsahovat novou verzi Bootovacího zavaděče VeraCryptu) vybráním 'Systém' > 'Vytvořit záchranný disk'. + Aktualizace bootovacího zavaděče VeraCryptu selhala. + VeraCrypt nemohl zjistit opravdovou velikost systémového disku, a proto použije velikost zjištěnou operačním systémem (což může být méně než opravdová velikost). Nejde o chybu v programu VeraCrypt. + VAROVÁNÍ: Zdá se, že VeraCrypt se již pokusil detekovat skryté sektory na tomto systémovém disku. Pokud jste zaznamenali jakékoliv problémy během předchozího detekčního procesu, můžete se nyní vyhnout těmto problémům přeskočením detekčního procesu skrytých sektorů. Pokud tak učiníte, VeraCrypt použije velikost určenou operačním systémem (která může být menší než opravdová velikost disku).\n\nToto chování není způsobenou chybou v programu VeraCrypt. + Přeskočit vyhledávání skrytých sektorů (použít velikost určenou systémem) + Zkusit znovu vyhledat skryté sektory + Chyba: Obsah jednoho nebo více sektorů na disku nemůže být přečten (pravděpodobně kvůli fyzickému poškození).\n\nProces okamžitého zašifrování může pokračovat pouze tehdy, když budou sektory opět čitelné. VeraCrypt se může pokusit změnit jejich čitelnost tím, že do nich zapíše nuly (následně všechny nulové bloky budou zašifrovány). Všechna data uložená v nečitelných sektorech tím ale budou ztracena. Pokud se tomu chcete vyhnout, můžete se pokusit opravit části poškozených dat použitím nástroje někoho jiného.\n\nPoznámka: V případě fyzického poškození sektorů (oproti obyčejnému poškození dat a chybě kontrolních součtů) se většina zařízení snaží interně přemístit tyto sektory, pokud je učiněn pokus o zápis do nich (aby existující data v poškozených sektorech zůstala nezašifrována).\n\nChcete, aby VeraCrypt zapsal nuly do nečitelných sektorů? + Chyba: Obsah jednoho nebo více sektorů na disku nemůže být přečten (pravděpodobně kvůli fyzickému poškození).\n\nAbyste mohli pokračovat s dešifrováním, VeraCrypt bude muset zničit obsah nečitelných sektorů (obsah bude vyplněn náhodnými daty). Mějte prosím na paměti, že před pokračováním se můžete ještě pokusit opravit části poškozených dat pomocí nějakého nástroje třetí strany.\n\nChcete, aby VeraCrypt nyní zničil data v nečitelných sektorech? + Poznámka: VeraCrypt nahradil obsah %I64d nečitelných sektorů (%s) šifrovanými nulovými bloky s nešifrovaným textem. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Zadejte heslo/PIN pro token '%s': + Aby mohl VeraCrypt přistupovat k bezpečnostnímu tokenu nebo smart kartě, potřebujete nejdříve pro token/smart kartu vybrat softwarovou knihovnu PKCS #11. Tato knihovna může být dodávána se zařízením nebo může být k dispozici ke stažení na stránkách výrobce nebo třetí strany.\n\nJakmile knihovnu nainstalujete, můžete ji vybrat buď manuálně přes 'Vybrat knihovnu' nebo nechte VeraCrypt, ať ji nalezne sám, a to s pomocí 'Autodetekce knihovny' (bude prohledán pouze systémový adresář Windows). + Poznámka: Název souboru a umístění vaší nainstalované knihovny PKCS #11 k bezpečnostnímu tokenu/smart kartě naleznete v dokumentaci dodané k tokenu/smart kartě.\n\nKlikněte na 'OK' a vyberte cestu a jméno souboru. + Aby mohl VeraCrypt přistupovat k bezpečnostnímu tokenu nebo smart kartě, potřebujete nejdříve pro token/smart kartu vybrat softwarovou knihovnu PKCS #11. Vyberte 'Nastavení' > 'Bezpečnostní tokeny'. + Inicializace knihovny PKCS #11 pro bezpečnostní token selhala.\n\nUjistěte se, prosím, že uvedená cesta a jméno souboru je platná pro knihovnu PKCS #11. Pro zadání názvu a cesty ke knihovně PKCS #11, vyberte 'Nastavení' > 'Bezpečnostní tokeny'. + V systémovém adresáři Windows nebyla nalezena žádná knihovna PKCS #11.\n\nUjistěte se, prosím, že knihovna PKCS #11 pro váš bezpečnostní token (nebo pro smart kartu) je nainstalována (např. knihovna, která je dodávána přímo s tokenem/kartou nebo může být ke stažení na stránce výrobce nebo třetích stran). Pokud je nainstalována do jiného než systémového adresáře Windows, zvolte 'Vybrat knihovnu' a najděte ji (např. složka, kde je nainstalován software k tokenu/kartě). + Nebyl nalezen žádný bezpečnostní token.\n\nUjistěte se, prosím, že je váš bezpečnostní token připojen k počítači a že máte nainstalován správný ovladač tohoto zařízení. + Souborový klíč bezpečnostního tokenu nebyl nalezen. + Souborový klíč bezpečnostního tokenu se stejným názvem již existuje. + Chcete smazat vybrané soubory? + Cesta k souborovému klíči bezpečnostního tokenu je neplatná. + Chyba bezpečnostního tokenu + Heslo bezpečnostního tokenu je nesprávné. + Bezpečnostní token nemá k dispozici dost paměti/místa pro provedení požadované operace.\n\nPokud se snažíte importovat souborový klíč, vyberte menší soubor nebo použijte souborový klíč vygenerovaný VeraCryptem (vyberte 'Nástroje' > 'Generátor souborového klíče'). + Všechny otevřené relace bezpečnostního tokenu byly uzavřeny. + Vyberte souborové klíče bezpečnostního tokenu + Slot + Název tokenu + Název souboru + DŮLEŽITÉ: Před-bootovací autentifikační hesla jsou vždy zadávána na klasické US klávesnici. Svazek, který používá heslo napsané na jiném rozložení klávesnice, se vám nemusí tím pádem podařit připojit (nejde o chybu VeraCryptu). Aby mohl být takovýto svazek s před-bootovacím autentifikačním heslem připojen, následujte tyto kroky:\n\n1) Klikněte na 'Vybrat soubor' nebo 'Vybrat zařízení' a vyberte svazek.\n2) Vyberte 'Svazky' > 'Změnit heslo svazku'.\n3) Zadejte současné heslo pro svazek.\n4) Změňte rozložení klávesnice na anglickou (US) kliknutím na jazykovou ikonu dole vpravo na hlavní liště Windows a vyberte 'EN Anglická (United States)'.\n5) V VeraCryptu, do políčka nové heslo, napište před-bootovací autentifikační heslo.\n6) Heslo potvrďte ještě jednou do druhého políčka a klikněte na 'OK'.\nVAROVÁNÍ: Mějte na paměti, že pokud budete pokračovat podle těchto kroků, heslo ke svazku musíte vždy napsat na americkém rozložení klávesnice (což bude automaticky nastaveno pouze v před-bootovacím prostředí). + Systémový oblíbený svazek bude připojen s použitím před-autentifikačního hesla. Pokud nějaký ze systémových oblíbených svazků používá jiné heslo, nebude připojen. + Pokud nechcete, aby běžné akce svazků VeraCrypt (např. 'Odpojit vše', automaticky-odpojit, atd.) ovlivnily oblíbené systémové svazky, měli byste zapnout volby 'Zobrazení a odpojení systémových oblíbených svazků v VeraCryptu povolit pouze administrátorům '. Navíc, pokud VeraCrypt běží bez administrátorských práv (výchozí pro Windows Vista a novější), oblíbené systémové svazky nebudou zobrazeny v písmenném seznamu disků v hlavním okně aplikace VeraCrypt. + DŮLEŽITÉ: Mějte na paměti, že pokud je tato volba zapnuta a VeraCrypt nemá administrátorská oprávnění, připojené oblíbené systémové svazky NEJSOU zobrazeny v okně aplikace VeraCrypt a nemohou být odpojeny. Proto, pokud potřebujete např. odpojit systémový oblíbený svazek, klikněte pravým tlačítkem myši na ikonu VeraCryptu (v menu Start) a vyberte 'Spustit jako správce. Stejné omezení platí pro funkce 'Odpojit vše', 'Autom.-odpojit', klávesové zkratky 'Odpojit vše' atd. + Toto nastavení se projeví až po restartu operačního systému. + Chyba při překladu příkazového řádku. + Záchranný disk + Vybrat &soubor a připojit... + Vybrat &zařízení a připojit... + Povolit zobrazení a odpojení systémových oblíbených svazků v VeraCryptu pouze administrátorům + Připojit oblíbené systémové svazky při startu Windows (v úvodní fázi startovací procedury) + Varování: Systém souborů na jednotce připojené jako '%s' nebyl čistě odpojen a může tak obsahovat chyby. Použití poškozeného systému souborů může způsobit ztrátu dat nebo jejich poškození.\n\nPoznámka: Před tím, než fyzicky odpojíte nebo vypnete zařízení (např. USB flash disk nebo externí disk), kde je uložen připojený svazek VeraCrypt, měli byste tento svazek nejdříve odpojit v VeraCryptu.\n\n\nChcete, aby se systém Windows pokusil najít a opravit chyby (pokud nějaké jsou) na souborovém systému? + Varování: Jeden nebo více oblíbených systémových svazků nebyl čistě odpojen a může tím pádem obsahovat chyby systému souborů. Pro více informací zkontrolujte log systémových událostí.\n\nPoužití poškozeného systému souborů může způsobit ztrátu dat nebo jejich poškození. Měli byste příslušný systémový oblíbený svazek zkontrolovat na chyby (pravým tlačítkem myši na něj v VeraCryptu klikněte a vyberte 'Opravit systém souborů'). + Varování: Oprava poškozeného systému souborů nástrojem Microsoft 'chkdsk' může způsobit ztrátu souborů v poškozených oblastech. Proto se doporučuje nejdříve zálohovat soubory uložené ve svazku VeraCrypt do jiného, zdravého svazku VeraCrypt.\n\nChcete nyní opravit systém souborů? + Jednotka '%s' byla připojena pouze pro čtení, protože zápis byl zamítnut. \n\nUjistěte se, prosím, že bezpečnostní oprávnění souborového svazku vám umožňuje do něj zapisovat (pravým tlačítkem myši klikněte na svazek a vyberte Vlastnosti > Zabezpečení).\n\nVzhledem k problému ve Windows se může stát, že toto varování uvidíte i po změně bezpečnostního nastaveni. Nejedná se o chybu v VeraCryptu. Možným řešením je svazek přesunout, například do složky 'Dokumenty'.\n\nPokud chcete nechat svazek nezapisovatelný, zadejte u svazku atribut pouze pro čtení (pravým tlačítkem klikněte na svazek a vyberte Vlastnosti > Pouze pro čtení), což potlačí toto varování. + Jednotka '%s' musela být připojena pouze pro čtení, protože byl zamítnut zápis.\n\nUjistěte se, prosím, že žádná další aplikace (např. antivirový program) nepřistupuje k oddílu/zařízení, na kterém je jednotka umístěna. + Jednotka '%s' byla připojena pouze pro čtení. Operační systém zjistil, že hostovací zařízení je chráněné proti zápisu.\n\nTo se může stát s upravenými ovladači chipsetu, které špatně identifikují média jako nezapisovatelná. Tento problém nezpůsobuje VeraCrypt. Můžete se ho pokusit vyřešit aktualizací nebo odinstalací jakýchkoliv upravených ovladačů chipsetu (non-Microsoft), které mate aktuálně nainstalovány na vašem systému. + Hyper-Threading technologie poskytuje více logických jader na jedno fyzické jádro. Je-li Hyper Threading zapnut, číslo uvedené nahoře ukazuje počet logických procesorů/jader. + %d vláken + Hardwarově akcelerované AES je vypnuto, což ovlivní výsledky výkonnostních testů (horší výkon).\n\nPro zapnutí hardwarové akcelerace vyberte 'Nastavení' > 'Výkon' a zapněte odpovídající volbu. + Počet vláken je momentálně omezen, což omezí výsledky výkonnostních testů (horší výkon).\n\nPro využití plného potenciálu procesoru/ů, vyberte 'Nastavení' > 'Výkon' a vypněte odpovídající nastavení. + Chcete, aby se VeraCrypt pokusil vypnout ochranu proti zapisování do tohoto oddílu/disku? + VAROVÁNÍ: Tato volba může ovlivnit výkonnost.\n\nJste si jisti, že chcete použít toto nastavení? + Varování: Svazek VeraCrypt byl automaticky odpojen + Před tím, než fyzicky odpojíte nebo vypnete zařízení, které obsahuje připojený svazek, měli byste tento svazek nejdříve odpojit v VeraCryptu.\n\nNeočekávané a nenadále odpojení je většinou způsobeno náhle selhávajícím kabelem, diskem (šuplíkem) apod. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Test + Souborový klíč + Backspace + Tab + Clear + Enter + Pauza + Caps Lock + Mezernk + Page Up + Page Down + End + Home + Šipka vlevo + Šipka nahoru + Šipka doprava + Šipka dolů + Vybrat + Klávesa pro tisk + Klávesa spustit + Print Screen + Insert + Delete + Aplikační klávesa + Uspat počítač + Num Lock + Scroll Lock + Prohlížeč - zpět + Prohlížeč - vpřed + Prohlížeč - obnovit + Prohlížeč - stop + Prohlížeč - hledat + Prohlížeč - oblíbené + Domovská stránka prohlížeče + Vypnout zvuk + Snížit hlasitost + Zvýšit hlasitost + Další stopa + Předchozí stopa + Stop + Hrát/Pauza + Emailový prohlížeč + Klávesa pro výběr média + Aplikace 1 + Aplikace 2 + Attn + CrSel + ExSel + Přehrát + Zvětšit + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.da.xml b/Translations/Language.da.xml index e517b430..60966951 100644 --- a/Translations/Language.da.xml +++ b/Translations/Language.da.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Annuller - Installer &til alle brugere - Gen&nemse... - Tilføj VeraCrypt ikon til &skrivebord - Donate now... - Registrer .hc fil &endelser som VeraCrypt - &Åben destinationsmappen efter afslutning - Tilføj VeraCrypt til &Start menu - Opret system &gendannelsespunkt - &Afinstaller - &Udpak - &Installer - VeraCrypt Oprettelsesguide - Afinstaller VeraCrypt - &Hjælp - Vælg eller indtast venligst placeringen hvor du ønsker at gemme de udpakkede filer: - Vælg eller indtast venligst placeringen hvor du ønsker at installere VeraCrypt program filerne. Hvis den angivne mappe ikke eksisterer, vil den automatisk blive oprettet. - Klik på Afinstaller for at fjerne VeraCrypt fra systemet. - Afbryd - &Benchmark - &Test - Create encrypted volume and format it - Encrypt partition in place - Vis de generede nøgler (deres mængde) - Vis pool indhold - Download CD/DVD brænde software - Create an encrypted file container - &GB - &TB - Mere information - Sk&jult VeraCrypt bind - Mere information om skjulte bind - Direkte tilstand - Normal tilstand - &KB - Brug nøglef&iler - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - Nøglefiler.. - Information om hakke algoritmer - Mere information - Information on PIM - &MB - Mere information - Mere information om system kryptering - Mere information - Multi-boot - Encrypt a non-system partition/drive - Gem aldrig hi&storik - Åben Ydre Bind - &Pause - Use P&IM - Use PIM - Ekspres Formatering - &Vis kodeord - &Display password - &Display PIM - Single-boot - Standard VeraCrypt bind - Skj&ult - Normalt - Krypter system partitionen eller hele system drevet - Krypter Windows system partitionen - Krypter hele drevet - VeraCrypt Bind Oprettelsesguide - Klynge - VIGTIGT: Bevæg musen så tilfældigt som muligt indenfor dette vindue. Jo længere tid du bevæger den, jo bedre. Dette forhøjer den kryptografiske styrke af krypteringsnøglerne betydeligt. Klik på Næste for at fortsætte. - Godkend: - Fuldført - Drive letter: - Krypterings Algoritme - Filsystem - Opretter en virtuel krypteret disk inden i en fil. Anbefales til uerfarne brugere. - Valg - Hakke Algoritme - Etiketnøgle: - Venstre - Hovednøgle: - Vælg dette hvis der er to eller flere operativsystemer installeret på denne computer.\n\nFor eksempel:\n- Windows XP og Windows XP\n- Windows XP og Windows Vista\n- Windows og Mac OS X\n- Windows og Linux\n- Windows, Linux og Mac OS X - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - Nuværende pool indhold (partiel) - Pass - Kodeord: - Volume PIM: - Volume PIM: - Udførsel: - Tilfældig Pool: - Vælg dette hvis der kun er et operativsystem installeret på denne computer (også selv om der er flere brugere). - Hastighed - Status - Nøgler, salt, og anden data er blevet oprettet med succes. Hvis du ønsker at oprette nye nøgler, klik på Tilbage og så Næste. Ellers klik på Næste for at fortsætte. - Krypterer partitionen/drevet hvor Windows er installeret. Enhver der ønsker at få adgang og bruge systemet, læse og skrive filer, osv., er nødt til at indtaste det korrekte kodeord hver gang inden Windows booter op. Valgfrit, oprettes et skjult system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Udviske tilstand: - Luk - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - Gør Ingenting - Tilslut &Automatisk til VeraCrypt Bind (angiv neden for) - &Start VeraCrypt - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - Gennemse... - Gennemse... - Gem kodeord og nøgl&efiler i hukommelsen - Afslut når alle tilsluttede bind afbrydes - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - Anvend VeraCrypt Bind Oprettelsesguide - Opret - &Opret Bind - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Brug nøglef&iler - Brug nøglef&iler - Afslut - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Tildel - Fjern - Nøglefiler... - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - A&uto-Tilslut Enheder - Tilslutnings Va&lg... - Tilslut bind som læs-&kun - Nøglefiler... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Tilsluttet - Gem kodeord i driverhukommelse - Auto-afbryd bind efter der ikke har været læst/skrevet til det i - Brugeren logger af - User session locked - Går i strømbesparende funktion - Pauseskærm aktiveres - Udfør auto-afbryd selvom bindet indeholder åbne filer eller mapper - Tilslut alle enheds-baserede VeraCrypt bind - Start VeraCrypt Background Task - Tilslut bind som læs-kun - Tilslut bind som flytbart medie - Åben Explorer vindue til succesfuldt tilsluttet bind - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Slet kodeord i hukommelsen ved auto-afbryd - Slet kodeord i hukommelsen ved afslut - Preserve modification timestamp of file containers - Nulstil - Vælg &Enhed... - Vælg &Fil... - Select &Library... - Vis kodeord - Vis kodeord - Åben &Explorer vindue for tilsluttet bind - &Gem kodeord i driver-hukommelsen - TrueCrypt Mode - Afb&ryd Alle - Bin&d Egenskaber... - Bind V&ærktøjer... - &Slet hukommelsen - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - System genvejstaster - VeraCrypt - Ændre Kodeord eller Nøglefiler - Indtast VeraCrypt Bind kodeord - VeraCrypt - Performance and Driver Options - VeraCrypt - Præferencer - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - VeraCrypt Rejse Disk Setup - VeraCrypt Bind Egenskaber - Om... - Tilføj/Fjern nøglefiler til/fra Bind... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Backup Af Bind Etiket... - Benchmark... - Ændre etiketnøgle oprindelses algoritme... - Ændre Bind kodeord... - Indstil Etiketnøgle Oprindelses Algoritme... - Ændre Kodeord... - Slet Bind Historie - Close All Security Token Sessions - Kontakt... - Opret Skjult Operativsystem... - Opret Nødhjælps Disk... - Opret nyt Bind... - Permanently Decrypt... - Standard nøglefiler... - Default Mount Parameters... - Donate now... - Krypter System Partition/Drev... - FAQ - Ofte stillede spørgsmål - Brugervejledning - &Hjemmeside - Genvejstaster... - Nøglefil Generator - Sprog... - Juridiske Bemærkninger - Manage Security Token Keyfiles... - Auto-Tilslut alle Enheds-placerede Bind - Tilslut Favorit Bind - Tilslut uden før-boot &godkendelse... - Tilslut Bind - Tilslut Bind med funktioner - Nyheder - Online Hjælp - Begyndervejledning - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Dekrypter System Partition/Drev Permanent - Præferencer... - Opdater drev bogstaver - Fjern alle nøglefiler fra Bind... - Gendan Bind Etiket... - Resume Interrupted Process - Vælg Enhed... - Vælg Fil... - Genoptag afbrudt proces - System Encryption... - Properties... - Settings... - System Favorite Volumes... - Downloads - Test Vektorer... - Security Tokens... - Rejse Disk Setup... - Afbryd alle tilsluttede Bind - Afbryd Bind - Kontroller Nødhjælps Disk - Verify Rescue Disk ISO Image - Versions Historik - Volume Expander - Bind Egenskaber - Bind Oprettelsesguide - VeraCrypt Hjemmeside - Slet kodeord i hukommelsen - OK - Hardware Acceleration - Genvej - AutoRun Konfiguration (autorun.inf) - Auto-Afbryd - Afbryd alle når: - Boot Loader Screen Options - Bekræft kodeord: - Nuværende - Display this custom message in the pre-boot authentication screen (24 characters maximum): - Standard Tilslutning Funktioner - Genvejstast Funktioner - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Fil Indstillinger - Tildel tast: - Processor (CPU) in this computer supports hardware acceleration for AES: - Opgaver der skal udføres ved login til Windows - minutter - Tilslut bind som drev bogstav: - Tilslutnings Indstillinger - Ny - Kodeord: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - Kodeords hukommelse - Security Options - VeraCrypt Baggrundsopgaver - VeraCrypt bind for tilslutning (relaterer til rejse disk rod): - Ved isættelse af rejse disk: - Opret rejse disk filer i (rejse disk rod mappe): - Bind - Windows - Tilføj &sti... - &Auto-Test alle - &Continue - &Dekrypter - &Delete - &Krypter - &Export... - Generer og gem nøglefil... - &Generer tilfældig nøglefil... - Download sprogpakker - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - Brug nøglef&iler - &Nøglefiler... - &Fjern - Fjern &Alle - Hvad er skjult bind beskyttelse? - More information on keyfiles - Tilslut bind som flytbart &medie - Tilslut partition &ved brug af system kryptering uden før-boot godkendelse - Parallelization: - Benchmark - &Udskriv - &Beskyt skjult bind imod skade forårsaget af skrivning til ydre bind - &Nulstil - &Vis kodeord - Add &Token Files... - Brug backup header implementeret i &Bind hvis tilgængeligt - XTS tilstand - Om VeraCrypt - VeraCrypt - Krypterings algoritme benchmark - VeraCrypt - Test vektorer - Kommandolinie Hjælp - VeraCrypt - Nøglefiler - VeraCrypt - Nøglefil Generator - VeraCrypt - Sprog - VeraCrypt - Tilslutningsvalg - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Vælg en Partition eller Enhed - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Aktive sprogpakker - Hastigheden afhænger af CPU belastning og hukommelseenhed karakteristik.\n\nDisse tests foregår i RAM. - Buffer Størrelse: - Ciffer: - K&odeord til skjult bind:\n(tomt=hukommelse) - Skjult bind beskyttelse - Nøgle størrelse: - VIGTIGT: Bevæg musen så tilfældigt som muligt i dette vindue. Jo længere tid du bevæger den, jo bedre. Dette forbedrer signifikant den kryptografiske styrke på nøglefilen. - ADVARSEL: Hvis du mister en nøglefil eller dele af dens første 1024 kilobytes ændres, vil det være umuligt at tilslutte bindet som bruger denne nøglefil! - bits - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Oversat af: - Ren tekst størrelse: - bits - Nuværende Pool Indhold - Blandet PRF: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Sekundær nøgle (hexadecimal) - Security token: - Sorterings Metode: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Blok nummer: - Ciffer tekst (hexadecimal) - Data enheds nummer (64-bit hexadecimal, data enheds størrelsen er 512 bytes) - Nøgle (hexadecimal) - Ren tekst (hexadecimal) - Keyfile name: - XTS tilstand - S&ystem - &Bind - Favor&ites - &Værktøjer - In&dstillinger - &Hjælp - Hjemme&side - - &Om... - Læs-kun egenskaben på dit gamle bind kan ikke ændres. Kontroller venligst filadgangs tilladelser. - Fejl: Adgang nægtet.\n\nPartitionen du prøver at få adgang til er enten 0 sektorer lang, eller det er boot enheden. - Administrator - For at kunne loade VeraCrypt driveren, er du nødt til at være logget ind med en brugerkonto med administrator rettigheder. - Bemærk venligst for at kunne kryptere/formatere en partition/enhed er du nødt til at være logget ind med en brugerkonto med administrator rettigheder.\n\nDette gælder ikke for fil-værtede bind. - For at oprette et skjult bind er du nødt til at være logget ind med en brugerkonto med administrator rettigheder.\n\nContinue? - Bemærk venligst for at kunne formatere bindet som NTFS er du nødt til at være logget ind med en brugerkonto med administrator rettigheder.\n\nUden administrator rettigheder, kan du formatere bindet som FAT. - FIPS-godkendt ciffer (Rijndael, udgivet i 1998) som kan benyttes af U.S. regerings afdelinger og bureauer for at beskytte klassificeret information op til Top Secret niveau. 256-bit nøgle, 128-bit blok, 14 runder (AES-256). Drift tilstand er XTS. - Bindet er allerede tilsluttet. - ADVARSEL: Mindst en kryptering eller hakke algoritme fejlede ved de automatiske selv-tests!\n\nVeraCrypt installationen kan være ødelagt. - ADVARSEL: Der er ikke nok data i tilfældigheds nummer generator pool til at forsyne det nødvendige antal data.\n\nDu bør ikke fortsætte yderligere. Vælg venligst 'Rapporter en fejl...' fra Hjælp menuen, og rapporter denne fejl. - Drevet er beskadiget (der er en fysisk skade på det) eller et kabel er beskadiget, eller hukommelsen har en fejlfunktion.\n\nBemærk venligst at dette er et problem med din hardware, ikke med VeraCrypt. Rapporter derfor venligst IKKE dette som en fejl/problem i VeraCrypt og spørg venligst IKKE om hjælp med dette i VeraCrypt Forums. Kontakt venligst din computer forhandlers tekniske support team for assistance. Tak.\n\nBemærk: Hvis fejlen opstår gentagne gange samme sted, er det højst sandsynligt forårsaget af en dårlig disk blok, som burde være mulig at reparere ved brug af tredieparts software (bemærk at, i mange tilfælde, kan 'chkdsk /r' kommandoen ikke rette den fordi den arbejder på filsystem niveau; i nogle tilfælde, kan 'chkdsk' værktøjet ikke engang opdage den). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Ugyldigt drev bogstav. - Ugyldig sti. - Annuller - Enheden ikke tilgængelig. Sørg for at enheden eksisterer og ikke er i brug af systemet. - Advarsel: Caps Lock er slået til. Dette kan medføre at kodeordet indtastes forkert. - Bind Type - Det kan ske at du bliver tvunget til at afsløre kodeordet til et krypteret bind. Der er mange situationer hvor du ikke kan afvise at afsløre kodeordet (for eksempel, pga. afpresning). Ved brug af et såkaldt skjult bind tillader det dig at klare sådanne situationer uden at afsløre kodeordet til dit bind. - Vælg dette hvis du ønsker at oprette et normalt VeraCrypt bind. - Bemærk venligst at hvis du ønsker at installere et operativsystem i et skjult partitions bind, så kan hele system drevet ikke blive kryptereret ved hjælp af en enkelt nøgle. - Ydre Bind Krypterings Funktioner - Skjult Bind Krypterings Funktioner - Krypterings Funktioner - ADVARSEL: Kunne ikke slette stien til det senest valgte bind/nøglefil (historik af filgennemsyn)! - Fejl: Beholderen er blevet komprimeret ved filsystem niveau. VeraCrypt understøtter ikke komprimerede beholdere (Bemærk: Komprimering at krypterede data er ueffektivt og overflødig).\n\nSlå venligst komprimering af denne beholder fra ved at følge disse trin: 1) Højreklik på denne beholder i Windows Stifinder (ikke i VeraCrypt). 2) Vælg 'Egenskaber'. 3) I 'Egenskaber' dialog boks, klik 'Avanceret'. 4) I 'Advancede Attributter' dialog boks, slå funktionen 'Komprimer indhold for at spare diskplads' fra og klik 'OK'. 5) I 'Egenskaber' dialog boks, Klik 'OK'. - Fejl i oprettelsen af bind %s - Størrelsen af %s er %.2f bytes - Størrelsen af %s er %.2f KB - Størrelsen af %s er %.2f MB - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - ADVARSEL: Enhed/partition er i brug af operativsystem eller andre applikationer. Formatering af enhed/partition kan medføre data korruption og system ustabilitet.\n\nFortsæt? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - Fejl: Enhed/partition indeholder et filsystem som ikke kunne afbrydes. Filsystemet kan være i brug af operativsystem. Formatering af enhed/partition vil sandsynligvis medføre data korruption og system ustabilitet.\n\nFor at løse dette problem, anbefaler vi at du først sletter paritionen og så genopretter den uden formatering. For at gøre dette, følg disse trin: 1) Højreklik på 'Computer' (eller 'Denne computer') ikonet i 'Start Menuen' og vælg and select 'Administrer'. Vinduet 'Computeradministration' bør da komme frem. 2) I vinduet 'Computeradministration', vælg 'Lager' > 'Diskhåndtering'. 3) Højreklik på den partition du vil kryptere og vælg enten 'slet partition', eller 'slet bind', eller 'slet logisk drev'. 4) Klik 'Ja'. Hvis Windows beder dig om at genstarte computeren, gør dette. Gentag da trin 1 og 2 og fortsæt fra trin 5. 5) Højreklik på området for tildelt/ledig disk plads og vælg enten 'Ny Partition', eller 'Nyt Simpelt Bind', eller 'Nyt logisk drev'. 6) 'Ny Partition hjælp' eller 'Nyt Simpelt Bind hjælp' vinduet burde komme frem nu; følg instruktionerne. På hjælpesiden benævnt 'Formater Partition', vælg enten 'formater ikke denne partition' eller 'formater ikke dette bind'. I samme hjælp, klik 'Næste' og så 'Afslut'. 7) Bemærk at enhedsstien du har valgt i VeraCrypt måske er forkert nu. Derfor, gå ud af VeraCrypt Bind Oprettelseshjælp (hvis den stadig er åben) og så start den igen. 8) Prøv at kryptere enhed/partition igen.\n\nHvis VeraCrypt gentagne gange giver fejl ved kryptering af enhed/partition, måtte du måske overveje at oprette en fil-beholder istedet. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - ADVARSEL: Nogle af de tilsluttede enheder/partitioner er var allerede i brug!\n\nIgnoreres dette kan det medføre uønskede resultater inklusiv system ustabilitet.\n\nVi anbefaler kraftigt at du lukker enhver applikation der måtte bruge enheden/partitionen. - Den valgte enhed indeholder partitioner.\n\nFormatering af enheden kan forårsage system ustabilitet og/eller data korruption. Vælg venligst enten en partition på enheden, eller fjern alle partitioner på enheden for at VeraCrypt kan formatere den sikkert. - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Den ledige plads på drevet %s er %.2f bytes. - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - Kunne ikke finde ledige drev bogstaver. - Fejl: VeraCrypt driver er ikke fundet.\n\nKopier venligst filerne 'veracrypt.sys' og 'veracrypt-x64.sys' til biblioteket hvor VeraCrypt hovedprogrammet (VeraCrypt.exe) er placeret. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Fejl: Ciffer initialiseringsfejl. - Fejl: En svag eller potientiel svag nøgle er detekteret. Nøglen vil blive afvist. Prøv venligst igen. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt Kritisk Fejl - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Krypter - &Dekrypter - &Dekrypter permanent - Afslut - Opret venligst et logisk drev til denne udvidede partition, og prøv igen. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - Vælg lokationen på det VeraCrypt bind hvori du ønsker at oprette et skjult bind. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - Fejl: Kan ikke tilslutte bind. Værts filen/enheden er allerede i brug. Forsøg på at tilslutte uden eksklusiv adgang fejlede også. - Filen kunne ikke åbnes. - Bind placering - Store Filer - Ønsker du at gemme filer større end 4 GB i dette VeraCrypt bind? - Afhængigt af dit valg ovenfor, vil VeraCrypt vælge et passende standard filsystem til dit VeraCrypt bind (du vil være i stand til at vælge et filsystem i det næste trin). - Da du opretter et ydre bind, bør du overveje at vælge 'Nej'. Hvis du vælger 'Ja', vil standard filsystemet blive NTFS, hvilket ikke er så passende til ydre bind som FAT (for eksempel, den maksimalt mulige størrelse på det skjulte bind vil blive væsentligt større hvis det ydre bind er formatteret som FAT). Normalt er FAT standard for både skjulte og normale bind (så FAT bind er ikke så mistænkelige). Dog, hvis brugeren indikerer ønske om at gemme filer større end 4 GB (hvilket FAT filsystemet ikke tillader), så er FAT ikke standard. - Er du sikker på du ønsker at vælge 'Ja'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Bemærk: - &Genoptag - &Udsæt - &Start - &Fortsæt - &Formater - &Wipe - Afbryd formatering? - Vis mere information - Vis ikke dette igen - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - System partitionen/drevet er dekrypteret med succes. - \n\nVeraCrypt bindet er oprettet og klar til brug. Hvis du ønsker at oprette et andet VeraCrypt bind, klik Næste. Ellers, klik Afslut. - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCrypt bindet er oprettet med succes. - Bind Oprettet - VIGTIGT: Bevæg musen så tilfældigt som muligt i dette vindue. Jo længere tid du bevæger den, jo bedre. Dette forbedrer signifikant den kryptografiske styrke på nøglefilen. Klik på Formater for at oprette bindet. - Klik på Formater for at oprette det ydre bind. For mere information, læs venligst dokumentationen. - Ydre Bind Formatering - Skjult Bind Formatering - Bind Formatering - Adobe Reader (eller et kompatibelt værktøj) er nødvendigt for at se eller udskrive VeraCrypt Brugervejledning. Adobe Reader (freeware) kan downloades på: www.adobe.com/dk/\n\nØnsker du at se den online dokumentation istedet? - Hvis du vælger denne mulighed, vil oprettelsesguiden først hjælpe dig med at oprette et normalt VeraCrypt bind og så et skjult VeraCrypt bind deri. Uerfarne brugere bør altid vælge denne mulighed. - Hvis du vælger denne mulighed, vil du oprette et skjult bind i et eksisterende VeraCrypt bind. Det vil formodes at du allerede har oprettet et VeraCrypt bind der er passende som vært til det skjulte bind. - Bind oprettelses tilstand - Skjult Bind oprettet - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - Det ydre bind er blevet oprettet og tilsluttet som drev %hc:. Til dette ydre bind bør du nu kopiere nogle følsomt udseende filer som du egentlig IKKE ønsker at skjule. De vil være der for dem der eventuelt afpresser dig til at afsløre kodeordet for den første partition bag system partitionen, hvor både det ydre og skjulte bind (indeholdende det skjulte operativsystem) vil være placeret. Du vil kunne afsløre kodeordet for dette ydre bind, og eksistensen af det skjulte bind (og det skjulte operativsystem) vil fortsat være hemmeligt.\n\nVIGTIGT: Filerne du kopierer til det ydre bind bør ikke optage mere plads end %s. Ellers er der muligvis ikke nok ledig plads i det ydre bind for det skjulte bind (og du vil ikke være i stand til at fortsætte). Efter du har afsluttet din kopiering, klik Næste (afbryd ikke bindet). - Ydre Bind er oprettet med succes og tilsluttet som drev %hc:. Til dette bind bør du nu kopiere nogle filer over der ser følsomme ud, men som du egentlig ikke ønsker at skjule. Filerne vil så være der hvis nogen aftvinger dig dit kodeord. Du afslører da kun kodeordet for det ydre bind, ikke for det skjulte. De filer du virkelig bekymrer dig om vil være i det skjulte bind, som bliver oprettet senere. Når du er færdig med at kopiere, klik Næste. Afslut ikke bindet.\n\nBemærk: Når du har klikket på Næste, vil klynge bitmap til det ydre bind blive skannet for at afgøre størrelsen af uafbrudt fri plads hvis slutning ligger udenfor slutningen af bindet. Dette område vil indeholde det skjulte bind, så det vil begrænse den maksimale størrelse. Klynge bitmap skanning sikrer at ingen data på det ydre bind overskrives af det skjulte bind. - Ydre bind indeholder - \n\nI de næste trin indstiller du valgmuligheder for det ydre bind (hvori det skjulte bind vil blive oprettet senere). - \n\nI de næste trin, vil du oprette et såkaldt ydre VeraCrypt bind indeni den første partition bag system partition (som blev forklaret i en af de tidligere trin). - Ydre bind - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nBindets cluster bitmap er blevet skannet og den maksimalt mulige størrelse på det skjulte bind er blevet afgjort. I de næste trin vil du vælge indstilling, størrelse, og kodeord for det skjulte bind. - Skjult bind - Det skjulte bind er nu beskyttet mod beskadigelse indtil det ydre bind bliver afbrudt.\n\nADVARSEL: Hvis nogen data forsøges gemt i området for det skjulte bind, vil VeraCrypt igangsætte skrive-beskyttelse af hele bindet (både det ydre og den skjulte del) indtil det bliver afbrudt. Dette kan medføre filsystem korruption på det ydre bind, hvilket (hvis gentaget) uforsætligt kan have indflydelse på den plausible benægtelse af det skjulte bind. Derfor bør du gøre en effektiv indsats for at undgå at gemme i området for det skjulte bind. Alle data gemt i området for det skjulte bind vil ikke blive gemt og vil være mistet. Windows kan rapportere dette som en skrivefejl ("Fejl forsinket skrivning" eller "Parameteren er ukorrekt"). - Ethvert skjult bind indeni det nu tilsluttede bind er nu beskyttet imod beskadigelse indtil det bliver afbrudt.\n\nADVARSEL: Hvis der forsøges at gemme nogen data i området for beskyttede skjulte bind, vil VeraCrypt igangsætte skrive-beskyttelse af hele bindet (både det ydre og den skjulte del) indtil det bliver afbrudt. Dette kan medføre filsystem korruption på det ydre bind, hvilket (hvis gentaget) uforsætligt kan have indflydelse på den plausible benægtelse af det skjulte bind. Derfor bør du gøre en effektiv indsats for at undgå at gemme i området for det skjulte bind. Alle data gemt i området for det skjulte bind vil ikke blive gemt og vil være mistet. Windows kan rapportere dette som en skrivefejl ("Fejl forsinket skrivning" eller "Parameteren er ukorrekt"). - ADVARSEL: Der blev forsøgt at gemme data i området for det skjulte bind tilsluttet som %c:! VeraCrypt forhindrede disse data i at blive gemt for at beskytte det skjulte bind. Dette kan have medført filsystem korruption i det ydre bind og Windows kan have rapporteret en skrivefejl ("Fejl forsinket skrivning" eller "Parameteren er ukorrekt"). Hele bindet (både den ydre og skjulte del) vil blive skrive-beskyttet indtil det bliver afbrudt. Hvis dette ikke er første gang VeraCrypt har beskyttet data i at blive gemt i området for det skjulte bind, kan det uforsætligt have indflydelse på den plausible benægtelse af det skjulte bind (pga. mulig usædvanligt modsigende uoverenstemmelse i det ydre filsystem). Derfor bør du overveje at oprette et nyt VeraCrypt bind (med ekspresformatering slået fra) og flytte filerne fra dette bind til det nye bind; dette bind bør slettes sikkert (både det ydre og den skjulte del). Vi anbefaler kraftigt at du genstarter operativsystemet nu. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Bemærk: Hvis du har behov for at overføre filer sikkert fra aflednings systemet til det skjulte system, følg disse trin: 1) Start aflednings systemet. 2) Gem filerne til et ukrypteret bind eller til et normalt/ydre VeraCrypt bind. 3) Start det skjulte system. 4) Hvis du har gemt filerne til et VeraCrypt bind, tilslut det (det vil automatisk blive tilsluttet som læs-kun). 5) Kopier filerne til den skjulte system partition eller til et andet skjult bind. - Din computer skal genstartes.\n\nØnsker du at genstarte den nu? - En fejl opstod under læsning af system krypterings status. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Kan ikke initialisere applikations komponenter for system kryptering. - Kunne ikke initialisere tilfældigheds nummergenerator! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Kunne ikke initialisere applikationen. Fejl i registrering af Dialog class. - Error: Failed to load the Rich Edit system library. - VeraCrypt Bind Oprettelsesguide - Den maksimale skjulte bind størrelse for dette bind er %.2f bytes. - Den maksimale skjulte bind størrelse for dette bind er %.2f KB. - Den maksimale skjulte bind størrelse for dette bind er %.2f MB. - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - Bind kodeord/nøglefiler kan ikke ændres mens bindet er tilsluttet. Afbryd venligst bindet først. - Etiketnøgle oprindelses algoritmen kan ikke ændres mens bindet er tilsluttet. Afbryd venligst bindet først. - &Tilslut - En nyere version af VeraCrypt kræves for at tilslutte dette bind. - Fejl: Bind Oprettelsesguiden er ikke fundet.\n\nKontroller venligst at 'VeraCrypt Format.exe' er i mappen hvorfra 'VeraCrypt.exe' blev startet. Hvis den ikke er, geninstaller VeraCrypt, eller find 'VeraCrypt Format.exe' på din harddisk og start den. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Næste > - &Afslut - &Installer - U&dpak - Ude i stand til at tilslutte VeraCrypt enhedsdriver. VeraCrypt vil ikke virke hvis enhedsdriveren ikke kører.\n\nBemærk venligst at, pga. et Windows problem, kan det være nødvendigt at logge af eller genstarte systemet førend enhedsdriveren kan lokalisere. - Fejl opstået under indlæsning/forberedelse af skrifttyper. - Drev bogstavet blev ikke fundet eller der blev ikke angivet noget drev bogstav. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Drev bogstav er ikke tilgængeligt. - Ingen fil valgt! - Ingen drev bogstaver tilgængelige. - Ingen ledige drev bogstaver til det ydre bind! Oprettelse af bind kan ikke fortsætte. - Kunne ikke fastsætte din version af operativsystem eller du anvender et usupporteret operativsystem. - Ingen sti valgt! - Ikke nok ledig plads til det skjulte bind! Oprettelse af bind kan ikke fortsætte. - Fejl: Filerne du har kopieret til det ydre bind optager for meget plads. Derfor er der ikke nok plads på det ydre bind til det skjulte bind.\n\nBemærk at det skjulte bind skal være ligeså stort som system partitionen (den partition hvor det nuværende aktive operativsystem er installeret). Grunden er at det skjulte operativsystem er nødt til at blive oprettet ved at kopiere indholdet af system partitionen til det skjulte bind.\n\n\nProcessen ved oprettelse af det skjulte operativsystem kan ikke fortsætte. - Driveren kan ikke afbryde bindet. Enkelte filer i bindet er muligvis stadig åbne. - Bindet kan ikke låses. Der er stadig åbne filer i bindet. Derfor kan det ikke afbrydes. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - Vælg et VeraCrypt Bind - Vælg sti og filnavn - Select PKCS #11 Library - Ikke mere hukommelse - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - ADVARSEL: Filen '%s' eksisterer allerede!\n\nVIGTIGT: VERACRYPT KRYPTERER IKKE FILEN, MEN VIL SLETTE DEN. Er du sikker på du vil slette filen og erstatte den med en ny VeraCrypt beholder? - ADVARSEL: ALLE NUVÆRENDE FILER GEMT PÅ DET VALGTE %s '%s'%s VIL BLIVE SLETTET OG TABT (DE BLIVER IKKE KRYPTERET)!\n\nEr du sikker på du ønsker at fortsætte med formatering? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - FORSIGTIG: ALLE NUVÆRENDE GEMTE FILER PÅ PARTITIONEN '%s'%s (F.EKS. PÅ DEN FØRSTE PARTITION BAG SYSTEM PARTITIONEN) VIL BLIVE SLETTET OG TABT (DE VIL IKKE BLIVE KRYPTERET)!\n\nEr du sikker på du ønsker at fortsætte med formattering? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - Kodeord - PIM - Ændre etiketnøgle oprindelses algoritme - Tilføj/Fjern nøglefiler til/fra Bind - Fjern alle nøglefiler fra Bind - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - VIGTIGT: Hvis du ikke har destrueret din VeraCrypt Nødhjælps Disk, vil dit system partition/drev stadig kunne dekrypteres ved brug af det gamle kodeord (ved at boote på VeraCrypt Nødhjælps Disk og indtaste det gamle kodeord). Du bør oprette en ny VeraCrypt Nødhjælps Disk og så destruere den gamle.\n\nØnsker du at oprette en ny VeraCrypt Nødhjælps Disk? - Bemærk at din VeraCrypt Nødhjælps Disk stadig bruger den tidligere algoritme. Hvis du fornemmer den tidligere algoritme er usikker, bør du oprette en ny VeraCrypt Nødhjælps Disk og så destruere den gamle.\n\nØnsker du at oprette en ny VeraCrypt Nødhjælps Disk? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Nøglefil(er) tilføjet/fjernet med succes. - Keyfile exported. - Etiketnøgle oprindelses algoritme ændret med success. - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - Det er meget vigtigt at du vælger et godt kodeord. Du bør undgå at vælge et der kun indeholder et enkelt ord der kan findes i en ordbog (eller en kombination af 2, 3 eller 4 af sådanne ord). Det bør ikke indeholde nogle navne eller fødselsdatoer. Det skal ikke være nemt at gætte. Et godt kodeord er en tilfældig kombination af store og små bogstaver, tal, og specielle karakterer, så som @ ^ = $ * + osv. Vi anbefaler at du vælger et kodeord der består af mere end 20 karakterer (jo længere, jo bedre). Det maksimalt mulige længde er 64 karakterer. - Vælg venligst et kodeord til det skjulte bind. - Vælg venligst et kodeord til det skjulte operativsystem (f.eks. til det skjulte bind). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - Indtast venligst kodeordet til det bind hvori du ønsker at oprette et skjult bind.\n\nEfter du har klikket Næste, vil VeraCrypt forsøge at tilslutte bindet. Så snart at bindet er tilsluttet, vil dets cluster bitmap bliver skannet for at afgøre størrelsen af det ubrudte område af ledig plads (hvis der er noget) hvis slutning ligger lige med slutningen af bindet. Dette område vil indeholde det skjulte bind og vil derfor begrænse dets maksimale mulige størrelse. Cluster map skanning er nødvendigt for at sikre at ingen data i det ydre bind, vil blive overskrevet af det skjulte bind. - \nVælg venligst et kodeord til det ydre bind. Dette vil være det kodeord som du vil kunne afsløre i det tilfælde du bliver spurgt eller tvunget til at afsløre det.\n\nVIGTIGT: Kodeordet du vælger skal være mærkbart forskelligt fra det du vælger til det skjulte bind.\n\nBemærk: Den maksimalt mulige kodeords længde er på 64 karakterer. - Vælg venligst et kodeord til det ydre bind. Dette vil være det kodeord som du vil kunne afsløre i det tilfælde du bliver spurgt eller tvunget til at afsløre det for den første partition bag system partitionen, hvor både det ydre bind og det skjulte bind (indeholdende det skjulte operativsystem) vil være placeret. Eksistensen af det skjulte bind (og det skjulte operativsystem) vil forblive hemmeligt. Bemærk at kodeordet ikke er til aflednings systemet.\n\nVIGTIGT: Kodeordet du vælger skal være mærkbart forskelligt fra det du vælger til det skjulte bind (dvs. til det skjulte operativsystem). - Ydre Bind kodeord - Skjult Bind kodeord - Kodeord til skjult operativsystem - ADVARSEL: Korte kodeord er lette at bryde ved brug af magtfulde teknikker!\n\nVi anbefaler et kodeord over 20 karakterer. Er du sikker på du vil bruge et kort kodeord? - Bind kodeord - Ukorrekt kodeord eller ikke et VeraCrypt bind. - Ukorrekt nøglefil(er) og/eller kodeord eller ikke et VeraCrypt bind. - Forkert tilslutningstilstand, ukorrekt kodeord, eller ikke et VeraCrypt bind. - Forkert tilslutningstilstand, ukorrekt nøglefil(er) og/eller kodeord, eller ikke et VeraCrypt bind. - Ukorrekt kodeord eller intet VeraCrypt bind fundet. - Ukorrekt nøglefil(er)/kodeord eller intet VeraCrypt bind fundet. - \n\nAdvarsel: Caps Lock er slået til. Dette kan medføre at kodeordet indtastes ukorrekt. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nBemærk: Hvis du forsøger at tilslutte en partition placeret på et krypteret system drev uden før-boot godkendelse eller tilslutte en krypteret system partition fra et operativsystem der ikke kører, kan du gøre dette ved at vælge 'System' > 'Tilslut uden før-Boot Godkendelse'. - I denne tilstand kan du ikke tilslutte en partition placeret på et drev hvis portion er indenfor nøglens rækkevidde af aktiv system kryptering.\n\nFør du kan tilslutte denne partition i denne tilstand, er du nødt til enten at boote et operativsystem installeret på et andet drev (krypteret eller ukrypteret) eller boote på et ukrypteret operativsystem. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Tilbage - Ude af stand til at vise de rå enheder der er installeret på dit system! - Bindet '%s' eksisterer, og er læs-kun. Er du sikker på du vil erstatte det? - Vælg destinationsmappe - Vælg nøglefil - Vælg en nøglefil søgesti. ADVARSEL: Bemærk at kun stien vil blive husket, ikke filnavne! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Designet af Ross Anderson, Eli Biham, og Lars Knudsen. Udgivet i 1998. 256-bit nøgle, 128-bit blok. Driftstilstand er XTS. Serpent var en af AES finalisterne. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Ydre bind størrelse - Skjult bind størrelse - Please verify that the size of the selected device/partition shown above is correct and click Next. - Det ydre bind og det skjulte bind (indeholdende det skjulte operativsystem) vil placeres indeni partition ovenfor. Det bør være den første partition bag system partitionen.\n\nKontroller venligst at størrelsen på partitionen og dets nummer vist ovenfor er korrekte, og hvis de er, klik på Næste. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Bind Størrelse - Dynamisk - ADVARSEL: SELV-TEST FEJLET! - Selv-test af alle algoritmer gennemført - Data enheds nummeret som du har angivet er for langt eller kort. - Den sekundære nøgle som du har angivet er for lang eller kort. - Testen ciffertekst du har angivet er for lang eller kort. - Testen nøgle du har angivet er for lang eller kort. - Testen ren tekst du har angivet er for lang eller kort. - To cifre i kaskade funktion i XTS tilstand. Hver blok bliver først krypteret med %s (%d-bit nøgle) og så med %s (%d-bit nøgle). Hvert ciffer bruger dets egen nøgle. Alle nøgler er indbyrdes uafhængige. - Tre cifre i kaskade funktion i XTS tilstand. Hver blok bliver først krypteret med %s (%d-bit nøgle), og så med %s (%d-bit nøgle), og tilsidst med %s (%d-bit nøgle). Hvert ciffer bruger dets egen nøgle. Alle nøgler er indbyrdes uafhængige. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt Rejse Disk - Designet af Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, og Niels Ferguson. Udgivet i 1998. 256-bit nøgle, 128-bit blok. Drift tilstand er XTS. Twofish var en af AES finalisterne. - Mere information på %s - Ukendt - An unspecified or unknown error occurred (%d). - Nogle bind indeholder filer eller mapper som bliver brugt af andre programmer eller systemet.\n\nGennemtving afbrydelse? - &Afbryd - Afbrydelse er fejlet! - Bindet indeholder filer eller mapper som bliver brugt af andre programmer eller systemet.\n\nGennemtving afbrydelse? - No volume is mounted to the specified drive letter. - Bindet du prøver at tilslutte er allerede tilsluttet. - En fejl opstod under forsøget på at tilslutte bindet. - Fejl i søgning af placering indenfor bind. - Fejl: Ukorrekt bind størrelse. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt kan ikke ændre kodeord for et fremmed bind. - Vælg venligst et ledigt drev bogstav fra listen. - Vælg venligst et tilsluttet bind i drev bogstav listen. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Fejl: Kan ikke oprette autorun.inf - Fejl under bearbejdning af nøglefil! - Fejl under bearbejdning af nøglefil sti! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt supporterer ikke dette operativsystem. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Fejl: Kan ikke tildele hukommelse. - Fejl: Kunne modtage værdien af ydelsestæller. - Fejl: Forkert bind format. - Fejl: Du angav et kodeord til et skjult bind (ikke til et normalt bind). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - Juridiske Bemærkninger - Alle Filer - VeraCrypt Bind - Library Modules - NTFS formatering kan ikke fortsætte. - Kan ikke tilslutte bind. - Kan ikke afbryde bind. - Windows fejlede under formatering af bindet som NTFS.\n\nVælg venligst en anden type filsystem (hvis muligt) og prøv igen. Alternativt kan du lade bindet være uformateret (Vælg 'Ingen' som filsystem), afbryd denne hjælp, tilslut bindet, og brug da enten et system eller 3-parts værktøj til at formatere bindet (bindet vil forblive krypteret). - Windows fejlede under formatering af bindet som NTFS.\n\nØnsker du at formatere bindet som FAT istedet? - Standard - partition - PARTITION - Enhed - device - ENHED - Bind - volume - VOLUME - Label - Den valgte klynge størrelse er for lille til denne størrelse bind. En større klynge størrelse vil blive brugt istedet. - Fejl: Kan ikke hente bind størrelsen!\n\nSørg for at det valgte bind ikke anvendes af systemet eller et andet program. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - VeraCrypt Bind Oprettelsesguide kan kun oprette et skjult bind i FAT eller NTFS bind. - I Windows 2000, kan VeraCrypt Bind Oprettelsesguide kun oprette et skjult bind i FAT bind. - Bemærk: FAT fil systemet er mere passende for ydre bind end NTFS fil systemet (for eksempel, den maksimalt mulige størrelse på et skjult bind ville meget muligt have været betydeligt større hvis det ydre bind havde været formatteret som FAT). - Bemærk at FAT fil systemet er mere passende for ydre bind end NTFS fil systemet. For eksempel, den maksimalt mulige størrelse på det skjulte bind vil meget muligt være betydeligt større hvis det ydre bind bliver formatteret som FAT (grunden er at NTFS fil systemet altid gemmer interne data nøjagtigt i midten af bindet og, derfor kan det skjulte bind kun være i den anden halvdel af det ydre bind).\n\nEr du sikker på du ønsker at formattere det ydre bind som NTFS? - Ønsker du at formattere bindet som FAT istedet? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Fejl: Partitionen for det skjulte operativsystem (dvs. den første partition bag system partitionen) skal være mindst 5% større end system partitionen (system partitionen er den hvor det nuværende kørende operativsystem er installeret). - Fejl: Partitionen for det skjulte operativsystem (dvs. den første partition bag system partitionen) skal være mindst 110% (2.1 gange) større end system partitionen (system partitionen er den hvor det nuværende kørende operativsystem er installeret). Årsagen er den at et NTFS fil system altid gemmer interne data nøjagtigt i midten af bindet og, derfor kan det skjulte bind (som skal indeholde en klon af system partitionen) kun placeres i den anden halvdel af bindet. - Fejl: Hvis det ydre bind er formatteret som NTFS, skal det mindst være 110% (2.1 gange) større end system partitionen. Årsagen er den at et NTFS fil system altid gemmer interne data nøjagtigt i midten af bindet og, derfor kan det skjulte bind (som skal indeholde en klon af system partitionen) kun placeres i den anden halvdel af bindet.\n\nBemærk: Det ydre bind skal være placeret indeni samme partition som det skjulte operativsystem (dvs. indeni den første partition bag system partitionen). - Fejl: Der er ingen partition bag system partitionen.\n\nBemærk at før du kan oprette et skjult operativsystem, skal du oprette en partition til det på system drevet. Det skal være den første partition bag system partitionen og den skal være mindst 5% større end system partitionen (system partitionen er den hvor det nuværende kørende operativsystem er installeret). Derimod, hvis det ydre bind (ikke at forveksle med system partitionen) er formatteret som NTFS, skal partitionen for det skjulte operativsystem være mindst 110% (2.1 gange) større end system partitionen (Årsagen er den at et NTFS fil system altid gemmer interne data nøjagtigt i midten af bindet og, derfor kan det skjulte bind (som skal indeholde en klon af system partitionen) kun placeres i den anden halvdel af partitionen. - Bemærk: Det er ikke praktisk (og derfor heller ikke supporteret) at installere operativsystemer i to VeraCrypt bind der er integreret indeni en enkelt partition, fordi brug af det ydre operativsystem ville ofte kræve at data skulle skrives til området med det skjulte operativsystem (og hvis sådanne skrive opgaver blev forhindret ved brug af skjult bind beskyttelses funktionen, ville det uundgåeligt medføre system nedbrud, dvs. 'Blå Skærm' fejl). - For information om hvordan man opretter og administrerer partitioner, læs venligst dokumentationen som fulgte med dit operativsystem eller kontakt din computer forhandlers tekniske support for yderligere hjælp. - Fejl: Det nuværende kørende operativsystem er ikke installeret på boot partitionen (første Aktive partition). Dette er ikke supporteret. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Fejl: Har ikke adgang til bindet!\n\nSørg for at det valgte bind eksisterer, at det ikke er tilsluttet eller bliver brugt af systemet eller andre programmer, at du har læse/skrive rettighed til bindet, og at det ikke er skrivebeskyttet. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Fejl: Kan ikke afbryde det ydre bind!\n\nBindet kan ikke afbrydes hvis det indeholder filer eller mapper der bliver brugt af et program eller systemet.\n\nLuk venligst alle programmer der måtte bruge filer eller mapper på bindet og klik på Prøv igen. - Fejl: Kan ikke finde information om det ydre bind! Oprettelse af bind kan ikke fortsætte. - Fejl: Har ikke adgang til det ydre bind! Oprettelse af bind kan ikke fortsætte. - Fejl: Kan ikke tilslutte det ydre bind! Oprettelse af bind kan ikke fortsætte. - Fejl: Kan ikke hente bitmap! Oprettelse af bind kan ikke fortsætte. - Alfabetisk/Kategoriseret - Gennemsnits hastighed (Aftagende) - Algoritme - Kryptering - Dekryptering - Gennemsnit - Drev - Størrelse - Krypterings Algoritme - Krypterings Algoritme - Type - Værdi - Egenskaber - Placering - bytes - Skjult - Ydre - Normal - System - Skjult (system) - Læs-kun - System drev - System drev (krypterer - %.2f%% færdiggjort) - System drev (dekrypterer - %.2f%% færdiggjort) - System drev (%.2f%% krypteret) - System partition - Skjult system partition - System partition (krypterer - %.2f%% færdiggjort) - System partition (dekrypterer - %.2f%% færdiggjort) - System partition (%.2f%% krypteret) - Ja (Skade undgået!) - Ingen - Primær Nøgle Størrelse - Sekundær Nøgle Størrelse (XTS Tilstand) - Klemt Nøgle Størrelse (LRW Tilstand) - bits - Blok størrelse - PKCS-5 PRF - PKCS-5 gentagelse talt - Bind oprettet - Etiket sidst ændret - (%I64d dage siden) - Bind Formatterings Version - Implementeret Backup Header - VeraCrypt Boot Loader Version - Først tilgængelige - Removable Disk - Harddisk - Uændret - Autodetection - Oprettelsesguide Tilstand - Vælg en af tilstandende. Hvis du ikke er sikker på hvilken du skal vælge, brug da standard tilstand. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Indstillings Muligheder - Her kan du indstille forskellige muligheder for at kontrollere installations processen. - Installerer - Vent venligst mens VeraCrypt bliver installeret. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Udpaknings Muligheder - Her kan du indstille forskellige muligheder for at kontrollere udpaknings processen. - Vent venligst mens filerne bliver udpakket. - Files successfully extracted - Alle filer er blevet udpakket med succes på destinations placeringen. - Hvis den ønskede mappe ikke findes, vil den blive oprettet automatisk. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Ønsker du at se udgivelsesnoter for den nuværende (seneste stabile) version af VeraCrypt? - Hvis du aldrig før har brugt VeraCrypt, anbefaler vi at du læser kapitlet Begyndervejledning i VeraCrypt Brugervejledningen. Ønsker du at se vejledningen? - Vælg venligst en handling der skal udføres udfra følgende: - Reparer/geninstaller - Upgrade - Afinstaller - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installation kører nu på dette system og udfører eller forbereder installation eller opdatering af VeraCrypt. Før du fortsætter, vent venligst til det afsluttes eller luk det. Hvis du ikke kan lukke det, genstart venligst din computer før du fortsætter. - Fejl under installation. - Fejl under afinstallation. - Denne distributions pakke er beskadiget. Prøv venligst at downloade den igen (helst fra det officielle VeraCrypt websted på https://veracrypt.codeplex.com). - Kan ikke skrive fil %s - Udpakker - Kan ikke læse data fra pakken. - Kan ikke kontrollere integriteten på denne distributions pakke. - Fejl i udpakning. - Installationen er trukket tilbage. - VeraCrypt er installeret med succes. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt er afinstalleret med succes.\n\nKlik 'Afslut' for at fjerne VeraCrypt installer og mappen %s. Bemærk at mappen ikke vil blive fjernet hvis den indeholder filer der blev installeret af VeraCrypt installer eller blev oprettet af VeraCrypt. - Fjerner VeraCrypt i registreringsdatabasen - Tilføjer i registreringsdatabasen - Fjerner applikations-specifikke data - Installerer - Stopper - Fjerner - Tilføjer ikon - Opretter system gendannelsespunkt - Oprettelse af system gendannelsespunkt mislykket! - Opdaterer boot loader - Kunne ikke installere '%s'. %s Ønsker du at fortsætte installationen? - Kunne ikke afinstallere '%s'. %s Ønsker du at fortsætte afinstallationen? - Installationen fuldført. - Mappen '%s' kunne ikke oprettes - VeraCrypt enhedsdriveren kan ikke frakobles.\n\nLuk venligst alle åbne VeraCrypt vinduer først. Hvis dette ikke hjælper, genstart venligst Windows og prøv igen. - Alle VeraCrypt bind skal afbrydes inden installation eller afinstallation af VeraCrypt. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - Installation i registringsdatabasen er mislykket - Installation af enhedsdriver er mislykket. Genstart venligst Windows og prøv at installere VeraCrypt igen. - Starter VeraCrypt enhedsdriver - Fejl i afinstallation af enhedsdriver. Bemærk venligst at, på grund af et Windows problem, kan det være nødvendigt at logge af eller genstarte systemet førend at enhedsdriveren kan afinstalleres (eller geninstalleres). - Installerer VeraCrypt enhedsdriver - Stopper VeraCrypt enhedsdriver - Afinstallerer VeraCrypt enhedsdriver - Registrering af Brugerkonto kontrolsupport bibliotek er mislykket. - Afregistrering af Brugerkonto kontrolsupport bibliotek er mislykket. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - Fejl: Kan ikke vise licensen. - Ydre(!) - dage - timer - minutter - sekunder - Åben - Afbryd - Vis VeraCrypt - Skjul VeraCrypt - Data læst siden tilslutning - Data skrevet siden tilslutning - Krypteret Mængde - 100% (fuldt krypteret) - 0% (ikke krypteret) - %.3f%% - 100% - Afventer - Preparing - Resizing - Krypterer - Dekrypterer - Finalizing - Pause - Afsluttet - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Skriv kodeord til %s - Enter password for '%s' - Indtast kodeord for det normale/ydre bind - Indtast kodeord for det skjulte bind - Indtast kodeord for header gemt i backup filen - Nøglefil er oprettet med succes. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - ADVARSEL: Etikettet på dette bind er beskadiget! VeraCrypt brugte automatisk det backup af bind etiketten der er implementeret i bindet.\n\nDu bør reparere bind etiketten ved at vælge 'Værktøjer' > 'Gendan Bind Etiket'. - Backup af bind etiket er udført med succes.\n\nVIGTIGT: Gendannelse af bind etiket med dette backup vil også gendanne det nuværende binds kodeord. Derudover, hvis nøglefil(er) er nødvendige for at tilslutte bindet, vil de samme nøglefil(er) være nødvendige for at tilslutte bindet igen når bind etiketten gendannes.\n\nADVARSEL: Denne backup af bind etiket kan KUN bruges til at gendanne etiket for dette bestemte bind. Hvis du bruger denne etiket backup til at gendanne en etiket for et andet bind, vil du kunne tilslutte bindet, men du vil ikke være i stand til at dekryptere nogen data på bindet (fordi du vil ændre dets hovednøgle). - Bindets etiket er blevet gendannet med succes.\n\nVIGTIGT: Bemærk venligst at et gammelt kodeord også kan være gendannet. Derudover, hvis nøglefil(er) var nødvendig til at tilslutte bindet da backup var lavet, vil de samme nøglefil(er) nu være nødvendige for at tilslutte bindet igen. - Af sikkerheds årsager, vil du være nødt til at indtaste det korrekte kodeord (og/eller tilføje de korrekte nøglefiler) til bindet.\n\nBemærk: Hvis bindet indeholder et skjult bind, vil du være nødt til at indtaste det korrekte kodeord (og/eller tilføje de korrekte nøglefiler) for det ydre bind først. Bagefter, hvis du ønsker at lave back up af etiketten på det skjulte bind, vil du være nødt til at indtaste det korrekte kodeord (og/eller tilføje de korrekte nøglefiler) for det skjulte bind. - Er du sikker på du ønsker at oprette bind etiket backup for %s?\n\nEfter du har klikket Ja, vil du blive spurgt om et filnavn for etiket backup.\n\nBemærk: Både standard og det skjulte binds etiketter vil blive gen-krypteret ved brug af en ny pulje og gemt i backup filen. Hvis der ikke er noget skjult bind i dette bind, bliver området reserveret for det skjulte binds etiket i backup filen udfyldt med tilfældig data (for at bevare den troværdige benægtelse). Ved gendannelse af en bind etiket fra backup filen, vil du være nødt til at indtaste det korrekte kodeord (og/eller tilføje de korrekte nøglefiler) som var gældende da bind etiket backuppen blev oprettet. Kodeordet (og/eller nøglefiler) vil også automatisk bestemme typen af bind etiketten der skal gendannes, dvs. standard eller skjult (bemærk at VeraCrypt bestemmer typen gennem en proces med prøver og fejl). - Er du sikker på du ønsker at gendanne bind etiketten for %s?\n\nADVARSEL: Gendannelse af bind etiketter gendanner også det bind kodeord der var gældende da backup blev foretaget. Ydermere, hvis nøglefil(er) var påkrævet for at tilslutte bindet da backup blev foretaget, vil de samme nøglefiler være nødvendige for at tilslutte bindet igen efter bind etiketten er gendannet.\n\nEfter du har klikket Ja, kan du vælge backup etiket filen. - Indeholder bindet et skjult bind? - Bindet indeholder et skjult bind - Bindet indeholder ikke et skjult bind - Vælg venligst typen af bind etiket backup du ønsker at bruge: - Gendan bind etiket fra den indbyggede backup i bindet - Gendan bind etiket fra en ekstern backup fil - Størrelsen af bind etiket backup filen er ukorrekt. - Der er ingen backup etiket indbygget i dette bind (bemærk at kun bind oprettet med VeraCrypt 6.0 eller senere indeholder indbyggede backup etiketter). - Du forsøger at lave backup af etiket for system partition/drevet. Dette er ikke tilladt. Backup/gendan funktioner angående system partition/drev kan kun udføres ved hjælp af VeraCrypt Nødhjælps Disk.\n\nØnsker du at oprette en VeraCrypt Nødhjælps Disk? - Du forsøger at gendanne en etiket for et virtuelt VeraCrypt bind men du valgte system partition/drev. Dette er ikke tilladt. Backup/gendan funktioner angående system partition/drev kan kun udføres ved hjælp af VeraCrypt Nødhjælps Disk.\n\nØnsker du at oprette en VeraCrypt Nødhjælps Disk? - Efter du har klikket OK, skal du vælge et filnavn til det nye VeraCrypt Nødhjælps Disk ISO billede og placeringen hvor du ønsker at placere det. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Indsæt venligst din VeraCrypt Nødhjælps Disk i dit CD/DVD drev og klik på OK for at kontrollere den. - VeraCrypt Nødhjælps Disk er blevet kontrolleret med succes. - Kan ikke kontrollere at Nødhjælps Disk er blevet korrekt brændt.\n\nHvis du har brændt Nødhjælps Disk, vær venlig at tage CD/DVD ud og sætte den i igen; prøv så igen. Hvis dette ikke hjælper, prøv venligst en anden CD/DVD optager software og/eller medie.\n\nHvis du forsøgte at kontrollere en VeraCrypt Nødhjælps Disk oprettet med en anden hovednøgle, kodeord, salt, osv., bemærk venligst at en sådan Nødhjælps Disk altid vil fejle denne kontrol. For at oprette en ny Nødhjælps Disk der er fuld ud kompatibel med din nuværende konfiguration, vælg 'System' > 'Opret Nødhjælps Disk'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Fejl i oprettelsen af VeraCrypt Nødhjælps Disk. - VeraCrypt Nødhjælps Disk kan ikke oprettes når et skjult operativsystem kører.\n\nFor at oprette en VeraCrypt Nødhjælps Disk, boot op på aflednings operativsystemet og vælg så 'System' > 'Opret Nødhjælps Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Afbryd venligst bindet før der fortsættes. - Fejl: Kan ikke indstille timer. - Kontroller Filsystem - Reparer Filsystem - Add to Favorites... - Add to System Favorites... - P&roperties... - Skjult Bind beskyttet - N/A - Ja - Nej - Disabled - 1 - 2 eller flere - Driftstilstand - Label: - Size: - Path: - Drive Letter: - Fejl: Kodeord må kun indeholde ASCII karakterer.\n\nIkke-ASCII karakterer i kodeord kan forårsage at bindet vil være umuligt at tilslutte når dine system indstillinger ændres.\n\nFølgende karakterer kan anvendes:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Advarsel: Kodeord indeholder ikke-ASCII karakterer. Dettekan forårsage at bindet vil være umuligt at tilslutte når dine system indstillinger ændres.\n\nDu bør udskifte alle ikke-ASCII karakterer i kodeordet med ASCII. For at gøre dette klik 'Bind' -> 'Ændre Bind Kodeord'.\n\nFølgende er ASCII karakterer:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Hjemmeside - ADVARSEL: Tilsyneladende har du ikke Service Packs i din Windows XP installation. Du bør ikke gemme på IDE diske større end 128 GB under Windows XP hvor du ikke har tilføjet Service Pack 1 eller nyere! Hvis du gør, vil data på disken (uanset om det er et VeraCrypt bind eller ej) blive ødelagt. Bemærk at dette er en begrænsning i Windows, ikke en fejl i VeraCrypt. - ADVARSEL: Tilsyneladende har du ikke Service Pack 3 eller nyere i din Windows installation. Du bør ikke gemme på IDE diske større end 128 GB under Windows 2000 hvor du ikke har tilføjet Service Pack 3 eller nyere! Hvis du gør, vil data på disken (uanset om det er et VeraCrypt bind eller ej) blive ødelagt. Bemærk at dette er en begrænsning i Windows, ikke en begræsning i VeraCrypt.\n\nBemærk: Måske er det også nødvendigt at aktivere 48-bit LBA support i registreringsdatabasen; for mere information, se http://support.microsoft.com/kb/305098/EN-US - ADVARSEL: 48-bit LBA ATAPI support er slået fra i dit system. Derfor bør du ikke skrive til IDE diske større end 128 GB! Hvis du gør, vil data på disken (uanset om det er et VeraCrypt bind eller ej) blive ødelagt. Bemærk at dette er en begrænsning i Windows, ikke en begræsning i VeraCrypt.\n\nFor at aktivere 48-bit LBA support, tilføj 'EnableBigLba' registreringsværdien i registreringsnøglen HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters og sæt den til 1.\n\nFor yderligere information, se http://support.microsoft.com/kb/305098 - Fejl: Filer større end 4 GB kan ikke gemmes på et FAT32 fil system. Derfor kan fil-baserede VeraCrypt bind (beholdere) gemt på et FAT32 fil ikke være større end 4 GB.\n\nHvis du har behov for et større bind, opret det da som et NTFS fil system (eller, hvis du bruger Windows Vista SP1 eller nyere, på et exFAT fil system) eller, istedet for at oprette et fil-baseret bind, krypter en hel partition eller enhed. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - ADVARSEL: Hvis du ønsker at kunne tilføje data/filer til det ydre bind i fremtiden, bør du overveje at vælge en mindre størrelse for det skjulte bind.\n\nEr du sikker på du ønsker at fortsætte med den valgte størrelse? - Ingen bind valgt.\n\nKlik 'Vælg Enhed' eller 'Vælg Fil' for at vælge et VeraCrypt bind. - Ingen partition valgt.\n\nKlik 'Vælg Enhed' for at vælge en afbrudt partition der normalt kræver før-boot godkendelse (for eksempel, en partition placeret på et krypteret system drev af et andet operativsystem, som ikke kører, eller en krypteret system partition af et andet operativsystem).\n\nBemærk: Den valgte partition vil blive tilsluttet som et almindeligt VeraCrypt bind uden før-boot godkendelse. Dette er brugbart f.eks. ved backup eller reparationsarbejde. - ADVARSEL: Hvis standard nøglefiler er valgt og aktiveret, vil bind der ikke bruger disse nøglefiler være umulige at tilslutte. Derfor, efter du har aktiveret standard nøglefiler, husk at fjerne markeringen udfor 'Brug nøglefiler' afmærkningsboksen (under et kodeords indtastningsfelt) når du tilslutter sådanne bind.\n\nEr du sikker på du ønsker at gemme de valgte nøglefiler/stier som standard? - Auto-Tilslut Enheder - Afbryd alle - Ryd hukommelse - Dismount All & Wipe Cache - Gennemtving afbrydelse af alle & Ryd hukommelse - Gennemtving afbrydelse af alle, Ryd hukommelse & Afslut - Tilslut Favorit Bind - Vis/Skjul Hoved VeraCrypt Vindue - (Klik her og tryk på en tast) - Handling - Genvej - Fejl: Denne genvej er reserveret. Vælg venligst en anden. - Fejl: Genvejen er allerede i brug. - ADVARSEL: En eller flere VeraCrypt system-tilgængelige genvejstaster vil ikke virke!\n\nKontroller venligst at andre applikationer og operativsystem ikke benytter samme genvej(e) som VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - En fejl eller ukompatibilitet forhindrer VeraCrypt fra at kryptere dvale filen. Derfor er dvale forhindret.\n\nBemærk: Når en computer går i dvale (eller går i strømbesparende tilstand), bliver indholdet i system hukommelsen skrevet til en dvale opbevarings fil der gemmes på system drevet. VeraCrypt ville ikke være i stand til at forhindre krypterings nøgler og indhold i følsomme filer der er åbne i RAM fra at blive gemt ukrypteret til dvale opbevarings filen. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - ADVARSEL: Hvis denne funktion deaktiveres, vil bind der indeholder åbne filer/mapper ikke være mulige at auto-tilslutte.\n\nEr du sikker på du vil deaktivere denne funktion? - ADVARSEL: Bind der indeholder åbne filer/mapper vil IKKE blive auto-afbrudt.\n\nFor at undgå dette, aktiver den følgende funktion i dette dialog vindue: 'Udfør auto-afbryd selv om bindet indeholder åbne filer eller mapper' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - Du har planlagt en krypterings eller dekrypterings proces af system partition/drev. Processen er endnu ikke blevet fuldført.\n\nØnsker du at starte (genoptage) processen nu? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Du har skemalagt processen for kryptering eller dekryptering af system partition/drev. Imidlertid opstod der fejl på før-boot godkendelsen (eller den blev sprunget over).\n\nBemærk: Hvis du dekrypterede system partition/drev i før-boot miljøet, kan det være nødvendigt du afslutter processen ved at vælge 'System' > 'Dekrypter System Partition/Drev Permanent' fra menulinien i hovedvinduet af VeraCrypt. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Afslut? - VeraCrypt har ikke nok information til at afgøre om der skal krypteres eller dekrypteres. - VeraCrypt har ikke nok information til at afgøre om der skal krypteres eller dekrypteres.\n\nBemærk: Hvis du har dekrypteret system partition/drev i før-boot miljøet, kan det være nødvendigt at du afslutter processen ved at klikke på Dekrypter. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Ønsker du at afbryde og udskyde processen med kryptering af system partition/drev?\n\nBemærk: Du vil være i stand til at genoptage processen og den vil fortsætte fra det sted den blev stoppet. Du kan gøre dette ved f.eks. ved at vælge 'System' > 'Genoptag Afbrudt Proces' fra menulinien i hovedvinduet i VeraCrypt. Hvis du ønsker permanent at afbryde eller tilbageføre krypterings processen, vælg 'System' > 'Dekrypter System Partition/Drev Permanent'. - Ønsker du at afbryde og udskyde processen med dekryptering af system partition/drev?\n\nBemærk: Du vil være i stand til at genoptage processen og den vil fortsætte fra det sted den blev stoppet. Du kan gøre dette ved f.eks. ved at vælge 'System' > 'Genoptag Afbrudt Proces' fra menulinien i hovedvinduet i VeraCrypt. Hvis du ønsker at tilbageføre dekrypterings processen (og påbegynde kryptering), vælg 'System' > 'Krypter System Partition/Drev'. - Fejl: Kunne ikke afbryde processen med kryptering/dekryptering af system partition/drev. - Error: Failed to interrupt the process of wiping. - Fejl: Kunne ikke genoptage processen med kryptering/dekryptering af system partition/drev. - Error: Failed to start the process of wiping. - Uoverensstemmelse løst.\n\n\n(Hvis du ønsker at rapportere en fejl i denne forbindelse, inkluder venligst følgende tekniske information i fejlrapporten: %hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - ADVARSEL: VeraCrypt baggrundsopgaver er slået fra. Efter du afslutter VeraCrypt, vil du ikke blive gjort opmærksom på om skade på det skjulte bind er undgået.\n\nBemærk: Du kan nårsomhelst lukke baggrundsopgaver ned ved at højreklikke på VeraCrypt ikonet i systembakken, og klikke på 'Afslut'.\n\nAktiver VeraCrypt Baggrundsopgaver? - Sprogpakke version: %s - Kontrollerer fil systemet på VeraCrypt bindet tilsluttet som %s... - Prøver at reparere filsystemet på det VeraCrypt bind der er tilsluttet som %s. - Advarsel: Dette bind er krypteret med en ældre algoritme.\n\nAlle 64-bit-blok krypterings algoritmer (f.eks., Blowfish, CAST-128, eller Triple DES) foretrækkes ikke. Det vil være muligt at tilslutte disse bind med fremtidige versioner af VeraCrypt. Dog vil der fremover ikke komme flere forbedringer til udførelsen af disse ældre krypterings algoritmer. Vi anbefaler at du opretter et nyt VeraCrypt bind krypteret med 128-bit-blok krypterings algorithmer (f.eks., AES, Serpent, Twofish, osv.) og at du flytter alle filer til dette nye bind. - Dit system er ikke konfigureret til automatisk at tilslutte nye bind. Det kan være umuligt at tilslutte enhedsbaserede VeraCrypt bind. Automatisk tilslutning kan konfigureres ved at køre denne kommando og genstarte systemet.\n\nmountvol.exe /E - Tildel venligst et drev bogstav til partitionen/enheden før du fortsætter ('Kontrolpanel' > 'Ydelse og Vedligeholdelse' > 'Administration' - 'Computeradministration / Diskhåndtering').\n\nBemærk at dette er afhængig af det anvendte operativsystem. - Tilslut VeraCrypt Bind - Afbryd alle VeraCrypt Bind - VeraCrypt fejl i at opnå administrator rettighed. - Adgang nægtet af operativsystem.\n\nMulig årsag: Operativsystemet kræver at du har læse/skrive tilladelse (eller administrations rettigheder) for bestemte mapper, filer, og enheder, for at du kan få tilladelse til at læse og skrive data til/fra dem. Normalt kan en bruger uden administrator rettigheder godt oprette, læse og redigere filer i brugerens dokumentmappe. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - VeraCrypt Boot Loader kræver mindst 32 KBytes ledig disk plads i begyndelsen af system drevet (VeraCrypt Boot Loader kræver at det skal gemmes i det område). Desværre imødekommer dit drev ikke denne tilstand.\n\nVær venlig IKKE at rapportere dette som en fejl/problem i VeraCrypt. For at løse dette problem, vil du skulle partitionere din disk igen og lade de første 32 KBytes af din disk være fri (i de fleste tilfælde, vil du være nødt til at slette og genoprette den første partition). Vi anbefaler at du bruger Microsoft partition manager som er tilgængelig f.eks. når du installerer Windows. - Funktionen er ikke supporteret i denne version af det operativsystem du nu benytter. - VeraCrypt supporterer ikke kryptering af en system partition/drev i denne version af operativsystem du nu benytter. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Dit system drev har en GUID partitions tabel (GPT). For tiden er kun drev med en MBR partitions tabel supporteret. - FORSIGTIG: VeraCrypt Boot Loader er allerede installeret på dit system drev!\n\nDet er muligt at et andet system på din computer allerede er krypteret.\n\nADVARSEL: FORTSÆTTELSE MED KRYPTERING AF DET NUVÆRENDE KØRENDE SYSTEM VIL KUNNE GØRE ANDRE SYSTEMER UMULIGE AT STARTE OG RELATERET DATA UTILGÆNGELIGT.\n\nEr du sikker på du ønsker at fortsætte? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - Den originale system loader kan ikke gemmes på Nødhjælps Disk (mulig årsag: manglende backup fil). - Kunne ikke skrive MBR sektor.\n\nDin BIOS er muligvis konfigureret til at beskytte MBR sektoren. Tjek din BIOS indstilling (tryk F2, Delete, eller Esc, efter du har tændt din computer) for MBR/antivirus beskyttelse. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - Dit system partition/drev ser ud til at være helt krypteret. - VeraCrypt supporterer ikke kryptering af system drev der er blevet konverteret til en dynamisk disk. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Ønsker du at kryptere system partitionen istedet for hele drevet?\n\nBemærk at du kan oprette partition-værts baserede VeraCrypt bind inden i enhver ikke-system partition på drevet (foruden at kryptere system partitionen). - Da dit system drev kun indeholder en enkelt partition som optager hele drevet, vil det være at foretrække (mere sikkert) at kryptere hele drevet inklusiv den ledige "rest" plads der typisk omgiver sådan en partition.\n\nØnsker du at kryptere hele system drevet? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Advarsel: Der er uallokeret område mellem system partition og den første partition bag den. Efter du har oprettet det skjulte operativsystem, må du ikke oprette nogle nye partitioner i det uallokerede område. Ellers vil det skjulte operativsystem være umuligt at boote (indtil du sletter sådanne nyoprettede partitioner). - Denne algoritme er for tiden ikke supporteret til system kryptering. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - Advarsel: VeraCrypt kunne ikke gendanne det originale keyboard layout. Dette kan medføre at du indtaster et kodeord ukorrekt. - Fejl: Kan ikke indstille keyboard layoutet for VeraCrypt til standard US keyboard layout.\n\nBemærk at kodeordet skal indtastes i før-boot miljøet (før Windows starter) hvor ikke-US Windows keyboard layouts ikke er tilgængelige. Derfor skal kodeordet altid skrives ved brug af standard US keyboard layout. - Da VeraCrypt midlertidigt har ændret keyboard layout til standard US keyboard layout, det er ikke muligt at indtaste karakterer ved trykke på taster mens den højre Alt tast holdes nede. Derimod kan du indtaste de fleste af disse karakterer, ved at trykke de passende taster mens Shift tasten holdes nede. - VeraCrypt forhindrede ændring af keyboard layout. - Bemærk: Kodeordet skal indtastes i før-boot miljøet (før Windows starter) hvor ikke-US Windows keyboard layouts ikke er tilgængelige. Derfor, bør kodeordet altid indtastes ved brug af standard US keyboard layout. Derimod er det vigtigt at bemærke at du IKKE behøver et rigtigt US keyboard. VeraCrypt sikrer automatisk at du roligt kan indtaste kodeordet (lige nu og i før-boot miljøet) selv om du ikke har et rigtigt US keyboard. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - ADVARSEL: Hvis du allerede har oprettet en VeraCrypt Nødhjælps Disk tidligere, kan den ikke genbruges til denne system partition/drev fordi den blev oprettet med en anden hoved nøgle! Hver gang du krypterer en system partition/drev, skal du oprette en ny VeraCrypt Nødhjælps Disk for den, selv om du anvender samme kodeord. - Fejl: Kan ikke gemme system krypterings indstillinger. - Kan ikke påbegynde system krypterings første test. - Kan ikke påbegynde processen med at oprette det skjulte operativsystem. - Udviske Tilstand - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - Ingen (hurtigst) - 1-pass (random data) - 3-passager (US DoD 5220.22-M) - 7-passager (US DoD 5220.22-M) - 35-pass ("Gutmann") - 256-pass - Antal Operativsystemer - ADVARSEL: Uerfarne brugere bør aldrig forsøge at kryptere Windows i multi-boot konfigurationer.\n\nFortsæt? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Boot Drev - Er det nuværende kørende operativsystem installeret på boot drevet?\n\nBemærk: Nogle gange er Windows ikke installeret på samme drev som Windows boot loader (boot partition). Hvis dette er tilfældet, vælg 'Nej'. - VeraCrypt supporterer for tiden ikke kryptering af operativsystemer der ikke booter fra drevet hvorpå det er installeret. - Antal System Drev - Hvor mange drev indeholder et operativsystem?\n\nBemærk: For eksempel, hvis du har et operativsystem (f.eks. Windows, Mac OS X, Linux, osv.) installeret på dit primære drev og et andet operativsystem installeret på dit sekundære drev, vælg '2 eller flere'. - VeraCrypt supporterer for tiden ikke kryptering af et helt drev der indeholder flere operativsystemer.\n\nMulige løsninger:\n\n- Du kan stadig kryptere et af systemerne hvis du går tilbage og vælger kun at kryptere en enkelt system partition (sat op imod at vælge at kryptere hele system drevet).\n\n- Alternativt, vil du være i stand til at kryptere hele drevet hvis du flytter nogel af systemerne til andre drev og kun beholder et system på det drev du ønsker at kryptere. - Flere Systemer på et Drev - Er der andre operativsystemer installeret på drevet hvorfra det nu kørende operativsystem er installeret?\n\nBemærk: For eksempel, hvis det nu kørende operativsystem er installeret på drevet #0, som indeholder flere partitioner, og hvis en af partitionerne indeholder Windows og en anden partition indeholder et operativsystem yderligere (f.eks. Windows, Mac OS X, Linux, osv.), vælg 'Ja'. - Ikke-Windows Boot Loader - Er der installeret en ikke-Windows boot loader (eller boot manager) i master boot record (MBR)?\n\nBemærk: For eksempel, hvis det første spor på boot drevet indeholder GRUB, LILO, XOSL, eller en anden ikke-Windows boot manager (eller boot loader), vælg 'Ja'. - Multi-Boot - VeraCrypt supporterer for tiden ikke multi-boot konfigurationer hvor en ikke-Windows boot loader er installeret i Master Boot Record.\n\nMulige løsninger:\n\n- Hvis du anvender en boot manager til at boote Windows og Linux, flyt da boot manageren (typisk, GRUB) fra Master Boot Record til en partition. Start da dette hjælpeprogram igen og krypter system partition/drev. Bemærk at VeraCrypt Boot Loader vil blive din primære boot manager og det vil tillade dig at opstarte den originale boot manager (f.eks. GRUB) som din sekundære boot manager (ved at trykke på Esc i VeraCrypt Boot Loader skærmbilledet) og således vil du være i stand til at boote Linux. - Hvis det nuværende kørende operativsystem er installeret på boot partitionen, så vil du efter at have krypteret det, være nødt til at indtaste korrekt kodeord selv om du ønsker at starte et andet ukrypteret Windows system(er) (da de vil dele en krypteret Windows boot loader/manager).\n\nDerimod, hvis det nuværende kørende operativsystem ikke er installeret på boot partitionen (eller hvis Windows boot loader/manager ikke bliver brugt at noget andet system), så vil du efter at have krypteret dette system, ikke skulle indtaste korrekt kodeord for at boote det andet ukrypterede system(er) -- du vil kun skulle trykke på Esc tasten for at starte det ukrypterede system (hvis der er flere ukrypterede systemer, vil du også skulle vælge hvilket system der skal startes i VeraCrypt Boot Manager menuen).\n\nBemærk: Typisk er det tidligst installerede Windows system installeret på boot partitionen. - Kryptering af værts beskyttet område - Sidst på mange drev er der et område der normalt er skjult for operativsystemet (sådanne områder kaldes normalt Værts Beskyttede Områder). Det er dog muligt for nogle programmer at læse og skrive data til/fra disse områder.\n\nADVARSEL: Nogle computer fabrikanter kan bruge disse områder til at gemme værktøjer og data til RAID, system gendannelse, system setup, diagnostisering, eller andre formål. Hvis sådanne værtøjer eller data skal være tilgængelige før boot, bør det skjulte område IKKE krypteres (vælg 'Nej' ovenfor).\n\nØnsker du at VeraCrypt skal detektere og kryptere sådan et skjult område (hvis det findes) sidst på system drevet? - Type af System Kryptering - Vælg dette hvis du ønsker at kryptere system partitionen eller hele system drevet. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Skjult Operativsystem - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - Detekterer Skjulte Sektorer - Vent venligst mens VeraCrypt detekterer mulige skjulte sectorer sidst på system drevet. Bemærk at det kan tage lang tid at fuldføre.\n\nBemærk: I meget sjældne tilfælde, på nogle computere, kan systemet blive låst og ikke svare under denne detektions process. Hvis dette sker, genstart computeren, start VeraCrypt, gentag de tidligere trin men spring over denne detektions process. Bemærk at dette ikke er forårsaget af en fejl i VeraCrypt. - Område til kryptering - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Indsamler tilfældig data - Generede nøgler - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Optager nødhjælps disk - Nødhjælps Disk Oprettet - System krypterings første test - Nødhjælps disk kontrolleret - \nVeraCrypt Nødhjælps disk er blevet kontrolleret med succes. Fjern den venligst fra drevet nu og opbevar den på et sikkert sted.\n\nKlik Næste for at fortsætte. - ADVARSEL: Under de næste trin må VeraCrypt Nødhjælps Disk ikke være i drevet. Ellers vil det ikke være muligt at gennemføre trinene korrekt.\n\nFjern den venligst fra drevet nu og gem den på et sikkert sted. Klik så på OK. - Advarsel: På grund af tekniske begrænsninger i før boot miljøet, vil tekster vist af VeraCrypt i før boot miljøet (dvs. før Windows starter) ikke blive lokaliseret. VeraCrypt Boot Loader bruger interface er helt på Engelsk.\n\nFortsæt? - Før kryptering af din system partition eller drev, er det nødvendigt at VeraCrypt kontrollerer at alting virker korrekt.\n\nEfter du klikker på Test, vil alle de nødvendige komponenter (for eksempel, før-boot godkendelses komponent, VeraCrypt Boot Loader) blive installeret og din computerer vil blive genstartet. Så skal du indtaste dit kodeord i VeraCrypt Boot Loader skærmbilledet der kommer frem før Windows starter. Efter Windows er startet, vil du automatisk blive informeret omkring resultetet af denne indledende test.\n\nDen følgende enhed bliver modificeret: Drev #%d\n\n\nHvis du klikker på Fortryd nu, vil ingenting blive indstalleret og den indledende test vil ikke blive udført. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Indledende test fuldført - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Ønsker du at afbryde hele processen med at oprette det skjulte operativsystem?\n\nBemærk: Du vil IKKE være i stand til at fortsætte processen hvis du afbryder nu. - Ønsker du at afbryde system krypteringens indledende test? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - System partition/drev ser ikke ud til at være krypteret (hverken delvist eller helt). - Det system partition/drev er krypteret (delvist eller helt).\n\nDekrypter venligst dit system partition/drev helt før du fortsætter. For at gøre dette, vælg 'System' > 'Dekrypter System Partition/Drev Permanent' fra menulinien i VeraCrypt hovedvinduet. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Dit system partition/drev bliver nu krypteret, dekrypteret, eller ændret på anden måde. Afbryd venligst kryptering/dekryptering/modifikations processen (eller vent til den er fuldført) før du fortsætter. - Et eksemplar af VeraCrypt Bind Oprettelsesguide kører nu på systemet og udfører eller forbereder kryptering/dekryptering af system partition/drev. Før du fortsætter, vent venligst på det afslutter eller luk det. Hvis du ikke kan lukke det, genstart venligst din computer før du fortsætter. - Processen med kryptering eller dekryptering af system partition/drev er ikke fuldført. Vent venligst indtil det er fuldført før du fortsætter. - Fejl: Krypteringsproces på partition/drev er ikke fuldført. Det skal færdiggøres først. - Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Kodeordet er korrekt, VeraCrypt har dekrypteret bind etiketten med succes og detekteret at dette bind er et skjult system bind. Du kan dog ikke ændre etiketten på et skjult system bind på denne måde.\n\nFor at ændre kodeord på et skjult system bind, boot operativsystemet der ligger i det skjulte bind, og vælg da 'System' > 'Ændre kodeord' fra menulinien i hoved VeraCrypt vinduet.\n\nFor at vælge etiket nøgle oprindelses algoritme, boot op på det skjulte operativsystem og vælg da 'System' > 'Indstil etiket nøgle oprindelses algoritme'. - VeraCrypt supporterer ikke på-stedet dekryptering af en skjult system partition.\n\nBemærk: Hvis du ønsker at dekryptere aflednings system partitionen, boot op på aflednings systemet, og vælg da 'System' > 'Dekrypter System Partition/Drev permanent' fra menulinien i hoved VeraCrypt vinduet. - Fejl: Ukorrect/ugyldig parameter. - Du har valgt en partition eller enhed men oprettelsesguide tilstanden du har valgt er kun passende til fil beholdere.\n\nØnsker du at ændre oprettelsesguide tilstand? - Ønsker du at oprette en VeraCrypt fil beholder istedet? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Er du sikker på du ønsker at dekryptere system partition/drev permanent? - FORSIGTIG: Hvis du dekrypterer system partition/drev permantent, vil ukrypteret data blive skrevet der til.\n\nEr du helt sikker på du vil dekryptere system partition/drev permanent? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - Hvis du oplever nogle af de tidligere beskrevne problemer, dekrypter partition/drev (hvis det er krypteret) og prøv så at kryptere det igen ved brug af en ikke-kaskade krypterings algorithme (f.eks. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - Versions nummeret på den VeraCrypt Boot Loader der bootede dette operativsystem er forskellig fra det versions nummer på den VeraCrypt driver (og VeraCrypt applikationer) der er installeret på dette system.\n\nDu bør køre VeraCrypt installering (med det samme versions nummer som VeraCrypt Boot Loader) for at opdatere VeraCrypt på dette operativsystem. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - VeraCrypt Boot Loader er blevet opgraderet.\n\nDet anbefales kraftigt at du opretter en ny VeraCrypt Nødhjælps Disk (som vil indeholde den nye version af VeraCrypt Boot Loader) ved at vælge 'System' > 'Opret Nødhjælps Disk' efter du har genstartet din computer. - VeraCrypt Boot Loader er blevet opgraderet.\n\nDet anbefales kraftigt at du booter aflednings operativsystemet og så opretter en ny VeraCrypt Nødhjælps Disk (som vil indeholde den nye version af VeraCrypt Boot Loader) ved at vælge 'System' > 'Opret Nødhjælps Disk'. - Fejl i opgradering af VeraCrypt Boot Loader. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - ADVARSEL: Det ser ud til at VeraCrypt allerede har forsøgt at detektere skjulte sektorer på dette system drev. Hvis du oplevede nogen problemer under den tidligere detektions proces, kan du undgå disse problemer ved at undlade detektion af skjulte sektorer nu. Bemærk at hvis du gør dette, vil VeraCrypt bruge størrelsen oplyst af operativsystemet (hvilket kan være mindre end den reelle størrelse på drevet).\n\nBemærk at dette problem ikke er forårsaget af en fejl i VeraCrypt. - Undlad detektion af skjulte sektorer (brug størrelsen oplyst af operativsystemet) - Forsøg at detektere skjulte sektorer igen - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Nødhjælps Disk - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Test - Nøglefil - Backspace - Tab - Clear - Retur - Pause - Caps Lock - Mellemrum - Page Up - Page Down - End - Home - Pil Venstre - Pil Op - Pil Højre - Pil Ned - Vælg Tast - Print Tast - Execute Tast - Print Skærm - Insert - Delete - Applikations Tast - Sleep - Num Lock - Scroll Lock - Stifinder Tilbage - Stifinder Frem - Stifinder Opdater - Stifinder Stop - Stifinder Søg - Stifinder Favoritter - Stifinder Hjem - Lydløs - Volume Ned - Volume Op - Næste Spor - Forrige Spor - Stop Medie - Afspil/Pause Medie - Åbn Post Tast - Vælg Medie Tast - Applikation 1 - Applikation 2 - Attn - CrSel - ExSel - Afspil - Zoom - Numerisk - Shift - Ctrl - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Annuller + Installer &til alle brugere + Gen&nemse... + Tilføj VeraCrypt ikon til &skrivebord + Donate now... + Registrer .hc fil &endelser som VeraCrypt + &Åben destinationsmappen efter afslutning + Tilføj VeraCrypt til &Start menu + Opret system &gendannelsespunkt + &Afinstaller + &Udpak + &Installer + VeraCrypt Oprettelsesguide + Afinstaller VeraCrypt + &Hjælp + Vælg eller indtast venligst placeringen hvor du ønsker at gemme de udpakkede filer: + Vælg eller indtast venligst placeringen hvor du ønsker at installere VeraCrypt program filerne. Hvis den angivne mappe ikke eksisterer, vil den automatisk blive oprettet. + Klik på Afinstaller for at fjerne VeraCrypt fra systemet. + Afbryd + &Benchmark + &Test + Create encrypted volume and format it + Encrypt partition in place + Vis de generede nøgler (deres mængde) + Vis pool indhold + Download CD/DVD brænde software + Create an encrypted file container + &GB + &TB + Mere information + Sk&jult VeraCrypt bind + Mere information om skjulte bind + Direkte tilstand + Normal tilstand + &KB + Brug nøglef&iler + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + Nøglefiler.. + Information om hakke algoritmer + Mere information + Information on PIM + &MB + Mere information + Mere information om system kryptering + Mere information + Multi-boot + Encrypt a non-system partition/drive + Gem aldrig hi&storik + Åben Ydre Bind + &Pause + Use P&IM + Use PIM + Ekspres Formatering + &Vis kodeord + &Display password + &Display PIM + Single-boot + Standard VeraCrypt bind + Skj&ult + Normalt + Krypter system partitionen eller hele system drevet + Krypter Windows system partitionen + Krypter hele drevet + VeraCrypt Bind Oprettelsesguide + Klynge + VIGTIGT: Bevæg musen så tilfældigt som muligt indenfor dette vindue. Jo længere tid du bevæger den, jo bedre. Dette forhøjer den kryptografiske styrke af krypteringsnøglerne betydeligt. Klik på Næste for at fortsætte. + Godkend: + Fuldført + Drive letter: + Krypterings Algoritme + Filsystem + Opretter en virtuel krypteret disk inden i en fil. Anbefales til uerfarne brugere. + Valg + Hakke Algoritme + Etiketnøgle: + Venstre + Hovednøgle: + Vælg dette hvis der er to eller flere operativsystemer installeret på denne computer.\n\nFor eksempel:\n- Windows XP og Windows XP\n- Windows XP og Windows Vista\n- Windows og Mac OS X\n- Windows og Linux\n- Windows, Linux og Mac OS X + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + Nuværende pool indhold (partiel) + Pass + Kodeord: + Volume PIM: + Volume PIM: + Udførsel: + Tilfældig Pool: + Vælg dette hvis der kun er et operativsystem installeret på denne computer (også selv om der er flere brugere). + Hastighed + Status + Nøgler, salt, og anden data er blevet oprettet med succes. Hvis du ønsker at oprette nye nøgler, klik på Tilbage og så Næste. Ellers klik på Næste for at fortsætte. + Krypterer partitionen/drevet hvor Windows er installeret. Enhver der ønsker at få adgang og bruge systemet, læse og skrive filer, osv., er nødt til at indtaste det korrekte kodeord hver gang inden Windows booter op. Valgfrit, oprettes et skjult system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Udviske tilstand: + Luk + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + Gør Ingenting + Tilslut &Automatisk til VeraCrypt Bind (angiv neden for) + &Start VeraCrypt + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + Gennemse... + Gennemse... + Gem kodeord og nøgl&efiler i hukommelsen + Afslut når alle tilsluttede bind afbrydes + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + Anvend VeraCrypt Bind Oprettelsesguide + Opret + &Opret Bind + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Brug nøglef&iler + Brug nøglef&iler + Afslut + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Tildel + Fjern + Nøglefiler... + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + A&uto-Tilslut Enheder + Tilslutnings Va&lg... + Tilslut bind som læs-&kun + Nøglefiler... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Tilsluttet + Gem kodeord i driverhukommelse + Auto-afbryd bind efter der ikke har været læst/skrevet til det i + Brugeren logger af + User session locked + Går i strømbesparende funktion + Pauseskærm aktiveres + Udfør auto-afbryd selvom bindet indeholder åbne filer eller mapper + Tilslut alle enheds-baserede VeraCrypt bind + Start VeraCrypt Background Task + Tilslut bind som læs-kun + Tilslut bind som flytbart medie + Åben Explorer vindue til succesfuldt tilsluttet bind + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Slet kodeord i hukommelsen ved auto-afbryd + Slet kodeord i hukommelsen ved afslut + Preserve modification timestamp of file containers + Nulstil + Vælg &Enhed... + Vælg &Fil... + Select &Library... + Vis kodeord + Vis kodeord + Åben &Explorer vindue for tilsluttet bind + &Gem kodeord i driver-hukommelsen + TrueCrypt Mode + Afb&ryd Alle + Bin&d Egenskaber... + Bind V&ærktøjer... + &Slet hukommelsen + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - System genvejstaster + VeraCrypt + Ændre Kodeord eller Nøglefiler + Indtast VeraCrypt Bind kodeord + VeraCrypt - Performance and Driver Options + VeraCrypt - Præferencer + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + VeraCrypt Rejse Disk Setup + VeraCrypt Bind Egenskaber + Om... + Tilføj/Fjern nøglefiler til/fra Bind... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Backup Af Bind Etiket... + Benchmark... + Ændre etiketnøgle oprindelses algoritme... + Ændre Bind kodeord... + Indstil Etiketnøgle Oprindelses Algoritme... + Ændre Kodeord... + Slet Bind Historie + Close All Security Token Sessions + Kontakt... + Opret Skjult Operativsystem... + Opret Nødhjælps Disk... + Opret nyt Bind... + Permanently Decrypt... + Standard nøglefiler... + Default Mount Parameters... + Donate now... + Krypter System Partition/Drev... + FAQ - Ofte stillede spørgsmål + Brugervejledning + &Hjemmeside + Genvejstaster... + Nøglefil Generator + Sprog... + Juridiske Bemærkninger + Manage Security Token Keyfiles... + Auto-Tilslut alle Enheds-placerede Bind + Tilslut Favorit Bind + Tilslut uden før-boot &godkendelse... + Tilslut Bind + Tilslut Bind med funktioner + Nyheder + Online Hjælp + Begyndervejledning + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Dekrypter System Partition/Drev Permanent + Præferencer... + Opdater drev bogstaver + Fjern alle nøglefiler fra Bind... + Gendan Bind Etiket... + Resume Interrupted Process + Vælg Enhed... + Vælg Fil... + Genoptag afbrudt proces + System Encryption... + Properties... + Settings... + System Favorite Volumes... + Downloads + Test Vektorer... + Security Tokens... + Rejse Disk Setup... + Afbryd alle tilsluttede Bind + Afbryd Bind + Kontroller Nødhjælps Disk + Verify Rescue Disk ISO Image + Versions Historik + Volume Expander + Bind Egenskaber + Bind Oprettelsesguide + VeraCrypt Hjemmeside + Slet kodeord i hukommelsen + OK + Hardware Acceleration + Genvej + AutoRun Konfiguration (autorun.inf) + Auto-Afbryd + Afbryd alle når: + Boot Loader Screen Options + Bekræft kodeord: + Nuværende + Display this custom message in the pre-boot authentication screen (24 characters maximum): + Standard Tilslutning Funktioner + Genvejstast Funktioner + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Fil Indstillinger + Tildel tast: + Processor (CPU) in this computer supports hardware acceleration for AES: + Opgaver der skal udføres ved login til Windows + minutter + Tilslut bind som drev bogstav: + Tilslutnings Indstillinger + Ny + Kodeord: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + Kodeords hukommelse + Security Options + VeraCrypt Baggrundsopgaver + VeraCrypt bind for tilslutning (relaterer til rejse disk rod): + Ved isættelse af rejse disk: + Opret rejse disk filer i (rejse disk rod mappe): + Bind + Windows + Tilføj &sti... + &Auto-Test alle + &Continue + &Dekrypter + &Delete + &Krypter + &Export... + Generer og gem nøglefil... + &Generer tilfældig nøglefil... + Download sprogpakker + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + Brug nøglef&iler + &Nøglefiler... + &Fjern + Fjern &Alle + Hvad er skjult bind beskyttelse? + More information on keyfiles + Tilslut bind som flytbart &medie + Tilslut partition &ved brug af system kryptering uden før-boot godkendelse + Parallelization: + Benchmark + &Udskriv + &Beskyt skjult bind imod skade forårsaget af skrivning til ydre bind + &Nulstil + &Vis kodeord + Add &Token Files... + Brug backup header implementeret i &Bind hvis tilgængeligt + XTS tilstand + Om VeraCrypt + VeraCrypt - Krypterings algoritme benchmark + VeraCrypt - Test vektorer + Kommandolinie Hjælp + VeraCrypt - Nøglefiler + VeraCrypt - Nøglefil Generator + VeraCrypt - Sprog + VeraCrypt - Tilslutningsvalg + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Vælg en Partition eller Enhed + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Aktive sprogpakker + Hastigheden afhænger af CPU belastning og hukommelseenhed karakteristik.\n\nDisse tests foregår i RAM. + Buffer Størrelse: + Ciffer: + K&odeord til skjult bind:\n(tomt=hukommelse) + Skjult bind beskyttelse + Nøgle størrelse: + VIGTIGT: Bevæg musen så tilfældigt som muligt i dette vindue. Jo længere tid du bevæger den, jo bedre. Dette forbedrer signifikant den kryptografiske styrke på nøglefilen. + ADVARSEL: Hvis du mister en nøglefil eller dele af dens første 1024 kilobytes ændres, vil det være umuligt at tilslutte bindet som bruger denne nøglefil! + bits + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Oversat af: + Ren tekst størrelse: + bits + Nuværende Pool Indhold + Blandet PRF: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Sekundær nøgle (hexadecimal) + Security token: + Sorterings Metode: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Blok nummer: + Ciffer tekst (hexadecimal) + Data enheds nummer (64-bit hexadecimal, data enheds størrelsen er 512 bytes) + Nøgle (hexadecimal) + Ren tekst (hexadecimal) + Keyfile name: + XTS tilstand + S&ystem + &Bind + Favor&ites + &Værktøjer + In&dstillinger + &Hjælp + Hjemme&side + + &Om... + Læs-kun egenskaben på dit gamle bind kan ikke ændres. Kontroller venligst filadgangs tilladelser. + Fejl: Adgang nægtet.\n\nPartitionen du prøver at få adgang til er enten 0 sektorer lang, eller det er boot enheden. + Administrator + For at kunne loade VeraCrypt driveren, er du nødt til at være logget ind med en brugerkonto med administrator rettigheder. + Bemærk venligst for at kunne kryptere/formatere en partition/enhed er du nødt til at være logget ind med en brugerkonto med administrator rettigheder.\n\nDette gælder ikke for fil-værtede bind. + For at oprette et skjult bind er du nødt til at være logget ind med en brugerkonto med administrator rettigheder.\n\nContinue? + Bemærk venligst for at kunne formatere bindet som NTFS er du nødt til at være logget ind med en brugerkonto med administrator rettigheder.\n\nUden administrator rettigheder, kan du formatere bindet som FAT. + FIPS-godkendt ciffer (Rijndael, udgivet i 1998) som kan benyttes af U.S. regerings afdelinger og bureauer for at beskytte klassificeret information op til Top Secret niveau. 256-bit nøgle, 128-bit blok, 14 runder (AES-256). Drift tilstand er XTS. + Bindet er allerede tilsluttet. + ADVARSEL: Mindst en kryptering eller hakke algoritme fejlede ved de automatiske selv-tests!\n\nVeraCrypt installationen kan være ødelagt. + ADVARSEL: Der er ikke nok data i tilfældigheds nummer generator pool til at forsyne det nødvendige antal data.\n\nDu bør ikke fortsætte yderligere. Vælg venligst 'Rapporter en fejl...' fra Hjælp menuen, og rapporter denne fejl. + Drevet er beskadiget (der er en fysisk skade på det) eller et kabel er beskadiget, eller hukommelsen har en fejlfunktion.\n\nBemærk venligst at dette er et problem med din hardware, ikke med VeraCrypt. Rapporter derfor venligst IKKE dette som en fejl/problem i VeraCrypt og spørg venligst IKKE om hjælp med dette i VeraCrypt Forums. Kontakt venligst din computer forhandlers tekniske support team for assistance. Tak.\n\nBemærk: Hvis fejlen opstår gentagne gange samme sted, er det højst sandsynligt forårsaget af en dårlig disk blok, som burde være mulig at reparere ved brug af tredieparts software (bemærk at, i mange tilfælde, kan 'chkdsk /r' kommandoen ikke rette den fordi den arbejder på filsystem niveau; i nogle tilfælde, kan 'chkdsk' værktøjet ikke engang opdage den). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Ugyldigt drev bogstav. + Ugyldig sti. + Annuller + Enheden ikke tilgængelig. Sørg for at enheden eksisterer og ikke er i brug af systemet. + Advarsel: Caps Lock er slået til. Dette kan medføre at kodeordet indtastes forkert. + Bind Type + Det kan ske at du bliver tvunget til at afsløre kodeordet til et krypteret bind. Der er mange situationer hvor du ikke kan afvise at afsløre kodeordet (for eksempel, pga. afpresning). Ved brug af et såkaldt skjult bind tillader det dig at klare sådanne situationer uden at afsløre kodeordet til dit bind. + Vælg dette hvis du ønsker at oprette et normalt VeraCrypt bind. + Bemærk venligst at hvis du ønsker at installere et operativsystem i et skjult partitions bind, så kan hele system drevet ikke blive kryptereret ved hjælp af en enkelt nøgle. + Ydre Bind Krypterings Funktioner + Skjult Bind Krypterings Funktioner + Krypterings Funktioner + ADVARSEL: Kunne ikke slette stien til det senest valgte bind/nøglefil (historik af filgennemsyn)! + Fejl: Beholderen er blevet komprimeret ved filsystem niveau. VeraCrypt understøtter ikke komprimerede beholdere (Bemærk: Komprimering at krypterede data er ueffektivt og overflødig).\n\nSlå venligst komprimering af denne beholder fra ved at følge disse trin: 1) Højreklik på denne beholder i Windows Stifinder (ikke i VeraCrypt). 2) Vælg 'Egenskaber'. 3) I 'Egenskaber' dialog boks, klik 'Avanceret'. 4) I 'Advancede Attributter' dialog boks, slå funktionen 'Komprimer indhold for at spare diskplads' fra og klik 'OK'. 5) I 'Egenskaber' dialog boks, Klik 'OK'. + Fejl i oprettelsen af bind %s + Størrelsen af %s er %.2f bytes + Størrelsen af %s er %.2f KB + Størrelsen af %s er %.2f MB + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + ADVARSEL: Enhed/partition er i brug af operativsystem eller andre applikationer. Formatering af enhed/partition kan medføre data korruption og system ustabilitet.\n\nFortsæt? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + Fejl: Enhed/partition indeholder et filsystem som ikke kunne afbrydes. Filsystemet kan være i brug af operativsystem. Formatering af enhed/partition vil sandsynligvis medføre data korruption og system ustabilitet.\n\nFor at løse dette problem, anbefaler vi at du først sletter paritionen og så genopretter den uden formatering. For at gøre dette, følg disse trin: 1) Højreklik på 'Computer' (eller 'Denne computer') ikonet i 'Start Menuen' og vælg and select 'Administrer'. Vinduet 'Computeradministration' bør da komme frem. 2) I vinduet 'Computeradministration', vælg 'Lager' > 'Diskhåndtering'. 3) Højreklik på den partition du vil kryptere og vælg enten 'slet partition', eller 'slet bind', eller 'slet logisk drev'. 4) Klik 'Ja'. Hvis Windows beder dig om at genstarte computeren, gør dette. Gentag da trin 1 og 2 og fortsæt fra trin 5. 5) Højreklik på området for tildelt/ledig disk plads og vælg enten 'Ny Partition', eller 'Nyt Simpelt Bind', eller 'Nyt logisk drev'. 6) 'Ny Partition hjælp' eller 'Nyt Simpelt Bind hjælp' vinduet burde komme frem nu; følg instruktionerne. På hjælpesiden benævnt 'Formater Partition', vælg enten 'formater ikke denne partition' eller 'formater ikke dette bind'. I samme hjælp, klik 'Næste' og så 'Afslut'. 7) Bemærk at enhedsstien du har valgt i VeraCrypt måske er forkert nu. Derfor, gå ud af VeraCrypt Bind Oprettelseshjælp (hvis den stadig er åben) og så start den igen. 8) Prøv at kryptere enhed/partition igen.\n\nHvis VeraCrypt gentagne gange giver fejl ved kryptering af enhed/partition, måtte du måske overveje at oprette en fil-beholder istedet. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + ADVARSEL: Nogle af de tilsluttede enheder/partitioner er var allerede i brug!\n\nIgnoreres dette kan det medføre uønskede resultater inklusiv system ustabilitet.\n\nVi anbefaler kraftigt at du lukker enhver applikation der måtte bruge enheden/partitionen. + Den valgte enhed indeholder partitioner.\n\nFormatering af enheden kan forårsage system ustabilitet og/eller data korruption. Vælg venligst enten en partition på enheden, eller fjern alle partitioner på enheden for at VeraCrypt kan formatere den sikkert. + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Den ledige plads på drevet %s er %.2f bytes. + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + Kunne ikke finde ledige drev bogstaver. + Fejl: VeraCrypt driver er ikke fundet.\n\nKopier venligst filerne 'veracrypt.sys' og 'veracrypt-x64.sys' til biblioteket hvor VeraCrypt hovedprogrammet (VeraCrypt.exe) er placeret. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Fejl: Ciffer initialiseringsfejl. + Fejl: En svag eller potientiel svag nøgle er detekteret. Nøglen vil blive afvist. Prøv venligst igen. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt Kritisk Fejl + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Krypter + &Dekrypter + &Dekrypter permanent + Afslut + Opret venligst et logisk drev til denne udvidede partition, og prøv igen. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + Vælg lokationen på det VeraCrypt bind hvori du ønsker at oprette et skjult bind. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + Fejl: Kan ikke tilslutte bind. Værts filen/enheden er allerede i brug. Forsøg på at tilslutte uden eksklusiv adgang fejlede også. + Filen kunne ikke åbnes. + Bind placering + Store Filer + Ønsker du at gemme filer større end 4 GB i dette VeraCrypt bind? + Afhængigt af dit valg ovenfor, vil VeraCrypt vælge et passende standard filsystem til dit VeraCrypt bind (du vil være i stand til at vælge et filsystem i det næste trin). + Da du opretter et ydre bind, bør du overveje at vælge 'Nej'. Hvis du vælger 'Ja', vil standard filsystemet blive NTFS, hvilket ikke er så passende til ydre bind som FAT (for eksempel, den maksimalt mulige størrelse på det skjulte bind vil blive væsentligt større hvis det ydre bind er formatteret som FAT). Normalt er FAT standard for både skjulte og normale bind (så FAT bind er ikke så mistænkelige). Dog, hvis brugeren indikerer ønske om at gemme filer større end 4 GB (hvilket FAT filsystemet ikke tillader), så er FAT ikke standard. + Er du sikker på du ønsker at vælge 'Ja'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Bemærk: + &Genoptag + &Udsæt + &Start + &Fortsæt + &Formater + &Wipe + Afbryd formatering? + Vis mere information + Vis ikke dette igen + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + System partitionen/drevet er dekrypteret med succes. + \n\nVeraCrypt bindet er oprettet og klar til brug. Hvis du ønsker at oprette et andet VeraCrypt bind, klik Næste. Ellers, klik Afslut. + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCrypt bindet er oprettet med succes. + Bind Oprettet + VIGTIGT: Bevæg musen så tilfældigt som muligt i dette vindue. Jo længere tid du bevæger den, jo bedre. Dette forbedrer signifikant den kryptografiske styrke på nøglefilen. Klik på Formater for at oprette bindet. + Klik på Formater for at oprette det ydre bind. For mere information, læs venligst dokumentationen. + Ydre Bind Formatering + Skjult Bind Formatering + Bind Formatering + Adobe Reader (eller et kompatibelt værktøj) er nødvendigt for at se eller udskrive VeraCrypt Brugervejledning. Adobe Reader (freeware) kan downloades på: www.adobe.com/dk/\n\nØnsker du at se den online dokumentation istedet? + Hvis du vælger denne mulighed, vil oprettelsesguiden først hjælpe dig med at oprette et normalt VeraCrypt bind og så et skjult VeraCrypt bind deri. Uerfarne brugere bør altid vælge denne mulighed. + Hvis du vælger denne mulighed, vil du oprette et skjult bind i et eksisterende VeraCrypt bind. Det vil formodes at du allerede har oprettet et VeraCrypt bind der er passende som vært til det skjulte bind. + Bind oprettelses tilstand + Skjult Bind oprettet + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + Det ydre bind er blevet oprettet og tilsluttet som drev %hc:. Til dette ydre bind bør du nu kopiere nogle følsomt udseende filer som du egentlig IKKE ønsker at skjule. De vil være der for dem der eventuelt afpresser dig til at afsløre kodeordet for den første partition bag system partitionen, hvor både det ydre og skjulte bind (indeholdende det skjulte operativsystem) vil være placeret. Du vil kunne afsløre kodeordet for dette ydre bind, og eksistensen af det skjulte bind (og det skjulte operativsystem) vil fortsat være hemmeligt.\n\nVIGTIGT: Filerne du kopierer til det ydre bind bør ikke optage mere plads end %s. Ellers er der muligvis ikke nok ledig plads i det ydre bind for det skjulte bind (og du vil ikke være i stand til at fortsætte). Efter du har afsluttet din kopiering, klik Næste (afbryd ikke bindet). + Ydre Bind er oprettet med succes og tilsluttet som drev %hc:. Til dette bind bør du nu kopiere nogle filer over der ser følsomme ud, men som du egentlig ikke ønsker at skjule. Filerne vil så være der hvis nogen aftvinger dig dit kodeord. Du afslører da kun kodeordet for det ydre bind, ikke for det skjulte. De filer du virkelig bekymrer dig om vil være i det skjulte bind, som bliver oprettet senere. Når du er færdig med at kopiere, klik Næste. Afslut ikke bindet.\n\nBemærk: Når du har klikket på Næste, vil klynge bitmap til det ydre bind blive skannet for at afgøre størrelsen af uafbrudt fri plads hvis slutning ligger udenfor slutningen af bindet. Dette område vil indeholde det skjulte bind, så det vil begrænse den maksimale størrelse. Klynge bitmap skanning sikrer at ingen data på det ydre bind overskrives af det skjulte bind. + Ydre bind indeholder + \n\nI de næste trin indstiller du valgmuligheder for det ydre bind (hvori det skjulte bind vil blive oprettet senere). + \n\nI de næste trin, vil du oprette et såkaldt ydre VeraCrypt bind indeni den første partition bag system partition (som blev forklaret i en af de tidligere trin). + Ydre bind + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nBindets cluster bitmap er blevet skannet og den maksimalt mulige størrelse på det skjulte bind er blevet afgjort. I de næste trin vil du vælge indstilling, størrelse, og kodeord for det skjulte bind. + Skjult bind + Det skjulte bind er nu beskyttet mod beskadigelse indtil det ydre bind bliver afbrudt.\n\nADVARSEL: Hvis nogen data forsøges gemt i området for det skjulte bind, vil VeraCrypt igangsætte skrive-beskyttelse af hele bindet (både det ydre og den skjulte del) indtil det bliver afbrudt. Dette kan medføre filsystem korruption på det ydre bind, hvilket (hvis gentaget) uforsætligt kan have indflydelse på den plausible benægtelse af det skjulte bind. Derfor bør du gøre en effektiv indsats for at undgå at gemme i området for det skjulte bind. Alle data gemt i området for det skjulte bind vil ikke blive gemt og vil være mistet. Windows kan rapportere dette som en skrivefejl ("Fejl forsinket skrivning" eller "Parameteren er ukorrekt"). + Ethvert skjult bind indeni det nu tilsluttede bind er nu beskyttet imod beskadigelse indtil det bliver afbrudt.\n\nADVARSEL: Hvis der forsøges at gemme nogen data i området for beskyttede skjulte bind, vil VeraCrypt igangsætte skrive-beskyttelse af hele bindet (både det ydre og den skjulte del) indtil det bliver afbrudt. Dette kan medføre filsystem korruption på det ydre bind, hvilket (hvis gentaget) uforsætligt kan have indflydelse på den plausible benægtelse af det skjulte bind. Derfor bør du gøre en effektiv indsats for at undgå at gemme i området for det skjulte bind. Alle data gemt i området for det skjulte bind vil ikke blive gemt og vil være mistet. Windows kan rapportere dette som en skrivefejl ("Fejl forsinket skrivning" eller "Parameteren er ukorrekt"). + ADVARSEL: Der blev forsøgt at gemme data i området for det skjulte bind tilsluttet som %c:! VeraCrypt forhindrede disse data i at blive gemt for at beskytte det skjulte bind. Dette kan have medført filsystem korruption i det ydre bind og Windows kan have rapporteret en skrivefejl ("Fejl forsinket skrivning" eller "Parameteren er ukorrekt"). Hele bindet (både den ydre og skjulte del) vil blive skrive-beskyttet indtil det bliver afbrudt. Hvis dette ikke er første gang VeraCrypt har beskyttet data i at blive gemt i området for det skjulte bind, kan det uforsætligt have indflydelse på den plausible benægtelse af det skjulte bind (pga. mulig usædvanligt modsigende uoverenstemmelse i det ydre filsystem). Derfor bør du overveje at oprette et nyt VeraCrypt bind (med ekspresformatering slået fra) og flytte filerne fra dette bind til det nye bind; dette bind bør slettes sikkert (både det ydre og den skjulte del). Vi anbefaler kraftigt at du genstarter operativsystemet nu. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Bemærk: Hvis du har behov for at overføre filer sikkert fra aflednings systemet til det skjulte system, følg disse trin: 1) Start aflednings systemet. 2) Gem filerne til et ukrypteret bind eller til et normalt/ydre VeraCrypt bind. 3) Start det skjulte system. 4) Hvis du har gemt filerne til et VeraCrypt bind, tilslut det (det vil automatisk blive tilsluttet som læs-kun). 5) Kopier filerne til den skjulte system partition eller til et andet skjult bind. + Din computer skal genstartes.\n\nØnsker du at genstarte den nu? + En fejl opstod under læsning af system krypterings status. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Kan ikke initialisere applikations komponenter for system kryptering. + Kunne ikke initialisere tilfældigheds nummergenerator! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Kunne ikke initialisere applikationen. Fejl i registrering af Dialog class. + Error: Failed to load the Rich Edit system library. + VeraCrypt Bind Oprettelsesguide + Den maksimale skjulte bind størrelse for dette bind er %.2f bytes. + Den maksimale skjulte bind størrelse for dette bind er %.2f KB. + Den maksimale skjulte bind størrelse for dette bind er %.2f MB. + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + Bind kodeord/nøglefiler kan ikke ændres mens bindet er tilsluttet. Afbryd venligst bindet først. + Etiketnøgle oprindelses algoritmen kan ikke ændres mens bindet er tilsluttet. Afbryd venligst bindet først. + &Tilslut + En nyere version af VeraCrypt kræves for at tilslutte dette bind. + Fejl: Bind Oprettelsesguiden er ikke fundet.\n\nKontroller venligst at 'VeraCrypt Format.exe' er i mappen hvorfra 'VeraCrypt.exe' blev startet. Hvis den ikke er, geninstaller VeraCrypt, eller find 'VeraCrypt Format.exe' på din harddisk og start den. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Næste > + &Afslut + &Installer + U&dpak + Ude i stand til at tilslutte VeraCrypt enhedsdriver. VeraCrypt vil ikke virke hvis enhedsdriveren ikke kører.\n\nBemærk venligst at, pga. et Windows problem, kan det være nødvendigt at logge af eller genstarte systemet førend enhedsdriveren kan lokalisere. + Fejl opstået under indlæsning/forberedelse af skrifttyper. + Drev bogstavet blev ikke fundet eller der blev ikke angivet noget drev bogstav. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Drev bogstav er ikke tilgængeligt. + Ingen fil valgt! + Ingen drev bogstaver tilgængelige. + Ingen ledige drev bogstaver til det ydre bind! Oprettelse af bind kan ikke fortsætte. + Kunne ikke fastsætte din version af operativsystem eller du anvender et usupporteret operativsystem. + Ingen sti valgt! + Ikke nok ledig plads til det skjulte bind! Oprettelse af bind kan ikke fortsætte. + Fejl: Filerne du har kopieret til det ydre bind optager for meget plads. Derfor er der ikke nok plads på det ydre bind til det skjulte bind.\n\nBemærk at det skjulte bind skal være ligeså stort som system partitionen (den partition hvor det nuværende aktive operativsystem er installeret). Grunden er at det skjulte operativsystem er nødt til at blive oprettet ved at kopiere indholdet af system partitionen til det skjulte bind.\n\n\nProcessen ved oprettelse af det skjulte operativsystem kan ikke fortsætte. + Driveren kan ikke afbryde bindet. Enkelte filer i bindet er muligvis stadig åbne. + Bindet kan ikke låses. Der er stadig åbne filer i bindet. Derfor kan det ikke afbrydes. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + Vælg et VeraCrypt Bind + Vælg sti og filnavn + Select PKCS #11 Library + Ikke mere hukommelse + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + ADVARSEL: Filen '%s' eksisterer allerede!\n\nVIGTIGT: VERACRYPT KRYPTERER IKKE FILEN, MEN VIL SLETTE DEN. Er du sikker på du vil slette filen og erstatte den med en ny VeraCrypt beholder? + ADVARSEL: ALLE NUVÆRENDE FILER GEMT PÅ DET VALGTE %s '%s'%s VIL BLIVE SLETTET OG TABT (DE BLIVER IKKE KRYPTERET)!\n\nEr du sikker på du ønsker at fortsætte med formatering? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + FORSIGTIG: ALLE NUVÆRENDE GEMTE FILER PÅ PARTITIONEN '%s'%s (F.EKS. PÅ DEN FØRSTE PARTITION BAG SYSTEM PARTITIONEN) VIL BLIVE SLETTET OG TABT (DE VIL IKKE BLIVE KRYPTERET)!\n\nEr du sikker på du ønsker at fortsætte med formattering? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + Kodeord + PIM + Ændre etiketnøgle oprindelses algoritme + Tilføj/Fjern nøglefiler til/fra Bind + Fjern alle nøglefiler fra Bind + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + VIGTIGT: Hvis du ikke har destrueret din VeraCrypt Nødhjælps Disk, vil dit system partition/drev stadig kunne dekrypteres ved brug af det gamle kodeord (ved at boote på VeraCrypt Nødhjælps Disk og indtaste det gamle kodeord). Du bør oprette en ny VeraCrypt Nødhjælps Disk og så destruere den gamle.\n\nØnsker du at oprette en ny VeraCrypt Nødhjælps Disk? + Bemærk at din VeraCrypt Nødhjælps Disk stadig bruger den tidligere algoritme. Hvis du fornemmer den tidligere algoritme er usikker, bør du oprette en ny VeraCrypt Nødhjælps Disk og så destruere den gamle.\n\nØnsker du at oprette en ny VeraCrypt Nødhjælps Disk? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Nøglefil(er) tilføjet/fjernet med succes. + Keyfile exported. + Etiketnøgle oprindelses algoritme ændret med success. + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + Det er meget vigtigt at du vælger et godt kodeord. Du bør undgå at vælge et der kun indeholder et enkelt ord der kan findes i en ordbog (eller en kombination af 2, 3 eller 4 af sådanne ord). Det bør ikke indeholde nogle navne eller fødselsdatoer. Det skal ikke være nemt at gætte. Et godt kodeord er en tilfældig kombination af store og små bogstaver, tal, og specielle karakterer, så som @ ^ = $ * + osv. Vi anbefaler at du vælger et kodeord der består af mere end 20 karakterer (jo længere, jo bedre). Det maksimalt mulige længde er 64 karakterer. + Vælg venligst et kodeord til det skjulte bind. + Vælg venligst et kodeord til det skjulte operativsystem (f.eks. til det skjulte bind). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + Indtast venligst kodeordet til det bind hvori du ønsker at oprette et skjult bind.\n\nEfter du har klikket Næste, vil VeraCrypt forsøge at tilslutte bindet. Så snart at bindet er tilsluttet, vil dets cluster bitmap bliver skannet for at afgøre størrelsen af det ubrudte område af ledig plads (hvis der er noget) hvis slutning ligger lige med slutningen af bindet. Dette område vil indeholde det skjulte bind og vil derfor begrænse dets maksimale mulige størrelse. Cluster map skanning er nødvendigt for at sikre at ingen data i det ydre bind, vil blive overskrevet af det skjulte bind. + \nVælg venligst et kodeord til det ydre bind. Dette vil være det kodeord som du vil kunne afsløre i det tilfælde du bliver spurgt eller tvunget til at afsløre det.\n\nVIGTIGT: Kodeordet du vælger skal være mærkbart forskelligt fra det du vælger til det skjulte bind.\n\nBemærk: Den maksimalt mulige kodeords længde er på 64 karakterer. + Vælg venligst et kodeord til det ydre bind. Dette vil være det kodeord som du vil kunne afsløre i det tilfælde du bliver spurgt eller tvunget til at afsløre det for den første partition bag system partitionen, hvor både det ydre bind og det skjulte bind (indeholdende det skjulte operativsystem) vil være placeret. Eksistensen af det skjulte bind (og det skjulte operativsystem) vil forblive hemmeligt. Bemærk at kodeordet ikke er til aflednings systemet.\n\nVIGTIGT: Kodeordet du vælger skal være mærkbart forskelligt fra det du vælger til det skjulte bind (dvs. til det skjulte operativsystem). + Ydre Bind kodeord + Skjult Bind kodeord + Kodeord til skjult operativsystem + ADVARSEL: Korte kodeord er lette at bryde ved brug af magtfulde teknikker!\n\nVi anbefaler et kodeord over 20 karakterer. Er du sikker på du vil bruge et kort kodeord? + Bind kodeord + Ukorrekt kodeord eller ikke et VeraCrypt bind. + Ukorrekt nøglefil(er) og/eller kodeord eller ikke et VeraCrypt bind. + Forkert tilslutningstilstand, ukorrekt kodeord, eller ikke et VeraCrypt bind. + Forkert tilslutningstilstand, ukorrekt nøglefil(er) og/eller kodeord, eller ikke et VeraCrypt bind. + Ukorrekt kodeord eller intet VeraCrypt bind fundet. + Ukorrekt nøglefil(er)/kodeord eller intet VeraCrypt bind fundet. + \n\nAdvarsel: Caps Lock er slået til. Dette kan medføre at kodeordet indtastes ukorrekt. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nBemærk: Hvis du forsøger at tilslutte en partition placeret på et krypteret system drev uden før-boot godkendelse eller tilslutte en krypteret system partition fra et operativsystem der ikke kører, kan du gøre dette ved at vælge 'System' > 'Tilslut uden før-Boot Godkendelse'. + I denne tilstand kan du ikke tilslutte en partition placeret på et drev hvis portion er indenfor nøglens rækkevidde af aktiv system kryptering.\n\nFør du kan tilslutte denne partition i denne tilstand, er du nødt til enten at boote et operativsystem installeret på et andet drev (krypteret eller ukrypteret) eller boote på et ukrypteret operativsystem. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Tilbage + Ude af stand til at vise de rå enheder der er installeret på dit system! + Bindet '%s' eksisterer, og er læs-kun. Er du sikker på du vil erstatte det? + Vælg destinationsmappe + Vælg nøglefil + Vælg en nøglefil søgesti. ADVARSEL: Bemærk at kun stien vil blive husket, ikke filnavne! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Designet af Ross Anderson, Eli Biham, og Lars Knudsen. Udgivet i 1998. 256-bit nøgle, 128-bit blok. Driftstilstand er XTS. Serpent var en af AES finalisterne. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Ydre bind størrelse + Skjult bind størrelse + Please verify that the size of the selected device/partition shown above is correct and click Next. + Det ydre bind og det skjulte bind (indeholdende det skjulte operativsystem) vil placeres indeni partition ovenfor. Det bør være den første partition bag system partitionen.\n\nKontroller venligst at størrelsen på partitionen og dets nummer vist ovenfor er korrekte, og hvis de er, klik på Næste. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Bind Størrelse + Dynamisk + ADVARSEL: SELV-TEST FEJLET! + Selv-test af alle algoritmer gennemført + Data enheds nummeret som du har angivet er for langt eller kort. + Den sekundære nøgle som du har angivet er for lang eller kort. + Testen ciffertekst du har angivet er for lang eller kort. + Testen nøgle du har angivet er for lang eller kort. + Testen ren tekst du har angivet er for lang eller kort. + To cifre i kaskade funktion i XTS tilstand. Hver blok bliver først krypteret med %s (%d-bit nøgle) og så med %s (%d-bit nøgle). Hvert ciffer bruger dets egen nøgle. Alle nøgler er indbyrdes uafhængige. + Tre cifre i kaskade funktion i XTS tilstand. Hver blok bliver først krypteret med %s (%d-bit nøgle), og så med %s (%d-bit nøgle), og tilsidst med %s (%d-bit nøgle). Hvert ciffer bruger dets egen nøgle. Alle nøgler er indbyrdes uafhængige. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt Rejse Disk + Designet af Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, og Niels Ferguson. Udgivet i 1998. 256-bit nøgle, 128-bit blok. Drift tilstand er XTS. Twofish var en af AES finalisterne. + Mere information på %s + Ukendt + An unspecified or unknown error occurred (%d). + Nogle bind indeholder filer eller mapper som bliver brugt af andre programmer eller systemet.\n\nGennemtving afbrydelse? + &Afbryd + Afbrydelse er fejlet! + Bindet indeholder filer eller mapper som bliver brugt af andre programmer eller systemet.\n\nGennemtving afbrydelse? + No volume is mounted to the specified drive letter. + Bindet du prøver at tilslutte er allerede tilsluttet. + En fejl opstod under forsøget på at tilslutte bindet. + Fejl i søgning af placering indenfor bind. + Fejl: Ukorrekt bind størrelse. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt kan ikke ændre kodeord for et fremmed bind. + Vælg venligst et ledigt drev bogstav fra listen. + Vælg venligst et tilsluttet bind i drev bogstav listen. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Fejl: Kan ikke oprette autorun.inf + Fejl under bearbejdning af nøglefil! + Fejl under bearbejdning af nøglefil sti! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt supporterer ikke dette operativsystem. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Fejl: Kan ikke tildele hukommelse. + Fejl: Kunne modtage værdien af ydelsestæller. + Fejl: Forkert bind format. + Fejl: Du angav et kodeord til et skjult bind (ikke til et normalt bind). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - Juridiske Bemærkninger + Alle Filer + VeraCrypt Bind + Library Modules + NTFS formatering kan ikke fortsætte. + Kan ikke tilslutte bind. + Kan ikke afbryde bind. + Windows fejlede under formatering af bindet som NTFS.\n\nVælg venligst en anden type filsystem (hvis muligt) og prøv igen. Alternativt kan du lade bindet være uformateret (Vælg 'Ingen' som filsystem), afbryd denne hjælp, tilslut bindet, og brug da enten et system eller 3-parts værktøj til at formatere bindet (bindet vil forblive krypteret). + Windows fejlede under formatering af bindet som NTFS.\n\nØnsker du at formatere bindet som FAT istedet? + Standard + partition + PARTITION + Enhed + device + ENHED + Bind + volume + VOLUME + Label + Den valgte klynge størrelse er for lille til denne størrelse bind. En større klynge størrelse vil blive brugt istedet. + Fejl: Kan ikke hente bind størrelsen!\n\nSørg for at det valgte bind ikke anvendes af systemet eller et andet program. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + VeraCrypt Bind Oprettelsesguide kan kun oprette et skjult bind i FAT eller NTFS bind. + I Windows 2000, kan VeraCrypt Bind Oprettelsesguide kun oprette et skjult bind i FAT bind. + Bemærk: FAT fil systemet er mere passende for ydre bind end NTFS fil systemet (for eksempel, den maksimalt mulige størrelse på et skjult bind ville meget muligt have været betydeligt større hvis det ydre bind havde været formatteret som FAT). + Bemærk at FAT fil systemet er mere passende for ydre bind end NTFS fil systemet. For eksempel, den maksimalt mulige størrelse på det skjulte bind vil meget muligt være betydeligt større hvis det ydre bind bliver formatteret som FAT (grunden er at NTFS fil systemet altid gemmer interne data nøjagtigt i midten af bindet og, derfor kan det skjulte bind kun være i den anden halvdel af det ydre bind).\n\nEr du sikker på du ønsker at formattere det ydre bind som NTFS? + Ønsker du at formattere bindet som FAT istedet? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Fejl: Partitionen for det skjulte operativsystem (dvs. den første partition bag system partitionen) skal være mindst 5% større end system partitionen (system partitionen er den hvor det nuværende kørende operativsystem er installeret). + Fejl: Partitionen for det skjulte operativsystem (dvs. den første partition bag system partitionen) skal være mindst 110% (2.1 gange) større end system partitionen (system partitionen er den hvor det nuværende kørende operativsystem er installeret). Årsagen er den at et NTFS fil system altid gemmer interne data nøjagtigt i midten af bindet og, derfor kan det skjulte bind (som skal indeholde en klon af system partitionen) kun placeres i den anden halvdel af bindet. + Fejl: Hvis det ydre bind er formatteret som NTFS, skal det mindst være 110% (2.1 gange) større end system partitionen. Årsagen er den at et NTFS fil system altid gemmer interne data nøjagtigt i midten af bindet og, derfor kan det skjulte bind (som skal indeholde en klon af system partitionen) kun placeres i den anden halvdel af bindet.\n\nBemærk: Det ydre bind skal være placeret indeni samme partition som det skjulte operativsystem (dvs. indeni den første partition bag system partitionen). + Fejl: Der er ingen partition bag system partitionen.\n\nBemærk at før du kan oprette et skjult operativsystem, skal du oprette en partition til det på system drevet. Det skal være den første partition bag system partitionen og den skal være mindst 5% større end system partitionen (system partitionen er den hvor det nuværende kørende operativsystem er installeret). Derimod, hvis det ydre bind (ikke at forveksle med system partitionen) er formatteret som NTFS, skal partitionen for det skjulte operativsystem være mindst 110% (2.1 gange) større end system partitionen (Årsagen er den at et NTFS fil system altid gemmer interne data nøjagtigt i midten af bindet og, derfor kan det skjulte bind (som skal indeholde en klon af system partitionen) kun placeres i den anden halvdel af partitionen. + Bemærk: Det er ikke praktisk (og derfor heller ikke supporteret) at installere operativsystemer i to VeraCrypt bind der er integreret indeni en enkelt partition, fordi brug af det ydre operativsystem ville ofte kræve at data skulle skrives til området med det skjulte operativsystem (og hvis sådanne skrive opgaver blev forhindret ved brug af skjult bind beskyttelses funktionen, ville det uundgåeligt medføre system nedbrud, dvs. 'Blå Skærm' fejl). + For information om hvordan man opretter og administrerer partitioner, læs venligst dokumentationen som fulgte med dit operativsystem eller kontakt din computer forhandlers tekniske support for yderligere hjælp. + Fejl: Det nuværende kørende operativsystem er ikke installeret på boot partitionen (første Aktive partition). Dette er ikke supporteret. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Fejl: Har ikke adgang til bindet!\n\nSørg for at det valgte bind eksisterer, at det ikke er tilsluttet eller bliver brugt af systemet eller andre programmer, at du har læse/skrive rettighed til bindet, og at det ikke er skrivebeskyttet. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Fejl: Kan ikke afbryde det ydre bind!\n\nBindet kan ikke afbrydes hvis det indeholder filer eller mapper der bliver brugt af et program eller systemet.\n\nLuk venligst alle programmer der måtte bruge filer eller mapper på bindet og klik på Prøv igen. + Fejl: Kan ikke finde information om det ydre bind! Oprettelse af bind kan ikke fortsætte. + Fejl: Har ikke adgang til det ydre bind! Oprettelse af bind kan ikke fortsætte. + Fejl: Kan ikke tilslutte det ydre bind! Oprettelse af bind kan ikke fortsætte. + Fejl: Kan ikke hente bitmap! Oprettelse af bind kan ikke fortsætte. + Alfabetisk/Kategoriseret + Gennemsnits hastighed (Aftagende) + Algoritme + Kryptering + Dekryptering + Gennemsnit + Drev + Størrelse + Krypterings Algoritme + Krypterings Algoritme + Type + Værdi + Egenskaber + Placering + bytes + Skjult + Ydre + Normal + System + Skjult (system) + Læs-kun + System drev + System drev (krypterer - %.2f%% færdiggjort) + System drev (dekrypterer - %.2f%% færdiggjort) + System drev (%.2f%% krypteret) + System partition + Skjult system partition + System partition (krypterer - %.2f%% færdiggjort) + System partition (dekrypterer - %.2f%% færdiggjort) + System partition (%.2f%% krypteret) + Ja (Skade undgået!) + Ingen + Primær Nøgle Størrelse + Sekundær Nøgle Størrelse (XTS Tilstand) + Klemt Nøgle Størrelse (LRW Tilstand) + bits + Blok størrelse + PKCS-5 PRF + PKCS-5 gentagelse talt + Bind oprettet + Etiket sidst ændret + (%I64d dage siden) + Bind Formatterings Version + Implementeret Backup Header + VeraCrypt Boot Loader Version + Først tilgængelige + Removable Disk + Harddisk + Uændret + Autodetection + Oprettelsesguide Tilstand + Vælg en af tilstandende. Hvis du ikke er sikker på hvilken du skal vælge, brug da standard tilstand. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Indstillings Muligheder + Her kan du indstille forskellige muligheder for at kontrollere installations processen. + Installerer + Vent venligst mens VeraCrypt bliver installeret. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Udpaknings Muligheder + Her kan du indstille forskellige muligheder for at kontrollere udpaknings processen. + Vent venligst mens filerne bliver udpakket. + Files successfully extracted + Alle filer er blevet udpakket med succes på destinations placeringen. + Hvis den ønskede mappe ikke findes, vil den blive oprettet automatisk. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Ønsker du at se udgivelsesnoter for den nuværende (seneste stabile) version af VeraCrypt? + Hvis du aldrig før har brugt VeraCrypt, anbefaler vi at du læser kapitlet Begyndervejledning i VeraCrypt Brugervejledningen. Ønsker du at se vejledningen? + Vælg venligst en handling der skal udføres udfra følgende: + Reparer/geninstaller + Upgrade + Afinstaller + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installation kører nu på dette system og udfører eller forbereder installation eller opdatering af VeraCrypt. Før du fortsætter, vent venligst til det afsluttes eller luk det. Hvis du ikke kan lukke det, genstart venligst din computer før du fortsætter. + Fejl under installation. + Fejl under afinstallation. + Denne distributions pakke er beskadiget. Prøv venligst at downloade den igen (helst fra det officielle VeraCrypt websted på https://veracrypt.codeplex.com). + Kan ikke skrive fil %s + Udpakker + Kan ikke læse data fra pakken. + Kan ikke kontrollere integriteten på denne distributions pakke. + Fejl i udpakning. + Installationen er trukket tilbage. + VeraCrypt er installeret med succes. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt er afinstalleret med succes.\n\nKlik 'Afslut' for at fjerne VeraCrypt installer og mappen %s. Bemærk at mappen ikke vil blive fjernet hvis den indeholder filer der blev installeret af VeraCrypt installer eller blev oprettet af VeraCrypt. + Fjerner VeraCrypt i registreringsdatabasen + Tilføjer i registreringsdatabasen + Fjerner applikations-specifikke data + Installerer + Stopper + Fjerner + Tilføjer ikon + Opretter system gendannelsespunkt + Oprettelse af system gendannelsespunkt mislykket! + Opdaterer boot loader + Kunne ikke installere '%s'. %s Ønsker du at fortsætte installationen? + Kunne ikke afinstallere '%s'. %s Ønsker du at fortsætte afinstallationen? + Installationen fuldført. + Mappen '%s' kunne ikke oprettes + VeraCrypt enhedsdriveren kan ikke frakobles.\n\nLuk venligst alle åbne VeraCrypt vinduer først. Hvis dette ikke hjælper, genstart venligst Windows og prøv igen. + Alle VeraCrypt bind skal afbrydes inden installation eller afinstallation af VeraCrypt. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + Installation i registringsdatabasen er mislykket + Installation af enhedsdriver er mislykket. Genstart venligst Windows og prøv at installere VeraCrypt igen. + Starter VeraCrypt enhedsdriver + Fejl i afinstallation af enhedsdriver. Bemærk venligst at, på grund af et Windows problem, kan det være nødvendigt at logge af eller genstarte systemet førend at enhedsdriveren kan afinstalleres (eller geninstalleres). + Installerer VeraCrypt enhedsdriver + Stopper VeraCrypt enhedsdriver + Afinstallerer VeraCrypt enhedsdriver + Registrering af Brugerkonto kontrolsupport bibliotek er mislykket. + Afregistrering af Brugerkonto kontrolsupport bibliotek er mislykket. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + Fejl: Kan ikke vise licensen. + Ydre(!) + dage + timer + minutter + sekunder + Åben + Afbryd + Vis VeraCrypt + Skjul VeraCrypt + Data læst siden tilslutning + Data skrevet siden tilslutning + Krypteret Mængde + 100% (fuldt krypteret) + 0% (ikke krypteret) + %.3f%% + 100% + Afventer + Preparing + Resizing + Krypterer + Dekrypterer + Finalizing + Pause + Afsluttet + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Skriv kodeord til %s + Enter password for '%s' + Indtast kodeord for det normale/ydre bind + Indtast kodeord for det skjulte bind + Indtast kodeord for header gemt i backup filen + Nøglefil er oprettet med succes. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + ADVARSEL: Etikettet på dette bind er beskadiget! VeraCrypt brugte automatisk det backup af bind etiketten der er implementeret i bindet.\n\nDu bør reparere bind etiketten ved at vælge 'Værktøjer' > 'Gendan Bind Etiket'. + Backup af bind etiket er udført med succes.\n\nVIGTIGT: Gendannelse af bind etiket med dette backup vil også gendanne det nuværende binds kodeord. Derudover, hvis nøglefil(er) er nødvendige for at tilslutte bindet, vil de samme nøglefil(er) være nødvendige for at tilslutte bindet igen når bind etiketten gendannes.\n\nADVARSEL: Denne backup af bind etiket kan KUN bruges til at gendanne etiket for dette bestemte bind. Hvis du bruger denne etiket backup til at gendanne en etiket for et andet bind, vil du kunne tilslutte bindet, men du vil ikke være i stand til at dekryptere nogen data på bindet (fordi du vil ændre dets hovednøgle). + Bindets etiket er blevet gendannet med succes.\n\nVIGTIGT: Bemærk venligst at et gammelt kodeord også kan være gendannet. Derudover, hvis nøglefil(er) var nødvendig til at tilslutte bindet da backup var lavet, vil de samme nøglefil(er) nu være nødvendige for at tilslutte bindet igen. + Af sikkerheds årsager, vil du være nødt til at indtaste det korrekte kodeord (og/eller tilføje de korrekte nøglefiler) til bindet.\n\nBemærk: Hvis bindet indeholder et skjult bind, vil du være nødt til at indtaste det korrekte kodeord (og/eller tilføje de korrekte nøglefiler) for det ydre bind først. Bagefter, hvis du ønsker at lave back up af etiketten på det skjulte bind, vil du være nødt til at indtaste det korrekte kodeord (og/eller tilføje de korrekte nøglefiler) for det skjulte bind. + Er du sikker på du ønsker at oprette bind etiket backup for %s?\n\nEfter du har klikket Ja, vil du blive spurgt om et filnavn for etiket backup.\n\nBemærk: Både standard og det skjulte binds etiketter vil blive gen-krypteret ved brug af en ny pulje og gemt i backup filen. Hvis der ikke er noget skjult bind i dette bind, bliver området reserveret for det skjulte binds etiket i backup filen udfyldt med tilfældig data (for at bevare den troværdige benægtelse). Ved gendannelse af en bind etiket fra backup filen, vil du være nødt til at indtaste det korrekte kodeord (og/eller tilføje de korrekte nøglefiler) som var gældende da bind etiket backuppen blev oprettet. Kodeordet (og/eller nøglefiler) vil også automatisk bestemme typen af bind etiketten der skal gendannes, dvs. standard eller skjult (bemærk at VeraCrypt bestemmer typen gennem en proces med prøver og fejl). + Er du sikker på du ønsker at gendanne bind etiketten for %s?\n\nADVARSEL: Gendannelse af bind etiketter gendanner også det bind kodeord der var gældende da backup blev foretaget. Ydermere, hvis nøglefil(er) var påkrævet for at tilslutte bindet da backup blev foretaget, vil de samme nøglefiler være nødvendige for at tilslutte bindet igen efter bind etiketten er gendannet.\n\nEfter du har klikket Ja, kan du vælge backup etiket filen. + Indeholder bindet et skjult bind? + Bindet indeholder et skjult bind + Bindet indeholder ikke et skjult bind + Vælg venligst typen af bind etiket backup du ønsker at bruge: + Gendan bind etiket fra den indbyggede backup i bindet + Gendan bind etiket fra en ekstern backup fil + Størrelsen af bind etiket backup filen er ukorrekt. + Der er ingen backup etiket indbygget i dette bind (bemærk at kun bind oprettet med VeraCrypt 6.0 eller senere indeholder indbyggede backup etiketter). + Du forsøger at lave backup af etiket for system partition/drevet. Dette er ikke tilladt. Backup/gendan funktioner angående system partition/drev kan kun udføres ved hjælp af VeraCrypt Nødhjælps Disk.\n\nØnsker du at oprette en VeraCrypt Nødhjælps Disk? + Du forsøger at gendanne en etiket for et virtuelt VeraCrypt bind men du valgte system partition/drev. Dette er ikke tilladt. Backup/gendan funktioner angående system partition/drev kan kun udføres ved hjælp af VeraCrypt Nødhjælps Disk.\n\nØnsker du at oprette en VeraCrypt Nødhjælps Disk? + Efter du har klikket OK, skal du vælge et filnavn til det nye VeraCrypt Nødhjælps Disk ISO billede og placeringen hvor du ønsker at placere det. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Indsæt venligst din VeraCrypt Nødhjælps Disk i dit CD/DVD drev og klik på OK for at kontrollere den. + VeraCrypt Nødhjælps Disk er blevet kontrolleret med succes. + Kan ikke kontrollere at Nødhjælps Disk er blevet korrekt brændt.\n\nHvis du har brændt Nødhjælps Disk, vær venlig at tage CD/DVD ud og sætte den i igen; prøv så igen. Hvis dette ikke hjælper, prøv venligst en anden CD/DVD optager software og/eller medie.\n\nHvis du forsøgte at kontrollere en VeraCrypt Nødhjælps Disk oprettet med en anden hovednøgle, kodeord, salt, osv., bemærk venligst at en sådan Nødhjælps Disk altid vil fejle denne kontrol. For at oprette en ny Nødhjælps Disk der er fuld ud kompatibel med din nuværende konfiguration, vælg 'System' > 'Opret Nødhjælps Disk'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Fejl i oprettelsen af VeraCrypt Nødhjælps Disk. + VeraCrypt Nødhjælps Disk kan ikke oprettes når et skjult operativsystem kører.\n\nFor at oprette en VeraCrypt Nødhjælps Disk, boot op på aflednings operativsystemet og vælg så 'System' > 'Opret Nødhjælps Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Afbryd venligst bindet før der fortsættes. + Fejl: Kan ikke indstille timer. + Kontroller Filsystem + Reparer Filsystem + Add to Favorites... + Add to System Favorites... + P&roperties... + Skjult Bind beskyttet + N/A + Ja + Nej + Disabled + 1 + 2 eller flere + Driftstilstand + Label: + Size: + Path: + Drive Letter: + Fejl: Kodeord må kun indeholde ASCII karakterer.\n\nIkke-ASCII karakterer i kodeord kan forårsage at bindet vil være umuligt at tilslutte når dine system indstillinger ændres.\n\nFølgende karakterer kan anvendes:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Advarsel: Kodeord indeholder ikke-ASCII karakterer. Dettekan forårsage at bindet vil være umuligt at tilslutte når dine system indstillinger ændres.\n\nDu bør udskifte alle ikke-ASCII karakterer i kodeordet med ASCII. For at gøre dette klik 'Bind' -> 'Ændre Bind Kodeord'.\n\nFølgende er ASCII karakterer:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Hjemmeside + ADVARSEL: Tilsyneladende har du ikke Service Packs i din Windows XP installation. Du bør ikke gemme på IDE diske større end 128 GB under Windows XP hvor du ikke har tilføjet Service Pack 1 eller nyere! Hvis du gør, vil data på disken (uanset om det er et VeraCrypt bind eller ej) blive ødelagt. Bemærk at dette er en begrænsning i Windows, ikke en fejl i VeraCrypt. + ADVARSEL: Tilsyneladende har du ikke Service Pack 3 eller nyere i din Windows installation. Du bør ikke gemme på IDE diske større end 128 GB under Windows 2000 hvor du ikke har tilføjet Service Pack 3 eller nyere! Hvis du gør, vil data på disken (uanset om det er et VeraCrypt bind eller ej) blive ødelagt. Bemærk at dette er en begrænsning i Windows, ikke en begræsning i VeraCrypt.\n\nBemærk: Måske er det også nødvendigt at aktivere 48-bit LBA support i registreringsdatabasen; for mere information, se http://support.microsoft.com/kb/305098/EN-US + ADVARSEL: 48-bit LBA ATAPI support er slået fra i dit system. Derfor bør du ikke skrive til IDE diske større end 128 GB! Hvis du gør, vil data på disken (uanset om det er et VeraCrypt bind eller ej) blive ødelagt. Bemærk at dette er en begrænsning i Windows, ikke en begræsning i VeraCrypt.\n\nFor at aktivere 48-bit LBA support, tilføj 'EnableBigLba' registreringsværdien i registreringsnøglen HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters og sæt den til 1.\n\nFor yderligere information, se http://support.microsoft.com/kb/305098 + Fejl: Filer større end 4 GB kan ikke gemmes på et FAT32 fil system. Derfor kan fil-baserede VeraCrypt bind (beholdere) gemt på et FAT32 fil ikke være større end 4 GB.\n\nHvis du har behov for et større bind, opret det da som et NTFS fil system (eller, hvis du bruger Windows Vista SP1 eller nyere, på et exFAT fil system) eller, istedet for at oprette et fil-baseret bind, krypter en hel partition eller enhed. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + ADVARSEL: Hvis du ønsker at kunne tilføje data/filer til det ydre bind i fremtiden, bør du overveje at vælge en mindre størrelse for det skjulte bind.\n\nEr du sikker på du ønsker at fortsætte med den valgte størrelse? + Ingen bind valgt.\n\nKlik 'Vælg Enhed' eller 'Vælg Fil' for at vælge et VeraCrypt bind. + Ingen partition valgt.\n\nKlik 'Vælg Enhed' for at vælge en afbrudt partition der normalt kræver før-boot godkendelse (for eksempel, en partition placeret på et krypteret system drev af et andet operativsystem, som ikke kører, eller en krypteret system partition af et andet operativsystem).\n\nBemærk: Den valgte partition vil blive tilsluttet som et almindeligt VeraCrypt bind uden før-boot godkendelse. Dette er brugbart f.eks. ved backup eller reparationsarbejde. + ADVARSEL: Hvis standard nøglefiler er valgt og aktiveret, vil bind der ikke bruger disse nøglefiler være umulige at tilslutte. Derfor, efter du har aktiveret standard nøglefiler, husk at fjerne markeringen udfor 'Brug nøglefiler' afmærkningsboksen (under et kodeords indtastningsfelt) når du tilslutter sådanne bind.\n\nEr du sikker på du ønsker at gemme de valgte nøglefiler/stier som standard? + Auto-Tilslut Enheder + Afbryd alle + Ryd hukommelse + Dismount All & Wipe Cache + Gennemtving afbrydelse af alle & Ryd hukommelse + Gennemtving afbrydelse af alle, Ryd hukommelse & Afslut + Tilslut Favorit Bind + Vis/Skjul Hoved VeraCrypt Vindue + (Klik her og tryk på en tast) + Handling + Genvej + Fejl: Denne genvej er reserveret. Vælg venligst en anden. + Fejl: Genvejen er allerede i brug. + ADVARSEL: En eller flere VeraCrypt system-tilgængelige genvejstaster vil ikke virke!\n\nKontroller venligst at andre applikationer og operativsystem ikke benytter samme genvej(e) som VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + En fejl eller ukompatibilitet forhindrer VeraCrypt fra at kryptere dvale filen. Derfor er dvale forhindret.\n\nBemærk: Når en computer går i dvale (eller går i strømbesparende tilstand), bliver indholdet i system hukommelsen skrevet til en dvale opbevarings fil der gemmes på system drevet. VeraCrypt ville ikke være i stand til at forhindre krypterings nøgler og indhold i følsomme filer der er åbne i RAM fra at blive gemt ukrypteret til dvale opbevarings filen. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + ADVARSEL: Hvis denne funktion deaktiveres, vil bind der indeholder åbne filer/mapper ikke være mulige at auto-tilslutte.\n\nEr du sikker på du vil deaktivere denne funktion? + ADVARSEL: Bind der indeholder åbne filer/mapper vil IKKE blive auto-afbrudt.\n\nFor at undgå dette, aktiver den følgende funktion i dette dialog vindue: 'Udfør auto-afbryd selv om bindet indeholder åbne filer eller mapper' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + Du har planlagt en krypterings eller dekrypterings proces af system partition/drev. Processen er endnu ikke blevet fuldført.\n\nØnsker du at starte (genoptage) processen nu? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Du har skemalagt processen for kryptering eller dekryptering af system partition/drev. Imidlertid opstod der fejl på før-boot godkendelsen (eller den blev sprunget over).\n\nBemærk: Hvis du dekrypterede system partition/drev i før-boot miljøet, kan det være nødvendigt du afslutter processen ved at vælge 'System' > 'Dekrypter System Partition/Drev Permanent' fra menulinien i hovedvinduet af VeraCrypt. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Afslut? + VeraCrypt har ikke nok information til at afgøre om der skal krypteres eller dekrypteres. + VeraCrypt har ikke nok information til at afgøre om der skal krypteres eller dekrypteres.\n\nBemærk: Hvis du har dekrypteret system partition/drev i før-boot miljøet, kan det være nødvendigt at du afslutter processen ved at klikke på Dekrypter. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Ønsker du at afbryde og udskyde processen med kryptering af system partition/drev?\n\nBemærk: Du vil være i stand til at genoptage processen og den vil fortsætte fra det sted den blev stoppet. Du kan gøre dette ved f.eks. ved at vælge 'System' > 'Genoptag Afbrudt Proces' fra menulinien i hovedvinduet i VeraCrypt. Hvis du ønsker permanent at afbryde eller tilbageføre krypterings processen, vælg 'System' > 'Dekrypter System Partition/Drev Permanent'. + Ønsker du at afbryde og udskyde processen med dekryptering af system partition/drev?\n\nBemærk: Du vil være i stand til at genoptage processen og den vil fortsætte fra det sted den blev stoppet. Du kan gøre dette ved f.eks. ved at vælge 'System' > 'Genoptag Afbrudt Proces' fra menulinien i hovedvinduet i VeraCrypt. Hvis du ønsker at tilbageføre dekrypterings processen (og påbegynde kryptering), vælg 'System' > 'Krypter System Partition/Drev'. + Fejl: Kunne ikke afbryde processen med kryptering/dekryptering af system partition/drev. + Error: Failed to interrupt the process of wiping. + Fejl: Kunne ikke genoptage processen med kryptering/dekryptering af system partition/drev. + Error: Failed to start the process of wiping. + Uoverensstemmelse løst.\n\n\n(Hvis du ønsker at rapportere en fejl i denne forbindelse, inkluder venligst følgende tekniske information i fejlrapporten: %hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + ADVARSEL: VeraCrypt baggrundsopgaver er slået fra. Efter du afslutter VeraCrypt, vil du ikke blive gjort opmærksom på om skade på det skjulte bind er undgået.\n\nBemærk: Du kan nårsomhelst lukke baggrundsopgaver ned ved at højreklikke på VeraCrypt ikonet i systembakken, og klikke på 'Afslut'.\n\nAktiver VeraCrypt Baggrundsopgaver? + Sprogpakke version: %s + Kontrollerer fil systemet på VeraCrypt bindet tilsluttet som %s... + Prøver at reparere filsystemet på det VeraCrypt bind der er tilsluttet som %s. + Advarsel: Dette bind er krypteret med en ældre algoritme.\n\nAlle 64-bit-blok krypterings algoritmer (f.eks., Blowfish, CAST-128, eller Triple DES) foretrækkes ikke. Det vil være muligt at tilslutte disse bind med fremtidige versioner af VeraCrypt. Dog vil der fremover ikke komme flere forbedringer til udførelsen af disse ældre krypterings algoritmer. Vi anbefaler at du opretter et nyt VeraCrypt bind krypteret med 128-bit-blok krypterings algorithmer (f.eks., AES, Serpent, Twofish, osv.) og at du flytter alle filer til dette nye bind. + Dit system er ikke konfigureret til automatisk at tilslutte nye bind. Det kan være umuligt at tilslutte enhedsbaserede VeraCrypt bind. Automatisk tilslutning kan konfigureres ved at køre denne kommando og genstarte systemet.\n\nmountvol.exe /E + Tildel venligst et drev bogstav til partitionen/enheden før du fortsætter ('Kontrolpanel' > 'Ydelse og Vedligeholdelse' > 'Administration' - 'Computeradministration / Diskhåndtering').\n\nBemærk at dette er afhængig af det anvendte operativsystem. + Tilslut VeraCrypt Bind + Afbryd alle VeraCrypt Bind + VeraCrypt fejl i at opnå administrator rettighed. + Adgang nægtet af operativsystem.\n\nMulig årsag: Operativsystemet kræver at du har læse/skrive tilladelse (eller administrations rettigheder) for bestemte mapper, filer, og enheder, for at du kan få tilladelse til at læse og skrive data til/fra dem. Normalt kan en bruger uden administrator rettigheder godt oprette, læse og redigere filer i brugerens dokumentmappe. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + VeraCrypt Boot Loader kræver mindst 32 KBytes ledig disk plads i begyndelsen af system drevet (VeraCrypt Boot Loader kræver at det skal gemmes i det område). Desværre imødekommer dit drev ikke denne tilstand.\n\nVær venlig IKKE at rapportere dette som en fejl/problem i VeraCrypt. For at løse dette problem, vil du skulle partitionere din disk igen og lade de første 32 KBytes af din disk være fri (i de fleste tilfælde, vil du være nødt til at slette og genoprette den første partition). Vi anbefaler at du bruger Microsoft partition manager som er tilgængelig f.eks. når du installerer Windows. + Funktionen er ikke supporteret i denne version af det operativsystem du nu benytter. + VeraCrypt supporterer ikke kryptering af en system partition/drev i denne version af operativsystem du nu benytter. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Dit system drev har en GUID partitions tabel (GPT). For tiden er kun drev med en MBR partitions tabel supporteret. + FORSIGTIG: VeraCrypt Boot Loader er allerede installeret på dit system drev!\n\nDet er muligt at et andet system på din computer allerede er krypteret.\n\nADVARSEL: FORTSÆTTELSE MED KRYPTERING AF DET NUVÆRENDE KØRENDE SYSTEM VIL KUNNE GØRE ANDRE SYSTEMER UMULIGE AT STARTE OG RELATERET DATA UTILGÆNGELIGT.\n\nEr du sikker på du ønsker at fortsætte? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + Den originale system loader kan ikke gemmes på Nødhjælps Disk (mulig årsag: manglende backup fil). + Kunne ikke skrive MBR sektor.\n\nDin BIOS er muligvis konfigureret til at beskytte MBR sektoren. Tjek din BIOS indstilling (tryk F2, Delete, eller Esc, efter du har tændt din computer) for MBR/antivirus beskyttelse. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + Dit system partition/drev ser ud til at være helt krypteret. + VeraCrypt supporterer ikke kryptering af system drev der er blevet konverteret til en dynamisk disk. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Ønsker du at kryptere system partitionen istedet for hele drevet?\n\nBemærk at du kan oprette partition-værts baserede VeraCrypt bind inden i enhver ikke-system partition på drevet (foruden at kryptere system partitionen). + Da dit system drev kun indeholder en enkelt partition som optager hele drevet, vil det være at foretrække (mere sikkert) at kryptere hele drevet inklusiv den ledige "rest" plads der typisk omgiver sådan en partition.\n\nØnsker du at kryptere hele system drevet? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Advarsel: Der er uallokeret område mellem system partition og den første partition bag den. Efter du har oprettet det skjulte operativsystem, må du ikke oprette nogle nye partitioner i det uallokerede område. Ellers vil det skjulte operativsystem være umuligt at boote (indtil du sletter sådanne nyoprettede partitioner). + Denne algoritme er for tiden ikke supporteret til system kryptering. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + Advarsel: VeraCrypt kunne ikke gendanne det originale keyboard layout. Dette kan medføre at du indtaster et kodeord ukorrekt. + Fejl: Kan ikke indstille keyboard layoutet for VeraCrypt til standard US keyboard layout.\n\nBemærk at kodeordet skal indtastes i før-boot miljøet (før Windows starter) hvor ikke-US Windows keyboard layouts ikke er tilgængelige. Derfor skal kodeordet altid skrives ved brug af standard US keyboard layout. + Da VeraCrypt midlertidigt har ændret keyboard layout til standard US keyboard layout, det er ikke muligt at indtaste karakterer ved trykke på taster mens den højre Alt tast holdes nede. Derimod kan du indtaste de fleste af disse karakterer, ved at trykke de passende taster mens Shift tasten holdes nede. + VeraCrypt forhindrede ændring af keyboard layout. + Bemærk: Kodeordet skal indtastes i før-boot miljøet (før Windows starter) hvor ikke-US Windows keyboard layouts ikke er tilgængelige. Derfor, bør kodeordet altid indtastes ved brug af standard US keyboard layout. Derimod er det vigtigt at bemærke at du IKKE behøver et rigtigt US keyboard. VeraCrypt sikrer automatisk at du roligt kan indtaste kodeordet (lige nu og i før-boot miljøet) selv om du ikke har et rigtigt US keyboard. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + ADVARSEL: Hvis du allerede har oprettet en VeraCrypt Nødhjælps Disk tidligere, kan den ikke genbruges til denne system partition/drev fordi den blev oprettet med en anden hoved nøgle! Hver gang du krypterer en system partition/drev, skal du oprette en ny VeraCrypt Nødhjælps Disk for den, selv om du anvender samme kodeord. + Fejl: Kan ikke gemme system krypterings indstillinger. + Kan ikke påbegynde system krypterings første test. + Kan ikke påbegynde processen med at oprette det skjulte operativsystem. + Udviske Tilstand + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + Ingen (hurtigst) + 1-pass (random data) + 3-passager (US DoD 5220.22-M) + 7-passager (US DoD 5220.22-M) + 35-pass ("Gutmann") + 256-pass + Antal Operativsystemer + ADVARSEL: Uerfarne brugere bør aldrig forsøge at kryptere Windows i multi-boot konfigurationer.\n\nFortsæt? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Boot Drev + Er det nuværende kørende operativsystem installeret på boot drevet?\n\nBemærk: Nogle gange er Windows ikke installeret på samme drev som Windows boot loader (boot partition). Hvis dette er tilfældet, vælg 'Nej'. + VeraCrypt supporterer for tiden ikke kryptering af operativsystemer der ikke booter fra drevet hvorpå det er installeret. + Antal System Drev + Hvor mange drev indeholder et operativsystem?\n\nBemærk: For eksempel, hvis du har et operativsystem (f.eks. Windows, Mac OS X, Linux, osv.) installeret på dit primære drev og et andet operativsystem installeret på dit sekundære drev, vælg '2 eller flere'. + VeraCrypt supporterer for tiden ikke kryptering af et helt drev der indeholder flere operativsystemer.\n\nMulige løsninger:\n\n- Du kan stadig kryptere et af systemerne hvis du går tilbage og vælger kun at kryptere en enkelt system partition (sat op imod at vælge at kryptere hele system drevet).\n\n- Alternativt, vil du være i stand til at kryptere hele drevet hvis du flytter nogel af systemerne til andre drev og kun beholder et system på det drev du ønsker at kryptere. + Flere Systemer på et Drev + Er der andre operativsystemer installeret på drevet hvorfra det nu kørende operativsystem er installeret?\n\nBemærk: For eksempel, hvis det nu kørende operativsystem er installeret på drevet #0, som indeholder flere partitioner, og hvis en af partitionerne indeholder Windows og en anden partition indeholder et operativsystem yderligere (f.eks. Windows, Mac OS X, Linux, osv.), vælg 'Ja'. + Ikke-Windows Boot Loader + Er der installeret en ikke-Windows boot loader (eller boot manager) i master boot record (MBR)?\n\nBemærk: For eksempel, hvis det første spor på boot drevet indeholder GRUB, LILO, XOSL, eller en anden ikke-Windows boot manager (eller boot loader), vælg 'Ja'. + Multi-Boot + VeraCrypt supporterer for tiden ikke multi-boot konfigurationer hvor en ikke-Windows boot loader er installeret i Master Boot Record.\n\nMulige løsninger:\n\n- Hvis du anvender en boot manager til at boote Windows og Linux, flyt da boot manageren (typisk, GRUB) fra Master Boot Record til en partition. Start da dette hjælpeprogram igen og krypter system partition/drev. Bemærk at VeraCrypt Boot Loader vil blive din primære boot manager og det vil tillade dig at opstarte den originale boot manager (f.eks. GRUB) som din sekundære boot manager (ved at trykke på Esc i VeraCrypt Boot Loader skærmbilledet) og således vil du være i stand til at boote Linux. + Hvis det nuværende kørende operativsystem er installeret på boot partitionen, så vil du efter at have krypteret det, være nødt til at indtaste korrekt kodeord selv om du ønsker at starte et andet ukrypteret Windows system(er) (da de vil dele en krypteret Windows boot loader/manager).\n\nDerimod, hvis det nuværende kørende operativsystem ikke er installeret på boot partitionen (eller hvis Windows boot loader/manager ikke bliver brugt at noget andet system), så vil du efter at have krypteret dette system, ikke skulle indtaste korrekt kodeord for at boote det andet ukrypterede system(er) -- du vil kun skulle trykke på Esc tasten for at starte det ukrypterede system (hvis der er flere ukrypterede systemer, vil du også skulle vælge hvilket system der skal startes i VeraCrypt Boot Manager menuen).\n\nBemærk: Typisk er det tidligst installerede Windows system installeret på boot partitionen. + Kryptering af værts beskyttet område + Sidst på mange drev er der et område der normalt er skjult for operativsystemet (sådanne områder kaldes normalt Værts Beskyttede Områder). Det er dog muligt for nogle programmer at læse og skrive data til/fra disse områder.\n\nADVARSEL: Nogle computer fabrikanter kan bruge disse områder til at gemme værktøjer og data til RAID, system gendannelse, system setup, diagnostisering, eller andre formål. Hvis sådanne værtøjer eller data skal være tilgængelige før boot, bør det skjulte område IKKE krypteres (vælg 'Nej' ovenfor).\n\nØnsker du at VeraCrypt skal detektere og kryptere sådan et skjult område (hvis det findes) sidst på system drevet? + Type af System Kryptering + Vælg dette hvis du ønsker at kryptere system partitionen eller hele system drevet. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Skjult Operativsystem + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + Detekterer Skjulte Sektorer + Vent venligst mens VeraCrypt detekterer mulige skjulte sectorer sidst på system drevet. Bemærk at det kan tage lang tid at fuldføre.\n\nBemærk: I meget sjældne tilfælde, på nogle computere, kan systemet blive låst og ikke svare under denne detektions process. Hvis dette sker, genstart computeren, start VeraCrypt, gentag de tidligere trin men spring over denne detektions process. Bemærk at dette ikke er forårsaget af en fejl i VeraCrypt. + Område til kryptering + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Indsamler tilfældig data + Generede nøgler + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Optager nødhjælps disk + Nødhjælps Disk Oprettet + System krypterings første test + Nødhjælps disk kontrolleret + \nVeraCrypt Nødhjælps disk er blevet kontrolleret med succes. Fjern den venligst fra drevet nu og opbevar den på et sikkert sted.\n\nKlik Næste for at fortsætte. + ADVARSEL: Under de næste trin må VeraCrypt Nødhjælps Disk ikke være i drevet. Ellers vil det ikke være muligt at gennemføre trinene korrekt.\n\nFjern den venligst fra drevet nu og gem den på et sikkert sted. Klik så på OK. + Advarsel: På grund af tekniske begrænsninger i før boot miljøet, vil tekster vist af VeraCrypt i før boot miljøet (dvs. før Windows starter) ikke blive lokaliseret. VeraCrypt Boot Loader bruger interface er helt på Engelsk.\n\nFortsæt? + Før kryptering af din system partition eller drev, er det nødvendigt at VeraCrypt kontrollerer at alting virker korrekt.\n\nEfter du klikker på Test, vil alle de nødvendige komponenter (for eksempel, før-boot godkendelses komponent, VeraCrypt Boot Loader) blive installeret og din computerer vil blive genstartet. Så skal du indtaste dit kodeord i VeraCrypt Boot Loader skærmbilledet der kommer frem før Windows starter. Efter Windows er startet, vil du automatisk blive informeret omkring resultetet af denne indledende test.\n\nDen følgende enhed bliver modificeret: Drev #%d\n\n\nHvis du klikker på Fortryd nu, vil ingenting blive indstalleret og den indledende test vil ikke blive udført. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Indledende test fuldført + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Ønsker du at afbryde hele processen med at oprette det skjulte operativsystem?\n\nBemærk: Du vil IKKE være i stand til at fortsætte processen hvis du afbryder nu. + Ønsker du at afbryde system krypteringens indledende test? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + System partition/drev ser ikke ud til at være krypteret (hverken delvist eller helt). + Det system partition/drev er krypteret (delvist eller helt).\n\nDekrypter venligst dit system partition/drev helt før du fortsætter. For at gøre dette, vælg 'System' > 'Dekrypter System Partition/Drev Permanent' fra menulinien i VeraCrypt hovedvinduet. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Dit system partition/drev bliver nu krypteret, dekrypteret, eller ændret på anden måde. Afbryd venligst kryptering/dekryptering/modifikations processen (eller vent til den er fuldført) før du fortsætter. + Et eksemplar af VeraCrypt Bind Oprettelsesguide kører nu på systemet og udfører eller forbereder kryptering/dekryptering af system partition/drev. Før du fortsætter, vent venligst på det afslutter eller luk det. Hvis du ikke kan lukke det, genstart venligst din computer før du fortsætter. + Processen med kryptering eller dekryptering af system partition/drev er ikke fuldført. Vent venligst indtil det er fuldført før du fortsætter. + Fejl: Krypteringsproces på partition/drev er ikke fuldført. Det skal færdiggøres først. + Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Kodeordet er korrekt, VeraCrypt har dekrypteret bind etiketten med succes og detekteret at dette bind er et skjult system bind. Du kan dog ikke ændre etiketten på et skjult system bind på denne måde.\n\nFor at ændre kodeord på et skjult system bind, boot operativsystemet der ligger i det skjulte bind, og vælg da 'System' > 'Ændre kodeord' fra menulinien i hoved VeraCrypt vinduet.\n\nFor at vælge etiket nøgle oprindelses algoritme, boot op på det skjulte operativsystem og vælg da 'System' > 'Indstil etiket nøgle oprindelses algoritme'. + VeraCrypt supporterer ikke på-stedet dekryptering af en skjult system partition.\n\nBemærk: Hvis du ønsker at dekryptere aflednings system partitionen, boot op på aflednings systemet, og vælg da 'System' > 'Dekrypter System Partition/Drev permanent' fra menulinien i hoved VeraCrypt vinduet. + Fejl: Ukorrect/ugyldig parameter. + Du har valgt en partition eller enhed men oprettelsesguide tilstanden du har valgt er kun passende til fil beholdere.\n\nØnsker du at ændre oprettelsesguide tilstand? + Ønsker du at oprette en VeraCrypt fil beholder istedet? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Er du sikker på du ønsker at dekryptere system partition/drev permanent? + FORSIGTIG: Hvis du dekrypterer system partition/drev permantent, vil ukrypteret data blive skrevet der til.\n\nEr du helt sikker på du vil dekryptere system partition/drev permanent? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + Hvis du oplever nogle af de tidligere beskrevne problemer, dekrypter partition/drev (hvis det er krypteret) og prøv så at kryptere det igen ved brug af en ikke-kaskade krypterings algorithme (f.eks. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + Versions nummeret på den VeraCrypt Boot Loader der bootede dette operativsystem er forskellig fra det versions nummer på den VeraCrypt driver (og VeraCrypt applikationer) der er installeret på dette system.\n\nDu bør køre VeraCrypt installering (med det samme versions nummer som VeraCrypt Boot Loader) for at opdatere VeraCrypt på dette operativsystem. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + VeraCrypt Boot Loader er blevet opgraderet.\n\nDet anbefales kraftigt at du opretter en ny VeraCrypt Nødhjælps Disk (som vil indeholde den nye version af VeraCrypt Boot Loader) ved at vælge 'System' > 'Opret Nødhjælps Disk' efter du har genstartet din computer. + VeraCrypt Boot Loader er blevet opgraderet.\n\nDet anbefales kraftigt at du booter aflednings operativsystemet og så opretter en ny VeraCrypt Nødhjælps Disk (som vil indeholde den nye version af VeraCrypt Boot Loader) ved at vælge 'System' > 'Opret Nødhjælps Disk'. + Fejl i opgradering af VeraCrypt Boot Loader. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + ADVARSEL: Det ser ud til at VeraCrypt allerede har forsøgt at detektere skjulte sektorer på dette system drev. Hvis du oplevede nogen problemer under den tidligere detektions proces, kan du undgå disse problemer ved at undlade detektion af skjulte sektorer nu. Bemærk at hvis du gør dette, vil VeraCrypt bruge størrelsen oplyst af operativsystemet (hvilket kan være mindre end den reelle størrelse på drevet).\n\nBemærk at dette problem ikke er forårsaget af en fejl i VeraCrypt. + Undlad detektion af skjulte sektorer (brug størrelsen oplyst af operativsystemet) + Forsøg at detektere skjulte sektorer igen + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Nødhjælps Disk + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Test + Nøglefil + Backspace + Tab + Clear + Retur + Pause + Caps Lock + Mellemrum + Page Up + Page Down + End + Home + Pil Venstre + Pil Op + Pil Højre + Pil Ned + Vælg Tast + Print Tast + Execute Tast + Print Skærm + Insert + Delete + Applikations Tast + Sleep + Num Lock + Scroll Lock + Stifinder Tilbage + Stifinder Frem + Stifinder Opdater + Stifinder Stop + Stifinder Søg + Stifinder Favoritter + Stifinder Hjem + Lydløs + Volume Ned + Volume Op + Næste Spor + Forrige Spor + Stop Medie + Afspil/Pause Medie + Åbn Post Tast + Vælg Medie Tast + Applikation 1 + Applikation 2 + Attn + CrSel + ExSel + Afspil + Zoom + Numerisk + Shift + Ctrl + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.de.xml b/Translations/Language.de.xml index d5baa28f..26a55aa8 100644 --- a/Translations/Language.de.xml +++ b/Translations/Language.de.xml @@ -1,1458 +1,1458 @@ - - - - - - - - - - - - Abbrechen - Für &alle Benutzer installieren - Su&chen... - VeraCrypt-Symbol auf dem &Desktop erstellen - Jetzt spenden... - Verknüpft die .hc &Dateierweiterung mit VeraCrypt - &Den Speicherort nach dem Beenden öffnen - VeraCrypt ins &Startmenü eintragen - &Wiederherstellungspunkt erstellen - &Deinstallieren - &Entpacken - &Installieren - VeraCrypt-Einrichtungsassistent - VeraCrypt deinstallieren - &Hilfe - Wählen Sie bitte das Zielverzeichnis für die zu entpackenden Dateien: - Geben Sie das Zielverzeichnis für die Installation der Programmdateien von VeraCrypt an. Falls das Zielverzeichnis nicht existiert, wird es automatisch beim Entpacken angelegt. - Klicken Sie auf „Deinstallieren“, um VeraCrypt von diesem System zu entfernen. - Abbrechen - &Benchmark - &Test - Verschlüsseltes Volume erstellen und formatieren - Partition „in-place“ verschlüsseln - Generierte Schlüssel anzeigen (deren Teile) - Pool-Inhalt anzeigen - Herunterladen einer CD/DVD-Brennsoftware - Eine verschlüsselte Containerdatei erstellen - &GB - &TB - Mehr Informationen - Ver&stecktes VeraCrypt-Volume - Mehr Informationen über versteckte Volumes - Direkter Modus - Kompletter Modus - &KB - Schlüsselda&t. verwenden - Versuche zuerst ohne Passwort einzubinden - Zufällige Größe (64 <-> 1048576) - Schlüsselda&teien... - Infos über Hash-Algorithmen - Weitere Informationen - Informationen zu PIM - &MB - Mehr Informationen - Mehr Informationen über die Systemverschlüsselung - Mehr Informationen - Mehrere Betriebssysteme - Verschlüsselt eine Partition/ein Laufwerk - Verlauf &nicht speichern - Äußeres Volume öffnen - &Pause - P&IM verwenden - PIM verwenden - Schnell-Formatierung - Passwort an&zeigen - &Passwort anzeigen - PIM &anzeigen - Ein Betriebssystem - Standard VeraCrypt-Volume - V&ersteckt - Normal - System-Partition bzw. System-Laufwerk verschlüsseln - Die Windows System-Partition verschlüsseln - Gesamtes Laufwerk verschlüsseln - Assistent zum Erstellen eines VeraCrypt-Volumes - Cluster - WICHTIG: Den Mauszeiger in diesem Fenster zufällig hin und her bewegen. Je länger (min. 30 Sek.) Sie die Maus bewegen, desto besser. Dies trägt zu einer verbesserten Verschlüsselung bei. Klicken Sie dann auf „Weiter“, um fortzufahren. - &Bestätigung: - Fertig - Laufwerksbuchstabe: - Verschlüsselungsalgorithmus - Dateisystem - Erstellt ein verschlüsseltes virtuelles Laufwerk, welches als Datei gespeichert wird. Für Anfänger empfohlen. - Optionen - Hash-Algorithmus - Headerschlüssel: - Rest - Hauptschlüssel: - Diese Option wählen, falls zwei oder mehrere Betriebssysteme auf diesem System installiert sind.\n\nZum Beispiel:\n- Windows 8 und Windows 8\n- Windows 8 und Windows 10\n- Windows und Mac OS X\n- Windows und Linux\n- Windows, Linux und Mac OS X - Verschlüsselt eine Nicht-Systempartition auf internen oder externen Laufwerken (als normales oder verstecktes Volume). - Aktueller Inhalte-Pool (teilweise) - Durchgang - &Passwort: - Volume PIM: - Volume PIM: - Fortschritt: - Zufallswerte: - Diese Option wählen, wenn sich nur ein Betriebssystem auf dem Computer befindet (auch bei mehreren Benutzern). - Geschw. - Status - Die Schlüssel, der Salt-Wert und andere Daten wurden erfolgreich erstellt. Wenn Sie neue Schlüssel erstellen möchten, klicken Sie auf „Zurück“ und dann auf „Weiter“. Andernfalls klicken Sie auf „Weiter“. - Partition/Laufwerk verschlüsseln auf dem Windows installiert ist. Jeder, der Zugang zum System erlangen möchte, muss das korrekte Passwort bei jedem Start von Windows eingeben. Eine Alternative dazu ist das Erstellen eines versteckten Systems. - Wählen Sie diese Option, um die Partition zu verschlüsseln, auf der das derzeit laufende Windows installiert ist. - Volume-Bezeichnung in Windows: - Lösch-Modus: - Schließen - Erlauben, die Prä-Boot-&Authentifikation durch Drücken v. ESC zu überspringen (aktiviert Boot-Manager) - Nichts machen - &VeraCrypt-Volume autom. einbinden (wie unten angegeben) - &VeraCrypt starten - Bibliothek auto&matisch erkennen - &Prä-Boot-Authentifikationspasswort in Treiber-Speicher schr. (zum einbinden v. Nicht-System Volume) - Durchsuchen... - Durchsuchen... - Passwort u. Schlüsseldat. im &Cache halten - &Beenden, wenn alle Vol. getrennt wurden - Token-&Sitzung schließen, nachdem ein Volume erfolgreich eingebunden wurde - Volume-Erweiterer hinzufügen - Assistent für die Erstellung von VeraCrypt-Volumes hinzufügen - Erstellen - Volume &erstellen - Keine Texte im Prä-Boot-Authentifikationsbildschirm &anzeigen (außer die unten definierte Nachricht) - Deaktiviert Erkennung von „Evil Maid“ Angriffen - AES-Verschlüsselung beschleunigen durch Nutzung der AES-Befehle des Prozessors (falls unterstützt) - Sch&lüsseldateien verw. - Schlüsselda&teien verw. - &Beenden - Hilfe zu Favoriten-Volumes - Ausgewähltes Volume nicht einbinden, wenn die „Favoriten einbinden“-&Tastenkombination gedrückt wird. - Ausgewähltes Volume einbinden, wenn sein &Host-Gerät angeschlossen wird - Ausgewähltes Volume beim &Anmelden einbinden - Ausgewähltes Volume &schreibgeschützt einbinden - Ausgewähltes Volume als &Wechselmedium einbinden - Nach &oben - Nach &unten - Explorer-&Fenster für das gewählte Volume öffnen, wenn es erfolgreich eingebunden wurde - &Entfernen - Bezeichnung des gewählten Volumes für Explorer verwenden - Globale Einstellungen - Nach erfolgreichem Trennen per Tastenkürzel ein Benachrichtigungsfenster anzeigen - Nach erfolgreichem Trennen per Tastenkürzel den Systembenachrichtigungston abspielen - Alt - Strg - Umschalt - Win - Zuweisen - Aufheben - &Schlüsseldat... - Diese Anzahl von Prozessoren NICHT für Ver-/Entschlüsselung nutzen: - Mehr Informationen - Mehr Informationen - Mehr Einstellungen... - &Alle Datentr. einbinden - &Optionen... - Als schreib&geschütztes Laufwerk einbinden - Schlüssel&dat... - (Leer oder 0 für vordefinierte Iterationen) - (Leer oder 0 für vordefinierte Iterationen) - &Aktiv - Passwörter im &Cache halten - Bei ausbleibendem Lese-/Schreibzugriff aut&omatisch trennen nach - Benutzerabmel&dung - Benutzersitzung gesperrt - Wechsel in Energiesparmod&us - Bildsc&hirmschonerstart - Automatisches Trennen bei geöffneten Date&ien erzwingen - Alle Datenträger-&Volumes einbinden - Starte VeraCrypt Hintergrund Task - Nur &schreibgeschützt einbinden - Als &Wechselmedium einbinden - Explo&rer-Fenster für erfolgreich eingebundenes Volume öffnen - Temporäres Cache-Passwort während Operationen zum „Volume-Favoriten einbinden“ - Ein anderes Taskleistensymbol benutzen, wenn Volumes eingebunden sind - Passwörter im Cache beim auto&matischen Trennen sicher löschen - Cache beim Beenden sicher &löschen - Änderungszeiten von Containerdateien erhalten - Zu&rücksetzen - Datent&räger... - &Datei... - Wähle &Bibliothek... - Passwort anze&igen - Passwort an&zeigen - &Explorer-Fenster für eingebundenes Volume öffnen - Passwort im Cache halten - TrueCrypt-Modus - A&lle trennen - Eigenscha&ften... - Vol.-&Operationen... - &Cache sicher löschen - VeraCrypt – Parameter beim Einbinden - VeraCrypt – Favoriten-Volumes - VeraCrypt – systemweite Tastenkombinationen - VeraCrypt - Passwort oder Schlüsseldateien ändern - Passwort für VeraCrypt-Volume eingeben - VeraCrypt – Leistungseinstellungen und Treibereinstellungen - VeraCrypt – Voreinstellungen - VeraCrypt – Einstellungen der Systemverschl. - VeraCrypt – Sicherheitstoken-Einstellungen - VeraCrypt Traveler Disk Installation - Eigenschaften des VeraCrypt-Volumes - &Infos über VeraCrypt - Schlüssel&dateien dem/vom Volume hinzufügen/entfernen... - Eingebundenes Volume zu Favoriten hinzufügen... - Eingebundenes Volume zu Systemfavoriten hinzufügen. .. - Einen Systemabsturz analysieren... - Volume-Header s&ichern... - &Benchmark-Test... - Algorithmus für &Headerschlüsselberechnung ändern... - Volume-&Passwort ändern... - Algorithmus für Headerschlüsselberechnung ändern... - Passwort ändern... - Volume-Ve&rlauf löschen - Alle Sicherheitstoken-Sitzungen schließen - &Kontakt - Verstecktes Betriebssystem erstellen... - Rettungsdatenträger erstellen... - &Neues Volume erstellen... - Dauerhaft entschlüsseln... - &Standardschlüsseldateien... - Standardparameter beim Einbinden... - Jetzt spenden... - System-Partition/Laufwerk verschlüsseln... - Häufig gestellte &Fragen (FAQ) - &Benutzerhandbuch - Webseite - &Tastenkombinationen... - &Schlüsseldatei(en) generieren - &Sprache... - &Lizenzvereinbarung - Sicherheitstoken-Schlüsseldateien verwalten... - &Alle Datenträger-Volumes automatisch einbinden - &Favoriten einbinden - Ohne Prä-Boot-&Authentifikation einbinden... - Volume &einbinden - Volume einbinden (mit &Optionen) - &Neuigkeiten - Online-&Hilfe - &Anleitung für Anfänger - Favoriten-Volumes Einstellungen... - Systemfavoriten-Volumes Einstellungen... - Leistung/Treiberkonfiguration - System-Partition/Laufwerk dauerhaft entschlüsseln - &Voreinstellungen... - &Laufwerksbuchstaben aktualisieren - &Alle Schlüsseldateien vom Volume entfernen... - Volume-Header &wiederherstellen... - Unterbrochenen Prozess fortsetzen - Datent&räger oder Partition auswählen... - &Datei auswählen... - Unterbrochenen Vorgang fortsetzen - Systemverschlüsselung... - Eigenschaften... - Einstellungen... - Systemfavoriten-Volumes... - &Downloads - &Testvektoren... - Sicherheitstokens... - Traveler Disk Installation... - A&lle Volumes trennen - Volume &trennen - Rettungsdatenträger überprüfen - ISO-Abbild von Rettungsdatenträger überprüfen - &Versionsverlauf - Volume-Erweiterer - E&igenschaften des VeraCrypt-Volumes - VeraCrypt-Volume &erstellen - VeraCrypt-&Webseite - &Passwort-Cache sicher löschen - OK - Hardwarebeschleunigung - Tastenkombination - Autostart-Konfiguration (autorun.inf) - Automatisches Trennen - Alle Volumes trennen bei: - Bootloader-Bildschirm Optionen - Passwort bestätigen: - Momentan - Zeige diese benutzerdefinierte Nachricht im Prä-Boot-Authentifikationsbildschirm an (max. 24 Zeichen): - Voreinstellungen beim Einbinden - Einstellungen für Tastenkombinationen - Treiberkonfiguration - Unterstützung für erweiterte Plattensteuercodes aktivieren - Bezeichnung des gewählten Favoriten-Volumes: - Dateieinstellungen - Taste: - Der Prozessor in diesem Computer unterstützt Hardwarebeschleunigung für AES: - Durchzuführende Aktionen nach Benutzeranmeldung - Minuten - Laufwerksbuchstabe: - Einstellungen beim Einbinden - Neu - Passwort: - Thread-basierte Parallelisierung - Pfad der PKCS #11 Bibliothek - PKCS-5 PRF: - PKCS-5 PRF: - Passwort-Cache (im Speicher des VeraCrypt-Treibers) - Sicherheitsoptionen - VeraCrypt-Hintergrunddienst - VeraCrypt-Volume einbinden (relativ zum Traveler-Disk Verz.): - Beim Anschließen einer Traveler Disk: - Erstelle die Traveler Disk Dateien in (Traveler Disk Stammverzeichnis): - Volume - Windows - &Pfad... - &Auto-Test für alle - &Fortsetzen - &Entschlüsseln - &Löschen - &Verschlüsseln - &Exportieren... - Schlüsseldatei(en) &erstellen und speichern - Schlüsseldatei(en) &generieren - Sprachpaket herunterladen - Hardwarebeschleunigtes AES: - &Schl.dateien auf den Token importieren... - Dateien &hinzuf. - Schlüsselda&teien verw. - &Schlüsseldat... - Ent&fernen - &Alle entfernen - Was bedeutet „Schützen von verstecktem Volume“? - Mehr Infos zu Schlüsseldateien - Als &Wechselmedium einbinden - Partition mit &Systemverschl. ohne Prä-Boot-Authentifikation einbinden - Parallelisierung: - Test - &Drucken - Verstecktes Volume vor &Beschädigung durch äußeres Volume schützen - &Zurücksetzen - Passwort an&zeigen - &Token/SmartCard - Wenn verfügbar, im Volume eingebettete Header-Sicherung verwenden - XTS Modus - Über VeraCrypt - VeraCrypt – Benchmark-Test für Verschlüsselungsalgorithmen - VeraCrypt – Testvektoren - Hilfe für Kommandozeilenparameter - VeraCrypt – Schlüsseldateien - VeraCrypt – Schlüsseldatei(en) aus Zufallswerten erstellen - VeraCrypt – Sprache - VeraCrypt – Einstellungen beim Einbinden - Neue Sicherheitstoken-Schlüsseldateien-Eigenschaften - VeraCrypt – Verbesserung des Zufallszahlen-Generators - Datenträger oder Partition auswählen - VeraCrypt - Sicherheitstoken-Schlüsseldateien - Sicherheitstoken-Passwort/PIN benötigt - Momentanes Sprachpaket - Die Leistung hängt von der CPU-Last und von der Charakteristik des Speichergerätes ab.\n\nAlle Tests werden im RAM durchgeführt. - Speichergröße: - Blockchiffre: - &Passwort des versteckten Volumes (Cache falls leer): - Verstecktes Volume schützen - Schlüsselgröße: - WICHTIG: Den Mauszeiger in diesem Fenster zufällig hin u. her bewegen. Je länger (min. 30 Sek.) Sie die Maus bewegen desto besser. Dies trägt zu einer verbesserten Verschlüsselung bei. - WARNUNG: Ein Volume kann nicht mehr eingebunden werden, wenn eine der Schlüsseldateien fehlt oder in den ersten 1024 KB verändert wurde! - Bit - Anzahl der Schlüsseldateien: - Schlüsseldateigröße (in Byte): - Name der Schlüsseldatei(en): - Übersetzt von: - Klartextgröße: - Bit - Momentaner Pool-Inhalt: - &PRF: - WICHTIG: Den Mauszeiger in diesem Fenster zufällig hin und her bewegen. Je länger (min. 30 Sek.) Sie die Maus bewegen desto besser. Dies trägt zu einer verbesserten Verschlüsselung bei. Klicken Sie auf „Weiter“, um mit dem Vorgang fortzufahren. - Sekundärer Schlüssel (hexadezimal) - Sicherheitstoken: - Sortiermethode: - Bitte warten. Dieser Vorgang kann sehr lange dauern... - Bitte warten...\nDieser Prozess kann sehr lange dauern und VeraCrypt kann vorübergehend hängen bleiben. - Block Nummer: - Chiffretext (hexadezimal) - Dateneinheit-Nummer (64-bit hexadezimal, die Größe einer Dateneinheit beträgt 512 Byte) - Schlüssel (hexadezimal) - Klartext (hexadezimal) - Schlüsseldatei-Name: - XTS-Modus - S&ystem - &Volumes - Favor&iten - E&xtras - Einstellun&gen - &Hilfe - Web&seite - - &Über VeraCrypt ... - Das Schreibschutzattribut des alten Volumes konnte nicht geändert werden. Überprüfen Sie bitte die Dateizugriffsrechte. - Fehler: Zugriff verweigert.\n\nDie Partition ist entweder 0 Sektoren groß, oder es handelt sich um die Bootpartition. - Administrator - Zum Laden des VeraCrypt-Treibers müssen Sie als Benutzer mit Administratorrechten angemeldet sein. - Zum Verschlüsseln/Entschlüsseln/Formatieren eines Datenträgers oder einer Partition müssen Sie als Benutzer mit Administratorrechten angemeldet sein.\n\nDiese Einschränkung gilt nicht für VeraCrypt-Volumes in Containerdateien. - Zum Erstellen eines versteckten Volume müssen Sie als Benutzer mit Administratorrechten angemeldet sein.\n\nFortsetzen? - Um das Volume mit NTFS/exFAT zu formatieren, müssen Sie als Benutzer mit Administratorrechten angemeldet sein.\n\nFür das Formatieren mit FAT werden keine Administratorrechte benötigt. - Von der FIPS genehmigte Blockchiffre (Rijndael, 1998 veröffentlicht), die zur Verwendung in U.S. amerikanischen Ministerien und Behörden zugelassen ist, um vertrauliche Informationen bis zur Geheimhaltungsstufe „Top Secret“ zu schützen. 256-bit Schlüssellänge, 128-bit Blockgröße, 14 Runden (AES-256). Arbeitet im XTS-Modus. - Das Volume ist bereits eingebunden. - WARNUNG: Mindestens ein Verschlüsselungs- oder Hash-Algorithmus hat die automatischen Selbsttests nicht bestanden.\n\nDie VeraCrypt-Installation ist möglicherweise beschädigt. - WARNUNG: Es befinden sich nicht genügend Daten im Pool des Zufallszahlengenerators, um die angeforderte Anzahl von Zufallswerten zu erzeugen.\n\nBrechen Sie die Operation bitte ab und melden Sie diesen Fehler (Menüpunkt „Kontakt“ im Hilfemenü). - Das Laufwerk ist beschädigt (physischer Defekt), ein Kabel ist beschädigt oder der Speicher ist defekt.\n\nBeachten Sie bitte, dass es ein Problem mit Ihrer Hardware gibt, nicht mit VeraCrypt. Melden Sie diesen Fehler/das Problem deshalb bitte NICHT VeraCrypt und suchen Sie keine Hilfe in den VeraCrypt-Foren. Für Unterstützung kontaktieren Sie bitte Ihren Hardware-Hersteller. Vielen Dank.\n\nHinweis: Wenn der Fehler wiederholt an gleicher Stelle auftritt, so liegt es möglicherweise an einem fehlerhaften Datenträger-Block, der vielleicht durch Fremdanbietersoftware korrigiert werden kann (beachten Sie, dass in vielen Fällen der Befehl „chkdsk /r“ ihn nicht korrigiert, da dies nur auf Dateisystemebene funktioniert; in einigen Fällen kann das „chkdsk“-Programm dies nicht feststellen). - Falls Sie auf ein Laufwerk für Wechselmedien zugreifen möchten, stellen Sie bitte sicher, dass sich ein Wechselmedium in diesem Laufwerk befindet. Das Laufwerk oder das Wechselmedium könnten auch beschädigt sein (physischer Defekt) oder ein Kabel könnte beschädigt oder nicht richtig verbunden sein. - Ihr System verwendet scheinbar modifizierte Chipsatz-Treiber mit einem Bug, der die Komplettverschlüsselung verhindert.\n\nBitte versuchen Sie alle modifizierten (nicht-Microsoft) Chipsatz-Treiber zu aktualisieren oder zu deinstallieren, bevor Sie fortfahren. Falls dies nicht hilft, können Sie versuchen, lediglich die Systempartition zu verschlüsseln. - Ungültiger Laufwerksbuchstabe. - Ungültiger Pfad. - Abbrechen - Datenträger ist nicht lesbar. Stellen Sie bitte sicher, dass der Datenträger vorhanden ist und dass dieser nicht vom System verwendet wird. - WARNUNG: Die Feststelltaste ist gedrückt. Dies führt möglicherweise zu einer falschen Passworteingabe. - Volume-Typ - Es kann vorkommen, dass Sie von jemandem gezwungen werden das Passwort für ein Verschlüsseltes Volume zu verraten. Es gibt viele Situationen, in denen Sie sich nicht weigern können, das Passwort herauszugeben (z.B. Erpressung). Mit Hilfe eines sogenannten versteckten Volumes müssen Sie in solchen Situationen das Passwort ihres (versteckten) Volumes nicht herausgeben. - Diese Option zum Erstellen eines normalen VeraCrypt-Volume wählen. - Bitte beachten Sie, dass das gesamte Systemlaufwerk nicht mit einem einzelnen Schlüssel verschlüsselt werden kann, wenn Sie möchten, dass ein Betriebssystem in ein verstecktes partitionsbasiertes Volume installiert wird. - Verschl.-Methode des äußeren Vol. - Verschl.-Methode des versteckten Vol. - Verschlüsselungseinstellungen - WARNUNG: Die Pfadinformation des zuletzt ausgewählten Volumes bzw. der zuletzt ausgewählten Schlüsseldatei konnte nicht gelöscht werden (diese Information wird vom Dateiauswahlfenster gespeichert). - Fehler: Das Volume wurde auf Dateisystemebene komprimiert. Komprimierte Volumes werden nicht von VeraCrypt unterstützt (die Kompression von verschlüsselten Daten ist ineffektiv und redundant).\n\nEntfernen Sie das Komprimierungsattribut bitte wie folgt: 1. Rechtsklick auf Container-Datei innerhalb des Windows-Explorers (nicht in VeraCrypt) 2. „Eigenschaften“ auswählen 3. Im „Eigenschaften“-Dialogfenster auf „Erweitert ...“ klicken 4. Im „Erweiterte Attribute“-Dialogfenster die Option „Inhalt komprimieren, um Speicherplatz zu sparen“ deaktivieren und auf „OK“ klicken 5. Im „Eigenschaften“-Dialogfenster auf „OK“ klicken - Volume %s konnte nicht erstellt werden - Die Größe von %s ist %.2f Byte - Die Größe von %s ist %.2f KB - Die Größe von %s ist %.2f MB - Die Größe von %s ist %.2f GB - Die Größe von %s ist %.2f TB - Die Größe von %s ist %.2f PB - WARNUNG: Der Datenträger bzw. die Partition wird bereits vom Betriebssystem oder von Anwendungen benutzt! Das Formatieren des Datenträgers bzw. der Partition kann zu Datenbeschädigung und Systeminstabilität führen.\n\nDennoch mit dem Formatieren beginnen? - WARNUNG: Die Partition wird vom Betriebssystem oder von einer Anwendung verwendet. Sie sollten jede Anwendung, die möglicherweise die Partition verwendet, schließen (einschließlich Anti-Viren Software).\n\nFortfahren? - Fehler: Der Datenträger bzw. die Partition enthält ein Dateisystem das nicht ausgehängt werden konnte. Das Dateisystem wird möglicherweise vom Betriebssystem verwendet. Das Formatieren würde sehr wahrscheinlich Daten beschädigen und zu Systeminstabilität führen.\n\nEmpfehlungen zur Behebung des Problems: Zuerst die Partition löschen und anschließend die Partition ohne Formatierung neu erstellen.\n\n1) Im Startmenü Rechtsklick auf das „Computer“-Icon (oder „Arbeitsplatz“-Icon) und „Verwalten“ auswählen. Danach müsste das Fenster „Computerverwaltung“ erscheinen.\n2) „Datenspeicher“ > „Datenträgerverwaltung“ im Fenster „Computerverwaltung“ auswählen.\n3) Rechtsklick auf die zu verschlüsselnde Partition und entweder „Partition löschen ...“, „Volume löschen ...“ oder „Logisches Laufwerk löschen ...“ auswählen.\n4) Auf „Ja“ klicken. Sollte Windows zum Neustart des Rechners auffordern, dieser Aufforderung folgen, die Schritte 1 und 2 wiederholen, und mit Schritt 5 fortsetzen.\n5) Rechtsklick auf den als „nicht zugeordnet“/„Freier Speicherplatz“ bezeichneten Bereich und entweder „Neue Partition ...“, „Neues einfaches Volume ...“, oder „Neues logisches Laufwerk ...“ auswählen.\n6) Den Anweisungen des daraufhin erscheinenden „Assistent zum Erstellen neuer Partitionen“- bzw. „Assistent zum Erstellen neuer einfacher Volumes“-Fensters folgen. Auf der Seite „Partition formatieren“ des Assistenten, entweder „Diese Partition nicht formatieren“ oder „Dieses Volume nicht formatieren“ auswählen. Anschließend auf „Weiter“ und danach auf „Fertig stellen“ klicken.\n7) Der Name des in VeraCrypt ausgewählten Datenträgers bzw. der Partition ist jetzt u. U. falsch. Schließen Sie deshalb den Assistenten zum Erstellen von VeraCrypt-Volume (falls dieser noch offen ist) und starten Sie den Assistenten neu.\n8) Versuchen Sie erneut den Datenträger bzw. die Partition zu verschlüsseln.\n\nSollte sich VeraCrypt erneut weigern den Datenträger bzw. die Partition zu verschlüsseln, so könnten Sie stattdessen auch die Erstellung eines Containerdatei-Volume in Betracht ziehen. - Fehler: Das Dateisystem konnte nicht gesperrt und/oder getrennt werden. Es könnte vom Betriebssystem oder von Programmen verwendet werden (z.B. Backup-Software oder Virenscanner). Die Verschlüsselung der Partition könnte Daten beschädigen oder das System instabil werden lassen.\n\nBitte schließen Sie jede Anwendung, die möglicherweise die Partition verwendet (einschließlich Anti-Viren Software), und versuchen Sie es erneut. Wenn dies nicht hilft, folgen Sie bitte den unten stehenden Schritten. - WARNUNG: Einige der angeschlossenen Datenträger bzw. Partitionen werden bereits verwendet!\n\nDas Ignorieren dieser Meldung kann zu unerwünschten Ergebnissen einschließlich einer Systeminstabilität führen.\n\nEs wird dringend empfohlen alle Anwendungen, die möglicherweise diese Datenträger bzw. Partitionen verwenden, zu schließen. - Der ausgewählte Datenträger enthält Partitionen!\n\nDas Formatieren des Datenträgers könnte zu Systeminstabilitäten und/oder Datenbeschädigung führen. Bitte wählen Sie stattdessen eine Partition auf diesem Datenträger aus oder entfernen Sie sämtliche Partitionen vom Datenträger, damit VeraCrypt den Datenträger sicher formatieren kann. - Das ausgewählte Nicht-Systemlaufwerk enthält Partitionen.\n\nVerschlüsselte Laufwerkbasierte VeraCrypt-Volumes können auf Laufwerken erstellt werden die keine Partitionen enthalten (einschließlich Festplatten und Solid-State-Laufwerken). Ein Laufwerk, das Partitionen enthält kann nur vollständig „in-place“ verschlüsselt werden (Verwendung eines Hauptschlüssels), wenn es das Laufwerk ist auf dem Windows installiert ist und von dem es startet.\n\nWenn Sie das ausgewählte Nicht-Systemlaufwerk mit einem Hauptschlüssel verschlüsseln möchten, dann müssen Sie zuerst alle Partitionen auf dem Laufwerk löschen damit VeraCrypt es sicher formatieren kann (Formatieren eines Laufwerkes, das Partitionen enthält, kann Systeminstabilität und/oder Datenbeschädigung hervorrufen). Alternativ können Sie jede Partition auf dem Laufwerk individuell verschlüsseln (jede Partition wird mit einem anderen Hauptschlüssel verschlüsselt).\n\nHinweis: Wenn Sie alle Partitionen von einem GPT-Datenträger löschen möchten, dann müssen Sie es in einen MBR-Datenträger umwandeln (z.B. mit dem Computerverwaltungsprogramm), um versteckte Partitionen zu löschen. - WARNUNG: Wenn Sie das gesamte Gerät verschlüsseln (im Gegensatz zu einer Partition auf dem Gerät), wird das Betriebssystem dieses Gerät als neu, leer und unformatiert erkennen (da es keine Partitionstabelle enthalten wird). Das kann dazu führen, dass das Gerät vom System spontan initialisiert wird (oder dass Sie gefragt werden ob Sie das Gerät initialisieren möchten), was das Volume beschädigen kann. Außerdem wird es nicht möglich sein, das Volume beständig als Favorit einzubinden (z.B. wenn sich der Laufwerksbuchstabe ändert) oder ihm eine Favoriten-Volume Bezeichnung zuzuweisen.\n\nUm diese Probleme zu vermeiden, sollten Sie erwägen eine Partition auf dem Gerät zu erstellen und diese zu verschlüsseln.\n\nSind Sie sicher, dass Sie das gesamte Gerät verschlüsseln möchten? - WICHTIG: Bitte beachten Sie, dass dieses Volume NICHT mit dem derzeit zugewiesenen Laufwerksbuchstaben %c: eingebunden werden kann!\n\nUm das Volume einzubinden, klicken Sie „Alle Datentr. einbinden“ im Hauptfenster von VeraCrypt (alternativ können Sie auch im Hauptfenster „Datenträger..“ auswählen, diese(n) Partition/Datenträger wählen und „Einbinden“ klicken). Dem Volume wird dann ein neuer Laufwerksbuchstabe zugewiesen den Sie aus der Liste im Hauptfenster auswählen.\n\nDer vorherige Laufwerksbuchstabe %c: sollte nur benutzt werden wenn Sie die Verschlüsselung von der Partition/dem Datenträger entfernen möchten (z.B. wenn Sie keine Verschlüsselung mehr benötigen). In diesem Fall wählen Sie das Laufwerk %c: in der „Computer“ oder „Mein Computer“ Liste mit Rechtsklick aus und wählen Sie „Formatieren“. Ansonsten sollte der Laufwerksbuchstabe %c: nie benutzt werden (außer Sie entfernen ihn und weisen ihn einer anderen Partition oder einem anderen Datenträger zu; Siehe VeraCrypt FAQ). - Die In-Place Verschlüsselung eines Nicht-Systemlaufwerks wird nicht von Ihrem Betriebssystem unterstützt (nur von Windows Vista oder neuer).\n\nDer Grund dafür ist, dass die aktuell laufende Version nicht das Verkleinern eines Dateisystems beherrscht (Das Dateisystem muss verkleinert werden, um Platz für den Volume-Header und den Backup-Header zu schaffen). - Die ausgewählte Partition scheint kein NTFS-Dateisystem zu enthalten. Nur Partitionen die ein NTFS-Dateisystem enthalten, können „in-place“ verschlüsselt werden.\n\nHinweis: Der Grund hierfür ist, dass Windows das Verkleinern von anderen Dateisystemtypen nicht unterstützt. (das Dateisystem muss verkleinert werden, um Platz für den Volume-Header und den Backup-Header zu schaffen). - Die ausgewählte Partition scheint kein NTFS-Dateisystem zu enthalten. Nur Partitionen die ein NTFS-Dateisystem enthalten können „in-place“ verschlüsselt werden.\n\nWenn sie ein Verschlüsseltes VeraCrypt-Volume innerhalb dieser Partition erstellen möchten, dann wählen Sie die Option „Verschlüsseltes Volume erstellen und formatieren“ (anstelle der Option „Partition „in-place“ verschlüsseln“). - Fehler: Die Partition ist zu klein. VeraCrypt kann es nicht „in-place“ verschlüsseln. - Um die Daten auf dieser Partition zu verschlüsseln, gehen Sie bitte wie folgt vor:\n\n1) Erstellen Sie ein VeraCrypt-Volume auf einer leeren Partition/einem leeren Laufwerk und binden es ein.\n\n2) Kopieren Sie alle Dateien aus der Partition, die Sie ursprünglich verschlüsseln wollten, in das eingebundene Volume (dieses wurde im Schritt 1 erstellt). Auf diese Weise erstellen Sie eine von VeraCrypt verschlüsselte Sicherung der Daten.\n\n3) Erstellen Sie ein VeraCrypt-Volume auf der Partition, die Sie ursprünglich verschlüsseln wollten und stellen sicher, dass Sie (im VeraCrypt Assistenten) die Option „Verschlüsseltes Volume erstellen und formatieren“ wählen (anstelle der Option „Partition „in-place“ verschlüsseln“). Beachten Sie, dass alle Daten auf der Partition gelöscht werden. Nachdem das Volume erstellt ist, binden Sie es ein.\n\n4) Kopieren Sie alle Dateien von dem eingebundenen VeraCrypt-Sicherungs-Volume (erstellt und eingebunden im ersten Schritt) in das eingebundene VeraCrypt-Volume, dass im dritten Schritt erstellt (und eingebunden) wurde.\n\nNachdem Sie die Schritte abgeschlossen haben, sind die Daten verschlüsselt und zusätzlich gibt es eine verschlüsselte Sicherung der Daten. - VeraCrypt kann nur eine Partition, ein Dynamisches Volume oder ein ganzes Systemlaufwerk „in-place“-verschlüsseln.\n\nWenn Sie ein Verschlüsseltes VeraCrypt-Volume innerhalb des ausgewählten Nicht-Systemlaufwerkes erstellen möchten, dann wählen Sie die Option „Verschlüsseltes Volume erstellen und formatieren“ (anstelle der Option „Partition „in-place“ verschlüsseln“). - Fehler: VeraCrypt kann nur eine Partition, ein dynamisches Volume oder ein ganzes Systemlaufwerk „in-place“ verschlüsseln. Stellen Sie bitte sicher, dass der angegebene Pfad korrekt ist. - Fehler: Kann das Dateisystem nicht verkleinern (das Dateisystem muss verkleinert werden, um Platz für den Volume-Header und den Backup-Header zu schaffen).\n\nMögliche Ursachen und Lösungen:\n\n- Nicht genügend freier Speicher auf dem Datenträger. Bitte stellen Sie sicher, dass keine Anwendung auf den Datenträger schreibt.\n\n- Beschädigtes Dateisystem. Überprüfen Sie es und beheben Sie die Fehler (Rechtsklick auf das entsprechende Laufwerk im „Arbeitsplatz“, dann auf „Eigenschaften“. Dort wählen Sie „Extras“ und „Jetzt prüfen“ aus. Stellen Sie sicher, dass die Option „Dateisystemfehler automatisch korrigieren“ markiert ist.\n\nWenn die obigen Anweisungen nicht funktionieren, folgen Sie bitte den unten aufgeführten Schritten. - Fehler: Auf dem angegebenen Laufwerk ist nicht genügend Speicher frei, um das Laufwerk zu verkleinern (das Dateisystem muss verkleinert werden, um Platz für den Volume-Header und den Backup-Header zu schaffen).\n\nBitte löschen Sie nicht benötigte Dateien und leeren Sie den Papierkorb, um mindestens 256 KB freien Speicherplatz zu schaffen und versuchen Sie es anschließend erneut. Beachten Sie bitte, dass auf Grund eines Fehlers von Windows die Menge des freien Speichers (angezeigt im Windows Explorer) falsch sein kann, bis das System neu gestartet wurde. Wenn selbst ein Neustart des Systems nicht hilft, könnte das Dateisystem beschädigt sein. Überprüfen Sie dies und beheben Sie die Fehler (Rechtsklick auf das entsprechende Laufwerk im „Arbeitsplatz“, dann auf „Eigenschaften“. Dort wählen Sie „Extras“ und „Jetzt prüfen“ aus. Stellen Sie sicher, dass die Option „Dateisystemfehler automatisch korrigieren“ markiert ist.\n\nWenn die obigen Anweisungen nicht funktionieren, folgen Sie bitte den unten aufgeführten Schritten. - Auf Laufwerk %s sind noch %.2f Byte frei. - Auf Laufwerk %s sind noch %.2f KB frei. - Auf Laufwerk %s sind noch %.2f MB frei. - Auf Laufwerk %s sind noch %.2f GB frei. - Auf Laufwerk %s sind noch %.2f TB frei. - Auf Laufwerk %s sind noch %.2f PB frei. - Fehler beim Ermitteln der verfügbaren Laufwerksbuchstaben. - Fehler: VeraCrypt-Treiber nicht gefunden.\n\nBitte kopieren Sie die Dateien „veracrypt.sys“ und „veracrypt-x64.sys“ in das Verzeichnis der Hauptanwendung von VeraCrypt (VeraCrypt.exe). - Fehler: Eine inkompatible Version des VeraCrypt-Treibers ist derzeit aktiv.\n\nWenn Sie versuchen VeraCrypt im mobilen Modus auszuführen (d.h. ohne es zu installieren) und eine andere Version von VeraCrypt bereits installiert ist, müssen Sie diese Version erst deinstallieren (oder mittels des VeraCrypt-Installationspakets aktualisieren). Um VeraCrypt zu deinstallieren, folgen Sie diesen Schritten: Unter Windows Vista oder neuer wählen Sie „Start Menu“ > „Einstellungen“ > „Systemsteuerung“ > „Programme und Funktionen“ > „VeraCrypt“ > „Deinstallieren“.\n\nWenn Sie versuchen VeraCrypt im mobilen Modus auszuführen (d.h. ohne es zu installieren) und eine andere Version von VeraCrypt bereits im mobilen Modus aktiv ist, müssen Sie den Computer neu starten bevor Sie diese neue Version starten können. - Fehler beim Initialisieren der Blockchiffre. - Fehler: Es wurde ein schwacher oder ein potenziell schwacher Schlüssel entdeckt! Der Schlüssel wird verworfen. Bitte wiederholen Sie den Vorgang. - Ein kritischer Fehler ist aufgetreten und VeraCrypt muss beendet werden. Wenn dies durch einen Fehler in VeraCrypt verursacht wurde, so würden wir diesen gerne ausbessern. Um uns dabei zu helfen, können Sie uns einen automatisch generierten Fehlerbericht senden, der die folgenden Daten enthält:\n\n- Versionsnummer\n- Betriebssystem\n- Prozessor\n- Name der betroffenen VeraCrypt-Komponente(n)\n- Prüfsumme des Programms\n- Symbolischer Name des Dialogfensters\n- Fehlerkategorie\n- Fehleradresse\n- VeraCrypt-Aufruf-Stack\n\nWenn Sie „Ja“ wählen, wird die folgende URL (welche den kompletten Fehlerbericht enthält) mit Ihrem Standardbrowser aufgerufen.\n\n%hs\n\nMöchten Sie uns den oben angezeigten Fehlerbericht senden? - Ein kritischer Fehler ist in Ihrem System aufgetreten.\n\nBeachten Sie, dass dieser Fehler nicht durch VeraCrypt verursacht wurde (d.h. VeraCrypt Entwickler können den Fehler nicht beheben). Bitte überprüfen Sie Ihr System auf mögliche Probleme (z.B. System-Konfiguration, Netzwerk-Verbindung, Fehler in Hardware-Komponenten). - Es ist ein kritischer Fehler in Ihrem System aufgetreten und VeraCrypt musste beendet werden.\n\nWenn dieses Problem wiederholt auftritt, sollten Sie versuchen Anwendungen, die diesen Fehler verursachen könnten, auszuschalten oder zu deinstallieren (z.B. Antiviren- oder Internetsicherheitssoftware, System-„Verbesserungs“-, „Optimierungs“- oder „Tweaker“-Software usw.). Sollte dies nicht helfen, sollten Sie in Erwägung ziehen, Ihr Betriebssystem neu zu installieren (dieses Problem kann auch durch Schadsoftware verursacht werden). - VeraCrypt – Kritischer Fehler - VeraCrypt hat erkannt, dass Ihr Betriebssystem vor kurzem abgestürzt ist. Es gibt viele mögliche Gründe für einen Systemabsturz (z.B. Fehler in einer Hardwarekomponente, fehlerhafte Treiber usw.).\n\nSoll VeraCrypt prüfen ob ein Fehler in VeraCrypt den Systemabsturz verursacht haben könnte? - Möchten Sie, dass VeraCrypt weiterhin Systemabstürze erkennt? - VeraCrypt konnte keine Minidump-Datei des Systemabsturzes finden. - Möchten Sie die Windows Absturzspeicherabbild-Datei löschen, um Speicherplatz frei zu geben? - Um den Systemabsturz zu analysieren, muss VeraCrypt zuerst die Microsoft Debugging Tools für Windows installieren.\n\nNachdem Sie „OK“ klicken, wird der Windows Installer das „Microsoft Debugging Tools“-Installationspaket (16 MB) von einem Microsoft Server herunterladen und installieren (der Windows Installer wird vom VeraCrypt-Server auf die Server-URL des Microsoft Servers weitergeleitet. Hierdurch wird sichergestellt, dass der Vorgang auch dann funktioniert, wenn Microsoft die URL ändert). - Nachdem Sie „OK“ klicken, analysiert VeraCrypt den Systemabsturz. Dies kann mehrere Minuten dauern. - Bitte stellen Sie sicher, dass die Umgebungsvariable „PATH“ den Pfad zu „kd.exe“ (Kernel Debugger) enthält („Systemsteuerung“ > „System“ > „Erweiterte Systemeinstellungen“ > „Erweitert“ > „Umgebungsvariablen“). - Es scheint als habe VeraCrypt den Systemabsturz sehr wahrscheinlich nicht verursacht. Es gibt viele mögliche Gründe für einen Systemabsturz (z.B. Fehler in einer Hardwarekomponente, fehlerhafte Treiber usw.). - Die Ergebnisse der Analyse deuten darauf hin, dass die Aktualisierung folgender Treiber das Problem beheben könnte: - Damit wir herausfinden können, ob ein Fehler in VeraCrypt existiert, können Sie uns einen automatisch erstellten Bericht senden, der die folgenden Punkte enthält:\n- Programmversion\n- Version des Betriebssystems\n- CPU-Typ\n- Fehlerkategorie\n- Treibername und -Version\n- System call stack\n\nWenn Sie „Ja“ wählen wird die folgende URL (die den gesamten Fehlerbericht enthält) in Ihrem Browser geöffnet. - Möchten Sie uns den obigen Fehlerbericht senden? - &Verschlüsseln - &Entschlüsseln - &Dauerhaft entschlüsselt - Beenden - Legen Sie bitte ein logisches Laufwerk für diese erweiterte Partition an und wiederholen Sie anschließend den Vorgang. - Ein VeraCrypt-Volume kann in einer Datei liegen (eine VeraCrypt-Containerdatei), die sich auf einer Festplatte, einer Partition, einem USB-Stick usw. befindet. Eine VeraCrypt-Containerdatei verhält sich genau wie eine normale Datei (sie kann zum Beispiel wie eine normale Datei kopiert, bewegt oder gelöscht werden). Klicken Sie auf „Datei ...“, um einen Dateinamen und den Speicherort für die Containerdatei zu wählen.\n\nACHTUNG: Wenn Sie eine bestehende Datei wählen, wird VeraCrypt diese NICHT verschlüsseln; die Datei wird gelöscht und mit der Containerdatei ersetzt. Sie können bestehende Dateien verschlüsseln, indem Sie diese später in den neuen VeraCrypt-Container verschieben, den Sie gerade erstellen. - Wählen Sie den Speicherort des äußeren Volumes (in diesem wird später das versteckte Volume erstellt).\nEin VeraCrypt-Volume kann in einer Datei liegen (eine VeraCrypt-Containerdatei), die sich auf einer Festplatte, einer Partition, einem USB-Stick usw. befindet. Eine Containerdatei verhält sich genau wie eine normale Datei (sie kann z.B. kopiert oder gelöscht werden). Klicken Sie auf „Datei ...“, um einen Dateinamen und den Speicherort für die Containerdatei zu wählen.\n\nACHTUNG: Wenn Sie eine bestehende Datei wählen wird VeraCrypt diese NICHT verschlüsseln; die Datei wird gelöscht und mit der Containerdatei ersetzt. Sie können bestehende Dateien verschlüsseln, indem Sie diese in den neuen VeraCrypt-Container verschieben. - Verschlüsselte laufwerkbasierte VeraCrypt-Volumes können innerhalb einer Partition auf Festplatten, Solid-State Laufw., USB- Sticks, und auf allen anderen unterstützten Laufwerken erstellt werden. Partitionen können außerdem „in-place“ verschlüsselt werden.\n\nAußerdem können laufwerkbasierte VeraCrypt-Volumes auf Laufwerken erstellt werden, die keine Partitionen beinhalten (einschließlich Festplatten und Solid-State Laufwerken).\n\nHinweis: Ein Laufwerk das Partitionen enthält kann nur vollständig „in-place“ verschlüsselt werden (Verwendung eines Hauptschlüssels), wenn es das Laufwerk ist auf dem Windows installiert ist und von dem es startet. - Ein laufwerkbasiertes VeraCrypt-Volume kann innerhalb einer Festplatte, eines Solid-State Laufwerkes, USB Memory-Stick und anderen Speichergeräten erstellt werden.\n\nWARNUNG: Beachten Sie, dass die Partition/das Laufwerk formatiert werden und alle derzeit darauf gespeicherten Daten verloren gehen. - \nWählen Sie den Speicherort für die Erstellung des äußeren Volumes (In ihm wird später das versteckte Volume erstellt).\n\nEin äußeres Volume kann auf einer Festplatten-Partition, einem Solid-State Laufwerk, USB-Stick u.a. Speicherlaufwerken erstellt werden. Äußere Volumes können auch auf Laufwerken erstellt werden, die keine Partitionen enthalten (einschließlich Festplatten und SSDs).\n\nWARNUNG: Beachten Sie, dass die Partition bzw. der Datenträger formatiert wird und alle zurzeit darauf gespeicherte Daten verloren gehen. - Wählen Sie bitte den Speicherort des VeraCrypt-Volumes aus, innerhalb dessen das versteckte Volume erstellt werden soll. - WARNUNG: Die Datei/das Laufwerk ist bereits in Verwendung!\n\nWenn Sie diese Warnung ignorieren, können nicht vorhersehbare Probleme einschließlich Systemabstürze auftreten. Alle Programme, die die Datei/das Laufwerk verwenden (zum Beispiel Virenscanner oder Backup-Software) sollten geschlossen werden, bevor das Volume eingebunden wird.\n\nTrotzdem fortfahren? - Fehler: Das Volume konnte nicht eingebunden werden. Die Datei/das Laufwerk wird bereits verwendet. Der Versuch das Volume ohne Exklusivzugriff einzubinden, ist ebenfalls gescheitert. - Die Datei konnte nicht geöffnet werden. - Volume-Speicherort - Große Dateien - Beabsichtigen Sie, Dateien die größer als 4 GB sind, in diesem VeraCrypt-Volume zu speichern? - Je nach Auswahl wird VeraCrypt ein geeignetes Dateisystem für das Volume wählen (im nächsten Schritt änderbar). - Da Sie ein äußeres Volume erstellen, sollten Sie erwägen „Nein“ zu wählen. Wenn Sie „Ja“ wählen, wird NTFS als Standard-Dateisystem gewählt. Es ist für äußere Volume weniger geeignet als FAT/exFAT (z.B. wird die maximal mögliche Größe des versteckten Volumes erheblich größer sein, wenn das äußere Volume mit FAT/exFAT formatiert ist). Normalerweise ist FAT die Standardeinstellung für versteckte und normale Volumes (somit sind FAT-Volumes nicht verdächtig). Wenn Sie allerdings die Absicht haben Dateien > 4 GB auf dem äußeren Volume zu speichern (was FAT nicht zulässt), dann sollte NTFS gewählt werden. - Sind Sie sicher, dass Sie „Ja“ wählen möchten? - Volume Erstellungs-Modus - Dies ist der schnellste Weg, um ein partitionsbasiertes oder laufwerkbasiertes VeraCrypt-Volume zu erstellen (die „in-place“ Verschlüsselung ist langsamer, da die Inhalte von jedem Sektor zuerst gelesen, verschlüsselt und dann geschrieben werden müssen). Alle Daten, die zurzeit auf der ausgewählten Partition/dem Laufwerk sind, gehen verloren (die Daten werden NICHT verschlüsselt, sie werden mit Zufallsdaten überschrieben). Wenn Sie vorhandene Daten auf einer Partition verschlüsseln möchten, dann wählen Sie die andere Option. - Die gesamte ausgewählte Partition und alle darauf gespeicherten Daten werden „in-place“ verschlüsselt. Wenn die Partition leer ist, dann sollten Sie die andere Option wählen (das Volume wird dann viel schneller erstellt). - Hinweis: - &Weiter - &Später - &Start - &Fortsetzen - &Formatieren - &Löschen - Formatierung abbrechen? - Zeige mehr Informat. - Nicht noch einmal anzeigen - Der Inhalt der Partition/des Laufwerkes wurde erfolgreich gelöscht. - Der Inhalt der Partition, auf der das ursprüngliche System lag (von dem das versteckte System eine Kopie ist), wurde erfolgreich gelöscht. - Bitte stellen Sie sicher, dass die Windows-Version, die Sie installieren werden, die gleiche ist, wie die Version die sie gerade laufen haben. Dies ist notwendig, da beide Systeme die selbe Boot-Partition verwenden werden. - Die Systempartition/das Systemlaufwerk wurde erfolgreich verschlüsselt.\n\nBitte beachten Sie: Wenn es VeraCrypt-Volumes gibt, die Sie jedes Mal einbinden möchten wenn Windows startet, können Sie dies einrichten, indem Sie die Volumes einbinden und unter „Favoriten“ > „Eingebundenes Volume zu Systemfavoriten hinzufügen“ wählen. - Die System-Partition/das Laufwerk wurde erfolgreich entschlüsselt. - \n\nDas VeraCrypt-Volume wurde erstellt und ist Einsatzbereit. Mit „Weiter“ können Sie ein weiteres VeraCrypt-Volume erstellen (anderenfalls drücken Sie auf „Beenden“). - \n\nDas versteckte VeraCrypt-Volume wurde erfolgreich erstellt (das versteckte Betriebssystem wird sich innerhalb von diesem versteckten Volume befinden).\n\nKlicken Sie auf „Weiter“, um fortzufahren. - Volume vollständig verschlüsselt - Volume vollständig entschlüsselt - WICHTIG: UM DIESES NEU ERSTELLTE VERACRYPT-VOLUME EINZUBINDEN UND UM AUF DIE DATEN DARAUF ZUZUGREIFEN, KLICKEN SIE AUF „Alle Datentr. einbinden“ IM VERACRYPT HAUPTBILDSCHIRM. Nachdem Sie das richtige Passwort eingegeben haben (und/oder die korrekten Schlüsseldateien angegeben haben), wird das Volume unter dem Laufwerksbuchstaben, den Sie aus der Liste im VeraCrypt-Hauptbildschirm wählen, eingebunden (und Sie können auf die verschlüsselten Daten über den gewählten Laufwerksbuchstaben zugreifen).\n\nBITTE MERKEN SIE SICH ODER SCHREIBEN SIE SICH DIE OBEN GENANNTEN SCHRITTE AUF. SIE MÜSSEN DIESE JEDES MAL BEFOLGEN, WENN SIE DAS VOLUME EINBINDEN UND AUF DARAUF BEFINDLICHE DATEN ZUGREIFEN MÖCHTEN. Alternativ klicken Sie im VeraCrypt-Hauptbildschirm auf „Datenträger ...“, dann wählen Sie diese(s) Partition/Volume und klicken auf „Einbinden“.\n\nDie Partition/das Volume wurde erfolgreich verschlüsselt (es enthält jetzt ein voll-verschlüsseltes VeraCrypt-Volume und ist einsatzbereit. - Das VeraCrypt-Volume wurde erfolgreich entschlüsselt. - Das VeraCrypt-Volume wurde erfolgreich entschlüsselt.\n\nBitte wählen Sie einen Laufwerksbuchstaben aus, der dem entschlüsselten Laufwerk zugewiesen werden soll und klicken Sie auf „Fertigstellen“.\n\nWICHTIG: Solange dem entschlüsselten Laufwerk kein Laufwerksbuchstabe zugewiesen wurde, kann nicht auf die darauf vorhandenen Daten zugegriffen werden. - WARNUNG: Um auf die entschlüsselten Daten zugreifen zu können, muss dem entschlüsselten Laufwerk ein Laufwerksbuchstabe zugewiesen werden, jedoch steht momentan kein freier Laufwerksbuchstabe zur Verfügung.\n\nBitte einen verwendeten Laufwerksbuchstaben freigeben (z.B. durch Abziehen eines USB-Sticks oder anderer externer Laufwerke) und dann mit „OK“ bestätigen. - Das VeraCrypt-Volume wurde erfolgreich erstellt. - Volume wurde erstellt - WICHTIG: Den Mauszeiger in diesem Fenster zufällig hin und her bewegen. Je länger (min. 30 Sek.) Sie die Maus bewegen desto besser. Dies trägt zu einer verbesserten Verschlüsselung bei. Klicken Sie auf „Formatieren“, um mit der Erstellung fortzufahren. - Klicken Sie auf „Formatieren“, um das äußere Volume zu erstellen. Für mehr Informationen lesen Sie bitte die Dokumentation. - Format des äußeren Volumes - Format des versteckten Volumes - Volume-Format - Adobe Reader (oder ein anderes dazu kompatibles Programm) wird benötigt, um das VeraCrypt-Benutzerhandbuch anzeigen oder drucken zu können. Der Adobe Reader (Freeware) kann unter http://www.adobe.com heruntergeladen werden.\n\nMöchten Sie stattdessen die Online-Dokumentation ansehen? - Bei Auswahl dieser Option erstellen Sie zuerst mit dem Assistenten ein normales VeraCrypt-Volume und dann innerhalb dieses neuen Volumes ein verstecktes VeraCrypt-Volume. Unerfahrene Benutzer sollten immer diese Option wählen. - Mit dieser Auswahl erstellen Sie ein verstecktes Volume in einem bestehenden VeraCrypt-Volume. Es wird davon ausgegangen, dass Sie bereits ein VeraCrypt-Volume erstellt haben und dieses in der Lage ist, ein verstecktes Volume zu beinhalten. - Volume Erstellungsmethode - Verstecktes Volume wurde erstellt - Das versteckte VeraCrypt-Volume wurde erfolgreich erstellt und ist gebrauchsbereit. Wenn alle Anweisungen korrekt befolgt wurden und wenn die Vorsichtsmaßnahmen und Anforderungen aus dem Abschnitt „Security Requirements and Precautions Pertaining to Hidden Volumes“ im VeraCrypt-Benutzerhandbuch befolgt wurden, wird es unmöglich sein zu beweisen, dass das versteckte Volume existiert, auch wenn das äußere Volume eingebunden ist.\n\nACHTUNG: SCHREIBEN SIE NICHTS AUF DAS ÄUSSERE VOLUME WENN SIE DAS VERSTECKTE VOLUME NICHT ABSICHERN (Informationen wie Sie das versteckte Volume absichern können, finden Sie im Abschnitt „Protection of Hidden Volumes Against Damage“ im VeraCrypt-Benutzerhandbuch). ANDERNFALLS KÖNNEN SIE DAS VERSTECKTE VOLUME BESCHÄDIGEN UND UNWIEDERBRINGLICH ÜBERSCHREIBEN! - Sie haben das versteckte Betriebssystem gestartet. Wie Sie vielleicht bemerkt haben, scheint das versteckte Betriebssystem auf der gleichen Partition installiert zu sein wie das Originale Betriebssystem. In Wirklichkeit ist es jedoch auf der Partition hinter diesem installiert (in dem versteckten Volume). Alle Lese- und Schreiboperationen werden transparent von der ursprünglichen Systempartition zu dem versteckten Volume weitergeleitet.\n\nWeder das Betriebssystem noch die Programme werden wissen, dass Daten auf die/von der Systempartition geschrieben/gelesen werden – tatsächlich wird auf die/von der Partition dahinter geschrieben/gelesen (von/zu einem versteckten Volume). Alle Daten werden wie üblich „on-the-fly“ ver- und entschlüsselt (mit einem Verschlüsselungsschlüssel der anders ist, als der für das Köder-Betriebssystem).\n\n\nKlicken Sie auf „Weiter“, um fortzufahren. - Das äußere Volume wurde erstellt und als Laufwerk %hc: eingebunden. Auf dieses äußere Volume sollten Sie nun einige vertraulich aussehende Dateien kopieren, die Sie eigentlich nicht verstecken möchten. Diese werden für jeden da sein, der Sie zwingt das Passwort für die erste Partition hinter der Systempartition zu verraten, wo sich das äußere und das versteckte Volume (enthält das versteckte Betriebssystem) befinden werden. Sie werden im Stande sein das Passwort für dieses äußere Volume herauszugeben und die Existenz des versteckten Volumes (und des versteckten Betriebssystems) bleibt trotzdem geheim.\nWICHTIG: Die Dateien, die Sie auf das äußere Volume kopieren, sollten nicht mehr als %s belegen. Andernfalls gibt es möglicherweise nicht genügend Speicherplatz auf dem äußeren Volume für das versteckte Volume (und Sie werden nicht fortfahren können). Nachdem Sie mit dem Kopieren fertig sind, klicken Sie auf „Weiter“ (das Volume nicht trennen). - Das äußere Volume wurde erfolgreich erstellt und als Laufwerk %hc: eingebunden. Jetzt müssen Sie noch einige sensibel aussehende Alibi-Dateien auf dieses Volume kopieren. Diese Dateien sind für Personen bestimmt welche die Herausgabe des Passwortes erzwingen möchten. Diesen Personen offenbaren Sie nur das Passwort des äußeren, nicht aber das des versteckten Volumes. Die wirklich wichtigen Dateien speichern Sie in das (noch zu erstellende) versteckte Volume. Klicken Sie nach dem Kopieren der Alibi-Dateien auf „Weiter“, ohne zuvor das Volume zu trennen. Es erfolgt dann eine Analyse der Clusterbelegung des äußeren Volumes, um festzustellen, wie viel freier zusammenhängender Speicher vom Ende des Volumes aus verfügbar ist. Dieser Bereich wird für die Unterbringung des versteckten Volumes verwendet. Die Analyse der Clusterbelegung stellt sicher, dass keine Daten des äußeren Volumes durch das versteckte Volume überschrieben werden. - Inhalt des äußeren Volumes - \n\nIn den nächsten Schritten werden Sie die Optionen für das äußere Volume festlegen (innerhalb dessen später das versteckte Volume erstellt wird). - \n\nIn den nächsten Schritten erstellen Sie ein so genanntes äußeres VeraCrypt-Volume innerhalb der ersten Partition hinter der Systempartition (wie es in einem der vorherigen Schritte erklärt wurde). - Äußeres Volume - In den folgenden Schritten werden Sie die Optionen und das Passwort für das versteckte Volume festlegen, das das versteckte Betriebssystem enthalten wird.\n\nHinweis: Die Cluster-Bitmap des äußeren Volumes wurde gescannt, um die Größe des zusammenhängenden freien Speichers zu ermitteln, dessen Ende mit dem Ende des äußeren Volumes übereinstimmt. Dieser Bereich wird das versteckte Volume aufnehmen, somit begrenzt es dessen maximal mögliche Größe. Die maximal mögliche Größe des versteckten Volumes wurde festgelegt und geprüft. Sie ist größer als die der Systempartition (was erforderlich ist, da der gesamte Inhalt der Systempartition in das versteckte Volume kopiert werden muss). Dadurch wird sichergestellt, dass keine der Daten, die zurzeit auf dem äußeren Volume gespeicherten sind, durch Daten überschrieben werden, die in den Bereich des versteckten Volumes geschrieben werden. - WICHTIG: Bitte merken Sie sich die Algorithmen, die Sie in diesem Schritt wählen. Sie müssen die gleichen Algorithmen für das Köder-System wählen. Andernfalls wird es nicht möglich sein, auf das versteckte Betriebssystem zuzugreifen! (Das Köder-System muss mit demselben Verschlüsselungsalgorithmus verschlüsselt sein wie das Versteckte System).\n\nHinweis: Der Grund hierfür ist, dass das Köder-System und das versteckte System sich einen Bootloader teilen werden, der nur einen vom Benutzer gewählten Algorithmus unterstützt (für jeden Algorithmus gibt es eine spezielle Version des VeraCrypt-Bootloaders). - \n\nDie Clusterbelegung wurde analysiert und die maximal mögliche Größe des versteckten Volumes ermittelt. In den folgenden Schritten legen Sie die Einstellungen, die Größe und das Passwort des versteckten Volumes fest. - Verstecktes Volume - Das versteckte Volume ist jetzt geschützt, solange das äußere Volume getrennt ist.\n\nACHTUNG: Wenn versucht wird Daten in den Bereich des versteckten Volumes zu speichern, dann wird VeraCrypt den Schreibschutz für das gesamte Volume verwenden (sowohl den äußeren als auch den versteckten Teil) bis es getrennt wurde. Dies kann dazu führen, dass Beschädigungen am Dateisystem des äußeren Volumes auftreten können, die die (wenn wiederholt) glaubhafte Leugnung des versteckten Volumes beeinträchtigt. Sie sollten daher alle Anstrengungen unternehmen, um das Schreiben von Daten in das versteckte Volume zu vermeiden. Alle Daten die in das versteckte Volume gespeichert werden, gehen verloren. Windows gibt deswegen möglicherweise einen Fehler aus („Delayed Write Failed“ oder „The parameter is incorrect“). - Jedes der versteckten Volumes innerhalb der gerade eingebundenen Volumes ist vor Beschädigungen geschützt, solange es nicht eingebunden ist.\n\nWARNUNG: Wenn versucht wird Daten in den Bereich der versteckten Volumes zu speichern, dann wird VeraCrypt den Schreibschutz für die gesamten Volumes verwenden (sowohl den Äußeren als auch den Versteckten Teil) bis es getrennt wurde. Dies kann dazu führen, dass Beschädigungen am Dateisystem des äußeren Volumes auftreten können, welche die (wenn wiederholt) glaubhafte Leugnung des versteckten Volumes beeinträchtigt. Sie sollten daher alle Anstrengungen unternehmen, um zu vermeiden, Daten in das versteckte Volume zu schreiben. Alle Daten die in das versteckte Volume gespeichert werden gehen verloren. Windows gibt deswegen möglicherweise einen Fehler aus („Delayed Write Failed“ oder „The parameter is incorrect“). - WARNUNG: Es wurde versucht Daten in den Bereich des versteckten Volumes zu speichern. Das Volume ist eingebunden als %c:! VeraCrypt hat verhindert, dass die Daten gespeichert werden, um das versteckte Volume zu schützen. Dies hätte möglicherweise das Dateisystem auf dem Äußeren Volume beschädigt und Windows hätte vermutlich einen Schreibfehler ausgegeben („Delayed Write Failed“ oder „The parameter is incorrect“). Das gesamte Volume (der äußere und der versteckte Teil) wird Schreibgeschützt sein bis es getrennt wurde. Passiert es nicht zum ersten Mal, dass VeraCrypt verhindert hat, dass Daten in den versteckten Teil dieses Volumes geschrieben wurden, könnte die glaubhafte Leugnung des versteckten Volumes beeinträchtigt sein (möglicherweise wegen Inkonsistenzen mit dem Dateisystem des äußeren Volumes). Daher sollten Sie die Erstellung eines neuen VeraCrypt-Volumes in Erwägung ziehen (mit deaktivierter Schnellformatierung) und die Daten von diesem in das neue Volume verschieben; dieses Volume sollte dann sicher gelöscht werden (sowohl das äußere als auch das versteckte). Wir empfehlen dringend, dass Sie das Betriebssystem jetzt Neustarten. - Sie haben angegeben, dass Sie Dateien speichern möchten die größer als 4GB sind. Dafür muss das Volume mit NTFS/exFAT formatiert werden, was allerdings nicht möglich sein wird. - Bitte beachten Sie, dass es unmöglich ist nicht versteckte Volumes mit NTFS/exFAT zu formatieren wenn ein verstecktes Betriebssystem aktiv ist. Der Grund dafür ist, dass das Volume kurzfristig ohne Schreibschutz eingebunden werden müsste, um dem Betriebssystem die NTFS-Formatierung zu ermöglichen (FAT-Formatierung wird hingegen durch VeraCrypt durchgeführt ohne das Volume einzubinden). Für weitere technische Details, siehe unten. Sie können ein nicht verstecktes NTFS/exFAT-Volume aus dem Köder-System heraus erstellen. - Wenn ein verstecktes Betriebssystem läuft können versteckte Volumes aus Sicherheitsgründen nur im „direkten“ Modus erstellt werden (weil äußere Volumes immer schreibgeschützt eingebunden werden müssen). Um ein verstecktes Volume sicher zu erstellen, befolgen sie diese Schritte:\n\n1) Das Köder-System starten\n\n2) Ein normales VeraCrypt-Volume erstellen und einige sensibel aussehende Dateien hinein kopieren, die Sie jedoch NICHT verstecken möchten (dieses Volume wird am Ende das äußere Volume werden).\n\n3) Das versteckte Betriebssystem starten und den Assistent zum Erstellen eines VeraCrypt-Volumes starten. Wenn das Volume eine Containerdatei ist, verschieben Sie es auf die Systempartition oder ein anderes verstecktes Volume (andernfalls wird das neu erstellte versteckte Volume schreibgeschützt eingebunden und kann nicht formatiert werden). Befolgen Sie die Anleitung im Assistenten, um den „direkten“ Modus zu wählen.\n\n4) Im Assistenten wählen Sie nun das im Schritt 2 erstellte Volume aus und erstellen darin ein neues verstecktes Volume. - Wenn ein verstecktes Betriebssystem ausgeführt wird, werden lokale unverschlüsselte Dateisysteme und nicht versteckte VeraCrypt-Volumes aus Sicherheitsgründen als schreibgeschützt eingebunden (auf solche Dateisysteme oder VeraCrypt-Volumes können keine Daten geschrieben werden).\n\nDaten dürfen in jedes Dateisystem geschrieben werden das sich in einem Versteckten VeraCrypt-Volume befindet (vorausgesetzt, das versteckte Volume ist in keinem Container, der sich auf einem unverschlüsselten oder schreibgeschützten Dateisystem befindet). - Es gibt drei Hauptgründe warum solche Gegenmaßnahmen eingebaut wurden:\n\n- Sie ermöglichen die Erstellung einer sicheren Plattform mit der versteckte VeraCrypt-Volumes eingebunden werden können. Bitte beachten Sie unsere offizielle Empfehlung, versteckte Volumes nur einzubinden wenn ein verstecktes Betriebssystem läuft. (Für mehr Informationen, siehe Abschnitt „Security Requirements and Precautions Pertaining to Hidden Volumes“ in der Dokumentation.)\n\n- In manchen Fällen ist es möglich festzustellen, dass ein bestimmtes Dateisystem zu einer gewissen Zeit nicht unter einer bestimmten Instanz eines Betriebssystems eingebunden war, oder dass eine bestimmte Datei auf dem Dateisystem nicht innerhalb dieses Systems geändert oder gespeichert wurde (zum Beispiel durch Analyse und Vergleich von Dateisystemprotokollen, Zeitstempeln, Anwendungsprotokollen, Fehlerprotokollen usw.). Daraus kann geschlossen werden, dass ein weiteres Betriebssystem auf dem Computer installiert ist. Die Gegenmaßnahmen verhindern diese Probleme.\n\n- Sie verhindern Datenverfall und ermöglichen sicheren Standby- bzw. Ruhemodus. Wenn Windows aus dem Ruhezustand wieder aufwacht nimmt es an, dass alle eingebundenen Dateisysteme im selben Zustand sind wie vor dem Ruhezustand. VeraCrypt stellt sicher, dass dem so ist, indem es alle Dateisysteme auf die vom Köder-System und vom versteckten Betriebssystem aus zugegriffen werden kann, mit einem Schreibschutz versieht. Ohne diesen Schutz könnte das Dateisystem durch ein Betriebssystem beschädigt werden wenn das andere System sich im Ruhezustand befindet. - Hinweis: Wenn Sie Dateien sicher von dem Köder-System zum versteckten System übertragen möchten, dann folgen Sie diesen Schritten: 1) Starten Sie das Köder-System. 2) Speichern Sie die Dateien auf ein unverschl. Datenträger oder in ein äußeres/normales VeraCrypt-Volume. 3) Starten Sie das versteckte System. 4) Wenn Sie die Dateien auf ein VeraCrypt-Volume gespeichert haben, binden Sie es ein (es wird automatisch als schreibgeschützt eingebunden). 5) Kopieren Sie die Dateien auf die versteckte Systempartition oder auf ein anderes verstecktes Volume. - Ihr Computer muss Neu gestartet werden.\n\nMöchten Sie jetzt Neu starten? - Beim Abruf des Status für die Systemverschlüsselung ist ein Fehler aufgetreten. - Kein Passwort auf der Kommandozeile angegeben. Das Volume kann nicht erstellt werden. - Keine Volume-Größe auf der Kommandozeile angegeben. Das Volume kann nicht erstellt werden. - Unzulässige Volume-Größe auf der Kommandozeile angegeben in Verbindung mit dem NTFS-Dateisystem. - Unzulässige Volume-Größe auf der Kommandozeile angegeben in Verbindung mit dem FAT32-Dateisystem. - Das Dateisystem auf dem Ziellaufwerk unterstützt keine Sparse-Dateien, was für dynamische Volumes erforderlich wäre. - Nur Containerdateien können auf der Kommandozeile erstellt werden. - Nicht genügend freier Speicherplatz für die, auf der Kommandozeile, angegebene Größe der Containerdatei. Das Volume kann nicht erstellt werden. - Auf der Kommandozeile angegebene Volume-Größe ist zu klein. Das Volume kann nicht erstellt werden. - Auf der Kommandozeile angegebene Volume-Größe ist zu groß. Das Volume kann nicht erstellt werden. - Die Anwendungskomponenten konnten nicht Initialisiert werden. - Der Zufallszahlengenerator konnte nicht initialisiert werden!\n\n\n(Sollten Sie in diesem Zusammenhang einen Fehler melden, so bitten wir Sie folgende technische Informationen dem Fehlerbericht hinzuzufügen: %hs, Letzter Fehler = 0x%.8X) - Windows Crypto API ist fehlgeschlagen!\n\n\n(Sollten Sie in diesem Zusammenhang einen Fehler melden, so bitten wir Sie folgende technische Informationen dem Fehlerbericht hinzuzufügen: %s, Letzter Fehler = 0x%.8X) - Die Anwendung konnte nicht initialisiert werden. Die Registrierung der Dialogklasse ist fehlgeschlagen. - Fehler: Kann die 'RichEdit' Systembibliothek nicht laden. - VeraCrypt-Volume erstellen - Die maximal mögliche Größe für ein verstecktes Volume innerhalb dieses Volume ist %.2f Byte. - Die maximal mögliche Größe für ein verstecktes Volume innerhalb diesem Volume ist %.2f KB. - Die maximal mögliche Größe für ein verstecktes Volume innerhalb diesem Volume ist %.2f MB. - Die maximal mögliche Größe für ein verstecktes Volume innerhalb diesem Volume ist %.2f GB. - Die maximal mögliche Größe für ein verstecktes Volume innerhalb diesem Volume ist %.2f TB. - Volume-Passwort/Schlüsseldateien können nicht geändert werden solange das Volume eingebunden ist. Trennen Sie bitte zuvor das Volume. - Der Algorithmus für die Headerschlüsselberechnung kann nicht geändert werden solange das Volume eingebunden ist. Trennen Sie bitte zuvor das Volume. - E&inbinden - Zum Einbinden dieses Volumes wird eine neuere VeraCrypt-Version benötigt. - Fehler: Der Assistent zum Erstellen von VeraCrypt-Volumes wurde nicht gefunden.\n\nDie Datei „VeraCrypt Format.exe“ muss sich in demselben Verzeichnis befinden von welchem aus "VeraCrypt.exe" gestartet worden ist. Falls diese Datei fehlt muss VeraCrypt neu installiert, oder die Datei „VeraCrypt Format.exe“ manuell gesucht und gestartet werden. - Fehler: Der Volume-Expander wurde nicht gefunden.\n\nBitte stellen Sie sicher, dass sich die Datei „VeraCryptExpander.exe“ im dem Ordner befindet, von welchem aus die Datei „VeraCrypt.exe“ gestartet wurde. Andernfalls installieren Sie VeraCrypt bitte neu oder suchen Sie die Datei „VeraCryptExpander.exe“ auf Ihrer Festplatte und starten Sie diese. - &Weiter > - &Fertig stellen - &Installieren - E&ntpacken - Es konnte keine Verbindung zum VeraCrypt Hardware Treiber hergestellt werden. VeraCrypt kann nicht arbeiten solange der Hardware Treiber nicht läuft.\n\nBedenken Sie, dass es sich um einen Windows Fehler handelt. Es könnte erforderlich sein sich neu Anzumelden oder das System neu zu starten bevor der Hardware Treiber geladen werden kann. - Es ist ein Fehler beim Laden/Verarbeiten der Schriftarten aufgetreten. - Der Laufwerksbuchstabe konnte nicht ermittelt werden oder es wurde keiner festgelegt. - Fehler: Laufwerksbuchstabe kann nicht zugeordnet werden.\n\nSolange dem entschlüsselten Volume kein Laufwerksbuchstabe zugeordnet ist, können Sie nicht auf die im Volume gespeicherten Daten zugreifen.\n\nNoch einmal versuchen? - Laufwerksbuchstabe nicht verfügbar. - Es wurde keine Datei ausgewählt! - Es sind keine Laufwerksbuchstaben verfügbar. - Es ist kein Laufwerksbuchstabe für das äußere Volume verfügbar! Das Volume kann nicht erstellt werden. - Fehler beim Ermitteln der Betriebssystemversion, oder das Betriebssystem wird nicht unterstützt. - Es wurde kein Pfad ausgewählt! - Es ist nicht genügend Platz für das versteckte Volume vorhanden! Das Volume kann nicht erstellt werden. - Fehler: Die Dateien die Sie auf das äußere Volume kopiert haben belegen zu viel Speicherplatz. Deshalb ist nicht genügend freier Speicherplatz auf dem äußeren Volume, für das versteckte Volume verfügbar.\n\nBeachten Sie, dass das versteckte Volume so groß sein muss wie die Systempartition (die Partition auf dem das aktuell ausgeführte Betriebssystem installiert ist). Der Grund ist, dass das versteckte Betriebssystem erstellt werden muss, indem der Inhalt der Systempartition in das versteckte Volume kopiert wird.\n\n\nDer Vorgang für die Erstellung des versteckten Betriebssystems kann nicht fortgesetzt werden. - Der VeraCrypt-Treiber kann das Volume nicht trennen. Einige Dateien auf dem Volume sind wahrscheinlich noch geöffnet. - Das Volume kann nicht gesperrt werden. Einige Dateien auf dem Volume sind noch geöffnet und verhindern dadurch das Trennen. - VeraCrypt kann das Volume nicht sperren weil es vom System oder von Programmen verwendet wird (es könnte offene Dateien auf dem Volume geben).\n\nMöchten sie die Trennung auf dem Volume erzwingen? - VeraCrypt-Volume auswählen - Pfad- und Dateiname angeben - Wähle PKCS #11 Bibliothek - Kein Speicher mehr vorhanden - WICHTIG: Wir empfehlen unerfahrenen Nutzern dringend eine VeraCrypt-Containerdatei auf der ausgewählten Partition/Laufwerk zu erstellen anstatt zu versuchen die gesamte Partition/Laufwerk zu verschlüsseln.\n\nWenn Sie eine VeraCrypt-Containerdatei erstellen besteht zum Beispiel (im Gegensatz zum Verschlüsseln einer ganzen Partition oder eines Laufwerks) keine Gefahr eine große Zahl von Dateien zu zerstören. Bitte beachten Sie, dass eine VeraCrypt-Containerdatei (obwohl sie eine virtuelle verschlüsselte Festplatte enthält) sich genau wie eine normale Datei verhält (sie kann z.B. kopiert, verschoben oder gelöscht werden). Für mehr Informationen siehe Kapitel „Beginner's Tutorial“ im VeraCrypt Benutzerhandbuch.\n\nSind Sie sicher, dass Sie die gesamte Partition / das gesamte Laufwerk verschlüsseln möchten? - WARNUNG: Die Datei „%s“ existiert bereits!\n\nWICHTIG: VERACRYPT WIRD DIE DATEI NICHT VERSCHLÜSSELN SONDERN LÖSCHEN. Sind Sie sicher, dass Sie die Datei löschen möchten und mit dem neuen VeraCrypt-Container ersetzen möchten? - WARNUNG: Alle zurzeit gespeicherten Dateien auf %s '%s'%s werden gelöscht und gehen verloren (SIE WERDEN NICHT VERSCHLÜSSELT!)!\n\nMöchten Sie trotzdem mit dem Formatieren beginnen? - WARNUNG: Sie werden nicht in der Lage sein das Volume einzubinden oder auf Daten zuzugreifen, die darauf sind, bis es vollständig verschlüsselt wurde.\n\nSind Sie sicher, dass Sie mit dem Verschlüsseln von %s '%s'%s beginnen möchten? - WARNUNG: Sie werden nicht in der Lage sein das Volume einzubinden oder auf Daten zuzugreifen, die darauf sind, bis es vollständig entschlüsselt wurde.\n\nSind Sie sicher, dass Sie mit dem Entschlüsseln von %s '%s'%s beginnen möchten? - WARNUNG: Wenn die Stromversorgung plötzlich unterbrochen wird während vorhandene Daten „in-place“ verschlüsselt werden, oder wenn das Betriebssystem wegen eines Software- oder Hardwarefehlers abstürzt während VeraCrypt vorhandene Daten „in-place“ verschlüsselt, werden Daten beschädigt oder gehen verloren. Stellen Sie daher vor dem Verschlüsseln sicher, dass Sie von den Dateien, die Sie verschlüsseln möchten, eine Sicherungskopie haben.\n\nHaben Sie eine solche Sicherung? - Vorsicht: Alle aktuell gespeicherten Daten auf der Partition „%s“ %s (d.h. auf der ersten Partition hinter der Systempartition) werden gelöscht und gehen verloren (sie werden nicht verschlüsselt)!\n\nSind Sie sicher, dass Sie mit dem Formatieren fortfahren möchten? - WARNUNG: DIE AUSGEWÄHLTE PARTITION ENTHÄLT EINE GROSSE MENGE AN DATEN! Jede Datei die sich auf der Partition befindet wird gelöscht und geht verloren (sie werden NICHT verschlüsselt)! - Löscht alle Dateien die sich auf der Partition befinden, durch Erstellen eines VeraCrypt-Volumes innerhalb dieser. - Passwort - PIM - Algorithmus für Headerschlüsselberechnung ändern - Schlüsseldateien dem/vom Volume hinzufügen/entfernen - Alle Schlüsseldateien vom Volume entfernen - Passwort, PIM und/oder Schlüsseldatei(en) wurden erfolgreich geändert.\n\nWICHTIG: Bitte stellen Sie sicher, dass Sie den Abschnitt „Changing Passwords and Keyfiles“ im Kapitel „Security Requirements and Precautions“ im VeraCrypt Benutzerhandbuch gelesen haben. - Dieses Volume ist ein Systemfavorit und sein PIM wurde geändert.\nMöchten Sie, dass VeraCrypt automatisch die Einstellung des Systemfavoriten aktualisiert (Administratorrechte benötigt)?\n\nBitte beachten Sie: Wenn Sie mit Nein antworten, müssen Sie den Systemfavoriten manuell aktualisieren. - WICHTIG: Wenn Sie Ihren VeraCrypt-Rettungsdatenträger nicht zerstört haben, dann kann Ihre Systempartition/Ihr Systemlaufwerk weiterhin mit dem alten Passwort entschlüsselt werden (durch starten des VeraCrypt-Rettungsdatenträgers und die Eingabe des alten Passwortes). Sie sollten einen neuen VeraCrypt-Rettungsdatenträger erstellen und den alten vernichten.\n\nMöchten Sie einen neuen Rettungsdatenträger erstellen? - Beachten Sie, dass Ihr VeraCrypt-Rettungsdatenträger weiterhin den vorherigen Algorithmus verwendet. Wenn Sie den vorherigen Algorithmus als unsicher einstufen, dann sollten Sie einen neuen VeraCrypt-Rettungsdatenträger erstellen und den alten vernichten.\n\nMöchten Sie einen neuen Rettungsdatenträger erstellen? - Jede Art von Datei (z.B. .mp3, .jpg, .zip) kann als VeraCrypt-Schlüsseldatei (SD) genutzt werden. VeraCrypt ändert niemals den Inhalt der Schlüsseldatei. Sie können mehr als eine Schlüsseldatei wählen (die Reihenfolge ist egal). Wenn Sie einen Ordner hinzufügen werden alle nicht versteckten Dateien darin als Schlüsseldateien verwendet. Klicken Sie auf „Token/SmartCard“ um SDs zu wählen die auf Sicherheitstokens/Smart-Cards gespeichert sind (oder um SDs dort zu speichern). - Schlüsseldatei(en) wurde(n) erfolgreich hinzugefügt/entfernt - Schlüsseldatei exportiert. - Der Algorithmus für die Headerschlüsselberechnung wurde erfolgreich geändert. - Bitte geben Sie das Passwort und/oder die Schlüsseldatei(en) für das Nicht-System Volume an, von dem Sie den „in-place“ Verschlüsselungsprozess fortsetzen möchten.\n\n\nHinweis: Nachdem Sie auf Weiter klicken wird VeraCrypt versuchen alle Nicht-System Volumes zu finden, wo der Verschlüsselungsprozess unterbrochen wurde und wo der VeraCrypt-Volume-Header mit dem angegebenen Passwort und/oder der Schlüsseldatei(en) entschlüsselt werden kann. Wenn mehr als ein solches Volume gefunden wird, dann müssen Sie eines davon im nächsten Schritt auswählen. - Bitte wählen Sie eines der aufgelisteten Volumes. Die Liste enthält jedes zugängliche Nicht-System Volume, bei dem der Verschlüsselungsprozess unterbrochen wurde und wo mithilfe des Passwortes und/oder der Schlüsseldatei(en) der Header entschlüsselt werden konnte. - Bitte geben Sie das Passwort und/oder die Schlüsseldatei(en) für das Nicht-System Volume an, welches Sie entschlüsseln möchten. - Es wird dringend empfohlen ein gutes Passwort zu wählen. Passwörter die in einem Wörterbuch zu finden sind (und ebenso Kombinationen aus 2, 3 oder 4 solcher Wörter) sollten nicht verwendet werden. Das Passwort sollte keine Namen oder Geburtstage enthalten, und nicht leicht zu erraten sein. Ein gutes Passwort ist eine zufällige Kombination aus Groß- und Kleinbuchstaben, Zahlen, und Sonderzeichen wie @ ^ = $ * + etc. Es ist zudem empfehlenswert ein Passwort mit mehr als 20 Zeichen zu wählen (je länger umso besser). Die mögliche Länge ist auf 64 Zeichen beschränkt. - Wählen Sie bitte ein Passwort für das versteckte Volume. - Wählen Sie ein Passwort für das versteckte Betriebssystem (d.h. für das versteckte Volume). - WICHTIG: Das Passwort, dass Sie in diesem Schritt für das versteckte Betriebssystem auswählen, muss sich erheblich von den zwei anderen Passwörtern unterscheiden (d.h. von dem Passwort für das äußere Volume und von dem Passwort für das Köder-Betriebssystem). - Geben Sie bitte das Passwort für das Volume ein, innerhalb welchem das versteckte Volume erstellt werden soll. Nachdem Sie "Weiter" angeklickt haben, wird VeraCrypt versuchen das Volume einzubinden. Sobald das Volume eingebunden ist, wird dessen Clusterbelegung analysiert, um festzustellen, wie viel freier zusammenhängender Speicher vom Ende des Volumes aus verfügbar ist. Der gefundene Bereich wird für die Unterbringung des versteckten Volumes verwendet. Dessen Größe legt zugleich auch die maximale Größe des versteckten Volumes festlegt. Das Analysieren der Clusterbelegung ist notwendig, um sicherzustellen, dass keine Daten des äußeren Volumes durch das versteckte Volume überschrieben werden. - \nWählen Sie ein Passwort für das äußere Volume. Das Passwort wird das sein, welches Sie einem Angreifer aushändigen können, wenn Sie dazu aufgefordert oder gezwungen werden.\n\nWICHTIG: Das Passwort muss sich erheblich von dem unterscheiden, welches Sie für das versteckte Volume auswählen werden.\n\nHinweis: Die maximal mögliche Passwortlänge beträgt 64 Zeichen. - Bitte wählen Sie ein Passwort für das äußere Volume. Dies wird das Passwort sein das Sie einem Angreifer verraten können, wenn Sie aufgefordert oder gezwungen werden das Passwort für die erste Partition hinter der Systempartition herauszugeben, auf der sich das äußere Volume und das versteckte Volume (mit dem ausgeblendete Betriebssystem) befinden wird. Die Existenz des versteckten Volumes (und des versteckten Betriebssystems) bleibt geheim. Beachten Sie, dass dieses Passwort nicht für das Köder-Betriebssystem ist.\n\nWICHTIG: Das Passwort muss sich erheblich von dem unterscheiden, welches von Ihnen für das versteckte Volume (d.h. für das versteckte Betriebssystem) ausgewählt wird. - Passwort des äußeren Volumes - Passwort des versteckten Volumes - Passwort für Verstecktes Betriebssystem - WARNUNG: Kurze Passwörter sind leicht durch Ausprobieren sämtlicher Kombinationen zu knacken!\n\nEmpfehlenswerte Passwörter bestehen aus mehr als 20 Zeichen.\n\nMöchten Sie das kurze Passwort wirklich verwenden? - Volume-Passwort - Falsches Passwort oder kein VeraCrypt-Volume. - Falsche Schlüsseldatei(en) und/oder falsches Passwort oder kein VeraCrypt-Volume. - Falsche Methode zum Einbinden, falsches Passwort, oder kein VeraCrypt-Volume. - Falsche Methode zum Einbinden, falsche Schlüsseldatei(en) und/oder Passwort, oder kein VeraCrypt-Volume. - Falsches Passwort oder es wurde kein VeraCrypt-Volume gefunden. - Falsche Schlüsseldatei(en) und/oder falsches Passwort oder es wurde kein VeraCrypt-Volume gefunden. - \n\nWARNUNG: Die Feststelltaste ist aktiviert. Dies führt möglicherweise zu einer falschen Passworteingabe. - MERKEN! Für Volume-Einbindung - PIM des äußeren Volumes - PIM des versteckten Volumes - PIM für verstecktes Betriebssystem - - Der PIM (Personal Iterations Multiplier) ist ein Wert, der die Anzahl der Iterationen für die Headerschlüssel-Ableitung wie folgt steuert:\n Iterationen = 15000 + (PIM x 1000).\n\nWird der Wert leer gelassen oder auf 0 gesetzt, benutzt VeraCrypt einen Standardwert (485) welcher hohe Sicherheit gewährleistet.\n\nWenn das Passwort weniger als 20 Zeichen hat, kann der PIM nicht kleiner als 485 sein, um ein minimales Sicherheitslevel zu gewährleisten.\nWenn das Passwort 20 Zeichen oder mehr hat, kann der PIM beliebig gesetzt werden.\nEin PIM Wert größer als 485 verlangsamt das Einbinden. Ein niedriger PIM Wert (kleiner als 485) beschleunigt das Einbinden, kann aber die Sicherheit verringern, wenn ein zu schwaches Passwort gewählt wurde. - Der PIM (Personal Iterations Multiplier) ist ein Wert, der die Anzahl der Iterationen für die Headerschlüssel-Ableitung wie folgt steuert:\n Iterationen = PIM x 2048.\n\nWird der Wert leer gelassen oder auf 0 gesetzt, benutzt VeraCrypt einen Standardwert welcher hohe Sicherheit gewährleistet.\n\nWenn das Passwort weniger als 20 Zeichen hat, kann der PIM nicht kleiner als 98 sein, um ein minimales Sicherheitslevel zu gewährleisten.\nWenn das Passwort 20 Zeichen oder mehr hat, kann der PIM beliebig gesetzt werden.\nEin PIM Wert größer als 98 verlangsamt den Bootvorgang. Ein niedriger PIM Wert (kleiner als 98) beschleunigt den Bootvorgang, kann aber die Sicherheit verringern, wenn ein zu schwaches Passwort gewählt wurde. - MERKEN! Für Bootvorgang - Der gewählte PIM-Wert ist größer als der VeraCrypt Standardwert.\nBitte beachten Sie, dass dies den Einbindungs- bzw. Bootvorgang erheblich verlangsamt. - Der gewählte PIM (Personal Iterations Multiplier)-Wert ist kleiner als der VeraCrypt Standardwert.\nBitte beachten Sie, dass dies die Sicherheit verringern kann, wenn ein zu schwaches Passwort gewählt wurde!\n\nBestätigen Sie, dass Sie ein starkes Passwort gewählt haben? - Der größtmögliche Wert für den PIM (Personal Iterations Multiplier) ist 65535. - Volume-PIM - \n\nWARNUNG: Versteckte Dateien wurden im Suchpfad gefunden. Diese versteckten Dateien können nicht als Schlüsseldateien verwendet werden. Wenn Sie diese Dateien als Schlüsseldateien verwenden möchten, müssen Sie das „Versteckt“-Attribut entfernen (Rechtsklick auf die Datei, „Eigenschaften“ wählen, „Versteckt“ abwählen, „OK“ klicken). Hinweis: Versteckte Dateien sind nur sichtbar wenn die entsprechende Option im Explorer aktiviert ist („Computer“ > „Organisieren“ > „Ordner und Suchfunktionen“ > „Ansicht“). - Wenn Sie versuchen, ein verstecktes Volume mit einem versteckten System zu schützen, stellen Sie bitte sicher, dass Sie die Standard-US-Tastaturbelegung verwenden, wenn Sie das Passwort für das versteckte Volume eingeben. Dies ist erforderlich, da das Passwort in der Prä-Boot-Umgebung eingegeben werden muss (bevor Windows gestartet wird), in welcher es keine anderen Tastaturbelegungen gibt. - VeraCrypt hat kein Volume gefunden wo die Verschlüsselung unterbrochen wurde und wo der Volume-Header durch das angegebene Passwort und/oder der Schlüsseldatei(en) entschlüsselt werden kann.\n\nStellen Sie bitte sicher, dass das Passwort und/oder die Schlüsseldatei(en) richtig sind und die Partition/das Volume nicht vom System oder von Anwendungen verwendet wird (einschließlich Anti-Viren Software). - Die ausgewählte Partition oder der Datenträger ist bereits vollständig verschlüsselt.\nHeader Flags = 0x%.8X - Die ausgewählte Partition oder der Datenträger benutzen keine „in-place“-Verschlüsselung.\nHeader Flags = 0x%.8X - \n\nHinweis: Wenn Sie versuchen eine Partition einzubinden die auf einem verschlüsselten Systemlaufwerk ohne Prä-Boot-Authentifikation ist oder eine Verschlüsselte Systempartition einbinden obwohl das darauf befindliche Betriebssystem nicht gestartet ist, dann wählen Sie „System“ > „Ohne Prä-Boot-Authentifikation einbinden ...“. - In diesem Modus können Sie keine, auf einem Laufwerk befindliche Partition einbinden, von der ein Teil innerhalb des Schlüsselbereiches der aktiven Systemverschlüsselung liegt.\n\nBevor Sie diese Partition in diesem Modus einbinden können, müssen Sie entweder ein Betriebssystem, das auf einem anderen Laufwerk installiert ist starten (verschlüsselt oder unverschlüsselt) oder starten Sie ein unverschlüsseltes Betriebssystem. - VeraCrypt kann keine einzelne Partition auf einem vollständig verschlüsselten Systemlaufwerk entschlüsseln (Sie können nur das gesamte Systemlaufwerk entschlüsseln). - WARNUNG: Da auf dem Laufwerk der VeraCrypt Bootloader gefunden wurde, könnte es sich um ein vollständig verschlüsseltes Systemlaufwerk handeln. Wenn dies zutrifft, beachten Sie bitte, dass VeraCrypt keine einzelne Partition auf einem vollständig verschlüsselten Systemlaufwerk entschlüsseln kann (Sie können nur das gesamte Systemlaufwerk entschlüsseln). In diesem Fall können Sie zwar fortfahren, aber erhalten später die Fehlermeldung „Falsches Passwort“. - < &Zurück - Die auf diesem System installierten Raw-Geräte können nicht aufgelistet werden! - Das Volume „%s“ existiert und ist schreibgeschützt. Soll dieses Volume wirklich ersetzt werden? - Zielverzeichnis auswählen - Schlüsseldatei auswählen - Suchpfad für Schlüsseldatei auswählen. WARNUNG: Es wird lediglich der Pfad nicht aber die Dateinamen berücksichtigt! - Wählen Sie den Ordner, in den die Schlüsseldatei(en) gespeichert werden sollen. - Die aktuelle Containerdatei wurde als Schlüsseldatei ausgewählt.\nDas ist unzulässig! - Entwickelt von Ross Anderson, Eli Biham, und Lars Knudsen. 1998 herausgegeben. 256-bit Schlüssellänge, 128-bit Blockgröße. Arbeitet im XTS-Modus. Serpent war einer der AES Finalisten. - Bitte Größe des zu erstellenden Containers angeben.\n\nWenn sie einen dynamischen (Sparse-Datei) Container erstellen, dann gibt dieser Wert seine maximal mögliche Größe an.\n\nHinweis: die Mindestgröße eines FAT Volumes ist 292 KB. Die Mindestgröße eines exFAT Volumes ist 424 KB. Die Mindestgröße eines NTFS Volumes ist 3792 KB. - Bitte Größe des zu erstellenden äußeren Volumes angeben.\n(Sie erstellen erst ein äußeres Volume und dann darin ein Verstecktes Volume). Die Mindestgröße eines Volumes innerhalb welchem ein verstecktes Volume erstellt werden kann ist 340 KB. - Bitte Größe des zu erstellenden versteckten Volumes angeben.\nDie Mindestgröße eines Versteckten Volumes ist 40 KB (oder 3664 KB wenn es mit NTFS formatiert ist). Das Maximum der Größe die Sie für das Versteckte Volume verwenden können wird oben angezeigt. - Größe des äußeren Volumes - Größe des versteckten Volumes - Bitte überprüfen Sie, dass die oben angezeigte Größe des ausgewählten Laufwerkes/der Partition korrekt ist und klicken auf Weiter. - Das Äußere Volume und das versteckte Volume (enthält das versteckte Betriebssystem) werden sich innerhalb der oben erwähnten Partition befinden. Es sollte die erste Partition hinter die Systempartition sein.\n\nBitte überprüfen Sie, dass die Größe der Partition und seine Nummer oben korrekt angezeigt werden und wenn dies so ist, klicken Sie auf „Weiter“. - \n\nBeachten Sie, dass die Mindestgröße eines Volumes, innerhalb dessen ein verstecktes Volume erstellt werden soll, 340 KB ist. - Volume-Größe - Dynamisch - WARNUNG: SELBSTTEST NICHT BESTANDEN! - Selbsttest für alle Algorithmen bestanden - Die Dateneinheit-Nummer, die Sie lieferten ist entweder zu lang oder zu kurz. - Der sekundäre Schlüssel, den Sie geliefert haben, ist zu lang oder kurz. - Der angegebene Chiffretext ist entweder zu lang oder zu kurz. - Der angegebene Testschlüssel ist entweder zu lang oder zu kurz. - Der angegebene Klartext ist entweder zu lang oder zu kurz. - 2 Chiffren in einer Kaskade. Betriebsmodus ist XTS. Jeder Block wird zuerst mit %s (%d-bit Schlüssel) und dann mit %s (%d-bit Schlüssel) verschlüsselt. Jede Chiffre verwendet einen eigenen Schlüssel. Alle Schlüssel sind voneinander unabhängig. - 3 Chiffren in einer Kaskade. Betriebsmodus ist XTS. Jeder Block wird zuerst mit %s (%d-bit Schlüssel), dann mit %s (%d-bit Schlüssel), und abschließend mit %s (%d-bit key) verschlüsselt. Jede Chiffre verwendet einen eigenen Schlüssel. Alle Schlüssel sind voneinander unabhängig. - Beachten Sie bitte dass, abhängig von der Einstellung des Systems, diese Autostart und Auto-Einbindungs Features nur funktionieren, wenn die Traveler Disk-Dateien auf einem nicht beschreibbaren Medium (CD/DVD o.ä.) erstellt werden. Beachten Sie bitte auch, dass dies kein Bug von VeraCrypt ist, sondern eine Beschränkung von Windows. - Die VeraCrypt Traveler Disk wurde erfolgreich erstellt.\n\nBitte beachten Sie, dass Administratorrechte benötigt werden, um VeraCrypt im mobilen Modus zu nutzen. Bitte beachten Sie ebenfalls, dass es über die Registry möglich sein kann nachzuweisen, dass VeraCrypt ausgeführt wurde, auch wenn es im mobilen Modus ausgeführt wurde. - VeraCrypt Traveler Disk - Entwickelt von Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, und Niels Ferguson. Im Jahr 1998 veröffentlicht. 256-bit Schlüssellänge, 128-bit Blockgröße. Arbeitet im XTS-Modus. Twofish war einer der AES Finalisten. - Weitere Informationen über %s - Unbekannt - Ein unspezifischer oder unbekannter Fehler ist aufgetreten (%d). - Einige Volumes enthalten Dateien oder Verzeichnisse die von Anwendungen oder dem System verwendet werden.\n\nTrennen erzwingen? - &Trennen - Fehler beim Trennen! - Das Volume enthält Dateien oder Verzeichnisse die von Anwendungen oder dem System verwendet werden.\n\nTrennen erzwingen? - Kein Volume ist am zugewiesenen Laufwerksbuchstaben eingebunden. - Das Volume ist bereits eingebunden. - Beim Versuch das Volume einzubinden ist ein Fehler aufgetreten. - Fehler beim Suchen des Start Sektors innerhalb des Volumes. - Fehler: Falsche Volume-Größe. - ACHTUNG: Sie sollten die Schnellformatierung nur in folgenden Fällen benutzen:\n\n1) Wenn das Gerät keine sensiblen Daten enthält und Sie keine glaubhafte Leugnung benötigen.\n2) Das Gerät bereits sicher und voll verschlüsselt wurde.\n\nSind Sie sicher, dass Sie die Schnellformatierung verwenden möchten? - Dynamische Container sind vor-belegte NTFS „sparse“-Dateien, deren reelle Größe (benutzter Speicherplatz) wächst, wenn neue Daten in diese eingefügt werden.\n\nWARNUNG: Die Geschwindigkeit von VeraCrypt-Containern in solchen „sparse“-Dateien ist bedeutend schlechter als die von normalen Dateien. „Sparse“-Container sind außerdem weniger sicher, da festgestellt werden kann, welche Sektoren nicht benutzt werden. Außerdem können solche Container nicht die Leugnung von versteckten Volumes bieten. Beachten Sie bitte auch, dass das verschlüsselte Dateisystem beschädigt werden kann, falls der Speicherplatz auf dem Hauptdatenträger nicht ausreicht.\n\nSind Sie sicher, dass sie ein „sparse“-Volume (dynamisch) erstellen möchten? - Bitte beachten Sie, dass die von Windows und VeraCrypt angezeigte Größe der dynamischen Containerdatei immer der maximalen Größe entspricht. Um die tatsächliche aktuelle Größe (physikalische Größe) herauszufinden: Rechtsklick auf die Containerdatei im Windows Explorer > „Eigenschaften“ > Wert bei „Größe auf Datenträger“.\n\nBeachten Sie weiter, dass die physikalische Größe des Containers sich auf das Maximum erhöht wenn der Container auf ein anderes Laufwerk verschoben wird. Dies kann verhindert werden indem ein neuer dynamischer Container auf dem Ziellaufwerk erstellt wird und die Daten dort hinein verschoben werden. - Passwort-Cache gelöscht - Passwörter (und/oder Schlüsseldateiinhalte) im VeraCrypt-Treiber-Cache wurden gelöscht. - VeraCrypt kann das Passwort eines fremden Volumes nicht ändern. - Wählen Sie bitte einen freien Laufwerksbuchstaben aus der Liste aus. - Wählen Sie bitte ein eingebundenes Volume aus der Liste der Laufwerksbuchstaben aus. - Zwei verschiedene eingebundene Volumes sind momentan ausgewählt (eines in der Laufwerksbuchstaben-Liste und eines im unteren Auswahlfeld).\n\nBitte wählen Sie ein Volume aus: - Fehler: autorun.inf konnte nicht erstellt werden. - Fehler beim Verarbeiten der Schlüsseldatei! - Fehler beim Verarbeiten des Schlüsseldatei-Pfades! - Der Schlüsseldateipfad enthält keine Dateien\n\nBitte beachten Sie, dass Ordner (und darin enthaltene Dateien) in Schlüsseldatei-Suchpfaden ignoriert werden. - Dieses Betriebssystem wird nicht von VeraCrypt unterstützt. - Fehler: VeraCrypt unterstützt nur stabile Versionen dieses Betriebssystems(Beta/RC Versionen werden nicht unterstützt). - Fehler: Speicher kann nicht reserviert werden. - Fehler: Es konnten keine Werte vom Leistungs-Zähler abgefragt werden. - Fehler: Fehlerhaftes Volume Format. - Fehler: Sie lieferten ein Passwort für ein verstecktes Volume (nicht für ein normales Volume). - Aus Sicherheitsgründen kann kein Verstecktes Volume innerhalb eines VeraCrypt-Volumes, dass ein „in-place“ verschlüsseltes Dateisystem enthält, erstellt werden (weil der freie Speicher auf dem Volume nicht mit Zufallsdaten gefüllt wurde). - VeraCrypt – Rechtliche Hinweise - Alle Dateien - VeraCrypt-Volume - Bibliothek-Module - Die Formatierung mit NTFS/exFAT kann nicht fortgesetzt werden. - Fehler beim Einbinden des Volumes. - Fehler beim Trennen des Volumes. - Windows konnte das Volume nicht mit NTFS/exFAT formatieren.\n\nWählen Sie bitte (falls möglich) einen anderen Dateisystem-Typ und versuchen Sie es erneut. Alternativ dazu können Sie das Volume unformatiert lassen (wählen Sie dazu „Keins“ als Dateisystem), beenden diesen Assistenten, binden das Volume ein, und verwenden anschließend ein Systemwerkzeug oder ein Werkzeug eines anderen Anbieters, um das eingebundene Volume zu formatieren (das Volume bleibt dabei weiterhin verschlüsselt). - Windows konnte das Volume nicht mit NTFS/exFAT formatieren.\n\nMöchten Sie stattdessen das Volume mit FAT formatieren? - Vorgabe - Partition - PARTITION - Datenträger - Datenträger - DATENTRÄGER - Volume - Volume - VOLUME - Bezeichnung - Die ausgewählte Cluster-Größe ist zu klein für diese Volume-Größe. Es wird stattdessen eine größere Cluster-Größe verwendet. - Fehler: Die Volume-Größe kann nicht bestimmt werden!\n\nStellen Sie bitte sicher, dass das ausgewählte Volume nicht vom System oder einer Anwendung verwendet wird. - Ein verstecktes Volume darf nicht innerhalb einer dynamischen Containerdatei (Sparse-Datei) erstellt werden. Für eine glaubhafte Leugnung müssen Sie das versteckte Volume innerhalb eines nicht-dynamischen Volumes erstellen. - Der Assistent zum Erstellen eines VeraCrypt-Volumes kann ein Verstecktes Volume nur innerhalb eines FAT/exFAT oder NTFS formatierten Volumes erstellen. - Unter Windows 2000 kann der Assistent ein Verstecktes Volume nur innerhalb eines FAT formatierten Volumes erstellen. - Hinweis: Das FAT/exFAT-Dateisystem eignet sich mehr für das äußere Volume, als das NTFS-Dateisystem (Beispielsweise kann die maximal mögliche Größe für das versteckte Volume bedeutend größer sein wenn das äußere Volume mit dem FAT/exFAT-Dateisystem formatiert ist). - Beachten Sie, dass das FAT/exFAT-Dateisystem besser für das äußere Volume geeignet ist als das NTFS-Dateisystem. Beispielsweise wird die maximal mögliche Größe des versteckten Volumes sehr wahrscheinlich erheblich größer sein wenn das äußere Volume mit FAT/exFAT formatiert ist (der Grund ist, dass das NTFS-Dateisystem interne Daten immer genau in der Mitte des Volumes speichert. Daher kann das versteckte Volume sich nur in der zweiten Hälfte des äußeren Volumes befinden und ist also maximal halb so groß wie das äußere Volume.\n\nSind Sie sicher, dass Sie das äußere Volume mit NTFS formatieren möchten? - Möchten Sie stattdessen das Volume mit FAT formatieren? - Hinweis: dieses Volume kann nicht mit FAT formatiert werden da es die maximale vom FAT32-Dateisystem unterstützte Größe für die zutreffende Sektorgröße überschreitet (2 TB für 512-Byte Sektoren und 16 TB für 4096-Byte Sektoren). - Fehler: Die Partition für das versteckte Betriebssystem (d.h. die erste Partition hinter der Systempartition) muss mindestens 5 % größer sein als die Systempartition (die Systempartition, auf der das aktuell ausgeführte Betriebssystem installiert ist). - Fehler: Die Partition für das versteckte Betriebssystem (d.h. die erste Partition hinter der Systempartition) muss mindestens 110 % (2,1-fache) größer sein als die Systempartition (die Systempartition, auf der das aktuell ausgeführte Betriebssystem installiert ist). Der Grund ist, dass das NTFS-Dateisystem interne Daten immer genau in der Mitte des Volumes speichert, daher kann das versteckte Volume (welches eine Kopie der Systempartition enthalten wird) sich nur in der zweiten Hälfte der Partition befinden. - Fehler: Wenn das äußere Volume mit NTFS formatiert ist, dann muss es mindestens 110% (2,1-fache) größer sein als die Systempartition. Der Grund ist, dass das NTFS-Dateisystem interne Daten immer genau in der Mitte des Volumes speichert, daher kann das versteckte Volume (welches eine Kopie der Systempartition enthalten wird) sich nur in der zweiten Hälfte der Partition befinden.\n\nHinweis: Das äußere Volume muss sich innerhalb der gleichen Partition befinden wie das versteckte Betriebssystem (d.h. innerhalb der ersten Partition hinter der Systempartition). - Fehler: Es gibt keine Partition hinter der Systempartition.\n\nBeachten Sie, bevor Sie ein verstecktes Betriebssystem erstellen können, müssen Sie dafür eine Partition auf dem Systemlaufwerk erstellen. Sie muss die erste Partition hinter der Systempartition sein und sie muss mindestens 5 % größer sein als die Systempartition (die Systempartition ist die, auf der das aktuell ausgeführte Betriebssystem installiert ist). Jedoch wenn das äußere Volume (nicht zu verwechseln mit der Systempartition) mit NTFS formatiert ist, dann muss die Partition für das versteckte Betriebssystem mindestens 110% (2,1-fache) größer sein als die Systempartition (der Grund ist, dass das NTFS-Dateisystem interne Daten immer genau in der Mitte des Volumes speichert, daher kann sich das versteckte Volume, welches eine Kopie der Systempartition enthalten wird, nur in der zweiten Hälfte der Partition befinden). - Hinweis: Es ist nicht praktikabel (und wird daher nicht unterstützt) Betriebssysteme in zwei VeraCrypt-Volumes zu installieren, die sich innerhalb einer einzigen Partition befinden, da beim Benutzen des äußeren Betriebssystems häufig Daten in den Bereich des versteckten Betriebssystems geschrieben werden (und wenn solche Schreib-Operationen unter Verwendung des Schutz-Features für Versteckte Volumes verhindert wurden, dann würde es grundsätzlich Systemabstürze verursachen, d.h. "Bluescreen" Fehler) - Für Informationen zum Erstellen und Verwalten von Partitionen, lesen Sie dazu bitte die mit Ihrem Betriebssystem mitgelieferte Dokumentation oder wenden Sie sich an das technische Supportteam Ihres Computerherstellers. - Fehler: Das aktuell ausgeführte Betriebssystem ist nicht in der Startpartition installiert (erste Aktive Partition). Dies wird nicht unterstützt. - Sie haben angegeben, dass Sie Dateien die größer als 4 GB sind auf diesem VeraCrypt-Volume speichern möchten. Sie haben jedoch das FAT Dateisystem gewählt auf dem keinen Dateien größer als 4 GB gespeichert werden können.\n\nSind Sie sicher, dass Sie das Volume mit FAT formatieren möchten? - Fehler: VeraCrypt unterstützt derzeit nicht die Entschlüsselung von älteren Nicht-System Volumes, welche mit VeraCrypt 1.0b oder früher erstellt wurden.\n\nHinweis: Sie können dennoch auf dem Volume gespeicherte Dateien entschlüsseln indem Sie diese auf ein unverschlüsseltes Volume kopieren/verschieben. - Fehler: VeraCrypt kann derzeit kein verstecktes VeraCrypt-Volume entschlüsseln.\n\nHinweis: Sie können dennoch die auf dem Volume gespeicherten Dateien entschlüsseln indem Sie diese auf ein unverschlüsseltes Volume kopieren/verschieben. - WARNUNG: Bitte beachten Sie, dass VeraCrypt derzeit kein Volume entschlüsseln kann, dass ein verstecktes VeraCrypt-Volume enthält (das versteckte Volume würde mit zufälligen Daten überschrieben werden).\n\n Bitte bestätigen Sie, dass das Volume, welches Sie entschlüsseln möchten, keine versteckten Volumes enthält.\n\nHinweis: Falls das Volume ein verstecktes Volume enthält und Sie mit dem Verlust des versteckten Volumes einverstanden sind, können Sie fortfahren (das äußere Volume wird sicher entschlüsselt). - Das Volume enthält kein verstecktes Volume. Fortsetzen. - Das Volume enthält ein verstecktes Volume. Abbrechen. - Fehler: Auf das Volume kann nicht zugegriffen werden!\n\nStellen Sie sicher, dass das ausgewählte Volume existiert, dieses nicht eingebunden ist, dieses nicht vom System oder einer Anwendung verwendet wird, dass Sie Lese- und Schreibrechte auf dieses Volume haben und dass es nicht schreibgeschützt ist. - Fehler: Kein Zugriff auf Volume Eigentumsrechte. - Fehler: Kann nicht auf das Volume zugreifen und/oder Informationen über das Volume erhalten.\n\nStellen Sie sicher, dass das ausgewählte Volume vorhanden ist, dass es nicht vom System oder Programmen verwendet wird, dass Sie Lese- und Schreibrechte für das Volume haben und dass es nicht schreibgeschützt ist. - Fehler: Kann nicht auf das Volume zugreifen und/oder Informationen über das Volume erhalten. Stellen Sie sicher, dass das ausgewählte Volume vorhanden ist, dass es nicht vom System oder Programmen verwendet wird, dass Sie Lese- und Schreibrechte für das Volume haben und dass es nicht schreibgeschützt ist.\n\nWenn das Problem weiterhin besteht, dann kann es helfen die folgenden Schritten zu befolgen. - Ein Fehler hindert VeraCrypt daran die Partition zu verschlüsseln. Bitte versuchen Sie bereits gemeldete Fehler zu beheben und versuchen es dann erneut. Wenn die Probleme weiterhin bestehen, dann kann es helfen die folgenden Schritte zu befolgen. - Ein Fehler hindert VeraCrypt daran den Verschlüsselungsprozess für die Partition fortzusetzen.\n\nBitte versuchen Sie bereits gemeldete Fehler zu beheben und versuchen dann erneut den Prozess fortzusetzen. Beachten Sie, dass das Volume nicht eingebunden werden kann, bis es vollständig verschlüsselt wurde. - Ein Fehler hinderte VeraCrypt daran das Volume zu entschlüsseln. Bitte versuchen Sie bereits gemeldete Fehler zu beheben und versuchen es dann erneut, falls möglich. - Fehler: Das Äußere Volume kann nicht getrennt werden!\n\nDas Volume kann nicht getrennt werden solange dessen Dateien oder Verzeichnisse noch von einem Programm oder dem System verwendet werden.\n\nSchließen Sie bitte jedes Programm welches möglicherweise Dateien oder Verzeichnisse dieses Volumes verwendet, und klicken Sie anschließend auf „Wiederholen“. - Fehler: Kann keine Informationen über das äußere Volume erhalten! Volume-Erstellung kann nicht fortgeführt werden. - Fehler: Auf das äußere Volume kann nicht zugegriffen werden! Das Volume kann nicht erstellt werden. - Fehler: Das Äußere Volume kann nicht eingebunden werden! Das Volume kann nicht erstellt werden. - Fehler: Die Clusterbelegung des Volumes kann nicht gelesen werden! Das Volume kann nicht erstellt werden. - Alphabetisch/Kategorisch - Mittelwert (abwärts) - Algorithmus - Verschlüsseln - Entschlüsseln - Mittelwert - LW - Größe - Verschlüsselungsalg. - Verschlüsselungsalg. - Typ - Wert - Eigenschaft - Speicherort - Byte - Versteckt - Äußeres - Normal - System - Versteckt (System) - Schreibgeschützt - System Laufwerk - System Laufwerk (verschlüsseln - %.2f%% fertig) - System Laufwerk (entschlüsseln - %.2f%% fertig) - Systemlaufwerk (%.2f%% verschlüsselt) - Systempartition - Versteckte Systempartition - Systempartition (verschlüsseln - %.2f%% fertig) - Systempartition (entschlüsseln - %.2f%% fertig) - Systempartition (%.2f%% verschlüsselt) - Ja (vor Beschädigung bewahrt!) - Keins - Primärschlüssel Größe - Sekundärschlüssel-Länge (XTS-Modus) - Tweak-Schlüssellänge (LRW-Modus) - Bit - Blockgröße - PKCS-5 PRF - PKCS-5 Iterationen - Volume erstellt - Header zuletzt geändert - (vor %I64d Tagen) - Volume-Formatversion - Eingebettete Header-Sicherung - VeraCrypt-Bootloader-Version - erster verfügbarer - Wechseldatenträger - Festplatte - Unverändert - Automatische Erkennung - Installationsassistent – Wählen Sie eine Installationsoption - Verwenden Sie bitte die automatisch markierte Option, wenn Sie sich nicht sicher sind. - Wählen Sie diese Option wenn Sie VeraCrypt auf diesem System neu installieren möchten. - Hinweis: Sie können die Aktualisierung durchführen ohne zu entschlüsseln, auch wenn das Systemlaufwerk/die Systempartition verschlüsselt sind oder Sie ein verstecktes Betriebssystem benutzen. - Wenn Sie diese Option wählen werden alle Dateien dieses Pakets entpackt, aber nichts auf dem System installiert. Wählen Sie diese Option nicht wenn Sie vorhaben die Systempartition oder das Systemlaufwerk zu verschlüsseln. Diese Option kann nützlich sein, zum Beispiel wenn sie VeraCrypt im sogenannten mobilen Modus verwenden möchten. VeraCrypt muss nicht auf dem Betriebssystem installiert sein unter dem es laufen soll. Nachdem alle Dateien entpackt sind können Sie die „VeraCrypt.exe“ direkt ausführen (VeraCrypt läuft dann im mobilen Modus). - Einrichtungsoptionen - Hier können Sie verschiedene Optionen wählen, um den Installationsprozess zu steuern. - Installiert - Warten Sie bitte bis VeraCrypt installiert ist. - VeraCrypt wurde erfolgreich installiert - VeraCrypt wurde erfolgreich aktualisiert - Bitte erwägen Sie das Projekt mit einer Spende zu unterstützen. Sie können jederzeit auf „Fertigstellen“ klicken, um die Installation zu beenden. - Entpackoptionen - Hier können Sie verschiedene Optionen zum Extraktionsprozess wählen. - Warten Sie bitte bis VeraCrypt entpackt ist - Dateien erfolgreich entpackt - Alle Dateien wurden erfolgreich in das angegebene Verzeichnis entpackt. - Wenn der angegebene Ordner nicht existiert wird er automatisch erstellt. - Die VeraCrypt-Aktualisierung wird am selben Ort installiert an dem VeraCrypt bisher installiert ist. Wenn Sie einen anderen Installationsort wählen möchten, dann deinstallieren Sie VeraCrypt bitte zuerst. - Möchten Sie die „Release Notes“ zu der aktuellen (stabilen) VeraCrypt-Version lesen? - Falls Sie VeraCrypt noch nie zuvor verwendet haben, ist es empfehlenswert das Kapitel „Beginner's Tutorial“ im VeraCrypt-Benutzerhandbuch zu lesen. Möchten Sie das Tutorial ansehen? - Wählen Sie eine der folgenden Aktionen aus: - Reparatur/Neuinstallation - Aktualisierung - Deinstallieren - Zum erfolgreichen Installieren/Deinstallieren von VeraCrypt werden Administratorrechte benötigt. Möchten Sie Fortsetzen? - Das VeraCrypt-Installationsprogramm läuft zurzeit auf diesem Computer und führt eine Installation durch oder bereitet eine Installation vor oder aktualisiert VeraCrypt. Bevor Sie fortfahren, warten Sie bitte bis es beendet ist oder schließen Sie es. Wenn Sie es nicht schließen können, dann starten Sie bitte Ihren Computer neu bevor Sie fortfahren. - Installation fehlgeschlagen. - Deinstallation fehlgeschlagen. - Dieses Paket ist beschädigt. Bitte laden Sie es erneut herunter (Vorzugsweise von der offiziellen Webseite von VeraCrypt https://veracrypt.codeplex.com). - Kann Datei %s nicht schreiben - Entpacke - Die Paketdaten konnten nicht gelesen werden. - Die Integrität des Paketes konnte nicht überprüft werden. - Entpacken fehlgeschlagen. - Die Installation wurde rückgängig gemacht. - VeraCrypt wurde erfolgreich installiert. - VeraCrypt wurde erfolgreich aktualisiert. - VeraCrypt wurde erfolgreich aktualisiert. Zur Verwendung von VeraCrypt ist ein Neustart des Computers notwendig.\n\nMöchten Sie den Computer jetzt neu starten? - Aktualisierung von VeraCrypt fehlgeschlagen!\n\nWICHTIG: Bevor Sie Ihren Computer herunterfahren oder neu starten empfehlen wir dringend die Systemwiederherstellung zu nutzen, um Ihr System auf den Wiederherstellungspunkt „VeraCrypt Installation“ zurückzusetzen (Windows Start > „Alle Programme“ > „Zubehör“ > „Systemprogramme“ > „Systemwiederherstellung“). Falls die Systemwiederherstellung nicht verfügbar ist, sollten Sie versuchen die originale oder die neue Version von VeraCrypt nochmals zu installieren, bevor Sie Ihren Computer ausschalten oder neu starten. - VeraCrypt wurde erfolgreich deinstalliert.\n\nKlicken Sie auf „Fertig stellen“, um das VeraCrypt-Installationsprogramm und das Verzeichnis %s zu entfernen. Beachten Sie dass dieses Verzeichnis nicht entfernt wird, falls sich darin Dateien befinden die weder vom VeraCrypt-Installationsprogramm noch von VeraCrypt erstellt worden sind. - VeraCrypt-Registrierungseinträge werden entfernt - Registrierungseinträge werden erstellt - Anwendungsspezifische Daten werden entfernt - Installiere - Stoppe - Entferne - Symbol wird hinzugefügt - Wiederherstellungspunkt wird erstellt - Wiederherstellungspunkt konnte nicht erstellt werden! - Bootloader aktualisieren - Fehler beim Installieren von „%s“. %s Möchten Sie die Installation fortsetzen? - Fehler beim Entfernen von „%s“. %s Möchten Sie die Deinstallation fortsetzen? - Die Installation wurde vollständig durchgeführt. - Das Verzeichnis „%s“ konnte nicht erstellt werden - Der VeraCrypt-Gerätetreiber kann nicht beendet werden.\n\nSchließen Sie bitte zuerst alle offenen VeraCrypt-Fenster. Sollte das nicht genügen starten Sie bitte Windows neu und probieren Sie es noch einmal. - Alle VeraCrypt-Volumes müssen vor dem Installieren oder dem Deinstallieren von VeraCrypt getrennt sein. - Eine veraltete VeraCrypt-Version ist derzeit auf Ihrem System installiert. Sie muss deinstalliert werden bevor Sie diese neue VeraCrypt-Version installieren können.\n\nSobald Sie dieses Fenster schließen wird die Deinstallation der alten VeraCrypt-Version starten. Bitte beachten Sie, dass kein Volume entschlüsselt wird wenn Sie VeraCrypt deinstallieren. Starten Sie die Installation der neuen VeraCrypt-Version erneut, nachdem die Deinstallation der alten VeraCrypt-Version beendet ist. - Fehler beim Installieren der Registrierungseinträge - Fehler beim Installieren des Gerätetreibers. Starten Sie bitte Windows neu, und versuchen Sie anschließend noch einmal VeraCrypt zu installieren. - Der VeraCrypt-Treiber wird gestartet - Die Deinstallation des Gerätetreibers ist fehlgeschlagen. Bitte beachten Sie, dass aufgrund eines Problems in Windows, es möglicherweise notwendig ist, sich neu anzumelden oder das System neu zu starten, bevor der Gerätetreiber deinstalliert (oder neu installiert) werden kann. - Der VeraCrypt-Treiber wird installiert - Der VeraCrypt-Treiber wird gestoppt - Der VeraCrypt-Treiber wird deinstalliert - Die Hilfsbibliothek für die Benutzerkontensteuerung (User Account Control) konnte nicht angemeldet werden. - Die Hilfsbibliothek für die Benutzerkontensteuerung (User Account Control) konnte nicht abgemeldet werden. - Hinweis zum mobilen Modus:\n\nBitte beachten Sie, dass Treiber im Betriebssystem registriert werden müssen bevor sie gestartet werden können. Deshalb ist der VeraCrypt-Treiber nicht vollständig mobil (im Gegensatz zu VeraCrypt-Anwendungen, die weder installiert noch im Betriebssystem registriert werden müssen). Bitte beachten Sie weiter, dass VeraCrypt für transparente „on-the-fly“ (sofort) Ver- und Entschlüsselung einen Treiber benötigt. - Bitte beachten Sie: Falls Sie VeraCrypt im mobilen Modus nutzen (im Gegensatz zu einer installierten Version), wird das Betriebssystem Sie jedes Mal nach Erlaubnis fragen, VeraCrypt zu nutzen (UAC-Abfrage).\n\nDer Grund dafür ist, dass VeraCrypt im mobilen Modus den VeraCrypt-Gerätetreiber laden und starten muss. VeraCrypt benötigt einen Gerätetreiber um transparente, sofortige Ver- und Entschlüsselung zu bieten und Nutzer ohne Administrationsrechte können unter Windows keine Gerätetreiber starten. Deshalb wird das System jedes Mal um Erlaubnis fragen VeraCrypt mit Administratorrechten laufen zu lassen (UAC-Abfrage).\n\nBitte beachten Sie, dass diese Abfrage nicht stattfindet wenn Sie VeraCrypt auf dem System installieren (also nicht im mobilen Modus nutzen).\n\nSind Sie sicher, dass die die Dateien entpacken möchten? - WARNUNG: Diese Instanz des Volume Erstellungsassistenten hat Administratorrechte.\n\nIhr neues Volume könnte mit Rechten erstellt werden, die Ihnen nicht erlauben auf das Volume zu schreiben wenn es eingebunden ist. Wenn Sie dies verhindern möchten, dann schließen Sie diese Instanz des Volume-Erstellungsassistenten und starten eine neue, ohne Administratorrechte.\n\nMöchten Sie diese Instanz des Volume-Erstellungsassistenten schließen? - Fehler: Die Lizenz kann nicht angezeigt werden. - Äußeres(!) - Tage - Stunden - Minuten - s - Öffnen - Trennen - VeraCrypt-Hauptfenster anzeigen - VeraCrypt-Hauptfenster verbergen - Gelesene Daten - Geschriebene Daten - Verschlüsselter Anteil - 100% (komplett verschlüsselt) - 0% (nicht verschlüsselt) - %.3f%% - 100% - Warte - Vorbereiten - Größe ändern - verschlüsseln - entschlüsseln - Fertigstellen - Pause - Fertig - Fehler - Gerät getrennt - Systemfavoriten-Volume wurden gespeichert.\n\nUm das automatische Einbinden von Systemfavoriten-Volumes beim Systemstart zu aktivieren wählen Sie bitte „Einstellungen“ > „Systemfavoriten-Volumes“ > „Systemfavoriten-Volumes einbinden wenn Windows startet.“. - Das Volume, welches Sie zu den Favoriten hinzufügen ist weder eine Partition noch ein dynamisches Volume. Deshalb wird VeraCrypt nicht in der Lage sein dieses Favoriten-Volume einzubinden wenn sich die Gerätenummer ändert. - Das Volume welches Sie zu den Favoriten hinzufügen ist eine Partition die nicht von Windows erkannt wird.\n\nVeraCrypt wird nicht in der Lage sein dieses Favoriten-Volume einzubinden wenn sich die Gerätenummer ändert. Bitte ändern Sie den Partitionstyp auf einen Typ welcher von Windows erkannt wird (nutzen Sie den „SETID“-Befehl des Windows „diskpart“-Tools). Fügen Sie die Partition danach erneut den Favoriten hinzu. - Der VeraCrypt-Hintergrunddienst ist deaktiviert oder er ist so eingestellt, dass er beendet wird wenn keine Volumes eingebunden sind (oder VeraCrypt im mobilen Modus läuft). Dies kann verhindern, dass Ihre Favoriten-Volumes automatisch eingebunden werden wenn die Geräte auf denen diese Volumes liegen angeschlossen werden.\n\nHinweis: Um den VeraCrypt-Hintergrunddienst zu aktivieren, wählen Sie „Einstellungen“ > „Voreinstellungen“ und wählen Sie „Aktiv“ im Abschnitt „VeraCrypt-Hintergrunddienst“. - Ein Container auf einem entfernten Dateisystem, das über ein Netzwerk freigegeben ist, kann nicht automatisch eingebunden werden wenn sein Host-Gerät angeschlossen wird. - Das unten angegebene Gerät ist weder eine Partition noch ein dynamisches Volume. Deshalb kann das auf dem Gerät gehostete Volume nicht automatisch eingebunden werden wenn das Gerät angeschlossen wird. - Bitte ändern Sie den Partitionstyp der unten angegebenen Partition auf einen von Windows erkannten Typ (benutzen Sie den SETID-Befehl des Windows-„diskpart“-Tools). Danach entfernen Sie die Partition aus den Favoriten und fügen Sie sie wieder hinzu. Dies wird ermöglichen, dass das Volume auf diesem Gerät automatisch eingebunden wird wenn das Gerät angeschlossen wird. - Das unten angegebene Gerät ist weder eine Partition noch ein dynamisches Volume. Deshalb kann ihm keine Bezeichnung zugewiesen werden. - Bitte ändern Sie den Partitionstyp der unten angegebenen Partition auf einen von Windows erkannten Typ (benutzen Sie den SETID-Befehl des Windows-„diskpart“-Tools). Danach entfernen Sie die Partition aus den Favoriten und fügen Sie sie wieder hinzu. Dies wird VeraCrypt ermöglichen der Partition eine Bezeichnung zuzuweisen. - Aufgrund einer Beschränkung von Windows kann ein Container auf einem entfernten Dateisystem, das über ein Netzwerk freigegeben ist, nicht als Systemfavoriten-Volume eingebunden werden (allerdings kann es als Favoriten-Volume eingebunden werden wenn der Nutzer sich anmeldet). - Passwort für %s eingeben - Passwort für „%s“ eingeben - Geben Sie das Passwort für das Standard/Äußere Volume ein - Geben Sie das Passwort für das versteckte Volume ein - Geben Sie das Passwort für den, in der Sicherungsdatei abgelegten, Header ein - Die Schlüsseldatei(en) wurde(n) erfolgreich erstellt. - Die Anzahl der gewählten Schlüsseldateien ist unzulässig. - Die Schlüsseldatei muss zwischen 64 und 1048576 Byte groß sein. - Bitte geben Sie einen Namen für die zu generierenden Schlüsseldateien ein - Der Name für die Schlüsseldateien ist unzulässig - Die Schlüsseldatei „%s“ existiert bereits.\nMöchten Sie sie überschreiben? Der Erstellungsprozess wird abgebrochen, wenn Sie Nein wählen. - WARNUNG: Der Header von diesem Volume ist beschädigt! VeraCrypt verwendet automatisch die Sicherung vom Volume-Header, welche im Volume eingebettet ist.\n\nSie sollten den Volume-Header reparieren, indem „Extras“ > „Volume-Header wiederherstellen ...“ auswählen. - Der Volume-Header wurde erfolgreich gesichert.\n\nWICHTIG: Beim Wiederherstellen des Volume-Headers mit dieser Sicherungskopie wird gleichzeitig das momentane Volume-Passwort wiederhergestellt. Werden zudem Schlüsseldatei(en) zum Einbinden dieses Volumes benötigt, so werden dieselben Schlüsseldatei(en) auch dann wieder zum Einbinden des Volumes benötigt nachdem der Volume-Header wiederhergestellt worden ist.\n\nWARNUNG: Diese Sicherungskopie des Volume-Headers kann NUR für die Wiederherstellung von speziell diesem Volume verwendet werden. Sollte die Header-Sicherungskopie zur Wiederherstellung des Headers eines anderen Volumes verwendet werden, so kann dann zwar das Volume danach eingebunden werden, aber es können KEINE Daten die in diesem Volume gespeichert sind entschlüsselt werden (weil der Hauptschlüssel geändert worden ist). - Der Volume-Header wurde erfolgreich wiederhergestellt.\n\nWICHTIG: Möglicherweise wurde ein veraltetes Passwort ebenfalls wiederhergestellt. Wurden zudem zum Zeitpunkt der Sicherung Schlüsseldatei(en) zum Einbinden dieses Volumes benötigt, so werden dieselben Schlüsseldatei(en) jetzt ebenfalls wieder zum Einbinden des Volumes benötigt. - Aus Sicherheitsgründen müssen Sie das richtige Passwort für das Volume eingeben (und/oder die richtigen Schlüsseldateien bereitstellen).\n\nHinweis: Wenn das Volume ein verstecktes Volume enthält, dann müssen Sie zuerst das richtige Passwort für das äußere Volume eingeben (und/oder die richtigen Schlüsseldateien bereitstellen). Anschließend müssen Sie das richtige Passwort für das versteckte Volume eingeben (und/oder die richtigen Schlüsseldateien bereitstellen), wenn Sie den Header von dem versteckten Volume sichern möchten. - Sind Sie sicher, dass Sie eine Volume-Header Sicherung für %s erstellen möchten?\n\nNachdem Sie auf Ja klicken, werden Sie aufgefordert einen Dateinamen für die Header Sicherung zu vergeben.\n\nWenn kein verstecktes Volume innerhalb dieses Volumes vorhanden ist, dann wird der Bereich, der für die Header-Sicherung des versteckten Volumes reserviert ist, mit zufälligen Daten aufgefüllt (zum Bewahren der glaubhaften Leugnung). Wenn ein Volume-Header aus der Sicherungsdatei wiederhergestellt wird, dann müssen Sie das korrekte Passwort eingeben, welches gültig war als die Volume-Header Sicherung erstellt wurde (und/oder die richtigen Schlüsseldateien bereitstellen). Das Passwort (und/oder Schlüsseldateien) wird automatisch auch den Typ des Volume-Headers bestimmen, um ihn wiederherzustellen, d.h. Standard oder Versteckt (beachten Sie, dass VeraCrypt den Typ durch ausprobieren bestimmt). - Soll der Volume-Header von %s wiederhergestellt werden?\n\nWARNUNG: Das Wiederherstellen eines Volume-Headers stellt gleichzeitig das Passwort wieder her, welches zum Zeitpunkt der Sicherung gültig war. Wurden zudem zum Zeitpunkt der Sicherung Schlüsseldatei(en) zum Einbinden dieses Volume benötigt, so werden dieselben Schlüsseldatei(en) dann ebenfalls wieder zum Einbinden des Volumes benötigt.\n\nNachdem Sie auf „Ja“ geklickt haben, müssen Sie die Sicherungsdatei auswählen. - Enthält das Volume ein Verstecktes Volume? - Das Volume enthält ein Verstecktes Volume - Das Volume enthält kein Verstecktes Volume - Wählen Sie bitte den Typ der Volume-Header Sicherung die verwendet werden soll: - Wiederherstellen des Volume-Headers von einer in das Volume eingebetteten Sicherung - Wiederherstellen des Volume-Headers aus einer externen Sicherungsdatei - Die Größe der Volume-Header Sicherungsdatei ist falsch. - Es ist keine Header Sicherung in diesem Volume eingebettet (beachten sie, dass nur Volumes die mit VeraCrypt 1.0 oder höher erstellt wurden eingebettete Header Sicherungen enthalten). - Sie möchten den Header der Systempartition/vom Systemlaufwerk sichern. Das ist nicht erlaubt. Backup-/Wiederherstellungsvorgänge in Zusammenhang mit der Systempartition/dem Systemlaufwerk können nur mit dem VeraCrypt-Rettungsdatenträger durchgeführt werden.\n\nMöchten Sie einen VeraCrypt-Rettungsdatenträger erstellen? - Sie haben versucht den Header eines Virtuellen VeraCrypt-Volumes Wiederherzustellen, Sie haben aber die Systempartition/das Systemlaufwerk ausgewählt. Das ist nicht erlaubt. Backup-/Wiederherstellungsvorgänge in Zusammenhang mit der Systempartition/dem Systemlaufwerk können nur mit dem VeraCrypt-Rettungsdatenträger durchgeführt werden.\n\nMöchten Sie einen VeraCrypt-Rettungsdatenträger erstellen? - Nach dem Klicken auf „OK“ wählen Sie einen Dateinamen für die ISO-Abbilddatei des VeraCrypt-Rettungsdatenträgers und den Speicherort der Datei. - Das Rettungsdatenträger-Abbild wurde erstellt und in dieser Datei gespeichert:\n%s\n\nJetzt müssen Sie das Rettungsdatenträger-Abbild auf eine CD oder DVD brennen.\n\nWICHTIG: Bitte beachten Sie, dass die Datei als ISO-Abbilddatei und NICHT als einzelne Datei auf die CD geschrieben werden muss. Informationen wie Sie das tun erhalten Sie in der Dokumentation Ihrer Brennsoftware.\n\nNachdem Sie die Rettungs-CD gebrannt haben, wählen Sie „System“ > „Rettungsdatenträger überprüfen“, um sicherzustellen, dass die CD korrekt erstellt wurde. - Das Rettungsdatenträger-Abbild wurde erstellt und in dieser Datei gespeichert:\n%s\n\nJetzt müssen Sie das Rettungsdatenträger-Abbild auf eine CD oder DVD brennen.\n\nMöchten Sie den Microsoft Windows ISO-Brennprogramm jetzt starten?\n\nNachdem Sie den Rettungsdatenträger gebrannt haben, wählen Sie „System“ > „Rettungsdatenträger überprüfen“, um sicherzustellen, dass die CD korrekt erstellt wurde. - Bitte legen Sie den VeraCrypt-Rettungsdatenträger in Ihr CD- bzw. DVD-Laufwerk und klicken dann zum Prüfen auf „OK“. - Der VeraCrypt-Rettungsdatenträger wurde erfolgreich überprüft. - Es konnte nicht festgestellt werden, dass der Rettungsdatenträger korrekt gebrannt wurde.\n\nWenn Sie die CD/DVD gebrannt haben, dann werfen Sie diese aus und legen die CD/DVD anschließend wieder ein, um es erneut zu versuchen. Bitte versuchen Sie es mit einer anderen Brennsoftware oder mit anderen CD- bzw. DVD-Rohlingen falls es nicht funktioniert.\n\nWenn Sie versuchen einen VeraCrypt-Rettungsdatenträger zu prüfen, der für einen anderen Hauptschlüssel, Salt-Wert, anderes Passwort, etc. erstellt wurde, so beachten Sie, dass bei solchen Rettungsdatenträger die Überprüfung immer fehlschlagen wird. Um einen mit Ihrem System voll kompatiblen Rettungsdatenträger zu erstellen, wählen Sie „System“ > „Rettungsdatenträger erstellen ...“. - Der VeraCrypt-Rettungsdatenträger wurde erfolgreich überprüft. - Die Überprüfung des Rettungsdatenträgers ist fehlgeschlagen.\n\nWenn Sie versuchen einen VeraCrypt-Rettungsdatenträger zu prüfen, das für einen anderen Hauptschlüssel, Salt-Wert, anderes Passwort, etc. erstellt wurde, so beachten Sie, dass bei solchen Abbildern die Überprüfung immer fehlschlagen wird. Um ein mit Ihrem System voll kompatibles Abbild zu erstellen, wählen Sie „System“ > „Rettungsdatenträger erstellen ...“. - Fehler beim Erstellen des VeraCrypt-Rettungsdatenträgers. - Der VeraCrypt-Rettungsdatenträger kann nicht erstellt werden, wenn ein verstecktes Betriebssystem läuft.\n\nUm einen VeraCrypt-Rettungsdatenträger zu erstellen, starten Sie das Köder-Betriebssystem und klicken auf „System“ > „Rettungsdatenträger erstellen ...“. - Der VeraCrypt-Rettungsdatenträger kann nicht überprüft werden.\n\nWenn Sie den Rettungsdatenträger gebrannt haben, öffnen und schließen Sie das CD- bzw. DVD-Laufwerk und klicken Sie auf „Weiter“, um es erneut zu versuchen. Falls das nicht hilft, versuchen Sie es bitte mit einer neuen CD/DVD%s.\n\nWenn Sie den Rettungsdatenträger noch nicht gebrannt haben, tun Sie dies bitte jetzt und klicken Sie danach auf „Weiter“.\n\nWenn Sie versuchen einen Rettungsdatenträger zu überprüfen, der erstellt wurde bevor Sie diesen Assistenten gestartet haben, beachten Sie bitte, dass dieser Rettungsdatenträger nicht verwendet werden kann, weil sie für einen anderen Hauptschlüssel erstellt wurde. In diesem Fall brennen Sie bitte den neuen Rettungsdatenträger. - und/oder andere CD- bzw. DVD-Brennsoftware - VeraCrypt – Systemfavoriten-Volumes - Was sind Systemfavoriten-Volumes? - Die Systempartition/das Systemlaufwerk scheinen nicht verschlüsselt zu sein.\n\nSystemfavoriten-Volumes können nur mit einem Prä-Boot-Authentifikationspasswort eingebunden werden. Um Systemfavoriten-Volumes zu verwenden müssen Sie deshalb zuerst die Systempartition/das Systemlaufwerk verschlüsseln. - Trennen Sie bitte zuerst das Volume. - Fehler: Kann Timer nicht einstellen. - Dateisystem prüfen - Dateisystem reparieren - Zu Favoriten hinzufügen ... - Zu Systemfavoriten hinzufügen ... - Ei&genschaften ... - Verstecktes Volume ist geschützt - Nicht verfügbar - Ja - Nein - Deaktiviert - 1 - 2 oder mehr - Betriebsmodus - Bezeichnung: - Größe: - Pfad: - Laufw.buchstabe: - Fehler: Das Passwort darf nur ASCII-Zeichen enthalten.\n\nNicht-ASCII-Zeichen im Passwort könnten dazu führen, dass das Volume nach einer Änderung der Systemkonfiguration nicht eingebunden werden kann. Folgende Zeichen sind zulässig:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNUNG: Das Passwort enthält Nicht-ASCII-Zeichen. Dies kann nach einer Änderung der Systemkonfiguration dazu führen, dass das Volume nicht eingebunden werden kann.\n\nAlle Nicht-ASCII-Zeichen des Passwortes sollten durch ASCII-Zeichen ersetzt werden („Volume“ -> „Volume-Passwort ändern ...“).\n\nFolgende Zeichen sind ASCII-Zeichen:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNUNG: Wir empfehlen Ihnen dringend, dass Sie keine Dateierweiterungen für ausführbare Dateien (wie .exe, .sys oder .dll) oder ähnliche Endungen verwenden. Diese Endungen können Windows und Virenscanner dazu bringen, mit dem Container zu interagieren, was wiederum die Leistung des Volumes beeinträchtigt und außerdem zu ernsthaften Problemen führen kann.\n\nWir empfehlen Ihnen, dass Sie die Endung entfernen oder ändern (z.B. auf „.hc“).\n\nSind Sie sicher, dass Sie diese problematische Dateiendung behalten möchten? - WARNUNG: Dieser Container hat eine Dateiendung welche von Windows für ausführbare Dateien verwendet wird (unter anderem .exe, .sys oder .dll) oder eine andere, problematische Dateiendung. Dies wird sehr wahrscheinlich Probleme mit Windows und Virenscannern machen, da diese mit dem Container interagieren möchten. Dies wird die Leistung beeinflussen und kann zu anderen, schwerwiegenden Problemen führen.\n\nWir empfehlen Ihnen deshalb, die Endung entweder zu entfernen, oder zu ändern (z.B. in „.hc“) nachdem Sie den Container wieder entfernt haben. - Webseite - WARNUNG: Anscheinend wurde noch kein Windows Service Pack aufgespielt. IDE-Festplatten mit einer Kapazität von mehr als 128 GB sollten unter Windows XP nicht beschrieben werden solange nicht Service Pack 1 (oder neuer) aufgespielt worden ist! Anderenfalls können Daten auf der Festplatte zerstört werden (unabhängig davon ob es sich um ein VeraCrypt-Volume handelt). Dies ist eine Windows-Einschränkung und kein Fehler von VeraCrypt. - WARNUNG: Anscheinend wurde das Windows Service Pack 3 (oder neuer) nicht aufgespielt. IDE-Festplatten mit einer Kapazität von mehr als 128 GB sollten unter Windows 2000 nicht beschrieben werden, solange nicht Service Pack 3 (oder neuer) aufgespielt worden ist! Anderenfalls können Daten auf der Festplatte zerstört werden (unabhängig davon ob es sich um ein VeraCrypt-Volume handelt). Dies ist eine Windows-Einschränkung und kein Fehler von VeraCrypt.\n\nHinweis: Unter Umständen muss zusätzlich noch die 48-Bit-LBA-Unterstützung in der Windows-Registrierung aktiviert werden; weitere Informationen siehe http://support.microsoft.com/kb/305098/EN-US - WARNUNG: Die 48-Bit-LBA-ATAPI-Unterstützung ist auf Ihrem System deaktiviert. Sie sollten aus diesem Grund nicht auf IDE-Festplatten schreiben die größer als 128 GB sind! Anderenfalls können Daten auf der Festplatte verfälscht werden (und zwar unabhängig davon ob es sich um ein VeraCrypt-Volume handelt). Dies ist eine Einschränkung von Windows und nicht von VeraCrypt.\n\nUm die 48-Bit-LBA-Unterstützung zu aktivieren fügen Sie bitte den „EnableBigLba“-Registrierungswert unter dem Registrierungsschlüssel HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters hinzu und setzen Sie diesen auf 1.\n\nWeitere Informationen finden Sie unter http://support.microsoft.com/kb/305098 - Fehler: Dateien die größer als 4 GB sind, können nicht auf einem FAT32-Dateisystem gespeichert werden. In einem FAT32-Dateisystem gespeicherte VeraCrypt-Volumes (Container) können somit nicht größer als 4 GB sein.\n\nSollten Sie ein größeres Volume benötigen, dann erstellen sie dieses auf einem NTFS Dateisystem (Oder, wenn Sie Windows Vista SP1 oder höher, auf einem exFAT-Dateisystem nutzen) oder, anstatt ein VeraCrypt-Volume (Container) zu erstellen, verschlüsseln Sie eine ganze Partition oder ein Laufwerk. - Achtung: Windows XP unterstützt keine Dateien die größer als 2048 GB sind (zeigt die Fehlermeldung „Nicht genügend Speicherplatz auf dem Datenträger“ an). Deshalb können Sie kein dateibasiertes VeraCrypt-Volume größer als 2048 GB unter Windows XP erstellen.\n\nBitte beachten Sie, dass es trotzdem möglich ist das gesamte Laufwerk zu verschlüsseln oder ein partitionsbasiertes Volume größer als 2048 GB zu erstellen. - WARNUNG: Wenn Sie nachträglich noch weitere Daten/Dateien im äußeren Volume speichern möchten, dann sollten Sie eine kleinere Größe des versteckten Volumes in Betracht ziehen.\n\nMöchten Sie tatsächlich mit der von Ihnen angegebenen Größe fortsetzen? - Es wurde kein Volume ausgewählt.\n\nKlicken Sie bitte auf „Datenträger“ oder „Datei“ und wählen Sie ein VeraCrypt-Volume aus. - Keine Partition ausgewählt.\n\nKlicken Sie „Datenträger ...“ um eine getrennte Partition zu wählen, welche sonst Prä-Boot-Authentifikation voraussetzt (z.B. eine Partition auf einem verschlüsselten Systemlaufwerk mit einem Betriebssystem darauf welches gerade nicht läuft, oder die verschlüsselte Systempartition eines anderen Betriebssystems).\n\nHinweis: Die Ausgewählte Partition wird als reguläres VeraCrypt-Volume eingebunden, ohne Prä-Boot-Authentifikation. Das ist hilfreich für Backup oder Reparatur-Vorgänge. - WARNUNG: Wenn Standardschlüsseldateien festgelegt und aktiviert sind, dann können Volumes, die diese nicht verwenden, nicht eingebunden werden. Daher sollten Sie, nachdem Sie die Standardschlüsseldateien aktiviert haben, das Häkchen bei „Schlüsseldat. verw.“ (unterhalb des Passwort-Eingabefeldes) entfernen sobald Sie solche Volumes einbinden möchten.\n\nSind Sie sicher dass Sie die Schlüsseldateien/-pfade als Standard speichern möchten? - Alle Datenträger-Volumes automatisch einbinden - Alle Volumes trennen - Cache sicher löschen - Alle Volumes trennen & Cache löschen - Alle Volumes erzwungen trennen und Cache sicher löschen - Alle erzw. trennen, Cache sicher löschen und VeraCrypt beenden - Favoriten einbinden - VeraCrypt-Hauptfenster anzeigen/verbergen - (Hier klicken und eine Taste drücken) - Aktion - Tastenkombination - Fehler: Diese Tastenkombination ist reserviert. Wählen Sie bitte eine andere Tastenkombination aus. - Fehler: Diese Tastenkombination ist bereits belegt. - WARNUNG: Eine oder mehrere Systemweite VeraCrypt-Tastenkombinationen werden nicht funktionieren!\n\nStellen Sie bitte sicher, dass keine anderen Anwendungen oder das Betriebssystem dieselbe(n) Tastenkombination(en) wie VeraCrypt verwendet. - Die Auslagerungsdatei konnte nicht erstellt werden.\n\nBitte beachten Sie, dass Auslagerungsdateien aufgrund von Einschränkungen von Windows nicht auf Nicht-System VeraCrypt-Volumes (auch Systemfavoriten-Volumes) liegen dürfen. VeraCrypt unterstützt die Erstellung von Auslagerungsdateien nur auf verschlüsselten Systempartitionen. - Ein Fehler oder Inkompatibilität hat verhindert das VeraCrypt die Ruhezustandsdatei verschlüsselt. Daher wurde der Ruhezustand verhindert.\n\nHinweis: Wenn ein Computer in den Ruhezustand geht (oder in einen Energiesparmodus), der Inhalt des Systemspeichers wird in eine Ruhezustand-Datei auf das Systemlaufwerk geschrieben. VeraCrypt würde nicht in der Lage sein zu verhindern, dass Verschlüsselungsschlüssel und der Inhalt von vertraulichen Dateien, die im Arbeitsspeicher sind, unverschlüsselt in der Ruhezustands-Datei gespeichert werden. - Das System konnte nicht in den Ruhezustand versetzt werden.\n\nVeraCrypt unterstützt den Ruhezustand auf versteckten Betriebssystemen mit extra Bootpartition nicht. Bitte beachten Sie, dass die Bootpartition vom Köder-System und dem versteckten Betriebssystem geteilt wird. Um Datenlecks und Probleme während dem Aufwachen aus dem Ruhezustand zu vermeiden, muss VeraCrypt das versteckte Betriebssystem daran hindern auf die geteilte Bootpartition zu schreiben oder in den Ruhezustand zu wechseln. - Das als %c: eingebundene VeraCrypt-Volume wurde getrennt. - Alle VeraCrypt-Volumes wurden getrennt. - Alle VeraCrypt-Volumes wurden getrennt und der der Passwort-Cache wurde gelöscht. - Volume erfolgreich getrennt - ACHTUNG: Wenn der VeraCrypt-Hintergrunddienst deaktiviert ist, sind die folgenden Funktionen nicht verfügbar:\n\n1) Tastenkombinationen\n2) Automatische Trennung (z.B. beim Abmelden, unbeabsichtigtem Entfernen eines Host-Geräts usw.)\n3) Automatisches Einbinden von Favoriten-Volumes\n4) Benachrichtigungen (z.B. wenn Beschädigungen an einem versteckten Volume verhindert wurden)\n5) Taskleisten-Symbol\n\nHinweis: Sie können den Hintergrunddienst jederzeit beenden indem Sie mit der rechten Maustaste auf das VeraCrypt-Taskleisten-Symbol klicken und „Beenden“ auswählen.\n\nSind Sie sicher, dass Sie den Hintergrunddienst dauerhaft deaktivieren möchten? - WARNUNG: Wenn diese Option deaktiviert ist, können keine Volumes mit geöffneten Dateien/Verzeichnissen autom. getrennt werden.\n\nMöchten Sie diese Option wirklich deaktivieren? - WARNUNG: Volumes mit geöffneten Dateien/Verzeichnissen werden NICHT automatisch getrennt.\n\nUm dies zu vermeiden müssen Sie folgende Option in diesem Dialogfenster aktivieren: „Autom. Trennen bei geöffneten Dateien/Verz. erzwingen“ - WARNUNG: Wenn die Laptopbatterie fast leer ist, kann es passieren, dass Windows nicht die entsprechende Mitteilung an die Anwendungen sendet wenn der Computer in den Energiesparmodus wechselt. In solchen Fällen kann das automatische Trennen von VeraCrypt-Volumes fehlschlagen. - Sie haben den Verschlüsselungsprozess für eine Partition/ein Volume geplant. Der Prozess wurde bis jetzt nicht beendet.\n\nMöchten Sie den Prozess jetzt fortsetzen? - Sie haben den Ver- bzw. Entschlüsselungsvorgang für die Systempartition/das Laufwerk geplant. Der Vorgang wurde noch nicht abgeschlossen.\n\nMöchten Sie den Vorgang jetzt starten (wieder aufnehmen)? - Soll das Programm weiterhin fragen, ob Sie den aktuell geplanten Prozess zur Verschlüsselung der Nicht-Systempartition/des Nicht-Systemlaufwerks fortsetzen möchten? - Ja, weiterhin fragen - Nein, nicht mehr fragen - WICHTIG: Beachten Sie bitte, dass sie den Prozess zur Verschlüsselung von jedem Nicht-Systemlaufwerks fortsetzen können, indem Sie auf „Volumes“ > „Unterbrochenen Prozess fortsetzen“ im Menü des VeraCrypt-Fensters klicken. - Sie haben den Ver- bzw. Entschlüsselungsvorgang für die Systempartition/das Laufwerk geplant. Jedoch ist die Prä-Boot-Authentifikation fehlgeschlagen (oder wurde umgangen).\n\nHinweis: Wenn Sie die Systempartition/das Systemlaufwerk in der Prä-Boot-Umgebung entschlüsseln, dann müssen Sie den Vorgang möglicherweise fertig stellen indem Sie „System“ > „System-Partition/Laufwerk dauerhaft entschlüsseln“ in der Menüleiste im VeraCrypt-Hauptfenster wählen. - WARNUNG: Beim Beenden von VeraCrypt werden folgende Funktionen deaktiviert:\n\n1) Tastenkombinationen\n2) Automatische Trennung (z.B. beim Abmelden, unbeabsichtigtem Entfernen eines Host-Geräts, Timeouts usw.)\n3) Automatisches Einbinden von Favoriten-Volumes \n4) Benachrichtigungen (z.B. wenn Beschädigungen an einem versteckten Volume verhindert wurden)\n\nHinweis: Wenn Sie nicht möchten das VeraCrypt im Hintergrund läuft, deaktivieren Sie den VeraCrypt-Hintergrunddienst in den Einstellungen (und, falls erforderlich, den automatischen Start von VeraCrypt).\n\nSind Sie sicher dass Sie VeraCrypt beenden möchten? - Beenden? - VeraCrypt hat nicht genug Informationen, um feststellen zu können, ob Ent- oder Verschlüsselt werden soll. - VeraCrypt hat nicht genug Informationen, um feststellen zu können, ob Ent- oder Verschlüsselt werden soll.\n\nHinweis: Wenn Sie die Systempartition/das Systemlaufwerk in der Prä-Boot-Umgebung entschlüsseln, müssen Sie möglicherweise den Vorgang abschließen, indem Sie auf „Entschlüsseln“ klicken. - Hinweis: Wenn Sie ein(e) gegenwärtige(s) Nicht-System-Partition/Volume verschlüsseln und ein ständiger Fehler verhindert, den Prozess zu beenden, wird es Ihnen nicht möglich sein das Volume einzubinden (und Zugriff auf die darauf gespeicherten Daten zu erhalten) bis Sie das Volume vollständig entschlüsselt haben (also den Prozess umdrehen).\n\nFalls Sie das wünschen, befolgen Sie diese Schritte:\n1) Beenden Sie den Konfigurationsassistenten.\n2) Wählen Sie im Hauptfenster von VeraCrypt, „Volumes“ > „Unterbrochenen Prozess fortsetzen“.\n3) Wählen Sie „Entschlüsseln“. - Möchten Sie den Verschlüsselungsprozess für die Partition/das Volume unterbrechen und später fortsetzen?\n\nHinweis: Beachten Sie, dass das Volume nicht eingebunden werden kann, bis es komplett verschlüsselt ist. Sie können den Prozess an der Stelle fortsetzen, an der er unterbrochen wurde. Dies können Sie wie folgt machen: Klicken Sie auf „Volumes“ > „Unterbrochenen Prozess fortsetze“ in der Menüleiste des VeraCrypt-Hauptfensters. - Möchten Sie den Verschlüsselungsvorgang für die Systempartition/das Laufwerk unterbrechen und später fortsetzen?\n\nHinweis: Sie können den Vorgang an der Stelle fortsetzen, an der er unterbrochen wurde. Sie erreichen dies, indem Sie in der Menüleiste im Hauptfenster von VeraCrypt auf „System“ > „Unterbrochenen Vorgang fortsetzen“ klicken. Wenn Sie den Verschlüsselungsvorgang endgültig beenden oder abbrechen möchten, dann klicken Sie auf „System“ > „System-Partition/Laufwerk dauerhaft entschlüsseln“. - Möchten Sie den Entschlüsselungsvorgang für die Systempartition/das Laufwerk unterbrechen und später fortsetzen?\n\nHinweis: Sie können den Vorgang an der Stelle fortsetzen, an der er unterbrochen wurde. Sie erreichen dies, indem Sie in der Menüleiste im Hauptfenster von VeraCrypt auf „System“ > „Unterbrochenen Vorgang fortsetzen“ klicken. Wenn Sie den Entschlüsselungsvorgang umkehren möchten (und die Verschlüsselung starten), dann wählen Sie „System“ > „System-Partition/Laufwerk verschlüsseln“. - Fehler: Der Ver- bzw. Entschlüsselungsvorgang für die Systempartition/das Systemlaufwerk konnte nicht unterbrochen werden. - Fehler: Der Lösch-Prozess konnte nicht unterbrochen werden. - Fehler: Der Ver- bzw. Entschlüsselungsvorgang für die Systempartition/das Systemlaufwerk konnte nicht fortgesetzt werden. - Fehler: Der Löschvorgang konnte nicht gestartet werden. - Inkonsistenz aufgelöst.\n\n\n(Sollten Sie in diesem Zusammenhang einen Fehler melden, so bitten wir Sie folgende techn. Informationen im Fehlerbericht zu berücksichtigen: %hs) - Fehler: unerwarteter Zustand.\n\n\nWenn Sie einen Fehler in Zusammenhang mit diesem melden, dann beziehen Sie die folgenden technischen Informationen mit in den Fehlerbericht ein: %hs) - Es gibt keinen unterbrochenen Ver- bzw. Entschlüsselungsvorgang der Systempartition/des Laufwerks, der fortgesetzt werden kann.\n\nHinweis: Falls Sie einen unterbrochenen Ver- bzw. Entschlüsselungsprozess einer Nicht-System Partition fortsetzen möchten, wählen Sie\n„Volumes“ > „Unterbrochenen Prozess fortsetzen“. - WARNUNG: Der VeraCrypt-Hintergrunddienst ist deaktiviert. Nach dem Beenden von VeraCrypt werden Sie nicht benachrichtigt sobald eine Beschädigung eines versteckten Volumes verhindert werden konnte.\n\nHinweis: Sie können den Hintergrunddienst jederzeit mit einen Klick der rechten Maus- taste auf das VeraCrypt-Symbol im Infobereich (= Systemtray), und durch Auswählen von „Beenden“ beenden.\n\nSoll der VeraCrypt-Hintergrunddienst aktiviert werden? - Sprachpaket-Version: %s - Es wird das Dateisystem des als %s eingebundenen VeraCrypt-Volumes überprüft ... - Es wird versucht das Dateisystem des als %s eingebundenen VeraCrypt-Volumes zu reparieren ... - WARNUNG: Dieses Volume ist mit einem veralteten Verschlüsselungsalgorithmus verschlüsselt.\n\nAlle 64-Bit-Block-Verschlüsselungsalgorithmen (z.B. Blowfish, CAST-128, oder Triple DES) werden allmählich eingestellt. Es wird zwar mit zukünftigen VeraCrypt-Versionen möglich sein diese Volumes einzubinden. Es werden aber keine Verbesserungen an der Implementierung der veralteten Verschlüsselungsalgorithmen vorgenommen. Es ist daher ratsam ein neues VeraCrypt-Volume mit einem 128-Bit-Block-Verschlüsselungsalgorithmus zu erstellen (z.B. AES, Serpent, Twofish, etc.), und sämtliche Dateien dieses Volumes auf das neue Volume zu übertragen. - Das Betriebssystem ist so konfiguriert, dass neue Volumes nicht automatisch eingebunden werden. Möglicherweise können VeraCrypt-Volumes, die sich auf Datenträgern oder Partitionen befinden, nicht eingebunden werden. Das automatische Einbinden der Volumes kann mit dem Befehl\n\nmountvol.exe /E\n\nund anschließendem Neustart des Computers aktiviert werden. - Weisen Sie bitte dem Datenträger oder der Partition einen Laufwerksbuchstaben zu bevor Sie weitermachen („Systemsteuerung“ > „System und Wartung“ > „Verwaltung“ > „Festplattenpartitionen erstellen und formatieren“).\n\nBeachten Sie dass dies eine Anforderung des Betriebssystems ist. - VeraCrypt-Volume einbinden - Alle VeraCrypt-Volumes trennen - VeraCrypt konnte keine Administratorrechte erhalten. - Zugriff durch das Betriebssystem verweigert.\n\nMögliche Ursache: Das Betriebssystem erwartet, dass Sie Lese- oder Schreibrechte (oder Administratorrechte) für bestimmte Verzeichnisse, Dateien und Datenträger haben, damit Sie von diesen Daten lesen und auf diese Daten schreiben dürfen. Normalerweise darf ein Benutzer mit Administratorrechten Dateien in seinem/ihrem „Dokumenten“-Verzeichnis erstellen, lesen und ändern. - Fehler: das Laufwerk nutzt eine nicht unterstützte Clustergröße.\n\nEs ist derzeit nicht möglich partitions- oder gerätebasierte Volumes auf Laufwerken mit einer Clustergröße > 4096 Byte zu erstellen. Sie können jedoch dateibasierte Volumes (Container) auf solchen Laufwerken erstellen. - Es ist derzeit nicht möglich ein Betriebssystem auf einem Laufwerk zu verschlüsseln welches eine andere Clustergröße als 512 Byte verwendet. - Der VeraCrypt-Bootloader benötigt mindestens 32 KB des freien Speicherplatzes am Anfang des Systemlaufwerks (der VeraCrypt-Bootloader muss in diesem Bereich gespeichert werden). Leider erfüllt Ihr Laufwerk diese Bedingung nicht.\n\nBitte melden Sie dies nicht als ein Fehler/Problem in VeraCrypt. Um dieses Problem zu beheben, müssen Sie die Festplatte neu partitionieren und lassen dabei die ersten 32 KB des Datenträgers frei (in den meisten Fällen müssen Sie die erste Partition löschen und dann wieder neu erstellen). Wir empfehlen die Verwendung des Microsoft Partition Managers, der z.B. bei der Installation von Windows verfügbar ist. - Das Feature wird nicht von der aktuell laufenden Version des Betriebssystems unterstützt. - VeraCrypt unterstützt das Verschlüsseln einer Systempartition/eines Systemlaufwerkes mit der aktuell laufenden Version des Betriebssystems nicht. - Bevor die Systempartition/das Systemlaufwerk unter Windows Vista verschlüsselt werden kann, muss Service Pack 1 oder höher installiert sein.\n\nHinweis: Service Pack 1 für Windows Vista behebt ein Problem, durch welches eine Verkleinerung des Hauptspeichers während des Systemstarts verursacht wurde. - VeraCrypt unterstützt die Systemverschlüsselung unter Windows Vista ohne installierte Service Packs nicht mehr. Installieren Sie bitte Service Pack 1 oder höher für Windows Vista bevor Sie VeraCrypt aktualisieren. - Fehler: Zur Nutzung dieser Option muss VeraCrypt auf dem System installiert sein (Sie nutzen VeraCrypt derzeit im mobilen Modus).\n\nBitte installieren Sie VeraCrypt und versuchen Sie es dann erneut. - WARNUNG: Windows scheint nicht auf dem Laufwerk installiert zu sein von dem es startet. Dieser Zustand wird nicht unterstützt.\n\nSie sollten nur fortfahren wenn Sie sicher sind, dass Windows auf dem Laufwerk installiert ist von dem es startet.\n\nMöchten Sie fortfahren?\n\n - Das Systemlaufwerk hat eine GUID-Partitionstabelle (GPT). Derzeit werden nur Laufwerke mit einer MBR-Partitionstabelle unterstützt. - ACHTUNG: Der VeraCrypt-Bootloader ist bereits auf Ihrem Systemlaufwerk installiert!\n\nEs ist möglich, dass ein anderes Betriebssystem auf Ihrem Computer bereits verschlüsselt ist.\n\nWARNUNG: DAS VERSCHLÜSSELN DES AKTUELLEN SYSTEMS KANN VERHINDERN DAS (EIN) ANDERE(S) SYSTEM(E) STARTEN UND AUF BENÖTIGTE DATEIEN ZUGEGRIFFEN WERDEN KANN.\n\nMöchten Sie wirklich fortfahren? - Der Original Systemstarter konnte nicht wiederhergestellt werden.\n\nBitte verwenden Sie Ihren VeraCrypt-Rettungsdatenträger („Repair Options“ > „Restore original system loader“) oder Ihre Windows-Installations-CD, um den VeraCrypt-Bootloader mit dem Windows-Starter zu überschreiben. - Der originale System Loader wurde nicht auf dem Rettungsdatenträger gespeichert (Grund: Fehlende Backup Datei). - Fehler beim Schreiben des MBR Sektors.\n\nIhr BIOS ist wahrscheinlich darauf eingestellt den MBR zu schützen. Überprüfen Sie Ihre BIOS-Einstellungen auf MBR- bzw Antivirus-Schutz: drücken Sie F2, Entf oder ESC nach dem Einschalten des Computers. - WARNUNG: Die Überprüfung des VeraCrypt-Bootloader fingerprint ist fehlgeschlagen!\nIhre Festplatte könnte von einem Angreifer manipuliert worden sein („Evil Maid“ Angriff).\n\nDiese Warnung kann auch ausgelöst werden, wenn Sie den VeraCrypt-Bootloader mit einem Rettungsdatenträger wiederhergestellt haben, die mit einer anderen VeraCrypt-Version erstellt wurde.\n\nSie sollten umgehend Ihr Passwort ändern, dies wird auch den korrekten VeraCrypt-Bootloader wiederherstellen. Es wird empfohlen VeraCrypt neu zu installieren und sicherzustellen, dass nicht vertrauenswürdige Dritte keinen Zugriff zu diesem Gerät haben. - Die benötigte Version des VeraCrypt-Bootloaders ist im Moment nicht installiert. Dies kann dazu führen, dass einige Einstellungen nicht gespeichert werden. - Hinweis: In einigen Situationen möchten Sie verhindern, dass eine Person, die Sie beim Starten des Computers beobachtet, erfährt, dass Sie VeraCrypt verwenden. Die obige Option erlaubt Ihnen dies durch anpassen des VeraCrypt-Bootloader-Bildschirms zu erreichen. Wenn Sie die Option aktivieren wird der VeraCrypt-Bootloader keinen Text anzeigen (nicht einmal wenn Sie das falsche Passwort eingeben). Der Computer wird wie „eingefroren“ erscheinen, während Sie Ihr Passwort eingeben können. Dazu kann eine benutzerdefinierte Meldung angezeigt werden, um den Angreifer zu täuschen. Zum Beispiel gefälschte Fehlermeldungen wie „Missing operating system“ (die normalerweise vom Windows Bootloader angezeigt wird wenn er keine Windows Boot-Partition findet). Allerdings kann der Gegner, wenn er den Inhalt der Festplatte analysiert, trotzdem herausfinden, dass sie einen VeraCrypt-Bootloader enthält. - WARNUNG: Sie sollten nicht vergessen, dass, wenn Sie diese Option aktivieren, der VeraCrypt-Bootloader keinen Text anzeigen wird (nicht einmal wenn Sie das falsche Passwort eingeben). Der Computer wird wie „eingefroren“ erscheinen (nicht reagieren), während Sie Ihr Passwort eingeben können (der Cursor wird sich NICHT bewegen und es werden keine Sternchen angezeigt, wenn Sie eine Taste drücken).\n\nSind Sie sicher, dass Sie diese Option aktivieren möchten? - Ihre System-Partition/Festplatte scheint vollständig verschlüsselt zu sein. - VeraCrypt kann kein Systemlaufwerk verschlüsseln, welches in einen dynamischen Datenträger konvertiert wurde. - Das Systemlaufwerk enthält erweiterte (logische) Partitionen.\n\nSie können ein ganzes Systemlaufwerk mit erweiterten (logischen) Partitionen nur unter Windows Vista (oder späteren Versionen von Windows) verschlüsseln. Unter Windows XP können Sie ein ganzes Systemlaufwerk nur verschlüsseln wenn es ausschließlich primäre Partitionen enthält.\n\nHinweis: Sie können aber die Systempartition anstatt des gesamten Laufwerks verschlüsseln und zusätzlich partitionsbasierte VeraCrypt-Volumes für alle Nicht-Systempartitionen auf dem Laufwerk erstellen. - WARNUNG: Da Sie Windows XP/2003 ausführen, dürfen Sie nach dem Starten der Laufwerksverschlüsselung KEINE erweiterte (logische) Partition auf dem Laufwerk erstellen (Sie können nur primäre Partitionen erstellen). Alle erweiterten (logischen) Partition auf dem Laufwerk wären nach dem Starten der Verschlüsselung nicht zugänglich (derzeit enthält das Laufwerk keine solche Partition).\n\nHinweis: Wenn diese Einschränkung nicht akzeptabel ist, dann können Sie zurück gehen und nur die Systempartition anstatt des gesamten Laufwerks verschlüsseln (und zusätzlich partitionsbasierte VeraCrypt-Volumes für alle Nicht-Systempartitionen auf dem Laufwerk erstellen).\n\nWenn diese Einschränkung nicht akzeptabel ist, sollten Sie alternativ eine Aktualisierung auf Windows Vista oder eine höhere Version von Windows in Erwägung ziehen (Sie können ein ganzes Laufwerk welches erweiterte/logische Partitionen enthält nur unter Windows Vista oder höher verschlüsseln). - Ihr System enthält ein Sonderpartition.\n\nWenn Sie ein Notebook nutzen enthält Ihre Systemfestplatte wahrscheinlich eine spezielle Wiederherstellungspartition. Nachdem das gesamte System verschlüsselt wurde (inklusive der Wiederherstellungspartition) könnte ihr System nicht mehr hochfahren falls Ihr Computer ein unpassendes BIOS nutzt. Es wäre also unmöglich die Wiederherstellungspartition zu nutzen bis die Festplatte komplett entschlüsselt ist. Daher empfehlen wir nur die Systempartition zu verschlüsseln. - Möchten Sie, statt des gesamten Laufwerks, nur die Systempartition verschlüsseln?\n\nBeachten Sie, dass Sie auf dem Laufwerk (zusätzlich zum Verschlüsseln der Systempartition) Partitionsbasierte VeraCrypt-Volumes in alle Nicht-Systempartitionen erstellen können. - Da Ihr Systemlaufwerk nur eine einzige Partition enthält, die das gesamte Laufwerk belegt, ist es vorzuziehen (sicherer) das gesamte Laufwerk einschließlich den freien „slack“ Speicher, welcher normalerweise eine solche Partition umgibt zu verschlüsseln.\n\nMöchten Sie das gesamte Systemlaufwerk verschlüsseln? - Ihr System ist so konfiguriert das temporäre Dateien auf einer Nicht-System Partition gespeichert werden.\n\nTemporäre Dateien werden normalerweise nur auf einer Systempartition gespeichert. - Ihre Benutzerprofildateien sind nicht auf der Systempartition gespeichert.\n\nBenutzerprofildateien werden normalerweise nur auf einer Systempartition gespeichert. - Es ist eine/sind Auslagerungsdatei(en) auf (einer) Nicht-Systempartition(en) vorhanden.\n\nAuslagerungsdateien befinden sich eigentlich nur auf System-Partitionen. - Möchten Sie Windows nun so einstellen, dass die Auslagerungsdateien nur auf der Windowspartition erstellt werden?\n\nBeachten Sie dabei bitte, falls Sie auf „Ja“ klicken, wird Ihr PC neu gestartet. Danach starten Sie VeraCrypt bitte erneut und versuchen die Erstellung eines versteckten Betriebssystems erneut. - Andernfalls kann die glaubhafte Leugnung des Versteckten Betriebssystems nachteilig beeinflusst werden.\n\nHinweis: Wenn ein Gegner den Inhalt solcher Dateien analysiert (befinden sich auf einer Nicht-Systempartition), dann könnte er herausfinden das Sie diesen Assistenten im „Verstecktes-System erstellen“-Modus verwendet haben (welcher auf die Existenz eines Versteckten Systems auf Ihrem Computer hindeuten kann). Beachten Sie auch, dass alle diese Dateien auf der Systempartition während der Erstellung des Versteckten Betriebssystems sicher von VeraCrypt gelöscht werden. - ACHTUNG: Während der Erstellung des Versteckten Betriebssystems werden Sie das derzeit laufende System komplett neu installieren müssen (um ein Köder-System sicher zu erstellen).\n\nHinweis: das derzeit laufende Betriebssystem und der gesamte Inhalt der Systempartition wird in das versteckte Volume kopiert werden (um das versteckte Betriebssystem zu erstellen).\n\n\nSind Sie sicher, dass Sie in der Lage sind Windows mit Hilfe eines Windows Installationsmediums (oder einer Service-Partition) zu installieren? - Aus Sicherheitsgründen muss das derzeitige Betriebssystem aktiviert werden bevor sie fortfahren, sofern es eine Aktivierung (zu irgendeinem Zeitpunkt) benötigt. Bitte beachten Sie, dass das versteckte Betriebssystem erstellt wird indem der Inhalt der Systempartition in ein verstecktes Volume kopiert wird (wenn dieses Betriebssystem nicht aktiviert ist wird das versteckte Betriebssystem deshalb ebenfalls nicht aktiviert sein). Für mehr Informationen, siehe Abschnitt „Security Requirements and Precautions Pertaining to Hidden Volumes“ im VeraCrypt-Benutzerhandbuch.\n\nWICHTIG: Bevor sie fortfahren, stellen Sie sicher, dass Sie den Abschnitt „Security Requirements and Precautions Pertaining to Hidden Volumes“ im VeraCrypt-Benutzerhandbuch gelesen haben.\n\nEntspricht Ihr derzeit installiertes Betriebssystem den genannten Bedingungen? - Ihr Betriebssystem benutzt eine extra Bootpartition. VeraCrypt unterstützt den Ruhezustand von versteckten Betriebssystemen mit extra Bootpartition nicht (Köder-Systeme können problemlos in den Ruhezustand wechseln).\n\nBitte beachten Sie, dass die Bootpartition vom Köder-System und dem versteckten Betriebssystem geteilt werden würde. Um Datenlecks und Probleme während dem Aufwachen aus dem Ruhezustand zu verhindern muss VeraCrypt deshalb das versteckte System daran hindern auf die geteilte Bootpartition zu schreiben oder in den Ruhestand zu wechseln.\n\nMöchten Sie fortfahren? Wenn Sie „Nein“ wählen werden Anweisungen für das Entfernen der extra Bootpartition angezeigt. - \nDie extra Bootpartition kann vor der Installation von Windows entfernt werden. Um dies zu tun, befolgen sie diese Schritte:\n\n1) Starten Sie Windows von der Installations-CD. \n\n2) Im Windows-Installationsbildschirm, klicken Sie „Jetzt installieren“; > „Benutzerdefiniert (erweitert)“.\n\n3) Klicken Sie auf „Laufwerksoptionen (erweitert)“.\n\n4)Wählen Sie die Hauptsystempartition aus und löschen Sie diese indem Sie „Löschen“ und „OK“ klicken.\n\n5) Wählen Sie die „System-reservierte“ Partition, klicken sie „erweitern“ und vergrößern Sie diese so, dass das Betriebssystem darauf installiert werden kann.\n\n6) Klicken Sie „Anwenden“ und „OK“.\n\n7) Installieren Sie Windows auf der „System-reservierten“ Partition.\n\n\nSollte jemand fragen warum Sie die extra Bootpartition entfernt haben können Sie antworten, dass Sie alle möglichen Datenlecks auf die unverschlüsselte Bootpartition vermeiden wollten.\n\nBitte beachten Sie: Sie können diesen Text ausdrucken indem Sie auf den unten stehenden „Drucken“-Knopf klicken. Wenn Sie diesen Text speichern oder drucken (wird dringend empfohlen es sei denn Ihr Drucker speichert Kopien gedruckter Dokumente auf seinem internen Speicher) sollten Sie ihn und alle Kopien zerstören nachdem Sie die extra Bootpartition entfernt haben (andernfalls könnte der Text gefunden und ein Rückschluss auf ein verstecktes Betriebssystem gezogen werden). - WARNUNG: Es gibt einen nicht zugeordneten Bereich zwischen der Systempartition und der ersten Partition dahinter. Sie dürfen nach dem Erstellen des versteckten Betriebssystems keine neuen Partitionen in dem nicht zugeordneten Bereich erstellen. Das Versteckte Betriebssystem wird andernfalls nicht starten (bis Sie solche neu erstellten Partitionen löschen). - Dieser Algorithmus wird derzeit nicht für die Systemverschlüsselung unterstützt. - Dieser Algorithmus ist im TrueCrypt-Modus nicht vorhanden. - PIM (Personal Iterations Multiplier) wird nicht im TrueCrypt-Modus unterstützt. - Das Passwort muss 20 oder mehr Zeichen haben, um den festgelegten PIM verwenden zu können.\nKürzere Passwörter können nur verwendet werden, wenn der PIM-Wert 485 oder größer ist. - Das Prä-Boot-Authentifikationspasswort muss 20 oder mehr Zeichen haben, um den festgelegten PIM verwenden zu können.\nKürzere Passwörter können nur verwendet werden, wenn der PIM Wert 98 oder größer ist. - Schlüsseldateien werden derzeit nicht für die Systemverschlüsselung unterstützt. - WARNUNG: VeraCrypt konnte die ursprüngliche Tastaturbelegung nicht wiederherstellen. Dadurch könnten Sie das Passwort falsch eingeben. - Fehler: Es kann die Tastaturbelegung für VeraCrypt nicht auf die Standard-US-Tastaturbelegung festgelegt werden.\n\nBeachten Sie, dass das Passwort in der Prä-Boot-Umgebung eingegeben werden muss (bevor Windows startet), wo Nicht-US-Windows-Tastaturbelegungen nicht verfügbar sind. Daher muss das Passwort immer unter Verwendung der Standard-US-Tastaturbelegung eingegeben werden. - Da VeraCrypt vorübergehend die Tastaturbelegung auf die Standard-US-Tastaturbelegung geändert hat, ist es nicht möglich bei gedrückter rechter ALT-Taste Zeichen einzugeben. Jedoch können Sie die meisten solcher Zeichen schreiben, indem Sie bei gedrückter Umschalt-Taste die passenden Tasten drücken. - VeraCrypt verhinderte die Änderung des Tastaturbelegungs. - Hinweis: Sie müssen das Passwort in der Prä-Boot-Umgebung eingeben (bevor Windows startet), in der Nicht-US Windows Tastaturbelegungs nicht verfügbar sind. Daher muss immer unter Verwendung der Standard-US-Tastaturbelegung das Passwort eingegeben werden. Allerdings ist es wichtig zu beachten, dass Sie keine echte US-Tastatur brauchen. VeraCrypt stellt automatisch sicher, dass Sie das Passwort problemlos eingeben können (jetzt und in der Prä-Boot-Umgebung) selbst wenn Sie KEINE echte US-Tastatur haben. - Bevor sie die Partition/das Laufwerk verschlüsseln können müssen Sie einen VeraCrypt-Rettungsdatenträger (VRD) erstellen, die für die folgenden Fälle notwendig ist:\n\n- Wenn der VeraCrypt-Bootloader, der Hauptschlüssel oder andere kritische Daten beschädigt werden, erlaubt die VRD diese Daten wieder herzustellen (Sie benötigen trotzdem das korrekte Passwort).\n- Wenn Windows beschädigt wird und nicht starten kann ermöglicht die VRD es die Partition/das Laufwerk vor dem Systemstart dauerhaft zu entschlüsseln.\n- Die VRD enthält eine Sicherung des derzeitigen Inhaltes des ersten Datenblocks (Header) der Partition/des Laufwerks (welcher normalerweise einen Systemstarter oder Bootmanager enthält) und erlaubt es diesen, falls nötig, wieder herzustellen.\n\nDas VeraCrypt-Rettungsdatenträger-Abbild wird hier erstellt: - Nachdem sie OK geklickt haben wird das Microsoft Windows ISO-Brennprogramm gestartet. Bitte benutzen Sie es, um das VeraCrypt-Rettungsdatenträgerabbild auf eine CD oder DVD zu brennen.\n\nNachdem Sie das getan haben, kehren Sie bitte zum Assistent zum Erstellen eines VeraCrypt-Volumes zurück und folgen Sie den Anweisungen. - Der VeraCrypt-Rettungsdatenträger wurde erfolgreich erstellt und an folgendem Ort gespeichert:\n%s\nJetzt müssen Sie es auf eine CD oder DVD brennen.\n\n%lsNachdem Sie das getan haben, klicken Sie bitte auf „Weiter“, um die Korrektheit des Rettungsdatenträgers zu überprüfen. - Der VeraCrypt-Rettungsdatenträger wurde erfolgreich erstellt und an folgendem Ort gespeichert:\n%s\nJetzt sollten Sie es entweder auf eine CD oder DVD brennen oder für die spätere Verwendung an einen sicheren Ort verschieben.\n\n%lsKlicken Sie auf „Weiter“, um fortzufahren. - WICHTIG: Bitte beachten Sie, dass die Datei als ISO-Abbilddatei und NICHT als einzelne Datei auf die CD geschrieben werden muss. Informationen wie Sie das tun erhalten Sie in der Dokumentation Ihrer Brennsoftware. Wenn Sie keine CD- bzw. DVD-Brennsoftware besitzen, welche das ISO-Abbild auf eine CD/DVD schreiben kann, klicken Sie auf den unten stehenden Link, um ein freies Programm herunterzuladen.\n\n - Microsoft Windows ISO-Brennprogramm starten - WARNUNG: Wenn Sie bereits einen VeraCrypt-Rettungsdatenträger in der Vergangenheit erstellt haben, kann dieser nicht für diese Systempartition/dieses Laufwerk wiederverwendet werden, da er für einen anderen Hauptschlüssel erstellt wurde! Sie müssen jedes Mal, wenn Sie eine Systempartition/ein Systemlaufwerk verschlüsseln, einen neuen Rettungsdatenträger dafür erstellen, selbst wenn Sie dasselbe Passwort verwenden. - Fehler: Die Einstellungen für die Systemverschlüsselung können nicht gespeichert werden. - Der Vortest für die Systemverschlüsselung konnte nicht initiiert werden. - Der Vorgang für die Erstellung des Versteckten Betriebssystems kann nicht initiiert werden. - Sicher Löschen - Bei einigen Typen von Speichermedien könnten Daten, die überschrieben wurden, mithilfe der Magnetkraftmikroskopie wiederhergestellt werden. Dies gilt auch für Daten, die in Ihrer verschlüsselten Form überschrieben wurden (was passiert, wenn VeraCrypt erstmals unverschlüsselte Partitionen oder Laufwerke verschlüsselt). Einige Studien und öffentliche Publikationen geben an, dass die Wiederherstellung von überschriebenen Daten verhindert (oder zumindest erschwert) werden kann, indem die Daten mit pseudozufälligen und bestimmten nicht zufälligen Daten überschrieben werden. Wenn Sie glauben, dass ein Angreifer möglicherweise solche Techniken verwenden könnte, um Ihre verschlüsselten Daten wiederherzustellen, dann sollten Sie einen der Lösch-Modi wählen (vorhandene Daten gehen NICHT verloren). Das Löschen kann NICHT ausgeführt werden nachdem die Partition/das Laufwerk verschlüsselt wurde. Dann werden alle Daten nämlich zuerst im Speicher verschlüsselt und erst dann auf den Datenträger geschrieben. - Bei einigen Typen von Speichermedien kann mithilfe der Magnetkraftmikroskopie Daten, die von anderen Daten (z.B. wenn die Daten gelöscht sind) überschrieben wurden, wiederhergestellt werden. Einige Studien und öffentliche Publikationen geben an, dass die Wiederherstellung von überschriebenen Daten verhindert werden kann (oder zumindest erschwert wird), in dem die Daten mit pseudozufälligen und bestimmten nicht zufälligen Daten überschrieben werden. Wenn Sie glauben, dass ein Angreifer möglicherweise solche Techniken verwenden könnte, um Ihre Daten wiederherzustellen, die Sie verschlüsseln möchten, dann könnten Sie einen der Lösch-Modi wählen.\n\nHinweis: Je mehr Durchläufe Sie wählen, desto länger dauert das Löschen der Daten. - Löschen - \nHinweis: Sie können den Löschvorgang unterbrechen, fahren Sie den Computer herunter, starten Sie das versteckte System wieder und setzen dann den Vorgang fort (dieser Assistent wird automatisch gestartet). Wenn Sie ihn jedoch unterbrechen, dann muss der gesamte Löschvorgang von vorn beginnen. - \n\nHinweis: Wenn Sie den Löschvorgang unterbrechen und dann versuchen ihn fortzusetzen, so muss der gesamte Löschvorgang von vorn beginnen. - Möchten Sie den Löschvorgang abbrechen? - WARNUNG: Der gesamte Inhalt der ausgewählten Partition/des Laufwerkes wird gelöscht und geht verloren. - Der gesamte Inhalt der Partition, auf der sich das Original System befindet, wird gelöscht.\n\nHinweis: Der gesamte Inhalt der Partition (der gelöscht werden soll) wurde auf diese Versteckte Systempartition kopiert. - WARNUNG: Beachten Sie, wenn Sie z.B. 3 Durchgänge im Lösch-Modus auswählen, dass die erforderliche Zeit zum Verschlüsseln des Laufwerkes/der Partition bis zu 4-mal länger werden kann. Wenn Sie den Modus mit 35 Durchgängen wählen, so kann es bis zu 36 Mal länger dauern (es könnte Wochen dauern).\n\nBeachten Sie jedoch, der Löschvorgang kann NICHT ausgeführt werden, nachdem die Partition/das Laufwerk vollständig verschlüsselt wurde. Wenn die Partition/das Laufwerk vollständig verschlüsselt ist, dann werden keine unverschlüsselten Daten jemals darauf geschrieben. Alle darauf zu schreibenden Daten werden zuerst „on-the-fly“ im Speicher verschlüsselt und nur dann werden die (verschlüsselten) Daten auf den Datenträger geschrieben (damit wird die Leistung nicht beeinflusst).\n\nMöchten Sie den Lösch-Modus trotzdem verwenden? - Ohne (am schnellsten) - 1-Durchgang (Zufalls Daten) - 3-Durchgänge (US DoD 5220.22-M) - 7-Durchgänge (US DoD 5220.22-M) - 35-Durchgänge („Gutmann“) - 256-Durchgänge - Anzahl der Betriebssysteme - WARNUNG: Unerfahrene Benutzer sollten niemals versuchen Windows in einer Multiboot-Konfigurationen zu verschlüsseln.\n\nFortfahren? - Wenn Sie ein verstecktes Betriebssystem erstellen oder nutzen, unterstützt VeraCrypt Multi-Boot-Konfigurationen nur wenn die folgenden Bedingungen erfüllt sind:\n\n- Das derzeit laufende Betriebssystem muss auf dem Bootlaufwerk installiert sein welches keine weiteren Betriebssysteme enthalten darf.\n\n- Betriebssysteme auf anderen Laufwerken dürfen keine Bootloader nutzen die auf demselben Laufwerk liegen auf dem das derzeit aktive Betriebssystem installiert ist.\n\nSind die obigen Bedingungen erfüllt? - VeraCrypt unterstützt diese Multi-Boot-Konfiguration nicht wenn ein verstecktes Betriebssystem erstellt/genutzt wird. - Startlaufwerk - Ist das zurzeit laufende Betriebssystem auf dem Boot-Laufwerk installiert?\n\nHinweis: Manchmal ist Windows nicht auf demselben Laufwerk installiert, auf dem der Windows-Bootloader (Boot-Partition) installiert ist. Wenn das der Fall ist, wählen Sie „Nein“. - VeraCrypt unterstützt momentan das Verschlüsseln eines Betriebssystems nicht, welches nicht von dem Laufwerk gestartet wird auf dem es installiert ist. - Anzahl der Systemlaufwerke - Wie viele Laufwerke enthalten ein Betriebssystem?\n\nHinweis: Beispielsweise, wenn Sie irgendein Betriebssystem (z.B. Windows, Mac OS X, Linux, etc.) auf dem primären Laufwerk und ein zusätzliches Betriebssystem auf einem sekundären Laufwerk installiert haben dann wählen Sie „2 oder mehr“ aus. - VeraCrypt unterstützt derzeit nicht die Verschlüsselung eines ganzen Laufwerkes, auf dem mehrere Betriebssysteme sind.\n\nMögliche Lösungen:\n\n- Sie können eines der Systeme verschlüsseln wenn Sie zurückgehen und sich für das verschlüsseln einer einzelnen Partition entscheiden (im Gegensatz zur Auswahl für das Verschlüsseln des gesamten Systemlaufwerkes).\n\n- Alternativ können Sie das ganze Laufwerk verschlüsseln wenn Sie einige der Systeme, bis auf das welches Sie verschlüsseln möchten, auf ein anderes Laufwerk verschieben. - Mehrere Systeme auf einem Laufwerk - Sind noch andere Betriebssysteme auf dem Laufwerk installiert, auf dem das z.Z. laufende Betriebssystem Installiert ist?\n\nHinweis: Beispielsweise wenn das aktuell laufende Betriebssystem auf dem Laufwerk #0 installiert ist, welches mehrere Partitionen enthält und eine dieser Partitionen enthält Windows, eine andere Partition enthält ein weiteres Betriebssystem (z.B. Windows, Mac OS X, Linux usw.), dann wählen Sie „Ja“. - Nicht-Windows Bootloader - Ist statt des Windows Bootloaders ein anderer Bootloader (oder Bootmanager) im Master Boot Record (MBR) installiert?\n\nHinweis: Beispielsweise, wenn die erste Spur des Startlaufwerkes GRUB, LILO, XOSL, oder einen anderen Nicht-Windows Boot Manager (oder Bootloader) enthält, dann wählen Sie „Ja“. - Multi-Boot - VeraCrypt unterstützt momentan keine Multiboot – Konfigurationen auf dem ein Nicht-Windows-Bootloader im Master Boot Record installiert ist.\n\nMögliche Lösungen:\n\n- Wenn Sie einen Boot-Manager nutzen um Windows und Linux zu booten, dann verschieben Sie den Boot-Manager (normalerweise GRUB) vom Master Boot Record auf eine Partition. Dann starten Sie diesen Assistenten erneut und verschlüsseln die Systempartition/das Laufwerk. HINWEIS: Der VeraCrypt-Bootloader wird Ihr Primärer Boot-Manager werden, welcher es Ihnen erlaubt den originalen Boot-Manager (z.B. GRUB) als Sekundären Boot-Manager zu starten (ESC im VeraCrypt-Bootloader-Bildschirm drücken), was es Ihnen ermöglicht Linux zu booten. - Wenn das aktuell ausgeführte Betriebssystem auf der Startpartition installiert ist, dann müssen Sie, nachdem Sie es verschlüsselt haben, immer das richtige Passwort eingeben auch wenn Sie ein anderes unverschlüsseltes Windows System starten möchten (da diese sich einen einzigen verschlüsselten Windows Bootloader/Manager teilen).\n\nWenn im Gegensatz dazu das derzeit laufende Betriebssystem nicht auf der Startpartition installiert ist (oder wenn der Windows-Bootloader/Manager nicht von allen anderen Systemen verwendet wird), dann müssen Sie nicht das korrekte Passwort zum Starten der anderen unverschlüsselten Systeme eingeben, nachdem Sie dieses System verschlüsselt haben -- Sie müssen nur die ESC-Taste drücken, um das unverschlüsselte System zu starten (wenn es mehrere unverschlüsselte Systeme gibt, dann müssen Sie im VeraCrypt-Bootmanager wählen, welches der Systeme gestartet werden soll).\n(Hinweis: Normalerweise ist das erste installierte Windows System auf der Startpartition installiert.) - Verschl. des Host-geschützten Bereichs - Am Ende vieler Laufwerke gibt es einen Bereich der normalerweise vom Betriebssystem versteckt wird (solche Bereiche werden als Host- geschützte Bereiche bezeichnet). Allerdings können manche Programme von/auf solche(n) Bereiche(n) lesen und schreiben.\n\nWARNUNG: Einige Computerhersteller verwenden möglicherweise solche Bereiche, um Werkzeuge und Daten für RAID, Systemwiederherstellung, Systeminstallation, Diagnose oder andere Zwecke zu speichern. Wenn solche Tools oder Daten vor dem Starten zugänglich sein müssen, dann sollte der versteckte Bereich nicht verschlüsselt werden (wählen Sie oben „Nein“).\n\nMöchten Sie das VeraCrypt einen solchen Bereich (falls vorhanden) am Ende des Systemlaufwerkes ermittelt und verschlüsselt? - Art der System-Verschlüsselung - Wählen Sie diese Option, wenn Sie lediglich die Systempartition oder das gesamte Systemlaufwerk verschlüsseln möchten. - Es kann vorkommen, dass Sie gezwungen werden das Betriebssystem zu entschlüsseln. Es gibt viele Situationen, in denen Sie sich nicht weigern können (z.B. wegen Erpressung). Bei Auswahl dieser Option erstellen Sie ein verstecktes Betriebssystem, dessen Existenz unmöglich zu beweisen sein sollte (vorausgesetzt das gewisse Richtlinien eingehalten werden). Daher müssen Sie das versteckte Betriebssystem nicht entschlüsseln oder das Passwort dafür herausgeben. Für eine genauere Erklärung klicken Sie bitte auf den Link unten. - Es kann vorkommen, dass Sie gezwungen werden das Betriebssystem zu entschlüsseln. Es gibt viele Situationen, in denen Sie sich nicht weigern können das Passwort herauszugeben (z.B. wegen Erpressung).\n\nMit diesem Assistenten können Sie ein verstecktes Betriebssystem erstellen, dessen Existenz unmöglich zu beweisen ist (vorausgesetzt, dass bestimmte Richtlinien eingehalten werden). Daher müssen Sie das versteckte Betriebssystem nicht entschlüsseln oder das Passwort dafür herausgeben. - Verstecktes Betriebssystem - In den folgenden Schritten erstellen Sie 2 VeraCrypt-Volumes (Äußeres u. Verstecktes) innerhalb der ersten Partition hinter der Systempartition. Das Versteckte Vol. enthält das versteckte Betriebssystem (BS). VeraCrypt erstellt dieses durch kopieren des Inhaltes der Systempartition (des gerade laufenden BS). Auf das äußere Volume kopieren Sie einige wichtig wirkende Dateien, die Sie NICHT verstecken möchten. Diese sind für Personen bestimmt die Sie zwingen das Passwort für die versteckte BS-Partition preis zu geben. Sie können das Passwort für das äußere Vol. innerhalb des versteckten BS verraten (das versteckte BS bleibt geheim).\n\nAbschließend installieren Sie auf der Systempartition des gerade lau- fenden BS ein neues BS, ein sogenanntes Köder-BS, und verschlüs- seln es. Es darf keine sensiblen Daten enthalten u. ist für Personen, die Sie zwingen das PBA-Passwort zu verraten. Es wird 3 Passwörter geben, 2 davon können Sie verraten (für das Köder-BS u. das äußere Volume). Bei verw. des Dritten, wird das versteckte BS gestartet. - Versteckte Sektoren ermitteln - Bitte warten Sie, während VeraCrypt am Ende des Systemlaufwerkes mögliche Versteckte Sektoren sucht. Beachten Sie, dass es lange dauern kann bis dies beendet ist.\n\nHinweis: In sehr seltenen Fällen wird auf einigen Computern das System während dieses Erkennungsvorganges möglicherweise nicht mehr reagieren. Wenn dies geschieht, dann starten Sie den Computer neu, Starten Sie VeraCrypt und wiederholen Sie die vorherigen Schritte aber überspringen Sie diesen Erkennungsvorgang. Beachten Sie, dass dieses Problem nicht durch einen Fehler in VeraCrypt verursacht wird. - Bereich der Verschlüsselung - Wählen Sie diese Option wenn Sie die gesamte Festplatte verschlüsseln möchten auf dem das derzeit laufende Windows installiert ist. Das gesamte Laufwerk mit allen Partitionen wird verschlüsselt, mit Ausnahme des ersten Datenblocks (Header) auf dem der VeraCrypt-Bootloader installiert wird. Um auf das Betriebssystem oder Dateien auf diesem Laufwerk zuzugreifen muss das korrekte Passwort vor jedem Start eingegeben werden. Diese Option kann NICHT dazu benutzt werden eine 2. oder externe Festplatte zu verschlüsseln wenn dort kein Windows installiert ist und es nicht von der Festplatte startet. - Zufällige Daten sammeln - Schlüssel generieren - VeraCrypt hat keinen CD- bzw. DVD-Brenner in Ihrem Computer gefunden. VeraCrypt benötigt einen bootbaren VeraCrypt-Rettungsdatenträger, welcher eine Sicherung der Verschlüsselungsschlüssel, des VeraCrypt Bootloaders, des originalem System-Loaders usw. enthält.\n\nEs wird dringend empfohlen, den VeraCrypt-Rettungsdatenträger zu brennen. - Ich habe keinen CD- bzw. DVD-Brenner, aber ich werde das Rettungsdatenträger-ISO-Abbild auf einem Wechseldatenträger sichern (z.B. USB-Stick). - Ich werde später einen CD- bzw DVD-Brenner an meinen Computer anschließen. Den Vorgang jetzt beenden. - Es ist derzeit ein CD- bzw. DVD-Brenner mit dem Computer verbunden. Fortfahren und den Rettungsdatenträger erstellen. - Bitte folgen Sie diesen Schritten:\n\n1) Einen Wechseldatenträger (z.B. USB-Stick) mit dem Computer verbinden.\n\n2) Kopieren Sie den VeraCrypt-Rettungsdatenträger-Abbild (%s) auf den Wechseldatenträger.\n\nSollten Sie die VeraCrypt-Rettungsdatenträger in der Zukunft benötigen können Sie den Wechseldatenträger (mit dem VeraCrypt-Rettungsdatenträger-Abbild) an einen Computer mit einem CD- bzw. DVD-Brenner anschließen und die Rettungs-CD brennen. WICHTIG: Bitte beachten Sie, dass das VeraCrypt-Rettungsdatenträger-Abbild als ISO-Abbild gebrannt werden muss (nicht als Datei). - Rettungsdatenträger brennen - Rettungsdatenträger fertig gestellt - Systemverschlüsselungsvortest - Rettungsdatenträger überprüfen - \nDer VeraCrypt-Rettungsdatenträger wurde erfolgreich überprüft. Bitte entfernen Sie diesen aus dem Laufwerk und bewahren Sie ihn an einem sicheren Ort auf.\n\nKlicken Sie „Weiter“, um fortzufahren. - WARNUNG: Der VeraCrypt-Rettungsdatenträger darf sich während der nächsten Schritte nicht im Laufwerk befinden. Andernfalls wird es nicht möglich sein die Schritte erfolgreich zu beenden.\n\nEntfernen Sie ihn nun aus dem Laufwerk und bewahren Sie ihn an einem sicheren Ort auf. Klicken Sie dann auf „OK“. - WARNUNG: Aufgrund von technischen Einschränkungen in der Prä-Boot-Umgebung können Texte durch VeraCrypt in der Prä-Boot-Umgebung (d.h. bevor Windows gestartet wird) nicht übersetzt angezeigt werden. Die Oberfläche des VeraCrypt-Bootloaders ist vollständig in Englisch.\n\nFortfahren? - Bevor das Verschlüsseln Ihrer Systempartition oder Ihres Laufwerkes beginnen kann, muss VeraCrypt überprüfen ob alles ordnungsgemäß funktioniert.\n\nNachdem Sie auf „Test“ klicken werden alle notwendigen Komponenten (z.B. die Prä-Boot Authentifikationskomponente, d.h. der VeraCrypt-Bootloader) installiert und Ihr Computer wird dann neu gestartet. Anschließend müssen Sie Ihr Passwort im VeraCrypt-Bootloader-Bildschirm eingeben, welcher angezeigt wird bevor Windows startet. Nachdem Windows gestartet wurde, werden Sie automatisch über das Ergebnis dieses Vortests informiert.\n\nDas folgende Laufwerk wird bearbeitet: Laufwerk #%d\n\n\nWenn Sie jetzt auf Abbrechen klicken, dann wird der Vortest nicht ausgeführt. - WICHTIGE HINWEISE - - BITTE LESEN UND GGF. AUSDRUCKEN („Drucken“ klicken):\n\nBitte beachten Sie, dass Ihre Daten nicht verschlüsselt werden bevor Sie Ihren Computer und Windows erfolgreich neu gestartet haben. Dadurch gehen Ihre Daten nicht verloren wenn ein Fehler auftritt. Allerdings kann es in Folge von Fehlern zu Startproblemen von Windows kommen. Lesen Sie bitte deshalb die folgenden Richtlinien für den Fall, dass Windows nicht mehr hoch fährt nachdem Sie den Computer neu starten (und drucken Sie sie wenn möglich aus).\n\n - Vorgehensweise wenn Windows nicht startet\n------------------------------------------------\n\nHinweis: Diese Anweisungen gelten nur wenn Sie den Verschlüsselungsprozess noch nicht begonnen haben.\n\n- Wenn Windows nicht startet nachdem Sie das korrekte Passwort eingegeben haben (oder wenn Sie wiederholt das korrekte Passwort eingeben aber VeraCrypt sagt, dass es falsch ist), bleiben Sie ruhig. Starten Sie den Computer neu (Strom ausschalten und wieder anschalten) und drücken sie nach dem Erscheinen des VeraCrypt-Ladebildschirms die ESC-Taste auf Ihrer Tastatur (und, falls Sie mehrere Systeme haben, wählen Sie eines zum Starten aus). Windows sollte dann starten (vorausgesetzt, dass es nicht verschlüsselt ist) und VeraCrypt wird automatisch fragen, ob Sie die Prä-Boot-Authentifikation deinstallieren möchten. Bitte beachten Sie, dass die genannten Schritte NICHT funktionieren wenn die Systempartition/das Systemlaufwerk verschlüsselt ist (es ist unmöglich ein verschlüsseltes Windows zu starten oder auf verschlüsselte Daten zuzugreifen ohne das korrekte Passwort einzugeben, auch wenn die vorherigen Schritte befolgt werden).\n\n - - Wenn die vorherigen Schritte nicht helfen oder der VeraCrypt-Ladebildschirm nicht erscheint (vor dem Start von Windows), legen Sie den VeraCrypt-Rettungsdatenträger in Ihr CD/DVD-Laufwerk ein und starten Sie Ihren Computer neu. Wenn der VeraCrypt-Rettungsdatenträger-Bildschirm nicht erscheint (oder wenn „Repair Options“ nicht im Abschnitt „Keyboard Controls“ des VeraCrypt-Rettungsdatenträger-Bildschirms verfügbar ist), ist es möglich, dass Ihr BIOS so konfiguriert ist, dass es zuerst versucht von Festplatte und dann von CD zu starten. In diesem Fall müssen Sie den Computer neu starten und die F2-Taste oder Entf-Taste drücken (sobald Sie einen BIOS-Startbildschirm sehen), bis der BIOS-Einstellungsbildschirm erscheint. Erscheint kein BIOS-Einstellungsbildschirm, so müssen Sie den Computer neu starten und die F2-Taste oder Entf-Taste sofort wiederholt drücken. Wenn der BIOS-Einstellungsbildschirm erscheint, stellen Sie Ihr BIOS so ein, dass es zuerst von CD/DVD bootet (für genauere Informationen lesen Sie bitte in der Bedienungsanleitung Ihres BIOS/Motherboards nach oder kontaktieren Sie den Support Ihres Computerherstellers). Danach starten Sie Ihren Computer neu. Der VeraCrypt-Rettungsdatenträger-Bildschirm sollte jetzt erscheinen. Hier wählen Sie nun „Repair Options“ indem Sie die F8-Taste Ihrer Tastatur drücken. Aus dem „Repair Options“-Menü wählen Sie „Restore original system loader“. Entfernen Sie jetzt die Rettungs-CD aus dem CD- bzw. DVD-Laufwerk und starten Sie den Computer neu. Windows sollte jetzt normal starten (vorausgesetzt, dass es nicht verschlüsselt ist).\n\n - Bitte beachten Sie, dass die genannten Schritte NICHT funktionieren wenn die Systempartition/das Systemlaufwerk verschlüsselt ist (es ist unmöglich ein verschlüsseltes Windows zu starten oder auf verschlüsselte Daten zuzugreifen ohne das korrekte Passwort einzugeben, auch wenn die vorherigen Schritte befolgt werden).\n\n\nBitte beachten Sie, dass es einem Angreifer unmöglich sein wird die Systempartition ohne das korrekte Passwort zu entschlüsseln, selbst wenn er den VeraCrypt-Rettungsdatenträger findet. - Vortest abgeschlossen - Der Vortest wurde erfolgreich abgeschlossen.\n\nWARNUNG: Wenn die Stromversorgung plötzlich unterbrochen wird während vorhandene Daten „in-place“ verschlüsselt werden, oder wenn das Betriebssystem wegen eines Software- oder Hardwarefehlers abstürzt während VeraCrypt vorhandene Daten „in-place“ verschlüsselt, dann werden Daten beschädigt oder gehen verloren. Stellen Sie daher bitte sicher, dass Sie Sicherungskopien von den Dateien haben die Sie verschlüsseln möchten, bevor Sie mit dem Verschlüsseln beginnen. Wenn dies nicht der Fall ist, dann Sichern Sie Ihre Dateien jetzt (Sie können auf „Später“ klicken, um die Dateien zu sichern, VeraCrypt jederzeit wieder starten und „System“ > „Unterbrochenen Vorgang fortsetzen“ wählen, um die Verschlüsselung zu starten).\n\nWenn Sie fertig sind, klicken Sie auf „Verschlüsseln“, um zu beginnen. - Sie können jederzeit „Pause“ oder „Später“ klicken, um den Ver- oder Entschlüsselungsprozess anzuhalten, diesen Assistenten verlassen, den Computer neu starten oder herunterfahren und den Prozess dann vom pausierten Punkt wieder aufnehmen. Um ein Verlangsamen des Computers zu verhindern wenn das System oder ein Programm auf das Systemlaufwerk zugreifen, wartet VeraCrypt automatisch bis die Daten geschrieben oder gelesen wurden (siehe Status oben) und fährt dann automatisch fort. - \nSie können jederzeit „Pause“ oder „Später“ klicken, um den Verschlüsselungsprozess zu unterbrechen, diesen Assistenten verlassen, den Computer neu starten oder herunterfahren und dann den Prozess wieder fortsetzen. Beachten Sie, dass das Volume nicht eingebunden werden kann, bis es vollständig verschlüsselt wurde. - \nSie können jederzeit „Pause“ oder „Später“ klicken, um den Entschlüsselungsprozess zu unterbrechen, diesen Assistenten verlassen, den Computer neu starten oder herunterfahren und dann den Prozess wieder fortsetzen. Es wird an dem Punkt fortgesetzt, an dem Sie gestoppt haben. Bitte beachten Sie, dass das Volume nicht eingebunden werden kann bis es vollständig entschlüsselt wurde. - Verstecktes System gestartet - Originales System - Windows erstellt (typischerweise, ohne Ihr Wissen oder Zustimmung) verschiedene Log-Dateien, temporäre Dateien, etc. auf der Systempartition. Es speichert auch den Inhalt des RAMs für den Ruhezustand und beherbergt die Auslagerungsdateien auf der Systempartition. Daher, wenn ein Angreifer auf der Partition, auf der sich auch das Originale System (von dem das versteckte System eine Kopie ist) befindet, gespeicherte Dateien analysiert, dann könnte er zum Beispiel herausfinden, dass Sie den VeraCrypt-Assistenten im „Verstecktes System erstellen“-Modus verwendet haben (was auf die Existenz eines Versteckten Betriebssystems auf Ihrem Computer hinweisen könnte).\n\nUm solche Probleme zu vermeiden, wird VeraCrypt in den nächsten Schritten den gesamten Inhalt der Partition (auf der das Originale System ist) sicher löschen. Danach müssen Sie, um die glaubhafte Leugnung zu erhalten, ein neues System auf der Partition installieren und es verschlüsseln. Dadurch werden Sie das Köder-System erstellen und der gesamte Prozess für die Erstellung des Versteckten Betriebssystems wird beendet sein. - Das Versteckte Betriebssystem wurde erfolgreich erstellt. Allerdings, bevor Sie es verwenden können (und Glaubhafte Leugnung erreichen), müssen Sie (mit VeraCrypt) den gesamten Inhalt der Partition (auf der das aktuell ausgeführte Betriebssystem installiert ist) sicher löschen. Sie müssen, bevor Sie dies tun können, den Computer neu starten und im VeraCrypt-Bootloader-Bildschirm (welcher vor dem starten von Windows erscheint) das Prä-Boot-Authentifikationspasswort für das versteckte Betriebssystem eingeben. Nachdem das versteckte System gestartet ist, wird der VeraCrypt-Assistent automatisch gestartet.\n\nHinweis: Wenn Sie den Erstellungsvorgang für das versteckte Betriebssystem jetzt beenden, dann werden Sie den Vorgang NICHT fortsetzen können und das System wird NICHT zugänglich sein (weil der VeraCrypt-Bootloader entfernt wird). - Sie haben den Vorgang zum Erstellen eines Versteckten Betriebssystem geplant. Der Vorgang ist noch nicht abgeschlossen. Sie müssen, um ihn abzuschließen, den Computer neu starten und im VeraCrypt-Bootloader-Bildschirm (welcher erscheint bevor Windows startet) das Passwort für das versteckte Betriebssystem eingeben.\n\nHinweis: Wenn Sie den Erstellungsvorgang des Versteckten Betriebssystems jetzt beenden, dann werden Sie den Vorgang NICHT fortsetzen können. - Starten Sie den Computer neu und setzen Sie fort. - Den Prozess für die Erstellung des Versteckten Betriebssystem dauerhaft abbrechen - Jetzt nichts machen und später wieder fragen - \nWENN MÖGLICH, DIESEN TEXT BITTE AUSDRUCKEN (Unten auf „Drucken“ klicken).\n\n\nWie und Wann man den VeraCrypt-Rettungsdatenträger benutzt (nach der Verschlüsselung)\n-----------------------------------------------------------------------------------\n\n - I. Wie man von dem VeraCrypt-Rettungsdatenträger startet\n\nUm von dem VeraCrypt-Rettungsdatenträger zu starten, legen Sie sie in Ihr CD- bzw. DVD-Laufwerk ein und starten Sie Ihren Computer neu. Wenn der VeraCrypt-Rettungsdatenträger-Bildschirm nicht erscheint (oder wenn „Repair Options“ nicht im Abschnitt „Keyboard Controls“ des VeraCrypt-Rettungsdatenträger-Bildschirms verfügbar ist), ist es möglich, dass Ihr BIOS so konfiguriert ist, dass es zuerst versucht von Festplatte und dann von CD zu starten. In diesem Fall müssen Sie den Computer neu starten und die F2-Taste oder Entf-Taste drücken (sobald Sie einen BIOS-Startbildschirm sehen), bis der BIOS-Einstellungsbildschirm erscheint. Erscheint kein BIOS-Einstellungsbildschirm, so müssen Sie den Computer neu starten und die F2-Taste oder Entf-Taste sofort wiederholt drücken. Wenn der BIOS-Einstellungsbildschirm erscheint, stellen Sie Ihr BIOS so ein, dass es zuerst von CD/DVD bootet (für genauere Informationen lesen Sie bitte in der Bedienungsanleitung Ihres BIOS/Motherboards nach oder kontaktieren Sie den Support Ihres Computerherstellers). Danach starten Sie Ihren Computer neu. Der VeraCrypt-Rettungsdatenträger-Bildschirm sollte jetzt erscheinen. Hier können Sie „Repair Options“ wählen, indem Sie die F8-Taste Ihrer Tastatur drücken.\n\n\n - I. Wie man von dem VeraCrypt-Rettungsdatenträger startet\n\nUm von dem VeraCrypt-Rettungsdatenträger zu starten, legen Sie sie in Ihr CD- bzw. DVD-Laufwerk ein und starten Sie Ihren Computer neu. Wenn der VeraCrypt-Rettungsdatenträger-Bildschirm nicht erscheint (oder wenn „Repair Options“ nicht im Abschnitt „Keyboard Controls“ des VeraCrypt-Rettungsdatenträger-Bildschirms verfügbar ist), ist es möglich, dass Ihr BIOS so konfiguriert ist, dass es zuerst versucht von Festplatte und dann von CD zu starten. In diesem Fall müssen Sie den Computer neu starten und die F2-Taste oder Entf-Taste drücken (sobald Sie einen BIOS-Startbildschirm sehen), bis der BIOS-Einstellungsbildschirm erscheint. Erscheint kein BIOS-Einstellungsbildschirm, so müssen Sie den Computer neu starten und die F2-Taste oder Entf-Taste sofort wiederholt drücken. Wenn der BIOS-Einstellungsbildschirm erscheint, stellen Sie Ihr BIOS so ein, dass es zuerst von CD/DVD bootet (für genauere Informationen lesen Sie bitte in der Bedienungsanleitung Ihres BIOS/Motherboards nach oder kontaktieren Sie den Support Ihres Computerherstellers). Danach starten Sie Ihren Computer neu. Der VeraCrypt-Rettungsdatenträger-Bildschirm sollte jetzt erscheinen. Hier können Sie „Repair Options“ wählen, indem Sie die F8-Taste Ihrer Tastatur drücken.\n\n\n - II. Wann und Wie man den VeraCrypt-Rettungsdatenträger benutzt (nach der Verschlüsselung)\n\n - 1) Wenn der VeraCrypt-Bootloader nicht erscheint (oder wenn Windows nicht startet) kann der VeraCrypt-Bootloader beschädigt sein. Der VeraCrypt-Rettungsdatenträger kann benutzt werden, um den Bootloader zu reparieren und so wieder Zugriff auf das System und die enthaltenen Daten zu erlangen (das korrekte Passwort wird dann jedoch immer noch benötigt). Im Rettungs-CD-Bildschirm wechseln Sie dazu in das „Repair Options“-Menü (mittels F8-Taste) und wählen dann „Restore VeraCrypt Bootloader“. Drücken Sie dann „Y“, um die Aktion zu bestätigen, entfernen Sie den Rettungsdatenträger und starten Sie Ihren Computer neu.\n\n - 2) Wenn Sie wiederholt das korrekte Passwort eingeben, VeraCrypt aber meint, dass es falsch ist, können der Hauptschlüssel oder andere kritische Daten beschädigt sein. Der VeraCrypt-Rettungsdatenträger kann benutzt werden, um diese zu reparieren und so wieder Zugriff auf das System und die enthaltenen Daten zu erlangen (das korrekte Passwort wird dann jedoch immer noch benötigt). Im Rettungs-CD-Bildschirm wechseln Sie dazu in das „Repair Options“-Menü (mittels F8-Taste) und wählen dann „Restore key data“. Geben Sie dann Ihr Passwort ein, drücken Sie „Y“, um die Aktion zu bestätigen, entfernen Sie die Rettungs-CD und starten Sie Ihren Computer neu.\n\n - 3) Wenn der VeraCrypt-Bootloader beschädigt ist können Sie ihn umgehen indem Sie direkt von dem VeraCrypt-Rettungsdatenträger starten. Legen Sie Ihren Rettungsdatenträger ein und geben Sie Ihr Passwort im Rettungsdatenträger-Bildschirm ein.\n\n - 4) Wenn Windows beschädigt ist und nicht starten kann, ermöglicht es der VeraCrypt-Rettungsdatenträger, die Partition/das Laufwerk vor dem Systemstart dauerhaft zu entschlüsseln. Im Rettungsdatenträger-Bildschirm wechseln Sie dazu in das „Repair Options“-Menü (mittels F8-Taste) und wählen dann „Permanently decrypt system partition/ drive“. Geben Sie dann Ihr Passwort ein und warten Sie, bis die Entschlüsselung vollständig abgeschlossen ist. Dann können Sie die Rettungs-CD entfernen und Ihre Windows-Installation mit Hilfe der MS Windows Setup-CD bzw. -DVD reparieren. \n\n - Hinweis: Alternativ können Sie wenn Windows beschädigt ist (nicht starten kann) und Sie es reparieren müssen (oder auf Dateien darauf zugreifen möchten) dies tun ohne die Systempartition/das Systemlaufwerk dauerhaft zu entschlüsseln. 1) Wenn Sie mehrere Betriebssysteme auf Ihrem Computer installiert haben, starten Sie von einem, dass keine Prä-Boot-Authentifikation benötigt. 2) Wenn Sie nicht mehrere Betriebssysteme auf Ihrem Computer installiert haben, können sie eine WinPE oder BartPE CD/DVD einlegen und von dieser starten oder 3) Sie können die Systemfestplatte als zweite oder externe Festplatte an einen anderen Computer anschließen und dann dessen Betriebssystem starten.\nNachdem Sie ein System gestartet haben, starten Sie VeraCrypt. Klicken Sie auf „Datenträger“, wählen Sie die betroffene Systempartition aus und klicken Sie „OK“. Wählen Sie „System“ > „Ohne Prä-Boot-Authentifikation einbinden“, geben Sie Ihr Prä-Boot-Authentifikationspasswort ein und klicken Sie „OK“. Die Partition wird nun als normales VeraCrypt-Volume eingebunden (Daten werden wie üblich sofort im RAM ver- bzw. entschlüsselt).\n\n\n - Bitte beachten Sie, dass es einem Angreifer unmöglich sein wird die Systempartition ohne das korrekte Passwort zu entschlüsseln, selbst wenn er den VeraCrypt-Rettungsdatenträger findet. - \n\nW I C H T I G -- BITTE DIESEN TEXT WENN MÖGLICH AUSDRUCKEN (unten auf „Drucken“ klicken).\n\nHinweis: Dieser Text wird jedes Mal automatisch angezeigt wenn Sie das versteckte System starten, bis Sie beginnen das Köder-System zu erstellen.\n\n\n - Wie man ein Köder-System gefahrlos und sicher erstellt \n----------------------------------------------------------------------------\n\nUm glaubhafte Leugnung (plausible deniability) zu erreichen, müssen sie jetzt ein Köder-System erstellen. Dazu befolgen Sie diese Schritte:\n\n - 1) Aus Sicherheitsgründen müssen Sie Ihren Computer ausschalten und ihn mehrere Minuten ausgeschaltet lassen (je länger, umso besser). Dies ist notwendig um den Speicher zu leeren der sensible Daten enthalten kann. Schalten Sie dann Ihren Computer wieder an, aber starten Sie nicht vom versteckten System aus.\n\n - 2) Installieren Sie Windows auf der Partition dessen Inhalt gelöscht wurde (das heißt auf der Partition auf der das Originalsystem installiert war, dessen Klon das versteckte System ist).\n\nWICHTIG: WENN SIE BEGINNEN DAS KÖDER-SYSTEM ZU INSTALLIEREN WIRD ES *NICHT* MÖGLICH SEIN DAS VERSTECKTE SYSTEM ZU STARTEN (weil der VeraCrypt-Bootloader vom Windows-Systeminstallationsprogramm gelöscht wird). DAS IST NORMAL UND ZU ERWARTEN. BITTE BEWAHREN SIE RUHE. SIE WERDEN DAS VERSTECKTE SYSTEM WIEDER STARTEN KÖNNEN SOBALD SIE BEGINNEN DAS KÖDER-SYSTEM ZU VERSCHLÜSSELN (weil VeraCrypt dann automatisch den Bootloader wieder installieren wird).\n\nWichtig: Die Größe der Köder-Systempartition muss der des versteckten Systems entsprechen (diese Voraussetzung ist jetzt erfüllt). Zudem dürfen Sie keine Partition zwischen der Köder-Systempartition und der Partition des versteckten Systems erstellen.\n\n - 3) Starten sie das Köder-System (das Sie in Schritt 2 installiert haben) und installieren Sie VeraCrypt darauf.\n\nBedenken Sie, dass das Köder-System niemals sensible Daten enthalten darf.\n\n - 4) Starten sie VeraCrypt auf dem Köder-System und wählen Sie „System“ > „System-Partition/Laufwerk verschlüsseln ...“. Der Assistent zum Erstellen eines VeraCrypt-Volumes sollte dann starten.\n\nFühren Sie die folgenden Schritte im Assistent zum Erstellen eines VeraCrypt-Volumes aus.\n\n - 5) Im Assistent zum Erstellen eines VeraCrypt-Volumes wählen sie NICHT die Option „Versteckt“! Lassen Sie die Option „Normal“ selektiert und klicken Sie auf „Weiter“.\n\n - 6) Wählen Sie die Option „Die Windows System-Partition verschlüsseln“; und klicken Sie auf „Weiter“.\n\n - 7) Falls nur das versteckte Betriebssystem und das Köder-System auf dem Computer installiert sind, wählen Sie nun „Ein Betriebssystem“ (wenn mehr als diese beiden Systeme auf dem Computer installiert sind wählen Sie „Mehrere Betriebssysteme“). Klicken Sie dann auf „Weiter“.\n\n - 8) W I C H T I G: SIE MÜSSEN IN DIESEM SCHRITT DEN SELBEN VERSCHLÜSSELUNGSALGORITHMUS UND DEN SELBEN HASH-ALGORITHMUS AUSWÄHLEN, DEN SIE FÜR DIE VERSTECKTE PARTITION GEWÄHLT HABEN! ANDERNFALLS WIRD DAS VERSTECKTE SYSTEM NICHT ZUGREIFBAR SEIN! Anders ausgedrückt: Das Köder-System und das versteckte System müssen gleich verschlüsselt sein. Hinweis: Der Grund dafür ist, dass das Köder-System und das versteckte System sich einen Bootloader teilen werden, was nur einen einzigen, vom Nutzer gewählten, Algorithmus unterstützt (für jeden Algorithmus gibt es eine Extraversion des VeraCrypt-Bootloaders).\n\n - 9) In diesem Schritt wählen Sie ein Passwort für das Köder-Betriebssystem. Dieses Passwort können Sie einem Gegner/Angreifer verraten, wenn Sie dazu gezwungen werden Ihr Prä-Boot-Authentifikationspasswort zu verraten (das andere Passwort, dass Sie verraten können, ist das für das äußere Volume). Die Existenz des dritten Passworts (das Prä-Boot-Authentifikationspasswort für das versteckte Betriebssystem) bleibt geheim.\n\nWICHTIG: Das Passwort, das Sie für das Köder-System wählen, muss sich erheblich von dem für das versteckte Volume (das versteckte Betriebssystem) gewählten Passwort unterscheiden.\n\n - 10) Folgen Sie den weiteren Anweisungen im Assistenten, um das Köder-System zu verschlüsseln.\n\n\n\n - Nachdem das Köder-System erstellt wurde\n------------------------------------------------\n\nNachdem Sie das Köder-System verschlüsselt haben wird der gesamte Prozess ein verstecktes Betriebssystem zu erstellen abgeschlossen sein und Sie werden diese drei Passwörter nutzen können:\n\n1) Das Prä-Boot-Authentifikationspasswort für das versteckte Betriebssystem.\n\n2)Das Prä-Boot-Authentifikationspasswort für das Köder-System.\n\n3) Das Passwort für das äußere Volume.\n\n - Wenn Sie das versteckte Betriebssystem starten möchten, müssen Sie nur das Passwort für das versteckte Betriebssystem im VeraCrypt-Bootloader-Bildschirm eingeben (dieser erscheint nachdem Sie Ihren Computer einschalten oder einschalten).\n\nWenn Sie das Köder-Betriebssystem starten möchten, müssen Sie nur das Passwort für das Köder-System im VeraCrypt-Bootloader-Bildschirm eingeben.\n\nDas Passwort für das Köder-System kann an jede Person ausgegeben werden, die Sie zwingt Ihr Prä-Boot-Authentifikationspasswort zu verraten. Die Existenz des versteckten Volumes (und des versteckten Betriebssystems) bleibt geheim.\n\n - Das dritte Passwort (für das äußere Volume) kann ebenfalls an jede Person ausgegeben werden, die Sie zwingt Ihr Passwort für die erste Partition hinter der Systempartition zu verraten, in dem sich sowohl das äußere Volume als auch das versteckte Volume (mit dem versteckten Betriebssystem) befinden. Die Existenz des versteckten Volumes (und des versteckten Betriebssystems) bleibt geheim.\n\n\n - Wenn Sie das Passwort für das Köder-System einer Person verraten mussten und Sie gefragt werden warum der ungenutzte Speicherplatz der (Köder-)Systempartition zufällige Daten enthält könnten Sie zum Beispiel folgendes Antworten: „Die Partition enthielt zuvor ein mit VeraCrypt verschlüsseltes System aber ich habe das Passwort vergessen (oder das System wurde beschädigt) und musste Windows neu installieren und wieder verschlüsseln.“\n\n\n - Wenn alle Anweisungen befolgt werden und alle Vorkehrungen und Voraussetzungen im Abschnitt „Security Requirements and Precautions Pertaining to Hidden Volumes“ im VeraCrypt-Benutzerhandbuch erfüllt sind, wird es unmöglich sein zu beweisen, dass das versteckte Volume und das versteckte Betriebssystem existieren. Dies trifft auch zu wenn das äußere Volume eingebunden ist oder wenn das Köder-Betriebssystem entschlüsselt oder gestartet ist.\n\nWenn Sie diesen Text speichern oder drucken (wird dringend empfohlen es sei denn Ihr Drucker speichert Kopien gedruckter Dokumente auf seinem internen Speicher) sollten Sie ihn und alle Kopien zerstören nachdem Sie die extra Bootpartition entfernt haben (andernfalls könnte der Text gefunden und ein Rückschluss auf ein verstecktes Betriebssystem gezogen werden).\n\n - WARNUNG: WENN SIE DAS VERSTECKTE VOLUME NICHT ABSICHERN DÜRFEN SIE NICHT AUF DAS ÄUSSERE VOLUME SCHREIBEN! ANDERNFALLS KÖNNEN SIE DAS VERSTECKTE VOLUME (UND DAS DARIN ENTHALTENE VERSTECKTE BETRIEBSSYSTEM) BESCHÄDIGEN UND ÜBERSCHREIBEN! (Informationen wie Sie das versteckte Volume sichern können, finden Sie im VeraCrypt-Benutzerhandbuch im Abschnitt „Protection of Hidden Volumes Against Damage“; Beachten Sie, dass das Köder-System NICHT im äußeren Volume installiert ist.) - Betriebssystem Klonen - In den nächsten Schritten wird VeraCrypt das versteckte Betriebssystem erstellen, indem der Inhalt der Systempartition in das Versteckte Volume kopiert wird (Daten, die kopiert werden, werden „on-the-fly“ (sofort) mit einem Verschlüsselungsschlüssel verschlüsselt, der sich von dem, der für das Köder-System verwendet wird unterscheidet).\n\nBitte beachten Sie, dass der Prozess in der Prä-Boot-Umgebung durchgeführt wird (bevor Windows startet) und es lange dauern kann, um ihn fertigzustellen; mehrere Stunden oder sogar mehrere Tage (abhängig von der Größe der Systempartition und der Leistung Ihres Computers).\n\nSie können den Prozess jederzeit anhalten, Ihren PC ausschalten, neu starten und dann den Prozess fortsetzen. Wenn Sie ihn jedoch unterbrechen, dann muss der gesamte Kopiervorgang des Systems von vorn beginnen (weil sich der Inhalt der Systempartition beim Klonen nicht ändern darf). - Möchten Sie den gesamten Vorgang für die Erstellung des versteckten Betriebssystems abbrechen?\n\nHinweis: Sie werden den Vorgang nicht fortsetzen können wenn Sie ihn jetzt abbrechen. - Möchten Sie den Vortest für die Systemverschlüsselung wirklich abbrechen? - Der VeraCrypt-Systemverschlüsselungsvortest ist fehlgeschlagen. Möchten Sie ihn erneut durchführen?\n\nWenn Sie „Nein“ wählen, wird die Prä-Boot-Authentifikationskomponente deinstalliert.\n\nHinweise:\n\n- Wenn der VeraCrypt-Bootloader vor dem Systemstart nicht nach einem Passwort gefragt hat, ist es möglich, dass das Betriebssystem nicht vom dem Laufwerk aus bootet auf dem es installiert ist. Dies wird nicht unterstützt.\n\n- Wenn Sie einen anderen Verschlüsselungsalgorithmus als AES nutzen und der Vortest fehlgeschlagen ist (und Sie das Passwort eingegeben haben), kann dies durch einen fehlerhaften Treiber verursacht worden sein. Wählen Sie „Nein“ und versuchen Sie erneut die Systemverschlüsselung durchzuführen, diesmal mit dem AES-Verschlüsselungsalgorithmus (welcher die niedrigsten Speichervoraussetzungen hat).\n\n- Weitere mögliche Ursachen und Lösungen finden Sie unter: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - Die Systempartition/das Systemlaufwerk ist offenbar nicht verschlüsselt (weder teilweise noch vollständig). - Ihre Systempartition/Ihr Systemlaufwerk ist verschlüsselt (teilweise oder vollständig).\n\nBitte entschlüsseln Sie Ihre Systempartition/Ihr Systemlaufwerk vollständig bevor Sie fortfahren. Wählen Sie dazu „System“ > „System-Partition/Laufwerk dauerhaft entschlüsseln“ in der Menüleiste des VeraCrypt-Hauptfensters aus. - Wenn die Systempartition/das Systemlaufwerk teilweise oder vollständig verschlüsselt ist, können Sie VeraCrypt nicht downgraden (aber Sie können es aktualisieren oder die selbe Version erneut installieren). - Ihre Systempartition/Ihr Systemlaufwerk wird zurzeit verschlüsselt, entschlüsselt, oder wird anderweitig bearbeitet. Bitte brechen Sie den Vorgang für das Verschlüsseln/Entschlüsseln/Modifizieren ab (oder warten Sie bis dieser abgeschlossen ist), bevor Sie fortfahren. - Eine Instanz des Assistenten für die VeraCrypt-Volume Erstellung läuft gerade und die Ver- bzw. Entschlüsselung der Systempartition/des Laufwerkes wird ausgeführt oder vorbereitet. Bevor Sie fortfahren, warten Sie bitte bis er beendet ist oder schließen ihn. Wenn Sie den Prozess nicht schließen können, dann starten Sie Ihren Computer neu bevor Sie fortfahren. - Der Ver- bzw. Entschlüsselungsvorgang für die Systempartition/für das Laufwerk wurde nicht abgeschlossen. Bitte warten Sie, bis er abgeschlossen ist, bevor Sie fortfahren. - Fehler: Der Verschlüsselungsprozess von der Partition/dem Laufwerk wurde nicht abgeschlossen. Dieser muss zuerst abgeschlossen werden. - Fehler: Der Verschlüsselungsprozess von der Partition/dem Laufwerk wurde nicht abgeschlossen. Dieser muss zuerst abgeschlossen werden.\n\nHinweis: Um den Vorgang fortzusetzen wählen Sie „Volumes“ > „Unterbrochenen Prozess fortsetzen“ in der Menüleiste des VeraCrypt-Hauptfensters. - Das Passwort ist korrekt, VeraCrypt hat erfolgreich den Volume-Header entschlüsselt und festgestellt das dieses Volume ein verstecktes System-Volume ist. Allerdings können Sie den Header eines versteckten System-Volumes auf diese Weise nicht ändern.\n\nUm das Passwort für ein verstecktes System-Volume zu ändern, starten Sie das Betriebssystem welches sich im versteckten Volume befindet und wählen dann „System“ > „Passwort ändern ...“ in der Menüleiste des VeraCrypt-Hauptfensters aus.\n\nUm den Algorithmus für die Headerschlüsselberechnung festzulegen, starten Sie das versteckte Betriebssystem und wählen dann „System“ > „Algorithmus für Headerschlüsselberechnung ändern ...“ aus. - VeraCrypt unterstützt gegenwärtig nicht die Entschlüsselung einer versteckten Systempartition.\n\nHinweis: Wenn Sie die Köder-Systempartition entschlüsseln möchten, dann starten Sie das Köder-System und wählen dann „System“ > „System-Partition/Laufwerk dauerhaft entschlüsseln“ in der Menüleiste des VeraCrypt-Hauptfensters aus. - Fehler: Falscher/Ungültiger Parameter. - Sie haben eine Partition oder ein Laufwerk ausgewählt aber der Assistent den Sie gewählt haben ist nur für Containerdateien geeignet.\n\nMöchten Sie den Assistenten wechseln? - Möchten Sie stattdessen eine VeraCrypt-Containerdatei erstellen? - Sie haben die Systempartition/das Systemlaufwerk (oder die Bootpartition) ausgewählt, aber der gewählte Assistent ist nur für Nicht-Systempartitionen verwendbar.\n\nMöchten Sie eine Prä-Boot-Authentifikation einrichten und die Systempartition/das Systemlaufwerk verschlüsseln (das bedeutet, dass Sie bei jedem Systemstart ein Passwort eingeben müssen)? - Sind Sie sicher, dass die Systempartition/das Systemlaufwerk dauerhaft entschlüsselt werden soll? - Achtung: Wenn Sie dauerhaft die Systempartition/das Systemlaufwerk entschlüsseln, dann werden unverschlüsselte Daten geschrieben.\n\nSind Sie wirklich sicher, dass die Systempartition/das Systemlaufwerk dauerhaft entschlüsselt werden soll? - Sind Sie sicher, dass Sie das folgende Volume dauerhaft entschlüsseln möchten? - ACHTUNG: Falls Sie das VeraCrypt-Volume dauerhaft entschlüsseln, werden die unverschlüsselten Daten auf die Festplatte geschrieben.\n\nSind Sie sicher, dass Sie das ausgewählte Volume dauerhaft entschlüsseln möchten? - WARNUNG: Wenn Sie eine Kaskade von Algorithmen für die Systemverschlüsselung verwenden, können folgende Probleme auftauchen:\n\n1) Der VeraCrypt-Bootloader ist größer als normal. Dies führt dazu, dass dieser zusammen mit dem Backup nicht in den ersten Sektor der Festplatte passt. Falls dieser nun beschädigt wird (passiert des Öfteren mit falsch entworfenen Anti-Raubkopiermaßnahmen von bestimmten Programmen), müssen Sie Ihre VeraCrypt-Notfall-CD verwenden, um das System zu starten oder den Bootloader reparieren zu können.\n\n2) Auf einigen Computern dauert das Fortsetzen nach dem Ruhezustand länger.\n\nDiese potenziellen Probleme können vermieden werden, indem Sie einen nicht kaskadierten Verschlüsselungs-Algorithmus verwenden (wie z.B. AES).\n\nSind Sie sicher, dass Sie den ausgewählten kaskadierten Algorithmus trotzdem verwenden möchten? - Wenn einer der zuvor beschriebenen Probleme auftritt, dann entschlüsseln Sie die Partition/das Laufwerk (wenn es verschlüsselt ist) und versuchen es erneut mit einem nicht kaskadierten Verschlüsselungsalgorithmus zu verschlüsseln (z.B. AES). - ACHTUNG: Aus Sicherheitsgründen sollten Sie VeraCrypt zuerst auf dem Köder-System aktualisieren bevor Sie es auf dem versteckten Betriebssystem aktualisieren.\n\nUm dies zu tun, starten Sie das Köder-System und starten das VeraCrypt-Installationsprogramm in diesem System. Starten Sie danach das versteckte Betriebssystem und starten Sie ebenfalls das VeraCrypt-Installationsprogramm.\n\nHinweis: das Köder-System und das versteckte System teilen sich einen Bootloader. Wenn Sie VeraCrypt nur auf dem versteckten Betriebssystem aktualisieren, enthält das Köder-System unterschiedliche Versionen des VeraCrypt-Treibers und der VeraCrypt-Anwendungen. Solch ein Unterschied kann auf die Existenz eines versteckten Betriebssystems auf dem Computer hinweisen.\n\nMöchten Sie fortfahren? - Die Versionsnummer des VeraCrypt-Bootloaders, der dieses Betriebssystem gestartet hat, unterscheidet sich von der Versionsnummer des VeraCrypt-Treibers (und von den VeraCrypt-Anwendungen) der auf diesem System installiert ist.\n\nSie sollten das VeraCrypt-Installationsprogramm ausführen (dessen Versionsnummer ist die gleiche wie die des VeraCrypt-Bootloaders), um VeraCrypt auf diesem Betriebssystem zu aktualisieren. - Die Versionsnummer des VeraCrypt-Bootloaders der dieses Betriebssystem gestartet hat stimmt nicht mit der Versionsnummer des installierten VeraCrypt-Treibers (und der VeraCrypt-Anwendungen) überein. Bitte beachten Sie, dass ältere Versionen Fehler enthalten können die in neueren Versionen behoben sind.\n\nWenn Sie nicht von dem VeraCrypt-Rettungsdatenträger gestartet haben, sollten Sie VeraCrypt neu installieren oder auf die neueste stabile Version aktualisieren (der Bootloader wird dabei ebenfalls aktualisiert).\n\nWenn Sie von dem VeraCrypt-Rettungsdatenträger gestartet haben, sollten Sie diese aktualisieren („System“ > „Rettungsdatenträger erstellen“). - Der VeraCrypt-Bootloader wurde erfolgreich aktualisiert.\n\nEs wird dringend empfohlen einen neuen Rettungsdatenträger zu erstellen (welcher die aktuelle Version des VeraCrypt-Bootloaders enthält) durch klicken auf „System“ > „Rettungsdatenträger erstellen ...“ nach einem Neustart des Computers. - Der VeraCrypt-Bootloader wurde aktualisiert.\n\nEs wird dringend empfohlen, dass Sie das Köder-Betriebssystem starten und dann einen neuen VeraCrypt-Rettungsdatenträger erstellen (der die neue Version des VeraCrypt-Bootloaders enthält), indem Sie „System“ > „Rettungsdatenträger erstellen ...“ wählen. - Es ist ein Fehler beim Aktualisieren des VeraCrypt-Bootloaders aufgetreten. - VeraCrypt konnte die reale Größe des Systemlaufwerkes nicht ermitteln und folglich wird die Größe, die das Betriebssystem angibt verwendet (welche kleiner sein kann als die reale Größe). Beachten Sie auch, dass dies kein Fehler in VeraCrypt ist. - WARNUNG: Möglicherweise hat VeraCrypt bereits versucht versteckte Sektoren auf diesem Systemlaufwerk zu erkennen. Wenn Sie Probleme während des vorherigen Erkennungsprozesses hatten, so können Sie diese vermeiden, indem Sie diesmal die Erkennung von versteckten Sektoren überspringen. Bedenken Sie dabei, dass VeraCrypt die vom Betriebssystem angegebene Größe verwendet (die vielleicht kleiner ist als die tatsächliche Größe).\n\nBeachten Sie, das Problem wurde nicht wegen eines Fehlers in VeraCrypt verursacht. - Die Erkennung von versteckten Sektoren überspringen (die Größe die das Betriebssystem angibt verwenden) - Nochmals versteckte Sektoren suchen - Fehler: Der Inhalt von mindestens einem Sektor des Laufwerks konnte nicht gelesen werden (zum Beispiel wegen eines Hardware Fehlers).\n\nDer Vorgang der „in-place“-Verschlüsselung kann nur fortgesetzt werden, wenn diese Sektoren wieder lesbar sind. VeraCrypt kann versuchen, diese Sektoren wieder lesbar zu machen, indem sie mit Nullen überschrieben werden (diese werden dann mit verschlüsselt). Beachten Sie dabei bitte, dass alle in den beschädigten Sektoren vorhandenen Daten bei diesem Vorgang verloren gehen. Wenn Sie dies vermeiden möchten, dann können Sie versuchen die beschädigten Daten mit einem Dritt-Anbieter Programm wiederherzustellen.\n\nHinweis: Im Falle eines Hardware Fehlers (im Gegensatz zu beschädigten Daten und Prüfsummenfehlern) könnten die Laufwerke die beschädigten Sektoren intern schützen, so dass die darin enthaltenen Daten unverschlüsselt auf der Festplatte bleiben.\n\nMöchten Sie, dass VeraCrypt die unlesbaren Sektoren mit Nullen überschreibt? - Fehler: Der Inhalt von mindestens einem Sektor des Laufwerks konnte nicht gelesen werden (zum Beispiel wegen eines Hardware Fehlers).\n\nUm den Vorgang fortsetzen zu können, muss VeraCrypt den Inhalt dieser Sektoren verwerfen (der Inhalt wird mit Pseudo-Zufallsinhalten gefüllt). Beachten Sie bitte dass Sie auch versuchen können die beschädigten Daten mit einem Dritt-Anbieter Programm wiederherzustellen.\n\nMöchten Sie, dass VeraCrypt die unlesbaren Sektoren verwirft? - Hinweis: VeraCrypt hat den Inhalt der %I64d nicht lesbaren Sektoren (%s) mit verschlüsselten NULL-Textblöcken ersetzt. - Hinweis: VeraCrypt hat den Inhalt der %I64d nicht lesbaren Sektoren (%s) mit zufälligen Daten ersetzt. - Passwort/PIN eingeben für Token „%s“: - Damit VeraCrypt auf einen Token/Smart Card zugreifen kann, müssen Sie zuerst eine PKCS #11 Software Bibliothek installieren. Diese kann mit dem Gerät ausgeliefert sein o. sie steht zum Herunterladen auf der Webswite des Herstellers oder eines Drittherstellers bereit.\n\nNachdem Sie die Bibliothek installiert haben, können Sie diese durch klicken auf „Wähle Bibliothek ...“ selber wählen oder Sie können diese von VeraCrypt durch klicken auf „Bibliothek automatisch erkennen“ suchen und auswählen lassen (nur das Windows Systemverzeichnis wird durchsucht). - Hinweis: Für den Dateinamen und Speicherort der PKCS #11-Bibliothek, die für Ihren Sicherheitstoken oder Smart Card installiert wurde, lesen Sie bitte die Dokumentation, welche mit dem Token, der Card oder Dritthersteller Software mitgeliefert wurde.\n\nKlicken Sie auf „OK“, um den Pfad und Dateinamen zu wählen. - Um VeraCrypt zu ermöglichen auf einen Sicherheitstoken oder eine Smart-Card zuzugreifen, müssen Sie dafür zuerst eine PKCS #11 Bibliothekssoftware für den Token/die Smart-Card auswählen. Wählen Sie dazu „Einstellungen“ > „Sicherheitstokens ...“. - Die PKCS #11 Sicherheitstoken Bibliothek konnte nicht initialisiert werden.\n\nStellen Sie bitte sicher, dass der angegebene Pfad und Dateiname auf eine gültige PKCS # 11-Bibliothek verweist. Um den Pfad und Dateiname für eine PKCS #11-Bibliothek anzugeben, klicken Sie auf „Einstellungen“ > „Sicherheitstokens“. - Es wurde keine PKCS #11-Bibliothek im Windows Systemverzeichnis gefunden.\n\nBitte stellen Sie sicher, dass eine PKCS #11-Bibliothek für Ihren Sicherheitstoken (oder für Ihre Smart Card) installiert ist (solch eine Bibliothek kann mit dem Token/der Smart Card mitgeliefert sein oder zum Herunterladen auf der Webseite des Herstellers oder von anderen Drittherstellern bereitstehen). Wenn sie in einem anderen Verzeichnis installiert ist als im Windows-Verzeichnis, dann klicken Sie auf „Wähle Bibliothek“, um die Bibliothek anzugeben (z.B. im Ordner in dem die Software für den Token/die Smart Card installiert ist). - Kein Sicherheitstoken gefunden.\n\nBitte stellen Sie sicher, dass Ihr Sicherheitstoken mit Ihrem Computer verbunden ist und der richtige Gerätetreiber für Ihren Sicherheitstoken installiert ist. - Sicherheitstoken Schlüsseldatei nicht gefunden. - Eine Sicherheitstoken Schlüsseldatei mit demselben Namen existiert bereits. - Möchten Sie die ausgewählten Dateien löschen? - Der Pfad für die Security Token Schlüsseldatei ist falsch. - Sicherheitstoken Fehler - Passwort für das Sicherheitstoken ist falsch. - Das Sicherheitstoken hat nicht genug Speicherplatz zur Verfügung um diesen Vorgang durchzuführen.\n\nWenn Sie versuchen eine Schlüsseldatei zu importieren sollten Sie eine kleinere Datei auswählen oder eine von VeraCrypt erstellte Schlüsseldatei benutzen („Extras“ > „Schlüsseldatei(en) generieren“). - Alle offenen Sicherheitstoken Sitzungen wurden geschlossen. - Wähle Sicherheitstoken Schlüsseldateien - Steckplatz - Token Name - Dateiname - WICHTIG: Bitte beachten Sie, dass Prä-Boot-Authentifikationspasswörter stets mit einer Standard US-Tastaturbelegung geschrieben werden. Deshalb kann es unmöglich sein ein Volume, dessen Passwort mit einer anderen Tastaturbelegung erstellt wurde mit einem Prä-Boot-Authentifikationspasswort einzubinden (bitte beachten Sie, dass dies kein VeraCrypt-Fehler ist). Um solch ein Volume mit einem Prä-Boot-Authentifikationspasswort einzubinden, folgen Sie diesen Schritten:\n\n1) Klicken Sie „Datei“ oder „Datenträger“ und wählen Sie das Volume aus.\n2) Wählen Sie „Volumes“ > „Volume-Passwort ändern“.\n3) Geben Sie das derzeitige Passwort für das Volume ein.\n4) Ändern Sie die Tastaturbelegung auf „English (US)“ indem Sie auf das Sprachsymbol in der Windows Taskleiste klicken und „EN English (United States)“ wählen (falls das Symbol nicht angezeigt wird gehen Sie in „Systemsteuerung“ > „Regions- und Sprachoptionen“. Klicken Sie auf „Tastatur ändern“ und wählen Sie „Englisch (US)“).\n5) Geben Sie nun in VeraCrypt das neue Prä-Boot-Authentifikationspasswort ein.\n6) Bestätigen Sie das neue Prä-Boot-Authentifikationspasswort und klicken Sie „OK“.\n7)ACHTUNG: Bitte denken Sie daran, dass das Volume Passwort IMMER mit der US-Tastaturbelegung eingegeben werden muss, wenn Sie diese Schritte befolgen (in der Prä-Boot-Umgebung ist automatisch US-Englisch eingestellt). - Systemfavoriten-Volumes werden mit dem Prä-Boot-Authentifikationspasswort eingebunden. Wenn irgendein Systemfavoriten-Volume ein anderes Passwort nutzt wird es nicht eingebunden. - Bitte beachten Sie: Um zu verhindern, dass normale VeraCrypt-Vorgänge wie „Alle trennen“, „Automatisches Trennen“ usw. störenden Einfluss auf Systemfavoriten-Volumes nehmen, sollten Sie die Option „Nur Administratoren erlauben Systemfavoriten in VeraCrypt zu sehen und zu trennen“ aktivieren. Wenn VeraCrypt ohne Administratorrechte ausgeführt wird (Standard auf Windows Vista und neueren Windows-Versionen) werden Systemfavoriten-Volumes zusätzlich nicht in der Laufwerksliste des VeraCrypt-Anwendungsfenster angezeigt. - WICHTIG: Wenn Sie diese Option aktivieren und VeraCrypt ohne Administratorrechte ausgeführt wird, werden eingebundene Systemfavoriten-Volumes NICHT im VeraCrypt-Anwendungsfenster angezeigt und können nicht getrennt werden. Deshalb müssen Sie VeraCrypt mit Administratorrechten ausführen wenn Sie ein Systemfavoriten-Volume einbinden oder entfernen möchten (Rechtsklick auf das VeraCrypt-Icon im Startmenü und „Als Administrator ausführen“ wählen).\nDieselben Einschränkungen bestehen für die „Alle trennen“ Funktion, die „Alle trennen“ Tastenkürzel, die „Automatisches Trennen“ Funktion usw.. - Bitte beachten Sie, dass diese Änderung erst nach einem Neustart des Betriebssystems in Kraft tritt. - Fehler bei der Syntaxanalyse der Kommandozeile. - Rettungsdatenträger - &Datei wählen und einbinden ... - Laufwerk wä&hlen und einbinden ... - Nur Administratoren erlauben Systemfavoriten in VeraCrypt zu sehen und zu trennen - Systemfavoriten-Volumes einbinden wenn Windows startet (am Anfang der Startphase) - WARNUNG: Das Dateisystem auf dem Volume, eingebunden als „%s“, wurde nicht ordnungsgemäß getrennt und könnte dadurch Fehler enthalten. Das Verwenden eines beschädigten Dateisystems kann zu Datenverlusten bzw. Datenbeschädigungen führen.\n\nHinweis: Bevor Sie ein Laufwerk physikalisch entfernen oder ausschalten (z.B. ein USB-Stick oder eine externe Festplatte), auf denen ein eingebundenes VeraCrypt-Volume ist, so sollten Sie immer zuerst das Volume in VeraCrypt trennen.\n\n\nMöchten Sie das Windows auf dem Dateisystem nach Fehlern sucht und diese behebt (falls vorhanden)? - WARNUNG: Ein oder mehrere Systemfavoriten-Volume(s) wurden nicht sauber getrennt und können Dateisystemfehler enthalten. Bitte prüfen Sie das Systemereignis-Protokoll auf Details.\n\nDie Benutzung eines fehlerhaften Dateisystems kann Datenverfall oder Datenverlust verursachen. Sie sollten die betroffenen Systemfavoriten-Volumes auf Fehler überprüfen (Rechtsklick auf ein Volume und „Dateisystem reparieren“ wählen). - WARNUNG: Die Reparatur eines beschädigten Dateisystems mit dem Microsoft Windows Programm „chkdsk“ kann zum Verlust von Daten in den beschädigten Bereichen führen. Deshalb wird empfohlen, zuerst die Dateien von dem Datenträger in einen anderen, funktionstüchtigen, VeraCrypt-Container zu sichern.\n\nMöchten Sie das Dateisystem nun reparieren lassen? - Das Volume „%s“ wurde schreibgeschützt eingebunden weil Schreibzugriff verweigert wurde.\n\nBitte stellen Sie sicher, dass die Zugriffsrechte der Containerdatei ihnen erlauben darauf zu schreiben (Rechtsklick auf die Containerdatei und „Eigenschaften“ > „Sicherheit“ wählen).\n\n Bitte beachten Sie, dass diese Warnung Aufgrund eines Windowsproblems auch angezeigt werden kann nachdem Sie die Zugriffsrechte korrekt gesetzt haben. Dies wird nicht durch einen Fehler in VeraCrypt verursacht. Eine mögliche Lösung ist es, Ihre Containerdatei in einen anderen Ordner zu verschieben (z.B. in den Ordner „Dokumente“).\n\nWenn Sie Ihr Volume weiterhin schreibgeschützt verwenden möchten, setzten Sie die Zugriffsrechte der Containerdatei entsprechend (Rechtsklick auf die Containerdatei und „Eigenschaften“ > „Schreibgeschützt“ wählen). Dies wird die Warnung unterdrücken. - Das Volume „%s“ wurde schreibgeschützt eingebunden, weil der Schreibzugriff verweigert wurde.\n\nStellen Sie bitte sicher das keine andere Anwendung (z.B. Antivirus Software) auf die Partition/das Laufwerk zugreift, auf welchem sich das Volume befindet. - Das Volume „%s“ wurde nur lesbar eingebunden, da das Betriebssystem den Datenträger als schreibgeschützt meldet.\n\nBitte beachten Sie, dass manche Dritt-Anbieter Chipsatz-Treiber bekannt dafür sind, dass manche Datenträger irrtümlich als schreibgeschützt auftauchen. Dieses Problem wird nicht durch VeraCrypt verursacht. Dieses Problem kann behoben werden, indem Sie die installierten Treiber aktualisieren oder alle nicht-Microsoft Chipsatz-Treiber entfernen. - Bitte beachten Sie, dass die Hyper-Threading-Technik mehrere logische Kerne pro einzelnem physikalischen Prozessorkern zur Verfügung stellt. Wenn Hyper-Threading aktiviert ist entspricht die obige Zahl der Anzahl der logischen Prozessoren/Kerne. - %d Threads - Bitte beachten Sie, dass die AES-Hardwarebeschleunigung ausgeschaltet ist. Dies wird die Benchmarkergebnisse negativ beeinflussen.\n\nUm die Hardwarebeschleunigung zu aktivieren wählen Sie „Einstellungen“ > „Leistung“ und aktivieren Sie die entsprechende Option. - Bitte beachten Sie, dass die Anzahl von Threads derzeit beschränkt ist. Dies wird die Benchmarkergebnisse negativ beeinflussen.\n\nUm das volle Potential der CPU auszunutzen wählen Sie „Einstellungen“ > „Leistung“ und aktivieren Sie die entsprechende Option. - Möchten Sie, dass VeraCrypt versucht, den Schreibschutz der Partition/des Laufwerks aufzuheben? - WARNUNG: Diese Einstellung kann die Leistung verringern.\n\nSind Sie sicher, dass Sie diese Einstellungen vornehmen möchten? - WARNUNG: VeraCrypt-Volume wurde automatisch getrennt. - Bevor Sie ein Gerät mit einem eingebundenen VeraCrypt-Volume entfernen oder ausschalten, sollten Sie immer zuerst das VeraCrypt-Volume trennen.\n\nEine unerwartete plötzliche Trennung wird normalerweise durch versagende Kabel, Festplatten usw. verursacht. - Das Volume wurde mit TrueCrypt %x.%x erstellt, aber VeraCrypt unterstützt nur TrueCrypt-Volumes, die mit TrueCrypt 6.x/7x erstellt wurden. - Test - Schlüsseldatei - Rücktaste - Tab - Clear - Eingabe - Pause - Feststelltaste - Leertaste - Bild auf - Bild ab - Ende - Pos1 - Nach links - Nach oben - Nach rechts - Nach unten - Auswählen - Druck (Print) - Ausführen - Druck (Print Screen) - Einfg - Entf - Anwendungstaste - Standby - Num - Rollen - Zurück (Browser) - Vorwärts (Browser) - Aktualisieren (Browser) - Abbrechen (Browser) - Suchen (Browser) - Favoriten (Browser) - Startseite (Browser) - Ton aus - Lautstärke verringern - Lautstärke erhöhen - Nächster Titel - Vorheriger Titel - Stopp - Wiedergabe/Pause - E-Mail - Medien - Anwendungsstart 1 - Anwendungsstart 2 - Attn - CrSel - ExSel - Wiedergabe - Zoom - Ziffernblock - Umschalt - Strg - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - &PIM beim Zwischenspeichern eines Prä-Boot-Authentifikationspasswortes einbeziehen - PIM beim Zwischenspeichern eines Passwortes einbeziehen - Getrennte Netzlaufwerke zum Einhängen verfügbar machen - Das eingegebene Passwort ist zu lang: Kodiert mit UTF-8 überschreitet es 64 Byte. - Das eingegebene Passwort enthält Unicode-Zeichen, die nicht mit UTF-8 kodiert werden können. - Fehler: Kann eine Systembibliothek nicht laden. - Die auf der Kommandozeile angegebene Volume-Größe ist nicht mit dem gewählten exFAT Dateisystem kompatibel. - Durch Mausbewegungen gesammelte Entropie - Volume-Kennung: - Volume-Kennung - Volume-Kennung zum Einbinden des Favoriten verwenden - Die Volume-Kennung ist ungültig - Mit der angegebenen Kennung wurde kein Volume auf dem System gefunden - Wert in die Zwischenablage kopieren... - Im Prä-Boot-Authentifikationsbildschirm keinen PIM abfragen - WARNUNG: Sie sollten nicht vergessen, dass, wenn Sie diese Option aktivieren, der PIM-Wert unverschlüsselt auf der Festplatte gespeichert wird.\n\nSind Sie sicher, dass Sie diese Option aktivieren möchten? - Der größtmögliche Wert für den PIM (Personal Iterations Multiplier) ist 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Abbrechen + Für &alle Benutzer installieren + Su&chen... + VeraCrypt-Symbol auf dem &Desktop erstellen + Jetzt spenden... + Verknüpft die .hc &Dateierweiterung mit VeraCrypt + &Den Speicherort nach dem Beenden öffnen + VeraCrypt ins &Startmenü eintragen + &Wiederherstellungspunkt erstellen + &Deinstallieren + &Entpacken + &Installieren + VeraCrypt-Einrichtungsassistent + VeraCrypt deinstallieren + &Hilfe + Wählen Sie bitte das Zielverzeichnis für die zu entpackenden Dateien: + Geben Sie das Zielverzeichnis für die Installation der Programmdateien von VeraCrypt an. Falls das Zielverzeichnis nicht existiert, wird es automatisch beim Entpacken angelegt. + Klicken Sie auf „Deinstallieren“, um VeraCrypt von diesem System zu entfernen. + Abbrechen + &Benchmark + &Test + Verschlüsseltes Volume erstellen und formatieren + Partition „in-place“ verschlüsseln + Generierte Schlüssel anzeigen (deren Teile) + Pool-Inhalt anzeigen + Herunterladen einer CD/DVD-Brennsoftware + Eine verschlüsselte Containerdatei erstellen + &GB + &TB + Mehr Informationen + Ver&stecktes VeraCrypt-Volume + Mehr Informationen über versteckte Volumes + Direkter Modus + Kompletter Modus + &KB + Schlüsselda&t. verwenden + Versuche zuerst ohne Passwort einzubinden + Zufällige Größe (64 <-> 1048576) + Schlüsselda&teien... + Infos über Hash-Algorithmen + Weitere Informationen + Informationen zu PIM + &MB + Mehr Informationen + Mehr Informationen über die Systemverschlüsselung + Mehr Informationen + Mehrere Betriebssysteme + Verschlüsselt eine Partition/ein Laufwerk + Verlauf &nicht speichern + Äußeres Volume öffnen + &Pause + P&IM verwenden + PIM verwenden + Schnell-Formatierung + Passwort an&zeigen + &Passwort anzeigen + PIM &anzeigen + Ein Betriebssystem + Standard VeraCrypt-Volume + V&ersteckt + Normal + System-Partition bzw. System-Laufwerk verschlüsseln + Die Windows System-Partition verschlüsseln + Gesamtes Laufwerk verschlüsseln + Assistent zum Erstellen eines VeraCrypt-Volumes + Cluster + WICHTIG: Den Mauszeiger in diesem Fenster zufällig hin und her bewegen. Je länger (min. 30 Sek.) Sie die Maus bewegen, desto besser. Dies trägt zu einer verbesserten Verschlüsselung bei. Klicken Sie dann auf „Weiter“, um fortzufahren. + &Bestätigung: + Fertig + Laufwerksbuchstabe: + Verschlüsselungsalgorithmus + Dateisystem + Erstellt ein verschlüsseltes virtuelles Laufwerk, welches als Datei gespeichert wird. Für Anfänger empfohlen. + Optionen + Hash-Algorithmus + Headerschlüssel: + Rest + Hauptschlüssel: + Diese Option wählen, falls zwei oder mehrere Betriebssysteme auf diesem System installiert sind.\n\nZum Beispiel:\n- Windows 8 und Windows 8\n- Windows 8 und Windows 10\n- Windows und Mac OS X\n- Windows und Linux\n- Windows, Linux und Mac OS X + Verschlüsselt eine Nicht-Systempartition auf internen oder externen Laufwerken (als normales oder verstecktes Volume). + Aktueller Inhalte-Pool (teilweise) + Durchgang + &Passwort: + Volume PIM: + Volume PIM: + Fortschritt: + Zufallswerte: + Diese Option wählen, wenn sich nur ein Betriebssystem auf dem Computer befindet (auch bei mehreren Benutzern). + Geschw. + Status + Die Schlüssel, der Salt-Wert und andere Daten wurden erfolgreich erstellt. Wenn Sie neue Schlüssel erstellen möchten, klicken Sie auf „Zurück“ und dann auf „Weiter“. Andernfalls klicken Sie auf „Weiter“. + Partition/Laufwerk verschlüsseln auf dem Windows installiert ist. Jeder, der Zugang zum System erlangen möchte, muss das korrekte Passwort bei jedem Start von Windows eingeben. Eine Alternative dazu ist das Erstellen eines versteckten Systems. + Wählen Sie diese Option, um die Partition zu verschlüsseln, auf der das derzeit laufende Windows installiert ist. + Volume-Bezeichnung in Windows: + Lösch-Modus: + Schließen + Erlauben, die Prä-Boot-&Authentifikation durch Drücken v. ESC zu überspringen (aktiviert Boot-Manager) + Nichts machen + &VeraCrypt-Volume autom. einbinden (wie unten angegeben) + &VeraCrypt starten + Bibliothek auto&matisch erkennen + &Prä-Boot-Authentifikationspasswort in Treiber-Speicher schr. (zum einbinden v. Nicht-System Volume) + Durchsuchen... + Durchsuchen... + Passwort u. Schlüsseldat. im &Cache halten + &Beenden, wenn alle Vol. getrennt wurden + Token-&Sitzung schließen, nachdem ein Volume erfolgreich eingebunden wurde + Volume-Erweiterer hinzufügen + Assistent für die Erstellung von VeraCrypt-Volumes hinzufügen + Erstellen + Volume &erstellen + Keine Texte im Prä-Boot-Authentifikationsbildschirm &anzeigen (außer die unten definierte Nachricht) + Deaktiviert Erkennung von „Evil Maid“ Angriffen + AES-Verschlüsselung beschleunigen durch Nutzung der AES-Befehle des Prozessors (falls unterstützt) + Sch&lüsseldateien verw. + Schlüsselda&teien verw. + &Beenden + Hilfe zu Favoriten-Volumes + Ausgewähltes Volume nicht einbinden, wenn die „Favoriten einbinden“-&Tastenkombination gedrückt wird. + Ausgewähltes Volume einbinden, wenn sein &Host-Gerät angeschlossen wird + Ausgewähltes Volume beim &Anmelden einbinden + Ausgewähltes Volume &schreibgeschützt einbinden + Ausgewähltes Volume als &Wechselmedium einbinden + Nach &oben + Nach &unten + Explorer-&Fenster für das gewählte Volume öffnen, wenn es erfolgreich eingebunden wurde + &Entfernen + Bezeichnung des gewählten Volumes für Explorer verwenden + Globale Einstellungen + Nach erfolgreichem Trennen per Tastenkürzel ein Benachrichtigungsfenster anzeigen + Nach erfolgreichem Trennen per Tastenkürzel den Systembenachrichtigungston abspielen + Alt + Strg + Umschalt + Win + Zuweisen + Aufheben + &Schlüsseldat... + Diese Anzahl von Prozessoren NICHT für Ver-/Entschlüsselung nutzen: + Mehr Informationen + Mehr Informationen + Mehr Einstellungen... + &Alle Datentr. einbinden + &Optionen... + Als schreib&geschütztes Laufwerk einbinden + Schlüssel&dat... + (Leer oder 0 für vordefinierte Iterationen) + (Leer oder 0 für vordefinierte Iterationen) + &Aktiv + Passwörter im &Cache halten + Bei ausbleibendem Lese-/Schreibzugriff aut&omatisch trennen nach + Benutzerabmel&dung + Benutzersitzung gesperrt + Wechsel in Energiesparmod&us + Bildsc&hirmschonerstart + Automatisches Trennen bei geöffneten Date&ien erzwingen + Alle Datenträger-&Volumes einbinden + Starte VeraCrypt Hintergrund Task + Nur &schreibgeschützt einbinden + Als &Wechselmedium einbinden + Explo&rer-Fenster für erfolgreich eingebundenes Volume öffnen + Temporäres Cache-Passwort während Operationen zum „Volume-Favoriten einbinden“ + Ein anderes Taskleistensymbol benutzen, wenn Volumes eingebunden sind + Passwörter im Cache beim auto&matischen Trennen sicher löschen + Cache beim Beenden sicher &löschen + Änderungszeiten von Containerdateien erhalten + Zu&rücksetzen + Datent&räger... + &Datei... + Wähle &Bibliothek... + Passwort anze&igen + Passwort an&zeigen + &Explorer-Fenster für eingebundenes Volume öffnen + Passwort im Cache halten + TrueCrypt-Modus + A&lle trennen + Eigenscha&ften... + Vol.-&Operationen... + &Cache sicher löschen + VeraCrypt – Parameter beim Einbinden + VeraCrypt – Favoriten-Volumes + VeraCrypt – systemweite Tastenkombinationen + VeraCrypt + Passwort oder Schlüsseldateien ändern + Passwort für VeraCrypt-Volume eingeben + VeraCrypt – Leistungseinstellungen und Treibereinstellungen + VeraCrypt – Voreinstellungen + VeraCrypt – Einstellungen der Systemverschl. + VeraCrypt – Sicherheitstoken-Einstellungen + VeraCrypt Traveler Disk Installation + Eigenschaften des VeraCrypt-Volumes + &Infos über VeraCrypt + Schlüssel&dateien dem/vom Volume hinzufügen/entfernen... + Eingebundenes Volume zu Favoriten hinzufügen... + Eingebundenes Volume zu Systemfavoriten hinzufügen. .. + Einen Systemabsturz analysieren... + Volume-Header s&ichern... + &Benchmark-Test... + Algorithmus für &Headerschlüsselberechnung ändern... + Volume-&Passwort ändern... + Algorithmus für Headerschlüsselberechnung ändern... + Passwort ändern... + Volume-Ve&rlauf löschen + Alle Sicherheitstoken-Sitzungen schließen + &Kontakt + Verstecktes Betriebssystem erstellen... + Rettungsdatenträger erstellen... + &Neues Volume erstellen... + Dauerhaft entschlüsseln... + &Standardschlüsseldateien... + Standardparameter beim Einbinden... + Jetzt spenden... + System-Partition/Laufwerk verschlüsseln... + Häufig gestellte &Fragen (FAQ) + &Benutzerhandbuch + Webseite + &Tastenkombinationen... + &Schlüsseldatei(en) generieren + &Sprache... + &Lizenzvereinbarung + Sicherheitstoken-Schlüsseldateien verwalten... + &Alle Datenträger-Volumes automatisch einbinden + &Favoriten einbinden + Ohne Prä-Boot-&Authentifikation einbinden... + Volume &einbinden + Volume einbinden (mit &Optionen) + &Neuigkeiten + Online-&Hilfe + &Anleitung für Anfänger + Favoriten-Volumes Einstellungen... + Systemfavoriten-Volumes Einstellungen... + Leistung/Treiberkonfiguration + System-Partition/Laufwerk dauerhaft entschlüsseln + &Voreinstellungen... + &Laufwerksbuchstaben aktualisieren + &Alle Schlüsseldateien vom Volume entfernen... + Volume-Header &wiederherstellen... + Unterbrochenen Prozess fortsetzen + Datent&räger oder Partition auswählen... + &Datei auswählen... + Unterbrochenen Vorgang fortsetzen + Systemverschlüsselung... + Eigenschaften... + Einstellungen... + Systemfavoriten-Volumes... + &Downloads + &Testvektoren... + Sicherheitstokens... + Traveler Disk Installation... + A&lle Volumes trennen + Volume &trennen + Rettungsdatenträger überprüfen + ISO-Abbild von Rettungsdatenträger überprüfen + &Versionsverlauf + Volume-Erweiterer + E&igenschaften des VeraCrypt-Volumes + VeraCrypt-Volume &erstellen + VeraCrypt-&Webseite + &Passwort-Cache sicher löschen + OK + Hardwarebeschleunigung + Tastenkombination + Autostart-Konfiguration (autorun.inf) + Automatisches Trennen + Alle Volumes trennen bei: + Bootloader-Bildschirm Optionen + Passwort bestätigen: + Momentan + Zeige diese benutzerdefinierte Nachricht im Prä-Boot-Authentifikationsbildschirm an (max. 24 Zeichen): + Voreinstellungen beim Einbinden + Einstellungen für Tastenkombinationen + Treiberkonfiguration + Unterstützung für erweiterte Plattensteuercodes aktivieren + Bezeichnung des gewählten Favoriten-Volumes: + Dateieinstellungen + Taste: + Der Prozessor in diesem Computer unterstützt Hardwarebeschleunigung für AES: + Durchzuführende Aktionen nach Benutzeranmeldung + Minuten + Laufwerksbuchstabe: + Einstellungen beim Einbinden + Neu + Passwort: + Thread-basierte Parallelisierung + Pfad der PKCS #11 Bibliothek + PKCS-5 PRF: + PKCS-5 PRF: + Passwort-Cache (im Speicher des VeraCrypt-Treibers) + Sicherheitsoptionen + VeraCrypt-Hintergrunddienst + VeraCrypt-Volume einbinden (relativ zum Traveler-Disk Verz.): + Beim Anschließen einer Traveler Disk: + Erstelle die Traveler Disk Dateien in (Traveler Disk Stammverzeichnis): + Volume + Windows + &Pfad... + &Auto-Test für alle + &Fortsetzen + &Entschlüsseln + &Löschen + &Verschlüsseln + &Exportieren... + Schlüsseldatei(en) &erstellen und speichern + Schlüsseldatei(en) &generieren + Sprachpaket herunterladen + Hardwarebeschleunigtes AES: + &Schl.dateien auf den Token importieren... + Dateien &hinzuf. + Schlüsselda&teien verw. + &Schlüsseldat... + Ent&fernen + &Alle entfernen + Was bedeutet „Schützen von verstecktem Volume“? + Mehr Infos zu Schlüsseldateien + Als &Wechselmedium einbinden + Partition mit &Systemverschl. ohne Prä-Boot-Authentifikation einbinden + Parallelisierung: + Test + &Drucken + Verstecktes Volume vor &Beschädigung durch äußeres Volume schützen + &Zurücksetzen + Passwort an&zeigen + &Token/SmartCard + Wenn verfügbar, im Volume eingebettete Header-Sicherung verwenden + XTS Modus + Über VeraCrypt + VeraCrypt – Benchmark-Test für Verschlüsselungsalgorithmen + VeraCrypt – Testvektoren + Hilfe für Kommandozeilenparameter + VeraCrypt – Schlüsseldateien + VeraCrypt – Schlüsseldatei(en) aus Zufallswerten erstellen + VeraCrypt – Sprache + VeraCrypt – Einstellungen beim Einbinden + Neue Sicherheitstoken-Schlüsseldateien-Eigenschaften + VeraCrypt – Verbesserung des Zufallszahlen-Generators + Datenträger oder Partition auswählen + VeraCrypt + Sicherheitstoken-Schlüsseldateien + Sicherheitstoken-Passwort/PIN benötigt + Momentanes Sprachpaket + Die Leistung hängt von der CPU-Last und von der Charakteristik des Speichergerätes ab.\n\nAlle Tests werden im RAM durchgeführt. + Speichergröße: + Blockchiffre: + &Passwort des versteckten Volumes (Cache falls leer): + Verstecktes Volume schützen + Schlüsselgröße: + WICHTIG: Den Mauszeiger in diesem Fenster zufällig hin u. her bewegen. Je länger (min. 30 Sek.) Sie die Maus bewegen desto besser. Dies trägt zu einer verbesserten Verschlüsselung bei. + WARNUNG: Ein Volume kann nicht mehr eingebunden werden, wenn eine der Schlüsseldateien fehlt oder in den ersten 1024 KB verändert wurde! + Bit + Anzahl der Schlüsseldateien: + Schlüsseldateigröße (in Byte): + Name der Schlüsseldatei(en): + Übersetzt von: + Klartextgröße: + Bit + Momentaner Pool-Inhalt: + &PRF: + WICHTIG: Den Mauszeiger in diesem Fenster zufällig hin und her bewegen. Je länger (min. 30 Sek.) Sie die Maus bewegen desto besser. Dies trägt zu einer verbesserten Verschlüsselung bei. Klicken Sie auf „Weiter“, um mit dem Vorgang fortzufahren. + Sekundärer Schlüssel (hexadezimal) + Sicherheitstoken: + Sortiermethode: + Bitte warten. Dieser Vorgang kann sehr lange dauern... + Bitte warten...\nDieser Prozess kann sehr lange dauern und VeraCrypt kann vorübergehend hängen bleiben. + Block Nummer: + Chiffretext (hexadezimal) + Dateneinheit-Nummer (64-bit hexadezimal, die Größe einer Dateneinheit beträgt 512 Byte) + Schlüssel (hexadezimal) + Klartext (hexadezimal) + Schlüsseldatei-Name: + XTS-Modus + S&ystem + &Volumes + Favor&iten + E&xtras + Einstellun&gen + &Hilfe + Web&seite + + &Über VeraCrypt ... + Das Schreibschutzattribut des alten Volumes konnte nicht geändert werden. Überprüfen Sie bitte die Dateizugriffsrechte. + Fehler: Zugriff verweigert.\n\nDie Partition ist entweder 0 Sektoren groß, oder es handelt sich um die Bootpartition. + Administrator + Zum Laden des VeraCrypt-Treibers müssen Sie als Benutzer mit Administratorrechten angemeldet sein. + Zum Verschlüsseln/Entschlüsseln/Formatieren eines Datenträgers oder einer Partition müssen Sie als Benutzer mit Administratorrechten angemeldet sein.\n\nDiese Einschränkung gilt nicht für VeraCrypt-Volumes in Containerdateien. + Zum Erstellen eines versteckten Volume müssen Sie als Benutzer mit Administratorrechten angemeldet sein.\n\nFortsetzen? + Um das Volume mit NTFS/exFAT zu formatieren, müssen Sie als Benutzer mit Administratorrechten angemeldet sein.\n\nFür das Formatieren mit FAT werden keine Administratorrechte benötigt. + Von der FIPS genehmigte Blockchiffre (Rijndael, 1998 veröffentlicht), die zur Verwendung in U.S. amerikanischen Ministerien und Behörden zugelassen ist, um vertrauliche Informationen bis zur Geheimhaltungsstufe „Top Secret“ zu schützen. 256-bit Schlüssellänge, 128-bit Blockgröße, 14 Runden (AES-256). Arbeitet im XTS-Modus. + Das Volume ist bereits eingebunden. + WARNUNG: Mindestens ein Verschlüsselungs- oder Hash-Algorithmus hat die automatischen Selbsttests nicht bestanden.\n\nDie VeraCrypt-Installation ist möglicherweise beschädigt. + WARNUNG: Es befinden sich nicht genügend Daten im Pool des Zufallszahlengenerators, um die angeforderte Anzahl von Zufallswerten zu erzeugen.\n\nBrechen Sie die Operation bitte ab und melden Sie diesen Fehler (Menüpunkt „Kontakt“ im Hilfemenü). + Das Laufwerk ist beschädigt (physischer Defekt), ein Kabel ist beschädigt oder der Speicher ist defekt.\n\nBeachten Sie bitte, dass es ein Problem mit Ihrer Hardware gibt, nicht mit VeraCrypt. Melden Sie diesen Fehler/das Problem deshalb bitte NICHT VeraCrypt und suchen Sie keine Hilfe in den VeraCrypt-Foren. Für Unterstützung kontaktieren Sie bitte Ihren Hardware-Hersteller. Vielen Dank.\n\nHinweis: Wenn der Fehler wiederholt an gleicher Stelle auftritt, so liegt es möglicherweise an einem fehlerhaften Datenträger-Block, der vielleicht durch Fremdanbietersoftware korrigiert werden kann (beachten Sie, dass in vielen Fällen der Befehl „chkdsk /r“ ihn nicht korrigiert, da dies nur auf Dateisystemebene funktioniert; in einigen Fällen kann das „chkdsk“-Programm dies nicht feststellen). + Falls Sie auf ein Laufwerk für Wechselmedien zugreifen möchten, stellen Sie bitte sicher, dass sich ein Wechselmedium in diesem Laufwerk befindet. Das Laufwerk oder das Wechselmedium könnten auch beschädigt sein (physischer Defekt) oder ein Kabel könnte beschädigt oder nicht richtig verbunden sein. + Ihr System verwendet scheinbar modifizierte Chipsatz-Treiber mit einem Bug, der die Komplettverschlüsselung verhindert.\n\nBitte versuchen Sie alle modifizierten (nicht-Microsoft) Chipsatz-Treiber zu aktualisieren oder zu deinstallieren, bevor Sie fortfahren. Falls dies nicht hilft, können Sie versuchen, lediglich die Systempartition zu verschlüsseln. + Ungültiger Laufwerksbuchstabe. + Ungültiger Pfad. + Abbrechen + Datenträger ist nicht lesbar. Stellen Sie bitte sicher, dass der Datenträger vorhanden ist und dass dieser nicht vom System verwendet wird. + WARNUNG: Die Feststelltaste ist gedrückt. Dies führt möglicherweise zu einer falschen Passworteingabe. + Volume-Typ + Es kann vorkommen, dass Sie von jemandem gezwungen werden das Passwort für ein Verschlüsseltes Volume zu verraten. Es gibt viele Situationen, in denen Sie sich nicht weigern können, das Passwort herauszugeben (z.B. Erpressung). Mit Hilfe eines sogenannten versteckten Volumes müssen Sie in solchen Situationen das Passwort ihres (versteckten) Volumes nicht herausgeben. + Diese Option zum Erstellen eines normalen VeraCrypt-Volume wählen. + Bitte beachten Sie, dass das gesamte Systemlaufwerk nicht mit einem einzelnen Schlüssel verschlüsselt werden kann, wenn Sie möchten, dass ein Betriebssystem in ein verstecktes partitionsbasiertes Volume installiert wird. + Verschl.-Methode des äußeren Vol. + Verschl.-Methode des versteckten Vol. + Verschlüsselungseinstellungen + WARNUNG: Die Pfadinformation des zuletzt ausgewählten Volumes bzw. der zuletzt ausgewählten Schlüsseldatei konnte nicht gelöscht werden (diese Information wird vom Dateiauswahlfenster gespeichert). + Fehler: Das Volume wurde auf Dateisystemebene komprimiert. Komprimierte Volumes werden nicht von VeraCrypt unterstützt (die Kompression von verschlüsselten Daten ist ineffektiv und redundant).\n\nEntfernen Sie das Komprimierungsattribut bitte wie folgt: 1. Rechtsklick auf Container-Datei innerhalb des Windows-Explorers (nicht in VeraCrypt) 2. „Eigenschaften“ auswählen 3. Im „Eigenschaften“-Dialogfenster auf „Erweitert ...“ klicken 4. Im „Erweiterte Attribute“-Dialogfenster die Option „Inhalt komprimieren, um Speicherplatz zu sparen“ deaktivieren und auf „OK“ klicken 5. Im „Eigenschaften“-Dialogfenster auf „OK“ klicken + Volume %s konnte nicht erstellt werden + Die Größe von %s ist %.2f Byte + Die Größe von %s ist %.2f KB + Die Größe von %s ist %.2f MB + Die Größe von %s ist %.2f GB + Die Größe von %s ist %.2f TB + Die Größe von %s ist %.2f PB + WARNUNG: Der Datenträger bzw. die Partition wird bereits vom Betriebssystem oder von Anwendungen benutzt! Das Formatieren des Datenträgers bzw. der Partition kann zu Datenbeschädigung und Systeminstabilität führen.\n\nDennoch mit dem Formatieren beginnen? + WARNUNG: Die Partition wird vom Betriebssystem oder von einer Anwendung verwendet. Sie sollten jede Anwendung, die möglicherweise die Partition verwendet, schließen (einschließlich Anti-Viren Software).\n\nFortfahren? + Fehler: Der Datenträger bzw. die Partition enthält ein Dateisystem das nicht ausgehängt werden konnte. Das Dateisystem wird möglicherweise vom Betriebssystem verwendet. Das Formatieren würde sehr wahrscheinlich Daten beschädigen und zu Systeminstabilität führen.\n\nEmpfehlungen zur Behebung des Problems: Zuerst die Partition löschen und anschließend die Partition ohne Formatierung neu erstellen.\n\n1) Im Startmenü Rechtsklick auf das „Computer“-Icon (oder „Arbeitsplatz“-Icon) und „Verwalten“ auswählen. Danach müsste das Fenster „Computerverwaltung“ erscheinen.\n2) „Datenspeicher“ > „Datenträgerverwaltung“ im Fenster „Computerverwaltung“ auswählen.\n3) Rechtsklick auf die zu verschlüsselnde Partition und entweder „Partition löschen ...“, „Volume löschen ...“ oder „Logisches Laufwerk löschen ...“ auswählen.\n4) Auf „Ja“ klicken. Sollte Windows zum Neustart des Rechners auffordern, dieser Aufforderung folgen, die Schritte 1 und 2 wiederholen, und mit Schritt 5 fortsetzen.\n5) Rechtsklick auf den als „nicht zugeordnet“/„Freier Speicherplatz“ bezeichneten Bereich und entweder „Neue Partition ...“, „Neues einfaches Volume ...“, oder „Neues logisches Laufwerk ...“ auswählen.\n6) Den Anweisungen des daraufhin erscheinenden „Assistent zum Erstellen neuer Partitionen“- bzw. „Assistent zum Erstellen neuer einfacher Volumes“-Fensters folgen. Auf der Seite „Partition formatieren“ des Assistenten, entweder „Diese Partition nicht formatieren“ oder „Dieses Volume nicht formatieren“ auswählen. Anschließend auf „Weiter“ und danach auf „Fertig stellen“ klicken.\n7) Der Name des in VeraCrypt ausgewählten Datenträgers bzw. der Partition ist jetzt u. U. falsch. Schließen Sie deshalb den Assistenten zum Erstellen von VeraCrypt-Volume (falls dieser noch offen ist) und starten Sie den Assistenten neu.\n8) Versuchen Sie erneut den Datenträger bzw. die Partition zu verschlüsseln.\n\nSollte sich VeraCrypt erneut weigern den Datenträger bzw. die Partition zu verschlüsseln, so könnten Sie stattdessen auch die Erstellung eines Containerdatei-Volume in Betracht ziehen. + Fehler: Das Dateisystem konnte nicht gesperrt und/oder getrennt werden. Es könnte vom Betriebssystem oder von Programmen verwendet werden (z.B. Backup-Software oder Virenscanner). Die Verschlüsselung der Partition könnte Daten beschädigen oder das System instabil werden lassen.\n\nBitte schließen Sie jede Anwendung, die möglicherweise die Partition verwendet (einschließlich Anti-Viren Software), und versuchen Sie es erneut. Wenn dies nicht hilft, folgen Sie bitte den unten stehenden Schritten. + WARNUNG: Einige der angeschlossenen Datenträger bzw. Partitionen werden bereits verwendet!\n\nDas Ignorieren dieser Meldung kann zu unerwünschten Ergebnissen einschließlich einer Systeminstabilität führen.\n\nEs wird dringend empfohlen alle Anwendungen, die möglicherweise diese Datenträger bzw. Partitionen verwenden, zu schließen. + Der ausgewählte Datenträger enthält Partitionen!\n\nDas Formatieren des Datenträgers könnte zu Systeminstabilitäten und/oder Datenbeschädigung führen. Bitte wählen Sie stattdessen eine Partition auf diesem Datenträger aus oder entfernen Sie sämtliche Partitionen vom Datenträger, damit VeraCrypt den Datenträger sicher formatieren kann. + Das ausgewählte Nicht-Systemlaufwerk enthält Partitionen.\n\nVerschlüsselte Laufwerkbasierte VeraCrypt-Volumes können auf Laufwerken erstellt werden die keine Partitionen enthalten (einschließlich Festplatten und Solid-State-Laufwerken). Ein Laufwerk, das Partitionen enthält kann nur vollständig „in-place“ verschlüsselt werden (Verwendung eines Hauptschlüssels), wenn es das Laufwerk ist auf dem Windows installiert ist und von dem es startet.\n\nWenn Sie das ausgewählte Nicht-Systemlaufwerk mit einem Hauptschlüssel verschlüsseln möchten, dann müssen Sie zuerst alle Partitionen auf dem Laufwerk löschen damit VeraCrypt es sicher formatieren kann (Formatieren eines Laufwerkes, das Partitionen enthält, kann Systeminstabilität und/oder Datenbeschädigung hervorrufen). Alternativ können Sie jede Partition auf dem Laufwerk individuell verschlüsseln (jede Partition wird mit einem anderen Hauptschlüssel verschlüsselt).\n\nHinweis: Wenn Sie alle Partitionen von einem GPT-Datenträger löschen möchten, dann müssen Sie es in einen MBR-Datenträger umwandeln (z.B. mit dem Computerverwaltungsprogramm), um versteckte Partitionen zu löschen. + WARNUNG: Wenn Sie das gesamte Gerät verschlüsseln (im Gegensatz zu einer Partition auf dem Gerät), wird das Betriebssystem dieses Gerät als neu, leer und unformatiert erkennen (da es keine Partitionstabelle enthalten wird). Das kann dazu führen, dass das Gerät vom System spontan initialisiert wird (oder dass Sie gefragt werden ob Sie das Gerät initialisieren möchten), was das Volume beschädigen kann. Außerdem wird es nicht möglich sein, das Volume beständig als Favorit einzubinden (z.B. wenn sich der Laufwerksbuchstabe ändert) oder ihm eine Favoriten-Volume Bezeichnung zuzuweisen.\n\nUm diese Probleme zu vermeiden, sollten Sie erwägen eine Partition auf dem Gerät zu erstellen und diese zu verschlüsseln.\n\nSind Sie sicher, dass Sie das gesamte Gerät verschlüsseln möchten? + WICHTIG: Bitte beachten Sie, dass dieses Volume NICHT mit dem derzeit zugewiesenen Laufwerksbuchstaben %c: eingebunden werden kann!\n\nUm das Volume einzubinden, klicken Sie „Alle Datentr. einbinden“ im Hauptfenster von VeraCrypt (alternativ können Sie auch im Hauptfenster „Datenträger..“ auswählen, diese(n) Partition/Datenträger wählen und „Einbinden“ klicken). Dem Volume wird dann ein neuer Laufwerksbuchstabe zugewiesen den Sie aus der Liste im Hauptfenster auswählen.\n\nDer vorherige Laufwerksbuchstabe %c: sollte nur benutzt werden wenn Sie die Verschlüsselung von der Partition/dem Datenträger entfernen möchten (z.B. wenn Sie keine Verschlüsselung mehr benötigen). In diesem Fall wählen Sie das Laufwerk %c: in der „Computer“ oder „Mein Computer“ Liste mit Rechtsklick aus und wählen Sie „Formatieren“. Ansonsten sollte der Laufwerksbuchstabe %c: nie benutzt werden (außer Sie entfernen ihn und weisen ihn einer anderen Partition oder einem anderen Datenträger zu; Siehe VeraCrypt FAQ). + Die In-Place Verschlüsselung eines Nicht-Systemlaufwerks wird nicht von Ihrem Betriebssystem unterstützt (nur von Windows Vista oder neuer).\n\nDer Grund dafür ist, dass die aktuell laufende Version nicht das Verkleinern eines Dateisystems beherrscht (Das Dateisystem muss verkleinert werden, um Platz für den Volume-Header und den Backup-Header zu schaffen). + Die ausgewählte Partition scheint kein NTFS-Dateisystem zu enthalten. Nur Partitionen die ein NTFS-Dateisystem enthalten, können „in-place“ verschlüsselt werden.\n\nHinweis: Der Grund hierfür ist, dass Windows das Verkleinern von anderen Dateisystemtypen nicht unterstützt. (das Dateisystem muss verkleinert werden, um Platz für den Volume-Header und den Backup-Header zu schaffen). + Die ausgewählte Partition scheint kein NTFS-Dateisystem zu enthalten. Nur Partitionen die ein NTFS-Dateisystem enthalten können „in-place“ verschlüsselt werden.\n\nWenn sie ein Verschlüsseltes VeraCrypt-Volume innerhalb dieser Partition erstellen möchten, dann wählen Sie die Option „Verschlüsseltes Volume erstellen und formatieren“ (anstelle der Option „Partition „in-place“ verschlüsseln“). + Fehler: Die Partition ist zu klein. VeraCrypt kann es nicht „in-place“ verschlüsseln. + Um die Daten auf dieser Partition zu verschlüsseln, gehen Sie bitte wie folgt vor:\n\n1) Erstellen Sie ein VeraCrypt-Volume auf einer leeren Partition/einem leeren Laufwerk und binden es ein.\n\n2) Kopieren Sie alle Dateien aus der Partition, die Sie ursprünglich verschlüsseln wollten, in das eingebundene Volume (dieses wurde im Schritt 1 erstellt). Auf diese Weise erstellen Sie eine von VeraCrypt verschlüsselte Sicherung der Daten.\n\n3) Erstellen Sie ein VeraCrypt-Volume auf der Partition, die Sie ursprünglich verschlüsseln wollten und stellen sicher, dass Sie (im VeraCrypt Assistenten) die Option „Verschlüsseltes Volume erstellen und formatieren“ wählen (anstelle der Option „Partition „in-place“ verschlüsseln“). Beachten Sie, dass alle Daten auf der Partition gelöscht werden. Nachdem das Volume erstellt ist, binden Sie es ein.\n\n4) Kopieren Sie alle Dateien von dem eingebundenen VeraCrypt-Sicherungs-Volume (erstellt und eingebunden im ersten Schritt) in das eingebundene VeraCrypt-Volume, dass im dritten Schritt erstellt (und eingebunden) wurde.\n\nNachdem Sie die Schritte abgeschlossen haben, sind die Daten verschlüsselt und zusätzlich gibt es eine verschlüsselte Sicherung der Daten. + VeraCrypt kann nur eine Partition, ein Dynamisches Volume oder ein ganzes Systemlaufwerk „in-place“-verschlüsseln.\n\nWenn Sie ein Verschlüsseltes VeraCrypt-Volume innerhalb des ausgewählten Nicht-Systemlaufwerkes erstellen möchten, dann wählen Sie die Option „Verschlüsseltes Volume erstellen und formatieren“ (anstelle der Option „Partition „in-place“ verschlüsseln“). + Fehler: VeraCrypt kann nur eine Partition, ein dynamisches Volume oder ein ganzes Systemlaufwerk „in-place“ verschlüsseln. Stellen Sie bitte sicher, dass der angegebene Pfad korrekt ist. + Fehler: Kann das Dateisystem nicht verkleinern (das Dateisystem muss verkleinert werden, um Platz für den Volume-Header und den Backup-Header zu schaffen).\n\nMögliche Ursachen und Lösungen:\n\n- Nicht genügend freier Speicher auf dem Datenträger. Bitte stellen Sie sicher, dass keine Anwendung auf den Datenträger schreibt.\n\n- Beschädigtes Dateisystem. Überprüfen Sie es und beheben Sie die Fehler (Rechtsklick auf das entsprechende Laufwerk im „Arbeitsplatz“, dann auf „Eigenschaften“. Dort wählen Sie „Extras“ und „Jetzt prüfen“ aus. Stellen Sie sicher, dass die Option „Dateisystemfehler automatisch korrigieren“ markiert ist.\n\nWenn die obigen Anweisungen nicht funktionieren, folgen Sie bitte den unten aufgeführten Schritten. + Fehler: Auf dem angegebenen Laufwerk ist nicht genügend Speicher frei, um das Laufwerk zu verkleinern (das Dateisystem muss verkleinert werden, um Platz für den Volume-Header und den Backup-Header zu schaffen).\n\nBitte löschen Sie nicht benötigte Dateien und leeren Sie den Papierkorb, um mindestens 256 KB freien Speicherplatz zu schaffen und versuchen Sie es anschließend erneut. Beachten Sie bitte, dass auf Grund eines Fehlers von Windows die Menge des freien Speichers (angezeigt im Windows Explorer) falsch sein kann, bis das System neu gestartet wurde. Wenn selbst ein Neustart des Systems nicht hilft, könnte das Dateisystem beschädigt sein. Überprüfen Sie dies und beheben Sie die Fehler (Rechtsklick auf das entsprechende Laufwerk im „Arbeitsplatz“, dann auf „Eigenschaften“. Dort wählen Sie „Extras“ und „Jetzt prüfen“ aus. Stellen Sie sicher, dass die Option „Dateisystemfehler automatisch korrigieren“ markiert ist.\n\nWenn die obigen Anweisungen nicht funktionieren, folgen Sie bitte den unten aufgeführten Schritten. + Auf Laufwerk %s sind noch %.2f Byte frei. + Auf Laufwerk %s sind noch %.2f KB frei. + Auf Laufwerk %s sind noch %.2f MB frei. + Auf Laufwerk %s sind noch %.2f GB frei. + Auf Laufwerk %s sind noch %.2f TB frei. + Auf Laufwerk %s sind noch %.2f PB frei. + Fehler beim Ermitteln der verfügbaren Laufwerksbuchstaben. + Fehler: VeraCrypt-Treiber nicht gefunden.\n\nBitte kopieren Sie die Dateien „veracrypt.sys“ und „veracrypt-x64.sys“ in das Verzeichnis der Hauptanwendung von VeraCrypt (VeraCrypt.exe). + Fehler: Eine inkompatible Version des VeraCrypt-Treibers ist derzeit aktiv.\n\nWenn Sie versuchen VeraCrypt im mobilen Modus auszuführen (d.h. ohne es zu installieren) und eine andere Version von VeraCrypt bereits installiert ist, müssen Sie diese Version erst deinstallieren (oder mittels des VeraCrypt-Installationspakets aktualisieren). Um VeraCrypt zu deinstallieren, folgen Sie diesen Schritten: Unter Windows Vista oder neuer wählen Sie „Start Menu“ > „Einstellungen“ > „Systemsteuerung“ > „Programme und Funktionen“ > „VeraCrypt“ > „Deinstallieren“.\n\nWenn Sie versuchen VeraCrypt im mobilen Modus auszuführen (d.h. ohne es zu installieren) und eine andere Version von VeraCrypt bereits im mobilen Modus aktiv ist, müssen Sie den Computer neu starten bevor Sie diese neue Version starten können. + Fehler beim Initialisieren der Blockchiffre. + Fehler: Es wurde ein schwacher oder ein potenziell schwacher Schlüssel entdeckt! Der Schlüssel wird verworfen. Bitte wiederholen Sie den Vorgang. + Ein kritischer Fehler ist aufgetreten und VeraCrypt muss beendet werden. Wenn dies durch einen Fehler in VeraCrypt verursacht wurde, so würden wir diesen gerne ausbessern. Um uns dabei zu helfen, können Sie uns einen automatisch generierten Fehlerbericht senden, der die folgenden Daten enthält:\n\n- Versionsnummer\n- Betriebssystem\n- Prozessor\n- Name der betroffenen VeraCrypt-Komponente(n)\n- Prüfsumme des Programms\n- Symbolischer Name des Dialogfensters\n- Fehlerkategorie\n- Fehleradresse\n- VeraCrypt-Aufruf-Stack\n\nWenn Sie „Ja“ wählen, wird die folgende URL (welche den kompletten Fehlerbericht enthält) mit Ihrem Standardbrowser aufgerufen.\n\n%hs\n\nMöchten Sie uns den oben angezeigten Fehlerbericht senden? + Ein kritischer Fehler ist in Ihrem System aufgetreten.\n\nBeachten Sie, dass dieser Fehler nicht durch VeraCrypt verursacht wurde (d.h. VeraCrypt Entwickler können den Fehler nicht beheben). Bitte überprüfen Sie Ihr System auf mögliche Probleme (z.B. System-Konfiguration, Netzwerk-Verbindung, Fehler in Hardware-Komponenten). + Es ist ein kritischer Fehler in Ihrem System aufgetreten und VeraCrypt musste beendet werden.\n\nWenn dieses Problem wiederholt auftritt, sollten Sie versuchen Anwendungen, die diesen Fehler verursachen könnten, auszuschalten oder zu deinstallieren (z.B. Antiviren- oder Internetsicherheitssoftware, System-„Verbesserungs“-, „Optimierungs“- oder „Tweaker“-Software usw.). Sollte dies nicht helfen, sollten Sie in Erwägung ziehen, Ihr Betriebssystem neu zu installieren (dieses Problem kann auch durch Schadsoftware verursacht werden). + VeraCrypt – Kritischer Fehler + VeraCrypt hat erkannt, dass Ihr Betriebssystem vor kurzem abgestürzt ist. Es gibt viele mögliche Gründe für einen Systemabsturz (z.B. Fehler in einer Hardwarekomponente, fehlerhafte Treiber usw.).\n\nSoll VeraCrypt prüfen ob ein Fehler in VeraCrypt den Systemabsturz verursacht haben könnte? + Möchten Sie, dass VeraCrypt weiterhin Systemabstürze erkennt? + VeraCrypt konnte keine Minidump-Datei des Systemabsturzes finden. + Möchten Sie die Windows Absturzspeicherabbild-Datei löschen, um Speicherplatz frei zu geben? + Um den Systemabsturz zu analysieren, muss VeraCrypt zuerst die Microsoft Debugging Tools für Windows installieren.\n\nNachdem Sie „OK“ klicken, wird der Windows Installer das „Microsoft Debugging Tools“-Installationspaket (16 MB) von einem Microsoft Server herunterladen und installieren (der Windows Installer wird vom VeraCrypt-Server auf die Server-URL des Microsoft Servers weitergeleitet. Hierdurch wird sichergestellt, dass der Vorgang auch dann funktioniert, wenn Microsoft die URL ändert). + Nachdem Sie „OK“ klicken, analysiert VeraCrypt den Systemabsturz. Dies kann mehrere Minuten dauern. + Bitte stellen Sie sicher, dass die Umgebungsvariable „PATH“ den Pfad zu „kd.exe“ (Kernel Debugger) enthält („Systemsteuerung“ > „System“ > „Erweiterte Systemeinstellungen“ > „Erweitert“ > „Umgebungsvariablen“). + Es scheint als habe VeraCrypt den Systemabsturz sehr wahrscheinlich nicht verursacht. Es gibt viele mögliche Gründe für einen Systemabsturz (z.B. Fehler in einer Hardwarekomponente, fehlerhafte Treiber usw.). + Die Ergebnisse der Analyse deuten darauf hin, dass die Aktualisierung folgender Treiber das Problem beheben könnte: + Damit wir herausfinden können, ob ein Fehler in VeraCrypt existiert, können Sie uns einen automatisch erstellten Bericht senden, der die folgenden Punkte enthält:\n- Programmversion\n- Version des Betriebssystems\n- CPU-Typ\n- Fehlerkategorie\n- Treibername und -Version\n- System call stack\n\nWenn Sie „Ja“ wählen wird die folgende URL (die den gesamten Fehlerbericht enthält) in Ihrem Browser geöffnet. + Möchten Sie uns den obigen Fehlerbericht senden? + &Verschlüsseln + &Entschlüsseln + &Dauerhaft entschlüsselt + Beenden + Legen Sie bitte ein logisches Laufwerk für diese erweiterte Partition an und wiederholen Sie anschließend den Vorgang. + Ein VeraCrypt-Volume kann in einer Datei liegen (eine VeraCrypt-Containerdatei), die sich auf einer Festplatte, einer Partition, einem USB-Stick usw. befindet. Eine VeraCrypt-Containerdatei verhält sich genau wie eine normale Datei (sie kann zum Beispiel wie eine normale Datei kopiert, bewegt oder gelöscht werden). Klicken Sie auf „Datei ...“, um einen Dateinamen und den Speicherort für die Containerdatei zu wählen.\n\nACHTUNG: Wenn Sie eine bestehende Datei wählen, wird VeraCrypt diese NICHT verschlüsseln; die Datei wird gelöscht und mit der Containerdatei ersetzt. Sie können bestehende Dateien verschlüsseln, indem Sie diese später in den neuen VeraCrypt-Container verschieben, den Sie gerade erstellen. + Wählen Sie den Speicherort des äußeren Volumes (in diesem wird später das versteckte Volume erstellt).\nEin VeraCrypt-Volume kann in einer Datei liegen (eine VeraCrypt-Containerdatei), die sich auf einer Festplatte, einer Partition, einem USB-Stick usw. befindet. Eine Containerdatei verhält sich genau wie eine normale Datei (sie kann z.B. kopiert oder gelöscht werden). Klicken Sie auf „Datei ...“, um einen Dateinamen und den Speicherort für die Containerdatei zu wählen.\n\nACHTUNG: Wenn Sie eine bestehende Datei wählen wird VeraCrypt diese NICHT verschlüsseln; die Datei wird gelöscht und mit der Containerdatei ersetzt. Sie können bestehende Dateien verschlüsseln, indem Sie diese in den neuen VeraCrypt-Container verschieben. + Verschlüsselte laufwerkbasierte VeraCrypt-Volumes können innerhalb einer Partition auf Festplatten, Solid-State Laufw., USB- Sticks, und auf allen anderen unterstützten Laufwerken erstellt werden. Partitionen können außerdem „in-place“ verschlüsselt werden.\n\nAußerdem können laufwerkbasierte VeraCrypt-Volumes auf Laufwerken erstellt werden, die keine Partitionen beinhalten (einschließlich Festplatten und Solid-State Laufwerken).\n\nHinweis: Ein Laufwerk das Partitionen enthält kann nur vollständig „in-place“ verschlüsselt werden (Verwendung eines Hauptschlüssels), wenn es das Laufwerk ist auf dem Windows installiert ist und von dem es startet. + Ein laufwerkbasiertes VeraCrypt-Volume kann innerhalb einer Festplatte, eines Solid-State Laufwerkes, USB Memory-Stick und anderen Speichergeräten erstellt werden.\n\nWARNUNG: Beachten Sie, dass die Partition/das Laufwerk formatiert werden und alle derzeit darauf gespeicherten Daten verloren gehen. + \nWählen Sie den Speicherort für die Erstellung des äußeren Volumes (In ihm wird später das versteckte Volume erstellt).\n\nEin äußeres Volume kann auf einer Festplatten-Partition, einem Solid-State Laufwerk, USB-Stick u.a. Speicherlaufwerken erstellt werden. Äußere Volumes können auch auf Laufwerken erstellt werden, die keine Partitionen enthalten (einschließlich Festplatten und SSDs).\n\nWARNUNG: Beachten Sie, dass die Partition bzw. der Datenträger formatiert wird und alle zurzeit darauf gespeicherte Daten verloren gehen. + Wählen Sie bitte den Speicherort des VeraCrypt-Volumes aus, innerhalb dessen das versteckte Volume erstellt werden soll. + WARNUNG: Die Datei/das Laufwerk ist bereits in Verwendung!\n\nWenn Sie diese Warnung ignorieren, können nicht vorhersehbare Probleme einschließlich Systemabstürze auftreten. Alle Programme, die die Datei/das Laufwerk verwenden (zum Beispiel Virenscanner oder Backup-Software) sollten geschlossen werden, bevor das Volume eingebunden wird.\n\nTrotzdem fortfahren? + Fehler: Das Volume konnte nicht eingebunden werden. Die Datei/das Laufwerk wird bereits verwendet. Der Versuch das Volume ohne Exklusivzugriff einzubinden, ist ebenfalls gescheitert. + Die Datei konnte nicht geöffnet werden. + Volume-Speicherort + Große Dateien + Beabsichtigen Sie, Dateien die größer als 4 GB sind, in diesem VeraCrypt-Volume zu speichern? + Je nach Auswahl wird VeraCrypt ein geeignetes Dateisystem für das Volume wählen (im nächsten Schritt änderbar). + Da Sie ein äußeres Volume erstellen, sollten Sie erwägen „Nein“ zu wählen. Wenn Sie „Ja“ wählen, wird NTFS als Standard-Dateisystem gewählt. Es ist für äußere Volume weniger geeignet als FAT/exFAT (z.B. wird die maximal mögliche Größe des versteckten Volumes erheblich größer sein, wenn das äußere Volume mit FAT/exFAT formatiert ist). Normalerweise ist FAT die Standardeinstellung für versteckte und normale Volumes (somit sind FAT-Volumes nicht verdächtig). Wenn Sie allerdings die Absicht haben Dateien > 4 GB auf dem äußeren Volume zu speichern (was FAT nicht zulässt), dann sollte NTFS gewählt werden. + Sind Sie sicher, dass Sie „Ja“ wählen möchten? + Volume Erstellungs-Modus + Dies ist der schnellste Weg, um ein partitionsbasiertes oder laufwerkbasiertes VeraCrypt-Volume zu erstellen (die „in-place“ Verschlüsselung ist langsamer, da die Inhalte von jedem Sektor zuerst gelesen, verschlüsselt und dann geschrieben werden müssen). Alle Daten, die zurzeit auf der ausgewählten Partition/dem Laufwerk sind, gehen verloren (die Daten werden NICHT verschlüsselt, sie werden mit Zufallsdaten überschrieben). Wenn Sie vorhandene Daten auf einer Partition verschlüsseln möchten, dann wählen Sie die andere Option. + Die gesamte ausgewählte Partition und alle darauf gespeicherten Daten werden „in-place“ verschlüsselt. Wenn die Partition leer ist, dann sollten Sie die andere Option wählen (das Volume wird dann viel schneller erstellt). + Hinweis: + &Weiter + &Später + &Start + &Fortsetzen + &Formatieren + &Löschen + Formatierung abbrechen? + Zeige mehr Informat. + Nicht noch einmal anzeigen + Der Inhalt der Partition/des Laufwerkes wurde erfolgreich gelöscht. + Der Inhalt der Partition, auf der das ursprüngliche System lag (von dem das versteckte System eine Kopie ist), wurde erfolgreich gelöscht. + Bitte stellen Sie sicher, dass die Windows-Version, die Sie installieren werden, die gleiche ist, wie die Version die sie gerade laufen haben. Dies ist notwendig, da beide Systeme die selbe Boot-Partition verwenden werden. + Die Systempartition/das Systemlaufwerk wurde erfolgreich verschlüsselt.\n\nBitte beachten Sie: Wenn es VeraCrypt-Volumes gibt, die Sie jedes Mal einbinden möchten wenn Windows startet, können Sie dies einrichten, indem Sie die Volumes einbinden und unter „Favoriten“ > „Eingebundenes Volume zu Systemfavoriten hinzufügen“ wählen. + Die System-Partition/das Laufwerk wurde erfolgreich entschlüsselt. + \n\nDas VeraCrypt-Volume wurde erstellt und ist Einsatzbereit. Mit „Weiter“ können Sie ein weiteres VeraCrypt-Volume erstellen (anderenfalls drücken Sie auf „Beenden“). + \n\nDas versteckte VeraCrypt-Volume wurde erfolgreich erstellt (das versteckte Betriebssystem wird sich innerhalb von diesem versteckten Volume befinden).\n\nKlicken Sie auf „Weiter“, um fortzufahren. + Volume vollständig verschlüsselt + Volume vollständig entschlüsselt + WICHTIG: UM DIESES NEU ERSTELLTE VERACRYPT-VOLUME EINZUBINDEN UND UM AUF DIE DATEN DARAUF ZUZUGREIFEN, KLICKEN SIE AUF „Alle Datentr. einbinden“ IM VERACRYPT HAUPTBILDSCHIRM. Nachdem Sie das richtige Passwort eingegeben haben (und/oder die korrekten Schlüsseldateien angegeben haben), wird das Volume unter dem Laufwerksbuchstaben, den Sie aus der Liste im VeraCrypt-Hauptbildschirm wählen, eingebunden (und Sie können auf die verschlüsselten Daten über den gewählten Laufwerksbuchstaben zugreifen).\n\nBITTE MERKEN SIE SICH ODER SCHREIBEN SIE SICH DIE OBEN GENANNTEN SCHRITTE AUF. SIE MÜSSEN DIESE JEDES MAL BEFOLGEN, WENN SIE DAS VOLUME EINBINDEN UND AUF DARAUF BEFINDLICHE DATEN ZUGREIFEN MÖCHTEN. Alternativ klicken Sie im VeraCrypt-Hauptbildschirm auf „Datenträger ...“, dann wählen Sie diese(s) Partition/Volume und klicken auf „Einbinden“.\n\nDie Partition/das Volume wurde erfolgreich verschlüsselt (es enthält jetzt ein voll-verschlüsseltes VeraCrypt-Volume und ist einsatzbereit. + Das VeraCrypt-Volume wurde erfolgreich entschlüsselt. + Das VeraCrypt-Volume wurde erfolgreich entschlüsselt.\n\nBitte wählen Sie einen Laufwerksbuchstaben aus, der dem entschlüsselten Laufwerk zugewiesen werden soll und klicken Sie auf „Fertigstellen“.\n\nWICHTIG: Solange dem entschlüsselten Laufwerk kein Laufwerksbuchstabe zugewiesen wurde, kann nicht auf die darauf vorhandenen Daten zugegriffen werden. + WARNUNG: Um auf die entschlüsselten Daten zugreifen zu können, muss dem entschlüsselten Laufwerk ein Laufwerksbuchstabe zugewiesen werden, jedoch steht momentan kein freier Laufwerksbuchstabe zur Verfügung.\n\nBitte einen verwendeten Laufwerksbuchstaben freigeben (z.B. durch Abziehen eines USB-Sticks oder anderer externer Laufwerke) und dann mit „OK“ bestätigen. + Das VeraCrypt-Volume wurde erfolgreich erstellt. + Volume wurde erstellt + WICHTIG: Den Mauszeiger in diesem Fenster zufällig hin und her bewegen. Je länger (min. 30 Sek.) Sie die Maus bewegen desto besser. Dies trägt zu einer verbesserten Verschlüsselung bei. Klicken Sie auf „Formatieren“, um mit der Erstellung fortzufahren. + Klicken Sie auf „Formatieren“, um das äußere Volume zu erstellen. Für mehr Informationen lesen Sie bitte die Dokumentation. + Format des äußeren Volumes + Format des versteckten Volumes + Volume-Format + Adobe Reader (oder ein anderes dazu kompatibles Programm) wird benötigt, um das VeraCrypt-Benutzerhandbuch anzeigen oder drucken zu können. Der Adobe Reader (Freeware) kann unter http://www.adobe.com heruntergeladen werden.\n\nMöchten Sie stattdessen die Online-Dokumentation ansehen? + Bei Auswahl dieser Option erstellen Sie zuerst mit dem Assistenten ein normales VeraCrypt-Volume und dann innerhalb dieses neuen Volumes ein verstecktes VeraCrypt-Volume. Unerfahrene Benutzer sollten immer diese Option wählen. + Mit dieser Auswahl erstellen Sie ein verstecktes Volume in einem bestehenden VeraCrypt-Volume. Es wird davon ausgegangen, dass Sie bereits ein VeraCrypt-Volume erstellt haben und dieses in der Lage ist, ein verstecktes Volume zu beinhalten. + Volume Erstellungsmethode + Verstecktes Volume wurde erstellt + Das versteckte VeraCrypt-Volume wurde erfolgreich erstellt und ist gebrauchsbereit. Wenn alle Anweisungen korrekt befolgt wurden und wenn die Vorsichtsmaßnahmen und Anforderungen aus dem Abschnitt „Security Requirements and Precautions Pertaining to Hidden Volumes“ im VeraCrypt-Benutzerhandbuch befolgt wurden, wird es unmöglich sein zu beweisen, dass das versteckte Volume existiert, auch wenn das äußere Volume eingebunden ist.\n\nACHTUNG: SCHREIBEN SIE NICHTS AUF DAS ÄUSSERE VOLUME WENN SIE DAS VERSTECKTE VOLUME NICHT ABSICHERN (Informationen wie Sie das versteckte Volume absichern können, finden Sie im Abschnitt „Protection of Hidden Volumes Against Damage“ im VeraCrypt-Benutzerhandbuch). ANDERNFALLS KÖNNEN SIE DAS VERSTECKTE VOLUME BESCHÄDIGEN UND UNWIEDERBRINGLICH ÜBERSCHREIBEN! + Sie haben das versteckte Betriebssystem gestartet. Wie Sie vielleicht bemerkt haben, scheint das versteckte Betriebssystem auf der gleichen Partition installiert zu sein wie das Originale Betriebssystem. In Wirklichkeit ist es jedoch auf der Partition hinter diesem installiert (in dem versteckten Volume). Alle Lese- und Schreiboperationen werden transparent von der ursprünglichen Systempartition zu dem versteckten Volume weitergeleitet.\n\nWeder das Betriebssystem noch die Programme werden wissen, dass Daten auf die/von der Systempartition geschrieben/gelesen werden – tatsächlich wird auf die/von der Partition dahinter geschrieben/gelesen (von/zu einem versteckten Volume). Alle Daten werden wie üblich „on-the-fly“ ver- und entschlüsselt (mit einem Verschlüsselungsschlüssel der anders ist, als der für das Köder-Betriebssystem).\n\n\nKlicken Sie auf „Weiter“, um fortzufahren. + Das äußere Volume wurde erstellt und als Laufwerk %hc: eingebunden. Auf dieses äußere Volume sollten Sie nun einige vertraulich aussehende Dateien kopieren, die Sie eigentlich nicht verstecken möchten. Diese werden für jeden da sein, der Sie zwingt das Passwort für die erste Partition hinter der Systempartition zu verraten, wo sich das äußere und das versteckte Volume (enthält das versteckte Betriebssystem) befinden werden. Sie werden im Stande sein das Passwort für dieses äußere Volume herauszugeben und die Existenz des versteckten Volumes (und des versteckten Betriebssystems) bleibt trotzdem geheim.\nWICHTIG: Die Dateien, die Sie auf das äußere Volume kopieren, sollten nicht mehr als %s belegen. Andernfalls gibt es möglicherweise nicht genügend Speicherplatz auf dem äußeren Volume für das versteckte Volume (und Sie werden nicht fortfahren können). Nachdem Sie mit dem Kopieren fertig sind, klicken Sie auf „Weiter“ (das Volume nicht trennen). + Das äußere Volume wurde erfolgreich erstellt und als Laufwerk %hc: eingebunden. Jetzt müssen Sie noch einige sensibel aussehende Alibi-Dateien auf dieses Volume kopieren. Diese Dateien sind für Personen bestimmt welche die Herausgabe des Passwortes erzwingen möchten. Diesen Personen offenbaren Sie nur das Passwort des äußeren, nicht aber das des versteckten Volumes. Die wirklich wichtigen Dateien speichern Sie in das (noch zu erstellende) versteckte Volume. Klicken Sie nach dem Kopieren der Alibi-Dateien auf „Weiter“, ohne zuvor das Volume zu trennen. Es erfolgt dann eine Analyse der Clusterbelegung des äußeren Volumes, um festzustellen, wie viel freier zusammenhängender Speicher vom Ende des Volumes aus verfügbar ist. Dieser Bereich wird für die Unterbringung des versteckten Volumes verwendet. Die Analyse der Clusterbelegung stellt sicher, dass keine Daten des äußeren Volumes durch das versteckte Volume überschrieben werden. + Inhalt des äußeren Volumes + \n\nIn den nächsten Schritten werden Sie die Optionen für das äußere Volume festlegen (innerhalb dessen später das versteckte Volume erstellt wird). + \n\nIn den nächsten Schritten erstellen Sie ein so genanntes äußeres VeraCrypt-Volume innerhalb der ersten Partition hinter der Systempartition (wie es in einem der vorherigen Schritte erklärt wurde). + Äußeres Volume + In den folgenden Schritten werden Sie die Optionen und das Passwort für das versteckte Volume festlegen, das das versteckte Betriebssystem enthalten wird.\n\nHinweis: Die Cluster-Bitmap des äußeren Volumes wurde gescannt, um die Größe des zusammenhängenden freien Speichers zu ermitteln, dessen Ende mit dem Ende des äußeren Volumes übereinstimmt. Dieser Bereich wird das versteckte Volume aufnehmen, somit begrenzt es dessen maximal mögliche Größe. Die maximal mögliche Größe des versteckten Volumes wurde festgelegt und geprüft. Sie ist größer als die der Systempartition (was erforderlich ist, da der gesamte Inhalt der Systempartition in das versteckte Volume kopiert werden muss). Dadurch wird sichergestellt, dass keine der Daten, die zurzeit auf dem äußeren Volume gespeicherten sind, durch Daten überschrieben werden, die in den Bereich des versteckten Volumes geschrieben werden. + WICHTIG: Bitte merken Sie sich die Algorithmen, die Sie in diesem Schritt wählen. Sie müssen die gleichen Algorithmen für das Köder-System wählen. Andernfalls wird es nicht möglich sein, auf das versteckte Betriebssystem zuzugreifen! (Das Köder-System muss mit demselben Verschlüsselungsalgorithmus verschlüsselt sein wie das Versteckte System).\n\nHinweis: Der Grund hierfür ist, dass das Köder-System und das versteckte System sich einen Bootloader teilen werden, der nur einen vom Benutzer gewählten Algorithmus unterstützt (für jeden Algorithmus gibt es eine spezielle Version des VeraCrypt-Bootloaders). + \n\nDie Clusterbelegung wurde analysiert und die maximal mögliche Größe des versteckten Volumes ermittelt. In den folgenden Schritten legen Sie die Einstellungen, die Größe und das Passwort des versteckten Volumes fest. + Verstecktes Volume + Das versteckte Volume ist jetzt geschützt, solange das äußere Volume getrennt ist.\n\nACHTUNG: Wenn versucht wird Daten in den Bereich des versteckten Volumes zu speichern, dann wird VeraCrypt den Schreibschutz für das gesamte Volume verwenden (sowohl den äußeren als auch den versteckten Teil) bis es getrennt wurde. Dies kann dazu führen, dass Beschädigungen am Dateisystem des äußeren Volumes auftreten können, die die (wenn wiederholt) glaubhafte Leugnung des versteckten Volumes beeinträchtigt. Sie sollten daher alle Anstrengungen unternehmen, um das Schreiben von Daten in das versteckte Volume zu vermeiden. Alle Daten die in das versteckte Volume gespeichert werden, gehen verloren. Windows gibt deswegen möglicherweise einen Fehler aus („Delayed Write Failed“ oder „The parameter is incorrect“). + Jedes der versteckten Volumes innerhalb der gerade eingebundenen Volumes ist vor Beschädigungen geschützt, solange es nicht eingebunden ist.\n\nWARNUNG: Wenn versucht wird Daten in den Bereich der versteckten Volumes zu speichern, dann wird VeraCrypt den Schreibschutz für die gesamten Volumes verwenden (sowohl den Äußeren als auch den Versteckten Teil) bis es getrennt wurde. Dies kann dazu führen, dass Beschädigungen am Dateisystem des äußeren Volumes auftreten können, welche die (wenn wiederholt) glaubhafte Leugnung des versteckten Volumes beeinträchtigt. Sie sollten daher alle Anstrengungen unternehmen, um zu vermeiden, Daten in das versteckte Volume zu schreiben. Alle Daten die in das versteckte Volume gespeichert werden gehen verloren. Windows gibt deswegen möglicherweise einen Fehler aus („Delayed Write Failed“ oder „The parameter is incorrect“). + WARNUNG: Es wurde versucht Daten in den Bereich des versteckten Volumes zu speichern. Das Volume ist eingebunden als %c:! VeraCrypt hat verhindert, dass die Daten gespeichert werden, um das versteckte Volume zu schützen. Dies hätte möglicherweise das Dateisystem auf dem Äußeren Volume beschädigt und Windows hätte vermutlich einen Schreibfehler ausgegeben („Delayed Write Failed“ oder „The parameter is incorrect“). Das gesamte Volume (der äußere und der versteckte Teil) wird Schreibgeschützt sein bis es getrennt wurde. Passiert es nicht zum ersten Mal, dass VeraCrypt verhindert hat, dass Daten in den versteckten Teil dieses Volumes geschrieben wurden, könnte die glaubhafte Leugnung des versteckten Volumes beeinträchtigt sein (möglicherweise wegen Inkonsistenzen mit dem Dateisystem des äußeren Volumes). Daher sollten Sie die Erstellung eines neuen VeraCrypt-Volumes in Erwägung ziehen (mit deaktivierter Schnellformatierung) und die Daten von diesem in das neue Volume verschieben; dieses Volume sollte dann sicher gelöscht werden (sowohl das äußere als auch das versteckte). Wir empfehlen dringend, dass Sie das Betriebssystem jetzt Neustarten. + Sie haben angegeben, dass Sie Dateien speichern möchten die größer als 4GB sind. Dafür muss das Volume mit NTFS/exFAT formatiert werden, was allerdings nicht möglich sein wird. + Bitte beachten Sie, dass es unmöglich ist nicht versteckte Volumes mit NTFS/exFAT zu formatieren wenn ein verstecktes Betriebssystem aktiv ist. Der Grund dafür ist, dass das Volume kurzfristig ohne Schreibschutz eingebunden werden müsste, um dem Betriebssystem die NTFS-Formatierung zu ermöglichen (FAT-Formatierung wird hingegen durch VeraCrypt durchgeführt ohne das Volume einzubinden). Für weitere technische Details, siehe unten. Sie können ein nicht verstecktes NTFS/exFAT-Volume aus dem Köder-System heraus erstellen. + Wenn ein verstecktes Betriebssystem läuft können versteckte Volumes aus Sicherheitsgründen nur im „direkten“ Modus erstellt werden (weil äußere Volumes immer schreibgeschützt eingebunden werden müssen). Um ein verstecktes Volume sicher zu erstellen, befolgen sie diese Schritte:\n\n1) Das Köder-System starten\n\n2) Ein normales VeraCrypt-Volume erstellen und einige sensibel aussehende Dateien hinein kopieren, die Sie jedoch NICHT verstecken möchten (dieses Volume wird am Ende das äußere Volume werden).\n\n3) Das versteckte Betriebssystem starten und den Assistent zum Erstellen eines VeraCrypt-Volumes starten. Wenn das Volume eine Containerdatei ist, verschieben Sie es auf die Systempartition oder ein anderes verstecktes Volume (andernfalls wird das neu erstellte versteckte Volume schreibgeschützt eingebunden und kann nicht formatiert werden). Befolgen Sie die Anleitung im Assistenten, um den „direkten“ Modus zu wählen.\n\n4) Im Assistenten wählen Sie nun das im Schritt 2 erstellte Volume aus und erstellen darin ein neues verstecktes Volume. + Wenn ein verstecktes Betriebssystem ausgeführt wird, werden lokale unverschlüsselte Dateisysteme und nicht versteckte VeraCrypt-Volumes aus Sicherheitsgründen als schreibgeschützt eingebunden (auf solche Dateisysteme oder VeraCrypt-Volumes können keine Daten geschrieben werden).\n\nDaten dürfen in jedes Dateisystem geschrieben werden das sich in einem Versteckten VeraCrypt-Volume befindet (vorausgesetzt, das versteckte Volume ist in keinem Container, der sich auf einem unverschlüsselten oder schreibgeschützten Dateisystem befindet). + Es gibt drei Hauptgründe warum solche Gegenmaßnahmen eingebaut wurden:\n\n- Sie ermöglichen die Erstellung einer sicheren Plattform mit der versteckte VeraCrypt-Volumes eingebunden werden können. Bitte beachten Sie unsere offizielle Empfehlung, versteckte Volumes nur einzubinden wenn ein verstecktes Betriebssystem läuft. (Für mehr Informationen, siehe Abschnitt „Security Requirements and Precautions Pertaining to Hidden Volumes“ in der Dokumentation.)\n\n- In manchen Fällen ist es möglich festzustellen, dass ein bestimmtes Dateisystem zu einer gewissen Zeit nicht unter einer bestimmten Instanz eines Betriebssystems eingebunden war, oder dass eine bestimmte Datei auf dem Dateisystem nicht innerhalb dieses Systems geändert oder gespeichert wurde (zum Beispiel durch Analyse und Vergleich von Dateisystemprotokollen, Zeitstempeln, Anwendungsprotokollen, Fehlerprotokollen usw.). Daraus kann geschlossen werden, dass ein weiteres Betriebssystem auf dem Computer installiert ist. Die Gegenmaßnahmen verhindern diese Probleme.\n\n- Sie verhindern Datenverfall und ermöglichen sicheren Standby- bzw. Ruhemodus. Wenn Windows aus dem Ruhezustand wieder aufwacht nimmt es an, dass alle eingebundenen Dateisysteme im selben Zustand sind wie vor dem Ruhezustand. VeraCrypt stellt sicher, dass dem so ist, indem es alle Dateisysteme auf die vom Köder-System und vom versteckten Betriebssystem aus zugegriffen werden kann, mit einem Schreibschutz versieht. Ohne diesen Schutz könnte das Dateisystem durch ein Betriebssystem beschädigt werden wenn das andere System sich im Ruhezustand befindet. + Hinweis: Wenn Sie Dateien sicher von dem Köder-System zum versteckten System übertragen möchten, dann folgen Sie diesen Schritten: 1) Starten Sie das Köder-System. 2) Speichern Sie die Dateien auf ein unverschl. Datenträger oder in ein äußeres/normales VeraCrypt-Volume. 3) Starten Sie das versteckte System. 4) Wenn Sie die Dateien auf ein VeraCrypt-Volume gespeichert haben, binden Sie es ein (es wird automatisch als schreibgeschützt eingebunden). 5) Kopieren Sie die Dateien auf die versteckte Systempartition oder auf ein anderes verstecktes Volume. + Ihr Computer muss Neu gestartet werden.\n\nMöchten Sie jetzt Neu starten? + Beim Abruf des Status für die Systemverschlüsselung ist ein Fehler aufgetreten. + Kein Passwort auf der Kommandozeile angegeben. Das Volume kann nicht erstellt werden. + Keine Volume-Größe auf der Kommandozeile angegeben. Das Volume kann nicht erstellt werden. + Unzulässige Volume-Größe auf der Kommandozeile angegeben in Verbindung mit dem NTFS-Dateisystem. + Unzulässige Volume-Größe auf der Kommandozeile angegeben in Verbindung mit dem FAT32-Dateisystem. + Das Dateisystem auf dem Ziellaufwerk unterstützt keine Sparse-Dateien, was für dynamische Volumes erforderlich wäre. + Nur Containerdateien können auf der Kommandozeile erstellt werden. + Nicht genügend freier Speicherplatz für die, auf der Kommandozeile, angegebene Größe der Containerdatei. Das Volume kann nicht erstellt werden. + Auf der Kommandozeile angegebene Volume-Größe ist zu klein. Das Volume kann nicht erstellt werden. + Auf der Kommandozeile angegebene Volume-Größe ist zu groß. Das Volume kann nicht erstellt werden. + Die Anwendungskomponenten konnten nicht Initialisiert werden. + Der Zufallszahlengenerator konnte nicht initialisiert werden!\n\n\n(Sollten Sie in diesem Zusammenhang einen Fehler melden, so bitten wir Sie folgende technische Informationen dem Fehlerbericht hinzuzufügen: %hs, Letzter Fehler = 0x%.8X) + Windows Crypto API ist fehlgeschlagen!\n\n\n(Sollten Sie in diesem Zusammenhang einen Fehler melden, so bitten wir Sie folgende technische Informationen dem Fehlerbericht hinzuzufügen: %s, Letzter Fehler = 0x%.8X) + Die Anwendung konnte nicht initialisiert werden. Die Registrierung der Dialogklasse ist fehlgeschlagen. + Fehler: Kann die 'RichEdit' Systembibliothek nicht laden. + VeraCrypt-Volume erstellen + Die maximal mögliche Größe für ein verstecktes Volume innerhalb dieses Volume ist %.2f Byte. + Die maximal mögliche Größe für ein verstecktes Volume innerhalb diesem Volume ist %.2f KB. + Die maximal mögliche Größe für ein verstecktes Volume innerhalb diesem Volume ist %.2f MB. + Die maximal mögliche Größe für ein verstecktes Volume innerhalb diesem Volume ist %.2f GB. + Die maximal mögliche Größe für ein verstecktes Volume innerhalb diesem Volume ist %.2f TB. + Volume-Passwort/Schlüsseldateien können nicht geändert werden solange das Volume eingebunden ist. Trennen Sie bitte zuvor das Volume. + Der Algorithmus für die Headerschlüsselberechnung kann nicht geändert werden solange das Volume eingebunden ist. Trennen Sie bitte zuvor das Volume. + E&inbinden + Zum Einbinden dieses Volumes wird eine neuere VeraCrypt-Version benötigt. + Fehler: Der Assistent zum Erstellen von VeraCrypt-Volumes wurde nicht gefunden.\n\nDie Datei „VeraCrypt Format.exe“ muss sich in demselben Verzeichnis befinden von welchem aus "VeraCrypt.exe" gestartet worden ist. Falls diese Datei fehlt muss VeraCrypt neu installiert, oder die Datei „VeraCrypt Format.exe“ manuell gesucht und gestartet werden. + Fehler: Der Volume-Expander wurde nicht gefunden.\n\nBitte stellen Sie sicher, dass sich die Datei „VeraCryptExpander.exe“ im dem Ordner befindet, von welchem aus die Datei „VeraCrypt.exe“ gestartet wurde. Andernfalls installieren Sie VeraCrypt bitte neu oder suchen Sie die Datei „VeraCryptExpander.exe“ auf Ihrer Festplatte und starten Sie diese. + &Weiter > + &Fertig stellen + &Installieren + E&ntpacken + Es konnte keine Verbindung zum VeraCrypt Hardware Treiber hergestellt werden. VeraCrypt kann nicht arbeiten solange der Hardware Treiber nicht läuft.\n\nBedenken Sie, dass es sich um einen Windows Fehler handelt. Es könnte erforderlich sein sich neu Anzumelden oder das System neu zu starten bevor der Hardware Treiber geladen werden kann. + Es ist ein Fehler beim Laden/Verarbeiten der Schriftarten aufgetreten. + Der Laufwerksbuchstabe konnte nicht ermittelt werden oder es wurde keiner festgelegt. + Fehler: Laufwerksbuchstabe kann nicht zugeordnet werden.\n\nSolange dem entschlüsselten Volume kein Laufwerksbuchstabe zugeordnet ist, können Sie nicht auf die im Volume gespeicherten Daten zugreifen.\n\nNoch einmal versuchen? + Laufwerksbuchstabe nicht verfügbar. + Es wurde keine Datei ausgewählt! + Es sind keine Laufwerksbuchstaben verfügbar. + Es ist kein Laufwerksbuchstabe für das äußere Volume verfügbar! Das Volume kann nicht erstellt werden. + Fehler beim Ermitteln der Betriebssystemversion, oder das Betriebssystem wird nicht unterstützt. + Es wurde kein Pfad ausgewählt! + Es ist nicht genügend Platz für das versteckte Volume vorhanden! Das Volume kann nicht erstellt werden. + Fehler: Die Dateien die Sie auf das äußere Volume kopiert haben belegen zu viel Speicherplatz. Deshalb ist nicht genügend freier Speicherplatz auf dem äußeren Volume, für das versteckte Volume verfügbar.\n\nBeachten Sie, dass das versteckte Volume so groß sein muss wie die Systempartition (die Partition auf dem das aktuell ausgeführte Betriebssystem installiert ist). Der Grund ist, dass das versteckte Betriebssystem erstellt werden muss, indem der Inhalt der Systempartition in das versteckte Volume kopiert wird.\n\n\nDer Vorgang für die Erstellung des versteckten Betriebssystems kann nicht fortgesetzt werden. + Der VeraCrypt-Treiber kann das Volume nicht trennen. Einige Dateien auf dem Volume sind wahrscheinlich noch geöffnet. + Das Volume kann nicht gesperrt werden. Einige Dateien auf dem Volume sind noch geöffnet und verhindern dadurch das Trennen. + VeraCrypt kann das Volume nicht sperren weil es vom System oder von Programmen verwendet wird (es könnte offene Dateien auf dem Volume geben).\n\nMöchten sie die Trennung auf dem Volume erzwingen? + VeraCrypt-Volume auswählen + Pfad- und Dateiname angeben + Wähle PKCS #11 Bibliothek + Kein Speicher mehr vorhanden + WICHTIG: Wir empfehlen unerfahrenen Nutzern dringend eine VeraCrypt-Containerdatei auf der ausgewählten Partition/Laufwerk zu erstellen anstatt zu versuchen die gesamte Partition/Laufwerk zu verschlüsseln.\n\nWenn Sie eine VeraCrypt-Containerdatei erstellen besteht zum Beispiel (im Gegensatz zum Verschlüsseln einer ganzen Partition oder eines Laufwerks) keine Gefahr eine große Zahl von Dateien zu zerstören. Bitte beachten Sie, dass eine VeraCrypt-Containerdatei (obwohl sie eine virtuelle verschlüsselte Festplatte enthält) sich genau wie eine normale Datei verhält (sie kann z.B. kopiert, verschoben oder gelöscht werden). Für mehr Informationen siehe Kapitel „Beginner's Tutorial“ im VeraCrypt Benutzerhandbuch.\n\nSind Sie sicher, dass Sie die gesamte Partition / das gesamte Laufwerk verschlüsseln möchten? + WARNUNG: Die Datei „%s“ existiert bereits!\n\nWICHTIG: VERACRYPT WIRD DIE DATEI NICHT VERSCHLÜSSELN SONDERN LÖSCHEN. Sind Sie sicher, dass Sie die Datei löschen möchten und mit dem neuen VeraCrypt-Container ersetzen möchten? + WARNUNG: Alle zurzeit gespeicherten Dateien auf %s '%s'%s werden gelöscht und gehen verloren (SIE WERDEN NICHT VERSCHLÜSSELT!)!\n\nMöchten Sie trotzdem mit dem Formatieren beginnen? + WARNUNG: Sie werden nicht in der Lage sein das Volume einzubinden oder auf Daten zuzugreifen, die darauf sind, bis es vollständig verschlüsselt wurde.\n\nSind Sie sicher, dass Sie mit dem Verschlüsseln von %s '%s'%s beginnen möchten? + WARNUNG: Sie werden nicht in der Lage sein das Volume einzubinden oder auf Daten zuzugreifen, die darauf sind, bis es vollständig entschlüsselt wurde.\n\nSind Sie sicher, dass Sie mit dem Entschlüsseln von %s '%s'%s beginnen möchten? + WARNUNG: Wenn die Stromversorgung plötzlich unterbrochen wird während vorhandene Daten „in-place“ verschlüsselt werden, oder wenn das Betriebssystem wegen eines Software- oder Hardwarefehlers abstürzt während VeraCrypt vorhandene Daten „in-place“ verschlüsselt, werden Daten beschädigt oder gehen verloren. Stellen Sie daher vor dem Verschlüsseln sicher, dass Sie von den Dateien, die Sie verschlüsseln möchten, eine Sicherungskopie haben.\n\nHaben Sie eine solche Sicherung? + Vorsicht: Alle aktuell gespeicherten Daten auf der Partition „%s“ %s (d.h. auf der ersten Partition hinter der Systempartition) werden gelöscht und gehen verloren (sie werden nicht verschlüsselt)!\n\nSind Sie sicher, dass Sie mit dem Formatieren fortfahren möchten? + WARNUNG: DIE AUSGEWÄHLTE PARTITION ENTHÄLT EINE GROSSE MENGE AN DATEN! Jede Datei die sich auf der Partition befindet wird gelöscht und geht verloren (sie werden NICHT verschlüsselt)! + Löscht alle Dateien die sich auf der Partition befinden, durch Erstellen eines VeraCrypt-Volumes innerhalb dieser. + Passwort + PIM + Algorithmus für Headerschlüsselberechnung ändern + Schlüsseldateien dem/vom Volume hinzufügen/entfernen + Alle Schlüsseldateien vom Volume entfernen + Passwort, PIM und/oder Schlüsseldatei(en) wurden erfolgreich geändert.\n\nWICHTIG: Bitte stellen Sie sicher, dass Sie den Abschnitt „Changing Passwords and Keyfiles“ im Kapitel „Security Requirements and Precautions“ im VeraCrypt Benutzerhandbuch gelesen haben. + Dieses Volume ist ein Systemfavorit und sein PIM wurde geändert.\nMöchten Sie, dass VeraCrypt automatisch die Einstellung des Systemfavoriten aktualisiert (Administratorrechte benötigt)?\n\nBitte beachten Sie: Wenn Sie mit Nein antworten, müssen Sie den Systemfavoriten manuell aktualisieren. + WICHTIG: Wenn Sie Ihren VeraCrypt-Rettungsdatenträger nicht zerstört haben, dann kann Ihre Systempartition/Ihr Systemlaufwerk weiterhin mit dem alten Passwort entschlüsselt werden (durch starten des VeraCrypt-Rettungsdatenträgers und die Eingabe des alten Passwortes). Sie sollten einen neuen VeraCrypt-Rettungsdatenträger erstellen und den alten vernichten.\n\nMöchten Sie einen neuen Rettungsdatenträger erstellen? + Beachten Sie, dass Ihr VeraCrypt-Rettungsdatenträger weiterhin den vorherigen Algorithmus verwendet. Wenn Sie den vorherigen Algorithmus als unsicher einstufen, dann sollten Sie einen neuen VeraCrypt-Rettungsdatenträger erstellen und den alten vernichten.\n\nMöchten Sie einen neuen Rettungsdatenträger erstellen? + Jede Art von Datei (z.B. .mp3, .jpg, .zip) kann als VeraCrypt-Schlüsseldatei (SD) genutzt werden. VeraCrypt ändert niemals den Inhalt der Schlüsseldatei. Sie können mehr als eine Schlüsseldatei wählen (die Reihenfolge ist egal). Wenn Sie einen Ordner hinzufügen werden alle nicht versteckten Dateien darin als Schlüsseldateien verwendet. Klicken Sie auf „Token/SmartCard“ um SDs zu wählen die auf Sicherheitstokens/Smart-Cards gespeichert sind (oder um SDs dort zu speichern). + Schlüsseldatei(en) wurde(n) erfolgreich hinzugefügt/entfernt + Schlüsseldatei exportiert. + Der Algorithmus für die Headerschlüsselberechnung wurde erfolgreich geändert. + Bitte geben Sie das Passwort und/oder die Schlüsseldatei(en) für das Nicht-System Volume an, von dem Sie den „in-place“ Verschlüsselungsprozess fortsetzen möchten.\n\n\nHinweis: Nachdem Sie auf Weiter klicken wird VeraCrypt versuchen alle Nicht-System Volumes zu finden, wo der Verschlüsselungsprozess unterbrochen wurde und wo der VeraCrypt-Volume-Header mit dem angegebenen Passwort und/oder der Schlüsseldatei(en) entschlüsselt werden kann. Wenn mehr als ein solches Volume gefunden wird, dann müssen Sie eines davon im nächsten Schritt auswählen. + Bitte wählen Sie eines der aufgelisteten Volumes. Die Liste enthält jedes zugängliche Nicht-System Volume, bei dem der Verschlüsselungsprozess unterbrochen wurde und wo mithilfe des Passwortes und/oder der Schlüsseldatei(en) der Header entschlüsselt werden konnte. + Bitte geben Sie das Passwort und/oder die Schlüsseldatei(en) für das Nicht-System Volume an, welches Sie entschlüsseln möchten. + Es wird dringend empfohlen ein gutes Passwort zu wählen. Passwörter die in einem Wörterbuch zu finden sind (und ebenso Kombinationen aus 2, 3 oder 4 solcher Wörter) sollten nicht verwendet werden. Das Passwort sollte keine Namen oder Geburtstage enthalten, und nicht leicht zu erraten sein. Ein gutes Passwort ist eine zufällige Kombination aus Groß- und Kleinbuchstaben, Zahlen, und Sonderzeichen wie @ ^ = $ * + etc. Es ist zudem empfehlenswert ein Passwort mit mehr als 20 Zeichen zu wählen (je länger umso besser). Die mögliche Länge ist auf 64 Zeichen beschränkt. + Wählen Sie bitte ein Passwort für das versteckte Volume. + Wählen Sie ein Passwort für das versteckte Betriebssystem (d.h. für das versteckte Volume). + WICHTIG: Das Passwort, dass Sie in diesem Schritt für das versteckte Betriebssystem auswählen, muss sich erheblich von den zwei anderen Passwörtern unterscheiden (d.h. von dem Passwort für das äußere Volume und von dem Passwort für das Köder-Betriebssystem). + Geben Sie bitte das Passwort für das Volume ein, innerhalb welchem das versteckte Volume erstellt werden soll. Nachdem Sie "Weiter" angeklickt haben, wird VeraCrypt versuchen das Volume einzubinden. Sobald das Volume eingebunden ist, wird dessen Clusterbelegung analysiert, um festzustellen, wie viel freier zusammenhängender Speicher vom Ende des Volumes aus verfügbar ist. Der gefundene Bereich wird für die Unterbringung des versteckten Volumes verwendet. Dessen Größe legt zugleich auch die maximale Größe des versteckten Volumes festlegt. Das Analysieren der Clusterbelegung ist notwendig, um sicherzustellen, dass keine Daten des äußeren Volumes durch das versteckte Volume überschrieben werden. + \nWählen Sie ein Passwort für das äußere Volume. Das Passwort wird das sein, welches Sie einem Angreifer aushändigen können, wenn Sie dazu aufgefordert oder gezwungen werden.\n\nWICHTIG: Das Passwort muss sich erheblich von dem unterscheiden, welches Sie für das versteckte Volume auswählen werden.\n\nHinweis: Die maximal mögliche Passwortlänge beträgt 64 Zeichen. + Bitte wählen Sie ein Passwort für das äußere Volume. Dies wird das Passwort sein das Sie einem Angreifer verraten können, wenn Sie aufgefordert oder gezwungen werden das Passwort für die erste Partition hinter der Systempartition herauszugeben, auf der sich das äußere Volume und das versteckte Volume (mit dem ausgeblendete Betriebssystem) befinden wird. Die Existenz des versteckten Volumes (und des versteckten Betriebssystems) bleibt geheim. Beachten Sie, dass dieses Passwort nicht für das Köder-Betriebssystem ist.\n\nWICHTIG: Das Passwort muss sich erheblich von dem unterscheiden, welches von Ihnen für das versteckte Volume (d.h. für das versteckte Betriebssystem) ausgewählt wird. + Passwort des äußeren Volumes + Passwort des versteckten Volumes + Passwort für Verstecktes Betriebssystem + WARNUNG: Kurze Passwörter sind leicht durch Ausprobieren sämtlicher Kombinationen zu knacken!\n\nEmpfehlenswerte Passwörter bestehen aus mehr als 20 Zeichen.\n\nMöchten Sie das kurze Passwort wirklich verwenden? + Volume-Passwort + Falsches Passwort oder kein VeraCrypt-Volume. + Falsche Schlüsseldatei(en) und/oder falsches Passwort oder kein VeraCrypt-Volume. + Falsche Methode zum Einbinden, falsches Passwort, oder kein VeraCrypt-Volume. + Falsche Methode zum Einbinden, falsche Schlüsseldatei(en) und/oder Passwort, oder kein VeraCrypt-Volume. + Falsches Passwort oder es wurde kein VeraCrypt-Volume gefunden. + Falsche Schlüsseldatei(en) und/oder falsches Passwort oder es wurde kein VeraCrypt-Volume gefunden. + \n\nWARNUNG: Die Feststelltaste ist aktiviert. Dies führt möglicherweise zu einer falschen Passworteingabe. + MERKEN! Für Volume-Einbindung + PIM des äußeren Volumes + PIM des versteckten Volumes + PIM für verstecktes Betriebssystem + + Der PIM (Personal Iterations Multiplier) ist ein Wert, der die Anzahl der Iterationen für die Headerschlüssel-Ableitung wie folgt steuert:\n Iterationen = 15000 + (PIM x 1000).\n\nWird der Wert leer gelassen oder auf 0 gesetzt, benutzt VeraCrypt einen Standardwert (485) welcher hohe Sicherheit gewährleistet.\n\nWenn das Passwort weniger als 20 Zeichen hat, kann der PIM nicht kleiner als 485 sein, um ein minimales Sicherheitslevel zu gewährleisten.\nWenn das Passwort 20 Zeichen oder mehr hat, kann der PIM beliebig gesetzt werden.\nEin PIM Wert größer als 485 verlangsamt das Einbinden. Ein niedriger PIM Wert (kleiner als 485) beschleunigt das Einbinden, kann aber die Sicherheit verringern, wenn ein zu schwaches Passwort gewählt wurde. + Der PIM (Personal Iterations Multiplier) ist ein Wert, der die Anzahl der Iterationen für die Headerschlüssel-Ableitung wie folgt steuert:\n Iterationen = PIM x 2048.\n\nWird der Wert leer gelassen oder auf 0 gesetzt, benutzt VeraCrypt einen Standardwert welcher hohe Sicherheit gewährleistet.\n\nWenn das Passwort weniger als 20 Zeichen hat, kann der PIM nicht kleiner als 98 sein, um ein minimales Sicherheitslevel zu gewährleisten.\nWenn das Passwort 20 Zeichen oder mehr hat, kann der PIM beliebig gesetzt werden.\nEin PIM Wert größer als 98 verlangsamt den Bootvorgang. Ein niedriger PIM Wert (kleiner als 98) beschleunigt den Bootvorgang, kann aber die Sicherheit verringern, wenn ein zu schwaches Passwort gewählt wurde. + MERKEN! Für Bootvorgang + Der gewählte PIM-Wert ist größer als der VeraCrypt Standardwert.\nBitte beachten Sie, dass dies den Einbindungs- bzw. Bootvorgang erheblich verlangsamt. + Der gewählte PIM (Personal Iterations Multiplier)-Wert ist kleiner als der VeraCrypt Standardwert.\nBitte beachten Sie, dass dies die Sicherheit verringern kann, wenn ein zu schwaches Passwort gewählt wurde!\n\nBestätigen Sie, dass Sie ein starkes Passwort gewählt haben? + Der größtmögliche Wert für den PIM (Personal Iterations Multiplier) ist 65535. + Volume-PIM + \n\nWARNUNG: Versteckte Dateien wurden im Suchpfad gefunden. Diese versteckten Dateien können nicht als Schlüsseldateien verwendet werden. Wenn Sie diese Dateien als Schlüsseldateien verwenden möchten, müssen Sie das „Versteckt“-Attribut entfernen (Rechtsklick auf die Datei, „Eigenschaften“ wählen, „Versteckt“ abwählen, „OK“ klicken). Hinweis: Versteckte Dateien sind nur sichtbar wenn die entsprechende Option im Explorer aktiviert ist („Computer“ > „Organisieren“ > „Ordner und Suchfunktionen“ > „Ansicht“). + Wenn Sie versuchen, ein verstecktes Volume mit einem versteckten System zu schützen, stellen Sie bitte sicher, dass Sie die Standard-US-Tastaturbelegung verwenden, wenn Sie das Passwort für das versteckte Volume eingeben. Dies ist erforderlich, da das Passwort in der Prä-Boot-Umgebung eingegeben werden muss (bevor Windows gestartet wird), in welcher es keine anderen Tastaturbelegungen gibt. + VeraCrypt hat kein Volume gefunden wo die Verschlüsselung unterbrochen wurde und wo der Volume-Header durch das angegebene Passwort und/oder der Schlüsseldatei(en) entschlüsselt werden kann.\n\nStellen Sie bitte sicher, dass das Passwort und/oder die Schlüsseldatei(en) richtig sind und die Partition/das Volume nicht vom System oder von Anwendungen verwendet wird (einschließlich Anti-Viren Software). + Die ausgewählte Partition oder der Datenträger ist bereits vollständig verschlüsselt.\nHeader Flags = 0x%.8X + Die ausgewählte Partition oder der Datenträger benutzen keine „in-place“-Verschlüsselung.\nHeader Flags = 0x%.8X + \n\nHinweis: Wenn Sie versuchen eine Partition einzubinden die auf einem verschlüsselten Systemlaufwerk ohne Prä-Boot-Authentifikation ist oder eine Verschlüsselte Systempartition einbinden obwohl das darauf befindliche Betriebssystem nicht gestartet ist, dann wählen Sie „System“ > „Ohne Prä-Boot-Authentifikation einbinden ...“. + In diesem Modus können Sie keine, auf einem Laufwerk befindliche Partition einbinden, von der ein Teil innerhalb des Schlüsselbereiches der aktiven Systemverschlüsselung liegt.\n\nBevor Sie diese Partition in diesem Modus einbinden können, müssen Sie entweder ein Betriebssystem, das auf einem anderen Laufwerk installiert ist starten (verschlüsselt oder unverschlüsselt) oder starten Sie ein unverschlüsseltes Betriebssystem. + VeraCrypt kann keine einzelne Partition auf einem vollständig verschlüsselten Systemlaufwerk entschlüsseln (Sie können nur das gesamte Systemlaufwerk entschlüsseln). + WARNUNG: Da auf dem Laufwerk der VeraCrypt Bootloader gefunden wurde, könnte es sich um ein vollständig verschlüsseltes Systemlaufwerk handeln. Wenn dies zutrifft, beachten Sie bitte, dass VeraCrypt keine einzelne Partition auf einem vollständig verschlüsselten Systemlaufwerk entschlüsseln kann (Sie können nur das gesamte Systemlaufwerk entschlüsseln). In diesem Fall können Sie zwar fortfahren, aber erhalten später die Fehlermeldung „Falsches Passwort“. + < &Zurück + Die auf diesem System installierten Raw-Geräte können nicht aufgelistet werden! + Das Volume „%s“ existiert und ist schreibgeschützt. Soll dieses Volume wirklich ersetzt werden? + Zielverzeichnis auswählen + Schlüsseldatei auswählen + Suchpfad für Schlüsseldatei auswählen. WARNUNG: Es wird lediglich der Pfad nicht aber die Dateinamen berücksichtigt! + Wählen Sie den Ordner, in den die Schlüsseldatei(en) gespeichert werden sollen. + Die aktuelle Containerdatei wurde als Schlüsseldatei ausgewählt.\nDas ist unzulässig! + Entwickelt von Ross Anderson, Eli Biham, und Lars Knudsen. 1998 herausgegeben. 256-bit Schlüssellänge, 128-bit Blockgröße. Arbeitet im XTS-Modus. Serpent war einer der AES Finalisten. + Bitte Größe des zu erstellenden Containers angeben.\n\nWenn sie einen dynamischen (Sparse-Datei) Container erstellen, dann gibt dieser Wert seine maximal mögliche Größe an.\n\nHinweis: die Mindestgröße eines FAT Volumes ist 292 KB. Die Mindestgröße eines exFAT Volumes ist 424 KB. Die Mindestgröße eines NTFS Volumes ist 3792 KB. + Bitte Größe des zu erstellenden äußeren Volumes angeben.\n(Sie erstellen erst ein äußeres Volume und dann darin ein Verstecktes Volume). Die Mindestgröße eines Volumes innerhalb welchem ein verstecktes Volume erstellt werden kann ist 340 KB. + Bitte Größe des zu erstellenden versteckten Volumes angeben.\nDie Mindestgröße eines Versteckten Volumes ist 40 KB (oder 3664 KB wenn es mit NTFS formatiert ist). Das Maximum der Größe die Sie für das Versteckte Volume verwenden können wird oben angezeigt. + Größe des äußeren Volumes + Größe des versteckten Volumes + Bitte überprüfen Sie, dass die oben angezeigte Größe des ausgewählten Laufwerkes/der Partition korrekt ist und klicken auf Weiter. + Das Äußere Volume und das versteckte Volume (enthält das versteckte Betriebssystem) werden sich innerhalb der oben erwähnten Partition befinden. Es sollte die erste Partition hinter die Systempartition sein.\n\nBitte überprüfen Sie, dass die Größe der Partition und seine Nummer oben korrekt angezeigt werden und wenn dies so ist, klicken Sie auf „Weiter“. + \n\nBeachten Sie, dass die Mindestgröße eines Volumes, innerhalb dessen ein verstecktes Volume erstellt werden soll, 340 KB ist. + Volume-Größe + Dynamisch + WARNUNG: SELBSTTEST NICHT BESTANDEN! + Selbsttest für alle Algorithmen bestanden + Die Dateneinheit-Nummer, die Sie lieferten ist entweder zu lang oder zu kurz. + Der sekundäre Schlüssel, den Sie geliefert haben, ist zu lang oder kurz. + Der angegebene Chiffretext ist entweder zu lang oder zu kurz. + Der angegebene Testschlüssel ist entweder zu lang oder zu kurz. + Der angegebene Klartext ist entweder zu lang oder zu kurz. + 2 Chiffren in einer Kaskade. Betriebsmodus ist XTS. Jeder Block wird zuerst mit %s (%d-bit Schlüssel) und dann mit %s (%d-bit Schlüssel) verschlüsselt. Jede Chiffre verwendet einen eigenen Schlüssel. Alle Schlüssel sind voneinander unabhängig. + 3 Chiffren in einer Kaskade. Betriebsmodus ist XTS. Jeder Block wird zuerst mit %s (%d-bit Schlüssel), dann mit %s (%d-bit Schlüssel), und abschließend mit %s (%d-bit key) verschlüsselt. Jede Chiffre verwendet einen eigenen Schlüssel. Alle Schlüssel sind voneinander unabhängig. + Beachten Sie bitte dass, abhängig von der Einstellung des Systems, diese Autostart und Auto-Einbindungs Features nur funktionieren, wenn die Traveler Disk-Dateien auf einem nicht beschreibbaren Medium (CD/DVD o.ä.) erstellt werden. Beachten Sie bitte auch, dass dies kein Bug von VeraCrypt ist, sondern eine Beschränkung von Windows. + Die VeraCrypt Traveler Disk wurde erfolgreich erstellt.\n\nBitte beachten Sie, dass Administratorrechte benötigt werden, um VeraCrypt im mobilen Modus zu nutzen. Bitte beachten Sie ebenfalls, dass es über die Registry möglich sein kann nachzuweisen, dass VeraCrypt ausgeführt wurde, auch wenn es im mobilen Modus ausgeführt wurde. + VeraCrypt Traveler Disk + Entwickelt von Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, und Niels Ferguson. Im Jahr 1998 veröffentlicht. 256-bit Schlüssellänge, 128-bit Blockgröße. Arbeitet im XTS-Modus. Twofish war einer der AES Finalisten. + Weitere Informationen über %s + Unbekannt + Ein unspezifischer oder unbekannter Fehler ist aufgetreten (%d). + Einige Volumes enthalten Dateien oder Verzeichnisse die von Anwendungen oder dem System verwendet werden.\n\nTrennen erzwingen? + &Trennen + Fehler beim Trennen! + Das Volume enthält Dateien oder Verzeichnisse die von Anwendungen oder dem System verwendet werden.\n\nTrennen erzwingen? + Kein Volume ist am zugewiesenen Laufwerksbuchstaben eingebunden. + Das Volume ist bereits eingebunden. + Beim Versuch das Volume einzubinden ist ein Fehler aufgetreten. + Fehler beim Suchen des Start Sektors innerhalb des Volumes. + Fehler: Falsche Volume-Größe. + ACHTUNG: Sie sollten die Schnellformatierung nur in folgenden Fällen benutzen:\n\n1) Wenn das Gerät keine sensiblen Daten enthält und Sie keine glaubhafte Leugnung benötigen.\n2) Das Gerät bereits sicher und voll verschlüsselt wurde.\n\nSind Sie sicher, dass Sie die Schnellformatierung verwenden möchten? + Dynamische Container sind vor-belegte NTFS „sparse“-Dateien, deren reelle Größe (benutzter Speicherplatz) wächst, wenn neue Daten in diese eingefügt werden.\n\nWARNUNG: Die Geschwindigkeit von VeraCrypt-Containern in solchen „sparse“-Dateien ist bedeutend schlechter als die von normalen Dateien. „Sparse“-Container sind außerdem weniger sicher, da festgestellt werden kann, welche Sektoren nicht benutzt werden. Außerdem können solche Container nicht die Leugnung von versteckten Volumes bieten. Beachten Sie bitte auch, dass das verschlüsselte Dateisystem beschädigt werden kann, falls der Speicherplatz auf dem Hauptdatenträger nicht ausreicht.\n\nSind Sie sicher, dass sie ein „sparse“-Volume (dynamisch) erstellen möchten? + Bitte beachten Sie, dass die von Windows und VeraCrypt angezeigte Größe der dynamischen Containerdatei immer der maximalen Größe entspricht. Um die tatsächliche aktuelle Größe (physikalische Größe) herauszufinden: Rechtsklick auf die Containerdatei im Windows Explorer > „Eigenschaften“ > Wert bei „Größe auf Datenträger“.\n\nBeachten Sie weiter, dass die physikalische Größe des Containers sich auf das Maximum erhöht wenn der Container auf ein anderes Laufwerk verschoben wird. Dies kann verhindert werden indem ein neuer dynamischer Container auf dem Ziellaufwerk erstellt wird und die Daten dort hinein verschoben werden. + Passwort-Cache gelöscht + Passwörter (und/oder Schlüsseldateiinhalte) im VeraCrypt-Treiber-Cache wurden gelöscht. + VeraCrypt kann das Passwort eines fremden Volumes nicht ändern. + Wählen Sie bitte einen freien Laufwerksbuchstaben aus der Liste aus. + Wählen Sie bitte ein eingebundenes Volume aus der Liste der Laufwerksbuchstaben aus. + Zwei verschiedene eingebundene Volumes sind momentan ausgewählt (eines in der Laufwerksbuchstaben-Liste und eines im unteren Auswahlfeld).\n\nBitte wählen Sie ein Volume aus: + Fehler: autorun.inf konnte nicht erstellt werden. + Fehler beim Verarbeiten der Schlüsseldatei! + Fehler beim Verarbeiten des Schlüsseldatei-Pfades! + Der Schlüsseldateipfad enthält keine Dateien\n\nBitte beachten Sie, dass Ordner (und darin enthaltene Dateien) in Schlüsseldatei-Suchpfaden ignoriert werden. + Dieses Betriebssystem wird nicht von VeraCrypt unterstützt. + Fehler: VeraCrypt unterstützt nur stabile Versionen dieses Betriebssystems(Beta/RC Versionen werden nicht unterstützt). + Fehler: Speicher kann nicht reserviert werden. + Fehler: Es konnten keine Werte vom Leistungs-Zähler abgefragt werden. + Fehler: Fehlerhaftes Volume Format. + Fehler: Sie lieferten ein Passwort für ein verstecktes Volume (nicht für ein normales Volume). + Aus Sicherheitsgründen kann kein Verstecktes Volume innerhalb eines VeraCrypt-Volumes, dass ein „in-place“ verschlüsseltes Dateisystem enthält, erstellt werden (weil der freie Speicher auf dem Volume nicht mit Zufallsdaten gefüllt wurde). + VeraCrypt – Rechtliche Hinweise + Alle Dateien + VeraCrypt-Volume + Bibliothek-Module + Die Formatierung mit NTFS/exFAT kann nicht fortgesetzt werden. + Fehler beim Einbinden des Volumes. + Fehler beim Trennen des Volumes. + Windows konnte das Volume nicht mit NTFS/exFAT formatieren.\n\nWählen Sie bitte (falls möglich) einen anderen Dateisystem-Typ und versuchen Sie es erneut. Alternativ dazu können Sie das Volume unformatiert lassen (wählen Sie dazu „Keins“ als Dateisystem), beenden diesen Assistenten, binden das Volume ein, und verwenden anschließend ein Systemwerkzeug oder ein Werkzeug eines anderen Anbieters, um das eingebundene Volume zu formatieren (das Volume bleibt dabei weiterhin verschlüsselt). + Windows konnte das Volume nicht mit NTFS/exFAT formatieren.\n\nMöchten Sie stattdessen das Volume mit FAT formatieren? + Vorgabe + Partition + PARTITION + Datenträger + Datenträger + DATENTRÄGER + Volume + Volume + VOLUME + Bezeichnung + Die ausgewählte Cluster-Größe ist zu klein für diese Volume-Größe. Es wird stattdessen eine größere Cluster-Größe verwendet. + Fehler: Die Volume-Größe kann nicht bestimmt werden!\n\nStellen Sie bitte sicher, dass das ausgewählte Volume nicht vom System oder einer Anwendung verwendet wird. + Ein verstecktes Volume darf nicht innerhalb einer dynamischen Containerdatei (Sparse-Datei) erstellt werden. Für eine glaubhafte Leugnung müssen Sie das versteckte Volume innerhalb eines nicht-dynamischen Volumes erstellen. + Der Assistent zum Erstellen eines VeraCrypt-Volumes kann ein Verstecktes Volume nur innerhalb eines FAT/exFAT oder NTFS formatierten Volumes erstellen. + Unter Windows 2000 kann der Assistent ein Verstecktes Volume nur innerhalb eines FAT formatierten Volumes erstellen. + Hinweis: Das FAT/exFAT-Dateisystem eignet sich mehr für das äußere Volume, als das NTFS-Dateisystem (Beispielsweise kann die maximal mögliche Größe für das versteckte Volume bedeutend größer sein wenn das äußere Volume mit dem FAT/exFAT-Dateisystem formatiert ist). + Beachten Sie, dass das FAT/exFAT-Dateisystem besser für das äußere Volume geeignet ist als das NTFS-Dateisystem. Beispielsweise wird die maximal mögliche Größe des versteckten Volumes sehr wahrscheinlich erheblich größer sein wenn das äußere Volume mit FAT/exFAT formatiert ist (der Grund ist, dass das NTFS-Dateisystem interne Daten immer genau in der Mitte des Volumes speichert. Daher kann das versteckte Volume sich nur in der zweiten Hälfte des äußeren Volumes befinden und ist also maximal halb so groß wie das äußere Volume.\n\nSind Sie sicher, dass Sie das äußere Volume mit NTFS formatieren möchten? + Möchten Sie stattdessen das Volume mit FAT formatieren? + Hinweis: dieses Volume kann nicht mit FAT formatiert werden da es die maximale vom FAT32-Dateisystem unterstützte Größe für die zutreffende Sektorgröße überschreitet (2 TB für 512-Byte Sektoren und 16 TB für 4096-Byte Sektoren). + Fehler: Die Partition für das versteckte Betriebssystem (d.h. die erste Partition hinter der Systempartition) muss mindestens 5 % größer sein als die Systempartition (die Systempartition, auf der das aktuell ausgeführte Betriebssystem installiert ist). + Fehler: Die Partition für das versteckte Betriebssystem (d.h. die erste Partition hinter der Systempartition) muss mindestens 110 % (2,1-fache) größer sein als die Systempartition (die Systempartition, auf der das aktuell ausgeführte Betriebssystem installiert ist). Der Grund ist, dass das NTFS-Dateisystem interne Daten immer genau in der Mitte des Volumes speichert, daher kann das versteckte Volume (welches eine Kopie der Systempartition enthalten wird) sich nur in der zweiten Hälfte der Partition befinden. + Fehler: Wenn das äußere Volume mit NTFS formatiert ist, dann muss es mindestens 110% (2,1-fache) größer sein als die Systempartition. Der Grund ist, dass das NTFS-Dateisystem interne Daten immer genau in der Mitte des Volumes speichert, daher kann das versteckte Volume (welches eine Kopie der Systempartition enthalten wird) sich nur in der zweiten Hälfte der Partition befinden.\n\nHinweis: Das äußere Volume muss sich innerhalb der gleichen Partition befinden wie das versteckte Betriebssystem (d.h. innerhalb der ersten Partition hinter der Systempartition). + Fehler: Es gibt keine Partition hinter der Systempartition.\n\nBeachten Sie, bevor Sie ein verstecktes Betriebssystem erstellen können, müssen Sie dafür eine Partition auf dem Systemlaufwerk erstellen. Sie muss die erste Partition hinter der Systempartition sein und sie muss mindestens 5 % größer sein als die Systempartition (die Systempartition ist die, auf der das aktuell ausgeführte Betriebssystem installiert ist). Jedoch wenn das äußere Volume (nicht zu verwechseln mit der Systempartition) mit NTFS formatiert ist, dann muss die Partition für das versteckte Betriebssystem mindestens 110% (2,1-fache) größer sein als die Systempartition (der Grund ist, dass das NTFS-Dateisystem interne Daten immer genau in der Mitte des Volumes speichert, daher kann sich das versteckte Volume, welches eine Kopie der Systempartition enthalten wird, nur in der zweiten Hälfte der Partition befinden). + Hinweis: Es ist nicht praktikabel (und wird daher nicht unterstützt) Betriebssysteme in zwei VeraCrypt-Volumes zu installieren, die sich innerhalb einer einzigen Partition befinden, da beim Benutzen des äußeren Betriebssystems häufig Daten in den Bereich des versteckten Betriebssystems geschrieben werden (und wenn solche Schreib-Operationen unter Verwendung des Schutz-Features für Versteckte Volumes verhindert wurden, dann würde es grundsätzlich Systemabstürze verursachen, d.h. "Bluescreen" Fehler) + Für Informationen zum Erstellen und Verwalten von Partitionen, lesen Sie dazu bitte die mit Ihrem Betriebssystem mitgelieferte Dokumentation oder wenden Sie sich an das technische Supportteam Ihres Computerherstellers. + Fehler: Das aktuell ausgeführte Betriebssystem ist nicht in der Startpartition installiert (erste Aktive Partition). Dies wird nicht unterstützt. + Sie haben angegeben, dass Sie Dateien die größer als 4 GB sind auf diesem VeraCrypt-Volume speichern möchten. Sie haben jedoch das FAT Dateisystem gewählt auf dem keinen Dateien größer als 4 GB gespeichert werden können.\n\nSind Sie sicher, dass Sie das Volume mit FAT formatieren möchten? + Fehler: VeraCrypt unterstützt derzeit nicht die Entschlüsselung von älteren Nicht-System Volumes, welche mit VeraCrypt 1.0b oder früher erstellt wurden.\n\nHinweis: Sie können dennoch auf dem Volume gespeicherte Dateien entschlüsseln indem Sie diese auf ein unverschlüsseltes Volume kopieren/verschieben. + Fehler: VeraCrypt kann derzeit kein verstecktes VeraCrypt-Volume entschlüsseln.\n\nHinweis: Sie können dennoch die auf dem Volume gespeicherten Dateien entschlüsseln indem Sie diese auf ein unverschlüsseltes Volume kopieren/verschieben. + WARNUNG: Bitte beachten Sie, dass VeraCrypt derzeit kein Volume entschlüsseln kann, dass ein verstecktes VeraCrypt-Volume enthält (das versteckte Volume würde mit zufälligen Daten überschrieben werden).\n\n Bitte bestätigen Sie, dass das Volume, welches Sie entschlüsseln möchten, keine versteckten Volumes enthält.\n\nHinweis: Falls das Volume ein verstecktes Volume enthält und Sie mit dem Verlust des versteckten Volumes einverstanden sind, können Sie fortfahren (das äußere Volume wird sicher entschlüsselt). + Das Volume enthält kein verstecktes Volume. Fortsetzen. + Das Volume enthält ein verstecktes Volume. Abbrechen. + Fehler: Auf das Volume kann nicht zugegriffen werden!\n\nStellen Sie sicher, dass das ausgewählte Volume existiert, dieses nicht eingebunden ist, dieses nicht vom System oder einer Anwendung verwendet wird, dass Sie Lese- und Schreibrechte auf dieses Volume haben und dass es nicht schreibgeschützt ist. + Fehler: Kein Zugriff auf Volume Eigentumsrechte. + Fehler: Kann nicht auf das Volume zugreifen und/oder Informationen über das Volume erhalten.\n\nStellen Sie sicher, dass das ausgewählte Volume vorhanden ist, dass es nicht vom System oder Programmen verwendet wird, dass Sie Lese- und Schreibrechte für das Volume haben und dass es nicht schreibgeschützt ist. + Fehler: Kann nicht auf das Volume zugreifen und/oder Informationen über das Volume erhalten. Stellen Sie sicher, dass das ausgewählte Volume vorhanden ist, dass es nicht vom System oder Programmen verwendet wird, dass Sie Lese- und Schreibrechte für das Volume haben und dass es nicht schreibgeschützt ist.\n\nWenn das Problem weiterhin besteht, dann kann es helfen die folgenden Schritten zu befolgen. + Ein Fehler hindert VeraCrypt daran die Partition zu verschlüsseln. Bitte versuchen Sie bereits gemeldete Fehler zu beheben und versuchen es dann erneut. Wenn die Probleme weiterhin bestehen, dann kann es helfen die folgenden Schritte zu befolgen. + Ein Fehler hindert VeraCrypt daran den Verschlüsselungsprozess für die Partition fortzusetzen.\n\nBitte versuchen Sie bereits gemeldete Fehler zu beheben und versuchen dann erneut den Prozess fortzusetzen. Beachten Sie, dass das Volume nicht eingebunden werden kann, bis es vollständig verschlüsselt wurde. + Ein Fehler hinderte VeraCrypt daran das Volume zu entschlüsseln. Bitte versuchen Sie bereits gemeldete Fehler zu beheben und versuchen es dann erneut, falls möglich. + Fehler: Das Äußere Volume kann nicht getrennt werden!\n\nDas Volume kann nicht getrennt werden solange dessen Dateien oder Verzeichnisse noch von einem Programm oder dem System verwendet werden.\n\nSchließen Sie bitte jedes Programm welches möglicherweise Dateien oder Verzeichnisse dieses Volumes verwendet, und klicken Sie anschließend auf „Wiederholen“. + Fehler: Kann keine Informationen über das äußere Volume erhalten! Volume-Erstellung kann nicht fortgeführt werden. + Fehler: Auf das äußere Volume kann nicht zugegriffen werden! Das Volume kann nicht erstellt werden. + Fehler: Das Äußere Volume kann nicht eingebunden werden! Das Volume kann nicht erstellt werden. + Fehler: Die Clusterbelegung des Volumes kann nicht gelesen werden! Das Volume kann nicht erstellt werden. + Alphabetisch/Kategorisch + Mittelwert (abwärts) + Algorithmus + Verschlüsseln + Entschlüsseln + Mittelwert + LW + Größe + Verschlüsselungsalg. + Verschlüsselungsalg. + Typ + Wert + Eigenschaft + Speicherort + Byte + Versteckt + Äußeres + Normal + System + Versteckt (System) + Schreibgeschützt + System Laufwerk + System Laufwerk (verschlüsseln - %.2f%% fertig) + System Laufwerk (entschlüsseln - %.2f%% fertig) + Systemlaufwerk (%.2f%% verschlüsselt) + Systempartition + Versteckte Systempartition + Systempartition (verschlüsseln - %.2f%% fertig) + Systempartition (entschlüsseln - %.2f%% fertig) + Systempartition (%.2f%% verschlüsselt) + Ja (vor Beschädigung bewahrt!) + Keins + Primärschlüssel Größe + Sekundärschlüssel-Länge (XTS-Modus) + Tweak-Schlüssellänge (LRW-Modus) + Bit + Blockgröße + PKCS-5 PRF + PKCS-5 Iterationen + Volume erstellt + Header zuletzt geändert + (vor %I64d Tagen) + Volume-Formatversion + Eingebettete Header-Sicherung + VeraCrypt-Bootloader-Version + erster verfügbarer + Wechseldatenträger + Festplatte + Unverändert + Automatische Erkennung + Installationsassistent – Wählen Sie eine Installationsoption + Verwenden Sie bitte die automatisch markierte Option, wenn Sie sich nicht sicher sind. + Wählen Sie diese Option wenn Sie VeraCrypt auf diesem System neu installieren möchten. + Hinweis: Sie können die Aktualisierung durchführen ohne zu entschlüsseln, auch wenn das Systemlaufwerk/die Systempartition verschlüsselt sind oder Sie ein verstecktes Betriebssystem benutzen. + Wenn Sie diese Option wählen werden alle Dateien dieses Pakets entpackt, aber nichts auf dem System installiert. Wählen Sie diese Option nicht wenn Sie vorhaben die Systempartition oder das Systemlaufwerk zu verschlüsseln. Diese Option kann nützlich sein, zum Beispiel wenn sie VeraCrypt im sogenannten mobilen Modus verwenden möchten. VeraCrypt muss nicht auf dem Betriebssystem installiert sein unter dem es laufen soll. Nachdem alle Dateien entpackt sind können Sie die „VeraCrypt.exe“ direkt ausführen (VeraCrypt läuft dann im mobilen Modus). + Einrichtungsoptionen + Hier können Sie verschiedene Optionen wählen, um den Installationsprozess zu steuern. + Installiert + Warten Sie bitte bis VeraCrypt installiert ist. + VeraCrypt wurde erfolgreich installiert + VeraCrypt wurde erfolgreich aktualisiert + Bitte erwägen Sie das Projekt mit einer Spende zu unterstützen. Sie können jederzeit auf „Fertigstellen“ klicken, um die Installation zu beenden. + Entpackoptionen + Hier können Sie verschiedene Optionen zum Extraktionsprozess wählen. + Warten Sie bitte bis VeraCrypt entpackt ist + Dateien erfolgreich entpackt + Alle Dateien wurden erfolgreich in das angegebene Verzeichnis entpackt. + Wenn der angegebene Ordner nicht existiert wird er automatisch erstellt. + Die VeraCrypt-Aktualisierung wird am selben Ort installiert an dem VeraCrypt bisher installiert ist. Wenn Sie einen anderen Installationsort wählen möchten, dann deinstallieren Sie VeraCrypt bitte zuerst. + Möchten Sie die „Release Notes“ zu der aktuellen (stabilen) VeraCrypt-Version lesen? + Falls Sie VeraCrypt noch nie zuvor verwendet haben, ist es empfehlenswert das Kapitel „Beginner's Tutorial“ im VeraCrypt-Benutzerhandbuch zu lesen. Möchten Sie das Tutorial ansehen? + Wählen Sie eine der folgenden Aktionen aus: + Reparatur/Neuinstallation + Aktualisierung + Deinstallieren + Zum erfolgreichen Installieren/Deinstallieren von VeraCrypt werden Administratorrechte benötigt. Möchten Sie Fortsetzen? + Das VeraCrypt-Installationsprogramm läuft zurzeit auf diesem Computer und führt eine Installation durch oder bereitet eine Installation vor oder aktualisiert VeraCrypt. Bevor Sie fortfahren, warten Sie bitte bis es beendet ist oder schließen Sie es. Wenn Sie es nicht schließen können, dann starten Sie bitte Ihren Computer neu bevor Sie fortfahren. + Installation fehlgeschlagen. + Deinstallation fehlgeschlagen. + Dieses Paket ist beschädigt. Bitte laden Sie es erneut herunter (Vorzugsweise von der offiziellen Webseite von VeraCrypt https://veracrypt.codeplex.com). + Kann Datei %s nicht schreiben + Entpacke + Die Paketdaten konnten nicht gelesen werden. + Die Integrität des Paketes konnte nicht überprüft werden. + Entpacken fehlgeschlagen. + Die Installation wurde rückgängig gemacht. + VeraCrypt wurde erfolgreich installiert. + VeraCrypt wurde erfolgreich aktualisiert. + VeraCrypt wurde erfolgreich aktualisiert. Zur Verwendung von VeraCrypt ist ein Neustart des Computers notwendig.\n\nMöchten Sie den Computer jetzt neu starten? + Aktualisierung von VeraCrypt fehlgeschlagen!\n\nWICHTIG: Bevor Sie Ihren Computer herunterfahren oder neu starten empfehlen wir dringend die Systemwiederherstellung zu nutzen, um Ihr System auf den Wiederherstellungspunkt „VeraCrypt Installation“ zurückzusetzen (Windows Start > „Alle Programme“ > „Zubehör“ > „Systemprogramme“ > „Systemwiederherstellung“). Falls die Systemwiederherstellung nicht verfügbar ist, sollten Sie versuchen die originale oder die neue Version von VeraCrypt nochmals zu installieren, bevor Sie Ihren Computer ausschalten oder neu starten. + VeraCrypt wurde erfolgreich deinstalliert.\n\nKlicken Sie auf „Fertig stellen“, um das VeraCrypt-Installationsprogramm und das Verzeichnis %s zu entfernen. Beachten Sie dass dieses Verzeichnis nicht entfernt wird, falls sich darin Dateien befinden die weder vom VeraCrypt-Installationsprogramm noch von VeraCrypt erstellt worden sind. + VeraCrypt-Registrierungseinträge werden entfernt + Registrierungseinträge werden erstellt + Anwendungsspezifische Daten werden entfernt + Installiere + Stoppe + Entferne + Symbol wird hinzugefügt + Wiederherstellungspunkt wird erstellt + Wiederherstellungspunkt konnte nicht erstellt werden! + Bootloader aktualisieren + Fehler beim Installieren von „%s“. %s Möchten Sie die Installation fortsetzen? + Fehler beim Entfernen von „%s“. %s Möchten Sie die Deinstallation fortsetzen? + Die Installation wurde vollständig durchgeführt. + Das Verzeichnis „%s“ konnte nicht erstellt werden + Der VeraCrypt-Gerätetreiber kann nicht beendet werden.\n\nSchließen Sie bitte zuerst alle offenen VeraCrypt-Fenster. Sollte das nicht genügen starten Sie bitte Windows neu und probieren Sie es noch einmal. + Alle VeraCrypt-Volumes müssen vor dem Installieren oder dem Deinstallieren von VeraCrypt getrennt sein. + Eine veraltete VeraCrypt-Version ist derzeit auf Ihrem System installiert. Sie muss deinstalliert werden bevor Sie diese neue VeraCrypt-Version installieren können.\n\nSobald Sie dieses Fenster schließen wird die Deinstallation der alten VeraCrypt-Version starten. Bitte beachten Sie, dass kein Volume entschlüsselt wird wenn Sie VeraCrypt deinstallieren. Starten Sie die Installation der neuen VeraCrypt-Version erneut, nachdem die Deinstallation der alten VeraCrypt-Version beendet ist. + Fehler beim Installieren der Registrierungseinträge + Fehler beim Installieren des Gerätetreibers. Starten Sie bitte Windows neu, und versuchen Sie anschließend noch einmal VeraCrypt zu installieren. + Der VeraCrypt-Treiber wird gestartet + Die Deinstallation des Gerätetreibers ist fehlgeschlagen. Bitte beachten Sie, dass aufgrund eines Problems in Windows, es möglicherweise notwendig ist, sich neu anzumelden oder das System neu zu starten, bevor der Gerätetreiber deinstalliert (oder neu installiert) werden kann. + Der VeraCrypt-Treiber wird installiert + Der VeraCrypt-Treiber wird gestoppt + Der VeraCrypt-Treiber wird deinstalliert + Die Hilfsbibliothek für die Benutzerkontensteuerung (User Account Control) konnte nicht angemeldet werden. + Die Hilfsbibliothek für die Benutzerkontensteuerung (User Account Control) konnte nicht abgemeldet werden. + Hinweis zum mobilen Modus:\n\nBitte beachten Sie, dass Treiber im Betriebssystem registriert werden müssen bevor sie gestartet werden können. Deshalb ist der VeraCrypt-Treiber nicht vollständig mobil (im Gegensatz zu VeraCrypt-Anwendungen, die weder installiert noch im Betriebssystem registriert werden müssen). Bitte beachten Sie weiter, dass VeraCrypt für transparente „on-the-fly“ (sofort) Ver- und Entschlüsselung einen Treiber benötigt. + Bitte beachten Sie: Falls Sie VeraCrypt im mobilen Modus nutzen (im Gegensatz zu einer installierten Version), wird das Betriebssystem Sie jedes Mal nach Erlaubnis fragen, VeraCrypt zu nutzen (UAC-Abfrage).\n\nDer Grund dafür ist, dass VeraCrypt im mobilen Modus den VeraCrypt-Gerätetreiber laden und starten muss. VeraCrypt benötigt einen Gerätetreiber um transparente, sofortige Ver- und Entschlüsselung zu bieten und Nutzer ohne Administrationsrechte können unter Windows keine Gerätetreiber starten. Deshalb wird das System jedes Mal um Erlaubnis fragen VeraCrypt mit Administratorrechten laufen zu lassen (UAC-Abfrage).\n\nBitte beachten Sie, dass diese Abfrage nicht stattfindet wenn Sie VeraCrypt auf dem System installieren (also nicht im mobilen Modus nutzen).\n\nSind Sie sicher, dass die die Dateien entpacken möchten? + WARNUNG: Diese Instanz des Volume Erstellungsassistenten hat Administratorrechte.\n\nIhr neues Volume könnte mit Rechten erstellt werden, die Ihnen nicht erlauben auf das Volume zu schreiben wenn es eingebunden ist. Wenn Sie dies verhindern möchten, dann schließen Sie diese Instanz des Volume-Erstellungsassistenten und starten eine neue, ohne Administratorrechte.\n\nMöchten Sie diese Instanz des Volume-Erstellungsassistenten schließen? + Fehler: Die Lizenz kann nicht angezeigt werden. + Äußeres(!) + Tage + Stunden + Minuten + s + Öffnen + Trennen + VeraCrypt-Hauptfenster anzeigen + VeraCrypt-Hauptfenster verbergen + Gelesene Daten + Geschriebene Daten + Verschlüsselter Anteil + 100% (komplett verschlüsselt) + 0% (nicht verschlüsselt) + %.3f%% + 100% + Warte + Vorbereiten + Größe ändern + verschlüsseln + entschlüsseln + Fertigstellen + Pause + Fertig + Fehler + Gerät getrennt + Systemfavoriten-Volume wurden gespeichert.\n\nUm das automatische Einbinden von Systemfavoriten-Volumes beim Systemstart zu aktivieren wählen Sie bitte „Einstellungen“ > „Systemfavoriten-Volumes“ > „Systemfavoriten-Volumes einbinden wenn Windows startet.“. + Das Volume, welches Sie zu den Favoriten hinzufügen ist weder eine Partition noch ein dynamisches Volume. Deshalb wird VeraCrypt nicht in der Lage sein dieses Favoriten-Volume einzubinden wenn sich die Gerätenummer ändert. + Das Volume welches Sie zu den Favoriten hinzufügen ist eine Partition die nicht von Windows erkannt wird.\n\nVeraCrypt wird nicht in der Lage sein dieses Favoriten-Volume einzubinden wenn sich die Gerätenummer ändert. Bitte ändern Sie den Partitionstyp auf einen Typ welcher von Windows erkannt wird (nutzen Sie den „SETID“-Befehl des Windows „diskpart“-Tools). Fügen Sie die Partition danach erneut den Favoriten hinzu. + Der VeraCrypt-Hintergrunddienst ist deaktiviert oder er ist so eingestellt, dass er beendet wird wenn keine Volumes eingebunden sind (oder VeraCrypt im mobilen Modus läuft). Dies kann verhindern, dass Ihre Favoriten-Volumes automatisch eingebunden werden wenn die Geräte auf denen diese Volumes liegen angeschlossen werden.\n\nHinweis: Um den VeraCrypt-Hintergrunddienst zu aktivieren, wählen Sie „Einstellungen“ > „Voreinstellungen“ und wählen Sie „Aktiv“ im Abschnitt „VeraCrypt-Hintergrunddienst“. + Ein Container auf einem entfernten Dateisystem, das über ein Netzwerk freigegeben ist, kann nicht automatisch eingebunden werden wenn sein Host-Gerät angeschlossen wird. + Das unten angegebene Gerät ist weder eine Partition noch ein dynamisches Volume. Deshalb kann das auf dem Gerät gehostete Volume nicht automatisch eingebunden werden wenn das Gerät angeschlossen wird. + Bitte ändern Sie den Partitionstyp der unten angegebenen Partition auf einen von Windows erkannten Typ (benutzen Sie den SETID-Befehl des Windows-„diskpart“-Tools). Danach entfernen Sie die Partition aus den Favoriten und fügen Sie sie wieder hinzu. Dies wird ermöglichen, dass das Volume auf diesem Gerät automatisch eingebunden wird wenn das Gerät angeschlossen wird. + Das unten angegebene Gerät ist weder eine Partition noch ein dynamisches Volume. Deshalb kann ihm keine Bezeichnung zugewiesen werden. + Bitte ändern Sie den Partitionstyp der unten angegebenen Partition auf einen von Windows erkannten Typ (benutzen Sie den SETID-Befehl des Windows-„diskpart“-Tools). Danach entfernen Sie die Partition aus den Favoriten und fügen Sie sie wieder hinzu. Dies wird VeraCrypt ermöglichen der Partition eine Bezeichnung zuzuweisen. + Aufgrund einer Beschränkung von Windows kann ein Container auf einem entfernten Dateisystem, das über ein Netzwerk freigegeben ist, nicht als Systemfavoriten-Volume eingebunden werden (allerdings kann es als Favoriten-Volume eingebunden werden wenn der Nutzer sich anmeldet). + Passwort für %s eingeben + Passwort für „%s“ eingeben + Geben Sie das Passwort für das Standard/Äußere Volume ein + Geben Sie das Passwort für das versteckte Volume ein + Geben Sie das Passwort für den, in der Sicherungsdatei abgelegten, Header ein + Die Schlüsseldatei(en) wurde(n) erfolgreich erstellt. + Die Anzahl der gewählten Schlüsseldateien ist unzulässig. + Die Schlüsseldatei muss zwischen 64 und 1048576 Byte groß sein. + Bitte geben Sie einen Namen für die zu generierenden Schlüsseldateien ein + Der Name für die Schlüsseldateien ist unzulässig + Die Schlüsseldatei „%s“ existiert bereits.\nMöchten Sie sie überschreiben? Der Erstellungsprozess wird abgebrochen, wenn Sie Nein wählen. + WARNUNG: Der Header von diesem Volume ist beschädigt! VeraCrypt verwendet automatisch die Sicherung vom Volume-Header, welche im Volume eingebettet ist.\n\nSie sollten den Volume-Header reparieren, indem „Extras“ > „Volume-Header wiederherstellen ...“ auswählen. + Der Volume-Header wurde erfolgreich gesichert.\n\nWICHTIG: Beim Wiederherstellen des Volume-Headers mit dieser Sicherungskopie wird gleichzeitig das momentane Volume-Passwort wiederhergestellt. Werden zudem Schlüsseldatei(en) zum Einbinden dieses Volumes benötigt, so werden dieselben Schlüsseldatei(en) auch dann wieder zum Einbinden des Volumes benötigt nachdem der Volume-Header wiederhergestellt worden ist.\n\nWARNUNG: Diese Sicherungskopie des Volume-Headers kann NUR für die Wiederherstellung von speziell diesem Volume verwendet werden. Sollte die Header-Sicherungskopie zur Wiederherstellung des Headers eines anderen Volumes verwendet werden, so kann dann zwar das Volume danach eingebunden werden, aber es können KEINE Daten die in diesem Volume gespeichert sind entschlüsselt werden (weil der Hauptschlüssel geändert worden ist). + Der Volume-Header wurde erfolgreich wiederhergestellt.\n\nWICHTIG: Möglicherweise wurde ein veraltetes Passwort ebenfalls wiederhergestellt. Wurden zudem zum Zeitpunkt der Sicherung Schlüsseldatei(en) zum Einbinden dieses Volumes benötigt, so werden dieselben Schlüsseldatei(en) jetzt ebenfalls wieder zum Einbinden des Volumes benötigt. + Aus Sicherheitsgründen müssen Sie das richtige Passwort für das Volume eingeben (und/oder die richtigen Schlüsseldateien bereitstellen).\n\nHinweis: Wenn das Volume ein verstecktes Volume enthält, dann müssen Sie zuerst das richtige Passwort für das äußere Volume eingeben (und/oder die richtigen Schlüsseldateien bereitstellen). Anschließend müssen Sie das richtige Passwort für das versteckte Volume eingeben (und/oder die richtigen Schlüsseldateien bereitstellen), wenn Sie den Header von dem versteckten Volume sichern möchten. + Sind Sie sicher, dass Sie eine Volume-Header Sicherung für %s erstellen möchten?\n\nNachdem Sie auf Ja klicken, werden Sie aufgefordert einen Dateinamen für die Header Sicherung zu vergeben.\n\nWenn kein verstecktes Volume innerhalb dieses Volumes vorhanden ist, dann wird der Bereich, der für die Header-Sicherung des versteckten Volumes reserviert ist, mit zufälligen Daten aufgefüllt (zum Bewahren der glaubhaften Leugnung). Wenn ein Volume-Header aus der Sicherungsdatei wiederhergestellt wird, dann müssen Sie das korrekte Passwort eingeben, welches gültig war als die Volume-Header Sicherung erstellt wurde (und/oder die richtigen Schlüsseldateien bereitstellen). Das Passwort (und/oder Schlüsseldateien) wird automatisch auch den Typ des Volume-Headers bestimmen, um ihn wiederherzustellen, d.h. Standard oder Versteckt (beachten Sie, dass VeraCrypt den Typ durch ausprobieren bestimmt). + Soll der Volume-Header von %s wiederhergestellt werden?\n\nWARNUNG: Das Wiederherstellen eines Volume-Headers stellt gleichzeitig das Passwort wieder her, welches zum Zeitpunkt der Sicherung gültig war. Wurden zudem zum Zeitpunkt der Sicherung Schlüsseldatei(en) zum Einbinden dieses Volume benötigt, so werden dieselben Schlüsseldatei(en) dann ebenfalls wieder zum Einbinden des Volumes benötigt.\n\nNachdem Sie auf „Ja“ geklickt haben, müssen Sie die Sicherungsdatei auswählen. + Enthält das Volume ein Verstecktes Volume? + Das Volume enthält ein Verstecktes Volume + Das Volume enthält kein Verstecktes Volume + Wählen Sie bitte den Typ der Volume-Header Sicherung die verwendet werden soll: + Wiederherstellen des Volume-Headers von einer in das Volume eingebetteten Sicherung + Wiederherstellen des Volume-Headers aus einer externen Sicherungsdatei + Die Größe der Volume-Header Sicherungsdatei ist falsch. + Es ist keine Header Sicherung in diesem Volume eingebettet (beachten sie, dass nur Volumes die mit VeraCrypt 1.0 oder höher erstellt wurden eingebettete Header Sicherungen enthalten). + Sie möchten den Header der Systempartition/vom Systemlaufwerk sichern. Das ist nicht erlaubt. Backup-/Wiederherstellungsvorgänge in Zusammenhang mit der Systempartition/dem Systemlaufwerk können nur mit dem VeraCrypt-Rettungsdatenträger durchgeführt werden.\n\nMöchten Sie einen VeraCrypt-Rettungsdatenträger erstellen? + Sie haben versucht den Header eines Virtuellen VeraCrypt-Volumes Wiederherzustellen, Sie haben aber die Systempartition/das Systemlaufwerk ausgewählt. Das ist nicht erlaubt. Backup-/Wiederherstellungsvorgänge in Zusammenhang mit der Systempartition/dem Systemlaufwerk können nur mit dem VeraCrypt-Rettungsdatenträger durchgeführt werden.\n\nMöchten Sie einen VeraCrypt-Rettungsdatenträger erstellen? + Nach dem Klicken auf „OK“ wählen Sie einen Dateinamen für die ISO-Abbilddatei des VeraCrypt-Rettungsdatenträgers und den Speicherort der Datei. + Das Rettungsdatenträger-Abbild wurde erstellt und in dieser Datei gespeichert:\n%s\n\nJetzt müssen Sie das Rettungsdatenträger-Abbild auf eine CD oder DVD brennen.\n\nWICHTIG: Bitte beachten Sie, dass die Datei als ISO-Abbilddatei und NICHT als einzelne Datei auf die CD geschrieben werden muss. Informationen wie Sie das tun erhalten Sie in der Dokumentation Ihrer Brennsoftware.\n\nNachdem Sie die Rettungs-CD gebrannt haben, wählen Sie „System“ > „Rettungsdatenträger überprüfen“, um sicherzustellen, dass die CD korrekt erstellt wurde. + Das Rettungsdatenträger-Abbild wurde erstellt und in dieser Datei gespeichert:\n%s\n\nJetzt müssen Sie das Rettungsdatenträger-Abbild auf eine CD oder DVD brennen.\n\nMöchten Sie den Microsoft Windows ISO-Brennprogramm jetzt starten?\n\nNachdem Sie den Rettungsdatenträger gebrannt haben, wählen Sie „System“ > „Rettungsdatenträger überprüfen“, um sicherzustellen, dass die CD korrekt erstellt wurde. + Bitte legen Sie den VeraCrypt-Rettungsdatenträger in Ihr CD- bzw. DVD-Laufwerk und klicken dann zum Prüfen auf „OK“. + Der VeraCrypt-Rettungsdatenträger wurde erfolgreich überprüft. + Es konnte nicht festgestellt werden, dass der Rettungsdatenträger korrekt gebrannt wurde.\n\nWenn Sie die CD/DVD gebrannt haben, dann werfen Sie diese aus und legen die CD/DVD anschließend wieder ein, um es erneut zu versuchen. Bitte versuchen Sie es mit einer anderen Brennsoftware oder mit anderen CD- bzw. DVD-Rohlingen falls es nicht funktioniert.\n\nWenn Sie versuchen einen VeraCrypt-Rettungsdatenträger zu prüfen, der für einen anderen Hauptschlüssel, Salt-Wert, anderes Passwort, etc. erstellt wurde, so beachten Sie, dass bei solchen Rettungsdatenträger die Überprüfung immer fehlschlagen wird. Um einen mit Ihrem System voll kompatiblen Rettungsdatenträger zu erstellen, wählen Sie „System“ > „Rettungsdatenträger erstellen ...“. + Der VeraCrypt-Rettungsdatenträger wurde erfolgreich überprüft. + Die Überprüfung des Rettungsdatenträgers ist fehlgeschlagen.\n\nWenn Sie versuchen einen VeraCrypt-Rettungsdatenträger zu prüfen, das für einen anderen Hauptschlüssel, Salt-Wert, anderes Passwort, etc. erstellt wurde, so beachten Sie, dass bei solchen Abbildern die Überprüfung immer fehlschlagen wird. Um ein mit Ihrem System voll kompatibles Abbild zu erstellen, wählen Sie „System“ > „Rettungsdatenträger erstellen ...“. + Fehler beim Erstellen des VeraCrypt-Rettungsdatenträgers. + Der VeraCrypt-Rettungsdatenträger kann nicht erstellt werden, wenn ein verstecktes Betriebssystem läuft.\n\nUm einen VeraCrypt-Rettungsdatenträger zu erstellen, starten Sie das Köder-Betriebssystem und klicken auf „System“ > „Rettungsdatenträger erstellen ...“. + Der VeraCrypt-Rettungsdatenträger kann nicht überprüft werden.\n\nWenn Sie den Rettungsdatenträger gebrannt haben, öffnen und schließen Sie das CD- bzw. DVD-Laufwerk und klicken Sie auf „Weiter“, um es erneut zu versuchen. Falls das nicht hilft, versuchen Sie es bitte mit einer neuen CD/DVD%s.\n\nWenn Sie den Rettungsdatenträger noch nicht gebrannt haben, tun Sie dies bitte jetzt und klicken Sie danach auf „Weiter“.\n\nWenn Sie versuchen einen Rettungsdatenträger zu überprüfen, der erstellt wurde bevor Sie diesen Assistenten gestartet haben, beachten Sie bitte, dass dieser Rettungsdatenträger nicht verwendet werden kann, weil sie für einen anderen Hauptschlüssel erstellt wurde. In diesem Fall brennen Sie bitte den neuen Rettungsdatenträger. + und/oder andere CD- bzw. DVD-Brennsoftware + VeraCrypt – Systemfavoriten-Volumes + Was sind Systemfavoriten-Volumes? + Die Systempartition/das Systemlaufwerk scheinen nicht verschlüsselt zu sein.\n\nSystemfavoriten-Volumes können nur mit einem Prä-Boot-Authentifikationspasswort eingebunden werden. Um Systemfavoriten-Volumes zu verwenden müssen Sie deshalb zuerst die Systempartition/das Systemlaufwerk verschlüsseln. + Trennen Sie bitte zuerst das Volume. + Fehler: Kann Timer nicht einstellen. + Dateisystem prüfen + Dateisystem reparieren + Zu Favoriten hinzufügen ... + Zu Systemfavoriten hinzufügen ... + Ei&genschaften ... + Verstecktes Volume ist geschützt + Nicht verfügbar + Ja + Nein + Deaktiviert + 1 + 2 oder mehr + Betriebsmodus + Bezeichnung: + Größe: + Pfad: + Laufw.buchstabe: + Fehler: Das Passwort darf nur ASCII-Zeichen enthalten.\n\nNicht-ASCII-Zeichen im Passwort könnten dazu führen, dass das Volume nach einer Änderung der Systemkonfiguration nicht eingebunden werden kann. Folgende Zeichen sind zulässig:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNUNG: Das Passwort enthält Nicht-ASCII-Zeichen. Dies kann nach einer Änderung der Systemkonfiguration dazu führen, dass das Volume nicht eingebunden werden kann.\n\nAlle Nicht-ASCII-Zeichen des Passwortes sollten durch ASCII-Zeichen ersetzt werden („Volume“ -> „Volume-Passwort ändern ...“).\n\nFolgende Zeichen sind ASCII-Zeichen:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNUNG: Wir empfehlen Ihnen dringend, dass Sie keine Dateierweiterungen für ausführbare Dateien (wie .exe, .sys oder .dll) oder ähnliche Endungen verwenden. Diese Endungen können Windows und Virenscanner dazu bringen, mit dem Container zu interagieren, was wiederum die Leistung des Volumes beeinträchtigt und außerdem zu ernsthaften Problemen führen kann.\n\nWir empfehlen Ihnen, dass Sie die Endung entfernen oder ändern (z.B. auf „.hc“).\n\nSind Sie sicher, dass Sie diese problematische Dateiendung behalten möchten? + WARNUNG: Dieser Container hat eine Dateiendung welche von Windows für ausführbare Dateien verwendet wird (unter anderem .exe, .sys oder .dll) oder eine andere, problematische Dateiendung. Dies wird sehr wahrscheinlich Probleme mit Windows und Virenscannern machen, da diese mit dem Container interagieren möchten. Dies wird die Leistung beeinflussen und kann zu anderen, schwerwiegenden Problemen führen.\n\nWir empfehlen Ihnen deshalb, die Endung entweder zu entfernen, oder zu ändern (z.B. in „.hc“) nachdem Sie den Container wieder entfernt haben. + Webseite + WARNUNG: Anscheinend wurde noch kein Windows Service Pack aufgespielt. IDE-Festplatten mit einer Kapazität von mehr als 128 GB sollten unter Windows XP nicht beschrieben werden solange nicht Service Pack 1 (oder neuer) aufgespielt worden ist! Anderenfalls können Daten auf der Festplatte zerstört werden (unabhängig davon ob es sich um ein VeraCrypt-Volume handelt). Dies ist eine Windows-Einschränkung und kein Fehler von VeraCrypt. + WARNUNG: Anscheinend wurde das Windows Service Pack 3 (oder neuer) nicht aufgespielt. IDE-Festplatten mit einer Kapazität von mehr als 128 GB sollten unter Windows 2000 nicht beschrieben werden, solange nicht Service Pack 3 (oder neuer) aufgespielt worden ist! Anderenfalls können Daten auf der Festplatte zerstört werden (unabhängig davon ob es sich um ein VeraCrypt-Volume handelt). Dies ist eine Windows-Einschränkung und kein Fehler von VeraCrypt.\n\nHinweis: Unter Umständen muss zusätzlich noch die 48-Bit-LBA-Unterstützung in der Windows-Registrierung aktiviert werden; weitere Informationen siehe http://support.microsoft.com/kb/305098/EN-US + WARNUNG: Die 48-Bit-LBA-ATAPI-Unterstützung ist auf Ihrem System deaktiviert. Sie sollten aus diesem Grund nicht auf IDE-Festplatten schreiben die größer als 128 GB sind! Anderenfalls können Daten auf der Festplatte verfälscht werden (und zwar unabhängig davon ob es sich um ein VeraCrypt-Volume handelt). Dies ist eine Einschränkung von Windows und nicht von VeraCrypt.\n\nUm die 48-Bit-LBA-Unterstützung zu aktivieren fügen Sie bitte den „EnableBigLba“-Registrierungswert unter dem Registrierungsschlüssel HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters hinzu und setzen Sie diesen auf 1.\n\nWeitere Informationen finden Sie unter http://support.microsoft.com/kb/305098 + Fehler: Dateien die größer als 4 GB sind, können nicht auf einem FAT32-Dateisystem gespeichert werden. In einem FAT32-Dateisystem gespeicherte VeraCrypt-Volumes (Container) können somit nicht größer als 4 GB sein.\n\nSollten Sie ein größeres Volume benötigen, dann erstellen sie dieses auf einem NTFS Dateisystem (Oder, wenn Sie Windows Vista SP1 oder höher, auf einem exFAT-Dateisystem nutzen) oder, anstatt ein VeraCrypt-Volume (Container) zu erstellen, verschlüsseln Sie eine ganze Partition oder ein Laufwerk. + Achtung: Windows XP unterstützt keine Dateien die größer als 2048 GB sind (zeigt die Fehlermeldung „Nicht genügend Speicherplatz auf dem Datenträger“ an). Deshalb können Sie kein dateibasiertes VeraCrypt-Volume größer als 2048 GB unter Windows XP erstellen.\n\nBitte beachten Sie, dass es trotzdem möglich ist das gesamte Laufwerk zu verschlüsseln oder ein partitionsbasiertes Volume größer als 2048 GB zu erstellen. + WARNUNG: Wenn Sie nachträglich noch weitere Daten/Dateien im äußeren Volume speichern möchten, dann sollten Sie eine kleinere Größe des versteckten Volumes in Betracht ziehen.\n\nMöchten Sie tatsächlich mit der von Ihnen angegebenen Größe fortsetzen? + Es wurde kein Volume ausgewählt.\n\nKlicken Sie bitte auf „Datenträger“ oder „Datei“ und wählen Sie ein VeraCrypt-Volume aus. + Keine Partition ausgewählt.\n\nKlicken Sie „Datenträger ...“ um eine getrennte Partition zu wählen, welche sonst Prä-Boot-Authentifikation voraussetzt (z.B. eine Partition auf einem verschlüsselten Systemlaufwerk mit einem Betriebssystem darauf welches gerade nicht läuft, oder die verschlüsselte Systempartition eines anderen Betriebssystems).\n\nHinweis: Die Ausgewählte Partition wird als reguläres VeraCrypt-Volume eingebunden, ohne Prä-Boot-Authentifikation. Das ist hilfreich für Backup oder Reparatur-Vorgänge. + WARNUNG: Wenn Standardschlüsseldateien festgelegt und aktiviert sind, dann können Volumes, die diese nicht verwenden, nicht eingebunden werden. Daher sollten Sie, nachdem Sie die Standardschlüsseldateien aktiviert haben, das Häkchen bei „Schlüsseldat. verw.“ (unterhalb des Passwort-Eingabefeldes) entfernen sobald Sie solche Volumes einbinden möchten.\n\nSind Sie sicher dass Sie die Schlüsseldateien/-pfade als Standard speichern möchten? + Alle Datenträger-Volumes automatisch einbinden + Alle Volumes trennen + Cache sicher löschen + Alle Volumes trennen & Cache löschen + Alle Volumes erzwungen trennen und Cache sicher löschen + Alle erzw. trennen, Cache sicher löschen und VeraCrypt beenden + Favoriten einbinden + VeraCrypt-Hauptfenster anzeigen/verbergen + (Hier klicken und eine Taste drücken) + Aktion + Tastenkombination + Fehler: Diese Tastenkombination ist reserviert. Wählen Sie bitte eine andere Tastenkombination aus. + Fehler: Diese Tastenkombination ist bereits belegt. + WARNUNG: Eine oder mehrere Systemweite VeraCrypt-Tastenkombinationen werden nicht funktionieren!\n\nStellen Sie bitte sicher, dass keine anderen Anwendungen oder das Betriebssystem dieselbe(n) Tastenkombination(en) wie VeraCrypt verwendet. + Die Auslagerungsdatei konnte nicht erstellt werden.\n\nBitte beachten Sie, dass Auslagerungsdateien aufgrund von Einschränkungen von Windows nicht auf Nicht-System VeraCrypt-Volumes (auch Systemfavoriten-Volumes) liegen dürfen. VeraCrypt unterstützt die Erstellung von Auslagerungsdateien nur auf verschlüsselten Systempartitionen. + Ein Fehler oder Inkompatibilität hat verhindert das VeraCrypt die Ruhezustandsdatei verschlüsselt. Daher wurde der Ruhezustand verhindert.\n\nHinweis: Wenn ein Computer in den Ruhezustand geht (oder in einen Energiesparmodus), der Inhalt des Systemspeichers wird in eine Ruhezustand-Datei auf das Systemlaufwerk geschrieben. VeraCrypt würde nicht in der Lage sein zu verhindern, dass Verschlüsselungsschlüssel und der Inhalt von vertraulichen Dateien, die im Arbeitsspeicher sind, unverschlüsselt in der Ruhezustands-Datei gespeichert werden. + Das System konnte nicht in den Ruhezustand versetzt werden.\n\nVeraCrypt unterstützt den Ruhezustand auf versteckten Betriebssystemen mit extra Bootpartition nicht. Bitte beachten Sie, dass die Bootpartition vom Köder-System und dem versteckten Betriebssystem geteilt wird. Um Datenlecks und Probleme während dem Aufwachen aus dem Ruhezustand zu vermeiden, muss VeraCrypt das versteckte Betriebssystem daran hindern auf die geteilte Bootpartition zu schreiben oder in den Ruhezustand zu wechseln. + Das als %c: eingebundene VeraCrypt-Volume wurde getrennt. + Alle VeraCrypt-Volumes wurden getrennt. + Alle VeraCrypt-Volumes wurden getrennt und der der Passwort-Cache wurde gelöscht. + Volume erfolgreich getrennt + ACHTUNG: Wenn der VeraCrypt-Hintergrunddienst deaktiviert ist, sind die folgenden Funktionen nicht verfügbar:\n\n1) Tastenkombinationen\n2) Automatische Trennung (z.B. beim Abmelden, unbeabsichtigtem Entfernen eines Host-Geräts usw.)\n3) Automatisches Einbinden von Favoriten-Volumes\n4) Benachrichtigungen (z.B. wenn Beschädigungen an einem versteckten Volume verhindert wurden)\n5) Taskleisten-Symbol\n\nHinweis: Sie können den Hintergrunddienst jederzeit beenden indem Sie mit der rechten Maustaste auf das VeraCrypt-Taskleisten-Symbol klicken und „Beenden“ auswählen.\n\nSind Sie sicher, dass Sie den Hintergrunddienst dauerhaft deaktivieren möchten? + WARNUNG: Wenn diese Option deaktiviert ist, können keine Volumes mit geöffneten Dateien/Verzeichnissen autom. getrennt werden.\n\nMöchten Sie diese Option wirklich deaktivieren? + WARNUNG: Volumes mit geöffneten Dateien/Verzeichnissen werden NICHT automatisch getrennt.\n\nUm dies zu vermeiden müssen Sie folgende Option in diesem Dialogfenster aktivieren: „Autom. Trennen bei geöffneten Dateien/Verz. erzwingen“ + WARNUNG: Wenn die Laptopbatterie fast leer ist, kann es passieren, dass Windows nicht die entsprechende Mitteilung an die Anwendungen sendet wenn der Computer in den Energiesparmodus wechselt. In solchen Fällen kann das automatische Trennen von VeraCrypt-Volumes fehlschlagen. + Sie haben den Verschlüsselungsprozess für eine Partition/ein Volume geplant. Der Prozess wurde bis jetzt nicht beendet.\n\nMöchten Sie den Prozess jetzt fortsetzen? + Sie haben den Ver- bzw. Entschlüsselungsvorgang für die Systempartition/das Laufwerk geplant. Der Vorgang wurde noch nicht abgeschlossen.\n\nMöchten Sie den Vorgang jetzt starten (wieder aufnehmen)? + Soll das Programm weiterhin fragen, ob Sie den aktuell geplanten Prozess zur Verschlüsselung der Nicht-Systempartition/des Nicht-Systemlaufwerks fortsetzen möchten? + Ja, weiterhin fragen + Nein, nicht mehr fragen + WICHTIG: Beachten Sie bitte, dass sie den Prozess zur Verschlüsselung von jedem Nicht-Systemlaufwerks fortsetzen können, indem Sie auf „Volumes“ > „Unterbrochenen Prozess fortsetzen“ im Menü des VeraCrypt-Fensters klicken. + Sie haben den Ver- bzw. Entschlüsselungsvorgang für die Systempartition/das Laufwerk geplant. Jedoch ist die Prä-Boot-Authentifikation fehlgeschlagen (oder wurde umgangen).\n\nHinweis: Wenn Sie die Systempartition/das Systemlaufwerk in der Prä-Boot-Umgebung entschlüsseln, dann müssen Sie den Vorgang möglicherweise fertig stellen indem Sie „System“ > „System-Partition/Laufwerk dauerhaft entschlüsseln“ in der Menüleiste im VeraCrypt-Hauptfenster wählen. + WARNUNG: Beim Beenden von VeraCrypt werden folgende Funktionen deaktiviert:\n\n1) Tastenkombinationen\n2) Automatische Trennung (z.B. beim Abmelden, unbeabsichtigtem Entfernen eines Host-Geräts, Timeouts usw.)\n3) Automatisches Einbinden von Favoriten-Volumes \n4) Benachrichtigungen (z.B. wenn Beschädigungen an einem versteckten Volume verhindert wurden)\n\nHinweis: Wenn Sie nicht möchten das VeraCrypt im Hintergrund läuft, deaktivieren Sie den VeraCrypt-Hintergrunddienst in den Einstellungen (und, falls erforderlich, den automatischen Start von VeraCrypt).\n\nSind Sie sicher dass Sie VeraCrypt beenden möchten? + Beenden? + VeraCrypt hat nicht genug Informationen, um feststellen zu können, ob Ent- oder Verschlüsselt werden soll. + VeraCrypt hat nicht genug Informationen, um feststellen zu können, ob Ent- oder Verschlüsselt werden soll.\n\nHinweis: Wenn Sie die Systempartition/das Systemlaufwerk in der Prä-Boot-Umgebung entschlüsseln, müssen Sie möglicherweise den Vorgang abschließen, indem Sie auf „Entschlüsseln“ klicken. + Hinweis: Wenn Sie ein(e) gegenwärtige(s) Nicht-System-Partition/Volume verschlüsseln und ein ständiger Fehler verhindert, den Prozess zu beenden, wird es Ihnen nicht möglich sein das Volume einzubinden (und Zugriff auf die darauf gespeicherten Daten zu erhalten) bis Sie das Volume vollständig entschlüsselt haben (also den Prozess umdrehen).\n\nFalls Sie das wünschen, befolgen Sie diese Schritte:\n1) Beenden Sie den Konfigurationsassistenten.\n2) Wählen Sie im Hauptfenster von VeraCrypt, „Volumes“ > „Unterbrochenen Prozess fortsetzen“.\n3) Wählen Sie „Entschlüsseln“. + Möchten Sie den Verschlüsselungsprozess für die Partition/das Volume unterbrechen und später fortsetzen?\n\nHinweis: Beachten Sie, dass das Volume nicht eingebunden werden kann, bis es komplett verschlüsselt ist. Sie können den Prozess an der Stelle fortsetzen, an der er unterbrochen wurde. Dies können Sie wie folgt machen: Klicken Sie auf „Volumes“ > „Unterbrochenen Prozess fortsetze“ in der Menüleiste des VeraCrypt-Hauptfensters. + Möchten Sie den Verschlüsselungsvorgang für die Systempartition/das Laufwerk unterbrechen und später fortsetzen?\n\nHinweis: Sie können den Vorgang an der Stelle fortsetzen, an der er unterbrochen wurde. Sie erreichen dies, indem Sie in der Menüleiste im Hauptfenster von VeraCrypt auf „System“ > „Unterbrochenen Vorgang fortsetzen“ klicken. Wenn Sie den Verschlüsselungsvorgang endgültig beenden oder abbrechen möchten, dann klicken Sie auf „System“ > „System-Partition/Laufwerk dauerhaft entschlüsseln“. + Möchten Sie den Entschlüsselungsvorgang für die Systempartition/das Laufwerk unterbrechen und später fortsetzen?\n\nHinweis: Sie können den Vorgang an der Stelle fortsetzen, an der er unterbrochen wurde. Sie erreichen dies, indem Sie in der Menüleiste im Hauptfenster von VeraCrypt auf „System“ > „Unterbrochenen Vorgang fortsetzen“ klicken. Wenn Sie den Entschlüsselungsvorgang umkehren möchten (und die Verschlüsselung starten), dann wählen Sie „System“ > „System-Partition/Laufwerk verschlüsseln“. + Fehler: Der Ver- bzw. Entschlüsselungsvorgang für die Systempartition/das Systemlaufwerk konnte nicht unterbrochen werden. + Fehler: Der Lösch-Prozess konnte nicht unterbrochen werden. + Fehler: Der Ver- bzw. Entschlüsselungsvorgang für die Systempartition/das Systemlaufwerk konnte nicht fortgesetzt werden. + Fehler: Der Löschvorgang konnte nicht gestartet werden. + Inkonsistenz aufgelöst.\n\n\n(Sollten Sie in diesem Zusammenhang einen Fehler melden, so bitten wir Sie folgende techn. Informationen im Fehlerbericht zu berücksichtigen: %hs) + Fehler: unerwarteter Zustand.\n\n\nWenn Sie einen Fehler in Zusammenhang mit diesem melden, dann beziehen Sie die folgenden technischen Informationen mit in den Fehlerbericht ein: %hs) + Es gibt keinen unterbrochenen Ver- bzw. Entschlüsselungsvorgang der Systempartition/des Laufwerks, der fortgesetzt werden kann.\n\nHinweis: Falls Sie einen unterbrochenen Ver- bzw. Entschlüsselungsprozess einer Nicht-System Partition fortsetzen möchten, wählen Sie\n„Volumes“ > „Unterbrochenen Prozess fortsetzen“. + WARNUNG: Der VeraCrypt-Hintergrunddienst ist deaktiviert. Nach dem Beenden von VeraCrypt werden Sie nicht benachrichtigt sobald eine Beschädigung eines versteckten Volumes verhindert werden konnte.\n\nHinweis: Sie können den Hintergrunddienst jederzeit mit einen Klick der rechten Maus- taste auf das VeraCrypt-Symbol im Infobereich (= Systemtray), und durch Auswählen von „Beenden“ beenden.\n\nSoll der VeraCrypt-Hintergrunddienst aktiviert werden? + Sprachpaket-Version: %s + Es wird das Dateisystem des als %s eingebundenen VeraCrypt-Volumes überprüft ... + Es wird versucht das Dateisystem des als %s eingebundenen VeraCrypt-Volumes zu reparieren ... + WARNUNG: Dieses Volume ist mit einem veralteten Verschlüsselungsalgorithmus verschlüsselt.\n\nAlle 64-Bit-Block-Verschlüsselungsalgorithmen (z.B. Blowfish, CAST-128, oder Triple DES) werden allmählich eingestellt. Es wird zwar mit zukünftigen VeraCrypt-Versionen möglich sein diese Volumes einzubinden. Es werden aber keine Verbesserungen an der Implementierung der veralteten Verschlüsselungsalgorithmen vorgenommen. Es ist daher ratsam ein neues VeraCrypt-Volume mit einem 128-Bit-Block-Verschlüsselungsalgorithmus zu erstellen (z.B. AES, Serpent, Twofish, etc.), und sämtliche Dateien dieses Volumes auf das neue Volume zu übertragen. + Das Betriebssystem ist so konfiguriert, dass neue Volumes nicht automatisch eingebunden werden. Möglicherweise können VeraCrypt-Volumes, die sich auf Datenträgern oder Partitionen befinden, nicht eingebunden werden. Das automatische Einbinden der Volumes kann mit dem Befehl\n\nmountvol.exe /E\n\nund anschließendem Neustart des Computers aktiviert werden. + Weisen Sie bitte dem Datenträger oder der Partition einen Laufwerksbuchstaben zu bevor Sie weitermachen („Systemsteuerung“ > „System und Wartung“ > „Verwaltung“ > „Festplattenpartitionen erstellen und formatieren“).\n\nBeachten Sie dass dies eine Anforderung des Betriebssystems ist. + VeraCrypt-Volume einbinden + Alle VeraCrypt-Volumes trennen + VeraCrypt konnte keine Administratorrechte erhalten. + Zugriff durch das Betriebssystem verweigert.\n\nMögliche Ursache: Das Betriebssystem erwartet, dass Sie Lese- oder Schreibrechte (oder Administratorrechte) für bestimmte Verzeichnisse, Dateien und Datenträger haben, damit Sie von diesen Daten lesen und auf diese Daten schreiben dürfen. Normalerweise darf ein Benutzer mit Administratorrechten Dateien in seinem/ihrem „Dokumenten“-Verzeichnis erstellen, lesen und ändern. + Fehler: das Laufwerk nutzt eine nicht unterstützte Clustergröße.\n\nEs ist derzeit nicht möglich partitions- oder gerätebasierte Volumes auf Laufwerken mit einer Clustergröße > 4096 Byte zu erstellen. Sie können jedoch dateibasierte Volumes (Container) auf solchen Laufwerken erstellen. + Es ist derzeit nicht möglich ein Betriebssystem auf einem Laufwerk zu verschlüsseln welches eine andere Clustergröße als 512 Byte verwendet. + Der VeraCrypt-Bootloader benötigt mindestens 32 KB des freien Speicherplatzes am Anfang des Systemlaufwerks (der VeraCrypt-Bootloader muss in diesem Bereich gespeichert werden). Leider erfüllt Ihr Laufwerk diese Bedingung nicht.\n\nBitte melden Sie dies nicht als ein Fehler/Problem in VeraCrypt. Um dieses Problem zu beheben, müssen Sie die Festplatte neu partitionieren und lassen dabei die ersten 32 KB des Datenträgers frei (in den meisten Fällen müssen Sie die erste Partition löschen und dann wieder neu erstellen). Wir empfehlen die Verwendung des Microsoft Partition Managers, der z.B. bei der Installation von Windows verfügbar ist. + Das Feature wird nicht von der aktuell laufenden Version des Betriebssystems unterstützt. + VeraCrypt unterstützt das Verschlüsseln einer Systempartition/eines Systemlaufwerkes mit der aktuell laufenden Version des Betriebssystems nicht. + Bevor die Systempartition/das Systemlaufwerk unter Windows Vista verschlüsselt werden kann, muss Service Pack 1 oder höher installiert sein.\n\nHinweis: Service Pack 1 für Windows Vista behebt ein Problem, durch welches eine Verkleinerung des Hauptspeichers während des Systemstarts verursacht wurde. + VeraCrypt unterstützt die Systemverschlüsselung unter Windows Vista ohne installierte Service Packs nicht mehr. Installieren Sie bitte Service Pack 1 oder höher für Windows Vista bevor Sie VeraCrypt aktualisieren. + Fehler: Zur Nutzung dieser Option muss VeraCrypt auf dem System installiert sein (Sie nutzen VeraCrypt derzeit im mobilen Modus).\n\nBitte installieren Sie VeraCrypt und versuchen Sie es dann erneut. + WARNUNG: Windows scheint nicht auf dem Laufwerk installiert zu sein von dem es startet. Dieser Zustand wird nicht unterstützt.\n\nSie sollten nur fortfahren wenn Sie sicher sind, dass Windows auf dem Laufwerk installiert ist von dem es startet.\n\nMöchten Sie fortfahren?\n\n + Das Systemlaufwerk hat eine GUID-Partitionstabelle (GPT). Derzeit werden nur Laufwerke mit einer MBR-Partitionstabelle unterstützt. + ACHTUNG: Der VeraCrypt-Bootloader ist bereits auf Ihrem Systemlaufwerk installiert!\n\nEs ist möglich, dass ein anderes Betriebssystem auf Ihrem Computer bereits verschlüsselt ist.\n\nWARNUNG: DAS VERSCHLÜSSELN DES AKTUELLEN SYSTEMS KANN VERHINDERN DAS (EIN) ANDERE(S) SYSTEM(E) STARTEN UND AUF BENÖTIGTE DATEIEN ZUGEGRIFFEN WERDEN KANN.\n\nMöchten Sie wirklich fortfahren? + Der Original Systemstarter konnte nicht wiederhergestellt werden.\n\nBitte verwenden Sie Ihren VeraCrypt-Rettungsdatenträger („Repair Options“ > „Restore original system loader“) oder Ihre Windows-Installations-CD, um den VeraCrypt-Bootloader mit dem Windows-Starter zu überschreiben. + Der originale System Loader wurde nicht auf dem Rettungsdatenträger gespeichert (Grund: Fehlende Backup Datei). + Fehler beim Schreiben des MBR Sektors.\n\nIhr BIOS ist wahrscheinlich darauf eingestellt den MBR zu schützen. Überprüfen Sie Ihre BIOS-Einstellungen auf MBR- bzw Antivirus-Schutz: drücken Sie F2, Entf oder ESC nach dem Einschalten des Computers. + WARNUNG: Die Überprüfung des VeraCrypt-Bootloader fingerprint ist fehlgeschlagen!\nIhre Festplatte könnte von einem Angreifer manipuliert worden sein („Evil Maid“ Angriff).\n\nDiese Warnung kann auch ausgelöst werden, wenn Sie den VeraCrypt-Bootloader mit einem Rettungsdatenträger wiederhergestellt haben, die mit einer anderen VeraCrypt-Version erstellt wurde.\n\nSie sollten umgehend Ihr Passwort ändern, dies wird auch den korrekten VeraCrypt-Bootloader wiederherstellen. Es wird empfohlen VeraCrypt neu zu installieren und sicherzustellen, dass nicht vertrauenswürdige Dritte keinen Zugriff zu diesem Gerät haben. + Die benötigte Version des VeraCrypt-Bootloaders ist im Moment nicht installiert. Dies kann dazu führen, dass einige Einstellungen nicht gespeichert werden. + Hinweis: In einigen Situationen möchten Sie verhindern, dass eine Person, die Sie beim Starten des Computers beobachtet, erfährt, dass Sie VeraCrypt verwenden. Die obige Option erlaubt Ihnen dies durch anpassen des VeraCrypt-Bootloader-Bildschirms zu erreichen. Wenn Sie die Option aktivieren wird der VeraCrypt-Bootloader keinen Text anzeigen (nicht einmal wenn Sie das falsche Passwort eingeben). Der Computer wird wie „eingefroren“ erscheinen, während Sie Ihr Passwort eingeben können. Dazu kann eine benutzerdefinierte Meldung angezeigt werden, um den Angreifer zu täuschen. Zum Beispiel gefälschte Fehlermeldungen wie „Missing operating system“ (die normalerweise vom Windows Bootloader angezeigt wird wenn er keine Windows Boot-Partition findet). Allerdings kann der Gegner, wenn er den Inhalt der Festplatte analysiert, trotzdem herausfinden, dass sie einen VeraCrypt-Bootloader enthält. + WARNUNG: Sie sollten nicht vergessen, dass, wenn Sie diese Option aktivieren, der VeraCrypt-Bootloader keinen Text anzeigen wird (nicht einmal wenn Sie das falsche Passwort eingeben). Der Computer wird wie „eingefroren“ erscheinen (nicht reagieren), während Sie Ihr Passwort eingeben können (der Cursor wird sich NICHT bewegen und es werden keine Sternchen angezeigt, wenn Sie eine Taste drücken).\n\nSind Sie sicher, dass Sie diese Option aktivieren möchten? + Ihre System-Partition/Festplatte scheint vollständig verschlüsselt zu sein. + VeraCrypt kann kein Systemlaufwerk verschlüsseln, welches in einen dynamischen Datenträger konvertiert wurde. + Das Systemlaufwerk enthält erweiterte (logische) Partitionen.\n\nSie können ein ganzes Systemlaufwerk mit erweiterten (logischen) Partitionen nur unter Windows Vista (oder späteren Versionen von Windows) verschlüsseln. Unter Windows XP können Sie ein ganzes Systemlaufwerk nur verschlüsseln wenn es ausschließlich primäre Partitionen enthält.\n\nHinweis: Sie können aber die Systempartition anstatt des gesamten Laufwerks verschlüsseln und zusätzlich partitionsbasierte VeraCrypt-Volumes für alle Nicht-Systempartitionen auf dem Laufwerk erstellen. + WARNUNG: Da Sie Windows XP/2003 ausführen, dürfen Sie nach dem Starten der Laufwerksverschlüsselung KEINE erweiterte (logische) Partition auf dem Laufwerk erstellen (Sie können nur primäre Partitionen erstellen). Alle erweiterten (logischen) Partition auf dem Laufwerk wären nach dem Starten der Verschlüsselung nicht zugänglich (derzeit enthält das Laufwerk keine solche Partition).\n\nHinweis: Wenn diese Einschränkung nicht akzeptabel ist, dann können Sie zurück gehen und nur die Systempartition anstatt des gesamten Laufwerks verschlüsseln (und zusätzlich partitionsbasierte VeraCrypt-Volumes für alle Nicht-Systempartitionen auf dem Laufwerk erstellen).\n\nWenn diese Einschränkung nicht akzeptabel ist, sollten Sie alternativ eine Aktualisierung auf Windows Vista oder eine höhere Version von Windows in Erwägung ziehen (Sie können ein ganzes Laufwerk welches erweiterte/logische Partitionen enthält nur unter Windows Vista oder höher verschlüsseln). + Ihr System enthält ein Sonderpartition.\n\nWenn Sie ein Notebook nutzen enthält Ihre Systemfestplatte wahrscheinlich eine spezielle Wiederherstellungspartition. Nachdem das gesamte System verschlüsselt wurde (inklusive der Wiederherstellungspartition) könnte ihr System nicht mehr hochfahren falls Ihr Computer ein unpassendes BIOS nutzt. Es wäre also unmöglich die Wiederherstellungspartition zu nutzen bis die Festplatte komplett entschlüsselt ist. Daher empfehlen wir nur die Systempartition zu verschlüsseln. + Möchten Sie, statt des gesamten Laufwerks, nur die Systempartition verschlüsseln?\n\nBeachten Sie, dass Sie auf dem Laufwerk (zusätzlich zum Verschlüsseln der Systempartition) Partitionsbasierte VeraCrypt-Volumes in alle Nicht-Systempartitionen erstellen können. + Da Ihr Systemlaufwerk nur eine einzige Partition enthält, die das gesamte Laufwerk belegt, ist es vorzuziehen (sicherer) das gesamte Laufwerk einschließlich den freien „slack“ Speicher, welcher normalerweise eine solche Partition umgibt zu verschlüsseln.\n\nMöchten Sie das gesamte Systemlaufwerk verschlüsseln? + Ihr System ist so konfiguriert das temporäre Dateien auf einer Nicht-System Partition gespeichert werden.\n\nTemporäre Dateien werden normalerweise nur auf einer Systempartition gespeichert. + Ihre Benutzerprofildateien sind nicht auf der Systempartition gespeichert.\n\nBenutzerprofildateien werden normalerweise nur auf einer Systempartition gespeichert. + Es ist eine/sind Auslagerungsdatei(en) auf (einer) Nicht-Systempartition(en) vorhanden.\n\nAuslagerungsdateien befinden sich eigentlich nur auf System-Partitionen. + Möchten Sie Windows nun so einstellen, dass die Auslagerungsdateien nur auf der Windowspartition erstellt werden?\n\nBeachten Sie dabei bitte, falls Sie auf „Ja“ klicken, wird Ihr PC neu gestartet. Danach starten Sie VeraCrypt bitte erneut und versuchen die Erstellung eines versteckten Betriebssystems erneut. + Andernfalls kann die glaubhafte Leugnung des Versteckten Betriebssystems nachteilig beeinflusst werden.\n\nHinweis: Wenn ein Gegner den Inhalt solcher Dateien analysiert (befinden sich auf einer Nicht-Systempartition), dann könnte er herausfinden das Sie diesen Assistenten im „Verstecktes-System erstellen“-Modus verwendet haben (welcher auf die Existenz eines Versteckten Systems auf Ihrem Computer hindeuten kann). Beachten Sie auch, dass alle diese Dateien auf der Systempartition während der Erstellung des Versteckten Betriebssystems sicher von VeraCrypt gelöscht werden. + ACHTUNG: Während der Erstellung des Versteckten Betriebssystems werden Sie das derzeit laufende System komplett neu installieren müssen (um ein Köder-System sicher zu erstellen).\n\nHinweis: das derzeit laufende Betriebssystem und der gesamte Inhalt der Systempartition wird in das versteckte Volume kopiert werden (um das versteckte Betriebssystem zu erstellen).\n\n\nSind Sie sicher, dass Sie in der Lage sind Windows mit Hilfe eines Windows Installationsmediums (oder einer Service-Partition) zu installieren? + Aus Sicherheitsgründen muss das derzeitige Betriebssystem aktiviert werden bevor sie fortfahren, sofern es eine Aktivierung (zu irgendeinem Zeitpunkt) benötigt. Bitte beachten Sie, dass das versteckte Betriebssystem erstellt wird indem der Inhalt der Systempartition in ein verstecktes Volume kopiert wird (wenn dieses Betriebssystem nicht aktiviert ist wird das versteckte Betriebssystem deshalb ebenfalls nicht aktiviert sein). Für mehr Informationen, siehe Abschnitt „Security Requirements and Precautions Pertaining to Hidden Volumes“ im VeraCrypt-Benutzerhandbuch.\n\nWICHTIG: Bevor sie fortfahren, stellen Sie sicher, dass Sie den Abschnitt „Security Requirements and Precautions Pertaining to Hidden Volumes“ im VeraCrypt-Benutzerhandbuch gelesen haben.\n\nEntspricht Ihr derzeit installiertes Betriebssystem den genannten Bedingungen? + Ihr Betriebssystem benutzt eine extra Bootpartition. VeraCrypt unterstützt den Ruhezustand von versteckten Betriebssystemen mit extra Bootpartition nicht (Köder-Systeme können problemlos in den Ruhezustand wechseln).\n\nBitte beachten Sie, dass die Bootpartition vom Köder-System und dem versteckten Betriebssystem geteilt werden würde. Um Datenlecks und Probleme während dem Aufwachen aus dem Ruhezustand zu verhindern muss VeraCrypt deshalb das versteckte System daran hindern auf die geteilte Bootpartition zu schreiben oder in den Ruhestand zu wechseln.\n\nMöchten Sie fortfahren? Wenn Sie „Nein“ wählen werden Anweisungen für das Entfernen der extra Bootpartition angezeigt. + \nDie extra Bootpartition kann vor der Installation von Windows entfernt werden. Um dies zu tun, befolgen sie diese Schritte:\n\n1) Starten Sie Windows von der Installations-CD. \n\n2) Im Windows-Installationsbildschirm, klicken Sie „Jetzt installieren“; > „Benutzerdefiniert (erweitert)“.\n\n3) Klicken Sie auf „Laufwerksoptionen (erweitert)“.\n\n4)Wählen Sie die Hauptsystempartition aus und löschen Sie diese indem Sie „Löschen“ und „OK“ klicken.\n\n5) Wählen Sie die „System-reservierte“ Partition, klicken sie „erweitern“ und vergrößern Sie diese so, dass das Betriebssystem darauf installiert werden kann.\n\n6) Klicken Sie „Anwenden“ und „OK“.\n\n7) Installieren Sie Windows auf der „System-reservierten“ Partition.\n\n\nSollte jemand fragen warum Sie die extra Bootpartition entfernt haben können Sie antworten, dass Sie alle möglichen Datenlecks auf die unverschlüsselte Bootpartition vermeiden wollten.\n\nBitte beachten Sie: Sie können diesen Text ausdrucken indem Sie auf den unten stehenden „Drucken“-Knopf klicken. Wenn Sie diesen Text speichern oder drucken (wird dringend empfohlen es sei denn Ihr Drucker speichert Kopien gedruckter Dokumente auf seinem internen Speicher) sollten Sie ihn und alle Kopien zerstören nachdem Sie die extra Bootpartition entfernt haben (andernfalls könnte der Text gefunden und ein Rückschluss auf ein verstecktes Betriebssystem gezogen werden). + WARNUNG: Es gibt einen nicht zugeordneten Bereich zwischen der Systempartition und der ersten Partition dahinter. Sie dürfen nach dem Erstellen des versteckten Betriebssystems keine neuen Partitionen in dem nicht zugeordneten Bereich erstellen. Das Versteckte Betriebssystem wird andernfalls nicht starten (bis Sie solche neu erstellten Partitionen löschen). + Dieser Algorithmus wird derzeit nicht für die Systemverschlüsselung unterstützt. + Dieser Algorithmus ist im TrueCrypt-Modus nicht vorhanden. + PIM (Personal Iterations Multiplier) wird nicht im TrueCrypt-Modus unterstützt. + Das Passwort muss 20 oder mehr Zeichen haben, um den festgelegten PIM verwenden zu können.\nKürzere Passwörter können nur verwendet werden, wenn der PIM-Wert 485 oder größer ist. + Das Prä-Boot-Authentifikationspasswort muss 20 oder mehr Zeichen haben, um den festgelegten PIM verwenden zu können.\nKürzere Passwörter können nur verwendet werden, wenn der PIM Wert 98 oder größer ist. + Schlüsseldateien werden derzeit nicht für die Systemverschlüsselung unterstützt. + WARNUNG: VeraCrypt konnte die ursprüngliche Tastaturbelegung nicht wiederherstellen. Dadurch könnten Sie das Passwort falsch eingeben. + Fehler: Es kann die Tastaturbelegung für VeraCrypt nicht auf die Standard-US-Tastaturbelegung festgelegt werden.\n\nBeachten Sie, dass das Passwort in der Prä-Boot-Umgebung eingegeben werden muss (bevor Windows startet), wo Nicht-US-Windows-Tastaturbelegungen nicht verfügbar sind. Daher muss das Passwort immer unter Verwendung der Standard-US-Tastaturbelegung eingegeben werden. + Da VeraCrypt vorübergehend die Tastaturbelegung auf die Standard-US-Tastaturbelegung geändert hat, ist es nicht möglich bei gedrückter rechter ALT-Taste Zeichen einzugeben. Jedoch können Sie die meisten solcher Zeichen schreiben, indem Sie bei gedrückter Umschalt-Taste die passenden Tasten drücken. + VeraCrypt verhinderte die Änderung des Tastaturbelegungs. + Hinweis: Sie müssen das Passwort in der Prä-Boot-Umgebung eingeben (bevor Windows startet), in der Nicht-US Windows Tastaturbelegungs nicht verfügbar sind. Daher muss immer unter Verwendung der Standard-US-Tastaturbelegung das Passwort eingegeben werden. Allerdings ist es wichtig zu beachten, dass Sie keine echte US-Tastatur brauchen. VeraCrypt stellt automatisch sicher, dass Sie das Passwort problemlos eingeben können (jetzt und in der Prä-Boot-Umgebung) selbst wenn Sie KEINE echte US-Tastatur haben. + Bevor sie die Partition/das Laufwerk verschlüsseln können müssen Sie einen VeraCrypt-Rettungsdatenträger (VRD) erstellen, die für die folgenden Fälle notwendig ist:\n\n- Wenn der VeraCrypt-Bootloader, der Hauptschlüssel oder andere kritische Daten beschädigt werden, erlaubt die VRD diese Daten wieder herzustellen (Sie benötigen trotzdem das korrekte Passwort).\n- Wenn Windows beschädigt wird und nicht starten kann ermöglicht die VRD es die Partition/das Laufwerk vor dem Systemstart dauerhaft zu entschlüsseln.\n- Die VRD enthält eine Sicherung des derzeitigen Inhaltes des ersten Datenblocks (Header) der Partition/des Laufwerks (welcher normalerweise einen Systemstarter oder Bootmanager enthält) und erlaubt es diesen, falls nötig, wieder herzustellen.\n\nDas VeraCrypt-Rettungsdatenträger-Abbild wird hier erstellt: + Nachdem sie OK geklickt haben wird das Microsoft Windows ISO-Brennprogramm gestartet. Bitte benutzen Sie es, um das VeraCrypt-Rettungsdatenträgerabbild auf eine CD oder DVD zu brennen.\n\nNachdem Sie das getan haben, kehren Sie bitte zum Assistent zum Erstellen eines VeraCrypt-Volumes zurück und folgen Sie den Anweisungen. + Der VeraCrypt-Rettungsdatenträger wurde erfolgreich erstellt und an folgendem Ort gespeichert:\n%s\nJetzt müssen Sie es auf eine CD oder DVD brennen.\n\n%lsNachdem Sie das getan haben, klicken Sie bitte auf „Weiter“, um die Korrektheit des Rettungsdatenträgers zu überprüfen. + Der VeraCrypt-Rettungsdatenträger wurde erfolgreich erstellt und an folgendem Ort gespeichert:\n%s\nJetzt sollten Sie es entweder auf eine CD oder DVD brennen oder für die spätere Verwendung an einen sicheren Ort verschieben.\n\n%lsKlicken Sie auf „Weiter“, um fortzufahren. + WICHTIG: Bitte beachten Sie, dass die Datei als ISO-Abbilddatei und NICHT als einzelne Datei auf die CD geschrieben werden muss. Informationen wie Sie das tun erhalten Sie in der Dokumentation Ihrer Brennsoftware. Wenn Sie keine CD- bzw. DVD-Brennsoftware besitzen, welche das ISO-Abbild auf eine CD/DVD schreiben kann, klicken Sie auf den unten stehenden Link, um ein freies Programm herunterzuladen.\n\n + Microsoft Windows ISO-Brennprogramm starten + WARNUNG: Wenn Sie bereits einen VeraCrypt-Rettungsdatenträger in der Vergangenheit erstellt haben, kann dieser nicht für diese Systempartition/dieses Laufwerk wiederverwendet werden, da er für einen anderen Hauptschlüssel erstellt wurde! Sie müssen jedes Mal, wenn Sie eine Systempartition/ein Systemlaufwerk verschlüsseln, einen neuen Rettungsdatenträger dafür erstellen, selbst wenn Sie dasselbe Passwort verwenden. + Fehler: Die Einstellungen für die Systemverschlüsselung können nicht gespeichert werden. + Der Vortest für die Systemverschlüsselung konnte nicht initiiert werden. + Der Vorgang für die Erstellung des Versteckten Betriebssystems kann nicht initiiert werden. + Sicher Löschen + Bei einigen Typen von Speichermedien könnten Daten, die überschrieben wurden, mithilfe der Magnetkraftmikroskopie wiederhergestellt werden. Dies gilt auch für Daten, die in Ihrer verschlüsselten Form überschrieben wurden (was passiert, wenn VeraCrypt erstmals unverschlüsselte Partitionen oder Laufwerke verschlüsselt). Einige Studien und öffentliche Publikationen geben an, dass die Wiederherstellung von überschriebenen Daten verhindert (oder zumindest erschwert) werden kann, indem die Daten mit pseudozufälligen und bestimmten nicht zufälligen Daten überschrieben werden. Wenn Sie glauben, dass ein Angreifer möglicherweise solche Techniken verwenden könnte, um Ihre verschlüsselten Daten wiederherzustellen, dann sollten Sie einen der Lösch-Modi wählen (vorhandene Daten gehen NICHT verloren). Das Löschen kann NICHT ausgeführt werden nachdem die Partition/das Laufwerk verschlüsselt wurde. Dann werden alle Daten nämlich zuerst im Speicher verschlüsselt und erst dann auf den Datenträger geschrieben. + Bei einigen Typen von Speichermedien kann mithilfe der Magnetkraftmikroskopie Daten, die von anderen Daten (z.B. wenn die Daten gelöscht sind) überschrieben wurden, wiederhergestellt werden. Einige Studien und öffentliche Publikationen geben an, dass die Wiederherstellung von überschriebenen Daten verhindert werden kann (oder zumindest erschwert wird), in dem die Daten mit pseudozufälligen und bestimmten nicht zufälligen Daten überschrieben werden. Wenn Sie glauben, dass ein Angreifer möglicherweise solche Techniken verwenden könnte, um Ihre Daten wiederherzustellen, die Sie verschlüsseln möchten, dann könnten Sie einen der Lösch-Modi wählen.\n\nHinweis: Je mehr Durchläufe Sie wählen, desto länger dauert das Löschen der Daten. + Löschen + \nHinweis: Sie können den Löschvorgang unterbrechen, fahren Sie den Computer herunter, starten Sie das versteckte System wieder und setzen dann den Vorgang fort (dieser Assistent wird automatisch gestartet). Wenn Sie ihn jedoch unterbrechen, dann muss der gesamte Löschvorgang von vorn beginnen. + \n\nHinweis: Wenn Sie den Löschvorgang unterbrechen und dann versuchen ihn fortzusetzen, so muss der gesamte Löschvorgang von vorn beginnen. + Möchten Sie den Löschvorgang abbrechen? + WARNUNG: Der gesamte Inhalt der ausgewählten Partition/des Laufwerkes wird gelöscht und geht verloren. + Der gesamte Inhalt der Partition, auf der sich das Original System befindet, wird gelöscht.\n\nHinweis: Der gesamte Inhalt der Partition (der gelöscht werden soll) wurde auf diese Versteckte Systempartition kopiert. + WARNUNG: Beachten Sie, wenn Sie z.B. 3 Durchgänge im Lösch-Modus auswählen, dass die erforderliche Zeit zum Verschlüsseln des Laufwerkes/der Partition bis zu 4-mal länger werden kann. Wenn Sie den Modus mit 35 Durchgängen wählen, so kann es bis zu 36 Mal länger dauern (es könnte Wochen dauern).\n\nBeachten Sie jedoch, der Löschvorgang kann NICHT ausgeführt werden, nachdem die Partition/das Laufwerk vollständig verschlüsselt wurde. Wenn die Partition/das Laufwerk vollständig verschlüsselt ist, dann werden keine unverschlüsselten Daten jemals darauf geschrieben. Alle darauf zu schreibenden Daten werden zuerst „on-the-fly“ im Speicher verschlüsselt und nur dann werden die (verschlüsselten) Daten auf den Datenträger geschrieben (damit wird die Leistung nicht beeinflusst).\n\nMöchten Sie den Lösch-Modus trotzdem verwenden? + Ohne (am schnellsten) + 1-Durchgang (Zufalls Daten) + 3-Durchgänge (US DoD 5220.22-M) + 7-Durchgänge (US DoD 5220.22-M) + 35-Durchgänge („Gutmann“) + 256-Durchgänge + Anzahl der Betriebssysteme + WARNUNG: Unerfahrene Benutzer sollten niemals versuchen Windows in einer Multiboot-Konfigurationen zu verschlüsseln.\n\nFortfahren? + Wenn Sie ein verstecktes Betriebssystem erstellen oder nutzen, unterstützt VeraCrypt Multi-Boot-Konfigurationen nur wenn die folgenden Bedingungen erfüllt sind:\n\n- Das derzeit laufende Betriebssystem muss auf dem Bootlaufwerk installiert sein welches keine weiteren Betriebssysteme enthalten darf.\n\n- Betriebssysteme auf anderen Laufwerken dürfen keine Bootloader nutzen die auf demselben Laufwerk liegen auf dem das derzeit aktive Betriebssystem installiert ist.\n\nSind die obigen Bedingungen erfüllt? + VeraCrypt unterstützt diese Multi-Boot-Konfiguration nicht wenn ein verstecktes Betriebssystem erstellt/genutzt wird. + Startlaufwerk + Ist das zurzeit laufende Betriebssystem auf dem Boot-Laufwerk installiert?\n\nHinweis: Manchmal ist Windows nicht auf demselben Laufwerk installiert, auf dem der Windows-Bootloader (Boot-Partition) installiert ist. Wenn das der Fall ist, wählen Sie „Nein“. + VeraCrypt unterstützt momentan das Verschlüsseln eines Betriebssystems nicht, welches nicht von dem Laufwerk gestartet wird auf dem es installiert ist. + Anzahl der Systemlaufwerke + Wie viele Laufwerke enthalten ein Betriebssystem?\n\nHinweis: Beispielsweise, wenn Sie irgendein Betriebssystem (z.B. Windows, Mac OS X, Linux, etc.) auf dem primären Laufwerk und ein zusätzliches Betriebssystem auf einem sekundären Laufwerk installiert haben dann wählen Sie „2 oder mehr“ aus. + VeraCrypt unterstützt derzeit nicht die Verschlüsselung eines ganzen Laufwerkes, auf dem mehrere Betriebssysteme sind.\n\nMögliche Lösungen:\n\n- Sie können eines der Systeme verschlüsseln wenn Sie zurückgehen und sich für das verschlüsseln einer einzelnen Partition entscheiden (im Gegensatz zur Auswahl für das Verschlüsseln des gesamten Systemlaufwerkes).\n\n- Alternativ können Sie das ganze Laufwerk verschlüsseln wenn Sie einige der Systeme, bis auf das welches Sie verschlüsseln möchten, auf ein anderes Laufwerk verschieben. + Mehrere Systeme auf einem Laufwerk + Sind noch andere Betriebssysteme auf dem Laufwerk installiert, auf dem das z.Z. laufende Betriebssystem Installiert ist?\n\nHinweis: Beispielsweise wenn das aktuell laufende Betriebssystem auf dem Laufwerk #0 installiert ist, welches mehrere Partitionen enthält und eine dieser Partitionen enthält Windows, eine andere Partition enthält ein weiteres Betriebssystem (z.B. Windows, Mac OS X, Linux usw.), dann wählen Sie „Ja“. + Nicht-Windows Bootloader + Ist statt des Windows Bootloaders ein anderer Bootloader (oder Bootmanager) im Master Boot Record (MBR) installiert?\n\nHinweis: Beispielsweise, wenn die erste Spur des Startlaufwerkes GRUB, LILO, XOSL, oder einen anderen Nicht-Windows Boot Manager (oder Bootloader) enthält, dann wählen Sie „Ja“. + Multi-Boot + VeraCrypt unterstützt momentan keine Multiboot – Konfigurationen auf dem ein Nicht-Windows-Bootloader im Master Boot Record installiert ist.\n\nMögliche Lösungen:\n\n- Wenn Sie einen Boot-Manager nutzen um Windows und Linux zu booten, dann verschieben Sie den Boot-Manager (normalerweise GRUB) vom Master Boot Record auf eine Partition. Dann starten Sie diesen Assistenten erneut und verschlüsseln die Systempartition/das Laufwerk. HINWEIS: Der VeraCrypt-Bootloader wird Ihr Primärer Boot-Manager werden, welcher es Ihnen erlaubt den originalen Boot-Manager (z.B. GRUB) als Sekundären Boot-Manager zu starten (ESC im VeraCrypt-Bootloader-Bildschirm drücken), was es Ihnen ermöglicht Linux zu booten. + Wenn das aktuell ausgeführte Betriebssystem auf der Startpartition installiert ist, dann müssen Sie, nachdem Sie es verschlüsselt haben, immer das richtige Passwort eingeben auch wenn Sie ein anderes unverschlüsseltes Windows System starten möchten (da diese sich einen einzigen verschlüsselten Windows Bootloader/Manager teilen).\n\nWenn im Gegensatz dazu das derzeit laufende Betriebssystem nicht auf der Startpartition installiert ist (oder wenn der Windows-Bootloader/Manager nicht von allen anderen Systemen verwendet wird), dann müssen Sie nicht das korrekte Passwort zum Starten der anderen unverschlüsselten Systeme eingeben, nachdem Sie dieses System verschlüsselt haben -- Sie müssen nur die ESC-Taste drücken, um das unverschlüsselte System zu starten (wenn es mehrere unverschlüsselte Systeme gibt, dann müssen Sie im VeraCrypt-Bootmanager wählen, welches der Systeme gestartet werden soll).\n(Hinweis: Normalerweise ist das erste installierte Windows System auf der Startpartition installiert.) + Verschl. des Host-geschützten Bereichs + Am Ende vieler Laufwerke gibt es einen Bereich der normalerweise vom Betriebssystem versteckt wird (solche Bereiche werden als Host- geschützte Bereiche bezeichnet). Allerdings können manche Programme von/auf solche(n) Bereiche(n) lesen und schreiben.\n\nWARNUNG: Einige Computerhersteller verwenden möglicherweise solche Bereiche, um Werkzeuge und Daten für RAID, Systemwiederherstellung, Systeminstallation, Diagnose oder andere Zwecke zu speichern. Wenn solche Tools oder Daten vor dem Starten zugänglich sein müssen, dann sollte der versteckte Bereich nicht verschlüsselt werden (wählen Sie oben „Nein“).\n\nMöchten Sie das VeraCrypt einen solchen Bereich (falls vorhanden) am Ende des Systemlaufwerkes ermittelt und verschlüsselt? + Art der System-Verschlüsselung + Wählen Sie diese Option, wenn Sie lediglich die Systempartition oder das gesamte Systemlaufwerk verschlüsseln möchten. + Es kann vorkommen, dass Sie gezwungen werden das Betriebssystem zu entschlüsseln. Es gibt viele Situationen, in denen Sie sich nicht weigern können (z.B. wegen Erpressung). Bei Auswahl dieser Option erstellen Sie ein verstecktes Betriebssystem, dessen Existenz unmöglich zu beweisen sein sollte (vorausgesetzt das gewisse Richtlinien eingehalten werden). Daher müssen Sie das versteckte Betriebssystem nicht entschlüsseln oder das Passwort dafür herausgeben. Für eine genauere Erklärung klicken Sie bitte auf den Link unten. + Es kann vorkommen, dass Sie gezwungen werden das Betriebssystem zu entschlüsseln. Es gibt viele Situationen, in denen Sie sich nicht weigern können das Passwort herauszugeben (z.B. wegen Erpressung).\n\nMit diesem Assistenten können Sie ein verstecktes Betriebssystem erstellen, dessen Existenz unmöglich zu beweisen ist (vorausgesetzt, dass bestimmte Richtlinien eingehalten werden). Daher müssen Sie das versteckte Betriebssystem nicht entschlüsseln oder das Passwort dafür herausgeben. + Verstecktes Betriebssystem + In den folgenden Schritten erstellen Sie 2 VeraCrypt-Volumes (Äußeres u. Verstecktes) innerhalb der ersten Partition hinter der Systempartition. Das Versteckte Vol. enthält das versteckte Betriebssystem (BS). VeraCrypt erstellt dieses durch kopieren des Inhaltes der Systempartition (des gerade laufenden BS). Auf das äußere Volume kopieren Sie einige wichtig wirkende Dateien, die Sie NICHT verstecken möchten. Diese sind für Personen bestimmt die Sie zwingen das Passwort für die versteckte BS-Partition preis zu geben. Sie können das Passwort für das äußere Vol. innerhalb des versteckten BS verraten (das versteckte BS bleibt geheim).\n\nAbschließend installieren Sie auf der Systempartition des gerade lau- fenden BS ein neues BS, ein sogenanntes Köder-BS, und verschlüs- seln es. Es darf keine sensiblen Daten enthalten u. ist für Personen, die Sie zwingen das PBA-Passwort zu verraten. Es wird 3 Passwörter geben, 2 davon können Sie verraten (für das Köder-BS u. das äußere Volume). Bei verw. des Dritten, wird das versteckte BS gestartet. + Versteckte Sektoren ermitteln + Bitte warten Sie, während VeraCrypt am Ende des Systemlaufwerkes mögliche Versteckte Sektoren sucht. Beachten Sie, dass es lange dauern kann bis dies beendet ist.\n\nHinweis: In sehr seltenen Fällen wird auf einigen Computern das System während dieses Erkennungsvorganges möglicherweise nicht mehr reagieren. Wenn dies geschieht, dann starten Sie den Computer neu, Starten Sie VeraCrypt und wiederholen Sie die vorherigen Schritte aber überspringen Sie diesen Erkennungsvorgang. Beachten Sie, dass dieses Problem nicht durch einen Fehler in VeraCrypt verursacht wird. + Bereich der Verschlüsselung + Wählen Sie diese Option wenn Sie die gesamte Festplatte verschlüsseln möchten auf dem das derzeit laufende Windows installiert ist. Das gesamte Laufwerk mit allen Partitionen wird verschlüsselt, mit Ausnahme des ersten Datenblocks (Header) auf dem der VeraCrypt-Bootloader installiert wird. Um auf das Betriebssystem oder Dateien auf diesem Laufwerk zuzugreifen muss das korrekte Passwort vor jedem Start eingegeben werden. Diese Option kann NICHT dazu benutzt werden eine 2. oder externe Festplatte zu verschlüsseln wenn dort kein Windows installiert ist und es nicht von der Festplatte startet. + Zufällige Daten sammeln + Schlüssel generieren + VeraCrypt hat keinen CD- bzw. DVD-Brenner in Ihrem Computer gefunden. VeraCrypt benötigt einen bootbaren VeraCrypt-Rettungsdatenträger, welcher eine Sicherung der Verschlüsselungsschlüssel, des VeraCrypt Bootloaders, des originalem System-Loaders usw. enthält.\n\nEs wird dringend empfohlen, den VeraCrypt-Rettungsdatenträger zu brennen. + Ich habe keinen CD- bzw. DVD-Brenner, aber ich werde das Rettungsdatenträger-ISO-Abbild auf einem Wechseldatenträger sichern (z.B. USB-Stick). + Ich werde später einen CD- bzw DVD-Brenner an meinen Computer anschließen. Den Vorgang jetzt beenden. + Es ist derzeit ein CD- bzw. DVD-Brenner mit dem Computer verbunden. Fortfahren und den Rettungsdatenträger erstellen. + Bitte folgen Sie diesen Schritten:\n\n1) Einen Wechseldatenträger (z.B. USB-Stick) mit dem Computer verbinden.\n\n2) Kopieren Sie den VeraCrypt-Rettungsdatenträger-Abbild (%s) auf den Wechseldatenträger.\n\nSollten Sie die VeraCrypt-Rettungsdatenträger in der Zukunft benötigen können Sie den Wechseldatenträger (mit dem VeraCrypt-Rettungsdatenträger-Abbild) an einen Computer mit einem CD- bzw. DVD-Brenner anschließen und die Rettungs-CD brennen. WICHTIG: Bitte beachten Sie, dass das VeraCrypt-Rettungsdatenträger-Abbild als ISO-Abbild gebrannt werden muss (nicht als Datei). + Rettungsdatenträger brennen + Rettungsdatenträger fertig gestellt + Systemverschlüsselungsvortest + Rettungsdatenträger überprüfen + \nDer VeraCrypt-Rettungsdatenträger wurde erfolgreich überprüft. Bitte entfernen Sie diesen aus dem Laufwerk und bewahren Sie ihn an einem sicheren Ort auf.\n\nKlicken Sie „Weiter“, um fortzufahren. + WARNUNG: Der VeraCrypt-Rettungsdatenträger darf sich während der nächsten Schritte nicht im Laufwerk befinden. Andernfalls wird es nicht möglich sein die Schritte erfolgreich zu beenden.\n\nEntfernen Sie ihn nun aus dem Laufwerk und bewahren Sie ihn an einem sicheren Ort auf. Klicken Sie dann auf „OK“. + WARNUNG: Aufgrund von technischen Einschränkungen in der Prä-Boot-Umgebung können Texte durch VeraCrypt in der Prä-Boot-Umgebung (d.h. bevor Windows gestartet wird) nicht übersetzt angezeigt werden. Die Oberfläche des VeraCrypt-Bootloaders ist vollständig in Englisch.\n\nFortfahren? + Bevor das Verschlüsseln Ihrer Systempartition oder Ihres Laufwerkes beginnen kann, muss VeraCrypt überprüfen ob alles ordnungsgemäß funktioniert.\n\nNachdem Sie auf „Test“ klicken werden alle notwendigen Komponenten (z.B. die Prä-Boot Authentifikationskomponente, d.h. der VeraCrypt-Bootloader) installiert und Ihr Computer wird dann neu gestartet. Anschließend müssen Sie Ihr Passwort im VeraCrypt-Bootloader-Bildschirm eingeben, welcher angezeigt wird bevor Windows startet. Nachdem Windows gestartet wurde, werden Sie automatisch über das Ergebnis dieses Vortests informiert.\n\nDas folgende Laufwerk wird bearbeitet: Laufwerk #%d\n\n\nWenn Sie jetzt auf Abbrechen klicken, dann wird der Vortest nicht ausgeführt. + WICHTIGE HINWEISE - - BITTE LESEN UND GGF. AUSDRUCKEN („Drucken“ klicken):\n\nBitte beachten Sie, dass Ihre Daten nicht verschlüsselt werden bevor Sie Ihren Computer und Windows erfolgreich neu gestartet haben. Dadurch gehen Ihre Daten nicht verloren wenn ein Fehler auftritt. Allerdings kann es in Folge von Fehlern zu Startproblemen von Windows kommen. Lesen Sie bitte deshalb die folgenden Richtlinien für den Fall, dass Windows nicht mehr hoch fährt nachdem Sie den Computer neu starten (und drucken Sie sie wenn möglich aus).\n\n + Vorgehensweise wenn Windows nicht startet\n------------------------------------------------\n\nHinweis: Diese Anweisungen gelten nur wenn Sie den Verschlüsselungsprozess noch nicht begonnen haben.\n\n- Wenn Windows nicht startet nachdem Sie das korrekte Passwort eingegeben haben (oder wenn Sie wiederholt das korrekte Passwort eingeben aber VeraCrypt sagt, dass es falsch ist), bleiben Sie ruhig. Starten Sie den Computer neu (Strom ausschalten und wieder anschalten) und drücken sie nach dem Erscheinen des VeraCrypt-Ladebildschirms die ESC-Taste auf Ihrer Tastatur (und, falls Sie mehrere Systeme haben, wählen Sie eines zum Starten aus). Windows sollte dann starten (vorausgesetzt, dass es nicht verschlüsselt ist) und VeraCrypt wird automatisch fragen, ob Sie die Prä-Boot-Authentifikation deinstallieren möchten. Bitte beachten Sie, dass die genannten Schritte NICHT funktionieren wenn die Systempartition/das Systemlaufwerk verschlüsselt ist (es ist unmöglich ein verschlüsseltes Windows zu starten oder auf verschlüsselte Daten zuzugreifen ohne das korrekte Passwort einzugeben, auch wenn die vorherigen Schritte befolgt werden).\n\n + - Wenn die vorherigen Schritte nicht helfen oder der VeraCrypt-Ladebildschirm nicht erscheint (vor dem Start von Windows), legen Sie den VeraCrypt-Rettungsdatenträger in Ihr CD/DVD-Laufwerk ein und starten Sie Ihren Computer neu. Wenn der VeraCrypt-Rettungsdatenträger-Bildschirm nicht erscheint (oder wenn „Repair Options“ nicht im Abschnitt „Keyboard Controls“ des VeraCrypt-Rettungsdatenträger-Bildschirms verfügbar ist), ist es möglich, dass Ihr BIOS so konfiguriert ist, dass es zuerst versucht von Festplatte und dann von CD zu starten. In diesem Fall müssen Sie den Computer neu starten und die F2-Taste oder Entf-Taste drücken (sobald Sie einen BIOS-Startbildschirm sehen), bis der BIOS-Einstellungsbildschirm erscheint. Erscheint kein BIOS-Einstellungsbildschirm, so müssen Sie den Computer neu starten und die F2-Taste oder Entf-Taste sofort wiederholt drücken. Wenn der BIOS-Einstellungsbildschirm erscheint, stellen Sie Ihr BIOS so ein, dass es zuerst von CD/DVD bootet (für genauere Informationen lesen Sie bitte in der Bedienungsanleitung Ihres BIOS/Motherboards nach oder kontaktieren Sie den Support Ihres Computerherstellers). Danach starten Sie Ihren Computer neu. Der VeraCrypt-Rettungsdatenträger-Bildschirm sollte jetzt erscheinen. Hier wählen Sie nun „Repair Options“ indem Sie die F8-Taste Ihrer Tastatur drücken. Aus dem „Repair Options“-Menü wählen Sie „Restore original system loader“. Entfernen Sie jetzt die Rettungs-CD aus dem CD- bzw. DVD-Laufwerk und starten Sie den Computer neu. Windows sollte jetzt normal starten (vorausgesetzt, dass es nicht verschlüsselt ist).\n\n + Bitte beachten Sie, dass die genannten Schritte NICHT funktionieren wenn die Systempartition/das Systemlaufwerk verschlüsselt ist (es ist unmöglich ein verschlüsseltes Windows zu starten oder auf verschlüsselte Daten zuzugreifen ohne das korrekte Passwort einzugeben, auch wenn die vorherigen Schritte befolgt werden).\n\n\nBitte beachten Sie, dass es einem Angreifer unmöglich sein wird die Systempartition ohne das korrekte Passwort zu entschlüsseln, selbst wenn er den VeraCrypt-Rettungsdatenträger findet. + Vortest abgeschlossen + Der Vortest wurde erfolgreich abgeschlossen.\n\nWARNUNG: Wenn die Stromversorgung plötzlich unterbrochen wird während vorhandene Daten „in-place“ verschlüsselt werden, oder wenn das Betriebssystem wegen eines Software- oder Hardwarefehlers abstürzt während VeraCrypt vorhandene Daten „in-place“ verschlüsselt, dann werden Daten beschädigt oder gehen verloren. Stellen Sie daher bitte sicher, dass Sie Sicherungskopien von den Dateien haben die Sie verschlüsseln möchten, bevor Sie mit dem Verschlüsseln beginnen. Wenn dies nicht der Fall ist, dann Sichern Sie Ihre Dateien jetzt (Sie können auf „Später“ klicken, um die Dateien zu sichern, VeraCrypt jederzeit wieder starten und „System“ > „Unterbrochenen Vorgang fortsetzen“ wählen, um die Verschlüsselung zu starten).\n\nWenn Sie fertig sind, klicken Sie auf „Verschlüsseln“, um zu beginnen. + Sie können jederzeit „Pause“ oder „Später“ klicken, um den Ver- oder Entschlüsselungsprozess anzuhalten, diesen Assistenten verlassen, den Computer neu starten oder herunterfahren und den Prozess dann vom pausierten Punkt wieder aufnehmen. Um ein Verlangsamen des Computers zu verhindern wenn das System oder ein Programm auf das Systemlaufwerk zugreifen, wartet VeraCrypt automatisch bis die Daten geschrieben oder gelesen wurden (siehe Status oben) und fährt dann automatisch fort. + \nSie können jederzeit „Pause“ oder „Später“ klicken, um den Verschlüsselungsprozess zu unterbrechen, diesen Assistenten verlassen, den Computer neu starten oder herunterfahren und dann den Prozess wieder fortsetzen. Beachten Sie, dass das Volume nicht eingebunden werden kann, bis es vollständig verschlüsselt wurde. + \nSie können jederzeit „Pause“ oder „Später“ klicken, um den Entschlüsselungsprozess zu unterbrechen, diesen Assistenten verlassen, den Computer neu starten oder herunterfahren und dann den Prozess wieder fortsetzen. Es wird an dem Punkt fortgesetzt, an dem Sie gestoppt haben. Bitte beachten Sie, dass das Volume nicht eingebunden werden kann bis es vollständig entschlüsselt wurde. + Verstecktes System gestartet + Originales System + Windows erstellt (typischerweise, ohne Ihr Wissen oder Zustimmung) verschiedene Log-Dateien, temporäre Dateien, etc. auf der Systempartition. Es speichert auch den Inhalt des RAMs für den Ruhezustand und beherbergt die Auslagerungsdateien auf der Systempartition. Daher, wenn ein Angreifer auf der Partition, auf der sich auch das Originale System (von dem das versteckte System eine Kopie ist) befindet, gespeicherte Dateien analysiert, dann könnte er zum Beispiel herausfinden, dass Sie den VeraCrypt-Assistenten im „Verstecktes System erstellen“-Modus verwendet haben (was auf die Existenz eines Versteckten Betriebssystems auf Ihrem Computer hinweisen könnte).\n\nUm solche Probleme zu vermeiden, wird VeraCrypt in den nächsten Schritten den gesamten Inhalt der Partition (auf der das Originale System ist) sicher löschen. Danach müssen Sie, um die glaubhafte Leugnung zu erhalten, ein neues System auf der Partition installieren und es verschlüsseln. Dadurch werden Sie das Köder-System erstellen und der gesamte Prozess für die Erstellung des Versteckten Betriebssystems wird beendet sein. + Das Versteckte Betriebssystem wurde erfolgreich erstellt. Allerdings, bevor Sie es verwenden können (und Glaubhafte Leugnung erreichen), müssen Sie (mit VeraCrypt) den gesamten Inhalt der Partition (auf der das aktuell ausgeführte Betriebssystem installiert ist) sicher löschen. Sie müssen, bevor Sie dies tun können, den Computer neu starten und im VeraCrypt-Bootloader-Bildschirm (welcher vor dem starten von Windows erscheint) das Prä-Boot-Authentifikationspasswort für das versteckte Betriebssystem eingeben. Nachdem das versteckte System gestartet ist, wird der VeraCrypt-Assistent automatisch gestartet.\n\nHinweis: Wenn Sie den Erstellungsvorgang für das versteckte Betriebssystem jetzt beenden, dann werden Sie den Vorgang NICHT fortsetzen können und das System wird NICHT zugänglich sein (weil der VeraCrypt-Bootloader entfernt wird). + Sie haben den Vorgang zum Erstellen eines Versteckten Betriebssystem geplant. Der Vorgang ist noch nicht abgeschlossen. Sie müssen, um ihn abzuschließen, den Computer neu starten und im VeraCrypt-Bootloader-Bildschirm (welcher erscheint bevor Windows startet) das Passwort für das versteckte Betriebssystem eingeben.\n\nHinweis: Wenn Sie den Erstellungsvorgang des Versteckten Betriebssystems jetzt beenden, dann werden Sie den Vorgang NICHT fortsetzen können. + Starten Sie den Computer neu und setzen Sie fort. + Den Prozess für die Erstellung des Versteckten Betriebssystem dauerhaft abbrechen + Jetzt nichts machen und später wieder fragen + \nWENN MÖGLICH, DIESEN TEXT BITTE AUSDRUCKEN (Unten auf „Drucken“ klicken).\n\n\nWie und Wann man den VeraCrypt-Rettungsdatenträger benutzt (nach der Verschlüsselung)\n-----------------------------------------------------------------------------------\n\n + I. Wie man von dem VeraCrypt-Rettungsdatenträger startet\n\nUm von dem VeraCrypt-Rettungsdatenträger zu starten, legen Sie sie in Ihr CD- bzw. DVD-Laufwerk ein und starten Sie Ihren Computer neu. Wenn der VeraCrypt-Rettungsdatenträger-Bildschirm nicht erscheint (oder wenn „Repair Options“ nicht im Abschnitt „Keyboard Controls“ des VeraCrypt-Rettungsdatenträger-Bildschirms verfügbar ist), ist es möglich, dass Ihr BIOS so konfiguriert ist, dass es zuerst versucht von Festplatte und dann von CD zu starten. In diesem Fall müssen Sie den Computer neu starten und die F2-Taste oder Entf-Taste drücken (sobald Sie einen BIOS-Startbildschirm sehen), bis der BIOS-Einstellungsbildschirm erscheint. Erscheint kein BIOS-Einstellungsbildschirm, so müssen Sie den Computer neu starten und die F2-Taste oder Entf-Taste sofort wiederholt drücken. Wenn der BIOS-Einstellungsbildschirm erscheint, stellen Sie Ihr BIOS so ein, dass es zuerst von CD/DVD bootet (für genauere Informationen lesen Sie bitte in der Bedienungsanleitung Ihres BIOS/Motherboards nach oder kontaktieren Sie den Support Ihres Computerherstellers). Danach starten Sie Ihren Computer neu. Der VeraCrypt-Rettungsdatenträger-Bildschirm sollte jetzt erscheinen. Hier können Sie „Repair Options“ wählen, indem Sie die F8-Taste Ihrer Tastatur drücken.\n\n\n + I. Wie man von dem VeraCrypt-Rettungsdatenträger startet\n\nUm von dem VeraCrypt-Rettungsdatenträger zu starten, legen Sie sie in Ihr CD- bzw. DVD-Laufwerk ein und starten Sie Ihren Computer neu. Wenn der VeraCrypt-Rettungsdatenträger-Bildschirm nicht erscheint (oder wenn „Repair Options“ nicht im Abschnitt „Keyboard Controls“ des VeraCrypt-Rettungsdatenträger-Bildschirms verfügbar ist), ist es möglich, dass Ihr BIOS so konfiguriert ist, dass es zuerst versucht von Festplatte und dann von CD zu starten. In diesem Fall müssen Sie den Computer neu starten und die F2-Taste oder Entf-Taste drücken (sobald Sie einen BIOS-Startbildschirm sehen), bis der BIOS-Einstellungsbildschirm erscheint. Erscheint kein BIOS-Einstellungsbildschirm, so müssen Sie den Computer neu starten und die F2-Taste oder Entf-Taste sofort wiederholt drücken. Wenn der BIOS-Einstellungsbildschirm erscheint, stellen Sie Ihr BIOS so ein, dass es zuerst von CD/DVD bootet (für genauere Informationen lesen Sie bitte in der Bedienungsanleitung Ihres BIOS/Motherboards nach oder kontaktieren Sie den Support Ihres Computerherstellers). Danach starten Sie Ihren Computer neu. Der VeraCrypt-Rettungsdatenträger-Bildschirm sollte jetzt erscheinen. Hier können Sie „Repair Options“ wählen, indem Sie die F8-Taste Ihrer Tastatur drücken.\n\n\n + II. Wann und Wie man den VeraCrypt-Rettungsdatenträger benutzt (nach der Verschlüsselung)\n\n + 1) Wenn der VeraCrypt-Bootloader nicht erscheint (oder wenn Windows nicht startet) kann der VeraCrypt-Bootloader beschädigt sein. Der VeraCrypt-Rettungsdatenträger kann benutzt werden, um den Bootloader zu reparieren und so wieder Zugriff auf das System und die enthaltenen Daten zu erlangen (das korrekte Passwort wird dann jedoch immer noch benötigt). Im Rettungs-CD-Bildschirm wechseln Sie dazu in das „Repair Options“-Menü (mittels F8-Taste) und wählen dann „Restore VeraCrypt Bootloader“. Drücken Sie dann „Y“, um die Aktion zu bestätigen, entfernen Sie den Rettungsdatenträger und starten Sie Ihren Computer neu.\n\n + 2) Wenn Sie wiederholt das korrekte Passwort eingeben, VeraCrypt aber meint, dass es falsch ist, können der Hauptschlüssel oder andere kritische Daten beschädigt sein. Der VeraCrypt-Rettungsdatenträger kann benutzt werden, um diese zu reparieren und so wieder Zugriff auf das System und die enthaltenen Daten zu erlangen (das korrekte Passwort wird dann jedoch immer noch benötigt). Im Rettungs-CD-Bildschirm wechseln Sie dazu in das „Repair Options“-Menü (mittels F8-Taste) und wählen dann „Restore key data“. Geben Sie dann Ihr Passwort ein, drücken Sie „Y“, um die Aktion zu bestätigen, entfernen Sie die Rettungs-CD und starten Sie Ihren Computer neu.\n\n + 3) Wenn der VeraCrypt-Bootloader beschädigt ist können Sie ihn umgehen indem Sie direkt von dem VeraCrypt-Rettungsdatenträger starten. Legen Sie Ihren Rettungsdatenträger ein und geben Sie Ihr Passwort im Rettungsdatenträger-Bildschirm ein.\n\n + 4) Wenn Windows beschädigt ist und nicht starten kann, ermöglicht es der VeraCrypt-Rettungsdatenträger, die Partition/das Laufwerk vor dem Systemstart dauerhaft zu entschlüsseln. Im Rettungsdatenträger-Bildschirm wechseln Sie dazu in das „Repair Options“-Menü (mittels F8-Taste) und wählen dann „Permanently decrypt system partition/ drive“. Geben Sie dann Ihr Passwort ein und warten Sie, bis die Entschlüsselung vollständig abgeschlossen ist. Dann können Sie die Rettungs-CD entfernen und Ihre Windows-Installation mit Hilfe der MS Windows Setup-CD bzw. -DVD reparieren. \n\n + Hinweis: Alternativ können Sie wenn Windows beschädigt ist (nicht starten kann) und Sie es reparieren müssen (oder auf Dateien darauf zugreifen möchten) dies tun ohne die Systempartition/das Systemlaufwerk dauerhaft zu entschlüsseln. 1) Wenn Sie mehrere Betriebssysteme auf Ihrem Computer installiert haben, starten Sie von einem, dass keine Prä-Boot-Authentifikation benötigt. 2) Wenn Sie nicht mehrere Betriebssysteme auf Ihrem Computer installiert haben, können sie eine WinPE oder BartPE CD/DVD einlegen und von dieser starten oder 3) Sie können die Systemfestplatte als zweite oder externe Festplatte an einen anderen Computer anschließen und dann dessen Betriebssystem starten.\nNachdem Sie ein System gestartet haben, starten Sie VeraCrypt. Klicken Sie auf „Datenträger“, wählen Sie die betroffene Systempartition aus und klicken Sie „OK“. Wählen Sie „System“ > „Ohne Prä-Boot-Authentifikation einbinden“, geben Sie Ihr Prä-Boot-Authentifikationspasswort ein und klicken Sie „OK“. Die Partition wird nun als normales VeraCrypt-Volume eingebunden (Daten werden wie üblich sofort im RAM ver- bzw. entschlüsselt).\n\n\n + Bitte beachten Sie, dass es einem Angreifer unmöglich sein wird die Systempartition ohne das korrekte Passwort zu entschlüsseln, selbst wenn er den VeraCrypt-Rettungsdatenträger findet. + \n\nW I C H T I G -- BITTE DIESEN TEXT WENN MÖGLICH AUSDRUCKEN (unten auf „Drucken“ klicken).\n\nHinweis: Dieser Text wird jedes Mal automatisch angezeigt wenn Sie das versteckte System starten, bis Sie beginnen das Köder-System zu erstellen.\n\n\n + Wie man ein Köder-System gefahrlos und sicher erstellt \n----------------------------------------------------------------------------\n\nUm glaubhafte Leugnung (plausible deniability) zu erreichen, müssen sie jetzt ein Köder-System erstellen. Dazu befolgen Sie diese Schritte:\n\n + 1) Aus Sicherheitsgründen müssen Sie Ihren Computer ausschalten und ihn mehrere Minuten ausgeschaltet lassen (je länger, umso besser). Dies ist notwendig um den Speicher zu leeren der sensible Daten enthalten kann. Schalten Sie dann Ihren Computer wieder an, aber starten Sie nicht vom versteckten System aus.\n\n + 2) Installieren Sie Windows auf der Partition dessen Inhalt gelöscht wurde (das heißt auf der Partition auf der das Originalsystem installiert war, dessen Klon das versteckte System ist).\n\nWICHTIG: WENN SIE BEGINNEN DAS KÖDER-SYSTEM ZU INSTALLIEREN WIRD ES *NICHT* MÖGLICH SEIN DAS VERSTECKTE SYSTEM ZU STARTEN (weil der VeraCrypt-Bootloader vom Windows-Systeminstallationsprogramm gelöscht wird). DAS IST NORMAL UND ZU ERWARTEN. BITTE BEWAHREN SIE RUHE. SIE WERDEN DAS VERSTECKTE SYSTEM WIEDER STARTEN KÖNNEN SOBALD SIE BEGINNEN DAS KÖDER-SYSTEM ZU VERSCHLÜSSELN (weil VeraCrypt dann automatisch den Bootloader wieder installieren wird).\n\nWichtig: Die Größe der Köder-Systempartition muss der des versteckten Systems entsprechen (diese Voraussetzung ist jetzt erfüllt). Zudem dürfen Sie keine Partition zwischen der Köder-Systempartition und der Partition des versteckten Systems erstellen.\n\n + 3) Starten sie das Köder-System (das Sie in Schritt 2 installiert haben) und installieren Sie VeraCrypt darauf.\n\nBedenken Sie, dass das Köder-System niemals sensible Daten enthalten darf.\n\n + 4) Starten sie VeraCrypt auf dem Köder-System und wählen Sie „System“ > „System-Partition/Laufwerk verschlüsseln ...“. Der Assistent zum Erstellen eines VeraCrypt-Volumes sollte dann starten.\n\nFühren Sie die folgenden Schritte im Assistent zum Erstellen eines VeraCrypt-Volumes aus.\n\n + 5) Im Assistent zum Erstellen eines VeraCrypt-Volumes wählen sie NICHT die Option „Versteckt“! Lassen Sie die Option „Normal“ selektiert und klicken Sie auf „Weiter“.\n\n + 6) Wählen Sie die Option „Die Windows System-Partition verschlüsseln“; und klicken Sie auf „Weiter“.\n\n + 7) Falls nur das versteckte Betriebssystem und das Köder-System auf dem Computer installiert sind, wählen Sie nun „Ein Betriebssystem“ (wenn mehr als diese beiden Systeme auf dem Computer installiert sind wählen Sie „Mehrere Betriebssysteme“). Klicken Sie dann auf „Weiter“.\n\n + 8) W I C H T I G: SIE MÜSSEN IN DIESEM SCHRITT DEN SELBEN VERSCHLÜSSELUNGSALGORITHMUS UND DEN SELBEN HASH-ALGORITHMUS AUSWÄHLEN, DEN SIE FÜR DIE VERSTECKTE PARTITION GEWÄHLT HABEN! ANDERNFALLS WIRD DAS VERSTECKTE SYSTEM NICHT ZUGREIFBAR SEIN! Anders ausgedrückt: Das Köder-System und das versteckte System müssen gleich verschlüsselt sein. Hinweis: Der Grund dafür ist, dass das Köder-System und das versteckte System sich einen Bootloader teilen werden, was nur einen einzigen, vom Nutzer gewählten, Algorithmus unterstützt (für jeden Algorithmus gibt es eine Extraversion des VeraCrypt-Bootloaders).\n\n + 9) In diesem Schritt wählen Sie ein Passwort für das Köder-Betriebssystem. Dieses Passwort können Sie einem Gegner/Angreifer verraten, wenn Sie dazu gezwungen werden Ihr Prä-Boot-Authentifikationspasswort zu verraten (das andere Passwort, dass Sie verraten können, ist das für das äußere Volume). Die Existenz des dritten Passworts (das Prä-Boot-Authentifikationspasswort für das versteckte Betriebssystem) bleibt geheim.\n\nWICHTIG: Das Passwort, das Sie für das Köder-System wählen, muss sich erheblich von dem für das versteckte Volume (das versteckte Betriebssystem) gewählten Passwort unterscheiden.\n\n + 10) Folgen Sie den weiteren Anweisungen im Assistenten, um das Köder-System zu verschlüsseln.\n\n\n\n + Nachdem das Köder-System erstellt wurde\n------------------------------------------------\n\nNachdem Sie das Köder-System verschlüsselt haben wird der gesamte Prozess ein verstecktes Betriebssystem zu erstellen abgeschlossen sein und Sie werden diese drei Passwörter nutzen können:\n\n1) Das Prä-Boot-Authentifikationspasswort für das versteckte Betriebssystem.\n\n2)Das Prä-Boot-Authentifikationspasswort für das Köder-System.\n\n3) Das Passwort für das äußere Volume.\n\n + Wenn Sie das versteckte Betriebssystem starten möchten, müssen Sie nur das Passwort für das versteckte Betriebssystem im VeraCrypt-Bootloader-Bildschirm eingeben (dieser erscheint nachdem Sie Ihren Computer einschalten oder einschalten).\n\nWenn Sie das Köder-Betriebssystem starten möchten, müssen Sie nur das Passwort für das Köder-System im VeraCrypt-Bootloader-Bildschirm eingeben.\n\nDas Passwort für das Köder-System kann an jede Person ausgegeben werden, die Sie zwingt Ihr Prä-Boot-Authentifikationspasswort zu verraten. Die Existenz des versteckten Volumes (und des versteckten Betriebssystems) bleibt geheim.\n\n + Das dritte Passwort (für das äußere Volume) kann ebenfalls an jede Person ausgegeben werden, die Sie zwingt Ihr Passwort für die erste Partition hinter der Systempartition zu verraten, in dem sich sowohl das äußere Volume als auch das versteckte Volume (mit dem versteckten Betriebssystem) befinden. Die Existenz des versteckten Volumes (und des versteckten Betriebssystems) bleibt geheim.\n\n\n + Wenn Sie das Passwort für das Köder-System einer Person verraten mussten und Sie gefragt werden warum der ungenutzte Speicherplatz der (Köder-)Systempartition zufällige Daten enthält könnten Sie zum Beispiel folgendes Antworten: „Die Partition enthielt zuvor ein mit VeraCrypt verschlüsseltes System aber ich habe das Passwort vergessen (oder das System wurde beschädigt) und musste Windows neu installieren und wieder verschlüsseln.“\n\n\n + Wenn alle Anweisungen befolgt werden und alle Vorkehrungen und Voraussetzungen im Abschnitt „Security Requirements and Precautions Pertaining to Hidden Volumes“ im VeraCrypt-Benutzerhandbuch erfüllt sind, wird es unmöglich sein zu beweisen, dass das versteckte Volume und das versteckte Betriebssystem existieren. Dies trifft auch zu wenn das äußere Volume eingebunden ist oder wenn das Köder-Betriebssystem entschlüsselt oder gestartet ist.\n\nWenn Sie diesen Text speichern oder drucken (wird dringend empfohlen es sei denn Ihr Drucker speichert Kopien gedruckter Dokumente auf seinem internen Speicher) sollten Sie ihn und alle Kopien zerstören nachdem Sie die extra Bootpartition entfernt haben (andernfalls könnte der Text gefunden und ein Rückschluss auf ein verstecktes Betriebssystem gezogen werden).\n\n + WARNUNG: WENN SIE DAS VERSTECKTE VOLUME NICHT ABSICHERN DÜRFEN SIE NICHT AUF DAS ÄUSSERE VOLUME SCHREIBEN! ANDERNFALLS KÖNNEN SIE DAS VERSTECKTE VOLUME (UND DAS DARIN ENTHALTENE VERSTECKTE BETRIEBSSYSTEM) BESCHÄDIGEN UND ÜBERSCHREIBEN! (Informationen wie Sie das versteckte Volume sichern können, finden Sie im VeraCrypt-Benutzerhandbuch im Abschnitt „Protection of Hidden Volumes Against Damage“; Beachten Sie, dass das Köder-System NICHT im äußeren Volume installiert ist.) + Betriebssystem Klonen + In den nächsten Schritten wird VeraCrypt das versteckte Betriebssystem erstellen, indem der Inhalt der Systempartition in das Versteckte Volume kopiert wird (Daten, die kopiert werden, werden „on-the-fly“ (sofort) mit einem Verschlüsselungsschlüssel verschlüsselt, der sich von dem, der für das Köder-System verwendet wird unterscheidet).\n\nBitte beachten Sie, dass der Prozess in der Prä-Boot-Umgebung durchgeführt wird (bevor Windows startet) und es lange dauern kann, um ihn fertigzustellen; mehrere Stunden oder sogar mehrere Tage (abhängig von der Größe der Systempartition und der Leistung Ihres Computers).\n\nSie können den Prozess jederzeit anhalten, Ihren PC ausschalten, neu starten und dann den Prozess fortsetzen. Wenn Sie ihn jedoch unterbrechen, dann muss der gesamte Kopiervorgang des Systems von vorn beginnen (weil sich der Inhalt der Systempartition beim Klonen nicht ändern darf). + Möchten Sie den gesamten Vorgang für die Erstellung des versteckten Betriebssystems abbrechen?\n\nHinweis: Sie werden den Vorgang nicht fortsetzen können wenn Sie ihn jetzt abbrechen. + Möchten Sie den Vortest für die Systemverschlüsselung wirklich abbrechen? + Der VeraCrypt-Systemverschlüsselungsvortest ist fehlgeschlagen. Möchten Sie ihn erneut durchführen?\n\nWenn Sie „Nein“ wählen, wird die Prä-Boot-Authentifikationskomponente deinstalliert.\n\nHinweise:\n\n- Wenn der VeraCrypt-Bootloader vor dem Systemstart nicht nach einem Passwort gefragt hat, ist es möglich, dass das Betriebssystem nicht vom dem Laufwerk aus bootet auf dem es installiert ist. Dies wird nicht unterstützt.\n\n- Wenn Sie einen anderen Verschlüsselungsalgorithmus als AES nutzen und der Vortest fehlgeschlagen ist (und Sie das Passwort eingegeben haben), kann dies durch einen fehlerhaften Treiber verursacht worden sein. Wählen Sie „Nein“ und versuchen Sie erneut die Systemverschlüsselung durchzuführen, diesmal mit dem AES-Verschlüsselungsalgorithmus (welcher die niedrigsten Speichervoraussetzungen hat).\n\n- Weitere mögliche Ursachen und Lösungen finden Sie unter: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + Die Systempartition/das Systemlaufwerk ist offenbar nicht verschlüsselt (weder teilweise noch vollständig). + Ihre Systempartition/Ihr Systemlaufwerk ist verschlüsselt (teilweise oder vollständig).\n\nBitte entschlüsseln Sie Ihre Systempartition/Ihr Systemlaufwerk vollständig bevor Sie fortfahren. Wählen Sie dazu „System“ > „System-Partition/Laufwerk dauerhaft entschlüsseln“ in der Menüleiste des VeraCrypt-Hauptfensters aus. + Wenn die Systempartition/das Systemlaufwerk teilweise oder vollständig verschlüsselt ist, können Sie VeraCrypt nicht downgraden (aber Sie können es aktualisieren oder die selbe Version erneut installieren). + Ihre Systempartition/Ihr Systemlaufwerk wird zurzeit verschlüsselt, entschlüsselt, oder wird anderweitig bearbeitet. Bitte brechen Sie den Vorgang für das Verschlüsseln/Entschlüsseln/Modifizieren ab (oder warten Sie bis dieser abgeschlossen ist), bevor Sie fortfahren. + Eine Instanz des Assistenten für die VeraCrypt-Volume Erstellung läuft gerade und die Ver- bzw. Entschlüsselung der Systempartition/des Laufwerkes wird ausgeführt oder vorbereitet. Bevor Sie fortfahren, warten Sie bitte bis er beendet ist oder schließen ihn. Wenn Sie den Prozess nicht schließen können, dann starten Sie Ihren Computer neu bevor Sie fortfahren. + Der Ver- bzw. Entschlüsselungsvorgang für die Systempartition/für das Laufwerk wurde nicht abgeschlossen. Bitte warten Sie, bis er abgeschlossen ist, bevor Sie fortfahren. + Fehler: Der Verschlüsselungsprozess von der Partition/dem Laufwerk wurde nicht abgeschlossen. Dieser muss zuerst abgeschlossen werden. + Fehler: Der Verschlüsselungsprozess von der Partition/dem Laufwerk wurde nicht abgeschlossen. Dieser muss zuerst abgeschlossen werden.\n\nHinweis: Um den Vorgang fortzusetzen wählen Sie „Volumes“ > „Unterbrochenen Prozess fortsetzen“ in der Menüleiste des VeraCrypt-Hauptfensters. + Das Passwort ist korrekt, VeraCrypt hat erfolgreich den Volume-Header entschlüsselt und festgestellt das dieses Volume ein verstecktes System-Volume ist. Allerdings können Sie den Header eines versteckten System-Volumes auf diese Weise nicht ändern.\n\nUm das Passwort für ein verstecktes System-Volume zu ändern, starten Sie das Betriebssystem welches sich im versteckten Volume befindet und wählen dann „System“ > „Passwort ändern ...“ in der Menüleiste des VeraCrypt-Hauptfensters aus.\n\nUm den Algorithmus für die Headerschlüsselberechnung festzulegen, starten Sie das versteckte Betriebssystem und wählen dann „System“ > „Algorithmus für Headerschlüsselberechnung ändern ...“ aus. + VeraCrypt unterstützt gegenwärtig nicht die Entschlüsselung einer versteckten Systempartition.\n\nHinweis: Wenn Sie die Köder-Systempartition entschlüsseln möchten, dann starten Sie das Köder-System und wählen dann „System“ > „System-Partition/Laufwerk dauerhaft entschlüsseln“ in der Menüleiste des VeraCrypt-Hauptfensters aus. + Fehler: Falscher/Ungültiger Parameter. + Sie haben eine Partition oder ein Laufwerk ausgewählt aber der Assistent den Sie gewählt haben ist nur für Containerdateien geeignet.\n\nMöchten Sie den Assistenten wechseln? + Möchten Sie stattdessen eine VeraCrypt-Containerdatei erstellen? + Sie haben die Systempartition/das Systemlaufwerk (oder die Bootpartition) ausgewählt, aber der gewählte Assistent ist nur für Nicht-Systempartitionen verwendbar.\n\nMöchten Sie eine Prä-Boot-Authentifikation einrichten und die Systempartition/das Systemlaufwerk verschlüsseln (das bedeutet, dass Sie bei jedem Systemstart ein Passwort eingeben müssen)? + Sind Sie sicher, dass die Systempartition/das Systemlaufwerk dauerhaft entschlüsselt werden soll? + Achtung: Wenn Sie dauerhaft die Systempartition/das Systemlaufwerk entschlüsseln, dann werden unverschlüsselte Daten geschrieben.\n\nSind Sie wirklich sicher, dass die Systempartition/das Systemlaufwerk dauerhaft entschlüsselt werden soll? + Sind Sie sicher, dass Sie das folgende Volume dauerhaft entschlüsseln möchten? + ACHTUNG: Falls Sie das VeraCrypt-Volume dauerhaft entschlüsseln, werden die unverschlüsselten Daten auf die Festplatte geschrieben.\n\nSind Sie sicher, dass Sie das ausgewählte Volume dauerhaft entschlüsseln möchten? + WARNUNG: Wenn Sie eine Kaskade von Algorithmen für die Systemverschlüsselung verwenden, können folgende Probleme auftauchen:\n\n1) Der VeraCrypt-Bootloader ist größer als normal. Dies führt dazu, dass dieser zusammen mit dem Backup nicht in den ersten Sektor der Festplatte passt. Falls dieser nun beschädigt wird (passiert des Öfteren mit falsch entworfenen Anti-Raubkopiermaßnahmen von bestimmten Programmen), müssen Sie Ihre VeraCrypt-Notfall-CD verwenden, um das System zu starten oder den Bootloader reparieren zu können.\n\n2) Auf einigen Computern dauert das Fortsetzen nach dem Ruhezustand länger.\n\nDiese potenziellen Probleme können vermieden werden, indem Sie einen nicht kaskadierten Verschlüsselungs-Algorithmus verwenden (wie z.B. AES).\n\nSind Sie sicher, dass Sie den ausgewählten kaskadierten Algorithmus trotzdem verwenden möchten? + Wenn einer der zuvor beschriebenen Probleme auftritt, dann entschlüsseln Sie die Partition/das Laufwerk (wenn es verschlüsselt ist) und versuchen es erneut mit einem nicht kaskadierten Verschlüsselungsalgorithmus zu verschlüsseln (z.B. AES). + ACHTUNG: Aus Sicherheitsgründen sollten Sie VeraCrypt zuerst auf dem Köder-System aktualisieren bevor Sie es auf dem versteckten Betriebssystem aktualisieren.\n\nUm dies zu tun, starten Sie das Köder-System und starten das VeraCrypt-Installationsprogramm in diesem System. Starten Sie danach das versteckte Betriebssystem und starten Sie ebenfalls das VeraCrypt-Installationsprogramm.\n\nHinweis: das Köder-System und das versteckte System teilen sich einen Bootloader. Wenn Sie VeraCrypt nur auf dem versteckten Betriebssystem aktualisieren, enthält das Köder-System unterschiedliche Versionen des VeraCrypt-Treibers und der VeraCrypt-Anwendungen. Solch ein Unterschied kann auf die Existenz eines versteckten Betriebssystems auf dem Computer hinweisen.\n\nMöchten Sie fortfahren? + Die Versionsnummer des VeraCrypt-Bootloaders, der dieses Betriebssystem gestartet hat, unterscheidet sich von der Versionsnummer des VeraCrypt-Treibers (und von den VeraCrypt-Anwendungen) der auf diesem System installiert ist.\n\nSie sollten das VeraCrypt-Installationsprogramm ausführen (dessen Versionsnummer ist die gleiche wie die des VeraCrypt-Bootloaders), um VeraCrypt auf diesem Betriebssystem zu aktualisieren. + Die Versionsnummer des VeraCrypt-Bootloaders der dieses Betriebssystem gestartet hat stimmt nicht mit der Versionsnummer des installierten VeraCrypt-Treibers (und der VeraCrypt-Anwendungen) überein. Bitte beachten Sie, dass ältere Versionen Fehler enthalten können die in neueren Versionen behoben sind.\n\nWenn Sie nicht von dem VeraCrypt-Rettungsdatenträger gestartet haben, sollten Sie VeraCrypt neu installieren oder auf die neueste stabile Version aktualisieren (der Bootloader wird dabei ebenfalls aktualisiert).\n\nWenn Sie von dem VeraCrypt-Rettungsdatenträger gestartet haben, sollten Sie diese aktualisieren („System“ > „Rettungsdatenträger erstellen“). + Der VeraCrypt-Bootloader wurde erfolgreich aktualisiert.\n\nEs wird dringend empfohlen einen neuen Rettungsdatenträger zu erstellen (welcher die aktuelle Version des VeraCrypt-Bootloaders enthält) durch klicken auf „System“ > „Rettungsdatenträger erstellen ...“ nach einem Neustart des Computers. + Der VeraCrypt-Bootloader wurde aktualisiert.\n\nEs wird dringend empfohlen, dass Sie das Köder-Betriebssystem starten und dann einen neuen VeraCrypt-Rettungsdatenträger erstellen (der die neue Version des VeraCrypt-Bootloaders enthält), indem Sie „System“ > „Rettungsdatenträger erstellen ...“ wählen. + Es ist ein Fehler beim Aktualisieren des VeraCrypt-Bootloaders aufgetreten. + VeraCrypt konnte die reale Größe des Systemlaufwerkes nicht ermitteln und folglich wird die Größe, die das Betriebssystem angibt verwendet (welche kleiner sein kann als die reale Größe). Beachten Sie auch, dass dies kein Fehler in VeraCrypt ist. + WARNUNG: Möglicherweise hat VeraCrypt bereits versucht versteckte Sektoren auf diesem Systemlaufwerk zu erkennen. Wenn Sie Probleme während des vorherigen Erkennungsprozesses hatten, so können Sie diese vermeiden, indem Sie diesmal die Erkennung von versteckten Sektoren überspringen. Bedenken Sie dabei, dass VeraCrypt die vom Betriebssystem angegebene Größe verwendet (die vielleicht kleiner ist als die tatsächliche Größe).\n\nBeachten Sie, das Problem wurde nicht wegen eines Fehlers in VeraCrypt verursacht. + Die Erkennung von versteckten Sektoren überspringen (die Größe die das Betriebssystem angibt verwenden) + Nochmals versteckte Sektoren suchen + Fehler: Der Inhalt von mindestens einem Sektor des Laufwerks konnte nicht gelesen werden (zum Beispiel wegen eines Hardware Fehlers).\n\nDer Vorgang der „in-place“-Verschlüsselung kann nur fortgesetzt werden, wenn diese Sektoren wieder lesbar sind. VeraCrypt kann versuchen, diese Sektoren wieder lesbar zu machen, indem sie mit Nullen überschrieben werden (diese werden dann mit verschlüsselt). Beachten Sie dabei bitte, dass alle in den beschädigten Sektoren vorhandenen Daten bei diesem Vorgang verloren gehen. Wenn Sie dies vermeiden möchten, dann können Sie versuchen die beschädigten Daten mit einem Dritt-Anbieter Programm wiederherzustellen.\n\nHinweis: Im Falle eines Hardware Fehlers (im Gegensatz zu beschädigten Daten und Prüfsummenfehlern) könnten die Laufwerke die beschädigten Sektoren intern schützen, so dass die darin enthaltenen Daten unverschlüsselt auf der Festplatte bleiben.\n\nMöchten Sie, dass VeraCrypt die unlesbaren Sektoren mit Nullen überschreibt? + Fehler: Der Inhalt von mindestens einem Sektor des Laufwerks konnte nicht gelesen werden (zum Beispiel wegen eines Hardware Fehlers).\n\nUm den Vorgang fortsetzen zu können, muss VeraCrypt den Inhalt dieser Sektoren verwerfen (der Inhalt wird mit Pseudo-Zufallsinhalten gefüllt). Beachten Sie bitte dass Sie auch versuchen können die beschädigten Daten mit einem Dritt-Anbieter Programm wiederherzustellen.\n\nMöchten Sie, dass VeraCrypt die unlesbaren Sektoren verwirft? + Hinweis: VeraCrypt hat den Inhalt der %I64d nicht lesbaren Sektoren (%s) mit verschlüsselten NULL-Textblöcken ersetzt. + Hinweis: VeraCrypt hat den Inhalt der %I64d nicht lesbaren Sektoren (%s) mit zufälligen Daten ersetzt. + Passwort/PIN eingeben für Token „%s“: + Damit VeraCrypt auf einen Token/Smart Card zugreifen kann, müssen Sie zuerst eine PKCS #11 Software Bibliothek installieren. Diese kann mit dem Gerät ausgeliefert sein o. sie steht zum Herunterladen auf der Webswite des Herstellers oder eines Drittherstellers bereit.\n\nNachdem Sie die Bibliothek installiert haben, können Sie diese durch klicken auf „Wähle Bibliothek ...“ selber wählen oder Sie können diese von VeraCrypt durch klicken auf „Bibliothek automatisch erkennen“ suchen und auswählen lassen (nur das Windows Systemverzeichnis wird durchsucht). + Hinweis: Für den Dateinamen und Speicherort der PKCS #11-Bibliothek, die für Ihren Sicherheitstoken oder Smart Card installiert wurde, lesen Sie bitte die Dokumentation, welche mit dem Token, der Card oder Dritthersteller Software mitgeliefert wurde.\n\nKlicken Sie auf „OK“, um den Pfad und Dateinamen zu wählen. + Um VeraCrypt zu ermöglichen auf einen Sicherheitstoken oder eine Smart-Card zuzugreifen, müssen Sie dafür zuerst eine PKCS #11 Bibliothekssoftware für den Token/die Smart-Card auswählen. Wählen Sie dazu „Einstellungen“ > „Sicherheitstokens ...“. + Die PKCS #11 Sicherheitstoken Bibliothek konnte nicht initialisiert werden.\n\nStellen Sie bitte sicher, dass der angegebene Pfad und Dateiname auf eine gültige PKCS # 11-Bibliothek verweist. Um den Pfad und Dateiname für eine PKCS #11-Bibliothek anzugeben, klicken Sie auf „Einstellungen“ > „Sicherheitstokens“. + Es wurde keine PKCS #11-Bibliothek im Windows Systemverzeichnis gefunden.\n\nBitte stellen Sie sicher, dass eine PKCS #11-Bibliothek für Ihren Sicherheitstoken (oder für Ihre Smart Card) installiert ist (solch eine Bibliothek kann mit dem Token/der Smart Card mitgeliefert sein oder zum Herunterladen auf der Webseite des Herstellers oder von anderen Drittherstellern bereitstehen). Wenn sie in einem anderen Verzeichnis installiert ist als im Windows-Verzeichnis, dann klicken Sie auf „Wähle Bibliothek“, um die Bibliothek anzugeben (z.B. im Ordner in dem die Software für den Token/die Smart Card installiert ist). + Kein Sicherheitstoken gefunden.\n\nBitte stellen Sie sicher, dass Ihr Sicherheitstoken mit Ihrem Computer verbunden ist und der richtige Gerätetreiber für Ihren Sicherheitstoken installiert ist. + Sicherheitstoken Schlüsseldatei nicht gefunden. + Eine Sicherheitstoken Schlüsseldatei mit demselben Namen existiert bereits. + Möchten Sie die ausgewählten Dateien löschen? + Der Pfad für die Security Token Schlüsseldatei ist falsch. + Sicherheitstoken Fehler + Passwort für das Sicherheitstoken ist falsch. + Das Sicherheitstoken hat nicht genug Speicherplatz zur Verfügung um diesen Vorgang durchzuführen.\n\nWenn Sie versuchen eine Schlüsseldatei zu importieren sollten Sie eine kleinere Datei auswählen oder eine von VeraCrypt erstellte Schlüsseldatei benutzen („Extras“ > „Schlüsseldatei(en) generieren“). + Alle offenen Sicherheitstoken Sitzungen wurden geschlossen. + Wähle Sicherheitstoken Schlüsseldateien + Steckplatz + Token Name + Dateiname + WICHTIG: Bitte beachten Sie, dass Prä-Boot-Authentifikationspasswörter stets mit einer Standard US-Tastaturbelegung geschrieben werden. Deshalb kann es unmöglich sein ein Volume, dessen Passwort mit einer anderen Tastaturbelegung erstellt wurde mit einem Prä-Boot-Authentifikationspasswort einzubinden (bitte beachten Sie, dass dies kein VeraCrypt-Fehler ist). Um solch ein Volume mit einem Prä-Boot-Authentifikationspasswort einzubinden, folgen Sie diesen Schritten:\n\n1) Klicken Sie „Datei“ oder „Datenträger“ und wählen Sie das Volume aus.\n2) Wählen Sie „Volumes“ > „Volume-Passwort ändern“.\n3) Geben Sie das derzeitige Passwort für das Volume ein.\n4) Ändern Sie die Tastaturbelegung auf „English (US)“ indem Sie auf das Sprachsymbol in der Windows Taskleiste klicken und „EN English (United States)“ wählen (falls das Symbol nicht angezeigt wird gehen Sie in „Systemsteuerung“ > „Regions- und Sprachoptionen“. Klicken Sie auf „Tastatur ändern“ und wählen Sie „Englisch (US)“).\n5) Geben Sie nun in VeraCrypt das neue Prä-Boot-Authentifikationspasswort ein.\n6) Bestätigen Sie das neue Prä-Boot-Authentifikationspasswort und klicken Sie „OK“.\n7)ACHTUNG: Bitte denken Sie daran, dass das Volume Passwort IMMER mit der US-Tastaturbelegung eingegeben werden muss, wenn Sie diese Schritte befolgen (in der Prä-Boot-Umgebung ist automatisch US-Englisch eingestellt). + Systemfavoriten-Volumes werden mit dem Prä-Boot-Authentifikationspasswort eingebunden. Wenn irgendein Systemfavoriten-Volume ein anderes Passwort nutzt wird es nicht eingebunden. + Bitte beachten Sie: Um zu verhindern, dass normale VeraCrypt-Vorgänge wie „Alle trennen“, „Automatisches Trennen“ usw. störenden Einfluss auf Systemfavoriten-Volumes nehmen, sollten Sie die Option „Nur Administratoren erlauben Systemfavoriten in VeraCrypt zu sehen und zu trennen“ aktivieren. Wenn VeraCrypt ohne Administratorrechte ausgeführt wird (Standard auf Windows Vista und neueren Windows-Versionen) werden Systemfavoriten-Volumes zusätzlich nicht in der Laufwerksliste des VeraCrypt-Anwendungsfenster angezeigt. + WICHTIG: Wenn Sie diese Option aktivieren und VeraCrypt ohne Administratorrechte ausgeführt wird, werden eingebundene Systemfavoriten-Volumes NICHT im VeraCrypt-Anwendungsfenster angezeigt und können nicht getrennt werden. Deshalb müssen Sie VeraCrypt mit Administratorrechten ausführen wenn Sie ein Systemfavoriten-Volume einbinden oder entfernen möchten (Rechtsklick auf das VeraCrypt-Icon im Startmenü und „Als Administrator ausführen“ wählen).\nDieselben Einschränkungen bestehen für die „Alle trennen“ Funktion, die „Alle trennen“ Tastenkürzel, die „Automatisches Trennen“ Funktion usw.. + Bitte beachten Sie, dass diese Änderung erst nach einem Neustart des Betriebssystems in Kraft tritt. + Fehler bei der Syntaxanalyse der Kommandozeile. + Rettungsdatenträger + &Datei wählen und einbinden ... + Laufwerk wä&hlen und einbinden ... + Nur Administratoren erlauben Systemfavoriten in VeraCrypt zu sehen und zu trennen + Systemfavoriten-Volumes einbinden wenn Windows startet (am Anfang der Startphase) + WARNUNG: Das Dateisystem auf dem Volume, eingebunden als „%s“, wurde nicht ordnungsgemäß getrennt und könnte dadurch Fehler enthalten. Das Verwenden eines beschädigten Dateisystems kann zu Datenverlusten bzw. Datenbeschädigungen führen.\n\nHinweis: Bevor Sie ein Laufwerk physikalisch entfernen oder ausschalten (z.B. ein USB-Stick oder eine externe Festplatte), auf denen ein eingebundenes VeraCrypt-Volume ist, so sollten Sie immer zuerst das Volume in VeraCrypt trennen.\n\n\nMöchten Sie das Windows auf dem Dateisystem nach Fehlern sucht und diese behebt (falls vorhanden)? + WARNUNG: Ein oder mehrere Systemfavoriten-Volume(s) wurden nicht sauber getrennt und können Dateisystemfehler enthalten. Bitte prüfen Sie das Systemereignis-Protokoll auf Details.\n\nDie Benutzung eines fehlerhaften Dateisystems kann Datenverfall oder Datenverlust verursachen. Sie sollten die betroffenen Systemfavoriten-Volumes auf Fehler überprüfen (Rechtsklick auf ein Volume und „Dateisystem reparieren“ wählen). + WARNUNG: Die Reparatur eines beschädigten Dateisystems mit dem Microsoft Windows Programm „chkdsk“ kann zum Verlust von Daten in den beschädigten Bereichen führen. Deshalb wird empfohlen, zuerst die Dateien von dem Datenträger in einen anderen, funktionstüchtigen, VeraCrypt-Container zu sichern.\n\nMöchten Sie das Dateisystem nun reparieren lassen? + Das Volume „%s“ wurde schreibgeschützt eingebunden weil Schreibzugriff verweigert wurde.\n\nBitte stellen Sie sicher, dass die Zugriffsrechte der Containerdatei ihnen erlauben darauf zu schreiben (Rechtsklick auf die Containerdatei und „Eigenschaften“ > „Sicherheit“ wählen).\n\n Bitte beachten Sie, dass diese Warnung Aufgrund eines Windowsproblems auch angezeigt werden kann nachdem Sie die Zugriffsrechte korrekt gesetzt haben. Dies wird nicht durch einen Fehler in VeraCrypt verursacht. Eine mögliche Lösung ist es, Ihre Containerdatei in einen anderen Ordner zu verschieben (z.B. in den Ordner „Dokumente“).\n\nWenn Sie Ihr Volume weiterhin schreibgeschützt verwenden möchten, setzten Sie die Zugriffsrechte der Containerdatei entsprechend (Rechtsklick auf die Containerdatei und „Eigenschaften“ > „Schreibgeschützt“ wählen). Dies wird die Warnung unterdrücken. + Das Volume „%s“ wurde schreibgeschützt eingebunden, weil der Schreibzugriff verweigert wurde.\n\nStellen Sie bitte sicher das keine andere Anwendung (z.B. Antivirus Software) auf die Partition/das Laufwerk zugreift, auf welchem sich das Volume befindet. + Das Volume „%s“ wurde nur lesbar eingebunden, da das Betriebssystem den Datenträger als schreibgeschützt meldet.\n\nBitte beachten Sie, dass manche Dritt-Anbieter Chipsatz-Treiber bekannt dafür sind, dass manche Datenträger irrtümlich als schreibgeschützt auftauchen. Dieses Problem wird nicht durch VeraCrypt verursacht. Dieses Problem kann behoben werden, indem Sie die installierten Treiber aktualisieren oder alle nicht-Microsoft Chipsatz-Treiber entfernen. + Bitte beachten Sie, dass die Hyper-Threading-Technik mehrere logische Kerne pro einzelnem physikalischen Prozessorkern zur Verfügung stellt. Wenn Hyper-Threading aktiviert ist entspricht die obige Zahl der Anzahl der logischen Prozessoren/Kerne. + %d Threads + Bitte beachten Sie, dass die AES-Hardwarebeschleunigung ausgeschaltet ist. Dies wird die Benchmarkergebnisse negativ beeinflussen.\n\nUm die Hardwarebeschleunigung zu aktivieren wählen Sie „Einstellungen“ > „Leistung“ und aktivieren Sie die entsprechende Option. + Bitte beachten Sie, dass die Anzahl von Threads derzeit beschränkt ist. Dies wird die Benchmarkergebnisse negativ beeinflussen.\n\nUm das volle Potential der CPU auszunutzen wählen Sie „Einstellungen“ > „Leistung“ und aktivieren Sie die entsprechende Option. + Möchten Sie, dass VeraCrypt versucht, den Schreibschutz der Partition/des Laufwerks aufzuheben? + WARNUNG: Diese Einstellung kann die Leistung verringern.\n\nSind Sie sicher, dass Sie diese Einstellungen vornehmen möchten? + WARNUNG: VeraCrypt-Volume wurde automatisch getrennt. + Bevor Sie ein Gerät mit einem eingebundenen VeraCrypt-Volume entfernen oder ausschalten, sollten Sie immer zuerst das VeraCrypt-Volume trennen.\n\nEine unerwartete plötzliche Trennung wird normalerweise durch versagende Kabel, Festplatten usw. verursacht. + Das Volume wurde mit TrueCrypt %x.%x erstellt, aber VeraCrypt unterstützt nur TrueCrypt-Volumes, die mit TrueCrypt 6.x/7x erstellt wurden. + Test + Schlüsseldatei + Rücktaste + Tab + Clear + Eingabe + Pause + Feststelltaste + Leertaste + Bild auf + Bild ab + Ende + Pos1 + Nach links + Nach oben + Nach rechts + Nach unten + Auswählen + Druck (Print) + Ausführen + Druck (Print Screen) + Einfg + Entf + Anwendungstaste + Standby + Num + Rollen + Zurück (Browser) + Vorwärts (Browser) + Aktualisieren (Browser) + Abbrechen (Browser) + Suchen (Browser) + Favoriten (Browser) + Startseite (Browser) + Ton aus + Lautstärke verringern + Lautstärke erhöhen + Nächster Titel + Vorheriger Titel + Stopp + Wiedergabe/Pause + E-Mail + Medien + Anwendungsstart 1 + Anwendungsstart 2 + Attn + CrSel + ExSel + Wiedergabe + Zoom + Ziffernblock + Umschalt + Strg + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + &PIM beim Zwischenspeichern eines Prä-Boot-Authentifikationspasswortes einbeziehen + PIM beim Zwischenspeichern eines Passwortes einbeziehen + Getrennte Netzlaufwerke zum Einhängen verfügbar machen + Das eingegebene Passwort ist zu lang: Kodiert mit UTF-8 überschreitet es 64 Byte. + Das eingegebene Passwort enthält Unicode-Zeichen, die nicht mit UTF-8 kodiert werden können. + Fehler: Kann eine Systembibliothek nicht laden. + Die auf der Kommandozeile angegebene Volume-Größe ist nicht mit dem gewählten exFAT Dateisystem kompatibel. + Durch Mausbewegungen gesammelte Entropie + Volume-Kennung: + Volume-Kennung + Volume-Kennung zum Einbinden des Favoriten verwenden + Die Volume-Kennung ist ungültig + Mit der angegebenen Kennung wurde kein Volume auf dem System gefunden + Wert in die Zwischenablage kopieren... + Im Prä-Boot-Authentifikationsbildschirm keinen PIM abfragen + WARNUNG: Sie sollten nicht vergessen, dass, wenn Sie diese Option aktivieren, der PIM-Wert unverschlüsselt auf der Festplatte gespeichert wird.\n\nSind Sie sicher, dass Sie diese Option aktivieren möchten? + Der größtmögliche Wert für den PIM (Personal Iterations Multiplier) ist 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.el.xml b/Translations/Language.el.xml index 51ca7a69..6d4e4c65 100644 --- a/Translations/Language.el.xml +++ b/Translations/Language.el.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Ακύρωση - Εγκατάσταση &για όλους τους χρήστες - Αναζή&τηση... - Προσθήκη VeraCrypt στην ε&πιφάνεια εργασίας - Donate now... - Συσχέτιση της &επέκτασης αρχείων .hc με το VeraCrypt - Ά&νοιγμα του τόπου προορισμού με τη λήξη - Προσθήκη του VeraCrypt στο μεν&ού Έναρξη - Δημιουργία σημείου επα&ναφοράς συστήματος - Απε&γκ/σταση - &Εξαγωγή - &Εγκατάσταση - Οδηγός εγκατάστασης VeraCrypt - Απεγκατάσταση VeraCrypt - &Βοήθεια - Παρακαλώ επιλέξτε ή πληκτρολογήστε την τοποθεσία που θέλετε να εξαχθούν τα αρχεία: - Παρακαλώ επιλέξτε ή πληκτρολογήστε την τοποθεσία που θέλετε να εγκαταστήσετε το VeraCrypt. Αν ο καθορισμένος φάκελος δεν υπάρχει, θα δημιουργηθεί αυτόματα. - Πιέστε Απεγκατάσταση για να απεγκαταστήσετε το VeraCrypt από αυτό το σύστημα. - Ακύρωση - &Benchmark - &Δοκιμή - Create encrypted volume and format it - Encrypt partition in place - Εμφάνιση δημιουργημένων κλειδιών (των τμημάτων τους) - Εμφάνιση περ/νου δεξαμενής - Κατέβασμα λογισμικού εγγραφής CD/DVD - Create an encrypted file container - &GB - &TB - More information - Κρυ&φός τόμος VeraCrypt - Περισσότερες πληροφορίες για κρυφούς τόμους - Άμεση μέθοδος - Κανονική μέθοδος - &KB - Χ&ρήση αρχ.-κλειδιού - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - Αρ&χεία-κλειδιά - Πληροφορίες για αλγόριθμους hash - Περισσότερες πληροφορίες - Information on PIM - &MB - Περισσότερες πληροφορίες - Περισσότερες πληροφορίες για την κρυπτογράφηση συστήματος - Περισσότερες πληροφορίες - Πολλαπλής εκκίνησης - Encrypt a non-system partition/drive - Όχι απο&θήκευση ιστορικού - Άνοιγμα εξωτερ. τόμου - &Παύση - Use P&IM - Use PIM - Γρήγορη διαμόρφωση - Εμφάνιση &κωδικού - &Display password - &Display PIM - Μονής εκκίνησης - Απλός τόμος VeraCrypt - Hi&dden - Normal - Κρυπτογράφηση του συστήματος - Κρυπτογράφηση του διαμερίσματος των Windows - Κρυπτογράφηση ολόκληρου του οδηγού - Οδηγός δημιουργίας τόμου VeraCrypt - Ομάδα - ΣΗΜΑΝΤΙΚΟ: Κινήστε το ποντίκι όσο πιο τυχαία γίνεται μέσα σε αυτό το παράθυρο. Όσο περισσότερο, τόσο καλύτερα. Αυτό αυξάνει σημαντικά την κρυπτογραφική ικανότητα των κλειδιών κρυπτογράφησης. Κατόπιν πιέστε Επόμενο για να συνεχίσετε. - &Επιβεβαίωση: - Ολ/θηκε - Drive letter: - Αλγόριθμος κρυπτογράφησης - Σύστημα αρχείων - Δημιουργεί έναν εικονικό κρυπτογραφημένο δίσκο μέσα σε ένα αρχείο. Συνίσταται για μη έμπειρους χρήστες. - Επιλογές - Αλγόριθμος hash - Κλειδί header: - Απομένει - Βασικό κλειδί: - Επιλέξτε αυτή τη δυνατότητα αν έχετε εγκατεστημένα δύο ή περισσότερα λειτουργικά συστήματα. - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - Τρέχον περιεχόμενο δεξαμενής (μερικό) - Pass - Κωδικός: - Volume PIM: - Volume PIM: - Πρόοδος: - Δεξαμενή: - Επιλέξτε αυτή τη δυνατότητα αν έχετε εγκατεστημένο μόνο ένα λειτουργικό σύστημα (ακόμα και αν έχει πολλαπλούς χρήστες). - Ταχύτητα - Κατάσταση - Τα κλειδια και άλλα δεδομένα δημιουργηθήκαν επιτυχώς. Αν θέλετε να δημιουργήσετε νέα κλειδια πιέστε Πίσω και μετά Επόμενο. Αλλιώς πιέστε Επόμενο για να συνεχίσετε. - Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Μέθοδος εκκαθάρισης: - Κλείσιμο - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - Αδράνεια - &Αυτοφόρτωση τόμου VeraCrypt (που καθορίστηκε παρακάτω) - &Εκκίνηση VeraCrypt - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - Αναζήτηση... - Αναζήτηση... - Αποθήκευση κωδικών και αρχείων-κλει&διών στη μνήμη - Έξοδος όταν δεν υπάρχουν φορτωμένοι τόμοι - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - Να περιλάβει και τον Οδηγό δημιουργίας τόμου VeraCrypt - Δημιουργία - &Δημιουργία τόμου - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Χρήση αρχ.-κλειδιών - Χρήση αρχ.-κλειδιών - Έ&ξοδος - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Καθορισμός - Απομάκρυνση - Αρχεία-κλειδιά - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - &Αυτοφόρτωση συσκευών - Επι&λογές φόρ/σης - Φόρτωση τόμου μόνο για ανάγ&νωση - Αρχεία-κλειδιά - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Ενεργοποιημένο - Αποθ/ση κωδικών στη μνήμη του οδηγού - Όταν δε διαβάζονται/γράφονται δεδομένα σ'αυτόν για - Αποσύνδεση χρήστη - User session locked - Λειτουργία χαμηλής κατανάλωσης - Ενεργή προστασία οθόνης - Εξαναγκασμένη ακόμα και αν ο τόμος έχει ανοικτά αρχεία/φακέλους - Φόρτωση όλων των τόμων-συσκευών VeraCrypt - Start VeraCrypt Background Task - Φόρτωση τόμων ως μόνο για ανάγνωση - Φόρτωση τόμων ως αποσπώμενα μέσα - Άνοιγμα Explorer για τους επιτυχώς φορτωμένους τόμους - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Διαγραφή κωδικών από τη μνήμη κατά την αυτοεκφόρτωση - Διαγρ. κωδικών από τη μνήμη κατά την έξοδο - Preserve modification timestamp of file containers - Επαναρύθμιση - Επιλογή σ&υσκευής - Επιλογή αρχε&ίου - Select &Library... - Εμφάνιση κωδικού - Εμφάνιση κωδικού - Άνοιγμα &Explorer για φορτωμένους τόμους - &Αποθήκευση κωδικών στη μνήμη του οδηγού - TrueCrypt Mode - Εκ&φόρτωση όλων - &Ιδιότητες τόμου... - Εργαλεία &τόμου... - &Διαγραφή μνήμης cache - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - Συντομεύσεις - VeraCrypt - Αλλαγή κωδικού ή αρχείων-κλειδιών - Εισαγωγή κωδικού τόμου VeraCrypt - VeraCrypt - Performance and Driver Options - VeraCrypt - Επιλογές - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - Δημιουργία φορητού δίσκου VeraCrypt - Ιδιότητες τόμου VeraCrypt - Περί... - Προσθήκη/Διαγραφή αρχείων-κλειδιών σε/από τόμο... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Δημιουργία αντιγράφου ασφαλείας header... - Benchmark... - Ορισμός κλειδιού αλγορίθμου δημιουργίας header... - Αλλαγή κωδικού τόμου και αρχείων-κλειδιών... - Καθορισμός αλγόριθμου παραγωγής κλειδιού header... - Αλλαγή κωδικού... - Διαγραφή ιστορικού τόμου - Close All Security Token Sessions - Επικοινωνία... - Create Hidden Operating System... - Δημιουργία Δίσκου Ασφαλείας... - Δημιουργία νέου τόμου... - Permanently Decrypt... - Εξ'ορισμού αρχεία-κλειδιά... - Default Mount Parameters... - Donate now... - Κρυπτογράφηση διαμερίσματος/οδηγού συστήματος... - Συχνές ερωτήσεις - Οδηγός χρήσης - &Ιστοτόπος - Συντομεύσεις... - Δημιουργός αρχείων-κλειδιών - Γλώσσα... - Νομικές επισημάνσεις - Manage Security Token Keyfiles... - Αυτοφόρτωση όλων των τόμων-συσκευών - Φόρτωση αγαπημένων τόμων - Φόρτωση χωρίς &προ-εκκίνησης έλεγχο αυθεντικότητας... - Φόρτωση τόμων - Φόρτωση τόμου με επιλογές - Νέα - Διαδικτυακή βοήθεια - Οδηγός αρχαρίων - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Μόνιμη αποκρυπτογράφηση διαμερίσματος/οδηγού συστήματος - Επιλογές... - Επανέλεγχος γραμμάτων οδηγών - Απομάκρυνση όλων των αρχείων-κλειδιών από τόμο... - Επανάκτηση header... - Resume Interrupted Process - Επιλογή συσκευής... - Επιλογή αρχείου... - Επαναφορά σταματημένης διαδικασίας - System Encryption... - Properties... - Settings... - System Favorite Volumes... - Μεταφορτώσεις - Δοκιμή ανυσμάτων... - Security Tokens... - Δημιουργία φορητού δίσκου... - Εκφόρτωση όλων των φορτωμένων τόμων - Εκφόρτωση τόμων - Επαλήθευση Δίσκου Ασφαλείας - Verify Rescue Disk ISO Image - Ιστορικό εκδόσεων - Volume Expander - Ιδιότητες τόμου - Οδηγός δημιουργίας τόμου - Ιστοτόπος VeraCrypt - Διαγραφή κωδικών από μνήμη - OK - Hardware Acceleration - Συντόμευση - Ρύθμιση αυτόματης εκκίνησης (autorun.inf) - Αυτοεκφόρτωση - Εκφόρτωση όλων όταν: - Boot Loader Screen Options - Επιβεβαίωση κωδικού: - Τρέχων - Display this custom message in the pre-boot authentication screen (24 characters maximum): - Εξ'ορισμού επιλογές φόρτωσης - Επιλογές συντομεύσεων - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Ρυθμίσεις αρχείων - Καθορισμός πλήκτρου: - Processor (CPU) in this computer supports hardware acceleration for AES: - Ενέργειες με τη σύνδεση στα Windows - λεπτά - Φόρτωση τόμου ως οδηγού γράμματος: - Ρυθμίσεις φόρτωσης - Νέος - Κωδικός: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - Cache κωδικού - Security Options - Εργασία VeraCrypt στο παρασκήνιο - Τόμος VeraCrypt προς φόρτωση (σχετικό με την πηγή του φορητού δίσκου): - Με την εισαγωγή φορητού δίσκου: - Δημιουργία αρχείων φορητού δίσκου σε (πηγαίος φάκελος φορητού δίσκου): - Τόμος - Windows - Προσθ. &διαδρομής - &Αυτοέλεγχος όλων - &Continue - &Αποκρυπ/φηση - &Delete - &Κρυπτ/φηση - &Export... - Δημιουργία-αποθ/ση αρχείου-κλειδιού - &Δημιουργία τυχαίου αρχείου κλειδιού - Μεταφόρτωση αρχείου γλώσσας - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - Χ&ρήση αρχείου-κλειδιού - &Αρχεία-κλειδιά - &Διαγραφή - Διαγραφή &όλων - Τι είναι η προστασία κρυφού τόμου; - More information on keyfiles - Φόρτωση τόμου ως αποσπώμενο &μέσο - Φόρτωση διαμερίσματος με &χρήση κρυπτογράφησης συστήματος χωρίς προ-εκκίνησης έλεγχο αυθεντικότητας - Parallelization: - Benchmark - &Εκτύπωση - &Προστασία κρυφού τόμου από ζημιά λόγω εγγραφής σε εξωτερικό τόμο - &Επαναρύθμιση - &Εμφάνιση κωδικού - Add &Token Files... - Use backup header embedded in &volume if available - Κατάσταση XTS - Περί VeraCrypt - VeraCrypt - Benchmark αλγόριθμου κρυπτογράφησης - VeraCrypt - Δοκιμή ανυσμάτων - Βοήθεια γραμμής εντολών - VeraCrypt - Αρχεία-κλειδιά - VeraCrypt - Δημιουργός αρχείων-κλειδιών - VeraCrypt - Γλώσσα - VeraCrypt - Επιλογές φόρτωσης - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Επιλογή διαμερίσματος ή συσκευής - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Ενεργή γλώσσα - Η ταχύτητα επηρεάζεται από το φορτίο του επεξεργαστή και τα χαρακτηριστικά της συσκευής αποθήκευσης.\n\nΑυτές οι δοκιμές γίνονται στη RAM. - Μέγεθος buffer: - Κρυπτογράφος: - Κ&ωδικός στον κρυφό τόμο: - Προστασία κρυφού τόμου - Μέγεθος κλειδιού: - ΣΗΜΑΝΤΙΚΟ: Κινήστε το ποντίκι όσο πιο τυχαία γίνεται μέσα σε αυτό το παράθυρο. Όσο περισσότερο, τόσο καλύτερα. Αυτό αυξάνει σημαντικά την κρυπτογραφική ικανότητα των αρχείων-κλειδιών. - ΠΡΟΣΟΧΗ: Αν χάσετε ένα αρχείο-κλειδί ή κάποιο bit από τα πρώτα 1024 ΚΒ του αλλάξει, θα είναι αδύνατο να φορτώσετε τόμους που το χρησιμοποιούν! - bits - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Μετάφραση: - Μέγεθος απλού κειμένου: - bits - Περιεχόμενο τρέχουσας δεξαμενής - Μίξη PRF: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Δευτερεύον κλειδί (16δικό) - Security token: - Μέθοδος ταξινόμησης: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Αριθμός μπλοκ: - Κρυπτοκείμενο (δεκαεξαδικό) - Αριθμός μονάδων δεδομένων(64-bit 16δικό, μέγεθος μονάδας δεδομένων 512 bytes) - Κλειδί (δεκαεξαδικό) - Απλό κείμενο (δεκαεξαδικό) - Keyfile name: - Κατάσταση XTS - Σ&ύστημα - &Τόμοι - Favor&ites - Ερ&γαλεία - Settin&gs - &Βοήθεια - Ισ&τοτόπος - - &Περί... - Το χαρακτηριστικό "μόνο για ανάγνωση" στον παλιό τόμο σας δεν άλλαξε. Παρακαλώ ελέγξτε τις ρυθμίσεις προσβασιμότητας του αρχείου. - Σφάλμα: Άρνηση πρόσβασης.\n\nΤο διαμέρισμα που προσπαθείτε να αποκτήσετε πρόσβαση είναι ή μήκους 0 τομέων ή στη συσκευή εκκίνησης. - Administrator - Για να φορτώσετε τον οδηγό VeraCrypt, πρέπει να συνθεθείτε ως διαχειριστής. - Παρακαλώ σημειώστε ότι για να κρυπτογραφήσετε/διαμορφώσετε ένα διαμέρισμα/συσκευή πρέπει να έχετε δικαιώματα διαχειριστή.\n\nΑυτό δεν ισχύει για τους τόμους σε αρχεία. - Για να δημιουργήσετε κρυφό τόμο πρέπει να έχετε δικαιώματα διαχειριστή.\n\nΣυνέχεια; - Παρακαλώ σημειώστε ότι για να διαμορφώσετε τον τόμο σε NTFS πρέπει να έχετε δικαιώματα διαχειριστή.\n\nΧωρίς δικαιώματα διαχειριστή μπορείτε να διαμορφώσετε τον τόμο σε FAT. - Κρυπτογράφος εγκεκριμένος από την FIPS (Rijndael, δημοσιεύτηκε το 1998) που μπορεί να χρησιμοποιηθεί από υπηρεσίες των Η.Π.Α. για προστασία μέχρι άκρως απορρήτων πληροφοριών. Κλειδί 256-bit, μπλοκ 128-bit, 14 γύροι (AES-256). Κατάσταση λειτουργίας XTS. - Ο τόμος είναι ήδη φορτωμένος. - ΠΡΟΣΟΧΗ: Τουλάχιστον ένας αλγόριθμος κρυπτογράφησης ή τυχαίων αριθμών απέτυχε στους ενσωματωμένους αυτοελέγχους!\n\nΗ εγκατάσταση του VeraCrypt μπορεί να έχει φθαρεί. - ΠΡΟΣΟΧΗ: Δεν υπάρχουν αρκετά δεδομένα στη Γεννήτρια Τυχαίων Αριθμών για να παρέχουν την αιτηθείσα ποσότητα δεδομένων.\n\nΔε θα πρέπει να συνεχίσετε. Παρακαλώ επιλέξτε "Αναφορά σφάλματος" από το μενού Βοήθεια και αναφέρετε αυτό το σφάλμα. - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Μη έγκυρο γράμμα οδηγού. - Μη έγκυρη διαδρομή. - Ακύρωση - Αδύνατη η πρόσβαση στη συσκευή. Σιγουρευτείτε ότι η επιλεγμένη συσκευή υπάρχει και δεν χρησιμοποιείται από το σύστημα. - Προειδοποίηση: είναι ενεργοποιημένο το Caps Lock. Αυτό μπορεί να προκαλέσει λανθασμένη εισαγωγή κωδικού. - Τύπος τόμου - Μπορεί να αναγκαστείτε από κάποιον να αποκαλύψετε τον κωδικό ενός κρυπτογραφημένου τόμου. Η χρήση ενός κρυφού τόμου σας επιτρέπει να ξεπεράσετε τέτοιες καταστάσεις, χωρίς να αποκαλύψετε τον κωδικό σας. - Επιλέξτε αυτή τη δυνατότητα, αν θέλετε να δημιουργήσετε έναν κανονικό τόμο VeraCrypt. - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - Επιλογές κρυπτ/σης εξωτερικού τόμου - Επιλογές κρυπτ/σης κρυφού τόμου - Επιλογές κρυπτογράφησης - ΠΡΟΣΟΧΗ: Αποτυχία καθαρισμού διαδρομής του τελευταίου τόμου/αρχείου-κλειδιού που επιλέχθηκε (καταγεγραμμένου από τον επιλογέα αρχείων)! - Σφάλμα: Το αρχείο-τόμος έχει συμπιεστεί στο επίπεδο του συστήματος αρχείων. Το VeraCrypt δεν υποστηρίζει συμπιεσμένα αρχεία-τόμους (σημειωτέον ότι η συμπίεση κρυπτογραφημένων δεδομένων είναι αναποτελεσματική και περιττή).\n\nΠαρακαλώ απενεργοποιήστε τη συμπίεση για το αρχείο-τόμο ακολουθώντας τα εξής: 1) Κάντε δεξί κλικ στο αρχείο-τόμο στον Windows Explorer (όχι στο VeraCrypt). 2) Επιλέξτε "Ιδιότητες". 3) Επιλέξτε "Για προχωρημένους" και απενεργοποιήστε την επιλογή "Συμπίεση περιεχομένων για εξοικονόμηση χώρου στο δίσκο". - Αποτυχία δημιουργίας τόμου %s - Μέγεθος %s %.2f bytes - Μέγεθος %s %.2f KB - Μέγεθος %s %.2f MB - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - ΠΡΟΣΟΧΗ: Η συσκευή/διαμέρισμα είναι σε χρήση από το λειτουργικό σύστημα ή εφαρμογές. Η διαμόρφωση της μπορεί να προκαλέσει απώλεια δεδομένων και αστάθεια συστήματος.\n\nΣυνέχεια; - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - Σφάλμα: Η συσκευή/διαμέρισμα περιέχει ένα σύστημα αρχείων που δεν μπόρεσε να εκφορτωθεί. Το σύστημα αρχείων μπορεί να είναι σε χρήση από το λειτουργικό σύστημα. Η διαμόρφωση της συσκευής/διαμερίσματος πιθανότατα θα προκαλέσει απώλεια δεδομένων και αστάθεια συστήματος.\n\nΓια να επιλύσετε το πρόβλημα προτείνουμε να διαγράψετε πρώτα το διαμέρισμα και να το ξαναδημιουργήσετε χωρίς διαμόρφωση. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - ΠΡΟΣΟΧΗ: Ορισμένες από τις φορτωμένες συσκευές/διαμερίσματα ήταν ήδη σε χρήση!\n\nΗ παράβλεψη μπορεί να οδηγήσει σε ανεπιθύμητα αποτελέσματα και αστάθεια συστήματος.\n\nΣυνιστούμε να κλείσετε κάθε εφαρμογή που μπορεί να χρησιμοποιεί τις συσκευές/διαμερίσματα. - Η επιλεγμένη συσκευή περιέχει διαμερίσματα.\n\nΗ διαμόρφωση της μπορεί να δημιουργήσει αστάθεια συστήματος και/ή απώλεια δεδομένων. Παρακαλώ επιλέξτε ένα διαμέρισμα στη συσκευή ή διαγράψτε όλα τα διαμερίσματα από τη συσκευή για να τη διαμορφώσει το VeraCrypt εν ασφαλεία. - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Ο ελεύθερος χώρος στον οδηγό %s είναι %.2f bytes. - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - Δεν μπόρεσαν να ανακτηθούν τα διαθέσιμα γράμματα οδηγών. - Σφάλμα: Δε βρέθηκε ο οδηγός VeraCrypt.\n\nΠαρακαλώ αντιγράψτε τα αρχεία 'veracrypt.sys' και 'veracrypt-x64.sys' στο φάκελο που βρίσκεται η εφαρμογή (το VeraCrypt.exe). - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Σφάλμα: Αποτυχία αρχικοποιήσης κρυπτογράφου. - Σφάλμα: Ένα αδύναμο κλειδί ανιχνεύτηκε. Το κλειδί θα απορριφθεί. Παρακαλώ δοκιμαστε ξανά. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - Κρίσιμο σφάλμα του VeraCrypt - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Κρυπτογράφηση - &Αποκρυπτογράφηση - &Μόνιμη αποκρυπτογράφηση - Έξοδος - Παρακαλώ δημιουργήστε ένα λογικό οδηγό για αυτό το extended διαμέρισμα και δοκιμάστε ξανά. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - Επιλέξτε την τοποθεσία του τόμου VeraCrypt μέσα στον οποίο θα δημιουργηθεί ένας κρυφός τόμος. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - Σφάλμα: Αδύνατη η φόρτωση του τόμου. Το φιλοξενών αρχείο/συσκευή είναι ήδη σε χρήση. Η προσπάθεια φόρτωσης χωρίς αποκλειστική πρόσβαση επίσης απέτυχε. - Το αρχείο δεν μπόρεσε να ανοιχθεί. - Τοποθεσία τόμου - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Note: - &Ανάκτηση - &Αναβολή - &Start - &Continue - &Διαμόρφωση - &Wipe - Ακύρωση διαμόρφωσης; - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - Το διαμέρισμα/συσκευή του συστήματος αποκρυπτογραφήθηκε επιτυχώς. - \n\nΟ τόμος VeraCrypt δημιουργήθηκε και είναι έτοιμος για χρήση. Αν θέλετε να δημιουργήσετε κι άλλον τόμο πιέστε "Επόμενο", αλλιώς "Έξοδος". - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - Ο τόμος VeraCrypt δημιουργήθηκε επιτυχώς. - Ο τόμος δημιουργήθηκε - ΣΗΜΑΝΤΙΚΟ: Κινήστε το ποντίκι όσο πιο τυχαία γίνεται μέσα σε αυτό το παράθυρο. Όσο περισσότερο, τόσο καλύτερα. Αυτό αυξάνει σημαντικά την κρυπτογραφική ικανότητα των αρχείων-κλειδιών. Στη συνέχεια πιέστε Διαμόρφωση για να δημιουργήσετε τον τόμο. - Πιέστε Διαμόρφωση για να δημιουργήσετε τον εξωτερικό τόμο. Για περισσότερες πληροφορίες ανατρέξτε στην τεκμηρίωση. - Διαμόρφωση εξωτερικού τόμου - Διαμόρφωση κρυφού τόμου - Διαμόρφωση τόμου - Το Adobe Reader (ή ένα συμβατό εργαλείο) είναι απαραίτητο για να δείτε ή να εκτυπώσετε τον Οδηγό Χρήσης του VeraCrypt. Το Adobe Reader (δωρεάν) μπορεί να μεταφορτωθεί από: www.adobe.com\n\nΘέλετε να δείτε την διαδικτυακή βοήθεια; - Αν επιλέξετε αυτή τη δυνατότητα, ο Οδηγός θα σας βοηθήσει να δημιουργήσετε πρώτα έναν κανονικό τόμο VeraCrypt και έπειτα έναν κρυφό μέσα σ'αυτόν. Μη έμπειροι χρήστες θα πρέπει πάντα να επιλέγουν αυτή τη δυνατότητα. - Αν επιλέξετε αυτή τη δυνατότητα, θα δημιουργήσετε έναν κρυφό τόμο μέσα σε έναν υπάρχοντα τόμο VeraCrypt. Θα θεωρηθεί ότι έχετε ήδη δημιουργήσει έναν τόμο VeraCrypt κατάλληλο να φιλοξενήσει τον κρυφό τόμο. - Μέθοδος δημιουργίας τόμου - Ο κρυφός τόμος δημιουργήθηκε - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - Ο εξωτερικός τόμος δημιουργήθηκε επιτυχώς και φορτώθηκε ως οδηγός %hc:. Σε αυτόν τον τόμο θα πρέπει να γράψετε αρχεία που ΔΕΝ θέλετε να κρύψετε. Τα αρχεία θα είναι εμφανή για όποιον σας εξαναγκάσει να αποκαλύψετε τον κωδικό σας. Θα αποκαλύψετε μόνο τον κωδικό του εξωτερικού τόμου, όχι του κρυφού. Τα πραγματικά σημαντικά σας αρχεία θα είναι στον κρυφό τόμο που θα δημιουργηθεί στη συνέχεια. Όταν τελειώσετε την αντιγραφή πιέστε "Επόμενο". Μην εκφορτώσετε τον τόμο.\n\nΣημείωση: Αφού πιέσετε "Επόμενο", το cluster bitmap του εξωτερικού τόμου θα ανιχνευθεί για να καθορισθεί το μέγεθος του συνεχούς ελεύθερου χώρου του οποίου το τέλος ευθυγραμμίζεται με το τέλος του τόμου. Αυτή η περιοχή θα περιέχει τον κρυφό τόμο, συνεπώς θα περιορίσει το μέγιστο δυνατό του μέγεθος. Η ανίχνευση του cluster bitmap διασφαλίζει ότι δεν θα διαγραφούν δεδομένα του εξωτερικού τόμου από τον κρυφό τόμο. - Περιεχόμενα εξωτερικού τόμου - \n\nΣτα επόμενα βήματα θα ορίσετε τις επιλογές για τον εξωτερικό τόμο (μέσα στον οποίο θα δημιουργηθεί ο κρυφός τόμος αργότερα). - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - Εξωτερικός τόμος - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nΤο cluster bitmap του τόμου ανιχνεύθηκε και το μέγιστο δυνατό μέγεθος του κρυφού τόμου προσδιορίσθηκε. Στα επόμενα βήματα θα ορίσετε της επιλογές, το μέγεθος και τον κωδικό για τον κρυφό τόμο. - Κρυφός τόμος - Ο κρυφός τόμος είναι τώρα προστατευμένος από φθορά μέχρι να εκφορτωθεί ο εξωτερικός τόμος.\n\nΠΡΟΣΟΧΗ: Αν γίνει προσπάθεια αποθήκευσης δεδομένων στην περιοχή του κρυφού τόμου, το VeraCrypt θα ξεκινήσει την προστασία από εγγραφή ολόκληρου του τόμου (εξωτερικού και κρυφού) μέχρι να εκφορτωθούν. Αυτό μπορεί να προκαλέσει φθορά στο σύστημα αρχείων του εξωτερικού τόμου. Γι'αυτό θα πρέπει να προσπαθήσετε να μη γράψετε στην περιοχή του κρυφού τόμου. Όσα δεδομένα εγγραφούν στην περιοχή του κρυφού τόμου ΔΕ θα αποθηκευθούν και θα χαθούν! Τα Windows μπορεί να το αναφέρουν αυτό ως σφάλμα εγγραφής. - Καθένας από τους κρυφούς τόμους μέσα στους νεοφορτωθέντες τόμους είναι τώρα προστατευμένος από φθορά μέχρι μα εκφορτωθεί.\n\nΠΡΟΣΟΧΗ: Αν γίνει προσπάθεια αποθήκευσης δεδομένων σε περιοχή κρυφού τόμου οποιουδήποτε από αυτούς τους τόμους, το VeraCrypt θα ξεκινήσει την προστασία από εγγραφή ολόκληρου του τόμου (εξωτερικού και κρυφού) μέχρι να εκφορτωθεί. Αυτό μπορεί να προκαλέσει φθορά στο σύστημα αρχείων του εξωτερικού τόμου. Γι'αυτό θα πρέπει να προσπαθήσετε να μη γράψετε στην περιοχή του κρυφού τόμου. Όσα δεδομένα εγγραφούν στην περιοχή του κρυφού τόμου ΔΕ θα αποθηκευθούν και θα χαθούν! Τα Windows μπορεί να το αναφέρουν αυτό ως σφάλμα εγγραφής. - ΠΡΟΣΟΧΗ: Έγινε προσπάθεια αποθήκευσης δεδομένων στην περιοχή του κρυφού τόμου του φορτωμένου ως %c: τόμου!\n\nΤο VeraCrypt απέτρεψε την εγγραφή αυτών των δεδομένων για να προστατεύσει τον κρυφό τόμο. Αυτό μπορεί να προκάλεσε φθορά στο σύστημα αρχείων του εξωτερικού τόμου και τα Windows μπορεί να το αναφέρουν αυτό ως σφάλμα εγγραφής. Ολόκληρος ο τόμος (εξωτερικός και κρυφός) θα προστατευθεί από εγγραφή μέχρι να εκφορτωθεί. Συνίσταται να δημιουργήσετε έναν νέο τόμο VeraCrypt (με τη Γρήγορη Διαμόρφωση απενεργοποιημένη) και να μετακινήσετε τα αρχεία αυτού του τόμου στο νέο. Αυτός ο τόμος θα πρέπει να διαγραφεί ασφαλώς (εξωτερικός και κρυφός). Συνιστούμε να κάνετε επανεκκίνηση τώρα. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - Ο υπολογιστής σας πρέπει να επανεκκινηθεί.\n\nΘέλετε αυτό να γίνει τώρα; - Ένα σφάλμα συνέβη κατά τη λήψη της κατάστασης κρυπτογράφησης του συστήματος. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Αδυναμία αρχικοποίησης των στοιχείων της εφαρμογής για κρυπτογράφηση του συστήματος. - Αποτυχία αρχικοποίησης της γεννήτριας τυχαίων αριθμών! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Αδυναμία αρχικοποίησης της εφαρμογής. Αποτυχία καταχώρησης της τάξης διαλόγου. - Error: Failed to load the Rich Edit system library. - Οδηγός δημιουργίας τόμου VeraCrypt - Το μέγιστο δυνατό μέγεθος κρυφού τόμου για αυτόν τον τόμο είναι %.2f bytes. - Το μέγιστο δυνατό μέγεθος κρυφού τόμου για αυτόν τον τόμο είναι %.2fKB. - Το μέγιστο δυνατό μέγεθος κρυφού τόμου για αυτόν τον τόμο είναι %.2f MB. - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - Ο κωδικός/αρχεία-κλειδιά του τόμου δεν μπορούν να αλλαχθούν όσο αυτός είναι φορτωμένος. Παρακαλώ εκφορτώστε πρώτα τον τόμο. - Ο αλγόριθμος του κλειδιού δημιουργίας header δεν μπορεί να αλλαχθεί όσο ο τόμος είναι φορτωμένος. Παρακαλώ εκφορτώστε πρώτα τον τόμο. - &Φόρτωση - Μια νεότερη έκδοση του VeraCrypt χρειάζεται για να φορτώσετε αυτό τον τόμο. - Σφάλμα: Δε βρέθηκε ο Οδηγός δημιουργίας τόμου.\n\nΠαρακαλώ σιγουρευτείτε ότι το αρχείο "VeraCrypt Format.exe" είναι στο φάκελο από τον οποίο έτρεξε το "VeraCrypt.exe". Αν δεν είναι ξαναεγκαταστήστε το VeraCrypt ή εντοπίστε το "VeraCrypt Format.exe" στο δίσκο σας και τρέξτε το. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Επόμενο > - &Τέλος - &Εγκατάσταση - Ε&ξαγωγή - Αδύνατη η σύνδεση με τον οδηγό συσκευής του VeraCrypt. Το VeraCrypt δεν μπορεί να λειτουργήσει αν δεν τρέχει ο οδηγός συσκευής.\n\nΣημειώστε ότι λόγω των Windows, μπορεί να χρειαστεί να αποσυνδεθείτε ή να κάνετε επανεκκίνηση για να φορτωθεί ο οδηγός συσκευής. - Σφάλμα κατά τη φόρτωση/προετοιμασία των γραμματοσειρών. - Το γράμμα του οδηγού δε βρέθηκε ή δεν καθορίσθηκε. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Το γράμμα του οδηγού δεν είναι διαθέσιμο. - Δεν επιλέχθηκε αρχείο! - Δεν υπάρχουν διαθέσιμα γράμματα οδηγών. - Δεν υπάρχει ελεύθερο γράμμα οδηγού για τον εξωτερικό τόμο! Η δημιουργία του τόμου δεν μπορεί να συνεχισθεί. - Αδύνατος ο προσδιορισμός του λειτουργικού συστήματος ή χρησιμοποιείτε μη υποστηριζόμενο λειτουργικό σύστημα. - Δεν επιλέχθηκε διαδρομή! - Όχι αρκετός ελεύθερος χώρος για τον κρυφό τόμο! Η δημιουργία του τόμου δεν μπορεί να συνεχισθεί. - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - Ο οδηγός αδυνατεί να εκφορτώσει τον τόμο. Κάποια αρχεία του τόμου πιθανόν να είναι ακόμα σε χρήση. - Αδύνατον να κλειδωθεί ο τόμος. Υπάρχουν ακόμα ανοιχτά αρχεία στον τόμο. Γι' αυτό δεν μπορεί να εκφορτωθεί. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - Επιλέξτε έναν τόμο VeraCrypt - Καθορίστε διαδρομή και όνομα αρχείου - Select PKCS #11 Library - Η μνήμη εξαντλήθηκε - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - ΠΡΟΣΟΧΗ: Το αρχείο '%s' ήδη υπάρχει!\n\nΣΗΜΑΝΤΙΚΟ: ΤΟ VERACRYPT ΔΕ ΘΑ ΚΡΥΠΤΟΓΡΑΦΗΣΕΙ ΤΟ ΑΡΧΕΙΟ ΑΛΛΑ ΘΑ ΤΟ ΔΙΑΓΡΑΨΕΙ. Είστε σίγουρος ότι θέλετε να διαγράψετε το αρχείο και να το αντικαταστήσετε με ένα νέο αρχείο-τόμο VeraCrypt; - ΠΡΟΣΟΧΗ: ΟΛΑ ΤΑ ΑΠΟΘΗΚΕΥΜΕΝΑ ΑΡΧΕΙΑ ΣΤΟ ΕΠΙΛΕΓΜΕΝΟ %s '%s'%s ΘΑ ΔΙΑΓΡΑΦΟΥΝ (ΔΕ ΘΑ ΚΡΥΠΤΟΓΡΑΦΗΘΟΥΝ)!\n\nΕίστε σίγουρος ότι θέλετε να συνεχίσετε τη διαμόρφωση; - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - Κωδικός - PIM - Ορισμός κλειδιού αλγορίθμου δημιουργίας header - Προσθήκη/Διαγραφή αρχείων-κλειδιών σε/από τόμους - Διαγραφή όλων των αρχείων-κλειδιών από τον τόμο - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Σημειώστε ότι ο Δίσκος Ασφαλείας VeraCrypt σας εξακολουθεί να χρησιμοποιεί τον προηγούμενο αλγόριθμο. Αν θεωρείτε τον προηγούμενο αλγόριθμο ανασφαλή, θα πρέπει να δημιουργήσετε έναν νέο Δίσκο Ασφαλείας και να καταστρέψετε τον παλιό.\n\nΘέλετε να δημιουργήσετε έναν νέο Δίσκο Ασφαλείας VeraCrypt; - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Τα αρχεία-κλειδιά προστέθηκαν/αφαιρέθηκαν επιτυχώς. - Keyfile exported. - Ο αλγόριθμος του κλειδιού δημιουργίας header ορίσθηκε επιτυχώς. - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption/decryption.\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption/decryption has been interrupted and where the VeraCrypt volume header can be deciphered using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains each accessible non-system volume where the process of encryption/decryption has been interrupted and where the volume header was successfully deciphered using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. - Παρακαλώ επιλέξτε κωδικό για τον κρυφό τόμο. - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - Παρακαλώ εισάγετε τον κωδικό για τον τόμο μέσα στον οποίο επιθυμείτε να δημιουργήσετε έναν κρυφό τόμο.\n\nΑφού επιλέξετε "Επόμενο", το VeraCrypt θα επιχειρήσει να φορτώσει τον τόμο. Μόλις ο τόμος φορτωθεί, το cluster bitmap θα ανιχνευθεί για να προσδιορισθεί το μέγεθος της συνεχούς περιοχής ελεύθερου χώρου (αν υπάρχει) του οποίου το τέλος ευθυγραμμίζεται με το τέλος του τόμου. Αυτή η περιοχή θα φιλοξενήσει τον κρυφό τόμο και συνεπώς θα περιορίσει το πιθανό μέγεθος του. Η ανίχνευση του cluster bitmap είναι απαραίτητη για να διασφαλισθεί ότι δε θα διαγραφούν δεδομένα του εξωτερικού τόμου από τον κρυφό τόμο. - \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - Κωδικός εξωτερικού τόμου - Κωδικός κρυφού τόμου - Password for Hidden Operating System - ΠΡΟΣΟΧΗ: Οι μικροί κωδικοί μπορούν να σπάσουν εύκολα με τεχνικές brute force!\n\nΣυνιστούμε να επιλέξετε έναν κωδικό τουλάχιστον 20 χαρακτήρων. Είστε σίγουροι ότι θέλετε να χρησιμοποιήσετε μικρό κωδικό; - Κωδικός τόμου - Λάθος κωδικός ή όχι τόμος VeraCrypt. - Λάθος αρχεία-κλειδιά και/ή κωδικός ή όχι τόμος VeraCrypt. - Λάθος μέθοδος φόρτωσης, λάθος κωδικός ή όχι τόμος VeraCrypt. - Λάθος μέθοδος φόρτωσης, λάθος αρχείο(α)-κλειδί(α) και/ή κωδικός ή όχι τόμος VeraCrypt. - Λάθος κωδικός ή δεν βρέθηκε τόμος VeraCrypt. - Λάθος αρχεία-κλειδιά και/ή κωδικός ή δεν βρέθηκε τόμος VeraCrypt. - \n\nΠροσοχή: Το Caps Lock είναι ενεργοποιημένο. Αυτό μπορεί να προκαλέσει λάθος εισαγωγή κωδικού. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where the process of encryption/decryption of a non-system volume has been interrupted and where the volume header can be deciphered using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nΣημείωση: Αν προσπαθείτε να φορτώσετε ένα διαμέρισμα ενός κρυπτογραφημένου οδηγού συστήματος χωρίς προ-εκκίνησης έλεγχο αυθεντικότητας ή να φορτώσετε το κρυπτογραφημένο διαμέρισμα συστήματος ενός λειτουργικού συστήματος που δεν τρέχει, μπορείτε να το κάνετε επιλέγοντας 'Σύστημα' > 'Φόρτωση χωρίς προ-εκκίνησης έλεγχο αυθεντικότητας'. - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Πίσω - Αδυναμία παράθεσης των εγκατεστημένων στο σύστημα σας αδιαμόρφωτων συσκευών! - Ο τόμος '%s' υπάρχει και είναι μόνο για ανάγνωση. Είστε σίγουρος ότι θέλετε να τον αντικαταστήσετε; - Επιλέξτε φάκελο προορισμού - Επιλέξτε αρχείο-κλειδί - Επιλέξτε διαδρομή αναζήτησης αρχείου-κλειδιού. ΠΡΟΣΟΧΗ: Μόνο η διαδρομή θα απομνημονευθεί, όχι τα αρχεία! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Σχεδιασμένος από τους Ross Anderson, Eli Biham και Lars Knudsen. Δημοσιεύτηκε το 1998. Κλειδί 256-bit, μπλοκ 128-bit. Κατάσταση λειτουργίας XTS. Ο Serpent ήταν ένας από τους φιναλίστ του AES. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Μέγεθος εξωτερικού τόμου - Μέγεθος κρυφού τόμου - Please verify that the size of the selected device/partition shown above is correct and click Next. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Μέγεθος τόμου - Δυναμικός - Ο ΑΥΤΟΕΛΕΓΧΟΣ ΑΠΕΤΥΧΕ! - Οι αυτοέλεγχοι πέτυχαν - Ο αριθμός μονάδας δεδομένων που παρείχατε είναι πολύ μεγάλος ή πολύ μικρός. - Το δευτερεύον κλειδί που παρείχατε είναι πολύ μεγάλο ή πολύ μικρό. - Το δοκιμαστικό κρυπτοκείμενο που παρείχατε είναι πολύ μεγάλο ή πολύ μικρό. - Το δοκιμαστικό κλειδί που παρείχατε είναι πολύ μεγάλο ή πολύ μικρό. - Το δοκιμαστικό απλό κείμενο που παρείχατε είναι πολύ μεγάλο ή πολύ μικρό. - Δύο κρυπτογράφοι σε σειρά, λειτουργούντες σε κατάσταση XTS. Κάθε μπλοκ πρώτα κρυπτογραφείται με %s (%d-bit κλειδί) και μετά με %s (%d-bit κλειδί). Κάθε κρυπτογράφος χρησιμοποιεί το δικό του κλειδί. Όλα τα κλειδιά είναι μεταξύ τους ανεξάρτητα. - Τρεις κρυπτογράφοι σε σειρά, λειτουργούντες σε κατάσταση XTS. Κάθε μπλοκ πρώτα κρυπτογραφείται με %s (%d-bit κλειδί), μετά με %s (%d-bit κλειδί) και τελικά με %s (%d-bit κλειδί). Κάθε κρυπτογράφος χρησιμοποιεί το δικό του κλειδί. Όλα τα κλειδιά είναι μεταξύ τους ανεξάρτητα. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - Φορητός δίσκος VeraCrypt - Σχεδιάστηκε από τους Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall και Niels Ferguson. Δημοσιεύτηκε το 1998. Κλειδί 256-bit, μπλοκ 128-bit. Κατάσταση λειτουργίας XTS. Ο Twofish ήταν ένας από τους φιναλίστ του AES. - Περισσότερες πληροφορίες στο %s - Άγνωστο - An unspecified or unknown error occurred (%d). - Ορισμένοι τόμοι περιέχουν αρχεία ή φακέλους που χρησιμοποιούνται από εφαρμογές ή το σύστημα.\n\nΕξαναγκασμός εκφόρτωσης; - &Εκφόρτωση - Η εκφόρτωση απέτυχε! - Ο τόμος περιέχει αρχεία ή φακέλους που χρησιμοποιούνται από εφαρμογές ή το σύστημα.\n\nΕξαναγκασμός εκφόρτωσης; - No volume is mounted to the specified drive letter. - Ο τόμος που προσπαθείτε να φορτώσετε είναι ήδη φορτωμένος. - Ένα σφάλμα συνέβη κατά τη διάρκεια της φόρτωσης τόμου. - Σφάλμα εντοπισμού θέσης μέσα στον τόμο. - Σφάλμα: Λάθος μέγεθος τόμου. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - Το VeraCrypt δεν μπορεί να αλλάξει κωδικούς τόμων άλλου τύπου. - Παρακαλώ επιλέξτε ένα γράμμα οδηγού από τη λίστα. - Παρακαλώ επιλέξτε έναν φορτωμένο τόμο στη λίστα γραμμάτων οδηγών. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Σφάλμα: Αδύνατη η δημιουργία του autorun.inf - Σφάλμα κατά την επεξεργασία του αρχείου-κλειδιού! - Σφάλμα κατά την επεξεργασία της διαδρομής του αρχείου-κλειδιού! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - Το VeraCrypt δεν υποστηρίζει αυτό το λειτουργικό σύστημα. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Σφάλμα: Αδύνατη η κατανομή της μνήμης. - Σφάλμα: Αδύνατη η ανάκτηση της τιμής του μετρητή επιδόσεως. - Σφάλμα: Κακή διαμόρφωση τόμου. - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - Νομικές επισημάνσεις - Όλα τα αρχεία - Τόμοι VeraCrypt - Library Modules - Η διαμόρφωση NTFS δεν μπορεί να συνεχιστεί. - Αδύνατη η φόρτωση του τόμου. - Αδύνατη η εκφόρτωση του τόμου. - Τα Windows απέτυχαν στη διαμόρφωση του τόμου σε NTFS.\n\nΠαρακαλώ επιλέξτε έναν διαφορετικό τύπο συστήματος αρχείων (αν είναι δυνατόν) και προσπαθήστε ξανά. Εναλλακτικά θα μπορούσατε να αφήσετε τον τόμο αδιαμόρφωτο (επιλέξτε "Κανένα" ως σύστημα αρχείων), βγείτε από αυτόν τον Οδηγό, φορτώστε τον τόμο και κατόπιν χρησιμοποιείστε ένα εργαλείο είτε του συστήματος είτε ενός τρίτου κατασκευαστή για να διαμορφώσετε τον φορτωμένο τόμο (ο τόμος θα παραμείνει κρυπτογραφημένος). - Τα Windows απέτυχαν στη διαμόρφωση του τόμου σε NTFS.\n\nΘέλετε να τον διαμορφώσετε σε FAT; - Εξ'ορισμού - διαμέρισμα - ΔΙΑΜΕΡΙΣΜΑ - Συσκευή - device - ΣΥΣΚΕΥΗ - Τόμος - volume - VOLUME - Label - Το επιλεγμένο μέγεθος του cluster είναι πολύ μικρό για αυτό το μέγεθος τόμου. Ένα μεγαλύτερο μέγεθος cluster θα χρησιμοποιηθεί αντί αυτού. - Σφάλμα: Δεν μπορεί να ανακτηθεί το μέγεθος του τόμου!\n\nΣιγουρευτείτε ότι ο επιλεγμένος τόμος δε χρησιμοποιείται από το σύστημα ή κάποια εφαρμογή. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - Ο Οδηγός Δημιουργίας Τόμου VeraCrypt μπορεί να δημιουργήσει κρυφό τόμο μόνο μέσα σε τόμο FAT ή NTFS. - Στα Windows 2000, ο Οδηγός Δημιουργίας Τόμου VeraCrypt μπορεί να δημιουργήσει κρυφό τόμο μόνο μέσα σε τόμο FAT. - Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). - Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Σφάλμα: Αδυναμία πρόσβασης στον τόμο!\n\nΣιγουρευτείτε ότι ο επιλεγμένος τόμος υπάρχει, δεν είναι φορτωμένος ή χρησιμοποιείται από το σύστημα ή κάποια εφαρμογή, ότι έχετε δικαιώματα ανάγνωσης/εγγραφής σε αυτόν και ότι δεν έχει προστασία εγγραφής. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption/decryption of the partition/volume.\n\nPlease try fixing any previously reported problems and then try resuming the process again if possible. Note that the volume cannot be mounted until it has been fully encrypted or fully decrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Σφάλμα: Αδυναμία εκφόρτωσης του εξωτερικού τόμου!\n\nΟ τόμος δεν μπορεί να εκφορτωθεί αν περιέχει αρχεία ή φακέλους σε χρήση.\n\nΠαρακαλώ κλείστε κάθε πρόγραμμα που μπορεί να χρησιμοποιεί αρχεία ή φακέλους του τόμου και επιλέξτε "Επανάληψη". - Σφάλμα: Αδυναμία ανάκτησης πληροφοριών για τον εξωτερικό τόμο! Η δημιουργία του τόμου δεν μπορεί να συνεχιστεί. - Σφάλμα: Αδυναμία πρόσβασης στον εξωτερικό τόμο! Η δημιουργία του τόμου δεν μπορεί να συνεχισθεί. - Σφάλμα: Αδυναμία φόρτωσης του εξωτερικού τόμου! Η δημιουργία του τόμου δεν μπορεί να συνεχισθεί. - Σφάλμα: Αδυναμία ανάκτησης του cluster bitmap του τόμου! Η δημιουργία του τόμου δεν μπορεί να συνεχισθεί. - Αλφαβητικά/Κατηγοριοποιημένα - Μέση ταχύτητα (μειούμενη) - Αλγόριθμος - Κρυπτογράφηση - Αποκρυπτογράφηση - Μέσος όρος - Οδηγός - Μέγεθος - Αλγόριθμος κρυπτογράφησης - Αλγόριθμος κρυπτογράφησης - Τύπος - Τιμή - Ιδιότητα - Θέση - bytes - Κρυφός - Εξωτερικός - Τυπικός - Σύστημα - Hidden (system) - Μόνο για ανάγνωση - Οδηγός συστήματος - Οδηγός συστήματος (κρυπτογράφηση - %.2f%% ολ/κε) - Οδηγός συστήματος (αποκρυπτογράφηση - %.2f%% ολ/κε) - Οδηγός συστήματος (%.2f%% κρυπτ/κε) - Διαμέρισμα συστήματος - Hidden system partition - Διαμέρισμα συστήματος (κρυπτογράφηση - %.2f%% ολ/κε) - Διαμέρισμα συστήματος (αποκρυπτογράφηση - %.2f%% ολ/κε) - Διαμέρισμα συστήματος (%.2f%% κρυπτ/κε) - Ναι (η ζημιά απεφεύχθει!) - Κανένα - Primary Key Size - Secondary Key Size (XTS Mode) - Tweak Key Size (LRW Mode) - bits - Μέγεθος μπλοκ - PKCS-5 PRF - PKCS-5 αριθμός επαναλήψεων - Δημιουργία τόμου - Τελευταία τροποποίηση header - (πριν %I64d μέρες) - Volume Format Version - Embedded Backup Header - VeraCrypt Boot Loader Version - Πρώτο διαθέσιμο - Removable Disk - Σκληρός δίσκος - Αμετάβλητο - Autodetection - Κατάσταση Οδηγού - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Επιλογές εγκατάστασης - Εδώ μπορείτε να καθορίσετε διάφορες επιλογές για να ελέγξετε τη διαδικασία εγκατάστασης. - Εγκατάσταση - Παρακαλώ περιμένετε όσο το VeraCrypt εγκαθίσταται. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Επιλογές εξαγωγής - Εδώ μπορείτε να καθορίσετε διάφορες επιλογές για να ελέγξετε τη διαδικασία εξαγωγής. - Παρακαλώ περιμένετε όσο τα αρχεία εξάγονται. - Files successfully extracted - Όλα τα αρχεία εξάχθηκαν επιτυχώς στον τόπο προορισμού. - Αν ο καθορισμένος φάκελος δεν υπάρχει, θα δημιουργηθεί αυτόματα. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Θέλετε να δείτε τις σημειώσεις έκδοσης για αυτήν (τελευταία σταθερή) την έκδοση του VeraCrypt; - Αν δεν έχετε ξαναχρησιμοποιήσει το VeraCrypt, προτείνουμε να διαβάσετε τον Οδηγό Χρήσης. Θέλετε να τον δείτε; - Παρακαλώ επιλέξτε μια από τις παρακάτω ενέργειες: - Επιδιόρθωση/Επανεγκατάσταση - Upgrade - Απεγκατάσταση - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - Η εγκατάσταση απέτυχε. - Η απεγκατάσταση απέτυχε. - Αυτό το πακέτο εγκατάστασης είναι φθαρμένο. Παρακαλώ δοκιμάστε να το κατεβάσετε ξανά (κατά προτίμηση από τον ιστοχώρο του VeraCrypt στη https://veracrypt.codeplex.com). - Αδυναμία εγγραφής αρχείου %s - Εξαγωγή - Αδυναμία ανάγνωσης δεδομένων από το πακέτο. - Αδυναμία επαλήθευσης της ακεραιότητας του πακέτου διανομής. - Η εξαγωγή απέτυχε. - Η εγκατάσταση αναιρέθηκε. - Το VeraCrypt εγκαταστάθηκε επιτυχώς. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - Το VeraCrypt απεγκαταστάθηκε επιτυχώς.\n\nΕπιλέξτε "Τέλος" για να απομακρύνετε το αρχείο εγκατάστασης του VeraCrypt και το φάκελο %s. Σημειώστε ότι ο φάκελος δε θα απομακρυνθεί αν περιέχει αρχεία που δεν εγκαταστάθηκαν ή δημιουργήθηκαν από το VeraCrypt. - Απομάκρυνση καταχωρήσεων μητρώου του VeraCrypt... - Προσθήκη καταχωρήσεων μητρώου... - Απομάκρυνση δεδομένων εφαρμογής... - Εγκατάσταση... - Παύση... - Απομάκρυνση... - Προσθήκη εικονιδίων... - Δημιουργία σημείου επαναφοράς συστήματος... - Αποτυχία δημιουργίας σημείου επαναφοράς συστήματος! - Updating boot loader - Αποτυχία εγκατάστασης του '%s'. %s Θέλετε να συνεχίσετε την εγκατάσταση; - Αποτυχία απεγκατάστασης του '%s'. %s Θέλετε να συνεχίσετε την απεγκατάσταση; - Η εγκατάσταση ολοκληρώθηκε. - Ο φάκελος '%s' δεν μπόρεσε να δημιουργηθεί - Ο οδηγός συσκευής του VeraCrypt δεν μπόρεσε να εκφορτωθεί.\n\nΠαρακαλώ κλείστε πρώτα όλα τα ανοιχτά παράθυρα του VeraCrypt. Αν αυτό δε βοηθήσει, επανεκκινήστε τα Windows και δοκιμάστε ξανά. - Όλοι οι τόμοι VeraCrypt πρέπει να εκφορτωθούν πριν την εγκατάσταση ή απεγκατάσταση του VeraCrypt. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - Η εγκατάσταση των καταχωρήσεων μητρώου απέτυχε - Η εγκατάσταση του οδηγού συσκευής απέτυχε. Παρακάλω επανεκκινήστε τα Windows και δοκιμάστε να ξαναεγκαταστήσετε το VeraCrypt. - Εκκίνηση οδηγού συσκευής VeraCrypt... - Η απεγκατάσταση του οδηγού συσκευής απέτυχε. Παρακαλώ σημειώστε ότι λόγω των Windows μπορεί να χρειαστεί να αποσυνδεθείτε ή να επανεκκινήσετε το σύστημα πριν εγκατασταθεί (ή επανεγκατασταθεί) ο οδηγός συσκευής. - Εγκατάσταση οδηγού συσκευής VeraCrypt... - Παύση οδηγού συσκευής VeraCrypt... - Απεγκατάσταση οδηγού συσκευής VeraCrypt... - Η καταχώρηση της βιβλιοθήκης υποστήριξης του Ελέγχου Λογαριασμού Χρήστη απέτυχε. - Η διαγραφή της βιβλιοθήκης υποστήριξης του Ελέγχου Λογαριασμού Χρήστη απέτυχε. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - Σφάλμα: Αδυναμία εμφάνισης αδείας. - Εξωτερικός(!) - ημέρες - ώρες - λεπτά - δ - Άνοιγμα - Εκφόρτωση - Δείξε το VeraCrypt - Κρύψε το VeraCrypt - Αναγνωσμένα δεδομένα από την φόρτωση - Γραμμένα δεδομένα από την φόρτωση - Κρυπτογραφημένο ποσοστό - 100% (πλήρως κρυπτογραφημένο) - 0% (όχι κρυπτογραφημένο) - %.3f%% - 100% - Αναμονή - Preparing - Resizing - Κρυπτογράφηση - Αποκρυπτογράφηση - Finalizing - Σταματημένο - Ολοκληρώθηκε - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Εισάγετε κωδικό για το %s - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - Το αρχείο-κλειδί δημιουργήθηκε επιτυχώς. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - Το αντίγραφο ασφαλείας του header του τόμου δημιουργήθηκε επιτυχώς.\n\nΣΗΜΑΝΤΙΚΟ: Η επαναφορά του header με αυτό το αντίγραφο θα επαναφέρει επίσης και τον κωδικό του τόμου. Επιπλέον αν χρειάζονται αρχεία-κλειδιά για να φορτωθεί ο τόμος, τα ίδια αρχεία-κλειδιά θα είναι απαραίτητα για να φορτώσετε τον τόμο ξανά όταν ανακτηθεί το header.\n\nΠΡΟΣΟΧΗ: Αυτό το αντίγραφο ασφαλείας του header μπορεί να χρησιμοποιηθεί για την επαναφορά του header ΜΟΝΟ αυτού του συγκεκριμένου τόμου. Αν το χρησιμοποιήσετε σε άλλο τόμο, θα μπορείτε να φορτώσετε τον τόμο, αλλά ΔΕΝ θα μπορείτε να αποκρυπτογραφήσετε τα δεδομένα του (γιατί θα αλλάξετε το βασικό κλειδί του). - Το header του τόμου ανακτήθηκε με επιτυχία.\n\nΣΗΜΑΝΤΙΚΟ: Παρακαλώ σημειώστε ότι κάποιος παλιός κωδικός μπορεί επίσης να ανακτήθηκε. Επιπλέον αν χρειάζονταν αρχεία-κλειδιά για να φορτωθεί ο τόμος όταν δημιουργήθηκε το αντίγραφο ασφαλείας, τα ίδια αρχεία-κλειδιά είναι τώρα απαραίτητα για να φορτώσετε τον τόμο ξανά. - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - Είστε σίγουρος ότι θέλετε να επαναφέρετε το header τόμου του %s;\n\nΠΡΟΣΟΧΗ: Η επαναφορά του header επαναφέρει επίσης και τον κωδικό του τόμου που ήταν έγκυρος όταν δημιουργήθηκε το αντίγραφο ασφαλείας. Επιπλέον αν χρειάζονταν αρχεία-κλειδιά για να φορτωθεί ο τόμος όταν δημιουργήθηκε το αντίγραφο ασφαλείας, τα ίδια αρχεία-κλειδιά θα είναι απαραίτητα για να φορτώσετε τον τόμο ξανά αφού ανακτηθεί το header.\n\nΑφού επιλέξετε "Ναι" θα επιλέξετε το αρχείο του αντιγράφου ασφαλείας του header. - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - Επιχειρείτε να δημιουργήσετε αντίγραφο ασφαλείας του header του διαμερίσματος/συσκευής του συστήματος. Αυτό δεν επιτρέπεται. Λειτουργίες δημιουργίας/ανάκτησης αντιγράφων ασφαλείας που αφορούν στο διαμέρισμα/συσκευή του συστήματος μπορούν να πραγματοποιηθούν μόνο με τη χρήση του Δίσκου Ασφαλείας VeraCrypt.\n\nΘέλετε να δημιουργήσετε ένα Δίσκο Ασφαλείας; - Επιχειρείτε να ανακτήσετε το header ενός εικονικού τόμου VeraCrypt αλλά επιλέξατε το διαμέρισμα/συσκευή του συστήματος. Αυτό δεν επιτρέπεται. Λειτουργίες δημιουργίας/ανάκτησης αντιγράφων ασφαλείας που αφορούν στο διαμέρισμα/συσκευή του συστήματος μπορούν να πραγματοποιηθούν μόνο με τη χρήση του Δίσκου Ασφαλείας VeraCrypt.\n\nΘέλετε να δημιουργήσετε ένα Δίσκο Ασφαλείας; - Αφού πιέσετε ΟΚ, θα επιλέξετε ένα όνομα για την εικόνα ISO του νέου Δίσκου Ασφαλείας VeraCrypt και την τοποθεσία που θέλετε να την τοποθετήσετε. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Παρακαλώ εισάγετε το Δίσκο Ασφαλείας VeraCrypt στον οδηγό CD/DVD και πιέστε ΟΚ για να τον επαληθεύσετε. - Ο Δίσκος Ασφαλείας VeraCrypt επαληθεύτηκε επιτυχώς. - Αδύνατη η επαλήθευση εγγραφής του Δίσκου Ασφαλείας.\n\nΑν τον έχετε εγγράψει παρακαλώ εξάγετε και εισάγετε το CD/DVD και δοκιμάστε ξανά. Αν αυτό δε βοηθήσει δοκιμάστε άλλο λογισμικό εγγραφής CD/DVD και/ή άλλο μέσο.\n\nΑν επιχειρήσατε να επαληθεύσετε ένα Δίσκο Ασφαλέιας δημιουργημένο για διαφορετικό βασικό κλειδί, κωδικό κλπ, σημειώστε ότι ένας τέτοιος Δίσκος θα αποτυγχάνει πάντα στην επαλήθευση. Για να δημιουργήσετε ένα νέο Δίσκο πλήρως συμβατό με τις τρέχουσες ρυθμίσεις σας επιλέξτε 'Σύστημα' > 'Δημιουργία Δίσκου Ασφαλείας'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Σφάλμα δημιουργίας Δίσκου Ασφαλείας VeraCrypt. - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Παρακαλώ εκφορτώστε τον τόμο πριν συνεχίσετε. - Σφάλμα: Αδυναμία ορισμού χρονομετρητή. - Ελέγχος συστήματος αρχείων - Διόρθωση συστήματος αρχείων - Add to Favorites... - Add to System Favorites... - P&roperties... - Ο κρυφός τόμος προστατεύθηκε - N/A - Ναι - Όχι - Disabled - 1 - 2 ή περισσότεροι - Κατάσταση λειτουργίας - Label: - Size: - Path: - Drive Letter: - Σφάλμα: Ο κωδικός πρέπει να περιέχει μόνο χαρακτήρες ASCII.\n\nΜη-ASCII χαρακτήρες στον κωδικό μπορεί να προκαλέσουν αδυναμία φόρτωσης του τόμου όταν αλλάξουν οι ρυθμίσεις του συστήματος σας.\n\nΟι επόμενοι χαρακτήρες επιτρέπονται:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Προειδοποίηση: Ο κωδικός περιέχει χαρακτήρες μη-ASCII.\n\nΑυτό μπορεί να προκαλέσει αδυναμία φόρτωσης του τόμου όταν αλλάξουν οι ρυθμίσεις του συστήματος σας.\n\nΘα πρέπει να αλλάξετε όλους τους μη-ASCII χαρακτήρες με χαρακτήρες ASCII όπως τους παρακάτω:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~. Για να το κάνετε αυτό επιλέξτε "Τόμοι" και "Αλλαγή κωδικού τόμου". - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Ιστοτόπος - ΠΡΟΣΟΧΗ: Φαίνεται ότι δεν έχετε εφαρμόσει κανένα Service Pack στα Windows σας. Δε θα πρέπει να γράψετε σε δίσκους IDE μεγαλύτερους από 128 GB στα Windows XP χωρίς τουλάχιστον Service Pack 1! Αν το κάνετε, δεδομένα του δίσκου (άσχετα αν είναι τόμου VeraCrypt) μπορεί να αλλοιωθούν. Σημειώστε ότι αυτός είναι ένας περιορισμός των Windows, όχι ελάττωμα του VeraCrypt. - ΠΡΟΣΟΧΗ: Φαίνεται ότι δεν έχετε εφαρμόσει τουλάχιστον το Service Pack 3 στα Windows σας. Δε θα πρέπει να γράψετε σε δίσκους IDE μεγαλύτερους από 128 GB στα Windows 2000 χωρίς τουλάχιστον Service Pack 3! Αν το κάνετε, δεδομένα του δίσκου (άσχετα αν είναι τόμου VeraCrypt) μπορεί να αλλοιωθούν. Σημειώστε ότι αυτός είναι ένας περιορισμός των Windows, όχι ελάττωμα του VeraCrypt.\n\nΣημείωση: Ισως χρειαστεί να ενεργοποιήσετε την υποστήριξη 48-bit LBA στο μητρώο. Περισσότερες πληροφορίες στη http://support.microsoft.com/kb/305098/EN-US - ΠΡΟΣΟΧΗ: Η υποστήριξη 48-bit LBA ATAPI είναι απενεργοποιημένη στο σύστημα σας. Γι' αυτό δε θα πρέπει να γράψετε σε δίσκους IDE μεγαλύτερους από 128 GB! Αν το κάνετε, δεδομένα του δίσκου (άσχετα αν είναι τόμου VeraCrypt) μπορεί να αλλοιωθούν. Σημειώστε ότι αυτός είναι ένας περιορισμός των Windows, όχι ελάττωμα του VeraCrypt.\n\nΓια να ενεργοποιήσετε την υποστήριξη 48-bit LBA, προσθέστε την τιμή "EnableBigLba" στο κλειδί του μητρώου HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters και ορίστε την 1.\n\nΠερισσότερες πληροφορίες στη http://support.microsoft.com/kb/305098 - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - ΠΡΟΣΟΧΗ: Αν θέλετε να έχετε τη δυνατότητα να προσθέσετε μελλοντικά περισσότερα δεδομένα/αρχεία στον εξωτερικό τόμο, θα πρέπει να σκεφθείτε να επιλέξετε μικρότερο μέγεθος για τον κρυφό τόμο.\n\nΕίστε σίγουρος ότι θέλετε να συνεχίσετε με το μέγεθος που καθορίσατε; - Δεν επιλέχθηκε τόμος.\n\nΕπιλέξτε "Επιλογή συσκευής" ή "Επιλογή αρχείου" για να επιλέξετε ένα αρχείο-τόμο. - Δεν επιλέχθηκε διαμέρισμα.\n\nΕπιλέξτε 'Επιλογή συσκευής' για να επιλέξετε ένα εκφορτωμένο διαμέρισμα που φυσιολογικά χρειάζεται προ-εκκίνησης έλεγχο αυθεντικότητας (π.χ. ένα διαμέρισμα που βρίσκεται στο κρυπτογραφημένο οδηγό συστήματος ενός άλλου λειτουργικού συστήματος που δεν τρέχει, ή το κρυπτογραφημένο διαμέρισμα του συστήματος ενός άλλου λειτουργικού συστήματος).\n\nΣημείωση: Το επιλεγμένο διαμέρισμα θα φορτωθεί σαν ένας κανονικός τόμος VeraCrypt χωρίς προ-εκκίνησης έλεγχο αυθεντικότητας. Αυτό είναι χρήσιμο π.χ. για λειτουργίες αντιγράφων ασφαλείας ή επιδιόρθωσης. - ΠΡΟΣΟΧΗ: Αν ορισθούν και επιλεγούν εξ'ορισμού αρχεία-κλειδιά, τόμοι οι οποίοι δε χρησιμοποιούν αυτά τα αρχεία-κλειδιά δε θα μπορούν να φορτωθούν. Συνεπώς, αφού ενεργοποιήσετε εξ'ορισμού κλειδιά, έχετε υπόψη να αποεπιλέξετε το πεδίο "Χρήση αρχείων-κλειδιών" όποτε φορτώνετε τέτοιους τόμους.\n\nΕίστε σίγουρος ότι θέλετε να αποθηκεύσετε τα επιλεγμένα αρχεία-κλειδιά/διαδρομές ως εξ'ορισμού; - Αυτοφόρτωση συσκευών - Εκφόρτωση όλων - Διαγραφή cache - Dismount All & Wipe Cache - Εξαναγκασμένη εκφόρτωση όλων & διαγραφή cache - Εξαναγκασμένη εκφόρτωση όλων, διαγραφή cache & έξοδος - Φόρτωση αγαπημένων τόμων - Εμφάνιση/απόκρυψη κύριου παραθύρου VeraCrypt - (Κάντε κλικ εδώ και πιέστε ένα πλήκτρο) - Ενέργεια - Συντόμευση - Σφάλμα: Αυτή η συντόμευση είναι δεσμευμένη. Παρακαλώ επιλέξτε άλλη συντόμευση. - Σφάλμα: Η συντόμευση ήδη χρησιμοποιείται. - ΠΡΟΣΟΧΗ: Μια ή περισσότερες συντομεύσεις του VeraCrypt δε θα λειτουργήσουν!\n\nΠαρακαλώ σιγουρευθείτε ότι άλλες εφαρμογές και το λειτουργικό σύστημα δε χρησιμοποιούν τις ίδιες συντομεύσεις με το VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - ΠΡΟΣΟΧΗ: Αν αυτή η δυνατότητα απενεργοποιηθεί, οι τόμοι που περιέχουν ανοιχτά αρχεία/φακέλους δε θα μπορούν να εκφορτωθούν.\n\nΕίστε σίγουρος ότι θέλετε να απενεργοποιήσετε αυτή τη δυνατότητα; - ΠΡΟΣΟΧΗ: Τόμοι που περιέχουν ανοιχτά αρχεία/φακέλους ΔΕ θα αυτοεκφορτωθούν.\n\nΓια να το αποφύγετε αυτό ενεργοποιήστε την ακόλουθη επιλογή σε αυτό το παράθυρο διαλόγου:"Ακόμα και αν ο τόμος περιέχει ανοιχτά αρχεία/φακέλους" - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption/decryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - Έχετε προγραμματίσει τη διαδικασία κρυπτογράφησης ή αποκρυπτογράφησης του διαμερίσματος/συσκευής του συστήματος. Η διαδικασία δεν ολοκληρώθηκε ακόμα.\n\nΘέλετε να εκκινήσετε (συνεχίσετε) τη διαδικασία τώρα; - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption/decryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption/decryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Έχετε προγραμματίσει τη διαδικασία κρυπτογράφησης ή αποκρυπτογράφησης του διαμερίσματος/συσκευής του συστήματος. Ωστόσο ο προ-εκκίνησης έλεγχος απέτυχε (ή παρακάμφθηκε).\n\nΣημείωση: Αν αποκρυπτογραφήσατε το διαμέρισμα/συσκευή του συστήματος στο προ-εκκίνησης περιβάλλον, ίσως χρειαστεί να τερματίσετε τη διαδικασία επιλέγοντας 'Σύστημα' > 'Μόνιμη αποκρυπτογράφηση διαμερίσματος/οδηγού συστήματος' από την μπάρα μενού του κύριου παραθύρου του VeraCrypt. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Έξοδος; - Το VeraCrypt δεν έχει αρκετές πληροφορίες για να προσδιορίσει αν θα κρυπτογραφήσει ή θα αποκρυπτογραφήσει. - Το VeraCrypt δεν έχει επαρκείς πληροφορίες για να καθορίσει αν θα κρυπτογραφήσει ή θα αποκρυπτογραφήσει.\n\nΣημείωση: Αν αποκρυπτογραφήσατε το διαμέρισμα/συσκευή του συστήματος στο προ-εκκίνησης περιβάλλον, ίσως χρειαστεί να τερματίσετε τη διαδικασία επιλέγοντας Αποκρυπτογράφηση. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption/decryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted or decrypted. You will be able to resume the process of encryption/decryption and it will continue from the point where it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Θέλετε να διακόψετε και αναβάλετε τη διαδικασία κρυπτογράφησης του διαμερίσματος/συσκευής του συστήματος;\n\nΣημείωση: Μπορείτε να επαναφέρετε τη διαδικασία η οποία θα συνεχιστεί από το σημείο που σταμάτησε. Μπορείτε να το κάνετε αυτό επιλέγοντας 'Σύστημα' > 'Επαναφορά σταματημένης διαδικασίας' από την μπάρα μενού του βασικού παράθυρου του VeraCrypt. Αν θέλετε να τερματίσετε μόνιμα ή να αντιστρέψετε τη διαδικασία κρυπτογράφησης, επιλέξτε 'Σύστημα' > 'Μόνιμη αποκρυπτογράφηση διαμερίσματος/συσκευής συστήματος'. - Θέλετε να διακόψετε και αναβάλετε τη διαδικασία αποκρυπτογράφησης του διαμερίσματος/συσκευής του συστήματος;\n\nΣημείωση: Μπορείτε να επαναφέρετε τη διαδικασία η οποία θα συνεχιστεί από το σημείο που σταμάτησε. Μπορείτε να το κάνετε αυτό επιλέγοντας 'Σύστημα' > 'Επαναφορά σταματημένης διαδικασίας' από την μπάρα μενού του βασικού παράθυρου του VeraCrypt. Αν θέλετε να αντιστρέψετε τη διαδικασία αποκρυπτογράφησης (και να ξεκινήσετε την κρυπτογράφηση), επιλέξτε 'Σύστημα' > 'Κρυπτογράφηση διαμερίσματος/συσκευής συστήματος'. - Σφάλμα: Αποτυχία διακοπής διαδικασίας κρυπτογράφησης/αποκρυπτογράφησης του διαμερίσματος/συσκευής του συστήματος. - Error: Failed to interrupt the process of wiping. - Σφάλμα: Αποτυχία επαναφοράς διαδικασίας κρυπτογράφησης/αποκρυπτογράφησης του διαμερίσματος/συσκευής του συστήματος. - Error: Failed to start the process of wiping. - Ασυνέπεια αποκαταστάθηκε.\n\n\n(Αν αναφέρετε ένα σφάλμα σχετικό με αυτή, παρακαλώ συμπεριλάβετε στην αναφορά σφάλματος τις ακόλουθες τεχνικές πληροφορίες: %hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - ΠΡΟΣΟΧΗ: Η εργασία στο παρασκήνιο του VeraCrypt είναι απενεργοποιημένη. Αν κλείσετε το VeraCrypt δε θα ειδοποιηθήτε αν αποτραπεί ζημιά σε κρυφό τόμο.\n\nΣημείωση: Μπορείτε να κλείσετε την εργασία στο παρασκήνιο όποτε θέλετε με δεξί κλικ στο εικονίδιο του χώρου ειδοποιήσεων και επιλέγοντας "Έξοδος".\n\nΕνεργοποίηση της εργασίας στο παρασκήνιο του VeraCrypt; - Έκδοση αρχείου γλώσσας: %s - Έλεγχος του συστήματος αρχείων στον τόμο VeraCrypt που φορτώθηκε ως %s... - Προσπάθεια επιδιόρθωσης συστήματος αρχείων στον τόμο VeraCrypt που φορτώθηκε ως %s... - Προσοχή: Αυτός ο τόμος έχει κρυπτογραφηθεί με παλαιό κρυπτογράφο.\n\nΌλοι οι κρυπτογράφοι 64-bit-μπλοκ (π.χ. Blowfish, CAST-128, ή Triple DES) δε συνίστανται. Θα υπάρχει δυνατότητα φόρτωσης αυτού του τόμου χρησιμοποιώντας μελλοντικές εκδόσεις του VeraCrypt, όμως δε θα υπάρξει περαιτέρω βελτίωση αυτών των κρυπτογράφων. Συνιστούμε τη δημιουργία νέου τόμου VeraCrypt κρυπτογραφημένου με κρυπτογράφο 128-bit-μπλοκ (π.χ. AES, Serpent, Twofish, κλπ.) και τη μεταφορά όλων των αρχείων αυτού του τόμου στο νέο. - Το σύστημα σας δεν έχει ρυθμιστεί να αυτοφορτώνει νέους τόμους. Μπορεί να είναι αδύνατο να φορτωθούν τόμοι-συσκευές του VeraCrypt. Η αυτοφόρτωση μπορεί να ενεργοποιηθεί εκτελώντας την ακόλουθη εντολή και κάνοντας επανεκκίνηση.\n\nmountvol.exe /E - Παρακαλώ ορίστε ένα γράμμα οδηγού για το διαμέρισμα/συσκευή πριν συνεχίσετε ("Πίνακας Ελέγχου" > "Επιδόσεις και Συντήρηση" > "Εργαλεία Διαχείρισης" > "Διαχείριση Υπολογιστή" > "Διαχείριση Δίσκων").\n\nΣημειώστε ότι αυτό είναι μια απαίτηση του λειτουργικού συστήματος. - Φόρτωση τόμου VeraCrypt - Εκφόρτωση όλων των τόμων VeraCrypt - Το VeraCrypt απέτυχε να αποκτήσει δικαιώματα Διαχειριστή. - Η πρόσβαση απορρίφθηκε από το λειτουργικό σύστημα.\n\nΠιθανή αιτία: Το λειτουργικό σύστημα απαιτεί να έχετε άδεια ανάγνωσης/εγγραφής (ή δικαιώματα διαχειριστή) για συγκεκριμένους φακέλους, αρχεία και συσκευές για να σας επιτρέπεται να διαβάζετε και να γράφετε δεδομένα από/σε αυτά. Φυσιολογικά, σε ένα χρήστης χωρίς δικαιώματα διαχειριστή επιτρέπεται να δημιουργήσει, προσπελάσει και τροποποιήσει αρχεία στο φάκελο των Εγγράφων του. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - Ο Εκκινητής VeraCrypt χρειάζεται τουλάχιστον 32 KB ελεύθερο χώρο στην αρχή του οδηγού συστήματος (για να αποθηκευτεί εκεί). Δυστυχώς, ο οδηγός σας δεν πληρεί αυτήν την προυπόθεση.\n\nΠαρακαλώ ΜΗΝ το αναφέρετε αυτό σαν πρόβλημα του VeraCrypt. Για να λύσετε αυτό το πρόβλημα, θα πρέπει να κατανέμετε ξανά τα διαμερίσματα του δίσκου και να αφήσετε τα πρώτα 32 KB του δίσκου ελεύθερα (τις περισσότερες φορές θα χρειαστεί να διαγράψετε και να ξαναδημιουργήσετε το πρώτο διαμέρισμα). Συνιστούμε να χρησιμοποιήσετε τον διαχειριστή διαμερισμάτων της Microsoft που είναι διαθέσιμος π.χ. όταν εγκαθιστάτε τα Windows. - Το χαρακτηριστικό δεν υποστηρίζεται στην έκδοση του λειτουργικού συστήματος που χρησιμοποιείτε. - Το VeraCrypt δεν υποστηρίζει κρυπτογράφηση διαμερίσματος/συσκευής του συστήματος στην έκδοση του λειτουργικού συστήματος που χρησιμοποιείτε. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Ο οδηγός του συστήματος σας έχει GUID κατάλογο διαμερισμάτων (GPT). Προς το παρόν, μόνο οδηγοί με MBR κατάλογο διαμερισμάτων υποστηρίζονται. - ΠΡΟΣΟΧΗ: Ο Εκκινητής VeraCrypt είναι ήδη εγκατεστημένος στον οδηγό του συστήματος σας!\n\nΕίναι πιθανόν ένα άλλο σύστημα στον υπολογιστή σας να είναι ήδη κρυπτογραφημένο.\n\nΠΡΟΣΟΧΗ: Η ΚΡΥΠΤΟΓΡΑΦΗΣΗ ΤΟΥ ΤΡΕΧΟΝΤΟΣ ΣΥΣΤΗΜΑΤΟΣ ΜΠΟΡΕΙ ΝΑ ΚΑΝΕΙ ΑΛΛΑ ΣΥΣΤΗΜΑΤΑ ΑΔΥΝΑΤΑ ΝΑ ΕΚΚΙΝΗΣΟΥΝ ΚΑΙ ΣΧΕΤΙΚΑ ΔΕΔΟΜΕΝΑ ΜΗ ΠΡΟΣΒΑΣΙΜΑ.\n\nΕίστε σίγουρος ότι θέλετε να συνεχίσετε; - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - Ο αυθεντικός εκκινητής συστήματος δε θα αποθηκευτεί στο Δίσκο Ασφαλείας (πιθανόν λόγω απουσίας αρχείου αντιγράφου ασφαλείας). - Αποτυχία εγγραφής τομέα MBR.\n\nΤο BIOS σας μπορεί να είναι ρυθμισμένο να τον προστατεύει. Ελέγξτε τις ρυθμίσεις του BIOS (πιέστε F2, Delete ή Esc, αφού ανοίξετε τον υπολογιστή σας) για προστασία MBR/Antivirus. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - Το διαμέρισμα/συσκευή του συστήματος φαίνεται να είναι εξ'ολοκλήρου κρυπτογραφημένο. - Το VeraCrypt δεν υποστηρίζει κρυπτογράφηση οδηγού συστήματος που έχει μετατραπεί σε ένα δυναμικό δίσκο. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Θέλετε να κρυπτογραφήσετε το διαμέρισμα του συστήματος αντί για όλο τον οδηγό;\n\nΣημειώστε ότι μπορείτε να δημιουργήσετε διαμερίσματα-τόμους VeraCrypt μέσα σε οποιοδήποτε μη-συστήματος διαμέρισμα του οδηγού (επιπλέον της κρυπτογράφησης όλου του διαμερίσματος του συστήματος). - Αφού ο οδηγός του συστήματος σας περιέχει μόνο ένα διαμέρισμα που απασχολεί όλο τον οδηγό, είναι προτιμότερο (πιο ασφαλές) να κρυπτογραφήσετε όλο τον οδηγό συμπεριλαμβανομένου του ελεύθερου χώρου.\n\nΘέλετε να κρυπτογραφήσετε όλο τον οδηγό του συστήματος; - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - Αυτός ο αλγόριθμος προς το παρόν δεν υποστηρίζεται για κρυπτογράφηση συστήματος. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - Προειδοποίηση: Το VeraCrypt δεν μπόρεσε να επαναφέρει την αρχική διάταξη του πληκτρολογίου. Αυτό μπορεί να προκαλέσει εσφαλμένη εισαγωγή κωδικού. - Σφάλμα: Αδυναμία ορισμού διάταξης πληκτρολογίου για το VeraCrypt σε Η.Π.Α..\n\nΣημειώστε ότι ο κωδικός πρέπει να πληκτρολογηθεί στο περιβάλλον πριν την εκκίνηση των Windows όπου μη-Η.Π.Α. διατάξεις πληκτρολογίου δεν είναι διαθέσιμες. Γι'αυτό ο κωδικός πρέπει πάντα να πληκτρολογείται με χρήση διάταξης πληκτρολογίου Η.Π.Α. - Καθώς το VeraCrypt άλλαξε προσωρινά τη διάταξη του πληκτρολογίου σε Η.Π.Α., δεν είναι δυνατόν να πληκτρολογήσετε με το δεξί Alt πατημένο. Ωστόσο, μπορείτε να πληκτρολογήσετε τους περισσότερους τέτοιους χαρακτήρες έχοντας πατημένο το Shift. - Το VeraCrypt απέτρεψε την αλλαγή της διάταξης του πληκτρολογίου. - Σημείωση: Ο κωδικός πρέπει να πληκτρολογηθεί στο προ-εκκίνησης περιβάλλον (πριν εκκινήσουν τα Windows) όπου μη-Η.Π.Α. διατάξεις πληκτρολογίου δεν είναι διαθέσιμες. Γι'αυτό ο κωδικός πρέπει πάντα να πληκτρολογείται χρησιμοποιώντας διάταξη πληκτρολογίου Η.Π.Α. Ωστόσο σημειώστε ότι ΔΕ χρειάζεστε ένα πραγματικό πληκτρολόγιο Η.Π.Α. Το VeraCrypt διασφαλίζει αυτόματα ότι μπορείτε να τυπώσετε ασφαλώς τον κωδικό (τώρα και στο προ-εκκίνησης περιβάλλον) ακόμα και αν ΔΕΝ έχετε ένα πραγματικό πληκτρολόγιο Η.Π.Α. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - Σφάλμα: Αδυναμία αποθήκευσης ρυθμίσεων κρυπτογράφησης συστήματος. - Αδυναμία αρχικοποίησης προεξέτασης κρυπτογράφησης συστήματος. - Cannot initiate the process of creation of the hidden operating system. - Μέθοδος ασφαλούς διαγραφής - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - Κανένα (γρηγορότερο) - 1 πέρασμα (τυχαία δεδομένα) - 3 περάσματα (US DoD 5220.22-M) - 7 περάσματα (US DoD 5220.22-M) - 35 περάσματα ("Gutmann") - 256 περάσματα - Αριθμός λειτουργικών συστημάτων - ΠΡΟΣΟΧΗ: Άπειροι χρήστες δεν πρέπει να επιχειρούν να κρυπτογραφήσουν τα Windows σε διαμορφώσεις πολλαπλής εκκίνησης.\n\nΣυνέχεια; - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Οδηγός εκκίνησης - Είναι το τρέχων λειτουργικό σύστημα εγκατεστημένο στον οδηγό εκκίνησης;\n\nΣημείωση: Μερικές φορές τα Windows δεν είναι εγκατεστημένα στον ίδιο οδηγό με τον εκκινητή των Windows (διαμέρισμα εκκίνησης). Αν ισχύει αυτό, επιλέξτε 'Όχι'. - Το VeraCrypt προς το παρόν δεν υποστηρίζει κρυπτογράφηση λειτουργικού συστήματος που δεν εκκινεί απ'τον οδηγό που είναι εγκατεστημένο. - Αριθμός οδηγών συστήματος - Πόσοι οδηγοί περιέχουν λειτουργικό σύστημα;\n\nΣημείωση: Π.χ. αν έχετε ένα λειτουργικό (Windows, Mac OS X, Linux κλπ.) εγκατεστημένο στον πρωτεύοντα οδηγό και πρόσθετο λειτουργικό στον δευτερεύοντα, επιλέξτε '2 ή περισσότερα'. - Το VeraCrypt προς το παρόν δεν υποστηρίζει κρυπτογράφηση ολόκληρου οδηγού που περιέχει πολλά λειτουργικά συστήματα.\n\nΔυνατές λύσεις:\n\n- Μπορείτε να κρυπτογραφήσετε ένα από τα συστήματα αν πάτε πίσω και επιλέξετε να κρυπτογραφήσετε μόνο ένα διαμέρισμα συστήματος (αντί να επιλέξετε κρυπτογράφηση όλου του οδηγού συστήματος).\n\n- Εναλλακτικά, μπορείτε να κρυπτογραφήσετε όλον τον οδηγό αν μετακινήσετε μερικά από τα συστήματα του σε άλλους οδηγούς και αφήσετε μόνο ένα. - Πολλά συστήματα σε έναν οδηγό - Υπάρχουν άλλα λειτουργικά συστήματα εγκατεστημένα στον οδηγό που είναι εγκατεστημένο το τρέχον λειτουργικό;\n\nΣημείωση: Π.χ. αν το τρέχων λειτουργικό είναι εγκατεστημένο στον οδηγό #0, που περιέχει διαμερίσματα και αν ένα από αυτά περιέχει τα Windows και ένα άλλο περιέχει άλλο λειτουργικό (Windows, Mac OS X, Linux κλπ.), επιλέξτε 'Ναι'. - Μη-Windows εκκινητής - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - Πολλαπλής εκκίνησης - Το VeraCrypt προς το παρόν δεν υποστηρίζει διαμορφώσεις πολλαπλής εκκίνησης στις οποίες μη-Windows εκκινητής είναι εγκατεστημένος στο Βασικό Αρχείο Εκκίνησης (MBR).\n\nΔυνατές λύσεις:\n\n- Αν χρησιμοποιείτε διαχειριστή εκκίνησης για τα Windows και το Linux, μετακινήστε τον (συνήθως τον GRUB) απ'το MBR σε ένα διαμέρισμα. Έπειτα ξαναεκκινήστε αυτόν τον Οδηγό και κρυπτογραφήστε το διαμέρισμα/οδηγό του συστήματος. Σημειώστε ότι ο Εκκινητής VeraCrypt θα γίνει ο πρωτεύων διαχειριστής εκκίνησης σας και θα σας επιτρέπει να εκκινήσετε τον πρωταρχικό διαχειριστή (π.χ. GRUB) ως δευτερεύοντα (πιέζοντας Esc στην οθόνη του Εκκινητή VeraCrypt) και έτσι να εκκινήσετε το Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - Εντοπισμός κρυφών τομέων - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - Περιοχή προς κρυπτογράφηση - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Συλλογή τυχαίων δεδομένων - Τα κλειδιά δημιουργήθηκαν - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Εγγραφή Δίσκου Ασφαλείας - Ο Δίσκος Ασφαλείας δημιουργήθηκε - Προέλεγχος κρυπτογράφησης συστήματος - Ο Δίσκος Ασφαλείας επαληθεύτηκε - \nΟ Δίσκος Ασφαλείας VeraCrypt επαληθεύτηκε επιτυχώς. Παρακαλώ αφαιρέστε τον από τον οδηγό και τοποθετήστε τον σε ασφαλές μέρος.\n\nΠιέστε Επόμενο για να συνεχίσετε. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - Προσοχή: Λόγω τεχνικών περιορισμών του περιβάλλοντος πριν την εκκίνηση (πριν τα Windows εκκινήσουν), κείμενα που εμφανίζονται σ'αυτό από το VeraCrypt δεν μπορούν να εμφανιστούν στην τοπική γλώσσα. Το περιβάλλον εργασίας του Εκκινητή VeraCrypt είναι αποκλειστικά στα Αγγλικά.\n\nΣυνέχεια; - Πριν κρυπτογραφήσετε το διαμέρισμα ή οδηγό του συστήματος σας, το VeraCrypt χρειάζεται να επαληθεύσει ότι δουλεύει σωστά.\n\nΑφού πιέσετε Δοκιμή, όλα τα απαραίτητα στοιχεία (π.χ. ο Εκκινητής VeraCrypt) θα εγκατασταθούν και ο υπολογιστής θα επανεκκινηθεί. Μετά θα πρέπει να εισάγετε τον κωδικό σας στην οθόνη του Εκκινητή VeraCrypt που θα εμφανιστεί πριν εκκινήσουν τα Windows. Μετά την εκκίνηση των Windows, θα ενημερωθείτε αυτόματα για τα αποτελέσματα αυτού του προέλεγχου.\n\nΗ ακόλουθη συσκευή θα τροποποιηθεί: Οδηγός #%d\n\n\nΑν πιέστε τώρα Ακύρωση, τίποτα δε θα εγκατασταθεί και ο προέλεγχος δε θα πραγματοποιηθεί. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Ο προέλεγχος ολοκληρώθηκε - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - Θέλετε να ακυρώσετε τον προέλεγχο της κρυπτογράφησης συστήματος; - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - Το διαμέρισμα/οδηγός του συστήματος δε φαίνεται κρυπτογραφημένο (ούτε μερικώς ούτε ολόκληρο). - Το διαμέρισμα/οδηγός του συστήματος είναι κρυπτογραφημένο (μερικώς ή ολόκληρο).\n\nΠαρακαλώ αποκρυπτογραφήστε το ολοκληρωτικά πριν συνεχίσετε. Για να το κάνετε αυτό, επιλέξτε 'Σύστημα' > 'Μόνιμη αποκρυπτογράφηση διαμερίσματος/οδηγού συστήματος' από το μενού του κύριου παράθυρου του VeraCrypt. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Το διαμέρισμα/οδηγός του συστήματος αυτή τη στιγμή κρυπτογραφείται, αποκρυπτογραφείται ή τροποποιείται. Παρακαλώ διακόψτε τη διαδικασία κρυπτογράφησης, αποκρυπτογράφησης ή τροποποίησης (ή περιμένετε να ολοκληρωθεί) πριν συνεχίσετε. - Μια διεργασία του Οδηγου Δημιουργίας Τόμου τρέχει τώρα στο σύστημα και διενεργεί ή προετοιμάζει κρυπτογράφηση/αποκρυπτογράφηση του διαμερίσματος/οδηγού του συστήματος. Πριν συνεχίσετε, παρακαλώ περιμένετε να τελειώσει ή κλείστε τον. Αν δεν μπορείτε να τον κλείσετε, παρακαλώ κάντε επανεκκίνηση πριν συνεχίσετε. - Η διαδικασία κρυπτογράφησης ή αποκρυπτογράφησης του διαμερίσματος/οδηγού του συστήματος δεν έχει ολοκληρωθεί. Παρακαλώ περιμένετε να ολοκληρωθεί πριν συνεχίσετε. - Σφάλμα: Η διαδικασία κρυπτογράφησης του διαμερίσματος/οδηγού δεν ολοκληρώθηκε. Πρέπει πρώτα να ολοκληρωθεί. - Error: The process of encryption or decryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - Σφάλμα: Λάθος/άκυρη παράμετρος. - Επιλέξατε διαμέρισμα ή συσκευή αλλά ο Οδηγός που επιλέξατε είναι μόνο για αρχεία-τόμους.\n\nΘέλετε να αλλάξετε τον Οδηγό; - Θέλετε να δημιουργήσετε ένα αρχείο-τόμο VeraCrypt αντ'αυτού; - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Είστε σίγουρος ότι θέλετε να αποκρυπτογραφήσετε μόνιμα το διαμέρισμα/συσκευή του συστήματος; - ΠΡΟΣΟΧΗ: Αν αποκρυπτογραφήσετε μόνιμα το διαμέρισμα/συσκευή του συστήματος, μη-κρυπτογραφημένα δεδομένα θα γραφούν σ'αυτό.\n\nΕίστε απόλυτα σίγουρος ότι θέλετε να αποκρυπτογραφήσετε μόνιμα το διαμέρισμα/συσκευή του συστήματος; - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - Αν αντιμετωπίσετε κάποιο από τα προαναφερθέντα προβλήματα, αποκρυπτογραφήστε το διαμέρισμα/οδηγό (αν είναι κρυπτογραφημένο) και δοκιμάστε να το κρυπτογραφήσετε χρησιμοποιώντας έναν όχι σε σειρά αλγόριθμο κρυπτογράφησης (π.χ. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - Ο Εκκινητής VeraCrypt αναβαθμίστηκε.\n\nΣυνίσταται να δημιουργήσετε ένα νέο Δίσκο Ασφαλείας VeraCrypt (ο οποίος θα περιέχει τη νέα έκδοση του Εκκινητή VeraCrypt) επιλέγοντας 'Σύστημα' > 'Δημιουργία Δίσκου Ασφαλείας' αφού επανεκκίνησετε τον υπολογιστή σας. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Αποτυχία αναβάθμισης Εκκινητή VeraCrypt. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - ΠΡΟΣΟΧΗ: Φαίνεται ότι το VeraCrypt ήδη προσπάθησε να εντοπίσει κρυφούς τομείς σ'αυτόν τον οδηγό του συστήματος. Αν συναντήσατε προβλήματα κατά την προηγούμενη διαδικασία εντοπισμού, μπορείτε να τα αποφύγετε παρακάμπτοντας τον εντοπισμό κρυφών τομέων τώρα. Σημειώστε ότι αν το κάνετε αυτό, το VeraCrypt θα χρησιμοποιήσει το μέγεθος που αναφέρθηκε από το λειτουργικό σύστημα (που μπορεί να είναι μικρότερο από το πραγματικό μέγεθος του οδηγού).\n\nΣημειώστε ότι αυτό το πρόβλημα δεν προκαλείται από το VeraCrypt. - Παράκαμψη εντοπισμού κρυφών τομέων (χρήση μεγέθους που αναφέρθηκε από το λειτουργικό σύστημα) - Επανάληψη εντοπισμού κρυφών τομέων - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Δίσκος Ασφαλείας - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Έλεγχος - Αρχείο-κλειδί - Backspace - Tab - Clear - Enter - Pause - Caps Lock - Spacebar - Page Up - Page Down - End - Home - Left Arrow - Up Arrow - Right Arrow - Down Arrow - Select Key - Print Key - Execute Key - Print Screen - Insert - Delete - Applications Key - Sleep - Num Lock - Scroll Lock - Browser Back - Browser Forward - Browser Refresh - Browser Stop - Browser Search - Browser Favorites - Browser Home - Mute - Volume Down - Volume Up - Next Track - Previous Track - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Application 1 - Application 2 - Attn - CrSel - ExSel - Play - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Ακύρωση + Εγκατάσταση &για όλους τους χρήστες + Αναζή&τηση... + Προσθήκη VeraCrypt στην ε&πιφάνεια εργασίας + Donate now... + Συσχέτιση της &επέκτασης αρχείων .hc με το VeraCrypt + Ά&νοιγμα του τόπου προορισμού με τη λήξη + Προσθήκη του VeraCrypt στο μεν&ού Έναρξη + Δημιουργία σημείου επα&ναφοράς συστήματος + Απε&γκ/σταση + &Εξαγωγή + &Εγκατάσταση + Οδηγός εγκατάστασης VeraCrypt + Απεγκατάσταση VeraCrypt + &Βοήθεια + Παρακαλώ επιλέξτε ή πληκτρολογήστε την τοποθεσία που θέλετε να εξαχθούν τα αρχεία: + Παρακαλώ επιλέξτε ή πληκτρολογήστε την τοποθεσία που θέλετε να εγκαταστήσετε το VeraCrypt. Αν ο καθορισμένος φάκελος δεν υπάρχει, θα δημιουργηθεί αυτόματα. + Πιέστε Απεγκατάσταση για να απεγκαταστήσετε το VeraCrypt από αυτό το σύστημα. + Ακύρωση + &Benchmark + &Δοκιμή + Create encrypted volume and format it + Encrypt partition in place + Εμφάνιση δημιουργημένων κλειδιών (των τμημάτων τους) + Εμφάνιση περ/νου δεξαμενής + Κατέβασμα λογισμικού εγγραφής CD/DVD + Create an encrypted file container + &GB + &TB + More information + Κρυ&φός τόμος VeraCrypt + Περισσότερες πληροφορίες για κρυφούς τόμους + Άμεση μέθοδος + Κανονική μέθοδος + &KB + Χ&ρήση αρχ.-κλειδιού + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + Αρ&χεία-κλειδιά + Πληροφορίες για αλγόριθμους hash + Περισσότερες πληροφορίες + Information on PIM + &MB + Περισσότερες πληροφορίες + Περισσότερες πληροφορίες για την κρυπτογράφηση συστήματος + Περισσότερες πληροφορίες + Πολλαπλής εκκίνησης + Encrypt a non-system partition/drive + Όχι απο&θήκευση ιστορικού + Άνοιγμα εξωτερ. τόμου + &Παύση + Use P&IM + Use PIM + Γρήγορη διαμόρφωση + Εμφάνιση &κωδικού + &Display password + &Display PIM + Μονής εκκίνησης + Απλός τόμος VeraCrypt + Hi&dden + Normal + Κρυπτογράφηση του συστήματος + Κρυπτογράφηση του διαμερίσματος των Windows + Κρυπτογράφηση ολόκληρου του οδηγού + Οδηγός δημιουργίας τόμου VeraCrypt + Ομάδα + ΣΗΜΑΝΤΙΚΟ: Κινήστε το ποντίκι όσο πιο τυχαία γίνεται μέσα σε αυτό το παράθυρο. Όσο περισσότερο, τόσο καλύτερα. Αυτό αυξάνει σημαντικά την κρυπτογραφική ικανότητα των κλειδιών κρυπτογράφησης. Κατόπιν πιέστε Επόμενο για να συνεχίσετε. + &Επιβεβαίωση: + Ολ/θηκε + Drive letter: + Αλγόριθμος κρυπτογράφησης + Σύστημα αρχείων + Δημιουργεί έναν εικονικό κρυπτογραφημένο δίσκο μέσα σε ένα αρχείο. Συνίσταται για μη έμπειρους χρήστες. + Επιλογές + Αλγόριθμος hash + Κλειδί header: + Απομένει + Βασικό κλειδί: + Επιλέξτε αυτή τη δυνατότητα αν έχετε εγκατεστημένα δύο ή περισσότερα λειτουργικά συστήματα. + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + Τρέχον περιεχόμενο δεξαμενής (μερικό) + Pass + Κωδικός: + Volume PIM: + Volume PIM: + Πρόοδος: + Δεξαμενή: + Επιλέξτε αυτή τη δυνατότητα αν έχετε εγκατεστημένο μόνο ένα λειτουργικό σύστημα (ακόμα και αν έχει πολλαπλούς χρήστες). + Ταχύτητα + Κατάσταση + Τα κλειδια και άλλα δεδομένα δημιουργηθήκαν επιτυχώς. Αν θέλετε να δημιουργήσετε νέα κλειδια πιέστε Πίσω και μετά Επόμενο. Αλλιώς πιέστε Επόμενο για να συνεχίσετε. + Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Μέθοδος εκκαθάρισης: + Κλείσιμο + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + Αδράνεια + &Αυτοφόρτωση τόμου VeraCrypt (που καθορίστηκε παρακάτω) + &Εκκίνηση VeraCrypt + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + Αναζήτηση... + Αναζήτηση... + Αποθήκευση κωδικών και αρχείων-κλει&διών στη μνήμη + Έξοδος όταν δεν υπάρχουν φορτωμένοι τόμοι + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + Να περιλάβει και τον Οδηγό δημιουργίας τόμου VeraCrypt + Δημιουργία + &Δημιουργία τόμου + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Χρήση αρχ.-κλειδιών + Χρήση αρχ.-κλειδιών + Έ&ξοδος + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Καθορισμός + Απομάκρυνση + Αρχεία-κλειδιά + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + &Αυτοφόρτωση συσκευών + Επι&λογές φόρ/σης + Φόρτωση τόμου μόνο για ανάγ&νωση + Αρχεία-κλειδιά + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Ενεργοποιημένο + Αποθ/ση κωδικών στη μνήμη του οδηγού + Όταν δε διαβάζονται/γράφονται δεδομένα σ'αυτόν για + Αποσύνδεση χρήστη + User session locked + Λειτουργία χαμηλής κατανάλωσης + Ενεργή προστασία οθόνης + Εξαναγκασμένη ακόμα και αν ο τόμος έχει ανοικτά αρχεία/φακέλους + Φόρτωση όλων των τόμων-συσκευών VeraCrypt + Start VeraCrypt Background Task + Φόρτωση τόμων ως μόνο για ανάγνωση + Φόρτωση τόμων ως αποσπώμενα μέσα + Άνοιγμα Explorer για τους επιτυχώς φορτωμένους τόμους + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Διαγραφή κωδικών από τη μνήμη κατά την αυτοεκφόρτωση + Διαγρ. κωδικών από τη μνήμη κατά την έξοδο + Preserve modification timestamp of file containers + Επαναρύθμιση + Επιλογή σ&υσκευής + Επιλογή αρχε&ίου + Select &Library... + Εμφάνιση κωδικού + Εμφάνιση κωδικού + Άνοιγμα &Explorer για φορτωμένους τόμους + &Αποθήκευση κωδικών στη μνήμη του οδηγού + TrueCrypt Mode + Εκ&φόρτωση όλων + &Ιδιότητες τόμου... + Εργαλεία &τόμου... + &Διαγραφή μνήμης cache + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - Συντομεύσεις + VeraCrypt + Αλλαγή κωδικού ή αρχείων-κλειδιών + Εισαγωγή κωδικού τόμου VeraCrypt + VeraCrypt - Performance and Driver Options + VeraCrypt - Επιλογές + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + Δημιουργία φορητού δίσκου VeraCrypt + Ιδιότητες τόμου VeraCrypt + Περί... + Προσθήκη/Διαγραφή αρχείων-κλειδιών σε/από τόμο... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Δημιουργία αντιγράφου ασφαλείας header... + Benchmark... + Ορισμός κλειδιού αλγορίθμου δημιουργίας header... + Αλλαγή κωδικού τόμου και αρχείων-κλειδιών... + Καθορισμός αλγόριθμου παραγωγής κλειδιού header... + Αλλαγή κωδικού... + Διαγραφή ιστορικού τόμου + Close All Security Token Sessions + Επικοινωνία... + Create Hidden Operating System... + Δημιουργία Δίσκου Ασφαλείας... + Δημιουργία νέου τόμου... + Permanently Decrypt... + Εξ'ορισμού αρχεία-κλειδιά... + Default Mount Parameters... + Donate now... + Κρυπτογράφηση διαμερίσματος/οδηγού συστήματος... + Συχνές ερωτήσεις + Οδηγός χρήσης + &Ιστοτόπος + Συντομεύσεις... + Δημιουργός αρχείων-κλειδιών + Γλώσσα... + Νομικές επισημάνσεις + Manage Security Token Keyfiles... + Αυτοφόρτωση όλων των τόμων-συσκευών + Φόρτωση αγαπημένων τόμων + Φόρτωση χωρίς &προ-εκκίνησης έλεγχο αυθεντικότητας... + Φόρτωση τόμων + Φόρτωση τόμου με επιλογές + Νέα + Διαδικτυακή βοήθεια + Οδηγός αρχαρίων + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Μόνιμη αποκρυπτογράφηση διαμερίσματος/οδηγού συστήματος + Επιλογές... + Επανέλεγχος γραμμάτων οδηγών + Απομάκρυνση όλων των αρχείων-κλειδιών από τόμο... + Επανάκτηση header... + Resume Interrupted Process + Επιλογή συσκευής... + Επιλογή αρχείου... + Επαναφορά σταματημένης διαδικασίας + System Encryption... + Properties... + Settings... + System Favorite Volumes... + Μεταφορτώσεις + Δοκιμή ανυσμάτων... + Security Tokens... + Δημιουργία φορητού δίσκου... + Εκφόρτωση όλων των φορτωμένων τόμων + Εκφόρτωση τόμων + Επαλήθευση Δίσκου Ασφαλείας + Verify Rescue Disk ISO Image + Ιστορικό εκδόσεων + Volume Expander + Ιδιότητες τόμου + Οδηγός δημιουργίας τόμου + Ιστοτόπος VeraCrypt + Διαγραφή κωδικών από μνήμη + OK + Hardware Acceleration + Συντόμευση + Ρύθμιση αυτόματης εκκίνησης (autorun.inf) + Αυτοεκφόρτωση + Εκφόρτωση όλων όταν: + Boot Loader Screen Options + Επιβεβαίωση κωδικού: + Τρέχων + Display this custom message in the pre-boot authentication screen (24 characters maximum): + Εξ'ορισμού επιλογές φόρτωσης + Επιλογές συντομεύσεων + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Ρυθμίσεις αρχείων + Καθορισμός πλήκτρου: + Processor (CPU) in this computer supports hardware acceleration for AES: + Ενέργειες με τη σύνδεση στα Windows + λεπτά + Φόρτωση τόμου ως οδηγού γράμματος: + Ρυθμίσεις φόρτωσης + Νέος + Κωδικός: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + Cache κωδικού + Security Options + Εργασία VeraCrypt στο παρασκήνιο + Τόμος VeraCrypt προς φόρτωση (σχετικό με την πηγή του φορητού δίσκου): + Με την εισαγωγή φορητού δίσκου: + Δημιουργία αρχείων φορητού δίσκου σε (πηγαίος φάκελος φορητού δίσκου): + Τόμος + Windows + Προσθ. &διαδρομής + &Αυτοέλεγχος όλων + &Continue + &Αποκρυπ/φηση + &Delete + &Κρυπτ/φηση + &Export... + Δημιουργία-αποθ/ση αρχείου-κλειδιού + &Δημιουργία τυχαίου αρχείου κλειδιού + Μεταφόρτωση αρχείου γλώσσας + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + Χ&ρήση αρχείου-κλειδιού + &Αρχεία-κλειδιά + &Διαγραφή + Διαγραφή &όλων + Τι είναι η προστασία κρυφού τόμου; + More information on keyfiles + Φόρτωση τόμου ως αποσπώμενο &μέσο + Φόρτωση διαμερίσματος με &χρήση κρυπτογράφησης συστήματος χωρίς προ-εκκίνησης έλεγχο αυθεντικότητας + Parallelization: + Benchmark + &Εκτύπωση + &Προστασία κρυφού τόμου από ζημιά λόγω εγγραφής σε εξωτερικό τόμο + &Επαναρύθμιση + &Εμφάνιση κωδικού + Add &Token Files... + Use backup header embedded in &volume if available + Κατάσταση XTS + Περί VeraCrypt + VeraCrypt - Benchmark αλγόριθμου κρυπτογράφησης + VeraCrypt - Δοκιμή ανυσμάτων + Βοήθεια γραμμής εντολών + VeraCrypt - Αρχεία-κλειδιά + VeraCrypt - Δημιουργός αρχείων-κλειδιών + VeraCrypt - Γλώσσα + VeraCrypt - Επιλογές φόρτωσης + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Επιλογή διαμερίσματος ή συσκευής + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Ενεργή γλώσσα + Η ταχύτητα επηρεάζεται από το φορτίο του επεξεργαστή και τα χαρακτηριστικά της συσκευής αποθήκευσης.\n\nΑυτές οι δοκιμές γίνονται στη RAM. + Μέγεθος buffer: + Κρυπτογράφος: + Κ&ωδικός στον κρυφό τόμο: + Προστασία κρυφού τόμου + Μέγεθος κλειδιού: + ΣΗΜΑΝΤΙΚΟ: Κινήστε το ποντίκι όσο πιο τυχαία γίνεται μέσα σε αυτό το παράθυρο. Όσο περισσότερο, τόσο καλύτερα. Αυτό αυξάνει σημαντικά την κρυπτογραφική ικανότητα των αρχείων-κλειδιών. + ΠΡΟΣΟΧΗ: Αν χάσετε ένα αρχείο-κλειδί ή κάποιο bit από τα πρώτα 1024 ΚΒ του αλλάξει, θα είναι αδύνατο να φορτώσετε τόμους που το χρησιμοποιούν! + bits + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Μετάφραση: + Μέγεθος απλού κειμένου: + bits + Περιεχόμενο τρέχουσας δεξαμενής + Μίξη PRF: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Δευτερεύον κλειδί (16δικό) + Security token: + Μέθοδος ταξινόμησης: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Αριθμός μπλοκ: + Κρυπτοκείμενο (δεκαεξαδικό) + Αριθμός μονάδων δεδομένων(64-bit 16δικό, μέγεθος μονάδας δεδομένων 512 bytes) + Κλειδί (δεκαεξαδικό) + Απλό κείμενο (δεκαεξαδικό) + Keyfile name: + Κατάσταση XTS + Σ&ύστημα + &Τόμοι + Favor&ites + Ερ&γαλεία + Settin&gs + &Βοήθεια + Ισ&τοτόπος + + &Περί... + Το χαρακτηριστικό "μόνο για ανάγνωση" στον παλιό τόμο σας δεν άλλαξε. Παρακαλώ ελέγξτε τις ρυθμίσεις προσβασιμότητας του αρχείου. + Σφάλμα: Άρνηση πρόσβασης.\n\nΤο διαμέρισμα που προσπαθείτε να αποκτήσετε πρόσβαση είναι ή μήκους 0 τομέων ή στη συσκευή εκκίνησης. + Administrator + Για να φορτώσετε τον οδηγό VeraCrypt, πρέπει να συνθεθείτε ως διαχειριστής. + Παρακαλώ σημειώστε ότι για να κρυπτογραφήσετε/διαμορφώσετε ένα διαμέρισμα/συσκευή πρέπει να έχετε δικαιώματα διαχειριστή.\n\nΑυτό δεν ισχύει για τους τόμους σε αρχεία. + Για να δημιουργήσετε κρυφό τόμο πρέπει να έχετε δικαιώματα διαχειριστή.\n\nΣυνέχεια; + Παρακαλώ σημειώστε ότι για να διαμορφώσετε τον τόμο σε NTFS πρέπει να έχετε δικαιώματα διαχειριστή.\n\nΧωρίς δικαιώματα διαχειριστή μπορείτε να διαμορφώσετε τον τόμο σε FAT. + Κρυπτογράφος εγκεκριμένος από την FIPS (Rijndael, δημοσιεύτηκε το 1998) που μπορεί να χρησιμοποιηθεί από υπηρεσίες των Η.Π.Α. για προστασία μέχρι άκρως απορρήτων πληροφοριών. Κλειδί 256-bit, μπλοκ 128-bit, 14 γύροι (AES-256). Κατάσταση λειτουργίας XTS. + Ο τόμος είναι ήδη φορτωμένος. + ΠΡΟΣΟΧΗ: Τουλάχιστον ένας αλγόριθμος κρυπτογράφησης ή τυχαίων αριθμών απέτυχε στους ενσωματωμένους αυτοελέγχους!\n\nΗ εγκατάσταση του VeraCrypt μπορεί να έχει φθαρεί. + ΠΡΟΣΟΧΗ: Δεν υπάρχουν αρκετά δεδομένα στη Γεννήτρια Τυχαίων Αριθμών για να παρέχουν την αιτηθείσα ποσότητα δεδομένων.\n\nΔε θα πρέπει να συνεχίσετε. Παρακαλώ επιλέξτε "Αναφορά σφάλματος" από το μενού Βοήθεια και αναφέρετε αυτό το σφάλμα. + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Μη έγκυρο γράμμα οδηγού. + Μη έγκυρη διαδρομή. + Ακύρωση + Αδύνατη η πρόσβαση στη συσκευή. Σιγουρευτείτε ότι η επιλεγμένη συσκευή υπάρχει και δεν χρησιμοποιείται από το σύστημα. + Προειδοποίηση: είναι ενεργοποιημένο το Caps Lock. Αυτό μπορεί να προκαλέσει λανθασμένη εισαγωγή κωδικού. + Τύπος τόμου + Μπορεί να αναγκαστείτε από κάποιον να αποκαλύψετε τον κωδικό ενός κρυπτογραφημένου τόμου. Η χρήση ενός κρυφού τόμου σας επιτρέπει να ξεπεράσετε τέτοιες καταστάσεις, χωρίς να αποκαλύψετε τον κωδικό σας. + Επιλέξτε αυτή τη δυνατότητα, αν θέλετε να δημιουργήσετε έναν κανονικό τόμο VeraCrypt. + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + Επιλογές κρυπτ/σης εξωτερικού τόμου + Επιλογές κρυπτ/σης κρυφού τόμου + Επιλογές κρυπτογράφησης + ΠΡΟΣΟΧΗ: Αποτυχία καθαρισμού διαδρομής του τελευταίου τόμου/αρχείου-κλειδιού που επιλέχθηκε (καταγεγραμμένου από τον επιλογέα αρχείων)! + Σφάλμα: Το αρχείο-τόμος έχει συμπιεστεί στο επίπεδο του συστήματος αρχείων. Το VeraCrypt δεν υποστηρίζει συμπιεσμένα αρχεία-τόμους (σημειωτέον ότι η συμπίεση κρυπτογραφημένων δεδομένων είναι αναποτελεσματική και περιττή).\n\nΠαρακαλώ απενεργοποιήστε τη συμπίεση για το αρχείο-τόμο ακολουθώντας τα εξής: 1) Κάντε δεξί κλικ στο αρχείο-τόμο στον Windows Explorer (όχι στο VeraCrypt). 2) Επιλέξτε "Ιδιότητες". 3) Επιλέξτε "Για προχωρημένους" και απενεργοποιήστε την επιλογή "Συμπίεση περιεχομένων για εξοικονόμηση χώρου στο δίσκο". + Αποτυχία δημιουργίας τόμου %s + Μέγεθος %s %.2f bytes + Μέγεθος %s %.2f KB + Μέγεθος %s %.2f MB + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + ΠΡΟΣΟΧΗ: Η συσκευή/διαμέρισμα είναι σε χρήση από το λειτουργικό σύστημα ή εφαρμογές. Η διαμόρφωση της μπορεί να προκαλέσει απώλεια δεδομένων και αστάθεια συστήματος.\n\nΣυνέχεια; + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + Σφάλμα: Η συσκευή/διαμέρισμα περιέχει ένα σύστημα αρχείων που δεν μπόρεσε να εκφορτωθεί. Το σύστημα αρχείων μπορεί να είναι σε χρήση από το λειτουργικό σύστημα. Η διαμόρφωση της συσκευής/διαμερίσματος πιθανότατα θα προκαλέσει απώλεια δεδομένων και αστάθεια συστήματος.\n\nΓια να επιλύσετε το πρόβλημα προτείνουμε να διαγράψετε πρώτα το διαμέρισμα και να το ξαναδημιουργήσετε χωρίς διαμόρφωση. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + ΠΡΟΣΟΧΗ: Ορισμένες από τις φορτωμένες συσκευές/διαμερίσματα ήταν ήδη σε χρήση!\n\nΗ παράβλεψη μπορεί να οδηγήσει σε ανεπιθύμητα αποτελέσματα και αστάθεια συστήματος.\n\nΣυνιστούμε να κλείσετε κάθε εφαρμογή που μπορεί να χρησιμοποιεί τις συσκευές/διαμερίσματα. + Η επιλεγμένη συσκευή περιέχει διαμερίσματα.\n\nΗ διαμόρφωση της μπορεί να δημιουργήσει αστάθεια συστήματος και/ή απώλεια δεδομένων. Παρακαλώ επιλέξτε ένα διαμέρισμα στη συσκευή ή διαγράψτε όλα τα διαμερίσματα από τη συσκευή για να τη διαμορφώσει το VeraCrypt εν ασφαλεία. + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Ο ελεύθερος χώρος στον οδηγό %s είναι %.2f bytes. + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + Δεν μπόρεσαν να ανακτηθούν τα διαθέσιμα γράμματα οδηγών. + Σφάλμα: Δε βρέθηκε ο οδηγός VeraCrypt.\n\nΠαρακαλώ αντιγράψτε τα αρχεία 'veracrypt.sys' και 'veracrypt-x64.sys' στο φάκελο που βρίσκεται η εφαρμογή (το VeraCrypt.exe). + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Σφάλμα: Αποτυχία αρχικοποιήσης κρυπτογράφου. + Σφάλμα: Ένα αδύναμο κλειδί ανιχνεύτηκε. Το κλειδί θα απορριφθεί. Παρακαλώ δοκιμαστε ξανά. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + Κρίσιμο σφάλμα του VeraCrypt + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Κρυπτογράφηση + &Αποκρυπτογράφηση + &Μόνιμη αποκρυπτογράφηση + Έξοδος + Παρακαλώ δημιουργήστε ένα λογικό οδηγό για αυτό το extended διαμέρισμα και δοκιμάστε ξανά. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + Επιλέξτε την τοποθεσία του τόμου VeraCrypt μέσα στον οποίο θα δημιουργηθεί ένας κρυφός τόμος. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + Σφάλμα: Αδύνατη η φόρτωση του τόμου. Το φιλοξενών αρχείο/συσκευή είναι ήδη σε χρήση. Η προσπάθεια φόρτωσης χωρίς αποκλειστική πρόσβαση επίσης απέτυχε. + Το αρχείο δεν μπόρεσε να ανοιχθεί. + Τοποθεσία τόμου + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Note: + &Ανάκτηση + &Αναβολή + &Start + &Continue + &Διαμόρφωση + &Wipe + Ακύρωση διαμόρφωσης; + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + Το διαμέρισμα/συσκευή του συστήματος αποκρυπτογραφήθηκε επιτυχώς. + \n\nΟ τόμος VeraCrypt δημιουργήθηκε και είναι έτοιμος για χρήση. Αν θέλετε να δημιουργήσετε κι άλλον τόμο πιέστε "Επόμενο", αλλιώς "Έξοδος". + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + Ο τόμος VeraCrypt δημιουργήθηκε επιτυχώς. + Ο τόμος δημιουργήθηκε + ΣΗΜΑΝΤΙΚΟ: Κινήστε το ποντίκι όσο πιο τυχαία γίνεται μέσα σε αυτό το παράθυρο. Όσο περισσότερο, τόσο καλύτερα. Αυτό αυξάνει σημαντικά την κρυπτογραφική ικανότητα των αρχείων-κλειδιών. Στη συνέχεια πιέστε Διαμόρφωση για να δημιουργήσετε τον τόμο. + Πιέστε Διαμόρφωση για να δημιουργήσετε τον εξωτερικό τόμο. Για περισσότερες πληροφορίες ανατρέξτε στην τεκμηρίωση. + Διαμόρφωση εξωτερικού τόμου + Διαμόρφωση κρυφού τόμου + Διαμόρφωση τόμου + Το Adobe Reader (ή ένα συμβατό εργαλείο) είναι απαραίτητο για να δείτε ή να εκτυπώσετε τον Οδηγό Χρήσης του VeraCrypt. Το Adobe Reader (δωρεάν) μπορεί να μεταφορτωθεί από: www.adobe.com\n\nΘέλετε να δείτε την διαδικτυακή βοήθεια; + Αν επιλέξετε αυτή τη δυνατότητα, ο Οδηγός θα σας βοηθήσει να δημιουργήσετε πρώτα έναν κανονικό τόμο VeraCrypt και έπειτα έναν κρυφό μέσα σ'αυτόν. Μη έμπειροι χρήστες θα πρέπει πάντα να επιλέγουν αυτή τη δυνατότητα. + Αν επιλέξετε αυτή τη δυνατότητα, θα δημιουργήσετε έναν κρυφό τόμο μέσα σε έναν υπάρχοντα τόμο VeraCrypt. Θα θεωρηθεί ότι έχετε ήδη δημιουργήσει έναν τόμο VeraCrypt κατάλληλο να φιλοξενήσει τον κρυφό τόμο. + Μέθοδος δημιουργίας τόμου + Ο κρυφός τόμος δημιουργήθηκε + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + Ο εξωτερικός τόμος δημιουργήθηκε επιτυχώς και φορτώθηκε ως οδηγός %hc:. Σε αυτόν τον τόμο θα πρέπει να γράψετε αρχεία που ΔΕΝ θέλετε να κρύψετε. Τα αρχεία θα είναι εμφανή για όποιον σας εξαναγκάσει να αποκαλύψετε τον κωδικό σας. Θα αποκαλύψετε μόνο τον κωδικό του εξωτερικού τόμου, όχι του κρυφού. Τα πραγματικά σημαντικά σας αρχεία θα είναι στον κρυφό τόμο που θα δημιουργηθεί στη συνέχεια. Όταν τελειώσετε την αντιγραφή πιέστε "Επόμενο". Μην εκφορτώσετε τον τόμο.\n\nΣημείωση: Αφού πιέσετε "Επόμενο", το cluster bitmap του εξωτερικού τόμου θα ανιχνευθεί για να καθορισθεί το μέγεθος του συνεχούς ελεύθερου χώρου του οποίου το τέλος ευθυγραμμίζεται με το τέλος του τόμου. Αυτή η περιοχή θα περιέχει τον κρυφό τόμο, συνεπώς θα περιορίσει το μέγιστο δυνατό του μέγεθος. Η ανίχνευση του cluster bitmap διασφαλίζει ότι δεν θα διαγραφούν δεδομένα του εξωτερικού τόμου από τον κρυφό τόμο. + Περιεχόμενα εξωτερικού τόμου + \n\nΣτα επόμενα βήματα θα ορίσετε τις επιλογές για τον εξωτερικό τόμο (μέσα στον οποίο θα δημιουργηθεί ο κρυφός τόμος αργότερα). + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + Εξωτερικός τόμος + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nΤο cluster bitmap του τόμου ανιχνεύθηκε και το μέγιστο δυνατό μέγεθος του κρυφού τόμου προσδιορίσθηκε. Στα επόμενα βήματα θα ορίσετε της επιλογές, το μέγεθος και τον κωδικό για τον κρυφό τόμο. + Κρυφός τόμος + Ο κρυφός τόμος είναι τώρα προστατευμένος από φθορά μέχρι να εκφορτωθεί ο εξωτερικός τόμος.\n\nΠΡΟΣΟΧΗ: Αν γίνει προσπάθεια αποθήκευσης δεδομένων στην περιοχή του κρυφού τόμου, το VeraCrypt θα ξεκινήσει την προστασία από εγγραφή ολόκληρου του τόμου (εξωτερικού και κρυφού) μέχρι να εκφορτωθούν. Αυτό μπορεί να προκαλέσει φθορά στο σύστημα αρχείων του εξωτερικού τόμου. Γι'αυτό θα πρέπει να προσπαθήσετε να μη γράψετε στην περιοχή του κρυφού τόμου. Όσα δεδομένα εγγραφούν στην περιοχή του κρυφού τόμου ΔΕ θα αποθηκευθούν και θα χαθούν! Τα Windows μπορεί να το αναφέρουν αυτό ως σφάλμα εγγραφής. + Καθένας από τους κρυφούς τόμους μέσα στους νεοφορτωθέντες τόμους είναι τώρα προστατευμένος από φθορά μέχρι μα εκφορτωθεί.\n\nΠΡΟΣΟΧΗ: Αν γίνει προσπάθεια αποθήκευσης δεδομένων σε περιοχή κρυφού τόμου οποιουδήποτε από αυτούς τους τόμους, το VeraCrypt θα ξεκινήσει την προστασία από εγγραφή ολόκληρου του τόμου (εξωτερικού και κρυφού) μέχρι να εκφορτωθεί. Αυτό μπορεί να προκαλέσει φθορά στο σύστημα αρχείων του εξωτερικού τόμου. Γι'αυτό θα πρέπει να προσπαθήσετε να μη γράψετε στην περιοχή του κρυφού τόμου. Όσα δεδομένα εγγραφούν στην περιοχή του κρυφού τόμου ΔΕ θα αποθηκευθούν και θα χαθούν! Τα Windows μπορεί να το αναφέρουν αυτό ως σφάλμα εγγραφής. + ΠΡΟΣΟΧΗ: Έγινε προσπάθεια αποθήκευσης δεδομένων στην περιοχή του κρυφού τόμου του φορτωμένου ως %c: τόμου!\n\nΤο VeraCrypt απέτρεψε την εγγραφή αυτών των δεδομένων για να προστατεύσει τον κρυφό τόμο. Αυτό μπορεί να προκάλεσε φθορά στο σύστημα αρχείων του εξωτερικού τόμου και τα Windows μπορεί να το αναφέρουν αυτό ως σφάλμα εγγραφής. Ολόκληρος ο τόμος (εξωτερικός και κρυφός) θα προστατευθεί από εγγραφή μέχρι να εκφορτωθεί. Συνίσταται να δημιουργήσετε έναν νέο τόμο VeraCrypt (με τη Γρήγορη Διαμόρφωση απενεργοποιημένη) και να μετακινήσετε τα αρχεία αυτού του τόμου στο νέο. Αυτός ο τόμος θα πρέπει να διαγραφεί ασφαλώς (εξωτερικός και κρυφός). Συνιστούμε να κάνετε επανεκκίνηση τώρα. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + Ο υπολογιστής σας πρέπει να επανεκκινηθεί.\n\nΘέλετε αυτό να γίνει τώρα; + Ένα σφάλμα συνέβη κατά τη λήψη της κατάστασης κρυπτογράφησης του συστήματος. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Αδυναμία αρχικοποίησης των στοιχείων της εφαρμογής για κρυπτογράφηση του συστήματος. + Αποτυχία αρχικοποίησης της γεννήτριας τυχαίων αριθμών! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Αδυναμία αρχικοποίησης της εφαρμογής. Αποτυχία καταχώρησης της τάξης διαλόγου. + Error: Failed to load the Rich Edit system library. + Οδηγός δημιουργίας τόμου VeraCrypt + Το μέγιστο δυνατό μέγεθος κρυφού τόμου για αυτόν τον τόμο είναι %.2f bytes. + Το μέγιστο δυνατό μέγεθος κρυφού τόμου για αυτόν τον τόμο είναι %.2fKB. + Το μέγιστο δυνατό μέγεθος κρυφού τόμου για αυτόν τον τόμο είναι %.2f MB. + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + Ο κωδικός/αρχεία-κλειδιά του τόμου δεν μπορούν να αλλαχθούν όσο αυτός είναι φορτωμένος. Παρακαλώ εκφορτώστε πρώτα τον τόμο. + Ο αλγόριθμος του κλειδιού δημιουργίας header δεν μπορεί να αλλαχθεί όσο ο τόμος είναι φορτωμένος. Παρακαλώ εκφορτώστε πρώτα τον τόμο. + &Φόρτωση + Μια νεότερη έκδοση του VeraCrypt χρειάζεται για να φορτώσετε αυτό τον τόμο. + Σφάλμα: Δε βρέθηκε ο Οδηγός δημιουργίας τόμου.\n\nΠαρακαλώ σιγουρευτείτε ότι το αρχείο "VeraCrypt Format.exe" είναι στο φάκελο από τον οποίο έτρεξε το "VeraCrypt.exe". Αν δεν είναι ξαναεγκαταστήστε το VeraCrypt ή εντοπίστε το "VeraCrypt Format.exe" στο δίσκο σας και τρέξτε το. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Επόμενο > + &Τέλος + &Εγκατάσταση + Ε&ξαγωγή + Αδύνατη η σύνδεση με τον οδηγό συσκευής του VeraCrypt. Το VeraCrypt δεν μπορεί να λειτουργήσει αν δεν τρέχει ο οδηγός συσκευής.\n\nΣημειώστε ότι λόγω των Windows, μπορεί να χρειαστεί να αποσυνδεθείτε ή να κάνετε επανεκκίνηση για να φορτωθεί ο οδηγός συσκευής. + Σφάλμα κατά τη φόρτωση/προετοιμασία των γραμματοσειρών. + Το γράμμα του οδηγού δε βρέθηκε ή δεν καθορίσθηκε. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Το γράμμα του οδηγού δεν είναι διαθέσιμο. + Δεν επιλέχθηκε αρχείο! + Δεν υπάρχουν διαθέσιμα γράμματα οδηγών. + Δεν υπάρχει ελεύθερο γράμμα οδηγού για τον εξωτερικό τόμο! Η δημιουργία του τόμου δεν μπορεί να συνεχισθεί. + Αδύνατος ο προσδιορισμός του λειτουργικού συστήματος ή χρησιμοποιείτε μη υποστηριζόμενο λειτουργικό σύστημα. + Δεν επιλέχθηκε διαδρομή! + Όχι αρκετός ελεύθερος χώρος για τον κρυφό τόμο! Η δημιουργία του τόμου δεν μπορεί να συνεχισθεί. + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + Ο οδηγός αδυνατεί να εκφορτώσει τον τόμο. Κάποια αρχεία του τόμου πιθανόν να είναι ακόμα σε χρήση. + Αδύνατον να κλειδωθεί ο τόμος. Υπάρχουν ακόμα ανοιχτά αρχεία στον τόμο. Γι' αυτό δεν μπορεί να εκφορτωθεί. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + Επιλέξτε έναν τόμο VeraCrypt + Καθορίστε διαδρομή και όνομα αρχείου + Select PKCS #11 Library + Η μνήμη εξαντλήθηκε + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + ΠΡΟΣΟΧΗ: Το αρχείο '%s' ήδη υπάρχει!\n\nΣΗΜΑΝΤΙΚΟ: ΤΟ VERACRYPT ΔΕ ΘΑ ΚΡΥΠΤΟΓΡΑΦΗΣΕΙ ΤΟ ΑΡΧΕΙΟ ΑΛΛΑ ΘΑ ΤΟ ΔΙΑΓΡΑΨΕΙ. Είστε σίγουρος ότι θέλετε να διαγράψετε το αρχείο και να το αντικαταστήσετε με ένα νέο αρχείο-τόμο VeraCrypt; + ΠΡΟΣΟΧΗ: ΟΛΑ ΤΑ ΑΠΟΘΗΚΕΥΜΕΝΑ ΑΡΧΕΙΑ ΣΤΟ ΕΠΙΛΕΓΜΕΝΟ %s '%s'%s ΘΑ ΔΙΑΓΡΑΦΟΥΝ (ΔΕ ΘΑ ΚΡΥΠΤΟΓΡΑΦΗΘΟΥΝ)!\n\nΕίστε σίγουρος ότι θέλετε να συνεχίσετε τη διαμόρφωση; + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + Κωδικός + PIM + Ορισμός κλειδιού αλγορίθμου δημιουργίας header + Προσθήκη/Διαγραφή αρχείων-κλειδιών σε/από τόμους + Διαγραφή όλων των αρχείων-κλειδιών από τον τόμο + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Σημειώστε ότι ο Δίσκος Ασφαλείας VeraCrypt σας εξακολουθεί να χρησιμοποιεί τον προηγούμενο αλγόριθμο. Αν θεωρείτε τον προηγούμενο αλγόριθμο ανασφαλή, θα πρέπει να δημιουργήσετε έναν νέο Δίσκο Ασφαλείας και να καταστρέψετε τον παλιό.\n\nΘέλετε να δημιουργήσετε έναν νέο Δίσκο Ασφαλείας VeraCrypt; + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Τα αρχεία-κλειδιά προστέθηκαν/αφαιρέθηκαν επιτυχώς. + Keyfile exported. + Ο αλγόριθμος του κλειδιού δημιουργίας header ορίσθηκε επιτυχώς. + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption/decryption.\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption/decryption has been interrupted and where the VeraCrypt volume header can be deciphered using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains each accessible non-system volume where the process of encryption/decryption has been interrupted and where the volume header was successfully deciphered using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. + Παρακαλώ επιλέξτε κωδικό για τον κρυφό τόμο. + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + Παρακαλώ εισάγετε τον κωδικό για τον τόμο μέσα στον οποίο επιθυμείτε να δημιουργήσετε έναν κρυφό τόμο.\n\nΑφού επιλέξετε "Επόμενο", το VeraCrypt θα επιχειρήσει να φορτώσει τον τόμο. Μόλις ο τόμος φορτωθεί, το cluster bitmap θα ανιχνευθεί για να προσδιορισθεί το μέγεθος της συνεχούς περιοχής ελεύθερου χώρου (αν υπάρχει) του οποίου το τέλος ευθυγραμμίζεται με το τέλος του τόμου. Αυτή η περιοχή θα φιλοξενήσει τον κρυφό τόμο και συνεπώς θα περιορίσει το πιθανό μέγεθος του. Η ανίχνευση του cluster bitmap είναι απαραίτητη για να διασφαλισθεί ότι δε θα διαγραφούν δεδομένα του εξωτερικού τόμου από τον κρυφό τόμο. + \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + Κωδικός εξωτερικού τόμου + Κωδικός κρυφού τόμου + Password for Hidden Operating System + ΠΡΟΣΟΧΗ: Οι μικροί κωδικοί μπορούν να σπάσουν εύκολα με τεχνικές brute force!\n\nΣυνιστούμε να επιλέξετε έναν κωδικό τουλάχιστον 20 χαρακτήρων. Είστε σίγουροι ότι θέλετε να χρησιμοποιήσετε μικρό κωδικό; + Κωδικός τόμου + Λάθος κωδικός ή όχι τόμος VeraCrypt. + Λάθος αρχεία-κλειδιά και/ή κωδικός ή όχι τόμος VeraCrypt. + Λάθος μέθοδος φόρτωσης, λάθος κωδικός ή όχι τόμος VeraCrypt. + Λάθος μέθοδος φόρτωσης, λάθος αρχείο(α)-κλειδί(α) και/ή κωδικός ή όχι τόμος VeraCrypt. + Λάθος κωδικός ή δεν βρέθηκε τόμος VeraCrypt. + Λάθος αρχεία-κλειδιά και/ή κωδικός ή δεν βρέθηκε τόμος VeraCrypt. + \n\nΠροσοχή: Το Caps Lock είναι ενεργοποιημένο. Αυτό μπορεί να προκαλέσει λάθος εισαγωγή κωδικού. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where the process of encryption/decryption of a non-system volume has been interrupted and where the volume header can be deciphered using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nΣημείωση: Αν προσπαθείτε να φορτώσετε ένα διαμέρισμα ενός κρυπτογραφημένου οδηγού συστήματος χωρίς προ-εκκίνησης έλεγχο αυθεντικότητας ή να φορτώσετε το κρυπτογραφημένο διαμέρισμα συστήματος ενός λειτουργικού συστήματος που δεν τρέχει, μπορείτε να το κάνετε επιλέγοντας 'Σύστημα' > 'Φόρτωση χωρίς προ-εκκίνησης έλεγχο αυθεντικότητας'. + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Πίσω + Αδυναμία παράθεσης των εγκατεστημένων στο σύστημα σας αδιαμόρφωτων συσκευών! + Ο τόμος '%s' υπάρχει και είναι μόνο για ανάγνωση. Είστε σίγουρος ότι θέλετε να τον αντικαταστήσετε; + Επιλέξτε φάκελο προορισμού + Επιλέξτε αρχείο-κλειδί + Επιλέξτε διαδρομή αναζήτησης αρχείου-κλειδιού. ΠΡΟΣΟΧΗ: Μόνο η διαδρομή θα απομνημονευθεί, όχι τα αρχεία! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Σχεδιασμένος από τους Ross Anderson, Eli Biham και Lars Knudsen. Δημοσιεύτηκε το 1998. Κλειδί 256-bit, μπλοκ 128-bit. Κατάσταση λειτουργίας XTS. Ο Serpent ήταν ένας από τους φιναλίστ του AES. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Μέγεθος εξωτερικού τόμου + Μέγεθος κρυφού τόμου + Please verify that the size of the selected device/partition shown above is correct and click Next. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Μέγεθος τόμου + Δυναμικός + Ο ΑΥΤΟΕΛΕΓΧΟΣ ΑΠΕΤΥΧΕ! + Οι αυτοέλεγχοι πέτυχαν + Ο αριθμός μονάδας δεδομένων που παρείχατε είναι πολύ μεγάλος ή πολύ μικρός. + Το δευτερεύον κλειδί που παρείχατε είναι πολύ μεγάλο ή πολύ μικρό. + Το δοκιμαστικό κρυπτοκείμενο που παρείχατε είναι πολύ μεγάλο ή πολύ μικρό. + Το δοκιμαστικό κλειδί που παρείχατε είναι πολύ μεγάλο ή πολύ μικρό. + Το δοκιμαστικό απλό κείμενο που παρείχατε είναι πολύ μεγάλο ή πολύ μικρό. + Δύο κρυπτογράφοι σε σειρά, λειτουργούντες σε κατάσταση XTS. Κάθε μπλοκ πρώτα κρυπτογραφείται με %s (%d-bit κλειδί) και μετά με %s (%d-bit κλειδί). Κάθε κρυπτογράφος χρησιμοποιεί το δικό του κλειδί. Όλα τα κλειδιά είναι μεταξύ τους ανεξάρτητα. + Τρεις κρυπτογράφοι σε σειρά, λειτουργούντες σε κατάσταση XTS. Κάθε μπλοκ πρώτα κρυπτογραφείται με %s (%d-bit κλειδί), μετά με %s (%d-bit κλειδί) και τελικά με %s (%d-bit κλειδί). Κάθε κρυπτογράφος χρησιμοποιεί το δικό του κλειδί. Όλα τα κλειδιά είναι μεταξύ τους ανεξάρτητα. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + Φορητός δίσκος VeraCrypt + Σχεδιάστηκε από τους Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall και Niels Ferguson. Δημοσιεύτηκε το 1998. Κλειδί 256-bit, μπλοκ 128-bit. Κατάσταση λειτουργίας XTS. Ο Twofish ήταν ένας από τους φιναλίστ του AES. + Περισσότερες πληροφορίες στο %s + Άγνωστο + An unspecified or unknown error occurred (%d). + Ορισμένοι τόμοι περιέχουν αρχεία ή φακέλους που χρησιμοποιούνται από εφαρμογές ή το σύστημα.\n\nΕξαναγκασμός εκφόρτωσης; + &Εκφόρτωση + Η εκφόρτωση απέτυχε! + Ο τόμος περιέχει αρχεία ή φακέλους που χρησιμοποιούνται από εφαρμογές ή το σύστημα.\n\nΕξαναγκασμός εκφόρτωσης; + No volume is mounted to the specified drive letter. + Ο τόμος που προσπαθείτε να φορτώσετε είναι ήδη φορτωμένος. + Ένα σφάλμα συνέβη κατά τη διάρκεια της φόρτωσης τόμου. + Σφάλμα εντοπισμού θέσης μέσα στον τόμο. + Σφάλμα: Λάθος μέγεθος τόμου. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + Το VeraCrypt δεν μπορεί να αλλάξει κωδικούς τόμων άλλου τύπου. + Παρακαλώ επιλέξτε ένα γράμμα οδηγού από τη λίστα. + Παρακαλώ επιλέξτε έναν φορτωμένο τόμο στη λίστα γραμμάτων οδηγών. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Σφάλμα: Αδύνατη η δημιουργία του autorun.inf + Σφάλμα κατά την επεξεργασία του αρχείου-κλειδιού! + Σφάλμα κατά την επεξεργασία της διαδρομής του αρχείου-κλειδιού! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + Το VeraCrypt δεν υποστηρίζει αυτό το λειτουργικό σύστημα. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Σφάλμα: Αδύνατη η κατανομή της μνήμης. + Σφάλμα: Αδύνατη η ανάκτηση της τιμής του μετρητή επιδόσεως. + Σφάλμα: Κακή διαμόρφωση τόμου. + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - Νομικές επισημάνσεις + Όλα τα αρχεία + Τόμοι VeraCrypt + Library Modules + Η διαμόρφωση NTFS δεν μπορεί να συνεχιστεί. + Αδύνατη η φόρτωση του τόμου. + Αδύνατη η εκφόρτωση του τόμου. + Τα Windows απέτυχαν στη διαμόρφωση του τόμου σε NTFS.\n\nΠαρακαλώ επιλέξτε έναν διαφορετικό τύπο συστήματος αρχείων (αν είναι δυνατόν) και προσπαθήστε ξανά. Εναλλακτικά θα μπορούσατε να αφήσετε τον τόμο αδιαμόρφωτο (επιλέξτε "Κανένα" ως σύστημα αρχείων), βγείτε από αυτόν τον Οδηγό, φορτώστε τον τόμο και κατόπιν χρησιμοποιείστε ένα εργαλείο είτε του συστήματος είτε ενός τρίτου κατασκευαστή για να διαμορφώσετε τον φορτωμένο τόμο (ο τόμος θα παραμείνει κρυπτογραφημένος). + Τα Windows απέτυχαν στη διαμόρφωση του τόμου σε NTFS.\n\nΘέλετε να τον διαμορφώσετε σε FAT; + Εξ'ορισμού + διαμέρισμα + ΔΙΑΜΕΡΙΣΜΑ + Συσκευή + device + ΣΥΣΚΕΥΗ + Τόμος + volume + VOLUME + Label + Το επιλεγμένο μέγεθος του cluster είναι πολύ μικρό για αυτό το μέγεθος τόμου. Ένα μεγαλύτερο μέγεθος cluster θα χρησιμοποιηθεί αντί αυτού. + Σφάλμα: Δεν μπορεί να ανακτηθεί το μέγεθος του τόμου!\n\nΣιγουρευτείτε ότι ο επιλεγμένος τόμος δε χρησιμοποιείται από το σύστημα ή κάποια εφαρμογή. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + Ο Οδηγός Δημιουργίας Τόμου VeraCrypt μπορεί να δημιουργήσει κρυφό τόμο μόνο μέσα σε τόμο FAT ή NTFS. + Στα Windows 2000, ο Οδηγός Δημιουργίας Τόμου VeraCrypt μπορεί να δημιουργήσει κρυφό τόμο μόνο μέσα σε τόμο FAT. + Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). + Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Σφάλμα: Αδυναμία πρόσβασης στον τόμο!\n\nΣιγουρευτείτε ότι ο επιλεγμένος τόμος υπάρχει, δεν είναι φορτωμένος ή χρησιμοποιείται από το σύστημα ή κάποια εφαρμογή, ότι έχετε δικαιώματα ανάγνωσης/εγγραφής σε αυτόν και ότι δεν έχει προστασία εγγραφής. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption/decryption of the partition/volume.\n\nPlease try fixing any previously reported problems and then try resuming the process again if possible. Note that the volume cannot be mounted until it has been fully encrypted or fully decrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Σφάλμα: Αδυναμία εκφόρτωσης του εξωτερικού τόμου!\n\nΟ τόμος δεν μπορεί να εκφορτωθεί αν περιέχει αρχεία ή φακέλους σε χρήση.\n\nΠαρακαλώ κλείστε κάθε πρόγραμμα που μπορεί να χρησιμοποιεί αρχεία ή φακέλους του τόμου και επιλέξτε "Επανάληψη". + Σφάλμα: Αδυναμία ανάκτησης πληροφοριών για τον εξωτερικό τόμο! Η δημιουργία του τόμου δεν μπορεί να συνεχιστεί. + Σφάλμα: Αδυναμία πρόσβασης στον εξωτερικό τόμο! Η δημιουργία του τόμου δεν μπορεί να συνεχισθεί. + Σφάλμα: Αδυναμία φόρτωσης του εξωτερικού τόμου! Η δημιουργία του τόμου δεν μπορεί να συνεχισθεί. + Σφάλμα: Αδυναμία ανάκτησης του cluster bitmap του τόμου! Η δημιουργία του τόμου δεν μπορεί να συνεχισθεί. + Αλφαβητικά/Κατηγοριοποιημένα + Μέση ταχύτητα (μειούμενη) + Αλγόριθμος + Κρυπτογράφηση + Αποκρυπτογράφηση + Μέσος όρος + Οδηγός + Μέγεθος + Αλγόριθμος κρυπτογράφησης + Αλγόριθμος κρυπτογράφησης + Τύπος + Τιμή + Ιδιότητα + Θέση + bytes + Κρυφός + Εξωτερικός + Τυπικός + Σύστημα + Hidden (system) + Μόνο για ανάγνωση + Οδηγός συστήματος + Οδηγός συστήματος (κρυπτογράφηση - %.2f%% ολ/κε) + Οδηγός συστήματος (αποκρυπτογράφηση - %.2f%% ολ/κε) + Οδηγός συστήματος (%.2f%% κρυπτ/κε) + Διαμέρισμα συστήματος + Hidden system partition + Διαμέρισμα συστήματος (κρυπτογράφηση - %.2f%% ολ/κε) + Διαμέρισμα συστήματος (αποκρυπτογράφηση - %.2f%% ολ/κε) + Διαμέρισμα συστήματος (%.2f%% κρυπτ/κε) + Ναι (η ζημιά απεφεύχθει!) + Κανένα + Primary Key Size + Secondary Key Size (XTS Mode) + Tweak Key Size (LRW Mode) + bits + Μέγεθος μπλοκ + PKCS-5 PRF + PKCS-5 αριθμός επαναλήψεων + Δημιουργία τόμου + Τελευταία τροποποίηση header + (πριν %I64d μέρες) + Volume Format Version + Embedded Backup Header + VeraCrypt Boot Loader Version + Πρώτο διαθέσιμο + Removable Disk + Σκληρός δίσκος + Αμετάβλητο + Autodetection + Κατάσταση Οδηγού + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Επιλογές εγκατάστασης + Εδώ μπορείτε να καθορίσετε διάφορες επιλογές για να ελέγξετε τη διαδικασία εγκατάστασης. + Εγκατάσταση + Παρακαλώ περιμένετε όσο το VeraCrypt εγκαθίσταται. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Επιλογές εξαγωγής + Εδώ μπορείτε να καθορίσετε διάφορες επιλογές για να ελέγξετε τη διαδικασία εξαγωγής. + Παρακαλώ περιμένετε όσο τα αρχεία εξάγονται. + Files successfully extracted + Όλα τα αρχεία εξάχθηκαν επιτυχώς στον τόπο προορισμού. + Αν ο καθορισμένος φάκελος δεν υπάρχει, θα δημιουργηθεί αυτόματα. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Θέλετε να δείτε τις σημειώσεις έκδοσης για αυτήν (τελευταία σταθερή) την έκδοση του VeraCrypt; + Αν δεν έχετε ξαναχρησιμοποιήσει το VeraCrypt, προτείνουμε να διαβάσετε τον Οδηγό Χρήσης. Θέλετε να τον δείτε; + Παρακαλώ επιλέξτε μια από τις παρακάτω ενέργειες: + Επιδιόρθωση/Επανεγκατάσταση + Upgrade + Απεγκατάσταση + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + Η εγκατάσταση απέτυχε. + Η απεγκατάσταση απέτυχε. + Αυτό το πακέτο εγκατάστασης είναι φθαρμένο. Παρακαλώ δοκιμάστε να το κατεβάσετε ξανά (κατά προτίμηση από τον ιστοχώρο του VeraCrypt στη https://veracrypt.codeplex.com). + Αδυναμία εγγραφής αρχείου %s + Εξαγωγή + Αδυναμία ανάγνωσης δεδομένων από το πακέτο. + Αδυναμία επαλήθευσης της ακεραιότητας του πακέτου διανομής. + Η εξαγωγή απέτυχε. + Η εγκατάσταση αναιρέθηκε. + Το VeraCrypt εγκαταστάθηκε επιτυχώς. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + Το VeraCrypt απεγκαταστάθηκε επιτυχώς.\n\nΕπιλέξτε "Τέλος" για να απομακρύνετε το αρχείο εγκατάστασης του VeraCrypt και το φάκελο %s. Σημειώστε ότι ο φάκελος δε θα απομακρυνθεί αν περιέχει αρχεία που δεν εγκαταστάθηκαν ή δημιουργήθηκαν από το VeraCrypt. + Απομάκρυνση καταχωρήσεων μητρώου του VeraCrypt... + Προσθήκη καταχωρήσεων μητρώου... + Απομάκρυνση δεδομένων εφαρμογής... + Εγκατάσταση... + Παύση... + Απομάκρυνση... + Προσθήκη εικονιδίων... + Δημιουργία σημείου επαναφοράς συστήματος... + Αποτυχία δημιουργίας σημείου επαναφοράς συστήματος! + Updating boot loader + Αποτυχία εγκατάστασης του '%s'. %s Θέλετε να συνεχίσετε την εγκατάσταση; + Αποτυχία απεγκατάστασης του '%s'. %s Θέλετε να συνεχίσετε την απεγκατάσταση; + Η εγκατάσταση ολοκληρώθηκε. + Ο φάκελος '%s' δεν μπόρεσε να δημιουργηθεί + Ο οδηγός συσκευής του VeraCrypt δεν μπόρεσε να εκφορτωθεί.\n\nΠαρακαλώ κλείστε πρώτα όλα τα ανοιχτά παράθυρα του VeraCrypt. Αν αυτό δε βοηθήσει, επανεκκινήστε τα Windows και δοκιμάστε ξανά. + Όλοι οι τόμοι VeraCrypt πρέπει να εκφορτωθούν πριν την εγκατάσταση ή απεγκατάσταση του VeraCrypt. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + Η εγκατάσταση των καταχωρήσεων μητρώου απέτυχε + Η εγκατάσταση του οδηγού συσκευής απέτυχε. Παρακάλω επανεκκινήστε τα Windows και δοκιμάστε να ξαναεγκαταστήσετε το VeraCrypt. + Εκκίνηση οδηγού συσκευής VeraCrypt... + Η απεγκατάσταση του οδηγού συσκευής απέτυχε. Παρακαλώ σημειώστε ότι λόγω των Windows μπορεί να χρειαστεί να αποσυνδεθείτε ή να επανεκκινήσετε το σύστημα πριν εγκατασταθεί (ή επανεγκατασταθεί) ο οδηγός συσκευής. + Εγκατάσταση οδηγού συσκευής VeraCrypt... + Παύση οδηγού συσκευής VeraCrypt... + Απεγκατάσταση οδηγού συσκευής VeraCrypt... + Η καταχώρηση της βιβλιοθήκης υποστήριξης του Ελέγχου Λογαριασμού Χρήστη απέτυχε. + Η διαγραφή της βιβλιοθήκης υποστήριξης του Ελέγχου Λογαριασμού Χρήστη απέτυχε. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + Σφάλμα: Αδυναμία εμφάνισης αδείας. + Εξωτερικός(!) + ημέρες + ώρες + λεπτά + δ + Άνοιγμα + Εκφόρτωση + Δείξε το VeraCrypt + Κρύψε το VeraCrypt + Αναγνωσμένα δεδομένα από την φόρτωση + Γραμμένα δεδομένα από την φόρτωση + Κρυπτογραφημένο ποσοστό + 100% (πλήρως κρυπτογραφημένο) + 0% (όχι κρυπτογραφημένο) + %.3f%% + 100% + Αναμονή + Preparing + Resizing + Κρυπτογράφηση + Αποκρυπτογράφηση + Finalizing + Σταματημένο + Ολοκληρώθηκε + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Εισάγετε κωδικό για το %s + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + Το αρχείο-κλειδί δημιουργήθηκε επιτυχώς. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + Το αντίγραφο ασφαλείας του header του τόμου δημιουργήθηκε επιτυχώς.\n\nΣΗΜΑΝΤΙΚΟ: Η επαναφορά του header με αυτό το αντίγραφο θα επαναφέρει επίσης και τον κωδικό του τόμου. Επιπλέον αν χρειάζονται αρχεία-κλειδιά για να φορτωθεί ο τόμος, τα ίδια αρχεία-κλειδιά θα είναι απαραίτητα για να φορτώσετε τον τόμο ξανά όταν ανακτηθεί το header.\n\nΠΡΟΣΟΧΗ: Αυτό το αντίγραφο ασφαλείας του header μπορεί να χρησιμοποιηθεί για την επαναφορά του header ΜΟΝΟ αυτού του συγκεκριμένου τόμου. Αν το χρησιμοποιήσετε σε άλλο τόμο, θα μπορείτε να φορτώσετε τον τόμο, αλλά ΔΕΝ θα μπορείτε να αποκρυπτογραφήσετε τα δεδομένα του (γιατί θα αλλάξετε το βασικό κλειδί του). + Το header του τόμου ανακτήθηκε με επιτυχία.\n\nΣΗΜΑΝΤΙΚΟ: Παρακαλώ σημειώστε ότι κάποιος παλιός κωδικός μπορεί επίσης να ανακτήθηκε. Επιπλέον αν χρειάζονταν αρχεία-κλειδιά για να φορτωθεί ο τόμος όταν δημιουργήθηκε το αντίγραφο ασφαλείας, τα ίδια αρχεία-κλειδιά είναι τώρα απαραίτητα για να φορτώσετε τον τόμο ξανά. + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + Είστε σίγουρος ότι θέλετε να επαναφέρετε το header τόμου του %s;\n\nΠΡΟΣΟΧΗ: Η επαναφορά του header επαναφέρει επίσης και τον κωδικό του τόμου που ήταν έγκυρος όταν δημιουργήθηκε το αντίγραφο ασφαλείας. Επιπλέον αν χρειάζονταν αρχεία-κλειδιά για να φορτωθεί ο τόμος όταν δημιουργήθηκε το αντίγραφο ασφαλείας, τα ίδια αρχεία-κλειδιά θα είναι απαραίτητα για να φορτώσετε τον τόμο ξανά αφού ανακτηθεί το header.\n\nΑφού επιλέξετε "Ναι" θα επιλέξετε το αρχείο του αντιγράφου ασφαλείας του header. + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + Επιχειρείτε να δημιουργήσετε αντίγραφο ασφαλείας του header του διαμερίσματος/συσκευής του συστήματος. Αυτό δεν επιτρέπεται. Λειτουργίες δημιουργίας/ανάκτησης αντιγράφων ασφαλείας που αφορούν στο διαμέρισμα/συσκευή του συστήματος μπορούν να πραγματοποιηθούν μόνο με τη χρήση του Δίσκου Ασφαλείας VeraCrypt.\n\nΘέλετε να δημιουργήσετε ένα Δίσκο Ασφαλείας; + Επιχειρείτε να ανακτήσετε το header ενός εικονικού τόμου VeraCrypt αλλά επιλέξατε το διαμέρισμα/συσκευή του συστήματος. Αυτό δεν επιτρέπεται. Λειτουργίες δημιουργίας/ανάκτησης αντιγράφων ασφαλείας που αφορούν στο διαμέρισμα/συσκευή του συστήματος μπορούν να πραγματοποιηθούν μόνο με τη χρήση του Δίσκου Ασφαλείας VeraCrypt.\n\nΘέλετε να δημιουργήσετε ένα Δίσκο Ασφαλείας; + Αφού πιέσετε ΟΚ, θα επιλέξετε ένα όνομα για την εικόνα ISO του νέου Δίσκου Ασφαλείας VeraCrypt και την τοποθεσία που θέλετε να την τοποθετήσετε. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Παρακαλώ εισάγετε το Δίσκο Ασφαλείας VeraCrypt στον οδηγό CD/DVD και πιέστε ΟΚ για να τον επαληθεύσετε. + Ο Δίσκος Ασφαλείας VeraCrypt επαληθεύτηκε επιτυχώς. + Αδύνατη η επαλήθευση εγγραφής του Δίσκου Ασφαλείας.\n\nΑν τον έχετε εγγράψει παρακαλώ εξάγετε και εισάγετε το CD/DVD και δοκιμάστε ξανά. Αν αυτό δε βοηθήσει δοκιμάστε άλλο λογισμικό εγγραφής CD/DVD και/ή άλλο μέσο.\n\nΑν επιχειρήσατε να επαληθεύσετε ένα Δίσκο Ασφαλέιας δημιουργημένο για διαφορετικό βασικό κλειδί, κωδικό κλπ, σημειώστε ότι ένας τέτοιος Δίσκος θα αποτυγχάνει πάντα στην επαλήθευση. Για να δημιουργήσετε ένα νέο Δίσκο πλήρως συμβατό με τις τρέχουσες ρυθμίσεις σας επιλέξτε 'Σύστημα' > 'Δημιουργία Δίσκου Ασφαλείας'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Σφάλμα δημιουργίας Δίσκου Ασφαλείας VeraCrypt. + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Παρακαλώ εκφορτώστε τον τόμο πριν συνεχίσετε. + Σφάλμα: Αδυναμία ορισμού χρονομετρητή. + Ελέγχος συστήματος αρχείων + Διόρθωση συστήματος αρχείων + Add to Favorites... + Add to System Favorites... + P&roperties... + Ο κρυφός τόμος προστατεύθηκε + N/A + Ναι + Όχι + Disabled + 1 + 2 ή περισσότεροι + Κατάσταση λειτουργίας + Label: + Size: + Path: + Drive Letter: + Σφάλμα: Ο κωδικός πρέπει να περιέχει μόνο χαρακτήρες ASCII.\n\nΜη-ASCII χαρακτήρες στον κωδικό μπορεί να προκαλέσουν αδυναμία φόρτωσης του τόμου όταν αλλάξουν οι ρυθμίσεις του συστήματος σας.\n\nΟι επόμενοι χαρακτήρες επιτρέπονται:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Προειδοποίηση: Ο κωδικός περιέχει χαρακτήρες μη-ASCII.\n\nΑυτό μπορεί να προκαλέσει αδυναμία φόρτωσης του τόμου όταν αλλάξουν οι ρυθμίσεις του συστήματος σας.\n\nΘα πρέπει να αλλάξετε όλους τους μη-ASCII χαρακτήρες με χαρακτήρες ASCII όπως τους παρακάτω:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~. Για να το κάνετε αυτό επιλέξτε "Τόμοι" και "Αλλαγή κωδικού τόμου". + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Ιστοτόπος + ΠΡΟΣΟΧΗ: Φαίνεται ότι δεν έχετε εφαρμόσει κανένα Service Pack στα Windows σας. Δε θα πρέπει να γράψετε σε δίσκους IDE μεγαλύτερους από 128 GB στα Windows XP χωρίς τουλάχιστον Service Pack 1! Αν το κάνετε, δεδομένα του δίσκου (άσχετα αν είναι τόμου VeraCrypt) μπορεί να αλλοιωθούν. Σημειώστε ότι αυτός είναι ένας περιορισμός των Windows, όχι ελάττωμα του VeraCrypt. + ΠΡΟΣΟΧΗ: Φαίνεται ότι δεν έχετε εφαρμόσει τουλάχιστον το Service Pack 3 στα Windows σας. Δε θα πρέπει να γράψετε σε δίσκους IDE μεγαλύτερους από 128 GB στα Windows 2000 χωρίς τουλάχιστον Service Pack 3! Αν το κάνετε, δεδομένα του δίσκου (άσχετα αν είναι τόμου VeraCrypt) μπορεί να αλλοιωθούν. Σημειώστε ότι αυτός είναι ένας περιορισμός των Windows, όχι ελάττωμα του VeraCrypt.\n\nΣημείωση: Ισως χρειαστεί να ενεργοποιήσετε την υποστήριξη 48-bit LBA στο μητρώο. Περισσότερες πληροφορίες στη http://support.microsoft.com/kb/305098/EN-US + ΠΡΟΣΟΧΗ: Η υποστήριξη 48-bit LBA ATAPI είναι απενεργοποιημένη στο σύστημα σας. Γι' αυτό δε θα πρέπει να γράψετε σε δίσκους IDE μεγαλύτερους από 128 GB! Αν το κάνετε, δεδομένα του δίσκου (άσχετα αν είναι τόμου VeraCrypt) μπορεί να αλλοιωθούν. Σημειώστε ότι αυτός είναι ένας περιορισμός των Windows, όχι ελάττωμα του VeraCrypt.\n\nΓια να ενεργοποιήσετε την υποστήριξη 48-bit LBA, προσθέστε την τιμή "EnableBigLba" στο κλειδί του μητρώου HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters και ορίστε την 1.\n\nΠερισσότερες πληροφορίες στη http://support.microsoft.com/kb/305098 + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + ΠΡΟΣΟΧΗ: Αν θέλετε να έχετε τη δυνατότητα να προσθέσετε μελλοντικά περισσότερα δεδομένα/αρχεία στον εξωτερικό τόμο, θα πρέπει να σκεφθείτε να επιλέξετε μικρότερο μέγεθος για τον κρυφό τόμο.\n\nΕίστε σίγουρος ότι θέλετε να συνεχίσετε με το μέγεθος που καθορίσατε; + Δεν επιλέχθηκε τόμος.\n\nΕπιλέξτε "Επιλογή συσκευής" ή "Επιλογή αρχείου" για να επιλέξετε ένα αρχείο-τόμο. + Δεν επιλέχθηκε διαμέρισμα.\n\nΕπιλέξτε 'Επιλογή συσκευής' για να επιλέξετε ένα εκφορτωμένο διαμέρισμα που φυσιολογικά χρειάζεται προ-εκκίνησης έλεγχο αυθεντικότητας (π.χ. ένα διαμέρισμα που βρίσκεται στο κρυπτογραφημένο οδηγό συστήματος ενός άλλου λειτουργικού συστήματος που δεν τρέχει, ή το κρυπτογραφημένο διαμέρισμα του συστήματος ενός άλλου λειτουργικού συστήματος).\n\nΣημείωση: Το επιλεγμένο διαμέρισμα θα φορτωθεί σαν ένας κανονικός τόμος VeraCrypt χωρίς προ-εκκίνησης έλεγχο αυθεντικότητας. Αυτό είναι χρήσιμο π.χ. για λειτουργίες αντιγράφων ασφαλείας ή επιδιόρθωσης. + ΠΡΟΣΟΧΗ: Αν ορισθούν και επιλεγούν εξ'ορισμού αρχεία-κλειδιά, τόμοι οι οποίοι δε χρησιμοποιούν αυτά τα αρχεία-κλειδιά δε θα μπορούν να φορτωθούν. Συνεπώς, αφού ενεργοποιήσετε εξ'ορισμού κλειδιά, έχετε υπόψη να αποεπιλέξετε το πεδίο "Χρήση αρχείων-κλειδιών" όποτε φορτώνετε τέτοιους τόμους.\n\nΕίστε σίγουρος ότι θέλετε να αποθηκεύσετε τα επιλεγμένα αρχεία-κλειδιά/διαδρομές ως εξ'ορισμού; + Αυτοφόρτωση συσκευών + Εκφόρτωση όλων + Διαγραφή cache + Dismount All & Wipe Cache + Εξαναγκασμένη εκφόρτωση όλων & διαγραφή cache + Εξαναγκασμένη εκφόρτωση όλων, διαγραφή cache & έξοδος + Φόρτωση αγαπημένων τόμων + Εμφάνιση/απόκρυψη κύριου παραθύρου VeraCrypt + (Κάντε κλικ εδώ και πιέστε ένα πλήκτρο) + Ενέργεια + Συντόμευση + Σφάλμα: Αυτή η συντόμευση είναι δεσμευμένη. Παρακαλώ επιλέξτε άλλη συντόμευση. + Σφάλμα: Η συντόμευση ήδη χρησιμοποιείται. + ΠΡΟΣΟΧΗ: Μια ή περισσότερες συντομεύσεις του VeraCrypt δε θα λειτουργήσουν!\n\nΠαρακαλώ σιγουρευθείτε ότι άλλες εφαρμογές και το λειτουργικό σύστημα δε χρησιμοποιούν τις ίδιες συντομεύσεις με το VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + ΠΡΟΣΟΧΗ: Αν αυτή η δυνατότητα απενεργοποιηθεί, οι τόμοι που περιέχουν ανοιχτά αρχεία/φακέλους δε θα μπορούν να εκφορτωθούν.\n\nΕίστε σίγουρος ότι θέλετε να απενεργοποιήσετε αυτή τη δυνατότητα; + ΠΡΟΣΟΧΗ: Τόμοι που περιέχουν ανοιχτά αρχεία/φακέλους ΔΕ θα αυτοεκφορτωθούν.\n\nΓια να το αποφύγετε αυτό ενεργοποιήστε την ακόλουθη επιλογή σε αυτό το παράθυρο διαλόγου:"Ακόμα και αν ο τόμος περιέχει ανοιχτά αρχεία/φακέλους" + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption/decryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + Έχετε προγραμματίσει τη διαδικασία κρυπτογράφησης ή αποκρυπτογράφησης του διαμερίσματος/συσκευής του συστήματος. Η διαδικασία δεν ολοκληρώθηκε ακόμα.\n\nΘέλετε να εκκινήσετε (συνεχίσετε) τη διαδικασία τώρα; + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption/decryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption/decryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Έχετε προγραμματίσει τη διαδικασία κρυπτογράφησης ή αποκρυπτογράφησης του διαμερίσματος/συσκευής του συστήματος. Ωστόσο ο προ-εκκίνησης έλεγχος απέτυχε (ή παρακάμφθηκε).\n\nΣημείωση: Αν αποκρυπτογραφήσατε το διαμέρισμα/συσκευή του συστήματος στο προ-εκκίνησης περιβάλλον, ίσως χρειαστεί να τερματίσετε τη διαδικασία επιλέγοντας 'Σύστημα' > 'Μόνιμη αποκρυπτογράφηση διαμερίσματος/οδηγού συστήματος' από την μπάρα μενού του κύριου παραθύρου του VeraCrypt. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Έξοδος; + Το VeraCrypt δεν έχει αρκετές πληροφορίες για να προσδιορίσει αν θα κρυπτογραφήσει ή θα αποκρυπτογραφήσει. + Το VeraCrypt δεν έχει επαρκείς πληροφορίες για να καθορίσει αν θα κρυπτογραφήσει ή θα αποκρυπτογραφήσει.\n\nΣημείωση: Αν αποκρυπτογραφήσατε το διαμέρισμα/συσκευή του συστήματος στο προ-εκκίνησης περιβάλλον, ίσως χρειαστεί να τερματίσετε τη διαδικασία επιλέγοντας Αποκρυπτογράφηση. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption/decryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted or decrypted. You will be able to resume the process of encryption/decryption and it will continue from the point where it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Θέλετε να διακόψετε και αναβάλετε τη διαδικασία κρυπτογράφησης του διαμερίσματος/συσκευής του συστήματος;\n\nΣημείωση: Μπορείτε να επαναφέρετε τη διαδικασία η οποία θα συνεχιστεί από το σημείο που σταμάτησε. Μπορείτε να το κάνετε αυτό επιλέγοντας 'Σύστημα' > 'Επαναφορά σταματημένης διαδικασίας' από την μπάρα μενού του βασικού παράθυρου του VeraCrypt. Αν θέλετε να τερματίσετε μόνιμα ή να αντιστρέψετε τη διαδικασία κρυπτογράφησης, επιλέξτε 'Σύστημα' > 'Μόνιμη αποκρυπτογράφηση διαμερίσματος/συσκευής συστήματος'. + Θέλετε να διακόψετε και αναβάλετε τη διαδικασία αποκρυπτογράφησης του διαμερίσματος/συσκευής του συστήματος;\n\nΣημείωση: Μπορείτε να επαναφέρετε τη διαδικασία η οποία θα συνεχιστεί από το σημείο που σταμάτησε. Μπορείτε να το κάνετε αυτό επιλέγοντας 'Σύστημα' > 'Επαναφορά σταματημένης διαδικασίας' από την μπάρα μενού του βασικού παράθυρου του VeraCrypt. Αν θέλετε να αντιστρέψετε τη διαδικασία αποκρυπτογράφησης (και να ξεκινήσετε την κρυπτογράφηση), επιλέξτε 'Σύστημα' > 'Κρυπτογράφηση διαμερίσματος/συσκευής συστήματος'. + Σφάλμα: Αποτυχία διακοπής διαδικασίας κρυπτογράφησης/αποκρυπτογράφησης του διαμερίσματος/συσκευής του συστήματος. + Error: Failed to interrupt the process of wiping. + Σφάλμα: Αποτυχία επαναφοράς διαδικασίας κρυπτογράφησης/αποκρυπτογράφησης του διαμερίσματος/συσκευής του συστήματος. + Error: Failed to start the process of wiping. + Ασυνέπεια αποκαταστάθηκε.\n\n\n(Αν αναφέρετε ένα σφάλμα σχετικό με αυτή, παρακαλώ συμπεριλάβετε στην αναφορά σφάλματος τις ακόλουθες τεχνικές πληροφορίες: %hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + ΠΡΟΣΟΧΗ: Η εργασία στο παρασκήνιο του VeraCrypt είναι απενεργοποιημένη. Αν κλείσετε το VeraCrypt δε θα ειδοποιηθήτε αν αποτραπεί ζημιά σε κρυφό τόμο.\n\nΣημείωση: Μπορείτε να κλείσετε την εργασία στο παρασκήνιο όποτε θέλετε με δεξί κλικ στο εικονίδιο του χώρου ειδοποιήσεων και επιλέγοντας "Έξοδος".\n\nΕνεργοποίηση της εργασίας στο παρασκήνιο του VeraCrypt; + Έκδοση αρχείου γλώσσας: %s + Έλεγχος του συστήματος αρχείων στον τόμο VeraCrypt που φορτώθηκε ως %s... + Προσπάθεια επιδιόρθωσης συστήματος αρχείων στον τόμο VeraCrypt που φορτώθηκε ως %s... + Προσοχή: Αυτός ο τόμος έχει κρυπτογραφηθεί με παλαιό κρυπτογράφο.\n\nΌλοι οι κρυπτογράφοι 64-bit-μπλοκ (π.χ. Blowfish, CAST-128, ή Triple DES) δε συνίστανται. Θα υπάρχει δυνατότητα φόρτωσης αυτού του τόμου χρησιμοποιώντας μελλοντικές εκδόσεις του VeraCrypt, όμως δε θα υπάρξει περαιτέρω βελτίωση αυτών των κρυπτογράφων. Συνιστούμε τη δημιουργία νέου τόμου VeraCrypt κρυπτογραφημένου με κρυπτογράφο 128-bit-μπλοκ (π.χ. AES, Serpent, Twofish, κλπ.) και τη μεταφορά όλων των αρχείων αυτού του τόμου στο νέο. + Το σύστημα σας δεν έχει ρυθμιστεί να αυτοφορτώνει νέους τόμους. Μπορεί να είναι αδύνατο να φορτωθούν τόμοι-συσκευές του VeraCrypt. Η αυτοφόρτωση μπορεί να ενεργοποιηθεί εκτελώντας την ακόλουθη εντολή και κάνοντας επανεκκίνηση.\n\nmountvol.exe /E + Παρακαλώ ορίστε ένα γράμμα οδηγού για το διαμέρισμα/συσκευή πριν συνεχίσετε ("Πίνακας Ελέγχου" > "Επιδόσεις και Συντήρηση" > "Εργαλεία Διαχείρισης" > "Διαχείριση Υπολογιστή" > "Διαχείριση Δίσκων").\n\nΣημειώστε ότι αυτό είναι μια απαίτηση του λειτουργικού συστήματος. + Φόρτωση τόμου VeraCrypt + Εκφόρτωση όλων των τόμων VeraCrypt + Το VeraCrypt απέτυχε να αποκτήσει δικαιώματα Διαχειριστή. + Η πρόσβαση απορρίφθηκε από το λειτουργικό σύστημα.\n\nΠιθανή αιτία: Το λειτουργικό σύστημα απαιτεί να έχετε άδεια ανάγνωσης/εγγραφής (ή δικαιώματα διαχειριστή) για συγκεκριμένους φακέλους, αρχεία και συσκευές για να σας επιτρέπεται να διαβάζετε και να γράφετε δεδομένα από/σε αυτά. Φυσιολογικά, σε ένα χρήστης χωρίς δικαιώματα διαχειριστή επιτρέπεται να δημιουργήσει, προσπελάσει και τροποποιήσει αρχεία στο φάκελο των Εγγράφων του. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + Ο Εκκινητής VeraCrypt χρειάζεται τουλάχιστον 32 KB ελεύθερο χώρο στην αρχή του οδηγού συστήματος (για να αποθηκευτεί εκεί). Δυστυχώς, ο οδηγός σας δεν πληρεί αυτήν την προυπόθεση.\n\nΠαρακαλώ ΜΗΝ το αναφέρετε αυτό σαν πρόβλημα του VeraCrypt. Για να λύσετε αυτό το πρόβλημα, θα πρέπει να κατανέμετε ξανά τα διαμερίσματα του δίσκου και να αφήσετε τα πρώτα 32 KB του δίσκου ελεύθερα (τις περισσότερες φορές θα χρειαστεί να διαγράψετε και να ξαναδημιουργήσετε το πρώτο διαμέρισμα). Συνιστούμε να χρησιμοποιήσετε τον διαχειριστή διαμερισμάτων της Microsoft που είναι διαθέσιμος π.χ. όταν εγκαθιστάτε τα Windows. + Το χαρακτηριστικό δεν υποστηρίζεται στην έκδοση του λειτουργικού συστήματος που χρησιμοποιείτε. + Το VeraCrypt δεν υποστηρίζει κρυπτογράφηση διαμερίσματος/συσκευής του συστήματος στην έκδοση του λειτουργικού συστήματος που χρησιμοποιείτε. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Ο οδηγός του συστήματος σας έχει GUID κατάλογο διαμερισμάτων (GPT). Προς το παρόν, μόνο οδηγοί με MBR κατάλογο διαμερισμάτων υποστηρίζονται. + ΠΡΟΣΟΧΗ: Ο Εκκινητής VeraCrypt είναι ήδη εγκατεστημένος στον οδηγό του συστήματος σας!\n\nΕίναι πιθανόν ένα άλλο σύστημα στον υπολογιστή σας να είναι ήδη κρυπτογραφημένο.\n\nΠΡΟΣΟΧΗ: Η ΚΡΥΠΤΟΓΡΑΦΗΣΗ ΤΟΥ ΤΡΕΧΟΝΤΟΣ ΣΥΣΤΗΜΑΤΟΣ ΜΠΟΡΕΙ ΝΑ ΚΑΝΕΙ ΑΛΛΑ ΣΥΣΤΗΜΑΤΑ ΑΔΥΝΑΤΑ ΝΑ ΕΚΚΙΝΗΣΟΥΝ ΚΑΙ ΣΧΕΤΙΚΑ ΔΕΔΟΜΕΝΑ ΜΗ ΠΡΟΣΒΑΣΙΜΑ.\n\nΕίστε σίγουρος ότι θέλετε να συνεχίσετε; + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + Ο αυθεντικός εκκινητής συστήματος δε θα αποθηκευτεί στο Δίσκο Ασφαλείας (πιθανόν λόγω απουσίας αρχείου αντιγράφου ασφαλείας). + Αποτυχία εγγραφής τομέα MBR.\n\nΤο BIOS σας μπορεί να είναι ρυθμισμένο να τον προστατεύει. Ελέγξτε τις ρυθμίσεις του BIOS (πιέστε F2, Delete ή Esc, αφού ανοίξετε τον υπολογιστή σας) για προστασία MBR/Antivirus. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + Το διαμέρισμα/συσκευή του συστήματος φαίνεται να είναι εξ'ολοκλήρου κρυπτογραφημένο. + Το VeraCrypt δεν υποστηρίζει κρυπτογράφηση οδηγού συστήματος που έχει μετατραπεί σε ένα δυναμικό δίσκο. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Θέλετε να κρυπτογραφήσετε το διαμέρισμα του συστήματος αντί για όλο τον οδηγό;\n\nΣημειώστε ότι μπορείτε να δημιουργήσετε διαμερίσματα-τόμους VeraCrypt μέσα σε οποιοδήποτε μη-συστήματος διαμέρισμα του οδηγού (επιπλέον της κρυπτογράφησης όλου του διαμερίσματος του συστήματος). + Αφού ο οδηγός του συστήματος σας περιέχει μόνο ένα διαμέρισμα που απασχολεί όλο τον οδηγό, είναι προτιμότερο (πιο ασφαλές) να κρυπτογραφήσετε όλο τον οδηγό συμπεριλαμβανομένου του ελεύθερου χώρου.\n\nΘέλετε να κρυπτογραφήσετε όλο τον οδηγό του συστήματος; + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + Αυτός ο αλγόριθμος προς το παρόν δεν υποστηρίζεται για κρυπτογράφηση συστήματος. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + Προειδοποίηση: Το VeraCrypt δεν μπόρεσε να επαναφέρει την αρχική διάταξη του πληκτρολογίου. Αυτό μπορεί να προκαλέσει εσφαλμένη εισαγωγή κωδικού. + Σφάλμα: Αδυναμία ορισμού διάταξης πληκτρολογίου για το VeraCrypt σε Η.Π.Α..\n\nΣημειώστε ότι ο κωδικός πρέπει να πληκτρολογηθεί στο περιβάλλον πριν την εκκίνηση των Windows όπου μη-Η.Π.Α. διατάξεις πληκτρολογίου δεν είναι διαθέσιμες. Γι'αυτό ο κωδικός πρέπει πάντα να πληκτρολογείται με χρήση διάταξης πληκτρολογίου Η.Π.Α. + Καθώς το VeraCrypt άλλαξε προσωρινά τη διάταξη του πληκτρολογίου σε Η.Π.Α., δεν είναι δυνατόν να πληκτρολογήσετε με το δεξί Alt πατημένο. Ωστόσο, μπορείτε να πληκτρολογήσετε τους περισσότερους τέτοιους χαρακτήρες έχοντας πατημένο το Shift. + Το VeraCrypt απέτρεψε την αλλαγή της διάταξης του πληκτρολογίου. + Σημείωση: Ο κωδικός πρέπει να πληκτρολογηθεί στο προ-εκκίνησης περιβάλλον (πριν εκκινήσουν τα Windows) όπου μη-Η.Π.Α. διατάξεις πληκτρολογίου δεν είναι διαθέσιμες. Γι'αυτό ο κωδικός πρέπει πάντα να πληκτρολογείται χρησιμοποιώντας διάταξη πληκτρολογίου Η.Π.Α. Ωστόσο σημειώστε ότι ΔΕ χρειάζεστε ένα πραγματικό πληκτρολόγιο Η.Π.Α. Το VeraCrypt διασφαλίζει αυτόματα ότι μπορείτε να τυπώσετε ασφαλώς τον κωδικό (τώρα και στο προ-εκκίνησης περιβάλλον) ακόμα και αν ΔΕΝ έχετε ένα πραγματικό πληκτρολόγιο Η.Π.Α. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + Σφάλμα: Αδυναμία αποθήκευσης ρυθμίσεων κρυπτογράφησης συστήματος. + Αδυναμία αρχικοποίησης προεξέτασης κρυπτογράφησης συστήματος. + Cannot initiate the process of creation of the hidden operating system. + Μέθοδος ασφαλούς διαγραφής + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + Κανένα (γρηγορότερο) + 1 πέρασμα (τυχαία δεδομένα) + 3 περάσματα (US DoD 5220.22-M) + 7 περάσματα (US DoD 5220.22-M) + 35 περάσματα ("Gutmann") + 256 περάσματα + Αριθμός λειτουργικών συστημάτων + ΠΡΟΣΟΧΗ: Άπειροι χρήστες δεν πρέπει να επιχειρούν να κρυπτογραφήσουν τα Windows σε διαμορφώσεις πολλαπλής εκκίνησης.\n\nΣυνέχεια; + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Οδηγός εκκίνησης + Είναι το τρέχων λειτουργικό σύστημα εγκατεστημένο στον οδηγό εκκίνησης;\n\nΣημείωση: Μερικές φορές τα Windows δεν είναι εγκατεστημένα στον ίδιο οδηγό με τον εκκινητή των Windows (διαμέρισμα εκκίνησης). Αν ισχύει αυτό, επιλέξτε 'Όχι'. + Το VeraCrypt προς το παρόν δεν υποστηρίζει κρυπτογράφηση λειτουργικού συστήματος που δεν εκκινεί απ'τον οδηγό που είναι εγκατεστημένο. + Αριθμός οδηγών συστήματος + Πόσοι οδηγοί περιέχουν λειτουργικό σύστημα;\n\nΣημείωση: Π.χ. αν έχετε ένα λειτουργικό (Windows, Mac OS X, Linux κλπ.) εγκατεστημένο στον πρωτεύοντα οδηγό και πρόσθετο λειτουργικό στον δευτερεύοντα, επιλέξτε '2 ή περισσότερα'. + Το VeraCrypt προς το παρόν δεν υποστηρίζει κρυπτογράφηση ολόκληρου οδηγού που περιέχει πολλά λειτουργικά συστήματα.\n\nΔυνατές λύσεις:\n\n- Μπορείτε να κρυπτογραφήσετε ένα από τα συστήματα αν πάτε πίσω και επιλέξετε να κρυπτογραφήσετε μόνο ένα διαμέρισμα συστήματος (αντί να επιλέξετε κρυπτογράφηση όλου του οδηγού συστήματος).\n\n- Εναλλακτικά, μπορείτε να κρυπτογραφήσετε όλον τον οδηγό αν μετακινήσετε μερικά από τα συστήματα του σε άλλους οδηγούς και αφήσετε μόνο ένα. + Πολλά συστήματα σε έναν οδηγό + Υπάρχουν άλλα λειτουργικά συστήματα εγκατεστημένα στον οδηγό που είναι εγκατεστημένο το τρέχον λειτουργικό;\n\nΣημείωση: Π.χ. αν το τρέχων λειτουργικό είναι εγκατεστημένο στον οδηγό #0, που περιέχει διαμερίσματα και αν ένα από αυτά περιέχει τα Windows και ένα άλλο περιέχει άλλο λειτουργικό (Windows, Mac OS X, Linux κλπ.), επιλέξτε 'Ναι'. + Μη-Windows εκκινητής + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + Πολλαπλής εκκίνησης + Το VeraCrypt προς το παρόν δεν υποστηρίζει διαμορφώσεις πολλαπλής εκκίνησης στις οποίες μη-Windows εκκινητής είναι εγκατεστημένος στο Βασικό Αρχείο Εκκίνησης (MBR).\n\nΔυνατές λύσεις:\n\n- Αν χρησιμοποιείτε διαχειριστή εκκίνησης για τα Windows και το Linux, μετακινήστε τον (συνήθως τον GRUB) απ'το MBR σε ένα διαμέρισμα. Έπειτα ξαναεκκινήστε αυτόν τον Οδηγό και κρυπτογραφήστε το διαμέρισμα/οδηγό του συστήματος. Σημειώστε ότι ο Εκκινητής VeraCrypt θα γίνει ο πρωτεύων διαχειριστής εκκίνησης σας και θα σας επιτρέπει να εκκινήσετε τον πρωταρχικό διαχειριστή (π.χ. GRUB) ως δευτερεύοντα (πιέζοντας Esc στην οθόνη του Εκκινητή VeraCrypt) και έτσι να εκκινήσετε το Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + Εντοπισμός κρυφών τομέων + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + Περιοχή προς κρυπτογράφηση + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Συλλογή τυχαίων δεδομένων + Τα κλειδιά δημιουργήθηκαν + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Εγγραφή Δίσκου Ασφαλείας + Ο Δίσκος Ασφαλείας δημιουργήθηκε + Προέλεγχος κρυπτογράφησης συστήματος + Ο Δίσκος Ασφαλείας επαληθεύτηκε + \nΟ Δίσκος Ασφαλείας VeraCrypt επαληθεύτηκε επιτυχώς. Παρακαλώ αφαιρέστε τον από τον οδηγό και τοποθετήστε τον σε ασφαλές μέρος.\n\nΠιέστε Επόμενο για να συνεχίσετε. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + Προσοχή: Λόγω τεχνικών περιορισμών του περιβάλλοντος πριν την εκκίνηση (πριν τα Windows εκκινήσουν), κείμενα που εμφανίζονται σ'αυτό από το VeraCrypt δεν μπορούν να εμφανιστούν στην τοπική γλώσσα. Το περιβάλλον εργασίας του Εκκινητή VeraCrypt είναι αποκλειστικά στα Αγγλικά.\n\nΣυνέχεια; + Πριν κρυπτογραφήσετε το διαμέρισμα ή οδηγό του συστήματος σας, το VeraCrypt χρειάζεται να επαληθεύσει ότι δουλεύει σωστά.\n\nΑφού πιέσετε Δοκιμή, όλα τα απαραίτητα στοιχεία (π.χ. ο Εκκινητής VeraCrypt) θα εγκατασταθούν και ο υπολογιστής θα επανεκκινηθεί. Μετά θα πρέπει να εισάγετε τον κωδικό σας στην οθόνη του Εκκινητή VeraCrypt που θα εμφανιστεί πριν εκκινήσουν τα Windows. Μετά την εκκίνηση των Windows, θα ενημερωθείτε αυτόματα για τα αποτελέσματα αυτού του προέλεγχου.\n\nΗ ακόλουθη συσκευή θα τροποποιηθεί: Οδηγός #%d\n\n\nΑν πιέστε τώρα Ακύρωση, τίποτα δε θα εγκατασταθεί και ο προέλεγχος δε θα πραγματοποιηθεί. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Ο προέλεγχος ολοκληρώθηκε + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + Θέλετε να ακυρώσετε τον προέλεγχο της κρυπτογράφησης συστήματος; + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + Το διαμέρισμα/οδηγός του συστήματος δε φαίνεται κρυπτογραφημένο (ούτε μερικώς ούτε ολόκληρο). + Το διαμέρισμα/οδηγός του συστήματος είναι κρυπτογραφημένο (μερικώς ή ολόκληρο).\n\nΠαρακαλώ αποκρυπτογραφήστε το ολοκληρωτικά πριν συνεχίσετε. Για να το κάνετε αυτό, επιλέξτε 'Σύστημα' > 'Μόνιμη αποκρυπτογράφηση διαμερίσματος/οδηγού συστήματος' από το μενού του κύριου παράθυρου του VeraCrypt. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Το διαμέρισμα/οδηγός του συστήματος αυτή τη στιγμή κρυπτογραφείται, αποκρυπτογραφείται ή τροποποιείται. Παρακαλώ διακόψτε τη διαδικασία κρυπτογράφησης, αποκρυπτογράφησης ή τροποποίησης (ή περιμένετε να ολοκληρωθεί) πριν συνεχίσετε. + Μια διεργασία του Οδηγου Δημιουργίας Τόμου τρέχει τώρα στο σύστημα και διενεργεί ή προετοιμάζει κρυπτογράφηση/αποκρυπτογράφηση του διαμερίσματος/οδηγού του συστήματος. Πριν συνεχίσετε, παρακαλώ περιμένετε να τελειώσει ή κλείστε τον. Αν δεν μπορείτε να τον κλείσετε, παρακαλώ κάντε επανεκκίνηση πριν συνεχίσετε. + Η διαδικασία κρυπτογράφησης ή αποκρυπτογράφησης του διαμερίσματος/οδηγού του συστήματος δεν έχει ολοκληρωθεί. Παρακαλώ περιμένετε να ολοκληρωθεί πριν συνεχίσετε. + Σφάλμα: Η διαδικασία κρυπτογράφησης του διαμερίσματος/οδηγού δεν ολοκληρώθηκε. Πρέπει πρώτα να ολοκληρωθεί. + Error: The process of encryption or decryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + Σφάλμα: Λάθος/άκυρη παράμετρος. + Επιλέξατε διαμέρισμα ή συσκευή αλλά ο Οδηγός που επιλέξατε είναι μόνο για αρχεία-τόμους.\n\nΘέλετε να αλλάξετε τον Οδηγό; + Θέλετε να δημιουργήσετε ένα αρχείο-τόμο VeraCrypt αντ'αυτού; + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Είστε σίγουρος ότι θέλετε να αποκρυπτογραφήσετε μόνιμα το διαμέρισμα/συσκευή του συστήματος; + ΠΡΟΣΟΧΗ: Αν αποκρυπτογραφήσετε μόνιμα το διαμέρισμα/συσκευή του συστήματος, μη-κρυπτογραφημένα δεδομένα θα γραφούν σ'αυτό.\n\nΕίστε απόλυτα σίγουρος ότι θέλετε να αποκρυπτογραφήσετε μόνιμα το διαμέρισμα/συσκευή του συστήματος; + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + Αν αντιμετωπίσετε κάποιο από τα προαναφερθέντα προβλήματα, αποκρυπτογραφήστε το διαμέρισμα/οδηγό (αν είναι κρυπτογραφημένο) και δοκιμάστε να το κρυπτογραφήσετε χρησιμοποιώντας έναν όχι σε σειρά αλγόριθμο κρυπτογράφησης (π.χ. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + Ο Εκκινητής VeraCrypt αναβαθμίστηκε.\n\nΣυνίσταται να δημιουργήσετε ένα νέο Δίσκο Ασφαλείας VeraCrypt (ο οποίος θα περιέχει τη νέα έκδοση του Εκκινητή VeraCrypt) επιλέγοντας 'Σύστημα' > 'Δημιουργία Δίσκου Ασφαλείας' αφού επανεκκίνησετε τον υπολογιστή σας. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Αποτυχία αναβάθμισης Εκκινητή VeraCrypt. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + ΠΡΟΣΟΧΗ: Φαίνεται ότι το VeraCrypt ήδη προσπάθησε να εντοπίσει κρυφούς τομείς σ'αυτόν τον οδηγό του συστήματος. Αν συναντήσατε προβλήματα κατά την προηγούμενη διαδικασία εντοπισμού, μπορείτε να τα αποφύγετε παρακάμπτοντας τον εντοπισμό κρυφών τομέων τώρα. Σημειώστε ότι αν το κάνετε αυτό, το VeraCrypt θα χρησιμοποιήσει το μέγεθος που αναφέρθηκε από το λειτουργικό σύστημα (που μπορεί να είναι μικρότερο από το πραγματικό μέγεθος του οδηγού).\n\nΣημειώστε ότι αυτό το πρόβλημα δεν προκαλείται από το VeraCrypt. + Παράκαμψη εντοπισμού κρυφών τομέων (χρήση μεγέθους που αναφέρθηκε από το λειτουργικό σύστημα) + Επανάληψη εντοπισμού κρυφών τομέων + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Δίσκος Ασφαλείας + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Έλεγχος + Αρχείο-κλειδί + Backspace + Tab + Clear + Enter + Pause + Caps Lock + Spacebar + Page Up + Page Down + End + Home + Left Arrow + Up Arrow + Right Arrow + Down Arrow + Select Key + Print Key + Execute Key + Print Screen + Insert + Delete + Applications Key + Sleep + Num Lock + Scroll Lock + Browser Back + Browser Forward + Browser Refresh + Browser Stop + Browser Search + Browser Favorites + Browser Home + Mute + Volume Down + Volume Up + Next Track + Previous Track + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Application 1 + Application 2 + Attn + CrSel + ExSel + Play + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.es.xml b/Translations/Language.es.xml index b5931fb7..af9282b6 100644 --- a/Translations/Language.es.xml +++ b/Translations/Language.es.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Cancelar - Instalar &para todos los usuarios - Exa&minar... - Añadir icono de VeraCrypt al e&scritorio - Donar ahora... - Asociar los archivos .hc &con VeraCrypt - &Abrir ubicación de destino al terminar - Añadir VeraCrypt al Menú &Inicio - Crear Punto de &Restauración de Sistema - &Desinstalar - &Extraer - &Instalar - Asistente de Instalación de VeraCrypt - Desinstalar VeraCrypt - &Ayuda - Seleccione o escriba la ubicación donde desea extraer los archivos: - Seleccione o escriba la ubicación donde desea instalar los archivos de VeraCrypt. Si la ubicación seleccionada no existe, ésta será creada automáticamente. - Presione Desinstalar para eliminar VeraCrypt de este sistema. - Abortar - &Comparación - &Probar - Crear volumen cifrado y formatearlo - Cifrar partición conservando datos - Mostrar claves generadas (parte de ellas) - Mostrar contenido del pool - Descargar software de grabación de CD/DVD - Crear un contenedor de archivos cifrado - &GB - &TB - Más información - Volumen VeraCrypt o&culto - Más información acerca de volúmenes ocultos - Modo Directo - Modo Normal - &KB - U&sar archivo-llave - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - A&rchivos-llave - Información de algoritmos hash - Más información - Information on PIM - &MB - Más informacion - Más información sobre cifrado del sistema - Más información - Arranque múltiple - Cifrar partición/unidad secundaria - No &guardar nunca historial - Abrir Volumen Externo - &Pausa - Use P&IM - Use PIM - Formato Rápido - &Mostrar contraseña - &Mostrar contraseña - &Display PIM - Arranque simple - Volumen VeraCrypt común - &Oculto - Normal - Cifrar la partición/unidad del sistema entera - Cifrar la partición de Windows - Cifrar toda la unidad - Asistente de creación de Volumen VeraCrypt - Cluster - IMPORTANTE: Mueva el ratón al azar todo lo posible dentro de esta ventana. Cuanto más lo mueva, mejor. Esto incrementa significativamente la fuerza criptográfica de las claves de cifrado. Luego presione Siguiente para continuar. - &Confirmar: - Hecho - Drive letter: - Algoritmo de Cifrado - Sistema de archivos. - Crea un disco cifrado virtual dentro de un archivo. Recomendado para usuarios sin experiencia. - Opciones - Algoritmo Hash - Clave Cabecera: - Quedan - Clave Maestra: - Seleccione esta opción si hay dos o más sistemas operativos instalados en este ordenador.\n\nPor ejemplo:\n- Windows XP y Windows XP\n- Windows XP y Windows Vista\n- Windows y Mac OS X\n- Windows y Linux\n- Windows, Linux y Mac OS X - Cifra una partición en cualquier unidad interna o externa (ej: unidad flash). Opcionalmente, crea un volúmen oculto. - Contenido actual del pool (parcial) - Pasada - Contraseña: - Volume PIM: - Volume PIM: - Progreso: - Pool Aleatorio: - Seleccione esta opción si hay solo un sistema operativo instalado en este ordenador (aunque tenga varios usuarios). - Velocidad - Estado - Las claves, sal y otros datos han sido generados con éxito. Si quiere generar nuevas claves, presione Volver y luego Siguiente. Si no, presione Siguiente para continuar. - Cifra la partición/unidad donde Windows está instalado. Cualquiera que quiera acceder al sistema, leer y escribir archivos, etc. tendrá que introducir la contraseña antes de arrancar Windows. Opcionalmente, crea un sistema oculto. - Seleccione esta opción para cifrar la partición donde está instalado el sistema operativo Windows que hay ahora mismo en ejecución. - Volume Label in Windows: - Modo de borrado seguro: - Cerrar - Permitir esquivar &autenticación de pre-arranque pulsando Esc (habilita el administrador de arranque) - No hacer nada - Montar &Automáticamente volumen VeraCrypt (especificado debajo) - &Iniciar VeraCrypt - &Detección automática - Guardar contraseña de autenticación de pre-arranque en &caché (para montar volúmenes secundarios) - Explorar... - Explorar... - Guardar contras&eñas y archivos en caché - Salir cuando no haya volúmenes montados - &Cerrar sesión de token (log out) después de montar un volumen con éxito - Include VeraCrypt Volume Expander - Incluir el Asistente de Creación de Volúmenes VeraCrypt - Crear - &Crear Volumen - No mo&strar texto en la pantalla de autenticación de pre-arranque (excepto el siguiente mensaje) - Disable "Evil Maid" attack detection - Acelerar cifrado/descifrado AES usando instrucciones AES del procesador (si es posible) - Usar Archivo-llave - Usar Archivo-llave - &Salir - Ayuda sobre volúmenes favoritos - No montar volumen seleccionado cuando se pulse la &tecla 'Montar volúmenes favoritos' - Montar volumen seleccionado cuando el dispositivo anfitrión se &conecte - Montar volumen seleccionado al inici&o - Montar volumen seleccionado e&n modo de sólo lectura - Montar &volumen seleccionado como medio extraíble - Mover &abajo - Mover arri&ba - Abrir en el &explorador el volumen seleccionado cuando sea montado con éxito - Elimina&r - Use favorite label as Explorer drive label - Configuración global - Mostrar mensaje emergente tras desmontar con éxito usando atajos de teclado - Reproducir notificación sonora tras desmontar con éxito usando atajos de teclado - Alt - Ctrl - Mayus. - Win - Asignar - Eliminar - Archivos-llave - No usar el siguiente número de procesadores para cifrado/descifrado: - Más información - Más información - Más opciones - Montar &Autom. - &Opciones Montaje - Montar volumen como sól&o lectura - Archivos-llave - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Activado - Guardar contraseñas en caché - Desmontar volumen autom. cuando dejen de leerse/escribirse datos - Si el usuario cierra sesión - User session locked - Si se entra en "ahorro de energía" - Si se activa el salvapantallas - Forzar desmontaje automático aunque el volumen tenga archivos abiertos - Montar todos los volúmenes alojados en dispositivos - Iniciar VeraCrypt en segundo plano - Montar volúmenes como sólo lectura - Montar volúmenes como medios extraíbles - Abrir en el &explorador el volumen montado con éxito - Temporary Cache password during "Mount Favorite Volumes" operations - Usar icono distinto en la barra de tareas si hay volúmenes montados - Eliminar contraseñas guardadas al desmontar automáticamente - Eliminar contraseñas guardadas al salir - Conservar modificaciones de fecha/hora de los contenedores - Por defecto - Seleccionar D&ispositivo - Seleccionar A&rchivo - Seleccionar &Librería - Mostrar contraseña - Mostrar contraseña - Abrir en el &explorador el volumen montado - Guardar &contraseña en caché - TrueCrypt Mode - &Desmontar Todo - Propiedades del &Volumen - Herramien&tas de volumen - &Borrar Caché - VeraCrypt - Mount Parameters - VeraCrypt - Volúmenes favoritos - VeraCrypt - Atajos de teclado para sistema completo - VeraCrypt - Cambiar contraseña o archivo-llave - Introducir Contraseña de Volumen VeraCrypt - VeraCrypt - Opciones de Rendimiento y controladores - VeraCrypt - Preferencias - VeraCrypt - Opciones de cifrado del sistema - VeraCrypt - Preferencias de token de seguridad - Crear Disco Viajero VeraCrypt - Propiedades de Volumen VeraCrypt - Acerca de... - Añadir/Eliminar Archivos-llave a/de Volumen - Añadir Volumen Montado a Favoritos - Añadir Volumen Montado a Favoritos del Sistema - Analizar Fallo del Sistema - Copia de Seguridad de Cabecera de Volumen - Comparación - Establecer Algoritmo de Derivación de Clave de Cabecera - Cambiar Contraseña del Volumen - Establecer Algoritmo de Derivación de Clave de Cabecera - Cambiar Contraseña - Borrar Historial de Volúmenes - Cerrar Sesiones de Token de Seguridad - Contactar - Crear Sistema Operativo Oculto - Crear Disco de Rescate - Crear Nuevo Volumen - Permanently Decrypt... - Archivos-llave Por Defecto - Default Mount Parameters... - Donar ahora... - Cifrar la Partición/Unidad del Sistema - Preguntas Frecuentes - Guía del Usuario - Página &Web - Atajos de teclado - Generador de Archivo-llave - Idioma - Información Legal - Administrar Archivos-llave de Token de Seguridad - Montar autom. todos los volúmenes alojados en cualquier dispositivo - Montar Volúmenes Favoritos - Montar Sin &Autenticación de Pre-Arranque - Montar Volumen - Montar Volumen con Opciones - Noticias - Ayuda en línea - Tutorial del principiante - Organizar Volúmenes Favoritos - Organizar Volúmenes Favoritos del Sistema - Rendimiento/Configuración del controlador - Descifrar Permanentemente la Partición/Unidad del Sistema - Preferencias - Actualizar Letras de Unidad - Eliminar Todos los Archivos-llave de un Volumen - Restaurar Cabecera de Volumen - Continuar Proceso Interrumpido - Seleccionar Dispositivo - Seleccionar Archivo - Continuar Proceso Interrumpido - Cifrado del Sistema - Propiedades - Configuración - Volúmenes Favoritos del Sistema - Descargas - Probar Vectores - Tokens de seguridad - Crear Disco Viajero - Desmontar Todos los Volúmenes Montados - Desmontar Volumen - Verificar Disco de Rescate - Verify Rescue Disk ISO Image - Historial de Versiones - Volume Expander - Propiedades de Volumen - Asistente de Creación de Volumen - Sitio Web de VeraCrypt - Borrar Contraseñas Guardadas - Aceptar - Aceleración Hardware - Atajo de teclado - Configuración de Autoarranque (autorun.inf) - Desmontar automáticamente - Desmontar Todo: - Opciones de Pantalla del Cargador de Arranque - Confirmar Contraseña: - Actual - Mostrar este mensaje personalizado en la pantalla de pre-arranque (24 caracteres max.): - Opciones de Montaje Predeterminadas - Opciones de Atajos de Teclado - Configuración del controlador - Enable extended disk control codes support - Etiqueta del volumen favorito seleccionado: - Opciones del Archivo - Tecla a asignar: - El procesador (CPU) en este ordenador soporta aceleración hardware para AES: - Acciones a realizar al iniciar sesión en Windows - minutos - Montar volumen en letra de unidad: - Ajustes de Montaje - Nueva - Contraseña: - Paralelización basada en hilos - Ruta de Librería PKCS #11 - PKCS-5 PRF: - PKCS-5 PRF: - Caché de Contraseñas - Opciones de seguridad - VeraCrypt en Segundo Plano - Volumen VeraCrypt a montar (relativo a raíz del disco viajero): - Tras la inserción del disco viajero: - Crear archivos del disco viajero en (directorio raíz del disco viajero): - Volumen - Windows - Añadir &Ruta - Probar &Autom. - &Continuar - &Descifrar - &Borrar - Ci&frar - &Exportar - Generar y Guardar Archivo-llave - &Generar Archivo-llave Aleatorio - Descargar paquete de idioma - AES acelerado por hardware: - &Importar Archivo-llave a Token - Añadir Archi&vos - Usar Archivos-llave - &Archivos-llave - Elimina&r - Eliminar &todo - ¿Que es la protección de volumen oculto? - Más información - Montar volumen como unidad &extraíble - Montar partición &usando cifrado del sistema sin autenticación de pre-arranque - Paralelización: - Comparación - &Imprimir - &Proteger volumen oculto contra daños por escritura en el volumen externo - &Reiniciar - Mostrar Contraseña - Archivos &Token - Usar copia de seguridad de cabecera insertada en &volumen si es posible - Modo XTS - Acerca de VeraCrypt - VeraCrypt - Comparación de algoritmos de cifrado - VeraCrypt - Probar Vectores - Ayuda sobre línea de comandos - VeraCrypt - Archivos-llave - VeraCrypt - Generador de Archivos-llave - VeraCrypt - Idioma - VeraCrypt - Opciones de Montaje - Propiedades del Archivo-llave del Nuevo Token de Seguridad - VeraCrypt - Enriquecimiento del Pool Aleatorio - Seleccionar Partición o Dispositivo - VeraCrypt - Archivos-llave de Token de Seguridad - Se requiere contraseña/PIN de token de seguridad - Paquete de idioma activo - La velocidad se ve afectada por la carga de la CPU y las características del dispositivo de almacenamiento.\n\nÉstas pruebas tienen lugar en RAM. - Buffer: - Algoritmo de cifrado: - Contr&aseña volumen oculto:\n(vacío para usar caché) - Protección de Volumen Oculto - Tamaño de la Clave: - IMPORTANTE: Mueva el ratón al azar todo lo posible dentro de esta ventana. Cuanto más lo mueva, mejor. Esto incrementa significativamente la fuerza criptográfica del archivo-llave. - PRECAUCIÓN: ¡si pierde un archivo-llave o si cambian sus primeros 1024 KB, será imposible montar los volúmenes que usan ese archivo-llave! - bits - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Traducido por: - Tamaño del texto plano: - bits - Contenido de Pool Actual - Mezcla PRF: - IMPORTANTE: Mueva el ratón al azar todo lo posible dentro de esta ventana. Cuanto más lo mueva, mejor. Esto incrementa significativamente la seguridad. Cuando lo haya hecho, pulse 'Continuar'. - Clave Secundaria (hexadecimal) - Token de seguridad: - Orden: - Por favor espere. Este proceso puede llevar mucho tiempo... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Número de bloque: - Texto cifrado (hexadecimal) - Datos de la unidad (64-bit hexadecimal, tamaño de la unidad de datos es 512 bytes) - Clave (hexadecimal) - Texto Plano (hexadecimal) - Nombre del Archivo-llave: - Modo XTS - &Sistema - &Volúmenes - Favor&itos - &Herramientas - Confi&guración - A&yuda - Página &Web - - &Acerca de... - No se ha podido cambiar el atributo 'sólo lectura' de su antiguo volumen. Compruebe los permisos de acceso del archivo. - Error: Acceso Denegado\n\nLa partición a la que está intentando acceder no contiene ningún sector o es el dispositivo de arranque. - Administrador - Para cargar el controlador de VeraCrypt necesita iniciar sesión con privilegios de administrador. - Tenga en cuenta que para cifrar/formatear una partición/dispositivo necesita iniciar sesión con privilegios de administrador.\n\nEsto no se aplica a los volúmenes alojados en archivos. - Para crear un volumen oculto necesita iniciar sesión con privilegios de administrador.\n\n¿Desea continuar? - Tenga en cuenta que para formatear el volumen como NTFS necesita iniciar sesión con privilegios de administrador.\n\nSin los privilegios de administrador, sólo puede formatear el volumen como FAT. - Algoritmo aprobado por FIPS (Rijndael, publicado en 1998) que podría ser usado por departamentos y agencias gubernamentales de EEUU para proteger información clasificada hasta el nivel Alto Secreto. Clave de 256-bit, bloque de 128-bit, 14 rondas (AES-256). El modo de operación es XTS. - El volumen ya está montado - PRECAUCIÓN: ¡Por lo menos un algoritmo de cifrado o hash falló durante el proceso automático de autoanálisis!\n\nLa instalación de VeraCrypt podría estar corrupta. - PRECAUCIÓN: No hay suficientes datos en el Generador de Números Aleatorios para proporcionar la cantidad requerida de datos aleatorios.\n\nNo debería continuar. Seleccione 'Informar de un error' en el Menú Ayuda, y reporte este error. - La unidad está dañada (hay algún defecto físico en ella) o un cable está dañado, o la memoria está funcionando incorrectamente.\n\nTenga en cuenta que el problema está en su hardware, no en VeraCrypt. Por tanto, por favor NO reporte esto como un error/problema de VeraCrypt y NO pida ayuda sobre esto en los foros de VeraCrypt. Contacte con el equipo de soporte técnico del fabricante de su ordenador para obtener asistencia. Gracias.\n\nNota: Si el error ocurre repetidamente en el mismo sitio, es muy probable que esté causado por un bloque defectuoso, lo que podría corregirse usando software de terceros (tenga en cuenta que, en muchos casos, el comando 'chkdsk /r' no puede corregirlo porque trabaja sólo a nivel del sistema de archivos; en algunos casos, la herramienta 'chkdsk' no puede ni detectarlo). - Si está accediendo a una unidad de medios extraíbles, asegúrese de que haya un medio introducido en la unidad. La unidad/medio también podría estar dañada (podría haber un defecto físico en ella) o un cable podría estar dañado/desconectado. - Su sistema parece estar usando controladores de chipset personalizados defectuosos que impiden el cifrado de la unidad del sistema completa.\n\nIntente actualizar o desinstalar cualquier controlador de chipset personalizado (que no sea de Microsoft) antes de continuar. Si esto no funciona, intente cifrar sólo la partición del sistema. - Letra de unidad incorrecta. - Ruta incorrecta. - Cancelar - No se puede acceder a la unidad. Asegúrese de que la unidad seleccionada existe y que no está siendo utilizada por el sistema. - Precaución: El bloqueo de mayúsculas está activado. Esto puede provocar que introduzca su contraseña incorrectamente. - Tipo de Volumen - Podría suceder que alguien le obligara a revelar la contraseña de un volumen cifrado. Hay muchas situaciones en las que no podría negarse a revelar la contraseña (por ejemplo, debido a la extorsión). Usar el llamado "volumen oculto" le permite resolver estas situaciones sin revelar la contraseña de su volumen. - Seleccione esta opción si quiere crear un volumen VeraCrypt normal. - Tenga en cuenta que si desea que un sistema operativo sea instalado en un volumen alojado en una partición oculta, entonces la unidad del sistema entera no puede ser cifrada usando una única clave. - Opciones de cifrado del volumen externo - Opciones de cifrado del volumen oculto - Opciones de cifrado - AVISO: ¡Fallo al borrar la ruta del último volumen/archivo-clave seleccionado (almacenado por el selector de archivos)! - Error: El contenedor ha sido comprimido a nivel del sistema de archivos. VeraCrypt no soporta contenedores comprimidos (la compresión de información cifrada es redundante e inefectiva).\n\nDeshabilite la compresión del contenedor siguiendo estos pasos:\n1) Click derecho en el contenedor desde el explorador de Windows (no desde VeraCrypt).\n2) Seleccione 'Propiedades'.\n3) En la ventana de 'Propiedades', click en 'Opciones Avanzadas'.\n4) En la ventana 'Atributos avanzados', desactive la opción 'Comprimir contenido para ahorrar espacio en disco' y haga click en 'Aceptar'.\n5) En 'Propiedades', click en 'Aceptar'. - Falló la creación del volumen %s - El tamaño de %s es %.2f bytes - El tamaño de %s es %.2f KB - El tamaño de %s es %.2f MB - El tamaño de %s es %.2f GB - El tamaño de %s es %.2f TB - El tamaño de %s es %.2f PB - AVISO: El dispositivo/partición está siendo utilizado por el sistema operativo o una aplicación. Formatear el dispositivo/partición puede causar corrupción de datos e inestabilidad del sistema.\n\n¿Continuar? - Aviso: La partición está siendo usada por el sistema operativo o una aplicación. Debería cerrar cualquier aplicación que pueda estar usando la partición (incluyendo antivirus).\n\n¿Continuar? - Error: El dispositivo/partición contiene un sistema de archivos que no puede ser desmontado. El sistema de archivos puede estar en uso por el sistema operativo. Formatear el dispositivo/partición muy probablemente causará corrupción de datos e inestabilidad del sistema.\n\nPara solucionarlo, recomendamos que primero borre la partición y luego la vuelva a crear sin formatearla. Para hacerlo siga estos pasos:\n1) Click derecho en 'Mi PC' o 'Equipo' en el 'Menú inicio' y seleccione 'Administrar'. Aparecerá la ventana 'Administración de equipos'.\n2) En dicha ventana, seleccione 'Almacenamiento' > 'Administración de discos'.\n3) Click derecho en la partición que desea cifrar y seleccione 'Borrar la partición', 'Borrar Volumen' o 'Borrar unidad lógica'.\n4) Click en 'Aceptar'. Si Windows pregunta si quiere reiniciar el ordenador, hágalo. Entonces repita los pasos 1 y 2 y continúe desde el paso 5. 5)\nClick derecho en el área no asignada/espacio libre y seleccione 'Partición nueva', 'Volumen simple nuevo' o 'Unidad lógica nueva'.\n6) El 'Asistente de partición nueva' o 'Asistente de volumen simple nuevo' deberá aparecer; siga las instrucciones. Cuando en el asistente indique 'Formatear Partición', seleccione 'No formatear esta partición' o 'No formatear este volumen'. En el mismo asistente, click en 'Siguiente' y despues en 'Finalizar'.\n7) La ruta del dispositivo seleccinado en VeraCrypt podría ser incorrecta ahora. Por tanto, salga del Asistente de Creación de Volúmenes VeraCrypt (si aún está en ejecución) y ábralo de nuevo.\n8) Intente cifrar nuevamente el dispositivo/partición.\n\nSi VeraCrypt falla repetidamente al cifrar el dispositivo/partición, considere crear un contenedor de archivos en su lugar. - Error: El sistema de archivos no pudo ser bloqueado y/o desmontado. Podría estar siendo usado por el sistema operativo o alguna aplicación (como un antivirus). Cifrar la partición podría causar corrupción de datos e inestabilidad del sistema.\n\nPor favor cierre cualquier aplicación que pueda estar usando el sistema de archivos (incluyendo antivirus) y reinténtelo. Si esto no funciona, siga los pasos que hay más abajo. - AVISO: ¡Algunos de los dispositivos/particiones montados están en uso!\n\nIgnorar esto puede causar resultados no deseados incluyendo inestabilidad del sistema.\n\nSe recomienda encarecidamente que cierre cualquier aplicación que esté usando el dispositivo/partición. - El dispositivo seleccionado contiene particiones.\n\nFormatear el dispositivo puede causar inestabilidad del sistema y/o corrupción de datos. Seleccione una partición en el dispositivo o elimine todas las particiones del dispositivo para permitir que VeraCrypt lo formatee con seguridad. - El dispositivo secundario seleccionado contiene particiones.\n\nLos volúmenes VeraCrypt cifrados alojados en dispositivos pueden ser creados en dispositivos que no contienen particiones (incluyendo discos duros y unidades de estado sólido). Un dispositivo que contiene particiones puede ser cifrado por completo sin modificarlas (usando una única clave maestra) sólo si es la unidad donde Windows está instalado y desde la que arranca.\n\nSi desea cifrar el dispositivo secundario seleccionado usando una única clave maestra, necesitará eliminar antes todas las particiones del dispositivo para permitir que VeraCrypt lo formatee con seguridad (formatear un dispositivo que contiene particiones podría causar inestabilidad del sistema y/o corrupción de datos). Como alternativa, puede cifrar cada partición del dispositivo individualmente (cada partición será cifrada usando una clave maestra diferente).\n\nNota: Si desea eliminar todas las particiones de un disco GPT, podría necesitar convertirlo primero en un disco MBR (usando p.e. el Administrador de Equipos) para eliminar particiones ocultas. - Aviso: si cifra el dispositivo entero (en lugar de cifrar sólo una de sus particiones), los sistemas operativos considerarán el dispositivo como nuevo, vacío y no formateado (ya que no contendrá tabla de particiones) y podrían iniciar espontáneamente el dispositivo (o preguntarle si desea hacerlo), lo que podría dañar el volumen. Además, no será posible montar consistentemente el volumen como favorito (p.e. cuando cambie el número de unidad) o asignarle una letra de volumen favorita.\n\nPara evitar esto, considere crear una partición en el dispositivo y cifrar la partición.\n\n¿Seguro que desea cifrar el dispositivo entero? - IMPORTANTE: ¡Tenga presente que este volumen NO puede ser montado/accedido usando la letra de unidad %c:, la cual está actualmente asignada al mismo!\n\nPara montar este volumen, haga click en 'Montar Autom.' en la ventana principal de VeraCrypt (o también, en dicha ventana, click en 'Seleccionar Dispositivo', seleccione esta partición/dispositivo y pulse 'Montar'). El volumen será montado en una letra de unidad diferente, que podrá elegir de la lista de la ventana principal de VeraCrypt.\n\nLa letra original de unidad %c: debería usarse sólo en caso de que necesite eliminar el cifrado de la partición/unidad (p.e. si ya no necesitará cifrado). En ese caso, haga click derecho en la letra de unidad %c: en la lista de 'Equipo' (o 'Mi PC') y seleccione 'Formatear'. De otro modo, la letra de unidad %c: nunca debería ser usada (a menos que la elimine, como se describe p.e. en la FAQ de VeraCrypt, y la asigne a otra partición/dispositivo). - El cifrado de volúmenes secundarios conservando datos no está soportado por la versión del sistema operativo que está usando actualmente (sólo está soportado en Windows Vista y versiones posteriores de Windows).\n\nLa razón es que esta versión de Windows no soporta la compresión del sistema de archivos (el sistema de archivos necesita ser comprimido para crear espacio para la cabecera del volumen y su copia de seguridad). - La partición seleccionada no parece contener un sistema de archivos NTFS. Sólo las particiones con sistema de archivos NTFS pueden ser cifradas conservando datos.\n\nNota: La razón es que esta versión de Windows no soporta la compresión de otros tipos de sistemas de archivos (el sistema de archivos necesita ser comprimido para crear espacio para la cabecera del volumen y su copia de seguridad). - La partición seleccionada no parece contener un sistema de archivos NTFS. Sólo las particiones con sistema de archivos NTFS pueden ser cifradas conservando datos.\n\nSi desea crear un volumen cifrado VeraCrypt dentro de esta partición, elija la opción "Crear volumen cifrado y formatearlo" (en lugar de la opción "Cifrar partición sin modificadión de datos"). - Error: La partición es demasiado pequeña. VeraCrypt no puede cifrarla conservando datos. - Para cifrar los datos de esta partición, siga estos pasos:\n\n1) Cree un volumen VeraCrypt en una partición/dispositivo vacío y móntelo.\n\n2) Copie en dicho volumen VeraCrypt todos los archivos de la partición que iba a ser cifrada originalmente. De esta forma, ud. creará una copia de seguridad cifrada de los datos.\n\n3) Cree un volumen VeraCrypt en la partición que quería cifrar originalmente y asegúrese de (en el asistente VeraCrypt) elegir la opción "Crear volumen cifrado y formatearlo" (en lugar de la opción "Cifrar partición conservando datos"). Tenga en cuenta que todos los datos almacenados en la partición serán borrados. Después de crear el volumen, móntelo.\n\n4) Copie todos los archivos del volumen VeraCrypt montado como copia de seguridad (el que fue creado en el paso 1) al volumen VeraCrypt montado que ha sido creado (y montado) en el paso 3.\n\nDespués de completar estos pasos, los datos estarán cifrados y, además, habrá una copia de seguridad cifrada de los datos. - VeraCrypt sólo puede cifrar conservando datos una partición, un volumen dinámico o la unidad del sistema entera.\n\nSi desea crear un volumen VeraCrypt cifrado en el dispositivo secundario seleccionado, elija la opción "Crear volumen cifrado y formatearlo" (en lugar de la opción "Cifrar partición conservando datos"). - Error: VeraCrypt sólo puede cifrar conservando datos una partición, un volumen dinámico, o la unidad del sistema entera. Por favor asegúrese de que la ruta especificada es válida. - Error: No se puede comprimir el sistema de archivos (el sistema de archivos necesita ser comprimido para crear espacio para la cabecera del volumen y su copia de seguridad).\n\nPosibles causas y soluciones:\n\n- No hay suficiente espacio libre en el volumen. Asegúrese de que no hay ninguna otra aplicación escribiendo en el sistema de archivos.\n\n- Sistema de archivos corrupto. Intente comprobarlo y corregir los errores (click derecho en la letra de unidad correspondiente en 'Equipo', seleccione Propiedades > Herramientas > 'Comprobar ahora', asegúrese de que la opción 'Reparar automáticamente errores en el sistema de archivos' está activada y click en Iniciar).\n\nSi esto no funciona, siga los pasos que aparecen más abajo. - Error: No hay suficiente espacio libre en el volumen por lo que el sistema de archivos no puede ser comprimido (el sistema de archivos necesita ser comprimido para crear espacio para la cabecera del volumen y su copia de seguridad).\n\nElimine cualquier archivo innecesario y vacíe la Papelera de Reciclaje para liberar al menos 256 KB e inténtelo de nuevo. Tenga en cuenta que debido a una característica de Windows, la cantidad de espacio libre reportada por el explorador de Windows podría ser incorrecta hasta que el sistema operativo se reinicie. Si reiniciar el sistema no ayuda, el sistema de archivos podría estar corrupto. Intente comprobarlo y corregir cualquier error (click derecho en la letra de unidad correspondiente en 'Equipo', seleccione Propiedades > Herramientas > 'Comprobar ahora', asegúrese de que la opción 'Reparar automáticamente errores en el sistema de archivos' está activada y click en Iniciar).\n\nSi esto no funciona, siga los pasos que aparecen más abajo. - El espacio libre en la unidad %s es %.2f bytes. - El espacio libre en la unidad %s es %.2f KB - El espacio libre en la unidad %s es %.2f MB - El espacio libre en la unidad %s es %.2f GB - El espacio libre en la unidad %s es %.2f TB - El espacio libre en la unidad %s es %.2f PB - No se han podido obtener letras de unidad disponibles. - Error: No se ha encontrado el controlador de VeraCrypt.\n\nCopie los archivos 'veracrypt.sys' y 'veracrypt-x64.sys' al directorio donde está ubicada la aplicación principal (VeraCrypt.exe). - Error: Se está ejecutando una versión incompatible del controlador VeraCrypt.\n\nSi está intentando ejecutar VeraCrypt en modo portable (p.e. sin instalarlo) y ya hay instalada una versión diferente de VeraCrypt, debe desinstalar dicha versión primero (o actualizarla usando el instalador de VeraCrypt). Para desinstalarla, siga estos pasos: En Windows Vista o posterior, seleccione 'Menú Inicio' > Equipo > 'Desinstalar o cambiar un programa' > VeraCrypt > Desinstalar; en Windows XP, seleccione 'Menú Inicio' > Panel de control > 'Agregar o quitar programas' > VeraCrypt > Quitar.\n\nDel mismo modo, si está intentando ejecutar VeraCrypt en modo portable (p.e. sin instalarlo) y hay una versión diferente de VeraCrypt ejecutándose en modo portable, debe reiniciar el sistema primero y ejecutar únicamente esta nueva versión. - Error: Fallo en la inicialización del algoritmo de cifrado. - Error: Se ha detectado una clave débil o potencialmente débil. La clave será descartada. Inténtelo de nuevo. - Ha ocurrido un error crítico y VeraCrypt debe cerrarse. Si esto fue causado por un error (bug) de VeraCrypt, nos gustaría arreglarlo. Para ayudarnos, puede enviarnos un informe de errores generado automáticamente conteniendo los siguientes datos:\n\n- Versión del programa\n- Versión del sistema operativo\n- Tipo de CPU\n- Nombre del componente VeraCrypt\n- Suma de verificación del ejecutable VeraCrypt\n- Nombre simbólico de la ventana de diálogo\n- Categoría del error\n- Dirección del error\n- Pila de llamadas VeraCrypt\n\nSi selecciona 'Sí', la siguiente URL (que contiene el informe completo del error) se abrirá en su explorador de Internet predeterminado.\n\n%hs\n\n¿Desea enviarnos dicho informe? - Ha ocurrido un error crítico en su sistema, lo que requiere que VeraCrypt se cierre.\n\nTenga en cuenta que este error no ha sido causado por VeraCrypt (así que los desarrolladores de VeraCrypt no pueden solucionarlo). Compruebe su sistema por si hubiera problemas (p.e. configuración del sistema, conexión de red, componentes hardware defectuosos). - Ha ocurrido un error crítico en su sistema, lo que requiere que VeraCrypt se cierre.\n\nSi el problema continúa, quizá quiera intentar desactivar o desinstalar aplicaciones que podrían estar causando esta situación, como antivirus o software de seguridad de Internet, "potenciadores" del sistema, "optimizadores", etc. Si esto no funciona, quizá le interese intentar reinstalar su sistema operativo (este problema podría estar causado también por malware). - Error Crítico de VeraCrypt - VeraCrypt ha detectado que el sistema operativo ha fallado recientemente. Hay varias razones potenciales por las que el sistema puede haber fallado (por ejemplo, un componente hardware defectuoso, un error (bug) en un controlador de dispositivo, etc.)\n\n¿Desea que VeraCrypt compruebe si ha sido un error de VeraCrypt lo que ha causado el fallo del sistema? - ¿Desea que VeraCrypt continúe detectando fallos del sistema? - VeraCrypt no ha encontrado el archivo de volcado del fallo del sistema. - ¿Desea borrar el archivo de volcado del fallo de Windows para liberar espacio en disco? - Para analizar el fallo del sistema, VeraCrypt necesita instalar las Herramientas de Depuración para Windows primero.\n\nDespués de hacer click en Aceptar, el instalador de Windows descargará el paquete de instalación de las Herramientas de Depuración de Microsoft (16 MB) de un servidor de Microsoft y las instalará (el instalador de Windows será enviado a la URL del servidor de Microsoft desde el servidor veracrypt.org, lo que asegura que esta característica funcione incluso si Microsoft cambiara la localización del paquete de instalación). - Después de pulsar Aceptar, VeraCrypt analizará el fallo del sistema. Esto podría durar varios minutos. - Asegúrese de que la variable de entorno 'PATH' incluye la ruta a 'kd.exe' (Depurador del Núcleo). - Parece que lo más probable es que VeraCrypt no causara el fallo del sistema. Hay muchas razones potenciales por las que el sistema podría haber fallado (por ejemplo, un componente hardware defectuoso, un error en un controlador de dispositivo, etc.) - Los resultados del análisis indican que actualizar el siguiente controlador podría resolver este problema: - Para ayudarnos a determinar si hay un error (bug) en VeraCrypt o no, puede enviarnos un informe de errores generado automáticamente conteniendo los siguientes datos:\n\n- Versión del programa\n- Versión del sistema operativo\n- Tipo de CPU\n- Categoría del error\n- Nombre y versión del controlador\n- Pila de llamadas del sistema\n\nSi selecciona 'Sí', la siguiente URL (que contiene el informe completo del error) se abrirá en su explorador de Internet predeterminado. - ¿Desea enviarnos dicho informe de errores? - &Cifrar - &Descifrar - Descifrar &Permanentemente - Salir - Cree una unidad lógica para esta partición extendida, e inténtelo de nuevo. - Un volumen VeraCrypt puede residir en un archivo (llamado contenedor VeraCrypt), el cual puede residir en un disco duro, en una unidad flash USB, etc. Un contenedor VeraCrypt es exactamente igual que cualquier otro archivo (puede ser, por ejemplo, movido o eliminado como cualquier archivo común). Haga click en 'Seleccionar Archivo' para elegir un nombre de archivo para el contenedor y la ubicación donde desea que el contenedor sea creado.\n\nAVISO: Si selecciona un archivo existente, VeraCrypt NO lo cifrará; el archivo será eliminado y reemplazado por el contenedor VeraCrypt recién creado. Ud. podrá cifrar archivos existentes (más tarde) moviéndolos al contenedor VeraCrypt que va a crear ahora. - Seleccione la ubicación donde se creará el volumen externo (el volumen oculto será creado dentro de este volumen más adelante).\n\nUn volumen VeraCrypt puede residir en un archivo (llamado contenedor VeraCrypt), el cual puede residir en un disco duro, en una unidad flash USB, etc. Un contenedor VeraCrypt puede ser movido o borrado como cualquier archivo común. Haga click en 'Seleccionar Archivo' para elegir un nombre de archivo para el contenedor y la ubicación donde desea que el contenedor sea creado. Si selecciona un archivo existente, VeraCrypt NO lo cifrará; será eliminado y reemplazado por el contenedor recién creado. Ud. podrá cifrar archivos existentes (más tarde) moviéndolos al contenedor que va a crear ahora. - Los volúmenes VeraCrypt cifrados alojados en dispositivos pueden ser creados en particiones de discos duros, unidades de estado sólido, tarjetas de memoria USB, y en cualquier otro dispositivo de almacenamiento soportado. Las particiones también pueden ser cifradas conservando datos.\n\nAdemás, estos volúmenes VeraCrypt pueden ser creados dentro de dispositivos que no contengan ninguna partición (incluyendo discos duros y unidades de estado sólido).\n\nNota: Un dispositivo que contiene particiones puede ser cifrado por completo conservando datos (usando una única clave) sólo si es la unidad donde Windows está instalado y desde la que arranca. - Un volumen VeraCrypt alojado en dispositivo puede ser creado dentro de una partición de disco duro, unidad de estado sólido, tarjeta de memoria USB, y otros dispositivos de almacenamiento.\n\nAVISO: Tenga en cuenta que la partición/dispositivo será formateado y todos los datos almacenados en él se perderán. - \nSeleccione la ubicación donde se creará el volumen externo (dentro de este volumen se creará el volumen oculto más adelante).\n\nLos volúmenes externos pueden ser creados dentro de particiones en discos duros, unidades de estado sólido, tarjetas de memoria USB, y en cualquier otro dispositivo de almacenamiento soportado. Los volúmenes externos pueden ser creados también dentro de dispositivos que no contienen particiones (incluyendo discos duros y unidades de estado sólido).\n\nAVISO: Tenga en cuenta que la partición/dispositivo será formateado y todos los datos almacenados en él se perderán. - Seleccione la ubicación del volumen VeraCrypt en el que desea crear el volumen oculto. - AVISO: ¡El archivo/dispositivo ya está en uso!\n\nIgnorar esto puede causar resultados no deseados incluyendo inestabilidad del sistema. Todas las aplicaciones que puedan estar usando el archivo/dispositivo (por ejemplo, antivirus o aplicaciones de copia de seguridad) deberían ser cerradas antes de montar el volumen.\n\n¿Continuar montando? - Error: No se puede montar el volumen. El archivo/dispositivo ya está en uso. El intento de montarlo sin acceso exclusivo también falló. - No se pudo abrir el archivo. - Ubicación del volumen - Archivos grandes - ¿Tiene intención de almacenar archivos de más de 4 GB en este volumen VeraCrypt? - Dependiendo de su elección, VeraCrypt elegirá un sistema de archivos adecuado para el volumen VeraCrypt (pero lo podrá cambiar en el siguiente paso). - Como ud. está creando un volumen externo, debería considerar elegir 'No'. Si elige 'Sí', el sistema de archivos por defecto será NTFS, que no es tan adecuado como FAT para volúmenes externos (p.e., el máximo tamaño posible para el volumen oculto será mayor si el volumen externo es FAT). Normalmente, FAT es predeterminado para ambos volúmenes (por eso los volúmenes FAT no son sospechosos). Sin embargo, si el usuario planea almacenar archivos mayores de 4 GB (no permitidos en ese sistema de archivos), entonces FAT no será predeterminado. - ¿Seguro que desea elegir 'Sí'? - Modo de Creación de Volumen - Esta es la forma más rápida de crear un volumen VeraCrypt alojado en partición o dispositivo (cifrar conservando datos, que es la otra opción, es más lenta ya que el contenido de cada sector debe ser leído primero, cifrado y después escrito). Cualquier dato almacenado en la partición/dispositivo seleccionado se perderá (los datos NO serán cifrados; serán sobreescritos con datos aleatorios). Si desea cifrar los datos existentes en una partición, elija la otra opción. - La partición seleccionada entera y todos los datos que almacena serán cifrados conservando datos. Si la partición está vacía, debería elegir la otra opción (el volumen será creado mucho más rápido). - Nota: - &Reanudar - &Aplazar - &Iniciar - &Continuar - &Formatear - &Borrar - ¿Abortar formato? - Mostrar más información - No mostrar esto de nuevo - El contenido de la partición/dispositivo ha sido borrado con éxito. - El contenido de la partición donde el sistema original (del cual el sistema oculto es una copia) residía ha sido borrado con éxito. - Asegúrese de que la versión de Windows que va a instalar (en la partición cuyos datos han sido borrados) es la misma que la que está ejecutando ahora. Esto es necesario porque ambos sistemas compartirán una partición de arranque común. - La unidad/partición del sistema ha sido cifrada con éxito.\n\nNota: Si hay volúmenes VeraCrypt secundarios que necesita tener montados automáticamente cada vez que se inicie Windows, puede hacerlo montando cada uno de ellos y seleccionando 'Favoritos' > 'Añadir Volumen Montado a Favoritos del Sistema'). - La unidad/partición del sistema ha sido descifrada con éxito. - \n\nEl volumen VeraCrypt ha sido creado y está listo para usarse. Si desea crear otro volumen VeraCrypt haga click en Siguiente. Si no, haga click en Salir. - \n\nEl volumen oculto VeraCrypt ha sido creado con éxito (el sistema operativo oculto residirá dentro de este volumen oculto).\n\nHaga click en Siguiente para continuar. - Volumen Completamente Cifrado - Volume Fully Decrypted - IMPORTANTE: PARA MONTAR EL VOLUMEN VERACRYPT RECIÉN CREADO Y ACCEDER A SUS DATOS, HAGA CLICK EN 'Montar Autom.' EN LA VENTANA PRINCIPAL DE VERACRYPT. Después de introducir la contraseña (y/o los archivos-llave), el volumen será montado en la letra de unidad seleccionada de la lista de la ventana principal (y podrá acceder a los datos cifrados a través de dicha letra).\n\nRECUERDE O APUNTE ESTAS INSTRUCCIONES. DEBERÁ SEGUIRLAS CADA VEZ QUE QUIERA MONTAR EL VOLUMEN Y ACCEDER A LOS DATOS ALMACENADOS EN ÉL. Alternativamente, en la ventana principal, haga click en 'Seleccionar Dispositivo', seleccione esta partición/volumen, y haga click en 'Montar'.\n\nLa partición/volumen ha sido cifrado correctamente (ahora contiene un volumen VeraCrypt completamente cifrado) y está listo para su uso. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - El volumen VeraCrypt ha sido creado con éxito. - Volumen creado - IMPORTANTE: Mueva el ratón al azar todo lo posible dentro de esta ventana. Cuanto más lo mueva, mejor. Esto incrementa significativamente la fuerza criptográfica de las claves de cifrado. Luego haga click en 'Formatear' para crear el volumen. - Haga click en Formatear para crear el volumen externo. Para más información, lea la documentación. - Formato del volumen externo - Formato del volumen oculto - Formato del volumen - Se necesita Adobe Reader (o una herramienta compatible) para ver o imprimir la Guía de Usuario de VeraCrypt. Adobe Reader puede descargarse gratuitamente desde: www.adobe.com\n\n¿Desea, en su lugar, ver la documentacion en línea? - Si selecciona esta opción, el asistente primero le ayudará a crear un volumen VeraCrypt normal y luego un volumen VeraCrypt oculto dentro de este. Los usuarios sin experiencia deberían seleccionar siempre esta opción. - Si selecciona esta opción, creará un volumen oculto dentro de un volumen VeraCrypt existente. Se asumirá que ya ha creado ud. un volumen VeraCrypt que pueda alojar un volumen oculto. - Modo de Creación de Volumen - Volumen oculto creado - El volumen oculto VeraCrypt ha sido creado con éxito y está listo para ser usado. Si todas las instrucciones han sido seguidas y las precauciones y requisitos listados en la sección "Precauciones y Requisitos de Seguridad Concernientes a los Volúmenes Ocultos" de la Guía del Usuario de VeraCrypt han sido seguidos, debería ser imposible demostrar que el volumen oculto existe, incluso si el volumen externo está montado.\n\nAVISO: SI NO PROTEGE EL VOLUMEN OCULTO (PARA INFORMARSE SOBRE CÓMO HACERLO, VAYA A LA SECCIÓN "PROTECCIÓN DE VOLÚMENES OCULTOS CONTRA DAÑOS" EN LA GUÍA DEL USUARIO DE VERACRYPT), NO MODIFIQUE EL VOLUMEN EXTERNO. DE LO CONTRARIO, ¡PODRÍA SOBREESCRIBIR Y DAÑAR EL VOLUMEN OCULTO! - Ha iniciado el sistema operativo oculto. Como habrá observado, el sistema operativo oculto parece estar instalado en la misma partición que el sistema operativo original. Sin embargo, en realidad, está instalado dentro de la partición trasera (en el volumen oculto). Todas las operaciones de lectura y escritura están siendo redirigidas transparentemente desde la partición del sistema original al volumen oculto.\n\nNi el sistema operativo ni las aplicaciones sabrán que los datos escritos y leídos desde la partición del sistema son en realidad escritos y leídos desde la partición trasera (desde un volumen oculto). Dichos datos son cifrados y descifrados al vuelo como siempre (con una clave de cifrado diferente de la que será utilizada para el sistema operativo señuelo).\n\n\nHaga click en Siguiente para continuar. - El volumen externo ha sido creado y montado como la unidad %hc:. Ahora debería ud. copiar a este volumen externo algunos archivos susceptibles de ser buscados pero que realmente NO sean los que quiere ocultar. Estarán ahí por si alguien le obligara a revelar la contraseña para la primera partición tras la partición del sistema, donde los volúmenes externo y oculto (conteniendo el sistema operativo oculto) residirán. Ud. podrá revelar la contraseña para este volumen externo, y la existencia del volumen oculto (y del sistema operativo oculto) permanecerá en secreto.\n\nIMPORTANTE: Los archivos que copie al volumen externo no deben ocupar más de %s. De lo contrario, podría no haber suficiente espacio libre en el volumen externo para el volumen interno (y no se podrá continuar). Cuando termine de copiar, haga click en Siguiente (no desmonte el volumen). - El volumen externo ha sido creado con éxito y montado como la unidad %hc:. Ahora debería ud. copiar a este volumen algunos archivos susceptibles de ser buscados pero que realmente NO sean los que quiere ocultar. Los archivos estarán ahí por si alguien le obligara a revelar su contraseña. Ud. revelará sólo la contraseña para este volumen externo, no la del volumen oculto. Los archivos que realmente le importan serán almacenados en el volumen oculto, que será creado más adelante. Cuando termine de copiar, haga click en Siguiente. No desmonte el volumen.\n\nNota: Después de pulsar Siguiente, el mapa de bits del cluster del volumen externo será escaneado para determinar el tamaño del área ininterrumpida de espacio libre al final del volumen. Este área alojará el volumen oculto, así que limitará su máximo tamaño posible. Escanear el mapa de bits del cluster asegura que ningún dato del volumen externo sea sobreescrito por el volumen oculto. - Contenido del volumen externo - \n\nEn los siguientes pasos, establecerá las opciones para el volumen externo (dentro del cual se creará el volumen oculto posteriormente). - \n\nEn los siguientes pasos, creará un volumen VeraCrypt externo dentro de la primera partición tras la partición del sistema (como se explicó en uno de los pasos anteriores). - Volumen externo - En los siguientes pasos, establecerá las opciones y contraseña para el volumen oculto, que contendrá el sistema operativo oculto.\n\nObservación: El mapa de bits del cluster del volumen externo ha sido escaneado para determinar el tamaño del área ininterrumpida de espacio libre al final del volumen externo. Este área alojará el volumen oculto, así que limita su máximo tamaño posible. Ha sido determinado y confirmado que el máximo tamaño posible del volumen oculto es mayor que el tamaño de la partición del sistema (lo que es requerido, porque el contenido entero de la partición del sistema necesitará ser copiado al volumen oculto). Esto asegura que ningún dato almacenado en el volumen externo será sobreescrito por datos escritos al área del volumen oculto. - IMPORTANTE: Por favor recuerde los algoritmos que seleccione en este paso. Tendrá que seleccionar los mismos algoritmos para el sistema señuelo. De otro modo, ¡el sistema oculto será inaccesible! (El sistema señuelo debe ser cifrado con el mismo algoritmo de cifrado que el sistema oculto.)\n\nNota: La razón es que el sistema señuelo y el sistema oculto compartirán un único cargador de arranque, el cual soporta sólo un único algoritmo, seleccionado por el usuario (para cada algoritmo, hay una versión especial del Cargador de Arranque de VeraCrypt). - \n\nEl mapa de bits del cluster del volumen ha sido escaneado y el máximo tamaño posible del volumen oculto ha sido determinado. En los pasos siguientes establecerá las opciones, el tamaño y la contraseña para el volumen oculto. - Volumen oculto - Ahora el volumen oculto está protegido contra daños hasta que el volumen externo sea desmontado.\n\nAVISO: Si se intenta guardar cualquier dato en el área del volumen oculto, VeraCrypt comenzará a proteger contra escritura el volumen entero (tanto la parte oculta como la externa) hasta que sea desmontado. Esto podría crear corrupción del sistema de archivos en el volumen externo, lo cual (si se repite) podría afectar negativamente la negación plausible del volumen oculto. Por tanto, debería esforzarse todo lo posible por evitar escribir en el área del volumen oculto. Cualquier dato que vaya a guardarse en el área del volumen oculto no se guardará y se perderá. Windows informará de ello como un error de escritura ("Error de escritura demorada" o "El parámetro es incorrecto"). - Ahora cada uno de los volúmenes ocultos dentro de los volúmenes recién montados están protegidos contra daños hasta que sean desmontados.\n\nAVISO: Si se intenta guardar cualquier dato en el área del volumen oculto protegido de cualquiera de estos volúmenes, VeraCrypt comenzará a proteger contra escritura el volumen entero (tanto la parte oculta como la externa) hasta que sea desmontado. Esto podría crear corrupción del sistema de archivos en el volumen externo, lo cual (si se repite) podría afectar negativamente la negación plausible del volumen oculto. Por tanto, debería esforzarse todo lo posible por evitar escribir en el área del volumen oculto. Cualquier dato que vaya a guardarse en las áreas de volumen oculto protegido no se guardará y se perderá. Windows informará de ello como un error de escritura ("Error de escritura demorada" o "El parámetro es incorrecto"). - AVISO: ¡Se intentó guardar información en el área del volumen oculto dentro del volumen montado como %c:! VeraCrypt impidió que se guardaran esos datos para proteger el volumen oculto. Esto podría haber causado corrupción en el sistema de archivos del volumen externo y Windows podría haber informado de un error de escritura ("Error de escritura demorada" o "El parámetro es incorrecto"). El volumen entero (tanto la parte externa como la oculta) será protegido contra escritura hasta que sea desmontado. Si no es la primera vez que VeraCrypt ha impedido que se guarden datos en el área del volumen oculto de este volumen, la negación plausible de este volumen oculto podría estar afectada negativamente (debido a posibles inconsistencias correlacionadas inusuales dentro del sistema de archivos del volumen externo). Por tanto, debería considerar crear un nuevo volumen VeraCrypt (con Formato Rápido desactivado) y mover los archivos de este volumen al nuevo volumen; este volumen debería ser borrado con seguridad (tanto la parte externa como la oculta). Es muy recomendable reiniciar el sistema operativo ahora. - Has indicado tu intención de almacenar archivos mayores de 4 GB en este volumen. Esto requiere que el volumen sea formateado como NTFS, lo cual, sin embargo, no será posible. - Tenga en cuenta que cuando un sistema operativo oculto está ejecutándose, los volúmenes VeraCrypt no ocultos no pueden ser formateados como NTFS. La razón es que el volumen podría necesitar ser montado temporalmente sin protección contra escritura, para permitir al sistema operativo formatearlo como NTFS (mientras que formatear como FAT lo puede hacer VeraCrypt directamente y sin montar el volumen). Para más detalles técnicos, ver más abajo. Puede crear un volumen NTFS no oculto desde dentro del sistema operativo señuelo. - Por razones de seguridad, cuando un sistema operativo oculto está ejecutándose, los volúmenes ocultos se pueden crear sólo en modo 'directo' (porque los volúmenes externos deben ser montados siempre en modo de sólo lectura). Para crear un volumen oculto con seguridad, siga estos pasos:\n\n1) Arranque el sistema señuelo.\n\n2) Cree un volumen VeraCrypt normal y, a este volumen, copie algunos archivos susceptibles de ser buscados pero que realmente NO sean los que quiere ocultar (el volumen se convertirá en el volumen externo).\n\n3) Arranque el sistema oculto e inicie el Asistente de Creación de Volúmenes VeraCrypt. Si el volumen está alojado en un archivo, muévalo a la partición del sistema o a otro volumen oculto (de otro modo, el volumen oculto recién creado podría ser montado como sólo lectura y no podría formatearse). Siga las instrucciones del asistente hasta seleccionar el modo 'directo' de creación de volúmenes ocultos.\n\n4) En el asistente, seleccione el volumen que creó en el paso 2 y siga las instrucciones para crear un volumen oculto dentro del mismo. - Por razones de seguridad, cuando un sistema operativo oculto se está ejecutando, los sistemas de archivos locales no cifrados y los volúmenes VeraCrypt no ocultos son montados como sólo lectura (no se puede guardar ningún dato en esos sistemas de archivos y volúmenes VeraCrypt).\n\nSe pueden escribir datos a cualquier sistema de archivos que resida dentro de un volumen VeraCrypt oculto (siempre que dicho volumen oculto no esté ubicado en un contenedor almacenado en un sistema de archivos no cifrado o en cualquier otro sistema de archivos de sólo lectura). - Hay tres razones principales por las que se deberían implementar contramedidas:\n\n- Habilita la creación de una plataforma segura para montar volúmenes VeraCrypt ocultos. Recomendamos oficialmente que los volúmenes ocultos sean montados sólo cuando un sistema operativo oculto se esté ejecutando. (Para más información, vea la sección 'Precauciones y Requisitos de Seguridad Concernientes a los Volúmenes Ocultos' en la documentación.)\n\n- En algunos casos, es posible determinar que, en un momento concreto, un sistema de archivos particular no se montó bajo (o un archivo particular del sistema de archivos no se guardó o leyó desde) una instancia particular de un sistema operativo (p.e. analizando y comparando registros de diario del sistema de archivos, fechas/horas de los archivos, logs de aplicaciones, logs de errores, etc). Esto podría indicar que un sistema operativo oculto está instalado en el ordenador. Las contramedidas previenen este problema.\n\n- Previene la corrupción de datos y permite la hibernación segura. Cuando Windows se reanuda tras una hibernación, asume que todos los sistemas de archivos montados están en el mismo estado que cuando el sistema hibernó. VeraCrypt lo asegura protegiendo contra escritura cualquier sistema de archivos accesible tanto desde el sistema señuelo como desde el oculto. Sin esta protección, el sistema de archivos podría corromperse al ser montado por un sistema mientras el otro sistema está hibernado. - Nota: Si necesita transferir archivos con seguridad desde el sistema señuelo al sistema oculto, siga estos pasos:\n1) Inicie el sistema señuelo.\n2) Guarde los archivos a un volumen no cifrado o a un volumen VeraCrypt externo/normal.\n3) Inicie el sistema oculto.\n4) Si guardó los acrhivos a un volumen VeraCrypt, móntelo (será automáticamente montado como sólo lectura).\n5) Copie los archivos a la partición del sistema oculto o a otro volumen oculto. - Su ordenador debe ser reiniciado.\n\n¿Desea reiniciarlo ahora? - Ha ocurrido un error al obtener el estado del cifrado del sistema. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - No se pueden inicializar componentes de la aplicación para el cifrado del sistema. - ¡Fallo al inicializar el generador de números aleatorios! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - No se pudo iniciar la aplicación. Fallo al registrar la clase Dialog. - Error: Fallo al cargar la librería de sistema Rich Edit. - Asistente de Creación de Volúmenes VeraCrypt - El tamaño máximo posible de volumen oculto para este volumen es %.2f bytes. - El tamaño máximo posible de volumen oculto para este volumen es %.2f KB. - El tamaño máximo posible de volumen oculto para este volumen es %.2f MB. - El tamaño máximo posible de volumen oculto para este volumen es %.2f GB. - El tamaño máximo posible de volumen oculto para este volumen es %.2f TB. - La contraseña/archivo-llave del volumen no puede cambiarse mientras el volumen está montado. Desmonte el volumen primero. - El algoritmo de derivación de clave de cabecera no puede ser cambiado mientras el volumen está montado. Desmonte el volumen primero. - &Montar - Se requiere una versión más reciente de VeraCrypt para montar este volumen. - Error: Asistente para la Creación de Volumen no encontrado.\n\nVerifique que el archivo 'VeraCrypt Format.exe' este en la misma carpeta que el archivo ' VeraCrypt.exe'. Si no es así, reinstale VeraCrypt o localice el archivo 'VeraCrypt Format.exe' en su disco y ejecútelo. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Siguiente > - &Finalizar - &Instalar - E&xtraer - No es posible conectar con el controlador de dispositivo VeraCrypt. VeraCrypt no puede funcionar si el controlador de dispositivo no está funcionando.\n\nTenga en cuenta que, debido a un problema de Windows, puede ser necesario terminar la sesión o reiniciar el sistema antes antes de que el controlador de dispositivo se pueda cargar. - Ocurrió un error al cargar/preparar las fuentes. - No se ha encontrado la letra de unidad, o no se ha especificado ninguna. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Letra de unidad no disponible. - ¡No seleccionó ningún archivo! - No hay letras de unidad disponibles. - ¡No hay ninguna letra de unidad libre para el volumen externo! La creación del Volumen no puede continuar. - No se pudo determinar la versión del sistema operativo o está utilizando un sistema operativo no soportado. - ¡No se ha seleccionado la ruta! - ¡No hay suficiente espacio libre para el volumen oculto! La creación del volumen no puede continuar. - Error: Los archivos que copió al volumen externo ocupan demasiado espacio. Por tanto, no hay suficiente espacio libre en el volumen externo para el volumen oculto.\n\nTenga en cuenta que el volumen oculto debe ser al menos tan grande como la partición del sistema (la partición donde el sistema operativo en ejecución está instalado). La razón es que el sistema operativo oculto necesita ser creado copiando el contenido de la partición del sistema al volumen oculto.\n\n\nEl proceso de creación del sistema operativo oculto no puede continuar. - El controlador no puede desmontar el volumen. Algunos archivos situados en el volumen probablemente siguen abiertos. - No se puede bloquear el volumen. Todavía hay archivos abiertos en él. Por lo tanto, no puede ser desmontado. - VeraCrypt no puede bloquear el volumen porque está siendo usado por el sistema o alguna aplicación (puede haber archivos abiertos en el volumen).\n\n¿Quieres forzar el desmontaje del volumen? - Seleccione un volumen VeraCrypt - Especifique la ubicación y el nombre del archivo - Seleccione librería PKCS #11 - Memoria Insuficiente - IMPORTANTE: Recomendamos encarecidamente que los usuarios sin experiencia creen un contenedor de archivos VeraCrypt en el dispositivo/partición seleccionado, en lugar de intentar cifrar el dispositivo/partición entero.\n\nAl crear un contenedor VeraCrypt (al contrario que al cifrar un dispositivo o partición) no hay, por ejemplo, riesgo de destruir una gran cantidad de archivos. Tenga en cuenta que un contenedor VeraCrypt (a pesar de que contiene un disco virtual cifrado) es exactamente igual que cualquier archivo normal. Para más información, vea el capítulo Tutorial del Principiante en la Guía de Usuario de VeraCrypt.\n\n¿Seguro que desea cifrar el dispositivo/partición entero? - AVISO: ¡El archivo '%s' ya existe!\n\nIMPORTANTE: VERACRYPT NO CIFRARÁ EL ARCHIVO, PERO LO BORRARÁ. ¿Seguro que desea borrar el archivo y reemplazarlo por un nuevo contenedor VeraCrypt? - CUIDADO: ¡TODOS LOS ARCHIVOS ACTUALMENTE ALMACENADOS EN %s '%s'%s SERÁN BORRADOS Y SE PERDERÁN (NO SERÁN CIFRADOS)!\n\n¿Seguro que desea continuar con el formato? - AVISO: No podrá montar el volumen o acceder a los archivos almacenados en él hasta que haya sido cifrado por completo.\n\n¿Seguro que desea comenzar a cifrar %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - AVISO: Tenga en cuenta que si el suministro de energía se interrumpe repentinamente mientras se cifran datos existentes sin pérdida de información, o si el sistema operativo falla debido a un error de software o hardware mientras VeraCrypt cifra datos sin pérdida de información, se corromperán o perderán porciones de los datos. Por tanto, antes de comenzar a cifrar, asegúrese de que tiene copias de seguridad de los archivos que desea cifrar.\n\n¿Tiene dichas copias? - CUIDADO: ¡TODOS LOS ARCHIVOS ALMACENADOS EN LA PARTICIÓN '%s'%s (EN LA PRIMERA PARTICIÓN TRAS LA PARTICIÓN DEL SISTEMA) SERÁN BORRADOS Y SE PERDERÁN (NO SERÁN CIFRADOS)!\n\n¿Seguro que desea iniciar el formateo? - AVISO: ¡LA PARTICIÓN SELECCIONADA CONTIENE UNA GRAN CANTIDAD DE DATOS! ¡Todos los archivos almacenados en la partición serán eliminados y se perderán (NO serán cifrados)! - Borra cualquier archivo almacenado en la partición creando un volumen VeraCrypt dentro - Contraseña - PIM - Establecer Algoritmo de Derivación de Clave de Cabecera - Añadir/Eliminar Archivos-llave a/de un Volumen - Eliminar Todos los Archivos-llave de un Volumen - Contraseña, PIM y/o archivo-llave cambiados con éxito.\n\nIMPORTANTE: Asegúrese de que ha leído la sección 'Cambiando contraseñas y archivos-llave' en el capítulo 'Precauciones y Requisitos de Seguridad' en la Guía de Usuario de VeraCrypt. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANTE: Si no destruyó su Disco de Rescate VeraCrypt, su partición/unidad del sistema aún puede ser descifrada usando la contraseña antigua (arrancando el Disco de Rescate VeraCrypt e introduciendo la contraseña antigua). Debería ud. crear un nuevo Disco de Rescate VeraCrypt y destruir el antiguo.\n\n¿Desea crear un nuevo Disco de Rescate VeraCrypt? - Recuerde que el Disco de Rescate VeraCrypt aún usa el algoritmo anterior. Si considera el algoritmo anterior inseguro, debería crear un nuevo Disco de Rescate VeraCrypt y destruir el antiguo.\n\n¿Desea crear un nuevo Disco de Rescate VeraCrypt? - Cualquier tipo de archivo (.mp3, .jpg, .zip, .avi...) puede usarse como archivo-llave. VeraCrypt nunca modifica el contenido del archivo. Puede seleccionar más de un archivo-llave (el orden no importa). Si añade una carpeta, todos los archivos no ocultos que contenga serán usados como archivos-llave. Haga click en 'Archivos Token' para seleccionar archivos-llave almacenados en token de seguridad o tarjetas inteligentes (o para importar archivos-llave a tokens o tarjetas). - Archivos-llave agregados/eliminados con éxito. - Archivo-llave exportado. - Algoritmo de derivación de clave de cabecera establecido con éxito. - Introduzca la contraseña y/o archivos-llave para el volumen secundario donde desea continuar el proceso de cifrado sin pérdida de datos.\n\nObservación: Después de pulsar Siguiente, VeraCrypt intentará encontrar todos los volúmenes secundarios donde el proceso de cifrado haya sido interrumpido y la cabecera del volumen pueda ser descifrada usando la contraseña y/o archivos-llave suministrados. Si se encuentra más de un volumen, necesitará seleccionar uno en el siguiente paso. - Seleccione uno de los volúmenes listados. La lista contiene todos los volúmenes secundarios accesibles donde el proceso de cifrado haya sido interrumpido y cuya cabecera pudo ser descifrada usando la contraseña y/o archivos-llave suministrados. - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - Es muy importante que elija una buena contraseña. Debería evitar elegir una que contenga sólo una palabra que se pueda encontrar en un diccionario (o una combinación de 2, 3, o 4 de estas palabras). No debería contener nombres ni fechas de nacimiento. No debería ser fácil de adivinar. Una buena contraseña es una combinación aleatoria de letras mayúsculas y minúsculas, números, y caracteres especiales como @ ^ = $ * + etc. Recomendamos la elección de una contraseña que consista en más de 20 caracteres (cuanto más larga, mejor). La máxima longitud posible es 64 caracteres. - Elija una contraseña para el volumen oculto. - Elija una contraseña para el sistema operativo oculto (es decir, para el volumen oculto). - IMPORTANTE: La contraseña que elija para el sistema operativo oculto en este paso debe ser sustancialmente diferente de las otras dos contraseñas (es decir, de la contraseña para el volumen externo y de la del sistema operativo señuelo). - Introduzca la contraseña para el volumen en el que desea crear un volumen oculto.\n\nTras pulsar Siguiente, VeraCrypt intentará montar el volumen. Tan pronto como el volumen sea montado, el mapa de bits del cluster será examinado para determinar el tamaño del área ininterrumpida de espacio libre (si la hay) cuyo final coincide con el final del volumen. Este área alojará el volumen oculto y por tanto limitará su máximo tamaño posible. La exploración del mapa de cluster es necesario para asegurar que ningún dato del volumen externo sea sobreescrito por el volumen oculto. - \nElija una contraseña para el volumen externo. Esta será la contraseña que ud. podrá revelar a un enemigo si es obligado a hacerlo.\n\nIMPORTANTE: La contraseña debe ser sustancialmente diferente de la que elegirá para el volumen oculto.\n\nNota: La longitud máxima posible de la contraseña es 64 caracteres. - Elija una contraseña para el volumen externo. Esta será la contraseña que ud. podrá revelar a cualquiera que le obligue a descubrir la contraseña para la primera partición tras la partición del sistema, donde los volúmenes externo y oculto (que contiene el sistema operativo oculto) residirán. La existencia del volumen oculto (y la del sistema operativo oculto) permanecerá en secreto. Tenga en cuenta que esta contraseña no es para el sistema operativo señuelo.\n\nIMPORTANTE: La contraseña debe ser sustancialmente diferente de la que elegirá para el volumen oculto (es decir, para el sistema operativo oculto) - Contraseña del Volumen Externo - Contraseña del Volumen Oculto - Contraseña del Sistema Operativo Oculto - AVISO: ¡Las contraseñas cortas son fáciles de romper usando técnicas de fuerza bruta!\n\nRecomendamos la elección de una contraseña de más de 20 caracteres.\n\n¿Seguro que desea utilizar una contraseña corta? - Contraseña del Volumen - Contraseña incorrecta o no es un volumen VeraCrypt - Contraseña y/o archivo-llave incorrectos o no es un volumen VeraCrypt - Mal montaje, contraseña incorrecta, o no es un volumen VeraCrypt. - Mal montaje, contraseña y/o archivo-llave incorrectos, o no es un volumen VeraCrypt. - Contraseña incorrecta o no se encontró el volumen VeraCrypt. - Contraseña y/o archivo-llave incorrectos o no se encontró el volumen VeraCrypt. - \n\nAviso: El bloqueo de mayúsculas está activo. Esto puede causar que introduzca su contraseña incorrectamente. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nAVISO: Se han encontrado archivos ocultos en una ruta de búsqueda de archivos-llave. Estos archivos no pueden ser usados como archivos-llave. Si necesita usarlos como archivos-llave, elimine su atributo 'Oculto' (click derecho en cada uno, seleccione 'Propiedades', desmarque 'Oculto' y pulse Aceptar). Nota: Los archivos ocultos sólo son visibles si la opción correspondiente está activada (Equipo > Organizar > 'Opciones de carpeta y búsqueda' > Ver). - Si está intentando proteger un volumen oculto que contiene un sistema oculto, asegúrese de estar usando la distribución de teclado EEUU estándar cuando teclee la contraseña para el volumen oculto. Esto es necesario debido a que la contraseña necesita ser escrita en el entorno de pre-arranque (antes de que Windows se inicie) en el que las distribuciones de teclado Windows distintas a la de EEUU no estarán disponibles. - VeraCrypt no ha encontrado ningún volumen en el que el cifrado haya sido interrumpido y la cabecera de volumen pueda ser descifrada usando la contraseña y/o archivo-llave suministrados.\n\nPor favor asegúrese de que la contraseña y/o archivo-llave son correctos y que la partición/volumen no esté siendo usada por el sistema o alguna aplicación (antivirus incluídos). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nRecuerde: Si está intentando montar una partición ubicada en una unidad del sistema cifrada sin autenticación de pre-arranque, o montar la partición del sistema cifrada de un sistema operativo que no se está ejecutando, puede hacerlo seleccionando 'Sistema' > 'Montar sin Autenticación de Pre-Arranque'. - En este modo, no puede montar una partición ubicada en una unidad cuya parte está dentro del ámbito de la clave del cifrado del sistema activo.\n\nAntes de que pueda montar esta partición en este modo, necesita o arrancar un sistema operativo instalado en una unidad diferente (cifrado o no) o arrancar un sistema operativo no cifrado. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Atrás - ¡No se pueden listar los dispositivos raw de su sistema! - El volumen '%s' existe y es de sólo lectura. ¿Desea reemplazarlo? - Seleccione el directorio de destino - Seleccione Archivo-llave - Seleccione ruta de búsqueda de archivos-llave. AVISO: ¡Sólo se recordará la ruta, no el nombre de los archivos! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Diseñado por Ross Anderson, Eli Biham, y Lars Knudsen. Publicado en 1998. Clave de 256-bit, bloque de 128-bit. Modo de operación XTS. Serpent fue uno de los finalistas AES. - Especifique el tamaño del contenedor que desea crear.\n\nSi crea un contenedor dinámico (archivo disperso), este parámetro especificará su máximo tamaño posible.\n\nTenga en cuenta que el mínimo tamaño posible de un volumen FAT es 292 KB. De un volumen NTFS, el mínimo es 3792 KB. - Especifique el tamaño del volumen externo (primero creará un volumen externo y luego un volumen oculto en su interior). El mínimo tamaño posible para un volumen en el que se pretenda crear un volumen oculto es 340 KB. - Especifique el tamaño del volumen oculto. El mínimo tamaño posible de un volumen oculto es 40 KB (o 3664 KB si se formatea como NTFS). El máximo tamaño posible que puede especificar para el volumen oculto se muestra más arriba. - Tamaño del volumen externo - Tamaño del volumen oculto - Verifique que el tamaño del dispositivo/partición seleccionado que se muestra es correcto y haga click en Siguiente. - El volumen externo y el oculto (que contiene el sistema operativo oculto) residirán dentro de esta partición. Debe ser la primera partición tras la partición del sistema.\n\nVerifique que el tamaño de la partición y su número mostrado más arriba son correctos, y si lo son, pulse Siguiente. - \n\nRecuerde que el mínimo tamaño posible de un volumen en el que se pretende crear un volumen oculto es 340 KB. - Tamaño del volumen - Dinámico - AVISO: FALLÓ LA AUTO-PRUEBA! - Auto-prueba de todos los algoritmos superada - El número de unidad de datos suministrado es demasiado largo o corto. - La clave secundaria suministrada es demasiado larga o corta. - El texto cifrado de prueba suministrado es demasiado largo o corto. - La clave de prueba suministrada es demasiado larga o corta. - El texto plano de prueba es demasiado largo o corto. - Dos algoritmos en cascada operando en modo XTS. Cada bloque es cifrado primero con %s (clave de %d-bit) y luego con %s (clave de %d-bit). Cada algoritmo usa su propia clave. Todas las claves son independientes entre sí. - Tres algoritmos en cascada operando en modo XTS. Cada bloque es cifrado primero con %s (clave de %d-bit), luego con %s (clave de %d-bit), y finalmente con %s (clave de %d-bit). Cada algoritmo usa su propia clave. Todas las claves son independientes entre sí. - Tenga en cuenta que, dependiendo de la configuración del sistema operativo, las características de ejecución y montaje automático podrían funcionar sólo si los archivos de disco viajero son creados en medios contra escritura del tipo CD/DVD. Esto no es un error de VeraCrypt (es una limitación de Windows). - El disco viajero VeraCrypt ha sido creado con éxito.\n\nRecuerde que necesita privilegios de administrador para ejecutar VeraCrypt en modo portable. Recuerde también que, tras examinar el archivo del registro, se podría demostrar que VeraCrypt se ejecutó en un sistema Windows incluso si es ejecutado en modo portable. - Disco Viajero VeraCrypt - Diseñado por Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall y Niels Ferguson. Publicado en 1998. Clave de 256-bit, bloque de 128-bit. Modo de operación XTS. Twofish fue uno de los finalistas AES. - Más información en %s - Desconocido - Ha ocurrido un error no especificado o desconocido (%d). - Algunos volúmenes contienen carpetas o archivos en uso por el sistema o alguna aplicación.\n\n¿Forzar el desmontaje? - &Desmontar - ¡Fallo al desmontar! - El volumen contiene carpetas o archivos en uso por el sistema o alguna aplicación.\n\n¿Forzar el desmontaje? - No hay ningún volumen montado en la letra de unidad especificada. - El volumen que trata de montar ya está montado. - Ocurrió un error al intentar montar el volumen. - Error al buscar la ubicación dentro del volumen. - Error: Tamaño incorrecto del volumen. - AVISO: Debería usar Formato Rápido sólo en los siguientes casos:\n\n1) El dispositivo no contiene datos importantes y no necesita negación plausible.\n2) El dispositivo ya ha sido cifrado por completo con seguridad.\n\n¿Seguro que desea usar Formato Rápido? - Un contenedor dinámico es un archivo disperso NTFS pre-asignado cuyo tamaño físico (espacio en disco usado actualmente) crece conforme se van añadiendo nuevos datos.\n\nAVISO: El rendimiento de volúmenes alojados en archivos dispersos es significativamente peor que el de volúmenes comunes. Los volúmenes alojados en archivos dispersos son también menos seguros, porque se puede determinar qué sectores del volumen están sin usar. Además, estos volúmenes no pueden proporcionar negación plausible (alojar un volumen oculto). Tenga en cuenta también que si se escriben datos en un contenedor disperso cuando no haya suficiente espacio libre en el sistema de archivos anfitrión, el sistema de archivos cifrado podría corromperse.\n\n¿Seguro que desea crear un volumen alojado en un archivo disperso? - Tenga en cuenta que el tamaño del contenedor dinámico reportado por Windows y VeraCrypt siempre será igual a su máximo tamaño. Para ver el tamaño físico actual del contenedor (el espacio que usa del disco), haga click derecho en el contenedor (desde el explorador de Windows, no en VeraCrypt), seleccione 'Propiedades' y observe el valor 'Tamaño en disco'.\n\nTenga en cuenta también que si mueve un contenedor dinámico a otro volumen o unidad, el tamaño físico del contenedor será extendido al máximo. (Puede evitar esto creando un nuevo contenedor dinámico en la ubicación de destino, montándolo y moviendo los archivos desde el antiguo contenedor al nuevo.) - Caché de contraseñas borrada - Las contraseñas (y/o archivos-llave procesados) almacenadas en la caché del controlador TrueCryp han sido borradas. - VeraCrypt no puede cambiar la contraseña de un volumen exterior. - Seleccione una letra de unidad libre de la lista. - Seleccione un volumen montado en la lista de letras de unidad. - Hay seleccionados dos volúmenes montados diferentes (uno en la lista de letras de unidad y el otro en el campo de texto bajo la lista).\n\nElija el volumen que quiso seleccionar: - Error: No se puede crear autorun.inf - ¡Error al procesar el archivo-llave! - ¡Error al procesar la ruta del archivo-llave! - La ruta del archivo-llave no contiene archivos.\n\nRecuerde que las carpetas (y los archivos que contengan) encontradas durante la búsqueda son ignoradas. - VeraCrypt no soporta este sistema operativo. - Error: VeraCrypt sólo soporta versiones estables de este sistema operativo (no versiones beta ni RC). - Error: No se puede asignar memoria. - Error: No se pudo obtener el valor del contador de rendimiento. - Error: Mal formato de volumen. - Error: Ha proporcionado una contraseña para un volumen oculto (no para un volumen normal). - Por motivos de seguridad, un volumen oculto no puede ser creado dentro de un volumen VeraCrypt que contiene un sistema de archivos cifrado sin pérdida de datos (porque el espacio libre del volumen no ha sido llenado con datos aleatorios). - VeraCrypt - Avisos Legales - Todos los Archivos - Volúmenes VeraCrypt - Módulos de Librería - El formateo NTFS no puede continuar. - No se puede montar el volumen. - No se puede desmontar el volumen. - Windows falló al formatear el volumen como NTFS.\n\nSeleccione un tipo diferente de sistema de archivos (si es posible) y reinténtelo. Alternativamente, puede dejar el volumen sin formato (seleccione 'Ninguno' como sistema de archivos), salir del asistente, montar el volumen, y usar una herramienta del sistema o de terceros para formatear el volumen montado (el volumen permanecerá cifrado). - Windows fallo al formatear el volumen como NTFS.\n\n¿Desea formatear el volumen como FAT en su lugar? - Por defecto - partición - PARTICIÓN - Dispositivo - dispositivo - DISPOSITIVO - Volumen - volumen - VOLUMEN - Etiqueta - El tamaño de cluster seleccionado es muy pequeño para el tamaño del volumen. En su lugar se usará un cluster mas grande. - Error: ¡No se puede obtener el tamaño del volumen!\n\nAsegúrese de que el volumen seleccionado no está siendo usado por el sistema o una aplicación. - Los volúmenes ocultos no se deben crear dentro de contenedores dinámicos (archivos dispersos). Para garantizar la negación plausible, el volumen oculto necesita ser creado en un contenedor no dinámico. - El Asistente de Creación de Volúmenes VeraCrypt puede crear un volumen oculto sólo dentro de un volumen FAT o NTFS. - En Windows 2000, el Asistente de Creación de Volúmenes VeraCrypt puede crear un volumen oculto sólo en un volumen FAT. - Nota: El sistema de archivos FAT es más adecuado para volúmenes externos que el NTFS (por ejemplo, el máximo tamaño posible del volumen oculto probablemente habría sido significativamente mayor si el volumen externo se hubiera formateado como FAT). - Tenga en cuenta que el sistema de archivos FAT es más adecuado para volúmenes externos que el NTFS. Por ejemplo, el máximo tamaño posible del volumen oculto probablemente será significativamente mayor si el volumen externo es formateado como FAT (la razón es que el sistema de archivos NTFS siempre almacena datos internos en la mitad del volumen y, por tanto, el volumen oculto sólo puede residir en la segunda mitad del volumen externo).\n\n¿Seguro que desea formatear el volumen externo como NTFS? - ¿Desea formatear el volumen como FAT en su lugar? - Nota: Este volumen no puede ser formateado como FAT, porque excede el tamaño máximo de volumen soportado por el sistema de archivos FAT32 para el tamaño de sector aplicable (2 TB para sectores de 512-byte y 16 TB para sectores de 4096-byte). - Error: La partición para el sistema operativo oculto (o sea, la primera partición tras la partición del sistema) debe ser al menos un 5% mayor que la partición del sistema (que es en la que está instalado el sistema operativo en ejecución). - Error: La partición para el sistema operativo oculto (o sea, la primera partición tras la partición del sistema) debe ser al menos un 110% (2.1 veces) mayor que la partición del sistema (que es en la que está instalado el sistema operativo en ejecución). La razón es que el sistema de archivos NTFS siempre almacena datos internos en la mitad del volumen y, por tanto, el volumen oculto (que va a contener una copia de la partición del sistema) sólo puede residir en la segunda mitad de la partición. - Error: si el volumen externo es formateado como NTFS, debe ser al menos un 110% (2.1 veces) mayor que la partición del sistema. La razón es que el sistema de archivos NTFS siempre almacena datos internos en la mitad del volumen y, por tanto, el volumen oculto (que va a contener una copia de la partición del sistema) sólo puede residir en la segunda mitad del volumen externo.\n\nNota: El volumen externo tiene que estar en la misma partición que el sistema operativo oculto (es decir, dentro de la primera partición tras la partición del sistema). - Error: No hay ninguna partición tras la partición del sistema.\n\nRecuerde que antes de poder crear un sistema operativo oculto, ud. necesita crear una partición para él en la unidad del sistema. Debe ser la primera partición tras la partición del sistema (es decir, aquella en la que está instalado el sistema operativo en ejecución) y debe ser al menos un 5% mayor que ésta. Sin embargo, si el volumen externo (no confundir con la partición del sistema) se formatea como NTFS, la partición para el sistema operativo oculto debe ser al menos un 110% (2.1 veces) mayor que la partición del sistema (la razón es que el sistema de archivos NTFS siempre almacena datos internos en la mitad del volumen y, por tanto, el volumen oculto, que va a contener una copia de la partición del sistema, sólo puede residir en la segunda mitad de la partición). - Observación: no es viable (y por tanto no está soportado) instalar sistemas operativos en dos volúmenes VeraCrypt que estén insertados dentro de una sola partición, porque usar el sistema operativo externo podría requerir que se escriban datos al área del sistema operativo oculto (y si estas operaciones de escritura fueran evitadas usando la protección de volúmenes ocultos, causaría intrínsecamente fallos del sistema, como 'pantallazos azules'). - Para más información sobre cómo crear y administrar particiones, remítase a la documentación proporcionada con su sistema operativo o contacte con el equipo de soporte técnico del vendedor de su ordenador para obtener asistencia. - Error: El sistema operativo en ejecución no está instalado en la partición de arranque (la primera partición activa). Esto no está soportado. - Ha indicado su intención de almacenar archivos mayores de 4 GB en este volumen VeraCrypt. No obstante, ha elegido el sistema de archivos FAT, en el cual no se pueden almacenar archivos mayores de 4 GB.\n\n¿Seguro que desea formatear el volumen como FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Error: ¡No se puede acceder al volumen!\n\nAsegúrese de que el volumen seleccionado existe, que no está montado ni siendo usado por otra aplicación, que tiene permisos de lectura/escritura sobre el volumen, y que no está protegido contra escritura. - Error: Cannot obtain volume properties. - Error: No se puede acceder al volumen y/o obtener información sobre el volumen.\n\nAsegúrese de que el volumen seleccionado existe, que no está siendo usado por el sistema o alguna aplicación, que tiene permisos de lectura/escritura sobre el volumen, y que no está protegido contra escritura. - Error: No se puede acceder al volumen y/o obtener información sobre el mismo. Asegúrese de que el volumen seleccionado existe, de que no está siendo usado por el sistema o alguna aplicación, que tiene permisos de lectura/escritura sobre el volumen, y que no está protegido contra escritura.\n\nSi el problema continúa, podría ayudar seguir los pasos siguientes. - Un error evitó que VeraCrypt cifrara la partición. Intente arreglar cualquier problema reportado previamente y reinténtelo. Si el problema continúa, podría ayudar seguir los siguientes pasos. - Un error evitó que VeraCrypt continuara el proceso de cifrado de la partición.\n\nIntente arreglar cualquier problema reportado previamente y trate de continuar el proceso de nuevo. Recuerde que el volumen no puede montarse hasta que haya sido cifrado por completo. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Error: ¡No se puede desmontar el volumen externo!\n\nEl volumen no puede ser desmontado si contiene carpetas o archivos que estén siendo usados por el sistema o una aplicación.\n\nCierre los programas que puedan estar usando las carpetas o archivos del volumen y pulse Reintentar. - Error: ¡No se puede obtener información acerca del volumen externo! La creación del volumen no puede continuar. - Error: ¡No se puede acceder al volumen externo! La creación del volumen no puede continuar. - Error: ¡No se puede montar el volumen externo! la creación del volumen no puede continuar. - Error: ¡No se puede obtener el mapa de bits de cluster del volumen! La creación del volumen no puede continuar. - Alfabético/Categorizado - Velocidad Media (Descendiendo) - Algoritmo - Cifrado - Descifrado - Media - Unidad - Tamaño - Algoritmo de Cifrado - Algoritmo de cifrado - Tipo - Valor - Propiedad - Localización - bytes - Oculto - Externo - Normal - Sistema - Oculto (sistema) - Sólo Lectura - Unidad del Sistema - Unidad del Sistema (cifrando - %.2f%% hecho) - Unidad del Sistema (descifrando - %.2f%% hecho) - Unidad del Sistema (%.2f%% cifrado) - Partición del Sistema - Partición del sistema oculta - Partición del Sistema (cifrando - %.2f%% hecho) - Partición del Sistema (descifrando - %.2f%% hecho) - Partición del Sistema (%.2f%% cifrado) - Sí (¡daños evitados!) - Ninguno - Tamaño de Clave Principal - Tamaño de Clave Secundaria (Modo XTS) - Tamaño de Clave Tweak (Modo LRW) - bits - Tamaño de bloque - PKCS-5 PRF - Cuenta de iteraciones PKCS-5 - Volumen Creado - Última modificación de la cabecera - (hace %I64d días) - Versión del Formato del Volumen - Copia de Seguridad de Cabecera Insertada - Versión del Cargador de Arranque VeraCrypt - Primero disponible - Disco extraíble - Disco Duro - Sin cambios - Autodetection - Modo Asistente - Seleccione uno de los modos. Si no sabe cuál seleccionar, use el modo predeterminado. - Seleccione esta opción si desea instalar VeraCrypt en este sistema. - Nota: Puede actualizar sin descifrar incluso si la partición/unidad del sistema está cifrada o usa un sistema operativo oculto. - Si selecciona esta opción, todos los archivos serán extraídos de este paquete pero no se instalará nada en el sistema. No la seleccione si pretende cifrar la partición o unidad del sistema. Esta opción puede ser útil, por ejemplo, si desea ejecutar VeraCrypt en modo portable. VeraCrypt no tiene por qué ser instalado en el sistema operativo bajo el cual se ejecuta. Después de haber extraído los archivos, puede ejecutar directamente el archivo 'VeraCrypt.exe' (con lo que VeraCrypt se ejecutará en modo portable). - Opciones de instalación - Aquí puede establecer varias opciones para controlar el proceso de instalación. - Instalando - Por favor espere mientras VeraCrypt está siendo instalado. - VeraCrypt ha sido instalado con éxito - VeraCrypt ha sido actualizado con éxito - Por favor considere hacer una donación. Puede pulsar Finalizar en cualquier momento para cerrar el instalador. - Opciones de Extracción - Aquí puede establecer varias opciones para controlar el proceso de extracción. - Por favor espere mientras los archivos son extraídos. - Archivos extraídos con éxito - Todos los archivos han sido correctamente extraídos a la ubicación de destino. - Si la carpeta especificada no existe, se creará automáticamente. - Los archivos de programa de VeraCrypt serán actualizados en la ubicación donde VeraCrypt está instalado. Si necesita seleccionar una ubicación diferente, desinstale VeraCrypt primero. - ¿Desea ver las notas de publicación de la versión actual (la última estable) de VeraCrypt? - Si nunca ha utilizado VeraCrypt, recomendamos que lea el capítulo Tutorial del Principiante en la Guía de usuario de VeraCrypt. ¿Desea ver el tutorial? - Por favor seleccione una de las siguientes acciones a realizar: - Reparar/Reinstalar - Actualizar - Desinstalar - Para instalar/desinstalar VeraCrypt, debe ud. tener privilegios de administrador. ¿Desea continuar? - El Instalador de VeraCrypt ya se está ejecutando en este sistema y está preparando o llevando a cabo la instalación o actualización de VeraCrypt. Antes de continuar, espere a que termine o ciérrelo. Si no puede cerrarlo, reinicie su ordenador antes de continuar. - La Instalación falló. - La Desinstalación falló. - Este paquete de distribución está dañado. Intente descargarlo nuevamente (preferentemente desde la página oficial de VeraCrypt en https://veracrypt.codeplex.com). - No se puede escribir el archivo %s - Extrayendo - No se puede leer información del paquete. - No se puede verificar la integridad de este paquete de distribución. - La Extracción falló. - La instalación ha sido revertida. - VeraCrypt ha sido instalado con éxito. - VeraCrypt ha sido actualizado con éxito. - VeraCrypt ha sido actualizado a una nueva versión. Antes de poder empezar a usarla, su ordenador debe ser reiniciado.\n\n¿Desea reiniciar ahora? - ¡Fallo al actualizar VeraCrypt!\n\nIMPORTANTE: Antes de apagar o reiniciar el sistema, es muy recomendable que utilice Restaurar Sistema (Menú Inicio > Todos los programas > Accesorios > Herramientas del Sistema > Restaurar Sistema) para devolver su sistema al punto de restauración llamado 'Instalación de VeraCrypt'. Si Restaurar Sistema no está disponible, debería intentar reinstalar la versión original o la nueva de VeraCrypt antes de apagar o reiniciar el sistema. - VeraCrypt ha sido desinstalado con éxito.\n\nHaga click en 'Finalizar' para eliminar el instalador y la carpeta %s. Tenga en cuenta que la carpeta no se eliminará si contiene archivos que no hayan sido instalados por el instalador o creados por VeraCrypt. - Eliminando entradas de registro de VeraCrypt - Añadiendo entradas de registro - Eliminando información específica de la aplicación - Instalando - Deteniendo - Eliminando - Agregando icono - Creando punto de Restauración del Sistema - ¡Fallo al crear punto de Restauración del Sistema! - Actualizando cargador de arranque - Ha fallado la instalación de '%s'. %s\n¿Desea continuar instalando? - Ha fallado la desinstalación de '%s'. %s\n¿Desea continuar desinstalando? - Instalación completada. - La carpeta '%s' no pudo ser creada - No se puede detener el controlador de dispositivos VeraCrypt.\n\nCierre todas las ventanas abiertas de VeraCrypt primero. Si no funciona, reinicie Windows y reinténtelo. - Se deben desmontar todos los volúmenes VeraCrypt antes de instalar/desinstalar VeraCrypt. - Una versión obsoleta de VeraCrypt está instalada en este sistema. Debe ser desinstalada antes de instalar esta nueva versión de VeraCrypt.\n\nTan pronto como cierre este mensaje, se lanzará el desinstalador de la versión antigua. Tenga en cuenta que ningún volumen será descifrado al desinstalar VeraCrypt. Tras desinstalar la versión antigua de VeraCrypt, ejecute el instalador de la versión nueva otra vez. - La instalación de las entradas del registro ha fallado - La instalación del controlador de dispositivos ha fallado. Reinicie Windows e intente instalar VeraCrypt de nuevo. - Iniciando el controlador de dispositivo VeraCrypt - La desinstalación del controlador de dispositivo ha fallado. Recuerde que, debido a un problema de Windows, puede ser necesario terminar la sesión o reiniciar el sistema antes de que el controlador de dispositivo pueda ser desinstalado (o reinstalado). - Instalando el controlador de dispositivo VeraCrypt - Deteniendo el controlador de dispositivo VeraCrypt - Desinstalando el controlador de dispositivo VeraCrypt - Falló el registro de la librería de soporte del Control de Cuentas de Usuario. - Falló el des-registro de la librería de soporte del Control de Cuentas de Usuario. - Nota sobre el modo portable:\n\nRecuerde que el sistema operativo requiere que los controladores sean registrados con él antes de que puedan ser iniciados. Por tanto, el controlador VeraCrypt no es (ni puede ser) totalmente portable (mientras que las aplicaciones VeraCrypt sí lo son, no tienen que ser instaladas o registradas con el sistema operativo). Recuerde también que VeraCrypt necesita un controlador que proporcione cifrado/descifrado transparente al vuelo. - Recuerde que si decide ejecutar VeraCrypt en modo portable (en lugar de ejecutar una copia instalada de VeraCrypt), el sistema le pedirá permiso para ejecutar VeraCrypt (ventana del Control de Cuentas de Usuario) cada vez que intente abrirlo.\n\nLa razón es que cuando ejecuta VeraCrypt en modo portable, VeraCrypt necesita cargar e iniciar el controlador de dispositivo VeraCrypt, el cual es necesario para proporcionar cifrado/descifrado claro al vuelo, y los usuarios sin privilegios de administrador no pueden iniciar controladores de dispositivo en Windows. Por tanto, el sistema le pedirá permiso para ejecutar VeraCrypt con privilegios de administrador.\n\nTenga en cuenta que si instala VeraCrypt en el sistema (en lugar de ejecutarlo en modo portable) el sistema NO le pedirá permiso para ejecutar VeraCrypt cada vez que intente abrirlo.\n\n¿Seguro que desea extraer los archivos? - Aviso: este Asistente de Creación de Volúmenes tiene privilegios de administrador.\n\nSu nuevo volumen será creado con permisos que no le permitirán escribir en el volumen cuando esté montado. Si quiere evitarlo, cierre este Asistente de Creación de Volúmenes y abra uno nuevo sin privilegios de administrador.\n\n¿Desea cerrar este Asistente de Creación de Volúmenes? - Error: No se puede mostrar la licencia. - Externo(!) - dias - horas - minutos - s - Abrir - Desmontar - Mostrar VeraCrypt - Ocultar VeraCrypt - Datos leídos desde el montaje - Datos escritos desde el montaje - Parte Cifrada - 100% (totalmente cifrado) - 0% (no cifrado) - %.3f%% - 100% - Esperando - Preparando - Redimensionando - Cifrando - Descifrando - Finalizando - En Pausa - Terminado - Error - Dispositivo desconectado - Volúmenes favoritos del sistema guardados.\n\nPara que los volúmenes favoritos del sistema se monten cuando el sistema se inicie, seleccione 'Configuración' > 'Volúmenes Favoritos del Sistema' > 'Montar volúmenes favoritos del sistema cuando se inice Windows'. - El volumen que está añadiendo a favoritos no es ni una partición ni un volumen dinámico. Por tanto, VeraCrypt será incapaz de montar este volumen favorito si el número de dispositivo cambia. - El volumen que está añadiendo a favoritos es una partición no reconocida por Windows.\n\nVeraCrypt será incapaz de montar este volumen favorito si el número de dispositivo cambia. Establezca el tipo de partición a un tipo reconocido por Windows (use el comando SETID de la herramienta 'diskpart' de Windows). Luego añada la partición a favoritos de nuevo. - VeraCrypt en Segundo Plano está deshabilitado o configurado para cerrarse cuando no hay volúmenes montados (o VeraCrypt se está ejecutando en modo portable). Esto puede evitar que sus volúmenes favoritos sean montados automáticamente cuando se conecten los dispositivos que los alojan.\n\nNota: Para habilitar VeraCrypt en Segundo Plano, seleccione Configuración > Preferencias y marque la casilla 'Activado' en la sección 'VeraCrypt en Segundo Plano'. - Un contenedor almacenado en un sistema de archivos remoto compartido en red no puede ser montado automáticamente cuando su dispositivo anfitrión se conecte. - El dispositivo mostrado no es ni una partición ni un volumen dinámico. Por tanto, el volumen alojado en el dispositivo no puede ser montado automáticamente cuando el dispositivo se conecte. - Establezca el tipo de la partición mostrada a un tipo reconocido por Windows (use el comando SETID de la herramienta 'diskpart' de Windows). Luego elimine la partición de favoritos y añádala otra vez. Así permitirá que el volumen alojado en el dispositivo se monte automáticamente cuando el dispositivo se conecte. - El dispositivo mostrado no es ni una partición ni un volumen dinámico. Por tanto, no se le puede asignar una etiqueta. - Establezca el tipo de la partición mostrada a un tipo reconocido por Windows (use el comando SETID de la herramienta 'diskpart' de Windows). Luego elimine la partición de favoritos y añádala otra vez. Así permitirá a VeraCrypt asignar una etiqueta a la partición. - Debido a una limitación de Windows, un contenedor almacenado en un sistema de archivos remoto compartido en red no puede ser montado como un volumen favorito del sistema (sin embargo, puede ser montado como un volumen favorito común cuando un usuario se conecte). - Introduzca contraseña para %s - Introduzca contraseña para '%s' - Introduzca contraseña para el volumen común/externo. - Introduzca contraseña para el volumen oculto - Introduzca contraseña para la cabecera almacenada en archivo de respaldo - Se ha creado con éxito el archivo-llave. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - AVISO: ¡La cabecera de este volumen está dañada! VeraCrypt usó automáticamente la copia de seguridad de la cabecera insertada en el volumen.\n\nDebería reparar la cabecera del volumen seleccionando 'Herramientas' > 'Restaurar Cabecera de Volumen'. - La copia de seguridad de la cabecera del volumen ha sido creada con éxito.\n\nIMPORTANTE: Restaurar la cabecera usando esta copia de seguridad también restaurará la contraseña actual del volumen. Es más, si son necesarios archivos-llave para montar el volumen, los mismos archivos-llave serán necesarios para montarlo de nuevo cuando se restaure la cabecera del volumen.\n\nAVISO: Esta copia de seguridad puede usarse SÓLO para restaurar la cabecera de éste volumen concreto. Si la usa para restaurar la cabecera de un volumen distinto, podrá montar el volumen pero NO será capaz de descifrar ningún dato almacenado en él (porque cambiará su clave maestra). - La cabecera del volumen ha sido restaurada con éxito.\n\nIMPORTANTE: Recuerde que también puede haberse restaurado una contraseña antigua. Además, si cuando se creó la copia de seguridad de la cabecera se necesitaban archivos-llave para montar el volumen, esos archivos-llave serán necesarios de nuevo. - Por razones de seguridad, tendrá que introducir la contraseña (y/o suministrar los archivos-llave) correcta para el volumen.\n\nNota: Si el volumen contiene un volumen oculto, tendrá que introducir la contraseña (y/o archivos-llave) para el volumen externo primero. Más tarde, si decide hacer copia de seguridad de la cabecera del volumen oculto, tendrá que introducir la contraseña (y/o archivos-llave) para el volumen oculto. - ¿Seguro que desea crear una copia de seguridad de la cabecera del volumen para %s?\n\nTras pulsar Sí, se le pedirá un nombre de archivo para la copia de seguridad.\n\nNota: Tanto la cabecera del volumen común como la del oculto serán re-cifradas usando sal nueva y almacenadas en el archivo de respaldo. Si no hay ningún volumen oculto dentro de este volumen, el área reservada para la cabecera del volumen oculto en el archivo será llenada con datos aleatorios (para preservar la negación plausible). Cuando restaure la cabecera del volumen desde el archivo de respaldo, necesitará introducir la contraseña (y/o archivos-llave) correcta que existía cuando la copia de seguridad fue creada. La contraseña (y/o archivos-llave) también determinará automáticamente el tipo de la cabecera de volumen a restaurar, es decir, común u oculto (recuerde que VeraCrypt determina el tipo mediante el proceso de prueba y error). - ¿Seguro que quiere restaurar la cabecera de volumen de %s ?\n\nAVISO: Restaurar una cabecera de volumen también restaura la contraseña que era válida cuando se hizo la copia de seguridad. Es más, si se necesitaban archivos-llave cuando se creó dicha copia de seguridad, estos archivos serán necesarios de nuevo para montar el volumen tras la restauración.\n\nDespués de aceptar, seleccionará el archivo de copia de segurida de la cabecera. - ¿Este volumen contiene un volumen oculto? - El volumen contiene un volumen oculto - El volumen no contiene un volumen oculto - Seleccione el tipo de copia de seguridad de cabecera de volumen que desea usar: - Restaurar la cabecera de volumen desde la copia de seguridad insertada en el volumen - Restaurar la cabecera de volumen desde un archivo de copia de seguridad externo - El tamaño del archivo de copia de seguridad de la cabecera del volumen es incorrecto. - No hay ninguna copia de seguridad insertada en este volumen (recuerde que sólo los volúmenes creados por VeraCrypt 6.0 o posterior contienen copias de seguridad de cabecera insertadas). - Está intentando realizar copias de seguridad de la cabecera de la partición/unidad del sistema. Esto no está permitido. Las operaciones de copia de seguridad o restauración relacionadas con la partición/unidad del sistema sólo se pueden realizar usando el Disco de Rescate VeraCrypt.\n\n¿Desea crear un Disco de Rescate VeraCrypt? - Está intentando restaurar la cabecera de un volumen virtual VeraCrypt pero ha seleccionado la partición/unidad del sistema. Esto no está permitido. Las operaciones de copia de seguridad o restauración relacionadas con la partición/unidad del sistema sólo se pueden realizar usando el Disco de Rescate VeraCrypt.\n\n¿Desea crear un Disco de Rescate VeraCrypt? - Después de pulsar Aceptar, seleccionará un nombre de archivo para la nueva imagen ISO del Disco de Rescate VeraCrypt y la ubicación donde desea colocarla. - La imagen del Disco de Rescate ha sido creada y almacenada en este archivo:\n%s\n\nAhora hay que grabar dicha imagen en un CD o DVD.\n\nIMPORTANTE: Tenga en cuenta que el archivo debe ser grabado en el CD/DVD como una imagen de disco ISO (no como un archivo individual). Para obtener información sobre cómo hacerlo, lea la documentación de su software de grabación CD/DVD.\n\nTras grabar el Disco de Rescate, seleccione 'Sistema' > 'Verificar Disco de Rescate' para verificar que ha sido grabado correctamente. - La imagen del Disco de Rescate ha sido creada y almacenada en este archivo:\n%s\n\nAhora hay que grabar dicha imagen en un CD o DVD.\n\n¿Desea ejecutar el Grabador de Imágenes de Disco de Windows?\n\nNota: tras grabar el Disco de Rescate, seleccione 'Sistema' > 'Verificar Disco de Rescate' para verificar que ha sido grabado correctamente. - Por favor inserte su Disco de Rescate VeraCrypt dentro de su unidad de CD/DVD y presione Aceptar para verificarlo. - El Disco de Rescate VeraCrypt ha sido verificado con éxito. - No se puede verificar el Disco de Rescate ha sido grabado correctamente.\n\nSi ha grabado el Disco de Rescate, expulse e inserte de nuevo el CD/DVD; después verifique otra vez. Si no funciona, pruebe con otro software de grabación y/o otro CD/DVD.\n\nSi está intentando verificar un Disco de Rescate VeraCrypt creado para otra clave maestra, contraseña, etc., por favor recuerde que ese Disco de Rescate fallará siempre esta verificación. Para crear un nuevo Disco de Rescate completamente compatible con su configuración actual, seleccione 'Sistema' > 'Crear Disco de Rescate'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Error creando Disco de Rescate VeraCrypt. - No se puede crear un Disco de Rescate VeraCrypt cuando un sistema operativo oculto se está ejecutando.\n\nPara crear un Disco de Rescate VeraCrypt, arranque el sistema operativo señuelo y seleccione 'Sistema' > 'Crear Disco de Rescate'. - No se puede verificar que el Disco de Rescate ha sido grabado correctamente.\n\nSi ha grabado el Disco de Rescate, expulse e inserte de nuevo el CD/DVD; después haga click en Siguiente para reintentarlo. Si no funciona, pruebe otro medio%s.\n\nSi no ha grabado aún el Disco de Rescate, hágalo y pulse Siguiente.\n\nSi está intentando verificar un Disco de Rescate VeraCrypt creado antes de iniciar este asistente, tenga en cuenta que dicho Disco de Rescate no se puede usar, porque fue creado para una clave maestra diferente. Necesita grabar el Disco de Rescate generado recientemente. - y/o otro software de grabación de CD/DVD - VeraCrypt - Volúmenes Favoritos del Sistema - ¿Qué son los volúmenes favoritos del sistema? - La partición/unidad del sistema no parece estar cifrada.\n\nLos volúmenes favoritos del sistema sólo pueden ser montados usando una contraseña de autenticación de pre-arranque. Por tanto, para habilitar el uso de los volúmenes favoritos del sistema, es necesario cifrar la partición/unidad del sistema primero. - Desmonte el volumen antes de continuar. - Error: No se puede establecer el temporizador. - Comprobar Sistema de Archivos - Reparar Sistema de Archivos - Añadir a Favoritos - Añadir a Favoritos del Sistema - P&ropiedades - Volumen Oculto Protegido - N/A - - No - Deshabilitado - 1 - 2 o más - Modo de Operación - Etiqueta: - Tamaño: - Ruta: - Letra de unidad: - Error: La contraseña debe contener solamente caracteres ASCII.\n\nIntroducir otros caracteres en la contraseña puede hacer que sea imposible montar el volumen si la configuración de su sistema cambia.\n\nLos siguientes caracteres están permitidos:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Aviso: La contraseña contiene caracteres ajenos a ASCII. Esto puede causar que sea imposible montar el volumen si la configuración de su sistema cambia.\n\nDebe sustituir todos los caracteres no-ASCII en la contraseña por caracteres ASCII. Haga click en 'Volúmenes' -> 'Cambiar Contraseña del Volumen'.\n\nLos siguientes caracteres son ASCII:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - AVISO: Recomendamos que evite extensiones de archivo que son usadas para archivos ejecutables (como .exe, .sys o .dll) y otras extensiones problemáticas similares. Usar estas extensiones hace que Windows y el software antivirus interfiera con el contenedor, lo que afecta negativamente el rendimiento del volumen y puede causar problemas serios.\n\nEs muy recomendable que elimine la extensión del archivo o la cambie (por ejemplo, a '.hc').\n\n¿Seguro que desea usar la extensión problemática? - AVISO: Este contenedor tiene una extensión que es usada por archivos ejecutables (como .exe, .sys o .dll) o alguna otra extensión que es igualmente problemática. Esto probablemente hará que Windows y el software antivirus interfiera con el contenedor, lo que afectará negativamente el rendimiento del volumen y puede causar otros problemas serios.\n\nEs muy recomendable que elimine la extensión del archivo del contenedor o la cambie (por ejemplo, a '.hc' después de desmontar el volumen. - Página Inicial - AVISO: Parece que no ha aplicado ningún Service Pack a su instalación Windows. ¡No debería escribir en discos IDE mayores de 128 GB bajo un Windows XP sin Service Pack 1 o posterior! Si lo hace, los datos del disco (no importa si se trata de un volumen VeraCrypt o no) podrían resultar corruptos. Tenga en cuenta que esto es una limitación de Windows, no un error de VeraCrypt. - AVISO: Parece que no ha aplicado Service Pack 3 o posterior a su instalación Windows. ¡No debería escribir en discos IDE mayores de 128 GB bajo un Windows 2000 sin Service Pack 3 o posterior! Si lo hace, los datos del disco (no importa si se trata de un volumen VeraCrypt o no) podrían resultar corruptos. Tenga en cuenta que esto es una limitación de Windows, no un error de VeraCrypt.\n\nNota: Podría necesitar habilitar el soporte LBA 48-bit en el registro: para más información, vea http://support.microsoft.com/kb/305098/EN-US - AVISO: El soporte ATAPI LBA 48-bit está deshabilitado en su sistema. Por tanto, ¡no debería escribir en discos IDE mayores de 128 GB! Si lo hace, los datos del disco (no importa si es un volumen VeraCrypt o no) podrían resultar corruptos. Tenga en cuenta que esto es una limitación de Windows, no una limitación de VeraCrypt.\n\nPara habilitar el soporte LBA 48-bit, añada el valor de registro 'EnableBigLba' en la clave de registro HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters y establézcala a 1.\n\nPara más información, vea http://support.microsoft.com/kb/305098 - Error: No se pueden almacenar archivos de más de 4 GB en un sistema de archivos FAT32. Por tanto, los volúmenes VeraCrypt alojados en archivos (contenedores) almacenados en un sistema de archivos FAT32 no pueden ser mayores de 4 GB.\n\nSi necesita un volumen mayor, créelo en un sistema de archivos NTFS (o, si utiliza Windows Vista SP1 o posterior, en un sistema de archivos exFAT) o, en lugar de crear un volumen alojado en un archivo, cifre una partición o dispositivo completo. - Aviso: Windows XP no soporta archivos mayores de 2048 GB (le informará de que "No hay suficiente espacio libre"). Por tanto, no puede crear un volumen VeraCrypt alojado en archivo (contenedor) mayor de 2048 GB bajo Windows XP.\n\nRecuerde que sí es posible cifrar la unidad entera o crear un volumen VeraCrypt alojado en una partición mayor de 2048 GB bajo Windows XP. - AVISO: Si desea poder añadir más información al volumen externo en un futuro, debería considerar la elección de un tamaño menor para el volumen oculto.\n\n¿Desea continuar con el tamaño especificado? - No hay ningún volumen seleccionado.\n\nPulse 'Seleccionar dispositivo' o 'Seleccionar archivo' para elegir un volumen VeraCrypt. - No hay ninguna partición seleccionada.\n\nPulse 'Seleccionar Dispositivo' para seleccionar una partición desmontada que normalmente requiere autenticación de pre-arranque (por ejemplo, una partición ubicada en la unidad del sistema cifrada de otro sistema operativo, que no se esté ejecutando, o la partición del sistema cifrada de otro sistema operativo).\n\nNota: La partición seleccionada será montada como un volumen VeraCrypt normal sin autenticación de pre-arranque. Esto es útil p.e. para operaciones de reparación o copia de seguridad. - AVISO: Si se activa 'Archivos-llave por defecto', los volúmenes que no usen estos archivos-llave no se podrán montar. Por tanto, tras activar los archivos-llave por defecto, recuerde desactivar la casilla 'Usar archivos-llave' (bajo el cuadro de texto de la contraseña) al montar dichos volúmenes.\n\n¿Seguro que desea guardar los archivos-llave y ubicaciones seleccionados como predeterminados? - Montar dispositivos autom. - Desmontar Todo - Borrar Caché - Desmontar Todo & Borrar Caché - Desmontar Todo & Borrar Caché (forzar) - Desmontar Todo, Borrar Caché & Salir (forzar) - Montar Volúmenes Favoritos - Mostrar/Ocultar ventana principal de VeraCrypt - (Haga click aquí y pulse una tecla) - Acción - Atajo - Error: Este atajo de teclado está reservado. Elija uno diferente. - Error: Atajo de teclado ya asignado. - AVISO: uno o más atajos de teclado VeraCrypt del sistema no funcionarán. Asegúrese de que el sistema operativo u otras aplicaciones no utilicen el mismo atajo que VeraCrypt. - Se ha evitado la creación del archivo de paginación.\n\nTenga en cuenta que, debido a un problema de Windows, los archivos de paginación no pueden ubicarse en volúmenes VeraCrypt secundarios (incluyendo los volúmenes favoritos del sistema). VeraCrypt sólo soporta la creación de archivos de paginación en una unidad/partición cifrada del sistema. - Un error o incompatibilidad impide que VeraCrypt cifre el archivo de hibernación. Por tanto, la hibernación ha sido evitada.\n\nNota: Cuando un ordenador hiberna (o entra en modo de ahorro de energía), el contenido de su memoria se escribe en un archivo de almacenamiento de hibernación que reside en la unidad del sistema. Puede que VeraCrypt no sea capaz de evitar que las claves de cifrado y los contenidos de archivos sensibles abiertos en la RAM sean guardados sin cifrar en el archivo de hibernación. - Se ha impedido la hibernación.\n\nVeraCrypt no soporta la hibernación en sistemas operativos ocultos que usan una partición de arranque adicional. Recuerde que la partición de arranque es compartida por el sistema operativo señuelo y por el oculto. Por tanto, para evitar filtraciones de datos y problemas al reanudar tras la hibernación, VeraCrypt debe impedir que el sistema operativo oculto hiberne o escriba en la partición de arranque compartida. - El volumen VeraCrypt montado como %c: ha sido desmontado. - Los volúmenes VeraCrypt han sido desmontados. - Los volúmenes VeraCrypt han sido desmontados y la caché de contraseñas ha sido borrada. - Desmontado con éxito - AVISO: Si VeraCrypt en Segundo Plano no está habilitado, tampoco lo estarán las siguientes funciones:\n\n1) Atajos de teclado\n2) Desmontaje automático (p.e. al cerrar sesión, retirar involuntariamente el dispositivo, etc.)\n3) Montaje automático de volúmenes favoritos\n4) Notificaciones (p.e., cuando se evita el daño a un volumen oculto)\n5) Icono en área de notificación.\n\nNota: Puede cerrar el Segundo Plano haciendo click derecho en el icono del área de notificación y seleccionando 'Salir'.\n\n¿Seguro que desea deshabilitar permanentemente VeraCrypt en Segundo Plano? - AVISO: Si esta opción es deshabilitada, no se podrán desmontar automáticamente volúmenes que contengan archivos/directorios abiertos. ¿Seguro que desea deshabilitar esta opción? - AVISO: los volúmenes que contengan archivos/directorios abiertos no se desmontarán autom.\n\n Para evitarlo, habilite la siguiente opción en esta misma ventana: 'Forzar desmontaje automático aunque el volumen tenga archivos abiertos' - AVISO: Cuando la batería esté baja, Windows puede no enviar los mensajes apropiados a las aplicaciones en ejecución cuando el ordenador esté entrando en modo de ahorro de energía. Por tanto, VeraCrypt podría no desmontar autom. los volúmenes correctamente. - Ha programado el proceso de cifrado de una partición/volumen. El proceso aún no ha sido completado.\n\n¿Desea continuar el proceso ahora? - Ha programado el proceso de cifrado o descifrado de la partición/unidad del sistema. El proceso aún no ha sido completado.\n\n¿Desea iniciar (continuar) el proceso ahora? - ¿Desea que se le pregunte si quiere o no continuar los procesos actualmente programados de cifrado de particiones/volúmenes secundarios? - Sí, continuar preguntándome - No, no preguntarme - IMPORTANTE: Tenga en cuenta que puede continuar el proceso de cifrado de cualquier partición/volumen secundario seleccionando 'Volúmenes' > 'Continuar Proceso Interrumpido' en el menú de la ventana principal de VeraCrypt. - Ha programado el proceso de cifrado o descifrado de la partición/unidad del sistema. Sin embargo, falló la autenticación de pre-arranque (o fue cancelada).\n\nRecuerde: Si descifró la partición/unidad del sistema en el entorno de pre-arranque, puede ser necesario finalizar el proceso seleccionando 'Sistema' > 'Descifrar Permanentemente la Partición/Unidad del Sistema' desde el menú de la ventana principal de VeraCrypt. - AVISO: Si VeraCrypt sale ahora, las siguientes funciones serán deshabilitadas:\n\n1) Atajos de teclado\n2) Desmontaje automático (p.e. al cerrar sesión, retirar involuntariamente el dispositivo, etc.)\n3) Montaje automático de volúmenes favoritos\n4) Notificaciones (p.e., cuando se evita el daño a un volumen oculto)\n\nNota: Si no desea que VeraCrypt se ejecute en segundo plano, deshabilite VeraCrypt en Segundo Plano desde Preferencias (y si es necesario deshabilite también el inicio automático de VeraCrypt).\n\n¿Seguro que desea cerrar VeraCrypt? - ¿Salir? - VeraCrypt no tiene suficiente información para determinar si cifrar o descifrar. - VeraCrypt no tiene suficiente información para determinar si cifrar o descifrar.\n\nNota: Si descifró la partición/unidad del sistema en el entorno de pre-arranque, puede ser necesario finalizar el proceso pulsando 'Descifrar'. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - ¿Desea interrumpir y posponer el proceso de cifrado de la partición/volumen?\n\nNota: tenga en cuenta que el volumen no puede ser montado hasta que haya sido cifrado por completo. Podrá continuar el proceso de cifrado desde el punto en que éste se detuvo. Puede hacerlo, por ejemplo, seleccionando 'Volúmenes' > 'Continuar Proceso Interrumpido' desde el menú de la ventana principal de VeraCrypt. - ¿Desea interrumpir y posponer el proceso de cifrado de la partición/unidad del sistema?\n\nNota: podrá continuar el proceso desde el punto en que éste se detuvo. Puede hacerlo, por ejemplo, seleccionando 'Sistema' > 'Continuar Proceso Interrumpido' desde el menú de la ventana principal de VeraCrypt. Si desea revertir o terminar permanentemente el proceso de cifrado, seleccione 'Sistema' > 'Descifrar Permanentemente Partición/Unidad del Sistema'. - ¿Desea interrumpir y posponer el proceso de descifrado de la partición/unidad del sistema?\n\nNota: podrá continuar el proceso desde el punto en que éste se detuvo. Puede hacerlo, por ejemplo, seleccionando 'Sistema' > 'Continuar Proceso Interrumpido' desde el menú de la ventana principal de VeraCrypt. Si desea revertir el proceso de descifrado (y empezar a cifrar) seleccione 'Sistema' > 'Cifrar Partición/Unidad del Sistema'. - Error: Ha fallado la interrupción del proceso de cifrado/descifrado de la partición/unidad del sistema. - Error: Ha fallado la interrupción del proceso de borrado. - Error: Ha fallado la continuación del proceso de cifrado/descifrado de la partición/unidad del sistema. - Error: Ha fallado el inicio del proceso de borrado. - Inconsistencia resuelta.\n\n\n(Si reporta un error relacionado con esto, incluya en el reporte la siguiente información técnica:\n%hs) - Error: Estado inesperado.\n\n\n(Si reporta un error relacionado con esto, incluya en el reporte la siguiente información técnica:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - AVISO: VeraCrypt en Segundo Plano está deshabilitado. Tras cerrar VeraCrypt, no será notificado si se impiden daños en el volumen oculto.\n\nNota: Puede cerrar el Segundo Plano en cualquier momento haciendo click derecho en el icono de VeraCrypt en el área de notificación y seleccionando 'Salir'.\n\n¿Habilitar VeraCrypt en Segundo Plano? - Versión del paquete: %s - Comprobando el sistema de archivos del volumen VeraCrypt montado como %s... - Intentando reparar el sistema de archivos del volumen VeraCrypt montado como %s... - Aviso: Este volumen está cifrado con un algoritmo de cifrado tradicional (legacy).\n\nTodos los algoritmos de cifrado con bloque de 64 bit (como Blowfish, CAST-128 o Triple DES) están obsoletos. Se podrá montar este volumen usando versiones futuras de VeraCrypt. Sin embargo, no habrá más mejoras en las implementaciones de estos algoritmos de cifrado tradicional. Recomendamos que cree un nuevo volumen VeraCrypt cifrado con un algoritmo con bloque de 128 bit (como AES, Serpent, Twofish, etc.) y que mueva todos los archivos de este volumen al volumen nuevo. - Su sistema no está configurado para montar automáticamente nuevos volúmenes. Puede ser imposible montar volúmenes VeraCrypt alojados en dispositivos. Se puede habilitar el montaje automático ejecutando el siguiente comando y reiniciando el sistema.\n\nmountvol.exe /E - Asigne una letra de unidad a la partición/dispositivo antes de proceder ('Panel de Control' > 'Sistema y mantenimiento' > 'Herramientas Administrativas' - 'Crear y formatear particiones de disco duro').\n\nTenga en cuenta que este es un requisito del sistema operativo. - Montar volumen VeraCrypt - Desmontar todos los volúmenes VeraCrypt - VeraCrypt no ha podido obtener privilegios de Administrador. - Acceso denegado por el sistema operativo.\n\nCausa posible: el sistema operativo requiere que tenga permisos de lectura/escritura (o privilegios de administrador) sobre ciertas carpetas, archivos y dispositivos, para permitirle leer/escribir información de/en ellos. Normalmente, un usuario sin privilegios de administrador tiene permitido crear, leer y modificar archivos en su carpeta 'Mis documentos'. - Error: La unidad usa un tamaño de sector no soportado.\n\nActualmente no es posible crear volúmenes alojados en dispositivos o particiones que usen sectores mayores de 4096 bytes. Sin embargo, recuerde que puede crear volúmenes alojados en archivo (contenedores) en estas unidades. - Actualmente no es posible cifrar un sistema instalado en un disco con un tamaño de sector diferente a 512 bytes. - El Cargador de Arranque de VeraCrypt requiere al menos 32 KB de espacio libre al principio de la unidad del sistema (el Cargador debe almacenarse en ese área). Por desgracia, su unidad no reúne esta condición.\n\nPor favor, NO reporte esto como un error/problema de VeraCrypt. Para solucionar este problema, necesitará reparticionar su disco y dejar libres los primeros 32 KB del disco (en la mayoría de los casos tendrá que borrar y crear la primera partición). Recomendamos que use el administrador de particiones de Microsoft que está disponible p.e. cuando está instalando Windows. - Esta función no está soportada en la versión del sistema operativo que está utilizando. - VeraCrypt no soporta el cifrado de la partición/unidad del sistema en la versión del sistema operativo que está utilizando. - Antes de que pueda cifrar la partición/unidad del sistema en Windows Vista, necesita instalar Service Pack 1 o posterior para Vista (todavía no hay ningún Service Pack instalado en este sistema).\n\nNota: El Service Pack 1 para Windows Vista resuelve un problema que causaba una reducción de la memoria convencional libre durante el arranque del sistema. - VeraCrypt ya no soporta el cifrado de la partición/unidad del sistema en Windows Vista sin ningún Service Pack. Antes de actualizar VeraCrypt, instale Service Pack 1 o posterior para Windows Vista. - Error: Esta característica requiere que se instale VeraCrypt en este sistema (actualmente está ejecutando VeraCrypt en modo portable).\n\nInstale VeraCrypt y reinténtelo. - AVISO: Windows no parece estar instalado en la unidad desde la que él mismo arranca. Esto no está soportado.\n\nDebería continuar sólo si está seguro de que Windows está instalado en la unidad desde la que arranca.\n\n¿Desea continuar? - Su unidad del sistema tiene una Tabla de Particiones GUID (GPT). Actualmente, sólo se soportan unidades con Tabla de Particiones MBR. - PRECAUCIÓN: ¡El Cargador de Arranque VeraCrypt ya está instalado en su unidad del sistema!\n\nEs posible que otro sistema en su ordenador esté ya cifrado.\n\nAVISO: CONTINUAR CON EL CIFRADO DEL SISTEMA ACTUAL PUEDE HACE QUE OTROS SISTEMAS NO PUEDAN INICIARSE Y SUS DATOS SEAN INACCESIBLES.\n\n¿Seguro que desea continuar? - Fallo al restaurar el cargador original del sistema.\n\nUse su Disco de Rescate VeraCrypt ('Opciones de Reparación' > 'Restaurar cargador original del sistema') o un medio de instalación de Windows para reemplazar el Cargador de Arranque de VeraCrypt con el cargador del sistema de Windows. - El cargador original del sistema no será guardado en el Disco de Rescate (causa probable: archivo de copia de seguridad perdido). - Fallo al escribir el sector MBR.\n\nSu BIOS puede estar configurada para proteger el sector MBR. Revise la configuración de su BIOS (pulsando F2, Delete, o Esc, despues de encender su ordenador) buscando la protección MBR/Antivirus. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - La versión requerida del Cargador de Arranque VeraCrypt no está instalada actualmente. Esto puede impedir que algunos ajustes se guarden. - Nota: En algunas situaciones, quizá le interese evitar que alguien (un adversario) que esté viéndole iniciar el ordenador pueda saber que usa VeraCrypt. Las siguientes opciones lo permiten pesonalizando la pantalla del cargador de arranque de VeraCrypt. Si activa la primera opción, no se mostrará ningún texto al arrancar (ni siquiera al introducir una contraseña errónea). El ordenador parecerá estar "congelado" mientras puede escribir su contraseña. Además, puede mostrarse un mensaje personalizado para confundir al adversario. Por ejemplo, falsos mensajes de error como "No se ha encontrado sistema operativo" (mensaje que muestra el cargador de arranque de Windows si no encuentra partición de arranque de Windows). No obstante, recuerde que si el adversario puede analizar el contenido del disco duro, puede darse cuenta de que contiene el cargador de arranque de VeraCrypt. - AVISO: Tenga en cuenta que si activa esta opción, el cargador de arranque de VeraCrypt no mostrará ningún texto (ni siquiera si introduce una contraseña errónea). El ordenador parecerá "congelado" (sin responder) mientras ud. escribe su contraseña (el cursor NO se moverá ni aparecerá ningún asterisco al pulsar alguna tecla).\n\n¿Seguro que desea activar esta opción? - Su partición/unidad del sistema parece estar completamente cifrada. - VeraCrypt no soporta cifrar una unidad del sistema que ha sido convertida en un disco dinámico. - La unidad del sistema contiene particiones extendidas (lógicas).\n\nPuede cifrar una unidad del sistema entera que contenga particiones extendidas sólo en Windows Vista y versiones posteriores de Windows. En Windows XP, puede cifrar la unidad del sistema entera si contiene únicamente particiones primarias.\n\nNota: se puede cifrar la partición del sistema en lugar de la unidad del sistema entera (y, además, puede crear volúmenes VeraCrypt alojados en cualquier partición secundaria en la unidad). - AVISO: Como está utilizando Windows XP/2003, tras comenzar a cifrar la unidad, NO debe crear ninguna partición extendida (lógica) en ella (sólo puede crear particiones primarias). Cualquier partición extendida en la unidad podría ser inaccesible tras comenzar el cifrado (la unidad actualmente no contiene particiones de este tipo).\n\nNota: Si esta limitación no es aceptable, puede volver atrás y cifrar sólo la partición del sistema en lugar de la unidad entera (y, además, puede crear volúmenes VeraCrypt alojados en cualquier partición secundaria de la unidad).\n\nAlternativamente, si esta limitación no es aceptable, puede considerar actualizar a Windows Vista o alguna versión posterior de Windows (puede cifrar la unidad del sistema entera conteniendo particiones extendidas/lógicas sólo en Windows Vista o posterior). - Su unidad del sistema contiene una partición no estándar.\n\nSi está usando un portátil, probablemente su unidad del sistema contenga una partición especial de recuperación. Tras cifrar la unidad del sistema entera (incluyendo dichas particiones), su sistema podría no arrancar si su ordenador está usando una BIOS diseñada inapropiadamente. También podría ser imposible usar cualquier partición de recuperación hasta que se descifre la unidad del sistema. Por tanto, recomendamos cifrar sólo la partición del sistema. - ¿Desea cifrar la partición del sistema en lugar de toda la unidad?\n\nRecuerde que puede crear volúmenes VeraCrypt alojados en cualquier partición secundaria de la unidad (además de cifrar la partición del sistema). - Como su unidad del sistema sólo contiene una única partición que ocupa la unidad entera, es preferible (más seguro) cifrar la unidad entera incluyendo el espacio libre "slack" que normalmente rodea estas particiones.\n\n¿Desea cifrar la unidad del sistema entera? - Su sistema está configurado para almacenar archivos temporales en una partición secundaria.\n\nLos archivos temporales sólo deben guardarse en la partición del sistema. - Los archivos de su cuenta de usuario no están almacenados en la partición del sistema.\n\nDichos archivos sólo deben guardarse en la partición del sistema. - Hay archivos de paginación en particiones secundarias.\n\nLos archivos de paginación sólo deben ubicarse en la partición del sistema. - ¿Desea configurar Windows para crear archivos de paginación sólo en la partición de Windows?\n\nTenga en cuenta que si selecciona 'Sí', el ordenador se reiniciará. Cuando lo haga, inicie VeraCrypt y trate de crear el SO oculto de nuevo. - De otro modo, la negación plausible del sistema operativo oculto podría verse afectada negativamente.\n\nNota: Si un adversario analiza el contenido de estos archivos (que residen en una partición secundaria), podría averiguar que ud. usó este asistente en el modo de creación de sistemas ocultos (lo cual podría indicar la existencia de un sistema operativo oculto en su ordenador). Tenga en cuenta también que cualquiera de estos archivos almacenados en la partición del sistema serán borrados por VeraCrypt durante el proceso de creación del sistema operativo oculto. - AVISO: Durante el proceso de creación del sistema operativo oculto, se requerirá reinstalar por completo el sistema actualmente en ejecución (para crear un sistema señuelo con seguridad).\n\nNota: El sistema operativo actualmente en ejecución y el contenido entero de la partición del sistema será copiado al volumen oculto (para crear el sistema oculto).\n\n\n¿Seguro que podrá instalar Windows usando un medio de Instalación de Windows (o una partición de servicio)? - Por razones de seguridad, si el sistema operativo actual requiere activación debe ser activado antes de continuar. Recuerde que el sistema operativo oculto será creado copiando el contenido de la partición del sistema a un volumen oculto (así que si este sistema operativo no está activado, el sistema operativo oculto tampoco lo estará). Para más información, vea la sección "Precauciones y Requisitos de Seguridad Concernientes a los Volúmenes Ocultos" en la Guía del Usuario de VeraCrypt.\n\nImportante: antes de continuar, asegúrese de haber leído dicha sección.\n\n\n¿Cumple el sistema operativo en ejecución con esta condición? - Su sistema usa una partición de arranque adicional. VeraCrypt no soporta la hibernación en sistemas operativos ocultos que usen una partición de arranque adicional (los sistemas señuelo se pueden hibernar sin problemas).\n\nTenga en cuenta que la partición de arranque podría estar compartida por ambos sistemas, el señuelo y el oculto. Por tanto, para evitar filtraciones de datos y problemas al reanudar tras la hibernación, VeraCrypt debe impedir que el sistema operativo oculto escriba en la partición de arranque compartida y que hiberne.\n\n\n¿Desea continuar? Si selecciona 'No', se mostrarán instrucciones para eliminar la partición de arranque adicional. - \nLa partición de arranque adicional puede ser eliminada antes de instalar Windows. Para hacerlo, siga estos pasos:\n\n1) Arranque su disco de instalación de Windows.\n\n2) En la pantalla del instalador de Windows, haga click en 'Instalar ahora' > 'Personalizar (avanzada)'.\n\n3) Click en 'Opciones de Dispositivo'.\n\n4) Seleccione la partición del sistema principal y bórrela pulsando 'Eliminar' y 'Aceptar'.\n\n5) Seleccione la partición 'Reservada del Sistema', pulse 'Extender' y aumente su tamaño hasta que se pueda instalar en ella el sistema operativo.\n\n6) Click en 'Aplicar' y 'Aceptar'.\n\n7) Instale Windows en la partición 'Reservada del Sistema'.\n\n\nUn atacante podría preguntarle por qué eliminó la partición de arranque adicional, ud. puede responder que quería evitar cualquier posible filtración de datos en la partición de arranque no cifrada.\n\nNota: puede imprimir este texto pulsando el botón 'Imprimir'. Si guarda una copia de este texto o lo imprime (muy recomendable, salvo que su impresora almacene en su controlador interno copias de los documentos que imprime), debería destruir cualquier copia de este texto tras eliminar la partición de arranque adicional (de lo contrario, si una de estas copias fuera encontrada, indicaría que existe un sistema operativo oculto en este ordenador). - Aviso: Hay espacio no asignado entre la partición del sistema y la primera partición tras ella. Después de crear el sistema operativo oculto, no debe crear ninguna partición nueva en ese espacio sin asignar. De lo contrario, podría ser iposible arrancar el sistema operativo oculto (hasta que elimine esas particiones nuevas). - Este algoritmo no está soportado actualmente para el cifrado del sistema. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Los archivos-llave no están soportados actualmente para el cifrado del sistema. - Aviso: VeraCrypt no pudo restaurar la disposición de teclado original. Esto puede hacer que ud. introduzca incorrectamente la contraseña. - Error: No se puede establecer la disposición del teclado para VeraCrypt al estándar de EEUU.\n\nRecuerde que la contraseña necesita ser escrita en el entorno de pre-arranque (antes de que Windows se inicie) donde no están disponibles disposiciones de teclado distintas a la de EEUU. Por tanto, la contraseña debe ser escrita siempre usando la disposición de teclado EEUU estándar. - Como VeraCrypt cabió temporalmente la disposición de teclado al estándar de EEUU, no es posible escribir caracteres pulsando teclas mientras Alt derecho está pulsado. Sin embargo, puede escribir la mayoría de esos caracteres pulsando las teclas apropiadas mientras Mayúsculas está pulsada. - VeraCrypt impidió que se cambiara la disposición de teclado. - Nota: La contraseña tendrá que escribirse en el entorno de pre-arranque (antes de que Windows se inicie) donde no están disponibles disposiciones de teclado distintas a la de EEUU. Por tanto, la contraseña debe ser escrita siempre usando la disposición de teclado EEUU estándar. Sin embargo, es importante recordar que NO es necesario un teclado de EEUU real. VeraCrypt automáticamente se asegura de que ud. pueda escribir la contraseña con seguridad (ahora y en el entorno de pre-arranque) incluso si NO tiene un teclado de EEUU. - Antes de cifrar la partición/unidad, debe crear un Disco de Rescate VeraCrypt (DRT) que sirve para los siguientes propósitos:\n\n- Restaurar el Cargador de Arranque VeraCrypt, clave maestra u otros datos críticos si resultan dañados (pero tenga en cuenta que tendrá que seguir introduciendo la contraseña correcta).\n\n- Si Windows resulta dañado y no arranca, el DRT permite descifrar permanentemente la partición/unidad antes de que Windows inicie.\n\n- El DRT contendrá una copia de seguridad del contenido actual de la primera pista de la unidad (normalmente, un cargador del sistema o un administrador de arranque) y le permitirá restaurarlo si es necesario.\n\nLa imagen ISO del DRT será creada en esta ubicación: - Tras pulsar Aceptar, se lanzará el Grabador de Imágenes de Disco de Windows. Úselo para grabar la imagen ISO del Disco de Rescate VeraCrypt en un CD o DVD.\n\nDespués de hacerlo, vuelva al Asistente de Creación de Volumen VeraCrypt y siga sus instrucciones. - La imagen del Disco de Rescate ha sido creada y almacenada en este archivo:\n%s\n\nAhora debe grabarla en un CD o DVD.\n\n%lsDespués de grabar el Disco de Rescate, pulse Siguiente para verificar que ha sido grabado correctamente. - La imagen del Disco de Rescate ha sigo creada y almacenada en este archivo:\n%s\n\nAhora debería grabar la imagen a un CD/DVD o moverla a una ubicación segura para un uso posterior.\n\n%lsPulse Siguiente para continuar. - IMPORTANTE: Recuerde que el archivo debe ser escrito en el CD/DVD como una imagen de disco ISO (no como un archivo individual). Para obtener información sobre cómo hacerlo, vaya a la documentación de su software de grabación de CD/DVD. Si no tiene ningún software de ese tipo que pueda grabar la imagen ISO a un CD/DVD, haga click en el enlace siguiente para descargar software gratuito de este tipo.\n\n - Lanzar el Grabador de Imágenes de Disco de Windows - AVISO: ¡Si ya ha creado un Disco de Rescate VeraCrypt en el pasado, no debe ser reutilizado para esta partición/unidad del sistema porque fue creado para una clave maestra diferente! Cada vez que cifre una partición/unidad del sistema, debe crear un nuevo Disco de Rescate VeraCrypt incluso si ha usado la misma contraseña. - Error: No se puede guardar la configuración del cifrado del sistema. - No se puede iniciar la prueba del cifrado del sistema. - No se puede iniciar el proceso de creación del sistema operativo oculto. - Modo de borrado - En algunos medios de almacenamiento, cuando los datos son sobreescritos por otros datos, es posible recuperar la información sobreescrita con técnicas como el microscopio de fuerza magnética. Esto también se aplica a datos sobreescritos por su versión cifrada (lo que ocurre cuando VeraCrypt inicialmente cifra una partición o unidad no cifrada). Según estudios y publicaciones gubernamentales, se puede evitar (o dificultar) la recuperación de esos datos sobreescribiéndolos con datos no aleatorios y pseudoaleatorios un número suficiente de veces. Por tanto, si cree que un adversario podría usar estas técnicas para recuperar los datos que pretende cifrar, puede seleccionar uno de los modos de borrado (los datos existentes NO se perderán). Tenga en cuenta que el borrado NO se hará después de que la partición/unidad esté cifrada. Cuando lo esté, no se escribirá en ella ningún dato sin cifrar. Cualquier dato que se vaya a escribir se cifra al vuelo en memoria primero, y sólo entonces (ya cifrado) es escrito al disco. - En algunos tipos de medios de almacenamiento, cuando los datos son sobreescritos por otros datos (p.e. cuando los datos son eliminados), es posible recuperar la información sobreescrita usando técnicas como el microscopio de fuerza magnética. Según algunos estudios y publicaciones gubernamentales, se puede evitar (o dificultar) la recuperación de datos sobreescritos sobreescribiendo los datos con datos no aleatorios seguros y pseudoaleatorios un número suficiente de veces. Por tanto, si cree que un adversario podría usar estas técnicas para recuperar los datos que van a ser borrados, puede seleccionar uno de los modos de borrado multi-pasada.\n\nNota: Cuantas más pasadas de borrado utilize, más se alargará el borrado de datos. - Borrando - \nNota: Puede interruptir el proceso de borrado, apagar su ordenador, iniciar el sistema operativo oculto de nuevo y reanudar el proceso (este asistente se lanzará automáticamente). Sin embargo, si lo interrumpe, el proceso de borrado tendrá que comenzar desde el principio. - \n\nNota: Si interrumpe el proceso de borrado y luego intenta reanudarlo, el proceso entero tendrá que comenzar desde el principio. - ¿Desea abortar el proceso de borrado? - Aviso: El contenido entero de la partición/dispositivo seleccionado será borrado y se perderá. - El contenido entero de la partición donde reside el sistema original será borrado.\n\nNota: El contenido entero de la partición que va a ser borrada ha sido copiado a la partición de este sistema oculto. - AVISO: Tenga en cuenta que cuando elige p.e. el modo de borrado de 3 pasadas, el tiempo necesario para cifrar la partición/unidad será unas 4 veces mayor. Asimismo, si elige el modo de 35 pasadas, tardará unas 36 veces más (podría incluso tardar varias semanas).\n\nSin embargo, recuerde que el borrado NO se realizará después de que la partición/unidad esté cifrada por completo. Cuando la partición/unidad esté cifrada por completo, no se escribirá en ella ningún dato. Cualquier dato que se escriba será cifrado al vuelo en memoria primero, y sólo entonces el dato (cifrado) será escrito en el disco (por lo tanto el rendimiento NO será afectado).\n\n¿Seguro que desea usar el modo de borrado? - Ninguno (El más rápido) - 1 pasada (datos aleatorios) - 3 pasadas (US DoD 5220.22-M) - 7 pasadas (US DoD 5220.22-M) - 35 pasadas ("Gutmann") - 256 pasadas - Número de Sistemas Operativos - AVISO: Los usuarios sin experiencia nunca deberían intentar cifrar Windows en configuraciones multi-arranque.\n\n¿Continuar? - Al crear/usar un sistema operativo oculto, VeraCrypt soporta configuraciones multi-arranque sólo cuando se cumplen las siguientes condiciones:\n\n- El sistema operativo en ejecución debe estar instalado en la unidad de arranque, la cual no debe contener ningún otro sistema operativo.\n\n- Los sistemas operativos instalados en otras unidades no deben usar ningún cargador de arranque residente en la unidad en la que está instalado el sistema operativo en ejecución.\n\n¿Se cumplen las condiciones mencionadas? - VeraCrypt no soporta esta configuración multi-arranque al crear/usar un sistema operativo oculto. - Unidad de Arranque - ¿El sistema operativo en ejecución está instalado en la unidad de arranque?\n\nNota: A veces, Windows no está instalado en la misma unidad que el cargador de arranque de Windows (partición de arranque). Si ese es el caso, seleccione 'No'. - VeraCrypt actualmente no soporta cifrar un sistema operativo que no arranque desde la unidad donde está instalado. - Número de Unidades de Sistema - ¿Cuántas unidades contienen un sistema operativo?\n\nNota: Por ejemplo, si tiene cualquier sistema operativo (Windows, Mac OS X, Linux, etc.) instalado en su unidad primaria y cualquier sistema operativo adicional instalado en su unidad secundaria, seleccione '2 o más'. - VeraCrypt actualmente no soporta cifrar una unidad entera que contiene varios sistemas operativos.\n\nPosibles soluciones:\n\n- Puede cifrar uno de los sistemas si vuelve atrás y elige cifrar sólo una partición de sistema (en lugar de elegir el cifrado de la unidad del sistema entera).\n\n- Alternativamente, puede cifrar la unidad entera si mueve algunos de los sistemas a otras unidades dejando sólo un sistema en la unidad que quiere cifrar. - Varios sistemas en una única unidad - ¿Hay algún otro sistema operativo instalado en la unidad en la que el sistema operativo en ejecución está instalado?\n\nNota: Por ejemplo, si el sistema operativo en ejecución está instalado en la unidad #0, que contiene varias particiones, y si una de las particiones contiene Windows y otra contiene cualquier sistema operativo adicional (Windows, Mac OS X, Linux, etc.), seleccione 'Sí'. - Cargador de Arranque No-Windows - ¿Hay un cargador de arranque no-Windows (o administrador de arranque Windows) instalado en el Master Boot Record (MBR)?\n\nNota: Por ejemplo, si la primera pista de la unidad de arranque contiene GRUB, LILO, XOSL, o algún otro administrador de arranque (o cargador de arranque) no-Windows, seleccione 'Sí'. - Multi-Arranque - VeraCrypt actualmente no soporta configuraciones multi-arranque cuando un cargador de arranque no-Windows está instalado en el MBR.\n\nSoluciones posibles:\n\n- Si usa un administrador de arranque para arrancar Windows y Linux, mueva el administrador (normalmente GRUB) desde el MBR a una partición. Luego inicie este asistente otra vez y cifre la partición/unidad del sistema. Recuerde que el Cargador de Arranque VeraCrypt se convertirá en su administrador de arranque primario y le permitirá lanzar el administrador original (p.e. GRUB) como su administrador de arranque secundario (pulsando Esc en la pantalla del Cargador de Arranque VeraCrypt) y así podrá arrancar Linux. - Si el sistema operativo en ejecución está instalado en la partición de arranque, después de cifrarlo necesitará introducir la contraseña correcta incluso para iniciar cualquier otro sistema Windows no cifrado (ya que ambos compartirán un único cargador/administrador de arranque cifrado).\n\nPor el contrario, si el sistema operativo en ejecución no está instalado en la partición de arranque (o si el cargador/administrador de arranque de Windows no es usado por ningún otro sistema), después de cifrarlo no necesitará introducir la contraseña correcta para arrancar otros sistemas no cifrados -- sólo tendrá que pulsar Esc para iniciar el sistema no cifrado (si hay más de uno, tendrá que elegir cuál desea iniciar desde el menú del Administrador de Arranque VeraCrypt).\n\nNota: Normalmente, el primer sistema Windows instalado es el que está instalado en la partición de arranque. - Cifrado del Área Protegida del Anfitrión - Al final de muchos dispositivos existe un área que normalmente está oculta al sistema operativo (estas áreas son llamadas Áreas Protegidas del Anfitrión, o Host Protected Areas). Sin embargo, algunos programas pueden leer y escribir datos de/a estas áreas.\n\nAVISO: Algunos fabricantes de ordenadores pueden usar estas áreas para almacenar herramientas y datos para RAID, recuperación del sistema, instalación del sistema, diagnóstico u otros propósitos. Si estas herramientas o datos deben ser accesibles antes de arrancar, el área oculta NO debería ser cifrada (elija 'No' a continuación).\n\n¿Desea que VeraCrypt detecte y cifre ese área oculta (si existe) al final de la unidad del sistema? - Tipo de Cifrado del Sistema - Seleccione esta opción si solamente quiere cifrar la partición del sistema o la unidad del sistema entera. - Puede ocurrir que sea ud. obligado por alguien a descifrar el sistema operativo. Hay situaciones en las que no podría negarse a hacerlo (por ejemplo, debido a la extorsión). Si selecciona esta opción, creará un sistema operativo oculto cuya existencia debería ser imposible de demostrar (siempre que se sigan ciertas directrices). De este modo, no tendrá que descifrar o revelar la contraseña del sistema operativo oculto. Haga click en el siguiente enlace para una explicación más detallada. - Puede ocurrir que sea ud. obligado por alguien a descifrar el sistema operativo. Hay situaciones en las que no podría negarse a hacerlo (por ejemplo, debido a la extorsión).\n\nUsando este asistente, puede crear un sistema operativo oculto cuya existencia debería ser imposible de demostrar (siempre que se sigan ciertas directrices). De este modo, no tendrá que descifrar o revelar la contraseña para el sistema operativo oculto. - Sistema Operativo Oculto - En los siguientes pasos, creará dos volúmenes VeraCrypt (externo y oculto) en la primera partición tras la partición del sistema. El oculto contendrá el sistema operativo (SO) oculto. VeraCrypt creará el SO oculto copiando el contenido de la partición del sistema (donde el SO en ejecución está instalado) al volumen oculto. Al volumen externo, ud. copiará algunos archivos sensibles pero que NO sean los que quiere ocultar. Estarán ahí por si alguien le obliga a revelar la contraseña para la partición del SO oculto. Puede revelar la contraseña para el volumen externo que la contiene (la existencia del SO oculto permanecerá en secreto).\n\nFinalmente, en la partición del SO en ejecución instalará un nuevo SO, llamado SO señuelo, y lo cifrará. No debe contener datos sensibles y estará ahí por si alguien le obliga a revelar su contraseña de autenticación de pre-arranque. En total habrá tres contraseñas. Dos de ellas pueden ser reveladas (para el SO señuelo y para el volumen externo). Si usa la tercera, se iniciará el SO oculto. - Detectando Sectores Ocultos - Espere mientras VeraCrypt está detectando posibles sectores ocultos al final de la unidad del sistema. Esto puede durar bastante tiempo.\n\nNota: En casos muy raros, en algunos ordenadores, el sistema puede dejar de responder durante este proceso de detección. Si esto ocurre, reinicie el ordenador, inicie VeraCrypt, repita los pasos anteriores pero sáltese el proceso de detección. Recuerde que este problema no está causado por un error en VeraCrypt. - Área a Cifrar - Seleccione esta opción si desea cifrar la unidad en la que el sistema Windows en ejecución está instalado. La unidad entera, con todas sus particiones, será cifrada excepto la primera pista en la que residirá el Cargador de Arranque VeraCrypt. Cualquiera que desee acceder a un sistema o archivo almacenado en la unidad, deberá introducir la contraseña correcta cada vez que se inice el sistema. Esta opción no puede ser usada para cifrar una unidad secundaria o externa si Windows no está instalado ni se arranca desde ella. - Recopilando Datos Aleatorios - Claves Generadas - VeraCrypt no ha encontrado ningún grabador CD/DVD conectado a su ordenador. VeraCrypt lo necesita para grabar un Disco de Rescate VeraCrypt arrancable que contenga una copia de seguridad de las claves de cifrado, cargador de arranque de VeraCrypt, cargador original del sistema, etc.\n\nEs muy recomendable grabar el Disco de Rescate VeraCrypt. - No tengo grabador de CD/DVD pero guardaré la imagen ISO del Disco de Rescate en una unidad extraíble (como una unidad flash). - Conectaré un grabador de CD/DVD a mi ordenador más tarde. Terminar el proceso ahora. - Un grabador de CD/DVD está conectado a mi ordenador ahora. Continuar y grabar el Disco de Rescate. - Siga estos pasos:\n\n1) Conecte un medio extraíble, como una unidad flash USB, a su ordenador.\n\n2) Copie el archivo de imagen del Disco de Rescate VeraCrypt (%s) al medio extraíble.\n\nSi necesita usar el Disco de Rescate VeraCrypt en el futuro, podrá conectar su unidad extraíble (conteniendo la imagen) a un ordenador con grabador de CD/DVD y crear un Disco de Rescate VeraCrypt arrancable grabando la imagen a un CD o DVD. IMPORTANTE: Recuerde que el archivo de imagen del Disco de Rescate VeraCrypt debe ser escrito en el CD/DVD como una imagen de disco ISO (no como archivo individual). - Grabando Disco de Rescate - Disco de Rescate Creado - Prueba del Cifrado del Sistema - Disco de Rescate Verificado - \nEl Disco de Rescate ha sido verificado con éxito. Extráigalo de la unidad y guárdelo en un lugar seguro.\n\nPulse Siguiente para continuar. - AVISO: Durante los siguientes pasos, el Disco de Rescate VeraCrypt no debe estar en la unidad. De otro modo, no será posible completar los pasos correctamente.\n\nExtráigalo de la unidad ahora y guárdelo en un lugar seguro. Luego pulse Aceptar. - Aviso: Debido a limitaciones técnicas del entorno de pre-arranque (antes del inicio de Windows), los textos mostrados por VeraCrypt en dicho entorno no pueden ser localizados. La interfaz de usuario del Cargador de Arranque VeraCrypt está en inglés.\n\n¿Continuar? - Antes de cifrar su partición o unidad del sistema, VeraCrypt necesita verificar que todo funciona correctamente.\n\nTras pulsar Probar, todos los componentes necesarios (por ejemplo, el componente de autenticación de pre-arranque o Cargador de Arranque VeraCrypt) serán instalados y su ordenador será reiniciado. Luego tendrá que introducir su contraseña en la pantalla del Cargador de Arranque que aparecerá antes de que se inicie Windows. Después de esto, será informado automáticamente de los resultados de esta prueba.\n\nEl siguiente dispositivo será modificado: Unidad #%d\n\n\nSi pulsa Cancelar ahora, no se instalará nada y la prueba no será realizada. - NOTAS IMPORTANTES -- LÉALAS O IMPRÍMALAS (click en 'Imprimir'):\n\nRecuerde que ninguno de sus archivos será cifrado antes de que reinicie con éxito su ordenador e inicie Windows. De este modo, si algo falla, sus datos NO se perderán. No obstante, si algo va mal, podría encontrar dificultades al iniciar Windows. Por tanto, lea (y si es posible imprima) las siguientes directrices sobre qué hacer si Windows no puede iniciar tras reiniciar el ordenador.\n\n - Qué hacer si no se puede iniciar Windows\n------------------------------------------------\n\nNota: Estas instrucciones son válidas sólo si no ha comenzado el cifrado.\n\n- Si Windows no se inicia tras introducir la contraseña correcta (o si ha introducido varias veces dicha contraseña pero VeraCrypt dice que la contraseña es incorrecta), no se alarme. Reinicie (apague y vuelva a encender) el ordenador, y en la pantalla del Cargador de Arranque VeraCrypt, pulse la tecla Esc (y si tiene varios sistemas, elija uno para iniciar). Windows debería iniciar (siempre que aún no esté cifrado) y VeraCrypt automáticamente le preguntará si desea desinstalar el componente de autenticación de pre-arranque o no. Tenga en cuenta que estos pasos NO funcionan si la partición/unidad del sistema está cifrada (nadie puede iniciar Windows o acceder a datos cifrados sin la contraseña correcta incluso si ha seguido los pasos anteriores).\n\n - - Si los pasos anteriores no funcionan o si la pantalla del Cargador de Arranque VeraCrypt no aparece (antes de que se inicie Windows), introduzca el Disco de Rescate VeraCrypt en su unidad CD/DVD y reinicie su ordenador. Si la pantalla del Disco de Rescate VeraCrypt no aparece (o si no ve 'Opciones de Reparación' en la sección 'Controles de Teclado' de la pantalla del Disco de Rescate), es posible que su BIOS esté configurada para arrancar desde discos duros antes que desde unidades CD/DVD. Si ése es el caso, reinicie su ordenador, pulse F2 o Delete (en cuanto vea la pantalla de inicio de la BIOS), y espere hasta que aparezca una pantalla de configuración BIOS. Si dicha pantalla de configuración no aparece, reinicie el ordenador otra vez y comience a pulsar F2 o Delete reiteradamente en cuanto se reinicie el ordenador. Cuando aparezca una pantalla de configuración de la BIOS, configure su BIOS para que arranque desde la unidad de CD/DVD primero (para obtener información sobre cómo hacerlo, vaya a la documentación de su BIOS/placa base o contacte con el equipo de soporte técnico del fabricante para obtener asistencia). Luego reinicie su ordenador. La pantalla del Disco de Rescate VeraCrypt debería aparecer ahora. En dicha pantalla, seleccione 'Opciones de Reparación' pulsando F8 en su teclado. Desde el menú 'Opciones de Reparación', seleccione 'Restaurar cargador original del sistema'. Luego extraiga el Disco de Rescate de su unidad CD/DVD y reinicie su ordenador. Windows debería iniciar con normalidad (siempre que no esté cifrado).\n\n - Tenga en cuenta que los pasos anteriores NO funcionarán si la partición/unidad del sistema está cifrada (nadie puede iniciar Windows o acceder a datos cifrados en la unidad sin la contraseña correcta incluso si se siguen los pasos anteriores).\n\n\nRecuerde que incluso si pierde su Disco de Rescate VeraCrypt y un atacante lo encuentra, éste NO será capaz de descifrar la partición o unidad del sistema sin la contraseña correcta. - Prueba Completada - La prueba ha sido completada con éxito.\n\nAVISO: Tenga en cuenta que si el suministro de energía es interrumpido repentinamente mientras se cifran los datos existentes sin pérdida de inforación, o si el sistema operativo falla debido a un error de software o hardware mientras VeraCrypt cifra los datos, podrían corromperse o perderse porciones de los datos. Por tanto, antes de empezar a cifrar, asegúrese de que posee copias de seguridad de los archivos que desea cifrar. Si no las tiene, copie los archivos ahora (puede hacer click en Aplazar, hacer la copia, ejecutar de nuevo VeraCrypt y seleccionar 'Sistema' > 'Continuar proceso interrumpido' para iniciar el cifrado).\n\nCuando esté listo, pulse Cifrar para empezar. - Puede hace click en Pausa o en Aplazar en cualquier momento para interrumpir el proceso de cifrado o descifrado, salir de este asistente, reiniciar o apagar su ordenador, y luego continuar el proceso desde el punto en que se detuvo. Para evitar ralentizaciones cuando el sistema o alguna aplicación lea o escriba en la unidad del sistema, VeraCrypt automáticamente espera hasta que los datos sean leídos o escritos (ver Estado a continuación) y luego continúa cifrando o descifrando. - \n\nPuede hacer click en Pausa o en Aplazar en cualquier momento para interrumpir el proceso de cifrado, salir de este asistente, reiniciar o apagar su ordenador, y luego continuar el proceso desde el punto en que se detuvo. Recuerde que el volumen no puede montarse hasta que esté cifrado por completo. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Sistema Oculto Iniciado - Sistema Original - Windows crea (normalmente sin su conocimiento ni su consentimiento) varios archivos temporales, logs, etc. en la partición del sistema. También guarda el contenido de la RAM en archivos de hibernación y paginación ubicados en la partición del sistema. Por tanto, si un adversario analiza archivos almacenados en la partición donde reside el sistema original (del que es una copia el sistema oculto), podría hallar, por ejemplo, que ud. usó el asistente de VeraCrypt en modo de creación de sistema oculto (lo que podría indicar la existencia de un sistema operativo oculto en su ordenador).\n\nPara evitar estos problemas, VeraCrypt borrará el contenido entero de la partición donde reside el sistema original. Acto seguido, para lograr la negación plausible, tendrá que instalar un nuevo sistema en la partición y cifrarla. Con esto creará el sistema señuelo y el proceso de creación del sistema operativo oculto estará completo. - El sistema operativo oculto ha sido creado con éxito. Sin embargo, antes de que pueda empezar a usarlo (y lograr la negación plausible), necesitará borrar (usando VeraCrypt) el contenido entero de la partición donde está instalado el sistema operativo en ejecución. Antes de que pueda hacer esto, debe reiniciar el ordenador y, en la pantalla del Cargador de Arranque VeraCrypt (que aparece antes del inicio de Windows), introducir la contraseña de autenticación de pre-arranque para el sistema operativo oculto. Cuando éste se inicie, el asistente de VeraCrypt será lanzado automáticamente.\n\nNota: Si elige terminar el proceso de creación del sistema operativo oculto ahora, NO podrá continuar el proceso y el sistema operativo oculto NO será accesible (porque el Cargador de Arranque VeraCrypt será eliminado). - Ha programado el proceso de creación de un sistema operativo oculto. El proceso aún no ha sido completado. Para completarlo, debe reiniciar el ordenador y, en la pantalla del Cargador de Arranque VeraCrypt (que aparece antes del inicio de Windows), introducir la contraseña para el sistema operativo oculto.\n\nNota: Si elige terminar el proceso de creación del sistema operativo oculto ahora, NO podrá continuarlo más tarde. - Reiniciar el ordenador y continuar - Terminar permanentemente el proceso de creación del sistema operativo oculto - No hacer nada y preguntar de nuevo después - \nSI ES POSIBLE, IMPRIMA ESTE TEXTO (pulse 'Imprimir').\n\n\nCuándo y Cómo Usar el Disco de Rescate VeraCrypt (Tras Cifrar)\n-----------------------------------------------------------------------------------\n\n - I. Cómo arrancar el Disco de Rescate VeraCrypt\n\nPara arrancar un Disco de Rescate VeraCrypt, insértelo en su unidad CD/DVD y reinicie su ordenador. Si no aparece la pantalla del Disco de Rescate VeraCrypt (o si no ve 'Opciones de Reparación' en la sección 'Controles de Teclado' de la pantalla), es posible que su BIOS esté configurada para arrancar desde discos duros antes que desde unidades CD/DVD. Si este es el caso, reinicie su ordenador, pulse F2 o Delete (en cuanto vea la pantalla de inicio de la BIOS), y espere hasta que aparezca una pantalla de configuración BIOS. Si no aparece, reinice el ordenador y pulse repetidamente F2 o Delete en cuanto se reinicie el ordenador. Cuando aparezca la pantalla de configuración, configure su BIOS para que arranque desde la unidad CD/DVD primero (si no sabe hacerlo, vaya a la documentación de su BIOS/placa base o contacte con el equipo de soporte técnico del fabricante para obtener asistencia). Luego reinicie su ordenador. La pantalla del Disco de Rescate VeraCrypt debería aparecer ahora. Nota: en dicha pantalla, puede seleccionar 'Opciones de Reparación' pulsando F8.\n\n\n - II. Cuándo y Cómo Usar el Disco de Rescate VeraCrypt (Tras Cifrar) - 1) Si la pantalla del Cargador de Arranque VeraCrypt no aparece tras iniciar su ordenador (o si Windows no arranca), el Cargador podría estar dañado. El Disco de Rescate VeraCrypt le permite restaurarlo y con ello volver a obtener acceso a su sistema y datos cifrados (pero recuerde que tendrá que seguir introduciendo la contraseña correcta). En la pantalla del Disco de Rescate, seleccione 'Opciones de Reparación' > 'Restaurar Cargador de Arranque VeraCrypt'. Luego pulse 'Y' para confirmar la acción, extraiga el Disco de Rescate de su unidad CD/DVD y reinicie su ordenador.\n\n - 2) Si ha introducido varias veces la contraseña correcta pero VeraCrypt dice que no es correcta, la clave maestra u otros datos críticos podrían estar dañados. El Disco de Rescate VeraCrypt le permite restaurarlos y volver a obtener acceso a su sistema y datos cifrados (pero tendrá que seguir introduciendo la contraseña correcta). En la pantalla del Disco de Rescate, seleccione 'Opciones de Reparación' > 'Restaurar datos clave'. Luego introduzca su contraseña, pulse 'Y' para confirmar la acción, extraiga el Disco de Rescate de su unidad CD/DVD y reinicie su ordenador.\n\n - 3) Si el Cargador de Arranque VeraCrypt está dañado, puede evitar su ejecución arrancando directamente desde el Disco de Rescate VeraCrypt. Inserte su Disco de Rescate en la unidad CD/DVD e introduzca su contraseña en la pantalla del Disco de Rescate.\n\n - 4) Si Windows está dañado y no puede iniciarse, el Disco de Rescate VeraCrypt le permite descifrar permanentemente la partición/unidad antes de que Windows se inicie. En la pantalla del Disco de Rescate, seleccione 'Opciones de Reparación' > 'Descifrar permanentemente partición/unidad del sistema'. Introduzca la contraseña y espere a que se complete el descifrado. Luego puede arrancar su CD/DVD de instalación de Windows para repararlo. - Nota: Alternativamente, si Windows está dañado (no puede iniciarse) y necesita repararlo (o acceder a sus archivos), puede evitar el descifrado de la partición/unidad del sistema siguiendo estos pasos: Si tiene varios sistemas operativos instalados en su ordenador, arranque alguno que no requiera autenticación de pre-arranque. Si no tiene varios sistemas operativos, puede arrancar un CD/DVD WinPE o BartPE o conectar su unidad del sistema a otro ordenador como una unidad secundaria o externa y arrancar el sistema operativo de ése ordenador. Después de arrancar un sistema, ejecute VeraCrypt, seleccione 'Seleccionar Dispositivo', seleccione la partición del sistema afectado, pulse 'Aceptar', seleccione 'Sistema' > 'Montar Sin Autenticación de Pre-Arranque', introduzca su contraseña de autenticación de pre-arranque y pulse 'Aceptar'. La partición se montará como un volumen VeraCrypt normal (los datos se cifrarán/descifrarán al vuelo).\n\n\n - Recuerde que incluso si pierde su Disco de Rescate VeraCrypt y un atacante lo encuentra, éste NO podrá descifrar la unidad o partición del sistema sin la contraseña correcta. - \n\nI M P O R T A N T E -- IMPRIMA ESTE TEXTO SI ES POSIBLE (Click en 'Imprimir').\n\n\nNota: Este texto se mostrará automáticamente cada vez que inicie el sistema oculto hasta que comience a crear el sistema señuelo.\n\n\n - Cómo Crear un Sistema Señuelo con Seguridad\n----------------------------------------------------------------------------\n\nPara conseguir la negación plausible, es necesario crear el sistema operativo señuelo ahora. Para hacerlo, siga estos pasos:\n\n - 1) Por razones de seguridad, apague su ordenador y déjelo apagado unos minutos (cuantos más mejor). Esto es requerido para borrar la memoria, que contiene datos sensibles. Luego encienda el ordenador pero no arranque el sistema oculto.\n\n - 2) Instale Windows en la partición cuyo contenido ha sido borrado (es decir, en la partición donde estaba instalado el sistema original, del que se copió el sistema oculto).\n\nIMPORTANTE: CUANDO EMPIECE A INSTALAR EL SISTEMA SEÑUELO, EL OCULTO *NO* PODRÁ ARRANCAR (porque el Cargador de Arranque de VeraCrypt será borrado por el instalador de Windows). ESTO ES NORMAL Y ESPERADO. NO SE ALARME. PODRÁ ARRANCAR EL SISTEMA OCULTO EN CUANTO EMPIECE A CIFRAR EL SISTEMA SEÑUELO (porque VeraCrypt instalará automáticamente en ese momento el Cargador de Arranque VeraCrypt en la unidad del sistema).\n\nImportante: El tamaño de la partición del sistema señuelo debe permanecer igual que el del volumen oculto (esta condición se cumple ahora). Además, no debe crear ninguna partición entre la partición del sistema señuelo y la que contiene el sistema oculto.\n\n - 3) Arranque el sistema señuelo (el que instaló en el paso 2) e instale VeraCrypt en él.\n\nTenga en cuenta que el sistema señuelo nunca debe contener datos importantes.\n\n - 4) En el sistema señuelo, ejecute VeraCrypt y seleccione 'Sistema' > 'Cifrar Partición/Unidad del Sistema'. El Asistente de Creación de Volúmenes VeraCrypt debería aparecer.\n\nLos siguientes pasos se aplican a dicho asistente.\n\n - 5) En el Asistente de Creación de Volúmenes VeraCrypt, NO seleccione la opción 'Oculto'. Deje seleccionada la opción 'Normal' y haga click en 'Siguiente'.\n\n - 6) Seleccione la opción 'Cifrar la partición de Windows' y pulse 'Siguiente'.\n\n - 7) Si sólo están instalados el sistema señuelo y el oculto en el ordenador, seleccione la opción 'Arranque simple' (si hay algún otro sistema instalado, seleccione 'Arranque múltiple'). Luego pulse 'Siguiente'.\n\n - 8) IMPORTANTE: En este paso, PARA EL SISTEMA SEÑUELO, ¡DEBE SELECCIONAR EL MISMO ALGORITMO DE CIFRADO Y ALGORITMO HASH QUE EL SELECCIONADO PARA EL SISTEMA OCULTO! ¡DE LO CONTRARIO, EL SISTEMA OCULTO SERÁ INACCESIBLE! En otras palabras, el sistema señuelo debe ser cifrado con el mismo algoritmo de cifrado que el sistema oculto. Nota: La razón es que el sistema señuelo y el oculto compartirán un único cargador de arranque, que sólo soporta un algoritmo seleccionado por el usuario (hay una versión especial del Cargador de Arranque VeraCrypt para cada algoritmo).\n\n - 9) En este paso, elija una contraseña para el sistema operativo señuelo. Ésta será la contraseña que podrá revelar a un adversario si se le pide o se le obliga a revelar su contraseña de autenticación de pre-arranque (la otra contraseña que puede revelar es la del volumen externo). La existencia de la tercera contraseña (la de autenticación de pre-arranque del sistema operativo oculto) permanecerá en secreto.\n\nImportante: la contraseña que elija para el sistema señuelo debe ser sustancialmente diferente de la que elija para el volumen oculto (es decir, para el sistema operativo oculto).\n\n - 10) Siga el resto de las instrucciones del asistente para cifrar el sistema operativo señuelo.\n\n\n\n - Tras la Creación del Sistema Señuelo\n------------------------------------------------\n\nTras cifrar el sistema señuelo, habrá completado el proceso de creación del sistema operativo oculto y podrá usar estas tres contraseñas:\n\n1) Contraseña de autenticación de pre-arranque para el sistema operativo oculto.\n\n2) Contraseña de autenticación de pre-arranque para el sistema operativo señuelo.\n\n3) Contraseña para el volumen externo.\n\n - Si desea iniciar el sistema operativo oculto, sólo tendrá que introducir la contraseña para el sistema operativo oculto en la pantalla del Cargador de Arranque VeraCrypt (que aparece tras encender o reiniciar su ordenador).\n\nSi desea iniciar el sistema operativo señuelo, sólo tendrá que introducir la contraseña para el sistema operativo señuelo en la misma pantalla.\n\nLa contraseña para el sistema señuelo puede ser revelada a cualquiera que le obligue a revelar la contraseña de autenticación de pre-arranque. La existencia del volumen oculto (y del sistema operativo oculto) permanecerá en secreto.\n\n - La tercera contraseña (para el volumen externo) puede ser revelada a cualquiera que le obligue a revelar la contraseña para la primera partición tras la partición del sistema, donde residen tanto el volumen externo como el oculto (con el sistema operativo oculto). La existencia del volumen oculto (y del sistema oculto) permanecerá en secreto.\n\n\n - Si reveló la contraseña para el sistema señuelo a un adversario y éste le preguntó por qué el espacio libre de la partición del sistema (señuelo) contiene datos aleatorios, puede responder, por ejemplo: "La partición contuvo un sistema cifrado por VeraCrypt, pero olvidé la contraseña de autenticación de pre-arranque (o el sistema fue dañado y dejó de arrancar), así que tuve que reinstalar Windows y cifrar la partición otra vez."\n\n\n - Si todas las instrucciones son seguidas y las precauciones y requisitos listados en la sección "Precauciones y Requisitos de Seguridad Concernientes a los Volúmenes Ocultos" en la Guía del Usuario de VeraCrypt son seguidos, debería ser imposible demostrar que el volumen oculto y el sistema operativo oculto existen, incluso si el volumen externo está montado o el sistema operativo señuelo es descifrado o iniciado.\n\nSi guarda o imprime una copia de este texto (altamente recomendado salvo que su impresora almacene internamente copias de los documentos que imprime), debería destruir todas las copias del mismo tras crear el sistema señuelo y tras haber comprendido toda la información contenida en el texto (de otro modo, si se encuentra una copia, podría indicar que hay un sistema operativo oculto en este ordenador).\n\n - AVISO: SI NO PROTEGE EL VOLUMEN OCULTO (para saber cómo hacerlo, vaya a la sección "Protección de Volúmenes Ocultos Contra Daño" en la Guía de Usuario de VeraCrypt), NO ESCRIBA EN EL VOLUMEN EXTERNO (recuerde que el sistema operativo señuelo NO está instalado en el volumen externo). DE LO CONTRARIO, ¡PODRÍA SOBREESCRIBIR Y DAÑAR EL VOLUMEN OCULTO (Y EL SISTEMA OPERATIVO OCULTO QUE CONTIENE)! - Clonando Sistema Operativo - En los siguientes pasos, VeraCrypt creará el sistema operativo oculto copiando el contenido de la partición del sistema al volumen oculto (los datos que se copien serán cifrados al vuelo con una clave de cifrado diferente de la que se usará para el sistema operativo señuelo).\n\nTenga en cuenta que el proceso se realizará en el entorno de pre-arranque (antes del inicio de Windows) y puede tardar mucho en completarse; varias horas o incluso días (dependiendo del tamaño de la partición del sistema y del rendimiento de su ordenador).\n\nPodrá interrumpir el proceso, apagar su ordenador, iniciar el sistema operativo y luego continuar el proceso. No obstante, si lo interrumpe, el proceso de copiado tendrá que comenzar desde el principio (porque el contenido de la partición del sistema no debe cambiar durante la clonación). - ¿Desea cancelar el proceso entero de cración del sistema operativo oculto?\n\nNota: NO podrá continuar el proceso más tarde si lo cancela ahora. - ¿Desea cancelar la prueba del cifrado del sistema? - Ha fallado la prueba del cifrado del sistema VeraCrypt. ¿Desea intentarlo de nuevo?\n\nSi selecciona 'No', el componente de autenticación de pre-arranque será desinstalado.\n\nNotas:\n\n- Si el Cargador de Arranque VeraCrypt no le pidió que introdujera la contraseña antes de que Windows se iniciara, es posible que su sistema operativo no arranque desde la unidad en la que está instalado. Esto no está soportado.\n\n- Si usó un algoritmo de cifrado distinto a AES y la prueba falló (e introdujo la contraseña), la causa puede ser un controlador diseñado inapropiadamente. Seleccione 'No', y trate de cifrar la partición/unidad del sistema otra vez, pero use el algoritmo de cifrado AES (que tiene los requisitos de memoria más bajos).\n\n- Para más posibles causas y soluciones, vea https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - La partición/unidad del sistema no parece estar cifrada (ni parcial ni completamente). - Su partición/unidad del sistema está cifrada (parcial o completamente).\n\nDescifre por completo su partición/unidad del sistema antes de continuar. Para ello, seleccione 'Sistema' > 'Descifrar Permanentemente la Partición/Unidad del Sistema' desde el menú de la ventana principal de VeraCrypt. - Si la partición/unidad del sistema está cifrada (parcial o completamente), no puede usar una versión anterior de VeraCrypt (pero puede actualizarlo o reinstalar la misma versión). - Su partición/unidad del sistema está siendo actualmente cifrada, descifrada, o modificada de otra manera. Interrumpa el proceso de cifrado/descifrado/modificación (o espere a que termine) antes de continuar. - El Asistente de Creación de Volúmenes VeraCrypt ya está ejecutándose y está preparando o llevando a cabo el cifrado/descifrado de la partición/unidad del sistema. Antes de continuar, espere a que termine o ciérrelo. Si no puede cerrarlo, reinicie su ordenador antes de proceder. - El proceso de cifrado o descifrado de la partición/unidad del sistema no ha sido completado. Espere a que se complete antes de continuar. - Error: El proceso de cifrado de la partición/unidad del sistema no ha sido completado. Debe completarse primero. - Error: El proceso de cifrado de la partición/volumen no ha sido completado. Debe completarse primero.\n\nNota: para continuar el proceso, seleccione 'Volúmenes' > 'Continuar Proceso Interrumpido' desde el menú de la ventana principal de VeraCrypt. - La contraseña es correcta, VeraCrypt ha descifrado con éxito la cabecera del volumen y detectado que éste es un volumen de sistema oculto. No obstante, no puede modificar la cabecera de un volumen de sistema oculto de esta forma.\n\nPara cambiar la contraseña de un volumen de sistema oculto, arranque el sistema operativo residente en dicho volumen, y luego seleccione 'Sistema' > 'Cambiar Contraseña' desde el menú de la ventana principal de VeraCrypt.\n\nPara establecer el algoritmo de derivación de la clave de cabecera, arranque el sistema operativo oculto y seleccione 'Sistema' > 'Establecer Algoritmo de Derivación de Clave de Cabecera'. - VeraCrypt no soporta el descifrado sin pérdida de datos de una partición de sistema oculto.\n\nNota: Si desea descifrar la partición del sistema señuelo, arranque el sistema señuelo y seleccione 'Sistema' > 'Descifrar Permanentemente Partición/Unidad del Sistema' desde el menú de la ventana principal de VeraCrypt. - Error: Parámetro Incorrecto/inválido. - Ha seleccionado una partición o un dispositivo pero el modo de asistente seleccionado es sólo para contenedores de archivos.\n\n¿Desea cambiar el modo de asistente? - ¿Desea crear un contenedor de archivos VeraCrypt en su lugar? - Ha seleccionado la partición/unidad del sistema (o la partición de arranque), pero el modo de asistente seleccionado es sólo para particiones/unidades secundarias.\n\n¿Desea instalar autenticación de pre-arranque (lo que significa que tendrá que introducir su contraseña antes de cada inicio de Windows) y cifrar la partición/unidad del sistema? - ¿Seguro que desea descifrar permanentemente la partición/unidad del sistema? - CUIDADO: Si descifra permanentemente la partición/unidad del sistema, se escribirán en ella datos no cifrados.\n\n¿Seguro que desea descifrar permanentemente la partición/unidad del sistema? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Aviso: si usa algoritmos en cascada para el cifrado del sistema, pueden producirse estos problemas:\n\n1) Que el Cargador de Arranque VeraCrypt sea mayor de lo normal y no haya suficiente espacio en la primera pista de la unidad para hacer una copia de seguridad del Cargador. Por tanto, si resulta dañado (lo que a veces ocurre, por ejemplo, con procedimientos de activación antipiratería diseñados inapropiadamente), tendrá que usar el Disco de Rescate VeraCrypt para arrancar o reparar el Cargador de Arranque.\n\n2) Que en algunos ordenadores se tarde más en reanudar tras la hibernación.\n\nEstos problemas potenciales pueden evitarse eligiendo un algoritmo de cifrado sin cascada (como AES).\n\n¿Seguro que desea usar algoritmos en cascada? - Si encuentra alguno de los problemas mencionados, descifre la partición/unidad (si está cifrada) y luego intente cifrarla de nuevo usando un algoritmo de cifrado sin cascada (como AES). - AVISO: Por razones de seguridad, debería actualizar VeraCrypt en el sistema operativo señuelo antes de actualizarlo en el sistema operativo oculto.\n\nPara hacerlo, arranque el sistema señuelo y ejecute el instalador VeraCrypt en él. Luego arranque el sistema oculto y ejecute también el instalador en él.\n\nNota: El sistema señuelo y el sistema oculto comparten un único cargador de arranque. Si actualizó VeraCrypt sólo en el sistema oculto (pero no en el señuelo), el sistema señuelo podría contener un controlador VeraCrypt y aplicaciones VeraCrypt cuya versión sea diferente a la del Cargador de Arranque VeraCrypt. Esta discrepancia podría indicar que existe un sistema operativo oculto en este ordenador.\n\n\n¿Desea continuar? - La versión del Cargador de Arranque VeraCrypt que arrancó este sistema operativo es diferente a la versión del controlador VeraCrypt (y la de las aplicaciones VeraCrypt) instalado en este sistema.\n\nDebería ejecutar el instalador VeraCrypt (cuya versión sea la misma que la del Cargador de Arranque VeraCrypt) para actualizar VeraCrypt en este sistema operativo. - La versión del Cargador de Arranque VeraCrypt que arrancó este sistema operativo es diferente a la versión del controlador VeraCrypt (y de las aplicaciones VeraCrypt) instalado en este sistema. Recuerde que las versiones antiguas pueden contener errores corregidos en versiones recientes.\n\nSi no arrancó desde el Disco de Rescate VeraCrypt, debería reinstalar VeraCrypt o actualizarlo a la última versión estable (el cargador de arranque será actualizado también).\n\nSi arrancó desde el Disco de Rescate, debería actualizarlo ('Sistema' > 'Crear Disco de Rescate'). - El Cargador de Arranque VeraCrypt ha sido actualizado.\n\nSe recomienda crear un nuevo Disco de Rescate VeraCrypt (que contendrá la nueva versión del Cargador de Arranque VeraCrypt) seleccionando 'Sistema' > 'Crear Disco de Rescate' después de reiniciar su ordenador. - El Cargador de Arranque VeraCrypt ha sido actualizado.\n\nSe recomienda que arranque el sistema operativo señuelo y cree un nuevo Disco de Rescate VeraCrypt (que contendrá la nueva versión del Cargador de Arranque VeraCrypt) seleccionando 'Sistema' > 'Crear Disco de Rescate'. - Fallo al actualizar el Cargador de Arranque VeraCrypt. - VeraCrypt ha fallado al detectar el tamaño real de la unidad del sistema y, por tanto, se usará el tamaño reportado por el sistema operativo (que podría ser menor que el tamaño real). Recuerde que esto no es un error de VeraCrypt. - PRECAUCIÓN: Parece que VeraCrypt ya ha tratado de detectar sectores ocultos en esta unidad del sistema. Si encontró algún problema durante el proceso de detección anterior, puede evitar los problema saltándose la detección de sectores ocultos ahora. Tenga en cuenta que si lo hace, VeraCrypt usará el tamaño reportado por el sistema operativo (que puede ser menor que el tamaño real de la unidad).\n\nRecuerde que este problema no es causado por un error de VeraCrypt. - Saltarse la detección de sectores ocultos (usar tamaño reportado por el sistema operativo) - Intentar detectar los sectores ocultos de nuevo - Error: El contenido de uno o más sectores del disco no puede leerse (probablemente debido a un defecto físico).\n\nEl proceso de cifrado sin pérdida de datos puede continuar sólo cuando los sectores sean legibles de nuevo. VeraCrypt puede intentar hacer legibles esos sectores escribiendo ceros en ellos (con lo cual estos bloques de ceros serán cifrados). Sin embargo, tenga en cuenta que los datos almacenados en los sectores ilegibles se perderán. Si quiere evitarlo, puede intentar recuperar fragmentos de los datos corruptos usando herramientas de terceros.\n\nNota: En caso de sectores físicamente dañados (al contrario que con la corrupción de datos y errores de suma de verificación) la mayoría de los tipos de dispositivos de almacenamiento reasignan los sectores cuando se intenta escribir datos en ellos (así que los datos de los sectores dañados pueden permanecer sin cifrar en la unidad).\n\n¿Desea que VeraCrypt escriba ceros en los sectores ilegibles? - Error: El contenido de uno o más sectores del disco no puede leerse (probablemente debido a un defecto físico).\n\nPara proceder con el descifrado, VeraCrypt tendrá que desechar el contenido de los sectores ilegibles (su contenido será reemplazado por datos pseudoaleatorios). Recuerde que, antes de continuar, puede intentar recuperar fragmentos de los datos corruptos usando herramientas de terceros.\n\n¿Desea que VeraCrypt descarte los datos de los sectores ilegibles? - Nota: VeraCrypt ha reemplazado el contenido de %I64d sectores ilegibles (%s) con bloques cifrados de texto plano llenos de ceros. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Introduzca contraseña/PIN para token '%s': - Para permitir que VeraCrypt acceda a un token de seguridad o tarjeta inteligente, necesita instalar primero una librería de software PKCS #11 para el token o la tarjeta. Esta librería puede ser suministrada con el dispositivo o puede descargarse desde la web del vendedor o de terceros.\n\nTras instalar la librería, puede seleccionarla manualmente pulsando 'Seleccionar Librería' o puede dejar que VeraCrypt la encuentre y seleccione automáticamente pulsando 'Detección Automática' (sólo se buscará en el directorio del sistema Windows). - Nota: Para el nombre de archivo y ubicación de la librería PKCS #11 instalada para su token o tarjeta, vaya a la documentación suministrada con el token, tarjeta, o software de terceros.\n\nPulse 'Aceptar' para seleccionar la ruta y nombre de archivo. - Para permitir que VeraCrypt acceda a un token de seguridad o tarjeta inteligente, necesita seleccionar una librería de software PKCS #11 para el token/tarjeta primero. Para hacerlo, seleccione 'Configuración' > 'Tokens de Seguridad'. - Falló la inicialización de la librería de token de seguridad PKCS #11.\n\nAsegúrese de que la ruta y archivo especificados dirigen a una librería PKCS #11 válida. Para especificar una ruta y nombre de archivo para la librería PKCS #11, seleccione 'Configuración' > 'Tokens de Seguridad'. - No se han encontrado librerías PKCS #11 en el directorio de sistema de Windows.\n\nAsegúrese de que haya instalada una librería PKCS #11 para su token de seguridad o tarjeta inteligente (esta librería puede ser suministrada con el token/tarjeta o puede descargarse desde la web del vendedor o de terceros). Si está instalado en otro directorio distinto al del sistema de Windows, pulse 'Seleccionar Librería' para localizar la librería (p.e. en la carpeta donde está instalado el software del token/tarjeta). - No se ha encontrado ningún token de seguridad.\n\nAsegúrese de que su token está conectado y el controlador de dispositivo correcto está instalado. - No se ha encontrado archivo-llave del token de seguridad. - Ya existe un archivo-llave de token de seguridad con el mismo nombre. - ¿Desea borrar los archivos seleccionados? - Ruta no válida de archivo-llave de token de seguridad. - Error de token de seguridad - Contraseña incorrecta para el token de seguridad. - El token de seguridad no tiene suficiente memoria/espacio para la operación solicitada.\n\nSi está intentando importar un archivo-llave, debería seleccionar un archivo más pequeño o usar uno generado por VeraCrypt (seleccione 'Herramientas' > 'Generador de Archivo-llave'). - Todas las sesiones de token de seguridad abiertas han sido cerradas. - Seleccione Archivos-llave de Token de Seguridad - Slot - Nombre del token - Nombre del archivo - IMPORTANTE: Las contraseñas de autenticación de pre-arranque siempre son escritas con la disposición de teclado estándar de EEUU. Por tanto, podría ser imposible montar con contraseña de pre-arranque un volumen que use una contraseña escrita con cualquier otra disposición de teclado (esto no es un error de VeraCrypt). Para permitir que volúmenes así sean montados con contraseña de pre-arranque, siga estos pasos:\n\n1) Click en 'Seleccionar Archivo' o 'Seleccionar Dispositivo' y seleccione el volumen.\n2) Seleccione 'Volúmenes' > 'Cambiar Contraseña del Volumen'.\n3) Introduzca la contraseña actual para el volumen.\n4) Cambie la disposición de teclado a Inglés (EEUU) haciendo click en la barra de Idioma en la barra de tareas de Windows y seleccionando 'EN Inglés (EEUU)'.\n5) En VeraCrypt, en el campo de la nueva contraseña, escriba la contraseña de pre-arranque.\n6) Confirme la contraseña escribiéndola en el campo de confirmación y pulse 'Aceptar'.\nAVISO: Tenga en mente que si sigue estos pasos, la contraseña del volumen tendrá que ser escrita siempre usando la disposición de teclado EEUU (que se aplica automáticamente sólo en el entorno de pre-arranque). - Los volúmenes favoritos del sistema serán montados usando la contraseña de autenticación de pre-arranque. Si algún favorito del sistema usa una contraseña diferente, no será montado. - Recuerde que si necesita impedir que las acciones con volúmenes VeraCrypt normales (como 'Desmontar Todo') afecten a los volúmenes favoritos del sistema, debería activar la opción 'Permitir sólo a administradores ver y desmontar volúmenes favoritos del sistema en VeraCrypt'. Además, cuando VeraCrypt se ejecuta sin privilegios de administrador (por defecto en Windows Vista y posterior), los volúmenes favoritos del sistema no se mostrarán en la lista de letras de unidad de la ventana principal de VeraCrypt. - IMPORTANTE: Tenga en cuenta que si esta opción se habilita y VeraCrypt no tiene privilegios de administrador, los volúmenes favoritos del sistema montados NO se mostrarán en la ventana principal de VeraCrypt y no se podrán desmontar. Si necesita desmontar un favorito del sistema haga click en el icono de VeraCrypt (en el menú Inicio) y seleccione 'Ejecutar como administrador' primero. La misma limitación se aplica a las funciones 'Desmontar Todo', 'Desmontar automáticamente', teclas de acceso rápido relacionadas, etc. - Recuerde que esta configuración hace efecto sólo tras reiniciar el sistema operativo. - Error analizando línea de comandos. - Disco de Rescate - Seleccionar &Archivo y Montar - Seleccionar &Dispositivo y Montar - Permitir sólo a administradores ver y desmontar volúmenes favoritos del sistema en VeraCrypt - Montar volúmenes favoritos del sistema al inicio de Windows (en la fase inicial del proceso) - Aviso: El sistema de archivos en el volumen montado como '%s' no se desmontó limpiamente y puede contener errores. Usar un sistema de archivos corrupto puede causar pérdida o corrupción de datos.\n\nNota: Antes de extraer o desconectar físicamente un dispositivo (como una unidad flash USB o un disco duro externo) en el que reside un volumen VeraCrypt, debería desmontar siempre el volumen en VeraCrypt primero.\n\n\n¿Desea que Windows intente detectar y corregir errores (si los hay) en el sistema de archivos? - Aviso: Uno o más volúmenes favoritos del sistema no fue desmontado limpiamente y puede contener errores en el sistema de archivos. Vaya al visor de eventos del sistema para obtener más detalles.\n\nUsar un sistema de archivos corrupto puede causar pérdida o corrupción de datos. Debería comprobar los volúmenes afectados en busca de errores (click derecho en cada uno en VeraCrypt y seleccione 'Reparar Sistema de Archivos'). - Aviso: Reparar un sistema de archivos dañado usando la herramienta de Microsoft 'chkdsk' podría causar pérdida de archivos en las áreas dañadas. Por tanto, es recomendable que primero copie los archivos almacenados en el volumen VeraCrypt a otro volumen VeraCrypt sin errores.\n\n¿Desea reparar el sistema de archivos ahora? - El volumen '%s' ha sido montado como sólo lectura porque se denegó el acceso a escritura.\n\nAsegúrese de que los permisos de seguridad del contenedor le permiten escribir en él (click derecho en el contenedor y seleccione Propiedades > Seguridad).\n\nRecuerde que, debido a un problema de Windows, puede ver este aviso incluso tras ajustar los permisos apropiados. Esto no es culpa de un error de VeraCrypt. Una posible solución es mover su contenedor a su carpeta 'Mis Documentos'.\n\nSi desea mantener su volumen como sólo lectura, establezca el atributo sólo lectura del contenedor (click derecho en éste y seleccione Propiedades > Sólo lectura), lo que suprimirá este aviso. - El volumen '%s' tuvo que ser montado como sólo lectura porque se denegó el acceso a escritura.\n\nAsegúrese de que ninguna otra aplicación (como el software antivirus) esetá accediendo a la partición/dispositivo donde se aloja el volumen. - El volumen '%s' ha sido montado como sólo lectura porque el sistema operativo informó de que el dispositivo está protegido contra escritura.\n\nTenga en cuenta que algunos controladores personalizados de chipset causan que medios grabables parezcan erróneamente protegidos contra escritura. Esto puede solucionarse actualizando o desinstalando los controladores personalizados (no de Microsoft) que haya instalados en este sistema. - Tenga en cuenta que la tecnología Hyper-Threading proporciona múltiples núcleos lógicos por cada núcleo físico. Cuando Hyper-Threading está activado, el número seleccionado representa el número de procesadores o núcleos lógicos. - %d hilos - Recuerde que AES acelerado por hardware está deshabilitado, lo que afectará a los resultados (peor rendimiento).\n\nPara habilitar la aceleración hardware, seleccione 'Configuración' > 'Rendimiento' y marque la casilla correspondiente. - Recuerde que el número de hilos está actualmente limitado, lo que afectará a los resultados (peor rendimiento).\n\nPara utilizar toda la potencia de los procesadores, seleccione 'Configuración' > 'Rendimiento' y desmarque la casilla correspondiente. - ¿Desea que VeraCrypt intente desactivar la protección contra escritura de la partición/unidad? - AVISO: Esta configuración puede perjudicar el rendimiento.\n\n¿Seguro que desea aplicarla? - Aviso: volumen VeraCrypt auto-desmontado - Antes de eliminar o desactivar un dispositivo que contenga un volumen montado, debería desmontar el volumen en VeraCrypt primero.\n\nLos desmontajes espontáneos inesperados a menudo son causados por cables que fallan intermitentemente, carcasas defectuosas, etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Probar - Archivo-llave - Retroceso - Tabulador - Limpiar - Intro - Pausa - Bloqueo Mayúsculas - Barra Espaciadora - AvPag - RePag - Fin - Inicio - Flecha Izquierda - Flecha Arriba - Flecha Derecha - Flecha Abajo - Seleccionar - Imprimir - Ejecutar - Imprimir Pant. - Insertar - Borrar - Aplicaciones - Detener/Sleep - Bloq. Numérico - Bloq. Scroll - Explorador atrás - Explorador adelante - Explorador actualizar - Explorador parar - Explorador buscar - Explorador favoritos - Explorador inicio - Silencio - Bajar Volumen - Subir Volumen - Pista Siguiente - Pista Anterior - Stop - Reproducir/Pausa - Inicio Correo - Seleccionar Medio - Aplicación 1 - Aplicación 2 - Attn - CrSel - ExSel - Reproducir - Zoom - Teclado numérico - Mayúsculas - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Cancelar + Instalar &para todos los usuarios + Exa&minar... + Añadir icono de VeraCrypt al e&scritorio + Donar ahora... + Asociar los archivos .hc &con VeraCrypt + &Abrir ubicación de destino al terminar + Añadir VeraCrypt al Menú &Inicio + Crear Punto de &Restauración de Sistema + &Desinstalar + &Extraer + &Instalar + Asistente de Instalación de VeraCrypt + Desinstalar VeraCrypt + &Ayuda + Seleccione o escriba la ubicación donde desea extraer los archivos: + Seleccione o escriba la ubicación donde desea instalar los archivos de VeraCrypt. Si la ubicación seleccionada no existe, ésta será creada automáticamente. + Presione Desinstalar para eliminar VeraCrypt de este sistema. + Abortar + &Comparación + &Probar + Crear volumen cifrado y formatearlo + Cifrar partición conservando datos + Mostrar claves generadas (parte de ellas) + Mostrar contenido del pool + Descargar software de grabación de CD/DVD + Crear un contenedor de archivos cifrado + &GB + &TB + Más información + Volumen VeraCrypt o&culto + Más información acerca de volúmenes ocultos + Modo Directo + Modo Normal + &KB + U&sar archivo-llave + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + A&rchivos-llave + Información de algoritmos hash + Más información + Information on PIM + &MB + Más informacion + Más información sobre cifrado del sistema + Más información + Arranque múltiple + Cifrar partición/unidad secundaria + No &guardar nunca historial + Abrir Volumen Externo + &Pausa + Use P&IM + Use PIM + Formato Rápido + &Mostrar contraseña + &Mostrar contraseña + &Display PIM + Arranque simple + Volumen VeraCrypt común + &Oculto + Normal + Cifrar la partición/unidad del sistema entera + Cifrar la partición de Windows + Cifrar toda la unidad + Asistente de creación de Volumen VeraCrypt + Cluster + IMPORTANTE: Mueva el ratón al azar todo lo posible dentro de esta ventana. Cuanto más lo mueva, mejor. Esto incrementa significativamente la fuerza criptográfica de las claves de cifrado. Luego presione Siguiente para continuar. + &Confirmar: + Hecho + Drive letter: + Algoritmo de Cifrado + Sistema de archivos. + Crea un disco cifrado virtual dentro de un archivo. Recomendado para usuarios sin experiencia. + Opciones + Algoritmo Hash + Clave Cabecera: + Quedan + Clave Maestra: + Seleccione esta opción si hay dos o más sistemas operativos instalados en este ordenador.\n\nPor ejemplo:\n- Windows XP y Windows XP\n- Windows XP y Windows Vista\n- Windows y Mac OS X\n- Windows y Linux\n- Windows, Linux y Mac OS X + Cifra una partición en cualquier unidad interna o externa (ej: unidad flash). Opcionalmente, crea un volúmen oculto. + Contenido actual del pool (parcial) + Pasada + Contraseña: + Volume PIM: + Volume PIM: + Progreso: + Pool Aleatorio: + Seleccione esta opción si hay solo un sistema operativo instalado en este ordenador (aunque tenga varios usuarios). + Velocidad + Estado + Las claves, sal y otros datos han sido generados con éxito. Si quiere generar nuevas claves, presione Volver y luego Siguiente. Si no, presione Siguiente para continuar. + Cifra la partición/unidad donde Windows está instalado. Cualquiera que quiera acceder al sistema, leer y escribir archivos, etc. tendrá que introducir la contraseña antes de arrancar Windows. Opcionalmente, crea un sistema oculto. + Seleccione esta opción para cifrar la partición donde está instalado el sistema operativo Windows que hay ahora mismo en ejecución. + Volume Label in Windows: + Modo de borrado seguro: + Cerrar + Permitir esquivar &autenticación de pre-arranque pulsando Esc (habilita el administrador de arranque) + No hacer nada + Montar &Automáticamente volumen VeraCrypt (especificado debajo) + &Iniciar VeraCrypt + &Detección automática + Guardar contraseña de autenticación de pre-arranque en &caché (para montar volúmenes secundarios) + Explorar... + Explorar... + Guardar contras&eñas y archivos en caché + Salir cuando no haya volúmenes montados + &Cerrar sesión de token (log out) después de montar un volumen con éxito + Include VeraCrypt Volume Expander + Incluir el Asistente de Creación de Volúmenes VeraCrypt + Crear + &Crear Volumen + No mo&strar texto en la pantalla de autenticación de pre-arranque (excepto el siguiente mensaje) + Disable "Evil Maid" attack detection + Acelerar cifrado/descifrado AES usando instrucciones AES del procesador (si es posible) + Usar Archivo-llave + Usar Archivo-llave + &Salir + Ayuda sobre volúmenes favoritos + No montar volumen seleccionado cuando se pulse la &tecla 'Montar volúmenes favoritos' + Montar volumen seleccionado cuando el dispositivo anfitrión se &conecte + Montar volumen seleccionado al inici&o + Montar volumen seleccionado e&n modo de sólo lectura + Montar &volumen seleccionado como medio extraíble + Mover &abajo + Mover arri&ba + Abrir en el &explorador el volumen seleccionado cuando sea montado con éxito + Elimina&r + Use favorite label as Explorer drive label + Configuración global + Mostrar mensaje emergente tras desmontar con éxito usando atajos de teclado + Reproducir notificación sonora tras desmontar con éxito usando atajos de teclado + Alt + Ctrl + Mayus. + Win + Asignar + Eliminar + Archivos-llave + No usar el siguiente número de procesadores para cifrado/descifrado: + Más información + Más información + Más opciones + Montar &Autom. + &Opciones Montaje + Montar volumen como sól&o lectura + Archivos-llave + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Activado + Guardar contraseñas en caché + Desmontar volumen autom. cuando dejen de leerse/escribirse datos + Si el usuario cierra sesión + User session locked + Si se entra en "ahorro de energía" + Si se activa el salvapantallas + Forzar desmontaje automático aunque el volumen tenga archivos abiertos + Montar todos los volúmenes alojados en dispositivos + Iniciar VeraCrypt en segundo plano + Montar volúmenes como sólo lectura + Montar volúmenes como medios extraíbles + Abrir en el &explorador el volumen montado con éxito + Temporary Cache password during "Mount Favorite Volumes" operations + Usar icono distinto en la barra de tareas si hay volúmenes montados + Eliminar contraseñas guardadas al desmontar automáticamente + Eliminar contraseñas guardadas al salir + Conservar modificaciones de fecha/hora de los contenedores + Por defecto + Seleccionar D&ispositivo + Seleccionar A&rchivo + Seleccionar &Librería + Mostrar contraseña + Mostrar contraseña + Abrir en el &explorador el volumen montado + Guardar &contraseña en caché + TrueCrypt Mode + &Desmontar Todo + Propiedades del &Volumen + Herramien&tas de volumen + &Borrar Caché + VeraCrypt - Mount Parameters + VeraCrypt - Volúmenes favoritos + VeraCrypt - Atajos de teclado para sistema completo + VeraCrypt + Cambiar contraseña o archivo-llave + Introducir Contraseña de Volumen VeraCrypt + VeraCrypt - Opciones de Rendimiento y controladores + VeraCrypt - Preferencias + VeraCrypt - Opciones de cifrado del sistema + VeraCrypt - Preferencias de token de seguridad + Crear Disco Viajero VeraCrypt + Propiedades de Volumen VeraCrypt + Acerca de... + Añadir/Eliminar Archivos-llave a/de Volumen + Añadir Volumen Montado a Favoritos + Añadir Volumen Montado a Favoritos del Sistema + Analizar Fallo del Sistema + Copia de Seguridad de Cabecera de Volumen + Comparación + Establecer Algoritmo de Derivación de Clave de Cabecera + Cambiar Contraseña del Volumen + Establecer Algoritmo de Derivación de Clave de Cabecera + Cambiar Contraseña + Borrar Historial de Volúmenes + Cerrar Sesiones de Token de Seguridad + Contactar + Crear Sistema Operativo Oculto + Crear Disco de Rescate + Crear Nuevo Volumen + Permanently Decrypt... + Archivos-llave Por Defecto + Default Mount Parameters... + Donar ahora... + Cifrar la Partición/Unidad del Sistema + Preguntas Frecuentes + Guía del Usuario + Página &Web + Atajos de teclado + Generador de Archivo-llave + Idioma + Información Legal + Administrar Archivos-llave de Token de Seguridad + Montar autom. todos los volúmenes alojados en cualquier dispositivo + Montar Volúmenes Favoritos + Montar Sin &Autenticación de Pre-Arranque + Montar Volumen + Montar Volumen con Opciones + Noticias + Ayuda en línea + Tutorial del principiante + Organizar Volúmenes Favoritos + Organizar Volúmenes Favoritos del Sistema + Rendimiento/Configuración del controlador + Descifrar Permanentemente la Partición/Unidad del Sistema + Preferencias + Actualizar Letras de Unidad + Eliminar Todos los Archivos-llave de un Volumen + Restaurar Cabecera de Volumen + Continuar Proceso Interrumpido + Seleccionar Dispositivo + Seleccionar Archivo + Continuar Proceso Interrumpido + Cifrado del Sistema + Propiedades + Configuración + Volúmenes Favoritos del Sistema + Descargas + Probar Vectores + Tokens de seguridad + Crear Disco Viajero + Desmontar Todos los Volúmenes Montados + Desmontar Volumen + Verificar Disco de Rescate + Verify Rescue Disk ISO Image + Historial de Versiones + Volume Expander + Propiedades de Volumen + Asistente de Creación de Volumen + Sitio Web de VeraCrypt + Borrar Contraseñas Guardadas + Aceptar + Aceleración Hardware + Atajo de teclado + Configuración de Autoarranque (autorun.inf) + Desmontar automáticamente + Desmontar Todo: + Opciones de Pantalla del Cargador de Arranque + Confirmar Contraseña: + Actual + Mostrar este mensaje personalizado en la pantalla de pre-arranque (24 caracteres max.): + Opciones de Montaje Predeterminadas + Opciones de Atajos de Teclado + Configuración del controlador + Enable extended disk control codes support + Etiqueta del volumen favorito seleccionado: + Opciones del Archivo + Tecla a asignar: + El procesador (CPU) en este ordenador soporta aceleración hardware para AES: + Acciones a realizar al iniciar sesión en Windows + minutos + Montar volumen en letra de unidad: + Ajustes de Montaje + Nueva + Contraseña: + Paralelización basada en hilos + Ruta de Librería PKCS #11 + PKCS-5 PRF: + PKCS-5 PRF: + Caché de Contraseñas + Opciones de seguridad + VeraCrypt en Segundo Plano + Volumen VeraCrypt a montar (relativo a raíz del disco viajero): + Tras la inserción del disco viajero: + Crear archivos del disco viajero en (directorio raíz del disco viajero): + Volumen + Windows + Añadir &Ruta + Probar &Autom. + &Continuar + &Descifrar + &Borrar + Ci&frar + &Exportar + Generar y Guardar Archivo-llave + &Generar Archivo-llave Aleatorio + Descargar paquete de idioma + AES acelerado por hardware: + &Importar Archivo-llave a Token + Añadir Archi&vos + Usar Archivos-llave + &Archivos-llave + Elimina&r + Eliminar &todo + ¿Que es la protección de volumen oculto? + Más información + Montar volumen como unidad &extraíble + Montar partición &usando cifrado del sistema sin autenticación de pre-arranque + Paralelización: + Comparación + &Imprimir + &Proteger volumen oculto contra daños por escritura en el volumen externo + &Reiniciar + Mostrar Contraseña + Archivos &Token + Usar copia de seguridad de cabecera insertada en &volumen si es posible + Modo XTS + Acerca de VeraCrypt + VeraCrypt - Comparación de algoritmos de cifrado + VeraCrypt - Probar Vectores + Ayuda sobre línea de comandos + VeraCrypt - Archivos-llave + VeraCrypt - Generador de Archivos-llave + VeraCrypt - Idioma + VeraCrypt - Opciones de Montaje + Propiedades del Archivo-llave del Nuevo Token de Seguridad + VeraCrypt - Enriquecimiento del Pool Aleatorio + Seleccionar Partición o Dispositivo + VeraCrypt + Archivos-llave de Token de Seguridad + Se requiere contraseña/PIN de token de seguridad + Paquete de idioma activo + La velocidad se ve afectada por la carga de la CPU y las características del dispositivo de almacenamiento.\n\nÉstas pruebas tienen lugar en RAM. + Buffer: + Algoritmo de cifrado: + Contr&aseña volumen oculto:\n(vacío para usar caché) + Protección de Volumen Oculto + Tamaño de la Clave: + IMPORTANTE: Mueva el ratón al azar todo lo posible dentro de esta ventana. Cuanto más lo mueva, mejor. Esto incrementa significativamente la fuerza criptográfica del archivo-llave. + PRECAUCIÓN: ¡si pierde un archivo-llave o si cambian sus primeros 1024 KB, será imposible montar los volúmenes que usan ese archivo-llave! + bits + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Traducido por: + Tamaño del texto plano: + bits + Contenido de Pool Actual + Mezcla PRF: + IMPORTANTE: Mueva el ratón al azar todo lo posible dentro de esta ventana. Cuanto más lo mueva, mejor. Esto incrementa significativamente la seguridad. Cuando lo haya hecho, pulse 'Continuar'. + Clave Secundaria (hexadecimal) + Token de seguridad: + Orden: + Por favor espere. Este proceso puede llevar mucho tiempo... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Número de bloque: + Texto cifrado (hexadecimal) + Datos de la unidad (64-bit hexadecimal, tamaño de la unidad de datos es 512 bytes) + Clave (hexadecimal) + Texto Plano (hexadecimal) + Nombre del Archivo-llave: + Modo XTS + &Sistema + &Volúmenes + Favor&itos + &Herramientas + Confi&guración + A&yuda + Página &Web + + &Acerca de... + No se ha podido cambiar el atributo 'sólo lectura' de su antiguo volumen. Compruebe los permisos de acceso del archivo. + Error: Acceso Denegado\n\nLa partición a la que está intentando acceder no contiene ningún sector o es el dispositivo de arranque. + Administrador + Para cargar el controlador de VeraCrypt necesita iniciar sesión con privilegios de administrador. + Tenga en cuenta que para cifrar/formatear una partición/dispositivo necesita iniciar sesión con privilegios de administrador.\n\nEsto no se aplica a los volúmenes alojados en archivos. + Para crear un volumen oculto necesita iniciar sesión con privilegios de administrador.\n\n¿Desea continuar? + Tenga en cuenta que para formatear el volumen como NTFS necesita iniciar sesión con privilegios de administrador.\n\nSin los privilegios de administrador, sólo puede formatear el volumen como FAT. + Algoritmo aprobado por FIPS (Rijndael, publicado en 1998) que podría ser usado por departamentos y agencias gubernamentales de EEUU para proteger información clasificada hasta el nivel Alto Secreto. Clave de 256-bit, bloque de 128-bit, 14 rondas (AES-256). El modo de operación es XTS. + El volumen ya está montado + PRECAUCIÓN: ¡Por lo menos un algoritmo de cifrado o hash falló durante el proceso automático de autoanálisis!\n\nLa instalación de VeraCrypt podría estar corrupta. + PRECAUCIÓN: No hay suficientes datos en el Generador de Números Aleatorios para proporcionar la cantidad requerida de datos aleatorios.\n\nNo debería continuar. Seleccione 'Informar de un error' en el Menú Ayuda, y reporte este error. + La unidad está dañada (hay algún defecto físico en ella) o un cable está dañado, o la memoria está funcionando incorrectamente.\n\nTenga en cuenta que el problema está en su hardware, no en VeraCrypt. Por tanto, por favor NO reporte esto como un error/problema de VeraCrypt y NO pida ayuda sobre esto en los foros de VeraCrypt. Contacte con el equipo de soporte técnico del fabricante de su ordenador para obtener asistencia. Gracias.\n\nNota: Si el error ocurre repetidamente en el mismo sitio, es muy probable que esté causado por un bloque defectuoso, lo que podría corregirse usando software de terceros (tenga en cuenta que, en muchos casos, el comando 'chkdsk /r' no puede corregirlo porque trabaja sólo a nivel del sistema de archivos; en algunos casos, la herramienta 'chkdsk' no puede ni detectarlo). + Si está accediendo a una unidad de medios extraíbles, asegúrese de que haya un medio introducido en la unidad. La unidad/medio también podría estar dañada (podría haber un defecto físico en ella) o un cable podría estar dañado/desconectado. + Su sistema parece estar usando controladores de chipset personalizados defectuosos que impiden el cifrado de la unidad del sistema completa.\n\nIntente actualizar o desinstalar cualquier controlador de chipset personalizado (que no sea de Microsoft) antes de continuar. Si esto no funciona, intente cifrar sólo la partición del sistema. + Letra de unidad incorrecta. + Ruta incorrecta. + Cancelar + No se puede acceder a la unidad. Asegúrese de que la unidad seleccionada existe y que no está siendo utilizada por el sistema. + Precaución: El bloqueo de mayúsculas está activado. Esto puede provocar que introduzca su contraseña incorrectamente. + Tipo de Volumen + Podría suceder que alguien le obligara a revelar la contraseña de un volumen cifrado. Hay muchas situaciones en las que no podría negarse a revelar la contraseña (por ejemplo, debido a la extorsión). Usar el llamado "volumen oculto" le permite resolver estas situaciones sin revelar la contraseña de su volumen. + Seleccione esta opción si quiere crear un volumen VeraCrypt normal. + Tenga en cuenta que si desea que un sistema operativo sea instalado en un volumen alojado en una partición oculta, entonces la unidad del sistema entera no puede ser cifrada usando una única clave. + Opciones de cifrado del volumen externo + Opciones de cifrado del volumen oculto + Opciones de cifrado + AVISO: ¡Fallo al borrar la ruta del último volumen/archivo-clave seleccionado (almacenado por el selector de archivos)! + Error: El contenedor ha sido comprimido a nivel del sistema de archivos. VeraCrypt no soporta contenedores comprimidos (la compresión de información cifrada es redundante e inefectiva).\n\nDeshabilite la compresión del contenedor siguiendo estos pasos:\n1) Click derecho en el contenedor desde el explorador de Windows (no desde VeraCrypt).\n2) Seleccione 'Propiedades'.\n3) En la ventana de 'Propiedades', click en 'Opciones Avanzadas'.\n4) En la ventana 'Atributos avanzados', desactive la opción 'Comprimir contenido para ahorrar espacio en disco' y haga click en 'Aceptar'.\n5) En 'Propiedades', click en 'Aceptar'. + Falló la creación del volumen %s + El tamaño de %s es %.2f bytes + El tamaño de %s es %.2f KB + El tamaño de %s es %.2f MB + El tamaño de %s es %.2f GB + El tamaño de %s es %.2f TB + El tamaño de %s es %.2f PB + AVISO: El dispositivo/partición está siendo utilizado por el sistema operativo o una aplicación. Formatear el dispositivo/partición puede causar corrupción de datos e inestabilidad del sistema.\n\n¿Continuar? + Aviso: La partición está siendo usada por el sistema operativo o una aplicación. Debería cerrar cualquier aplicación que pueda estar usando la partición (incluyendo antivirus).\n\n¿Continuar? + Error: El dispositivo/partición contiene un sistema de archivos que no puede ser desmontado. El sistema de archivos puede estar en uso por el sistema operativo. Formatear el dispositivo/partición muy probablemente causará corrupción de datos e inestabilidad del sistema.\n\nPara solucionarlo, recomendamos que primero borre la partición y luego la vuelva a crear sin formatearla. Para hacerlo siga estos pasos:\n1) Click derecho en 'Mi PC' o 'Equipo' en el 'Menú inicio' y seleccione 'Administrar'. Aparecerá la ventana 'Administración de equipos'.\n2) En dicha ventana, seleccione 'Almacenamiento' > 'Administración de discos'.\n3) Click derecho en la partición que desea cifrar y seleccione 'Borrar la partición', 'Borrar Volumen' o 'Borrar unidad lógica'.\n4) Click en 'Aceptar'. Si Windows pregunta si quiere reiniciar el ordenador, hágalo. Entonces repita los pasos 1 y 2 y continúe desde el paso 5. 5)\nClick derecho en el área no asignada/espacio libre y seleccione 'Partición nueva', 'Volumen simple nuevo' o 'Unidad lógica nueva'.\n6) El 'Asistente de partición nueva' o 'Asistente de volumen simple nuevo' deberá aparecer; siga las instrucciones. Cuando en el asistente indique 'Formatear Partición', seleccione 'No formatear esta partición' o 'No formatear este volumen'. En el mismo asistente, click en 'Siguiente' y despues en 'Finalizar'.\n7) La ruta del dispositivo seleccinado en VeraCrypt podría ser incorrecta ahora. Por tanto, salga del Asistente de Creación de Volúmenes VeraCrypt (si aún está en ejecución) y ábralo de nuevo.\n8) Intente cifrar nuevamente el dispositivo/partición.\n\nSi VeraCrypt falla repetidamente al cifrar el dispositivo/partición, considere crear un contenedor de archivos en su lugar. + Error: El sistema de archivos no pudo ser bloqueado y/o desmontado. Podría estar siendo usado por el sistema operativo o alguna aplicación (como un antivirus). Cifrar la partición podría causar corrupción de datos e inestabilidad del sistema.\n\nPor favor cierre cualquier aplicación que pueda estar usando el sistema de archivos (incluyendo antivirus) y reinténtelo. Si esto no funciona, siga los pasos que hay más abajo. + AVISO: ¡Algunos de los dispositivos/particiones montados están en uso!\n\nIgnorar esto puede causar resultados no deseados incluyendo inestabilidad del sistema.\n\nSe recomienda encarecidamente que cierre cualquier aplicación que esté usando el dispositivo/partición. + El dispositivo seleccionado contiene particiones.\n\nFormatear el dispositivo puede causar inestabilidad del sistema y/o corrupción de datos. Seleccione una partición en el dispositivo o elimine todas las particiones del dispositivo para permitir que VeraCrypt lo formatee con seguridad. + El dispositivo secundario seleccionado contiene particiones.\n\nLos volúmenes VeraCrypt cifrados alojados en dispositivos pueden ser creados en dispositivos que no contienen particiones (incluyendo discos duros y unidades de estado sólido). Un dispositivo que contiene particiones puede ser cifrado por completo sin modificarlas (usando una única clave maestra) sólo si es la unidad donde Windows está instalado y desde la que arranca.\n\nSi desea cifrar el dispositivo secundario seleccionado usando una única clave maestra, necesitará eliminar antes todas las particiones del dispositivo para permitir que VeraCrypt lo formatee con seguridad (formatear un dispositivo que contiene particiones podría causar inestabilidad del sistema y/o corrupción de datos). Como alternativa, puede cifrar cada partición del dispositivo individualmente (cada partición será cifrada usando una clave maestra diferente).\n\nNota: Si desea eliminar todas las particiones de un disco GPT, podría necesitar convertirlo primero en un disco MBR (usando p.e. el Administrador de Equipos) para eliminar particiones ocultas. + Aviso: si cifra el dispositivo entero (en lugar de cifrar sólo una de sus particiones), los sistemas operativos considerarán el dispositivo como nuevo, vacío y no formateado (ya que no contendrá tabla de particiones) y podrían iniciar espontáneamente el dispositivo (o preguntarle si desea hacerlo), lo que podría dañar el volumen. Además, no será posible montar consistentemente el volumen como favorito (p.e. cuando cambie el número de unidad) o asignarle una letra de volumen favorita.\n\nPara evitar esto, considere crear una partición en el dispositivo y cifrar la partición.\n\n¿Seguro que desea cifrar el dispositivo entero? + IMPORTANTE: ¡Tenga presente que este volumen NO puede ser montado/accedido usando la letra de unidad %c:, la cual está actualmente asignada al mismo!\n\nPara montar este volumen, haga click en 'Montar Autom.' en la ventana principal de VeraCrypt (o también, en dicha ventana, click en 'Seleccionar Dispositivo', seleccione esta partición/dispositivo y pulse 'Montar'). El volumen será montado en una letra de unidad diferente, que podrá elegir de la lista de la ventana principal de VeraCrypt.\n\nLa letra original de unidad %c: debería usarse sólo en caso de que necesite eliminar el cifrado de la partición/unidad (p.e. si ya no necesitará cifrado). En ese caso, haga click derecho en la letra de unidad %c: en la lista de 'Equipo' (o 'Mi PC') y seleccione 'Formatear'. De otro modo, la letra de unidad %c: nunca debería ser usada (a menos que la elimine, como se describe p.e. en la FAQ de VeraCrypt, y la asigne a otra partición/dispositivo). + El cifrado de volúmenes secundarios conservando datos no está soportado por la versión del sistema operativo que está usando actualmente (sólo está soportado en Windows Vista y versiones posteriores de Windows).\n\nLa razón es que esta versión de Windows no soporta la compresión del sistema de archivos (el sistema de archivos necesita ser comprimido para crear espacio para la cabecera del volumen y su copia de seguridad). + La partición seleccionada no parece contener un sistema de archivos NTFS. Sólo las particiones con sistema de archivos NTFS pueden ser cifradas conservando datos.\n\nNota: La razón es que esta versión de Windows no soporta la compresión de otros tipos de sistemas de archivos (el sistema de archivos necesita ser comprimido para crear espacio para la cabecera del volumen y su copia de seguridad). + La partición seleccionada no parece contener un sistema de archivos NTFS. Sólo las particiones con sistema de archivos NTFS pueden ser cifradas conservando datos.\n\nSi desea crear un volumen cifrado VeraCrypt dentro de esta partición, elija la opción "Crear volumen cifrado y formatearlo" (en lugar de la opción "Cifrar partición sin modificadión de datos"). + Error: La partición es demasiado pequeña. VeraCrypt no puede cifrarla conservando datos. + Para cifrar los datos de esta partición, siga estos pasos:\n\n1) Cree un volumen VeraCrypt en una partición/dispositivo vacío y móntelo.\n\n2) Copie en dicho volumen VeraCrypt todos los archivos de la partición que iba a ser cifrada originalmente. De esta forma, ud. creará una copia de seguridad cifrada de los datos.\n\n3) Cree un volumen VeraCrypt en la partición que quería cifrar originalmente y asegúrese de (en el asistente VeraCrypt) elegir la opción "Crear volumen cifrado y formatearlo" (en lugar de la opción "Cifrar partición conservando datos"). Tenga en cuenta que todos los datos almacenados en la partición serán borrados. Después de crear el volumen, móntelo.\n\n4) Copie todos los archivos del volumen VeraCrypt montado como copia de seguridad (el que fue creado en el paso 1) al volumen VeraCrypt montado que ha sido creado (y montado) en el paso 3.\n\nDespués de completar estos pasos, los datos estarán cifrados y, además, habrá una copia de seguridad cifrada de los datos. + VeraCrypt sólo puede cifrar conservando datos una partición, un volumen dinámico o la unidad del sistema entera.\n\nSi desea crear un volumen VeraCrypt cifrado en el dispositivo secundario seleccionado, elija la opción "Crear volumen cifrado y formatearlo" (en lugar de la opción "Cifrar partición conservando datos"). + Error: VeraCrypt sólo puede cifrar conservando datos una partición, un volumen dinámico, o la unidad del sistema entera. Por favor asegúrese de que la ruta especificada es válida. + Error: No se puede comprimir el sistema de archivos (el sistema de archivos necesita ser comprimido para crear espacio para la cabecera del volumen y su copia de seguridad).\n\nPosibles causas y soluciones:\n\n- No hay suficiente espacio libre en el volumen. Asegúrese de que no hay ninguna otra aplicación escribiendo en el sistema de archivos.\n\n- Sistema de archivos corrupto. Intente comprobarlo y corregir los errores (click derecho en la letra de unidad correspondiente en 'Equipo', seleccione Propiedades > Herramientas > 'Comprobar ahora', asegúrese de que la opción 'Reparar automáticamente errores en el sistema de archivos' está activada y click en Iniciar).\n\nSi esto no funciona, siga los pasos que aparecen más abajo. + Error: No hay suficiente espacio libre en el volumen por lo que el sistema de archivos no puede ser comprimido (el sistema de archivos necesita ser comprimido para crear espacio para la cabecera del volumen y su copia de seguridad).\n\nElimine cualquier archivo innecesario y vacíe la Papelera de Reciclaje para liberar al menos 256 KB e inténtelo de nuevo. Tenga en cuenta que debido a una característica de Windows, la cantidad de espacio libre reportada por el explorador de Windows podría ser incorrecta hasta que el sistema operativo se reinicie. Si reiniciar el sistema no ayuda, el sistema de archivos podría estar corrupto. Intente comprobarlo y corregir cualquier error (click derecho en la letra de unidad correspondiente en 'Equipo', seleccione Propiedades > Herramientas > 'Comprobar ahora', asegúrese de que la opción 'Reparar automáticamente errores en el sistema de archivos' está activada y click en Iniciar).\n\nSi esto no funciona, siga los pasos que aparecen más abajo. + El espacio libre en la unidad %s es %.2f bytes. + El espacio libre en la unidad %s es %.2f KB + El espacio libre en la unidad %s es %.2f MB + El espacio libre en la unidad %s es %.2f GB + El espacio libre en la unidad %s es %.2f TB + El espacio libre en la unidad %s es %.2f PB + No se han podido obtener letras de unidad disponibles. + Error: No se ha encontrado el controlador de VeraCrypt.\n\nCopie los archivos 'veracrypt.sys' y 'veracrypt-x64.sys' al directorio donde está ubicada la aplicación principal (VeraCrypt.exe). + Error: Se está ejecutando una versión incompatible del controlador VeraCrypt.\n\nSi está intentando ejecutar VeraCrypt en modo portable (p.e. sin instalarlo) y ya hay instalada una versión diferente de VeraCrypt, debe desinstalar dicha versión primero (o actualizarla usando el instalador de VeraCrypt). Para desinstalarla, siga estos pasos: En Windows Vista o posterior, seleccione 'Menú Inicio' > Equipo > 'Desinstalar o cambiar un programa' > VeraCrypt > Desinstalar; en Windows XP, seleccione 'Menú Inicio' > Panel de control > 'Agregar o quitar programas' > VeraCrypt > Quitar.\n\nDel mismo modo, si está intentando ejecutar VeraCrypt en modo portable (p.e. sin instalarlo) y hay una versión diferente de VeraCrypt ejecutándose en modo portable, debe reiniciar el sistema primero y ejecutar únicamente esta nueva versión. + Error: Fallo en la inicialización del algoritmo de cifrado. + Error: Se ha detectado una clave débil o potencialmente débil. La clave será descartada. Inténtelo de nuevo. + Ha ocurrido un error crítico y VeraCrypt debe cerrarse. Si esto fue causado por un error (bug) de VeraCrypt, nos gustaría arreglarlo. Para ayudarnos, puede enviarnos un informe de errores generado automáticamente conteniendo los siguientes datos:\n\n- Versión del programa\n- Versión del sistema operativo\n- Tipo de CPU\n- Nombre del componente VeraCrypt\n- Suma de verificación del ejecutable VeraCrypt\n- Nombre simbólico de la ventana de diálogo\n- Categoría del error\n- Dirección del error\n- Pila de llamadas VeraCrypt\n\nSi selecciona 'Sí', la siguiente URL (que contiene el informe completo del error) se abrirá en su explorador de Internet predeterminado.\n\n%hs\n\n¿Desea enviarnos dicho informe? + Ha ocurrido un error crítico en su sistema, lo que requiere que VeraCrypt se cierre.\n\nTenga en cuenta que este error no ha sido causado por VeraCrypt (así que los desarrolladores de VeraCrypt no pueden solucionarlo). Compruebe su sistema por si hubiera problemas (p.e. configuración del sistema, conexión de red, componentes hardware defectuosos). + Ha ocurrido un error crítico en su sistema, lo que requiere que VeraCrypt se cierre.\n\nSi el problema continúa, quizá quiera intentar desactivar o desinstalar aplicaciones que podrían estar causando esta situación, como antivirus o software de seguridad de Internet, "potenciadores" del sistema, "optimizadores", etc. Si esto no funciona, quizá le interese intentar reinstalar su sistema operativo (este problema podría estar causado también por malware). + Error Crítico de VeraCrypt + VeraCrypt ha detectado que el sistema operativo ha fallado recientemente. Hay varias razones potenciales por las que el sistema puede haber fallado (por ejemplo, un componente hardware defectuoso, un error (bug) en un controlador de dispositivo, etc.)\n\n¿Desea que VeraCrypt compruebe si ha sido un error de VeraCrypt lo que ha causado el fallo del sistema? + ¿Desea que VeraCrypt continúe detectando fallos del sistema? + VeraCrypt no ha encontrado el archivo de volcado del fallo del sistema. + ¿Desea borrar el archivo de volcado del fallo de Windows para liberar espacio en disco? + Para analizar el fallo del sistema, VeraCrypt necesita instalar las Herramientas de Depuración para Windows primero.\n\nDespués de hacer click en Aceptar, el instalador de Windows descargará el paquete de instalación de las Herramientas de Depuración de Microsoft (16 MB) de un servidor de Microsoft y las instalará (el instalador de Windows será enviado a la URL del servidor de Microsoft desde el servidor veracrypt.org, lo que asegura que esta característica funcione incluso si Microsoft cambiara la localización del paquete de instalación). + Después de pulsar Aceptar, VeraCrypt analizará el fallo del sistema. Esto podría durar varios minutos. + Asegúrese de que la variable de entorno 'PATH' incluye la ruta a 'kd.exe' (Depurador del Núcleo). + Parece que lo más probable es que VeraCrypt no causara el fallo del sistema. Hay muchas razones potenciales por las que el sistema podría haber fallado (por ejemplo, un componente hardware defectuoso, un error en un controlador de dispositivo, etc.) + Los resultados del análisis indican que actualizar el siguiente controlador podría resolver este problema: + Para ayudarnos a determinar si hay un error (bug) en VeraCrypt o no, puede enviarnos un informe de errores generado automáticamente conteniendo los siguientes datos:\n\n- Versión del programa\n- Versión del sistema operativo\n- Tipo de CPU\n- Categoría del error\n- Nombre y versión del controlador\n- Pila de llamadas del sistema\n\nSi selecciona 'Sí', la siguiente URL (que contiene el informe completo del error) se abrirá en su explorador de Internet predeterminado. + ¿Desea enviarnos dicho informe de errores? + &Cifrar + &Descifrar + Descifrar &Permanentemente + Salir + Cree una unidad lógica para esta partición extendida, e inténtelo de nuevo. + Un volumen VeraCrypt puede residir en un archivo (llamado contenedor VeraCrypt), el cual puede residir en un disco duro, en una unidad flash USB, etc. Un contenedor VeraCrypt es exactamente igual que cualquier otro archivo (puede ser, por ejemplo, movido o eliminado como cualquier archivo común). Haga click en 'Seleccionar Archivo' para elegir un nombre de archivo para el contenedor y la ubicación donde desea que el contenedor sea creado.\n\nAVISO: Si selecciona un archivo existente, VeraCrypt NO lo cifrará; el archivo será eliminado y reemplazado por el contenedor VeraCrypt recién creado. Ud. podrá cifrar archivos existentes (más tarde) moviéndolos al contenedor VeraCrypt que va a crear ahora. + Seleccione la ubicación donde se creará el volumen externo (el volumen oculto será creado dentro de este volumen más adelante).\n\nUn volumen VeraCrypt puede residir en un archivo (llamado contenedor VeraCrypt), el cual puede residir en un disco duro, en una unidad flash USB, etc. Un contenedor VeraCrypt puede ser movido o borrado como cualquier archivo común. Haga click en 'Seleccionar Archivo' para elegir un nombre de archivo para el contenedor y la ubicación donde desea que el contenedor sea creado. Si selecciona un archivo existente, VeraCrypt NO lo cifrará; será eliminado y reemplazado por el contenedor recién creado. Ud. podrá cifrar archivos existentes (más tarde) moviéndolos al contenedor que va a crear ahora. + Los volúmenes VeraCrypt cifrados alojados en dispositivos pueden ser creados en particiones de discos duros, unidades de estado sólido, tarjetas de memoria USB, y en cualquier otro dispositivo de almacenamiento soportado. Las particiones también pueden ser cifradas conservando datos.\n\nAdemás, estos volúmenes VeraCrypt pueden ser creados dentro de dispositivos que no contengan ninguna partición (incluyendo discos duros y unidades de estado sólido).\n\nNota: Un dispositivo que contiene particiones puede ser cifrado por completo conservando datos (usando una única clave) sólo si es la unidad donde Windows está instalado y desde la que arranca. + Un volumen VeraCrypt alojado en dispositivo puede ser creado dentro de una partición de disco duro, unidad de estado sólido, tarjeta de memoria USB, y otros dispositivos de almacenamiento.\n\nAVISO: Tenga en cuenta que la partición/dispositivo será formateado y todos los datos almacenados en él se perderán. + \nSeleccione la ubicación donde se creará el volumen externo (dentro de este volumen se creará el volumen oculto más adelante).\n\nLos volúmenes externos pueden ser creados dentro de particiones en discos duros, unidades de estado sólido, tarjetas de memoria USB, y en cualquier otro dispositivo de almacenamiento soportado. Los volúmenes externos pueden ser creados también dentro de dispositivos que no contienen particiones (incluyendo discos duros y unidades de estado sólido).\n\nAVISO: Tenga en cuenta que la partición/dispositivo será formateado y todos los datos almacenados en él se perderán. + Seleccione la ubicación del volumen VeraCrypt en el que desea crear el volumen oculto. + AVISO: ¡El archivo/dispositivo ya está en uso!\n\nIgnorar esto puede causar resultados no deseados incluyendo inestabilidad del sistema. Todas las aplicaciones que puedan estar usando el archivo/dispositivo (por ejemplo, antivirus o aplicaciones de copia de seguridad) deberían ser cerradas antes de montar el volumen.\n\n¿Continuar montando? + Error: No se puede montar el volumen. El archivo/dispositivo ya está en uso. El intento de montarlo sin acceso exclusivo también falló. + No se pudo abrir el archivo. + Ubicación del volumen + Archivos grandes + ¿Tiene intención de almacenar archivos de más de 4 GB en este volumen VeraCrypt? + Dependiendo de su elección, VeraCrypt elegirá un sistema de archivos adecuado para el volumen VeraCrypt (pero lo podrá cambiar en el siguiente paso). + Como ud. está creando un volumen externo, debería considerar elegir 'No'. Si elige 'Sí', el sistema de archivos por defecto será NTFS, que no es tan adecuado como FAT para volúmenes externos (p.e., el máximo tamaño posible para el volumen oculto será mayor si el volumen externo es FAT). Normalmente, FAT es predeterminado para ambos volúmenes (por eso los volúmenes FAT no son sospechosos). Sin embargo, si el usuario planea almacenar archivos mayores de 4 GB (no permitidos en ese sistema de archivos), entonces FAT no será predeterminado. + ¿Seguro que desea elegir 'Sí'? + Modo de Creación de Volumen + Esta es la forma más rápida de crear un volumen VeraCrypt alojado en partición o dispositivo (cifrar conservando datos, que es la otra opción, es más lenta ya que el contenido de cada sector debe ser leído primero, cifrado y después escrito). Cualquier dato almacenado en la partición/dispositivo seleccionado se perderá (los datos NO serán cifrados; serán sobreescritos con datos aleatorios). Si desea cifrar los datos existentes en una partición, elija la otra opción. + La partición seleccionada entera y todos los datos que almacena serán cifrados conservando datos. Si la partición está vacía, debería elegir la otra opción (el volumen será creado mucho más rápido). + Nota: + &Reanudar + &Aplazar + &Iniciar + &Continuar + &Formatear + &Borrar + ¿Abortar formato? + Mostrar más información + No mostrar esto de nuevo + El contenido de la partición/dispositivo ha sido borrado con éxito. + El contenido de la partición donde el sistema original (del cual el sistema oculto es una copia) residía ha sido borrado con éxito. + Asegúrese de que la versión de Windows que va a instalar (en la partición cuyos datos han sido borrados) es la misma que la que está ejecutando ahora. Esto es necesario porque ambos sistemas compartirán una partición de arranque común. + La unidad/partición del sistema ha sido cifrada con éxito.\n\nNota: Si hay volúmenes VeraCrypt secundarios que necesita tener montados automáticamente cada vez que se inicie Windows, puede hacerlo montando cada uno de ellos y seleccionando 'Favoritos' > 'Añadir Volumen Montado a Favoritos del Sistema'). + La unidad/partición del sistema ha sido descifrada con éxito. + \n\nEl volumen VeraCrypt ha sido creado y está listo para usarse. Si desea crear otro volumen VeraCrypt haga click en Siguiente. Si no, haga click en Salir. + \n\nEl volumen oculto VeraCrypt ha sido creado con éxito (el sistema operativo oculto residirá dentro de este volumen oculto).\n\nHaga click en Siguiente para continuar. + Volumen Completamente Cifrado + Volume Fully Decrypted + IMPORTANTE: PARA MONTAR EL VOLUMEN VERACRYPT RECIÉN CREADO Y ACCEDER A SUS DATOS, HAGA CLICK EN 'Montar Autom.' EN LA VENTANA PRINCIPAL DE VERACRYPT. Después de introducir la contraseña (y/o los archivos-llave), el volumen será montado en la letra de unidad seleccionada de la lista de la ventana principal (y podrá acceder a los datos cifrados a través de dicha letra).\n\nRECUERDE O APUNTE ESTAS INSTRUCCIONES. DEBERÁ SEGUIRLAS CADA VEZ QUE QUIERA MONTAR EL VOLUMEN Y ACCEDER A LOS DATOS ALMACENADOS EN ÉL. Alternativamente, en la ventana principal, haga click en 'Seleccionar Dispositivo', seleccione esta partición/volumen, y haga click en 'Montar'.\n\nLa partición/volumen ha sido cifrado correctamente (ahora contiene un volumen VeraCrypt completamente cifrado) y está listo para su uso. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + El volumen VeraCrypt ha sido creado con éxito. + Volumen creado + IMPORTANTE: Mueva el ratón al azar todo lo posible dentro de esta ventana. Cuanto más lo mueva, mejor. Esto incrementa significativamente la fuerza criptográfica de las claves de cifrado. Luego haga click en 'Formatear' para crear el volumen. + Haga click en Formatear para crear el volumen externo. Para más información, lea la documentación. + Formato del volumen externo + Formato del volumen oculto + Formato del volumen + Se necesita Adobe Reader (o una herramienta compatible) para ver o imprimir la Guía de Usuario de VeraCrypt. Adobe Reader puede descargarse gratuitamente desde: www.adobe.com\n\n¿Desea, en su lugar, ver la documentacion en línea? + Si selecciona esta opción, el asistente primero le ayudará a crear un volumen VeraCrypt normal y luego un volumen VeraCrypt oculto dentro de este. Los usuarios sin experiencia deberían seleccionar siempre esta opción. + Si selecciona esta opción, creará un volumen oculto dentro de un volumen VeraCrypt existente. Se asumirá que ya ha creado ud. un volumen VeraCrypt que pueda alojar un volumen oculto. + Modo de Creación de Volumen + Volumen oculto creado + El volumen oculto VeraCrypt ha sido creado con éxito y está listo para ser usado. Si todas las instrucciones han sido seguidas y las precauciones y requisitos listados en la sección "Precauciones y Requisitos de Seguridad Concernientes a los Volúmenes Ocultos" de la Guía del Usuario de VeraCrypt han sido seguidos, debería ser imposible demostrar que el volumen oculto existe, incluso si el volumen externo está montado.\n\nAVISO: SI NO PROTEGE EL VOLUMEN OCULTO (PARA INFORMARSE SOBRE CÓMO HACERLO, VAYA A LA SECCIÓN "PROTECCIÓN DE VOLÚMENES OCULTOS CONTRA DAÑOS" EN LA GUÍA DEL USUARIO DE VERACRYPT), NO MODIFIQUE EL VOLUMEN EXTERNO. DE LO CONTRARIO, ¡PODRÍA SOBREESCRIBIR Y DAÑAR EL VOLUMEN OCULTO! + Ha iniciado el sistema operativo oculto. Como habrá observado, el sistema operativo oculto parece estar instalado en la misma partición que el sistema operativo original. Sin embargo, en realidad, está instalado dentro de la partición trasera (en el volumen oculto). Todas las operaciones de lectura y escritura están siendo redirigidas transparentemente desde la partición del sistema original al volumen oculto.\n\nNi el sistema operativo ni las aplicaciones sabrán que los datos escritos y leídos desde la partición del sistema son en realidad escritos y leídos desde la partición trasera (desde un volumen oculto). Dichos datos son cifrados y descifrados al vuelo como siempre (con una clave de cifrado diferente de la que será utilizada para el sistema operativo señuelo).\n\n\nHaga click en Siguiente para continuar. + El volumen externo ha sido creado y montado como la unidad %hc:. Ahora debería ud. copiar a este volumen externo algunos archivos susceptibles de ser buscados pero que realmente NO sean los que quiere ocultar. Estarán ahí por si alguien le obligara a revelar la contraseña para la primera partición tras la partición del sistema, donde los volúmenes externo y oculto (conteniendo el sistema operativo oculto) residirán. Ud. podrá revelar la contraseña para este volumen externo, y la existencia del volumen oculto (y del sistema operativo oculto) permanecerá en secreto.\n\nIMPORTANTE: Los archivos que copie al volumen externo no deben ocupar más de %s. De lo contrario, podría no haber suficiente espacio libre en el volumen externo para el volumen interno (y no se podrá continuar). Cuando termine de copiar, haga click en Siguiente (no desmonte el volumen). + El volumen externo ha sido creado con éxito y montado como la unidad %hc:. Ahora debería ud. copiar a este volumen algunos archivos susceptibles de ser buscados pero que realmente NO sean los que quiere ocultar. Los archivos estarán ahí por si alguien le obligara a revelar su contraseña. Ud. revelará sólo la contraseña para este volumen externo, no la del volumen oculto. Los archivos que realmente le importan serán almacenados en el volumen oculto, que será creado más adelante. Cuando termine de copiar, haga click en Siguiente. No desmonte el volumen.\n\nNota: Después de pulsar Siguiente, el mapa de bits del cluster del volumen externo será escaneado para determinar el tamaño del área ininterrumpida de espacio libre al final del volumen. Este área alojará el volumen oculto, así que limitará su máximo tamaño posible. Escanear el mapa de bits del cluster asegura que ningún dato del volumen externo sea sobreescrito por el volumen oculto. + Contenido del volumen externo + \n\nEn los siguientes pasos, establecerá las opciones para el volumen externo (dentro del cual se creará el volumen oculto posteriormente). + \n\nEn los siguientes pasos, creará un volumen VeraCrypt externo dentro de la primera partición tras la partición del sistema (como se explicó en uno de los pasos anteriores). + Volumen externo + En los siguientes pasos, establecerá las opciones y contraseña para el volumen oculto, que contendrá el sistema operativo oculto.\n\nObservación: El mapa de bits del cluster del volumen externo ha sido escaneado para determinar el tamaño del área ininterrumpida de espacio libre al final del volumen externo. Este área alojará el volumen oculto, así que limita su máximo tamaño posible. Ha sido determinado y confirmado que el máximo tamaño posible del volumen oculto es mayor que el tamaño de la partición del sistema (lo que es requerido, porque el contenido entero de la partición del sistema necesitará ser copiado al volumen oculto). Esto asegura que ningún dato almacenado en el volumen externo será sobreescrito por datos escritos al área del volumen oculto. + IMPORTANTE: Por favor recuerde los algoritmos que seleccione en este paso. Tendrá que seleccionar los mismos algoritmos para el sistema señuelo. De otro modo, ¡el sistema oculto será inaccesible! (El sistema señuelo debe ser cifrado con el mismo algoritmo de cifrado que el sistema oculto.)\n\nNota: La razón es que el sistema señuelo y el sistema oculto compartirán un único cargador de arranque, el cual soporta sólo un único algoritmo, seleccionado por el usuario (para cada algoritmo, hay una versión especial del Cargador de Arranque de VeraCrypt). + \n\nEl mapa de bits del cluster del volumen ha sido escaneado y el máximo tamaño posible del volumen oculto ha sido determinado. En los pasos siguientes establecerá las opciones, el tamaño y la contraseña para el volumen oculto. + Volumen oculto + Ahora el volumen oculto está protegido contra daños hasta que el volumen externo sea desmontado.\n\nAVISO: Si se intenta guardar cualquier dato en el área del volumen oculto, VeraCrypt comenzará a proteger contra escritura el volumen entero (tanto la parte oculta como la externa) hasta que sea desmontado. Esto podría crear corrupción del sistema de archivos en el volumen externo, lo cual (si se repite) podría afectar negativamente la negación plausible del volumen oculto. Por tanto, debería esforzarse todo lo posible por evitar escribir en el área del volumen oculto. Cualquier dato que vaya a guardarse en el área del volumen oculto no se guardará y se perderá. Windows informará de ello como un error de escritura ("Error de escritura demorada" o "El parámetro es incorrecto"). + Ahora cada uno de los volúmenes ocultos dentro de los volúmenes recién montados están protegidos contra daños hasta que sean desmontados.\n\nAVISO: Si se intenta guardar cualquier dato en el área del volumen oculto protegido de cualquiera de estos volúmenes, VeraCrypt comenzará a proteger contra escritura el volumen entero (tanto la parte oculta como la externa) hasta que sea desmontado. Esto podría crear corrupción del sistema de archivos en el volumen externo, lo cual (si se repite) podría afectar negativamente la negación plausible del volumen oculto. Por tanto, debería esforzarse todo lo posible por evitar escribir en el área del volumen oculto. Cualquier dato que vaya a guardarse en las áreas de volumen oculto protegido no se guardará y se perderá. Windows informará de ello como un error de escritura ("Error de escritura demorada" o "El parámetro es incorrecto"). + AVISO: ¡Se intentó guardar información en el área del volumen oculto dentro del volumen montado como %c:! VeraCrypt impidió que se guardaran esos datos para proteger el volumen oculto. Esto podría haber causado corrupción en el sistema de archivos del volumen externo y Windows podría haber informado de un error de escritura ("Error de escritura demorada" o "El parámetro es incorrecto"). El volumen entero (tanto la parte externa como la oculta) será protegido contra escritura hasta que sea desmontado. Si no es la primera vez que VeraCrypt ha impedido que se guarden datos en el área del volumen oculto de este volumen, la negación plausible de este volumen oculto podría estar afectada negativamente (debido a posibles inconsistencias correlacionadas inusuales dentro del sistema de archivos del volumen externo). Por tanto, debería considerar crear un nuevo volumen VeraCrypt (con Formato Rápido desactivado) y mover los archivos de este volumen al nuevo volumen; este volumen debería ser borrado con seguridad (tanto la parte externa como la oculta). Es muy recomendable reiniciar el sistema operativo ahora. + Has indicado tu intención de almacenar archivos mayores de 4 GB en este volumen. Esto requiere que el volumen sea formateado como NTFS, lo cual, sin embargo, no será posible. + Tenga en cuenta que cuando un sistema operativo oculto está ejecutándose, los volúmenes VeraCrypt no ocultos no pueden ser formateados como NTFS. La razón es que el volumen podría necesitar ser montado temporalmente sin protección contra escritura, para permitir al sistema operativo formatearlo como NTFS (mientras que formatear como FAT lo puede hacer VeraCrypt directamente y sin montar el volumen). Para más detalles técnicos, ver más abajo. Puede crear un volumen NTFS no oculto desde dentro del sistema operativo señuelo. + Por razones de seguridad, cuando un sistema operativo oculto está ejecutándose, los volúmenes ocultos se pueden crear sólo en modo 'directo' (porque los volúmenes externos deben ser montados siempre en modo de sólo lectura). Para crear un volumen oculto con seguridad, siga estos pasos:\n\n1) Arranque el sistema señuelo.\n\n2) Cree un volumen VeraCrypt normal y, a este volumen, copie algunos archivos susceptibles de ser buscados pero que realmente NO sean los que quiere ocultar (el volumen se convertirá en el volumen externo).\n\n3) Arranque el sistema oculto e inicie el Asistente de Creación de Volúmenes VeraCrypt. Si el volumen está alojado en un archivo, muévalo a la partición del sistema o a otro volumen oculto (de otro modo, el volumen oculto recién creado podría ser montado como sólo lectura y no podría formatearse). Siga las instrucciones del asistente hasta seleccionar el modo 'directo' de creación de volúmenes ocultos.\n\n4) En el asistente, seleccione el volumen que creó en el paso 2 y siga las instrucciones para crear un volumen oculto dentro del mismo. + Por razones de seguridad, cuando un sistema operativo oculto se está ejecutando, los sistemas de archivos locales no cifrados y los volúmenes VeraCrypt no ocultos son montados como sólo lectura (no se puede guardar ningún dato en esos sistemas de archivos y volúmenes VeraCrypt).\n\nSe pueden escribir datos a cualquier sistema de archivos que resida dentro de un volumen VeraCrypt oculto (siempre que dicho volumen oculto no esté ubicado en un contenedor almacenado en un sistema de archivos no cifrado o en cualquier otro sistema de archivos de sólo lectura). + Hay tres razones principales por las que se deberían implementar contramedidas:\n\n- Habilita la creación de una plataforma segura para montar volúmenes VeraCrypt ocultos. Recomendamos oficialmente que los volúmenes ocultos sean montados sólo cuando un sistema operativo oculto se esté ejecutando. (Para más información, vea la sección 'Precauciones y Requisitos de Seguridad Concernientes a los Volúmenes Ocultos' en la documentación.)\n\n- En algunos casos, es posible determinar que, en un momento concreto, un sistema de archivos particular no se montó bajo (o un archivo particular del sistema de archivos no se guardó o leyó desde) una instancia particular de un sistema operativo (p.e. analizando y comparando registros de diario del sistema de archivos, fechas/horas de los archivos, logs de aplicaciones, logs de errores, etc). Esto podría indicar que un sistema operativo oculto está instalado en el ordenador. Las contramedidas previenen este problema.\n\n- Previene la corrupción de datos y permite la hibernación segura. Cuando Windows se reanuda tras una hibernación, asume que todos los sistemas de archivos montados están en el mismo estado que cuando el sistema hibernó. VeraCrypt lo asegura protegiendo contra escritura cualquier sistema de archivos accesible tanto desde el sistema señuelo como desde el oculto. Sin esta protección, el sistema de archivos podría corromperse al ser montado por un sistema mientras el otro sistema está hibernado. + Nota: Si necesita transferir archivos con seguridad desde el sistema señuelo al sistema oculto, siga estos pasos:\n1) Inicie el sistema señuelo.\n2) Guarde los archivos a un volumen no cifrado o a un volumen VeraCrypt externo/normal.\n3) Inicie el sistema oculto.\n4) Si guardó los acrhivos a un volumen VeraCrypt, móntelo (será automáticamente montado como sólo lectura).\n5) Copie los archivos a la partición del sistema oculto o a otro volumen oculto. + Su ordenador debe ser reiniciado.\n\n¿Desea reiniciarlo ahora? + Ha ocurrido un error al obtener el estado del cifrado del sistema. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + No se pueden inicializar componentes de la aplicación para el cifrado del sistema. + ¡Fallo al inicializar el generador de números aleatorios! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + No se pudo iniciar la aplicación. Fallo al registrar la clase Dialog. + Error: Fallo al cargar la librería de sistema Rich Edit. + Asistente de Creación de Volúmenes VeraCrypt + El tamaño máximo posible de volumen oculto para este volumen es %.2f bytes. + El tamaño máximo posible de volumen oculto para este volumen es %.2f KB. + El tamaño máximo posible de volumen oculto para este volumen es %.2f MB. + El tamaño máximo posible de volumen oculto para este volumen es %.2f GB. + El tamaño máximo posible de volumen oculto para este volumen es %.2f TB. + La contraseña/archivo-llave del volumen no puede cambiarse mientras el volumen está montado. Desmonte el volumen primero. + El algoritmo de derivación de clave de cabecera no puede ser cambiado mientras el volumen está montado. Desmonte el volumen primero. + &Montar + Se requiere una versión más reciente de VeraCrypt para montar este volumen. + Error: Asistente para la Creación de Volumen no encontrado.\n\nVerifique que el archivo 'VeraCrypt Format.exe' este en la misma carpeta que el archivo ' VeraCrypt.exe'. Si no es así, reinstale VeraCrypt o localice el archivo 'VeraCrypt Format.exe' en su disco y ejecútelo. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Siguiente > + &Finalizar + &Instalar + E&xtraer + No es posible conectar con el controlador de dispositivo VeraCrypt. VeraCrypt no puede funcionar si el controlador de dispositivo no está funcionando.\n\nTenga en cuenta que, debido a un problema de Windows, puede ser necesario terminar la sesión o reiniciar el sistema antes antes de que el controlador de dispositivo se pueda cargar. + Ocurrió un error al cargar/preparar las fuentes. + No se ha encontrado la letra de unidad, o no se ha especificado ninguna. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Letra de unidad no disponible. + ¡No seleccionó ningún archivo! + No hay letras de unidad disponibles. + ¡No hay ninguna letra de unidad libre para el volumen externo! La creación del Volumen no puede continuar. + No se pudo determinar la versión del sistema operativo o está utilizando un sistema operativo no soportado. + ¡No se ha seleccionado la ruta! + ¡No hay suficiente espacio libre para el volumen oculto! La creación del volumen no puede continuar. + Error: Los archivos que copió al volumen externo ocupan demasiado espacio. Por tanto, no hay suficiente espacio libre en el volumen externo para el volumen oculto.\n\nTenga en cuenta que el volumen oculto debe ser al menos tan grande como la partición del sistema (la partición donde el sistema operativo en ejecución está instalado). La razón es que el sistema operativo oculto necesita ser creado copiando el contenido de la partición del sistema al volumen oculto.\n\n\nEl proceso de creación del sistema operativo oculto no puede continuar. + El controlador no puede desmontar el volumen. Algunos archivos situados en el volumen probablemente siguen abiertos. + No se puede bloquear el volumen. Todavía hay archivos abiertos en él. Por lo tanto, no puede ser desmontado. + VeraCrypt no puede bloquear el volumen porque está siendo usado por el sistema o alguna aplicación (puede haber archivos abiertos en el volumen).\n\n¿Quieres forzar el desmontaje del volumen? + Seleccione un volumen VeraCrypt + Especifique la ubicación y el nombre del archivo + Seleccione librería PKCS #11 + Memoria Insuficiente + IMPORTANTE: Recomendamos encarecidamente que los usuarios sin experiencia creen un contenedor de archivos VeraCrypt en el dispositivo/partición seleccionado, en lugar de intentar cifrar el dispositivo/partición entero.\n\nAl crear un contenedor VeraCrypt (al contrario que al cifrar un dispositivo o partición) no hay, por ejemplo, riesgo de destruir una gran cantidad de archivos. Tenga en cuenta que un contenedor VeraCrypt (a pesar de que contiene un disco virtual cifrado) es exactamente igual que cualquier archivo normal. Para más información, vea el capítulo Tutorial del Principiante en la Guía de Usuario de VeraCrypt.\n\n¿Seguro que desea cifrar el dispositivo/partición entero? + AVISO: ¡El archivo '%s' ya existe!\n\nIMPORTANTE: VERACRYPT NO CIFRARÁ EL ARCHIVO, PERO LO BORRARÁ. ¿Seguro que desea borrar el archivo y reemplazarlo por un nuevo contenedor VeraCrypt? + CUIDADO: ¡TODOS LOS ARCHIVOS ACTUALMENTE ALMACENADOS EN %s '%s'%s SERÁN BORRADOS Y SE PERDERÁN (NO SERÁN CIFRADOS)!\n\n¿Seguro que desea continuar con el formato? + AVISO: No podrá montar el volumen o acceder a los archivos almacenados en él hasta que haya sido cifrado por completo.\n\n¿Seguro que desea comenzar a cifrar %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + AVISO: Tenga en cuenta que si el suministro de energía se interrumpe repentinamente mientras se cifran datos existentes sin pérdida de información, o si el sistema operativo falla debido a un error de software o hardware mientras VeraCrypt cifra datos sin pérdida de información, se corromperán o perderán porciones de los datos. Por tanto, antes de comenzar a cifrar, asegúrese de que tiene copias de seguridad de los archivos que desea cifrar.\n\n¿Tiene dichas copias? + CUIDADO: ¡TODOS LOS ARCHIVOS ALMACENADOS EN LA PARTICIÓN '%s'%s (EN LA PRIMERA PARTICIÓN TRAS LA PARTICIÓN DEL SISTEMA) SERÁN BORRADOS Y SE PERDERÁN (NO SERÁN CIFRADOS)!\n\n¿Seguro que desea iniciar el formateo? + AVISO: ¡LA PARTICIÓN SELECCIONADA CONTIENE UNA GRAN CANTIDAD DE DATOS! ¡Todos los archivos almacenados en la partición serán eliminados y se perderán (NO serán cifrados)! + Borra cualquier archivo almacenado en la partición creando un volumen VeraCrypt dentro + Contraseña + PIM + Establecer Algoritmo de Derivación de Clave de Cabecera + Añadir/Eliminar Archivos-llave a/de un Volumen + Eliminar Todos los Archivos-llave de un Volumen + Contraseña, PIM y/o archivo-llave cambiados con éxito.\n\nIMPORTANTE: Asegúrese de que ha leído la sección 'Cambiando contraseñas y archivos-llave' en el capítulo 'Precauciones y Requisitos de Seguridad' en la Guía de Usuario de VeraCrypt. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANTE: Si no destruyó su Disco de Rescate VeraCrypt, su partición/unidad del sistema aún puede ser descifrada usando la contraseña antigua (arrancando el Disco de Rescate VeraCrypt e introduciendo la contraseña antigua). Debería ud. crear un nuevo Disco de Rescate VeraCrypt y destruir el antiguo.\n\n¿Desea crear un nuevo Disco de Rescate VeraCrypt? + Recuerde que el Disco de Rescate VeraCrypt aún usa el algoritmo anterior. Si considera el algoritmo anterior inseguro, debería crear un nuevo Disco de Rescate VeraCrypt y destruir el antiguo.\n\n¿Desea crear un nuevo Disco de Rescate VeraCrypt? + Cualquier tipo de archivo (.mp3, .jpg, .zip, .avi...) puede usarse como archivo-llave. VeraCrypt nunca modifica el contenido del archivo. Puede seleccionar más de un archivo-llave (el orden no importa). Si añade una carpeta, todos los archivos no ocultos que contenga serán usados como archivos-llave. Haga click en 'Archivos Token' para seleccionar archivos-llave almacenados en token de seguridad o tarjetas inteligentes (o para importar archivos-llave a tokens o tarjetas). + Archivos-llave agregados/eliminados con éxito. + Archivo-llave exportado. + Algoritmo de derivación de clave de cabecera establecido con éxito. + Introduzca la contraseña y/o archivos-llave para el volumen secundario donde desea continuar el proceso de cifrado sin pérdida de datos.\n\nObservación: Después de pulsar Siguiente, VeraCrypt intentará encontrar todos los volúmenes secundarios donde el proceso de cifrado haya sido interrumpido y la cabecera del volumen pueda ser descifrada usando la contraseña y/o archivos-llave suministrados. Si se encuentra más de un volumen, necesitará seleccionar uno en el siguiente paso. + Seleccione uno de los volúmenes listados. La lista contiene todos los volúmenes secundarios accesibles donde el proceso de cifrado haya sido interrumpido y cuya cabecera pudo ser descifrada usando la contraseña y/o archivos-llave suministrados. + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + Es muy importante que elija una buena contraseña. Debería evitar elegir una que contenga sólo una palabra que se pueda encontrar en un diccionario (o una combinación de 2, 3, o 4 de estas palabras). No debería contener nombres ni fechas de nacimiento. No debería ser fácil de adivinar. Una buena contraseña es una combinación aleatoria de letras mayúsculas y minúsculas, números, y caracteres especiales como @ ^ = $ * + etc. Recomendamos la elección de una contraseña que consista en más de 20 caracteres (cuanto más larga, mejor). La máxima longitud posible es 64 caracteres. + Elija una contraseña para el volumen oculto. + Elija una contraseña para el sistema operativo oculto (es decir, para el volumen oculto). + IMPORTANTE: La contraseña que elija para el sistema operativo oculto en este paso debe ser sustancialmente diferente de las otras dos contraseñas (es decir, de la contraseña para el volumen externo y de la del sistema operativo señuelo). + Introduzca la contraseña para el volumen en el que desea crear un volumen oculto.\n\nTras pulsar Siguiente, VeraCrypt intentará montar el volumen. Tan pronto como el volumen sea montado, el mapa de bits del cluster será examinado para determinar el tamaño del área ininterrumpida de espacio libre (si la hay) cuyo final coincide con el final del volumen. Este área alojará el volumen oculto y por tanto limitará su máximo tamaño posible. La exploración del mapa de cluster es necesario para asegurar que ningún dato del volumen externo sea sobreescrito por el volumen oculto. + \nElija una contraseña para el volumen externo. Esta será la contraseña que ud. podrá revelar a un enemigo si es obligado a hacerlo.\n\nIMPORTANTE: La contraseña debe ser sustancialmente diferente de la que elegirá para el volumen oculto.\n\nNota: La longitud máxima posible de la contraseña es 64 caracteres. + Elija una contraseña para el volumen externo. Esta será la contraseña que ud. podrá revelar a cualquiera que le obligue a descubrir la contraseña para la primera partición tras la partición del sistema, donde los volúmenes externo y oculto (que contiene el sistema operativo oculto) residirán. La existencia del volumen oculto (y la del sistema operativo oculto) permanecerá en secreto. Tenga en cuenta que esta contraseña no es para el sistema operativo señuelo.\n\nIMPORTANTE: La contraseña debe ser sustancialmente diferente de la que elegirá para el volumen oculto (es decir, para el sistema operativo oculto) + Contraseña del Volumen Externo + Contraseña del Volumen Oculto + Contraseña del Sistema Operativo Oculto + AVISO: ¡Las contraseñas cortas son fáciles de romper usando técnicas de fuerza bruta!\n\nRecomendamos la elección de una contraseña de más de 20 caracteres.\n\n¿Seguro que desea utilizar una contraseña corta? + Contraseña del Volumen + Contraseña incorrecta o no es un volumen VeraCrypt + Contraseña y/o archivo-llave incorrectos o no es un volumen VeraCrypt + Mal montaje, contraseña incorrecta, o no es un volumen VeraCrypt. + Mal montaje, contraseña y/o archivo-llave incorrectos, o no es un volumen VeraCrypt. + Contraseña incorrecta o no se encontró el volumen VeraCrypt. + Contraseña y/o archivo-llave incorrectos o no se encontró el volumen VeraCrypt. + \n\nAviso: El bloqueo de mayúsculas está activo. Esto puede causar que introduzca su contraseña incorrectamente. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nAVISO: Se han encontrado archivos ocultos en una ruta de búsqueda de archivos-llave. Estos archivos no pueden ser usados como archivos-llave. Si necesita usarlos como archivos-llave, elimine su atributo 'Oculto' (click derecho en cada uno, seleccione 'Propiedades', desmarque 'Oculto' y pulse Aceptar). Nota: Los archivos ocultos sólo son visibles si la opción correspondiente está activada (Equipo > Organizar > 'Opciones de carpeta y búsqueda' > Ver). + Si está intentando proteger un volumen oculto que contiene un sistema oculto, asegúrese de estar usando la distribución de teclado EEUU estándar cuando teclee la contraseña para el volumen oculto. Esto es necesario debido a que la contraseña necesita ser escrita en el entorno de pre-arranque (antes de que Windows se inicie) en el que las distribuciones de teclado Windows distintas a la de EEUU no estarán disponibles. + VeraCrypt no ha encontrado ningún volumen en el que el cifrado haya sido interrumpido y la cabecera de volumen pueda ser descifrada usando la contraseña y/o archivo-llave suministrados.\n\nPor favor asegúrese de que la contraseña y/o archivo-llave son correctos y que la partición/volumen no esté siendo usada por el sistema o alguna aplicación (antivirus incluídos). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nRecuerde: Si está intentando montar una partición ubicada en una unidad del sistema cifrada sin autenticación de pre-arranque, o montar la partición del sistema cifrada de un sistema operativo que no se está ejecutando, puede hacerlo seleccionando 'Sistema' > 'Montar sin Autenticación de Pre-Arranque'. + En este modo, no puede montar una partición ubicada en una unidad cuya parte está dentro del ámbito de la clave del cifrado del sistema activo.\n\nAntes de que pueda montar esta partición en este modo, necesita o arrancar un sistema operativo instalado en una unidad diferente (cifrado o no) o arrancar un sistema operativo no cifrado. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Atrás + ¡No se pueden listar los dispositivos raw de su sistema! + El volumen '%s' existe y es de sólo lectura. ¿Desea reemplazarlo? + Seleccione el directorio de destino + Seleccione Archivo-llave + Seleccione ruta de búsqueda de archivos-llave. AVISO: ¡Sólo se recordará la ruta, no el nombre de los archivos! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Diseñado por Ross Anderson, Eli Biham, y Lars Knudsen. Publicado en 1998. Clave de 256-bit, bloque de 128-bit. Modo de operación XTS. Serpent fue uno de los finalistas AES. + Especifique el tamaño del contenedor que desea crear.\n\nSi crea un contenedor dinámico (archivo disperso), este parámetro especificará su máximo tamaño posible.\n\nTenga en cuenta que el mínimo tamaño posible de un volumen FAT es 292 KB. De un volumen NTFS, el mínimo es 3792 KB. + Especifique el tamaño del volumen externo (primero creará un volumen externo y luego un volumen oculto en su interior). El mínimo tamaño posible para un volumen en el que se pretenda crear un volumen oculto es 340 KB. + Especifique el tamaño del volumen oculto. El mínimo tamaño posible de un volumen oculto es 40 KB (o 3664 KB si se formatea como NTFS). El máximo tamaño posible que puede especificar para el volumen oculto se muestra más arriba. + Tamaño del volumen externo + Tamaño del volumen oculto + Verifique que el tamaño del dispositivo/partición seleccionado que se muestra es correcto y haga click en Siguiente. + El volumen externo y el oculto (que contiene el sistema operativo oculto) residirán dentro de esta partición. Debe ser la primera partición tras la partición del sistema.\n\nVerifique que el tamaño de la partición y su número mostrado más arriba son correctos, y si lo son, pulse Siguiente. + \n\nRecuerde que el mínimo tamaño posible de un volumen en el que se pretende crear un volumen oculto es 340 KB. + Tamaño del volumen + Dinámico + AVISO: FALLÓ LA AUTO-PRUEBA! + Auto-prueba de todos los algoritmos superada + El número de unidad de datos suministrado es demasiado largo o corto. + La clave secundaria suministrada es demasiado larga o corta. + El texto cifrado de prueba suministrado es demasiado largo o corto. + La clave de prueba suministrada es demasiado larga o corta. + El texto plano de prueba es demasiado largo o corto. + Dos algoritmos en cascada operando en modo XTS. Cada bloque es cifrado primero con %s (clave de %d-bit) y luego con %s (clave de %d-bit). Cada algoritmo usa su propia clave. Todas las claves son independientes entre sí. + Tres algoritmos en cascada operando en modo XTS. Cada bloque es cifrado primero con %s (clave de %d-bit), luego con %s (clave de %d-bit), y finalmente con %s (clave de %d-bit). Cada algoritmo usa su propia clave. Todas las claves son independientes entre sí. + Tenga en cuenta que, dependiendo de la configuración del sistema operativo, las características de ejecución y montaje automático podrían funcionar sólo si los archivos de disco viajero son creados en medios contra escritura del tipo CD/DVD. Esto no es un error de VeraCrypt (es una limitación de Windows). + El disco viajero VeraCrypt ha sido creado con éxito.\n\nRecuerde que necesita privilegios de administrador para ejecutar VeraCrypt en modo portable. Recuerde también que, tras examinar el archivo del registro, se podría demostrar que VeraCrypt se ejecutó en un sistema Windows incluso si es ejecutado en modo portable. + Disco Viajero VeraCrypt + Diseñado por Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall y Niels Ferguson. Publicado en 1998. Clave de 256-bit, bloque de 128-bit. Modo de operación XTS. Twofish fue uno de los finalistas AES. + Más información en %s + Desconocido + Ha ocurrido un error no especificado o desconocido (%d). + Algunos volúmenes contienen carpetas o archivos en uso por el sistema o alguna aplicación.\n\n¿Forzar el desmontaje? + &Desmontar + ¡Fallo al desmontar! + El volumen contiene carpetas o archivos en uso por el sistema o alguna aplicación.\n\n¿Forzar el desmontaje? + No hay ningún volumen montado en la letra de unidad especificada. + El volumen que trata de montar ya está montado. + Ocurrió un error al intentar montar el volumen. + Error al buscar la ubicación dentro del volumen. + Error: Tamaño incorrecto del volumen. + AVISO: Debería usar Formato Rápido sólo en los siguientes casos:\n\n1) El dispositivo no contiene datos importantes y no necesita negación plausible.\n2) El dispositivo ya ha sido cifrado por completo con seguridad.\n\n¿Seguro que desea usar Formato Rápido? + Un contenedor dinámico es un archivo disperso NTFS pre-asignado cuyo tamaño físico (espacio en disco usado actualmente) crece conforme se van añadiendo nuevos datos.\n\nAVISO: El rendimiento de volúmenes alojados en archivos dispersos es significativamente peor que el de volúmenes comunes. Los volúmenes alojados en archivos dispersos son también menos seguros, porque se puede determinar qué sectores del volumen están sin usar. Además, estos volúmenes no pueden proporcionar negación plausible (alojar un volumen oculto). Tenga en cuenta también que si se escriben datos en un contenedor disperso cuando no haya suficiente espacio libre en el sistema de archivos anfitrión, el sistema de archivos cifrado podría corromperse.\n\n¿Seguro que desea crear un volumen alojado en un archivo disperso? + Tenga en cuenta que el tamaño del contenedor dinámico reportado por Windows y VeraCrypt siempre será igual a su máximo tamaño. Para ver el tamaño físico actual del contenedor (el espacio que usa del disco), haga click derecho en el contenedor (desde el explorador de Windows, no en VeraCrypt), seleccione 'Propiedades' y observe el valor 'Tamaño en disco'.\n\nTenga en cuenta también que si mueve un contenedor dinámico a otro volumen o unidad, el tamaño físico del contenedor será extendido al máximo. (Puede evitar esto creando un nuevo contenedor dinámico en la ubicación de destino, montándolo y moviendo los archivos desde el antiguo contenedor al nuevo.) + Caché de contraseñas borrada + Las contraseñas (y/o archivos-llave procesados) almacenadas en la caché del controlador TrueCryp han sido borradas. + VeraCrypt no puede cambiar la contraseña de un volumen exterior. + Seleccione una letra de unidad libre de la lista. + Seleccione un volumen montado en la lista de letras de unidad. + Hay seleccionados dos volúmenes montados diferentes (uno en la lista de letras de unidad y el otro en el campo de texto bajo la lista).\n\nElija el volumen que quiso seleccionar: + Error: No se puede crear autorun.inf + ¡Error al procesar el archivo-llave! + ¡Error al procesar la ruta del archivo-llave! + La ruta del archivo-llave no contiene archivos.\n\nRecuerde que las carpetas (y los archivos que contengan) encontradas durante la búsqueda son ignoradas. + VeraCrypt no soporta este sistema operativo. + Error: VeraCrypt sólo soporta versiones estables de este sistema operativo (no versiones beta ni RC). + Error: No se puede asignar memoria. + Error: No se pudo obtener el valor del contador de rendimiento. + Error: Mal formato de volumen. + Error: Ha proporcionado una contraseña para un volumen oculto (no para un volumen normal). + Por motivos de seguridad, un volumen oculto no puede ser creado dentro de un volumen VeraCrypt que contiene un sistema de archivos cifrado sin pérdida de datos (porque el espacio libre del volumen no ha sido llenado con datos aleatorios). + VeraCrypt - Avisos Legales + Todos los Archivos + Volúmenes VeraCrypt + Módulos de Librería + El formateo NTFS no puede continuar. + No se puede montar el volumen. + No se puede desmontar el volumen. + Windows falló al formatear el volumen como NTFS.\n\nSeleccione un tipo diferente de sistema de archivos (si es posible) y reinténtelo. Alternativamente, puede dejar el volumen sin formato (seleccione 'Ninguno' como sistema de archivos), salir del asistente, montar el volumen, y usar una herramienta del sistema o de terceros para formatear el volumen montado (el volumen permanecerá cifrado). + Windows fallo al formatear el volumen como NTFS.\n\n¿Desea formatear el volumen como FAT en su lugar? + Por defecto + partición + PARTICIÓN + Dispositivo + dispositivo + DISPOSITIVO + Volumen + volumen + VOLUMEN + Etiqueta + El tamaño de cluster seleccionado es muy pequeño para el tamaño del volumen. En su lugar se usará un cluster mas grande. + Error: ¡No se puede obtener el tamaño del volumen!\n\nAsegúrese de que el volumen seleccionado no está siendo usado por el sistema o una aplicación. + Los volúmenes ocultos no se deben crear dentro de contenedores dinámicos (archivos dispersos). Para garantizar la negación plausible, el volumen oculto necesita ser creado en un contenedor no dinámico. + El Asistente de Creación de Volúmenes VeraCrypt puede crear un volumen oculto sólo dentro de un volumen FAT o NTFS. + En Windows 2000, el Asistente de Creación de Volúmenes VeraCrypt puede crear un volumen oculto sólo en un volumen FAT. + Nota: El sistema de archivos FAT es más adecuado para volúmenes externos que el NTFS (por ejemplo, el máximo tamaño posible del volumen oculto probablemente habría sido significativamente mayor si el volumen externo se hubiera formateado como FAT). + Tenga en cuenta que el sistema de archivos FAT es más adecuado para volúmenes externos que el NTFS. Por ejemplo, el máximo tamaño posible del volumen oculto probablemente será significativamente mayor si el volumen externo es formateado como FAT (la razón es que el sistema de archivos NTFS siempre almacena datos internos en la mitad del volumen y, por tanto, el volumen oculto sólo puede residir en la segunda mitad del volumen externo).\n\n¿Seguro que desea formatear el volumen externo como NTFS? + ¿Desea formatear el volumen como FAT en su lugar? + Nota: Este volumen no puede ser formateado como FAT, porque excede el tamaño máximo de volumen soportado por el sistema de archivos FAT32 para el tamaño de sector aplicable (2 TB para sectores de 512-byte y 16 TB para sectores de 4096-byte). + Error: La partición para el sistema operativo oculto (o sea, la primera partición tras la partición del sistema) debe ser al menos un 5% mayor que la partición del sistema (que es en la que está instalado el sistema operativo en ejecución). + Error: La partición para el sistema operativo oculto (o sea, la primera partición tras la partición del sistema) debe ser al menos un 110% (2.1 veces) mayor que la partición del sistema (que es en la que está instalado el sistema operativo en ejecución). La razón es que el sistema de archivos NTFS siempre almacena datos internos en la mitad del volumen y, por tanto, el volumen oculto (que va a contener una copia de la partición del sistema) sólo puede residir en la segunda mitad de la partición. + Error: si el volumen externo es formateado como NTFS, debe ser al menos un 110% (2.1 veces) mayor que la partición del sistema. La razón es que el sistema de archivos NTFS siempre almacena datos internos en la mitad del volumen y, por tanto, el volumen oculto (que va a contener una copia de la partición del sistema) sólo puede residir en la segunda mitad del volumen externo.\n\nNota: El volumen externo tiene que estar en la misma partición que el sistema operativo oculto (es decir, dentro de la primera partición tras la partición del sistema). + Error: No hay ninguna partición tras la partición del sistema.\n\nRecuerde que antes de poder crear un sistema operativo oculto, ud. necesita crear una partición para él en la unidad del sistema. Debe ser la primera partición tras la partición del sistema (es decir, aquella en la que está instalado el sistema operativo en ejecución) y debe ser al menos un 5% mayor que ésta. Sin embargo, si el volumen externo (no confundir con la partición del sistema) se formatea como NTFS, la partición para el sistema operativo oculto debe ser al menos un 110% (2.1 veces) mayor que la partición del sistema (la razón es que el sistema de archivos NTFS siempre almacena datos internos en la mitad del volumen y, por tanto, el volumen oculto, que va a contener una copia de la partición del sistema, sólo puede residir en la segunda mitad de la partición). + Observación: no es viable (y por tanto no está soportado) instalar sistemas operativos en dos volúmenes VeraCrypt que estén insertados dentro de una sola partición, porque usar el sistema operativo externo podría requerir que se escriban datos al área del sistema operativo oculto (y si estas operaciones de escritura fueran evitadas usando la protección de volúmenes ocultos, causaría intrínsecamente fallos del sistema, como 'pantallazos azules'). + Para más información sobre cómo crear y administrar particiones, remítase a la documentación proporcionada con su sistema operativo o contacte con el equipo de soporte técnico del vendedor de su ordenador para obtener asistencia. + Error: El sistema operativo en ejecución no está instalado en la partición de arranque (la primera partición activa). Esto no está soportado. + Ha indicado su intención de almacenar archivos mayores de 4 GB en este volumen VeraCrypt. No obstante, ha elegido el sistema de archivos FAT, en el cual no se pueden almacenar archivos mayores de 4 GB.\n\n¿Seguro que desea formatear el volumen como FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Error: ¡No se puede acceder al volumen!\n\nAsegúrese de que el volumen seleccionado existe, que no está montado ni siendo usado por otra aplicación, que tiene permisos de lectura/escritura sobre el volumen, y que no está protegido contra escritura. + Error: Cannot obtain volume properties. + Error: No se puede acceder al volumen y/o obtener información sobre el volumen.\n\nAsegúrese de que el volumen seleccionado existe, que no está siendo usado por el sistema o alguna aplicación, que tiene permisos de lectura/escritura sobre el volumen, y que no está protegido contra escritura. + Error: No se puede acceder al volumen y/o obtener información sobre el mismo. Asegúrese de que el volumen seleccionado existe, de que no está siendo usado por el sistema o alguna aplicación, que tiene permisos de lectura/escritura sobre el volumen, y que no está protegido contra escritura.\n\nSi el problema continúa, podría ayudar seguir los pasos siguientes. + Un error evitó que VeraCrypt cifrara la partición. Intente arreglar cualquier problema reportado previamente y reinténtelo. Si el problema continúa, podría ayudar seguir los siguientes pasos. + Un error evitó que VeraCrypt continuara el proceso de cifrado de la partición.\n\nIntente arreglar cualquier problema reportado previamente y trate de continuar el proceso de nuevo. Recuerde que el volumen no puede montarse hasta que haya sido cifrado por completo. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Error: ¡No se puede desmontar el volumen externo!\n\nEl volumen no puede ser desmontado si contiene carpetas o archivos que estén siendo usados por el sistema o una aplicación.\n\nCierre los programas que puedan estar usando las carpetas o archivos del volumen y pulse Reintentar. + Error: ¡No se puede obtener información acerca del volumen externo! La creación del volumen no puede continuar. + Error: ¡No se puede acceder al volumen externo! La creación del volumen no puede continuar. + Error: ¡No se puede montar el volumen externo! la creación del volumen no puede continuar. + Error: ¡No se puede obtener el mapa de bits de cluster del volumen! La creación del volumen no puede continuar. + Alfabético/Categorizado + Velocidad Media (Descendiendo) + Algoritmo + Cifrado + Descifrado + Media + Unidad + Tamaño + Algoritmo de Cifrado + Algoritmo de cifrado + Tipo + Valor + Propiedad + Localización + bytes + Oculto + Externo + Normal + Sistema + Oculto (sistema) + Sólo Lectura + Unidad del Sistema + Unidad del Sistema (cifrando - %.2f%% hecho) + Unidad del Sistema (descifrando - %.2f%% hecho) + Unidad del Sistema (%.2f%% cifrado) + Partición del Sistema + Partición del sistema oculta + Partición del Sistema (cifrando - %.2f%% hecho) + Partición del Sistema (descifrando - %.2f%% hecho) + Partición del Sistema (%.2f%% cifrado) + Sí (¡daños evitados!) + Ninguno + Tamaño de Clave Principal + Tamaño de Clave Secundaria (Modo XTS) + Tamaño de Clave Tweak (Modo LRW) + bits + Tamaño de bloque + PKCS-5 PRF + Cuenta de iteraciones PKCS-5 + Volumen Creado + Última modificación de la cabecera + (hace %I64d días) + Versión del Formato del Volumen + Copia de Seguridad de Cabecera Insertada + Versión del Cargador de Arranque VeraCrypt + Primero disponible + Disco extraíble + Disco Duro + Sin cambios + Autodetection + Modo Asistente + Seleccione uno de los modos. Si no sabe cuál seleccionar, use el modo predeterminado. + Seleccione esta opción si desea instalar VeraCrypt en este sistema. + Nota: Puede actualizar sin descifrar incluso si la partición/unidad del sistema está cifrada o usa un sistema operativo oculto. + Si selecciona esta opción, todos los archivos serán extraídos de este paquete pero no se instalará nada en el sistema. No la seleccione si pretende cifrar la partición o unidad del sistema. Esta opción puede ser útil, por ejemplo, si desea ejecutar VeraCrypt en modo portable. VeraCrypt no tiene por qué ser instalado en el sistema operativo bajo el cual se ejecuta. Después de haber extraído los archivos, puede ejecutar directamente el archivo 'VeraCrypt.exe' (con lo que VeraCrypt se ejecutará en modo portable). + Opciones de instalación + Aquí puede establecer varias opciones para controlar el proceso de instalación. + Instalando + Por favor espere mientras VeraCrypt está siendo instalado. + VeraCrypt ha sido instalado con éxito + VeraCrypt ha sido actualizado con éxito + Por favor considere hacer una donación. Puede pulsar Finalizar en cualquier momento para cerrar el instalador. + Opciones de Extracción + Aquí puede establecer varias opciones para controlar el proceso de extracción. + Por favor espere mientras los archivos son extraídos. + Archivos extraídos con éxito + Todos los archivos han sido correctamente extraídos a la ubicación de destino. + Si la carpeta especificada no existe, se creará automáticamente. + Los archivos de programa de VeraCrypt serán actualizados en la ubicación donde VeraCrypt está instalado. Si necesita seleccionar una ubicación diferente, desinstale VeraCrypt primero. + ¿Desea ver las notas de publicación de la versión actual (la última estable) de VeraCrypt? + Si nunca ha utilizado VeraCrypt, recomendamos que lea el capítulo Tutorial del Principiante en la Guía de usuario de VeraCrypt. ¿Desea ver el tutorial? + Por favor seleccione una de las siguientes acciones a realizar: + Reparar/Reinstalar + Actualizar + Desinstalar + Para instalar/desinstalar VeraCrypt, debe ud. tener privilegios de administrador. ¿Desea continuar? + El Instalador de VeraCrypt ya se está ejecutando en este sistema y está preparando o llevando a cabo la instalación o actualización de VeraCrypt. Antes de continuar, espere a que termine o ciérrelo. Si no puede cerrarlo, reinicie su ordenador antes de continuar. + La Instalación falló. + La Desinstalación falló. + Este paquete de distribución está dañado. Intente descargarlo nuevamente (preferentemente desde la página oficial de VeraCrypt en https://veracrypt.codeplex.com). + No se puede escribir el archivo %s + Extrayendo + No se puede leer información del paquete. + No se puede verificar la integridad de este paquete de distribución. + La Extracción falló. + La instalación ha sido revertida. + VeraCrypt ha sido instalado con éxito. + VeraCrypt ha sido actualizado con éxito. + VeraCrypt ha sido actualizado a una nueva versión. Antes de poder empezar a usarla, su ordenador debe ser reiniciado.\n\n¿Desea reiniciar ahora? + ¡Fallo al actualizar VeraCrypt!\n\nIMPORTANTE: Antes de apagar o reiniciar el sistema, es muy recomendable que utilice Restaurar Sistema (Menú Inicio > Todos los programas > Accesorios > Herramientas del Sistema > Restaurar Sistema) para devolver su sistema al punto de restauración llamado 'Instalación de VeraCrypt'. Si Restaurar Sistema no está disponible, debería intentar reinstalar la versión original o la nueva de VeraCrypt antes de apagar o reiniciar el sistema. + VeraCrypt ha sido desinstalado con éxito.\n\nHaga click en 'Finalizar' para eliminar el instalador y la carpeta %s. Tenga en cuenta que la carpeta no se eliminará si contiene archivos que no hayan sido instalados por el instalador o creados por VeraCrypt. + Eliminando entradas de registro de VeraCrypt + Añadiendo entradas de registro + Eliminando información específica de la aplicación + Instalando + Deteniendo + Eliminando + Agregando icono + Creando punto de Restauración del Sistema + ¡Fallo al crear punto de Restauración del Sistema! + Actualizando cargador de arranque + Ha fallado la instalación de '%s'. %s\n¿Desea continuar instalando? + Ha fallado la desinstalación de '%s'. %s\n¿Desea continuar desinstalando? + Instalación completada. + La carpeta '%s' no pudo ser creada + No se puede detener el controlador de dispositivos VeraCrypt.\n\nCierre todas las ventanas abiertas de VeraCrypt primero. Si no funciona, reinicie Windows y reinténtelo. + Se deben desmontar todos los volúmenes VeraCrypt antes de instalar/desinstalar VeraCrypt. + Una versión obsoleta de VeraCrypt está instalada en este sistema. Debe ser desinstalada antes de instalar esta nueva versión de VeraCrypt.\n\nTan pronto como cierre este mensaje, se lanzará el desinstalador de la versión antigua. Tenga en cuenta que ningún volumen será descifrado al desinstalar VeraCrypt. Tras desinstalar la versión antigua de VeraCrypt, ejecute el instalador de la versión nueva otra vez. + La instalación de las entradas del registro ha fallado + La instalación del controlador de dispositivos ha fallado. Reinicie Windows e intente instalar VeraCrypt de nuevo. + Iniciando el controlador de dispositivo VeraCrypt + La desinstalación del controlador de dispositivo ha fallado. Recuerde que, debido a un problema de Windows, puede ser necesario terminar la sesión o reiniciar el sistema antes de que el controlador de dispositivo pueda ser desinstalado (o reinstalado). + Instalando el controlador de dispositivo VeraCrypt + Deteniendo el controlador de dispositivo VeraCrypt + Desinstalando el controlador de dispositivo VeraCrypt + Falló el registro de la librería de soporte del Control de Cuentas de Usuario. + Falló el des-registro de la librería de soporte del Control de Cuentas de Usuario. + Nota sobre el modo portable:\n\nRecuerde que el sistema operativo requiere que los controladores sean registrados con él antes de que puedan ser iniciados. Por tanto, el controlador VeraCrypt no es (ni puede ser) totalmente portable (mientras que las aplicaciones VeraCrypt sí lo son, no tienen que ser instaladas o registradas con el sistema operativo). Recuerde también que VeraCrypt necesita un controlador que proporcione cifrado/descifrado transparente al vuelo. + Recuerde que si decide ejecutar VeraCrypt en modo portable (en lugar de ejecutar una copia instalada de VeraCrypt), el sistema le pedirá permiso para ejecutar VeraCrypt (ventana del Control de Cuentas de Usuario) cada vez que intente abrirlo.\n\nLa razón es que cuando ejecuta VeraCrypt en modo portable, VeraCrypt necesita cargar e iniciar el controlador de dispositivo VeraCrypt, el cual es necesario para proporcionar cifrado/descifrado claro al vuelo, y los usuarios sin privilegios de administrador no pueden iniciar controladores de dispositivo en Windows. Por tanto, el sistema le pedirá permiso para ejecutar VeraCrypt con privilegios de administrador.\n\nTenga en cuenta que si instala VeraCrypt en el sistema (en lugar de ejecutarlo en modo portable) el sistema NO le pedirá permiso para ejecutar VeraCrypt cada vez que intente abrirlo.\n\n¿Seguro que desea extraer los archivos? + Aviso: este Asistente de Creación de Volúmenes tiene privilegios de administrador.\n\nSu nuevo volumen será creado con permisos que no le permitirán escribir en el volumen cuando esté montado. Si quiere evitarlo, cierre este Asistente de Creación de Volúmenes y abra uno nuevo sin privilegios de administrador.\n\n¿Desea cerrar este Asistente de Creación de Volúmenes? + Error: No se puede mostrar la licencia. + Externo(!) + dias + horas + minutos + s + Abrir + Desmontar + Mostrar VeraCrypt + Ocultar VeraCrypt + Datos leídos desde el montaje + Datos escritos desde el montaje + Parte Cifrada + 100% (totalmente cifrado) + 0% (no cifrado) + %.3f%% + 100% + Esperando + Preparando + Redimensionando + Cifrando + Descifrando + Finalizando + En Pausa + Terminado + Error + Dispositivo desconectado + Volúmenes favoritos del sistema guardados.\n\nPara que los volúmenes favoritos del sistema se monten cuando el sistema se inicie, seleccione 'Configuración' > 'Volúmenes Favoritos del Sistema' > 'Montar volúmenes favoritos del sistema cuando se inice Windows'. + El volumen que está añadiendo a favoritos no es ni una partición ni un volumen dinámico. Por tanto, VeraCrypt será incapaz de montar este volumen favorito si el número de dispositivo cambia. + El volumen que está añadiendo a favoritos es una partición no reconocida por Windows.\n\nVeraCrypt será incapaz de montar este volumen favorito si el número de dispositivo cambia. Establezca el tipo de partición a un tipo reconocido por Windows (use el comando SETID de la herramienta 'diskpart' de Windows). Luego añada la partición a favoritos de nuevo. + VeraCrypt en Segundo Plano está deshabilitado o configurado para cerrarse cuando no hay volúmenes montados (o VeraCrypt se está ejecutando en modo portable). Esto puede evitar que sus volúmenes favoritos sean montados automáticamente cuando se conecten los dispositivos que los alojan.\n\nNota: Para habilitar VeraCrypt en Segundo Plano, seleccione Configuración > Preferencias y marque la casilla 'Activado' en la sección 'VeraCrypt en Segundo Plano'. + Un contenedor almacenado en un sistema de archivos remoto compartido en red no puede ser montado automáticamente cuando su dispositivo anfitrión se conecte. + El dispositivo mostrado no es ni una partición ni un volumen dinámico. Por tanto, el volumen alojado en el dispositivo no puede ser montado automáticamente cuando el dispositivo se conecte. + Establezca el tipo de la partición mostrada a un tipo reconocido por Windows (use el comando SETID de la herramienta 'diskpart' de Windows). Luego elimine la partición de favoritos y añádala otra vez. Así permitirá que el volumen alojado en el dispositivo se monte automáticamente cuando el dispositivo se conecte. + El dispositivo mostrado no es ni una partición ni un volumen dinámico. Por tanto, no se le puede asignar una etiqueta. + Establezca el tipo de la partición mostrada a un tipo reconocido por Windows (use el comando SETID de la herramienta 'diskpart' de Windows). Luego elimine la partición de favoritos y añádala otra vez. Así permitirá a VeraCrypt asignar una etiqueta a la partición. + Debido a una limitación de Windows, un contenedor almacenado en un sistema de archivos remoto compartido en red no puede ser montado como un volumen favorito del sistema (sin embargo, puede ser montado como un volumen favorito común cuando un usuario se conecte). + Introduzca contraseña para %s + Introduzca contraseña para '%s' + Introduzca contraseña para el volumen común/externo. + Introduzca contraseña para el volumen oculto + Introduzca contraseña para la cabecera almacenada en archivo de respaldo + Se ha creado con éxito el archivo-llave. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + AVISO: ¡La cabecera de este volumen está dañada! VeraCrypt usó automáticamente la copia de seguridad de la cabecera insertada en el volumen.\n\nDebería reparar la cabecera del volumen seleccionando 'Herramientas' > 'Restaurar Cabecera de Volumen'. + La copia de seguridad de la cabecera del volumen ha sido creada con éxito.\n\nIMPORTANTE: Restaurar la cabecera usando esta copia de seguridad también restaurará la contraseña actual del volumen. Es más, si son necesarios archivos-llave para montar el volumen, los mismos archivos-llave serán necesarios para montarlo de nuevo cuando se restaure la cabecera del volumen.\n\nAVISO: Esta copia de seguridad puede usarse SÓLO para restaurar la cabecera de éste volumen concreto. Si la usa para restaurar la cabecera de un volumen distinto, podrá montar el volumen pero NO será capaz de descifrar ningún dato almacenado en él (porque cambiará su clave maestra). + La cabecera del volumen ha sido restaurada con éxito.\n\nIMPORTANTE: Recuerde que también puede haberse restaurado una contraseña antigua. Además, si cuando se creó la copia de seguridad de la cabecera se necesitaban archivos-llave para montar el volumen, esos archivos-llave serán necesarios de nuevo. + Por razones de seguridad, tendrá que introducir la contraseña (y/o suministrar los archivos-llave) correcta para el volumen.\n\nNota: Si el volumen contiene un volumen oculto, tendrá que introducir la contraseña (y/o archivos-llave) para el volumen externo primero. Más tarde, si decide hacer copia de seguridad de la cabecera del volumen oculto, tendrá que introducir la contraseña (y/o archivos-llave) para el volumen oculto. + ¿Seguro que desea crear una copia de seguridad de la cabecera del volumen para %s?\n\nTras pulsar Sí, se le pedirá un nombre de archivo para la copia de seguridad.\n\nNota: Tanto la cabecera del volumen común como la del oculto serán re-cifradas usando sal nueva y almacenadas en el archivo de respaldo. Si no hay ningún volumen oculto dentro de este volumen, el área reservada para la cabecera del volumen oculto en el archivo será llenada con datos aleatorios (para preservar la negación plausible). Cuando restaure la cabecera del volumen desde el archivo de respaldo, necesitará introducir la contraseña (y/o archivos-llave) correcta que existía cuando la copia de seguridad fue creada. La contraseña (y/o archivos-llave) también determinará automáticamente el tipo de la cabecera de volumen a restaurar, es decir, común u oculto (recuerde que VeraCrypt determina el tipo mediante el proceso de prueba y error). + ¿Seguro que quiere restaurar la cabecera de volumen de %s ?\n\nAVISO: Restaurar una cabecera de volumen también restaura la contraseña que era válida cuando se hizo la copia de seguridad. Es más, si se necesitaban archivos-llave cuando se creó dicha copia de seguridad, estos archivos serán necesarios de nuevo para montar el volumen tras la restauración.\n\nDespués de aceptar, seleccionará el archivo de copia de segurida de la cabecera. + ¿Este volumen contiene un volumen oculto? + El volumen contiene un volumen oculto + El volumen no contiene un volumen oculto + Seleccione el tipo de copia de seguridad de cabecera de volumen que desea usar: + Restaurar la cabecera de volumen desde la copia de seguridad insertada en el volumen + Restaurar la cabecera de volumen desde un archivo de copia de seguridad externo + El tamaño del archivo de copia de seguridad de la cabecera del volumen es incorrecto. + No hay ninguna copia de seguridad insertada en este volumen (recuerde que sólo los volúmenes creados por VeraCrypt 6.0 o posterior contienen copias de seguridad de cabecera insertadas). + Está intentando realizar copias de seguridad de la cabecera de la partición/unidad del sistema. Esto no está permitido. Las operaciones de copia de seguridad o restauración relacionadas con la partición/unidad del sistema sólo se pueden realizar usando el Disco de Rescate VeraCrypt.\n\n¿Desea crear un Disco de Rescate VeraCrypt? + Está intentando restaurar la cabecera de un volumen virtual VeraCrypt pero ha seleccionado la partición/unidad del sistema. Esto no está permitido. Las operaciones de copia de seguridad o restauración relacionadas con la partición/unidad del sistema sólo se pueden realizar usando el Disco de Rescate VeraCrypt.\n\n¿Desea crear un Disco de Rescate VeraCrypt? + Después de pulsar Aceptar, seleccionará un nombre de archivo para la nueva imagen ISO del Disco de Rescate VeraCrypt y la ubicación donde desea colocarla. + La imagen del Disco de Rescate ha sido creada y almacenada en este archivo:\n%s\n\nAhora hay que grabar dicha imagen en un CD o DVD.\n\nIMPORTANTE: Tenga en cuenta que el archivo debe ser grabado en el CD/DVD como una imagen de disco ISO (no como un archivo individual). Para obtener información sobre cómo hacerlo, lea la documentación de su software de grabación CD/DVD.\n\nTras grabar el Disco de Rescate, seleccione 'Sistema' > 'Verificar Disco de Rescate' para verificar que ha sido grabado correctamente. + La imagen del Disco de Rescate ha sido creada y almacenada en este archivo:\n%s\n\nAhora hay que grabar dicha imagen en un CD o DVD.\n\n¿Desea ejecutar el Grabador de Imágenes de Disco de Windows?\n\nNota: tras grabar el Disco de Rescate, seleccione 'Sistema' > 'Verificar Disco de Rescate' para verificar que ha sido grabado correctamente. + Por favor inserte su Disco de Rescate VeraCrypt dentro de su unidad de CD/DVD y presione Aceptar para verificarlo. + El Disco de Rescate VeraCrypt ha sido verificado con éxito. + No se puede verificar el Disco de Rescate ha sido grabado correctamente.\n\nSi ha grabado el Disco de Rescate, expulse e inserte de nuevo el CD/DVD; después verifique otra vez. Si no funciona, pruebe con otro software de grabación y/o otro CD/DVD.\n\nSi está intentando verificar un Disco de Rescate VeraCrypt creado para otra clave maestra, contraseña, etc., por favor recuerde que ese Disco de Rescate fallará siempre esta verificación. Para crear un nuevo Disco de Rescate completamente compatible con su configuración actual, seleccione 'Sistema' > 'Crear Disco de Rescate'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Error creando Disco de Rescate VeraCrypt. + No se puede crear un Disco de Rescate VeraCrypt cuando un sistema operativo oculto se está ejecutando.\n\nPara crear un Disco de Rescate VeraCrypt, arranque el sistema operativo señuelo y seleccione 'Sistema' > 'Crear Disco de Rescate'. + No se puede verificar que el Disco de Rescate ha sido grabado correctamente.\n\nSi ha grabado el Disco de Rescate, expulse e inserte de nuevo el CD/DVD; después haga click en Siguiente para reintentarlo. Si no funciona, pruebe otro medio%s.\n\nSi no ha grabado aún el Disco de Rescate, hágalo y pulse Siguiente.\n\nSi está intentando verificar un Disco de Rescate VeraCrypt creado antes de iniciar este asistente, tenga en cuenta que dicho Disco de Rescate no se puede usar, porque fue creado para una clave maestra diferente. Necesita grabar el Disco de Rescate generado recientemente. + y/o otro software de grabación de CD/DVD + VeraCrypt - Volúmenes Favoritos del Sistema + ¿Qué son los volúmenes favoritos del sistema? + La partición/unidad del sistema no parece estar cifrada.\n\nLos volúmenes favoritos del sistema sólo pueden ser montados usando una contraseña de autenticación de pre-arranque. Por tanto, para habilitar el uso de los volúmenes favoritos del sistema, es necesario cifrar la partición/unidad del sistema primero. + Desmonte el volumen antes de continuar. + Error: No se puede establecer el temporizador. + Comprobar Sistema de Archivos + Reparar Sistema de Archivos + Añadir a Favoritos + Añadir a Favoritos del Sistema + P&ropiedades + Volumen Oculto Protegido + N/A + + No + Deshabilitado + 1 + 2 o más + Modo de Operación + Etiqueta: + Tamaño: + Ruta: + Letra de unidad: + Error: La contraseña debe contener solamente caracteres ASCII.\n\nIntroducir otros caracteres en la contraseña puede hacer que sea imposible montar el volumen si la configuración de su sistema cambia.\n\nLos siguientes caracteres están permitidos:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Aviso: La contraseña contiene caracteres ajenos a ASCII. Esto puede causar que sea imposible montar el volumen si la configuración de su sistema cambia.\n\nDebe sustituir todos los caracteres no-ASCII en la contraseña por caracteres ASCII. Haga click en 'Volúmenes' -> 'Cambiar Contraseña del Volumen'.\n\nLos siguientes caracteres son ASCII:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + AVISO: Recomendamos que evite extensiones de archivo que son usadas para archivos ejecutables (como .exe, .sys o .dll) y otras extensiones problemáticas similares. Usar estas extensiones hace que Windows y el software antivirus interfiera con el contenedor, lo que afecta negativamente el rendimiento del volumen y puede causar problemas serios.\n\nEs muy recomendable que elimine la extensión del archivo o la cambie (por ejemplo, a '.hc').\n\n¿Seguro que desea usar la extensión problemática? + AVISO: Este contenedor tiene una extensión que es usada por archivos ejecutables (como .exe, .sys o .dll) o alguna otra extensión que es igualmente problemática. Esto probablemente hará que Windows y el software antivirus interfiera con el contenedor, lo que afectará negativamente el rendimiento del volumen y puede causar otros problemas serios.\n\nEs muy recomendable que elimine la extensión del archivo del contenedor o la cambie (por ejemplo, a '.hc' después de desmontar el volumen. + Página Inicial + AVISO: Parece que no ha aplicado ningún Service Pack a su instalación Windows. ¡No debería escribir en discos IDE mayores de 128 GB bajo un Windows XP sin Service Pack 1 o posterior! Si lo hace, los datos del disco (no importa si se trata de un volumen VeraCrypt o no) podrían resultar corruptos. Tenga en cuenta que esto es una limitación de Windows, no un error de VeraCrypt. + AVISO: Parece que no ha aplicado Service Pack 3 o posterior a su instalación Windows. ¡No debería escribir en discos IDE mayores de 128 GB bajo un Windows 2000 sin Service Pack 3 o posterior! Si lo hace, los datos del disco (no importa si se trata de un volumen VeraCrypt o no) podrían resultar corruptos. Tenga en cuenta que esto es una limitación de Windows, no un error de VeraCrypt.\n\nNota: Podría necesitar habilitar el soporte LBA 48-bit en el registro: para más información, vea http://support.microsoft.com/kb/305098/EN-US + AVISO: El soporte ATAPI LBA 48-bit está deshabilitado en su sistema. Por tanto, ¡no debería escribir en discos IDE mayores de 128 GB! Si lo hace, los datos del disco (no importa si es un volumen VeraCrypt o no) podrían resultar corruptos. Tenga en cuenta que esto es una limitación de Windows, no una limitación de VeraCrypt.\n\nPara habilitar el soporte LBA 48-bit, añada el valor de registro 'EnableBigLba' en la clave de registro HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters y establézcala a 1.\n\nPara más información, vea http://support.microsoft.com/kb/305098 + Error: No se pueden almacenar archivos de más de 4 GB en un sistema de archivos FAT32. Por tanto, los volúmenes VeraCrypt alojados en archivos (contenedores) almacenados en un sistema de archivos FAT32 no pueden ser mayores de 4 GB.\n\nSi necesita un volumen mayor, créelo en un sistema de archivos NTFS (o, si utiliza Windows Vista SP1 o posterior, en un sistema de archivos exFAT) o, en lugar de crear un volumen alojado en un archivo, cifre una partición o dispositivo completo. + Aviso: Windows XP no soporta archivos mayores de 2048 GB (le informará de que "No hay suficiente espacio libre"). Por tanto, no puede crear un volumen VeraCrypt alojado en archivo (contenedor) mayor de 2048 GB bajo Windows XP.\n\nRecuerde que sí es posible cifrar la unidad entera o crear un volumen VeraCrypt alojado en una partición mayor de 2048 GB bajo Windows XP. + AVISO: Si desea poder añadir más información al volumen externo en un futuro, debería considerar la elección de un tamaño menor para el volumen oculto.\n\n¿Desea continuar con el tamaño especificado? + No hay ningún volumen seleccionado.\n\nPulse 'Seleccionar dispositivo' o 'Seleccionar archivo' para elegir un volumen VeraCrypt. + No hay ninguna partición seleccionada.\n\nPulse 'Seleccionar Dispositivo' para seleccionar una partición desmontada que normalmente requiere autenticación de pre-arranque (por ejemplo, una partición ubicada en la unidad del sistema cifrada de otro sistema operativo, que no se esté ejecutando, o la partición del sistema cifrada de otro sistema operativo).\n\nNota: La partición seleccionada será montada como un volumen VeraCrypt normal sin autenticación de pre-arranque. Esto es útil p.e. para operaciones de reparación o copia de seguridad. + AVISO: Si se activa 'Archivos-llave por defecto', los volúmenes que no usen estos archivos-llave no se podrán montar. Por tanto, tras activar los archivos-llave por defecto, recuerde desactivar la casilla 'Usar archivos-llave' (bajo el cuadro de texto de la contraseña) al montar dichos volúmenes.\n\n¿Seguro que desea guardar los archivos-llave y ubicaciones seleccionados como predeterminados? + Montar dispositivos autom. + Desmontar Todo + Borrar Caché + Desmontar Todo & Borrar Caché + Desmontar Todo & Borrar Caché (forzar) + Desmontar Todo, Borrar Caché & Salir (forzar) + Montar Volúmenes Favoritos + Mostrar/Ocultar ventana principal de VeraCrypt + (Haga click aquí y pulse una tecla) + Acción + Atajo + Error: Este atajo de teclado está reservado. Elija uno diferente. + Error: Atajo de teclado ya asignado. + AVISO: uno o más atajos de teclado VeraCrypt del sistema no funcionarán. Asegúrese de que el sistema operativo u otras aplicaciones no utilicen el mismo atajo que VeraCrypt. + Se ha evitado la creación del archivo de paginación.\n\nTenga en cuenta que, debido a un problema de Windows, los archivos de paginación no pueden ubicarse en volúmenes VeraCrypt secundarios (incluyendo los volúmenes favoritos del sistema). VeraCrypt sólo soporta la creación de archivos de paginación en una unidad/partición cifrada del sistema. + Un error o incompatibilidad impide que VeraCrypt cifre el archivo de hibernación. Por tanto, la hibernación ha sido evitada.\n\nNota: Cuando un ordenador hiberna (o entra en modo de ahorro de energía), el contenido de su memoria se escribe en un archivo de almacenamiento de hibernación que reside en la unidad del sistema. Puede que VeraCrypt no sea capaz de evitar que las claves de cifrado y los contenidos de archivos sensibles abiertos en la RAM sean guardados sin cifrar en el archivo de hibernación. + Se ha impedido la hibernación.\n\nVeraCrypt no soporta la hibernación en sistemas operativos ocultos que usan una partición de arranque adicional. Recuerde que la partición de arranque es compartida por el sistema operativo señuelo y por el oculto. Por tanto, para evitar filtraciones de datos y problemas al reanudar tras la hibernación, VeraCrypt debe impedir que el sistema operativo oculto hiberne o escriba en la partición de arranque compartida. + El volumen VeraCrypt montado como %c: ha sido desmontado. + Los volúmenes VeraCrypt han sido desmontados. + Los volúmenes VeraCrypt han sido desmontados y la caché de contraseñas ha sido borrada. + Desmontado con éxito + AVISO: Si VeraCrypt en Segundo Plano no está habilitado, tampoco lo estarán las siguientes funciones:\n\n1) Atajos de teclado\n2) Desmontaje automático (p.e. al cerrar sesión, retirar involuntariamente el dispositivo, etc.)\n3) Montaje automático de volúmenes favoritos\n4) Notificaciones (p.e., cuando se evita el daño a un volumen oculto)\n5) Icono en área de notificación.\n\nNota: Puede cerrar el Segundo Plano haciendo click derecho en el icono del área de notificación y seleccionando 'Salir'.\n\n¿Seguro que desea deshabilitar permanentemente VeraCrypt en Segundo Plano? + AVISO: Si esta opción es deshabilitada, no se podrán desmontar automáticamente volúmenes que contengan archivos/directorios abiertos. ¿Seguro que desea deshabilitar esta opción? + AVISO: los volúmenes que contengan archivos/directorios abiertos no se desmontarán autom.\n\n Para evitarlo, habilite la siguiente opción en esta misma ventana: 'Forzar desmontaje automático aunque el volumen tenga archivos abiertos' + AVISO: Cuando la batería esté baja, Windows puede no enviar los mensajes apropiados a las aplicaciones en ejecución cuando el ordenador esté entrando en modo de ahorro de energía. Por tanto, VeraCrypt podría no desmontar autom. los volúmenes correctamente. + Ha programado el proceso de cifrado de una partición/volumen. El proceso aún no ha sido completado.\n\n¿Desea continuar el proceso ahora? + Ha programado el proceso de cifrado o descifrado de la partición/unidad del sistema. El proceso aún no ha sido completado.\n\n¿Desea iniciar (continuar) el proceso ahora? + ¿Desea que se le pregunte si quiere o no continuar los procesos actualmente programados de cifrado de particiones/volúmenes secundarios? + Sí, continuar preguntándome + No, no preguntarme + IMPORTANTE: Tenga en cuenta que puede continuar el proceso de cifrado de cualquier partición/volumen secundario seleccionando 'Volúmenes' > 'Continuar Proceso Interrumpido' en el menú de la ventana principal de VeraCrypt. + Ha programado el proceso de cifrado o descifrado de la partición/unidad del sistema. Sin embargo, falló la autenticación de pre-arranque (o fue cancelada).\n\nRecuerde: Si descifró la partición/unidad del sistema en el entorno de pre-arranque, puede ser necesario finalizar el proceso seleccionando 'Sistema' > 'Descifrar Permanentemente la Partición/Unidad del Sistema' desde el menú de la ventana principal de VeraCrypt. + AVISO: Si VeraCrypt sale ahora, las siguientes funciones serán deshabilitadas:\n\n1) Atajos de teclado\n2) Desmontaje automático (p.e. al cerrar sesión, retirar involuntariamente el dispositivo, etc.)\n3) Montaje automático de volúmenes favoritos\n4) Notificaciones (p.e., cuando se evita el daño a un volumen oculto)\n\nNota: Si no desea que VeraCrypt se ejecute en segundo plano, deshabilite VeraCrypt en Segundo Plano desde Preferencias (y si es necesario deshabilite también el inicio automático de VeraCrypt).\n\n¿Seguro que desea cerrar VeraCrypt? + ¿Salir? + VeraCrypt no tiene suficiente información para determinar si cifrar o descifrar. + VeraCrypt no tiene suficiente información para determinar si cifrar o descifrar.\n\nNota: Si descifró la partición/unidad del sistema en el entorno de pre-arranque, puede ser necesario finalizar el proceso pulsando 'Descifrar'. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + ¿Desea interrumpir y posponer el proceso de cifrado de la partición/volumen?\n\nNota: tenga en cuenta que el volumen no puede ser montado hasta que haya sido cifrado por completo. Podrá continuar el proceso de cifrado desde el punto en que éste se detuvo. Puede hacerlo, por ejemplo, seleccionando 'Volúmenes' > 'Continuar Proceso Interrumpido' desde el menú de la ventana principal de VeraCrypt. + ¿Desea interrumpir y posponer el proceso de cifrado de la partición/unidad del sistema?\n\nNota: podrá continuar el proceso desde el punto en que éste se detuvo. Puede hacerlo, por ejemplo, seleccionando 'Sistema' > 'Continuar Proceso Interrumpido' desde el menú de la ventana principal de VeraCrypt. Si desea revertir o terminar permanentemente el proceso de cifrado, seleccione 'Sistema' > 'Descifrar Permanentemente Partición/Unidad del Sistema'. + ¿Desea interrumpir y posponer el proceso de descifrado de la partición/unidad del sistema?\n\nNota: podrá continuar el proceso desde el punto en que éste se detuvo. Puede hacerlo, por ejemplo, seleccionando 'Sistema' > 'Continuar Proceso Interrumpido' desde el menú de la ventana principal de VeraCrypt. Si desea revertir el proceso de descifrado (y empezar a cifrar) seleccione 'Sistema' > 'Cifrar Partición/Unidad del Sistema'. + Error: Ha fallado la interrupción del proceso de cifrado/descifrado de la partición/unidad del sistema. + Error: Ha fallado la interrupción del proceso de borrado. + Error: Ha fallado la continuación del proceso de cifrado/descifrado de la partición/unidad del sistema. + Error: Ha fallado el inicio del proceso de borrado. + Inconsistencia resuelta.\n\n\n(Si reporta un error relacionado con esto, incluya en el reporte la siguiente información técnica:\n%hs) + Error: Estado inesperado.\n\n\n(Si reporta un error relacionado con esto, incluya en el reporte la siguiente información técnica:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + AVISO: VeraCrypt en Segundo Plano está deshabilitado. Tras cerrar VeraCrypt, no será notificado si se impiden daños en el volumen oculto.\n\nNota: Puede cerrar el Segundo Plano en cualquier momento haciendo click derecho en el icono de VeraCrypt en el área de notificación y seleccionando 'Salir'.\n\n¿Habilitar VeraCrypt en Segundo Plano? + Versión del paquete: %s + Comprobando el sistema de archivos del volumen VeraCrypt montado como %s... + Intentando reparar el sistema de archivos del volumen VeraCrypt montado como %s... + Aviso: Este volumen está cifrado con un algoritmo de cifrado tradicional (legacy).\n\nTodos los algoritmos de cifrado con bloque de 64 bit (como Blowfish, CAST-128 o Triple DES) están obsoletos. Se podrá montar este volumen usando versiones futuras de VeraCrypt. Sin embargo, no habrá más mejoras en las implementaciones de estos algoritmos de cifrado tradicional. Recomendamos que cree un nuevo volumen VeraCrypt cifrado con un algoritmo con bloque de 128 bit (como AES, Serpent, Twofish, etc.) y que mueva todos los archivos de este volumen al volumen nuevo. + Su sistema no está configurado para montar automáticamente nuevos volúmenes. Puede ser imposible montar volúmenes VeraCrypt alojados en dispositivos. Se puede habilitar el montaje automático ejecutando el siguiente comando y reiniciando el sistema.\n\nmountvol.exe /E + Asigne una letra de unidad a la partición/dispositivo antes de proceder ('Panel de Control' > 'Sistema y mantenimiento' > 'Herramientas Administrativas' - 'Crear y formatear particiones de disco duro').\n\nTenga en cuenta que este es un requisito del sistema operativo. + Montar volumen VeraCrypt + Desmontar todos los volúmenes VeraCrypt + VeraCrypt no ha podido obtener privilegios de Administrador. + Acceso denegado por el sistema operativo.\n\nCausa posible: el sistema operativo requiere que tenga permisos de lectura/escritura (o privilegios de administrador) sobre ciertas carpetas, archivos y dispositivos, para permitirle leer/escribir información de/en ellos. Normalmente, un usuario sin privilegios de administrador tiene permitido crear, leer y modificar archivos en su carpeta 'Mis documentos'. + Error: La unidad usa un tamaño de sector no soportado.\n\nActualmente no es posible crear volúmenes alojados en dispositivos o particiones que usen sectores mayores de 4096 bytes. Sin embargo, recuerde que puede crear volúmenes alojados en archivo (contenedores) en estas unidades. + Actualmente no es posible cifrar un sistema instalado en un disco con un tamaño de sector diferente a 512 bytes. + El Cargador de Arranque de VeraCrypt requiere al menos 32 KB de espacio libre al principio de la unidad del sistema (el Cargador debe almacenarse en ese área). Por desgracia, su unidad no reúne esta condición.\n\nPor favor, NO reporte esto como un error/problema de VeraCrypt. Para solucionar este problema, necesitará reparticionar su disco y dejar libres los primeros 32 KB del disco (en la mayoría de los casos tendrá que borrar y crear la primera partición). Recomendamos que use el administrador de particiones de Microsoft que está disponible p.e. cuando está instalando Windows. + Esta función no está soportada en la versión del sistema operativo que está utilizando. + VeraCrypt no soporta el cifrado de la partición/unidad del sistema en la versión del sistema operativo que está utilizando. + Antes de que pueda cifrar la partición/unidad del sistema en Windows Vista, necesita instalar Service Pack 1 o posterior para Vista (todavía no hay ningún Service Pack instalado en este sistema).\n\nNota: El Service Pack 1 para Windows Vista resuelve un problema que causaba una reducción de la memoria convencional libre durante el arranque del sistema. + VeraCrypt ya no soporta el cifrado de la partición/unidad del sistema en Windows Vista sin ningún Service Pack. Antes de actualizar VeraCrypt, instale Service Pack 1 o posterior para Windows Vista. + Error: Esta característica requiere que se instale VeraCrypt en este sistema (actualmente está ejecutando VeraCrypt en modo portable).\n\nInstale VeraCrypt y reinténtelo. + AVISO: Windows no parece estar instalado en la unidad desde la que él mismo arranca. Esto no está soportado.\n\nDebería continuar sólo si está seguro de que Windows está instalado en la unidad desde la que arranca.\n\n¿Desea continuar? + Su unidad del sistema tiene una Tabla de Particiones GUID (GPT). Actualmente, sólo se soportan unidades con Tabla de Particiones MBR. + PRECAUCIÓN: ¡El Cargador de Arranque VeraCrypt ya está instalado en su unidad del sistema!\n\nEs posible que otro sistema en su ordenador esté ya cifrado.\n\nAVISO: CONTINUAR CON EL CIFRADO DEL SISTEMA ACTUAL PUEDE HACE QUE OTROS SISTEMAS NO PUEDAN INICIARSE Y SUS DATOS SEAN INACCESIBLES.\n\n¿Seguro que desea continuar? + Fallo al restaurar el cargador original del sistema.\n\nUse su Disco de Rescate VeraCrypt ('Opciones de Reparación' > 'Restaurar cargador original del sistema') o un medio de instalación de Windows para reemplazar el Cargador de Arranque de VeraCrypt con el cargador del sistema de Windows. + El cargador original del sistema no será guardado en el Disco de Rescate (causa probable: archivo de copia de seguridad perdido). + Fallo al escribir el sector MBR.\n\nSu BIOS puede estar configurada para proteger el sector MBR. Revise la configuración de su BIOS (pulsando F2, Delete, o Esc, despues de encender su ordenador) buscando la protección MBR/Antivirus. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + La versión requerida del Cargador de Arranque VeraCrypt no está instalada actualmente. Esto puede impedir que algunos ajustes se guarden. + Nota: En algunas situaciones, quizá le interese evitar que alguien (un adversario) que esté viéndole iniciar el ordenador pueda saber que usa VeraCrypt. Las siguientes opciones lo permiten pesonalizando la pantalla del cargador de arranque de VeraCrypt. Si activa la primera opción, no se mostrará ningún texto al arrancar (ni siquiera al introducir una contraseña errónea). El ordenador parecerá estar "congelado" mientras puede escribir su contraseña. Además, puede mostrarse un mensaje personalizado para confundir al adversario. Por ejemplo, falsos mensajes de error como "No se ha encontrado sistema operativo" (mensaje que muestra el cargador de arranque de Windows si no encuentra partición de arranque de Windows). No obstante, recuerde que si el adversario puede analizar el contenido del disco duro, puede darse cuenta de que contiene el cargador de arranque de VeraCrypt. + AVISO: Tenga en cuenta que si activa esta opción, el cargador de arranque de VeraCrypt no mostrará ningún texto (ni siquiera si introduce una contraseña errónea). El ordenador parecerá "congelado" (sin responder) mientras ud. escribe su contraseña (el cursor NO se moverá ni aparecerá ningún asterisco al pulsar alguna tecla).\n\n¿Seguro que desea activar esta opción? + Su partición/unidad del sistema parece estar completamente cifrada. + VeraCrypt no soporta cifrar una unidad del sistema que ha sido convertida en un disco dinámico. + La unidad del sistema contiene particiones extendidas (lógicas).\n\nPuede cifrar una unidad del sistema entera que contenga particiones extendidas sólo en Windows Vista y versiones posteriores de Windows. En Windows XP, puede cifrar la unidad del sistema entera si contiene únicamente particiones primarias.\n\nNota: se puede cifrar la partición del sistema en lugar de la unidad del sistema entera (y, además, puede crear volúmenes VeraCrypt alojados en cualquier partición secundaria en la unidad). + AVISO: Como está utilizando Windows XP/2003, tras comenzar a cifrar la unidad, NO debe crear ninguna partición extendida (lógica) en ella (sólo puede crear particiones primarias). Cualquier partición extendida en la unidad podría ser inaccesible tras comenzar el cifrado (la unidad actualmente no contiene particiones de este tipo).\n\nNota: Si esta limitación no es aceptable, puede volver atrás y cifrar sólo la partición del sistema en lugar de la unidad entera (y, además, puede crear volúmenes VeraCrypt alojados en cualquier partición secundaria de la unidad).\n\nAlternativamente, si esta limitación no es aceptable, puede considerar actualizar a Windows Vista o alguna versión posterior de Windows (puede cifrar la unidad del sistema entera conteniendo particiones extendidas/lógicas sólo en Windows Vista o posterior). + Su unidad del sistema contiene una partición no estándar.\n\nSi está usando un portátil, probablemente su unidad del sistema contenga una partición especial de recuperación. Tras cifrar la unidad del sistema entera (incluyendo dichas particiones), su sistema podría no arrancar si su ordenador está usando una BIOS diseñada inapropiadamente. También podría ser imposible usar cualquier partición de recuperación hasta que se descifre la unidad del sistema. Por tanto, recomendamos cifrar sólo la partición del sistema. + ¿Desea cifrar la partición del sistema en lugar de toda la unidad?\n\nRecuerde que puede crear volúmenes VeraCrypt alojados en cualquier partición secundaria de la unidad (además de cifrar la partición del sistema). + Como su unidad del sistema sólo contiene una única partición que ocupa la unidad entera, es preferible (más seguro) cifrar la unidad entera incluyendo el espacio libre "slack" que normalmente rodea estas particiones.\n\n¿Desea cifrar la unidad del sistema entera? + Su sistema está configurado para almacenar archivos temporales en una partición secundaria.\n\nLos archivos temporales sólo deben guardarse en la partición del sistema. + Los archivos de su cuenta de usuario no están almacenados en la partición del sistema.\n\nDichos archivos sólo deben guardarse en la partición del sistema. + Hay archivos de paginación en particiones secundarias.\n\nLos archivos de paginación sólo deben ubicarse en la partición del sistema. + ¿Desea configurar Windows para crear archivos de paginación sólo en la partición de Windows?\n\nTenga en cuenta que si selecciona 'Sí', el ordenador se reiniciará. Cuando lo haga, inicie VeraCrypt y trate de crear el SO oculto de nuevo. + De otro modo, la negación plausible del sistema operativo oculto podría verse afectada negativamente.\n\nNota: Si un adversario analiza el contenido de estos archivos (que residen en una partición secundaria), podría averiguar que ud. usó este asistente en el modo de creación de sistemas ocultos (lo cual podría indicar la existencia de un sistema operativo oculto en su ordenador). Tenga en cuenta también que cualquiera de estos archivos almacenados en la partición del sistema serán borrados por VeraCrypt durante el proceso de creación del sistema operativo oculto. + AVISO: Durante el proceso de creación del sistema operativo oculto, se requerirá reinstalar por completo el sistema actualmente en ejecución (para crear un sistema señuelo con seguridad).\n\nNota: El sistema operativo actualmente en ejecución y el contenido entero de la partición del sistema será copiado al volumen oculto (para crear el sistema oculto).\n\n\n¿Seguro que podrá instalar Windows usando un medio de Instalación de Windows (o una partición de servicio)? + Por razones de seguridad, si el sistema operativo actual requiere activación debe ser activado antes de continuar. Recuerde que el sistema operativo oculto será creado copiando el contenido de la partición del sistema a un volumen oculto (así que si este sistema operativo no está activado, el sistema operativo oculto tampoco lo estará). Para más información, vea la sección "Precauciones y Requisitos de Seguridad Concernientes a los Volúmenes Ocultos" en la Guía del Usuario de VeraCrypt.\n\nImportante: antes de continuar, asegúrese de haber leído dicha sección.\n\n\n¿Cumple el sistema operativo en ejecución con esta condición? + Su sistema usa una partición de arranque adicional. VeraCrypt no soporta la hibernación en sistemas operativos ocultos que usen una partición de arranque adicional (los sistemas señuelo se pueden hibernar sin problemas).\n\nTenga en cuenta que la partición de arranque podría estar compartida por ambos sistemas, el señuelo y el oculto. Por tanto, para evitar filtraciones de datos y problemas al reanudar tras la hibernación, VeraCrypt debe impedir que el sistema operativo oculto escriba en la partición de arranque compartida y que hiberne.\n\n\n¿Desea continuar? Si selecciona 'No', se mostrarán instrucciones para eliminar la partición de arranque adicional. + \nLa partición de arranque adicional puede ser eliminada antes de instalar Windows. Para hacerlo, siga estos pasos:\n\n1) Arranque su disco de instalación de Windows.\n\n2) En la pantalla del instalador de Windows, haga click en 'Instalar ahora' > 'Personalizar (avanzada)'.\n\n3) Click en 'Opciones de Dispositivo'.\n\n4) Seleccione la partición del sistema principal y bórrela pulsando 'Eliminar' y 'Aceptar'.\n\n5) Seleccione la partición 'Reservada del Sistema', pulse 'Extender' y aumente su tamaño hasta que se pueda instalar en ella el sistema operativo.\n\n6) Click en 'Aplicar' y 'Aceptar'.\n\n7) Instale Windows en la partición 'Reservada del Sistema'.\n\n\nUn atacante podría preguntarle por qué eliminó la partición de arranque adicional, ud. puede responder que quería evitar cualquier posible filtración de datos en la partición de arranque no cifrada.\n\nNota: puede imprimir este texto pulsando el botón 'Imprimir'. Si guarda una copia de este texto o lo imprime (muy recomendable, salvo que su impresora almacene en su controlador interno copias de los documentos que imprime), debería destruir cualquier copia de este texto tras eliminar la partición de arranque adicional (de lo contrario, si una de estas copias fuera encontrada, indicaría que existe un sistema operativo oculto en este ordenador). + Aviso: Hay espacio no asignado entre la partición del sistema y la primera partición tras ella. Después de crear el sistema operativo oculto, no debe crear ninguna partición nueva en ese espacio sin asignar. De lo contrario, podría ser iposible arrancar el sistema operativo oculto (hasta que elimine esas particiones nuevas). + Este algoritmo no está soportado actualmente para el cifrado del sistema. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Los archivos-llave no están soportados actualmente para el cifrado del sistema. + Aviso: VeraCrypt no pudo restaurar la disposición de teclado original. Esto puede hacer que ud. introduzca incorrectamente la contraseña. + Error: No se puede establecer la disposición del teclado para VeraCrypt al estándar de EEUU.\n\nRecuerde que la contraseña necesita ser escrita en el entorno de pre-arranque (antes de que Windows se inicie) donde no están disponibles disposiciones de teclado distintas a la de EEUU. Por tanto, la contraseña debe ser escrita siempre usando la disposición de teclado EEUU estándar. + Como VeraCrypt cabió temporalmente la disposición de teclado al estándar de EEUU, no es posible escribir caracteres pulsando teclas mientras Alt derecho está pulsado. Sin embargo, puede escribir la mayoría de esos caracteres pulsando las teclas apropiadas mientras Mayúsculas está pulsada. + VeraCrypt impidió que se cambiara la disposición de teclado. + Nota: La contraseña tendrá que escribirse en el entorno de pre-arranque (antes de que Windows se inicie) donde no están disponibles disposiciones de teclado distintas a la de EEUU. Por tanto, la contraseña debe ser escrita siempre usando la disposición de teclado EEUU estándar. Sin embargo, es importante recordar que NO es necesario un teclado de EEUU real. VeraCrypt automáticamente se asegura de que ud. pueda escribir la contraseña con seguridad (ahora y en el entorno de pre-arranque) incluso si NO tiene un teclado de EEUU. + Antes de cifrar la partición/unidad, debe crear un Disco de Rescate VeraCrypt (DRT) que sirve para los siguientes propósitos:\n\n- Restaurar el Cargador de Arranque VeraCrypt, clave maestra u otros datos críticos si resultan dañados (pero tenga en cuenta que tendrá que seguir introduciendo la contraseña correcta).\n\n- Si Windows resulta dañado y no arranca, el DRT permite descifrar permanentemente la partición/unidad antes de que Windows inicie.\n\n- El DRT contendrá una copia de seguridad del contenido actual de la primera pista de la unidad (normalmente, un cargador del sistema o un administrador de arranque) y le permitirá restaurarlo si es necesario.\n\nLa imagen ISO del DRT será creada en esta ubicación: + Tras pulsar Aceptar, se lanzará el Grabador de Imágenes de Disco de Windows. Úselo para grabar la imagen ISO del Disco de Rescate VeraCrypt en un CD o DVD.\n\nDespués de hacerlo, vuelva al Asistente de Creación de Volumen VeraCrypt y siga sus instrucciones. + La imagen del Disco de Rescate ha sido creada y almacenada en este archivo:\n%s\n\nAhora debe grabarla en un CD o DVD.\n\n%lsDespués de grabar el Disco de Rescate, pulse Siguiente para verificar que ha sido grabado correctamente. + La imagen del Disco de Rescate ha sigo creada y almacenada en este archivo:\n%s\n\nAhora debería grabar la imagen a un CD/DVD o moverla a una ubicación segura para un uso posterior.\n\n%lsPulse Siguiente para continuar. + IMPORTANTE: Recuerde que el archivo debe ser escrito en el CD/DVD como una imagen de disco ISO (no como un archivo individual). Para obtener información sobre cómo hacerlo, vaya a la documentación de su software de grabación de CD/DVD. Si no tiene ningún software de ese tipo que pueda grabar la imagen ISO a un CD/DVD, haga click en el enlace siguiente para descargar software gratuito de este tipo.\n\n + Lanzar el Grabador de Imágenes de Disco de Windows + AVISO: ¡Si ya ha creado un Disco de Rescate VeraCrypt en el pasado, no debe ser reutilizado para esta partición/unidad del sistema porque fue creado para una clave maestra diferente! Cada vez que cifre una partición/unidad del sistema, debe crear un nuevo Disco de Rescate VeraCrypt incluso si ha usado la misma contraseña. + Error: No se puede guardar la configuración del cifrado del sistema. + No se puede iniciar la prueba del cifrado del sistema. + No se puede iniciar el proceso de creación del sistema operativo oculto. + Modo de borrado + En algunos medios de almacenamiento, cuando los datos son sobreescritos por otros datos, es posible recuperar la información sobreescrita con técnicas como el microscopio de fuerza magnética. Esto también se aplica a datos sobreescritos por su versión cifrada (lo que ocurre cuando VeraCrypt inicialmente cifra una partición o unidad no cifrada). Según estudios y publicaciones gubernamentales, se puede evitar (o dificultar) la recuperación de esos datos sobreescribiéndolos con datos no aleatorios y pseudoaleatorios un número suficiente de veces. Por tanto, si cree que un adversario podría usar estas técnicas para recuperar los datos que pretende cifrar, puede seleccionar uno de los modos de borrado (los datos existentes NO se perderán). Tenga en cuenta que el borrado NO se hará después de que la partición/unidad esté cifrada. Cuando lo esté, no se escribirá en ella ningún dato sin cifrar. Cualquier dato que se vaya a escribir se cifra al vuelo en memoria primero, y sólo entonces (ya cifrado) es escrito al disco. + En algunos tipos de medios de almacenamiento, cuando los datos son sobreescritos por otros datos (p.e. cuando los datos son eliminados), es posible recuperar la información sobreescrita usando técnicas como el microscopio de fuerza magnética. Según algunos estudios y publicaciones gubernamentales, se puede evitar (o dificultar) la recuperación de datos sobreescritos sobreescribiendo los datos con datos no aleatorios seguros y pseudoaleatorios un número suficiente de veces. Por tanto, si cree que un adversario podría usar estas técnicas para recuperar los datos que van a ser borrados, puede seleccionar uno de los modos de borrado multi-pasada.\n\nNota: Cuantas más pasadas de borrado utilize, más se alargará el borrado de datos. + Borrando + \nNota: Puede interruptir el proceso de borrado, apagar su ordenador, iniciar el sistema operativo oculto de nuevo y reanudar el proceso (este asistente se lanzará automáticamente). Sin embargo, si lo interrumpe, el proceso de borrado tendrá que comenzar desde el principio. + \n\nNota: Si interrumpe el proceso de borrado y luego intenta reanudarlo, el proceso entero tendrá que comenzar desde el principio. + ¿Desea abortar el proceso de borrado? + Aviso: El contenido entero de la partición/dispositivo seleccionado será borrado y se perderá. + El contenido entero de la partición donde reside el sistema original será borrado.\n\nNota: El contenido entero de la partición que va a ser borrada ha sido copiado a la partición de este sistema oculto. + AVISO: Tenga en cuenta que cuando elige p.e. el modo de borrado de 3 pasadas, el tiempo necesario para cifrar la partición/unidad será unas 4 veces mayor. Asimismo, si elige el modo de 35 pasadas, tardará unas 36 veces más (podría incluso tardar varias semanas).\n\nSin embargo, recuerde que el borrado NO se realizará después de que la partición/unidad esté cifrada por completo. Cuando la partición/unidad esté cifrada por completo, no se escribirá en ella ningún dato. Cualquier dato que se escriba será cifrado al vuelo en memoria primero, y sólo entonces el dato (cifrado) será escrito en el disco (por lo tanto el rendimiento NO será afectado).\n\n¿Seguro que desea usar el modo de borrado? + Ninguno (El más rápido) + 1 pasada (datos aleatorios) + 3 pasadas (US DoD 5220.22-M) + 7 pasadas (US DoD 5220.22-M) + 35 pasadas ("Gutmann") + 256 pasadas + Número de Sistemas Operativos + AVISO: Los usuarios sin experiencia nunca deberían intentar cifrar Windows en configuraciones multi-arranque.\n\n¿Continuar? + Al crear/usar un sistema operativo oculto, VeraCrypt soporta configuraciones multi-arranque sólo cuando se cumplen las siguientes condiciones:\n\n- El sistema operativo en ejecución debe estar instalado en la unidad de arranque, la cual no debe contener ningún otro sistema operativo.\n\n- Los sistemas operativos instalados en otras unidades no deben usar ningún cargador de arranque residente en la unidad en la que está instalado el sistema operativo en ejecución.\n\n¿Se cumplen las condiciones mencionadas? + VeraCrypt no soporta esta configuración multi-arranque al crear/usar un sistema operativo oculto. + Unidad de Arranque + ¿El sistema operativo en ejecución está instalado en la unidad de arranque?\n\nNota: A veces, Windows no está instalado en la misma unidad que el cargador de arranque de Windows (partición de arranque). Si ese es el caso, seleccione 'No'. + VeraCrypt actualmente no soporta cifrar un sistema operativo que no arranque desde la unidad donde está instalado. + Número de Unidades de Sistema + ¿Cuántas unidades contienen un sistema operativo?\n\nNota: Por ejemplo, si tiene cualquier sistema operativo (Windows, Mac OS X, Linux, etc.) instalado en su unidad primaria y cualquier sistema operativo adicional instalado en su unidad secundaria, seleccione '2 o más'. + VeraCrypt actualmente no soporta cifrar una unidad entera que contiene varios sistemas operativos.\n\nPosibles soluciones:\n\n- Puede cifrar uno de los sistemas si vuelve atrás y elige cifrar sólo una partición de sistema (en lugar de elegir el cifrado de la unidad del sistema entera).\n\n- Alternativamente, puede cifrar la unidad entera si mueve algunos de los sistemas a otras unidades dejando sólo un sistema en la unidad que quiere cifrar. + Varios sistemas en una única unidad + ¿Hay algún otro sistema operativo instalado en la unidad en la que el sistema operativo en ejecución está instalado?\n\nNota: Por ejemplo, si el sistema operativo en ejecución está instalado en la unidad #0, que contiene varias particiones, y si una de las particiones contiene Windows y otra contiene cualquier sistema operativo adicional (Windows, Mac OS X, Linux, etc.), seleccione 'Sí'. + Cargador de Arranque No-Windows + ¿Hay un cargador de arranque no-Windows (o administrador de arranque Windows) instalado en el Master Boot Record (MBR)?\n\nNota: Por ejemplo, si la primera pista de la unidad de arranque contiene GRUB, LILO, XOSL, o algún otro administrador de arranque (o cargador de arranque) no-Windows, seleccione 'Sí'. + Multi-Arranque + VeraCrypt actualmente no soporta configuraciones multi-arranque cuando un cargador de arranque no-Windows está instalado en el MBR.\n\nSoluciones posibles:\n\n- Si usa un administrador de arranque para arrancar Windows y Linux, mueva el administrador (normalmente GRUB) desde el MBR a una partición. Luego inicie este asistente otra vez y cifre la partición/unidad del sistema. Recuerde que el Cargador de Arranque VeraCrypt se convertirá en su administrador de arranque primario y le permitirá lanzar el administrador original (p.e. GRUB) como su administrador de arranque secundario (pulsando Esc en la pantalla del Cargador de Arranque VeraCrypt) y así podrá arrancar Linux. + Si el sistema operativo en ejecución está instalado en la partición de arranque, después de cifrarlo necesitará introducir la contraseña correcta incluso para iniciar cualquier otro sistema Windows no cifrado (ya que ambos compartirán un único cargador/administrador de arranque cifrado).\n\nPor el contrario, si el sistema operativo en ejecución no está instalado en la partición de arranque (o si el cargador/administrador de arranque de Windows no es usado por ningún otro sistema), después de cifrarlo no necesitará introducir la contraseña correcta para arrancar otros sistemas no cifrados -- sólo tendrá que pulsar Esc para iniciar el sistema no cifrado (si hay más de uno, tendrá que elegir cuál desea iniciar desde el menú del Administrador de Arranque VeraCrypt).\n\nNota: Normalmente, el primer sistema Windows instalado es el que está instalado en la partición de arranque. + Cifrado del Área Protegida del Anfitrión + Al final de muchos dispositivos existe un área que normalmente está oculta al sistema operativo (estas áreas son llamadas Áreas Protegidas del Anfitrión, o Host Protected Areas). Sin embargo, algunos programas pueden leer y escribir datos de/a estas áreas.\n\nAVISO: Algunos fabricantes de ordenadores pueden usar estas áreas para almacenar herramientas y datos para RAID, recuperación del sistema, instalación del sistema, diagnóstico u otros propósitos. Si estas herramientas o datos deben ser accesibles antes de arrancar, el área oculta NO debería ser cifrada (elija 'No' a continuación).\n\n¿Desea que VeraCrypt detecte y cifre ese área oculta (si existe) al final de la unidad del sistema? + Tipo de Cifrado del Sistema + Seleccione esta opción si solamente quiere cifrar la partición del sistema o la unidad del sistema entera. + Puede ocurrir que sea ud. obligado por alguien a descifrar el sistema operativo. Hay situaciones en las que no podría negarse a hacerlo (por ejemplo, debido a la extorsión). Si selecciona esta opción, creará un sistema operativo oculto cuya existencia debería ser imposible de demostrar (siempre que se sigan ciertas directrices). De este modo, no tendrá que descifrar o revelar la contraseña del sistema operativo oculto. Haga click en el siguiente enlace para una explicación más detallada. + Puede ocurrir que sea ud. obligado por alguien a descifrar el sistema operativo. Hay situaciones en las que no podría negarse a hacerlo (por ejemplo, debido a la extorsión).\n\nUsando este asistente, puede crear un sistema operativo oculto cuya existencia debería ser imposible de demostrar (siempre que se sigan ciertas directrices). De este modo, no tendrá que descifrar o revelar la contraseña para el sistema operativo oculto. + Sistema Operativo Oculto + En los siguientes pasos, creará dos volúmenes VeraCrypt (externo y oculto) en la primera partición tras la partición del sistema. El oculto contendrá el sistema operativo (SO) oculto. VeraCrypt creará el SO oculto copiando el contenido de la partición del sistema (donde el SO en ejecución está instalado) al volumen oculto. Al volumen externo, ud. copiará algunos archivos sensibles pero que NO sean los que quiere ocultar. Estarán ahí por si alguien le obliga a revelar la contraseña para la partición del SO oculto. Puede revelar la contraseña para el volumen externo que la contiene (la existencia del SO oculto permanecerá en secreto).\n\nFinalmente, en la partición del SO en ejecución instalará un nuevo SO, llamado SO señuelo, y lo cifrará. No debe contener datos sensibles y estará ahí por si alguien le obliga a revelar su contraseña de autenticación de pre-arranque. En total habrá tres contraseñas. Dos de ellas pueden ser reveladas (para el SO señuelo y para el volumen externo). Si usa la tercera, se iniciará el SO oculto. + Detectando Sectores Ocultos + Espere mientras VeraCrypt está detectando posibles sectores ocultos al final de la unidad del sistema. Esto puede durar bastante tiempo.\n\nNota: En casos muy raros, en algunos ordenadores, el sistema puede dejar de responder durante este proceso de detección. Si esto ocurre, reinicie el ordenador, inicie VeraCrypt, repita los pasos anteriores pero sáltese el proceso de detección. Recuerde que este problema no está causado por un error en VeraCrypt. + Área a Cifrar + Seleccione esta opción si desea cifrar la unidad en la que el sistema Windows en ejecución está instalado. La unidad entera, con todas sus particiones, será cifrada excepto la primera pista en la que residirá el Cargador de Arranque VeraCrypt. Cualquiera que desee acceder a un sistema o archivo almacenado en la unidad, deberá introducir la contraseña correcta cada vez que se inice el sistema. Esta opción no puede ser usada para cifrar una unidad secundaria o externa si Windows no está instalado ni se arranca desde ella. + Recopilando Datos Aleatorios + Claves Generadas + VeraCrypt no ha encontrado ningún grabador CD/DVD conectado a su ordenador. VeraCrypt lo necesita para grabar un Disco de Rescate VeraCrypt arrancable que contenga una copia de seguridad de las claves de cifrado, cargador de arranque de VeraCrypt, cargador original del sistema, etc.\n\nEs muy recomendable grabar el Disco de Rescate VeraCrypt. + No tengo grabador de CD/DVD pero guardaré la imagen ISO del Disco de Rescate en una unidad extraíble (como una unidad flash). + Conectaré un grabador de CD/DVD a mi ordenador más tarde. Terminar el proceso ahora. + Un grabador de CD/DVD está conectado a mi ordenador ahora. Continuar y grabar el Disco de Rescate. + Siga estos pasos:\n\n1) Conecte un medio extraíble, como una unidad flash USB, a su ordenador.\n\n2) Copie el archivo de imagen del Disco de Rescate VeraCrypt (%s) al medio extraíble.\n\nSi necesita usar el Disco de Rescate VeraCrypt en el futuro, podrá conectar su unidad extraíble (conteniendo la imagen) a un ordenador con grabador de CD/DVD y crear un Disco de Rescate VeraCrypt arrancable grabando la imagen a un CD o DVD. IMPORTANTE: Recuerde que el archivo de imagen del Disco de Rescate VeraCrypt debe ser escrito en el CD/DVD como una imagen de disco ISO (no como archivo individual). + Grabando Disco de Rescate + Disco de Rescate Creado + Prueba del Cifrado del Sistema + Disco de Rescate Verificado + \nEl Disco de Rescate ha sido verificado con éxito. Extráigalo de la unidad y guárdelo en un lugar seguro.\n\nPulse Siguiente para continuar. + AVISO: Durante los siguientes pasos, el Disco de Rescate VeraCrypt no debe estar en la unidad. De otro modo, no será posible completar los pasos correctamente.\n\nExtráigalo de la unidad ahora y guárdelo en un lugar seguro. Luego pulse Aceptar. + Aviso: Debido a limitaciones técnicas del entorno de pre-arranque (antes del inicio de Windows), los textos mostrados por VeraCrypt en dicho entorno no pueden ser localizados. La interfaz de usuario del Cargador de Arranque VeraCrypt está en inglés.\n\n¿Continuar? + Antes de cifrar su partición o unidad del sistema, VeraCrypt necesita verificar que todo funciona correctamente.\n\nTras pulsar Probar, todos los componentes necesarios (por ejemplo, el componente de autenticación de pre-arranque o Cargador de Arranque VeraCrypt) serán instalados y su ordenador será reiniciado. Luego tendrá que introducir su contraseña en la pantalla del Cargador de Arranque que aparecerá antes de que se inicie Windows. Después de esto, será informado automáticamente de los resultados de esta prueba.\n\nEl siguiente dispositivo será modificado: Unidad #%d\n\n\nSi pulsa Cancelar ahora, no se instalará nada y la prueba no será realizada. + NOTAS IMPORTANTES -- LÉALAS O IMPRÍMALAS (click en 'Imprimir'):\n\nRecuerde que ninguno de sus archivos será cifrado antes de que reinicie con éxito su ordenador e inicie Windows. De este modo, si algo falla, sus datos NO se perderán. No obstante, si algo va mal, podría encontrar dificultades al iniciar Windows. Por tanto, lea (y si es posible imprima) las siguientes directrices sobre qué hacer si Windows no puede iniciar tras reiniciar el ordenador.\n\n + Qué hacer si no se puede iniciar Windows\n------------------------------------------------\n\nNota: Estas instrucciones son válidas sólo si no ha comenzado el cifrado.\n\n- Si Windows no se inicia tras introducir la contraseña correcta (o si ha introducido varias veces dicha contraseña pero VeraCrypt dice que la contraseña es incorrecta), no se alarme. Reinicie (apague y vuelva a encender) el ordenador, y en la pantalla del Cargador de Arranque VeraCrypt, pulse la tecla Esc (y si tiene varios sistemas, elija uno para iniciar). Windows debería iniciar (siempre que aún no esté cifrado) y VeraCrypt automáticamente le preguntará si desea desinstalar el componente de autenticación de pre-arranque o no. Tenga en cuenta que estos pasos NO funcionan si la partición/unidad del sistema está cifrada (nadie puede iniciar Windows o acceder a datos cifrados sin la contraseña correcta incluso si ha seguido los pasos anteriores).\n\n + - Si los pasos anteriores no funcionan o si la pantalla del Cargador de Arranque VeraCrypt no aparece (antes de que se inicie Windows), introduzca el Disco de Rescate VeraCrypt en su unidad CD/DVD y reinicie su ordenador. Si la pantalla del Disco de Rescate VeraCrypt no aparece (o si no ve 'Opciones de Reparación' en la sección 'Controles de Teclado' de la pantalla del Disco de Rescate), es posible que su BIOS esté configurada para arrancar desde discos duros antes que desde unidades CD/DVD. Si ése es el caso, reinicie su ordenador, pulse F2 o Delete (en cuanto vea la pantalla de inicio de la BIOS), y espere hasta que aparezca una pantalla de configuración BIOS. Si dicha pantalla de configuración no aparece, reinicie el ordenador otra vez y comience a pulsar F2 o Delete reiteradamente en cuanto se reinicie el ordenador. Cuando aparezca una pantalla de configuración de la BIOS, configure su BIOS para que arranque desde la unidad de CD/DVD primero (para obtener información sobre cómo hacerlo, vaya a la documentación de su BIOS/placa base o contacte con el equipo de soporte técnico del fabricante para obtener asistencia). Luego reinicie su ordenador. La pantalla del Disco de Rescate VeraCrypt debería aparecer ahora. En dicha pantalla, seleccione 'Opciones de Reparación' pulsando F8 en su teclado. Desde el menú 'Opciones de Reparación', seleccione 'Restaurar cargador original del sistema'. Luego extraiga el Disco de Rescate de su unidad CD/DVD y reinicie su ordenador. Windows debería iniciar con normalidad (siempre que no esté cifrado).\n\n + Tenga en cuenta que los pasos anteriores NO funcionarán si la partición/unidad del sistema está cifrada (nadie puede iniciar Windows o acceder a datos cifrados en la unidad sin la contraseña correcta incluso si se siguen los pasos anteriores).\n\n\nRecuerde que incluso si pierde su Disco de Rescate VeraCrypt y un atacante lo encuentra, éste NO será capaz de descifrar la partición o unidad del sistema sin la contraseña correcta. + Prueba Completada + La prueba ha sido completada con éxito.\n\nAVISO: Tenga en cuenta que si el suministro de energía es interrumpido repentinamente mientras se cifran los datos existentes sin pérdida de inforación, o si el sistema operativo falla debido a un error de software o hardware mientras VeraCrypt cifra los datos, podrían corromperse o perderse porciones de los datos. Por tanto, antes de empezar a cifrar, asegúrese de que posee copias de seguridad de los archivos que desea cifrar. Si no las tiene, copie los archivos ahora (puede hacer click en Aplazar, hacer la copia, ejecutar de nuevo VeraCrypt y seleccionar 'Sistema' > 'Continuar proceso interrumpido' para iniciar el cifrado).\n\nCuando esté listo, pulse Cifrar para empezar. + Puede hace click en Pausa o en Aplazar en cualquier momento para interrumpir el proceso de cifrado o descifrado, salir de este asistente, reiniciar o apagar su ordenador, y luego continuar el proceso desde el punto en que se detuvo. Para evitar ralentizaciones cuando el sistema o alguna aplicación lea o escriba en la unidad del sistema, VeraCrypt automáticamente espera hasta que los datos sean leídos o escritos (ver Estado a continuación) y luego continúa cifrando o descifrando. + \n\nPuede hacer click en Pausa o en Aplazar en cualquier momento para interrumpir el proceso de cifrado, salir de este asistente, reiniciar o apagar su ordenador, y luego continuar el proceso desde el punto en que se detuvo. Recuerde que el volumen no puede montarse hasta que esté cifrado por completo. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Sistema Oculto Iniciado + Sistema Original + Windows crea (normalmente sin su conocimiento ni su consentimiento) varios archivos temporales, logs, etc. en la partición del sistema. También guarda el contenido de la RAM en archivos de hibernación y paginación ubicados en la partición del sistema. Por tanto, si un adversario analiza archivos almacenados en la partición donde reside el sistema original (del que es una copia el sistema oculto), podría hallar, por ejemplo, que ud. usó el asistente de VeraCrypt en modo de creación de sistema oculto (lo que podría indicar la existencia de un sistema operativo oculto en su ordenador).\n\nPara evitar estos problemas, VeraCrypt borrará el contenido entero de la partición donde reside el sistema original. Acto seguido, para lograr la negación plausible, tendrá que instalar un nuevo sistema en la partición y cifrarla. Con esto creará el sistema señuelo y el proceso de creación del sistema operativo oculto estará completo. + El sistema operativo oculto ha sido creado con éxito. Sin embargo, antes de que pueda empezar a usarlo (y lograr la negación plausible), necesitará borrar (usando VeraCrypt) el contenido entero de la partición donde está instalado el sistema operativo en ejecución. Antes de que pueda hacer esto, debe reiniciar el ordenador y, en la pantalla del Cargador de Arranque VeraCrypt (que aparece antes del inicio de Windows), introducir la contraseña de autenticación de pre-arranque para el sistema operativo oculto. Cuando éste se inicie, el asistente de VeraCrypt será lanzado automáticamente.\n\nNota: Si elige terminar el proceso de creación del sistema operativo oculto ahora, NO podrá continuar el proceso y el sistema operativo oculto NO será accesible (porque el Cargador de Arranque VeraCrypt será eliminado). + Ha programado el proceso de creación de un sistema operativo oculto. El proceso aún no ha sido completado. Para completarlo, debe reiniciar el ordenador y, en la pantalla del Cargador de Arranque VeraCrypt (que aparece antes del inicio de Windows), introducir la contraseña para el sistema operativo oculto.\n\nNota: Si elige terminar el proceso de creación del sistema operativo oculto ahora, NO podrá continuarlo más tarde. + Reiniciar el ordenador y continuar + Terminar permanentemente el proceso de creación del sistema operativo oculto + No hacer nada y preguntar de nuevo después + \nSI ES POSIBLE, IMPRIMA ESTE TEXTO (pulse 'Imprimir').\n\n\nCuándo y Cómo Usar el Disco de Rescate VeraCrypt (Tras Cifrar)\n-----------------------------------------------------------------------------------\n\n + I. Cómo arrancar el Disco de Rescate VeraCrypt\n\nPara arrancar un Disco de Rescate VeraCrypt, insértelo en su unidad CD/DVD y reinicie su ordenador. Si no aparece la pantalla del Disco de Rescate VeraCrypt (o si no ve 'Opciones de Reparación' en la sección 'Controles de Teclado' de la pantalla), es posible que su BIOS esté configurada para arrancar desde discos duros antes que desde unidades CD/DVD. Si este es el caso, reinicie su ordenador, pulse F2 o Delete (en cuanto vea la pantalla de inicio de la BIOS), y espere hasta que aparezca una pantalla de configuración BIOS. Si no aparece, reinice el ordenador y pulse repetidamente F2 o Delete en cuanto se reinicie el ordenador. Cuando aparezca la pantalla de configuración, configure su BIOS para que arranque desde la unidad CD/DVD primero (si no sabe hacerlo, vaya a la documentación de su BIOS/placa base o contacte con el equipo de soporte técnico del fabricante para obtener asistencia). Luego reinicie su ordenador. La pantalla del Disco de Rescate VeraCrypt debería aparecer ahora. Nota: en dicha pantalla, puede seleccionar 'Opciones de Reparación' pulsando F8.\n\n\n + II. Cuándo y Cómo Usar el Disco de Rescate VeraCrypt (Tras Cifrar) + 1) Si la pantalla del Cargador de Arranque VeraCrypt no aparece tras iniciar su ordenador (o si Windows no arranca), el Cargador podría estar dañado. El Disco de Rescate VeraCrypt le permite restaurarlo y con ello volver a obtener acceso a su sistema y datos cifrados (pero recuerde que tendrá que seguir introduciendo la contraseña correcta). En la pantalla del Disco de Rescate, seleccione 'Opciones de Reparación' > 'Restaurar Cargador de Arranque VeraCrypt'. Luego pulse 'Y' para confirmar la acción, extraiga el Disco de Rescate de su unidad CD/DVD y reinicie su ordenador.\n\n + 2) Si ha introducido varias veces la contraseña correcta pero VeraCrypt dice que no es correcta, la clave maestra u otros datos críticos podrían estar dañados. El Disco de Rescate VeraCrypt le permite restaurarlos y volver a obtener acceso a su sistema y datos cifrados (pero tendrá que seguir introduciendo la contraseña correcta). En la pantalla del Disco de Rescate, seleccione 'Opciones de Reparación' > 'Restaurar datos clave'. Luego introduzca su contraseña, pulse 'Y' para confirmar la acción, extraiga el Disco de Rescate de su unidad CD/DVD y reinicie su ordenador.\n\n + 3) Si el Cargador de Arranque VeraCrypt está dañado, puede evitar su ejecución arrancando directamente desde el Disco de Rescate VeraCrypt. Inserte su Disco de Rescate en la unidad CD/DVD e introduzca su contraseña en la pantalla del Disco de Rescate.\n\n + 4) Si Windows está dañado y no puede iniciarse, el Disco de Rescate VeraCrypt le permite descifrar permanentemente la partición/unidad antes de que Windows se inicie. En la pantalla del Disco de Rescate, seleccione 'Opciones de Reparación' > 'Descifrar permanentemente partición/unidad del sistema'. Introduzca la contraseña y espere a que se complete el descifrado. Luego puede arrancar su CD/DVD de instalación de Windows para repararlo. + Nota: Alternativamente, si Windows está dañado (no puede iniciarse) y necesita repararlo (o acceder a sus archivos), puede evitar el descifrado de la partición/unidad del sistema siguiendo estos pasos: Si tiene varios sistemas operativos instalados en su ordenador, arranque alguno que no requiera autenticación de pre-arranque. Si no tiene varios sistemas operativos, puede arrancar un CD/DVD WinPE o BartPE o conectar su unidad del sistema a otro ordenador como una unidad secundaria o externa y arrancar el sistema operativo de ése ordenador. Después de arrancar un sistema, ejecute VeraCrypt, seleccione 'Seleccionar Dispositivo', seleccione la partición del sistema afectado, pulse 'Aceptar', seleccione 'Sistema' > 'Montar Sin Autenticación de Pre-Arranque', introduzca su contraseña de autenticación de pre-arranque y pulse 'Aceptar'. La partición se montará como un volumen VeraCrypt normal (los datos se cifrarán/descifrarán al vuelo).\n\n\n + Recuerde que incluso si pierde su Disco de Rescate VeraCrypt y un atacante lo encuentra, éste NO podrá descifrar la unidad o partición del sistema sin la contraseña correcta. + \n\nI M P O R T A N T E -- IMPRIMA ESTE TEXTO SI ES POSIBLE (Click en 'Imprimir').\n\n\nNota: Este texto se mostrará automáticamente cada vez que inicie el sistema oculto hasta que comience a crear el sistema señuelo.\n\n\n + Cómo Crear un Sistema Señuelo con Seguridad\n----------------------------------------------------------------------------\n\nPara conseguir la negación plausible, es necesario crear el sistema operativo señuelo ahora. Para hacerlo, siga estos pasos:\n\n + 1) Por razones de seguridad, apague su ordenador y déjelo apagado unos minutos (cuantos más mejor). Esto es requerido para borrar la memoria, que contiene datos sensibles. Luego encienda el ordenador pero no arranque el sistema oculto.\n\n + 2) Instale Windows en la partición cuyo contenido ha sido borrado (es decir, en la partición donde estaba instalado el sistema original, del que se copió el sistema oculto).\n\nIMPORTANTE: CUANDO EMPIECE A INSTALAR EL SISTEMA SEÑUELO, EL OCULTO *NO* PODRÁ ARRANCAR (porque el Cargador de Arranque de VeraCrypt será borrado por el instalador de Windows). ESTO ES NORMAL Y ESPERADO. NO SE ALARME. PODRÁ ARRANCAR EL SISTEMA OCULTO EN CUANTO EMPIECE A CIFRAR EL SISTEMA SEÑUELO (porque VeraCrypt instalará automáticamente en ese momento el Cargador de Arranque VeraCrypt en la unidad del sistema).\n\nImportante: El tamaño de la partición del sistema señuelo debe permanecer igual que el del volumen oculto (esta condición se cumple ahora). Además, no debe crear ninguna partición entre la partición del sistema señuelo y la que contiene el sistema oculto.\n\n + 3) Arranque el sistema señuelo (el que instaló en el paso 2) e instale VeraCrypt en él.\n\nTenga en cuenta que el sistema señuelo nunca debe contener datos importantes.\n\n + 4) En el sistema señuelo, ejecute VeraCrypt y seleccione 'Sistema' > 'Cifrar Partición/Unidad del Sistema'. El Asistente de Creación de Volúmenes VeraCrypt debería aparecer.\n\nLos siguientes pasos se aplican a dicho asistente.\n\n + 5) En el Asistente de Creación de Volúmenes VeraCrypt, NO seleccione la opción 'Oculto'. Deje seleccionada la opción 'Normal' y haga click en 'Siguiente'.\n\n + 6) Seleccione la opción 'Cifrar la partición de Windows' y pulse 'Siguiente'.\n\n + 7) Si sólo están instalados el sistema señuelo y el oculto en el ordenador, seleccione la opción 'Arranque simple' (si hay algún otro sistema instalado, seleccione 'Arranque múltiple'). Luego pulse 'Siguiente'.\n\n + 8) IMPORTANTE: En este paso, PARA EL SISTEMA SEÑUELO, ¡DEBE SELECCIONAR EL MISMO ALGORITMO DE CIFRADO Y ALGORITMO HASH QUE EL SELECCIONADO PARA EL SISTEMA OCULTO! ¡DE LO CONTRARIO, EL SISTEMA OCULTO SERÁ INACCESIBLE! En otras palabras, el sistema señuelo debe ser cifrado con el mismo algoritmo de cifrado que el sistema oculto. Nota: La razón es que el sistema señuelo y el oculto compartirán un único cargador de arranque, que sólo soporta un algoritmo seleccionado por el usuario (hay una versión especial del Cargador de Arranque VeraCrypt para cada algoritmo).\n\n + 9) En este paso, elija una contraseña para el sistema operativo señuelo. Ésta será la contraseña que podrá revelar a un adversario si se le pide o se le obliga a revelar su contraseña de autenticación de pre-arranque (la otra contraseña que puede revelar es la del volumen externo). La existencia de la tercera contraseña (la de autenticación de pre-arranque del sistema operativo oculto) permanecerá en secreto.\n\nImportante: la contraseña que elija para el sistema señuelo debe ser sustancialmente diferente de la que elija para el volumen oculto (es decir, para el sistema operativo oculto).\n\n + 10) Siga el resto de las instrucciones del asistente para cifrar el sistema operativo señuelo.\n\n\n\n + Tras la Creación del Sistema Señuelo\n------------------------------------------------\n\nTras cifrar el sistema señuelo, habrá completado el proceso de creación del sistema operativo oculto y podrá usar estas tres contraseñas:\n\n1) Contraseña de autenticación de pre-arranque para el sistema operativo oculto.\n\n2) Contraseña de autenticación de pre-arranque para el sistema operativo señuelo.\n\n3) Contraseña para el volumen externo.\n\n + Si desea iniciar el sistema operativo oculto, sólo tendrá que introducir la contraseña para el sistema operativo oculto en la pantalla del Cargador de Arranque VeraCrypt (que aparece tras encender o reiniciar su ordenador).\n\nSi desea iniciar el sistema operativo señuelo, sólo tendrá que introducir la contraseña para el sistema operativo señuelo en la misma pantalla.\n\nLa contraseña para el sistema señuelo puede ser revelada a cualquiera que le obligue a revelar la contraseña de autenticación de pre-arranque. La existencia del volumen oculto (y del sistema operativo oculto) permanecerá en secreto.\n\n + La tercera contraseña (para el volumen externo) puede ser revelada a cualquiera que le obligue a revelar la contraseña para la primera partición tras la partición del sistema, donde residen tanto el volumen externo como el oculto (con el sistema operativo oculto). La existencia del volumen oculto (y del sistema oculto) permanecerá en secreto.\n\n\n + Si reveló la contraseña para el sistema señuelo a un adversario y éste le preguntó por qué el espacio libre de la partición del sistema (señuelo) contiene datos aleatorios, puede responder, por ejemplo: "La partición contuvo un sistema cifrado por VeraCrypt, pero olvidé la contraseña de autenticación de pre-arranque (o el sistema fue dañado y dejó de arrancar), así que tuve que reinstalar Windows y cifrar la partición otra vez."\n\n\n + Si todas las instrucciones son seguidas y las precauciones y requisitos listados en la sección "Precauciones y Requisitos de Seguridad Concernientes a los Volúmenes Ocultos" en la Guía del Usuario de VeraCrypt son seguidos, debería ser imposible demostrar que el volumen oculto y el sistema operativo oculto existen, incluso si el volumen externo está montado o el sistema operativo señuelo es descifrado o iniciado.\n\nSi guarda o imprime una copia de este texto (altamente recomendado salvo que su impresora almacene internamente copias de los documentos que imprime), debería destruir todas las copias del mismo tras crear el sistema señuelo y tras haber comprendido toda la información contenida en el texto (de otro modo, si se encuentra una copia, podría indicar que hay un sistema operativo oculto en este ordenador).\n\n + AVISO: SI NO PROTEGE EL VOLUMEN OCULTO (para saber cómo hacerlo, vaya a la sección "Protección de Volúmenes Ocultos Contra Daño" en la Guía de Usuario de VeraCrypt), NO ESCRIBA EN EL VOLUMEN EXTERNO (recuerde que el sistema operativo señuelo NO está instalado en el volumen externo). DE LO CONTRARIO, ¡PODRÍA SOBREESCRIBIR Y DAÑAR EL VOLUMEN OCULTO (Y EL SISTEMA OPERATIVO OCULTO QUE CONTIENE)! + Clonando Sistema Operativo + En los siguientes pasos, VeraCrypt creará el sistema operativo oculto copiando el contenido de la partición del sistema al volumen oculto (los datos que se copien serán cifrados al vuelo con una clave de cifrado diferente de la que se usará para el sistema operativo señuelo).\n\nTenga en cuenta que el proceso se realizará en el entorno de pre-arranque (antes del inicio de Windows) y puede tardar mucho en completarse; varias horas o incluso días (dependiendo del tamaño de la partición del sistema y del rendimiento de su ordenador).\n\nPodrá interrumpir el proceso, apagar su ordenador, iniciar el sistema operativo y luego continuar el proceso. No obstante, si lo interrumpe, el proceso de copiado tendrá que comenzar desde el principio (porque el contenido de la partición del sistema no debe cambiar durante la clonación). + ¿Desea cancelar el proceso entero de cración del sistema operativo oculto?\n\nNota: NO podrá continuar el proceso más tarde si lo cancela ahora. + ¿Desea cancelar la prueba del cifrado del sistema? + Ha fallado la prueba del cifrado del sistema VeraCrypt. ¿Desea intentarlo de nuevo?\n\nSi selecciona 'No', el componente de autenticación de pre-arranque será desinstalado.\n\nNotas:\n\n- Si el Cargador de Arranque VeraCrypt no le pidió que introdujera la contraseña antes de que Windows se iniciara, es posible que su sistema operativo no arranque desde la unidad en la que está instalado. Esto no está soportado.\n\n- Si usó un algoritmo de cifrado distinto a AES y la prueba falló (e introdujo la contraseña), la causa puede ser un controlador diseñado inapropiadamente. Seleccione 'No', y trate de cifrar la partición/unidad del sistema otra vez, pero use el algoritmo de cifrado AES (que tiene los requisitos de memoria más bajos).\n\n- Para más posibles causas y soluciones, vea https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + La partición/unidad del sistema no parece estar cifrada (ni parcial ni completamente). + Su partición/unidad del sistema está cifrada (parcial o completamente).\n\nDescifre por completo su partición/unidad del sistema antes de continuar. Para ello, seleccione 'Sistema' > 'Descifrar Permanentemente la Partición/Unidad del Sistema' desde el menú de la ventana principal de VeraCrypt. + Si la partición/unidad del sistema está cifrada (parcial o completamente), no puede usar una versión anterior de VeraCrypt (pero puede actualizarlo o reinstalar la misma versión). + Su partición/unidad del sistema está siendo actualmente cifrada, descifrada, o modificada de otra manera. Interrumpa el proceso de cifrado/descifrado/modificación (o espere a que termine) antes de continuar. + El Asistente de Creación de Volúmenes VeraCrypt ya está ejecutándose y está preparando o llevando a cabo el cifrado/descifrado de la partición/unidad del sistema. Antes de continuar, espere a que termine o ciérrelo. Si no puede cerrarlo, reinicie su ordenador antes de proceder. + El proceso de cifrado o descifrado de la partición/unidad del sistema no ha sido completado. Espere a que se complete antes de continuar. + Error: El proceso de cifrado de la partición/unidad del sistema no ha sido completado. Debe completarse primero. + Error: El proceso de cifrado de la partición/volumen no ha sido completado. Debe completarse primero.\n\nNota: para continuar el proceso, seleccione 'Volúmenes' > 'Continuar Proceso Interrumpido' desde el menú de la ventana principal de VeraCrypt. + La contraseña es correcta, VeraCrypt ha descifrado con éxito la cabecera del volumen y detectado que éste es un volumen de sistema oculto. No obstante, no puede modificar la cabecera de un volumen de sistema oculto de esta forma.\n\nPara cambiar la contraseña de un volumen de sistema oculto, arranque el sistema operativo residente en dicho volumen, y luego seleccione 'Sistema' > 'Cambiar Contraseña' desde el menú de la ventana principal de VeraCrypt.\n\nPara establecer el algoritmo de derivación de la clave de cabecera, arranque el sistema operativo oculto y seleccione 'Sistema' > 'Establecer Algoritmo de Derivación de Clave de Cabecera'. + VeraCrypt no soporta el descifrado sin pérdida de datos de una partición de sistema oculto.\n\nNota: Si desea descifrar la partición del sistema señuelo, arranque el sistema señuelo y seleccione 'Sistema' > 'Descifrar Permanentemente Partición/Unidad del Sistema' desde el menú de la ventana principal de VeraCrypt. + Error: Parámetro Incorrecto/inválido. + Ha seleccionado una partición o un dispositivo pero el modo de asistente seleccionado es sólo para contenedores de archivos.\n\n¿Desea cambiar el modo de asistente? + ¿Desea crear un contenedor de archivos VeraCrypt en su lugar? + Ha seleccionado la partición/unidad del sistema (o la partición de arranque), pero el modo de asistente seleccionado es sólo para particiones/unidades secundarias.\n\n¿Desea instalar autenticación de pre-arranque (lo que significa que tendrá que introducir su contraseña antes de cada inicio de Windows) y cifrar la partición/unidad del sistema? + ¿Seguro que desea descifrar permanentemente la partición/unidad del sistema? + CUIDADO: Si descifra permanentemente la partición/unidad del sistema, se escribirán en ella datos no cifrados.\n\n¿Seguro que desea descifrar permanentemente la partición/unidad del sistema? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Aviso: si usa algoritmos en cascada para el cifrado del sistema, pueden producirse estos problemas:\n\n1) Que el Cargador de Arranque VeraCrypt sea mayor de lo normal y no haya suficiente espacio en la primera pista de la unidad para hacer una copia de seguridad del Cargador. Por tanto, si resulta dañado (lo que a veces ocurre, por ejemplo, con procedimientos de activación antipiratería diseñados inapropiadamente), tendrá que usar el Disco de Rescate VeraCrypt para arrancar o reparar el Cargador de Arranque.\n\n2) Que en algunos ordenadores se tarde más en reanudar tras la hibernación.\n\nEstos problemas potenciales pueden evitarse eligiendo un algoritmo de cifrado sin cascada (como AES).\n\n¿Seguro que desea usar algoritmos en cascada? + Si encuentra alguno de los problemas mencionados, descifre la partición/unidad (si está cifrada) y luego intente cifrarla de nuevo usando un algoritmo de cifrado sin cascada (como AES). + AVISO: Por razones de seguridad, debería actualizar VeraCrypt en el sistema operativo señuelo antes de actualizarlo en el sistema operativo oculto.\n\nPara hacerlo, arranque el sistema señuelo y ejecute el instalador VeraCrypt en él. Luego arranque el sistema oculto y ejecute también el instalador en él.\n\nNota: El sistema señuelo y el sistema oculto comparten un único cargador de arranque. Si actualizó VeraCrypt sólo en el sistema oculto (pero no en el señuelo), el sistema señuelo podría contener un controlador VeraCrypt y aplicaciones VeraCrypt cuya versión sea diferente a la del Cargador de Arranque VeraCrypt. Esta discrepancia podría indicar que existe un sistema operativo oculto en este ordenador.\n\n\n¿Desea continuar? + La versión del Cargador de Arranque VeraCrypt que arrancó este sistema operativo es diferente a la versión del controlador VeraCrypt (y la de las aplicaciones VeraCrypt) instalado en este sistema.\n\nDebería ejecutar el instalador VeraCrypt (cuya versión sea la misma que la del Cargador de Arranque VeraCrypt) para actualizar VeraCrypt en este sistema operativo. + La versión del Cargador de Arranque VeraCrypt que arrancó este sistema operativo es diferente a la versión del controlador VeraCrypt (y de las aplicaciones VeraCrypt) instalado en este sistema. Recuerde que las versiones antiguas pueden contener errores corregidos en versiones recientes.\n\nSi no arrancó desde el Disco de Rescate VeraCrypt, debería reinstalar VeraCrypt o actualizarlo a la última versión estable (el cargador de arranque será actualizado también).\n\nSi arrancó desde el Disco de Rescate, debería actualizarlo ('Sistema' > 'Crear Disco de Rescate'). + El Cargador de Arranque VeraCrypt ha sido actualizado.\n\nSe recomienda crear un nuevo Disco de Rescate VeraCrypt (que contendrá la nueva versión del Cargador de Arranque VeraCrypt) seleccionando 'Sistema' > 'Crear Disco de Rescate' después de reiniciar su ordenador. + El Cargador de Arranque VeraCrypt ha sido actualizado.\n\nSe recomienda que arranque el sistema operativo señuelo y cree un nuevo Disco de Rescate VeraCrypt (que contendrá la nueva versión del Cargador de Arranque VeraCrypt) seleccionando 'Sistema' > 'Crear Disco de Rescate'. + Fallo al actualizar el Cargador de Arranque VeraCrypt. + VeraCrypt ha fallado al detectar el tamaño real de la unidad del sistema y, por tanto, se usará el tamaño reportado por el sistema operativo (que podría ser menor que el tamaño real). Recuerde que esto no es un error de VeraCrypt. + PRECAUCIÓN: Parece que VeraCrypt ya ha tratado de detectar sectores ocultos en esta unidad del sistema. Si encontró algún problema durante el proceso de detección anterior, puede evitar los problema saltándose la detección de sectores ocultos ahora. Tenga en cuenta que si lo hace, VeraCrypt usará el tamaño reportado por el sistema operativo (que puede ser menor que el tamaño real de la unidad).\n\nRecuerde que este problema no es causado por un error de VeraCrypt. + Saltarse la detección de sectores ocultos (usar tamaño reportado por el sistema operativo) + Intentar detectar los sectores ocultos de nuevo + Error: El contenido de uno o más sectores del disco no puede leerse (probablemente debido a un defecto físico).\n\nEl proceso de cifrado sin pérdida de datos puede continuar sólo cuando los sectores sean legibles de nuevo. VeraCrypt puede intentar hacer legibles esos sectores escribiendo ceros en ellos (con lo cual estos bloques de ceros serán cifrados). Sin embargo, tenga en cuenta que los datos almacenados en los sectores ilegibles se perderán. Si quiere evitarlo, puede intentar recuperar fragmentos de los datos corruptos usando herramientas de terceros.\n\nNota: En caso de sectores físicamente dañados (al contrario que con la corrupción de datos y errores de suma de verificación) la mayoría de los tipos de dispositivos de almacenamiento reasignan los sectores cuando se intenta escribir datos en ellos (así que los datos de los sectores dañados pueden permanecer sin cifrar en la unidad).\n\n¿Desea que VeraCrypt escriba ceros en los sectores ilegibles? + Error: El contenido de uno o más sectores del disco no puede leerse (probablemente debido a un defecto físico).\n\nPara proceder con el descifrado, VeraCrypt tendrá que desechar el contenido de los sectores ilegibles (su contenido será reemplazado por datos pseudoaleatorios). Recuerde que, antes de continuar, puede intentar recuperar fragmentos de los datos corruptos usando herramientas de terceros.\n\n¿Desea que VeraCrypt descarte los datos de los sectores ilegibles? + Nota: VeraCrypt ha reemplazado el contenido de %I64d sectores ilegibles (%s) con bloques cifrados de texto plano llenos de ceros. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Introduzca contraseña/PIN para token '%s': + Para permitir que VeraCrypt acceda a un token de seguridad o tarjeta inteligente, necesita instalar primero una librería de software PKCS #11 para el token o la tarjeta. Esta librería puede ser suministrada con el dispositivo o puede descargarse desde la web del vendedor o de terceros.\n\nTras instalar la librería, puede seleccionarla manualmente pulsando 'Seleccionar Librería' o puede dejar que VeraCrypt la encuentre y seleccione automáticamente pulsando 'Detección Automática' (sólo se buscará en el directorio del sistema Windows). + Nota: Para el nombre de archivo y ubicación de la librería PKCS #11 instalada para su token o tarjeta, vaya a la documentación suministrada con el token, tarjeta, o software de terceros.\n\nPulse 'Aceptar' para seleccionar la ruta y nombre de archivo. + Para permitir que VeraCrypt acceda a un token de seguridad o tarjeta inteligente, necesita seleccionar una librería de software PKCS #11 para el token/tarjeta primero. Para hacerlo, seleccione 'Configuración' > 'Tokens de Seguridad'. + Falló la inicialización de la librería de token de seguridad PKCS #11.\n\nAsegúrese de que la ruta y archivo especificados dirigen a una librería PKCS #11 válida. Para especificar una ruta y nombre de archivo para la librería PKCS #11, seleccione 'Configuración' > 'Tokens de Seguridad'. + No se han encontrado librerías PKCS #11 en el directorio de sistema de Windows.\n\nAsegúrese de que haya instalada una librería PKCS #11 para su token de seguridad o tarjeta inteligente (esta librería puede ser suministrada con el token/tarjeta o puede descargarse desde la web del vendedor o de terceros). Si está instalado en otro directorio distinto al del sistema de Windows, pulse 'Seleccionar Librería' para localizar la librería (p.e. en la carpeta donde está instalado el software del token/tarjeta). + No se ha encontrado ningún token de seguridad.\n\nAsegúrese de que su token está conectado y el controlador de dispositivo correcto está instalado. + No se ha encontrado archivo-llave del token de seguridad. + Ya existe un archivo-llave de token de seguridad con el mismo nombre. + ¿Desea borrar los archivos seleccionados? + Ruta no válida de archivo-llave de token de seguridad. + Error de token de seguridad + Contraseña incorrecta para el token de seguridad. + El token de seguridad no tiene suficiente memoria/espacio para la operación solicitada.\n\nSi está intentando importar un archivo-llave, debería seleccionar un archivo más pequeño o usar uno generado por VeraCrypt (seleccione 'Herramientas' > 'Generador de Archivo-llave'). + Todas las sesiones de token de seguridad abiertas han sido cerradas. + Seleccione Archivos-llave de Token de Seguridad + Slot + Nombre del token + Nombre del archivo + IMPORTANTE: Las contraseñas de autenticación de pre-arranque siempre son escritas con la disposición de teclado estándar de EEUU. Por tanto, podría ser imposible montar con contraseña de pre-arranque un volumen que use una contraseña escrita con cualquier otra disposición de teclado (esto no es un error de VeraCrypt). Para permitir que volúmenes así sean montados con contraseña de pre-arranque, siga estos pasos:\n\n1) Click en 'Seleccionar Archivo' o 'Seleccionar Dispositivo' y seleccione el volumen.\n2) Seleccione 'Volúmenes' > 'Cambiar Contraseña del Volumen'.\n3) Introduzca la contraseña actual para el volumen.\n4) Cambie la disposición de teclado a Inglés (EEUU) haciendo click en la barra de Idioma en la barra de tareas de Windows y seleccionando 'EN Inglés (EEUU)'.\n5) En VeraCrypt, en el campo de la nueva contraseña, escriba la contraseña de pre-arranque.\n6) Confirme la contraseña escribiéndola en el campo de confirmación y pulse 'Aceptar'.\nAVISO: Tenga en mente que si sigue estos pasos, la contraseña del volumen tendrá que ser escrita siempre usando la disposición de teclado EEUU (que se aplica automáticamente sólo en el entorno de pre-arranque). + Los volúmenes favoritos del sistema serán montados usando la contraseña de autenticación de pre-arranque. Si algún favorito del sistema usa una contraseña diferente, no será montado. + Recuerde que si necesita impedir que las acciones con volúmenes VeraCrypt normales (como 'Desmontar Todo') afecten a los volúmenes favoritos del sistema, debería activar la opción 'Permitir sólo a administradores ver y desmontar volúmenes favoritos del sistema en VeraCrypt'. Además, cuando VeraCrypt se ejecuta sin privilegios de administrador (por defecto en Windows Vista y posterior), los volúmenes favoritos del sistema no se mostrarán en la lista de letras de unidad de la ventana principal de VeraCrypt. + IMPORTANTE: Tenga en cuenta que si esta opción se habilita y VeraCrypt no tiene privilegios de administrador, los volúmenes favoritos del sistema montados NO se mostrarán en la ventana principal de VeraCrypt y no se podrán desmontar. Si necesita desmontar un favorito del sistema haga click en el icono de VeraCrypt (en el menú Inicio) y seleccione 'Ejecutar como administrador' primero. La misma limitación se aplica a las funciones 'Desmontar Todo', 'Desmontar automáticamente', teclas de acceso rápido relacionadas, etc. + Recuerde que esta configuración hace efecto sólo tras reiniciar el sistema operativo. + Error analizando línea de comandos. + Disco de Rescate + Seleccionar &Archivo y Montar + Seleccionar &Dispositivo y Montar + Permitir sólo a administradores ver y desmontar volúmenes favoritos del sistema en VeraCrypt + Montar volúmenes favoritos del sistema al inicio de Windows (en la fase inicial del proceso) + Aviso: El sistema de archivos en el volumen montado como '%s' no se desmontó limpiamente y puede contener errores. Usar un sistema de archivos corrupto puede causar pérdida o corrupción de datos.\n\nNota: Antes de extraer o desconectar físicamente un dispositivo (como una unidad flash USB o un disco duro externo) en el que reside un volumen VeraCrypt, debería desmontar siempre el volumen en VeraCrypt primero.\n\n\n¿Desea que Windows intente detectar y corregir errores (si los hay) en el sistema de archivos? + Aviso: Uno o más volúmenes favoritos del sistema no fue desmontado limpiamente y puede contener errores en el sistema de archivos. Vaya al visor de eventos del sistema para obtener más detalles.\n\nUsar un sistema de archivos corrupto puede causar pérdida o corrupción de datos. Debería comprobar los volúmenes afectados en busca de errores (click derecho en cada uno en VeraCrypt y seleccione 'Reparar Sistema de Archivos'). + Aviso: Reparar un sistema de archivos dañado usando la herramienta de Microsoft 'chkdsk' podría causar pérdida de archivos en las áreas dañadas. Por tanto, es recomendable que primero copie los archivos almacenados en el volumen VeraCrypt a otro volumen VeraCrypt sin errores.\n\n¿Desea reparar el sistema de archivos ahora? + El volumen '%s' ha sido montado como sólo lectura porque se denegó el acceso a escritura.\n\nAsegúrese de que los permisos de seguridad del contenedor le permiten escribir en él (click derecho en el contenedor y seleccione Propiedades > Seguridad).\n\nRecuerde que, debido a un problema de Windows, puede ver este aviso incluso tras ajustar los permisos apropiados. Esto no es culpa de un error de VeraCrypt. Una posible solución es mover su contenedor a su carpeta 'Mis Documentos'.\n\nSi desea mantener su volumen como sólo lectura, establezca el atributo sólo lectura del contenedor (click derecho en éste y seleccione Propiedades > Sólo lectura), lo que suprimirá este aviso. + El volumen '%s' tuvo que ser montado como sólo lectura porque se denegó el acceso a escritura.\n\nAsegúrese de que ninguna otra aplicación (como el software antivirus) esetá accediendo a la partición/dispositivo donde se aloja el volumen. + El volumen '%s' ha sido montado como sólo lectura porque el sistema operativo informó de que el dispositivo está protegido contra escritura.\n\nTenga en cuenta que algunos controladores personalizados de chipset causan que medios grabables parezcan erróneamente protegidos contra escritura. Esto puede solucionarse actualizando o desinstalando los controladores personalizados (no de Microsoft) que haya instalados en este sistema. + Tenga en cuenta que la tecnología Hyper-Threading proporciona múltiples núcleos lógicos por cada núcleo físico. Cuando Hyper-Threading está activado, el número seleccionado representa el número de procesadores o núcleos lógicos. + %d hilos + Recuerde que AES acelerado por hardware está deshabilitado, lo que afectará a los resultados (peor rendimiento).\n\nPara habilitar la aceleración hardware, seleccione 'Configuración' > 'Rendimiento' y marque la casilla correspondiente. + Recuerde que el número de hilos está actualmente limitado, lo que afectará a los resultados (peor rendimiento).\n\nPara utilizar toda la potencia de los procesadores, seleccione 'Configuración' > 'Rendimiento' y desmarque la casilla correspondiente. + ¿Desea que VeraCrypt intente desactivar la protección contra escritura de la partición/unidad? + AVISO: Esta configuración puede perjudicar el rendimiento.\n\n¿Seguro que desea aplicarla? + Aviso: volumen VeraCrypt auto-desmontado + Antes de eliminar o desactivar un dispositivo que contenga un volumen montado, debería desmontar el volumen en VeraCrypt primero.\n\nLos desmontajes espontáneos inesperados a menudo son causados por cables que fallan intermitentemente, carcasas defectuosas, etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Probar + Archivo-llave + Retroceso + Tabulador + Limpiar + Intro + Pausa + Bloqueo Mayúsculas + Barra Espaciadora + AvPag + RePag + Fin + Inicio + Flecha Izquierda + Flecha Arriba + Flecha Derecha + Flecha Abajo + Seleccionar + Imprimir + Ejecutar + Imprimir Pant. + Insertar + Borrar + Aplicaciones + Detener/Sleep + Bloq. Numérico + Bloq. Scroll + Explorador atrás + Explorador adelante + Explorador actualizar + Explorador parar + Explorador buscar + Explorador favoritos + Explorador inicio + Silencio + Bajar Volumen + Subir Volumen + Pista Siguiente + Pista Anterior + Stop + Reproducir/Pausa + Inicio Correo + Seleccionar Medio + Aplicación 1 + Aplicación 2 + Attn + CrSel + ExSel + Reproducir + Zoom + Teclado numérico + Mayúsculas + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.et.xml b/Translations/Language.et.xml index 65c41794..051e5e41 100644 --- a/Translations/Language.et.xml +++ b/Translations/Language.et.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Tühista - Install &for all users - Bro&wse... - Lisa VeraCrypti ikoon Töölauale - Donate now... - Associate the .hc file &extension with VeraCrypt - &Open the destination location when finished - Lisa VeraCrypt &Start menüüsse - Loo süsteemi taastepunkt - &Eemaldamine - &Extract - &Install - VeraCrypt Setup Wizard - Eemalda VeraCrypt - Abi - Please select or type the location where you want to place the extracted files: - Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. - Click Uninstall to remove VeraCrypt from this system. - Katkesta - &Benchmark - &Testi - Create encrypted volume and format it - Encrypt partition in place - Display generated keys (their portions) - Kuva maatriksi sisu - Download CD/DVD recording software - Create an encrypted file container - &GB - &TB - More information - Hi&dden VeraCrypt volume - More information about hidden volumes - Direct mode - Normal mode - &KB - Kasuta võtmefaile - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - Võtmefailid.. - Informatsioon räsi algoritmide kohta - Rohkem informatsiooni - Information on PIM - &MB - More information - More information about system encryption - More information - Multi-boot - Encrypt a non-system partition/drive - Ära salvesta ajalukku - Ava välimine konteiner - &Pause - Use P&IM - Use PIM - Kiire formaatimine - Kuva salasõna - &Display password - &Display PIM - Single-boot - Standard VeraCrypt volume - Hi&dden - Normal - Encrypt the system partition or entire system drive - Encrypt the Windows system partition - Encrypt the whole drive - VeraCrypt Volume Creation Wizard - Klaster - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. - Kinnita: - Valmis - Drive letter: - Krüpteerimisalgoritm - Failisüsteem - Creates a virtual encrypted disk within a file. Recommended for inexperienced users. - Valikud - Räsi algoritm - Päise võti: - Järele jäänud - Peavõti: - Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - Current pool content (partial) - Pass - Salasõna: - Volume PIM: - Volume PIM: - Progress: - Juhuslik maatriks: - Select this option if there is only one operating system installed on this computer (even if it has multiple users). - Kiirus - Status - The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. - Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Wipe mode: - Sulge - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - Ära tee midagi - &Auto-haagi VeraCrypt konteiner (täpsustatud allpool) - Käivita VeraCrypt - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - Sirvi... - Sirvi... - Hoia salasõnu ja võtmefaile mälus - Välju haagitud konteinerite puudumisel - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - Lisa VeraCrypti konteineriloomise nõustaja - Loo - Loo konteiner - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Kasuta võtmefaile - Kasuta võtmefaile - Välju - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Määra - Eemalda - Võtmefailid... - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - &Auto-haagi seadmed - Haakevalikud... - Haagi konteiner kirjutuskaitstuna - Võtmefailid... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Lubatud - Hoia salasõna tüüreli mälus - Auto-haagi lahti konteiner peale mitte kirjutamist/lugemist - Kasutaja logib välja - User session locked - Energiasäästurežiimi sisenemisel - Ekraanisäästja käivitub - Sunni lahti-haakima isegi kui failid/kataloogid on avatud - Haagi kõik seadme-baasil VeraCrypt konteinerid - Start VeraCrypt Background Task - Haagi konteiner kirjutuskaitstuna - Haagi konteinerid kui eemaldatav meedia - Ava edukalt haagitud konteiner Exploreris - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Kustuta kogutud salasõnad automaatsel lahtihaakimisel - Kustuta väljumisel kogutud salasõnad - Preserve modification timestamp of file containers - Algseadista - Vali seade... - Vali fail... - Select &Library... - Kuva salasõna - Kuva salasõna - Ava haagitud konteiner &Exploreri aknas - Hoia salasõnu tüürelis vahemälus - TrueCrypt Mode - Haagi kõik lahti - Konteineri atribuudid... - Konteineri &tööriistad... - Tühjenda vahemälu - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - Süsteemi kiirklahvid - VeraCrypt - Change Password or Keyfiles - Sisesta VeraCrypt konteineri salasõna - VeraCrypt - Performance and Driver Options - VeraCrypt - Eelistused - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - VeraCrypt Traveler Disk Setup - VeraCrypti konteineri atribuudid - Teave... - Lisa/Eemalda võtmefailid konteinerist... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Konteineri päisest varukoopia loomine... - Jõudlustest... - Säti päise võtme derivatsiooni algoritm... - Konteineri salasõna vahetamine... - Set Header Key Derivation Algorithm... - Change Password... - Puhasta konteineri ajalugu - Close All Security Token Sessions - Kontakt... - Create Hidden Operating System... - Create Rescue Disk... - Loo uus konteiner... - Permanently Decrypt... - Vaikimisi võtmefailid... - Default Mount Parameters... - Donate now... - Encrypt System Partition/Drive... - Korduma Kippuvad Küsimused - Kasutaja teejuht - Koduleht - Kiirklahvid... - Võtmefaili generaator - Keel... - Õiguslikud märkmed - Manage Security Token Keyfiles... - Auto-haagi kõik seadme-baasil konteinerid - Haagi lemmik konteinerid - Mount Without Pre-Boot &Authentication... - Haagi valitud konteiner - Haagi valitud konteiner lisavalikutega - Uudised - Online abi - Algaja käsiraamat - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Permanently Decrypt System Partition/Drive - Eelistused... - Draivitähtede nimekirja värskendamine - Kõigi võtmefailide eemaldamine konteinerist... - Taasta konteineri päis... - Resume Interrupted Process - Vali seade... - Vali fail... - Resume Interrupted Process - System Encryption... - Properties... - Settings... - System Favorite Volumes... - Allalaadimine - Testi vektoreid... - Security Tokens... - Traveler Disk Setup... - Haagi lahti kõik haagitud konteinerid - Konteineri lahtihaakimine - Verify Rescue Disk - Verify Rescue Disk ISO Image - Versiooni ajalugu - Volume Expander - Konteineri atribuudid - Konteineri loomise nõustaja - VeraCrypti kodulehekülg - Puhasta kogutud salasõnad - Olgu - Hardware Acceleration - Otsetee - AutoRun konfiguratsioon (autorun.inf) - Auto-lahtihaakimine - Haagi kõik lahti kui: - Boot Loader Screen Options - Kinnita salasõna: - Jooksev - Display this custom message in the pre-boot authentication screen (24 characters maximum): - Vaikimisi haakevalikud - Kiirklahvide valikud - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Faili seaded - Määratud klahv: - Processor (CPU) in this computer supports hardware acceleration for AES: - Windowsisse sisselogimisel teostatavad tegevused - minutit - Haagi konteiner draivitähega: - Haakimise seaded - Uus - Salasõna: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - Salasõna vahemälu - Security Options - VeraCrypt taustakäsk - VeraCrypt volume to mount (relative to traveler disk root): - Upon insertion of traveler disk: - Create traveler disk files at (traveler disk root directory): - Konteiner - Windows - Lisa failitee... - &Auto-Testi kõik - &Continue - Dekrüpteeri - &Delete - Krüpti - &Export... - Genereeri ja salvesta võtmefail... - &Genereeri juhuslik võtmefail... - Keelepaki allalaadimine - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - Ka&suta võtmefaile - Võtmefailid... - Eemalda - Eemalda kõik - Mis on peidetud konteineri kaitse? - More information on keyfiles - Haagi konteiner kui eemaldatav meedia - Mount partition &using system encryption without pre-boot authentication - Parallelization: - Jõudlustest - &Print - Kaitse peidetud konteinerit vigastuse eest välisesse kirjutamisel - Algseadista - Kuva salasõna - Add &Token Files... - Use backup header embedded in &volume if available - XTS mode - Teave VeraCryptist - VeraCrypt - krüpteerimisalgoritmi jõudlustest - VeraCrypt - Vektorite testimine - Käsurea abi - VeraCrypt - Võtmefailid - VeraCrypt - Võtmefaili generaator - VeraCrypt - Keel - VeraCrypt - haakimise valikud - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Vali seade või partitsioon - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Aktiivne keelepakk - Kiirust mõjutavad CPU jõudeoleku laetus ja salvestussead-\nmete karakteristika.\n\nNeed testid toimuvad arvuti RAM-is. - Puhvri suurus: - Šiffer: - Peidetud konteineri salasõna:\n(kui tühi, kasutatakse vahemälu) - Peidetud konteineri kaitsmine - Võtme suurus: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. - HOIATUS: Kui sa kaotad võtmefaili või isegi üks bit selle esimesest 1024 kilobaidist muutub, muutub võimatuks selle võtmefailiga konteinerite haakimine! - bitti - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Tõlkija: - Lihtteksti suurus: - bitti - Maatriksi sisu hetkel - Segav PRF: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Secondary key (hexadecimal) - Security token: - Sorteerimisviis: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Block number: - Šiffertekst (hexadecimal) - Data unit number (64-bit hexadecimal, data unit size is 512 bytes) - Võti (hexadecimal) - Lihttekst (hexadecimal) - Keyfile name: - XTS mode - S&ystem - Konteinerid - Favor&ites - Tööriistad - Settin&gs - Abi - Kodulehekülg - - Teave... - Kirjutuskaitstuse atribuuti sinu vanal konteineril ei saa muuta. Kontrolli faili juurdepääsuõigusi. - Viga: Juurdepääs keelatud.\n\nPartitsioon, millele proovite jjuurde pääseda on 0 sektorit pikk või on boot-seade. - Administrator - VeraCrypti tüüreli laadimiseks pead sa olema sisse logitud Administratori õigustes. - Pane tähele, et krüptida/formaatida partitsiooni/seadet, pead sa olema sisse logitud Administraatori õigustes. See ei kehti faili-baasil konteineritele. - Peidetud konteineri loomiseks pead sa olema sisse logitud Administraatori õigustes.\n\nJätkan? - Pane tähele, et formaatida konteiner kui NTFS, pead sa olema sisse logitud Administraatori õigustes. Ilma Administraatori õigusteta saad sa konteineri formaatida kui FAT. - FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. - See konteiner on juba haagitud. - HOIATUS: Vähemalt üks krüpteerimis- või räsialgoritm ebaõnnestus sisseehitatud enesetestimises\n\nVeraCrypt paigaldus võib olla viga saanud. - HOIATUS: Juhusliku numbri generaatori maatriksis ei ole piisavalt andmeid loomaks piisavas hulgas juhuslikke andmeid.\n\nSa ei tohiks jätkata. Palun vali 'Teavita veast' Abi-menüüst ja teata sellest veast. - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Vigane draivi täht. - Invalid path. - Tühista - Ei sa seadmele ligi. Veendu, et valitud seade eksisteerib ja ei ole süsteemi poolt kasutuses. - Hoiatus: Caps Lock on sees. See võib põhjustada salasõna valesti sisetsamise. - Volume Type - It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. - Select this option if you want to create a normal VeraCrypt volume. - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - Välise konteineri krüpteerimisvalikud - Peidetud konteineri krüpteerimisvalikud - Krüpteerimise valikud - HOIATUS: Viimase konteineri/võtmefaili failitee kustutamine ebaõnnestus (failisirvija mälus)! - Viga: konteiner on pakitud failisüsteemi tasemel. VeraCrypt ei toeta pakitud konteinereid (pane tähele, et krüptitud andmete pakkimine on ebaefektiivne ja liigne).\n\nPalun keela konteineri pakkimine järgides neid samme: 1) Parem klikk konteineril Windows Exploreris (mitte VeraCryptis). 2) Vali 'Properties'. 3) Dialoogiaknas 'Properties' kliki 'Advanced'. 4) Dialoogiakanas 'Advanced Attributes' keela valik 'Compress contents to save disk space' ja kliki 'OK'. 5) Dialoogiaknas 'Properties' kliki 'OK'. - Konteineri %s loomine ebaõnnestus - %s maht on %.2f baiti - %s maht on %.2f KB - %s maht on %.2f MB - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - HOIATUS: Seade/partitsioon on kasutuses rakenduste või operatsioonisüsteemi poolt. Seadme/partitsiooni formaatimine võib põhjustada andmekadu ja süsteemi ebastabiilsust.\n\nJätkan? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - Viga: seade/partitsioon sisaldab failisüsteemi, mida ei saa lahti haakida. Failisüsteem võib olla kasutuses operatsioonisüsteemi poolt. Seadme/partitsiooni formaatimine põhjustab väga tõenäoliselt andmete kao ja süsteemi ebastabiilsuse.\n\nSelle lahendamiseks soovitame, et sa kõigepealt kustutad selle partitsiooni ja siis lood ilma formaatimata uuesti. Selle tegemiseks järgi järgmisi juhtnööre: 1) Parem-klikk 'Arvuti' (või 'Minu Arvuti') ikooni peal Start menüüs ja vali 'Manage'. 'Computer Managemant' aken peaks kuvatama. 2) 'Computer Managemant' aknas vali 'Storage' > 'Disk Management'. 3) Parem-klikk partitsiooni, mida soovid krüpteerida ja vali 'Delete Partition' või 'Delete Volume' või 'Delete Logical Drive'. 4) Kliki 'Jah'. Kui Windows käseb taaskäivitada, tee seda. Siis korda samme 1 ja 2 ja jätka sammuga 5. 5) Parem-kliki kasutamata/vaba ruumi peal ja vali 'New Partition' või 'New Simple Volume' või 'New Logical Drive'. 6) 'New Partition Wizard' või 'New Simple Volume Wizard' aken peaks ilmuma; järgi selle instruktsioone. Viisardi aknal tiitliga 'Format Partition' vali 'Do not format this partition' või 'Do not format this volume'. Samas viisardis kliki 'Next' ja siis 'Finish'. 7) Pane tähele, et seadme tee VeraCryptis võib olla vale. Seetõttu välju VeraCrypti konteineri loomise nõustaja (kui see ikka käib) ja käivita see uuesti. 8) Proovi krüptida seadet/partitsiooni uuesti.\n\nKui VeraCrypt korduvalt ebaõnnestub seadme/partitsiooni krüpteerimisega, võid kaaluda faili baasil konteineri loomist. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - HOIATUS: Mõni haagitud seade/partitsioon on juba kasutuses!\n\nSelle ignoreerimine võib põhjustada soovimatuid tagajärgi k.a süsteemi ebastabiilsust.\n\nSoovitame rangelt sulgeda rakendused, mis võivad kasutada seadmeid/partitsioone. - Valitud seade sisaldab partitsioone.\n\nSeadme formaatimine võib põhjustada süsteemi ebastabiilsust ja/või andmete korrumpeerumist. Palun vali kas üks partitsioon seadmel või eemalda kõik partitsioonid, et VeraCrypt saaks seadme turvaliselt formaatida. - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Vaba ruumi kettal %s %.2f baiti. - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - Ei suutnud vabu draivitähti hankida. - Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Viga: šifri initsialiseerimise viga. - Viga: tuvastati nõrk või potensiaalselt nõrk võti. Võti visatakse ära. Palun proovi uuesti. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypti kriitiline viga - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Encrypt - &Decrypt - &Permanently Decrypt - Välju - Palun loo logical draiv sellele extended partitsioonile ja proovi siis uuesti. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - Vali konteineri asukoht, millesse soovid luua peidetud konteineri. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - Viga: konteineri haakimine ebaõnnestus. Majutusfail/seade on juba kasutuses. Katse haakida ekslusiivse juurdepääsuga ebaõnnestus samuti. - Faili avamine ebaõnnestus. - Konteineri asukoht - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Note: - &Resume - &Defer - &Start - &Continue - &Formaadi - &Wipe - Katkestada formaatimine? - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - The system partition/drive has been successfully decrypted. - \n\nVeraCrypti konteiner on loodud ja kasutuseks valmis. Kui soovid luua veel mõne VeraCrypti konteineri, kliki 'Edasi'. Vastasel juhul kliki 'Välju'. - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCrypti konteiner on edukalt loodud. - Konteiner loodud - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. - Click Format to create the outer volume. For more information, please refer to the documentation. - Välise konteineri formaatimine - Peidetud konteineri formaatimine - Konteineri formaatimine - Adobe Reader (või vastav tööriist) on vajalik VeraCrypti kasutaja teejuhi vaatamiseks/printimiseks. Adobe Readerit (vabavara) saab alla laadida: www.adobe.com\n\nKas soovid vaadata hoopiski dokumentatsiooni võrgust? - If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. - If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. - Volume Creation Mode - Peidetud konteiner lodud - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - Väline konteiner on edukalt loodud ja haagitud kui draiv %hc:. Sellesse konteinerisse peaksid sa nüüd kopeerima tundliku välimusega faile, mida sa tegelikult EI TAHA peita. Need failid on neile, kes sunnivad sind salasõna avaldama. Vajadusel avaldad ainult selle välise konteineri, mitte peidetud konteineri salasõna. Failid, mida tegelikult tahad kaitsta, on salvestatud peidetud konteinerisse, mille loome hiljem. Kopeerimise lõpetamisel kliki 'Edasi'. Ära haagi konteinerit lahti.\n\nMärkus: peale Edasi klikkimist skanneeritakse välise konteineri klastrikaart leidmaks sekkumata vaba ala suurus, mis on ka peidetud konteineri maksimaalne suurus ja mille lõpp on konteineri lõpp. See ala majutab peidetud konteineri, seega limiteerib selle maksimaalse suuruse. Klastrikaardi skanneerimine tagab, et peidetud konteiner ei kirjuta üle andmeid välises konteineris. - Välimise konteineri sisu - \n\nJärgnevatel sammudel sätid valikud välisele konteinerile (mille sisse hiljem luuakse sisemine konteiner). - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - Väline konteiner - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nKonteineri klastrikaart on skännitud ja maksimaalne peidetud konteineri maht leitud. Järgnevatel sammudel saad valida valikud ning peidetud konteineri maksimumsuuruse ja selle salasõna. - Peidetud konteiner - The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - Your computer must be restarted.\n\nDo you want to restart it now? - An error occurred when obtaining the system encryption status. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Cannot initialize application components for system encryption. - Juhunumbri generaatori initsialiseerimine ebaõnnestus! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Võimetu rakendust initsialiseerima. Dialoogi klassi registreerimine ebaõnnestus. - Error: Failed to load the Rich Edit system library. - VeraCrypt konteineri loomise nõustaja - Maksimaalne võimalik peidetud konteineri suurus sellel konteineril on %.2f baiti. - Maksimaalne võimalik peidetud konteineri suurus sellel konteineril on %.2f KB. - Maksimaalne võimalik peidetud konteineri suurus sellel konteineril on %.2f MB. - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - Konteineri salasõna/võtmefaile ei saa muuta kui konteiner on haagitud. Palun haagi konteiner enne lahti. - Päise võtme derivaatlogaritmi ei saa muuta, kui konteiner on haagitud. Palun haagi konteiner enne lahti. - Haagi - Selle konteineri haakimiseks on vajalik VeraCrypti uuem versioon. - Viga: Konteineri loomise nõustajat ei leidnud.\n\nPalun veendu, et fail 'VeraCrypt Format.exe' on kataloogis, milles on 'VeraCrypt.exe' käivitatud. Kui ei, palun taaspaigalda VeraCrypt või näita 'VeraCrypt Format.exe' asukoht kettal ja käivita see. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - Edasi > - &Lõpeta - &Install - E&xtract - Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. - Ilmnes viga fontide laadimisel/ettevalmistamisel. - The drive letter was not found or no drive letter was specified. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Draivitäht pole saadaval. - Ükski fail pole valitud! - Ühtegi draivi tähte pole saadaval. - Välise konteineri jaoks pole vaba draivi tähte! Konteineri loomine katkestatud. - Sinu operatsioonisüsteemi tuvastamine ebaõnnestus või kasutad toetuseta operatsioonisüsteemi. - Failitee pole valitud! - Peidetud konteinerile pole piisavalt vaba ruumi! Konteineri loomine katkestatud. - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - Tüürel on võimetu konteinerit lahti haakima. Osad failid antud konteineril on tõenäoliselt ikka avatud. - Võimetu konteinerit lukustama. Konteineril on ikka failid avatud. Seetõttu ei saa seda lahti haakida. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - Vali VeraCrypti konteiner - Täpsusta failitee ja faili nimi - Select PKCS #11 Library - Mälu otsas - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? - CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - Salasõna - PIM - Säti päise võtme derivatsiooni algoritm - Lisa/Eemalda võtmefailid konteineri(le/lt) - Eemalda kõik võtmefailid konteinerilt - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Võtmefail(id) edukalt lisatud/eemaldatud. - Keyfile exported. - Päise võtme derivatsioonalgoritm edukalt sätitud. - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. - Palun vali peidetud konteinerile salasõna. - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - Palun sisesta konteineri salasõna, millesse soovid peidetud konteinerit luua.\n\n Peale Edasi klikkimist, VeraCrypt üritab konteinerit külge haakida. Kohe, kui konteiner on haagitud, selle klastrikaart skanneeritakse leidmaks puutumatu vaba ruumi(kui on sellist) maht, mille lõpp märgitakse konteineri lõpuks. See ala majutab peidetud konteinerit ja seega limiteerib selle maksimaalse võimaliku suuruse. Klastrikaardi skanneerimine on oluline tagamaks, et välise konteineri andmeid ei kirjutata üle peidetud konteineri poolt. - \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - Välise konteineri salasõna - Peidetud konteineri salasõna - Password for Hidden Operating System - HOIATUS: Lühikesi salasõnu on kerge murda kasutades toore jõu tehnikaid!\n\nMe soovitame valida salasõna, mis koosneb enam kui 20-st sümbolist.\n\nOled kindel, et soovid kasutada lühikest salasõna? - Konteineri salasõna - Vale salasõna või pole VeraCrypti konteiner. - Ebakorrektne võtmefail(id) ja/või salasõna või pole tegemist VeraCrypti konteineriga. - Wrong mount mode, incorrect password, or not a VeraCrypt volume. - Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. - Ebakorrektne salasõna või pole VeraCrypti konteinerit leitud. - Ebakorrektsed võtmefailid/salasõna või pole VeraCrypti konteinerit leitud. - \n\nHOIATUS: Tõstuklahv on sees. See võib põhjustada salasõna ebakorrektset sisestust. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Back - Võimetu koostama sinu süsteemi paigaldatud toorseadmete nimekirja! - Konteiner '%s' eksisteerib ja on kirjutuskaitstud. Oled kindel, et soovid selle asendada? - Vali sihtkataloog - Vali võtmefail - Vali võtmefailide failitee. HOIATUS: pea meeles, et meelde jäetakse ainult failitee, mitte failinimed! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Välise konteineri maht - Peidetud konteineri maht - Please verify that the size of the selected device/partition shown above is correct and click Next. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Konteineri maht - Dünaamiline - HOIATUS: ENESE-KONTROLLTEST EBAÕNNESTUS! - Kõikide algoritmide enesetestid läbitud - The data unit number that you supplied is too long or short. - The secondary key that you supplied is too long or short. - Testšiffri tekst, mille lisasid, on liiga pikk või liiga lühike. - Testvõti, mille lisasid, on liiga pikk või liiga lühike. - Vormindamata testtekst, mille lisasid on liiga pikk või liiga lühike. - Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt Traveler Disk - Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. - Rohkem infot %s kohta - Tundmatu - An unspecified or unknown error occurred (%d). - Osa konteinereid sisaldavad faile või katalooge, mis rakenduste või süsteemi poolt kasutuses.\n\nSunni lahtihaakima? - Haagi lahti - Lahtihaakimine ebaõnnestus! - Osa konteinereid sisaldavad faile või katalooge, mis rakenduste või süsteemi poolt kasutuses.\n\nSunni lahtihaakima? - No volume is mounted to the specified drive letter. - Konteiner, mida püüad külge haakida on juba haagitud. - Konteineri haakimisel ilmnes viga. - Viga asukoha otsimisel konteineris. - Viga: vale konteineri maht. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt ei suuda muuda võõra konteineri salasõna. - Palun vali listist vaba draivitäht. - Palun vali haagitud konteiner draivitähtede listist. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Viga: Ei suua luua autorun.inf faili - Viga võtmefaili käitlemisel! - Viga võtmefaili failitee käitlemisel! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt ei toeta seda operatsioonisüsteemi. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Viga: ei suuda mälu reserveerida. - Viga: ei sa kätte sooritusloendi väärtust. - Error: Bad volume format. - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - Legal Notices - Kõik failid - VeraCrypt konteinerid - Library Modules - NTFS formaatimist ei saa jätkata. - Ei suuda konteinerit haakida. - Ei suuda konteinerit lahti haakida. - Windows ebaõnnestus konteineri NTFS-i formaatimisega.\n\nPalun vali teist tüüpi failisüsteem (kui võimalik) ja proovi uuesti. Alternatiivina saad jätta konteineri formaatimata (vali 'Puudub' failisüsteemina), välju sellest nõustajast, haagi konteiner ja siis kasuta süsteemi või 3-nda osapoole tööriista haagitud konteineri formaatimiseks (konteiner jääb krüpteerituks). - Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? - Vaikimisi - partition - PARTITSIOON - Seade - device - SEADE - Konteiner - volume - VOLUME - Label - Valitud klastri maht on selle konteineri jaoks liiga väike. Selle asemel kasutatakse suuremat mahtu. - Viga: ei suuda leida konteineri mahtu!\n\nVeendu, et konteiner pole kasutuses süsteemi või mõne rakenduse poolt. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. - Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. - Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). - Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - VIGA: ei pääse konteinerile ligi!\n\nVeendu, et valitud konteiner eksisteerib, et see pole haagitud või kasutuses süsteemi või mõne rakenduse poolt, et sul on lugemise/kirjutamise õigused sellele konteinerile ja see pole kirjutuskaitstud. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Viga: välise konteineri lahtihaakimine ebaõnnestus!\n\nKonteinerit ei saa lahti haakida, kui see sisaldab faile, katalooge, mis kasutuses süsteemi või mõne rakenduse poolt.\n\nPalun sulge iga programm, mis võib kasutada faile või katalooge ja kliki Proovi uuesti. - Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. - Viga: ei pääse välisele konteinerile ligi! Konteineri loomine katkestatud. - Viga: ei õnnestu välise konteineri haakimine! Konteineri loomine katkestatud. - Viga: ei suuda konteineri klastrikaarti hankida! Konteineri loomine katkestatud. - Tähestikuline/Kategooriates - Keskmine kiirus (Kahanev) - Algoritm - Krüpteerimine - Dekrüpteerimine - Keskmine - Draiv - Maht - Krüpteerimisalgoritm - Krüpteerimisalgoritm - Tüüp - Väärtus - Atribuut - Asukoht - baiti - Peidetud - Väline - Tavaline - System - Hidden (system) - Kirjutuskaitstud - System drive - System drive (encrypting - %.2f%% done) - System drive (decrypting - %.2f%% done) - System drive (%.2f%% encrypted) - System partition - Hidden system partition - System partition (encrypting - %.2f%% done) - System partition (decrypting - %.2f%% done) - System partition (%.2f%% encrypted) - Jah (vigastuse eest kaitstud!) - puudub - Primary Key Size - Secondary Key Size (XTS Mode) - Tweak Key Size (LRW Mode) - bitti - Bloki maht - PKCS-5 PRF - PKCS-5 iteratsiooni loend - Konteiner loodud - Päist viimati muudetud - (%I64d päeva tagasi) - Volume Format Version - Embedded Backup Header - VeraCrypt Boot Loader Version - Esimene saadaolev - Removable Disk - Kõvaketas - Muutmata - Autodetection - Wizard Mode - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Setup Options - Here you can set various options to control the installation process. - Installing - Please wait while VeraCrypt is being installed. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Extraction Options - Here you can set various options to control the extraction process. - Please wait while files are being extracted. - Files successfully extracted - All files have been successfully extracted to the destination location. - If the specified folder does not exist, it will be automatically created. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Kas soovid vaadata käesoleva (viimase stabiilse) VeraCrypti versiooni avaldusmärkmeid? - Kui sa pole kunagi VeraCrypti kasutanud, soovitame sul lugeda peatükki Beginner's Tutorial VeraCrypti kasutaja teejuhis. Kas soovid õpetust vaadata? - Please select an action to perform from the following: - Repair/Reinstall - Upgrade - Uninstall - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - Installation failed. - Uninstallation failed. - This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). - Cannot write file %s - Extracting - Cannot read data from the package. - Cannot verify the integrity of this distribution package. - Extraction failed. - Paigaldus võeti tagasi. - VeraCrypt edukalt paigaldatud. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt on edukalt arvutist eemaldatud.\n\nKliki 'Lõpeta' eemaldamaks VeraCrypti paigaldaja ja kataloog %s. Pane tähele, et kataloogi ei eemaldata, kui see sisaldab faile, mida ei paigaldanud VeraCrypti paigaldaja või loonud VeraCrypt. - VeraCrypti registri sissekannete eemaldamine - Registri sissekande lisamine - Eemaldan programmi-spetsiifilisi andmeid - Paigaldan - Peatan - Eemaldan - Ikooni lisamine - Süsteemi taastepunkti loomine - Süsteemi taastepunkti loomine ebaõnnestus! - Updating boot loader - Failed to install '%s'. %s\nDo you want to continue installing? - Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? - Paigaldus lõpetatud. - Kataloogi '%s' ei suudeta luua - VeraCrypti seadme tüüreli laadimine ebaõnnestus.\n\nPalun sulge alustuseks kõik avatud VeraCrypti aknad. Kui see ei aita, palun tee Windowsile taaskäivitus ja proovi siis uuesti. - Kõik VeraCrypti konteinerid peavad olema enne VeraCrypti paigaldamist või eemaldamist lahti haagitud. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - Registri sissekannete paigaldus ebaõnnestus - Seadmetüüreli paigaldamine ebaõnnestus. Palun taaskäivita Windows ja proovi VeraCrypti uuesti paigaldada. - Käivitan VeraCrypti seadme tüürelit - Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). - VeraCrypti tüüreli paigaldamine - VeraCrypti tüüreli peatamine - Eemaldan VeraCrypti tüürelit - User Account Control toe teegi registreerimine ebaõnnestus. - User Account Control toe teegi registrist kustutamine ebaõnnestus. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - Error: Cannot display license. - Välimine(!) - päeva - tundi - minutit - s - Ava - Haagi lahti - Kuva VeraCrypt - Peida VeraCrypt - Haakimisest alates andmeid loetud - Haakimisest alates andmeid kirjutatud - Encrypted Portion - 100% (fully encrypted) - 0% (not encrypted) - %.3f%% - 100% - Waiting - Preparing - Resizing - Encrypting - Decrypting - Finalizing - Paused - Finished - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Sisesta %s salasõna - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - Võtmefail on edukalt loodud. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - Konteineri päise varukoopia on edukalt loodud.\n\nTÄHTIS: taastades konteineri päist kasutades seda varukoopiat, taastab muuhulgas hetkel kehtiva salasõna. Veel enam, kui võtmefailid on vajalikud selle konteineri haakimiseks, on samad võtmefailid vajalikud ka peale konteineri päise taastamist.\n\nHOIATUS: Seda päise varukoopiat võib kasutada AINULT selle konkreetse konteineri päise taastamiseks. Kui sa kasutad seda varukoopiat mõne teise konteineri päise taastamiseks, on võialik konteinerit küll haakida, aga mitte dekrüpteerida (kuna sa muudad tema peavõtit). - Konteineri päis on edukalt taastatud.\n\nTÄHTIS: pane tähele, et vana salasõna on taastatud samuti. Veelgi, kui võtmefail(id) oli(d) vajalik(ud) konteineri haakimiseks kui varukoopia loodi, on samad võtmefailid taas vajalikud konteineri haakimiseks. - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - Oled kindel, et soovid taastada konteineri %s päise?\n\nHOIATUS: päise taastamine taastab samuti salasõna, mis kehtis päisest varukoopia loomise hetkel. Lisaks, kui võtmefail(id) oli(d) kasutuses päise varukoopia loomise hetkel, on need samad võtmefailid taas haakimiseks vajalikud peale sellest varukoopiast päise taastamist. - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. - The VeraCrypt Rescue Disk has been successfully verified. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Error creating VeraCrypt Rescue Disk. - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Jätkamiseks haagi palun konteiner lahti. - Error: Cannot set timer. - Kontrolli failisüsteemi - Paranda failisüsteem - Add to Favorites... - Add to System Favorites... - P&roperties... - Peidetud konteineri kaitsmine - N/A - Jah - Ei - Disabled - 1 - 2 or more - Töörežiim - Label: - Size: - Path: - Drive Letter: - Viga: Salasõna peab sisaldama ainult ASCII sümboleid.\n\nMitte-ASCII sümbolid salasõnas võivad põhjustada, et konteineri haakimine on võimatu, kui süsteemi konfiguratsioon muutub.\n\nJärgnevad sümbolid on lubatud:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Hoiatus: salasõna sisaldab mitte-ASCII sümboleid. See võib põhjustada, et konteineri hakkimine muutub võimatuks, kui sinu süsteemi konfiguratsioon muutub.\n\nPeaksid asendama kõik mitte-ASCII sümbolid ASCII sümbolitega. Selleks, kliki 'Konteinerid' -> 'Muuda konteineri salasõna'.\n\nJärgnevad on ASCII sümbolid:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Koduleht - Hoiatus: Paistab, et sa pole lisanud ühtegi teeninduspakki oma Windowsi instalatsioonile. Sa ei tohiks kirjutada IDE ketastele suuremad kui 128 GB Windows XP all, millele pole lisatud Service Pack 1 või hilisem! Kui sa teed seda, andmed kettal (hoolimata, kas see on VeraCrypti konteiner või ei) võivad saada viga. Pane tähele, et see on Windowsi piirang, mitte VeraCrypti viga. - HOIATUS: Paistab, et sa pole lisanud Service Pack 3 või hilisemat oma Windowsi installatsioonile. Sa ei tohiks kirjutada IDE ketastele suuremad kui 128 GB Windows 2000 all, millele pole lisatud Service Pack 3 või hilisem! Kui sa teed seda, andmed kettal (hoolimata, kas see on VeraCrypti konteiner või ei) võivad saada viga. Pane tähele, et see on Windowsi piirang, mitte VeraCrypti viga.\n\nMärkus: Sa pead ka lubama 48-bitise LBA toe registris; lähemat informatsiooni vaata: http://support.microsoft.com/kb/305098/EN-US - HOIATUS: 48-bitine LBA AtAPI toetus on sinu süsteemis välja lülitatud. Seetõttu ei tohiks sa kirjutada IDE ketastele, mis on suuremad kui 128GB! Kui sa teed seda, andmed kettal (ükskõik, kas need on VeraCrypti konteineri või ei) võivad viga saada. Pane tähele, et see on Windowsi limitatsioon, mitte VeraCrypti oma.\n\n48-bitise LBA toetuse sisselülitamiseks lisa 'EnableBigLba' registrivõti HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters alla ja säti selle väärtuseks 1.\n\nLähemat informatsiooni vaata http://support.microsoft.com/kb/305098 - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - HOIATUS: Kui soovid säilitada võimaluse lisada tulevikus välisesse konteinerisse andmeid/faile, peaksid kaaluma peidetud konteineri väiksemat mahtu.\n\nOled kindel, et soovid jätkata valitud mahuga? - Ühtegi konteinerit pole valitud.\n\nKliki 'Vali seade' või 'Vali fail' valimaks VeraCrypti konteiner. - No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. - WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? - Auto-haagi seadmed - Haagi kõik lahti - Puhasta vahemälu - Dismount All & Wipe Cache - Sunni kõiki lahti haakima & Puhasta vahemälu - Sunni kõiki lahtihaakima, Puhasta vahemälu & Välju - Haagi lemmik konteinerid - Kuva/Peida VeraCrypti peaaken - (Kliki siia ja vajuta klahvil) - Tegevus - Otsetee - Viga: See kiirklahv on reserveeritud. Palun vali teine kiirklahv. - Viga: kiirklah juba kasutuses. - HOIATUS: Üks või rohkem VeraCrypti ülesüsteemne kiirklahv ei tööta!\n\nPalun veendu, et teised rakendused ja operatsioonisüsteem ei kasuta samu otseteesid kui VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - HOIATUS: kui see valik on keelatud, konteinerid, mis sisaldavad avatud faile/katalooge EI ole võimaliks automaatselt lahti haakida.\n\nOled kindel, et soovid selle valiku keelata? - HOIATUS: konteinerid, mis sisaldavad avatud faile/katalooge EI haagita automaatselt lahti.\n\nSelle vältimiseks, luba järgnev valik dialoogiaknas: 'Sunni lahti-haakima isegi kui failid/kataloogid on avatud' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Exit? - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. - Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. - Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. - Error: Failed to interrupt the process of wiping. - Error: Failed to resume the process of encryption/decryption of the system partition/drive. - Error: Failed to start the process of wiping. - Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - HOIATUS: VeraCrypti taustakäsk on keelatud. Peale VeraCryptist väljumist ei teavitata sind kui peidetud konteineri vigastust on välditud.\n\nMärkus: võid taustakäsu alati välja lilitada parem-klikkides TrueCrykti süsteemisalve ikoonil ja valides 'Välju'.\n\nLuba VeraCrypti taustakäsk? - Keelepaki versioon: %s - Kontrollin failisüsteemi TruCrypti konteineris haagitud kui %s... - Proovin parandada failisüsteemi VeraCrypti konteineris haagitud kui %s... - Hoiatus: see konteiner on krüpteeritud iganenud krüpteerimusalgoritmiga.\n\nKõik 64-bitise blokiga krüpteerimisalgoritmid (ehk Blowfish, CAST-128, või Triple DES) on iganenud. Tulevaste VeraCrypti versioonidega on võimalik sellist konteinerit küll haakida, kuid edasiarendusi ja täiendusi neile algoritmidele ei tehta. Me soovitame, et lood uue konteineri krüpteeritud 128-bitise blokiga algoritmiga (ehk AES, Serpent, Twofish, jne) ja liigutad kõik oma failid sellest konteinerist uude konteinerisse. - Sinu süsteem ei ole konfigureeritud automaatselt haakima uusi konteinereid. Võib olla võimatu haakida seadme baasil VeraCrypti konteinereid. Automaatse haakimise saab lubada käivitades järgneva käsu ja taaskäivitades süsteemi.\n\nmountvol.exe /E - Palun omista partitsioonile/seadmele enne jätkamist draivitäht ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nPane tähele, et see on operatsioonisüsteemi poolne nõue. - Haagi VeraCrypti konteiner - Haagi lahti kõik VeraCrypti konteinerid - VeraCrypt ei saa kätte Administraatori õigusi. - Juurdepääs keelati operatsioonisüsteemi poolt.\n\nVõimalik põhjus: Operatsioonisüsteem nõuab, et sul oleks lugemise/kirutamise (või administraatori) õigused teatud kataloogidele, failidele ja seadmetele, et võimaldada sul andmeid lugeda/kirjutada neisse. Tavaliselt on ilma administraatori õiguseta kasutajal lugemise/kirjutamise õigus enda My Documents kataloogile. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. - The feature is not supported on the version of the operating system you are currently using. - VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. - CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). - Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - Your system partition/drive appears to be fully encrypted. - VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). - As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - This algorithm is currently not supported for system encryption. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. - Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. - As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. - VeraCrypt prevented change of keyboard layout. - Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - Error: Cannot save system encryption settings. - Cannot initiate the system encryption pretest. - Cannot initiate the process of creation of the hidden operating system. - Wipe Mode - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - None (fastest) - 1-pass (random data) - 3-pass (US DoD 5220.22-M) - 7-pass (US DoD 5220.22-M) - 35-pass ("Gutmann") - 256-pass - Number of Operating Systems - WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Boot Drive - Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. - VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. - Number of System Drives - How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. - VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. - Multiple Systems on Single Drive - Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. - Non-Windows Boot Loader - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - Multi-Boot - VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - Detecting Hidden Sectors - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - Area to Encrypt - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Collecting Random Data - Keys Generated - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Rescue Disk Recording - Rescue Disk Created - System Encryption Pretest - Rescue Disk Verified - \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? - Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Pretest Completed - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - Do you want to cancel the system encryption pretest? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - The system partition/drive does not appear to be encrypted (neither partially nor fully). - Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. - An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. - Error: The process of encryption of the partition/drive has not been completed. It must be completed first. - Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - Error: Incorrect/invalid parameter. - You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? - Do you want to create a VeraCrypt file container instead? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Are you sure you want to permanently decrypt the system partition/drive? - CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Failed to upgrade the VeraCrypt Boot Loader. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. - Skip detection of hidden sectors (use the size reported by the operating system) - Try to detect hidden sectors again - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Rescue Disk - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Test - Võtmefail - Tagasivõtuklahv - Tab - Puhasta - Enter - Paus - Tõstulukk - Tühiku klahv - Lehekülg üles - Lehekülg alla - Lõppu - Kodu - Nool vasakule - Nool üles - Nool paremale - Nool alla - Vali klahv - Trükiklahv - Käivitusklahv - Tee kuvatõmmis - Sisesta - Kustuta - Rakenduse klahv - Uni - Numbrilukk - Kerimislukk - Lehitseja tagasi - Lehitseja edasi - Lehitseja värskenda - Lehitseja peata - Lehitseja otsing - Lehitseja järjehoidjad - Lehitseja koduleht - Vaigista - Hääl maha - Hääl peale - Järgmine lugu - Eelmine lugu - Peata meedia - Mängi/Pausi meedia - Käivita mail klahv - Vali meedia klahv - Rakendus 1 - Rakendus 2 - Attn - CrSel - ExSel - Mängi - Zuum - Numbriklahvid - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Tühista + Install &for all users + Bro&wse... + Lisa VeraCrypti ikoon Töölauale + Donate now... + Associate the .hc file &extension with VeraCrypt + &Open the destination location when finished + Lisa VeraCrypt &Start menüüsse + Loo süsteemi taastepunkt + &Eemaldamine + &Extract + &Install + VeraCrypt Setup Wizard + Eemalda VeraCrypt + Abi + Please select or type the location where you want to place the extracted files: + Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. + Click Uninstall to remove VeraCrypt from this system. + Katkesta + &Benchmark + &Testi + Create encrypted volume and format it + Encrypt partition in place + Display generated keys (their portions) + Kuva maatriksi sisu + Download CD/DVD recording software + Create an encrypted file container + &GB + &TB + More information + Hi&dden VeraCrypt volume + More information about hidden volumes + Direct mode + Normal mode + &KB + Kasuta võtmefaile + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + Võtmefailid.. + Informatsioon räsi algoritmide kohta + Rohkem informatsiooni + Information on PIM + &MB + More information + More information about system encryption + More information + Multi-boot + Encrypt a non-system partition/drive + Ära salvesta ajalukku + Ava välimine konteiner + &Pause + Use P&IM + Use PIM + Kiire formaatimine + Kuva salasõna + &Display password + &Display PIM + Single-boot + Standard VeraCrypt volume + Hi&dden + Normal + Encrypt the system partition or entire system drive + Encrypt the Windows system partition + Encrypt the whole drive + VeraCrypt Volume Creation Wizard + Klaster + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. + Kinnita: + Valmis + Drive letter: + Krüpteerimisalgoritm + Failisüsteem + Creates a virtual encrypted disk within a file. Recommended for inexperienced users. + Valikud + Räsi algoritm + Päise võti: + Järele jäänud + Peavõti: + Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + Current pool content (partial) + Pass + Salasõna: + Volume PIM: + Volume PIM: + Progress: + Juhuslik maatriks: + Select this option if there is only one operating system installed on this computer (even if it has multiple users). + Kiirus + Status + The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. + Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Wipe mode: + Sulge + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + Ära tee midagi + &Auto-haagi VeraCrypt konteiner (täpsustatud allpool) + Käivita VeraCrypt + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + Sirvi... + Sirvi... + Hoia salasõnu ja võtmefaile mälus + Välju haagitud konteinerite puudumisel + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + Lisa VeraCrypti konteineriloomise nõustaja + Loo + Loo konteiner + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Kasuta võtmefaile + Kasuta võtmefaile + Välju + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Määra + Eemalda + Võtmefailid... + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + &Auto-haagi seadmed + Haakevalikud... + Haagi konteiner kirjutuskaitstuna + Võtmefailid... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Lubatud + Hoia salasõna tüüreli mälus + Auto-haagi lahti konteiner peale mitte kirjutamist/lugemist + Kasutaja logib välja + User session locked + Energiasäästurežiimi sisenemisel + Ekraanisäästja käivitub + Sunni lahti-haakima isegi kui failid/kataloogid on avatud + Haagi kõik seadme-baasil VeraCrypt konteinerid + Start VeraCrypt Background Task + Haagi konteiner kirjutuskaitstuna + Haagi konteinerid kui eemaldatav meedia + Ava edukalt haagitud konteiner Exploreris + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Kustuta kogutud salasõnad automaatsel lahtihaakimisel + Kustuta väljumisel kogutud salasõnad + Preserve modification timestamp of file containers + Algseadista + Vali seade... + Vali fail... + Select &Library... + Kuva salasõna + Kuva salasõna + Ava haagitud konteiner &Exploreri aknas + Hoia salasõnu tüürelis vahemälus + TrueCrypt Mode + Haagi kõik lahti + Konteineri atribuudid... + Konteineri &tööriistad... + Tühjenda vahemälu + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - Süsteemi kiirklahvid + VeraCrypt + Change Password or Keyfiles + Sisesta VeraCrypt konteineri salasõna + VeraCrypt - Performance and Driver Options + VeraCrypt - Eelistused + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + VeraCrypt Traveler Disk Setup + VeraCrypti konteineri atribuudid + Teave... + Lisa/Eemalda võtmefailid konteinerist... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Konteineri päisest varukoopia loomine... + Jõudlustest... + Säti päise võtme derivatsiooni algoritm... + Konteineri salasõna vahetamine... + Set Header Key Derivation Algorithm... + Change Password... + Puhasta konteineri ajalugu + Close All Security Token Sessions + Kontakt... + Create Hidden Operating System... + Create Rescue Disk... + Loo uus konteiner... + Permanently Decrypt... + Vaikimisi võtmefailid... + Default Mount Parameters... + Donate now... + Encrypt System Partition/Drive... + Korduma Kippuvad Küsimused + Kasutaja teejuht + Koduleht + Kiirklahvid... + Võtmefaili generaator + Keel... + Õiguslikud märkmed + Manage Security Token Keyfiles... + Auto-haagi kõik seadme-baasil konteinerid + Haagi lemmik konteinerid + Mount Without Pre-Boot &Authentication... + Haagi valitud konteiner + Haagi valitud konteiner lisavalikutega + Uudised + Online abi + Algaja käsiraamat + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Permanently Decrypt System Partition/Drive + Eelistused... + Draivitähtede nimekirja värskendamine + Kõigi võtmefailide eemaldamine konteinerist... + Taasta konteineri päis... + Resume Interrupted Process + Vali seade... + Vali fail... + Resume Interrupted Process + System Encryption... + Properties... + Settings... + System Favorite Volumes... + Allalaadimine + Testi vektoreid... + Security Tokens... + Traveler Disk Setup... + Haagi lahti kõik haagitud konteinerid + Konteineri lahtihaakimine + Verify Rescue Disk + Verify Rescue Disk ISO Image + Versiooni ajalugu + Volume Expander + Konteineri atribuudid + Konteineri loomise nõustaja + VeraCrypti kodulehekülg + Puhasta kogutud salasõnad + Olgu + Hardware Acceleration + Otsetee + AutoRun konfiguratsioon (autorun.inf) + Auto-lahtihaakimine + Haagi kõik lahti kui: + Boot Loader Screen Options + Kinnita salasõna: + Jooksev + Display this custom message in the pre-boot authentication screen (24 characters maximum): + Vaikimisi haakevalikud + Kiirklahvide valikud + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Faili seaded + Määratud klahv: + Processor (CPU) in this computer supports hardware acceleration for AES: + Windowsisse sisselogimisel teostatavad tegevused + minutit + Haagi konteiner draivitähega: + Haakimise seaded + Uus + Salasõna: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + Salasõna vahemälu + Security Options + VeraCrypt taustakäsk + VeraCrypt volume to mount (relative to traveler disk root): + Upon insertion of traveler disk: + Create traveler disk files at (traveler disk root directory): + Konteiner + Windows + Lisa failitee... + &Auto-Testi kõik + &Continue + Dekrüpteeri + &Delete + Krüpti + &Export... + Genereeri ja salvesta võtmefail... + &Genereeri juhuslik võtmefail... + Keelepaki allalaadimine + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + Ka&suta võtmefaile + Võtmefailid... + Eemalda + Eemalda kõik + Mis on peidetud konteineri kaitse? + More information on keyfiles + Haagi konteiner kui eemaldatav meedia + Mount partition &using system encryption without pre-boot authentication + Parallelization: + Jõudlustest + &Print + Kaitse peidetud konteinerit vigastuse eest välisesse kirjutamisel + Algseadista + Kuva salasõna + Add &Token Files... + Use backup header embedded in &volume if available + XTS mode + Teave VeraCryptist + VeraCrypt - krüpteerimisalgoritmi jõudlustest + VeraCrypt - Vektorite testimine + Käsurea abi + VeraCrypt - Võtmefailid + VeraCrypt - Võtmefaili generaator + VeraCrypt - Keel + VeraCrypt - haakimise valikud + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Vali seade või partitsioon + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Aktiivne keelepakk + Kiirust mõjutavad CPU jõudeoleku laetus ja salvestussead-\nmete karakteristika.\n\nNeed testid toimuvad arvuti RAM-is. + Puhvri suurus: + Šiffer: + Peidetud konteineri salasõna:\n(kui tühi, kasutatakse vahemälu) + Peidetud konteineri kaitsmine + Võtme suurus: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. + HOIATUS: Kui sa kaotad võtmefaili või isegi üks bit selle esimesest 1024 kilobaidist muutub, muutub võimatuks selle võtmefailiga konteinerite haakimine! + bitti + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Tõlkija: + Lihtteksti suurus: + bitti + Maatriksi sisu hetkel + Segav PRF: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Secondary key (hexadecimal) + Security token: + Sorteerimisviis: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Block number: + Šiffertekst (hexadecimal) + Data unit number (64-bit hexadecimal, data unit size is 512 bytes) + Võti (hexadecimal) + Lihttekst (hexadecimal) + Keyfile name: + XTS mode + S&ystem + Konteinerid + Favor&ites + Tööriistad + Settin&gs + Abi + Kodulehekülg + + Teave... + Kirjutuskaitstuse atribuuti sinu vanal konteineril ei saa muuta. Kontrolli faili juurdepääsuõigusi. + Viga: Juurdepääs keelatud.\n\nPartitsioon, millele proovite jjuurde pääseda on 0 sektorit pikk või on boot-seade. + Administrator + VeraCrypti tüüreli laadimiseks pead sa olema sisse logitud Administratori õigustes. + Pane tähele, et krüptida/formaatida partitsiooni/seadet, pead sa olema sisse logitud Administraatori õigustes. See ei kehti faili-baasil konteineritele. + Peidetud konteineri loomiseks pead sa olema sisse logitud Administraatori õigustes.\n\nJätkan? + Pane tähele, et formaatida konteiner kui NTFS, pead sa olema sisse logitud Administraatori õigustes. Ilma Administraatori õigusteta saad sa konteineri formaatida kui FAT. + FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. + See konteiner on juba haagitud. + HOIATUS: Vähemalt üks krüpteerimis- või räsialgoritm ebaõnnestus sisseehitatud enesetestimises\n\nVeraCrypt paigaldus võib olla viga saanud. + HOIATUS: Juhusliku numbri generaatori maatriksis ei ole piisavalt andmeid loomaks piisavas hulgas juhuslikke andmeid.\n\nSa ei tohiks jätkata. Palun vali 'Teavita veast' Abi-menüüst ja teata sellest veast. + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Vigane draivi täht. + Invalid path. + Tühista + Ei sa seadmele ligi. Veendu, et valitud seade eksisteerib ja ei ole süsteemi poolt kasutuses. + Hoiatus: Caps Lock on sees. See võib põhjustada salasõna valesti sisetsamise. + Volume Type + It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. + Select this option if you want to create a normal VeraCrypt volume. + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + Välise konteineri krüpteerimisvalikud + Peidetud konteineri krüpteerimisvalikud + Krüpteerimise valikud + HOIATUS: Viimase konteineri/võtmefaili failitee kustutamine ebaõnnestus (failisirvija mälus)! + Viga: konteiner on pakitud failisüsteemi tasemel. VeraCrypt ei toeta pakitud konteinereid (pane tähele, et krüptitud andmete pakkimine on ebaefektiivne ja liigne).\n\nPalun keela konteineri pakkimine järgides neid samme: 1) Parem klikk konteineril Windows Exploreris (mitte VeraCryptis). 2) Vali 'Properties'. 3) Dialoogiaknas 'Properties' kliki 'Advanced'. 4) Dialoogiakanas 'Advanced Attributes' keela valik 'Compress contents to save disk space' ja kliki 'OK'. 5) Dialoogiaknas 'Properties' kliki 'OK'. + Konteineri %s loomine ebaõnnestus + %s maht on %.2f baiti + %s maht on %.2f KB + %s maht on %.2f MB + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + HOIATUS: Seade/partitsioon on kasutuses rakenduste või operatsioonisüsteemi poolt. Seadme/partitsiooni formaatimine võib põhjustada andmekadu ja süsteemi ebastabiilsust.\n\nJätkan? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + Viga: seade/partitsioon sisaldab failisüsteemi, mida ei saa lahti haakida. Failisüsteem võib olla kasutuses operatsioonisüsteemi poolt. Seadme/partitsiooni formaatimine põhjustab väga tõenäoliselt andmete kao ja süsteemi ebastabiilsuse.\n\nSelle lahendamiseks soovitame, et sa kõigepealt kustutad selle partitsiooni ja siis lood ilma formaatimata uuesti. Selle tegemiseks järgi järgmisi juhtnööre: 1) Parem-klikk 'Arvuti' (või 'Minu Arvuti') ikooni peal Start menüüs ja vali 'Manage'. 'Computer Managemant' aken peaks kuvatama. 2) 'Computer Managemant' aknas vali 'Storage' > 'Disk Management'. 3) Parem-klikk partitsiooni, mida soovid krüpteerida ja vali 'Delete Partition' või 'Delete Volume' või 'Delete Logical Drive'. 4) Kliki 'Jah'. Kui Windows käseb taaskäivitada, tee seda. Siis korda samme 1 ja 2 ja jätka sammuga 5. 5) Parem-kliki kasutamata/vaba ruumi peal ja vali 'New Partition' või 'New Simple Volume' või 'New Logical Drive'. 6) 'New Partition Wizard' või 'New Simple Volume Wizard' aken peaks ilmuma; järgi selle instruktsioone. Viisardi aknal tiitliga 'Format Partition' vali 'Do not format this partition' või 'Do not format this volume'. Samas viisardis kliki 'Next' ja siis 'Finish'. 7) Pane tähele, et seadme tee VeraCryptis võib olla vale. Seetõttu välju VeraCrypti konteineri loomise nõustaja (kui see ikka käib) ja käivita see uuesti. 8) Proovi krüptida seadet/partitsiooni uuesti.\n\nKui VeraCrypt korduvalt ebaõnnestub seadme/partitsiooni krüpteerimisega, võid kaaluda faili baasil konteineri loomist. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + HOIATUS: Mõni haagitud seade/partitsioon on juba kasutuses!\n\nSelle ignoreerimine võib põhjustada soovimatuid tagajärgi k.a süsteemi ebastabiilsust.\n\nSoovitame rangelt sulgeda rakendused, mis võivad kasutada seadmeid/partitsioone. + Valitud seade sisaldab partitsioone.\n\nSeadme formaatimine võib põhjustada süsteemi ebastabiilsust ja/või andmete korrumpeerumist. Palun vali kas üks partitsioon seadmel või eemalda kõik partitsioonid, et VeraCrypt saaks seadme turvaliselt formaatida. + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Vaba ruumi kettal %s %.2f baiti. + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + Ei suutnud vabu draivitähti hankida. + Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Viga: šifri initsialiseerimise viga. + Viga: tuvastati nõrk või potensiaalselt nõrk võti. Võti visatakse ära. Palun proovi uuesti. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypti kriitiline viga + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Encrypt + &Decrypt + &Permanently Decrypt + Välju + Palun loo logical draiv sellele extended partitsioonile ja proovi siis uuesti. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + Vali konteineri asukoht, millesse soovid luua peidetud konteineri. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + Viga: konteineri haakimine ebaõnnestus. Majutusfail/seade on juba kasutuses. Katse haakida ekslusiivse juurdepääsuga ebaõnnestus samuti. + Faili avamine ebaõnnestus. + Konteineri asukoht + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Note: + &Resume + &Defer + &Start + &Continue + &Formaadi + &Wipe + Katkestada formaatimine? + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + The system partition/drive has been successfully decrypted. + \n\nVeraCrypti konteiner on loodud ja kasutuseks valmis. Kui soovid luua veel mõne VeraCrypti konteineri, kliki 'Edasi'. Vastasel juhul kliki 'Välju'. + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCrypti konteiner on edukalt loodud. + Konteiner loodud + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. + Click Format to create the outer volume. For more information, please refer to the documentation. + Välise konteineri formaatimine + Peidetud konteineri formaatimine + Konteineri formaatimine + Adobe Reader (või vastav tööriist) on vajalik VeraCrypti kasutaja teejuhi vaatamiseks/printimiseks. Adobe Readerit (vabavara) saab alla laadida: www.adobe.com\n\nKas soovid vaadata hoopiski dokumentatsiooni võrgust? + If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. + If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. + Volume Creation Mode + Peidetud konteiner lodud + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + Väline konteiner on edukalt loodud ja haagitud kui draiv %hc:. Sellesse konteinerisse peaksid sa nüüd kopeerima tundliku välimusega faile, mida sa tegelikult EI TAHA peita. Need failid on neile, kes sunnivad sind salasõna avaldama. Vajadusel avaldad ainult selle välise konteineri, mitte peidetud konteineri salasõna. Failid, mida tegelikult tahad kaitsta, on salvestatud peidetud konteinerisse, mille loome hiljem. Kopeerimise lõpetamisel kliki 'Edasi'. Ära haagi konteinerit lahti.\n\nMärkus: peale Edasi klikkimist skanneeritakse välise konteineri klastrikaart leidmaks sekkumata vaba ala suurus, mis on ka peidetud konteineri maksimaalne suurus ja mille lõpp on konteineri lõpp. See ala majutab peidetud konteineri, seega limiteerib selle maksimaalse suuruse. Klastrikaardi skanneerimine tagab, et peidetud konteiner ei kirjuta üle andmeid välises konteineris. + Välimise konteineri sisu + \n\nJärgnevatel sammudel sätid valikud välisele konteinerile (mille sisse hiljem luuakse sisemine konteiner). + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + Väline konteiner + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nKonteineri klastrikaart on skännitud ja maksimaalne peidetud konteineri maht leitud. Järgnevatel sammudel saad valida valikud ning peidetud konteineri maksimumsuuruse ja selle salasõna. + Peidetud konteiner + The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + Your computer must be restarted.\n\nDo you want to restart it now? + An error occurred when obtaining the system encryption status. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Cannot initialize application components for system encryption. + Juhunumbri generaatori initsialiseerimine ebaõnnestus! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Võimetu rakendust initsialiseerima. Dialoogi klassi registreerimine ebaõnnestus. + Error: Failed to load the Rich Edit system library. + VeraCrypt konteineri loomise nõustaja + Maksimaalne võimalik peidetud konteineri suurus sellel konteineril on %.2f baiti. + Maksimaalne võimalik peidetud konteineri suurus sellel konteineril on %.2f KB. + Maksimaalne võimalik peidetud konteineri suurus sellel konteineril on %.2f MB. + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + Konteineri salasõna/võtmefaile ei saa muuta kui konteiner on haagitud. Palun haagi konteiner enne lahti. + Päise võtme derivaatlogaritmi ei saa muuta, kui konteiner on haagitud. Palun haagi konteiner enne lahti. + Haagi + Selle konteineri haakimiseks on vajalik VeraCrypti uuem versioon. + Viga: Konteineri loomise nõustajat ei leidnud.\n\nPalun veendu, et fail 'VeraCrypt Format.exe' on kataloogis, milles on 'VeraCrypt.exe' käivitatud. Kui ei, palun taaspaigalda VeraCrypt või näita 'VeraCrypt Format.exe' asukoht kettal ja käivita see. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + Edasi > + &Lõpeta + &Install + E&xtract + Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. + Ilmnes viga fontide laadimisel/ettevalmistamisel. + The drive letter was not found or no drive letter was specified. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Draivitäht pole saadaval. + Ükski fail pole valitud! + Ühtegi draivi tähte pole saadaval. + Välise konteineri jaoks pole vaba draivi tähte! Konteineri loomine katkestatud. + Sinu operatsioonisüsteemi tuvastamine ebaõnnestus või kasutad toetuseta operatsioonisüsteemi. + Failitee pole valitud! + Peidetud konteinerile pole piisavalt vaba ruumi! Konteineri loomine katkestatud. + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + Tüürel on võimetu konteinerit lahti haakima. Osad failid antud konteineril on tõenäoliselt ikka avatud. + Võimetu konteinerit lukustama. Konteineril on ikka failid avatud. Seetõttu ei saa seda lahti haakida. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + Vali VeraCrypti konteiner + Täpsusta failitee ja faili nimi + Select PKCS #11 Library + Mälu otsas + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? + CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + Salasõna + PIM + Säti päise võtme derivatsiooni algoritm + Lisa/Eemalda võtmefailid konteineri(le/lt) + Eemalda kõik võtmefailid konteinerilt + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Võtmefail(id) edukalt lisatud/eemaldatud. + Keyfile exported. + Päise võtme derivatsioonalgoritm edukalt sätitud. + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. + Palun vali peidetud konteinerile salasõna. + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + Palun sisesta konteineri salasõna, millesse soovid peidetud konteinerit luua.\n\n Peale Edasi klikkimist, VeraCrypt üritab konteinerit külge haakida. Kohe, kui konteiner on haagitud, selle klastrikaart skanneeritakse leidmaks puutumatu vaba ruumi(kui on sellist) maht, mille lõpp märgitakse konteineri lõpuks. See ala majutab peidetud konteinerit ja seega limiteerib selle maksimaalse võimaliku suuruse. Klastrikaardi skanneerimine on oluline tagamaks, et välise konteineri andmeid ei kirjutata üle peidetud konteineri poolt. + \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + Välise konteineri salasõna + Peidetud konteineri salasõna + Password for Hidden Operating System + HOIATUS: Lühikesi salasõnu on kerge murda kasutades toore jõu tehnikaid!\n\nMe soovitame valida salasõna, mis koosneb enam kui 20-st sümbolist.\n\nOled kindel, et soovid kasutada lühikest salasõna? + Konteineri salasõna + Vale salasõna või pole VeraCrypti konteiner. + Ebakorrektne võtmefail(id) ja/või salasõna või pole tegemist VeraCrypti konteineriga. + Wrong mount mode, incorrect password, or not a VeraCrypt volume. + Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. + Ebakorrektne salasõna või pole VeraCrypti konteinerit leitud. + Ebakorrektsed võtmefailid/salasõna või pole VeraCrypti konteinerit leitud. + \n\nHOIATUS: Tõstuklahv on sees. See võib põhjustada salasõna ebakorrektset sisestust. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Back + Võimetu koostama sinu süsteemi paigaldatud toorseadmete nimekirja! + Konteiner '%s' eksisteerib ja on kirjutuskaitstud. Oled kindel, et soovid selle asendada? + Vali sihtkataloog + Vali võtmefail + Vali võtmefailide failitee. HOIATUS: pea meeles, et meelde jäetakse ainult failitee, mitte failinimed! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Välise konteineri maht + Peidetud konteineri maht + Please verify that the size of the selected device/partition shown above is correct and click Next. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Konteineri maht + Dünaamiline + HOIATUS: ENESE-KONTROLLTEST EBAÕNNESTUS! + Kõikide algoritmide enesetestid läbitud + The data unit number that you supplied is too long or short. + The secondary key that you supplied is too long or short. + Testšiffri tekst, mille lisasid, on liiga pikk või liiga lühike. + Testvõti, mille lisasid, on liiga pikk või liiga lühike. + Vormindamata testtekst, mille lisasid on liiga pikk või liiga lühike. + Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt Traveler Disk + Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. + Rohkem infot %s kohta + Tundmatu + An unspecified or unknown error occurred (%d). + Osa konteinereid sisaldavad faile või katalooge, mis rakenduste või süsteemi poolt kasutuses.\n\nSunni lahtihaakima? + Haagi lahti + Lahtihaakimine ebaõnnestus! + Osa konteinereid sisaldavad faile või katalooge, mis rakenduste või süsteemi poolt kasutuses.\n\nSunni lahtihaakima? + No volume is mounted to the specified drive letter. + Konteiner, mida püüad külge haakida on juba haagitud. + Konteineri haakimisel ilmnes viga. + Viga asukoha otsimisel konteineris. + Viga: vale konteineri maht. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt ei suuda muuda võõra konteineri salasõna. + Palun vali listist vaba draivitäht. + Palun vali haagitud konteiner draivitähtede listist. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Viga: Ei suua luua autorun.inf faili + Viga võtmefaili käitlemisel! + Viga võtmefaili failitee käitlemisel! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt ei toeta seda operatsioonisüsteemi. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Viga: ei suuda mälu reserveerida. + Viga: ei sa kätte sooritusloendi väärtust. + Error: Bad volume format. + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - Legal Notices + Kõik failid + VeraCrypt konteinerid + Library Modules + NTFS formaatimist ei saa jätkata. + Ei suuda konteinerit haakida. + Ei suuda konteinerit lahti haakida. + Windows ebaõnnestus konteineri NTFS-i formaatimisega.\n\nPalun vali teist tüüpi failisüsteem (kui võimalik) ja proovi uuesti. Alternatiivina saad jätta konteineri formaatimata (vali 'Puudub' failisüsteemina), välju sellest nõustajast, haagi konteiner ja siis kasuta süsteemi või 3-nda osapoole tööriista haagitud konteineri formaatimiseks (konteiner jääb krüpteerituks). + Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? + Vaikimisi + partition + PARTITSIOON + Seade + device + SEADE + Konteiner + volume + VOLUME + Label + Valitud klastri maht on selle konteineri jaoks liiga väike. Selle asemel kasutatakse suuremat mahtu. + Viga: ei suuda leida konteineri mahtu!\n\nVeendu, et konteiner pole kasutuses süsteemi või mõne rakenduse poolt. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. + Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. + Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). + Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + VIGA: ei pääse konteinerile ligi!\n\nVeendu, et valitud konteiner eksisteerib, et see pole haagitud või kasutuses süsteemi või mõne rakenduse poolt, et sul on lugemise/kirjutamise õigused sellele konteinerile ja see pole kirjutuskaitstud. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Viga: välise konteineri lahtihaakimine ebaõnnestus!\n\nKonteinerit ei saa lahti haakida, kui see sisaldab faile, katalooge, mis kasutuses süsteemi või mõne rakenduse poolt.\n\nPalun sulge iga programm, mis võib kasutada faile või katalooge ja kliki Proovi uuesti. + Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. + Viga: ei pääse välisele konteinerile ligi! Konteineri loomine katkestatud. + Viga: ei õnnestu välise konteineri haakimine! Konteineri loomine katkestatud. + Viga: ei suuda konteineri klastrikaarti hankida! Konteineri loomine katkestatud. + Tähestikuline/Kategooriates + Keskmine kiirus (Kahanev) + Algoritm + Krüpteerimine + Dekrüpteerimine + Keskmine + Draiv + Maht + Krüpteerimisalgoritm + Krüpteerimisalgoritm + Tüüp + Väärtus + Atribuut + Asukoht + baiti + Peidetud + Väline + Tavaline + System + Hidden (system) + Kirjutuskaitstud + System drive + System drive (encrypting - %.2f%% done) + System drive (decrypting - %.2f%% done) + System drive (%.2f%% encrypted) + System partition + Hidden system partition + System partition (encrypting - %.2f%% done) + System partition (decrypting - %.2f%% done) + System partition (%.2f%% encrypted) + Jah (vigastuse eest kaitstud!) + puudub + Primary Key Size + Secondary Key Size (XTS Mode) + Tweak Key Size (LRW Mode) + bitti + Bloki maht + PKCS-5 PRF + PKCS-5 iteratsiooni loend + Konteiner loodud + Päist viimati muudetud + (%I64d päeva tagasi) + Volume Format Version + Embedded Backup Header + VeraCrypt Boot Loader Version + Esimene saadaolev + Removable Disk + Kõvaketas + Muutmata + Autodetection + Wizard Mode + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Setup Options + Here you can set various options to control the installation process. + Installing + Please wait while VeraCrypt is being installed. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Extraction Options + Here you can set various options to control the extraction process. + Please wait while files are being extracted. + Files successfully extracted + All files have been successfully extracted to the destination location. + If the specified folder does not exist, it will be automatically created. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Kas soovid vaadata käesoleva (viimase stabiilse) VeraCrypti versiooni avaldusmärkmeid? + Kui sa pole kunagi VeraCrypti kasutanud, soovitame sul lugeda peatükki Beginner's Tutorial VeraCrypti kasutaja teejuhis. Kas soovid õpetust vaadata? + Please select an action to perform from the following: + Repair/Reinstall + Upgrade + Uninstall + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + Installation failed. + Uninstallation failed. + This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). + Cannot write file %s + Extracting + Cannot read data from the package. + Cannot verify the integrity of this distribution package. + Extraction failed. + Paigaldus võeti tagasi. + VeraCrypt edukalt paigaldatud. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt on edukalt arvutist eemaldatud.\n\nKliki 'Lõpeta' eemaldamaks VeraCrypti paigaldaja ja kataloog %s. Pane tähele, et kataloogi ei eemaldata, kui see sisaldab faile, mida ei paigaldanud VeraCrypti paigaldaja või loonud VeraCrypt. + VeraCrypti registri sissekannete eemaldamine + Registri sissekande lisamine + Eemaldan programmi-spetsiifilisi andmeid + Paigaldan + Peatan + Eemaldan + Ikooni lisamine + Süsteemi taastepunkti loomine + Süsteemi taastepunkti loomine ebaõnnestus! + Updating boot loader + Failed to install '%s'. %s\nDo you want to continue installing? + Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? + Paigaldus lõpetatud. + Kataloogi '%s' ei suudeta luua + VeraCrypti seadme tüüreli laadimine ebaõnnestus.\n\nPalun sulge alustuseks kõik avatud VeraCrypti aknad. Kui see ei aita, palun tee Windowsile taaskäivitus ja proovi siis uuesti. + Kõik VeraCrypti konteinerid peavad olema enne VeraCrypti paigaldamist või eemaldamist lahti haagitud. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + Registri sissekannete paigaldus ebaõnnestus + Seadmetüüreli paigaldamine ebaõnnestus. Palun taaskäivita Windows ja proovi VeraCrypti uuesti paigaldada. + Käivitan VeraCrypti seadme tüürelit + Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). + VeraCrypti tüüreli paigaldamine + VeraCrypti tüüreli peatamine + Eemaldan VeraCrypti tüürelit + User Account Control toe teegi registreerimine ebaõnnestus. + User Account Control toe teegi registrist kustutamine ebaõnnestus. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + Error: Cannot display license. + Välimine(!) + päeva + tundi + minutit + s + Ava + Haagi lahti + Kuva VeraCrypt + Peida VeraCrypt + Haakimisest alates andmeid loetud + Haakimisest alates andmeid kirjutatud + Encrypted Portion + 100% (fully encrypted) + 0% (not encrypted) + %.3f%% + 100% + Waiting + Preparing + Resizing + Encrypting + Decrypting + Finalizing + Paused + Finished + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Sisesta %s salasõna + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + Võtmefail on edukalt loodud. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + Konteineri päise varukoopia on edukalt loodud.\n\nTÄHTIS: taastades konteineri päist kasutades seda varukoopiat, taastab muuhulgas hetkel kehtiva salasõna. Veel enam, kui võtmefailid on vajalikud selle konteineri haakimiseks, on samad võtmefailid vajalikud ka peale konteineri päise taastamist.\n\nHOIATUS: Seda päise varukoopiat võib kasutada AINULT selle konkreetse konteineri päise taastamiseks. Kui sa kasutad seda varukoopiat mõne teise konteineri päise taastamiseks, on võialik konteinerit küll haakida, aga mitte dekrüpteerida (kuna sa muudad tema peavõtit). + Konteineri päis on edukalt taastatud.\n\nTÄHTIS: pane tähele, et vana salasõna on taastatud samuti. Veelgi, kui võtmefail(id) oli(d) vajalik(ud) konteineri haakimiseks kui varukoopia loodi, on samad võtmefailid taas vajalikud konteineri haakimiseks. + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + Oled kindel, et soovid taastada konteineri %s päise?\n\nHOIATUS: päise taastamine taastab samuti salasõna, mis kehtis päisest varukoopia loomise hetkel. Lisaks, kui võtmefail(id) oli(d) kasutuses päise varukoopia loomise hetkel, on need samad võtmefailid taas haakimiseks vajalikud peale sellest varukoopiast päise taastamist. + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. + The VeraCrypt Rescue Disk has been successfully verified. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Error creating VeraCrypt Rescue Disk. + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Jätkamiseks haagi palun konteiner lahti. + Error: Cannot set timer. + Kontrolli failisüsteemi + Paranda failisüsteem + Add to Favorites... + Add to System Favorites... + P&roperties... + Peidetud konteineri kaitsmine + N/A + Jah + Ei + Disabled + 1 + 2 or more + Töörežiim + Label: + Size: + Path: + Drive Letter: + Viga: Salasõna peab sisaldama ainult ASCII sümboleid.\n\nMitte-ASCII sümbolid salasõnas võivad põhjustada, et konteineri haakimine on võimatu, kui süsteemi konfiguratsioon muutub.\n\nJärgnevad sümbolid on lubatud:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Hoiatus: salasõna sisaldab mitte-ASCII sümboleid. See võib põhjustada, et konteineri hakkimine muutub võimatuks, kui sinu süsteemi konfiguratsioon muutub.\n\nPeaksid asendama kõik mitte-ASCII sümbolid ASCII sümbolitega. Selleks, kliki 'Konteinerid' -> 'Muuda konteineri salasõna'.\n\nJärgnevad on ASCII sümbolid:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Koduleht + Hoiatus: Paistab, et sa pole lisanud ühtegi teeninduspakki oma Windowsi instalatsioonile. Sa ei tohiks kirjutada IDE ketastele suuremad kui 128 GB Windows XP all, millele pole lisatud Service Pack 1 või hilisem! Kui sa teed seda, andmed kettal (hoolimata, kas see on VeraCrypti konteiner või ei) võivad saada viga. Pane tähele, et see on Windowsi piirang, mitte VeraCrypti viga. + HOIATUS: Paistab, et sa pole lisanud Service Pack 3 või hilisemat oma Windowsi installatsioonile. Sa ei tohiks kirjutada IDE ketastele suuremad kui 128 GB Windows 2000 all, millele pole lisatud Service Pack 3 või hilisem! Kui sa teed seda, andmed kettal (hoolimata, kas see on VeraCrypti konteiner või ei) võivad saada viga. Pane tähele, et see on Windowsi piirang, mitte VeraCrypti viga.\n\nMärkus: Sa pead ka lubama 48-bitise LBA toe registris; lähemat informatsiooni vaata: http://support.microsoft.com/kb/305098/EN-US + HOIATUS: 48-bitine LBA AtAPI toetus on sinu süsteemis välja lülitatud. Seetõttu ei tohiks sa kirjutada IDE ketastele, mis on suuremad kui 128GB! Kui sa teed seda, andmed kettal (ükskõik, kas need on VeraCrypti konteineri või ei) võivad viga saada. Pane tähele, et see on Windowsi limitatsioon, mitte VeraCrypti oma.\n\n48-bitise LBA toetuse sisselülitamiseks lisa 'EnableBigLba' registrivõti HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters alla ja säti selle väärtuseks 1.\n\nLähemat informatsiooni vaata http://support.microsoft.com/kb/305098 + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + HOIATUS: Kui soovid säilitada võimaluse lisada tulevikus välisesse konteinerisse andmeid/faile, peaksid kaaluma peidetud konteineri väiksemat mahtu.\n\nOled kindel, et soovid jätkata valitud mahuga? + Ühtegi konteinerit pole valitud.\n\nKliki 'Vali seade' või 'Vali fail' valimaks VeraCrypti konteiner. + No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. + WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? + Auto-haagi seadmed + Haagi kõik lahti + Puhasta vahemälu + Dismount All & Wipe Cache + Sunni kõiki lahti haakima & Puhasta vahemälu + Sunni kõiki lahtihaakima, Puhasta vahemälu & Välju + Haagi lemmik konteinerid + Kuva/Peida VeraCrypti peaaken + (Kliki siia ja vajuta klahvil) + Tegevus + Otsetee + Viga: See kiirklahv on reserveeritud. Palun vali teine kiirklahv. + Viga: kiirklah juba kasutuses. + HOIATUS: Üks või rohkem VeraCrypti ülesüsteemne kiirklahv ei tööta!\n\nPalun veendu, et teised rakendused ja operatsioonisüsteem ei kasuta samu otseteesid kui VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + HOIATUS: kui see valik on keelatud, konteinerid, mis sisaldavad avatud faile/katalooge EI ole võimaliks automaatselt lahti haakida.\n\nOled kindel, et soovid selle valiku keelata? + HOIATUS: konteinerid, mis sisaldavad avatud faile/katalooge EI haagita automaatselt lahti.\n\nSelle vältimiseks, luba järgnev valik dialoogiaknas: 'Sunni lahti-haakima isegi kui failid/kataloogid on avatud' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Exit? + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. + Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. + Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. + Error: Failed to interrupt the process of wiping. + Error: Failed to resume the process of encryption/decryption of the system partition/drive. + Error: Failed to start the process of wiping. + Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + HOIATUS: VeraCrypti taustakäsk on keelatud. Peale VeraCryptist väljumist ei teavitata sind kui peidetud konteineri vigastust on välditud.\n\nMärkus: võid taustakäsu alati välja lilitada parem-klikkides TrueCrykti süsteemisalve ikoonil ja valides 'Välju'.\n\nLuba VeraCrypti taustakäsk? + Keelepaki versioon: %s + Kontrollin failisüsteemi TruCrypti konteineris haagitud kui %s... + Proovin parandada failisüsteemi VeraCrypti konteineris haagitud kui %s... + Hoiatus: see konteiner on krüpteeritud iganenud krüpteerimusalgoritmiga.\n\nKõik 64-bitise blokiga krüpteerimisalgoritmid (ehk Blowfish, CAST-128, või Triple DES) on iganenud. Tulevaste VeraCrypti versioonidega on võimalik sellist konteinerit küll haakida, kuid edasiarendusi ja täiendusi neile algoritmidele ei tehta. Me soovitame, et lood uue konteineri krüpteeritud 128-bitise blokiga algoritmiga (ehk AES, Serpent, Twofish, jne) ja liigutad kõik oma failid sellest konteinerist uude konteinerisse. + Sinu süsteem ei ole konfigureeritud automaatselt haakima uusi konteinereid. Võib olla võimatu haakida seadme baasil VeraCrypti konteinereid. Automaatse haakimise saab lubada käivitades järgneva käsu ja taaskäivitades süsteemi.\n\nmountvol.exe /E + Palun omista partitsioonile/seadmele enne jätkamist draivitäht ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nPane tähele, et see on operatsioonisüsteemi poolne nõue. + Haagi VeraCrypti konteiner + Haagi lahti kõik VeraCrypti konteinerid + VeraCrypt ei saa kätte Administraatori õigusi. + Juurdepääs keelati operatsioonisüsteemi poolt.\n\nVõimalik põhjus: Operatsioonisüsteem nõuab, et sul oleks lugemise/kirutamise (või administraatori) õigused teatud kataloogidele, failidele ja seadmetele, et võimaldada sul andmeid lugeda/kirjutada neisse. Tavaliselt on ilma administraatori õiguseta kasutajal lugemise/kirjutamise õigus enda My Documents kataloogile. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. + The feature is not supported on the version of the operating system you are currently using. + VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. + CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). + Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + Your system partition/drive appears to be fully encrypted. + VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). + As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + This algorithm is currently not supported for system encryption. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. + Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. + As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. + VeraCrypt prevented change of keyboard layout. + Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + Error: Cannot save system encryption settings. + Cannot initiate the system encryption pretest. + Cannot initiate the process of creation of the hidden operating system. + Wipe Mode + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + None (fastest) + 1-pass (random data) + 3-pass (US DoD 5220.22-M) + 7-pass (US DoD 5220.22-M) + 35-pass ("Gutmann") + 256-pass + Number of Operating Systems + WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Boot Drive + Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. + VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. + Number of System Drives + How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. + VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. + Multiple Systems on Single Drive + Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. + Non-Windows Boot Loader + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + Multi-Boot + VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + Detecting Hidden Sectors + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + Area to Encrypt + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Collecting Random Data + Keys Generated + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Rescue Disk Recording + Rescue Disk Created + System Encryption Pretest + Rescue Disk Verified + \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? + Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Pretest Completed + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + Do you want to cancel the system encryption pretest? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + The system partition/drive does not appear to be encrypted (neither partially nor fully). + Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. + An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. + Error: The process of encryption of the partition/drive has not been completed. It must be completed first. + Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + Error: Incorrect/invalid parameter. + You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? + Do you want to create a VeraCrypt file container instead? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Are you sure you want to permanently decrypt the system partition/drive? + CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Failed to upgrade the VeraCrypt Boot Loader. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. + Skip detection of hidden sectors (use the size reported by the operating system) + Try to detect hidden sectors again + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Rescue Disk + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Test + Võtmefail + Tagasivõtuklahv + Tab + Puhasta + Enter + Paus + Tõstulukk + Tühiku klahv + Lehekülg üles + Lehekülg alla + Lõppu + Kodu + Nool vasakule + Nool üles + Nool paremale + Nool alla + Vali klahv + Trükiklahv + Käivitusklahv + Tee kuvatõmmis + Sisesta + Kustuta + Rakenduse klahv + Uni + Numbrilukk + Kerimislukk + Lehitseja tagasi + Lehitseja edasi + Lehitseja värskenda + Lehitseja peata + Lehitseja otsing + Lehitseja järjehoidjad + Lehitseja koduleht + Vaigista + Hääl maha + Hääl peale + Järgmine lugu + Eelmine lugu + Peata meedia + Mängi/Pausi meedia + Käivita mail klahv + Vali meedia klahv + Rakendus 1 + Rakendus 2 + Attn + CrSel + ExSel + Mängi + Zuum + Numbriklahvid + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.eu.xml b/Translations/Language.eu.xml index 5b3ccc02..0852dbb1 100644 --- a/Translations/Language.eu.xml +++ b/Translations/Language.eu.xml @@ -1,1458 +1,1458 @@ - - - - - - - - - - - - Utzi - Erabiltzaile &guztientzako instalatu - Na&bigatu... - VeraCrypt-en ikonoa idazmahian sortu - Orain eman... - .hc &luzapena VeraCrypt-i lotu - &Bukatzerakoan helbidea ireki - VeraCrypt &Hasiera menuan erantsi - &Sistemaren Berreskuratze puntu bat sortu - &Desinstalatu - &Atera - &Instalatu - VeraCrypt Konfigurazio Laguntzailea - VeraCrypt Desinstalatu - &Laguntza - Mesedez, aukeratu edo idatzi ezazu ateratako fitxategiak gorde nahi dituzun helbidea: - Mesedez, aukeratu edo idatzi ezazu VeraCrypt programaren fitxategiak instalatu nahi dituzun helbidea. Aukeratutako karpeta ez badago, automatikoki sortuko da. - Desinstalatu sakatu TueCrypt ordenagailutik kentzeko - Utzi - &Proba-Bankua - &Frogatu - Zifratutako bolumen bat sortu eta formateatu - Oraingo partizioa zifratu - Sortutako gakoak eratkutsi (beraien zatiak) - Multzoaren edukia erakutsi - CD/DVD -ak grabatzeko softwarea jaitsi - Fitxategiak edukitzeko zifratutako fitxategia sortu - &GB - &TB - Informazio gehiago - VeraCrypt-en &ezkututako bolumena - Ezkutuko bolumeni buruzko informazio gehiago - Modu Zuzena - Modu Normala - &KB - Gako-artxiboa &erabili - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - &Gako-artxiboa.. - Hash algoritmoei buruzko informazioa - Informazio gehiago - Information on PIM - &MB - Informazio gehiago - Sistemaren enkriptazioari buruzko Informazio gehiago - Informazio gehiago - Hasieraketa-Anitza - Sistemarena ez den partizio/diska zifratu/drive - &Ez gorde inoiz historia - Kanpoko liburukia ireki - &Eten - Use P&IM - Use PIM - Formatu Azkarra - &Pasahitza erakutsi - &Pasahitza erakutsi - &Display PIM - Hasieraketa-bakarra - VeraCrypt-en ohiko liburukia - &Izkutukoa - Normala - Sistemaren partizioa edo sistemaren disko osoa zifratu - Windows sistemaren partizioa zifratu - Disko osoa zifratu - VeraCrypt bolumenak sortzeko laguntzailea - Klusterra - GARRANTZITSUA: Xagua ahal duzun ausazkoen mugitu ezazu lehio honetan. Zenbat eta gehiago, hobeago. Honek zifratzeko gakoen asko indartzen du. 'Hurrengoa' botoia sakatu jarraitzeko. - &Baieztatu: - Eginda - Drive letter: - Zifratzeko Algoritmoa - Fitxategi Sistema - Fitxategi batean zifratutako disko birtuala sortzen du. Esperientziarik gabeko erabiltzaileentzako gomendatua. - Aukerak - Hash Algoritmoa - Goiburuaren Gakoa: - Ezkerra - Gako Nagusia: - Aukera hau hautatu ordenagailu honetan sistema eragile bi edo gehiago badaude.\n\nAdibidez:\n- Windows XP and Windows XP\n-Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X - Sistemakoa ez den partizioa edo edozein barruko edo kanpoko unitatea (ad. flash memoria gailua) zifratzen du. Aukeran, ezkutuko bolumena sortzen du. - Oraingo multzoaren edukina (zatia) - Sartu - Pasahitza: - Volume PIM: - Volume PIM: - Aurrerapena: - Ausazko taldea: - Aukera hau hautatu ordenagailu honetan sistema eragile bakarra badago (erabiltzaile anitzak badauzka ere). - Abiadura - Egoera - Gakoak eta beste datuak ondo sortu dira. Gako berriak sortu nahi badituzu, Atzera eta gero Hurrengoa sakatu itzazu. Bestela Hurrengoa sakatu jarraitzeko. - Windows instalatuta dagoen partizio edo unitatea zifratzen du. Sisteman sartu eta erabili nahi duen edonork; fitxategiak irakurri, idatzi, e.a.; pasahitz zuzena sartu beharko du Windows hasieratzen den bakoitzean. Aukeran, ezkutuko sistema ere sortzen du. - Aukera hau hautatu orain martxan dagoen Windows sistema eragilea instalatuta dagoen partizioa zifratzeko. - Volume Label in Windows: - Garbiketa modua: - Itxi - Hasieraketa aurreko kautotzea alde batera utzi Esc tekla sakatuz (hasieraketa kudeatzailea gaitzen du) - Ez egin ezer - &VeraCrypt bolumena (behean zehaztutakoa) automatikoki muntatu - &VeraCrypt Hasi - Liburutegia Auto-&Detektatu - &Hasieraketa aurreko kautotze pasahitza unitatearen memorian gorde (sistemakoak ez diren bolumenak muntatzeko) - Nabigatu... - Nabigatu... - Pasahitzak eta gako-fitxategiak memorian &Katxeatu - Muntatutako bolumenik ez dagoenean irten - &Agiri sesioa itxi (irten) bolumena ondo muntatu eta gero - Include VeraCrypt Volume Expander - VeraCrypt-en bolumenak sortzeko laguntzailea erantsi - Sortu - &Bolumena Sortu - &Ez erakutsi inolako testurik hasieraketa aurreko kautotze pantailan (beheko mezu pertsonala izan ezik) - Disable "Evil Maid" attack detection - AES zifratze/argitze prozesua azeleratu prozesadorearen AES instrukzioak erabiliz (baldin badaude). - Gako-fitxategiak erabili - Gako-fitxategiak erabili - &Irten - Gogoko bolumenen laguntza - Bolumena ez muntatu 'Gogoko Bolumenak Muntatu' &tekla berezia sakatzerakoan - Aukeratutako bolumena muntatu gailu &ostalaria konektatzerakoan - Aukeratutako bolumena &sesioa hasterakoan muntatu - Aukeratutako bolumena &irakurtzeko bakarrik muntatu - Aukeratutako bolumena &kendu daitekeen gailu bat bezala muntatu - &Behera Mugitu - &Gora Mugitu - Aukeratutako bolumena muntatzerakoan &exploratzailearen lehio batean ireki - &Kendu - Use favorite label as Explorer drive label - Aukera Globalak - Argibide bunbuiloa erakutsi tekla bereziarekin ondo desmuntatu eta gero - Sistemaren jakinarazpen soinua jarri tekla bereziarekin ondo desmuntatu eta gero - Alt - Ctrl - Shift - Win - Esleitu - Kendu - Gako-fitxategiak... - Ez erabili hurrengo prozesadore kopurua zifratu/argitzeko: - Informazio Gehiago - Informazio Gehiago - Aukera gehiago... - &Gailuak Auto-Muntatu - Muntaketa &aukerak... - Bolumenak &irakurtzeko bakarrik muntatu - Gako-fitxategiak... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Gaituta - Pasahitzak gorde gailuaren memorian - Bolumena auto-desmuntatu daturik ez bada idatzi/irakurri - Erabiltzailea saioa amaitzen du - User session locked - Energia aurrezteko moduan sartzen - Pantaila-babeslea martxan dago - Desmuntaketa eragin bolumenak irekitako fitxategi eta direktorioak dituen arren - Gailuetako VeraCrypt bolumen guztiak muntatu - VeraCrypt-en ezkutuko lana hasi - Bolumenak &irakurtzeko bakarrik muntatu - Bolumenak kendu daitezkeen gailuak bezala muntatu - Explorer-aren lehioa ireki muntatutako bolumenentzako - Temporary Cache password during "Mount Favorite Volumes" operations - Ataza-barra ikono ezberdin bat erabili muntatutako bolumenak badaude - Gordetako pasahitzak ezabatu automatikoki desmuntatzerakoan - Gordetako pasahitzak ezabatu irtetzerakoan - Fitxategi-ontzietako aldatze data mantendu - Ezabatu - &Gailua aukeratu... - &Fitxategia aukeratu... - &Liburutegia aukeratu... - Pasahitza erakutsi - Pasahitza erakutsi - Muntatutako Bolumenak &Explorer-aren lehioak ireki - Pasahitza &gorde diskaren memorian - TrueCrypt Mode - &Guztiak desmuntatu - &Bolumenaren ezaugarriak... - Bolumenaren &Tresnak... - &Memoria ezabatu - VeraCrypt - Mount Parameters - VeraCrypt - Gogoko Bolumenak - VeraCrypt - Sistema osoaren tekla bereziak - VeraCrypt - Pasahitza edo gako-fitxategiak aldatu - VeraCrypt Bolumenaren Pasahitza - VeraCrypt - Errendimenduaren Aukerak - VeraCrypt - Lehentasunak - VeraCrypt - Sistemaren Zifraketaren Aukerak - VeraCrypt - Sekurtasun Agiriaren Lehentasunak - VeraCrypt Diska Bidaiariaren Konfigurazioa - VeraCrypt bolumenaren ezaugarriak - TrueCryp-i buruz... - Bolumenatik gako-fitxategiak Gehitu/Kendu... - Muntatutako Bolumena Gogokoetara Gehitu... - >Muntatutako Bolumena Sistemaren Gogokoetara Gehitu... - Sistemaren Errorea Aztertu... - Bolumenaren goiburuaren segurtasun-kopia egin... - Proba-bankua... - Goiburuaren Gakoa Ondorioztatzeko Algoritmoa Jarri... - Bolumenaren pasahitza aldatu... - Goiburuaren Gakoa Ondorioztatzeko Algoritmoa Jarri... - Pasahitza aldatu... - Bolumenen historioa ezabatu - Sekurtasun Agiriko Saio Guztiak Itxi - Kontaktatu... - Ezkututako sistema eragilea sortu... - Salbatze diska sortu... - Bolumen berria sortu... - Permanently Decrypt... - Lehenetsitako gako-fitxategiak... - Default Mount Parameters... - Orain eman... - Sistemaren partizioa/diska zifratu... - Maiz egindako galderak - Erabiltzailearen Gida - &Horri Nagusia - Tekla Bereziak... - Gako-Fitxategi sortzailea - Hizkuntza... - Lege Oharrak - Sekurtasun Agiri Gako-Fitxategiak Kudeatu... - Gailuetako Bolumen Guztiak Automuntatu - Gogoko bolumenak muntatu - Hasieraketa Aurreko &Kautotzerik Gabe Muntatu Mount... - Bolumena muntatu - Bolumena aukerekin muntatu - Berriak - Laguntza interneten - Hasiberrientazko erakustaldia - Gogoko Bolumenak Sailkatu... - Sistemaren Gogoko Bolumenak Sailkatu... - Errendimendua... - Partizioa/Diska betirako argitu - Lehentasunak... - Disken letrak eguneratu - Gako-fitxategi guztiak bolumenatik ezabatu... - Bolumenaren goiburua leheneratu... - Etendako prozesua jarraitu - Gailua aukeratu... - Fitxategia aukeratu... - Etendako prozesua jarraitu - Sistema zifratu... - Ezaugarriak... - Aukerak... - Sistemaren bolumen Gogokoak... - Deskargak - Bektoreak frogatu... - Sekurtasun Agiriak... - Diska Bidaiariaren Configurazioa... - Muntatutako bolumen guztiak desmuntatu - Bolumena desmuntatu - Salbatze diska egiaztatu - Verify Rescue Disk ISO Image - Bertsioen Historia - Volume Expander - Bolumenaren ezaugarriak - Bolumenak sortzeko laguntzailea - VeraCrypt-en web orria - Gordetako pasahitzak ezabatu - Ados - Hardwaren Bidezko Azelerazioa - Lasterbidea - AutoRun-aren Konfigurazioa (autorun.inf) - Auto-Desmuntatu - Hauetan guztia desmuntatu: - Hasieraketa kargatzailearen pantailako aurkerak - Pasahitza berretsi: - Oraingoa - Mezu hau hasieraketa aurreko kautotze pantailan erakutsi (24 karaktere gehienez): - Lehenetsitako muntaketa aukerak - Tekla berezien aukerak - Driver Configuration - Enable extended disk control codes support - Aukeratutako gogoko bolumenaren etiketa: - Fitxategien aukerak - Esleitzeko Gakoa: - Ordenagailu honetako prozesadoreak (CPU-ak) AES algoritmoa hardware bidez azelerazea onartzen du: - Windowsen sartzean egiteko zereginak - - minutu - Bolumena muntatu diska letra honekin: - Muntaketaren Aukerak - Berria - Pasahitza: - Prozesuetan Oinarritutako Paralelizazioa - PKCS #11 Liburutegiaren Helbidea - PKCS-5 PRF: - PKCS-5 PRF: - Pasahitzen Memoria - Sekurtasun Aukerak - VeraCrypt Ezkutuko Lana - Muntatzeko VeraCrypt bolumena (gailu eramangarriaren jatorritik): - Gailu eramangarria sartzerakoan: - Gailu eramangarriaren fitxategiak hemen sortu (gailu eramangarriaren jatorria): - Bolumena - Windows - &Helbidea gehitu... - &Guztia automatikoki frogatu - &Jarraitu - &Argitu - &Ezabatu - &Zifratu - &Esportatu... - Gako-fitxategia sortu eta gorde Generate and Save Keyfile... - &Ausazko gako-fitxategia sortu... - Hizkuntza paketea jaitsi - Hardware Bidez Azeleratutako AESa: - Gako-fitxategia agiri batera &inportatu... - Fitxategiak &Gehitu... - &Gako-fitxategiak Erabili - &Gako-Fitxategiak... - &Kendu - &Dena Kendu - Zer da ezkutuko bolumenaren babesa? - Gako-fitxategiei buruzko informazio gehiago - Bolumena muntatu gailu &mugikor bat bezela - Partizioa &sistemaren zifraketa erabiltzen muntatu hasieraketa aurreko kautotzerik gabe - Paralelizazioa: - Proba-bankua - &Inprimatu - &Ezkutuko bolumena kanpoko bolumenean idazteak eragin dezakeen kaltearen kontra babestu - &Ezabatu - &Pasahitza erakutsi - &Artxibo agiriak gehitu... - Bolumenean goiburuaren integratutako &babeskopia badago, erabili - XTS modua - - VeraCrypt-i buruz - VeraCrypt - Zifratzeko Algoritmoaren Proba-Bankua - VeraCrypt - Bektoreak Frogatu - Komandoko Laguntza - VeraCrypt - Gako-fitxategiak - VeraCrypt - Gako-fitxategi Sortzailea - VeraCrypt - Hizkuntza - VeraCrypt - Muntaketa Aukerak - Sekurtasun Agiri Gako-fitxategiaren Ezaugarriak - VeraCrypt - Ausazko Multzoaren Aberasketa - Partizio edo Gailu Bat Aukeratu - VeraCrypt - Sekurtasun Agiri Gako-fitxategiak - Sekurtasun Agiriaren pasahitza/PIN-a behar da - Hizkuntza Pakete Aktiboa - Abiaduran CPU-aren karga eta gailuaren ezaugarriak eragina daukate.\n\nProba hauek RAM-ean egiten dira. - Bufferaren Tamaina: - Zifratu: - &Ezkutuko bolumenarentzako pasahitza:\n(hutsik badago, gordetakoa erabiliko da) - Ezkutuko Bolumenaren Babesa - Gakoaren Tamaina: - GARRANTZITSUA: Zure xagua ahalik eta ausazkoen mugitu ezazu lehio honen barruan. Zenbat eta gehiago, hobeto. Honek gako-fitxategiaren indar kriptografikoa handitzen du. - KONTUZ: Gako-fitxategi bat galtzen baduzu edo lehenengo 1024 kilobytetako bit bat aldatzen bada, ezinezkoa izango da gako-fitxategi hori erabiltzen duten bolumenak muntatzea! - bit-ak - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Hauek Izulita: - Testu Arruntako tamaina: - bit-ak - Oraingo multzoaren edukiera - PRF nahasten: - GARRANTZITSUA: Zure xagua ahalik eta ausazkoen mugitu ezazu lehio honen barruan. Zenbat eta gehiago, hobeto. Honek sekurtasuna asko handitzen du. Egindakoan 'Jarraitu' sakatu. - Bigarren Mailako Gakoa (hamaseitarra) - Sekurtasun agiria: - Sailkatze Modua: - Mesedez itxaron. Prozesu honek denbora asko iraun dezake... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Blokearen Zenbakia: - Zifratutako Testua (hamaseitarra) - Datu unitatearen zenbakia (64-bit hamaseitar, datu unitatearen tamaina 512 byte-takoa da) - Gakoa (hamaseitarra) - Testu arrunta (hamaseitarra) - Gako-fitxategiaren izena: - XTS modua - &Sistema - &Bolumenak - &Gogokoak - &Tresnak - &Aukerak - &Laguntza - &Orri Nagusia - - &VeraCrypt-i buruz... - Zure bolumen zaharraren irakurri-bakarrik atributua ezin izan da aldatu. Mesedez egiaztatu itzazu fitxategiaren baimenak. - Errorea: Sarbidea ukatuta.\n\nSatzen saiatzen ari zaren partizioak 0 sektoreko luzeera dauka edo hasieraketa gailua da - Administratzailea - TrueCryp-en kontrolatzailea kargatzeko administratzaile baimeneko kontu batekin saioa izan behar duzu. - Kontutan izan ezazu partizio/gailu bat enkriptatzeko/formateatzeko administratzaile baimeneko kontu batekin saioa izan behar duzula.\n\nHau ez da beharrezkoa fitxategi barneko bolumenentzako. - Ezkutuko bolumena sortzeko administratzaile baimeneko kontu batekin saioa izan behar duzu.\n\nJarraitu? - Ohartu zaitez bolumena NTFS moduan formateatu nahi baduzu administratzaile bezela sesioa zian behar duzula.\n\nAdministratzaile baimenik ez baduzu bolumenari FAT formatua eman diezaiokezu. - FIPS onartutako zifraketa (Rijndael, 1998ean argitaratua). E.B. gobernuko departamentu eta agentziek erabili dezakete informazio sekretua babesteko Top Secret mailara arte. 256 biteko gakoa, 128 biteko blokea, 14 saio. XTS moduan lan egiten du. - Bolumena dagoeneko muntatuta dago. - KONTUZ: Gutxienez enkriptazio edo laburpen algoritmo bat huts egin du auto-konprobaketa automatikoa egiterakoan!\n\nVeraCrypt-en instalazioa hondatuta egon daiteke. - KONTUZ: Ausazko Zenbaki Sortzailearen multzoan ez daude datu nahikoak eskatutako auskazko datuak ekoizteko.\n\nEz zenuke aurrera egin behar. Mesedez, 'Akats baten berri eman' aukeratu ezazu 'Laguntza' menuan eta akats honen berri eman ezazu. - Unitatea hondatuta dago (arazo fisiko bat dauka) edo kablea hondatuta dago, edo memoria ez dabil ondo.\n\nOhartu zaitez hau zure hardwarearen arazoa dela, ez TrueCryp-ena. Hortaz, mesedez EZ iezaiozu akats honen berri eman TrueCryp-i eta EZ ezazu laguntza eskatu VeraCrypt foroetan. Mesedez, zure ordenagailuaren saltzailearen laguntza-zerbitzuarekin harremanetan jarri zaitez konpontzeko. Mila esker.\n\nOharra: errorea toki berdinean behin eta berriro agertzen bada, zihurenik diskoaren bloke bat hondatuta dago. Hau batzuetan hirugarren batek egindako softwarea erabiltzen konpondu daiteke (ohartu zaitez, kasu askotan, 'chkdsk /r' comandoak ezin duela akatsa zuzendu fitxategi-sistema mailan bakarrik lan egiten duelako; kasu batzuetan, 'chkdsk' ez du ezta errorea detektatzen). - Gailu eramangarri batera sartzen ari bazara, zirutatu zaitez gailua ondo konektatuta dagoela. Unitatea/gailua hondatuta egon daiteke (akats fisiko bat izan dezake), kablea era hondatuta edo konektatu gabe egon daiteke. - Zure sitema erabiltzen ari den kontrolatzaile pertsonalizatu batek sistema osoko zifraketa eragozten duen akats bat duela dirudi.\n\nMesedez saia zaitez desinstalatzen edo eguneratzen edozen pertsonalizatriko kontrolatzaileak (Microsoft-enak ez direnak) jarraitu aurretik. Honek ez badu konpontzen, saia zaitez sistemaren partizioa bakarrik zifratzen. - Baliogabeko disko letra. - Baliogabeko Helbidea. - Utzi - Gailua ezin da erabili. Zihurta zaitez gailua esistitzen dela eta sistemak ez dagoela erabiltzen. - Kontuz: Blok Maius piztuta dago. Honek pasahitza gaizki sartzea eragin dezake. - Bolumen Mota - Gerta liteke norbaitek zifratutako bolumen baten pasahitza ematera behartzea. Badaude egoera asko pasahitza sekretuan mantendu ezin duzunetan (adibidez,txantaila batengatik). Ezkutuko bolumen deritzon bat erabiltzeak egoera horietatik pasahitzik erabili gabe irteteko balio du. - Aukera hau hautatu ezazu VeraCrypt bolumen normala sortu nahi baduzu. - Kontutan izan ezazu ezkutuko partizioan dagoen bolumenean sistema eragile bat instalatu nahi baldin baduzu, orduan sistemaren unitate osoa ezingo dela zifratu gako bakarra erabiliz. - Kanpoko Bolumena Zifratzeko Aukerak - Ezkutuko Bolumena Zifratzeko Aukerak - Zifratzeko Aukerak - KONTUZ: Aukeratutako bolumenaren/gako-fitxategiaren helbidea ezabatzean huts egin du (fitxategi-aukeratzaileak gogoratuko du)! - Errorea: Edukiontzia fitxategi sismtema mailean konprimatuta dago. VeraCrypt ez ditu onartzen konprimatutatutako edukiontziak (ohartu zaitez zifratutako datuak konprimatzea erredundantea eta baliogabekoa dela).\n\nMesedez, edukiontziaren konprimazioa desgaitu hurrengo hurratsak jarraituz:\n1) Eskubiko botoiarekin edukiontzian klik egin Windows Exporer-ean (ez VeraCrypt-en).\n2)'Ezaugarriak' hautatu.\n3)'Ezaugarriak' elkarriztekta-koadroan, 'Aurreratuak' aukeratu.\n4)'Atributu aurreratuak' elkarriztekta-koadroan 'Edukiak Konprimatu diskan lekua aurrezteko' aukera desgatu eta gero 'Ados' sakatu.\n5)'Ezaugarriak' elkarriztekta-koadroan, 'Ados' sakatu. - Ezin izan da %s bolumena sortu - %s-ren tamaina %.2f byteekoa da - %s-ren tamaina %.2f KB-ekoa da - %s-ren tamaina %.2f MB-ekoa da - %s-ren tamaina %.2f GB-ekoa da - %s-ren tamaina %.2f TB-ekoa da - %s-ren tamaina %.2f PB-ekoa da - KONTUZ: Sistemak edo aplikazioek gailua/partizioa erabiltzen ari dira. Gailua/partizioa formatatzea datuen hondatzea eta sistemaren ezegonkortasuna sortu dezake.\n\nJarraitu? - KONTUZ: Sistema eragileak edo aplikazioek partizioa erabiltzen ari dira. Partizioa erabiltzen egon daitezken aplikazio guztiak itxi behar dituzu (software antibirusa barne).\n\nJarraitu? - Errorea: Partizioak/gailuak dismuntatu ezin daitekeen fitxategi sistema dauka. Sistema eragileak fitxategi sistema erabiltzen ari daiteke. Partizioa/gailua formatatzea ziurenik datuak hondatuko ditu eta sistemaren desegonkortasuna sortuko du.\n\nArazo hau konpontzeko formatatu gabe partizioa ezabatu eta berriz sortzeko gomendatzen dugu. Hau egiteko hurrengo pausoak jarraitu:\n1)Eskubiko-klik egin ezazu 'PC' (edo 'Nire PC') ikonoan 'Hasiera Menu'-an, gero 'Kudeatu' aukeratu. 'Ordenagailuaren Kudeaketa' lehioa agertu beharko liteke.\n2)'Ordenagailuaren Kudeaketa' lehioan, 'Bilketa'>'Diskoen Kudeaketa' aukeratu.\n3)Eskubiko-klik egin ezazu zifratu nahi duzun partizioan eta ondorengo aukera bat hautatu: 'Partizioa ezabatu', 'Bolumena Ezabatu' edo 'Unitate Logikoa Ezabatu'.\n4) 'Bai' sakatu. Windows-ek berrabiatzeko eskatzen badizu, hori egin. Gero 1 eta 2 pausuak berriro egin eta 5.arekin jarraitu.\n5)Eskubiko-clik esleitu gabeko/hutsik dagoen eremuan eta honako bat aukeratu: ' Partizio Berria', 'Bolumen Sinple Berria' ero 'Disko Logiko Berria'.\n6)'Partizio Berria Laguntzailea' edo 'Bolumen Sinple Berria Laguntzailea'-ren lehioa ireki beharko liteke; bere aginduak jarraitu itzazu. Laguntzailearen 'Partizioa Formatatu' lehioan, 'Partizioa Hau ez Formatatu' edo 'Bolumen hau ez Formatatu' aukeratu. Gero, laguntzaile horretan, 'Hurrengoa' sakatu eta gero 'Bukatu'. \n7) Ohartu zaitez VeraCrypt-en hautatu duzun unitatearen helbidea oker egon daitekeela orain. Hortaz, VeraCrypt Bolumenak Sortzeko Laguntzailetik atera zaitez (oraindik martxan badago) eta berriro ireki ezazu.\n8)Partizioa/Gailua berriro zifratzen saiatu zaitez\n\nVeraCrypt-ek behin eta berriro huts egiten badu gailua/partizioa enkriptatzerakoan, agian horren ordez fitxategi-edukiontzia izan dezakezu. - Errorea: Fitxategi sistema ezin izan da blokeatu/desmuntatu. Agian sistema eragilea edo beste aplikazioren bat (adibidez, antibirusa) erabiltzen ari da.Partizioa zifratzea datuak hondatu eta sistemaren ezegonkortasuna sortu dezake.\n\nMesedez, fitxategi sistema erabiltzen ari daitezkeen aplikazioak itxi itzazu (antibirusa barne) eta berriro saiatu. Honek ez badu laguntzen, behean dauden pausuak jarraitu itzazu.. - KONTUZ: Muntatutako gailu/partizio batzuk erabiltzen ari ziren!\n\nHau kontutan ez hartzeak nahi ez diren ondorioak ekar diztake, sistemaren ezegonkortasuna barne.\n\nGailuak/partizioak erabiltzen ari den edozein programa istea gogor gomendatzen dugu. - Aukeratu duzun gailua partizioak dauzka.\n\nGailua formatatzea sistemaren ezegonkortasuna eta datuen hondatzea sortu dezake. Mesedez, aukeratu gailuaren partizio bat, edo gailuaren partizio guztiak ezabatu VeraCrypt-ek arazorik gabe formatatu dezan. - Aukeratutako sistemarena ez den gailua partizioak dauzka.\n\nGailuan egindako VeraCrypt bolumen zifratuak partizioak ez dauzkaten gailuetan egin daitezke (disko gogorrak eta egoera-solidoko diskak barne). Partizioak dauzkan gailu bat guztiz 'bertan' enkriptatzeko dagoen modu bakarra (gako nagusi bakarra erabiliz) horretan Windows instalatuta badago eta bertatik hasieratzen bada.\n\nSistemakoa ez den gailu hori gako nagusi bakarrarekin zifratu nahi baduzu, lehendabizi bertan dauden partizio guztiak ezabatu beharko dituzu VeraCrypt-ek arazorik gabe formatatu dezan (partizioak dauzkan gailue formatatzea sistemaren ezegonkortasuna eta datuen galera sortu dezake). Alternatiboki, partizio bakoitza banaka zifratu dezakezu (partizio bakoitza gako nagusi ezberdin batekin zifratuko da).\n\nOharra: GPT disko batetik partizio guztiak kendu nahi badituzu, agian MBR diska motara bihurtu beharko duzu (adibidez, Computer Management tresna erabiliz) ezkutuko partizioak ezabatu ahal izateko. - Kontuz: Gailu osoa zifratzen baduzu (bertan dagoen partizio bat zifratu ordez), sistema eragileak gailua berritzat artuko du, hutsik eta formaturik gabe (partizio taularik izango ez duelako) eta izan daiteke gailua hasieratzen hastea (edo hori egiteko galdetuko dizu), horrek bolumena hondatu dezake. Horretaz gain, ez da posible izango modu iraunkor batean bolumena gogoko bezala muntatu (hau da, unitatearen zenbakia aldatzen denean) edo gogoko bolumenaen etiketa jarri.\n\nHori eragozteko, partizio bat sortu eta partizio hori zifratzeko aukera kontutan hartu dezakezu.\n\nZiur zaude gailu osoa zifratu nahi duzula? - GARRANTZITSUA: Gogoratu ezazu bolumen hau ezin dela muntatu/atzitu %c: unitate letra erabiliz dagoeneko eslaituta daukalako!\n\nBolumen hau muntatzeko, 'Gailuak Auto-Muntatu' sakatu ezazu VeraCrypt-en lehio nagusian (alternatiboku, VeraCrypt-en lehio nagusian, 'Gailua Aukeratu' sakatu, gero partizio/gailu hau aukeratu eta, bukatzeko, 'Muntatu' sakatu). Bolumena unitate letra ezberdin batera muntatuko da, zein zuk aukeratu dezakezun VeraCrypt-lehio nagusian dagoen zerrendatik.\n\n%c: unitate letra originala partizioari/gailuari zifraketa kendu nahi badiozu bakarrik erabili behar da (adibidiez: ez baduzu zifraketa behar). Kasu horretan, eskubiko klik egin ezazu %c: unitate letran 'Ordenagailua' (edo 'Nire Ordenagailua') zerrendan eta 'Formatatu' aukeratu. Bestela, %c: unitate letra ez litzateke inoiz erabili behar (kentzen ez duzun bitartean, VeraCrypt-en FAQ-etan deskribatuta dagoen bezala, eta beste partizio/gailu bati esleitzen badiozu). - Sistemarenak ez diren bolumenak ezin dira "bertan" zifratu erabiltzen ari zaren sistema eragilearen bertsioak onartzen ez duelako (Windows Vista eta geroagoko Windowsen bertsioetan bakarrik dago onartuta).\n\nWindowsen bertsio honek fitxategi sistema baten txikiagotzea onartzen ez duelako gertatzen da hau (fitxategi sistema txikiagotu egin behar da bolumenaren gohiburu eta goiburuaren babeskopiarentzako tokia egiteko). - Aukeratutako partizioa ez dirudi NTFS fitxategi sistema duenik. Bakarrik NTFS fitxategi sistema daukaten partizioak 'bertan' zifratu daitezke.\n\nOharra: Windowsek ez du beste fitxategi sistemak uzkurtzen uzten (fitxategi sistema bolumenaren goiburuarentzat eta babeskopiarako goiburuarentzat tokia egiteko uzkurtu behar da). - Aukeratutako partizioa ez dirudi NTFS fitxategi sistema duenik. NTFS fitxategi sistema duten partizioak bakarrik erabili daitezke "bertan" zifratzeko.\n\nPartizio horretan zifratutako VeraCrypt bolumen bat sortu nahi baduzu, "Zifratutako Bolumena Sortu eta Formatatu" aukera hautatu ezazu (Partizioa 'Bertan' Zifratu" aukeraren ordez). - Errorea: Partizioa txikiegia da. VeraCrypt-ek ezin du "bertan" zifraketa egin. - Partizio honen datuak zifratzeko, jarraitu itzazu pauso hauek:\n\n1) Hutsik dagoen partizio/gailu batean VeraCrypt bolumen bat sortu eta muntatu.\n\n2) Zifratu nahi duzun partizioko fitxategi guztiak muntatutako TrueCryp bolumenean kopiatu itzazu (lehendabiziko pausoan sortu eta muntatu dena). Modu honetan VeraCrypt-ekin zifratutako datuen babeskopia sortuko duzu.\n\n3)Zifratu nahi duzun partizioan VeraCrypt bolumen bat sortu eta ziurtatu zaitez (VeraCrypt-en laguntzailean) "Zifatutako bolumen bat sortu eta formatatu" aukera hautatzen duzula (ez "Partizioa 'bertan' zifratu"). Ohartu zaitez partizioan dauden datu guztiak ezabatuko direla. Bolumena sortu eta gero muntatu ezazu.\n\n4) Babeskopiako VeraCrypt bolumenean (lehendabiziko pausoan sortutakoa) dauden fitxategi guztiak 3. pausoan sortutako (eta muntatutako) VeraCrypt bolumenera kopiatu itzazu.\n\nPauso hauek bukatu eta gero datuak zifratuta egongo dira eta, gainera, hauen babeskopia zifratu bat egongo da. - VeraCrypt-ek bakarrik partizio bat, bolumen dinamiko bat edo sistemaren unitate osoa "bertan" zifratu dezake.\n\nSistemakoa ez den aukeratutako gailuan zifratutako VeraCrypt bolumen bat sortu nahi baduzu, "Zifratutako bolumen bat sortu eta formatatu" aukera hautatu ("Partizioa 'bertan' zifratu" aukera hautatu ordez). - Errorea: VeraCryptek bakarrik partizio oso bat, bolumen dinamiko bat edo sistemaren unitate osoa 'bertan' moduan zifratu dezake. Mesedez, ziurta zaitez aukeratutako helbidea zuzena dela. - Errorea: Ezin izan da fitxategi sistema txikiagotu (fitxategi sistema txikiagotu behar da bolumenaren goiburu eta goiburuaren babeskopiarako tokia egiteko).\n\nIzan daitezken zergatiak eta konponbideak:\n\nBolumenean ez dago toki huts nahikoa. Ziurta zaitez fitxategi sisteman idazten duen beste aplikaziorik ez dagoela.\n\n- Kaltetutako fitxategi sistema. Egiaztatzen eta konpontzen saiatu zaitez ('Ordenagailua' zerrendan dagokion unitate letran eskubiko clik egin, Ezaugarriak > Tresnak > 'Orain Egiaztatu' hautatu, ziurta zaitez 'Fitxategi sistemaren erroreak automatikoki konpondu' aukera hautatuta dagoela, eta 'Hasi' sakatu).\n\nGoiko pausoek ez badute lagundu, beheko pausoak jarraitu itzazu. - Errorea: bolumenean ez dago beharrezkoa den leku librea eta fitxategi sistema ezin da txikiagotu (fitxategi sistema txikiagotu behar da bolumenaren goiburu eta goiburuaren babeskopiarako tokia egiteko).\n\nMesedez, bikoiztuta dauden fitxategiak ezabatu eta zakarrotzia hustu gutxienez 256KB eko toki libre uzteko eta berriz saiatu. Ohartu zaitez Windowsen arazo batengatik Windows Expolerrek adierazten duen duen leku librea oker egon daiteke sistema berrabiatu arte. Berrabiatzeak ez badu laguntzen, fitxategi sistema oker egon daiteke. Erroreak bilatu eta konpontzen saiatu zaitez ('Ordenagailua' zerrendan dagokion unitate letran eskubiko clik egin, Ezaugarriak > Tresnak > 'Orain Egiaztatu' hautatu, ziurta zaitez 'Fitxategi sistemaren erroreak automatikoki konpondu' aukera hautatuta dagoela, eta 'Hasi' sakatu).\n\nGoiko pausoek ez badute lagundu, beheko pausoak jarraitu itzazu. - %s unitatean %.2f byte libre daude. - %s unitatean%.2f KB libre daude. - %s unitatean%.2f MB libre daude. - %s unitatean%.2f GB libre daude. - %s unitatean%.2f TB libre daude. - %s unitatean%.2f PB libre daude. - Ezin izan dira erabili gabeko unitate letrak aurkitu. - Errorea: VeraCryptCrypt-en kontrolatzailea ez da aurkitu.\n\nMesedez 'veracrypt.sys' eta 'veracrypt-x64.sys' fitxategiak VeraCrypt-en programa nagusia (VeraCrypt.exe) dagoen tokira kopiatu itzazu. - Errorea: Onartzen ez den VeraCrypt kontrolatzailearen bertsoio bat martxan dago.\n\nVeraCrypt modu eramangarrian erabiltzen saiatzen ari bazara (hau da, instalatu gabe) eta dagoeneko VeraCrypt-en bertsio bat instalatuta dago, lehendabizi hura desinstalatu behar duzu (edo VeraCrypt instalatzailea erabiliz eguneratu). Desinstalatzeko, ondorengo pausoak jarraitu itzazu: Windows Vista eta gerokoetan, 'Hasiera' menua aukeratu > Ordenagailua > 'Pograma aldatu edo desinstalatu' > VeraCrypt > Desinstalatu; Windows XP-n 'Hasiera' menua aukeratu > Aukerak > 'Kontrol Panela' > 'Programak Gehitu edo Kendu' > VeraCrypt > Kendu.\n\nAntzekotasunez, VeraCrypt modu eramangarrian erabiltzen saiatzen ari bazara (hau da, instalatu gabe) eta VeraCrypt-en bertsio ezberdin bat dagoeneko modu eramangarrian martxan baldin badago, lehendabizi sistema berrabiatu beharko duzu eta ondoren bertsio berria bakarrik abiatu. - Errorea: Zifraketaren hasieraketak huts egin du. - Errorea: Gako ahul edo potentzialki ahula detektatu da. Gakoa alde batera utziko da. Mesedez, berrio sailatu. - Errore kritikoa gertatu da eta VeraCrypt itxi behar da. Hau VeraCryptek daukan akats bat sortu badu, konpontzea gustatuko litzaiguke. Gu laguntzeko automatikoki sortu den errore txostena bidali diezagukezu honako datuekin:\n\n- Programaren bertsioa\n- Sistema eragilearen bertsioa\n- PUZ mota\n- TrueCryp osagaiaren izena\n- TrueCryp exekutagarriaren egiaztapen batura\n - Lehioaren izen sinbolikoa\n- Errore kategoria\n- Errorearen helbidea\n- VeraCrypt-en dei pila\n\n'Bai' aukeratzen baduzu, hurrengo URLa (errore txosten osoa daukana) zure lehenetsitako Internet nabigatzailean irekiko da.\n\n%hs\n\nGoiko errore txostena bidali nahi al diguzu? - Zure sisteman errore kritikoa gertatu da eta VeraCrypt itxi egingo da.\n\nOhartu zaitez errore hau ez duela VeraCrypt-ek eragin (beraz, VeraCrypt-en garatzaileek ezin dute konpundu). Mesedez, zure sistema arakatu ezazu arazoen bila (adib.: sistemaren konfigurazioa, sarearen konexioa, gaizki dabiltzan euskarri fisikoak). - Errore kritikoa gertatu da zure sisteman, horregatik VeraCrypt itxi egingo da.\n\nErrore hau behin eta berriro gertatzen bada, arazo hau sortzen ari daitezken programak ezgaitzen edo desinstalatzen saiatu zaitezke, adibidez, antibirusak edo Interneterako segurtasun programak, "hobetzaileak", "optimizatzaileak" e.a. Hau laguntzen ez badu, sistema eragilea berrinstalatzen saiatu zaitez (batzutan malwareak ere sortu dezake arazo hau). - VeraCrypt-en Errore Kritikoa - VeraCrypt-ek sistema eragileak errore kritiko bat izan duela detektatu du. Arrazoi asko egon daitezke sistemaren errore honen atzetik (adibidez, hardware gailu baten errorea, gailu kontrolatzaile baten akats bat e.a.)\n\nVeraCrypt-ek akats horren sortzaile izan den ala ez konprobatzea nahi al duzu? - VeraCrypt-ek sistemaren errore kritikoak detektatzen jarraitzea nahi al duzu? - VeraCrypt-ek ez du errore kritikoaren miniiraulketa fitxategia aurkitu. - Windows-en errore kritikoaren irauketa fitxategia ezabatu nahi al duzu diskoan tokia egiteko? - Sistemaren errore kritikoa aztertu baino lehen VeraCrypt-ek Microsoft Debugging Tools for Windows instalatu behar du.\n\nAdos sakatu ondoren, Windowsen instalatzaileak Microsoft Debugging Tools deskargatzen hasiko da (16 MB) Mircrosoft-en serbitzari batetik eta, ondoren, instalatuko du (Windows instalatzailea beti eskuragarri izateko, Microsoftek instalatze paketearen helbidea aldatzen badu ere, Microsoft serbitzariaren helbidea veracrypt.org serbitzaritik lortuko da).. - Ados sakatu eta gero, VeraCrypt-ek sistemaren errore kritikoa aztertuko du. Honek minutu batzuk eman diztake. - Mesedez, ziurtatu zaitez 'PATH' inguruneko aldagaiak 'kd.exe' (Kernel Debugger) programaren helbidea daukala. - Dirudienez VeraCrypt-ek ez du sistemaren errorea eragin. Sistemak arazo askorengatik errore kritiko bat izan dezake (adibidez, hardware gailu baten akats batengatik, gailu kontrolagailu baten akats batengatik,...) - Analisiaren emaitzak esaten dute arazo hau konpondu dezakezula hondorengo kudeatzailea eguneratzen baduzu: - VeraCrypt-en akats bat dagoen jakiten laguntzeko, automatikoki ondorengo datuak dituen errorearen txosten bat bidali diezagukezu:\n- Programaren bertsioa\n- Sistema eragilearen bertsioa\n- CPU mota\n- Errorearen maila\n- Kontrolatzailearen izena eta bertsioa\n- Sistemaren dei pila\n\n'Bai' aukeratzen baduzu, ondorengo helbidea (zeinek errorearen txosten osoa daukan) zure lehenetsitako Internet nabigatzailean irekiko da. - Goiko erroreari buruzko txostena bidali nahi diguzu? - &Zifratu - &Argitu - &Betirako Argitu - Irten - Mesedez, unitate logiko bat sortu ezazu hedadutako partizio honentzat, gero berriro saiatu zaitez. - VeraCrypt bolumen bat fitxategi baten barruan (VeraCrypt edukiontzia deritzona) ostatu daiteke, hau disko gogor batean, USB memoria gailu batean e.a-etan ostatu daiteke. VeraCrypt edukiontzi bat beste edozein fitxategi bezalakoa da (hau da, beste edozein fitxategi bat bezala mugitu eta ezabatu daiteke). 'Fitxategia Aukeratu' klikatu edukiontziaren izena eta non sortuko den hautatzeko.\n\nKONTUZ: Dagoeneko existitzen den fitxategi bat aukeratzen baduzu, VeraCrypt-ek ez du zifratuko; fitxategia ezabatu egingo da eta horren ordez VeraCrypt edukiontzia jarriko da. Geroago, existitzen diren fitxategiak zifratu ahal zango dituzu sortzen ari zaren VeraCrypt edukiontzira mugituz. - Hautatu ezazu kanpoko bolumena sortuko den tokia (bolumen honen barruan ezkutuko bolumena sortuko da).\n\nVeraCrypt bolumena fitxategi baten barruan egon daiteke (VeraCrypt edukiontzia deritziona), hau disko gogor edo USB flash gailu baten barruan egon daiteke. VeraCrypt edukiontzi bat beste edozein fitxategi bat bezale mugitu eta ezabatu daiteke. 'Fitxategia Aukeratu' klikatu edukiontzi fitxategiaren izena eta sortuko den tokia aukeratzeko. Dagoeneko existitzen den fitxategi bat aukeratzen baduzu, VeraCrypt-ek ez du zifratuko; ezabatu eta horren ordez sortzten ari zaren edukiontzia sortuko da. Geroago, existitzen diren fitxategiak zifratu ahal zango dituzu sortzen ari zaren VeraCrypt edukiontzira mugituz. - >Gailu baten barruko VeraCrypt bolumena disko gogor baten partizioan, egoera solidoko unitate, USB memoria gailu eta beste edozein biltegi bateragarrian sortu daiteke. Partizioak 'bertan' ere zifratu daitezke.\n\nGainera zifratutako gailu-barruko VeraCrypt bolumenak partiziorik gabeko gailuetan sortu daitezke (disko gogorrak eta egoera solidoko unitateak barne).\n\nOharra: Partizioak dauzkan gailu bat 'bertan' zifratzeko (gako bakarra erabiliz), Windows instalatuta dagoen unitatea eta bertan hasieratzen den tokia izan behar du. - Gailu-barruko VeraCrypt bolumenak disko gogor baten partizioan, egoera solidoko unitate, USB memoria gailu edo beste edozein biltegitan sortu daiteke.\n\nKONTUZ: Ohartu zaitez partizioa/gailua formatatuko dela eta bertan dagoen datu guztiak galdu egingo direla. - \nAukeratu ezazu kanpoko bolumena sortzeko tokiaren helbidea (geroago, bolumen honetan ezkutuko bolumena sortuko da).\n\nKanpoko bolumenak disko gogorretako, egoera-solidoko unitatetako, USB memoria gailuetako eta beste edozein onartutako memoria gailuetako partizioetan sortu daitezke. Kanpoko bolumenak partizioak ez dauzkaten gailuetan ere sortu daitezke (disko gogorrak eta egoera-solidoko unitateak barne).\n\nKONTUZ: Ohartu zaitez partizioa/gailua formatatu egingo dela eta bertan dauden datu guztiak galdu egingo direla. - \nVeraCrypt bolumenaren helbidea, non ezkutuko bolumena sortu nahi baituzu, aukeratu ezazu. - KONTUZ: Fitxategi/gailu ostalaria erabiltzen ari da!\n\nHau ezikustea nahi ez diren emaitzak sortu ditzake sistemaren ezegonkortasuna barne. Fitxategi/gailu ostalaria erabiltzen ari diren aplikazio guztiak (adibidez: antibirusak edo babeskopia programak) bolumena muntatu baino lehen itxi beharko lirateke.\n\nMuntatzen jarraitu? - Errorea: Ezin da bolumena muntatu. Fitxategi/gailu ostalaria erabiltzen ari da. Atzipen esklusiborik gabeko muntaketa sailakerak ere huts egin du. - Fitxategia ezin izan da ireki. - Bolumenaren Kokapena - Fitxategi Handiak - TrueCryp bolumen honetan 4GB baino gehiagoko fitxategiak gordetzeko asmoa ba al duzu? - Goian egindako aukeraketaren arabera, VeraCrypt-ek ondo dagokion fitxategi sitema lehenetsiko du (hurrengo pausoan fitxategi sistema hautatzeko aukera izango duzu). - Kanpoko bolumen bat sortzen hari zarenez, 'Ez' aukeratzea kontuan izan dezakezu. 'Bai' aukeratzen baduzu, lehenetsitako fitxategi sistema NTFS izango da, eta hau ez dagokio FAT kanpoko bolumenei (adibidez, ezkutuko bolumen baten tamaina askoz handiagoa izango da FAT moduan formatatutako bolumen batean). Orokorrean, FAT da lehenetsitako aukera bai ezkutuko, bai bolumen arruntetan (beraz FAT bolumenak ez dira susmagarriak). Hala ere, erabiltzaileak 4GB baino gehiagoko fitxategiak gorde nahi dituela jakinaratzten badu (FAT sistemak onartzen ez duena), FAT ez da lehenetsitako aukera izango. - Ziur zaude 'Bai' aukeratu nahi duzula? - Bolumena Sortzeko Modua - VeraCrypt bolumena partizo edo gailu batean sortzeko modurik azkarrena da hau ("bertan" egindako zifraketa, beste aukera, mantxoagoa da sektore bakoitza lehendabizi irakurri, gero zifratu eta gero iratzi behar delako). Momentu honetan partizioan/gailuan dauden datu guztiak galduko dira (datuak EZ dira zifratuko; ausazko datuekin ezabatuko da. Partizioan dagoen datuak zifratu nahi badituzu, beste aukera hautatu. - Aukeratutako partizio guztia eta bertan gordetako datuak dauden tokian zifratuko dira. Partizioa hutsik badago, beste aukera hautatu beharko zenuke (bolumena askoz azkarrago sortuko da). - Oharra: - &Berrekin - &Atzeratu - &Hasi - &Jarraitu - &Formateatu - &Ezabatu - Formateatzea utzi? - Informazio gehiago erakutsi - Ez erakutsi hau berriro - Partizioaren/Unitateaern edukiera ezabatu egin da. - Partizioaren, non jatorrizko sistema baitzegoen (norena ezkutuko sistema klona baitzen), edukiera ezabatu egin da. - Mesedez, ziurta zaitez instalatu behar duzun Windows (ezabatutako partizioan) bertsioa orain martxan dagoenaren berdina dela. Hau beharrezkoa bi sistemek hasieraketa partizio bera izango dutelako. - Sistemaren partizioa/unitatea zifratu egin da.\n\nOharra: Sistemakoak ez diren VeraCrypt bolumenak badaude eta Windows abiatzen den bakoitzean automatikoki muntatu nahi badituzu, hori egin dezakezu hauek eskuz muntatuz eta ondoren 'Gogokoak' > 'Muntatutako Bolumena Sistemaren Gogokoetara Gehitu' aukeratuz. - Sistemaren partizio/unitatea argitu egin da. - \n\nVeraCrypt bolumena sortu egin da eta erabiltzeko prest. TrueCryp bolumen berri bat egin nahi baduzu Hurrengoa sakatu. Bestela Irten klikatu. - \n\nEzkutuko bolumena sortu egin da (ezkutuko sistema eragilea ezkutuko bolumenean egongo da).\n\n "Hurrengoa" klikatu jarraitzeko. - Bolumena Guztiz Zifratu Da - Volume Fully Decrypted - GARRANTZITSUA: ORAIN SORTU DUZUN VERACRYPT BOLUMEN HAU MUNTATU ETA HAN DAUDEN DATUAK IRAKURTZEKO, 'Gailuak Auto-Muntatu' KLIKATU TRUECYPT-EN LEHIO NAGUSIAN. Pasahitz (edo/eta gako-fitxategi) zuzena sartu eta gero, bolumena VeraCrypt-en lehio nagusiko zerrendan hautatutako unitate letrarekin muntatuko da (eta zifratutako datuak irakurri ahal izango dituzu unitate letra horren bitartez).\n\nMESEDEZ AIPATUTAKO PAUSOAK GOGORATU EDO IDATZI ITZAZU. BOLUMENA MUNTATU ETA DATUAK IRAKURRI NAHI DITUZUN BAKOITZEAN JARRAITU BEHAR IZANGO DITUZU. Alternatiboki, VeraCrypt-en lehio nagusian, 'Gailua Aukeratu' botoian klik egin, partizioa/bolumena hautatu eta 'Muntatu' klikatu.\n\nPartizioa/Bolumena arazorik gabe zifratu da (guztiz zifratutako VeraCrypt bolumena dauka orain) eta erabiltzeko prest dago. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCrypt bolumena sortu egin da. - Bolumena Sortu Da. - GARRANTZITSUA: Zure xagua ahalik eta ausazkoen mugitu ezazu lehio honen barruan. Zenbat eta gehiago, hobeto. Honek gakoaren zifraketa boterea asko indartzen du. Gero 'Formatatu' sakatu bolumena sortzeko. - Formatatu sakatu kanpoko bolumena sortzeko. Informazio gehiago nahi baduzu, dokumentazioa begira ezazu. - Kanpoko Bolumena Formatatu - Ezkutuko Bolumena Formatatu - Bolumena Formatatu - Adobe Reader (edo beste tresna bateragarria) beharrezkoa de True Crypt-en Erabiltzailearen Gida ikusteko. Adobe Reader (freeware) hemen deskargatu daiteke: www.adobe.com\n\nHorren ordez linean dagoen dokumentazioa ikusi nahi al duzu? - Aukera hau hautatzen baduzu, laguntzaileak VeraCrypt bolumen normal bat sortzen lagunduko dizu, eta hor barruan ezkutuko bolumen bat. Esperientziarik gabeko erabiltzaileak aukera hau hautatu beharko lukete beti. - Aukera hau hautatzen baduzu, dagoeneko existitzen den VeraCrypt bolumen baten barruan ezkutuko bolumen bat sortuko du. Dagoeneko ezkutuko bolumena ostatzeko VeraCrypt bolumen egoki bat sortu duzula hartuko da. - Bolumena Sortzeko Modua - Ezkutuko Bolumena Sortu Da - VeraCrypt-en ezkutuko bolumena sotu da eta erabiltzeko prest dago. Jarraibideak bete badira eta VeraCrypt-en erabiltzaile gidaren "Ezkutuko Bolumenentzako Sekurtasun Baldintzak eta Neurriak" kapituloko betebeharrak bete badira, ezinezkoa da ezkutuko bolumenaren esistentzia frogatzea, baita kanpoko bolumena muntatuta dagoenean ere.\n\nKONTUZ: EZKUTUKO BOLUMENA BABESTEN EZ BADUZU (HORI EGITEKO INFORMAZIOA NAHI BADUZU VERACRYPT-EN ERABILTZAILE GIDAREN "EZKUTUKO BOLUMENEN KALTEEN AURKAKO BABESA" KAPITULOA IRAKURRI EZAZU), EZ EZAZU KANPOKO BOLUMENEAN IDATZI. BESTELA, EZKUTUKO BOLUMENAREN GAINEAN IDATZI DEZAKEZU ETA HURA HONDATU! - Ezkutuko sistema eragilea abiatu duzu. Agian ohartu zaren bezala, ezkutuko sistema eragilea jatorrizko sistema eragilearen partizio berean instalatuta dagoela dirudi. Hala dirudien arren, errealitatean haren atzean dagoen partizio batean instalatuta dago (ezkutuko bolumenean). Irakurtze eta idazte eragiketa guztiak gardenki berrabiatzen dira jatorrizko sistemaren partiziotik ezkutuko bolumenera.\n\nEz sistema eragileak, ez aplikazioak, ez dute jakingo sistemaren partizioan idatzi eta irakurritako datuak benetan bere atzean dagoen partizioan idatzi eta irakurriko direla (ezkutuko bolumenera/bolumenetik). Ohi den bezala, horrelako datuak momentuan zifratu eta argituko dira (sistema eragile amuarentzako erabiliko den zifratzeko gako ezberdin batekin).\n\n\nMesedez, 'Hurrengoa'-n klik egin jarraitzeko. - Kanpoko bolumena sortu da eta %hc: unitate bezala muntatu da. Kanpoko bolumen honetan pribatuak diruditen, baina ezkutatu nahi EZ dituzun, fitxategi batzuk kopiatu behar zenituzke. Hauek han egongo dira norbait sistemaren partizioaren atzean dagoen partizioaren pasahitza ematera behartzen bazaitu, non kanpoko eta ezkutuko bolumenak (ezkutuko sistema eragilea hostatzen duena) egongo dira. Kanpoko bolumen honen pasahitza eman ahal izango duzu, eta ezkutuko bolumena (eta ezkutuko sistema eragilea) sekretupean jarraituko dute.\n\nGARRANTZITSUA: Kanpoko bolumenaera kopiatzen dituzun fitxategiak ez lukete %s baino gehiago okupatu behar. Bestela, agian ez da toki aske nahikoa egongo kanpoko bolumenean ezkutuko bolumenarentzako (eta ezin izango duzu jarraitu). Kopiatzen bukatzen duzunean 'Hurrengoa' sakatu (ez ezazu bolumena desmuntatu).. - Kanpoko bolumena sortu da eta %hc: unitate bezala muntatu da.Kanpoko bolumen honetan pribatuak diruditen, baina ezkutatu nahi EZ dituzun, fitxategi batzuk kopiatu behar zenituzke. Fitxategiak han egongo dira norbait pasahitza ematera behartzen bazaitu. Bakarrik kanpoko bolumenaren pasahitza emango duzu, ez ezkutukoarena. Benetan garratzia duten fitxategiak ezkutko bolumenean sortuko dira, hau geroago sortuko dugu. Kopiatzen bukatzen duzunean, 'Hurrengoa' sakatu. Ez ezazu bolumena desmuntatu.\n\nOharra: 'Hurrengoa' klikatu eta gero kanpoko bolumenaren klusterraren bitmapa arakatuko da etenik gabeko espazio hutsaren tamaina zehazteko, non espazio hutsaren bukaera bolumenaren bukaerarekin bat datorren. Tarte honetan ezkutuko bolumena ostatuko da, beraz, haren gehienezko tamaina mugatuko du. Klusterraren bitmaparen arakaketak ezkutuko bolumena kanpoko bolumenaren datuak berridatziko ez dituela ziurtatzen du. - Kanpoko Bolumenaren Edukiak - \n\nHurrengo pausoetan, kanpoko bolumenaren aukerak jarriko dituzu (horiekin, gero, kanpoko bolumena sortuko da). - \n\nHurrengo pausoetan, VeraCrypt kanpoko bolumena sortuko duzu sistema eragilearen partizioaren jarraiko partizioa bezala (aurreko pausoetan azaldu den bezala). - Kanpoko Bolumena - Hurrengo pausoetan ezkutuko bolumenaren (ezkutuko sistema eragilea izango duena) pasahitza eta ezaugarriak jarriko dituzu.\n\nOharra: kanpoko bolumenaren klusterraren bitmapa arakatu da etenik gabeko espazio hutsaren tamaina jakiteko, non espazio hutsaren bukaera bolumenaren bukaerarekin bat datorren. Espazio honek ezkutuko bolumena ostatuko du, beraz, ezkutuko bolumenaren gehienezko tamaina mugatuko du. Ezkutuko bolumenaren gehienezko tamaina zehaztu da eta ziurtatu da sistemaren partizioaren tamaina baino handiagoa dela (hau beharrezkoa da sistemaren partizio osoa ezkutuko bolumenera kopiatu behar izango delako). Honek kanpoko bolumenaren datuak ezkutuko bolumenarekin ez direla berridatziko ziurtatzen du. - GARRANTZITSUA: Mesedez, gogoratu itzazu pauso honetan aukeratu dituzun algoritmoak. Sistema amouarentzako algoritmo berdinak aukeratu behar izango dituzu. Bestela, ezin izango zara ezkutuko sisteman sartu! (Sistema amua ezkutuko sistremaren zifratzeko algoritmo berdinarekin zifratu behar da)\n\nOharra:Honen arrazoia sistrma amua eta ezkutuko sistema hasieraketa kargatzaile berdina erabiltzen dutela da eta hasieraketa kargatzaile bakoitzak algoritmo bakarra erabili dezake (algoritmo bakoitzarentzko VeraCrypt-en Hasieraketa Kargatzaile bana dago). - \n\nBolumenaren lukuaren bit-mapa eskaneatu da eta ezkutuko bolumenaren tamaina maximoa erabaki da. Hurrengo pausoetan ezkutuko bolumenarentzat aukerak ezarriko dituzu, tamaina eta pasahitza. - Ezkutuko bolumena - Ezkutuko bolumena kalteen aurkako babesa dauka eta kanpoko bolumena desmuntatzen den arte iraungo du.\n\nKONTUZ: Ezkutuko bolumenean datuak gordetzen saiakera egiten bada, VeraCrypt-ek bolumen osoari idazkera babesa jarriko dio (kanpoko zein ezkutuko zatiei) desmuntatzen den arte. Honek kanpoko bolumenaren fitxategi sistemari kalte egin diezaioke, eta hau (errepikatzen bada) ezkutuko bolumenaren ezeztapen onargarriari kalte egingo dio. Horregatik, ezkutuko bolumenean ez idazten saiatu beharko zinateke. Ezkutuko bolumenaren zatian gordetzen saiatzen zaren datu guztiak ez dira gordeko eta galduko dira. Agian Windowsek abisatuko dizu idazterakoan akats bat egon dela ("Idazketa Atzeratuak Huts Egin Du" edo "Parametro Okerra"). - Orain muntatutako bolumenean dauden ezkutuko bolumen guztiak kalteen aurkako babesa izango dute desmuntatu arte.\n\nKONTUZ:Babestutako ezkutuko bolumena dagoen tokian datuak gordetzeko saiakera egiten bada, VeraCrypt-ek bolumen osoan (bai kanpoko, bai ezkutuko zatietan)idazketa babesa hasiko du desmuntatzen den arte. Honek kanpoko bolumenaren fitxategi sistemaren hondatzea sortu dezake, eta hau (errepikatzen bada), ezkutuko bolumenaren ezeztapen onargarriari kalte egingo dio. Horregatik, ezkutuko bolumenean ez idazten saiatu beharko zinateke. Ezkutuko bolumenaren zatian gordetzen saiatzen zaren datu guztiak ez dira gordeko eta galduko dira. Agian Windowsek abisatuko dizu idazterakoan akats bat egon dela ("Idazketa Atzeratuak Huts Egin Du" edo "Parametro Okerra"). - KONTUZ: %c: bezela muntatutako bolumenearen ezkutuko bolumenaren zatian datuak gordetzeko saiakera egin da! VeraCrypt-ek datu haien idazkera eragotzi du ezkutuko bolumena babaesteko. Agian honek kanpoko bolumenaren fitxategi sistema hondatu du eta agian Windowsek idazkera errore bat eman du ("Idazketa Atzeratuak Huts Egin Du" edo "Parametro Okerra"). Bolumen osoa (bai kanpoko bai ezkutuko zatiak) idazkera babesa izango dute desmuntatu arte. Honako hau ez bada VeraCrypt-ek ezkutuko bolumenean idazkera bat eragotzi duen lehenengo aldia, agian ezkutuko bolumenaren ezeztapen onargarriari kalte egin dio (kenpoko bolumenaren fitxategi sisteman egon daitezkeen ez ohiko huts jarraituengatik). Horregatik, VeraCrypt bolumen berri bat sortzea pentsatu beharko zenuke (Formataketa Azkarra aukera ezgaituta) eta fitxategiak bolumen honetatik bolumen berrira mugitu; bolumen hau sekurtasunez ezabatu beharko litzateke (bai kanpoko bai ezkutuko zatiak). Gogor gomendatzen dizugu sistema eragilea orain berrabiatzea. - Bolumenean 4GB baino gehiagoko fitxategiak gorde nahi dituzula adierazi duzu. Honek bolumena NTFS formatuan egotea behar du eta hori ezinezkoa da. - Ohartu zaitez ezkutuko sistema eragilea martxan dagoenean, ezkututa ez dauden VeraCrypt bolumenak ezin direla NTFS moduan formatatu. Honen arrazoia hau da, bolumena aldi-baterako idatzteko babesik gabe muntatu behar dela sistema eragileak NTFS moduan formatatu dezan (beste aldetik, FAT moduan formatatzea VeraCrypt-ek berak egiten du, ez sistema eragileak, eta ez du bolumena muntatu behar). Informazio tekniko gehiago nahi baduzu, azpian begiratu. NTFS formatua duen ezkutu gabeko bolumen bat sorttzeko, sistema eragile amutik egin dezakezu. - Sekurtasun arrazioengatik, ezkutuko sistema eragile bat martxan dagoenean, ezkutuko bolumenak bakarrik modu 'zuzenean' sortu daitezke (kanpoko bolumenak beti irakurtzeko bakarrik muntatzen direlako). Ezkutuko bolumen bat sekurtasunez sortzeko, hurrengo pausoak jarraitu itzazu:\n\n1)Sistema amua abiatu ezazu.\n\n2)VeraCrypt bolumen normal bat sortu eta zifratu nahi ez dituzun baina garrantzitsuak diruditen fitxategi batzuk bertara kopiatu itzazu (bolumen hau kanpoko bolumena izango da).\n\n3) Ezkutuko sistema abiatu ezazu eta VeraCrypt-en Bolumenak Sortzeko Laguntzailea ireki ezazu. Bolumena fitxategi batean ostatuta badago, sistemaren partiziora edo beste ezkutuko bolumen batera mugitu ezazu (bestela, sortutako ezkutuko bolumena irakutzeko bakarrik muntatuko zen eta ezin izango zen formatatu). Laguntzailearen pausoak jarraitu itzazu 'ezkutuko bolumena zuzenean sortzeko modua' aukeratuz.\n\n4)Laguntzailean, bigarren pausoan sortutako bolumena aukeratu ezazu eta ematen diren oharrak jarraitu itzazu bere barnean ezkutuko bolumen bat sortzeko. - Segurtasun arrazoiengatik, ezkutuko sistema eragile bat martxan badago, zifratu gabeko fitxategi sistema lokalak eta VeraCrypt ezkutugabeko bolumenak irakurtzeko bakarrik muntatzen dira (ezin da daturik idatzi fitxategi sistema edo VeraCrypt bolumen horietan).\n\nDatuak bakarrik ezkututako VeraCrypt bolumenetan dauden fitxategi sistematan idatzi daitezke (ezkutuko bolumenaren edukiontzia ez badago enktiptatu gabeko fitxategi sistema batean edo beste motako irakurtzeko fitxategi sisteman). - Hiru arrazoi nagusi daude babes hauek ezartzeko:\n\n- Ezkutuko VeraCrypt bolumenak muntatzeko plataforma sekurua sortzea baimentzen du. Ohartu zaitez, ofizialki, ezkutuko bolumenak bakarrik ezkutuko sistema eragile bat martxan dagoenean muntatzea gomendatzen dugula (informazio gehiago nahi baduzu dokumentazioaren 'Ezkutuko Bolumenei Dagokien Sekurtasun Betebearrak eta Neurriak' atala irakurri ezazu).\n\n - Zenbait kasuetan, posiblea da, noizbait, fitxategi sistema bat ez zela sistema eragilearen instanzia berezi batean muntatu (edo fitxategi sistemaren fitxategi berezi bat ez dela handik gorde edo sartu) (adibidez, fitxategi sistemaren egunkarietak, fitxategi datak, aplikazioen logak, errore logak e.a. aztertu eta konparatuz). Honek ordenagailuan ezkutuko sistema eragile bat instalatuta dagoela adierazi lezake. Babesek arazo hauek eragozten dituzte.\n\n- Datuen hondatzea eta hibernazio segurua baimentzen du. Windowsek hibernaziotik bueltatzen denean, muntatutako fitxategi sistemen egoera hibernatzen hasi baino lehenagokaren berdina balitz bezela hartzen du. VeraCrypt-ek hau ziurtatzen du sistema eragile amu eta ezkutuko sistematik irakurri daitezkeen fitxategi sistemei idazkera babesa ezarriz. Babes hori gabe, fitxategi sistema hondatu ahal izango liteke beste sistema batetik muntatuko balitz bestea hibernatzen dagoen bitartean. - Oharra: Amu sistematik ezkutuko sistemara fitxategiak sekurtasunez mugitu behar badituzu, hurrengo pausoak jarraitu itzazu:\n1) Amu sistema abiatu.\n2) Fitxategiak zifratu gabeko bolumen batera edo kanpoko/ohiko VeraCrypt bolumen batera kopiatu itzazu.\n3) Ezkutuko sistema abiatu.\n4)Fitxategiak TrueCryp bolumen batera kopiatu badituzu, muntatu ezazu (automatikoki irakurtzeko bakarrik muntatuko da).\n5) Fitxategiak ezkutuko sistemaren partiziora edo beste ezkutuko bolumen batera kopiatu itzazu. - Zure ordenagailua berpiztu behar da.\n\nOrain berpiztu nahi al duzu? - Errore bat jazo da sistemaren enkripzio egoera irakurtzen ari zenean. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Ezin izan dira aplikazioaren osagaiak hasieratu sistema zifratzeko. - Ausazko zenbakien sortzailea hasieratzerakoan hutse egin du! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Ezin izan da aplikazioa hasieratu. 'Dialog Class'-a erregistratzerakoan huts egin du. - Errorea: Ezin izan da Rich Edit sistemaren liburutegia kargatu. - VeraCrypt Bolumenak Sortzeko Laguntzailea - Bolumen honentzat, ezkutuko bolumenaren tamaina gehienezkoa %.2f bytetakoa da. - Bolumen honentzat, ezkutuko bolumenaren tamaina gehienezkoa %.2f KB-etakoa da. - Bolumen honentzat, ezkutuko bolumenaren tamaina gehienezkoa %.2f MB-etakoa da. - Bolumen honentzat, ezkutuko bolumenaren tamaina gehienezkoa %.2f GB-etakoa da. - Bolumen honentzat, ezkutuko bolumenaren tamaina gehienezkoa %.2f TB-etakoa da. - Bolumenaren pasahitza/gako-fitxategiak ezin dira aldatu bolumena muntatuta dagoen bitartean. Mesedez, lehendabizi bolumena desmuntatu ezazu. - Goiburuaren deribazio algoritmoa ezin da aldatu bolumena muntatuta dagoen bitartean. Mesedez, hori baino lehen bolumena desmuntatu ezazu. - &Muntatu - Bolumen hau muntazteko VeraCrypt-en bertsio berriago bat behar da. - Errorea: Bolumenak Sortzeko Laguntzailea ez da aurkitu.\n\nZiurta zaitez 'VeraCrypt Format.exe' fitxategia 'VeraCrypt.exe' abiatu zeneko karpeta berdinean dagoela. Ez badago, VeraCrypt berriro instalatu, edo zure diskan 'VeraCrypt Format.exe' aurkitu eta exekutatu. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Hurrengoa > - &Bukatu - &Instalatu - &Atera - Ezin izan da VeraCrypt gailu kontrolatzailera konektatu. VeraCrypt ez dabil gailuaren kontrolatzailea martxan ez badago.\n\nOhartu zaitez, Windowsen arazo batengatik, beharrezkoa izan daitekela sesioa amaitzea edo ordenagailua berrabiatzea unitate kontrolatzaile kargatu ahal izan baino lehen. - Letra-tipoak kargatzerakoan/prestatzerakoan errore bat gertatu da. - Unitatearen letra ez da aurkitu edo ez da letrarik zehaztu. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Unitatearen letra ez dago eskuragarri. - Ez da fitxategirik hautatu! - Ez daude unitate letra gehiago eskuragarri. - Ez dago kanpoko bolumenarentzat unitate letra librerik! Bolumenaren sorrerak ezin du jarraitu. - Ezin izan da zure sistema eragilearen bertsioa jakin izan edo onartuta ez dagoen sistema eragilea erabiltzen ari zara. - Ez da helbiderik aukeratu! - Ez dago ezkutuko bolumenarentzat nahikoa espazio libre! Bolumenaren sorrerak ezin du jarraitu. - Errorea: Kanpoko bolumenera kopiatu dituzun fitxategiak leku gehiegi okupatzen dute. Horregatik, kanpoko bolumenean ez dago ezkutuko bolumen batentzako leku huts nahikorik.\n\nOhartu zaitez ezkutuko bolumenak sistemaren partizioaren (orain martxan dagoen sistema eragilea instalatuta dagoen partizioaren) tamaina izan behar duela gutxienez. Ezkutuko sistema eragilea sortzeko sistemaren partizioa ezkutuko bolumenera kopiatu beharra da honen arrazoia.\n\n\nEzkutuko sistema eragilea sortzeko prozesuak ezin du jarraitu. - Erabiltaileak ezin du bolumena desmuntatu. Ziurenik bolumenan dauden fitxategi batzuk oraindik irekita daude. - Ezin izan da bolumena blokeatu. Bolumenean oraindik fitxategi irekiak daude. Hortaz, ezin da desmuntatu. - VeraCrypt-ek ezin du bolumena blokeatu sistema edo aplikazioren bat erabiltzen ari delako.\n\nBolumena desmuntatzera behartu nahi al duzu? - VeraCrypt Bolumena Aukeratu - Helbidea eta Fitxategiaren Izena Eman - PKCS #11 Liburutegia Aukeratu - Memoriarik Gabe - GARRATZITSUA: Esperientziarik gabeko erabiltzaileentzat oso gomendagarria da VeraCrypt fitxategi-edukionktzi bat aukeratutako partizio/gailuan sortzea, partizio/gailu osoa zifratzen saiatu beharrean.\n\n Fitxategi-edukiontzi bat sortzerakoan (gailu edo partizio osoa zifratzearekin konparatuta) ez dago, adibidez, fitxategi kopuru handia hondatzeko arriskurik. Ohartu zaitez VeraCrypt-en fitxategi-edukiontzi bat (nahiz eta bere barruan zifratutako disko bat izan) berez beste edozein fitxategi normal bat bezalakoa da. Informazio gehiago nahi baduzu, VeraCrypt-en Erabiltzaile Gidan Hasiberrien Tutoriala kapituloa irakurri ezazu.\n\nZiur zaude gailu/partizio osoa zifratu nahi duzula? - KONTUZ: '%s' fitxategia dagoeneko badago!\n\nGARRANTZITSUA: VERACRYPT-EK EZ DU FITXATEGIA ZIFRATUKO, EZABATUKO DU. Ziur zaude fitxategia ezabatu eta VeraCrypt edukiontzi berri batengatik ordezkatu nahi duzula? - KONTUZ: AUKERATUTAKO %s '%s'%s-etan GORDETA DAUDEN FITXATEGI GUZTIAK EZABATU ETA GALDUKO DIRA (EZ DIRA ZIFRATUKO)!\n\nZiur zaude formataketarekin jarraitu nahi duzula? - KONTUZ: Bolumena guztiz zifratzen den arte ezin izango duzu, ez muntatu, ez bertan dauden fitxategiak erabili.\n\nZiur zaude aukeratutako %s '%s'%s-ak zifratu nahi dituzula? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - KONTUZ: VeraCrypt-ek datuak "bertan" zifratzen ari den bitartean argia joaten bada edo sistemak huts egiten badu, softwarearen edo hardwarearen akats batengatik, datuen zatiak hondatu edo galduko dira. Horregatik, zifratzen hasi aurretik, ziurta zaitez zifratu nahi dituzun fitxategien babeskopiak dituzula.\n\nBabeskopia hori daukazu? - KONTUZ: '%s'%s (adib. SISTEMAREN PARTIZIOAREN ATZEAN DAGOEN HURRENGO PARTIZIOAN) PARTIZIOAN GORDETA DAUDEN FITXATEGI GUZTIAK EZABATU ETA GALDUKO DIRA (EZ DIRA ZIFRATUKO)!Ziur zaude formatatu nahi duzula? - KONUZ: AUKERATUTAKO PARTIZIOAK DATU ASKO DAUZKA! Partizioan gordeta dauden datuak ezabatu eta galduko dira (EZ dira zifratuko)! - Partizioan gordeta dauden fitxategi guztiak ezabatu han VeraCrypt bolumen bat sortuz - Pasahitza - PIM - Goiguruaren Gakoa Lortzeko Algoritmoa Ezarri - Bolumenari Gako-fitxategiak Gehitu/Kendu - Gako-fitxategi Guztiak Bolumenatik Kendu - Pasahitza, PIM edo/eta gako-fitxategia(k) aldatu egin da/dira.\n\nGARRANTZITSUA: Ziurtatu zaitez VeraCrypt-en Erabiltzaile Gidaren 'Sekurtasun Baldintzak eta Neurriak' kapituloko 'Pasahitzak eta gako-fitxategiak aldatzen' atala irakurri duzula. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - GARRANTZITSUA: VeraCrypt-en Salbatze Diska txikitu ez baduzu, zure sistemaren partizio/unitatea oraindik pasahitz zaharrarekin argitu daiteke (VeraCrypt-en Sablatze Diskarekin sistema abiatuz eta pasahitz zaharra sartuz). VeraCrypt Salbatze Diska berri bat sortu eta zaharra txikitu beharko zenuke.\n\nVeraCrypt Salbatze Diska berri bat sortu nahi al duzu? - Ohartu zaitez VeraCrypt-en Salbatze Diskak oraindik algoritmo zaharra erabiltze duela. Algoritmo zaharra segurua ez dela iruditzen bazaizu, VeraCrypt Salbatze Diska berri bat sortu eta gero zaharra txikitu beharko zenuke.\n\nVeraCrypt Salbatze Diska berri bat sortu nahi al duzu? - Edozein fitxategi mota erabili daiteke (adibidez, .mp3, .jpg, .zip, .avi) VeraCrypt gako-fitxategi bezala. Kontutan hartu ezazu VeraCrypt-ek ez duela fitxategiaren edukia aldatzen. Karpeta bat aukeratzen baduzu, bertan dauden ezkutu gabeko fitxategi guztiak erabiliko dira gako-fitxategi moduan. 'Agiri Fitxategiak Gehitu' sakatu ezazu segurtasun agiri edo txartel azkarren barruan gordeta dauden gako-fitxategiak aukeratzeko (edo gako-fitxategiak sekurtasun agiri edo txartel azkarretara eramteko). - Gako-fitxategia(K) gehitu/kendu da(dira). - Gako-fitxategia exportatu egin da. - Goiburua lortzeko algoritmoa zuzenki ezarri da. - Mesedez, bertan zifratzeko prozesua berrabiatu nahi duzun sistemakoa ez den bolumenaren pasahitz edo/eta gakofitxategiak sartu itzazu.\n\n\nOharra: 'Hurrengoa' sakatu eta gero, VeraCrypt-ek sistemakoak ez diren bolumenak, non zifraketa prozesua eten den eta VeraCrypt-en bolumenaren goiburua emandako pasahitz edo/eta gako fitxategiekin argitu deitekeen, bilatuko ditu. Horrelako bolumen bat baino gehiago badago, hurrengo pausoan haietako bat aukeratu beharko duzu. - Mesedez, zerrendako bolumen bat aukeratu ezazu. Zerrenda erabili daitezkeen sistemakoak ez diren boluemenak, non zifraketa eten egin den eta goiburua emandako pasahitz eta/edo gako fitxategiarekin argitu daitezkenak, daude. - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - Oso garratzitsua da pasahitz ona aukeratzea. Hiztegi batean agertu daitekeen hitz bakar bat (edo horrelako 2,3 edo 4 hitzen konbinazioa) ez zenuke aukeratu behar. Ez luke izenik edo jaiotze datik ezan behar. Ez litzateke asmatzeko erraza izan behar. Pasahitz on bat letra larri eta xehe, zenbaki eta karaktere berezien (@ ^ = $ * + e.a.) ausazko konbinaketa da. 20 karaktere baino gehiagokoa (hainbat eta luzeago, hobeto) izatea gomendatzen dugu. Gehienezko luzeera 64 karaktere dira. - Mesedez, ezkutuko bolumenarentzat pasahitza aukeratu - Mesedez, ezkutuko sistema eragilearentzat pasahitza aukeratu (hau da, ezkutuko bolumenarentzat). - GARRANTZITSUA: Pauso honetan ezkutuko sistema eragilearentzako aukeratzen duzun pasahitza beste bi pasahitzekin ezberdintasun handia izan behar du (hau da, kanpoko bolumenaren pasahitzarekin eta sistema eragile amuaren pasahitzarekin). - Mesedez bolumenaren pasahitza, non ezkutuko bolumena ostatu nahi duzun, sartu ezazu.\n\n'Hurrengoa' klikatu eta gero TrueCryp-ek bolumena muntatzen saiatuko da. Muntatzen den bezain laister, bere klusterraren bitmapa arakatuko da bolumenaren amaierarekin bat egiten duen etenik gabeko toki librerik handienaren tamiana lortzeko(tokia baldin badago). Toki honek ezkutuko bolumena ostatuko du eta bere gehienezko tamaina murrizuko du. Klusterraren bitmaparen arakatzea beharrezkoa da kanpoko bolumenaren datuak ezkutuko bolumenarekin ezabatuko ez direla ziurtzatzeko. - \nMesedez, kanpoko bolumenarentzat pasahitz bat aukeratu. Pasahitz hau eman ahal izango duzu arerio batek pasahitz bat ematera behartzen bazaitu.\n\nGARRANTZITSUA: Pasahitz hau ezkutuko boluenaren pasahitzarekin ezberdintasun handiak izan behar ditu.\n\nOharra: Pasahitzaren gehienezko luzeera 64 karaktere dira. - Mesedez, kanpoko bolumenarentzat pasahitz bat aukeratu. Norbaitek sistemaren atzean dagoen ondorengo partizioaren, non kanpoko eta ezkutuko (ezkutuko sistema eragilea daukana) bolumenak egongo diren, pasahitza ematera behartzen bazaitu, pasahitz hau emain ahal izango duzu. Ezkutuko bolumenaren (eta ezkutuko sistema eragilearen) esistentzia sekretupean jarraituko du. Ohartu zaitez hau ez dela sistema eragile amuaren pasahitza.\n\nGARRANTZITSUA: Pasahitz hau eta ezkutuko bolumenak (hau da, ezkutuko sistema eragilearena) daukana zeharo ezberdinak izan behar dira. - Kanpoko Bolumenaren Pasahitza - Ezkutuko Bolumenaren Pasahitza - Ezkutuko Sistema Eragilearentzat Pasahitza - KONTUZ: Pasahitz motzak erraz hautsi daitezke indarrezko teknikak erabiliz!\n\n20 karaktere baino gehiagoko pasahitza aukeratzea gomendatzen dugu. Ziur zaude pasahitz motz bat erabili nahi duzula? - Bolumenaren Pasahitza - Pasahitz okerra edo ez da VeraCrypt bolumen bat. - Gako-fitxategi edo pasahitz ez zuzena edo ez da VeraCrypt bolumen bat. - Muntaketa modu ez zuzena, pasahitz ez zuzena edo ez da VeraCrypt bolumen bat. - Muntaketa modu ez zuzena, gako-fitxategi edo pasahitz ez zuzena edo ez da VeraCrypt bolumen bat. - Pasahitz okerra edo ez da VeraCrypt bolumenik aurkitu. - Gako-fitxategi/pasahitz ez zuzena edo ez da VeraCrypt bolumena aurkitu. - \n\nKontuz: Caps Lock gaituta dago. Honek pasahitza gaizki sartzea eragin dezake. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nKONTUZ: Ezkutuko fitxategiak aurkitu dira gako-fitxategiak bilatzeko helbidean. Honako ezkutuko fitxategiak ezin dira gako-fitxategi moduan erabili. Gako-fitxategi moduan erabili nahi badituzu, 'Ezkututa' ezaugarria kendu iezaiezu (eskubiko klik egin, 'Ezaugarriak' aukeratu, 'Ezkututa' marka kendu eta 'Ados' sakatu). Oharra: Ezkutuko fitxategiak hori egiteko aukera gaituta badago bakarrik ikus daitezke (Ordenagailua > Kudeatu > Karpeta eta Bilaketa Aukerak > Ikusi). - Ezkutuko sistema baten barruan dagoen ezkutuko bolumen bat babesten saiatzen ari bazara, ziurtatu zaitez US teklatu estandarra erabiltzen ari zarela pasahitza idazteko. Hau beharrezkoa da pasahitza hasieraketa aurreko giroan (Windows hasi aurretik) sartu behar delako eta bertan US teklatuak ez diren teklatu motak ez dutelako balio. - VeraCrypt-ek ez du aurkitu bolumenik non sistemakoa ez den zifraketa eten den eta bolumenaren goiburua emandako pasahitz edo gako-fitxategiarekin argitzen dena..\n\n Mesedez, ziurta zaitez pasahitza edo/eta gako fitxategiak zuzenak direla eta partizioa/bolumena erabiltzen ari den prozesurik ez dagoela (Antibirusa barne). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nOharra: Hasieraketa aurreko kautotzerik gabeko sistemaren unitate zifratu baten barruan dagoen partizio bat edo erabiltzen ari ez den zifratutako sistema eragile bat muntatzen saiatzen ari bazara, hori egin dezakezu 'Sistema' > 'Muntatu Hasieraketa Aurreko Kautotzerik Gabe' aukeratuz. - Modu honetan, ezin duzu muntatu orango sistemaren zifraketaren gakoaren eremuan dagoen unitate batean dagoen partizioa.\n\nPartizio hau modu honetan muntatu baino lehen, beste unitate batean dagoen sistema eragilea (zifratu edo zifratu gabe) edo zifratu gabeko sistema eragile bat abatu behar duzu. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Atzera - Ezin izan da sisteman instalatuta dauden gailu gordinak zerrendan jarri! - '%s' bolumena existitzen da eta irakurtzeko bakarrik da. Ziur zaude ordezkatu nahi duzula? - Helmuga Karpeta Aukeratu - Gako-fitxategia Aukeratu - Gako-fitxategiak bilatzeko helbidea aukeratu. KONTUZ: Ohartu zaitez bakarrik helbidea gogoratuko dela, ez fitxategien izenak! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Ross Anderson, Eli Biham eta Lars Knudsen diseinatuta. 1998an argitaratuta. 256 biteko blokea. XTS eragiketa modua. Serpent AES-eko finalista bat izan zen. - Mesedez, sortuko den edukiontziaren tamaina aukeratu ezazu.\n\nEdukiontzi dinamiko bat (fitxategi mehatza) sortzen ari bazara, balio honek gehienezko tamaina adieraziko du.\n\nOhartu zaitez FAT moduan formatatuta badago bolumenaren gutxienezko tamaina 292 KB dela. NTFS moduan formatatuta badago, bolumenaren gutxienezko tamaina 3792 KB da. - Mesedez, sortuko den kanpoko bolumenaren tamaina aukeratu ezazu (lehendabizi kanpoko bolumena sortuko duzu eta, gero, bertan ezkutuko bolumena sortuko duzu). Ezkutuko bolumen bat ostatuko duen kanpoko bolumen baten gutxienezko tamaina 340 KB da. - Mesedez, sortuko den ezkutuko bolumenaren tamaina aukeratu ezazu. Ezkutuko bolumen baten tamaina minimoa 40KB-ekoa da (3664KB NTFS moduan formatatuta badago). Ezkutuko bolumenaren gehienezko tamaina goian agertzen da. - Kanpoko Bolumenaren Tamaina - Ezkutuko Bolumenaren Tamaina - Mesedez egiaztatu ezazu goian agertzen den aukeratutako gailuaren/partizioaren tamaina zuzena dela eta Hurrengoa sakatu. - Kanpoko bolumena eta ezkutuko bolumena (ezkutuko sistema eragilea daukana) goiko partizioan ostatuko dira. Sistemaren ondoren lehendabiziko partizioa izan beharko liteke.\n\nMesedez, ziurtatu zaitez goian adierazten diren partizioaren tamaina eta zenbakia zuzenak direla, zuzenak badira, 'Hurrengoa' klikatu. - \n\nOhartu zaitez ezkutuko bolumen bat ostatuko duen bolumenaren gutxienezko tamaina 340KB-ekoa dela. - Bolumenaren Tamaina - Dinamikoa - KONTUZ: AUTOKONPROBAKETAK HUTS EGIN DU! - Autokonprobaketak algoritmo guztiekin a gainditu dira - Eman duzun datu unitateen zenbakia motzegia edo luzeegia da. - Eman duzun bigarren mailako gakoa motzegia edo luzeegia da. - Eman duzun zifratutako testua luzeegia edo motzegia da. - Frogetarako eman duzun gakoa luzeegia edo motzegia da. - Eman duzun testu argia luzeegia edo motzegia da. - Bi zifraketa bata bestearen ondoren XTS moduan. Bloke bakoitza lehendabizi %s-rekin (%d biteko gakoa) zifratzen da eta gero %s-rekin (%d biteko gakoa). Zifraketa bakoitzak bere gakoa erabiltzen du. Gako guztiak bata bestearekiko independienteak dira. - Hiru zifraketa bata bestearen ondoren XTS moduan. Bloke bakoitza lehendabizi %s-rekin (%d biteko gakoa) zifratzen da, gero %s-rekin (%d biteko gakoa) eta azkenik %s-rekin (%d biteko gakoa). Zifraketa bakoitzak bere gakoa erabiltzen du. Gako guztiak bata bestearekiko independienteak dira. - Ohartu zaitez, sistema eragilearen konfigurazioaren arabera, auto-exekutatu eta auto-muntatu ezaugarriak bakarrik idatzi ezin daitezkeen CD/DVD motako gailuetan sortutako diska eramangarrietan ibiliko direla. Ohartu zaitez ere, hau ez dela TrueCypt-en akats bat (Windows-en muga bat da). - VeraCrypten diska eramangarria sortu da.\n\n Ohartu zaitez administratzaile baimenak behar dituzula VeraCrypt modu eramangarrian abiatzeko. Ohartu zaitez ere, erregsitro fitxategia begiratu eta gero, agian posible dela VeraCrypt Windows sistema batean abiatu zela ikustea nahiz eta modu eramangarrian abiatu izana. - VeraCrypt Disko Bidaiariak - Diseinatzaileak: Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall eta Niels Ferguson. 1998an argitaratuta. 256 biteko gakoa, 128 biteko blokea. XTS funtzionatzeko modua. Towfish AES-eko finalista bat izan zen. - Informazio gehiago %s-ri buruz - Ezezaguna - Zehaztu gabeko errore bat edo errore ezezagun bat gertatu da (%d). - Bolumen batzuk sistemak edo aplikazioek erabiltzen ari diren fitxategiak edo karpetak dauzkate.\n\nDesmuntarazi? - &Desmuntatu - Dismuntaketak huts egin du! - Bolumenak sistemak edo aplikazioak erabiltzen ari diren fitxategi edo karpetak dauzka.\n\nDesmuntaketa behartu? - Esandako unitate letran ez dago muntatutako bolumenik. - Muntatzen saiatzen ari zaren bolumena dagoeneko muntatuta dago. - Errore bat gertatu da bolumena muntatzen saiatzerakoan. - Bolumenaren barruako helbidea bilatzerakoan errore bat gertatu da. - Errorea: Bolumenaren tamaina gaizki dago. - KONTUZ: Formatatze Azkarra bakarrik hurrengo kasuetan erabili beharko zenuke:\n\n1) Gailuak ez dauka datu garrantzitsurik eta ez da ezeztapen onargarririk behar.\n2) Gailua dagoeneko guztiz eta sekurtasunez zifratu egin da.\n\nZiur zaude Formatatze Azkarra erabili nahi duzula? - Edukiontzi dinamiko bat aurretik definitutako NTFS fitxategi mheatza da eta bere tamaina fisikoa (diskoan erabiltzen ari den espazioa) hazi egiten da datuak eransten zaizkionean.\n\nKONTUZ: fitxategi mehatzetan gordetzen diren bolumenen errendimendua ohiko bolumenena baino askoz txarragoa da. Fitxategi mehatzetan gordetzen diren bolumenek sekurtasun gutxiagoa dute bolumenean zein sektore erabiltzen diren eta zein ez esan daitekeelako. Horretaz gain, fitxategi mehatzetan gordetzen diren bolumenek ez dute ezeztapen onargarririk ematen (hortaz, ezin dute ezkutuko bolumenki ostatu). Horretaz gain, fitxategi mehatz batean datuak idazten badira eta fitxategi sisteman ez badago behar adina toki librerik, zifratutako fitxategi sistema hondatu daiteke.\n\nZiur zaude fitxategi mehatz batean gordetako bolumen bat sortu nahi duzula? - Ohartu zaitez, Windows eta VeraCrypt-ek beti edukiontzi dinamikoaren gehienezko tamaina erakutsiko dutela. Edukiontziaren tamaina fisikoa jakiteko (benetan diskoan erabiltzen duen tamaina) edkuiontzi dinamikoan eskubiko klik egin (Windows Esploratzailearen lehioan, ez VeraCrypt-en), ondoren 'Ezaugarriak' aukeratu eta ondoren 'Tamaina Diskoan' balioa begiratu.\n\nOhartu zaitez ere, edukiontzi dinamikoa beste bolumen edo unitate batera mugitzen baduzu, edukiontziaren tamaina fisikoa bere gehienezko tamainara handituko dela. (Hau eragotzi dezakezu helburuan edukiontzi dinamiko bat sortuz, hura muntatuz eta fitxategiak edukiontzi zaharretik berrira mugituz.) - Pasahitz katxea ezabatu egin da - VeraCrypt kontrolatzailearen katxean gordeta zeuden pasahitzak (eta/edo erabilitako gako fitxategien edukiak) ezabatu egin dira. - VeraCrypt-ek ezin du bolumen ezezagun baten pasahitza aldatu. - Mesedez, libre dagoen unitate letra bat aukeratu ezazu. - Mesedez, muntatutako bolumen bat aukeratu ezazu unitate letren zerrendatik. - Muntatutako bi bolumen ezberdin aukeratuta dude (bat unitate letren zerrendan eta bestea zerrendaren azpian dagoen eremuan).\n\nMesedez, hautatu ezazu aukeratu nahi zenuen bolumena: - Errorea: Ezin da autorun.inf sortu - Errore bat gertatu da gako-fitxategia prozesatzerakoan! - Errore bat gertatu da gako-fitxategiaren helbidea prozesatzerakoan! - Gako fitxategiaren helbidean ez dago fitxategirik.\n\nOhartu zaitez gako-fitxategia aurkitzeko helbidean dauden karpetak (eta barruan dauden fitxategiak) ezikusiko direla. - VeraCrypt ez du sitema eragile hau onartzen. - Errorea: VeraCrypt-ek sistema eragile honen bertsio estableak onartzen ditu (beta/RC bertsioak ez ditu onartzen). - Errorea: Ezin izan da memoria esleitu. - Errorea: Ezin izan da jarduketa neurgailutik valorea hartu. - Errorea: bolumenak formatu okerra dauka. - Errorea: Ezkutuko bolumen baten pasahitza sartu duzu (ez ohiko bolumen batena). - Sekurtasun arrazoiengatik, ezkutuko bolumen bat ezin da sortu True Crypt bolumen batean, non 'bertan' zifratu den fitxategi sistema dagoen (hutsik dagoen tokia ez delako ausazko datuekin bete). - VeraCrypt - Ohar Legalak - Fitxategi Guztiak - VeraCrypt Bolumenak - Liburutegi Moduluak - NTFS formataketak ezin du jarraitu. - Ezin da bolumena muntatu. - Ezin da bolumena desmuntatu. - Windows-ek bolumena NTFS moduan formatatzerakoan huts egin du.\n\nMesedez, fitxategi sistema mota ezberdina aukeratu (ahal bada) eta berriro saiatu. Bestela, bolumena formaturik gabe utzi ("Ezer" aukeratu fitxategi sistema bezela) eta laguntzaile honetatik irten. Gero, bolumena muntatu eta sistemaren edo hirugarren baten tresna bat erabili muntatutako bolumena formatatzeko (bolumena zifratuta jarraituko du). - Windowsek bolumena NTFS erara formateatzerakoan huts egin du.\n\nBolumena FAT erara formateatu nahi al duzu? - Lehenetsitako - partizioa - PARTIZIOA - Gailua - gailua - GAILUA - Bolumena - bolumena - BOLUMENA - Etiketa - Aukeratutako klusterraren tamaina txikiegia da bolumen tamaina honetarako. Kluster tamaina handiagoa erabiliko da. - Errorea: Ezin izan da bolumenare tamaina irakurri!\n\nZihurta zaitez ez dagoela bolumena erabiltzen ari den sistema edo aplikaziorik. - Ezkutuko bolumenak ezin dira edukiontzi dinamikoetan (fitxategi mehatzetan) sortu. Ezeztapen onargarria lortzeko ezkutuko bolumena dinamikoa ez den edukiontzi baten barruan sortu behar da. - VeraCrypt-en Bolumen Sorreraren Laguntzaileak FAT edo NTFS bolumen batean bakarrik sortu dezake ezkutuko bolumen bat. - Windows 2000 erabilita, VeraCrypt-en Bolumen Sorreraren Laguntzaileak FAT bolumen baten barruan sortu dezake ezkutuko bolumen bat. - Oharra: FAT fitxategi sistema NTFS fitxategi sistema baino hobeagoa da kanpoko bolumenentzako (adibidez, ezkutuko bolumen baten tamaina ziurenik askoz handiagoa izango da FAT moduan formatatutako kanpoko bolumen batean). - Ohartu zaitez FAT fitxategi sistema NTFS fitxategi sistema baino hobeagoa dela. Adibidez, ezkutuko bolumen baten tamaina ziurenik askoz handiagoa izango da FAT moduan formatatutako kanpoko bolumen batean (honen arrazoia NTFS fitxategi sistemak bere barne datuak bolumenaren erdian gordetzen dituelako da, honen ondorioz ezkutuko bolumena bakarrik kanpoko bolumenaren bigarren erdian egon daiteke).\n\nZiur zaude kanpoko bolumena NTFS moduan formatatu nahi duzula? - Horren ordez, bolumena FAT formatuan formatatu nahi al duzu? - Oharra: Bolumen hau ezin da FAT moduan formatatu, FAT32 fitxategi sistemak onartzen duen bolumen tamaina handiena baino handagoa baita erabili daitekeen sektore tamainarekin (2 TB 512 byteko sektoreekin eta 16TB 4096 byteko sektoreekin). - Errorea: Ezkutuko sistemare eragilearen partizioa (adib. sistemaren partizioaren atzean dagoen hurrengoa) gutxienez sistemaren partizioa (hau da, orain martxan dagoen sisstema eragilea instalatuta dagoen partizioa) baino %5 handiagoa izan behar du. - Errorea: Ezkutuko sistema eragilearentzako partizioaren tamaina (hau da, sistemakoaren atzean dagoen lehenengo partizioa) gutxienez sistemaren partizioaren (sistemaren partizioa orain martxan dagoen sistema eragilea ostatzen duena da) tamainaren %110 izan behar da (2,1 aldiz). Honen arrazioa, NTFS fitxategi sistemak bere barneko datuak beti bolumenaren erdian gordetzen dituela da eta, horregatik, ezkutuko bolumena (zein sistemaren partizoaren klon bat edukiko duen) bakarrik partizioaren bigarren zatian egon daiteke. - Errorea: Kanpoko bolumenak NTFS formatua badauka, gutxienez %110 (2,1 aldiz) sistemako partizioa baino handiagoa izan behar du. Honen arrazoia NTFS-ek beti bere datuak bolumenaren erdialdean gordetzen dituela da, eta horregatik ezkutuko bolumena (sistemaren partizioaren klon bat daukana) bakarrik kanpoko bolumenaren bigarren erdian ostatu daiteke.\n\nOharra: Kanpoko bolumena ezkutuko sistema eragilearen partizio berean ostatu behar da (hau da, sistemaren partizioaren hurrengo partizioan). - Errorea: Ez dago partiziorik sistemaren partizioaren atzean.\n\nOhartu zaitez ezkutuko sistema eragilea egin baino lehen, sistemaren unitatean partizio bat sortu behar diozula. Sistemaren partizioaren atzean dagoen lehendabiziko partizioa izan behar du eta gutxienez hau baino %5 handiagoa izan behar du (sistemaren partizioa orain martxan dagoen sistema eragilea instalatuta dagoen partizioa da).Hala ere, kanpoko bolumena (kontuz, ez nahasi sistemaren partizioarekin) NTFS formatua badauka, ezkutuko sistema eragilearen partizioak gutzienez %110 (2,1 aldiz) handiagoa izan behar du sistemako partizioa baino (honen arrazioa, NTFS fitxategi sistemak bera barneko datuak beti bolumenaren erdian gordetzen dituelako da eta horregatik, ezkutuko bolumena, zein sistemaren partizioaren klon bat den, bakarrik partizioaren bigarren zatian ostatu daiteke). - Ohar garrantzitsua: Ez da praktikoa (eta, hortaz, ez dago onartua) partizio bakarrean dauden bi VeraCrypt bolumenetan sistema eragileak instalatzea, honen arrazoia ondorengoa da: kanpoko sistema eragilea askotan behar izango du ezkutuko sistema eragilearen gunean datuak idaztea (eta idazktea eragiketa horiek ezkutuko bolumenak daukan babes funtzioak eragotzi egingo balitu, horrek sistemaren krsakadura eragingo luke, hau da 'Pantaila Urdineko' erroreak). - Partizioak nola sortu eta kudeatzeko informazioa lortzeko, zure sistema eragilearekin datorren dokumentazioa irakurri ezazu edo zure ordenagailuaren saltzailearen zerbitzu teknikoarekin harremanetan jarri zaitez laguntza eske. - Errorea: Martxan dagoen sistema eragilea ez dago hasieraketa partizioan instalatuta (lehendabiziko partizio aktiboa). Hau ez da onartzen. - VeraCrypt bolumen honetan 4GB baino gehiagoko fitxategiak gordetzeko asmoa zeneukala adierazi duzu. Hala ere, FAT fitxategi sistema aukeratu duzu, zein ez duen 4GB baino gehiagoko fitxategirik onartzen.\n\nZiur zaude bolumena FAT moduan formatatu nahi duzula? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Errorea: Ezin da bolumena aurkitu!\n\nZiurtatu zaitez bolumena esistitzen dela, muntatuta ez dagoela, ez dagoela beste aplikaziorik edo sistemarik hori erabiltzen, bolumenean irakurri eta idazteko beimanak dituzula eta ez dagoela idazketaren aurka babesturik. - Error: Cannot obtain volume properties. - Errorea: Ezin da bolumena aurkitu eta/edo bolumenari buruzko informazioa lortu.\n\nZiurtatu zaitez bolumena esistitzen dela, ez dagoela beste aplikaziorik edo sistemarik hori erabiltzen, bolumenean irakurri eta idazteko beimanak dituzula eta ez dagoela idazketaren aurka babesturik. - Errorea: Ezin izan da bolumenera irakurri edo/eta hari buruzko informazioa lortu. Ziurtatu zaitez bolumena esistitzen dela, erabiltzen ari den sistema eta aplikaziorik ez dagoela, bolumenean irkurri eta idazteko baimena duzula eta idazketaren aurkako babesik ez duela.\n\nArazoak jarraitzen badu, hurrengo pausoak jarraitzeak lagundu dezake. - Errore batek partizioaren zifraketa eragotzi du. Adierazitako erroreak konpontzen saiatu zaitez eta berriro saiatu. Arazoek jarraitzen badute, hurrengo instrukzioak jarraitzeak lagundu dezake. - Errore batek partizioaren zifratze prozesuaren jarraipena eragotzi du.\nMesedez, hau baino lehen arazorik aipatu badira, hauek konpontzen saiatu eta berriz prozesua jarratzen saiatu zaitez. Ohartu zaitez bolumena ezin dela muntatu guztiz zifratuta dagoen arte. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Errorea: Ezin izan da kanpoko bolumena desmuntatu!\n\nBolumena ezin da desmuntatu sistemak edo programek han dauden fitxategi edo karpetak erabiltzen ari badira.\n\nMesedez, bolumenean dauden fitxategiak edo karpetak erabiltzen ari daitekeen programak itxi eta 'Berriro Saiatu klikatu. - Errorea: Ezin izan da kanpoko bolumenari buruz informazioa eskuratu.\nBolumenaren sorrerak ezin du jarraitu. - Errorea: Ezin izan da kanpoko bolumenara heldu! Bolumenaren sorrerak ezin du jarraitu. - Errorea: Kanpoko bolumena ezin da muntatu. Bolumenaren sorrerak ezin du jarraitu. - Errorea: Ezin izan da kusterraren bitmapa irakurri! Bolumenaren sorrera prozesuak ezin du jarraitu. - Alfabetikoki/Kategorikoki - Batez besteko Abiadura (Beherantz) - Algoritmoa - Zifraketa - Argiketa - Batez Beste - Unitatea - Tamaina - Zifratzeko Algoritmoa - Zifratzeko Algoritmoa - Mota - Balioa - Ezaugarria - Kokalekua - byteak - Ezkutukoa - Kanpokoa - Normala - Sistema - Ezkutukoa (sistema) - Irakurri-Bakarrik - Sistemaren unitatea - Sistemaren unitatea (zifratzen - %%.2f% eginda) - Sistemaren unitatea (argitzen - %%.2f% eginda) - Sistemaren unitatea (%%.2f% zifratuta) - Sistemaren partizioa - Ezkutuko sistemaren partizioa - Sistemaren partizioa (zifratzen - %%.2f% egindae) - Sistemaren partizioan (argitzen - %%.2f% eginda) - Sistemaren partizioa (%%.2f% zifratuta) - Bai (kaltea eragotzita!) - Ezer - Gako Nagusiaren Tamaina - Bigarren Mailako Gakoaren Tamaina (XTS Modua) - Tweak Gakoaren Tamaina (LRW Modua) - bitak - Blokearen Tamaina - PKCS-5 PRF - PKCS-5 Iterazio Zenbaketa - Bolumena sortu da - Goiburuaren azken aldaketa - (orain dela %I64d egun) - Bolumenaren formatuaren bertsioa - Kapsulatutako Goiburuaren Babeskopia - VeraCrypt Hasieraketa Kargatzailearen Bertsioa - Lehen hutsunea - Disko Aldagarria - Disko Gogorra - Aldatu Gabea - Autodetection - Laguntzaile Modua - Modu hauetako bat aukeratu. Ziur ez bazaude, lehenetsitako modua aukera ezazu. - Aukera hau hautatu ezazu sistema honetan VeraCrypt instalatu nahi baduzu. - Oharra: Argitu gabe eguneratu dezakezu sistemaren partizioa/unitatea zifratuta egon edo ezkutuko sistema eragilea erabiltzen ari zaren arren. - Aukera hau hautatzen baduzu, fitxategi guztiak paketetik aterako dira baina ez da ezer sisteman instalatuko. Ez ezazu aukera hau hautatu sistemaren partizioa edo sistemaren unitatea zifratu nahi baduzu. Aukera hau hautatzea lagungarria izan daiteke, adibidez, VeraCrypt modu eramangarrian erabili nahi baduzu. VeraCrypt ez da instalatu behar gero erabiliko den sisterma eragilean. Fitxategi guztiak atera eta gero, 'VeraCrypt.exe' fitxategia zuzenean executatu dezakezu (VeraCrypt modu eramangarrian executatuko da). - Konfigurazio Aukerak - Hemen instalatze prozesua kontrolatzeko aukerak aldatu ditzakezu. - Instalatzen - Mesedez, itxaron VeraCrypt instalatzen den bitartean. - VeraCrypt ondo instalatu egin da - VeraCrypt ondo eguneratu egin da - Mesedez diru-emate bat egitea hausnartu ezazu. Edozein momentutan 'Bukatu' sakatu dezakezu instalatzailea ixteko. - Ateratze Aukerak - Hemen ateratze prozesua kontrolatzeko aukerak aldatu ditzakezu. - Ixaron ezazu fitxategiak ateratzen diren bitartean, mesedez. - Fitxategiak ondo atera dira - Fitxategi guztiak arazorik gabe helburu tokira atera dira. - Aukeratutako karpeta existitzen ez bada, automatikoki sortuko da. - VeraCrypt-en programaren fitxategiak eguneratuko dira VeraCrypt instalatuta dagoen tokian. Beste toki bat aukeratu nahi baduzu, lehendabizi TryeCrypt desinstalatu beharko duzu. - TrueCypt-en oraingo (egonkorra den azkenekoa) bertsioaren argitaratze oharrak ikusi nahi al dituzu? - VeraCrypt inoiz erabili ez baduzu, VeraCrypt-en Erabiltzaile Gidaren Hasiberrientzako Tutoriala kapituloa irakurtzea gomendatzen dugu. Tutoriala ikusi nahi? - Hondoko ekintza hauetatik aukeratu zein egin nahi duzun: - Konpondu/Berinstalatu - Eguneratu - Desinstalatu - VeraCrypt instalatzeko/desinstalatzeko administratzaile baimenak izan behar dituzu. Jarraitu nahi al duzu? - VeraCrypt-en instalatzailea dagoeneko martxan dago sistema honetan instalazio bat egiten edo prestatzen edo VeraCrypt-en eguneraketa batekin. Jarraitu baino lehen, mesedez, bukatzen den arte itxaron ezazu edo itxi ezazu. Ezin baduzu itxi, mesedez, zure ordenagailua berrabiatu ezazu jarraitu baino lehen. - Instalazioak huts egin du. - Desinstalazioak huts egin du. - Banaketaren pakete hau hondatuta dago. Mesedez, saiatu zaitez berriro deskargatzen (hobe VeraCrypt-en weborri ofizialetik https://veracrypt.codeplex.com). - Ezin da %s fitxategia idatzi - Ateratzen - Ezin da paketeko informazioa irakurri. - Distribuzio honen paketearen osotasuna ezin da egiaztatu. - Ateratzerakoan huts egin du. - Instalazioa bere lehendabiziko egoerara itzuli da. - TrueCryp instalatu egin da. - VeraCrypt eguneratu da. - VeraCrypt ondo eguneratu da. Ala ere, erabiltzen hasi baino lehen, ordenagailua berrabiatu egin behar da.\n\nOrain berrabiatu nahi al duzu? - VeraCrypt ezin izan da eguneratu !\n\nGARRANTZITSUA: Sistema itzali edo berrabiatu baino lehen, gogor gomendatzen dugu Sistemaren Berreskuratzea erabiltzea (Windows-en Hasiera menua > Programa Guztiak > Osagarriak > Sistemaren Tresnak > Sistemaren Berreskuratzea) eta 'VeraCrypt-en instalazioa' deritzon berreskuratze puntura bueltatzea. Sistemaren Berreskuratzea ez baldin badago eskuragarri, VeraCrypt-en bertsio zaharra edo berria berriz instalatzen saiatu beharko zinateke sistema itzali edo berrabiatu baino lehen. - VeraCrypt desinstalatu egin da.\n\n'Bukatu' sakatu VeraCrypt instalatzailea eta %s karpeta ezabatzeko. Ohartu zaitez karpeta ez dela ezabatuko bertan VeraCrypt-en instalatzaileak edo VeraCrypt-ek berak sortu ez dituen fitxategiak baldin badaudet. - VeraCrypt-en erregsitro sarrerak kentzen - Erregistroaren sarrera idazten - Aplikazioaren datu espezifikoak ezabatzen - Instalatzen - Gelditzen - Kentzen - Ikonoa gehitzen - Sistemaren Berreskuratze Puntua Sortzen - Ezin izan da Sistemaren Berreskuratze Puntua sortu! - Hasieraketa kargatzailea eguneratzen - '%s' instalatzerakoan huts egin du. %s\nInstalatzen jarraitu nahi al duzu? - '%s' desinstalatzerakoan huts egin du. %s\nDesinstalatzen jarraitu nahi al duzu? - Inslatazioa bukatu da. - '%s' karpeta ezin izan da sortu - VeraCrypt gailu erabiltzailea ezin da deskargatu.\n\nMesedez, lehendabizi VeraCrypt lehio guztiak itxi itzazu. Honek konpontzen ez badu, Windows berrabiatu eta berriro saiatu zaitez, mesedez. - VeraCrypt bolumen guztiak desmuntatu behar dira VeraCrypt instalatu edo desinstalatu baino lehen. - Sisteman VeraCrypt-en bertsio zaharkitu bat instalatuta dago. VeraCrypt-en bertsio berri hau instalatu baino lehen desinstalatu egin behar da.\n\nMezu lehio hau itxi bezain laister, bertsio zaharraren desinstalatzailea abiatuko da. Ohartu zaitez, ez dela bolumenik argituko VeraCrypt desinstalatzerakoan. VeraCrypt-en bertsio zaharra desinstalatu eta gero, VeraCrypt-en bertsio berriaren instalatzailea berriz abiatu ezazu.. - Erregistroko sarrerak instalatzerakoan huts egin du - Gailuaren kontrolatzailearen instalazioak huts egin du. Mesedez, Windows berrabiatu eta VeraCrypt berriro instalatzen saiatu zaitez. - VeraCrypt-en gailu kontrolatzailea hasieratzen - Gailuaren kontrolatzailearen desinstalatzeak huts egin du. Ohartu zaitez, Windowsen arazo batengatik, beharrezkoa izan daitekeela saioa amaitzea edo sistema berrabiatzea gailuaren kontrolatzailea desinstalatzeko (edo berrinstalatzeko). - VeraCrypt-en gailu kontrolatzailea instalatzen - VeraCrypt-en gailu kontrolatzailea gelditzen - VeraCrypt-en gailu kontrolatzailea desinstalatzen - Erabiltzaileen Kontuen Kontrolerako liburutegiaren erregistratzeak huts egin du. - Erabiltzaileen Kontuen Kontrolerako liburutegia erregistrotik ezabatzerakoan huts egin du. - Modu eramangarriari buruzko oharra:\n\nOhartu zaitez sistema eragileak kontrolatzaileak erregistratu behar dituala erabili ahal izan baino lehen. Hortaz, VeraCrypt kontrolatzailea ez da guztiz eramangarria (eta ezin izango da). Ohartu zaitez ere, VeraCrypt-ek kontrolatzaile hori behar duela momentuan eta gardentasunez zifraketa eta argitzea emateko. - Ohartu zaitez VeraCrypt modu eramangarrian erabiltzen baduzu (instalatutako VeraCrypt-en kopia bat erabili ordez), exakutatzen saiatzen zaren bakoitzean sistemak hori egiteko baimena eskatuko dizu (UAC mezua).\n\nHonen arrazoia VeraCrypt modu eramangarrian erabiltzen denean VeraCrypt gailu kontrolatzailea kargatu behar duela da. VeraCrypt-ek gailu kontrolatzaile behar du zifratze/argitze gardena egiteko, eta administratzaile baimenik gabeko erabiltzaileek ezin dute Windowsen gailu kontrolatzailerik abiatu. Horregatik, sistemak baimena eskatuko dizu VeraCrypt administratzaile baimenekin exekutatzeko (UAC mezua)\n\n.Ohartu zaitez VeraCrypt sisteman instalatzen baduzu (VeraCrypt modu eramangarrian erabili ordez), sistemak EZ dizu baimenik eskatuko VeraCrypt exekutatzeko (UAC mazua) erabiltzen saiatzen zaren bakoitzean.\n\nZiur zaude fitxategiak atera nahi dutuzula? - Kontuz: Bolumen Sortzailearen Laguntzaile honen instanzia adimistratzaile baimenak dauzka.\n\nSortzen ari zaren bolumen berria muntatuta dagoenean idazteko baimenik ez izateko arriskua dago. Hori sahiestu nahi baldin baduzu, Bolumen Sortzailearen Laguntzailearen instanzia hau itxi eta berria abiaratu administratzaile baimenik gabe.\n\nBolumen Sortzailearen Laguntzailearen instanzia hau itxi nahi al duzu? - Errorea: Ezin da lizentzia erakutsi. - Kanpoko(!) - egunak - orduak - minutuaks - s - Ireki - Desmuntatu - VeraCrypt Erakutsi - VeraCrypt Ezkutatu - Muntaketatik Irakurritako Datuak - Muntaketatik Idatzitako Datuak - Zifratutako zatia - %100 (osorik zifratuta) - %0 (zifratu gabe) - %%%.3f - %100 - Itxaroten - Prestatzen - Neurriz aldatzen - Zifratzen - Argitzen - Bukatzen - Etenda - Bukatuta - Errorea - Gailua deskonektatu da - Sistemaren gogoko bolumenak gorde dira.\n\nSistemaren gogoko bolumenak muntaketa gaitzeko, mesedez 'Aukerak' > 'Sistemaren Gogoko BOlumenak' ' Sistemaren gogoko bolumenak muntatu Windows hasieratzen denean' aukeratu ezazu. - Gogokoetara gehitzen ari zaren bolumena ez da partizio bat ezta bolumen dinamiko bat. Hortaz, VeraCrypt ezin izango du gogoko bolumen hau gailu zenbakia aldatzen zaionean. - Gogokoetara gehitzen ari zaren bolumena Windows-ek ez du partiziotzat hartzen.\n\nVeraCrypt-ek ezingo du gogoko bolumen hau muntatu gailu zenbakia aldatzen bada. Mesedez, partizioaren mota aldatu ezazu Windowsek ezagutzen duen batera (Windowsen 'diskpart' tresnan SETID komandoa erabili ezazu). Ondoren partizioa gogokoetara gehitu ezazu. - VeraCrypt-en Ezkutuko Ataza ezgaituta edo muntatutako bolumenik ez dagoenean bukatzeko konfiguratuta dago (edo VeraCrypt modu eramangarrian exekutatzen ari da). Honek gailu bat konektazerakoan bertan ostatuta dauden gogoko bolumenak automatikoki muntatzea eragotzi dezake.\n\nOharra: VeraCrypt-en Ezkutuko Ataza gaitzeko, Aukerak > Lehentasunak aukeratu eta ondoren 'Gaituta' laukia markatu ezazu 'VeraCrypt-en Ezkutuko Ataza' gunearen barruan . - Sare bitartez konpartituta eta urrun dagoen fitxategi sistema batean dagoen edukiontzi bat bat ezin da automatikoki muntatu gailu ostalaria konektatzerakoan. - Azpian erakusten den gailua ez da partizio bat ezta bolumen dinamiko bat. Hortaz, gailuan ostatuta dagoen bolumena ezin da automatikoki muntatu gailua konektatzen denean. - Mesedez, azpian agertzen den partizioaren mota aldatu ezazu Windowsek ezagutzen duen batera (Windowsen 'diskpart' tresnak daukan SETID komandoa erabiliz). Ondoren partizioa gogokoetatik kendo eta berriz gehitu ezazu. Honekin gailua konektatzerakoan bertan ostatuta dagoen bolumena automatikoki muntatzea lortuko duzu. - Azpian dagoen gailua ez da, ez partizio bat, ez bolumen dinamiko bat. Horregatik, ezin zaio etiketarik jarri. - Mesedez, azpian agertzen den partizioari mota aldatu iezaiozu Windowsek ezagutzen duen mota batera (Windowsen 'diskpart' tresnak daukan SETID komandoa erabiliz). Ondoren partizioa gogokoetatik kendu eta berriz ere gehitu ezazu. Honek partizioari etiketak gehitzea ahalbidetuko dizu. - Windowsen limitazio batengatik, sare bidez banatzen den urrutiko fitxategi sistema batean dagoen edukiontzi bat ezin da sistemaren gogoko bezala muntatu (hala ere, gogoko bolumen arrunt bat bezela muntatu daiteke erabiltzaileak sesioa hasterakoan). - %s-rentzako pasahitza sartu - '%s'-rentzako pasahitza sartu - Bolumen normalaren/kanpokoaren pasahitza sartu - Ezkutuko bolumenarentzako pasahitza sartu - Babeskopia fitxategian gordetako goiburuaren pasahitza sartu - Gako-fitxategia sortu egin da. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - KONTUZ: Bolumen honen goiburua hondatuta dago! VeraCrypt-ek automatikoki bolumenean kapsulatua dagoen goiburuaren babeskopia eraibliko du.\n\nBolumena konpondu beharko zenuke 'Tresnak' > 'Bolumenaren Goiburua Leheneratu' aukeratuz. - Bolumenaren goiburuaren babeskopia sortu egin da.\n\nGARRANTZITSUA: Bolumenaren goiburua leheneratzen baduzu babeskopia hau erabiliz bolumenaren oraingo pasahitza izango du. Gainera, bolumena muntatzeko gako-fitxategiak beharrezkoak badira, gako-fitxategi berdinak beharrezkoak izango dira bolumenaren gohiburua leheneratu eta gero bolumena muntatzeko.\n\nKONTUZ: Bolumenaren goiburuaren babeskopia BAKARRIK bolumen zehatz honen goiburua leheneratzeko balio du. Goiburuaren babeskopia hau bolumen ezberdin baten goiburua leheneratzeko erabiltzen baduzu, bolumena muntatzeko gai izango zara, baina EZIN izango duzu han gordetako daturik argitu (bere gako nagusia aldatuko baituzu). - Bolumenaren goiburua leheneratu egin da.\n\nGARRANTZITSUA: Ohartu zaitez pasahitz zaharra leheneratu egin dela ere. Babeskopia egin zenean bolumena muntatzeko gako-fitxategirik behar bazen, gako fitxategi berdinak beharrezkoak dira orain bolumena berriro muntatzeko. - Sekurtasun arrazoiengatik, bolumenaren pasahitz zuzena (edo gako-fitxategi zuzenak) sartu beharko duzu.\n\nOharra: Bolumenak ezkutuko bolumena badauka, lehendabizi kanpoko bolumenaren pasahitz zuzena (edo gako-fitxategi zuzenak) sartu beharko duzu. Ondoren, ezkutuko bolumenaren goiburuaren babeskopia egitea aukeratzen baduzu, ezkutuko bolumenaren pasahitz zuzena (edo gako-fitxategi zuzenak) sartu beharko duzu. - Ziur zaude %s bolumenaren goiburuaren babeskopia egin nahi duzula?\n\n'Bai' klikatu eta gero, goiburuaren babeskopiarentzako fitxategi izen bat eskatuko da.\n\nOharra: Bolumen normalaren eta ezkutuko bolumenaren goiburuak berriz zifratuko dira ausazko datu ezberdinekin eta babeskopia fitxategian gordeko dira. Bolumen honetan ezkutuko bolumenik ez badago, babeskopia fitxategian ezkutuko bolumenarentzat dagoen tokia ausazko datuekin beteko da (ezeztapen onargarria mantentzeko). Bolumenaren goiburua babeskopia fitxategitik leheneratzerakoan, bolumenaren babeskopia sortu zen momentuko pasahitz zuzena (edo/eta gako fitxategi zuzenak) sartu behar izango duzu. Pasahitzak (edo/eta gako fitxategiek) erabakiko dute ere ze bolumenaren goiburua leheneratuko den, normala edo ezkutukoa (ohartu zaitez VeraCrypt-ek hau erabakitzen duela saiaketa eta errore prozesu baten bitartez). - Ziur zaude %s -ren bolumenaren goiburua leheneratu nahi duzula?\n\nKONTUZ: Bolumenaren goiburua leheneratzeak bolumenaren pasahitza leheneratzen du ere, babeskopia egin zenean erabiltzen zenera, hain zuzen ere. Babeskopia egin zenean bolumena muntatzeko gako-fitxategirik behar bazen, bolumenaren gohiburua leheneratu eta gero gako-fitxategi berdinak behar izango dira berriro bolumena muntatzeko.\n\n'Bai' sakatu eta gero, goiburuaren babeskopia fitxategia aukeratuko duzu. - Bolumen honek ezkutuko bolumenik ba al dauka? - Bolumenak ezkutuko bolumen bat dauka - Bolumenak ez dauka ezkutuko bolumenik - Mesedez, erabili nahi duzun bolumenaren goiburuaren babeskopia mota aukeratu ezazu: - Bolumenaren gohiburua leheneratu bolumenean kapsulatuta dagoen babeskopiatik - Bolumenaren gohiburua leheneratu kanpoko babeskopia fitxategi batetik - Bolumenaren goiburuaren babeskopia fitxategiaren tamaina ez da zuzena. - Bolumen honetan ez dago kapsulatutako goiburuaren babeskopiarik (Ohartu zaitez VeraCrypt 6.0 edo geroagoko programekin sortutako bolumenek bakarrik daukatela kapsulatutako goiburuaren babeskopiak). - Sistemaren partizioa/unitatearen goiburuaren babeskopia egiten saiatzen ari zara. Hau ez dago onartua. Sistemaren unitate/partizioaren babeskopia egiteko edo babeskopiatik leheneratzeko beharrezkoa da VeraCrypt Salbatze Diska erabiltzea.\n\nVeraCrypt-en Salbatze Diska sortu nahi? - VeraCrypt bolumen birtual baten goiburua leheneratzen saiatzen ari zara baina sistemaren partizio/unitatearen bolumena aukeratu duzu. Hau ez dago onartuta. Sistemaren partizioa/unitatean babeskopia eta leheneratze eragiketak VeraCrypt Salbatze Diska erabiliz bakarrik egin daitezke.\n\nVeraCrypt Salbatze Diska sortu nahi? - 'Ados' sakatu eta gero, VeraCrypt-en Salbatze Diskaren ISO irudia gordetzeko izena eta hura gorde nahi duzun tokia hautatu beharko dituzu - Salbatze Diskaren irudia sortu da eta fitxategi honetan gorde da:\n%s\n\nOrain Salbatze Diskaren irudi hori CD edo DVD batean idatzi behar duzu.\n\nGARRANTZITSUA: Ohartu zaitez fitxategia ISO diska irudi baten moduan idatzi behar dela CD/DVD-an (ez fitxategi bat bezala). Hori egiteko informazio gehiago behar baduzu, zure CD/DVD-ak grabatzeko softwarearen dokumentazioa irakurri ezazu.\n\nSalbatze Diska idatzi eta gero, 'Sistema' > 'Salbatze Diska egiaztatu' aukeratu ezazu ondo idatzi dela ziurtatzeko. - Salbatze Diska sortu da eta ondorengo fitxategian sortu da:\n%s\n\nOrain Salbatze Diskaren irudia CD edo DVD batean idatzi behar duzu.\n\nMicrosoft Windows-en Diska Irudi Idazlea abiatu nahi al duzu?\nOharra: Salbatze Diska idatzi eta gero, 'Sistema' > 'Salbatze Diska Egiaztatu' aukeratu ezazu ondo idatzi dela ziurtatzeko. - Mesedez, zure VeraCrypt Salbatze Diska zure CD/DVD unitatean sartu ezazu eta Ados klikatu hura egiaztatzeko. - VeraCrypt salbatze diska arazorik aurkitu gabe egiaztatu da. - Ezin da egiaztatu Salbatze Diska akatsik gabe idatzi dela.\n\nSalbatze Diska idatzi baduzu, mesedez, CD/DVD-a atera eta berriz sartu ezazu; gero berriro saiatu. Honek laguntzen ez badu, saiatu zaitez CD/DVD-ak idazteko beste programa batekin edo beste gailu batean idazten.\n\nBeste gako nagusi, pasahitz e.a. ezberdin batentzako sortu den VeraCrypt Salbatze Diska egiaztatzen saiatzen bazara, ohartu zaitez Salbatze Diskak egiaztatze honetan beti errorea emango duela. Daukazun konfigurazioarekin guztiz bateragarria den Salbatze Diska Sortzeko, 'Sistema' > 'Salbatze Diska Sortu' aukeratu ezazu. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - TrueCryp-en Salbatze Diska Sortzerakoan Errorea. - VeraCrypt-en Salbatze Diska ezin da sortu ezkutuko sistema eragile bat martxan dagoenean.\n\nVeraCrypt-en Salbatze Diska sortzeko, sistema eragile amua hasieratu eta 'Sistema' > 'Salbatze Diska Sortu' aukeratu ezazu. - >Ezin da egiaztatu Salbatze Diska akatsik gabe idatzi dela.\n\nSalbatze Diska idatzi baduzu, mesedez, CD/DVD-a atera eta berriz sartu ezazu; gero 'Hurrengoa' sakatu eta berriro klik egin ezazu. Honek lagunzten ez badu beste gailu batekin %s saiatu zaitez.\n\nSalbatze Diska oraindik idatzi ez baduzu, mesedez, hori egin ezazu eta 'Hurrengoa' sakatu\n\nLaguntzaile hau hasi baino lehen egindago VeraCrypt Salbatze Diska bat egiaztatzen saiatzen bazara, ohartu zaitez Salbatze Diska hori ezin izango dela erabili, gako nagusi ezberdin batentzako sortu baitzen. Orain sortutako Salbatze Diska idatzi behar duzu. - edo/eta beste CD/DVDak grabatzeko softwarea - VeraCrypt - Sistemaren Gogoko Bolumenak - Zer dira sistemaren gogoko bolumenak? - Sistemaren partizio/unitatea ez dirudi zifratuta dagoenik.\n\nSistemaren gogoko bolumenak bakarrik hasieraketa aurreko kautotze pasahitz batekin muntatu daitezke. Horregatik, sistemaren gogoko bolumenak erebili ahal izateko, lehendabizi sistemaren partizio/unitatea zifratu behar duzu. - Mesedez bolumena desmuntatu jarraitu baino lehen. - Errorea: Kronometroa ezin da jarri. - Fitxategi sistema egiaztatu - Fitxategi sistema konpondu - Gogokoetara Gehitu... - Sistemaren Gogokoetara Gehitu... - &Ezaugarriak... - Ezkutuko Bolumena Babestuta - E/B - Bai - Ez - Ezgaituta - 1 - 2 edo gehiago - Eragiketa modua - Etiketa: - Tamaina: - Helbidea: - Unitatearen Letra: - Errorea: Pasahitzak ASCII karaktereak bakarrik izan ditzake.\n\nSistemaren konfigurazioa aldatzen bada pasahitzan dauden ASCII ez diren karaktereak muntaketa eragotzi dezakete.\n\nHurrengo karaktereak erabili daitezke:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Kontuz: Pasahitzak ASCII ez diren karaktereak ditu. Honek bolumena ezin muntatzea eragin dezake zure sistemaren konfigurazioa aldatzen bada.\n\nPasahitzan dituzun ASCII ez diren karaktereak ASCII karaktereen ordez aldatu beharko zenituzke. Hau egiteko, 'Volumenak' -> 'Change Volume Password' sakatu ezazu. Ondorengo hauek ASCII karaktereak dira:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - KONTUZ: Gogor gomendatzen dugu fitxategi exekutagarrien fitxategi luzapenak (adibidez, .exe, .sys, edo .dll) eta bestelako arazodun fitxategi luzapenak ez erabiltzea. Fitxategi luzapen hauek erabiltzeak Windows eta antibirusek edukiontzietan oztopatzea ekartzen du, honek bolumenaren abiaduran eragin okerra dauka eta beste arazo garrantzitsuak sortu ditzake.\n\nGogor gomendatzen dugu fitxategiaren luzapena kentzea edo aldatzea (adibidez '.hc'-ra).\n\nZiur zaude arazoak ematen dituen fitxategi luzapena erabili nahi duzula? - KONTUZ: Edukiontziak fitxategi exekutagarrientzako erabiltzen den luzapena dauka (adibidez, .exe, .sys, edo .dll) edo arazoak sortu ditzaken antzeko luzapen bat. Fitxategi luzapen hauek erabiltzeak Windows eta antibirusek edukiontzietan oztopatzea ekartzen du, honek bolumenaren abiaduran eragin okerra dauka eta beste arazo garrantzitsuak sortu ditzake.\n\nGogor gomendatzen dugu fitxategiaren luzapena kentzea edo aldatzea (adibidez '.hc'-ra) bolumena desmuntatu eta gero. - Horri-Nagusia - KONTUZ: Badirudi ez diozula Service Pack-ik instalatu zure Windowseko instalazioari. Ez zenuke idatzi behar 128GB baino gehiago dituzten IDE diskoetan Service Pack 1 edo gehiago ez duten Windows XP-tan! Egiten baduzu, diskan dauden datuak (berdin dio VeraCrypt bolumen bat den edo ez) hondatu daitezke. Ohartu zaitez hau Windowsen muga bat dela, ez VeraCrypt-en akats bat. - KONTUZ: Badirudi ez diozula Service Pack edo ondorengorik jarri zure Windows instalazioari. Ez zenuke idatzi behar 128GB baino gehiago dituzten IDE diskoetan Service Pack 3 edo gehiago ez duten Windows 2000-tan! Egiten baduzu, diskan dauden datuak (berdin dio VeraCrypt bolumen bat den edo ez) hondatu daitezke. Ohartu zaitez hau Windowsen muga bat dela, ez VeraCrypt-en akats bat.\n\nOharra: Horretaz gain, agian 48 bit-eko LBA onartzea gaitu beharko duzu erregistroan; informazio gehiago nahi baduzu, http://support.microsoft.com/kb/305098/EN-US begiratu ezazu. - KONTUZ: 48 bit-eko LBA ATAPI onartzea ezgaituta dago zure sisteman. Horregatik ez zenuke idatzi behar 128GB baino gehiago dituzten IDE diskoetan. Egiten baduzu, diskan dauden datuak (berdin dio VeraCrypt bolumen bat den edo ez) hondatu daitezke. Ohartu zaitez hau Windowsen muga bat dela, ez VeraCrypt-en akats bat.\n\n 48 bit-eko LBA onatzea gaitzeko, 'EnableBigLba' erregistroaren balioa sartu ezazu HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters erregistroaren sarreran eta 1 balioa emaiozu.\n\nInformazio gehiago nahi baduzu, http://support.microsoft.com/kb/305098 begiratu ezazu. - Errorea: 4GB baino gehiagoko fitxategiak ezin dira FAT fitxategi sisteman gorde. Horregatik, FAT32 fitxategi sisteman dauden fitxategian ostatutako VeraCrypt bolumenak (edukiontziak) ezin dira izan 4GB baino handiagoak.\n\nBolumen handiago bat behar baduzu, NTFS fitxategi sisteman sortu dezakezu (edo, Windows Vista SP1 edo gehiago erabiltzen baduzu, exFAT fitxategi sisteman) edo, fitxategian ostatutako bolumen baten ordez, gailu edo partizio osoa zifratu dezakezu. - Kontuz: Windows XP-ek ez ditu 2048GB baino gehiagoko fitxategiak onartzen ("Ez dago behar den toki librea" errorea emango du). Hortaz, ezin duzu 2048 GB baino gehiago dituen fitxategian ostatutako VeraCrypt bolumen bat sortu (edukiontzia) Windows XP erabiltzen baduzu. - KONTUZ: Etorkizunean kanpoko bolumenean fitxategiak/datuak gehitzeko aukera izan nahi baduzu, ezkutuko bolumenarentzat tamaina txikiagoa aukeratzea kontutan izan baharko zenuke.\n\nZiur zaude aukeratutako tamainarekin jarraitu nahi duzula? - Ez da bolumenik aukeratu.\n\n'Gailua Aukeratu' edo 'Fitxategia Aukeratu' sakatu ezazu VeraCrypt bolumen bat aukeratzeko. - Ez da partiziorik aukeratu\n\n'Gailua Aukeratu' sakatu ezazu normalean hasieraketa-aurreko kautotzea behar duen desmuntatutako partizio bat aukeratzeko (adibidez, beste sistema eragile baten sistemako unitatean dagoen partizio zifratu bat, edo beste sistema eragile baten zifratutako sistemaren partizioa.\n\nOharra: Aukeratutako partizioa VeraCrypt bolumen normal bat bezala muntatuko da, hasieraketa-aurreko kautotzerik gabe. Hau lagungarria da adibidez babeskopia edo konpontze lanetarako. - KONTUZ: Lehenetsitako gako-fitxategiak aukeratu badira eta aktibatuta badaude, gako-fitxategi hauek erabiltzen ez dituzten bolumenak ezin izango dira muntatu. Horregatik, lehenetsitako gako-fitxategiak aktibatu eta gero, gogoratu ezazu 'Gako fitxategiak Erabili' aukera desmarkatzeaz (pasahitzaren laukiaren azpian) bolumen hauek muntatzerakoan.\n\nZiur zaude gako-fitxategi/helbide hauek lehenetsitakoak bezela gorde nahi dituzula? - Gailuak Auto-Muntatu - Denak Desmuntatu - Katxea Ezabatu - Guztiak Desmuntatu eta Katxea Ezabatu - Guztiak Desmuntarazi eta Katxea Ezabatu - Guztiak Desmuntarazi, Katxea Ezabatu eta Irten - Gogoko Bolumenak Muntatu - VeraCrypt-en Lehio Nagusia Erakutsi/Ezkutatu - (Hemen clik egin eta tekla bat sakatu) - Akzioa - Lasterbidea - Errorea: Lasterbide hau erreserbatuta dago. Mesedez beste lasterbide bat aukeratu. - Errorea: Lasterbidea erabiltzen ari da. - KONTUZ: VeraCrypt-en sistema osoko laister-tekla bat edo gehiago ez du funtzionatuko.\n\nMesedez, ziurtatu zaitez ez dagoela laisterbide berdina erabiltzen duen aplikazio edo sistema eragilerik. - Paginatze fixategiaren sorrera eragotzi da.\n\nMesedez, ohartu zaitez, Windowsen arazoengatik, ezin direla paginatze fitxategiak sistemakoak ez diren VeraCrypt bolumenetan sortu (sistemaren gogoko bolumenak barne). VeraCrypt-ek zifratutako sistemaren partizio/unitatean bakarrik onartzen du paginatze fitxategien sorrera. - Errore batek edo bateragarritasun eza VeraCrypt-i hibernatze fitxategia zifratzea eragotzi dio. Hortaz, hibernazioa ez da egin.\n\nOharra: Orgenagailu batek hibernatzen duenean (edo energia aurrezteko moduan dagoenean), sistemaren memoriaren edukiak disko gogorran dagoen hibernatze fitxategi batean idazten dira. VeraCrypt ezingo zen gai zifratze gakoen eta RAM memorian irekitako fitxategi pribatuen datuen zifratu gabe hibernatze fitxategaren idazkera eragozteko. - Hibernazioa ergotzi da.\n\nVeraCrypt-ek ez du hibernaziorik onartzen hasieraketa partizio extra bat erabiltzen duten ezkutuko sistema eragiletan. Ohartu zaitez hasieraketa partizio bera erabiltzen dutela sistema eragile amu eta ezkutuak. Horregatik, datuen filtratzea eta hibernaziotik bueltatzerakoan egon daitezkeen arazoak eragozteko, VeraCryptek debekatu behar dio sistema ezkutuari hasieraketa partizio horretan idaztea eta, hortaz, hibernatzea ere. - %c bezala muntatutako VeraCrypt bolumena: desmuntatu egin da. - VeraCrypt bolumenak desmuntatu egin dira. - VeraCrypt bolumenak desmuntatu egin dira eta pasahitz katxea ezabatu egin da. - Ondo desmuntatu egin da - KONTUZ: VeraCrypt-en Ezkutuko Ataza ezgaituta badago, hondorengo funtzioak ere ezgaituta egongo dira:\n\n1) Tekla Bereziak\n2) Auto-desmuntaketa (adib.: saioa amaitzerakoan, gailu ostalaria kentzerakoan,e.a.)\n3) Gogoko bolumenen auto-muntaketa\n4) Jakinarazpenak (adib.: ezkutuko bolumenari kaltea eragotzi zaionean)\n5) Erretiluko ikonoa\n\nOharra: VeraCrypt-en Ezkutuko Ataza edozein momentutan itzali dezakezu erretiluko ikonoan klik eginez eta 'Irten' aukeratuz.\n\nZiur zaude betirako VeraCrypt-en Ezkutuko Ataza ezgaitu nahi duzula? - KONTUZ: Aukera hau ezgaituta badago, fitxategi/karpeta irekiak dituzten bolumenak ezin izango dira auto-desmuntatu.\n\nZiur zaude aukera hau ezgaitu nahi duzula? - KONTUZ: Irekita dauden fitxategi/karpetak dituzten bolumenak EZ dira auto-desmuntatuko.\n\nHau eragozteko hondorengo aukera hautatu ezazu lehio honetan bertan: 'Auto-desmuntaketa eragin bolumenak irekitako Ffitxategi edo karpetak baditu ere'. - KONTUZ: Ordenagailu eramangarriaren bateria baxua denean, izan daiteke Windowsek martxan dauden aplikazioei mezu egokiak ez bidaltzea energia aurrezte moduan sartzen ari denean. Horregatik, kasu horietan VeraCrypt-ek bolumenak auto-desmuntatzerakoan huts egin dezake. - Partizio/Bolumen baten zifraketa programatu duzu. Prozesua oraindik ez da bukatu.\n\nProzesua orain jarraitu nahi al duzu? - Sistemaren partizioaren/unitatearen zifraketa edo argitze prozesua programatu duzu. Prozesu hau ez da oraindik bukatu.\n\n Prozesu hau orain hasi (jarraitu) nahi al duzu? - Sistemakoak ez diren partizio/bolumenen zifraketa prozesu programatuen berriz hasteko mezuak jaso nahi dituzu? - Bai, mezuak bidaltzen jarraitu. - Ez, ez itzazu mezu gehiago bidali. - GARRANTZITSUA: Gogoratu ezazu edozein momentutan sistemaren partizio/unitatearen zifratze prozesua jarraitu dezakezula VeraCrypten lehio nagusiaren menuan 'Bolumenak' > 'Etendako Prozesua Jarraitu' aukeratuz. - Sistemaren partizio/unitatearen zifratze edo argitze prozesua programatu duzu. Hala ere, hasieraketa aurreko kautotzea huts egin du (edo sahiestu da).\n\nOharra: hasieraketa aurreko ingurunean sistemaren partizio/unitatea argitu bazenuen, agian prozesua bukatu behar duzu 'Sistema' > 'Sistemaren Partizio/Unitatea Betirako Argitu' aukeratuz VeraCrypt lehio nagusiaren menuan. - KONTUZ: VeraCrypt oran itxi egiten bada, hondorengo funtzioak ezgaituko dira:\n\n1) Tekla Bereziak\n2) Auto-desmuntaketa (adib.: saioa amaitzerakoan, gailu ostalaria kentzerakoan,e.a.)\n3) Gogoko bolumenen auto-muntaketa\n4) Jakinarazpenak (adib.: ezkutuko bolumenari kaltea eragotzi zaionean)\n\nOharra: VeraCrypt ezkutuan exekutatzea nahi ez baduzu, VeraCrypt-en ezkutuko ataza ezgaitu ezazu lehentasunetan (eta, beharrezkoa bada, lehentasunetan VeraCrypten abiatze automatikoa ezgaitu ezazu ere).\n\nZiur zaude VeraCrypt itxi nahi duzula? - Irten? - VeraCrypt-ek ez dauka informazio nahikoa jakiteko zifratu edo argitu behar duen. - VeraCrypt-ek ez dauka informazio nahikoa jakiteko zifratu edo argitu behar duen. Oharra: Hasieraketa-aurreko ingurunean sistemaren unitatea/partizioa argitu baduzu, agian prozesua bukatu behar izango duzu 'Argitu' sakatuz. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Partizio/bolumenaren zifratze prozesua eten eta gerorako utzi nahi al duzu?\n\nOharra: Kontuan izan ezazu ezin izango duzula bolumena muntatu guztiz zifratuta dagoen arte. Prozesua jarraitzeko aukera izango duzu eta hau gelditu zen tokian hasiko da berriz. Hori egiteko, adibidez, 'Bolumenak' > 'Etendako Prozesua Jarraitu' aukeratu ezazu VeraCrypt lehio nagusiaren menuan. - Sistemaren partizo/unitatearen zifratze prozesua eten eta gerorako utzi nahi al duzu?\n\nOharra: Prozesua jarraitzeko aukera izango duzu eta hau gelditu zen tokian hasiko da berriz. Hau egin dezakezu 'Sistema' > 'Etendako Prozesua Jarraitu' aukeratuz VeraCrypt lehio nagusiaren menuan. Zifratze prozesua bertan behera utzi nahi baduzu edo zifratze prozesua desegin nahi baduzu, 'Sistema' > 'Sistemaren Partizio/Unitatea Betirako Argitu' aukera hautatu ezazu. - Sistemaren partizioaren/unitatearen argitze prozesua eten nahi duzu eta gerorako utzi?\n\nOharra: Prozesua jarraitu ahal izango duzu eta gelditu den tokian jarraituko du. Hori egin dezakezu, adibidez, 'Sistema' > 'Etendako Prozesua Jarraitu' VeraCrypteko lehioko menuan aukeratuz. Argitze prozesua desegin nahi baduzu (eta zifratzen hasi) 'Sistema' > 'Sistemaren Partizioa/Unitatea Zifratu' aukeratu ezazu. - Errorea: Sistemaren partizio/unitatearen zifratze/argitze prozesua eteterakoan huts egin du. - Errorea: Ezabatze prozesua eteterakoan huts egin du. - Errorea: Sistemaren partizio/unitatea zifratzeko/argitzeko prozesua berriz hasterakoan huts egin du. - Errorea: Ezabatze prozesua hasterakoan huts egin du. - Datuen hutsala konpondu da.\n\n\n(Akats honen berri ematen baduzu, mesedez hurrengo informazioa gehitu ezazu akatsaren txostenean:\n%hs) - Errorea: ustekabeko egoera.\n\n\n(Akats honi buruz txosten bat bidaltzen baduzu, mesedez, hurrengo informazio teknikoa erantsi iezaiozu akatsaren txostenari:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - KONTUZ: TruekCrypt-en Ezkutuko Ataza ezgaituta dago.VeraCrypt-etik atera eta gero informatuko zaizu ezkutuko bolumenaren kaltea eragotzi den.\n\nOharra: VeraCrypt-en Ezkutuko Ataza edozein momentutan gelditu dezakezu VeraCrypt erreteiluko ikonoan eskubiko klik eginez eta 'Irten' aukeratuz.\n\n VeraCrypt-en Ezkutuko Ataza gaitu? - Hizkuntza paketearen bertsioa: %s - %s bezala muntatutako VeraCrypt bolumenaren fitxategi sistema egiaztatzen... - %s bezala muntatutako VeraCrypt bolumenaren fitxategi sistema konpontzen saiatzen... - Kontuz: bolumen hau algoritmo zaharkitu batekin zifratuta dago.\n\n 64 biteko blokeak erabiltzen dituzten algoritmo guztiak (adib. Blowfish, CAST-128 edo DES hirukoitza) zaharkituta daude. Etorkizuneko VeraCrypt bertsioetan bolumen hau muntatu ahal izango da. Hala ere, ez da hobekuntzarik egingo zifratze algoritmo zaharkitu hauetan. Gomendatzen dizugu 128 biteko blokeak erabiltzen dituen zifratze algoritmo batekin (adib. AES; Serpent, Towfish e.a.) VeraCrypt bolumen berri bat egitea eta fitxategiak bolumen zaharretik berrira mugitzea. - Zure sistema ez dago konfiguratuta bolumen berriak auto-muntatzeko. Ezinezkoa izan daiteke gailuan ostatutako VeraCrypt bolumenak muntatzea. Auto-muntatzea aktibatu daiteke hurrengo komandoa exekutatuz eta sistema berrabiatuz.\n\nmountvol.exe /E - Mesedez unitate letra bat eman iezaiozu partizio/gailuari jarraitu aurretik ( 'Kontrol-panela' > 'Sistema eta Mantentzea' > 'Tresna Administratiboak' - 'Disko gogorrean partizioak egin eta formatatu').\n\nOhartu zaitez hau sistema eragilearen eskakizuna dela. - VeraCrypt bolumena muntatu - VeraCrypt bolumen guztiak desmuntatu - VeraCrypt-ek huts egin du Administratzaile baimenak lortzerakoan. - Sistema eragileak sartzea debekatu du.\n\nZergati probablea: Sistema eragileak zenbait karpeta, fitzxategi eta unitateetan irakurri eta idazteko baimena (edo administratzaile baimena) izatea behartzen du bertan datuak irakurri eta idatzi ahal izateko. Orokorrean, administratzaile baimenik gabeko erabiltzaile batek bere Dokumentuak karpetan fitxategiak sortu, irakurri eta aldatzeko baimena izaten du. - Errorea: Unitateak onartzen ez den sektore tamaina erabiltzen du.\n\nMomentuz ezin da partizoan/gailuan ostatutako bolumenik sortu 4096 byte baino gehiagoko sektoreak erabiltzen dituzten unitateetan. Hala ere, ohartu zaitez unitate horietan fitxategian ostatutako bolumenak (edukiontziak) sortu daitezkela. - Momentuz ezin da 512 byteeko sektoreak ez dituen diskoetan sistemarik zifratu. - VeraCrypt Hasieraketa kargatzaileak gutxienez 32KByte behar ditu sistemaren unitatearen hasieran (VeraCrypt Hasieraketa Kargatzailea gune horretan gorde behar da). Zoritxarrez zure unitateak ez du baldintza hori betetzen.\n\nMesedez EZ ezazu VeraCrypt-en akats bat balitz bezela salatu. Arazo hau konpontzeko, zure diskan partizioak berregin beharko dituzu lehendabiziko 32KByteak libre uzteko (kasu gehientetan lehendabiziko partizioa ezabatu eta berriz sortu beharko duzu). Mikrosoften partizio kudeatzailea erabiltzea gomendatzen dizugu, hau Windows insalatzerakoan erabilgarri dago. - Ezaugarri hau ez dago onartua erabiltzen ari zaren sistema eragilearen bertsioan. - VeraCrypt-ek ez du onartzen sistemaren partizioa/unitatea zifratzea erabiltzen ari zaren sistema eragilearen bertsioan. - Windows Vista-n sistemaren partizioa/unitatea zifratu baino lehen 1go Service Pack edo altuagoa instalatu behar duzu (oraindik ez da horrelako Service Pack-ik sisteman instalatu).\n\nOharra: Windows Vista-ren 1go ServicePack-a sistemaren hasieraketan erabili gabeko memoria eskasia eragiten zuen akats bat konpontzen du. - VeraCrypt-ek jadanik ez du onartzen Service Pack instalatuta ez daukan Windows Vista-tan sistemaren partizioa/unitatea zifratzea. VeraCrypt eguneratu baino lehen, mesedez, Windows Vistaren Service Pack 1 edo ondorengo bat instalatu ezazu. - Errorea: Ezaugarri honek beharrezkoa du VeraCrypt sisteman instalatuta egotea (VeraCrypt modu eramangarrian erabiltzen ari zara)\n\nMesedez, VeraCrypt instalatu ezazu eta berriro saiatu.. - KONTUZ: Ez dirudi Windows hasieratzen den unitatean instalatuta dagoenik. Hau ez dago onartuta.\n\nWindows hasieratzen den unitatean instalatuta dagoela ziur badakizu bakarrik jarraitu beharko zenuke.\n\nJarraitu nahi duzu? - Zure sistemaren unitateak GUID partizio taula dauka (GPT). Orain, MBR partizio taula daukaten unitateak bakarrik onartzen dira. - KONTUZ: VeraCrypt-en Hasieraketa Kargazailea dagoeneko sistemaren unitatean instalatuta dago!\n\nIzan daiteke dagoeneko zure ordenagailuan beste sistema bat zifratuta egotea.\n\nKONTUZ: ORAIN MARTXAN DAGOEN SISTEMAREN ZIFRAKETAK BESTE SISTEMAK ABIAEZINAK ETA EUREN DATUAK ESKURAEZINAK UTZI DITZAKE.\n\nZiur zaude jarraitu nahi duzula? - Jatorrizko sistemaren kargatzailea leheneratzerakoan huts egin du.\n\nMesedez zure VeraCrypt-en Salbatze Diska erabili ezazu ('Konponketa Aukerak' > 'Sistemaren kargatzaile originalera leheneratu') edo Windows instalazio diska erabili ezazu Windowsen sistemaren kargatzailea VeraCrypt-en Hasieraketa Kargatzailea ordez jartzeko. - Sitemaren kargatzaile originala ez da Salbatze Diskan gordeko (honen zergatia: agian babeskopia fitxategi bat falta da). - MBR sektorea idazterakoan huts egin du.\n\nZure BIOSAK agian MBR sektorea babesteko konfiguratuta dago. Zure BIOS-aren konfigurazioa begiratu ezazu (zure ordenagailua abiatu bezain laister F2, SUPR edo ESC sakatuz) MBR/antibirus babesen bila. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - Beharrezkoa den TrueCryp-en Hasieraketa Kargatzailearen bertsioa ez dago instalatuta. Honek ezarpen batzuk ez gordetzea ekar dezake. - Oharra: Zenbait kasuetan ordenagailua abiatzen zauden bitartean pertsona bat zuri begira badago (arerioa) eta ez duzu VeraCrypt erabiltzen duzula jakinarazi nahi. Goiko aukerek VeraCrypt Hasieraketa Kargatzailearen lehioa pertsonalizatzeko aukera ematen dizute. Lehendabiziko aukera gaitzen baduzu, ez dira testurik erakutsiko hasieraketa kargatzailean (ezta pasahitza gaizki sartu duzularen mezua ere). Ordenagailua "izoztuta" (ezer egin gabe) balego bezala agertuko da pasahitza sartzen duzun bitartean. Gaineara neurrira egindako mezu bat agertu daiteke arerioa nahasteko. Adibidez, gezurrezko errore mezu bat, adibidez "Sistema Eragilerik Ez Dago" ("Missing operating system", testu hau normalean Windowsen hasieraketa kargatzaileak erakusten du Windows hasieraketa partiziorik ez dagoenean). Hala ere, garrantzisua da jakitea arerio batek disko gogorraren edukia arakatu baldin badezake, VeraCrypt Hasieraketa Kargatzailea hor dagoela aurkitu dezakela. - KONTUZ: Ohartu zaitez aukera hau gaitzen baduzu, VeraCrypt Hasieraketa Kargatzaileak ez duela testurik erakutsiko (ezta pasahitz okerra sartzen duzunean). Ordenagailua "izoztuta" (ezer egin gabe) balego bezala agertuko da pasahitza sartzen duzun bitartean (kursorea ez da mugituko eta ez da izartxorik agertuko tekla zapaltzerakoan).\n\nZiur zaude aukera hau gaitu nahi duzula? - Zure sistemaren partizioa/unitatea guztiz zifratuta dirudi. - VeraCrypt-ek ez du onartzen disko dinamiko bihurtu den sistemaren unitate bat zifratzea. - Sistemaren unitateak hedatutako partizioak (logikoak) ditu.\n\nSistemaren unitatean hedatutako partizioak (logikoak) daudenean Windows Vista eta geroko bertsioetan bakarrik zifratu daiteke sistemaren unitate osoa. Windows XP-en, sistemaren unitate osoa zifratu dezakezu baldin eta bakarrik lehen mailako partizioak baditu.\n\nOhara: Hala ere, sistemaren unitate osoa zifratu ordez sistemaren partizioa zifratu dezakezu (eta, horretaz gain, partizoetan ostatutako VeraCrypt bolumenak sortu ditzakezu sistemakoak ez diren partizioetan). - KONTUZ: Windows XP/203 erabiltzen ari zarenez, unitatea zifratzen hasi eta gero EZIN izango duzu bertan hedatutako partizioak (logikoak) sortu (bakarrik lehen mailako partizioak sortu ahal izango dituzu). Unitatean dagoen edozen hedatutako partizo (logiko) ezin izango da irakurri zifratzen hasi eta gero (momentu honetan unitatean ez dago horrelakorik).\n\nOharra: Eragozpen hau onargarria ez bada, atzera egin dezakezu eta unitate osoa zifratu beharrean sistemaren partizioa bakarrik zifratu dezakezu (eta, horretaz gain, partizioetan ostatutako VeraCrypt bolumenak sortu ditzakezu unitatean dauden eta sistemarenak ez diren partizioetan).\nBestela, eragozpen hau onargarria ez bada, Windows Vistara edo Windowsen ondorengo bertsio batera aldatzea ere aukera izan daiteke (Windows Vista eta gerokoetan hedatutako partizioak (logikoak) dituen sistemaren unitate osoa zifratu daiteke). - Zure sistemaren unitateak estandarra ez den partizio bat dauka.\n\nEramangarri bat erabiltzen ari bazara, ziurenik sistemaren unitateak berreskuratze partizio berezi bat dauka. Sistemaren unitate osoa zifratu eta gero (bertan dagoen berreskuratze partizioak barne), sistema ezin izango da abiatu zure ordenagailuak gaizki diseinatutako BIOS bat erabiltzen baldin badu. Horretaz gain, ezin izango da berreskuratze partizioa erabili sistemaren unitatea argitu baino lehen. Horregatik, bakarrik sistemaren partizioa zifratzea gomendatzen dizugu. - Unitate osoaren ordez, sistemaren partizioa zifratu nahi al duzu?\n\nOhartu zaitez partizioetan ostatutako VeraCrypt bolumenak sortu ditzakezula sistemakoak ez diren unitatearen partizioetan (sistemaren partizioa zifratzeaz gain). - Zure sistemaren unitateak bakarrik partizio bat daukanez, zein unitate osoa betetzen duen, gomendagarria da (seguruagoa) unitate osoa zifratzea partizio horren inguruan dagoen "soberako" espazio hutsa gehituz.\n\nSistemaren unitate osoa zifratu nahi al duzu? - Zure sistema fitxategi iraunkorrak sistemakoa ez den partizio batean gordetzeko konfiguratuta dago. Fitxategi iraunkorrak sistemaren partizioan bakarrik gorde daitezke. - Zure erabiltzailearen profilaren fitxategiak ez daude sistemaren partizioan gordeta.\n\nErabiltzailearen profilaren fitxategiak sistemaren partizioan bakarrik gorde daitezke. - Sistemakoak ez diren partizioetan orrikatze fitxategiak daude.\n\nOrrikatze fitxategiak bakarrik sistemaren partizioan egon daitezke. - Orain Windows konfiguratu nahi al duzu orrikatze fitxategiak Windowsen partizioan bakarrik sortu daitezen?\n\nOhartu zaitez 'Bai' sakatu eta gero ordenagailua berrabiatu egingo dela. Ondoren VeraCrypt abiatu eta berriz saiatu zaitez ezkutuko sistema eragile bat sortzen. - Bestela, ezkutuko sistema eragilearen ezeztapen onargarriak kalte handia jaso lezake.\n\nOharra: Arerio batek fitxategi horiek arakatuko balitu (sistemakoa ez den partizio abtean daudenak), laguntzaile hau ezkutuko sistema bat sortzeko moduan exekutatu zela aurkitu dezake (ordenagailu honetan ezkutuko sistema eragile bat dagoelaren seinale izan daitekeena). Ohartu zaitez ere sistemaren partizioan dauden horrelako fitxategiak VeraCrypt-ek sekurtasunez ezabatuko dituela ezkutuko sistema eragilea sortzeko prozesuan. - KONTUZ: Ezkutuko sistema eragilea sortzeko prozesuan sistema osoa berrinstalatzea eskatuko zaizu (sistema amua sekurtasunez sortzeko).\n\nOharra: Momentu honetan martxan dagoen sistema eragilea eta bere sistemaren partizioaren eduki guztiak ezkutuko bolumenera kopiatuko dira (ezkutuko sistema sortzeko).\n\n\nZiur zaude Windows instalatzeko gai izango zarela Windows instalatzeko gailu batekin (edo partizio serbitzari batekin)? - Sekurtasun arrazoiengatik, orain martxan dagoen sistema eragilea aktibatu behar bada, jarraitu baino lehen aktibatu behar da. Ohartu zaitez ezkutuko sistema eragilea sistemako partizioaren edukiak ezkutuko bolumen batera kopiatuz sortuko dela (hortaz, sistema eragile hau aktibatuta ez badago, ezkutuko sistema eragilea ere ez da aktibatuta egongo). Informazio gehiago nahi baduzu VeraCrypt-en Erabiltzaile Gidaren "Ezkutuko bolumenentzako sekurtasun baldintzak eta neurriak" atala irakurri ezazu.\n\nGarrantzitsua: Jarraitu baino lehen ziurtatu zaitez VeraCrypt-en Erabiltzaile Gidaren "Ezkutuko Bolumenentzako Sekurtasun Baldintzak eta Neurriak" atala irakurri duzula.\n\n\nMartxan dagoen sistema eragileak goiko baldintza betetzen du? - Zure sistemak bigarren hasieraketa partizioa erabiltzen du. VeraCrypt-ek ez du hibernaziorik onartzen sistemak bigarren hasieraketa partizio bat erabiltzen duenean (sistema amuak arazorik gabe hibernatu daitezke).\n\nOhartu zaitez sistema amu eta ezkutuak hasieraketa partizio bera erabiliko dutela. Horregatik, hibernatze egoeratik bueltatzerakoan egon daitezken datuen filtrazioak eta bestelako arazoak eragozteko, TrueCrypy-ek ezkutuko sistemari eragotzi behar dio amankomunean daukan hasieraketa partizioan idaztea eta hibernatzea.\n\nJrraitu nahi al duzu? 'Ez' aukeratzen abduzu, bigarren hasieraketa partizioa kentzeko jarraibidea aterako zaizu. - \nAbiatze partizio gehigarria Windows instalatu aurretik kendu daiteke. Hori egitueko, hurrengo pausoak jarraitu itzazu:\n\n1) Zure Windows instalatze diska abiatu ezazu.\n\n2) Windows instalatzailearen lehioan 'Orain Instalatu' > 'Pertsonalizatua (aurreratua)' aukeratu.\n\n3) 'Unitate Aukerak' sakatu ezazu.\n\n4) Sistemaren partizio nagusia aukeratu eta ezabatu ezazu 'Ezabatu' eta 'Ados'-en klik eginez.\n\n5) 'Sistemaren Erreserbatua' partizioa aukeratu ezazu eta 'Hedatu' aukeratu ezazu, ondoren, berre tamaina handitu ezazu bertan sistema eragilea instalatu ahal izan dadin.\n\n6) 'Aplikatu' eta 'Ados'-en klik egin ezazu.\n\n7) 'Sistemaren Erreserbatua' partizioan Windows instalatu ezazu.\n\nErasotzaile batek Abiatze partizio gehigarria ezabatzeari buruz galdetzen badizu, zifratu gabeko abiatze partiziora daturik ez galtzearren egin duzula erantzun diezaiokezu.\n\nOharra: Testu hau inprimatu dezakezu azpian dagoen 'Inprimatu' botoian klik eginez. Testu honen kopia bat gorde edo inprimatzen baduzu (hau gogor gomendatzen da, zure inprimagailuak inprimitzen dituen dokumentuen kopia bere barneko memorian gordetzen ez baditu), abiatze partizio gehigarria ezabatu eta gero kopia horiek suntsitu beharko zenituzke (bestela, kopia hori aurkituko balitz, ordenagailu honetan ezkutuko sistema eragile bat dagoelaren susmoa eman dezake). - Kontuz: Alokatu gabeko tarte bat dago sistemaren partizioa eta haren hurrengo partizioaren artean. Ezkutuko sistema eragilea sortu eta gero ezin izango duzu tarte horretan partizio berririk egin. Bestela, ezin izango da ezkutuko sistema eragilea hasieratu (partizio berri horiek ezabatu arte). - Algoritmo honek momentuz ez du balio sistema zifratzeko . - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Momentuz ezin dira gako-fitxategiak erabili sistema zifratzeko. - Kontuz: VeraCrypt-ek ezin izan du teklatua diseinu originaera leheneratu. Honek pasahitza gaizki sartzea ekar dezake. - Errorea: Ezin da VeraCrypt-entzat teklatuaren diseinua aldatu EB teklatu estandar diseinura.\n\nOhartu zaitez pasahitza hasieraketa aurreko ingurunean (Windows hasi aurretik) sartu behar dela eta bertan EB-etako teklatu diseinuak ez daudela eskuragarri. Horregatik, pasahitza beti sartu behar da EB-etako teklatu estandarraren diseinuarekin. - VeraCrypt-ek teklatuaren diseinua EB-etako teklatu diseinura aldi baterako aldatu duenez, ezin dira karaktereak idatzi eskubiko Alt tekla sakatuta dagoen bitartean. Hala ere, horietako karaktere gehienak idatzi daitezke Shift tekla sakatzen den bitartean tekla aproposa sakatzen bada.. - VeraCrypt-ek teklatuaren banaketaren aldaketa eragotzi du. - Oharra: Pasahitza hasieraketa aurreko ingurunean idatzi beharko da (Windows hasi aurretik) eta bertan ez daude eskuragarri EB-etako Windows teklatua ez diren teklatu diseinuak. Hortaz, pasahitzak beti sartu behar dira EB-etako teklatu diseinu estandarra erabiliz. Hala ere, garrantzitsua da jakitea EZ duzula behar benetazko EB-etako teklatua. VeraCrypt-ek automatikoki ziurtatzen da pasahitza sekurtasunez sartu dezakezula (orain eta hasieraketa aurreko ingurunean) nahiz eta EB-etako teklatu fisikorik EZ izan. - Unitate/Partizioa zifratu aurretik, VeraCrypt Salbatze Diska (TSD) sortu behar duzu, TSDk honetarako balio du:\n\n- VeraCrypt Hasieraketa Kargatzailea, gako nagusia edo beste nahitaezko daturen bat hondatzen bada, TSDk hori leheneratzera lagunduko dizu (ohartu zaitez, edozein modutan pasahitz zuzena sartu beharko duzula).\n\n- Windows hondatu eta ezin bada abiatu, TSDak Windows hasi aurretik parizio/unitate osoa argitu dezake.\n\n- TSKak diskaren lehendabiziko pistaren babeskopia izango du (non normalean sistemaren kargatzailea edo hasieraketa kudeatzailea dauden) eta beharrezkoa bada hura leheneratzen utziko dizu.\n\nVeraCrypt Salbatze Diskaren ISO irudia azpian dagoen helbidean sortuko da. - 'Ados' sakatu eta gero Mikrosoft Windows Image Burner programa abiatuko da. Mesedez, hau erabili ezazu VeraCrypt Salbatze Diskaren ISO irudia CD edo DVD batean idazteko.\n\nHori egin eta gero VeraCrypt Bolumenak Sortzeko Laguntzailera bueltatu zaitez eta haren jarraibideak bete itzazu. - Salbatze diska sortu da eta fitxategi honetan gorde da:\n%s\n\nOrain CD edo DVD batean idatzi behar duzu.\n\n%lsSalbatze Diska sortu eta gero, 'Hurrengoa' saktu ondo idatzi dela ziurtatzeko. - Salbatze Diskaren irudia sortu eta fitxategi honetan gorde da:\n%s\n\nOrain irudia CD/DVD batean idatzi beharko zenuke edo toki seguru batera eraman ezazu etorkizunean erabili ahal izateko.\n\n%lsHurrengoa sakatu jarraitzeko. - GARRANTZITSUA: Ohartu zaitez fitxategia ISO diska irudi bat bezala idatzi behar dela CD/DVD-an (ez fitxategi bakar bat bezala). Hau egiteko informazio gehiago nahi baduzu, zure CD/DVD-ak idazteko softwarearen dokumentazioan bilatu ezazu. CD/DVD batean ISO diska irudi bat idazteko gai den softwarrerik ez baduzu, sakatu ezazu hondorengo lotura hori egiten duen software libre bat deskargatzeko.\n\n - Micrsoft Windows-en Disko Irudien Grabatzailea abiatu - KONTUZ: Dagoeneko VeraCrypt Salbatze Diska bat sortu baduzu, ezin da sistemaren partizio/diska honetan berrerabili gako nagusi ezberdin batentzako sortu zelako. Sistemaren partizio/unitate bat zifratzen duzun bakoitzean, VeraCrypt Salbatze Diska berria sortu behar duzu pasahitz berdina badute ere. - Errorea: Sistemaren zifratze ezaugarriak ezin dira gorde. - Ezin da sistemaren zifratzeko aurreproba hasi. - Ezin izan da ezkutuko sistema eragilearen prozesua hasi. - Ezabatze modua - Zeinbait memoria gailuetan, datu batzuk beste batzuen gainetik idazten direnean, posiblea da datu zaharrak berreskuratzea indar magnetikoen mirkoskopia erabiliz. Hau ere aplikatzen da euren datu zifratuengatik ordezkatutako datuei (hau gertatzen da VeraCrypt hasieran zifratu gabeko unitatea edo partizioa zifratzen duenean). Zenbait ikerketa eta gobernuaren txosten batzuen arabera, gainetik idatzitako datuen berreskuratzea eragotzi (edo asko zaildu) daiteke datua originalak ausazko datuekin eta ausazkoak ez diren datu batzuekin zenbait alditan berridazten baldin badira. Horregatik, arerio batek zure datuak berreskuratzeko teknika horiek erabili ditzakela uste baldin baduzu, pasatze anitzeko ezabatze moduetako bat aukeratu nahi izango duzu (dauden datuak EZ dira galduko). Ohartu zaitez ezabatze prozesua EZ dela egingo partizioa/unitatea zifratu eta gero. Partizio/unitatea guztiz zifratuta dagoenean, ez da bertan zifratu gabeko daturik idatziko. Idazten diren datu guztiak, lehendabizi memorian bertan zifratuko dira eta gero datuak (zifraturik) diskan idatziko dira. - Zeinbait memoria gailuetan, datu batzuk beste batzuen gainetik idazten direnean (hau da, datuak ezabatzen direnean), posiblea da datu zaharrak berreskuratzea indar magnetikoen mirkoskopia erabiliz. Zenbait ikerketa eta gobernuaren txosten batzuen arabera, gainetik idatzitako datuen berreskuratzea eragotzi (edo asko zaildu) daiteke datua originalak ausazko datuekin eta ausazkoak ez diren datu batzuekin zenbait alditan berridazten baldin badira. Horregatik, arerio batek zure datuak berreskuratzeko teknika horiek erabili ditzakela uste baldin baduzu, pasatze anitzeko ezabatze moduetako bat aukeratu nahi izango duzu.\n\nOharra: Kontutan izan ezazu zenbat eta pasatze gehiago, orduan eta denbora gehiago behar izango duzula datuak ezabatzeko. - Ezabatzen - \nOharra: Ezabatze prozesua eten dezakezu, zure ordenagailua itzali, ezkutuko sistema berriro abiatu eta prozesua jarraitu (laguntzaile hau automatikoki hasiko da). Hala ere, eteten baduzu, ezabatze prozesu guztia berriro hasieratik hasi beharko da. - \n\nOharra: Ezabatze prozesua eten egiten baduzu eta gero hura jarraitzen saiatzen bazara, prozesu guztia berriz hasieratik hasiko da. - Ezabatze prozesua bertan behera uzti nahi al duzu? - Kontuz: Aukeratutako partizioaren/gailuaren edukia ezabatu eta galdu egingo da. - Jatorrizko sistema dagoen partizioaren eduki osoa ezabatuko da.\n\nOharra: Ezabatuko den partizioaren eduki guztiak ezkutuko sistemaren partziora kopiatu dira. - KONTUZ: Ohartu zaitez, adibidez, 3 pasatzeko ezabatze modua aukeratzen baduzu, partizioa/unitatea zifratzeko behar den denbora 4 aldiz luzeagoa izango da. Beste adibide bat, 35 pasatzeko ezabatze modua aukeratzen baduzu 36 aldiz denbora gehiago behar izango du (asteak eman ditzake).\n\nHala ere, kontutan izan ezazu ezabatze prozesua EZ dela egingo partizioa/unitatea guztiz zifratuta egon eta gero. Partizio/unitatea guztiz zifratuta dagoenean, ez da bertan zifratu gabeko daturik idatziko. Idazten diren datu guztiak, lehendabizi memorian bertan zifratuko dira eta gero zifratutako datuak diskan idatziko dira (beraz errendimenduan EZ du eraginik izango).\n\nZiur zaude ezabatze modu hori erabili nahi duzula? - Ezer (azkarrena) - pasatze-1 (ausazko datuak) - 3-pasatze (US DoD 5220.22-M) - 7-pasatze (US DoD 5220.22-M) - 35-pasatze ("Gutmann") - 256-pasatze - Sistema Eragile Kopurua - KONTUZ: Esperientziarik gabeko erabiltzaileek ez lirateke Windows zifratzen saiatu behar hasieraketa-anitzeko konfigurazioekin.\n\nJarraitu? - Ezkutuko sistema eragile bat sortu/erabiltzerakoan, VeraCrypt-ek abiaketa-anitza hurrengo kasuetan onartzen du bakarrik :\n\n- Orain martxan dagoen sistema eragilea abiatze unitatean instalatuta egon behar du, eta bertan dagoen sistema eragile bakarra izan behar du.\n\n- Beste unitateetan dauden sistema eragileek ezin dute martxan dagoen sistema eragilearen unitatean dagoen hasieraketa kargatzailea erabili.\n\nGoiko kondizioak betetzen al dira? - TryeCrypt-ek ezu du abiatze anitz konfigurazio hau onartzen ezkutuko sistema eragilea sortu edo erabiltzerakoan. - Abiatze Unitatea - Orain martxan datoen sistema eregilea hasieraketa unitatean instalatuta al dago?\n\nOharra: batzuetan Windows ez dago Windows hasieraketa kargatzailearen partizio berean instalatuta (hasieraketa partizioa). Kasu hori gertatzen bada, 'Ez' aukeratu. - Momentuz VeraCrypt-ek ez du onartzen abiatzen den unitatean instalatuta ez dagoen sistema eragile bat zifratzea. - Sistemaren Unitate Kopurua - Zenbat unitate sistema eragilea daukate?\n\nOharra: Adibidez, unitate nagusian edozein sistema eragile (adib.: Windows, Mac OS X, Linux e.a.) instalatuta baduzu eta beste edozein unitate batean sistema eragile bat instalatuta badago, '2 edo gehiago' aukeratu ezazu. - VeraCrypt-ek ez du onartzen unitate osoa zifratzea sistema eragile bat baino gehiago dituzten unitateetan.\n\nKonpoketak:\n\n- Sistemetako bat zifratu dezakezu atzera bazoaz eta sistemaren partizioa zifratzea aukeratzen baduzu (sistemaren unitate osoa zifratu ordez).\n\n- Unitate osoa zifratu ahal izango duzu sistema batzuk beste unitate batzuetara mugitu eta sistema bakarra uzten baduzu zifratu nahi duzun unitatean. - Sistema Anitzak Unitate Bakarrean - Beste sistema eragilerik instalatuta al dago orain martxan dagoen sistema eragilea instalatuta dagoen unitatean?\n\nOharra:Adibidez, orain martxan dagoen sistema eragilea #0 unitatean instalatuta badago, zein partizio bat baino gehiago daukan, eta partizio horietako bat Windows badauka eta beste partizio bat beste edozein sistema eragilea badauka (adib. Windows, Mac OS X, Linux, etc.), 'Bai' aukeratu ezazu. - Windows ez den Hasieraketa Kargatzailea - Windowsekoa ez den hasieraketa kargatzailea (edo kudeatzailea) hasieraketa erregistro nagusian (MBR) instalatuta al dago?\n\nAdibidez, hasieraketa unitatearen hasieran GRUB, LILO, XOSL edo bestelako Windowsekoak ez diren hasieraketa kudeatzailerik (edo kargatzailerik) badago, 'Bai' aukeratu ezazu. - Abiatze-Anitza - VeraCrypt-ek ez ditu onartzen hasieraketa anitzeko konfigugurazioak hasieraketa erregistro nagusian (MBR) Windowsekoa ez den hasieraketa kargatzaile bat instalatuta badago.\n\nIrtenbideak:\n\n- Hasieraketa kudeatzaile bat erabiltzen baduzu Windows eta Linux habiatzeko, hasieraketa kudeatzailea (normalean, GRUB) hasieraketa erregistro nagusitik (MBR) partizio batera mugitu ezazu. Ondoren laguntzaile hau berriz abiatu ezazu eta sistemaren partizio/unitatea zifratu ezazu. Ohartu zaitez VeraCrypt Hasieraketa Kargatzailea lehen mailako hasieraketa kudeatzailea bihurtuko dela eta hasieraketa kudeatzaile originala (adib. GRUB) abiatzen utziko dizula bigarren mailako hasieraketa kudeatzaile bat bezala (Esc salatuz VeraCrypt Hasieraketa Kargatzailearen lehioan) eta hortik Linux abiatu ahal izango duzu.. - Martxan dagoen sistema eragilea hasieraketa partizioan instalatuta badago, orduan, zifratu eta gero, pasahitz zuzena sartu behar izango duzu nahiz eta zifratu gabeko beste edozein Windows sistema abiatu nahi izan (zifratutako Windows hasieraketa kargatzaile/kudeatzaile bera erabiltzen dutelako).\n\nBeste aldetik, martxan dagoen sistema eragilea hasieraketa partizioan instalatuta ez badago (edo Windows hasieraketa kargatzaile/kudeatzailea hark bakarrik erabiltzen badu), orduan, sistema hau zifratu eta gero, zifratu gabeko beste sistemetara sartzeko ez duzu pasahitz zuzena sartu behar izango. Bakarrik 'Esc' tekla sakatuz zifratu gabeko sistema abiatuko da (zifratu gabeko sistema anitz badaude, baita ze sistema abiatu nahi duzun aukeratu behar izango duzu VeraCrypt Hasieraketa Kudeatzailearen menuan).\n\nOharra: Ohikoena, lehendabizi instalatu zen Windows sistema hasieraketa partizioan instalatuta dagoena izaten da. - Ostalariak Babestutako Gunea-ren Zifraketa - Unitate askoren bukaeran, normalean sistema eragilearentzat ezkutuan dagoen gune bat egoten da (gune horiei Ostalariak Babestutako Guneak deritze). Hala ere, programa batzuk gune horietan datuak idatzi eta irakurri ditzakete.\n\nKONTUZ: Zenbait ordenagailu ekoizleek gune horiek RAID-arentzat, sistema leheneratzeko, sistema konfiguratzeko, diagnosia egiteko eta beste asmoetarako datu eta tresnak gordetzeko erabiltzen dituzte. Datu edo tresna horiek abiatu aurretik eskuragarri egon behar badira, ezkutuko gunea EZ da zifratuko (goian 'Ez' aukeratu ezazu).\n\nVeraCrypt-ek unitatearen bukaeran dagoen ezkutuko gune hori aurkitu eta (baldin badago) zifratzea nahi al duzu?? - Sistemaren Zifratze Mota - Aukera hay hautatu ezazu bakarrik sistemaren partizioa edo sistemaren unitate osoa zifratu nahi baduzu. - Gerta liteke norbaitek sistema eragilea argitzera behartzea. Badaude egoera asko ezin duzula ezetz esan (adibidez,txantaila batengatik). Aukera hau hautatzen baduzu, ezkutuko sistema eragile bat sortuko duzu zeinen esistentzia frogatzea ezinezkoa izango da (ematen diren jarraibideak ondo jarraituz gero). Ondorioz, ez duzu ezkutuko sistema eragilearen pasahitzik eman behar ezta argitu behar izango. Azalpen luzeago bat nahi baduzu, azpian dagoen estekan klik egin ezazu. - Gerta liteke norbaitek sistema eragilea argitzera behartzea. Badaude egoera asko ezin duzula ezetz esan (adibidez,txantaila batengatik).\n\nLaguntzeile hau erabiliz, ezkutuko sistema eragile bat sortuko duzu zeinen esistentzia frogatzea ezinezkoa izango da (ematen diren jarraibideak ondo jarraituz gero). Ondorioz, ez duzu ezkutuko sistema eragilearen pasahitzik eman behar ezta argitu behar izango. - Ezkutuko Sistema Eragilea - Hurrengo pausoetan, bi VeraCrypt bolumen sortuko dituzu (kanpokoa eta ezkutukoa) sistemaren partizioaren atzean dagoen lehendabiziko partizioan. Ezkutuko bolumenak ezkutuko sistema eragilea (SE) ostatuko du. VeraCrypt-ek ezkutuko SE sortuko du sistemaren partizioaren (orain martxan dagoen SE instalatuta dagoena) edukiak ezkutuko bolumenera kopiatuz. Kanpoko bolumenean, garrantzitsuak diruditen baina benetan ezkutatu nahi EZ dituzun fitxategi batzuk kopiatu itzazu. Hauek hor egongo dira baldin eta norbaitek ezkutuko SE-aren partizioaren pasahitza ematera behartzen bazaitu. Ezkutuko SE-aren partizioan dagoen kanpoko bolumenaren pasahitza eman dezakezu (ezkutuko SE sekretupean jarraituko da).\n\nBukatzako, orain martxan dagoen SE-aren partizioan, SE berria instalatuko duzu, SE amua deritzona, eta zifratuko duzu. Honek ezin ditu datu garrantzitsuak izan eta hor egongo da norbaitek hasieraketa aurreko pasahitza ematera beharten bazaitu. Guztira, hiru pasahitz egongo dira. Horietako bi eman daitezke (SE amuarena eta kanpoko bolumenarena). Hirugarrena erabiltzen baduzu, ezkutuko SE-a abiatuko da. - Ezkutuko sektoreak bilatzen - Mezedez, itxaron VeraCrypt-ek sistemaren unitatearen bukarean ezkutuko sektoreak bilatzen dituen bitartean. Ohartu zaitez denbora luzea eman dezakela.\n\nOharra: Kasu oso arraro batzuetan, ordenagailu batzuetan, sistemak ez du erantzungo bilaketa prozesua irauten duen bitartean. Hau gertatzen bada, ordenagailua berrabiatu, VeraCrypt hasi, aurreko pausoak errepikatu baina detektatze prozesua ez egin. Ohartu zaitez arazo hau ez dela VeraCrypt-en akats batek sortua. - Zifratzeko gunea - Aukera hau hautatu ezazu orain martxan dagoen Windows sistemaren diska osoa zifratun nahi baldin baduzu. Diska osoa, bere partizio guztiekin zifratu egingo da lehendabiziko pista izan ezik, non TrueCryp-en Hasieraketa Kargatzailea egongo baita. Diskan instalatuta dagoen sistema edo dauden fitxategiaetan sartu nahi duen edonork, lehendabizi, sistema hasi aurretik sartzen den bakoitzean, pasahitz zuzena sartu behar izango du. Aukera hau ezin da erabili diska lagungarri edo kanpokoak badira eta Windows ez badago bertan instalatuta eta ez bada bertatik hasieratzen. - Ausazko datuak biltzen - Gakoak sortu dira - VeraCrypt-ek ez du zure ordenagailura konektatuta dauden CD/DVDak idazteko gailurik aurkitu. VeraCrypt-ek CD/DVD idazteko gailu bat behar du abiatu daitekeen VeraCrypt Salbatze Diska sortzeko, zeinek zifratzeko gakoen babeskopia, VeraCrypt hasieraketa kargatzailea, sistemaren kargatzaile originala e.a. duen.\n\nGogor gomendatzen dugu VeraCrypt Salbatze Diska CD/DVD batean idaztea. - Ez daukat CD/DVDak idazteko gailurik baina ISO Salbatze Diska gailu eramangarri batean (adbib. USB memoria gailu batean) gordeko dut. - CD/DVDak idazteko gailua beranduago konektatuko dut ordenagailura. Prozesua orain bukatu. - CD/DVDak idazteko gailua ordenagailura konektatuta dago. Jarraitu eta Salbatze Diska idatzi. - Mesedez hurerngo pausoak jarraitu itzazu:\n\n1) Gailu eramangarria konektatu ezazu ordenagailura, USB flash memoria gailu bat adibidez.\n\n2) VeraCrypt Salbatze Diskaren irudiaren fitxategia (%s) gailu eramangarrira kopiatu ezazu.\n\nEtorikizunean VeraCrypt Salbatze Diska erabili behar baldin baduzu, gailu eramangarria (VeraCrypt Salbatze Diskaren irudia daukala) CD/DVD-ak idaztego gailua daukan ordenagailu batera eta bertan abiatu daitekeen VeraCrypt Salbatze Diska bat sortu irudia CD edo DVD batean idatziz. GARRANTZITSUA: Ohartu zaitez VeraCrypt Salbatze Diskaren irudi fitxategia ISO diska irudi bat bezela idatzi behar dela CD/DVDan (ez fitxategi bat bezala). - Salbatze Diska Grabatzen - Salbatze Diska Sortu Da - Sistemaren Zifratzearen aurreproba - Salbatze Diska Egiaztatuta - \nSalbatze diska arrakastaz egiaztatu da. Orain diska atera eta toki seguru batean gorde ezazu.\n\nHurrengoa clikatu jarraitzeko. - KONTUZ: Hurrengo pausoetan VeraCrypt-en salbatze diska ezin da unitatean egon. Bestela, ezin izango da hurrengo pausoak arrakastaz egin.\n\nMesedez, diska unitatetik atera eta toki seguru batean gorde ezazu. Gero Ados sakatu. - Kontuz: hasieraketa aurreko ingurunearen muga teknikoengatik, hasieraketa aurreko ingurunean (hau da, Windows abiatu baino lehen) agertzen diren testuak ezin dira itzulita agertu. VeraCrypt Hasieraketa Kargatzailearen interfaze guztia ingelesez dago.\n\nJarraitu nahi? - Sistemaren partizsioa edo unitatea zifratu aurretik, VeraCrypt-ek dena ondo dabilela egiaztatu bahar du.\n\n'Probatu' sakatu eta gero, beharrezkoak diren osagai guztiak (adibidez, hasieraketa aurreko kautotze osagaia, hau da, VeraCrypt Hasieraketa Kargatzailea) instalatuko dira eta zure ordenagailua berrabiatuko da. Ondoren Windows abiatu baino lehenago agertuko den VeraCrypt Hasieraketa Kargatzeilearen lehioan zure pasahitza sartu beharko duzu. Windows abiatu eta gero, automatikoki aurre probaren emaitzen berri izango duzu.\n\nHurrengo unitatea aldatu egingo da: #%d unitatea\n\n\nOrain 'Utzi' sakatzen baduzu, ez da ezer instalatuko eta aurreproba ez da egingo. - OHAR GARRANTZITSUAK -- MESEDEZ, IRAKURRI EDO INPRIMATU ('Inprimatu' klikatu):\n\nOhartu zaitez ez dela fitxategirik zifratuko ordenagailua berrabiatu eta Windows hasi aurretik. Hortaz, zerbait gaizki badoa, zure datuak EZ dira galduko. Hala ere, zerbait gaizki badoa, Windows hasieratzeko zailtasunak eduki ditzazkezu. Horregatik, mesedez, hurrengo jarraibideak irakurri (edo, ahal bada, inprimatu) itzazu zer egin jakiteko ordenagailua berrabiatu eta gero Windows ezin bada hasi.\n\n - Zer Egin Windows Ezin Bada Abiatu\n------------------------------------------------\n\nOharra: jarraibide hauek bakarrik zifratzen hasi ez bazara balio dute.\n\n- Windows abiatzen ez bada pasahitz zuzena sartu eta gero (edo pasahitz zuzena behin baino gehiagotan ondo sartu baino VeraCrypt-ek pasahitza oker dagoela esaten badizu), ez zaitez izutu. Ordenagailua berrabiatu ezazu (korrontea kendu eta piztu), eta VeraCrypt Hasiera Kargatzailearen lehioan, zure teklatuko Esc tekla sakatu ezazu (eta sistema anitzak badituzu aukeratu ezazu zein abiatu). Orduan Windows abiatu beharko liteke (zifratuta baldin ez badago) eta VeraCrypt-ek automatikoki galdetu behar dizu hasieraketa aurreko kautotze osagarria desinstalatu nahi al duzun. Ohartu zaitez aurreko pausoek EZ dabiltzatela sistemaren partizio/unitatea zifratuta badago (inork ezin du Windows abiatu edo unitateko datu zifratuak irakurri pasahitz zuzenik gabe, nahiz eta aurreko pausuak jarraitu izana).\n\n - - Aurreko pausoek laguntzen ez badute edo VeraCrypt Hasieraketa Kargatzailearen lehioa agertzen ez bada (Windows hasi aurretik), VeraCrypt Salbatze Diska CD/DVD unitatean sartu ezazu eta ordenagailua berrabiatu ezazu. VeraCrypt Salbatze Diskaren lehioa agertzen ez bada (edo 'Konponketa Aukerak' aukera 'Teklatu Krontrolak' gunean ikusten ez bada VeraCrypt Salbatze Diskaren lehioan), gertatu daiteke zure BIOSa disko gogorrak CD/DVD unitateak baino lehenago abiatzeko konfiguratuta egotea. Hori gertatzen bada, zure ordenagailua berrabiatu ezazu F2 edo Ezabatu sakatu ezazu (BIOSa abiatzen ari delaren lehioa ikusi bezain laister), eta BIOSa konfiguratzeko lehioa agertzen den arte itxaron ezazu. BIOSa konfiguratzeko lehiorik agertzen ez bada, ordenagailua berriz berrabiatu ezazu eta F2 eta Ezabatu teklak behin eta berriro sakatu itzazu ordenagailua abiatu bezain laister. BIOSa konfiguratzeko lehioa agertzen denean, BIOSa konfiguratu ezazu lehendabizi CD/DVD unitatetik abiatu dadin (hau egiteko informazioa behar baduzu, zure BIOS/Oinarrizko Plaka-ren dokumentazio irakurri ezazu edo zure ordenagailuaren saltzailearen laguntza serbitzura jo ezazu). Ondoren zure ordenagailua berrabiatu ezazu. VeraCrypt Salbatze Diskaren lehioa agertu beharko litzateke orain. True Crypt Salbatze Diskaren Lehioan, 'Konponketa Aukerak' hautatu ezazu zure teklatuan F8 sakatuz. 'Konponketa Aukerak' menuan 'Sistemaren Kargatzaile Originala Leheneratu' aukeratu ezazu. Ondoren VeraCrypt Salbatze Diska CD/DVD unitatetik kendu ezazu eta ordenagailua berrabiatu ezazu. Windows normalki abiatu beharko liteke (zifratuta baldin ez badago).\n\n - Ohartu zaitez aurreko pausoak EZ direla ibiliko sistemaren partizio/unitatea zifratuta badago (inork ezin du Windows abiatu edo unitatean dauden datu zifratuak irakurri pasahitz zuzena gabe nahiz eta aurreko pausoak jarraitu dituen).\n\n\nOhartu zaitez erasotzaile batek zure VeraCrypt Salbatze Diska aurkitzen badu ere, EZ dela gai izango sistemaren partizioa edo unitatea argitzeko pasahitz zuzena gabe. - Aurre-proba Bukatuta - Aurre-proba arazorik gabe bukatu da.\n\nKONTUZ: Argindarra bat-batean mozten bada bertan zifraketa egiten den bitartean, edo sistema eragileak errore bat ematen badu software edo hardware akats batengatik bertan zifraketa egiten den bitartean, datu zatiak hondatu edo galduko dira. Horregatik, zifratzen hasi aurretik, ziurtatu zaitez zifratu nahi dituzun fitxategien babeskopiak dituzula. Ez badituzu, mesedez, haien babeskopiak orain egin itzazu ('Atzeratu' sakatu dezakezu, fitxategien babeskopia egin, eta ondoren, edozein momentutan berriz VeraCrypt abiatu eta 'Sistema' > 'Etendako Prozesua Jarraitu' aukeratu zifratze prozesuarekin jarraitzeko).\n\nPrest zaudenean 'Zifratu' klikatu ezazu zifratzen hasteko. - Edozein momentutan Eten edo Atzeratu botoiak klikatu ditzakezu zifratze edo argitze prozesua eteteko, laguntzaile honetatik irten, ordenagailua iztali edo berrabiatu eta, ondoren, prozesua jarraitu, hau automatikoki gelditu zen tokitik jarraituko du. Sistemak edo aplikazioak sistemaren unitatean datuak irakurri edo idazterakoan mantxotze bat gerta ez dadin, VeraCrypt-ek automatikoki itxaroten du datuak idatzi edo irakurtzen diren arte (goian dagoen Egoera begiratu ezazu) eta ondoren automatikoki zifratzen edo argitzen jarraituko du. - \n\nEdozein momentutan Eten edo Atzeratu klikatu dezakezu zifratze prozesua eteteko, laguntzaile honetatik irten, zure ordenagailua itzali edo berrabiatu, eta ondoren prozesuarekin jarraitu, honek eten zen puntutik jarraituko du. Ohartu zaitez bolumena ezin izango dela muntatu guztiz zifratuta dagoen arte. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Ezkutuko Sistema Hasi da - Jatorrizko Sistema - Windowsek (normalean erabiltzailearen ezagutza eta baimenik gabe) log fitxategi, behin behineko fitxategiak e.a. sistemaren partizioan sortzen ditu. Horretaz gain RAM memoriaren edukia gordetzen du hibernatzerakoan eta baita sistemaren partizioan dauden paginatze fitxategiak ere. Horregatik, arerio batek sistema originalean (noren ezkutuko sistema klon bat den) dauden fitxategiak arakatzen baditu, VeraCrypt laguntzailea ezkutuko sistema sortzeko moduan erabili zela jakin dezake (eta horrek ezkutuko sistema eragile bat esistitzen delaren seinale izan daiteke).\n\nArazo horiek eragozteko, hurrengo pausoetan VeraCrypt-ek sekurtasunez ezabatuko du sistema originala ostatzen duen partizioa. Hori eta gero, ezeztapen onargarria lortzeko, sistema berri bat instalatu eta zifratu beharko duzu. Horrekin sistema amua sortuko duzu eta sistema eragile ezkutua sortzeko prozesua bukatuta egondo da. - Ezkutuko sistema eragilea sortu egin da. Hala ere, erabiltzen hasi baino lehen (eta ezeztapen onargarria lortzeko), oraingo sistema eragilea dagoen partizioare eduki guztiak sekurtasunez (VeraCrypt erabiliz) ezabatu behar dituzu. Hori egin aurretik, zure ordenagailue berrabiatu behar duzu eta, VeraCrypt-en Hasieraketa Kargatzailearen pantailan (Windows hasi aurretik hasten dena), ezkutuko sistema eragilearen hasieraketa aurreko kautotze pasahitza sartu. Ezkutuko sistema hasti eta gero, TrueCryp-en laguntzailea automatikoki executatuko da.\n\nOhartu zaitez ezkutuko sistema eragilearen sorkunde prozesua orain bertan behera uzten baduzu EZ zarela prozesua jarraitzeko gai izango eta EZIN izango zarela ezkutuko sistema eragilean sartu (VeraCrypt-en Hasieraketa Kargatzailea ezabatu egingo delako). - Ezkutuko sistema eragilearen sorrera programatu duzu. Prozesua ez da oraindik bukatu. Bukatzeko, ordenagailua berrabiatu behar duzu eta, VeraCrypt Hasieraketa Kargatzailearen lehioan (Windows hasi aurretik agertzen dena), ezkutuko sistema eragilearen pasahitza sartu ezazu.\n\nOharra: Orain ezkutuko sistema eragilea sortzeko prozesua amaitzen baduzu, EZINGO duzu prozesua jarraitu. - Ordenagailua berrabiatu eta egin - Ezkutuko sistema eragilea sortzeko prozesua betirako gelditu - Ez egin ezer orain eta geroago galdetu - \nPOSIBLE BADA, TESTU HAU INPRIMATU (behean dagoen 'Inprimatu' sakatu)\n\n\nNoiz eta Nola erabili VeraCrypt-en Salbatze Diska (Zifratu eta Gero)\n-----------------------------------------------------------------------------------\n\n - I. Nola Abiatu VeraCrypt Salbatze Diska\n\nVeraCrypt Salbatze Diska abiatzeko, zure CD/DVD unitatean sartu ezazu eta ordenagailua berrabiatu ezazu.VeraCrypt Salbatze Diskaren lehioa agertzen ez bada (edo 'Konponketa Aukerak' aukera 'Teklatu Kontrolak' gunean ikusten ez bada VeraCrypt Salbatze Diskaren lehioan), gertatu daiteke zure BIOSa disko gogorrak CD/DVD unitateak baino lehenago abiatzeko konfiguratuta egotea. Hori gertatzen bada, zure ordenagailua berrabiatu ezazu F2 edo Ezabatu sakatu ezazu (BIOSa abiatzen ari delaren lehioa ikusi bezain laister), eta BIOSa konfiguratzeko lehioa agertzen den arte itxaron ezazu. BIOSa konfiguratzeko lehiorik agertzen ez bada, ordenagailua berriz berrabiatu ezazu eta F2 eta Ezabatu teklak behin eta berriro sakatu itzazu ordenagailua abiatu bezain laister. BIOSa konfiguratzeko lehioa agertzen denean, BIOSa konfiguratu ezazu lehendabizi CD/DVD unitatetik abiatu dadin (hau egiteko informazioa behar baduzu, zure BIOS/Oinarrizko Plaka-ren dokumentazio irakurri ezazu edo zure ordenagailuaren saltzailearen laguntza serbitzura jo ezazu). Ondoren zure ordenagailua berrabiatu ezazu. VeraCrypt Salbatze Diskaren lehioa agertu beharko litzateke orain. Oharra: VeraCrypt Salbatze Diskaren lehioan, 'Konponketa Aukerak' aukeratu dezakezu zure teklatuaren F8 tekla sakatuz.\n\n\n - II. Noiz eta nola erabili VeraCrypt-en Salbatze Diska (Zifratu eta gero)\n\n - 1) VeraCrypt Hasieraketa Kargatzailearen lehioa ordenagailua abiatu eta gero agertzen ez bada (edo Windows abiatzen ez bada), VeraCrypt Hasieraketa Kargatzailea hondatuta egon daiteke. VeraCrypt Salbatze Diska hau konpontzen du eta zifratutako sistema eta datuetara heltzeko bidea ematen dizu (hala ere, ohartu zaitez edozein modutan pasahitz zuzena sartu beharko duzula). Salbatze Diskaren lehioan 'Konponketa Aukerak' > 'VeraCrypt Hasieraketa Kargatzailea leheneratu' aukera hautatu ezazu. Gero 'Y' sakatu ezazu ados egoteko, ondoren Salbatze Diska zure CD/DVD unitatetik atera eta ordenagailua berrabiatu ezazu.\n\n - 2) Pasahitz zuzena behin baino gehiagotan sartzen baduzu baina VeraCrypt-ek pasahitza zuzena ez dela esaten badizu, gako nagusia edo beste ezinbesteko daturen bat hondatuta egon daiteke. VeraCrypt Salbatze Diskak hauek leheneratzen uzten dizu eta, ondorioz, zifratutako sistema eta datuetara sartzeko aukera (modu honetan ere pasahitz zuzena sartu behar izango duzu). Salbatze Diskaren lehioan, 'Konponketa Aukerak' > 'Gakoaren Datuak Leheneratu' aukeratu ezazu. Ondoren zure pasahitza sartu, 'Y' sakatu ezazu ekintza baieztatzeko, Salbatze Diska zure CD/DVD unitatetik atera eta zure ordanagailua berrabiatu ezazu.\n\n - 3) VeraCrypt Hasieraketa Kargatzailea hondatuta badago, hura exekutatzeaz eragotzi ahal duzu zuzenean VeraCrypt Salbatze Diskarekin abiatuz. VeraCrypt salbatze diska zure CD/DVDan sartu ezazu eta Sablatze Diskaren Pantallan zure pasahitza sartu ezazu.\n\n - 4) Windows hondatuta badago eta ezin bada abiatu, VeraCrypt-en Salbatze Diskak Windows asi aurretik partizioa/unitatea betirako argitzeko aukera ematen dizu. Salbatze Diskaren lehioan, horretarako 'Konponketa Aukerak' > 'Sistemaren Partizio/Unitatea Betirako Argitu' aukeratu ezazu. Ondoren pasahitz zuzena sartu eta argitze prozesua bukatzen den arte itxaron ezazu. Orduan, adibidez, Windows-en CD/DVD-arenkin abiatu eta zure Windows instalazioa konpondu dezakezu.\n\n - Oharra: Alternatiboki, Windows hondatuta badago (ezin bada abiatu) eta konpontu behar baduzu (edo bertan dauden fitxategietara heldu), sistemaren partizioa/unitatearen argitze prozesua eragotzi dezakezu ondorengo pausoak jarraituz: Sistema eragile bat baino gehiago instalatuta baldin baduzu, hasieraketa aurreko kautotzerik behar ez duen bat abiatu ezazu. Zure ordenagailuan sistema eragile bakarra instalatuta baldin baduzu, WinPE edo BartPE CD/DVD bat abiatu dezakezu edo bestela zure sistemaren unitatea beste ordenagailuan bigarren mailako edo kanpoko unitate bat bezala instalatu dezakezu eta gero ordenagailuaren sistema eragilea abiatu. Sistema bat aabiatu eta gero, VeraCrypt abiatu, eta 'Gailua Aukeratu'-n klik egin ezazu, hondatutako partizioa aukeratu ezazu, 'Ados' sakatu, 'Sistema' > 'Hasieraketa Kautotzerik Gabe Muntatu' aukeratu, zure hasieraketa haurreko kautotze pasahitza sartu eta 'Ados' sakatu. Partizioa ohiko VeraCrypt bolumen bat bezala muntatuko da (datuak RAM memorian bertan zifratu eta argituko dira, ohi bezala).\n\n\n - Ohartu zaitez nahiz eta VeraCrypt-en Salbatze Diska galdu eta erasotzaile batek aurkitu, bera EZ da gai izango sistemaren partizioa/unitatea argitzeko pasahitz zuzena izan gabe.. - \n\nG A R R A N T Z I T S U A -- MESEDEZ, AHAL BADUZU TESTU HAU INPRIMATU (beheko 'Inprimatu' sakatu)\n\n\nOharra: Testu hau automatikoki agertuko da ezkutuko sistema abiatzen duzun bakoitzean sistema amua sortzen hasten zaren arte.\n\n\n - Nola Sortu Sistema Amu Bat Sekurtasunez\n----------------------------------------------------------------------------\n\nEzeztapen onargarria lortzeko, orain sistema eragile amu bat sortu behar duzu. Hori egiteko, hurrengo pausoak jarraitu itzazu:\n\n - 1) Sekurtasun arrazoiengatik, ordenagailua itzali ezazu eta minutu batzuk itzalita utzi ezazu (hainbat eta denbora gehiago, hobeto). Hau memoria ezabatzeko beharrezkoa da, zeinek datu garrantzitsuak dituen. Ondoren ordenagailua piztu ezazu baina ez ezazu ezkutuko sistema abiatu.\n\n - 2) Windows instalatu ezazu bere edukiak ezabatuko diren partizioan (hau da, sistema originala zegoen partizioa, zeinena ezkutuko sistema klon bat den).\n\nGARRANTZITSUA: SISTEMA AMUA INSTALATZEN HASTEN ZARENEAN, *EZINGO* DA EZKUTKO SISTEMA ABIATU (VeraCrypt-en Hasieraketa Kargatzailea Windows sistemaren instalatzaileak ezabatuko duelako). HAU NORMALA ETA AURREIKUSITA DAGO. EZ ZAITEZ IZUTU. EZKUTUKO SISTEMA ABIATU AHAL IZANGO DUZU SISTEMA ERAGILE AMUA ZIFRATZEN HASI BEZAIN LAISTER (VeraCrypt-ek automatikoki VeraCrypt-en Hasieraketa Kargatzailea instalatuko duelako sistemaren unitatean).\n\nGarrantzitsua: Sistema amuaren eta ezkutuko boluemaren tamainek berdinak izaten jarraitu behar dute (kondizio hau orain betetzen da). Gainera, ezin duzu partiziorik sortu sistema eragile amuaren eta ezkutuko sistema ostatzen duen partizioaren artean.\n\n - 3)Sistema amua abiatu ezazu (bigarren pausoan instalatu zenuena) eta bertan VeraCrypt instalatu ezazu.\n\nOhartu zaitez sistema amua ez duela inoiz datu pribaturik izan behar.\n\n - 6) Sistema amuan, VeraCrypt abiatu eta 'Sistema' > 'Sistemaren Partizioa/Unitatea Zifratu' aukeratu ezazu. VeraCrypt Bolumenak Sortzeko Laguntzailearen lehioa agertu bharko liteke.\n\nHurrengo pausoak VeraCrypt Bolumenak Sortzeko Laguntzailean eman behar dira.\n\n - 5) VeraCrypt Bolumenak Sortzeko Laguntzailean, ez ezazu 'Ezkutuko' aukera hautatu. 'Ohikoa' aukera hautatu eta 'Hurrengoa' sakatu.\n\n - 6)'Windows sistemaren partizioa zifratu' aukera hautatu ezazu eta 'Hurrengoa' sakatu.\n\n - 7)Ordenagailu honetan bakarrik ezkutuko sistema eragilea eta sistema ergile amua badaude, 'Hasieraketa Bakarra' aukera hautatu ezazu (ordenagailuan bi sistema hauek baino gehiago instalatuta badituzu, 'Hasieraketa Anitza' hautatu. Gero 'Hurrengoa' sakatu.\n\n - 8) GARRANTZITSUA: Pausu honetan, SISTEMA AMUARENTZAT, EZKUTUKO SISTEMARENTZAT AUKERATU ZENUEN ZIFRATZE ETA HASH ALGORITMO BERDINAK AUKERATU BEHAR DITUZU! BESTELA EZKUTUKO SISTEMARA EZINGO ZARA SARTU! Beste hitzetan, sistema amua ezkutuko sistemaren zifratze algoritmo berdinarekin zifratu behar da. Oharra: Honen arrazoia sistema amua eta ezkutuko sistema hasieraketa kargatzaile bera, zein erabiltzaileak aukeratutako algoritmo bakar bat onartzen duen (algoritmo bakoitzarentzat VeraCrypt Hasieraketa Kargatzailearen bertsio bat dago), erabiliko dutelako da.\n\n - 9) Pausu honetan, sistema eragile amuaren pasahitza aukeratu ezazu. Arerio batek hasieraketa aurreko kautotze pasahitza ematera behartzen badizu, pasahitz hau eman diezaiokezu (eman dezakezun beste pasahitza kanpoko bolumenarena da). Hirugarren pasahitzaren esistentzia (hau da, ezkutuko sistema eragilearen hasieraketa aurreko kautotze pasahitza) sekretupean jarraituko du.\n\nGarrantzitsua: Sistema amuarentzat akeratzen duzun pasahitzsa ezktutuko bolumenaren pasahitzarekin (hau da, ezkutuko sistema eragilearena) ezberdintasun asko izan behar ditu.\n\n - 10) Laguntzailearen hurrengo aginduak jarraitu itzazu amu-sistema eragilea zifratzeko.\n\n\n\n - Sistema Amua Sortu Eta Gero\n------------------------------------------------\n\nSistema amua zifratu eta gero, ezkutuko sistema eragilea sortzeko prozesu guztia bukatuta egongo da eta ondorengo hiru pasahitzak erabili ahal izango dituzu:\n\n1) Ezkutuko sistema eragilearen asieraketa aurreko kautotze pasahitza.\n\n2) Sistema eragile amuaren hasieraketa aurreko kautotze pasahitza.\n\n3)Kanpoko bolumenaren pasahitza.\n\n - Ezkutuko sistema eragilea abiatu nahi baldin baduzu, VeraCrypt Hasieraketa Kargatzailearen lehioan (ordenagailua piztu edo berrabiatu eta gero agertzen dena) ezkutuko sistema eragilearen pasahitza sartu behar duzu.\n\nSistema eragilie amua abiatu nahi baduzu, VeraCrypt Hasieraketa Kargatzailearen lehioan sistema eragile amuaren pasahitza sartu behar duzu.\n\nNorbaitek hasieraketa aurreko kautotze pasahitza ematera behartzen bazaitu sistema eragile amuaren pasahitza eman diezaiokezu. Ezkutuko bolumena (eta ezkutuko sistema eragilea) sekretupean jarraituko du.\n\n - Hirugarren pasahitza (kanpoko bolumenarena) norbaitek sistemaren partizioaren atzean dagoen lehendabiziko partizioaren, non kanpoko bolumena eta ezkutuko bolumena (ezkutuko sistema eragilea ostatzen duena) dauden, pasahitza ematera behartzen bazaitu hau eman diezaiokezu. Ezkutuko bolumena (eta ezkutuko sistema eragilea) sekretupean jarraituko du.\n\n\n - Sistema eragile amuaren pasahitza arerio bati eman eta honek sistema amuaren partizioaren zati hutsean dauden ausazko datuen zergatia galdetzen badizu, adibidez, ondorengo hau erantzun zenzake: "Partizioak VeraCrypt-ek zifratutako sistema bat zeukan baina hasieraketa aurreko kautotze pasahitza ahaztu nuen (edo sistema hondatuta zegoen eta ez zen abiatzen), beraz Windows berrinstalatu eta partizioa berriro zifratu behar izan nuen."\n\n\n - Jarraibide guztiak bete badira eta VeraCrypt-en Erabiltzaile Gidaren "Ezkutuko Bolumenentzako Sekurtasun Baldintzak eta Neurriak" kapituloko baldintzak bete badira, ezinezkoa izango da ezkutuko bolumena eta ezkutuko sistema eragilea esistitzen direla frogatzea, nahiz eta kanpoko bolumena muntatuta egon edo sistema eragile amua argitu edo abiatu bada.\n\nTestu honen kopia bat gorde edo inprimatzen baduzu (hau gogor gomendatzen da, zure inprimagailuak inprimitzen dituen dokumentuen kopia bere barneko memorian gordetzen ez baditu), sistema eragile amua sortu eta testu honetan dagoen informatzio guztia ulertu eta gero kopia horiek suntsitu beharko zenituzke (bestela, kopia hori aurkituko balitz, ordenagailu honetan ezkutuko sistema eragile bat dagoelaren susmoa eman dezake).\n\n - KONTUZ: EZKUTUKO BOLUMENA BABESTEN EZ BADUZU (hau egiteko informazioa nahi baduzu, VeraCrypt Erabiltzaile Gidaren "Kalteen Aurkako Babesa Ezkutuko Bolumenetan" atala irakurri ezazu), EZ EZAZU KANPOKO BOLUMENEAN IDATZI (ohartu zaitez sistema eragile amua EZ dagoela kanpoko bolumenean instalatuta). BESTELA, EZKUTUKO BOLUMENAREN GAINEAN IDATZI DEZAKEZU ETA HURA KALTETU (ETA BERE BARRUAN DAGOEN SISTEMA ERAGILEA)! - Sistema Eragilearen Klonazioa - Hurrengo urratsetan VeraCrypt ezkutuko sistema eragile berria sortuko du sistemaren partizioa ezkutuko bolumenera kopiatuz (kopiatutako datuak segidan zifratuko dira sistema amu bezala dagoen sistema eragileak daukan gako ezberdinarekin).\n\nKontutan izan ezazu prozesu hau hasieraketa aurreko ingurunean (Windows hasi aurretik) egingo dela eta asko iraun dezakela; orduak edo egunak (sistemaren partizioaren tamaina eta ordenagailuaren potentziaren arabera).\n\nProzesua bertan bera uzti ahal izango duzu ordenagailua itzaliz, sistema eragilea hasieratu eta prozesua jarraitu. Hala ere, prozesua mozten baduzu, sistema kopiatzeko prozesu guztia haieratik hasi behar izando da berriro (sistemaren partizioaren edukia ezin daitekeelako aldatu klonatze prozesua martxan dagoenean). - Ezkutuko sistema eragilearen sortzeko prozesua bertan behera utzi nahi al duzu?n\nOharra: Orain uzten baduzu ezingo diozu prozesuari berrekin. - Sistema zifratzeko aurre-azterketa bertan behera utzi nahi al duzu? - VeraCrypt-en sistema zifratzeko aurre-azterketak huts egin du. Berriz saiatu nahi duzu?\n\n'Ez' aukeratzen baduzu, hasieraketa aurreko kautotze osagarria desinstalatuko da.\n\nOharrak:\n\n- VeraCrypt Hasieraketa Kargatzaileak ez badizu pasahitzik eskatu Windows hasi aurretik, agian zure sistema eragilea ez da abiatzen instalatuta dagoen unitatetik. Hori ez dago onartua.\n\n- AES ez den zifraketa algoritmo bat erabili baduzu eta aurre-azterketak huts egin badu (eta pasahitza sartu duzu), gaizki diseinatuta dagoen erabiltzaile baten errua izan daiteke. 'Ez' aukeratu ezazu eta sistemaren partizio/unitatea berriz zifratzen saiatu zatez, baina oraingoan AES zifratze algoritmoa erabiliz (zeinek memoria behar baxuenak dituen).\n\n- Zergati eta konponbide gehiago ikusteko: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - Sistemaren partizioa/unitatea ez dirudi zifratuta dagoenik (ez zati bat, ez guztiz). - Zure sistemaren partizioa/unitatea (zatika edo guztiz) zifratuta dago.\n\nMesedez, sistemaren partizio/unitate osoa argitu jarraitu aurretik. Hori egiteko, 'Sistema' > 'Sistemaren Partizioa/Unitatea Betirako Argitu' aukeratu VeraCrypt lehio nagusiaren menuan. - Sistemaren partizioa/unitatea (zatika edo guztiz) zifratuta dagoenean, ezin zara VeraCrypt-en bertsio zahar batera aldatu (baina berri bat instalatu edo martxan dagoena berrinstalatu bai). - Zure sistemaren partizioa/unitatea momentu honetan zifratzen, argitzen edo beste modu batean aldatzen ari da. Mesedez, zifratze/argitze/aldatze prozesua eten ezazu (edo bukatu arte itxaron ezazu) jarraitu baino lehen.. - VeraCrypt Bolumenak Sortzeko Laguntzaile bat sistema honetan martxan dago eta sistemaren partizioa/unitatearen zifraketa/argitze prozesu bat egiten edo prestatzen ari da. Jarraitu baino lehen, mesedez, hura bukatu arte itxaron ezazu edo itxi ezazu. Ezin baduzu itxi, jarraitu baino lehen ordenagailua berrabiatu ezazu. - Sistemaren partizioaren/unitatearen zifraketa/argitze prozesua ez da bukatu. Mesedez, jarraitu baino lehen itxaron ezazu bukatzen den arte. - Errorea: Partizioaren/Unitatearen zifraketa/argitze prozesua ez da bukatu. Lehendabizi bukatu behar da. - Errorea: Partizioa/bolumena zifratzeko prozesua ez da bukatu. Lehendabizi bukatu behar da.\n\nOharra: Prozesua jarraitzeko, 'Bolumenak' > 'Etendako Prozesua Jarraitu' aukeratu ezazu VeraCrypt-en lehio nagusiaren menuan. - Pasahitza zuzena da, VeraCrypt-ek bolumenaren goiburua artitu du eta ezkutuko sistema daukan bolumen bat dela aurkitu du. Hala ere, ezin duzu ezkutuko sistema baten bolumenaren goiburua modu honetan aldatu.\n\nEzkutuko sistema baten bolumenaren pasahitza aldateko, ezkutuko bolumenean dagoen sistema eragilea abiatu ezazu, eta gero 'Sistema' > 'Pasahitza Aldatu' aukera hautatu ezazu VeraCrypt-en lehio nagusiaren menuan.\n\nGoiburuaren gakoaren ondorioztatzeko algoritmoa aldatzeko, ezkutuko sistema eragilea abiatu ezazu eta 'Sistema' > 'Goiburuaren Gakoa Ondorioztatzeko Algoritmoa Jarri' hautatu ezazu. - VeraCrypt-ek ez du onartzen ezkutuko sistema bat 'bertan' argitzea.\n\nOharra: Sistema amuaren partizioa argitu nahi baduzu, sistema amua abiatu, eta ondoren 'Sistema' > 'Sistemaren Partizio/Unitatea Betirako Argitu' aukeratu ezazu VeraCrypt-en lehio nagusiaren menuan. - Errorea: Parametro okerra/baliogabekoa - Partizio edo gailu bat aukeratu duzu baina laguntzailean aukeratu duzun moduan bakarrik fitxategi-edukiontzietarako balio du.\n\nLaguntzailearen modua aldatu nahi al duzu? - Horren ordez VeraCrypt fitxategi edukiontzia sortu nahi al duzu? - Sistemaren partizio/unitatea (edo hasieraketa partizioa) aukeratu duzu, baina aukeratu duzun laguntzailearen moduan bakarrik sistemakoak ez diren partizio/unitateekin dabil.\n\nHasieraketa aurreko kautotzea ezarri nahi (honek esan nahi du Windows abiatzen den bakoitzean zure pasahitza sartu beharko duzula) eta sistemaren partizio/unitatea zifratu? - Ziur zaude sistemaren partizioa/unitatea betirako argitu nahi duzula? - KONTUZ: Sistemaren partizio/unitatea betirako argitzen baduzu, bertan zifratu gabeko datuak idatziko dira.\n\nBenetan ziur zaude sistemaren partizio/unitatea betirako argitu nahi duzula? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Kontuz: Sistema zifratzeko zifraketa algoritmo kaskada erabiltzen baduzu, hondorengo arazoak aurkitu ditzakezu:\n\n1) VeraCrypt-en Hasiera Kargatzailea ohi baino handiagoa da, eta horregatik, ez dago tokirik unitatearen lehendabiziko pistan VeraCrypt Hasieraketa Kargatzailearen babeskopiarentzat. Horregatik, hau hondatzen bada (eta hau maiz gertatzen da, adibidez, programa batzuk dituzten gaizki diseinatuta dauden pirateriaren aurkako aktibatze moduak, VeraCrypt Salbatze Diska erabili beharko duzu abiatzeko edo VeraCrypt Hasieraketa Kargatzailea konpontzeko.\n\n2) Ordenagailu batzuetan, hibernaziotik bueltatzeko denbora gehiago behar da.\n\nEgon daitezkeen arazo hauek eragotzi daitezke kaskadan ez den algoritmo bat erabiliz (adidbidez, AES).\n\nZiur zaude zifraketa algoritmo kaskada erabili nahi duzula? - Aurrean aipatutako arazoren bat badaukazu, partizioa/unitatea argitu (zifratuta badago) eta ondoren berriro saiatu zaitez kaskadan ez den algoritmo batekin zifratzen (AES, adibidez). - KONTUZ: Sekurtasun arrazoiengatik, VeraCrypt ezkutuko sistema eragilean eguneratu baino lehen, sistema eragile amuan eguneratu beharko zenuke.\n\nHori egiteko, sistema amua abiatu eta bertan VeraCrypt instalatzailea abiatu ezazu. Ondoren sistema eragile ezkutua abiatu eta bertan ere instalatzailea abiatu ezazu.\n\nOharra: Sistema amuak eta sistema ezkutuak hasieraketa kargatzaile bera daukate. VeraCrypt bakarrik ezkutuko sisteman eguneratuko bazenu (eta ez sistema amuan), sistema amuak daukan VeraCrypt kontrolatzailearen bertsio zenbakia eta VeraCrypt Abiaketa Kargatzailearen bersio zenbakiak ezberdinak izango lirateke. Ezberdintasun horrek ordenagailuan sistema eragile ezkutu bat dagoelaren seinale izan liteke.\n\nJarraitu nahi al duzu? - Sistema eragilea abiatu duen VeraCrypt Hasieraketa Kargatzailearen bertsio zenbakia eta sistema honetan instalatuta dagoen VeraCrypt-en kontrolatzailearen bertsio zenbakia (eta VeraCrypt-en aplikazioena) ezberdinak dira.\n\nVeraCrypt instalatzailea exekutatu beharko zenuke (zeinen bertsio zenbakia VeraCrypt Hasieraketa Kargatzailearen bertsio zenbakiaren berdina den) sistema eragile honetan VeraCrypt eguneratzeko. - Sistema eragilea abiatu duen VeraCrypt Hasieraketa Kargatzailearen bertsio zenbakia ezberdine da sistema honetan instalatuta dagoen VeraCrypt kontrolatzailearena (eta VeraCrypt programena).Ohartu zaitez bertsio zaharkituak bertsio berrietan konponduta dauden akatsak izan ditzaketela.\n\nVeraCrypt Salbatze Diskatik abiatu ez baduzu, VeraCrypt berrinstalatu edo eguneratu beharko zenuke azkeneko bertsiora (hasieraketa kargatzailea ere eguneratuko da).\n\nVeraCrypt Salbatze Diskatik abiatu baduzu, hura eguneratu beharko zenuke ('Sistema' > 'Salbatze Diska Sortu'). - VeraCrypt Hasieraketa Kargatzailea eguneratu egin da.\n\nGogor gomendatzea orain VeraCrypt Salbatze Diska berri bat egitea (zein VeraCrypt Hasiera Kargatzailearen bertsio berri bat izango duen) 'Sistema' > 'Salbatze Diska Sortu' aukeratuz zure ordenagailua berrabiatu eta gero. - VeraCrypt Hasieraketa Kargatzailea eguneratu egin da.\n\nGogor gomendatzea orain sistema eragile amua abiatzea eta VeraCrypt Salbatze Diska berri bat egitea (zein VeraCrypt Hasiera Kargatzailearen bertsio berri bat izango duen) 'Sistema' > 'Salbatze Diska Sortu' aukeratuz. - VeraCrypt-en Hasieraketa Kargatzailea eguneratzean huts egin du. - VeraCrypt-ek sistemaren unitatearen benetako tamaina antzematerakoan huts egin du, horegatik, sistema eragileak ematen duen tamaina erabiliko da (benetako tamaina baino txikiagoa izan daitekeena). Ohartu zaitez hau ez dela VeraCrypt-en akats bat. - KONTUZ: Badirudi dagoeneko VeraCrypt-ek sistemako unitatea ezkutuko sektoreak aurkitzen saiatu dela. Aurreko bilaketa prozesuan arazorik aurkitu bazenuen, orain arazoak ekidin ditzakezu ezkutuko sektoreen bilaketa orain bertan behera utziz. Ohartu zaitez, hori egiten baduzu, VeraCrypt-ek sistema eragileak ematen duen tamaina erabiliko duela (unitatearen benetako tamaina baino txikiagoa izan daitekena).\n\nOhartu zaitez arazo hau ez duela VeraCrypt-en akats batek sortu. - Ezkutuko sektoreen bilaketa saltatu (sistema eragileak emandako tamaina erabili) - Ezkutuko sektoreak aurkitzen berriro saiatu - Errorea: Diskaren sektore bat edo gehiagoren edukia ezin da irakurri (ziurenik arazo fisiko batengatik).\n\nBertan zifratzeko prozesua sektore hauek irakurri ahal direnean bakarrik jarraituko du. VeraCrypt-ek sektore hauek irakurgarri bihurtu dezake bertan zeroak idatziz (ondorioz, zeroz beteriko blokeak zifratuko dira). Hala ere, ohartu zaitez irakurri ezin daitezkeen sektoreen edukia galduko dela. Hori eragotzi nahi baduzu, hondatuko datuen zati batzuk berreskuratzen saiatu zaitezke hirugarren baten tresna aproposak erabiliz.\n\nOharra: Fisikoki hondatutako sektoreak badira (hau da, datuak hondatu edo egiaztapeneko baturaren errorea ez bada) memoria gailu gehienek hondatutako sektoreetan idazten saiatzerakoan datuak beste tokitan idazten dituzte (ondorioz unitatean hondatutako sektoreen datuak zifratu gabe jarraituko dute).\n\nVeraCrypt-ek zeroak idaztea nahi duzu irakurri ezin diren sektoreetan? - Errorea: Diskoaren sektore bat edo gehiago ezin dira irakurri (ziurenik akats fisiko batengatik).\n\nArgitze prozesua egin ahal izateko VeraCrypt-ek irakurri ezin daitezkeen sektoreen edukia alde batera utzi beharko du (edukia pseudoausazko datuengatik aldatuko da). Ohartu zaitez, jarraitu aurretik, hondatutako datuen zati bat berreskuratzen saiatu zaitezkeela hirugarren baten tresnak erabiltzen.\n\nVeraCrypt-ek irakurri ezin daitezkeen datuak orain alde batera uztea nahi al duzu? - Oharra: VeraCrypt-ek irakurri ezin zitekeen %I64d sektoreen (%s) edukia aldatu du zifratutako zeroz beteriko testu blokeekin. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - '%s' agiriaren pasahitza/PIN-a sartu ezazu: - VeraCrypt-i sekurtasun agirira edo txartel azkarrera sartzen ahalbidetzeko, agiriaren edo txartel azkarraren PKCS #11 software liburutegia instalatu behar duzu. Libreria hori gailuarekin etorri beharko zen edo saltzailearen edo hirugarren baten weborritik deskargatzeko prest egon beharko liteke.\n\nLiburutegia instalatu eta gero, eskuz aukeratu dezakezu 'Liburutegia Aukeratu'-n sakatuz edo VeraCrypt automatikoki aurkitu dezake 'Liburutegia Auto-Aurkitu'-n sakatuz (bakarrik Windowsen sistemaren karpetan bilatuko da). - Oharra: zure sekurtasun agiriaren edo txartel azkarraren instalatutako PKCS #11 liburutegiaren izena eta helbidea jakiteko, mesedez agiri, txartel edo hirugarren baten softwarearen dokumentazioa irakurri ezazu.\n\n'Ados' sakatu helbidea eta fitxategi izena aukeratzeko. - VeraCrypt sekurtasun agiria edo txartel azkarra erabili ahal izan dadin, lehendabizi agiri/txartelaren PKCS #11 software liburutegia aukeratu behar duzu. Hori egiteko, 'Ezaugarriak' > 'Sekurtasun Agiriak' aukeratu ezazu. - PKCS #11 sekurtasun agirien liburutegia hasieratzerakoan huts edin du..\n\n Ziurta zaitez helbidea eta fitxategiaren izena PKCS #11 liburutegi batenak direla. PCKS #11 liburutegiaren helbidea eta fitxategiaren izena aldatzeko, 'Ezaugarriak' > 'Sekurtasun Agiriak' hautatu ezazu. - Ez da PKCS #11 liburutegirik aurkitu Windows sistemaren karpetan.\n\nMesedez, ziurtatu zaitez zure sekurtasun agiriaren (edo txartel azkarra) PKCS #11 liburutegia instalatuta dagoela (liburutegi hori agiri/txartelarekin etorriko zen edo saltzailearen edo beste hirugarren baten weborrian egongo da deskargatzeko). Windows sistemakoa ez den karpeta batean instalatuta badago, 'Liburutegia Aukeratu' hautatu ezazu liburutegiaren helbidea zeazteko (adibidez, agiri/txartelaren softwarrea instalatuta dagoen karpeta). - Ez da sekurtasun agiririk aurkitu.\n\nZihurta zaitez sekurtasun agiria zure ordenagailura konektatuta dagoela eta dagokion kontrolatzailea instalatuta dagoela. - Sekurtasun agiriaren gako-fitxategia ez da aurkitu. - Dagoeneko izen hori daukan sekurtasun agiri gako-fitxategia existitzen da. - Aukeratutako fitxategiak ezabatu nahi al dituzu? - Sekurtasun agiriaren gako-fitxategiaren helbidea ez da zuzena. - Sekurtasun agiriaren errorea - Sekurtasun agiriaren pasahitza ez da zuzena. - Sekurtasun agiriak ez du behar den memoria eskatutako eragiketa egiteko.\n\nGako-fitxategi bat inportatzen saiatzen ari bazara, fitxategi txikiago bat aukeratu beharko zenuke edo VeraCrypt-ek sortutako gako-fitxategi bat ('Tresnak' > 'Gako-fitxategi Sortzailea' aukeratu ezazu). - Irekita zeuden sekurtasun agiri sesioak itxi egin dira. - Sekurtasun Agiriaren Gako-fitxategiak Aukeratu - Erreten - Agiriaren Izena - Fitxategiaren Izena - GARRANTZITSUA: Ohartu zaitez hasieraketa aurreko kautotze pasahitzsak EB-etako teklatu estandarraren diseinua erabiliz idazten direla. Horregatik, beste teklatu diseinu bat erabiltzen sartu den pasahitza erabiltzen duen bolumen bat ezingo da muntatu hasieraketa aurreko kautotze pasahitza erabiliz (ohartu zaitez hau ez dela VeraCrypt-en akats bat). Bolumen hori hasieraketa aurreko pasahitza erabiliz muntatu ahal izateko, hurrengo pausoak jarraitu itzazu:\n\n1) 'Artxiboa Aukeratu' edo 'Gailua Aukeratu' sakatu bolumena aukeratzeko.\n2) 'Bolumenak' > 'Bolumenaren Pasahitza Aldatu' aukeratu ezazu.\n3) Bolumenaren pasahitza sartu ezazu.\n4) Teklatuaren diseinua aldatu ezazu English (US)-ra Windows-en erretiluan dagoen Hizkuntza barraren ikonoan klik eginez eta 'EN English (United States)' aukeratuz.\n5) VeraCrypt-en pasahitza berriaren laukitxoan, hasiereketa aurreko kautotze pasahitza idatzi ezazu.\n6) Pasahitza egiaztatu ezazu egiaztatze eremuan pasahitza berridatziz eta 'Ados' sakatu ezau.\nKONTUZ: Ohartu zaitez pausu hauek jarraituz bolumenaren pasahitza beti EB-etako teklatuaren diseinua erabiliz idatzi beharko dela (eta hau automatikoki bakarrik hasieraketa aurreko ingurunean gertatzen dela ziurtatzen da). - Sistemaren gogoko bolumenak abiatze-aurreko kautotze pasahitza erabiltzen muntatuko dira. Sistemaren gogoko bolumen batek ez badu pasahitz hori, ez da muntatuko. - Ohartu zaitez sistemaren gokoko bolumenetan VeraCrypt bolumenen ohiko eragiketak (adib. 'Guztiak Desmuntatu', auto-desmuntatu, e.a.) eragina izan ez dezaten, 'Administratzaileak bakarrik baimendu VeraCrypt-en sistemaren gogoko bolumenak ikusi eta desmuntatzeko' aukera gaitu behar duzula. Horretaz gain, VeraCrypt administratzaile baimenik gabe exekutatzen denean (lehenetsitako aukera Windows Vista eta gerokoetan), sistemaren gogoko bolumenak ez dira VeraCrypt aplikazioaren lehio nagusiko unitate letren zerrendan. - GARRANTZITSUA: Ohartu zaitez aukera hau gaitzen bada VeraCrypt-ek ez duela administratzaile baimenik izango, horregatik, muntatutako sistemaren gogoko bolumenak ez dira VeraCrypt-en lehioan agertuko eta ezin izango dira desmuntatu. Hortaz, adibidez, sistemaren gogoko bolumen bat desmuntatu nahi baduzu, VeraCrypt-en ikonoan (hasiera menuan) eskubiko klik egin ezazu eta 'Administratzaile Bezala Exekutatu' aukeratu ezazu. Limitazio berdina gartatzen da 'Guztiak Desmuntatu', 'Auto-Desmuntatu', 'Guztiak Desmuntatu'-ko tekla bereziak e.a. - Ohartu zaitez ezarpen honek bakarrik sistema eragilea berrabiatu ondoren eragina izango duela. - Errorea gertatu da komandoa irakurtzerakoan. - Babeskopiaren Diska - &Fitxategia aukeratu eta muntatu... - &Gailua Aukeratu eta Muntatu... - Administratzaileek bakarrik baimendu VeraCrypt-en sistemaren gogoko bolumenak ikusi eta desmuntatzeko - Windows abiatzen denean sistemaren gogoko bolumenak muntatu (hasieraketa prozesuaren hasierako fasean). - Kontuz: '%s' bezala munatutako bolumenean dagoen fitxategia ez da ondo desmuntatu eta akatsak izan ditzake. Hondatutako fitxategi sistema erabiltzeak datuen galera edo hondatzea ekar dezake.\n\nOharra: VeraCrypt bolumen bat daukan gailu bat fisikoki atera edo itzali baino lehen (adibidez, USB flash memoria gailu bat edo kanpoko disko gogor bat), VeraCrypt bolumena VeraCrypt-en beti desmuntau beharko zenuke.\n\n\nWindowsek fixategi sisteman erroreak bilatu eta konpontzen sailatzea (baldin badaude) nahi al duzu? - Kontuz: Sistemaren gogoko bolumen bat edo gehiago ez ziren ondo desmuntatu eta fitxategi sisteman akatsak izan ditzakete. Mesedez, gertakarien log-a irakurri ezazu informazio gehiago jasotzeko.\n\nHondatutako fitxategi sistema bat erabiltzea datuen galera edo hondatzea ekarri dezake. Kaltetutako sistemaren gogoko bolumenak egiaztatu beharko zenituzke akats bila (VeraCrypt-en eskubiko klik egin ezazu haietako bakoitzean eta 'Fitxategi Sistema Konpondu' aukeratu). - Kontuz: Hondatutako fitxategi sistema bat Microsoft-en 'chkdsk' tresnarekin konpontzeak hondatutako guneetan fitxategien galera eragin dezake. Horregatik, VeraCrypt bolumenean dauden fitxategien babeskopia beste, hondatu gabeko, VeraCrypt bolumen batera egitea gomendatzen da.\n\nFitxategi sistema orian konpondu nahi al duzu?. - '%s' bolumena irakurtzeko bakarrik muntatu da idazketa baimena ezeztatu zaiolako.\n\nZiurtatu zaitez edukiontzi fitxategian idazteko baimena dagoela (edukiontzian eskubiko klik egin eta Ezaugarriak > Sekurtasuna aukeratu).\n\nOhartu zaitez Windowsen arazo batengatik sekurtasun baimen aproposak jarri eta gero era, mezu hau ikusi dezakezula. Hu ez da VeraCrypt-en akats bat. Konponbide bat edukiontzia mugitzea da, adibidez, zure Dokumentuak karpetara.\n\nBolumen hau irakurtzeko bakarrik erabili nahi baduzu, edukiontziaren irarkurtzeko bakarrik ezaugarria gaitu ezazu (edukiontzian eskubiko klik egin eta Ezaugarriak > Irakurtzeko Bakarrik aukeratu ezazu), honek abisu hau kenduko du. - '%s' bolumena irakurtzeko bakarrik moduan muntatu behar izan da idazteko baimena ukatu delako.\n\n Mesedez, ziurta zaitez bolumena ostatuta dagoen partizioa/gailua erabiltzen ari den beste aplikaziorik (adib. antibirusa) ez dagoela. - '%s' bolumena irakurtzeko bakarrik muntatu da sistema eragileak gailu ostalaria idazketa-babesa daukala esan duelako.\n\nOhartu zaitez badirela txip erabiltzaile pertsonalizatu batzuk idazketa-babesaren seinalea oker ematen dutela.\n\nArazo honek ez du VeraCrypt-ek sortu. Hau konpondu daiteka sisteman instalatuta dauden txip erabiltzaile pertsonalizatuak (Mikrosoftekoak ez direnak) desinstalatu edo eguneratuz. - Ohartu zaitez Hyper-Threading teknologiak nukleo logiko asko ematen dituela nukleo fisiko bakoitzeko. Hyper-Threading gaituta dagoenean, goian aukeratutako zenbakia nukleo/prozesagailu logiko kopurua erakusten du.. - %d prozesu - Ohartu zaitez harware bidez azeleratutako AES-a ezgaituta dagoela, hau froga multzoaren emaitzetan nabarituko da (errendimentu okerragoa izango du).\n\nHardware bidezko azelerazioa gaitu nahi baduzu, 'Ezaugarriak' > 'Errendimendua' aukeratu ezazu eta bertan dagokion aukera gaitu ezazu. - Ohartu zaitez, momentu honetan prozesu kopurua mugatuta dagoela, hau froga multzoaren emaitzetan nabarituko da (errendimentu okerragoa izango du).\n\nProzesadorearen ahalmen osoa erabiltzeko, 'Ezaugarriak' > 'Errendimendua' aukeratu ezazu eta bertan dagokion aukera ezgaitu ezazu. - VeraCrypt partizioaren/unitatearen idazteko babesa ezgaitzen sailatzea nahi duzu? - KONTUZ: Ezarpen honek errendimenduari kalte egin diezaioke.\n\nZiur zaude ezarpen hau erabili nahi duzula? - Kontuz: VeraCrypt bolumena auto-desmuntatuta - Bolumena daukan gailua fisikoki kendu edo itzali bahino lehen, VeraCrypt bolumena beti desmuntatu beharko zenuke.\n\nOrokorrean, ustekabeko desmuntaketak normalean noizbehinka huts egiten duten kabletan, kontrolatzaileatan, e.a. izaten daukate jatorria. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Frogatu - Gako-fitxategia - Ezabatu - Tab - Clear - Ados - Pause - Caps Lock - Tarte tekla - Page Up - Page Down - End - Home - Ezkerrako Gezia - Gorako Gezia - Eskubirako Gezia - Beherako Gezia - Select tekla - Print tekla - Execute tekla - Print Screen - Insert - Delete - Aplikazioen tekla - Lo - Num Lock - Scroll Lock - Nabigatzailea Atzera - Nabigatzailea Aurrera - Nabigatzailea Eguneratu - Nabigatzailea Gelditu - Nabigatzailea Bilatu - Nabigatzailea Gogokoak - Nabigatzailea Orri Nagusia - Isildu - Bolumena Igo - Bolumena Jaitsi - Hurrengo Pista - Aurreko Pista - Gelditu - Erreproduzitu/Pausatu - E-posta Hasi Tekla - Media Aukeratu Tekla - 1. Aplikazioa - 2. Aplikazioa - Attn - CrSel - ExSel - Erreproduzitu - Zoom - Zenbaki Teklatua - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Utzi + Erabiltzaile &guztientzako instalatu + Na&bigatu... + VeraCrypt-en ikonoa idazmahian sortu + Orain eman... + .hc &luzapena VeraCrypt-i lotu + &Bukatzerakoan helbidea ireki + VeraCrypt &Hasiera menuan erantsi + &Sistemaren Berreskuratze puntu bat sortu + &Desinstalatu + &Atera + &Instalatu + VeraCrypt Konfigurazio Laguntzailea + VeraCrypt Desinstalatu + &Laguntza + Mesedez, aukeratu edo idatzi ezazu ateratako fitxategiak gorde nahi dituzun helbidea: + Mesedez, aukeratu edo idatzi ezazu VeraCrypt programaren fitxategiak instalatu nahi dituzun helbidea. Aukeratutako karpeta ez badago, automatikoki sortuko da. + Desinstalatu sakatu TueCrypt ordenagailutik kentzeko + Utzi + &Proba-Bankua + &Frogatu + Zifratutako bolumen bat sortu eta formateatu + Oraingo partizioa zifratu + Sortutako gakoak eratkutsi (beraien zatiak) + Multzoaren edukia erakutsi + CD/DVD -ak grabatzeko softwarea jaitsi + Fitxategiak edukitzeko zifratutako fitxategia sortu + &GB + &TB + Informazio gehiago + VeraCrypt-en &ezkututako bolumena + Ezkutuko bolumeni buruzko informazio gehiago + Modu Zuzena + Modu Normala + &KB + Gako-artxiboa &erabili + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + &Gako-artxiboa.. + Hash algoritmoei buruzko informazioa + Informazio gehiago + Information on PIM + &MB + Informazio gehiago + Sistemaren enkriptazioari buruzko Informazio gehiago + Informazio gehiago + Hasieraketa-Anitza + Sistemarena ez den partizio/diska zifratu/drive + &Ez gorde inoiz historia + Kanpoko liburukia ireki + &Eten + Use P&IM + Use PIM + Formatu Azkarra + &Pasahitza erakutsi + &Pasahitza erakutsi + &Display PIM + Hasieraketa-bakarra + VeraCrypt-en ohiko liburukia + &Izkutukoa + Normala + Sistemaren partizioa edo sistemaren disko osoa zifratu + Windows sistemaren partizioa zifratu + Disko osoa zifratu + VeraCrypt bolumenak sortzeko laguntzailea + Klusterra + GARRANTZITSUA: Xagua ahal duzun ausazkoen mugitu ezazu lehio honetan. Zenbat eta gehiago, hobeago. Honek zifratzeko gakoen asko indartzen du. 'Hurrengoa' botoia sakatu jarraitzeko. + &Baieztatu: + Eginda + Drive letter: + Zifratzeko Algoritmoa + Fitxategi Sistema + Fitxategi batean zifratutako disko birtuala sortzen du. Esperientziarik gabeko erabiltzaileentzako gomendatua. + Aukerak + Hash Algoritmoa + Goiburuaren Gakoa: + Ezkerra + Gako Nagusia: + Aukera hau hautatu ordenagailu honetan sistema eragile bi edo gehiago badaude.\n\nAdibidez:\n- Windows XP and Windows XP\n-Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X + Sistemakoa ez den partizioa edo edozein barruko edo kanpoko unitatea (ad. flash memoria gailua) zifratzen du. Aukeran, ezkutuko bolumena sortzen du. + Oraingo multzoaren edukina (zatia) + Sartu + Pasahitza: + Volume PIM: + Volume PIM: + Aurrerapena: + Ausazko taldea: + Aukera hau hautatu ordenagailu honetan sistema eragile bakarra badago (erabiltzaile anitzak badauzka ere). + Abiadura + Egoera + Gakoak eta beste datuak ondo sortu dira. Gako berriak sortu nahi badituzu, Atzera eta gero Hurrengoa sakatu itzazu. Bestela Hurrengoa sakatu jarraitzeko. + Windows instalatuta dagoen partizio edo unitatea zifratzen du. Sisteman sartu eta erabili nahi duen edonork; fitxategiak irakurri, idatzi, e.a.; pasahitz zuzena sartu beharko du Windows hasieratzen den bakoitzean. Aukeran, ezkutuko sistema ere sortzen du. + Aukera hau hautatu orain martxan dagoen Windows sistema eragilea instalatuta dagoen partizioa zifratzeko. + Volume Label in Windows: + Garbiketa modua: + Itxi + Hasieraketa aurreko kautotzea alde batera utzi Esc tekla sakatuz (hasieraketa kudeatzailea gaitzen du) + Ez egin ezer + &VeraCrypt bolumena (behean zehaztutakoa) automatikoki muntatu + &VeraCrypt Hasi + Liburutegia Auto-&Detektatu + &Hasieraketa aurreko kautotze pasahitza unitatearen memorian gorde (sistemakoak ez diren bolumenak muntatzeko) + Nabigatu... + Nabigatu... + Pasahitzak eta gako-fitxategiak memorian &Katxeatu + Muntatutako bolumenik ez dagoenean irten + &Agiri sesioa itxi (irten) bolumena ondo muntatu eta gero + Include VeraCrypt Volume Expander + VeraCrypt-en bolumenak sortzeko laguntzailea erantsi + Sortu + &Bolumena Sortu + &Ez erakutsi inolako testurik hasieraketa aurreko kautotze pantailan (beheko mezu pertsonala izan ezik) + Disable "Evil Maid" attack detection + AES zifratze/argitze prozesua azeleratu prozesadorearen AES instrukzioak erabiliz (baldin badaude). + Gako-fitxategiak erabili + Gako-fitxategiak erabili + &Irten + Gogoko bolumenen laguntza + Bolumena ez muntatu 'Gogoko Bolumenak Muntatu' &tekla berezia sakatzerakoan + Aukeratutako bolumena muntatu gailu &ostalaria konektatzerakoan + Aukeratutako bolumena &sesioa hasterakoan muntatu + Aukeratutako bolumena &irakurtzeko bakarrik muntatu + Aukeratutako bolumena &kendu daitekeen gailu bat bezala muntatu + &Behera Mugitu + &Gora Mugitu + Aukeratutako bolumena muntatzerakoan &exploratzailearen lehio batean ireki + &Kendu + Use favorite label as Explorer drive label + Aukera Globalak + Argibide bunbuiloa erakutsi tekla bereziarekin ondo desmuntatu eta gero + Sistemaren jakinarazpen soinua jarri tekla bereziarekin ondo desmuntatu eta gero + Alt + Ctrl + Shift + Win + Esleitu + Kendu + Gako-fitxategiak... + Ez erabili hurrengo prozesadore kopurua zifratu/argitzeko: + Informazio Gehiago + Informazio Gehiago + Aukera gehiago... + &Gailuak Auto-Muntatu + Muntaketa &aukerak... + Bolumenak &irakurtzeko bakarrik muntatu + Gako-fitxategiak... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Gaituta + Pasahitzak gorde gailuaren memorian + Bolumena auto-desmuntatu daturik ez bada idatzi/irakurri + Erabiltzailea saioa amaitzen du + User session locked + Energia aurrezteko moduan sartzen + Pantaila-babeslea martxan dago + Desmuntaketa eragin bolumenak irekitako fitxategi eta direktorioak dituen arren + Gailuetako VeraCrypt bolumen guztiak muntatu + VeraCrypt-en ezkutuko lana hasi + Bolumenak &irakurtzeko bakarrik muntatu + Bolumenak kendu daitezkeen gailuak bezala muntatu + Explorer-aren lehioa ireki muntatutako bolumenentzako + Temporary Cache password during "Mount Favorite Volumes" operations + Ataza-barra ikono ezberdin bat erabili muntatutako bolumenak badaude + Gordetako pasahitzak ezabatu automatikoki desmuntatzerakoan + Gordetako pasahitzak ezabatu irtetzerakoan + Fitxategi-ontzietako aldatze data mantendu + Ezabatu + &Gailua aukeratu... + &Fitxategia aukeratu... + &Liburutegia aukeratu... + Pasahitza erakutsi + Pasahitza erakutsi + Muntatutako Bolumenak &Explorer-aren lehioak ireki + Pasahitza &gorde diskaren memorian + TrueCrypt Mode + &Guztiak desmuntatu + &Bolumenaren ezaugarriak... + Bolumenaren &Tresnak... + &Memoria ezabatu + VeraCrypt - Mount Parameters + VeraCrypt - Gogoko Bolumenak + VeraCrypt - Sistema osoaren tekla bereziak + VeraCrypt + Pasahitza edo gako-fitxategiak aldatu + VeraCrypt Bolumenaren Pasahitza + VeraCrypt - Errendimenduaren Aukerak + VeraCrypt - Lehentasunak + VeraCrypt - Sistemaren Zifraketaren Aukerak + VeraCrypt - Sekurtasun Agiriaren Lehentasunak + VeraCrypt Diska Bidaiariaren Konfigurazioa + VeraCrypt bolumenaren ezaugarriak + TrueCryp-i buruz... + Bolumenatik gako-fitxategiak Gehitu/Kendu... + Muntatutako Bolumena Gogokoetara Gehitu... + >Muntatutako Bolumena Sistemaren Gogokoetara Gehitu... + Sistemaren Errorea Aztertu... + Bolumenaren goiburuaren segurtasun-kopia egin... + Proba-bankua... + Goiburuaren Gakoa Ondorioztatzeko Algoritmoa Jarri... + Bolumenaren pasahitza aldatu... + Goiburuaren Gakoa Ondorioztatzeko Algoritmoa Jarri... + Pasahitza aldatu... + Bolumenen historioa ezabatu + Sekurtasun Agiriko Saio Guztiak Itxi + Kontaktatu... + Ezkututako sistema eragilea sortu... + Salbatze diska sortu... + Bolumen berria sortu... + Permanently Decrypt... + Lehenetsitako gako-fitxategiak... + Default Mount Parameters... + Orain eman... + Sistemaren partizioa/diska zifratu... + Maiz egindako galderak + Erabiltzailearen Gida + &Horri Nagusia + Tekla Bereziak... + Gako-Fitxategi sortzailea + Hizkuntza... + Lege Oharrak + Sekurtasun Agiri Gako-Fitxategiak Kudeatu... + Gailuetako Bolumen Guztiak Automuntatu + Gogoko bolumenak muntatu + Hasieraketa Aurreko &Kautotzerik Gabe Muntatu Mount... + Bolumena muntatu + Bolumena aukerekin muntatu + Berriak + Laguntza interneten + Hasiberrientazko erakustaldia + Gogoko Bolumenak Sailkatu... + Sistemaren Gogoko Bolumenak Sailkatu... + Errendimendua... + Partizioa/Diska betirako argitu + Lehentasunak... + Disken letrak eguneratu + Gako-fitxategi guztiak bolumenatik ezabatu... + Bolumenaren goiburua leheneratu... + Etendako prozesua jarraitu + Gailua aukeratu... + Fitxategia aukeratu... + Etendako prozesua jarraitu + Sistema zifratu... + Ezaugarriak... + Aukerak... + Sistemaren bolumen Gogokoak... + Deskargak + Bektoreak frogatu... + Sekurtasun Agiriak... + Diska Bidaiariaren Configurazioa... + Muntatutako bolumen guztiak desmuntatu + Bolumena desmuntatu + Salbatze diska egiaztatu + Verify Rescue Disk ISO Image + Bertsioen Historia + Volume Expander + Bolumenaren ezaugarriak + Bolumenak sortzeko laguntzailea + VeraCrypt-en web orria + Gordetako pasahitzak ezabatu + Ados + Hardwaren Bidezko Azelerazioa + Lasterbidea + AutoRun-aren Konfigurazioa (autorun.inf) + Auto-Desmuntatu + Hauetan guztia desmuntatu: + Hasieraketa kargatzailearen pantailako aurkerak + Pasahitza berretsi: + Oraingoa + Mezu hau hasieraketa aurreko kautotze pantailan erakutsi (24 karaktere gehienez): + Lehenetsitako muntaketa aukerak + Tekla berezien aukerak + Driver Configuration + Enable extended disk control codes support + Aukeratutako gogoko bolumenaren etiketa: + Fitxategien aukerak + Esleitzeko Gakoa: + Ordenagailu honetako prozesadoreak (CPU-ak) AES algoritmoa hardware bidez azelerazea onartzen du: + Windowsen sartzean egiteko zereginak + + minutu + Bolumena muntatu diska letra honekin: + Muntaketaren Aukerak + Berria + Pasahitza: + Prozesuetan Oinarritutako Paralelizazioa + PKCS #11 Liburutegiaren Helbidea + PKCS-5 PRF: + PKCS-5 PRF: + Pasahitzen Memoria + Sekurtasun Aukerak + VeraCrypt Ezkutuko Lana + Muntatzeko VeraCrypt bolumena (gailu eramangarriaren jatorritik): + Gailu eramangarria sartzerakoan: + Gailu eramangarriaren fitxategiak hemen sortu (gailu eramangarriaren jatorria): + Bolumena + Windows + &Helbidea gehitu... + &Guztia automatikoki frogatu + &Jarraitu + &Argitu + &Ezabatu + &Zifratu + &Esportatu... + Gako-fitxategia sortu eta gorde Generate and Save Keyfile... + &Ausazko gako-fitxategia sortu... + Hizkuntza paketea jaitsi + Hardware Bidez Azeleratutako AESa: + Gako-fitxategia agiri batera &inportatu... + Fitxategiak &Gehitu... + &Gako-fitxategiak Erabili + &Gako-Fitxategiak... + &Kendu + &Dena Kendu + Zer da ezkutuko bolumenaren babesa? + Gako-fitxategiei buruzko informazio gehiago + Bolumena muntatu gailu &mugikor bat bezela + Partizioa &sistemaren zifraketa erabiltzen muntatu hasieraketa aurreko kautotzerik gabe + Paralelizazioa: + Proba-bankua + &Inprimatu + &Ezkutuko bolumena kanpoko bolumenean idazteak eragin dezakeen kaltearen kontra babestu + &Ezabatu + &Pasahitza erakutsi + &Artxibo agiriak gehitu... + Bolumenean goiburuaren integratutako &babeskopia badago, erabili + XTS modua + + VeraCrypt-i buruz + VeraCrypt - Zifratzeko Algoritmoaren Proba-Bankua + VeraCrypt - Bektoreak Frogatu + Komandoko Laguntza + VeraCrypt - Gako-fitxategiak + VeraCrypt - Gako-fitxategi Sortzailea + VeraCrypt - Hizkuntza + VeraCrypt - Muntaketa Aukerak + Sekurtasun Agiri Gako-fitxategiaren Ezaugarriak + VeraCrypt - Ausazko Multzoaren Aberasketa + Partizio edo Gailu Bat Aukeratu + VeraCrypt + Sekurtasun Agiri Gako-fitxategiak + Sekurtasun Agiriaren pasahitza/PIN-a behar da + Hizkuntza Pakete Aktiboa + Abiaduran CPU-aren karga eta gailuaren ezaugarriak eragina daukate.\n\nProba hauek RAM-ean egiten dira. + Bufferaren Tamaina: + Zifratu: + &Ezkutuko bolumenarentzako pasahitza:\n(hutsik badago, gordetakoa erabiliko da) + Ezkutuko Bolumenaren Babesa + Gakoaren Tamaina: + GARRANTZITSUA: Zure xagua ahalik eta ausazkoen mugitu ezazu lehio honen barruan. Zenbat eta gehiago, hobeto. Honek gako-fitxategiaren indar kriptografikoa handitzen du. + KONTUZ: Gako-fitxategi bat galtzen baduzu edo lehenengo 1024 kilobytetako bit bat aldatzen bada, ezinezkoa izango da gako-fitxategi hori erabiltzen duten bolumenak muntatzea! + bit-ak + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Hauek Izulita: + Testu Arruntako tamaina: + bit-ak + Oraingo multzoaren edukiera + PRF nahasten: + GARRANTZITSUA: Zure xagua ahalik eta ausazkoen mugitu ezazu lehio honen barruan. Zenbat eta gehiago, hobeto. Honek sekurtasuna asko handitzen du. Egindakoan 'Jarraitu' sakatu. + Bigarren Mailako Gakoa (hamaseitarra) + Sekurtasun agiria: + Sailkatze Modua: + Mesedez itxaron. Prozesu honek denbora asko iraun dezake... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Blokearen Zenbakia: + Zifratutako Testua (hamaseitarra) + Datu unitatearen zenbakia (64-bit hamaseitar, datu unitatearen tamaina 512 byte-takoa da) + Gakoa (hamaseitarra) + Testu arrunta (hamaseitarra) + Gako-fitxategiaren izena: + XTS modua + &Sistema + &Bolumenak + &Gogokoak + &Tresnak + &Aukerak + &Laguntza + &Orri Nagusia + + &VeraCrypt-i buruz... + Zure bolumen zaharraren irakurri-bakarrik atributua ezin izan da aldatu. Mesedez egiaztatu itzazu fitxategiaren baimenak. + Errorea: Sarbidea ukatuta.\n\nSatzen saiatzen ari zaren partizioak 0 sektoreko luzeera dauka edo hasieraketa gailua da + Administratzailea + TrueCryp-en kontrolatzailea kargatzeko administratzaile baimeneko kontu batekin saioa izan behar duzu. + Kontutan izan ezazu partizio/gailu bat enkriptatzeko/formateatzeko administratzaile baimeneko kontu batekin saioa izan behar duzula.\n\nHau ez da beharrezkoa fitxategi barneko bolumenentzako. + Ezkutuko bolumena sortzeko administratzaile baimeneko kontu batekin saioa izan behar duzu.\n\nJarraitu? + Ohartu zaitez bolumena NTFS moduan formateatu nahi baduzu administratzaile bezela sesioa zian behar duzula.\n\nAdministratzaile baimenik ez baduzu bolumenari FAT formatua eman diezaiokezu. + FIPS onartutako zifraketa (Rijndael, 1998ean argitaratua). E.B. gobernuko departamentu eta agentziek erabili dezakete informazio sekretua babesteko Top Secret mailara arte. 256 biteko gakoa, 128 biteko blokea, 14 saio. XTS moduan lan egiten du. + Bolumena dagoeneko muntatuta dago. + KONTUZ: Gutxienez enkriptazio edo laburpen algoritmo bat huts egin du auto-konprobaketa automatikoa egiterakoan!\n\nVeraCrypt-en instalazioa hondatuta egon daiteke. + KONTUZ: Ausazko Zenbaki Sortzailearen multzoan ez daude datu nahikoak eskatutako auskazko datuak ekoizteko.\n\nEz zenuke aurrera egin behar. Mesedez, 'Akats baten berri eman' aukeratu ezazu 'Laguntza' menuan eta akats honen berri eman ezazu. + Unitatea hondatuta dago (arazo fisiko bat dauka) edo kablea hondatuta dago, edo memoria ez dabil ondo.\n\nOhartu zaitez hau zure hardwarearen arazoa dela, ez TrueCryp-ena. Hortaz, mesedez EZ iezaiozu akats honen berri eman TrueCryp-i eta EZ ezazu laguntza eskatu VeraCrypt foroetan. Mesedez, zure ordenagailuaren saltzailearen laguntza-zerbitzuarekin harremanetan jarri zaitez konpontzeko. Mila esker.\n\nOharra: errorea toki berdinean behin eta berriro agertzen bada, zihurenik diskoaren bloke bat hondatuta dago. Hau batzuetan hirugarren batek egindako softwarea erabiltzen konpondu daiteke (ohartu zaitez, kasu askotan, 'chkdsk /r' comandoak ezin duela akatsa zuzendu fitxategi-sistema mailan bakarrik lan egiten duelako; kasu batzuetan, 'chkdsk' ez du ezta errorea detektatzen). + Gailu eramangarri batera sartzen ari bazara, zirutatu zaitez gailua ondo konektatuta dagoela. Unitatea/gailua hondatuta egon daiteke (akats fisiko bat izan dezake), kablea era hondatuta edo konektatu gabe egon daiteke. + Zure sitema erabiltzen ari den kontrolatzaile pertsonalizatu batek sistema osoko zifraketa eragozten duen akats bat duela dirudi.\n\nMesedez saia zaitez desinstalatzen edo eguneratzen edozen pertsonalizatriko kontrolatzaileak (Microsoft-enak ez direnak) jarraitu aurretik. Honek ez badu konpontzen, saia zaitez sistemaren partizioa bakarrik zifratzen. + Baliogabeko disko letra. + Baliogabeko Helbidea. + Utzi + Gailua ezin da erabili. Zihurta zaitez gailua esistitzen dela eta sistemak ez dagoela erabiltzen. + Kontuz: Blok Maius piztuta dago. Honek pasahitza gaizki sartzea eragin dezake. + Bolumen Mota + Gerta liteke norbaitek zifratutako bolumen baten pasahitza ematera behartzea. Badaude egoera asko pasahitza sekretuan mantendu ezin duzunetan (adibidez,txantaila batengatik). Ezkutuko bolumen deritzon bat erabiltzeak egoera horietatik pasahitzik erabili gabe irteteko balio du. + Aukera hau hautatu ezazu VeraCrypt bolumen normala sortu nahi baduzu. + Kontutan izan ezazu ezkutuko partizioan dagoen bolumenean sistema eragile bat instalatu nahi baldin baduzu, orduan sistemaren unitate osoa ezingo dela zifratu gako bakarra erabiliz. + Kanpoko Bolumena Zifratzeko Aukerak + Ezkutuko Bolumena Zifratzeko Aukerak + Zifratzeko Aukerak + KONTUZ: Aukeratutako bolumenaren/gako-fitxategiaren helbidea ezabatzean huts egin du (fitxategi-aukeratzaileak gogoratuko du)! + Errorea: Edukiontzia fitxategi sismtema mailean konprimatuta dago. VeraCrypt ez ditu onartzen konprimatutatutako edukiontziak (ohartu zaitez zifratutako datuak konprimatzea erredundantea eta baliogabekoa dela).\n\nMesedez, edukiontziaren konprimazioa desgaitu hurrengo hurratsak jarraituz:\n1) Eskubiko botoiarekin edukiontzian klik egin Windows Exporer-ean (ez VeraCrypt-en).\n2)'Ezaugarriak' hautatu.\n3)'Ezaugarriak' elkarriztekta-koadroan, 'Aurreratuak' aukeratu.\n4)'Atributu aurreratuak' elkarriztekta-koadroan 'Edukiak Konprimatu diskan lekua aurrezteko' aukera desgatu eta gero 'Ados' sakatu.\n5)'Ezaugarriak' elkarriztekta-koadroan, 'Ados' sakatu. + Ezin izan da %s bolumena sortu + %s-ren tamaina %.2f byteekoa da + %s-ren tamaina %.2f KB-ekoa da + %s-ren tamaina %.2f MB-ekoa da + %s-ren tamaina %.2f GB-ekoa da + %s-ren tamaina %.2f TB-ekoa da + %s-ren tamaina %.2f PB-ekoa da + KONTUZ: Sistemak edo aplikazioek gailua/partizioa erabiltzen ari dira. Gailua/partizioa formatatzea datuen hondatzea eta sistemaren ezegonkortasuna sortu dezake.\n\nJarraitu? + KONTUZ: Sistema eragileak edo aplikazioek partizioa erabiltzen ari dira. Partizioa erabiltzen egon daitezken aplikazio guztiak itxi behar dituzu (software antibirusa barne).\n\nJarraitu? + Errorea: Partizioak/gailuak dismuntatu ezin daitekeen fitxategi sistema dauka. Sistema eragileak fitxategi sistema erabiltzen ari daiteke. Partizioa/gailua formatatzea ziurenik datuak hondatuko ditu eta sistemaren desegonkortasuna sortuko du.\n\nArazo hau konpontzeko formatatu gabe partizioa ezabatu eta berriz sortzeko gomendatzen dugu. Hau egiteko hurrengo pausoak jarraitu:\n1)Eskubiko-klik egin ezazu 'PC' (edo 'Nire PC') ikonoan 'Hasiera Menu'-an, gero 'Kudeatu' aukeratu. 'Ordenagailuaren Kudeaketa' lehioa agertu beharko liteke.\n2)'Ordenagailuaren Kudeaketa' lehioan, 'Bilketa'>'Diskoen Kudeaketa' aukeratu.\n3)Eskubiko-klik egin ezazu zifratu nahi duzun partizioan eta ondorengo aukera bat hautatu: 'Partizioa ezabatu', 'Bolumena Ezabatu' edo 'Unitate Logikoa Ezabatu'.\n4) 'Bai' sakatu. Windows-ek berrabiatzeko eskatzen badizu, hori egin. Gero 1 eta 2 pausuak berriro egin eta 5.arekin jarraitu.\n5)Eskubiko-clik esleitu gabeko/hutsik dagoen eremuan eta honako bat aukeratu: ' Partizio Berria', 'Bolumen Sinple Berria' ero 'Disko Logiko Berria'.\n6)'Partizio Berria Laguntzailea' edo 'Bolumen Sinple Berria Laguntzailea'-ren lehioa ireki beharko liteke; bere aginduak jarraitu itzazu. Laguntzailearen 'Partizioa Formatatu' lehioan, 'Partizioa Hau ez Formatatu' edo 'Bolumen hau ez Formatatu' aukeratu. Gero, laguntzaile horretan, 'Hurrengoa' sakatu eta gero 'Bukatu'. \n7) Ohartu zaitez VeraCrypt-en hautatu duzun unitatearen helbidea oker egon daitekeela orain. Hortaz, VeraCrypt Bolumenak Sortzeko Laguntzailetik atera zaitez (oraindik martxan badago) eta berriro ireki ezazu.\n8)Partizioa/Gailua berriro zifratzen saiatu zaitez\n\nVeraCrypt-ek behin eta berriro huts egiten badu gailua/partizioa enkriptatzerakoan, agian horren ordez fitxategi-edukiontzia izan dezakezu. + Errorea: Fitxategi sistema ezin izan da blokeatu/desmuntatu. Agian sistema eragilea edo beste aplikazioren bat (adibidez, antibirusa) erabiltzen ari da.Partizioa zifratzea datuak hondatu eta sistemaren ezegonkortasuna sortu dezake.\n\nMesedez, fitxategi sistema erabiltzen ari daitezkeen aplikazioak itxi itzazu (antibirusa barne) eta berriro saiatu. Honek ez badu laguntzen, behean dauden pausuak jarraitu itzazu.. + KONTUZ: Muntatutako gailu/partizio batzuk erabiltzen ari ziren!\n\nHau kontutan ez hartzeak nahi ez diren ondorioak ekar diztake, sistemaren ezegonkortasuna barne.\n\nGailuak/partizioak erabiltzen ari den edozein programa istea gogor gomendatzen dugu. + Aukeratu duzun gailua partizioak dauzka.\n\nGailua formatatzea sistemaren ezegonkortasuna eta datuen hondatzea sortu dezake. Mesedez, aukeratu gailuaren partizio bat, edo gailuaren partizio guztiak ezabatu VeraCrypt-ek arazorik gabe formatatu dezan. + Aukeratutako sistemarena ez den gailua partizioak dauzka.\n\nGailuan egindako VeraCrypt bolumen zifratuak partizioak ez dauzkaten gailuetan egin daitezke (disko gogorrak eta egoera-solidoko diskak barne). Partizioak dauzkan gailu bat guztiz 'bertan' enkriptatzeko dagoen modu bakarra (gako nagusi bakarra erabiliz) horretan Windows instalatuta badago eta bertatik hasieratzen bada.\n\nSistemakoa ez den gailu hori gako nagusi bakarrarekin zifratu nahi baduzu, lehendabizi bertan dauden partizio guztiak ezabatu beharko dituzu VeraCrypt-ek arazorik gabe formatatu dezan (partizioak dauzkan gailue formatatzea sistemaren ezegonkortasuna eta datuen galera sortu dezake). Alternatiboki, partizio bakoitza banaka zifratu dezakezu (partizio bakoitza gako nagusi ezberdin batekin zifratuko da).\n\nOharra: GPT disko batetik partizio guztiak kendu nahi badituzu, agian MBR diska motara bihurtu beharko duzu (adibidez, Computer Management tresna erabiliz) ezkutuko partizioak ezabatu ahal izateko. + Kontuz: Gailu osoa zifratzen baduzu (bertan dagoen partizio bat zifratu ordez), sistema eragileak gailua berritzat artuko du, hutsik eta formaturik gabe (partizio taularik izango ez duelako) eta izan daiteke gailua hasieratzen hastea (edo hori egiteko galdetuko dizu), horrek bolumena hondatu dezake. Horretaz gain, ez da posible izango modu iraunkor batean bolumena gogoko bezala muntatu (hau da, unitatearen zenbakia aldatzen denean) edo gogoko bolumenaen etiketa jarri.\n\nHori eragozteko, partizio bat sortu eta partizio hori zifratzeko aukera kontutan hartu dezakezu.\n\nZiur zaude gailu osoa zifratu nahi duzula? + GARRANTZITSUA: Gogoratu ezazu bolumen hau ezin dela muntatu/atzitu %c: unitate letra erabiliz dagoeneko eslaituta daukalako!\n\nBolumen hau muntatzeko, 'Gailuak Auto-Muntatu' sakatu ezazu VeraCrypt-en lehio nagusian (alternatiboku, VeraCrypt-en lehio nagusian, 'Gailua Aukeratu' sakatu, gero partizio/gailu hau aukeratu eta, bukatzeko, 'Muntatu' sakatu). Bolumena unitate letra ezberdin batera muntatuko da, zein zuk aukeratu dezakezun VeraCrypt-lehio nagusian dagoen zerrendatik.\n\n%c: unitate letra originala partizioari/gailuari zifraketa kendu nahi badiozu bakarrik erabili behar da (adibidiez: ez baduzu zifraketa behar). Kasu horretan, eskubiko klik egin ezazu %c: unitate letran 'Ordenagailua' (edo 'Nire Ordenagailua') zerrendan eta 'Formatatu' aukeratu. Bestela, %c: unitate letra ez litzateke inoiz erabili behar (kentzen ez duzun bitartean, VeraCrypt-en FAQ-etan deskribatuta dagoen bezala, eta beste partizio/gailu bati esleitzen badiozu). + Sistemarenak ez diren bolumenak ezin dira "bertan" zifratu erabiltzen ari zaren sistema eragilearen bertsioak onartzen ez duelako (Windows Vista eta geroagoko Windowsen bertsioetan bakarrik dago onartuta).\n\nWindowsen bertsio honek fitxategi sistema baten txikiagotzea onartzen ez duelako gertatzen da hau (fitxategi sistema txikiagotu egin behar da bolumenaren gohiburu eta goiburuaren babeskopiarentzako tokia egiteko). + Aukeratutako partizioa ez dirudi NTFS fitxategi sistema duenik. Bakarrik NTFS fitxategi sistema daukaten partizioak 'bertan' zifratu daitezke.\n\nOharra: Windowsek ez du beste fitxategi sistemak uzkurtzen uzten (fitxategi sistema bolumenaren goiburuarentzat eta babeskopiarako goiburuarentzat tokia egiteko uzkurtu behar da). + Aukeratutako partizioa ez dirudi NTFS fitxategi sistema duenik. NTFS fitxategi sistema duten partizioak bakarrik erabili daitezke "bertan" zifratzeko.\n\nPartizio horretan zifratutako VeraCrypt bolumen bat sortu nahi baduzu, "Zifratutako Bolumena Sortu eta Formatatu" aukera hautatu ezazu (Partizioa 'Bertan' Zifratu" aukeraren ordez). + Errorea: Partizioa txikiegia da. VeraCrypt-ek ezin du "bertan" zifraketa egin. + Partizio honen datuak zifratzeko, jarraitu itzazu pauso hauek:\n\n1) Hutsik dagoen partizio/gailu batean VeraCrypt bolumen bat sortu eta muntatu.\n\n2) Zifratu nahi duzun partizioko fitxategi guztiak muntatutako TrueCryp bolumenean kopiatu itzazu (lehendabiziko pausoan sortu eta muntatu dena). Modu honetan VeraCrypt-ekin zifratutako datuen babeskopia sortuko duzu.\n\n3)Zifratu nahi duzun partizioan VeraCrypt bolumen bat sortu eta ziurtatu zaitez (VeraCrypt-en laguntzailean) "Zifatutako bolumen bat sortu eta formatatu" aukera hautatzen duzula (ez "Partizioa 'bertan' zifratu"). Ohartu zaitez partizioan dauden datu guztiak ezabatuko direla. Bolumena sortu eta gero muntatu ezazu.\n\n4) Babeskopiako VeraCrypt bolumenean (lehendabiziko pausoan sortutakoa) dauden fitxategi guztiak 3. pausoan sortutako (eta muntatutako) VeraCrypt bolumenera kopiatu itzazu.\n\nPauso hauek bukatu eta gero datuak zifratuta egongo dira eta, gainera, hauen babeskopia zifratu bat egongo da. + VeraCrypt-ek bakarrik partizio bat, bolumen dinamiko bat edo sistemaren unitate osoa "bertan" zifratu dezake.\n\nSistemakoa ez den aukeratutako gailuan zifratutako VeraCrypt bolumen bat sortu nahi baduzu, "Zifratutako bolumen bat sortu eta formatatu" aukera hautatu ("Partizioa 'bertan' zifratu" aukera hautatu ordez). + Errorea: VeraCryptek bakarrik partizio oso bat, bolumen dinamiko bat edo sistemaren unitate osoa 'bertan' moduan zifratu dezake. Mesedez, ziurta zaitez aukeratutako helbidea zuzena dela. + Errorea: Ezin izan da fitxategi sistema txikiagotu (fitxategi sistema txikiagotu behar da bolumenaren goiburu eta goiburuaren babeskopiarako tokia egiteko).\n\nIzan daitezken zergatiak eta konponbideak:\n\nBolumenean ez dago toki huts nahikoa. Ziurta zaitez fitxategi sisteman idazten duen beste aplikaziorik ez dagoela.\n\n- Kaltetutako fitxategi sistema. Egiaztatzen eta konpontzen saiatu zaitez ('Ordenagailua' zerrendan dagokion unitate letran eskubiko clik egin, Ezaugarriak > Tresnak > 'Orain Egiaztatu' hautatu, ziurta zaitez 'Fitxategi sistemaren erroreak automatikoki konpondu' aukera hautatuta dagoela, eta 'Hasi' sakatu).\n\nGoiko pausoek ez badute lagundu, beheko pausoak jarraitu itzazu. + Errorea: bolumenean ez dago beharrezkoa den leku librea eta fitxategi sistema ezin da txikiagotu (fitxategi sistema txikiagotu behar da bolumenaren goiburu eta goiburuaren babeskopiarako tokia egiteko).\n\nMesedez, bikoiztuta dauden fitxategiak ezabatu eta zakarrotzia hustu gutxienez 256KB eko toki libre uzteko eta berriz saiatu. Ohartu zaitez Windowsen arazo batengatik Windows Expolerrek adierazten duen duen leku librea oker egon daiteke sistema berrabiatu arte. Berrabiatzeak ez badu laguntzen, fitxategi sistema oker egon daiteke. Erroreak bilatu eta konpontzen saiatu zaitez ('Ordenagailua' zerrendan dagokion unitate letran eskubiko clik egin, Ezaugarriak > Tresnak > 'Orain Egiaztatu' hautatu, ziurta zaitez 'Fitxategi sistemaren erroreak automatikoki konpondu' aukera hautatuta dagoela, eta 'Hasi' sakatu).\n\nGoiko pausoek ez badute lagundu, beheko pausoak jarraitu itzazu. + %s unitatean %.2f byte libre daude. + %s unitatean%.2f KB libre daude. + %s unitatean%.2f MB libre daude. + %s unitatean%.2f GB libre daude. + %s unitatean%.2f TB libre daude. + %s unitatean%.2f PB libre daude. + Ezin izan dira erabili gabeko unitate letrak aurkitu. + Errorea: VeraCryptCrypt-en kontrolatzailea ez da aurkitu.\n\nMesedez 'veracrypt.sys' eta 'veracrypt-x64.sys' fitxategiak VeraCrypt-en programa nagusia (VeraCrypt.exe) dagoen tokira kopiatu itzazu. + Errorea: Onartzen ez den VeraCrypt kontrolatzailearen bertsoio bat martxan dago.\n\nVeraCrypt modu eramangarrian erabiltzen saiatzen ari bazara (hau da, instalatu gabe) eta dagoeneko VeraCrypt-en bertsio bat instalatuta dago, lehendabizi hura desinstalatu behar duzu (edo VeraCrypt instalatzailea erabiliz eguneratu). Desinstalatzeko, ondorengo pausoak jarraitu itzazu: Windows Vista eta gerokoetan, 'Hasiera' menua aukeratu > Ordenagailua > 'Pograma aldatu edo desinstalatu' > VeraCrypt > Desinstalatu; Windows XP-n 'Hasiera' menua aukeratu > Aukerak > 'Kontrol Panela' > 'Programak Gehitu edo Kendu' > VeraCrypt > Kendu.\n\nAntzekotasunez, VeraCrypt modu eramangarrian erabiltzen saiatzen ari bazara (hau da, instalatu gabe) eta VeraCrypt-en bertsio ezberdin bat dagoeneko modu eramangarrian martxan baldin badago, lehendabizi sistema berrabiatu beharko duzu eta ondoren bertsio berria bakarrik abiatu. + Errorea: Zifraketaren hasieraketak huts egin du. + Errorea: Gako ahul edo potentzialki ahula detektatu da. Gakoa alde batera utziko da. Mesedez, berrio sailatu. + Errore kritikoa gertatu da eta VeraCrypt itxi behar da. Hau VeraCryptek daukan akats bat sortu badu, konpontzea gustatuko litzaiguke. Gu laguntzeko automatikoki sortu den errore txostena bidali diezagukezu honako datuekin:\n\n- Programaren bertsioa\n- Sistema eragilearen bertsioa\n- PUZ mota\n- TrueCryp osagaiaren izena\n- TrueCryp exekutagarriaren egiaztapen batura\n - Lehioaren izen sinbolikoa\n- Errore kategoria\n- Errorearen helbidea\n- VeraCrypt-en dei pila\n\n'Bai' aukeratzen baduzu, hurrengo URLa (errore txosten osoa daukana) zure lehenetsitako Internet nabigatzailean irekiko da.\n\n%hs\n\nGoiko errore txostena bidali nahi al diguzu? + Zure sisteman errore kritikoa gertatu da eta VeraCrypt itxi egingo da.\n\nOhartu zaitez errore hau ez duela VeraCrypt-ek eragin (beraz, VeraCrypt-en garatzaileek ezin dute konpundu). Mesedez, zure sistema arakatu ezazu arazoen bila (adib.: sistemaren konfigurazioa, sarearen konexioa, gaizki dabiltzan euskarri fisikoak). + Errore kritikoa gertatu da zure sisteman, horregatik VeraCrypt itxi egingo da.\n\nErrore hau behin eta berriro gertatzen bada, arazo hau sortzen ari daitezken programak ezgaitzen edo desinstalatzen saiatu zaitezke, adibidez, antibirusak edo Interneterako segurtasun programak, "hobetzaileak", "optimizatzaileak" e.a. Hau laguntzen ez badu, sistema eragilea berrinstalatzen saiatu zaitez (batzutan malwareak ere sortu dezake arazo hau). + VeraCrypt-en Errore Kritikoa + VeraCrypt-ek sistema eragileak errore kritiko bat izan duela detektatu du. Arrazoi asko egon daitezke sistemaren errore honen atzetik (adibidez, hardware gailu baten errorea, gailu kontrolatzaile baten akats bat e.a.)\n\nVeraCrypt-ek akats horren sortzaile izan den ala ez konprobatzea nahi al duzu? + VeraCrypt-ek sistemaren errore kritikoak detektatzen jarraitzea nahi al duzu? + VeraCrypt-ek ez du errore kritikoaren miniiraulketa fitxategia aurkitu. + Windows-en errore kritikoaren irauketa fitxategia ezabatu nahi al duzu diskoan tokia egiteko? + Sistemaren errore kritikoa aztertu baino lehen VeraCrypt-ek Microsoft Debugging Tools for Windows instalatu behar du.\n\nAdos sakatu ondoren, Windowsen instalatzaileak Microsoft Debugging Tools deskargatzen hasiko da (16 MB) Mircrosoft-en serbitzari batetik eta, ondoren, instalatuko du (Windows instalatzailea beti eskuragarri izateko, Microsoftek instalatze paketearen helbidea aldatzen badu ere, Microsoft serbitzariaren helbidea veracrypt.org serbitzaritik lortuko da).. + Ados sakatu eta gero, VeraCrypt-ek sistemaren errore kritikoa aztertuko du. Honek minutu batzuk eman diztake. + Mesedez, ziurtatu zaitez 'PATH' inguruneko aldagaiak 'kd.exe' (Kernel Debugger) programaren helbidea daukala. + Dirudienez VeraCrypt-ek ez du sistemaren errorea eragin. Sistemak arazo askorengatik errore kritiko bat izan dezake (adibidez, hardware gailu baten akats batengatik, gailu kontrolagailu baten akats batengatik,...) + Analisiaren emaitzak esaten dute arazo hau konpondu dezakezula hondorengo kudeatzailea eguneratzen baduzu: + VeraCrypt-en akats bat dagoen jakiten laguntzeko, automatikoki ondorengo datuak dituen errorearen txosten bat bidali diezagukezu:\n- Programaren bertsioa\n- Sistema eragilearen bertsioa\n- CPU mota\n- Errorearen maila\n- Kontrolatzailearen izena eta bertsioa\n- Sistemaren dei pila\n\n'Bai' aukeratzen baduzu, ondorengo helbidea (zeinek errorearen txosten osoa daukan) zure lehenetsitako Internet nabigatzailean irekiko da. + Goiko erroreari buruzko txostena bidali nahi diguzu? + &Zifratu + &Argitu + &Betirako Argitu + Irten + Mesedez, unitate logiko bat sortu ezazu hedadutako partizio honentzat, gero berriro saiatu zaitez. + VeraCrypt bolumen bat fitxategi baten barruan (VeraCrypt edukiontzia deritzona) ostatu daiteke, hau disko gogor batean, USB memoria gailu batean e.a-etan ostatu daiteke. VeraCrypt edukiontzi bat beste edozein fitxategi bezalakoa da (hau da, beste edozein fitxategi bat bezala mugitu eta ezabatu daiteke). 'Fitxategia Aukeratu' klikatu edukiontziaren izena eta non sortuko den hautatzeko.\n\nKONTUZ: Dagoeneko existitzen den fitxategi bat aukeratzen baduzu, VeraCrypt-ek ez du zifratuko; fitxategia ezabatu egingo da eta horren ordez VeraCrypt edukiontzia jarriko da. Geroago, existitzen diren fitxategiak zifratu ahal zango dituzu sortzen ari zaren VeraCrypt edukiontzira mugituz. + Hautatu ezazu kanpoko bolumena sortuko den tokia (bolumen honen barruan ezkutuko bolumena sortuko da).\n\nVeraCrypt bolumena fitxategi baten barruan egon daiteke (VeraCrypt edukiontzia deritziona), hau disko gogor edo USB flash gailu baten barruan egon daiteke. VeraCrypt edukiontzi bat beste edozein fitxategi bat bezale mugitu eta ezabatu daiteke. 'Fitxategia Aukeratu' klikatu edukiontzi fitxategiaren izena eta sortuko den tokia aukeratzeko. Dagoeneko existitzen den fitxategi bat aukeratzen baduzu, VeraCrypt-ek ez du zifratuko; ezabatu eta horren ordez sortzten ari zaren edukiontzia sortuko da. Geroago, existitzen diren fitxategiak zifratu ahal zango dituzu sortzen ari zaren VeraCrypt edukiontzira mugituz. + >Gailu baten barruko VeraCrypt bolumena disko gogor baten partizioan, egoera solidoko unitate, USB memoria gailu eta beste edozein biltegi bateragarrian sortu daiteke. Partizioak 'bertan' ere zifratu daitezke.\n\nGainera zifratutako gailu-barruko VeraCrypt bolumenak partiziorik gabeko gailuetan sortu daitezke (disko gogorrak eta egoera solidoko unitateak barne).\n\nOharra: Partizioak dauzkan gailu bat 'bertan' zifratzeko (gako bakarra erabiliz), Windows instalatuta dagoen unitatea eta bertan hasieratzen den tokia izan behar du. + Gailu-barruko VeraCrypt bolumenak disko gogor baten partizioan, egoera solidoko unitate, USB memoria gailu edo beste edozein biltegitan sortu daiteke.\n\nKONTUZ: Ohartu zaitez partizioa/gailua formatatuko dela eta bertan dagoen datu guztiak galdu egingo direla. + \nAukeratu ezazu kanpoko bolumena sortzeko tokiaren helbidea (geroago, bolumen honetan ezkutuko bolumena sortuko da).\n\nKanpoko bolumenak disko gogorretako, egoera-solidoko unitatetako, USB memoria gailuetako eta beste edozein onartutako memoria gailuetako partizioetan sortu daitezke. Kanpoko bolumenak partizioak ez dauzkaten gailuetan ere sortu daitezke (disko gogorrak eta egoera-solidoko unitateak barne).\n\nKONTUZ: Ohartu zaitez partizioa/gailua formatatu egingo dela eta bertan dauden datu guztiak galdu egingo direla. + \nVeraCrypt bolumenaren helbidea, non ezkutuko bolumena sortu nahi baituzu, aukeratu ezazu. + KONTUZ: Fitxategi/gailu ostalaria erabiltzen ari da!\n\nHau ezikustea nahi ez diren emaitzak sortu ditzake sistemaren ezegonkortasuna barne. Fitxategi/gailu ostalaria erabiltzen ari diren aplikazio guztiak (adibidez: antibirusak edo babeskopia programak) bolumena muntatu baino lehen itxi beharko lirateke.\n\nMuntatzen jarraitu? + Errorea: Ezin da bolumena muntatu. Fitxategi/gailu ostalaria erabiltzen ari da. Atzipen esklusiborik gabeko muntaketa sailakerak ere huts egin du. + Fitxategia ezin izan da ireki. + Bolumenaren Kokapena + Fitxategi Handiak + TrueCryp bolumen honetan 4GB baino gehiagoko fitxategiak gordetzeko asmoa ba al duzu? + Goian egindako aukeraketaren arabera, VeraCrypt-ek ondo dagokion fitxategi sitema lehenetsiko du (hurrengo pausoan fitxategi sistema hautatzeko aukera izango duzu). + Kanpoko bolumen bat sortzen hari zarenez, 'Ez' aukeratzea kontuan izan dezakezu. 'Bai' aukeratzen baduzu, lehenetsitako fitxategi sistema NTFS izango da, eta hau ez dagokio FAT kanpoko bolumenei (adibidez, ezkutuko bolumen baten tamaina askoz handiagoa izango da FAT moduan formatatutako bolumen batean). Orokorrean, FAT da lehenetsitako aukera bai ezkutuko, bai bolumen arruntetan (beraz FAT bolumenak ez dira susmagarriak). Hala ere, erabiltzaileak 4GB baino gehiagoko fitxategiak gorde nahi dituela jakinaratzten badu (FAT sistemak onartzen ez duena), FAT ez da lehenetsitako aukera izango. + Ziur zaude 'Bai' aukeratu nahi duzula? + Bolumena Sortzeko Modua + VeraCrypt bolumena partizo edo gailu batean sortzeko modurik azkarrena da hau ("bertan" egindako zifraketa, beste aukera, mantxoagoa da sektore bakoitza lehendabizi irakurri, gero zifratu eta gero iratzi behar delako). Momentu honetan partizioan/gailuan dauden datu guztiak galduko dira (datuak EZ dira zifratuko; ausazko datuekin ezabatuko da. Partizioan dagoen datuak zifratu nahi badituzu, beste aukera hautatu. + Aukeratutako partizio guztia eta bertan gordetako datuak dauden tokian zifratuko dira. Partizioa hutsik badago, beste aukera hautatu beharko zenuke (bolumena askoz azkarrago sortuko da). + Oharra: + &Berrekin + &Atzeratu + &Hasi + &Jarraitu + &Formateatu + &Ezabatu + Formateatzea utzi? + Informazio gehiago erakutsi + Ez erakutsi hau berriro + Partizioaren/Unitateaern edukiera ezabatu egin da. + Partizioaren, non jatorrizko sistema baitzegoen (norena ezkutuko sistema klona baitzen), edukiera ezabatu egin da. + Mesedez, ziurta zaitez instalatu behar duzun Windows (ezabatutako partizioan) bertsioa orain martxan dagoenaren berdina dela. Hau beharrezkoa bi sistemek hasieraketa partizio bera izango dutelako. + Sistemaren partizioa/unitatea zifratu egin da.\n\nOharra: Sistemakoak ez diren VeraCrypt bolumenak badaude eta Windows abiatzen den bakoitzean automatikoki muntatu nahi badituzu, hori egin dezakezu hauek eskuz muntatuz eta ondoren 'Gogokoak' > 'Muntatutako Bolumena Sistemaren Gogokoetara Gehitu' aukeratuz. + Sistemaren partizio/unitatea argitu egin da. + \n\nVeraCrypt bolumena sortu egin da eta erabiltzeko prest. TrueCryp bolumen berri bat egin nahi baduzu Hurrengoa sakatu. Bestela Irten klikatu. + \n\nEzkutuko bolumena sortu egin da (ezkutuko sistema eragilea ezkutuko bolumenean egongo da).\n\n "Hurrengoa" klikatu jarraitzeko. + Bolumena Guztiz Zifratu Da + Volume Fully Decrypted + GARRANTZITSUA: ORAIN SORTU DUZUN VERACRYPT BOLUMEN HAU MUNTATU ETA HAN DAUDEN DATUAK IRAKURTZEKO, 'Gailuak Auto-Muntatu' KLIKATU TRUECYPT-EN LEHIO NAGUSIAN. Pasahitz (edo/eta gako-fitxategi) zuzena sartu eta gero, bolumena VeraCrypt-en lehio nagusiko zerrendan hautatutako unitate letrarekin muntatuko da (eta zifratutako datuak irakurri ahal izango dituzu unitate letra horren bitartez).\n\nMESEDEZ AIPATUTAKO PAUSOAK GOGORATU EDO IDATZI ITZAZU. BOLUMENA MUNTATU ETA DATUAK IRAKURRI NAHI DITUZUN BAKOITZEAN JARRAITU BEHAR IZANGO DITUZU. Alternatiboki, VeraCrypt-en lehio nagusian, 'Gailua Aukeratu' botoian klik egin, partizioa/bolumena hautatu eta 'Muntatu' klikatu.\n\nPartizioa/Bolumena arazorik gabe zifratu da (guztiz zifratutako VeraCrypt bolumena dauka orain) eta erabiltzeko prest dago. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCrypt bolumena sortu egin da. + Bolumena Sortu Da. + GARRANTZITSUA: Zure xagua ahalik eta ausazkoen mugitu ezazu lehio honen barruan. Zenbat eta gehiago, hobeto. Honek gakoaren zifraketa boterea asko indartzen du. Gero 'Formatatu' sakatu bolumena sortzeko. + Formatatu sakatu kanpoko bolumena sortzeko. Informazio gehiago nahi baduzu, dokumentazioa begira ezazu. + Kanpoko Bolumena Formatatu + Ezkutuko Bolumena Formatatu + Bolumena Formatatu + Adobe Reader (edo beste tresna bateragarria) beharrezkoa de True Crypt-en Erabiltzailearen Gida ikusteko. Adobe Reader (freeware) hemen deskargatu daiteke: www.adobe.com\n\nHorren ordez linean dagoen dokumentazioa ikusi nahi al duzu? + Aukera hau hautatzen baduzu, laguntzaileak VeraCrypt bolumen normal bat sortzen lagunduko dizu, eta hor barruan ezkutuko bolumen bat. Esperientziarik gabeko erabiltzaileak aukera hau hautatu beharko lukete beti. + Aukera hau hautatzen baduzu, dagoeneko existitzen den VeraCrypt bolumen baten barruan ezkutuko bolumen bat sortuko du. Dagoeneko ezkutuko bolumena ostatzeko VeraCrypt bolumen egoki bat sortu duzula hartuko da. + Bolumena Sortzeko Modua + Ezkutuko Bolumena Sortu Da + VeraCrypt-en ezkutuko bolumena sotu da eta erabiltzeko prest dago. Jarraibideak bete badira eta VeraCrypt-en erabiltzaile gidaren "Ezkutuko Bolumenentzako Sekurtasun Baldintzak eta Neurriak" kapituloko betebeharrak bete badira, ezinezkoa da ezkutuko bolumenaren esistentzia frogatzea, baita kanpoko bolumena muntatuta dagoenean ere.\n\nKONTUZ: EZKUTUKO BOLUMENA BABESTEN EZ BADUZU (HORI EGITEKO INFORMAZIOA NAHI BADUZU VERACRYPT-EN ERABILTZAILE GIDAREN "EZKUTUKO BOLUMENEN KALTEEN AURKAKO BABESA" KAPITULOA IRAKURRI EZAZU), EZ EZAZU KANPOKO BOLUMENEAN IDATZI. BESTELA, EZKUTUKO BOLUMENAREN GAINEAN IDATZI DEZAKEZU ETA HURA HONDATU! + Ezkutuko sistema eragilea abiatu duzu. Agian ohartu zaren bezala, ezkutuko sistema eragilea jatorrizko sistema eragilearen partizio berean instalatuta dagoela dirudi. Hala dirudien arren, errealitatean haren atzean dagoen partizio batean instalatuta dago (ezkutuko bolumenean). Irakurtze eta idazte eragiketa guztiak gardenki berrabiatzen dira jatorrizko sistemaren partiziotik ezkutuko bolumenera.\n\nEz sistema eragileak, ez aplikazioak, ez dute jakingo sistemaren partizioan idatzi eta irakurritako datuak benetan bere atzean dagoen partizioan idatzi eta irakurriko direla (ezkutuko bolumenera/bolumenetik). Ohi den bezala, horrelako datuak momentuan zifratu eta argituko dira (sistema eragile amuarentzako erabiliko den zifratzeko gako ezberdin batekin).\n\n\nMesedez, 'Hurrengoa'-n klik egin jarraitzeko. + Kanpoko bolumena sortu da eta %hc: unitate bezala muntatu da. Kanpoko bolumen honetan pribatuak diruditen, baina ezkutatu nahi EZ dituzun, fitxategi batzuk kopiatu behar zenituzke. Hauek han egongo dira norbait sistemaren partizioaren atzean dagoen partizioaren pasahitza ematera behartzen bazaitu, non kanpoko eta ezkutuko bolumenak (ezkutuko sistema eragilea hostatzen duena) egongo dira. Kanpoko bolumen honen pasahitza eman ahal izango duzu, eta ezkutuko bolumena (eta ezkutuko sistema eragilea) sekretupean jarraituko dute.\n\nGARRANTZITSUA: Kanpoko bolumenaera kopiatzen dituzun fitxategiak ez lukete %s baino gehiago okupatu behar. Bestela, agian ez da toki aske nahikoa egongo kanpoko bolumenean ezkutuko bolumenarentzako (eta ezin izango duzu jarraitu). Kopiatzen bukatzen duzunean 'Hurrengoa' sakatu (ez ezazu bolumena desmuntatu).. + Kanpoko bolumena sortu da eta %hc: unitate bezala muntatu da.Kanpoko bolumen honetan pribatuak diruditen, baina ezkutatu nahi EZ dituzun, fitxategi batzuk kopiatu behar zenituzke. Fitxategiak han egongo dira norbait pasahitza ematera behartzen bazaitu. Bakarrik kanpoko bolumenaren pasahitza emango duzu, ez ezkutukoarena. Benetan garratzia duten fitxategiak ezkutko bolumenean sortuko dira, hau geroago sortuko dugu. Kopiatzen bukatzen duzunean, 'Hurrengoa' sakatu. Ez ezazu bolumena desmuntatu.\n\nOharra: 'Hurrengoa' klikatu eta gero kanpoko bolumenaren klusterraren bitmapa arakatuko da etenik gabeko espazio hutsaren tamaina zehazteko, non espazio hutsaren bukaera bolumenaren bukaerarekin bat datorren. Tarte honetan ezkutuko bolumena ostatuko da, beraz, haren gehienezko tamaina mugatuko du. Klusterraren bitmaparen arakaketak ezkutuko bolumena kanpoko bolumenaren datuak berridatziko ez dituela ziurtatzen du. + Kanpoko Bolumenaren Edukiak + \n\nHurrengo pausoetan, kanpoko bolumenaren aukerak jarriko dituzu (horiekin, gero, kanpoko bolumena sortuko da). + \n\nHurrengo pausoetan, VeraCrypt kanpoko bolumena sortuko duzu sistema eragilearen partizioaren jarraiko partizioa bezala (aurreko pausoetan azaldu den bezala). + Kanpoko Bolumena + Hurrengo pausoetan ezkutuko bolumenaren (ezkutuko sistema eragilea izango duena) pasahitza eta ezaugarriak jarriko dituzu.\n\nOharra: kanpoko bolumenaren klusterraren bitmapa arakatu da etenik gabeko espazio hutsaren tamaina jakiteko, non espazio hutsaren bukaera bolumenaren bukaerarekin bat datorren. Espazio honek ezkutuko bolumena ostatuko du, beraz, ezkutuko bolumenaren gehienezko tamaina mugatuko du. Ezkutuko bolumenaren gehienezko tamaina zehaztu da eta ziurtatu da sistemaren partizioaren tamaina baino handiagoa dela (hau beharrezkoa da sistemaren partizio osoa ezkutuko bolumenera kopiatu behar izango delako). Honek kanpoko bolumenaren datuak ezkutuko bolumenarekin ez direla berridatziko ziurtatzen du. + GARRANTZITSUA: Mesedez, gogoratu itzazu pauso honetan aukeratu dituzun algoritmoak. Sistema amouarentzako algoritmo berdinak aukeratu behar izango dituzu. Bestela, ezin izango zara ezkutuko sisteman sartu! (Sistema amua ezkutuko sistremaren zifratzeko algoritmo berdinarekin zifratu behar da)\n\nOharra:Honen arrazoia sistrma amua eta ezkutuko sistema hasieraketa kargatzaile berdina erabiltzen dutela da eta hasieraketa kargatzaile bakoitzak algoritmo bakarra erabili dezake (algoritmo bakoitzarentzko VeraCrypt-en Hasieraketa Kargatzaile bana dago). + \n\nBolumenaren lukuaren bit-mapa eskaneatu da eta ezkutuko bolumenaren tamaina maximoa erabaki da. Hurrengo pausoetan ezkutuko bolumenarentzat aukerak ezarriko dituzu, tamaina eta pasahitza. + Ezkutuko bolumena + Ezkutuko bolumena kalteen aurkako babesa dauka eta kanpoko bolumena desmuntatzen den arte iraungo du.\n\nKONTUZ: Ezkutuko bolumenean datuak gordetzen saiakera egiten bada, VeraCrypt-ek bolumen osoari idazkera babesa jarriko dio (kanpoko zein ezkutuko zatiei) desmuntatzen den arte. Honek kanpoko bolumenaren fitxategi sistemari kalte egin diezaioke, eta hau (errepikatzen bada) ezkutuko bolumenaren ezeztapen onargarriari kalte egingo dio. Horregatik, ezkutuko bolumenean ez idazten saiatu beharko zinateke. Ezkutuko bolumenaren zatian gordetzen saiatzen zaren datu guztiak ez dira gordeko eta galduko dira. Agian Windowsek abisatuko dizu idazterakoan akats bat egon dela ("Idazketa Atzeratuak Huts Egin Du" edo "Parametro Okerra"). + Orain muntatutako bolumenean dauden ezkutuko bolumen guztiak kalteen aurkako babesa izango dute desmuntatu arte.\n\nKONTUZ:Babestutako ezkutuko bolumena dagoen tokian datuak gordetzeko saiakera egiten bada, VeraCrypt-ek bolumen osoan (bai kanpoko, bai ezkutuko zatietan)idazketa babesa hasiko du desmuntatzen den arte. Honek kanpoko bolumenaren fitxategi sistemaren hondatzea sortu dezake, eta hau (errepikatzen bada), ezkutuko bolumenaren ezeztapen onargarriari kalte egingo dio. Horregatik, ezkutuko bolumenean ez idazten saiatu beharko zinateke. Ezkutuko bolumenaren zatian gordetzen saiatzen zaren datu guztiak ez dira gordeko eta galduko dira. Agian Windowsek abisatuko dizu idazterakoan akats bat egon dela ("Idazketa Atzeratuak Huts Egin Du" edo "Parametro Okerra"). + KONTUZ: %c: bezela muntatutako bolumenearen ezkutuko bolumenaren zatian datuak gordetzeko saiakera egin da! VeraCrypt-ek datu haien idazkera eragotzi du ezkutuko bolumena babaesteko. Agian honek kanpoko bolumenaren fitxategi sistema hondatu du eta agian Windowsek idazkera errore bat eman du ("Idazketa Atzeratuak Huts Egin Du" edo "Parametro Okerra"). Bolumen osoa (bai kanpoko bai ezkutuko zatiak) idazkera babesa izango dute desmuntatu arte. Honako hau ez bada VeraCrypt-ek ezkutuko bolumenean idazkera bat eragotzi duen lehenengo aldia, agian ezkutuko bolumenaren ezeztapen onargarriari kalte egin dio (kenpoko bolumenaren fitxategi sisteman egon daitezkeen ez ohiko huts jarraituengatik). Horregatik, VeraCrypt bolumen berri bat sortzea pentsatu beharko zenuke (Formataketa Azkarra aukera ezgaituta) eta fitxategiak bolumen honetatik bolumen berrira mugitu; bolumen hau sekurtasunez ezabatu beharko litzateke (bai kanpoko bai ezkutuko zatiak). Gogor gomendatzen dizugu sistema eragilea orain berrabiatzea. + Bolumenean 4GB baino gehiagoko fitxategiak gorde nahi dituzula adierazi duzu. Honek bolumena NTFS formatuan egotea behar du eta hori ezinezkoa da. + Ohartu zaitez ezkutuko sistema eragilea martxan dagoenean, ezkututa ez dauden VeraCrypt bolumenak ezin direla NTFS moduan formatatu. Honen arrazoia hau da, bolumena aldi-baterako idatzteko babesik gabe muntatu behar dela sistema eragileak NTFS moduan formatatu dezan (beste aldetik, FAT moduan formatatzea VeraCrypt-ek berak egiten du, ez sistema eragileak, eta ez du bolumena muntatu behar). Informazio tekniko gehiago nahi baduzu, azpian begiratu. NTFS formatua duen ezkutu gabeko bolumen bat sorttzeko, sistema eragile amutik egin dezakezu. + Sekurtasun arrazioengatik, ezkutuko sistema eragile bat martxan dagoenean, ezkutuko bolumenak bakarrik modu 'zuzenean' sortu daitezke (kanpoko bolumenak beti irakurtzeko bakarrik muntatzen direlako). Ezkutuko bolumen bat sekurtasunez sortzeko, hurrengo pausoak jarraitu itzazu:\n\n1)Sistema amua abiatu ezazu.\n\n2)VeraCrypt bolumen normal bat sortu eta zifratu nahi ez dituzun baina garrantzitsuak diruditen fitxategi batzuk bertara kopiatu itzazu (bolumen hau kanpoko bolumena izango da).\n\n3) Ezkutuko sistema abiatu ezazu eta VeraCrypt-en Bolumenak Sortzeko Laguntzailea ireki ezazu. Bolumena fitxategi batean ostatuta badago, sistemaren partiziora edo beste ezkutuko bolumen batera mugitu ezazu (bestela, sortutako ezkutuko bolumena irakutzeko bakarrik muntatuko zen eta ezin izango zen formatatu). Laguntzailearen pausoak jarraitu itzazu 'ezkutuko bolumena zuzenean sortzeko modua' aukeratuz.\n\n4)Laguntzailean, bigarren pausoan sortutako bolumena aukeratu ezazu eta ematen diren oharrak jarraitu itzazu bere barnean ezkutuko bolumen bat sortzeko. + Segurtasun arrazoiengatik, ezkutuko sistema eragile bat martxan badago, zifratu gabeko fitxategi sistema lokalak eta VeraCrypt ezkutugabeko bolumenak irakurtzeko bakarrik muntatzen dira (ezin da daturik idatzi fitxategi sistema edo VeraCrypt bolumen horietan).\n\nDatuak bakarrik ezkututako VeraCrypt bolumenetan dauden fitxategi sistematan idatzi daitezke (ezkutuko bolumenaren edukiontzia ez badago enktiptatu gabeko fitxategi sistema batean edo beste motako irakurtzeko fitxategi sisteman). + Hiru arrazoi nagusi daude babes hauek ezartzeko:\n\n- Ezkutuko VeraCrypt bolumenak muntatzeko plataforma sekurua sortzea baimentzen du. Ohartu zaitez, ofizialki, ezkutuko bolumenak bakarrik ezkutuko sistema eragile bat martxan dagoenean muntatzea gomendatzen dugula (informazio gehiago nahi baduzu dokumentazioaren 'Ezkutuko Bolumenei Dagokien Sekurtasun Betebearrak eta Neurriak' atala irakurri ezazu).\n\n - Zenbait kasuetan, posiblea da, noizbait, fitxategi sistema bat ez zela sistema eragilearen instanzia berezi batean muntatu (edo fitxategi sistemaren fitxategi berezi bat ez dela handik gorde edo sartu) (adibidez, fitxategi sistemaren egunkarietak, fitxategi datak, aplikazioen logak, errore logak e.a. aztertu eta konparatuz). Honek ordenagailuan ezkutuko sistema eragile bat instalatuta dagoela adierazi lezake. Babesek arazo hauek eragozten dituzte.\n\n- Datuen hondatzea eta hibernazio segurua baimentzen du. Windowsek hibernaziotik bueltatzen denean, muntatutako fitxategi sistemen egoera hibernatzen hasi baino lehenagokaren berdina balitz bezela hartzen du. VeraCrypt-ek hau ziurtatzen du sistema eragile amu eta ezkutuko sistematik irakurri daitezkeen fitxategi sistemei idazkera babesa ezarriz. Babes hori gabe, fitxategi sistema hondatu ahal izango liteke beste sistema batetik muntatuko balitz bestea hibernatzen dagoen bitartean. + Oharra: Amu sistematik ezkutuko sistemara fitxategiak sekurtasunez mugitu behar badituzu, hurrengo pausoak jarraitu itzazu:\n1) Amu sistema abiatu.\n2) Fitxategiak zifratu gabeko bolumen batera edo kanpoko/ohiko VeraCrypt bolumen batera kopiatu itzazu.\n3) Ezkutuko sistema abiatu.\n4)Fitxategiak TrueCryp bolumen batera kopiatu badituzu, muntatu ezazu (automatikoki irakurtzeko bakarrik muntatuko da).\n5) Fitxategiak ezkutuko sistemaren partiziora edo beste ezkutuko bolumen batera kopiatu itzazu. + Zure ordenagailua berpiztu behar da.\n\nOrain berpiztu nahi al duzu? + Errore bat jazo da sistemaren enkripzio egoera irakurtzen ari zenean. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Ezin izan dira aplikazioaren osagaiak hasieratu sistema zifratzeko. + Ausazko zenbakien sortzailea hasieratzerakoan hutse egin du! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Ezin izan da aplikazioa hasieratu. 'Dialog Class'-a erregistratzerakoan huts egin du. + Errorea: Ezin izan da Rich Edit sistemaren liburutegia kargatu. + VeraCrypt Bolumenak Sortzeko Laguntzailea + Bolumen honentzat, ezkutuko bolumenaren tamaina gehienezkoa %.2f bytetakoa da. + Bolumen honentzat, ezkutuko bolumenaren tamaina gehienezkoa %.2f KB-etakoa da. + Bolumen honentzat, ezkutuko bolumenaren tamaina gehienezkoa %.2f MB-etakoa da. + Bolumen honentzat, ezkutuko bolumenaren tamaina gehienezkoa %.2f GB-etakoa da. + Bolumen honentzat, ezkutuko bolumenaren tamaina gehienezkoa %.2f TB-etakoa da. + Bolumenaren pasahitza/gako-fitxategiak ezin dira aldatu bolumena muntatuta dagoen bitartean. Mesedez, lehendabizi bolumena desmuntatu ezazu. + Goiburuaren deribazio algoritmoa ezin da aldatu bolumena muntatuta dagoen bitartean. Mesedez, hori baino lehen bolumena desmuntatu ezazu. + &Muntatu + Bolumen hau muntazteko VeraCrypt-en bertsio berriago bat behar da. + Errorea: Bolumenak Sortzeko Laguntzailea ez da aurkitu.\n\nZiurta zaitez 'VeraCrypt Format.exe' fitxategia 'VeraCrypt.exe' abiatu zeneko karpeta berdinean dagoela. Ez badago, VeraCrypt berriro instalatu, edo zure diskan 'VeraCrypt Format.exe' aurkitu eta exekutatu. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Hurrengoa > + &Bukatu + &Instalatu + &Atera + Ezin izan da VeraCrypt gailu kontrolatzailera konektatu. VeraCrypt ez dabil gailuaren kontrolatzailea martxan ez badago.\n\nOhartu zaitez, Windowsen arazo batengatik, beharrezkoa izan daitekela sesioa amaitzea edo ordenagailua berrabiatzea unitate kontrolatzaile kargatu ahal izan baino lehen. + Letra-tipoak kargatzerakoan/prestatzerakoan errore bat gertatu da. + Unitatearen letra ez da aurkitu edo ez da letrarik zehaztu. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Unitatearen letra ez dago eskuragarri. + Ez da fitxategirik hautatu! + Ez daude unitate letra gehiago eskuragarri. + Ez dago kanpoko bolumenarentzat unitate letra librerik! Bolumenaren sorrerak ezin du jarraitu. + Ezin izan da zure sistema eragilearen bertsioa jakin izan edo onartuta ez dagoen sistema eragilea erabiltzen ari zara. + Ez da helbiderik aukeratu! + Ez dago ezkutuko bolumenarentzat nahikoa espazio libre! Bolumenaren sorrerak ezin du jarraitu. + Errorea: Kanpoko bolumenera kopiatu dituzun fitxategiak leku gehiegi okupatzen dute. Horregatik, kanpoko bolumenean ez dago ezkutuko bolumen batentzako leku huts nahikorik.\n\nOhartu zaitez ezkutuko bolumenak sistemaren partizioaren (orain martxan dagoen sistema eragilea instalatuta dagoen partizioaren) tamaina izan behar duela gutxienez. Ezkutuko sistema eragilea sortzeko sistemaren partizioa ezkutuko bolumenera kopiatu beharra da honen arrazoia.\n\n\nEzkutuko sistema eragilea sortzeko prozesuak ezin du jarraitu. + Erabiltaileak ezin du bolumena desmuntatu. Ziurenik bolumenan dauden fitxategi batzuk oraindik irekita daude. + Ezin izan da bolumena blokeatu. Bolumenean oraindik fitxategi irekiak daude. Hortaz, ezin da desmuntatu. + VeraCrypt-ek ezin du bolumena blokeatu sistema edo aplikazioren bat erabiltzen ari delako.\n\nBolumena desmuntatzera behartu nahi al duzu? + VeraCrypt Bolumena Aukeratu + Helbidea eta Fitxategiaren Izena Eman + PKCS #11 Liburutegia Aukeratu + Memoriarik Gabe + GARRATZITSUA: Esperientziarik gabeko erabiltzaileentzat oso gomendagarria da VeraCrypt fitxategi-edukionktzi bat aukeratutako partizio/gailuan sortzea, partizio/gailu osoa zifratzen saiatu beharrean.\n\n Fitxategi-edukiontzi bat sortzerakoan (gailu edo partizio osoa zifratzearekin konparatuta) ez dago, adibidez, fitxategi kopuru handia hondatzeko arriskurik. Ohartu zaitez VeraCrypt-en fitxategi-edukiontzi bat (nahiz eta bere barruan zifratutako disko bat izan) berez beste edozein fitxategi normal bat bezalakoa da. Informazio gehiago nahi baduzu, VeraCrypt-en Erabiltzaile Gidan Hasiberrien Tutoriala kapituloa irakurri ezazu.\n\nZiur zaude gailu/partizio osoa zifratu nahi duzula? + KONTUZ: '%s' fitxategia dagoeneko badago!\n\nGARRANTZITSUA: VERACRYPT-EK EZ DU FITXATEGIA ZIFRATUKO, EZABATUKO DU. Ziur zaude fitxategia ezabatu eta VeraCrypt edukiontzi berri batengatik ordezkatu nahi duzula? + KONTUZ: AUKERATUTAKO %s '%s'%s-etan GORDETA DAUDEN FITXATEGI GUZTIAK EZABATU ETA GALDUKO DIRA (EZ DIRA ZIFRATUKO)!\n\nZiur zaude formataketarekin jarraitu nahi duzula? + KONTUZ: Bolumena guztiz zifratzen den arte ezin izango duzu, ez muntatu, ez bertan dauden fitxategiak erabili.\n\nZiur zaude aukeratutako %s '%s'%s-ak zifratu nahi dituzula? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + KONTUZ: VeraCrypt-ek datuak "bertan" zifratzen ari den bitartean argia joaten bada edo sistemak huts egiten badu, softwarearen edo hardwarearen akats batengatik, datuen zatiak hondatu edo galduko dira. Horregatik, zifratzen hasi aurretik, ziurta zaitez zifratu nahi dituzun fitxategien babeskopiak dituzula.\n\nBabeskopia hori daukazu? + KONTUZ: '%s'%s (adib. SISTEMAREN PARTIZIOAREN ATZEAN DAGOEN HURRENGO PARTIZIOAN) PARTIZIOAN GORDETA DAUDEN FITXATEGI GUZTIAK EZABATU ETA GALDUKO DIRA (EZ DIRA ZIFRATUKO)!Ziur zaude formatatu nahi duzula? + KONUZ: AUKERATUTAKO PARTIZIOAK DATU ASKO DAUZKA! Partizioan gordeta dauden datuak ezabatu eta galduko dira (EZ dira zifratuko)! + Partizioan gordeta dauden fitxategi guztiak ezabatu han VeraCrypt bolumen bat sortuz + Pasahitza + PIM + Goiguruaren Gakoa Lortzeko Algoritmoa Ezarri + Bolumenari Gako-fitxategiak Gehitu/Kendu + Gako-fitxategi Guztiak Bolumenatik Kendu + Pasahitza, PIM edo/eta gako-fitxategia(k) aldatu egin da/dira.\n\nGARRANTZITSUA: Ziurtatu zaitez VeraCrypt-en Erabiltzaile Gidaren 'Sekurtasun Baldintzak eta Neurriak' kapituloko 'Pasahitzak eta gako-fitxategiak aldatzen' atala irakurri duzula. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + GARRANTZITSUA: VeraCrypt-en Salbatze Diska txikitu ez baduzu, zure sistemaren partizio/unitatea oraindik pasahitz zaharrarekin argitu daiteke (VeraCrypt-en Sablatze Diskarekin sistema abiatuz eta pasahitz zaharra sartuz). VeraCrypt Salbatze Diska berri bat sortu eta zaharra txikitu beharko zenuke.\n\nVeraCrypt Salbatze Diska berri bat sortu nahi al duzu? + Ohartu zaitez VeraCrypt-en Salbatze Diskak oraindik algoritmo zaharra erabiltze duela. Algoritmo zaharra segurua ez dela iruditzen bazaizu, VeraCrypt Salbatze Diska berri bat sortu eta gero zaharra txikitu beharko zenuke.\n\nVeraCrypt Salbatze Diska berri bat sortu nahi al duzu? + Edozein fitxategi mota erabili daiteke (adibidez, .mp3, .jpg, .zip, .avi) VeraCrypt gako-fitxategi bezala. Kontutan hartu ezazu VeraCrypt-ek ez duela fitxategiaren edukia aldatzen. Karpeta bat aukeratzen baduzu, bertan dauden ezkutu gabeko fitxategi guztiak erabiliko dira gako-fitxategi moduan. 'Agiri Fitxategiak Gehitu' sakatu ezazu segurtasun agiri edo txartel azkarren barruan gordeta dauden gako-fitxategiak aukeratzeko (edo gako-fitxategiak sekurtasun agiri edo txartel azkarretara eramteko). + Gako-fitxategia(K) gehitu/kendu da(dira). + Gako-fitxategia exportatu egin da. + Goiburua lortzeko algoritmoa zuzenki ezarri da. + Mesedez, bertan zifratzeko prozesua berrabiatu nahi duzun sistemakoa ez den bolumenaren pasahitz edo/eta gakofitxategiak sartu itzazu.\n\n\nOharra: 'Hurrengoa' sakatu eta gero, VeraCrypt-ek sistemakoak ez diren bolumenak, non zifraketa prozesua eten den eta VeraCrypt-en bolumenaren goiburua emandako pasahitz edo/eta gako fitxategiekin argitu deitekeen, bilatuko ditu. Horrelako bolumen bat baino gehiago badago, hurrengo pausoan haietako bat aukeratu beharko duzu. + Mesedez, zerrendako bolumen bat aukeratu ezazu. Zerrenda erabili daitezkeen sistemakoak ez diren boluemenak, non zifraketa eten egin den eta goiburua emandako pasahitz eta/edo gako fitxategiarekin argitu daitezkenak, daude. + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + Oso garratzitsua da pasahitz ona aukeratzea. Hiztegi batean agertu daitekeen hitz bakar bat (edo horrelako 2,3 edo 4 hitzen konbinazioa) ez zenuke aukeratu behar. Ez luke izenik edo jaiotze datik ezan behar. Ez litzateke asmatzeko erraza izan behar. Pasahitz on bat letra larri eta xehe, zenbaki eta karaktere berezien (@ ^ = $ * + e.a.) ausazko konbinaketa da. 20 karaktere baino gehiagokoa (hainbat eta luzeago, hobeto) izatea gomendatzen dugu. Gehienezko luzeera 64 karaktere dira. + Mesedez, ezkutuko bolumenarentzat pasahitza aukeratu + Mesedez, ezkutuko sistema eragilearentzat pasahitza aukeratu (hau da, ezkutuko bolumenarentzat). + GARRANTZITSUA: Pauso honetan ezkutuko sistema eragilearentzako aukeratzen duzun pasahitza beste bi pasahitzekin ezberdintasun handia izan behar du (hau da, kanpoko bolumenaren pasahitzarekin eta sistema eragile amuaren pasahitzarekin). + Mesedez bolumenaren pasahitza, non ezkutuko bolumena ostatu nahi duzun, sartu ezazu.\n\n'Hurrengoa' klikatu eta gero TrueCryp-ek bolumena muntatzen saiatuko da. Muntatzen den bezain laister, bere klusterraren bitmapa arakatuko da bolumenaren amaierarekin bat egiten duen etenik gabeko toki librerik handienaren tamiana lortzeko(tokia baldin badago). Toki honek ezkutuko bolumena ostatuko du eta bere gehienezko tamaina murrizuko du. Klusterraren bitmaparen arakatzea beharrezkoa da kanpoko bolumenaren datuak ezkutuko bolumenarekin ezabatuko ez direla ziurtzatzeko. + \nMesedez, kanpoko bolumenarentzat pasahitz bat aukeratu. Pasahitz hau eman ahal izango duzu arerio batek pasahitz bat ematera behartzen bazaitu.\n\nGARRANTZITSUA: Pasahitz hau ezkutuko boluenaren pasahitzarekin ezberdintasun handiak izan behar ditu.\n\nOharra: Pasahitzaren gehienezko luzeera 64 karaktere dira. + Mesedez, kanpoko bolumenarentzat pasahitz bat aukeratu. Norbaitek sistemaren atzean dagoen ondorengo partizioaren, non kanpoko eta ezkutuko (ezkutuko sistema eragilea daukana) bolumenak egongo diren, pasahitza ematera behartzen bazaitu, pasahitz hau emain ahal izango duzu. Ezkutuko bolumenaren (eta ezkutuko sistema eragilearen) esistentzia sekretupean jarraituko du. Ohartu zaitez hau ez dela sistema eragile amuaren pasahitza.\n\nGARRANTZITSUA: Pasahitz hau eta ezkutuko bolumenak (hau da, ezkutuko sistema eragilearena) daukana zeharo ezberdinak izan behar dira. + Kanpoko Bolumenaren Pasahitza + Ezkutuko Bolumenaren Pasahitza + Ezkutuko Sistema Eragilearentzat Pasahitza + KONTUZ: Pasahitz motzak erraz hautsi daitezke indarrezko teknikak erabiliz!\n\n20 karaktere baino gehiagoko pasahitza aukeratzea gomendatzen dugu. Ziur zaude pasahitz motz bat erabili nahi duzula? + Bolumenaren Pasahitza + Pasahitz okerra edo ez da VeraCrypt bolumen bat. + Gako-fitxategi edo pasahitz ez zuzena edo ez da VeraCrypt bolumen bat. + Muntaketa modu ez zuzena, pasahitz ez zuzena edo ez da VeraCrypt bolumen bat. + Muntaketa modu ez zuzena, gako-fitxategi edo pasahitz ez zuzena edo ez da VeraCrypt bolumen bat. + Pasahitz okerra edo ez da VeraCrypt bolumenik aurkitu. + Gako-fitxategi/pasahitz ez zuzena edo ez da VeraCrypt bolumena aurkitu. + \n\nKontuz: Caps Lock gaituta dago. Honek pasahitza gaizki sartzea eragin dezake. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nKONTUZ: Ezkutuko fitxategiak aurkitu dira gako-fitxategiak bilatzeko helbidean. Honako ezkutuko fitxategiak ezin dira gako-fitxategi moduan erabili. Gako-fitxategi moduan erabili nahi badituzu, 'Ezkututa' ezaugarria kendu iezaiezu (eskubiko klik egin, 'Ezaugarriak' aukeratu, 'Ezkututa' marka kendu eta 'Ados' sakatu). Oharra: Ezkutuko fitxategiak hori egiteko aukera gaituta badago bakarrik ikus daitezke (Ordenagailua > Kudeatu > Karpeta eta Bilaketa Aukerak > Ikusi). + Ezkutuko sistema baten barruan dagoen ezkutuko bolumen bat babesten saiatzen ari bazara, ziurtatu zaitez US teklatu estandarra erabiltzen ari zarela pasahitza idazteko. Hau beharrezkoa da pasahitza hasieraketa aurreko giroan (Windows hasi aurretik) sartu behar delako eta bertan US teklatuak ez diren teklatu motak ez dutelako balio. + VeraCrypt-ek ez du aurkitu bolumenik non sistemakoa ez den zifraketa eten den eta bolumenaren goiburua emandako pasahitz edo gako-fitxategiarekin argitzen dena..\n\n Mesedez, ziurta zaitez pasahitza edo/eta gako fitxategiak zuzenak direla eta partizioa/bolumena erabiltzen ari den prozesurik ez dagoela (Antibirusa barne). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nOharra: Hasieraketa aurreko kautotzerik gabeko sistemaren unitate zifratu baten barruan dagoen partizio bat edo erabiltzen ari ez den zifratutako sistema eragile bat muntatzen saiatzen ari bazara, hori egin dezakezu 'Sistema' > 'Muntatu Hasieraketa Aurreko Kautotzerik Gabe' aukeratuz. + Modu honetan, ezin duzu muntatu orango sistemaren zifraketaren gakoaren eremuan dagoen unitate batean dagoen partizioa.\n\nPartizio hau modu honetan muntatu baino lehen, beste unitate batean dagoen sistema eragilea (zifratu edo zifratu gabe) edo zifratu gabeko sistema eragile bat abatu behar duzu. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Atzera + Ezin izan da sisteman instalatuta dauden gailu gordinak zerrendan jarri! + '%s' bolumena existitzen da eta irakurtzeko bakarrik da. Ziur zaude ordezkatu nahi duzula? + Helmuga Karpeta Aukeratu + Gako-fitxategia Aukeratu + Gako-fitxategiak bilatzeko helbidea aukeratu. KONTUZ: Ohartu zaitez bakarrik helbidea gogoratuko dela, ez fitxategien izenak! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Ross Anderson, Eli Biham eta Lars Knudsen diseinatuta. 1998an argitaratuta. 256 biteko blokea. XTS eragiketa modua. Serpent AES-eko finalista bat izan zen. + Mesedez, sortuko den edukiontziaren tamaina aukeratu ezazu.\n\nEdukiontzi dinamiko bat (fitxategi mehatza) sortzen ari bazara, balio honek gehienezko tamaina adieraziko du.\n\nOhartu zaitez FAT moduan formatatuta badago bolumenaren gutxienezko tamaina 292 KB dela. NTFS moduan formatatuta badago, bolumenaren gutxienezko tamaina 3792 KB da. + Mesedez, sortuko den kanpoko bolumenaren tamaina aukeratu ezazu (lehendabizi kanpoko bolumena sortuko duzu eta, gero, bertan ezkutuko bolumena sortuko duzu). Ezkutuko bolumen bat ostatuko duen kanpoko bolumen baten gutxienezko tamaina 340 KB da. + Mesedez, sortuko den ezkutuko bolumenaren tamaina aukeratu ezazu. Ezkutuko bolumen baten tamaina minimoa 40KB-ekoa da (3664KB NTFS moduan formatatuta badago). Ezkutuko bolumenaren gehienezko tamaina goian agertzen da. + Kanpoko Bolumenaren Tamaina + Ezkutuko Bolumenaren Tamaina + Mesedez egiaztatu ezazu goian agertzen den aukeratutako gailuaren/partizioaren tamaina zuzena dela eta Hurrengoa sakatu. + Kanpoko bolumena eta ezkutuko bolumena (ezkutuko sistema eragilea daukana) goiko partizioan ostatuko dira. Sistemaren ondoren lehendabiziko partizioa izan beharko liteke.\n\nMesedez, ziurtatu zaitez goian adierazten diren partizioaren tamaina eta zenbakia zuzenak direla, zuzenak badira, 'Hurrengoa' klikatu. + \n\nOhartu zaitez ezkutuko bolumen bat ostatuko duen bolumenaren gutxienezko tamaina 340KB-ekoa dela. + Bolumenaren Tamaina + Dinamikoa + KONTUZ: AUTOKONPROBAKETAK HUTS EGIN DU! + Autokonprobaketak algoritmo guztiekin a gainditu dira + Eman duzun datu unitateen zenbakia motzegia edo luzeegia da. + Eman duzun bigarren mailako gakoa motzegia edo luzeegia da. + Eman duzun zifratutako testua luzeegia edo motzegia da. + Frogetarako eman duzun gakoa luzeegia edo motzegia da. + Eman duzun testu argia luzeegia edo motzegia da. + Bi zifraketa bata bestearen ondoren XTS moduan. Bloke bakoitza lehendabizi %s-rekin (%d biteko gakoa) zifratzen da eta gero %s-rekin (%d biteko gakoa). Zifraketa bakoitzak bere gakoa erabiltzen du. Gako guztiak bata bestearekiko independienteak dira. + Hiru zifraketa bata bestearen ondoren XTS moduan. Bloke bakoitza lehendabizi %s-rekin (%d biteko gakoa) zifratzen da, gero %s-rekin (%d biteko gakoa) eta azkenik %s-rekin (%d biteko gakoa). Zifraketa bakoitzak bere gakoa erabiltzen du. Gako guztiak bata bestearekiko independienteak dira. + Ohartu zaitez, sistema eragilearen konfigurazioaren arabera, auto-exekutatu eta auto-muntatu ezaugarriak bakarrik idatzi ezin daitezkeen CD/DVD motako gailuetan sortutako diska eramangarrietan ibiliko direla. Ohartu zaitez ere, hau ez dela TrueCypt-en akats bat (Windows-en muga bat da). + VeraCrypten diska eramangarria sortu da.\n\n Ohartu zaitez administratzaile baimenak behar dituzula VeraCrypt modu eramangarrian abiatzeko. Ohartu zaitez ere, erregsitro fitxategia begiratu eta gero, agian posible dela VeraCrypt Windows sistema batean abiatu zela ikustea nahiz eta modu eramangarrian abiatu izana. + VeraCrypt Disko Bidaiariak + Diseinatzaileak: Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall eta Niels Ferguson. 1998an argitaratuta. 256 biteko gakoa, 128 biteko blokea. XTS funtzionatzeko modua. Towfish AES-eko finalista bat izan zen. + Informazio gehiago %s-ri buruz + Ezezaguna + Zehaztu gabeko errore bat edo errore ezezagun bat gertatu da (%d). + Bolumen batzuk sistemak edo aplikazioek erabiltzen ari diren fitxategiak edo karpetak dauzkate.\n\nDesmuntarazi? + &Desmuntatu + Dismuntaketak huts egin du! + Bolumenak sistemak edo aplikazioak erabiltzen ari diren fitxategi edo karpetak dauzka.\n\nDesmuntaketa behartu? + Esandako unitate letran ez dago muntatutako bolumenik. + Muntatzen saiatzen ari zaren bolumena dagoeneko muntatuta dago. + Errore bat gertatu da bolumena muntatzen saiatzerakoan. + Bolumenaren barruako helbidea bilatzerakoan errore bat gertatu da. + Errorea: Bolumenaren tamaina gaizki dago. + KONTUZ: Formatatze Azkarra bakarrik hurrengo kasuetan erabili beharko zenuke:\n\n1) Gailuak ez dauka datu garrantzitsurik eta ez da ezeztapen onargarririk behar.\n2) Gailua dagoeneko guztiz eta sekurtasunez zifratu egin da.\n\nZiur zaude Formatatze Azkarra erabili nahi duzula? + Edukiontzi dinamiko bat aurretik definitutako NTFS fitxategi mheatza da eta bere tamaina fisikoa (diskoan erabiltzen ari den espazioa) hazi egiten da datuak eransten zaizkionean.\n\nKONTUZ: fitxategi mehatzetan gordetzen diren bolumenen errendimendua ohiko bolumenena baino askoz txarragoa da. Fitxategi mehatzetan gordetzen diren bolumenek sekurtasun gutxiagoa dute bolumenean zein sektore erabiltzen diren eta zein ez esan daitekeelako. Horretaz gain, fitxategi mehatzetan gordetzen diren bolumenek ez dute ezeztapen onargarririk ematen (hortaz, ezin dute ezkutuko bolumenki ostatu). Horretaz gain, fitxategi mehatz batean datuak idazten badira eta fitxategi sisteman ez badago behar adina toki librerik, zifratutako fitxategi sistema hondatu daiteke.\n\nZiur zaude fitxategi mehatz batean gordetako bolumen bat sortu nahi duzula? + Ohartu zaitez, Windows eta VeraCrypt-ek beti edukiontzi dinamikoaren gehienezko tamaina erakutsiko dutela. Edukiontziaren tamaina fisikoa jakiteko (benetan diskoan erabiltzen duen tamaina) edkuiontzi dinamikoan eskubiko klik egin (Windows Esploratzailearen lehioan, ez VeraCrypt-en), ondoren 'Ezaugarriak' aukeratu eta ondoren 'Tamaina Diskoan' balioa begiratu.\n\nOhartu zaitez ere, edukiontzi dinamikoa beste bolumen edo unitate batera mugitzen baduzu, edukiontziaren tamaina fisikoa bere gehienezko tamainara handituko dela. (Hau eragotzi dezakezu helburuan edukiontzi dinamiko bat sortuz, hura muntatuz eta fitxategiak edukiontzi zaharretik berrira mugituz.) + Pasahitz katxea ezabatu egin da + VeraCrypt kontrolatzailearen katxean gordeta zeuden pasahitzak (eta/edo erabilitako gako fitxategien edukiak) ezabatu egin dira. + VeraCrypt-ek ezin du bolumen ezezagun baten pasahitza aldatu. + Mesedez, libre dagoen unitate letra bat aukeratu ezazu. + Mesedez, muntatutako bolumen bat aukeratu ezazu unitate letren zerrendatik. + Muntatutako bi bolumen ezberdin aukeratuta dude (bat unitate letren zerrendan eta bestea zerrendaren azpian dagoen eremuan).\n\nMesedez, hautatu ezazu aukeratu nahi zenuen bolumena: + Errorea: Ezin da autorun.inf sortu + Errore bat gertatu da gako-fitxategia prozesatzerakoan! + Errore bat gertatu da gako-fitxategiaren helbidea prozesatzerakoan! + Gako fitxategiaren helbidean ez dago fitxategirik.\n\nOhartu zaitez gako-fitxategia aurkitzeko helbidean dauden karpetak (eta barruan dauden fitxategiak) ezikusiko direla. + VeraCrypt ez du sitema eragile hau onartzen. + Errorea: VeraCrypt-ek sistema eragile honen bertsio estableak onartzen ditu (beta/RC bertsioak ez ditu onartzen). + Errorea: Ezin izan da memoria esleitu. + Errorea: Ezin izan da jarduketa neurgailutik valorea hartu. + Errorea: bolumenak formatu okerra dauka. + Errorea: Ezkutuko bolumen baten pasahitza sartu duzu (ez ohiko bolumen batena). + Sekurtasun arrazoiengatik, ezkutuko bolumen bat ezin da sortu True Crypt bolumen batean, non 'bertan' zifratu den fitxategi sistema dagoen (hutsik dagoen tokia ez delako ausazko datuekin bete). + VeraCrypt - Ohar Legalak + Fitxategi Guztiak + VeraCrypt Bolumenak + Liburutegi Moduluak + NTFS formataketak ezin du jarraitu. + Ezin da bolumena muntatu. + Ezin da bolumena desmuntatu. + Windows-ek bolumena NTFS moduan formatatzerakoan huts egin du.\n\nMesedez, fitxategi sistema mota ezberdina aukeratu (ahal bada) eta berriro saiatu. Bestela, bolumena formaturik gabe utzi ("Ezer" aukeratu fitxategi sistema bezela) eta laguntzaile honetatik irten. Gero, bolumena muntatu eta sistemaren edo hirugarren baten tresna bat erabili muntatutako bolumena formatatzeko (bolumena zifratuta jarraituko du). + Windowsek bolumena NTFS erara formateatzerakoan huts egin du.\n\nBolumena FAT erara formateatu nahi al duzu? + Lehenetsitako + partizioa + PARTIZIOA + Gailua + gailua + GAILUA + Bolumena + bolumena + BOLUMENA + Etiketa + Aukeratutako klusterraren tamaina txikiegia da bolumen tamaina honetarako. Kluster tamaina handiagoa erabiliko da. + Errorea: Ezin izan da bolumenare tamaina irakurri!\n\nZihurta zaitez ez dagoela bolumena erabiltzen ari den sistema edo aplikaziorik. + Ezkutuko bolumenak ezin dira edukiontzi dinamikoetan (fitxategi mehatzetan) sortu. Ezeztapen onargarria lortzeko ezkutuko bolumena dinamikoa ez den edukiontzi baten barruan sortu behar da. + VeraCrypt-en Bolumen Sorreraren Laguntzaileak FAT edo NTFS bolumen batean bakarrik sortu dezake ezkutuko bolumen bat. + Windows 2000 erabilita, VeraCrypt-en Bolumen Sorreraren Laguntzaileak FAT bolumen baten barruan sortu dezake ezkutuko bolumen bat. + Oharra: FAT fitxategi sistema NTFS fitxategi sistema baino hobeagoa da kanpoko bolumenentzako (adibidez, ezkutuko bolumen baten tamaina ziurenik askoz handiagoa izango da FAT moduan formatatutako kanpoko bolumen batean). + Ohartu zaitez FAT fitxategi sistema NTFS fitxategi sistema baino hobeagoa dela. Adibidez, ezkutuko bolumen baten tamaina ziurenik askoz handiagoa izango da FAT moduan formatatutako kanpoko bolumen batean (honen arrazoia NTFS fitxategi sistemak bere barne datuak bolumenaren erdian gordetzen dituelako da, honen ondorioz ezkutuko bolumena bakarrik kanpoko bolumenaren bigarren erdian egon daiteke).\n\nZiur zaude kanpoko bolumena NTFS moduan formatatu nahi duzula? + Horren ordez, bolumena FAT formatuan formatatu nahi al duzu? + Oharra: Bolumen hau ezin da FAT moduan formatatu, FAT32 fitxategi sistemak onartzen duen bolumen tamaina handiena baino handagoa baita erabili daitekeen sektore tamainarekin (2 TB 512 byteko sektoreekin eta 16TB 4096 byteko sektoreekin). + Errorea: Ezkutuko sistemare eragilearen partizioa (adib. sistemaren partizioaren atzean dagoen hurrengoa) gutxienez sistemaren partizioa (hau da, orain martxan dagoen sisstema eragilea instalatuta dagoen partizioa) baino %5 handiagoa izan behar du. + Errorea: Ezkutuko sistema eragilearentzako partizioaren tamaina (hau da, sistemakoaren atzean dagoen lehenengo partizioa) gutxienez sistemaren partizioaren (sistemaren partizioa orain martxan dagoen sistema eragilea ostatzen duena da) tamainaren %110 izan behar da (2,1 aldiz). Honen arrazioa, NTFS fitxategi sistemak bere barneko datuak beti bolumenaren erdian gordetzen dituela da eta, horregatik, ezkutuko bolumena (zein sistemaren partizoaren klon bat edukiko duen) bakarrik partizioaren bigarren zatian egon daiteke. + Errorea: Kanpoko bolumenak NTFS formatua badauka, gutxienez %110 (2,1 aldiz) sistemako partizioa baino handiagoa izan behar du. Honen arrazoia NTFS-ek beti bere datuak bolumenaren erdialdean gordetzen dituela da, eta horregatik ezkutuko bolumena (sistemaren partizioaren klon bat daukana) bakarrik kanpoko bolumenaren bigarren erdian ostatu daiteke.\n\nOharra: Kanpoko bolumena ezkutuko sistema eragilearen partizio berean ostatu behar da (hau da, sistemaren partizioaren hurrengo partizioan). + Errorea: Ez dago partiziorik sistemaren partizioaren atzean.\n\nOhartu zaitez ezkutuko sistema eragilea egin baino lehen, sistemaren unitatean partizio bat sortu behar diozula. Sistemaren partizioaren atzean dagoen lehendabiziko partizioa izan behar du eta gutxienez hau baino %5 handiagoa izan behar du (sistemaren partizioa orain martxan dagoen sistema eragilea instalatuta dagoen partizioa da).Hala ere, kanpoko bolumena (kontuz, ez nahasi sistemaren partizioarekin) NTFS formatua badauka, ezkutuko sistema eragilearen partizioak gutzienez %110 (2,1 aldiz) handiagoa izan behar du sistemako partizioa baino (honen arrazioa, NTFS fitxategi sistemak bera barneko datuak beti bolumenaren erdian gordetzen dituelako da eta horregatik, ezkutuko bolumena, zein sistemaren partizioaren klon bat den, bakarrik partizioaren bigarren zatian ostatu daiteke). + Ohar garrantzitsua: Ez da praktikoa (eta, hortaz, ez dago onartua) partizio bakarrean dauden bi VeraCrypt bolumenetan sistema eragileak instalatzea, honen arrazoia ondorengoa da: kanpoko sistema eragilea askotan behar izango du ezkutuko sistema eragilearen gunean datuak idaztea (eta idazktea eragiketa horiek ezkutuko bolumenak daukan babes funtzioak eragotzi egingo balitu, horrek sistemaren krsakadura eragingo luke, hau da 'Pantaila Urdineko' erroreak). + Partizioak nola sortu eta kudeatzeko informazioa lortzeko, zure sistema eragilearekin datorren dokumentazioa irakurri ezazu edo zure ordenagailuaren saltzailearen zerbitzu teknikoarekin harremanetan jarri zaitez laguntza eske. + Errorea: Martxan dagoen sistema eragilea ez dago hasieraketa partizioan instalatuta (lehendabiziko partizio aktiboa). Hau ez da onartzen. + VeraCrypt bolumen honetan 4GB baino gehiagoko fitxategiak gordetzeko asmoa zeneukala adierazi duzu. Hala ere, FAT fitxategi sistema aukeratu duzu, zein ez duen 4GB baino gehiagoko fitxategirik onartzen.\n\nZiur zaude bolumena FAT moduan formatatu nahi duzula? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Errorea: Ezin da bolumena aurkitu!\n\nZiurtatu zaitez bolumena esistitzen dela, muntatuta ez dagoela, ez dagoela beste aplikaziorik edo sistemarik hori erabiltzen, bolumenean irakurri eta idazteko beimanak dituzula eta ez dagoela idazketaren aurka babesturik. + Error: Cannot obtain volume properties. + Errorea: Ezin da bolumena aurkitu eta/edo bolumenari buruzko informazioa lortu.\n\nZiurtatu zaitez bolumena esistitzen dela, ez dagoela beste aplikaziorik edo sistemarik hori erabiltzen, bolumenean irakurri eta idazteko beimanak dituzula eta ez dagoela idazketaren aurka babesturik. + Errorea: Ezin izan da bolumenera irakurri edo/eta hari buruzko informazioa lortu. Ziurtatu zaitez bolumena esistitzen dela, erabiltzen ari den sistema eta aplikaziorik ez dagoela, bolumenean irkurri eta idazteko baimena duzula eta idazketaren aurkako babesik ez duela.\n\nArazoak jarraitzen badu, hurrengo pausoak jarraitzeak lagundu dezake. + Errore batek partizioaren zifraketa eragotzi du. Adierazitako erroreak konpontzen saiatu zaitez eta berriro saiatu. Arazoek jarraitzen badute, hurrengo instrukzioak jarraitzeak lagundu dezake. + Errore batek partizioaren zifratze prozesuaren jarraipena eragotzi du.\nMesedez, hau baino lehen arazorik aipatu badira, hauek konpontzen saiatu eta berriz prozesua jarratzen saiatu zaitez. Ohartu zaitez bolumena ezin dela muntatu guztiz zifratuta dagoen arte. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Errorea: Ezin izan da kanpoko bolumena desmuntatu!\n\nBolumena ezin da desmuntatu sistemak edo programek han dauden fitxategi edo karpetak erabiltzen ari badira.\n\nMesedez, bolumenean dauden fitxategiak edo karpetak erabiltzen ari daitekeen programak itxi eta 'Berriro Saiatu klikatu. + Errorea: Ezin izan da kanpoko bolumenari buruz informazioa eskuratu.\nBolumenaren sorrerak ezin du jarraitu. + Errorea: Ezin izan da kanpoko bolumenara heldu! Bolumenaren sorrerak ezin du jarraitu. + Errorea: Kanpoko bolumena ezin da muntatu. Bolumenaren sorrerak ezin du jarraitu. + Errorea: Ezin izan da kusterraren bitmapa irakurri! Bolumenaren sorrera prozesuak ezin du jarraitu. + Alfabetikoki/Kategorikoki + Batez besteko Abiadura (Beherantz) + Algoritmoa + Zifraketa + Argiketa + Batez Beste + Unitatea + Tamaina + Zifratzeko Algoritmoa + Zifratzeko Algoritmoa + Mota + Balioa + Ezaugarria + Kokalekua + byteak + Ezkutukoa + Kanpokoa + Normala + Sistema + Ezkutukoa (sistema) + Irakurri-Bakarrik + Sistemaren unitatea + Sistemaren unitatea (zifratzen - %%.2f% eginda) + Sistemaren unitatea (argitzen - %%.2f% eginda) + Sistemaren unitatea (%%.2f% zifratuta) + Sistemaren partizioa + Ezkutuko sistemaren partizioa + Sistemaren partizioa (zifratzen - %%.2f% egindae) + Sistemaren partizioan (argitzen - %%.2f% eginda) + Sistemaren partizioa (%%.2f% zifratuta) + Bai (kaltea eragotzita!) + Ezer + Gako Nagusiaren Tamaina + Bigarren Mailako Gakoaren Tamaina (XTS Modua) + Tweak Gakoaren Tamaina (LRW Modua) + bitak + Blokearen Tamaina + PKCS-5 PRF + PKCS-5 Iterazio Zenbaketa + Bolumena sortu da + Goiburuaren azken aldaketa + (orain dela %I64d egun) + Bolumenaren formatuaren bertsioa + Kapsulatutako Goiburuaren Babeskopia + VeraCrypt Hasieraketa Kargatzailearen Bertsioa + Lehen hutsunea + Disko Aldagarria + Disko Gogorra + Aldatu Gabea + Autodetection + Laguntzaile Modua + Modu hauetako bat aukeratu. Ziur ez bazaude, lehenetsitako modua aukera ezazu. + Aukera hau hautatu ezazu sistema honetan VeraCrypt instalatu nahi baduzu. + Oharra: Argitu gabe eguneratu dezakezu sistemaren partizioa/unitatea zifratuta egon edo ezkutuko sistema eragilea erabiltzen ari zaren arren. + Aukera hau hautatzen baduzu, fitxategi guztiak paketetik aterako dira baina ez da ezer sisteman instalatuko. Ez ezazu aukera hau hautatu sistemaren partizioa edo sistemaren unitatea zifratu nahi baduzu. Aukera hau hautatzea lagungarria izan daiteke, adibidez, VeraCrypt modu eramangarrian erabili nahi baduzu. VeraCrypt ez da instalatu behar gero erabiliko den sisterma eragilean. Fitxategi guztiak atera eta gero, 'VeraCrypt.exe' fitxategia zuzenean executatu dezakezu (VeraCrypt modu eramangarrian executatuko da). + Konfigurazio Aukerak + Hemen instalatze prozesua kontrolatzeko aukerak aldatu ditzakezu. + Instalatzen + Mesedez, itxaron VeraCrypt instalatzen den bitartean. + VeraCrypt ondo instalatu egin da + VeraCrypt ondo eguneratu egin da + Mesedez diru-emate bat egitea hausnartu ezazu. Edozein momentutan 'Bukatu' sakatu dezakezu instalatzailea ixteko. + Ateratze Aukerak + Hemen ateratze prozesua kontrolatzeko aukerak aldatu ditzakezu. + Ixaron ezazu fitxategiak ateratzen diren bitartean, mesedez. + Fitxategiak ondo atera dira + Fitxategi guztiak arazorik gabe helburu tokira atera dira. + Aukeratutako karpeta existitzen ez bada, automatikoki sortuko da. + VeraCrypt-en programaren fitxategiak eguneratuko dira VeraCrypt instalatuta dagoen tokian. Beste toki bat aukeratu nahi baduzu, lehendabizi TryeCrypt desinstalatu beharko duzu. + TrueCypt-en oraingo (egonkorra den azkenekoa) bertsioaren argitaratze oharrak ikusi nahi al dituzu? + VeraCrypt inoiz erabili ez baduzu, VeraCrypt-en Erabiltzaile Gidaren Hasiberrientzako Tutoriala kapituloa irakurtzea gomendatzen dugu. Tutoriala ikusi nahi? + Hondoko ekintza hauetatik aukeratu zein egin nahi duzun: + Konpondu/Berinstalatu + Eguneratu + Desinstalatu + VeraCrypt instalatzeko/desinstalatzeko administratzaile baimenak izan behar dituzu. Jarraitu nahi al duzu? + VeraCrypt-en instalatzailea dagoeneko martxan dago sistema honetan instalazio bat egiten edo prestatzen edo VeraCrypt-en eguneraketa batekin. Jarraitu baino lehen, mesedez, bukatzen den arte itxaron ezazu edo itxi ezazu. Ezin baduzu itxi, mesedez, zure ordenagailua berrabiatu ezazu jarraitu baino lehen. + Instalazioak huts egin du. + Desinstalazioak huts egin du. + Banaketaren pakete hau hondatuta dago. Mesedez, saiatu zaitez berriro deskargatzen (hobe VeraCrypt-en weborri ofizialetik https://veracrypt.codeplex.com). + Ezin da %s fitxategia idatzi + Ateratzen + Ezin da paketeko informazioa irakurri. + Distribuzio honen paketearen osotasuna ezin da egiaztatu. + Ateratzerakoan huts egin du. + Instalazioa bere lehendabiziko egoerara itzuli da. + TrueCryp instalatu egin da. + VeraCrypt eguneratu da. + VeraCrypt ondo eguneratu da. Ala ere, erabiltzen hasi baino lehen, ordenagailua berrabiatu egin behar da.\n\nOrain berrabiatu nahi al duzu? + VeraCrypt ezin izan da eguneratu !\n\nGARRANTZITSUA: Sistema itzali edo berrabiatu baino lehen, gogor gomendatzen dugu Sistemaren Berreskuratzea erabiltzea (Windows-en Hasiera menua > Programa Guztiak > Osagarriak > Sistemaren Tresnak > Sistemaren Berreskuratzea) eta 'VeraCrypt-en instalazioa' deritzon berreskuratze puntura bueltatzea. Sistemaren Berreskuratzea ez baldin badago eskuragarri, VeraCrypt-en bertsio zaharra edo berria berriz instalatzen saiatu beharko zinateke sistema itzali edo berrabiatu baino lehen. + VeraCrypt desinstalatu egin da.\n\n'Bukatu' sakatu VeraCrypt instalatzailea eta %s karpeta ezabatzeko. Ohartu zaitez karpeta ez dela ezabatuko bertan VeraCrypt-en instalatzaileak edo VeraCrypt-ek berak sortu ez dituen fitxategiak baldin badaudet. + VeraCrypt-en erregsitro sarrerak kentzen + Erregistroaren sarrera idazten + Aplikazioaren datu espezifikoak ezabatzen + Instalatzen + Gelditzen + Kentzen + Ikonoa gehitzen + Sistemaren Berreskuratze Puntua Sortzen + Ezin izan da Sistemaren Berreskuratze Puntua sortu! + Hasieraketa kargatzailea eguneratzen + '%s' instalatzerakoan huts egin du. %s\nInstalatzen jarraitu nahi al duzu? + '%s' desinstalatzerakoan huts egin du. %s\nDesinstalatzen jarraitu nahi al duzu? + Inslatazioa bukatu da. + '%s' karpeta ezin izan da sortu + VeraCrypt gailu erabiltzailea ezin da deskargatu.\n\nMesedez, lehendabizi VeraCrypt lehio guztiak itxi itzazu. Honek konpontzen ez badu, Windows berrabiatu eta berriro saiatu zaitez, mesedez. + VeraCrypt bolumen guztiak desmuntatu behar dira VeraCrypt instalatu edo desinstalatu baino lehen. + Sisteman VeraCrypt-en bertsio zaharkitu bat instalatuta dago. VeraCrypt-en bertsio berri hau instalatu baino lehen desinstalatu egin behar da.\n\nMezu lehio hau itxi bezain laister, bertsio zaharraren desinstalatzailea abiatuko da. Ohartu zaitez, ez dela bolumenik argituko VeraCrypt desinstalatzerakoan. VeraCrypt-en bertsio zaharra desinstalatu eta gero, VeraCrypt-en bertsio berriaren instalatzailea berriz abiatu ezazu.. + Erregistroko sarrerak instalatzerakoan huts egin du + Gailuaren kontrolatzailearen instalazioak huts egin du. Mesedez, Windows berrabiatu eta VeraCrypt berriro instalatzen saiatu zaitez. + VeraCrypt-en gailu kontrolatzailea hasieratzen + Gailuaren kontrolatzailearen desinstalatzeak huts egin du. Ohartu zaitez, Windowsen arazo batengatik, beharrezkoa izan daitekeela saioa amaitzea edo sistema berrabiatzea gailuaren kontrolatzailea desinstalatzeko (edo berrinstalatzeko). + VeraCrypt-en gailu kontrolatzailea instalatzen + VeraCrypt-en gailu kontrolatzailea gelditzen + VeraCrypt-en gailu kontrolatzailea desinstalatzen + Erabiltzaileen Kontuen Kontrolerako liburutegiaren erregistratzeak huts egin du. + Erabiltzaileen Kontuen Kontrolerako liburutegia erregistrotik ezabatzerakoan huts egin du. + Modu eramangarriari buruzko oharra:\n\nOhartu zaitez sistema eragileak kontrolatzaileak erregistratu behar dituala erabili ahal izan baino lehen. Hortaz, VeraCrypt kontrolatzailea ez da guztiz eramangarria (eta ezin izango da). Ohartu zaitez ere, VeraCrypt-ek kontrolatzaile hori behar duela momentuan eta gardentasunez zifraketa eta argitzea emateko. + Ohartu zaitez VeraCrypt modu eramangarrian erabiltzen baduzu (instalatutako VeraCrypt-en kopia bat erabili ordez), exakutatzen saiatzen zaren bakoitzean sistemak hori egiteko baimena eskatuko dizu (UAC mezua).\n\nHonen arrazoia VeraCrypt modu eramangarrian erabiltzen denean VeraCrypt gailu kontrolatzailea kargatu behar duela da. VeraCrypt-ek gailu kontrolatzaile behar du zifratze/argitze gardena egiteko, eta administratzaile baimenik gabeko erabiltzaileek ezin dute Windowsen gailu kontrolatzailerik abiatu. Horregatik, sistemak baimena eskatuko dizu VeraCrypt administratzaile baimenekin exekutatzeko (UAC mezua)\n\n.Ohartu zaitez VeraCrypt sisteman instalatzen baduzu (VeraCrypt modu eramangarrian erabili ordez), sistemak EZ dizu baimenik eskatuko VeraCrypt exekutatzeko (UAC mazua) erabiltzen saiatzen zaren bakoitzean.\n\nZiur zaude fitxategiak atera nahi dutuzula? + Kontuz: Bolumen Sortzailearen Laguntzaile honen instanzia adimistratzaile baimenak dauzka.\n\nSortzen ari zaren bolumen berria muntatuta dagoenean idazteko baimenik ez izateko arriskua dago. Hori sahiestu nahi baldin baduzu, Bolumen Sortzailearen Laguntzailearen instanzia hau itxi eta berria abiaratu administratzaile baimenik gabe.\n\nBolumen Sortzailearen Laguntzailearen instanzia hau itxi nahi al duzu? + Errorea: Ezin da lizentzia erakutsi. + Kanpoko(!) + egunak + orduak + minutuaks + s + Ireki + Desmuntatu + VeraCrypt Erakutsi + VeraCrypt Ezkutatu + Muntaketatik Irakurritako Datuak + Muntaketatik Idatzitako Datuak + Zifratutako zatia + %100 (osorik zifratuta) + %0 (zifratu gabe) + %%%.3f + %100 + Itxaroten + Prestatzen + Neurriz aldatzen + Zifratzen + Argitzen + Bukatzen + Etenda + Bukatuta + Errorea + Gailua deskonektatu da + Sistemaren gogoko bolumenak gorde dira.\n\nSistemaren gogoko bolumenak muntaketa gaitzeko, mesedez 'Aukerak' > 'Sistemaren Gogoko BOlumenak' ' Sistemaren gogoko bolumenak muntatu Windows hasieratzen denean' aukeratu ezazu. + Gogokoetara gehitzen ari zaren bolumena ez da partizio bat ezta bolumen dinamiko bat. Hortaz, VeraCrypt ezin izango du gogoko bolumen hau gailu zenbakia aldatzen zaionean. + Gogokoetara gehitzen ari zaren bolumena Windows-ek ez du partiziotzat hartzen.\n\nVeraCrypt-ek ezingo du gogoko bolumen hau muntatu gailu zenbakia aldatzen bada. Mesedez, partizioaren mota aldatu ezazu Windowsek ezagutzen duen batera (Windowsen 'diskpart' tresnan SETID komandoa erabili ezazu). Ondoren partizioa gogokoetara gehitu ezazu. + VeraCrypt-en Ezkutuko Ataza ezgaituta edo muntatutako bolumenik ez dagoenean bukatzeko konfiguratuta dago (edo VeraCrypt modu eramangarrian exekutatzen ari da). Honek gailu bat konektazerakoan bertan ostatuta dauden gogoko bolumenak automatikoki muntatzea eragotzi dezake.\n\nOharra: VeraCrypt-en Ezkutuko Ataza gaitzeko, Aukerak > Lehentasunak aukeratu eta ondoren 'Gaituta' laukia markatu ezazu 'VeraCrypt-en Ezkutuko Ataza' gunearen barruan . + Sare bitartez konpartituta eta urrun dagoen fitxategi sistema batean dagoen edukiontzi bat bat ezin da automatikoki muntatu gailu ostalaria konektatzerakoan. + Azpian erakusten den gailua ez da partizio bat ezta bolumen dinamiko bat. Hortaz, gailuan ostatuta dagoen bolumena ezin da automatikoki muntatu gailua konektatzen denean. + Mesedez, azpian agertzen den partizioaren mota aldatu ezazu Windowsek ezagutzen duen batera (Windowsen 'diskpart' tresnak daukan SETID komandoa erabiliz). Ondoren partizioa gogokoetatik kendo eta berriz gehitu ezazu. Honekin gailua konektatzerakoan bertan ostatuta dagoen bolumena automatikoki muntatzea lortuko duzu. + Azpian dagoen gailua ez da, ez partizio bat, ez bolumen dinamiko bat. Horregatik, ezin zaio etiketarik jarri. + Mesedez, azpian agertzen den partizioari mota aldatu iezaiozu Windowsek ezagutzen duen mota batera (Windowsen 'diskpart' tresnak daukan SETID komandoa erabiliz). Ondoren partizioa gogokoetatik kendu eta berriz ere gehitu ezazu. Honek partizioari etiketak gehitzea ahalbidetuko dizu. + Windowsen limitazio batengatik, sare bidez banatzen den urrutiko fitxategi sistema batean dagoen edukiontzi bat ezin da sistemaren gogoko bezala muntatu (hala ere, gogoko bolumen arrunt bat bezela muntatu daiteke erabiltzaileak sesioa hasterakoan). + %s-rentzako pasahitza sartu + '%s'-rentzako pasahitza sartu + Bolumen normalaren/kanpokoaren pasahitza sartu + Ezkutuko bolumenarentzako pasahitza sartu + Babeskopia fitxategian gordetako goiburuaren pasahitza sartu + Gako-fitxategia sortu egin da. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + KONTUZ: Bolumen honen goiburua hondatuta dago! VeraCrypt-ek automatikoki bolumenean kapsulatua dagoen goiburuaren babeskopia eraibliko du.\n\nBolumena konpondu beharko zenuke 'Tresnak' > 'Bolumenaren Goiburua Leheneratu' aukeratuz. + Bolumenaren goiburuaren babeskopia sortu egin da.\n\nGARRANTZITSUA: Bolumenaren goiburua leheneratzen baduzu babeskopia hau erabiliz bolumenaren oraingo pasahitza izango du. Gainera, bolumena muntatzeko gako-fitxategiak beharrezkoak badira, gako-fitxategi berdinak beharrezkoak izango dira bolumenaren gohiburua leheneratu eta gero bolumena muntatzeko.\n\nKONTUZ: Bolumenaren goiburuaren babeskopia BAKARRIK bolumen zehatz honen goiburua leheneratzeko balio du. Goiburuaren babeskopia hau bolumen ezberdin baten goiburua leheneratzeko erabiltzen baduzu, bolumena muntatzeko gai izango zara, baina EZIN izango duzu han gordetako daturik argitu (bere gako nagusia aldatuko baituzu). + Bolumenaren goiburua leheneratu egin da.\n\nGARRANTZITSUA: Ohartu zaitez pasahitz zaharra leheneratu egin dela ere. Babeskopia egin zenean bolumena muntatzeko gako-fitxategirik behar bazen, gako fitxategi berdinak beharrezkoak dira orain bolumena berriro muntatzeko. + Sekurtasun arrazoiengatik, bolumenaren pasahitz zuzena (edo gako-fitxategi zuzenak) sartu beharko duzu.\n\nOharra: Bolumenak ezkutuko bolumena badauka, lehendabizi kanpoko bolumenaren pasahitz zuzena (edo gako-fitxategi zuzenak) sartu beharko duzu. Ondoren, ezkutuko bolumenaren goiburuaren babeskopia egitea aukeratzen baduzu, ezkutuko bolumenaren pasahitz zuzena (edo gako-fitxategi zuzenak) sartu beharko duzu. + Ziur zaude %s bolumenaren goiburuaren babeskopia egin nahi duzula?\n\n'Bai' klikatu eta gero, goiburuaren babeskopiarentzako fitxategi izen bat eskatuko da.\n\nOharra: Bolumen normalaren eta ezkutuko bolumenaren goiburuak berriz zifratuko dira ausazko datu ezberdinekin eta babeskopia fitxategian gordeko dira. Bolumen honetan ezkutuko bolumenik ez badago, babeskopia fitxategian ezkutuko bolumenarentzat dagoen tokia ausazko datuekin beteko da (ezeztapen onargarria mantentzeko). Bolumenaren goiburua babeskopia fitxategitik leheneratzerakoan, bolumenaren babeskopia sortu zen momentuko pasahitz zuzena (edo/eta gako fitxategi zuzenak) sartu behar izango duzu. Pasahitzak (edo/eta gako fitxategiek) erabakiko dute ere ze bolumenaren goiburua leheneratuko den, normala edo ezkutukoa (ohartu zaitez VeraCrypt-ek hau erabakitzen duela saiaketa eta errore prozesu baten bitartez). + Ziur zaude %s -ren bolumenaren goiburua leheneratu nahi duzula?\n\nKONTUZ: Bolumenaren goiburua leheneratzeak bolumenaren pasahitza leheneratzen du ere, babeskopia egin zenean erabiltzen zenera, hain zuzen ere. Babeskopia egin zenean bolumena muntatzeko gako-fitxategirik behar bazen, bolumenaren gohiburua leheneratu eta gero gako-fitxategi berdinak behar izango dira berriro bolumena muntatzeko.\n\n'Bai' sakatu eta gero, goiburuaren babeskopia fitxategia aukeratuko duzu. + Bolumen honek ezkutuko bolumenik ba al dauka? + Bolumenak ezkutuko bolumen bat dauka + Bolumenak ez dauka ezkutuko bolumenik + Mesedez, erabili nahi duzun bolumenaren goiburuaren babeskopia mota aukeratu ezazu: + Bolumenaren gohiburua leheneratu bolumenean kapsulatuta dagoen babeskopiatik + Bolumenaren gohiburua leheneratu kanpoko babeskopia fitxategi batetik + Bolumenaren goiburuaren babeskopia fitxategiaren tamaina ez da zuzena. + Bolumen honetan ez dago kapsulatutako goiburuaren babeskopiarik (Ohartu zaitez VeraCrypt 6.0 edo geroagoko programekin sortutako bolumenek bakarrik daukatela kapsulatutako goiburuaren babeskopiak). + Sistemaren partizioa/unitatearen goiburuaren babeskopia egiten saiatzen ari zara. Hau ez dago onartua. Sistemaren unitate/partizioaren babeskopia egiteko edo babeskopiatik leheneratzeko beharrezkoa da VeraCrypt Salbatze Diska erabiltzea.\n\nVeraCrypt-en Salbatze Diska sortu nahi? + VeraCrypt bolumen birtual baten goiburua leheneratzen saiatzen ari zara baina sistemaren partizio/unitatearen bolumena aukeratu duzu. Hau ez dago onartuta. Sistemaren partizioa/unitatean babeskopia eta leheneratze eragiketak VeraCrypt Salbatze Diska erabiliz bakarrik egin daitezke.\n\nVeraCrypt Salbatze Diska sortu nahi? + 'Ados' sakatu eta gero, VeraCrypt-en Salbatze Diskaren ISO irudia gordetzeko izena eta hura gorde nahi duzun tokia hautatu beharko dituzu + Salbatze Diskaren irudia sortu da eta fitxategi honetan gorde da:\n%s\n\nOrain Salbatze Diskaren irudi hori CD edo DVD batean idatzi behar duzu.\n\nGARRANTZITSUA: Ohartu zaitez fitxategia ISO diska irudi baten moduan idatzi behar dela CD/DVD-an (ez fitxategi bat bezala). Hori egiteko informazio gehiago behar baduzu, zure CD/DVD-ak grabatzeko softwarearen dokumentazioa irakurri ezazu.\n\nSalbatze Diska idatzi eta gero, 'Sistema' > 'Salbatze Diska egiaztatu' aukeratu ezazu ondo idatzi dela ziurtatzeko. + Salbatze Diska sortu da eta ondorengo fitxategian sortu da:\n%s\n\nOrain Salbatze Diskaren irudia CD edo DVD batean idatzi behar duzu.\n\nMicrosoft Windows-en Diska Irudi Idazlea abiatu nahi al duzu?\nOharra: Salbatze Diska idatzi eta gero, 'Sistema' > 'Salbatze Diska Egiaztatu' aukeratu ezazu ondo idatzi dela ziurtatzeko. + Mesedez, zure VeraCrypt Salbatze Diska zure CD/DVD unitatean sartu ezazu eta Ados klikatu hura egiaztatzeko. + VeraCrypt salbatze diska arazorik aurkitu gabe egiaztatu da. + Ezin da egiaztatu Salbatze Diska akatsik gabe idatzi dela.\n\nSalbatze Diska idatzi baduzu, mesedez, CD/DVD-a atera eta berriz sartu ezazu; gero berriro saiatu. Honek laguntzen ez badu, saiatu zaitez CD/DVD-ak idazteko beste programa batekin edo beste gailu batean idazten.\n\nBeste gako nagusi, pasahitz e.a. ezberdin batentzako sortu den VeraCrypt Salbatze Diska egiaztatzen saiatzen bazara, ohartu zaitez Salbatze Diskak egiaztatze honetan beti errorea emango duela. Daukazun konfigurazioarekin guztiz bateragarria den Salbatze Diska Sortzeko, 'Sistema' > 'Salbatze Diska Sortu' aukeratu ezazu. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + TrueCryp-en Salbatze Diska Sortzerakoan Errorea. + VeraCrypt-en Salbatze Diska ezin da sortu ezkutuko sistema eragile bat martxan dagoenean.\n\nVeraCrypt-en Salbatze Diska sortzeko, sistema eragile amua hasieratu eta 'Sistema' > 'Salbatze Diska Sortu' aukeratu ezazu. + >Ezin da egiaztatu Salbatze Diska akatsik gabe idatzi dela.\n\nSalbatze Diska idatzi baduzu, mesedez, CD/DVD-a atera eta berriz sartu ezazu; gero 'Hurrengoa' sakatu eta berriro klik egin ezazu. Honek lagunzten ez badu beste gailu batekin %s saiatu zaitez.\n\nSalbatze Diska oraindik idatzi ez baduzu, mesedez, hori egin ezazu eta 'Hurrengoa' sakatu\n\nLaguntzaile hau hasi baino lehen egindago VeraCrypt Salbatze Diska bat egiaztatzen saiatzen bazara, ohartu zaitez Salbatze Diska hori ezin izango dela erabili, gako nagusi ezberdin batentzako sortu baitzen. Orain sortutako Salbatze Diska idatzi behar duzu. + edo/eta beste CD/DVDak grabatzeko softwarea + VeraCrypt - Sistemaren Gogoko Bolumenak + Zer dira sistemaren gogoko bolumenak? + Sistemaren partizio/unitatea ez dirudi zifratuta dagoenik.\n\nSistemaren gogoko bolumenak bakarrik hasieraketa aurreko kautotze pasahitz batekin muntatu daitezke. Horregatik, sistemaren gogoko bolumenak erebili ahal izateko, lehendabizi sistemaren partizio/unitatea zifratu behar duzu. + Mesedez bolumena desmuntatu jarraitu baino lehen. + Errorea: Kronometroa ezin da jarri. + Fitxategi sistema egiaztatu + Fitxategi sistema konpondu + Gogokoetara Gehitu... + Sistemaren Gogokoetara Gehitu... + &Ezaugarriak... + Ezkutuko Bolumena Babestuta + E/B + Bai + Ez + Ezgaituta + 1 + 2 edo gehiago + Eragiketa modua + Etiketa: + Tamaina: + Helbidea: + Unitatearen Letra: + Errorea: Pasahitzak ASCII karaktereak bakarrik izan ditzake.\n\nSistemaren konfigurazioa aldatzen bada pasahitzan dauden ASCII ez diren karaktereak muntaketa eragotzi dezakete.\n\nHurrengo karaktereak erabili daitezke:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Kontuz: Pasahitzak ASCII ez diren karaktereak ditu. Honek bolumena ezin muntatzea eragin dezake zure sistemaren konfigurazioa aldatzen bada.\n\nPasahitzan dituzun ASCII ez diren karaktereak ASCII karaktereen ordez aldatu beharko zenituzke. Hau egiteko, 'Volumenak' -> 'Change Volume Password' sakatu ezazu. Ondorengo hauek ASCII karaktereak dira:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + KONTUZ: Gogor gomendatzen dugu fitxategi exekutagarrien fitxategi luzapenak (adibidez, .exe, .sys, edo .dll) eta bestelako arazodun fitxategi luzapenak ez erabiltzea. Fitxategi luzapen hauek erabiltzeak Windows eta antibirusek edukiontzietan oztopatzea ekartzen du, honek bolumenaren abiaduran eragin okerra dauka eta beste arazo garrantzitsuak sortu ditzake.\n\nGogor gomendatzen dugu fitxategiaren luzapena kentzea edo aldatzea (adibidez '.hc'-ra).\n\nZiur zaude arazoak ematen dituen fitxategi luzapena erabili nahi duzula? + KONTUZ: Edukiontziak fitxategi exekutagarrientzako erabiltzen den luzapena dauka (adibidez, .exe, .sys, edo .dll) edo arazoak sortu ditzaken antzeko luzapen bat. Fitxategi luzapen hauek erabiltzeak Windows eta antibirusek edukiontzietan oztopatzea ekartzen du, honek bolumenaren abiaduran eragin okerra dauka eta beste arazo garrantzitsuak sortu ditzake.\n\nGogor gomendatzen dugu fitxategiaren luzapena kentzea edo aldatzea (adibidez '.hc'-ra) bolumena desmuntatu eta gero. + Horri-Nagusia + KONTUZ: Badirudi ez diozula Service Pack-ik instalatu zure Windowseko instalazioari. Ez zenuke idatzi behar 128GB baino gehiago dituzten IDE diskoetan Service Pack 1 edo gehiago ez duten Windows XP-tan! Egiten baduzu, diskan dauden datuak (berdin dio VeraCrypt bolumen bat den edo ez) hondatu daitezke. Ohartu zaitez hau Windowsen muga bat dela, ez VeraCrypt-en akats bat. + KONTUZ: Badirudi ez diozula Service Pack edo ondorengorik jarri zure Windows instalazioari. Ez zenuke idatzi behar 128GB baino gehiago dituzten IDE diskoetan Service Pack 3 edo gehiago ez duten Windows 2000-tan! Egiten baduzu, diskan dauden datuak (berdin dio VeraCrypt bolumen bat den edo ez) hondatu daitezke. Ohartu zaitez hau Windowsen muga bat dela, ez VeraCrypt-en akats bat.\n\nOharra: Horretaz gain, agian 48 bit-eko LBA onartzea gaitu beharko duzu erregistroan; informazio gehiago nahi baduzu, http://support.microsoft.com/kb/305098/EN-US begiratu ezazu. + KONTUZ: 48 bit-eko LBA ATAPI onartzea ezgaituta dago zure sisteman. Horregatik ez zenuke idatzi behar 128GB baino gehiago dituzten IDE diskoetan. Egiten baduzu, diskan dauden datuak (berdin dio VeraCrypt bolumen bat den edo ez) hondatu daitezke. Ohartu zaitez hau Windowsen muga bat dela, ez VeraCrypt-en akats bat.\n\n 48 bit-eko LBA onatzea gaitzeko, 'EnableBigLba' erregistroaren balioa sartu ezazu HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters erregistroaren sarreran eta 1 balioa emaiozu.\n\nInformazio gehiago nahi baduzu, http://support.microsoft.com/kb/305098 begiratu ezazu. + Errorea: 4GB baino gehiagoko fitxategiak ezin dira FAT fitxategi sisteman gorde. Horregatik, FAT32 fitxategi sisteman dauden fitxategian ostatutako VeraCrypt bolumenak (edukiontziak) ezin dira izan 4GB baino handiagoak.\n\nBolumen handiago bat behar baduzu, NTFS fitxategi sisteman sortu dezakezu (edo, Windows Vista SP1 edo gehiago erabiltzen baduzu, exFAT fitxategi sisteman) edo, fitxategian ostatutako bolumen baten ordez, gailu edo partizio osoa zifratu dezakezu. + Kontuz: Windows XP-ek ez ditu 2048GB baino gehiagoko fitxategiak onartzen ("Ez dago behar den toki librea" errorea emango du). Hortaz, ezin duzu 2048 GB baino gehiago dituen fitxategian ostatutako VeraCrypt bolumen bat sortu (edukiontzia) Windows XP erabiltzen baduzu. + KONTUZ: Etorkizunean kanpoko bolumenean fitxategiak/datuak gehitzeko aukera izan nahi baduzu, ezkutuko bolumenarentzat tamaina txikiagoa aukeratzea kontutan izan baharko zenuke.\n\nZiur zaude aukeratutako tamainarekin jarraitu nahi duzula? + Ez da bolumenik aukeratu.\n\n'Gailua Aukeratu' edo 'Fitxategia Aukeratu' sakatu ezazu VeraCrypt bolumen bat aukeratzeko. + Ez da partiziorik aukeratu\n\n'Gailua Aukeratu' sakatu ezazu normalean hasieraketa-aurreko kautotzea behar duen desmuntatutako partizio bat aukeratzeko (adibidez, beste sistema eragile baten sistemako unitatean dagoen partizio zifratu bat, edo beste sistema eragile baten zifratutako sistemaren partizioa.\n\nOharra: Aukeratutako partizioa VeraCrypt bolumen normal bat bezala muntatuko da, hasieraketa-aurreko kautotzerik gabe. Hau lagungarria da adibidez babeskopia edo konpontze lanetarako. + KONTUZ: Lehenetsitako gako-fitxategiak aukeratu badira eta aktibatuta badaude, gako-fitxategi hauek erabiltzen ez dituzten bolumenak ezin izango dira muntatu. Horregatik, lehenetsitako gako-fitxategiak aktibatu eta gero, gogoratu ezazu 'Gako fitxategiak Erabili' aukera desmarkatzeaz (pasahitzaren laukiaren azpian) bolumen hauek muntatzerakoan.\n\nZiur zaude gako-fitxategi/helbide hauek lehenetsitakoak bezela gorde nahi dituzula? + Gailuak Auto-Muntatu + Denak Desmuntatu + Katxea Ezabatu + Guztiak Desmuntatu eta Katxea Ezabatu + Guztiak Desmuntarazi eta Katxea Ezabatu + Guztiak Desmuntarazi, Katxea Ezabatu eta Irten + Gogoko Bolumenak Muntatu + VeraCrypt-en Lehio Nagusia Erakutsi/Ezkutatu + (Hemen clik egin eta tekla bat sakatu) + Akzioa + Lasterbidea + Errorea: Lasterbide hau erreserbatuta dago. Mesedez beste lasterbide bat aukeratu. + Errorea: Lasterbidea erabiltzen ari da. + KONTUZ: VeraCrypt-en sistema osoko laister-tekla bat edo gehiago ez du funtzionatuko.\n\nMesedez, ziurtatu zaitez ez dagoela laisterbide berdina erabiltzen duen aplikazio edo sistema eragilerik. + Paginatze fixategiaren sorrera eragotzi da.\n\nMesedez, ohartu zaitez, Windowsen arazoengatik, ezin direla paginatze fitxategiak sistemakoak ez diren VeraCrypt bolumenetan sortu (sistemaren gogoko bolumenak barne). VeraCrypt-ek zifratutako sistemaren partizio/unitatean bakarrik onartzen du paginatze fitxategien sorrera. + Errore batek edo bateragarritasun eza VeraCrypt-i hibernatze fitxategia zifratzea eragotzi dio. Hortaz, hibernazioa ez da egin.\n\nOharra: Orgenagailu batek hibernatzen duenean (edo energia aurrezteko moduan dagoenean), sistemaren memoriaren edukiak disko gogorran dagoen hibernatze fitxategi batean idazten dira. VeraCrypt ezingo zen gai zifratze gakoen eta RAM memorian irekitako fitxategi pribatuen datuen zifratu gabe hibernatze fitxategaren idazkera eragozteko. + Hibernazioa ergotzi da.\n\nVeraCrypt-ek ez du hibernaziorik onartzen hasieraketa partizio extra bat erabiltzen duten ezkutuko sistema eragiletan. Ohartu zaitez hasieraketa partizio bera erabiltzen dutela sistema eragile amu eta ezkutuak. Horregatik, datuen filtratzea eta hibernaziotik bueltatzerakoan egon daitezkeen arazoak eragozteko, VeraCryptek debekatu behar dio sistema ezkutuari hasieraketa partizio horretan idaztea eta, hortaz, hibernatzea ere. + %c bezala muntatutako VeraCrypt bolumena: desmuntatu egin da. + VeraCrypt bolumenak desmuntatu egin dira. + VeraCrypt bolumenak desmuntatu egin dira eta pasahitz katxea ezabatu egin da. + Ondo desmuntatu egin da + KONTUZ: VeraCrypt-en Ezkutuko Ataza ezgaituta badago, hondorengo funtzioak ere ezgaituta egongo dira:\n\n1) Tekla Bereziak\n2) Auto-desmuntaketa (adib.: saioa amaitzerakoan, gailu ostalaria kentzerakoan,e.a.)\n3) Gogoko bolumenen auto-muntaketa\n4) Jakinarazpenak (adib.: ezkutuko bolumenari kaltea eragotzi zaionean)\n5) Erretiluko ikonoa\n\nOharra: VeraCrypt-en Ezkutuko Ataza edozein momentutan itzali dezakezu erretiluko ikonoan klik eginez eta 'Irten' aukeratuz.\n\nZiur zaude betirako VeraCrypt-en Ezkutuko Ataza ezgaitu nahi duzula? + KONTUZ: Aukera hau ezgaituta badago, fitxategi/karpeta irekiak dituzten bolumenak ezin izango dira auto-desmuntatu.\n\nZiur zaude aukera hau ezgaitu nahi duzula? + KONTUZ: Irekita dauden fitxategi/karpetak dituzten bolumenak EZ dira auto-desmuntatuko.\n\nHau eragozteko hondorengo aukera hautatu ezazu lehio honetan bertan: 'Auto-desmuntaketa eragin bolumenak irekitako Ffitxategi edo karpetak baditu ere'. + KONTUZ: Ordenagailu eramangarriaren bateria baxua denean, izan daiteke Windowsek martxan dauden aplikazioei mezu egokiak ez bidaltzea energia aurrezte moduan sartzen ari denean. Horregatik, kasu horietan VeraCrypt-ek bolumenak auto-desmuntatzerakoan huts egin dezake. + Partizio/Bolumen baten zifraketa programatu duzu. Prozesua oraindik ez da bukatu.\n\nProzesua orain jarraitu nahi al duzu? + Sistemaren partizioaren/unitatearen zifraketa edo argitze prozesua programatu duzu. Prozesu hau ez da oraindik bukatu.\n\n Prozesu hau orain hasi (jarraitu) nahi al duzu? + Sistemakoak ez diren partizio/bolumenen zifraketa prozesu programatuen berriz hasteko mezuak jaso nahi dituzu? + Bai, mezuak bidaltzen jarraitu. + Ez, ez itzazu mezu gehiago bidali. + GARRANTZITSUA: Gogoratu ezazu edozein momentutan sistemaren partizio/unitatearen zifratze prozesua jarraitu dezakezula VeraCrypten lehio nagusiaren menuan 'Bolumenak' > 'Etendako Prozesua Jarraitu' aukeratuz. + Sistemaren partizio/unitatearen zifratze edo argitze prozesua programatu duzu. Hala ere, hasieraketa aurreko kautotzea huts egin du (edo sahiestu da).\n\nOharra: hasieraketa aurreko ingurunean sistemaren partizio/unitatea argitu bazenuen, agian prozesua bukatu behar duzu 'Sistema' > 'Sistemaren Partizio/Unitatea Betirako Argitu' aukeratuz VeraCrypt lehio nagusiaren menuan. + KONTUZ: VeraCrypt oran itxi egiten bada, hondorengo funtzioak ezgaituko dira:\n\n1) Tekla Bereziak\n2) Auto-desmuntaketa (adib.: saioa amaitzerakoan, gailu ostalaria kentzerakoan,e.a.)\n3) Gogoko bolumenen auto-muntaketa\n4) Jakinarazpenak (adib.: ezkutuko bolumenari kaltea eragotzi zaionean)\n\nOharra: VeraCrypt ezkutuan exekutatzea nahi ez baduzu, VeraCrypt-en ezkutuko ataza ezgaitu ezazu lehentasunetan (eta, beharrezkoa bada, lehentasunetan VeraCrypten abiatze automatikoa ezgaitu ezazu ere).\n\nZiur zaude VeraCrypt itxi nahi duzula? + Irten? + VeraCrypt-ek ez dauka informazio nahikoa jakiteko zifratu edo argitu behar duen. + VeraCrypt-ek ez dauka informazio nahikoa jakiteko zifratu edo argitu behar duen. Oharra: Hasieraketa-aurreko ingurunean sistemaren unitatea/partizioa argitu baduzu, agian prozesua bukatu behar izango duzu 'Argitu' sakatuz. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Partizio/bolumenaren zifratze prozesua eten eta gerorako utzi nahi al duzu?\n\nOharra: Kontuan izan ezazu ezin izango duzula bolumena muntatu guztiz zifratuta dagoen arte. Prozesua jarraitzeko aukera izango duzu eta hau gelditu zen tokian hasiko da berriz. Hori egiteko, adibidez, 'Bolumenak' > 'Etendako Prozesua Jarraitu' aukeratu ezazu VeraCrypt lehio nagusiaren menuan. + Sistemaren partizo/unitatearen zifratze prozesua eten eta gerorako utzi nahi al duzu?\n\nOharra: Prozesua jarraitzeko aukera izango duzu eta hau gelditu zen tokian hasiko da berriz. Hau egin dezakezu 'Sistema' > 'Etendako Prozesua Jarraitu' aukeratuz VeraCrypt lehio nagusiaren menuan. Zifratze prozesua bertan behera utzi nahi baduzu edo zifratze prozesua desegin nahi baduzu, 'Sistema' > 'Sistemaren Partizio/Unitatea Betirako Argitu' aukera hautatu ezazu. + Sistemaren partizioaren/unitatearen argitze prozesua eten nahi duzu eta gerorako utzi?\n\nOharra: Prozesua jarraitu ahal izango duzu eta gelditu den tokian jarraituko du. Hori egin dezakezu, adibidez, 'Sistema' > 'Etendako Prozesua Jarraitu' VeraCrypteko lehioko menuan aukeratuz. Argitze prozesua desegin nahi baduzu (eta zifratzen hasi) 'Sistema' > 'Sistemaren Partizioa/Unitatea Zifratu' aukeratu ezazu. + Errorea: Sistemaren partizio/unitatearen zifratze/argitze prozesua eteterakoan huts egin du. + Errorea: Ezabatze prozesua eteterakoan huts egin du. + Errorea: Sistemaren partizio/unitatea zifratzeko/argitzeko prozesua berriz hasterakoan huts egin du. + Errorea: Ezabatze prozesua hasterakoan huts egin du. + Datuen hutsala konpondu da.\n\n\n(Akats honen berri ematen baduzu, mesedez hurrengo informazioa gehitu ezazu akatsaren txostenean:\n%hs) + Errorea: ustekabeko egoera.\n\n\n(Akats honi buruz txosten bat bidaltzen baduzu, mesedez, hurrengo informazio teknikoa erantsi iezaiozu akatsaren txostenari:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + KONTUZ: TruekCrypt-en Ezkutuko Ataza ezgaituta dago.VeraCrypt-etik atera eta gero informatuko zaizu ezkutuko bolumenaren kaltea eragotzi den.\n\nOharra: VeraCrypt-en Ezkutuko Ataza edozein momentutan gelditu dezakezu VeraCrypt erreteiluko ikonoan eskubiko klik eginez eta 'Irten' aukeratuz.\n\n VeraCrypt-en Ezkutuko Ataza gaitu? + Hizkuntza paketearen bertsioa: %s + %s bezala muntatutako VeraCrypt bolumenaren fitxategi sistema egiaztatzen... + %s bezala muntatutako VeraCrypt bolumenaren fitxategi sistema konpontzen saiatzen... + Kontuz: bolumen hau algoritmo zaharkitu batekin zifratuta dago.\n\n 64 biteko blokeak erabiltzen dituzten algoritmo guztiak (adib. Blowfish, CAST-128 edo DES hirukoitza) zaharkituta daude. Etorkizuneko VeraCrypt bertsioetan bolumen hau muntatu ahal izango da. Hala ere, ez da hobekuntzarik egingo zifratze algoritmo zaharkitu hauetan. Gomendatzen dizugu 128 biteko blokeak erabiltzen dituen zifratze algoritmo batekin (adib. AES; Serpent, Towfish e.a.) VeraCrypt bolumen berri bat egitea eta fitxategiak bolumen zaharretik berrira mugitzea. + Zure sistema ez dago konfiguratuta bolumen berriak auto-muntatzeko. Ezinezkoa izan daiteke gailuan ostatutako VeraCrypt bolumenak muntatzea. Auto-muntatzea aktibatu daiteke hurrengo komandoa exekutatuz eta sistema berrabiatuz.\n\nmountvol.exe /E + Mesedez unitate letra bat eman iezaiozu partizio/gailuari jarraitu aurretik ( 'Kontrol-panela' > 'Sistema eta Mantentzea' > 'Tresna Administratiboak' - 'Disko gogorrean partizioak egin eta formatatu').\n\nOhartu zaitez hau sistema eragilearen eskakizuna dela. + VeraCrypt bolumena muntatu + VeraCrypt bolumen guztiak desmuntatu + VeraCrypt-ek huts egin du Administratzaile baimenak lortzerakoan. + Sistema eragileak sartzea debekatu du.\n\nZergati probablea: Sistema eragileak zenbait karpeta, fitzxategi eta unitateetan irakurri eta idazteko baimena (edo administratzaile baimena) izatea behartzen du bertan datuak irakurri eta idatzi ahal izateko. Orokorrean, administratzaile baimenik gabeko erabiltzaile batek bere Dokumentuak karpetan fitxategiak sortu, irakurri eta aldatzeko baimena izaten du. + Errorea: Unitateak onartzen ez den sektore tamaina erabiltzen du.\n\nMomentuz ezin da partizoan/gailuan ostatutako bolumenik sortu 4096 byte baino gehiagoko sektoreak erabiltzen dituzten unitateetan. Hala ere, ohartu zaitez unitate horietan fitxategian ostatutako bolumenak (edukiontziak) sortu daitezkela. + Momentuz ezin da 512 byteeko sektoreak ez dituen diskoetan sistemarik zifratu. + VeraCrypt Hasieraketa kargatzaileak gutxienez 32KByte behar ditu sistemaren unitatearen hasieran (VeraCrypt Hasieraketa Kargatzailea gune horretan gorde behar da). Zoritxarrez zure unitateak ez du baldintza hori betetzen.\n\nMesedez EZ ezazu VeraCrypt-en akats bat balitz bezela salatu. Arazo hau konpontzeko, zure diskan partizioak berregin beharko dituzu lehendabiziko 32KByteak libre uzteko (kasu gehientetan lehendabiziko partizioa ezabatu eta berriz sortu beharko duzu). Mikrosoften partizio kudeatzailea erabiltzea gomendatzen dizugu, hau Windows insalatzerakoan erabilgarri dago. + Ezaugarri hau ez dago onartua erabiltzen ari zaren sistema eragilearen bertsioan. + VeraCrypt-ek ez du onartzen sistemaren partizioa/unitatea zifratzea erabiltzen ari zaren sistema eragilearen bertsioan. + Windows Vista-n sistemaren partizioa/unitatea zifratu baino lehen 1go Service Pack edo altuagoa instalatu behar duzu (oraindik ez da horrelako Service Pack-ik sisteman instalatu).\n\nOharra: Windows Vista-ren 1go ServicePack-a sistemaren hasieraketan erabili gabeko memoria eskasia eragiten zuen akats bat konpontzen du. + VeraCrypt-ek jadanik ez du onartzen Service Pack instalatuta ez daukan Windows Vista-tan sistemaren partizioa/unitatea zifratzea. VeraCrypt eguneratu baino lehen, mesedez, Windows Vistaren Service Pack 1 edo ondorengo bat instalatu ezazu. + Errorea: Ezaugarri honek beharrezkoa du VeraCrypt sisteman instalatuta egotea (VeraCrypt modu eramangarrian erabiltzen ari zara)\n\nMesedez, VeraCrypt instalatu ezazu eta berriro saiatu.. + KONTUZ: Ez dirudi Windows hasieratzen den unitatean instalatuta dagoenik. Hau ez dago onartuta.\n\nWindows hasieratzen den unitatean instalatuta dagoela ziur badakizu bakarrik jarraitu beharko zenuke.\n\nJarraitu nahi duzu? + Zure sistemaren unitateak GUID partizio taula dauka (GPT). Orain, MBR partizio taula daukaten unitateak bakarrik onartzen dira. + KONTUZ: VeraCrypt-en Hasieraketa Kargazailea dagoeneko sistemaren unitatean instalatuta dago!\n\nIzan daiteke dagoeneko zure ordenagailuan beste sistema bat zifratuta egotea.\n\nKONTUZ: ORAIN MARTXAN DAGOEN SISTEMAREN ZIFRAKETAK BESTE SISTEMAK ABIAEZINAK ETA EUREN DATUAK ESKURAEZINAK UTZI DITZAKE.\n\nZiur zaude jarraitu nahi duzula? + Jatorrizko sistemaren kargatzailea leheneratzerakoan huts egin du.\n\nMesedez zure VeraCrypt-en Salbatze Diska erabili ezazu ('Konponketa Aukerak' > 'Sistemaren kargatzaile originalera leheneratu') edo Windows instalazio diska erabili ezazu Windowsen sistemaren kargatzailea VeraCrypt-en Hasieraketa Kargatzailea ordez jartzeko. + Sitemaren kargatzaile originala ez da Salbatze Diskan gordeko (honen zergatia: agian babeskopia fitxategi bat falta da). + MBR sektorea idazterakoan huts egin du.\n\nZure BIOSAK agian MBR sektorea babesteko konfiguratuta dago. Zure BIOS-aren konfigurazioa begiratu ezazu (zure ordenagailua abiatu bezain laister F2, SUPR edo ESC sakatuz) MBR/antibirus babesen bila. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + Beharrezkoa den TrueCryp-en Hasieraketa Kargatzailearen bertsioa ez dago instalatuta. Honek ezarpen batzuk ez gordetzea ekar dezake. + Oharra: Zenbait kasuetan ordenagailua abiatzen zauden bitartean pertsona bat zuri begira badago (arerioa) eta ez duzu VeraCrypt erabiltzen duzula jakinarazi nahi. Goiko aukerek VeraCrypt Hasieraketa Kargatzailearen lehioa pertsonalizatzeko aukera ematen dizute. Lehendabiziko aukera gaitzen baduzu, ez dira testurik erakutsiko hasieraketa kargatzailean (ezta pasahitza gaizki sartu duzularen mezua ere). Ordenagailua "izoztuta" (ezer egin gabe) balego bezala agertuko da pasahitza sartzen duzun bitartean. Gaineara neurrira egindako mezu bat agertu daiteke arerioa nahasteko. Adibidez, gezurrezko errore mezu bat, adibidez "Sistema Eragilerik Ez Dago" ("Missing operating system", testu hau normalean Windowsen hasieraketa kargatzaileak erakusten du Windows hasieraketa partiziorik ez dagoenean). Hala ere, garrantzisua da jakitea arerio batek disko gogorraren edukia arakatu baldin badezake, VeraCrypt Hasieraketa Kargatzailea hor dagoela aurkitu dezakela. + KONTUZ: Ohartu zaitez aukera hau gaitzen baduzu, VeraCrypt Hasieraketa Kargatzaileak ez duela testurik erakutsiko (ezta pasahitz okerra sartzen duzunean). Ordenagailua "izoztuta" (ezer egin gabe) balego bezala agertuko da pasahitza sartzen duzun bitartean (kursorea ez da mugituko eta ez da izartxorik agertuko tekla zapaltzerakoan).\n\nZiur zaude aukera hau gaitu nahi duzula? + Zure sistemaren partizioa/unitatea guztiz zifratuta dirudi. + VeraCrypt-ek ez du onartzen disko dinamiko bihurtu den sistemaren unitate bat zifratzea. + Sistemaren unitateak hedatutako partizioak (logikoak) ditu.\n\nSistemaren unitatean hedatutako partizioak (logikoak) daudenean Windows Vista eta geroko bertsioetan bakarrik zifratu daiteke sistemaren unitate osoa. Windows XP-en, sistemaren unitate osoa zifratu dezakezu baldin eta bakarrik lehen mailako partizioak baditu.\n\nOhara: Hala ere, sistemaren unitate osoa zifratu ordez sistemaren partizioa zifratu dezakezu (eta, horretaz gain, partizoetan ostatutako VeraCrypt bolumenak sortu ditzakezu sistemakoak ez diren partizioetan). + KONTUZ: Windows XP/203 erabiltzen ari zarenez, unitatea zifratzen hasi eta gero EZIN izango duzu bertan hedatutako partizioak (logikoak) sortu (bakarrik lehen mailako partizioak sortu ahal izango dituzu). Unitatean dagoen edozen hedatutako partizo (logiko) ezin izango da irakurri zifratzen hasi eta gero (momentu honetan unitatean ez dago horrelakorik).\n\nOharra: Eragozpen hau onargarria ez bada, atzera egin dezakezu eta unitate osoa zifratu beharrean sistemaren partizioa bakarrik zifratu dezakezu (eta, horretaz gain, partizioetan ostatutako VeraCrypt bolumenak sortu ditzakezu unitatean dauden eta sistemarenak ez diren partizioetan).\nBestela, eragozpen hau onargarria ez bada, Windows Vistara edo Windowsen ondorengo bertsio batera aldatzea ere aukera izan daiteke (Windows Vista eta gerokoetan hedatutako partizioak (logikoak) dituen sistemaren unitate osoa zifratu daiteke). + Zure sistemaren unitateak estandarra ez den partizio bat dauka.\n\nEramangarri bat erabiltzen ari bazara, ziurenik sistemaren unitateak berreskuratze partizio berezi bat dauka. Sistemaren unitate osoa zifratu eta gero (bertan dagoen berreskuratze partizioak barne), sistema ezin izango da abiatu zure ordenagailuak gaizki diseinatutako BIOS bat erabiltzen baldin badu. Horretaz gain, ezin izango da berreskuratze partizioa erabili sistemaren unitatea argitu baino lehen. Horregatik, bakarrik sistemaren partizioa zifratzea gomendatzen dizugu. + Unitate osoaren ordez, sistemaren partizioa zifratu nahi al duzu?\n\nOhartu zaitez partizioetan ostatutako VeraCrypt bolumenak sortu ditzakezula sistemakoak ez diren unitatearen partizioetan (sistemaren partizioa zifratzeaz gain). + Zure sistemaren unitateak bakarrik partizio bat daukanez, zein unitate osoa betetzen duen, gomendagarria da (seguruagoa) unitate osoa zifratzea partizio horren inguruan dagoen "soberako" espazio hutsa gehituz.\n\nSistemaren unitate osoa zifratu nahi al duzu? + Zure sistema fitxategi iraunkorrak sistemakoa ez den partizio batean gordetzeko konfiguratuta dago. Fitxategi iraunkorrak sistemaren partizioan bakarrik gorde daitezke. + Zure erabiltzailearen profilaren fitxategiak ez daude sistemaren partizioan gordeta.\n\nErabiltzailearen profilaren fitxategiak sistemaren partizioan bakarrik gorde daitezke. + Sistemakoak ez diren partizioetan orrikatze fitxategiak daude.\n\nOrrikatze fitxategiak bakarrik sistemaren partizioan egon daitezke. + Orain Windows konfiguratu nahi al duzu orrikatze fitxategiak Windowsen partizioan bakarrik sortu daitezen?\n\nOhartu zaitez 'Bai' sakatu eta gero ordenagailua berrabiatu egingo dela. Ondoren VeraCrypt abiatu eta berriz saiatu zaitez ezkutuko sistema eragile bat sortzen. + Bestela, ezkutuko sistema eragilearen ezeztapen onargarriak kalte handia jaso lezake.\n\nOharra: Arerio batek fitxategi horiek arakatuko balitu (sistemakoa ez den partizio abtean daudenak), laguntzaile hau ezkutuko sistema bat sortzeko moduan exekutatu zela aurkitu dezake (ordenagailu honetan ezkutuko sistema eragile bat dagoelaren seinale izan daitekeena). Ohartu zaitez ere sistemaren partizioan dauden horrelako fitxategiak VeraCrypt-ek sekurtasunez ezabatuko dituela ezkutuko sistema eragilea sortzeko prozesuan. + KONTUZ: Ezkutuko sistema eragilea sortzeko prozesuan sistema osoa berrinstalatzea eskatuko zaizu (sistema amua sekurtasunez sortzeko).\n\nOharra: Momentu honetan martxan dagoen sistema eragilea eta bere sistemaren partizioaren eduki guztiak ezkutuko bolumenera kopiatuko dira (ezkutuko sistema sortzeko).\n\n\nZiur zaude Windows instalatzeko gai izango zarela Windows instalatzeko gailu batekin (edo partizio serbitzari batekin)? + Sekurtasun arrazoiengatik, orain martxan dagoen sistema eragilea aktibatu behar bada, jarraitu baino lehen aktibatu behar da. Ohartu zaitez ezkutuko sistema eragilea sistemako partizioaren edukiak ezkutuko bolumen batera kopiatuz sortuko dela (hortaz, sistema eragile hau aktibatuta ez badago, ezkutuko sistema eragilea ere ez da aktibatuta egongo). Informazio gehiago nahi baduzu VeraCrypt-en Erabiltzaile Gidaren "Ezkutuko bolumenentzako sekurtasun baldintzak eta neurriak" atala irakurri ezazu.\n\nGarrantzitsua: Jarraitu baino lehen ziurtatu zaitez VeraCrypt-en Erabiltzaile Gidaren "Ezkutuko Bolumenentzako Sekurtasun Baldintzak eta Neurriak" atala irakurri duzula.\n\n\nMartxan dagoen sistema eragileak goiko baldintza betetzen du? + Zure sistemak bigarren hasieraketa partizioa erabiltzen du. VeraCrypt-ek ez du hibernaziorik onartzen sistemak bigarren hasieraketa partizio bat erabiltzen duenean (sistema amuak arazorik gabe hibernatu daitezke).\n\nOhartu zaitez sistema amu eta ezkutuak hasieraketa partizio bera erabiliko dutela. Horregatik, hibernatze egoeratik bueltatzerakoan egon daitezken datuen filtrazioak eta bestelako arazoak eragozteko, TrueCrypy-ek ezkutuko sistemari eragotzi behar dio amankomunean daukan hasieraketa partizioan idaztea eta hibernatzea.\n\nJrraitu nahi al duzu? 'Ez' aukeratzen abduzu, bigarren hasieraketa partizioa kentzeko jarraibidea aterako zaizu. + \nAbiatze partizio gehigarria Windows instalatu aurretik kendu daiteke. Hori egitueko, hurrengo pausoak jarraitu itzazu:\n\n1) Zure Windows instalatze diska abiatu ezazu.\n\n2) Windows instalatzailearen lehioan 'Orain Instalatu' > 'Pertsonalizatua (aurreratua)' aukeratu.\n\n3) 'Unitate Aukerak' sakatu ezazu.\n\n4) Sistemaren partizio nagusia aukeratu eta ezabatu ezazu 'Ezabatu' eta 'Ados'-en klik eginez.\n\n5) 'Sistemaren Erreserbatua' partizioa aukeratu ezazu eta 'Hedatu' aukeratu ezazu, ondoren, berre tamaina handitu ezazu bertan sistema eragilea instalatu ahal izan dadin.\n\n6) 'Aplikatu' eta 'Ados'-en klik egin ezazu.\n\n7) 'Sistemaren Erreserbatua' partizioan Windows instalatu ezazu.\n\nErasotzaile batek Abiatze partizio gehigarria ezabatzeari buruz galdetzen badizu, zifratu gabeko abiatze partiziora daturik ez galtzearren egin duzula erantzun diezaiokezu.\n\nOharra: Testu hau inprimatu dezakezu azpian dagoen 'Inprimatu' botoian klik eginez. Testu honen kopia bat gorde edo inprimatzen baduzu (hau gogor gomendatzen da, zure inprimagailuak inprimitzen dituen dokumentuen kopia bere barneko memorian gordetzen ez baditu), abiatze partizio gehigarria ezabatu eta gero kopia horiek suntsitu beharko zenituzke (bestela, kopia hori aurkituko balitz, ordenagailu honetan ezkutuko sistema eragile bat dagoelaren susmoa eman dezake). + Kontuz: Alokatu gabeko tarte bat dago sistemaren partizioa eta haren hurrengo partizioaren artean. Ezkutuko sistema eragilea sortu eta gero ezin izango duzu tarte horretan partizio berririk egin. Bestela, ezin izango da ezkutuko sistema eragilea hasieratu (partizio berri horiek ezabatu arte). + Algoritmo honek momentuz ez du balio sistema zifratzeko . + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Momentuz ezin dira gako-fitxategiak erabili sistema zifratzeko. + Kontuz: VeraCrypt-ek ezin izan du teklatua diseinu originaera leheneratu. Honek pasahitza gaizki sartzea ekar dezake. + Errorea: Ezin da VeraCrypt-entzat teklatuaren diseinua aldatu EB teklatu estandar diseinura.\n\nOhartu zaitez pasahitza hasieraketa aurreko ingurunean (Windows hasi aurretik) sartu behar dela eta bertan EB-etako teklatu diseinuak ez daudela eskuragarri. Horregatik, pasahitza beti sartu behar da EB-etako teklatu estandarraren diseinuarekin. + VeraCrypt-ek teklatuaren diseinua EB-etako teklatu diseinura aldi baterako aldatu duenez, ezin dira karaktereak idatzi eskubiko Alt tekla sakatuta dagoen bitartean. Hala ere, horietako karaktere gehienak idatzi daitezke Shift tekla sakatzen den bitartean tekla aproposa sakatzen bada.. + VeraCrypt-ek teklatuaren banaketaren aldaketa eragotzi du. + Oharra: Pasahitza hasieraketa aurreko ingurunean idatzi beharko da (Windows hasi aurretik) eta bertan ez daude eskuragarri EB-etako Windows teklatua ez diren teklatu diseinuak. Hortaz, pasahitzak beti sartu behar dira EB-etako teklatu diseinu estandarra erabiliz. Hala ere, garrantzitsua da jakitea EZ duzula behar benetazko EB-etako teklatua. VeraCrypt-ek automatikoki ziurtatzen da pasahitza sekurtasunez sartu dezakezula (orain eta hasieraketa aurreko ingurunean) nahiz eta EB-etako teklatu fisikorik EZ izan. + Unitate/Partizioa zifratu aurretik, VeraCrypt Salbatze Diska (TSD) sortu behar duzu, TSDk honetarako balio du:\n\n- VeraCrypt Hasieraketa Kargatzailea, gako nagusia edo beste nahitaezko daturen bat hondatzen bada, TSDk hori leheneratzera lagunduko dizu (ohartu zaitez, edozein modutan pasahitz zuzena sartu beharko duzula).\n\n- Windows hondatu eta ezin bada abiatu, TSDak Windows hasi aurretik parizio/unitate osoa argitu dezake.\n\n- TSKak diskaren lehendabiziko pistaren babeskopia izango du (non normalean sistemaren kargatzailea edo hasieraketa kudeatzailea dauden) eta beharrezkoa bada hura leheneratzen utziko dizu.\n\nVeraCrypt Salbatze Diskaren ISO irudia azpian dagoen helbidean sortuko da. + 'Ados' sakatu eta gero Mikrosoft Windows Image Burner programa abiatuko da. Mesedez, hau erabili ezazu VeraCrypt Salbatze Diskaren ISO irudia CD edo DVD batean idazteko.\n\nHori egin eta gero VeraCrypt Bolumenak Sortzeko Laguntzailera bueltatu zaitez eta haren jarraibideak bete itzazu. + Salbatze diska sortu da eta fitxategi honetan gorde da:\n%s\n\nOrain CD edo DVD batean idatzi behar duzu.\n\n%lsSalbatze Diska sortu eta gero, 'Hurrengoa' saktu ondo idatzi dela ziurtatzeko. + Salbatze Diskaren irudia sortu eta fitxategi honetan gorde da:\n%s\n\nOrain irudia CD/DVD batean idatzi beharko zenuke edo toki seguru batera eraman ezazu etorkizunean erabili ahal izateko.\n\n%lsHurrengoa sakatu jarraitzeko. + GARRANTZITSUA: Ohartu zaitez fitxategia ISO diska irudi bat bezala idatzi behar dela CD/DVD-an (ez fitxategi bakar bat bezala). Hau egiteko informazio gehiago nahi baduzu, zure CD/DVD-ak idazteko softwarearen dokumentazioan bilatu ezazu. CD/DVD batean ISO diska irudi bat idazteko gai den softwarrerik ez baduzu, sakatu ezazu hondorengo lotura hori egiten duen software libre bat deskargatzeko.\n\n + Micrsoft Windows-en Disko Irudien Grabatzailea abiatu + KONTUZ: Dagoeneko VeraCrypt Salbatze Diska bat sortu baduzu, ezin da sistemaren partizio/diska honetan berrerabili gako nagusi ezberdin batentzako sortu zelako. Sistemaren partizio/unitate bat zifratzen duzun bakoitzean, VeraCrypt Salbatze Diska berria sortu behar duzu pasahitz berdina badute ere. + Errorea: Sistemaren zifratze ezaugarriak ezin dira gorde. + Ezin da sistemaren zifratzeko aurreproba hasi. + Ezin izan da ezkutuko sistema eragilearen prozesua hasi. + Ezabatze modua + Zeinbait memoria gailuetan, datu batzuk beste batzuen gainetik idazten direnean, posiblea da datu zaharrak berreskuratzea indar magnetikoen mirkoskopia erabiliz. Hau ere aplikatzen da euren datu zifratuengatik ordezkatutako datuei (hau gertatzen da VeraCrypt hasieran zifratu gabeko unitatea edo partizioa zifratzen duenean). Zenbait ikerketa eta gobernuaren txosten batzuen arabera, gainetik idatzitako datuen berreskuratzea eragotzi (edo asko zaildu) daiteke datua originalak ausazko datuekin eta ausazkoak ez diren datu batzuekin zenbait alditan berridazten baldin badira. Horregatik, arerio batek zure datuak berreskuratzeko teknika horiek erabili ditzakela uste baldin baduzu, pasatze anitzeko ezabatze moduetako bat aukeratu nahi izango duzu (dauden datuak EZ dira galduko). Ohartu zaitez ezabatze prozesua EZ dela egingo partizioa/unitatea zifratu eta gero. Partizio/unitatea guztiz zifratuta dagoenean, ez da bertan zifratu gabeko daturik idatziko. Idazten diren datu guztiak, lehendabizi memorian bertan zifratuko dira eta gero datuak (zifraturik) diskan idatziko dira. + Zeinbait memoria gailuetan, datu batzuk beste batzuen gainetik idazten direnean (hau da, datuak ezabatzen direnean), posiblea da datu zaharrak berreskuratzea indar magnetikoen mirkoskopia erabiliz. Zenbait ikerketa eta gobernuaren txosten batzuen arabera, gainetik idatzitako datuen berreskuratzea eragotzi (edo asko zaildu) daiteke datua originalak ausazko datuekin eta ausazkoak ez diren datu batzuekin zenbait alditan berridazten baldin badira. Horregatik, arerio batek zure datuak berreskuratzeko teknika horiek erabili ditzakela uste baldin baduzu, pasatze anitzeko ezabatze moduetako bat aukeratu nahi izango duzu.\n\nOharra: Kontutan izan ezazu zenbat eta pasatze gehiago, orduan eta denbora gehiago behar izango duzula datuak ezabatzeko. + Ezabatzen + \nOharra: Ezabatze prozesua eten dezakezu, zure ordenagailua itzali, ezkutuko sistema berriro abiatu eta prozesua jarraitu (laguntzaile hau automatikoki hasiko da). Hala ere, eteten baduzu, ezabatze prozesu guztia berriro hasieratik hasi beharko da. + \n\nOharra: Ezabatze prozesua eten egiten baduzu eta gero hura jarraitzen saiatzen bazara, prozesu guztia berriz hasieratik hasiko da. + Ezabatze prozesua bertan behera uzti nahi al duzu? + Kontuz: Aukeratutako partizioaren/gailuaren edukia ezabatu eta galdu egingo da. + Jatorrizko sistema dagoen partizioaren eduki osoa ezabatuko da.\n\nOharra: Ezabatuko den partizioaren eduki guztiak ezkutuko sistemaren partziora kopiatu dira. + KONTUZ: Ohartu zaitez, adibidez, 3 pasatzeko ezabatze modua aukeratzen baduzu, partizioa/unitatea zifratzeko behar den denbora 4 aldiz luzeagoa izango da. Beste adibide bat, 35 pasatzeko ezabatze modua aukeratzen baduzu 36 aldiz denbora gehiago behar izango du (asteak eman ditzake).\n\nHala ere, kontutan izan ezazu ezabatze prozesua EZ dela egingo partizioa/unitatea guztiz zifratuta egon eta gero. Partizio/unitatea guztiz zifratuta dagoenean, ez da bertan zifratu gabeko daturik idatziko. Idazten diren datu guztiak, lehendabizi memorian bertan zifratuko dira eta gero zifratutako datuak diskan idatziko dira (beraz errendimenduan EZ du eraginik izango).\n\nZiur zaude ezabatze modu hori erabili nahi duzula? + Ezer (azkarrena) + pasatze-1 (ausazko datuak) + 3-pasatze (US DoD 5220.22-M) + 7-pasatze (US DoD 5220.22-M) + 35-pasatze ("Gutmann") + 256-pasatze + Sistema Eragile Kopurua + KONTUZ: Esperientziarik gabeko erabiltzaileek ez lirateke Windows zifratzen saiatu behar hasieraketa-anitzeko konfigurazioekin.\n\nJarraitu? + Ezkutuko sistema eragile bat sortu/erabiltzerakoan, VeraCrypt-ek abiaketa-anitza hurrengo kasuetan onartzen du bakarrik :\n\n- Orain martxan dagoen sistema eragilea abiatze unitatean instalatuta egon behar du, eta bertan dagoen sistema eragile bakarra izan behar du.\n\n- Beste unitateetan dauden sistema eragileek ezin dute martxan dagoen sistema eragilearen unitatean dagoen hasieraketa kargatzailea erabili.\n\nGoiko kondizioak betetzen al dira? + TryeCrypt-ek ezu du abiatze anitz konfigurazio hau onartzen ezkutuko sistema eragilea sortu edo erabiltzerakoan. + Abiatze Unitatea + Orain martxan datoen sistema eregilea hasieraketa unitatean instalatuta al dago?\n\nOharra: batzuetan Windows ez dago Windows hasieraketa kargatzailearen partizio berean instalatuta (hasieraketa partizioa). Kasu hori gertatzen bada, 'Ez' aukeratu. + Momentuz VeraCrypt-ek ez du onartzen abiatzen den unitatean instalatuta ez dagoen sistema eragile bat zifratzea. + Sistemaren Unitate Kopurua + Zenbat unitate sistema eragilea daukate?\n\nOharra: Adibidez, unitate nagusian edozein sistema eragile (adib.: Windows, Mac OS X, Linux e.a.) instalatuta baduzu eta beste edozein unitate batean sistema eragile bat instalatuta badago, '2 edo gehiago' aukeratu ezazu. + VeraCrypt-ek ez du onartzen unitate osoa zifratzea sistema eragile bat baino gehiago dituzten unitateetan.\n\nKonpoketak:\n\n- Sistemetako bat zifratu dezakezu atzera bazoaz eta sistemaren partizioa zifratzea aukeratzen baduzu (sistemaren unitate osoa zifratu ordez).\n\n- Unitate osoa zifratu ahal izango duzu sistema batzuk beste unitate batzuetara mugitu eta sistema bakarra uzten baduzu zifratu nahi duzun unitatean. + Sistema Anitzak Unitate Bakarrean + Beste sistema eragilerik instalatuta al dago orain martxan dagoen sistema eragilea instalatuta dagoen unitatean?\n\nOharra:Adibidez, orain martxan dagoen sistema eragilea #0 unitatean instalatuta badago, zein partizio bat baino gehiago daukan, eta partizio horietako bat Windows badauka eta beste partizio bat beste edozein sistema eragilea badauka (adib. Windows, Mac OS X, Linux, etc.), 'Bai' aukeratu ezazu. + Windows ez den Hasieraketa Kargatzailea + Windowsekoa ez den hasieraketa kargatzailea (edo kudeatzailea) hasieraketa erregistro nagusian (MBR) instalatuta al dago?\n\nAdibidez, hasieraketa unitatearen hasieran GRUB, LILO, XOSL edo bestelako Windowsekoak ez diren hasieraketa kudeatzailerik (edo kargatzailerik) badago, 'Bai' aukeratu ezazu. + Abiatze-Anitza + VeraCrypt-ek ez ditu onartzen hasieraketa anitzeko konfigugurazioak hasieraketa erregistro nagusian (MBR) Windowsekoa ez den hasieraketa kargatzaile bat instalatuta badago.\n\nIrtenbideak:\n\n- Hasieraketa kudeatzaile bat erabiltzen baduzu Windows eta Linux habiatzeko, hasieraketa kudeatzailea (normalean, GRUB) hasieraketa erregistro nagusitik (MBR) partizio batera mugitu ezazu. Ondoren laguntzaile hau berriz abiatu ezazu eta sistemaren partizio/unitatea zifratu ezazu. Ohartu zaitez VeraCrypt Hasieraketa Kargatzailea lehen mailako hasieraketa kudeatzailea bihurtuko dela eta hasieraketa kudeatzaile originala (adib. GRUB) abiatzen utziko dizula bigarren mailako hasieraketa kudeatzaile bat bezala (Esc salatuz VeraCrypt Hasieraketa Kargatzailearen lehioan) eta hortik Linux abiatu ahal izango duzu.. + Martxan dagoen sistema eragilea hasieraketa partizioan instalatuta badago, orduan, zifratu eta gero, pasahitz zuzena sartu behar izango duzu nahiz eta zifratu gabeko beste edozein Windows sistema abiatu nahi izan (zifratutako Windows hasieraketa kargatzaile/kudeatzaile bera erabiltzen dutelako).\n\nBeste aldetik, martxan dagoen sistema eragilea hasieraketa partizioan instalatuta ez badago (edo Windows hasieraketa kargatzaile/kudeatzailea hark bakarrik erabiltzen badu), orduan, sistema hau zifratu eta gero, zifratu gabeko beste sistemetara sartzeko ez duzu pasahitz zuzena sartu behar izango. Bakarrik 'Esc' tekla sakatuz zifratu gabeko sistema abiatuko da (zifratu gabeko sistema anitz badaude, baita ze sistema abiatu nahi duzun aukeratu behar izango duzu VeraCrypt Hasieraketa Kudeatzailearen menuan).\n\nOharra: Ohikoena, lehendabizi instalatu zen Windows sistema hasieraketa partizioan instalatuta dagoena izaten da. + Ostalariak Babestutako Gunea-ren Zifraketa + Unitate askoren bukaeran, normalean sistema eragilearentzat ezkutuan dagoen gune bat egoten da (gune horiei Ostalariak Babestutako Guneak deritze). Hala ere, programa batzuk gune horietan datuak idatzi eta irakurri ditzakete.\n\nKONTUZ: Zenbait ordenagailu ekoizleek gune horiek RAID-arentzat, sistema leheneratzeko, sistema konfiguratzeko, diagnosia egiteko eta beste asmoetarako datu eta tresnak gordetzeko erabiltzen dituzte. Datu edo tresna horiek abiatu aurretik eskuragarri egon behar badira, ezkutuko gunea EZ da zifratuko (goian 'Ez' aukeratu ezazu).\n\nVeraCrypt-ek unitatearen bukaeran dagoen ezkutuko gune hori aurkitu eta (baldin badago) zifratzea nahi al duzu?? + Sistemaren Zifratze Mota + Aukera hay hautatu ezazu bakarrik sistemaren partizioa edo sistemaren unitate osoa zifratu nahi baduzu. + Gerta liteke norbaitek sistema eragilea argitzera behartzea. Badaude egoera asko ezin duzula ezetz esan (adibidez,txantaila batengatik). Aukera hau hautatzen baduzu, ezkutuko sistema eragile bat sortuko duzu zeinen esistentzia frogatzea ezinezkoa izango da (ematen diren jarraibideak ondo jarraituz gero). Ondorioz, ez duzu ezkutuko sistema eragilearen pasahitzik eman behar ezta argitu behar izango. Azalpen luzeago bat nahi baduzu, azpian dagoen estekan klik egin ezazu. + Gerta liteke norbaitek sistema eragilea argitzera behartzea. Badaude egoera asko ezin duzula ezetz esan (adibidez,txantaila batengatik).\n\nLaguntzeile hau erabiliz, ezkutuko sistema eragile bat sortuko duzu zeinen esistentzia frogatzea ezinezkoa izango da (ematen diren jarraibideak ondo jarraituz gero). Ondorioz, ez duzu ezkutuko sistema eragilearen pasahitzik eman behar ezta argitu behar izango. + Ezkutuko Sistema Eragilea + Hurrengo pausoetan, bi VeraCrypt bolumen sortuko dituzu (kanpokoa eta ezkutukoa) sistemaren partizioaren atzean dagoen lehendabiziko partizioan. Ezkutuko bolumenak ezkutuko sistema eragilea (SE) ostatuko du. VeraCrypt-ek ezkutuko SE sortuko du sistemaren partizioaren (orain martxan dagoen SE instalatuta dagoena) edukiak ezkutuko bolumenera kopiatuz. Kanpoko bolumenean, garrantzitsuak diruditen baina benetan ezkutatu nahi EZ dituzun fitxategi batzuk kopiatu itzazu. Hauek hor egongo dira baldin eta norbaitek ezkutuko SE-aren partizioaren pasahitza ematera behartzen bazaitu. Ezkutuko SE-aren partizioan dagoen kanpoko bolumenaren pasahitza eman dezakezu (ezkutuko SE sekretupean jarraituko da).\n\nBukatzako, orain martxan dagoen SE-aren partizioan, SE berria instalatuko duzu, SE amua deritzona, eta zifratuko duzu. Honek ezin ditu datu garrantzitsuak izan eta hor egongo da norbaitek hasieraketa aurreko pasahitza ematera beharten bazaitu. Guztira, hiru pasahitz egongo dira. Horietako bi eman daitezke (SE amuarena eta kanpoko bolumenarena). Hirugarrena erabiltzen baduzu, ezkutuko SE-a abiatuko da. + Ezkutuko sektoreak bilatzen + Mezedez, itxaron VeraCrypt-ek sistemaren unitatearen bukarean ezkutuko sektoreak bilatzen dituen bitartean. Ohartu zaitez denbora luzea eman dezakela.\n\nOharra: Kasu oso arraro batzuetan, ordenagailu batzuetan, sistemak ez du erantzungo bilaketa prozesua irauten duen bitartean. Hau gertatzen bada, ordenagailua berrabiatu, VeraCrypt hasi, aurreko pausoak errepikatu baina detektatze prozesua ez egin. Ohartu zaitez arazo hau ez dela VeraCrypt-en akats batek sortua. + Zifratzeko gunea + Aukera hau hautatu ezazu orain martxan dagoen Windows sistemaren diska osoa zifratun nahi baldin baduzu. Diska osoa, bere partizio guztiekin zifratu egingo da lehendabiziko pista izan ezik, non TrueCryp-en Hasieraketa Kargatzailea egongo baita. Diskan instalatuta dagoen sistema edo dauden fitxategiaetan sartu nahi duen edonork, lehendabizi, sistema hasi aurretik sartzen den bakoitzean, pasahitz zuzena sartu behar izango du. Aukera hau ezin da erabili diska lagungarri edo kanpokoak badira eta Windows ez badago bertan instalatuta eta ez bada bertatik hasieratzen. + Ausazko datuak biltzen + Gakoak sortu dira + VeraCrypt-ek ez du zure ordenagailura konektatuta dauden CD/DVDak idazteko gailurik aurkitu. VeraCrypt-ek CD/DVD idazteko gailu bat behar du abiatu daitekeen VeraCrypt Salbatze Diska sortzeko, zeinek zifratzeko gakoen babeskopia, VeraCrypt hasieraketa kargatzailea, sistemaren kargatzaile originala e.a. duen.\n\nGogor gomendatzen dugu VeraCrypt Salbatze Diska CD/DVD batean idaztea. + Ez daukat CD/DVDak idazteko gailurik baina ISO Salbatze Diska gailu eramangarri batean (adbib. USB memoria gailu batean) gordeko dut. + CD/DVDak idazteko gailua beranduago konektatuko dut ordenagailura. Prozesua orain bukatu. + CD/DVDak idazteko gailua ordenagailura konektatuta dago. Jarraitu eta Salbatze Diska idatzi. + Mesedez hurerngo pausoak jarraitu itzazu:\n\n1) Gailu eramangarria konektatu ezazu ordenagailura, USB flash memoria gailu bat adibidez.\n\n2) VeraCrypt Salbatze Diskaren irudiaren fitxategia (%s) gailu eramangarrira kopiatu ezazu.\n\nEtorikizunean VeraCrypt Salbatze Diska erabili behar baldin baduzu, gailu eramangarria (VeraCrypt Salbatze Diskaren irudia daukala) CD/DVD-ak idaztego gailua daukan ordenagailu batera eta bertan abiatu daitekeen VeraCrypt Salbatze Diska bat sortu irudia CD edo DVD batean idatziz. GARRANTZITSUA: Ohartu zaitez VeraCrypt Salbatze Diskaren irudi fitxategia ISO diska irudi bat bezela idatzi behar dela CD/DVDan (ez fitxategi bat bezala). + Salbatze Diska Grabatzen + Salbatze Diska Sortu Da + Sistemaren Zifratzearen aurreproba + Salbatze Diska Egiaztatuta + \nSalbatze diska arrakastaz egiaztatu da. Orain diska atera eta toki seguru batean gorde ezazu.\n\nHurrengoa clikatu jarraitzeko. + KONTUZ: Hurrengo pausoetan VeraCrypt-en salbatze diska ezin da unitatean egon. Bestela, ezin izango da hurrengo pausoak arrakastaz egin.\n\nMesedez, diska unitatetik atera eta toki seguru batean gorde ezazu. Gero Ados sakatu. + Kontuz: hasieraketa aurreko ingurunearen muga teknikoengatik, hasieraketa aurreko ingurunean (hau da, Windows abiatu baino lehen) agertzen diren testuak ezin dira itzulita agertu. VeraCrypt Hasieraketa Kargatzailearen interfaze guztia ingelesez dago.\n\nJarraitu nahi? + Sistemaren partizsioa edo unitatea zifratu aurretik, VeraCrypt-ek dena ondo dabilela egiaztatu bahar du.\n\n'Probatu' sakatu eta gero, beharrezkoak diren osagai guztiak (adibidez, hasieraketa aurreko kautotze osagaia, hau da, VeraCrypt Hasieraketa Kargatzailea) instalatuko dira eta zure ordenagailua berrabiatuko da. Ondoren Windows abiatu baino lehenago agertuko den VeraCrypt Hasieraketa Kargatzeilearen lehioan zure pasahitza sartu beharko duzu. Windows abiatu eta gero, automatikoki aurre probaren emaitzen berri izango duzu.\n\nHurrengo unitatea aldatu egingo da: #%d unitatea\n\n\nOrain 'Utzi' sakatzen baduzu, ez da ezer instalatuko eta aurreproba ez da egingo. + OHAR GARRANTZITSUAK -- MESEDEZ, IRAKURRI EDO INPRIMATU ('Inprimatu' klikatu):\n\nOhartu zaitez ez dela fitxategirik zifratuko ordenagailua berrabiatu eta Windows hasi aurretik. Hortaz, zerbait gaizki badoa, zure datuak EZ dira galduko. Hala ere, zerbait gaizki badoa, Windows hasieratzeko zailtasunak eduki ditzazkezu. Horregatik, mesedez, hurrengo jarraibideak irakurri (edo, ahal bada, inprimatu) itzazu zer egin jakiteko ordenagailua berrabiatu eta gero Windows ezin bada hasi.\n\n + Zer Egin Windows Ezin Bada Abiatu\n------------------------------------------------\n\nOharra: jarraibide hauek bakarrik zifratzen hasi ez bazara balio dute.\n\n- Windows abiatzen ez bada pasahitz zuzena sartu eta gero (edo pasahitz zuzena behin baino gehiagotan ondo sartu baino VeraCrypt-ek pasahitza oker dagoela esaten badizu), ez zaitez izutu. Ordenagailua berrabiatu ezazu (korrontea kendu eta piztu), eta VeraCrypt Hasiera Kargatzailearen lehioan, zure teklatuko Esc tekla sakatu ezazu (eta sistema anitzak badituzu aukeratu ezazu zein abiatu). Orduan Windows abiatu beharko liteke (zifratuta baldin ez badago) eta VeraCrypt-ek automatikoki galdetu behar dizu hasieraketa aurreko kautotze osagarria desinstalatu nahi al duzun. Ohartu zaitez aurreko pausoek EZ dabiltzatela sistemaren partizio/unitatea zifratuta badago (inork ezin du Windows abiatu edo unitateko datu zifratuak irakurri pasahitz zuzenik gabe, nahiz eta aurreko pausuak jarraitu izana).\n\n + - Aurreko pausoek laguntzen ez badute edo VeraCrypt Hasieraketa Kargatzailearen lehioa agertzen ez bada (Windows hasi aurretik), VeraCrypt Salbatze Diska CD/DVD unitatean sartu ezazu eta ordenagailua berrabiatu ezazu. VeraCrypt Salbatze Diskaren lehioa agertzen ez bada (edo 'Konponketa Aukerak' aukera 'Teklatu Krontrolak' gunean ikusten ez bada VeraCrypt Salbatze Diskaren lehioan), gertatu daiteke zure BIOSa disko gogorrak CD/DVD unitateak baino lehenago abiatzeko konfiguratuta egotea. Hori gertatzen bada, zure ordenagailua berrabiatu ezazu F2 edo Ezabatu sakatu ezazu (BIOSa abiatzen ari delaren lehioa ikusi bezain laister), eta BIOSa konfiguratzeko lehioa agertzen den arte itxaron ezazu. BIOSa konfiguratzeko lehiorik agertzen ez bada, ordenagailua berriz berrabiatu ezazu eta F2 eta Ezabatu teklak behin eta berriro sakatu itzazu ordenagailua abiatu bezain laister. BIOSa konfiguratzeko lehioa agertzen denean, BIOSa konfiguratu ezazu lehendabizi CD/DVD unitatetik abiatu dadin (hau egiteko informazioa behar baduzu, zure BIOS/Oinarrizko Plaka-ren dokumentazio irakurri ezazu edo zure ordenagailuaren saltzailearen laguntza serbitzura jo ezazu). Ondoren zure ordenagailua berrabiatu ezazu. VeraCrypt Salbatze Diskaren lehioa agertu beharko litzateke orain. True Crypt Salbatze Diskaren Lehioan, 'Konponketa Aukerak' hautatu ezazu zure teklatuan F8 sakatuz. 'Konponketa Aukerak' menuan 'Sistemaren Kargatzaile Originala Leheneratu' aukeratu ezazu. Ondoren VeraCrypt Salbatze Diska CD/DVD unitatetik kendu ezazu eta ordenagailua berrabiatu ezazu. Windows normalki abiatu beharko liteke (zifratuta baldin ez badago).\n\n + Ohartu zaitez aurreko pausoak EZ direla ibiliko sistemaren partizio/unitatea zifratuta badago (inork ezin du Windows abiatu edo unitatean dauden datu zifratuak irakurri pasahitz zuzena gabe nahiz eta aurreko pausoak jarraitu dituen).\n\n\nOhartu zaitez erasotzaile batek zure VeraCrypt Salbatze Diska aurkitzen badu ere, EZ dela gai izango sistemaren partizioa edo unitatea argitzeko pasahitz zuzena gabe. + Aurre-proba Bukatuta + Aurre-proba arazorik gabe bukatu da.\n\nKONTUZ: Argindarra bat-batean mozten bada bertan zifraketa egiten den bitartean, edo sistema eragileak errore bat ematen badu software edo hardware akats batengatik bertan zifraketa egiten den bitartean, datu zatiak hondatu edo galduko dira. Horregatik, zifratzen hasi aurretik, ziurtatu zaitez zifratu nahi dituzun fitxategien babeskopiak dituzula. Ez badituzu, mesedez, haien babeskopiak orain egin itzazu ('Atzeratu' sakatu dezakezu, fitxategien babeskopia egin, eta ondoren, edozein momentutan berriz VeraCrypt abiatu eta 'Sistema' > 'Etendako Prozesua Jarraitu' aukeratu zifratze prozesuarekin jarraitzeko).\n\nPrest zaudenean 'Zifratu' klikatu ezazu zifratzen hasteko. + Edozein momentutan Eten edo Atzeratu botoiak klikatu ditzakezu zifratze edo argitze prozesua eteteko, laguntzaile honetatik irten, ordenagailua iztali edo berrabiatu eta, ondoren, prozesua jarraitu, hau automatikoki gelditu zen tokitik jarraituko du. Sistemak edo aplikazioak sistemaren unitatean datuak irakurri edo idazterakoan mantxotze bat gerta ez dadin, VeraCrypt-ek automatikoki itxaroten du datuak idatzi edo irakurtzen diren arte (goian dagoen Egoera begiratu ezazu) eta ondoren automatikoki zifratzen edo argitzen jarraituko du. + \n\nEdozein momentutan Eten edo Atzeratu klikatu dezakezu zifratze prozesua eteteko, laguntzaile honetatik irten, zure ordenagailua itzali edo berrabiatu, eta ondoren prozesuarekin jarraitu, honek eten zen puntutik jarraituko du. Ohartu zaitez bolumena ezin izango dela muntatu guztiz zifratuta dagoen arte. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Ezkutuko Sistema Hasi da + Jatorrizko Sistema + Windowsek (normalean erabiltzailearen ezagutza eta baimenik gabe) log fitxategi, behin behineko fitxategiak e.a. sistemaren partizioan sortzen ditu. Horretaz gain RAM memoriaren edukia gordetzen du hibernatzerakoan eta baita sistemaren partizioan dauden paginatze fitxategiak ere. Horregatik, arerio batek sistema originalean (noren ezkutuko sistema klon bat den) dauden fitxategiak arakatzen baditu, VeraCrypt laguntzailea ezkutuko sistema sortzeko moduan erabili zela jakin dezake (eta horrek ezkutuko sistema eragile bat esistitzen delaren seinale izan daiteke).\n\nArazo horiek eragozteko, hurrengo pausoetan VeraCrypt-ek sekurtasunez ezabatuko du sistema originala ostatzen duen partizioa. Hori eta gero, ezeztapen onargarria lortzeko, sistema berri bat instalatu eta zifratu beharko duzu. Horrekin sistema amua sortuko duzu eta sistema eragile ezkutua sortzeko prozesua bukatuta egondo da. + Ezkutuko sistema eragilea sortu egin da. Hala ere, erabiltzen hasi baino lehen (eta ezeztapen onargarria lortzeko), oraingo sistema eragilea dagoen partizioare eduki guztiak sekurtasunez (VeraCrypt erabiliz) ezabatu behar dituzu. Hori egin aurretik, zure ordenagailue berrabiatu behar duzu eta, VeraCrypt-en Hasieraketa Kargatzailearen pantailan (Windows hasi aurretik hasten dena), ezkutuko sistema eragilearen hasieraketa aurreko kautotze pasahitza sartu. Ezkutuko sistema hasti eta gero, TrueCryp-en laguntzailea automatikoki executatuko da.\n\nOhartu zaitez ezkutuko sistema eragilearen sorkunde prozesua orain bertan behera uzten baduzu EZ zarela prozesua jarraitzeko gai izango eta EZIN izango zarela ezkutuko sistema eragilean sartu (VeraCrypt-en Hasieraketa Kargatzailea ezabatu egingo delako). + Ezkutuko sistema eragilearen sorrera programatu duzu. Prozesua ez da oraindik bukatu. Bukatzeko, ordenagailua berrabiatu behar duzu eta, VeraCrypt Hasieraketa Kargatzailearen lehioan (Windows hasi aurretik agertzen dena), ezkutuko sistema eragilearen pasahitza sartu ezazu.\n\nOharra: Orain ezkutuko sistema eragilea sortzeko prozesua amaitzen baduzu, EZINGO duzu prozesua jarraitu. + Ordenagailua berrabiatu eta egin + Ezkutuko sistema eragilea sortzeko prozesua betirako gelditu + Ez egin ezer orain eta geroago galdetu + \nPOSIBLE BADA, TESTU HAU INPRIMATU (behean dagoen 'Inprimatu' sakatu)\n\n\nNoiz eta Nola erabili VeraCrypt-en Salbatze Diska (Zifratu eta Gero)\n-----------------------------------------------------------------------------------\n\n + I. Nola Abiatu VeraCrypt Salbatze Diska\n\nVeraCrypt Salbatze Diska abiatzeko, zure CD/DVD unitatean sartu ezazu eta ordenagailua berrabiatu ezazu.VeraCrypt Salbatze Diskaren lehioa agertzen ez bada (edo 'Konponketa Aukerak' aukera 'Teklatu Kontrolak' gunean ikusten ez bada VeraCrypt Salbatze Diskaren lehioan), gertatu daiteke zure BIOSa disko gogorrak CD/DVD unitateak baino lehenago abiatzeko konfiguratuta egotea. Hori gertatzen bada, zure ordenagailua berrabiatu ezazu F2 edo Ezabatu sakatu ezazu (BIOSa abiatzen ari delaren lehioa ikusi bezain laister), eta BIOSa konfiguratzeko lehioa agertzen den arte itxaron ezazu. BIOSa konfiguratzeko lehiorik agertzen ez bada, ordenagailua berriz berrabiatu ezazu eta F2 eta Ezabatu teklak behin eta berriro sakatu itzazu ordenagailua abiatu bezain laister. BIOSa konfiguratzeko lehioa agertzen denean, BIOSa konfiguratu ezazu lehendabizi CD/DVD unitatetik abiatu dadin (hau egiteko informazioa behar baduzu, zure BIOS/Oinarrizko Plaka-ren dokumentazio irakurri ezazu edo zure ordenagailuaren saltzailearen laguntza serbitzura jo ezazu). Ondoren zure ordenagailua berrabiatu ezazu. VeraCrypt Salbatze Diskaren lehioa agertu beharko litzateke orain. Oharra: VeraCrypt Salbatze Diskaren lehioan, 'Konponketa Aukerak' aukeratu dezakezu zure teklatuaren F8 tekla sakatuz.\n\n\n + II. Noiz eta nola erabili VeraCrypt-en Salbatze Diska (Zifratu eta gero)\n\n + 1) VeraCrypt Hasieraketa Kargatzailearen lehioa ordenagailua abiatu eta gero agertzen ez bada (edo Windows abiatzen ez bada), VeraCrypt Hasieraketa Kargatzailea hondatuta egon daiteke. VeraCrypt Salbatze Diska hau konpontzen du eta zifratutako sistema eta datuetara heltzeko bidea ematen dizu (hala ere, ohartu zaitez edozein modutan pasahitz zuzena sartu beharko duzula). Salbatze Diskaren lehioan 'Konponketa Aukerak' > 'VeraCrypt Hasieraketa Kargatzailea leheneratu' aukera hautatu ezazu. Gero 'Y' sakatu ezazu ados egoteko, ondoren Salbatze Diska zure CD/DVD unitatetik atera eta ordenagailua berrabiatu ezazu.\n\n + 2) Pasahitz zuzena behin baino gehiagotan sartzen baduzu baina VeraCrypt-ek pasahitza zuzena ez dela esaten badizu, gako nagusia edo beste ezinbesteko daturen bat hondatuta egon daiteke. VeraCrypt Salbatze Diskak hauek leheneratzen uzten dizu eta, ondorioz, zifratutako sistema eta datuetara sartzeko aukera (modu honetan ere pasahitz zuzena sartu behar izango duzu). Salbatze Diskaren lehioan, 'Konponketa Aukerak' > 'Gakoaren Datuak Leheneratu' aukeratu ezazu. Ondoren zure pasahitza sartu, 'Y' sakatu ezazu ekintza baieztatzeko, Salbatze Diska zure CD/DVD unitatetik atera eta zure ordanagailua berrabiatu ezazu.\n\n + 3) VeraCrypt Hasieraketa Kargatzailea hondatuta badago, hura exekutatzeaz eragotzi ahal duzu zuzenean VeraCrypt Salbatze Diskarekin abiatuz. VeraCrypt salbatze diska zure CD/DVDan sartu ezazu eta Sablatze Diskaren Pantallan zure pasahitza sartu ezazu.\n\n + 4) Windows hondatuta badago eta ezin bada abiatu, VeraCrypt-en Salbatze Diskak Windows asi aurretik partizioa/unitatea betirako argitzeko aukera ematen dizu. Salbatze Diskaren lehioan, horretarako 'Konponketa Aukerak' > 'Sistemaren Partizio/Unitatea Betirako Argitu' aukeratu ezazu. Ondoren pasahitz zuzena sartu eta argitze prozesua bukatzen den arte itxaron ezazu. Orduan, adibidez, Windows-en CD/DVD-arenkin abiatu eta zure Windows instalazioa konpondu dezakezu.\n\n + Oharra: Alternatiboki, Windows hondatuta badago (ezin bada abiatu) eta konpontu behar baduzu (edo bertan dauden fitxategietara heldu), sistemaren partizioa/unitatearen argitze prozesua eragotzi dezakezu ondorengo pausoak jarraituz: Sistema eragile bat baino gehiago instalatuta baldin baduzu, hasieraketa aurreko kautotzerik behar ez duen bat abiatu ezazu. Zure ordenagailuan sistema eragile bakarra instalatuta baldin baduzu, WinPE edo BartPE CD/DVD bat abiatu dezakezu edo bestela zure sistemaren unitatea beste ordenagailuan bigarren mailako edo kanpoko unitate bat bezala instalatu dezakezu eta gero ordenagailuaren sistema eragilea abiatu. Sistema bat aabiatu eta gero, VeraCrypt abiatu, eta 'Gailua Aukeratu'-n klik egin ezazu, hondatutako partizioa aukeratu ezazu, 'Ados' sakatu, 'Sistema' > 'Hasieraketa Kautotzerik Gabe Muntatu' aukeratu, zure hasieraketa haurreko kautotze pasahitza sartu eta 'Ados' sakatu. Partizioa ohiko VeraCrypt bolumen bat bezala muntatuko da (datuak RAM memorian bertan zifratu eta argituko dira, ohi bezala).\n\n\n + Ohartu zaitez nahiz eta VeraCrypt-en Salbatze Diska galdu eta erasotzaile batek aurkitu, bera EZ da gai izango sistemaren partizioa/unitatea argitzeko pasahitz zuzena izan gabe.. + \n\nG A R R A N T Z I T S U A -- MESEDEZ, AHAL BADUZU TESTU HAU INPRIMATU (beheko 'Inprimatu' sakatu)\n\n\nOharra: Testu hau automatikoki agertuko da ezkutuko sistema abiatzen duzun bakoitzean sistema amua sortzen hasten zaren arte.\n\n\n + Nola Sortu Sistema Amu Bat Sekurtasunez\n----------------------------------------------------------------------------\n\nEzeztapen onargarria lortzeko, orain sistema eragile amu bat sortu behar duzu. Hori egiteko, hurrengo pausoak jarraitu itzazu:\n\n + 1) Sekurtasun arrazoiengatik, ordenagailua itzali ezazu eta minutu batzuk itzalita utzi ezazu (hainbat eta denbora gehiago, hobeto). Hau memoria ezabatzeko beharrezkoa da, zeinek datu garrantzitsuak dituen. Ondoren ordenagailua piztu ezazu baina ez ezazu ezkutuko sistema abiatu.\n\n + 2) Windows instalatu ezazu bere edukiak ezabatuko diren partizioan (hau da, sistema originala zegoen partizioa, zeinena ezkutuko sistema klon bat den).\n\nGARRANTZITSUA: SISTEMA AMUA INSTALATZEN HASTEN ZARENEAN, *EZINGO* DA EZKUTKO SISTEMA ABIATU (VeraCrypt-en Hasieraketa Kargatzailea Windows sistemaren instalatzaileak ezabatuko duelako). HAU NORMALA ETA AURREIKUSITA DAGO. EZ ZAITEZ IZUTU. EZKUTUKO SISTEMA ABIATU AHAL IZANGO DUZU SISTEMA ERAGILE AMUA ZIFRATZEN HASI BEZAIN LAISTER (VeraCrypt-ek automatikoki VeraCrypt-en Hasieraketa Kargatzailea instalatuko duelako sistemaren unitatean).\n\nGarrantzitsua: Sistema amuaren eta ezkutuko boluemaren tamainek berdinak izaten jarraitu behar dute (kondizio hau orain betetzen da). Gainera, ezin duzu partiziorik sortu sistema eragile amuaren eta ezkutuko sistema ostatzen duen partizioaren artean.\n\n + 3)Sistema amua abiatu ezazu (bigarren pausoan instalatu zenuena) eta bertan VeraCrypt instalatu ezazu.\n\nOhartu zaitez sistema amua ez duela inoiz datu pribaturik izan behar.\n\n + 6) Sistema amuan, VeraCrypt abiatu eta 'Sistema' > 'Sistemaren Partizioa/Unitatea Zifratu' aukeratu ezazu. VeraCrypt Bolumenak Sortzeko Laguntzailearen lehioa agertu bharko liteke.\n\nHurrengo pausoak VeraCrypt Bolumenak Sortzeko Laguntzailean eman behar dira.\n\n + 5) VeraCrypt Bolumenak Sortzeko Laguntzailean, ez ezazu 'Ezkutuko' aukera hautatu. 'Ohikoa' aukera hautatu eta 'Hurrengoa' sakatu.\n\n + 6)'Windows sistemaren partizioa zifratu' aukera hautatu ezazu eta 'Hurrengoa' sakatu.\n\n + 7)Ordenagailu honetan bakarrik ezkutuko sistema eragilea eta sistema ergile amua badaude, 'Hasieraketa Bakarra' aukera hautatu ezazu (ordenagailuan bi sistema hauek baino gehiago instalatuta badituzu, 'Hasieraketa Anitza' hautatu. Gero 'Hurrengoa' sakatu.\n\n + 8) GARRANTZITSUA: Pausu honetan, SISTEMA AMUARENTZAT, EZKUTUKO SISTEMARENTZAT AUKERATU ZENUEN ZIFRATZE ETA HASH ALGORITMO BERDINAK AUKERATU BEHAR DITUZU! BESTELA EZKUTUKO SISTEMARA EZINGO ZARA SARTU! Beste hitzetan, sistema amua ezkutuko sistemaren zifratze algoritmo berdinarekin zifratu behar da. Oharra: Honen arrazoia sistema amua eta ezkutuko sistema hasieraketa kargatzaile bera, zein erabiltzaileak aukeratutako algoritmo bakar bat onartzen duen (algoritmo bakoitzarentzat VeraCrypt Hasieraketa Kargatzailearen bertsio bat dago), erabiliko dutelako da.\n\n + 9) Pausu honetan, sistema eragile amuaren pasahitza aukeratu ezazu. Arerio batek hasieraketa aurreko kautotze pasahitza ematera behartzen badizu, pasahitz hau eman diezaiokezu (eman dezakezun beste pasahitza kanpoko bolumenarena da). Hirugarren pasahitzaren esistentzia (hau da, ezkutuko sistema eragilearen hasieraketa aurreko kautotze pasahitza) sekretupean jarraituko du.\n\nGarrantzitsua: Sistema amuarentzat akeratzen duzun pasahitzsa ezktutuko bolumenaren pasahitzarekin (hau da, ezkutuko sistema eragilearena) ezberdintasun asko izan behar ditu.\n\n + 10) Laguntzailearen hurrengo aginduak jarraitu itzazu amu-sistema eragilea zifratzeko.\n\n\n\n + Sistema Amua Sortu Eta Gero\n------------------------------------------------\n\nSistema amua zifratu eta gero, ezkutuko sistema eragilea sortzeko prozesu guztia bukatuta egongo da eta ondorengo hiru pasahitzak erabili ahal izango dituzu:\n\n1) Ezkutuko sistema eragilearen asieraketa aurreko kautotze pasahitza.\n\n2) Sistema eragile amuaren hasieraketa aurreko kautotze pasahitza.\n\n3)Kanpoko bolumenaren pasahitza.\n\n + Ezkutuko sistema eragilea abiatu nahi baldin baduzu, VeraCrypt Hasieraketa Kargatzailearen lehioan (ordenagailua piztu edo berrabiatu eta gero agertzen dena) ezkutuko sistema eragilearen pasahitza sartu behar duzu.\n\nSistema eragilie amua abiatu nahi baduzu, VeraCrypt Hasieraketa Kargatzailearen lehioan sistema eragile amuaren pasahitza sartu behar duzu.\n\nNorbaitek hasieraketa aurreko kautotze pasahitza ematera behartzen bazaitu sistema eragile amuaren pasahitza eman diezaiokezu. Ezkutuko bolumena (eta ezkutuko sistema eragilea) sekretupean jarraituko du.\n\n + Hirugarren pasahitza (kanpoko bolumenarena) norbaitek sistemaren partizioaren atzean dagoen lehendabiziko partizioaren, non kanpoko bolumena eta ezkutuko bolumena (ezkutuko sistema eragilea ostatzen duena) dauden, pasahitza ematera behartzen bazaitu hau eman diezaiokezu. Ezkutuko bolumena (eta ezkutuko sistema eragilea) sekretupean jarraituko du.\n\n\n + Sistema eragile amuaren pasahitza arerio bati eman eta honek sistema amuaren partizioaren zati hutsean dauden ausazko datuen zergatia galdetzen badizu, adibidez, ondorengo hau erantzun zenzake: "Partizioak VeraCrypt-ek zifratutako sistema bat zeukan baina hasieraketa aurreko kautotze pasahitza ahaztu nuen (edo sistema hondatuta zegoen eta ez zen abiatzen), beraz Windows berrinstalatu eta partizioa berriro zifratu behar izan nuen."\n\n\n + Jarraibide guztiak bete badira eta VeraCrypt-en Erabiltzaile Gidaren "Ezkutuko Bolumenentzako Sekurtasun Baldintzak eta Neurriak" kapituloko baldintzak bete badira, ezinezkoa izango da ezkutuko bolumena eta ezkutuko sistema eragilea esistitzen direla frogatzea, nahiz eta kanpoko bolumena muntatuta egon edo sistema eragile amua argitu edo abiatu bada.\n\nTestu honen kopia bat gorde edo inprimatzen baduzu (hau gogor gomendatzen da, zure inprimagailuak inprimitzen dituen dokumentuen kopia bere barneko memorian gordetzen ez baditu), sistema eragile amua sortu eta testu honetan dagoen informatzio guztia ulertu eta gero kopia horiek suntsitu beharko zenituzke (bestela, kopia hori aurkituko balitz, ordenagailu honetan ezkutuko sistema eragile bat dagoelaren susmoa eman dezake).\n\n + KONTUZ: EZKUTUKO BOLUMENA BABESTEN EZ BADUZU (hau egiteko informazioa nahi baduzu, VeraCrypt Erabiltzaile Gidaren "Kalteen Aurkako Babesa Ezkutuko Bolumenetan" atala irakurri ezazu), EZ EZAZU KANPOKO BOLUMENEAN IDATZI (ohartu zaitez sistema eragile amua EZ dagoela kanpoko bolumenean instalatuta). BESTELA, EZKUTUKO BOLUMENAREN GAINEAN IDATZI DEZAKEZU ETA HURA KALTETU (ETA BERE BARRUAN DAGOEN SISTEMA ERAGILEA)! + Sistema Eragilearen Klonazioa + Hurrengo urratsetan VeraCrypt ezkutuko sistema eragile berria sortuko du sistemaren partizioa ezkutuko bolumenera kopiatuz (kopiatutako datuak segidan zifratuko dira sistema amu bezala dagoen sistema eragileak daukan gako ezberdinarekin).\n\nKontutan izan ezazu prozesu hau hasieraketa aurreko ingurunean (Windows hasi aurretik) egingo dela eta asko iraun dezakela; orduak edo egunak (sistemaren partizioaren tamaina eta ordenagailuaren potentziaren arabera).\n\nProzesua bertan bera uzti ahal izango duzu ordenagailua itzaliz, sistema eragilea hasieratu eta prozesua jarraitu. Hala ere, prozesua mozten baduzu, sistema kopiatzeko prozesu guztia haieratik hasi behar izando da berriro (sistemaren partizioaren edukia ezin daitekeelako aldatu klonatze prozesua martxan dagoenean). + Ezkutuko sistema eragilearen sortzeko prozesua bertan behera utzi nahi al duzu?n\nOharra: Orain uzten baduzu ezingo diozu prozesuari berrekin. + Sistema zifratzeko aurre-azterketa bertan behera utzi nahi al duzu? + VeraCrypt-en sistema zifratzeko aurre-azterketak huts egin du. Berriz saiatu nahi duzu?\n\n'Ez' aukeratzen baduzu, hasieraketa aurreko kautotze osagarria desinstalatuko da.\n\nOharrak:\n\n- VeraCrypt Hasieraketa Kargatzaileak ez badizu pasahitzik eskatu Windows hasi aurretik, agian zure sistema eragilea ez da abiatzen instalatuta dagoen unitatetik. Hori ez dago onartua.\n\n- AES ez den zifraketa algoritmo bat erabili baduzu eta aurre-azterketak huts egin badu (eta pasahitza sartu duzu), gaizki diseinatuta dagoen erabiltzaile baten errua izan daiteke. 'Ez' aukeratu ezazu eta sistemaren partizio/unitatea berriz zifratzen saiatu zatez, baina oraingoan AES zifratze algoritmoa erabiliz (zeinek memoria behar baxuenak dituen).\n\n- Zergati eta konponbide gehiago ikusteko: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + Sistemaren partizioa/unitatea ez dirudi zifratuta dagoenik (ez zati bat, ez guztiz). + Zure sistemaren partizioa/unitatea (zatika edo guztiz) zifratuta dago.\n\nMesedez, sistemaren partizio/unitate osoa argitu jarraitu aurretik. Hori egiteko, 'Sistema' > 'Sistemaren Partizioa/Unitatea Betirako Argitu' aukeratu VeraCrypt lehio nagusiaren menuan. + Sistemaren partizioa/unitatea (zatika edo guztiz) zifratuta dagoenean, ezin zara VeraCrypt-en bertsio zahar batera aldatu (baina berri bat instalatu edo martxan dagoena berrinstalatu bai). + Zure sistemaren partizioa/unitatea momentu honetan zifratzen, argitzen edo beste modu batean aldatzen ari da. Mesedez, zifratze/argitze/aldatze prozesua eten ezazu (edo bukatu arte itxaron ezazu) jarraitu baino lehen.. + VeraCrypt Bolumenak Sortzeko Laguntzaile bat sistema honetan martxan dago eta sistemaren partizioa/unitatearen zifraketa/argitze prozesu bat egiten edo prestatzen ari da. Jarraitu baino lehen, mesedez, hura bukatu arte itxaron ezazu edo itxi ezazu. Ezin baduzu itxi, jarraitu baino lehen ordenagailua berrabiatu ezazu. + Sistemaren partizioaren/unitatearen zifraketa/argitze prozesua ez da bukatu. Mesedez, jarraitu baino lehen itxaron ezazu bukatzen den arte. + Errorea: Partizioaren/Unitatearen zifraketa/argitze prozesua ez da bukatu. Lehendabizi bukatu behar da. + Errorea: Partizioa/bolumena zifratzeko prozesua ez da bukatu. Lehendabizi bukatu behar da.\n\nOharra: Prozesua jarraitzeko, 'Bolumenak' > 'Etendako Prozesua Jarraitu' aukeratu ezazu VeraCrypt-en lehio nagusiaren menuan. + Pasahitza zuzena da, VeraCrypt-ek bolumenaren goiburua artitu du eta ezkutuko sistema daukan bolumen bat dela aurkitu du. Hala ere, ezin duzu ezkutuko sistema baten bolumenaren goiburua modu honetan aldatu.\n\nEzkutuko sistema baten bolumenaren pasahitza aldateko, ezkutuko bolumenean dagoen sistema eragilea abiatu ezazu, eta gero 'Sistema' > 'Pasahitza Aldatu' aukera hautatu ezazu VeraCrypt-en lehio nagusiaren menuan.\n\nGoiburuaren gakoaren ondorioztatzeko algoritmoa aldatzeko, ezkutuko sistema eragilea abiatu ezazu eta 'Sistema' > 'Goiburuaren Gakoa Ondorioztatzeko Algoritmoa Jarri' hautatu ezazu. + VeraCrypt-ek ez du onartzen ezkutuko sistema bat 'bertan' argitzea.\n\nOharra: Sistema amuaren partizioa argitu nahi baduzu, sistema amua abiatu, eta ondoren 'Sistema' > 'Sistemaren Partizio/Unitatea Betirako Argitu' aukeratu ezazu VeraCrypt-en lehio nagusiaren menuan. + Errorea: Parametro okerra/baliogabekoa + Partizio edo gailu bat aukeratu duzu baina laguntzailean aukeratu duzun moduan bakarrik fitxategi-edukiontzietarako balio du.\n\nLaguntzailearen modua aldatu nahi al duzu? + Horren ordez VeraCrypt fitxategi edukiontzia sortu nahi al duzu? + Sistemaren partizio/unitatea (edo hasieraketa partizioa) aukeratu duzu, baina aukeratu duzun laguntzailearen moduan bakarrik sistemakoak ez diren partizio/unitateekin dabil.\n\nHasieraketa aurreko kautotzea ezarri nahi (honek esan nahi du Windows abiatzen den bakoitzean zure pasahitza sartu beharko duzula) eta sistemaren partizio/unitatea zifratu? + Ziur zaude sistemaren partizioa/unitatea betirako argitu nahi duzula? + KONTUZ: Sistemaren partizio/unitatea betirako argitzen baduzu, bertan zifratu gabeko datuak idatziko dira.\n\nBenetan ziur zaude sistemaren partizio/unitatea betirako argitu nahi duzula? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Kontuz: Sistema zifratzeko zifraketa algoritmo kaskada erabiltzen baduzu, hondorengo arazoak aurkitu ditzakezu:\n\n1) VeraCrypt-en Hasiera Kargatzailea ohi baino handiagoa da, eta horregatik, ez dago tokirik unitatearen lehendabiziko pistan VeraCrypt Hasieraketa Kargatzailearen babeskopiarentzat. Horregatik, hau hondatzen bada (eta hau maiz gertatzen da, adibidez, programa batzuk dituzten gaizki diseinatuta dauden pirateriaren aurkako aktibatze moduak, VeraCrypt Salbatze Diska erabili beharko duzu abiatzeko edo VeraCrypt Hasieraketa Kargatzailea konpontzeko.\n\n2) Ordenagailu batzuetan, hibernaziotik bueltatzeko denbora gehiago behar da.\n\nEgon daitezkeen arazo hauek eragotzi daitezke kaskadan ez den algoritmo bat erabiliz (adidbidez, AES).\n\nZiur zaude zifraketa algoritmo kaskada erabili nahi duzula? + Aurrean aipatutako arazoren bat badaukazu, partizioa/unitatea argitu (zifratuta badago) eta ondoren berriro saiatu zaitez kaskadan ez den algoritmo batekin zifratzen (AES, adibidez). + KONTUZ: Sekurtasun arrazoiengatik, VeraCrypt ezkutuko sistema eragilean eguneratu baino lehen, sistema eragile amuan eguneratu beharko zenuke.\n\nHori egiteko, sistema amua abiatu eta bertan VeraCrypt instalatzailea abiatu ezazu. Ondoren sistema eragile ezkutua abiatu eta bertan ere instalatzailea abiatu ezazu.\n\nOharra: Sistema amuak eta sistema ezkutuak hasieraketa kargatzaile bera daukate. VeraCrypt bakarrik ezkutuko sisteman eguneratuko bazenu (eta ez sistema amuan), sistema amuak daukan VeraCrypt kontrolatzailearen bertsio zenbakia eta VeraCrypt Abiaketa Kargatzailearen bersio zenbakiak ezberdinak izango lirateke. Ezberdintasun horrek ordenagailuan sistema eragile ezkutu bat dagoelaren seinale izan liteke.\n\nJarraitu nahi al duzu? + Sistema eragilea abiatu duen VeraCrypt Hasieraketa Kargatzailearen bertsio zenbakia eta sistema honetan instalatuta dagoen VeraCrypt-en kontrolatzailearen bertsio zenbakia (eta VeraCrypt-en aplikazioena) ezberdinak dira.\n\nVeraCrypt instalatzailea exekutatu beharko zenuke (zeinen bertsio zenbakia VeraCrypt Hasieraketa Kargatzailearen bertsio zenbakiaren berdina den) sistema eragile honetan VeraCrypt eguneratzeko. + Sistema eragilea abiatu duen VeraCrypt Hasieraketa Kargatzailearen bertsio zenbakia ezberdine da sistema honetan instalatuta dagoen VeraCrypt kontrolatzailearena (eta VeraCrypt programena).Ohartu zaitez bertsio zaharkituak bertsio berrietan konponduta dauden akatsak izan ditzaketela.\n\nVeraCrypt Salbatze Diskatik abiatu ez baduzu, VeraCrypt berrinstalatu edo eguneratu beharko zenuke azkeneko bertsiora (hasieraketa kargatzailea ere eguneratuko da).\n\nVeraCrypt Salbatze Diskatik abiatu baduzu, hura eguneratu beharko zenuke ('Sistema' > 'Salbatze Diska Sortu'). + VeraCrypt Hasieraketa Kargatzailea eguneratu egin da.\n\nGogor gomendatzea orain VeraCrypt Salbatze Diska berri bat egitea (zein VeraCrypt Hasiera Kargatzailearen bertsio berri bat izango duen) 'Sistema' > 'Salbatze Diska Sortu' aukeratuz zure ordenagailua berrabiatu eta gero. + VeraCrypt Hasieraketa Kargatzailea eguneratu egin da.\n\nGogor gomendatzea orain sistema eragile amua abiatzea eta VeraCrypt Salbatze Diska berri bat egitea (zein VeraCrypt Hasiera Kargatzailearen bertsio berri bat izango duen) 'Sistema' > 'Salbatze Diska Sortu' aukeratuz. + VeraCrypt-en Hasieraketa Kargatzailea eguneratzean huts egin du. + VeraCrypt-ek sistemaren unitatearen benetako tamaina antzematerakoan huts egin du, horegatik, sistema eragileak ematen duen tamaina erabiliko da (benetako tamaina baino txikiagoa izan daitekeena). Ohartu zaitez hau ez dela VeraCrypt-en akats bat. + KONTUZ: Badirudi dagoeneko VeraCrypt-ek sistemako unitatea ezkutuko sektoreak aurkitzen saiatu dela. Aurreko bilaketa prozesuan arazorik aurkitu bazenuen, orain arazoak ekidin ditzakezu ezkutuko sektoreen bilaketa orain bertan behera utziz. Ohartu zaitez, hori egiten baduzu, VeraCrypt-ek sistema eragileak ematen duen tamaina erabiliko duela (unitatearen benetako tamaina baino txikiagoa izan daitekena).\n\nOhartu zaitez arazo hau ez duela VeraCrypt-en akats batek sortu. + Ezkutuko sektoreen bilaketa saltatu (sistema eragileak emandako tamaina erabili) + Ezkutuko sektoreak aurkitzen berriro saiatu + Errorea: Diskaren sektore bat edo gehiagoren edukia ezin da irakurri (ziurenik arazo fisiko batengatik).\n\nBertan zifratzeko prozesua sektore hauek irakurri ahal direnean bakarrik jarraituko du. VeraCrypt-ek sektore hauek irakurgarri bihurtu dezake bertan zeroak idatziz (ondorioz, zeroz beteriko blokeak zifratuko dira). Hala ere, ohartu zaitez irakurri ezin daitezkeen sektoreen edukia galduko dela. Hori eragotzi nahi baduzu, hondatuko datuen zati batzuk berreskuratzen saiatu zaitezke hirugarren baten tresna aproposak erabiliz.\n\nOharra: Fisikoki hondatutako sektoreak badira (hau da, datuak hondatu edo egiaztapeneko baturaren errorea ez bada) memoria gailu gehienek hondatutako sektoreetan idazten saiatzerakoan datuak beste tokitan idazten dituzte (ondorioz unitatean hondatutako sektoreen datuak zifratu gabe jarraituko dute).\n\nVeraCrypt-ek zeroak idaztea nahi duzu irakurri ezin diren sektoreetan? + Errorea: Diskoaren sektore bat edo gehiago ezin dira irakurri (ziurenik akats fisiko batengatik).\n\nArgitze prozesua egin ahal izateko VeraCrypt-ek irakurri ezin daitezkeen sektoreen edukia alde batera utzi beharko du (edukia pseudoausazko datuengatik aldatuko da). Ohartu zaitez, jarraitu aurretik, hondatutako datuen zati bat berreskuratzen saiatu zaitezkeela hirugarren baten tresnak erabiltzen.\n\nVeraCrypt-ek irakurri ezin daitezkeen datuak orain alde batera uztea nahi al duzu? + Oharra: VeraCrypt-ek irakurri ezin zitekeen %I64d sektoreen (%s) edukia aldatu du zifratutako zeroz beteriko testu blokeekin. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + '%s' agiriaren pasahitza/PIN-a sartu ezazu: + VeraCrypt-i sekurtasun agirira edo txartel azkarrera sartzen ahalbidetzeko, agiriaren edo txartel azkarraren PKCS #11 software liburutegia instalatu behar duzu. Libreria hori gailuarekin etorri beharko zen edo saltzailearen edo hirugarren baten weborritik deskargatzeko prest egon beharko liteke.\n\nLiburutegia instalatu eta gero, eskuz aukeratu dezakezu 'Liburutegia Aukeratu'-n sakatuz edo VeraCrypt automatikoki aurkitu dezake 'Liburutegia Auto-Aurkitu'-n sakatuz (bakarrik Windowsen sistemaren karpetan bilatuko da). + Oharra: zure sekurtasun agiriaren edo txartel azkarraren instalatutako PKCS #11 liburutegiaren izena eta helbidea jakiteko, mesedez agiri, txartel edo hirugarren baten softwarearen dokumentazioa irakurri ezazu.\n\n'Ados' sakatu helbidea eta fitxategi izena aukeratzeko. + VeraCrypt sekurtasun agiria edo txartel azkarra erabili ahal izan dadin, lehendabizi agiri/txartelaren PKCS #11 software liburutegia aukeratu behar duzu. Hori egiteko, 'Ezaugarriak' > 'Sekurtasun Agiriak' aukeratu ezazu. + PKCS #11 sekurtasun agirien liburutegia hasieratzerakoan huts edin du..\n\n Ziurta zaitez helbidea eta fitxategiaren izena PKCS #11 liburutegi batenak direla. PCKS #11 liburutegiaren helbidea eta fitxategiaren izena aldatzeko, 'Ezaugarriak' > 'Sekurtasun Agiriak' hautatu ezazu. + Ez da PKCS #11 liburutegirik aurkitu Windows sistemaren karpetan.\n\nMesedez, ziurtatu zaitez zure sekurtasun agiriaren (edo txartel azkarra) PKCS #11 liburutegia instalatuta dagoela (liburutegi hori agiri/txartelarekin etorriko zen edo saltzailearen edo beste hirugarren baten weborrian egongo da deskargatzeko). Windows sistemakoa ez den karpeta batean instalatuta badago, 'Liburutegia Aukeratu' hautatu ezazu liburutegiaren helbidea zeazteko (adibidez, agiri/txartelaren softwarrea instalatuta dagoen karpeta). + Ez da sekurtasun agiririk aurkitu.\n\nZihurta zaitez sekurtasun agiria zure ordenagailura konektatuta dagoela eta dagokion kontrolatzailea instalatuta dagoela. + Sekurtasun agiriaren gako-fitxategia ez da aurkitu. + Dagoeneko izen hori daukan sekurtasun agiri gako-fitxategia existitzen da. + Aukeratutako fitxategiak ezabatu nahi al dituzu? + Sekurtasun agiriaren gako-fitxategiaren helbidea ez da zuzena. + Sekurtasun agiriaren errorea + Sekurtasun agiriaren pasahitza ez da zuzena. + Sekurtasun agiriak ez du behar den memoria eskatutako eragiketa egiteko.\n\nGako-fitxategi bat inportatzen saiatzen ari bazara, fitxategi txikiago bat aukeratu beharko zenuke edo VeraCrypt-ek sortutako gako-fitxategi bat ('Tresnak' > 'Gako-fitxategi Sortzailea' aukeratu ezazu). + Irekita zeuden sekurtasun agiri sesioak itxi egin dira. + Sekurtasun Agiriaren Gako-fitxategiak Aukeratu + Erreten + Agiriaren Izena + Fitxategiaren Izena + GARRANTZITSUA: Ohartu zaitez hasieraketa aurreko kautotze pasahitzsak EB-etako teklatu estandarraren diseinua erabiliz idazten direla. Horregatik, beste teklatu diseinu bat erabiltzen sartu den pasahitza erabiltzen duen bolumen bat ezingo da muntatu hasieraketa aurreko kautotze pasahitza erabiliz (ohartu zaitez hau ez dela VeraCrypt-en akats bat). Bolumen hori hasieraketa aurreko pasahitza erabiliz muntatu ahal izateko, hurrengo pausoak jarraitu itzazu:\n\n1) 'Artxiboa Aukeratu' edo 'Gailua Aukeratu' sakatu bolumena aukeratzeko.\n2) 'Bolumenak' > 'Bolumenaren Pasahitza Aldatu' aukeratu ezazu.\n3) Bolumenaren pasahitza sartu ezazu.\n4) Teklatuaren diseinua aldatu ezazu English (US)-ra Windows-en erretiluan dagoen Hizkuntza barraren ikonoan klik eginez eta 'EN English (United States)' aukeratuz.\n5) VeraCrypt-en pasahitza berriaren laukitxoan, hasiereketa aurreko kautotze pasahitza idatzi ezazu.\n6) Pasahitza egiaztatu ezazu egiaztatze eremuan pasahitza berridatziz eta 'Ados' sakatu ezau.\nKONTUZ: Ohartu zaitez pausu hauek jarraituz bolumenaren pasahitza beti EB-etako teklatuaren diseinua erabiliz idatzi beharko dela (eta hau automatikoki bakarrik hasieraketa aurreko ingurunean gertatzen dela ziurtatzen da). + Sistemaren gogoko bolumenak abiatze-aurreko kautotze pasahitza erabiltzen muntatuko dira. Sistemaren gogoko bolumen batek ez badu pasahitz hori, ez da muntatuko. + Ohartu zaitez sistemaren gokoko bolumenetan VeraCrypt bolumenen ohiko eragiketak (adib. 'Guztiak Desmuntatu', auto-desmuntatu, e.a.) eragina izan ez dezaten, 'Administratzaileak bakarrik baimendu VeraCrypt-en sistemaren gogoko bolumenak ikusi eta desmuntatzeko' aukera gaitu behar duzula. Horretaz gain, VeraCrypt administratzaile baimenik gabe exekutatzen denean (lehenetsitako aukera Windows Vista eta gerokoetan), sistemaren gogoko bolumenak ez dira VeraCrypt aplikazioaren lehio nagusiko unitate letren zerrendan. + GARRANTZITSUA: Ohartu zaitez aukera hau gaitzen bada VeraCrypt-ek ez duela administratzaile baimenik izango, horregatik, muntatutako sistemaren gogoko bolumenak ez dira VeraCrypt-en lehioan agertuko eta ezin izango dira desmuntatu. Hortaz, adibidez, sistemaren gogoko bolumen bat desmuntatu nahi baduzu, VeraCrypt-en ikonoan (hasiera menuan) eskubiko klik egin ezazu eta 'Administratzaile Bezala Exekutatu' aukeratu ezazu. Limitazio berdina gartatzen da 'Guztiak Desmuntatu', 'Auto-Desmuntatu', 'Guztiak Desmuntatu'-ko tekla bereziak e.a. + Ohartu zaitez ezarpen honek bakarrik sistema eragilea berrabiatu ondoren eragina izango duela. + Errorea gertatu da komandoa irakurtzerakoan. + Babeskopiaren Diska + &Fitxategia aukeratu eta muntatu... + &Gailua Aukeratu eta Muntatu... + Administratzaileek bakarrik baimendu VeraCrypt-en sistemaren gogoko bolumenak ikusi eta desmuntatzeko + Windows abiatzen denean sistemaren gogoko bolumenak muntatu (hasieraketa prozesuaren hasierako fasean). + Kontuz: '%s' bezala munatutako bolumenean dagoen fitxategia ez da ondo desmuntatu eta akatsak izan ditzake. Hondatutako fitxategi sistema erabiltzeak datuen galera edo hondatzea ekar dezake.\n\nOharra: VeraCrypt bolumen bat daukan gailu bat fisikoki atera edo itzali baino lehen (adibidez, USB flash memoria gailu bat edo kanpoko disko gogor bat), VeraCrypt bolumena VeraCrypt-en beti desmuntau beharko zenuke.\n\n\nWindowsek fixategi sisteman erroreak bilatu eta konpontzen sailatzea (baldin badaude) nahi al duzu? + Kontuz: Sistemaren gogoko bolumen bat edo gehiago ez ziren ondo desmuntatu eta fitxategi sisteman akatsak izan ditzakete. Mesedez, gertakarien log-a irakurri ezazu informazio gehiago jasotzeko.\n\nHondatutako fitxategi sistema bat erabiltzea datuen galera edo hondatzea ekarri dezake. Kaltetutako sistemaren gogoko bolumenak egiaztatu beharko zenituzke akats bila (VeraCrypt-en eskubiko klik egin ezazu haietako bakoitzean eta 'Fitxategi Sistema Konpondu' aukeratu). + Kontuz: Hondatutako fitxategi sistema bat Microsoft-en 'chkdsk' tresnarekin konpontzeak hondatutako guneetan fitxategien galera eragin dezake. Horregatik, VeraCrypt bolumenean dauden fitxategien babeskopia beste, hondatu gabeko, VeraCrypt bolumen batera egitea gomendatzen da.\n\nFitxategi sistema orian konpondu nahi al duzu?. + '%s' bolumena irakurtzeko bakarrik muntatu da idazketa baimena ezeztatu zaiolako.\n\nZiurtatu zaitez edukiontzi fitxategian idazteko baimena dagoela (edukiontzian eskubiko klik egin eta Ezaugarriak > Sekurtasuna aukeratu).\n\nOhartu zaitez Windowsen arazo batengatik sekurtasun baimen aproposak jarri eta gero era, mezu hau ikusi dezakezula. Hu ez da VeraCrypt-en akats bat. Konponbide bat edukiontzia mugitzea da, adibidez, zure Dokumentuak karpetara.\n\nBolumen hau irakurtzeko bakarrik erabili nahi baduzu, edukiontziaren irarkurtzeko bakarrik ezaugarria gaitu ezazu (edukiontzian eskubiko klik egin eta Ezaugarriak > Irakurtzeko Bakarrik aukeratu ezazu), honek abisu hau kenduko du. + '%s' bolumena irakurtzeko bakarrik moduan muntatu behar izan da idazteko baimena ukatu delako.\n\n Mesedez, ziurta zaitez bolumena ostatuta dagoen partizioa/gailua erabiltzen ari den beste aplikaziorik (adib. antibirusa) ez dagoela. + '%s' bolumena irakurtzeko bakarrik muntatu da sistema eragileak gailu ostalaria idazketa-babesa daukala esan duelako.\n\nOhartu zaitez badirela txip erabiltzaile pertsonalizatu batzuk idazketa-babesaren seinalea oker ematen dutela.\n\nArazo honek ez du VeraCrypt-ek sortu. Hau konpondu daiteka sisteman instalatuta dauden txip erabiltzaile pertsonalizatuak (Mikrosoftekoak ez direnak) desinstalatu edo eguneratuz. + Ohartu zaitez Hyper-Threading teknologiak nukleo logiko asko ematen dituela nukleo fisiko bakoitzeko. Hyper-Threading gaituta dagoenean, goian aukeratutako zenbakia nukleo/prozesagailu logiko kopurua erakusten du.. + %d prozesu + Ohartu zaitez harware bidez azeleratutako AES-a ezgaituta dagoela, hau froga multzoaren emaitzetan nabarituko da (errendimentu okerragoa izango du).\n\nHardware bidezko azelerazioa gaitu nahi baduzu, 'Ezaugarriak' > 'Errendimendua' aukeratu ezazu eta bertan dagokion aukera gaitu ezazu. + Ohartu zaitez, momentu honetan prozesu kopurua mugatuta dagoela, hau froga multzoaren emaitzetan nabarituko da (errendimentu okerragoa izango du).\n\nProzesadorearen ahalmen osoa erabiltzeko, 'Ezaugarriak' > 'Errendimendua' aukeratu ezazu eta bertan dagokion aukera ezgaitu ezazu. + VeraCrypt partizioaren/unitatearen idazteko babesa ezgaitzen sailatzea nahi duzu? + KONTUZ: Ezarpen honek errendimenduari kalte egin diezaioke.\n\nZiur zaude ezarpen hau erabili nahi duzula? + Kontuz: VeraCrypt bolumena auto-desmuntatuta + Bolumena daukan gailua fisikoki kendu edo itzali bahino lehen, VeraCrypt bolumena beti desmuntatu beharko zenuke.\n\nOrokorrean, ustekabeko desmuntaketak normalean noizbehinka huts egiten duten kabletan, kontrolatzaileatan, e.a. izaten daukate jatorria. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Frogatu + Gako-fitxategia + Ezabatu + Tab + Clear + Ados + Pause + Caps Lock + Tarte tekla + Page Up + Page Down + End + Home + Ezkerrako Gezia + Gorako Gezia + Eskubirako Gezia + Beherako Gezia + Select tekla + Print tekla + Execute tekla + Print Screen + Insert + Delete + Aplikazioen tekla + Lo + Num Lock + Scroll Lock + Nabigatzailea Atzera + Nabigatzailea Aurrera + Nabigatzailea Eguneratu + Nabigatzailea Gelditu + Nabigatzailea Bilatu + Nabigatzailea Gogokoak + Nabigatzailea Orri Nagusia + Isildu + Bolumena Igo + Bolumena Jaitsi + Hurrengo Pista + Aurreko Pista + Gelditu + Erreproduzitu/Pausatu + E-posta Hasi Tekla + Media Aukeratu Tekla + 1. Aplikazioa + 2. Aplikazioa + Attn + CrSel + ExSel + Erreproduzitu + Zoom + Zenbaki Teklatua + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.fa.xml b/Translations/Language.fa.xml index dd857088..9a52f975 100644 --- a/Translations/Language.fa.xml +++ b/Translations/Language.fa.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - لغو - Install &for all users - Bro&wse... - Add VeraCrypt icon to &desktop - Donate now... - Associate the .hc file &extension with VeraCrypt - &Open the destination location when finished - Add VeraCrypt to &Start menu - Create System &Restore point - &Uninstall - &Extract - &Install - VeraCrypt Setup Wizard - Uninstall VeraCrypt - كمك - Please select or type the location where you want to place the extracted files: - Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. - Click Uninstall to remove VeraCrypt from this system. - Abort - &Benchmark - & - Create encrypted volume and format it - Encrypt partition in place - Display generated keys (their portions) - Display pool content - Download CD/DVD recording software - Create an encrypted file container - &GB - &TB - More information - Hi&dden VeraCrypt volume - More information about hidden volumes - Direct mode - Normal mode - &KB - از كليدفايلها استفاده نماييد - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - كليد فايلها ... - Information on hash algorithms - More information - Information on PIM - &MB - More information - More information about system encryption - More information - Multi-boot - Encrypt a non-system partition/drive - هيچگونه اثري را ذخيره نكند - پارتيشن بيروني را انتخاب كند - &Pause - Use P&IM - Use PIM - Quick Format - نمايش كلمه عبور - &Display password - &Display PIM - Single-boot - Standard VeraCrypt volume - Hi&dden - Normal - Encrypt the system partition or entire system drive - Encrypt the Windows system partition - Encrypt the whole drive - VeraCrypt Volume Creation Wizard - كلاستر - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. - تاييد: - انجامشد - Drive letter: - الگوريتم رمزنگاري - فايل سيستم - Creates a virtual encrypted disk within a file. Recommended for inexperienced users. - گزينه ها - Hash الگوريتم - : كليد هدر - چپ - :كليد اصلي - Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - Current pool content (partial) - Pass - كلمه عبور - Volume PIM: - Volume PIM: - Progress: - Random Pool: - Select this option if there is only one operating system installed on this computer (even if it has multiple users). - سرعت - Status - The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. - Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Wipe mode: - Close - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - هيچ كاري نكند - &Auto-mount VeraCrypt volume (specified below) - &نمايش و اجراي برنامه - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - ...پويش - ...پويش - كليدفايل و كلمه عبور را در حافظه نگه دارد - Exit when there are no mounted volumes - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - Include VeraCrypt Volume Creation Wizard - بساز - &ساخت پارتيشن - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - از كليد فايل استفاده كند - از كليد فايل استفاده كند - خروج - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt كليد - Ctrl - كليد شيفت - كليد ويندوز - تخصيص - حذف - ...كليدفايلها - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - &فايل سيستم اتوماتيك - &تنظيمات فايل سيستم - &فايل سيستم فقط خواندني - ...كليد فايلها - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - فعال است - كلمه عبور را در حافظه درايور ذخيره كند - اگر اطلاعاتي خوانده و يا نوشته نشد فايل سيستم را اتوماتيك ببند - لاگ آف - User session locked - مود ذخيره انرژي - محافظ صفحه نمايش فعال است - بصورت اتوماتيك و الزامي درايوها و فايل سيستم باز را ببندد - Mount all device-hosted VeraCrypt volumes - Start VeraCrypt Background Task - فايل سيستم فقط خواندني را استارت كند - فايل سيستم را براي درايوهاي جداپذير شروع كند - مرورگر را براي فايل سيستم هايي كه با موفقيت مونت شدند بازكن - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Wipe cached passwords on auto-dismount - Wipe cached passwords on exit - Preserve modification timestamp of file containers - Reset - دوايس را انتخاب كند - ...فايل را انتخاب كند - Select &Library... - Display password - Display password - Open &Explorer window for mounted volume - &Cache password in driver memory - TrueCrypt Mode - Di&smount All - &Volume Properties... - Volume &Tools... - &Wipe Cache - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - System-Wide Hot Keys - VeraCrypt - Change Password or Keyfiles - Enter VeraCrypt Volume Password - VeraCrypt - Performance and Driver Options - VeraCrypt - Preferences - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - VeraCrypt Traveler Disk Setup - VeraCrypt Volume Properties - About - Add/Remove Keyfiles to/from Volume... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Backup Volume Header... - Benchmark... - Set Header Key Derivation Algorithm... - تغيير كلمه عبور پارتيشن - Set Header Key Derivation Algorithm... - Change Password... - Clear Volume History - Close All Security Token Sessions - Contact - Create Hidden Operating System... - Create Rescue Disk... - Create New Volume... - Permanently Decrypt... - Default Keyfiles... - Default Mount Parameters... - Donate now... - Encrypt System Partition/Drive... - Frequently Asked Questions - User's Guide - &Homepage - Hot Keys... - Keyfile Generator - Language... - Legal Notices - Manage Security Token Keyfiles... - Auto-Mount All Device-Hosted Volumes - Mount Favorite Volumes - Mount Without Pre-Boot &Authentication... - Mount Volume - Mount Volume with Options - News - Online Help - Beginner's Tutorial - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Permanently Decrypt System Partition/Drive - Preferences... - Refresh Drive Letters - Remove All Keyfiles from Volume... - Restore Volume Header... - Resume Interrupted Process - Select Device... - Select File... - Resume Interrupted Process - System Encryption... - Properties... - Settings... - System Favorite Volumes... - Downloads - Test Vectors... - Security Tokens... - Traveler Disk Setup... - Dismount All Mounted Volumes - Dismount Volume - Verify Rescue Disk - Verify Rescue Disk ISO Image - Version History - Volume Expander - Volume Properties - Volume Creation Wizard - VeraCrypt Website - Wipe Cached Passwords - قبول - Hardware Acceleration - Shortcut - AutoRun Configuration (autorun.inf) - Auto-Dismount - Dismount all when: - Boot Loader Screen Options - Confirm Password: - Current - Display this custom message in the pre-boot authentication screen (24 characters maximum): - Default Mount Options - Hot Key Options - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - File Settings - Key to assign: - Processor (CPU) in this computer supports hardware acceleration for AES: - Actions to perform upon logon to Windows - minutes - Mount volume as drive letter: - Mount Settings - New - Password: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - Password Cache - Security Options - VeraCrypt Background Task - VeraCrypt volume to mount (relative to traveler disk root): - Upon insertion of traveler disk: - Create traveler disk files at (traveler disk root directory): - Volume - Windows - Add &Path... - &Auto-Test All - &Continue - &Decrypt - &Delete - &Encrypt - &Export... - Generate and Save Keyfile... - &Generate Random Keyfile... - Download language pack - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - U&se keyfiles - &Keyfiles... - &Remove - Remove &All - What is hidden volume protection? - More information on keyfiles - Mount volume as removable &medium - Mount partition &using system encryption without pre-boot authentication - Parallelization: - Benchmark - &Print - &Protect hidden volume against damage caused by writing to outer volume - &Reset - &Display password - Add &Token Files... - Use backup header embedded in &volume if available - XTS mode - About VeraCrypt - VeraCrypt - Encryption Algorithm Benchmark - VeraCrypt - Test Vectors - Command Line Help - VeraCrypt - Keyfiles - VeraCrypt - Keyfile Generator - VeraCrypt - Language - VeraCrypt - Mount Options - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Select a Partition or Device - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Active language pack - Speed is affected by CPU load and storage device characteristics.\n\nThese tests take place in RAM. - Buffer Size: - Cipher: - P&assword to hidden volume:\n(if empty, cache is used) - Hidden Volume Protection - Key size: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. - WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile! - bits - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Translated by: - Plaintext size: - bits - Current Pool Content - Mixing PRF: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Secondary key (hexadecimal) - Security token: - Sort Method: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Block number: - Ciphertext (hexadecimal) - Data unit number (64-bit hexadecimal, data unit size is 512 bytes) - Key (hexadecimal) - Plaintext (hexadecimal) - Keyfile name: - XTS mode - S&ystem - &Volumes - Favor&ites - T&ools - Settin&gs - &Help - Home&page - - &About... - The read-only attribute on your old volume could not be changed. Please check the file access permissions. - Error: Access denied.\n\nThe partition you are trying to access is either 0 sectors long, or it is the boot device. - Administrator - In order to load the VeraCrypt driver, you need to be logged into an account with administrator privileges. - Please note that in order to encrypt, decrypt or format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes. - In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue? - Please note that in order to format the volume as NTFS you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT. - FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. - Volume is already mounted. - CAUTION: At least one encryption or hash algorithm failed the built-in automatic self-tests!\n\nVeraCrypt installation may be corrupted. - CAUTION: There is not enough data in the Random Number Generator pool to provide the requested amount of random data.\n\nYou should not proceed any further. Please select 'Report a Bug' from the Help menu, and report this error. - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Invalid drive letter. - Invalid path. - Cancel - Cannot access device. Make sure the selected device exists and is not used by system. - Warning: Caps Lock is on. This may cause you to enter your password incorrectly. - Volume Type - It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. - Select this option if you want to create a normal VeraCrypt volume. - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - Outer Volume Encryption Options - Hidden Volume Encryption Options - Encryption Options - WARNING: Failed to clear the path of the last selected volume/keyfile (remembered by file selector)! - Error: The container has been compressed at the filesystem level. VeraCrypt does not support compressed containers (note that compression of encrypted data is ineffective and redundant).\n\nPlease disable compression for the container by following these steps:\n1) Right-click the container in Windows Explorer (not in VeraCrypt).\n2) Select 'Properties'.\n3) In the 'Properties' dialog box, click 'Advanced'.\n4) In the 'Advanced Attributes' dialog box, disable the option 'Compress contents to save disk space' and click 'OK'.\n5) In the 'Properties' dialog box, click 'OK'. - Failed to create volume %s - Size of %s is %.2f bytes - Size of %s is %.2f KB - Size of %s is %.2f MB - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - WARNING: The device/partition is in use by the operating system or applications. Formatting the device/partition might cause data corruption and system instability.\n\nContinue? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - Error: The device/partition contains a file system that could not be dismounted. The file system may be in use by the operating system. Formatting the device/partition would very likely cause data corruption and system instability.\n\nTo solve this issue, we recommend that you first delete the partition and then recreate it without formatting. To do so, follow these steps:\n1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear.\n2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'.\n3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'.\n4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5.\n5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'.\n6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'.\n7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again.\n8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - WARNING: Some of the mounted devices/partitions were already in use!\n\nIgnoring this can cause undesired results including system instability.\n\nWe strongly recommend that you close any application that might be using the devices/partitions. - The selected device contains partitions.\n\nFormatting the device might cause system instability and/or data corruption. Please either select a partition on the device, or remove all partitions on the device to enable VeraCrypt to format it safely. - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Free space on drive %s is %.2f bytes. - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - Could not get available drive letters. - Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Error: Cipher initialization failure. - Error: A weak or a potentially weak key has been detected. The key will be discarded. Please try again. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt Critical Error - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Encrypt - &Decrypt - &Permanently Decrypt - Exit - Please create a logical drive for this extended partition, and then try again. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the VeraCrypt volume within which you wish to create a hidden volume. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - Error: Cannot mount volume. The host file/device is already in use. Attempt to mount without exclusive access failed as well. - The file could not be opened. - Volume Location - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Note: - &Resume - &Defer - &Start - &Continue - &Format - &Wipe - Abort format? - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - The system partition/drive has been successfully decrypted. - \n\nThe VeraCrypt volume has been created and is ready for use. If you wish to create another VeraCrypt volume, click Next. Otherwise, click Exit. - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - The VeraCrypt volume has been successfully created. - Volume Created - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. - Click Format to create the outer volume. For more information, please refer to the documentation. - Outer Volume Format - Hidden Volume Format - Volume Format - Adobe Reader (or a compatible tool) is necessary to view or print the VeraCrypt User's Guide. Adobe Reader (freeware) can be downloaded at: www.adobe.com\n\nDo you want to view the online documentation instead? - If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. - If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. - Volume Creation Mode - Hidden Volume Created - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - Outer volume has been successfully created and mounted as drive %hc:. To this volume you should now copy some sensitive-looking files that you actually do NOT want to hide. The files will be there for anyone forcing you to disclose your password. You will reveal only the password for this outer volume, not for the hidden one. The files that you really care about will be stored in the hidden volume, which will be created later on. When you finish copying, click Next. Do not dismount the volume.\n\nNote: After you click Next, cluster bitmap of the outer volume will be scanned to determine the size of uninterrupted area of free space whose end is aligned with the end of the volume. This area will accommodate the hidden volume, so it will limit its maximum possible size. Cluster bitmap scanning ensures that no data on the outer volume are overwritten by the hidden volume. - Outer Volume Contents - \n\nIn the next steps, you will set the options for the outer volume (within which the hidden volume will be created later on). - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - Outer Volume - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nThe volume cluster bitmap has been scanned and the maximum possible size of the hidden volume has been determined. In the next steps you will set the options, the size, and the password for the hidden volume. - Hidden Volume - The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - Your computer must be restarted.\n\nDo you want to restart it now? - An error occurred when obtaining the system encryption status. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Cannot initialize application components for system encryption. - Failed to initialize the random number generator! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Unable to initialize the application. Failed to register the Dialog class. - Error: Failed to load the Rich Edit system library. - جادوگر ساخت درايو - Maximum possible hidden volume size for this volume is %.2f bytes. - Maximum possible hidden volume size for this volume is %.2f KB. - Maximum possible hidden volume size for this volume is %.2f MB. - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - Volume password/keyfiles cannot be changed while the volume is mounted. Please dismount the volume first. - The header key derivation algorithm cannot be changed while the volume is mounted. Please dismount the volume first. - &Mount - A newer version of VeraCrypt is required to mount this volume. - Error: Volume Creation Wizard not found.\n\nPlease make sure that the file 'VeraCrypt Format.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCrypt Format.exe' on your disk and run it. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Next > - &Finish - &Install - E&xtract - Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. - Error occurred when loading/preparing fonts. - The drive letter was not found or no drive letter was specified. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Drive letter not available. - No file selected! - No drive letters available. - No free drive letter for the outer volume! Volume creation cannot continue. - Could not determine your operating system version or you are using an unsupported operating system. - No path selected! - Not enough free space for the hidden volume! Volume creation cannot continue. - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - The driver is unable to dismount the volume. Some files located on the volume are probably still open. - Unable to lock the volume. There are still open files on the volume. Therefore, it cannot be dismounted. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - Select a VeraCrypt Volume - Specify Path and File Name - Select PKCS #11 Library - Out of Memory - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? - CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - Password - PIM - Set Header Key Derivation Algorithm - Add/Remove Keyfiles to/from Volume - Remove All Keyfiles from Volume - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Keyfile(s) successfully added/removed. - Keyfile exported. - Header key derivation algorithm successfully set. - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. - Please choose a password for the hidden volume. - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - Please enter the password for the volume within which you wish to create a hidden volume.\n\nAfter you click Next, VeraCrypt will attempt to mount the volume. As soon as the volume is mounted, its cluster bitmap will be scanned to determine the size of the uninterrupted area of free space (if there is any) whose end is aligned with the end of the volume. This area will accommodate the hidden volume and therefore will limit its maximum possible size. Cluster map scanning is necessary to ensure that no data on the outer volume will be overwritten by the hidden volume. - \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - Outer Volume Password - Hidden Volume Password - Password for Hidden Operating System - WARNING: Short passwords are easy to crack using brute force techniques!\n\nWe recommend choosing a password consisting of 20 or more characters. Are you sure you want to use a short password? - Volume Password - Incorrect password or not a VeraCrypt volume. - Incorrect keyfile(s) and/or password or not a VeraCrypt volume. - Wrong mount mode, incorrect password, or not a VeraCrypt volume. - Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. - Incorrect password or no VeraCrypt volume found. - Incorrect keyfile(s)/password or no VeraCrypt volume found. - \n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Back - Unable to list raw devices installed on your system! - The volume '%s' exists, and is read-only. Are you sure you want to replace it? - Select destination directory - Select Keyfile - Select a keyfile search path. WARNING: Note that only the path will be remembered, not the filenames! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Outer Volume Size - Hidden Volume Size - Please verify that the size of the selected device/partition shown above is correct and click Next. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Volume Size - Dynamic - CAUTION: SELF-TEST FAILED! - Self-tests of all algorithms passed - The data unit number that you supplied is too long or short. - The secondary key that you supplied is too long or short. - The test ciphertext you have supplied is too long or short. - The test key you have supplied is too long or short. - The test plaintext you have supplied is too long or short. - Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt Traveler Disk - Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. - More information on %s - Unknown - An unspecified or unknown error occurred (%d). - Some volumes contain files or folders being used by applications or system.\n\nForce dismount? - &Dismount - Dismount failed! - Volume contains files or folders being used by applications or system.\n\nForce dismount? - No volume is mounted to the specified drive letter. - The volume you are trying to mount is already mounted. - An error occurred when attempting to mount volume. - Error seeking location within volume. - Error: Incorrect volume size. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt cannot change the password for a foreign volume. - Please select a free drive letter from the list. - Please select a mounted volume in the drive letter list. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Error: Cannot create autorun.inf - Error while processing keyfile! - Error processing keyfile path! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt does not support this operating system. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Error: Cannot allocate memory. - Error: Could not retrieve value of performance counter. - Error: Bad volume format. - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - Legal Notices - All Files - VeraCrypt Volumes - Library Modules - NTFS formatting cannot continue. - Cannot mount volume. - Cannot dismount volume. - Windows failed to format the volume as NTFS.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). - Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? - Default - partition - PARTITION - Device - device - DEVICE - Volume - volume - VOLUME - Label - The selected cluster size is too small for this volume size. A greater cluster size will be used instead. - Error: Cannot get volume size!\n\nMake sure the selected volume is not being used by the system or an application. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. - Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. - Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). - Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. - Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. - Error: Cannot access the outer volume! Volume creation cannot continue. - Error: Cannot mount the outer volume! Volume creation cannot continue. - Error: Cannot get volume cluster bitmap! Volume creation cannot continue. - Alphabetical/Categorized - Mean Speed (Descending) - Algorithm - Encryption - Decryption - Mean - Drive - Size - Encryption Algorithm - Encryption algorithm - Type - Value - Property - Location - bytes - Hidden - Outer - Normal - System - Hidden (system) - Read-Only - System drive - System drive (encrypting - %.2f%% done) - System drive (decrypting - %.2f%% done) - System drive (%.2f%% encrypted) - System partition - Hidden system partition - System partition (encrypting - %.2f%% done) - System partition (decrypting - %.2f%% done) - System partition (%.2f%% encrypted) - Yes (damage prevented!) - None - Primary Key Size - Secondary Key Size (XTS Mode) - Tweak Key Size (LRW Mode) - بيت ها - بلوكه كردن سايز - PKCS-5 PRF - PKCS-5 Iteration Count - Volume Created - Header Last Modified - (%I64d days ago) - Volume Format Version - Embedded Backup Header - VeraCrypt Boot Loader Version - First available - Removable Disk - Harddisk - Unchanged - Autodetection - Wizard Mode - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Setup Options - Here you can set various options to control the installation process. - Installing - Please wait while VeraCrypt is being installed. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Extraction Options - Here you can set various options to control the extraction process. - Please wait while files are being extracted. - Files successfully extracted - All files have been successfully extracted to the destination location. - If the specified folder does not exist, it will be automatically created. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Do you want to view release notes for the current (latest stable) version of VeraCrypt? - If you have never used VeraCrypt before, we recommend that you read the chapter Beginner's Tutorial in the VeraCrypt User Guide. Do you want to view the tutorial? - Please select an action to perform from the following: - Repair/Reinstall - Upgrade - Uninstall - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - Installation failed. - Uninstallation failed. - This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). - Cannot write file %s - Extracting - Cannot read data from the package. - Cannot verify the integrity of this distribution package. - Extraction failed. - The installation has been rolled back. - VeraCrypt has been successfully installed. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt has been successfully uninstalled.\n\nClick 'Finish' to remove the VeraCrypt installer and the folder %s. Note that the folder will not be removed if it contains any files that were not installed by the VeraCrypt installer or created by VeraCrypt. - Removing VeraCrypt registry entries - Adding registry entry - Removing application-specific data - Installing - Stopping - Removing - Adding icon - Creating System Restore point - Failed to create System Restore point! - Updating boot loader - Failed to install '%s'. %s\nDo you want to continue installing? - Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? - Installation completed. - The folder '%s' could not be created - The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. - All VeraCrypt volumes must be dismounted before installing or uninstalling VeraCrypt. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - The installation of the registry entries has failed - The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. - Starting VeraCrypt device driver - Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). - Installing VeraCrypt device driver - Stopping VeraCrypt device driver - Uninstalling VeraCrypt device driver - Registration of the User Account Control support library failed. - Unregistration of the User Account Control support library failed. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - Error: Cannot display license. - Outer(!) - days - hours - minutes - s - Open - Dismount - Show VeraCrypt - Hide VeraCrypt - Data Read since Mount - Data Written since Mount - Encrypted Portion - 100% (fully encrypted) - 0% (not encrypted) - %.3f%% - 100% - Waiting - Preparing - Resizing - Encrypting - Decrypting - Finalizing - Paused - Finished - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Enter password for %s - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - Keyfile has been successfully created. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). - The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. - The VeraCrypt Rescue Disk has been successfully verified. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Error creating VeraCrypt Rescue Disk. - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Please dismount the volume before proceeding. - Error: Cannot set timer. - Check Filesystem - Repair Filesystem - Add to Favorites... - Add to System Favorites... - P&roperties... - Hidden Volume Protected - N/A - Yes - No - Disabled - 1 - 2 or more - Mode of Operation - Label: - Size: - Path: - Drive Letter: - Error: Password must contain only ASCII characters.\n\nNon-ASCII characters in password might cause the volume to be impossible to mount when your system configuration changes.\n\nThe following characters are allowed:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Warning: Password contains non-ASCII characters. This may cause the volume to be impossible to mount when your system configuration changes.\n\nYou should replace all non-ASCII characters in the password with ASCII characters. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nThe following are ASCII characters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Homepage - WARNING: It appears that you have not applied any Service Pack to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows XP to which you did not apply Service Pack 1 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt. - WARNING: It appears that you have not applied Service Pack 3 or later to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows 2000 to which you did not apply Service Pack 3 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt.\n\nNote: You may also need to enable the 48-bit LBA support in the registry; for more information, see http://support.microsoft.com/kb/305098/EN-US - WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - WARNING: If you want to be able to add more data/files to the outer volume in future, you should consider choosing a smaller size for the hidden volume.\n\nAre you sure you want to continue with the size you specified? - No volume selected.\n\nClick 'Select Device' or 'Select File' to select a VeraCrypt volume. - No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. - WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? - Auto-Mount Devices - Dismount All - Wipe Cache - Dismount All & Wipe Cache - Force Dismount All & Wipe Cache - Force Dismount All, Wipe Cache & Exit - Mount Favorite Volumes - Show/Hide Main VeraCrypt Window - (Click here and press a key) - Action - Shortcut - Error: This shortcut is reserved. Please choose a different shortcut. - Error: Shortcut already in use. - WARNING: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - WARNING: If this option is disabled, volumes containing open files/directories will not be possible to auto-dismount.\n\nAre you sure you want to disable this option? - WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Exit? - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. - Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. - Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. - Error: Failed to interrupt the process of wiping. - Error: Failed to resume the process of encryption/decryption of the system partition/drive. - Error: Failed to start the process of wiping. - Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - WARNING: VeraCrypt Background Task is disabled. After you exit VeraCrypt, you will not be notified if damage to hidden volume is prevented.\n\nNote: You may shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nEnable VeraCrypt Background Task? - Language pack version: %s - Checking the file system on the VeraCrypt volume mounted as %s... - Attempting to repair the file system on the VeraCrypt volume mounted as %s... - Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. - Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E - Please assign a drive letter to the partition/device before proceeding ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nNote that this is a requirement of the operating system. - Mount VeraCrypt volume - Dismount all VeraCrypt volumes - VeraCrypt failed to obtain Administrator privileges. - Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. - The feature is not supported on the version of the operating system you are currently using. - VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. - CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). - Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - Your system partition/drive appears to be fully encrypted. - VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). - As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - This algorithm is currently not supported for system encryption. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. - Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. - As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. - VeraCrypt prevented change of keyboard layout. - Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - Error: Cannot save system encryption settings. - Cannot initiate the system encryption pretest. - Cannot initiate the process of creation of the hidden operating system. - Wipe Mode - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - None (fastest) - 1-pass (random data) - 3-pass (US DoD 5220.22-M) - 7-pass (US DoD 5220.22-M) - 35-pass ("Gutmann") - 256-pass - Number of Operating Systems - WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Boot Drive - Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. - VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. - Number of System Drives - How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. - VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. - Multiple Systems on Single Drive - Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. - Non-Windows Boot Loader - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - Multi-Boot - VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - Detecting Hidden Sectors - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - Area to Encrypt - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Collecting Random Data - Keys Generated - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Rescue Disk Recording - Rescue Disk Created - System Encryption Pretest - Rescue Disk Verified - \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? - Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Pretest Completed - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - Do you want to cancel the system encryption pretest? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - The system partition/drive does not appear to be encrypted (neither partially nor fully). - Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. - An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. - Error: The process of encryption of the partition/drive has not been completed. It must be completed first. - Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - Error: Incorrect/invalid parameter. - You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? - Do you want to create a VeraCrypt file container instead? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Are you sure you want to permanently decrypt the system partition/drive? - CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Failed to upgrade the VeraCrypt Boot Loader. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. - Skip detection of hidden sectors (use the size reported by the operating system) - Try to detect hidden sectors again - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Rescue Disk - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Test - Keyfile - Backspace - Tab - Clear - Enter - Pause - Caps Lock - Spacebar - Page Up - Page Down - End - Home - Left Arrow - Up Arrow - Right Arrow - Down Arrow - Select Key - Print Key - Execute Key - Print Screen - Insert - Delete - Applications Key - Sleep - Num Lock - Scroll Lock - Browser Back - Browser Forward - Browser Refresh - Browser Stop - Browser Search - Browser Favorites - Browser Home - Mute - Volume Down - Volume Up - Next Track - Previous Track - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Application 1 - Application 2 - Attn - CrSel - ExSel - Play - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + لغو + Install &for all users + Bro&wse... + Add VeraCrypt icon to &desktop + Donate now... + Associate the .hc file &extension with VeraCrypt + &Open the destination location when finished + Add VeraCrypt to &Start menu + Create System &Restore point + &Uninstall + &Extract + &Install + VeraCrypt Setup Wizard + Uninstall VeraCrypt + كمك + Please select or type the location where you want to place the extracted files: + Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. + Click Uninstall to remove VeraCrypt from this system. + Abort + &Benchmark + & + Create encrypted volume and format it + Encrypt partition in place + Display generated keys (their portions) + Display pool content + Download CD/DVD recording software + Create an encrypted file container + &GB + &TB + More information + Hi&dden VeraCrypt volume + More information about hidden volumes + Direct mode + Normal mode + &KB + از كليدفايلها استفاده نماييد + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + كليد فايلها ... + Information on hash algorithms + More information + Information on PIM + &MB + More information + More information about system encryption + More information + Multi-boot + Encrypt a non-system partition/drive + هيچگونه اثري را ذخيره نكند + پارتيشن بيروني را انتخاب كند + &Pause + Use P&IM + Use PIM + Quick Format + نمايش كلمه عبور + &Display password + &Display PIM + Single-boot + Standard VeraCrypt volume + Hi&dden + Normal + Encrypt the system partition or entire system drive + Encrypt the Windows system partition + Encrypt the whole drive + VeraCrypt Volume Creation Wizard + كلاستر + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. + تاييد: + انجامشد + Drive letter: + الگوريتم رمزنگاري + فايل سيستم + Creates a virtual encrypted disk within a file. Recommended for inexperienced users. + گزينه ها + Hash الگوريتم + : كليد هدر + چپ + :كليد اصلي + Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + Current pool content (partial) + Pass + كلمه عبور + Volume PIM: + Volume PIM: + Progress: + Random Pool: + Select this option if there is only one operating system installed on this computer (even if it has multiple users). + سرعت + Status + The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. + Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Wipe mode: + Close + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + هيچ كاري نكند + &Auto-mount VeraCrypt volume (specified below) + &نمايش و اجراي برنامه + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + ...پويش + ...پويش + كليدفايل و كلمه عبور را در حافظه نگه دارد + Exit when there are no mounted volumes + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + Include VeraCrypt Volume Creation Wizard + بساز + &ساخت پارتيشن + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + از كليد فايل استفاده كند + از كليد فايل استفاده كند + خروج + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt كليد + Ctrl + كليد شيفت + كليد ويندوز + تخصيص + حذف + ...كليدفايلها + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + &فايل سيستم اتوماتيك + &تنظيمات فايل سيستم + &فايل سيستم فقط خواندني + ...كليد فايلها + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + فعال است + كلمه عبور را در حافظه درايور ذخيره كند + اگر اطلاعاتي خوانده و يا نوشته نشد فايل سيستم را اتوماتيك ببند + لاگ آف + User session locked + مود ذخيره انرژي + محافظ صفحه نمايش فعال است + بصورت اتوماتيك و الزامي درايوها و فايل سيستم باز را ببندد + Mount all device-hosted VeraCrypt volumes + Start VeraCrypt Background Task + فايل سيستم فقط خواندني را استارت كند + فايل سيستم را براي درايوهاي جداپذير شروع كند + مرورگر را براي فايل سيستم هايي كه با موفقيت مونت شدند بازكن + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Wipe cached passwords on auto-dismount + Wipe cached passwords on exit + Preserve modification timestamp of file containers + Reset + دوايس را انتخاب كند + ...فايل را انتخاب كند + Select &Library... + Display password + Display password + Open &Explorer window for mounted volume + &Cache password in driver memory + TrueCrypt Mode + Di&smount All + &Volume Properties... + Volume &Tools... + &Wipe Cache + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - System-Wide Hot Keys + VeraCrypt + Change Password or Keyfiles + Enter VeraCrypt Volume Password + VeraCrypt - Performance and Driver Options + VeraCrypt - Preferences + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + VeraCrypt Traveler Disk Setup + VeraCrypt Volume Properties + About + Add/Remove Keyfiles to/from Volume... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Backup Volume Header... + Benchmark... + Set Header Key Derivation Algorithm... + تغيير كلمه عبور پارتيشن + Set Header Key Derivation Algorithm... + Change Password... + Clear Volume History + Close All Security Token Sessions + Contact + Create Hidden Operating System... + Create Rescue Disk... + Create New Volume... + Permanently Decrypt... + Default Keyfiles... + Default Mount Parameters... + Donate now... + Encrypt System Partition/Drive... + Frequently Asked Questions + User's Guide + &Homepage + Hot Keys... + Keyfile Generator + Language... + Legal Notices + Manage Security Token Keyfiles... + Auto-Mount All Device-Hosted Volumes + Mount Favorite Volumes + Mount Without Pre-Boot &Authentication... + Mount Volume + Mount Volume with Options + News + Online Help + Beginner's Tutorial + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Permanently Decrypt System Partition/Drive + Preferences... + Refresh Drive Letters + Remove All Keyfiles from Volume... + Restore Volume Header... + Resume Interrupted Process + Select Device... + Select File... + Resume Interrupted Process + System Encryption... + Properties... + Settings... + System Favorite Volumes... + Downloads + Test Vectors... + Security Tokens... + Traveler Disk Setup... + Dismount All Mounted Volumes + Dismount Volume + Verify Rescue Disk + Verify Rescue Disk ISO Image + Version History + Volume Expander + Volume Properties + Volume Creation Wizard + VeraCrypt Website + Wipe Cached Passwords + قبول + Hardware Acceleration + Shortcut + AutoRun Configuration (autorun.inf) + Auto-Dismount + Dismount all when: + Boot Loader Screen Options + Confirm Password: + Current + Display this custom message in the pre-boot authentication screen (24 characters maximum): + Default Mount Options + Hot Key Options + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + File Settings + Key to assign: + Processor (CPU) in this computer supports hardware acceleration for AES: + Actions to perform upon logon to Windows + minutes + Mount volume as drive letter: + Mount Settings + New + Password: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + Password Cache + Security Options + VeraCrypt Background Task + VeraCrypt volume to mount (relative to traveler disk root): + Upon insertion of traveler disk: + Create traveler disk files at (traveler disk root directory): + Volume + Windows + Add &Path... + &Auto-Test All + &Continue + &Decrypt + &Delete + &Encrypt + &Export... + Generate and Save Keyfile... + &Generate Random Keyfile... + Download language pack + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + U&se keyfiles + &Keyfiles... + &Remove + Remove &All + What is hidden volume protection? + More information on keyfiles + Mount volume as removable &medium + Mount partition &using system encryption without pre-boot authentication + Parallelization: + Benchmark + &Print + &Protect hidden volume against damage caused by writing to outer volume + &Reset + &Display password + Add &Token Files... + Use backup header embedded in &volume if available + XTS mode + About VeraCrypt + VeraCrypt - Encryption Algorithm Benchmark + VeraCrypt - Test Vectors + Command Line Help + VeraCrypt - Keyfiles + VeraCrypt - Keyfile Generator + VeraCrypt - Language + VeraCrypt - Mount Options + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Select a Partition or Device + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Active language pack + Speed is affected by CPU load and storage device characteristics.\n\nThese tests take place in RAM. + Buffer Size: + Cipher: + P&assword to hidden volume:\n(if empty, cache is used) + Hidden Volume Protection + Key size: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. + WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile! + bits + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Translated by: + Plaintext size: + bits + Current Pool Content + Mixing PRF: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Secondary key (hexadecimal) + Security token: + Sort Method: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Block number: + Ciphertext (hexadecimal) + Data unit number (64-bit hexadecimal, data unit size is 512 bytes) + Key (hexadecimal) + Plaintext (hexadecimal) + Keyfile name: + XTS mode + S&ystem + &Volumes + Favor&ites + T&ools + Settin&gs + &Help + Home&page + + &About... + The read-only attribute on your old volume could not be changed. Please check the file access permissions. + Error: Access denied.\n\nThe partition you are trying to access is either 0 sectors long, or it is the boot device. + Administrator + In order to load the VeraCrypt driver, you need to be logged into an account with administrator privileges. + Please note that in order to encrypt, decrypt or format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes. + In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue? + Please note that in order to format the volume as NTFS you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT. + FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. + Volume is already mounted. + CAUTION: At least one encryption or hash algorithm failed the built-in automatic self-tests!\n\nVeraCrypt installation may be corrupted. + CAUTION: There is not enough data in the Random Number Generator pool to provide the requested amount of random data.\n\nYou should not proceed any further. Please select 'Report a Bug' from the Help menu, and report this error. + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Invalid drive letter. + Invalid path. + Cancel + Cannot access device. Make sure the selected device exists and is not used by system. + Warning: Caps Lock is on. This may cause you to enter your password incorrectly. + Volume Type + It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. + Select this option if you want to create a normal VeraCrypt volume. + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + Outer Volume Encryption Options + Hidden Volume Encryption Options + Encryption Options + WARNING: Failed to clear the path of the last selected volume/keyfile (remembered by file selector)! + Error: The container has been compressed at the filesystem level. VeraCrypt does not support compressed containers (note that compression of encrypted data is ineffective and redundant).\n\nPlease disable compression for the container by following these steps:\n1) Right-click the container in Windows Explorer (not in VeraCrypt).\n2) Select 'Properties'.\n3) In the 'Properties' dialog box, click 'Advanced'.\n4) In the 'Advanced Attributes' dialog box, disable the option 'Compress contents to save disk space' and click 'OK'.\n5) In the 'Properties' dialog box, click 'OK'. + Failed to create volume %s + Size of %s is %.2f bytes + Size of %s is %.2f KB + Size of %s is %.2f MB + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + WARNING: The device/partition is in use by the operating system or applications. Formatting the device/partition might cause data corruption and system instability.\n\nContinue? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + Error: The device/partition contains a file system that could not be dismounted. The file system may be in use by the operating system. Formatting the device/partition would very likely cause data corruption and system instability.\n\nTo solve this issue, we recommend that you first delete the partition and then recreate it without formatting. To do so, follow these steps:\n1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear.\n2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'.\n3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'.\n4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5.\n5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'.\n6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'.\n7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again.\n8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + WARNING: Some of the mounted devices/partitions were already in use!\n\nIgnoring this can cause undesired results including system instability.\n\nWe strongly recommend that you close any application that might be using the devices/partitions. + The selected device contains partitions.\n\nFormatting the device might cause system instability and/or data corruption. Please either select a partition on the device, or remove all partitions on the device to enable VeraCrypt to format it safely. + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Free space on drive %s is %.2f bytes. + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + Could not get available drive letters. + Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Error: Cipher initialization failure. + Error: A weak or a potentially weak key has been detected. The key will be discarded. Please try again. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt Critical Error + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Encrypt + &Decrypt + &Permanently Decrypt + Exit + Please create a logical drive for this extended partition, and then try again. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the VeraCrypt volume within which you wish to create a hidden volume. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + Error: Cannot mount volume. The host file/device is already in use. Attempt to mount without exclusive access failed as well. + The file could not be opened. + Volume Location + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Note: + &Resume + &Defer + &Start + &Continue + &Format + &Wipe + Abort format? + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + The system partition/drive has been successfully decrypted. + \n\nThe VeraCrypt volume has been created and is ready for use. If you wish to create another VeraCrypt volume, click Next. Otherwise, click Exit. + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + The VeraCrypt volume has been successfully created. + Volume Created + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. + Click Format to create the outer volume. For more information, please refer to the documentation. + Outer Volume Format + Hidden Volume Format + Volume Format + Adobe Reader (or a compatible tool) is necessary to view or print the VeraCrypt User's Guide. Adobe Reader (freeware) can be downloaded at: www.adobe.com\n\nDo you want to view the online documentation instead? + If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. + If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. + Volume Creation Mode + Hidden Volume Created + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + Outer volume has been successfully created and mounted as drive %hc:. To this volume you should now copy some sensitive-looking files that you actually do NOT want to hide. The files will be there for anyone forcing you to disclose your password. You will reveal only the password for this outer volume, not for the hidden one. The files that you really care about will be stored in the hidden volume, which will be created later on. When you finish copying, click Next. Do not dismount the volume.\n\nNote: After you click Next, cluster bitmap of the outer volume will be scanned to determine the size of uninterrupted area of free space whose end is aligned with the end of the volume. This area will accommodate the hidden volume, so it will limit its maximum possible size. Cluster bitmap scanning ensures that no data on the outer volume are overwritten by the hidden volume. + Outer Volume Contents + \n\nIn the next steps, you will set the options for the outer volume (within which the hidden volume will be created later on). + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + Outer Volume + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nThe volume cluster bitmap has been scanned and the maximum possible size of the hidden volume has been determined. In the next steps you will set the options, the size, and the password for the hidden volume. + Hidden Volume + The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + Your computer must be restarted.\n\nDo you want to restart it now? + An error occurred when obtaining the system encryption status. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Cannot initialize application components for system encryption. + Failed to initialize the random number generator! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Unable to initialize the application. Failed to register the Dialog class. + Error: Failed to load the Rich Edit system library. + جادوگر ساخت درايو + Maximum possible hidden volume size for this volume is %.2f bytes. + Maximum possible hidden volume size for this volume is %.2f KB. + Maximum possible hidden volume size for this volume is %.2f MB. + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + Volume password/keyfiles cannot be changed while the volume is mounted. Please dismount the volume first. + The header key derivation algorithm cannot be changed while the volume is mounted. Please dismount the volume first. + &Mount + A newer version of VeraCrypt is required to mount this volume. + Error: Volume Creation Wizard not found.\n\nPlease make sure that the file 'VeraCrypt Format.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCrypt Format.exe' on your disk and run it. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Next > + &Finish + &Install + E&xtract + Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. + Error occurred when loading/preparing fonts. + The drive letter was not found or no drive letter was specified. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Drive letter not available. + No file selected! + No drive letters available. + No free drive letter for the outer volume! Volume creation cannot continue. + Could not determine your operating system version or you are using an unsupported operating system. + No path selected! + Not enough free space for the hidden volume! Volume creation cannot continue. + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + The driver is unable to dismount the volume. Some files located on the volume are probably still open. + Unable to lock the volume. There are still open files on the volume. Therefore, it cannot be dismounted. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + Select a VeraCrypt Volume + Specify Path and File Name + Select PKCS #11 Library + Out of Memory + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? + CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + Password + PIM + Set Header Key Derivation Algorithm + Add/Remove Keyfiles to/from Volume + Remove All Keyfiles from Volume + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Keyfile(s) successfully added/removed. + Keyfile exported. + Header key derivation algorithm successfully set. + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. + Please choose a password for the hidden volume. + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + Please enter the password for the volume within which you wish to create a hidden volume.\n\nAfter you click Next, VeraCrypt will attempt to mount the volume. As soon as the volume is mounted, its cluster bitmap will be scanned to determine the size of the uninterrupted area of free space (if there is any) whose end is aligned with the end of the volume. This area will accommodate the hidden volume and therefore will limit its maximum possible size. Cluster map scanning is necessary to ensure that no data on the outer volume will be overwritten by the hidden volume. + \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + Outer Volume Password + Hidden Volume Password + Password for Hidden Operating System + WARNING: Short passwords are easy to crack using brute force techniques!\n\nWe recommend choosing a password consisting of 20 or more characters. Are you sure you want to use a short password? + Volume Password + Incorrect password or not a VeraCrypt volume. + Incorrect keyfile(s) and/or password or not a VeraCrypt volume. + Wrong mount mode, incorrect password, or not a VeraCrypt volume. + Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. + Incorrect password or no VeraCrypt volume found. + Incorrect keyfile(s)/password or no VeraCrypt volume found. + \n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Back + Unable to list raw devices installed on your system! + The volume '%s' exists, and is read-only. Are you sure you want to replace it? + Select destination directory + Select Keyfile + Select a keyfile search path. WARNING: Note that only the path will be remembered, not the filenames! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Outer Volume Size + Hidden Volume Size + Please verify that the size of the selected device/partition shown above is correct and click Next. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Volume Size + Dynamic + CAUTION: SELF-TEST FAILED! + Self-tests of all algorithms passed + The data unit number that you supplied is too long or short. + The secondary key that you supplied is too long or short. + The test ciphertext you have supplied is too long or short. + The test key you have supplied is too long or short. + The test plaintext you have supplied is too long or short. + Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt Traveler Disk + Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. + More information on %s + Unknown + An unspecified or unknown error occurred (%d). + Some volumes contain files or folders being used by applications or system.\n\nForce dismount? + &Dismount + Dismount failed! + Volume contains files or folders being used by applications or system.\n\nForce dismount? + No volume is mounted to the specified drive letter. + The volume you are trying to mount is already mounted. + An error occurred when attempting to mount volume. + Error seeking location within volume. + Error: Incorrect volume size. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt cannot change the password for a foreign volume. + Please select a free drive letter from the list. + Please select a mounted volume in the drive letter list. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Error: Cannot create autorun.inf + Error while processing keyfile! + Error processing keyfile path! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt does not support this operating system. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Error: Cannot allocate memory. + Error: Could not retrieve value of performance counter. + Error: Bad volume format. + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - Legal Notices + All Files + VeraCrypt Volumes + Library Modules + NTFS formatting cannot continue. + Cannot mount volume. + Cannot dismount volume. + Windows failed to format the volume as NTFS.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). + Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? + Default + partition + PARTITION + Device + device + DEVICE + Volume + volume + VOLUME + Label + The selected cluster size is too small for this volume size. A greater cluster size will be used instead. + Error: Cannot get volume size!\n\nMake sure the selected volume is not being used by the system or an application. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. + Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. + Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). + Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. + Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. + Error: Cannot access the outer volume! Volume creation cannot continue. + Error: Cannot mount the outer volume! Volume creation cannot continue. + Error: Cannot get volume cluster bitmap! Volume creation cannot continue. + Alphabetical/Categorized + Mean Speed (Descending) + Algorithm + Encryption + Decryption + Mean + Drive + Size + Encryption Algorithm + Encryption algorithm + Type + Value + Property + Location + bytes + Hidden + Outer + Normal + System + Hidden (system) + Read-Only + System drive + System drive (encrypting - %.2f%% done) + System drive (decrypting - %.2f%% done) + System drive (%.2f%% encrypted) + System partition + Hidden system partition + System partition (encrypting - %.2f%% done) + System partition (decrypting - %.2f%% done) + System partition (%.2f%% encrypted) + Yes (damage prevented!) + None + Primary Key Size + Secondary Key Size (XTS Mode) + Tweak Key Size (LRW Mode) + بيت ها + بلوكه كردن سايز + PKCS-5 PRF + PKCS-5 Iteration Count + Volume Created + Header Last Modified + (%I64d days ago) + Volume Format Version + Embedded Backup Header + VeraCrypt Boot Loader Version + First available + Removable Disk + Harddisk + Unchanged + Autodetection + Wizard Mode + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Setup Options + Here you can set various options to control the installation process. + Installing + Please wait while VeraCrypt is being installed. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Extraction Options + Here you can set various options to control the extraction process. + Please wait while files are being extracted. + Files successfully extracted + All files have been successfully extracted to the destination location. + If the specified folder does not exist, it will be automatically created. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Do you want to view release notes for the current (latest stable) version of VeraCrypt? + If you have never used VeraCrypt before, we recommend that you read the chapter Beginner's Tutorial in the VeraCrypt User Guide. Do you want to view the tutorial? + Please select an action to perform from the following: + Repair/Reinstall + Upgrade + Uninstall + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + Installation failed. + Uninstallation failed. + This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). + Cannot write file %s + Extracting + Cannot read data from the package. + Cannot verify the integrity of this distribution package. + Extraction failed. + The installation has been rolled back. + VeraCrypt has been successfully installed. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt has been successfully uninstalled.\n\nClick 'Finish' to remove the VeraCrypt installer and the folder %s. Note that the folder will not be removed if it contains any files that were not installed by the VeraCrypt installer or created by VeraCrypt. + Removing VeraCrypt registry entries + Adding registry entry + Removing application-specific data + Installing + Stopping + Removing + Adding icon + Creating System Restore point + Failed to create System Restore point! + Updating boot loader + Failed to install '%s'. %s\nDo you want to continue installing? + Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? + Installation completed. + The folder '%s' could not be created + The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. + All VeraCrypt volumes must be dismounted before installing or uninstalling VeraCrypt. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + The installation of the registry entries has failed + The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. + Starting VeraCrypt device driver + Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). + Installing VeraCrypt device driver + Stopping VeraCrypt device driver + Uninstalling VeraCrypt device driver + Registration of the User Account Control support library failed. + Unregistration of the User Account Control support library failed. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + Error: Cannot display license. + Outer(!) + days + hours + minutes + s + Open + Dismount + Show VeraCrypt + Hide VeraCrypt + Data Read since Mount + Data Written since Mount + Encrypted Portion + 100% (fully encrypted) + 0% (not encrypted) + %.3f%% + 100% + Waiting + Preparing + Resizing + Encrypting + Decrypting + Finalizing + Paused + Finished + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Enter password for %s + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + Keyfile has been successfully created. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). + The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. + The VeraCrypt Rescue Disk has been successfully verified. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Error creating VeraCrypt Rescue Disk. + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Please dismount the volume before proceeding. + Error: Cannot set timer. + Check Filesystem + Repair Filesystem + Add to Favorites... + Add to System Favorites... + P&roperties... + Hidden Volume Protected + N/A + Yes + No + Disabled + 1 + 2 or more + Mode of Operation + Label: + Size: + Path: + Drive Letter: + Error: Password must contain only ASCII characters.\n\nNon-ASCII characters in password might cause the volume to be impossible to mount when your system configuration changes.\n\nThe following characters are allowed:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Warning: Password contains non-ASCII characters. This may cause the volume to be impossible to mount when your system configuration changes.\n\nYou should replace all non-ASCII characters in the password with ASCII characters. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nThe following are ASCII characters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Homepage + WARNING: It appears that you have not applied any Service Pack to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows XP to which you did not apply Service Pack 1 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt. + WARNING: It appears that you have not applied Service Pack 3 or later to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows 2000 to which you did not apply Service Pack 3 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt.\n\nNote: You may also need to enable the 48-bit LBA support in the registry; for more information, see http://support.microsoft.com/kb/305098/EN-US + WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + WARNING: If you want to be able to add more data/files to the outer volume in future, you should consider choosing a smaller size for the hidden volume.\n\nAre you sure you want to continue with the size you specified? + No volume selected.\n\nClick 'Select Device' or 'Select File' to select a VeraCrypt volume. + No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. + WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? + Auto-Mount Devices + Dismount All + Wipe Cache + Dismount All & Wipe Cache + Force Dismount All & Wipe Cache + Force Dismount All, Wipe Cache & Exit + Mount Favorite Volumes + Show/Hide Main VeraCrypt Window + (Click here and press a key) + Action + Shortcut + Error: This shortcut is reserved. Please choose a different shortcut. + Error: Shortcut already in use. + WARNING: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + WARNING: If this option is disabled, volumes containing open files/directories will not be possible to auto-dismount.\n\nAre you sure you want to disable this option? + WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Exit? + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. + Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. + Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. + Error: Failed to interrupt the process of wiping. + Error: Failed to resume the process of encryption/decryption of the system partition/drive. + Error: Failed to start the process of wiping. + Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + WARNING: VeraCrypt Background Task is disabled. After you exit VeraCrypt, you will not be notified if damage to hidden volume is prevented.\n\nNote: You may shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nEnable VeraCrypt Background Task? + Language pack version: %s + Checking the file system on the VeraCrypt volume mounted as %s... + Attempting to repair the file system on the VeraCrypt volume mounted as %s... + Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. + Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E + Please assign a drive letter to the partition/device before proceeding ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nNote that this is a requirement of the operating system. + Mount VeraCrypt volume + Dismount all VeraCrypt volumes + VeraCrypt failed to obtain Administrator privileges. + Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. + The feature is not supported on the version of the operating system you are currently using. + VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. + CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). + Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + Your system partition/drive appears to be fully encrypted. + VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). + As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + This algorithm is currently not supported for system encryption. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. + Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. + As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. + VeraCrypt prevented change of keyboard layout. + Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + Error: Cannot save system encryption settings. + Cannot initiate the system encryption pretest. + Cannot initiate the process of creation of the hidden operating system. + Wipe Mode + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + None (fastest) + 1-pass (random data) + 3-pass (US DoD 5220.22-M) + 7-pass (US DoD 5220.22-M) + 35-pass ("Gutmann") + 256-pass + Number of Operating Systems + WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Boot Drive + Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. + VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. + Number of System Drives + How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. + VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. + Multiple Systems on Single Drive + Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. + Non-Windows Boot Loader + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + Multi-Boot + VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + Detecting Hidden Sectors + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + Area to Encrypt + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Collecting Random Data + Keys Generated + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Rescue Disk Recording + Rescue Disk Created + System Encryption Pretest + Rescue Disk Verified + \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? + Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Pretest Completed + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + Do you want to cancel the system encryption pretest? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + The system partition/drive does not appear to be encrypted (neither partially nor fully). + Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. + An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. + Error: The process of encryption of the partition/drive has not been completed. It must be completed first. + Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + Error: Incorrect/invalid parameter. + You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? + Do you want to create a VeraCrypt file container instead? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Are you sure you want to permanently decrypt the system partition/drive? + CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Failed to upgrade the VeraCrypt Boot Loader. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. + Skip detection of hidden sectors (use the size reported by the operating system) + Try to detect hidden sectors again + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Rescue Disk + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Test + Keyfile + Backspace + Tab + Clear + Enter + Pause + Caps Lock + Spacebar + Page Up + Page Down + End + Home + Left Arrow + Up Arrow + Right Arrow + Down Arrow + Select Key + Print Key + Execute Key + Print Screen + Insert + Delete + Applications Key + Sleep + Num Lock + Scroll Lock + Browser Back + Browser Forward + Browser Refresh + Browser Stop + Browser Search + Browser Favorites + Browser Home + Mute + Volume Down + Volume Up + Next Track + Previous Track + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Application 1 + Application 2 + Attn + CrSel + ExSel + Play + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.fi.xml b/Translations/Language.fi.xml index 92026eb3..2b2819e2 100644 --- a/Translations/Language.fi.xml +++ b/Translations/Language.fi.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Peru - Asenna &kaikille käyttäjille - Se&laa.. - Lisää VeraCrypt ikoni &työpöydälle - Donate now... - Liitä .hc tiedostot &päätteet VeraCrypt ohjelmalle - &Avaa kohde lopuksi - Lisää VeraCrypt &Käynnistys menuun - Luo Systeemin &Palautus piste - &Poista asennus - &Pura - &Asenna - Opastettu VeraCrypt Asennus - Poista VeraCrypt asennus - &Ohje - Valitse tai kirjoita kohde sijainti jonne tiedostot puretaan: - Valitse tai kirjoita VeraCrypt asennus sijainti. Jos määriteltyä sijaintia ei löydetä se luodaan automaattisesti. - Paina Poisto nappia poistaaksesi VeraCrypt järjestelmästä. - Keskeytys - &Benchmark - &Testi - Luo salattu taltio ja formatoi se - Salattu osio tehty - Näytä luodut avaimet (niiden osat) - Näytä poolin sisältö - Lataa CD/DVD toisto ohjelma - Luo salattu tiedostosäilö - &GB - &TB - Lisää tietoa - Pi&ilotettu VeraCrypt taltio - Lisätietoa piilotetuista taltioista - Suoratila - Normaalitila - &KB - Käytä &Avaintiedostoja - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - &Avaintiedostot.. - Tietoa hash algoritmeista - Lisätietoa - Information on PIM - &MB - Lisätietoa - Lisätietoa järjestelmän salauksesta - Lisätietoa - Multi-boot - Salaa tavallinen osio/asema - &Älä tallenna historiatietoja - Avaa Ulkopuolinen Taltio - &Tauko - Use P&IM - Use PIM - Nopea Alustus - &Näytä Salasana - &Näytä salasana - &Display PIM - Single-boot - Standardi VeraCrypt taltio - Pii&lotettu - Normaali - Salaa järjestelmäasema (osio) tai koko kiintolevy - Salaa Windowsin järjestelmäasema/osio - Salaa koko asema - Opastettu VeraCrypt-taltion luonti - Ryhmä - TÄRKEÄÄ: Siirrä hiiresi satunnaisesti tässä ikkunassa. Mitä kauemmin siirrät sitä parempi. Tämä merkittävästi kasvattaa salakuvauksen vahvuutta salausavaimelle. Paina seuraavaksi Seuraava jatkaaksesi. - &Vahvista: - Valmis - Drive letter: - Salausalgoritmi - Järjestelmä - Luo virtuaalisesti salattu levy tiedoston sisälle. Tämä valinta on suositeltava aloittelijalle. - Valinnat - Hash algoritmi - Otsikkoavain: - Jäljellä - Pääavain: - Valitse tämä valinta jos sinulla on kaksi tai useampi käyttöjärjestelmiä asennettuna.\n\nEsimerkiksi:\n- Windows XP ja Windows XP\n- Windows XP ja Windows Vista\n- Windows ja Mac OS X\n- Windows ja Linux\n- Windows, Linux ja Mac OS X - Salaa olemassa oleva sisäinen tai ulkoinen asema tai esimerkiksi muistitikku, eli. D:, E: -asema jne. - Nykyisen poolin sisältö (osittainen) - Läpi - Salasana: - Volume PIM: - Volume PIM: - Suorittaa: - Satunnaisluku: - Valitse tämä valinta jos vain yksi käyttöjärjestelmä on asennettuna (vaikka olisikin useampi käyttäjä). - Nopeus - Tila - Avaimet ja muut datat on nyt onnistuneesti luotu. Jos haluat luoda uuden avaimen, paina Takaisin ja sitten Seuraava. Muutoin, paina Seuraava jatkaaksesi. - Salaa järjestelmäasema/osio, jolle Windows on asennettu, esim. C:-asema. Tämän jälkeen tietokoneen käynnistys edellyttää aina salasanan antamista. - Valitse tämä valinta salataksesi osion missä Windows käyttöjärjestelmä on asennettuna. - Volume Label in Windows: - Tyhjennys Tila: - Sulje - Salli esikäynnistys &autentikointi ohitetaan painamalla Esc näppäintä (aktivoi käynnistys managerin) - Ei tehdä mitään - &Automaattisesti yhdistettävä VeraCrypt taltio (määritelty alla) - &Aloita VeraCrypt - Auto-&tunnista Kirjasto - &Välimuisti esikäynnistys autentikoinnin salasanalle aseman muistissa (ei-järjestelmätaltion kytkemiseksi) - Selaa.. - Selaa.. - Välimuisti salasanat ja avaintie&dostot muistissa - Poistu sitten kun ei ole yhdistettyjä taltioita - &Sulje näennäinen yhteys (kirjaudu ulos) kun taltio on onnistuneesti yhdistetty - Include VeraCrypt Volume Expander - Sisällytä Opastettu VeraCrypt Taltion Luonti - Luo - L&uo Taltio - älä &näytä tekstiä esikäynnistys autentikointi ikkunassa (paitsi alapuolinen käyttäjän viesti) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Käytä Avaintiedostoa - Käytä Avaintiedostoa - &Poistu - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Määrittele - Poista - Avaintiedosto.. - Do not use the following number of processors for encryption/decryption: - More information - More information - Lisää Asetuksia.. - Autoyhdistä &Laitteet - Yhdistä V&alinta.. - Yhdistä taltio vain luku&tilassa - Avaintiedostot.. - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Päällä - Salasanat Ohjaimen Välimuistiin - Automaattinen yhteyden poisto taltiolle kun dataa ei ole luettu/kirjoitettu sille - Käyttäjän ulos kirjautuessa - User session locked - Siirryttäessä Virransäästötilaan - Näytönsäästäjän käynnistyessä - Pakotettu autoyhteyden poisto vaikka taltiolla olisi avoimia tiedostoja tai hakemistoja - Yhdistä kaikki laite ohjatut VeraCrypt taltiot - Käynnistä VeraCrypt Taustatehtävä - Yhdistä taltiot vain lukutilaan - Yhdistä taltiot liikutettavina välineinä - Avaa Selaus ikkuna onnistuneesti yhdistetyille taltioille - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Tyhjennä tallennetut välimuisti salasanat taltioilta auto-poiskytketyillä yhteyksillä - Pyyhi välimuisti salasanat poistuttaessa - Säilytä tiedostojen aikaleimat - Tyhjennä - &Valitse Laite.. - Valitse T&iedosto.. - Valitse &Kirjasto.. - Näytä Salasana - Näytä Salasana - Avaa &Tutkinta Ikkuna Yhdistetyille taltioille - &Välimuistisalasana ajurin muistille - TrueCrypt Mode - P&oista Kaikki Yhteydet - Taltion Ominaisuu&det.. - Taltio&n Työkalut.. - Tyhjennä &Välimuisti - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - Järjestelmän Pikanäppäimet - VeraCrypt - Muuta Salasana tai Avaintiedosto - Anna VeraCrypt Taltion Salasana - VeraCrypt - Performance and Driver Options - VeraCrypt - Ominaisuudet - VeraCrypt - Järjestelmän Salaus Asetukset - VeraCrypt - Turvallisuustunnisteen Preferenssi - VeraCrypt Liikutettavan Levyn Asennus - VeraCrypt Taltion Ominaisuudet - Tietoa.. - Lisää/Poista Avaintiedostot Taltiolle/lta.. - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Varmuuskopioi Taltion Otsikot.. - Nopeustesti.. - Aseta Otsikkoavaimen Periytyvä algoritmi.. - Muuta Taltion Salasana.. - Aseta Otsikko Avaimesta Periytyvä algoritmi.. - Muuta Salasana.. - Tyhjennä Taltion Historia - Sulje Kaikki Turvallisuustunniste Istunnot - Yhteydenotto.. - Luo Piilotettu Käyttöjärjestelmä.. - Luo Pelastuslevy.. - Luo Uusi Taltio.. - Permanently Decrypt... - Oletus Avaintiedosto.. - Default Mount Parameters... - Donate now... - Salaa Järjestelmän Osio/Asema.. - Usein Kysyttyjä Kysymyksiä - Käyttäjäopas - Kotisivu - Pikanäppäimet.. - Avaintiedoston Luonti - Kieli (language).. - Lainmukaiset Tiedotukset - Hallitse Turvallisuustunniste Avaintiedostoja.. - Autoyhdistä Kaikki Laiteisännöidyt Taltiot - Yhdistä Suosikkitaltiot - Yhdistä Ilman esikäynnistys &Autentikointia.. - Yhdistä Taltio - Yhdistä Taltio Valinnoin - Uutiset - Online Avustus - Aloittelijan Koulutus - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Avaa Pysyvästi Salaus Järjestelmän Osiolle/Asemalle - Ominaisuudet.. - Päivitä Asema Kirjaimet - Poista Kaikki Avaintiedostot Taltiolta.. - Palauta Taltion Otsikot.. - Aloita Uudelleen Keskeytetty Prosessi - Valitse Laite.. - Valitse Tiedosto.. - Aloita Uudelleen Keskeytetty Prosessi - Järjestelmän Salaus.. - Ominaisuudet.. - Asetukset.. - Järjestelmän Suosikkitaltiot.. - Lataukset - Koevektorit.. - Turvallisuustunnisteet.. - Liikutettavan Levyn Asennus.. - Poista Yhteys Kaikilta Yhdistetyiltä Taltioilta - Poista Yhdistetyt Taltio - Tarkista Pelastuslevy - Verify Rescue Disk ISO Image - Versio Historia - Volume Expander - Taltion Ominaisuudet - Opastettu Taltion Luonti - VeraCryptin Nettisivut - Tyhjennä Välimuisti Salasanat - OK - Hardware Acceleration - Pikakuvake - Automaattinen käynnistys kokoonpano (autorun.inf) - Automaattinen-yhteyden Poisto - Poista Yhteydet: - Käynnistys Lataus Näyttö Valinnat - Vahvista Salasana - Nykyinen - Näytä tämä käyttäjän sanoma esikäynnistys autentikointi ikkunassa (Maksimi 24 merkkiä): - Oletus yhteys valinnat - Pikanäppäin Valinnat - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Tiedosto Asetukset - Määriteltävä näppäin: - Processor (CPU) in this computer supports hardware acceleration for AES: - Toiminta suorittaa kirjautumisen Windowsiin - minuuttia - Yhdistä taltio kirjaimelle: - Yhdistä asetukset - Uusi - Salasana: - Thread-Based Parallelization - PKCS #11 Kirjasto Polku - PKCS-5 PRF: - PKCS-5 PRF: - Salasana Välimuistiin - Salausvalinnat - VeraCrypt Taustatehtävä - VeraCrypt taltion yhteys (liittyy liikutettavan levyn juureen): - Liikutettavan levyn sisällyttäminen: - Luo liikutettava levytiedosto (Liikutettavan levyjuuri hakemisto): - Taltio - Ikkuna - Lisää P&olku.. - &Auto-testi Kaikille - &Jatka - &Salauksenpurku - &Poista - &Salaus - &Vienti.. - Luo ja Tallenna Avaintiedosto.. - &Luo Satunnais-avaintiedosto.. - Lataa Käännöspaketteja - Hardware-accelerated AES: - &Tuo Avaintiedosto Tunnisteelle.. - Lisää &Tiedostoja.. - Kä&ytä Avaintiedosto - &Avaintiedosto.. - &Poista - Poista &Kaikki - Mikä on piilotettu taltion salaus? - Lisää tietoa avaintiedostoista - Yhdistä talti&o liikutettavana välineenä - Yhdistettyä osiota käyttää järjestelmäsala&usta ilman esikäynnistys autentikointia - Parallelization: - Nopeustesti - &Tulosta - &Suojaa salattu taltio vaurioilta ulkoisten taltioiden kirjoitusta vastaan - &Tyhjennä - &Näytä Salasana - Lisää &Tunniste Tie.. - Käytä varmistettua otsikko varustusta &asemalle jos mahdollista - XTS tila - Tietoa VeraCrypt - VeraCrypt - Salausalgoritmin Nopeustesti - VeraCrypt - Koevektorit - Komentorivi avustus - VeraCrypt - Avaintiedosto - VeraCrypt - Avaintiedoston Luonti - VeraCrypt - Kieli (language) - VeraCrypt - Yhteysvalinta - Uuden Turvallisuustunniste Avaintiedoston Ominaisuudet - VeraCrypt - Satunnainen poolin Rikastus - Valitse Osio tai Laite - VeraCrypt - Turvallisuustunniste Avaintiedostot - Turvallisuustunniste salasana/PIN vaaditaan - Aktiivinen kielipaketti - Nopeus vaikuttaa keskusyksikön (CPU) kuormaan ja tallennus aseman ominaisuuksiin.\n\nNämä nopeustesti tehtiin RAM muistissa. - Puskurin Koko: - Salakirjoitus: - S&alasana taltion piilottamiseen:\n(jos tyhjä, käytetään välimuistia) - Piilotetun Taltion Salaus - Avaimen koko: - TÄRKEÄÄ: Siirrä hiirtäsi satunnaisesti (jos mahdollista) tämän ikkunan sisällä. Mitä kauemmin siirrät, sitä parempi. Tämä lisää merkittävästi avaintiedosto salauksen vahvuutta. - VAROITUS: Jos hävität avaintiedoston tai jokin ensimmäisen 1024 kilobyten bitti muuttuu, on mahdotonta yhdistää taltiota joka käyttää tätä avaintiedostoa! - bittiä - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Käännös: - Ilmitekstin koko: - bittiä - Nykyinen poolin sisältö - Miksattu PRF: - TÄRKEÄÄ: Siirrä hiirtäsi satunnaisesti (jos mahdollista) tämän ikkunan sisällä. Mitä kauemmin siirrät, sitä parempi. Tämä lisää merkittävästi turvallisuutta. Kun valmis, paina 'Jatka'. - Toissijainen avain (hexadecimal) - Turvallisuustunniste: - Järjestäminen: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Lohko numero: - Salakirjoitettu teksti (hexadecimal) - Datan yksikkö numero (64-bit hexadecimal, data yksikön koko on 512 byteä) - Avain (hexadecimal) - Ilmiteksti (hexadecimal) - Avaintiedoston nimi: - XTS tila - &Järjestelmä - &Taltiot - Favor&ites - T&yökalut - A&setukset - &Ohje - Kotisivu - - &Tietoa.. - Vain luku attribuutti vanhalla taltiollasi ei voida muuttaa. Tarkista tiedoston oikeudet. - Virhe: Pääsy evätty.\n\nOsio jonne yritit päästä on joko 0 sektoria pitkä, tai se on käynnistyvä laite. - Pääkäyttäjä - Jotta VeraCrypt ohjaimen lataus olisi mahdollista, sinun on kirjauduttava pääkäyttäjän oikeuksilla. - Huomioi, että salataksesi/alustaaksesi osion/laitteen sinun tulee kirjautua koneelle pääkäyttäjän oikeuksin.\n\nTätä ei pyydetty tiedostoisännöidyille taltioille. - Luodaksesi piilotetun taltion sinun tulee kirjautua koneelle pääkäyttäjän oikeuksin.\n\nJatka? - Huomioi, että kun alustat taltion NTFS tyyppiseksi, sinun täytyy kirjautua koneelle pääkäyttäjän oikeuksilla.\n\nIlman pääkäyttäjän oikeuksia voit alustaa taltion FAT tyyppiseksi. - FIPS hyväksytty koodaus (Rijndael, julkaistu 1998), jota voidaan käyttää U.S. hallituksen osastojen ja toimistojen luottamuksellisten tietojen suojaukseen huippusalaisella tasolla. 256-bitin avain, 128-bitin lohko, 14 kierrosta (AES-256). Toimenpide tila on XTS. - Taltio on jo yhdistetty. - VAROITUS: Ainakin yksi salattu tai hash algoritmi epäonnistui sisäänrakennetulla automaattisella testillä!\n\nVeraCrypt asennus saattaa olla viallinen. - VAROITUS: Satunnaisnumero kehitinallas ei sisällä tarpeeksi dataa toimittaakseen pyydetyn määrän satunnaisdataa.\n\nSinun ei pidä jatkaa pidemmälle. Valitse 'Vika Raportointi' Ohje menusta, ja raportoi tämä virhe. - Asema on vahingoittunut (fyysinen vika löydetty) tai johto on vioittunut, tai muistin toimintahäiriö.\n\nHuomioi, että tämä on ongelma laitteistossasi, ei VeraCrypt ohjelmassa. Siksi älä raportoi tätä virheenä/ongelmana VeraCrypt ohjelmassa ja ÄLÄ pyydä apua tähän VeraCrypt Foorumilla. Ota yhteys tietokoneesi toimittajan tekniseen tukeen. Kiitoksia.\n\nTiedote: Jos virhe tapahtuu jatkuvasti samassa paikassa, on todennäköistä että se johtuu virheellisistä levyn lohkoista, jotka on mahdollista korjata käyttäen kolmannen osapuolen ohjelmistoa (huomioi, että monessa tapauksessa 'chkdsk /r' komento ei korjaa sitä koska se toimii ainoastaan tiedostojärjestelmätasolla; joissakin tapauksissa 'chkdsk' työkalu ei voi edes tunnistaa sitä). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Järjestelmäsi käyttää asiakaskohtaisia piirisarja ajureita joissa on virhe, mikä estää salauksenpurun koko järjestelmäasemalta.\n\nYritä päivittää tai poistaa asennus joltakin asiakas (ei-Microsoft) piirisarjan ajureilta enne kuin jatkat. jos tämä ei auta, yritä purkaa salaus ainoastaan järjestelmäosiolta. - Virheellinen aseman tunnus. - Virheellinen Polku. - &Peruuta - Ei pääsyä laitteelle. Varmista, että valittu laite on olemassa ja ei ole järjestelmän käytössä. - Varoitus: Caps Lock on päällä. Tämä voi aiheuttaa virheen salasanaa annettaessa. - Taltion Tyyppi - Näin voi tapahtua kun olet pakotettu paljastamaan jollekin salatun taltion salasanan. On monta tilannetta jossa et voi kieltäytyä paljastamasta salasanaa (esimerkiksi, kiristyksessä). Käytä niin kutsuttua piilotettua taltiota, jolloin tällaisia pakotettuja salasanan luovuttamisia taltiolle ei tapahdu. - Valitse tämä valinta jos haluat luoda tavallisen VeraCrypt taltion. - Huomioi, että jos tahdot käyttöjärjestelmän asennettavan piilotetulle osioisännöidylle asemalle, siten kokonaista järjestelmäasemaa ei voida salata käyttäen yhtä avainta. - Ulkoisen Taltion Salauksen Valinnat - Piilotetun Taltion Salauksen Valinnat - Salauksen Valinnat - VAROITUS: Virhe pyyhittäessä viimeksi valitun taltion/avaintiedoston polkua (tiedosto valitsimen muistissa)! - Virhe: Säilö on tiivistetty tiedostojärjestelmätasolla. VeraCrypt ei tue tiivistettyjä säilöjä (Huomioi, että tiivistetty salattu data on tehoton ja tarpeeton).\n\nPoista säilön tiivistys seuraavalla tavalla: 1) Hiiren oikea klikkaus Windowsin resurssinhallinnassa (ei VeraCryptissä). 2) Valitse 'Ominaisuudet'. 3) 'Ominaisuudet' ikkunassa paina 'Lisäominaisuudet'. 4) 'Lisäominaisuus' ikkunassa, poista valinta 'Sisällön tiivistys säästää levytilaa' ja paina 'OK'. 5) 'Ominaisuudet' ikkunassa, paina 'OK'. - Virhe luodessa %s taltio - %s koko on %.2f byteä - %s koko on %.2f KB - %s koko on %.2f MB - %s koko on %.2f GB - %s koko on %.2f TB - %s koko on %.2f PB - VAROITUS: Laite/osio on jo käyttöjärjestelmän tai sovelluksen käytössä. Alustamalla nyt laitteen/osion sillä saattaa olla vaikutusta joko datan tuhoutumiselle ja järjestelmän epävakauteen.\n\nJatka? - Varoitus: Osion on käyttöjärjestelmän ja sovelluksen käytössä. Sinun tulee sulkea sovellus joka saattaa käyttää osiota (sisältäen virustorjunta ohjelman)).\n\nJatka? - Virhe: Laite/osio sisältää tiedostojärjestelmän jolta ei voida poistaa yhteyttä. Tiedostojärjestelmä saattaa olla järjestelmän käytössä. Alustamalla laite/osio suurella todennäköisyydellä aiheuttaa datan vioittumisen ja järjestelmän epävakauden.\n\nRatkaisu: Suosittelemme, että ensiksi poistat osion ja luot sen uudelleen ilman alustusta. Tehtyäsi näin, seuraavaksi: 1) Klikkaa hiiren oikealla 'Tietokone' (tai 'My Computer') ikonia 'Käynnistä' menusta ja valitse 'Hallitse'. 'Tietokone hallinta' ikkuna ilmestyy. 2) 'Tietokone hallinta' ikkunassa, valitse 'Storage' > 'Disk Management'. 3) Klikkaa hiiren oikealla osio jonka haluat salakirjoittaa ja valitse joko 'Poista Osio', tai 'Poista Taltio', tai 'Poista Looginen Asema'. 4) Paina 'Kyllä'. Jos Windows pyytää sinua käynnistämään tietokoneen uudelleen, tee niin. Sitten toista kohdat 1 ja 2 ja jatka kohtaan 5. 5) Klikkaa hiiren oikealla allokoimaton/vapaa tilan alue ja valitse joko 'Uusi Osio', tai 'Uusi Yksinkertainen Taltio', tai 'Uusi Looginen Asema'. 6) 'Uusi Osio Velho' tai 'Uusi Yksinkertainen Taltio Velho' ikkuna pitäisi nyt ilmestyä; seuraamalla ohjeita. Velhon sivulla nimetty 'Alusta Osio', valitse molemmat 'Älä alusta tätä osiota' tai 'Älä alusta tätä taltiota'. Samassa opastuksessa, paina 'Seuraava' ja sitten 'Lopeta'. 7) Huomioi, että laite polku jonka valitsit VeraCrypt voi olla väärä. Siksi, poistu VeraCrypt ohjelman Opastetusta Taltion Luonnista (jos se edelleen on toiminnassa) ja aloita uudelleen. 8) Yritä salakirjoittaa laite/osio uudelleen.\n\nJos VeraCrypt toistuvasti epäonnistuu laite/osion salakirjoituksessa, saatat harkita haluavasi luoda sen sijaan tiedosto säilön. - Virhe: Tiedostojärjestelmä ei voida lukita ja/tai pois-kytkeä. Se saattaa olla käytössä käyttöjärjestelmällä tai sovelluksilla (esimerkiksi, virustorjunta ohjelmalla). Salatessasi osion saattaa aiheuttaa korruptoitumisen ja järjestelmän epävakauden.\n\nOle hyvä ja sulje sovellukset jotka saattavat olla tiedostojärjestelmän käytössä (sisältäen virustorjunta ohjelman) ja yritä uudelleen. Jos tämä ei auta, ole hyvä ja seuraa alla olevia ohjeita. - VAROITUS: Jotkin yhdistetyt laitteet/osiot ovat jo käytössä!\n\nHylkäämällä tämän saatat aiheuttaa ei toivotun tuloksen sekä epästabiilin järjestelmän.\n\nSuosittelemme että suljet sovelluksen joka saattaa käyttää tätä laitetta/osiota. - Valittu laite sisältää osion.\n\nAlustamalla laitteen saattaa aiheutua järjestelmän epävakautta ja/tai tietojen vioittumista. Valitse joko laitteen osio, tai poista kaikki laitteen osiot jotta VeraCrypt voi alustaa sen turvallisesti. - Valittu ei-järjestelmäasema sisältää osioita.\n\nSalattu laiteisännöity VeraCrypt taltio voidaan luoda laitteen sisälle jotka eivät sisällä osioita (sisältäen kovalevyn ja kiinteän aseman). Laite joka sisältää osion voidaan täysin salata (käyttäen yksinkertaista pääavainta) ainoastaan jos se on laite jonne Windows on asennettuna ja josta se myös käynnistyy.\n\nJos haluat salata valitun ei-järjestelmälaitteen käyttäen yksinkertaista pääavainta, sinun tulee poistaa ensin kaikki osiot laitteelta mahdollistaaksesi VeraCrypt formatoida se turvallisesti (formatoidessasi laitteen joka sisältää osioita saattaa johtaa järjestelmä epävakauteen ja/tai tietojen korruptoitumiseen). Vaihtoehtoisesti, voit salata jokaisen osion laitteelta yksilöllisesti (jokainen osio salataan käyttäen erilaista pääavainta).\n\nHuomioi: Jos haluat poistaa kaikki osiot GPT levyltä, sinun saattaa tarvita muuntaa MBR levy (käyttäen esim. Computer Management työkalua) poistaaksesi piilotetun osion. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - TÄRKEÄÄ: Muista että tätä taltiota EI voida kytkeä/käyttää käyttämällä asema kirjainta %c:, mikä sille on nykyisellään määritelty!\n\nKytkeäksesi taltion, paina 'Autoyhdistä Laitteet' VeraCrypt pääikkunassa (vaihtoehtona, VeraCrypt pääikkunassa, paina 'Valitse Laite', ja sitten valitse osio/laite, ja paina 'Yhdistä Laite'). Taltio kytketään eri kirjaimelle, jonka valitsit VeraCrypt pääikkunan listalta.\n\nAlkuperäinen kirjain %c: tulee käyttää vain siinä tapauksessa, että sinun tarvitsee poistaa salaus osiolta/laitteelta (esim., jos et tarvitse enää salausta). Siinä tapauksessa, paina hiiren oikealla asema kirjainta %c: 'Tietokone' (tai 'My Computer') listalta ja valitse 'Formatoi'. Muutoin, asema kirjainta %c: ei tule koskaan käyttää (paitsi jos poistat sen ja uudelleen määrittelet toiselle kirjaimelle osion/laitteen). - Paikallisen ei-järjestelmä aseman salaus ei ole tuettu käyttöjärjestelmässäsi (tuettuna ovat ainoastaan Windows Vista ja myöhemmät Windows versiot).\n\nSyy tähän on se ettei Windows tue tiedostojärjestelmän kutistusta (järjestelmäosio tarvitsee kutistaa tehdäkseen tilaa asemaotsikolle ja varmuustallennukselle). - Valittu osio ei sisällä NTFS tiedostojärjestelmää. Ainoastaan osiot jotka sisältävät NTFS tiedostojärjestelmän voidaan salata paikallaan.\n\nHuomio: Syy tähän on se, että Windows ei tue kutistamista toisentyyppisillä tiedostojärjestelmillä (tiedostojärjestelmä täytyy kutistaa tehdäkseen tilaa taltion otsikoille ja varmuustallentamiseksi). - Valittu osio ei sisällä NTFS tiedostojärjestelmää. Ainoastaan osiot jotka sisältävät NTFS tiedostojärjestelmän voidaan salata paikallaan.\n\nJos haluat luoda salatun VeraCrypt taltion tälle osiolle, valitse "Luo salattu taltio ja formatoi se" (sen sijaan kuin valinta "Salaa osio paikallaan"). - Virhe: Osio on liian pieni. VeraCrypt ei voi salata sitä. - Salataksesi tietoja tälle osiolle, valitse seuraavat askeleet:\n\n1) Luo VeraCrypt taltio tyhjälle osiolle/laitteelle ja sitten kytke se.\n\n2) Kopioi kaikki tiedostot osiolta jotka alkuperäisesti halusit salata kytketylle VeraCrypt taltiolle (tämä luotiin ja kytkettiin kohdassa 1). Tällä tavoin, luot VeraCrypt-salatun varmuustallennetut tiedot.\n\n3) Luo VeraCrypt taltio osiolle jonka alkuperäisesti halusit salata ja varmista että (Opastettu VeraCrypt Taltio) valitset valinnan "Luo salattu taltio ja formatoi se" (sen sijaan kuin valitsisit "Salaa osio paikallaan"). Huomioi että kaikki tiedot tallennettuna osiolle poistuvat. Kun taltio on luotu, kytke se.\n\n4) Kopioi kaikki tiedostot kytketylle varmuustalletus VeraCrypt taltiolle (luotu ja kytketty kohdassa 1) kytke VeraCrypt taltio jonka olet luonut (ja kytketty) kohdassa 3.\n\nKun olet suorittanut nämä kohdat, tiedot salataan ja lisäksi siellä tulee olemaan varmuustallennettu salatut tiedot. - VeraCrypt salata paikalla ainoastaan osion, dynaamisen taltion, tai kokonaisen järjestelmä aseman.\n\nJos haluat luoda salatun VeraCrypt taltion valitun ei-järjestelmälaitteen sisälle, valitse valinta "Luo salattu taltio ja formatoi se" (sen sijaan että valitsisit "Salaa osio paikalla"). - Virhe: VeraCrypt voi salata paikalla ainoastaan osion, dynaamisen taltion, tai kokonaisen järjestelmä aseman. Varmista että määritelty polku on olemassa. - Virhe: Ei voida kutistaa tiedostojärjestelmää (tiedostojärjestelmä tarvitsee kutistusta tehdäksesi tilaa asemaotsikolle ja varmuustallennukselle).\n\nMahdollinen seuraus ja ratkaisut:\n\n- Ei tarpeeksi tilaa asemalla. Varmista ettei muut sovellukset kirjoita tiedostojärjestelmään.\n\n- Vioittunut tiedostojärjestelmä. Yritä tarkistaa ja korjata virheet (klikkaa hiirenoikella aseman kirjainta 'Tietokone' listalta, sitten valitse Ominaisuudet > Työkalut > 'Tarkista Nyt', varmista että valinta 'Automaattinen korjaus tiedostojärjestelmälle' on päällä ja paina Aloita).\n\nJos aiemmat vaiheet eivät auta, seuraa seuraavia vaiheita. - Virhe: Asemalla ei ole tarpeeksi tilaa ja siksi tiedostojärjestelmää ei voitu kutistaa (tiedostojärjestelmää tarvitsee kutistaa tehdäkseen tilaa taltion otsikolle ja varmuustallenteella).\n\nOle hyvä ja poista tarpeettomat tiedostot ja tyhjennä roskakori siten että on vähintään 256 KB vapaata tilaa ja yritä uudelleen. Huomioi että on Windows asia, vapaan tilan määrä ilmoitettuna Windows Resurssinhallinnassa voi olla virheellinen ennen kuin käyttöjärjestelmä on uudelleen käynnistetty. Jos uudelleen käynnistys ei auta, tiedostojärjestelmä saattaa olla vioittunut. Yritä tarkistaa se ja korjata virheet (hiiren-oikean painallus asemakirjaimen kohdalla 'Tietokone' listalta, sitten valitse Ominaisuudet > Työkalut > 'Tarkista Nyt', varmista että valinta 'Automaattinen korjaus tiedostojärjestelmälle' on päällä ja paina Aloita).\n\nJos aiemmat vaiheet eivät auta, seuraa seuraavia vaiheita. - Vapaa tilaa %s asemalla on %.2f byteä. - Vapaa tilaa asemalla %s on %.2f KB - Vapaa tilaa asemalla %s on %.2f MB - Vapaa tilaa asemalla %s on %.2f GB - Vapaa tilaa asemalla %s on %.2f TB - Vapaa tilaa asemalla %s on %.2f PB - Levykirjaimien haku epäonnistui. - Virhe: VeraCrypt levyä ei löydy.\n\nKopioi tiedosto 'veracrypt.sys' ja 'veracrypt-x64.sys' hakemistoon, jossa VeraCrypt sovellus (VeraCrypt.exe) sijaitsee. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Virhe: Salakirjoitus alustus virhe. - Virhe: Heikko tai mahdollinen heikko avain on havaittu. Avain hylätty. Yritä uudelleen. - Kriittinen virhe on tapahtunut ja VeraCrypt täytyy keskeyttää. Jos tämä johtui virheestä VeraCrypt ohjelmassa, haluaisimme korjata sen. Auttaaksesi meitä, voit lähettää automaattisesti generoidun raportin mikä sisältää seuraavat asiat:\n\n- Ohjelma versio\n- Käyttöjärjestelmäverso\n- CPU tyyppi\n- VeraCrypt komponentin nimi\n- Tarkistussumma VeraCrypt ohjelmasta\n- Symbolinen dialogin ikkunan nimi\n- Virhe kategoria\n- Virhe osoite\n- VeraCrypt kutsu pino\n\nJos valitsit 'Kyllä', seuraava URL (sisältää virheraportin) avataan oletusselaimessasi.\n\n%hs\n\nHaluatko lähettää meille oheisen virheraportin? - Kriittinen virhe tapahtunut järjestelmässäsi, mikä vaatii VeraCrypt ohjelman keskeyttämisen.\n\nHuomioi että tämä virhe ei ole tapahtunut johtuen VeraCrypt ohjelmasta (siksi VeraCrypt kehittäjät eivät voi sitä korjata). Ole hyvä ja tarkista järjestelmäsi mahdollisten ongelmien johdosta (esim., järjestelmä asetukset, verkkoyhteys, vioittuneet järjestelmä osat). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt Kriittinen Virhe - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Salaa - &Salauksenpurku - Salaus Avattu &Pysyvästi - Lopetus - Luo looginen asema laajennetulle osiolle ja yritä uudelleen. - VeraCrypt taltio voi sijaita tiedostossa (kutsutaan VeraCrypt säilöksi), joka voi sijaita esim. kovalevyllä, USB muistissa. VeraCrypt säilö on kuin mikä tahansa tavallinen tiedosto (sitä voidaan esimerkiksi, siirtää, kopioida ja tuhota kuten tavallista tiedostoa). Paina 'Valitse Tiedosto' valitaksesi tiedostonimen säilölle sekä sen sijainnin.\n\nVAROITUS: Jos valitset olemassa olevan tiedoston, VeraCrypt EI salaa sitä; tiedosto tuhotaan ja korvataan uudella luodulla VeraCrypt säilöllä. Sinun on mahdollista salata olemassa oleva tiedosto (jälkikäteen) siirtämällä ne VeraCrypt säilöön, jota olet nyt luomassa. - Valitse luotavan ulkoisen taltion sijainti (se luodaan tälle piilotetulle taltiolle myöhemmin).\n\nVeraCrypt taltio voi sijaita tiedostossa (kutsutaan VeraCrypt säilöksi), joka voidaan sisällyttää esim. kovalevylle tai USB muistiin. VeraCrypt säilö voidaan siirtää, kopioida ja poistaa kuten mitä tahansa tavallista tiedostoa. Paina 'Valitse Tiedosto' valitaksesi tiedostonimen säilölle ja valitse luotava säilön sijainti. Jos valitset jo olemassa olevan tiedoston, VeraCrypt EI SALAA sitä; tiedosto poistetaan ja korvataan uudella luodulla VeraCrypt säilöllä. Sinun on mahdollista salata olemassa olevat tiedostot (myöhemmin) siirtämällä ne VeraCrypt säilöön, jota olet nyt luomassa. - Salattu laite isännöity VeraCrypt taltiot voidaan luoda kovalevylle osion sisälle, kiinteä tila asemalle, USB muistitikulle, tai mille tahansa tuetulle tallennus asemalle. Osiot voivat olla myös salattuja paikallaan.\n\nLisäksi, salattu laite isännöity VeraCrypt taltiot voidaan luoda laiteen sisälle jotka sisältävät mitä tahansa osioita (sisältäen kovalevyn ja kiinteä tilainen asema).\n\nHuomioi: Laite joka sisältää osioita voidaan täysin salata paikallaan (käyttäen yksinkertaista avainta) ainoastaan jos se on asema jossa Windows on asennettuna ja josta se käynnistyy. - Laite isännöity VeraCrypt taltio voi olla luotuna kovalevyn osiolle, kiinteätilainen asema, USB muistitikku, ja muu talletus laite.\n\nVAROITUS: Huomioi että osio/laite formatoidaan ja kaikki nykyiset tallennetut tiedot katoavat. - \nValitse luotavan ulkoisen taltion sijainti (tämän taltion sisään luodaan myöhemmin piilotettu taltio).\n\nUlkoiset taltioit voidaan luoda kovalevylle osion sisälle, kiinteä tilaiset asemat, USB muistitikut, ja mille tahansa tuetulle ulkoiselle tallennus laitteelle. Ulkoiset taltiot voidaan luoda myös laitteen sisälle mikä ei sisällä osioita (sisältäen kovalevyn ja kiinteätilainen laite).\n\nVAROITUS: Huomioi että osio/laite formatoidaan ja kaikki nykyisin sille tallennetut tiedot katoavat. - \nValitse VeraCrypt ohjelman sijainti taltiolle, jonka tahdot luotavan piilotetulle taltiolle. - VAROITUS: Kadonnut tiedosto/asema on jo käytössä!\n\nHylkäämällä tämän voit aiheuttaa järjestelmän epästabiilisuutta. Kaikki sovellukset jotka käyttävät isäntä tiedostoa/asemaa (esimerkiksi, virustorjunta tai varmuustallennus sovellukset) tulee sulkea ennen kuin kytket taltion.\n\nJatkatko kytkemistä? - Virhe: Taltiota ei voida yhdistää. Verkkolevyn tiedosto/laite on jo käytössä. Yritys yhdistää ilman rajattuja oikeuksia myös epäonnistui. - Tiedostoa ei voida avata. - Taltion sijainti - Isot Tiedostot - Aiotko tallentaa tiedoston tälle VeraCrypt asemalle, joka koko on suurempi kuin 4 GB? - Riippuen tekemästäsi valinnasta yllä, VeraCrypt valitsee sopivimman oletus tiedostojärjestelmän VeraCrypt asemalle (sinun on mahdollista valita tiedostojärjestelmä seuraavassa vaiheessa). - Kun olet luomassa ulkoisen aseman, sinun täytyy harkita valitsemalla 'Ei'. Jos valitset 'Kyllä', oletus tiedostojärjestelmä tulee olemaan NTFS, mikä ei ole niin sopiva ulkoiselle asemalle kuin FAT (esimerkiksi maksimi mahdollinen koko piilotetulle asemalle on huomattavasti suurempi jos ulkoinen asema on formatoitu FAT:ksi). Tavallisesti, FAT on oletuksena sekä piilotetuille ja normaaleille asemille (siksi FAT asemat eivät ole epäilyttäviä). Kuitenkin, jos käyttää osoittaa aikomuksenaan tallentaa suuremman tiedoston kuin 4 GB (jota FAT tiedostojärjestelmä ei salli), siten FAT ei ole oletuksena. - Oletko varma että valitset 'Kyllä' ? - Taltion Luonti Tila - Tämä on nopein tapa luoda osio- tai laite isännöity VeraCrypt taltio (paikalla salaus, mikä on toinen vaihtoehto, on hidas koska jokainen sektorin sisältö pitää lukea ensin, salattu, ja sitten kirjoitettu). Mikä tahansa nykyinen tallennettu tieto valitulla osiolla/laitteella katoavat (tietoja EI salata; ne ylikirjoitetaan satunnaistiedolla). Jos haluat salata olemassa olevan osion datan, valitse toinen vaihtoehto. - Kokonainen valittu osio ja kaikki tallennetut tiedot tullaan salaamaan paikallaan. Jos osio on tyhjä, sinun tulee valita toinen vaihtoehto (taltio luodaan paljon nopeammin). - Huomioi: - &Aloita uudelleen - &Lykkää - &Aloita - &Jatka - &Alusta - &Pyyhi - Keskeytä alustus? - Näytä lisää tietoa - älä näytä tätä enää - Osion/aseman sisältö on onnistuneesti tyhjennetty. - Osio sisältö missä alkuperäinen järjestelmä (missä piilotettu järjestelmä on kopio) sijaitsee on onnistuneesti poistettu. - Varmista, että Windows-versio, jonka aiot asentaa (pyyhityltä osiolta) on sama kuin Windows-versio, joka sinulla on parhaillaan käynnissä. Tämä on tarpeen johtuu siitä, että molemmat järjestelmät jakavat yhteisen boot-osion. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - Järjestelmäosion/aseman salaus on onnistuneesti avattu. - \n\nVeraCrypt taltio on luotu onnistuneesti ja se on valmiina käytettäväksi.\n\nJos haluat luoda toisen VeraCrypt taltion, paina Seuraava.\n\nMuussa tapauksessa, paina Lopetus. - \n\nPiilotettu VeraCrypt taltio on onnistuneesti luotu (piilotettu käyttöjärjestelmä sijaitsee tämän piilotetun taltion sisällä).\n\nPaina Seuraava jatkaaksesi. - Asema Täysin Salattu - Volume Fully Decrypted - TÄRKEÄÄ: KYTKEÄKSESI TÄMÄN UUDEN LUODUN VERACRYPT TALTION JA PÄÄSY TALLENTAMAAN SILLE, PAINA 'Autoyhdistä Laitteet' VERACRYPT PÄÄIKKUNASSA. Sen jälkeen kun annat oikean salasanan (ja/tai toimitat oikean avaintiedoston), taltio yhdistetään asema kirjaimelle jonka valitsit VeraCrypt ohjelman pääikkunasta (ja sinun on mahdollista päästä salatuille tiedolle valitun asema kirjaimen kautta).\n\nMUISTA TAI KIRJOITA YLöS ALLA OLEVAT VAIHEET. SINUN TULLE SEURATA NIITÄ AINA KUN HALUAT YHDISTÄÄ TALTION JA PÄÄSTÄ KIINNI TALLENNETTUIHIN TIETOIHIN. Vaihtoehtoisesti, VeraCrypt pääikkunasta, paina 'Valitse Laite', ja sitten valitse osio/taltio, ja paina 'Yhdistä'.\n\nOsio/taltio on onnistuneesti salattu (se sisältää nyt täysin salatun VeraCrypt taltion) ja on valmis käytettäväksi. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCrypt taltio on luotu onnistuneesti. - Taltio Luotu - TÄRKEÄÄ: Siirrä hiirtäsi satunnaisesti tässä ikkunassa. Mitä kauemmin siirrät sen parempi. Tämä merkittävästi kasvattaa salausavaimen vahvuutta. Paina 'Alusta' luodaksesi taltion. - Paina 'Alusta' luodaksesi ulkoisen taltion. Lisätietoa, katso maininnat dokumentoinnista. - Ulkoisen Taltion Alustus - Piilotetun Taltion Alustus - Taltion Alustus - Adobe Reader (tai muu yhteensopiva työkalu) on tarpeen näyttämään tai tulostamaan VeraCrypt Käyttäjäoppaan. Adobe Reader (freeware) voit ladata vapaasti: www.adobe.com\n\nHaluatko nähdä sen sijaan online dokumentaation? - Jos valitset tämän valinnan, opastus ensiksi auttaa luomaan tavallisen VeraCrypt taltion ja sitten piilotetun VeraCrypt taltion sen sisälle. Aloittelevan käyttäjän tulisi aina valita tämä valinta. - Jos valitset tämän valinnan, luot piilotetun taltion nykyisen VeraCrypt taltion sisään. Otaksutaan että olet jo luonut VeraCrypt taltion, joka on sopiva isännöimään piilotettua taltiota. - Taltion Luonti Tila - Piilotettu Taltion Luotu - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - Olet käynnistänyt piilotetun käyttöjärjestelmän. Kuten olet huomannut, piilotettu käyttöjärjestelmä näyttäisi olevan asennettuna samalla osiolle kuin alkuperäinen käyttöjärjestelmä. Kuitenkin, todellisuudessa, se on asennettuna se takana oleva osion sisään (piilotetulle taltiolle). Kaikki luku ja kirjoitus toiminnot ovat näkymättömiä ohjauksia alkuperäiseltä piilotetulle taltiolle.\n\nKumpikaan käyttöjärjestelmä tai sovellus eivät tiedä tietojen kirjoituksesta sille ja lukemisesta siltä käyttöjärjestelmäosiolta ovat todellisuudessa kirjoitettu ja luettu sen takana olevalta osiolta (piilotetulle/lta taltiolta). Mitään sellaista tietoa on salattu ja purettu salaus lennossa (salatun avain ero siltä käytetään houkutuslintu käyttöjärjestelmänä).\n\n\nOle hyvä ja paina Seuraava jatkaaksesi. - Ulkoinen taltio on luotu ja kytketty asemalle %hc:. Tälle ulkoiselle taltiolle sinun tulee kopioida jotakin herkältä näyttäviä tiedostoja joita ET halua piilottaa. Ne ovat siellä koska jos olet pakotettu paljastamaan ensimmäiselle osiolle järjestelmäosion takana, missä ovat sekä ulkoinen taltio että piilotettua taltio (sisältää piilotetun käyttöjärjestelmän) sijaitsevat. Sinun on mahdollista paljastaa salasana ulkoiselle taltiolle ja olemassa olevalle piilotetulle taltiolle (ja piilotetulla käyttöjärjestelmällä) pysyy salassa.\n\nTÄRKEÄÄ: Tiedostot jotka kopioit ulkoiselle taltiolle ei pidä varata enempää kuin %s. Muutoin, siellä ei ole riittävästi tilaa piilotetulle ulkoiselle taltiolle (ja sinun ei ole mahdollista jatkaa). Kun olet lopettanut kopioinnin, paina Seuraava (älä pois kytke taltioita). - Ulkoinen taltio on luotu onnistuneesti ja yhdistetty asemalle %hc:. Tälle asemalle sinun pitää nyt kopioida jokin arkaluontoisen näköinen tiedosto jota sinä ET oikeasti tahdo piilottaa. Tiedostot ovat siellä koska kukaan ei pakota sinua paljastamaan salasanaasi. Sinä kerrot ainoastaan salasanan ulkoiselle taltiolle, et piilotetulle. Tiedostot joista todella välität ovat tallennetut piilotetulle taltiolle, joka luodaan myöhemmin. Kun lopetat kopioinnin, paina Seuraava. Älä irrota taltiota.\n\nTiedotus: Kun painat Seuraava näppäintä, ulkoisen taltio ryhmän bittikartta tutkitaan määritettäessä keskeytymättömän vapaan alueen kokoa joka päättyy taltion lopussa. Tämä alue sijaitsee piilotetulla taltiolle, siksi se rajoittaa mahdollisen maksimi koon. Ryhmä bittikartta käydään läpi varmistettaessa sen ettei ulkoinen piilotettu taltion ole ylikirjoittanut dataa. - Ulkoinen Taltio Sisältö - \n\nSeuraavassa vaiheessa asetat vaihtoehdot ulkoiselle taltiolle (jonne piilotettu taltio luodaan myöhemmin). - \n\nSeuraavaksi, sinä luot niin kutsutun ulkoisen VeraCrypt taltion joka on ensimmäisen osion sisällä käyttöjärjestelmän osion takana (kuten selostimme yhdessä edellisissä askeleissa). - Ulkoinen Taltio - Seuraavissa vaiheissa, sinun tulet valitsemaan vaihtoehdon ja salasanan piilotetulle taltiolle, mikä sisältää piilotetun käyttöjärjestelmän.\n\nMaininta: Klusterin bittikartta ulkoiselle taltiolle on skannattu keskeytymättömän alueen tunnistamiseksi vapaalla alueella mikä on järjestetty ulkoisen taltion loppuun. Tämä alue sisältää piilotetun taltion, siksi se rajoittaa mahdollisen maksimi koon. Maksimi mahdollinen koko piilotetulle taltiolle on tunnistettu ja vahvistettu olevaksi isompi kuin järjestelmäosion koko (mikä on vaadittu, koska kokonainen sisältö tarvitaan kopioida piilotetulle taltiolle). Tämä takaa sen että nykyisin ulkoiselle taltiolle tallennettu tietoa ei ylikirjoiteta piilotetun taltion kirjoitetulla tiedolla. - TÄRKEÄÄ: Muista valitsemasi algoritmi tässä vaiheessa. Sinun tulee valita sama algoritmi houkutuslintu järjestelmälle. Muutoin, piilotettu järjestelmän sisään ei ole pääsyä! (Houkutuslintuna oleva järjestelmä tulee salata samalla salausalgoritmilla kuin piilotettu järjestelmä.)\n\nHuomioi: Syy tähän on se, että houkutuslintuna oleva järjestelmä ja piilotettu järjestelmä jakavat yhden ja saman Käynnistyslataajan, mikä tukee ainoastaan yksinkertaista algoritmia, käyttäjän valitsema (jokaiselle algoritmille, siellä on erityinen versio VeraCrypt Käynnistyslataajasta). - \n\nTaltio ryhmän bittikartta on tutkittu ja piilotetun taltion suurin mahdollinen koko määritetty. Seuraavaksi valitset vaihtoehdot, koko, ja salasana piilotetulle taltiolle. - Piilotettu Taltio - Piilotettu taltio on suojattu vaurioita vastaan kunnes ulkoinen taltio on purettu.\n\nVAROITUS: Jos jotakin dataa yritetään tallentaa piilotetulle taltion alueelle, VeraCrypt aloittaa kirjoitus suojauksen taltiolle (sekä ulkoinen että piilotetut osat) ennen kuin sen on purettu. Tämä saattaa aiheuttaa tiedostojärjestelmän vioittumisen ulkoisella taltiolle, joka (jos toistetaan) saattaa todennäköisesti vaikuttaa epäsuotuisasti piilotetulle taltiolle. Siksi, sinun täytyy pyrkiä välttämään kirjoittamista piilotetulle taltion alueelle. Data joka tallennetaan piilotetulle taltion alueelle ei tallenneta ja se häviää. Windows saattaa raportoida tästä kirjoitus virheellä ("Viivästetty Kirjoitus Epäonnistui" tai "Parametrit olivat virheelliset"). - Jokainen piilotettu taltio uudessa yhdistetyssä taltiossa in nyt suojattu vahinkoja vastaan ennen yhteys poistetaan.\n\nVAROITUS: Jos jokin yrittää tallentaa joillekin näistä suojatuista piilotetuista taltioiden alueista, VeraCrypt aloittaa kirjoitus suojauksen koko taltiolle (sekö ulkoiselle että piilotetulle osalle) ennen kuin ne on purettu. Tämä saattaa aiheuttaa tiedostojärjestelmän korruptoitumisen ulkoisella taltiolle, joka (jos toistetaan) saattaa haitallisesti vaikuttaa todennäköisesti kiistanalaisesti piilotetulle taltiolle. Siksi sinun täytyy yrittää välttää kirjoittamasta piilotetulle taltion alueelle. Mikä tahansa data tallennettuna suojatulle piilotetulle taltion alueelle ei tallenneta ja se häviää. Windows saattaa raportoida tästä kirjoitus virheellä ("Viivästetty Kirjoitus Epäonnistui" tai "Parametrit ovat virheelliset"). - VAROITUS: Dataa on yritetty tallentaa piilotetulle taltion alueelle joka on yhdistetty nimellä %c:! VeraCrypt torjuu näiden datojen tallennuksen suojatakseen piilotetun taltion. Tämä saattaa aiheuttaa tiedostojärjestelmän vioittumisen ulkoisella taltiolle, ja Windows saattaa raportoida kirjoitus virheellä ("Viivästetty Kirjoitus Epäonnistui" tai "Parametrit ovat virheelliset"). Koko taltio (sekä ulkoinen että piilotettu osa) kirjoitus suojataan ennen kuin se puretaan. Jos tämä ei ole ensimmäinen kerta kun VeraCrypt on torjunut datan kirjoittamisen tämän taltion piilotetulle taltio alueelle, tämä taltio saattaa olla todennäköisesti vaikuttanut kiistanalaisesti haitalliselta (mahdollisten epätavallisten ristiriitojen ulkoisella tiedostojärjestelmällä). Siksi, sinun täytyy harkita uuden VeraCrypt taltion luontia (Nopea Alustus poispäältä) ja siirtää tiedostot tältä taltiolta uudelle taltiolle; tämä taltio täytyy turvallisesi tyhjentää (sekä ulkoinen että piilotettu osa). Vahvasti suosittelemme että nyt uudelleen käynnistät käyttöjärjestelmän. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - Turvallisuus syistä, kun piilotettu käyttöjärjestelmä on toiminnassa, piilotettu taltio voidaan luoda ainoastaan 'suora' tilassa (koska ulkoinen taltio täytyy aina yhdistää vain lukutilassa).\n\nLuodaksesi piilotetun taltion turvallisesti, seuraa näitä vaiheita:\n\n1) Käynnistä houkutuslintuna oleva järjestelmä.\n\n2) Luo tavallinen VeraCrypt taltio ja tälle taltiolle, kopioi jotakin herkältä näyttäviä tiedostoja joita ET oikeasti halua piilottaa (taltiosta tulee ulkoinen taltio).\n\n3) Käynnistä piilotettu järjestelmä ja käynnistä VeraCrypt Opastettu Taltion Luonti. Jos taltio on tiedosto pohjainen, siirrä se järjestelmäosiolle tai toiselle piilotetulle taltiolle (muutoin, vasta luotu piilotettu taltio voidaan yhdistää vain lukutilassa ja sitä ei voida formatoida). Seuraa ohjeita opastetussa tilassa siten että valitse 'suora' piilotettu taltion luonti tila.\n\n4) Opastetussa luonnissa, valitse taltio jonka teit vaiheessa 2 ja sitten seuraa ohjeita luodaksesi piilotetun taltion sen sisään. - Turvallisuus syistä, kun piilotettu käyttöjärjestelmä on toiminnassa, paikallinen salaamaton tiedostojärjestelmä ja ei-piilotettu VeraCrypt taltiot ovat yhdistettyinä lukutilassa (dataa ei voida kirjoittaa tällaiselle tiedostojärjestelmälle tai VeraCrypt taltioille).\n\nTietoa voidaan kirjoittaa mille tahansa tiedostojärjestelmälle mikä sijaitsee piilotetulla VeraCrypt taltiolla (edellyttäen että piilotettu taltio ei sijaitse säilössä talletettuna salaamattomalle tiedostojärjestelmälle tai jollekin muulle vain luettavassa tiedostojärjestelmässä). - On kolme pääsyytä miksi tällainen vastatoimenpide on toteutettu:\n\n- Se mahdollistaa luonnin suojatulle alustalle yhdistääkseen piilotetun VeraCrypt taltiot. Huomioi että me virallisesti suosittelemme piilotetut taltiot ovat yhdistettyinä ainoastaan silloin kun piilotettu käyttöjärjestelmä on toiminnassa. (Lisätietoa, katso aliotsikko 'Turvallisuus Varokeinot Liittyen Piilotettuun Taltioon' dokumentissa.)\n\n- Joissakin tapauksissa, on mahdollista tunnistaa että, määrätty aika , tietty tiedostojärjestelmä ei ole yhdistetty (tai että tietty tiedosto tiedostojärjestelmässä ei ole tallennettu tai siihen ei ole pääsyä) tietty käyttöjärjestelmän esimerkki (esim. analysoi ja vertaa tiedostojärjestelmä julkaisut, tiedoston aikaleimat, sovelluksen lokit, virhe lokit jne.). Tämä saattaa osoittaa että piilotettu käyttöjärjestelmä on asennettuna tälle tietokoneelle. Vastatoimenpiteenä ehkäise nämä ongelmat.\n\n- Se suojaa tiedostojärjestelmän joka on yhdistetty molempien houkutuslintuna olevan järjestelmän alle ja piilotettu järjestelmä kun yksi tai molemmat järjestelmät ovat valmiustilassa. VeraCrypt takaa tämän kirjoitus suojaamalla tiedostojärjestelmän houkutuslintuna ja piilotetulla järjestelmällä. Ilman tällaista suojausta tiedostojärjestelmä vioittuisi kun se olisi jo kytkettynä ja toinen valmiustilassa. - Huomioi: Jos tarvitset turvallisesti siirtää tiedostoja houkutuslintuna olevalta järjestelmältä piilotetulle järjestelmälle, seuraa näitä vaiheita: 1) Käynnistä houkutuslintuna oleva järjestelmä. 2) Tallenna tiedostot salaamattomaan taltioon tai ulkoiseen/tavalliseen VeraCrypt taltioon. 3) Käynnistä piilotettu järjestelmä. 4) Jos et tallenna tiedostoa VeraCrypt taltiolle, kytke se (automaattinen kytkentä vain lukutilassa). 5) Kopioi tiedostot piilotetulle järjestelmäosiolle tai muulle piilotetulle taltiolle. - Tietokone tulee uudelleen käynnistää.\n\nHaluatko käynnistää sen nyt? - Virhe tapahtui kun haettiin järjestelmän salakirjoitus arvoa. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Sovelluksen komponentteja ei voida alustaa järjestelmän salakirjoitusta varten. - Satunnaisnumeron luonnin alustus epäonnistui! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Sovellusta ei pystytä alustamaan. Viestiruudun ikkunan rekisteröinti epäonnistui. - Virhe: Virhe ladattaessa Rich edit järjestelmä kirjastoa. - Opastettu VeraCrypt Taltion Luonti - Suurin mahdollinen piilotettu taltion koko tälle taltiolle on %.2f byteä. - Suurin mahdollinen piilotettu taltion koko tälle taltiolle on %.2f KB. - Suurin mahdollinen piilotettu taltion koko tälle taltiolle on %.2f MB. - Suurin mahdollinen piilotettu taltion koko tälle taltiolle on %.2f GB. - Suurin mahdollinen piilotettu taltion koko tälle taltiolle on %.2f TB. - Taltion salasanaa/avaintiedostoa ei voida muuttaa kun taltio on yhdistettynä. Poista yhteys taltiolta. - Otsikkoavaimen periytyvää algoritmia ei voida muuttaa kun taltio on yhdistettynä. Poista yhteys taltiolta. - Y&hdistä Laite - Uusi VeraCrypt versio vaaditaan jotta tämän taltion yhdistäminen on mahdollista. - Virhe: Taltion Luonti Velhoa ei löydetty.\n\nOle hyvä ja varmista että tiedosto 'VeraCrypt Format.exe' on hakemistossa missä 'VeraCrypt.exe' on perustettu. Jos se ei ole, asenna uudelleen VeraCrypt ohjelma, tai määritä 'VeraCrypt Format.exe' levylläsi ja aja se. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Seuraava > - &Valmis - &Asenna - P&ura - Mahdotonta yhdistää VeraCrypt laiteohjain. VeraCrypt ei voi toimia jos oikea laiteohjain ei ole käytössä.\n\nHuomioi tämä, Windows ongelmista johtuen, voi olla tarpeen että kirjaudut ulos tai käynnistät järjestelmän uudelleen ennen kuin laiteohjain voidaan ladata. - Virhe tapahtui kun ladattiin/valmisteltiin fontteja. - Aseman kirjainta ei löydetty tai kirjainta ei määritelty - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Aseman kirjain ei käytettävissä. - Ei valittua tiedostoa! - Ei vapaita tunnuksia vapaana. - Vapaita taltion tunnuksia ei vapaana ulkoiselle taltiolle! Taltion luontia ei voida jatkaa. - Ei voida tunnistaa käyttöjärjestelmäsi versiota tai käyttöjärjestelmäsi ei ole tuettu. - Ei Polkua Valittuna! - Ei Tarpeeksi vapaata tilaa piilotetulle taltiolle! Taltion luontia ei voida jatkaa. - Virhe: Tiedosto joka kopioit ulkoiseen asemaan varaa liikaa tilaa. Siksi, ei ole tarpeeksi tilaa ulkoiselle asemalle piilotetulle taltiolle.\n\nHuomioi, että piilotettu taltio täytyy olla isompi kuin järjestelmäosio (osio missä käyttöjärjestelmä on käytössä ja asennettuna). Syy miksi piilotettu käyttöjärjestelmän tarvitsee olla luotuna kopioimalla sisältö järjestelmäosion piilotetulle taltiolle.\n\n\nPiilotetun käyttöjärjestelmän luonti prosessia ei voida jatkaa. - Taltiolta on mahdotonta poistaa yhteyttä. Jotkin tiedostot sijaitsevat taltiolla ja saattavat olla edelleen auki. - Taltiota ei voida lukita. Siellä on edelleen avoimia tiedostoja. Siksi yhteyttä ei voida poistaa. - VeraCrypt ei voi lukita taltiota koska on käytössä järjestelmällä tai sovelluksilla (taltiolla saattaa olla avoimia tiedostoja).\n\nHaluatko pakotetusti purkaa yhteyden taltiolle? - Valitse VeraCrypt Taltio - Määrittele Polku ja Tiedostonimi - Valitse PKCS #11 Kirjasto - Muisti loppui - TÄRKEÄÄ: Vahvasti suosittelemme että aloittelijat luovat VeraCrypt tiedosto säilön valitulle laitteelle/osiolle, sen sijaan että yrittäisivät salata kokonaisen laitteen/osion.\n\nKun luot VeraCrypt tiedosto säilön (päinvastoin kuin salaisit laitteen tai osion), esimerkiksi, kun ei ole riskiä tuhota isoa määrää tiedostoja. Huomioi, että VeraCrypt tiedosto säilö (vaikka sisältäisi virtuaalisen suojatun levyn) on oikeastaan kuin normaali tiedosto. Siksi, se voi olla esimerkiksi helpompi uudelleen nimetä, siirtää, tai kopioida kuten normaali tiedosto. Lisätietoa, katso kappale Aloittelijan Opas VeraCrypt Käyttäjä Oppaassa.\n\nHaluatko varmasti suojata kokonaisen laitteen/osion? - VAROITUS: Tiedosto '%s' on jo olemassa!\n\nTÄRKEÄÄ: VERACRYPT EI SALAA TIEDOSTOA, VAAN SE TUHOTAAN. Oletko varma, että haluat tuhota tiedoston ja korvata sen uudella VeraCrypt säilöllä? - VAROITUS: KAIKKI TIEDOSTOT JOTKA OVAT TALLENNETTUNA VALITULLA %s '%s'%s NE TUHOTAAN JA HÄVITETÄÄN (NIITÄ EI SALATA)!\n\nHaluatko varmasti jatkaa alustusta? - VAROITUS: Sinun ei ole mahdollista yhdistää taltiota tai päästä tallennettuihin tiedostoihin käsiksi ennen kuin se on täysin salattu.\n\nOletko varma että haluat aloittaa salauksen valitulle %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - VAROITUS: Huomioi että jos virta yhtäkkiä katkeaa ennen kuin salaus on suoritettu olemassa olevalle tiedoille, tai kun käyttöjärjestelmä keskeytyy virheeseen tai laitteisto vian vuoksi kun VeraCrypt on salaamassa olemassa olevaa tietoa, osa tiedoista korruptoituu tai häviää. Siksi, ennen kuin aloitat salauksen, ole hyvä ja varmista sinulla on varmuustallennus tiedostoista jotka haluat salata.\n\nOnko sinulla tällainen varmuustallenne? - VAROITUS: MITKÄ TAHANSA TIEDOSTOT JOTKA OVAT TALLENNETTU OSIOLLE '%s'%s (KUIN TAAS ENSIMMÄISELLE OSIOLLE KÄYTTöJÄRJESTELMÄN TAKAISELLA OSIOLLA) POISTETAAN JA NE HÄVIÄVÄT (NIITÄ EI SALATA)!\n\nOletko varma että haluat jatkaa formatoinnilla? - VAROITUS: VALITTU OSIO SISÄLTÄÄ ISON MÄÄRÄN TIETOA! Mikä tahansa tallennettu tiedosto osiolle pyyhitään ja katoaa (niitä EI salata)! - Pyyhi mikä tahansa tallennettu tiedosto osiolta luomalla sen sisään VeraCrypt taltion - Salasana - PIM - Aseta Otsikkoavaimen Periytyvä algoritmi - Lisää/Poista Avaintiedosto Taltiolta(lle) - Poista Kaikki Avaintiedostot Taltiolta - Salasana, PIM ja/tai avaintiedosto(t) on onnistuneesti vaihdettu.\n\nTÄRKEÄÄ: Varmista, että luet osuuden 'Muuttaa Salasanat ja Avaintiedostot' kappaleesta 'Turvallisuus Varotoimet' VeraCrypt Käyttäjä Oppaasta. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - TÄRKEÄÄ: Jos et tuhoa VeraCrypt Pelastuslevyäsi, sinun käyttöjärjestelmäosio/asema voi silti olla salaamaton käyttäen vanhaa salasanaa (käynnistämällä VeraCrypt Pelastuslevy ja antamalla vanhan salasanan). Sinun täytyy luoda uusi VeraCrypt Pelastuslevy ja sitten tuhota vanha.\n\nHaluatko luoda uuden VeraCrypt Pelastuslevyn? - Huomioi, että VeraCrypt Pelastuslevy käyttää vielä edellistä algoritmia. Jos harkitset että edellinen algoritmi on turvaton, sinun täytyy luoda ensin uusi VeraCrypt Pelastuslevy ja sitten tuhota vanha.\n\nHaluatko luoda uuden VeraCrypt Pelastuslevyn? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Avaintiedosto(t) onnistuneesti lisätty/poistettu. - Avaintiedosto viety. - Otsikkoavain Periytyvä algoritmin asetus onnistui. - Anna salasana ja/tai avaintiedosto(t) ei-järjestelmätaltiolle minne haluat aloittaa uudelleen prosessin paikallaan salaukselle.\n\n\nHuomaa: Sen jälkeen kun painat Seuraava, VeraCrypt yrittää etsiä ei-järjestelmätaltioita missä salaus prosessi on keskeytynyt ja missä VeraCrypt taltio otsikko voi olla salauspurettu käyttäen hankittua salasanaa ja/tai avaintiedostoa(t). Jos enemmin kuin yksi tällainen taltio löydetään, sinun tarvitsee valita yksi niistä seuraavassa askeleessa. - Ole hyvä ja valitse yksi listatuista taltioista. Lista sisältää jokaisen helppopääsyisen ei-järjestelmätaltion missä salauksen prosessi on keskeytynyt ja jonka otsikko voi olla salaus purettuna käyttäen saatavana olevaa salasanaa ja/tai avaintiedostoa(t). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - On erittäin tärkeää että valitset hyvän salasanan. Sinun tulee välttää sellaisia jotka sisältävät vain yhden sanan joka voidaan löytää sanakirjasta (tai yhdistelmää 2, 3, tai 4 vastaavia sanoja). Sen ei pidä sisältää mitään nimeä tai syntymäpäivää. Ei pidä olla helposti arvattavissa. Hyvä salasana on satunnainen yhdistelmä isoja ja pieniä kirjaimia, numeroita, ja erikoismerkkejä kuten @ ^ = $ * + jne. Suosittelemme valitsemaan salasanaan useamman kuin 20 merkkiä (mitä pitempi sitä parempi). Maksimi pituus on 64 merkkiä. - Valitse salasana piilotetulle taltiolle. - Valitse salasana piilotetulle käyttöjärjestelmälle (esim. piilotetulle taltiolle). - TÄRKEÄÄ: Salasana jonka valitsit piilotetulle käyttöjärjestelmälle tässä kohtaa tulee olla erilainen kuin toiset kaksi salasanaa (näitä ovat ulkoisen taltion salasana ja houkutuslintuna olevan käyttöjärjestelmän salasana). - Anna taltiolle salasana jonka haluat luoda piilotetun taltion sisälle.\n\nPaina Seuraavaksi, VeraCrypt yrittää yhdistää taltion. Hetki kun taltio on yhdistetty, ryhmä bittikartta tutkitaan läpi määritelläkseen vapaan tilan keskeytys alueella (jos on joitakin) mikä loppuu sovitettuun taltion loppuun. Tämä alue sijaitsee piilotetulla taltiolla ja siksi sillä on rajoitettu koko. Ryhmä bittikartan tutkiminen on tarpeen varmistaakseen ettei ulkoisella taltiolla olevaa dataa ylikirjoiteta piilotetun taltion toimesta. - \nValitse salasana ulkoiselle taltiolle. Tämä tulee olemaan salasana jonka voit paljastaa pakotetussa tilanteessa.\n\nTÄRKEÄÄ: Salasana tulee olla täysin erilainen kuin sen jonka valitsit piilotetulle taltiolle.\n\nHuomioi: Maksimi mahdollinen pituus on 64 merkkiä. - Ole hyvä ja valitse salasana ulkoiselle taltiolle. Tämä tulee olemaan salasana jonka voit antaa kenelle tahansa pakotetussa tilanteessa salasanaa ensimmäiselle osiolle käyttöjärjestelmän takan, kun molemmat ulkoinen ja piilotettu taltion (sisältää piilotetun käyttöjärjestelmän) sijaitsee. Olemassa oleva piilotettu taltio (ja piilotettu käyttöjärjestelmä) pysyvät salattuina. Huomioi että tämä salasana ei ole houkutuslintuna olevaa käyttöjärjestelmää varten.\n\nTÄRKEÄÄ: Salasana tulee olla täysin erilainen kuin sen jonka valitsit piilotetulle taltiolle (kuin myös piilotetulle käyttöjärjestelmälle). - Ulkoisen Taltion Salasana - Piilotetun Taltion Salasana - Salasana Piilotetulle Käyttöjärjestelmälle - VAROITUS: Lyhyt salasana on helppo murtaa brute force tekniikan avulla!\n\nSuosittelemme valitsemaan salasanan, joka sisältää enemmän kuin 20 merkkiä. Haluatko varmasti käyttää lyhyttä salasanaa? - Taltion Salasana - Väärä salasana tai se ei ole VeraCrypt taltio. - Väärä avaintiedosto(t) ja/tai väärä salasana tai ei ole VeraCrypt taltio. - Väärä yhteys tila, väärä salasana, tai väärä VeraCrypt taltio. - Väärä yhteys tila, väärä avaintiedosto(t) ja/tai salasana, tai väärä VeraCrypt taltio. - Väärä salasana tai VeraCrypt taltiota ei löydetty. - Väärä avaintiedosto(t)/salasana tai VeraCrypt taltiota ei löydetty. - \n\nVaroitus: Caps Lock on päällä. Tämä saattaa johtaa siihen että salasanasi on virheellinen. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - Jos yrität suojata piilotetussa säilössä olevan piilotetun järjestelmän, varmista että käytät vakio näppäimistöäsi kun kirjoitat salasanan piilotetulle taltiolle. Tämä on vaadittu koska todellisuudessa salasana tulee kirjoittaa esikäynnistys ympäristössä (ennekuin Windows käynnistyy) kun Windows näppäimistösi ei vielä käytettävissä. - VeraCrypt ei löytänyt mitään taltiota missä ei-järjestelmä salaus olisi keskeytynyt ja missä taltion otsikko voi olla salaus purettuna käyttäen saatavana olevalla salasanalla ja/tai avaintiedostolla.\n\nVarmista että salasana ja/tai avaintiedosto ovat oikein ja että osio/taltio ei ole järjestelmän tai sovelluksien käytössä (sisältäen virustorjunta ohjelmiston). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nTiedotus: Jos yrität yhdistää osiota joka sijaitsee salatulla järjestelmäosiolla ilman esikäynnistys autentikointia tai yhdistät salatun järjestelmäosion käyttöjärjestelmälle joka ei ole ajossa, voit tehdä sen valitsemalla 'Järjestelmä' > 'Yhdistä Ilman esikäynnistys Autentikointia'. - Tässä tilassa, et voi valita kytketyn osion sijaintia asemalla jonka osa on aktiivisen järjestelmä salauksen avain ala.\n\nEnnen kuin voit kytkeä osion tähän tilaan, sinun tarvitsee joko käynnistää järjestelmä uudelleen, joka on asennettuna eri asemalle (salattu tai salaamaton) tai käynnistää salaamaton käyttöjärjestelmä. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Takaisin - Asennettujen raaka laitteiden listausta ei saada tehtyä järjestelmässäsi! - Taltio '%s' löytyi, ja on vain lukutilassa. Haluatko korvata sen? - Valitse kohde hakemisto - Valitse Avaintiedosto - Valitse avaintiedoston haku polku. VAROITUS: Huomioi, että ainoastaan polku muistetaan, ei tiedostonimeä! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Suunnittelu Ross Anderson, Eli Biham ja Lars Knudsen. Julkaistu 1998. 256-bitin avain, 128-bitin lohko. Toiminta tila on XTS. Serpent oli yksi AES finalisti. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Ulkoisen Taltion Koko - Piilotetun Taltion Koko - Tarkista että valitun laitteen/osion koko on näytetty yllä oikein ja paina Seuraava. - Ulkoinen taltio ha piilotettu taltio (sisällytetty piilotettuun käyttöjärjestelmään) sijaitsee yllä mainitussa osiossa. Sen tulee olla ensimmäinen osio käyttöjärjestelmäosion takana.\n\nOle hyvä ja tarkista että partition koko ja sen numero on näytetty yllä oikein, ja jos näin on, paina Seuraava. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Taltion Koko - Dynaaminen - VAROITUS: ITSETARKISTUS EPÄONNISTUI! - Itsetarkistukset kaikille algoritmeille suoritettu onnistuneesti - Yksikön data numero jonka annoit on liian lyhyt tai pitkä. - Toissijainen avain jonka annoit on liian lyhyt tai pitkä. - Annetun testi salatekstin pituus on liian pitkä tai lyhyt. - Annetun testi avaimen pituus on liian pitkä tai lyhyt. - Annetun testi tekstin pituus on liian pitkä tai lyhyt. - Kaksi ryhmää cascade toiminnassa ovat XTS tilassa. Jokainen ryhmä on ensimmäisenä salattuina %s (%d-bitin avain) ja sitten %s (%d-bitin avain). Jokainen salakirjoitus käyttää omaa avainta. Kaikki avaimet ovat toisistaan riippumattomia. - Kolme ryhmää on cascadoitu toimimaan XTS tilassa. Jokainen ryhmä on ensimmäiseksi salattuina %s (%d-bitin avain), ja sitten %s (%d-bitin avain), ja lopuksi %s (%d-bitin avain). Jokainen salakirjoitus käyttää omaa avainta. Kaikki avaimet ovat toisistaan riippumattomia. - Huomioi, että riippuen käyttämästäsi käyttöjärjestelmästä, nämä automaattinen ajo ja automaattinen kytkentä ominaisuudet saattavat toimia ainoastaan kun liikutettavat levytiedostot ovat luotuna ei-kirjoitettavaan CD/DVD-kaltaiselle levylle. Huomioi, että tämä ei ole virhe VeraCrypt ohjelmassa (tämä on Windowsin rajoitus). - VeraCrypt liikutettava levy on onnistuneesti luotu.\n\nHuomioi, että tarvitset pääkäyttäjän oikeudet ajaaksesi VeraCrypt liikutettavassa tilassa. Huomioi myös, että järjestelmärekisterin tutkimisen jälkeen on mahdollista nähdä, että VeraCrypt on suoritettu Windows järjestelmän alla vaikka sitä olisi ajettu liikutettavassa tilassa. - VeraCrypt Liikutettava Levy - Suunnittelu: Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Julkaistu 1998. 256-bit avain, 128-bit lohko. Toimintatapa on XTS. Twofish on yksi AES finalisti. - Lisätietoa %s - Tuntematon - An unspecified or unknown error occurred (%d). - Jotkin asemat sisältävät tiedostoja tai hakemistoja jotka ovat sovelluksen tai järjestelmän käytössä.\n\nPakotettu yhteyden poisto? - &Poista Yhteys - Yhteyden poisto epäonnistui! - Taltion sisältää tiedostoja tai hakemistoja jotka ovat sovelluksen tai järjestelmän käytössä.\n\nPakotettu yhteyden poisto? - No volume is mounted to the specified drive letter. - Taltion jota yritit yhdistää on jo yhdistetty. - Virhe tapahtui yhdistettäessä taltiota. - Virhe etsittäessä sijaintia taltiosta. - Virhe: Väärä aseman koko. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynaaminen säilö on esisijoitettu NTFS tiedosto minkä fyysinen koko (todellisuudessa käytetty levytila) kasvaa kun uutta tietoa lisätään.\n\nVAROITUS: suorituskyky tiedostoisännöidyllä taltiolla on huomattavasti heikompi kuin tavallisella taltiolla. tiedostoisännöidyllä taltiolla on myös heikompi turvallisuus, koska on mahdollista katsoa minkä taltion sektorit ovat käyttämättöminä. Lisäksi tiedostoisännöidyt taltiot eivät voi hankkia kiistettävissä olevaa uskottavuutta (piilotetun taltion isäntä). Huomioi myös että jos tieto on kirjoitettu tiedosto säilölle kun siinä ei ole tarpeeksi vapaata isäntä tiedostojärjestelmässä, salattu tiedostojärjestelmä saattaa vioittua.\n\nOletko varma että haluat luoda tiedostoisännöidyn taltion? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt ei voi muuttaa salasanaa vieraalle taltiolle. - Valitse vapaa aseman kirjain listalta. - Valitse yhdistettävän taltion kirjain listalta. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Virhe: Ei voida luoda autorun.inf tiedostoa - Virhe suoritettaessa avaintiedostoa! - Virhe suoritettaessa avaintiedosto polkua! - Avaintiedoston polku ei sisällä tiedostoja.\n\nHuomioi että hakemisto (ja hakemiston tiedostot) löydetään avaintiedoston haulla ovat hylättyjä. - VeraCrypt ei tue tätä käyttöjärjestelmää. - Virhe: VeraCrypt tukee ainoastaan vakaita versioita tästä käyttöjärjestelmästä (beeta/RC versiot eivät ole tuettuina. - Virhe: Ei voida varata muistia. - Virhe: Ei voida noutaa suorituskyky laskurin arvoa. - Virhe: Virheellinen taltion formaatti. - Virhe: Annoit salasanan piilotetulle taltiolle (et tavalliselle taltiolle). - Turvallisuus syistä, piilotettu taltiota ei voida luoda VeraCrypt taltion sisälle joka sisältää tiedostojärjestelmän joka on salattu paikallaan (koska vapaa tila taltiolla ei on täytetty satunnaistiedoilla). - VeraCrypt - Lainmukaiset Tiedotukset - Kaikki Tiedostot - VeraCrypt Taltiot - Kirjasto Moduulit - NTFS alustusta ei voida jatkaa. - Ei voida yhdistää taltiota. - Ei voida poistaa yhteyttä taltiota. - Windows epäonnistui alustamaan taltiota NTFS tyyppiseksi.\n\nValitse eri tyyppinen tiedostojärjestelmä (jos mahdollista) ja yritä uudelleen. Vaihtoehto, voit jättää taltio alustamatta (valitse 'ei mitään' tiedostojärjestelmäksi), poistu tästä opastusta, yhdistä taltio, ja sitten käytä joko järjestelmän tai kolmannen osapuolen työkalua alustaaksesi yhdistetyn taltion (asema jää suojatuksi). - Windows epäonnistui alustamaan taltiota NTFS tyyppiseksi.\n\nHaluatko sen sijaan alustaa taltion FAT tyyppiseksi? - Oletus - osio - OSIO - Laite - laite - LAITE - Taltio - taltio - TALTIO - Label - Valittu ryhmä koko liian pieni tälle taltion koolle. Suurempaa ryhmä kokoa käytetään sen sijaan. - Virhe: Taltion kokoa ei saatu!\n\nVarmista, että valittu taltio ei ole järjestelmän tai toisen sovelluksen käytössä. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - VeraCrypt Taltion Luonti Velho voi luoda piilotetun taltio ainoastaan FAT tai NTFS taltiolle. - Windows 2000, VeraCrypt Taltion Luonti Velho voi luoda piilotetun taltion ainoastaan FAT taltiolle. - Huomio: FAT tiedostojärjestelmä on sopivampi ulkoiselle taltiolle kuin NTFS tiedostojärjestelmä (esimerkiksi, maksimi mahdollinen koko piilotetulle taltiolle olisi oltava merkittävästi suurempi kun ulkoinen taltio on formatoituna FAT tyyppisenä). - Huomio että FAT tiedostojärjestelmä on sopivampi ulkoiselle taltiolle kuin NTFS tiedostojärjestelmä. Esimerkiksi, maksimi mahdollinen koko piilotetulle taltiolle olisi oltava merkittävästi suurempi kun ulkoinen taltio on formatoituna FAT tyyppisenä (syy on tämä. NTFS tiedostojärjestelmä tallentaa aina sisäisen datan keskelle taltiota ja, siksi, piilotettu taltio voi olla ainoastaan toisella puoliskolla ulkoista taltiota).\n\nOletko varma että haluat formatoida ulkoisen taltion NTFS tyyppiseksi? - Haluatko formatoida taltion sen sijaan FAT tyyppiseksi? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Virhe: Piilotetun käyttöjärjestelmän osio (se on ensimmäinen osio järjestelmäosion takana) pitää olla vähintään 5% suurempi kuin järjestelmäosio (järjestelmäosio on se yksi missä nykyinen käyttöjärjestelmä on käynnissä ja asennettuna). - Virhe: Osio piilotetulle käyttöjärjestelmälle (se joka on ensimmäinen osio käyttöjärjestelmäosion takana) tulee olla vähintään 110% (2.1 kertaa) isompi kuin järjestelmäosio (järjestelmäosio on yksi nykyisistä käyttöjärjestelmistä jonne käynnissä oleva käyttöjärjestelmä on asennettu). Syy tähän on NTFS tiedostojärjestelmä tallentaa aina sisäisesti datan samalla tavalla keskelle asemaa ja, siksi, piilotettu taltio (joka sisältää jäljitelmän järjestelmäosiosta) voi sijaita ainoastaan toisella puoliskolla osiota. - Virhe: Jos ulkoinen taltio on NTFS, sen tulee olla vähintään 110% (2.1 kertaa) isompi kuin järjestelmäosion. Syy tähän on se, että NTFS tiedostojärjestelmä on aina tallennettuna sisäisesti tarkalleen keskelle taltiota, ja siksi piilotettu taltio (joka sisältää jäljitelmän järjestelmäosiosta) voi sijaita ainoastaan toisella puoliskolla ulkoista taltiota.\n\nHuomioi: Ulkoinen taltio pitää sijaita samalla osiolla kuin piilotettu käyttöjärjestelmä (kuten ensimmäinen osio järjestelmäosion takana). - Virhe: Ei ole osiota järjestelmäosion takana.\n\nHuomioi että ennen kuin voit luoda piilotetun käyttöjärjestelmän, sinun tarvitsee luoda sitä varten osio järjestelmälevyltä. Sen tulee olla ensimmäinen osio käyttöjärjestelmäosion takana ja sen tulle olla vähintään 5 % isompi kuin järjestelmäosion (järjestelmäosio on se missä nykyinen ajettava käyttöjärjestelmä on asennettuna). Kuitenkin, jos ulkoinen taltio (ei pidä sekoittaa järjestelmäosion kanssa) on formatoitu NTFS, osio piilotetulle käyttöjärjestelmälle tulee olla vähintään 110% (2.1 kertaa) isompi kuin järjestelmäosiolle (syy tähän on NTFS tiedostojärjestelmä on aina tallennettu sisäisesti tarkalleen keskelle asemaa ja, siksi, piilotettu taltio, joka sisältää jäljitelmän järjestelmäosiosta, voi sijaita ainoastaan toisella puoliskolla osiota). - Huomautus: Ei ole käytännöllinen (ja siksi ei ole tuettu) asentaa käyttöjärjestelmiä kahdelle VeraCrypt taltiolle jotka ovat varustettu yhdellä osiolla, koska käyttämällä ulkoista käyttöjärjestelmää saattaa usein tarvita datan kirjoittamista piilotetun käyttöjärjestelmän alueelle (ja jos sellainen kirjoitus tapahtuma ehkäistiin käyttämällä piilotetun taltiota suojaus ominaisuutta, on sen luontaisesti aiheuttanut järjestelmän kaatumisen, kuten 'Sininen Ikkuna' virheet). - Lisätietoa kuinka luoda ja hallita osioita, ole hyvä ja katso ohjetta joko käyttöjärjestelmän toimittajalta tai ota yhteys tietokoneen toimittajan tekniseen tukeen. - Virhe: Nykyinen käynnissä oleva käyttöjärjestelmä ei ole asennettu käynnistys osiolle (ensimmäinen Aktiivinen osio). Tämä ei ole tuettuna. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Virhe: Ei pääsyä taltiolle!\n\nTarkista että valittu taltio löytyy, että sen on poistettu yhteys järjestelmän tai ohjelman toimesta, että sinulla on luku/kirjoitus taltiolle, ja että levy ei ole kirjoitussuojattu. - Error: Cannot obtain volume properties. - Virhe: Ei voida yhdistää taltiota ja/tai hankkia tietoa taltiosta.\n\nVarmista että valittu taltio on olemassa, että se ei ole järjestelmän tai sovelluksen käytössä, että sinulla on luku/kirjoitus oikeudet taltiolle, ja että se ei ole kirjoitussuojattu. - Virhe: Ei voida yhdistää taltiota ja/tai hankkia tietoa taltiosta. Varmista että valittu taltio on olemassa, että se ei ole järjestelmän tai sovelluksen käytössä, että sinulla on luku/kirjoitus oikeudet taltiolle, ja että se ei ole kirjoitussuojattu.\n\nJos ongelmaa edelleen esiintyy, saattaa auttaa jos seuraat alla olevia ohjeita. - Virhe estettäessä VeraCrypt salaus osiolle. Yritä korjata mikä tahansa edellinen raportoitu ongelma ja sitten yritä uudelleen. Jos ongelma yhä esiintyy, saattaa auttaa että seuraat seuraavia askeleita. - Virhe estettäessä VeraCrypt aloittaa uudelleen salaus prosessi taltiolla.\n\nYritä korjata mikä tahansa edellinen raportoitu ongelma ja yritä aloittaa prosessi uudelleen . Huomioi että taltiota ei voida yhdistää ennen kuin se on täysin salattu. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Virhe: Ei voida poistaa yhteyttä ulkoiselta taltiolta!\n\nTaltiolta ei voida poistaa yhteyttä jos se sisältää tietoja tai hakemistoja jotka ovat ohjelmien tai järjestelmän käytössä.\n\nSulje ohjelma joka saattaa käyttää tiedostoa tai hakemistoa taltiolla ja paina Yritä uudelleen. - Virhe: Ulkoisen taltion tietoja ei saada! Taltion luontia ei voida jatkaa. - Virhe: Ulkoiselle asemalle pääsy estetty! Taltion luontia ei voida jatkaa. - Virhe: Ulkoista asemaa ei voida yhdistää! Taltion luontia ei voida jatkaa. - Virhe: Taltion ryhmä bittikarttaa ei saada! Taltion luontia ei voida jatkaa. - Aakkosellinen/Kategorisoitu - Nopeuden (Aleneva) - Algoritmi - Salaus - Salauksenpurku - Keskiarvo - Asema - Koko - Salausalgoritmi - Salausalgoritmi - Tyyppi - Arvo - Ominaisuudet - Sijainti - byteä - Piilotettu - Uloin - Normaali - Järjestelmä - Piilotettu (järjestelmä) - Vain Luku - Systeemin levyt - Systeemilevy (Salauksesta - %.2f%% valmis) - Systeemilevy (Salauksenpurku - %.2f%% valmis) - Systeemilevy (%.2f%% salattu) - Systeemi osiot - Piilotettu järjestelmäosio - Systeemilevy (salauksesta - %.2f%% valmis) - Systeemilevy (salauksenpurku - %.2f%% valmis) - Systeemilevy (%.2f%% salattu) - Kyllä (Vahingot torjuttu!) - Ei mitään - Ensisijainen Avainkoko - Toissijainen Avainkoko (XTS Tila) - Heikonavaimen koko (LRW Tila) - bittiä - Lohkon Koko - PKCS-5 PRF - PKCS-5 toisto laskin - Taltio Luotu - Otsikko Viimeksi Muokattu - (%I64d päivää sitten) - Taltion Formaattiversio - Upotettu Varmuusotsikko - VeraCrypt Boot Loader Version - Ensin saatavana - Liikutettava Levy - Kovalevy - Muuttumaton - Autodetection - Velho Tila - Valitse yksi tiloista. Jos sinulla ei ole varmuutta minkä valita, käytä oletus tilaa. - Valitse tämä valinta jos haluat asentaa VeraCrypt tähän järjestelmään. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - Jos valitset tämän valinnan, kaikki tiedostot puretaan tästä paketista mutta mitään ei asenneta järjestelmään. Älä valitse sitä jos aiot salata järjestelmäosion tai järjestelmälevyn. Valitsemalla tämän voi olla käyttökelpoinen valinta, esimerkiksi, jos haluat ajaa VeraCrypt niin kutsutussa liikutettavassa tilassa. VeraCryptiä ei tarvitse asentaa käyttöjärjestelmän alaisuuteen jossa sitä ajetaan. Kun kaikki tiedostot on purettu, voit suoraan ajaa puretun tiedoston 'VeraCrypt.exe' (kun VeraCrypt ajetaan liikutettavassa tilassa). - Asennus Valinnat - Täältä voit asettaa erilaiset valinnat hallitaksesi asennusta. - Asennus - Odota kunnes VeraCrypt on asennettu. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Purku Valinnat - Täältä voit valita erilaisia valintoja ohjataksesi purkua. - Odota että tiedostot on purettu. - Files successfully extracted - Kaikki tiedostot ovat onnistuneesti purettu kohteeseen. - Jos erityinen hakemisto ei löydy, se luodaan automaattisesti. - VeraCrypt ohjelman tiedostot päivitetään sijaintiin missä VeraCrypt on asennettu. Jos sinun tarvitsee valita toinen sijainti, poista ensin VeraCrypt asennus. - Haluatko näyttää ohjelmisto tiedotteen nykyisestä (viimeinen vakaa) versio VeraCrypt ohjelmasta? - Jos et ole koskaan käyttänyt VeraCrypt ohjelmaa ennen, suosittelemme, että luet kappaleen Aloittelijan Koulutus 'Beginner's Tutorial' VeraCrypt Käyttäjä Oppaassa. Haluatko katsoa opetusohjelmaa? - Valitse toiminto suorittaaksesi seuraavan: - Korjaa/Uudelleen asennus - Päivitys - Poista Asennus - Asentaaksesi/poistaaksesi VeraCrypt asennuksen onnistuneesti, sinulla tulee olla pääkäyttäjän oikeudet. Haluatko jatkaa? - VeraCrypt asennusohjelma on juuri käynnissä tässä järjestelmässä ja suorittaa tai valmistelee asennusta tai VeraCrypt päivittämistä. Ennen kuin aloitat, ole hyvä ja odota sen loppumista tai sulje se. Jos et voi sulkea sitä, ole hyvä ja käynnistä tietokoneesi uudelleen ennen tätä suoritusta. - Asennus epäonnistui. - Asennuksen poisto epäonnistui. - Tämä jaettu paketti on viallinen. Yritä ladata se uudelleen (mieluiten virallisilta VeraCrypt kotisivuilta osoitteesta https://veracrypt.codeplex.com). - Ei voida kirjoittaa tiedostoa %s - Puretaan - Ei voida lukea tietoja paketista. - Ei voida tarkistaa jaetun paketin yhteneväisyyttä. - Purku epäonnistui. - Asennus otettu takaisin. - VeraCrypt onnistuneesti asennettu. - VeraCrypt on onnistuneesti päivitetty. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt on onnistuneesti poistettu.\n\nPaina 'Lopetus' poistaaksesi VeraCrypt asennuksen ja %s hakemiston. Huomioi, että hakemistoa ei poisteta jo jokin hakemiston tiedosto ei ole VeraCryptin asentama tai luotu VeraCrypt avulla. - Poistetaan VeraCrypt rekisterin sisältö - Lisätään rekisterin sisältö - Poista sovelluserityinen data - Asennetaan - Pysäytetään - Poistetaan - Lisätään ikoni - Luodaan järjestelmän palautuspiste - Epäonnistuttiin palautus pisteen luonnissa! - Päivitä Käynnistyslataaja - Epäonnistui asentaa '%s'. %s Haluatko jatkaa asennusta? - Asennuksen poisto '%s' epäonnistui. %s Haluatko jatkaa poistoa? - Asennuksen poisto valmis. - Hakemistoa '%s' ei voida luoda - VeraCrypt laiteohjainta ei voida purkaa.\n\nSulje ensin kaikki avoimet VeraCrypt ikkunat. Jos tämä ei auta, käynnistä Windows uudelleen ja yritä uudelleen. - Kaikki VeraCrypt taltioilta täytyy poistaa yhteys ennen kuin onnistuu VeraCrypt asennus tai asennuksen poisto. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - Rekisteri merkinnän asennus on epäonnistunut - Laite ohjaimen asennus on epäonnistunut. Käynnistä Windows uudelleen ja yritä asentaa VeraCrypt uudelleen. - Käynnistetään VeraCrypt laiteohjain - Poistettavan laite ohjaimen asennus epäonnistui. Huomioi, että, Windows virheestä johtuen, voi olla tarpeen kirjautua ulos tai käynnistää järjestelmä ennen kuin laiteohjain voidaan poistaa järjestelmästä (tai uudelleen asentaa). - Asennetaan VeraCrypt laiteohjain - Pysäytetään VeraCrypt laiteohjain - Poistetaan VeraCrypt laiteohjain - Käyttäjätili ohjauksen tukikirjaston rekisteröinti epäonnistui. - Rekisteröimätön Käyttäjätili Kontrolli tukikirjasto epäonnistui. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Huomioi että jos päätit ajaa VeraCrypt ohjelmaa liikutettavassa tilassa (vastakohtana ajaa asennettua VeraCrypt kopiota), järjestelmä kysyy oikeutta ajaa VeraCrypt (UAC kehote) joka kerta kun yrität ajaa sitä.\n\nSyy tähän on se, että kun ajat VeraCrypt liikutettavassa tilassa, VeraCrypt tarvitsee ladata ja käynnistää VeraCrypt laiteajuri. VeraCrypt tarvitsee laiteajurin tehdäkseen näkymättömän lennossa salauksen/salauksen purkuun, ja käyttäjät ilman pääkäyttäjä oikeuksia eivät voi käynnistää laite ajureita Windows ohjelmassa. Siksi, järjestelmä kysyy sinulta lupaa ajaa VeraCrypt pääkäyttäjän oikeuksin (UAC kehote).\n\nHuomioi että jos asennat VeraCrypt järjestelmään (vastakohtana että ajaisit VeraCrypt liikutettavassa tilassa), järjestelmä EI kysy sinulta oikeutta ajaa VeraCrypt (UAC kehote) joka kerta kun yrität ajaa sitä.\n\nOletko varma että haluat purkaa tiedostot? - Varoitus: Tämä ilmentymä Taltion Luonti Velhosta on pääkäyttäjän oikeudet.\n\nUusi taltiosi luodaan oikeuksilla jotka eivät salli sinun kirjoittaa taltiolle kun se on yhdistettynä. Jos haluat välttää tämän, sulje tämä ilmentymä Taltion Luonti Velhosta ja käynnistä uusi ilman pääkäyttäjän oikeuksia.\n\nHaluatko sulkea tämän ilmentymän Taltion Luonti Velhosta? - Virhe: Lisenssiä ei voida näyttää. - Ulkoistettu(!) - päivää - tuntia - min - sek - Avaa - Poista Yhteys - Näytä VeraCrypt - Piilota VeraCrypt - Datan Luku Yhdistämisen Jälkeen - Datan Kirjoitus Yhdistämisen Jälkeen - Salattu Osuus - 100% (täysin salattu) - 0% (ei salattu) - %.3f%% - 100% - Odottaa - Korjataan - Koko muutettu - Salataan - Avataan salaus - Viimeistely - Keskeytetty - Lopetettu - Virhe - Device disconnected - Järjestelmän suosikkitaltiot tallennettu.\n\nAktivoidaksesi järjestelmän suosikkitaltioiden kytkemisen, kun järjestelmä käynnistyy, valitse 'Asetukset' > 'Järjestelmän Suosikkitaltiot' > 'Kytke järjestelmän suosikkitaltiot, kun Windows käynnistyy'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Anna Salasana %s:lle - Enter password for '%s' - Anna salasana tavalliselle/ulkoiselle taltiolle - Anna salasana piilotetulle taltiolle - Anna salasana otsikolle talletettuna varmuus tiedostoon - Avaintiedosto on nyt onnistuneesti luotu. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - VAROITUS: Otsikko tälle taltiolle on tuhoutunut! VeraCrypt automaattisesti käyttää varmistettua taltion otsikko varustettuna taltiolle.\n\nSinun täytyy korjata taltion otsikko valitsemalla 'Työkalut' > 'Palauta Taltion Otsikko'. - Taltion otsikko varmistus nyt onnistuneesti luotu.\n\nTÄRKEÄÄ: Palauta taltion otsikot käyttämällä tätä varmistusta palautetaan nykyinen taltion salasana. Lisäksi, jos avaintiedosto(t) ovat/on tarpeellista yhdistää taltiolle, sama avaintiedosto(t) voi olla tarpeen yhdistää uudelleen kun taltion otsikko on.\n\nVAROITUS: Tämä taltio otsikko varmuuskopio voidaan käyttää palautettaessa VAIN otsikot tietyltä taltiolta. Jos käytät otsikko varmuuskopiota otsikoiden palautukseen eri taltioilta, voit yhdistää taltion, mutta ET voi purkaa salattua tietoa taltiolta (koska olet muuttanut sen pääavainta). - Taltion otsikko on nyt palautettu onnistuneesti.\n\nTÄRKEÄÄ: Huomioi, että vanha salasana saatetaan myös palauttaa. Sitä paitsi, jos avaintiedosto(t) on/ovat tarpeen yhdistää taltiolle kun varmuuskopio on luotu, sama avaintiedosto(t) ovat nyt tarpeen yhdistää taltiolle uudelleen. - Turvallisuus syistä, sinun tulee antaa oikea salasana (ja/tai hankkia oikea avaintiedosto) taltiolle.\n\nHuomioi: Jos taltio sisältää piilotetun aseman, sinun tulee antaa oikea salasana (ja/tai hankkia oikea avaintiedostot) ulkoiselle taltiolle ensin. Vaihtoehtona, jos valitset piilotetun taltion varmistuksen, sinun tulee antaa oikea salasana (ja/tai oikeat avaintiedostot) piilotetulle taltiolle. - Oletko varma että haluat luoda taltion otsikon varmistuksen %s?\n\nKun olet painanut 'Kyllä', sinulle näytetään otsikko varmistuksen tiedostonimi.\n\nHuomioi: Molemmat vakio ja piilotettu taltio otsikot tullaan uudelleen salamaan käyttäen uutta suola ja talletettua varmuustiedostoa. Jos ei ole piilotettua taltiota tässä taltiossa, alue varataan piilotetulle taltion otsikolle varmuus tiedosto täytetään satunnaisdatalla (säilyttää kiistanalainen uskottavuus). Kun palautetaan taltion otsikko varmuustallenteesta, sinun tulee antaa oikea salasana (ja/tai hankkia oikea avaintiedosto) joka on/oli voimassa kun taltion otsikko varmistus on luotu. Salasana (ja/tai avaintiedosto) tullaan taltion otsikon palautus tyyppi automaattisesti tunnistamaan, se on tavallinen tai piilotettu (huomioi että VeraCrypt tunnistaa tyypin läpi suorituksen tai virheen). - Oletko varma, että palautat taltion otsikon %s?\n\nVAROITUS: Palauttamalla taltion otsikon palautuu myös taltion salasana, joka oli voimassa kun varmuuskopio luotiin. Sitä paitsi, jos avaintiedosto(t) oli/olivat tarpeen yhdistää taltiolle kun varmuuskopio luotiin, sama avaintiedosto(t) on tarpeen yhdistää taltio uudelleen sen jälkeen kun taltion otsikko on palautettu.\n\nKun olet painanut Kyllä, voit valita varmuuskopio tiedoston otsikon. - Sisältääkö taltio piilotetun taltion? - Taltio sisältää piilotetun taltion - Taltio ei sisällä piilotettua taltiota - Ole hyvä ja valitse tyyppi taltion otsikko varmistukselle: - Palauta taltio otsikko varmistetulta varmuuskopiolta - Palauta taltio otsikko ulkoiselta varmuuskopiolta - Taltion otsikon varmuustallenteen tiedoston koko on väärä. - Ei ole varmistettua otsikkoa varustettuna tällä taltiolla (huomioi että vain taltiot luotuna VeraCrypt 6.0 tai myöhemmällä sisältää varustuksen varmistus otsikoille). - Olet yrittänyt varmuuskopioida otsikkoa järjestelmäosiolta/asemalta. Tämä ei ole sallittua. Varmuustalletus/palautus toiminto mikä koskee järjestelmäosiota/asemaa voidaan suorittaa ainoastaan käyttämällä VeraCrypt Pelastuslevyä.\n\nHaluatko luoda VeraCrypt Pelastuslevyn? - Olet yrittänyt palauttaa otsikkoa virtuaalisesta VeraCrypt taltiolta mutta valitsit järjestelmäosion/aseman. Tämä ei ole sallittua. Varmuustalletus/palautus toiminto mikä koskee järjestelmäosiota/asemaa voidaan suorittaa ainoastaan käyttämällä VeraCrypt Pelastuslevyä.\n\nHaluatko luoda VeraCrypt Pelastuslevyn? - Kun olet painanut OK, valitse tiedoston mini uudelle VeraCrypt Pelastuslevyn ISO imagelle ja talletus sijainti sille. - Pelastuslevy on luotu ja talletettu tähän tiedostoon: %s\n\nNyt sinun tulee kirjoittaa (polttaa) Pelastuslevy CD tai DVD:lle.\n\nTÄRKEÄÄ: Huomioi, että tiedosto täytyy kirjoittaa CD/DVD:lle kuten ISO levyimagena (ei yksittäisenä tiedostona). Tietoa siitä miten tämä tehdään,katso CD/DVD ohjelmiston manuaalista.\n\nKun poltat Pelastuslevyn, valitse 'Järjestelmä' > 'Tarkista Pelastuslevy' tarkistaaksesi että Pelastuslevyn poltto onnistui. - Pelastuslevy on luotu ja tallennettu tiedostoon: %s\n\nNyt sinun tarvitsee polttaa Pelastuslevy tiedosto CD tai DVD-levylle.\n\nHaluatko käynnistää Microsoft Windows Levytiedosto polton nyt?\n\nHuomioi: Kun olet polttanut Pelastuslevyn, valitse 'Järjestelmä' > 'Takista Pelastuslevy että se on oikein poltettu. - Aseta VeraCrypt Pelastuslevy CD/DVD asemaan ja paina OK tarkistaaksesi sen. - VeraCrypt Pelastuslevy onnistuneesti tarkistettu. - Ei voida tarkistaa onko Pelastuslevyn poltettu oikein.\n\nJos olet polttanut Pelastu Levyn, poista ja uudelleen aseta CD/DVD levy ja yritä uudelleen. Jos tämä ei auta, koita toista CD/DVD levyn poltto ohjelmaa ja/tai välinettä.\n\nJos yritit tarkistaa VeraCrypt Pelastuslevyä luotuna eri pää avaimella, salasana, tmv., huomioi tämä että tällainen Pelastuslevy aina epäonnistuu tässä tarkistuksessa. Luodaksesi uuden yhteensopivan Pelastuslevyn nykyisellä konfiguraatiollasi, valitse 'Järjestelmä' > 'Luo Pelastuslevy'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Virhe luotaessa VeraCrypt Pelastuslevyä. - VeraCrypt Pelastuslevy ei voida luoda kun piilotettu käyttöjärjestelmä on käynnissä.\n\nLuodaksesi VeraCrypt Pelastuslevyn, käynnistä houkutuslintuna oleva käyttöjärjestelmä ja sitten valitse 'Järjestelmä' > 'Luo Pelastuslevy'. - Ei voida tarkistaa Pelastuslevyä onko sen oikein poltettu.\n\nJos poltit Pelastuslevyn, poista se asemasta ja aseta uudelleen CD/DVD asemaan; sitten paina jälleen Seuraava nappia. Jos tämä ei auta, koita toista levyä%s.\n\nJos et ole polttanut Pelastuslevyä vielä, tee se, ja paina sitten Seuraava.\n\nJos yritit tarkistaa VeraCrypt Pelastuslevyä joka luotiin ennen kuin aloitit tämän ohjatun opastuksen, huomioi se, että tällaista Pelastuslevyä ei voida käyttää, koska se on luotu eri pääavaimelle. Sinun täytyy polttaa vasta tehty Pelastuslevy. - ja/tai muu CD/DVD tallennus ohjelmisto - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - Järjestelmäosio/asema ei ole salattuna.\n\nJärjestelmän Suosikkitaltiot voidaan kytkeä ainoastaan käyttäen esikäynnistys autentikointi salasanaa. Siksi, aktivoidaksesi järjestelmä suosikkitaltiot, sinun tarvitsee ensin salata järjestelmäosio/asema. - Poista kaikki yhdistetyt taltiot ennen kuin aloitat tehtävän. - virhe: Ajastinta ei voida asettaa. - Tarkista tiedostojärjestelmä - Korjaa tiedostojärjestelmä - Add to Favorites... - Add to System Favorites... - P&roperties... - Piilotettu taltio suojattu - N/A - Kyllä - Ei - Disabled - 1 - 2 tai enemmin - käyttötila - Otsikko: - Koko: - Polku: - Asema Kirjain: - Virhe: Salasana täytyy sisältää vain ASCII merkkejä.\n\nEi-ASCII merkit salasanassa saattaa aiheuttaa sen ettei taltiota voida yhdistää kun järjestelmä konfiguraatio muuttuu.\n\nSeuraavat merkit ovat sallittuja:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Varoitus: Salasana sisältää EI-ASCII merkkejä. Tämä saattaa aiheuttaa sen ettei taltiota voida yhdistää kun järjestelmä konfiguraatio muuttuu.\n\nSinun tulee korvata kaikki EI-ASCII merkit salasanassa ASCII merkeillä. Tehdäksesi niin, paina 'Taltiot' -> 'Muuta Taltion Salasana'.\n\nSeuraavat merkit ovat mahdollisia:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - VAROITUS: Suosittelemme että vältät tiedostopäätteitä joita käytetään suoritettavissa ohjelmissa (kuten .exe, .sys, tai .dll) ja muita samankaltaisia ongelmia aiheuttavia päätteitä. Käytettäessä tällaisia päätteitä aiheutuu Windows ja virusohjelmistossa säilölle toiminteita, jotka saattavat heikentää taltion suorituskykya ja saattavat aiheuttaa lisäksi vakavia ongelmia.\n\nSuosittelemme että poistat tai muutat tiedostopäätteet (kuten, vaikka '.hc').\n\nOletko varma että haluat yhä käyttää ongelmallista tiedostopäätettä? - VAROITUS: Tällä säilöllä on tiedostopääte jota käytetään suoritettavissa tiedostoissa (kuten .exe, .sys, tai .dll) tai jokin muu tiedostopääte jolla on samanlailla ongelmallinen. Joka hyvin todennäköisesti johtaa Windows tai virustorjuntaohjelmiston häirintään säilön kanssa, mikä epäsuotuisasti vaikuttaa taltion suorituskykyyn ja saattaa aiheuttaa vakavia ongelmia.\n\nSuosittelemme vahvasti että poistat säilön tiedostopäätteen tai muutat sen (esim., '.hc') sen jälkeen kun pois-kytket taltion. - Kotisivu - VAROITUS: Näyttäisi siltä että sinulla ei ole mitään Service Pack asennettuna Windowsiin. Sinun ei pidä kirjoittaa IDE levylle isompaa kuin 128 GB tiedostoa Windows XP:llä jos sinulla ei ole Service Pack 1 tai myöhempää! Jos kuitenkin teen niin, data levyllä (ei väliä onko se VeraCrypt taltio vaiko ei) saattaa vioittua. Huomioi, että tämä on Windowsin rajoitus eikä virhe VeraCrypt ohjelmassa. - VAROITUS: Näyttäisi siltä että sinulla ei ole Service Pack 3 tai myöhempää asennettuna Windowsiin. Sinun ei pidä kirjoittaa IDE levylle isompaa kuin 128 GB tiedostoa Windows 2000 jos sinulla ei ole Service Pack 3 tai myöhempää! Jos kuitenkin teen niin, data levyllä (ei väliä onko se VeraCrypt taltio vaiko ei) saattaa vioittua. Huomioi, että tämä on Windowsin rajoitus eikä virhe VeraCrypt ohjelmassa.\n\nTiedotus: Saatat tarvita aktivoida 48-bit LBA tuki rekisteristä; lisätietoa, katso http://support.microsoft.com/kb/305098/EN-US - VAROITUS: 48-bit LBA ATAPI tuki on pois käytöstä järjestelmässäsi. Siksi, sinun ei täydy kirjoittaa IDE levyille isompaa kuin 128 GB! Jos kuitenkin teen niin, data levyllä (ei väliä onko se VeraCrypt taltio vaiko ei) saattaa vioittua. Huomioi, että tämä on Windowsin rajoitus eikä virhe VeraCrypt ohjelmassa.\n\nAktivoidaksesi 48-bit LBA tuen, lisää 'EnableBigLba' rekisteriarvo rekisteriavaimeen HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters ja aseta arvoksi 1.\n\nLisätietoa, katso http://support.microsoft.com/kb/305098 - Virhe: Tiedostot jotka ovat suurempia kuin 4 GB ei voida tallentaa FAT32 tiedostojärjestelmänä. Siksi, tiedosto perusteiset VeraCrypt taltiot tallennettuna FAT32 tiedostojärjestelmään eivät voi olla suurempi kuin 4 GB.\n\nJos haluat luoda suuremman taltion,on se luotava NTFS tyyppisenä (tai jos käytät Windows Vista SP1 tai myöhempää exFAT tiedostojärjestelmää) tai vaihtoehtoisesti tiedostoisännöidyllä taltion luonnilla, salakirjoitetun osion tai laitteen. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - VAROITUS: Jos haluat voida lisätä jatkossa enemmin dataa/tiedostoja ulkoiselle tallentimelle, sinun pitää valita pienempi koko piilotetulle taltiolle.\n\nOletko varma, että haluat jatkaa valitsemallasi koolla? - Taltiota ei ole valittuna.\n\nPaina 'Valitse Laite' tai 'Valitse Tiedosto' valitaksesi VeraCrypt taltion. - Osiota ei valittuna.\n\nPaina 'Valitse Laite' valitaksesi poistettavan yhteyden osion, joka tavallisesti vaaditaan esikäynnistys autentikoinnissa (esimerkiksi, osio sijaitsee toisen käyttöjärjestelmän suojatulla järjestelmälevyllä, joka ei ole käytössä, tai se on toisen käyttöjärjestelmän salattu järjestelmäosio).\n\nTiedotus: Valittu osio yhdistetään kuten tavallinen VeraCrypt taltio ilman esikäynnistys autentikointia. Tämä on hyödyllinen esim. varmistettaessa tai korjatessa toimintoa. - VAROITUS: Jos oletus avaintiedosto on olemassa ja aktivoituna, taltiot jotka eivät käytä tätä avaintiedostoa ei voida yhdistää. Siksi, oletus avaintiedoston aktivoinnin jälkeen, pidä mielessäsi poistaa merkintä 'Käytä Avaintiedostoa' tarkistus (alla salasana syöttö kenttä) kun yhdistät tällaiset taltiot.\n\nOletko varma, että haluat tallentaa valitut avaintiedostot/polut oletus asetuksiksi? - Automaattinen yhdistäminen laitteille - Poista kaikki yhteydet - Tyhjennä välimuisti - Poista Kaikki yhteydet & Tyhjennä välimuisti - Pakotettu yhteyden poisto kaikille & Tyhjennä välimuisti - Pakotettu yhteyden poisto kaikille, Tyhjennä välimuisti & Poistu - Yhdistä Suosikkitaltiot - Näytä/Piilota VeraCrypt pääikkuna - (Klikkaa tästä ja Paina näppäintä) - Suoritus - Pikakuvake - Virhe: Tämä pikakuvake on varattu. Valitse toinen pikakuvake. - Virhe: Pikakuvake on jo käytössä. - VAROITUS: Yksi tai useampi VeraCrypt järjestelmä laajuinen pikanäppäin ei toimi!\n\nTarkista etteivät toiset sovellukset tai käyttöjärjestelmät tätä samaa pikavalintaa(valintoja) kuin VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - Virhe tai epäyhteensopivuus ongelma nukkuvan tiedoston salauksessa. Siitä syystä, nukkuminen on estetty .\n\nTiedotus: Kun tietokone nukkuu (tai on Virransäästötilassa), järjestelmä muistin sisältö kirjoitetaan nukkuvalla asemalla olevalle tallentimelle. VeraCrypt ei voi saada salaus avaimia ja herkkien tiedostojen sisällön avausta RAM muistista jotka on tallennettu salaamattomasti. - Horrostila on estetty.\n\nVeraCrypt ei tue horrostilaa piilotetulla käyttöjärjestelmällä joka käyttää lisäkäynnistysosiota. Varmista että käynnistysosio on jaettu sekä houkutuslintu osion että piilotetun järjestelmän kesken. Siksi, jotta estetään tietovuoto ja ongelmat kun palataan horrostilasta, VeraCrypt on estetty kirjoittamaan piilotetulle järjestelmä osiolle. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - VAROITUS: Jos tämä valinta poistetaan, taltiot jotka sisältävät avoimia tiedostoja/hakemistoja ei voida automaattisesti poistaa yhteyttä.\n\nOletko varma, että haluat poistaa tämän valinnan? - VAROITUS: Taltiot sisältää avattuja tiedostoja/hakemistoja joita EI voida automaattisesti poistaa yhteyttä.\n\nEstääksesi tämän, valitse seuraava vaihtoehto dialogi ikkunasta: 'Pakotettu auto-yhteyden poisto vaikka taltiolla on avoimia tiedostoja/hakemistoja' - VAROITUS: Kun kannettavan akun virta on alhainen, Windows saattaa jättää lähettämättä tarkoituksenmukaista viestiä suoritettavalta sovellukselta, kun tietokone asettuu virransäästö tilaan. Siksi, VeraCrypt saattaa epäonnistua taltion auto-poiskytkennässä näissä tapauksissa. - Olet ajastanut salaus prosessin osiolle/taltiolle. Prosessi ei ole vielä suoritettu loppuun.\n\nHaluatko aloittaa nyt uudelleen prosessin? - Olet ajastanut salaus/salauksenpurku järjestelmälevyllä/asemalla. Ajo ei ole vielä valmis.\n\nHaluatko käynnistää (alkaa uudelleen) ajon nyt? - Haluatko että sinulle ilmoitetaan, kun aloitetaan nykyisin ajastuksessa olevan salaustehtävän ei-järjestelmä osiolle/taltiolle? - Kyllä, jatka muistuttamista - Ei, älä muistuta minua - TÄRKEÄÄ: Pidä mielessäsi että voit aloittaa salaus prosessin mistä tahansa osiosta/taltiosta valitsemalla 'Taltiot' > 'Aloita uudestaan Keskeytetty Prosessi' VeraCrypt ikkunan päävalikosta. - Olet ajastanut salaus/salauksenpurku järjestelmälevyllä/asemalla. Kuitenkin, ei-käynnistys autentikointi epäonnistui (tai ohitettu).\n\nTiedotus: Jos olet salapurkanut järjestelmäosion/levyn ei-käynnistys ympäristössä, sinun pitää päättää tehtävä valitsemalla 'Järjestelmä' > 'Pysyvästi Salapurettu järjestelmäosio/Levy' menu palkista VeraCrypt pääikkunasta. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Poistu? - VeraCrypt ei ole tarpeeksi tietoa havaitakseen, että tehdäänkö salaus vaiko salauksenpurku. - VeraCrypt ohjelmalla ei ole tarpeeksi tietoa siitä havaitakseen onko kyse salauksesta vaiko salauksenpurusta.\n\nTiedotus: Jos teet salauksenpurun järjestelmäosiolta/asemalta esikäynnistys ympäristössä, saatat tarvita viimeistellä prosessin painamalla Salauksenpurku. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Haluatko keskeyttää ja siirtää osion/taltion salaus prosessia?\n\nHuomioi: Pidä mielessäsi että taltiota ei voida yhdistää ennen kuin se on täysin salattu. Sinun on mahdollista aloittaa uudelleen salaus prosessi ja se jatkuu kohdasta jonne se pysähtyi aiemmin. Voit tehdä näin,esimerkiksi, valitsemalla 'Taltiot' > 'Aloita Uudelleen Keskeytetty Prosessi' VeraCrypt pääikkuna valikosta. - Haluatko keskeyttää ja siirtää järjestelmäosion/levyn salaus prosessia?\n\nTiedotus: Sinun on mahdollista aloittaa prosessi uudelleen ja se jatkuu kohdasta johon pysähdyttiin. Voit tehdä niin, esim. valitsemalla 'Järjestelmä' > 'Aloita Uudelleen Keskeytetty Prosessi' menu palkista VeraCrypt pääikkunasta. Jos haluat pysyvästi keskeyttää tai peruuttaa salakirjoitus prosessin, valitse 'Järjestelmä' > 'Avaa Salaus Pysyvästi järjestelmäosiolta/Asemalta'. - Haluatko keskeyttää ja siirtää järjestelmäosion/levyn salaus prosessia?\n\nTiedotus: Sinun on mahdollista aloittaa prosessi uudelleen ja se jatkuu kohdasta johon pysähdyttiin. Voit tehdä niin, esim. valitsemalla 'Järjestelmä' > 'Aloita Uudelleen Keskeytetty Prosessi' menu palkista VeraCrypt pääikkunasta. Jos haluat peruuttaa salauksenpurun prosessin (ja aloittaa salauksen), valitse 'Järjestelmä' > 'Salaa järjestelmäosio/Asema'. - Virhe: Yritys keskeyttää salattua/salauspurettua järjestelmän osiota/asemaa. - Virhe: Epäonnistunut keskeytys pyyhkimisen aikana. - Virhe: Yritys palauttaa salattua/salauspurettua järjestelmän osiota/asemaa. - Virhe: Epäonnistunut pyyhkimisen aloitus. - Epäjohdonmukaisesti ratkaistu.\n\n\n(Jos raportoit viasta yhdistäessäsi näin, sisällytä seuraavat tekniset tiedot vikaraporttiin: %hs) - Virhe: Odottamaton tila.\n\n\n(Jos raportoit virheestä yhteydessä tähän, ole hyvä ja sisällytä seuraavat tekniset tiedot virhe raporttiin: %hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - VAROITUS: VeraCrypt taustatehtävä on pois käytöstä. Poistuessasi VeraCrypt ohjelmasta, sinulle ilmoitetaan jos piilotetun taltion tuhot on torjuttu.\n\nTiedotus: Voit sulkea taustatehtävät milloin vain hiiren oikealla näppäimellä tai VeraCrypt palkin kuvakkeesta valitsemalla 'Poistu'.\n\nAktivoi VeraCrypt taustatehtävät? - Kielipaketin versio: %s - Tarkistetaan tiedostojärjestelmää joka on VeraCrypt yhdistetty %s taltio.. - Yritetään korjata tiedostojärjestelmää joka on VeraCrypt yhdistetty %s taltio.. - Varoitus: Tämä taltio on salakirjoitettu laillisella salakirjoitus algoritmilla.\n\nKaikki 64-bit-block salakirjoitus algoritmit (esimerkiksi, Blowfish, CAST-128, tai Triple DES) ovat vältettyjä. On mahdollista yhdistää tämä taltio käyttäen tulevia VeraCrypt versioita. Kuitenkaan ei tule olemaan lisäyksiä salakirjoitus algoritmi toteutuksiin. Suosittelemme että luot uuden VeraCrypt taltion käyttäen 128-bit-block salakirjoitus algoritmia (esimerkiksi, AES, Serpent, Twofish, jne.) ja että siirrät kaikki tiedostot tästä taltiosta uuteen. - Järjestelmäsi ei ole konfiguroitu käyttämään Autoyhdistä Laitteet toimintoa uusille taltioille. On mahdotonta yhdistää laite-isännöity VeraCrypt taltio. Autoyhdistä laitteet voidaan aktivoida ajamalla seuraava komento ja käynnistämällä järjestelmä uudelleen.\n\nmountvol.exe /E - Määrittele kirjain osiolle/laitteelle ennen suoritusta ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Lisää ja alusta kovalevyn osioita').\n\nHuomioi, että tämä on käyttöjärjestelmän vaatimus. - Yhdistä VeraCrypt Taltio - Poista kaikki yhdistetyt VeraCrypt Taltiot - VeraCrypt ohjelmalla ei ole tarvittavia oikeuksia. - Käyttöjärjestelmä evännyt pääsyn.\n\nMahdollinen syy: Käyttöjärjestelmä vaatii luku/kirjoitus oikeudet (tai pääkäyttäjän oikeudet) hakemistoon, tiedostoon, ja laitteeseen, jotta luku/kirjoitus onnistuisi sinulta. Tavallisesti käyttäjän on mahdollista, lukea ja muokata tiedostoja Omat tiedostot kansiossa. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - VeraCrypt Käynnistyslataaja vaatii vähintään 32 KByteä vapaata tilaa järjestelmälevyn alusta (VeraCrypt Käynnistyslataaja tallennettava tälle alueelle). Valitettavasti, sinun asemasi eivät täytä tätä ehtoa.\n\nÄlä raportoi tätä VeraCrypt bugina/ongelmana. Ratkaistaksesi tämän ongelman, sinun tarvitsee osioida uudelleen levysi ja jättää ensimmäiset 32 KByteä levyltä vapaaksi (useammassa tapauksessa, sinun tarvitsee poistaa ja uudelleen luoda ensimmäinen osio). Suosittelemme että käytät Microsoft osiointi manager ohjelmaa, joka on saatavana esim. kun asennat Windows järjestelmää. - Ominaisuus ei ole tuettuna nykyiselle käyttöjärjestelmä versiollesi. - VeraCrypt ei tue salattua järjestelmäosio/asema versiota käyttöjärjestelmästä jota nykyisin käytät. - Ennen kuin voit salata järjestelmäosion/aseman Windows Vistassa, sinun täytyy asentaa Service Pack 1 tai uudempi Windows Vista (sellaista Service Pack ei ole asennettuna vielä tähän järjestelmään).\n\nHuomio: Windows Vista Service Pack 1 ratkaisee ongelman joka aiheutui vapaamuistin puutteesta järjestelmän käynnistyksessä. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Virhe: Tämä ominaisuus vaatii, että VeraCrypt on asennettuna järjestelmään (käytät VeraCrypt ohjelmaa liikutettavassa tilassa).\n\nOle hyvä ja asenna VeraCrypt ja sitten yritä uudelleen. - VAROITUS: Windows ei ole asennettu samalle asemalle kuin mistä se käynnistetään. Tämä ei ole tuettuna.\n\nSinun tulee jatkaa ainoastaan vain jos olet varma että Windows on asennettuna asemalle josta se käynnistetään.\n\nHaluatko jatkaa? - Järjestelmäsi asemassa on GUID partitio taulu (GPT). Nykyisin vain aseman MBR osio taulu on tuettuna. - VAROITUS: VeraCrypt Käynnistyslataaja on jo asennettu järjestelmälevylle!\n\nOn mahdollista että koneen toinen käyttöjärjestelmä on jo salattu.\n\nVAROITUS: SUORITTAMALLA SALAUKSEN NYKYISELLE AJETTAVALLE JÄRJESTELMÄLLE SAATTAA TOINEN JÄRJESTELMÄ(T) MAHDOTTOMAKSI KÄYNNISTÄÄ JA ASIANOMAINEN MAHDOTONTA KÄYTTÄÄ.\n\nOletko varma, että haluat jatkaa? - Alkuperäisen järjestelmälataajan palautus ei onnistunut.\n\nKäytä VeraCrypt Pelastuslevyä ('Korjaa Valinta' > 'Palauta alkuperäinen järjestelmä lataaja') tai Windows asennusohjelmalla korvataksesi VeraCrypt käynnistyslataajan Windows järjestelmälataajalla. - Alkuperäinen järjestelmä lataaja ei ole talletettu Pelastuslevylle (mahdollinen syy: puuttuva varmuuskopio tiedosto). - Epäonnistunut kirjoitus MBR sektorille.\n\nSinun BIOS saattaa olla asetettu suojatulle MBR sektorille. Tarkista BIOS asetukset (paina F2, Delete, tai Esc, sen jälkeen kun kone on käynnistynyt) MBR/virussuojauksen takia. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - Vaadittua versiota VeraCrypt Käynnistyslataajasta ei ole nyt asennettuna. Tämä saattaa estää joitakin tallennettuja asetuksia. - Huomioi: Joissakin tapauksissa, haluat estää henkilöä (vastustaja) että katsoo sinun käynnistävän tietokoneen tietäen että käytät VeraCrypt ohjelmaa. Yllä oleva vaihtoehto sallii sinua tekemään räätälöity VeraCrypt Käynnistyslataajan ikkuna. Jos mahdollistat ensimmäisen vaihtoehdon, ei tekstiä näytetä Käynnistyslataajassa (ei edes silloin kuin annat väärän salasanan). Tietokone näyttää "jäätyvän" ennen kuin voit kirjoittaa salasanasi. Lisäksi, muokattu sanoma voidaan näyttää harhaan johtamaan vastustaja. Esimerkiksi, väärennetty virhe sanoma kuten "Puuttuva käyttöjärjestelmä" (mikä tavallisesti näytetään Windows Käynnistyslataajassa jos se ei löydä Windows käynnistys osiota). Tämä on, kuitenkin, tärkeä havaita jos vastustaja voi analysoida kovalevyn sisältöä, hän voi havaita että se sisältää VeraCrypt Käynnistyslataajan. - VAROITUS: Pidä mielessäsi että valitsit tämän valinnan, VeraCrypt Käynnistyslataaja ei näytä mitään tekstejä (ei edes silloin kun annat väärän salasanan). Tietokone näyttää kuin olisi "jäätynyt" (reagoimaton) kun voit kirjoittaa salasanasi (kursori EI liiku eikä tähtimerkkiä näytetä kun painat näppäintä).\n\nOletko varma että haluat valita tämän valinnan? - järjestelmäosio/levy on täysin salattu. - VeraCrypt ei tue salausta järjestelmälevylle joka on konvertoitu dynaamiseksi levyksi. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Haluatko salata järjestelmälevyn kokonaisen aseman sijaan?\n\nHuomioi, että voit luoda osio-isännöidyn VeraCrypt aseman ei järjestelmäosion sisään asemalla (lisäksi salata järjestelmäosio). - Sinun järjestelmälevy sisältää vain yhden osion joka varaa koko aseman, pidetään parempana sitä (suojatumpi) että salataan kokonainen asema sisältäen vapaat "löysä" tila joka tyypillisesti ympäröi osiota.\n\nHaluatko salata kokonaisen järjestelmä aseman? - Järjestelmäsi on asetettu tallentamaan väliaikaiset tiedostot ei-järjestelmäosiolle.\n\nVäliaikaiset tiedostot voidaan tallentaa ainoastaan järjestelmäosiolle. - Sinun käyttäjä profiili tiedostot eivät ole tallennettuna järjestelmäosiolle.\n\nKäyttäjä profiili tiedostot voidaan tallentaa ainoastaan järjestelmäosiolle. - Sivutus tiedosto(t) ovat ei-järjestelmäosiolla.\n\nSivutus tiedostot voivat sijaita ainoastaan järjestelmäosiolla. - Haluatko nyt konfiguroida Windowsin luomaan sivutustiedostoja vain Windows osiolle?\n\nHuomioi että jos painat 'Kyllä', tietokone uudelleen käynnistetään. Käynnistä sitten VeraCrypt ja yritä luoda uudelleen piilotettu käyttöjärjestelmä. - Muutoin, uskottavalla kiistanalaisella piilotetulla käyttöjärjestelmällä saattaa olla haitallinen vaikutus.\n\nHuomioi: Jos vastustaja tutkii sellaisten tiedostojen sisältöä (sijaitsevat ei-järjestelmäosiolla), hän havaita että käytit opastettua piilotetun järjestelmän luontia tilassa (mikä saattaa osoittaa olemassa olevan piilotetun käyttöjärjestelmän tietokoneellasi). Huomioi myös että mikä tahansa tällainen tiedosto tallennettuna järjestelmäosiolle on VeraCrypt turvallisesti poistanut luotaessa piilotettua käyttöjärjestelmää tehtävän suorituksen aikana. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - Turvallisuus syistä, jos nykyisin käytettävä käyttöjärjestelmä vaatii aktivoinnin, se tulee aktivoida ennen tehtävän jatkamista. Huomioi että piilotettu käyttöjärjestelmä luodaan kopioimalla järjestelmäosion sisältö piilotetulle taltiolle (siksi jos käyttöjärjestelmää ei ole aktivoitu, piilotettua käyttöjärjestelmääkään ei aktivoida). Lisätietoja, katso kappale "Turvallisuus Varotoimet Liittyen Piilotettuihin Osioihin" VeraCrypt Käyttäjä Oppaassa.\n\nTärkeää: Ennen kuin jatkat, varmista että olet lukenut kappaleen "Turvallisuus Varotoimet Liittyen Piilotettuun Taltioihin" VeraCrypt Käyttäjän Oppaassa.\n\n\nOnko nykyisessä käyttöjärjestelmässäsi oheisen kaltainen tilanne? - Järjestelmäsi käyttää lisäkäynnistysosiota. VeraCrypt ei tue nukkumistilaa piilotetulla käyttöjärjestelmällä joka käyttää lisäkäynnistysosiota (houkutuslintuna oleva järjestelmä voi olla nukkuvana ilman mitään ongelmaa).\n\nHuomioi että käynnistysosio on jaettuna sekä houkutuslintujärjestelmän ja piilotetun järjestelmän kanssa. Siitä syystä, estääkseen datan vuotamisen ja ongelmat nukkumistilasta palatessa, VeraCrypt on torjuttava piilotettua järjestelmää kirjoittamasta jaetulle käynnistysosiolle.\n\n\nHaluatko jatkaa? jos valitset 'Ei', näytetään ohjeet lisäkäynnistyosion poistamiseksi - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Varoitus: Siellä on allokoimatonta tilaa järjestelmäosion ja ensimmäisen osion takana. Kun olet luonut piilotetun käyttöjärjestelmän, sinun täytyy luoda uudet osiot tälle allokoimattomalle tilalle. Muutoin, piilotettu käyttöjärjestelmä ei ole mahdollista käynnistää (ennen kuin poistat sellaisen vasta luodun osion). - Tämä algoritmi ei ole tuettuna järjestelmän salauksessa. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Avaintiedostot eivät ole nykyisin tuettuna järjestelmä salaukselle. - Varoitus: VeraCrypt ei voi palauttaa alkuperäistä näppäimistä ulkoasua. Tämä saattaa johtaa sinun antamasta väärästä salasanasta. - Virhe: Ei voida asettaa näppäimistö ulkoasua VeraCrypt standardi US näppäin ulkoasuksi.\n\nHuomioi, että salasana täytyy kirjoittaa esikäynnistys ympäristössä (ennen kuin Windows käynnistyy) kun ei-US Windows näppäimistö ulkoasu ei ole saatavana. Siksi salasana tulee aina kirjoittaa käyttäen standardia näppäin asetusta. - Kuten VeraCrypt väliaikaisesti muutettu näppäimistä mallia vakion US näppäimistä malliksi, ei ole mahdollista kirjoittaa kirjaimia kun oikea Alt näppäin on alhaalla. Kuitenkin, voit kirjoittaa useimpia kirjaimia painamalla jotain kirjaimia Vaihto näppäin alhaalla. - VeraCrypt torjuu näppäimistön ulkoasu muutokset. - Huomioi: Salasana täytyy olla kirjoitettu esikäynnistys ympäristössä (ennen kuin Windows käynnistyy) jossa ei-US Windows näppäimistö ulkoasu ole saatavana. Siksi, salasana täytyy aina kirjoittaa käyttäen standardia US näppäimistö ulkoasua. Kuitenkin, on tärkeää huomioida että ET tarvitse oikeaa US näppäimistöä. VeraCrypt automaattisesti varmistaa voit turvallisesti kirjoittaa salasanan (juuri nyt ja esikäynnistys ympäristössä) vaikka sinulla EI ole oikeaa US näppäimistöä. - Ennen kuin voit salata osion tai aseman, sinun täytyy luoda VeraCrypt Pelastuslevy (TPL), joka palvelee seuraavissa tarkoituksissa:\n\n- Jos VeraCrypt Käynnistyslataaja , Pääavain, tai muu kriittinen data tuhoutuu, TPL sallii sinun palauttaa se (huomioi, kuitenkin, kun sinä tulee edelleen antaa oikea salasana).\n\n- Jos Windows tuhoutuu ja et voi käynnistää sitä, TPL sallii sinun pysyvästi purkaa salaus osiolta tai asemalta ennekuin Windows käynnistyy.\n\n- TPL sisältää varmistuksen nykyisestä aseman ensimmäisestä raidan sisällöstä (joka tyypillisesti sisältää järjestelmälataajan tai käynnistyksen hallintaohjelman) ja sallii sinun palauttaa sen jos tarpeen.\n\nVeraCrypt Pelastuslevy ISO imagen luonti määritellään alla. - Sen jälkeen kun olet painanut OK, Microsoft Windows Levyimage poltto käynnistetään. Käytä sitä polttaaksesi VeraCrypt Pelastuslevyn ISO image CD/DVD:lle.\n\nSen jälkeen, palaa VeraCrypt Opastettuun Taltion Luontiin ja seuraa ohjeita. - Pelastuslevy image on luotu ja talletettu tiedostoon: %s\n\nNyt sinun tulee polttaa se Pelastuslevy CD tai DVD:lle.\n\n%lsPelastuslevyn polton jälkeen, paina Seuraava varmistaaksesi että Pelastuslevy on poltettu oikein. - Pelastuslevy image on luotu ja tallennettu tiedostoon: %s\n\nNyt sinun tulee joko polttaa Pelastuslevyt CD/DVD:lle tai siirtää se varmaan paikkaan myöhempää käyttöä varten.\n\n%lsPaina Seuraava jatkaaksesi. - TÄRKEÄÄ: Huomioi, että tiedoston täytyy olla kirjoitettu CD/DVD:lle ISO levy imagena (ei itse tiedostona). Ohjeistus siitä. miten tämä tehdään, seuraa dokumentaatiota jonka sait CD/DVD ohjelmiston mukana. Jos sinulla ei ole CD/DVD tallennus ohjelmaa, jolla voidaan kirjoittaa ISO levyimage CD/DVD:lle, paina alla olevaa linkkiä ladataksesi ilmaisen ohjelmiston.\n\n - Käynnistä Microsoft Windows Levy Imagen Poltto - VAROITUS: Jos olet jo luonut VeraCrypt Pelastuslevyn aiemmin, sitä ei voida uudelleen käyttää tälle järjestelmäosiolle/asemalle koska se on luotu eri pääavaimelle! Joka kerta kun salaat osion/levyn, sinun täytyy luoda uusi VeraCrypt Pelastuslevy vaikka käyttäisitkin samaa salasanaa. - Virhe: Järjestelmän salauksen asetuksia ei voitu tallentaa. - Järjestelmä salauksen esitestiä ei voitu aloittaa. - Ei voida tunnistaa piilotetun käyttöjärjestelmän tapahtumaa. - Tyhjennys Tila - Joissakin tyypeissä tallennus medioita, kun dataa ylikirjoitetaan toisella datalla, on mahdollista palauttaa ylikirjoitettu data käyttäen sellaisia tekniikoita kuin magneettisesti pakotettu mikrokopiointi. Tämä myös sallii data ylikirjoituksen salatussa muodossa (mikä tapahtuu kun VeraCrypt alustaessa salakirjoittaa salaamattoman osion tai aseman). Joiden ohjeiden ja julkaisujen mukaan, palautus ylikirjoitetulle datalle voidaan estää (tai tehdä hyvin vaikeaksi) ylikirjoittamalla dataa epäaitosatunnaisesti ja tietyllä ei-satunnaisdataa useamman kerran. Siksi, jos uskot että vastustaja saattaisi mahdollisesti käyttää tällaisia tekniikoita palauttaakseen datan jonka aiot salata, sinun tulee valita pyyhintä tila (olemassa oleva data EI häviä). Huomioi että pyyhintää EI suoriteta osion/aseman salauksen jälkeen. Kun osio/asema on täysin salattu, salaamaton data kirjoitetaan sille. Mikä tahansa kirjoitettu data ensiksi salataan lennossa muistissa ja ainoastaan sitten se (salattu) data kirjoitetaan levylle. - Joissakin tyypeissä tallennus medioita, kun dataa ylikirjoitetaan toisella datalla, (esim. kun data pyyhitään pois), on mahdollista palauttaa ylikirjoitettu data käyttäen sellaisia tekniikoita kuin magneettisesti pakotettu mikrokopiointi. Joiden ohjeiden ja julkaisujen mukaan, palautus ylikirjoitetulle datalle voidaan estää (tai tehdä hyvin vaikeaksi) ylikirjoittamalla dataa epäaitosatunnaisesti ja tietyllä ei-satunnaisdataa useamman kerran. Siksi, jos uskot että vastustaja saattaisi mahdollisesti käyttää tällaisia tekniikoita palauttaakseen datan jonka olet poistamassa, sinä voit haluta valita jonkin moniohitus (multi-pass) pyyhintä tilan.\n\nHuomioi: Mitä enemmin pyyhintä ohitusta käytät, sitä kauemmin kestää datan pyyhintä. - Pyyhi - \nHuomioi: Voit keskeyttää pyyhintä tehtävän, sulkemalla tietokoneesi, käynnistämällä piilotetun järjestelmän uudelleen ja sitten uudelleen käynnistämällä tehtävän (tämä opastus käynnistetään automaattisesti). Kuitenkin, jos keskeytät sen, koko pyyhintä tehtävä käynnistetään alusta asti. - \n\nHuomioi: Jos keskeytät pyyhintä tehtävän ja sitten yrität uudelleen käynnistää sitä, koko tehtävä aloitetaan alusta asti. - Haluatko keskeyttää pyyhinnän? - Varoitus: Koko sisältö valitulta osiolta/asemalta tyhjennetään ja se katoaa. - Koko osion sisältö missä alkuperäinen järjestelmä sijaitsee tyhjennetään.\n\nHuomioi: Koko osion sisältö joka halutaan poistaa on kopioitu tälle piilotetulle osiolle. - VAROITUS: Huomioi että kun valitset esim. 3-ohitus pyyhintä tilan, kuluva tarvittu aika salatakseen osion/aseman kestää 4 kertaa kauemmin. Samoin kuin, jos valitset 35-ohitus pyyhintä tilan, se kestää 36 kertaa kauemmin (saattaa kestää useita viikkoja).\n\nKuitenkin, huomioi että pyyhintää EI suoriteta sen jälkeen kun osio/asema on täysin salattu. Kun osio/asema on täysin salattu, salaamatonta tietoa ei kirjoiteta sille. Mitä tahansa kirjoitetaan sille se ensin salataan lennossa muistissa ja ainoastaan sitten se (salattu) tieto kirjoitetaan levylle (siten se EI vaikuta suorituskykyyn).\n\nOletko varma että haluat käyttää pyyhintä tilaa? - Ei mitään (nopein) - 1-läpi (satunnaistieto) - 3-läpi (US DoD 5220.22-M) - 7-läpi (US DoD 5220.22-M) - 35-läpi ("Gutmann") - 256-läpi - Käyttöjärjestelmän numero - VAROITUS: Aloittelevan käyttäjän ei koskaan pidä yrittää salata Windows monikäynnistys (multi-boot) konfiguraatioita.\n\nJatkatko? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Käynnistys Asema - Onko nykyinen käytössä oleva käyttöjärjestelmä asennettuna käynnistys asemalle?\n\nTiedotus: Joskus Windows ei ole asennettu samalle asemalle kuin käynnistys lataaja (käynnistys osiolle). Tässä tapauksessa valitse 'Ei'. - VeraCrypt nykyisin ei tue salattua käyttöjärjestelmää joka ei käynnisty asemalta jonne sitä ei ole asennettu. - Järjestelmälevyjen Määrä - Kuinka monta asemaa käyttöjärjestelmäsi sisältää?\n\nTiedotus: esimerkiksi, jos käyttöjärjestelmäsi on (esim. Windows, Mac OS X, Linux, jne.) asennettu ensisijaiselle asemalle ja jokin lisä käyttöjärjestelmä on asennettu toissijaiselle asemalle, valitse '2 tai enemmin'. - VeraCrypt ei nykyisin tue salattua kokonaista asemaa joka sisältää useamman käyttöjärjestelmän.\n\nMahdollinen ratkaisu:\n\n- Voit vielä salata yhden järjestelmän jos menet takaisin ja valitset salaa vain yksi järjestelmäosio (vastakohta valittaessa salaukseen kokonainen järjestelmälevy).\n\n- Vaihtoehto, on mahdollista salata kokonainen asema jos siirrät järjestelmän toiselle asemalle jättäen ainoastaan yhden järjestelmän asemalle jonka haluat salata. - Useampi järjestelmä yhdellä levyllä - Onko jotakin muuta käyttöjärjestelmää asennettuna asemalle kuin nykyisin ajettava ja asennettu järjestelmä?\n\nTiedotus: Esimerkiksi, jos nykyinen ajettava käyttöjärjestelmä on asennettu asemalle #0, mikä sisältää useita osioita. ja jos yksi osioista sisältää Windowsin ja toiset osiot jonkin muun toisen käyttöjärjestelmän (esim. Windows, Mac OS X, Linux, jne.), valitse 'Kyllä'. - Ei-Windows Käynnistyslataaja - Onko ei-Windows käynnistys lataaja (tai käynnistys manageri) asennettuna isäntä käynnistys rekisteriin (MBR)?\n\nHuomioi: Esimerkiksi, jos ensimmäinen käynnistys aseman polku sisältää GRUB, LILO, XOSL, tai muun ei-Windows käynnistys managerin (tai käynnistys lataajan), valitse 'Kyllä'. - Multi-Bootti - VeraCrypt ei nykyisellään tue multi-käynnistys asetuksia jonne Ei-Windows käynnistys lataaja on asennettuna Master Boot Recordiin (MBS).\n\nMahdollinen Ratkaisu:\n\n- Jos käytät käynnistys manageria käynnistääksesi Windows ja Linux järjestelmiä, siirrä käynnistys manageri (tyypillisesti, GRUB) Master Boot Record osiolta. Sitten käynnistä opastus uudelleen ja salaa järjestelmäosio/levy. Huomioi, että VeraCrypt Käynnistyslataajasta tulee sinun ensisijainen käynnistys manageri ja se mahdollistaa sinua ajamasta alkuperäistä käynnistys manageria (esim. GRUB) kuten toissijaisena käynnistys managerina (painamalla Esc näppäintä VeraCrypt Käynnistyslataajan ikkunassa) ja siten mahdollista ladata Linux. - Jos nykyinen käytössäsi oleva käyttöjärjestelmä on asennettu lataavalle osiolle ,sitten, kun olet salannut sen, sinun tulee antaa oikea salasana vaikka jos haluat käynnistää jonkin toisen salaamattoman Windows järjestelmän(t) (kuten ne jakavat yhden salatun Windows käynnistys lataajan/managerin).\n\nVastakohtana, jos nykyinen käyttöjärjestelmä ei ole asennettuna käynnistyvälle osiolle (tai jos Windows käynnistys lataaja/manageri ei ole käytetty toista muuta järjestelmää), sitten, kun olet salannut tämän järjestelmän, sinun ei tarvitse antaa oikeaa salasanaa käynnistääksesi salaamatonta järjestelmää(t) -- sinun tulee ainoastaan painaa Esc näppäintä aloittaaksesi salaamattoman järjestelmän (jos on useampia salaamattomia järjestelmiä, sinun tulee myös valita minkä järjestelmän käynnistät VeraCrypt Käynnistys Manageri valikosta).\n\nTiedote: Tavallisesti, aiemmin asennettu Windows järjestelmä on asennettu käynnistys osiolle. - Isäntä Suojattu alue Salattu - Monen asemien lopussa on alue, joka on tavallisesti piilotettu käyttöjärjestelmältä (tällaiset alueet ovat tavallisesti mainittuina Isäntä Suojatuissa Alueissa). Kuitenkin, jotkin ohjelmat voivat lukea ja kirjoittaa dataa siitä/siihen alueeseen.\n\nVAROITUS: Jotkin tietokoneen valmistajat voivat käyttää tällaista aluetta tallentaakseen työkaluja ja dataa RAID:lle, järjestelmän toipuminen, järjestelmän asetukset, diagnostiikka, tai muu tarkoitus. Jos tällainen työkalu tai data täytyy olla saatavilla ennen käynnistymistä, piilotettua aluetta EI tule salata (valitse 'Ei' yllä).\n\nHaluatko VeraCrypt havaita ja salata tällainen piilotettu alue (jos on) järjestelmä aseman lopusta? - Järjestelmä Salauksen tyyppi - Valitse tämä valinta jos haluat pelkästään salata järjestelmän osion tai kokonaisen järjestelmälevyn. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Piilotettu Käyttöjärjestelmä - Seuraavassa kohdassa, luot kaksi VeraCrypt taltiota (ulkoinen ja piilotettu) ensimmäisen osion sisälle ja järjestelmäosion taakse. Piilotettu taltio sisältää piilotetun käyttöjärjestelmän (OS). VeraCrypt luo piilotetun OS kopioimalla järjestelmäosion sisällön (missä nykyinen ajettava OS on asennettuna) piilotetulla taltiolla. Ulkoiselle taltiolle, sinä kopioit jotakin herkkäluontoiselta näyttäviä tiedostoja joita ET todellisuudessa halua piilottaa. Ne ovat siellä koska jos jokin pakottaa sinua paljastamaan salasanan piilotetulle käyttöjärjestelmäosiolle. Voit paljastaa salasanan ulkoiselle taltiolle piilotetun käyttöjärjestelmäosion sisällä (piilotetun käyttöjärjestelmän olemassaolo pysyy salassa).\n\nLopuksi, käynnissä olevalla käyttöjärjestelmän osiolla, voit asentaa uuden käyttöjärjestelmän, niin kutsutun houkutuslintu käyttöjärjestelmän, ja salata sen. Sen ei pidä sisältää herkkää tietoa ja ovat siellä jos jokin pakottaa sinua paljastamaan esikäynnistys autentikointi salasanan. Kokonaisuudessaan, siellä on kolme salasanaa. Kaksi niistä voidaan paljastaa (houkutuslintu käyttöjärjestelmälle ja ulkoiselle taltiolle). Jos käytät kolmatta, piilotettu käyttöjärjestelmä käynnistyy. - Tunnistetaan Piilotetut Sektorit - Odota kunnes VeraCrypt tunnistaa mahdollisen piilotetun sektorin järjestelmälevyn lopusta. Huomioi että tämä saattaa kestää kauan.\n\nTiedotus: Harvassa tapauksessa joissakin tietokoneissa, järjestelmä saattaa olla vastaamatta käskyihin tämän tunnistus toiminnon aikana. Jos tämä tapahtuu, uudelleen käynnistä tietokone, käynnistä VeraCrypt, toista edellinen askel mutta hyppää yli tästä tunnistus kohdasta. Huomioi että tämä ongelma ei ole VeraCrypt bugi. - Alue Salaukseen - Valitse tämä valinta jos haluat salata kokonaisen aseman, missä nykyinen Windows on asennettuna. Koko asema, sisältäen kaikki sen osiot, salataan paitsi ensimmäinen ura jossa VeraCrypt Käynnistyslataaja sijaitsee. Kukaan joka tahtoo päästä asennettuun järjestelmään tällä asemalla, tai aseman tallennettuihin tiedostoihin, tarvitsee oikean salasanan joka kerta ennen kuin järjestelmä käynnistyy. Tätä valintaa ei voi käyttää salatakseen toissijaisen tai ulkoisen aseman jos Windows ei ole asennettuna sille ja käynnisty siltä. - Kerää Satunnais-dataa - Avaimet Luotu - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Pelastuslevy Nauhoitettu - Pelastuslevy Luotu - Järjestelmä Salakirjoitus uudelleen testi - Pelastuslevy Tarkistettu - \nVeraCrypt Pelastuslevy on onnistuneesti tarkistettu. Poista se nyt asemasta ja tallenna se turvalliseen paikkaan.\n\nPaina Seuraava jatkaaksesi. - VAROITUS: Seuraavan kohdan aikana, VeraCrypt Pelastuslevy ei pidä olla asemassa. Muutoin, ei ole mahdollista lopettaa vaihetta virheettömästi.\n\nPoista se nyt asemasta ja tallenna turvalliseen paikkaa. Paina OK. - Varoitus: Teknisistä rajoituksista johtuen esikäynnistys ympäristössä, VeraCrypt näyttämä teksti esikäynnistys ympäristöstä (esim. ennen kuin Windows käynnistyy) ei voida paikallistaa. VeraCrypt Käynnistyslataaja käyttäjä liityntä on täysin englannin kielinen.\n\nJatka? - Ennen kuin salaat käyttöjärjestelmän osion tai aseman, VeraCrypt tarvitsee varmistaa että kaikki toimii oikein.\n\nKun painat Testaa, kaikki tarvittavat komponentit (esim., esikäynnistys autentikointi komponentti, jne. VeraCrypt Käynnistyslataaja) asennetaan ja koneesi käynnistetään uudelleen. Sitten sinun on annettava salasana VeraCrypt Käynnistyslataajan ikkunassa joka ilmestyy ennen Windows käynnistymistä. Kun Windows on käynnistynyt, esitesti tulos ilmoitetaan sinulle automaattisesti.\n\nSeuraava laite muokataan: Asema #%d\n\n\nJos painat nyt Peruuta, mitään ei asenneta ja esitestiä ei suoriteta. - TÄRKEÄÄ TIEDOTE -- LUE TAI TULOSTA (paina 'Tulosta'):\n\nHuomioi ettei yksikään tiedostoista salata ennen kuin onnistuneesti käynnistät tietokoneen ja sitten Windowsin. Siksi, jos jokin epäonnistuu, tiedostosi EIVÄT häviä. Kuitenkin, jos jokin epäonnistuu, sinä saatat törmätä vaikeuksiin käynnistettäessä Windowsia. Siksi, lue (ja jos mahdollista tulosta) seuraava ohjeistus siitä mitä tehdä jos Windows ei voi käynnistyä uudelleen käynnistyksen jälkeen.\n\n - Mitä tehdä jos Windows ei käynnisty ------------------------------------------------\n\nHuomioi: Nämä ohjeet ovat voimassa ainoastaan jos et ole käynnistänyt salausta.\n\n- jos Windows ei käynnisty antaessasi oikean salasanan (tai jos olet jatkuvasti antanut oikean salasanan mutta VeraCrypt sanoo että salasana on väärä), ei hätää. Käynnistä uudelleen (virta pois ja päälle) tietokoneesi, ja VeraCrypt Käynnistyslataajan ikkunassa, paina Esc näppäintä (ja jos sinulla on useampia järjestelmiä asennettuna, valitse minkä käynnistät). Sitten Windows tulisi käynnistyä (jos ei ole salattuna) ja VeraCrypt automaattisesti kysyy mistä haluat poistaa esikäynnistys varmistuskomponentin. Huomioi että edellinen askel EI toimi jos järjestelmä osio/asema on salattuna (kukaan ei voi käynnistää Windowsia tai pääsy aseman salatulle tiedoille ilman oikeaa salasanaa vaikka hän seuraisi edellisiä askeleita).\n\n - - Jos aiemmat vaiheet eivät auttaneet tai jos VeraCrypt Käynnistys Lataaja ikkuna ei näy (ennekuin Windows käynnistyy), aseta VeraCrypt Pelastuslevy CD/DVD asemaan ja käynnistä uudelleen tietokoneesi. Jos VeraCrypt Pelastuslevy ikkuna ei näy (tai jos et näe 'Korjaa Valinnat' kohtaa 'Näppäimistön Hallinta' VeraCrypt Pelastuslevy valinnasta ikkunassa), on mahdollista että joudut konfiguroimaan BIOS asetuksesi käynnistääksesi järjestelmän kovalevyltä ennen CD/DVD asemia. Jos tästä kyse, käynnistä tietokoneesi, paina F2 tai Delete (heti kun näet BIOS käynnistys ikkunan), ja odota ennekuin BIOS konfigurointi ikkuna ilmestyy. Jos BIOS konfigurointi ikkunaa ei ilmesty, käynnistä uudelleen tietokoneesi ja käynnistä painamalla F2 tai Delete toistamiseen kunnes käynnistät tietokoneen. Kun BIOS konfigurointi ikkuna ilmestyy, muuta BIOS käynnistämään CD/DVD asema ensin. Käynnistä sitten tietokoneesi. VeraCrypt Pelastuslevy ikkuna täytyy nyt ilmestyä. VeraCrypt Pelastuslevy ikkunassa, valitse 'Korjaa Valinnat' painamalla F8 näppäintä. 'Korjaa Valinnat' valinnoissa, valitse 'Palauta alkuperäinen järjestelmä lataaja'. Sitten poista Pelastuslevy CD/DVD asemasta ja käynnistä tietokone uudelleen. Windows tulisi käynnistyä normaalisti (jos se ei ole salattuna).\n\n - Huomioi että edellinen kohta EI toimi jos järjestelmä osio/asema on salattu (ei kukaan voi käynnistää Windowsia tai päästä käsiksi aseman salattuun tietoon ilman oikeaa salasanaa vaikka jos hän seuraisikin aikaisempia kohtia).\n\n\nHuomioi vaikka jos kadotat VeraCrypt Pelastuslevyn ja jokin toinen löytää sen, hän EI voi purkaa järjestelmäsalausta osiolta tai asemalta ilman oikeaa salasanaa. - Uudelleen Testaus Suoritettu - Esitesti on onnistuneesti suoritettu.\n\nVAROITUS: Huomioi että jos virta katkeaa äkillisesti kun salaus on meneillään, tai kun käyttöjärjestelmä kaatuu johtuen ohjelmisto virheestä tai laitteisto viasta johtuen kun VeraCrypt on salaamassa olemassa olevaa data, osa datasta korruptoituu tai häviää. Siksi, ennen kuin aloitat salauksen, varmista että sinulla on varmuustallennus kopio näistä tiedostoista jotka haluat salata. Jos ei ole, ole hyvä ja tee se nyt (voit painaa Lykkää, varmuustallenna nämä tiedostot, sitten aja VeraCrypt uudelleen, ja valitse 'Järjestelmä' > 'Aloita Uudelleen Keskeytetty Prosessi' aloittaaksesi salauksen).\n\nKun valmis, paina Salaus aloittaaksesi salauksen. - Voit painaa tauko tai siirrä milloin tahansa keskeyttääksesi salaus/salauksenpurku toiminnon, poistu opastuksesta, uudelleen käynnistä tai sulje tietokone, ja sitten aloita prosessi uudelleen, mikä jatkuu edelleen siitä kohdasta johon pysähdyttiin. Torjuaksesi sulkemisen kun järjestelmä tai sovellus kirjoittaa tai lukee dataa järjestelmälevyltä, VeraCrypt automaattisesti odottaa ennen kuin dataa kirjoitetaan tai luetaan (katso Tilanne yläpuolella) ja sitten automaattisesti jatketaan salausta/salauksenpurkua. - \n\nVoit painaa Keskeytä tai Siirrä milloin tahansa keskeyttääksesi salaus prosessin, poistu tästä opastuksesta, aloita uudelleen tai sulje tietokone ja aloita uudelleen prosessi, mikä jatkaa kohdasta mihin aiemmin pysähdyttiin. Huomioi että taltiota ei voida yhdistää ennen kuin se on täysin salattu. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Piilotettu Järjestelmä Käynnistetty - Alkuperäinen Järjestelmä - Windows luo (tavallisesti sinun tietämättä tai ilman suostumustasi) erilaisia loki tiedostoja, väliaikaistiedostot, jne., järjestelmäosiolla. Se myös tallentaa RAM sisällön nukkumistilalle ja siivutus tiedostoille järjestelmäosiolle. Siksi, jos vastustaja tutkii tallennettuja tiedostoja osiolla missä alkuperäinen järjestelmä (mistä piilotettu järjestelmä on kloonattu) sijaitsee, hän saattaa havaita, esimerkiksi, että olet käyttänyt VeraCrypt opastettua piilotetun järjestelmän luonti tilassa (mikä saattaa osoittaa olemassa olevan piilotetun käyttöjärjestelmän tietokoneellasi).\n\nEstääksesi tällaisen ongelman, VeraCrypt tekee seuraavassa kohdassa, turvallisen poiston osio koko sisällölle missä alkuperäinen järjestelmä sijaitsee. Jälkeenpäin, saavuttaaksesi uskottavan tilanteen, sinun tulee asentaa uusi järjestelmäosiolle ja salata se. Joten sinun tulee luoda houkutuslintu järjestelmä ja piilotetun käyttöjärjestelmä luonti suoritetaan loppuun. - Piilotettu käyttöjärjestelmä on onnistuneesti luotu. Kuitenkin, ennen kuin voi aloittaa käyttämään sitä (ja saavuttaa uskottavan kiistanalaisuuden), sinun tarvitsee turvallisesti hävittää (käyttäen VeraCrypt) koko taltion sisältö missä nykyinen ajettava käyttöjärjestelmä on asennettuna. Ennen kuin voit tehdä näin, sinun tarvitsee käynnistää uudelleen tietokoneesi ja VeraCrypt Käynnistyslataajan ikkunassa (mikä ilmestyy ennen kuin Windows käynnistyy), anna esikäynnistys autentikointi salasana piilotetulle käyttöjärjestelmälle. Sitten, sen jälkeen piilotettu järjestelmä käynnistyy, VeraCrypt opastus käynnistyy automaattisesti.\n\nTiedote: Jos valitset tehtävän keskeytyksen luodessasi piilotettua käyttöjärjestelmää nyt, sinun EI ole mahdollista aloittaa sitä uudelleen ja piilotettu järjestelmään EI ole pääsyä (koska VeraCrypt Käynnistyslataaja on poistettu). - Olet ajastanut piilotetun käyttöjärjestelmän luonti prosessin. Prosessi ei ole vielä valmis. Valmistaaksesi tämän tehtävän, sinun täytyy käynnistää uudelleen tietokoneesi ja, VeraCrypt Käynnistyslataajan ikkunassa (mikä ilmestyy ennen kuin Windows käynnistyy), anna salasana piilotetulle käyttöjärjestelmälle.\n\nHuomioi: Jos valitset nyt piilotetun käyttöjärjestelmän luonnissa keskeytyksen, sinun EI ole mahdollista jatkaa sitä uudelleen. - Käynnistä uudelleen tietokoneesi ja jatka - Pysyvästi keskeytetty piilotetun käyttöjärjestelmän luonti prosessi - Älä tee mitään nyt ja kysy uudelleen myöhemmin - \nJOS MAHDOLLISTA, TULOSTA TÄMÄ TEKSTI (paina 'Tulosta' alta).\n\n\nKuinka ja milloin käytetään VeraCrypt Pelastus Levyä (Salauksen jälkeen) -----------------------------------------------------------------------------------\n\n - I. Kuinka Käynnistetään VeraCrypt Pelastuslevy\n\nKäynnistääksesi VeraCrypt Pelastuslevyn, aseta levy CD/DVD asemaan ja käynnistä tietokone uudestaan. Jos VeraCrypt Pelastuslevy ikkuna ei näy (tai jos et näe 'Korjaa Valinnat' kohtaa 'Näppäimistön Hallinta' kohdassa), voi olla mahdollista että BIOS on asetettu käynnistymään kovalevyltä ennen CD/DVD asemia. Jos näin on, käynnistä uudelleen tietokoneesi, paina F2 tai Delete nappulaa (niin kauan kuin näet BIOS käynnistys ikkunan), ja odota ennekuin BIOS asetus ikkuna näkyy. Jos BIOS asetus ikkuna ei näy, käynnistä uudelleen tietokone ja paina F2 tai Delete nappulaa toistuvasti kunnes tietokone käynnistyy. Kun BIOS asetus ikkuna näkyy, muuta BIOS asetusta niin että CD/DVD asema käynnistyy ensin (katso tarvittaessa manuaalista kuinka tämä tehdään). Sitten käynnistä tietokone uudestaan. VeraCrypt Pelastuslevy ikkunan pitäisi nyt näkyä. Huomio: VeraCrypt Pelastuslevy ikkunasta, voit valita 'Korjaa Valinnat' painamalla F8 näppäintä.\n\n\n - II. Milloin ja miten käyttää VeraCrypt Pelastuslevyä (Salauksen jälkeen)\n\n - 1) Jos VeraCrypt Käynnistyslataajan ikkuna ei ilmesty koneen käynnistyttyä (tai jos Windows ei käynnisty), VeraCrypt Käynnistyslataaja saattaa olla vioittunut. VeraCrypt Pelastuslevy sallii sinun palauttaa sen ja sallii pääsyn jälleen salattuun järjestelmään ja data (kuitenkin, huomioi että sinun tulee yhä antaa oikea salasana). Pelastuslevy ikkunassa, valitse 'Korjaa Valinnat' > 'Palauta VeraCrypt Käynnistyslataaja'. Sitten paina 'Y' komennon vahvistamiseksi, poista Pelastuslevy CD/DVD asemasta ja käynnistä uudelleen tietokoneesi.\n\n - 2) Jos toistuvasti annat oikean salasanan mutta VeraCrypt kertoo että salasanasi on väärä, pääavain tai muu kriittinen tieto saattaa olla tuhoutunut. VeraCrypt Pelastuslevy sallii sinun palauttaa ne ja sallii pääsyn jälleen salattuun järjestelmään ja data (kuitenkin, huomioi että sinun tulee yhä antaa oikea salasana). Pelastuslevy ikkunassa, valitse 'Korjaa Valinnat' > 'Palauta avaintieto'. Anna salasanasi, paina 'Y' komennon vahvistamiseksi, poista Pelastuslevy CD/DVD asemasta ja käynnistä uudelleen tietokoneesi.\n\n - 3) Jos VeraCrypt Käynnistyslataaja on vahingoittunut, voit välttää ajamasta sitä käynnistämällä suoraan VeraCrypt Pelastuslevyltä. Aseta Pelastuslevy CD/DVD asemaan ja sitten anna salasanasi Pelastuslevy ikkunassa.\n\n - 4) Jos Windows on vahingoittunut ja sitä ei voi käynnistää, VeraCrypt Pelastuslevy sallii sinua pysyvästi purkaa salaus osiolta/asemalta ennekuin Windows käynnistyy. Pelastuslevy ikkunassa, valitse 'Korjaa Valinnat' > 'Pura pysyvästi järjestelmäosion/aseman salaus'. Anna oikea salasana ja odota ennekuin salauksenpurku on valmis. Sitten voit esim. käynnistää MS Windows asennus CD/DVD korjataksesi Windows asennuksen.\n\n - Huomioi: Vaihtoehtoisesti, jos Windows on vahingoittunut (ei käynnisty) ja sinun tarvitsee korjata se (tai päästä käsiksi sen tiedostoihin), voit estää salauksen avauksen järjestelmäosiolta/asemalta seuraamalla seuraavia askeleita: Jos sinulla on useita käyttöjärjestelmiä asennettuna koneellesi, käynnistä yksi joka ei vaadi esikäynnistys autentikointia. Jos sinulla ei ole useampaa käyttöjärjestelmää asennettuna, voit käynnistää WinPE tai BartPE CD/DVD tai voit muuttaa järjestelmäaseman toissijaiseksi tai ulkoiseksi asemaksi toiselle tietokoneelle ja sitten käynnistää tietokoneelle asennettu käyttöjärjestelmä. Kun olet käynnistänyt käyttöjärjestelmän, aja VeraCrypt, paina 'Valitse Laite', valitse vallitseva järjestelmäosio, paina 'OK', valitse 'Järjestelmä' > 'Kytke Ilman Esikäynnistys Autentikointia', paina esikäynnistys autentikointi salasana ja paina 'OK'. Osio kytketään kuten tavallinen VeraCrypt taltio (data salataan/puretaan lennossa RAM muistiin, kuten tavallisesti).\n\n\n - Huomioi että vaikka kadotat VeraCrypt Pelastuslevyn ja hyökkääjä löytää sen, hän EI voi purkaa salausta järjestelmäosiolta tai asemalta ilman oikeaa sanalanaa. - \n\nT Ä R K E Ä Ä -- TULOSTA TAMA TEKSTI JOS MAHDOLLISTA (paina 'Tulosta' alta).\n\n\nHuomioi: Tätä tekstiä ei näytetä automaattisesti joka kerta kun käynnistät piilotetun järjestelmän ennen kuin aloitat luomaan houkutuslintu järjestelmän.\n\n\n - Kuinka luoda Houkutuslintuna toimiva Järjestelmä Turvallisesti ja Salattuna ----------------------------------------------------------------------------\n\nSaavuttaaksesi uskottavan kiistämisen, sinun täytyy luoda nyt houkutuslintu käyttöjärjestelmä. Tehdäksesi niin, seuraa näitä vaiheita:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Asentaa Windows osiolle, jonka sisältö on poistettu (esim. osiolle jossa alkuperäinen järjestelmä, josta piilotettu järjestelmä on klooni, on asennettuna).\n\nTÄRKEÄÄ: KUN KAYNNISTAT HOUKUTUSLINTU JARJESTELMAN ASENNEUKSEN, PIILOTETTUA JARJESTELMAA *EI* OLE MAHDOLLISTA KAYNNISTAA (koska VeraCrypt käynnistyslataaja poistetaan Windows järjestelmä asentajan toimesta). TAMA ON NORMAALI JA ODOTETTAVISSA OLEVA TOIMINTO. ALA HUOLESTU TASTA. SINUN ON MAHDOLLISTA KAYNNISTAA PIILOTETTU JARJESTELMA UUDELLEEN HETI KUN KAYNNISTAT HOUKUTUSLINTUJARJESTELMAN SALAUKSEN (koska VeraCrypt asentaa automaattisesti VeraCrypt Käynnistyslataajan järjestelmä asemalle).\n\nTärkeää: Houkutuslintuna olevan järjestelmäosion täytyy olla samankokoinen kuin piilotetun taltion (tämä ehto ei ole täyttynyt). Lisäksi, sinun ei pidä luoda mitään osiota houkutuslintujärjestelmän ja piilotetun järjestelmän välille missä piilotettu järjestelmä ovat.\n\n - 3) Käynnistä houkutuslintu järjestelmä (jonka asensit vaiheessa 2 ja asenna VeraCrypt sinne).\n\nPidä mielessäsi että houkutuslintu järjestelmän ei pidä koskaan sisältää arkaluonteista tietoa.\n\n - 4) Houkutuslintu järjestelmällä, aja VeraCrypt ja valitse 'Järjestelmä' > 'Salaa Järjestelmäosio/asema'. VeraCrypt Opastettu Taltion Luonti ikkunan pitäisi olla esillä.\n\nSeuraavat kohdat liittyvät Opastettuun VeraCrypt Taltion Luontiin.\n\n - 5) VeraCrypt Taltion Opastettu Luonti, älä valitse 'Piilotettu' valintaa. Jätä 'Tavallinen' valinta valituksi ja paina 'Seuraava'.\n\n - 6) Valitse 'Salaa Windows järjestelmäosio' ja sitten paina 'Seuraava'.\n\n - 7) Jos on vain piilotettuja järjestelmiä ja houkutuslintujärjestelmiä asennettuna tietokoneelle, valitse kohta 'Yksittäinen Käynnistys' (jos on asennettuna useampia kuin nämä kaksi järjestelmää, valitse 'Moni Käynnistys'). Paina 'Seuraava'.\n\n - 8) TÄRKEÄÄ: Tämä on kohta, HOUKUTUSLINTU JÄRJESTELMÄLLE, SINUN TÄYTYY VALITA SAMA SALAUS ALGORITMI JA HASH ALGORITMI JOTKA VALITSIT PIILOTETULLE JÄRJESTELMÄLLE! MUUTOIN, PIILOTETTU JÄRJESTELMÄ ON TAVOITTAMATTOMISSA! Toisin sanoen, houkutuslintujärjestelmä täytyy olla salattu samaisella salausalgoritmilla kuin piilotettu järjestelmä. Huomioi: Syy tähän on, että houkutuslintu järjestelmä ja piilotettu järjestelmä jakavat samaisen käynnistyslataajan, joka tukee ainoastaan yksittäistä algoritmia, käyttäjän valitseman (jokaiselle algoritmille, on erityinen versio VeraCrypt käynnistyslataajasta).\n\n - 9) Tässä kohdassa, valitse salasana houkutuslintu käyttöjärjestelmälle. Tämä on salasana jonka voit paljastaa jos olet pakotettu tai muutoin kiristetty antamaan esikäynnistys salasanan (muut salasanat jotka voit paljastaa on yksi ulkoiselle taltiolle). Olemassa oleva kolmannen osapuolen salasana (esim. esikäynnistys autentikointi salasana piilotetulle käyttöjärjestelmälle) säilyy salassa.\n\nTärkeää: Salasana jonka valitsit houkutuslintu järjestelmälle tulee olla erilainen kuin jonka valitsit piilotetulle taltiolle (esim. piilotetulle käyttöjärjestelmälle).\n\n - 10) Seuraa jäljellä olevia opastuksen ohjeita siten että salaat houkutuslintu käyttöjärjestelmän.\n\n\n\n - Kun Houkutuslintujärjestelmä on Luotuna ------------------------------------------------\n\nKun olet salannut houkutuslintujärjestelmän, koko piilotetun käyttöjärjestelmän luonti tehtävä valmistetaan ja sinun on mahdollista käyttää näitä kolmea salasanaa:\n\n1) Esikäynnistys autentikointi salasana piilotetulle käyttöjärjestelmälle.\n\n2) Esikäynnistys autentikointi salasana houkutuslintukäyttöjärjestelmälle.\n\n3) Salasana ulkoiselle taltiolle.\n\n - Jos haluat käynnistää piilotetun käyttöjärjestelmän, sinun tarvitsee antaa vain salasana piilotetulle käyttöjärjestelmälle VeraCrypt käynnistyslataajan ikkunassa (joka ilmestyy kun olet käynnistänyt tietokoneesi).\n\nJos haluat käynnistää houkutuslintu käyttöjärjestelmän, sinun tarvitsee antaa vain salasana houkutuslintu käyttöjärjestelmälle VeraCrypt käynnistyslataajan ikkunassa.\n\nHoukutuslintu järjestelmän salasanan voi paljastaa kenelle tahansa jos olet pakotettu antamaan esikäynnistys autentikointi salasanan. Piilotetun taltion olemassaolo (ja piilotettu käyttöjärjestelmä) pysyvät salassa.\n\n - Kolmas salasana (ulkoiselle taltiolle) voi paljastaa kenelle tahansa pakotettuna antamaan salasanaa ensimmäisen osion käyttöjärjestelmänosion takana, jossa sekä ulkoinen että piilotettu taltio (sisältää piilotetun käyttöjärjestelmän) sijaita. Olemassa olevan piilotettu taltion (ja piilotettu käyttöjärjestelmä) pysyy salattuna.\n\n\n - Jos olet pakotettu paljastamaan houkutuslintujärjestelmän salasanan ja hän kysyy sinulta miksi vapaa tila (houkutuslintu) järjestelmäosiolla sisältää satunnaista tietoa, voit vastata, esim: "Osion nykyisin sisältämä järjestelmä salattuna VeraCrypt ohjelmalla, mutta unohdin esikäynnistys autentikointi salasanan (tai järjestelmä tuhoutui ja loppui käynnistymästä), siksi minun täytyi asentaa uudelleen Windows ja salata osio uudelleen."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - VAROITUS: JOS ETI SUOJAA PIILOTETTUATALTIOTA (ohje kuinka tämän teet, sisältyy osiossa "Piilotettujen taltioiden Suojaaminen Vaurioitumista Vastaan" VeraCrypt Käyttäjäohjeessa), ÄLÄ KIRJOITA ULKOISELLE TALTIOLLE (huomioi että piilotettu käyttöjärjestelmä EI ole asennettu ulkoiselle taltiolle). MUUTOIN, VOIT YLIKIRJOITTAA JA TUHOTA PIILOTETUN TALTION (JA PIILOTETTU KÄYTTöJÄRJESTELMÄ SEN SISÄLLÄ)! - Käyttöjärjestelmän Kloonaus - Seuraavassa askeleessa, VeraCrypt luo piilotetun käyttöjärjestelmän kopioimalla järjestelmäosion sisällön piilotetulle taltiolle (kopioitava data salataan lennossa salausavaimella joka eroaa siitä mitä käytetään houkutuslintu käyttöjärjestelmälle).\n\nOle hyvä ja huomioi että prosessi suorittaa esikäynnistys ympäristössä (ennen kuin Windows käynnistyy) ja sen valmistuminen saattaa kestää kauemmin; useita tunteja tai jopa useita päiviä (riippuen järjestelmäosion koosta ja tietokoneen suorituskyvystä).\n\nSinun on mahdollista keskeyttää prosessi, sulkea tietokone, käynnistää käyttöjärjestelmä ja sitten aloittaa uudelleen prosessi. Kuitenkin, jos keskeytät sen, koko järjestelmän kopiointi prosessi täytyy aloittaa alusta (koska järjestelmäosion sisältö ei saa muuttua kloonauksen aikana). - Haluatko peruuttaa koko piilotetun käyttöjärjestelmän luonti tehtävän?\n\nHuomioi: EI ole mahdollista aloittaa tehtävää uudelleen jos keskeytät tehtävän nyt. - Haluatko perua järjestelmän salauksen esitestauksen? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - järjestelmäosio/asema ei ole salattu (ei osittain eikä täysin). - järjestelmäosio/asema on suojattu (osittain tai täysin).\n\nValitse salauksenpurku järjestelmäosiolle/asemalle pelkästään ennen suoritusta. Tee näin, valitse 'Järjestelmä' > 'Pysyvästi salasanapurettu järjestelmäosio/asema' menusta VeraCrypt pääikkunasta. - Kun järjestelmäosio/asema on salattu (osittain tai täysin), et voi käyttää vanhempaa versiota VeraCrypt ohjelmasta (mutta voit päivittää sen tai uudelleen asentaa saman version). - järjestelmäosio/asema on nykyisellään salattu, salapurettu tai muutoin muokattu. Keskeytä salaus/salauksenpurku/muokkaus toiminto (tai odota sen valmistumista) ennen kuin jatkat. - VeraCrypt Aseman Luonti Velhon käsittely on päällä tässä järjestelmässä järjestelmäosion/aseman salauksen/salauksenpurulla. Ennen kuin jatkat, odota sen päättymistä tai sulkemista. Jos et voi sulkea sitä, uudelleen käynnistä tietokoneesi ennen kuin jatkat. - Osion/aseman salaus tai salauksen purku prosessi ei ole valmistunut. Odota kunnes se on valmis ennen kuin jatkat. - Virhe: Osion/aseman salausprosessi ei ole valmistunut. Sen täytyy valmistua ensin. - Virhe: Salausprosessi osiolle/taltiolle ei ole suoritettu loppuun. Se pitää ensin suorittaa loppuun.\n\nTiedote: Aloittaaksesi prosessin uudelleen, valitse 'Taltiot' > 'Aloita Uudelleen Keskeytetty Prosessi' VeraCrypt pääikkunan menusta. - Salasana on oikea, VeraCrypt on onnistuneesti purkanut salauksen taltion otsikon ja havainnut että tämä taltio on piilotettu järjestelmätaltio. Kuitenkin, sinä et voi muokata otsikkoa piilotetulla taltiolla tätä kautta.\n\nMuuttaaksesi salasanan piilotetulle järjestelmätaltiolle, käynnistä käyttöjärjestelmä joka sijaitsee piilotetulla taltiolla, ja sitten valitse 'Järjestelmä' > 'Muuta Salasana' valinta menusta VeraCrypt pääikkunasta.\n\nAsettaaksesi Otsikkoavaimen periytyvän algoritmin, käynnistä piilotettu käyttöjärjestelmä ja valitse 'Järjestelmä' > 'Aseta Otsikkoavaimen Periytymisalgoritmi'. - VeraCrypt ei tue piilotetun järjestelmäosion käytössä olevaa salauksen purkua.\n\nHuomioi: Jos haluat purkaa salauksen houkutuslintu järjestelmäosiolta, käynnistä houkutuslintu järjestelmä, ja valitse 'Järjestelmä' > 'Avaa Pysyvästi Salausjärjestelmän Osiolle/Asemalle' menusta VeraCrypt pääikkunasta. - Virhe: Väärä/virheellinen parametri. - Olet valinnut osion tai laitteen, mutta opastuksen tilan, jonka valitsit on sopiva ainoastaan säilöille.\n\nHaluatko muuttaa opastuksen tilaa? - Haluatko luoda VeraCrypt tiedosto säilön sen sijaan? - Olet valinnut järjestelmäosion/aseman, mutta opastus tilassa valintasi on mahdollista ainoastaan ei-järjestelmäosioille/asemille.\n\nHaluatko luoda esikäynnistys autentikoinnin (tämä tarkoittaa että sinun tarvitsee antaa salasana joka kerta ennen kuin Windows käynnistyy) ja salata järjestelmäosio/asema? - Oletko varma, että todella haluat salapurkaa pysyvästi järjestelmän osion/levyn? - VAROITUS: Jos pysyvästi purat salatun järjestelmäosion/levyn, salaamaton tieto kirjoitetaan sen päälle.\n\nOletko varma, että todella haluat salapurkaa pysyvästi järjestelmän osion/levyn? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Varoitus: Jos käytät järjestelmä salaukselle salattua kytkentää, saatat kohdata seuraavat ongelmat:\n\n1) VeraCrypt Käynnistyslataaja on isompi kuin tavallisesti ja siksi ei ole riittävästi tilaa ensimmäisellä aseman uralla jotta VeraCrypt käynnistyslataaja voitaisiin varmuustallentaa. Näin ollen, milloin vain se vahingoittuu (jota usein tapahtuu, esimerkiksi, epäasiallisesti suunniteltu virustorjunta aktivointimenettely tietyillä ohjelmilla), sinun tarvitsee käyttää VeraCrypt Pelastuslevyä käynnistääksesi tai korjataksesi VeraCrypt Käynnistyslataajan.\n\n2) Joissakin tietokoneissa, paluu lepotilasta kestää kauemmin.\n\nNämä mahdolliset ongelmat voidaan ehkäistä valitsemalla ei-kytketty salausalgoritmi (esim. AES).\n\nOletko varma että haluat käyttää salattua kytkentää? - Jos kohtaat jokin aikaisemmin kuvatuista ongelmista, tee salauksen purku osiolla/levylle (jos sen on salattu) ja sitten yritä salata se uudelleen käyttäen non-cascade salausalgoritmia (kuten AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - VeraCrypt Käynnistys Lataajan versio numero tässä käyttöjärjestelmässä eroaa VeraCrypt ajurin versio numerosta (ja VeraCrypt sovelluksen) asennettuna tälle järjestelmälle.\n\nSinun tulee ajaa VeraCrypt asennus (jonka versio numero on sama kuin yhden VeraCrypt Käynnistys Lataajan) päivittääksesi VeraCrypt ohjelman tälle käyttöjärjestelmälle. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - VeraCrypt Käynnistyslataaja on päivitetty.\n\nVahvasti suosittelemme että luot uuden VeraCrypt Pelastuslevyn (joka sisältää uuden VeraCrypt version Käynnistys Lataajasta) valitsemalla 'Järjestelmä' > 'Luo Pelastuslevy' sen jälkeen kun uudelleen käynnistät tietokoneen. - VeraCrypt Käynnistys Lataaja on päivitetty.\n\nOn vahvasti suositeltavaa että käynnistät houkutuslintu käyttöjärjestelmän ja sitten luot uuden VeraCrypt Pelastuslevyn (mikä sisältää uuden version VeraCrypt Käynnistys Lataajasta) valitsemalla 'Järjestelmä' > 'Luo Pelastuslevy'. - VeraCrypt käynnistys lataajan päivittäminen epäonnistui. - VeraCrypt epäonnistui tunnistaessaan järjestelmä aseman todellisen koon ja siksi raportoitu käyttöjärjestelmä koko (mikä saattaa olla pienempi kuin todellinen koko) käytetään. Huomioi myös että tämä ei ole virhe VeraCrypt ohjelmassa. - VAROITUS: Näyttää siltä että VeraCrypt on jo yrittänyt havaita piilotetun sektorin järjestelmälevyltä. Jos kohtaat ongelmia edellisen tunnistuksen aikana, voit välttää ongelman ohittamalla tunnistuksen nyt. Huomioi, että teen niin, VeraCrypt käyttää kokoa jonka käyttöjärjestelmä on ilmoittanut (tämä saattaa olla pienempi kuin oikea aseman koko).\n\nHuomioi, että ongelma ei johdu virheestä VeraCrypt ohjelmassa. - Ohita piilotetun sektorin tunnistus (käytä käyttöjärjestelmän ilmoittamaa kokoa) - Yritä tunnistaa piilotetun sektorin koko uudelleen - Virhe: Yhden tai useamman sektorin sisältöä ei voida lukea (johtuen ehkä fyysisestä virheestä).\n\nPaikallaan salausprosessi voi jatkua ainoastaan kun sektori on luettavissa uudelleen. VeraCrypt voi yrittää tehdä nämä sektorit luettavaksi kirjoittamalla nollia sektorille (Myöhemmin tällaiset nollat lohkot salataan). Kuitenkin, huomioi että tieto tallennettuna lukemiseen kelpaamattomille sektoreille saattaa kadotat. Jos haluat ehkäistä tämän, voit yrittää varmuustallentaa osan tuhoutuneesta tiedosta käyttäen tarkoituksenmukaista kolmannen osapuolen työkaluja.\n\nHuomioi: Tapauksessa jossa on fyysisesti tuhoutuneita sektoreita (toisin kuin paljon tietoa turmeltunut tai virheellinen tarkistussumma) useimmista tallennettujen taltioiden sisäisistä uudelleenallokoiduista sektori tyypeistä kun tietoa on yritetty kirjoittaa niihin (niin olemassa oleva tieto tuhoutuneella sektorilla saattaa jäädä asemalle salaamattomaksi).\n\nHaluatko VeraCrypt kirjoittaa nollia lukemiseen kelpaamattomille sektoreille? - Virhe: Yhden tai useamman sektorin sisältöä levyllä ei voida lukea (mahdollisesti johtuen fyysisestä viasta).\n\nJotta salauksen purkamista olisi mahdollista jatkaa, VeraCrypt hylkää lukemiseen kelpaamattomien sektoreiden sisällön (sisältö korvataan näennäisarvo tiedolla). Huomioi, että ennen kuin jatkat, voit yrittää varmuuskopioida osan mistä tahansa vioittuneesta tiedosta käyttäen tarkoituksenmukaista kolmannen osapuolen työkaluja.\n\nHaluatko että VeraCrypt nyt hylkää lukemattomaksi kelpaamattomat sektorit? - Huomioi: VeraCrypt on korvannut sisällön %I64d lukukelvottomalla sektorilla (%s) salatulla kaikki nollatuilla lohkoilla. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Anna salasana/PIN merkille '%s': - Salliaksesi VeraCrypt pääsyn turvallisuustunnisteisiin tai älykorttiin, sinun tarvitsee asentaa PKCS #11 ohjelmisto kirjastomerkeille tai älykortille ensin. Tällainen kirjasto saatetaan toimittaa laitteen mukana tai se voi olla ladattavissa toimittajan web sivuilta tai muulta kolmannelta osapuolelta.\n\nKun olet asentanut kirjaston, voit joko valita sen käsin painamalla 'Valitse kirjasto' tai voit antaa VeraCrypt löytää sen ja valita sen automaattisesti painamalla 'Auto-tunnista Kirjasto' (vain Windows järjestelmä hakemisto tutkitaan). - Tiedote: Asennettu PKCS #11 kirjaston turvallisuustunniste tai älykortti tiedostonimelle ja sijainnille, mainitaan dokumentissa, joka on toimitettu tunnisteen, kortin tai kolmannen osapuolen ohjelmiston mukana.\n\nPaina 'OK' valitaksesi polun tai tiedostonimen. - Salliaksesi VeraCrypt pääsyn turvallisuustunnisteisiin tai älykorttiin, sinun tarvitsee asentaa PKCS #11 ohjelmistokirjasto tunnisteelle/älykortille ensin. Tehdäksesi näin, valitse 'Asetukset' > 'Turvallisuustunniste'. - Epäonnistunut alustus PKCS #11 turvallisuustunniste kirjastossa.\n\nVarmista, että määritelty polku ja tiedostonimi ovat oikein PKCS #11 kirjastolle. Määritykset PKCS #11 kirjasto polulle ja tiedostonimelle, valitse 'Asetukset' > 'Turvallisuustunnisteet'. - Ei yhtään PKCS #11 kirjastoa löydetty Windows järjestelmä hakemistosta.\n\nOle hyvä ja varmista, että PKCS #11 kirjasto turvallisuustunnisteelle (tai älykortille) on asennettuna (kuten kirjasto tuettuna merkillä/kortilla tai on mahdollisesti saatavissa ladattuna toimittajan webbi sivulta tai muulta kolmannelta osapuolelta). Jos se on asennettuna muuhun kuin Windows järjestelmä hakemistoon, paina 'Valitse Kirjasto' paikallistaaksesi kirjaston (esim. hakemistosta jonne tunniste/kortti ohjelmisto on asennettuna). - turvallisuustunnistetta ei löytynyt.\n\nOle hyvä ja varmista että turvallisuustunniste on kytkettynä tietokoneellesi ja oikea laiteajuri tunnisteelle on asennettuna. - turvallisuustunnisteen avaintiedostoa ei löytynyt. - turvallisuustunnisteen avaintiedosto samalla nimellä on jo olemassa. - Haluatko poistaa valitut tiedostot? - turvallisuustunnisteen avaintiedosto polku on virheellinen. - turvallisuustunniste virhe - Salasana turvallisuustunnisteelle on virheellinen. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - Kaikki avoimet turvallisuustunniste istunnot on suljettu. - Valitse Turvallisuustunniste Avaintiedostot - Korttipaikka - Merkin nimi - Tiedostonimi - TÄRKEÄÄ: Huomioi että esikäynnistys autentikointi salasanat ovat aina kirjoitettu käyttäen standardia US näppäimistöä. Siksi, taltio joka käyttää salasanaa kirjoitettuna Ei US näppäimistöllä saattaa olla mahdotonta kytkeä sitä käyttäen välimuisti esikäynnistys autentikointi salasanaa (huomioi että tämä ei ole virhe VeraCrypt ohjelmassa.) Salliaksesi tällaisen taltion kytkemisen käyttäen esiautentikointi salasanaa, seuraa näitä vaiheita:\n\n1) Paina 'Valitse Tiedosto' tai 'Valitse Asema' ja valitse taltio. 2) Valitse Taltiot' > 'Vaihda Taltion Salasana'. 3) Anna taltion nykyinen salasana. 4) Vaihda näppäimistö English (US) painamalla Kieli ikonia Windows tehtäväpalkissa ja valitse 'EN English (Unites States)'. 5) VeraCrypt ohjelmassa, uusi salasana kentässä, kirjoita esikäynnistys autentikointi salasana. 6) Cahvista uusi salasana uudelleen kirjoittamalla se vahvistus kenttään ja paina 'OK'. VAROITUS: Pidä mielessäsi, että jos seuraat näitä vaiheita, taltion salasana on täytynyt antaa aina käyttäen US näppäimistö asetuksia (joka on automaattisesti varmistettu esikäynnistys ympäristössä). - Järjestelmä suosikkitaltiot kytketään käyttäen esikäynnistys autentikointi salasanaa. Jos jokin järjestelmä taltio käyttää jotain toista salasanaa, sitä ei voida kytkeä. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - TÄRKEÄÄ: Pidä mielessäsi että jos tämä valinta on valittuna ja VeraCrypt ohjelmalla ei ole pääkäyttäjän oikeuksia, kytketty järjestelmän suosikkitaltiot EIVÄT ole näytettyinä VeraCrypt sovellus ikkunassa ja niitä ei voida pois-kytkeä. Siksi, jos sinun tarvitse esim. kytkeä järjestelmän suosikkitaltio, paina hiiren oikeaa VeraCrypt ikonista (Käynnistys valikosta) ja valitse 'Aja pääkäyttäjänä' ensin. Sama rajoitus on 'Pois-Kytke Kaikki', 'Auto-Poiskytke', 'Pois-Kytke Kaikki' pikanäppäimet. - Note that this setting takes effect only after the operating system is restarted. - Virhe komento rivillä. - Pelastuslevy - Valitse &Tiedosto ja Kytke.. - Valitse &Laite ja Kytke.. - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Varoitus: Taltion tiedostojärjestelmä kytkettynä '%s' ei ole oikein pois kytketty ja siksi se saattaa sisältää virheitä. Käyttämällä viallista tiedostojärjestelmää voi johtaa tietojen häviämiseen tai tietojen tuhoutumiseen.\n\nHuomioi: Ennen kuin se fyysisesti poistetaan tai virta kytketään pois (kuten USB muistitikku tai ulkoinen kovalevy) missä kytketty VeraCrypt taltio sijaitsee, sinun tulee pois kytkeä aina VeraCrypt taltiolta ensin VeraCrypt.\n\n\nHaluatko että Windows yrittää havaita ja korjata virheet (jos jotain löytyy) tiedostojärjestelmästä? - Varoitus: Yksi tai useampia suosikkitaltioita eivät ole puhtaasti pois-kytketyitä ja siksi saattaa sisältää tiedostojärjestelmä virheitä. Katso tarkemmin järjestelmä tapahtuma lokista.\n\nVirheellistä tiedostojärjestelmää käytettäessä saattaa aiheutua tietojen häviämistä tai tietojen korruptoitumista. Voit tarkistaa vaikutukset järjestelmän suosikkitaltion(oiden) virheistä (hiiren oikea painallus jokaiselle niille VeraCrypt ohjelmassa ja valitse 'Korjaa Tiedostojärjestelmä'). - Varoitus: Korjataksesi vahingoittunut tiedostojärjestelmä käyttäen Microsoft 'chkdsk' työkalua, saattaa aiheuttaa tiedostojen häviämisen vioittuneella alueelle. Tämän vuoksi, on suositeltavaa että ensiksi varmuustallennat VeraCrypt taltion tiedostot, toimivalle VeraCrypt taltiolle.\n\nHaluatko nyt korjata tiedostojärjestelmän? - Taltio '%s' on yhdistetty vain lukutilaan, koska kirjoitus oikeudet on estetty.\n\nVarmista, että tiedostosäilön suojaoikeudet sallii sinun kirjoittaa sille (paina hiiren oikeaa säilössä ja valitse Ominaisuudet > Turvallisuus).\n\nHuomioi, koskien Windows ongelmaa, sinä saatat nähdä tämän varoituksen vaikka olisit asettanut mahdolliset turvallisuus oikeudet. Tämä ei johdu virheestä VeraCrypt ohjelmassa. Mahdollinen ratkaisu tähän on siirtää säilö esim. sinun 'Dokumentit' kansioon.\n\n Jos sinä aiot pitää taltiosi vain lukutilassa, aseta säilön vain lukutila attribuutti (hiiren oikea ja valitse Ominaisuudet > Lukutila), joka estää tämän varoituksen. - Taltio '%s' on yhdistetty vain lukutilaan koska kirjoitus oikeudet on evätty.\n\nVarmista etteivät (esim. virustorjunta ohjelmisto) ole käytössä osiolla/laitella jossa taltio on isännöitynä. - Taltio '%s' on yhdistetty vain lukutilaan koska käyttöjärjestelmä raportoi isäntä aseman olevan kirjoitussuojatun.\n\nHuomioi että jotkin käyttäjän laiteajurit ovat raportoineet johtuen kirjoitettavan median olevan virheellisesti kirjoitussuojatun. Tämä ongelma ei johdu VeraCrypt ohjelmasta. Se voidaan ratkaista päivittämällä tai poistamalla jokin käyttäjän (ei-Microsoft) laiteajurit jotka ovat nykyään asennettuina tähän järjestelmään. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Haluatko että VeraCrypt yrittää poistaa osion/aseman kirjoitussuojauksen? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Testi - Avaintiedosto - Takaisin - Tab - Tyhjennä - Paina - Tauko - Caps Lock - Välilyönti - Sivu ylös - Sivu alas - End - Home - Nuoli vasemmalle - Nuoli ylös - Nuoli oikealle - Nuoli alas - Valinta näppäin - Tulostus näppäin - Suoritus näppäin - Tulosta ruutu - Lisää - Poista - Sovellus näppäin - Nuku - Num Lock - Scroll Lock - Selaa Takaisin - Selaa eteenpäin - Päivitä selaus - Pysäytä selaus - Selaa Etsi - Selaa suosikit - Selaa Home - Mykistä - Hiljennä - Voimista - Seuraava raita - Edellinen raita - Pysäytä Media - Soita/Tauko Media - Start Mail Key - Valitse Media - Sovellus 1 - Sovellus 2 - Attn - CrSel - ExSel - Soita - Zoomaa - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Peru + Asenna &kaikille käyttäjille + Se&laa.. + Lisää VeraCrypt ikoni &työpöydälle + Donate now... + Liitä .hc tiedostot &päätteet VeraCrypt ohjelmalle + &Avaa kohde lopuksi + Lisää VeraCrypt &Käynnistys menuun + Luo Systeemin &Palautus piste + &Poista asennus + &Pura + &Asenna + Opastettu VeraCrypt Asennus + Poista VeraCrypt asennus + &Ohje + Valitse tai kirjoita kohde sijainti jonne tiedostot puretaan: + Valitse tai kirjoita VeraCrypt asennus sijainti. Jos määriteltyä sijaintia ei löydetä se luodaan automaattisesti. + Paina Poisto nappia poistaaksesi VeraCrypt järjestelmästä. + Keskeytys + &Benchmark + &Testi + Luo salattu taltio ja formatoi se + Salattu osio tehty + Näytä luodut avaimet (niiden osat) + Näytä poolin sisältö + Lataa CD/DVD toisto ohjelma + Luo salattu tiedostosäilö + &GB + &TB + Lisää tietoa + Pi&ilotettu VeraCrypt taltio + Lisätietoa piilotetuista taltioista + Suoratila + Normaalitila + &KB + Käytä &Avaintiedostoja + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + &Avaintiedostot.. + Tietoa hash algoritmeista + Lisätietoa + Information on PIM + &MB + Lisätietoa + Lisätietoa järjestelmän salauksesta + Lisätietoa + Multi-boot + Salaa tavallinen osio/asema + &Älä tallenna historiatietoja + Avaa Ulkopuolinen Taltio + &Tauko + Use P&IM + Use PIM + Nopea Alustus + &Näytä Salasana + &Näytä salasana + &Display PIM + Single-boot + Standardi VeraCrypt taltio + Pii&lotettu + Normaali + Salaa järjestelmäasema (osio) tai koko kiintolevy + Salaa Windowsin järjestelmäasema/osio + Salaa koko asema + Opastettu VeraCrypt-taltion luonti + Ryhmä + TÄRKEÄÄ: Siirrä hiiresi satunnaisesti tässä ikkunassa. Mitä kauemmin siirrät sitä parempi. Tämä merkittävästi kasvattaa salakuvauksen vahvuutta salausavaimelle. Paina seuraavaksi Seuraava jatkaaksesi. + &Vahvista: + Valmis + Drive letter: + Salausalgoritmi + Järjestelmä + Luo virtuaalisesti salattu levy tiedoston sisälle. Tämä valinta on suositeltava aloittelijalle. + Valinnat + Hash algoritmi + Otsikkoavain: + Jäljellä + Pääavain: + Valitse tämä valinta jos sinulla on kaksi tai useampi käyttöjärjestelmiä asennettuna.\n\nEsimerkiksi:\n- Windows XP ja Windows XP\n- Windows XP ja Windows Vista\n- Windows ja Mac OS X\n- Windows ja Linux\n- Windows, Linux ja Mac OS X + Salaa olemassa oleva sisäinen tai ulkoinen asema tai esimerkiksi muistitikku, eli. D:, E: -asema jne. + Nykyisen poolin sisältö (osittainen) + Läpi + Salasana: + Volume PIM: + Volume PIM: + Suorittaa: + Satunnaisluku: + Valitse tämä valinta jos vain yksi käyttöjärjestelmä on asennettuna (vaikka olisikin useampi käyttäjä). + Nopeus + Tila + Avaimet ja muut datat on nyt onnistuneesti luotu. Jos haluat luoda uuden avaimen, paina Takaisin ja sitten Seuraava. Muutoin, paina Seuraava jatkaaksesi. + Salaa järjestelmäasema/osio, jolle Windows on asennettu, esim. C:-asema. Tämän jälkeen tietokoneen käynnistys edellyttää aina salasanan antamista. + Valitse tämä valinta salataksesi osion missä Windows käyttöjärjestelmä on asennettuna. + Volume Label in Windows: + Tyhjennys Tila: + Sulje + Salli esikäynnistys &autentikointi ohitetaan painamalla Esc näppäintä (aktivoi käynnistys managerin) + Ei tehdä mitään + &Automaattisesti yhdistettävä VeraCrypt taltio (määritelty alla) + &Aloita VeraCrypt + Auto-&tunnista Kirjasto + &Välimuisti esikäynnistys autentikoinnin salasanalle aseman muistissa (ei-järjestelmätaltion kytkemiseksi) + Selaa.. + Selaa.. + Välimuisti salasanat ja avaintie&dostot muistissa + Poistu sitten kun ei ole yhdistettyjä taltioita + &Sulje näennäinen yhteys (kirjaudu ulos) kun taltio on onnistuneesti yhdistetty + Include VeraCrypt Volume Expander + Sisällytä Opastettu VeraCrypt Taltion Luonti + Luo + L&uo Taltio + älä &näytä tekstiä esikäynnistys autentikointi ikkunassa (paitsi alapuolinen käyttäjän viesti) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Käytä Avaintiedostoa + Käytä Avaintiedostoa + &Poistu + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Määrittele + Poista + Avaintiedosto.. + Do not use the following number of processors for encryption/decryption: + More information + More information + Lisää Asetuksia.. + Autoyhdistä &Laitteet + Yhdistä V&alinta.. + Yhdistä taltio vain luku&tilassa + Avaintiedostot.. + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Päällä + Salasanat Ohjaimen Välimuistiin + Automaattinen yhteyden poisto taltiolle kun dataa ei ole luettu/kirjoitettu sille + Käyttäjän ulos kirjautuessa + User session locked + Siirryttäessä Virransäästötilaan + Näytönsäästäjän käynnistyessä + Pakotettu autoyhteyden poisto vaikka taltiolla olisi avoimia tiedostoja tai hakemistoja + Yhdistä kaikki laite ohjatut VeraCrypt taltiot + Käynnistä VeraCrypt Taustatehtävä + Yhdistä taltiot vain lukutilaan + Yhdistä taltiot liikutettavina välineinä + Avaa Selaus ikkuna onnistuneesti yhdistetyille taltioille + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Tyhjennä tallennetut välimuisti salasanat taltioilta auto-poiskytketyillä yhteyksillä + Pyyhi välimuisti salasanat poistuttaessa + Säilytä tiedostojen aikaleimat + Tyhjennä + &Valitse Laite.. + Valitse T&iedosto.. + Valitse &Kirjasto.. + Näytä Salasana + Näytä Salasana + Avaa &Tutkinta Ikkuna Yhdistetyille taltioille + &Välimuistisalasana ajurin muistille + TrueCrypt Mode + P&oista Kaikki Yhteydet + Taltion Ominaisuu&det.. + Taltio&n Työkalut.. + Tyhjennä &Välimuisti + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - Järjestelmän Pikanäppäimet + VeraCrypt + Muuta Salasana tai Avaintiedosto + Anna VeraCrypt Taltion Salasana + VeraCrypt - Performance and Driver Options + VeraCrypt - Ominaisuudet + VeraCrypt - Järjestelmän Salaus Asetukset + VeraCrypt - Turvallisuustunnisteen Preferenssi + VeraCrypt Liikutettavan Levyn Asennus + VeraCrypt Taltion Ominaisuudet + Tietoa.. + Lisää/Poista Avaintiedostot Taltiolle/lta.. + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Varmuuskopioi Taltion Otsikot.. + Nopeustesti.. + Aseta Otsikkoavaimen Periytyvä algoritmi.. + Muuta Taltion Salasana.. + Aseta Otsikko Avaimesta Periytyvä algoritmi.. + Muuta Salasana.. + Tyhjennä Taltion Historia + Sulje Kaikki Turvallisuustunniste Istunnot + Yhteydenotto.. + Luo Piilotettu Käyttöjärjestelmä.. + Luo Pelastuslevy.. + Luo Uusi Taltio.. + Permanently Decrypt... + Oletus Avaintiedosto.. + Default Mount Parameters... + Donate now... + Salaa Järjestelmän Osio/Asema.. + Usein Kysyttyjä Kysymyksiä + Käyttäjäopas + Kotisivu + Pikanäppäimet.. + Avaintiedoston Luonti + Kieli (language).. + Lainmukaiset Tiedotukset + Hallitse Turvallisuustunniste Avaintiedostoja.. + Autoyhdistä Kaikki Laiteisännöidyt Taltiot + Yhdistä Suosikkitaltiot + Yhdistä Ilman esikäynnistys &Autentikointia.. + Yhdistä Taltio + Yhdistä Taltio Valinnoin + Uutiset + Online Avustus + Aloittelijan Koulutus + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Avaa Pysyvästi Salaus Järjestelmän Osiolle/Asemalle + Ominaisuudet.. + Päivitä Asema Kirjaimet + Poista Kaikki Avaintiedostot Taltiolta.. + Palauta Taltion Otsikot.. + Aloita Uudelleen Keskeytetty Prosessi + Valitse Laite.. + Valitse Tiedosto.. + Aloita Uudelleen Keskeytetty Prosessi + Järjestelmän Salaus.. + Ominaisuudet.. + Asetukset.. + Järjestelmän Suosikkitaltiot.. + Lataukset + Koevektorit.. + Turvallisuustunnisteet.. + Liikutettavan Levyn Asennus.. + Poista Yhteys Kaikilta Yhdistetyiltä Taltioilta + Poista Yhdistetyt Taltio + Tarkista Pelastuslevy + Verify Rescue Disk ISO Image + Versio Historia + Volume Expander + Taltion Ominaisuudet + Opastettu Taltion Luonti + VeraCryptin Nettisivut + Tyhjennä Välimuisti Salasanat + OK + Hardware Acceleration + Pikakuvake + Automaattinen käynnistys kokoonpano (autorun.inf) + Automaattinen-yhteyden Poisto + Poista Yhteydet: + Käynnistys Lataus Näyttö Valinnat + Vahvista Salasana + Nykyinen + Näytä tämä käyttäjän sanoma esikäynnistys autentikointi ikkunassa (Maksimi 24 merkkiä): + Oletus yhteys valinnat + Pikanäppäin Valinnat + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Tiedosto Asetukset + Määriteltävä näppäin: + Processor (CPU) in this computer supports hardware acceleration for AES: + Toiminta suorittaa kirjautumisen Windowsiin + minuuttia + Yhdistä taltio kirjaimelle: + Yhdistä asetukset + Uusi + Salasana: + Thread-Based Parallelization + PKCS #11 Kirjasto Polku + PKCS-5 PRF: + PKCS-5 PRF: + Salasana Välimuistiin + Salausvalinnat + VeraCrypt Taustatehtävä + VeraCrypt taltion yhteys (liittyy liikutettavan levyn juureen): + Liikutettavan levyn sisällyttäminen: + Luo liikutettava levytiedosto (Liikutettavan levyjuuri hakemisto): + Taltio + Ikkuna + Lisää P&olku.. + &Auto-testi Kaikille + &Jatka + &Salauksenpurku + &Poista + &Salaus + &Vienti.. + Luo ja Tallenna Avaintiedosto.. + &Luo Satunnais-avaintiedosto.. + Lataa Käännöspaketteja + Hardware-accelerated AES: + &Tuo Avaintiedosto Tunnisteelle.. + Lisää &Tiedostoja.. + Kä&ytä Avaintiedosto + &Avaintiedosto.. + &Poista + Poista &Kaikki + Mikä on piilotettu taltion salaus? + Lisää tietoa avaintiedostoista + Yhdistä talti&o liikutettavana välineenä + Yhdistettyä osiota käyttää järjestelmäsala&usta ilman esikäynnistys autentikointia + Parallelization: + Nopeustesti + &Tulosta + &Suojaa salattu taltio vaurioilta ulkoisten taltioiden kirjoitusta vastaan + &Tyhjennä + &Näytä Salasana + Lisää &Tunniste Tie.. + Käytä varmistettua otsikko varustusta &asemalle jos mahdollista + XTS tila + Tietoa VeraCrypt + VeraCrypt - Salausalgoritmin Nopeustesti + VeraCrypt - Koevektorit + Komentorivi avustus + VeraCrypt - Avaintiedosto + VeraCrypt - Avaintiedoston Luonti + VeraCrypt - Kieli (language) + VeraCrypt - Yhteysvalinta + Uuden Turvallisuustunniste Avaintiedoston Ominaisuudet + VeraCrypt - Satunnainen poolin Rikastus + Valitse Osio tai Laite + VeraCrypt + Turvallisuustunniste Avaintiedostot + Turvallisuustunniste salasana/PIN vaaditaan + Aktiivinen kielipaketti + Nopeus vaikuttaa keskusyksikön (CPU) kuormaan ja tallennus aseman ominaisuuksiin.\n\nNämä nopeustesti tehtiin RAM muistissa. + Puskurin Koko: + Salakirjoitus: + S&alasana taltion piilottamiseen:\n(jos tyhjä, käytetään välimuistia) + Piilotetun Taltion Salaus + Avaimen koko: + TÄRKEÄÄ: Siirrä hiirtäsi satunnaisesti (jos mahdollista) tämän ikkunan sisällä. Mitä kauemmin siirrät, sitä parempi. Tämä lisää merkittävästi avaintiedosto salauksen vahvuutta. + VAROITUS: Jos hävität avaintiedoston tai jokin ensimmäisen 1024 kilobyten bitti muuttuu, on mahdotonta yhdistää taltiota joka käyttää tätä avaintiedostoa! + bittiä + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Käännös: + Ilmitekstin koko: + bittiä + Nykyinen poolin sisältö + Miksattu PRF: + TÄRKEÄÄ: Siirrä hiirtäsi satunnaisesti (jos mahdollista) tämän ikkunan sisällä. Mitä kauemmin siirrät, sitä parempi. Tämä lisää merkittävästi turvallisuutta. Kun valmis, paina 'Jatka'. + Toissijainen avain (hexadecimal) + Turvallisuustunniste: + Järjestäminen: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Lohko numero: + Salakirjoitettu teksti (hexadecimal) + Datan yksikkö numero (64-bit hexadecimal, data yksikön koko on 512 byteä) + Avain (hexadecimal) + Ilmiteksti (hexadecimal) + Avaintiedoston nimi: + XTS tila + &Järjestelmä + &Taltiot + Favor&ites + T&yökalut + A&setukset + &Ohje + Kotisivu + + &Tietoa.. + Vain luku attribuutti vanhalla taltiollasi ei voida muuttaa. Tarkista tiedoston oikeudet. + Virhe: Pääsy evätty.\n\nOsio jonne yritit päästä on joko 0 sektoria pitkä, tai se on käynnistyvä laite. + Pääkäyttäjä + Jotta VeraCrypt ohjaimen lataus olisi mahdollista, sinun on kirjauduttava pääkäyttäjän oikeuksilla. + Huomioi, että salataksesi/alustaaksesi osion/laitteen sinun tulee kirjautua koneelle pääkäyttäjän oikeuksin.\n\nTätä ei pyydetty tiedostoisännöidyille taltioille. + Luodaksesi piilotetun taltion sinun tulee kirjautua koneelle pääkäyttäjän oikeuksin.\n\nJatka? + Huomioi, että kun alustat taltion NTFS tyyppiseksi, sinun täytyy kirjautua koneelle pääkäyttäjän oikeuksilla.\n\nIlman pääkäyttäjän oikeuksia voit alustaa taltion FAT tyyppiseksi. + FIPS hyväksytty koodaus (Rijndael, julkaistu 1998), jota voidaan käyttää U.S. hallituksen osastojen ja toimistojen luottamuksellisten tietojen suojaukseen huippusalaisella tasolla. 256-bitin avain, 128-bitin lohko, 14 kierrosta (AES-256). Toimenpide tila on XTS. + Taltio on jo yhdistetty. + VAROITUS: Ainakin yksi salattu tai hash algoritmi epäonnistui sisäänrakennetulla automaattisella testillä!\n\nVeraCrypt asennus saattaa olla viallinen. + VAROITUS: Satunnaisnumero kehitinallas ei sisällä tarpeeksi dataa toimittaakseen pyydetyn määrän satunnaisdataa.\n\nSinun ei pidä jatkaa pidemmälle. Valitse 'Vika Raportointi' Ohje menusta, ja raportoi tämä virhe. + Asema on vahingoittunut (fyysinen vika löydetty) tai johto on vioittunut, tai muistin toimintahäiriö.\n\nHuomioi, että tämä on ongelma laitteistossasi, ei VeraCrypt ohjelmassa. Siksi älä raportoi tätä virheenä/ongelmana VeraCrypt ohjelmassa ja ÄLÄ pyydä apua tähän VeraCrypt Foorumilla. Ota yhteys tietokoneesi toimittajan tekniseen tukeen. Kiitoksia.\n\nTiedote: Jos virhe tapahtuu jatkuvasti samassa paikassa, on todennäköistä että se johtuu virheellisistä levyn lohkoista, jotka on mahdollista korjata käyttäen kolmannen osapuolen ohjelmistoa (huomioi, että monessa tapauksessa 'chkdsk /r' komento ei korjaa sitä koska se toimii ainoastaan tiedostojärjestelmätasolla; joissakin tapauksissa 'chkdsk' työkalu ei voi edes tunnistaa sitä). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Järjestelmäsi käyttää asiakaskohtaisia piirisarja ajureita joissa on virhe, mikä estää salauksenpurun koko järjestelmäasemalta.\n\nYritä päivittää tai poistaa asennus joltakin asiakas (ei-Microsoft) piirisarjan ajureilta enne kuin jatkat. jos tämä ei auta, yritä purkaa salaus ainoastaan järjestelmäosiolta. + Virheellinen aseman tunnus. + Virheellinen Polku. + &Peruuta + Ei pääsyä laitteelle. Varmista, että valittu laite on olemassa ja ei ole järjestelmän käytössä. + Varoitus: Caps Lock on päällä. Tämä voi aiheuttaa virheen salasanaa annettaessa. + Taltion Tyyppi + Näin voi tapahtua kun olet pakotettu paljastamaan jollekin salatun taltion salasanan. On monta tilannetta jossa et voi kieltäytyä paljastamasta salasanaa (esimerkiksi, kiristyksessä). Käytä niin kutsuttua piilotettua taltiota, jolloin tällaisia pakotettuja salasanan luovuttamisia taltiolle ei tapahdu. + Valitse tämä valinta jos haluat luoda tavallisen VeraCrypt taltion. + Huomioi, että jos tahdot käyttöjärjestelmän asennettavan piilotetulle osioisännöidylle asemalle, siten kokonaista järjestelmäasemaa ei voida salata käyttäen yhtä avainta. + Ulkoisen Taltion Salauksen Valinnat + Piilotetun Taltion Salauksen Valinnat + Salauksen Valinnat + VAROITUS: Virhe pyyhittäessä viimeksi valitun taltion/avaintiedoston polkua (tiedosto valitsimen muistissa)! + Virhe: Säilö on tiivistetty tiedostojärjestelmätasolla. VeraCrypt ei tue tiivistettyjä säilöjä (Huomioi, että tiivistetty salattu data on tehoton ja tarpeeton).\n\nPoista säilön tiivistys seuraavalla tavalla: 1) Hiiren oikea klikkaus Windowsin resurssinhallinnassa (ei VeraCryptissä). 2) Valitse 'Ominaisuudet'. 3) 'Ominaisuudet' ikkunassa paina 'Lisäominaisuudet'. 4) 'Lisäominaisuus' ikkunassa, poista valinta 'Sisällön tiivistys säästää levytilaa' ja paina 'OK'. 5) 'Ominaisuudet' ikkunassa, paina 'OK'. + Virhe luodessa %s taltio + %s koko on %.2f byteä + %s koko on %.2f KB + %s koko on %.2f MB + %s koko on %.2f GB + %s koko on %.2f TB + %s koko on %.2f PB + VAROITUS: Laite/osio on jo käyttöjärjestelmän tai sovelluksen käytössä. Alustamalla nyt laitteen/osion sillä saattaa olla vaikutusta joko datan tuhoutumiselle ja järjestelmän epävakauteen.\n\nJatka? + Varoitus: Osion on käyttöjärjestelmän ja sovelluksen käytössä. Sinun tulee sulkea sovellus joka saattaa käyttää osiota (sisältäen virustorjunta ohjelman)).\n\nJatka? + Virhe: Laite/osio sisältää tiedostojärjestelmän jolta ei voida poistaa yhteyttä. Tiedostojärjestelmä saattaa olla järjestelmän käytössä. Alustamalla laite/osio suurella todennäköisyydellä aiheuttaa datan vioittumisen ja järjestelmän epävakauden.\n\nRatkaisu: Suosittelemme, että ensiksi poistat osion ja luot sen uudelleen ilman alustusta. Tehtyäsi näin, seuraavaksi: 1) Klikkaa hiiren oikealla 'Tietokone' (tai 'My Computer') ikonia 'Käynnistä' menusta ja valitse 'Hallitse'. 'Tietokone hallinta' ikkuna ilmestyy. 2) 'Tietokone hallinta' ikkunassa, valitse 'Storage' > 'Disk Management'. 3) Klikkaa hiiren oikealla osio jonka haluat salakirjoittaa ja valitse joko 'Poista Osio', tai 'Poista Taltio', tai 'Poista Looginen Asema'. 4) Paina 'Kyllä'. Jos Windows pyytää sinua käynnistämään tietokoneen uudelleen, tee niin. Sitten toista kohdat 1 ja 2 ja jatka kohtaan 5. 5) Klikkaa hiiren oikealla allokoimaton/vapaa tilan alue ja valitse joko 'Uusi Osio', tai 'Uusi Yksinkertainen Taltio', tai 'Uusi Looginen Asema'. 6) 'Uusi Osio Velho' tai 'Uusi Yksinkertainen Taltio Velho' ikkuna pitäisi nyt ilmestyä; seuraamalla ohjeita. Velhon sivulla nimetty 'Alusta Osio', valitse molemmat 'Älä alusta tätä osiota' tai 'Älä alusta tätä taltiota'. Samassa opastuksessa, paina 'Seuraava' ja sitten 'Lopeta'. 7) Huomioi, että laite polku jonka valitsit VeraCrypt voi olla väärä. Siksi, poistu VeraCrypt ohjelman Opastetusta Taltion Luonnista (jos se edelleen on toiminnassa) ja aloita uudelleen. 8) Yritä salakirjoittaa laite/osio uudelleen.\n\nJos VeraCrypt toistuvasti epäonnistuu laite/osion salakirjoituksessa, saatat harkita haluavasi luoda sen sijaan tiedosto säilön. + Virhe: Tiedostojärjestelmä ei voida lukita ja/tai pois-kytkeä. Se saattaa olla käytössä käyttöjärjestelmällä tai sovelluksilla (esimerkiksi, virustorjunta ohjelmalla). Salatessasi osion saattaa aiheuttaa korruptoitumisen ja järjestelmän epävakauden.\n\nOle hyvä ja sulje sovellukset jotka saattavat olla tiedostojärjestelmän käytössä (sisältäen virustorjunta ohjelman) ja yritä uudelleen. Jos tämä ei auta, ole hyvä ja seuraa alla olevia ohjeita. + VAROITUS: Jotkin yhdistetyt laitteet/osiot ovat jo käytössä!\n\nHylkäämällä tämän saatat aiheuttaa ei toivotun tuloksen sekä epästabiilin järjestelmän.\n\nSuosittelemme että suljet sovelluksen joka saattaa käyttää tätä laitetta/osiota. + Valittu laite sisältää osion.\n\nAlustamalla laitteen saattaa aiheutua järjestelmän epävakautta ja/tai tietojen vioittumista. Valitse joko laitteen osio, tai poista kaikki laitteen osiot jotta VeraCrypt voi alustaa sen turvallisesti. + Valittu ei-järjestelmäasema sisältää osioita.\n\nSalattu laiteisännöity VeraCrypt taltio voidaan luoda laitteen sisälle jotka eivät sisällä osioita (sisältäen kovalevyn ja kiinteän aseman). Laite joka sisältää osion voidaan täysin salata (käyttäen yksinkertaista pääavainta) ainoastaan jos se on laite jonne Windows on asennettuna ja josta se myös käynnistyy.\n\nJos haluat salata valitun ei-järjestelmälaitteen käyttäen yksinkertaista pääavainta, sinun tulee poistaa ensin kaikki osiot laitteelta mahdollistaaksesi VeraCrypt formatoida se turvallisesti (formatoidessasi laitteen joka sisältää osioita saattaa johtaa järjestelmä epävakauteen ja/tai tietojen korruptoitumiseen). Vaihtoehtoisesti, voit salata jokaisen osion laitteelta yksilöllisesti (jokainen osio salataan käyttäen erilaista pääavainta).\n\nHuomioi: Jos haluat poistaa kaikki osiot GPT levyltä, sinun saattaa tarvita muuntaa MBR levy (käyttäen esim. Computer Management työkalua) poistaaksesi piilotetun osion. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + TÄRKEÄÄ: Muista että tätä taltiota EI voida kytkeä/käyttää käyttämällä asema kirjainta %c:, mikä sille on nykyisellään määritelty!\n\nKytkeäksesi taltion, paina 'Autoyhdistä Laitteet' VeraCrypt pääikkunassa (vaihtoehtona, VeraCrypt pääikkunassa, paina 'Valitse Laite', ja sitten valitse osio/laite, ja paina 'Yhdistä Laite'). Taltio kytketään eri kirjaimelle, jonka valitsit VeraCrypt pääikkunan listalta.\n\nAlkuperäinen kirjain %c: tulee käyttää vain siinä tapauksessa, että sinun tarvitsee poistaa salaus osiolta/laitteelta (esim., jos et tarvitse enää salausta). Siinä tapauksessa, paina hiiren oikealla asema kirjainta %c: 'Tietokone' (tai 'My Computer') listalta ja valitse 'Formatoi'. Muutoin, asema kirjainta %c: ei tule koskaan käyttää (paitsi jos poistat sen ja uudelleen määrittelet toiselle kirjaimelle osion/laitteen). + Paikallisen ei-järjestelmä aseman salaus ei ole tuettu käyttöjärjestelmässäsi (tuettuna ovat ainoastaan Windows Vista ja myöhemmät Windows versiot).\n\nSyy tähän on se ettei Windows tue tiedostojärjestelmän kutistusta (järjestelmäosio tarvitsee kutistaa tehdäkseen tilaa asemaotsikolle ja varmuustallennukselle). + Valittu osio ei sisällä NTFS tiedostojärjestelmää. Ainoastaan osiot jotka sisältävät NTFS tiedostojärjestelmän voidaan salata paikallaan.\n\nHuomio: Syy tähän on se, että Windows ei tue kutistamista toisentyyppisillä tiedostojärjestelmillä (tiedostojärjestelmä täytyy kutistaa tehdäkseen tilaa taltion otsikoille ja varmuustallentamiseksi). + Valittu osio ei sisällä NTFS tiedostojärjestelmää. Ainoastaan osiot jotka sisältävät NTFS tiedostojärjestelmän voidaan salata paikallaan.\n\nJos haluat luoda salatun VeraCrypt taltion tälle osiolle, valitse "Luo salattu taltio ja formatoi se" (sen sijaan kuin valinta "Salaa osio paikallaan"). + Virhe: Osio on liian pieni. VeraCrypt ei voi salata sitä. + Salataksesi tietoja tälle osiolle, valitse seuraavat askeleet:\n\n1) Luo VeraCrypt taltio tyhjälle osiolle/laitteelle ja sitten kytke se.\n\n2) Kopioi kaikki tiedostot osiolta jotka alkuperäisesti halusit salata kytketylle VeraCrypt taltiolle (tämä luotiin ja kytkettiin kohdassa 1). Tällä tavoin, luot VeraCrypt-salatun varmuustallennetut tiedot.\n\n3) Luo VeraCrypt taltio osiolle jonka alkuperäisesti halusit salata ja varmista että (Opastettu VeraCrypt Taltio) valitset valinnan "Luo salattu taltio ja formatoi se" (sen sijaan kuin valitsisit "Salaa osio paikallaan"). Huomioi että kaikki tiedot tallennettuna osiolle poistuvat. Kun taltio on luotu, kytke se.\n\n4) Kopioi kaikki tiedostot kytketylle varmuustalletus VeraCrypt taltiolle (luotu ja kytketty kohdassa 1) kytke VeraCrypt taltio jonka olet luonut (ja kytketty) kohdassa 3.\n\nKun olet suorittanut nämä kohdat, tiedot salataan ja lisäksi siellä tulee olemaan varmuustallennettu salatut tiedot. + VeraCrypt salata paikalla ainoastaan osion, dynaamisen taltion, tai kokonaisen järjestelmä aseman.\n\nJos haluat luoda salatun VeraCrypt taltion valitun ei-järjestelmälaitteen sisälle, valitse valinta "Luo salattu taltio ja formatoi se" (sen sijaan että valitsisit "Salaa osio paikalla"). + Virhe: VeraCrypt voi salata paikalla ainoastaan osion, dynaamisen taltion, tai kokonaisen järjestelmä aseman. Varmista että määritelty polku on olemassa. + Virhe: Ei voida kutistaa tiedostojärjestelmää (tiedostojärjestelmä tarvitsee kutistusta tehdäksesi tilaa asemaotsikolle ja varmuustallennukselle).\n\nMahdollinen seuraus ja ratkaisut:\n\n- Ei tarpeeksi tilaa asemalla. Varmista ettei muut sovellukset kirjoita tiedostojärjestelmään.\n\n- Vioittunut tiedostojärjestelmä. Yritä tarkistaa ja korjata virheet (klikkaa hiirenoikella aseman kirjainta 'Tietokone' listalta, sitten valitse Ominaisuudet > Työkalut > 'Tarkista Nyt', varmista että valinta 'Automaattinen korjaus tiedostojärjestelmälle' on päällä ja paina Aloita).\n\nJos aiemmat vaiheet eivät auta, seuraa seuraavia vaiheita. + Virhe: Asemalla ei ole tarpeeksi tilaa ja siksi tiedostojärjestelmää ei voitu kutistaa (tiedostojärjestelmää tarvitsee kutistaa tehdäkseen tilaa taltion otsikolle ja varmuustallenteella).\n\nOle hyvä ja poista tarpeettomat tiedostot ja tyhjennä roskakori siten että on vähintään 256 KB vapaata tilaa ja yritä uudelleen. Huomioi että on Windows asia, vapaan tilan määrä ilmoitettuna Windows Resurssinhallinnassa voi olla virheellinen ennen kuin käyttöjärjestelmä on uudelleen käynnistetty. Jos uudelleen käynnistys ei auta, tiedostojärjestelmä saattaa olla vioittunut. Yritä tarkistaa se ja korjata virheet (hiiren-oikean painallus asemakirjaimen kohdalla 'Tietokone' listalta, sitten valitse Ominaisuudet > Työkalut > 'Tarkista Nyt', varmista että valinta 'Automaattinen korjaus tiedostojärjestelmälle' on päällä ja paina Aloita).\n\nJos aiemmat vaiheet eivät auta, seuraa seuraavia vaiheita. + Vapaa tilaa %s asemalla on %.2f byteä. + Vapaa tilaa asemalla %s on %.2f KB + Vapaa tilaa asemalla %s on %.2f MB + Vapaa tilaa asemalla %s on %.2f GB + Vapaa tilaa asemalla %s on %.2f TB + Vapaa tilaa asemalla %s on %.2f PB + Levykirjaimien haku epäonnistui. + Virhe: VeraCrypt levyä ei löydy.\n\nKopioi tiedosto 'veracrypt.sys' ja 'veracrypt-x64.sys' hakemistoon, jossa VeraCrypt sovellus (VeraCrypt.exe) sijaitsee. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Virhe: Salakirjoitus alustus virhe. + Virhe: Heikko tai mahdollinen heikko avain on havaittu. Avain hylätty. Yritä uudelleen. + Kriittinen virhe on tapahtunut ja VeraCrypt täytyy keskeyttää. Jos tämä johtui virheestä VeraCrypt ohjelmassa, haluaisimme korjata sen. Auttaaksesi meitä, voit lähettää automaattisesti generoidun raportin mikä sisältää seuraavat asiat:\n\n- Ohjelma versio\n- Käyttöjärjestelmäverso\n- CPU tyyppi\n- VeraCrypt komponentin nimi\n- Tarkistussumma VeraCrypt ohjelmasta\n- Symbolinen dialogin ikkunan nimi\n- Virhe kategoria\n- Virhe osoite\n- VeraCrypt kutsu pino\n\nJos valitsit 'Kyllä', seuraava URL (sisältää virheraportin) avataan oletusselaimessasi.\n\n%hs\n\nHaluatko lähettää meille oheisen virheraportin? + Kriittinen virhe tapahtunut järjestelmässäsi, mikä vaatii VeraCrypt ohjelman keskeyttämisen.\n\nHuomioi että tämä virhe ei ole tapahtunut johtuen VeraCrypt ohjelmasta (siksi VeraCrypt kehittäjät eivät voi sitä korjata). Ole hyvä ja tarkista järjestelmäsi mahdollisten ongelmien johdosta (esim., järjestelmä asetukset, verkkoyhteys, vioittuneet järjestelmä osat). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt Kriittinen Virhe + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Salaa + &Salauksenpurku + Salaus Avattu &Pysyvästi + Lopetus + Luo looginen asema laajennetulle osiolle ja yritä uudelleen. + VeraCrypt taltio voi sijaita tiedostossa (kutsutaan VeraCrypt säilöksi), joka voi sijaita esim. kovalevyllä, USB muistissa. VeraCrypt säilö on kuin mikä tahansa tavallinen tiedosto (sitä voidaan esimerkiksi, siirtää, kopioida ja tuhota kuten tavallista tiedostoa). Paina 'Valitse Tiedosto' valitaksesi tiedostonimen säilölle sekä sen sijainnin.\n\nVAROITUS: Jos valitset olemassa olevan tiedoston, VeraCrypt EI salaa sitä; tiedosto tuhotaan ja korvataan uudella luodulla VeraCrypt säilöllä. Sinun on mahdollista salata olemassa oleva tiedosto (jälkikäteen) siirtämällä ne VeraCrypt säilöön, jota olet nyt luomassa. + Valitse luotavan ulkoisen taltion sijainti (se luodaan tälle piilotetulle taltiolle myöhemmin).\n\nVeraCrypt taltio voi sijaita tiedostossa (kutsutaan VeraCrypt säilöksi), joka voidaan sisällyttää esim. kovalevylle tai USB muistiin. VeraCrypt säilö voidaan siirtää, kopioida ja poistaa kuten mitä tahansa tavallista tiedostoa. Paina 'Valitse Tiedosto' valitaksesi tiedostonimen säilölle ja valitse luotava säilön sijainti. Jos valitset jo olemassa olevan tiedoston, VeraCrypt EI SALAA sitä; tiedosto poistetaan ja korvataan uudella luodulla VeraCrypt säilöllä. Sinun on mahdollista salata olemassa olevat tiedostot (myöhemmin) siirtämällä ne VeraCrypt säilöön, jota olet nyt luomassa. + Salattu laite isännöity VeraCrypt taltiot voidaan luoda kovalevylle osion sisälle, kiinteä tila asemalle, USB muistitikulle, tai mille tahansa tuetulle tallennus asemalle. Osiot voivat olla myös salattuja paikallaan.\n\nLisäksi, salattu laite isännöity VeraCrypt taltiot voidaan luoda laiteen sisälle jotka sisältävät mitä tahansa osioita (sisältäen kovalevyn ja kiinteä tilainen asema).\n\nHuomioi: Laite joka sisältää osioita voidaan täysin salata paikallaan (käyttäen yksinkertaista avainta) ainoastaan jos se on asema jossa Windows on asennettuna ja josta se käynnistyy. + Laite isännöity VeraCrypt taltio voi olla luotuna kovalevyn osiolle, kiinteätilainen asema, USB muistitikku, ja muu talletus laite.\n\nVAROITUS: Huomioi että osio/laite formatoidaan ja kaikki nykyiset tallennetut tiedot katoavat. + \nValitse luotavan ulkoisen taltion sijainti (tämän taltion sisään luodaan myöhemmin piilotettu taltio).\n\nUlkoiset taltioit voidaan luoda kovalevylle osion sisälle, kiinteä tilaiset asemat, USB muistitikut, ja mille tahansa tuetulle ulkoiselle tallennus laitteelle. Ulkoiset taltiot voidaan luoda myös laitteen sisälle mikä ei sisällä osioita (sisältäen kovalevyn ja kiinteätilainen laite).\n\nVAROITUS: Huomioi että osio/laite formatoidaan ja kaikki nykyisin sille tallennetut tiedot katoavat. + \nValitse VeraCrypt ohjelman sijainti taltiolle, jonka tahdot luotavan piilotetulle taltiolle. + VAROITUS: Kadonnut tiedosto/asema on jo käytössä!\n\nHylkäämällä tämän voit aiheuttaa järjestelmän epästabiilisuutta. Kaikki sovellukset jotka käyttävät isäntä tiedostoa/asemaa (esimerkiksi, virustorjunta tai varmuustallennus sovellukset) tulee sulkea ennen kuin kytket taltion.\n\nJatkatko kytkemistä? + Virhe: Taltiota ei voida yhdistää. Verkkolevyn tiedosto/laite on jo käytössä. Yritys yhdistää ilman rajattuja oikeuksia myös epäonnistui. + Tiedostoa ei voida avata. + Taltion sijainti + Isot Tiedostot + Aiotko tallentaa tiedoston tälle VeraCrypt asemalle, joka koko on suurempi kuin 4 GB? + Riippuen tekemästäsi valinnasta yllä, VeraCrypt valitsee sopivimman oletus tiedostojärjestelmän VeraCrypt asemalle (sinun on mahdollista valita tiedostojärjestelmä seuraavassa vaiheessa). + Kun olet luomassa ulkoisen aseman, sinun täytyy harkita valitsemalla 'Ei'. Jos valitset 'Kyllä', oletus tiedostojärjestelmä tulee olemaan NTFS, mikä ei ole niin sopiva ulkoiselle asemalle kuin FAT (esimerkiksi maksimi mahdollinen koko piilotetulle asemalle on huomattavasti suurempi jos ulkoinen asema on formatoitu FAT:ksi). Tavallisesti, FAT on oletuksena sekä piilotetuille ja normaaleille asemille (siksi FAT asemat eivät ole epäilyttäviä). Kuitenkin, jos käyttää osoittaa aikomuksenaan tallentaa suuremman tiedoston kuin 4 GB (jota FAT tiedostojärjestelmä ei salli), siten FAT ei ole oletuksena. + Oletko varma että valitset 'Kyllä' ? + Taltion Luonti Tila + Tämä on nopein tapa luoda osio- tai laite isännöity VeraCrypt taltio (paikalla salaus, mikä on toinen vaihtoehto, on hidas koska jokainen sektorin sisältö pitää lukea ensin, salattu, ja sitten kirjoitettu). Mikä tahansa nykyinen tallennettu tieto valitulla osiolla/laitteella katoavat (tietoja EI salata; ne ylikirjoitetaan satunnaistiedolla). Jos haluat salata olemassa olevan osion datan, valitse toinen vaihtoehto. + Kokonainen valittu osio ja kaikki tallennetut tiedot tullaan salaamaan paikallaan. Jos osio on tyhjä, sinun tulee valita toinen vaihtoehto (taltio luodaan paljon nopeammin). + Huomioi: + &Aloita uudelleen + &Lykkää + &Aloita + &Jatka + &Alusta + &Pyyhi + Keskeytä alustus? + Näytä lisää tietoa + älä näytä tätä enää + Osion/aseman sisältö on onnistuneesti tyhjennetty. + Osio sisältö missä alkuperäinen järjestelmä (missä piilotettu järjestelmä on kopio) sijaitsee on onnistuneesti poistettu. + Varmista, että Windows-versio, jonka aiot asentaa (pyyhityltä osiolta) on sama kuin Windows-versio, joka sinulla on parhaillaan käynnissä. Tämä on tarpeen johtuu siitä, että molemmat järjestelmät jakavat yhteisen boot-osion. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + Järjestelmäosion/aseman salaus on onnistuneesti avattu. + \n\nVeraCrypt taltio on luotu onnistuneesti ja se on valmiina käytettäväksi.\n\nJos haluat luoda toisen VeraCrypt taltion, paina Seuraava.\n\nMuussa tapauksessa, paina Lopetus. + \n\nPiilotettu VeraCrypt taltio on onnistuneesti luotu (piilotettu käyttöjärjestelmä sijaitsee tämän piilotetun taltion sisällä).\n\nPaina Seuraava jatkaaksesi. + Asema Täysin Salattu + Volume Fully Decrypted + TÄRKEÄÄ: KYTKEÄKSESI TÄMÄN UUDEN LUODUN VERACRYPT TALTION JA PÄÄSY TALLENTAMAAN SILLE, PAINA 'Autoyhdistä Laitteet' VERACRYPT PÄÄIKKUNASSA. Sen jälkeen kun annat oikean salasanan (ja/tai toimitat oikean avaintiedoston), taltio yhdistetään asema kirjaimelle jonka valitsit VeraCrypt ohjelman pääikkunasta (ja sinun on mahdollista päästä salatuille tiedolle valitun asema kirjaimen kautta).\n\nMUISTA TAI KIRJOITA YLöS ALLA OLEVAT VAIHEET. SINUN TULLE SEURATA NIITÄ AINA KUN HALUAT YHDISTÄÄ TALTION JA PÄÄSTÄ KIINNI TALLENNETTUIHIN TIETOIHIN. Vaihtoehtoisesti, VeraCrypt pääikkunasta, paina 'Valitse Laite', ja sitten valitse osio/taltio, ja paina 'Yhdistä'.\n\nOsio/taltio on onnistuneesti salattu (se sisältää nyt täysin salatun VeraCrypt taltion) ja on valmis käytettäväksi. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCrypt taltio on luotu onnistuneesti. + Taltio Luotu + TÄRKEÄÄ: Siirrä hiirtäsi satunnaisesti tässä ikkunassa. Mitä kauemmin siirrät sen parempi. Tämä merkittävästi kasvattaa salausavaimen vahvuutta. Paina 'Alusta' luodaksesi taltion. + Paina 'Alusta' luodaksesi ulkoisen taltion. Lisätietoa, katso maininnat dokumentoinnista. + Ulkoisen Taltion Alustus + Piilotetun Taltion Alustus + Taltion Alustus + Adobe Reader (tai muu yhteensopiva työkalu) on tarpeen näyttämään tai tulostamaan VeraCrypt Käyttäjäoppaan. Adobe Reader (freeware) voit ladata vapaasti: www.adobe.com\n\nHaluatko nähdä sen sijaan online dokumentaation? + Jos valitset tämän valinnan, opastus ensiksi auttaa luomaan tavallisen VeraCrypt taltion ja sitten piilotetun VeraCrypt taltion sen sisälle. Aloittelevan käyttäjän tulisi aina valita tämä valinta. + Jos valitset tämän valinnan, luot piilotetun taltion nykyisen VeraCrypt taltion sisään. Otaksutaan että olet jo luonut VeraCrypt taltion, joka on sopiva isännöimään piilotettua taltiota. + Taltion Luonti Tila + Piilotettu Taltion Luotu + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + Olet käynnistänyt piilotetun käyttöjärjestelmän. Kuten olet huomannut, piilotettu käyttöjärjestelmä näyttäisi olevan asennettuna samalla osiolle kuin alkuperäinen käyttöjärjestelmä. Kuitenkin, todellisuudessa, se on asennettuna se takana oleva osion sisään (piilotetulle taltiolle). Kaikki luku ja kirjoitus toiminnot ovat näkymättömiä ohjauksia alkuperäiseltä piilotetulle taltiolle.\n\nKumpikaan käyttöjärjestelmä tai sovellus eivät tiedä tietojen kirjoituksesta sille ja lukemisesta siltä käyttöjärjestelmäosiolta ovat todellisuudessa kirjoitettu ja luettu sen takana olevalta osiolta (piilotetulle/lta taltiolta). Mitään sellaista tietoa on salattu ja purettu salaus lennossa (salatun avain ero siltä käytetään houkutuslintu käyttöjärjestelmänä).\n\n\nOle hyvä ja paina Seuraava jatkaaksesi. + Ulkoinen taltio on luotu ja kytketty asemalle %hc:. Tälle ulkoiselle taltiolle sinun tulee kopioida jotakin herkältä näyttäviä tiedostoja joita ET halua piilottaa. Ne ovat siellä koska jos olet pakotettu paljastamaan ensimmäiselle osiolle järjestelmäosion takana, missä ovat sekä ulkoinen taltio että piilotettua taltio (sisältää piilotetun käyttöjärjestelmän) sijaitsevat. Sinun on mahdollista paljastaa salasana ulkoiselle taltiolle ja olemassa olevalle piilotetulle taltiolle (ja piilotetulla käyttöjärjestelmällä) pysyy salassa.\n\nTÄRKEÄÄ: Tiedostot jotka kopioit ulkoiselle taltiolle ei pidä varata enempää kuin %s. Muutoin, siellä ei ole riittävästi tilaa piilotetulle ulkoiselle taltiolle (ja sinun ei ole mahdollista jatkaa). Kun olet lopettanut kopioinnin, paina Seuraava (älä pois kytke taltioita). + Ulkoinen taltio on luotu onnistuneesti ja yhdistetty asemalle %hc:. Tälle asemalle sinun pitää nyt kopioida jokin arkaluontoisen näköinen tiedosto jota sinä ET oikeasti tahdo piilottaa. Tiedostot ovat siellä koska kukaan ei pakota sinua paljastamaan salasanaasi. Sinä kerrot ainoastaan salasanan ulkoiselle taltiolle, et piilotetulle. Tiedostot joista todella välität ovat tallennetut piilotetulle taltiolle, joka luodaan myöhemmin. Kun lopetat kopioinnin, paina Seuraava. Älä irrota taltiota.\n\nTiedotus: Kun painat Seuraava näppäintä, ulkoisen taltio ryhmän bittikartta tutkitaan määritettäessä keskeytymättömän vapaan alueen kokoa joka päättyy taltion lopussa. Tämä alue sijaitsee piilotetulla taltiolle, siksi se rajoittaa mahdollisen maksimi koon. Ryhmä bittikartta käydään läpi varmistettaessa sen ettei ulkoinen piilotettu taltion ole ylikirjoittanut dataa. + Ulkoinen Taltio Sisältö + \n\nSeuraavassa vaiheessa asetat vaihtoehdot ulkoiselle taltiolle (jonne piilotettu taltio luodaan myöhemmin). + \n\nSeuraavaksi, sinä luot niin kutsutun ulkoisen VeraCrypt taltion joka on ensimmäisen osion sisällä käyttöjärjestelmän osion takana (kuten selostimme yhdessä edellisissä askeleissa). + Ulkoinen Taltio + Seuraavissa vaiheissa, sinun tulet valitsemaan vaihtoehdon ja salasanan piilotetulle taltiolle, mikä sisältää piilotetun käyttöjärjestelmän.\n\nMaininta: Klusterin bittikartta ulkoiselle taltiolle on skannattu keskeytymättömän alueen tunnistamiseksi vapaalla alueella mikä on järjestetty ulkoisen taltion loppuun. Tämä alue sisältää piilotetun taltion, siksi se rajoittaa mahdollisen maksimi koon. Maksimi mahdollinen koko piilotetulle taltiolle on tunnistettu ja vahvistettu olevaksi isompi kuin järjestelmäosion koko (mikä on vaadittu, koska kokonainen sisältö tarvitaan kopioida piilotetulle taltiolle). Tämä takaa sen että nykyisin ulkoiselle taltiolle tallennettu tietoa ei ylikirjoiteta piilotetun taltion kirjoitetulla tiedolla. + TÄRKEÄÄ: Muista valitsemasi algoritmi tässä vaiheessa. Sinun tulee valita sama algoritmi houkutuslintu järjestelmälle. Muutoin, piilotettu järjestelmän sisään ei ole pääsyä! (Houkutuslintuna oleva järjestelmä tulee salata samalla salausalgoritmilla kuin piilotettu järjestelmä.)\n\nHuomioi: Syy tähän on se, että houkutuslintuna oleva järjestelmä ja piilotettu järjestelmä jakavat yhden ja saman Käynnistyslataajan, mikä tukee ainoastaan yksinkertaista algoritmia, käyttäjän valitsema (jokaiselle algoritmille, siellä on erityinen versio VeraCrypt Käynnistyslataajasta). + \n\nTaltio ryhmän bittikartta on tutkittu ja piilotetun taltion suurin mahdollinen koko määritetty. Seuraavaksi valitset vaihtoehdot, koko, ja salasana piilotetulle taltiolle. + Piilotettu Taltio + Piilotettu taltio on suojattu vaurioita vastaan kunnes ulkoinen taltio on purettu.\n\nVAROITUS: Jos jotakin dataa yritetään tallentaa piilotetulle taltion alueelle, VeraCrypt aloittaa kirjoitus suojauksen taltiolle (sekä ulkoinen että piilotetut osat) ennen kuin sen on purettu. Tämä saattaa aiheuttaa tiedostojärjestelmän vioittumisen ulkoisella taltiolle, joka (jos toistetaan) saattaa todennäköisesti vaikuttaa epäsuotuisasti piilotetulle taltiolle. Siksi, sinun täytyy pyrkiä välttämään kirjoittamista piilotetulle taltion alueelle. Data joka tallennetaan piilotetulle taltion alueelle ei tallenneta ja se häviää. Windows saattaa raportoida tästä kirjoitus virheellä ("Viivästetty Kirjoitus Epäonnistui" tai "Parametrit olivat virheelliset"). + Jokainen piilotettu taltio uudessa yhdistetyssä taltiossa in nyt suojattu vahinkoja vastaan ennen yhteys poistetaan.\n\nVAROITUS: Jos jokin yrittää tallentaa joillekin näistä suojatuista piilotetuista taltioiden alueista, VeraCrypt aloittaa kirjoitus suojauksen koko taltiolle (sekö ulkoiselle että piilotetulle osalle) ennen kuin ne on purettu. Tämä saattaa aiheuttaa tiedostojärjestelmän korruptoitumisen ulkoisella taltiolle, joka (jos toistetaan) saattaa haitallisesti vaikuttaa todennäköisesti kiistanalaisesti piilotetulle taltiolle. Siksi sinun täytyy yrittää välttää kirjoittamasta piilotetulle taltion alueelle. Mikä tahansa data tallennettuna suojatulle piilotetulle taltion alueelle ei tallenneta ja se häviää. Windows saattaa raportoida tästä kirjoitus virheellä ("Viivästetty Kirjoitus Epäonnistui" tai "Parametrit ovat virheelliset"). + VAROITUS: Dataa on yritetty tallentaa piilotetulle taltion alueelle joka on yhdistetty nimellä %c:! VeraCrypt torjuu näiden datojen tallennuksen suojatakseen piilotetun taltion. Tämä saattaa aiheuttaa tiedostojärjestelmän vioittumisen ulkoisella taltiolle, ja Windows saattaa raportoida kirjoitus virheellä ("Viivästetty Kirjoitus Epäonnistui" tai "Parametrit ovat virheelliset"). Koko taltio (sekä ulkoinen että piilotettu osa) kirjoitus suojataan ennen kuin se puretaan. Jos tämä ei ole ensimmäinen kerta kun VeraCrypt on torjunut datan kirjoittamisen tämän taltion piilotetulle taltio alueelle, tämä taltio saattaa olla todennäköisesti vaikuttanut kiistanalaisesti haitalliselta (mahdollisten epätavallisten ristiriitojen ulkoisella tiedostojärjestelmällä). Siksi, sinun täytyy harkita uuden VeraCrypt taltion luontia (Nopea Alustus poispäältä) ja siirtää tiedostot tältä taltiolta uudelle taltiolle; tämä taltio täytyy turvallisesi tyhjentää (sekä ulkoinen että piilotettu osa). Vahvasti suosittelemme että nyt uudelleen käynnistät käyttöjärjestelmän. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + Turvallisuus syistä, kun piilotettu käyttöjärjestelmä on toiminnassa, piilotettu taltio voidaan luoda ainoastaan 'suora' tilassa (koska ulkoinen taltio täytyy aina yhdistää vain lukutilassa).\n\nLuodaksesi piilotetun taltion turvallisesti, seuraa näitä vaiheita:\n\n1) Käynnistä houkutuslintuna oleva järjestelmä.\n\n2) Luo tavallinen VeraCrypt taltio ja tälle taltiolle, kopioi jotakin herkältä näyttäviä tiedostoja joita ET oikeasti halua piilottaa (taltiosta tulee ulkoinen taltio).\n\n3) Käynnistä piilotettu järjestelmä ja käynnistä VeraCrypt Opastettu Taltion Luonti. Jos taltio on tiedosto pohjainen, siirrä se järjestelmäosiolle tai toiselle piilotetulle taltiolle (muutoin, vasta luotu piilotettu taltio voidaan yhdistää vain lukutilassa ja sitä ei voida formatoida). Seuraa ohjeita opastetussa tilassa siten että valitse 'suora' piilotettu taltion luonti tila.\n\n4) Opastetussa luonnissa, valitse taltio jonka teit vaiheessa 2 ja sitten seuraa ohjeita luodaksesi piilotetun taltion sen sisään. + Turvallisuus syistä, kun piilotettu käyttöjärjestelmä on toiminnassa, paikallinen salaamaton tiedostojärjestelmä ja ei-piilotettu VeraCrypt taltiot ovat yhdistettyinä lukutilassa (dataa ei voida kirjoittaa tällaiselle tiedostojärjestelmälle tai VeraCrypt taltioille).\n\nTietoa voidaan kirjoittaa mille tahansa tiedostojärjestelmälle mikä sijaitsee piilotetulla VeraCrypt taltiolla (edellyttäen että piilotettu taltio ei sijaitse säilössä talletettuna salaamattomalle tiedostojärjestelmälle tai jollekin muulle vain luettavassa tiedostojärjestelmässä). + On kolme pääsyytä miksi tällainen vastatoimenpide on toteutettu:\n\n- Se mahdollistaa luonnin suojatulle alustalle yhdistääkseen piilotetun VeraCrypt taltiot. Huomioi että me virallisesti suosittelemme piilotetut taltiot ovat yhdistettyinä ainoastaan silloin kun piilotettu käyttöjärjestelmä on toiminnassa. (Lisätietoa, katso aliotsikko 'Turvallisuus Varokeinot Liittyen Piilotettuun Taltioon' dokumentissa.)\n\n- Joissakin tapauksissa, on mahdollista tunnistaa että, määrätty aika , tietty tiedostojärjestelmä ei ole yhdistetty (tai että tietty tiedosto tiedostojärjestelmässä ei ole tallennettu tai siihen ei ole pääsyä) tietty käyttöjärjestelmän esimerkki (esim. analysoi ja vertaa tiedostojärjestelmä julkaisut, tiedoston aikaleimat, sovelluksen lokit, virhe lokit jne.). Tämä saattaa osoittaa että piilotettu käyttöjärjestelmä on asennettuna tälle tietokoneelle. Vastatoimenpiteenä ehkäise nämä ongelmat.\n\n- Se suojaa tiedostojärjestelmän joka on yhdistetty molempien houkutuslintuna olevan järjestelmän alle ja piilotettu järjestelmä kun yksi tai molemmat järjestelmät ovat valmiustilassa. VeraCrypt takaa tämän kirjoitus suojaamalla tiedostojärjestelmän houkutuslintuna ja piilotetulla järjestelmällä. Ilman tällaista suojausta tiedostojärjestelmä vioittuisi kun se olisi jo kytkettynä ja toinen valmiustilassa. + Huomioi: Jos tarvitset turvallisesti siirtää tiedostoja houkutuslintuna olevalta järjestelmältä piilotetulle järjestelmälle, seuraa näitä vaiheita: 1) Käynnistä houkutuslintuna oleva järjestelmä. 2) Tallenna tiedostot salaamattomaan taltioon tai ulkoiseen/tavalliseen VeraCrypt taltioon. 3) Käynnistä piilotettu järjestelmä. 4) Jos et tallenna tiedostoa VeraCrypt taltiolle, kytke se (automaattinen kytkentä vain lukutilassa). 5) Kopioi tiedostot piilotetulle järjestelmäosiolle tai muulle piilotetulle taltiolle. + Tietokone tulee uudelleen käynnistää.\n\nHaluatko käynnistää sen nyt? + Virhe tapahtui kun haettiin järjestelmän salakirjoitus arvoa. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Sovelluksen komponentteja ei voida alustaa järjestelmän salakirjoitusta varten. + Satunnaisnumeron luonnin alustus epäonnistui! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Sovellusta ei pystytä alustamaan. Viestiruudun ikkunan rekisteröinti epäonnistui. + Virhe: Virhe ladattaessa Rich edit järjestelmä kirjastoa. + Opastettu VeraCrypt Taltion Luonti + Suurin mahdollinen piilotettu taltion koko tälle taltiolle on %.2f byteä. + Suurin mahdollinen piilotettu taltion koko tälle taltiolle on %.2f KB. + Suurin mahdollinen piilotettu taltion koko tälle taltiolle on %.2f MB. + Suurin mahdollinen piilotettu taltion koko tälle taltiolle on %.2f GB. + Suurin mahdollinen piilotettu taltion koko tälle taltiolle on %.2f TB. + Taltion salasanaa/avaintiedostoa ei voida muuttaa kun taltio on yhdistettynä. Poista yhteys taltiolta. + Otsikkoavaimen periytyvää algoritmia ei voida muuttaa kun taltio on yhdistettynä. Poista yhteys taltiolta. + Y&hdistä Laite + Uusi VeraCrypt versio vaaditaan jotta tämän taltion yhdistäminen on mahdollista. + Virhe: Taltion Luonti Velhoa ei löydetty.\n\nOle hyvä ja varmista että tiedosto 'VeraCrypt Format.exe' on hakemistossa missä 'VeraCrypt.exe' on perustettu. Jos se ei ole, asenna uudelleen VeraCrypt ohjelma, tai määritä 'VeraCrypt Format.exe' levylläsi ja aja se. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Seuraava > + &Valmis + &Asenna + P&ura + Mahdotonta yhdistää VeraCrypt laiteohjain. VeraCrypt ei voi toimia jos oikea laiteohjain ei ole käytössä.\n\nHuomioi tämä, Windows ongelmista johtuen, voi olla tarpeen että kirjaudut ulos tai käynnistät järjestelmän uudelleen ennen kuin laiteohjain voidaan ladata. + Virhe tapahtui kun ladattiin/valmisteltiin fontteja. + Aseman kirjainta ei löydetty tai kirjainta ei määritelty + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Aseman kirjain ei käytettävissä. + Ei valittua tiedostoa! + Ei vapaita tunnuksia vapaana. + Vapaita taltion tunnuksia ei vapaana ulkoiselle taltiolle! Taltion luontia ei voida jatkaa. + Ei voida tunnistaa käyttöjärjestelmäsi versiota tai käyttöjärjestelmäsi ei ole tuettu. + Ei Polkua Valittuna! + Ei Tarpeeksi vapaata tilaa piilotetulle taltiolle! Taltion luontia ei voida jatkaa. + Virhe: Tiedosto joka kopioit ulkoiseen asemaan varaa liikaa tilaa. Siksi, ei ole tarpeeksi tilaa ulkoiselle asemalle piilotetulle taltiolle.\n\nHuomioi, että piilotettu taltio täytyy olla isompi kuin järjestelmäosio (osio missä käyttöjärjestelmä on käytössä ja asennettuna). Syy miksi piilotettu käyttöjärjestelmän tarvitsee olla luotuna kopioimalla sisältö järjestelmäosion piilotetulle taltiolle.\n\n\nPiilotetun käyttöjärjestelmän luonti prosessia ei voida jatkaa. + Taltiolta on mahdotonta poistaa yhteyttä. Jotkin tiedostot sijaitsevat taltiolla ja saattavat olla edelleen auki. + Taltiota ei voida lukita. Siellä on edelleen avoimia tiedostoja. Siksi yhteyttä ei voida poistaa. + VeraCrypt ei voi lukita taltiota koska on käytössä järjestelmällä tai sovelluksilla (taltiolla saattaa olla avoimia tiedostoja).\n\nHaluatko pakotetusti purkaa yhteyden taltiolle? + Valitse VeraCrypt Taltio + Määrittele Polku ja Tiedostonimi + Valitse PKCS #11 Kirjasto + Muisti loppui + TÄRKEÄÄ: Vahvasti suosittelemme että aloittelijat luovat VeraCrypt tiedosto säilön valitulle laitteelle/osiolle, sen sijaan että yrittäisivät salata kokonaisen laitteen/osion.\n\nKun luot VeraCrypt tiedosto säilön (päinvastoin kuin salaisit laitteen tai osion), esimerkiksi, kun ei ole riskiä tuhota isoa määrää tiedostoja. Huomioi, että VeraCrypt tiedosto säilö (vaikka sisältäisi virtuaalisen suojatun levyn) on oikeastaan kuin normaali tiedosto. Siksi, se voi olla esimerkiksi helpompi uudelleen nimetä, siirtää, tai kopioida kuten normaali tiedosto. Lisätietoa, katso kappale Aloittelijan Opas VeraCrypt Käyttäjä Oppaassa.\n\nHaluatko varmasti suojata kokonaisen laitteen/osion? + VAROITUS: Tiedosto '%s' on jo olemassa!\n\nTÄRKEÄÄ: VERACRYPT EI SALAA TIEDOSTOA, VAAN SE TUHOTAAN. Oletko varma, että haluat tuhota tiedoston ja korvata sen uudella VeraCrypt säilöllä? + VAROITUS: KAIKKI TIEDOSTOT JOTKA OVAT TALLENNETTUNA VALITULLA %s '%s'%s NE TUHOTAAN JA HÄVITETÄÄN (NIITÄ EI SALATA)!\n\nHaluatko varmasti jatkaa alustusta? + VAROITUS: Sinun ei ole mahdollista yhdistää taltiota tai päästä tallennettuihin tiedostoihin käsiksi ennen kuin se on täysin salattu.\n\nOletko varma että haluat aloittaa salauksen valitulle %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + VAROITUS: Huomioi että jos virta yhtäkkiä katkeaa ennen kuin salaus on suoritettu olemassa olevalle tiedoille, tai kun käyttöjärjestelmä keskeytyy virheeseen tai laitteisto vian vuoksi kun VeraCrypt on salaamassa olemassa olevaa tietoa, osa tiedoista korruptoituu tai häviää. Siksi, ennen kuin aloitat salauksen, ole hyvä ja varmista sinulla on varmuustallennus tiedostoista jotka haluat salata.\n\nOnko sinulla tällainen varmuustallenne? + VAROITUS: MITKÄ TAHANSA TIEDOSTOT JOTKA OVAT TALLENNETTU OSIOLLE '%s'%s (KUIN TAAS ENSIMMÄISELLE OSIOLLE KÄYTTöJÄRJESTELMÄN TAKAISELLA OSIOLLA) POISTETAAN JA NE HÄVIÄVÄT (NIITÄ EI SALATA)!\n\nOletko varma että haluat jatkaa formatoinnilla? + VAROITUS: VALITTU OSIO SISÄLTÄÄ ISON MÄÄRÄN TIETOA! Mikä tahansa tallennettu tiedosto osiolle pyyhitään ja katoaa (niitä EI salata)! + Pyyhi mikä tahansa tallennettu tiedosto osiolta luomalla sen sisään VeraCrypt taltion + Salasana + PIM + Aseta Otsikkoavaimen Periytyvä algoritmi + Lisää/Poista Avaintiedosto Taltiolta(lle) + Poista Kaikki Avaintiedostot Taltiolta + Salasana, PIM ja/tai avaintiedosto(t) on onnistuneesti vaihdettu.\n\nTÄRKEÄÄ: Varmista, että luet osuuden 'Muuttaa Salasanat ja Avaintiedostot' kappaleesta 'Turvallisuus Varotoimet' VeraCrypt Käyttäjä Oppaasta. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + TÄRKEÄÄ: Jos et tuhoa VeraCrypt Pelastuslevyäsi, sinun käyttöjärjestelmäosio/asema voi silti olla salaamaton käyttäen vanhaa salasanaa (käynnistämällä VeraCrypt Pelastuslevy ja antamalla vanhan salasanan). Sinun täytyy luoda uusi VeraCrypt Pelastuslevy ja sitten tuhota vanha.\n\nHaluatko luoda uuden VeraCrypt Pelastuslevyn? + Huomioi, että VeraCrypt Pelastuslevy käyttää vielä edellistä algoritmia. Jos harkitset että edellinen algoritmi on turvaton, sinun täytyy luoda ensin uusi VeraCrypt Pelastuslevy ja sitten tuhota vanha.\n\nHaluatko luoda uuden VeraCrypt Pelastuslevyn? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Avaintiedosto(t) onnistuneesti lisätty/poistettu. + Avaintiedosto viety. + Otsikkoavain Periytyvä algoritmin asetus onnistui. + Anna salasana ja/tai avaintiedosto(t) ei-järjestelmätaltiolle minne haluat aloittaa uudelleen prosessin paikallaan salaukselle.\n\n\nHuomaa: Sen jälkeen kun painat Seuraava, VeraCrypt yrittää etsiä ei-järjestelmätaltioita missä salaus prosessi on keskeytynyt ja missä VeraCrypt taltio otsikko voi olla salauspurettu käyttäen hankittua salasanaa ja/tai avaintiedostoa(t). Jos enemmin kuin yksi tällainen taltio löydetään, sinun tarvitsee valita yksi niistä seuraavassa askeleessa. + Ole hyvä ja valitse yksi listatuista taltioista. Lista sisältää jokaisen helppopääsyisen ei-järjestelmätaltion missä salauksen prosessi on keskeytynyt ja jonka otsikko voi olla salaus purettuna käyttäen saatavana olevaa salasanaa ja/tai avaintiedostoa(t). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + On erittäin tärkeää että valitset hyvän salasanan. Sinun tulee välttää sellaisia jotka sisältävät vain yhden sanan joka voidaan löytää sanakirjasta (tai yhdistelmää 2, 3, tai 4 vastaavia sanoja). Sen ei pidä sisältää mitään nimeä tai syntymäpäivää. Ei pidä olla helposti arvattavissa. Hyvä salasana on satunnainen yhdistelmä isoja ja pieniä kirjaimia, numeroita, ja erikoismerkkejä kuten @ ^ = $ * + jne. Suosittelemme valitsemaan salasanaan useamman kuin 20 merkkiä (mitä pitempi sitä parempi). Maksimi pituus on 64 merkkiä. + Valitse salasana piilotetulle taltiolle. + Valitse salasana piilotetulle käyttöjärjestelmälle (esim. piilotetulle taltiolle). + TÄRKEÄÄ: Salasana jonka valitsit piilotetulle käyttöjärjestelmälle tässä kohtaa tulee olla erilainen kuin toiset kaksi salasanaa (näitä ovat ulkoisen taltion salasana ja houkutuslintuna olevan käyttöjärjestelmän salasana). + Anna taltiolle salasana jonka haluat luoda piilotetun taltion sisälle.\n\nPaina Seuraavaksi, VeraCrypt yrittää yhdistää taltion. Hetki kun taltio on yhdistetty, ryhmä bittikartta tutkitaan läpi määritelläkseen vapaan tilan keskeytys alueella (jos on joitakin) mikä loppuu sovitettuun taltion loppuun. Tämä alue sijaitsee piilotetulla taltiolla ja siksi sillä on rajoitettu koko. Ryhmä bittikartan tutkiminen on tarpeen varmistaakseen ettei ulkoisella taltiolla olevaa dataa ylikirjoiteta piilotetun taltion toimesta. + \nValitse salasana ulkoiselle taltiolle. Tämä tulee olemaan salasana jonka voit paljastaa pakotetussa tilanteessa.\n\nTÄRKEÄÄ: Salasana tulee olla täysin erilainen kuin sen jonka valitsit piilotetulle taltiolle.\n\nHuomioi: Maksimi mahdollinen pituus on 64 merkkiä. + Ole hyvä ja valitse salasana ulkoiselle taltiolle. Tämä tulee olemaan salasana jonka voit antaa kenelle tahansa pakotetussa tilanteessa salasanaa ensimmäiselle osiolle käyttöjärjestelmän takan, kun molemmat ulkoinen ja piilotettu taltion (sisältää piilotetun käyttöjärjestelmän) sijaitsee. Olemassa oleva piilotettu taltio (ja piilotettu käyttöjärjestelmä) pysyvät salattuina. Huomioi että tämä salasana ei ole houkutuslintuna olevaa käyttöjärjestelmää varten.\n\nTÄRKEÄÄ: Salasana tulee olla täysin erilainen kuin sen jonka valitsit piilotetulle taltiolle (kuin myös piilotetulle käyttöjärjestelmälle). + Ulkoisen Taltion Salasana + Piilotetun Taltion Salasana + Salasana Piilotetulle Käyttöjärjestelmälle + VAROITUS: Lyhyt salasana on helppo murtaa brute force tekniikan avulla!\n\nSuosittelemme valitsemaan salasanan, joka sisältää enemmän kuin 20 merkkiä. Haluatko varmasti käyttää lyhyttä salasanaa? + Taltion Salasana + Väärä salasana tai se ei ole VeraCrypt taltio. + Väärä avaintiedosto(t) ja/tai väärä salasana tai ei ole VeraCrypt taltio. + Väärä yhteys tila, väärä salasana, tai väärä VeraCrypt taltio. + Väärä yhteys tila, väärä avaintiedosto(t) ja/tai salasana, tai väärä VeraCrypt taltio. + Väärä salasana tai VeraCrypt taltiota ei löydetty. + Väärä avaintiedosto(t)/salasana tai VeraCrypt taltiota ei löydetty. + \n\nVaroitus: Caps Lock on päällä. Tämä saattaa johtaa siihen että salasanasi on virheellinen. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + Jos yrität suojata piilotetussa säilössä olevan piilotetun järjestelmän, varmista että käytät vakio näppäimistöäsi kun kirjoitat salasanan piilotetulle taltiolle. Tämä on vaadittu koska todellisuudessa salasana tulee kirjoittaa esikäynnistys ympäristössä (ennekuin Windows käynnistyy) kun Windows näppäimistösi ei vielä käytettävissä. + VeraCrypt ei löytänyt mitään taltiota missä ei-järjestelmä salaus olisi keskeytynyt ja missä taltion otsikko voi olla salaus purettuna käyttäen saatavana olevalla salasanalla ja/tai avaintiedostolla.\n\nVarmista että salasana ja/tai avaintiedosto ovat oikein ja että osio/taltio ei ole järjestelmän tai sovelluksien käytössä (sisältäen virustorjunta ohjelmiston). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nTiedotus: Jos yrität yhdistää osiota joka sijaitsee salatulla järjestelmäosiolla ilman esikäynnistys autentikointia tai yhdistät salatun järjestelmäosion käyttöjärjestelmälle joka ei ole ajossa, voit tehdä sen valitsemalla 'Järjestelmä' > 'Yhdistä Ilman esikäynnistys Autentikointia'. + Tässä tilassa, et voi valita kytketyn osion sijaintia asemalla jonka osa on aktiivisen järjestelmä salauksen avain ala.\n\nEnnen kuin voit kytkeä osion tähän tilaan, sinun tarvitsee joko käynnistää järjestelmä uudelleen, joka on asennettuna eri asemalle (salattu tai salaamaton) tai käynnistää salaamaton käyttöjärjestelmä. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Takaisin + Asennettujen raaka laitteiden listausta ei saada tehtyä järjestelmässäsi! + Taltio '%s' löytyi, ja on vain lukutilassa. Haluatko korvata sen? + Valitse kohde hakemisto + Valitse Avaintiedosto + Valitse avaintiedoston haku polku. VAROITUS: Huomioi, että ainoastaan polku muistetaan, ei tiedostonimeä! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Suunnittelu Ross Anderson, Eli Biham ja Lars Knudsen. Julkaistu 1998. 256-bitin avain, 128-bitin lohko. Toiminta tila on XTS. Serpent oli yksi AES finalisti. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Ulkoisen Taltion Koko + Piilotetun Taltion Koko + Tarkista että valitun laitteen/osion koko on näytetty yllä oikein ja paina Seuraava. + Ulkoinen taltio ha piilotettu taltio (sisällytetty piilotettuun käyttöjärjestelmään) sijaitsee yllä mainitussa osiossa. Sen tulee olla ensimmäinen osio käyttöjärjestelmäosion takana.\n\nOle hyvä ja tarkista että partition koko ja sen numero on näytetty yllä oikein, ja jos näin on, paina Seuraava. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Taltion Koko + Dynaaminen + VAROITUS: ITSETARKISTUS EPÄONNISTUI! + Itsetarkistukset kaikille algoritmeille suoritettu onnistuneesti + Yksikön data numero jonka annoit on liian lyhyt tai pitkä. + Toissijainen avain jonka annoit on liian lyhyt tai pitkä. + Annetun testi salatekstin pituus on liian pitkä tai lyhyt. + Annetun testi avaimen pituus on liian pitkä tai lyhyt. + Annetun testi tekstin pituus on liian pitkä tai lyhyt. + Kaksi ryhmää cascade toiminnassa ovat XTS tilassa. Jokainen ryhmä on ensimmäisenä salattuina %s (%d-bitin avain) ja sitten %s (%d-bitin avain). Jokainen salakirjoitus käyttää omaa avainta. Kaikki avaimet ovat toisistaan riippumattomia. + Kolme ryhmää on cascadoitu toimimaan XTS tilassa. Jokainen ryhmä on ensimmäiseksi salattuina %s (%d-bitin avain), ja sitten %s (%d-bitin avain), ja lopuksi %s (%d-bitin avain). Jokainen salakirjoitus käyttää omaa avainta. Kaikki avaimet ovat toisistaan riippumattomia. + Huomioi, että riippuen käyttämästäsi käyttöjärjestelmästä, nämä automaattinen ajo ja automaattinen kytkentä ominaisuudet saattavat toimia ainoastaan kun liikutettavat levytiedostot ovat luotuna ei-kirjoitettavaan CD/DVD-kaltaiselle levylle. Huomioi, että tämä ei ole virhe VeraCrypt ohjelmassa (tämä on Windowsin rajoitus). + VeraCrypt liikutettava levy on onnistuneesti luotu.\n\nHuomioi, että tarvitset pääkäyttäjän oikeudet ajaaksesi VeraCrypt liikutettavassa tilassa. Huomioi myös, että järjestelmärekisterin tutkimisen jälkeen on mahdollista nähdä, että VeraCrypt on suoritettu Windows järjestelmän alla vaikka sitä olisi ajettu liikutettavassa tilassa. + VeraCrypt Liikutettava Levy + Suunnittelu: Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Julkaistu 1998. 256-bit avain, 128-bit lohko. Toimintatapa on XTS. Twofish on yksi AES finalisti. + Lisätietoa %s + Tuntematon + An unspecified or unknown error occurred (%d). + Jotkin asemat sisältävät tiedostoja tai hakemistoja jotka ovat sovelluksen tai järjestelmän käytössä.\n\nPakotettu yhteyden poisto? + &Poista Yhteys + Yhteyden poisto epäonnistui! + Taltion sisältää tiedostoja tai hakemistoja jotka ovat sovelluksen tai järjestelmän käytössä.\n\nPakotettu yhteyden poisto? + No volume is mounted to the specified drive letter. + Taltion jota yritit yhdistää on jo yhdistetty. + Virhe tapahtui yhdistettäessä taltiota. + Virhe etsittäessä sijaintia taltiosta. + Virhe: Väärä aseman koko. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynaaminen säilö on esisijoitettu NTFS tiedosto minkä fyysinen koko (todellisuudessa käytetty levytila) kasvaa kun uutta tietoa lisätään.\n\nVAROITUS: suorituskyky tiedostoisännöidyllä taltiolla on huomattavasti heikompi kuin tavallisella taltiolla. tiedostoisännöidyllä taltiolla on myös heikompi turvallisuus, koska on mahdollista katsoa minkä taltion sektorit ovat käyttämättöminä. Lisäksi tiedostoisännöidyt taltiot eivät voi hankkia kiistettävissä olevaa uskottavuutta (piilotetun taltion isäntä). Huomioi myös että jos tieto on kirjoitettu tiedosto säilölle kun siinä ei ole tarpeeksi vapaata isäntä tiedostojärjestelmässä, salattu tiedostojärjestelmä saattaa vioittua.\n\nOletko varma että haluat luoda tiedostoisännöidyn taltion? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt ei voi muuttaa salasanaa vieraalle taltiolle. + Valitse vapaa aseman kirjain listalta. + Valitse yhdistettävän taltion kirjain listalta. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Virhe: Ei voida luoda autorun.inf tiedostoa + Virhe suoritettaessa avaintiedostoa! + Virhe suoritettaessa avaintiedosto polkua! + Avaintiedoston polku ei sisällä tiedostoja.\n\nHuomioi että hakemisto (ja hakemiston tiedostot) löydetään avaintiedoston haulla ovat hylättyjä. + VeraCrypt ei tue tätä käyttöjärjestelmää. + Virhe: VeraCrypt tukee ainoastaan vakaita versioita tästä käyttöjärjestelmästä (beeta/RC versiot eivät ole tuettuina. + Virhe: Ei voida varata muistia. + Virhe: Ei voida noutaa suorituskyky laskurin arvoa. + Virhe: Virheellinen taltion formaatti. + Virhe: Annoit salasanan piilotetulle taltiolle (et tavalliselle taltiolle). + Turvallisuus syistä, piilotettu taltiota ei voida luoda VeraCrypt taltion sisälle joka sisältää tiedostojärjestelmän joka on salattu paikallaan (koska vapaa tila taltiolla ei on täytetty satunnaistiedoilla). + VeraCrypt - Lainmukaiset Tiedotukset + Kaikki Tiedostot + VeraCrypt Taltiot + Kirjasto Moduulit + NTFS alustusta ei voida jatkaa. + Ei voida yhdistää taltiota. + Ei voida poistaa yhteyttä taltiota. + Windows epäonnistui alustamaan taltiota NTFS tyyppiseksi.\n\nValitse eri tyyppinen tiedostojärjestelmä (jos mahdollista) ja yritä uudelleen. Vaihtoehto, voit jättää taltio alustamatta (valitse 'ei mitään' tiedostojärjestelmäksi), poistu tästä opastusta, yhdistä taltio, ja sitten käytä joko järjestelmän tai kolmannen osapuolen työkalua alustaaksesi yhdistetyn taltion (asema jää suojatuksi). + Windows epäonnistui alustamaan taltiota NTFS tyyppiseksi.\n\nHaluatko sen sijaan alustaa taltion FAT tyyppiseksi? + Oletus + osio + OSIO + Laite + laite + LAITE + Taltio + taltio + TALTIO + Label + Valittu ryhmä koko liian pieni tälle taltion koolle. Suurempaa ryhmä kokoa käytetään sen sijaan. + Virhe: Taltion kokoa ei saatu!\n\nVarmista, että valittu taltio ei ole järjestelmän tai toisen sovelluksen käytössä. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + VeraCrypt Taltion Luonti Velho voi luoda piilotetun taltio ainoastaan FAT tai NTFS taltiolle. + Windows 2000, VeraCrypt Taltion Luonti Velho voi luoda piilotetun taltion ainoastaan FAT taltiolle. + Huomio: FAT tiedostojärjestelmä on sopivampi ulkoiselle taltiolle kuin NTFS tiedostojärjestelmä (esimerkiksi, maksimi mahdollinen koko piilotetulle taltiolle olisi oltava merkittävästi suurempi kun ulkoinen taltio on formatoituna FAT tyyppisenä). + Huomio että FAT tiedostojärjestelmä on sopivampi ulkoiselle taltiolle kuin NTFS tiedostojärjestelmä. Esimerkiksi, maksimi mahdollinen koko piilotetulle taltiolle olisi oltava merkittävästi suurempi kun ulkoinen taltio on formatoituna FAT tyyppisenä (syy on tämä. NTFS tiedostojärjestelmä tallentaa aina sisäisen datan keskelle taltiota ja, siksi, piilotettu taltio voi olla ainoastaan toisella puoliskolla ulkoista taltiota).\n\nOletko varma että haluat formatoida ulkoisen taltion NTFS tyyppiseksi? + Haluatko formatoida taltion sen sijaan FAT tyyppiseksi? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Virhe: Piilotetun käyttöjärjestelmän osio (se on ensimmäinen osio järjestelmäosion takana) pitää olla vähintään 5% suurempi kuin järjestelmäosio (järjestelmäosio on se yksi missä nykyinen käyttöjärjestelmä on käynnissä ja asennettuna). + Virhe: Osio piilotetulle käyttöjärjestelmälle (se joka on ensimmäinen osio käyttöjärjestelmäosion takana) tulee olla vähintään 110% (2.1 kertaa) isompi kuin järjestelmäosio (järjestelmäosio on yksi nykyisistä käyttöjärjestelmistä jonne käynnissä oleva käyttöjärjestelmä on asennettu). Syy tähän on NTFS tiedostojärjestelmä tallentaa aina sisäisesti datan samalla tavalla keskelle asemaa ja, siksi, piilotettu taltio (joka sisältää jäljitelmän järjestelmäosiosta) voi sijaita ainoastaan toisella puoliskolla osiota. + Virhe: Jos ulkoinen taltio on NTFS, sen tulee olla vähintään 110% (2.1 kertaa) isompi kuin järjestelmäosion. Syy tähän on se, että NTFS tiedostojärjestelmä on aina tallennettuna sisäisesti tarkalleen keskelle taltiota, ja siksi piilotettu taltio (joka sisältää jäljitelmän järjestelmäosiosta) voi sijaita ainoastaan toisella puoliskolla ulkoista taltiota.\n\nHuomioi: Ulkoinen taltio pitää sijaita samalla osiolla kuin piilotettu käyttöjärjestelmä (kuten ensimmäinen osio järjestelmäosion takana). + Virhe: Ei ole osiota järjestelmäosion takana.\n\nHuomioi että ennen kuin voit luoda piilotetun käyttöjärjestelmän, sinun tarvitsee luoda sitä varten osio järjestelmälevyltä. Sen tulee olla ensimmäinen osio käyttöjärjestelmäosion takana ja sen tulle olla vähintään 5 % isompi kuin järjestelmäosion (järjestelmäosio on se missä nykyinen ajettava käyttöjärjestelmä on asennettuna). Kuitenkin, jos ulkoinen taltio (ei pidä sekoittaa järjestelmäosion kanssa) on formatoitu NTFS, osio piilotetulle käyttöjärjestelmälle tulee olla vähintään 110% (2.1 kertaa) isompi kuin järjestelmäosiolle (syy tähän on NTFS tiedostojärjestelmä on aina tallennettu sisäisesti tarkalleen keskelle asemaa ja, siksi, piilotettu taltio, joka sisältää jäljitelmän järjestelmäosiosta, voi sijaita ainoastaan toisella puoliskolla osiota). + Huomautus: Ei ole käytännöllinen (ja siksi ei ole tuettu) asentaa käyttöjärjestelmiä kahdelle VeraCrypt taltiolle jotka ovat varustettu yhdellä osiolla, koska käyttämällä ulkoista käyttöjärjestelmää saattaa usein tarvita datan kirjoittamista piilotetun käyttöjärjestelmän alueelle (ja jos sellainen kirjoitus tapahtuma ehkäistiin käyttämällä piilotetun taltiota suojaus ominaisuutta, on sen luontaisesti aiheuttanut järjestelmän kaatumisen, kuten 'Sininen Ikkuna' virheet). + Lisätietoa kuinka luoda ja hallita osioita, ole hyvä ja katso ohjetta joko käyttöjärjestelmän toimittajalta tai ota yhteys tietokoneen toimittajan tekniseen tukeen. + Virhe: Nykyinen käynnissä oleva käyttöjärjestelmä ei ole asennettu käynnistys osiolle (ensimmäinen Aktiivinen osio). Tämä ei ole tuettuna. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Virhe: Ei pääsyä taltiolle!\n\nTarkista että valittu taltio löytyy, että sen on poistettu yhteys järjestelmän tai ohjelman toimesta, että sinulla on luku/kirjoitus taltiolle, ja että levy ei ole kirjoitussuojattu. + Error: Cannot obtain volume properties. + Virhe: Ei voida yhdistää taltiota ja/tai hankkia tietoa taltiosta.\n\nVarmista että valittu taltio on olemassa, että se ei ole järjestelmän tai sovelluksen käytössä, että sinulla on luku/kirjoitus oikeudet taltiolle, ja että se ei ole kirjoitussuojattu. + Virhe: Ei voida yhdistää taltiota ja/tai hankkia tietoa taltiosta. Varmista että valittu taltio on olemassa, että se ei ole järjestelmän tai sovelluksen käytössä, että sinulla on luku/kirjoitus oikeudet taltiolle, ja että se ei ole kirjoitussuojattu.\n\nJos ongelmaa edelleen esiintyy, saattaa auttaa jos seuraat alla olevia ohjeita. + Virhe estettäessä VeraCrypt salaus osiolle. Yritä korjata mikä tahansa edellinen raportoitu ongelma ja sitten yritä uudelleen. Jos ongelma yhä esiintyy, saattaa auttaa että seuraat seuraavia askeleita. + Virhe estettäessä VeraCrypt aloittaa uudelleen salaus prosessi taltiolla.\n\nYritä korjata mikä tahansa edellinen raportoitu ongelma ja yritä aloittaa prosessi uudelleen . Huomioi että taltiota ei voida yhdistää ennen kuin se on täysin salattu. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Virhe: Ei voida poistaa yhteyttä ulkoiselta taltiolta!\n\nTaltiolta ei voida poistaa yhteyttä jos se sisältää tietoja tai hakemistoja jotka ovat ohjelmien tai järjestelmän käytössä.\n\nSulje ohjelma joka saattaa käyttää tiedostoa tai hakemistoa taltiolla ja paina Yritä uudelleen. + Virhe: Ulkoisen taltion tietoja ei saada! Taltion luontia ei voida jatkaa. + Virhe: Ulkoiselle asemalle pääsy estetty! Taltion luontia ei voida jatkaa. + Virhe: Ulkoista asemaa ei voida yhdistää! Taltion luontia ei voida jatkaa. + Virhe: Taltion ryhmä bittikarttaa ei saada! Taltion luontia ei voida jatkaa. + Aakkosellinen/Kategorisoitu + Nopeuden (Aleneva) + Algoritmi + Salaus + Salauksenpurku + Keskiarvo + Asema + Koko + Salausalgoritmi + Salausalgoritmi + Tyyppi + Arvo + Ominaisuudet + Sijainti + byteä + Piilotettu + Uloin + Normaali + Järjestelmä + Piilotettu (järjestelmä) + Vain Luku + Systeemin levyt + Systeemilevy (Salauksesta - %.2f%% valmis) + Systeemilevy (Salauksenpurku - %.2f%% valmis) + Systeemilevy (%.2f%% salattu) + Systeemi osiot + Piilotettu järjestelmäosio + Systeemilevy (salauksesta - %.2f%% valmis) + Systeemilevy (salauksenpurku - %.2f%% valmis) + Systeemilevy (%.2f%% salattu) + Kyllä (Vahingot torjuttu!) + Ei mitään + Ensisijainen Avainkoko + Toissijainen Avainkoko (XTS Tila) + Heikonavaimen koko (LRW Tila) + bittiä + Lohkon Koko + PKCS-5 PRF + PKCS-5 toisto laskin + Taltio Luotu + Otsikko Viimeksi Muokattu + (%I64d päivää sitten) + Taltion Formaattiversio + Upotettu Varmuusotsikko + VeraCrypt Boot Loader Version + Ensin saatavana + Liikutettava Levy + Kovalevy + Muuttumaton + Autodetection + Velho Tila + Valitse yksi tiloista. Jos sinulla ei ole varmuutta minkä valita, käytä oletus tilaa. + Valitse tämä valinta jos haluat asentaa VeraCrypt tähän järjestelmään. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + Jos valitset tämän valinnan, kaikki tiedostot puretaan tästä paketista mutta mitään ei asenneta järjestelmään. Älä valitse sitä jos aiot salata järjestelmäosion tai järjestelmälevyn. Valitsemalla tämän voi olla käyttökelpoinen valinta, esimerkiksi, jos haluat ajaa VeraCrypt niin kutsutussa liikutettavassa tilassa. VeraCryptiä ei tarvitse asentaa käyttöjärjestelmän alaisuuteen jossa sitä ajetaan. Kun kaikki tiedostot on purettu, voit suoraan ajaa puretun tiedoston 'VeraCrypt.exe' (kun VeraCrypt ajetaan liikutettavassa tilassa). + Asennus Valinnat + Täältä voit asettaa erilaiset valinnat hallitaksesi asennusta. + Asennus + Odota kunnes VeraCrypt on asennettu. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Purku Valinnat + Täältä voit valita erilaisia valintoja ohjataksesi purkua. + Odota että tiedostot on purettu. + Files successfully extracted + Kaikki tiedostot ovat onnistuneesti purettu kohteeseen. + Jos erityinen hakemisto ei löydy, se luodaan automaattisesti. + VeraCrypt ohjelman tiedostot päivitetään sijaintiin missä VeraCrypt on asennettu. Jos sinun tarvitsee valita toinen sijainti, poista ensin VeraCrypt asennus. + Haluatko näyttää ohjelmisto tiedotteen nykyisestä (viimeinen vakaa) versio VeraCrypt ohjelmasta? + Jos et ole koskaan käyttänyt VeraCrypt ohjelmaa ennen, suosittelemme, että luet kappaleen Aloittelijan Koulutus 'Beginner's Tutorial' VeraCrypt Käyttäjä Oppaassa. Haluatko katsoa opetusohjelmaa? + Valitse toiminto suorittaaksesi seuraavan: + Korjaa/Uudelleen asennus + Päivitys + Poista Asennus + Asentaaksesi/poistaaksesi VeraCrypt asennuksen onnistuneesti, sinulla tulee olla pääkäyttäjän oikeudet. Haluatko jatkaa? + VeraCrypt asennusohjelma on juuri käynnissä tässä järjestelmässä ja suorittaa tai valmistelee asennusta tai VeraCrypt päivittämistä. Ennen kuin aloitat, ole hyvä ja odota sen loppumista tai sulje se. Jos et voi sulkea sitä, ole hyvä ja käynnistä tietokoneesi uudelleen ennen tätä suoritusta. + Asennus epäonnistui. + Asennuksen poisto epäonnistui. + Tämä jaettu paketti on viallinen. Yritä ladata se uudelleen (mieluiten virallisilta VeraCrypt kotisivuilta osoitteesta https://veracrypt.codeplex.com). + Ei voida kirjoittaa tiedostoa %s + Puretaan + Ei voida lukea tietoja paketista. + Ei voida tarkistaa jaetun paketin yhteneväisyyttä. + Purku epäonnistui. + Asennus otettu takaisin. + VeraCrypt onnistuneesti asennettu. + VeraCrypt on onnistuneesti päivitetty. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt on onnistuneesti poistettu.\n\nPaina 'Lopetus' poistaaksesi VeraCrypt asennuksen ja %s hakemiston. Huomioi, että hakemistoa ei poisteta jo jokin hakemiston tiedosto ei ole VeraCryptin asentama tai luotu VeraCrypt avulla. + Poistetaan VeraCrypt rekisterin sisältö + Lisätään rekisterin sisältö + Poista sovelluserityinen data + Asennetaan + Pysäytetään + Poistetaan + Lisätään ikoni + Luodaan järjestelmän palautuspiste + Epäonnistuttiin palautus pisteen luonnissa! + Päivitä Käynnistyslataaja + Epäonnistui asentaa '%s'. %s Haluatko jatkaa asennusta? + Asennuksen poisto '%s' epäonnistui. %s Haluatko jatkaa poistoa? + Asennuksen poisto valmis. + Hakemistoa '%s' ei voida luoda + VeraCrypt laiteohjainta ei voida purkaa.\n\nSulje ensin kaikki avoimet VeraCrypt ikkunat. Jos tämä ei auta, käynnistä Windows uudelleen ja yritä uudelleen. + Kaikki VeraCrypt taltioilta täytyy poistaa yhteys ennen kuin onnistuu VeraCrypt asennus tai asennuksen poisto. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + Rekisteri merkinnän asennus on epäonnistunut + Laite ohjaimen asennus on epäonnistunut. Käynnistä Windows uudelleen ja yritä asentaa VeraCrypt uudelleen. + Käynnistetään VeraCrypt laiteohjain + Poistettavan laite ohjaimen asennus epäonnistui. Huomioi, että, Windows virheestä johtuen, voi olla tarpeen kirjautua ulos tai käynnistää järjestelmä ennen kuin laiteohjain voidaan poistaa järjestelmästä (tai uudelleen asentaa). + Asennetaan VeraCrypt laiteohjain + Pysäytetään VeraCrypt laiteohjain + Poistetaan VeraCrypt laiteohjain + Käyttäjätili ohjauksen tukikirjaston rekisteröinti epäonnistui. + Rekisteröimätön Käyttäjätili Kontrolli tukikirjasto epäonnistui. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Huomioi että jos päätit ajaa VeraCrypt ohjelmaa liikutettavassa tilassa (vastakohtana ajaa asennettua VeraCrypt kopiota), järjestelmä kysyy oikeutta ajaa VeraCrypt (UAC kehote) joka kerta kun yrität ajaa sitä.\n\nSyy tähän on se, että kun ajat VeraCrypt liikutettavassa tilassa, VeraCrypt tarvitsee ladata ja käynnistää VeraCrypt laiteajuri. VeraCrypt tarvitsee laiteajurin tehdäkseen näkymättömän lennossa salauksen/salauksen purkuun, ja käyttäjät ilman pääkäyttäjä oikeuksia eivät voi käynnistää laite ajureita Windows ohjelmassa. Siksi, järjestelmä kysyy sinulta lupaa ajaa VeraCrypt pääkäyttäjän oikeuksin (UAC kehote).\n\nHuomioi että jos asennat VeraCrypt järjestelmään (vastakohtana että ajaisit VeraCrypt liikutettavassa tilassa), järjestelmä EI kysy sinulta oikeutta ajaa VeraCrypt (UAC kehote) joka kerta kun yrität ajaa sitä.\n\nOletko varma että haluat purkaa tiedostot? + Varoitus: Tämä ilmentymä Taltion Luonti Velhosta on pääkäyttäjän oikeudet.\n\nUusi taltiosi luodaan oikeuksilla jotka eivät salli sinun kirjoittaa taltiolle kun se on yhdistettynä. Jos haluat välttää tämän, sulje tämä ilmentymä Taltion Luonti Velhosta ja käynnistä uusi ilman pääkäyttäjän oikeuksia.\n\nHaluatko sulkea tämän ilmentymän Taltion Luonti Velhosta? + Virhe: Lisenssiä ei voida näyttää. + Ulkoistettu(!) + päivää + tuntia + min + sek + Avaa + Poista Yhteys + Näytä VeraCrypt + Piilota VeraCrypt + Datan Luku Yhdistämisen Jälkeen + Datan Kirjoitus Yhdistämisen Jälkeen + Salattu Osuus + 100% (täysin salattu) + 0% (ei salattu) + %.3f%% + 100% + Odottaa + Korjataan + Koko muutettu + Salataan + Avataan salaus + Viimeistely + Keskeytetty + Lopetettu + Virhe + Device disconnected + Järjestelmän suosikkitaltiot tallennettu.\n\nAktivoidaksesi järjestelmän suosikkitaltioiden kytkemisen, kun järjestelmä käynnistyy, valitse 'Asetukset' > 'Järjestelmän Suosikkitaltiot' > 'Kytke järjestelmän suosikkitaltiot, kun Windows käynnistyy'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Anna Salasana %s:lle + Enter password for '%s' + Anna salasana tavalliselle/ulkoiselle taltiolle + Anna salasana piilotetulle taltiolle + Anna salasana otsikolle talletettuna varmuus tiedostoon + Avaintiedosto on nyt onnistuneesti luotu. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + VAROITUS: Otsikko tälle taltiolle on tuhoutunut! VeraCrypt automaattisesti käyttää varmistettua taltion otsikko varustettuna taltiolle.\n\nSinun täytyy korjata taltion otsikko valitsemalla 'Työkalut' > 'Palauta Taltion Otsikko'. + Taltion otsikko varmistus nyt onnistuneesti luotu.\n\nTÄRKEÄÄ: Palauta taltion otsikot käyttämällä tätä varmistusta palautetaan nykyinen taltion salasana. Lisäksi, jos avaintiedosto(t) ovat/on tarpeellista yhdistää taltiolle, sama avaintiedosto(t) voi olla tarpeen yhdistää uudelleen kun taltion otsikko on.\n\nVAROITUS: Tämä taltio otsikko varmuuskopio voidaan käyttää palautettaessa VAIN otsikot tietyltä taltiolta. Jos käytät otsikko varmuuskopiota otsikoiden palautukseen eri taltioilta, voit yhdistää taltion, mutta ET voi purkaa salattua tietoa taltiolta (koska olet muuttanut sen pääavainta). + Taltion otsikko on nyt palautettu onnistuneesti.\n\nTÄRKEÄÄ: Huomioi, että vanha salasana saatetaan myös palauttaa. Sitä paitsi, jos avaintiedosto(t) on/ovat tarpeen yhdistää taltiolle kun varmuuskopio on luotu, sama avaintiedosto(t) ovat nyt tarpeen yhdistää taltiolle uudelleen. + Turvallisuus syistä, sinun tulee antaa oikea salasana (ja/tai hankkia oikea avaintiedosto) taltiolle.\n\nHuomioi: Jos taltio sisältää piilotetun aseman, sinun tulee antaa oikea salasana (ja/tai hankkia oikea avaintiedostot) ulkoiselle taltiolle ensin. Vaihtoehtona, jos valitset piilotetun taltion varmistuksen, sinun tulee antaa oikea salasana (ja/tai oikeat avaintiedostot) piilotetulle taltiolle. + Oletko varma että haluat luoda taltion otsikon varmistuksen %s?\n\nKun olet painanut 'Kyllä', sinulle näytetään otsikko varmistuksen tiedostonimi.\n\nHuomioi: Molemmat vakio ja piilotettu taltio otsikot tullaan uudelleen salamaan käyttäen uutta suola ja talletettua varmuustiedostoa. Jos ei ole piilotettua taltiota tässä taltiossa, alue varataan piilotetulle taltion otsikolle varmuus tiedosto täytetään satunnaisdatalla (säilyttää kiistanalainen uskottavuus). Kun palautetaan taltion otsikko varmuustallenteesta, sinun tulee antaa oikea salasana (ja/tai hankkia oikea avaintiedosto) joka on/oli voimassa kun taltion otsikko varmistus on luotu. Salasana (ja/tai avaintiedosto) tullaan taltion otsikon palautus tyyppi automaattisesti tunnistamaan, se on tavallinen tai piilotettu (huomioi että VeraCrypt tunnistaa tyypin läpi suorituksen tai virheen). + Oletko varma, että palautat taltion otsikon %s?\n\nVAROITUS: Palauttamalla taltion otsikon palautuu myös taltion salasana, joka oli voimassa kun varmuuskopio luotiin. Sitä paitsi, jos avaintiedosto(t) oli/olivat tarpeen yhdistää taltiolle kun varmuuskopio luotiin, sama avaintiedosto(t) on tarpeen yhdistää taltio uudelleen sen jälkeen kun taltion otsikko on palautettu.\n\nKun olet painanut Kyllä, voit valita varmuuskopio tiedoston otsikon. + Sisältääkö taltio piilotetun taltion? + Taltio sisältää piilotetun taltion + Taltio ei sisällä piilotettua taltiota + Ole hyvä ja valitse tyyppi taltion otsikko varmistukselle: + Palauta taltio otsikko varmistetulta varmuuskopiolta + Palauta taltio otsikko ulkoiselta varmuuskopiolta + Taltion otsikon varmuustallenteen tiedoston koko on väärä. + Ei ole varmistettua otsikkoa varustettuna tällä taltiolla (huomioi että vain taltiot luotuna VeraCrypt 6.0 tai myöhemmällä sisältää varustuksen varmistus otsikoille). + Olet yrittänyt varmuuskopioida otsikkoa järjestelmäosiolta/asemalta. Tämä ei ole sallittua. Varmuustalletus/palautus toiminto mikä koskee järjestelmäosiota/asemaa voidaan suorittaa ainoastaan käyttämällä VeraCrypt Pelastuslevyä.\n\nHaluatko luoda VeraCrypt Pelastuslevyn? + Olet yrittänyt palauttaa otsikkoa virtuaalisesta VeraCrypt taltiolta mutta valitsit järjestelmäosion/aseman. Tämä ei ole sallittua. Varmuustalletus/palautus toiminto mikä koskee järjestelmäosiota/asemaa voidaan suorittaa ainoastaan käyttämällä VeraCrypt Pelastuslevyä.\n\nHaluatko luoda VeraCrypt Pelastuslevyn? + Kun olet painanut OK, valitse tiedoston mini uudelle VeraCrypt Pelastuslevyn ISO imagelle ja talletus sijainti sille. + Pelastuslevy on luotu ja talletettu tähän tiedostoon: %s\n\nNyt sinun tulee kirjoittaa (polttaa) Pelastuslevy CD tai DVD:lle.\n\nTÄRKEÄÄ: Huomioi, että tiedosto täytyy kirjoittaa CD/DVD:lle kuten ISO levyimagena (ei yksittäisenä tiedostona). Tietoa siitä miten tämä tehdään,katso CD/DVD ohjelmiston manuaalista.\n\nKun poltat Pelastuslevyn, valitse 'Järjestelmä' > 'Tarkista Pelastuslevy' tarkistaaksesi että Pelastuslevyn poltto onnistui. + Pelastuslevy on luotu ja tallennettu tiedostoon: %s\n\nNyt sinun tarvitsee polttaa Pelastuslevy tiedosto CD tai DVD-levylle.\n\nHaluatko käynnistää Microsoft Windows Levytiedosto polton nyt?\n\nHuomioi: Kun olet polttanut Pelastuslevyn, valitse 'Järjestelmä' > 'Takista Pelastuslevy että se on oikein poltettu. + Aseta VeraCrypt Pelastuslevy CD/DVD asemaan ja paina OK tarkistaaksesi sen. + VeraCrypt Pelastuslevy onnistuneesti tarkistettu. + Ei voida tarkistaa onko Pelastuslevyn poltettu oikein.\n\nJos olet polttanut Pelastu Levyn, poista ja uudelleen aseta CD/DVD levy ja yritä uudelleen. Jos tämä ei auta, koita toista CD/DVD levyn poltto ohjelmaa ja/tai välinettä.\n\nJos yritit tarkistaa VeraCrypt Pelastuslevyä luotuna eri pää avaimella, salasana, tmv., huomioi tämä että tällainen Pelastuslevy aina epäonnistuu tässä tarkistuksessa. Luodaksesi uuden yhteensopivan Pelastuslevyn nykyisellä konfiguraatiollasi, valitse 'Järjestelmä' > 'Luo Pelastuslevy'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Virhe luotaessa VeraCrypt Pelastuslevyä. + VeraCrypt Pelastuslevy ei voida luoda kun piilotettu käyttöjärjestelmä on käynnissä.\n\nLuodaksesi VeraCrypt Pelastuslevyn, käynnistä houkutuslintuna oleva käyttöjärjestelmä ja sitten valitse 'Järjestelmä' > 'Luo Pelastuslevy'. + Ei voida tarkistaa Pelastuslevyä onko sen oikein poltettu.\n\nJos poltit Pelastuslevyn, poista se asemasta ja aseta uudelleen CD/DVD asemaan; sitten paina jälleen Seuraava nappia. Jos tämä ei auta, koita toista levyä%s.\n\nJos et ole polttanut Pelastuslevyä vielä, tee se, ja paina sitten Seuraava.\n\nJos yritit tarkistaa VeraCrypt Pelastuslevyä joka luotiin ennen kuin aloitit tämän ohjatun opastuksen, huomioi se, että tällaista Pelastuslevyä ei voida käyttää, koska se on luotu eri pääavaimelle. Sinun täytyy polttaa vasta tehty Pelastuslevy. + ja/tai muu CD/DVD tallennus ohjelmisto + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + Järjestelmäosio/asema ei ole salattuna.\n\nJärjestelmän Suosikkitaltiot voidaan kytkeä ainoastaan käyttäen esikäynnistys autentikointi salasanaa. Siksi, aktivoidaksesi järjestelmä suosikkitaltiot, sinun tarvitsee ensin salata järjestelmäosio/asema. + Poista kaikki yhdistetyt taltiot ennen kuin aloitat tehtävän. + virhe: Ajastinta ei voida asettaa. + Tarkista tiedostojärjestelmä + Korjaa tiedostojärjestelmä + Add to Favorites... + Add to System Favorites... + P&roperties... + Piilotettu taltio suojattu + N/A + Kyllä + Ei + Disabled + 1 + 2 tai enemmin + käyttötila + Otsikko: + Koko: + Polku: + Asema Kirjain: + Virhe: Salasana täytyy sisältää vain ASCII merkkejä.\n\nEi-ASCII merkit salasanassa saattaa aiheuttaa sen ettei taltiota voida yhdistää kun järjestelmä konfiguraatio muuttuu.\n\nSeuraavat merkit ovat sallittuja:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Varoitus: Salasana sisältää EI-ASCII merkkejä. Tämä saattaa aiheuttaa sen ettei taltiota voida yhdistää kun järjestelmä konfiguraatio muuttuu.\n\nSinun tulee korvata kaikki EI-ASCII merkit salasanassa ASCII merkeillä. Tehdäksesi niin, paina 'Taltiot' -> 'Muuta Taltion Salasana'.\n\nSeuraavat merkit ovat mahdollisia:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + VAROITUS: Suosittelemme että vältät tiedostopäätteitä joita käytetään suoritettavissa ohjelmissa (kuten .exe, .sys, tai .dll) ja muita samankaltaisia ongelmia aiheuttavia päätteitä. Käytettäessä tällaisia päätteitä aiheutuu Windows ja virusohjelmistossa säilölle toiminteita, jotka saattavat heikentää taltion suorituskykya ja saattavat aiheuttaa lisäksi vakavia ongelmia.\n\nSuosittelemme että poistat tai muutat tiedostopäätteet (kuten, vaikka '.hc').\n\nOletko varma että haluat yhä käyttää ongelmallista tiedostopäätettä? + VAROITUS: Tällä säilöllä on tiedostopääte jota käytetään suoritettavissa tiedostoissa (kuten .exe, .sys, tai .dll) tai jokin muu tiedostopääte jolla on samanlailla ongelmallinen. Joka hyvin todennäköisesti johtaa Windows tai virustorjuntaohjelmiston häirintään säilön kanssa, mikä epäsuotuisasti vaikuttaa taltion suorituskykyyn ja saattaa aiheuttaa vakavia ongelmia.\n\nSuosittelemme vahvasti että poistat säilön tiedostopäätteen tai muutat sen (esim., '.hc') sen jälkeen kun pois-kytket taltion. + Kotisivu + VAROITUS: Näyttäisi siltä että sinulla ei ole mitään Service Pack asennettuna Windowsiin. Sinun ei pidä kirjoittaa IDE levylle isompaa kuin 128 GB tiedostoa Windows XP:llä jos sinulla ei ole Service Pack 1 tai myöhempää! Jos kuitenkin teen niin, data levyllä (ei väliä onko se VeraCrypt taltio vaiko ei) saattaa vioittua. Huomioi, että tämä on Windowsin rajoitus eikä virhe VeraCrypt ohjelmassa. + VAROITUS: Näyttäisi siltä että sinulla ei ole Service Pack 3 tai myöhempää asennettuna Windowsiin. Sinun ei pidä kirjoittaa IDE levylle isompaa kuin 128 GB tiedostoa Windows 2000 jos sinulla ei ole Service Pack 3 tai myöhempää! Jos kuitenkin teen niin, data levyllä (ei väliä onko se VeraCrypt taltio vaiko ei) saattaa vioittua. Huomioi, että tämä on Windowsin rajoitus eikä virhe VeraCrypt ohjelmassa.\n\nTiedotus: Saatat tarvita aktivoida 48-bit LBA tuki rekisteristä; lisätietoa, katso http://support.microsoft.com/kb/305098/EN-US + VAROITUS: 48-bit LBA ATAPI tuki on pois käytöstä järjestelmässäsi. Siksi, sinun ei täydy kirjoittaa IDE levyille isompaa kuin 128 GB! Jos kuitenkin teen niin, data levyllä (ei väliä onko se VeraCrypt taltio vaiko ei) saattaa vioittua. Huomioi, että tämä on Windowsin rajoitus eikä virhe VeraCrypt ohjelmassa.\n\nAktivoidaksesi 48-bit LBA tuen, lisää 'EnableBigLba' rekisteriarvo rekisteriavaimeen HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters ja aseta arvoksi 1.\n\nLisätietoa, katso http://support.microsoft.com/kb/305098 + Virhe: Tiedostot jotka ovat suurempia kuin 4 GB ei voida tallentaa FAT32 tiedostojärjestelmänä. Siksi, tiedosto perusteiset VeraCrypt taltiot tallennettuna FAT32 tiedostojärjestelmään eivät voi olla suurempi kuin 4 GB.\n\nJos haluat luoda suuremman taltion,on se luotava NTFS tyyppisenä (tai jos käytät Windows Vista SP1 tai myöhempää exFAT tiedostojärjestelmää) tai vaihtoehtoisesti tiedostoisännöidyllä taltion luonnilla, salakirjoitetun osion tai laitteen. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + VAROITUS: Jos haluat voida lisätä jatkossa enemmin dataa/tiedostoja ulkoiselle tallentimelle, sinun pitää valita pienempi koko piilotetulle taltiolle.\n\nOletko varma, että haluat jatkaa valitsemallasi koolla? + Taltiota ei ole valittuna.\n\nPaina 'Valitse Laite' tai 'Valitse Tiedosto' valitaksesi VeraCrypt taltion. + Osiota ei valittuna.\n\nPaina 'Valitse Laite' valitaksesi poistettavan yhteyden osion, joka tavallisesti vaaditaan esikäynnistys autentikoinnissa (esimerkiksi, osio sijaitsee toisen käyttöjärjestelmän suojatulla järjestelmälevyllä, joka ei ole käytössä, tai se on toisen käyttöjärjestelmän salattu järjestelmäosio).\n\nTiedotus: Valittu osio yhdistetään kuten tavallinen VeraCrypt taltio ilman esikäynnistys autentikointia. Tämä on hyödyllinen esim. varmistettaessa tai korjatessa toimintoa. + VAROITUS: Jos oletus avaintiedosto on olemassa ja aktivoituna, taltiot jotka eivät käytä tätä avaintiedostoa ei voida yhdistää. Siksi, oletus avaintiedoston aktivoinnin jälkeen, pidä mielessäsi poistaa merkintä 'Käytä Avaintiedostoa' tarkistus (alla salasana syöttö kenttä) kun yhdistät tällaiset taltiot.\n\nOletko varma, että haluat tallentaa valitut avaintiedostot/polut oletus asetuksiksi? + Automaattinen yhdistäminen laitteille + Poista kaikki yhteydet + Tyhjennä välimuisti + Poista Kaikki yhteydet & Tyhjennä välimuisti + Pakotettu yhteyden poisto kaikille & Tyhjennä välimuisti + Pakotettu yhteyden poisto kaikille, Tyhjennä välimuisti & Poistu + Yhdistä Suosikkitaltiot + Näytä/Piilota VeraCrypt pääikkuna + (Klikkaa tästä ja Paina näppäintä) + Suoritus + Pikakuvake + Virhe: Tämä pikakuvake on varattu. Valitse toinen pikakuvake. + Virhe: Pikakuvake on jo käytössä. + VAROITUS: Yksi tai useampi VeraCrypt järjestelmä laajuinen pikanäppäin ei toimi!\n\nTarkista etteivät toiset sovellukset tai käyttöjärjestelmät tätä samaa pikavalintaa(valintoja) kuin VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + Virhe tai epäyhteensopivuus ongelma nukkuvan tiedoston salauksessa. Siitä syystä, nukkuminen on estetty .\n\nTiedotus: Kun tietokone nukkuu (tai on Virransäästötilassa), järjestelmä muistin sisältö kirjoitetaan nukkuvalla asemalla olevalle tallentimelle. VeraCrypt ei voi saada salaus avaimia ja herkkien tiedostojen sisällön avausta RAM muistista jotka on tallennettu salaamattomasti. + Horrostila on estetty.\n\nVeraCrypt ei tue horrostilaa piilotetulla käyttöjärjestelmällä joka käyttää lisäkäynnistysosiota. Varmista että käynnistysosio on jaettu sekä houkutuslintu osion että piilotetun järjestelmän kesken. Siksi, jotta estetään tietovuoto ja ongelmat kun palataan horrostilasta, VeraCrypt on estetty kirjoittamaan piilotetulle järjestelmä osiolle. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + VAROITUS: Jos tämä valinta poistetaan, taltiot jotka sisältävät avoimia tiedostoja/hakemistoja ei voida automaattisesti poistaa yhteyttä.\n\nOletko varma, että haluat poistaa tämän valinnan? + VAROITUS: Taltiot sisältää avattuja tiedostoja/hakemistoja joita EI voida automaattisesti poistaa yhteyttä.\n\nEstääksesi tämän, valitse seuraava vaihtoehto dialogi ikkunasta: 'Pakotettu auto-yhteyden poisto vaikka taltiolla on avoimia tiedostoja/hakemistoja' + VAROITUS: Kun kannettavan akun virta on alhainen, Windows saattaa jättää lähettämättä tarkoituksenmukaista viestiä suoritettavalta sovellukselta, kun tietokone asettuu virransäästö tilaan. Siksi, VeraCrypt saattaa epäonnistua taltion auto-poiskytkennässä näissä tapauksissa. + Olet ajastanut salaus prosessin osiolle/taltiolle. Prosessi ei ole vielä suoritettu loppuun.\n\nHaluatko aloittaa nyt uudelleen prosessin? + Olet ajastanut salaus/salauksenpurku järjestelmälevyllä/asemalla. Ajo ei ole vielä valmis.\n\nHaluatko käynnistää (alkaa uudelleen) ajon nyt? + Haluatko että sinulle ilmoitetaan, kun aloitetaan nykyisin ajastuksessa olevan salaustehtävän ei-järjestelmä osiolle/taltiolle? + Kyllä, jatka muistuttamista + Ei, älä muistuta minua + TÄRKEÄÄ: Pidä mielessäsi että voit aloittaa salaus prosessin mistä tahansa osiosta/taltiosta valitsemalla 'Taltiot' > 'Aloita uudestaan Keskeytetty Prosessi' VeraCrypt ikkunan päävalikosta. + Olet ajastanut salaus/salauksenpurku järjestelmälevyllä/asemalla. Kuitenkin, ei-käynnistys autentikointi epäonnistui (tai ohitettu).\n\nTiedotus: Jos olet salapurkanut järjestelmäosion/levyn ei-käynnistys ympäristössä, sinun pitää päättää tehtävä valitsemalla 'Järjestelmä' > 'Pysyvästi Salapurettu järjestelmäosio/Levy' menu palkista VeraCrypt pääikkunasta. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Poistu? + VeraCrypt ei ole tarpeeksi tietoa havaitakseen, että tehdäänkö salaus vaiko salauksenpurku. + VeraCrypt ohjelmalla ei ole tarpeeksi tietoa siitä havaitakseen onko kyse salauksesta vaiko salauksenpurusta.\n\nTiedotus: Jos teet salauksenpurun järjestelmäosiolta/asemalta esikäynnistys ympäristössä, saatat tarvita viimeistellä prosessin painamalla Salauksenpurku. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Haluatko keskeyttää ja siirtää osion/taltion salaus prosessia?\n\nHuomioi: Pidä mielessäsi että taltiota ei voida yhdistää ennen kuin se on täysin salattu. Sinun on mahdollista aloittaa uudelleen salaus prosessi ja se jatkuu kohdasta jonne se pysähtyi aiemmin. Voit tehdä näin,esimerkiksi, valitsemalla 'Taltiot' > 'Aloita Uudelleen Keskeytetty Prosessi' VeraCrypt pääikkuna valikosta. + Haluatko keskeyttää ja siirtää järjestelmäosion/levyn salaus prosessia?\n\nTiedotus: Sinun on mahdollista aloittaa prosessi uudelleen ja se jatkuu kohdasta johon pysähdyttiin. Voit tehdä niin, esim. valitsemalla 'Järjestelmä' > 'Aloita Uudelleen Keskeytetty Prosessi' menu palkista VeraCrypt pääikkunasta. Jos haluat pysyvästi keskeyttää tai peruuttaa salakirjoitus prosessin, valitse 'Järjestelmä' > 'Avaa Salaus Pysyvästi järjestelmäosiolta/Asemalta'. + Haluatko keskeyttää ja siirtää järjestelmäosion/levyn salaus prosessia?\n\nTiedotus: Sinun on mahdollista aloittaa prosessi uudelleen ja se jatkuu kohdasta johon pysähdyttiin. Voit tehdä niin, esim. valitsemalla 'Järjestelmä' > 'Aloita Uudelleen Keskeytetty Prosessi' menu palkista VeraCrypt pääikkunasta. Jos haluat peruuttaa salauksenpurun prosessin (ja aloittaa salauksen), valitse 'Järjestelmä' > 'Salaa järjestelmäosio/Asema'. + Virhe: Yritys keskeyttää salattua/salauspurettua järjestelmän osiota/asemaa. + Virhe: Epäonnistunut keskeytys pyyhkimisen aikana. + Virhe: Yritys palauttaa salattua/salauspurettua järjestelmän osiota/asemaa. + Virhe: Epäonnistunut pyyhkimisen aloitus. + Epäjohdonmukaisesti ratkaistu.\n\n\n(Jos raportoit viasta yhdistäessäsi näin, sisällytä seuraavat tekniset tiedot vikaraporttiin: %hs) + Virhe: Odottamaton tila.\n\n\n(Jos raportoit virheestä yhteydessä tähän, ole hyvä ja sisällytä seuraavat tekniset tiedot virhe raporttiin: %hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + VAROITUS: VeraCrypt taustatehtävä on pois käytöstä. Poistuessasi VeraCrypt ohjelmasta, sinulle ilmoitetaan jos piilotetun taltion tuhot on torjuttu.\n\nTiedotus: Voit sulkea taustatehtävät milloin vain hiiren oikealla näppäimellä tai VeraCrypt palkin kuvakkeesta valitsemalla 'Poistu'.\n\nAktivoi VeraCrypt taustatehtävät? + Kielipaketin versio: %s + Tarkistetaan tiedostojärjestelmää joka on VeraCrypt yhdistetty %s taltio.. + Yritetään korjata tiedostojärjestelmää joka on VeraCrypt yhdistetty %s taltio.. + Varoitus: Tämä taltio on salakirjoitettu laillisella salakirjoitus algoritmilla.\n\nKaikki 64-bit-block salakirjoitus algoritmit (esimerkiksi, Blowfish, CAST-128, tai Triple DES) ovat vältettyjä. On mahdollista yhdistää tämä taltio käyttäen tulevia VeraCrypt versioita. Kuitenkaan ei tule olemaan lisäyksiä salakirjoitus algoritmi toteutuksiin. Suosittelemme että luot uuden VeraCrypt taltion käyttäen 128-bit-block salakirjoitus algoritmia (esimerkiksi, AES, Serpent, Twofish, jne.) ja että siirrät kaikki tiedostot tästä taltiosta uuteen. + Järjestelmäsi ei ole konfiguroitu käyttämään Autoyhdistä Laitteet toimintoa uusille taltioille. On mahdotonta yhdistää laite-isännöity VeraCrypt taltio. Autoyhdistä laitteet voidaan aktivoida ajamalla seuraava komento ja käynnistämällä järjestelmä uudelleen.\n\nmountvol.exe /E + Määrittele kirjain osiolle/laitteelle ennen suoritusta ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Lisää ja alusta kovalevyn osioita').\n\nHuomioi, että tämä on käyttöjärjestelmän vaatimus. + Yhdistä VeraCrypt Taltio + Poista kaikki yhdistetyt VeraCrypt Taltiot + VeraCrypt ohjelmalla ei ole tarvittavia oikeuksia. + Käyttöjärjestelmä evännyt pääsyn.\n\nMahdollinen syy: Käyttöjärjestelmä vaatii luku/kirjoitus oikeudet (tai pääkäyttäjän oikeudet) hakemistoon, tiedostoon, ja laitteeseen, jotta luku/kirjoitus onnistuisi sinulta. Tavallisesti käyttäjän on mahdollista, lukea ja muokata tiedostoja Omat tiedostot kansiossa. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + VeraCrypt Käynnistyslataaja vaatii vähintään 32 KByteä vapaata tilaa järjestelmälevyn alusta (VeraCrypt Käynnistyslataaja tallennettava tälle alueelle). Valitettavasti, sinun asemasi eivät täytä tätä ehtoa.\n\nÄlä raportoi tätä VeraCrypt bugina/ongelmana. Ratkaistaksesi tämän ongelman, sinun tarvitsee osioida uudelleen levysi ja jättää ensimmäiset 32 KByteä levyltä vapaaksi (useammassa tapauksessa, sinun tarvitsee poistaa ja uudelleen luoda ensimmäinen osio). Suosittelemme että käytät Microsoft osiointi manager ohjelmaa, joka on saatavana esim. kun asennat Windows järjestelmää. + Ominaisuus ei ole tuettuna nykyiselle käyttöjärjestelmä versiollesi. + VeraCrypt ei tue salattua järjestelmäosio/asema versiota käyttöjärjestelmästä jota nykyisin käytät. + Ennen kuin voit salata järjestelmäosion/aseman Windows Vistassa, sinun täytyy asentaa Service Pack 1 tai uudempi Windows Vista (sellaista Service Pack ei ole asennettuna vielä tähän järjestelmään).\n\nHuomio: Windows Vista Service Pack 1 ratkaisee ongelman joka aiheutui vapaamuistin puutteesta järjestelmän käynnistyksessä. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Virhe: Tämä ominaisuus vaatii, että VeraCrypt on asennettuna järjestelmään (käytät VeraCrypt ohjelmaa liikutettavassa tilassa).\n\nOle hyvä ja asenna VeraCrypt ja sitten yritä uudelleen. + VAROITUS: Windows ei ole asennettu samalle asemalle kuin mistä se käynnistetään. Tämä ei ole tuettuna.\n\nSinun tulee jatkaa ainoastaan vain jos olet varma että Windows on asennettuna asemalle josta se käynnistetään.\n\nHaluatko jatkaa? + Järjestelmäsi asemassa on GUID partitio taulu (GPT). Nykyisin vain aseman MBR osio taulu on tuettuna. + VAROITUS: VeraCrypt Käynnistyslataaja on jo asennettu järjestelmälevylle!\n\nOn mahdollista että koneen toinen käyttöjärjestelmä on jo salattu.\n\nVAROITUS: SUORITTAMALLA SALAUKSEN NYKYISELLE AJETTAVALLE JÄRJESTELMÄLLE SAATTAA TOINEN JÄRJESTELMÄ(T) MAHDOTTOMAKSI KÄYNNISTÄÄ JA ASIANOMAINEN MAHDOTONTA KÄYTTÄÄ.\n\nOletko varma, että haluat jatkaa? + Alkuperäisen järjestelmälataajan palautus ei onnistunut.\n\nKäytä VeraCrypt Pelastuslevyä ('Korjaa Valinta' > 'Palauta alkuperäinen järjestelmä lataaja') tai Windows asennusohjelmalla korvataksesi VeraCrypt käynnistyslataajan Windows järjestelmälataajalla. + Alkuperäinen järjestelmä lataaja ei ole talletettu Pelastuslevylle (mahdollinen syy: puuttuva varmuuskopio tiedosto). + Epäonnistunut kirjoitus MBR sektorille.\n\nSinun BIOS saattaa olla asetettu suojatulle MBR sektorille. Tarkista BIOS asetukset (paina F2, Delete, tai Esc, sen jälkeen kun kone on käynnistynyt) MBR/virussuojauksen takia. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + Vaadittua versiota VeraCrypt Käynnistyslataajasta ei ole nyt asennettuna. Tämä saattaa estää joitakin tallennettuja asetuksia. + Huomioi: Joissakin tapauksissa, haluat estää henkilöä (vastustaja) että katsoo sinun käynnistävän tietokoneen tietäen että käytät VeraCrypt ohjelmaa. Yllä oleva vaihtoehto sallii sinua tekemään räätälöity VeraCrypt Käynnistyslataajan ikkuna. Jos mahdollistat ensimmäisen vaihtoehdon, ei tekstiä näytetä Käynnistyslataajassa (ei edes silloin kuin annat väärän salasanan). Tietokone näyttää "jäätyvän" ennen kuin voit kirjoittaa salasanasi. Lisäksi, muokattu sanoma voidaan näyttää harhaan johtamaan vastustaja. Esimerkiksi, väärennetty virhe sanoma kuten "Puuttuva käyttöjärjestelmä" (mikä tavallisesti näytetään Windows Käynnistyslataajassa jos se ei löydä Windows käynnistys osiota). Tämä on, kuitenkin, tärkeä havaita jos vastustaja voi analysoida kovalevyn sisältöä, hän voi havaita että se sisältää VeraCrypt Käynnistyslataajan. + VAROITUS: Pidä mielessäsi että valitsit tämän valinnan, VeraCrypt Käynnistyslataaja ei näytä mitään tekstejä (ei edes silloin kun annat väärän salasanan). Tietokone näyttää kuin olisi "jäätynyt" (reagoimaton) kun voit kirjoittaa salasanasi (kursori EI liiku eikä tähtimerkkiä näytetä kun painat näppäintä).\n\nOletko varma että haluat valita tämän valinnan? + järjestelmäosio/levy on täysin salattu. + VeraCrypt ei tue salausta järjestelmälevylle joka on konvertoitu dynaamiseksi levyksi. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Haluatko salata järjestelmälevyn kokonaisen aseman sijaan?\n\nHuomioi, että voit luoda osio-isännöidyn VeraCrypt aseman ei järjestelmäosion sisään asemalla (lisäksi salata järjestelmäosio). + Sinun järjestelmälevy sisältää vain yhden osion joka varaa koko aseman, pidetään parempana sitä (suojatumpi) että salataan kokonainen asema sisältäen vapaat "löysä" tila joka tyypillisesti ympäröi osiota.\n\nHaluatko salata kokonaisen järjestelmä aseman? + Järjestelmäsi on asetettu tallentamaan väliaikaiset tiedostot ei-järjestelmäosiolle.\n\nVäliaikaiset tiedostot voidaan tallentaa ainoastaan järjestelmäosiolle. + Sinun käyttäjä profiili tiedostot eivät ole tallennettuna järjestelmäosiolle.\n\nKäyttäjä profiili tiedostot voidaan tallentaa ainoastaan järjestelmäosiolle. + Sivutus tiedosto(t) ovat ei-järjestelmäosiolla.\n\nSivutus tiedostot voivat sijaita ainoastaan järjestelmäosiolla. + Haluatko nyt konfiguroida Windowsin luomaan sivutustiedostoja vain Windows osiolle?\n\nHuomioi että jos painat 'Kyllä', tietokone uudelleen käynnistetään. Käynnistä sitten VeraCrypt ja yritä luoda uudelleen piilotettu käyttöjärjestelmä. + Muutoin, uskottavalla kiistanalaisella piilotetulla käyttöjärjestelmällä saattaa olla haitallinen vaikutus.\n\nHuomioi: Jos vastustaja tutkii sellaisten tiedostojen sisältöä (sijaitsevat ei-järjestelmäosiolla), hän havaita että käytit opastettua piilotetun järjestelmän luontia tilassa (mikä saattaa osoittaa olemassa olevan piilotetun käyttöjärjestelmän tietokoneellasi). Huomioi myös että mikä tahansa tällainen tiedosto tallennettuna järjestelmäosiolle on VeraCrypt turvallisesti poistanut luotaessa piilotettua käyttöjärjestelmää tehtävän suorituksen aikana. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + Turvallisuus syistä, jos nykyisin käytettävä käyttöjärjestelmä vaatii aktivoinnin, se tulee aktivoida ennen tehtävän jatkamista. Huomioi että piilotettu käyttöjärjestelmä luodaan kopioimalla järjestelmäosion sisältö piilotetulle taltiolle (siksi jos käyttöjärjestelmää ei ole aktivoitu, piilotettua käyttöjärjestelmääkään ei aktivoida). Lisätietoja, katso kappale "Turvallisuus Varotoimet Liittyen Piilotettuihin Osioihin" VeraCrypt Käyttäjä Oppaassa.\n\nTärkeää: Ennen kuin jatkat, varmista että olet lukenut kappaleen "Turvallisuus Varotoimet Liittyen Piilotettuun Taltioihin" VeraCrypt Käyttäjän Oppaassa.\n\n\nOnko nykyisessä käyttöjärjestelmässäsi oheisen kaltainen tilanne? + Järjestelmäsi käyttää lisäkäynnistysosiota. VeraCrypt ei tue nukkumistilaa piilotetulla käyttöjärjestelmällä joka käyttää lisäkäynnistysosiota (houkutuslintuna oleva järjestelmä voi olla nukkuvana ilman mitään ongelmaa).\n\nHuomioi että käynnistysosio on jaettuna sekä houkutuslintujärjestelmän ja piilotetun järjestelmän kanssa. Siitä syystä, estääkseen datan vuotamisen ja ongelmat nukkumistilasta palatessa, VeraCrypt on torjuttava piilotettua järjestelmää kirjoittamasta jaetulle käynnistysosiolle.\n\n\nHaluatko jatkaa? jos valitset 'Ei', näytetään ohjeet lisäkäynnistyosion poistamiseksi + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Varoitus: Siellä on allokoimatonta tilaa järjestelmäosion ja ensimmäisen osion takana. Kun olet luonut piilotetun käyttöjärjestelmän, sinun täytyy luoda uudet osiot tälle allokoimattomalle tilalle. Muutoin, piilotettu käyttöjärjestelmä ei ole mahdollista käynnistää (ennen kuin poistat sellaisen vasta luodun osion). + Tämä algoritmi ei ole tuettuna järjestelmän salauksessa. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Avaintiedostot eivät ole nykyisin tuettuna järjestelmä salaukselle. + Varoitus: VeraCrypt ei voi palauttaa alkuperäistä näppäimistä ulkoasua. Tämä saattaa johtaa sinun antamasta väärästä salasanasta. + Virhe: Ei voida asettaa näppäimistö ulkoasua VeraCrypt standardi US näppäin ulkoasuksi.\n\nHuomioi, että salasana täytyy kirjoittaa esikäynnistys ympäristössä (ennen kuin Windows käynnistyy) kun ei-US Windows näppäimistö ulkoasu ei ole saatavana. Siksi salasana tulee aina kirjoittaa käyttäen standardia näppäin asetusta. + Kuten VeraCrypt väliaikaisesti muutettu näppäimistä mallia vakion US näppäimistä malliksi, ei ole mahdollista kirjoittaa kirjaimia kun oikea Alt näppäin on alhaalla. Kuitenkin, voit kirjoittaa useimpia kirjaimia painamalla jotain kirjaimia Vaihto näppäin alhaalla. + VeraCrypt torjuu näppäimistön ulkoasu muutokset. + Huomioi: Salasana täytyy olla kirjoitettu esikäynnistys ympäristössä (ennen kuin Windows käynnistyy) jossa ei-US Windows näppäimistö ulkoasu ole saatavana. Siksi, salasana täytyy aina kirjoittaa käyttäen standardia US näppäimistö ulkoasua. Kuitenkin, on tärkeää huomioida että ET tarvitse oikeaa US näppäimistöä. VeraCrypt automaattisesti varmistaa voit turvallisesti kirjoittaa salasanan (juuri nyt ja esikäynnistys ympäristössä) vaikka sinulla EI ole oikeaa US näppäimistöä. + Ennen kuin voit salata osion tai aseman, sinun täytyy luoda VeraCrypt Pelastuslevy (TPL), joka palvelee seuraavissa tarkoituksissa:\n\n- Jos VeraCrypt Käynnistyslataaja , Pääavain, tai muu kriittinen data tuhoutuu, TPL sallii sinun palauttaa se (huomioi, kuitenkin, kun sinä tulee edelleen antaa oikea salasana).\n\n- Jos Windows tuhoutuu ja et voi käynnistää sitä, TPL sallii sinun pysyvästi purkaa salaus osiolta tai asemalta ennekuin Windows käynnistyy.\n\n- TPL sisältää varmistuksen nykyisestä aseman ensimmäisestä raidan sisällöstä (joka tyypillisesti sisältää järjestelmälataajan tai käynnistyksen hallintaohjelman) ja sallii sinun palauttaa sen jos tarpeen.\n\nVeraCrypt Pelastuslevy ISO imagen luonti määritellään alla. + Sen jälkeen kun olet painanut OK, Microsoft Windows Levyimage poltto käynnistetään. Käytä sitä polttaaksesi VeraCrypt Pelastuslevyn ISO image CD/DVD:lle.\n\nSen jälkeen, palaa VeraCrypt Opastettuun Taltion Luontiin ja seuraa ohjeita. + Pelastuslevy image on luotu ja talletettu tiedostoon: %s\n\nNyt sinun tulee polttaa se Pelastuslevy CD tai DVD:lle.\n\n%lsPelastuslevyn polton jälkeen, paina Seuraava varmistaaksesi että Pelastuslevy on poltettu oikein. + Pelastuslevy image on luotu ja tallennettu tiedostoon: %s\n\nNyt sinun tulee joko polttaa Pelastuslevyt CD/DVD:lle tai siirtää se varmaan paikkaan myöhempää käyttöä varten.\n\n%lsPaina Seuraava jatkaaksesi. + TÄRKEÄÄ: Huomioi, että tiedoston täytyy olla kirjoitettu CD/DVD:lle ISO levy imagena (ei itse tiedostona). Ohjeistus siitä. miten tämä tehdään, seuraa dokumentaatiota jonka sait CD/DVD ohjelmiston mukana. Jos sinulla ei ole CD/DVD tallennus ohjelmaa, jolla voidaan kirjoittaa ISO levyimage CD/DVD:lle, paina alla olevaa linkkiä ladataksesi ilmaisen ohjelmiston.\n\n + Käynnistä Microsoft Windows Levy Imagen Poltto + VAROITUS: Jos olet jo luonut VeraCrypt Pelastuslevyn aiemmin, sitä ei voida uudelleen käyttää tälle järjestelmäosiolle/asemalle koska se on luotu eri pääavaimelle! Joka kerta kun salaat osion/levyn, sinun täytyy luoda uusi VeraCrypt Pelastuslevy vaikka käyttäisitkin samaa salasanaa. + Virhe: Järjestelmän salauksen asetuksia ei voitu tallentaa. + Järjestelmä salauksen esitestiä ei voitu aloittaa. + Ei voida tunnistaa piilotetun käyttöjärjestelmän tapahtumaa. + Tyhjennys Tila + Joissakin tyypeissä tallennus medioita, kun dataa ylikirjoitetaan toisella datalla, on mahdollista palauttaa ylikirjoitettu data käyttäen sellaisia tekniikoita kuin magneettisesti pakotettu mikrokopiointi. Tämä myös sallii data ylikirjoituksen salatussa muodossa (mikä tapahtuu kun VeraCrypt alustaessa salakirjoittaa salaamattoman osion tai aseman). Joiden ohjeiden ja julkaisujen mukaan, palautus ylikirjoitetulle datalle voidaan estää (tai tehdä hyvin vaikeaksi) ylikirjoittamalla dataa epäaitosatunnaisesti ja tietyllä ei-satunnaisdataa useamman kerran. Siksi, jos uskot että vastustaja saattaisi mahdollisesti käyttää tällaisia tekniikoita palauttaakseen datan jonka aiot salata, sinun tulee valita pyyhintä tila (olemassa oleva data EI häviä). Huomioi että pyyhintää EI suoriteta osion/aseman salauksen jälkeen. Kun osio/asema on täysin salattu, salaamaton data kirjoitetaan sille. Mikä tahansa kirjoitettu data ensiksi salataan lennossa muistissa ja ainoastaan sitten se (salattu) data kirjoitetaan levylle. + Joissakin tyypeissä tallennus medioita, kun dataa ylikirjoitetaan toisella datalla, (esim. kun data pyyhitään pois), on mahdollista palauttaa ylikirjoitettu data käyttäen sellaisia tekniikoita kuin magneettisesti pakotettu mikrokopiointi. Joiden ohjeiden ja julkaisujen mukaan, palautus ylikirjoitetulle datalle voidaan estää (tai tehdä hyvin vaikeaksi) ylikirjoittamalla dataa epäaitosatunnaisesti ja tietyllä ei-satunnaisdataa useamman kerran. Siksi, jos uskot että vastustaja saattaisi mahdollisesti käyttää tällaisia tekniikoita palauttaakseen datan jonka olet poistamassa, sinä voit haluta valita jonkin moniohitus (multi-pass) pyyhintä tilan.\n\nHuomioi: Mitä enemmin pyyhintä ohitusta käytät, sitä kauemmin kestää datan pyyhintä. + Pyyhi + \nHuomioi: Voit keskeyttää pyyhintä tehtävän, sulkemalla tietokoneesi, käynnistämällä piilotetun järjestelmän uudelleen ja sitten uudelleen käynnistämällä tehtävän (tämä opastus käynnistetään automaattisesti). Kuitenkin, jos keskeytät sen, koko pyyhintä tehtävä käynnistetään alusta asti. + \n\nHuomioi: Jos keskeytät pyyhintä tehtävän ja sitten yrität uudelleen käynnistää sitä, koko tehtävä aloitetaan alusta asti. + Haluatko keskeyttää pyyhinnän? + Varoitus: Koko sisältö valitulta osiolta/asemalta tyhjennetään ja se katoaa. + Koko osion sisältö missä alkuperäinen järjestelmä sijaitsee tyhjennetään.\n\nHuomioi: Koko osion sisältö joka halutaan poistaa on kopioitu tälle piilotetulle osiolle. + VAROITUS: Huomioi että kun valitset esim. 3-ohitus pyyhintä tilan, kuluva tarvittu aika salatakseen osion/aseman kestää 4 kertaa kauemmin. Samoin kuin, jos valitset 35-ohitus pyyhintä tilan, se kestää 36 kertaa kauemmin (saattaa kestää useita viikkoja).\n\nKuitenkin, huomioi että pyyhintää EI suoriteta sen jälkeen kun osio/asema on täysin salattu. Kun osio/asema on täysin salattu, salaamatonta tietoa ei kirjoiteta sille. Mitä tahansa kirjoitetaan sille se ensin salataan lennossa muistissa ja ainoastaan sitten se (salattu) tieto kirjoitetaan levylle (siten se EI vaikuta suorituskykyyn).\n\nOletko varma että haluat käyttää pyyhintä tilaa? + Ei mitään (nopein) + 1-läpi (satunnaistieto) + 3-läpi (US DoD 5220.22-M) + 7-läpi (US DoD 5220.22-M) + 35-läpi ("Gutmann") + 256-läpi + Käyttöjärjestelmän numero + VAROITUS: Aloittelevan käyttäjän ei koskaan pidä yrittää salata Windows monikäynnistys (multi-boot) konfiguraatioita.\n\nJatkatko? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Käynnistys Asema + Onko nykyinen käytössä oleva käyttöjärjestelmä asennettuna käynnistys asemalle?\n\nTiedotus: Joskus Windows ei ole asennettu samalle asemalle kuin käynnistys lataaja (käynnistys osiolle). Tässä tapauksessa valitse 'Ei'. + VeraCrypt nykyisin ei tue salattua käyttöjärjestelmää joka ei käynnisty asemalta jonne sitä ei ole asennettu. + Järjestelmälevyjen Määrä + Kuinka monta asemaa käyttöjärjestelmäsi sisältää?\n\nTiedotus: esimerkiksi, jos käyttöjärjestelmäsi on (esim. Windows, Mac OS X, Linux, jne.) asennettu ensisijaiselle asemalle ja jokin lisä käyttöjärjestelmä on asennettu toissijaiselle asemalle, valitse '2 tai enemmin'. + VeraCrypt ei nykyisin tue salattua kokonaista asemaa joka sisältää useamman käyttöjärjestelmän.\n\nMahdollinen ratkaisu:\n\n- Voit vielä salata yhden järjestelmän jos menet takaisin ja valitset salaa vain yksi järjestelmäosio (vastakohta valittaessa salaukseen kokonainen järjestelmälevy).\n\n- Vaihtoehto, on mahdollista salata kokonainen asema jos siirrät järjestelmän toiselle asemalle jättäen ainoastaan yhden järjestelmän asemalle jonka haluat salata. + Useampi järjestelmä yhdellä levyllä + Onko jotakin muuta käyttöjärjestelmää asennettuna asemalle kuin nykyisin ajettava ja asennettu järjestelmä?\n\nTiedotus: Esimerkiksi, jos nykyinen ajettava käyttöjärjestelmä on asennettu asemalle #0, mikä sisältää useita osioita. ja jos yksi osioista sisältää Windowsin ja toiset osiot jonkin muun toisen käyttöjärjestelmän (esim. Windows, Mac OS X, Linux, jne.), valitse 'Kyllä'. + Ei-Windows Käynnistyslataaja + Onko ei-Windows käynnistys lataaja (tai käynnistys manageri) asennettuna isäntä käynnistys rekisteriin (MBR)?\n\nHuomioi: Esimerkiksi, jos ensimmäinen käynnistys aseman polku sisältää GRUB, LILO, XOSL, tai muun ei-Windows käynnistys managerin (tai käynnistys lataajan), valitse 'Kyllä'. + Multi-Bootti + VeraCrypt ei nykyisellään tue multi-käynnistys asetuksia jonne Ei-Windows käynnistys lataaja on asennettuna Master Boot Recordiin (MBS).\n\nMahdollinen Ratkaisu:\n\n- Jos käytät käynnistys manageria käynnistääksesi Windows ja Linux järjestelmiä, siirrä käynnistys manageri (tyypillisesti, GRUB) Master Boot Record osiolta. Sitten käynnistä opastus uudelleen ja salaa järjestelmäosio/levy. Huomioi, että VeraCrypt Käynnistyslataajasta tulee sinun ensisijainen käynnistys manageri ja se mahdollistaa sinua ajamasta alkuperäistä käynnistys manageria (esim. GRUB) kuten toissijaisena käynnistys managerina (painamalla Esc näppäintä VeraCrypt Käynnistyslataajan ikkunassa) ja siten mahdollista ladata Linux. + Jos nykyinen käytössäsi oleva käyttöjärjestelmä on asennettu lataavalle osiolle ,sitten, kun olet salannut sen, sinun tulee antaa oikea salasana vaikka jos haluat käynnistää jonkin toisen salaamattoman Windows järjestelmän(t) (kuten ne jakavat yhden salatun Windows käynnistys lataajan/managerin).\n\nVastakohtana, jos nykyinen käyttöjärjestelmä ei ole asennettuna käynnistyvälle osiolle (tai jos Windows käynnistys lataaja/manageri ei ole käytetty toista muuta järjestelmää), sitten, kun olet salannut tämän järjestelmän, sinun ei tarvitse antaa oikeaa salasanaa käynnistääksesi salaamatonta järjestelmää(t) -- sinun tulee ainoastaan painaa Esc näppäintä aloittaaksesi salaamattoman järjestelmän (jos on useampia salaamattomia järjestelmiä, sinun tulee myös valita minkä järjestelmän käynnistät VeraCrypt Käynnistys Manageri valikosta).\n\nTiedote: Tavallisesti, aiemmin asennettu Windows järjestelmä on asennettu käynnistys osiolle. + Isäntä Suojattu alue Salattu + Monen asemien lopussa on alue, joka on tavallisesti piilotettu käyttöjärjestelmältä (tällaiset alueet ovat tavallisesti mainittuina Isäntä Suojatuissa Alueissa). Kuitenkin, jotkin ohjelmat voivat lukea ja kirjoittaa dataa siitä/siihen alueeseen.\n\nVAROITUS: Jotkin tietokoneen valmistajat voivat käyttää tällaista aluetta tallentaakseen työkaluja ja dataa RAID:lle, järjestelmän toipuminen, järjestelmän asetukset, diagnostiikka, tai muu tarkoitus. Jos tällainen työkalu tai data täytyy olla saatavilla ennen käynnistymistä, piilotettua aluetta EI tule salata (valitse 'Ei' yllä).\n\nHaluatko VeraCrypt havaita ja salata tällainen piilotettu alue (jos on) järjestelmä aseman lopusta? + Järjestelmä Salauksen tyyppi + Valitse tämä valinta jos haluat pelkästään salata järjestelmän osion tai kokonaisen järjestelmälevyn. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Piilotettu Käyttöjärjestelmä + Seuraavassa kohdassa, luot kaksi VeraCrypt taltiota (ulkoinen ja piilotettu) ensimmäisen osion sisälle ja järjestelmäosion taakse. Piilotettu taltio sisältää piilotetun käyttöjärjestelmän (OS). VeraCrypt luo piilotetun OS kopioimalla järjestelmäosion sisällön (missä nykyinen ajettava OS on asennettuna) piilotetulla taltiolla. Ulkoiselle taltiolle, sinä kopioit jotakin herkkäluontoiselta näyttäviä tiedostoja joita ET todellisuudessa halua piilottaa. Ne ovat siellä koska jos jokin pakottaa sinua paljastamaan salasanan piilotetulle käyttöjärjestelmäosiolle. Voit paljastaa salasanan ulkoiselle taltiolle piilotetun käyttöjärjestelmäosion sisällä (piilotetun käyttöjärjestelmän olemassaolo pysyy salassa).\n\nLopuksi, käynnissä olevalla käyttöjärjestelmän osiolla, voit asentaa uuden käyttöjärjestelmän, niin kutsutun houkutuslintu käyttöjärjestelmän, ja salata sen. Sen ei pidä sisältää herkkää tietoa ja ovat siellä jos jokin pakottaa sinua paljastamaan esikäynnistys autentikointi salasanan. Kokonaisuudessaan, siellä on kolme salasanaa. Kaksi niistä voidaan paljastaa (houkutuslintu käyttöjärjestelmälle ja ulkoiselle taltiolle). Jos käytät kolmatta, piilotettu käyttöjärjestelmä käynnistyy. + Tunnistetaan Piilotetut Sektorit + Odota kunnes VeraCrypt tunnistaa mahdollisen piilotetun sektorin järjestelmälevyn lopusta. Huomioi että tämä saattaa kestää kauan.\n\nTiedotus: Harvassa tapauksessa joissakin tietokoneissa, järjestelmä saattaa olla vastaamatta käskyihin tämän tunnistus toiminnon aikana. Jos tämä tapahtuu, uudelleen käynnistä tietokone, käynnistä VeraCrypt, toista edellinen askel mutta hyppää yli tästä tunnistus kohdasta. Huomioi että tämä ongelma ei ole VeraCrypt bugi. + Alue Salaukseen + Valitse tämä valinta jos haluat salata kokonaisen aseman, missä nykyinen Windows on asennettuna. Koko asema, sisältäen kaikki sen osiot, salataan paitsi ensimmäinen ura jossa VeraCrypt Käynnistyslataaja sijaitsee. Kukaan joka tahtoo päästä asennettuun järjestelmään tällä asemalla, tai aseman tallennettuihin tiedostoihin, tarvitsee oikean salasanan joka kerta ennen kuin järjestelmä käynnistyy. Tätä valintaa ei voi käyttää salatakseen toissijaisen tai ulkoisen aseman jos Windows ei ole asennettuna sille ja käynnisty siltä. + Kerää Satunnais-dataa + Avaimet Luotu + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Pelastuslevy Nauhoitettu + Pelastuslevy Luotu + Järjestelmä Salakirjoitus uudelleen testi + Pelastuslevy Tarkistettu + \nVeraCrypt Pelastuslevy on onnistuneesti tarkistettu. Poista se nyt asemasta ja tallenna se turvalliseen paikkaan.\n\nPaina Seuraava jatkaaksesi. + VAROITUS: Seuraavan kohdan aikana, VeraCrypt Pelastuslevy ei pidä olla asemassa. Muutoin, ei ole mahdollista lopettaa vaihetta virheettömästi.\n\nPoista se nyt asemasta ja tallenna turvalliseen paikkaa. Paina OK. + Varoitus: Teknisistä rajoituksista johtuen esikäynnistys ympäristössä, VeraCrypt näyttämä teksti esikäynnistys ympäristöstä (esim. ennen kuin Windows käynnistyy) ei voida paikallistaa. VeraCrypt Käynnistyslataaja käyttäjä liityntä on täysin englannin kielinen.\n\nJatka? + Ennen kuin salaat käyttöjärjestelmän osion tai aseman, VeraCrypt tarvitsee varmistaa että kaikki toimii oikein.\n\nKun painat Testaa, kaikki tarvittavat komponentit (esim., esikäynnistys autentikointi komponentti, jne. VeraCrypt Käynnistyslataaja) asennetaan ja koneesi käynnistetään uudelleen. Sitten sinun on annettava salasana VeraCrypt Käynnistyslataajan ikkunassa joka ilmestyy ennen Windows käynnistymistä. Kun Windows on käynnistynyt, esitesti tulos ilmoitetaan sinulle automaattisesti.\n\nSeuraava laite muokataan: Asema #%d\n\n\nJos painat nyt Peruuta, mitään ei asenneta ja esitestiä ei suoriteta. + TÄRKEÄÄ TIEDOTE -- LUE TAI TULOSTA (paina 'Tulosta'):\n\nHuomioi ettei yksikään tiedostoista salata ennen kuin onnistuneesti käynnistät tietokoneen ja sitten Windowsin. Siksi, jos jokin epäonnistuu, tiedostosi EIVÄT häviä. Kuitenkin, jos jokin epäonnistuu, sinä saatat törmätä vaikeuksiin käynnistettäessä Windowsia. Siksi, lue (ja jos mahdollista tulosta) seuraava ohjeistus siitä mitä tehdä jos Windows ei voi käynnistyä uudelleen käynnistyksen jälkeen.\n\n + Mitä tehdä jos Windows ei käynnisty ------------------------------------------------\n\nHuomioi: Nämä ohjeet ovat voimassa ainoastaan jos et ole käynnistänyt salausta.\n\n- jos Windows ei käynnisty antaessasi oikean salasanan (tai jos olet jatkuvasti antanut oikean salasanan mutta VeraCrypt sanoo että salasana on väärä), ei hätää. Käynnistä uudelleen (virta pois ja päälle) tietokoneesi, ja VeraCrypt Käynnistyslataajan ikkunassa, paina Esc näppäintä (ja jos sinulla on useampia järjestelmiä asennettuna, valitse minkä käynnistät). Sitten Windows tulisi käynnistyä (jos ei ole salattuna) ja VeraCrypt automaattisesti kysyy mistä haluat poistaa esikäynnistys varmistuskomponentin. Huomioi että edellinen askel EI toimi jos järjestelmä osio/asema on salattuna (kukaan ei voi käynnistää Windowsia tai pääsy aseman salatulle tiedoille ilman oikeaa salasanaa vaikka hän seuraisi edellisiä askeleita).\n\n + - Jos aiemmat vaiheet eivät auttaneet tai jos VeraCrypt Käynnistys Lataaja ikkuna ei näy (ennekuin Windows käynnistyy), aseta VeraCrypt Pelastuslevy CD/DVD asemaan ja käynnistä uudelleen tietokoneesi. Jos VeraCrypt Pelastuslevy ikkuna ei näy (tai jos et näe 'Korjaa Valinnat' kohtaa 'Näppäimistön Hallinta' VeraCrypt Pelastuslevy valinnasta ikkunassa), on mahdollista että joudut konfiguroimaan BIOS asetuksesi käynnistääksesi järjestelmän kovalevyltä ennen CD/DVD asemia. Jos tästä kyse, käynnistä tietokoneesi, paina F2 tai Delete (heti kun näet BIOS käynnistys ikkunan), ja odota ennekuin BIOS konfigurointi ikkuna ilmestyy. Jos BIOS konfigurointi ikkunaa ei ilmesty, käynnistä uudelleen tietokoneesi ja käynnistä painamalla F2 tai Delete toistamiseen kunnes käynnistät tietokoneen. Kun BIOS konfigurointi ikkuna ilmestyy, muuta BIOS käynnistämään CD/DVD asema ensin. Käynnistä sitten tietokoneesi. VeraCrypt Pelastuslevy ikkuna täytyy nyt ilmestyä. VeraCrypt Pelastuslevy ikkunassa, valitse 'Korjaa Valinnat' painamalla F8 näppäintä. 'Korjaa Valinnat' valinnoissa, valitse 'Palauta alkuperäinen järjestelmä lataaja'. Sitten poista Pelastuslevy CD/DVD asemasta ja käynnistä tietokone uudelleen. Windows tulisi käynnistyä normaalisti (jos se ei ole salattuna).\n\n + Huomioi että edellinen kohta EI toimi jos järjestelmä osio/asema on salattu (ei kukaan voi käynnistää Windowsia tai päästä käsiksi aseman salattuun tietoon ilman oikeaa salasanaa vaikka jos hän seuraisikin aikaisempia kohtia).\n\n\nHuomioi vaikka jos kadotat VeraCrypt Pelastuslevyn ja jokin toinen löytää sen, hän EI voi purkaa järjestelmäsalausta osiolta tai asemalta ilman oikeaa salasanaa. + Uudelleen Testaus Suoritettu + Esitesti on onnistuneesti suoritettu.\n\nVAROITUS: Huomioi että jos virta katkeaa äkillisesti kun salaus on meneillään, tai kun käyttöjärjestelmä kaatuu johtuen ohjelmisto virheestä tai laitteisto viasta johtuen kun VeraCrypt on salaamassa olemassa olevaa data, osa datasta korruptoituu tai häviää. Siksi, ennen kuin aloitat salauksen, varmista että sinulla on varmuustallennus kopio näistä tiedostoista jotka haluat salata. Jos ei ole, ole hyvä ja tee se nyt (voit painaa Lykkää, varmuustallenna nämä tiedostot, sitten aja VeraCrypt uudelleen, ja valitse 'Järjestelmä' > 'Aloita Uudelleen Keskeytetty Prosessi' aloittaaksesi salauksen).\n\nKun valmis, paina Salaus aloittaaksesi salauksen. + Voit painaa tauko tai siirrä milloin tahansa keskeyttääksesi salaus/salauksenpurku toiminnon, poistu opastuksesta, uudelleen käynnistä tai sulje tietokone, ja sitten aloita prosessi uudelleen, mikä jatkuu edelleen siitä kohdasta johon pysähdyttiin. Torjuaksesi sulkemisen kun järjestelmä tai sovellus kirjoittaa tai lukee dataa järjestelmälevyltä, VeraCrypt automaattisesti odottaa ennen kuin dataa kirjoitetaan tai luetaan (katso Tilanne yläpuolella) ja sitten automaattisesti jatketaan salausta/salauksenpurkua. + \n\nVoit painaa Keskeytä tai Siirrä milloin tahansa keskeyttääksesi salaus prosessin, poistu tästä opastuksesta, aloita uudelleen tai sulje tietokone ja aloita uudelleen prosessi, mikä jatkaa kohdasta mihin aiemmin pysähdyttiin. Huomioi että taltiota ei voida yhdistää ennen kuin se on täysin salattu. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Piilotettu Järjestelmä Käynnistetty + Alkuperäinen Järjestelmä + Windows luo (tavallisesti sinun tietämättä tai ilman suostumustasi) erilaisia loki tiedostoja, väliaikaistiedostot, jne., järjestelmäosiolla. Se myös tallentaa RAM sisällön nukkumistilalle ja siivutus tiedostoille järjestelmäosiolle. Siksi, jos vastustaja tutkii tallennettuja tiedostoja osiolla missä alkuperäinen järjestelmä (mistä piilotettu järjestelmä on kloonattu) sijaitsee, hän saattaa havaita, esimerkiksi, että olet käyttänyt VeraCrypt opastettua piilotetun järjestelmän luonti tilassa (mikä saattaa osoittaa olemassa olevan piilotetun käyttöjärjestelmän tietokoneellasi).\n\nEstääksesi tällaisen ongelman, VeraCrypt tekee seuraavassa kohdassa, turvallisen poiston osio koko sisällölle missä alkuperäinen järjestelmä sijaitsee. Jälkeenpäin, saavuttaaksesi uskottavan tilanteen, sinun tulee asentaa uusi järjestelmäosiolle ja salata se. Joten sinun tulee luoda houkutuslintu järjestelmä ja piilotetun käyttöjärjestelmä luonti suoritetaan loppuun. + Piilotettu käyttöjärjestelmä on onnistuneesti luotu. Kuitenkin, ennen kuin voi aloittaa käyttämään sitä (ja saavuttaa uskottavan kiistanalaisuuden), sinun tarvitsee turvallisesti hävittää (käyttäen VeraCrypt) koko taltion sisältö missä nykyinen ajettava käyttöjärjestelmä on asennettuna. Ennen kuin voit tehdä näin, sinun tarvitsee käynnistää uudelleen tietokoneesi ja VeraCrypt Käynnistyslataajan ikkunassa (mikä ilmestyy ennen kuin Windows käynnistyy), anna esikäynnistys autentikointi salasana piilotetulle käyttöjärjestelmälle. Sitten, sen jälkeen piilotettu järjestelmä käynnistyy, VeraCrypt opastus käynnistyy automaattisesti.\n\nTiedote: Jos valitset tehtävän keskeytyksen luodessasi piilotettua käyttöjärjestelmää nyt, sinun EI ole mahdollista aloittaa sitä uudelleen ja piilotettu järjestelmään EI ole pääsyä (koska VeraCrypt Käynnistyslataaja on poistettu). + Olet ajastanut piilotetun käyttöjärjestelmän luonti prosessin. Prosessi ei ole vielä valmis. Valmistaaksesi tämän tehtävän, sinun täytyy käynnistää uudelleen tietokoneesi ja, VeraCrypt Käynnistyslataajan ikkunassa (mikä ilmestyy ennen kuin Windows käynnistyy), anna salasana piilotetulle käyttöjärjestelmälle.\n\nHuomioi: Jos valitset nyt piilotetun käyttöjärjestelmän luonnissa keskeytyksen, sinun EI ole mahdollista jatkaa sitä uudelleen. + Käynnistä uudelleen tietokoneesi ja jatka + Pysyvästi keskeytetty piilotetun käyttöjärjestelmän luonti prosessi + Älä tee mitään nyt ja kysy uudelleen myöhemmin + \nJOS MAHDOLLISTA, TULOSTA TÄMÄ TEKSTI (paina 'Tulosta' alta).\n\n\nKuinka ja milloin käytetään VeraCrypt Pelastus Levyä (Salauksen jälkeen) -----------------------------------------------------------------------------------\n\n + I. Kuinka Käynnistetään VeraCrypt Pelastuslevy\n\nKäynnistääksesi VeraCrypt Pelastuslevyn, aseta levy CD/DVD asemaan ja käynnistä tietokone uudestaan. Jos VeraCrypt Pelastuslevy ikkuna ei näy (tai jos et näe 'Korjaa Valinnat' kohtaa 'Näppäimistön Hallinta' kohdassa), voi olla mahdollista että BIOS on asetettu käynnistymään kovalevyltä ennen CD/DVD asemia. Jos näin on, käynnistä uudelleen tietokoneesi, paina F2 tai Delete nappulaa (niin kauan kuin näet BIOS käynnistys ikkunan), ja odota ennekuin BIOS asetus ikkuna näkyy. Jos BIOS asetus ikkuna ei näy, käynnistä uudelleen tietokone ja paina F2 tai Delete nappulaa toistuvasti kunnes tietokone käynnistyy. Kun BIOS asetus ikkuna näkyy, muuta BIOS asetusta niin että CD/DVD asema käynnistyy ensin (katso tarvittaessa manuaalista kuinka tämä tehdään). Sitten käynnistä tietokone uudestaan. VeraCrypt Pelastuslevy ikkunan pitäisi nyt näkyä. Huomio: VeraCrypt Pelastuslevy ikkunasta, voit valita 'Korjaa Valinnat' painamalla F8 näppäintä.\n\n\n + II. Milloin ja miten käyttää VeraCrypt Pelastuslevyä (Salauksen jälkeen)\n\n + 1) Jos VeraCrypt Käynnistyslataajan ikkuna ei ilmesty koneen käynnistyttyä (tai jos Windows ei käynnisty), VeraCrypt Käynnistyslataaja saattaa olla vioittunut. VeraCrypt Pelastuslevy sallii sinun palauttaa sen ja sallii pääsyn jälleen salattuun järjestelmään ja data (kuitenkin, huomioi että sinun tulee yhä antaa oikea salasana). Pelastuslevy ikkunassa, valitse 'Korjaa Valinnat' > 'Palauta VeraCrypt Käynnistyslataaja'. Sitten paina 'Y' komennon vahvistamiseksi, poista Pelastuslevy CD/DVD asemasta ja käynnistä uudelleen tietokoneesi.\n\n + 2) Jos toistuvasti annat oikean salasanan mutta VeraCrypt kertoo että salasanasi on väärä, pääavain tai muu kriittinen tieto saattaa olla tuhoutunut. VeraCrypt Pelastuslevy sallii sinun palauttaa ne ja sallii pääsyn jälleen salattuun järjestelmään ja data (kuitenkin, huomioi että sinun tulee yhä antaa oikea salasana). Pelastuslevy ikkunassa, valitse 'Korjaa Valinnat' > 'Palauta avaintieto'. Anna salasanasi, paina 'Y' komennon vahvistamiseksi, poista Pelastuslevy CD/DVD asemasta ja käynnistä uudelleen tietokoneesi.\n\n + 3) Jos VeraCrypt Käynnistyslataaja on vahingoittunut, voit välttää ajamasta sitä käynnistämällä suoraan VeraCrypt Pelastuslevyltä. Aseta Pelastuslevy CD/DVD asemaan ja sitten anna salasanasi Pelastuslevy ikkunassa.\n\n + 4) Jos Windows on vahingoittunut ja sitä ei voi käynnistää, VeraCrypt Pelastuslevy sallii sinua pysyvästi purkaa salaus osiolta/asemalta ennekuin Windows käynnistyy. Pelastuslevy ikkunassa, valitse 'Korjaa Valinnat' > 'Pura pysyvästi järjestelmäosion/aseman salaus'. Anna oikea salasana ja odota ennekuin salauksenpurku on valmis. Sitten voit esim. käynnistää MS Windows asennus CD/DVD korjataksesi Windows asennuksen.\n\n + Huomioi: Vaihtoehtoisesti, jos Windows on vahingoittunut (ei käynnisty) ja sinun tarvitsee korjata se (tai päästä käsiksi sen tiedostoihin), voit estää salauksen avauksen järjestelmäosiolta/asemalta seuraamalla seuraavia askeleita: Jos sinulla on useita käyttöjärjestelmiä asennettuna koneellesi, käynnistä yksi joka ei vaadi esikäynnistys autentikointia. Jos sinulla ei ole useampaa käyttöjärjestelmää asennettuna, voit käynnistää WinPE tai BartPE CD/DVD tai voit muuttaa järjestelmäaseman toissijaiseksi tai ulkoiseksi asemaksi toiselle tietokoneelle ja sitten käynnistää tietokoneelle asennettu käyttöjärjestelmä. Kun olet käynnistänyt käyttöjärjestelmän, aja VeraCrypt, paina 'Valitse Laite', valitse vallitseva järjestelmäosio, paina 'OK', valitse 'Järjestelmä' > 'Kytke Ilman Esikäynnistys Autentikointia', paina esikäynnistys autentikointi salasana ja paina 'OK'. Osio kytketään kuten tavallinen VeraCrypt taltio (data salataan/puretaan lennossa RAM muistiin, kuten tavallisesti).\n\n\n + Huomioi että vaikka kadotat VeraCrypt Pelastuslevyn ja hyökkääjä löytää sen, hän EI voi purkaa salausta järjestelmäosiolta tai asemalta ilman oikeaa sanalanaa. + \n\nT Ä R K E Ä Ä -- TULOSTA TAMA TEKSTI JOS MAHDOLLISTA (paina 'Tulosta' alta).\n\n\nHuomioi: Tätä tekstiä ei näytetä automaattisesti joka kerta kun käynnistät piilotetun järjestelmän ennen kuin aloitat luomaan houkutuslintu järjestelmän.\n\n\n + Kuinka luoda Houkutuslintuna toimiva Järjestelmä Turvallisesti ja Salattuna ----------------------------------------------------------------------------\n\nSaavuttaaksesi uskottavan kiistämisen, sinun täytyy luoda nyt houkutuslintu käyttöjärjestelmä. Tehdäksesi niin, seuraa näitä vaiheita:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Asentaa Windows osiolle, jonka sisältö on poistettu (esim. osiolle jossa alkuperäinen järjestelmä, josta piilotettu järjestelmä on klooni, on asennettuna).\n\nTÄRKEÄÄ: KUN KAYNNISTAT HOUKUTUSLINTU JARJESTELMAN ASENNEUKSEN, PIILOTETTUA JARJESTELMAA *EI* OLE MAHDOLLISTA KAYNNISTAA (koska VeraCrypt käynnistyslataaja poistetaan Windows järjestelmä asentajan toimesta). TAMA ON NORMAALI JA ODOTETTAVISSA OLEVA TOIMINTO. ALA HUOLESTU TASTA. SINUN ON MAHDOLLISTA KAYNNISTAA PIILOTETTU JARJESTELMA UUDELLEEN HETI KUN KAYNNISTAT HOUKUTUSLINTUJARJESTELMAN SALAUKSEN (koska VeraCrypt asentaa automaattisesti VeraCrypt Käynnistyslataajan järjestelmä asemalle).\n\nTärkeää: Houkutuslintuna olevan järjestelmäosion täytyy olla samankokoinen kuin piilotetun taltion (tämä ehto ei ole täyttynyt). Lisäksi, sinun ei pidä luoda mitään osiota houkutuslintujärjestelmän ja piilotetun järjestelmän välille missä piilotettu järjestelmä ovat.\n\n + 3) Käynnistä houkutuslintu järjestelmä (jonka asensit vaiheessa 2 ja asenna VeraCrypt sinne).\n\nPidä mielessäsi että houkutuslintu järjestelmän ei pidä koskaan sisältää arkaluonteista tietoa.\n\n + 4) Houkutuslintu järjestelmällä, aja VeraCrypt ja valitse 'Järjestelmä' > 'Salaa Järjestelmäosio/asema'. VeraCrypt Opastettu Taltion Luonti ikkunan pitäisi olla esillä.\n\nSeuraavat kohdat liittyvät Opastettuun VeraCrypt Taltion Luontiin.\n\n + 5) VeraCrypt Taltion Opastettu Luonti, älä valitse 'Piilotettu' valintaa. Jätä 'Tavallinen' valinta valituksi ja paina 'Seuraava'.\n\n + 6) Valitse 'Salaa Windows järjestelmäosio' ja sitten paina 'Seuraava'.\n\n + 7) Jos on vain piilotettuja järjestelmiä ja houkutuslintujärjestelmiä asennettuna tietokoneelle, valitse kohta 'Yksittäinen Käynnistys' (jos on asennettuna useampia kuin nämä kaksi järjestelmää, valitse 'Moni Käynnistys'). Paina 'Seuraava'.\n\n + 8) TÄRKEÄÄ: Tämä on kohta, HOUKUTUSLINTU JÄRJESTELMÄLLE, SINUN TÄYTYY VALITA SAMA SALAUS ALGORITMI JA HASH ALGORITMI JOTKA VALITSIT PIILOTETULLE JÄRJESTELMÄLLE! MUUTOIN, PIILOTETTU JÄRJESTELMÄ ON TAVOITTAMATTOMISSA! Toisin sanoen, houkutuslintujärjestelmä täytyy olla salattu samaisella salausalgoritmilla kuin piilotettu järjestelmä. Huomioi: Syy tähän on, että houkutuslintu järjestelmä ja piilotettu järjestelmä jakavat samaisen käynnistyslataajan, joka tukee ainoastaan yksittäistä algoritmia, käyttäjän valitseman (jokaiselle algoritmille, on erityinen versio VeraCrypt käynnistyslataajasta).\n\n + 9) Tässä kohdassa, valitse salasana houkutuslintu käyttöjärjestelmälle. Tämä on salasana jonka voit paljastaa jos olet pakotettu tai muutoin kiristetty antamaan esikäynnistys salasanan (muut salasanat jotka voit paljastaa on yksi ulkoiselle taltiolle). Olemassa oleva kolmannen osapuolen salasana (esim. esikäynnistys autentikointi salasana piilotetulle käyttöjärjestelmälle) säilyy salassa.\n\nTärkeää: Salasana jonka valitsit houkutuslintu järjestelmälle tulee olla erilainen kuin jonka valitsit piilotetulle taltiolle (esim. piilotetulle käyttöjärjestelmälle).\n\n + 10) Seuraa jäljellä olevia opastuksen ohjeita siten että salaat houkutuslintu käyttöjärjestelmän.\n\n\n\n + Kun Houkutuslintujärjestelmä on Luotuna ------------------------------------------------\n\nKun olet salannut houkutuslintujärjestelmän, koko piilotetun käyttöjärjestelmän luonti tehtävä valmistetaan ja sinun on mahdollista käyttää näitä kolmea salasanaa:\n\n1) Esikäynnistys autentikointi salasana piilotetulle käyttöjärjestelmälle.\n\n2) Esikäynnistys autentikointi salasana houkutuslintukäyttöjärjestelmälle.\n\n3) Salasana ulkoiselle taltiolle.\n\n + Jos haluat käynnistää piilotetun käyttöjärjestelmän, sinun tarvitsee antaa vain salasana piilotetulle käyttöjärjestelmälle VeraCrypt käynnistyslataajan ikkunassa (joka ilmestyy kun olet käynnistänyt tietokoneesi).\n\nJos haluat käynnistää houkutuslintu käyttöjärjestelmän, sinun tarvitsee antaa vain salasana houkutuslintu käyttöjärjestelmälle VeraCrypt käynnistyslataajan ikkunassa.\n\nHoukutuslintu järjestelmän salasanan voi paljastaa kenelle tahansa jos olet pakotettu antamaan esikäynnistys autentikointi salasanan. Piilotetun taltion olemassaolo (ja piilotettu käyttöjärjestelmä) pysyvät salassa.\n\n + Kolmas salasana (ulkoiselle taltiolle) voi paljastaa kenelle tahansa pakotettuna antamaan salasanaa ensimmäisen osion käyttöjärjestelmänosion takana, jossa sekä ulkoinen että piilotettu taltio (sisältää piilotetun käyttöjärjestelmän) sijaita. Olemassa olevan piilotettu taltion (ja piilotettu käyttöjärjestelmä) pysyy salattuna.\n\n\n + Jos olet pakotettu paljastamaan houkutuslintujärjestelmän salasanan ja hän kysyy sinulta miksi vapaa tila (houkutuslintu) järjestelmäosiolla sisältää satunnaista tietoa, voit vastata, esim: "Osion nykyisin sisältämä järjestelmä salattuna VeraCrypt ohjelmalla, mutta unohdin esikäynnistys autentikointi salasanan (tai järjestelmä tuhoutui ja loppui käynnistymästä), siksi minun täytyi asentaa uudelleen Windows ja salata osio uudelleen."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + VAROITUS: JOS ETI SUOJAA PIILOTETTUATALTIOTA (ohje kuinka tämän teet, sisältyy osiossa "Piilotettujen taltioiden Suojaaminen Vaurioitumista Vastaan" VeraCrypt Käyttäjäohjeessa), ÄLÄ KIRJOITA ULKOISELLE TALTIOLLE (huomioi että piilotettu käyttöjärjestelmä EI ole asennettu ulkoiselle taltiolle). MUUTOIN, VOIT YLIKIRJOITTAA JA TUHOTA PIILOTETUN TALTION (JA PIILOTETTU KÄYTTöJÄRJESTELMÄ SEN SISÄLLÄ)! + Käyttöjärjestelmän Kloonaus + Seuraavassa askeleessa, VeraCrypt luo piilotetun käyttöjärjestelmän kopioimalla järjestelmäosion sisällön piilotetulle taltiolle (kopioitava data salataan lennossa salausavaimella joka eroaa siitä mitä käytetään houkutuslintu käyttöjärjestelmälle).\n\nOle hyvä ja huomioi että prosessi suorittaa esikäynnistys ympäristössä (ennen kuin Windows käynnistyy) ja sen valmistuminen saattaa kestää kauemmin; useita tunteja tai jopa useita päiviä (riippuen järjestelmäosion koosta ja tietokoneen suorituskyvystä).\n\nSinun on mahdollista keskeyttää prosessi, sulkea tietokone, käynnistää käyttöjärjestelmä ja sitten aloittaa uudelleen prosessi. Kuitenkin, jos keskeytät sen, koko järjestelmän kopiointi prosessi täytyy aloittaa alusta (koska järjestelmäosion sisältö ei saa muuttua kloonauksen aikana). + Haluatko peruuttaa koko piilotetun käyttöjärjestelmän luonti tehtävän?\n\nHuomioi: EI ole mahdollista aloittaa tehtävää uudelleen jos keskeytät tehtävän nyt. + Haluatko perua järjestelmän salauksen esitestauksen? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + järjestelmäosio/asema ei ole salattu (ei osittain eikä täysin). + järjestelmäosio/asema on suojattu (osittain tai täysin).\n\nValitse salauksenpurku järjestelmäosiolle/asemalle pelkästään ennen suoritusta. Tee näin, valitse 'Järjestelmä' > 'Pysyvästi salasanapurettu järjestelmäosio/asema' menusta VeraCrypt pääikkunasta. + Kun järjestelmäosio/asema on salattu (osittain tai täysin), et voi käyttää vanhempaa versiota VeraCrypt ohjelmasta (mutta voit päivittää sen tai uudelleen asentaa saman version). + järjestelmäosio/asema on nykyisellään salattu, salapurettu tai muutoin muokattu. Keskeytä salaus/salauksenpurku/muokkaus toiminto (tai odota sen valmistumista) ennen kuin jatkat. + VeraCrypt Aseman Luonti Velhon käsittely on päällä tässä järjestelmässä järjestelmäosion/aseman salauksen/salauksenpurulla. Ennen kuin jatkat, odota sen päättymistä tai sulkemista. Jos et voi sulkea sitä, uudelleen käynnistä tietokoneesi ennen kuin jatkat. + Osion/aseman salaus tai salauksen purku prosessi ei ole valmistunut. Odota kunnes se on valmis ennen kuin jatkat. + Virhe: Osion/aseman salausprosessi ei ole valmistunut. Sen täytyy valmistua ensin. + Virhe: Salausprosessi osiolle/taltiolle ei ole suoritettu loppuun. Se pitää ensin suorittaa loppuun.\n\nTiedote: Aloittaaksesi prosessin uudelleen, valitse 'Taltiot' > 'Aloita Uudelleen Keskeytetty Prosessi' VeraCrypt pääikkunan menusta. + Salasana on oikea, VeraCrypt on onnistuneesti purkanut salauksen taltion otsikon ja havainnut että tämä taltio on piilotettu järjestelmätaltio. Kuitenkin, sinä et voi muokata otsikkoa piilotetulla taltiolla tätä kautta.\n\nMuuttaaksesi salasanan piilotetulle järjestelmätaltiolle, käynnistä käyttöjärjestelmä joka sijaitsee piilotetulla taltiolla, ja sitten valitse 'Järjestelmä' > 'Muuta Salasana' valinta menusta VeraCrypt pääikkunasta.\n\nAsettaaksesi Otsikkoavaimen periytyvän algoritmin, käynnistä piilotettu käyttöjärjestelmä ja valitse 'Järjestelmä' > 'Aseta Otsikkoavaimen Periytymisalgoritmi'. + VeraCrypt ei tue piilotetun järjestelmäosion käytössä olevaa salauksen purkua.\n\nHuomioi: Jos haluat purkaa salauksen houkutuslintu järjestelmäosiolta, käynnistä houkutuslintu järjestelmä, ja valitse 'Järjestelmä' > 'Avaa Pysyvästi Salausjärjestelmän Osiolle/Asemalle' menusta VeraCrypt pääikkunasta. + Virhe: Väärä/virheellinen parametri. + Olet valinnut osion tai laitteen, mutta opastuksen tilan, jonka valitsit on sopiva ainoastaan säilöille.\n\nHaluatko muuttaa opastuksen tilaa? + Haluatko luoda VeraCrypt tiedosto säilön sen sijaan? + Olet valinnut järjestelmäosion/aseman, mutta opastus tilassa valintasi on mahdollista ainoastaan ei-järjestelmäosioille/asemille.\n\nHaluatko luoda esikäynnistys autentikoinnin (tämä tarkoittaa että sinun tarvitsee antaa salasana joka kerta ennen kuin Windows käynnistyy) ja salata järjestelmäosio/asema? + Oletko varma, että todella haluat salapurkaa pysyvästi järjestelmän osion/levyn? + VAROITUS: Jos pysyvästi purat salatun järjestelmäosion/levyn, salaamaton tieto kirjoitetaan sen päälle.\n\nOletko varma, että todella haluat salapurkaa pysyvästi järjestelmän osion/levyn? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Varoitus: Jos käytät järjestelmä salaukselle salattua kytkentää, saatat kohdata seuraavat ongelmat:\n\n1) VeraCrypt Käynnistyslataaja on isompi kuin tavallisesti ja siksi ei ole riittävästi tilaa ensimmäisellä aseman uralla jotta VeraCrypt käynnistyslataaja voitaisiin varmuustallentaa. Näin ollen, milloin vain se vahingoittuu (jota usein tapahtuu, esimerkiksi, epäasiallisesti suunniteltu virustorjunta aktivointimenettely tietyillä ohjelmilla), sinun tarvitsee käyttää VeraCrypt Pelastuslevyä käynnistääksesi tai korjataksesi VeraCrypt Käynnistyslataajan.\n\n2) Joissakin tietokoneissa, paluu lepotilasta kestää kauemmin.\n\nNämä mahdolliset ongelmat voidaan ehkäistä valitsemalla ei-kytketty salausalgoritmi (esim. AES).\n\nOletko varma että haluat käyttää salattua kytkentää? + Jos kohtaat jokin aikaisemmin kuvatuista ongelmista, tee salauksen purku osiolla/levylle (jos sen on salattu) ja sitten yritä salata se uudelleen käyttäen non-cascade salausalgoritmia (kuten AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + VeraCrypt Käynnistys Lataajan versio numero tässä käyttöjärjestelmässä eroaa VeraCrypt ajurin versio numerosta (ja VeraCrypt sovelluksen) asennettuna tälle järjestelmälle.\n\nSinun tulee ajaa VeraCrypt asennus (jonka versio numero on sama kuin yhden VeraCrypt Käynnistys Lataajan) päivittääksesi VeraCrypt ohjelman tälle käyttöjärjestelmälle. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + VeraCrypt Käynnistyslataaja on päivitetty.\n\nVahvasti suosittelemme että luot uuden VeraCrypt Pelastuslevyn (joka sisältää uuden VeraCrypt version Käynnistys Lataajasta) valitsemalla 'Järjestelmä' > 'Luo Pelastuslevy' sen jälkeen kun uudelleen käynnistät tietokoneen. + VeraCrypt Käynnistys Lataaja on päivitetty.\n\nOn vahvasti suositeltavaa että käynnistät houkutuslintu käyttöjärjestelmän ja sitten luot uuden VeraCrypt Pelastuslevyn (mikä sisältää uuden version VeraCrypt Käynnistys Lataajasta) valitsemalla 'Järjestelmä' > 'Luo Pelastuslevy'. + VeraCrypt käynnistys lataajan päivittäminen epäonnistui. + VeraCrypt epäonnistui tunnistaessaan järjestelmä aseman todellisen koon ja siksi raportoitu käyttöjärjestelmä koko (mikä saattaa olla pienempi kuin todellinen koko) käytetään. Huomioi myös että tämä ei ole virhe VeraCrypt ohjelmassa. + VAROITUS: Näyttää siltä että VeraCrypt on jo yrittänyt havaita piilotetun sektorin järjestelmälevyltä. Jos kohtaat ongelmia edellisen tunnistuksen aikana, voit välttää ongelman ohittamalla tunnistuksen nyt. Huomioi, että teen niin, VeraCrypt käyttää kokoa jonka käyttöjärjestelmä on ilmoittanut (tämä saattaa olla pienempi kuin oikea aseman koko).\n\nHuomioi, että ongelma ei johdu virheestä VeraCrypt ohjelmassa. + Ohita piilotetun sektorin tunnistus (käytä käyttöjärjestelmän ilmoittamaa kokoa) + Yritä tunnistaa piilotetun sektorin koko uudelleen + Virhe: Yhden tai useamman sektorin sisältöä ei voida lukea (johtuen ehkä fyysisestä virheestä).\n\nPaikallaan salausprosessi voi jatkua ainoastaan kun sektori on luettavissa uudelleen. VeraCrypt voi yrittää tehdä nämä sektorit luettavaksi kirjoittamalla nollia sektorille (Myöhemmin tällaiset nollat lohkot salataan). Kuitenkin, huomioi että tieto tallennettuna lukemiseen kelpaamattomille sektoreille saattaa kadotat. Jos haluat ehkäistä tämän, voit yrittää varmuustallentaa osan tuhoutuneesta tiedosta käyttäen tarkoituksenmukaista kolmannen osapuolen työkaluja.\n\nHuomioi: Tapauksessa jossa on fyysisesti tuhoutuneita sektoreita (toisin kuin paljon tietoa turmeltunut tai virheellinen tarkistussumma) useimmista tallennettujen taltioiden sisäisistä uudelleenallokoiduista sektori tyypeistä kun tietoa on yritetty kirjoittaa niihin (niin olemassa oleva tieto tuhoutuneella sektorilla saattaa jäädä asemalle salaamattomaksi).\n\nHaluatko VeraCrypt kirjoittaa nollia lukemiseen kelpaamattomille sektoreille? + Virhe: Yhden tai useamman sektorin sisältöä levyllä ei voida lukea (mahdollisesti johtuen fyysisestä viasta).\n\nJotta salauksen purkamista olisi mahdollista jatkaa, VeraCrypt hylkää lukemiseen kelpaamattomien sektoreiden sisällön (sisältö korvataan näennäisarvo tiedolla). Huomioi, että ennen kuin jatkat, voit yrittää varmuuskopioida osan mistä tahansa vioittuneesta tiedosta käyttäen tarkoituksenmukaista kolmannen osapuolen työkaluja.\n\nHaluatko että VeraCrypt nyt hylkää lukemattomaksi kelpaamattomat sektorit? + Huomioi: VeraCrypt on korvannut sisällön %I64d lukukelvottomalla sektorilla (%s) salatulla kaikki nollatuilla lohkoilla. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Anna salasana/PIN merkille '%s': + Salliaksesi VeraCrypt pääsyn turvallisuustunnisteisiin tai älykorttiin, sinun tarvitsee asentaa PKCS #11 ohjelmisto kirjastomerkeille tai älykortille ensin. Tällainen kirjasto saatetaan toimittaa laitteen mukana tai se voi olla ladattavissa toimittajan web sivuilta tai muulta kolmannelta osapuolelta.\n\nKun olet asentanut kirjaston, voit joko valita sen käsin painamalla 'Valitse kirjasto' tai voit antaa VeraCrypt löytää sen ja valita sen automaattisesti painamalla 'Auto-tunnista Kirjasto' (vain Windows järjestelmä hakemisto tutkitaan). + Tiedote: Asennettu PKCS #11 kirjaston turvallisuustunniste tai älykortti tiedostonimelle ja sijainnille, mainitaan dokumentissa, joka on toimitettu tunnisteen, kortin tai kolmannen osapuolen ohjelmiston mukana.\n\nPaina 'OK' valitaksesi polun tai tiedostonimen. + Salliaksesi VeraCrypt pääsyn turvallisuustunnisteisiin tai älykorttiin, sinun tarvitsee asentaa PKCS #11 ohjelmistokirjasto tunnisteelle/älykortille ensin. Tehdäksesi näin, valitse 'Asetukset' > 'Turvallisuustunniste'. + Epäonnistunut alustus PKCS #11 turvallisuustunniste kirjastossa.\n\nVarmista, että määritelty polku ja tiedostonimi ovat oikein PKCS #11 kirjastolle. Määritykset PKCS #11 kirjasto polulle ja tiedostonimelle, valitse 'Asetukset' > 'Turvallisuustunnisteet'. + Ei yhtään PKCS #11 kirjastoa löydetty Windows järjestelmä hakemistosta.\n\nOle hyvä ja varmista, että PKCS #11 kirjasto turvallisuustunnisteelle (tai älykortille) on asennettuna (kuten kirjasto tuettuna merkillä/kortilla tai on mahdollisesti saatavissa ladattuna toimittajan webbi sivulta tai muulta kolmannelta osapuolelta). Jos se on asennettuna muuhun kuin Windows järjestelmä hakemistoon, paina 'Valitse Kirjasto' paikallistaaksesi kirjaston (esim. hakemistosta jonne tunniste/kortti ohjelmisto on asennettuna). + turvallisuustunnistetta ei löytynyt.\n\nOle hyvä ja varmista että turvallisuustunniste on kytkettynä tietokoneellesi ja oikea laiteajuri tunnisteelle on asennettuna. + turvallisuustunnisteen avaintiedostoa ei löytynyt. + turvallisuustunnisteen avaintiedosto samalla nimellä on jo olemassa. + Haluatko poistaa valitut tiedostot? + turvallisuustunnisteen avaintiedosto polku on virheellinen. + turvallisuustunniste virhe + Salasana turvallisuustunnisteelle on virheellinen. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + Kaikki avoimet turvallisuustunniste istunnot on suljettu. + Valitse Turvallisuustunniste Avaintiedostot + Korttipaikka + Merkin nimi + Tiedostonimi + TÄRKEÄÄ: Huomioi että esikäynnistys autentikointi salasanat ovat aina kirjoitettu käyttäen standardia US näppäimistöä. Siksi, taltio joka käyttää salasanaa kirjoitettuna Ei US näppäimistöllä saattaa olla mahdotonta kytkeä sitä käyttäen välimuisti esikäynnistys autentikointi salasanaa (huomioi että tämä ei ole virhe VeraCrypt ohjelmassa.) Salliaksesi tällaisen taltion kytkemisen käyttäen esiautentikointi salasanaa, seuraa näitä vaiheita:\n\n1) Paina 'Valitse Tiedosto' tai 'Valitse Asema' ja valitse taltio. 2) Valitse Taltiot' > 'Vaihda Taltion Salasana'. 3) Anna taltion nykyinen salasana. 4) Vaihda näppäimistö English (US) painamalla Kieli ikonia Windows tehtäväpalkissa ja valitse 'EN English (Unites States)'. 5) VeraCrypt ohjelmassa, uusi salasana kentässä, kirjoita esikäynnistys autentikointi salasana. 6) Cahvista uusi salasana uudelleen kirjoittamalla se vahvistus kenttään ja paina 'OK'. VAROITUS: Pidä mielessäsi, että jos seuraat näitä vaiheita, taltion salasana on täytynyt antaa aina käyttäen US näppäimistö asetuksia (joka on automaattisesti varmistettu esikäynnistys ympäristössä). + Järjestelmä suosikkitaltiot kytketään käyttäen esikäynnistys autentikointi salasanaa. Jos jokin järjestelmä taltio käyttää jotain toista salasanaa, sitä ei voida kytkeä. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + TÄRKEÄÄ: Pidä mielessäsi että jos tämä valinta on valittuna ja VeraCrypt ohjelmalla ei ole pääkäyttäjän oikeuksia, kytketty järjestelmän suosikkitaltiot EIVÄT ole näytettyinä VeraCrypt sovellus ikkunassa ja niitä ei voida pois-kytkeä. Siksi, jos sinun tarvitse esim. kytkeä järjestelmän suosikkitaltio, paina hiiren oikeaa VeraCrypt ikonista (Käynnistys valikosta) ja valitse 'Aja pääkäyttäjänä' ensin. Sama rajoitus on 'Pois-Kytke Kaikki', 'Auto-Poiskytke', 'Pois-Kytke Kaikki' pikanäppäimet. + Note that this setting takes effect only after the operating system is restarted. + Virhe komento rivillä. + Pelastuslevy + Valitse &Tiedosto ja Kytke.. + Valitse &Laite ja Kytke.. + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Varoitus: Taltion tiedostojärjestelmä kytkettynä '%s' ei ole oikein pois kytketty ja siksi se saattaa sisältää virheitä. Käyttämällä viallista tiedostojärjestelmää voi johtaa tietojen häviämiseen tai tietojen tuhoutumiseen.\n\nHuomioi: Ennen kuin se fyysisesti poistetaan tai virta kytketään pois (kuten USB muistitikku tai ulkoinen kovalevy) missä kytketty VeraCrypt taltio sijaitsee, sinun tulee pois kytkeä aina VeraCrypt taltiolta ensin VeraCrypt.\n\n\nHaluatko että Windows yrittää havaita ja korjata virheet (jos jotain löytyy) tiedostojärjestelmästä? + Varoitus: Yksi tai useampia suosikkitaltioita eivät ole puhtaasti pois-kytketyitä ja siksi saattaa sisältää tiedostojärjestelmä virheitä. Katso tarkemmin järjestelmä tapahtuma lokista.\n\nVirheellistä tiedostojärjestelmää käytettäessä saattaa aiheutua tietojen häviämistä tai tietojen korruptoitumista. Voit tarkistaa vaikutukset järjestelmän suosikkitaltion(oiden) virheistä (hiiren oikea painallus jokaiselle niille VeraCrypt ohjelmassa ja valitse 'Korjaa Tiedostojärjestelmä'). + Varoitus: Korjataksesi vahingoittunut tiedostojärjestelmä käyttäen Microsoft 'chkdsk' työkalua, saattaa aiheuttaa tiedostojen häviämisen vioittuneella alueelle. Tämän vuoksi, on suositeltavaa että ensiksi varmuustallennat VeraCrypt taltion tiedostot, toimivalle VeraCrypt taltiolle.\n\nHaluatko nyt korjata tiedostojärjestelmän? + Taltio '%s' on yhdistetty vain lukutilaan, koska kirjoitus oikeudet on estetty.\n\nVarmista, että tiedostosäilön suojaoikeudet sallii sinun kirjoittaa sille (paina hiiren oikeaa säilössä ja valitse Ominaisuudet > Turvallisuus).\n\nHuomioi, koskien Windows ongelmaa, sinä saatat nähdä tämän varoituksen vaikka olisit asettanut mahdolliset turvallisuus oikeudet. Tämä ei johdu virheestä VeraCrypt ohjelmassa. Mahdollinen ratkaisu tähän on siirtää säilö esim. sinun 'Dokumentit' kansioon.\n\n Jos sinä aiot pitää taltiosi vain lukutilassa, aseta säilön vain lukutila attribuutti (hiiren oikea ja valitse Ominaisuudet > Lukutila), joka estää tämän varoituksen. + Taltio '%s' on yhdistetty vain lukutilaan koska kirjoitus oikeudet on evätty.\n\nVarmista etteivät (esim. virustorjunta ohjelmisto) ole käytössä osiolla/laitella jossa taltio on isännöitynä. + Taltio '%s' on yhdistetty vain lukutilaan koska käyttöjärjestelmä raportoi isäntä aseman olevan kirjoitussuojatun.\n\nHuomioi että jotkin käyttäjän laiteajurit ovat raportoineet johtuen kirjoitettavan median olevan virheellisesti kirjoitussuojatun. Tämä ongelma ei johdu VeraCrypt ohjelmasta. Se voidaan ratkaista päivittämällä tai poistamalla jokin käyttäjän (ei-Microsoft) laiteajurit jotka ovat nykyään asennettuina tähän järjestelmään. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Haluatko että VeraCrypt yrittää poistaa osion/aseman kirjoitussuojauksen? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Testi + Avaintiedosto + Takaisin + Tab + Tyhjennä + Paina + Tauko + Caps Lock + Välilyönti + Sivu ylös + Sivu alas + End + Home + Nuoli vasemmalle + Nuoli ylös + Nuoli oikealle + Nuoli alas + Valinta näppäin + Tulostus näppäin + Suoritus näppäin + Tulosta ruutu + Lisää + Poista + Sovellus näppäin + Nuku + Num Lock + Scroll Lock + Selaa Takaisin + Selaa eteenpäin + Päivitä selaus + Pysäytä selaus + Selaa Etsi + Selaa suosikit + Selaa Home + Mykistä + Hiljennä + Voimista + Seuraava raita + Edellinen raita + Pysäytä Media + Soita/Tauko Media + Start Mail Key + Valitse Media + Sovellus 1 + Sovellus 2 + Attn + CrSel + ExSel + Soita + Zoomaa + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.fr.xml b/Translations/Language.fr.xml index f2530c43..27c9c93d 100644 --- a/Translations/Language.fr.xml +++ b/Translations/Language.fr.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Annuler - Installer pour tous les utilisateurs - &Parcourir... - Icône de VeraCrypt sur le Bureau - Faire un don... - Associer l'extension '.hc' à VeraCrypt - Ouvrir le dossier de destination après l'installation - Ajouter VeraCrypt au menu Démarrer - Créer un point de restauration système - &Désinstaller - &Extraire - &Installer - Assistant d'installation de VeraCrypt - Désinstaller VeraCrypt - &Aide - Sélectionner ou saisir l'emplacement où vous désirez extraire les fichiers : - Sélectionner ou saisir l'emplacement où vous désirez installer le programme VeraCrypt. Si le dossier spécifié n'existe pas, il sera automatiquement créé. - Cliquer sur 'Désinstaller' pour supprimer VeraCrypt de votre système. - Arrêter - &Benchmark - &Tester - Créer un volume chiffré et le formater - Chiffrer la partition en place - Afficher les clés générées (une partie) - Afficher le nombre aléatoire - Télécharger le logiciel de gravure de CD/DVD - Créer un fichier conteneur chiffré - &Go - &To - Plus d'infos - Volume VeraCrypt &caché - Plus d'infos sur les volumes cachés - Mode direct - Mode normal - &Ko - &Utiliser fichiers clés - Essayer d'abords de monter avec un mot de passe vide - Taille aléatoire ( 64 <-> 1048576 ) - &Fichiers clés... - Infos : algorithmes de hachage - Plus d'infos - Plus d'info sur le PIM - &Mo - Plus d'infos - Plus d'infos sur le système de chiffrement - Plus d'infos - Amorçage multiple - Chiffrer une partition/un disque non système - &Ne jamais enregistrer l'historique - Ouvrir le volume externe - &Pause - Saisir un P&IM - Saisir un PIM - Formatage rapide - &Afficher le mot de passe - &Afficher le mot de passe - &Afficher le PIM - Amorçage - Volume VeraCrypt standard - &Caché - Normal - Chiffrer la partition ou l'intégralité du disque système - Chiffrer la partition système Windows - Chiffrer l'intégralité du disque - Assistant de création de volume VeraCrypt - Cluster - IMPORTANT : Déplacez votre souris dans cette fenêtre aussi aléatoirement que possible. Plus longtemps vous la bougez, mieux c'est. Cela accroît significativement la force cryptographique des clés de chiffrement. Cliquez sur 'Suivant' pour poursuivre. - &Confirmer : - Fait à - Lettre de lecteur : - Algorithme de chiffrement - Système - Crée un disque virtuel chiffré dans un fichier. Recommandé pour les utilisateurs novices. - Options - Algorithme de hachage - Clé d'en-tête : - Reste - Clé principale : - Sélectionner cette option s'il y a au moins deux systèmes d'exploitation installés sur cet ordinateur.\n\nPar exemple :\n- Windows 2000 et Windows XP\n- Windows XP et Windows Vista\n- Windows et Mac OS X\n- Windows et Linux\n- Windows, Linux et Mac OS X - Chiffre une partition non système sur tout disque interne ou externe (ex : clé USB). Optionnellement, crée un volume caché. - Nombre aléatoire actuel (une partie) - Passe - Mot de passe : - PIM du volume: - PIM du volume: - Progression : - Nb aléatoire : - Sélectionner cette option s'il n'y a qu'un seul système d'exploitation installé sur cette machine (même s'il y a plusieurs utilisateurs). - Vitesse - État - Les clés, le sel et d'autres données ont été générés avec succès. Si vous désirez générer de nouvelles clés, cliquez sur 'Précédent' puis 'Suivant'. Sinon cliquez sur 'Suivant' pour poursuivre. - Chiffre la partition/le disque où est installé Windows. Qui veut accéder au système, lire/écrire des fichiers, etc., devra entrer le bon mot de passe à chaque fois que Windows démarre. Crée un système caché (optionnel). - Sélectionnez cette option pour chiffrer la partition où le système d'exploitation Windows en cours d'utilisation est installé. - Label du volume dans Windows: - Mode de nettoyage : - Fermer - Permet de contourner l'&authentification de pré-amorçage en appuyant sur la touche Esc (active le gestionnaire de démarrage) - Ne rien faire - &Montage automatique d'un volume VeraCrypt (ci-dessous) - &Exécuter VeraCrypt - &Détecter bibliothèque - &Cache du mot de passe d'authentification de pré-amorçage dans le pilote mémoire (pour le montage de volumes non-système) - Parcourir... - Parcourir... - Mots de passe et fichiers clés en cache - Quitter quand il n'y a aucun volume monté - &Fermer la session de jeton de sécurité (déconnexion) après un montage de volume réussi - Inclure l'outil d'agrandissement de volume VeraCrypt - Inclure l'assistant de création de volume VeraCrypt - Créer - Créer un volume - Ne &montrer aucun texte dans l'écran d'authentification de pré-amorçage (excepté le message ci-dessous) - Désactiver la détection des attaques de type "Evil Maid" - Accélérer le chiffrement/déchiffrement AES en utilisant les instructions AES du processeur (si disponible) - Fichiers clés - Fichiers clés - &Quitter - Aide sur les volumes favoris - Ne pas monter le volume sélectionné quand le &raccourci de "Monter les volumes favoris" est pressé - Monter le volume sélectionné quand son appareil hôte est &connecté - Monter le volume sélectionné à l'&ouverture de session - Monter le volume sélectionné en &lecture seule - Monter le volume sélectionné en tant que support amo&vible - &Descendre - &Monter - Ouvrir une fenêtre de l'&Explorateur pour le volume sélectionné quand il est monté avec succès - &Supprimer - Utiliser le label du favori comme label du lecteur dans l'Explorateur - Paramètres globaux - Afficher une infobulle après un démontage par raccourci réussi - Jouer un son de notification système après un démontage par raccourci réussi - Alt - Ctrl - Maj - Win - Affecter - Enlever - Fichiers clés... - Ne pas utiliser le nombre de processeurs suivant pour le chiffrement/déchiffrement : - Plus d'infos - Plus d'infos - Plus de paramètres... - Montage &automatique - Opti&ons... - Monter le volume en lecture &seule - Fichiers clés... - (Vide or 0 pour valeur par défaut) - (Vide or 0 pour valeur par défaut) - Activer - Mots de passe en cache - Démontage automatique quand aucune donnée n'a été lue/écrite durant - L'utilisateur se déconnecte - L'utilisateur verrouille la session - Le PC passe en mise en veille - L'écran de veille est activé - Forcer le démontage automatique même s'il y a encore des fichiers ouverts - Monter tous les volumes VeraCrypt - Démarre la tâche de fond VeraCrypt - Monter les volumes en lecture seule - Monter les volumes comme des médias amovibles - Ouvrir la fenêtre de l'Explorateur des volumes montés avec succès - Temporairement mettre le mot de passe en cache pendant le montage des favoris - Utiliser une icône de barre des tâches différente quand il y a des volumes montés - Vider le cache des mots de passe au démontage - Vider le cache des mots de passe en quittant - Preserve les modifications d'horodatage des conteneurs de fichiers - Réinitialiser - &Périphérique... - &Fichier... - &Bibliothèque... - Afficher mot de passe - Afficher mot de passe - Ouvrir l'&Explorateur pour le volume monté - Mot de passe en &cache - Mode TrueCrypt - &Tout démonter - &Propriétés du volume - &Outils pour le volume - &Vider le cache - VeraCrypt - Paramèters montage - VeraCrypt - Volumes favoris - VeraCrypt - Raccourcis système - VeraCrypt - Modifier le mot de passe ou les fichiers clés - Entrer le mot de passe du volume VeraCrypt - VeraCrypt - Options de performance et configuration du pilote - VeraCrypt - Préférences - VeraCrypt - Paramètres de chiffrement du système - VeraCrypt - Jeton de sécurité - Préférences - Paramétrage du disque nomade VeraCrypt - Propriétés du volume VeraCrypt - À propos... - Ajouter/Supprimer des fichiers clés au/du volume... - Ajouter un volume monté aux favoris... - Ajouter un volume monté aux favoris système... - Analyser une panne système... - Sauvegarder l'en-tête du volume... - Banc de test... - Paramétrer l'algorithme de dérivation de la clé d'en-tête... - Modifier le mot de passe du volume - Paramétrer l'algorithme de dérivation de la clé d'en-tête... - Modifier le mot de passe... - Effacer l'historique du volume - Fermer toutes les sessions de jeton de sécurité - Contact... - Créer un système d'exploitation caché... - Créer un disque de secours... - Créer un nouveau volume... - Déchiffrer définitivement... - Fichiers clés par défaut... - Paramètres de montage par défaut... - Faire un don... - Chiffrer la partition/le disque système... - Foire aux questions - Guide de l'utilisateur - &Site web - Raccourcis... - Générateur de fichier clé - Langue... - Mentions légales - Gérer les fichiers clés de jeton de sécurité... - Monter automatiquement tous les volumes hébergeant un périphérique - Monter les volumes favoris - Monter sans &authentification lors du pré-amorçage... - Monter le volume - Monter le volume avec des options - Quoi de neuf - Aide en ligne - Didactitiel pour débuter - Organiser les volumes favoris... - Organiser les volumes système favoris... - Performances et Configuration du pilote - Déchiffrer définitivement la partition/le disque système - Préférences... - Actualiser les lettres de lecteur - Supprimer tous les fichiers clés du volume... - Restaurer l'en-tête du volume... - Reprendre un processus interrompu - Périphérique... - Fichier... - Reprendre un processus interrompu - Chiffrement du système... - Propriétés... - Paramètres... - Volumes système favoris... - Téléchargements - Vecteurs test... - Jetons de sécurité... - Paramétrage du disque nomade VeraCrypt... - Démonter tous les volumes montés - Démonter le volume - Vérifier le disque de secours - Vérifier l'image ISO du disque de secours - Historique - Agrandir un volume - Propriétés du volume - Assistant de création de volume - Site web VeraCrypt - Vider le cache des mots de passe - OK - Accélération matérielle - Raccourci - Configuration de l'exécution automatique (autorun.inf) - Démontage automatique - Tout démonter si : - Options de l'écran du chargeur d'amorçage - Confirmer : - Actuel - Afficher ce message dans l'écran d'authentification de pré-amorçage (24 caractères maximum) : - Options de montage par défaut - Options de raccourci - Configuration du pilote - Activer le support des codes de contrôle étendus pour disques - Label du volume favoris sélectionné : - Paramètres de fichier - Touche : - Le processeur (CPU) de cet ordinateur supporte l'accélération matérielle pour AES : - Actions à effectuer à l'ouverture d'une session Windows - minutes - Monter le volume avec la lettre de lecteur : - Paramètres de montage - Nouveau - Mot de passe : - Parallélisation - Chemin de bibliothèque PKCS #11 - PKCS-5 PRF : - PKCS-5 PRF: - Mots de passe en cache - Options de sécurité - Tâche de fond VeraCrypt - Volume VeraCrypt à monter (par rapport à la racine du disque nomade) : - À l'insertion du disque nomade : - Créer des fichiers pour le disque nomade sur (racine du disque nomade) : - Volume - Windows - Ajouter un &chemin - &Auto-tests - &Continuer - &Déchiffrer - &Effacer - &Chiffrer - &Exporter... - Générer et sauvegarder le fichier clé... - &Générer aléatoirement un fichier clé - Télécharger un fichier de langue - AES accéléré matériellement : - &Importer un fichier clé dans un jeton... - Ajouter &fichiers... - &Utiliser les fichiers clés - Fichiers &clés... - &Supprimer - &Tout supprimer - Qu'est-ce que la protection d'un volume caché ? - Plus d'infos sur les fichiers clés - Monter le volume comme un &média amovible - Monter la partition &avec chiffr. syst. sans authentification au pré-amorçage - Parallélisation : - Évaluer - &Imprimer - &Empêcher les dommages causés en écrivant dans le volume externe - &Réinitialiser - &Afficher mot de passe - Ajouter &Fichiers jeton... - Utiliser l'en-tête de sauvegarde incorporé dans le &volume s'il est disponible - Mode XTS - À propos de VeraCrypt - VeraCrypt - Banc de test de l'algorithme de chiffrement - VeraCrypt - Vecteurs test - Aide sur la commande en ligne - VeraCrypt - Fichiers clés - VeraCrypt - Générateur de fichier clé - VeraCrypt - Langue - VeraCrypt - Options de montage - Nouvelles propriétés du jeton de sécurité du fichier clé - VeraCrypt - Amélioration de la génération de nombres aléatoires - Sélectionner une partition ou un périphérique - VeraCrypt - Jeton de sécurité des fichiers clés - Mot de passe/code PIN du jeton de sécurité requis - Fichier de la langue en cours d'utilisation - La vitesse est affectée par la charge du CPU ainsi que par les caractéristiques du périphérique de stockage.\n\nCes tests ont lieu en RAM. - Tampon : - Chiffrement : - &Mot de passe du volume caché :\n(s'il est vide, celui en cache sera utilisé) - Protection du volume caché - Taille de la clé : - IMPORTANT : Déplacez aléatoirement la souris dans cette fenêtre. Plus longtemps vous le faites, mieux c'est. Cela accroît significativement la force cryptographique du fichier clé. - AVERTISSEMENT : Si vous perdez un fichier clé ou si tout bit de ses 1024 premiers kilooctets change, il sera impossible de monter les volumes utilisant ce fichier clé ! - bits - Nombre de fichiers clé: - Taille fichiers clé (en Octets): - Nom de base fichiers clé: - Traduit par : - Taille text en clair : - bits - Réserve de nombres aléatoires - Mélange PRF : - IMPORTANT : Déplacez aléatoirement la souris dans cette fenêtre. Plus longtemps vous le faites, mieux c'est. Cela augmente significativement la sécurité. Lorsque vous avez terminé, cliquez sur 'Continuer'. - Clé secondaire (hexadécimal) - Jeton de sécurité : - Méthode de tri : - Merci de patienter. Cette opération peut prendre beaucoup de temps... - Merci de patienter...\nCette opération peut prendre beaucoup de temps et la fenêtre de VeraCrypt peut se figer et ne plus répondre. - Nombre de blocs : - Cryptogramme (hexadécimal) - Nombre d'unité de données (hexadécimal de 64 bits, taille d'une unité = 512 octets) - Clé (hexadécimal) - Texte en clair (hexadecimal) - Nom du fichier clé : - Mode XTS - S&ystème - &Volumes - Favor&is - &Outils - &Paramètres - &Aide - &Site Web - - À &propos... - L'attribut lecture seule sur votre ancien volume n'a pas pû être changé. Vérifiez les permissions d'accès. - Erreur : Accès refusé.\n\nLa partition à laquelle vous essayez d'accéder fait soit zéro secteur de long, soit il s'agit du périphérique d'amorçage. - Administrateur - Pour charger le pilote VeraCrypt, vous avez besoin d'être connecté avec un compte ayant des privilèges d'administrateur. - Notez que pour chiffrer/déchiffrer/formater une partition/un périphérique vous devez être connecté avec un compte possédant des privilèges d'administrateur.\n\nCela ne s'applique pas aux volumes hébergeant un fichier. - Pour créer un volume caché vous devez être connecté à un compte possédant des privilèges d'administrateur.\n\nContinuer ? - Notez que pour formater le volume en NTFS/exFAT vous devez être connecté avec un compte possédant des privilèges d'administrateur.\n\nSans privilèges d'administrateur, vous pouvez formater le volume en FAT. - Algorithme cryptographique (Rijndael, publié en 1998) approuvé par la FIPS, qui peut être utilisé par les agences/départements fédéraux américains pour protéger cryptographiquement les informations sensibles. Clé à 256 bits, bloc de 128 bits, 14 rondes (AES-256). Le mode opératoire est XTS. - Le volume est déjà monté. - ATTENTION : Au moins un algorithme de chiffrement ou de hachage a échoué aux tests automatiques ! L'installation de VeraCrypt peut être corrompue. - ATTENTION : Il n'y a pas assez de données dans la réserve du générateur de nombres aléatoires pour fournir la quantité de données aléatoires demandée.\n\nVous ne devriez pas continuer. Sélectionnez 'Signaler un bogue' depuis le menu d'aide. - Le disque est endommagé (il y a un défaut physique dessus) ou un câble est endommagé, ou la mémoire fonctionne mal.\n\nNotez qu'il s'agit d'un problème avec votre matériel, pas avec VeraCrypt. Aussi ne rapportez PAS ceci comme un bogue/un problème dans VeraCrypt et ne demandez pas non plus d'aide pour cela dans les forums de VeraCrypt. Contactez le support technique de votre revendeur de matériel informatique pour une assistance. Merci.\n\nRemarque : Si l'erreur se répète au même endroit, cela est vraisemblablement la faute d'un mauvais bloc du disque dur, qui pourrait être corrigée avec un logiciel tiers (notez que dans de nombreux cas, la commande 'chkdsk /r' ne corrige rien parce qu'elle ne fonctionne qu'au niveau du système de fichiers. Dans certain cas, l'outil 'chkdsk' ne la détecte même pas). - Si vous utilisez un périphérique amovible, assurez-vous qu'un média y est inséré. Le lecteur/média peut aussi être endommagé (il peut y avoir un défaut physique) ou un câble peut être endommagé/déconnecté. - Votre système semble utiliser un pilote de périphérique tiers (non Microsoft) contenant un bug qui empêche le chiffrement de la totalité du lecteur système.\n\nEssayer de mettre à jour ou désinstaller tout pilote de périphérique tiers avant de continuer. Si cela ne résoud pas le problème, essayez de chiffrer uniquement la partition système. - Lettre de lecteur invalide. - Emplacement invalide. - Annuler - Impossible d'accéder au périphérique. Vérifiez qu'il existe et qu'il n'est pas utilisé par le système. - Avertissement : Majuscules activées. Ceci peut vous empêcher de saisir correctement votre mot de passe. - Type de volume - Il se peut que vous soyez forcé par quelqu'un de révéler votre mot de passe. Il y a des situations où vous ne pouvez pas refuser de divulguer le mot de passe (ex : par une extorsion). L'utilisation d'un volume caché vous permet de résoudre de telles situations sans donner le mot de passe de votre volume. - Sélectionnez cette option si vous voulez créer un volume VeraCrypt normal. - Notez que si vous désirez installer un système d'exploitation dans un volume hébergeant une partition cachée, alors l'intégralité du disque système ne pourra pas être chiffré avec une seule clé. - Options de chiffrement du volume externe - Options de chiffrement du volume caché - Options de chiffrement - AVERTISSEMENT : L'effacement de l'emplacement du dernier volume/fichier clé sélectionné a échoué (enregistré par le sélecteur de fichiers) ! - Erreur : Le volume a été compressé au niveau du système d'exploitation. VeraCrypt ne supporte pas les conteneurs compressés (notez que la compression de données chiffrées est inefficace et redondante).\n\nDésactivez la compression du conteneur en suivant ces étapes : 1) Cliquez-droit sur le conteneur (dans l'Explorateur de Windows). 2) Sélectionnez 'Propriétés'. 3) Sur l'onglet 'Général', cliquez sur 'Avancé'. 4) Dans 'Attributs avancés' décochez 'Compresser le contenu pour minimiser l'espace disque nécessaire'. Cliquez 'OK'. 5) Dans 'Propriétés', cliquez 'OK'. - La création du volume %s a échoué - La taille de %s est de %.2f octets - La taille de %s est de %.2f Ko - La taille de %s est de %.2f Mo - La taille de %s est de %.2f Go - La taille de %s est de %.2f To - La taille de %s est de %.2f Po - AVERTISSEMENT : La partition/le périphérique est utilisé par le système ou par une application. Formater peut conduire à une perte de données ou une instabilité du système.\n\nContinuer ? - AVERTISSEMENT : La partition est utilisée par le système ou une application. Vous devriez fermer toute application qui pourrait utiliser la partition (logiciel antivirus inclus).\n\nContinuer ? - Erreur : Le périphérique/la partition contient un système de fichiers qui n'a pas pû être démonté. Le système de fichiers peut être utilisé par le système d'exploitation. Formater le périphérique/la partition peut conduire à la corruption des données et à l'instabilité du système.\n\n Pour résoudre ce problème, il est recommandé de supprimer la partition puis de la recréer sans la formater. Pour se faire, faites comme suit : 1) Cliquez-droit sur 'Poste de Travail', sélectionnez 'Gérer'. La fenêtre 'Gestion de l'ordinateur' devrait apparaître. 2) Dans 'Gestion de l'ordinateur' sélectionnez 'Stockage' > 'Gestion des disques'. 3) Cliquez-droit sur la partition à chiffrer puis choisissez soit 'Supprimer la partition' soit 'Supprimer le volume' ou 'Supprimer le disque logique'. 4) Cliquez 'Oui'. Si Windows propose de redémarrer, faites-le. Puis répétez les étapes 1 et 2 puis continuez à partir de l'étape 5. 5) Cliquez-droit sur l'espace libre et choisissez soit 'Nouvelle partition' soit 'Nouveau volume simple' ou 'Nouveau disque logique'. 6) La fenêtre d'un assistant apparaît, suivez ses instructions. Sur la page de l'assistant intitulée 'Formater la partition' choisissez soit 'Ne pas formater cette partition' ou 'Ne pas formater ce volume'. Cliquez sur 'Suivant'. Puis sur 'Terminer'. 7) Notez que le chemin du périphérique sélectionné dans VeraCrypt peut être désormais erroné. Aussi quittez l'assistant de création de volume VeraCrypt si besoin est et relancez-le. 8) Dans VeraCrypt, essayez à nouveau de chiffrer le périphérique/la partition.\n\nSi VeraCrypt continue d'échouer lors du chiffrement, pensez alors à créer un fichier conteneur à la place. - Erreur : Le système de fichiers ne peut pas être vérouillé et/ou démonté. Il peut être utilisé par le système d'exploitation ou des applications (comme un logiciel antivirus). Chiffrer la partition pourrait causer une corruption de données et une instabilité du système.\n\nVeuillez fermer toute application pouvant utiliser le système de fichers et essayez à nouveau. Si cela ne résoud pas le problème, veuillez suivre les étapes ci-dessous. - AVERTISSEMENT : Certains périphériques/partitions étaient déjà en cours d'utilisation !\n\nL'ignorer peut causer des résultats indésirables.\n\nNous vous recommandons de fermer toutes les applications pouvant utiliser les périphériques/les partitions. - Le périphérique contient des partitions.\n\nFormater le périphérique peut conduire à l'instabilité du système et/ou la corruption des données. Sélectionnez une partition sur le périphérique ou enlevez toutes les partitions du périphérique pour permettre à VeraCrypt de formater en toute sécurité. - Le lecteur sélectionné contient des partitions non-systèmes.\n\nLes volumes VeraCrypt peuvent être créés sur un lecteur ne contenant pas de partitions (cela inclut les disques durs et les SSD). Un lecteur contenant des partitions peut être entièrement chiffré (en utilisant une clé maître) seulement si c'est le lecteur où est installé Windows et qu'il est bootable.\n\nSi vous voulez chiffrer le lecteur non-système sélectionné en utlisant une clé maître, vous devrez préalablement retirer toutes les partitions situées sur le lecteur pour permettre à VeraCrypt de le formater de manière sécurisé (formater un lecteur contenant des partitions pourrait causer une instabilité système et/ou une corruption de données). Sinon, vous pouvez chiffrer individuellement chaque partition du lecteur (chaque partition sera chiffrée en utilisant une clé maître différente).\n\nRemarque : Si vous souhaitez supprimer toutes les partitions d'un disque GPT, il faudra le convertir en disque MBR (en utilisant par exemple les outils de gestion de l'ordinateur) afin de supprimer des partitions cachées. - AVERTISSEMENT : Si vous chiffrez complètement un lecteur (par opposition au chiffrage d'une partition sur celui-ci), le système d'exploitation considérera le lecteur comme nouveau, vide, et non formatté (comme s'il ne contenait pas de table de partition) et pourrait spontanément l'initialiser (ou vous demander si vous voulez le faire), ce qui pourrait endommager le volume. En outre, il ne sera pas toujours possible de monter le volume en tant que favori (ex : quand le numéro de lecteur change) ou attribuer un label au volume.\n\nPour empêcher cela, vous pouvez envisager de créer une partition sur le lecteur et la chiffrer.\n\nÊtes-vous sûr de vouloir chiffrer complètement le lecteur ? - IMPORTANT : Gardez à l'esprit que ce volume ne peut pas être monté ou accessible en utilisant l'unité logique %c: qui lui est actuellement assigné !\n\nPour monter ce volume, cliquez sur 'Montage automatique des lecteurs' dans la fenêtre principale de VeraCrypt (sinon, dans la fenêtre principale de VeraCrypt, cliquez 'Selectionner un lecteur', choisissez le lecteur/partition, et cliquez sur 'Monter'). Ce volume sera monté sur une unité logique différente, que vous pouvez sélectionner dans la fenêtre principale de Veracrypt.\n\nL'unité logique %c ne devrait être utilisée que dans le cas où vous avez besoin de retirer le chiffrage du lecteur ou de la partition (par exemple, si vous n'avez pas besoin de chiffrage). Dans ce cas, faites un clic droit sur la lettre %c: du lecteur et sélectionnez 'Formater'. Par ailleurs, l'unité logique %c: ne devrait jamais être utilisée (sauf si vous la retirez et l'assignez à un autre lecteur/partition, comme décrit par exemple dans la FAQ de VeraCrypt). - Le chiffrement sur place des volumes non-système n'est pas supporté par la version du système d'exploitation que vous utilisez (il est pris en charge uniquement sur Windows Vista et les versions ultérieures de Windows).\n\nLa raison est que cette version de Windows ne supporte pas la réduction du système de fichiers (le système de fichiers doit être réduit pour faire place à l'en-tête de volume et l'en-tête de sauvegarde). - La partition sélectionnée ne semble pas contenir un système de fichiers NTFS. Seules les partitions qui contiennent un système de fichiers NTFS peuvent être cryptées sur place.\n\nRemarque : la raison est que Windows ne supporte pas la réduction des autres types de systèmes de fichiers (le système de fichiers doit être rétréci pour faire place à l'en-tête de volume et l'en-tête de sauvegarde). - La partition sélectionnée ne semble pas contenir un système de fichiers NTFS. Seules les partitions qui contiennent un système de fichiers NTFS peuvent être chiffrées sur place.\n\nSi vous souhaitez créer un volume chiffré de VeraCrypt dans cette partition, choisissez l'option « Créer le volume chiffré et formatez-le » (au lieu de l'option "Chiffrer la partition en place"). - Erreur : La partition est trop petite. VeraCrypt ne peut pas la chiffrer. - Pour chiffrer les données sur cette partition, suivez ces étapes : \n\n1) Créez un volume VeraCrypt sur un lecteur/partition vide, puis montez-le. \n\n2) Copiez tous les fichiers de la partition que vous avez initialement voulu chiffrer vers le volume VeraCrypt qui a été créé et monté à l'étape 1). De cette façon, vous allez créer une sauvegarde chiffrée VeraCrypt des données.\n\n3) Créez un volume VeraCrypt sur la partition que vous avez initialement voulu chiffrer et assurez-vous que dans l'Assistant de VeraCrypt vous choisissez l'option "Créer le volume chiffré et formatez-le" (au lieu de l'option "Chiffrer la partition en place"). Notez que toutes les données stockées sur la partition seront effacées. Après avoir créé le volume, montez-le \n\n4) Copiez tous les fichiers du volume VeraCrypt créé et monté à l'étape 1 vers le volume VeraCrypt vréé et monté à l'étape 3.\n\nAprès avoir effectué ces étapes, les données seront chiffrées et, en outre, il y aura une sauvegarde chiffrée des données. - VeraCrypt peut uniquement chiffrer une partition en place, un volume dynamique, ou un lecteur complet.\n\nSi vous souhaitez créer un volume chiffré VeraCrypt sur le lecteur non système sélectionné, choisissez l'option « Créez le volume chiffré et formatez-le » (au lieu de l'option "Chiffrer la partition en place"). - Erreur : VeraCrypt peut uniquement chiffrer une partition, un volume dynamique ou un lecteur complet. Assurez-vous que le chemin d'accès spécifié est valide. - Erreur : Impossible de réduire le système de fichiers (le système de fichiers doit être réduit pour libérer de l'espace pour l'en-tête de volume et l'en-tête de sauvegarde).\n\nPossible causes et solutions : \n\n- Il n'y a pas assez d'espace libre sur le volume. Assurez-vous qu'aucune autre application n'écrit sur le système de fichiers.\n\n- Le système de fichiers est corrompu. Essayez de vérifier et de corriger les erreurs (cliquez avec le bouton droit sur l'unité logique correspondante dans la liste « Ordinateur », puis sélectionnez Propriétés > Outils > « Vérifier maintenant », assurez-vous que l'option « corriger automatiquement les erreurs de système de fichier » est activée, puis cliquez sur Démarrer).\n\nSi les étapes ci-dessus ne résolvent pas le problème, veuillez suivre les étapes suivantes. - Erreur : Il n'y a pas suffisamment d'espace libre sur le volume et donc le système de fichiers ne peut pas être réduit (le système de fichiers doit être réduit pour libérer de l'espace pour l'en-tête de volume et l'en-tête de sauvegarde).\n\nSupprimez tous les fichiers redondants et videz la corbeille afin de libérer au moins 256 Ko d'espace et puis essayez à nouveau. Notez qu'en raison d'un problème de Windows, la quantité d'espace libre, rapporté par l'Explorateur Windows peut être incorrecte jusqu'au redémarrage du système d'exploitation. Si le redémarrage du système ne suffit pas, le système de fichiers est endommagé. Essayez de vérifier et de corriger les erreurs (cliquez avec le bouton droit sur l'unité logique correspondante dans la liste « Ordinateur », puis sélectionnez Propriétés > Outils > « Vérifier maintenant », assurez-vous que l'option « corriger automatiquement les erreurs de système de fichier » est activée, puis cliquez sur Démarrer).\n\nSi les étapes ci-dessus ne résolvent pas le problème, veuillez suivre les étapes suivantes. - L'espace libre sur le disque %s est %.2f octets. - L'espace libre sur le disque %s est %.2f Ko - L'espace libre sur le disque %s est %.2f Mo - L'espace libre sur le disque %s est %.2f Go - L'espace libre sur le disque %s est %.2f To - L'espace libre sur le disque %s est %.2f Po - Impossible d'obtenir les lettres de lecteur disponibles. - Erreur : Le pilote VeraCrypt est introuvable.\n\nCopiez les fichiers 'veracrypt.sys' et 'veracrypt-x64.sys' dans le répertoire où se trouve l'application principale de VeraCrypt (VeraCrypt.exe). - Erreur : Une version incompatible du pilote VeraCrypt est actuellement en cours d'exécution.\n\nSi vous essayez d'exécuter VeraCrypt en mode portable (c'est-à-dire sans l'installer) et qu'une autre version de VeraCrypt est déjà installé, vous devez tout d'abord la désinstaller (ou la mettre à niveau à l'aide de l'installateur de VeraCrypt). Pour la désinstaller, procédez comme suit : sur Windows Vista ou une version ultérieure, sélectionnez « Menu Démarrer » > ordinateur > « Désinstaller ou modifier un programme » > VeraCrypt > désinstaller ; sur Windows XP, sélectionnez « Menu Démarrer » > Paramètres > « Panneau de configuration » > « Ajouter ou supprimer des programmes » > VeraCrypt > Supprimer.\n\nDe même, si vous essayez d'exécuter VeraCrypt en mode portable (c'est-à-dire sans l'installer) et qu'une autre version de VeraCrypt est déjà en cours d'exécution en mode portable, vous devez redémarrer le système, puis alors exécutez cette nouvelle version. - Erreur : L'initialisation du chiffrement a échoué. - Erreur : Clé de chiffrement faible détectée ! Essayez à nouveau. - Une erreur critique s'est produite et VeraCrypt doit s'arrêter. Si cela est dû à un bug dans VeraCrypt, nous voudrions le corriger. Pour nous aider, vous pouvez nous envoyer un rapport d'erreur généré automatiquement contenant les éléments suivants : \n\n- La version du programme\n- La version du système d'exploitation\n- Le type de CPU\n - Le nom du composant VeraCrypt\n- La somme de contrôle de l'exécutable VeraCrypt\n- Le nom symbolique de la fenêtre de dialogue\n- La catégorie d'erreur\n- L'adresse de l'erreur\n- La pile d'exécution VeraCrypt\n\nSi vous sélectionnez « Oui », l'URL suivante (qui contient le rapport d'erreur entier) s'ouvrira dans votre navigateur internet par défaut.\n\n%hs\n\nVoulez-vous nous faire parvenir le rapport d'erreur ci-dessus ? - Une erreur critique s'est produite dans votre système, qui nécessite l'arrêt de VeraCrypt.\n\nNotez que cette erreur n'a pas été causée par VeraCrypt (les développeurs de VeraCrypt ne peuvent donc pas la corriger). Veuillez vérifier les causes possibles sur votre système (p. ex., configuration du système, la connexion réseau, faute de composants matériels). - Une erreur critique s'est produite dans votre système, qui nécessite l'arrêt de VeraCrypt.\n\nSi ce problème persiste, vous pouvez essayer de désactiver ou désinstaller les applications qui pourraient potentiellement être l'origine de ce problème, tels que les antivirus ou les logiciels de sécurité Internet, applications d'optimisation, etc.. Si cela ne résoud pas le problème, vous pouvez essayez de réinstaller votre système d'exploitation (ce problème peut également être causé par des logiciels malveillants). - Erreur critique VeraCrypt - VeraCrypt a détecté que le système d'exploitation s'est récemment arrêté de façpn inattendue. Plusieurs raisons sont possibles (par exemple, une panne d'un composant matériel, un bug dans un pilote de périphérique, etc.)\n\nVoulez-vous que VeraCrypt vérifie si un bug dans VeraCrypt aurait pu causer la panne du système ? - Voulez-vous que VeraCrypt continue de détecter les crashs du système ? - VeraCrypt n'a pas trouvé le fichier crash système minidump. - Voulez-vous supprimer le fichier de vidage de panne Windows pour libérer de l'espace disque ? - Pour analyser la panne système, VeraCrypt a d'abord besoin d'installer Microsoft Debugging Tools pour Windows.\n\nAprès avoir cliqué sur OK, l'installateur Windows va télécharger le paquetage d'installation Microsoft Debugging Tools (16 Mo) depuis un serveur Microsoft et l'installer (l'installateur Windows sera transmis à l'URL du serveur Microsoft depuis le serveur de veracrypt.org, ce qui assure le bon fonctionnement de cette procédure même si Microsoft change l'emplacement du paquetage d'installation). - Après que vous ayez cliqué sur OK, VeraCrypt analisera la panne système. Cela peut prendre plusieurs minutes. - Assurez-vous que la variable d'environnement 'PATH' inclus le chemin d'accès à 'kd.exe' (debugger du noyau). - Il semble que VeraCrypt n'a probablement pas causé l'arrêt inattendu du système. Plusieurs autres raisons sont possibles (par exemple, un panne d'un composant matériel, un bug dans un pilote de périphérique, etc.) - Les résultats de l'analyse indiquent que la mise à jour du pilote suivant pourrait résoudre ce problème : - Pour nous aider à déterminer s'il y a un bug dans VeraCrypt, vous pouvez nous envoyer un rapport d'erreur généré automatiquement contenant les éléments suivants : \n\n- La version du programme\n- La version du système d'exploitation\n- Le type de CPU\n - Le nom du composant VeraCrypt\n- La somme de contrôle de l'exécutable VeraCrypt\n- Le nom symbolique de la fenêtre de dialogue\n- La catégorie d'erreur\n- L'adresse de l'erreur\n- La pile d'exécution VeraCrypt\n\nSi vous sélectionnez « Oui », l'URL suivante (qui contient le rapport d'erreur entier) s'ouvrira dans votre navigateur internet par défaut. - Voulez-vous nous faire parvenir le rapport d'erreur ci-dessus ? - &Chiffrer - &Déchiffrer - &Déchiffrer de façon permanente - Quitter - Créez un lecteur logique pour cette partition étendue puis essayez à nouveau. - Un volume VeraCrypt peut résider dans un fichier (appelé conteneur VeraCrypt), qui peut résider dans un disque dur, une clé USB, etc. Un conteneur VeraCrypt est comme un fichier normal (il peut par exemple être déplacé ou supprimé comme tout autre fichier). Cliquez sur "Fichier..." pour choisir un nom de fichier pour le conteneur et pour sélectionner l'emplacement où vous souhaitez que le conteneur soit créé.\n\nATTENTION : Si vous sélectionnez un fichier existant, VeraCrypt ne le chiffrera PAS ; le fichier sera supprimé et remplacé par le conteneur VeraCrypt nouvellement créé. Vous pourrez chiffrer des fichiers existants (par la suite) en les déplaçant dans le conteneur VeraCrypt que vous êtes sur le point de créer. - Sélectionnez l'emplacement du volume externe à créer (le volume caché sera créé par la suite dans le volume externe).\n\nUn volume VeraCrypt peut résider dans un fichier (appelé conteneur VeraCrypt), qui peut résider dans un disque dur, une clé USB, etc. Un conteneur VeraCrypt peut être déplacé ou supprimé comme tout autre fichier. Cliquez sur "Fichier..." pour choisir un nom de fichier pour le conteneur et pour sélectionner l'emplacement où vous souhaitez que le conteneur soit créé.\nATTENTION : Si vous sélectionnez un fichier existant, VeraCrypt ne le chiffrera PAS ; le fichier sera supprimé et remplacé par le conteneur VeraCrypt nouvellement créé. Vous pourrez chiffrer des fichiers existants (par la suite) en les déplaçant dans le conteneur VeraCrypt que vous êtes sur le point de créer. - Des volumes VeraCrypt chiffrés peuvent être créés sur des partitions sur des disques durs, SSD, clés USB et sur d'autres périphériques de stockage. Les partitions peuvent également être chiffrées sur place.\n\nEn plus, des volumes chiffrés VeraCrypt peuvent être créés sur des dispositifs qui ne contiennent aucune partition (y compris les disques durs et SSD drives).\n\nRemarque : un dispositif qui contient des partitions peut être entièrement chiffré sur place (à l'aide d'une clé unique) uniquement si c'est le lecteur où Windows est installé et depuis lequel il démarre. - Un volume VeraCrypt peut être créé sur une partition d'un disque dur, SSD, clé USB et autres périphériques.\n\nWARNING stockage : Notez que le lecteur/partition sera formaté et toutes les données actuellement stockées dessus seront perdues. - \nSélectionnez l'emplacement du volume externe à créer (le volume caché sera créé par la suite dans le volume externe).\n\nLes volumes externes peuvent être créés dans des partitions de disques durs, SSD, clés USB, et dans tout autre dispositif de stockage supporté. Les volumes externes peuvent aussi être créés dans des dispositifs qui ne contiennent aucune partition (y compris disques durs et SSD).\n\nATTENTION : Notez que la partition/le dispositif de stockage sera formaté(e) et que toutes les données qui y sont contenues seront perdues. - Sélectionnez l'emplacement du volume VeraCrypt dans lequel vous désirez créer un volume caché. - AVERTISSEMENT : Le fichier hôte/périphérique est déjà utilisé!\n\nIgnorer cet avertissement peut provoquer des résultats indésirés dont l'instabilité du système. Toutes les applications susceptibles d'utiliser le fichier hôte/périphérique (par exemple, les applications antivirus ou de sauvegarde) doivent être fermées avant de monter le volume.\n\nContinuer ? - Erreur : Impossible de monter le volume. Le fichier hôte est déjà en cours d'utilisation. Essayer de le monter sans un accès exclusif a aussi échoué. - Le fichier n'a pas pû être ouvert. - Emplacement du volume - Grands fichiers - Comptez-vous stocker des fichiers plus grands que 4 Go sur ce volume VeraCrypt ? - Selon votre choix ci-dessus, VeraCrypt choisira un système de fichiers qui convient pour le volume VeraCrypt (vous pourrez sélectionner un système de fichiers lors de la prochaine étape). - Comme vous créez un volume externe, vous devriez choisir 'Non'. Si vous choisissez 'Oui', le système de fichiers par défaut sera NTFS, qui ne convient pas aussi bien que FAT/exFAT pour les volumes externes (par exemple la taille maxi pour le volume caché sera plus grande de façon significative si le volume externe est formaté en FAT/exFAT). Normalement FAT est le choix par défaut pour les deux types de volume (caché, et normal - ainsi les volumes FAT ne sont pas suspicieux). Cependant, si l'utilisateur indique son intention de stocker des fichiers plus grands que 4Go (que le système FAT ne supporte pas) alors FAT n'est pas le choix par défaut. - Êtes-vous sûr de vouloir choisir 'Oui' ? - Mode création de volume - C'est le moyen le plus rapide pour créer un volume VeraCrypt hébergé sur une partition ou sur un périphérique (le chiffrage sur place, qui est l'autre option, est plus lent parce que le contenu de chaque secteur doit être d'abord lu, chiffré puis écrit). Toutes les données actuellement stockées sur la partition/périphérique sélectionné seront perdues (les données ne seront pas chiffrées ; elles seront remplacées par des données aléatoires). Si vous souhaitez chiffrer les données existantes sur une partition, choisissez l'autre option. - La partition sélectionnée et toutes les données stockées dessus seront chiffrées sur place. Si la partition est vide, vous deriez choisir l'autre option (le volume sera créé beaucoup plus vite). - Remarque : - &Reprendre - &Différer - &Démarrer - &Continuer - &Formater - &Effacer - Abandonner le formatage ? - Afficher plus d'infos - Ne plus afficher - Le contenu de la partition/lecteur a été effacé avec succès. - Le contenu de la partition où le système d'origine résidait (pour lequel le système caché est un clone) a été nettoyée avec succès. - Assurez-vous que la version de Windows que vous prévoyez d'installer (sur la partition nettoyée) est identique à la version de Windows que vous utilisez actuellement. C'est nécessaire car les deux systèmes seront partageront la même partition de démarrage. - Le lecteur/partition système a été chiffré avec succès.\n\nRemarque : S'il y a des volumes VeraCrypt non-système devant être montés automatiquement à chaque démarrage de Windows, vous pouvez le configurer en montant chacun d'entre eux et en sélectionnant "Favoris">"Ajouter le volume monté aux favoris système"). - La partition/le disque système a été déchiffré avec succès. - \n\nLe volume VeraCrypt a été créé et il est prêt à l'emploi. Pour créer un autre volume VeraCrypt, cliquez sur 'Suivant'. Sinon 'Quitter'. - \n\nLe volume caché VeraCrypt a été créé avec succès (le système d'exploitation caché résidera sur ce volume).\n\nCliquez sur Suivant pour continuer. - Volume complètement chiffré - Volume complètement déchiffré - IMPORTANT : POUR MONTER CE VOLUME VERACRYPT NOUVELLEMENT CREE ET ACCEDER AUX DONNEES STOCKEES DESSUS, cliquez sur « Montage automatique des périphériques » DAN LA FENETRE PRINCIPALE DE VERACRYPT. Après avoir entré le bon mot de passe (et/ou fourni le bon fichier clé), le volume sera monté sur l'unité logique que vous avez sélectionné dans la liste de la fenêtre principale de VeraCrypt (et vous serez en mesure d'accéder aux données chiffrées par l'intermédiaire de cette unité logique).\n\nSOUVENEZ-VOUS OU ECRIVEZ LES ETAPES CI-DESSUS. VOUS DEVEZ LES SUIVRE CHAQUE FOIS QUE VOUS SOUHAITEZ MONTER UN VOLUME ET ACCEDER AUX DONNÉES STOCKÉES DESSUS. D'une autre manière, dans la fenêtre principale de VeraCrypt, cliquez sur "Sélectionner le périphérique", puis sélectionnez la partition ou le volume et cliquez sur "Monter".\n\nLa partition ou le volume a été chiffré avec succès (il contient maintenant un volume de VeraCrypt complètement chiffré) et est prêt à l'emploi. - Le volume VeraCrypt a été déchiffré avec succès. - Le volume VeraCrypt a été déchiffré avec succès.\n\nVeuillez sélectionner la lettre de lecteur que vous souhaitez affecter au volume décrypté puis cliquez sur Terminer.\n\nIMPORTANT: Jusqu'à ce qu'une lettre de lecteur soit affectée au volume décrypté, vous ne serez pas en mesure d'accéder aux données stockées sur le volume. - Attention: Pour être en mesure d'accéder aux données décryptées, une lettre de lecteur doit être attribuée au volume déchiffré. Cependant, aucune lettre de lecteur n'est actuellement disponible.\n\nVeuillez libérer une lettre de lecteur (par exemple, par la déconnexion d'un lecteur flash USB ou d'un disque dur externe), puis cliquez sur OK. - Le volume VeraCrypt a été créé avec succès. - Volume créé - IMPORTANT : Déplacez votre souris dans cette fenêtre aussi aléatoirement que possible. Plus longtemps vous la bougez, mieux c'est. Cela accroît significativement la force cryptographique des clés de chiffrement. Puis cliquez sur 'Formater' pour créer le volume. - Cliquez sur 'Formater' pour créer le volume externe. Pour plus d'infos, consultez la documentation. - Formatage du volume externe - Formatage du volume caché - Formatage du volume - Adobe Reader (ou un autre outil compatible) est nécessaire pour afficher ou imprimer le guide de l'utilsateur. Adobe Reader (gratuitiel) peut être téléchargé sur : www.adobe.com/fr\n\nVoulez-vous voir la documentation en ligne à la place ? - Si vous sélectionnez cette option, l'assistant vous aidera d'abord à créer un volume VeraCrypt normal puis un volume VeraCrypt caché à l'intérieur. Les utilisateurs inexpérimentés devraient toujours sélectionner cette option. - Si vous sélectionnez cette option, vous créerez un volume caché dans un volume VeraCrypt existant. Il sera supposé que vous avez déjà créé un volume VeraCrypt prêt à héberger un volume caché. - Mode création de volume - Volume caché créé - Le volume caché VeraCrypt a été créé avec succès et est prêt à l'emploi. Si toutes les instructions ont été suivies et si les précautions et les exigences indiquées dans la section « exigences de sécurité et précautions relatives aux volumes cachés » du Guide de l'utilisateur VeraCrypt sont suivies, il devrait être impossible de prouver que le volume caché existe, même si le volume extérieur est monté.\n\nAVERTISSEMENT : Si vous ne protégez pas le VOLUME caché (pour INFORMATION sur comment le faire, REPORTEZ-VOUS À LA SECTION "PROTECTION DES VOLUMES CACHÉS CONTRE LES DOMMAGES" DANS LE GUIDE DE L'UTILISATEUR VERACRYPT), NE PAS ÉCRIRE POUR LE VOLUME EXTÉRIEUR. SINON, VOUS POUVEZ ÉCRASER ET ENDOMMAGER LE VOLUME CACHÉ ! - Vous avez démarré le système d'exploitation caché. Comme vous l'avez peut-être remarqué, le système d'exploitation caché semble être installé sur la même partition que le système d'exploitation d'origine. Cependant, en réalité, il est installé dans une de ses sous-partition (dans le volume caché). Toutes les opérations de lecture/écriture sont redirigées de manière transparente de la partition système d'origine vers le volume caché.\n\nNi le système d'exploitation ni les applications ne savent que les données écrites et lues à partir de la partition système sont en fait lues et écrites depuis/vers la partition cachée. Les données sont chiffrées et déchiffrées à la volée comme d'habitude (avec une clé de chiffrement différente de celle qui sera utilisée pour le leurre du système d'exploitation).\n\n\nCliquez sur Suivant pour continuer. - Le volume externe a été créé et monté comme lecteur %hc:. Dans ce volume, vous devriez y copier quelques fichiers apparemment importants que vous ne voulez en réalité PAS cacher. Ils seront là pour quiconque vous force à dévoiler le mot de passe pour la première partition après la partition système, où se trouveront le volume externe et le volume caché (contenant le système d'exploitation caché). Vous pourrez révéler le mot de passe de ce volume externe et l'existence du volume caché (ainsi que du système d'exploitation qui est présent) restera secrète.\n\nIMPORTANT : Les fichiers que vous copiez dans le volume externe ne devraient pas occuper plus de %s. Sinon il n'y aura pas assez d'espace libre pour y mettre le volume caché (et vous ne pourrez pas continuer). Après la copie, cliquez sur 'Suivant' (ne démontez pas le volume). - Le volume externe a été créé avec succès et monté comme lecteur %hc:. Pour utiliser ce volume, vous devriez maintenant copier quelques données 'apparemment' sensibles que vous ne voulez PAS réellement cacher. Ces fichiers seront là pour quiconque voudrait vous forcer la main pour avoir votre mot de passe. Vous ne révélerez que le mot de passe du volume externe, pas celui du volume caché. Les fichiers auxquels vous tenez seront stockés dans le volume caché, qui sera créé ultérieurement.\n\nQuand vous avez terminé de copier, cliquez sur 'Suivant'. Ne démontez pas ce volume.\n\nRemarque : Après avoir cliqué sur 'Suivant', le plan de configuration du volume externe sera scanné pour déterminer la taille du bloc ininterrompu de l'espace libre (s'il existe) dont la fin est alignée avec celle du volume. Ce bloc adaptera le volume caché et ainsi limitera sa taille maximale possible. Le scan du plan de configuration est nécessaire pour s'assurer qu'aucune donnée sur le volume externe ne sera écrasée par le volume caché. - Contenu du volume externe - \n\nDans les étapes suivantes, vous paramétrerez les options pour le volume externe (dans lequel le volume caché sera créé ultérieurement). - \n\nDans les étapes suivantes, vous allez créer un pseudo volume externe VeraCrypt dans la première partition après la partition système (comme cela a été expliqué précédemment). - Volume externe - Dans les étapes suivantes, vous allez définir les options et mot de passe pour le volume caché, qui contiendra le système d'exploitation caché.\n\nRemarque : Le volume externe a été scanné afin de déterminer la taille de la zone ininterrompue d'espace libre dont l'extrémité est alignée avec l'extrémité extérieure du volume. Cette zone pourra accueillir le volume caché et elel limite sa taille maximale possible. La taille maximale possible du volume caché a été déterminée et confirmée pour être supérieure à la taille de la partition système (ce qui est nécessaire, car la totalité du contenu de la partition système doit être copiée dans le volume caché). Cela garantit qu'aucune donnée actuellement stockée sur le volume extérieur sera remplacée par les données écrites sur la zone du volume caché. - Important : Mémorisez les algorithmes que vous sélectionnez à cette étape. Vous devrez sélectionner les mêmes algorithmes pour le système de leurre, sinon le système caché sera inaccessible! (Le système de leurre doit être chiffré avec le même algorithme de cryptage que le système caché).\n\nRemarque : La raison en est que le système de leurre et le système caché partageront le même chargeur d'amorçage, qui ne supporte qu'un seul algorithme sélectionné par l'utilisateur (pour chaque algorithme, il y a une version spéciale du chargeur d'amorçage de VeraCrypt) . - \n\nLe plan de configuration du volume a été scanné et la taille maximale possible du volume caché a été déterminée. Dans les étapes qui suivent vous paramétrerez les options, la taille et le mot de passe du volume caché. - Volume caché - Le volume caché est maintenant protégé contre les dommages jusqu'au démontage du volume externe.\n\nAVERTISSEMENT : Si vous tentez de sauvegarder des données dans la zone du volume caché, VeraCrypt lancera la protection en écriture sur l'intégralité du volume (partie externe et cachée) jusqu'au démontage. Cela peut provoquer la corruption du système de fichiers sur le volume externe ce qui (si répétition) pourrait affecter le déni plausible du volume caché. Aussi faites tout votre possible pour éviter d'écrire dans la zone du volume caché. Toute tentative de sauvegarde sur le volume caché échouera et les données seront perdues ! Windows considérera cela comme une erreur d'écriture ("L'écriture décalée a échoué" ou "Le paramètre est incorrect"). - Tous les volumes cachés dans les nouveaux volumes montés sont maintenant protégés contre les dommages jusqu'au démontage.\n\nAVERTISSEMENT : Si vous tentez de sauvegarder des données dans la zone de protection du volume caché de ces volumes, VeraCrypt lancera la protection en écriture sur l'intégralité du volume (partie externe et cachée) jusqu'au démontage. Cela peut provoquer la corruption du système de fichiers sur le volume externe ce qui (si répétition) pourrait affecter le déni plausible du volume caché. Aussi faites tout votre possible pour éviter d'écrir dans la zone du volume caché. Toute tentative de sauvegarde sur le volume caché échouera et les données seront perdues ! Windows considérera cela comme une erreur d'écriture ("L'écriture décalée a échoué" ou "Le paramètre est incorrect"). - AVERTISSEMENT : Vous tentez de sauvegarder des données dans la zone du volume caché du volume monté %c: ! VeraCrypt a empêché la sauvegarde des données pour protéger le volume caché. Cela peut provoquer la corruption du système de fichiers sur le volume externe et Windows considérera cela comme une erreur d'écriture ("L'écriture décalée a échoué" ou "Le paramètre est incorrect"). L'intégralité du volume (partie externe et cachée) sera protégée contre l'écriture jusqu'à son démontage. Si ce n'est pas la première fois que cela arrive, le déni plausible de ce volume caché peut être défavorablement affecté (à cause de possibles inconsistences corrélées inhabituelles dans le système de fichiers du volume externe). Aussi vous devriez considérer la création d'un nouveau volume VeraCrypt (avec Formatage rapide désactivé) et le déplacement des fichiers de ce volume vers le nouveau volume; ce volume devrait être supprimé de façon sécurisée (partie externe et cachée). Il est fortement recommandé de redémarrer votre système d'exploitation maintenant. - Vous avez indiqué l'intention de stocker des fichiers de plus de 4Go sur le volume. Pour cela, le volume doit être formater en NTFS/exFAT, ce qui, cependant, ne sera pas possible. - Veuillez noter que lorsqu'un système d'exploitation caché s'exécute, les volumes non-masqués VeraCrypt ne peuvent pas être formatés en NTFS/exFAT. La raison est que le volume devra être monté temporairement sans protection contre l'écriture afin de permettre au système d'exploitation de le formater en NTFS/exFAT (alors que le formatage en FAT est réalisé par VeraCrypt, non par le système d'exploitation et sans montage du volume). Pour plus de détails techniques, voir ci-dessous. Vous pouvez créer un volume NTFS/exFAT non masqué au sein du système d'exploitation de leurre. - Pour des raisons de sécurité, lorsqu'un système d'exploitation caché s'exécute, les volumes cachés peuvent être créés uniquement dans le mode « direct » (parce que les volumes extérieurs doivent toujours être montés en lecture seule). Pour créer un volume caché en toute sécurité, suivez ces étapes :\n\n1) Démarrer le système leurre.\n\n2) Créer un volume VeraCrypt normal et copier sur ce volume certains fichiers d'apparence sensible qu'en fait vous ne voulez pas masquer (le volume va devenir le volume externe).\n\n3 Démarrer le système caché et lancer l'Assistant de création de Volume VeraCrypt. Si le volume est hébergé dan un fichier, le déplacer vers la partition système ou sur un autre volume caché (dans le cas contraire, le volume caché nouvellement créé devrait être monté en lecture seule et ne peut pas être formaté). Suivez les instructions de l'Assistant afin de sélectionner le mode de création de volume caché "en direct".\n\n4) Dans l'Assistant, sélectionnez le volume que vous avez créé à l'étape 2 et puis suivez les instructions pour créer un volume caché qu'il contient. - Pour des raisons de sécurité, lorsqu'un système d'exploitation caché s'exécute, les systèmes de fichiers locaux non chiffrés et les volumes VeraCrypt non masqués sont montés en lecture seule (aucune donnée ne peut être écrite dans ces systèmes de fichiers ou volumes VeraCrypt).\n\nLes données peuvent être écrites dans n'importe quel système de fichiers qui réside dans un volume de VeraCrypt caché (à condition que le volume caché ne se trouve pas dans un récipient stocké sur un système de fichiers non chiffré ou sur tout autres fichiers en lecture seule). - Il y a trois raisons principales pour lesquelles ces contre-mesures ont été mises en œuvre :\n\n- Cela permet la création d'une plateforme sécurisée pour le montage des volumes cachés VeraCrypt. Notez que nous recommandons officiellement que les volumes cachés soient montés uniquement lorsqu'un système d'exploitation caché s'exécute. (Pour plus d'informations, consultez la sous-section « Exigences de sécurité et précautions relatives aux Volumes cachés » dans la documentation).\n\n- Dans certains cas, il est possible de déterminer qu'à un certain moment, un système de fichiers particulier n'était pas monté sous (ou qu'un fichier particulier sur le système de fichiers n'était pas enregistré ou accessible de l'intérieur) une instance particulière d'un système d'exploitation (par exemple, en analysant et en comparant les journaux du système de fichiers, l'horodatage des fichiers, journaux d'applications, etc.). Cela peut indiquer qu'un système d'exploitation caché est installé sur l'ordinateur. Les contre-mesures empêchent ces points.\n\n- Il empêche la corruption de données et permet la mise en veille prolongée sans danger. Lorsque Windows sort de l'hibernation, il suppose que tous les systèmes de fichiers sont montés dans le même État que lorsque le système est entré en hibernation. VeraCrypt assure cela en protégeant l'écriture sur n'importe quel système de fichiers accessible aussi bien au sein du leurre et que des systèmes cachés. Sans cette protection, le système de fichiers peut être endommagé lorsqu'il est monté par un seul système, tandis que l'autre système est mis en veille prolongée. - Remarque : Si vous devez transférer des fichiers de façon sécurisée du système leurre vers le système caché, suivez les étapes suivantes : 1) Démarrez le système leurre. 2) Enregistrez les fichiers dans un volume non chiffré ou dans un volume VeraCrypt externe/normal. 3) Démarrez le système caché. 4) Si vous avez enregistré les fichiers dans un volume VeraCrypt, montez-le (il sera automatiquement monté en lecture seule). 5) Copiez les fichiers dans la partition du système caché ou dans un autre volume caché. - Votre ordinateur doit être redémarré.\n\nVoulez-vous le redémarrer maintenant ? - Une erreur s'est produite en récupérant l'état du chiffrement du système. - Aucun mot de passe spécifié en ligne de commande. Le volume ne peut pas être créé. - Aucune taille de volume spécifiée en ligne de commande. Le volume ne peut pas être créé. - La taille du volume spécifiée en ligne de commande n'est pas compatible avec NTFS. - La taille du volume spécifiée en ligne de commande n'est pas compatible avec FAT32. - Le système de fichiers sur le lecteur cible ne supporte pas la création de fichiers fragmentés qui sont nécessaires pour les volumes dynamiques. - Seuls les conteneurs fichiers peuvent être créés en ligne de commande. - La taille du fichier conteneur spécifiée en ligne de commande est supérieure à l'espace libre disponible sur le disque. Le volume ne peut pas être créé. - La taille de volume spécifiée en ligne de commande est trop petite. Le volume ne peut pas être créé. - La taille de volume spécifiée en ligne de commande est trop grande. Le volume ne peut pas être créé. - Impossible d'initialiser les composants de l'application pour le chiffrement du système. - L'initialisation du générateur de nombre aléatoire a échoué !\n\n\n(Si vous rapportez un bogue en rapport à cela, n'oubliez pas d'inclure les informations techniques suivantes dans le rapport de bogue : %hs, code d'erreur : 0x%.8X) - L'API Crypto Windows a échoué !\n\n\n(Si vous rapportez un bogue en rapport à cela, n'oubliez pas d'inclure les informations techniques suivantes dans le rapport de bogue : %s, code d'erreur : 0x%.8X) - Impossible d'initialiser l'application. L'enregistrement de la classe Dialog a échoué. - Erreur : Echec de chargement de la librairie système Rich Edit. - Assistant de création de volume - Taille maximale du volume caché pour ce volume : %.2f octets. - Taille maximale du volume caché pour ce volume : %.2f Ko. - Taille maximale du volume caché pour ce volume : %.2f Mo. - Taille maximale du volume caché pour ce volume : %.2f Go. - Taille maximale du volume caché pour ce volume : %.2f To. - Le mot de passe/le fichier clé du volume ne peut pas être changé quand celui-ci est monté. Démontez le volume en premier. - L'algorithme de dérivation de la clé d'en-tête ne peut pas être changé quand le volume est monté. Démontez le volume en premier. - &Monter - Ce volume nécessite une nouvelle version de VeraCrypt. - Erreur : Assistant de création de volume introuvable.\n\nAssurez-vous que le fichier 'VeraCrypt Format.exe' est dans le répertoire duquel a été exécuté 'VeraCrypt.exe'. S'il n'y est pas, réinstallez VeraCrypt ou localisez 'VeraCrypt Format.exe' sur votre disque et exécutez-le. - Erreur : Programme d'agrandissement de volume introuvable.\n\nAssurez-vous que le fichier 'VeraCryptExpander.exe' est dans le répertoire duquel a été exécuté 'VeraCrypt.exe'. S'il n'y est pas, réinstallez VeraCrypt ou localisez 'VeraCryptExpander.exe' sur votre disque et exécutez-le. - &Suivant > - &Terminer - &Installer - E&xtraire - Impossible de se connecter au pilote de périphérique de VeraCrypt. VeraCrypt ne peut pas fonctionner si le pilote de périphérique n'est pas démarré.\n\nNotez que suite à un problème dans Windows, il sera peut-être nécessaire de redémarrer le système avant que le pilote de périphérique soit chargé. - Une erreur s'est produite en chargeant/préparant les fontes. - La lettre du lecteur est introuvable ou aucune lettre de lecteur n'a été spécifiée. - Erreur: Impossible d'affecter la lettre de lecteur.\n\nJusqu'à ce qu'une lettre de lecteur est affectée au volume décrypté, vous ne serez pas en mesure d'accéder aux données stockées sur ce volume\n\nRéessayez? - Lettre de lecteur indisponible. - Aucun fichier n'est sélectionné ! - Aucune lettre de lecteur n'est disponible. - Aucune lettre de lecteur n'est disponible pour le volume externe ! La création du volume ne peut pas continuer. - Impossible de déterminer la version de votre système d'exploitation ou alors vous utilisez un système d'exploitation non supporté. - Aucun emplacement sélectionné ! - Pas assez d'espace libre pour le volume caché ! La création du volume ne peut pas continuer - Erreur : Les fichiers copiés dans le volume externe occupent trop d'espace. Aussi il n'y a pas assez d'espace libre dans le volume externe pour le volume caché.\n\nNotez que le volume caché doit être aussi large que la partition système (la partition où est installé le système d'exploitation actuellement en fonction). La raison est que le système d'exploitation caché a besoin d'être créé en copiant le contenu de la partition système dans le volume caché.\n\n\nLe processus de création du système d'exploitation caché ne peut pas continuer. - Le pilote ne peut pas démonter le volume. Certains fichiers localisés sur le volume sont probablement encore ouverts. - Impossible de verrouiller le volume. Il y a encore des fichiers ouverts sur le volume. Aussi il ne sera pas démonté. - VeraCrypt ne peut pas verrouiller le volume car il est utilisé par le système ou des applications (il peut y avoir des fichiers ouverts sur le volume).\n\n Voulez-vous forcer pour le démontage du volume ? - Sélectionner un volume VeraCrypt - Spécifier le nom et l'emplacement - Sélectionner la bibliothèque PKCS #11 - Pas assez de mémoire - IMPORTANT : Nous recommandons fortement que les utilisateurs inexpérimentés créent un conteneur de fichier VeraCrypt sur le périphérique/partition sélectionné, au lieu d'essayer de chiffrer la totalité du lecteur/partition.\n\nQuand vous créez un conteneur de fichier VeraCrypt (par opposition à chiffrer une partition ou un périphérique) il n'y a, par exemple, aucun risque de détruire un grand nombre de fichiers. Notez qu'un conteneur de fichier VeraCrypt (même s'il contient un disque virtuel crypté) est en fait juste comme n'importe quel fichier normal. Pour plus d'informations, voir le tutoriel dans chapitre débutants dans le guide utilisateur VeraCrypt.\n\n Êtes-vous sûr que vous souhaitez chiffrer l'ensemble du lecteur/partition ? - AVERTISSEMENT : Le fichier '%s' existe déjà !\n\nIMPORTANT : VERACRYPT NE CHIFFRERA PAS LE FICHIER, MAIS IL LE SUPPRIMERA.\n\nÊtes-vous sûr de vouloir supprimer le fichier et le remplacer par un nouveau conteneur VeraCrypt ? - ATTENTION : TOUS LES FICHIERS ACTUELLEMENT STOCKÉS SUR %s '%s'%s SERONT ÉCRASÉS ET PERDUS (ILS NE SERONT PAS CHIFFRÉS) !\n\nÊtes vous sûr de vouloir procéder au formatage. - AVERTISSEMENT : Vous ne serez pas en mesure de monter le volume ou d'accéder à des fichiers stockés dessus, jusqu'à ce qu'il ait été entièrement chiffré.\n\n Êtes-vous sûr que vous souhaitez démarrer le chiffrement sur la sélection %s '%s'%s? - AVERTISSEMENT : Vous ne serez pas en mesure de monter le volume ou d'accéder à des fichiers stockés dessus, jusqu'à ce qu'il ait été entièrement déchiffré.\n\n Êtes-vous sûr que vous souhaitez démarrer le déchiffrement sur la sélection %s '%s'%s? - AVERTISSEMENT : Veuillez noter que si l'alimentation est soudainement interrompu lors du chiffrement/déchiffrement des données existantes en place, ou lorsque le système d'exploitation plante à cause d'une erreur de logiciel ou de matériel alors que VeraCrypt chiffre/déchiffre les données existantes en place, certaines parties des données seront corrompues ou perdues. Par conséquent, avant de commencer à chiffrer, assurez-vous que vous disposez de copies de sauvegarde des fichiers que vous voulez chiffrer.\n\nDisposez-vous d'une sauvegarde ? - PRUDENCE : TOUS LES FICHIERS ACTUELLEMENT STOCKÉS SUR LA PARTITION '%s'%s (i.e. SUR LA PREMIÈRE PARTITION APRÈS LA PARTITION SYSTÈME) SERONT ÉCRASÉS ET PERDUS (ILS NE SERONT PAS CHIFFRÉS) !\n\nÊtes-vous sûr de vouloir procéder au formatage ? - ATTENTION : LA PARTITION SÉLECTIONNÉE CONTIENT UNE GRANDE QUANTITÉ DE DONNÉES ! Tous les fichiers stockés sur la partition seront effacés et perdus (ils ne seront pas chiffrés) ! - Effacer tous les fichiers stockés sur la partition en créant un volume VeraCrypt dessus - Mot de passe - PIM - Paramétrer l'algorithme de dérivation de la clé d'en-tête - Ajouter/Supprimer les fichiers clés au/du volume - Supprimer tous les fichiers clés du volume - Mot de passe, PIM et/ou fichier(s) clé(s) modifiés avec succès.\n\nIMPORTANT : Assurez-vous que vous avez lu la section "Changer les mots de passe et fichiers clés" dans le chapitre « Exigences de sécurité et précautions » dans le guide de l'utilisateur VeraCrypt. - Ce volume est enregistré comme volume système préféré et son PIM a été changé.\nVoulez-vous que VeraCrypt mette à jour automatiquement la configuration de ce volume système préféré (privilèges d'administrateur requis)?\n\nVeuillez noter que si vous répondez non, vous devrez manuellement mettre à jour le champs PIM de ce volume système préféré. - IMPORTANT : Si vous n'avez pas détruit votre disque de secours VeraCrypt, votre partition/disque système peut encore être déchiffré en utilisant l'ancien mot de passe (en démarrant avec le disque de secours VeraCrypt et en saisissant mot de passe). Vous devriez créer un nouveau disque de secours VeraCrypt et détruire l'ancien.\n\nVoulez-vous créer un nouveau disque de secours VeraCrypt ? - Notez que votre disque de secours VeraCrypt utilise toujours l'algorithme précédent. Si vous considérez l'algorithme précédent non sécurisé, vous devriez créer un nouveau disque de secours VeraCrypt puis détruire l'ancien.\n\nVoulez-vous créer un nouveau disque de secours VeraCrypt ? - Tout type de fichier (par exemple .mp3, .jpg, .zip, .avi) peut être utilisé en tant que fichier clé VeraCrypt. Notez que VeraCrypt ne modifie jamais le contenu du fichier clé. Vous pouvez sélectionner plus d'un fichier clé (l'ordre n'a pas d'importance). Si vous ajoutez un dossier, tous les fichiers non cachés trouvés dans le dossier seront utilisés en tant que fichiers clés. Cliquez sur "Add Token Files..." pour sélectionner des fichiers clés stockés sur des jetons de sécurité ou cartes à puce (ou pour importer des fichiers clés sur des jetons de sécurité ou cartes à puce). - Fichier(s) clé ajouté(s)/supprimé(s) avec succès. - Fichier clé exporté. - Algorithme de dérivation de la clé d'en-tête paramétré avec succès. - Veuillez entrer le mot de passe et/ou le(s) fichier(s) clé(s) pour le volume non système où vous souhaitez reprendre le processus de chiffrement/déchiffrement "in-place".\n\n\nRemarque : Après avoir cliqué sur Suivant, VeraCrypt tentera de trouver tous les volumes non système où le processus de chiffrement/déchiffrement a été interrompu et où l'en-tête de volume VeraCrypt peut être décrypté en utilisant le mot de passe et/ou le(s) fichier(s) clé(s) fournis. Si plus d'un volume est trouvé, vous devrez en choisir un à l'étape suivante. - Veuillez sélectionner un des volumes répertoriés. La liste contient chaque volume non-système accessible où le processus de chiffrement/déchiffrement a été interrompu et dont l'en-tête pourrait être décryptée à l'aide du mot de passe fourni et/ou du ou des fichiers clés. - Veuillez entrer le mot de passe et/ou le(s) fichier(s) clé(s) pour le volume non système où vous souhaitez déchiffrer. - Il est très important que vous choisissiez un bon mot de passe. Vous devriez éviter d'utiliser un mot simple que l'on trouve dans un dictionnaire (ou une combinaison de plusieurs de ces mots). Il ne devrait pas contenir de noms ou de dates de naissance. Il ne devrait pas être facile à deviner. Un bon mot de passe est une combinaison de minuscules et de majuscules, de chiffres et de caractères spéciaux comme @ ^ = $ * + etc. Il est recommandé de choisir un mot de passe d'au moins 20 caractères (le plus long, le mieux). La longueur maximale est de 64 caractères. - Choisissez un mot de passe pour le volume caché. - Choisissez un mot de passe pour le système d'exploitation caché (i.e. pour le volume caché). - IMPORTANT : Le mot de passe que vous choisissez dans cette étape pour le système d'exploitation caché doit être sensiblement différent des 2 autres mots de passe (c'est-à-dire le mot de passe pour le volume extérieur et le mot de passe pour le système d'exploitation leurre). - Saisissez le mot de passe du volume dans lequel vous désirez créer un volume caché.\n\nAprès avoir cliqué sur 'Suivant', VeraCrypt essaiera de monter le volume. Aussitôt monté, son plan de configuration sera scanné pour déterminer la taille du bloc ininterrompu d'espace libre (s'il existe) dont la fin est alignée avec celle du volume. Ce bloc adaptera le volume caché et ainsi limitera sa taille maximale possible. Le scan du plan de configuration est nécessaire pour s'assurer qu'aucune donnée sur le volume externe ne sera écrasée par le volume caché. - \nChoisissez un mot de passe pour le volume externe. Ce sera le mot de passe que vous pourrez révéler si on vous le demande ou si on vous force à le faire.\n\nIMPORTANT : le mot de passe doit être différent de celui que vous utiliserez pour le volume caché.\n\nRemarque : La taille maximale du mot de passe est de 64 caractères. - Choisissez un mot de passe pour le volume externe. Ce sera le mot de passe que vous pourrez divulguer à toute personne vous forçant à révéler le mot de passe de la première partition après la partition système, où résideront le volume externe et le volume caché (contenant le système d'exploitation caché). L'existence du volume caché restera secrète. Notez que ce mot de passe n'est pas pour le système d'exploitation leurre.\n\nIMPORTANT : Le mot de passe doit être différent de celui que vous choisirez pour le volume caché (i.e. pour le système d'exploitation caché). - Mot de passe du volume externe - Mot de passe du volume caché - Mot de passe du système d'exploitation caché - AVERTISSEMENT : Les mots de passe courts sont faciles à craquer en utilisant des techniques de force brute !\n\nIl est recommandé de choisir des mots de passe d'au moins 20 caractères.\n\nÊtes-vous sûr de vouloir utiliser un mot de passe court ? - Mot de passe du volume - L'opération a échoué à cause d'un ou plusieurs des éléments suivants:\n - Mot de passe incorrect\n - Valeur de PIM incorrecte\n - PRF (hash) incorrect\n - Ce n'est pas un volume VeraCrypt. - L'opération a échoué à cause d'un ou plusieurs des éléments suivants:\n - Fichier(s) clé incorrect(s)\n - mot de passe incorrect\n - Valeur de PIM incorrecte\n - PRF (hash) incorrect\n - Ce n'est pas un volume VeraCrypt. - L'opération a échoué à cause d'un ou plusieurs des éléments suivants:\n - Mauvais mode de montage\n - Mot de passe incorrect\n - Valeur de PIM incorrecte\n - PRF (hash) incorrect\n - Ce n'est pas un volume VeraCrypt. - L'opération a échoué à cause d'un ou plusieurs des éléments suivants:\n - Mauvais mode de montage\n - Fichier(s) clé incorrect\n - Mot de passe incorrect\n - Valeur de PIM incorrecte\n - PRF (hash) incorrect\n - Ce n'est pas un volume VeraCrypt. - Le montage automatique a échoué à cause d'un ou plusieurs des éléments suivants:\n - Mot de passe incorrect\n - Valeur de PIM incorrecte\n - PRF (hash) incorrect\n - Aucun volume VeraCrypt trouvé. - Le montage automatique a échoué à cause d'un ou plusieurs des éléments suivants:\n - Fichier(s) clé incorrect(s)\n - Mot de passe incorrect\n - Valeur de PIM incorrecte\n - PRF (hash) incorrect\n - Aucun volume VeraCrypt trouvé. - \n\nAvertissement : Majuscules activées. Ceci peut vous empêcher de saisir correctement votre mot de passe. - Veuillez mémoriser cette valeur - PIM du volume externe - PIM du volume caché - PIM du système d'exploitation caché - PIM (Personal Iterations Multiplier) est une valeur qui contrôle le nombre d'itérations utilisées par la dérivation de clé d'en-tête du volume et cela comme suit:\n Nombre d'itérations = 15000 + (PIM x 1000)\n\nLorsque ce champs est laissé vide ou définie à 0, VeraCrypt utilisera une valeur par défaut (485) qui assurera un haut niveau de sécurité.\n\nLorsque le mot de passe est inférieure à 20 caractères, le PIM ne peut pas être inférieure à 485 afin de maintenir un niveau de sécurité minimale.\nLorsque le mot de passe contient 20 caractères ou plus, le PIM peut être mis à une valeur quelconque.\n\nUn PIM supérieur à 485 aboutira à une durée de montage plus longue. Une valeur de PIM petite (moins de 485) conduira à un montage plus rapide mais cela peut réduire la sécurité si le mot de passe n'est pas assez fort. - PIM (Personal Iterations Multiplier) est une valeur qui contrôle le nombre d'itérations utilisées par la dérivation de clé d'en-tête du volume et cela comme suit:\n Nombre d'itérations = PIM x 2048\n\nLorsque ce champs est laissé vide ou définie à 0, VeraCrypt utilisera une valeur par défaut qui assurera un haut niveau de sécurité.\n\nLorsque le mot de passe est inférieure à 20 caractères, le PIM ne peut pas être inférieure à 98 afin de maintenir un niveau de sécurité minimale.\nLorsque le mot de passe contient 20 caractères ou plus, le PIM peut être mis à une valeur quelconque.\n\nUn PIM supérieur à 98 aboutira à un pré-amorçage plus lent du système. Une valeur de PIM petite (moins de 98) conduira à un pré-amorçage plus rapide mais cela peut réduire la sécurité si le mot de passe n'est pas assez fort. - Veuillez mémoriser cette valeur - Vous avez choisi une valeur de PIM plus grande que la valeur par défaut de VeraCrypt.\nVeuillez noter que cela conduira à une durée plus longue pour le montage/pré-amorçage. - Vous avez choisi une valeur de PIM qui est inférieure à la valeur par défaut de VeraCrypt. Veuillez noter que si votre mot de passe n'est pas assez fort, cela pourrait conduire à une réduction du niveau de sécurité.\n\nEst-ce que vous confirmez que vous utilisez un mot de passe fort? - La valeur maximale du PIM pour le chiffrement système est 65535. - PIM du volume - \n\nAVERTISSEMENT : Les fichiers cachés ont été trouvés dans un chemin de recherche de fichier de clé. De tels fichiers cachés ne peuvent pas être utilisés comme fichiers clés. Si vous avez besoin de les utiliser comme fichiers clés, enlever leur attribut « Caché » (cliquez-droit sur chacun d'eux, sélectionnez « Propriétés », décochez la case « Caché » et cliquez sur OK). Remarque : Les fichiers cachés sont visibles uniquement si l'option correspondante est activée (Options de dossier > Affichage). - Si vous souhaitez protéger un volume caché contenant un système caché, assurez-vous que vous utilisez la disposition du clavier américain standard lorsque vous tapez le mot de passe pour le volume caché. Cela est nécessaire en raison du fait que le mot de passe doit être entré dans l'environnement de pré-amorçage (avant le démarrage de Windows) lorsque les dispositions de clavier de Windows ne sont pas disponibles. - VeraCrypt n'a pas trouvé de volume où un chiffrement/déchiffrement non système a été interrompu et où l'en-tête du volume peut être décrypté en utilisant le mot de passe et/ou le(s) fichier(s) clé(s) fournis.\n\nVeuillez vous assurer que le mot de passe et/ou le(s) fichier(s) clé(s) sont corrects et que la partition/le volume n'est pas actuellement utilisé(e) par le système ou des applications (y compris l'antivirus). - Le volume sélectionné est déjà complétement chiffré.\nIndicateur d'en-tête = 0x%.8X - Le volume sélectionné n'utilise pas de chiffrement 'sur place'.\nIndicateur d'en-tête = 0x%.8X - \n\nRemarque : Si vous essayez de monter une partition localisée sur un disque système chiffré sans authentification lors du pré-amorçage ou de monter une partition système chiffrée d'un système d'exploitation qui n'est pas lancé, vous pouvez le faire en sélectionnant 'Système' > 'Monter sans authentification lors du pré-amorçage'. - Dans ce mode vous ne pouvez monter une partition située sur un disque dont une partie est dans la portée clé de chiffrement du système actif.\n\nAvant de pouvoir monter cette partition dans ce mode, vous devez soit démarrer un système d'exploitation installé sur un disque différent (chiffré ou non), soit démarrer un système d'exploitation non chiffré. - VeraCrypt ne peut pas déchiffrer une partition individuelle sur un disque système chiffré (vous pouvez seulement déchiffré le disque système en entier). - Avertissement: Comme le lecteur contient le chargeur d'amorçage de VeraCrypt, il se peut que ça soit un disque système chiffré. Si c'est le cas, veuillez noter que VeraCrypt ne peut pas déchiffrer une partition individuelle sur un disque système chiffré (vous pouvez seulement déchiffré le disque système en entier). Dans ce cas, vous serez en mesure de continuer maintenant, mais vous recevrez le message d'erreur "Mot de passe incorrect" plus tard. - < &Précédent - Impossible de lister les périphériques installés sur votre système ! - Le volume '%s' existe, il est en lecture seule. Êtes-vous sûr de vouloir le remplacer ? - Sélectionnez le répertoire de destination - Sélectionner un fichier clé - Sélectionnez un chemin de recherche pour le fichier clé. AVERTISSEMENT : Notez que seul l'emplacement sera retenu, pas les noms de fichier. - Sélectionnez un répertorie où les fichiers clé seront créés. - Le conteneur courant a été sélectionné comme fichier clé. Il va être ignoré comme tel. - Conçu par Ross Anderson, Eli Biham et Lars Knudsen. Publié en 1998. Clé de 256 bits, bloc de 128 bits. Le mode opératoire est XTS. Serpent était l'un des finalistes de AES. - Veuillez spécifier la taille du conteneur que vous voulez créer.\n\nSi vous créez un conteneur (fichier fragmenté) dynamique, ce paramètre représente la taille maximale possible.\n\nNotez que la taille minimum d'un volume FAT est 292 Ko. La taille minimum d'un volume exFAT est 424 Ko. La taille minimum d'un volume NTFS est 3792 Ko - Veuillez spécifier la taille du volume extérieur à créer (vous allez tout d'abord créer le volume extérieur, puis un volume caché dedans). La taille minimum d'un volume dans lequel un volume caché est créé est 340 Ko. - Veuillez spécifier la taille du volume caché à créer. La taille minimum d'un volume caché est 40 Ko (ou 3664 Ko s'il est formaté en NTFS). La taille maximale possible, que vous pouvez spécifier pour un volume caché est affichée ci-dessus. - Taille du volume externe - Taille du volume caché - Veuillez vérifiez que la taille de la partition/lecteur sélectionné ci-dessus est correcte et cliquez sur suivant. - Le volume externe et le volume caché (contenant le système d'exploitation caché) résidera dans la partition ci-dessus. Ce devrait être la première partition qui suit la partition système.\n\nVérifiez que la taille de la partition et que les chiffres affichés plus haut sont corrects et s'ils le sont, cliquez sur 'Suivant'. - \n\nNotez que la taille minimum d'un volume dans lequel un volume caché est créé est 340 Ko. - Taille du volume - Dynamique - ATTENTION : ÉCHEC DE L'AUTO-TEST ! - Auto-tests de tous les algorithmes réussis - Le nombre d'unité de données fourni est trop long ou trop court. - La clé secondaire fournie est trop longue ou trop courte. - Le cryptogramme de test que vous avez fourni est trop long ou trop court. - La clé de test que vous avez fournie est trop longue ou trop courte. - Le texte en clair que vous avez fourni est trop long ou trop court. - Deux chiffrements en cascade opérant en mode XTS. Chaque bloc est d'abord chiffré avec %s (clé de %d bits), puis avec %s (clé de %d bits). Chaque chiffrement utilise sa propre clé. Toutes les clés sont mutuellement indépendantes. - Trois chiffrements en cascade opérant en mode XTS. Chaque bloc est d'abord chiffré avec %s (clé de %d bits), puis avec %s (clé de %d bits) et enfin avec %s (clé de %d bits). Chaque chiffrement utilise sa propre clé. Toutes les clés sont mutuellement indépendantes. - Notez que, selon la configuration du système d'exploitation, les propriétés d'auto-exécution et de montage automatique ne peuvent fonctionner que lorsque les fichiers sur disque amovibles sont créés sur un support de type CD/DVD non réinscriptibles. Notez également que ce n'est pas un bug dans VeraCrypt (c'est une limitation de Windows). - Le disque amovible VeraCrypt a été créé avec succès.\n\nNotez que vous avez besoin des privilèges administrateur pour exécuter VeraCrypt en mode portable. Notez également qu'après examen du registre, il peut être possible de dire que VeraCrypt a été exécuté sur un système Windows, même s'il est exécutée en mode portable. - Disque nomade VeraCrypt - Conçu par Bruce Schneier, David Wagner, John Kelsey, Niels Ferguson, Doug Whiting et Chris Hall. Publié en 1998. Clé de 256 bits et bloc de 128 bits. Le mode opératoire est XTS. Twofish était l'un des finalistes de AES. - Plus d'infos sur %s - Inconnu - Une erreur non spécifiée ou inconnue est survenue (%d). - Certains volumes contiennent des fichiers ou des dossiers en cours d'utilisation par une application ou par le système.\n\nForcer le démontage ? - &Démonter - Le démontage a échoué ! - Le volume contient des fichiers ou des dossiers utilisés par des applications ou par le système.\n\nForcer le démontage ? - Aucun volume n'est monté sur l'unité logique spécifiée. - Le volume que vous essayez de monter est déjà monté. - Une erreur s'est produite en essayant de monter le volume. - Erreur en recherchant un emplacement dans le volume. - Erreur : Taille de volume incorrecte. - AVERTISSEMENT : Vous ne devriez utiliser le formatage rapide que dans les cas suivants : \n\n1) L'appareil ne contient aucune donnée sensible et vous n'avez pas besoin du déni plausible.\n2) L'appareil a déjà été sécurisé et chiffré.\n\nÊtes-vous sûr que vous souhaitez utiliser le formatage rapide ? - Un conteneur dynamique est une zone NTFS pré-allouée de fichiers fragmentés dont la taille physique (espace disque réellement utilisé) augmente au fur et à mesure que de nouvelles données y sont ajoutées.\n\nATTENTENTION : Les performances des volumes dynamiques sont considérablement plus mauvaises que les performances des volumes standards. Les volumes dans un conteneur dynamique sont également moins sûrs, parce qu'il est possible de dire quel secteur de volume n'est pas utilisé. En outre, les fichiers fragmentés par volumes ne peuvent pas fournir de déni plausible (hébergement d'un volume caché). Notez également que si des données sont écrites dans un conteneur de fichier fragmenté, lorsqu'il n'y a pas assez d'espace libre dans le système de fichiers hôte, le système de fichiers chiffré peut se corrompre.\n\nÊtes-vous sûr que vous souhaitez créer un volume de fichier clairsemé ? - Notez que la taille du conteneur dynamique signalé par Windows et par VeraCrypt sera toujours égale à sa taille maximale. Pour connaître la taille physique actuelle du conteneur (l'espace disque réellement utilisé), cliquez-droit sur le fichier de conteneur (dans une fenêtre de l'explorateur Windows, pas dans VeraCrypt), puis sélectionnez « Propriétés » et visualiser la « Taille sur le disque ».\n\nNotez aussi que si vous déplacez un conteneur dynamique vers un autre volume ou un lecteur, la taille physique du conteneur s'étendra à son maximum. (Vous pouvez l'empêcher en créant un nouveau conteneur dynamique dans l'emplacement de destination, en le montant et en déplaçant les fichiers de l'ancien conteneur vers le nouveau). - Cache de mot de passe nettoyé - Mots de passe (et/ou contenu traité des fichiers clés) stockés dans le cache du pilote VeraCrypt ont été nettoyés. - VeraCrypt ne peut pas changer le mot de passe d'un volume étranger. - Sélectionnez une lettre de lecteur libre dans la liste. - Sélectionnez un volume monté dans la liste des lettres de lecteur. - Deux volumes montés différents sont actuellement sélectionnés (un dans la liste d'unités logiques et l'autre dans le champ ci-dessous).\n\nChoisissez le volume que vous souhaitez sélectionner : - Erreur : Impossible de créer autorun.inf - Erreur durant le traitement du fichier clé ! - Erreur durant le traitement de l'emplacement du fichier clé ! - Le chemin d'accès au fichier clé ne contient aucun fichier.\n\nNotez que les dossiers (et les fichiers qu'ils contiennent) trouvés dans le chemin de recherche sont ignorés. - VeraCrypt ne supporte pas ce système d'exploitation. - Erreur : VeraCrypt prend en charge uniquement les versions stables de ce système d'exploitation (les versions beta/RC ne sont pas prises en charge). - Erreur : Impossible d'allouer de la mémoire. - Erreur : Impossible de retrouver la valeur du compteur de performance. - Erreur : Mauvais format de volume. - Erreur : Vous avez donné un mot de passe pour le volume caché (pas pour un volume normal). - Pour des raisons de sécurité, un volume caché ne peut pas être créé dans un volume VeraCrypt contenant un système de fichiers qui a été chiffré en place (parce que l'espace libre sur le volume n'a pas été rempli avec des données aléatoires). - VeraCrypt - Mentions légales - Tous les fichiers - Volumes VeraCrypt - Modules de bibliothèque - Le formatage NTFS/exFAT ne peut pas continuer. - Impossible de monter le volume. - Impossible de démonter le volume. - Windows n'a pas pû formater le volume en NTFS/exFAT.\n\nSélectionnez un type de système de fichiers différent (si possible) et essayez à nouveau. Vous pouvez aussi laisser le volume non formaté (sélectionnez 'Aucun' comme système de fichiers), quittez cet assistant, montez le volume puis utilisez soit un outil système soit un outil tiers pour formater le volume monté (le volume restera chiffré). - Windows n'a pas pû formater le volume en NTFS/exFAT.\n\nVoulez-vous formater le volume en FAT à la place ? - Défaut - partition - LA PARTITION - Périphérique - périphérique - LE PÉRIPHÉRIQUE - Volume - volume - VOLUME - Etiquette - La taille de cluster sélectionnée est trop petite pour cette taille de volume. Une taille plus grande sera utilisée. - Erreur : Impossible d'obtenir la taille du volume !\n\nAssurez-vous que le volume sélectionné n'est pas utilisé par le système ou par une application. - Les volumes cachés ne doivent pas être créés dans les conteneurs dynamiques (fichiers fragmentés). Pour parvenir au déni plausible, le volume caché doit être créé dans un conteneur non-dynamique. - L'assistant de création de volume VeraCrypt ne peut créer un volume caché que dans un volume FAT/exFAT ou NTFS. - Sous Windows 2000, l'assistant de création de volume VeraCrypt ne peut créer un volume caché que dans un volume FAT. - Note : Le système de fichiers FAT/exFAT convient mieux que NTFS pour les volumes externes (par ex : la taille maximale du volume caché aurait été probablement plus grande si le volume externe avait été formaté en FAT/exFAT). - Notez que le système de fichiers FAT/exFAT convient mieux que NTFS pour les volumes externes. Par exemple la taille maximale du volume caché aurait été probablement plus grande si le volume externe avait été formaté en FAT/exFAT (la raison en est que NTFS stocke toujours les données internes au milieu du volume et ainsi, le volume caché ne peut résider que dans la seconde moitié du volume externe).\n\nÊtes-vous sûr de vouloir formater le volume externe en NTFS ? - Voulez-vous plutôt formater le volume en FAT ? - Remarque : Ce volume ne peut pas être formaté en FAT car il dépasse la taille de volume maximale prise en charge par le système de fichiers FAT32 pour la taille de secteur en vigueur (2 to pour les secteurs de 512 octets et 16 TB pour les secteurs de 4096 octets). - La partition pour le système d'exploitation caché (i.e. la première partition après la partition système) doit être au moins 5% plus large que la partition système (il s'agit de celle qui contient le système d'exploitation qui fonctionne actuellement). - Erreur : La partition pour le système d'exploitation caché (i.e. la première partition après la partition système) doit être au moins 110% (2,1 fois) plus grande que la partition système (la partition système est celle où se trouve le système d'exploitation qui fonctionne actuellement). La raison en est que NTFS stocke toujours les données internes au milieu du volume et ainsi, le volume caché (qui doit contenir un clone de la partition système) ne peut résider que dans la seconde moitié de la partition. - Erreur : Si le volume externe est formaté en NTFS, il doit être au moins 110% (2,1 fois) plus grand que la partition système. La raison en est que NTFS stocke toujours les données internes au milieu du volume et ainsi, le volume caché (qui doit contenir un clone de la partition système) ne peut résider que dans la seconde moitié du volume externe.\n\nNote : Le volume externe doit résider dans la même partition que le système d'exploitation caché (i.e. dans la première partition après le système d'exploitation). - Erreur : Il n'y a pas de partition après la partition système.\n\nNotez qu'avant de créer un système d'exploitation caché, vous devez d'abord créer une partition sur le disque système. Ce doit être la première partition après la partition système et elle doit être au moins 5% plus grande que la partition système (il s'agit de celle sur laquelle le système d'exploitation fonctionne actuellement). Cependant, si le volume externe (à ne pas confondre avec la partition système) est formaté en NTFS, la partition pour le système d'exploitation caché doit être au moins 110% (2,1 fois) plus large que la partition système (la raison en est que NTFS stocke toujours les données internes au milieu du volume et ainsi, le volume caché qui doit contenir un clone de la partition système ne peut résider que dans la seconde moitié de la partition). - Remarque : Il n'est pas pratique (et cela n'est pas autorisé) d'installer des système d'exploitation dans deux volumes VeraCrypt qui sont intégrés dans une seule partition parce qu'utiliser le système d'exploitation externe nécessiterait d'écrire régulièrement dans la zone du système d'exploitation caché (et si de telles opérations d'écriture ne pouvaient utiliser la fonction de protection du volume caché, il en résulterait inévitablement un plantage du système, i.e. un écran d'erreur 'bleu'). - Pour plus d'infos sur la façon de créer et gérer des partitions, consultez la documentation de votre système d'exploitation ou contactez le technicien du SAV de votre ordinateur. - Erreur : Le système d'exploitation actuellement utilisé n'est pas installé sur la partition d'amorçage (la 1ère partition active). Ce n'est pas supporté. - Vous avez indiqué que vous avez l'intention de stocker des fichiers de plus de 4 Go dans ce volume VeraCrypt. Cependant, vous avez choisi le système de fichiers FAT, sur lequel des fichiers de plus de 4 Go ne peuvent pas être stockés.\n\nEtes-vous sûr que vous voulez formater le volume en FAT? - Erreur: VeraCrypt ne supporte pas le décryptage sur place des volumes non-système existants créés par VeraCrypt 1.0b ou antérieur.\n\nREMARQUE: Vous pouvez toujours déchiffrer les fichiers stockés sur le volume en les copiant/déplaçant vers un volume non chiffré. - Erreur: VeraCrypt ne peut pas déchiffrer sur place un volume VeraCrypt caché.\n\nREMARQUE: Vous pouvez toujours déchiffrer les fichiers stockés sur le volume en les copiant/déplaçant vers un volume non chiffré. - Attention: Notez que VeraCrypt ne peut pas déchiffrer sur place un volume qui contient un volume caché VeraCrypt (le volume caché serait alors écrasé avec les données pseudo-aléatoires).\n\nVeuillez confirmer que le volume que vous êtes sur le point de décrypter ne contient pas de volume caché.\n\nREMARQUE: Si le volume contient un volume caché mais cela ne vous dérange pas de perdre le volume caché, alors vous pouvez sélectionner Continuer (le volume extérieur sera décrypté en toute sécurité). - Le volume ne contient aucun volume caché. Continuer. - Le volume contient un volume caché. Annuler. - Erreur : Impossible d'accéder au volume !\n\nAssurez-vous que le volume existe, qu'il est n'est pas monté ou utilisé par le système ou une application, que vous avez la permission en lecture/écriture pour le volume et qu'il n'est pas protégé en écriture. - Erreur: Impossible d'obtenir les propriétés du volume. - Erreur : Impossible d'accéder au volume et/ou d'obtenir des informations sur le volume.\n\nAssurez-vous que le volume sélectionné existe, qu'il n'est pas utilisé par le système ou les applications, que vous avez l'autorisation de lecture/écriture sur le volume, et qu'il n'est pas protégé en écriture. - Erreur : Impossible d'accéder au volume et/ou d'obtenir des informations sur le volume.\n\nAssurez-vous que le volume sélectionné existe, qu'il n'est pas utilisé par le système ou les applications, que vous avez l'autorisation de lecture/écriture sur le volume, et qu'il n'est pas protégé en écriture.\n\nSi le problème persiste, suivez les étapes suivantes. - Une erreur a empêché VeraCrypt de chiffrer la partition. Essayez de résoudre les problèmes référencés antérieurement puis essayez à nouveau. Si les problèmes persistent, suivez les étapes ci-dessous. - Une erreur a empêché VeraCrypt de reprendre le processus de chiffrement de la partition.\n\nEssayez de résoudre les problèmes référencés antérieurement puis essayez à nouveau. Notez que le volume peut être monté que lorsqu'il aura été entièrement chiffré. - Une erreur a empêché VeraCrypt de déchiffrer le volume. Essayez de résoudre les problèmes référencés antérieurement puis essayez à nouveau si possible. - Erreur : Impossible de démonter le volume externe !\n\nLe volume ne peut pas être démonté s'il contient des fichiers ou des dossiers utilisés par le système ou par une application.\n\nFermez tout programme qui utilise les fichiers ou les dossiers sur le volume puis cliquez sur 'Recommencer'. - Erreur : Impossible d'obtenir des informations sur le volume externe ! La création du volume ne peut pas continuer. - Erreur : Impossible d'accéder au volume externe ! La création du volume ne peut pas continuer. - Erreur : Impossible de monter le volume externe ! La création du volume ne peut pas continuer. - Erreur : Impossible d'obtenir le plan de configuration du volume ! La création du volume ne peut pas continuer. - Alphabétique/Catégorie - Vitesse moyenne (décroissante) - Algorithme - Chiffrement - Déchiffrement - Moyenne - Lecteur - Taille - Algorithme de chiffrement - Algorithme de chiffrement - Type - Valeur - Propriété - Emplacement - octets - Caché - Externe - Normal - Système - Caché (système) - Lecture seule - Disque système - Disque système (chiffrement - fait à %.2f%%) - Disque système (déchiffrement - fait à %.2f%%) - Disque système (chiffré à %.2f%%) - Partition système - Partition système cachée - Partition système (chiffrement - fait à %.2f%%) - Partition système (déchiffrement - fait à %.2f%%) - Partition système (chiffré à %.2f%%) - Oui (dommage évité !) - Aucun - Taille de la clé principale - Taille de la clé secondaire (mode XTS) - Ajustement de la taille de la clé (mode LRW ) - bits - Taille du bloc - PKCS-5 PRF - Nombre d'itérations PKCS-5 - Création du volume - Modification de l'en-tête - (il y a %I64d jours) - Version du format du volume - En-tête de sauvegarde intégré - Version du chargeur d'amorçage VeraCrypt - 1ère disponible - Disque amovible - Disque dur - Inchangé - Auto détection - Mode assistant - Sélectionnez l'un des modes. Si vous ne savez pas lequel, utilisez celui par défaut. - Sélectionnez cette option si vous voulez installer VeraCrypt sur ce système. - Remarque : Vous pouvez mettre à niveau sans déchiffrage même si le système partition/disque est chiffré ou si vous utilisez un système d'exploitation caché. - Si vous sélectionnez cette option, tous les fichiers seront extraits de ce paquet, mais rien ne sera installé sur le système. Ne la sélectionnez pas si vous voulez chiffrer la partition système ou le lecteur système. Cette option peut être utile, par exemple, si vous souhaitez exécuter VeraCrypt en mode portable. VeraCrypt n'a pas besoin d'être installé sur le système d'exploitation sous lequel il est exécuté. Une fois que tous les fichiers sont extraits, vous pouvez exécuter directement le fichier « VeraCrypt.exe » (VeraCrypt s'exécute alors en mode portable). - Options d'installation - Ici vous pouvez paramétrer diverses options pour contrôler l'installation. - Installion - Patientez pendant l'installation de VeraCrypt. - VeraCrypt a été installé avec succès - VeraCrypt a été mis à jour avec succès - Veuillez envisager de faire un don. Vous pouvez cliquer sur terminer à tout moment pour fermer le programme d'installation. - Options d'extraction - Ici vous pouvez paramétrer diverses options pour contrôler l'extraction. - Patientez s'il vous plaît. L'extraction des fichiers est en court. - Les fichiers ont été extraits avec succès. - Tous les fichiers ont été extraits avec succès dans le répertoire de destination. - Si le dossier spécifié n'existe pas, il sera automatiquement créé. - Les fichiers de l'application VeraCrypt seront mis à jour dans l'emplacement où VeraCrypt est installé. Si vous devez sélectionner un emplacement différent, veuillez désinstaller d'abord VeraCrypt. - Voulez-vous voir les notes sur la version actuelle (dernière version stable) de VeraCrypt ? - Si vous n'avez jamais utilisé VeraCrypt, il est recommandé de lire le chapitre 'Beginner's Tutorial' du guide de l'utilisateur. Voulez-vous voir le didactitiel ? - Sélectionnez une action à effectuer : - Réparer/Réinstaller - Mettre à niveau - Désinstaller - Pour installer/désinstaller correctement VeraCrypt, vous devez disposer des privilèges administrateur. Voulez-vous continuer ? - L'installeur de VeraCrypt est actuellement exécuté sur votre système et réalise ou prépare l'installation ou la mise à jour de VeraCrypt. Avant de poursuivre, attendez qu'il termine ou se ferme. Si vous ne pouvez pas le fermer, redémarrez votre ordinateur avant de poursuivre. - L'installation a échoué. - La désinstallation a échoué. - Ce package est endommagé. Essayez de le télécharger à nouveau (de préférence à partir du site web officiel de VeraCrypt à l'URL https://veracrypt.codeplex.com). - Impossible d'écrire dans le fichier %s - Extraction de - Impossible de lire les données du package. - Impossible de vérifier l'intégrité du package. - L'extraction a échoué. - L'installation est revenue à la version précédente. - VeraCrypt a été installé avec succès - VeraCrypt a été mis à jour avec succès. - VeraCrypt a été mis à niveau avec succès. Toutefois, avant de commencer à l'utiliser, l'ordinateur doit être redémarré.\n\nSouhaitez-vous redémarrer maintenant ? - Échec de mise à niveau de VeraCrypt!\n\nIMPORTANT : avant d'arrêter ou de redémarrer le système, nous recommandons fortement que vous utilisiez la restauration du système (menu Démarrer de Windows > tous les programmes > Accessoires > Outils système > restauration du système) pour restaurer votre système sur le point de restauration nommé « Installation de VeraCrypt ». Si la restauration du système n'est pas disponible, vous devriez essayer de réinstaller l'original ou la nouvelle version de VeraCrypt avant que vous arrêtiez ou redémarriez le système. - VeraCrypt a été désinstallé avec succès.\n\nCliquez sur 'Terminer' pour supprimer l'installeur de VeraCrypt ainsi que le dossier %s. Notez que le dossier ne sera pas supprimé s'il contient des fichiers qui n'ont pas été installés par l'installeur de VeraCrypt ou créés par VeraCrypt. - Supprimer les entrées VeraCrypt de la base de registre - Ajoût d'une entrée à la base de registre - Suppression des données spécifiques à l'application - Installation - Arrêt - Suppression - Ajoût de l'icône - Création du point de restauration système - La création du point de restauration système a échoué ! - Mise à jour du chargeur d'amorçage - Impossible d'installer '%s'. %s Voulez-vous continuer l'installation ? - Impossible de désinstaller '%s'. %s Voulez-vous continuer la désinstallation ? - Installation terminée. - Le dossier '%s' n'a pas pû être créé - Le pilote de périphérique VeraCrypt n'a pas pû être déchargé.\n\nFermez toutes les fenêtres VeraCrypt en premier. Si cela n'aide pas, redémarrez Windows et essayez à nouveau. - Tous les volumes VeraCrypt doivent être démontés avant d'installer ou de désinstaller VeraCrypt. - Une version obsolète de VeraCrypt est installée sur ce système. Elle doit être désinstallée avant d'installer cette nouvelle version de VeraCrypt.\n\nDès que vous fermerez ce message, le programme de désinstallation de l'ancienne version sera lancé. Notez qu'aucun volume n'est déchiffré lorsque vous désinstallez VeraCrypt. Après avoir désinstallé l'ancienne version de VeraCrypt, réexécutez le programme d'installation de la nouvelle version de VeraCrypt. - L'installation des entrées de la base de registre a échoué - L'installation du pilote de périphérique a échoué. Redémarrez Windows et essayez à nouveau d'installer VeraCrypt. - Exécution du pilote de périphérique VeraCrypt - La désinstallation du pilote de périphérique a échoué. Notez qu'à cause d'un problème dans Windows il sera peut-être nécessaire de fermer la session ou de redémarrer le système avant de pouvoir désinstaller (ou réinstaller) le pilote de périphérique. - Installation du pilote de périphérique VeraCrypt - Arrêt du pilote de périphérique VeraCrypt - Désinstallation du pilote de périphérique VeraCrypt - L'enregistrement de la bibliothèque de support du Contrôle de Compte Utilisateur (UAC) a échoué. - Le désenregistrement de la bibliothèque de support du Contrôle de Compte Utilisateur (UAC) a échoué. - Remarque sur le mode portable :\n\nLe système d'exploitation nécessite des pilotes enregistrés avant qu'ils puissent être démarrés. Par conséquent, le pilote VeraCrypt n'est pas (et ne peut pas l'être) entièrement portable (alors que les applications de VeraCrypt sont entièrement portables, c'est-à-dire qu'elles n'ont pas à être installées ou enregistrées avec le système d'exploitation). Notez également que VeraCrypt a besoin d'un pilote pour fournir le chiffrage/déchiffrage à la volée de manière transparente. - Notez que si vous décidez d'exécuter VeraCrypt en mode portable (par opposition à l'utilisation d'une copie installée de VeraCrypt), le système vous demandera l'autorisation d'exécuter VeraCrypt (invite UAC) chaque fois que vous essayez de l'exécuter.\n\nLa raison est que, lorsque vous exécutez VeraCrypt en mode portable, VeraCrypt doit charger et démarrer le pilote de périphérique VeraCrypt. VeraCrypt a besoin d'un pilote de périphérique pour fournir le chiffrement/déchiffrement à la volée de manière transparente, et les utilisateurs sans privilèges d'administrateur ne peuvent pas démarrer les pilotes de périphériques dans Windows. Par conséquent, le système demandera votre autorisation d'exécuter VeraCrypt avec des privilèges d'administrateur (UAC prompt).\n\nSi vous installez VeraCrypt sur le système (par opposition à l'exécution de VeraCrypt en mode portable), le système ne demandera pas votre autorisation pour exécuter VeraCrypt (invite UAC) chaque fois que vous le lancez.\n\nÊtes-vous sûr que vous souhaitez extraire les fichiers ? - AVERTISSEMENT : Cette instance de l'Assistant de création de Volume a des privilèges administrateur.\n\nVotre nouveau volume peut être créé avec des autorisations qui ne vous permettent pas d'écrire sur le volume quand il est monté. Si vous voulez éviter cela, fermez cette instance de l'Assistant de création de Volume et lancez-en une nouvelle sans privilèges administrateur.\n\nVoulez-vous fermer cette instance de l'Assistant de création de Volume ? - Erreur : Impossible d'afficher la licence. - Externe(!) - jours - heures - minutes - s - Ouvrir - Démonter - Montrer VeraCrypt - Dissimuler VeraCrypt - Lu depuis le montage - Ecrit depuis le montage - Partie chiffrée - 100% (intégralement chiffré) - 0% (non chiffré) - %.3f%% - 100% - En attente - Préparation - Redimensionnement - Cryptage - Décryptage - Finalisation - En pause - Terminé - Erreur - Périphérique déconnecté - Volumes système préférés sauvegardés.\n\nPour permettre le montage des volumes système préférés lorsque le système démarre, veuillez sélectionner « Paramètres » > « Volumes système préférés » > « Montage des volumes système préférés au démarrage de Windows ». - Le volume que vous ajoutez à vos favoris n'est ni une partition ni un volume dynamique. Par conséquent, VeraCrypt ne pourra pas monter ce volume préféré si le numéro de périphérique change. - Le volume que vous ajoutez à vos favoris est une partition non reconnue par Windows.\n\nVeraCrypt ne pourra pas monter ce volume préféré si le numéro de périphérique change. Veuillez définir le type de la partition par un type reconnu par Windows (utilisez la commande SETID de l'outil Windows « diskpart »). Puis ajouter à nouveau la partition aux favoris. - La tâche VeraCrypt en arrière-plan est désactivée ou VeraCrypt est configuré pour se fermer quand il n'y a aucun volume monté (ou VeraCrypt s'exécute en mode portable). Cela peut empêcher vos volumes préférés de monter automatiquement lorsque des dispositifs les hébergents sont connectés.\n\nRemarque : Pour activer VeraCrypt en tâche de fond, sélectionnez Paramètres > Préférences et cochez la case « Activé » dans la section « Tâche de fond VeraCrypt ». - Un conteneur stocké dans un système de fichiers distant partagé sur un réseau ne peut être monté automatiquement lorsque l'appareil hôte se connecte. - Le périphérique affiché ci-dessous n'est ni une partition ni un volume dynamique. Par conséquent, le volume hébergé sur le dispositif ne peut être monté automatiquement lorsque l'appareil est connecté. - Veuillez associer le type de la partition affichée ci-dessous à un type reconnu par Windows (utilisez la commande SETID de l'outil Windows « diskpart »). Puis supprimer la partition des favoris et rajoutez-la. Cela permettra au volume hébergé sur le dispositif d'être monté automatiquement lorsque l'appareil est connecté. - Le périphérique affiché ci-dessous n'est ni une partition ni un volume dynamique. Donc, aucune étiquette ne peut lui être assigné. - Veuillez associer le type de la partition affichée ci-dessous à un type reconnu par Windows (utilisez la commande SETID de l'outil Windows « diskpart »). Puis supprimer la partition des favoris et rajoutez-la. Cela permettra à VeraCrypt d'attribuer une étiquette à la partition. - En raison d'une limitation de Windows, un conteneur stocké dans un système de fichiers distant, partagé sur un réseau, ne peut pas être monté comme un volume système préféré (Cependant, il peut être monté comme un volume non-système préféré lorsqu'un utilisateur ouvre une session). - Entrez le mot de passe pour %s - Entrez un mot de passe pour '%s' - Entrez le mot de passe pour le volume normal/externe - Entrez le mot de passe pour le volume caché - Entrez le mot de passe pour l'en-tête stocké dans un fichier de sauvegarde - Fichiers clé créés avec succès. - Le nombre de fichiers clé que vous avez saisi est invalide. - La taille du fichier clé doit être comprise entre 64 and 1048576 octets. - Merci de saisir le nom de base des fichiers clé qui vont être crées - Le nom de base saisi des fichiers clé est invalide - Le fichier clé '%s' existe déjà.\nVoulez-vous l'écraser? L'opération de génération va s'arrêter si vous répondez non. - AVERTISSEMENT : L'en-tête de ce volume est endommagé ! VeraCrypt a automatiquement utilisé la sauvegarde de l'en-tête du volume intégré au volume.\n\nVous devriez réparer l'en-tête du volume en sélectionnant 'Outils' > 'Restaurer l'en-tête du volume'. - La sauvegarde de l'en-tête du volume a été créée avec succès.\n\nIMPORTANT : Restaurer l'en-tête du volume avec cette sauvegarde restaurera aussi le mot de passe actuel du volume. De plus si un(des) fichier(s) clé est(sont) nécessaire(s) pour monter le volume, la(les) même(s) clé(s) sera(seront) nécessaire(s) pour monter à nouveau le volume quand l'en-tête sera restauré.\n\nAVERTISSEMENT : Cette sauvegarde de l'en-tête de volume ne peut être utilisée que pour restaurer l'en-tête de ce volume en particulier. Si vous utilisez cette sauvegarde d'en-tête sur un volume différent, vous pourrez monter le volume mais vous ne pourrez PAS déchiffrer les données stockées (car vous changerez sa clé principale). - L'en-tête du volume a été restaurée avec succès.\n\nIMPORTANT : Notez qu'un ancien mot de passe peut aussi avoir été restauré. De plus si un(des) fichier(s) clé est(sont) nécessaire(s) pour monter le volume, la(les) même(s) clé(s) sera(seront) nécessaire(s) pour monter à nouveau le volume. - Pour des raisons de sécurité, vous allez devoir saisir le mot de passe (et/ou le(s) fichier(s) clé) du volume.\n\nNote : Si le volume contient un volume caché, vous devrez saisir le mot de passe (et/ou le(s) fichier(s) clé) du volume externe en premier. Ensuite si vous décidez de sauvegarder l'en-tête du volume caché, vous devrez saisir le mot de passe (et/ou le(s) fichier(s) clé) du volume caché. - Êtes-vous sûr de vouloir créer une sauvegarde de l'en-tête du volume : %s ?\n\nAprès avoir cliqué 'Oui', vous serez invité à donner un nom à la sauvegarde de l'en-tête.\n\nNote : Les en-têtes du volume caché et du volume normal seront à nouveau chiffrés en utilisant un nouveau sel et stockés dans le fichier de sauvegarde. S'il n'y a pas de volume caché dans ce volume, la zone réservée pour l'en-tête du volume caché dans le fichier de sauvegarde sera remplie avec des données aléatoires (pour préserver le déni plausible). Lors de la restauration de l'en-tête d'un volume à partir d'un fichier de sauvegarde, vous devrez saisir le mot de passe (et/ou le(s) fichier(s) clé) qui étai(en)t valide(s) quand la sauvegarde de l'en-tête du volume a été créée. Le mot de passe (et/ou le(s) fichier(s) clé) déterminera(détermineront) automatiquement le type de l'en-tête du volume a restaurer, i.e. normal ou caché (notez que VeraCrypt déterminera le type par la méthode d'essais et d'erreurs). - Êtes-vous sûr de vouloir restaurer l'en-tête du volume : %s ?\n\nAVERTISSEMENT : La restauration de l'en-tête du volume restaure aussi le mot de passe du volume qui était valide quand la sauvegarde a été effectuée. De plus si un(des) fichier(s) clé est(sont) nécessaire(s) pour monter le volume, la(les) même(s) clé(s) sera(seront) nécessaire(s) pour monter à nouveau le volume quand l'en-tête sera restauré.\n\nAprès avoir cliqué 'Oui', vous sélectionnerez le fichier de sauvegarde de l'en-tête. - Le volume contient-il un volume caché ? - Le volume contient un volume caché - Le volume ne contient pas de volume caché - Sélectionnez le type de sauvegarde d'en-tête de volume à utiliser : - Restaurer l'en-tête du volume à partir de la sauvegarde intégrée dans le volume - Restaurer l'en-tête du volume à partir d'un fichier de sauvegarde externe - La taille du fichier de sauvegarde de l'en-tête du volume est incorrecte. - Il n'y a pas de sauvegarde d'en-tête intégrée dans ce volume (seuls les volumes créés avec VeraCrypt 6.0 et ultérieur contiennent des en-têtes de sauvegarde intégrés). - Vous essayez de sauvegarder l'en-tête de la partition/du disque système. Cela n'est pas autorisé. Toute opération de sauvegarde/restauration concernant la partition/le disque système ne peut être effectué qu'en utilisant le disque de secours VeraCrypt.\n\nVoulez-vous créer un disque de secours VeraCrypt ? - Vous essayez de restaurer l'en-tête d'un volume virtuel VeraCrypt mais vous avez sélectionné la partition/le disque système. Cela n'est pas autorisé. Toute opération de sauvegarde/restauration concernant la partition/le disque système ne peut être effectué qu'en utilisant le disque de secours VeraCrypt.\n\nVoulez-vous créer un disque de secours VeraCrypt ? - Après avoir cliqué sur 'OK', vous sélectionnerez un nom de fichier et un emplacement pour la nouvelle image ISO du disque de secours VeraCrypt. - L'image du disque de secours a été créée et stockée dans ce fichier :\n%s\n\nMaintenant vous avez besoin de graver l'image du disque de secours sur un CD ou DVD.\n\nIMPORTANT : Notez que le fichier doit être écrit sur le CD/DVD sous forme d'image de disque ISO (pas dans un fichier individuel). Pour plus d'informations sur la façon de le faire, veuillez vous reporter à la documentation d'utilisation de votre logiciel de gravure.\n\nAprès avoir graver le disque de secours, sélectionnez « Système » > « Vérifier le disque de secours » pour vérifier qu'il a été graver correctement. - L'image du disque de secours a été créée et stockée dans ce fichier :\n%s\n\nMaintenant vous avez besoin de graver l'image du disque de secours sur un CD ou un DVD.\n\nSouhaitez-vous lancer maintenant le logiciel de gravure Microsoft ?\n\nRemarque : Après avoir graver le disque de secours, sélectionnez « Système » > « Vérifier le disque de secours » pour vérifier qu'il a été graver correctement. - Insérez votre disque de secours VeraCrypt dans votre lecteur de CD/DVD et cliquez sur 'OK' pour le vérifier. - Le disque de secours VeraCrypt a été vérifié avec succès. - Impossible de vérifier que le disque de secours a été correctement gravé.\n\nSi vous avez gravé le disque de secours, éjectez-le et réinsérez-le puis essayez à nouveau. Si cela n'aide pas, essayez un autre logiciel de gravure ou un autre support.\n\nSi vous essayez de vérifier un disque de secours créé pour une clé principale différente, un mot de passe différent, etc... dans ce cas la vérification échouera à tous les coups. Pour créer un nouveau disque de secours totalement compatible avec votre configuration actuelle, sélectionnez 'Système' > 'Créer un disque de secours'. - L'image ISO du disque de secours VeraCrypt a été vérifiée avec succès. - La vérification de l'image ISO du disque de secours a échoué.\n\nSi vous essayez de vérifier une image ISO de disque de secours créé pour une clé principale différente, un mot de passe différent, etc... dans ce cas la vérification échouera à tous les coups. Pour créer une nouvelle image ISO du disque de secours totalement compatible avec votre configuration actuelle, sélectionnez 'Système' > 'Créer un disque de secours'. - Erreur lors de la création du disque de secours VeraCrypt. - Le disque de secours VeraCrypt ne peut pas être créé quand un système d'exploitation caché est en cours d'exécution.\n\nPour créer un disque de secours VeraCrypt, démarrez le système d'exploitation leurre puis sélectionnez 'Système' > 'Créer un disque de secours'. - Impossible de vérifier que le disque de secours a été correctement gravé.\n\nSi vous avez gravé le disque de secours, éjectez-le et réinsérez-le CD/DVD ; puis cliquez sur Suivant pour essayer à nouveau. Si cela ne fonctionne pas, essayez avec un autre media%s.\n\nSi vous n'avez pas encore gravé le disque de secours, veuillez le faire et cliquez sur Suivant.\n\nSi vous a tenté de vérifier un disque de secours VeraCrypt créé avant de lancer cet Assistant, ce disque de secours ne peut pas être utilisé, car il a été créé pour une clé maître différente. Vous avez besoin de graver le disque de secours nouvellement généré. - et/ou autres logiciels de gravure de CD/DVD - VeraCrypt - Volumes système favoris - Quels sont les volumes systèmes préférés ? - La partition/le lecteur système ne semble pas être chiffré.\n\nLes volumes système favoris peuvent être montés en utilisant seulement un mot de passe d’authentification de pré-amorçage. Par conséquent, pour activer l’utilisation des volumes système favoris, vous devez d’abord chiffrer la partition/le lecteur système. - Démontez le volume avant de commencer - Erreur : Impossible de paramétrer l'horloge. - Vérifier le système de fichiers - Réparer le système de fichiers - Ajouter aux favoris... - Ajouter aux favoris système... - P&ropriétés... - Volume caché protégé - N/A - Oui - Non - Désactivé - 1 - 2 ou plus - Mode opératoire - Label : - Taille : - Chemin : - Unité logique : - Erreur : Le mot de passe ne doit contenir que des caractères ASCII.\n\nLes caractères non-ASCII peuvent empêcher le volume d'être montés si la configuration de votre système change.\n\nLes caractères suivants sont autorisés :\n\n! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Avertissement : Le mot de passe contient certains caractères non-ASCII. Cela peut empêcher le montage du volume si la configuration de votre système change.\n\nVous devriez remplacer les caractères non-ASCII du mot de passe par des caractères ASCII. Pour cela cliquez sur 'Volumes' -> 'Modifier le mot de passe du volume'.\n\nLes caractères ASCII sont les suivants :\n\n! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - AVERTISSEMENT : Nous recommandons fortement que vous évitiez les extensions de fichiers qui sont utilisées pour les fichiers exécutables (tels que .exe, .sys ou .dll) et d'autres extensions de fichiers de même teneur. En utilisant ces extensions de fichier, Windows et les logiciels antivirus provoquent des interférences avec le conteneur, ce qui compromet les performances du volume et peut également causer d'autres graves problems.\n\nNous recommandons fortement que vous supprimiez l'extension de fichier ou la modifiez (par exemple, à '.hc').\n\nÊtes-vous sûr que vous souhaitez utiliser cette extension de fichier ? - AVERTISSEMENT : Nous recommandons fortement que vous évitiez les extensions de fichiers qui sont utilisées pour les fichiers exécutables (tels que .exe, .sys ou .dll) et d'autres extensions de fichiers de même teneur. En utilisant ces extensions de fichier, Windows et les logiciels antivirus provoquent des interférences avec le conteneur, ce qui compromet les performances du volume et peut également causer d'autres graves problems.\n\nNous recommandons fortement que vous supprimiez l'extension de fichier ou la modifiez (par exemple, à '.hc') après avoir démonter le volume. - Site Web - AVERTISSEMENT : Il semble que vous n'avez pas appliqué de Service Pack à votre installation Windows. Vous ne devriez pas écrire sur des disques IDE plus grands que 128 Go sous Windows XP où le Service Pack 1 ou ultérieur n'est pas installé ! Si vous le faites, les données du disque (quelles qu'elles soient) peuvent être corrompues. Notez qu'il s'agit d'une limitation de Windows et non un bogue de VeraCrypt. - AVERTISSEMENT : Il semble que vous n'avez pas appliqué le Service Pack 3 ou ultérieur à votre installation Windows. Vous ne devriez pas écrire sur des disques IDE plus grands que 128 Go sous Windows 2000 où le Service Pack 3 ou ultérieur n'est pas installé ! Si vous le faites, les données du disque (quelles qu'elles soient) peuvent être corrompues. Notez qu'il s'agit d'une limitation de Windows et non un bogue de VeraCrypt.\n\nNote : Vous pouvez avoir besoin d'activer le support LBA 48 bits dans la base de registre. Pour plus d'informations, consultez http://support.microsoft.com/kb/305098/fr - AVERTISSEMENT : Le support LBA ATAPI 48 bits est désactivé sur votre système. Aussi, vous ne devriez pas pouvoir écrire sur des disques IDE plus grands que 128 Go ! Si vous le faites, les données sur le disque (que ce soit un volume VeraCrypt ou non) pourront être corrompues. Notez qu'il s'agit d'une limitation de Windows.\n\nPour activer le support LBA 48 bits, ajouter la valeur de registre 'EnableBigLba' à la clé de registre HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters et donnez lui la valeur 1.\n\nPour plus d'information, allez sur http://support.microsoft.com/kb/305098/fr - Erreur : Les fichiers plus grands que 4 Go ne peuvent pas être stockés sur un système de fichiers FAT32. De plus les volumes VeraCrypt hébergeant un fichier (conteneurs) stockés sur des système en FAT32 ne peuvent être plus grands que 4 Go.\n\nSi vous désirez un volume plus grand, créez-le sur un système NTFS (ou sur un système de fichiers exFAT si vous utilisez Windows Vista SP1 ou ultérieur) ou au lieu de créer un volume hébergeant un fichier, chiffrez donc une partition ou un périphérique entier. - AVERTISSEMENT : Windows XP ne supporte pas les fichiers supérieurs à 2048 Go (il vous signalera que "L'espace disque est insuffisant"). Par conséquent, vous ne pouvez pas créer, sous Windows XP, un fichier hébergé sur un volume VeraCrypt (conteneur) supérieur à 2048 Go.\n\nRemarque : Il est encore possible de chiffrer la totalité du disque ou de créer une partition hébergée sur un volume VeraCrypt supérieure à 2048 Go sous Windows XP. - AVERTISSEMENT : Si plus tard vous désirez ajouter plus de données/de fichiers au volume externe, vous devriez choisir une taille plus petite pour le volume caché.\n\nÊtes-vous sûr de vouloir continuer avec la taille spécifiée ? - Aucune sélection.\n\nCliquez sur 'Fichier...' ou 'Péripherique...' pour sélectionner un volume. - Aucune partition n'est sélectionnée.\n\nCliquez sur 'Périphérique...' pour choisir une partition démontée qui nécessite normalement une authentification lors du pré-amorçage (par exemple, une partition localisée sur un disque système chiffré d'un autre système d'exploitation, qui n'est pas lancé ou la partition système chiffrée d'un autre système d'exploitation).\n\nNote : La partition sélectionnée sera montée comme un volume VeraCrypt normal sans authentification lors du pré-amorçage. Cela peut être utile par exemple lors d'opérations de sauvegarde ou de réparation. - AVERTISSEMENT : Si les fichiers clés par défaut sont paramétrés et activés, les volumes qui n'utilisent pas ces fichiers clés seront impossibles à monter. N'oubliez pas de décocher 'Utiliser les fichiers clés' quand vous montez de tels volumes.\n\nÊtes-vous sûr de vouloir sauvegarder les fichiers clés/les emplacements comme par défaut ? - Montage automatique des périphériques - Tout démonter - Vider le cache - Tout démonter et vider le cache - Forcer le démontage & vider le cache - Forcer le démontage, vider le cache & quitter - Monter les volumes favoris - Afficher/cacher la fenêtre principale de VeraCrypt - (Cliquer ici et appuyer sur une touche) - Action - Raccourci - Erreur : Ce raccourci est réservé. Choisissez-en un autre. - Erreur : Raccourci déjà utilisé. - AVERTISSEMENT : Un ou plusieurs raccourcis système de VeraCrypt ne fonctionneront pas !\n\nAssurez-vous que d'autres applications et que le système d'exploitation n'utilisent pas le(s) même(s) raccourci(s) que VeraCrypt. - La création du fichier de pagination a été empêchée.\n\nEn raison de problèmes de Windows, les fichiers de pagination ne peuvent pas être situés sur des volumes VeraCrypt non-système (y compris les volumes système préférés). VeraCrypt prend en charge la création de fichiers de pagination uniquement sur un système de partition/lecteur chiffré. - Une erreur ou une incompatibilité empêche VeraCrypt de chiffrer le fichier de mise en veille prolongée. La mise en veille prolongée n'a donc pas eu lieu.\n\nNote : Quand un ordinateur passe en mode de veille prolongée (ou en veille), le contenu de sa mémoire système est écrit dans un fichier de stockage sur votre disque système. VeraCrypt ne serait pas en mesure d'empêcher les clés de chiffrement et le contenu de fichiers sensibles ouverts en RAM d'être sauvegardés non chiffrés dans le fichier de mise en veille prolongée. - L'hibernation a été empêchée.\n\nVeraCrypt ne supporte pas la mise en veille prolongée sur les systèmes d'exploitation cachés qui utilisent une partition de démarrage supplémentaires. La partition de démarrage est partagée par le leurre et le système caché. Par conséquent, afin d'éviter les fuites de données et les problèmes à la sortie de l'hibernation, VeraCrypt a empêché le système caché d'écrire sur la partition de démarrage partagée et d'hiberner. - Le volume VeraCrypt monté en tant que %c: a été démontée. - Les volumes VeraCrypt ont été démontés. - Les volumes VeraCrypt ont été démontés et le cache de mot de passe a été nettoyé. - Démonté avec succès. - AVERTISSEMENT : Si la tâche d'arrière-plan VeraCrypt est désactivée, les fonctions suivantes seront désactivées : \n\n1) Les raccourcis clavier\n2) Le démontage automatique des volumes (p. ex., sur fermeture de session, suppression du périphérique hôte involontaire, délai d'attente, etc.)\n3) Montage automatique des volumes préférés\n4) Les notifications (par exemple, les dommages empêchés pour le volume caché) \n5) L'icône de la zone de notification\n\nRemarque : vous pouvez arrêter la tâche d'arrière-plan à tout moment en double-cliquant sur l'icône VeraCrypt située dans la zone de notification et en sélectionnant "Quitter".\n\nÊtes-vous sûr de vouloir désactiver de façon permanente la tâche d'arrière-plan VeraCrypt ? - AVERTISSEMENT : Si cette option est désactivée, les volumes contenant des fichiers/des répertoires ouverts ne pourront pas être démontés automatiquement.\n\nÊtes-vous sûr de vouloir désactiver cette option ? - AVERTISSEMENT : Les volumes contenant des fichiers/des répertoires ouverts ne seront PAS démontés automatiquement.\n\nPour éviter cela, activez l'option suivante : 'Forcer le démontage automatique même s'il y a encore des fichiers ouverts' - AVERTISSEMENT : Lorsque la batterie de l'ordinateur portable est faible, Windows peut omettre d'envoyer les messages appropriés pour l'exécution d'applications lorsque l'ordinateur est entré mode économie. Par conséquent, dans un tel cas, VeraCrypt peut ne pas démonter automatiquement les volumes. - Vous avez planifié le processus de chiffrement d'une partition ou d'un volume. Le processus n'a pas encore été terminé.\n\nSouhaitez-vous reprendre le processus maintenant ? - Vous avez planifié le processus de chiffrement ou de déchiffrement pour la partition/le disque système. Le processus n'est pas encore terminé.\n\nVoulez-vous démarrer (reprendre) le processus maintenant ? - Voulez-vous être averti de la reprise des processus actuellement prévus de chiffrement de partitions/volumes non-système ? - Oui, veuillez m'avertir. - Non, ne m'avertissez pas. - IMPORTANT : N'oubliez pas que vous pouvez reprendre le processus de chiffrement de partition/volume non-système en sélectionnant « Volumes » > « Reprendre le processus interrompu » de la barre de menus de la fenêtre principale de VeraCrypt. - Vous avez planifié le processus de chiffrement ou de déchiffrement de la partition/du disque système. Cependant l'authentification lors du pré-amorçage a échoué (ou a été contournée).\n\nSi vous avez déchiffré la partition/le disque système dans l'environnement de pré-amorçage, vous aurez peut-être à finaliser le processus en sélectionnant 'Système' > 'Déchiffrer définitivement la partition/le disque système' depuis le menu de la fenêtre principale de VeraCrypt. - AVERTISSEMENT : Si vous quittez maintenant VeraCrypt, les fonctions suivantes seront désactivées : \n\n1) Les raccourcis clavier\n2) Le démontage automatique des volumes (p. ex., sur fermeture de session, suppression du périphérique hôte involontaire, délai d'attente, etc.)\n3) Montage automatique des volumes préférés\n4) Les notifications (par exemple, les dommages empêchés pour le volume caché) \n5) L'icône de la zone de notification\n\nRemarque : Si vous ne souhaitez pas que VeraCrypt s'exécute en arrière-plan, désactivez la tâche d'arrière-plan VeraCrypt dans les préférences (et, si nécessaire, désactivez le démarrage automatique de VeraCrypt dans les préférences).\n\nÊtes-vous sûr de vouloir quitter VeraCrypt ? - Quitter ? - VeraCrypt n'a pas assez d'information pour déterminer s'il faut chiffrer ou déchiffrer. - VeraCrypt n'a pas assez d'information pour déterminer s'il faut chiffrer ou déchiffrer.\n\nNote : Si vous avez déchiffré la partition/le disque système dans l'environnement de pré-amorçage, vous aurez peut-être à finaliser le processus en cliquant 'Déchiffrer'. - REMARQUE: Lorsque vous chiffrez 'sur place' une partition ou un volume non système et qu'une erreur vous empêche de façon persistante de terminer le processus, alors vous ne serez pas en mesure de monter le volume (et d'accéder aux données stockées dedans) jusqu'à ce que vous décryptiez le volume entièrement (c'est à dire inverser le processus).\n\nSi vous avez besoin de le faire, procédez comme suit:\n1) quitter l'assistant.\n2) Dans la fenêtre principale VeraCrypt, sélectionnez 'volumes'>'Reprendre un processus interrompu'.\n3) Sélectionnez 'Déchiffrer'. - Vous souhaitez interrompre et reporter le processus de chiffrement de la partition ou du volume? \n\nRemarque : N'oubliez pas que le volume ne peut pas être monté jusqu'à ce qu'il ait été entièrement chiffré. Vous pourrez reprendre le processus de chiffrement et au point où il s'est arrêté. Vous pouvez le faire, par exemple, en sélectionnant « Volumes » > « Reprendre le rocessus interrompu » de la barre de menus de la fenêtre principale de VeraCrypt. - Voulez-vous interrompre et repousser le processus de chiffrement de la partition/du disque système ?\n\nNote : Vous pourrez reprendre le processus et il continuera à partir de l'endroit où il s'est arrêté. Vous pouvez le faire en sélectionnant 'Système' > 'Reprendre le processus interrompu' depuis les menus de la fenêtre principale de VeraCrypt. Si vous désirez arrêter totalement le processus de chiffrement ou l'inverser, sélectionnez 'Système' > 'Déchiffrer définitivement la partition/le disque système'. - Voulez-vous interrompre et repousser le processus de déchiffrement de la partition/du disque système?\n\nNote : Vous pourrez reprendre le processus et il continuera à partir de l'endroit où il s'est arrêté. Vous pouvez le faire en sélectionnant 'Système' > 'Reprendre le processus interrompu' depuis les menus de la fenêtre principale de VeraCrypt. Si vous désirez arrêter totalement le processus de déchiffrement (et démarrer le chiffrement), sélectionnez 'Système' > 'Chiffrer la partition/le disque système'. - Erreur : L'interruption du processus de chiffrement/déchiffrement de la partition/du disque système a échoué. - Erreur: Impossible d'interrompre le processus de nettoyage. - Erreur : La reprise du processus de chiffrement/déchiffrement de la partition/du disque système a échoué. - Erreur: Impossible de démarrer le processus de nettoyage. - Incohérence résolue.\n\n\n(Si vous avez rapporté un bogue en rapport avec cette incohérence, n'oubliez pas d'inclure les informations techniques suivantes dans le rapport de bogue : %hs) - Erreur : État inattendu.\n\n\n (si vous signalez un bogue à cet effet, veuillez inclure les informations techniques suivantes dans le raport :\n%hs) - Il n'y a aucun processus de chiffrement/déchiffrement de la partition ou disque système qui peut être repris.\n\nRemarque: Si vous voulez reprendre un processus interrompu de chiffrement/déchiffrement d'une partition ou volume non système, sélectionnez 'Volumes'>'Reprendre un processus interrompu'. - AVERTISSEMENT : La tâche de fond VeraCrypt est désactivée. Après avoir quitté VeraCrypt, vous ne serez pas notifié si des dommages sur le volume caché sont évités.\n\nNote : Vous pouvez fermer la tâche de fond à tout moment en cliquant droit sur l'icône VeraCrypt et en sélectionnant 'Quitter'.\n\nActiver la tâche de fond VeraCrypt ? - Version du fichier de langue : %s - Vérification du système de fichiers sur le volume VeraCrypt monté sous %s... - Tentative de réparation du système de fichiers sur le volume VeraCrypt monté sous %s... - AVERTISSEMENT : Ce volume est chiffré avec un algorithme de chiffrement ayant un bloc de 64 bits.\n\nDe tels algorithmes (Blowfish, CAST-128 et Triple DES) sont progressivement abandonnés. Il sera possible de monter ce volume en utilisant la version 5.0 et ultérieure de VeraCrypt. Cependant il n'y aura plus d'améliorations concernant l'implémentation de ces algorithmes. Il est recommandé de créer un nouveau volume VeraCrypt chiffré avec un algorithme de chiffrement ayant un bloc de 128 bits (ex : AES, Serpent, Twofish, etc.) et d'y déplacer tous les fichiers de l'ancien volume. - Votre système n'est pas configuré pour monter automatiquement de nouveaux volumes. Il est impossible de monter des volumes hébergeant un périphérique. Le montage automatique peut être activé en exécutant la commande suivante suivie d'un redémarrage système.\n\nmountvol.exe /E - Assignez une lettre de lecteur au périphérique/à la partition avant de poursuivre.\n\nNotez qu'il s'agit d'une exigence du système d'exploitation. - Monter un volume VeraCrypt - Démonter tous les volumes VeraCrypt - VeraCrypt n'a pas pû obtenir les privilèges d'administrateur. - Accès refusé par le système d'exploitation.\n\nCause possible : Le système d'exploitation nécessite que vous ayez la permission en lecture/écriture (ou des privilèges d'administrateur) pour certains dossiers, fichiers et périphériques pour être autorisé à y lire/écrire des données. Normalement un utilisateur sans privilèges d'administrateur est autorisé à créer, lire et modifier les fichiers de son dossier Mes Documents. - Erreur : Le lecteur utilise une taille de secteur non prise en charge.\n\nIl n'est actuellement pas possible de créer de volumes de partition/périphérique-hébergé sur des lecteurs qui utilisent des secteurs de taille supérieure à 4096 octets. Toutefois, vous pouvez créer des volumes de fichiers hébergés (conteneurs) sur ces disques. - Il n'est actuellement pas possible de chiffrer un système installé sur un disque qui utilise une taille de secteur différente de 512 octets. - Le chargeur d'amorçage de VeraCrypt nécessite au moins 32 Ko d'espace libre au début du disque système (il doit être stocké dans cette zone). Malheureusement votre disque ne rempli pas cette condition.\n\n Ne rapportez PAS ceci comme un bogue/un problème dans VeraCrypt. Pour résoudre ce problème vous devez repartitioner votre disque et laisser les 32 premiers kilooctets du disque libres (dans la plupart des cas, vous devrez supprimer et recréer la première partition). Il est recommandé d'utiliser le gestionnaire de partition de Microsoft qui est disponible quand vous installez Windows. - Cette fonction n'est pas supportée par la version du système d'exploitation que vous utilisez. - VeraCrypt ne supporte pas le chiffrement d'une partition/du disque système avec la version du système d'exploitation que vous utilisez actuellement. - Avant de chiffrer la partition/lecteur système sur Windows Vista, vous devez installer le Service Pack 1 ou supérieur pour Windows Vista (ce Service Pack n'a pas encore été installé sur ce système).\n\nRemarque : Le Service Pack 1 pour Windows Vista résoud un problème causant un manque de mémoire lors du démarrage du système. - VeraCrypt ne prend plus en charge le chiffrement du lecteur/partition système sous Windows Vista sans Service Pack installé. Avant la mise à niveau de VeraCrypt, installez le Service Pack 1 ou supérieur pour Windows Vista. - Erreur : cette fonctionnalité nécessite que VeraCrypt soit installé sur le système (VeraCrypt fonctionne actuellement en mode portable).\n\nVeuillez installer VeraCrypt et réessayer. - ATTENTION : Windows ne semble pas être installé sur le lecteur à aprtir duquel il démarre. Ceci n'est pas supporté.\n\nVous devriez continuer uniquement si vous êtes sûr que Windows est installé sur le disque à partir duquel il démarre.\n\nVoulez-vous continuer ? - Votre disque système possède un GUID de table de partition (GPT). Actuellement seuls les disques avec un MBR sont supportés. - ATTENTION : Le chargeur d'amorçage de VeraCrypt est déjà installé sur votre disque système !\n\nIl est possible qu'un autre système sur votre ordinateur soit déjà chiffré.\n\nAVERTISSEMENT : PROCÉDER AU CHIFFREMENT DU SYSTÈME ACTUELLEMENT EN FONCTIONNEMENT PEUT RENDRE LES AUTRES SYSTÈMES IMPOSSIBLES À DÉMARRER ET LES DONNÉES RELATIVES INACCESSIBLES.\n\nÊtes-vous sûr de vouloir continuer ? - Impossible de restaurer le chargeur d'amorçage système original.\n\nVeuillez utiliser le disque de secours VeraCrypt ("Options de réparation" > « Restaurer le chargeur d'amorçage du système original ») ou le support d'installation de Windows pour remplacer le chargeur d'amorçage de VeraCrypt avec le chargeur du système Windows. - Le chargeur de système d'origine ne sera pas stocké sur le disque de secours (cause probable : fichier de sauvegarde manquant). - Impossible d'écrire sur le secteur du MBR.\n\nVotre BIOS peut être configuré pour protéger le secteur du MBR. Rechercher dans les paramètres du BIOS (appuyez sur F2, ou Suppr ou Echap après la mise en route de votre ordinateur) une protection antivirale ou une protection du MBR. - AVERTISSEMENT: La vérification de l'empreinte du chargeur d'amorçage de VeraCrypt a échoué!\nVotre disk a peut avoir été altéré par un attaquant (attaque "Evil Maid")\n\nCet avertissement peut également être déclenchée si vous avez restauré le chargeur d'amorçage de VeraCrypt en utilisant un disque de secours généré à l'aide une version différente de VeraCrypt.\n\nIl est recommandé de changer votre mot de passe immédiatement, ce qui permettra également d'installer la bonne version du chargeur d'amorçage de VeraCrypt. Par mesure de sécurité, vous devriez aussi réinstaller VeraCrypt et prendre les mesures nécessaires pour protéger votre machine contre les accès non autorisés. - La version requise du chargeur d'amorçage de VeraCrypt n'est actuellement pas installée. Cela peut empêcher certains paramètres d'être sauvegardés. - Note : Dans certaines situations, il se peut que vous vouliez pouvoir empêcher une personne (adversaire) qui vous regarde démarrer l’ordinateur de savoir que vous utilisez VeraCrypt. L’option ci-dessus vous permet cela en personnalisant l’écran du chargeur d’amorçage. Si vous cochez la première option, aucun texte ne sera affiché par le chargeur d’amorçage (même quand vous entrez le mauvais mot de passe). L’ordinateur apparaîtra comme "figé" pendant que vous pourrez taper votre mot de passe. De plus, un message personnalisé peut être affiché pour induire en erreur l’adversaire. Par exemple, un faux message d’erreur tel que "Missing operating system" (qui est normalement affiché par le chargeur d’amorçage Windows s’il ne trouve pas de partition d’amorçage Windows). Il est cependant important de noter que si l’adversaire peut analyser le contenu du disque dur, il peut découvrir que celui-ci contient le chargeur d’amorçage VeraCrypt. - AVERTISSEMENT : Gardez à l'esprit que si vous activez cette option, le chargeur d'amorçage de VeraCrypt n'affichera pas les textes (même pas lorsque vous entrerez un mauvais mot de passe). L'ordinateur apparaitra comme figé (sans réponse), alors que vous pouvez taper votre mot de passe (la curseur ne se déplacera pas et aucun astérisque s'affichera lorsque vous appuyerez sur une touche).\n\nÊtes-vous sûr que vous souhaitez activer cette option ? - Votre partition/disque système apparait être totalement chiffré. - VeraCrypt ne supporte pas le chiffrement d'un disque système qui a été converti en disque dynamique. - Le lecteur système contient des partitions étendues (partitions logiques).\n\n Vous pouvez chiffrer entièrement un disque système contenant des partitions étendues uniquement sur Windows Vista et des versions ultérieures de Windows. Sur Windows XP, vous pouvez chiffrer entièrement un disque système à condition qu'il contienne uniquement des partitions primaires.\n\nRemarque : Vous pouvez toujours chiffrer la partition système au lieu du lecteur système entier (et, en plus de cela, vous pouvez créer des volumes VeraCrypt de partitions hébergées au sein de toutes les partitions non-système sur le disque). - AVERTISSEMENT : Comme vous exécutez Windows XP/2003, après avoir démarré le chiffrement du lecteur, vous ne devez pas créer de partitions étendues (partitions logiques) sur ce dernier (vous pouvez créer uniquement des partitions primaires). Toute partition étendue sur le disque sera inaccessible après le démarrage du chiffrement (le disque actuel ne contient pas de telles partition).\n\nRemarque : Si cette limitation n'est pas acceptable, vous pouvez revenir en arrière et choisir de chiffrer seulement la partition système au lieu de la totalité du disque (et, en plus de cela, vous pouvez créer des volumes VeraCrypt de partitions hébergées au sein de toutes les partitions non-système sur le lecteur).\n\nD'autre part, si cette limitation n'est pas acceptable, vous pouvez mettre à niveau le système d'exploitation vers Windows Vista ou une version ultérieure de Windows (vous pouvez chiffrer entièrement un disque système contenant des partitions étendues/logiques uniquement sur Windows Vista ou version ultérieure). - Votre lecteur système contient une partition non standard.\n\nSi vous utilisez un ordinateur portable, votre lecteur système contient probablement une partition spéciale de récupération. Après que l'ensemble du disque système est chiffré (y compris toute partition de récupération), votre système pourrait ne plus démarrer si votre ordinateur utilise un BIOS mal conçu. Il sera également impossible d'utiliser une partition de récupération jusqu'à ce que le lecteur système soit déchiffré. Par conséquent, nous recommandons que vous chiffriez uniquement la partition système. - Voulez-vous chiffrer la partition système au lieu de l'intégralité du disque ?\n\nNotez que vous pouvez créer des volumes VeraCrypt hébergeant une partition dans des partitions non-système du disque (en plus du chiffrement de la partition système). - Comme votre disque système ne contient qu'une seule partition qui occupe tout le disque, il est préférable (plus sécurisé) de chiffrer l'intégralité du disque y compris l'espace libre qui entoure typiquement une telle partition.\n\nVoulez-vous chiffrer l'intégralité du disque système ? - Votre système est configuré pour stocker les fichiers temporaires sur une partition non système.\n\nLes fichiers temporaires ne peuvent être stockés que sur la partition système. - Vos fichiers de profil utilisateur ne sont pas stockés sur la partition système.\n\nLes fichiers de profil utilisateur ne peuvent être stockés que sur la partition système. - Il existe un/des fichier(s) de pagination sur une/des partition(s) non-système.\n\nLes fichiers de pagination ne peuvent figurer que sur la partition système. - Voulez-vous configurer Windows pour créer des fichiers de pagination uniquement sur la partition Windows ?\n\nSi vous cliquez sur « Oui », l'ordinateur sera redémarré. Alors lancez VeraCrypt et essayez à nouveau de créer le système d'exploitation caché. - Dans le cas contraire, le déni plausible du système d'exploitation caché pourrait être défavorablement affecté.\n\nRemarque : Si une personne analyse le contenu de ces fichiers (résidant sur une partition non système), elle peut savoir que vous avez utilisé l'assistant en mode création système-caché (ce qui pourrait indiquer l'existence d'un système d'exploitation caché sur votre ordinateur). Notez également que tout ces fichiers stockés sur la partition système seront effacés de manière sécurisée par VeraCrypt au cours du processus de création du système d'exploitation caché. - AVERTISSEMENT : Pendant le processus de création du système d'exploitation caché, vous devrez réinstaller complètement le système en cours d'exécution (afin de créer un leurre système en toute sécurité).\n\nRemarque : Le système d'exploitation actuel et l'ensemble du contenu de la partition système seront copiés sur le volume caché (afin de créer le système caché).\n\n\nÊtes-vous sûr que vous serez en mesure d'installer Windows à l'aide d'un support d'installation de Windows (ou une partition) ? - Pour des raisons de sécurité, si le système d'exploitation en cours d'exécution exige d'être activé, ce doit être fait avant de continuer. Notez que le système d'exploitation caché sera créé en copiant le contenu de la partition système sur un volume caché (donc si ce système d'exploitation n'est pas activé, le système d'exploitation caché ne sera pas activé non plus).\n\nImportant : Pour plus d'informations et avant de continuer, consultez la section « Exigences et précautions de sécurité se rapportant aux volumes cachés » dans le manuel de l'utilisateur de VeraCrypt.\n\n\nLe système d'exploitation en cours d'exécution répond-il à la condition ci-dessus ? - Votre système utilise une partition de démarrage supplémentaires. VeraCrypt ne supporte pas la mise en veille prolongée sur les systèmes d'exploitation cachés qui utilisent une partition de démarrage supplémentaire (Les systèmes leurre peuvent être mis en veille prolongées sans aucun problème).\n\nLa partition de démarrage sera partagée par le leurre et le système caché. Donc, afin d'éviter les fuites de données et les problèmes de reprise après hibernation, VeraCrypt doit empêcher le système caché d'écrire sur la partition de démarrage partagée et de l'hibernation.\n\n\nVoulez-vous continuer ? Si vous sélectionnez « Non », les instructions pour la suppression de la partition de démarrage supplémentaires seront affichées. - \nLa partition de démarrage supplémentaires peut être retirée avant l'installation de Windows. Pour ce faire, suivez ces étapes : \n\n1) Démarrer sur le disque d'installation de Windows.\n\n2) Sur l'écran d'installation de Windows, cliquez sur "Installer maintenant" > "personnalisé (avancée)".\n\n3) Cliquez sur "Options du lecteur".\n\n4) Sélectionnez la partition système principale et supprimez-la en cliquant sur "Supprimer" et "OK".\n\n5) Sélectionnez la partition "Réservé au système", cliquez sur "Étendre" et augmentez sa taille afin que le système d'exploitation puisse être installé dessus. \n\n6) Cliquez sur "Appliquer" et "OK".\n\n7) Installez Windows sur la partition « Réservé au système ».\n\n\nSi une personne demande pourquoi vous avez supprimez la partition de démarrage supplémentaire, vous pouvez répondre que vous vouliez éviter toutes fuites de données possibles à partir de la partition de démarrage non chiffrée.\n\nRemarque : Vous pouvez imprimer ce texte en cliquant sur le bouton « Imprimer » ci-dessous. Si vous enregistrez une copie de ce texte ou l'imprimer (fortement recommandé, à moins que votre imprimante stocke des copies des documents imprimés sur son disque interne), vous devriez détruire toute copie de celui-ci après la suppression de la partition de démarrage supplémentaire (dans le cas contraire, si une telle copie est trouvée, cela peut indiquer qu'il y a un système d'exploitation caché sur cet ordinateur). - Avertissement : Il existe un espace non alloué entre la partition système et la première partition après celle-ci. Après la création du système d'exploitation caché, vous ne devez pas créer de nouvelles partitions dans cet espace non alloué. Dans le cas contraire, le système d'exploitation caché serait impossible à amorcer (jusqu'à la suppression des nouvelles partitions créées). - Cet algorithme n'est pas encore supporté pour le chiffrement système. - Cet algorithme n'est pas supporté pour le mode TrueCrypt. - Le PIM n'est pas supporté pour le mode TrueCrypt. - Mot de passe doit contenir au moins 20 caractères pour pouvoir utiliser cette valeur de PIM.\nLes mots de passe plus courts ne peuvent être utilisés que si la PIM est égal à 485 ou supérieur. - Le mot de passe de pré-amorçage doit contenir au moins 20 caractères pour pouvoir utiliser cette valeur de PIM.\nLes mots de passe plus courts ne peuvent être utilisés que si la PIM est égal à 98 ou supérieur. - Les fichiers clés ne sont actuellement pas pris en charge pour le chiffrement du système. - Avertissement : VeraCrypt n'a pas pu restaurer la disposition originale du clavier. Cela peut vous faire saisir votre mot de passe de manière erronée . - Erreur : Impossible de paramétrer la disposition du clavier pour VeraCrypt en clavier Américain standard.\n\nNotez que le mot de passe doit être saisi dans un environnement de pré-amorçage (avant que Windows ne démarre) où seul le clavier américain est disponible. Aussi le mot de passe doit toujours être saisi en utilisant la disposition du clavier américain. - Comme VeraCrypt a temporairement changé la disposition du clavier en clavier Américain, il n'est pas possible de taper des caractères tant que la touche droite ALT est maintenue enfoncée. Cependant vous pouvez saisir la plupart de ces caractères en appuyant la touche appropriée tandis que la touche Maj est maintenue enfoncée. - VeraCrypt a empêché la modification de la disposition du clavier. - Note : Le mot de passe devra être saisi dans l'environnement de pré-amorçage (avant le démarrage de windows) où les dispositions de clavier non-américain ne sont pas disponibles. Aussi, le mot de passe doit toujours être saisi en utilisant la disposition du clavier Américain. Mais il est important de noter qu'il n'est PAS nécessaire de posséder un vrai clavier américain. VeraCrypt assure automatiquement que vous pouvez saisir en toute sécurité votre mot de passe (maintenant et dans l'environnement de pré-amorçage) même si vous ne possédez pas un vrai clavier américain. - Avant de pouvoir chiffrer la partition/disque, vous devez créer un disque de sauvegarde VeraCrypt (VRD), dont les buts sont :\n\n- Si le chargeur de démarrage de VeraCrypt, la clé principale ou d'autres données critiques sont endommagées, le VRD permet de les restaurer (remarquez que vous devrez toujours entrer le mot de passe correct).\n\n- Si Windows est endommagé et ne peut pas démarrer, VRD vous permet toujours de déchiffrer la partition/disque avant le démarrage de Windows.\n\n- Le VRD contiendra une sauvegarde du contenu actuel de la première plage du disque (qui contient en général un chargeur de système ou le gestionnaire de démarrage) et vous permettra de le restaurer si necessaire.\n\n L'image ISO du disque de récupération VeraCrypt sera créée à l'emplacement spécifié ci-dessous. - Après avoir cliqué sur OK, le logiciel de gravage d'image Microsoft sera lancé. Utilisez-le pour graver l'image ISO du disque de récupération VeraCrypt sur un CD ou un DVD.\n\nAprès cela, revenez à l'assistant de création de volumes VeraCrypt et suivez les instructions. - L'image de la disque de secours a été créée et stockée dans le fichier : \n%s\n\nMainteant vous avez besoin de le graver sur un CD ou un DVD.\n\n%lsAprès l'avoir gravé, cliquez sur suivant pour vérifier qu'il a été gravé correctement. - L'image de la disque de secours a été créée et stockée dans le fichier : \n%s\n\nVous devriez maintenant graver l'image sur un CD/DVD ou la déplacer vers un emplacement sécurisé pour une utilisation ultérieure.\n\n%lsCliquez sur "Suivant" pour continuer. - IMPORTANT : Le fichier doit être écrit sur le CD/DVD sous forme d'image ISO (pas dans un fichier individuel). Pour plus d'informations sur la façon de le faire, veuillez vous reporter à la documentation de votre logiciel de gravure de CD/DVD. Si vous n'avez pas de logiciel de gravure de CD/DVD cliquez sur le lien ci-dessous pour télécharger un logiciel gratuit.\n\n - Lancez le logiciel de gravure d'image disque de Microsoft - AVERTISSEMENT : Si vous avez déjà créé un disque de secours VeraCrypt dans le passé, il ne peut pas être utilisé à nouveau pour cette partition/ce disque système car il a été créé pour une clé principale différente ! Chaque fois que vous chiffrez une partition/un disque système, vous devez créer un disque de secours VeraCrypt même si vous utilisez le même mot de passe. - Erreur : Impossible de sauvegarder les paramètres de chiffrement système. - Impossible d'initialiser le pré-test du chiffrement système. - Impossible d'initier le processus de création du système d'exploitation caché. - Mode de nettoyage - Sur certains types de supports de stockage, lorsque les données sont écrasées avec d'autres données, il peut être possible de récupérer les données écrasées à l'aide de techniques telles que la microscopie à force de résonnance magnétique. Cela vaut également pour les données qui sont remplacées par leur forme chiffrée (ce qui arrive quand VeraCrypt chiffre initiallement un lecteur ou une partition non chiffré). Selon des études et des publications gouvernementales, la récupération de données écrasées peut être empêchée (ou rendue très difficile) en écrasant un certain nombre de fois les données, avec des données générées aléatoirement et certaines données générées non aléatoirement. Donc, si vous croyez qu'une personne pourrait être en mesure d'utiliser ces techniques pour récupérer les données que vous avez l'intention de chiffrer, vous pouvez sélectionner un des modes de nettoyage (les données existantes ne seront pas perdues). Notez que le nettoyage ne sera pas effectuée après le chiffrement de la partition/lecteur. Lorsque la partition/disque est entièrement chiffrée, aucune donnée non chiffrée n'est stockée dessus. Les données écrites sont tout d'abord chiffrées à la volée en mémoire et sont alors seulement écrites sur le disque. - Sur certains types de supports de stockage, lorsque les données sont écrasées avec d'autres données, il peut être possible de récupérer les données écrasées à l'aide de techniques telles que la microscopie à force de résonnance magnétique. Selon des études et des publications gouvernementales, la récupération de données écrasées peut être empêchée (ou rendue très difficile) en écrasant un certain nombre de fois les données, avec des données générées aléatoirement et certaines données générées non aléatoirement. Par conséquent, si vous pensez qu'une personne pourrait être en mesure d'utiliser ces techniques pour récupérer les données devant être effacées, vous pouvez sélectionner l'un des modes de nettoyage multipasses.\n\nRemarque : Plus il y a de passes et plus il faudra de temps pour effacer les données. - Nettoyage - \nRemarque : Vous pouvez interrompre le processus de nettoyage, arrêter l'ordinateur, relancer le système caché et puis reprendre le processus (cet Assistant sera lancé automatiquement). Toutefois, si vous l'interrompez, l'ensemble du processus de nettoyage devra recommencer depuis le début. - \n\nRemarque : Si vous interrompez le processus de nettoyage et puis essayez de le reprendre, l'ensemble du processus devra recommencer depuis le début. - Voulez-vous annuler le processus de nettoyage ? - Avertissement : Tout le contenu du lecteur/partition sélectionné sera effacé et perdu. - Tout le contenu de la partition hébergeant le système d'origine sera effacé.\n\nRemarque : Tout le contenu de la partition qui doit être effacé a été copié sur cette partition système cachée. - AVERTISSEMENT : Notez que lorsque vous choisissez par exemple le mode de nettoyage de 3 passes, le temps nécessaire pour chiffrer la partition/disque sera jusqu'à 4 fois plus long. De même, si vous choisissez le mode de nettoyage de 35 passes, cela durera jusqu'à 36 fois plus longtemps (cela pourrait même prendre plusieurs semaines).\n\nCependant, notez que le nettoyage ne sera pas effectué après que la partition/disque soit entièrement chiffré. Lorsque la partition/disque est entièrement chiffré, aucune donnée non chiffrée n'est stockée dessus. Toutes les données en cours d'écriture sont tout d'abord chiffrées à la volée en mémoire et sont alors seulement écrites sur le disque (donc la performance ne sera pas affectée).\n\nÊtes-vous sûr que vous souhaitez utiliser le mode de nettoyage ? - Aucun (le plus rapide) - 1 passage (données aléatoires) - 3 passages (US DoD 5220.22-M) - 7 passages (US DoD 5220.22-M) - 35 passages ("Gutmann") - 256 passages - Nombre de système d'exploitation - AVERTISSEMENT : Les utilisateurs novices ne devraient pas essayer de chiffrer Windows dans des configurations à amorçages multiples.\n\nContinuer ? - Lors de la création et l'utilisation d'un système d'exploitation caché, VeraCrypt prend en charge les configurations multi-boot uniquement lorsque les conditions suivantes sont réunies :\n\n- Le système d'exploitation en cours d'exécution doit être installé sur le lecteur d'amorçage, qui ne doit contenir aucun autre système d'exploitation.\n\n- Les systèmes d'exploitation installés sur d'autres lecteurs ne doivent pas utiliser les chargeurs de démarrage résidant sur le lecteur sur lequel le système d'exploitation en cours d'exécution est installé.\n\nEst-ce que les conditions ci-dessus remplies ? - VeraCrypt ne supporte pas cette configuration multi-bootlors de la création/utilisation d'un système d'exploitation caché. - Disque d'amorçage - Le système d'exploitation en cours est-il installé sur le disque d'amorçage.\n\nNote : Parfois Windows n'est pas installé sur le même disque que le chargeur d'amorçage de Windows (partition d'amorçage). Si c'est le cas cliquez sur 'Non'. - VeraCrypt ne supporte pas encore le chiffrement d'un système d'exploitation qui ne démarre pas depuis le disque sur lequel il est installé. - Nombre de disques système - Combien de disques contiennent un système d'exploitation ?\n\nNote : Par exemple si vous avez un système d'exploitation (ex : Windows, Mac OS X, Linux; etc.) installé sur votre disque principal et un autre installé sur un disque secondaire, alors sélectionnez '2 ou plus'. - VeraCrypt ne supporte pas encore le chiffrement de la totalité d'un disque qui contient plusieurs systèmes d'exploitation.\n\nSolutions possibles :\n\n- Vous pouvez toujours chiffrer l'un des systèmes si vous revenez en arrière et que vous choisissez de ne chiffrer qu'une partition système (au lieu de choisir de chiffrer l'intégralité du disque système).\n\n- Alternativement vous pourrez chiffrer la totalité du disque si vous déplacez certains systèmes sur d'autres disques pour ne laisser qu'un seul système sur le disque que vous voulez chiffrer. - Systèmes multiples sur un seul disque - Y a-t-il d'autres systèmes d'exploitation installés sur le disque sur lequel est installé le système d'exploitation actuel ?\n\nNote : Par exemple, si le système d'exploitation en cours est installé sur le disque #0, qui contient plusieurs partitions, et si l'une d'elles contient Windows et qu'une autre contient un autre système d'exploitation (ex : Windows, Mac OS X, Linux, etc.), sélectionnez 'Oui'. - Chargeur d'amorçage non-Windows - Un chargeur d'amorçage (ou un gestionnaire d'amorçage) non-Windows est-il installé dans le MBR ?\n\nNote : Par exemple si la première piste du disque de démarrage contient GRUB, LILO, XOSL ou un autre gestionnaire d'amorçage (ou chargeur d'amorçage non-Windows), sélectionnez 'Oui'. - Amorçage multiple - VeraCrypt ne supporte pas encore les configurations à amorçage multiple où un chargeur d'amorçage non-Windows est installé dans le MBR.\n\nSolutions possibles :\n\n- Si vous utilisez un gestionnaire d'amorçage pour démarrer Windows et Linux, déplacez le gestionnaire d'amorçage (généralement, GRUB) du MBR vers une partition. Puis démarrer à nouveau l'assistant et chiffrez la partition/le disque système. Notez que le chargeur d'amorçage de VeraCrypt deviendra votre gestionnaire d'amorçage principal et qu'il vous permettra de lancer le gestionnaire d'amorçage d'origine (ex : GRUB) comme second gestionnaire d'amorçage (en appuyant sur le touche Echap lors de l'écran du chargeur d'amorçage de VeraCrypt) et ainsi vous pourrez charger Linux. - Si le système d'exploitation en cours est installé sur la partition d'amorçage, alors après l'avoir chiffrée, vous devrez saisir le bon mot de passe même si vous désirez lancer l(es) autre(s) système(s) Windows non-chiffré(s).\n\nSi le système d'exploitation en cours n'est pas installé sur la partition d'amorçage de Windows (ou si le gestionnaire/chargeur d'amorçage de Windows n'est utilisé par aucun autre système), alors après avoir chiffré ce système, vous n'aurez pas à saisir de mot de passe pour lancer le(s) système(s) non-chiffré(s) -- Vous n'aurez qu'à appuyer sur la touche Echap pour lancer le système non-chiffré (s'il y a plusieurs systèmes non-chiffrés, vous devrez aussi choisir lequel lancer dans le menu du gestionnaire d'amorçage de VeraCrypt).\n\nNote : Typiquement, le système d'exploitation installé en premier l'est sur la partition d'amorçage. - Chiffrement de la zone protégée hôte (Host Protected Area) - A la fin de nombreux disques, il y a une zone qui est normalement cachée du système d'exploitation (de telles zones sont généralement appelées 'Zones protégées hôtes' - Host Protected Area). Cependant certains programmes peuvent lire et écrire des données dans ces zones.\n\nAVERTISSEMENT : Certains constructeurs d'ordinateurs peuvent utiliser à dessein ces zones pour y stocker des outils et des données pour le RAID, des outils de récupération système, des outils de diagnostic, etc. Si de tels outils ou si des données doivent être accessibles avant l'amorçage, la zone cachée ne doit PAS être chiffrée (choisir 'Non' ci-dessus).\n\nVoulez-vous que VeraCrypt détecte et chiffre un telle zone cachée (si elle existe) à la fin de votre disque système ? - Type du chiffrement du système - Choisir cette option si vous voulez simplement chiffrer la partition système ou l'intégralité du disque système. - Il peut arriver que vous êtes obligé par quelqu'un de déchiffrer le système d'exploitation. Il y a beaucoup de situations où vous ne pouvez pas refuser de le faire (par exemple, en raison de l'extorsion). Si vous sélectionnez cette option, vous allez créer un système d'exploitation caché dont l'existence sera impossible à prouver (à condition que certaines consignes soient suivies). Ainsi, vous n'aurez pas à déchiffrer ou révéler le mot de passe pour le système d'exploitation caché. Pour une explication détaillée, cliquez sur le lien ci-dessous. - Il peut arriver que vous êtes obligé par quelqu'un de déchiffrer le système d'exploitation. Il y a beaucoup de situations où vous ne pouvez pas refuser de le faire (par exemple, en raison de l'extorsion).\n\nEn utilisant cet assistant vous pouvez créer un système d'exploitation caché dont l'existence sera impossible à prouver (à condition que certaines consignes soient suivies). Ainsi, vous n'aurez pas à déchiffrer ou révéler le mot de passe pour le système d'exploitation caché. - Système d'exploitation caché - Dans les étapes suivantes, vous allez créer deux volumes VeraCrypt (extérieur et caché), à l'intérieure de la première partition derrière la partition système. Le volume caché contient le système d'exploitation caché (OS). VeraCrypt créera les OS cachés en copiant le contenu de la partition système (où le système d'exploitation en cours d'exécution est installé) dan le volume caché. Pour le volume extérieur, vous allez copier certains fichiers sensibles que vous ne voulez pas cacher. Ils seront là pour tous ceux qui vous obligeraient à divulguer le mot de passe de la partition cachée du système d'exploitation. Vous pouvez révéler le mot de passe pour le volume externe au sein de la partition cachée du système d'exploitation (l'existence du système d'exploitation cachée reste secrète).\n\nEnfin, sur la partition système du système d'exploitation en cours d'exécution, vous installer un nouvel OS, ce que l'on appelle un OS leurre et le chiffrer. Il ne doit pas contenir de données sensibles et sera là pour tous ceux qui vous oblige à révéler votre mot de passe d'authentification de pré-amorçage. Au total, il y aura trois mots de passe. Deux d'entre eux peuvent être divulgués (pour l'OS leurre et le volume extérieur). Si vous utilisez le troisième, le système d'exploitation caché va démarrer. - Détection des secteurs cachés - Patientez pendant que VeraCrypt vérifie la présence de secteurs cachés à la fin du disque système. Notez que cela peut prendre un certain temps.\n\nNote : Dans de rares cas, le système peut ne plus répondre durant ce processus de détection. Si cela se produit, redémarrez votre ordinateur, lancez VeraCrypt et essayez à nouveau. VeraCrypt vous demandera automatiquement si vous voulez éviter cette phase de détection. Notez que ce problème n'est pas causé par un bogue de VeraCrypt. - Zone à chiffrer - Sélectionnez cette option si vous souhaitez chiffrer la totalité du disque sur lequel est installé le système d'exploitation Windows en cours d'exécution. Le disque entier, y compris toutes ses partitions, est chiffré sauf la première piste où résidera le chargeur de démarrage VeraCrypt. Toute personne souhaitant accéder à un système installé sur le disque, ou des fichiers stockés sur le disque, devra entrer à chaque fois le mot de passe avant que le système démarre. Cette option ne peut pas être utilisée pour chiffrer un disque secondaire ou externe si Windows n'est pas installé et ne démarre pas dessus. - Collecte de données aléatoires - Clés générées - VeraCrypt n'a trouvé aucun graveur de CD/DVD connecté à votre ordinateur. VeraCrypt a besoin d'un graveur de CD/DVD pour graver un disque de secours VeraCrypt bootable contenant une sauvegarde des clés de chiffrement, du chargeur de démarrage VeraCrypt, du chargeur original du système, etc.\n\nNous vous recommandons fortement de graver le disque de secours VeraCrypt. - Je n'ai aucun graveur CD/DVD, mais j'enregistrerai l'image ISO de secours sur un lecteur amovible (par exemple une clé USB). - Je connecterai un graveur de CD/DVD sur mon ordinateur plus tard. Terminer le processus maintenant. - Un graveur de CD/DVD est connecté à mon ordinateur. Continuer et créer le disque de secours. - Suivez les étapes :\n\n1) Connectez maintenant un disque amovible, comme une clé USB, à votre ordinateur.\n\n2) Copier le fichier image du disque de secours VeraCrypt (%s) sur le lecteur amovible.\n\nDans le cas où vous devez utiliser le disque de secours de VeraCrypt à l'avenir, vous serez en mesure de connecter votre disque amovible (contenant l'image du disque de secours VeraCrypt) à un ordinateur avec un graveur de CD/DVD et de créer un disque de secours amorçable VeraCrypt en gravant l'image sur un CD ou un DVD. IMPORTANT : Le fichier image du disque de secours VeraCrypt doit être écrit sur le CD/DVD sous forme d'image ISO (pas dans un fichier individuel). - Enregistrement du disque de secours - Disque de secours créé - Pré-test du chiffrement système - Disque de secours vérifié - \nLe disque de secours de VeraCrypt a été vérifié avec succès. Enlevez-le du lecteur et stockez-le en lieu sûr.\n\nCliquez 'Suivant' pour continuer. - AVERTISSMENT : Lors des prochaines étapes, le disque de secours de VeraCrypt ne doit pas être dans le lecteur. Sinon il ne sera pas possible de terminer correctement les étapes.\n\nRetirez-le du lecteur maintenant et stockez-le dans un endroit sûr. Puis cliquez sur 'OK'. - Avertissement : À cause de limitations techniques de l'environnement de pré-amorçage, les textes affichés par VeraCrypt dans cet environement (avant que Windows ne démarre) ne peuvent être traduits. L'interface utilisateur du chargeur d'amorçage de VeraCrypt est uniquement en anglais.\n\nContinuer ? - Avant de chiffrer votre partition ou votre disque système, VeraCrypt doit vérifier que tout fonctionne correctement.\n\nAprès avoir cliqué sur 'Test', tous les composants nécessaires (par exemple, le composant d'indentification du pré-amorçage, c'est-à-dire le chargeur d'amorçage de VeraCrypt) seront installés et votre ordinateur redémarrera. Vous devrez ensuite saisir le mot de passe dans l'écran du chargeur d'amorçage de VeraCrypt qui apparaîtra avant que Windows ne démarre. Après le démarrage de Windows, vous serez automatiquement informé des résultats du pré-test.\n\nLe périphérique suivant sera modifié : Disque #%d\n\n\nSi vous cliquez sur 'Annuler' maintenant, rien ne sera installé et les pré-tests ne seront pas effectués. - REMARQUES IMPORTANTES-- VEUILLEZ LES LIRE OU LES IMPRIMER (cliquez sur « Imprimer ») :\n\nAucun de vos fichiers ne sera chiffré avant que vous ayez redémarré avec succès votre ordinateur et Windows. Ainsi, si quelque chose tombe en panne, vos données ne seront pas perdues. Toutefois, si quelque chose se passe mal, vous risquez de rencontrer des difficultés au démarrage de Windows. Par conséquent, veuillez lire et si possible imprimer les instructions suivantes sur ce qu'il faut faire si Windows ne peut pas démarrer après le redémarrage de l'ordinateur.\n\n - Marche à suivre si Windows ne démarre pas\n---\n\nRemarque : Ces instructions sont valables uniquement si vous n'avez pas commencé le chiffrement.\n\n- Si Windows ne démarre pas après avoir entré le mot de passe (ou si vous entrez correctement plusieurs fois le mot de passe mais que VeraCrypt indique que le mot de passe est incorrect), ne paniquez pas. Redémarrer l'ordinateur en appuyant sur le bouton marche/arrêt, puis sur l'écran du chargeur de démarrage de VeraCrypt, appuyez sur la touche Echap de votre clavier (et si vous avez plusieurs systèmes, sélectionnez lequel démarrer). Windows devrait alors démarrer (à condition qu'il n'est pas chiffré) et VeraCrypt vous demandera automatiquement si vous souhaitez désinstaller le composant d'authentification pré-amorçage. Notez que les étapes précédentes ne fonctionnent pas si le système partition/disque est chiffré (personne ne peut démarrer Windows ou accéder à des données chiffrées sur le disque sans le mot de passe même si les étapes précédentes sont suivies).\n\n - - Si les étapes précédentes ne résolvent pas le problème ou si l'écran du chargeur de démarrage de VeraCrypt n'apparaît pas (avant le démarrage de Windows), insérez le disque de secours VeraCrypt dans votre lecteur de CD/DVD et redémarrez votre ordinateur. Si l'écran VeraCrypt du disque de secours n'apparaît pas (ou si vous ne voyez pas l'élément "Options de réparation" dans la section "Contrôles clavier" de l'écran VeraCrypt du disque de secours), il est possible que votre BIOS soit configuré pour tenter de démarrer à partir des disques durs avant de lecteurs CD/DVD. Si tel est le cas, redémarrez votre ordinateur, appuyez sur F2 ou SUPPR (dès que vous voyez l'écran de démarrage du BIOS) et attendez que l'écran de configuration du BIOS s'affiche. Si aucun écran de configuration du BIOS s'affiche, redémarrez l'ordinateur à nouveau et en appuyant sur F2 ou Suppr à plusieurs reprises lors de la séquence de redémarrage de l'ordinateur. Lorsque l'écran de configuration du BIOS s'affiche, configurez votre BIOS pour démarrer en premier lieu depuis le lecteur de CD/DVD (pour plus d'informations sur la façon de le faire, référez-vous à la documentation de votre BIOS/carte mère ou contactez l'équipe de support technique du fournisseur de votre ordinateur). Puis redémarrez votre ordinateur. L'écran VeraCrypt du disque de secours doit apparaître maintenant. Dans l'écran VeraCrypt du disque de secours, sélectionnez « Options de réparation » en appuyant sur la touche F8 du clavier. Dans le menu "Options de réparation", sélectionnez « Restaurer le chargeur du système original ». Ensuite, retirez la disquette de secours de votre lecteur CD/DVD et redémarrez votre ordinateur. Windows devrait démarrer normalement (à condition qu'il ne soit pas chiffré).\n\n - Notez que les étapes précédentes ne fonctionnent pas si le système partition/disque est chiffré (personne ne peut démarrer Windows ou accéder à des données chiffrées sur le disque sans le mot de passe même si les étapes précédentes ont été suivies).\n\n\nNotez que même si vous perdez votre disque de secours VeraCrypt et qu'une personne le trouve, elle ne sera pas en mesure de déchiffrée le lecteur/partition sans le bon mot de passe. - Pré-test terminé - Le pré-test a été terminé avec succès.\n\nAVERTISSEMENT : Si l'alimentation est interrompue soudainement alors que les données existantes en place sont entrain d'être chiffrées, ou lorsque le système d'exploitation plante pendant que VeraCrypt chiffre les données existantes en place, certaines parties des données seront endommagées ou perdues. Par conséquent, avant de commencer à chiffrer, veuillez vous assurer que vous disposez de copies de sauvegarde des fichiers que vous souhaitez chiffrer. Si vous n'en avez pas, veuillez sauvegarder les fichiers maintenant (vous pouvez cliquer sur Reporter, sauvegardez les fichiers, puis exécutez à nouveau VeraCrypt et sélectionnez « Système » > « Reprendre le processus interrompu » pour lancer le chiffrage).\n\nCliquez alors sur chiffrer pour démarrer le chiffrement. - Pour interrompre le processus de chiffrement ou de déchiffrement, vous pouvez cliquez sur Pause ou Reporter à tout moment, quitter cet Assistant, redémarrer ou éteindre votre ordinateur et ensuite reprendre le processus, qui se poursuivra à partir du point où il a été arrêté. Pour éviter les ralentissements lorsque le système ou les applications écrivent ou lisent des données depuis le lecteur système, VeraCrypt attend automatiquement que les données soient écrites ou lues (voir conditions ci-dessus) et continue ensuite automatiquement le chiffrement ou déchiffrement. - \n\nPour interrompre le processus de chiffrement ou de déchiffrement, vous pouvez cliquez sur Pause ou Reporter à tout moment, quitter cet Assistant, redémarrer ou éteindre votre ordinateur et ensuite reprendre le processus, qui se poursuivra à partir du point où il a été arrêté. Notez que le volume ne pourra pas être monté jusqu'à ce que le chiffrement soit entièrement terminé. - \n\nVous pouvez cliquez sur Suspendre ou Différer à tout moment pour interrompre le processus de déchiffrement, quitter cet assistant, redémarrer ou éteindre l'ordinateur, puis reprendre le processus, qui se poursuivra à partir du point où il s'est arrêté. Notez que le volume ne peut pas être monté avant d'avoir été entièrement déchiffré. - Système cache démarré - Système original - Windows génère divers fichiers journaux, fichiers temporaires, etc., sur la partition système. Il enregistre également le contenu de la RAM lors de l'hibernation et le fichiers d'échange situés sur la partition système. Par conséquent, si une personne a analysé les fichiers stockés sur la partition hébergeant le système d'origine (dont le système caché est un clone), il pourrait trouver, par exemple, que vous avez utilisé l'assistant de VeraCrypt en mode création de système caché (qui pourrait indiquer l'existence d'un système d'exploitation caché sur votre ordinateur).\n\nPour éviter cela, VeraCrypt effacera dans les prochaines étapes tout le contenu de la partition hébergeant le système d'origine. Par la suite, afin de parvenir à un déni plausible, vous devrez installer un nouveau système d'exploitation sur la partition et le chiffrer. Ainsi, vous allez créer le système de leurre et l'ensemble du processus de création du système d'exploitation caché sera complet. - Le système d'exploitation caché a été créé avec succès. Toutefois, avant de pouvoir commencer à l'utiliser (et parvenir à un déni plausible), vous devez effacer en toute sécurité (à l'aide de VeraCrypt) tout le contenu de la partition où le système d'exploitation en cours d'exécution est installé. Avant que vous puissiez faire cela, vous devez redémarrer l'ordinateur et, dans l'écran du chargeur de démarrage de VeraCrypt (qui apparaît avant le démarrage de Windows), entrer le mot de passe d'authentification de pré-amorçage pour le système d'exploitation caché. Puis, après le démarrage du système caché, l'assistant VeraCrypt sera lancé automatiquement.\n\nNote : Si vous choisissez maintenant de mettre fin au processus de création du système d'exploitation caché, vous ne serez pas en mesure de reprendre le processus et le système caché ne sera pas accessible (parce que le chargeur de démarrage de VeraCrypt sera supprimé). - Vous avez planifié le processus de création d'un système d'exploitation caché. Le processus n'est pas encore terminé. Pour le compléter, vous devez redémarrer l'ordinateur et, dans l'écran du chargeur de démarrage de VeraCrypt (qui apparaît avant le démarrage de Windows), entrer le mot de passe pour le système d'exploitation caché.\n\nNote : Si vous choisissez maintenant de mettre fin au processus de création du système d'exploitation caché, vous ne serez pas en mesure de reprendre le processus. - Redémarrez l'ordinateur et poursuivez - Fin définitive du processus de création du système d'exploitation caché - Ne faites rien maintenant et demandez à nouveau plus tard - \nSI POSSIBLE, VEUILLEZ IMPRIMER CE TEXTE (cliquez sur "Imprimer").\n\n\nComment et quand utiliser le disque de secours VeraCrypt (Après le chiffrement)\n-----------------------------------------------------------------------------------\n\n - I. Comment démarrer le disque de secours VeraCrypt\n\nPour démarrer un disque de secours VeraCrypt, insérez-le dans votre lecteur de CD/DVD et redémarrez votre ordinateur. Si l'écran VeraCrypt du disque de secours n'apparaît pas (ou si vous ne voyez pas l'élément "Options de réparation" dans la section "Contrôles clavier" de l'écran VeraCrypt du disque de secours), il est possible que votre BIOS soit configuré pour tenter de démarrer à partir des disques durs avant de lecteurs CD/DVD. Si tel est le cas, redémarrez votre ordinateur, appuyez sur F2 ou SUPPR (dès que vous voyez l'écran de démarrage du BIOS) et attendez que l'écran de configuration du BIOS s'affiche. Si aucun écran de configuration du BIOS s'affiche, redémarrez l'ordinateur à nouveau et en appuyant sur F2 ou Suppr à plusieurs reprises lors de la séquence de redémarrage de l'ordinateur. Lorsque l'écran de configuration du BIOS s'affiche, configurez votre BIOS pour démarrer en premier lieu depuis le lecteur de CD/DVD (pour plus d'informations sur la façon de le faire, référez-vous à la documentation de votre BIOS/carte mère ou contactez l'équipe de support technique du fournisseur de votre ordinateur). Puis redémarrez votre ordinateur. L'écran VeraCrypt du disque de secours doit apparaître maintenant. Dans l'écran VeraCrypt du disque de secours, sélectionnez « Options de réparation » en appuyant sur la touche F8 du clavier.\n\n\n - II. Comment et quand utiliser le disque de secours VeraCrypt (Après le chiffrement)\n\n - 1) Si l'écran du chargeur de démarrage VeraCrypt n'apparaît pas lorsque vous démarrez votre ordinateur (ou si Windows ne démarre pas), le chargeur de démarrage VeraCrypt peut être endommagé. Le disque de secours de VeraCrypt permet de le restaurer et donc de rétablir l'accès à votre système chiffré et aux données (Cependant, notez que vous devrez toujours entrer le mot de passe). Dans l'écran du disque de secours, sélectionnez "Options de réparation" > « Restaurer le chargeur de démarrage VeraCrypt ». Appuyez sur « O » pour confirmer l'action, retirez le disque de secours de votre lecteur de CD/DVD et redémarrez votre ordinateur.\n\n - 2) Si vous entrez plusieurs fois le bon mot de passe mais que VeraCrypt dit que le mot de passe est incorrect, la clé principale ou d'autres données critiques peuvent être endommagées. Le disque de secours VeraCrypt vous permet de les restaurer et donc de rétablir l'accès à votre système chiffré et aux données (Cependant, notez que vous devrez toujours entrer le mot de passe). Dans l'écran du disque de secours, sélectionnez "Options de réparation" > « Restaurer les données-clés ». Puis entrez votre mot de passe, appuyez sur « O » pour confirmer l'action, retirez le disque de secours de votre lecteur de CD/DVD et redémarrez votre ordinateur.\n\n - 3) Si le chargeur de démarrage VeraCrypt est endommagé, vous pouvez son exécution en démarrant directement à partir du disque de secours VeraCrypt. Insérez le disque de secours dans le lecteur de CD/DVD et entrez le mot de passe dans l'écran du disque de secours.\n\n - 4) Si Windows est endommagé et ne peut pas démarrer, le disque de secours VeraCrypt vous permet en permanence de déchiffrer la partition/disque avant le démarrage de Windows. Dans l'écran du disque de secours, sélectionnez 'Options de réparation' > « Déchiffrer de manière permanente la partition/lecteur système ». Entrez le mot de passe et attendez que le déchiffrage soit terminé. Ensuite, vous pourrez par exemple démarrer sur le CD/DVD de MS Windows pour réparer votre installation de Windows.\n\n - Remarque : Si Windows est endommagé (il ne démarre plus) et que vous devez le réparer (ou accéder aux fichiers), vous pouvez éviter de déchiffrer la partition/disque système en procédant comme suit : Si vous avez plusieurs systèmes d'exploitation installés sur votre ordinateur, démarrez celui qui ne nécessite pas d'authentification lors du pré-amorçage. Si vous n'avez pas plusieurs systèmes d'exploitation installés sur votre ordinateur, vous pouvez démarrer sur un CD/DVD WinPE ou BartPE, ou vous pouvez connecter votre lecteur système comme disque secondaire ou externe sur un autre ordinateur, puis démarrez le système d'exploitation installé sur l'ordinateur. Après avoir démarré un système, exécutez VeraCrypt, cliquez sur « Sélectionner le périphérique », sélectionnez la partition système affectée, cliquez sur « OK », sélectionnez « Système » > « Monter sans authentification de dpré-amorçage », entrez votre mot de passe d'authentificatione pré-amorçage et cliquez sur 'OK'. La partition sera montée comme un volume VeraCrypt régulier (les données seront décrypté/cryptée à la volée en RAM lors de l'accès, comme d'habitude).\n\n\n - Notez que même si vous perdez le disque de secours VeraCrypt et qu'une personne le trouve, elle ne sera pas en mesure de déchiffrer la partition système ou le disque sans le mot de passe. - \n\nI M P O R T A N T -- VEUILLEZ IMPRIMER CE TEXTE SI POSSIBLE (cliquez sur « Imprimer » ci-dessous).\n\n\nRemarque : Ce texte s'affiche automatiquement chaque fois que vous démarrez le système caché jusqu'à ce que vous commenciez à créer le système de leurre.\n\n\n - Comment créer un système de leurre en toute sécurité\n----------------------------------------------------------------------------\n\nAfin de permettre le déni plausible, vous devez créer le système d'exploitation leurre maintenant. Pour ce faire, procédez comme suit :\n\n - 1) Pour des raisons de sécurité, arrêtez votre ordinateur et laissez-le éteint pendant plusieurs minutes (plus c'est long, mieux c'est). Ceci est nécessaire pour effacer la mémoire qui contient des données sensibles. Puis allumez l'ordinateur, mais ne démarrez pas le système caché.\n\n - 2) Installer Windows sur la partition dont le contenu a été effacé (c'est-à-dire sur la partition où le système d'origine, pour lequel le système caché est un clone, a été installé).\n\nIMPORTANT : LORSQUE VOUS DÉMARREZ L'INSTALLATION DU SYSTÈME LEURRE, ON NE POURRA PAS DÉMARRER SUR LE SYSTÈME CACHÉ (parce que le chargeur de démarrage VeraCrypt sera effacé par l'installateur de Windows). C'EST UN COMPORTEMENT NORMAL ET ATTENDU. NE PANIQUEZ PAS. VOUS POURREZ À NOUVEAU DÉMARRER LE SYSTÈME CACHÉ DÈS QUE VOUS COMMENCEREZ LE CHIFFREMENT DU SYSTÈME LEURRE (parce que VeraCrypt installera ensuite automatiquement le chargeur de démarrage VeraCrypt sur le lecteur système).\n\nImportant : La taille de la partition du système leurre doit rester identique à la taille du volume caché (cette condition est maintenant remplie). En outre, vous ne devez pas créer n'importe quelle partition entre la partition système leurre et la partition où le système caché réside.\n\n - 3) Démarrer le système leurre (que vous avez installé à l'étape 2 et installer VeraCrypt sur dessus).\n\nGardez à l'esprit que le système leurre ne doit jamais contenir les données sensibles.\n\n - 4) Sur le système leurre, exécutez VeraCrypt et sélectionnez « Système » > « Chiffrer la partition/disque système ». La fenêtre de l'assistant de création de volume VeraCrypt devrait apparaitre.\n\nLes étapes suivantes s'appliquent à l'assistant de création de volume VeraCrypt.\n\n - 5) Dans l'assistant de création de volume VeraCrypt, ne sélectionnez pas l'option « Caché ». Laissez l'option « Normale » sélectionnée, puis cliquez sur « Suivant ».\n\n - 6) Sélectionnez l'option « Chiffrer la partition système Windows » et cliquez ensuite sur « Suivant ».\n\n - 7) S'il y a seulement le système caché et le système leurre installés sur l'ordinateur, sélectionnez l'option « Amorçage unique » (s'il y a plus que ces deux systèmes installés sur l'ordinateur, sélectionnez « Multi amorçage »). Puis cliquez sur « Suivant ».\n\n - 8) IMPORTANT : dans cette étape, POUR LE SYSTÈME LEURRE, VOUS DEVEZ SÉLECTIONNER LE MÊME ALGORITHME DE CHIFFRAGE ET DE HACHAGE QUE VOUS AVEZ SÉLECTIONNÉ POUR LE SYSTÈME CACHÉ! DANS LE CAS CONTRAIRE, LE SYSTÈME CACHÉ NE SERA PLUS ACCESSIBLES ! En d'autres termes, le système leurre doit être chiffré avec le même algorithme de chiffrement que le système caché. Note : La raison est que le système leurre et le système caché partageront un chargeur de démarrage unique, qui prend uniquement en charge un seul algorithme, sélectionné par l'utilisateur (pour chaque algorithme, il y a une version spéciale du chargeur d'amorçage VeraCrypt).\n\n - 9) Dans cette étape, choisissez un mot de passe pour le système d'exploitation leurre. Ce sera le mot de passe d'authentification de pré-amorçage que vous serez en mesure de révéler si quelqu'un le demande ou que vous êtes forcé de le divulguer (l'autre mot de passe que vous pouvez révéler est celui du volume externe). L'existence du troisième mot de passe (c'est-à-dire du mot de passe d'authentification de pré-amorçage pour le système d'exploitation caché) restera secret.\n\nImportant : Le mot de passe que vous choisissez pour le système leurre doit être sensiblement différent de celui que vous avez choisi pour le volume caché (c'est-à-dire pour le système d'exploitation caché).\n\n - 10) Suivez les instructions restantes de l'assistant afin de chiffrer le système d'exploitation leurre.\n\n\n\n - Après que le système leurre est créé\n------------------------------------------------\n\nAprès avoir chiffrer le système leurre, le processus de création du système d'exploitation caché s'achèvera et vous serez en mesure d'utiliser ces trois mots de passe : \n\n1) Mot de passe d'authentification de pré-amorçage pour le système d'exploitation cachés.\n\n2 Mot de passe d'authentification de pré-amorçage pour le système d'exploitation leurre .\n\n3) Mot de passe pour le volume extérieur.\n\n - Si vous souhaitez démarrer le système d'exploitation caché, vous devrez entrer le mot de passe dans l'écran du chargeur de démarrage VeraCrypt pour le système d'exploitation caché (qui s'affiche lorsque vous allumez ou redémarrez votre ordinateur).\n\nSi vous souhaitez démarrer le système d'exploitation leurre, vous devrez entrer le mot de passe pour le système d'exploitation leurre dans l'écran du chargeur de démarrage VeraCrypt.\n\nLe mot de passe pour le système leurre peut être communiqué à quiconque vous demande de le révéler. L'existence du volume caché (et du système d'exploitation caché) restera secrète.\n\n - Le troisième mot de passe (pour le volume extérieur) peut être communiqué à quiconque vous demande de révéler le mot de passe pour la première partition derrière la partition système, là où résident aussi bien le volume extérieur que le volume caché (contenant le système d'exploitation caché). L'existence du volume caché (et du système d'exploitation caché) restera secrète.\n\n\n - Si vous avez révélé le mot de passe pour le système leurre à quelqu'un et qu'il vous a demand pourquoi l'espace libre de la partition système (leurre) contient des données aléatoires, vous pouvez par exemple répondre : "La partition contenait auparavant un système chiffré par VeraCrypt, mais j'ai oublié le mot de passe d'authentification de pré-amorçage (ou le système a été endommagé et ne démarrait plus), donc j'ai dû réinstaller Windows et chiffrer la partition à nouveau. »\n\n\n - Si toutes les instructions, les précautions et les exigences énumérées dans la section « Exigences et précautions de sécurité relatives aux volumes cachés » dans le guide de l'utilisateur VeraCrypt sont suivies, il devrait être impossible de prouver que le volume caché et le système d'exploitation caché existent, même si le volume extérieur est monté ou lorsque le système d'exploitation leurre est déchiffré ou démarré.\n\nSi vous enregistrez une copie de ce texte ou l'imprimez (ce qui est fortement recommandé, à moins que votre imprimante stocke des copies des documents imprimés sur son disque interne), vous devez détruire toute copie de celui-ci après avoir créé le système leurre et après avoir compris toutes les informations contenues dans le texte (dans le cas contraire, si une telle copie a été trouvée, il peut indiquer qu'il y a un système d'exploitation caché sur cet ordinateur).\n\n - AVERTISSEMENT : SI VOUS NE PAS PROTÉGER LE VOLUME CACHÉ (pour plus d'informations sur la façon de le faire, reportez-vous à la section « Protection des volumes cachés contre les dommages » dans le Guide de l'utilisateur VeraCrypt), N'ÉCRIVEZ PAS SUR LE VOLUME EXTERNE (Notez que le système d'exploitation leurre n'est pas installé sur le volume externe). SINON, VOUS POUVEZ ÉCRASER ET ENDOMMAGER LE VOLUME CACHÉ (ET LE SYSTÈME D'EXPLOITATION CACHÉ QU'IL CONTIENT) ! - Clonage du système d'exploitation - Dans les prochaines étapes, VeraCrypt va créer le système d'exploitation caché en copiant le contenu de la partition système sur le volume caché (les données à copier à la volée seront chiffrées avec une clé de chiffrement différente de celle qui sera utilisée pour le système d'exploitation leurre).\n\nVeuillez noter que le processus sera effectué dans l'environnement de pré-amorçage (avant le démarrage de Windows) et cela peut prendre beaucoup de temps, plusieurs heures ou même plusieurs jours (selon la taille de la partition système et les performances de votre ordinateur).\n\nVous serez en mesure d'interrompre le processus, arrêtez l'ordinateur, démarrez le système d'exploitation et ensuite reprendre le processus. Toutefois, si vous l'interrompez, tout le processus de copie du système devra recommencer depuis le début (parce que le contenu de la partition système ne doit pas changer lors du clonage). - Voulez-vous annuler l'intégralité du processus de création du système d'exploitation caché ?\n\nNote : Vous ne pourrez PAS reprendre le processus si vous l'annulez maintenant. - Voulez-vous annuler le pré-test de chiffrement du système ? - Le prétest de chiffrement du système VeraCrypt a échoué. Voulez-vous réessayer ?\n\nSi vous sélectionnez « Non », le composant d'authentification de pré-amorçage sera désinstallé.\n\nRemarques :\n\n- Si le chargeur de démarrage de VeraCrypt n'a pas demandé d'entrer le mot de passe avant que Windows a commencé à démarrer, il est possible que votre système d'exploitation ne démarre pas depuis le disque sur lequel il est installé. Ceci n'est pas supporté.\\n\n- Si vous avez utilisé un algorithme de chiffrement autre que de l'AES et que le prétest a échoué (et vous avez entré le mot de passe), cela peut avoir été causé par un pilote mal conçu. Sélectionnez « Non » et essayer de chiffrer la partition/lecteur système à nouveau, mais utilisez l'algorithme de chiffrement AES (qui a le plus bas niveau d'exigences).\n\n- Pour plus de détails sur les causes et les solutions, voir : https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - La partition/le disque système ne semble pas chiffré (totalement ou en partie). - Votre partition/votre disque système est chiffré (totalement ou en partie).\n\nDéchiffrez votre partition/votre disque système entièrement avant de poursuivre. Pour cela sélectionnez 'Système' > 'Déchiffrer définitivement la partition/le disque système' depuis la barre des menus de la fenêtre principale VeraCrypt. - Lorsque la partition/lecteur système est chiffré (partiellement ou totalement), vous ne pouvez pas rétrograder VeraCrypt (mais vous pouvez le mettre à jour ou réinstaller la même version). - Votre partition/votre disque est en cours de chiffrement, déchiffrement ou de modification. Interrompez le processus en cours (ou attendez son arrêt) avant de poursuivre. - Une instance de l'assistant de création de volume de VeraCrypt existe déjà sur ce système et procède (ou se prépare à procéder) au chiffrement/déchiffrement de la partition/du disque système. Avant de poursuivre, patientez jusqu'à la fin du traitement ou arrêtez-le. Si vous ne pouvez pas l'arrêter, redémarrer votre ordinateur avant de poursuivre. - Le processus de chiffrement ou de déchiffrement de la partition/du disque système n'est pas terminé. Patientez jusqu'à ce qu'il finisse avant de poursuivre. - Erreur : Le processus de chiffrement de la partition/du disque n'est pas terminé. Il doit d'abord être achevé. - Erreur : Le processus de chiffrement de la partition ou du volume n'a pas été terminé. Il d'abord doit être complété.\n\nRemarque : Pour reprendre le processus, sélectionnez « Volumes » > « Reprendre le processus interrompu » de la barre de menus de la fenêtre principale de VeraCrypt. - Le mot de passe est correct, VeraCrypt a déchiffré avec succès l'en-tête du volume et a détecté que ce volume est un volume caché. Cependant, vous ne pouvez pas modifier l'en-tête d'un volume système caché de cette manière.\n\nPour changer le mot de passe d'un volume système caché, démarrer le système d'exploitation résidant dans le volume caché, puis sélectionnez 'Système' > 'Modifier le mot de passe...' depuis la barre des menus de la fenêtre principale de VeraCrypt.\n\nPour paramétrer l'algorithme de dérivation de la clé d'en-tête, démarrez le système d'exploitation caché puis sélectionnez 'Système' > 'Paramétrer l'algorithme de dérivation de la clé d'en-tête...'. - VeraCrypt ne supporte pas le déchiffrement 'sur place' d'une partition système cachée .\n\nNote : Si vous voulez déchiffrer la partition système leurre, démarrez le système leurre puis sélectionnez 'Système' > 'Déchiffrer définitivement la partition/le disque système' dans la barre des menus de la fenêtre principale de VeraCrypt. - Erreur : paramètre incorrect/invalide. - Vous avez sélectionné une partition ou un périphérique mais le mode assistant que vous avez sélectionné n'est valable que pour les fichiers conteneurs.\n\nVoulez-vous changer le mode assistant ? - Voulez-vous créer à la place un fichier conteneur VeraCrypt ? - Vous avez sélectionné le partition/disque système (ou la partition de démarrage), mais le mode assistant sélectionné ne convient que pour les partitions/disques non-système.\n\nVous voulez configurer l'authentification de pré-amorçage (ce qui signifie que vous devrez entrer votre mot de passe chaque fois que Windows démarre) et chiffrer la partition/disque système ? - Êtes-vous sûr de vouloir déchiffrer définitivement la partition/le disque système ? - ATTENTION : Si vous déchiffrez définitivement la partition/le disque système, des données non chiffrées y seront écritent.\n\nÊtes-vous vraiment sûr de vouloir déchiffrer définitivement la partition/le disque système ? - Êtes-vous sûr de vouloir déchiffrer de façon permanente le volume suivant? - ATTENTION: Si vous décryptez de manière permanente le volume VeraCrypt, les données non chiffrées seront écrites sur le disque.\n\nÊtes vous vraiment sûr que vous voulez déchiffrer de manière permanente le volume sélectionné.? - AVERTISSEMENT : Si vous utilisez une cascade d'algorithmes de chiffrement pour le chiffrement du système, vous pouvez rencontrer les problèmes suivants :\n\n1) La taille du chargeur de démarrage de VeraCrypt est supérieur à la normale et il n'y a donc pas assez d'espace dans la première plage du disque pour une sauvegarde du chargeur de démarrage VeraCrypt. Par conséquent, chaque fois qu'il est endommagé (ce qui arrive souvent, par exemple au cours de procédures d'activation de lutte contre la piraterie de certains programmes mal conçus), vous devrez utiliser le disque de secours VeraCrypt pour démarrer ou réparer le chargeur de démarrage VeraCrypt.\n\n2) Sur certains ordinateurs, la reprise depuis l'hibernation prend plus de temps.\n\nCes problèmes potentiels peuvent être évités en choisissant un algorithme de cryptage non-cascadé (par exemple AES).\n\nÊtes-vous certain de vouloir utiliser une cascade d'algorithmes de chiffrement ? - Si vous rencontrez un des problèmes décrits précédemment, déchiffrez la partition/le disque (s'il est chiffré) puis essayez de le chiffrer à nouveau en utilisant un algorithme sans cascade (ex : AES). - AVERTISSEMENT : Pour des raisons de sécurité, vous devez mettre à jour VeraCrypt sur le système d'exploitation leurre avant de le mettre à jour sur le système d'exploitation caché.\n\nPour ce faire, démarrer le système leurre et lancez l'installation de VeraCrypt dessus. Puis démarrer le système caché et exécutez aussi l'installation dessus.\n\nRemarque : Le système leurre et le système caché partagent un chargeur de démarrage unique. Si vous êtes mis à jour VeraCrypt seulement sur le système caché (mais pas sur le système leurre), le système leurre contiendra un pilote VeraCrypt et une application VeraCrypt dont les numéros de version sont différents de celui du chargeur de démarrage VeraCrypt. Une telle différence peut indiquer qu'il y a un système d'exploitation caché sur cet ordinateur.\n\n\nVoulez-vous continuer ? - Le numéro de version du chargeur d'amorçage de VeraCrypt qui a démarré ce système d'exploitation est différent de celui du pilote de VeraCrypt (et de ses applications) installé sur ce système.\n\nVous devriez lancer l'installeur VeraCrypt (dont le numéro de version est le même que celui du chargeur d'amorçage de VeraCrypt) pour mettre à jour la version de VeraCrypt installé dans ce système d'exploitation. - Le numéro de version du chargeur de démarrage VeraCrypt qui a démarré ce système d'exploitation est différent du numéro de version du pilote VeraCrypt (et des applications VeraCrypt) installé sur ce système. Notez que les versions plus anciennes peuvent contenir des bogues corrigés dans les versions ultérieures.\n\nSi vous n'avez pas démarré depuis le disque de secours VeraCrypt, vous devez réinstaller VeraCrypt ou le mettre à niveau vers la dernière version stable (le chargeur de démarrage sera aussi actualisé).\n\nSi vous avez démarré depuis le disque de secours VeraCrypt, vous devez le mettre à jour (« Système » > « Créer le disque de secours »). - Le chargeur d'amorçage de VeraCrypt a été mis à jour.\n\nIl est recommandé de créer un nouveau disque de secours VeraCrypt (qui contiendra la nouvelle version du chargeur d'amorçage de VeraCrypt) en sélectionnant 'Système' > 'Créer un disque de secours' après avoir redémarré votre ordinateur. - Le chargeur d'amorçage de VeraCrypt a été mis à jour.\n\nIl est fortement recommandé de démarrer le système d'exploitation leurre et de créer un nouveau disque de secours VeraCrypt (qui contiendra la nouvelle version du chargeur d'amorçage de VeraCrypt) en sélectionnant 'Système' > Créer un disque de secours'. - Échec de la mise à jour du chargeur d'amorçage de VeraCrypt. - VeraCrypt n'a pas pu détecter la taille réelle du disque système et, par conséquent, la taille indiquée par le système d'exploitation (qui peut être infèrieure à la taille réelle) sera utilisée. Notez également que ce n'est pas un bug dans VeraCrypt. - AVERTISSEMENT : Il semble que VeraCrypt a déjà essayé de détecter des secteurs cachés sur ce disque système. Si vous avez rencontré des problèmes lors du précédent processus de détection, vous pouvez vous épargner des problèmes en évitant maintenant la détection des secteurs cachés. Notez que si vous le faites, VeraCrypt utilisera la taille donnée par le système d'exploitation (qui peut être plus petite que la taille réelle du disque).\n\nNotez que ce problème n'est pas causé par un bogue de VeraCrypt. - Eviter la détection des secteurs cachés (utiliser la taille donnée par le système d'exploitation) - Essayer à nouveau de détecter des secteurs cachés - Erreur : Le contenu d'un ou plusieurs secteurs sur le disque ne peut pas être lu (probablement en raison d'un défaut physique).\n\nLe processus de chiffrement sur-place peut continuer uniquement lorsque les secteurs seront à nouveau lisibles. VeraCrypt peut essayer de rendre ces secteurs lisible en y écrivant des zéros (par la suite ces blocs de seront chiffrés). Toutefois, notez que toutes les données stockées sur les secteurs illisibles seront perdues. Si vous voulez éviter cela, vous pouvez essayer de récupérer certaines parties des données corrompues en utilisant des outils tiers appropriés.\n\nRemarque : Dans le cas de secteurs endommagés physiquement (par opposition à la corruption de données simple et d'erreurs de somme de contrôle) la plupart des types de périphériques de stockage interne réaffectent les secteurs lorsque les données écrites dessus (donc les données existantes sur les secteurs endommagés peuvent rester non chiffrées sur le disque).\n\nVoulez-vous que VeraCrypt écrive des zéros sur les secteurs illisibles ? - Erreur : Le contenu d'un ou plusieurs secteurs sur le disque ne peut pas être lu (probablement en raison d'un défaut physique).\n\nPour être en mesure d'aller de l'avant, VeraCrypt devra écarter le contenu des secteurs illisibles (le contenu sera remplacé par les données pseudo-aléatoires). Veuillez noter qu'avant de poursuivre, vous pouvez essayer de récupérer des parties des données endommagées à l'aide d'outils tiers appropriés.\n\nVoulez-vous que VeraCrypt supprime maintenant les données dans les secteurs illisibles ? - Remarque : VeraCrypt a remplacé le contenu de % I64d secteurs illisibles (%s) avec des blocs chiffrés de zéros en texte brut. - Note : VeraCrypt a remplacé le contenu de %I64d secteurs non lisible (%s) par des données aléatoires. - Entrez le mot de passe/PIN pour le jeton '%s': - Afin de permettre à VeraCrypt d'accéder à un jeton de sécurité ou une carte à puce, vous devez d'abord installer une bibliothèque logicielle PKCS #11 pour le jeton ou la carte à puce. La bibliothèque peut être fournie par le périphérique ou disponible en téléchargement sur le site web du vendeur ou d'autres tiers.\n\nAprès avoir installé la bibliothèque, vous pouvez soit la sélectionner manuellement en cliquant sur "Bibliothèque...", soit laisser VeraCrypt la trouver et la sélectionner automatiquement en cliquant sur "Détecter bibliothèque" (seul le répertoire système de Windows sera parcouru). - Note : Pour le nom de fichier et l'emplacement de la bibliothèque PKCS #11 installée pour votre jeton de sécurité ou carte à puce, veuillez vous reporter à la documentation fournie avec le jeton, la carte ou le logiciel tiers.\n\nAppuyer sur "OK" pour sélectionner le chemin et le nom de fichier. - Afin de permettre à VeraCrypt d'accéder à un jeton de sécurité ou une carte à puce, vous devez d'abord sélectionner une bibliothèque logicielle PKCS #11 pour le jeton/la carte. Pour cela, allez dans "Paramètres" > "Jetons de sécurité...". - Impossible d'initialiser la bibliothèque du jeton de sécurité PKCS #11.\n\nAssurez-vous que le nom et le chemin d'accès spécifié, font référence à une bibliothèque de PKCS #11 valide. Pour spécifier un chemin de bibliothèque PKCS #11 et un nom de fichier, sélectionnez « Paramètres » > « Jetons de sécurité ». - Aucune bibliothèque PKCS #11 n'a été trouvé dans le répertoire système de Windows.\n\nAssurez-vous qu'une bibliothèque PKCS #11 pour votre jeton de sécurité (ou de votre carte à puce) est installée (une telle bibliothèque peut-être être fournie avec le jeton/carte ou il peut être disponible en téléchargement depuis le site Web du fournisseur ou de tierces parties). S'il est installé dans un répertoire différent du répertoire système de Windows, cliquez sur "Selectionner la bibliothèque" pour localiser la bibliothèque (par exemple dans le dossier d'installation du logiciel pour le jeton/carte installé). - Jeton de sécurité non trouvé.\n\nVeuillez-vous assurer que votre jeton de sécurité est relié à votre ordinateur et que le pilote de périphérique approprié pour votre jeton est installé. - Fichier clé du jeton de sécurité non trouvé. - Un fichier clé du jeton de sécurité de même nom existe déjà. - Voulez-vous effacer les fichiers sélectionnés ? - Le chemin du fichier clé du jeton de sécurité est invalide. - Erreur du jeton de sécurité. - Le mot de passe pour le jeton de sécurité est incorrect. - Le jeton de sécurité n'a pas assez de mémoire, d'espace pour effectuer l'opération demandée.\n\nSi vous essayez d'importer un fichier de clé, vous devez sélectionner un fichier plus petit ou utiliser un fichier clé généré par VeraCrypt (sélectionnez « Outils » > « Générateur de fichier clé »). - Toutes les sessions de jeton de sécurité ouvertes ont été fermées. - Sélectionnez les fichiers clés du jeton de sécurité - Connecteur - Nom du jeton - Nom du fichier - IMPORTANT : Veuillez noter que le mot de passe pour l'authentification de pré-amorçage est toujours tapé à l'aide de la disposition du clavier américain standard. Par conséquent, un volume qui utilise un mot de passe tapé à l'aide de toute autre type de clavier peut être impossible à monter à l'aide d'un mot de passe d'authentification de pré-amorçage (Notez que ce n'est pas un bug dans VeraCrypt). Pour permettre un tel volume de monter à l'aide d'un mot de passe d'authentification de pré-amorçage, procédez comme suit :\n1) Cliquez sur "Selectionner un fichier" ou "Sélectionner un périphérique" et sélectionnez le volume.\n2) Sélectionnez « Volume » > « Modifier le mot de passe de volume ».\n3) Entrez le mot de passe actuel pour le volume.\n4) Modifier la disposition du clavier à anglais (États-Unis) en cliquant sur l'icône de barre de langue dans la barre des tâches Windows et en sélectionnant « EN anglais (États-Unis) ».\n5) Dans VeraCrypt, dans le champ pour le nouveau mot de passe, tapez le mot de passe d'authentification de pré-amorçage.\n6) Confirmez le nouveau mot de passe en le retapant dans le champ de confirmation, puis cliquez sur 'OK'.\nAVERTISSEMENT : Gardez à l'esprit que si vous suivez ces étapes, le mot de passe de volume devra toujours être tapé à l'aide de la disposition du clavier américain (qui est automatiquement activé uniquement dans l'environnement de pré-amorçage). - Les volumes système préférés seront montés en utilisant le mot de passe d'authentification de pré-amorçage. Si un des volumes préférés du système utilise un mot de passe différent, il ne sera pas monté. - Notez que si vous avez besoin d'empêcher des actions normales sur un volume VeraCrypt (par exemple "Démonter tout", "Auto-démontage", etc.) d'affecter les volumes système préférés, vous devez activer l'option "Permettre aux seuls administrateurs d'afficher et de démonter les volumes système préférés dans VeraCrypt". En outre, lorsque VeraCrypt est exécuté sans privilèges d'administrateur (par défaut avec Windows Vista et les versions ultérieures), les volumes système préférés ne s'afficheront pas dans la liste de lettre de lecteur dans la fenêtre principale de l'application VeraCrypt. - IMPORTANT : Gardez à l'esprit que si cette option est activée et que VeraCrypt n'a pas de privilèges d'administrateur, les volumes système préférés montés ne sont pas affichés dans la fenêtre de l'application VeraCrypt et ils ne peuvent pas être démontés. Par conséquent, si vous avez besoin par exemple de démonter un volume système préféré, d'abord cliquez-droit sur l'icône VeraCrypt (dans le menu Démarrer) et sélectionnez « Exécuter en tant qu'administrateur ». La même restriction s'applique aux fonctions « Démonter tout », « Auto-démontage », les touches de raccourci « Démonter tout », etc. - Notez que ce paramètre prend effet uniquement après le redémarrage du système d'exploitation. - Erreur lors de l'analyse de ligne de commande. - Disque de secours - Sélectionner un &fichier et monter... - Sélectionner un &périphérique et monter... - Permettre seulement aux administrateurs d'afficher et de démonter les volumes système préférés dans VeraCrypt - Monter les volumes système préférés au démarrage de Windows (dans la phase initiale de la procédure de démarrage) - AVERTISSEMENT : Le système de fichiers sur le volume monté comme « %s » n'a pas été correctement démonté et peut donc contenir des erreurs. Utiliser un système de fichiers endommagé peut provoquer des pertes ou de la corruption de données.\n\nRemarque : Avant de retirer physiquement ou de désactiver un périphérique (tel qu'une clé USB ou un disque dur externe) sur lequel un volume monté de VeraCrypt réside, vous devriez toujours démonter le volume VeraCrypt avec VeraCrypt.\n\n\nVoulez-vous que Windows tente de détecter et de corriger les erreurs du système de fichiers ? - AVERTISSEMENT : Un ou plusieurs volumes système préférés n'ont pas été proprement démontés et peuvent donc contenir des erreurs de système de fichiers. Consultez le journal des événements système pour plus de détails.\n\nUtiliser un système de fichiers endommagé peut provoquer des pertes de données ou la corruption des données. Vous devriez vérifier le(s) volume(s) système préféré(s) affecté(s) pour trouver des erreurs (cliquez-droit sur chacun d'eux dans VeraCrypt et sélectionnez "Réparer le système de fichiers"). - AVERTISSEMENT : La réparation d'un système de fichiers endommagé à l'aide de l'outil « chkdsk » de Microsoft pourrait causer la perte des fichiers dans les zones endommagées. Par conséquent, il est recommandé que vous sauvegardiez d'abord les fichiers stockés sur le volume de VeraCrypt vers un autre volume VeraCrypt en bonne santé.\n\nVoulez-vous réparer le système de fichiers maintenant ? - Le volume « %s » a été monté en lecture seule car l'accès en écriture a été refusé.\n\nAssurez-vous que les autorisations de sécurité du conteneur de fichier vous permettent d'écrire dessus (cliquez-droit sur le conteneur, puis sélectionnez "Propriétés" > "sécurité").\n\nNotez qu'en raison d'un problème de Windows, vous pouvez voir cet avertissement même après la mise en place des autorisations de sécurité appropriées. Ceci n'est pas causé par un bogue dans VeraCrypt. Une solution possible est de déplacer votre conteneur par exemple dans le dossier « Documents ».\n\nSi vous souhaitez garder votre volume en lecture seule, définissez l'attribut lecture seule sur le conteneur (cliquez-droit sur le conteneur, puis sélectionnez "Propriétés" > "lecture seule"), cela supprimera cet avertissement. - Le volume « %s » a été monté en lecture seule parce que l'accès en écriture a été refusé.\n\nAssurez-vous qu'aucune autre application (par exemple un logiciel antivirus) n'accède à la partition/dispositif sur lequel est hébergé le volume. - Le volume « %s » a été monté en lecture seule parce que le système d'exploitation a signalé que l'appareil hôte est protégé en écriture.\n\nVeuillez noter que certains pilotes de chipset personnalisés peuvent faire apparaitre des médias enregistrables comme faussement protégés en écriture. Ce problème n'est pas causé par VeraCrypt. Il peut être résolu par la mise à jour ou la désinstallation des pilotes personnalisés (non Microsoft) des chipset qui sont actuellement installés sur ce système. - Notez que la technologie Hyper-Threading fournit plusieurs cœurs logiques pour un seul cœur physique. Quand l'Hyper-Threading est activé, le nombre sélectionné ci-dessus représente le nombre de processeurs/cœurs logiques. - %d unités d'exécution - Notez que l'accélération matérielle AES est désactivée, ce qui affectera les résultats des benchmarks (dégradation des performances).\n\nPour activer l'accélération matérielle, sélectionnez « Paramètres » > « Performance » et activer l'option correspondante. - Notez que le nombre d'unités d'exécution est actuellement limitée, ce qui affectera les résultats des benchmarks (dégradation des performances).\n\nPour exploiter pleinement le potentiel des processeurs, sélectionnez "Paramètres" > "Performance" et désactiver l'option correspondante. - Voulez-vous que VeraCrypt tente de désactiver la protection en écriture du disque ou de la partition ? - AVERTISSEMENT : Ce paramètre peut nuire aux performances.\n\nÊtes-vous certain de vouloir utiliser ce paramètre ? - AVERTISSEMENT: Volume VeraCrypt auto-démonté - Avant de retirer physiquement ou d'éteindre un appareil contenant un volume monté, vous devriez d'abord toujours démonter le volume dans VeraCrypt.\n\nLe démontage spontané inattendue est habituellement causé par un câble se déconnectant par intermittence, disques (rack), etc. - Ce volume a été créé par TrueCrypt %x.%x mais VeraCrypt supporte seulement les volumes TrueCrypt créés avec les version 6.x/7.x de TrueCrypt - Test - Fichier clé - Retour arrière - Tab - Effacer - Entrée - Pause - Ver. Maj. - Barre d'espace - Page précédente - Page suivante - Fin - Début - Flèche gauche - Flèche haute - Flèche droite - Flèche basse - Sélectionner une touche - Touche d'impression - Touche d'exécution - Impression écran - Insérer - Supprimer - Touche Applications - Veille - Verr. Num. - Arrêt défil. - Retour (navigateur) - Suivant (navigateur) - Actualiser (navigateur) - Arrêter (navigateur) - Rechercher (navigateur) - Favoris (navigateur) - Origine (navigateur) - Silence - Volume - - Volume + - Piste suivante - Piste précédente - Arrêter Média - Jouer/Pause - Touche démarrer courriel - Sélectionner touche Média - Application 1 - Application 2 - Attn - CrSel - ExSel - Jouer - Zoom - Pavé num. - Maj - Contrôle - Alt - Win - o - Ko - Mo - Go - To - Po - o/s - Ko/s - Mo/s - Go/s - To/s - Po/s - - Inclure le &PIM quand le mot de passe d'authentification de pré-amorçage est mis en cache - Inclure le PIM quand le mot de passe est mis en cache - Permettre d'utiliser les lecteurs réseaux déconnectés comme point de montage - Le mot de passe saisi est trop long: sa representation UTF-8 dépasse 64 octets. - Le mot de passe saisi contient des caractères Unicode qui n'ont pas pu être converti en UTF-8. - Erreur : Echec de chargement d'une librairie système. - La taille du volume spécifiée en ligne de commande n'est pas compatible avec exFAT. - Données aléatoires récoltées grâce aux mouvements de la souris - ID du volume: - ID du Volume - Utilier l'ID du volume pour monter le favoris - L'ID du volume est invalide - Aucun volume avec l'ID spécifié n'a été trouver sur le système - Copier la valeur vers le Presse-Papier... - Ne demander aucun PIM dans l'écran d'authentification de pré-amorçage. - AVERTISSEMENT : Gardez à l'esprit que si vous activez cette option, la valeur du PIM sera écrite non chiffrée sur le disk.\n\nÊtes-vous sûr que vous souhaitez activer cette option ? - La valeur maximale du PIM est 2147468. - Ne pas vérifier le disque de secours - Ne pas afficher la fenêtre d'attente lors de l'exécution des opérations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Annuler + Installer pour tous les utilisateurs + &Parcourir... + Icône de VeraCrypt sur le Bureau + Faire un don... + Associer l'extension '.hc' à VeraCrypt + Ouvrir le dossier de destination après l'installation + Ajouter VeraCrypt au menu Démarrer + Créer un point de restauration système + &Désinstaller + &Extraire + &Installer + Assistant d'installation de VeraCrypt + Désinstaller VeraCrypt + &Aide + Sélectionner ou saisir l'emplacement où vous désirez extraire les fichiers : + Sélectionner ou saisir l'emplacement où vous désirez installer le programme VeraCrypt. Si le dossier spécifié n'existe pas, il sera automatiquement créé. + Cliquer sur 'Désinstaller' pour supprimer VeraCrypt de votre système. + Arrêter + &Benchmark + &Tester + Créer un volume chiffré et le formater + Chiffrer la partition en place + Afficher les clés générées (une partie) + Afficher le nombre aléatoire + Télécharger le logiciel de gravure de CD/DVD + Créer un fichier conteneur chiffré + &Go + &To + Plus d'infos + Volume VeraCrypt &caché + Plus d'infos sur les volumes cachés + Mode direct + Mode normal + &Ko + &Utiliser fichiers clés + Essayer d'abords de monter avec un mot de passe vide + Taille aléatoire ( 64 <-> 1048576 ) + &Fichiers clés... + Infos : algorithmes de hachage + Plus d'infos + Plus d'info sur le PIM + &Mo + Plus d'infos + Plus d'infos sur le système de chiffrement + Plus d'infos + Amorçage multiple + Chiffrer une partition/un disque non système + &Ne jamais enregistrer l'historique + Ouvrir le volume externe + &Pause + Saisir un P&IM + Saisir un PIM + Formatage rapide + &Afficher le mot de passe + &Afficher le mot de passe + &Afficher le PIM + Amorçage + Volume VeraCrypt standard + &Caché + Normal + Chiffrer la partition ou l'intégralité du disque système + Chiffrer la partition système Windows + Chiffrer l'intégralité du disque + Assistant de création de volume VeraCrypt + Cluster + IMPORTANT : Déplacez votre souris dans cette fenêtre aussi aléatoirement que possible. Plus longtemps vous la bougez, mieux c'est. Cela accroît significativement la force cryptographique des clés de chiffrement. Cliquez sur 'Suivant' pour poursuivre. + &Confirmer : + Fait à + Lettre de lecteur : + Algorithme de chiffrement + Système + Crée un disque virtuel chiffré dans un fichier. Recommandé pour les utilisateurs novices. + Options + Algorithme de hachage + Clé d'en-tête : + Reste + Clé principale : + Sélectionner cette option s'il y a au moins deux systèmes d'exploitation installés sur cet ordinateur.\n\nPar exemple :\n- Windows 2000 et Windows XP\n- Windows XP et Windows Vista\n- Windows et Mac OS X\n- Windows et Linux\n- Windows, Linux et Mac OS X + Chiffre une partition non système sur tout disque interne ou externe (ex : clé USB). Optionnellement, crée un volume caché. + Nombre aléatoire actuel (une partie) + Passe + Mot de passe : + PIM du volume: + PIM du volume: + Progression : + Nb aléatoire : + Sélectionner cette option s'il n'y a qu'un seul système d'exploitation installé sur cette machine (même s'il y a plusieurs utilisateurs). + Vitesse + État + Les clés, le sel et d'autres données ont été générés avec succès. Si vous désirez générer de nouvelles clés, cliquez sur 'Précédent' puis 'Suivant'. Sinon cliquez sur 'Suivant' pour poursuivre. + Chiffre la partition/le disque où est installé Windows. Qui veut accéder au système, lire/écrire des fichiers, etc., devra entrer le bon mot de passe à chaque fois que Windows démarre. Crée un système caché (optionnel). + Sélectionnez cette option pour chiffrer la partition où le système d'exploitation Windows en cours d'utilisation est installé. + Label du volume dans Windows: + Mode de nettoyage : + Fermer + Permet de contourner l'&authentification de pré-amorçage en appuyant sur la touche Esc (active le gestionnaire de démarrage) + Ne rien faire + &Montage automatique d'un volume VeraCrypt (ci-dessous) + &Exécuter VeraCrypt + &Détecter bibliothèque + &Cache du mot de passe d'authentification de pré-amorçage dans le pilote mémoire (pour le montage de volumes non-système) + Parcourir... + Parcourir... + Mots de passe et fichiers clés en cache + Quitter quand il n'y a aucun volume monté + &Fermer la session de jeton de sécurité (déconnexion) après un montage de volume réussi + Inclure l'outil d'agrandissement de volume VeraCrypt + Inclure l'assistant de création de volume VeraCrypt + Créer + Créer un volume + Ne &montrer aucun texte dans l'écran d'authentification de pré-amorçage (excepté le message ci-dessous) + Désactiver la détection des attaques de type "Evil Maid" + Accélérer le chiffrement/déchiffrement AES en utilisant les instructions AES du processeur (si disponible) + Fichiers clés + Fichiers clés + &Quitter + Aide sur les volumes favoris + Ne pas monter le volume sélectionné quand le &raccourci de "Monter les volumes favoris" est pressé + Monter le volume sélectionné quand son appareil hôte est &connecté + Monter le volume sélectionné à l'&ouverture de session + Monter le volume sélectionné en &lecture seule + Monter le volume sélectionné en tant que support amo&vible + &Descendre + &Monter + Ouvrir une fenêtre de l'&Explorateur pour le volume sélectionné quand il est monté avec succès + &Supprimer + Utiliser le label du favori comme label du lecteur dans l'Explorateur + Paramètres globaux + Afficher une infobulle après un démontage par raccourci réussi + Jouer un son de notification système après un démontage par raccourci réussi + Alt + Ctrl + Maj + Win + Affecter + Enlever + Fichiers clés... + Ne pas utiliser le nombre de processeurs suivant pour le chiffrement/déchiffrement : + Plus d'infos + Plus d'infos + Plus de paramètres... + Montage &automatique + Opti&ons... + Monter le volume en lecture &seule + Fichiers clés... + (Vide or 0 pour valeur par défaut) + (Vide or 0 pour valeur par défaut) + Activer + Mots de passe en cache + Démontage automatique quand aucune donnée n'a été lue/écrite durant + L'utilisateur se déconnecte + L'utilisateur verrouille la session + Le PC passe en mise en veille + L'écran de veille est activé + Forcer le démontage automatique même s'il y a encore des fichiers ouverts + Monter tous les volumes VeraCrypt + Démarre la tâche de fond VeraCrypt + Monter les volumes en lecture seule + Monter les volumes comme des médias amovibles + Ouvrir la fenêtre de l'Explorateur des volumes montés avec succès + Temporairement mettre le mot de passe en cache pendant le montage des favoris + Utiliser une icône de barre des tâches différente quand il y a des volumes montés + Vider le cache des mots de passe au démontage + Vider le cache des mots de passe en quittant + Preserve les modifications d'horodatage des conteneurs de fichiers + Réinitialiser + &Périphérique... + &Fichier... + &Bibliothèque... + Afficher mot de passe + Afficher mot de passe + Ouvrir l'&Explorateur pour le volume monté + Mot de passe en &cache + Mode TrueCrypt + &Tout démonter + &Propriétés du volume + &Outils pour le volume + &Vider le cache + VeraCrypt - Paramèters montage + VeraCrypt - Volumes favoris + VeraCrypt - Raccourcis système + VeraCrypt + Modifier le mot de passe ou les fichiers clés + Entrer le mot de passe du volume VeraCrypt + VeraCrypt - Options de performance et configuration du pilote + VeraCrypt - Préférences + VeraCrypt - Paramètres de chiffrement du système + VeraCrypt - Jeton de sécurité - Préférences + Paramétrage du disque nomade VeraCrypt + Propriétés du volume VeraCrypt + À propos... + Ajouter/Supprimer des fichiers clés au/du volume... + Ajouter un volume monté aux favoris... + Ajouter un volume monté aux favoris système... + Analyser une panne système... + Sauvegarder l'en-tête du volume... + Banc de test... + Paramétrer l'algorithme de dérivation de la clé d'en-tête... + Modifier le mot de passe du volume + Paramétrer l'algorithme de dérivation de la clé d'en-tête... + Modifier le mot de passe... + Effacer l'historique du volume + Fermer toutes les sessions de jeton de sécurité + Contact... + Créer un système d'exploitation caché... + Créer un disque de secours... + Créer un nouveau volume... + Déchiffrer définitivement... + Fichiers clés par défaut... + Paramètres de montage par défaut... + Faire un don... + Chiffrer la partition/le disque système... + Foire aux questions + Guide de l'utilisateur + &Site web + Raccourcis... + Générateur de fichier clé + Langue... + Mentions légales + Gérer les fichiers clés de jeton de sécurité... + Monter automatiquement tous les volumes hébergeant un périphérique + Monter les volumes favoris + Monter sans &authentification lors du pré-amorçage... + Monter le volume + Monter le volume avec des options + Quoi de neuf + Aide en ligne + Didactitiel pour débuter + Organiser les volumes favoris... + Organiser les volumes système favoris... + Performances et Configuration du pilote + Déchiffrer définitivement la partition/le disque système + Préférences... + Actualiser les lettres de lecteur + Supprimer tous les fichiers clés du volume... + Restaurer l'en-tête du volume... + Reprendre un processus interrompu + Périphérique... + Fichier... + Reprendre un processus interrompu + Chiffrement du système... + Propriétés... + Paramètres... + Volumes système favoris... + Téléchargements + Vecteurs test... + Jetons de sécurité... + Paramétrage du disque nomade VeraCrypt... + Démonter tous les volumes montés + Démonter le volume + Vérifier le disque de secours + Vérifier l'image ISO du disque de secours + Historique + Agrandir un volume + Propriétés du volume + Assistant de création de volume + Site web VeraCrypt + Vider le cache des mots de passe + OK + Accélération matérielle + Raccourci + Configuration de l'exécution automatique (autorun.inf) + Démontage automatique + Tout démonter si : + Options de l'écran du chargeur d'amorçage + Confirmer : + Actuel + Afficher ce message dans l'écran d'authentification de pré-amorçage (24 caractères maximum) : + Options de montage par défaut + Options de raccourci + Configuration du pilote + Activer le support des codes de contrôle étendus pour disques + Label du volume favoris sélectionné : + Paramètres de fichier + Touche : + Le processeur (CPU) de cet ordinateur supporte l'accélération matérielle pour AES : + Actions à effectuer à l'ouverture d'une session Windows + minutes + Monter le volume avec la lettre de lecteur : + Paramètres de montage + Nouveau + Mot de passe : + Parallélisation + Chemin de bibliothèque PKCS #11 + PKCS-5 PRF : + PKCS-5 PRF: + Mots de passe en cache + Options de sécurité + Tâche de fond VeraCrypt + Volume VeraCrypt à monter (par rapport à la racine du disque nomade) : + À l'insertion du disque nomade : + Créer des fichiers pour le disque nomade sur (racine du disque nomade) : + Volume + Windows + Ajouter un &chemin + &Auto-tests + &Continuer + &Déchiffrer + &Effacer + &Chiffrer + &Exporter... + Générer et sauvegarder le fichier clé... + &Générer aléatoirement un fichier clé + Télécharger un fichier de langue + AES accéléré matériellement : + &Importer un fichier clé dans un jeton... + Ajouter &fichiers... + &Utiliser les fichiers clés + Fichiers &clés... + &Supprimer + &Tout supprimer + Qu'est-ce que la protection d'un volume caché ? + Plus d'infos sur les fichiers clés + Monter le volume comme un &média amovible + Monter la partition &avec chiffr. syst. sans authentification au pré-amorçage + Parallélisation : + Évaluer + &Imprimer + &Empêcher les dommages causés en écrivant dans le volume externe + &Réinitialiser + &Afficher mot de passe + Ajouter &Fichiers jeton... + Utiliser l'en-tête de sauvegarde incorporé dans le &volume s'il est disponible + Mode XTS + À propos de VeraCrypt + VeraCrypt - Banc de test de l'algorithme de chiffrement + VeraCrypt - Vecteurs test + Aide sur la commande en ligne + VeraCrypt - Fichiers clés + VeraCrypt - Générateur de fichier clé + VeraCrypt - Langue + VeraCrypt - Options de montage + Nouvelles propriétés du jeton de sécurité du fichier clé + VeraCrypt - Amélioration de la génération de nombres aléatoires + Sélectionner une partition ou un périphérique + VeraCrypt + Jeton de sécurité des fichiers clés + Mot de passe/code PIN du jeton de sécurité requis + Fichier de la langue en cours d'utilisation + La vitesse est affectée par la charge du CPU ainsi que par les caractéristiques du périphérique de stockage.\n\nCes tests ont lieu en RAM. + Tampon : + Chiffrement : + &Mot de passe du volume caché :\n(s'il est vide, celui en cache sera utilisé) + Protection du volume caché + Taille de la clé : + IMPORTANT : Déplacez aléatoirement la souris dans cette fenêtre. Plus longtemps vous le faites, mieux c'est. Cela accroît significativement la force cryptographique du fichier clé. + AVERTISSEMENT : Si vous perdez un fichier clé ou si tout bit de ses 1024 premiers kilooctets change, il sera impossible de monter les volumes utilisant ce fichier clé ! + bits + Nombre de fichiers clé: + Taille fichiers clé (en Octets): + Nom de base fichiers clé: + Traduit par : + Taille text en clair : + bits + Réserve de nombres aléatoires + Mélange PRF : + IMPORTANT : Déplacez aléatoirement la souris dans cette fenêtre. Plus longtemps vous le faites, mieux c'est. Cela augmente significativement la sécurité. Lorsque vous avez terminé, cliquez sur 'Continuer'. + Clé secondaire (hexadécimal) + Jeton de sécurité : + Méthode de tri : + Merci de patienter. Cette opération peut prendre beaucoup de temps... + Merci de patienter...\nCette opération peut prendre beaucoup de temps et la fenêtre de VeraCrypt peut se figer et ne plus répondre. + Nombre de blocs : + Cryptogramme (hexadécimal) + Nombre d'unité de données (hexadécimal de 64 bits, taille d'une unité = 512 octets) + Clé (hexadécimal) + Texte en clair (hexadecimal) + Nom du fichier clé : + Mode XTS + S&ystème + &Volumes + Favor&is + &Outils + &Paramètres + &Aide + &Site Web + + À &propos... + L'attribut lecture seule sur votre ancien volume n'a pas pû être changé. Vérifiez les permissions d'accès. + Erreur : Accès refusé.\n\nLa partition à laquelle vous essayez d'accéder fait soit zéro secteur de long, soit il s'agit du périphérique d'amorçage. + Administrateur + Pour charger le pilote VeraCrypt, vous avez besoin d'être connecté avec un compte ayant des privilèges d'administrateur. + Notez que pour chiffrer/déchiffrer/formater une partition/un périphérique vous devez être connecté avec un compte possédant des privilèges d'administrateur.\n\nCela ne s'applique pas aux volumes hébergeant un fichier. + Pour créer un volume caché vous devez être connecté à un compte possédant des privilèges d'administrateur.\n\nContinuer ? + Notez que pour formater le volume en NTFS/exFAT vous devez être connecté avec un compte possédant des privilèges d'administrateur.\n\nSans privilèges d'administrateur, vous pouvez formater le volume en FAT. + Algorithme cryptographique (Rijndael, publié en 1998) approuvé par la FIPS, qui peut être utilisé par les agences/départements fédéraux américains pour protéger cryptographiquement les informations sensibles. Clé à 256 bits, bloc de 128 bits, 14 rondes (AES-256). Le mode opératoire est XTS. + Le volume est déjà monté. + ATTENTION : Au moins un algorithme de chiffrement ou de hachage a échoué aux tests automatiques ! L'installation de VeraCrypt peut être corrompue. + ATTENTION : Il n'y a pas assez de données dans la réserve du générateur de nombres aléatoires pour fournir la quantité de données aléatoires demandée.\n\nVous ne devriez pas continuer. Sélectionnez 'Signaler un bogue' depuis le menu d'aide. + Le disque est endommagé (il y a un défaut physique dessus) ou un câble est endommagé, ou la mémoire fonctionne mal.\n\nNotez qu'il s'agit d'un problème avec votre matériel, pas avec VeraCrypt. Aussi ne rapportez PAS ceci comme un bogue/un problème dans VeraCrypt et ne demandez pas non plus d'aide pour cela dans les forums de VeraCrypt. Contactez le support technique de votre revendeur de matériel informatique pour une assistance. Merci.\n\nRemarque : Si l'erreur se répète au même endroit, cela est vraisemblablement la faute d'un mauvais bloc du disque dur, qui pourrait être corrigée avec un logiciel tiers (notez que dans de nombreux cas, la commande 'chkdsk /r' ne corrige rien parce qu'elle ne fonctionne qu'au niveau du système de fichiers. Dans certain cas, l'outil 'chkdsk' ne la détecte même pas). + Si vous utilisez un périphérique amovible, assurez-vous qu'un média y est inséré. Le lecteur/média peut aussi être endommagé (il peut y avoir un défaut physique) ou un câble peut être endommagé/déconnecté. + Votre système semble utiliser un pilote de périphérique tiers (non Microsoft) contenant un bug qui empêche le chiffrement de la totalité du lecteur système.\n\nEssayer de mettre à jour ou désinstaller tout pilote de périphérique tiers avant de continuer. Si cela ne résoud pas le problème, essayez de chiffrer uniquement la partition système. + Lettre de lecteur invalide. + Emplacement invalide. + Annuler + Impossible d'accéder au périphérique. Vérifiez qu'il existe et qu'il n'est pas utilisé par le système. + Avertissement : Majuscules activées. Ceci peut vous empêcher de saisir correctement votre mot de passe. + Type de volume + Il se peut que vous soyez forcé par quelqu'un de révéler votre mot de passe. Il y a des situations où vous ne pouvez pas refuser de divulguer le mot de passe (ex : par une extorsion). L'utilisation d'un volume caché vous permet de résoudre de telles situations sans donner le mot de passe de votre volume. + Sélectionnez cette option si vous voulez créer un volume VeraCrypt normal. + Notez que si vous désirez installer un système d'exploitation dans un volume hébergeant une partition cachée, alors l'intégralité du disque système ne pourra pas être chiffré avec une seule clé. + Options de chiffrement du volume externe + Options de chiffrement du volume caché + Options de chiffrement + AVERTISSEMENT : L'effacement de l'emplacement du dernier volume/fichier clé sélectionné a échoué (enregistré par le sélecteur de fichiers) ! + Erreur : Le volume a été compressé au niveau du système d'exploitation. VeraCrypt ne supporte pas les conteneurs compressés (notez que la compression de données chiffrées est inefficace et redondante).\n\nDésactivez la compression du conteneur en suivant ces étapes : 1) Cliquez-droit sur le conteneur (dans l'Explorateur de Windows). 2) Sélectionnez 'Propriétés'. 3) Sur l'onglet 'Général', cliquez sur 'Avancé'. 4) Dans 'Attributs avancés' décochez 'Compresser le contenu pour minimiser l'espace disque nécessaire'. Cliquez 'OK'. 5) Dans 'Propriétés', cliquez 'OK'. + La création du volume %s a échoué + La taille de %s est de %.2f octets + La taille de %s est de %.2f Ko + La taille de %s est de %.2f Mo + La taille de %s est de %.2f Go + La taille de %s est de %.2f To + La taille de %s est de %.2f Po + AVERTISSEMENT : La partition/le périphérique est utilisé par le système ou par une application. Formater peut conduire à une perte de données ou une instabilité du système.\n\nContinuer ? + AVERTISSEMENT : La partition est utilisée par le système ou une application. Vous devriez fermer toute application qui pourrait utiliser la partition (logiciel antivirus inclus).\n\nContinuer ? + Erreur : Le périphérique/la partition contient un système de fichiers qui n'a pas pû être démonté. Le système de fichiers peut être utilisé par le système d'exploitation. Formater le périphérique/la partition peut conduire à la corruption des données et à l'instabilité du système.\n\n Pour résoudre ce problème, il est recommandé de supprimer la partition puis de la recréer sans la formater. Pour se faire, faites comme suit : 1) Cliquez-droit sur 'Poste de Travail', sélectionnez 'Gérer'. La fenêtre 'Gestion de l'ordinateur' devrait apparaître. 2) Dans 'Gestion de l'ordinateur' sélectionnez 'Stockage' > 'Gestion des disques'. 3) Cliquez-droit sur la partition à chiffrer puis choisissez soit 'Supprimer la partition' soit 'Supprimer le volume' ou 'Supprimer le disque logique'. 4) Cliquez 'Oui'. Si Windows propose de redémarrer, faites-le. Puis répétez les étapes 1 et 2 puis continuez à partir de l'étape 5. 5) Cliquez-droit sur l'espace libre et choisissez soit 'Nouvelle partition' soit 'Nouveau volume simple' ou 'Nouveau disque logique'. 6) La fenêtre d'un assistant apparaît, suivez ses instructions. Sur la page de l'assistant intitulée 'Formater la partition' choisissez soit 'Ne pas formater cette partition' ou 'Ne pas formater ce volume'. Cliquez sur 'Suivant'. Puis sur 'Terminer'. 7) Notez que le chemin du périphérique sélectionné dans VeraCrypt peut être désormais erroné. Aussi quittez l'assistant de création de volume VeraCrypt si besoin est et relancez-le. 8) Dans VeraCrypt, essayez à nouveau de chiffrer le périphérique/la partition.\n\nSi VeraCrypt continue d'échouer lors du chiffrement, pensez alors à créer un fichier conteneur à la place. + Erreur : Le système de fichiers ne peut pas être vérouillé et/ou démonté. Il peut être utilisé par le système d'exploitation ou des applications (comme un logiciel antivirus). Chiffrer la partition pourrait causer une corruption de données et une instabilité du système.\n\nVeuillez fermer toute application pouvant utiliser le système de fichers et essayez à nouveau. Si cela ne résoud pas le problème, veuillez suivre les étapes ci-dessous. + AVERTISSEMENT : Certains périphériques/partitions étaient déjà en cours d'utilisation !\n\nL'ignorer peut causer des résultats indésirables.\n\nNous vous recommandons de fermer toutes les applications pouvant utiliser les périphériques/les partitions. + Le périphérique contient des partitions.\n\nFormater le périphérique peut conduire à l'instabilité du système et/ou la corruption des données. Sélectionnez une partition sur le périphérique ou enlevez toutes les partitions du périphérique pour permettre à VeraCrypt de formater en toute sécurité. + Le lecteur sélectionné contient des partitions non-systèmes.\n\nLes volumes VeraCrypt peuvent être créés sur un lecteur ne contenant pas de partitions (cela inclut les disques durs et les SSD). Un lecteur contenant des partitions peut être entièrement chiffré (en utilisant une clé maître) seulement si c'est le lecteur où est installé Windows et qu'il est bootable.\n\nSi vous voulez chiffrer le lecteur non-système sélectionné en utlisant une clé maître, vous devrez préalablement retirer toutes les partitions situées sur le lecteur pour permettre à VeraCrypt de le formater de manière sécurisé (formater un lecteur contenant des partitions pourrait causer une instabilité système et/ou une corruption de données). Sinon, vous pouvez chiffrer individuellement chaque partition du lecteur (chaque partition sera chiffrée en utilisant une clé maître différente).\n\nRemarque : Si vous souhaitez supprimer toutes les partitions d'un disque GPT, il faudra le convertir en disque MBR (en utilisant par exemple les outils de gestion de l'ordinateur) afin de supprimer des partitions cachées. + AVERTISSEMENT : Si vous chiffrez complètement un lecteur (par opposition au chiffrage d'une partition sur celui-ci), le système d'exploitation considérera le lecteur comme nouveau, vide, et non formatté (comme s'il ne contenait pas de table de partition) et pourrait spontanément l'initialiser (ou vous demander si vous voulez le faire), ce qui pourrait endommager le volume. En outre, il ne sera pas toujours possible de monter le volume en tant que favori (ex : quand le numéro de lecteur change) ou attribuer un label au volume.\n\nPour empêcher cela, vous pouvez envisager de créer une partition sur le lecteur et la chiffrer.\n\nÊtes-vous sûr de vouloir chiffrer complètement le lecteur ? + IMPORTANT : Gardez à l'esprit que ce volume ne peut pas être monté ou accessible en utilisant l'unité logique %c: qui lui est actuellement assigné !\n\nPour monter ce volume, cliquez sur 'Montage automatique des lecteurs' dans la fenêtre principale de VeraCrypt (sinon, dans la fenêtre principale de VeraCrypt, cliquez 'Selectionner un lecteur', choisissez le lecteur/partition, et cliquez sur 'Monter'). Ce volume sera monté sur une unité logique différente, que vous pouvez sélectionner dans la fenêtre principale de Veracrypt.\n\nL'unité logique %c ne devrait être utilisée que dans le cas où vous avez besoin de retirer le chiffrage du lecteur ou de la partition (par exemple, si vous n'avez pas besoin de chiffrage). Dans ce cas, faites un clic droit sur la lettre %c: du lecteur et sélectionnez 'Formater'. Par ailleurs, l'unité logique %c: ne devrait jamais être utilisée (sauf si vous la retirez et l'assignez à un autre lecteur/partition, comme décrit par exemple dans la FAQ de VeraCrypt). + Le chiffrement sur place des volumes non-système n'est pas supporté par la version du système d'exploitation que vous utilisez (il est pris en charge uniquement sur Windows Vista et les versions ultérieures de Windows).\n\nLa raison est que cette version de Windows ne supporte pas la réduction du système de fichiers (le système de fichiers doit être réduit pour faire place à l'en-tête de volume et l'en-tête de sauvegarde). + La partition sélectionnée ne semble pas contenir un système de fichiers NTFS. Seules les partitions qui contiennent un système de fichiers NTFS peuvent être cryptées sur place.\n\nRemarque : la raison est que Windows ne supporte pas la réduction des autres types de systèmes de fichiers (le système de fichiers doit être rétréci pour faire place à l'en-tête de volume et l'en-tête de sauvegarde). + La partition sélectionnée ne semble pas contenir un système de fichiers NTFS. Seules les partitions qui contiennent un système de fichiers NTFS peuvent être chiffrées sur place.\n\nSi vous souhaitez créer un volume chiffré de VeraCrypt dans cette partition, choisissez l'option « Créer le volume chiffré et formatez-le » (au lieu de l'option "Chiffrer la partition en place"). + Erreur : La partition est trop petite. VeraCrypt ne peut pas la chiffrer. + Pour chiffrer les données sur cette partition, suivez ces étapes : \n\n1) Créez un volume VeraCrypt sur un lecteur/partition vide, puis montez-le. \n\n2) Copiez tous les fichiers de la partition que vous avez initialement voulu chiffrer vers le volume VeraCrypt qui a été créé et monté à l'étape 1). De cette façon, vous allez créer une sauvegarde chiffrée VeraCrypt des données.\n\n3) Créez un volume VeraCrypt sur la partition que vous avez initialement voulu chiffrer et assurez-vous que dans l'Assistant de VeraCrypt vous choisissez l'option "Créer le volume chiffré et formatez-le" (au lieu de l'option "Chiffrer la partition en place"). Notez que toutes les données stockées sur la partition seront effacées. Après avoir créé le volume, montez-le \n\n4) Copiez tous les fichiers du volume VeraCrypt créé et monté à l'étape 1 vers le volume VeraCrypt vréé et monté à l'étape 3.\n\nAprès avoir effectué ces étapes, les données seront chiffrées et, en outre, il y aura une sauvegarde chiffrée des données. + VeraCrypt peut uniquement chiffrer une partition en place, un volume dynamique, ou un lecteur complet.\n\nSi vous souhaitez créer un volume chiffré VeraCrypt sur le lecteur non système sélectionné, choisissez l'option « Créez le volume chiffré et formatez-le » (au lieu de l'option "Chiffrer la partition en place"). + Erreur : VeraCrypt peut uniquement chiffrer une partition, un volume dynamique ou un lecteur complet. Assurez-vous que le chemin d'accès spécifié est valide. + Erreur : Impossible de réduire le système de fichiers (le système de fichiers doit être réduit pour libérer de l'espace pour l'en-tête de volume et l'en-tête de sauvegarde).\n\nPossible causes et solutions : \n\n- Il n'y a pas assez d'espace libre sur le volume. Assurez-vous qu'aucune autre application n'écrit sur le système de fichiers.\n\n- Le système de fichiers est corrompu. Essayez de vérifier et de corriger les erreurs (cliquez avec le bouton droit sur l'unité logique correspondante dans la liste « Ordinateur », puis sélectionnez Propriétés > Outils > « Vérifier maintenant », assurez-vous que l'option « corriger automatiquement les erreurs de système de fichier » est activée, puis cliquez sur Démarrer).\n\nSi les étapes ci-dessus ne résolvent pas le problème, veuillez suivre les étapes suivantes. + Erreur : Il n'y a pas suffisamment d'espace libre sur le volume et donc le système de fichiers ne peut pas être réduit (le système de fichiers doit être réduit pour libérer de l'espace pour l'en-tête de volume et l'en-tête de sauvegarde).\n\nSupprimez tous les fichiers redondants et videz la corbeille afin de libérer au moins 256 Ko d'espace et puis essayez à nouveau. Notez qu'en raison d'un problème de Windows, la quantité d'espace libre, rapporté par l'Explorateur Windows peut être incorrecte jusqu'au redémarrage du système d'exploitation. Si le redémarrage du système ne suffit pas, le système de fichiers est endommagé. Essayez de vérifier et de corriger les erreurs (cliquez avec le bouton droit sur l'unité logique correspondante dans la liste « Ordinateur », puis sélectionnez Propriétés > Outils > « Vérifier maintenant », assurez-vous que l'option « corriger automatiquement les erreurs de système de fichier » est activée, puis cliquez sur Démarrer).\n\nSi les étapes ci-dessus ne résolvent pas le problème, veuillez suivre les étapes suivantes. + L'espace libre sur le disque %s est %.2f octets. + L'espace libre sur le disque %s est %.2f Ko + L'espace libre sur le disque %s est %.2f Mo + L'espace libre sur le disque %s est %.2f Go + L'espace libre sur le disque %s est %.2f To + L'espace libre sur le disque %s est %.2f Po + Impossible d'obtenir les lettres de lecteur disponibles. + Erreur : Le pilote VeraCrypt est introuvable.\n\nCopiez les fichiers 'veracrypt.sys' et 'veracrypt-x64.sys' dans le répertoire où se trouve l'application principale de VeraCrypt (VeraCrypt.exe). + Erreur : Une version incompatible du pilote VeraCrypt est actuellement en cours d'exécution.\n\nSi vous essayez d'exécuter VeraCrypt en mode portable (c'est-à-dire sans l'installer) et qu'une autre version de VeraCrypt est déjà installé, vous devez tout d'abord la désinstaller (ou la mettre à niveau à l'aide de l'installateur de VeraCrypt). Pour la désinstaller, procédez comme suit : sur Windows Vista ou une version ultérieure, sélectionnez « Menu Démarrer » > ordinateur > « Désinstaller ou modifier un programme » > VeraCrypt > désinstaller ; sur Windows XP, sélectionnez « Menu Démarrer » > Paramètres > « Panneau de configuration » > « Ajouter ou supprimer des programmes » > VeraCrypt > Supprimer.\n\nDe même, si vous essayez d'exécuter VeraCrypt en mode portable (c'est-à-dire sans l'installer) et qu'une autre version de VeraCrypt est déjà en cours d'exécution en mode portable, vous devez redémarrer le système, puis alors exécutez cette nouvelle version. + Erreur : L'initialisation du chiffrement a échoué. + Erreur : Clé de chiffrement faible détectée ! Essayez à nouveau. + Une erreur critique s'est produite et VeraCrypt doit s'arrêter. Si cela est dû à un bug dans VeraCrypt, nous voudrions le corriger. Pour nous aider, vous pouvez nous envoyer un rapport d'erreur généré automatiquement contenant les éléments suivants : \n\n- La version du programme\n- La version du système d'exploitation\n- Le type de CPU\n - Le nom du composant VeraCrypt\n- La somme de contrôle de l'exécutable VeraCrypt\n- Le nom symbolique de la fenêtre de dialogue\n- La catégorie d'erreur\n- L'adresse de l'erreur\n- La pile d'exécution VeraCrypt\n\nSi vous sélectionnez « Oui », l'URL suivante (qui contient le rapport d'erreur entier) s'ouvrira dans votre navigateur internet par défaut.\n\n%hs\n\nVoulez-vous nous faire parvenir le rapport d'erreur ci-dessus ? + Une erreur critique s'est produite dans votre système, qui nécessite l'arrêt de VeraCrypt.\n\nNotez que cette erreur n'a pas été causée par VeraCrypt (les développeurs de VeraCrypt ne peuvent donc pas la corriger). Veuillez vérifier les causes possibles sur votre système (p. ex., configuration du système, la connexion réseau, faute de composants matériels). + Une erreur critique s'est produite dans votre système, qui nécessite l'arrêt de VeraCrypt.\n\nSi ce problème persiste, vous pouvez essayer de désactiver ou désinstaller les applications qui pourraient potentiellement être l'origine de ce problème, tels que les antivirus ou les logiciels de sécurité Internet, applications d'optimisation, etc.. Si cela ne résoud pas le problème, vous pouvez essayez de réinstaller votre système d'exploitation (ce problème peut également être causé par des logiciels malveillants). + Erreur critique VeraCrypt + VeraCrypt a détecté que le système d'exploitation s'est récemment arrêté de façpn inattendue. Plusieurs raisons sont possibles (par exemple, une panne d'un composant matériel, un bug dans un pilote de périphérique, etc.)\n\nVoulez-vous que VeraCrypt vérifie si un bug dans VeraCrypt aurait pu causer la panne du système ? + Voulez-vous que VeraCrypt continue de détecter les crashs du système ? + VeraCrypt n'a pas trouvé le fichier crash système minidump. + Voulez-vous supprimer le fichier de vidage de panne Windows pour libérer de l'espace disque ? + Pour analyser la panne système, VeraCrypt a d'abord besoin d'installer Microsoft Debugging Tools pour Windows.\n\nAprès avoir cliqué sur OK, l'installateur Windows va télécharger le paquetage d'installation Microsoft Debugging Tools (16 Mo) depuis un serveur Microsoft et l'installer (l'installateur Windows sera transmis à l'URL du serveur Microsoft depuis le serveur de veracrypt.org, ce qui assure le bon fonctionnement de cette procédure même si Microsoft change l'emplacement du paquetage d'installation). + Après que vous ayez cliqué sur OK, VeraCrypt analisera la panne système. Cela peut prendre plusieurs minutes. + Assurez-vous que la variable d'environnement 'PATH' inclus le chemin d'accès à 'kd.exe' (debugger du noyau). + Il semble que VeraCrypt n'a probablement pas causé l'arrêt inattendu du système. Plusieurs autres raisons sont possibles (par exemple, un panne d'un composant matériel, un bug dans un pilote de périphérique, etc.) + Les résultats de l'analyse indiquent que la mise à jour du pilote suivant pourrait résoudre ce problème : + Pour nous aider à déterminer s'il y a un bug dans VeraCrypt, vous pouvez nous envoyer un rapport d'erreur généré automatiquement contenant les éléments suivants : \n\n- La version du programme\n- La version du système d'exploitation\n- Le type de CPU\n - Le nom du composant VeraCrypt\n- La somme de contrôle de l'exécutable VeraCrypt\n- Le nom symbolique de la fenêtre de dialogue\n- La catégorie d'erreur\n- L'adresse de l'erreur\n- La pile d'exécution VeraCrypt\n\nSi vous sélectionnez « Oui », l'URL suivante (qui contient le rapport d'erreur entier) s'ouvrira dans votre navigateur internet par défaut. + Voulez-vous nous faire parvenir le rapport d'erreur ci-dessus ? + &Chiffrer + &Déchiffrer + &Déchiffrer de façon permanente + Quitter + Créez un lecteur logique pour cette partition étendue puis essayez à nouveau. + Un volume VeraCrypt peut résider dans un fichier (appelé conteneur VeraCrypt), qui peut résider dans un disque dur, une clé USB, etc. Un conteneur VeraCrypt est comme un fichier normal (il peut par exemple être déplacé ou supprimé comme tout autre fichier). Cliquez sur "Fichier..." pour choisir un nom de fichier pour le conteneur et pour sélectionner l'emplacement où vous souhaitez que le conteneur soit créé.\n\nATTENTION : Si vous sélectionnez un fichier existant, VeraCrypt ne le chiffrera PAS ; le fichier sera supprimé et remplacé par le conteneur VeraCrypt nouvellement créé. Vous pourrez chiffrer des fichiers existants (par la suite) en les déplaçant dans le conteneur VeraCrypt que vous êtes sur le point de créer. + Sélectionnez l'emplacement du volume externe à créer (le volume caché sera créé par la suite dans le volume externe).\n\nUn volume VeraCrypt peut résider dans un fichier (appelé conteneur VeraCrypt), qui peut résider dans un disque dur, une clé USB, etc. Un conteneur VeraCrypt peut être déplacé ou supprimé comme tout autre fichier. Cliquez sur "Fichier..." pour choisir un nom de fichier pour le conteneur et pour sélectionner l'emplacement où vous souhaitez que le conteneur soit créé.\nATTENTION : Si vous sélectionnez un fichier existant, VeraCrypt ne le chiffrera PAS ; le fichier sera supprimé et remplacé par le conteneur VeraCrypt nouvellement créé. Vous pourrez chiffrer des fichiers existants (par la suite) en les déplaçant dans le conteneur VeraCrypt que vous êtes sur le point de créer. + Des volumes VeraCrypt chiffrés peuvent être créés sur des partitions sur des disques durs, SSD, clés USB et sur d'autres périphériques de stockage. Les partitions peuvent également être chiffrées sur place.\n\nEn plus, des volumes chiffrés VeraCrypt peuvent être créés sur des dispositifs qui ne contiennent aucune partition (y compris les disques durs et SSD drives).\n\nRemarque : un dispositif qui contient des partitions peut être entièrement chiffré sur place (à l'aide d'une clé unique) uniquement si c'est le lecteur où Windows est installé et depuis lequel il démarre. + Un volume VeraCrypt peut être créé sur une partition d'un disque dur, SSD, clé USB et autres périphériques.\n\nWARNING stockage : Notez que le lecteur/partition sera formaté et toutes les données actuellement stockées dessus seront perdues. + \nSélectionnez l'emplacement du volume externe à créer (le volume caché sera créé par la suite dans le volume externe).\n\nLes volumes externes peuvent être créés dans des partitions de disques durs, SSD, clés USB, et dans tout autre dispositif de stockage supporté. Les volumes externes peuvent aussi être créés dans des dispositifs qui ne contiennent aucune partition (y compris disques durs et SSD).\n\nATTENTION : Notez que la partition/le dispositif de stockage sera formaté(e) et que toutes les données qui y sont contenues seront perdues. + Sélectionnez l'emplacement du volume VeraCrypt dans lequel vous désirez créer un volume caché. + AVERTISSEMENT : Le fichier hôte/périphérique est déjà utilisé!\n\nIgnorer cet avertissement peut provoquer des résultats indésirés dont l'instabilité du système. Toutes les applications susceptibles d'utiliser le fichier hôte/périphérique (par exemple, les applications antivirus ou de sauvegarde) doivent être fermées avant de monter le volume.\n\nContinuer ? + Erreur : Impossible de monter le volume. Le fichier hôte est déjà en cours d'utilisation. Essayer de le monter sans un accès exclusif a aussi échoué. + Le fichier n'a pas pû être ouvert. + Emplacement du volume + Grands fichiers + Comptez-vous stocker des fichiers plus grands que 4 Go sur ce volume VeraCrypt ? + Selon votre choix ci-dessus, VeraCrypt choisira un système de fichiers qui convient pour le volume VeraCrypt (vous pourrez sélectionner un système de fichiers lors de la prochaine étape). + Comme vous créez un volume externe, vous devriez choisir 'Non'. Si vous choisissez 'Oui', le système de fichiers par défaut sera NTFS, qui ne convient pas aussi bien que FAT/exFAT pour les volumes externes (par exemple la taille maxi pour le volume caché sera plus grande de façon significative si le volume externe est formaté en FAT/exFAT). Normalement FAT est le choix par défaut pour les deux types de volume (caché, et normal - ainsi les volumes FAT ne sont pas suspicieux). Cependant, si l'utilisateur indique son intention de stocker des fichiers plus grands que 4Go (que le système FAT ne supporte pas) alors FAT n'est pas le choix par défaut. + Êtes-vous sûr de vouloir choisir 'Oui' ? + Mode création de volume + C'est le moyen le plus rapide pour créer un volume VeraCrypt hébergé sur une partition ou sur un périphérique (le chiffrage sur place, qui est l'autre option, est plus lent parce que le contenu de chaque secteur doit être d'abord lu, chiffré puis écrit). Toutes les données actuellement stockées sur la partition/périphérique sélectionné seront perdues (les données ne seront pas chiffrées ; elles seront remplacées par des données aléatoires). Si vous souhaitez chiffrer les données existantes sur une partition, choisissez l'autre option. + La partition sélectionnée et toutes les données stockées dessus seront chiffrées sur place. Si la partition est vide, vous deriez choisir l'autre option (le volume sera créé beaucoup plus vite). + Remarque : + &Reprendre + &Différer + &Démarrer + &Continuer + &Formater + &Effacer + Abandonner le formatage ? + Afficher plus d'infos + Ne plus afficher + Le contenu de la partition/lecteur a été effacé avec succès. + Le contenu de la partition où le système d'origine résidait (pour lequel le système caché est un clone) a été nettoyée avec succès. + Assurez-vous que la version de Windows que vous prévoyez d'installer (sur la partition nettoyée) est identique à la version de Windows que vous utilisez actuellement. C'est nécessaire car les deux systèmes seront partageront la même partition de démarrage. + Le lecteur/partition système a été chiffré avec succès.\n\nRemarque : S'il y a des volumes VeraCrypt non-système devant être montés automatiquement à chaque démarrage de Windows, vous pouvez le configurer en montant chacun d'entre eux et en sélectionnant "Favoris">"Ajouter le volume monté aux favoris système"). + La partition/le disque système a été déchiffré avec succès. + \n\nLe volume VeraCrypt a été créé et il est prêt à l'emploi. Pour créer un autre volume VeraCrypt, cliquez sur 'Suivant'. Sinon 'Quitter'. + \n\nLe volume caché VeraCrypt a été créé avec succès (le système d'exploitation caché résidera sur ce volume).\n\nCliquez sur Suivant pour continuer. + Volume complètement chiffré + Volume complètement déchiffré + IMPORTANT : POUR MONTER CE VOLUME VERACRYPT NOUVELLEMENT CREE ET ACCEDER AUX DONNEES STOCKEES DESSUS, cliquez sur « Montage automatique des périphériques » DAN LA FENETRE PRINCIPALE DE VERACRYPT. Après avoir entré le bon mot de passe (et/ou fourni le bon fichier clé), le volume sera monté sur l'unité logique que vous avez sélectionné dans la liste de la fenêtre principale de VeraCrypt (et vous serez en mesure d'accéder aux données chiffrées par l'intermédiaire de cette unité logique).\n\nSOUVENEZ-VOUS OU ECRIVEZ LES ETAPES CI-DESSUS. VOUS DEVEZ LES SUIVRE CHAQUE FOIS QUE VOUS SOUHAITEZ MONTER UN VOLUME ET ACCEDER AUX DONNÉES STOCKÉES DESSUS. D'une autre manière, dans la fenêtre principale de VeraCrypt, cliquez sur "Sélectionner le périphérique", puis sélectionnez la partition ou le volume et cliquez sur "Monter".\n\nLa partition ou le volume a été chiffré avec succès (il contient maintenant un volume de VeraCrypt complètement chiffré) et est prêt à l'emploi. + Le volume VeraCrypt a été déchiffré avec succès. + Le volume VeraCrypt a été déchiffré avec succès.\n\nVeuillez sélectionner la lettre de lecteur que vous souhaitez affecter au volume décrypté puis cliquez sur Terminer.\n\nIMPORTANT: Jusqu'à ce qu'une lettre de lecteur soit affectée au volume décrypté, vous ne serez pas en mesure d'accéder aux données stockées sur le volume. + Attention: Pour être en mesure d'accéder aux données décryptées, une lettre de lecteur doit être attribuée au volume déchiffré. Cependant, aucune lettre de lecteur n'est actuellement disponible.\n\nVeuillez libérer une lettre de lecteur (par exemple, par la déconnexion d'un lecteur flash USB ou d'un disque dur externe), puis cliquez sur OK. + Le volume VeraCrypt a été créé avec succès. + Volume créé + IMPORTANT : Déplacez votre souris dans cette fenêtre aussi aléatoirement que possible. Plus longtemps vous la bougez, mieux c'est. Cela accroît significativement la force cryptographique des clés de chiffrement. Puis cliquez sur 'Formater' pour créer le volume. + Cliquez sur 'Formater' pour créer le volume externe. Pour plus d'infos, consultez la documentation. + Formatage du volume externe + Formatage du volume caché + Formatage du volume + Adobe Reader (ou un autre outil compatible) est nécessaire pour afficher ou imprimer le guide de l'utilsateur. Adobe Reader (gratuitiel) peut être téléchargé sur : www.adobe.com/fr\n\nVoulez-vous voir la documentation en ligne à la place ? + Si vous sélectionnez cette option, l'assistant vous aidera d'abord à créer un volume VeraCrypt normal puis un volume VeraCrypt caché à l'intérieur. Les utilisateurs inexpérimentés devraient toujours sélectionner cette option. + Si vous sélectionnez cette option, vous créerez un volume caché dans un volume VeraCrypt existant. Il sera supposé que vous avez déjà créé un volume VeraCrypt prêt à héberger un volume caché. + Mode création de volume + Volume caché créé + Le volume caché VeraCrypt a été créé avec succès et est prêt à l'emploi. Si toutes les instructions ont été suivies et si les précautions et les exigences indiquées dans la section « exigences de sécurité et précautions relatives aux volumes cachés » du Guide de l'utilisateur VeraCrypt sont suivies, il devrait être impossible de prouver que le volume caché existe, même si le volume extérieur est monté.\n\nAVERTISSEMENT : Si vous ne protégez pas le VOLUME caché (pour INFORMATION sur comment le faire, REPORTEZ-VOUS À LA SECTION "PROTECTION DES VOLUMES CACHÉS CONTRE LES DOMMAGES" DANS LE GUIDE DE L'UTILISATEUR VERACRYPT), NE PAS ÉCRIRE POUR LE VOLUME EXTÉRIEUR. SINON, VOUS POUVEZ ÉCRASER ET ENDOMMAGER LE VOLUME CACHÉ ! + Vous avez démarré le système d'exploitation caché. Comme vous l'avez peut-être remarqué, le système d'exploitation caché semble être installé sur la même partition que le système d'exploitation d'origine. Cependant, en réalité, il est installé dans une de ses sous-partition (dans le volume caché). Toutes les opérations de lecture/écriture sont redirigées de manière transparente de la partition système d'origine vers le volume caché.\n\nNi le système d'exploitation ni les applications ne savent que les données écrites et lues à partir de la partition système sont en fait lues et écrites depuis/vers la partition cachée. Les données sont chiffrées et déchiffrées à la volée comme d'habitude (avec une clé de chiffrement différente de celle qui sera utilisée pour le leurre du système d'exploitation).\n\n\nCliquez sur Suivant pour continuer. + Le volume externe a été créé et monté comme lecteur %hc:. Dans ce volume, vous devriez y copier quelques fichiers apparemment importants que vous ne voulez en réalité PAS cacher. Ils seront là pour quiconque vous force à dévoiler le mot de passe pour la première partition après la partition système, où se trouveront le volume externe et le volume caché (contenant le système d'exploitation caché). Vous pourrez révéler le mot de passe de ce volume externe et l'existence du volume caché (ainsi que du système d'exploitation qui est présent) restera secrète.\n\nIMPORTANT : Les fichiers que vous copiez dans le volume externe ne devraient pas occuper plus de %s. Sinon il n'y aura pas assez d'espace libre pour y mettre le volume caché (et vous ne pourrez pas continuer). Après la copie, cliquez sur 'Suivant' (ne démontez pas le volume). + Le volume externe a été créé avec succès et monté comme lecteur %hc:. Pour utiliser ce volume, vous devriez maintenant copier quelques données 'apparemment' sensibles que vous ne voulez PAS réellement cacher. Ces fichiers seront là pour quiconque voudrait vous forcer la main pour avoir votre mot de passe. Vous ne révélerez que le mot de passe du volume externe, pas celui du volume caché. Les fichiers auxquels vous tenez seront stockés dans le volume caché, qui sera créé ultérieurement.\n\nQuand vous avez terminé de copier, cliquez sur 'Suivant'. Ne démontez pas ce volume.\n\nRemarque : Après avoir cliqué sur 'Suivant', le plan de configuration du volume externe sera scanné pour déterminer la taille du bloc ininterrompu de l'espace libre (s'il existe) dont la fin est alignée avec celle du volume. Ce bloc adaptera le volume caché et ainsi limitera sa taille maximale possible. Le scan du plan de configuration est nécessaire pour s'assurer qu'aucune donnée sur le volume externe ne sera écrasée par le volume caché. + Contenu du volume externe + \n\nDans les étapes suivantes, vous paramétrerez les options pour le volume externe (dans lequel le volume caché sera créé ultérieurement). + \n\nDans les étapes suivantes, vous allez créer un pseudo volume externe VeraCrypt dans la première partition après la partition système (comme cela a été expliqué précédemment). + Volume externe + Dans les étapes suivantes, vous allez définir les options et mot de passe pour le volume caché, qui contiendra le système d'exploitation caché.\n\nRemarque : Le volume externe a été scanné afin de déterminer la taille de la zone ininterrompue d'espace libre dont l'extrémité est alignée avec l'extrémité extérieure du volume. Cette zone pourra accueillir le volume caché et elel limite sa taille maximale possible. La taille maximale possible du volume caché a été déterminée et confirmée pour être supérieure à la taille de la partition système (ce qui est nécessaire, car la totalité du contenu de la partition système doit être copiée dans le volume caché). Cela garantit qu'aucune donnée actuellement stockée sur le volume extérieur sera remplacée par les données écrites sur la zone du volume caché. + Important : Mémorisez les algorithmes que vous sélectionnez à cette étape. Vous devrez sélectionner les mêmes algorithmes pour le système de leurre, sinon le système caché sera inaccessible! (Le système de leurre doit être chiffré avec le même algorithme de cryptage que le système caché).\n\nRemarque : La raison en est que le système de leurre et le système caché partageront le même chargeur d'amorçage, qui ne supporte qu'un seul algorithme sélectionné par l'utilisateur (pour chaque algorithme, il y a une version spéciale du chargeur d'amorçage de VeraCrypt) . + \n\nLe plan de configuration du volume a été scanné et la taille maximale possible du volume caché a été déterminée. Dans les étapes qui suivent vous paramétrerez les options, la taille et le mot de passe du volume caché. + Volume caché + Le volume caché est maintenant protégé contre les dommages jusqu'au démontage du volume externe.\n\nAVERTISSEMENT : Si vous tentez de sauvegarder des données dans la zone du volume caché, VeraCrypt lancera la protection en écriture sur l'intégralité du volume (partie externe et cachée) jusqu'au démontage. Cela peut provoquer la corruption du système de fichiers sur le volume externe ce qui (si répétition) pourrait affecter le déni plausible du volume caché. Aussi faites tout votre possible pour éviter d'écrire dans la zone du volume caché. Toute tentative de sauvegarde sur le volume caché échouera et les données seront perdues ! Windows considérera cela comme une erreur d'écriture ("L'écriture décalée a échoué" ou "Le paramètre est incorrect"). + Tous les volumes cachés dans les nouveaux volumes montés sont maintenant protégés contre les dommages jusqu'au démontage.\n\nAVERTISSEMENT : Si vous tentez de sauvegarder des données dans la zone de protection du volume caché de ces volumes, VeraCrypt lancera la protection en écriture sur l'intégralité du volume (partie externe et cachée) jusqu'au démontage. Cela peut provoquer la corruption du système de fichiers sur le volume externe ce qui (si répétition) pourrait affecter le déni plausible du volume caché. Aussi faites tout votre possible pour éviter d'écrir dans la zone du volume caché. Toute tentative de sauvegarde sur le volume caché échouera et les données seront perdues ! Windows considérera cela comme une erreur d'écriture ("L'écriture décalée a échoué" ou "Le paramètre est incorrect"). + AVERTISSEMENT : Vous tentez de sauvegarder des données dans la zone du volume caché du volume monté %c: ! VeraCrypt a empêché la sauvegarde des données pour protéger le volume caché. Cela peut provoquer la corruption du système de fichiers sur le volume externe et Windows considérera cela comme une erreur d'écriture ("L'écriture décalée a échoué" ou "Le paramètre est incorrect"). L'intégralité du volume (partie externe et cachée) sera protégée contre l'écriture jusqu'à son démontage. Si ce n'est pas la première fois que cela arrive, le déni plausible de ce volume caché peut être défavorablement affecté (à cause de possibles inconsistences corrélées inhabituelles dans le système de fichiers du volume externe). Aussi vous devriez considérer la création d'un nouveau volume VeraCrypt (avec Formatage rapide désactivé) et le déplacement des fichiers de ce volume vers le nouveau volume; ce volume devrait être supprimé de façon sécurisée (partie externe et cachée). Il est fortement recommandé de redémarrer votre système d'exploitation maintenant. + Vous avez indiqué l'intention de stocker des fichiers de plus de 4Go sur le volume. Pour cela, le volume doit être formater en NTFS/exFAT, ce qui, cependant, ne sera pas possible. + Veuillez noter que lorsqu'un système d'exploitation caché s'exécute, les volumes non-masqués VeraCrypt ne peuvent pas être formatés en NTFS/exFAT. La raison est que le volume devra être monté temporairement sans protection contre l'écriture afin de permettre au système d'exploitation de le formater en NTFS/exFAT (alors que le formatage en FAT est réalisé par VeraCrypt, non par le système d'exploitation et sans montage du volume). Pour plus de détails techniques, voir ci-dessous. Vous pouvez créer un volume NTFS/exFAT non masqué au sein du système d'exploitation de leurre. + Pour des raisons de sécurité, lorsqu'un système d'exploitation caché s'exécute, les volumes cachés peuvent être créés uniquement dans le mode « direct » (parce que les volumes extérieurs doivent toujours être montés en lecture seule). Pour créer un volume caché en toute sécurité, suivez ces étapes :\n\n1) Démarrer le système leurre.\n\n2) Créer un volume VeraCrypt normal et copier sur ce volume certains fichiers d'apparence sensible qu'en fait vous ne voulez pas masquer (le volume va devenir le volume externe).\n\n3 Démarrer le système caché et lancer l'Assistant de création de Volume VeraCrypt. Si le volume est hébergé dan un fichier, le déplacer vers la partition système ou sur un autre volume caché (dans le cas contraire, le volume caché nouvellement créé devrait être monté en lecture seule et ne peut pas être formaté). Suivez les instructions de l'Assistant afin de sélectionner le mode de création de volume caché "en direct".\n\n4) Dans l'Assistant, sélectionnez le volume que vous avez créé à l'étape 2 et puis suivez les instructions pour créer un volume caché qu'il contient. + Pour des raisons de sécurité, lorsqu'un système d'exploitation caché s'exécute, les systèmes de fichiers locaux non chiffrés et les volumes VeraCrypt non masqués sont montés en lecture seule (aucune donnée ne peut être écrite dans ces systèmes de fichiers ou volumes VeraCrypt).\n\nLes données peuvent être écrites dans n'importe quel système de fichiers qui réside dans un volume de VeraCrypt caché (à condition que le volume caché ne se trouve pas dans un récipient stocké sur un système de fichiers non chiffré ou sur tout autres fichiers en lecture seule). + Il y a trois raisons principales pour lesquelles ces contre-mesures ont été mises en œuvre :\n\n- Cela permet la création d'une plateforme sécurisée pour le montage des volumes cachés VeraCrypt. Notez que nous recommandons officiellement que les volumes cachés soient montés uniquement lorsqu'un système d'exploitation caché s'exécute. (Pour plus d'informations, consultez la sous-section « Exigences de sécurité et précautions relatives aux Volumes cachés » dans la documentation).\n\n- Dans certains cas, il est possible de déterminer qu'à un certain moment, un système de fichiers particulier n'était pas monté sous (ou qu'un fichier particulier sur le système de fichiers n'était pas enregistré ou accessible de l'intérieur) une instance particulière d'un système d'exploitation (par exemple, en analysant et en comparant les journaux du système de fichiers, l'horodatage des fichiers, journaux d'applications, etc.). Cela peut indiquer qu'un système d'exploitation caché est installé sur l'ordinateur. Les contre-mesures empêchent ces points.\n\n- Il empêche la corruption de données et permet la mise en veille prolongée sans danger. Lorsque Windows sort de l'hibernation, il suppose que tous les systèmes de fichiers sont montés dans le même État que lorsque le système est entré en hibernation. VeraCrypt assure cela en protégeant l'écriture sur n'importe quel système de fichiers accessible aussi bien au sein du leurre et que des systèmes cachés. Sans cette protection, le système de fichiers peut être endommagé lorsqu'il est monté par un seul système, tandis que l'autre système est mis en veille prolongée. + Remarque : Si vous devez transférer des fichiers de façon sécurisée du système leurre vers le système caché, suivez les étapes suivantes : 1) Démarrez le système leurre. 2) Enregistrez les fichiers dans un volume non chiffré ou dans un volume VeraCrypt externe/normal. 3) Démarrez le système caché. 4) Si vous avez enregistré les fichiers dans un volume VeraCrypt, montez-le (il sera automatiquement monté en lecture seule). 5) Copiez les fichiers dans la partition du système caché ou dans un autre volume caché. + Votre ordinateur doit être redémarré.\n\nVoulez-vous le redémarrer maintenant ? + Une erreur s'est produite en récupérant l'état du chiffrement du système. + Aucun mot de passe spécifié en ligne de commande. Le volume ne peut pas être créé. + Aucune taille de volume spécifiée en ligne de commande. Le volume ne peut pas être créé. + La taille du volume spécifiée en ligne de commande n'est pas compatible avec NTFS. + La taille du volume spécifiée en ligne de commande n'est pas compatible avec FAT32. + Le système de fichiers sur le lecteur cible ne supporte pas la création de fichiers fragmentés qui sont nécessaires pour les volumes dynamiques. + Seuls les conteneurs fichiers peuvent être créés en ligne de commande. + La taille du fichier conteneur spécifiée en ligne de commande est supérieure à l'espace libre disponible sur le disque. Le volume ne peut pas être créé. + La taille de volume spécifiée en ligne de commande est trop petite. Le volume ne peut pas être créé. + La taille de volume spécifiée en ligne de commande est trop grande. Le volume ne peut pas être créé. + Impossible d'initialiser les composants de l'application pour le chiffrement du système. + L'initialisation du générateur de nombre aléatoire a échoué !\n\n\n(Si vous rapportez un bogue en rapport à cela, n'oubliez pas d'inclure les informations techniques suivantes dans le rapport de bogue : %hs, code d'erreur : 0x%.8X) + L'API Crypto Windows a échoué !\n\n\n(Si vous rapportez un bogue en rapport à cela, n'oubliez pas d'inclure les informations techniques suivantes dans le rapport de bogue : %s, code d'erreur : 0x%.8X) + Impossible d'initialiser l'application. L'enregistrement de la classe Dialog a échoué. + Erreur : Echec de chargement de la librairie système Rich Edit. + Assistant de création de volume + Taille maximale du volume caché pour ce volume : %.2f octets. + Taille maximale du volume caché pour ce volume : %.2f Ko. + Taille maximale du volume caché pour ce volume : %.2f Mo. + Taille maximale du volume caché pour ce volume : %.2f Go. + Taille maximale du volume caché pour ce volume : %.2f To. + Le mot de passe/le fichier clé du volume ne peut pas être changé quand celui-ci est monté. Démontez le volume en premier. + L'algorithme de dérivation de la clé d'en-tête ne peut pas être changé quand le volume est monté. Démontez le volume en premier. + &Monter + Ce volume nécessite une nouvelle version de VeraCrypt. + Erreur : Assistant de création de volume introuvable.\n\nAssurez-vous que le fichier 'VeraCrypt Format.exe' est dans le répertoire duquel a été exécuté 'VeraCrypt.exe'. S'il n'y est pas, réinstallez VeraCrypt ou localisez 'VeraCrypt Format.exe' sur votre disque et exécutez-le. + Erreur : Programme d'agrandissement de volume introuvable.\n\nAssurez-vous que le fichier 'VeraCryptExpander.exe' est dans le répertoire duquel a été exécuté 'VeraCrypt.exe'. S'il n'y est pas, réinstallez VeraCrypt ou localisez 'VeraCryptExpander.exe' sur votre disque et exécutez-le. + &Suivant > + &Terminer + &Installer + E&xtraire + Impossible de se connecter au pilote de périphérique de VeraCrypt. VeraCrypt ne peut pas fonctionner si le pilote de périphérique n'est pas démarré.\n\nNotez que suite à un problème dans Windows, il sera peut-être nécessaire de redémarrer le système avant que le pilote de périphérique soit chargé. + Une erreur s'est produite en chargeant/préparant les fontes. + La lettre du lecteur est introuvable ou aucune lettre de lecteur n'a été spécifiée. + Erreur: Impossible d'affecter la lettre de lecteur.\n\nJusqu'à ce qu'une lettre de lecteur est affectée au volume décrypté, vous ne serez pas en mesure d'accéder aux données stockées sur ce volume\n\nRéessayez? + Lettre de lecteur indisponible. + Aucun fichier n'est sélectionné ! + Aucune lettre de lecteur n'est disponible. + Aucune lettre de lecteur n'est disponible pour le volume externe ! La création du volume ne peut pas continuer. + Impossible de déterminer la version de votre système d'exploitation ou alors vous utilisez un système d'exploitation non supporté. + Aucun emplacement sélectionné ! + Pas assez d'espace libre pour le volume caché ! La création du volume ne peut pas continuer + Erreur : Les fichiers copiés dans le volume externe occupent trop d'espace. Aussi il n'y a pas assez d'espace libre dans le volume externe pour le volume caché.\n\nNotez que le volume caché doit être aussi large que la partition système (la partition où est installé le système d'exploitation actuellement en fonction). La raison est que le système d'exploitation caché a besoin d'être créé en copiant le contenu de la partition système dans le volume caché.\n\n\nLe processus de création du système d'exploitation caché ne peut pas continuer. + Le pilote ne peut pas démonter le volume. Certains fichiers localisés sur le volume sont probablement encore ouverts. + Impossible de verrouiller le volume. Il y a encore des fichiers ouverts sur le volume. Aussi il ne sera pas démonté. + VeraCrypt ne peut pas verrouiller le volume car il est utilisé par le système ou des applications (il peut y avoir des fichiers ouverts sur le volume).\n\n Voulez-vous forcer pour le démontage du volume ? + Sélectionner un volume VeraCrypt + Spécifier le nom et l'emplacement + Sélectionner la bibliothèque PKCS #11 + Pas assez de mémoire + IMPORTANT : Nous recommandons fortement que les utilisateurs inexpérimentés créent un conteneur de fichier VeraCrypt sur le périphérique/partition sélectionné, au lieu d'essayer de chiffrer la totalité du lecteur/partition.\n\nQuand vous créez un conteneur de fichier VeraCrypt (par opposition à chiffrer une partition ou un périphérique) il n'y a, par exemple, aucun risque de détruire un grand nombre de fichiers. Notez qu'un conteneur de fichier VeraCrypt (même s'il contient un disque virtuel crypté) est en fait juste comme n'importe quel fichier normal. Pour plus d'informations, voir le tutoriel dans chapitre débutants dans le guide utilisateur VeraCrypt.\n\n Êtes-vous sûr que vous souhaitez chiffrer l'ensemble du lecteur/partition ? + AVERTISSEMENT : Le fichier '%s' existe déjà !\n\nIMPORTANT : VERACRYPT NE CHIFFRERA PAS LE FICHIER, MAIS IL LE SUPPRIMERA.\n\nÊtes-vous sûr de vouloir supprimer le fichier et le remplacer par un nouveau conteneur VeraCrypt ? + ATTENTION : TOUS LES FICHIERS ACTUELLEMENT STOCKÉS SUR %s '%s'%s SERONT ÉCRASÉS ET PERDUS (ILS NE SERONT PAS CHIFFRÉS) !\n\nÊtes vous sûr de vouloir procéder au formatage. + AVERTISSEMENT : Vous ne serez pas en mesure de monter le volume ou d'accéder à des fichiers stockés dessus, jusqu'à ce qu'il ait été entièrement chiffré.\n\n Êtes-vous sûr que vous souhaitez démarrer le chiffrement sur la sélection %s '%s'%s? + AVERTISSEMENT : Vous ne serez pas en mesure de monter le volume ou d'accéder à des fichiers stockés dessus, jusqu'à ce qu'il ait été entièrement déchiffré.\n\n Êtes-vous sûr que vous souhaitez démarrer le déchiffrement sur la sélection %s '%s'%s? + AVERTISSEMENT : Veuillez noter que si l'alimentation est soudainement interrompu lors du chiffrement/déchiffrement des données existantes en place, ou lorsque le système d'exploitation plante à cause d'une erreur de logiciel ou de matériel alors que VeraCrypt chiffre/déchiffre les données existantes en place, certaines parties des données seront corrompues ou perdues. Par conséquent, avant de commencer à chiffrer, assurez-vous que vous disposez de copies de sauvegarde des fichiers que vous voulez chiffrer.\n\nDisposez-vous d'une sauvegarde ? + PRUDENCE : TOUS LES FICHIERS ACTUELLEMENT STOCKÉS SUR LA PARTITION '%s'%s (i.e. SUR LA PREMIÈRE PARTITION APRÈS LA PARTITION SYSTÈME) SERONT ÉCRASÉS ET PERDUS (ILS NE SERONT PAS CHIFFRÉS) !\n\nÊtes-vous sûr de vouloir procéder au formatage ? + ATTENTION : LA PARTITION SÉLECTIONNÉE CONTIENT UNE GRANDE QUANTITÉ DE DONNÉES ! Tous les fichiers stockés sur la partition seront effacés et perdus (ils ne seront pas chiffrés) ! + Effacer tous les fichiers stockés sur la partition en créant un volume VeraCrypt dessus + Mot de passe + PIM + Paramétrer l'algorithme de dérivation de la clé d'en-tête + Ajouter/Supprimer les fichiers clés au/du volume + Supprimer tous les fichiers clés du volume + Mot de passe, PIM et/ou fichier(s) clé(s) modifiés avec succès.\n\nIMPORTANT : Assurez-vous que vous avez lu la section "Changer les mots de passe et fichiers clés" dans le chapitre « Exigences de sécurité et précautions » dans le guide de l'utilisateur VeraCrypt. + Ce volume est enregistré comme volume système préféré et son PIM a été changé.\nVoulez-vous que VeraCrypt mette à jour automatiquement la configuration de ce volume système préféré (privilèges d'administrateur requis)?\n\nVeuillez noter que si vous répondez non, vous devrez manuellement mettre à jour le champs PIM de ce volume système préféré. + IMPORTANT : Si vous n'avez pas détruit votre disque de secours VeraCrypt, votre partition/disque système peut encore être déchiffré en utilisant l'ancien mot de passe (en démarrant avec le disque de secours VeraCrypt et en saisissant mot de passe). Vous devriez créer un nouveau disque de secours VeraCrypt et détruire l'ancien.\n\nVoulez-vous créer un nouveau disque de secours VeraCrypt ? + Notez que votre disque de secours VeraCrypt utilise toujours l'algorithme précédent. Si vous considérez l'algorithme précédent non sécurisé, vous devriez créer un nouveau disque de secours VeraCrypt puis détruire l'ancien.\n\nVoulez-vous créer un nouveau disque de secours VeraCrypt ? + Tout type de fichier (par exemple .mp3, .jpg, .zip, .avi) peut être utilisé en tant que fichier clé VeraCrypt. Notez que VeraCrypt ne modifie jamais le contenu du fichier clé. Vous pouvez sélectionner plus d'un fichier clé (l'ordre n'a pas d'importance). Si vous ajoutez un dossier, tous les fichiers non cachés trouvés dans le dossier seront utilisés en tant que fichiers clés. Cliquez sur "Add Token Files..." pour sélectionner des fichiers clés stockés sur des jetons de sécurité ou cartes à puce (ou pour importer des fichiers clés sur des jetons de sécurité ou cartes à puce). + Fichier(s) clé ajouté(s)/supprimé(s) avec succès. + Fichier clé exporté. + Algorithme de dérivation de la clé d'en-tête paramétré avec succès. + Veuillez entrer le mot de passe et/ou le(s) fichier(s) clé(s) pour le volume non système où vous souhaitez reprendre le processus de chiffrement/déchiffrement "in-place".\n\n\nRemarque : Après avoir cliqué sur Suivant, VeraCrypt tentera de trouver tous les volumes non système où le processus de chiffrement/déchiffrement a été interrompu et où l'en-tête de volume VeraCrypt peut être décrypté en utilisant le mot de passe et/ou le(s) fichier(s) clé(s) fournis. Si plus d'un volume est trouvé, vous devrez en choisir un à l'étape suivante. + Veuillez sélectionner un des volumes répertoriés. La liste contient chaque volume non-système accessible où le processus de chiffrement/déchiffrement a été interrompu et dont l'en-tête pourrait être décryptée à l'aide du mot de passe fourni et/ou du ou des fichiers clés. + Veuillez entrer le mot de passe et/ou le(s) fichier(s) clé(s) pour le volume non système où vous souhaitez déchiffrer. + Il est très important que vous choisissiez un bon mot de passe. Vous devriez éviter d'utiliser un mot simple que l'on trouve dans un dictionnaire (ou une combinaison de plusieurs de ces mots). Il ne devrait pas contenir de noms ou de dates de naissance. Il ne devrait pas être facile à deviner. Un bon mot de passe est une combinaison de minuscules et de majuscules, de chiffres et de caractères spéciaux comme @ ^ = $ * + etc. Il est recommandé de choisir un mot de passe d'au moins 20 caractères (le plus long, le mieux). La longueur maximale est de 64 caractères. + Choisissez un mot de passe pour le volume caché. + Choisissez un mot de passe pour le système d'exploitation caché (i.e. pour le volume caché). + IMPORTANT : Le mot de passe que vous choisissez dans cette étape pour le système d'exploitation caché doit être sensiblement différent des 2 autres mots de passe (c'est-à-dire le mot de passe pour le volume extérieur et le mot de passe pour le système d'exploitation leurre). + Saisissez le mot de passe du volume dans lequel vous désirez créer un volume caché.\n\nAprès avoir cliqué sur 'Suivant', VeraCrypt essaiera de monter le volume. Aussitôt monté, son plan de configuration sera scanné pour déterminer la taille du bloc ininterrompu d'espace libre (s'il existe) dont la fin est alignée avec celle du volume. Ce bloc adaptera le volume caché et ainsi limitera sa taille maximale possible. Le scan du plan de configuration est nécessaire pour s'assurer qu'aucune donnée sur le volume externe ne sera écrasée par le volume caché. + \nChoisissez un mot de passe pour le volume externe. Ce sera le mot de passe que vous pourrez révéler si on vous le demande ou si on vous force à le faire.\n\nIMPORTANT : le mot de passe doit être différent de celui que vous utiliserez pour le volume caché.\n\nRemarque : La taille maximale du mot de passe est de 64 caractères. + Choisissez un mot de passe pour le volume externe. Ce sera le mot de passe que vous pourrez divulguer à toute personne vous forçant à révéler le mot de passe de la première partition après la partition système, où résideront le volume externe et le volume caché (contenant le système d'exploitation caché). L'existence du volume caché restera secrète. Notez que ce mot de passe n'est pas pour le système d'exploitation leurre.\n\nIMPORTANT : Le mot de passe doit être différent de celui que vous choisirez pour le volume caché (i.e. pour le système d'exploitation caché). + Mot de passe du volume externe + Mot de passe du volume caché + Mot de passe du système d'exploitation caché + AVERTISSEMENT : Les mots de passe courts sont faciles à craquer en utilisant des techniques de force brute !\n\nIl est recommandé de choisir des mots de passe d'au moins 20 caractères.\n\nÊtes-vous sûr de vouloir utiliser un mot de passe court ? + Mot de passe du volume + L'opération a échoué à cause d'un ou plusieurs des éléments suivants:\n - Mot de passe incorrect\n - Valeur de PIM incorrecte\n - PRF (hash) incorrect\n - Ce n'est pas un volume VeraCrypt. + L'opération a échoué à cause d'un ou plusieurs des éléments suivants:\n - Fichier(s) clé incorrect(s)\n - mot de passe incorrect\n - Valeur de PIM incorrecte\n - PRF (hash) incorrect\n - Ce n'est pas un volume VeraCrypt. + L'opération a échoué à cause d'un ou plusieurs des éléments suivants:\n - Mauvais mode de montage\n - Mot de passe incorrect\n - Valeur de PIM incorrecte\n - PRF (hash) incorrect\n - Ce n'est pas un volume VeraCrypt. + L'opération a échoué à cause d'un ou plusieurs des éléments suivants:\n - Mauvais mode de montage\n - Fichier(s) clé incorrect\n - Mot de passe incorrect\n - Valeur de PIM incorrecte\n - PRF (hash) incorrect\n - Ce n'est pas un volume VeraCrypt. + Le montage automatique a échoué à cause d'un ou plusieurs des éléments suivants:\n - Mot de passe incorrect\n - Valeur de PIM incorrecte\n - PRF (hash) incorrect\n - Aucun volume VeraCrypt trouvé. + Le montage automatique a échoué à cause d'un ou plusieurs des éléments suivants:\n - Fichier(s) clé incorrect(s)\n - Mot de passe incorrect\n - Valeur de PIM incorrecte\n - PRF (hash) incorrect\n - Aucun volume VeraCrypt trouvé. + \n\nAvertissement : Majuscules activées. Ceci peut vous empêcher de saisir correctement votre mot de passe. + Veuillez mémoriser cette valeur + PIM du volume externe + PIM du volume caché + PIM du système d'exploitation caché + PIM (Personal Iterations Multiplier) est une valeur qui contrôle le nombre d'itérations utilisées par la dérivation de clé d'en-tête du volume et cela comme suit:\n Nombre d'itérations = 15000 + (PIM x 1000)\n\nLorsque ce champs est laissé vide ou définie à 0, VeraCrypt utilisera une valeur par défaut (485) qui assurera un haut niveau de sécurité.\n\nLorsque le mot de passe est inférieure à 20 caractères, le PIM ne peut pas être inférieure à 485 afin de maintenir un niveau de sécurité minimale.\nLorsque le mot de passe contient 20 caractères ou plus, le PIM peut être mis à une valeur quelconque.\n\nUn PIM supérieur à 485 aboutira à une durée de montage plus longue. Une valeur de PIM petite (moins de 485) conduira à un montage plus rapide mais cela peut réduire la sécurité si le mot de passe n'est pas assez fort. + PIM (Personal Iterations Multiplier) est une valeur qui contrôle le nombre d'itérations utilisées par la dérivation de clé d'en-tête du volume et cela comme suit:\n Nombre d'itérations = PIM x 2048\n\nLorsque ce champs est laissé vide ou définie à 0, VeraCrypt utilisera une valeur par défaut qui assurera un haut niveau de sécurité.\n\nLorsque le mot de passe est inférieure à 20 caractères, le PIM ne peut pas être inférieure à 98 afin de maintenir un niveau de sécurité minimale.\nLorsque le mot de passe contient 20 caractères ou plus, le PIM peut être mis à une valeur quelconque.\n\nUn PIM supérieur à 98 aboutira à un pré-amorçage plus lent du système. Une valeur de PIM petite (moins de 98) conduira à un pré-amorçage plus rapide mais cela peut réduire la sécurité si le mot de passe n'est pas assez fort. + Veuillez mémoriser cette valeur + Vous avez choisi une valeur de PIM plus grande que la valeur par défaut de VeraCrypt.\nVeuillez noter que cela conduira à une durée plus longue pour le montage/pré-amorçage. + Vous avez choisi une valeur de PIM qui est inférieure à la valeur par défaut de VeraCrypt. Veuillez noter que si votre mot de passe n'est pas assez fort, cela pourrait conduire à une réduction du niveau de sécurité.\n\nEst-ce que vous confirmez que vous utilisez un mot de passe fort? + La valeur maximale du PIM pour le chiffrement système est 65535. + PIM du volume + \n\nAVERTISSEMENT : Les fichiers cachés ont été trouvés dans un chemin de recherche de fichier de clé. De tels fichiers cachés ne peuvent pas être utilisés comme fichiers clés. Si vous avez besoin de les utiliser comme fichiers clés, enlever leur attribut « Caché » (cliquez-droit sur chacun d'eux, sélectionnez « Propriétés », décochez la case « Caché » et cliquez sur OK). Remarque : Les fichiers cachés sont visibles uniquement si l'option correspondante est activée (Options de dossier > Affichage). + Si vous souhaitez protéger un volume caché contenant un système caché, assurez-vous que vous utilisez la disposition du clavier américain standard lorsque vous tapez le mot de passe pour le volume caché. Cela est nécessaire en raison du fait que le mot de passe doit être entré dans l'environnement de pré-amorçage (avant le démarrage de Windows) lorsque les dispositions de clavier de Windows ne sont pas disponibles. + VeraCrypt n'a pas trouvé de volume où un chiffrement/déchiffrement non système a été interrompu et où l'en-tête du volume peut être décrypté en utilisant le mot de passe et/ou le(s) fichier(s) clé(s) fournis.\n\nVeuillez vous assurer que le mot de passe et/ou le(s) fichier(s) clé(s) sont corrects et que la partition/le volume n'est pas actuellement utilisé(e) par le système ou des applications (y compris l'antivirus). + Le volume sélectionné est déjà complétement chiffré.\nIndicateur d'en-tête = 0x%.8X + Le volume sélectionné n'utilise pas de chiffrement 'sur place'.\nIndicateur d'en-tête = 0x%.8X + \n\nRemarque : Si vous essayez de monter une partition localisée sur un disque système chiffré sans authentification lors du pré-amorçage ou de monter une partition système chiffrée d'un système d'exploitation qui n'est pas lancé, vous pouvez le faire en sélectionnant 'Système' > 'Monter sans authentification lors du pré-amorçage'. + Dans ce mode vous ne pouvez monter une partition située sur un disque dont une partie est dans la portée clé de chiffrement du système actif.\n\nAvant de pouvoir monter cette partition dans ce mode, vous devez soit démarrer un système d'exploitation installé sur un disque différent (chiffré ou non), soit démarrer un système d'exploitation non chiffré. + VeraCrypt ne peut pas déchiffrer une partition individuelle sur un disque système chiffré (vous pouvez seulement déchiffré le disque système en entier). + Avertissement: Comme le lecteur contient le chargeur d'amorçage de VeraCrypt, il se peut que ça soit un disque système chiffré. Si c'est le cas, veuillez noter que VeraCrypt ne peut pas déchiffrer une partition individuelle sur un disque système chiffré (vous pouvez seulement déchiffré le disque système en entier). Dans ce cas, vous serez en mesure de continuer maintenant, mais vous recevrez le message d'erreur "Mot de passe incorrect" plus tard. + < &Précédent + Impossible de lister les périphériques installés sur votre système ! + Le volume '%s' existe, il est en lecture seule. Êtes-vous sûr de vouloir le remplacer ? + Sélectionnez le répertoire de destination + Sélectionner un fichier clé + Sélectionnez un chemin de recherche pour le fichier clé. AVERTISSEMENT : Notez que seul l'emplacement sera retenu, pas les noms de fichier. + Sélectionnez un répertorie où les fichiers clé seront créés. + Le conteneur courant a été sélectionné comme fichier clé. Il va être ignoré comme tel. + Conçu par Ross Anderson, Eli Biham et Lars Knudsen. Publié en 1998. Clé de 256 bits, bloc de 128 bits. Le mode opératoire est XTS. Serpent était l'un des finalistes de AES. + Veuillez spécifier la taille du conteneur que vous voulez créer.\n\nSi vous créez un conteneur (fichier fragmenté) dynamique, ce paramètre représente la taille maximale possible.\n\nNotez que la taille minimum d'un volume FAT est 292 Ko. La taille minimum d'un volume exFAT est 424 Ko. La taille minimum d'un volume NTFS est 3792 Ko + Veuillez spécifier la taille du volume extérieur à créer (vous allez tout d'abord créer le volume extérieur, puis un volume caché dedans). La taille minimum d'un volume dans lequel un volume caché est créé est 340 Ko. + Veuillez spécifier la taille du volume caché à créer. La taille minimum d'un volume caché est 40 Ko (ou 3664 Ko s'il est formaté en NTFS). La taille maximale possible, que vous pouvez spécifier pour un volume caché est affichée ci-dessus. + Taille du volume externe + Taille du volume caché + Veuillez vérifiez que la taille de la partition/lecteur sélectionné ci-dessus est correcte et cliquez sur suivant. + Le volume externe et le volume caché (contenant le système d'exploitation caché) résidera dans la partition ci-dessus. Ce devrait être la première partition qui suit la partition système.\n\nVérifiez que la taille de la partition et que les chiffres affichés plus haut sont corrects et s'ils le sont, cliquez sur 'Suivant'. + \n\nNotez que la taille minimum d'un volume dans lequel un volume caché est créé est 340 Ko. + Taille du volume + Dynamique + ATTENTION : ÉCHEC DE L'AUTO-TEST ! + Auto-tests de tous les algorithmes réussis + Le nombre d'unité de données fourni est trop long ou trop court. + La clé secondaire fournie est trop longue ou trop courte. + Le cryptogramme de test que vous avez fourni est trop long ou trop court. + La clé de test que vous avez fournie est trop longue ou trop courte. + Le texte en clair que vous avez fourni est trop long ou trop court. + Deux chiffrements en cascade opérant en mode XTS. Chaque bloc est d'abord chiffré avec %s (clé de %d bits), puis avec %s (clé de %d bits). Chaque chiffrement utilise sa propre clé. Toutes les clés sont mutuellement indépendantes. + Trois chiffrements en cascade opérant en mode XTS. Chaque bloc est d'abord chiffré avec %s (clé de %d bits), puis avec %s (clé de %d bits) et enfin avec %s (clé de %d bits). Chaque chiffrement utilise sa propre clé. Toutes les clés sont mutuellement indépendantes. + Notez que, selon la configuration du système d'exploitation, les propriétés d'auto-exécution et de montage automatique ne peuvent fonctionner que lorsque les fichiers sur disque amovibles sont créés sur un support de type CD/DVD non réinscriptibles. Notez également que ce n'est pas un bug dans VeraCrypt (c'est une limitation de Windows). + Le disque amovible VeraCrypt a été créé avec succès.\n\nNotez que vous avez besoin des privilèges administrateur pour exécuter VeraCrypt en mode portable. Notez également qu'après examen du registre, il peut être possible de dire que VeraCrypt a été exécuté sur un système Windows, même s'il est exécutée en mode portable. + Disque nomade VeraCrypt + Conçu par Bruce Schneier, David Wagner, John Kelsey, Niels Ferguson, Doug Whiting et Chris Hall. Publié en 1998. Clé de 256 bits et bloc de 128 bits. Le mode opératoire est XTS. Twofish était l'un des finalistes de AES. + Plus d'infos sur %s + Inconnu + Une erreur non spécifiée ou inconnue est survenue (%d). + Certains volumes contiennent des fichiers ou des dossiers en cours d'utilisation par une application ou par le système.\n\nForcer le démontage ? + &Démonter + Le démontage a échoué ! + Le volume contient des fichiers ou des dossiers utilisés par des applications ou par le système.\n\nForcer le démontage ? + Aucun volume n'est monté sur l'unité logique spécifiée. + Le volume que vous essayez de monter est déjà monté. + Une erreur s'est produite en essayant de monter le volume. + Erreur en recherchant un emplacement dans le volume. + Erreur : Taille de volume incorrecte. + AVERTISSEMENT : Vous ne devriez utiliser le formatage rapide que dans les cas suivants : \n\n1) L'appareil ne contient aucune donnée sensible et vous n'avez pas besoin du déni plausible.\n2) L'appareil a déjà été sécurisé et chiffré.\n\nÊtes-vous sûr que vous souhaitez utiliser le formatage rapide ? + Un conteneur dynamique est une zone NTFS pré-allouée de fichiers fragmentés dont la taille physique (espace disque réellement utilisé) augmente au fur et à mesure que de nouvelles données y sont ajoutées.\n\nATTENTENTION : Les performances des volumes dynamiques sont considérablement plus mauvaises que les performances des volumes standards. Les volumes dans un conteneur dynamique sont également moins sûrs, parce qu'il est possible de dire quel secteur de volume n'est pas utilisé. En outre, les fichiers fragmentés par volumes ne peuvent pas fournir de déni plausible (hébergement d'un volume caché). Notez également que si des données sont écrites dans un conteneur de fichier fragmenté, lorsqu'il n'y a pas assez d'espace libre dans le système de fichiers hôte, le système de fichiers chiffré peut se corrompre.\n\nÊtes-vous sûr que vous souhaitez créer un volume de fichier clairsemé ? + Notez que la taille du conteneur dynamique signalé par Windows et par VeraCrypt sera toujours égale à sa taille maximale. Pour connaître la taille physique actuelle du conteneur (l'espace disque réellement utilisé), cliquez-droit sur le fichier de conteneur (dans une fenêtre de l'explorateur Windows, pas dans VeraCrypt), puis sélectionnez « Propriétés » et visualiser la « Taille sur le disque ».\n\nNotez aussi que si vous déplacez un conteneur dynamique vers un autre volume ou un lecteur, la taille physique du conteneur s'étendra à son maximum. (Vous pouvez l'empêcher en créant un nouveau conteneur dynamique dans l'emplacement de destination, en le montant et en déplaçant les fichiers de l'ancien conteneur vers le nouveau). + Cache de mot de passe nettoyé + Mots de passe (et/ou contenu traité des fichiers clés) stockés dans le cache du pilote VeraCrypt ont été nettoyés. + VeraCrypt ne peut pas changer le mot de passe d'un volume étranger. + Sélectionnez une lettre de lecteur libre dans la liste. + Sélectionnez un volume monté dans la liste des lettres de lecteur. + Deux volumes montés différents sont actuellement sélectionnés (un dans la liste d'unités logiques et l'autre dans le champ ci-dessous).\n\nChoisissez le volume que vous souhaitez sélectionner : + Erreur : Impossible de créer autorun.inf + Erreur durant le traitement du fichier clé ! + Erreur durant le traitement de l'emplacement du fichier clé ! + Le chemin d'accès au fichier clé ne contient aucun fichier.\n\nNotez que les dossiers (et les fichiers qu'ils contiennent) trouvés dans le chemin de recherche sont ignorés. + VeraCrypt ne supporte pas ce système d'exploitation. + Erreur : VeraCrypt prend en charge uniquement les versions stables de ce système d'exploitation (les versions beta/RC ne sont pas prises en charge). + Erreur : Impossible d'allouer de la mémoire. + Erreur : Impossible de retrouver la valeur du compteur de performance. + Erreur : Mauvais format de volume. + Erreur : Vous avez donné un mot de passe pour le volume caché (pas pour un volume normal). + Pour des raisons de sécurité, un volume caché ne peut pas être créé dans un volume VeraCrypt contenant un système de fichiers qui a été chiffré en place (parce que l'espace libre sur le volume n'a pas été rempli avec des données aléatoires). + VeraCrypt - Mentions légales + Tous les fichiers + Volumes VeraCrypt + Modules de bibliothèque + Le formatage NTFS/exFAT ne peut pas continuer. + Impossible de monter le volume. + Impossible de démonter le volume. + Windows n'a pas pû formater le volume en NTFS/exFAT.\n\nSélectionnez un type de système de fichiers différent (si possible) et essayez à nouveau. Vous pouvez aussi laisser le volume non formaté (sélectionnez 'Aucun' comme système de fichiers), quittez cet assistant, montez le volume puis utilisez soit un outil système soit un outil tiers pour formater le volume monté (le volume restera chiffré). + Windows n'a pas pû formater le volume en NTFS/exFAT.\n\nVoulez-vous formater le volume en FAT à la place ? + Défaut + partition + LA PARTITION + Périphérique + périphérique + LE PÉRIPHÉRIQUE + Volume + volume + VOLUME + Etiquette + La taille de cluster sélectionnée est trop petite pour cette taille de volume. Une taille plus grande sera utilisée. + Erreur : Impossible d'obtenir la taille du volume !\n\nAssurez-vous que le volume sélectionné n'est pas utilisé par le système ou par une application. + Les volumes cachés ne doivent pas être créés dans les conteneurs dynamiques (fichiers fragmentés). Pour parvenir au déni plausible, le volume caché doit être créé dans un conteneur non-dynamique. + L'assistant de création de volume VeraCrypt ne peut créer un volume caché que dans un volume FAT/exFAT ou NTFS. + Sous Windows 2000, l'assistant de création de volume VeraCrypt ne peut créer un volume caché que dans un volume FAT. + Note : Le système de fichiers FAT/exFAT convient mieux que NTFS pour les volumes externes (par ex : la taille maximale du volume caché aurait été probablement plus grande si le volume externe avait été formaté en FAT/exFAT). + Notez que le système de fichiers FAT/exFAT convient mieux que NTFS pour les volumes externes. Par exemple la taille maximale du volume caché aurait été probablement plus grande si le volume externe avait été formaté en FAT/exFAT (la raison en est que NTFS stocke toujours les données internes au milieu du volume et ainsi, le volume caché ne peut résider que dans la seconde moitié du volume externe).\n\nÊtes-vous sûr de vouloir formater le volume externe en NTFS ? + Voulez-vous plutôt formater le volume en FAT ? + Remarque : Ce volume ne peut pas être formaté en FAT car il dépasse la taille de volume maximale prise en charge par le système de fichiers FAT32 pour la taille de secteur en vigueur (2 to pour les secteurs de 512 octets et 16 TB pour les secteurs de 4096 octets). + La partition pour le système d'exploitation caché (i.e. la première partition après la partition système) doit être au moins 5% plus large que la partition système (il s'agit de celle qui contient le système d'exploitation qui fonctionne actuellement). + Erreur : La partition pour le système d'exploitation caché (i.e. la première partition après la partition système) doit être au moins 110% (2,1 fois) plus grande que la partition système (la partition système est celle où se trouve le système d'exploitation qui fonctionne actuellement). La raison en est que NTFS stocke toujours les données internes au milieu du volume et ainsi, le volume caché (qui doit contenir un clone de la partition système) ne peut résider que dans la seconde moitié de la partition. + Erreur : Si le volume externe est formaté en NTFS, il doit être au moins 110% (2,1 fois) plus grand que la partition système. La raison en est que NTFS stocke toujours les données internes au milieu du volume et ainsi, le volume caché (qui doit contenir un clone de la partition système) ne peut résider que dans la seconde moitié du volume externe.\n\nNote : Le volume externe doit résider dans la même partition que le système d'exploitation caché (i.e. dans la première partition après le système d'exploitation). + Erreur : Il n'y a pas de partition après la partition système.\n\nNotez qu'avant de créer un système d'exploitation caché, vous devez d'abord créer une partition sur le disque système. Ce doit être la première partition après la partition système et elle doit être au moins 5% plus grande que la partition système (il s'agit de celle sur laquelle le système d'exploitation fonctionne actuellement). Cependant, si le volume externe (à ne pas confondre avec la partition système) est formaté en NTFS, la partition pour le système d'exploitation caché doit être au moins 110% (2,1 fois) plus large que la partition système (la raison en est que NTFS stocke toujours les données internes au milieu du volume et ainsi, le volume caché qui doit contenir un clone de la partition système ne peut résider que dans la seconde moitié de la partition). + Remarque : Il n'est pas pratique (et cela n'est pas autorisé) d'installer des système d'exploitation dans deux volumes VeraCrypt qui sont intégrés dans une seule partition parce qu'utiliser le système d'exploitation externe nécessiterait d'écrire régulièrement dans la zone du système d'exploitation caché (et si de telles opérations d'écriture ne pouvaient utiliser la fonction de protection du volume caché, il en résulterait inévitablement un plantage du système, i.e. un écran d'erreur 'bleu'). + Pour plus d'infos sur la façon de créer et gérer des partitions, consultez la documentation de votre système d'exploitation ou contactez le technicien du SAV de votre ordinateur. + Erreur : Le système d'exploitation actuellement utilisé n'est pas installé sur la partition d'amorçage (la 1ère partition active). Ce n'est pas supporté. + Vous avez indiqué que vous avez l'intention de stocker des fichiers de plus de 4 Go dans ce volume VeraCrypt. Cependant, vous avez choisi le système de fichiers FAT, sur lequel des fichiers de plus de 4 Go ne peuvent pas être stockés.\n\nEtes-vous sûr que vous voulez formater le volume en FAT? + Erreur: VeraCrypt ne supporte pas le décryptage sur place des volumes non-système existants créés par VeraCrypt 1.0b ou antérieur.\n\nREMARQUE: Vous pouvez toujours déchiffrer les fichiers stockés sur le volume en les copiant/déplaçant vers un volume non chiffré. + Erreur: VeraCrypt ne peut pas déchiffrer sur place un volume VeraCrypt caché.\n\nREMARQUE: Vous pouvez toujours déchiffrer les fichiers stockés sur le volume en les copiant/déplaçant vers un volume non chiffré. + Attention: Notez que VeraCrypt ne peut pas déchiffrer sur place un volume qui contient un volume caché VeraCrypt (le volume caché serait alors écrasé avec les données pseudo-aléatoires).\n\nVeuillez confirmer que le volume que vous êtes sur le point de décrypter ne contient pas de volume caché.\n\nREMARQUE: Si le volume contient un volume caché mais cela ne vous dérange pas de perdre le volume caché, alors vous pouvez sélectionner Continuer (le volume extérieur sera décrypté en toute sécurité). + Le volume ne contient aucun volume caché. Continuer. + Le volume contient un volume caché. Annuler. + Erreur : Impossible d'accéder au volume !\n\nAssurez-vous que le volume existe, qu'il est n'est pas monté ou utilisé par le système ou une application, que vous avez la permission en lecture/écriture pour le volume et qu'il n'est pas protégé en écriture. + Erreur: Impossible d'obtenir les propriétés du volume. + Erreur : Impossible d'accéder au volume et/ou d'obtenir des informations sur le volume.\n\nAssurez-vous que le volume sélectionné existe, qu'il n'est pas utilisé par le système ou les applications, que vous avez l'autorisation de lecture/écriture sur le volume, et qu'il n'est pas protégé en écriture. + Erreur : Impossible d'accéder au volume et/ou d'obtenir des informations sur le volume.\n\nAssurez-vous que le volume sélectionné existe, qu'il n'est pas utilisé par le système ou les applications, que vous avez l'autorisation de lecture/écriture sur le volume, et qu'il n'est pas protégé en écriture.\n\nSi le problème persiste, suivez les étapes suivantes. + Une erreur a empêché VeraCrypt de chiffrer la partition. Essayez de résoudre les problèmes référencés antérieurement puis essayez à nouveau. Si les problèmes persistent, suivez les étapes ci-dessous. + Une erreur a empêché VeraCrypt de reprendre le processus de chiffrement de la partition.\n\nEssayez de résoudre les problèmes référencés antérieurement puis essayez à nouveau. Notez que le volume peut être monté que lorsqu'il aura été entièrement chiffré. + Une erreur a empêché VeraCrypt de déchiffrer le volume. Essayez de résoudre les problèmes référencés antérieurement puis essayez à nouveau si possible. + Erreur : Impossible de démonter le volume externe !\n\nLe volume ne peut pas être démonté s'il contient des fichiers ou des dossiers utilisés par le système ou par une application.\n\nFermez tout programme qui utilise les fichiers ou les dossiers sur le volume puis cliquez sur 'Recommencer'. + Erreur : Impossible d'obtenir des informations sur le volume externe ! La création du volume ne peut pas continuer. + Erreur : Impossible d'accéder au volume externe ! La création du volume ne peut pas continuer. + Erreur : Impossible de monter le volume externe ! La création du volume ne peut pas continuer. + Erreur : Impossible d'obtenir le plan de configuration du volume ! La création du volume ne peut pas continuer. + Alphabétique/Catégorie + Vitesse moyenne (décroissante) + Algorithme + Chiffrement + Déchiffrement + Moyenne + Lecteur + Taille + Algorithme de chiffrement + Algorithme de chiffrement + Type + Valeur + Propriété + Emplacement + octets + Caché + Externe + Normal + Système + Caché (système) + Lecture seule + Disque système + Disque système (chiffrement - fait à %.2f%%) + Disque système (déchiffrement - fait à %.2f%%) + Disque système (chiffré à %.2f%%) + Partition système + Partition système cachée + Partition système (chiffrement - fait à %.2f%%) + Partition système (déchiffrement - fait à %.2f%%) + Partition système (chiffré à %.2f%%) + Oui (dommage évité !) + Aucun + Taille de la clé principale + Taille de la clé secondaire (mode XTS) + Ajustement de la taille de la clé (mode LRW ) + bits + Taille du bloc + PKCS-5 PRF + Nombre d'itérations PKCS-5 + Création du volume + Modification de l'en-tête + (il y a %I64d jours) + Version du format du volume + En-tête de sauvegarde intégré + Version du chargeur d'amorçage VeraCrypt + 1ère disponible + Disque amovible + Disque dur + Inchangé + Auto détection + Mode assistant + Sélectionnez l'un des modes. Si vous ne savez pas lequel, utilisez celui par défaut. + Sélectionnez cette option si vous voulez installer VeraCrypt sur ce système. + Remarque : Vous pouvez mettre à niveau sans déchiffrage même si le système partition/disque est chiffré ou si vous utilisez un système d'exploitation caché. + Si vous sélectionnez cette option, tous les fichiers seront extraits de ce paquet, mais rien ne sera installé sur le système. Ne la sélectionnez pas si vous voulez chiffrer la partition système ou le lecteur système. Cette option peut être utile, par exemple, si vous souhaitez exécuter VeraCrypt en mode portable. VeraCrypt n'a pas besoin d'être installé sur le système d'exploitation sous lequel il est exécuté. Une fois que tous les fichiers sont extraits, vous pouvez exécuter directement le fichier « VeraCrypt.exe » (VeraCrypt s'exécute alors en mode portable). + Options d'installation + Ici vous pouvez paramétrer diverses options pour contrôler l'installation. + Installion + Patientez pendant l'installation de VeraCrypt. + VeraCrypt a été installé avec succès + VeraCrypt a été mis à jour avec succès + Veuillez envisager de faire un don. Vous pouvez cliquer sur terminer à tout moment pour fermer le programme d'installation. + Options d'extraction + Ici vous pouvez paramétrer diverses options pour contrôler l'extraction. + Patientez s'il vous plaît. L'extraction des fichiers est en court. + Les fichiers ont été extraits avec succès. + Tous les fichiers ont été extraits avec succès dans le répertoire de destination. + Si le dossier spécifié n'existe pas, il sera automatiquement créé. + Les fichiers de l'application VeraCrypt seront mis à jour dans l'emplacement où VeraCrypt est installé. Si vous devez sélectionner un emplacement différent, veuillez désinstaller d'abord VeraCrypt. + Voulez-vous voir les notes sur la version actuelle (dernière version stable) de VeraCrypt ? + Si vous n'avez jamais utilisé VeraCrypt, il est recommandé de lire le chapitre 'Beginner's Tutorial' du guide de l'utilisateur. Voulez-vous voir le didactitiel ? + Sélectionnez une action à effectuer : + Réparer/Réinstaller + Mettre à niveau + Désinstaller + Pour installer/désinstaller correctement VeraCrypt, vous devez disposer des privilèges administrateur. Voulez-vous continuer ? + L'installeur de VeraCrypt est actuellement exécuté sur votre système et réalise ou prépare l'installation ou la mise à jour de VeraCrypt. Avant de poursuivre, attendez qu'il termine ou se ferme. Si vous ne pouvez pas le fermer, redémarrez votre ordinateur avant de poursuivre. + L'installation a échoué. + La désinstallation a échoué. + Ce package est endommagé. Essayez de le télécharger à nouveau (de préférence à partir du site web officiel de VeraCrypt à l'URL https://veracrypt.codeplex.com). + Impossible d'écrire dans le fichier %s + Extraction de + Impossible de lire les données du package. + Impossible de vérifier l'intégrité du package. + L'extraction a échoué. + L'installation est revenue à la version précédente. + VeraCrypt a été installé avec succès + VeraCrypt a été mis à jour avec succès. + VeraCrypt a été mis à niveau avec succès. Toutefois, avant de commencer à l'utiliser, l'ordinateur doit être redémarré.\n\nSouhaitez-vous redémarrer maintenant ? + Échec de mise à niveau de VeraCrypt!\n\nIMPORTANT : avant d'arrêter ou de redémarrer le système, nous recommandons fortement que vous utilisiez la restauration du système (menu Démarrer de Windows > tous les programmes > Accessoires > Outils système > restauration du système) pour restaurer votre système sur le point de restauration nommé « Installation de VeraCrypt ». Si la restauration du système n'est pas disponible, vous devriez essayer de réinstaller l'original ou la nouvelle version de VeraCrypt avant que vous arrêtiez ou redémarriez le système. + VeraCrypt a été désinstallé avec succès.\n\nCliquez sur 'Terminer' pour supprimer l'installeur de VeraCrypt ainsi que le dossier %s. Notez que le dossier ne sera pas supprimé s'il contient des fichiers qui n'ont pas été installés par l'installeur de VeraCrypt ou créés par VeraCrypt. + Supprimer les entrées VeraCrypt de la base de registre + Ajoût d'une entrée à la base de registre + Suppression des données spécifiques à l'application + Installation + Arrêt + Suppression + Ajoût de l'icône + Création du point de restauration système + La création du point de restauration système a échoué ! + Mise à jour du chargeur d'amorçage + Impossible d'installer '%s'. %s Voulez-vous continuer l'installation ? + Impossible de désinstaller '%s'. %s Voulez-vous continuer la désinstallation ? + Installation terminée. + Le dossier '%s' n'a pas pû être créé + Le pilote de périphérique VeraCrypt n'a pas pû être déchargé.\n\nFermez toutes les fenêtres VeraCrypt en premier. Si cela n'aide pas, redémarrez Windows et essayez à nouveau. + Tous les volumes VeraCrypt doivent être démontés avant d'installer ou de désinstaller VeraCrypt. + Une version obsolète de VeraCrypt est installée sur ce système. Elle doit être désinstallée avant d'installer cette nouvelle version de VeraCrypt.\n\nDès que vous fermerez ce message, le programme de désinstallation de l'ancienne version sera lancé. Notez qu'aucun volume n'est déchiffré lorsque vous désinstallez VeraCrypt. Après avoir désinstallé l'ancienne version de VeraCrypt, réexécutez le programme d'installation de la nouvelle version de VeraCrypt. + L'installation des entrées de la base de registre a échoué + L'installation du pilote de périphérique a échoué. Redémarrez Windows et essayez à nouveau d'installer VeraCrypt. + Exécution du pilote de périphérique VeraCrypt + La désinstallation du pilote de périphérique a échoué. Notez qu'à cause d'un problème dans Windows il sera peut-être nécessaire de fermer la session ou de redémarrer le système avant de pouvoir désinstaller (ou réinstaller) le pilote de périphérique. + Installation du pilote de périphérique VeraCrypt + Arrêt du pilote de périphérique VeraCrypt + Désinstallation du pilote de périphérique VeraCrypt + L'enregistrement de la bibliothèque de support du Contrôle de Compte Utilisateur (UAC) a échoué. + Le désenregistrement de la bibliothèque de support du Contrôle de Compte Utilisateur (UAC) a échoué. + Remarque sur le mode portable :\n\nLe système d'exploitation nécessite des pilotes enregistrés avant qu'ils puissent être démarrés. Par conséquent, le pilote VeraCrypt n'est pas (et ne peut pas l'être) entièrement portable (alors que les applications de VeraCrypt sont entièrement portables, c'est-à-dire qu'elles n'ont pas à être installées ou enregistrées avec le système d'exploitation). Notez également que VeraCrypt a besoin d'un pilote pour fournir le chiffrage/déchiffrage à la volée de manière transparente. + Notez que si vous décidez d'exécuter VeraCrypt en mode portable (par opposition à l'utilisation d'une copie installée de VeraCrypt), le système vous demandera l'autorisation d'exécuter VeraCrypt (invite UAC) chaque fois que vous essayez de l'exécuter.\n\nLa raison est que, lorsque vous exécutez VeraCrypt en mode portable, VeraCrypt doit charger et démarrer le pilote de périphérique VeraCrypt. VeraCrypt a besoin d'un pilote de périphérique pour fournir le chiffrement/déchiffrement à la volée de manière transparente, et les utilisateurs sans privilèges d'administrateur ne peuvent pas démarrer les pilotes de périphériques dans Windows. Par conséquent, le système demandera votre autorisation d'exécuter VeraCrypt avec des privilèges d'administrateur (UAC prompt).\n\nSi vous installez VeraCrypt sur le système (par opposition à l'exécution de VeraCrypt en mode portable), le système ne demandera pas votre autorisation pour exécuter VeraCrypt (invite UAC) chaque fois que vous le lancez.\n\nÊtes-vous sûr que vous souhaitez extraire les fichiers ? + AVERTISSEMENT : Cette instance de l'Assistant de création de Volume a des privilèges administrateur.\n\nVotre nouveau volume peut être créé avec des autorisations qui ne vous permettent pas d'écrire sur le volume quand il est monté. Si vous voulez éviter cela, fermez cette instance de l'Assistant de création de Volume et lancez-en une nouvelle sans privilèges administrateur.\n\nVoulez-vous fermer cette instance de l'Assistant de création de Volume ? + Erreur : Impossible d'afficher la licence. + Externe(!) + jours + heures + minutes + s + Ouvrir + Démonter + Montrer VeraCrypt + Dissimuler VeraCrypt + Lu depuis le montage + Ecrit depuis le montage + Partie chiffrée + 100% (intégralement chiffré) + 0% (non chiffré) + %.3f%% + 100% + En attente + Préparation + Redimensionnement + Cryptage + Décryptage + Finalisation + En pause + Terminé + Erreur + Périphérique déconnecté + Volumes système préférés sauvegardés.\n\nPour permettre le montage des volumes système préférés lorsque le système démarre, veuillez sélectionner « Paramètres » > « Volumes système préférés » > « Montage des volumes système préférés au démarrage de Windows ». + Le volume que vous ajoutez à vos favoris n'est ni une partition ni un volume dynamique. Par conséquent, VeraCrypt ne pourra pas monter ce volume préféré si le numéro de périphérique change. + Le volume que vous ajoutez à vos favoris est une partition non reconnue par Windows.\n\nVeraCrypt ne pourra pas monter ce volume préféré si le numéro de périphérique change. Veuillez définir le type de la partition par un type reconnu par Windows (utilisez la commande SETID de l'outil Windows « diskpart »). Puis ajouter à nouveau la partition aux favoris. + La tâche VeraCrypt en arrière-plan est désactivée ou VeraCrypt est configuré pour se fermer quand il n'y a aucun volume monté (ou VeraCrypt s'exécute en mode portable). Cela peut empêcher vos volumes préférés de monter automatiquement lorsque des dispositifs les hébergents sont connectés.\n\nRemarque : Pour activer VeraCrypt en tâche de fond, sélectionnez Paramètres > Préférences et cochez la case « Activé » dans la section « Tâche de fond VeraCrypt ». + Un conteneur stocké dans un système de fichiers distant partagé sur un réseau ne peut être monté automatiquement lorsque l'appareil hôte se connecte. + Le périphérique affiché ci-dessous n'est ni une partition ni un volume dynamique. Par conséquent, le volume hébergé sur le dispositif ne peut être monté automatiquement lorsque l'appareil est connecté. + Veuillez associer le type de la partition affichée ci-dessous à un type reconnu par Windows (utilisez la commande SETID de l'outil Windows « diskpart »). Puis supprimer la partition des favoris et rajoutez-la. Cela permettra au volume hébergé sur le dispositif d'être monté automatiquement lorsque l'appareil est connecté. + Le périphérique affiché ci-dessous n'est ni une partition ni un volume dynamique. Donc, aucune étiquette ne peut lui être assigné. + Veuillez associer le type de la partition affichée ci-dessous à un type reconnu par Windows (utilisez la commande SETID de l'outil Windows « diskpart »). Puis supprimer la partition des favoris et rajoutez-la. Cela permettra à VeraCrypt d'attribuer une étiquette à la partition. + En raison d'une limitation de Windows, un conteneur stocké dans un système de fichiers distant, partagé sur un réseau, ne peut pas être monté comme un volume système préféré (Cependant, il peut être monté comme un volume non-système préféré lorsqu'un utilisateur ouvre une session). + Entrez le mot de passe pour %s + Entrez un mot de passe pour '%s' + Entrez le mot de passe pour le volume normal/externe + Entrez le mot de passe pour le volume caché + Entrez le mot de passe pour l'en-tête stocké dans un fichier de sauvegarde + Fichiers clé créés avec succès. + Le nombre de fichiers clé que vous avez saisi est invalide. + La taille du fichier clé doit être comprise entre 64 and 1048576 octets. + Merci de saisir le nom de base des fichiers clé qui vont être crées + Le nom de base saisi des fichiers clé est invalide + Le fichier clé '%s' existe déjà.\nVoulez-vous l'écraser? L'opération de génération va s'arrêter si vous répondez non. + AVERTISSEMENT : L'en-tête de ce volume est endommagé ! VeraCrypt a automatiquement utilisé la sauvegarde de l'en-tête du volume intégré au volume.\n\nVous devriez réparer l'en-tête du volume en sélectionnant 'Outils' > 'Restaurer l'en-tête du volume'. + La sauvegarde de l'en-tête du volume a été créée avec succès.\n\nIMPORTANT : Restaurer l'en-tête du volume avec cette sauvegarde restaurera aussi le mot de passe actuel du volume. De plus si un(des) fichier(s) clé est(sont) nécessaire(s) pour monter le volume, la(les) même(s) clé(s) sera(seront) nécessaire(s) pour monter à nouveau le volume quand l'en-tête sera restauré.\n\nAVERTISSEMENT : Cette sauvegarde de l'en-tête de volume ne peut être utilisée que pour restaurer l'en-tête de ce volume en particulier. Si vous utilisez cette sauvegarde d'en-tête sur un volume différent, vous pourrez monter le volume mais vous ne pourrez PAS déchiffrer les données stockées (car vous changerez sa clé principale). + L'en-tête du volume a été restaurée avec succès.\n\nIMPORTANT : Notez qu'un ancien mot de passe peut aussi avoir été restauré. De plus si un(des) fichier(s) clé est(sont) nécessaire(s) pour monter le volume, la(les) même(s) clé(s) sera(seront) nécessaire(s) pour monter à nouveau le volume. + Pour des raisons de sécurité, vous allez devoir saisir le mot de passe (et/ou le(s) fichier(s) clé) du volume.\n\nNote : Si le volume contient un volume caché, vous devrez saisir le mot de passe (et/ou le(s) fichier(s) clé) du volume externe en premier. Ensuite si vous décidez de sauvegarder l'en-tête du volume caché, vous devrez saisir le mot de passe (et/ou le(s) fichier(s) clé) du volume caché. + Êtes-vous sûr de vouloir créer une sauvegarde de l'en-tête du volume : %s ?\n\nAprès avoir cliqué 'Oui', vous serez invité à donner un nom à la sauvegarde de l'en-tête.\n\nNote : Les en-têtes du volume caché et du volume normal seront à nouveau chiffrés en utilisant un nouveau sel et stockés dans le fichier de sauvegarde. S'il n'y a pas de volume caché dans ce volume, la zone réservée pour l'en-tête du volume caché dans le fichier de sauvegarde sera remplie avec des données aléatoires (pour préserver le déni plausible). Lors de la restauration de l'en-tête d'un volume à partir d'un fichier de sauvegarde, vous devrez saisir le mot de passe (et/ou le(s) fichier(s) clé) qui étai(en)t valide(s) quand la sauvegarde de l'en-tête du volume a été créée. Le mot de passe (et/ou le(s) fichier(s) clé) déterminera(détermineront) automatiquement le type de l'en-tête du volume a restaurer, i.e. normal ou caché (notez que VeraCrypt déterminera le type par la méthode d'essais et d'erreurs). + Êtes-vous sûr de vouloir restaurer l'en-tête du volume : %s ?\n\nAVERTISSEMENT : La restauration de l'en-tête du volume restaure aussi le mot de passe du volume qui était valide quand la sauvegarde a été effectuée. De plus si un(des) fichier(s) clé est(sont) nécessaire(s) pour monter le volume, la(les) même(s) clé(s) sera(seront) nécessaire(s) pour monter à nouveau le volume quand l'en-tête sera restauré.\n\nAprès avoir cliqué 'Oui', vous sélectionnerez le fichier de sauvegarde de l'en-tête. + Le volume contient-il un volume caché ? + Le volume contient un volume caché + Le volume ne contient pas de volume caché + Sélectionnez le type de sauvegarde d'en-tête de volume à utiliser : + Restaurer l'en-tête du volume à partir de la sauvegarde intégrée dans le volume + Restaurer l'en-tête du volume à partir d'un fichier de sauvegarde externe + La taille du fichier de sauvegarde de l'en-tête du volume est incorrecte. + Il n'y a pas de sauvegarde d'en-tête intégrée dans ce volume (seuls les volumes créés avec VeraCrypt 6.0 et ultérieur contiennent des en-têtes de sauvegarde intégrés). + Vous essayez de sauvegarder l'en-tête de la partition/du disque système. Cela n'est pas autorisé. Toute opération de sauvegarde/restauration concernant la partition/le disque système ne peut être effectué qu'en utilisant le disque de secours VeraCrypt.\n\nVoulez-vous créer un disque de secours VeraCrypt ? + Vous essayez de restaurer l'en-tête d'un volume virtuel VeraCrypt mais vous avez sélectionné la partition/le disque système. Cela n'est pas autorisé. Toute opération de sauvegarde/restauration concernant la partition/le disque système ne peut être effectué qu'en utilisant le disque de secours VeraCrypt.\n\nVoulez-vous créer un disque de secours VeraCrypt ? + Après avoir cliqué sur 'OK', vous sélectionnerez un nom de fichier et un emplacement pour la nouvelle image ISO du disque de secours VeraCrypt. + L'image du disque de secours a été créée et stockée dans ce fichier :\n%s\n\nMaintenant vous avez besoin de graver l'image du disque de secours sur un CD ou DVD.\n\nIMPORTANT : Notez que le fichier doit être écrit sur le CD/DVD sous forme d'image de disque ISO (pas dans un fichier individuel). Pour plus d'informations sur la façon de le faire, veuillez vous reporter à la documentation d'utilisation de votre logiciel de gravure.\n\nAprès avoir graver le disque de secours, sélectionnez « Système » > « Vérifier le disque de secours » pour vérifier qu'il a été graver correctement. + L'image du disque de secours a été créée et stockée dans ce fichier :\n%s\n\nMaintenant vous avez besoin de graver l'image du disque de secours sur un CD ou un DVD.\n\nSouhaitez-vous lancer maintenant le logiciel de gravure Microsoft ?\n\nRemarque : Après avoir graver le disque de secours, sélectionnez « Système » > « Vérifier le disque de secours » pour vérifier qu'il a été graver correctement. + Insérez votre disque de secours VeraCrypt dans votre lecteur de CD/DVD et cliquez sur 'OK' pour le vérifier. + Le disque de secours VeraCrypt a été vérifié avec succès. + Impossible de vérifier que le disque de secours a été correctement gravé.\n\nSi vous avez gravé le disque de secours, éjectez-le et réinsérez-le puis essayez à nouveau. Si cela n'aide pas, essayez un autre logiciel de gravure ou un autre support.\n\nSi vous essayez de vérifier un disque de secours créé pour une clé principale différente, un mot de passe différent, etc... dans ce cas la vérification échouera à tous les coups. Pour créer un nouveau disque de secours totalement compatible avec votre configuration actuelle, sélectionnez 'Système' > 'Créer un disque de secours'. + L'image ISO du disque de secours VeraCrypt a été vérifiée avec succès. + La vérification de l'image ISO du disque de secours a échoué.\n\nSi vous essayez de vérifier une image ISO de disque de secours créé pour une clé principale différente, un mot de passe différent, etc... dans ce cas la vérification échouera à tous les coups. Pour créer une nouvelle image ISO du disque de secours totalement compatible avec votre configuration actuelle, sélectionnez 'Système' > 'Créer un disque de secours'. + Erreur lors de la création du disque de secours VeraCrypt. + Le disque de secours VeraCrypt ne peut pas être créé quand un système d'exploitation caché est en cours d'exécution.\n\nPour créer un disque de secours VeraCrypt, démarrez le système d'exploitation leurre puis sélectionnez 'Système' > 'Créer un disque de secours'. + Impossible de vérifier que le disque de secours a été correctement gravé.\n\nSi vous avez gravé le disque de secours, éjectez-le et réinsérez-le CD/DVD ; puis cliquez sur Suivant pour essayer à nouveau. Si cela ne fonctionne pas, essayez avec un autre media%s.\n\nSi vous n'avez pas encore gravé le disque de secours, veuillez le faire et cliquez sur Suivant.\n\nSi vous a tenté de vérifier un disque de secours VeraCrypt créé avant de lancer cet Assistant, ce disque de secours ne peut pas être utilisé, car il a été créé pour une clé maître différente. Vous avez besoin de graver le disque de secours nouvellement généré. + et/ou autres logiciels de gravure de CD/DVD + VeraCrypt - Volumes système favoris + Quels sont les volumes systèmes préférés ? + La partition/le lecteur système ne semble pas être chiffré.\n\nLes volumes système favoris peuvent être montés en utilisant seulement un mot de passe d’authentification de pré-amorçage. Par conséquent, pour activer l’utilisation des volumes système favoris, vous devez d’abord chiffrer la partition/le lecteur système. + Démontez le volume avant de commencer + Erreur : Impossible de paramétrer l'horloge. + Vérifier le système de fichiers + Réparer le système de fichiers + Ajouter aux favoris... + Ajouter aux favoris système... + P&ropriétés... + Volume caché protégé + N/A + Oui + Non + Désactivé + 1 + 2 ou plus + Mode opératoire + Label : + Taille : + Chemin : + Unité logique : + Erreur : Le mot de passe ne doit contenir que des caractères ASCII.\n\nLes caractères non-ASCII peuvent empêcher le volume d'être montés si la configuration de votre système change.\n\nLes caractères suivants sont autorisés :\n\n! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Avertissement : Le mot de passe contient certains caractères non-ASCII. Cela peut empêcher le montage du volume si la configuration de votre système change.\n\nVous devriez remplacer les caractères non-ASCII du mot de passe par des caractères ASCII. Pour cela cliquez sur 'Volumes' -> 'Modifier le mot de passe du volume'.\n\nLes caractères ASCII sont les suivants :\n\n! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + AVERTISSEMENT : Nous recommandons fortement que vous évitiez les extensions de fichiers qui sont utilisées pour les fichiers exécutables (tels que .exe, .sys ou .dll) et d'autres extensions de fichiers de même teneur. En utilisant ces extensions de fichier, Windows et les logiciels antivirus provoquent des interférences avec le conteneur, ce qui compromet les performances du volume et peut également causer d'autres graves problems.\n\nNous recommandons fortement que vous supprimiez l'extension de fichier ou la modifiez (par exemple, à '.hc').\n\nÊtes-vous sûr que vous souhaitez utiliser cette extension de fichier ? + AVERTISSEMENT : Nous recommandons fortement que vous évitiez les extensions de fichiers qui sont utilisées pour les fichiers exécutables (tels que .exe, .sys ou .dll) et d'autres extensions de fichiers de même teneur. En utilisant ces extensions de fichier, Windows et les logiciels antivirus provoquent des interférences avec le conteneur, ce qui compromet les performances du volume et peut également causer d'autres graves problems.\n\nNous recommandons fortement que vous supprimiez l'extension de fichier ou la modifiez (par exemple, à '.hc') après avoir démonter le volume. + Site Web + AVERTISSEMENT : Il semble que vous n'avez pas appliqué de Service Pack à votre installation Windows. Vous ne devriez pas écrire sur des disques IDE plus grands que 128 Go sous Windows XP où le Service Pack 1 ou ultérieur n'est pas installé ! Si vous le faites, les données du disque (quelles qu'elles soient) peuvent être corrompues. Notez qu'il s'agit d'une limitation de Windows et non un bogue de VeraCrypt. + AVERTISSEMENT : Il semble que vous n'avez pas appliqué le Service Pack 3 ou ultérieur à votre installation Windows. Vous ne devriez pas écrire sur des disques IDE plus grands que 128 Go sous Windows 2000 où le Service Pack 3 ou ultérieur n'est pas installé ! Si vous le faites, les données du disque (quelles qu'elles soient) peuvent être corrompues. Notez qu'il s'agit d'une limitation de Windows et non un bogue de VeraCrypt.\n\nNote : Vous pouvez avoir besoin d'activer le support LBA 48 bits dans la base de registre. Pour plus d'informations, consultez http://support.microsoft.com/kb/305098/fr + AVERTISSEMENT : Le support LBA ATAPI 48 bits est désactivé sur votre système. Aussi, vous ne devriez pas pouvoir écrire sur des disques IDE plus grands que 128 Go ! Si vous le faites, les données sur le disque (que ce soit un volume VeraCrypt ou non) pourront être corrompues. Notez qu'il s'agit d'une limitation de Windows.\n\nPour activer le support LBA 48 bits, ajouter la valeur de registre 'EnableBigLba' à la clé de registre HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters et donnez lui la valeur 1.\n\nPour plus d'information, allez sur http://support.microsoft.com/kb/305098/fr + Erreur : Les fichiers plus grands que 4 Go ne peuvent pas être stockés sur un système de fichiers FAT32. De plus les volumes VeraCrypt hébergeant un fichier (conteneurs) stockés sur des système en FAT32 ne peuvent être plus grands que 4 Go.\n\nSi vous désirez un volume plus grand, créez-le sur un système NTFS (ou sur un système de fichiers exFAT si vous utilisez Windows Vista SP1 ou ultérieur) ou au lieu de créer un volume hébergeant un fichier, chiffrez donc une partition ou un périphérique entier. + AVERTISSEMENT : Windows XP ne supporte pas les fichiers supérieurs à 2048 Go (il vous signalera que "L'espace disque est insuffisant"). Par conséquent, vous ne pouvez pas créer, sous Windows XP, un fichier hébergé sur un volume VeraCrypt (conteneur) supérieur à 2048 Go.\n\nRemarque : Il est encore possible de chiffrer la totalité du disque ou de créer une partition hébergée sur un volume VeraCrypt supérieure à 2048 Go sous Windows XP. + AVERTISSEMENT : Si plus tard vous désirez ajouter plus de données/de fichiers au volume externe, vous devriez choisir une taille plus petite pour le volume caché.\n\nÊtes-vous sûr de vouloir continuer avec la taille spécifiée ? + Aucune sélection.\n\nCliquez sur 'Fichier...' ou 'Péripherique...' pour sélectionner un volume. + Aucune partition n'est sélectionnée.\n\nCliquez sur 'Périphérique...' pour choisir une partition démontée qui nécessite normalement une authentification lors du pré-amorçage (par exemple, une partition localisée sur un disque système chiffré d'un autre système d'exploitation, qui n'est pas lancé ou la partition système chiffrée d'un autre système d'exploitation).\n\nNote : La partition sélectionnée sera montée comme un volume VeraCrypt normal sans authentification lors du pré-amorçage. Cela peut être utile par exemple lors d'opérations de sauvegarde ou de réparation. + AVERTISSEMENT : Si les fichiers clés par défaut sont paramétrés et activés, les volumes qui n'utilisent pas ces fichiers clés seront impossibles à monter. N'oubliez pas de décocher 'Utiliser les fichiers clés' quand vous montez de tels volumes.\n\nÊtes-vous sûr de vouloir sauvegarder les fichiers clés/les emplacements comme par défaut ? + Montage automatique des périphériques + Tout démonter + Vider le cache + Tout démonter et vider le cache + Forcer le démontage & vider le cache + Forcer le démontage, vider le cache & quitter + Monter les volumes favoris + Afficher/cacher la fenêtre principale de VeraCrypt + (Cliquer ici et appuyer sur une touche) + Action + Raccourci + Erreur : Ce raccourci est réservé. Choisissez-en un autre. + Erreur : Raccourci déjà utilisé. + AVERTISSEMENT : Un ou plusieurs raccourcis système de VeraCrypt ne fonctionneront pas !\n\nAssurez-vous que d'autres applications et que le système d'exploitation n'utilisent pas le(s) même(s) raccourci(s) que VeraCrypt. + La création du fichier de pagination a été empêchée.\n\nEn raison de problèmes de Windows, les fichiers de pagination ne peuvent pas être situés sur des volumes VeraCrypt non-système (y compris les volumes système préférés). VeraCrypt prend en charge la création de fichiers de pagination uniquement sur un système de partition/lecteur chiffré. + Une erreur ou une incompatibilité empêche VeraCrypt de chiffrer le fichier de mise en veille prolongée. La mise en veille prolongée n'a donc pas eu lieu.\n\nNote : Quand un ordinateur passe en mode de veille prolongée (ou en veille), le contenu de sa mémoire système est écrit dans un fichier de stockage sur votre disque système. VeraCrypt ne serait pas en mesure d'empêcher les clés de chiffrement et le contenu de fichiers sensibles ouverts en RAM d'être sauvegardés non chiffrés dans le fichier de mise en veille prolongée. + L'hibernation a été empêchée.\n\nVeraCrypt ne supporte pas la mise en veille prolongée sur les systèmes d'exploitation cachés qui utilisent une partition de démarrage supplémentaires. La partition de démarrage est partagée par le leurre et le système caché. Par conséquent, afin d'éviter les fuites de données et les problèmes à la sortie de l'hibernation, VeraCrypt a empêché le système caché d'écrire sur la partition de démarrage partagée et d'hiberner. + Le volume VeraCrypt monté en tant que %c: a été démontée. + Les volumes VeraCrypt ont été démontés. + Les volumes VeraCrypt ont été démontés et le cache de mot de passe a été nettoyé. + Démonté avec succès. + AVERTISSEMENT : Si la tâche d'arrière-plan VeraCrypt est désactivée, les fonctions suivantes seront désactivées : \n\n1) Les raccourcis clavier\n2) Le démontage automatique des volumes (p. ex., sur fermeture de session, suppression du périphérique hôte involontaire, délai d'attente, etc.)\n3) Montage automatique des volumes préférés\n4) Les notifications (par exemple, les dommages empêchés pour le volume caché) \n5) L'icône de la zone de notification\n\nRemarque : vous pouvez arrêter la tâche d'arrière-plan à tout moment en double-cliquant sur l'icône VeraCrypt située dans la zone de notification et en sélectionnant "Quitter".\n\nÊtes-vous sûr de vouloir désactiver de façon permanente la tâche d'arrière-plan VeraCrypt ? + AVERTISSEMENT : Si cette option est désactivée, les volumes contenant des fichiers/des répertoires ouverts ne pourront pas être démontés automatiquement.\n\nÊtes-vous sûr de vouloir désactiver cette option ? + AVERTISSEMENT : Les volumes contenant des fichiers/des répertoires ouverts ne seront PAS démontés automatiquement.\n\nPour éviter cela, activez l'option suivante : 'Forcer le démontage automatique même s'il y a encore des fichiers ouverts' + AVERTISSEMENT : Lorsque la batterie de l'ordinateur portable est faible, Windows peut omettre d'envoyer les messages appropriés pour l'exécution d'applications lorsque l'ordinateur est entré mode économie. Par conséquent, dans un tel cas, VeraCrypt peut ne pas démonter automatiquement les volumes. + Vous avez planifié le processus de chiffrement d'une partition ou d'un volume. Le processus n'a pas encore été terminé.\n\nSouhaitez-vous reprendre le processus maintenant ? + Vous avez planifié le processus de chiffrement ou de déchiffrement pour la partition/le disque système. Le processus n'est pas encore terminé.\n\nVoulez-vous démarrer (reprendre) le processus maintenant ? + Voulez-vous être averti de la reprise des processus actuellement prévus de chiffrement de partitions/volumes non-système ? + Oui, veuillez m'avertir. + Non, ne m'avertissez pas. + IMPORTANT : N'oubliez pas que vous pouvez reprendre le processus de chiffrement de partition/volume non-système en sélectionnant « Volumes » > « Reprendre le processus interrompu » de la barre de menus de la fenêtre principale de VeraCrypt. + Vous avez planifié le processus de chiffrement ou de déchiffrement de la partition/du disque système. Cependant l'authentification lors du pré-amorçage a échoué (ou a été contournée).\n\nSi vous avez déchiffré la partition/le disque système dans l'environnement de pré-amorçage, vous aurez peut-être à finaliser le processus en sélectionnant 'Système' > 'Déchiffrer définitivement la partition/le disque système' depuis le menu de la fenêtre principale de VeraCrypt. + AVERTISSEMENT : Si vous quittez maintenant VeraCrypt, les fonctions suivantes seront désactivées : \n\n1) Les raccourcis clavier\n2) Le démontage automatique des volumes (p. ex., sur fermeture de session, suppression du périphérique hôte involontaire, délai d'attente, etc.)\n3) Montage automatique des volumes préférés\n4) Les notifications (par exemple, les dommages empêchés pour le volume caché) \n5) L'icône de la zone de notification\n\nRemarque : Si vous ne souhaitez pas que VeraCrypt s'exécute en arrière-plan, désactivez la tâche d'arrière-plan VeraCrypt dans les préférences (et, si nécessaire, désactivez le démarrage automatique de VeraCrypt dans les préférences).\n\nÊtes-vous sûr de vouloir quitter VeraCrypt ? + Quitter ? + VeraCrypt n'a pas assez d'information pour déterminer s'il faut chiffrer ou déchiffrer. + VeraCrypt n'a pas assez d'information pour déterminer s'il faut chiffrer ou déchiffrer.\n\nNote : Si vous avez déchiffré la partition/le disque système dans l'environnement de pré-amorçage, vous aurez peut-être à finaliser le processus en cliquant 'Déchiffrer'. + REMARQUE: Lorsque vous chiffrez 'sur place' une partition ou un volume non système et qu'une erreur vous empêche de façon persistante de terminer le processus, alors vous ne serez pas en mesure de monter le volume (et d'accéder aux données stockées dedans) jusqu'à ce que vous décryptiez le volume entièrement (c'est à dire inverser le processus).\n\nSi vous avez besoin de le faire, procédez comme suit:\n1) quitter l'assistant.\n2) Dans la fenêtre principale VeraCrypt, sélectionnez 'volumes'>'Reprendre un processus interrompu'.\n3) Sélectionnez 'Déchiffrer'. + Vous souhaitez interrompre et reporter le processus de chiffrement de la partition ou du volume? \n\nRemarque : N'oubliez pas que le volume ne peut pas être monté jusqu'à ce qu'il ait été entièrement chiffré. Vous pourrez reprendre le processus de chiffrement et au point où il s'est arrêté. Vous pouvez le faire, par exemple, en sélectionnant « Volumes » > « Reprendre le rocessus interrompu » de la barre de menus de la fenêtre principale de VeraCrypt. + Voulez-vous interrompre et repousser le processus de chiffrement de la partition/du disque système ?\n\nNote : Vous pourrez reprendre le processus et il continuera à partir de l'endroit où il s'est arrêté. Vous pouvez le faire en sélectionnant 'Système' > 'Reprendre le processus interrompu' depuis les menus de la fenêtre principale de VeraCrypt. Si vous désirez arrêter totalement le processus de chiffrement ou l'inverser, sélectionnez 'Système' > 'Déchiffrer définitivement la partition/le disque système'. + Voulez-vous interrompre et repousser le processus de déchiffrement de la partition/du disque système?\n\nNote : Vous pourrez reprendre le processus et il continuera à partir de l'endroit où il s'est arrêté. Vous pouvez le faire en sélectionnant 'Système' > 'Reprendre le processus interrompu' depuis les menus de la fenêtre principale de VeraCrypt. Si vous désirez arrêter totalement le processus de déchiffrement (et démarrer le chiffrement), sélectionnez 'Système' > 'Chiffrer la partition/le disque système'. + Erreur : L'interruption du processus de chiffrement/déchiffrement de la partition/du disque système a échoué. + Erreur: Impossible d'interrompre le processus de nettoyage. + Erreur : La reprise du processus de chiffrement/déchiffrement de la partition/du disque système a échoué. + Erreur: Impossible de démarrer le processus de nettoyage. + Incohérence résolue.\n\n\n(Si vous avez rapporté un bogue en rapport avec cette incohérence, n'oubliez pas d'inclure les informations techniques suivantes dans le rapport de bogue : %hs) + Erreur : État inattendu.\n\n\n (si vous signalez un bogue à cet effet, veuillez inclure les informations techniques suivantes dans le raport :\n%hs) + Il n'y a aucun processus de chiffrement/déchiffrement de la partition ou disque système qui peut être repris.\n\nRemarque: Si vous voulez reprendre un processus interrompu de chiffrement/déchiffrement d'une partition ou volume non système, sélectionnez 'Volumes'>'Reprendre un processus interrompu'. + AVERTISSEMENT : La tâche de fond VeraCrypt est désactivée. Après avoir quitté VeraCrypt, vous ne serez pas notifié si des dommages sur le volume caché sont évités.\n\nNote : Vous pouvez fermer la tâche de fond à tout moment en cliquant droit sur l'icône VeraCrypt et en sélectionnant 'Quitter'.\n\nActiver la tâche de fond VeraCrypt ? + Version du fichier de langue : %s + Vérification du système de fichiers sur le volume VeraCrypt monté sous %s... + Tentative de réparation du système de fichiers sur le volume VeraCrypt monté sous %s... + AVERTISSEMENT : Ce volume est chiffré avec un algorithme de chiffrement ayant un bloc de 64 bits.\n\nDe tels algorithmes (Blowfish, CAST-128 et Triple DES) sont progressivement abandonnés. Il sera possible de monter ce volume en utilisant la version 5.0 et ultérieure de VeraCrypt. Cependant il n'y aura plus d'améliorations concernant l'implémentation de ces algorithmes. Il est recommandé de créer un nouveau volume VeraCrypt chiffré avec un algorithme de chiffrement ayant un bloc de 128 bits (ex : AES, Serpent, Twofish, etc.) et d'y déplacer tous les fichiers de l'ancien volume. + Votre système n'est pas configuré pour monter automatiquement de nouveaux volumes. Il est impossible de monter des volumes hébergeant un périphérique. Le montage automatique peut être activé en exécutant la commande suivante suivie d'un redémarrage système.\n\nmountvol.exe /E + Assignez une lettre de lecteur au périphérique/à la partition avant de poursuivre.\n\nNotez qu'il s'agit d'une exigence du système d'exploitation. + Monter un volume VeraCrypt + Démonter tous les volumes VeraCrypt + VeraCrypt n'a pas pû obtenir les privilèges d'administrateur. + Accès refusé par le système d'exploitation.\n\nCause possible : Le système d'exploitation nécessite que vous ayez la permission en lecture/écriture (ou des privilèges d'administrateur) pour certains dossiers, fichiers et périphériques pour être autorisé à y lire/écrire des données. Normalement un utilisateur sans privilèges d'administrateur est autorisé à créer, lire et modifier les fichiers de son dossier Mes Documents. + Erreur : Le lecteur utilise une taille de secteur non prise en charge.\n\nIl n'est actuellement pas possible de créer de volumes de partition/périphérique-hébergé sur des lecteurs qui utilisent des secteurs de taille supérieure à 4096 octets. Toutefois, vous pouvez créer des volumes de fichiers hébergés (conteneurs) sur ces disques. + Il n'est actuellement pas possible de chiffrer un système installé sur un disque qui utilise une taille de secteur différente de 512 octets. + Le chargeur d'amorçage de VeraCrypt nécessite au moins 32 Ko d'espace libre au début du disque système (il doit être stocké dans cette zone). Malheureusement votre disque ne rempli pas cette condition.\n\n Ne rapportez PAS ceci comme un bogue/un problème dans VeraCrypt. Pour résoudre ce problème vous devez repartitioner votre disque et laisser les 32 premiers kilooctets du disque libres (dans la plupart des cas, vous devrez supprimer et recréer la première partition). Il est recommandé d'utiliser le gestionnaire de partition de Microsoft qui est disponible quand vous installez Windows. + Cette fonction n'est pas supportée par la version du système d'exploitation que vous utilisez. + VeraCrypt ne supporte pas le chiffrement d'une partition/du disque système avec la version du système d'exploitation que vous utilisez actuellement. + Avant de chiffrer la partition/lecteur système sur Windows Vista, vous devez installer le Service Pack 1 ou supérieur pour Windows Vista (ce Service Pack n'a pas encore été installé sur ce système).\n\nRemarque : Le Service Pack 1 pour Windows Vista résoud un problème causant un manque de mémoire lors du démarrage du système. + VeraCrypt ne prend plus en charge le chiffrement du lecteur/partition système sous Windows Vista sans Service Pack installé. Avant la mise à niveau de VeraCrypt, installez le Service Pack 1 ou supérieur pour Windows Vista. + Erreur : cette fonctionnalité nécessite que VeraCrypt soit installé sur le système (VeraCrypt fonctionne actuellement en mode portable).\n\nVeuillez installer VeraCrypt et réessayer. + ATTENTION : Windows ne semble pas être installé sur le lecteur à aprtir duquel il démarre. Ceci n'est pas supporté.\n\nVous devriez continuer uniquement si vous êtes sûr que Windows est installé sur le disque à partir duquel il démarre.\n\nVoulez-vous continuer ? + Votre disque système possède un GUID de table de partition (GPT). Actuellement seuls les disques avec un MBR sont supportés. + ATTENTION : Le chargeur d'amorçage de VeraCrypt est déjà installé sur votre disque système !\n\nIl est possible qu'un autre système sur votre ordinateur soit déjà chiffré.\n\nAVERTISSEMENT : PROCÉDER AU CHIFFREMENT DU SYSTÈME ACTUELLEMENT EN FONCTIONNEMENT PEUT RENDRE LES AUTRES SYSTÈMES IMPOSSIBLES À DÉMARRER ET LES DONNÉES RELATIVES INACCESSIBLES.\n\nÊtes-vous sûr de vouloir continuer ? + Impossible de restaurer le chargeur d'amorçage système original.\n\nVeuillez utiliser le disque de secours VeraCrypt ("Options de réparation" > « Restaurer le chargeur d'amorçage du système original ») ou le support d'installation de Windows pour remplacer le chargeur d'amorçage de VeraCrypt avec le chargeur du système Windows. + Le chargeur de système d'origine ne sera pas stocké sur le disque de secours (cause probable : fichier de sauvegarde manquant). + Impossible d'écrire sur le secteur du MBR.\n\nVotre BIOS peut être configuré pour protéger le secteur du MBR. Rechercher dans les paramètres du BIOS (appuyez sur F2, ou Suppr ou Echap après la mise en route de votre ordinateur) une protection antivirale ou une protection du MBR. + AVERTISSEMENT: La vérification de l'empreinte du chargeur d'amorçage de VeraCrypt a échoué!\nVotre disk a peut avoir été altéré par un attaquant (attaque "Evil Maid")\n\nCet avertissement peut également être déclenchée si vous avez restauré le chargeur d'amorçage de VeraCrypt en utilisant un disque de secours généré à l'aide une version différente de VeraCrypt.\n\nIl est recommandé de changer votre mot de passe immédiatement, ce qui permettra également d'installer la bonne version du chargeur d'amorçage de VeraCrypt. Par mesure de sécurité, vous devriez aussi réinstaller VeraCrypt et prendre les mesures nécessaires pour protéger votre machine contre les accès non autorisés. + La version requise du chargeur d'amorçage de VeraCrypt n'est actuellement pas installée. Cela peut empêcher certains paramètres d'être sauvegardés. + Note : Dans certaines situations, il se peut que vous vouliez pouvoir empêcher une personne (adversaire) qui vous regarde démarrer l’ordinateur de savoir que vous utilisez VeraCrypt. L’option ci-dessus vous permet cela en personnalisant l’écran du chargeur d’amorçage. Si vous cochez la première option, aucun texte ne sera affiché par le chargeur d’amorçage (même quand vous entrez le mauvais mot de passe). L’ordinateur apparaîtra comme "figé" pendant que vous pourrez taper votre mot de passe. De plus, un message personnalisé peut être affiché pour induire en erreur l’adversaire. Par exemple, un faux message d’erreur tel que "Missing operating system" (qui est normalement affiché par le chargeur d’amorçage Windows s’il ne trouve pas de partition d’amorçage Windows). Il est cependant important de noter que si l’adversaire peut analyser le contenu du disque dur, il peut découvrir que celui-ci contient le chargeur d’amorçage VeraCrypt. + AVERTISSEMENT : Gardez à l'esprit que si vous activez cette option, le chargeur d'amorçage de VeraCrypt n'affichera pas les textes (même pas lorsque vous entrerez un mauvais mot de passe). L'ordinateur apparaitra comme figé (sans réponse), alors que vous pouvez taper votre mot de passe (la curseur ne se déplacera pas et aucun astérisque s'affichera lorsque vous appuyerez sur une touche).\n\nÊtes-vous sûr que vous souhaitez activer cette option ? + Votre partition/disque système apparait être totalement chiffré. + VeraCrypt ne supporte pas le chiffrement d'un disque système qui a été converti en disque dynamique. + Le lecteur système contient des partitions étendues (partitions logiques).\n\n Vous pouvez chiffrer entièrement un disque système contenant des partitions étendues uniquement sur Windows Vista et des versions ultérieures de Windows. Sur Windows XP, vous pouvez chiffrer entièrement un disque système à condition qu'il contienne uniquement des partitions primaires.\n\nRemarque : Vous pouvez toujours chiffrer la partition système au lieu du lecteur système entier (et, en plus de cela, vous pouvez créer des volumes VeraCrypt de partitions hébergées au sein de toutes les partitions non-système sur le disque). + AVERTISSEMENT : Comme vous exécutez Windows XP/2003, après avoir démarré le chiffrement du lecteur, vous ne devez pas créer de partitions étendues (partitions logiques) sur ce dernier (vous pouvez créer uniquement des partitions primaires). Toute partition étendue sur le disque sera inaccessible après le démarrage du chiffrement (le disque actuel ne contient pas de telles partition).\n\nRemarque : Si cette limitation n'est pas acceptable, vous pouvez revenir en arrière et choisir de chiffrer seulement la partition système au lieu de la totalité du disque (et, en plus de cela, vous pouvez créer des volumes VeraCrypt de partitions hébergées au sein de toutes les partitions non-système sur le lecteur).\n\nD'autre part, si cette limitation n'est pas acceptable, vous pouvez mettre à niveau le système d'exploitation vers Windows Vista ou une version ultérieure de Windows (vous pouvez chiffrer entièrement un disque système contenant des partitions étendues/logiques uniquement sur Windows Vista ou version ultérieure). + Votre lecteur système contient une partition non standard.\n\nSi vous utilisez un ordinateur portable, votre lecteur système contient probablement une partition spéciale de récupération. Après que l'ensemble du disque système est chiffré (y compris toute partition de récupération), votre système pourrait ne plus démarrer si votre ordinateur utilise un BIOS mal conçu. Il sera également impossible d'utiliser une partition de récupération jusqu'à ce que le lecteur système soit déchiffré. Par conséquent, nous recommandons que vous chiffriez uniquement la partition système. + Voulez-vous chiffrer la partition système au lieu de l'intégralité du disque ?\n\nNotez que vous pouvez créer des volumes VeraCrypt hébergeant une partition dans des partitions non-système du disque (en plus du chiffrement de la partition système). + Comme votre disque système ne contient qu'une seule partition qui occupe tout le disque, il est préférable (plus sécurisé) de chiffrer l'intégralité du disque y compris l'espace libre qui entoure typiquement une telle partition.\n\nVoulez-vous chiffrer l'intégralité du disque système ? + Votre système est configuré pour stocker les fichiers temporaires sur une partition non système.\n\nLes fichiers temporaires ne peuvent être stockés que sur la partition système. + Vos fichiers de profil utilisateur ne sont pas stockés sur la partition système.\n\nLes fichiers de profil utilisateur ne peuvent être stockés que sur la partition système. + Il existe un/des fichier(s) de pagination sur une/des partition(s) non-système.\n\nLes fichiers de pagination ne peuvent figurer que sur la partition système. + Voulez-vous configurer Windows pour créer des fichiers de pagination uniquement sur la partition Windows ?\n\nSi vous cliquez sur « Oui », l'ordinateur sera redémarré. Alors lancez VeraCrypt et essayez à nouveau de créer le système d'exploitation caché. + Dans le cas contraire, le déni plausible du système d'exploitation caché pourrait être défavorablement affecté.\n\nRemarque : Si une personne analyse le contenu de ces fichiers (résidant sur une partition non système), elle peut savoir que vous avez utilisé l'assistant en mode création système-caché (ce qui pourrait indiquer l'existence d'un système d'exploitation caché sur votre ordinateur). Notez également que tout ces fichiers stockés sur la partition système seront effacés de manière sécurisée par VeraCrypt au cours du processus de création du système d'exploitation caché. + AVERTISSEMENT : Pendant le processus de création du système d'exploitation caché, vous devrez réinstaller complètement le système en cours d'exécution (afin de créer un leurre système en toute sécurité).\n\nRemarque : Le système d'exploitation actuel et l'ensemble du contenu de la partition système seront copiés sur le volume caché (afin de créer le système caché).\n\n\nÊtes-vous sûr que vous serez en mesure d'installer Windows à l'aide d'un support d'installation de Windows (ou une partition) ? + Pour des raisons de sécurité, si le système d'exploitation en cours d'exécution exige d'être activé, ce doit être fait avant de continuer. Notez que le système d'exploitation caché sera créé en copiant le contenu de la partition système sur un volume caché (donc si ce système d'exploitation n'est pas activé, le système d'exploitation caché ne sera pas activé non plus).\n\nImportant : Pour plus d'informations et avant de continuer, consultez la section « Exigences et précautions de sécurité se rapportant aux volumes cachés » dans le manuel de l'utilisateur de VeraCrypt.\n\n\nLe système d'exploitation en cours d'exécution répond-il à la condition ci-dessus ? + Votre système utilise une partition de démarrage supplémentaires. VeraCrypt ne supporte pas la mise en veille prolongée sur les systèmes d'exploitation cachés qui utilisent une partition de démarrage supplémentaire (Les systèmes leurre peuvent être mis en veille prolongées sans aucun problème).\n\nLa partition de démarrage sera partagée par le leurre et le système caché. Donc, afin d'éviter les fuites de données et les problèmes de reprise après hibernation, VeraCrypt doit empêcher le système caché d'écrire sur la partition de démarrage partagée et de l'hibernation.\n\n\nVoulez-vous continuer ? Si vous sélectionnez « Non », les instructions pour la suppression de la partition de démarrage supplémentaires seront affichées. + \nLa partition de démarrage supplémentaires peut être retirée avant l'installation de Windows. Pour ce faire, suivez ces étapes : \n\n1) Démarrer sur le disque d'installation de Windows.\n\n2) Sur l'écran d'installation de Windows, cliquez sur "Installer maintenant" > "personnalisé (avancée)".\n\n3) Cliquez sur "Options du lecteur".\n\n4) Sélectionnez la partition système principale et supprimez-la en cliquant sur "Supprimer" et "OK".\n\n5) Sélectionnez la partition "Réservé au système", cliquez sur "Étendre" et augmentez sa taille afin que le système d'exploitation puisse être installé dessus. \n\n6) Cliquez sur "Appliquer" et "OK".\n\n7) Installez Windows sur la partition « Réservé au système ».\n\n\nSi une personne demande pourquoi vous avez supprimez la partition de démarrage supplémentaire, vous pouvez répondre que vous vouliez éviter toutes fuites de données possibles à partir de la partition de démarrage non chiffrée.\n\nRemarque : Vous pouvez imprimer ce texte en cliquant sur le bouton « Imprimer » ci-dessous. Si vous enregistrez une copie de ce texte ou l'imprimer (fortement recommandé, à moins que votre imprimante stocke des copies des documents imprimés sur son disque interne), vous devriez détruire toute copie de celui-ci après la suppression de la partition de démarrage supplémentaire (dans le cas contraire, si une telle copie est trouvée, cela peut indiquer qu'il y a un système d'exploitation caché sur cet ordinateur). + Avertissement : Il existe un espace non alloué entre la partition système et la première partition après celle-ci. Après la création du système d'exploitation caché, vous ne devez pas créer de nouvelles partitions dans cet espace non alloué. Dans le cas contraire, le système d'exploitation caché serait impossible à amorcer (jusqu'à la suppression des nouvelles partitions créées). + Cet algorithme n'est pas encore supporté pour le chiffrement système. + Cet algorithme n'est pas supporté pour le mode TrueCrypt. + Le PIM n'est pas supporté pour le mode TrueCrypt. + Mot de passe doit contenir au moins 20 caractères pour pouvoir utiliser cette valeur de PIM.\nLes mots de passe plus courts ne peuvent être utilisés que si la PIM est égal à 485 ou supérieur. + Le mot de passe de pré-amorçage doit contenir au moins 20 caractères pour pouvoir utiliser cette valeur de PIM.\nLes mots de passe plus courts ne peuvent être utilisés que si la PIM est égal à 98 ou supérieur. + Les fichiers clés ne sont actuellement pas pris en charge pour le chiffrement du système. + Avertissement : VeraCrypt n'a pas pu restaurer la disposition originale du clavier. Cela peut vous faire saisir votre mot de passe de manière erronée . + Erreur : Impossible de paramétrer la disposition du clavier pour VeraCrypt en clavier Américain standard.\n\nNotez que le mot de passe doit être saisi dans un environnement de pré-amorçage (avant que Windows ne démarre) où seul le clavier américain est disponible. Aussi le mot de passe doit toujours être saisi en utilisant la disposition du clavier américain. + Comme VeraCrypt a temporairement changé la disposition du clavier en clavier Américain, il n'est pas possible de taper des caractères tant que la touche droite ALT est maintenue enfoncée. Cependant vous pouvez saisir la plupart de ces caractères en appuyant la touche appropriée tandis que la touche Maj est maintenue enfoncée. + VeraCrypt a empêché la modification de la disposition du clavier. + Note : Le mot de passe devra être saisi dans l'environnement de pré-amorçage (avant le démarrage de windows) où les dispositions de clavier non-américain ne sont pas disponibles. Aussi, le mot de passe doit toujours être saisi en utilisant la disposition du clavier Américain. Mais il est important de noter qu'il n'est PAS nécessaire de posséder un vrai clavier américain. VeraCrypt assure automatiquement que vous pouvez saisir en toute sécurité votre mot de passe (maintenant et dans l'environnement de pré-amorçage) même si vous ne possédez pas un vrai clavier américain. + Avant de pouvoir chiffrer la partition/disque, vous devez créer un disque de sauvegarde VeraCrypt (VRD), dont les buts sont :\n\n- Si le chargeur de démarrage de VeraCrypt, la clé principale ou d'autres données critiques sont endommagées, le VRD permet de les restaurer (remarquez que vous devrez toujours entrer le mot de passe correct).\n\n- Si Windows est endommagé et ne peut pas démarrer, VRD vous permet toujours de déchiffrer la partition/disque avant le démarrage de Windows.\n\n- Le VRD contiendra une sauvegarde du contenu actuel de la première plage du disque (qui contient en général un chargeur de système ou le gestionnaire de démarrage) et vous permettra de le restaurer si necessaire.\n\n L'image ISO du disque de récupération VeraCrypt sera créée à l'emplacement spécifié ci-dessous. + Après avoir cliqué sur OK, le logiciel de gravage d'image Microsoft sera lancé. Utilisez-le pour graver l'image ISO du disque de récupération VeraCrypt sur un CD ou un DVD.\n\nAprès cela, revenez à l'assistant de création de volumes VeraCrypt et suivez les instructions. + L'image de la disque de secours a été créée et stockée dans le fichier : \n%s\n\nMainteant vous avez besoin de le graver sur un CD ou un DVD.\n\n%lsAprès l'avoir gravé, cliquez sur suivant pour vérifier qu'il a été gravé correctement. + L'image de la disque de secours a été créée et stockée dans le fichier : \n%s\n\nVous devriez maintenant graver l'image sur un CD/DVD ou la déplacer vers un emplacement sécurisé pour une utilisation ultérieure.\n\n%lsCliquez sur "Suivant" pour continuer. + IMPORTANT : Le fichier doit être écrit sur le CD/DVD sous forme d'image ISO (pas dans un fichier individuel). Pour plus d'informations sur la façon de le faire, veuillez vous reporter à la documentation de votre logiciel de gravure de CD/DVD. Si vous n'avez pas de logiciel de gravure de CD/DVD cliquez sur le lien ci-dessous pour télécharger un logiciel gratuit.\n\n + Lancez le logiciel de gravure d'image disque de Microsoft + AVERTISSEMENT : Si vous avez déjà créé un disque de secours VeraCrypt dans le passé, il ne peut pas être utilisé à nouveau pour cette partition/ce disque système car il a été créé pour une clé principale différente ! Chaque fois que vous chiffrez une partition/un disque système, vous devez créer un disque de secours VeraCrypt même si vous utilisez le même mot de passe. + Erreur : Impossible de sauvegarder les paramètres de chiffrement système. + Impossible d'initialiser le pré-test du chiffrement système. + Impossible d'initier le processus de création du système d'exploitation caché. + Mode de nettoyage + Sur certains types de supports de stockage, lorsque les données sont écrasées avec d'autres données, il peut être possible de récupérer les données écrasées à l'aide de techniques telles que la microscopie à force de résonnance magnétique. Cela vaut également pour les données qui sont remplacées par leur forme chiffrée (ce qui arrive quand VeraCrypt chiffre initiallement un lecteur ou une partition non chiffré). Selon des études et des publications gouvernementales, la récupération de données écrasées peut être empêchée (ou rendue très difficile) en écrasant un certain nombre de fois les données, avec des données générées aléatoirement et certaines données générées non aléatoirement. Donc, si vous croyez qu'une personne pourrait être en mesure d'utiliser ces techniques pour récupérer les données que vous avez l'intention de chiffrer, vous pouvez sélectionner un des modes de nettoyage (les données existantes ne seront pas perdues). Notez que le nettoyage ne sera pas effectuée après le chiffrement de la partition/lecteur. Lorsque la partition/disque est entièrement chiffrée, aucune donnée non chiffrée n'est stockée dessus. Les données écrites sont tout d'abord chiffrées à la volée en mémoire et sont alors seulement écrites sur le disque. + Sur certains types de supports de stockage, lorsque les données sont écrasées avec d'autres données, il peut être possible de récupérer les données écrasées à l'aide de techniques telles que la microscopie à force de résonnance magnétique. Selon des études et des publications gouvernementales, la récupération de données écrasées peut être empêchée (ou rendue très difficile) en écrasant un certain nombre de fois les données, avec des données générées aléatoirement et certaines données générées non aléatoirement. Par conséquent, si vous pensez qu'une personne pourrait être en mesure d'utiliser ces techniques pour récupérer les données devant être effacées, vous pouvez sélectionner l'un des modes de nettoyage multipasses.\n\nRemarque : Plus il y a de passes et plus il faudra de temps pour effacer les données. + Nettoyage + \nRemarque : Vous pouvez interrompre le processus de nettoyage, arrêter l'ordinateur, relancer le système caché et puis reprendre le processus (cet Assistant sera lancé automatiquement). Toutefois, si vous l'interrompez, l'ensemble du processus de nettoyage devra recommencer depuis le début. + \n\nRemarque : Si vous interrompez le processus de nettoyage et puis essayez de le reprendre, l'ensemble du processus devra recommencer depuis le début. + Voulez-vous annuler le processus de nettoyage ? + Avertissement : Tout le contenu du lecteur/partition sélectionné sera effacé et perdu. + Tout le contenu de la partition hébergeant le système d'origine sera effacé.\n\nRemarque : Tout le contenu de la partition qui doit être effacé a été copié sur cette partition système cachée. + AVERTISSEMENT : Notez que lorsque vous choisissez par exemple le mode de nettoyage de 3 passes, le temps nécessaire pour chiffrer la partition/disque sera jusqu'à 4 fois plus long. De même, si vous choisissez le mode de nettoyage de 35 passes, cela durera jusqu'à 36 fois plus longtemps (cela pourrait même prendre plusieurs semaines).\n\nCependant, notez que le nettoyage ne sera pas effectué après que la partition/disque soit entièrement chiffré. Lorsque la partition/disque est entièrement chiffré, aucune donnée non chiffrée n'est stockée dessus. Toutes les données en cours d'écriture sont tout d'abord chiffrées à la volée en mémoire et sont alors seulement écrites sur le disque (donc la performance ne sera pas affectée).\n\nÊtes-vous sûr que vous souhaitez utiliser le mode de nettoyage ? + Aucun (le plus rapide) + 1 passage (données aléatoires) + 3 passages (US DoD 5220.22-M) + 7 passages (US DoD 5220.22-M) + 35 passages ("Gutmann") + 256 passages + Nombre de système d'exploitation + AVERTISSEMENT : Les utilisateurs novices ne devraient pas essayer de chiffrer Windows dans des configurations à amorçages multiples.\n\nContinuer ? + Lors de la création et l'utilisation d'un système d'exploitation caché, VeraCrypt prend en charge les configurations multi-boot uniquement lorsque les conditions suivantes sont réunies :\n\n- Le système d'exploitation en cours d'exécution doit être installé sur le lecteur d'amorçage, qui ne doit contenir aucun autre système d'exploitation.\n\n- Les systèmes d'exploitation installés sur d'autres lecteurs ne doivent pas utiliser les chargeurs de démarrage résidant sur le lecteur sur lequel le système d'exploitation en cours d'exécution est installé.\n\nEst-ce que les conditions ci-dessus remplies ? + VeraCrypt ne supporte pas cette configuration multi-bootlors de la création/utilisation d'un système d'exploitation caché. + Disque d'amorçage + Le système d'exploitation en cours est-il installé sur le disque d'amorçage.\n\nNote : Parfois Windows n'est pas installé sur le même disque que le chargeur d'amorçage de Windows (partition d'amorçage). Si c'est le cas cliquez sur 'Non'. + VeraCrypt ne supporte pas encore le chiffrement d'un système d'exploitation qui ne démarre pas depuis le disque sur lequel il est installé. + Nombre de disques système + Combien de disques contiennent un système d'exploitation ?\n\nNote : Par exemple si vous avez un système d'exploitation (ex : Windows, Mac OS X, Linux; etc.) installé sur votre disque principal et un autre installé sur un disque secondaire, alors sélectionnez '2 ou plus'. + VeraCrypt ne supporte pas encore le chiffrement de la totalité d'un disque qui contient plusieurs systèmes d'exploitation.\n\nSolutions possibles :\n\n- Vous pouvez toujours chiffrer l'un des systèmes si vous revenez en arrière et que vous choisissez de ne chiffrer qu'une partition système (au lieu de choisir de chiffrer l'intégralité du disque système).\n\n- Alternativement vous pourrez chiffrer la totalité du disque si vous déplacez certains systèmes sur d'autres disques pour ne laisser qu'un seul système sur le disque que vous voulez chiffrer. + Systèmes multiples sur un seul disque + Y a-t-il d'autres systèmes d'exploitation installés sur le disque sur lequel est installé le système d'exploitation actuel ?\n\nNote : Par exemple, si le système d'exploitation en cours est installé sur le disque #0, qui contient plusieurs partitions, et si l'une d'elles contient Windows et qu'une autre contient un autre système d'exploitation (ex : Windows, Mac OS X, Linux, etc.), sélectionnez 'Oui'. + Chargeur d'amorçage non-Windows + Un chargeur d'amorçage (ou un gestionnaire d'amorçage) non-Windows est-il installé dans le MBR ?\n\nNote : Par exemple si la première piste du disque de démarrage contient GRUB, LILO, XOSL ou un autre gestionnaire d'amorçage (ou chargeur d'amorçage non-Windows), sélectionnez 'Oui'. + Amorçage multiple + VeraCrypt ne supporte pas encore les configurations à amorçage multiple où un chargeur d'amorçage non-Windows est installé dans le MBR.\n\nSolutions possibles :\n\n- Si vous utilisez un gestionnaire d'amorçage pour démarrer Windows et Linux, déplacez le gestionnaire d'amorçage (généralement, GRUB) du MBR vers une partition. Puis démarrer à nouveau l'assistant et chiffrez la partition/le disque système. Notez que le chargeur d'amorçage de VeraCrypt deviendra votre gestionnaire d'amorçage principal et qu'il vous permettra de lancer le gestionnaire d'amorçage d'origine (ex : GRUB) comme second gestionnaire d'amorçage (en appuyant sur le touche Echap lors de l'écran du chargeur d'amorçage de VeraCrypt) et ainsi vous pourrez charger Linux. + Si le système d'exploitation en cours est installé sur la partition d'amorçage, alors après l'avoir chiffrée, vous devrez saisir le bon mot de passe même si vous désirez lancer l(es) autre(s) système(s) Windows non-chiffré(s).\n\nSi le système d'exploitation en cours n'est pas installé sur la partition d'amorçage de Windows (ou si le gestionnaire/chargeur d'amorçage de Windows n'est utilisé par aucun autre système), alors après avoir chiffré ce système, vous n'aurez pas à saisir de mot de passe pour lancer le(s) système(s) non-chiffré(s) -- Vous n'aurez qu'à appuyer sur la touche Echap pour lancer le système non-chiffré (s'il y a plusieurs systèmes non-chiffrés, vous devrez aussi choisir lequel lancer dans le menu du gestionnaire d'amorçage de VeraCrypt).\n\nNote : Typiquement, le système d'exploitation installé en premier l'est sur la partition d'amorçage. + Chiffrement de la zone protégée hôte (Host Protected Area) + A la fin de nombreux disques, il y a une zone qui est normalement cachée du système d'exploitation (de telles zones sont généralement appelées 'Zones protégées hôtes' - Host Protected Area). Cependant certains programmes peuvent lire et écrire des données dans ces zones.\n\nAVERTISSEMENT : Certains constructeurs d'ordinateurs peuvent utiliser à dessein ces zones pour y stocker des outils et des données pour le RAID, des outils de récupération système, des outils de diagnostic, etc. Si de tels outils ou si des données doivent être accessibles avant l'amorçage, la zone cachée ne doit PAS être chiffrée (choisir 'Non' ci-dessus).\n\nVoulez-vous que VeraCrypt détecte et chiffre un telle zone cachée (si elle existe) à la fin de votre disque système ? + Type du chiffrement du système + Choisir cette option si vous voulez simplement chiffrer la partition système ou l'intégralité du disque système. + Il peut arriver que vous êtes obligé par quelqu'un de déchiffrer le système d'exploitation. Il y a beaucoup de situations où vous ne pouvez pas refuser de le faire (par exemple, en raison de l'extorsion). Si vous sélectionnez cette option, vous allez créer un système d'exploitation caché dont l'existence sera impossible à prouver (à condition que certaines consignes soient suivies). Ainsi, vous n'aurez pas à déchiffrer ou révéler le mot de passe pour le système d'exploitation caché. Pour une explication détaillée, cliquez sur le lien ci-dessous. + Il peut arriver que vous êtes obligé par quelqu'un de déchiffrer le système d'exploitation. Il y a beaucoup de situations où vous ne pouvez pas refuser de le faire (par exemple, en raison de l'extorsion).\n\nEn utilisant cet assistant vous pouvez créer un système d'exploitation caché dont l'existence sera impossible à prouver (à condition que certaines consignes soient suivies). Ainsi, vous n'aurez pas à déchiffrer ou révéler le mot de passe pour le système d'exploitation caché. + Système d'exploitation caché + Dans les étapes suivantes, vous allez créer deux volumes VeraCrypt (extérieur et caché), à l'intérieure de la première partition derrière la partition système. Le volume caché contient le système d'exploitation caché (OS). VeraCrypt créera les OS cachés en copiant le contenu de la partition système (où le système d'exploitation en cours d'exécution est installé) dan le volume caché. Pour le volume extérieur, vous allez copier certains fichiers sensibles que vous ne voulez pas cacher. Ils seront là pour tous ceux qui vous obligeraient à divulguer le mot de passe de la partition cachée du système d'exploitation. Vous pouvez révéler le mot de passe pour le volume externe au sein de la partition cachée du système d'exploitation (l'existence du système d'exploitation cachée reste secrète).\n\nEnfin, sur la partition système du système d'exploitation en cours d'exécution, vous installer un nouvel OS, ce que l'on appelle un OS leurre et le chiffrer. Il ne doit pas contenir de données sensibles et sera là pour tous ceux qui vous oblige à révéler votre mot de passe d'authentification de pré-amorçage. Au total, il y aura trois mots de passe. Deux d'entre eux peuvent être divulgués (pour l'OS leurre et le volume extérieur). Si vous utilisez le troisième, le système d'exploitation caché va démarrer. + Détection des secteurs cachés + Patientez pendant que VeraCrypt vérifie la présence de secteurs cachés à la fin du disque système. Notez que cela peut prendre un certain temps.\n\nNote : Dans de rares cas, le système peut ne plus répondre durant ce processus de détection. Si cela se produit, redémarrez votre ordinateur, lancez VeraCrypt et essayez à nouveau. VeraCrypt vous demandera automatiquement si vous voulez éviter cette phase de détection. Notez que ce problème n'est pas causé par un bogue de VeraCrypt. + Zone à chiffrer + Sélectionnez cette option si vous souhaitez chiffrer la totalité du disque sur lequel est installé le système d'exploitation Windows en cours d'exécution. Le disque entier, y compris toutes ses partitions, est chiffré sauf la première piste où résidera le chargeur de démarrage VeraCrypt. Toute personne souhaitant accéder à un système installé sur le disque, ou des fichiers stockés sur le disque, devra entrer à chaque fois le mot de passe avant que le système démarre. Cette option ne peut pas être utilisée pour chiffrer un disque secondaire ou externe si Windows n'est pas installé et ne démarre pas dessus. + Collecte de données aléatoires + Clés générées + VeraCrypt n'a trouvé aucun graveur de CD/DVD connecté à votre ordinateur. VeraCrypt a besoin d'un graveur de CD/DVD pour graver un disque de secours VeraCrypt bootable contenant une sauvegarde des clés de chiffrement, du chargeur de démarrage VeraCrypt, du chargeur original du système, etc.\n\nNous vous recommandons fortement de graver le disque de secours VeraCrypt. + Je n'ai aucun graveur CD/DVD, mais j'enregistrerai l'image ISO de secours sur un lecteur amovible (par exemple une clé USB). + Je connecterai un graveur de CD/DVD sur mon ordinateur plus tard. Terminer le processus maintenant. + Un graveur de CD/DVD est connecté à mon ordinateur. Continuer et créer le disque de secours. + Suivez les étapes :\n\n1) Connectez maintenant un disque amovible, comme une clé USB, à votre ordinateur.\n\n2) Copier le fichier image du disque de secours VeraCrypt (%s) sur le lecteur amovible.\n\nDans le cas où vous devez utiliser le disque de secours de VeraCrypt à l'avenir, vous serez en mesure de connecter votre disque amovible (contenant l'image du disque de secours VeraCrypt) à un ordinateur avec un graveur de CD/DVD et de créer un disque de secours amorçable VeraCrypt en gravant l'image sur un CD ou un DVD. IMPORTANT : Le fichier image du disque de secours VeraCrypt doit être écrit sur le CD/DVD sous forme d'image ISO (pas dans un fichier individuel). + Enregistrement du disque de secours + Disque de secours créé + Pré-test du chiffrement système + Disque de secours vérifié + \nLe disque de secours de VeraCrypt a été vérifié avec succès. Enlevez-le du lecteur et stockez-le en lieu sûr.\n\nCliquez 'Suivant' pour continuer. + AVERTISSMENT : Lors des prochaines étapes, le disque de secours de VeraCrypt ne doit pas être dans le lecteur. Sinon il ne sera pas possible de terminer correctement les étapes.\n\nRetirez-le du lecteur maintenant et stockez-le dans un endroit sûr. Puis cliquez sur 'OK'. + Avertissement : À cause de limitations techniques de l'environnement de pré-amorçage, les textes affichés par VeraCrypt dans cet environement (avant que Windows ne démarre) ne peuvent être traduits. L'interface utilisateur du chargeur d'amorçage de VeraCrypt est uniquement en anglais.\n\nContinuer ? + Avant de chiffrer votre partition ou votre disque système, VeraCrypt doit vérifier que tout fonctionne correctement.\n\nAprès avoir cliqué sur 'Test', tous les composants nécessaires (par exemple, le composant d'indentification du pré-amorçage, c'est-à-dire le chargeur d'amorçage de VeraCrypt) seront installés et votre ordinateur redémarrera. Vous devrez ensuite saisir le mot de passe dans l'écran du chargeur d'amorçage de VeraCrypt qui apparaîtra avant que Windows ne démarre. Après le démarrage de Windows, vous serez automatiquement informé des résultats du pré-test.\n\nLe périphérique suivant sera modifié : Disque #%d\n\n\nSi vous cliquez sur 'Annuler' maintenant, rien ne sera installé et les pré-tests ne seront pas effectués. + REMARQUES IMPORTANTES-- VEUILLEZ LES LIRE OU LES IMPRIMER (cliquez sur « Imprimer ») :\n\nAucun de vos fichiers ne sera chiffré avant que vous ayez redémarré avec succès votre ordinateur et Windows. Ainsi, si quelque chose tombe en panne, vos données ne seront pas perdues. Toutefois, si quelque chose se passe mal, vous risquez de rencontrer des difficultés au démarrage de Windows. Par conséquent, veuillez lire et si possible imprimer les instructions suivantes sur ce qu'il faut faire si Windows ne peut pas démarrer après le redémarrage de l'ordinateur.\n\n + Marche à suivre si Windows ne démarre pas\n---\n\nRemarque : Ces instructions sont valables uniquement si vous n'avez pas commencé le chiffrement.\n\n- Si Windows ne démarre pas après avoir entré le mot de passe (ou si vous entrez correctement plusieurs fois le mot de passe mais que VeraCrypt indique que le mot de passe est incorrect), ne paniquez pas. Redémarrer l'ordinateur en appuyant sur le bouton marche/arrêt, puis sur l'écran du chargeur de démarrage de VeraCrypt, appuyez sur la touche Echap de votre clavier (et si vous avez plusieurs systèmes, sélectionnez lequel démarrer). Windows devrait alors démarrer (à condition qu'il n'est pas chiffré) et VeraCrypt vous demandera automatiquement si vous souhaitez désinstaller le composant d'authentification pré-amorçage. Notez que les étapes précédentes ne fonctionnent pas si le système partition/disque est chiffré (personne ne peut démarrer Windows ou accéder à des données chiffrées sur le disque sans le mot de passe même si les étapes précédentes sont suivies).\n\n + - Si les étapes précédentes ne résolvent pas le problème ou si l'écran du chargeur de démarrage de VeraCrypt n'apparaît pas (avant le démarrage de Windows), insérez le disque de secours VeraCrypt dans votre lecteur de CD/DVD et redémarrez votre ordinateur. Si l'écran VeraCrypt du disque de secours n'apparaît pas (ou si vous ne voyez pas l'élément "Options de réparation" dans la section "Contrôles clavier" de l'écran VeraCrypt du disque de secours), il est possible que votre BIOS soit configuré pour tenter de démarrer à partir des disques durs avant de lecteurs CD/DVD. Si tel est le cas, redémarrez votre ordinateur, appuyez sur F2 ou SUPPR (dès que vous voyez l'écran de démarrage du BIOS) et attendez que l'écran de configuration du BIOS s'affiche. Si aucun écran de configuration du BIOS s'affiche, redémarrez l'ordinateur à nouveau et en appuyant sur F2 ou Suppr à plusieurs reprises lors de la séquence de redémarrage de l'ordinateur. Lorsque l'écran de configuration du BIOS s'affiche, configurez votre BIOS pour démarrer en premier lieu depuis le lecteur de CD/DVD (pour plus d'informations sur la façon de le faire, référez-vous à la documentation de votre BIOS/carte mère ou contactez l'équipe de support technique du fournisseur de votre ordinateur). Puis redémarrez votre ordinateur. L'écran VeraCrypt du disque de secours doit apparaître maintenant. Dans l'écran VeraCrypt du disque de secours, sélectionnez « Options de réparation » en appuyant sur la touche F8 du clavier. Dans le menu "Options de réparation", sélectionnez « Restaurer le chargeur du système original ». Ensuite, retirez la disquette de secours de votre lecteur CD/DVD et redémarrez votre ordinateur. Windows devrait démarrer normalement (à condition qu'il ne soit pas chiffré).\n\n + Notez que les étapes précédentes ne fonctionnent pas si le système partition/disque est chiffré (personne ne peut démarrer Windows ou accéder à des données chiffrées sur le disque sans le mot de passe même si les étapes précédentes ont été suivies).\n\n\nNotez que même si vous perdez votre disque de secours VeraCrypt et qu'une personne le trouve, elle ne sera pas en mesure de déchiffrée le lecteur/partition sans le bon mot de passe. + Pré-test terminé + Le pré-test a été terminé avec succès.\n\nAVERTISSEMENT : Si l'alimentation est interrompue soudainement alors que les données existantes en place sont entrain d'être chiffrées, ou lorsque le système d'exploitation plante pendant que VeraCrypt chiffre les données existantes en place, certaines parties des données seront endommagées ou perdues. Par conséquent, avant de commencer à chiffrer, veuillez vous assurer que vous disposez de copies de sauvegarde des fichiers que vous souhaitez chiffrer. Si vous n'en avez pas, veuillez sauvegarder les fichiers maintenant (vous pouvez cliquer sur Reporter, sauvegardez les fichiers, puis exécutez à nouveau VeraCrypt et sélectionnez « Système » > « Reprendre le processus interrompu » pour lancer le chiffrage).\n\nCliquez alors sur chiffrer pour démarrer le chiffrement. + Pour interrompre le processus de chiffrement ou de déchiffrement, vous pouvez cliquez sur Pause ou Reporter à tout moment, quitter cet Assistant, redémarrer ou éteindre votre ordinateur et ensuite reprendre le processus, qui se poursuivra à partir du point où il a été arrêté. Pour éviter les ralentissements lorsque le système ou les applications écrivent ou lisent des données depuis le lecteur système, VeraCrypt attend automatiquement que les données soient écrites ou lues (voir conditions ci-dessus) et continue ensuite automatiquement le chiffrement ou déchiffrement. + \n\nPour interrompre le processus de chiffrement ou de déchiffrement, vous pouvez cliquez sur Pause ou Reporter à tout moment, quitter cet Assistant, redémarrer ou éteindre votre ordinateur et ensuite reprendre le processus, qui se poursuivra à partir du point où il a été arrêté. Notez que le volume ne pourra pas être monté jusqu'à ce que le chiffrement soit entièrement terminé. + \n\nVous pouvez cliquez sur Suspendre ou Différer à tout moment pour interrompre le processus de déchiffrement, quitter cet assistant, redémarrer ou éteindre l'ordinateur, puis reprendre le processus, qui se poursuivra à partir du point où il s'est arrêté. Notez que le volume ne peut pas être monté avant d'avoir été entièrement déchiffré. + Système cache démarré + Système original + Windows génère divers fichiers journaux, fichiers temporaires, etc., sur la partition système. Il enregistre également le contenu de la RAM lors de l'hibernation et le fichiers d'échange situés sur la partition système. Par conséquent, si une personne a analysé les fichiers stockés sur la partition hébergeant le système d'origine (dont le système caché est un clone), il pourrait trouver, par exemple, que vous avez utilisé l'assistant de VeraCrypt en mode création de système caché (qui pourrait indiquer l'existence d'un système d'exploitation caché sur votre ordinateur).\n\nPour éviter cela, VeraCrypt effacera dans les prochaines étapes tout le contenu de la partition hébergeant le système d'origine. Par la suite, afin de parvenir à un déni plausible, vous devrez installer un nouveau système d'exploitation sur la partition et le chiffrer. Ainsi, vous allez créer le système de leurre et l'ensemble du processus de création du système d'exploitation caché sera complet. + Le système d'exploitation caché a été créé avec succès. Toutefois, avant de pouvoir commencer à l'utiliser (et parvenir à un déni plausible), vous devez effacer en toute sécurité (à l'aide de VeraCrypt) tout le contenu de la partition où le système d'exploitation en cours d'exécution est installé. Avant que vous puissiez faire cela, vous devez redémarrer l'ordinateur et, dans l'écran du chargeur de démarrage de VeraCrypt (qui apparaît avant le démarrage de Windows), entrer le mot de passe d'authentification de pré-amorçage pour le système d'exploitation caché. Puis, après le démarrage du système caché, l'assistant VeraCrypt sera lancé automatiquement.\n\nNote : Si vous choisissez maintenant de mettre fin au processus de création du système d'exploitation caché, vous ne serez pas en mesure de reprendre le processus et le système caché ne sera pas accessible (parce que le chargeur de démarrage de VeraCrypt sera supprimé). + Vous avez planifié le processus de création d'un système d'exploitation caché. Le processus n'est pas encore terminé. Pour le compléter, vous devez redémarrer l'ordinateur et, dans l'écran du chargeur de démarrage de VeraCrypt (qui apparaît avant le démarrage de Windows), entrer le mot de passe pour le système d'exploitation caché.\n\nNote : Si vous choisissez maintenant de mettre fin au processus de création du système d'exploitation caché, vous ne serez pas en mesure de reprendre le processus. + Redémarrez l'ordinateur et poursuivez + Fin définitive du processus de création du système d'exploitation caché + Ne faites rien maintenant et demandez à nouveau plus tard + \nSI POSSIBLE, VEUILLEZ IMPRIMER CE TEXTE (cliquez sur "Imprimer").\n\n\nComment et quand utiliser le disque de secours VeraCrypt (Après le chiffrement)\n-----------------------------------------------------------------------------------\n\n + I. Comment démarrer le disque de secours VeraCrypt\n\nPour démarrer un disque de secours VeraCrypt, insérez-le dans votre lecteur de CD/DVD et redémarrez votre ordinateur. Si l'écran VeraCrypt du disque de secours n'apparaît pas (ou si vous ne voyez pas l'élément "Options de réparation" dans la section "Contrôles clavier" de l'écran VeraCrypt du disque de secours), il est possible que votre BIOS soit configuré pour tenter de démarrer à partir des disques durs avant de lecteurs CD/DVD. Si tel est le cas, redémarrez votre ordinateur, appuyez sur F2 ou SUPPR (dès que vous voyez l'écran de démarrage du BIOS) et attendez que l'écran de configuration du BIOS s'affiche. Si aucun écran de configuration du BIOS s'affiche, redémarrez l'ordinateur à nouveau et en appuyant sur F2 ou Suppr à plusieurs reprises lors de la séquence de redémarrage de l'ordinateur. Lorsque l'écran de configuration du BIOS s'affiche, configurez votre BIOS pour démarrer en premier lieu depuis le lecteur de CD/DVD (pour plus d'informations sur la façon de le faire, référez-vous à la documentation de votre BIOS/carte mère ou contactez l'équipe de support technique du fournisseur de votre ordinateur). Puis redémarrez votre ordinateur. L'écran VeraCrypt du disque de secours doit apparaître maintenant. Dans l'écran VeraCrypt du disque de secours, sélectionnez « Options de réparation » en appuyant sur la touche F8 du clavier.\n\n\n + II. Comment et quand utiliser le disque de secours VeraCrypt (Après le chiffrement)\n\n + 1) Si l'écran du chargeur de démarrage VeraCrypt n'apparaît pas lorsque vous démarrez votre ordinateur (ou si Windows ne démarre pas), le chargeur de démarrage VeraCrypt peut être endommagé. Le disque de secours de VeraCrypt permet de le restaurer et donc de rétablir l'accès à votre système chiffré et aux données (Cependant, notez que vous devrez toujours entrer le mot de passe). Dans l'écran du disque de secours, sélectionnez "Options de réparation" > « Restaurer le chargeur de démarrage VeraCrypt ». Appuyez sur « O » pour confirmer l'action, retirez le disque de secours de votre lecteur de CD/DVD et redémarrez votre ordinateur.\n\n + 2) Si vous entrez plusieurs fois le bon mot de passe mais que VeraCrypt dit que le mot de passe est incorrect, la clé principale ou d'autres données critiques peuvent être endommagées. Le disque de secours VeraCrypt vous permet de les restaurer et donc de rétablir l'accès à votre système chiffré et aux données (Cependant, notez que vous devrez toujours entrer le mot de passe). Dans l'écran du disque de secours, sélectionnez "Options de réparation" > « Restaurer les données-clés ». Puis entrez votre mot de passe, appuyez sur « O » pour confirmer l'action, retirez le disque de secours de votre lecteur de CD/DVD et redémarrez votre ordinateur.\n\n + 3) Si le chargeur de démarrage VeraCrypt est endommagé, vous pouvez son exécution en démarrant directement à partir du disque de secours VeraCrypt. Insérez le disque de secours dans le lecteur de CD/DVD et entrez le mot de passe dans l'écran du disque de secours.\n\n + 4) Si Windows est endommagé et ne peut pas démarrer, le disque de secours VeraCrypt vous permet en permanence de déchiffrer la partition/disque avant le démarrage de Windows. Dans l'écran du disque de secours, sélectionnez 'Options de réparation' > « Déchiffrer de manière permanente la partition/lecteur système ». Entrez le mot de passe et attendez que le déchiffrage soit terminé. Ensuite, vous pourrez par exemple démarrer sur le CD/DVD de MS Windows pour réparer votre installation de Windows.\n\n + Remarque : Si Windows est endommagé (il ne démarre plus) et que vous devez le réparer (ou accéder aux fichiers), vous pouvez éviter de déchiffrer la partition/disque système en procédant comme suit : Si vous avez plusieurs systèmes d'exploitation installés sur votre ordinateur, démarrez celui qui ne nécessite pas d'authentification lors du pré-amorçage. Si vous n'avez pas plusieurs systèmes d'exploitation installés sur votre ordinateur, vous pouvez démarrer sur un CD/DVD WinPE ou BartPE, ou vous pouvez connecter votre lecteur système comme disque secondaire ou externe sur un autre ordinateur, puis démarrez le système d'exploitation installé sur l'ordinateur. Après avoir démarré un système, exécutez VeraCrypt, cliquez sur « Sélectionner le périphérique », sélectionnez la partition système affectée, cliquez sur « OK », sélectionnez « Système » > « Monter sans authentification de dpré-amorçage », entrez votre mot de passe d'authentificatione pré-amorçage et cliquez sur 'OK'. La partition sera montée comme un volume VeraCrypt régulier (les données seront décrypté/cryptée à la volée en RAM lors de l'accès, comme d'habitude).\n\n\n + Notez que même si vous perdez le disque de secours VeraCrypt et qu'une personne le trouve, elle ne sera pas en mesure de déchiffrer la partition système ou le disque sans le mot de passe. + \n\nI M P O R T A N T -- VEUILLEZ IMPRIMER CE TEXTE SI POSSIBLE (cliquez sur « Imprimer » ci-dessous).\n\n\nRemarque : Ce texte s'affiche automatiquement chaque fois que vous démarrez le système caché jusqu'à ce que vous commenciez à créer le système de leurre.\n\n\n + Comment créer un système de leurre en toute sécurité\n----------------------------------------------------------------------------\n\nAfin de permettre le déni plausible, vous devez créer le système d'exploitation leurre maintenant. Pour ce faire, procédez comme suit :\n\n + 1) Pour des raisons de sécurité, arrêtez votre ordinateur et laissez-le éteint pendant plusieurs minutes (plus c'est long, mieux c'est). Ceci est nécessaire pour effacer la mémoire qui contient des données sensibles. Puis allumez l'ordinateur, mais ne démarrez pas le système caché.\n\n + 2) Installer Windows sur la partition dont le contenu a été effacé (c'est-à-dire sur la partition où le système d'origine, pour lequel le système caché est un clone, a été installé).\n\nIMPORTANT : LORSQUE VOUS DÉMARREZ L'INSTALLATION DU SYSTÈME LEURRE, ON NE POURRA PAS DÉMARRER SUR LE SYSTÈME CACHÉ (parce que le chargeur de démarrage VeraCrypt sera effacé par l'installateur de Windows). C'EST UN COMPORTEMENT NORMAL ET ATTENDU. NE PANIQUEZ PAS. VOUS POURREZ À NOUVEAU DÉMARRER LE SYSTÈME CACHÉ DÈS QUE VOUS COMMENCEREZ LE CHIFFREMENT DU SYSTÈME LEURRE (parce que VeraCrypt installera ensuite automatiquement le chargeur de démarrage VeraCrypt sur le lecteur système).\n\nImportant : La taille de la partition du système leurre doit rester identique à la taille du volume caché (cette condition est maintenant remplie). En outre, vous ne devez pas créer n'importe quelle partition entre la partition système leurre et la partition où le système caché réside.\n\n + 3) Démarrer le système leurre (que vous avez installé à l'étape 2 et installer VeraCrypt sur dessus).\n\nGardez à l'esprit que le système leurre ne doit jamais contenir les données sensibles.\n\n + 4) Sur le système leurre, exécutez VeraCrypt et sélectionnez « Système » > « Chiffrer la partition/disque système ». La fenêtre de l'assistant de création de volume VeraCrypt devrait apparaitre.\n\nLes étapes suivantes s'appliquent à l'assistant de création de volume VeraCrypt.\n\n + 5) Dans l'assistant de création de volume VeraCrypt, ne sélectionnez pas l'option « Caché ». Laissez l'option « Normale » sélectionnée, puis cliquez sur « Suivant ».\n\n + 6) Sélectionnez l'option « Chiffrer la partition système Windows » et cliquez ensuite sur « Suivant ».\n\n + 7) S'il y a seulement le système caché et le système leurre installés sur l'ordinateur, sélectionnez l'option « Amorçage unique » (s'il y a plus que ces deux systèmes installés sur l'ordinateur, sélectionnez « Multi amorçage »). Puis cliquez sur « Suivant ».\n\n + 8) IMPORTANT : dans cette étape, POUR LE SYSTÈME LEURRE, VOUS DEVEZ SÉLECTIONNER LE MÊME ALGORITHME DE CHIFFRAGE ET DE HACHAGE QUE VOUS AVEZ SÉLECTIONNÉ POUR LE SYSTÈME CACHÉ! DANS LE CAS CONTRAIRE, LE SYSTÈME CACHÉ NE SERA PLUS ACCESSIBLES ! En d'autres termes, le système leurre doit être chiffré avec le même algorithme de chiffrement que le système caché. Note : La raison est que le système leurre et le système caché partageront un chargeur de démarrage unique, qui prend uniquement en charge un seul algorithme, sélectionné par l'utilisateur (pour chaque algorithme, il y a une version spéciale du chargeur d'amorçage VeraCrypt).\n\n + 9) Dans cette étape, choisissez un mot de passe pour le système d'exploitation leurre. Ce sera le mot de passe d'authentification de pré-amorçage que vous serez en mesure de révéler si quelqu'un le demande ou que vous êtes forcé de le divulguer (l'autre mot de passe que vous pouvez révéler est celui du volume externe). L'existence du troisième mot de passe (c'est-à-dire du mot de passe d'authentification de pré-amorçage pour le système d'exploitation caché) restera secret.\n\nImportant : Le mot de passe que vous choisissez pour le système leurre doit être sensiblement différent de celui que vous avez choisi pour le volume caché (c'est-à-dire pour le système d'exploitation caché).\n\n + 10) Suivez les instructions restantes de l'assistant afin de chiffrer le système d'exploitation leurre.\n\n\n\n + Après que le système leurre est créé\n------------------------------------------------\n\nAprès avoir chiffrer le système leurre, le processus de création du système d'exploitation caché s'achèvera et vous serez en mesure d'utiliser ces trois mots de passe : \n\n1) Mot de passe d'authentification de pré-amorçage pour le système d'exploitation cachés.\n\n2 Mot de passe d'authentification de pré-amorçage pour le système d'exploitation leurre .\n\n3) Mot de passe pour le volume extérieur.\n\n + Si vous souhaitez démarrer le système d'exploitation caché, vous devrez entrer le mot de passe dans l'écran du chargeur de démarrage VeraCrypt pour le système d'exploitation caché (qui s'affiche lorsque vous allumez ou redémarrez votre ordinateur).\n\nSi vous souhaitez démarrer le système d'exploitation leurre, vous devrez entrer le mot de passe pour le système d'exploitation leurre dans l'écran du chargeur de démarrage VeraCrypt.\n\nLe mot de passe pour le système leurre peut être communiqué à quiconque vous demande de le révéler. L'existence du volume caché (et du système d'exploitation caché) restera secrète.\n\n + Le troisième mot de passe (pour le volume extérieur) peut être communiqué à quiconque vous demande de révéler le mot de passe pour la première partition derrière la partition système, là où résident aussi bien le volume extérieur que le volume caché (contenant le système d'exploitation caché). L'existence du volume caché (et du système d'exploitation caché) restera secrète.\n\n\n + Si vous avez révélé le mot de passe pour le système leurre à quelqu'un et qu'il vous a demand pourquoi l'espace libre de la partition système (leurre) contient des données aléatoires, vous pouvez par exemple répondre : "La partition contenait auparavant un système chiffré par VeraCrypt, mais j'ai oublié le mot de passe d'authentification de pré-amorçage (ou le système a été endommagé et ne démarrait plus), donc j'ai dû réinstaller Windows et chiffrer la partition à nouveau. »\n\n\n + Si toutes les instructions, les précautions et les exigences énumérées dans la section « Exigences et précautions de sécurité relatives aux volumes cachés » dans le guide de l'utilisateur VeraCrypt sont suivies, il devrait être impossible de prouver que le volume caché et le système d'exploitation caché existent, même si le volume extérieur est monté ou lorsque le système d'exploitation leurre est déchiffré ou démarré.\n\nSi vous enregistrez une copie de ce texte ou l'imprimez (ce qui est fortement recommandé, à moins que votre imprimante stocke des copies des documents imprimés sur son disque interne), vous devez détruire toute copie de celui-ci après avoir créé le système leurre et après avoir compris toutes les informations contenues dans le texte (dans le cas contraire, si une telle copie a été trouvée, il peut indiquer qu'il y a un système d'exploitation caché sur cet ordinateur).\n\n + AVERTISSEMENT : SI VOUS NE PAS PROTÉGER LE VOLUME CACHÉ (pour plus d'informations sur la façon de le faire, reportez-vous à la section « Protection des volumes cachés contre les dommages » dans le Guide de l'utilisateur VeraCrypt), N'ÉCRIVEZ PAS SUR LE VOLUME EXTERNE (Notez que le système d'exploitation leurre n'est pas installé sur le volume externe). SINON, VOUS POUVEZ ÉCRASER ET ENDOMMAGER LE VOLUME CACHÉ (ET LE SYSTÈME D'EXPLOITATION CACHÉ QU'IL CONTIENT) ! + Clonage du système d'exploitation + Dans les prochaines étapes, VeraCrypt va créer le système d'exploitation caché en copiant le contenu de la partition système sur le volume caché (les données à copier à la volée seront chiffrées avec une clé de chiffrement différente de celle qui sera utilisée pour le système d'exploitation leurre).\n\nVeuillez noter que le processus sera effectué dans l'environnement de pré-amorçage (avant le démarrage de Windows) et cela peut prendre beaucoup de temps, plusieurs heures ou même plusieurs jours (selon la taille de la partition système et les performances de votre ordinateur).\n\nVous serez en mesure d'interrompre le processus, arrêtez l'ordinateur, démarrez le système d'exploitation et ensuite reprendre le processus. Toutefois, si vous l'interrompez, tout le processus de copie du système devra recommencer depuis le début (parce que le contenu de la partition système ne doit pas changer lors du clonage). + Voulez-vous annuler l'intégralité du processus de création du système d'exploitation caché ?\n\nNote : Vous ne pourrez PAS reprendre le processus si vous l'annulez maintenant. + Voulez-vous annuler le pré-test de chiffrement du système ? + Le prétest de chiffrement du système VeraCrypt a échoué. Voulez-vous réessayer ?\n\nSi vous sélectionnez « Non », le composant d'authentification de pré-amorçage sera désinstallé.\n\nRemarques :\n\n- Si le chargeur de démarrage de VeraCrypt n'a pas demandé d'entrer le mot de passe avant que Windows a commencé à démarrer, il est possible que votre système d'exploitation ne démarre pas depuis le disque sur lequel il est installé. Ceci n'est pas supporté.\\n\n- Si vous avez utilisé un algorithme de chiffrement autre que de l'AES et que le prétest a échoué (et vous avez entré le mot de passe), cela peut avoir été causé par un pilote mal conçu. Sélectionnez « Non » et essayer de chiffrer la partition/lecteur système à nouveau, mais utilisez l'algorithme de chiffrement AES (qui a le plus bas niveau d'exigences).\n\n- Pour plus de détails sur les causes et les solutions, voir : https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + La partition/le disque système ne semble pas chiffré (totalement ou en partie). + Votre partition/votre disque système est chiffré (totalement ou en partie).\n\nDéchiffrez votre partition/votre disque système entièrement avant de poursuivre. Pour cela sélectionnez 'Système' > 'Déchiffrer définitivement la partition/le disque système' depuis la barre des menus de la fenêtre principale VeraCrypt. + Lorsque la partition/lecteur système est chiffré (partiellement ou totalement), vous ne pouvez pas rétrograder VeraCrypt (mais vous pouvez le mettre à jour ou réinstaller la même version). + Votre partition/votre disque est en cours de chiffrement, déchiffrement ou de modification. Interrompez le processus en cours (ou attendez son arrêt) avant de poursuivre. + Une instance de l'assistant de création de volume de VeraCrypt existe déjà sur ce système et procède (ou se prépare à procéder) au chiffrement/déchiffrement de la partition/du disque système. Avant de poursuivre, patientez jusqu'à la fin du traitement ou arrêtez-le. Si vous ne pouvez pas l'arrêter, redémarrer votre ordinateur avant de poursuivre. + Le processus de chiffrement ou de déchiffrement de la partition/du disque système n'est pas terminé. Patientez jusqu'à ce qu'il finisse avant de poursuivre. + Erreur : Le processus de chiffrement de la partition/du disque n'est pas terminé. Il doit d'abord être achevé. + Erreur : Le processus de chiffrement de la partition ou du volume n'a pas été terminé. Il d'abord doit être complété.\n\nRemarque : Pour reprendre le processus, sélectionnez « Volumes » > « Reprendre le processus interrompu » de la barre de menus de la fenêtre principale de VeraCrypt. + Le mot de passe est correct, VeraCrypt a déchiffré avec succès l'en-tête du volume et a détecté que ce volume est un volume caché. Cependant, vous ne pouvez pas modifier l'en-tête d'un volume système caché de cette manière.\n\nPour changer le mot de passe d'un volume système caché, démarrer le système d'exploitation résidant dans le volume caché, puis sélectionnez 'Système' > 'Modifier le mot de passe...' depuis la barre des menus de la fenêtre principale de VeraCrypt.\n\nPour paramétrer l'algorithme de dérivation de la clé d'en-tête, démarrez le système d'exploitation caché puis sélectionnez 'Système' > 'Paramétrer l'algorithme de dérivation de la clé d'en-tête...'. + VeraCrypt ne supporte pas le déchiffrement 'sur place' d'une partition système cachée .\n\nNote : Si vous voulez déchiffrer la partition système leurre, démarrez le système leurre puis sélectionnez 'Système' > 'Déchiffrer définitivement la partition/le disque système' dans la barre des menus de la fenêtre principale de VeraCrypt. + Erreur : paramètre incorrect/invalide. + Vous avez sélectionné une partition ou un périphérique mais le mode assistant que vous avez sélectionné n'est valable que pour les fichiers conteneurs.\n\nVoulez-vous changer le mode assistant ? + Voulez-vous créer à la place un fichier conteneur VeraCrypt ? + Vous avez sélectionné le partition/disque système (ou la partition de démarrage), mais le mode assistant sélectionné ne convient que pour les partitions/disques non-système.\n\nVous voulez configurer l'authentification de pré-amorçage (ce qui signifie que vous devrez entrer votre mot de passe chaque fois que Windows démarre) et chiffrer la partition/disque système ? + Êtes-vous sûr de vouloir déchiffrer définitivement la partition/le disque système ? + ATTENTION : Si vous déchiffrez définitivement la partition/le disque système, des données non chiffrées y seront écritent.\n\nÊtes-vous vraiment sûr de vouloir déchiffrer définitivement la partition/le disque système ? + Êtes-vous sûr de vouloir déchiffrer de façon permanente le volume suivant? + ATTENTION: Si vous décryptez de manière permanente le volume VeraCrypt, les données non chiffrées seront écrites sur le disque.\n\nÊtes vous vraiment sûr que vous voulez déchiffrer de manière permanente le volume sélectionné.? + AVERTISSEMENT : Si vous utilisez une cascade d'algorithmes de chiffrement pour le chiffrement du système, vous pouvez rencontrer les problèmes suivants :\n\n1) La taille du chargeur de démarrage de VeraCrypt est supérieur à la normale et il n'y a donc pas assez d'espace dans la première plage du disque pour une sauvegarde du chargeur de démarrage VeraCrypt. Par conséquent, chaque fois qu'il est endommagé (ce qui arrive souvent, par exemple au cours de procédures d'activation de lutte contre la piraterie de certains programmes mal conçus), vous devrez utiliser le disque de secours VeraCrypt pour démarrer ou réparer le chargeur de démarrage VeraCrypt.\n\n2) Sur certains ordinateurs, la reprise depuis l'hibernation prend plus de temps.\n\nCes problèmes potentiels peuvent être évités en choisissant un algorithme de cryptage non-cascadé (par exemple AES).\n\nÊtes-vous certain de vouloir utiliser une cascade d'algorithmes de chiffrement ? + Si vous rencontrez un des problèmes décrits précédemment, déchiffrez la partition/le disque (s'il est chiffré) puis essayez de le chiffrer à nouveau en utilisant un algorithme sans cascade (ex : AES). + AVERTISSEMENT : Pour des raisons de sécurité, vous devez mettre à jour VeraCrypt sur le système d'exploitation leurre avant de le mettre à jour sur le système d'exploitation caché.\n\nPour ce faire, démarrer le système leurre et lancez l'installation de VeraCrypt dessus. Puis démarrer le système caché et exécutez aussi l'installation dessus.\n\nRemarque : Le système leurre et le système caché partagent un chargeur de démarrage unique. Si vous êtes mis à jour VeraCrypt seulement sur le système caché (mais pas sur le système leurre), le système leurre contiendra un pilote VeraCrypt et une application VeraCrypt dont les numéros de version sont différents de celui du chargeur de démarrage VeraCrypt. Une telle différence peut indiquer qu'il y a un système d'exploitation caché sur cet ordinateur.\n\n\nVoulez-vous continuer ? + Le numéro de version du chargeur d'amorçage de VeraCrypt qui a démarré ce système d'exploitation est différent de celui du pilote de VeraCrypt (et de ses applications) installé sur ce système.\n\nVous devriez lancer l'installeur VeraCrypt (dont le numéro de version est le même que celui du chargeur d'amorçage de VeraCrypt) pour mettre à jour la version de VeraCrypt installé dans ce système d'exploitation. + Le numéro de version du chargeur de démarrage VeraCrypt qui a démarré ce système d'exploitation est différent du numéro de version du pilote VeraCrypt (et des applications VeraCrypt) installé sur ce système. Notez que les versions plus anciennes peuvent contenir des bogues corrigés dans les versions ultérieures.\n\nSi vous n'avez pas démarré depuis le disque de secours VeraCrypt, vous devez réinstaller VeraCrypt ou le mettre à niveau vers la dernière version stable (le chargeur de démarrage sera aussi actualisé).\n\nSi vous avez démarré depuis le disque de secours VeraCrypt, vous devez le mettre à jour (« Système » > « Créer le disque de secours »). + Le chargeur d'amorçage de VeraCrypt a été mis à jour.\n\nIl est recommandé de créer un nouveau disque de secours VeraCrypt (qui contiendra la nouvelle version du chargeur d'amorçage de VeraCrypt) en sélectionnant 'Système' > 'Créer un disque de secours' après avoir redémarré votre ordinateur. + Le chargeur d'amorçage de VeraCrypt a été mis à jour.\n\nIl est fortement recommandé de démarrer le système d'exploitation leurre et de créer un nouveau disque de secours VeraCrypt (qui contiendra la nouvelle version du chargeur d'amorçage de VeraCrypt) en sélectionnant 'Système' > Créer un disque de secours'. + Échec de la mise à jour du chargeur d'amorçage de VeraCrypt. + VeraCrypt n'a pas pu détecter la taille réelle du disque système et, par conséquent, la taille indiquée par le système d'exploitation (qui peut être infèrieure à la taille réelle) sera utilisée. Notez également que ce n'est pas un bug dans VeraCrypt. + AVERTISSEMENT : Il semble que VeraCrypt a déjà essayé de détecter des secteurs cachés sur ce disque système. Si vous avez rencontré des problèmes lors du précédent processus de détection, vous pouvez vous épargner des problèmes en évitant maintenant la détection des secteurs cachés. Notez que si vous le faites, VeraCrypt utilisera la taille donnée par le système d'exploitation (qui peut être plus petite que la taille réelle du disque).\n\nNotez que ce problème n'est pas causé par un bogue de VeraCrypt. + Eviter la détection des secteurs cachés (utiliser la taille donnée par le système d'exploitation) + Essayer à nouveau de détecter des secteurs cachés + Erreur : Le contenu d'un ou plusieurs secteurs sur le disque ne peut pas être lu (probablement en raison d'un défaut physique).\n\nLe processus de chiffrement sur-place peut continuer uniquement lorsque les secteurs seront à nouveau lisibles. VeraCrypt peut essayer de rendre ces secteurs lisible en y écrivant des zéros (par la suite ces blocs de seront chiffrés). Toutefois, notez que toutes les données stockées sur les secteurs illisibles seront perdues. Si vous voulez éviter cela, vous pouvez essayer de récupérer certaines parties des données corrompues en utilisant des outils tiers appropriés.\n\nRemarque : Dans le cas de secteurs endommagés physiquement (par opposition à la corruption de données simple et d'erreurs de somme de contrôle) la plupart des types de périphériques de stockage interne réaffectent les secteurs lorsque les données écrites dessus (donc les données existantes sur les secteurs endommagés peuvent rester non chiffrées sur le disque).\n\nVoulez-vous que VeraCrypt écrive des zéros sur les secteurs illisibles ? + Erreur : Le contenu d'un ou plusieurs secteurs sur le disque ne peut pas être lu (probablement en raison d'un défaut physique).\n\nPour être en mesure d'aller de l'avant, VeraCrypt devra écarter le contenu des secteurs illisibles (le contenu sera remplacé par les données pseudo-aléatoires). Veuillez noter qu'avant de poursuivre, vous pouvez essayer de récupérer des parties des données endommagées à l'aide d'outils tiers appropriés.\n\nVoulez-vous que VeraCrypt supprime maintenant les données dans les secteurs illisibles ? + Remarque : VeraCrypt a remplacé le contenu de % I64d secteurs illisibles (%s) avec des blocs chiffrés de zéros en texte brut. + Note : VeraCrypt a remplacé le contenu de %I64d secteurs non lisible (%s) par des données aléatoires. + Entrez le mot de passe/PIN pour le jeton '%s': + Afin de permettre à VeraCrypt d'accéder à un jeton de sécurité ou une carte à puce, vous devez d'abord installer une bibliothèque logicielle PKCS #11 pour le jeton ou la carte à puce. La bibliothèque peut être fournie par le périphérique ou disponible en téléchargement sur le site web du vendeur ou d'autres tiers.\n\nAprès avoir installé la bibliothèque, vous pouvez soit la sélectionner manuellement en cliquant sur "Bibliothèque...", soit laisser VeraCrypt la trouver et la sélectionner automatiquement en cliquant sur "Détecter bibliothèque" (seul le répertoire système de Windows sera parcouru). + Note : Pour le nom de fichier et l'emplacement de la bibliothèque PKCS #11 installée pour votre jeton de sécurité ou carte à puce, veuillez vous reporter à la documentation fournie avec le jeton, la carte ou le logiciel tiers.\n\nAppuyer sur "OK" pour sélectionner le chemin et le nom de fichier. + Afin de permettre à VeraCrypt d'accéder à un jeton de sécurité ou une carte à puce, vous devez d'abord sélectionner une bibliothèque logicielle PKCS #11 pour le jeton/la carte. Pour cela, allez dans "Paramètres" > "Jetons de sécurité...". + Impossible d'initialiser la bibliothèque du jeton de sécurité PKCS #11.\n\nAssurez-vous que le nom et le chemin d'accès spécifié, font référence à une bibliothèque de PKCS #11 valide. Pour spécifier un chemin de bibliothèque PKCS #11 et un nom de fichier, sélectionnez « Paramètres » > « Jetons de sécurité ». + Aucune bibliothèque PKCS #11 n'a été trouvé dans le répertoire système de Windows.\n\nAssurez-vous qu'une bibliothèque PKCS #11 pour votre jeton de sécurité (ou de votre carte à puce) est installée (une telle bibliothèque peut-être être fournie avec le jeton/carte ou il peut être disponible en téléchargement depuis le site Web du fournisseur ou de tierces parties). S'il est installé dans un répertoire différent du répertoire système de Windows, cliquez sur "Selectionner la bibliothèque" pour localiser la bibliothèque (par exemple dans le dossier d'installation du logiciel pour le jeton/carte installé). + Jeton de sécurité non trouvé.\n\nVeuillez-vous assurer que votre jeton de sécurité est relié à votre ordinateur et que le pilote de périphérique approprié pour votre jeton est installé. + Fichier clé du jeton de sécurité non trouvé. + Un fichier clé du jeton de sécurité de même nom existe déjà. + Voulez-vous effacer les fichiers sélectionnés ? + Le chemin du fichier clé du jeton de sécurité est invalide. + Erreur du jeton de sécurité. + Le mot de passe pour le jeton de sécurité est incorrect. + Le jeton de sécurité n'a pas assez de mémoire, d'espace pour effectuer l'opération demandée.\n\nSi vous essayez d'importer un fichier de clé, vous devez sélectionner un fichier plus petit ou utiliser un fichier clé généré par VeraCrypt (sélectionnez « Outils » > « Générateur de fichier clé »). + Toutes les sessions de jeton de sécurité ouvertes ont été fermées. + Sélectionnez les fichiers clés du jeton de sécurité + Connecteur + Nom du jeton + Nom du fichier + IMPORTANT : Veuillez noter que le mot de passe pour l'authentification de pré-amorçage est toujours tapé à l'aide de la disposition du clavier américain standard. Par conséquent, un volume qui utilise un mot de passe tapé à l'aide de toute autre type de clavier peut être impossible à monter à l'aide d'un mot de passe d'authentification de pré-amorçage (Notez que ce n'est pas un bug dans VeraCrypt). Pour permettre un tel volume de monter à l'aide d'un mot de passe d'authentification de pré-amorçage, procédez comme suit :\n1) Cliquez sur "Selectionner un fichier" ou "Sélectionner un périphérique" et sélectionnez le volume.\n2) Sélectionnez « Volume » > « Modifier le mot de passe de volume ».\n3) Entrez le mot de passe actuel pour le volume.\n4) Modifier la disposition du clavier à anglais (États-Unis) en cliquant sur l'icône de barre de langue dans la barre des tâches Windows et en sélectionnant « EN anglais (États-Unis) ».\n5) Dans VeraCrypt, dans le champ pour le nouveau mot de passe, tapez le mot de passe d'authentification de pré-amorçage.\n6) Confirmez le nouveau mot de passe en le retapant dans le champ de confirmation, puis cliquez sur 'OK'.\nAVERTISSEMENT : Gardez à l'esprit que si vous suivez ces étapes, le mot de passe de volume devra toujours être tapé à l'aide de la disposition du clavier américain (qui est automatiquement activé uniquement dans l'environnement de pré-amorçage). + Les volumes système préférés seront montés en utilisant le mot de passe d'authentification de pré-amorçage. Si un des volumes préférés du système utilise un mot de passe différent, il ne sera pas monté. + Notez que si vous avez besoin d'empêcher des actions normales sur un volume VeraCrypt (par exemple "Démonter tout", "Auto-démontage", etc.) d'affecter les volumes système préférés, vous devez activer l'option "Permettre aux seuls administrateurs d'afficher et de démonter les volumes système préférés dans VeraCrypt". En outre, lorsque VeraCrypt est exécuté sans privilèges d'administrateur (par défaut avec Windows Vista et les versions ultérieures), les volumes système préférés ne s'afficheront pas dans la liste de lettre de lecteur dans la fenêtre principale de l'application VeraCrypt. + IMPORTANT : Gardez à l'esprit que si cette option est activée et que VeraCrypt n'a pas de privilèges d'administrateur, les volumes système préférés montés ne sont pas affichés dans la fenêtre de l'application VeraCrypt et ils ne peuvent pas être démontés. Par conséquent, si vous avez besoin par exemple de démonter un volume système préféré, d'abord cliquez-droit sur l'icône VeraCrypt (dans le menu Démarrer) et sélectionnez « Exécuter en tant qu'administrateur ». La même restriction s'applique aux fonctions « Démonter tout », « Auto-démontage », les touches de raccourci « Démonter tout », etc. + Notez que ce paramètre prend effet uniquement après le redémarrage du système d'exploitation. + Erreur lors de l'analyse de ligne de commande. + Disque de secours + Sélectionner un &fichier et monter... + Sélectionner un &périphérique et monter... + Permettre seulement aux administrateurs d'afficher et de démonter les volumes système préférés dans VeraCrypt + Monter les volumes système préférés au démarrage de Windows (dans la phase initiale de la procédure de démarrage) + AVERTISSEMENT : Le système de fichiers sur le volume monté comme « %s » n'a pas été correctement démonté et peut donc contenir des erreurs. Utiliser un système de fichiers endommagé peut provoquer des pertes ou de la corruption de données.\n\nRemarque : Avant de retirer physiquement ou de désactiver un périphérique (tel qu'une clé USB ou un disque dur externe) sur lequel un volume monté de VeraCrypt réside, vous devriez toujours démonter le volume VeraCrypt avec VeraCrypt.\n\n\nVoulez-vous que Windows tente de détecter et de corriger les erreurs du système de fichiers ? + AVERTISSEMENT : Un ou plusieurs volumes système préférés n'ont pas été proprement démontés et peuvent donc contenir des erreurs de système de fichiers. Consultez le journal des événements système pour plus de détails.\n\nUtiliser un système de fichiers endommagé peut provoquer des pertes de données ou la corruption des données. Vous devriez vérifier le(s) volume(s) système préféré(s) affecté(s) pour trouver des erreurs (cliquez-droit sur chacun d'eux dans VeraCrypt et sélectionnez "Réparer le système de fichiers"). + AVERTISSEMENT : La réparation d'un système de fichiers endommagé à l'aide de l'outil « chkdsk » de Microsoft pourrait causer la perte des fichiers dans les zones endommagées. Par conséquent, il est recommandé que vous sauvegardiez d'abord les fichiers stockés sur le volume de VeraCrypt vers un autre volume VeraCrypt en bonne santé.\n\nVoulez-vous réparer le système de fichiers maintenant ? + Le volume « %s » a été monté en lecture seule car l'accès en écriture a été refusé.\n\nAssurez-vous que les autorisations de sécurité du conteneur de fichier vous permettent d'écrire dessus (cliquez-droit sur le conteneur, puis sélectionnez "Propriétés" > "sécurité").\n\nNotez qu'en raison d'un problème de Windows, vous pouvez voir cet avertissement même après la mise en place des autorisations de sécurité appropriées. Ceci n'est pas causé par un bogue dans VeraCrypt. Une solution possible est de déplacer votre conteneur par exemple dans le dossier « Documents ».\n\nSi vous souhaitez garder votre volume en lecture seule, définissez l'attribut lecture seule sur le conteneur (cliquez-droit sur le conteneur, puis sélectionnez "Propriétés" > "lecture seule"), cela supprimera cet avertissement. + Le volume « %s » a été monté en lecture seule parce que l'accès en écriture a été refusé.\n\nAssurez-vous qu'aucune autre application (par exemple un logiciel antivirus) n'accède à la partition/dispositif sur lequel est hébergé le volume. + Le volume « %s » a été monté en lecture seule parce que le système d'exploitation a signalé que l'appareil hôte est protégé en écriture.\n\nVeuillez noter que certains pilotes de chipset personnalisés peuvent faire apparaitre des médias enregistrables comme faussement protégés en écriture. Ce problème n'est pas causé par VeraCrypt. Il peut être résolu par la mise à jour ou la désinstallation des pilotes personnalisés (non Microsoft) des chipset qui sont actuellement installés sur ce système. + Notez que la technologie Hyper-Threading fournit plusieurs cœurs logiques pour un seul cœur physique. Quand l'Hyper-Threading est activé, le nombre sélectionné ci-dessus représente le nombre de processeurs/cœurs logiques. + %d unités d'exécution + Notez que l'accélération matérielle AES est désactivée, ce qui affectera les résultats des benchmarks (dégradation des performances).\n\nPour activer l'accélération matérielle, sélectionnez « Paramètres » > « Performance » et activer l'option correspondante. + Notez que le nombre d'unités d'exécution est actuellement limitée, ce qui affectera les résultats des benchmarks (dégradation des performances).\n\nPour exploiter pleinement le potentiel des processeurs, sélectionnez "Paramètres" > "Performance" et désactiver l'option correspondante. + Voulez-vous que VeraCrypt tente de désactiver la protection en écriture du disque ou de la partition ? + AVERTISSEMENT : Ce paramètre peut nuire aux performances.\n\nÊtes-vous certain de vouloir utiliser ce paramètre ? + AVERTISSEMENT: Volume VeraCrypt auto-démonté + Avant de retirer physiquement ou d'éteindre un appareil contenant un volume monté, vous devriez d'abord toujours démonter le volume dans VeraCrypt.\n\nLe démontage spontané inattendue est habituellement causé par un câble se déconnectant par intermittence, disques (rack), etc. + Ce volume a été créé par TrueCrypt %x.%x mais VeraCrypt supporte seulement les volumes TrueCrypt créés avec les version 6.x/7.x de TrueCrypt + Test + Fichier clé + Retour arrière + Tab + Effacer + Entrée + Pause + Ver. Maj. + Barre d'espace + Page précédente + Page suivante + Fin + Début + Flèche gauche + Flèche haute + Flèche droite + Flèche basse + Sélectionner une touche + Touche d'impression + Touche d'exécution + Impression écran + Insérer + Supprimer + Touche Applications + Veille + Verr. Num. + Arrêt défil. + Retour (navigateur) + Suivant (navigateur) + Actualiser (navigateur) + Arrêter (navigateur) + Rechercher (navigateur) + Favoris (navigateur) + Origine (navigateur) + Silence + Volume - + Volume + + Piste suivante + Piste précédente + Arrêter Média + Jouer/Pause + Touche démarrer courriel + Sélectionner touche Média + Application 1 + Application 2 + Attn + CrSel + ExSel + Jouer + Zoom + Pavé num. + Maj + Contrôle + Alt + Win + o + Ko + Mo + Go + To + Po + o/s + Ko/s + Mo/s + Go/s + To/s + Po/s + + Inclure le &PIM quand le mot de passe d'authentification de pré-amorçage est mis en cache + Inclure le PIM quand le mot de passe est mis en cache + Permettre d'utiliser les lecteurs réseaux déconnectés comme point de montage + Le mot de passe saisi est trop long: sa representation UTF-8 dépasse 64 octets. + Le mot de passe saisi contient des caractères Unicode qui n'ont pas pu être converti en UTF-8. + Erreur : Echec de chargement d'une librairie système. + La taille du volume spécifiée en ligne de commande n'est pas compatible avec exFAT. + Données aléatoires récoltées grâce aux mouvements de la souris + ID du volume: + ID du Volume + Utilier l'ID du volume pour monter le favoris + L'ID du volume est invalide + Aucun volume avec l'ID spécifié n'a été trouver sur le système + Copier la valeur vers le Presse-Papier... + Ne demander aucun PIM dans l'écran d'authentification de pré-amorçage. + AVERTISSEMENT : Gardez à l'esprit que si vous activez cette option, la valeur du PIM sera écrite non chiffrée sur le disk.\n\nÊtes-vous sûr que vous souhaitez activer cette option ? + La valeur maximale du PIM est 2147468. + Ne pas vérifier le disque de secours + Ne pas afficher la fenêtre d'attente lors de l'exécution des opérations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.hu.xml b/Translations/Language.hu.xml index d2e3b60b..92dd6477 100644 --- a/Translations/Language.hu.xml +++ b/Translations/Language.hu.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Mégsem - Install &for all users - Bro&wse... - Add VeraCrypt icon to &desktop - Donate now... - Associate the .hc file &extension with VeraCrypt - &Open the destination location when finished - VeraCrypt hozzáadása a &Start menühöz - Rendszer visszaállítási pont létrehozása - &Program eltávolítása - &Extract - &Install - VeraCrypt Setup Wizard - VeraCrypt eltávolítása - &Súgó - Please select or type the location where you want to place the extracted files: - Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. - Click Uninstall to remove VeraCrypt from this system. - Megszakít - &Benchmark - &Teszt - Create encrypted volume and format it - Encrypt partition in place - Display generated keys (their portions) - Display pool content - Download CD/DVD recording software - Create an encrypted file container - &GB - &TB - More information - Hi&dden VeraCrypt volume - More information about hidden volumes - Direct mode - Normal mode - &KB - U&se keyfiles - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - &Keyfiles... - Information on hash algorithms - More information - Information on PIM - &MB - More information - More information about system encryption - More information - Multi-boot - Encrypt a non-system partition/drive - &Never save history - Külső kötet megnyitása - &Pause - Use P&IM - Use PIM - Gyorsformázás - &Display password - &Display password - &Display PIM - Single-boot - Standard VeraCrypt volume - Hi&dden - Normal - Encrypt the system partition or entire system drive - Encrypt the Windows system partition - Encrypt the whole drive - VeraCrypt Volume Creation Wizard - Cluster - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. - &Megerősítés: - Kész - Drive letter: - Titkosítási Algoritmus - Fájlrendszer - Creates a virtual encrypted disk within a file. Recommended for inexperienced users. - Beállítások - Hash Algoritmus - Header Kulcs: - Bal - Master Kulcs: - Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - Current pool content (partial) - Pass - Jelszó: - Volume PIM: - Volume PIM: - Progress: - Random Pool: - Select this option if there is only one operating system installed on this computer (even if it has multiple users). - Sebesség - Status - The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. - Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Wipe mode: - Bezár - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - Ne csináljon semmit - &Auto-mount VeraCrypt volume (specified below) - VeraCrypt &indítása - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - Tallózás... - Tallózás... - Cache passwords and keyfil&es in memory - Lépjen ki ha nincs csatolt kötet - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - Tartalmazza a VeraCrypt Kötet Létrehozás Varázslót - Létrehoz - &Kötet létrehozása - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Kulcsfájlok használata - Kulcsfájlok használata - K&ilépés - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Hozzárendel - Eltávolít - Kulcsfájlok... - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - &Eszközök auto-csatolása - Mount Opti&ons... - Kötet csak &olvasható módú csatolása - Kulcsfájlok... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Engedélyezve - Jelszavak tárolása a driver memóriájában - Kötet leválasztása, ha adatot nem írtak/olvastak róla ennyi ideje: - Felhasználó kijelentkezik - User session locked - Energiatakarékos módba lépéskor - Képernyővédő elindulásakor - Auto-leválasztás akkor is ha a kötet nyitott fájlokat tartalmaz - Minden eszközön található VeraCrypt kötet csatolása - Start VeraCrypt Background Task - Kötetek csak olvasható csatolása - Kötetek csatolása cserélhető lemezként - Sikeresen csatolt kötet Explorerben való megnyitása - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Tárolt jelszavak törlése auto-leválasztáskor - Tárolt jelszavak törlése kilépéskor - Preserve modification timestamp of file containers - Reset - &Eszközt kiválaszt - &Fájl kiválasztása - Select &Library... - Display password - Display password - &Explorer ablak nyitása a csatolt kötethez - &Jelszó tárolása a driver memóriájában - TrueCrypt Mode - M&inden lecsatolása - &Kötet Tulajdonságok... - Kötet &Eszközök... - &Cache ürítés - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - Rendszer szintű gyorsgombok - VeraCrypt - Change Password or Keyfiles - VeraCrypt Kötet Jelszavának Megadása - VeraCrypt - Performance and Driver Options - VeraCrypt - Beállítások - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - VeraCrypt Traveler Disk Setup - VeraCrypt Kötet Tulajdonságok - Rólunk... - Add/Remove Keyfiles to/from Volume... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Backup Volume Header... - Benchmark... - Set Header Key Derivation Algorithm... - Kötet jelszó megváltoztatása... - Set Header Key Derivation Algorithm... - Change Password... - Kötet history törlése - Close All Security Token Sessions - Kapcsolat... - Create Hidden Operating System... - Create Rescue Disk... - Új kötet létrehozása... - Permanently Decrypt... - Alap. kulcsfájlok... - Default Mount Parameters... - Donate now... - Encrypt System Partition/Drive... - Gyakran Ismételt Kérdések - User's Guide - &Honlap - Gyors billentyűk... - Kulcsfájl Generátor - Nyelv... - Jogi Nyilatkozat - Manage Security Token Keyfiles... - Az eszközön levő összes kötet auto-cstolása - Kedvenc kötetek csatolása - Mount Without Pre-Boot &Authentication... - Kötet csatolása - Kötet csatolása beállításokkal - Hírek - Online Help - Beginner's Tutorial - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Permanently Decrypt System Partition/Drive - Beállítások... - Meghajtó betüjelek frissítése - Az összes kulcsfájl eltávolítása a kötetből... - Kötet fejrész visszaállítása... - Resume Interrupted Process - Eszköz választása... - Fájl kiválasztása... - Resume Interrupted Process - System Encryption... - Properties... - Settings... - System Favorite Volumes... - Letöltések - Test Vectors... - Security Tokens... - Traveler Disk Setup... - Az összes felcsatolt kötet leválasztása - Kötet leválasztása - Verify Rescue Disk - Verify Rescue Disk ISO Image - Verzió történet - Volume Expander - Kötet tulajdonságok - Kötet létrehozás varázsló - VeraCrypt Honlap - Tárolt jelszavak ürítése - OK - Hardware Acceleration - Shortcut - AutoRun konfiguráció (autorun.inf) - Auto-Leválasztás - Minden kötet lecsatolása ha: - Boot Loader Screen Options - Jelszó megerősítése: - Aktuális - Display this custom message in the pre-boot authentication screen (24 characters maximum): - Alapértelmezett csatolási beállítások - Gyorsgomb beállítások - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Fájl beállítások - Hozzárendelendő gomb: - Processor (CPU) in this computer supports hardware acceleration for AES: - Windowsba bejelentkezéskor elvégzendő műveletek - perc - Kötet csatolása mint ez a meghajtó betűjel: - Csatolási Beállítások - Új - Jelszó: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - Jelszó Cache - Security Options - VeraCrypt háttérben futó taszk - VeraCrypt volume to mount (relative to traveler disk root): - Upon insertion of traveler disk: - Create traveler disk files at (traveler disk root directory): - Kötet - Windows - Add &Path... - &Auto-Test All - &Continue - &Kikódol - &Delete - &Titkosít - &Export... - Kulcsfájl generálása és mentése... - &Generate Random Keyfile... - Download language pack - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - U&se keyfiles - &Kulcsfájlok... - &Remove - Remove &All - What is hidden volume protection? - More information on keyfiles - Kötet csatolása eltávolítható &médiaként - Mount partition &using system encryption without pre-boot authentication - Parallelization: - Benchmark - &Print - &Rejtett kötet védelme a külső kötetre történő írás miatt előfordulható sérüléstől - &Reset - &Display password - Add &Token Files... - Use backup header embedded in &volume if available - XTS mode - A VeraCrypt-ről - VeraCrypt - Titkosítási Algoritmus Sebességteszt - VeraCrypt - Test Vectors - Parancssoros súgó - VeraCrypt - Kulcsfájlok - VeraCrypt - Kulcsfájl Generátor - VeraCrypt - Nyelv - VeraCrypt - Csatolási Beállítások - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Partíció vagy Eszköz választása - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Aktív nyelvi csomag - A sebesség a CPU terheltségétől és a háttértár karakterisztikájától függ.\n\nEzek a tesztek a RAM-ban futnak. - Buffer méret: - Cipher: - J&elszó a rejtett kötethez:\n(ha üres, a cache lesz használva) - Rejtett-kötet védelem - Kulcs méret: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. - WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile! - bit - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Fordította: - Szöveg méret: - bit - Aktuális Pool tartalom - Mixing PRF: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Secondary key (hexadecimal) - Security token: - Rendezés módja: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Block number: - Titkosított szöveg (hexadecimális) - Data unit number (64-bit hexadecimal, data unit size is 512 bytes) - Kulcs (hexadecimális) - Szöveg (hexadecimális) - Keyfile name: - XTS mode - S&ystem - &Volumes - Favor&ites - T&ools - Settin&gs - &Help - Home&page - - &Rólunk... - The read-only attribute on your old volume could not be changed. Please check the file access permissions. - Hiba: Belépés megtagadva.\n\nA partíció amihez hozzá próbált hozzéférni vagy 0 szektor hosszú, vagy az a boot eszköz. - Administrator - In order to load the VeraCrypt driver, you need to be logged into an account with administrator privileges. - Please note that in order to encrypt, decrypt or format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes. - In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue? - Please note that in order to format the volume as NTFS you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT. - FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. - A kötet már fel van csatolva. - CAUTION: At least one encryption or hash algorithm failed the built-in automatic self-tests!\n\nVeraCrypt installation may be corrupted. - CAUTION: There is not enough data in the Random Number Generator pool to provide the requested amount of random data.\n\nYou should not proceed any further. Please select 'Report a Bug' from the Help menu, and report this error. - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Hibás meghajtó betüjel. - Invalid path. - Mégsem - Az eszköz nem hozzáférhető. Kérem bizonyosodjon meg róla, hogy a kiválasztott eszköz létezik és nincs használatban. - Figyelem: CapsLock bekapcsolva. Ez azt eredményezheti hogy hibásan irja be a jelszavát. - Volume Type - It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. - Select this option if you want to create a normal VeraCrypt volume. - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - Outer Volume Encryption Options - Rejtett kötet titkosításának beállításai - Titkosítási beállítások - WARNING: Failed to clear the path of the last selected volume/keyfile (remembered by file selector)! - Error: The container has been compressed at the filesystem level. VeraCrypt does not support compressed containers (note that compression of encrypted data is ineffective and redundant).\n\nPlease disable compression for the container by following these steps:\n1) Right-click the container in Windows Explorer (not in VeraCrypt).\n2) Select 'Properties'.\n3) In the 'Properties' dialog box, click 'Advanced'.\n4) In the 'Advanced Attributes' dialog box, disable the option 'Compress contents to save disk space' and click 'OK'.\n5) In the 'Properties' dialog box, click 'OK'. - Kötet létrehozás sikertelen: %s - Size of %s is %.2f bytes - Size of %s is %.2f KB - Size of %s is %.2f MB - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - WARNING: The device/partition is in use by the operating system or applications. Formatting the device/partition might cause data corruption and system instability.\n\nContinue? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - Error: The device/partition contains a file system that could not be dismounted. The file system may be in use by the operating system. Formatting the device/partition would very likely cause data corruption and system instability.\n\nTo solve this issue, we recommend that you first delete the partition and then recreate it without formatting. To do so, follow these steps:\n1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear.\n2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'.\n3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'.\n4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5.\n5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'.\n6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'.\n7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again.\n8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - WARNING: Some of the mounted devices/partitions were already in use!\n\nIgnoring this can cause undesired results including system instability.\n\nWe strongly recommend that you close any application that might be using the devices/partitions. - The selected device contains partitions.\n\nFormatting the device might cause system instability and/or data corruption. Please either select a partition on the device, or remove all partitions on the device to enable VeraCrypt to format it safely. - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Free space on drive %s is %.2f bytes. - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - Could not get available drive letters. - Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Error: Cipher initialization failure. - Error: A weak or a potentially weak key has been detected. The key will be discarded. Please try again. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt Critical Error - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Encrypt - &Decrypt - &Permanently Decrypt - Exit - Please create a logical drive for this extended partition, and then try again. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the VeraCrypt volume within which you wish to create a hidden volume. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - Error: Cannot mount volume. The host file/device is already in use. Attempt to mount without exclusive access failed as well. - A fájlt nem sikerült megnyitni. - Kötet helye - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Note: - &Resume - &Defer - &Start - &Continue - &Format - &Wipe - Formázás megszakítása? - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - The system partition/drive has been successfully decrypted. - \n\nThe VeraCrypt volume has been created and is ready for use. If you wish to create another VeraCrypt volume, click Next. Otherwise, click Exit. - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - The VeraCrypt volume has been successfully created. - Kötet elkészült - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. - Click Format to create the outer volume. For more information, please refer to the documentation. - Outer Volume Format - Hidden Volume Format - Volume Format - Adobe Reader (or a compatible tool) is necessary to view or print the VeraCrypt User's Guide. Adobe Reader (freeware) can be downloaded at: www.adobe.com\n\nDo you want to view the online documentation instead? - If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. - If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. - Volume Creation Mode - Hidden Volume Created - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - Outer volume has been successfully created and mounted as drive %hc:. To this volume you should now copy some sensitive-looking files that you actually do NOT want to hide. The files will be there for anyone forcing you to disclose your password. You will reveal only the password for this outer volume, not for the hidden one. The files that you really care about will be stored in the hidden volume, which will be created later on. When you finish copying, click Next. Do not dismount the volume.\n\nNote: After you click Next, cluster bitmap of the outer volume will be scanned to determine the size of uninterrupted area of free space whose end is aligned with the end of the volume. This area will accommodate the hidden volume, so it will limit its maximum possible size. Cluster bitmap scanning ensures that no data on the outer volume are overwritten by the hidden volume. - Outer Volume Contents - \n\nIn the next steps, you will set the options for the outer volume (within which the hidden volume will be created later on). - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - Outer Volume - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nThe volume cluster bitmap has been scanned and the maximum possible size of the hidden volume has been determined. In the next steps you will set the options, the size, and the password for the hidden volume. - Hidden Volume - The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - Your computer must be restarted.\n\nDo you want to restart it now? - An error occurred when obtaining the system encryption status. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Cannot initialize application components for system encryption. - Failed to initialize the random number generator!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Unable to initialize the application. Failed to register the Dialog class. - Error: Failed to load the Rich Edit system library. - VeraCrypt Volume Creation Wizard - Maximum possible hidden volume size for this volume is %.2f bytes. - Maximum possible hidden volume size for this volume is %.2f KB. - Maximum possible hidden volume size for this volume is %.2f MB. - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - Volume password/keyfiles cannot be changed while the volume is mounted. Please dismount the volume first. - The header key derivation algorithm cannot be changed while the volume is mounted. Please dismount the volume first. - &Mount - A newer version of VeraCrypt is required to mount this volume. - Error: Volume Creation Wizard not found.\n\nPlease make sure that the file 'VeraCrypt Format.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCrypt Format.exe' on your disk and run it. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Következő > - &Finish - &Install - E&xtract - Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. - Error occurred when loading/preparing fonts. - The drive letter was not found or no drive letter was specified. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Drive letter not available. - Nincs fájl kiválasztva! - No drive letters available. - No free drive letter for the outer volume! Volume creation cannot continue. - Could not determine your operating system version or you are using an unsupported operating system. - Nincs útvonal kiválasztva! - Not enough free space for the hidden volume! Volume creation cannot continue. - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - The driver is unable to dismount the volume. Some files located on the volume are probably still open. - Unable to lock the volume. There are still open files on the volume. Therefore, it cannot be dismounted. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - Válasszon ki egy VeraCrypt kötetet - Adja meg az útvonalat és a fájl nevet - Select PKCS #11 Library - Nincs több memória - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? - CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - Jelszó - PIM - Set Header Key Derivation Algorithm - Add/Remove Keyfiles to/from Volume - Remove All Keyfiles from Volume - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Keyfile(s) successfully added/removed. - Keyfile exported. - Header key derivation algorithm successfully set. - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. - Please choose a password for the hidden volume. - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - Please enter the password for the volume within which you wish to create a hidden volume.\n\nAfter you click Next, VeraCrypt will attempt to mount the volume. As soon as the volume is mounted, its cluster bitmap will be scanned to determine the size of the uninterrupted area of free space (if there is any) whose end is aligned with the end of the volume. This area will accommodate the hidden volume and therefore will limit its maximum possible size. Cluster map scanning is necessary to ensure that no data on the outer volume will be overwritten by the hidden volume. - \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - Outer Volume Password - Hidden Volume Password - Password for Hidden Operating System - WARNING: Short passwords are easy to crack using brute force techniques!\n\nWe recommend choosing a password consisting of 20 or more characters. Are you sure you want to use a short password? - Kötet jelszó - Hibás jelszó, vagy nem VeraCrypt kötet. - Incorrect keyfile(s) and/or password or not a VeraCrypt volume. - Wrong mount mode, incorrect password, or not a VeraCrypt volume. - Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. - Hibás jelszó, vagy nem találni a VeraCrypt kötet. - Incorrect keyfile(s)/password or no VeraCrypt volume found. - \n\nFigyelem: CapsLock bekapcsolva. Ez azt eredményezheti, hogy hibásan írja be a jelszavát. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Back - Unable to list raw devices installed on your system! - The volume '%s' exists, and is read-only. Are you sure you want to replace it? - Válasszon célkönyvtárat - Válasszon kulcsfájlt - Select a keyfile search path. WARNING: Note that only the path will be remembered, not the filenames! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Outer Volume Size - Hidden Volume Size - Please verify that the size of the selected device/partition shown above is correct and click Next. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Kötet méret - Dynamic - FIGYELEM: SELF-TEST SIKERTELEN! - Minden algoritmus önellenőrzése sikeres - The data unit number that you supplied is too long or short. - The secondary key that you supplied is too long or short. - The test ciphertext you have supplied is too long or short. - The test key you have supplied is too long or short. - The test plaintext you have supplied is too long or short. - Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt Traveler Disk - Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. - More information on %s - Ismeretlen - An unspecified or unknown error occurred (%d). - Néhány köteten használatban lévő fájlok vagy könyvtárak vannak.\n\nErőszakos leválasztás? - &Leválaszt - Leválasztás sikertelen! - A köteten használatban lévő fájlok vagy könyvtárak vannak.\n\nErőszakos leválasztás? - No volume is mounted to the specified drive letter. - A kötet amit csatolni szeretne már fel van csatolva. - Hiba lépett fel a kötet csatolása közben. - Hiba a köteten való pozícionálás közben. - Hiba: Hibás kötetméret. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt cannot change the password for a foreign volume. - Please select a free drive letter from the list. - Please select a mounted volume in the drive letter list. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Hiba: autorun.inf létrhozása nem sikerült - Error while processing keyfile! - Error processing keyfile path! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt does not support this operating system. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Hiba: Memória lefoglalása sikertelen. - Error: Could not retrieve value of performance counter. - Error: Bad volume format. - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - Legal Notices - Minden fájl - VeraCrypt Kötetek - Library Modules - NTFS formatting cannot continue. - Kötet csatolása sikertelen. - Kötet leválasztása sikertelen. - Windows failed to format the volume as NTFS.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). - Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? - Alapértelmezett - partition - PARTITION - Eszköz - device - DEVICE - Kötet - volume - VOLUME - Label - A kiválasztott cluster méret túl kicsi ehhez a kötet mérethez. Egy nagyobb cluster méret lesz használva helyette. - Error: Cannot get volume size!\n\nMake sure the selected volume is not being used by the system or an application. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. - Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. - Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). - Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. - Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. - Error: Cannot access the outer volume! Volume creation cannot continue. - Error: Cannot mount the outer volume! Volume creation cannot continue. - Error: Cannot get volume cluster bitmap! Volume creation cannot continue. - ABC szerinti/Kategorizált - Számított sebesség (Csökkenő) - Algoritmus - Titkosítás - Visszafejtés - Számít - Meghajtó - Méret - Titkosítási algoritmus - Encryption algorithm - Típus - Érték - Tulajdonság - Hely - byte - Rejtett - Külső - Normál - System - Hidden (system) - Csak olvasható - System drive - System drive (encrypting - %.2f%% done) - System drive (decrypting - %.2f%% done) - System drive (%.2f%% encrypted) - System partition - Hidden system partition - System partition (encrypting - %.2f%% done) - System partition (decrypting - %.2f%% done) - System partition (%.2f%% encrypted) - Igen (sérüléstől védett!) - Semmi - Primary Key Size - Secondary Key Size (XTS Mode) - Tweak Key Size (LRW Mode) - bit - Blokk Méret - PKCS-5 PRF - PKCS-5 Iteráció számláló - Kötet Létrehozva - Fejrészt utoljára módosítva - (%I64d napja) - Volume Format Version - Embedded Backup Header - VeraCrypt Boot Loader Version - Először elérhető - Removable Disk - Merevlemez - Változatlan - Autodetection - Wizard Mode - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Setup Options - Here you can set various options to control the installation process. - Installing - Please wait while VeraCrypt is being installed. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Extraction Options - Here you can set various options to control the extraction process. - Please wait while files are being extracted. - Files successfully extracted - All files have been successfully extracted to the destination location. - If the specified folder does not exist, it will be automatically created. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Do you want to view release notes for the current (latest stable) version of VeraCrypt? - If you have never used VeraCrypt before, we recommend that you read the chapter Beginner's Tutorial in the VeraCrypt User Guide. Do you want to view the tutorial? - Please select an action to perform from the following: - Repair/Reinstall - Upgrade - Uninstall - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - Installation failed. - Uninstallation failed. - This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). - Cannot write file %s - Extracting - Cannot read data from the package. - Cannot verify the integrity of this distribution package. - Extraction failed. - The installation has been rolled back. - VeraCrypt has been successfully installed. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt has been successfully uninstalled.\n\nClick 'Finish' to remove the VeraCrypt installer and the folder %s. Note that the folder will not be removed if it contains any files that were not installed by the VeraCrypt installer or created by VeraCrypt. - Removing VeraCrypt registry entries - Registry bejegyzés hozzáadása - Alkalmazás-specifikus adatok eltávolítása - Installing - Megállás - Eltávolítás - Ikon hozzáadása - Rendszervisszaállító pont létrehozása - Rendszervisszaállító pont létrehozása sikertelen! - Updating boot loader - Failed to install '%s'. %s\nDo you want to continue installing? - Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? - A telepítés befejeződött. - The folder '%s' could not be created - The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. - All VeraCrypt volumes must be dismounted before installing or uninstalling VeraCrypt. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - The installation of the registry entries has failed - The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. - Starting VeraCrypt device driver - Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). - Installing VeraCrypt device driver - Stopping VeraCrypt device driver - Uninstalling VeraCrypt device driver - Registration of the User Account Control support library failed. - Unregistration of the User Account Control support library failed. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - Error: Cannot display license. - Külső(!) - nap - óra - perc - s - Megnyit - Leválaszt - VeraCrypt mutatása - VeraCrypt elrejtése - Data Read since Mount - Data Written since Mount - Encrypted Portion - 100% (fully encrypted) - 0% (not encrypted) - %.3f%% - 100% - Waiting - Preparing - Resizing - Encrypting - Decrypting - Finalizing - Paused - Finished - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Adja meg a jelszót ehhez: %s - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - A kulcsfájl sikeresen létrehozva. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). - The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. - The VeraCrypt Rescue Disk has been successfully verified. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Error creating VeraCrypt Rescue Disk. - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Please dismount the volume before proceeding. - Error: Cannot set timer. - Fájlrendszer ellenőrzése - Fájlrendszer javítása - Add to Favorites... - Add to System Favorites... - P&roperties... - Hidden Volume Protected - N/A - Igen - Nem - Disabled - 1 - 2 or more - Mode of Operation - Label: - Size: - Path: - Drive Letter: - Error: Password must contain only ASCII characters.\n\nNon-ASCII characters in password might cause the volume to be impossible to mount when your system configuration changes.\n\nThe following characters are allowed:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Warning: Password contains non-ASCII characters. This may cause the volume to be impossible to mount when your system configuration changes.\n\nYou should replace all non-ASCII characters in the password with ASCII characters. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nThe following are ASCII characters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Honlap - WARNING: It appears that you have not applied any Service Pack to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows XP to which you did not apply Service Pack 1 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt. - WARNING: It appears that you have not applied Service Pack 3 or later to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows 2000 to which you did not apply Service Pack 3 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt.\n\nNote: You may also need to enable the 48-bit LBA support in the registry; for more information, see http://support.microsoft.com/kb/305098/EN-US - WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - WARNING: If you want to be able to add more data/files to the outer volume in future, you should consider choosing a smaller size for the hidden volume.\n\nAre you sure you want to continue with the size you specified? - No volume selected.\n\nClick 'Select Device' or 'Select File' to select a VeraCrypt volume. - No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. - WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? - Eszközök auto-csatolása - Mindent leválaszt - Wipe Cache - Dismount All & Wipe Cache - Minden kötet erőszakos leválasztása és a cache ürítése - Minden erőszakos leválasztása, cache ürítése és kilépés - Kedvenc kötetek csatolása - Mutassa/rejtse a fő VeraCrypt ablakot - (Kattintson ide és nyomjon meg egy gombot) - Esemény - Shortcut - Error: This shortcut is reserved. Please choose a different shortcut. - Error: Shortcut already in use. - WARNING: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - WARNING: If this option is disabled, volumes containing open files/directories will not be possible to auto-dismount.\n\nAre you sure you want to disable this option? - WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Exit? - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. - Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. - Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. - Error: Failed to interrupt the process of wiping. - Error: Failed to resume the process of encryption/decryption of the system partition/drive. - Error: Failed to start the process of wiping. - Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - WARNING: VeraCrypt Background Task is disabled. After you exit VeraCrypt, you will not be notified if damage to hidden volume is prevented.\n\nNote: You may shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nEnable VeraCrypt Background Task? - Nyelvi csomag verziója: %s - Checking the file system on the VeraCrypt volume mounted as %s... - Attempting to repair the file system on the VeraCrypt volume mounted as %s... - Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. - Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E - Please assign a drive letter to the partition/device before proceeding ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nNote that this is a requirement of the operating system. - Mount VeraCrypt volume - Dismount all VeraCrypt volumes - VeraCrypt failed to obtain Administrator privileges. - Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. - The feature is not supported on the version of the operating system you are currently using. - VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. - CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). - Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - Your system partition/drive appears to be fully encrypted. - VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). - As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - This algorithm is currently not supported for system encryption. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. - Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. - As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. - VeraCrypt prevented change of keyboard layout. - Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - Error: Cannot save system encryption settings. - Cannot initiate the system encryption pretest. - Cannot initiate the process of creation of the hidden operating system. - Wipe Mode - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - None (fastest) - 1-pass (random data) - 3-pass (US DoD 5220.22-M) - 7-pass (US DoD 5220.22-M) - 35-pass ("Gutmann") - 256-pass - Number of Operating Systems - WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Boot Drive - Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. - VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. - Number of System Drives - How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. - VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. - Multiple Systems on Single Drive - Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. - Non-Windows Boot Loader - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - Multi-Boot - VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - Detecting Hidden Sectors - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - Area to Encrypt - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Collecting Random Data - Keys Generated - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Rescue Disk Recording - Rescue Disk Created - System Encryption Pretest - Rescue Disk Verified - \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? - Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Pretest Completed - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - Do you want to cancel the system encryption pretest? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - The system partition/drive does not appear to be encrypted (neither partially nor fully). - Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. - An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. - Error: The process of encryption of the partition/drive has not been completed. It must be completed first. - Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - Error: Incorrect/invalid parameter. - You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? - Do you want to create a VeraCrypt file container instead? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Are you sure you want to permanently decrypt the system partition/drive? - CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Failed to upgrade the VeraCrypt Boot Loader. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. - Skip detection of hidden sectors (use the size reported by the operating system) - Try to detect hidden sectors again - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Rescue Disk - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Test - Keyfile - Backspace - Tab - Clear - Enter - Pause - Caps Lock - Spacebar - Page Up - Page Down - End - Home - Left Arrow - Up Arrow - Right Arrow - Down Arrow - Select Key - Print Key - Execute Key - Print Screen - Insert - Delete - Applications Key - Sleep - Num Lock - Scroll Lock - Browser Back - Browser Forward - Browser Refresh - Browser Stop - Browser Search - Browser Favorites - Browser Home - Mute - Volume Down - Volume Up - Next Track - Previous Track - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Application 1 - Application 2 - Attn - CrSel - ExSel - Play - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Mégsem + Install &for all users + Bro&wse... + Add VeraCrypt icon to &desktop + Donate now... + Associate the .hc file &extension with VeraCrypt + &Open the destination location when finished + VeraCrypt hozzáadása a &Start menühöz + Rendszer visszaállítási pont létrehozása + &Program eltávolítása + &Extract + &Install + VeraCrypt Setup Wizard + VeraCrypt eltávolítása + &Súgó + Please select or type the location where you want to place the extracted files: + Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. + Click Uninstall to remove VeraCrypt from this system. + Megszakít + &Benchmark + &Teszt + Create encrypted volume and format it + Encrypt partition in place + Display generated keys (their portions) + Display pool content + Download CD/DVD recording software + Create an encrypted file container + &GB + &TB + More information + Hi&dden VeraCrypt volume + More information about hidden volumes + Direct mode + Normal mode + &KB + U&se keyfiles + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + &Keyfiles... + Information on hash algorithms + More information + Information on PIM + &MB + More information + More information about system encryption + More information + Multi-boot + Encrypt a non-system partition/drive + &Never save history + Külső kötet megnyitása + &Pause + Use P&IM + Use PIM + Gyorsformázás + &Display password + &Display password + &Display PIM + Single-boot + Standard VeraCrypt volume + Hi&dden + Normal + Encrypt the system partition or entire system drive + Encrypt the Windows system partition + Encrypt the whole drive + VeraCrypt Volume Creation Wizard + Cluster + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. + &Megerősítés: + Kész + Drive letter: + Titkosítási Algoritmus + Fájlrendszer + Creates a virtual encrypted disk within a file. Recommended for inexperienced users. + Beállítások + Hash Algoritmus + Header Kulcs: + Bal + Master Kulcs: + Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + Current pool content (partial) + Pass + Jelszó: + Volume PIM: + Volume PIM: + Progress: + Random Pool: + Select this option if there is only one operating system installed on this computer (even if it has multiple users). + Sebesség + Status + The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. + Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Wipe mode: + Bezár + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + Ne csináljon semmit + &Auto-mount VeraCrypt volume (specified below) + VeraCrypt &indítása + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + Tallózás... + Tallózás... + Cache passwords and keyfil&es in memory + Lépjen ki ha nincs csatolt kötet + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + Tartalmazza a VeraCrypt Kötet Létrehozás Varázslót + Létrehoz + &Kötet létrehozása + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Kulcsfájlok használata + Kulcsfájlok használata + K&ilépés + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Hozzárendel + Eltávolít + Kulcsfájlok... + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + &Eszközök auto-csatolása + Mount Opti&ons... + Kötet csak &olvasható módú csatolása + Kulcsfájlok... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Engedélyezve + Jelszavak tárolása a driver memóriájában + Kötet leválasztása, ha adatot nem írtak/olvastak róla ennyi ideje: + Felhasználó kijelentkezik + User session locked + Energiatakarékos módba lépéskor + Képernyővédő elindulásakor + Auto-leválasztás akkor is ha a kötet nyitott fájlokat tartalmaz + Minden eszközön található VeraCrypt kötet csatolása + Start VeraCrypt Background Task + Kötetek csak olvasható csatolása + Kötetek csatolása cserélhető lemezként + Sikeresen csatolt kötet Explorerben való megnyitása + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Tárolt jelszavak törlése auto-leválasztáskor + Tárolt jelszavak törlése kilépéskor + Preserve modification timestamp of file containers + Reset + &Eszközt kiválaszt + &Fájl kiválasztása + Select &Library... + Display password + Display password + &Explorer ablak nyitása a csatolt kötethez + &Jelszó tárolása a driver memóriájában + TrueCrypt Mode + M&inden lecsatolása + &Kötet Tulajdonságok... + Kötet &Eszközök... + &Cache ürítés + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - Rendszer szintű gyorsgombok + VeraCrypt + Change Password or Keyfiles + VeraCrypt Kötet Jelszavának Megadása + VeraCrypt - Performance and Driver Options + VeraCrypt - Beállítások + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + VeraCrypt Traveler Disk Setup + VeraCrypt Kötet Tulajdonságok + Rólunk... + Add/Remove Keyfiles to/from Volume... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Backup Volume Header... + Benchmark... + Set Header Key Derivation Algorithm... + Kötet jelszó megváltoztatása... + Set Header Key Derivation Algorithm... + Change Password... + Kötet history törlése + Close All Security Token Sessions + Kapcsolat... + Create Hidden Operating System... + Create Rescue Disk... + Új kötet létrehozása... + Permanently Decrypt... + Alap. kulcsfájlok... + Default Mount Parameters... + Donate now... + Encrypt System Partition/Drive... + Gyakran Ismételt Kérdések + User's Guide + &Honlap + Gyors billentyűk... + Kulcsfájl Generátor + Nyelv... + Jogi Nyilatkozat + Manage Security Token Keyfiles... + Az eszközön levő összes kötet auto-cstolása + Kedvenc kötetek csatolása + Mount Without Pre-Boot &Authentication... + Kötet csatolása + Kötet csatolása beállításokkal + Hírek + Online Help + Beginner's Tutorial + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Permanently Decrypt System Partition/Drive + Beállítások... + Meghajtó betüjelek frissítése + Az összes kulcsfájl eltávolítása a kötetből... + Kötet fejrész visszaállítása... + Resume Interrupted Process + Eszköz választása... + Fájl kiválasztása... + Resume Interrupted Process + System Encryption... + Properties... + Settings... + System Favorite Volumes... + Letöltések + Test Vectors... + Security Tokens... + Traveler Disk Setup... + Az összes felcsatolt kötet leválasztása + Kötet leválasztása + Verify Rescue Disk + Verify Rescue Disk ISO Image + Verzió történet + Volume Expander + Kötet tulajdonságok + Kötet létrehozás varázsló + VeraCrypt Honlap + Tárolt jelszavak ürítése + OK + Hardware Acceleration + Shortcut + AutoRun konfiguráció (autorun.inf) + Auto-Leválasztás + Minden kötet lecsatolása ha: + Boot Loader Screen Options + Jelszó megerősítése: + Aktuális + Display this custom message in the pre-boot authentication screen (24 characters maximum): + Alapértelmezett csatolási beállítások + Gyorsgomb beállítások + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Fájl beállítások + Hozzárendelendő gomb: + Processor (CPU) in this computer supports hardware acceleration for AES: + Windowsba bejelentkezéskor elvégzendő műveletek + perc + Kötet csatolása mint ez a meghajtó betűjel: + Csatolási Beállítások + Új + Jelszó: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + Jelszó Cache + Security Options + VeraCrypt háttérben futó taszk + VeraCrypt volume to mount (relative to traveler disk root): + Upon insertion of traveler disk: + Create traveler disk files at (traveler disk root directory): + Kötet + Windows + Add &Path... + &Auto-Test All + &Continue + &Kikódol + &Delete + &Titkosít + &Export... + Kulcsfájl generálása és mentése... + &Generate Random Keyfile... + Download language pack + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + U&se keyfiles + &Kulcsfájlok... + &Remove + Remove &All + What is hidden volume protection? + More information on keyfiles + Kötet csatolása eltávolítható &médiaként + Mount partition &using system encryption without pre-boot authentication + Parallelization: + Benchmark + &Print + &Rejtett kötet védelme a külső kötetre történő írás miatt előfordulható sérüléstől + &Reset + &Display password + Add &Token Files... + Use backup header embedded in &volume if available + XTS mode + A VeraCrypt-ről + VeraCrypt - Titkosítási Algoritmus Sebességteszt + VeraCrypt - Test Vectors + Parancssoros súgó + VeraCrypt - Kulcsfájlok + VeraCrypt - Kulcsfájl Generátor + VeraCrypt - Nyelv + VeraCrypt - Csatolási Beállítások + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Partíció vagy Eszköz választása + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Aktív nyelvi csomag + A sebesség a CPU terheltségétől és a háttértár karakterisztikájától függ.\n\nEzek a tesztek a RAM-ban futnak. + Buffer méret: + Cipher: + J&elszó a rejtett kötethez:\n(ha üres, a cache lesz használva) + Rejtett-kötet védelem + Kulcs méret: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. + WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile! + bit + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Fordította: + Szöveg méret: + bit + Aktuális Pool tartalom + Mixing PRF: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Secondary key (hexadecimal) + Security token: + Rendezés módja: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Block number: + Titkosított szöveg (hexadecimális) + Data unit number (64-bit hexadecimal, data unit size is 512 bytes) + Kulcs (hexadecimális) + Szöveg (hexadecimális) + Keyfile name: + XTS mode + S&ystem + &Volumes + Favor&ites + T&ools + Settin&gs + &Help + Home&page + + &Rólunk... + The read-only attribute on your old volume could not be changed. Please check the file access permissions. + Hiba: Belépés megtagadva.\n\nA partíció amihez hozzá próbált hozzéférni vagy 0 szektor hosszú, vagy az a boot eszköz. + Administrator + In order to load the VeraCrypt driver, you need to be logged into an account with administrator privileges. + Please note that in order to encrypt, decrypt or format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes. + In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue? + Please note that in order to format the volume as NTFS you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT. + FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. + A kötet már fel van csatolva. + CAUTION: At least one encryption or hash algorithm failed the built-in automatic self-tests!\n\nVeraCrypt installation may be corrupted. + CAUTION: There is not enough data in the Random Number Generator pool to provide the requested amount of random data.\n\nYou should not proceed any further. Please select 'Report a Bug' from the Help menu, and report this error. + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Hibás meghajtó betüjel. + Invalid path. + Mégsem + Az eszköz nem hozzáférhető. Kérem bizonyosodjon meg róla, hogy a kiválasztott eszköz létezik és nincs használatban. + Figyelem: CapsLock bekapcsolva. Ez azt eredményezheti hogy hibásan irja be a jelszavát. + Volume Type + It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. + Select this option if you want to create a normal VeraCrypt volume. + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + Outer Volume Encryption Options + Rejtett kötet titkosításának beállításai + Titkosítási beállítások + WARNING: Failed to clear the path of the last selected volume/keyfile (remembered by file selector)! + Error: The container has been compressed at the filesystem level. VeraCrypt does not support compressed containers (note that compression of encrypted data is ineffective and redundant).\n\nPlease disable compression for the container by following these steps:\n1) Right-click the container in Windows Explorer (not in VeraCrypt).\n2) Select 'Properties'.\n3) In the 'Properties' dialog box, click 'Advanced'.\n4) In the 'Advanced Attributes' dialog box, disable the option 'Compress contents to save disk space' and click 'OK'.\n5) In the 'Properties' dialog box, click 'OK'. + Kötet létrehozás sikertelen: %s + Size of %s is %.2f bytes + Size of %s is %.2f KB + Size of %s is %.2f MB + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + WARNING: The device/partition is in use by the operating system or applications. Formatting the device/partition might cause data corruption and system instability.\n\nContinue? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + Error: The device/partition contains a file system that could not be dismounted. The file system may be in use by the operating system. Formatting the device/partition would very likely cause data corruption and system instability.\n\nTo solve this issue, we recommend that you first delete the partition and then recreate it without formatting. To do so, follow these steps:\n1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear.\n2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'.\n3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'.\n4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5.\n5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'.\n6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'.\n7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again.\n8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + WARNING: Some of the mounted devices/partitions were already in use!\n\nIgnoring this can cause undesired results including system instability.\n\nWe strongly recommend that you close any application that might be using the devices/partitions. + The selected device contains partitions.\n\nFormatting the device might cause system instability and/or data corruption. Please either select a partition on the device, or remove all partitions on the device to enable VeraCrypt to format it safely. + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Free space on drive %s is %.2f bytes. + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + Could not get available drive letters. + Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Error: Cipher initialization failure. + Error: A weak or a potentially weak key has been detected. The key will be discarded. Please try again. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt Critical Error + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Encrypt + &Decrypt + &Permanently Decrypt + Exit + Please create a logical drive for this extended partition, and then try again. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the VeraCrypt volume within which you wish to create a hidden volume. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + Error: Cannot mount volume. The host file/device is already in use. Attempt to mount without exclusive access failed as well. + A fájlt nem sikerült megnyitni. + Kötet helye + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Note: + &Resume + &Defer + &Start + &Continue + &Format + &Wipe + Formázás megszakítása? + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + The system partition/drive has been successfully decrypted. + \n\nThe VeraCrypt volume has been created and is ready for use. If you wish to create another VeraCrypt volume, click Next. Otherwise, click Exit. + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + The VeraCrypt volume has been successfully created. + Kötet elkészült + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. + Click Format to create the outer volume. For more information, please refer to the documentation. + Outer Volume Format + Hidden Volume Format + Volume Format + Adobe Reader (or a compatible tool) is necessary to view or print the VeraCrypt User's Guide. Adobe Reader (freeware) can be downloaded at: www.adobe.com\n\nDo you want to view the online documentation instead? + If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. + If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. + Volume Creation Mode + Hidden Volume Created + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + Outer volume has been successfully created and mounted as drive %hc:. To this volume you should now copy some sensitive-looking files that you actually do NOT want to hide. The files will be there for anyone forcing you to disclose your password. You will reveal only the password for this outer volume, not for the hidden one. The files that you really care about will be stored in the hidden volume, which will be created later on. When you finish copying, click Next. Do not dismount the volume.\n\nNote: After you click Next, cluster bitmap of the outer volume will be scanned to determine the size of uninterrupted area of free space whose end is aligned with the end of the volume. This area will accommodate the hidden volume, so it will limit its maximum possible size. Cluster bitmap scanning ensures that no data on the outer volume are overwritten by the hidden volume. + Outer Volume Contents + \n\nIn the next steps, you will set the options for the outer volume (within which the hidden volume will be created later on). + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + Outer Volume + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nThe volume cluster bitmap has been scanned and the maximum possible size of the hidden volume has been determined. In the next steps you will set the options, the size, and the password for the hidden volume. + Hidden Volume + The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + Your computer must be restarted.\n\nDo you want to restart it now? + An error occurred when obtaining the system encryption status. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Cannot initialize application components for system encryption. + Failed to initialize the random number generator!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Unable to initialize the application. Failed to register the Dialog class. + Error: Failed to load the Rich Edit system library. + VeraCrypt Volume Creation Wizard + Maximum possible hidden volume size for this volume is %.2f bytes. + Maximum possible hidden volume size for this volume is %.2f KB. + Maximum possible hidden volume size for this volume is %.2f MB. + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + Volume password/keyfiles cannot be changed while the volume is mounted. Please dismount the volume first. + The header key derivation algorithm cannot be changed while the volume is mounted. Please dismount the volume first. + &Mount + A newer version of VeraCrypt is required to mount this volume. + Error: Volume Creation Wizard not found.\n\nPlease make sure that the file 'VeraCrypt Format.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCrypt Format.exe' on your disk and run it. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Következő > + &Finish + &Install + E&xtract + Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. + Error occurred when loading/preparing fonts. + The drive letter was not found or no drive letter was specified. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Drive letter not available. + Nincs fájl kiválasztva! + No drive letters available. + No free drive letter for the outer volume! Volume creation cannot continue. + Could not determine your operating system version or you are using an unsupported operating system. + Nincs útvonal kiválasztva! + Not enough free space for the hidden volume! Volume creation cannot continue. + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + The driver is unable to dismount the volume. Some files located on the volume are probably still open. + Unable to lock the volume. There are still open files on the volume. Therefore, it cannot be dismounted. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + Válasszon ki egy VeraCrypt kötetet + Adja meg az útvonalat és a fájl nevet + Select PKCS #11 Library + Nincs több memória + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? + CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + Jelszó + PIM + Set Header Key Derivation Algorithm + Add/Remove Keyfiles to/from Volume + Remove All Keyfiles from Volume + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Keyfile(s) successfully added/removed. + Keyfile exported. + Header key derivation algorithm successfully set. + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. + Please choose a password for the hidden volume. + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + Please enter the password for the volume within which you wish to create a hidden volume.\n\nAfter you click Next, VeraCrypt will attempt to mount the volume. As soon as the volume is mounted, its cluster bitmap will be scanned to determine the size of the uninterrupted area of free space (if there is any) whose end is aligned with the end of the volume. This area will accommodate the hidden volume and therefore will limit its maximum possible size. Cluster map scanning is necessary to ensure that no data on the outer volume will be overwritten by the hidden volume. + \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + Outer Volume Password + Hidden Volume Password + Password for Hidden Operating System + WARNING: Short passwords are easy to crack using brute force techniques!\n\nWe recommend choosing a password consisting of 20 or more characters. Are you sure you want to use a short password? + Kötet jelszó + Hibás jelszó, vagy nem VeraCrypt kötet. + Incorrect keyfile(s) and/or password or not a VeraCrypt volume. + Wrong mount mode, incorrect password, or not a VeraCrypt volume. + Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. + Hibás jelszó, vagy nem találni a VeraCrypt kötet. + Incorrect keyfile(s)/password or no VeraCrypt volume found. + \n\nFigyelem: CapsLock bekapcsolva. Ez azt eredményezheti, hogy hibásan írja be a jelszavát. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Back + Unable to list raw devices installed on your system! + The volume '%s' exists, and is read-only. Are you sure you want to replace it? + Válasszon célkönyvtárat + Válasszon kulcsfájlt + Select a keyfile search path. WARNING: Note that only the path will be remembered, not the filenames! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Outer Volume Size + Hidden Volume Size + Please verify that the size of the selected device/partition shown above is correct and click Next. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Kötet méret + Dynamic + FIGYELEM: SELF-TEST SIKERTELEN! + Minden algoritmus önellenőrzése sikeres + The data unit number that you supplied is too long or short. + The secondary key that you supplied is too long or short. + The test ciphertext you have supplied is too long or short. + The test key you have supplied is too long or short. + The test plaintext you have supplied is too long or short. + Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt Traveler Disk + Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. + More information on %s + Ismeretlen + An unspecified or unknown error occurred (%d). + Néhány köteten használatban lévő fájlok vagy könyvtárak vannak.\n\nErőszakos leválasztás? + &Leválaszt + Leválasztás sikertelen! + A köteten használatban lévő fájlok vagy könyvtárak vannak.\n\nErőszakos leválasztás? + No volume is mounted to the specified drive letter. + A kötet amit csatolni szeretne már fel van csatolva. + Hiba lépett fel a kötet csatolása közben. + Hiba a köteten való pozícionálás közben. + Hiba: Hibás kötetméret. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt cannot change the password for a foreign volume. + Please select a free drive letter from the list. + Please select a mounted volume in the drive letter list. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Hiba: autorun.inf létrhozása nem sikerült + Error while processing keyfile! + Error processing keyfile path! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt does not support this operating system. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Hiba: Memória lefoglalása sikertelen. + Error: Could not retrieve value of performance counter. + Error: Bad volume format. + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - Legal Notices + Minden fájl + VeraCrypt Kötetek + Library Modules + NTFS formatting cannot continue. + Kötet csatolása sikertelen. + Kötet leválasztása sikertelen. + Windows failed to format the volume as NTFS.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). + Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? + Alapértelmezett + partition + PARTITION + Eszköz + device + DEVICE + Kötet + volume + VOLUME + Label + A kiválasztott cluster méret túl kicsi ehhez a kötet mérethez. Egy nagyobb cluster méret lesz használva helyette. + Error: Cannot get volume size!\n\nMake sure the selected volume is not being used by the system or an application. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. + Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. + Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). + Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. + Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. + Error: Cannot access the outer volume! Volume creation cannot continue. + Error: Cannot mount the outer volume! Volume creation cannot continue. + Error: Cannot get volume cluster bitmap! Volume creation cannot continue. + ABC szerinti/Kategorizált + Számított sebesség (Csökkenő) + Algoritmus + Titkosítás + Visszafejtés + Számít + Meghajtó + Méret + Titkosítási algoritmus + Encryption algorithm + Típus + Érték + Tulajdonság + Hely + byte + Rejtett + Külső + Normál + System + Hidden (system) + Csak olvasható + System drive + System drive (encrypting - %.2f%% done) + System drive (decrypting - %.2f%% done) + System drive (%.2f%% encrypted) + System partition + Hidden system partition + System partition (encrypting - %.2f%% done) + System partition (decrypting - %.2f%% done) + System partition (%.2f%% encrypted) + Igen (sérüléstől védett!) + Semmi + Primary Key Size + Secondary Key Size (XTS Mode) + Tweak Key Size (LRW Mode) + bit + Blokk Méret + PKCS-5 PRF + PKCS-5 Iteráció számláló + Kötet Létrehozva + Fejrészt utoljára módosítva + (%I64d napja) + Volume Format Version + Embedded Backup Header + VeraCrypt Boot Loader Version + Először elérhető + Removable Disk + Merevlemez + Változatlan + Autodetection + Wizard Mode + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Setup Options + Here you can set various options to control the installation process. + Installing + Please wait while VeraCrypt is being installed. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Extraction Options + Here you can set various options to control the extraction process. + Please wait while files are being extracted. + Files successfully extracted + All files have been successfully extracted to the destination location. + If the specified folder does not exist, it will be automatically created. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Do you want to view release notes for the current (latest stable) version of VeraCrypt? + If you have never used VeraCrypt before, we recommend that you read the chapter Beginner's Tutorial in the VeraCrypt User Guide. Do you want to view the tutorial? + Please select an action to perform from the following: + Repair/Reinstall + Upgrade + Uninstall + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + Installation failed. + Uninstallation failed. + This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). + Cannot write file %s + Extracting + Cannot read data from the package. + Cannot verify the integrity of this distribution package. + Extraction failed. + The installation has been rolled back. + VeraCrypt has been successfully installed. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt has been successfully uninstalled.\n\nClick 'Finish' to remove the VeraCrypt installer and the folder %s. Note that the folder will not be removed if it contains any files that were not installed by the VeraCrypt installer or created by VeraCrypt. + Removing VeraCrypt registry entries + Registry bejegyzés hozzáadása + Alkalmazás-specifikus adatok eltávolítása + Installing + Megállás + Eltávolítás + Ikon hozzáadása + Rendszervisszaállító pont létrehozása + Rendszervisszaállító pont létrehozása sikertelen! + Updating boot loader + Failed to install '%s'. %s\nDo you want to continue installing? + Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? + A telepítés befejeződött. + The folder '%s' could not be created + The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. + All VeraCrypt volumes must be dismounted before installing or uninstalling VeraCrypt. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + The installation of the registry entries has failed + The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. + Starting VeraCrypt device driver + Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). + Installing VeraCrypt device driver + Stopping VeraCrypt device driver + Uninstalling VeraCrypt device driver + Registration of the User Account Control support library failed. + Unregistration of the User Account Control support library failed. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + Error: Cannot display license. + Külső(!) + nap + óra + perc + s + Megnyit + Leválaszt + VeraCrypt mutatása + VeraCrypt elrejtése + Data Read since Mount + Data Written since Mount + Encrypted Portion + 100% (fully encrypted) + 0% (not encrypted) + %.3f%% + 100% + Waiting + Preparing + Resizing + Encrypting + Decrypting + Finalizing + Paused + Finished + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Adja meg a jelszót ehhez: %s + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + A kulcsfájl sikeresen létrehozva. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). + The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. + The VeraCrypt Rescue Disk has been successfully verified. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Error creating VeraCrypt Rescue Disk. + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Please dismount the volume before proceeding. + Error: Cannot set timer. + Fájlrendszer ellenőrzése + Fájlrendszer javítása + Add to Favorites... + Add to System Favorites... + P&roperties... + Hidden Volume Protected + N/A + Igen + Nem + Disabled + 1 + 2 or more + Mode of Operation + Label: + Size: + Path: + Drive Letter: + Error: Password must contain only ASCII characters.\n\nNon-ASCII characters in password might cause the volume to be impossible to mount when your system configuration changes.\n\nThe following characters are allowed:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Warning: Password contains non-ASCII characters. This may cause the volume to be impossible to mount when your system configuration changes.\n\nYou should replace all non-ASCII characters in the password with ASCII characters. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nThe following are ASCII characters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Honlap + WARNING: It appears that you have not applied any Service Pack to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows XP to which you did not apply Service Pack 1 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt. + WARNING: It appears that you have not applied Service Pack 3 or later to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows 2000 to which you did not apply Service Pack 3 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt.\n\nNote: You may also need to enable the 48-bit LBA support in the registry; for more information, see http://support.microsoft.com/kb/305098/EN-US + WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + WARNING: If you want to be able to add more data/files to the outer volume in future, you should consider choosing a smaller size for the hidden volume.\n\nAre you sure you want to continue with the size you specified? + No volume selected.\n\nClick 'Select Device' or 'Select File' to select a VeraCrypt volume. + No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. + WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? + Eszközök auto-csatolása + Mindent leválaszt + Wipe Cache + Dismount All & Wipe Cache + Minden kötet erőszakos leválasztása és a cache ürítése + Minden erőszakos leválasztása, cache ürítése és kilépés + Kedvenc kötetek csatolása + Mutassa/rejtse a fő VeraCrypt ablakot + (Kattintson ide és nyomjon meg egy gombot) + Esemény + Shortcut + Error: This shortcut is reserved. Please choose a different shortcut. + Error: Shortcut already in use. + WARNING: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + WARNING: If this option is disabled, volumes containing open files/directories will not be possible to auto-dismount.\n\nAre you sure you want to disable this option? + WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Exit? + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. + Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. + Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. + Error: Failed to interrupt the process of wiping. + Error: Failed to resume the process of encryption/decryption of the system partition/drive. + Error: Failed to start the process of wiping. + Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + WARNING: VeraCrypt Background Task is disabled. After you exit VeraCrypt, you will not be notified if damage to hidden volume is prevented.\n\nNote: You may shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nEnable VeraCrypt Background Task? + Nyelvi csomag verziója: %s + Checking the file system on the VeraCrypt volume mounted as %s... + Attempting to repair the file system on the VeraCrypt volume mounted as %s... + Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. + Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E + Please assign a drive letter to the partition/device before proceeding ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nNote that this is a requirement of the operating system. + Mount VeraCrypt volume + Dismount all VeraCrypt volumes + VeraCrypt failed to obtain Administrator privileges. + Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. + The feature is not supported on the version of the operating system you are currently using. + VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. + CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). + Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + Your system partition/drive appears to be fully encrypted. + VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). + As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + This algorithm is currently not supported for system encryption. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. + Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. + As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. + VeraCrypt prevented change of keyboard layout. + Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + Error: Cannot save system encryption settings. + Cannot initiate the system encryption pretest. + Cannot initiate the process of creation of the hidden operating system. + Wipe Mode + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + None (fastest) + 1-pass (random data) + 3-pass (US DoD 5220.22-M) + 7-pass (US DoD 5220.22-M) + 35-pass ("Gutmann") + 256-pass + Number of Operating Systems + WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Boot Drive + Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. + VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. + Number of System Drives + How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. + VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. + Multiple Systems on Single Drive + Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. + Non-Windows Boot Loader + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + Multi-Boot + VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + Detecting Hidden Sectors + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + Area to Encrypt + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Collecting Random Data + Keys Generated + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Rescue Disk Recording + Rescue Disk Created + System Encryption Pretest + Rescue Disk Verified + \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? + Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Pretest Completed + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + Do you want to cancel the system encryption pretest? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + The system partition/drive does not appear to be encrypted (neither partially nor fully). + Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. + An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. + Error: The process of encryption of the partition/drive has not been completed. It must be completed first. + Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + Error: Incorrect/invalid parameter. + You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? + Do you want to create a VeraCrypt file container instead? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Are you sure you want to permanently decrypt the system partition/drive? + CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Failed to upgrade the VeraCrypt Boot Loader. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. + Skip detection of hidden sectors (use the size reported by the operating system) + Try to detect hidden sectors again + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Rescue Disk + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Test + Keyfile + Backspace + Tab + Clear + Enter + Pause + Caps Lock + Spacebar + Page Up + Page Down + End + Home + Left Arrow + Up Arrow + Right Arrow + Down Arrow + Select Key + Print Key + Execute Key + Print Screen + Insert + Delete + Applications Key + Sleep + Num Lock + Scroll Lock + Browser Back + Browser Forward + Browser Refresh + Browser Stop + Browser Search + Browser Favorites + Browser Home + Mute + Volume Down + Volume Up + Next Track + Previous Track + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Application 1 + Application 2 + Attn + CrSel + ExSel + Play + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.id.xml b/Translations/Language.id.xml index 3f8fd191..217ce507 100644 --- a/Translations/Language.id.xml +++ b/Translations/Language.id.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Batal - Install &for all users - Bro&wse... - Add VeraCrypt icon to &desktop - Donate now... - Associate the .hc file &extension with VeraCrypt - &Open the destination location when finished - Add VeraCrypt to &Start menu - Create System &Restore point - &Uninstall - &Extract - &Install - VeraCrypt Setup Wizard - Uninstall VeraCrypt - &Bantuan - Please select or type the location where you want to place the extracted files: - Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. - Click Uninstall to remove VeraCrypt from this system. - Batal - &Benchmark - &Coba - Create encrypted volume and format it - Encrypt partition in place - Display generated keys (their portions) - Display pool content - Download CD/DVD recording software - Create an encrypted file container - &GB - &TB - More information - Hi&dden VeraCrypt volume - More information about hidden volumes - Direct mode - Normal mode - &KB - Gu&nakan file kunci - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - &File kunci.. - Information on hash algorithms - More information - Information on PIM - &MB - More information - More information about system encryption - More information - Multi-boot - Encrypt a non-system partition/drive - &Jangan simpan history - Buka volume luar - &Pause - Use P&IM - Use PIM - Format cepat - &Perlihatkan password - &Display password - &Display PIM - Single-boot - Standard VeraCrypt volume - Hi&dden - Normal - Encrypt the system partition or entire system drive - Encrypt the Windows system partition - Encrypt the whole drive - VeraCrypt Volume Creation Wizard - Cluster - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. - &Penegasan: - Selesai - Drive letter: - Algoritma pengacak - File system - Creates a virtual encrypted disk within a file. Recommended for inexperienced users. - Pilihan Pemformat - Hash Algoritma - Kunci Header: - Left - Kunci Utama: - Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - Current pool content (partial) - Pass - Password: - Volume PIM: - Volume PIM: - Progress: - Kumpulan acak: - Select this option if there is only one operating system installed on this computer (even if it has multiple users). - Kecepatan - Status - The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. - Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Wipe mode: - Close - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - Jangan buat apapun - S&ambung otomatis volume VeraCrypt (yang tertera dibawah ini) - &Start VeraCrypt - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - Cari folder... - Cari file... - Simpan password dan fil&e kunci di memory - Keluar jika tidak ada volume tersambung - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - Termasuk panduan pembuat volume VeraCrypt - Buat - &Buat Volume Baru - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Gunakan file kunci - Gunakan file kunci baru - T&utup - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Tentukan - Hapus - File kunci... - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - S&ambung otomatis - Pilih&an... - Sambung volume hanya bisa dibac&a - File kunci... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Bisa dijalankan - Simpan password pada driver memory - Tutup otomatis volume jika tidak ada data dibaca/ditulis setelah: - Pengguna keluar - User session locked - Dalam status hemat energi - Screensaver diaktifkan - Paksa pemutusan otomatis walau file atau direktori sedang terbuka - Sambung semua yang dari volume VeraCrypt - Start VeraCrypt Background Task - Sambung volume hanya bisa-baca - Sambung volume jadi media lepas-pasang - Buka jendela explorer dari volume yang berhasil disambung - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Bersihkan password tersimpan pada sambung otomatist - Bersihkan password tersimpan saat keluar - Preserve modification timestamp of file containers - Reset - Pilih T&empat... - Pilih &File... - Select &Library... - Tampilkan password - Tampilkan password - Buka jendela &Explorer untuk volume yang tersambung - &Simpan password pada driver memory - TrueCrypt Mode - Putu&skan semua - Profil &Volume... - Penga&turan volume... - Bersih&kan Simpanan - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - Kunci pintas Sistem - VeraCrypt - VeraCrypt - Change Password or Keyfiles - Masukkan password VeraCrypt Volume - VeraCrypt - Performance and Driver Options - Pengaturan - VeraCrypt - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - VeraCrypt Traveler Disk Setup - Profil volume VeraCrypt - Tentang... - Tambah/Hapus File kunci ke/dari Volume... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Backup Volume Header... - Penguji... - Set Header Kunci Asal Algoritma... - Ganti Password Volume... - Set Header Key Derivation Algorithm... - Change Password... - Hapus History Volume - Close All Security Token Sessions - Hubungi... - Create Hidden Operating System... - Create Rescue Disk... - Buat Volume Baru... - Permanently Decrypt... - File Kunci Dasar... - Default Mount Parameters... - Donate now... - Encrypt System Partition/Drive... - Pertanyaan yang sering diajukan - Panduan pemakai - &Homepage - Kunci Pintas... - Pembuat File kunci - Bahasa... - Peringatan Hukum - Manage Security Token Keyfiles... - Sambung otomatis semua tempat yang berasal dari volume - Sambung Volumes favorit - Mount Without Pre-Boot &Authentication... - Sambung Volume - Sambung Volume berikut pilihan - Berita - Pertolongan Online - Petunjuk untuk pemula - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Permanently Decrypt System Partition/Drive - Pengaturan... - Tampilkan Daftar Huruf Drive terbaru - Hapus semua file kunci dari Volume... - Kembalikan Volume Header... - Resume Interrupted Process - Pilih Tempat... - Pilih File... - Resume Interrupted Process - System Encryption... - Properties... - Settings... - System Favorite Volumes... - Downloads - Test Vektor... - Security Tokens... - Traveler Disk Setup... - Putuskan semua Volume yang tersambung - Putuskan Volume - Verify Rescue Disk - Verify Rescue Disk ISO Image - Sejarah... - Volume Expander - Profil Volume - Panduan pembuatan Volume - Halaman Web VeraCrypt - Hapus Passwords yang disimpan sementara - Setuju - Hardware Acceleration - Jalan pintas - Pengaturan menjalankan otomatis (autorun.inf) - Pemutusan otomatis - Putus semua saat: - Boot Loader Screen Options - Tegaskan password: - Terbaru - Display this custom message in the pre-boot authentication screen (24 characters maximum): - Pilihan sambungan dasar - Pengaturan Kunci Pintas - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Pengaturan File - Kunci ditetapkan untuk: - Processor (CPU) in this computer supports hardware acceleration for AES: - Aksi yang dilakukan sewaktu login Windows - menit - Sambung volume dengan huruf drive: - Setelan Sambungan - Baru - Password: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - Simpan sementara Passwordnya - Security Options - Daftar tugas belakang VeraCrypt - VeraCrypt volume to mount (relative to traveler disk root): - Upon insertion of traveler disk: - Create traveler disk files at (traveler disk root directory): - Volume - Windows - Add &Path... - &Auto-Test All - &Continue - &Decrypt - &Delete - &Encrypt - &Export... - Generate and Save Keyfile... - &Generate Random Keyfile... - Download language pack - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - U&se keyfiles - &Keyfiles... - &Remove - Remove &All - What is hidden volume protection? - More information on keyfiles - Sambung volume sebagai &media lepas pasang - Mount partition &using system encryption without pre-boot authentication - Parallelization: - Benchmark - &Print - Lindungi volume sembunyi dari kerusakan akibat &penulisan di volume luar - &Reset - Tampilkan Passwor&d - Add &Token Files... - Use backup header embedded in &volume if available - XTS mode - Tentang VeraCrypt - VeraCrypt - Encryption Algorithm Benchmark - VeraCrypt - Test Vectors - Command Line Help - VeraCrypt - Keyfiles - VeraCrypt - Keyfile Generator - Bahasa - VeraCrypt - Pilihan sambungan VeraCrypt - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Select a Partition or Device - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Set Bahasa yang aktif - Speed is affected by CPU load and storage device characteristics.\n\nThese tests take place in RAM. - Buffer Size: - Cipher: - P&assword untuk volume sembunyi:\n(jika kosong, simpanan yang dipakai) - Perlindungan volume sembunyi - Key size: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. - WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile! - bits - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Translated by: - Plaintext size: - bits - Current Pool Content - Mixing PRF: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Secondary key (hexadecimal) - Security token: - Sort Method: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Block number: - Ciphertext (hexadecimal) - Data unit number (64-bit hexadecimal, data unit size is 512 bytes) - Key (hexadecimal) - Plaintext (hexadecimal) - Keyfile name: - XTS mode - S&ystem - &Volume - Favor&ites - Perala&tan - Settin&gs - &Bantuan - Halaman &page - - &About... - The read-only attribute on your old volume could not be changed. Please check the file access permissions. - Error: Access denied.\n\nThe partition you are trying to access is either 0 sectors long, or it is the boot device. - Administrator - In order to load the VeraCrypt driver, you need to be logged into an account with administrator privileges. - Please note that in order to encrypt, decrypt or format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes. - In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue? - Please note that in order to format the volume as NTFS you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT. - FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. - Volume sudah tersambung - CAUTION: At least one encryption or hash algorithm failed the built-in automatic self-tests!\n\nVeraCrypt installation may be corrupted. - CAUTION: There is not enough data in the Random Number Generator pool to provide the requested amount of random data.\n\nYou should not proceed any further. Please select 'Report a Bug' from the Help menu, and report this error. - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Invalid drive letter. - Invalid path. - Cancel - Cannot access device. Make sure the selected device exists and is not used by system. - Warning: Caps Lock is on. This may cause you to enter your password incorrectly. - Volume Type - It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. - Select this option if you want to create a normal VeraCrypt volume. - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - Outer Volume Encryption Options - Hidden Volume Encryption Options - Encryption Options - WARNING: Failed to clear the path of the last selected volume/keyfile (remembered by file selector)! - Error: The container has been compressed at the filesystem level. VeraCrypt does not support compressed containers (note that compression of encrypted data is ineffective and redundant).\n\nPlease disable compression for the container by following these steps:\n1) Right-click the container in Windows Explorer (not in VeraCrypt).\n2) Select 'Properties'.\n3) In the 'Properties' dialog box, click 'Advanced'.\n4) In the 'Advanced Attributes' dialog box, disable the option 'Compress contents to save disk space' and click 'OK'.\n5) In the 'Properties' dialog box, click 'OK'. - Failed to create volume %s - Size of %s is %.2f bytes - Size of %s is %.2f KB - Size of %s is %.2f MB - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - WARNING: The device/partition is in use by the operating system or applications. Formatting the device/partition might cause data corruption and system instability.\n\nContinue? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - Error: The device/partition contains a file system that could not be dismounted. The file system may be in use by the operating system. Formatting the device/partition would very likely cause data corruption and system instability.\n\nTo solve this issue, we recommend that you first delete the partition and then recreate it without formatting. To do so, follow these steps:\n1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear.\n2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'.\n3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'.\n4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5.\n5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'.\n6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'.\n7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again.\n8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - WARNING: Some of the mounted devices/partitions were already in use!\n\nIgnoring this can cause undesired results including system instability.\n\nWe strongly recommend that you close any application that might be using the devices/partitions. - The selected device contains partitions.\n\nFormatting the device might cause system instability and/or data corruption. Please either select a partition on the device, or remove all partitions on the device to enable VeraCrypt to format it safely. - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Free space on drive %s is %.2f bytes. - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - Could not get available drive letters. - Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Error: Cipher initialization failure. - Error: A weak or a potentially weak key has been detected. The key will be discarded. Please try again. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt Critical Error - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Encrypt - &Decrypt - &Permanently Decrypt - Exit - Please create a logical drive for this extended partition, and then try again. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the VeraCrypt volume within which you wish to create a hidden volume. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - Error: Cannot mount volume. The host file/device is already in use. Attempt to mount without exclusive access failed as well. - The file could not be opened. - Lokasi volume - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Note: - &Resume - &Defer - &Start - &Continue - &Format - &Wipe - Batal diformat? - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - The system partition/drive has been successfully decrypted. - \n\nThe VeraCrypt volume has been created and is ready for use. If you wish to create another VeraCrypt volume, click Next. Otherwise, click Exit. - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - The VeraCrypt volume has been successfully created. - Volume Telah Dibuat - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. - Click Format to create the outer volume. For more information, please refer to the documentation. - Outer Volume Format - Hidden Volume Format - Volume Format - Adobe Reader (or a compatible tool) is necessary to view or print the VeraCrypt User's Guide. Adobe Reader (freeware) can be downloaded at: www.adobe.com\n\nDo you want to view the online documentation instead? - If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. - If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. - Volume Creation Mode - Hidden Volume Created - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - Outer volume has been successfully created and mounted as drive %hc:. To this volume you should now copy some sensitive-looking files that you actually do NOT want to hide. The files will be there for anyone forcing you to disclose your password. You will reveal only the password for this outer volume, not for the hidden one. The files that you really care about will be stored in the hidden volume, which will be created later on. When you finish copying, click Next. Do not dismount the volume.\n\nNote: After you click Next, cluster bitmap of the outer volume will be scanned to determine the size of uninterrupted area of free space whose end is aligned with the end of the volume. This area will accommodate the hidden volume, so it will limit its maximum possible size. Cluster bitmap scanning ensures that no data on the outer volume are overwritten by the hidden volume. - Outer Volume Contents - \n\nIn the next steps, you will set the options for the outer volume (within which the hidden volume will be created later on). - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - Outer Volume - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nThe volume cluster bitmap has been scanned and the maximum possible size of the hidden volume has been determined. In the next steps you will set the options, the size, and the password for the hidden volume. - Hidden Volume - The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - Your computer must be restarted.\n\nDo you want to restart it now? - An error occurred when obtaining the system encryption status. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Cannot initialize application components for system encryption. - Failed to initialize the random number generator! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Unable to initialize the application. Failed to register the Dialog class. - Error: Failed to load the Rich Edit system library. - VeraCrypt Volume Creation Wizard - Maximum possible hidden volume size for this volume is %.2f bytes. - Maximum possible hidden volume size for this volume is %.2f KB. - Maximum possible hidden volume size for this volume is %.2f MB. - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - Volume password/keyfiles cannot be changed while the volume is mounted. Please dismount the volume first. - The header key derivation algorithm cannot be changed while the volume is mounted. Please dismount the volume first. - Sa&mbung - A newer version of VeraCrypt is required to mount this volume. - Error: Volume Creation Wizard not found.\n\nPlease make sure that the file 'VeraCrypt Format.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCrypt Format.exe' on your disk and run it. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Next > - &Finish - &Install - E&xtract - Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. - Error occurred when loading/preparing fonts. - The drive letter was not found or no drive letter was specified. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Drive letter not available. - No file selected! - No drive letters available. - No free drive letter for the outer volume! Volume creation cannot continue. - Could not determine your operating system version or you are using an unsupported operating system. - No path selected! - Not enough free space for the hidden volume! Volume creation cannot continue. - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - The driver is unable to dismount the volume. Some files located on the volume are probably still open. - Unable to lock the volume. There are still open files on the volume. Therefore, it cannot be dismounted. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - Select a VeraCrypt Volume - Specify Path and File Name - Select PKCS #11 Library - Out of Memory - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? - CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - Password - PIM - Set Header Key Derivation Algorithm - Add/Remove Keyfiles to/from Volume - Remove All Keyfiles from Volume - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Keyfile(s) successfully added/removed. - Keyfile exported. - Header key derivation algorithm successfully set. - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. - Please choose a password for the hidden volume. - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - Please enter the password for the volume within which you wish to create a hidden volume.\n\nAfter you click Next, VeraCrypt will attempt to mount the volume. As soon as the volume is mounted, its cluster bitmap will be scanned to determine the size of the uninterrupted area of free space (if there is any) whose end is aligned with the end of the volume. This area will accommodate the hidden volume and therefore will limit its maximum possible size. Cluster map scanning is necessary to ensure that no data on the outer volume will be overwritten by the hidden volume. - \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - Outer Volume Password - Hidden Volume Password - Password for Hidden Operating System - WARNING: Short passwords are easy to crack using brute force techniques!\n\nWe recommend choosing a password consisting of 20 or more characters. Are you sure you want to use a short password? - Parssword Volume - Password salah atau bukan volume VeraCrypt. - Incorrect keyfile(s) and/or password or not a VeraCrypt volume. - Wrong mount mode, incorrect password, or not a VeraCrypt volume. - Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. - Password SALAH ! atau bukan volume VeraCrypt. - Incorrect keyfile(s)/password or no VeraCrypt volume found. - \n\nPeringatan: Caps Lock aktif !. Ini busa membuat password yang anda masukkan tidak tepat. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Back - Unable to list raw devices installed on your system! - The volume '%s' exists, and is read-only. Are you sure you want to replace it? - Select destination directory - Select Keyfile - Select a keyfile search path. WARNING: Note that only the path will be remembered, not the filenames! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Outer Volume Size - Hidden Volume Size - Please verify that the size of the selected device/partition shown above is correct and click Next. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Volume Size - Dynamic - CAUTION: SELF-TEST FAILED! - Self-tests of all algorithms passed - The data unit number that you supplied is too long or short. - The secondary key that you supplied is too long or short. - The test ciphertext you have supplied is too long or short. - The test key you have supplied is too long or short. - The test plaintext you have supplied is too long or short. - Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt Traveler Disk - Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. - More information on %s - Unknown - An unspecified or unknown error occurred (%d). - Some volumes contain files or folders being used by applications or system.\n\nForce dismount? - &Putuskan - Pemutusan gagal! - Volume contains files or folders being used by applications or system.\n\nForce dismount? - No volume is mounted to the specified drive letter. - The volume you are trying to mount is already mounted. - An error occurred when attempting to mount volume. - Error seeking location within volume. - Error: Incorrect volume size. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt cannot change the password for a foreign volume. - Pilih dahulu salah satu letter drive yang masih bebas - Please select a mounted volume in the drive letter list. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Error: Cannot create autorun.inf - Error while processing keyfile! - Error processing keyfile path! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt does not support this operating system. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Error: Cannot allocate memory. - Error: Could not retrieve value of performance counter. - Error: Bad volume format. - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - Legal Notices - All Files - VeraCrypt Volumes - Library Modules - NTFS formatting cannot continue. - Cannot mount volume. - Cannot dismount volume. - Windows failed to format the volume as NTFS.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). - Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? - Default - partition - PARTITION - Device - device - DEVICE - Volume - volume - VOLUME - Label - The selected cluster size is too small for this volume size. A greater cluster size will be used instead. - Error: Cannot get volume size!\n\nMake sure the selected volume is not being used by the system or an application. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. - Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. - Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). - Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. - Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. - Error: Cannot access the outer volume! Volume creation cannot continue. - Error: Cannot mount the outer volume! Volume creation cannot continue. - Error: Cannot get volume cluster bitmap! Volume creation cannot continue. - Alphabetical/Categorized - Mean Speed (Descending) - Algorithm - Encryption - Decryption - Mean - Drive - Size - Encryption Algorithm - Encryption algorithm - Type - Value - Property - Location - bytes - Hidden - Outer - Normal - System - Hidden (system) - Read-Only - System drive - System drive (encrypting - %.2f%% done) - System drive (decrypting - %.2f%% done) - System drive (%.2f%% encrypted) - System partition - Hidden system partition - System partition (encrypting - %.2f%% done) - System partition (decrypting - %.2f%% done) - System partition (%.2f%% encrypted) - Yes (damage prevented!) - None - Primary Key Size - Secondary Key Size (XTS Mode) - Tweak Key Size (LRW Mode) - bits - Block Size - PKCS-5 PRF - PKCS-5 Iteration Count - Volume Created - Header Last Modified - (%I64d days ago) - Volume Format Version - Embedded Backup Header - VeraCrypt Boot Loader Version - First available - Removable Disk - Harddisk - Unchanged - Autodetection - Wizard Mode - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Setup Options - Here you can set various options to control the installation process. - Installing - Please wait while VeraCrypt is being installed. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Extraction Options - Here you can set various options to control the extraction process. - Please wait while files are being extracted. - Files successfully extracted - All files have been successfully extracted to the destination location. - If the specified folder does not exist, it will be automatically created. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Do you want to view release notes for the current (latest stable) version of VeraCrypt? - If you have never used VeraCrypt before, we recommend that you read the chapter Beginner's Tutorial in the VeraCrypt User Guide. Do you want to view the tutorial? - Please select an action to perform from the following: - Repair/Reinstall - Upgrade - Uninstall - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - Installation failed. - Uninstallation failed. - This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). - Cannot write file %s - Extracting - Cannot read data from the package. - Cannot verify the integrity of this distribution package. - Extraction failed. - The installation has been rolled back. - VeraCrypt has been successfully installed. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt has been successfully uninstalled.\n\nClick 'Finish' to remove the VeraCrypt installer and the folder %s. Note that the folder will not be removed if it contains any files that were not installed by the VeraCrypt installer or created by VeraCrypt. - Removing VeraCrypt registry entries - Adding registry entry - Removing application-specific data - Installing - Stopping - Removing - Adding icon - Creating System Restore point - Failed to create System Restore point! - Updating boot loader - Failed to install '%s'. %s\nDo you want to continue installing? - Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? - Installation completed. - The folder '%s' could not be created - The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. - All VeraCrypt volumes must be dismounted before installing or uninstalling VeraCrypt. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - The installation of the registry entries has failed - The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. - Starting VeraCrypt device driver - Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). - Installing VeraCrypt device driver - Stopping VeraCrypt device driver - Uninstalling VeraCrypt device driver - Registration of the User Account Control support library failed. - Unregistration of the User Account Control support library failed. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - Error: Cannot display license. - Outer(!) - days - hours - minutes - s - Buka - Putuskan - Tampilkan VeraCrypt - SembunyikanVeraCrypt - Data Read since Mount - Data Written since Mount - Encrypted Portion - 100% (fully encrypted) - 0% (not encrypted) - %.3f%% - 100% - Waiting - Preparing - Resizing - Encrypting - Decrypting - Finalizing - Paused - Finished - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Masukkan password untuk %s - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - Keyfile has been successfully created. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). - The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. - The VeraCrypt Rescue Disk has been successfully verified. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Error creating VeraCrypt Rescue Disk. - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Please dismount the volume before proceeding. - Error: Cannot set timer. - Check Filesystem - Repair Filesystem - Add to Favorites... - Add to System Favorites... - P&roperties... - Hidden Volume Protected - N/A - Yes - No - Disabled - 1 - 2 or more - Mode of Operation - Label: - Size: - Path: - Drive Letter: - Error: Password must contain only ASCII characters.\n\nNon-ASCII characters in password might cause the volume to be impossible to mount when your system configuration changes.\n\nThe following characters are allowed:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Warning: Password contains non-ASCII characters. This may cause the volume to be impossible to mount when your system configuration changes.\n\nYou should replace all non-ASCII characters in the password with ASCII characters. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nThe following are ASCII characters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Homepage - WARNING: It appears that you have not applied any Service Pack to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows XP to which you did not apply Service Pack 1 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt. - WARNING: It appears that you have not applied Service Pack 3 or later to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows 2000 to which you did not apply Service Pack 3 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt.\n\nNote: You may also need to enable the 48-bit LBA support in the registry; for more information, see http://support.microsoft.com/kb/305098/EN-US - WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - WARNING: If you want to be able to add more data/files to the outer volume in future, you should consider choosing a smaller size for the hidden volume.\n\nAre you sure you want to continue with the size you specified? - No volume selected.\n\nClick 'Select Device' or 'Select File' to select a VeraCrypt volume. - No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. - WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? - Auto-Mount Devices - Dismount All - Wipe Cache - Dismount All & Wipe Cache - Force Dismount All & Wipe Cache - Force Dismount All, Wipe Cache & Exit - Mount Favorite Volumes - Show/Hide Main VeraCrypt Window - (Click here and press a key) - Action - Shortcut - Error: This shortcut is reserved. Please choose a different shortcut. - Error: Shortcut already in use. - WARNING: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - WARNING: If this option is disabled, volumes containing open files/directories will not be possible to auto-dismount.\n\nAre you sure you want to disable this option? - WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Exit? - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. - Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. - Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. - Error: Failed to interrupt the process of wiping. - Error: Failed to resume the process of encryption/decryption of the system partition/drive. - Error: Failed to start the process of wiping. - Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - WARNING: VeraCrypt Background Task is disabled. After you exit VeraCrypt, you will not be notified if damage to hidden volume is prevented.\n\nNote: You may shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nEnable VeraCrypt Background Task? - Language pack version: %s - Checking the file system on the VeraCrypt volume mounted as %s... - Attempting to repair the file system on the VeraCrypt volume mounted as %s... - Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. - Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E - Please assign a drive letter to the partition/device before proceeding ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nNote that this is a requirement of the operating system. - Mount VeraCrypt volume - Dismount all VeraCrypt volumes - VeraCrypt failed to obtain Administrator privileges. - Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. - The feature is not supported on the version of the operating system you are currently using. - VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. - CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). - Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - Your system partition/drive appears to be fully encrypted. - VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). - As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - This algorithm is currently not supported for system encryption. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. - Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. - As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. - VeraCrypt prevented change of keyboard layout. - Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - Error: Cannot save system encryption settings. - Cannot initiate the system encryption pretest. - Cannot initiate the process of creation of the hidden operating system. - Wipe Mode - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - None (fastest) - 1-pass (random data) - 3-pass (US DoD 5220.22-M) - 7-pass (US DoD 5220.22-M) - 35-pass ("Gutmann") - 256-pass - Number of Operating Systems - WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Boot Drive - Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. - VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. - Number of System Drives - How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. - VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. - Multiple Systems on Single Drive - Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. - Non-Windows Boot Loader - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - Multi-Boot - VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - Detecting Hidden Sectors - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - Area to Encrypt - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Collecting Random Data - Keys Generated - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Rescue Disk Recording - Rescue Disk Created - System Encryption Pretest - Rescue Disk Verified - \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? - Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Pretest Completed - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - Do you want to cancel the system encryption pretest? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - The system partition/drive does not appear to be encrypted (neither partially nor fully). - Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. - An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. - Error: The process of encryption of the partition/drive has not been completed. It must be completed first. - Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - Error: Incorrect/invalid parameter. - You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? - Do you want to create a VeraCrypt file container instead? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Are you sure you want to permanently decrypt the system partition/drive? - CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Failed to upgrade the VeraCrypt Boot Loader. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. - Skip detection of hidden sectors (use the size reported by the operating system) - Try to detect hidden sectors again - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Rescue Disk - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Test - Keyfile - Backspace - Tab - Clear - Enter - Pause - Caps Lock - Spacebar - Page Up - Page Down - End - Home - Left Arrow - Up Arrow - Right Arrow - Down Arrow - Select Key - Print Key - Execute Key - Print Screen - Insert - Delete - Applications Key - Sleep - Num Lock - Scroll Lock - Browser Back - Browser Forward - Browser Refresh - Browser Stop - Browser Search - Browser Favorites - Browser Home - Mute - Volume Down - Volume Up - Next Track - Previous Track - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Application 1 - Application 2 - Attn - CrSel - ExSel - Play - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Batal + Install &for all users + Bro&wse... + Add VeraCrypt icon to &desktop + Donate now... + Associate the .hc file &extension with VeraCrypt + &Open the destination location when finished + Add VeraCrypt to &Start menu + Create System &Restore point + &Uninstall + &Extract + &Install + VeraCrypt Setup Wizard + Uninstall VeraCrypt + &Bantuan + Please select or type the location where you want to place the extracted files: + Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. + Click Uninstall to remove VeraCrypt from this system. + Batal + &Benchmark + &Coba + Create encrypted volume and format it + Encrypt partition in place + Display generated keys (their portions) + Display pool content + Download CD/DVD recording software + Create an encrypted file container + &GB + &TB + More information + Hi&dden VeraCrypt volume + More information about hidden volumes + Direct mode + Normal mode + &KB + Gu&nakan file kunci + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + &File kunci.. + Information on hash algorithms + More information + Information on PIM + &MB + More information + More information about system encryption + More information + Multi-boot + Encrypt a non-system partition/drive + &Jangan simpan history + Buka volume luar + &Pause + Use P&IM + Use PIM + Format cepat + &Perlihatkan password + &Display password + &Display PIM + Single-boot + Standard VeraCrypt volume + Hi&dden + Normal + Encrypt the system partition or entire system drive + Encrypt the Windows system partition + Encrypt the whole drive + VeraCrypt Volume Creation Wizard + Cluster + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. + &Penegasan: + Selesai + Drive letter: + Algoritma pengacak + File system + Creates a virtual encrypted disk within a file. Recommended for inexperienced users. + Pilihan Pemformat + Hash Algoritma + Kunci Header: + Left + Kunci Utama: + Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + Current pool content (partial) + Pass + Password: + Volume PIM: + Volume PIM: + Progress: + Kumpulan acak: + Select this option if there is only one operating system installed on this computer (even if it has multiple users). + Kecepatan + Status + The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. + Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Wipe mode: + Close + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + Jangan buat apapun + S&ambung otomatis volume VeraCrypt (yang tertera dibawah ini) + &Start VeraCrypt + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + Cari folder... + Cari file... + Simpan password dan fil&e kunci di memory + Keluar jika tidak ada volume tersambung + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + Termasuk panduan pembuat volume VeraCrypt + Buat + &Buat Volume Baru + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Gunakan file kunci + Gunakan file kunci baru + T&utup + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Tentukan + Hapus + File kunci... + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + S&ambung otomatis + Pilih&an... + Sambung volume hanya bisa dibac&a + File kunci... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Bisa dijalankan + Simpan password pada driver memory + Tutup otomatis volume jika tidak ada data dibaca/ditulis setelah: + Pengguna keluar + User session locked + Dalam status hemat energi + Screensaver diaktifkan + Paksa pemutusan otomatis walau file atau direktori sedang terbuka + Sambung semua yang dari volume VeraCrypt + Start VeraCrypt Background Task + Sambung volume hanya bisa-baca + Sambung volume jadi media lepas-pasang + Buka jendela explorer dari volume yang berhasil disambung + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Bersihkan password tersimpan pada sambung otomatist + Bersihkan password tersimpan saat keluar + Preserve modification timestamp of file containers + Reset + Pilih T&empat... + Pilih &File... + Select &Library... + Tampilkan password + Tampilkan password + Buka jendela &Explorer untuk volume yang tersambung + &Simpan password pada driver memory + TrueCrypt Mode + Putu&skan semua + Profil &Volume... + Penga&turan volume... + Bersih&kan Simpanan + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + Kunci pintas Sistem - VeraCrypt + VeraCrypt + Change Password or Keyfiles + Masukkan password VeraCrypt Volume + VeraCrypt - Performance and Driver Options + Pengaturan - VeraCrypt + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + VeraCrypt Traveler Disk Setup + Profil volume VeraCrypt + Tentang... + Tambah/Hapus File kunci ke/dari Volume... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Backup Volume Header... + Penguji... + Set Header Kunci Asal Algoritma... + Ganti Password Volume... + Set Header Key Derivation Algorithm... + Change Password... + Hapus History Volume + Close All Security Token Sessions + Hubungi... + Create Hidden Operating System... + Create Rescue Disk... + Buat Volume Baru... + Permanently Decrypt... + File Kunci Dasar... + Default Mount Parameters... + Donate now... + Encrypt System Partition/Drive... + Pertanyaan yang sering diajukan + Panduan pemakai + &Homepage + Kunci Pintas... + Pembuat File kunci + Bahasa... + Peringatan Hukum + Manage Security Token Keyfiles... + Sambung otomatis semua tempat yang berasal dari volume + Sambung Volumes favorit + Mount Without Pre-Boot &Authentication... + Sambung Volume + Sambung Volume berikut pilihan + Berita + Pertolongan Online + Petunjuk untuk pemula + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Permanently Decrypt System Partition/Drive + Pengaturan... + Tampilkan Daftar Huruf Drive terbaru + Hapus semua file kunci dari Volume... + Kembalikan Volume Header... + Resume Interrupted Process + Pilih Tempat... + Pilih File... + Resume Interrupted Process + System Encryption... + Properties... + Settings... + System Favorite Volumes... + Downloads + Test Vektor... + Security Tokens... + Traveler Disk Setup... + Putuskan semua Volume yang tersambung + Putuskan Volume + Verify Rescue Disk + Verify Rescue Disk ISO Image + Sejarah... + Volume Expander + Profil Volume + Panduan pembuatan Volume + Halaman Web VeraCrypt + Hapus Passwords yang disimpan sementara + Setuju + Hardware Acceleration + Jalan pintas + Pengaturan menjalankan otomatis (autorun.inf) + Pemutusan otomatis + Putus semua saat: + Boot Loader Screen Options + Tegaskan password: + Terbaru + Display this custom message in the pre-boot authentication screen (24 characters maximum): + Pilihan sambungan dasar + Pengaturan Kunci Pintas + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Pengaturan File + Kunci ditetapkan untuk: + Processor (CPU) in this computer supports hardware acceleration for AES: + Aksi yang dilakukan sewaktu login Windows + menit + Sambung volume dengan huruf drive: + Setelan Sambungan + Baru + Password: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + Simpan sementara Passwordnya + Security Options + Daftar tugas belakang VeraCrypt + VeraCrypt volume to mount (relative to traveler disk root): + Upon insertion of traveler disk: + Create traveler disk files at (traveler disk root directory): + Volume + Windows + Add &Path... + &Auto-Test All + &Continue + &Decrypt + &Delete + &Encrypt + &Export... + Generate and Save Keyfile... + &Generate Random Keyfile... + Download language pack + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + U&se keyfiles + &Keyfiles... + &Remove + Remove &All + What is hidden volume protection? + More information on keyfiles + Sambung volume sebagai &media lepas pasang + Mount partition &using system encryption without pre-boot authentication + Parallelization: + Benchmark + &Print + Lindungi volume sembunyi dari kerusakan akibat &penulisan di volume luar + &Reset + Tampilkan Passwor&d + Add &Token Files... + Use backup header embedded in &volume if available + XTS mode + Tentang VeraCrypt + VeraCrypt - Encryption Algorithm Benchmark + VeraCrypt - Test Vectors + Command Line Help + VeraCrypt - Keyfiles + VeraCrypt - Keyfile Generator + Bahasa - VeraCrypt + Pilihan sambungan VeraCrypt + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Select a Partition or Device + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Set Bahasa yang aktif + Speed is affected by CPU load and storage device characteristics.\n\nThese tests take place in RAM. + Buffer Size: + Cipher: + P&assword untuk volume sembunyi:\n(jika kosong, simpanan yang dipakai) + Perlindungan volume sembunyi + Key size: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. + WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile! + bits + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Translated by: + Plaintext size: + bits + Current Pool Content + Mixing PRF: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Secondary key (hexadecimal) + Security token: + Sort Method: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Block number: + Ciphertext (hexadecimal) + Data unit number (64-bit hexadecimal, data unit size is 512 bytes) + Key (hexadecimal) + Plaintext (hexadecimal) + Keyfile name: + XTS mode + S&ystem + &Volume + Favor&ites + Perala&tan + Settin&gs + &Bantuan + Halaman &page + + &About... + The read-only attribute on your old volume could not be changed. Please check the file access permissions. + Error: Access denied.\n\nThe partition you are trying to access is either 0 sectors long, or it is the boot device. + Administrator + In order to load the VeraCrypt driver, you need to be logged into an account with administrator privileges. + Please note that in order to encrypt, decrypt or format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes. + In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue? + Please note that in order to format the volume as NTFS you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT. + FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. + Volume sudah tersambung + CAUTION: At least one encryption or hash algorithm failed the built-in automatic self-tests!\n\nVeraCrypt installation may be corrupted. + CAUTION: There is not enough data in the Random Number Generator pool to provide the requested amount of random data.\n\nYou should not proceed any further. Please select 'Report a Bug' from the Help menu, and report this error. + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Invalid drive letter. + Invalid path. + Cancel + Cannot access device. Make sure the selected device exists and is not used by system. + Warning: Caps Lock is on. This may cause you to enter your password incorrectly. + Volume Type + It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. + Select this option if you want to create a normal VeraCrypt volume. + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + Outer Volume Encryption Options + Hidden Volume Encryption Options + Encryption Options + WARNING: Failed to clear the path of the last selected volume/keyfile (remembered by file selector)! + Error: The container has been compressed at the filesystem level. VeraCrypt does not support compressed containers (note that compression of encrypted data is ineffective and redundant).\n\nPlease disable compression for the container by following these steps:\n1) Right-click the container in Windows Explorer (not in VeraCrypt).\n2) Select 'Properties'.\n3) In the 'Properties' dialog box, click 'Advanced'.\n4) In the 'Advanced Attributes' dialog box, disable the option 'Compress contents to save disk space' and click 'OK'.\n5) In the 'Properties' dialog box, click 'OK'. + Failed to create volume %s + Size of %s is %.2f bytes + Size of %s is %.2f KB + Size of %s is %.2f MB + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + WARNING: The device/partition is in use by the operating system or applications. Formatting the device/partition might cause data corruption and system instability.\n\nContinue? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + Error: The device/partition contains a file system that could not be dismounted. The file system may be in use by the operating system. Formatting the device/partition would very likely cause data corruption and system instability.\n\nTo solve this issue, we recommend that you first delete the partition and then recreate it without formatting. To do so, follow these steps:\n1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear.\n2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'.\n3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'.\n4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5.\n5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'.\n6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'.\n7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again.\n8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + WARNING: Some of the mounted devices/partitions were already in use!\n\nIgnoring this can cause undesired results including system instability.\n\nWe strongly recommend that you close any application that might be using the devices/partitions. + The selected device contains partitions.\n\nFormatting the device might cause system instability and/or data corruption. Please either select a partition on the device, or remove all partitions on the device to enable VeraCrypt to format it safely. + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Free space on drive %s is %.2f bytes. + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + Could not get available drive letters. + Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Error: Cipher initialization failure. + Error: A weak or a potentially weak key has been detected. The key will be discarded. Please try again. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt Critical Error + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Encrypt + &Decrypt + &Permanently Decrypt + Exit + Please create a logical drive for this extended partition, and then try again. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the VeraCrypt volume within which you wish to create a hidden volume. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + Error: Cannot mount volume. The host file/device is already in use. Attempt to mount without exclusive access failed as well. + The file could not be opened. + Lokasi volume + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Note: + &Resume + &Defer + &Start + &Continue + &Format + &Wipe + Batal diformat? + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + The system partition/drive has been successfully decrypted. + \n\nThe VeraCrypt volume has been created and is ready for use. If you wish to create another VeraCrypt volume, click Next. Otherwise, click Exit. + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + The VeraCrypt volume has been successfully created. + Volume Telah Dibuat + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. + Click Format to create the outer volume. For more information, please refer to the documentation. + Outer Volume Format + Hidden Volume Format + Volume Format + Adobe Reader (or a compatible tool) is necessary to view or print the VeraCrypt User's Guide. Adobe Reader (freeware) can be downloaded at: www.adobe.com\n\nDo you want to view the online documentation instead? + If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. + If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. + Volume Creation Mode + Hidden Volume Created + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + Outer volume has been successfully created and mounted as drive %hc:. To this volume you should now copy some sensitive-looking files that you actually do NOT want to hide. The files will be there for anyone forcing you to disclose your password. You will reveal only the password for this outer volume, not for the hidden one. The files that you really care about will be stored in the hidden volume, which will be created later on. When you finish copying, click Next. Do not dismount the volume.\n\nNote: After you click Next, cluster bitmap of the outer volume will be scanned to determine the size of uninterrupted area of free space whose end is aligned with the end of the volume. This area will accommodate the hidden volume, so it will limit its maximum possible size. Cluster bitmap scanning ensures that no data on the outer volume are overwritten by the hidden volume. + Outer Volume Contents + \n\nIn the next steps, you will set the options for the outer volume (within which the hidden volume will be created later on). + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + Outer Volume + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nThe volume cluster bitmap has been scanned and the maximum possible size of the hidden volume has been determined. In the next steps you will set the options, the size, and the password for the hidden volume. + Hidden Volume + The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + Your computer must be restarted.\n\nDo you want to restart it now? + An error occurred when obtaining the system encryption status. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Cannot initialize application components for system encryption. + Failed to initialize the random number generator! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Unable to initialize the application. Failed to register the Dialog class. + Error: Failed to load the Rich Edit system library. + VeraCrypt Volume Creation Wizard + Maximum possible hidden volume size for this volume is %.2f bytes. + Maximum possible hidden volume size for this volume is %.2f KB. + Maximum possible hidden volume size for this volume is %.2f MB. + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + Volume password/keyfiles cannot be changed while the volume is mounted. Please dismount the volume first. + The header key derivation algorithm cannot be changed while the volume is mounted. Please dismount the volume first. + Sa&mbung + A newer version of VeraCrypt is required to mount this volume. + Error: Volume Creation Wizard not found.\n\nPlease make sure that the file 'VeraCrypt Format.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCrypt Format.exe' on your disk and run it. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Next > + &Finish + &Install + E&xtract + Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. + Error occurred when loading/preparing fonts. + The drive letter was not found or no drive letter was specified. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Drive letter not available. + No file selected! + No drive letters available. + No free drive letter for the outer volume! Volume creation cannot continue. + Could not determine your operating system version or you are using an unsupported operating system. + No path selected! + Not enough free space for the hidden volume! Volume creation cannot continue. + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + The driver is unable to dismount the volume. Some files located on the volume are probably still open. + Unable to lock the volume. There are still open files on the volume. Therefore, it cannot be dismounted. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + Select a VeraCrypt Volume + Specify Path and File Name + Select PKCS #11 Library + Out of Memory + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? + CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + Password + PIM + Set Header Key Derivation Algorithm + Add/Remove Keyfiles to/from Volume + Remove All Keyfiles from Volume + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Keyfile(s) successfully added/removed. + Keyfile exported. + Header key derivation algorithm successfully set. + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. + Please choose a password for the hidden volume. + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + Please enter the password for the volume within which you wish to create a hidden volume.\n\nAfter you click Next, VeraCrypt will attempt to mount the volume. As soon as the volume is mounted, its cluster bitmap will be scanned to determine the size of the uninterrupted area of free space (if there is any) whose end is aligned with the end of the volume. This area will accommodate the hidden volume and therefore will limit its maximum possible size. Cluster map scanning is necessary to ensure that no data on the outer volume will be overwritten by the hidden volume. + \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + Outer Volume Password + Hidden Volume Password + Password for Hidden Operating System + WARNING: Short passwords are easy to crack using brute force techniques!\n\nWe recommend choosing a password consisting of 20 or more characters. Are you sure you want to use a short password? + Parssword Volume + Password salah atau bukan volume VeraCrypt. + Incorrect keyfile(s) and/or password or not a VeraCrypt volume. + Wrong mount mode, incorrect password, or not a VeraCrypt volume. + Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. + Password SALAH ! atau bukan volume VeraCrypt. + Incorrect keyfile(s)/password or no VeraCrypt volume found. + \n\nPeringatan: Caps Lock aktif !. Ini busa membuat password yang anda masukkan tidak tepat. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Back + Unable to list raw devices installed on your system! + The volume '%s' exists, and is read-only. Are you sure you want to replace it? + Select destination directory + Select Keyfile + Select a keyfile search path. WARNING: Note that only the path will be remembered, not the filenames! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Outer Volume Size + Hidden Volume Size + Please verify that the size of the selected device/partition shown above is correct and click Next. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Volume Size + Dynamic + CAUTION: SELF-TEST FAILED! + Self-tests of all algorithms passed + The data unit number that you supplied is too long or short. + The secondary key that you supplied is too long or short. + The test ciphertext you have supplied is too long or short. + The test key you have supplied is too long or short. + The test plaintext you have supplied is too long or short. + Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt Traveler Disk + Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. + More information on %s + Unknown + An unspecified or unknown error occurred (%d). + Some volumes contain files or folders being used by applications or system.\n\nForce dismount? + &Putuskan + Pemutusan gagal! + Volume contains files or folders being used by applications or system.\n\nForce dismount? + No volume is mounted to the specified drive letter. + The volume you are trying to mount is already mounted. + An error occurred when attempting to mount volume. + Error seeking location within volume. + Error: Incorrect volume size. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt cannot change the password for a foreign volume. + Pilih dahulu salah satu letter drive yang masih bebas + Please select a mounted volume in the drive letter list. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Error: Cannot create autorun.inf + Error while processing keyfile! + Error processing keyfile path! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt does not support this operating system. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Error: Cannot allocate memory. + Error: Could not retrieve value of performance counter. + Error: Bad volume format. + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - Legal Notices + All Files + VeraCrypt Volumes + Library Modules + NTFS formatting cannot continue. + Cannot mount volume. + Cannot dismount volume. + Windows failed to format the volume as NTFS.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). + Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? + Default + partition + PARTITION + Device + device + DEVICE + Volume + volume + VOLUME + Label + The selected cluster size is too small for this volume size. A greater cluster size will be used instead. + Error: Cannot get volume size!\n\nMake sure the selected volume is not being used by the system or an application. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. + Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. + Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). + Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. + Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. + Error: Cannot access the outer volume! Volume creation cannot continue. + Error: Cannot mount the outer volume! Volume creation cannot continue. + Error: Cannot get volume cluster bitmap! Volume creation cannot continue. + Alphabetical/Categorized + Mean Speed (Descending) + Algorithm + Encryption + Decryption + Mean + Drive + Size + Encryption Algorithm + Encryption algorithm + Type + Value + Property + Location + bytes + Hidden + Outer + Normal + System + Hidden (system) + Read-Only + System drive + System drive (encrypting - %.2f%% done) + System drive (decrypting - %.2f%% done) + System drive (%.2f%% encrypted) + System partition + Hidden system partition + System partition (encrypting - %.2f%% done) + System partition (decrypting - %.2f%% done) + System partition (%.2f%% encrypted) + Yes (damage prevented!) + None + Primary Key Size + Secondary Key Size (XTS Mode) + Tweak Key Size (LRW Mode) + bits + Block Size + PKCS-5 PRF + PKCS-5 Iteration Count + Volume Created + Header Last Modified + (%I64d days ago) + Volume Format Version + Embedded Backup Header + VeraCrypt Boot Loader Version + First available + Removable Disk + Harddisk + Unchanged + Autodetection + Wizard Mode + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Setup Options + Here you can set various options to control the installation process. + Installing + Please wait while VeraCrypt is being installed. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Extraction Options + Here you can set various options to control the extraction process. + Please wait while files are being extracted. + Files successfully extracted + All files have been successfully extracted to the destination location. + If the specified folder does not exist, it will be automatically created. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Do you want to view release notes for the current (latest stable) version of VeraCrypt? + If you have never used VeraCrypt before, we recommend that you read the chapter Beginner's Tutorial in the VeraCrypt User Guide. Do you want to view the tutorial? + Please select an action to perform from the following: + Repair/Reinstall + Upgrade + Uninstall + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + Installation failed. + Uninstallation failed. + This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). + Cannot write file %s + Extracting + Cannot read data from the package. + Cannot verify the integrity of this distribution package. + Extraction failed. + The installation has been rolled back. + VeraCrypt has been successfully installed. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt has been successfully uninstalled.\n\nClick 'Finish' to remove the VeraCrypt installer and the folder %s. Note that the folder will not be removed if it contains any files that were not installed by the VeraCrypt installer or created by VeraCrypt. + Removing VeraCrypt registry entries + Adding registry entry + Removing application-specific data + Installing + Stopping + Removing + Adding icon + Creating System Restore point + Failed to create System Restore point! + Updating boot loader + Failed to install '%s'. %s\nDo you want to continue installing? + Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? + Installation completed. + The folder '%s' could not be created + The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. + All VeraCrypt volumes must be dismounted before installing or uninstalling VeraCrypt. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + The installation of the registry entries has failed + The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. + Starting VeraCrypt device driver + Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). + Installing VeraCrypt device driver + Stopping VeraCrypt device driver + Uninstalling VeraCrypt device driver + Registration of the User Account Control support library failed. + Unregistration of the User Account Control support library failed. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + Error: Cannot display license. + Outer(!) + days + hours + minutes + s + Buka + Putuskan + Tampilkan VeraCrypt + SembunyikanVeraCrypt + Data Read since Mount + Data Written since Mount + Encrypted Portion + 100% (fully encrypted) + 0% (not encrypted) + %.3f%% + 100% + Waiting + Preparing + Resizing + Encrypting + Decrypting + Finalizing + Paused + Finished + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Masukkan password untuk %s + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + Keyfile has been successfully created. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). + The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. + The VeraCrypt Rescue Disk has been successfully verified. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Error creating VeraCrypt Rescue Disk. + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Please dismount the volume before proceeding. + Error: Cannot set timer. + Check Filesystem + Repair Filesystem + Add to Favorites... + Add to System Favorites... + P&roperties... + Hidden Volume Protected + N/A + Yes + No + Disabled + 1 + 2 or more + Mode of Operation + Label: + Size: + Path: + Drive Letter: + Error: Password must contain only ASCII characters.\n\nNon-ASCII characters in password might cause the volume to be impossible to mount when your system configuration changes.\n\nThe following characters are allowed:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Warning: Password contains non-ASCII characters. This may cause the volume to be impossible to mount when your system configuration changes.\n\nYou should replace all non-ASCII characters in the password with ASCII characters. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nThe following are ASCII characters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Homepage + WARNING: It appears that you have not applied any Service Pack to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows XP to which you did not apply Service Pack 1 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt. + WARNING: It appears that you have not applied Service Pack 3 or later to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows 2000 to which you did not apply Service Pack 3 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt.\n\nNote: You may also need to enable the 48-bit LBA support in the registry; for more information, see http://support.microsoft.com/kb/305098/EN-US + WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + WARNING: If you want to be able to add more data/files to the outer volume in future, you should consider choosing a smaller size for the hidden volume.\n\nAre you sure you want to continue with the size you specified? + No volume selected.\n\nClick 'Select Device' or 'Select File' to select a VeraCrypt volume. + No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. + WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? + Auto-Mount Devices + Dismount All + Wipe Cache + Dismount All & Wipe Cache + Force Dismount All & Wipe Cache + Force Dismount All, Wipe Cache & Exit + Mount Favorite Volumes + Show/Hide Main VeraCrypt Window + (Click here and press a key) + Action + Shortcut + Error: This shortcut is reserved. Please choose a different shortcut. + Error: Shortcut already in use. + WARNING: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + WARNING: If this option is disabled, volumes containing open files/directories will not be possible to auto-dismount.\n\nAre you sure you want to disable this option? + WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Exit? + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. + Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. + Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. + Error: Failed to interrupt the process of wiping. + Error: Failed to resume the process of encryption/decryption of the system partition/drive. + Error: Failed to start the process of wiping. + Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + WARNING: VeraCrypt Background Task is disabled. After you exit VeraCrypt, you will not be notified if damage to hidden volume is prevented.\n\nNote: You may shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nEnable VeraCrypt Background Task? + Language pack version: %s + Checking the file system on the VeraCrypt volume mounted as %s... + Attempting to repair the file system on the VeraCrypt volume mounted as %s... + Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. + Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E + Please assign a drive letter to the partition/device before proceeding ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nNote that this is a requirement of the operating system. + Mount VeraCrypt volume + Dismount all VeraCrypt volumes + VeraCrypt failed to obtain Administrator privileges. + Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. + The feature is not supported on the version of the operating system you are currently using. + VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. + CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). + Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + Your system partition/drive appears to be fully encrypted. + VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). + As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + This algorithm is currently not supported for system encryption. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. + Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. + As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. + VeraCrypt prevented change of keyboard layout. + Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + Error: Cannot save system encryption settings. + Cannot initiate the system encryption pretest. + Cannot initiate the process of creation of the hidden operating system. + Wipe Mode + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + None (fastest) + 1-pass (random data) + 3-pass (US DoD 5220.22-M) + 7-pass (US DoD 5220.22-M) + 35-pass ("Gutmann") + 256-pass + Number of Operating Systems + WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Boot Drive + Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. + VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. + Number of System Drives + How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. + VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. + Multiple Systems on Single Drive + Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. + Non-Windows Boot Loader + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + Multi-Boot + VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + Detecting Hidden Sectors + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + Area to Encrypt + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Collecting Random Data + Keys Generated + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Rescue Disk Recording + Rescue Disk Created + System Encryption Pretest + Rescue Disk Verified + \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? + Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Pretest Completed + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + Do you want to cancel the system encryption pretest? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + The system partition/drive does not appear to be encrypted (neither partially nor fully). + Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. + An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. + Error: The process of encryption of the partition/drive has not been completed. It must be completed first. + Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + Error: Incorrect/invalid parameter. + You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? + Do you want to create a VeraCrypt file container instead? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Are you sure you want to permanently decrypt the system partition/drive? + CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Failed to upgrade the VeraCrypt Boot Loader. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. + Skip detection of hidden sectors (use the size reported by the operating system) + Try to detect hidden sectors again + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Rescue Disk + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Test + Keyfile + Backspace + Tab + Clear + Enter + Pause + Caps Lock + Spacebar + Page Up + Page Down + End + Home + Left Arrow + Up Arrow + Right Arrow + Down Arrow + Select Key + Print Key + Execute Key + Print Screen + Insert + Delete + Applications Key + Sleep + Num Lock + Scroll Lock + Browser Back + Browser Forward + Browser Refresh + Browser Stop + Browser Search + Browser Favorites + Browser Home + Mute + Volume Down + Volume Up + Next Track + Previous Track + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Application 1 + Application 2 + Attn + CrSel + ExSel + Play + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.it.xml b/Translations/Language.it.xml index 0ee25d84..0ab5a3f7 100644 --- a/Translations/Language.it.xml +++ b/Translations/Language.it.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Annulla - Install&a per tutti gli utenti - Sfo&glia... - Aggiungi icona di VeraCrypt al &desktop - Donazione... - Associa i file con estensione .hc & con VeraCrypt - &Apri la posizione di destinazione quando terminato - Aggiungi VeraCrypt al menu &di avvio - Crea punto di &ripristino del sistema - &Disinstalla - &Estrai - &Installa - Assistente installazione di VeraCrypt - Disinstalla VeraCrypt - Guida - Selezionare o digitare la posizione dove volete salvare i file estratti: - Selezionare o digitare la posizione dove volete installare i file di programma di VeraCrypt. Se la directory specificata non esiste, sarà creata automaticamente. - Fare click su Disinstalla per rimuovere VeraCrypt da questo sistema. - Interrompi - &Comportamento - Testata - Crea e formatta volume criptato - Codifica la partizione sul posto - Mostra le chiavi generate (loro porzioni) - Mostra il contenuto del pool - Scarica il software di registrazione CD/DVD - Crea un file contenitore criptato - &GB - &TB - Altre informazioni - Volume VeraCrypt nascosto - Altre informazioni sui volumi ignoti - Modo diretto - Modo normale - KB - Usa file chiave - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - File chiave... - Info sugli algoritmi confusione - Altre informazioni - Information on PIM - MB - Altre informazioni - Altre informazioni sulla codifica di sistema - Altre informazioni - Avvio multiplo - Codifica una partizione/disco non di sistema - Non salvare la cronologia - Apri il volume esterno - &Pausa - Use P&IM - Use PIM - Formattazione rapida - Mostra password - &Mostra password - &Display PIM - Boot singolo - Volume VeraCrypt standard - nascosto - Normale - Codifica la partizione o tutto il disco di sistema - Codifica la partizione di sistema di Windows - Codifica l'intero disco - Creazione guidata volume di VeraCrypt - Cluster - IMPORTANTE: Muovere il vostro mouse il più casualmente possibile entro questa finestra. E' preferibile un movimento più lungo perchè aumenta in modo significativo l'effetto delle chiavi di codifica. Quindi fate click su Avanti per continure - Conferma: - Fatto - Drive letter: - Algoritmo di codifica - File system - Crea un disco virtuale criptato all'interno di un file. Raccomandato per utenti inesperti. - Opzioni - Algoritmo di confusione - Chiave primaria: - Rimane - Chiave principale: - Selezionare questa opzione se esistono due o più sistemi operativi installati su questo computer.\n\nPer esempio:\n- Windows XP e Windows XP\n- Windows XP e Windows Vista\n- Windows e Mac OS X\n- Windows e Linux\n- Windows, Linux e Mac OS X - Codifica una partizione non di sistema o qualsiasi disco interno o esterno (es. un flash drive). Eventualmente crea un volume nascosto. - Contenuto del pool corrente (parziale) - Passo - Password: - Volume PIM: - Volume PIM: - Progresso: - Pool casuale: - Selezionare questa opzione se esiste solo un sistema operativo installato su questo computer (anche se esso ha multipli utenti). - Velocità - Stato - Le chiavi, i valori ed altri dati sono stati generati con successo. Se volete generare nuove chiavi fate click su Indietro, altrimenti su Avanti per proseguire. - Codifica la partizione/disco dove Windows è installato. Chi vuole avere l'accesso ed usare il sistema, leggere e scrivere file, ecc, deve digitare ogni volta la password corretta prima dell'avvio di Windows. In alternativa, crea un sistema nascosto. - Selezionare questa opzione per cifrare la partizione dove è installato il sistema operativo Windows attualmente in esecuzione. - Volume Label in Windows: - Modo di pulizia: - Chiudi - Consente di saltare l'autenticazione di &pre-bootpremendo il tasto Esc (attiva il manager di avvio) - Disattiva l’autorun di VeraCrypt - Montaggio automatico di un volume VeraCrypt (specificato in seguito) - Esegui VeraCrypt - Scopri automaticam. la libreria - &Nascondi la password di autenticazione di pre-boot nella memoria del driver (per il montaggio di volumi non di sistema) - Sfoglia... - Sfoglia... - Mantieni password e file chiave nella cache - Chiudi quando non ci sono volumi montati - &Chiudi la sessione in corso (log out) dopo che il volume è stato montato - Include VeraCrypt Volume Expander - Includi la creazione guidata volume VeraCrypt - Crea - Crea un volume... - Non &mostrare nessun testo nello schermo autenticazione di pre-boot(eccetto il messaggio utente in basso) - Disable "Evil Maid" attack detection - Accelera la codifica/decodifica AES usando le istruzioni AES del processore (se disponibili) - Usa file chiave - Usa file chiave - Chiudi - Guida sui volumi preferiti - Non montare il volume selezionato quando il tasto di scorciatoia 'Monta volumi preferiti' &viene premuto - Montare il volume selezionato quando la sua periferica ospite viene &connessa - Montare il volume selezionato dopo il log&on - Montare il volume selezionato in sola let&tura - Montare il volume selezionato come ,media rimo&vibile - Muovi &giù - Muovi &sù - Aprire la &finestra di explorer per il volume selezionato quando viene montato con successo - &Rimuovi - Use favorite label as Explorer drive label - Impostazioni globali - Visualizza messaggio a scomparsa dopo aver correttamente scollegato una hotkey - Riproduci un suono di notifica dopo aver scollegato una hotkey correttamente - Alt - Ctrl - Maiusc - Win - Assegna - Rimuovi - File chiave... - Non usare il seguente numero di processori per la codifica/decodifica: - Ulteriori informazioni - Uteriori informazioni - Altre impostazioni... - Montaggio automatico - Opzioni... - Monta il volume in sola lettura - File chiave... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Attiva - Mantieni le password nella cache - Smontaggio automatico del volume in mancanza di attività successive - L'utente si disconnette - User session locked - PC in modo di risparmio energia - Il salvaschermo è attivato - Forza lo smontaggio automatico anche se il volume contiene dei file o cartelle aperti - Monta tutti i volumi VeraCrypt residenti sulle unità - Esegui in background - Monta i volumi in sola lettura - Monta i volumi come unità rimovibili - Apri la finestra di Esplora risorse dopo aver montato un volume correttamente - Temporary Cache password during "Mount Favorite Volumes" operations - Usa un icona diversa nella barra di sistema se ci sono volumi montati - Azzera le password nella cache allo smontaggio automatico - Azzera le password nella cache in uscita - Non modificare data ed ora dei file contenitori - Azzera - Seleziona unità... - Seleziona file... - Seleziona &libreria... - Mostra password - Mostra password - Apri la finestra di Esplora risorse per il volume montato - Mantieni la password nella cache - TrueCrypt Mode - Smonta tutti - Proprietà volume... - Strumenti volume... - Azzera la cache - VeraCrypt - Mount Parameters - VeraCrypt - Volumi preferiti - VeraCrypt - Tasti di scelta rapida (hotkey) - VeraCrypt - Modifica la password o il file chiave - Digita la password del volume VeraCrypt - VeraCrypt - Opzioni di prestazione e configurazione del driver - Preferenze di VeraCrypt - VeraCrypt - Impostazioni codifica di sistema - VeraCrypt - Preferenze controllo sicurezza - Installazione del Traveler Disk di VeraCrypt - Proprietà del volume VeraCrypt - Info... - Aggiungi/rimuovi i file chiave al/dal volume... - Aggiungi il volume montato ai preferiti... - Aggiungi il volume montato ai preferiti... - Analizza crash del sistema... - Backup del volume principale... - Riferimenti... - Imposta algoritmo per la chiave principale... - Modifica la password del volume... - Imposta la chiave principale dell'algoritmo di derivazione... - Modifica la password... - Cancella la cronologia del volume - Chiudi tutte le sessioni dei token di sicurezza - Contatti... - Crea sistema operativo nascosto... - Crea un disco di ripristino... - Crea un nuovo volume... - Permanently Decrypt... - File chiave predefiniti... - Default Mount Parameters... - Donazione... - Codifica la partizione o disco di sistema... - Domande frequenti - Guida utente - Sito web - Tasti di scelta rapida (hotkey)... - Generatore di file chiave... - Lingua... - Note legali... - Gestione token di sicurezza dei file chiave... - Monta automaticamente tutti i volumi residenti sulle unità - Monta i volumi preferiti - Monta senza autentificazione di pre-boot... - Monta il volume - Monta il volume con le opzioni - Notifiche - Guida in linea - Tutorial per principianti - Organizza i volumi preferiti... - Organizza i volumi preferiti di sistema... - Prestazioni/Configurazione del driver - Decodifica definitivamente la partizione/disco di sistema - Preferenze... - Aggiorna le lettere delle unità - Rimuovi tutti i file chiave dal volume... - Ripristina l'intestazione del volume... - Riprendi i processi interrotti - Seleziona unità... - Seleziona file... - Riavvia i processi interrotti - Codifica di sistema... - Proprietà... - Impostazioni... - Volumi preferiti di sistema... - Download - Testa vettori... - Token di sicurezza... - Installazione del Traveler Disk... - Smonta tutti i volumi montati - Smonta il volume - Verifica disco di ripristino - Verify Rescue Disk ISO Image - Cronologia delle versioni - Volume Expander - Proprietà del volume... - Creazione guidata volume... - Sito web di VeraCrypt - Cancella le password nella cache - OK - Accelerazione hardware - Assegna tasti rapidi - Configurazione di avvio automatico (autorun.inf) - Smontaggio automatico - Smonta tutti quando: - Opzioni schermata di boot per VeraCrypt - Conferma password: - Corrente - Mostra il messaggio utente nello schermo di autenticazione di per-avvio (massimo 24 caratteri): - Opzioni di montaggio predefinite - Opzioni tasti rapidi - Configurazione del driver - Enable extended disk control codes support - Etichetta del volume preferito selezionato: - Impostazioni file - Tasto: - Il Processore (CPU) del computer supporta l'accelerazioni hardware per AES: - Azioni da eseguire all'apertura di Windows - minuti - Monta il volume con la lettera dell'unità: - Parametri di montaggio - Nuovo - Password: - Parallelizzazione Thread-Based - PKCS #11 Percorso libreria - PKCS-5 PRF: - PKCS-5 PRF: - Password nascoste - Opzioni sicurezza - Esecuzione di VeraCrypt in background - Volume VeraCrypt da montare (relativo alla radice del Traveler Disk): - Sull'inserimento del Traveler Disk: - Crea i file per il Traveler Disk su (directory radice del Traveler Disk): - Volume - Windows - Agg.percorso... - Auto test tutti - &Continua - Decripta - &Cancella - Codifica - &Esporta... - Genera e salva i file chiave... - Genera un file chiave casuale... - Scarica i file di linguaggio - Hardware AES accelerato: - &Importa file chiave alla misura di sicurezza... - Agg. File... - Usa file chiave - File chiave... - Elimina - Elimina tutti - Cos'è la protezione di un volume nascosto? - Maggiori informazioni sui file chiave - Monta il volume come unità rimovibile - Monta partizione usando codifica di sistema senza autentificazione di pre-boot - Parallelizzazione: - Prova - &Stampa - Proteggi il volume nascosto contro i danni da scrittura sul volume esterno - Azzera - Mostra password - Agg. file token ... - Usare l'intestazione del backup inserita nel &volume se disponibile - Modo XTS - A proposito di VeraCrypt - VeraCrypt - Test per l'algoritmo di codifica - VeraCrypt - Vettori test - Guida alla linea di comando - VeraCrypt - File chiave - VeraCrypt - Generatore di file chiave - VeraCrypt - Lingua - VeraCrypt - Opzioni di montaggio - Proprietà nuova chiave file token di sicurezza - VeraCrypt - Arricchimento pool casuale - Seleziona una unità/partizione - VeraCrypt - File chiave misura di sicurezza - Password/PIN richiesto per la misura di sicurezza - File di lingua in uso - La velocità è influenzata dal carico CPU e dalle caratteristiche dell’unità di memoria.\n\nQuesti test vengono effettuati nella memoria RAM. - Dimensione del buffer: - Algoritmo di codifica: - Password per il volume nascosto:\n(usare la cache se non fornita) - Protezione del volume nascosto - Dimensione della chiave: - IMPORTANTE: Muovere il vostro mouse il più casualmente possibile entro questa finestra. E' preferibile un movimento più lungo perchè aumenta in modo significativo l'effetto delle chiavi di codifica. - ATTENZIONE: se viene perso un file chiave o se cambiano i bit nei primi 1024 KB, sarà impossibile montare i volumi che usano questo file chiave! - bits - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Tradotto da: - Dimensione testo: - bits - Contenuto attuale del pool - Miscelazione PRF: - IMPORTANTE: Dovete muovere il vostro mouse il più a caso possibile all'interno di questa finestra. E'preferibile un movimento lungo. Questo aumenta la sicurezza in maniera significativa. Quando fatto questo, fate click su 'Continua'. - Chiave secondaria (esadecimale) - Misura di sicurezza: - Ordinamento: - Attendere. Questo processo può richiedere molto tempo... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Numero blocchi: - Testo criptato (esadecimale) - Numero unità dati (64-bit esadecimale, dimensione unità dati=512 byte) - Chiave (esadecimale) - Testo in chiaro (esadecimale) - Nome file chiave: - Modo XTS - S&istema - &Volumi - Prefer&iti - &Strumenti - &Parametri - &Guida - &Sito Web - - A proposito di... - L'attributo di sola lettura del vecchio volume non può essere modificato. Verificare i permessi di accesso al file. - ERRORE: accesso negato.\n\nLa partizione a cui si sta tentando di accedere ha lunghezza di 0 (zero) settori oppure è l’unità di avvio del sistema. - Amministratore - Per caricare il driver VeraCrypt è necessario accedere come utente con privilegi di amministratore. - Per codificare/decodificare/formattare un unità/partizione è necessario accedere come utente con privilegi di amministratore.\n\nQuesta restrizione non si applica ai volumi basati su file. - Per creare un volume nascosto è necessario accedere come utente con privilegi di amministratore.\n\nContinuare? - Per formattare il volume come NTFS è necessario accedere come utente con privilegi di amministratore.\n\nSenza i privilegi di amministrazione si può formattare il volume come FAT. - Algoritmo di codifica (Rijndael, pubblicato nel 1998) approvato per la FIPS, che può essere usato dai dipartimenti ed agenzie federali U.S.A. per proteggere le informazioni Top Secret. Chiave a 256-bit, blocco a 128-bit, 14 passaggi (AES-256). Modo operativo XTS. - Il volume è già montato. - ATTENZIONE: almeno un algoritmo di codifica o di confusione ha fallito la procedura automatica di auto-test!\n\nL'installazione di VeraCrypt potrebbe essere corrotta. - ATTENZIONE: il gruppo di generazione casuale non dispone di dati sufficienti a fornire la quantità richiesta di dati casuali.\n\nE' sconsigliato proseguire oltre. Selezionare 'Segnala un errore' dal menu Guida e segnalare questo errore. - Il disco è danneggiato (c'è un difetto fisico in esso) oppure un cavo è danneggiato, oppure la memoria è malfunzionante.\n\nDa notare che questo è un problema con il vostro hardware, non con VeraCrypt. Pertanto, NON segnalare questo come un difetto o problema in VeraCrypt e quindi NON chiedere assistenza con questo nei forum di VeraCrypt. Contattate il supporto tecnico del venditore del vostro computer per l'assistenza. Grazie!\n\nNota: se l'errore si verifica ripetutamente allo stesso posto, è probabile sia causato da un cattivo settore su disco, che deve essere possibile correggere usando un software di terze parti (notate pure che, in molti casi, il comando 'chkdsk /r' non può correggere questo problema perchè esso lavora solamente al primo livello del file system; in alcuni casi lo strumento 'chkdsk' non riesce a scovare questo settore cattivo). - Se avete accesso ad un dribe per unità removibile, assicuratevi che un supporto venga inserito nell'unità. L'unità o supporto può essere pure danneggiato(può esserci un difetto fisico in esso) oppure un cavo può essere danneggiato o disconnesso. - Il vostro sistema sembra usare una periferica chipset utente contenente un difetto che previene la codifica dell'intero drive di sistema.\n\nTentare l'aggiornamento o la disinstallazione di qualsiasi driver del chipset personalizzato (non-Microsoft) prima di procedere. Se questo non vi aiuta, tentare la codifica della sola partizione. - Lettera di unità non valida. - Percorso non valido. - Annulla - Impossibile accedere all’unità. Assicurarsi che essa esista e non sia usata dal sistema. - ATTENZIONE: Bloc+Maiusc attivo. Questo può causare la digitazione di una password errata. - Tipo di volume - Potreste essere costretti da qualcuno a svelare la password per un volume criptato. Ci sono molte situazioni dove non potete rifiutarvi di farlo (ad esempio, in caso di estorsione). L'uso del cosiddetto "volume nascosto" vi consente di risolvere tali situazioni senza svelare la password del vostro volume. - Selezionare questa opzione se volete creare un volume VeraCrypt normale. - Notate che se volete che un sistema operativo venga installato in un volume ospitato in una partizione ignota, l'intero disco di sistema non potrà essere criptato usando una singola chiave. - Opzioni di codifica del volume esterno - Opzioni di codifica del volume nascosto - Opzioni di codifica - ATTENZIONE: impossibile eliminare il percorso dell'ultimo volume/file chiave selezionato (memorizzata dal selettore file)! - ERRORE: il volume è stato compresso a livello di file system. VeraCrypt non supporta i contenitore compressi (comprimere dati Codificati è inutile e ridondante).\n\nDisabilitare la compressione seguendo queste istruzioni: 1) Fare click destro sul contenitore in Esplora Risorse (non in VeraCrypt). 2) Selezionare 'Proprietà'. 3) Nella finestra di dialogo 'Proprietà', cliccare su 'Avanzate'. 4) Nella finestra di dialogo 'Proprietà avanzate', deselezionare l'opzione 'Comprimi i dati per risparmiare spazio' e cliccare 'OK'. 5) Nella finestra di dialogo 'Proprietà', cliccare 'OK'. - La creazione del volume %s fallita - La dimensione di %s è %.2f byte - La dimensione di %s è %.2f KB - La dimensione di %s è %.2f MB - La dimensione di %s è %.2f GB - La dimensione di %s è %.2f TB - La dimensione di %s è %.2f PB - ATTENZIONE: l’unità/partizione è in uso da parte del sistema operativo o da un'applicazione. La sua formattazione potrebbe causare la perdita dei dati e l'instabilità del sistema.\n\nContinuare? - ATTENZIONE: l’unità è in uso da parte del sistema operativo o da un'applicazione. Dovete chiudere qualsiasi applicazione che sta usando la partizione (compreso i software antivirus).\n\nContinuare? - ERRORE: l’unità/partizione contiene un file system che non può essere smontato. Il file system potrebbe essere in uso. La formattazione della unità/partizione può causare la perdita dei dati e l'instabilità del sistema.\n\nPer risolvere il problema, si raccomanda di cancellare la partizione e di ricrearla senza formattarla, seguendo le seguenti istruzioni: 1) Fare click destro sull'icona 'Risorse del computer' nel menu Start e selezionare 'Gestione'. Dovrebbe comparire la finestra 'Gestione computer'. 2) Nella finestra 'Gestione computer', selezionare 'Gestione disco'. 3) Fare click destro sulla partizione da codificare e selezionare 'Elimina partizione' o 'Elimina volume' oppure 'Elimina unità logica'. 4) Cliccare 'Sì'. Se Windows chiede il riavvio del computer, eseguirlo. Ripetere i passi 1 e 2 e continuare col passo 5. 5) Fare click destro sullo spazio libero/non allocato e selezionare 'Nuova partizione' o 'Nuovo volume' oppure 'Nuova unità logica'. 6) Dovrebbe comparire la finestra 'Creazione guidata nuova partizione' o 'Creazione guidata nuovo volume'; seguire le istruzioni. Nella pagina intitolata 'Formatta partizione', selezionare 'Non formattare questa partizione' o 'Non formattare questo volume'. Cliccare su 'Avanti' e poi su 'Fine'. 7) Ora il percorso del unità selezionato in VeraCrypt potrebbe essere errato. Uscire dalla creazione guidata del volume VeraCrypt (se ancora in esecuzione) e riavviarla. 8) Provare nuovamente a codificare l’unità/partizione.\n\nSe VeraCrypt non riesce ripetutamente a codificare l’unità/partizione, creare un file contenitore. - ERRORE: il sistema dei file non può essere chiuso o smontato. Esso può essere in uso dal sistema operativo oppure da applicazioni (per esempio software antivirus). La codifica della partizione potrebbe causare la corruzione dei dati e l’instabilità del sistema.\n\nChiudete qualsiasi applicazione che può essere in uso dal sistema operativo (compresi gli antivirus) e tentate nuovamente. Se questo non vi aiuta, seguire i passi che seguono. - ATTENZIONE: alcune delle unità/partizioni montate sono già in uso!\n\nIgnorare questa condizione può causare risultati indesiderati, compresa l'instabilità del sistema.\n\nE' consigliabile chiudere tutte le applicazioni che potrebbero usare le unità/partizioni. - L’unità selezionata contiene delle partizioni.\n\nLa formattazione del unità potrebbe causare la perdita dei dati e l'instabilità del sistema. Selezionare una partizione o rimuovere tutte le partizioni per consentire a VeraCrypt di formattarle senza rischi. - L’unità non di sistema selezionata contiene delle partizioni.\n\nLa codifica di volumi di VeraCrypt ospitati nell’unità può essere creata all’interno delle unità che non contengono nessuna partizione (compresi dischi rigidi e dischi allo stato solido). Un’unità contenente delle partizioni può essere interamente Crittata ‘sul posto’ (usando una singola chiave master) solo se essa è il disco dove Windows è installato e dal quale esso si avvia.\n\nSe volete codificare la partizione non di sistema selezionata usando una singola chiave master, dovete rimuovere tutte le partizioni nell’ unità prima di consentire a VeraCrypt di formattarla in sicurezza (la formattazione di una unità contenente delle partizioni può causare l’instabilità del sistema e/o corruzione dei dati). In alternativa, potete codificare singolarmente ogni partizione sul disco (ogni partizione sarà Crittata usando una chiave master differente).\n\nNota: Se volete rimuovere tutte le partizioni da un disco GPT, dovete convertirlo in disco MBR (usando lo strumento Gestione del computer) allo scopo di rimuovere le partizioni ignote. - Attenzione: Se cifrate l'intera periferica (non solo una partizione in essa), il sistema operativo considererà la periferica come nuova, vuota e non formattata (per cui non conterrà nessuna tavola i partizione) e può inizializzare spontaneamente la periferica (oppure chiedervi se volete farlo), e questo può danneggiare il volume. Inoltre, non sarà possibile montare consistentemente il volume come preferito (ad esempio, quando il numero periferica cambia) oppure assegnare ad essa un'etichetta di volume preferito.\n\nPer evitare questo volete invece considerare la creazione di una partizione nell'unità e cifrare la partizione.\n\nVolete cifrare l'intera unità? - IMPORTANTE: Ricordate che questo volume NON PUO' essere mountato/aperto usando la lettera dell'unità %c:, assegnata attualmente ad essa!\n\nPer montare questo volume, fate clic su 'Automonta Unità' nella finestra principale di VeraCrypt (oppure, fate clic su 'Seleziona Unità', quindi selezionare questa partizione/unità, e cliccate su 'Monta'). Questo volume sarà montato in una lettera unità differente, da selezionare nell'elenco nella finestra principale di VeraCrypt.\n\nLa lettera unità originale %c: deve essere usata solo nel caso in cui avete bisogno di rimuovere la codifica dalla partizione/unità (cioè, se non avete bisogno per molto tempo della codifica). In tale caso, fate clic con il tasto destro sulla lettera dell'unità %c: nell'elenco del 'Computer' (oppure 'Esplora risorse') e selezionare 'Formatta'. Altrimenti, la lettera unità %c: non deve essere mai usata (a meno chè voi la rimuovete, come descritto nelle FAQ di VeraCrypt, e la assegnate ad un'altra partizione/unità). - La codifica in posto di volumi non di sistema non è supportata dalla versione del sistema operativo che state usando attualmente (è supportato solo in Windows Vista e l'ultima versione di Windows).\n\nLa ragione è che questa versione di Windows non supporta la compattazione di un file system (il file system deve essere compresso per creare lo spazio per la testata del volume e del backup). - La partizione selezionata non sembra contenere un file system NTFS. Solo le partizioni che contengono un file system NTFS possono e essere codificate sul posto.\n\nNota: La ragione è che Windows non supporta la compressione di altri tipi di file systems (il file system necessita di essere compresso per costruire lo spazio per la testata del volume e farne il backup). - La partizione selezionata non sembra contenere un file system NTFS. Solo le partizioni che contengono un file system NTFS possono e essere codificate sul posto.\n\nSe volete creare un volume criptato VeraCrypt all’interno di questa partizione, scegliete l’opzione "Crea e formatta volume criptato" (invece dell’opzione "Codifica la partizione sul posto"). - ERRORE: La partizione è troppo piccola. VeraCrypt non può Codificarla sul posto. - Per codificare i dati in questa partizione, dovete seguire questi passi:\n\n1) Create un volume VeraCrypt in una partizone/unità vuota e quindi montarlo.\n\n2) Copiate tutti i file dalla partizione che volete codificare in origine nel volume VeraCrypt (che è stato creato e montato nel passo 1). In questo modo, voi farete un backup dei dati Codificati VeraCrypt.\n\n3) Create un volume VeraCrypt nella partizione che volete codificare in origine ed assicuratevi (nella procedura di VeraCrypt) di scegliere l’opzione "Crea e formatta volume criptato" (invece dell’opzione "codifica la partizione sul posto"). Notate che tutti i dati memorizzati nella partizione saranno cancellati. Dopo aver creato il volume, montatelo.\n\n4) Copiate tutti i file dal backup del volume VeraCrypt (creato e montato nel passo 1) nel volume VeraCrypt creato (e montato) nel passo 3.\n\nDopo aver completato questi passi, i dati saranno codificati ed, inoltre, ci sarà un backup criptato dei dati. - VeraCrypt può codificare sul posto solo una partizione, un volume dinamico oppure un intero disco di sistema.\n\nSe volete creare un volume criptato VeraCrypt all’interno della unità non di sistema selezionata, scegliere l’opzione "Crea e formatta volume criptato" (invece dell’opzione "Codifica la partizione sul posto"). - ERRORE: VeraCrypt può codificare sul posto solo una partizione, un volume dinamico oppure un intero disco di sistema. Assicuratevi che il percorso specificato sia valido. - Errore: Impossibile comprimere il file system (esso deve essere compresso per la testata del volume e del backup).\n\nCause possibili e soluzioni:\n\n- Spazio libero insufficiente sul volume. Assicuratevi che nessuna altra applicazione stia scrivendo nel file system.\n\n- file system danneggiato. Tentare di verificarlo e correggere qualsiasi errore (fate click con il tasto destro sulla lettera del drive corrispondente nell'elenco 'Risorse del computer', selezionare Proprietà > Strumenti > 'Verifica', assicuratevi che l'opzione 'Correggi automaticamente gli errori nel file system' sia attivata e fate click su Avvia).\n\nSe i passi di cui sopra non vi aiutano, seguire i passi successivi. - Errore: Non c'è spazio libero sufficiente nel volume e quindi il file system non può essere compattato (la compattazione del file system è necessaria per fare spazio per la testata del volume e del backup).\n\nEliminare ogni file ridondante e svuotare il cestino in modo da liberare almeno 256 KB di spazio e quindi ritentare. Notare che, a causa di una istanza di Windows, la quantità di spazio libero rapportata da Windows Explorer può essere inesatta finchè il sistema operativo non viene riavviato. Se riavviando il sistema questo non vi aiuta, il file system può essere danneggiato. Tentare il controllo e correggere qualsiasi errore (fate click destro sulla lettera dell'unità corrispondente nell'elenco 'Risorse del computer', selezionare Proprietà > Strumenti > 'Esegui scandisk'. Assicuratevi che l'opzione 'Correggi automaticamente gli errori del file system' sia attivata e quindi fate click su Avvia).\n\nSe i passi precedenti non vi aiutano, seguire i passi che seguono. - Lo spazio libero sull'unità %s è di %.2f byte. - Lo spazio libero sull'unità %s è di %.2f KB - Lo spazio libero sull'unità %s è di %.2f MB - Lo spazio libero sull'unità %s è di %.2f GB - Lo spazio libero sull'unità %s è di %.2f TB - Lo spazio libero sull'unità %s è di %.2f PB - Impossibile ottenere lettere di unità libere. - ERRORE: Driver VeraCrypt non trovato.\n\nCopiare i file 'veracrypt.sys' e 'veracrypt-x64.sys' nella directory dove si trova il file esecutivo di VeraCrypt (VeraCrypt.exe).. - Error: Una versione incompatibile di VeraCrypt è attualmente in esecuzione.\n\nSe stai provando ad avviare VeraCrypt in modalità portabile (cioè senza installarlo) e una versione differente di VeraCrypt è già installata, bisogna prima distinstallarla (o aggiornarla utilizzando l'installer di VeraCrypt). Per disinstallarla, segui questi passi: Su Windows Vista o successivo, seleziona 'Start Menu' > Computer > 'Disinstalla o cambia programma' > VeraCrypt > Disinstalla; su Windows XP, seleziona 'Start Menu' > Impostazioni > 'Pannello di Controllo' > 'Aggiungi o Rimuovi Programmi' > VeraCrypt > Rimuovi.\n\nAllo stesso modo, se stai provando ad avviare VeraCrypt in modalità portabile (cioè senza installarlo) e una versione differente di VeraCrypt è già avviata in modalità portabile, devi riavviare prima il sistema e poi eseguire solo questa nuova versione. - ERRORE: inizializzazione dell'algoritmo di codifica fallita. - ERRORE: è stata rilevata una chiave debole o potenzialmente debole. La chiave verrà scartata. Provare di nuovo. - Si è verificato un errore fatale e VeraCrypt deve essere terminato. Se questo è causato da un difetto di VeraCrypt, noi vorremmo correggerlo. Per aiutarci, potete inviarci un report di errore generato automaticamente contenente i seguenti elementi:\n\n- Versione del programma\n- Versione del sistema operativo\n- Tipo di processore\n- Nome del componente di VeraCrypt\n- Checksum dell'eseguibile di VeraCrypt\n- Nome simbolico della finestra di dialogo\n- Categoria di errore\n- Indirizzo dell'errore\n- Chiamata dello stack di VeraCrypt\n\nSelezionando 'Si', il seguente URL (contenente l'intero report di errore) verrà aperto nel vostro browser Internet predefinito.\n\n%hs\n\nVolete inviarci il report errori sopradescritto? - Si è verificato un errore critico nel vostro sistema che richiede la chiusura di VeraCrypt.\n\nNotate che questo errore non è stato causato da VeraCrypt (per cui gli sviluppatori di VeraCrypt non possono correggerlo). Controllate il vostro sistema per possibili problemi (cioè: configurazione di sistema, connessioni di rete, componenti hardware difettati e così via). - Si è verificato un errore critico nel vostro sistema, che richiede la chiusura di VeraCrypt.\n\nSe questo problema persiste, potete tentare la disattivazione o disinstallazione delle applicazioni che possono causare potenzialmente questo problema, come antivirus oppure software di sicurezza Internet, aggiornamenti di sistema oppure ottimizzatori, ecc. Se questo non vi aiuta, potete tentare la reinstallazione del vostro sistema operativo (questo può essere causato anche da malware). - Errore fatale di VeraCrypt - VeraCrypt ha scoperto che il sistema operativo è andato in crash recentemente. Ci sono molte ragioni potenziali perchè il sistema può essere andato in crash (per esempio, un componente hardware fallito, un errore in un componente di periferica, ecc.)\n\nVolete che VeraCrypt verifichi se un errore in esso abbia causato il chrash di sistema? - Volete che VeraCrypt continui a scovare i crash di sistema? - VeraCrypt non trova file minidump di crash sistema. - Vuoi cancellare i file crash dump di Windows crash dump file per liberare spazio sul disco? - Allo scopo di analizzare il blocco del sistema, VeraCrypt prima installare prima Microsoft Debugging Tools per Windows.\n\nDopo aver fatto clic su OK, l'installer di Windows scaricherà il pacchetto di installazione di Microsoft Debugging Tools (16 MB) da un server Microsoft e lo installerà (l'installer di Windows sarà seguita dall'URL del server Microsoft dal server veracrypt.org, assicurandovi che questa funzione lavora anche se Microsoft modifica il percorso del pacchetto di installazione). - Dopo aver fatto clic su OK, VeraCrypt analizzerà il crash di sistema. Questo impiegherà più di diversi minuti. - Assicuratevi che l'ambiente variabile 'PERCORSO' includa il percorso a 'kd.exe' (Kernel Debugger). - Sembrao d che VeraCrypt più probabilmente non causi il crash di sistema. Ci sono più ragioni potenziali per cui il sistema può essere andato in crash(per esempio, un componente hardware difettoso oppure un difetto in un driver di periferica, ecc.) - I risultati dell'analisi indica che aggiornando i seguenti drivers può risolvere questo problema: - Per aiutarci a determinare se c'è un difetto in VeraCrypt, dovete inviarci un report errori generato automaticamente contenente i seguenti elementi:\n- Versione del programma\n- Versione del sistema operativo\n- Tipo di CPU\n- Categoria di errore\n- Nome e versione del driver\n- Chiamata stack di sistema\n\nSelezionando 'Sì', il seguente URL (contenente l'intero report errore) sarà aperto nel vostro Internet browser predefinito. - Volete inviarci il report errori di cui sopra? - &Codifica - &Decodifica - &Decodifica definitiva - Esci - Creare un'unità logica per questa partizione estesa, quindi riprovare. - Un volume VeraCrypt può risiedere in un file (chiamato VeraCrypt contenitore), che può risiedere in un disco rigido, su un'unità flash USB, ecc. Un contenitore VeraCrypt è simile a qualsiasi altro file normale (può essere, ad esempio, spostato o cancellato come un qualsiasi altro file). Fate clic su 'Seleziona file' per scegliere un nome file per il contenitore e selezionare il percorso dove esso deve essere creato.\n\nATTENZIONE: Selezionando un file esistente, VeraCrypt NON lo cifrerà; il file sarà eliminato e sostituito con il file contenitore VeraCrypt creato nuovamente. Potrete cifrare i file esistenti (in seguito) muovendoli nel contenitore VeraCrypt che state creando adesso. - Selezionate la posizione del volume esterno da creare (all'interno di questo volume, sarà creato in seguito il volume nascosto).\n\nUn volume VeraCrypt può risiedere in un file (chiamato contenitore di VeraCrypt), che può risiedere su un disco rigido, su una periferica flash USB, ecc. Un contenitore VeraCrypt può può essere spostato o cancellato come un qualsiasi altro file normale. Fate clic su 'Seleziona file' per scegliere un nome file per il contenitore e selezionare il percorso dove volete venga creato. Se selezionate un file esistente, VeraCrypt NON lo cifrerà; il file sarà eliminato e sostituito con il nuovo file contenitore. Potrete cifrare i file esistenti (in seguito) muovendoli nel contenitore VeraCrypt che state creando adesso. - Un’unità ospitata da un volume VeraCrypt può essere creata all'interno di una partizione su disco rigido, su un disco allo stato solido, scheda di memoria USB ed altre unità di memoria supportate. Le partitizioni possono anche essere codificate in posto.\n\nIn aggiunta, le unità codificate ospitati nei volumi VeraCrypt possono essere create all’interno di unità che non contengono nessuna partizione (compresi dischi rigidi e dischi allo stato solido).\n\nNota: Un’unità contenente delle partizioni può essere totalmente Crittata in posto (usando una chiave singola) solo se essa è il disco dove Windows è installato e dalla quale Windows si avvia. - Un’unità ospitata da un volume VeraCrypt può essere creata all’interno di una partizione su disco rigido, disco allo stato solido, scheda di memoria USB ed altre unità di memoria.\n\nATTENZIONE: Notate che la partizione/unità sarà formattata e tutti i dati attualmente memorizzati in essa saranno persi. - \nSelezionare la posizione del volume esterno da creare (all’interno di questo volume si potrà creare in seguito il volume nascosto).\n\nI volumi esterni possono essere creati all’interno delle partizioni su disco rigido, dischi allo stato solido, unità di memoria USB e su qualsiasi altra unità di memoria supportata. I volumi esterni possono essere anche creati all’interno delle unità che non contengono nessuna partizione (compresi dischi rigidi e dischi allo stato solido).\n\nATTENZIONE: Notate che la partizione/unità dovrà essere formattata e tutti i dati in essa contenuti attualmente saranno distrutti. - Selezionare il volume VeraCrypt nel quale si vuole creare un volume nascosto. - WARNING: Il file o unità ospite è già in uso!\n\nIgnorando questo può causare dei risultati indesiderati, compresa la instabilità di sistema. Tutte le applicazioni che possono stare utilizzando il file oppure periferica ospite (come per esempio, gli antivirus o applicazioni di backup) devono essere chiuse prima del montaggio del volume.\n\nContinuare il montaggio? - ERRORE: impossibile montare il volume. Il file/unità è già in uso. Anche il tentativo di montaggio senza i diritti di accesso esclusivo è fallito. - Impossibile aprire il file. - Percorso del volume - File grandi - Intendete salvare i file maggiori di 4 GB in questo volume VeraCrypt? - A seconda della vostra scelta sopra, VeraCrypt sceglierà un file system predefinito appropriato per il volume VeraCrypt (potrete selezionare un file system nel passo successivo). - Siccome state creando un volume esterno, dovete considerare la scelta 'No'. Se scegliete 'Sì', il file system predefinito sarà NTFS, che non è adeguato per i volumi esterni come FAT (per esempio, la dimensione massima possibile per il volume nascosto sarà grande significativamente se l volume esterno è formattato come FAT). Normalmente, il FAT è predefinito per entrambi i volumi, nascosto e normale (così, i volumi FAT non sono sospetti). Comunque, se l'utente indica la volontà di memorizzare i dati maggiori di 4 GB (che il file system FAT non consente), il FAT non è di default. - Siete sicuri di selezionare 'Sì'? - Modalità creazione volume - Questo è il metodo veloce per creare un volume VeraCrypt ospitato in una partizione oppure unità (la codifica in posto, che è l’altra opzione, risulta lenta in quanto deve prima leggere, codificare e scrivere ogni settore). Qualsiasi dato attualmente memorizzato nella partizione/unità selezionata saranno distrutti (i dati NON saranno codificati, essi saranno soprascritti con dati casuali). Se volete codificare i dati esistenti su una partizione, scegliete l’altra opzione. - L’intera partizione selezionata ed i dato memorizzati in essa saranno codificati sul posto. Se la partizione è vuota potete scegliere l’altra opzione (il volume sarà creato più velocemente). - Nota: - &Riprendi - &Rimanda - &Avvia - &Continua - &Formatta - &Pulisci - Interrompere la formattazione? - Mostra uteriori informazioni - Non mostrare ancora questo - Il contenuto della partizione/unità è stata cancellata con successo. - Il contenuto della partizione dove il sistema originale (del quale il sistema nascosto è un clone) risiede è stato cancellato con successo. - Assicuratevi che la versione di Windows che state installando (nella partizione pulita) è la stessa come la versione di Windows che state eseguendo attualmente. Questo è richiesto perchè entrambi i sistemi condividono una partizione di avvio comune. - La partizione/disco di sistema è stato decriptato con successo.\n\nNota: Se cisono dei volumi VeraCrypt non di sistema che desiderate mountare automaticamente ogni volta che viene avviato Windows, potete impostare questo montando ognuno di essi e selezionando 'Preferiti' > 'Aggiungi volume montato ai preferiti di sistema'). - La partizione/disco di sistema è stato decriptato con successo. - \n\nIl volume VeraCrypt è stato creato ed è pronto per l'uso. Se si desidera creare un altro volume VeraCrypt, fate click su 'Avanti'. Altrimenti, fate click su 'Esci'. - n\nIl volume VeraCrypt nascosto è stato creato con successo (il sistema operativo nascosto deve risiedere all’interno di questo volume nascosto).\n\nFate click su Avanti per continuare. - Volume criptato totalmente - Volume Fully Decrypted - IMPORTANTE: PER MONTARE QUESTO VOLUME NUOVAMENTE CREATO E PER ACCEDERE AI DATI MEMORIZZATI IN ESSO, FATE CLICK SU 'Auto-monta unità' NELLA FINESTRA PRINCIPALE DI VERACRYPT. Dopo aver inserito la password corretta (e/o fornito i file chiave corretti), il volume sarà montato nel disco la cui lettera avete selezionato dall’elenco della finestra principale di VeraCrypt (e potete accedere ai dati codificati selezionando la lettera del disco).\n\nPREGO RICORDARE O SCRIVERE I PASSI SOPRA. DOVETE SEGUIRLI OGNI QUAL VOLTA VOLETE MONTARE IL VOLUME ED ACCEDERE AI DATI MEMORIZZATI IN ESSO. In alternativa, nella finestra principale di VeraCrypt, fate click su 'Seleziona unità',quindi selezionare la partizione/volume, e ciccare su 'Monta'.\n\nLa partizione/volume è stata Crittata con successo (contiene ora un volume VeraCrypt totalmente criptato) ed è pronto per l’uso. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - Il volume VeraCrypt è stato creato con successo. - Volume creato - IMPORTANTE:Muovere il vostro mouse il più casualmente possibile entro questa finestra. E' preferibile un movimento più lungo perchè aumenta in modo significativo l'effetto delle chiavi di codifica, quindi fate click su Formatta per creare il volume. - Fate click su Formatta per creare il volume esterno. Per ulteriori informazioni, riferitevi alla documentazione. - Formattazione del volume esterno - Formattazione del volume nascosto - Formattazione del volume - Per visualizzare o stampare la guida dell'utente di VeraCrypt, è necessario Adobe Reader (o un programma analogo). E' possibile scaricare Adobe Reader (freeware) da: www.adobe.com\n\nSi vuole accedere alla documentazione online? - Selezionando questa opzione, la procedura per prima cosa vi aiuterà a creare un volume VeraCrypt normale e quindi un volume VeraCrypt nascosto al suo interno. Gli utenti inesperti devono sempre selezionare questa opzione. - Selezionando questa opzione, creerete un volume nascosto all'interno di un volume VeraCrypt. Esso riterrà che voi abbiate già creato un volume VeraCrypt idoneo ad ospitare il volume nascosto. - Modalità creazione volume - Volume nascosto creato - Il volume nascosto VeraCrypt è stato creato con successo ed è pronto per l'uso. Se sono state seguite tutte le istruzioni e se le precauzioni e riquisiti elencati nella sezione "Requisiti e precauzioni di sicurezza pertinenti ai volumi nascosti" nel manuale itente di VeraCrypt, deve essere impossibile provare che il volume nascosto esiste, anche quando il volume nascosto è montato.\n\nATTENZIONE: Se non proteggete il volume nascosto (per informazioni su come fare questo, riferitevi alla sezione "Protection of Hidden Volumes Against Damage" nella VeraCrypt User Guide), non scrivete nel volume esterno, altrimenti potrete sovrascrivere e danneggiare il volume esterno! - Avete avviato il sistema operativo nascosto. Come siete stati avvisati, il sistema operativo nascosto sembra essere installato nella stessa partizione del sistema operativo originale. Comunque, in realtà, esso è installato all’interno della partizione dietro ad essa (nel volume nascosto). Tutte le operazioni di lettura e scrittura vengono redirette in trasparenza dalla partizione del sistema originale al volume nascosto.\n\nNè il sistema operativo che nessuna applicazione sapranno che i dati scritti su e letti dalla partizione di sistema vengono scritti su e letti dalla partizione dietro ad essa (da/al volume nascosto). Qualsiasi tipo di dati viene criptato e decriptato al volo come al solito (con una chiave di codifica differente da quella usata per il sistema operativo di richiamo).\n\n\nFate click su Avanti per continuare. - Il volume esterno è stato creato ed è stato montato come unità %hc:. In questo volume esterno dovete ora copiare alcuni file sensibili che attualmente voi NON volete nascondere. Essi stanno per chiunque costringendovi a svelare la password per la prima partizione dietro alla partizione di sistema dove il volume esterno ed il volume nascosto (contenente il sistema operativo nascosto) risiede. Sarete capaci di rivelare la password per questo volume esterno, e l'esistenza del volume nascosto (e del sistema operativo nascosto) rimarrà segreto.\n\nIMPORTANTE: I file che copiate sul volume esterno non dovrebbero occupare più che%s, altrimenti non ci sarà spazio libero sufficiente sul volume esterno per il volume nascosto (e quindi non potrete continuare). Dopo che avete terminato la copia fate click su Avanti (non smontate il volume). - Il volume esterno è stato creato con successo e montato come unità %hc:. Bisognerebbe ora copiare qui alcuni file apparentemente riservati che in realtà NON si desidera nascondere. Questi file saranno accessibili a un aggressore che si impossessi della password. E' possibile rivelare solo la password del volume esterno, non di quello nascosto. I file veramente importanti saranno memorizzati nel volume nascosto, che sarà creato in seguito. Terminata la copia, cliccare su 'Avanti'. Non smontare il volume.\n\nNota: dopo aver cliccato su 'Avanti', verrà analizzata la mappa dei cluster del volume esterno per determinare la dimensione dello spazio libero contiguo fino alla fine del volume esterno. Quest'area conterrà il volume nascosto, limitando la sua dimensione massima. L'analisi della mappa dei cluster assicura che i dati sul volume esterno non vengano soprascritti dal volume nascosto. - Contenuto del volume esterno - \n\nNei prossimi passaggi saranno impostate le opzioni per il volume esterno (nel quale verrà creato in seguito il volume nascosto). - \n\nNei passi successivi voi creerete un cosiddetto volume VeraCrypt esterno nella prima partizione dietro a quella di sistema (come è stato spiegato in uno dei passi precedenti). - Volume esterno - Nei passi che seguono potete impostare le opzioni e le password per il volume nascosto, che conterrà il sistema operativo nascosto.\n\nNota: La tavola dei bit dei cluster del volume esterno è stata analizzata allo scopo di determinare la dimensione dell’area ininterrotta dello spazio libero, la quale estremità è allineata con quella del volume esterno. Questa area accoglierà il volume nascosto, per cui il suo limite ha la massima dimensione possibile. La massima dimensione possibile per il volume nascosto è stata determinata e confermata ad essere più grande della dimensione della partizione di sistema (e questo viene richiesto, perché l’intero contenuto della partizione di sistema deve essere copiato nel volume nascosto). Questo assicura che nessun dato attualmente memorizzato nel volume esterno venga soprascritto dall’area del volume nascosto. - IMPORTANTE: Ricordatevi gli algoritmi usati in questo passo. Dovrete selezionare gli stessi algoritmi per il sistema operativo di richiamo, altrimenti il sistema operativo nascosto SARA’ INACCESSIBILE! (Il sistema operativo di richiamo deve essere criptato con lo stesso algoritmo di codifica come il sistema nascosto.)\n\nNota: La ragione di questo è che il sistema operativo di richiamo condividerà un singolo loader di avvio, che supporta solo un singolo algoritmo, selezionato dall’utente (per ogni algoritmo, esiste una speciale versione del Loader di avvio di VeraCrypt). - \n\nLa tavola dei bit dei cluster è stata analizzata e la massima dimensione possibile del volume nascosto è stata determinata. Nei prossimi passaggi saranno impostate le opzioni, la dimensione e la password per il volume nascosto. - Volume nascosto - Il volume nascosto è ora protetto contro i danni finché i volume esterno è smontato.\n\nATTENZIONE: Se avete tentato di scrivere qualsiasi dato sull'area del volume nascosto, VeraCrypt avvierà a proteggere dalla scrittura il volume intero (entrambe le parti , nascosta ed esterna) finché esso è smontato. Questo può causare il danneggiamento del file system nel volume esterno il quale, (se ripetuto) può avere effetto plausibile di danneggiamento del volume nascosto. Per cui dovete evitare di scrivere nell'area del volume nascosto. Qualsiasi dato salvato su disco nascosto non sarà salvato ed andrà perso. Windows segnalerà questo come errore di scrittura ("Errore di scrittura ritardata" oppure "Il parametro è errato"). - Qualsiasi volume nascosto all’interno dei volumi montati di recente è ora protetto finchè non viene smontato.\n\nATTENZIONE: Se qualsiasi dato tenta di essere salvato sul’area nascosta di qualsiasi volume, VeraCrypt inizierà a proteggere dalla scrittura il volume intero (sia la parte esterna che quella nascosta) finchè esso sia smontato. Questo può causare il danneggiamento del file system nel volume esterno il quale, (se ripetuto) può avere effetto plausibile di danneggiamento del volume nascosto. Per cui dovete evitare di scrivere nell'area del volume nascosto. Qualsiasi dato salvato su disco nascosto non sarà salvato ed andrà perso. Windows segnalerà questo come errore di scrittura ("Errore di scrittura ritardata" oppure "Il parametro è errato"). - ATTENZIONE: Si è tentato di salvare i dati sull’area nascosta del volume montato come %c:! VeraCrypt impedisce a questi dati di essere salvati per proteggere il volume nascosto. Questo deve aver causato il danneggiamento del file system nel volume esterno e Windows deve aver segnalato un errore di scrittura ("Errore di scrittura ritardata" oppure "Il parametro è errato"). L’intero volume (sia nella parte esterna che quella ignota) sarà protetto da scrittura finché esso è smontato. Se questa non è la prima volta, VeraCrypt ha evitato che i dati vengano salvati nell’area nascosta di questo volume, si può verificare una scusa plausibile per questo volume nascosto (dovuto alle possibili inconsistenze correlate all’interno del file system del volume esterno). Pertanto dovete considerare la creazione di un nuovo volume VeraCrypt volume (con la formattazione veloce non attivata) e muovendo i file da questo volume al nuovo volume. Questo volume deve essere cancellato sicuramente (sia nella parte nascosta che in quella esterna). Vi raccomandiamo vivamente di riavviare il vostro sistema operativo. - Hai mostrato l'intento di archiviare file più grandi di 4 GB sul volume. Questo richiede che il volume sia formattato in NTFS, che, comunque, non sarà possibile. - Si prega di notare che quando un sistema operativo nascosto è in esecuzione, i volumi VeraCrypt non nascosti non possono essere formattato come NTFS. La ragione è che il volume avrebbe bisogno di essere temporaneamente montato senza protezione di scrittura per permettere al sistema operativo di formattarlo come NTFS (mentre la formattazione FAT viene eseguita da VeraCrypt, non dal sistema operativo, e senza montare il volume). Per ulteriori dettagli tecnici, vedere di seguito. È possibile creare un volume NTFS non-nascosto dall'interno del sistema operativo di facciata. - Per motivi di sicurezza, quando un sisetma operativo nascosto è in esecuzione, i volumi ignoti possono essere creati solo in modaltà 'diretta' (perchè i volumi esterni vanno sempre montati in sola lettura). Per creare sicuramente un volume nascosto, seguire questi passi:\n\n1) Avviare il sistema di inganno.\n\n2) Creare un volume VeraCrypt normale ed, in questo, copiare alcuni file sensibili che attualmente NON si desidera nascondere (il volume diventerà volume esterno).\n\n3) Avviare il sistema nascosto e la prcedura di creazione volumi di VeraCrypt. Se i volume è ospitato da file (file-hosted), muoverlo nella partizione di sistema oppure in un'altro volume nascosto (diversamente, il volume nascosto che avete creato deve essere montato in sola lettura e non può essere formattato). Seguire le istruzioni nella procedura guidata su come selezionare la modalità di creazione del volume 'diretto'.\n\n4) Nella procedura selezionare il volume da voi creato nel passo 2 e quindi seguire le istruzioni su come creare un volume nascosto al suo interno. - Per motivi di sicurezza, quando un sistema operativo nascosto è in esecuzione, i file systems locali non codificati ed i volumi VeraCrypt non ignoti vengono montati in sola lettura (nessun dato può essere scritto in tali file systems o volumi di VeraCrypt).\n\nE' consentiuo scrivere i dati in qualsiasi file system che risiede all'interno di un volume VeraCrypt nascosto (provvedere che il volume nascosto non sia collocato in un contenitore memorizzato in un file system decriptato oppure in qualsiasi altro file system in sola lettura). - Ci sono tre ragioni principali per le quali delle contromisure sono state implementate:\n\n- Esse vi consentono la creazione di una piattaforma sicura per il montaggio di volumi ignoti VeraCrypt. Notate che noi raccomandiamo ufficialmente che i volumi nascosti sono montati solo quando è in esecuzione un sistema operativo nascosto. (Per maggiori informazioni vedere la sottosezione 'Requisiti di sicurezza e precauzioni pertinenti ai volumi ignoti' nella documentazione.)\n\n- In alcuni casi, è possibile determinare che, in un certo tempo, un file system particolare non è stato montato sotto (oppure che un file particolare oppure il file system non è stato salvato oppure aperto dall'interno di esso) una particolare istanza di un sistema operativo (esempio, analizzando e comparando i filesystem journals, i file timestamps, i logs di applicazione, i logs di errore ecc.). Questo può indicare che un sistema operativo nascosto è installato nel computer. Le contromisure evitano questi problemi.\n\n- Esso evita la corruzione dei dati consentendo una ibernazione sicura. Quando Windows ritorna dall'ibernazione, esso presume che tutti i filesystem montati sono nello stesso stato come quando il sistema è entrato in ibernazione. VeraCrypt assicura questo tramite la protezione da scrittura di qualsiasi filesystem accessibile da entrambi i sistemi, di inganno e nascosto. Senza tale protezione, il filesystem può diventare corrotto quando montato da un sistema mentre l'altro sistema è ibernato. - Nota: Se volete trasferire sicuramente i file dal sistema operativo di richiamo al sistema nascosto, seguite questi passi: 1) Avviare il sistema di richiamo. 2) Salvare i file in un volume decriptato oppure in un volume VeraCrypt normale o esterno. 3) Avviare il sistema nascosto. 4) Se voi salvate i file in un volume VeraCrypt, montarlo (sarà montato automaticamente in sola lettura). 5) Copiare i file nella partizione di sistema nascosto oppure un altro volume nascosto. - Il vostro computer deve essere riavviato.\n\nVolete riavviarlo ora? - Si è verificato un errore nel dare lo stato di codifica del sistema. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Impossibile inizializzare i componenti dell’applicazione per la codifica del sistema. - Inizializzazione del generatore di numeri casuali fallita! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Impossibile inizializzare l'applicazione. Registrazione della classe Finestra di dialogo fallita. - ERRORE: Fallito nel caricare il Rich Edit della libreria di sistema. - Creazione guidata volume VeraCrypt - La dimensione massima del volume nascosto per questo volume è di %.2f byte. - La dimensione massima del volume nascosto per questo volume è di %.2f KB. - La dimensione massima del volume nascosto per questo volume è di %.2f MB. - La dimensione massima possibile del volume nascosto per questo volume VeraCrypt è %.2f GB. - La dimensione massima possibile del volume nascosto per questo volume VeraCrypt è %.2f TB. - La password o i file chiave per il volume non possono essere modificati mentre questo è montato. E' necessario smontare prima il volume. - L'algoritmo di derivazione per la chiave di testata non può essere cambiato mentre il volume è montato. E' necessario smontare prima il volume. - Monta - Per montare questo volume è richiesta una versione più recente di VeraCrypt. - ERRORE: procedura guidata per la creazione del volume non trovata.\n\nAssicurarsi che il file 'VeraCrypt Format.exe' sia nella cartella dalla quale 'VeraCrypt.exe' è stato eseguito. Altrimenti reinstallare VeraCrypt o individuare 'VeraCrypt Format.exe' sul disco ed eseguirlo. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - Avanti > - &Fine - &Installa - E&strai - Impossibile connettersi al driver di unità VeraCrypt. VeraCrypt non può lavorare se il driver di unità non è in esecuzione.\n\nNotare che, a causa di un requisito di Windows, può essere necessario disconnettersi oppure riavviare il sistema prima che il driver di unità possa essere caricato. - Si è verificato un errore nel caricamento/preparazione dei font. - Lettera dell'unità non trovata oppure non specificata. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Lettera di unità non disponibile. - Nessun file selezionato.! - Nessuna lettera di unità disponibile. - Nessuna lettera di unità libera per il volume esterno! La creazione del volume non può proseguire. - Impossibile determinare la versione del sistema operativo oppure si sta usando un sistema operativo non supportato. - Nessun percorso selezionato! - Spazio libero insufficiente per il volume nascosto! La creazione del volume non può proseguire. - ERRORE: I file da voi copiati nel volume esterno occupa troppo spazio. Pertanto, non c'è spazio sufficiente a disposizione nel volume esterno per il volume nascosto.\n\nDa notare che il volume nascosto deve essere grande come la partizione di sistema (che è quella in è installato cui il sistema operativo attualmente in esecuzione). La ragione è che il sistema operativo nascosto necessita di essere creato copiando il contenuto della partizione di sistema nel volume nascosto.\n\n\nLa procedura di creazione del sistema operativo nascosto non può continuare. - Il driver non riesce a smontare il volume. Alcuni file che si trovano in esso potrebbero essere ancora aperti. - Impossibile bloccare il volume. Ci sono file ancora aperti in esso, pertanto questo non può essere smontato. - VeraCrypt non può chiudere il volume perché esso è in uso dal sistema o applicazioni (possono esserci file aperti sul volume).\n\nVolete forzare lo smontaggio del volume? - Selezionare un volume VeraCrypt - Specificare il percorso e nome del file - Selezionare la libreria PKCS #11 - Memoria esaurita - IMPORTANTE: Raccomandiamo rigorosamente che gli utenti non esperti creano un file contenitore VeraCrypt contenente la partizione/periferica selezionata invece di tentare la cifratura dell'intera partizione/periferica.\n\nQuando create un file contenitore VeraCrypt (al contrario di cifrare una periferica o partizione) c'è, per esempio, nessun rischio di distruzione di un grande numero di file. Notare che un file contenitore VeraCrypt (anche quando esso contiene un disco virtuale criptato) è attualmente come qualsiasi file normale. Per maggiori informazioni vedere il capitolo Beginner's Tutorial nella guida utente di VeraCrypt User Guide.\n\nSiete sicuri di voler codificare l'intera periferica/partizione? - AVVERTENZA: Il file '%s' già esiste!\n\nIMPORTANTE: VERACRYPT NON CODIFICHERA’ IL FILE, MA LO CANCELLERA'. Siete sicuri di voler cancellare il file e sostituirlo con un nuovo contenitore VeraCrypt? - ATTENZIONE: QUALSIASI FILE ATTUALMENTE MEMORIZZATO NELLA PARTIZIONE%s '%s'%s SARA' CANCELLATO E PERSO (ESSI NON SARANNO CODIFICATI)!\n\nSiete sicuri di voler procedere con la formattazione? - AVVERTENZA: Non potrete montare il volume oppure accedere a nessun file memorizzato in esso finché esso è stato criptato interamante.\n\nSiete sicuri di voler avviare la codifica del selezionato %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - AVVERTENZA: Notate che se l’alimentazione elettrica viene interrotta bruscamente durante la codifica in posto dei dati esistenti, o quando il sistema operativo va in crash a causa di un errore del software o di un malfunzionamento dell’hardware mentre VeraCrypt sta codificando i dati in posto, delle parti di dati possono essere corrotti o persi. Pertanto, prima di avviare la codifica, assicuratevi di aver fatto delle copie di backup dei file da codificare.\n\nAvete fatto tale copia di backup? - ATTENZIONE: QUALSIASI FILE ATTUALMENTE MEMORIZZATO NELLA PARTIZIONE '%s'%s (ESEMPIO NELLA PRIMA PARTIZIONE DIETRO LA PARTIZIONE DI SISTEMA) VERRA' CANCELLATO E PERSO (ESSI NON SARANNO CODIFICATI)!\n\nSiete sicuri di voler procedere con la formattazione? - AVVERTENZA: LA PARTIZIONE SELEZIONATA CONTIENE UNA GRANDE QUANTITA’ DI DATI! Qualsiasi file memorizzato nella partizione sarà cancellato e perso (NON SARANNO CODIFICATI)! - Cancella qualsisasi file memorizzato nella partizione creando un volume VeraCrypt al suo interno - Password - PIM - Impostare algoritmo per la chiave di testata - Aggiungere/rimuovere i file chiave al/dal volume - Rimuovere tutti i file chiave dal volume - Password, PIM e/o file chiave cambiato con successo.\n\nIMPORTANTE: Assicuratevi di aver letto la sezione 'Changing Passwords and Keyfiles' nel capitolo 'Security Requirements and Precautions' nella VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANTE: Se non avete distrutto il vostro disco di ripristino di VeraCrypt, la vostra partizione/disco di sistema può essere ancora deCrittata usando la vecchia password (tramite l'avvio del disco di ripristino di VeraCrypt e digitando la vecchia password). Dovete creare un nuovo disco di ripristino di VeraCrypt e quindi distruggere il vecchio.\n\nVolete creare un nuovo disco di ripristino di VeraCrypt? - Da notare che il vostro disco di ripristino di VeraCrypt usa ancora l'algoritmo precedente. Se considerate il precedente algoritmo non sicuro, dovete creare un nuovo disco di ripristino di VeraCrypt e distruggere il precedente.\n\nVolete creare un nuovo disco di ripristino di VeraCrypt? - Qualsiasi tipo di file (ad esempio Mp3, Jpg, Zip, Avi) può essere utilizzato come un file-chiave di VeraCrypt. Si noti che VeraCrypt non modifica mai il contenuto del file-chiave. È possibile selezionare più di un file-chiave (l'ordine non ha importanza). Se si aggiunge una cartella, tutti i file non nascosti trovat in essa saranno utilizzati come file-chiave. Cliccare su 'Aggiungi file chiave' per selezionare un file-chiave memorizzato su di un token di sicurezza o una smart card (o per importarvi il file-chiave). - File chiave aggiunti/rimossi con successo. - File chiave esportati. - Algoritmo di derivazione della chiave di testata impostato con successo. - Digitate la password e /o file chiave per il volume non di sistema dove volete riprendere il processo di codifica in posto.\n\n\nNota: Dopo aver fatto click su Avanti, VeraCrypt tenterà di cercare tutti i volumi non di sistema dove il processo di codifica è stato interrotto e dove la testata del volume VeraCrypt può essere DeCrittata usando la password e/o file chiave fornito. Se più di uno di tali volumi viene trovato, avete bisogno di selezionare uno di essi nel passo successivo. - Selezionare uno dei volumi elencati. L’elenco contiene ogni volume non di sistema accessibile dove il processo di codifica è stato interrotto e le quali testate devono essere decodificate usando la password o file chiave forniti. - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - E' molto importante di scegliere una buona password. Dovete evitare di scegliere una che contenga solo una parola singola che possa essere trovata in un dizionario (oppure una combinazione di 2, 3, o 4 parole del genere). Essa non deve contenere nessun nome o data di nascita. Essa non dovrebbe essere facile da indovinare. Una buona password è una combinazione casuale di lettere maiuscole e minuscole, numeri e caratteri speciali come @ ^ = $ * + ecc. Vi raccomandiamo di scegliere una password consistente di più di 20 caratteri (più è lunga, è meglio). La lunghezza massima possibile è di 64 caratteri. - Scegliere una password per il volume nascosto. - Scegliere una password per il sistema operativo nascosto (cioè per il volume nascosto). - IMPORTANTE: La password che avete scelto per il sistema operativo nascosto in questo passo deve essere sostanzialmente differente dalle altre die password (cioè da quella del volume esterno e da quella del sistema operativo di richiamo). - Scegliere una password per il volume nel quale si vuole creare il volume nascosto.\n\nDopo aver fatto click 'Avanti', VeraCrypt tenterà di montare il volume. Subito dopo aver montato il volume, verrà analizzata la mappa dei cluster per determinare la dimensione dello spazio libero contiguo (se esiste). Questo spazio ospiterà il volume nascosto e quindi ne limiterà la dimensione massima. La scansione è necessaria per assicurare che nessun dato del volume esterno venga soprascritto dal volume nascosto. - \n Scegliere una password per il volume esterno. Questa deve essere la password che potrete rivelare ad un avversario se vi viene chiesto o siete obbligati a farlo.\n\nIMPORTANTE: Questa password DEVE essere sostanzialmente differente da quella scelta per il volume nascosto.\n\nNota: La lunghezza massima possibile della password è di 64 caratteri. - Scegliere una password per il volume esterno. Questa deve essere la password che potrete rivelare a chiunque vi obblighi a rivelare la password per la prima partizione dietro al sistema operativo, dove risiede sia il volume esterno che quello nascosto (contenente il sistema operativo nascosto). L’esistenza del volume nascosto (e del sistema operativo nascosto) rimarrà quindi segreto. Da notare che questa non è per il sistema operativo di richiamo.\n\nIMPORTANTE: Questa password DEVE essere sostanzialmente differente da quella da voi scelta per il volume nascosto (cioè per il sistema operativo nascosto). - Password per il volume esterno - Password per il volume nascosto - Password per il sistema operativo nascosto - ATTENZIONE: le password corte sono facili da violare usando tecniche di attacco a forza bruta!\n\nSi raccomanda di scegliere delle password composte da più di 20 caratteri.\n\nSiete sicuri di voler usare una password corta? - Password del volume - Password non corretta oppure l'oggetto non è un volume VeraCrypt. - File chiave e/o password non corretti oppure l'oggetto non è un volume VeraCrypt. - Modalità di montaggio errato, password errata oppure non è un volume VeraCrypt. - Modalità montaggio errato, file chiave errato (i) e/o password errata oppure non è un volume VeraCrypt. - Password errata o nessun volume VeraCrypt trovato. - File chiave e/o password non corretti o nessun volume VeraCrypt trovato. - \n\nATTENZIONE: il tasto di blocco delle maiuscole è attivato. Ciò può comportare un inserimento non corretto della password. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nATTENZIONE: dei file nascosti sono stati trovati nel percorso di ricerca del file chiave. Tali file nascosti non possono essere utilizzati come file-chiave. Se avete bisogno di usarli come un file-chiave, rimuovere l'attributo 'Nascosto' (tasto destro del mouse su ogni file, selezionare 'Proprietà' e deselezionare l'attributo 'Nascosto', quindi clic su OK). Nota: I file nascosti sono visibili solo se l'opzione che ne permette la visione è abilitata (Computer > Organizza > 'Opzioni cartelle e ricerca' > Visualizzazione). - Se state tentando di proteggere un volume nascosto contenente un sistema operativo nascosto, assicuratevi di usare la tastiera standard con layout americano quando digitate la password per il volume nascosto. Questo è richiesto dal fatto che la password deve essere digitata in ambiente di pre-avvio (prima dell'avvio di Windows) dove le tastiere con layout non americano non sono disponibili. - VeraCrypt non ha trovato nessun volume dove la codifica non di sistema è stata interrotta e dove la testata del volume può essere DeCrittata usando la password e/o file chiave fornita.\n\nAssicuratevi che la password e/o file chiave digitata sia corretta e che la partizione/volume non sia in uso dal sistema o da applicazioni (compresi i software antivirus). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNota: Se state tentando di montare una partizione collocata su un percorso di sistema criptato senza autenticazione di pre-boot oppure di montare la partizione di sistema Crittata su un sistema operativo che non è in esecuzione, dovete fare questo selezionando 'Sistema' > 'Monta senza autenticazione di pre-boot'. - In questo modo, non potete montare una partizione collocata su un drive la quale porzione è all’interno dello scopo della chiave di codifica del sistema attivo.\n\nPrima di poter montare questa partizione in questo modo, dovete avviare un sistema operativo installato su un percorso differente (criptato o decriptato) oppure avviare un sistema operativo Decriptato. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - <&Indietro - Impossibile elencare le unità installate sul sistema! - Il volume '%s' esiste ed è a sola lettura. Si è sicuri di volerlo sostituire? - Selezionare una cartella di destinazione - Selezionare un file chiave - Selezionare un percorso di ricerca dei file chiave. ATTENZIONE: verrà memorizzato solo il percorso, non i file. - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Concepito da Ross Anderson, Eli Biham e Lars Knudsen. Pubblicato nel 1998. Chiave a 256-bit, blocco a 128-bit. Modo operativo XTS. Serpent è uno dei finalisti AES. - Specificare la dimensione del contenitore da creare.\n\nSe create un contenitore dinamico (file sparsi), questo parametro specificherà la massima dimensione possibile.\n\nNotate che la minima dimensione possibile per un volume FAT è di 292 KB. Quella per un volume NTFS è di 3792 KB. - Specificare la dimensione del volume esterno da creare (dovete prima creare il volume esterno e quindi un volume nascosto al suo interno). La dimensione minima possibile per un volume al cui interno deve essere creato un volume è di 340 KB. - Specificare la dimensione del volume nascosto da creare. La dimensione minima di un volume esterno è di 40 KB (oppure 3664 KB se esso è formattato come NTFS). La dimensione massima che potete specificare per il volume nascosto viene mostrata sopra. - Dimensione del volume esterno - Dimensione del volume nascosto - Verificare se la dimensione della partizione/unità mostrata sopra è corretta e quindi fate click su Avanti. - Il volume esterno e il volume nascosto (contenente il sistema operativo nascosto) risiederanno all’interno della partizione di cui sopra. Questa deve essere la prima partizione dietro quella di sistema.\n\nVerificate che la dimensione della partizione ed il suo numero mostrato sopra è corretto, quindi, se lo è, fate click su Avanti. - \n\nNotate che la dimensione minima possibile per un volume al cui interno si trova un volume nascosto viene intesa a 340 KB. - Dimensione del volume - Dinamico - ATTENZIONE: AUTO-TEST FALLITO! - Auto-test di tutti gli algoritmi superato - Il numero delle unità dati da voi forniti è troppo lungo o troppo corto. - La chiave secondaria da voi fornita è troppo lunga o troppo corta. - Il testo criptato di prova fornito è troppo lungo o troppo corto. - La chiave di prova fornita è troppo lunga o troppo corta. - Il testo di prova normale fornito è troppo lungo o troppo corto. - Due cifre in cascata operano in modalità XTS. Ogni blocco viene prima criptato con %s (Chiave a %d-bit) e quindi con %s (Chiave a %d-bit). Ogni Codifica usa la sua propria chiave. Tutte le chiavi sono mutualmente indipendenti. - Tre cifre in cascata operano in modalità XTS. Ogni blocco viene prima criptato con %s (Chiave a %d-bit), quindi con %s (Chiave a %d-bit) ed alla fine con %s (Chiave a %d-bit). Ogni Codifica usa la sua propria chiave. Tutte le chiavi sono mutuamente indipendenti. - Notate che, a seconda della configurazione del sistema operativo, queste funzioni auto-run e montaggio automatico possono lavorare solo quando i file del traveler disk sono creati su un supporto tipo CD/DVD non scrivibile. Da notare che questo non è un difetto di VeraCrypt (è una limirazione di Windows). - Il traveler disk di VeraCrypt è stato creato.\n\nDa notare che dovete disporre dei privilegi di amministratore per eseguire VeraCrypt in modalità portabile. Da notare pure che, dopo l'esame del file di registro, è possibile chiedere che VeraCrypt venga eseguito in un sistema Windows anche se esso è eseguito in modalità portabile. - Traveler Disk di VeraCrypt - Concepito da Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall e Niels Ferguson. Pubblicato nel 1998. Chiave a 256-bit, blocco a 128-bit. Modalità operativa XTS. Twofish è uno dei finalisti AES. - Maggiori informazioni su %s - Sconosciuto - Si è verificato un errore sconosciuto (%d). - Alcuni volumi contengono file o cartelle utilizzati dalle applicazioni o dal sistema.\n\nForzare lo smontaggio? - Smonta - Smontaggio fallito! - Il volume contiene file o cartelle utilizzati dalle applicazioni o dal sistema.\n\nForzare lo smontaggio? - Nessun volume è montato sulla lettera specificata. - Il volume che si sta cercando di montare è già montato. - Si è verificato un errore nel tentativo di montare il volume. - Errore durante la ricerca della posizione all'interno del volume. - ERRORE: dimensione del volume non corretta. - WARNING: E' possibile utilizzare il Formato Rapido solo nei seguenti casi:\n\n1) Il dispositivo non contiene dati sensibili ed essi non sono contestabili in modo plausibile.\n2) Il dispositivo è già stato criptato completamente ed in modo sicuro.\n\nSei sicuro di voler utilizzare il Formato Rapido? - Un contenitore dinamico è un file sparso NTFS pre-allocato la cui dimensione fisica (spazio disco usato attualmente) aumenta mentre i nuovi dati vengono aggiunti ad esso.\n\nATTENZIONE: Le prestazioni dei volumi ospitati su file sparsi è molto inferiore delle prestazioni su volumi regolari. Inoltre, i volumi ospitati su file sparsi sono poco sicuri, perchè è possibile vedere quali settori del volume sono inutilizzati. Inoltre, questi volumi non possono fornire un diniego plausibile (se ospitano un volume nascosto). Notate anche che, se i dati sono scritti in un contenitore su file sparsi quando non c'è spazio sufficiente nel file system ospite, il file criptato può danneggiarsi.\n\nVolete comunque creare un volume ospitato su file sparso? - Notare che le dimensioni del contenitore dinamico riportate da Windows e da VeraCrypt saranno sempre uguali alle sue dimensioni massime. Per sapere l'attuale dimensione fisica del contenitore (lo spazio su disco effettivamente utilizzato), fare clic destro sul file contenitore (in una finestra di Windows Explorer, non in VeraCrypt), quindi selezionare 'Proprietà' e vedere il valore della 'Dimensioni su disco'.\n\nSi noti inoltre che se si sposta un contenitore dinamico ad un altro volume o disco, la dimensione fisica del contenitore sarà estesa al massimo. (Si può evitare ciò creando un un nuovo contenitore dinamico nella posizione di destinazione, montarlo e poi spostare i file dal contenitore vecchio al nuovo). - Password nella cache cancellata - Le Password (e/o contenuti dei file chiave processati) archiviate nella cache del driver di VeraCrypt sono state cancellate. - VeraCrypt non può modificare la password per un volume estraneo. - Selezionare una lettera di unità libera dalla lista. - Selezionare un volume montato dal'elenco delle lettere unità. - Due volumi differenti montati sono attualmente selezionati (uno è nell'elenco delle lettere unità e l'altro nel campo di input sotto l'elenco).\n\nScegliere il volume che desiderate selezionare: - ERRORE: impossibile creare autorun.inf - Errore durante l'elaborazione del file chiave! - Errore durante l'elaborazione del percorso del file chiave! - Il percorso dei file chiave non contiene file.\n\nDa notare che queste cartelle (ed i file che contengono) trovate nella ricerca dei percorsi file chiave sono ignorate. - VeraCrypt non supporta questo sistema operativo. - Errore: VeraCrypt supporta solo le versioni stabili di questo sistema operativo (versioni beta/RC non sono supportate). - ERRORE: impossibile allocare la memoria. - ERRORE: impossibile recuperare i valori del misuratore di prestazioni. - >Errore: Cattivo formato volume. - Errore: Avete fornito una password per un volume nascosto (non per un volume normale). - Per motivi di sicurezza, un volume nascosto non può essere creato all’interno di un volume VeraCrypt contenente un file system che è stato criptato in posto (perché lo spazio libero sul volume non è stato riempito da dati casuali). - VeraCrypt - Notizie legali - Tutti i file - Volumi VeraCrypt - Moduli libreria - La formattazione NTFS non può proseguire. - Impossibile montare il volume. - Impossibile smontare il volume. - Windows non può formattare il volume come NTFS.\n\nSelezionare un tipo di file system diverso (se possibile) e provare di nuovo. In alternativa, lasciare il volume non formattato (selezionare 'Nessuno' come file system), uscire dalla procedura guidata, montare il volume e utilizzare uno strumento di sistema o di terze parti per formattarlo (il volume rimarrà criptato). - Windows fallisce nel formattare il volume come NTFS.\n\nVolete invece formattare il volume come FAT? - Predefinito - partizione - PARTIZIONE - Unità - unità - UNITÀ - Volume - volume - VOLUME - Etichetta - La dimensione del cluster selezionata è troppo piccola per la dimensione di questo volume. Verrà utilizzata una dimensione del cluster maggiore. - ERRORE: impossibile leggere la dimensione del volume!\n\nAssicurarsi che il volume selezionato non sia usato dal sistema o dalle applicazioni. - I volumi ignoti non devono essere creati all'interno di contenitore dinamici(file sparsi). Per consentire la negabilità plausibile, il volume nascosto deve essere creato in un contenitore non dinamico. - La procedura di creazione del volume VeraCrypt può creare un voume nascosto solo all’interno di un volume FAT oppure NTFS. - In ambiente operativo Windows 2000, la procedura di creazione del volume di VeraCrypt può creare un volume nascosto solamente in un volume FAT. - Nota: Il file system FAT è più adeguato per i volumi esterni che il file system NTFS (per esempio, la dimensione massima possibile per il volume nascosto può essere significativamente molto grande se il volume esterno è stato formattato come FAT). - Notate che il file system FAT è più adeguato per i volumi esterni che i file system NTFS. Per esempio, la dimensione massima del volume nascosto può essere significatamente molto grande se il volume esterno viene formattato come FAT (la ragione è che il file system NTFS memorizza sempre i dati interni esattamente al centro del volume e, quindi, il volume esterno può risiedere solo nella seconda metà del volume esterno).\n\nSiete sicuri di voler formattare il volume esterno come NTFS? - Volete invece formattare il volume come FAT? - Nota: Questo volume non può essere formattato come FAT, perchè eccede la misura massima del volume supportata dal filesystem FAT32 per la dimensione applicabile per settore (2 TB per settori da 512-byte e 16 TB per settori da 4096-byte). - ERRORE: La partizione per il sistema operativo nascosto (cioè la prima partizione dietro a quella di sistema) deve essere almeno il 5% più grande della partizione di sistema (cioè quella dove è installato il sistema operativo attualmente in esecuzione). - ERRORE: La partizione per il sistema operativo nascosto (cioè la prima partizione dietro a quella di sistema) deve essere almeno il 110% (2.1 volte) più grande della partizione di sistema (cioè quella dove è installato il sistema operativo attualmente in esecuzione).La ragione è che il file system NTFS memorizza sempre i dati interni esattamente al centro del volume e, quindi, il volume nascosto (che deve contenere un clone della partizione di sistema) può risiedere solo nella seconda metà della partizione - ERRORE: Se il volume esterno è formattato come NTFS, esso deve essere almeno il 110% (2.1 volte) più grande della partizione di sistema. La ragione è che il file system NTFS memorizza sempre i dati interni esattamente al centro del volume e, quindi, il volume nascosto (che deve contenere un clone della partizione di sistema) può risiedere solo nella seconda metà del volume esterno.\n\nNota: Il volume esterno ha bisogno di risiedere all’interno della stessa partizione del sistema operativo nascosto (cioè all’interno della prima partizione dopo la partizione di sistema). - ERRORE: Non esiste nessuna partizione dietro quella di sistema.\n\nNota che prima di poter creare un sistema operativo nascosto, dovete creare una partizione per esso sul disco di sistema. Essa deve essere la prima partizione dietro quella di sistema e deve essere almeno il 5% più grande della partizione di sistema (quella dove è installato il sistema operativo attualmente in esecuzione). Pertanto, se il volume esterno (da non confondere con la partizione di sistema) è formattato come NTFS, la partizione per il sistema operativo nascosto deve essere almeno il 110% (2.1 volte) più grande della partizione di sistema (la ragione è che il file system NTFS memorizza sempre i dati interni esattamente al centro del volume e, quindi, il volume nascosto, che deve contenere un clone della partizione di sistema, può risiedere solamente nella seconda metà della partizione). - AVVERTENZA: Non è pratico (e quindi non supportato) installare sistemi operativi in due volumi VeraCrypt inseriti all’interno di una singola partizione, perché l’uso del sistema operativo richiesto ha bisogno spesso di scrivere i dati nell’area del sistema operativo nascosto (e se tali operazioni di scrittura sono state evitate usando la caratteristica di protezione del voume nascosto, esso causerebbe un’inerente crash di sistema, cioè l’errore di ‘Schermo blu’). - Per maggiori informazioni su come creare e gestire le partizioni, riferitevi alla documentazione fornita con il vostro sistema operativo oppure il supporto tecnico del venditore del vostro computer per l’assistenza. - ERRORE: Il sistema operativo attualmente in esecuzione non è installato nella partizione di avvio (prima partizione attiva). Questo non è supportato. - Avete segnalato che intendete memorizzare dei file maggiori di 4 GB in questo volume VeraCrypt. Comunque avete scelto il file system FAT, nel quale i file maggiori di 4 GB non possono essere salvati.\n\nSiete sicuri di volere formattare il volume come FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - ERRORE: impossibile accedere al volume!\n\nAssicurarsi che il volume selezionato esista, che non sia montato o in uso da parte del sistema o delle applicazioni, di avere permessi di lettura/scrittura e che non sia protetto da scrittura. - Error: Cannot obtain volume properties. - ERRORE: Impossibile accedere al volume e/o ottenere le informazioni a proposito del volume.\n\nAssicuratevi che il volume selezionato esista, che non sia usato dal sistema oppure applicazioni, che voi abbiate i permessi di lettura e scrittura e che il volume non sia protetto da scrittura. - ERRORE: Impossibile accedere al volume e/o ottenere le informazioni a proposito del volume.Assicuratevi che il volume selezionato esista, che non sia usato dal sistema oppure applicazioni, che voi abbiate i permessi di lettura e scrittura e che il volume non sia protetto da scrittura.\n\nSe il problema persiste, può esservi di aiuto seguire i passi seguenti. - Un errore ha impedito a VeraCrypt di codificare la partizione. Tentate la correzione di qualsiasi problema segnalato precedentemente e quindi ritentare. Se il problema persiste, può esservi di aiuto seguire i passi seguenti. - Un errore ha impedito a VeraCrypt di riprendere il processo di codifica della partizione.\n\n Tentate la correzione di qualsiasi problema segnalato precedentemente e quindi tentare di riprendere nuovamente il processo. Notate che il volume non può essere montato finché esso non viene criptato completamente. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - ERRORE: impossibile smontare il volume esterno!\n\nIl volume non può essere smontato se contiene file o cartelle utilizzati dalle applicazioni o dal sistema.\n\nChiudere tutti i programmi che potrebbero usare i file o le cartelle sul volume e cliccare su 'Riprova'. - ERRORE: Non si possono ottenere le informazioni a proposito del volume esterno! La creazione del volume non può proseguire. - ERRORE: impossibile accedere al volume esterno! La creazione del volume non può proseguire. - ERRORE: impossibile montare il volume esterno! La creazione del volume non può proseguire. - ERRORE: impossibile ottenere la mappa dei cluster! La creazione del volume non può proseguire. - Alfabetico/Per categoria - Velocità media (decrescente) - Algoritmo - Codifica - Decodifica - Media - Seleziona unità - Dimensione - Algoritmo di codifica - Algoritmo di codifica - Tipo - Valore - Proprietà - Posizione - byte - nascosto - Esterno - Normale - Sistema - nascosto (sistema) - Sola lettura - Disco di sistema - Disco di sistema (codifica - %.2f%% eseguita) - Disco di sistema (decodifica - %.2f%% eseguita) - Disco di sistema (%.2f%% criptato) - Partizione di sistema - Partizione nascosta di sistema - Partizione di sistema (codifica - %.2f%% eseguita) - Partizione di sistema (decodifica - %.2f%% eseguita) - Partizione di sistema (%.2f%% Crittata) - Sì (previene danneggiamento!) - Nessuno - Dimensione chiave primaria - Dimensione chiave secondaria (Modo XTS) - Dimensione chiave Tweak (Modo LRW ) - bit - Dimensione blocco - PKCS-5 PRF - Numero iterazioni PKCS-5 - Volume creato - Ultima modifica intestazione - (%I64d giorni fa) - Versione formato volume - Intestazione backup inserito - Versione Boot Loader di VeraCrypt - Prima disponibile - Disco rimovibile - Disco fisso - Non modificare - Autodetection - Modo guidato - Selezionare uno dei modi. Se non siete sicuri di quello che volete scegliere, usate la modalità predefinita. - Selezionare questa opzione se volete installare VeraCrypt in questo sistema. - Nota: Potete aggiornare senza decrittare anche se la partizione/unità di sistema/drive è crittata in un sistema operativo nascosto. - Se selezionate questa opzione, tutti i file saranno estratti da questo pacchetto ma non installati nel sistema. Non selezionarla se intendete cifrare la partizione di sistema nell'unità di sistema. La scelta di questa opzione può essere utilissima, per esempio, se volete eseguire VeraCrypt in modalità chiamata Portabile. VeraCrypt non viene installato nel sistema operativo nel quale esso viene eseguito. Dopo che tutti i file sono estratti, potete eseguire direttamente il file estratto 'VeraCrypt.exe' (quindi VeraCrypt verrà eseguito in modalità portabile). - Opzioni di installazione - Qui potete impostare varie opzioni per controllare il processo di installazione. - Installazione - Attendere mentre VeraCrypt viene installato. - VeraCrypt è stato installato correttamente - VeraCrypt è stato aggiornato correttamente - Vi prego di considerare una donazione. Puoi premere Chiudi per chiudere l'installazione in qualsiasi momento. - Opzioni di estrazione - Qui potete impostare varie opzioni per controllare il processo di estrazione. - Attendere mentre i file vengono estratti. - I File sono stati estratti correttamente - Tutti i file sono stati estratti con successo nel percorso di destinazione. - Se la cartella specificata non esiste, sarà creata automaticamente. - I file di programma di VeraCrypt program saranno aggiornati nel percorso dove VeraCrypt è installato. Se volete selezionare un percorso diverso, disinstallate prima VeraCrypt. - Si desidera visualizzare le note di rilascio per la versione corrente (ultima stabile) di VeraCrypt? - Se non si è mai utilizzato VeraCrypt prima d'ora, si raccomanda di leggere il capitolo 'Beginner’s Tutorial' della 'VeraCrypt User Guide'. Si desidera visualizzare la guida? - Selezionare un’azione da eseguire dalle seguenti: - Ripara/Reinstalla - Aggiorna - Disinstalla - Per installare/disinstallare VeraCrypt, dovete avere i privilegi di amministratore. Volete continuare? - L’installer di VeraCrypt è attualmente in esecuzione in questo sistema ed esegue o prepara l’installazione oppure aggiornamento di VeraCrypt. Prima di procedere, attendere per finire o chiudere esso. Se non potete chiudere l’installer, riavviare i computer prima di procedere. - Installazione fallita. - Disinstallazione fallita. - Questo pacchetto di distribuzione è danneggiato. Provare a scaricarlo nuovamente (preferibilmente dal sito ufficiale di VeraCrypt all’indirizzo ww.veracrypt.org). - Impossibile scrivere il file %s - Estrazione - Impossibile leggere i dati dal pacchetto. - Impossibile verificare l'integrità del pacchetto. - L'estrazione è fallita. - L'installazione è ritornata alla versione precedente. - VeraCrypt è stato installato con successo. - VeraCrypt è stato aggiornato con successo. - VeraCrypt è stato aggiornato correttamente. Comunque prima di utilizzarlo il computer deve essere riavviato.\n\nSi desidera riavviare edesso? - Aggiornamento VeraCrypt fallito!\n\nIMPORTANTE: Prima di arrestare o riavviare il sistema, raccomandiamo fortemente di utilizzare la funzione Ripristino Sistema (Start > Tutti i programmi > Accessori > Strumenti di Sistema > Ripristino Sistema) per riportare il sistema al punto di ripristino chiamato 'Installazione VeraCrypt'. Se il Ripristino di Sistema non è disponibile, riprovare a installare la versione originale o nuova di VeraCrypt ancora una volta prima di arrestere o riavviare il sistema. - VeraCrypt è stato disinstallato con successo.\n\nFate click su 'Terminare' per rimuovere il programma di installazione di VeraCrypt e la cartella %s. Da notare che La cartella non verrà rimossa se contiene file creati o installati da programmi diversi da VeraCrypt. - Rimozione delle chiavi di registro di VeraCrypt - Aggiunta delle chiavi di registro - Rimozione dati specifici dell'applicazione - Installazione - Arresto - Rimozione - Aggiunta icona - Creazione punto di ripristino di sistema - Creazione punto di ripristino di sistema fallita! - Aggiornamento del loader di avvio - Errore nell’intallazione di '%s'. %s Volete continuare l’installazione? - Errore nella disinstallazione di '%s'. %s Volete continuare con la disinstallazione? - Installazione completata. - Impossibile creare la cartella '%s' - Il driver di VeraCrypt non può essere rimosso.\n\nChiudere tutte le finestre di VeraCrypt. Se non funziona, riavviare Windows e provare di nuovo. - Tutti i volumi devono essere smontati prima di installare o disinstallare VeraCrypt. - Una versione obsoleta di VeraCrypt è attualmente installata in questo sistema. Deve essere disinstallata prima di installare questa nuova versione di VeraCrypt.\n\nNon appena avete chiuso questa finestra di messaggio, sarà lanciata la disinstallazione della vecchia versione. Notate che nessun volume sarà decrittata disinstallando VeraCrypt. Dopo la disinstallazione della vecchia versione di VeraCrypt, rilanciare l'installazione della nuova versione del programma. - L'installazione delle chiavi di registro è fallita - L'installazione del driver di unità è fallita. Riavviare Windows e provare nuovamente ad installare VeraCrypt. - Caricamento del driver di unità di VeraCrypt - La disinstallazione del driver di unità è fallita. Dovete notare che, a causa di un’esigenza di Windows, è necessario disconnettersi o riavviare il sistema prima che il driver di unità può essere disinstallato (oppure re-installato). - Installazione del driver di unità di VeraCrypt - Arresto del driver di unità di VeraCrypt - Disinstallazione del driver di unità di VeraCrypt - Registrazione della libreria di supporto per Controllo Account Utente fallita. - Deregistrazione della libreria di supporto per Controllo Account Utente fallita. - Note sulla modalità portabile:\n\nSi prega di notare che il sistema operativo richiede dei driver per essere registrato con esso prima di poter essere avviato. Di conseguenza, il driver VeraCrypt non è (e non può essere) completamente portatile (mentre VeraCrypt è completamente portatile laddove non c'è bisogno di essere installato o registrato con il sistema operativo). Si noti inoltre che VeraCrypt necessita di un driver per fornire una cifratura / decifratura 'al volo'. - Notate che se voi decidete di eseguire VeraCrypt in modslità portsbile (invece di eseguire una copia installata di VeraCrypt), il sistema vi richiederà i privilegi per l'esecuzione di VeraCrypt (prompt UAC) ogni volta che tentate di eseguirlo.\n\nLa ragione è che quando voi eseguite VeraCrypt in modalità portabile, VeraCrypt ha bisogno di caricare ed avviare il driver di periferica di VeraCrypt. VeraCrypt necessita di un driver di periferica per fornire la codifica/decodifica trasparente "al volo", e gli utenti senza privilegi di amministratore non possono avviare i drivers di periferica in Windows. Pertanto, il sistema vi chiederà il permesso di eseguire VeraCrypt con privilegi amministratore (prompt UAC).\n\nNotate che se installate VeraCrypt nel sistema (invece di eseguire VeraCrypt in modalità portabile), il sistema NON vii chiederà il permesso per eseguire VeraCrypt (prompt UAC prompt) ogni qualvolta tentate di eseguirlo.\n\nSiete sicuri di voler estrarre i file? - AVVERTENZA: Questa istanza della procedura creazione del volume ha i privilegi di amministratore.\n\nIl vostro nuovo volume deve essere creato con i permessi che non vi consentiranno di scrivere nel volume quando è montato. Se volete evitare questo, chiudete questa istanza di creazione volume e lanciatene un'altra senza i privilegi di amministratore.\n\nVolete chiudere questa istanza della Procedura creazione volume? - Errore: Impossibile mostrare la licenza. - Esterno(!) - giorni - ore - minuti - secondi - Apri - Smonta - Mostra VeraCrypt - Nascondi VeraCrypt - Dati letti dal momento del montaggio - Dati scritti dal momento del montaggio - Porzione Crittata - 100% (totalmente Crittata) - 0% (non Crittata) - %.3f%% - 100% - In attesa - In preparazione - In ridimensionamento - Codifica - Decodifica - In finalizzazione - In pausa - Finito - Errore - Unità disconnessa - Volume sistema preferito salvato.\n\nPer attivare il montaggio dei volumi sistema preferiti quando il sistema parte, selezionare 'Impostazioni' > 'Volumi sistema preferiti' > 'Monta volumi sistema prefriti all'avvio di Windows'. - Il volume che state aggiungendo ai preferiti non è una partizione né un volume dinamico. Pertanto, VeraCrypt non potrà montare questo volume preferito, se cambia il numero dell'unità. - Il volume che state aggiungendo ai preferiti è una partizione non riconosciuta da Windows.\n\nVeraCrypt non potrà montare questo volume preferito, se cambia il numero dell'unità. Impostate il tipo di partizione in uno riconosciuto da Windows (usare il comando SETID dello strumento di Windows 'diskpart'). Quindi aggiungere nuovamente questa partizione ai preferiti. - Il VeraCrypt Background Task VeraCrypt è disattivato o è configurato per uscire se non ci sono volumi montati (oppure VeraCrypt è in esecuzione in modalità portabile). Questo può evitare ai vostri volumi preferiti di essere montati automaticamente quando le unità ospiti vengono connesse ad essi.\n\nNota: per attivare il VeraCrypt Background Task, selezionare Impostazioni > Preferenze e spuntare la casella 'Attivato' nella sezione 'VeraCrypt Background Task'. - Un contenitore salvato in un filesystem remoto condiviso su una risorsa di rete non può essere montato automaticamente quando la sua periferica ospitante viene connessa. - La periferica mostrata sotto non è né una partizione né un volume dinamico. Pertanto, il volume ospitato dalla periferica non può essere montato automaticamente quando la periferica viene connessa. - Impostare il tipo di partizione mostrata sotto ad un tipo riconosciuto da Windows (usare il comando SETID dello strumento 'diskpart'di Windows). Rimuovere quindi la partizione dai preferiti ed aggiungerla nuovamente. Questo consentirà il montaggio automatico del volume ospite quando l'unità viene connessa - La periferica mostrata sotto non è né una partizione né un volume dinamico. Pertanto, non può essere assegnata nessuna etichetta ad essa. - Impostare il tipo di partizione mostrato sotto in un tipo riconosciuto da Windows (usare il comando SETID dello strumento 'diskpart'di Windows). Rimuovere quindi la partizione dai preferiti ed aggiungerla nuovamente. Questo consentirà a VeraCrypt di assegnare una etichetta alla partizione. - A causa di una limitazione di Windows, un contenitore salvato in un filesystem condiviso in una rete non può essere montato come volume preferito di sistema (pertanto, può essere montato come volume non preferito di sistema quando un utente si connette). - Digitare la password per %s - Digitare password for '%s' - Digitare la password per il volume normale/esterno - Digitare la password per il volume nascosto - Digitare la password per la testa memorizzata nel file di backup - Il file chiave è stato creato correttamente. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - ATTENZIONE: La testa di questo volume è danneggiato! VeraCrypt usa automaticamente il backup della testa del volume inserito in esso.\n\nDovete riparare la testa del volume selezionando ‘Strumenti’->'Ripristina testata volume'. - Il backup della testa del volume è stato creato con successo.\n\nIMPORTANTE: ripristinare la testa del volume usando questo backup si ripristinerà anche la password attuale. Inoltre, se per montare il volume sono necessari uno o più file chiave, questi saranno necessari per montare nuovamente il volume una volta che la testa è stata ripristinata.\n\nATTENZIONE: questo backup può essere usato per ripristinare SOLO la testa di questo specifico volume. Se si utilizza questo backup per ripristinare la testa di un altro volume, sarà possibile montare il volume ma NON decodificare i dati contenuti (essendo cambiata la chiave master). - La testa del volume è stata ripristinata con successo.\n\nIMPORTANTE: potrebbe essere stata ripristinata una vecchia password. Inoltre, se al momento della creazione del backup per montare il volume erano necessari dei file chiave, gli stessi file sono necessari per montare nuovamente il volume. - Per ragioni di sicurezza voi dovete digitare la password corretta (e/o fornire i file chiave corretti) per il volume.\n\nNota: Se il volume contiene un volume nascosto, dovete prima digitare la password corretta (e/o fornire i file chiave corretti) per il volume esterno. In seguito, se voi scegliete di fare il backup della testa del volume nascosto, dovete digitare la password corretta (e/o fornire i file chiave corretti) per il volume nascosto. - Siete sicuri di voler creare il backup della testa del volume per %s?\n\nDopo aver fatto click su Si, vi sarà chiesto di digitare un nome per il file di backup.\n\nNota: Sia la testa del volume standard che quella del volume nascosto saranno re-Codificati usando un nuovo valore e memorizzato nel file di backup. Se non esiste nessun volume nascosto al suo interno, l’area riservata per la testa del volume nascosto nel file di backup sarà riempita da dati casuali (per prevenire dei danneggiamenti plausibili). Quando si ripristina un’testata volume dal file di backup, dovete digitare la password corretta (e/o fornire i file chiave corretti) che era stata valida quando il backup della testa volume è stato creato. La password (e/o i file chiave) determineranno automaticamente anche il tipo di testata volume da ripristinare, cioè standard o nascosto (da notare che VeraCrypt determina il tipo attraverso il processo di prova ed errori). - Si è sicuri di voler ripristinare la testa del volume %s?\n\nATTENZIONE: ripristinando una testata si ripristina anche la password del volume al momento del backup. Inoltre, se al momento della creazione del backup per montare il volume erano necessari uno o più file chiave, gli stessi file saranno necessari per montare nuovamente il volume dopo il ripristino.\n\nDopo aver cliccato su 'Sì', sarà possibile selezionare il file di backup dela testa. - Il volume deve contenere un volume nascosto? - Il volume contiene un volume nascosto - Il volume non deve contenere un volume nascosto - Selezionate il tipo di backup testa volume da usare: - Ripristinare la testa volume dal backup inserito nel volume - Ripristina la testa del voume da un file di backup esterno - La dimensione del file di backup della testa volume è errata. - Non esiste nessun file di backup testa in questo volume (notate che solamente i volumi creati con VeraCrypt 6.0 o successivo contengono il file backup testa volume). - State tentando di fare il backup della testa della partizione/disco di sistema. Questo non è consentito. Le operazioni di backup/ripristino sono pertinenti alla partizione/disco di sistema e possono essere eseguite solamente con il disco di ripristino di VeraCrypt\n\nVolete creare un disco di ripristino di VeraCrypt? - State tentando di ripristinare la testa del volume virtuale di VeraCrypt ma avete selezionato la partizione/disco di sistema. Questo non è consentito. Le operazioni di backup/ripristino sono pertinenti alla partizione/disco di sistema e possono essere eseguite solamente con il disco di ripristino di VeraCrypt.\n\nVolete creare un disco di ripristino di VeraCrypt? - Dopo aver fatto click su OK, dovete selezionare un nome file per il nuovo file immagine ISO per il disco di ripristino di VeraCrypt ed il percorso dove volete salvarlo. - L'immagine del disco di ripristino è stata creata e salvata in questo file:\n%s\n\nDovete ora scrivere l'immagine in un CD o DVD.\n\nIMPORTANTE: Notate che questo file deve essere scritto in CD/DVD come immsgine disco ISO (non come un file individuale). Per informazioni su come fare questo, riferitevi alls documentazione del vostro software registrazione CD/DVD.\n\nDopo la scrittura del disco, selezionare 'Sistema' > 'Verifica disco di emergenza' per verificare che il disco sia stato scritto correttamente. - L'immagine del disco di ripristino è stata creata e salvata in questo file:\n%s\n\nDovete ora scrivere l'immagine in un CD o DVD.\n\nVolete lanciare ora Microsoft Windows Disc Image Burner?\n\nNota: dopo la scrittura del disco, selezionare 'Sistema' > 'Verifica disco di emergenza' per verificare che il disco sia stato scritto correttamente. - Inserite il vostro disco di ripristino di VeraCrypt nel lettore CD/DVD e fate click su OK per verificarlo. - Il disco di ripristino di VeraCrypt è stato verificato con successo. - Non è possibile verificare se il disco di ripristino è stato creato correttamente.\n\nSe avete scritto il disco di ripristino, espellete e reinserite il CD/DVD e ritentate. Se questo non vi aiuta, provate con altri software di masterizzazione CD/DVD e/o altre apparecchiature.\n\nSe tentate di verificare un disco di ripristino di VeraCrypt creato per una chiave master differente, password, ecc., dovete notare che questo disco di ripristino fallirà sempre questa verifica. Per creare un nuovo disco di ripristino compatibile pienamente con la vostra configurazione corrente selezionate ‘Sistema’>'Crea disco di ripristino'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Errore nella creazione del disco di ripristino. - Il disco di ripristino di VeraCrypt non può essere creato quando un sistema operativo nascosto è in esecuzione.\n\nPer creare un disco di ripristino di VeraCrypt, avviate il sistema operativo di richiamo e quindi selezionate 'Sistema'> 'Crea disco di ripristino'. - Impossibile verificare se il disco di ripristino sia stato scritto correttamente.\n\nSe avete scritto il disco di ripristino, espellete e reinserite il CD/DVD; quindi fate clic su Avanti per ritentare. Se questo non vi aiuta, tentare con un altro supporto%s.\n\nSe non avete ancora masterizzato il disco di ripristino, fatelo e quindi fate clic su Avanti.\n\nSe tentate di verificare un disco di ripristino di VeraCrypt creato prima di avviare questa procedura, notare che questo disco non può essere utilizzato in quanto creato per una chiave master differente. Dovete masterizzare il disco di ripristino generato nuovamente. - e/o altri software registrazione CD/DVD - VeraCrypt - Volumi di sistema preferiti - Cosa sono i volumi di sistema preferiti? - La partizione/disco di sistema non sembra essere cifrata.\n\nI volumi di sistema preferiti possono essere montati usando solo una password di autenticazione pre-boot authentication. Pertanto, per consentire l'uso dei volumi di sistema preferiti, dovete cifrare prima la partizione/unità di sistema. - Smontare il volume prima di procedere. - ERRORE: Impossibile impostare il timer. - Verifica del file system - Riparazione del file system - Aggiungi ai preferiti... - Aggiungi ai preferiti di sistema... - P&roprietà... - Volume nascosto protetto - Non valido - - No - Disattivato - 1 - 2 o più - Modalità operativa - Etichetta: - Dimensione: - Percorso: - Lettera unità: - ERRORE: la password deve contenere solo caratteri ASCII.\n\nCaratteri non ASCII nella password possono causare l'impossibilità di montare il volume qualora la configurazione del sistema dovesse cambiare.\n\nSono consentiti i seguenti caratteri:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - ATTENZIONE: la password contiene caratteri non ASCII. Ciò può portare all'impossibilità di montare il volume qualora la configurazione del sistema dovesse cambiare.\n\nE' opportuno sostituire tutti i caratteri non ASCII nella password con caratteri ASCII. Per fare ciò, cliccare su 'Volumi' -> 'Modifica password del volume'.\n\nI seguenti sono caratteri ASCII:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - ATTENZIONE: Vi raccomandiamo strettamente di evitare le estensioni dei file che vengono usate per i file eseguibili (come .exe, .sys, o .dll) oppure altre estensioni file problematiche simili. L'uso di queste estensioni causano a Windows ed ai software antivirus di interferire con il file contenitore, che hanno effetto dannoso nelle prestazioni del volume e possono anche causare altri problemi seri.\n\nVi raccomandiamo strettamente di rimuovere l'estensione al file oppure modificarla (ad esempio, a '.hc').\n\nVolete comunque usare le estensioni file problematiche descritte prima? - WARNING: Questo contenitore ha un'estensione file usata per file eseguibile (come .exe, .sys o .dll) oppure un'altra estensione file problematica simile. Essa molto probabilmente causa a Windows ed al software antivirus l'interferenza con il file contenitore, e questa ha effetto dannoso nelle prestazioni del volume e puòo anche causare altri problemi seri.\n\nVi raccomandiamo strettamente di rimuovere l'estensione al file oppure modificarla (ad esempio, a '.hc') dopo che voi avete smontato il volume. - Sito Web - ATTENZIONE: sembra che questa versione di Windows sia priva di Service Pack. E' sconsigliato scrivere su dischi IDE più grandi di 128 GB in Windows XP se non è stato installato il Service Pack 1 o superiore! In caso contrario, i dati sul disco (non importa se si tratta di un volume VeraCrypt oppure no) potrebbero essere corrotti. Questa è una limitazione di Windows, non un difetto di VeraCrypt. - ATTENZIONE: sembra che questa versione di Windows sia priva di Service Pack 3 o superiore. E' sconsigliato scrivere su dischi IDE più grandi di 128 GB in Windows 2000 se non è stato installato il Service Pack 3 o superiore! In caso contrario, i dati sul disco (non importa se si tratta di un volume VeraCrypt oppure no) potrebbero essere corrotti. Questa è una limitazione di Windows, non un bug di di VeraCrypt.\n\nNota: può essere necessario attivare anche il supporto LBA a 48 bit nel registro; per maggiori informazioni si veda http://support.microsoft.com/kb/305098/EN-US - ATTENZIONE: il supporto LBA ATAPI a 48 bit è disabilitato su questo sistema. E' sconsigliato scrivere su dischi IDE più grandi di 128 GB! In caso contrario, i dati sul disco (non importa se si tratta di un volume VeraCrypt o no) potrebbero essere corrotti. Questa è una limitazione di Windows, non un bug di VeraCrypt.\n\nPer abilitare il supporto LBA a 48 bit, aggiungere il valore 'EnableBigLba' nella chiave di registro HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters e impostarlo a 1.\n\nPer maggiori informazioni si veda http://support.microsoft.com/kb/305098 - ERRORE: I file maggiori di 4 GB non possono essere salvati su un file system FAT32. Pertanto, i file ospitati nei volumi VeraCrypt (contenitore) memorizzati su un file system FAT32 non possono essere più grandi di 4 GB.\n\nSe avete bisogno di un volume più grande, createlo su un file system NTFS (oppure, se voi usate Windows Vista SP1 o maggiore su un file system exFAT) invece di creare un volume ospite o di codificare una intera partizione o drive. - Attenzione: Windows XP non supporta file maggiori di 2048 GB (esso rapporterà che "Nessuna periferica è disponibile"). Pertanto, non potete creare un volume VeraCrypt ospitato da file (contenitore) maggiore di 2048 GB in Windows XP.\n\nNotate che è ancora possibile cifrare l'intera unità oppure creare un volume/partizione VeraCrypt maggiore di 2048 GB sotto Windows XP. - ATTENZIONE: se in futuro si vogliono aggiungere altri dati/file al volume esterno, andrebbe creato un volume nascosto più piccolo.\n\nSi è sicuri di voler continuare con la dimensione specificata? - Nessun volume selezionato.\n\nFare click su 'Unità...' oppure su 'Seleziona file...' per selezionare un volume VeraCrypt. - Nessuna partizione selezionata. Fate click su ‘Seleziona unità' per selezionare una partizione smontata che richiede normalmente l’autenticazione di pre-boot (per esempio, una partizione collocata su un system drive decriptato oppure un altro sistema operativo che non è in esecuzione, oppure la partizione di sistema deCrittata di un altro sistema opertativo).\n\nNota: La partizione selezionata sarà montata come un volume VeraCrypt regolare senza autenticazione pre-boot. Questo è utilissimo, ad esempio, per le operazioni di backup o di riparazione. - ATTENZIONE: Se i file chiave predefiniti sono impostati e attivati, sarà impossibile montare i volumi che non stanno usando questi file. Pertanto, dopo aver attivato i file chiave predefiniti, ricordatevi di deselezionare l’opzione 'Usare file chiave' (sotto un campo di inserimento password)ogni qualvolta montate tali voumi.\n\nSiete sicuri di voler salvare come default i file oppure i percorsi chiave selezionati? - Montaggio automatico delle unità - Smonta tutti - Azzera la cache - Smonta tutte & Cache ripulite - Forza lo smontaggio di tutti i volumi & azzera la cache - Forza lo smontaggio di tutti i volumi, azzera la cache & esci - Monta i volumi preferiti - Mostra/nascondi la finestra principale di VeraCrypt - (Fare click qui e premere un tasto) - Azione - Collegamento - ERRORE: questo collegamento è riservato. Scegliere un collegamento differente. - ERRORE: collegamento già in uso. - ATTENZIONE: uno o più tasti rapidi di VeraCrypt non funzioneranno!\n\nAssicurarsi che il sistema operativo o altre applicazioni non usino gli stessi collegamenti di VeraCrypt. - E' stata evitata la creazione di file di paging.\n\nNotare che, a causa di un problema di Windows, i file di paging non possono essere collocati in volumu VeraCrypt non di sistema (compresi i volumi di sistema preferiti). VeraCrypt supporta la creazione di file di paging solo su una partizione/disco di sistema criptato. - Un errore oppure un’incompatibilità previene VeraCrypt dalla codifica dei file in sospeso. Pertanto, la sospensione è stata evitata.\n\nNota: Quando un computer va in sospensione (oppure entra in modalità risparmio energetico), il contenuto della sua memoria di sistema viene scritto in un file di memoria in sospenso risiedente nel disco di sistema. VeraCrypt non può evitare che le chiavi di codifica e il contenuto dei file sensitivi aperti nella RAM vengano salvati non Codificati nel file di memoria in sospeso. - L'ibernazione è stata evitata.\n\nVeraCrypt non supporta l'ibernazione dei sistemi operativi ignoti che usano una partizione extra boot. Da notare che questa partizione di avvio è condivisa da entrambi i sistemi, nascosto e di inganno. Pertanto, allo scopo di prevenite la perdita dei dati ed i problemi mentre si ripristina dalla ibernazione, VeraCrypt ha da prevenire che il sistema nascosto scriva nella partizione di avvio condivisa e dalla ibernazione. - Il volume VeraCrypt montato come %c: è stato smontato. - Il volume VeraCrypt è stato smontato. - Il volume VeraCrypt è stao smontato e la password cancellata. - Smontato correttamente - ATTENZIONE: Se l'azione background di VeraCrypt è disattivata, le seguenti funzioni saranno disattivate:\n\n1) Tasti funzione\n2) Smontaggio automatico (cioè dopo disconnessione, rimozione periferica ospite senza avvertimento, time-out, ecc.)\n3) Montaggio automatico di volumi preferiti\n4) Notifiche (cioè, quando viene evitato il danno al volume nascosto)\n5) Icona nella barra di sistema\n\nNota: Potete disconnettere l'azione del background in ogni momento facendo clic con il tasto destro sull'icona di VeraCrypt nella barra di sistema e selezionando 'Esci'.\n\nSiete sicuri di voler disattivare definitivamente l'azione background di VeraCrypt? - ATTENZIONE: disabilitando questa opzione non sarà possibile smontare automaticamente i volumi contenenti file o cartelle aperti.\n\nSi è sicuri di voler disabilitare questa opzione? - ATTENZIONE: i volumi contenenti file o cartelle aperti NON saranno smontati automaticamente.\n\nPer impedire ciò, abilitare l'opzione seguente: 'Forza smontaggio automatico anche se il volume contiene file o cartelle aperti' - ATTENZIONE: Quando la carica della batteria del portatile è bassa, Windows può omettere l'invio dei messaggi appriopriati per eseguire le applicazioni quando il computer è passato in modalità di risparmio energetico. Comunque, VeraCrypt può fallire lo smontaggio automatico dei volumi in questi casi. - Avete programmato il processo di codifica di una partizione/volume. Il processo non è stato ancora completato.\n\nVolete avviare (riprendere) il processo ora? - Avete programmato il processo di codifica o decodifica della partizione/disco di sistema. Il processo non è stato ancora completato.\n\nVolete avviare (riprendere) il processo ora? - Volete che vi sia richiesto se volete ripristinare i processi di codifica delle partizioni o volumi non di sistema? - Si, mantieni la mia richiesta - No, non richiedermelo - IMPORTANTE: Tenete a mente che potete ripristinare il processo di codifica di qualsiasi partizione o volume non di sistema selezionando 'Volumi' > 'Riprendi i processi interrotti' dalla barra menu della finestra principale di VeraCrypt. - Avete programmato il processo codifica o decodifica della partizione/disco di sistema. Comunque, l’autenticazione di pre-boot è fallita (oppure è stata saltata).\n\nNota: Se voi DeCodificate la partizione/disco di sistema in ambiente di pre-boot, avete bisogno di finalizzare il processo selezionando 'Sistema' > 'Decodifica definitivamente la partizione/disco di sistema' dalla barra menu della finestra principale di VeraCrypt. - WARNING: Se si chiude ora VeraCrypt, le seguenti azioni verranno disattivate:\n\n1) Tasti funzione\n2) Smontaggio automatico (cioè dopo disconnessione, rimozione periferica ospite senza avvertimento, time-out, ecc.)\n3) Montaggio automatico di volumi preferiti\n4) Notifiche (cioè, quando viene evitato il danno al volume nascosto)\n5) Icona nella barra di sistema\n\nNota: Se non volete che VeraCrypt venga eseguito in background, disattivate la funzione background di VeraCrypt nelle preferenze (e, se necessario, disattivare l'avvio automatico di VeraCrypt).\n\nSiete sicuri di voler chiudere VeraCrypt? - Chiudere? - VeraCrypt non ha informazioni sufficienti per determinare se codificare o decodificare. - VeraCrypt non dispone di informazioni sufficienti per determinare se codificare o Decodificare.\n\nNota: Se voi codificate la partizione o disco di sistema in ambiente pre-boot, avete bisogno di finalizzare il processo facendo click su 'Decodifica'. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Volete interrompere e rimandare il processo di codifica della partizione/volume?\n\nNota: Tenete in mente che il volume non può essere montato finché esso non viene totalmente criptato. Potrete riprendere il processo di codifica ed esso continuerà dal punto in cui è stato fermato. Potete fare questo, per esempio, selezionando 'Volumi' > 'Riprendi i processi interrotti' dalla barra del menu nella finestra principale di VeraCrypt - Volete interrompere o rimandare il processo di codifica della partizione/disco di sistema?\n\nNota: Potrete riprendere il processo e continuare dal punto dove esso viene interrotto selezionando 'Sistema' > 'Riprendi i processi interrotti 'dalla barra menu della finestra principale di VeraCrypt. Se volete terminare o annullare definitivamente il processo di codifica, selezionare 'Sistema' > 'Decodifica definitivamente la partizione/disco di sistema'. - Volete interrompere o rimandare il processo di codifica della partizione/disco di sistema?\n\nNota: Potrete riprendere il processo e continuare dal punto dove esso viene interrotto selezionando 'Sistema' > 'Riprendi i processi interrotti ' dalla barra menu della finestra principale di VeraCrypt. Se volete terminare o annullare definitivamente il processo di decodifica (ed avviare la codifica) , selezionare 'Sistema' > 'Codifica la partizione/disco di sistema'. - ERRORE: Fallito nell’interrompere il processo di codifica o decodifica della partizione/disco di sistema. - ERRORE: Fallito nell’interruzione del processo di pulizia. - ERRORE: Fallito nel riprendere il processo di codifica o decodifica della partizione/disco di sistema. - ERRORE: Fallito nell’avviare il processo di pulizia. - Inconsistenza risolta.\n\n\n(Se voi segnalate un errore in connessione con questo, includere le seguenti informazioni tecniche nel rapporto di errore: %hs) - ERRORE: Stato inatteso.\n\n\n(Se segnalate un errore in connessione con questo, includere le seguenti informazioni tecniche nel rapporto di errore: %hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - ATTENZIONE: il processo in background di VeraCrypt è disabilitato. Dopo l'uscita da VeraCrypt non si riceveranno avvisi nel caso venga evitato il danneggiamento del volume nascosto.\n\nNota: è possibile chiudere il processo in background in qualsiasi momento facendo click destro sull'icona di VeraCrypt nella barra sistema e selezionando 'Esci'.\n\nAbilitare il processo in background di VeraCrypt? - Versione del file di lingua: %s - Controllo del file system sul volume VeraCrypt montato come %s... - Tentativo di riparazione del file system sul volume VeraCrypt montato come %s... - ATTENZIONE: Questo volume è criptato con un algoritmo con un blocco a 64 bit.\n\nTali algoritmi (es. Blowfish, CAST-128 o Triple DES) sono sconsigliati. Sarà possibile montare questo volume usando versioni successive di VeraCrypt. Tuttavia, non ci saranno ulteriori miglioramenti alle implementazioni di questi algoritmi. Si raccomanda di creare un nuovo volume VeraCrypt criptato con un algoritmo a blocchi di 128 bit (es. AES, Serpent, Twofish etc.) e di spostare i file da questo volume al nuovo. - Il vostro sistema non è configurato per montare automaticamente i nuovi volumi. Può risultare impossibile effettuare il montaggio di volumi VeraCrypt basati su unità. Il montaggio automatico può essere abilitato eseguendo il seguente comando e riavviando il sistema.\n\nmountvol.exe /E - Assegnare una lettera all’unità/partizione prima di procedere.\n\nDa notare che questo è richiesto dal sistema operativo. - Montare un volume VeraCrypt - Smonta tutti i volumi VeraCrypt - VeraCrypt non può ottenere i privilegi di amministrazione. - Il sistema operativo ha negato l'accesso.\n\nPossibile causa: per consentire di leggere/scrivere dati da/su alcune cartelle, file e unità il sistema operativo richiede i permessi di lettura/scrittura (o i privilegi di amministratore). Normalmente, un utente senza privilegi di amministratore ha il diritto di creare, leggere e modificare file solo nella propria cartella Documenti. - Errore: il drive usa una dimensione settore non supportata.\n\nNon è possibile ora creare volumi ospitati dalla partizione/periferica nei drivers che usano dei settori più grandi di 4096 byte. Comunque, notate che potete creare dei contenitori in tali driver. - Non è ora possibile cifrare un sistema installato su un disco che usa una dimensione settore diversa da 512 byte. - Il loader di avvio di VeraCrypt richiede almeno 32 KB di spazio libero all’inizio del sistema (Il VeraCrypt Boot Loader ha bisogno di essere salvato in questa area). Sfortunatamente, il vostro drive non incontra questa condizione.\n\nVi chiediamo di NON considerare questo come un difetto /problema in VeraCrypt. Per risolvere questo problema, avete bisogno di una ripartizione del vostro disco, lasciando i primi 32 KB di spazio libero (nella maggior parte dei casi, avrete bisogno di eliminare e ricreare la prima parizione). Vi raccomandiamo di usare il gestore partizioni Microsoft disponibile, ad esempio, quando state installando Windows. - Questa funzione non è supportata dalla versione del sistema operativo che state utilizzando attualmente. - VeraCrypt non supporta la codifica di una partizione o disco di sistema nella versione del sistema operativo che state utilizzando attualmente. - Prima che possiate codificare la partizione o drive di sistema in Windows Vista, dovete installare il Service Pack 1 o superiore per Windows Vista (nessun Service Pack è stato ancora installato in questo sistema).\n\nNota: il service Pack 1 per Windows Vista ha risolto un problema causando una riduzione della memoria libera di base durante il riavvio del sistema. - VeraCrypt non supporta più la codifica della partizione/disco di sistema in Windows Vista con nessun Service Pack installato. Prima di aggiornare VeraCrypt, installare il Service Pack 1 o superiore per Windows Vista. - Errore: Questa funzione richiede che VeraCrypt sia installato nel sistema (state eseguendo VeraCrypt in modalità portabile).\n\nInstallate VeraCrypt e ritentate. - AVVERTENZA: Windows non sembra essere installato nel drive dal quale esso viene avviato. Questo non è supportato.\n\nDovete continuare solo se voi siete sicuri che Windows sia installato nel drive dal quale esso viene avviato.\n\nVolete continuare? - Il vostro system drive ha una tabella GUID di partizione (GPT). Attualmente, sono supportati solamente i drive con una tabella di partizione MBR. - ATTENZIONE: Il loader di avvio di VeraCrypt Boot già installato nel vostro system drive!\n\nNon è possibile che un altro sistema sul vostro computer sia già criptato.\n\nATTENZIONE: PROCEDERE CON LA CODIFICA DEL SISTEMA ATTUALMENTE IN ESECUZIONE PUO’ RENDERE GLI ALTRI SISTEMI IMPOSSIBILE DA AVVIARE ED I RELATIVI DATI INACCESSIBILI.\n\nSiete sicuri di voler continuare? - Errore nel ripristino del loader originale di sistema.\n\nDovete usare il vostro disco di ripristino di VeraCrypt ('Opzioni riparazione' > 'Ripristina il loader di sistema originale') oppure il supporto di installazione di Windows per sostituire il loader di avvio di VeraCrypt con il loader di sistema di Windows. - Il system loader originale non sarà salvato sul disco di ripristino (causa probabile: file di backup mancante). - Errore nello scrivere il settore MBR .\n\nIl vostro BIOS non è configurato per proteggere il settore MBR. Verificate le impostazioni del vostro BIOS (pemete F2, Canc oppure Esc dopo aver acceso il vostro computer) per la protezione MBR/antivirus. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - La versione richiesta del loader di avvio di VeraCrypt attualmente non è installato. Questo può prevenire il salvataggio di alcune impostazioni. - Nota: In alcune situazioni, volete evitare ad una persona (avversario) che sta aspettando l’avvio del vostro computer per sapere che state usando VeraCrypt. Le opzioni in basso vi consentono di fare questo personalizzando lo schermo di avvio di VeraCrypt. Se abilitate la prima opzione, nessun testo sarà mostrato dal loader di avvio (non anche quando avete digitato la passwoed errata). Il computer sembrerà essere "congelato", mentre però voi potete digitare la vostra password. In aggiunta, un messaggio personale può essere mostrato per ingannare l’avversario. Per esempio, un messaggio di errore fasullo come "Sistema operativo mancante" (che viene normalmente mostrato dal loader di avvio di Windows se esso non trova nessuna partizione di avvio di Windows). E’ comunque importante notare che se l’avversario può analizzare il contenuto del disco rigido, esso può ancora trovare che esso contiene il loader di avvio di VeraCrypt. - AVVERTENZA: Tenere in mente che, se attivate questa opzione, il loader di avvio di VeraCrypt non mostrerà nessun testo (non anche quando inserite una password errata). Il computer sembrerà come "congelato" (non rispondente) mentre potete digitare la vostra password (Il cursore NON si muoverà e nessun asterisco non sarà mostrando premendo un tasto).\n\nSiete sicuri di voler attivare questa opzione? - La vostra partizione/disco di sistema sembra completamente Crittata. - VeraCrypt non supporta la codifica di un disco di sistema che è stato convertito in un disco dinamico. - L'unità di sistema contiene la partizione estesa (logica).\n\nPotete cifrare un intera unità di sistema contenente queste partizioni solo in Windows Vista e le ultime versioni di Windows. In Windows XP, potete cifrare un intera unità di sistema, fornendo che esso contenga solo le partizioni primarie.\n\nNota: Potete ancora cifrare la partizione di sistema invece dell'intera unità di sistema (ed, in aggiunta a questo, potete creare dei volumi VeraCrypt ospitati da partizioni all'interno di qualsiasi partizione non di sistema nel drive). - ATTENZIONE: Siccome siete in ambiente Windows XP/2003, dopo aver cominciato a cifrare l’unità, NON potete creare nessuna partizione estesa (logica) in essa (potete solo creare delle partizioni primarie). Qualsiasi partizione estesa (logica) sul drive può essere inaccessibile dopo aver iniziato la cifratura (il drive attualmente non contiene nessuna di tali partizioni).\n\nNota: Se questa limitazione non è accettabile, potete tornare indietro e scegliere di cifrare solo la partizione di sistema invece dell’intara unità (e, in aggiunta a questo, potete creare dei volumi VeraCrypt ospitati dalla partizione all’interno di partizioni non di sistema nell’unità).\n\nIn alternativa, se questa limitazione non è accettabile, potete voler considerare l’aggiornamento a Windows Vista oppure all’ultima versione di Windows (potete cifrare un’ intera unità di sistema contenente partizioni estese/logiche solo in Windows Vista o superiore). - Il vostro disco di sistema contiene una partizione non valida.\n\nSe state utilizzando un notebook, il vostro sistema probabilmente contiene una partizione di ripristino. Dopo la criptato dell'intero disco di sistema (incluse ogni partizione di ripristino), il sistema potrebbe diventare non avviabile se il computer utilizza un BIOS non appropriato. Inoltre potrebbe essere impossibile usare qualsiasi partizione di ripristino fino a quando il disco di sistema non fosse decriptato. Pertanto consigliamo di criptare solo la partizione di sistema. - Volete codificare la partizione di sistema invece di tutto il disco?\n\nDa notare che potete creare delle partizioni ospitate nei volumi VeraCrypt all’interno di qualsiasi partizione non di sistema nel drive (in aggiunta alla codifica della partizione di sistema). - Siccome il vostro disco di sistema contiene solamente una singola partizione che occupa tutto il disco, è preferibile (perchè più sicuro) codificare tutto il disco, compreso anche lo spazio libero di "slack" che circonda tipicamente tale partizione.\n\nVolete codificare l’intero disco di sistema? - Il vostro sistema è configurato per memorizzare i file temporanei su una partizione non di sistema.\n\nI file temporanei possono essere memorizzati solo nella partizione di sistema. - Il vostri file di profilo utente non sono memorizzati nella partizione di sistema.\n\nI file del profilo utente possono essere memorizzati solo nella partizione di sistema. - Ci sono dei file di paging in una partizione non di sistema.\n\nI file di paging devono essere localizzati solo nella partizione di sistema. - Volete ora configurare Windows per creare i file di paging solo nella partizione di Windows?\n\nNotate che se fate click su 'Sì', il computer sarà riavviato. Quindi avviare VeraCrypt e tentare nuovamente la creazione del sistema operativo nascosto. - Diversamente, un diniego plausibile del sistema operativo nascosto può essere colpito avversamente.\n\nNota: Se un avversario analizza il contenuto di certi file (residenti in una partizione non di sistema), può scoprire che avete usato questa procedura nella maniera di creazione del volume nascosto (il quale può indicare l’esistenza di un sistema operativo nascosto sul vostro computer). Notate pure che qualsiasi file di tale genere viene memorizzato nella partizione di sistema sarà cancellato definitivamente da VeraCrypt durante il processo di creazione del sistema operativo nascosto. - WARNING: Durante il processo di creazione del sistema operativo nascosto, vi verrà richiesta la reinstallazione completa del sistema attualmente in esecuzione (allo scopo di creare un sistema di inganno sicuro).\n\nNota: Il sistema operativo attualmente in esecuzione e l'intero contenuto della partizione di sistema saranno copiati nel volume nascosto (allo scopo di creare il sistema nascosto).\n\n\nSiete sicuri di poter installare Windows usando il supporto di installazione di Windows (oppure usando una partizione di servizio)? - Per ragioni di sicurezza, se il sistema operativo attualmente in esecuzione richiede l'attivazione, esso deve essere attivato prima di procedure Notate che il sistema operativo nascosto deve essere creato copiando il contenuto della partizione di sistema in un volume nascosto (in modo che, se questo sistema operative non è attivato, anche il sistema operaativo nascosto non sarà attivato). Per maggiori informazioni vedere la sezione "Security Requirements and Precautions Pertaining to Hidden Volumes" nella VeraCrypt User's Guide.\n\nImportante: Prima di procedure, assicuratevi di aver letto la sezione della guida di VeraCrypt citata sopra.\n\n\nIl sistema operativo attualmente in esecuzione incontra le condizioni di cui sopra? - Il vostro sistema usa un extra boot della partizione. VeraCrypt non supporta l’ibernazione nei sistemi operativi ignoti che usano tale extra boot (I sistemi “di inganno” possono essere ibernati senza nessun problema).\n\nDa notare che la partizione di avvio deve essere condivisa dai due sistemi operativi (di “inganno” ed nascosto). Per questo, allo scopo di prevenire la perdita di dati ed I problemi al riavvio dopo l’ibernazione, VeraCrypt ha da impedire al sistema nascosto di scrivere nella partizione di avvio condivisa e dalla ibernazione.\n\n\nVolete continuare? Selezionando “No”, verranno mostrate le istruzioni per rimuovere l’extra boot della partizione. - \nL’extra boot della partizione può essere rimosso prima di installare Windows. Per fare questo, seguite questa procedura:\n\n1) Avviate il vostro disco di installazione di Windows.\n\n2)Nello schermo di installazione di Windows fate clic su “Installa”> “Personalizzata (avanzata)”.\n\n3) Fate clic su “Opzioni unità”.\n\n4) Selezionare la partizione di sistema ed eliminatela facendo clic su “Elimina”e quindi “OK”.\n\n5) Selezionare la partizione “Riservata al sistema”, fate clic su “Estendi” ed aumentate la sua dimensione in modo che il sistema operative possa essere installato in essa.\n\n6)Fate clic su “Applica” ed “OK”.\n\n7) Installare Windows nella partizione “Riservata al sistema”.\n\n\nDovrebbe ora un attaccante chiedervi chi ha rimosso l’extra boot della partizione. Potreste quindi rispondere che volevate prevenire qualsiasi danno ai dati nella partizione di avvio non Crittata.\n\nNota: Potete stampare questo testo facendo clic sul tasto “Stampa” sotto. Se voi salvate una copia di questo testo o la stampate (raccomandata rigorosamente, finché la vostra stampante conserva delle copie di documenti nella sua unità interna), dovete distruggere qualsiasi copia di esso dopo la rimozione dell’extra boot della partizione (diversamente, se viene trovata una di tali copie, essa potrebbe segnalare la presenza di un sistema operativo nascosto in questo computer). - AVVERTENZA: C’è uno spazio non allocato tra la partizione di sistema e la prima partizione dietro di essa. Dopo aver creato il sistema operativo nascosto, non dovete creare nessuna nuova partizione in questo spazio non allocato. Diversamente sarà impossibile avviare il sistema operativo nascosto (finché voi eliminate tali nuove partizioni create). - Questo algoritmo non è attualmente supportato per la codifica del sistema. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - I file chiave sono attualmente non supportate dalla codifica di sistema. - AVVERTENZA: VeraCrypt non può ripristinare la configurazione originale della tastiera. Questo può causare la digitazione errata della password. - ERRORE: Impossibile impostare la configurazione della tastiera per VeraCrypt nel layout standard tastiera USA.\n\nNotare che la password necessita di essere digitata in ambiente di pre-boot (prima dell’avvio di Windows) dove la configurazione delle tastiere Windows non americane non sono disponibili. Pertanto, la password deve essere sempre digitata usando il layout tastiera standard USA. - Siccome VeraCrypt ha temporaneamente modificato il layout di tastiera in quello standard americano, non è possibile digitare i caratteri premendo i tasti mentre il tasto destro Alt è tenuto premuto. Comunque, potete digitare la maggior parte di tali caratteri premendo i tasti appropriati mentre il tasto Maiusc è tenuto premuto. - VeraCrypt ha impedito la modifica del layout della tastiera. - Nota: La password deve essere digitata in ambiente pre-boot (prima dell’avvio di Windows) dove le tastiere non americane non sono accettabili. Pertanto, la password deve essere sempre digitata usando la configurazione tastiera standard US. Quindi è importante notare che voi NON avete bisogno di disporre una reale tastiera americana. VeraCrypt assicura automaticamente che voi digitiate la password in sicurezza (sia ora che in ambiente pre-boot) anche se NON avete una vera tastiera americana. - Prima che voi possiate cifrare la partizione/unità, dovete creare un disco di ripristino di VeraCrypt (VRD), che serve ai seguenti scopi:\n\n- Se il VeraCrypt Boot Loader, la chiave principale oppure altri dati critici sono danneggiati, il VRD vi consente di ripristinarli(notare, comunque, che dovete sempre inserire la password corretta).\n\n- Se Windows risulta danneggiato e non può avviarsi, il VRD vi consente di decifrare permanentemente la partizione/drive prima dell'avvio di Windows.\n\n- Il VRD conterrà un backup del contenuto presente della prima traccia del disco (che contiene tipicamente un system loader oppure un boot manager) e vi consentirà di ripristinarli se necessario.\n\nIl file immagine ISO del disco di ripristino di VeraCrypt sarà creato nel percorso specificato sotto. - Dopo aver fatto clic su OK, Microsoft Windows Disc Image Burner sarà lanciato. Prego usatelo per masterizzare il file immagine ISO del disco di ripristino di VeraCrypt su un CD oppure DVD.\n\nDopo aver fatto questo, ritornare nella procedura di creazione volume di VeraCrypt e seguire le sue istruzioni. - L'immagine del disco di ripristino è stata creata e salvata in questo file:\n%s\n\nOra avete bisogno di masterizzarla in un CD o DVD.\n\n%lsDopo averla masterizzata, fate clic su Avanti per verificare che essa sia stata masterizzata correttamente. - L'immagine del disco di ripristino è stata creata e salvata in questo file:\n%s\n\nOra voi potete sia masterizzarla su CD/DVD oppure spostarla in un percorso sicuro per un uso in seguito.\n\n%lsFate clic su Avanti per continuare. - IMPORTANTE: Notare che il file deve essere scritto sul CD/DVD come file immagine disco ISO (non come file individuale). Per informazioni su come fare questo, fate riferimento alla documentazione del vostro programma di masterizzazione CD/DVD. Se non disponete di nessun software di scrittura CD/DVD che possa nasterizzare l'immagine ISO del disco su CD/DVD, fate clic sul link sotto per scaricare tale software libero.\n\n - Lancia Microsoft Windows Disc Image Burner - ATTENZIONE: Se avete già creato in passato un disco di ripristino di VeraCrypt non lo potete riutilizzare per questa partizione/disco di sistema perché è stato creato con una chiave master differente! Ogni volta che codificate una partizione/disco di sistema, dovete creare un nuovo disco di ripristino di VeraCrypt per esso, anche se usate la stessa password. - ERRORE: Impossibile salvare le impostazioni di codifica del sistema. - Impossibile d'iniziarizzare il pre-test codifica di sistema. - Impossibile inizializzare il processo di creazione del sistema operativo nascosto. - Modo pulizia - In alcuni tipi di periferiche di memoria, quando i dati vengono soprascritti da altri dati, può essere possibile recuperare i dati soprascritti usando delle tecniche come forza magnetica microscopica. Questo viene applicato pure ai dati che vengono soprascritti con la loro forma Crittata (questo avviene quando VeraCrypt codifica inizialmente codifica una partizione o disco decriptato). In accordo ad alcuni studi e pubblicazioni governative, il recupero dei dati soprascritti può essere evitato (o reso molto difficile) soprascrivendo i dati con certi dati pseudo casuali e non casuali per un certo numero di volte. Pertanto, se voi credete che un avversario possa essere capace di usare tali tecniche per recuperare i dati che intendete codificare, potete voler selezionare una delle modalità di pulizia (i dati esistenti NON saranno distrutti). Notate che questa modalità di pulizia NON può essere eseguita dopo la codifica della partizione/disco. Quando la partizione/disco è totalmente criptato, non viene scritto nessun dato non criptato in esso. Qualsiasi dato da scrivere in esso viene prima criptato al volo nella memoria, e solo quando esso viene criptato viene scritto sul disco. - In alcuni tipi di periferiche di memoria, quando i dati vengono soprascritti da altri dati, (cioè quando i dati vengono cancellati), può essere possibile recuperare i dati soprascritti usando delle tecniche come forza magnetica microscopica. In accordo ad alcuni studi e pubblicazioni governative, il recupero dei dati soprascritti può essere evitato (o reso molto difficile) soprascrivendo i dati con certi dati pseudo casuali e non casuali per un certo numero di volte. Pertanto, se voi credete che un avversario possa essere capace di usare tali tecniche per recuperare i dati cancellati, potete voler selezionare una delle modalità di pulizia a passaggi multipli.\n\nNota: Più passaggi di pulizia utilizzate, più tempo si impiega per cancellare i dati. - Pulizia - \nNota: Potete interrompere il processo di pulizia, spegnere il vostro computer, avviare il sistema nascosto nuovamente e riprendere il processo interrotto (questa procedura sarà lanciata automaticamente). Pertanto, se voi lo interrompete, l’intero processo di pulizia ripartirà dall’inizio. - \n\nNote: Se interrompete il processo di pulizia e quindi tentate di riprenderlo, l’intero processo di pulizia ripartirà dall’inizio. - Volete interrompere il processo di pulizia? - ATTENZIONE: L’intero contenuto della parizione/unità selezionata sarà cancellato e distrutto. - L’intero contenuto della partizione dove il sistema originale risiede sarà cancellato.\n\nNota: L’intero contenuto della partizione che è stato cancellato è stato copiato nella partizione del sistema nascosto. - AVVERTENZA: Notate che se scegliete ad esempio una modalità di pulizia a 3 passaggi, il tempo necessario a codificare la partizione/unità sarà più di 4 volte superiore. Allo stesso modo, se scegliete una modalità di pulizia a 35 passaggi, ci vorrà un tempo superiore di 36 volte (può essere anche alcune settimane).\n\nNotate, comunque, che la pulizia NON può essere eseguita dopo che la partizione/unità sia totalmente Crittata. Quando la partizione/unità è totalmente Crittata, nessun dato non criptato viene scritto in esso. Qualsiasi dato da scrivere viene prima criptato al volo nella memoria e solo quando viene criptato esso viene scritto su disco (così le prestazioni NON saranno influenzate).\n\nSiete sicuri di voler usare la modalità di pulizia? - Nessuno (il più veloce) - 1-passaggio (dati casuali) - 3-passaggi (US DoD 5220.22-M) - 7-passaggi (US DoD 5220.22-M) - 35-passaggi ("Gutmann") - 256-passaggi - Numero di sistemi operativi - AVVERTENZA: Gli utenti non esperti non devono mai tentare di codificare Windows in configurazione di multi-avvio.\n\nContinuare? - Quando si usa o si crea un sistema operativo nascosto, VeraCrypt supporta una configurazione multi-avvio solo quando si verificano le seguenti condizioni:\n\n- Il sistema operativo attualmente in uso deve essere installato sul disco d'avvio (di boot), il quale non deve contenere altri sistemi operativi.\n\n- Sistemi operativi installati su altri drive non devono usare boot d'avvio residenti sul disco nel quale è installato l'attuale sistema operativo in uso.\n\nSi sono verificate le condizioni di cui sopra? - VeraCrypt non supporta questa configurazione multi-avvio quando si crea o si utilizza un sistema operativo nascosto. - Disco di avvio - Il sistema operativo attualmente in esecuzione è installato nel disco di avvio?\n\nNota: Qualche volta, Windows non è installato sullo stesso percorso come il loader di avvio di Windows (partizione di avvio). Se siete in questa situazione, selezionate 'No'. - Attualmente, VeraCrypt non supporta la codifica di un sistema operativo che non si avvia dal drive dove è installato. - Numero dischi di sistema - Quanti dischi contengono un sistema operativo?\n\nNota: Per esempio, se avete uno qualsiasi dei sistemi operativi (esempio Windows, Mac OS X, Linux, ecc.) installato sul vostro drive primario ed uno dei sistemi operativi installati sul vostro disco secondario, selezionare '2 o più'. - Attualmente VeraCrypt non supporta la codifica dell’intero drive contenente sistemi operativi multipli.\n\nPossibili soluzioni:\n\n- Potete ancora codificare uno dei sistemi se voi andate indietro e scegliete la codifica di una singola partizione di sistema (in opposizione alla scelta di codifica dell’intero disco di sistema).\n\n- In alternativa, potete codificare l’intero drive se spostate alcuni dei sistemi in altre unità, lasciando solo un sistema sul drive che volete codificare. - Sistemi multipli su un drive singolo - Esiste un qualsiasi altro sistema operativo installato sul drive nel quale il sistema operativo attualmente in esecuzione è installato?\n\nNota: per esempio, se il sistema operativo attualmente in esecuzione è installato sul drive #0, che contene diverse partizioni, e se una delle partizioni contiene Windows ed un’altra partizione contiene qualsiasi sistema operativo aggiuntivo (cioè Windows, Mac OS X, Linux, ecc.), selezionare 'Sì'. - Loader di avvio non di Windows - Un loader o manager di avvio di Windows è installato nel manager di avvio principale (MBR)?\n\nNota: Per esempio, se la prima traccia del disco di avvio contiene GRUB, LILO, XOSL, o alcuni altri manager o loader di avvio non di Windows, selezionare 'Si'. - Avvio multiplo - Attualmente VeraCrypt non supporta ancora le configurazioni avvio multiplo dove un loader di avvio non di Windows è installato nel record di avvio principale.\n\nSoluzioni possibili:\n\n - Se usate un manager di avvio per avviare Windows e Linux, spostare il manager di avvio (chiamato tipicamente GRUB) dal record di avvio master ad una partizione, quindi avviate nuovamente questa procedura e Codificate la partizione/disco di sistema. Notate che il loader di avvio di VeraCrypt diventerà il vostro manager di avvio principale e vi consentirà di lanciare il manager di avvio originale (cioè GRUB) come il vostro manager di avvio secondario (premendo il tasto Esc nello schermo del loader di avvio di VeraCrypt) e quindi potrete lanciare Linux. - Se il sistema operativo in esecuzione è installato sulla partizione di avvio, dopo averla criptato, avrete bisogno di digitare la password corretta anche se volete avviare un altro sistema Windows non decriptato (siccome essi condividono una singolo loader/manager di avvio di Windows non criptato).\n\nA contrario, se il sistema operativo attualmente in esecuzione sulla partizione di avvio (o se il loader/manager di avvio di Windows non è utilizzato da nessun altro sistema), aver criptato sistema, non avrete bisogno di digitare la password corretta per avviare l'altro sistema decriptato. Dovrete solamente premere il tasto ESC per avviare il sistema decriptato (se ci sono sistemi DeCodificati multipli, avrete bisogno di selezionare pure quale sistema da avviare nel manager di avvio di VeraCrypt).\n\nNote: Tipicamente, il primo sistema di Windows è installato nella partizione di avvio. - Codifica dell’area ospite protetta - Alla fine di molti dischi, c'è un'area che è normalmente nascosta dal sistema operativo (tali aree sono chiamate di solito come Aree ospiti protette). Comunque, alcuni programmi possono leggere e possono scrivere dei dati da/in tali aree. n ATTENZIONE: Alcuni fabbricanti di computer possono usare tali aree per memorizzare degli strumenti e dei dati per il recupero di sistema RAID, per le impostazioni del sistema, per scopi diagnostici o altro. Se tali strumenti o dati devono essere accessibili prima dell’avvio, l'area ignota NON dovrebbe essere Crittata (scegliere NO sopra).\n\nVolete che VeraCrypt scopra e cifri tale area ignota (se esiste) alla fine del disco? - Tipo di codifica di sistema - Selezionare questa opzione se volete soltanto codificare la partizione di sistema oppure l’intero disco di sistema. - Può accadere che siate obbligati da qualcuno a decifrare il sistema operativo. Ci sono molte situazioni in cui non potete rifiutarvi di farlo (ad esempio, in caso di estorsione). Selezionando questa opzione creerete un sistema operativo nascosto la cui esistenza sarà impossibile da provare (a condizione che vengano seguite queste linee guida). Quindi, non avrete da decifrare o rivelare la password al sistema operativo nascosto. Per una spiegazione dettagliata, fate clic sul link in basso. - Può accadere che siate obbligati da qualcuno a decifrare il sistema operativo. Ci sono molte situazioni in cui non potete rifiutarvi di farlo (ad esempio, in caso di estorsione).\n\nUsando questa procedura potrete creare un sistema operativo nascosto la cui esistenza sarà impossibile da provare (a condizione che vengano seguite queste linee guida). Quindi, non avrete da decifrare o rivelare la password per il sistema operativo nascosto. - Sistema operativo nascosto - Nei passi seguenti, voi creerete due volumi VeraCrypt (esterno ed nascosto) all’interno della prima partizione dietro a quella di sistema. Il volume nascosto conterrà il sistema operativo nascosto (OS). VeraCrypt creerà l’OS nascosto copiando il contenuto della partizione di sistema (dove l’OS attualmente in esecuzione è installato) nel volume nascosto. Nel volume nascosto, copierete alcuni dati che sembrano sensitivi e che attualmente NON desiderate nascondere. Questi saranno qui a disposizione di chi vi forza a svelare la password per la partizione dell’OS nascosto. Potete rivelare la password per il volume esterno all’interno della partizione dell’OS nascosto (comunque, l’esistenza dell’OS nascosto rimane segreta).\n\nFinalmente, nella partizione di sistema dell’ OS attualmente in esecuzione, voi installerete un nuovo OS, cosiddetto OS di richiamo, e quindi codificarlo. Non deve contenere dei dati sensibili e deve essere presente per chiunque vi costringe a rivelare la password di autenticazione di preavvio. In totale, ci saranno tre password. Due di esse possono essere svelate (per l’OS di richiamo ed il volume esterno). Usando la terza password, l’OS nascosto potrà partire. - Scoperta di settori ignoti - Attendete mentre VeraCrypt sta scoprendo i possibili settori ignoti alla fine del disco di sistema. Notate che può impiegare un tempo lungo per essere completato.\n\nNota: In casi molto rari, su dei computer il sistema può diventare apatico durante questo processo di ricerca. Se questo accade, riavviate il computer, avviate VeraCrypt, ripetete i passi precedenti ma ignorate questo processo di ricerca. Notate che questo problema non è causato da un errore in VeraCrypt. - Area da codificare - Selezionare questa opzione se volete cifrare l’intera unità nella qualeè installato il sistema Windows attualmente in esecuzione. L’intera unità, comprese tutte le sue partizioni, sarà cifrata ad eccezione della prima traccia dove risiederà il Boot Loader di VeraCrypt . Chiunque voglia accedere al sistema installato sul disco, oppure ai file memorizzati sul disco, dovrà digitare la password corretta ogni qualvolta il sistema si avvia. Questa opzione non può essere usata per cifrare un disco secondario o esterno se Windows non è installato e non si avvia da esso. - Raccolta di dati casuali - Chiavi generate - VeraCrypt non ha trovato nessun masterizzatore CD/DVD connessa al vostro computer. VeraCrypt necessita di un masterizzatore CD/DVD per scrivere un disc o di ripristino VeraCrypt auto-avviante contenente un backup delle chiavi di codifica, il boot loader di VeraCrypt, il loader di sistema originale ecc.\n\nVi raccomandiamo strettamente di masterizzare il disco di ripristino di VeraCrypt . - Non ho nessun masterizzatore CD/DVD ma salverò l’immagine ISO del disco di ripristino su unità removibile (cioè unità flash USB ). - Connetterò un masterizzatore CD/DVD al mio computer in seguito. Terminare il processo ora. - Un masterizzatore CD/DVD è ora connesso al mio computer. Continua e scrivi il disco di ripristino. - Seguire questa procedura:\n\n1) Collegare ora un disco removibile, come un disco flash USB al vostro computer.\n\n2) Copiare il file imagine del disco di ripristino di VeraCrypt Rescue Disk (%s) nel disco removibile.\n\nNel caso in cui avete bisogno di usare il disco di ripristino in future, potrete collegare la vostra unità removibile (contenente l’immagine del disco di ripristino) ad un computer dotato di masterizzatore CD/DVD e create un disco di ripristino auto avviante, scrivendo l’immagine su CD o DVD. IMPORTANTE: Notate che il file imagine del disco di ripristino va scritto sul CD/DVD come un’immagine disco ISO (non come file individuale). - Creazione disco di ripristino - Disco di ripristino creato - Pre-test di codifica del sistema - Disco di ripristino verificato - \nIl disco di ripristino di VeraCrypt è stato verificato con successo. Rimuovetelo ora dal drive e conservatelo in un posto scuro.\n\nFate click su 'Avanti' per continuare. - AVVERTENZA: Durante i prossimi passi, il disco di ripristino di VeraCrypt NON deve essere nel drive, altrimenti non sarà possibile completare i passi correttamente.\n\nRimuovetelo ora dal drive e conservatelo in un posto sicuro, quindi fate click su OK. - AVVERTENZA: A causa di limitazioni tecniche dell'ambiente di pre-boot, i testi mostrati da VeraCrypt in questo ambiente (cioè prima dell’avvio di Windows) non può essere localizzati. L’interfaccia utente del loader di avvio di VeraCrypt è solamente in lingua inglese.\n\nContinuare? - Prima di codificare la vostra partizione o disco di sistema, VeraCrypt ha bisogno di verificare che tutto funzioni correttamente.\n\nDopo aver fatto click su Prova, tutti i componenti necessari (per esempio, il componente di autenticazione di pre-boot, cioè il loader di avvio di VeraCrypt) sarà installato ed il vostro computer sarà riavviato. Dovrete quindi digitare la password nello schermo del loader di avvio di VeraCrypt che apparirà prima dell’avvio di Windows. Dopo che Windows si avvia, sarete informato automaticamente sul risultato di questa verifica.\n\nLa seguente unità sarà modificata: Disco #%d\n\n\n Se ora fate click su Annulla, non sarà installato nulla e le verifiche non saranno eseguite. - NOTE IMPORTANTI – DA LEGGERE O STAMPARE (fate clic su “Stampa”):\n\nNotate che nessuno dei vostri file saranno cifrati prima di aver riavviato il vostro computer ed avviato Windows. In questo modo, se qualcosa fallisce, i vostri dati NON saranno persi. Comunque, se qualcosa va in errore, potrete incontrare delle difficoltà nell’avvio di Windows. Pertanto, leggere (e, se possible, stampare) le seguenti line guida su quello che va fatto se Windows non può partire dopo il riavvio del computer.\n\n - Quello che dovete fare se Windows non può partire\n------------------------------------------------\n\nNota: Queste istruzioni sono valide solo se non avete iniziato la codifica.\n\n- Se Windows non parte dopo aver digitato la password corretta (oppure se voi digitate ripetutamente la password corretta e VeraCrypt dice che la password è sbagliata), niente paura!. Riavviate (spegnete e riaccendete) il computer e, nello schermo del boot loader di VeraCrypt, premere il tasto Esc nella vostra tastiera (e, se avete più sistemi, scegliere quello da avviare). Quindi, Windows deve partire (non criptato) e VeraCrypt vi chiederà automaticamente se voi volete disinstallare il componente di autenticazione pre-boot. Da notare che i passi precedenti NON lavorano se la partizione/unità di sistema è criptato (nessuno può avviare Windows o accedere ai dati cifrati nel disco senza la password corretta anche se esso segue i passi precedenti).\n\n - -Se il passo precedente non vi aiuta oppure se lo schermo del boot loader di VeraCrypt non appare (prima dell’avvio di Windows), inserire il disco di ripristino di VeraCrypt nella vostra unità CD/DVD e riavviate il vostro computer. Se non appare lo schermo del disco di ripristino di VeraCrypt (oppure se non vedete la voce “Repair Options” nella sezione “Keyboard Controls” nello schermo del disco di ripristino di VeraCrypt), è possibile che il vostro BIOS sia configurato per tentare l’avvio da disco rigido prima dell’unità CD/DVD. Se siete in questo caso, riavviate il vostro computer, premete F2 o Canc (per accedere allo schermo di avvio del BIOS), ed attendete finché appare lo schermo di configurazione del BIOS. Se non appare nessuno schermo configurazione BIOS riavviare (reset) il computer e ripartire premendo F2 o Canc ripetutamente fino al riavvio del computer. Quando appare uno schermo di configurazione BIOS, configurare la vostra BIOS per l’avvio dall’unità CD/DVD per prima (per informazioni su come fare questo, riferitevi alla documentazione del vostro BIOS/scheda madre oppure contattare il supporto tecnico del vostro venditore per assistenza). Quindi riavviare il vostro computer. Lo schermo del disco di ripristino di VeraCrypt dovrà ora apparire. In questo schermo selezionare il menu “Repair Options” premendo il tasto F8 nella vostra tastiera. Da questo menu selezionare la voce “Restore original system loader”. Rimuovere il disco di ripristino dalla vostra unità CD/DVD e riavviare il vostro computer. Windows dovrà avviarsi normalmente (non criptato).\n\n - Da notare che il passo precedente NON lavora se la partizione/unità di sistema non è cifrata (nessuno può avviare Windows o accedere ai dati cifrati nel disco senza la password corretta anche se esso segue i passi precedenti).\n\n\nNotate che anche se perdete il vostro disco di ripristino di VeraCrypt ed un avversario lo ritrova, esso NON può decifrare la partizione di sistema senza aver digitato la password corretta. - Verifica terminata - Il pre-test è stato completato con successo.\n\nATTENZIONE: Notate che se l’alimentazione elettrica viene interrotta bruscamente mentre avviene la codifica in posto dei dati esistenti, oppure quando il sistema operativo va in crash a causa di un errore software o malfunzionamento hardware mentre VeraCrypt sta codificando i dati in posto, porzioni di dati potranno essere corrotte o distrutti. Pertanto, prima di avviare la codifica, assicuratevi di essere sicuri di aver fatto delle copie di back up dei file che volete codificare. Se non fate questo, fate ora il back up dei file (potete fare click su Rimanda, fare il back up dei file, eseguire VeraCrypt nuovamente, e selezionare 'Sistema' > 'Ripristina processi interrotti' per avviare la codifica).\n\nQuando siete pronti, fate click su Codifica per avviare la codifica. - Potete fare clic su Pausa oppure Rimanda ogni volta per interrompere il processo di codifica o decodifica, uscire da questa procedura, riavviare o spegnere il vostro computer e quindi riprendere il processo, che continuerà dal punto in cui è stato fermato. Per evitare il rallentamento quando il sistema o le applicazioni legge o scrive dati dal disco di sistema, VeraCrypt attende automaticamente finché i dati vengono scritti o letti (vedere Status sopra) e quindi continua automaticamente la cifratura o decifratura. - \n\nPotete fare click Pausa o Rimanda ogni volta per interrompere il processo di codifica, chiudere questa procedura, riavviare o spegnere il vostro computer e quindi riprendere il processo che continuerà dal punto in cui è stata fermata. Notate che il volume non può essere montato finché non viene totalmente criptato. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Sistema nascosto avviato - Sistema originale - Windows crea (tipicamente, a vostra insaputa e senza vostro consenso) vari file log, temporanei ecc. nella partizione di sistema. Esso anche salva il contenuto della RAM nei file di ibernazione e file paging collocati nella partizione di sistema. Pertanto, se un avversario analizza i file memorizzati nella partizione di sistema dove risiede il sistema originale (del quale il sistema nascosto è un clone), potrebbe scoprire, per esempio, che avete usato la procedura guidata di VeraCrypt nella modalità di creazione del sistema nascosto (che potrebbe segnalare l’esistenza di un sistema operativo nascosto nel vostro computer).\n\nPer evitare tale problema, VeraCrypt deve, nei passi successivi, eliminare sicuramente l’intero contenuto della partizione dove risiede il sistema originale. Dopo, allo scopo di realizzare una scusa plausibile, dovete installare un nuovo sistema nella partizione e codificarla. Quindi voi creerete il sistema di richiamo e l’intero processo di creazione del sistema operativo nascosto sarà completato. - Il sistema operativo nascosto è stato creato con successo. Comunque, prima di iniziare ad usarlo (e realizzare una scusa plausibile), dovete cancellare sicuramente (usando VeraCrypt) l’intero contenuto della partizione dove è installato il sistema operativo attualmente in esecuzione. Prima di fare questo, avete bisogno di riavviare il computer e, nello schermo del loader di avvio di VeraCrypt (che appare prima dell’avvio di Windows), digitare la password di autenticazione pre-bootper il sistema operativo nascosto. Quindi, dopo che il sistema nascosto si avvia, sarà lanciata automaticamente la procedura di VeraCrypt.\n\nNota: Se scegliete di terminare adesso il processo di creazione per il sistema operativo nascosto, voi NON potrete riprendere il processo ed il sistema NON sarà accessibile (perché il loader di avvio di VeraCrypt sarà rimosso). - Avete schedulato il processo della creazione del sistema operativo nascosto. Tale processo non è stato ancora completato. Per completarlo, dovete riavviare il computer e, nello schermo del loader di avvio di VeraCrypt (che appare prima dell’avvio di Windows), digitare la password per il sistema operativo nascosto.\n\nNota: Se scegliete ora il processo di creazione del sistema operativo nascosto, voi NON potrete riprendere il processo. - Riavviare il computer e procedere - Terminare definitivamente il processo di creazione del sistema operativo nascosto - Non fare niente ora e chiedere nuovamente in seguito - \nSE POSSIBILE, STAMPARE QUESTO TESTO (fare clic “Stampa” sotto).\n\n\nCome e quando usare il disco di ripristino di VeraCrypt (dopo la cifratura)\n-----------------------------------------------------------------------------------\n\n - I. Come avviare il disco di ripristino di VeraCrypt \n\nPer avviare un disco di rioristino di VeraCrypt , inserirlo nella vostra unità CD/DVD e riavviare il vostro computer. Se lo schermo del disco di ripristino non appare (oppure se non vedete la voce “Repair Options” nella sezione “Keyboard Controls” nello schermo), è possibile che il vostro BIOS sia configurato per tentare l’avvio da disco rigido prima dell’unità CD/DVD. Se siete in questo caso, riavviate il vostro computer, premete F2 o Canc (per accedere allo schermo di avvio del BIOS), ed attendete finché appare lo schermo di configurazione del BIOS. Se non appare nessuno schermo configurazione BIOS riavviare (reset) il computer e ripartire premendo F2 o Canc ripetutamente fino al riavvio (reset) del computer. Quando appare uno schermo di configurazione BIOS, configurare la vostra BIOS per l’avvio dall’unità CD/DVD per prima (per informazioni su come fare questo, riferitevi alla documentazione del vostro BIOS/scheda madre oppure contattare il supporto tecnico del vostro venditore per assistenza). Quindi riavviare il vostro computer. Lo schermo del disco di ripristino di VeraCrypt dovrà ora apparire.Nota: nello schermo del disco ripristino di TrueeCrypt potete selezionare “‘Repair Options” premendo il tasto F8 nella vostra tastiera.\n\n\n - II. Quando e come usare il disco di ripristino di VeraCrypt (dopo la cifratura)\n\n - 1) Se il boot loader di VeraCrypt non appare dopo l’avvio del vostro computer (o se Windows non si avvia), il boot loader di VeraCrypt può essere dannggiato. Il disco di ripristino di VeraCrypt vi consente di ripristinarlo e quindi riguadagnare l’accesso al vostro sistema criptato ed ai dati (dovete, comunque, digitare ancora la password corretta). Nello schermo del disco di ripristino, selezionare “Repair Options” > “Restore VeraCrypt Boot Loader”. Premere quindi “Y” per confermare l’azione, rimuovere il disco di ripristino dalla vostra unità CD/DVD e riavviare il computer.\n\n - 2) Se digitate ripetutamente la password corretta ma VeraCrypt vi dice che la password è errata, la chiave principale oppure altri dati critici possono essere danneggiati. Il disco di ripristino di VeraCrypt vi consente di ripristinarli e quindi riguadagnare l’accesso al vostro sistema e dati crittati (dovete comunque sempre digitare la password corretta). Nello schermo del disco di ripristino, selezionare “Repair Options” > “Restore key data”. Quindi digitare la vostra password, premere “Y” per confermare l’azione, rimuovere il vostro disco di ripristino dalla vostra unità CD/DVD e riavviare il vostrio computer.\n\n - 3) Se il boot loader di VeraCrypt è danneggiato, potete evitare la sua esecuzione avviando direttamente dal disco di ripristino di VeraCrypt . Inserire il vostro disco di ripristino nella vostra unità CD/DVD e quindi digitare la vostra password nello schermo del disco di ripristino.\n\n - 4) Se Windows è danneggiato e non può partire, il disco di ripristino di VeraCrypt vi consente di decrittare definitivamente la partizione/unità prima dell’avvio di Windows. Nello schermo del disco di ripristino selezionare “Repair Options” > “Permanently decrypt system partition/drive”. Digitare la password corretta ed attendere finché la decrittazione è completa. Quindi potete avviare il vostro CD/DVD di installazione MS Windows per riparare la vostra installazione di Windows.\n\n - Nota: in alternativa, se Windows è danneggiato (cioè non può partire) ed avete bisogno di ripararlo (oppure accedere ai file in esso), potete evitare di decrittare la partizione/unità di sistema seguendo questi passi: Se avete più sistemi operativi installati nel vostro computer, avviate quello che non richiede l’autenticazione di pre-boot. Se non avete sistemi operativi multipli nel vostro PC, potete avviare un CD/DVD WinPE oppure BartPE oppure potete collegare la vostra unità di sistema come un disco secondario o esterno a un altro computer e quindi avviare il sistema operative installato nel computer. Dopo aver avviato un sistema, eseguite VeraCrypt, fate clic “Select Device”, selezionare la partizione di sistema relativa, fate clic su “OK”, selezionare “System” > “Mount Without Pre-Boot Authentication”, digitare la vostra password di autenticazione pre-boot e fate clic su “OK”. La partizione sarà montata come un volume VeraCrypt regolare (I dati saranno crittati/decrittati al volo nella RAM all’accesso, come di solito).\n\n\n - Notate che anche se voi smarrite il vostro disco di ripristino di VeraCrypt ed un vostro avversario lo ritrova, egli NON potrà decrittare la partizione o disco di sistema senza la password corretta. - \n\nI M P O R T A N T E -- SE POSSIBILE STAMPARE QUESTO TESTO (facendo clic su 'Stampa' in basso).\n\n\nNota: Questo testo sarà mostrato automaticamente ogni volta che voi avviate il sistema nascosto dopo aver avviato la creazione del sistema di inganno.\n\n\n - Come creare un sistema di inganno sicuro ed in sicurezza\n----------------------------------------------------------------------------\n\nAllo scopo di consentire la negazione plausibile, dovete creare ora il sistema operativo di inganno. Per farlo, seguite questi passi:\n\n - 1) Per ragioni di sicurezza, spegnete il vostro computer e lasciatelo spento almeno per diversi minuti (meglio se molti). Questo viene richiesto per ripulire la memoria, che contiene i dati sensibili. Quindi, riaccendere il computer ma non avviate il sistema nascosto.\n\n - 2) Installare Windows nella partizione il quale contenuto è stato cancellato (cioè nella partizione dove il sistema originale, del quale il sistema nascosto è un clone, era installato).\n\nIMPORTANTE: QUANDO AVVIATE L'INSTALLAZIONE DEL SISTEMA DI INGANNO, NON SARA'POSSIBILE AVVIARE IL SISTEMA nascosto (perchè il loader di avvio di VeraCrypt verrà cancellato dall'installer del sistema operativo Windows). QUESTO E'NORMALE E PREVISTO. NESSUN PANICO. POTRETE RIAVVIARE IL SISTEMA nascosto APPENA AVVIATE LA CODIFICA DEL SISTEMA DI INGANNO (perchè VeraCrypt installerà automaticamente il suo loader di avvio nel drive di sistema).\n\nImportante: la dimensione del sistema di inganno deve rimnere la stessa del volume nascosto (questa condizione ora è richiesta). Inoltre, non dovet creare nessuna partizione tra quella del sistema di inganno e quella in cui risiede il sistema nascosto.\n\n - 3) Avviare il sistema di inganno (installato nel passo 2 ed installarvi VeraCrypt).\n\nTenete a mente che il sistema di inganno non deve contenere nessun dato sensibile.\n\n - 4) Nel sistema di inganno, avviate VeraCrypt e selezionate 'Sistema' > 'Codifica partizione/drive di sistema'. Apparirà la procedura di creazione volume VeraCrypt.\n\nI passi che seguono vengono applicati a questa procedura guidata.\n\n - 5) Nella procedura creazione volume VeraCrypt NON selezionare l'opzione 'nascosto'. Lasciare l'opzione 'Normale' selezionata e fate clic su 'Avanti'.\n\n - 6) Selezionare l'opzione 'Cifra la partizione di sistema Windows' e fare clic su 'Avanti'.\n\n - 7) Se nel computer vi sono installati solo il sistema operativo nascosto e quello di inganno, selezionate l'opzione 'Single-Boot' (se ci sono più di questi due sistemi installati nel PC selezionate 'Multi-boot'). Fate quindi clic su 'Avanti'.\n\n - 8) IMPORTANTE: In questo passo, PER IL SISTEMA DI INGANNO, dovete selezionare LO STESSO ALGORITMO DI CODIFICA E DI CONFUSIONE CHE AVETE SELEZIONATO PER IL SISTEMA nascosto! DIVERSAMENTE, IL SISTEMA nascosto SARA' INACCESSIBILE! In altre parole, il sistema di inganno sarà criptato con lo stesso algoritmo di codifica del sistema nascosto. Nota: La ragione è che il sistema di inganno e quello nascosto condivideranno un single boot loader, che supporta solo un algoritmo singolo, selezionato dall'utente (per ogni algoritmo, c'è una versione speciale del Boot loader di VeraCrypt).\n\n - 9) In questo passo, scegliere una password per il sistema operativo di inganno. Questa sarà la password che potrete rivelare ad un avversario se vi viene chiesto o se siete obbligati a svelare la vostra autenticazione di pre-boot (l'altra password che potete rivelare è una per il volume esterno). L'esistenza della terza password (cioè quella per l'autenticazione pre-boot del sistema operativo nascosto) rimarrà quindi segreta.\n\nImportante: la password da voi scelta per il sistema di inganno deve essere sostanzialmente differente da quella scelta per il volume nascosto (cioè per il sistema operativo nascosto).\n\n - 10) Seguire le istruzioni rimanenti nella procedura così da codificare il sistema operativo di inganno.\n\n\n\n - Dopo aver creato il sistema “di inganno”\n------------------------------------------------\n\nDopo aver criptato il sistema “di inganno” l’intero processo di creazione del sistema operativo nascosto verrà completato e voi potrete usare queste 3 passwords:\n\n1)Password di autenticazione pre-boot per il sistema operativo nascosto.\n\n2) Password di autenticazione pre-boot per il sistema operativo “di inganno” .\n\n3) Password per il volume esterno.\n\n - Se volete avviare il sistema operativo nascosto, dovete semplicemente digitare la password per questo sistema nello schermo del boot loader di VeraCrypt (che appare quando accendete o riavviate il vostro computer).\n\nDovete fare lo stesso per il sistema operativo “di inganno”.\n\nPotete solo rivelare la password per il sistema “di inganno” a chiunque vi obbliga a svelare la vostra password di autenticazione pre-boot. L’esistenza del volume nascosto (e quindi del sistema operativo nascosto) rimarrà segreta.\n\n - La terza password (quella per il volume esterno) può essere svelata a chiunque vi obblighi a rivelare la password per la prima partizione dietro a quella di sistema, dove risiedono entrambi i volumi, esterno ed nascosto (contenente il sistema operativo nascosto). L’esistenza del volume nascosto rimarrà segreta.\n\n\n - Se rivelate la password per il sistema “di inganno” ad un vostro avversario ed esso vi chiede perchè lo spazio libero della partizione del sistema (quello “di inganno”) contiene dei dati casuali, voi potete rispondere, ad esempio: "La partizione conteneva prima un sistema criptato da VeraCrypt, ma io ho dimenticato la password di autenticazione pre-boot (quindi il sistema è stato danneggiato e non si avvia) in modo che ho dovuto reinstallare Windows e ricrittare la partizione."\n\n\n - Se vengono seguite tutte le istruzoni come tutte le precauzioni eI requisiti elencati nella sezione "Security Requirements and Precautions Pertaining to Hidden Volumes" nella VeraCrypt User's Guide , sarà impossibile provare l’esistenza del volume e del sistema operative nascosto, anche quando viene montato il volume esterno o quando il sistema operative “di inganno” viene decriptato oppure viene avviato.\n\nSe salvate una copia di questo testo o lo stampate (molto raccomandato, finchè la vostra stampante conserva delle copie dei documenti in stampa nella suo drive interno), dovete distruggere qualsasi copia di esso dopo aver creato il sistema di inganno e dopo aver capito tutte le informazioni contenute nel testo (altrimenti, se viene trovata una copia di questo testo, si può dimostrare la presenza di un sistema operativo nascosto in questo computer).\n\n - ATTENZIONE: SE NON PROTEGGETE IL VOLUME nascosto (per informazioni su come fare questo fate riferimento alla sezione "Protection of Hidden Volumes Against Damage" nella VeraCrypt User's Guide), NON SCRIVERE SUL VOLUME ESTERNO (notare che il sistema operativo “di inganno” NON è installato nel volume esterno). DIVERSAMENTE, POTETE SOVRASCRIVERE E DANNEGGIARE IL VOLUME ESTERNO ED IL SISTEMA OPERATIVO nascosto AL SUO INTERNO)! - Clonazione del sistema operativo - Nei passi successivi, VeraCrypt creerà il sistema operativo nascosto copiando il contenuto della partizione di sistema nel volume nascosto (i dati in copia saranno Codificati al volo con una chiave di codifica differente da quella usata per il sistema operativo di richiamo).\n\nNotate che il processo sarà eseguito in ambiente di pre-boot(prima dell’avvio di Windows) e può impiegare molto tempo per essere completato; diverse ore o anche diversi giorni (a seconda della dimensione della partizione di sistema e dalle prestazioni del vostro computer).\n\nVoi potrete interrompere il processo, spegnere il vostro computer, avviare il sistema operativo e riavviare il processo. Comunque, se interrompete tale processo, l’intera procedura di copia del sistema dovrà ripartire dall’inizio (perché il contenuto della partizione di sistema non deve cambiare durante la clonazione). - Volete annullare l’intero processo di creazione del sistema operativo nascosto?\n\nNota: NON potrete ripristinare il processo se lo annullate adesso. - Volete annullare il pre-test per la codifica di sistema? - La richiesta di codifica di sistema VeraCrypt è fallita. Volete ritentare?\n\nSelezionando 'No', il componente di autenticazione in pre-boot sarà disinstallato.\n\nNota:\n\n- Se il Boot Loader di VeraCrypt non vi richiede di digitare la password prima dell'avvio di Windows, è possibile che il vostro sistema operativo non si it is avvia dall'unità nella quale esso è installato. Questo non è supportato.\n\n- Se usate un algoritmo di cifratura diverso di AES e la richiesta è fallita (ed avete digitato la password), questo è stato causato da un driver designato inadeguatamente. Selezionare 'No', e ritentare la cifratura della partizione/unità di sistema, usando l'algoritmo di codifica AES (che ha dei requisiti di memoria inferiori).\n\n- Per più possibili cause e soluzioni, visitare: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - La partizione/disco di sistema non sembra essere criptato (né parzialmente né interamente). - La vostra partizione/disco di sistema è criptato (parzialmente o completamente).\n\nDeCodificate la vostra partizione/disco interamente prima di procedere. Per fare questo, selezionate 'Sistema'>'Decodifica definitivamente la partizione/disco di sistema' dal menu della barra strumenti della finestra principale di VeraCrypt. - Quando la partizione/unità di sistema è crittata (parzialmente o totalmente), non potete tornare ad una precedente versione di VeraCrypt (ma potete aggiornare o reinstallare la stessa versione di esso). - La vostra partizione/disco di sistema verrà Crittata, deCrittata o modificata in un altro modo. Interrompere il processo in corso (oppure aspettare finché venga completata) prima di procedere. - Una sessione della Creazione guidata volume VeraCrypt è aperta attualmente in questo sistema ed esegue o prepara la codifica/decodifica della partizione/disco di sistema. Prima di procedere, attendere che la sessione precedente sia finita o chiusa. Se non potete chiuderla, riavviate il vostro computer prima di procedere. - Il processo di codifica o decodifica della partizione/disco di sistema non è stata completato. Attendere finché essa venga completata prima di procedere. - ERRORE! Il processo di codifica della partizione/disco di sistema non è completo. Esso deve essere prima completato. - ERRORE! Il processo di codifica della partizione/volume non è completo. Esso deve essere prima completato.\n\nNota: Per riprendere il processo selezionare 'Volumi' > 'Riprendi processi interrotti' dalla barra del menu della finestra principale di VeraCrypt. - La password è corretta, VeraCrypt ha decriptato la testa del volume e scoperto che questo volume è uno di sistema operativo nascosto. Comunque, non potete modificare in questo modo la testa di un voume di sistema nascosto.\n\nPer cambiare la password per un volume di sistema nascosto, avviate il sistema operativo risiedente nel volume nascosto e selezionate 'Sistema' > 'Cambia password...' dal menu degli strumenti della barra principale della finestra di VeraCrypt.\n\nPer impostare la chiave principale dell’algoritmo di derivazione, avviare il sistema operativo e selezionare 'Sistema' >'Impostare la chiave principale algoritmo di derivazione...'. - VeraCrypt non supporta la decodifica 'sul posto' di una partizione ignota.\n\nNota: Se volete decodificare la partizione di richiamo avviate il sistema operativo di richiamo e selezionate 'Sistema' > 'Decodificare definitivamente la partizione/disco di sistema' nel menu della barra strumenti finestra principale di VeraCrypt. - ERRORE: parametro errato o non valido. - Avete selezionato una partizione oppure una unità, ma la modalità guidata da voi selezionata è adatta solo per i contenitore dei file.\n\nVolete modificare la modalità guidata? - Volete invece creare un file contenitore di VeraCrypt? - Avete selezionato la partizione/unità di sistema (oppure la partizione di avvio),ma la modalità guidata è adeguata solo per partizioni /unità non di sistema.\n\nVolete impostare l’autenticazione di pre-boot (significa che voi dovete inserire la vostra password ogni volta prima del boot/avvio di Windows) e crittare la partizione/unità di sistema? - Siete sicuri di voler Decodificare definitivamente la partizione/disco di sistema? - ATTENZIONE: Se Decodificate in permanenza la partizione/disco di sistema, i dati Decodificati saranno scritti in essa.\n\nSiete sicuri di voler decodificare definitivamente la partizione/disco di sistema? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Attenzione: Se usate una cascata di cifre per la codifica del sistema, potete incontrare i seguenti problemi:\n\n1) Il loader di avvio di VeraCrypt è più grande che il normale e, pertanto, non c'è spazio sufficiente nella prima traccia del disco per un backup del loader di avvio di VeraCrypt. Da adesso, se esso risulta danneggiato (questo avviene spesso, per esempio, durante l'attivazione di una procedura anti pirateria designata inadeguatamente per certe applicazioni), voi avrete bisogno di usare il disco di emergenza di VeraCrypt per avviare o per riparare il loader di avvio di VeraCrypt.\n\n2) In alcuni computer, ritornando dallo stato di sospensione piuttosto lungo.\n\nQuesti problemi potenziali possono essere evitati scegliendo un algoritmo di cifratura non a cascata (esempio AES).\n\nSiete sicuri di voler usare una cascata di cifre? - Se riscontrate uno qualsiasi dei problemi descritti, Decodificate la partizione/disco di sistema (se esso è criptato) e quindi tentare di Codificarla usando un algoritmo di codifica non a cascata (esempio AES). - ATTENZIONE: Per ragioni di sicurezza, è necessario aggiornare VeraCrypt sul sistema operativo esca prima di aggiornarlo sul sistema operativo nascosto.\n\nPer farlo, avviare il sistema esca ed eseguire il programma di installazione VeraCrypt. Poi avviare il sistema nascosto ed eseguire il programma di installazione anche su quest'ultimo.\n\nNota: Il sistema esca e il sistema nascosto condividono un singolo boot d'avvio. Se avete aggiornato VeraCrypt solo sul sistema nascosto (ma non sul sistema esca), il sistema esca conterrebbe un driver e l'applicazioni di VeraCrypt il cui numero di versione è diverso dal numero di versione di VeraCrypt del boot d'avvio. Tale discrepanza potrebbe svelare che vi è un sistema operativo nascosto su questo computer.\n\n\nContinuare? - Il numero della versione del loader di avvio di VeraCrypt che è stato caricato in questo sistema operativo è differente dal numero della versione del driver di VeraCrypt (e della applicazione VeraCrypt) installata in questo sistema.\n\nDovete eseguire il file di installazione di VeraCrypt (il quale numero della versione è lo stesso del loader di avvio di VeraCrypt) per aggiornare VeraCrypt in questo sistema operativo. - Il numero della versione del boot loader di VeraCrypt che ha avviato questo sistema operativo è differente dal numero di versione del driver e dell’applicazione VeraCrypt installata in questo sistema. Notate che le precedent version possono contenere degli errori corretti nell’ultima versione.\n\nSe non aviate dal disco di ripristino di VeraCrypt, dovete reinstallare VeraCrypt oppure aggiornare all’ultima versione stabile (anche il boot loader sarà aggiornato).\n\nSe avete avviato dal disco di ripristino, dovete aggiornarlo (“Sistema” > “Crea disco di ripristino”). - Il loader di avvio di VeraCrypt è stato aggiornato.\n\nVi raccomandiamo di creare un nuovo disco di ripristino di VeraCrypt (il quale conterrà la nuova versione del boot loader di VeraCrypt Boot Loader) selezionando 'Sistema' > 'Creare un disco di ripristino' dopo aver riavviato il vostro computer. - Il loader di avvio di VeraCrypt è stato aggiornato.\n\nVi raccomandiamo vivamente di avviare il sistema operativo di richiamo e quindi creare un nuovo disco di ripristino di VeraCrypt (il quale conterrà la nuova versione del loader di avvio di VeraCrypt) selezionando 'Sistema' > Creare un disco di ripristino'. - Errore nell’aggiornamento del loader di avvio di VeraCrypt. - VeraCrypt ha fallito nel determinare la dimensione reale del disco di sistema e, pertanto, sarà usata la dimensione riportata dal sistema operativo (che può essere minore della dimensione reale). Notate pure che questo non è un difetto in VeraCrypt. - ATTENZIONE: Sembra che VeraCrypt ha già tentato di scoprire i settori ignoti in questo disco di sistema. Se avete riscontato un qualsiasi problema durante il processo di ricerca precedente, potete evitare tali problemi saltando ora la ricerca dei settori ignoti. Notate che, se fate questo, VeraCrypt userà la dimensione riportata dal sistema operativo (la quale può essere minore della dimensione reale).\n\nNotate che questa situazione non è causata da un difetto di VeraCrypt. - Saltare la scoperta di settori ignoti (usare la dimensione riportata dal sistema operativo) - Tentare nuovamente di scoprire i settori ignoti - Errore: Il contenuto di uno o più settori di questo disco non possono essere letti (probabilmente a causa di un difetto fisico).\n\nTIl processo di cifratura in-posto può proseguire solamente quando i settori sono stati resi nuovamente leggibili. VeraCrypt può tentare di fare questo scrivendo degli zeri nei settori (di conseguenza questi blocchi di tutto-zeri verrebbero codificati). Notate comunque che ogni dato immagazzinato nei settori illeggibili verranno persi. Se volete evitare questo, potete tentare di recuperare delle porzioni di dati corrotti usando degli strumenti adatti da terze parti.\n\nNota: In caso di settori danneggiati fisicamente (contrariamente alla mera corruzione dei dati ed il controllo degli errori)la maggior parte delle periferiche di memoria riassegnano internamente i settori quando si tenta di scrivere dei dati in essi (in questo modo, i dati esistenti nei settori danneggiati possono rimanere non codificati sul drive).\n\nVolete che VeraCrypt scrivi degli zero nei settori illegibili? - Errore: Il contenuto di uno o più settori di questo disco non possono essere letti (probabilmente a causa di un difetto fisico).\n\nPer poter procedere con la decifratura, VeraCrypt dovrà scartare il contenuto dei settori illegibili (esso sarà sostituito da dati pseudo-casuali). Da notare che, prima di procedere, potete tentare di recuperare delle porzioni di qualsiasi dato danneggiato usando degli strumenti di terze parti appropriati.\n\nVolete che VeraCrypt scarti i dati nei settori illegibili adesso? - Nota: VeraCrypt ha sostituito il contenuto di %I64d settori illegibili (%s) con blocchi di testo tutti-zero Decodificati. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Digitare la password/PIN per il gettone '%s': - Allo scopo di consentire a VeraCrypt di accedere al gettone di sicurezza o smart card, dovete prima installate una libreria software PKCS #11 per gettone o smartcard. Libreria di questo tipo può essere fornita con la periferica oppure essere disponibile per il download dal sito web del venditore oppure da altre terze parti.\n\nDopo aver installato la libreria, potete sia selezionarla manualmente facendo click su 'Seleziona libreria' o lasciare che VeraCrypt la trovi e selezioni automaticam. facendo click su 'Scopri automaticamente la libreria' (solo nella directory Windows System). - Nota: Per il nome e posizione del file libreria PKCS #11 installata per il vostro gettone di sicurezza o smart card, riferitevi alla documentazione fornita con il gettone, scheda oppure software di terze parti.\n\nFate click 'OK' per selezionare il percorso ed il nome del file. - Allo scopo di consentire a VeraCrypt di accedere al gettone di sicurezza o smart card, dovete selezionare prima un software libreria PKCS #11 per il gettone/scheda. Per fare questa, selezionare 'Impostazioni' > 'Tokens di sicurezza'. - Fallito nell’inizializzare la libreria del gettone di sicurezza PKCS #11.\n\nAssicuratevi che il percorso e file specificato sia riferito ad una valida libreria PKCS #11. Per specificare un percorso ed un file libreria PKCS #11, selezionare 'Impostazioni' > 'Tokens di sicurezza'. - Nessuna libreria PKCS #11 è stata trovata nella directory Windows System.\n\nAssicuratevi che una libreria PKCS #11 per il vostro gettone di sicurezza (o smart card) sia installata (tale libreria può essere fornita con il gettone/scheda oppure essere disponibile per il download dal sito internet del venditore oppure terze parti). Se esso è installato in una directory in una directory diversa dalla directory Windows System, fate click su 'Seleziona libreria' per localizzare la libreria (cioè nella cartella dove il software per il gettone/scheda è installato). - Nessun gettone di sicurezza trovato.\n\nAssicuratevi che il gettone di sicurezza sia connesso al vostro computer e ed il driver corretto per il vostro gettone sia installato. - File chiave per il gettone di sicurezza non trovato. - Un file chiave per il gettone di sicurezza con lo stesso nome esiste già. - Volete cancellare i file selezionati? - Il percorso per il file chiave del gettone di sicurezza non è valido. - Errore gettone di sicurezza - La password per il gettone di sicurezza non è corretta. - Il gettone di sicurezza non ha memoria/spazio sufficiente per compiere l’operazione richiesta.\n\nSe state tentando di importare un file chiave, dovete selezionare un file piccolo oppure usare un file chiave generato da VeraCrypt (selezionare “Strumenti” > Generatore di file chiave”). - Tutte le sessioni aperte del gettone di sicurezza sono state chiuse. - Selezionare i file chiave del gettone di sicurezza - Slot - Nome gettone - Nome file - IMPORTANTE: Notare che le password di autenticazione pre-boot sono sempre digitate usando La tastiera con layout second lo standard americano. Pertanto può essere impossibile montare un volume che usa una password di autenticazione digitata usando un qualsiasi altro layout tastiera (non è un difetto di VeraCrypt). Per consentire il montaggio di tale volume usando una password di autenticazione pre-boot seguire questi passi:\n\n1) Fate clic su “Seleziona file” oppure “Seleziona unità” e selezionare il volume.\n2) Selezionare “Volumi”' >”Modifica la password del volume”.\n3) Digitare la password corrente per il volume.\n4) Cambiare il layout della tatiera in Inglese (US) facendo clic sull’icona della barra della lingua nella barra applicazioni di Windows e selezionando “EN Inglese (Stati Uniti)”.\n5)In VeraCrypt, nel campo della nuova password ,digitare la password di autenticazione di pre-boot.\n6) Confermare la nuova password ridigitandola nel campo di confrma e facendo clic su “OK”.ATTENZIONE: Tenere a mente che, se voi seguite questi passi, la password del volume dovrà essere sempre digitata usando il layout tastiera US (che viene assicurata automaticamente solo in ambiente di pre-boot). - I volumi di sistema preferitii saranno montati usando la password di autenticazione di pre-boot. Qualsiasi altro volume di sistema preferito che usa una password differente non sarà montato. - Dovete notare che, se avete bisogno di evitare le operazioni normali per un volume VeraCrypt (come “Smonta tutti”, smontaggio automatic ecc.) da essere influenzati dai volumi preferiti di sistema, dovete attivare l’opzione”Consenti solo agli amministratori di vedere e smontare I volumi di sistema preferiti in VeraCrypt”. In aggiunta, quando VeraCrypt viene eseguito senza I privilegi di amministratore (predefinito in Windows Vista e successivo), i volumi di sistema preferiti non saranno mostrati nell’elenco delle lettere unità nella finestra principale di VeraCrypt. - IMPORTANTE: Tenere in mente che se questa opzione è attivata e VeraCrypt non ha I privilegi di amministratore, I volumi di sistema preferiti NON sono mostrati nella finestra di VeraCrypt e non possono essere smontati. Pertanto, se avete bisogno di smontare uno di tali volume, fate prima clic destro sull’icona di VeraCrypt (nel menu di Avvio) e selezionate “Esegui come amministratore”. La stessa restrizione è applicata alle funzioni “Smonta tutto”, “Smontaggio automatico”, “Smonta tutto” ecc. - Notate che queste impostazioni hanno effetto solo dopo il riavvio del sistema operativo. - Errore mentre viene analizzata la linea di comando. - Disco di ripristino - Seleziona &file e monta... - Seleziona &Unità e monta... - In VeraCrypt è consentito solo agli amministratori di vedere e smontare i volumi preferiti di sistema - Monta i volumi di sistema preferiti quando si avvia Windows(nella fase iniziale di avvio) - AVVERTENZA: Il file system nel volume montato come '%s' non è stato smontato pulitamente e quindi può contenere degli errori. Usando un file system corrotto può causare la perdita dei dati oppure la corruzione dei dati.\n\nNota: Prima di rimuovere fisicamente oppure spegnere una unità (come un flash drive USB oppure un disco rigido esterno) dove un volume VeraCrypt montato risiede, dovete sempre smontare prima il volume VeraCrypt in VeraCrypt.\n\n\nVolete che Windows tenti di scoprire e correggere gli errori (se ci sono) nel file system? - Attenzione: Uno o più volumi di sistema preferiti non sono stati smontati completamente e quindi possono contenere degli errori di filesystem. Vedere il registro eventi di sistema per ulterior dettagli.\nUsando un file system corrotto si può causare una perdita oppure una corruzione dei dati. Dovete verificare il relativo volume di sistema preferito per errori (facendo clic su di esso in VeraCrypt e selezionando “Ripara il filesystem”). - Avvertenza: La riparazione di un file system danneggiato usando lo strumento Microsoft 'chkdsk' può causare la perdita dei file nelle aree danneggiate. Pertanto, raccomandiamo di eseguire prima il back up dei file memorizzati nel volume VeraCrypt in un altro volume VeraCrypt alternativo.\n\nVolete riparare il file system ora? - Il Volume '%s' è stato montato in sola lettura perchè l’accesso in scrittura è stato negato.\n\nAssicuratevi di avere i permessi di sicurezza del file contenitore consentendovi di scrivere in esso (fate clic sul contenitore e selezionate “Proprietà” > “Sicurezza”).\n\nDa notare che, a causa di una regola di Windows, potrete leggere queste avvertenze anche dopo l’impostazione degli appropriati permessi di sicurezza. Questo non è causato da un difetto in VeraCrypt. Una soluzione possible è quella di muovere il vostro contenitore, ad esempio, alla cartella Documenti.\n\nSe intendete mantenere il vostro volume in sola lettura, impostate l’attributo di sola lettura del contenitore (facendo clic con il tasto destro sul contenitore e selezionando “Proprietà” >”Sola lettura”), che sopprimerà questo avvertimento. - Il volume '%s' è stato montato in sola lettura perchè l'accesso in scrittura è stato negato.\n\nAssicuratevi che nessun'altra applicazione (cioè antivirus) stia accedendo alla partizione/periferica nella quale il volume è ospitato. - Il volume '%s' è stato montato in sola lettura perchè il sistema operativo ha reportato che la periferica ospite è protetta da scrittura.\n\nNotare che alcuni chipset dei driver personali sono stati reportati come causa per i supporti scrivibili ad apparire erroneamente come protetti da scrittura. Questo problema non è causato da VeraCrypt. Esso può essere risolto aggiornando o disinstallando qualsiasi driver chipset personale (non-Microsoft) che è attualmente installato nel vostro sistema. - Si noti che la tecnologia Hyper-Threading offre più core logici per un singolo core fisico. Quando Hyper Threading è attivato, il numero selezionato qui sopra rappresenta il numero di processori/core logici. - %d processi - Notate che l’ hardware-accelerato AES è disattivato e questo influenza il comportamento risultante (bassa prestazione).\n\nPer attivare l’accelerazione hardware, selezionare “Impostazioni” > “Prestazioni” e disattivare l’opzione corrispondente. - Notate che il numero dei processi è attualmente limitato, e questo influenza il comportamento risultante (bassa prestazione).\n\nPer utilizzare la piena potenza dei processori selezionare “Impostazioni” > “Prestazioni” e disattivare l’opzione corrispondente. - Volete che VeraCrypt tenti di disattivare la protezione da scrittura della partizione o dell'unità? - ATTENZIONE: Queste impostazioni possono ridurre le prestazioni.\n\nSiete sicuri di voler usare queste impostazioni? - Attenzione: VolumeVeraCrypt auto-smontato - Prima di rimuovere fisicamente o spegnere un dispositivo contenente un volume montato, si dovrebbe sempre smontare il volume prima su VeraCrypt.\n\nUno smontaggio inprovviso e non voluto è generalmete causato da un'intermittenza sul cavo, disco, ecc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Prova - File chiave - Indietro - Tab - Canc - Invio - Pausa - Blocca maiuscole - Barra spaziatrice - Pagina giù - Pagina su - Fine - Home - Freccia sinistra - Freccia in alto - Freccia destra - Freccia in basso - Tasto selezione - Tasto stampa - Tasto esegui - Stampa schermo - Ins - Canc - Applicazioni - Pausa - Bloc Num. - Bloc Scorr. - Indietro (Browser) - Avanti(Browser) - Aggiorna (Browser) - Stop (Browser) - Ricerca (Browser) - Preferiti (Browser) - Home (Browser) - Silenzio - Volume - - Volume + - Traccia seguente - Traccia precedente - Stop - Riproduci/Pausa - Avvia programma di posta - Seleziona media - Applicazione 1 - Applicazione 2 - Attn - CrSel - ExSel - Avvio - Zoom - Tastierino numerico - Maiusc. - Ctrl - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Annulla + Install&a per tutti gli utenti + Sfo&glia... + Aggiungi icona di VeraCrypt al &desktop + Donazione... + Associa i file con estensione .hc & con VeraCrypt + &Apri la posizione di destinazione quando terminato + Aggiungi VeraCrypt al menu &di avvio + Crea punto di &ripristino del sistema + &Disinstalla + &Estrai + &Installa + Assistente installazione di VeraCrypt + Disinstalla VeraCrypt + Guida + Selezionare o digitare la posizione dove volete salvare i file estratti: + Selezionare o digitare la posizione dove volete installare i file di programma di VeraCrypt. Se la directory specificata non esiste, sarà creata automaticamente. + Fare click su Disinstalla per rimuovere VeraCrypt da questo sistema. + Interrompi + &Comportamento + Testata + Crea e formatta volume criptato + Codifica la partizione sul posto + Mostra le chiavi generate (loro porzioni) + Mostra il contenuto del pool + Scarica il software di registrazione CD/DVD + Crea un file contenitore criptato + &GB + &TB + Altre informazioni + Volume VeraCrypt nascosto + Altre informazioni sui volumi ignoti + Modo diretto + Modo normale + KB + Usa file chiave + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + File chiave... + Info sugli algoritmi confusione + Altre informazioni + Information on PIM + MB + Altre informazioni + Altre informazioni sulla codifica di sistema + Altre informazioni + Avvio multiplo + Codifica una partizione/disco non di sistema + Non salvare la cronologia + Apri il volume esterno + &Pausa + Use P&IM + Use PIM + Formattazione rapida + Mostra password + &Mostra password + &Display PIM + Boot singolo + Volume VeraCrypt standard + nascosto + Normale + Codifica la partizione o tutto il disco di sistema + Codifica la partizione di sistema di Windows + Codifica l'intero disco + Creazione guidata volume di VeraCrypt + Cluster + IMPORTANTE: Muovere il vostro mouse il più casualmente possibile entro questa finestra. E' preferibile un movimento più lungo perchè aumenta in modo significativo l'effetto delle chiavi di codifica. Quindi fate click su Avanti per continure + Conferma: + Fatto + Drive letter: + Algoritmo di codifica + File system + Crea un disco virtuale criptato all'interno di un file. Raccomandato per utenti inesperti. + Opzioni + Algoritmo di confusione + Chiave primaria: + Rimane + Chiave principale: + Selezionare questa opzione se esistono due o più sistemi operativi installati su questo computer.\n\nPer esempio:\n- Windows XP e Windows XP\n- Windows XP e Windows Vista\n- Windows e Mac OS X\n- Windows e Linux\n- Windows, Linux e Mac OS X + Codifica una partizione non di sistema o qualsiasi disco interno o esterno (es. un flash drive). Eventualmente crea un volume nascosto. + Contenuto del pool corrente (parziale) + Passo + Password: + Volume PIM: + Volume PIM: + Progresso: + Pool casuale: + Selezionare questa opzione se esiste solo un sistema operativo installato su questo computer (anche se esso ha multipli utenti). + Velocità + Stato + Le chiavi, i valori ed altri dati sono stati generati con successo. Se volete generare nuove chiavi fate click su Indietro, altrimenti su Avanti per proseguire. + Codifica la partizione/disco dove Windows è installato. Chi vuole avere l'accesso ed usare il sistema, leggere e scrivere file, ecc, deve digitare ogni volta la password corretta prima dell'avvio di Windows. In alternativa, crea un sistema nascosto. + Selezionare questa opzione per cifrare la partizione dove è installato il sistema operativo Windows attualmente in esecuzione. + Volume Label in Windows: + Modo di pulizia: + Chiudi + Consente di saltare l'autenticazione di &pre-bootpremendo il tasto Esc (attiva il manager di avvio) + Disattiva l’autorun di VeraCrypt + Montaggio automatico di un volume VeraCrypt (specificato in seguito) + Esegui VeraCrypt + Scopri automaticam. la libreria + &Nascondi la password di autenticazione di pre-boot nella memoria del driver (per il montaggio di volumi non di sistema) + Sfoglia... + Sfoglia... + Mantieni password e file chiave nella cache + Chiudi quando non ci sono volumi montati + &Chiudi la sessione in corso (log out) dopo che il volume è stato montato + Include VeraCrypt Volume Expander + Includi la creazione guidata volume VeraCrypt + Crea + Crea un volume... + Non &mostrare nessun testo nello schermo autenticazione di pre-boot(eccetto il messaggio utente in basso) + Disable "Evil Maid" attack detection + Accelera la codifica/decodifica AES usando le istruzioni AES del processore (se disponibili) + Usa file chiave + Usa file chiave + Chiudi + Guida sui volumi preferiti + Non montare il volume selezionato quando il tasto di scorciatoia 'Monta volumi preferiti' &viene premuto + Montare il volume selezionato quando la sua periferica ospite viene &connessa + Montare il volume selezionato dopo il log&on + Montare il volume selezionato in sola let&tura + Montare il volume selezionato come ,media rimo&vibile + Muovi &giù + Muovi &sù + Aprire la &finestra di explorer per il volume selezionato quando viene montato con successo + &Rimuovi + Use favorite label as Explorer drive label + Impostazioni globali + Visualizza messaggio a scomparsa dopo aver correttamente scollegato una hotkey + Riproduci un suono di notifica dopo aver scollegato una hotkey correttamente + Alt + Ctrl + Maiusc + Win + Assegna + Rimuovi + File chiave... + Non usare il seguente numero di processori per la codifica/decodifica: + Ulteriori informazioni + Uteriori informazioni + Altre impostazioni... + Montaggio automatico + Opzioni... + Monta il volume in sola lettura + File chiave... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Attiva + Mantieni le password nella cache + Smontaggio automatico del volume in mancanza di attività successive + L'utente si disconnette + User session locked + PC in modo di risparmio energia + Il salvaschermo è attivato + Forza lo smontaggio automatico anche se il volume contiene dei file o cartelle aperti + Monta tutti i volumi VeraCrypt residenti sulle unità + Esegui in background + Monta i volumi in sola lettura + Monta i volumi come unità rimovibili + Apri la finestra di Esplora risorse dopo aver montato un volume correttamente + Temporary Cache password during "Mount Favorite Volumes" operations + Usa un icona diversa nella barra di sistema se ci sono volumi montati + Azzera le password nella cache allo smontaggio automatico + Azzera le password nella cache in uscita + Non modificare data ed ora dei file contenitori + Azzera + Seleziona unità... + Seleziona file... + Seleziona &libreria... + Mostra password + Mostra password + Apri la finestra di Esplora risorse per il volume montato + Mantieni la password nella cache + TrueCrypt Mode + Smonta tutti + Proprietà volume... + Strumenti volume... + Azzera la cache + VeraCrypt - Mount Parameters + VeraCrypt - Volumi preferiti + VeraCrypt - Tasti di scelta rapida (hotkey) + VeraCrypt + Modifica la password o il file chiave + Digita la password del volume VeraCrypt + VeraCrypt - Opzioni di prestazione e configurazione del driver + Preferenze di VeraCrypt + VeraCrypt - Impostazioni codifica di sistema + VeraCrypt - Preferenze controllo sicurezza + Installazione del Traveler Disk di VeraCrypt + Proprietà del volume VeraCrypt + Info... + Aggiungi/rimuovi i file chiave al/dal volume... + Aggiungi il volume montato ai preferiti... + Aggiungi il volume montato ai preferiti... + Analizza crash del sistema... + Backup del volume principale... + Riferimenti... + Imposta algoritmo per la chiave principale... + Modifica la password del volume... + Imposta la chiave principale dell'algoritmo di derivazione... + Modifica la password... + Cancella la cronologia del volume + Chiudi tutte le sessioni dei token di sicurezza + Contatti... + Crea sistema operativo nascosto... + Crea un disco di ripristino... + Crea un nuovo volume... + Permanently Decrypt... + File chiave predefiniti... + Default Mount Parameters... + Donazione... + Codifica la partizione o disco di sistema... + Domande frequenti + Guida utente + Sito web + Tasti di scelta rapida (hotkey)... + Generatore di file chiave... + Lingua... + Note legali... + Gestione token di sicurezza dei file chiave... + Monta automaticamente tutti i volumi residenti sulle unità + Monta i volumi preferiti + Monta senza autentificazione di pre-boot... + Monta il volume + Monta il volume con le opzioni + Notifiche + Guida in linea + Tutorial per principianti + Organizza i volumi preferiti... + Organizza i volumi preferiti di sistema... + Prestazioni/Configurazione del driver + Decodifica definitivamente la partizione/disco di sistema + Preferenze... + Aggiorna le lettere delle unità + Rimuovi tutti i file chiave dal volume... + Ripristina l'intestazione del volume... + Riprendi i processi interrotti + Seleziona unità... + Seleziona file... + Riavvia i processi interrotti + Codifica di sistema... + Proprietà... + Impostazioni... + Volumi preferiti di sistema... + Download + Testa vettori... + Token di sicurezza... + Installazione del Traveler Disk... + Smonta tutti i volumi montati + Smonta il volume + Verifica disco di ripristino + Verify Rescue Disk ISO Image + Cronologia delle versioni + Volume Expander + Proprietà del volume... + Creazione guidata volume... + Sito web di VeraCrypt + Cancella le password nella cache + OK + Accelerazione hardware + Assegna tasti rapidi + Configurazione di avvio automatico (autorun.inf) + Smontaggio automatico + Smonta tutti quando: + Opzioni schermata di boot per VeraCrypt + Conferma password: + Corrente + Mostra il messaggio utente nello schermo di autenticazione di per-avvio (massimo 24 caratteri): + Opzioni di montaggio predefinite + Opzioni tasti rapidi + Configurazione del driver + Enable extended disk control codes support + Etichetta del volume preferito selezionato: + Impostazioni file + Tasto: + Il Processore (CPU) del computer supporta l'accelerazioni hardware per AES: + Azioni da eseguire all'apertura di Windows + minuti + Monta il volume con la lettera dell'unità: + Parametri di montaggio + Nuovo + Password: + Parallelizzazione Thread-Based + PKCS #11 Percorso libreria + PKCS-5 PRF: + PKCS-5 PRF: + Password nascoste + Opzioni sicurezza + Esecuzione di VeraCrypt in background + Volume VeraCrypt da montare (relativo alla radice del Traveler Disk): + Sull'inserimento del Traveler Disk: + Crea i file per il Traveler Disk su (directory radice del Traveler Disk): + Volume + Windows + Agg.percorso... + Auto test tutti + &Continua + Decripta + &Cancella + Codifica + &Esporta... + Genera e salva i file chiave... + Genera un file chiave casuale... + Scarica i file di linguaggio + Hardware AES accelerato: + &Importa file chiave alla misura di sicurezza... + Agg. File... + Usa file chiave + File chiave... + Elimina + Elimina tutti + Cos'è la protezione di un volume nascosto? + Maggiori informazioni sui file chiave + Monta il volume come unità rimovibile + Monta partizione usando codifica di sistema senza autentificazione di pre-boot + Parallelizzazione: + Prova + &Stampa + Proteggi il volume nascosto contro i danni da scrittura sul volume esterno + Azzera + Mostra password + Agg. file token ... + Usare l'intestazione del backup inserita nel &volume se disponibile + Modo XTS + A proposito di VeraCrypt + VeraCrypt - Test per l'algoritmo di codifica + VeraCrypt - Vettori test + Guida alla linea di comando + VeraCrypt - File chiave + VeraCrypt - Generatore di file chiave + VeraCrypt - Lingua + VeraCrypt - Opzioni di montaggio + Proprietà nuova chiave file token di sicurezza + VeraCrypt - Arricchimento pool casuale + Seleziona una unità/partizione + VeraCrypt + File chiave misura di sicurezza + Password/PIN richiesto per la misura di sicurezza + File di lingua in uso + La velocità è influenzata dal carico CPU e dalle caratteristiche dell’unità di memoria.\n\nQuesti test vengono effettuati nella memoria RAM. + Dimensione del buffer: + Algoritmo di codifica: + Password per il volume nascosto:\n(usare la cache se non fornita) + Protezione del volume nascosto + Dimensione della chiave: + IMPORTANTE: Muovere il vostro mouse il più casualmente possibile entro questa finestra. E' preferibile un movimento più lungo perchè aumenta in modo significativo l'effetto delle chiavi di codifica. + ATTENZIONE: se viene perso un file chiave o se cambiano i bit nei primi 1024 KB, sarà impossibile montare i volumi che usano questo file chiave! + bits + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Tradotto da: + Dimensione testo: + bits + Contenuto attuale del pool + Miscelazione PRF: + IMPORTANTE: Dovete muovere il vostro mouse il più a caso possibile all'interno di questa finestra. E'preferibile un movimento lungo. Questo aumenta la sicurezza in maniera significativa. Quando fatto questo, fate click su 'Continua'. + Chiave secondaria (esadecimale) + Misura di sicurezza: + Ordinamento: + Attendere. Questo processo può richiedere molto tempo... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Numero blocchi: + Testo criptato (esadecimale) + Numero unità dati (64-bit esadecimale, dimensione unità dati=512 byte) + Chiave (esadecimale) + Testo in chiaro (esadecimale) + Nome file chiave: + Modo XTS + S&istema + &Volumi + Prefer&iti + &Strumenti + &Parametri + &Guida + &Sito Web + + A proposito di... + L'attributo di sola lettura del vecchio volume non può essere modificato. Verificare i permessi di accesso al file. + ERRORE: accesso negato.\n\nLa partizione a cui si sta tentando di accedere ha lunghezza di 0 (zero) settori oppure è l’unità di avvio del sistema. + Amministratore + Per caricare il driver VeraCrypt è necessario accedere come utente con privilegi di amministratore. + Per codificare/decodificare/formattare un unità/partizione è necessario accedere come utente con privilegi di amministratore.\n\nQuesta restrizione non si applica ai volumi basati su file. + Per creare un volume nascosto è necessario accedere come utente con privilegi di amministratore.\n\nContinuare? + Per formattare il volume come NTFS è necessario accedere come utente con privilegi di amministratore.\n\nSenza i privilegi di amministrazione si può formattare il volume come FAT. + Algoritmo di codifica (Rijndael, pubblicato nel 1998) approvato per la FIPS, che può essere usato dai dipartimenti ed agenzie federali U.S.A. per proteggere le informazioni Top Secret. Chiave a 256-bit, blocco a 128-bit, 14 passaggi (AES-256). Modo operativo XTS. + Il volume è già montato. + ATTENZIONE: almeno un algoritmo di codifica o di confusione ha fallito la procedura automatica di auto-test!\n\nL'installazione di VeraCrypt potrebbe essere corrotta. + ATTENZIONE: il gruppo di generazione casuale non dispone di dati sufficienti a fornire la quantità richiesta di dati casuali.\n\nE' sconsigliato proseguire oltre. Selezionare 'Segnala un errore' dal menu Guida e segnalare questo errore. + Il disco è danneggiato (c'è un difetto fisico in esso) oppure un cavo è danneggiato, oppure la memoria è malfunzionante.\n\nDa notare che questo è un problema con il vostro hardware, non con VeraCrypt. Pertanto, NON segnalare questo come un difetto o problema in VeraCrypt e quindi NON chiedere assistenza con questo nei forum di VeraCrypt. Contattate il supporto tecnico del venditore del vostro computer per l'assistenza. Grazie!\n\nNota: se l'errore si verifica ripetutamente allo stesso posto, è probabile sia causato da un cattivo settore su disco, che deve essere possibile correggere usando un software di terze parti (notate pure che, in molti casi, il comando 'chkdsk /r' non può correggere questo problema perchè esso lavora solamente al primo livello del file system; in alcuni casi lo strumento 'chkdsk' non riesce a scovare questo settore cattivo). + Se avete accesso ad un dribe per unità removibile, assicuratevi che un supporto venga inserito nell'unità. L'unità o supporto può essere pure danneggiato(può esserci un difetto fisico in esso) oppure un cavo può essere danneggiato o disconnesso. + Il vostro sistema sembra usare una periferica chipset utente contenente un difetto che previene la codifica dell'intero drive di sistema.\n\nTentare l'aggiornamento o la disinstallazione di qualsiasi driver del chipset personalizzato (non-Microsoft) prima di procedere. Se questo non vi aiuta, tentare la codifica della sola partizione. + Lettera di unità non valida. + Percorso non valido. + Annulla + Impossibile accedere all’unità. Assicurarsi che essa esista e non sia usata dal sistema. + ATTENZIONE: Bloc+Maiusc attivo. Questo può causare la digitazione di una password errata. + Tipo di volume + Potreste essere costretti da qualcuno a svelare la password per un volume criptato. Ci sono molte situazioni dove non potete rifiutarvi di farlo (ad esempio, in caso di estorsione). L'uso del cosiddetto "volume nascosto" vi consente di risolvere tali situazioni senza svelare la password del vostro volume. + Selezionare questa opzione se volete creare un volume VeraCrypt normale. + Notate che se volete che un sistema operativo venga installato in un volume ospitato in una partizione ignota, l'intero disco di sistema non potrà essere criptato usando una singola chiave. + Opzioni di codifica del volume esterno + Opzioni di codifica del volume nascosto + Opzioni di codifica + ATTENZIONE: impossibile eliminare il percorso dell'ultimo volume/file chiave selezionato (memorizzata dal selettore file)! + ERRORE: il volume è stato compresso a livello di file system. VeraCrypt non supporta i contenitore compressi (comprimere dati Codificati è inutile e ridondante).\n\nDisabilitare la compressione seguendo queste istruzioni: 1) Fare click destro sul contenitore in Esplora Risorse (non in VeraCrypt). 2) Selezionare 'Proprietà'. 3) Nella finestra di dialogo 'Proprietà', cliccare su 'Avanzate'. 4) Nella finestra di dialogo 'Proprietà avanzate', deselezionare l'opzione 'Comprimi i dati per risparmiare spazio' e cliccare 'OK'. 5) Nella finestra di dialogo 'Proprietà', cliccare 'OK'. + La creazione del volume %s fallita + La dimensione di %s è %.2f byte + La dimensione di %s è %.2f KB + La dimensione di %s è %.2f MB + La dimensione di %s è %.2f GB + La dimensione di %s è %.2f TB + La dimensione di %s è %.2f PB + ATTENZIONE: l’unità/partizione è in uso da parte del sistema operativo o da un'applicazione. La sua formattazione potrebbe causare la perdita dei dati e l'instabilità del sistema.\n\nContinuare? + ATTENZIONE: l’unità è in uso da parte del sistema operativo o da un'applicazione. Dovete chiudere qualsiasi applicazione che sta usando la partizione (compreso i software antivirus).\n\nContinuare? + ERRORE: l’unità/partizione contiene un file system che non può essere smontato. Il file system potrebbe essere in uso. La formattazione della unità/partizione può causare la perdita dei dati e l'instabilità del sistema.\n\nPer risolvere il problema, si raccomanda di cancellare la partizione e di ricrearla senza formattarla, seguendo le seguenti istruzioni: 1) Fare click destro sull'icona 'Risorse del computer' nel menu Start e selezionare 'Gestione'. Dovrebbe comparire la finestra 'Gestione computer'. 2) Nella finestra 'Gestione computer', selezionare 'Gestione disco'. 3) Fare click destro sulla partizione da codificare e selezionare 'Elimina partizione' o 'Elimina volume' oppure 'Elimina unità logica'. 4) Cliccare 'Sì'. Se Windows chiede il riavvio del computer, eseguirlo. Ripetere i passi 1 e 2 e continuare col passo 5. 5) Fare click destro sullo spazio libero/non allocato e selezionare 'Nuova partizione' o 'Nuovo volume' oppure 'Nuova unità logica'. 6) Dovrebbe comparire la finestra 'Creazione guidata nuova partizione' o 'Creazione guidata nuovo volume'; seguire le istruzioni. Nella pagina intitolata 'Formatta partizione', selezionare 'Non formattare questa partizione' o 'Non formattare questo volume'. Cliccare su 'Avanti' e poi su 'Fine'. 7) Ora il percorso del unità selezionato in VeraCrypt potrebbe essere errato. Uscire dalla creazione guidata del volume VeraCrypt (se ancora in esecuzione) e riavviarla. 8) Provare nuovamente a codificare l’unità/partizione.\n\nSe VeraCrypt non riesce ripetutamente a codificare l’unità/partizione, creare un file contenitore. + ERRORE: il sistema dei file non può essere chiuso o smontato. Esso può essere in uso dal sistema operativo oppure da applicazioni (per esempio software antivirus). La codifica della partizione potrebbe causare la corruzione dei dati e l’instabilità del sistema.\n\nChiudete qualsiasi applicazione che può essere in uso dal sistema operativo (compresi gli antivirus) e tentate nuovamente. Se questo non vi aiuta, seguire i passi che seguono. + ATTENZIONE: alcune delle unità/partizioni montate sono già in uso!\n\nIgnorare questa condizione può causare risultati indesiderati, compresa l'instabilità del sistema.\n\nE' consigliabile chiudere tutte le applicazioni che potrebbero usare le unità/partizioni. + L’unità selezionata contiene delle partizioni.\n\nLa formattazione del unità potrebbe causare la perdita dei dati e l'instabilità del sistema. Selezionare una partizione o rimuovere tutte le partizioni per consentire a VeraCrypt di formattarle senza rischi. + L’unità non di sistema selezionata contiene delle partizioni.\n\nLa codifica di volumi di VeraCrypt ospitati nell’unità può essere creata all’interno delle unità che non contengono nessuna partizione (compresi dischi rigidi e dischi allo stato solido). Un’unità contenente delle partizioni può essere interamente Crittata ‘sul posto’ (usando una singola chiave master) solo se essa è il disco dove Windows è installato e dal quale esso si avvia.\n\nSe volete codificare la partizione non di sistema selezionata usando una singola chiave master, dovete rimuovere tutte le partizioni nell’ unità prima di consentire a VeraCrypt di formattarla in sicurezza (la formattazione di una unità contenente delle partizioni può causare l’instabilità del sistema e/o corruzione dei dati). In alternativa, potete codificare singolarmente ogni partizione sul disco (ogni partizione sarà Crittata usando una chiave master differente).\n\nNota: Se volete rimuovere tutte le partizioni da un disco GPT, dovete convertirlo in disco MBR (usando lo strumento Gestione del computer) allo scopo di rimuovere le partizioni ignote. + Attenzione: Se cifrate l'intera periferica (non solo una partizione in essa), il sistema operativo considererà la periferica come nuova, vuota e non formattata (per cui non conterrà nessuna tavola i partizione) e può inizializzare spontaneamente la periferica (oppure chiedervi se volete farlo), e questo può danneggiare il volume. Inoltre, non sarà possibile montare consistentemente il volume come preferito (ad esempio, quando il numero periferica cambia) oppure assegnare ad essa un'etichetta di volume preferito.\n\nPer evitare questo volete invece considerare la creazione di una partizione nell'unità e cifrare la partizione.\n\nVolete cifrare l'intera unità? + IMPORTANTE: Ricordate che questo volume NON PUO' essere mountato/aperto usando la lettera dell'unità %c:, assegnata attualmente ad essa!\n\nPer montare questo volume, fate clic su 'Automonta Unità' nella finestra principale di VeraCrypt (oppure, fate clic su 'Seleziona Unità', quindi selezionare questa partizione/unità, e cliccate su 'Monta'). Questo volume sarà montato in una lettera unità differente, da selezionare nell'elenco nella finestra principale di VeraCrypt.\n\nLa lettera unità originale %c: deve essere usata solo nel caso in cui avete bisogno di rimuovere la codifica dalla partizione/unità (cioè, se non avete bisogno per molto tempo della codifica). In tale caso, fate clic con il tasto destro sulla lettera dell'unità %c: nell'elenco del 'Computer' (oppure 'Esplora risorse') e selezionare 'Formatta'. Altrimenti, la lettera unità %c: non deve essere mai usata (a meno chè voi la rimuovete, come descritto nelle FAQ di VeraCrypt, e la assegnate ad un'altra partizione/unità). + La codifica in posto di volumi non di sistema non è supportata dalla versione del sistema operativo che state usando attualmente (è supportato solo in Windows Vista e l'ultima versione di Windows).\n\nLa ragione è che questa versione di Windows non supporta la compattazione di un file system (il file system deve essere compresso per creare lo spazio per la testata del volume e del backup). + La partizione selezionata non sembra contenere un file system NTFS. Solo le partizioni che contengono un file system NTFS possono e essere codificate sul posto.\n\nNota: La ragione è che Windows non supporta la compressione di altri tipi di file systems (il file system necessita di essere compresso per costruire lo spazio per la testata del volume e farne il backup). + La partizione selezionata non sembra contenere un file system NTFS. Solo le partizioni che contengono un file system NTFS possono e essere codificate sul posto.\n\nSe volete creare un volume criptato VeraCrypt all’interno di questa partizione, scegliete l’opzione "Crea e formatta volume criptato" (invece dell’opzione "Codifica la partizione sul posto"). + ERRORE: La partizione è troppo piccola. VeraCrypt non può Codificarla sul posto. + Per codificare i dati in questa partizione, dovete seguire questi passi:\n\n1) Create un volume VeraCrypt in una partizone/unità vuota e quindi montarlo.\n\n2) Copiate tutti i file dalla partizione che volete codificare in origine nel volume VeraCrypt (che è stato creato e montato nel passo 1). In questo modo, voi farete un backup dei dati Codificati VeraCrypt.\n\n3) Create un volume VeraCrypt nella partizione che volete codificare in origine ed assicuratevi (nella procedura di VeraCrypt) di scegliere l’opzione "Crea e formatta volume criptato" (invece dell’opzione "codifica la partizione sul posto"). Notate che tutti i dati memorizzati nella partizione saranno cancellati. Dopo aver creato il volume, montatelo.\n\n4) Copiate tutti i file dal backup del volume VeraCrypt (creato e montato nel passo 1) nel volume VeraCrypt creato (e montato) nel passo 3.\n\nDopo aver completato questi passi, i dati saranno codificati ed, inoltre, ci sarà un backup criptato dei dati. + VeraCrypt può codificare sul posto solo una partizione, un volume dinamico oppure un intero disco di sistema.\n\nSe volete creare un volume criptato VeraCrypt all’interno della unità non di sistema selezionata, scegliere l’opzione "Crea e formatta volume criptato" (invece dell’opzione "Codifica la partizione sul posto"). + ERRORE: VeraCrypt può codificare sul posto solo una partizione, un volume dinamico oppure un intero disco di sistema. Assicuratevi che il percorso specificato sia valido. + Errore: Impossibile comprimere il file system (esso deve essere compresso per la testata del volume e del backup).\n\nCause possibili e soluzioni:\n\n- Spazio libero insufficiente sul volume. Assicuratevi che nessuna altra applicazione stia scrivendo nel file system.\n\n- file system danneggiato. Tentare di verificarlo e correggere qualsiasi errore (fate click con il tasto destro sulla lettera del drive corrispondente nell'elenco 'Risorse del computer', selezionare Proprietà > Strumenti > 'Verifica', assicuratevi che l'opzione 'Correggi automaticamente gli errori nel file system' sia attivata e fate click su Avvia).\n\nSe i passi di cui sopra non vi aiutano, seguire i passi successivi. + Errore: Non c'è spazio libero sufficiente nel volume e quindi il file system non può essere compattato (la compattazione del file system è necessaria per fare spazio per la testata del volume e del backup).\n\nEliminare ogni file ridondante e svuotare il cestino in modo da liberare almeno 256 KB di spazio e quindi ritentare. Notare che, a causa di una istanza di Windows, la quantità di spazio libero rapportata da Windows Explorer può essere inesatta finchè il sistema operativo non viene riavviato. Se riavviando il sistema questo non vi aiuta, il file system può essere danneggiato. Tentare il controllo e correggere qualsiasi errore (fate click destro sulla lettera dell'unità corrispondente nell'elenco 'Risorse del computer', selezionare Proprietà > Strumenti > 'Esegui scandisk'. Assicuratevi che l'opzione 'Correggi automaticamente gli errori del file system' sia attivata e quindi fate click su Avvia).\n\nSe i passi precedenti non vi aiutano, seguire i passi che seguono. + Lo spazio libero sull'unità %s è di %.2f byte. + Lo spazio libero sull'unità %s è di %.2f KB + Lo spazio libero sull'unità %s è di %.2f MB + Lo spazio libero sull'unità %s è di %.2f GB + Lo spazio libero sull'unità %s è di %.2f TB + Lo spazio libero sull'unità %s è di %.2f PB + Impossibile ottenere lettere di unità libere. + ERRORE: Driver VeraCrypt non trovato.\n\nCopiare i file 'veracrypt.sys' e 'veracrypt-x64.sys' nella directory dove si trova il file esecutivo di VeraCrypt (VeraCrypt.exe).. + Error: Una versione incompatibile di VeraCrypt è attualmente in esecuzione.\n\nSe stai provando ad avviare VeraCrypt in modalità portabile (cioè senza installarlo) e una versione differente di VeraCrypt è già installata, bisogna prima distinstallarla (o aggiornarla utilizzando l'installer di VeraCrypt). Per disinstallarla, segui questi passi: Su Windows Vista o successivo, seleziona 'Start Menu' > Computer > 'Disinstalla o cambia programma' > VeraCrypt > Disinstalla; su Windows XP, seleziona 'Start Menu' > Impostazioni > 'Pannello di Controllo' > 'Aggiungi o Rimuovi Programmi' > VeraCrypt > Rimuovi.\n\nAllo stesso modo, se stai provando ad avviare VeraCrypt in modalità portabile (cioè senza installarlo) e una versione differente di VeraCrypt è già avviata in modalità portabile, devi riavviare prima il sistema e poi eseguire solo questa nuova versione. + ERRORE: inizializzazione dell'algoritmo di codifica fallita. + ERRORE: è stata rilevata una chiave debole o potenzialmente debole. La chiave verrà scartata. Provare di nuovo. + Si è verificato un errore fatale e VeraCrypt deve essere terminato. Se questo è causato da un difetto di VeraCrypt, noi vorremmo correggerlo. Per aiutarci, potete inviarci un report di errore generato automaticamente contenente i seguenti elementi:\n\n- Versione del programma\n- Versione del sistema operativo\n- Tipo di processore\n- Nome del componente di VeraCrypt\n- Checksum dell'eseguibile di VeraCrypt\n- Nome simbolico della finestra di dialogo\n- Categoria di errore\n- Indirizzo dell'errore\n- Chiamata dello stack di VeraCrypt\n\nSelezionando 'Si', il seguente URL (contenente l'intero report di errore) verrà aperto nel vostro browser Internet predefinito.\n\n%hs\n\nVolete inviarci il report errori sopradescritto? + Si è verificato un errore critico nel vostro sistema che richiede la chiusura di VeraCrypt.\n\nNotate che questo errore non è stato causato da VeraCrypt (per cui gli sviluppatori di VeraCrypt non possono correggerlo). Controllate il vostro sistema per possibili problemi (cioè: configurazione di sistema, connessioni di rete, componenti hardware difettati e così via). + Si è verificato un errore critico nel vostro sistema, che richiede la chiusura di VeraCrypt.\n\nSe questo problema persiste, potete tentare la disattivazione o disinstallazione delle applicazioni che possono causare potenzialmente questo problema, come antivirus oppure software di sicurezza Internet, aggiornamenti di sistema oppure ottimizzatori, ecc. Se questo non vi aiuta, potete tentare la reinstallazione del vostro sistema operativo (questo può essere causato anche da malware). + Errore fatale di VeraCrypt + VeraCrypt ha scoperto che il sistema operativo è andato in crash recentemente. Ci sono molte ragioni potenziali perchè il sistema può essere andato in crash (per esempio, un componente hardware fallito, un errore in un componente di periferica, ecc.)\n\nVolete che VeraCrypt verifichi se un errore in esso abbia causato il chrash di sistema? + Volete che VeraCrypt continui a scovare i crash di sistema? + VeraCrypt non trova file minidump di crash sistema. + Vuoi cancellare i file crash dump di Windows crash dump file per liberare spazio sul disco? + Allo scopo di analizzare il blocco del sistema, VeraCrypt prima installare prima Microsoft Debugging Tools per Windows.\n\nDopo aver fatto clic su OK, l'installer di Windows scaricherà il pacchetto di installazione di Microsoft Debugging Tools (16 MB) da un server Microsoft e lo installerà (l'installer di Windows sarà seguita dall'URL del server Microsoft dal server veracrypt.org, assicurandovi che questa funzione lavora anche se Microsoft modifica il percorso del pacchetto di installazione). + Dopo aver fatto clic su OK, VeraCrypt analizzerà il crash di sistema. Questo impiegherà più di diversi minuti. + Assicuratevi che l'ambiente variabile 'PERCORSO' includa il percorso a 'kd.exe' (Kernel Debugger). + Sembrao d che VeraCrypt più probabilmente non causi il crash di sistema. Ci sono più ragioni potenziali per cui il sistema può essere andato in crash(per esempio, un componente hardware difettoso oppure un difetto in un driver di periferica, ecc.) + I risultati dell'analisi indica che aggiornando i seguenti drivers può risolvere questo problema: + Per aiutarci a determinare se c'è un difetto in VeraCrypt, dovete inviarci un report errori generato automaticamente contenente i seguenti elementi:\n- Versione del programma\n- Versione del sistema operativo\n- Tipo di CPU\n- Categoria di errore\n- Nome e versione del driver\n- Chiamata stack di sistema\n\nSelezionando 'Sì', il seguente URL (contenente l'intero report errore) sarà aperto nel vostro Internet browser predefinito. + Volete inviarci il report errori di cui sopra? + &Codifica + &Decodifica + &Decodifica definitiva + Esci + Creare un'unità logica per questa partizione estesa, quindi riprovare. + Un volume VeraCrypt può risiedere in un file (chiamato VeraCrypt contenitore), che può risiedere in un disco rigido, su un'unità flash USB, ecc. Un contenitore VeraCrypt è simile a qualsiasi altro file normale (può essere, ad esempio, spostato o cancellato come un qualsiasi altro file). Fate clic su 'Seleziona file' per scegliere un nome file per il contenitore e selezionare il percorso dove esso deve essere creato.\n\nATTENZIONE: Selezionando un file esistente, VeraCrypt NON lo cifrerà; il file sarà eliminato e sostituito con il file contenitore VeraCrypt creato nuovamente. Potrete cifrare i file esistenti (in seguito) muovendoli nel contenitore VeraCrypt che state creando adesso. + Selezionate la posizione del volume esterno da creare (all'interno di questo volume, sarà creato in seguito il volume nascosto).\n\nUn volume VeraCrypt può risiedere in un file (chiamato contenitore di VeraCrypt), che può risiedere su un disco rigido, su una periferica flash USB, ecc. Un contenitore VeraCrypt può può essere spostato o cancellato come un qualsiasi altro file normale. Fate clic su 'Seleziona file' per scegliere un nome file per il contenitore e selezionare il percorso dove volete venga creato. Se selezionate un file esistente, VeraCrypt NON lo cifrerà; il file sarà eliminato e sostituito con il nuovo file contenitore. Potrete cifrare i file esistenti (in seguito) muovendoli nel contenitore VeraCrypt che state creando adesso. + Un’unità ospitata da un volume VeraCrypt può essere creata all'interno di una partizione su disco rigido, su un disco allo stato solido, scheda di memoria USB ed altre unità di memoria supportate. Le partitizioni possono anche essere codificate in posto.\n\nIn aggiunta, le unità codificate ospitati nei volumi VeraCrypt possono essere create all’interno di unità che non contengono nessuna partizione (compresi dischi rigidi e dischi allo stato solido).\n\nNota: Un’unità contenente delle partizioni può essere totalmente Crittata in posto (usando una chiave singola) solo se essa è il disco dove Windows è installato e dalla quale Windows si avvia. + Un’unità ospitata da un volume VeraCrypt può essere creata all’interno di una partizione su disco rigido, disco allo stato solido, scheda di memoria USB ed altre unità di memoria.\n\nATTENZIONE: Notate che la partizione/unità sarà formattata e tutti i dati attualmente memorizzati in essa saranno persi. + \nSelezionare la posizione del volume esterno da creare (all’interno di questo volume si potrà creare in seguito il volume nascosto).\n\nI volumi esterni possono essere creati all’interno delle partizioni su disco rigido, dischi allo stato solido, unità di memoria USB e su qualsiasi altra unità di memoria supportata. I volumi esterni possono essere anche creati all’interno delle unità che non contengono nessuna partizione (compresi dischi rigidi e dischi allo stato solido).\n\nATTENZIONE: Notate che la partizione/unità dovrà essere formattata e tutti i dati in essa contenuti attualmente saranno distrutti. + Selezionare il volume VeraCrypt nel quale si vuole creare un volume nascosto. + WARNING: Il file o unità ospite è già in uso!\n\nIgnorando questo può causare dei risultati indesiderati, compresa la instabilità di sistema. Tutte le applicazioni che possono stare utilizzando il file oppure periferica ospite (come per esempio, gli antivirus o applicazioni di backup) devono essere chiuse prima del montaggio del volume.\n\nContinuare il montaggio? + ERRORE: impossibile montare il volume. Il file/unità è già in uso. Anche il tentativo di montaggio senza i diritti di accesso esclusivo è fallito. + Impossibile aprire il file. + Percorso del volume + File grandi + Intendete salvare i file maggiori di 4 GB in questo volume VeraCrypt? + A seconda della vostra scelta sopra, VeraCrypt sceglierà un file system predefinito appropriato per il volume VeraCrypt (potrete selezionare un file system nel passo successivo). + Siccome state creando un volume esterno, dovete considerare la scelta 'No'. Se scegliete 'Sì', il file system predefinito sarà NTFS, che non è adeguato per i volumi esterni come FAT (per esempio, la dimensione massima possibile per il volume nascosto sarà grande significativamente se l volume esterno è formattato come FAT). Normalmente, il FAT è predefinito per entrambi i volumi, nascosto e normale (così, i volumi FAT non sono sospetti). Comunque, se l'utente indica la volontà di memorizzare i dati maggiori di 4 GB (che il file system FAT non consente), il FAT non è di default. + Siete sicuri di selezionare 'Sì'? + Modalità creazione volume + Questo è il metodo veloce per creare un volume VeraCrypt ospitato in una partizione oppure unità (la codifica in posto, che è l’altra opzione, risulta lenta in quanto deve prima leggere, codificare e scrivere ogni settore). Qualsiasi dato attualmente memorizzato nella partizione/unità selezionata saranno distrutti (i dati NON saranno codificati, essi saranno soprascritti con dati casuali). Se volete codificare i dati esistenti su una partizione, scegliete l’altra opzione. + L’intera partizione selezionata ed i dato memorizzati in essa saranno codificati sul posto. Se la partizione è vuota potete scegliere l’altra opzione (il volume sarà creato più velocemente). + Nota: + &Riprendi + &Rimanda + &Avvia + &Continua + &Formatta + &Pulisci + Interrompere la formattazione? + Mostra uteriori informazioni + Non mostrare ancora questo + Il contenuto della partizione/unità è stata cancellata con successo. + Il contenuto della partizione dove il sistema originale (del quale il sistema nascosto è un clone) risiede è stato cancellato con successo. + Assicuratevi che la versione di Windows che state installando (nella partizione pulita) è la stessa come la versione di Windows che state eseguendo attualmente. Questo è richiesto perchè entrambi i sistemi condividono una partizione di avvio comune. + La partizione/disco di sistema è stato decriptato con successo.\n\nNota: Se cisono dei volumi VeraCrypt non di sistema che desiderate mountare automaticamente ogni volta che viene avviato Windows, potete impostare questo montando ognuno di essi e selezionando 'Preferiti' > 'Aggiungi volume montato ai preferiti di sistema'). + La partizione/disco di sistema è stato decriptato con successo. + \n\nIl volume VeraCrypt è stato creato ed è pronto per l'uso. Se si desidera creare un altro volume VeraCrypt, fate click su 'Avanti'. Altrimenti, fate click su 'Esci'. + n\nIl volume VeraCrypt nascosto è stato creato con successo (il sistema operativo nascosto deve risiedere all’interno di questo volume nascosto).\n\nFate click su Avanti per continuare. + Volume criptato totalmente + Volume Fully Decrypted + IMPORTANTE: PER MONTARE QUESTO VOLUME NUOVAMENTE CREATO E PER ACCEDERE AI DATI MEMORIZZATI IN ESSO, FATE CLICK SU 'Auto-monta unità' NELLA FINESTRA PRINCIPALE DI VERACRYPT. Dopo aver inserito la password corretta (e/o fornito i file chiave corretti), il volume sarà montato nel disco la cui lettera avete selezionato dall’elenco della finestra principale di VeraCrypt (e potete accedere ai dati codificati selezionando la lettera del disco).\n\nPREGO RICORDARE O SCRIVERE I PASSI SOPRA. DOVETE SEGUIRLI OGNI QUAL VOLTA VOLETE MONTARE IL VOLUME ED ACCEDERE AI DATI MEMORIZZATI IN ESSO. In alternativa, nella finestra principale di VeraCrypt, fate click su 'Seleziona unità',quindi selezionare la partizione/volume, e ciccare su 'Monta'.\n\nLa partizione/volume è stata Crittata con successo (contiene ora un volume VeraCrypt totalmente criptato) ed è pronto per l’uso. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + Il volume VeraCrypt è stato creato con successo. + Volume creato + IMPORTANTE:Muovere il vostro mouse il più casualmente possibile entro questa finestra. E' preferibile un movimento più lungo perchè aumenta in modo significativo l'effetto delle chiavi di codifica, quindi fate click su Formatta per creare il volume. + Fate click su Formatta per creare il volume esterno. Per ulteriori informazioni, riferitevi alla documentazione. + Formattazione del volume esterno + Formattazione del volume nascosto + Formattazione del volume + Per visualizzare o stampare la guida dell'utente di VeraCrypt, è necessario Adobe Reader (o un programma analogo). E' possibile scaricare Adobe Reader (freeware) da: www.adobe.com\n\nSi vuole accedere alla documentazione online? + Selezionando questa opzione, la procedura per prima cosa vi aiuterà a creare un volume VeraCrypt normale e quindi un volume VeraCrypt nascosto al suo interno. Gli utenti inesperti devono sempre selezionare questa opzione. + Selezionando questa opzione, creerete un volume nascosto all'interno di un volume VeraCrypt. Esso riterrà che voi abbiate già creato un volume VeraCrypt idoneo ad ospitare il volume nascosto. + Modalità creazione volume + Volume nascosto creato + Il volume nascosto VeraCrypt è stato creato con successo ed è pronto per l'uso. Se sono state seguite tutte le istruzioni e se le precauzioni e riquisiti elencati nella sezione "Requisiti e precauzioni di sicurezza pertinenti ai volumi nascosti" nel manuale itente di VeraCrypt, deve essere impossibile provare che il volume nascosto esiste, anche quando il volume nascosto è montato.\n\nATTENZIONE: Se non proteggete il volume nascosto (per informazioni su come fare questo, riferitevi alla sezione "Protection of Hidden Volumes Against Damage" nella VeraCrypt User Guide), non scrivete nel volume esterno, altrimenti potrete sovrascrivere e danneggiare il volume esterno! + Avete avviato il sistema operativo nascosto. Come siete stati avvisati, il sistema operativo nascosto sembra essere installato nella stessa partizione del sistema operativo originale. Comunque, in realtà, esso è installato all’interno della partizione dietro ad essa (nel volume nascosto). Tutte le operazioni di lettura e scrittura vengono redirette in trasparenza dalla partizione del sistema originale al volume nascosto.\n\nNè il sistema operativo che nessuna applicazione sapranno che i dati scritti su e letti dalla partizione di sistema vengono scritti su e letti dalla partizione dietro ad essa (da/al volume nascosto). Qualsiasi tipo di dati viene criptato e decriptato al volo come al solito (con una chiave di codifica differente da quella usata per il sistema operativo di richiamo).\n\n\nFate click su Avanti per continuare. + Il volume esterno è stato creato ed è stato montato come unità %hc:. In questo volume esterno dovete ora copiare alcuni file sensibili che attualmente voi NON volete nascondere. Essi stanno per chiunque costringendovi a svelare la password per la prima partizione dietro alla partizione di sistema dove il volume esterno ed il volume nascosto (contenente il sistema operativo nascosto) risiede. Sarete capaci di rivelare la password per questo volume esterno, e l'esistenza del volume nascosto (e del sistema operativo nascosto) rimarrà segreto.\n\nIMPORTANTE: I file che copiate sul volume esterno non dovrebbero occupare più che%s, altrimenti non ci sarà spazio libero sufficiente sul volume esterno per il volume nascosto (e quindi non potrete continuare). Dopo che avete terminato la copia fate click su Avanti (non smontate il volume). + Il volume esterno è stato creato con successo e montato come unità %hc:. Bisognerebbe ora copiare qui alcuni file apparentemente riservati che in realtà NON si desidera nascondere. Questi file saranno accessibili a un aggressore che si impossessi della password. E' possibile rivelare solo la password del volume esterno, non di quello nascosto. I file veramente importanti saranno memorizzati nel volume nascosto, che sarà creato in seguito. Terminata la copia, cliccare su 'Avanti'. Non smontare il volume.\n\nNota: dopo aver cliccato su 'Avanti', verrà analizzata la mappa dei cluster del volume esterno per determinare la dimensione dello spazio libero contiguo fino alla fine del volume esterno. Quest'area conterrà il volume nascosto, limitando la sua dimensione massima. L'analisi della mappa dei cluster assicura che i dati sul volume esterno non vengano soprascritti dal volume nascosto. + Contenuto del volume esterno + \n\nNei prossimi passaggi saranno impostate le opzioni per il volume esterno (nel quale verrà creato in seguito il volume nascosto). + \n\nNei passi successivi voi creerete un cosiddetto volume VeraCrypt esterno nella prima partizione dietro a quella di sistema (come è stato spiegato in uno dei passi precedenti). + Volume esterno + Nei passi che seguono potete impostare le opzioni e le password per il volume nascosto, che conterrà il sistema operativo nascosto.\n\nNota: La tavola dei bit dei cluster del volume esterno è stata analizzata allo scopo di determinare la dimensione dell’area ininterrotta dello spazio libero, la quale estremità è allineata con quella del volume esterno. Questa area accoglierà il volume nascosto, per cui il suo limite ha la massima dimensione possibile. La massima dimensione possibile per il volume nascosto è stata determinata e confermata ad essere più grande della dimensione della partizione di sistema (e questo viene richiesto, perché l’intero contenuto della partizione di sistema deve essere copiato nel volume nascosto). Questo assicura che nessun dato attualmente memorizzato nel volume esterno venga soprascritto dall’area del volume nascosto. + IMPORTANTE: Ricordatevi gli algoritmi usati in questo passo. Dovrete selezionare gli stessi algoritmi per il sistema operativo di richiamo, altrimenti il sistema operativo nascosto SARA’ INACCESSIBILE! (Il sistema operativo di richiamo deve essere criptato con lo stesso algoritmo di codifica come il sistema nascosto.)\n\nNota: La ragione di questo è che il sistema operativo di richiamo condividerà un singolo loader di avvio, che supporta solo un singolo algoritmo, selezionato dall’utente (per ogni algoritmo, esiste una speciale versione del Loader di avvio di VeraCrypt). + \n\nLa tavola dei bit dei cluster è stata analizzata e la massima dimensione possibile del volume nascosto è stata determinata. Nei prossimi passaggi saranno impostate le opzioni, la dimensione e la password per il volume nascosto. + Volume nascosto + Il volume nascosto è ora protetto contro i danni finché i volume esterno è smontato.\n\nATTENZIONE: Se avete tentato di scrivere qualsiasi dato sull'area del volume nascosto, VeraCrypt avvierà a proteggere dalla scrittura il volume intero (entrambe le parti , nascosta ed esterna) finché esso è smontato. Questo può causare il danneggiamento del file system nel volume esterno il quale, (se ripetuto) può avere effetto plausibile di danneggiamento del volume nascosto. Per cui dovete evitare di scrivere nell'area del volume nascosto. Qualsiasi dato salvato su disco nascosto non sarà salvato ed andrà perso. Windows segnalerà questo come errore di scrittura ("Errore di scrittura ritardata" oppure "Il parametro è errato"). + Qualsiasi volume nascosto all’interno dei volumi montati di recente è ora protetto finchè non viene smontato.\n\nATTENZIONE: Se qualsiasi dato tenta di essere salvato sul’area nascosta di qualsiasi volume, VeraCrypt inizierà a proteggere dalla scrittura il volume intero (sia la parte esterna che quella nascosta) finchè esso sia smontato. Questo può causare il danneggiamento del file system nel volume esterno il quale, (se ripetuto) può avere effetto plausibile di danneggiamento del volume nascosto. Per cui dovete evitare di scrivere nell'area del volume nascosto. Qualsiasi dato salvato su disco nascosto non sarà salvato ed andrà perso. Windows segnalerà questo come errore di scrittura ("Errore di scrittura ritardata" oppure "Il parametro è errato"). + ATTENZIONE: Si è tentato di salvare i dati sull’area nascosta del volume montato come %c:! VeraCrypt impedisce a questi dati di essere salvati per proteggere il volume nascosto. Questo deve aver causato il danneggiamento del file system nel volume esterno e Windows deve aver segnalato un errore di scrittura ("Errore di scrittura ritardata" oppure "Il parametro è errato"). L’intero volume (sia nella parte esterna che quella ignota) sarà protetto da scrittura finché esso è smontato. Se questa non è la prima volta, VeraCrypt ha evitato che i dati vengano salvati nell’area nascosta di questo volume, si può verificare una scusa plausibile per questo volume nascosto (dovuto alle possibili inconsistenze correlate all’interno del file system del volume esterno). Pertanto dovete considerare la creazione di un nuovo volume VeraCrypt volume (con la formattazione veloce non attivata) e muovendo i file da questo volume al nuovo volume. Questo volume deve essere cancellato sicuramente (sia nella parte nascosta che in quella esterna). Vi raccomandiamo vivamente di riavviare il vostro sistema operativo. + Hai mostrato l'intento di archiviare file più grandi di 4 GB sul volume. Questo richiede che il volume sia formattato in NTFS, che, comunque, non sarà possibile. + Si prega di notare che quando un sistema operativo nascosto è in esecuzione, i volumi VeraCrypt non nascosti non possono essere formattato come NTFS. La ragione è che il volume avrebbe bisogno di essere temporaneamente montato senza protezione di scrittura per permettere al sistema operativo di formattarlo come NTFS (mentre la formattazione FAT viene eseguita da VeraCrypt, non dal sistema operativo, e senza montare il volume). Per ulteriori dettagli tecnici, vedere di seguito. È possibile creare un volume NTFS non-nascosto dall'interno del sistema operativo di facciata. + Per motivi di sicurezza, quando un sisetma operativo nascosto è in esecuzione, i volumi ignoti possono essere creati solo in modaltà 'diretta' (perchè i volumi esterni vanno sempre montati in sola lettura). Per creare sicuramente un volume nascosto, seguire questi passi:\n\n1) Avviare il sistema di inganno.\n\n2) Creare un volume VeraCrypt normale ed, in questo, copiare alcuni file sensibili che attualmente NON si desidera nascondere (il volume diventerà volume esterno).\n\n3) Avviare il sistema nascosto e la prcedura di creazione volumi di VeraCrypt. Se i volume è ospitato da file (file-hosted), muoverlo nella partizione di sistema oppure in un'altro volume nascosto (diversamente, il volume nascosto che avete creato deve essere montato in sola lettura e non può essere formattato). Seguire le istruzioni nella procedura guidata su come selezionare la modalità di creazione del volume 'diretto'.\n\n4) Nella procedura selezionare il volume da voi creato nel passo 2 e quindi seguire le istruzioni su come creare un volume nascosto al suo interno. + Per motivi di sicurezza, quando un sistema operativo nascosto è in esecuzione, i file systems locali non codificati ed i volumi VeraCrypt non ignoti vengono montati in sola lettura (nessun dato può essere scritto in tali file systems o volumi di VeraCrypt).\n\nE' consentiuo scrivere i dati in qualsiasi file system che risiede all'interno di un volume VeraCrypt nascosto (provvedere che il volume nascosto non sia collocato in un contenitore memorizzato in un file system decriptato oppure in qualsiasi altro file system in sola lettura). + Ci sono tre ragioni principali per le quali delle contromisure sono state implementate:\n\n- Esse vi consentono la creazione di una piattaforma sicura per il montaggio di volumi ignoti VeraCrypt. Notate che noi raccomandiamo ufficialmente che i volumi nascosti sono montati solo quando è in esecuzione un sistema operativo nascosto. (Per maggiori informazioni vedere la sottosezione 'Requisiti di sicurezza e precauzioni pertinenti ai volumi ignoti' nella documentazione.)\n\n- In alcuni casi, è possibile determinare che, in un certo tempo, un file system particolare non è stato montato sotto (oppure che un file particolare oppure il file system non è stato salvato oppure aperto dall'interno di esso) una particolare istanza di un sistema operativo (esempio, analizzando e comparando i filesystem journals, i file timestamps, i logs di applicazione, i logs di errore ecc.). Questo può indicare che un sistema operativo nascosto è installato nel computer. Le contromisure evitano questi problemi.\n\n- Esso evita la corruzione dei dati consentendo una ibernazione sicura. Quando Windows ritorna dall'ibernazione, esso presume che tutti i filesystem montati sono nello stesso stato come quando il sistema è entrato in ibernazione. VeraCrypt assicura questo tramite la protezione da scrittura di qualsiasi filesystem accessibile da entrambi i sistemi, di inganno e nascosto. Senza tale protezione, il filesystem può diventare corrotto quando montato da un sistema mentre l'altro sistema è ibernato. + Nota: Se volete trasferire sicuramente i file dal sistema operativo di richiamo al sistema nascosto, seguite questi passi: 1) Avviare il sistema di richiamo. 2) Salvare i file in un volume decriptato oppure in un volume VeraCrypt normale o esterno. 3) Avviare il sistema nascosto. 4) Se voi salvate i file in un volume VeraCrypt, montarlo (sarà montato automaticamente in sola lettura). 5) Copiare i file nella partizione di sistema nascosto oppure un altro volume nascosto. + Il vostro computer deve essere riavviato.\n\nVolete riavviarlo ora? + Si è verificato un errore nel dare lo stato di codifica del sistema. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Impossibile inizializzare i componenti dell’applicazione per la codifica del sistema. + Inizializzazione del generatore di numeri casuali fallita! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Impossibile inizializzare l'applicazione. Registrazione della classe Finestra di dialogo fallita. + ERRORE: Fallito nel caricare il Rich Edit della libreria di sistema. + Creazione guidata volume VeraCrypt + La dimensione massima del volume nascosto per questo volume è di %.2f byte. + La dimensione massima del volume nascosto per questo volume è di %.2f KB. + La dimensione massima del volume nascosto per questo volume è di %.2f MB. + La dimensione massima possibile del volume nascosto per questo volume VeraCrypt è %.2f GB. + La dimensione massima possibile del volume nascosto per questo volume VeraCrypt è %.2f TB. + La password o i file chiave per il volume non possono essere modificati mentre questo è montato. E' necessario smontare prima il volume. + L'algoritmo di derivazione per la chiave di testata non può essere cambiato mentre il volume è montato. E' necessario smontare prima il volume. + Monta + Per montare questo volume è richiesta una versione più recente di VeraCrypt. + ERRORE: procedura guidata per la creazione del volume non trovata.\n\nAssicurarsi che il file 'VeraCrypt Format.exe' sia nella cartella dalla quale 'VeraCrypt.exe' è stato eseguito. Altrimenti reinstallare VeraCrypt o individuare 'VeraCrypt Format.exe' sul disco ed eseguirlo. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + Avanti > + &Fine + &Installa + E&strai + Impossibile connettersi al driver di unità VeraCrypt. VeraCrypt non può lavorare se il driver di unità non è in esecuzione.\n\nNotare che, a causa di un requisito di Windows, può essere necessario disconnettersi oppure riavviare il sistema prima che il driver di unità possa essere caricato. + Si è verificato un errore nel caricamento/preparazione dei font. + Lettera dell'unità non trovata oppure non specificata. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Lettera di unità non disponibile. + Nessun file selezionato.! + Nessuna lettera di unità disponibile. + Nessuna lettera di unità libera per il volume esterno! La creazione del volume non può proseguire. + Impossibile determinare la versione del sistema operativo oppure si sta usando un sistema operativo non supportato. + Nessun percorso selezionato! + Spazio libero insufficiente per il volume nascosto! La creazione del volume non può proseguire. + ERRORE: I file da voi copiati nel volume esterno occupa troppo spazio. Pertanto, non c'è spazio sufficiente a disposizione nel volume esterno per il volume nascosto.\n\nDa notare che il volume nascosto deve essere grande come la partizione di sistema (che è quella in è installato cui il sistema operativo attualmente in esecuzione). La ragione è che il sistema operativo nascosto necessita di essere creato copiando il contenuto della partizione di sistema nel volume nascosto.\n\n\nLa procedura di creazione del sistema operativo nascosto non può continuare. + Il driver non riesce a smontare il volume. Alcuni file che si trovano in esso potrebbero essere ancora aperti. + Impossibile bloccare il volume. Ci sono file ancora aperti in esso, pertanto questo non può essere smontato. + VeraCrypt non può chiudere il volume perché esso è in uso dal sistema o applicazioni (possono esserci file aperti sul volume).\n\nVolete forzare lo smontaggio del volume? + Selezionare un volume VeraCrypt + Specificare il percorso e nome del file + Selezionare la libreria PKCS #11 + Memoria esaurita + IMPORTANTE: Raccomandiamo rigorosamente che gli utenti non esperti creano un file contenitore VeraCrypt contenente la partizione/periferica selezionata invece di tentare la cifratura dell'intera partizione/periferica.\n\nQuando create un file contenitore VeraCrypt (al contrario di cifrare una periferica o partizione) c'è, per esempio, nessun rischio di distruzione di un grande numero di file. Notare che un file contenitore VeraCrypt (anche quando esso contiene un disco virtuale criptato) è attualmente come qualsiasi file normale. Per maggiori informazioni vedere il capitolo Beginner's Tutorial nella guida utente di VeraCrypt User Guide.\n\nSiete sicuri di voler codificare l'intera periferica/partizione? + AVVERTENZA: Il file '%s' già esiste!\n\nIMPORTANTE: VERACRYPT NON CODIFICHERA’ IL FILE, MA LO CANCELLERA'. Siete sicuri di voler cancellare il file e sostituirlo con un nuovo contenitore VeraCrypt? + ATTENZIONE: QUALSIASI FILE ATTUALMENTE MEMORIZZATO NELLA PARTIZIONE%s '%s'%s SARA' CANCELLATO E PERSO (ESSI NON SARANNO CODIFICATI)!\n\nSiete sicuri di voler procedere con la formattazione? + AVVERTENZA: Non potrete montare il volume oppure accedere a nessun file memorizzato in esso finché esso è stato criptato interamante.\n\nSiete sicuri di voler avviare la codifica del selezionato %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + AVVERTENZA: Notate che se l’alimentazione elettrica viene interrotta bruscamente durante la codifica in posto dei dati esistenti, o quando il sistema operativo va in crash a causa di un errore del software o di un malfunzionamento dell’hardware mentre VeraCrypt sta codificando i dati in posto, delle parti di dati possono essere corrotti o persi. Pertanto, prima di avviare la codifica, assicuratevi di aver fatto delle copie di backup dei file da codificare.\n\nAvete fatto tale copia di backup? + ATTENZIONE: QUALSIASI FILE ATTUALMENTE MEMORIZZATO NELLA PARTIZIONE '%s'%s (ESEMPIO NELLA PRIMA PARTIZIONE DIETRO LA PARTIZIONE DI SISTEMA) VERRA' CANCELLATO E PERSO (ESSI NON SARANNO CODIFICATI)!\n\nSiete sicuri di voler procedere con la formattazione? + AVVERTENZA: LA PARTIZIONE SELEZIONATA CONTIENE UNA GRANDE QUANTITA’ DI DATI! Qualsiasi file memorizzato nella partizione sarà cancellato e perso (NON SARANNO CODIFICATI)! + Cancella qualsisasi file memorizzato nella partizione creando un volume VeraCrypt al suo interno + Password + PIM + Impostare algoritmo per la chiave di testata + Aggiungere/rimuovere i file chiave al/dal volume + Rimuovere tutti i file chiave dal volume + Password, PIM e/o file chiave cambiato con successo.\n\nIMPORTANTE: Assicuratevi di aver letto la sezione 'Changing Passwords and Keyfiles' nel capitolo 'Security Requirements and Precautions' nella VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANTE: Se non avete distrutto il vostro disco di ripristino di VeraCrypt, la vostra partizione/disco di sistema può essere ancora deCrittata usando la vecchia password (tramite l'avvio del disco di ripristino di VeraCrypt e digitando la vecchia password). Dovete creare un nuovo disco di ripristino di VeraCrypt e quindi distruggere il vecchio.\n\nVolete creare un nuovo disco di ripristino di VeraCrypt? + Da notare che il vostro disco di ripristino di VeraCrypt usa ancora l'algoritmo precedente. Se considerate il precedente algoritmo non sicuro, dovete creare un nuovo disco di ripristino di VeraCrypt e distruggere il precedente.\n\nVolete creare un nuovo disco di ripristino di VeraCrypt? + Qualsiasi tipo di file (ad esempio Mp3, Jpg, Zip, Avi) può essere utilizzato come un file-chiave di VeraCrypt. Si noti che VeraCrypt non modifica mai il contenuto del file-chiave. È possibile selezionare più di un file-chiave (l'ordine non ha importanza). Se si aggiunge una cartella, tutti i file non nascosti trovat in essa saranno utilizzati come file-chiave. Cliccare su 'Aggiungi file chiave' per selezionare un file-chiave memorizzato su di un token di sicurezza o una smart card (o per importarvi il file-chiave). + File chiave aggiunti/rimossi con successo. + File chiave esportati. + Algoritmo di derivazione della chiave di testata impostato con successo. + Digitate la password e /o file chiave per il volume non di sistema dove volete riprendere il processo di codifica in posto.\n\n\nNota: Dopo aver fatto click su Avanti, VeraCrypt tenterà di cercare tutti i volumi non di sistema dove il processo di codifica è stato interrotto e dove la testata del volume VeraCrypt può essere DeCrittata usando la password e/o file chiave fornito. Se più di uno di tali volumi viene trovato, avete bisogno di selezionare uno di essi nel passo successivo. + Selezionare uno dei volumi elencati. L’elenco contiene ogni volume non di sistema accessibile dove il processo di codifica è stato interrotto e le quali testate devono essere decodificate usando la password o file chiave forniti. + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + E' molto importante di scegliere una buona password. Dovete evitare di scegliere una che contenga solo una parola singola che possa essere trovata in un dizionario (oppure una combinazione di 2, 3, o 4 parole del genere). Essa non deve contenere nessun nome o data di nascita. Essa non dovrebbe essere facile da indovinare. Una buona password è una combinazione casuale di lettere maiuscole e minuscole, numeri e caratteri speciali come @ ^ = $ * + ecc. Vi raccomandiamo di scegliere una password consistente di più di 20 caratteri (più è lunga, è meglio). La lunghezza massima possibile è di 64 caratteri. + Scegliere una password per il volume nascosto. + Scegliere una password per il sistema operativo nascosto (cioè per il volume nascosto). + IMPORTANTE: La password che avete scelto per il sistema operativo nascosto in questo passo deve essere sostanzialmente differente dalle altre die password (cioè da quella del volume esterno e da quella del sistema operativo di richiamo). + Scegliere una password per il volume nel quale si vuole creare il volume nascosto.\n\nDopo aver fatto click 'Avanti', VeraCrypt tenterà di montare il volume. Subito dopo aver montato il volume, verrà analizzata la mappa dei cluster per determinare la dimensione dello spazio libero contiguo (se esiste). Questo spazio ospiterà il volume nascosto e quindi ne limiterà la dimensione massima. La scansione è necessaria per assicurare che nessun dato del volume esterno venga soprascritto dal volume nascosto. + \n Scegliere una password per il volume esterno. Questa deve essere la password che potrete rivelare ad un avversario se vi viene chiesto o siete obbligati a farlo.\n\nIMPORTANTE: Questa password DEVE essere sostanzialmente differente da quella scelta per il volume nascosto.\n\nNota: La lunghezza massima possibile della password è di 64 caratteri. + Scegliere una password per il volume esterno. Questa deve essere la password che potrete rivelare a chiunque vi obblighi a rivelare la password per la prima partizione dietro al sistema operativo, dove risiede sia il volume esterno che quello nascosto (contenente il sistema operativo nascosto). L’esistenza del volume nascosto (e del sistema operativo nascosto) rimarrà quindi segreto. Da notare che questa non è per il sistema operativo di richiamo.\n\nIMPORTANTE: Questa password DEVE essere sostanzialmente differente da quella da voi scelta per il volume nascosto (cioè per il sistema operativo nascosto). + Password per il volume esterno + Password per il volume nascosto + Password per il sistema operativo nascosto + ATTENZIONE: le password corte sono facili da violare usando tecniche di attacco a forza bruta!\n\nSi raccomanda di scegliere delle password composte da più di 20 caratteri.\n\nSiete sicuri di voler usare una password corta? + Password del volume + Password non corretta oppure l'oggetto non è un volume VeraCrypt. + File chiave e/o password non corretti oppure l'oggetto non è un volume VeraCrypt. + Modalità di montaggio errato, password errata oppure non è un volume VeraCrypt. + Modalità montaggio errato, file chiave errato (i) e/o password errata oppure non è un volume VeraCrypt. + Password errata o nessun volume VeraCrypt trovato. + File chiave e/o password non corretti o nessun volume VeraCrypt trovato. + \n\nATTENZIONE: il tasto di blocco delle maiuscole è attivato. Ciò può comportare un inserimento non corretto della password. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nATTENZIONE: dei file nascosti sono stati trovati nel percorso di ricerca del file chiave. Tali file nascosti non possono essere utilizzati come file-chiave. Se avete bisogno di usarli come un file-chiave, rimuovere l'attributo 'Nascosto' (tasto destro del mouse su ogni file, selezionare 'Proprietà' e deselezionare l'attributo 'Nascosto', quindi clic su OK). Nota: I file nascosti sono visibili solo se l'opzione che ne permette la visione è abilitata (Computer > Organizza > 'Opzioni cartelle e ricerca' > Visualizzazione). + Se state tentando di proteggere un volume nascosto contenente un sistema operativo nascosto, assicuratevi di usare la tastiera standard con layout americano quando digitate la password per il volume nascosto. Questo è richiesto dal fatto che la password deve essere digitata in ambiente di pre-avvio (prima dell'avvio di Windows) dove le tastiere con layout non americano non sono disponibili. + VeraCrypt non ha trovato nessun volume dove la codifica non di sistema è stata interrotta e dove la testata del volume può essere DeCrittata usando la password e/o file chiave fornita.\n\nAssicuratevi che la password e/o file chiave digitata sia corretta e che la partizione/volume non sia in uso dal sistema o da applicazioni (compresi i software antivirus). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNota: Se state tentando di montare una partizione collocata su un percorso di sistema criptato senza autenticazione di pre-boot oppure di montare la partizione di sistema Crittata su un sistema operativo che non è in esecuzione, dovete fare questo selezionando 'Sistema' > 'Monta senza autenticazione di pre-boot'. + In questo modo, non potete montare una partizione collocata su un drive la quale porzione è all’interno dello scopo della chiave di codifica del sistema attivo.\n\nPrima di poter montare questa partizione in questo modo, dovete avviare un sistema operativo installato su un percorso differente (criptato o decriptato) oppure avviare un sistema operativo Decriptato. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + <&Indietro + Impossibile elencare le unità installate sul sistema! + Il volume '%s' esiste ed è a sola lettura. Si è sicuri di volerlo sostituire? + Selezionare una cartella di destinazione + Selezionare un file chiave + Selezionare un percorso di ricerca dei file chiave. ATTENZIONE: verrà memorizzato solo il percorso, non i file. + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Concepito da Ross Anderson, Eli Biham e Lars Knudsen. Pubblicato nel 1998. Chiave a 256-bit, blocco a 128-bit. Modo operativo XTS. Serpent è uno dei finalisti AES. + Specificare la dimensione del contenitore da creare.\n\nSe create un contenitore dinamico (file sparsi), questo parametro specificherà la massima dimensione possibile.\n\nNotate che la minima dimensione possibile per un volume FAT è di 292 KB. Quella per un volume NTFS è di 3792 KB. + Specificare la dimensione del volume esterno da creare (dovete prima creare il volume esterno e quindi un volume nascosto al suo interno). La dimensione minima possibile per un volume al cui interno deve essere creato un volume è di 340 KB. + Specificare la dimensione del volume nascosto da creare. La dimensione minima di un volume esterno è di 40 KB (oppure 3664 KB se esso è formattato come NTFS). La dimensione massima che potete specificare per il volume nascosto viene mostrata sopra. + Dimensione del volume esterno + Dimensione del volume nascosto + Verificare se la dimensione della partizione/unità mostrata sopra è corretta e quindi fate click su Avanti. + Il volume esterno e il volume nascosto (contenente il sistema operativo nascosto) risiederanno all’interno della partizione di cui sopra. Questa deve essere la prima partizione dietro quella di sistema.\n\nVerificate che la dimensione della partizione ed il suo numero mostrato sopra è corretto, quindi, se lo è, fate click su Avanti. + \n\nNotate che la dimensione minima possibile per un volume al cui interno si trova un volume nascosto viene intesa a 340 KB. + Dimensione del volume + Dinamico + ATTENZIONE: AUTO-TEST FALLITO! + Auto-test di tutti gli algoritmi superato + Il numero delle unità dati da voi forniti è troppo lungo o troppo corto. + La chiave secondaria da voi fornita è troppo lunga o troppo corta. + Il testo criptato di prova fornito è troppo lungo o troppo corto. + La chiave di prova fornita è troppo lunga o troppo corta. + Il testo di prova normale fornito è troppo lungo o troppo corto. + Due cifre in cascata operano in modalità XTS. Ogni blocco viene prima criptato con %s (Chiave a %d-bit) e quindi con %s (Chiave a %d-bit). Ogni Codifica usa la sua propria chiave. Tutte le chiavi sono mutualmente indipendenti. + Tre cifre in cascata operano in modalità XTS. Ogni blocco viene prima criptato con %s (Chiave a %d-bit), quindi con %s (Chiave a %d-bit) ed alla fine con %s (Chiave a %d-bit). Ogni Codifica usa la sua propria chiave. Tutte le chiavi sono mutuamente indipendenti. + Notate che, a seconda della configurazione del sistema operativo, queste funzioni auto-run e montaggio automatico possono lavorare solo quando i file del traveler disk sono creati su un supporto tipo CD/DVD non scrivibile. Da notare che questo non è un difetto di VeraCrypt (è una limirazione di Windows). + Il traveler disk di VeraCrypt è stato creato.\n\nDa notare che dovete disporre dei privilegi di amministratore per eseguire VeraCrypt in modalità portabile. Da notare pure che, dopo l'esame del file di registro, è possibile chiedere che VeraCrypt venga eseguito in un sistema Windows anche se esso è eseguito in modalità portabile. + Traveler Disk di VeraCrypt + Concepito da Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall e Niels Ferguson. Pubblicato nel 1998. Chiave a 256-bit, blocco a 128-bit. Modalità operativa XTS. Twofish è uno dei finalisti AES. + Maggiori informazioni su %s + Sconosciuto + Si è verificato un errore sconosciuto (%d). + Alcuni volumi contengono file o cartelle utilizzati dalle applicazioni o dal sistema.\n\nForzare lo smontaggio? + Smonta + Smontaggio fallito! + Il volume contiene file o cartelle utilizzati dalle applicazioni o dal sistema.\n\nForzare lo smontaggio? + Nessun volume è montato sulla lettera specificata. + Il volume che si sta cercando di montare è già montato. + Si è verificato un errore nel tentativo di montare il volume. + Errore durante la ricerca della posizione all'interno del volume. + ERRORE: dimensione del volume non corretta. + WARNING: E' possibile utilizzare il Formato Rapido solo nei seguenti casi:\n\n1) Il dispositivo non contiene dati sensibili ed essi non sono contestabili in modo plausibile.\n2) Il dispositivo è già stato criptato completamente ed in modo sicuro.\n\nSei sicuro di voler utilizzare il Formato Rapido? + Un contenitore dinamico è un file sparso NTFS pre-allocato la cui dimensione fisica (spazio disco usato attualmente) aumenta mentre i nuovi dati vengono aggiunti ad esso.\n\nATTENZIONE: Le prestazioni dei volumi ospitati su file sparsi è molto inferiore delle prestazioni su volumi regolari. Inoltre, i volumi ospitati su file sparsi sono poco sicuri, perchè è possibile vedere quali settori del volume sono inutilizzati. Inoltre, questi volumi non possono fornire un diniego plausibile (se ospitano un volume nascosto). Notate anche che, se i dati sono scritti in un contenitore su file sparsi quando non c'è spazio sufficiente nel file system ospite, il file criptato può danneggiarsi.\n\nVolete comunque creare un volume ospitato su file sparso? + Notare che le dimensioni del contenitore dinamico riportate da Windows e da VeraCrypt saranno sempre uguali alle sue dimensioni massime. Per sapere l'attuale dimensione fisica del contenitore (lo spazio su disco effettivamente utilizzato), fare clic destro sul file contenitore (in una finestra di Windows Explorer, non in VeraCrypt), quindi selezionare 'Proprietà' e vedere il valore della 'Dimensioni su disco'.\n\nSi noti inoltre che se si sposta un contenitore dinamico ad un altro volume o disco, la dimensione fisica del contenitore sarà estesa al massimo. (Si può evitare ciò creando un un nuovo contenitore dinamico nella posizione di destinazione, montarlo e poi spostare i file dal contenitore vecchio al nuovo). + Password nella cache cancellata + Le Password (e/o contenuti dei file chiave processati) archiviate nella cache del driver di VeraCrypt sono state cancellate. + VeraCrypt non può modificare la password per un volume estraneo. + Selezionare una lettera di unità libera dalla lista. + Selezionare un volume montato dal'elenco delle lettere unità. + Due volumi differenti montati sono attualmente selezionati (uno è nell'elenco delle lettere unità e l'altro nel campo di input sotto l'elenco).\n\nScegliere il volume che desiderate selezionare: + ERRORE: impossibile creare autorun.inf + Errore durante l'elaborazione del file chiave! + Errore durante l'elaborazione del percorso del file chiave! + Il percorso dei file chiave non contiene file.\n\nDa notare che queste cartelle (ed i file che contengono) trovate nella ricerca dei percorsi file chiave sono ignorate. + VeraCrypt non supporta questo sistema operativo. + Errore: VeraCrypt supporta solo le versioni stabili di questo sistema operativo (versioni beta/RC non sono supportate). + ERRORE: impossibile allocare la memoria. + ERRORE: impossibile recuperare i valori del misuratore di prestazioni. + >Errore: Cattivo formato volume. + Errore: Avete fornito una password per un volume nascosto (non per un volume normale). + Per motivi di sicurezza, un volume nascosto non può essere creato all’interno di un volume VeraCrypt contenente un file system che è stato criptato in posto (perché lo spazio libero sul volume non è stato riempito da dati casuali). + VeraCrypt - Notizie legali + Tutti i file + Volumi VeraCrypt + Moduli libreria + La formattazione NTFS non può proseguire. + Impossibile montare il volume. + Impossibile smontare il volume. + Windows non può formattare il volume come NTFS.\n\nSelezionare un tipo di file system diverso (se possibile) e provare di nuovo. In alternativa, lasciare il volume non formattato (selezionare 'Nessuno' come file system), uscire dalla procedura guidata, montare il volume e utilizzare uno strumento di sistema o di terze parti per formattarlo (il volume rimarrà criptato). + Windows fallisce nel formattare il volume come NTFS.\n\nVolete invece formattare il volume come FAT? + Predefinito + partizione + PARTIZIONE + Unità + unità + UNITÀ + Volume + volume + VOLUME + Etichetta + La dimensione del cluster selezionata è troppo piccola per la dimensione di questo volume. Verrà utilizzata una dimensione del cluster maggiore. + ERRORE: impossibile leggere la dimensione del volume!\n\nAssicurarsi che il volume selezionato non sia usato dal sistema o dalle applicazioni. + I volumi ignoti non devono essere creati all'interno di contenitore dinamici(file sparsi). Per consentire la negabilità plausibile, il volume nascosto deve essere creato in un contenitore non dinamico. + La procedura di creazione del volume VeraCrypt può creare un voume nascosto solo all’interno di un volume FAT oppure NTFS. + In ambiente operativo Windows 2000, la procedura di creazione del volume di VeraCrypt può creare un volume nascosto solamente in un volume FAT. + Nota: Il file system FAT è più adeguato per i volumi esterni che il file system NTFS (per esempio, la dimensione massima possibile per il volume nascosto può essere significativamente molto grande se il volume esterno è stato formattato come FAT). + Notate che il file system FAT è più adeguato per i volumi esterni che i file system NTFS. Per esempio, la dimensione massima del volume nascosto può essere significatamente molto grande se il volume esterno viene formattato come FAT (la ragione è che il file system NTFS memorizza sempre i dati interni esattamente al centro del volume e, quindi, il volume esterno può risiedere solo nella seconda metà del volume esterno).\n\nSiete sicuri di voler formattare il volume esterno come NTFS? + Volete invece formattare il volume come FAT? + Nota: Questo volume non può essere formattato come FAT, perchè eccede la misura massima del volume supportata dal filesystem FAT32 per la dimensione applicabile per settore (2 TB per settori da 512-byte e 16 TB per settori da 4096-byte). + ERRORE: La partizione per il sistema operativo nascosto (cioè la prima partizione dietro a quella di sistema) deve essere almeno il 5% più grande della partizione di sistema (cioè quella dove è installato il sistema operativo attualmente in esecuzione). + ERRORE: La partizione per il sistema operativo nascosto (cioè la prima partizione dietro a quella di sistema) deve essere almeno il 110% (2.1 volte) più grande della partizione di sistema (cioè quella dove è installato il sistema operativo attualmente in esecuzione).La ragione è che il file system NTFS memorizza sempre i dati interni esattamente al centro del volume e, quindi, il volume nascosto (che deve contenere un clone della partizione di sistema) può risiedere solo nella seconda metà della partizione + ERRORE: Se il volume esterno è formattato come NTFS, esso deve essere almeno il 110% (2.1 volte) più grande della partizione di sistema. La ragione è che il file system NTFS memorizza sempre i dati interni esattamente al centro del volume e, quindi, il volume nascosto (che deve contenere un clone della partizione di sistema) può risiedere solo nella seconda metà del volume esterno.\n\nNota: Il volume esterno ha bisogno di risiedere all’interno della stessa partizione del sistema operativo nascosto (cioè all’interno della prima partizione dopo la partizione di sistema). + ERRORE: Non esiste nessuna partizione dietro quella di sistema.\n\nNota che prima di poter creare un sistema operativo nascosto, dovete creare una partizione per esso sul disco di sistema. Essa deve essere la prima partizione dietro quella di sistema e deve essere almeno il 5% più grande della partizione di sistema (quella dove è installato il sistema operativo attualmente in esecuzione). Pertanto, se il volume esterno (da non confondere con la partizione di sistema) è formattato come NTFS, la partizione per il sistema operativo nascosto deve essere almeno il 110% (2.1 volte) più grande della partizione di sistema (la ragione è che il file system NTFS memorizza sempre i dati interni esattamente al centro del volume e, quindi, il volume nascosto, che deve contenere un clone della partizione di sistema, può risiedere solamente nella seconda metà della partizione). + AVVERTENZA: Non è pratico (e quindi non supportato) installare sistemi operativi in due volumi VeraCrypt inseriti all’interno di una singola partizione, perché l’uso del sistema operativo richiesto ha bisogno spesso di scrivere i dati nell’area del sistema operativo nascosto (e se tali operazioni di scrittura sono state evitate usando la caratteristica di protezione del voume nascosto, esso causerebbe un’inerente crash di sistema, cioè l’errore di ‘Schermo blu’). + Per maggiori informazioni su come creare e gestire le partizioni, riferitevi alla documentazione fornita con il vostro sistema operativo oppure il supporto tecnico del venditore del vostro computer per l’assistenza. + ERRORE: Il sistema operativo attualmente in esecuzione non è installato nella partizione di avvio (prima partizione attiva). Questo non è supportato. + Avete segnalato che intendete memorizzare dei file maggiori di 4 GB in questo volume VeraCrypt. Comunque avete scelto il file system FAT, nel quale i file maggiori di 4 GB non possono essere salvati.\n\nSiete sicuri di volere formattare il volume come FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + ERRORE: impossibile accedere al volume!\n\nAssicurarsi che il volume selezionato esista, che non sia montato o in uso da parte del sistema o delle applicazioni, di avere permessi di lettura/scrittura e che non sia protetto da scrittura. + Error: Cannot obtain volume properties. + ERRORE: Impossibile accedere al volume e/o ottenere le informazioni a proposito del volume.\n\nAssicuratevi che il volume selezionato esista, che non sia usato dal sistema oppure applicazioni, che voi abbiate i permessi di lettura e scrittura e che il volume non sia protetto da scrittura. + ERRORE: Impossibile accedere al volume e/o ottenere le informazioni a proposito del volume.Assicuratevi che il volume selezionato esista, che non sia usato dal sistema oppure applicazioni, che voi abbiate i permessi di lettura e scrittura e che il volume non sia protetto da scrittura.\n\nSe il problema persiste, può esservi di aiuto seguire i passi seguenti. + Un errore ha impedito a VeraCrypt di codificare la partizione. Tentate la correzione di qualsiasi problema segnalato precedentemente e quindi ritentare. Se il problema persiste, può esservi di aiuto seguire i passi seguenti. + Un errore ha impedito a VeraCrypt di riprendere il processo di codifica della partizione.\n\n Tentate la correzione di qualsiasi problema segnalato precedentemente e quindi tentare di riprendere nuovamente il processo. Notate che il volume non può essere montato finché esso non viene criptato completamente. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + ERRORE: impossibile smontare il volume esterno!\n\nIl volume non può essere smontato se contiene file o cartelle utilizzati dalle applicazioni o dal sistema.\n\nChiudere tutti i programmi che potrebbero usare i file o le cartelle sul volume e cliccare su 'Riprova'. + ERRORE: Non si possono ottenere le informazioni a proposito del volume esterno! La creazione del volume non può proseguire. + ERRORE: impossibile accedere al volume esterno! La creazione del volume non può proseguire. + ERRORE: impossibile montare il volume esterno! La creazione del volume non può proseguire. + ERRORE: impossibile ottenere la mappa dei cluster! La creazione del volume non può proseguire. + Alfabetico/Per categoria + Velocità media (decrescente) + Algoritmo + Codifica + Decodifica + Media + Seleziona unità + Dimensione + Algoritmo di codifica + Algoritmo di codifica + Tipo + Valore + Proprietà + Posizione + byte + nascosto + Esterno + Normale + Sistema + nascosto (sistema) + Sola lettura + Disco di sistema + Disco di sistema (codifica - %.2f%% eseguita) + Disco di sistema (decodifica - %.2f%% eseguita) + Disco di sistema (%.2f%% criptato) + Partizione di sistema + Partizione nascosta di sistema + Partizione di sistema (codifica - %.2f%% eseguita) + Partizione di sistema (decodifica - %.2f%% eseguita) + Partizione di sistema (%.2f%% Crittata) + Sì (previene danneggiamento!) + Nessuno + Dimensione chiave primaria + Dimensione chiave secondaria (Modo XTS) + Dimensione chiave Tweak (Modo LRW ) + bit + Dimensione blocco + PKCS-5 PRF + Numero iterazioni PKCS-5 + Volume creato + Ultima modifica intestazione + (%I64d giorni fa) + Versione formato volume + Intestazione backup inserito + Versione Boot Loader di VeraCrypt + Prima disponibile + Disco rimovibile + Disco fisso + Non modificare + Autodetection + Modo guidato + Selezionare uno dei modi. Se non siete sicuri di quello che volete scegliere, usate la modalità predefinita. + Selezionare questa opzione se volete installare VeraCrypt in questo sistema. + Nota: Potete aggiornare senza decrittare anche se la partizione/unità di sistema/drive è crittata in un sistema operativo nascosto. + Se selezionate questa opzione, tutti i file saranno estratti da questo pacchetto ma non installati nel sistema. Non selezionarla se intendete cifrare la partizione di sistema nell'unità di sistema. La scelta di questa opzione può essere utilissima, per esempio, se volete eseguire VeraCrypt in modalità chiamata Portabile. VeraCrypt non viene installato nel sistema operativo nel quale esso viene eseguito. Dopo che tutti i file sono estratti, potete eseguire direttamente il file estratto 'VeraCrypt.exe' (quindi VeraCrypt verrà eseguito in modalità portabile). + Opzioni di installazione + Qui potete impostare varie opzioni per controllare il processo di installazione. + Installazione + Attendere mentre VeraCrypt viene installato. + VeraCrypt è stato installato correttamente + VeraCrypt è stato aggiornato correttamente + Vi prego di considerare una donazione. Puoi premere Chiudi per chiudere l'installazione in qualsiasi momento. + Opzioni di estrazione + Qui potete impostare varie opzioni per controllare il processo di estrazione. + Attendere mentre i file vengono estratti. + I File sono stati estratti correttamente + Tutti i file sono stati estratti con successo nel percorso di destinazione. + Se la cartella specificata non esiste, sarà creata automaticamente. + I file di programma di VeraCrypt program saranno aggiornati nel percorso dove VeraCrypt è installato. Se volete selezionare un percorso diverso, disinstallate prima VeraCrypt. + Si desidera visualizzare le note di rilascio per la versione corrente (ultima stabile) di VeraCrypt? + Se non si è mai utilizzato VeraCrypt prima d'ora, si raccomanda di leggere il capitolo 'Beginner’s Tutorial' della 'VeraCrypt User Guide'. Si desidera visualizzare la guida? + Selezionare un’azione da eseguire dalle seguenti: + Ripara/Reinstalla + Aggiorna + Disinstalla + Per installare/disinstallare VeraCrypt, dovete avere i privilegi di amministratore. Volete continuare? + L’installer di VeraCrypt è attualmente in esecuzione in questo sistema ed esegue o prepara l’installazione oppure aggiornamento di VeraCrypt. Prima di procedere, attendere per finire o chiudere esso. Se non potete chiudere l’installer, riavviare i computer prima di procedere. + Installazione fallita. + Disinstallazione fallita. + Questo pacchetto di distribuzione è danneggiato. Provare a scaricarlo nuovamente (preferibilmente dal sito ufficiale di VeraCrypt all’indirizzo ww.veracrypt.org). + Impossibile scrivere il file %s + Estrazione + Impossibile leggere i dati dal pacchetto. + Impossibile verificare l'integrità del pacchetto. + L'estrazione è fallita. + L'installazione è ritornata alla versione precedente. + VeraCrypt è stato installato con successo. + VeraCrypt è stato aggiornato con successo. + VeraCrypt è stato aggiornato correttamente. Comunque prima di utilizzarlo il computer deve essere riavviato.\n\nSi desidera riavviare edesso? + Aggiornamento VeraCrypt fallito!\n\nIMPORTANTE: Prima di arrestare o riavviare il sistema, raccomandiamo fortemente di utilizzare la funzione Ripristino Sistema (Start > Tutti i programmi > Accessori > Strumenti di Sistema > Ripristino Sistema) per riportare il sistema al punto di ripristino chiamato 'Installazione VeraCrypt'. Se il Ripristino di Sistema non è disponibile, riprovare a installare la versione originale o nuova di VeraCrypt ancora una volta prima di arrestere o riavviare il sistema. + VeraCrypt è stato disinstallato con successo.\n\nFate click su 'Terminare' per rimuovere il programma di installazione di VeraCrypt e la cartella %s. Da notare che La cartella non verrà rimossa se contiene file creati o installati da programmi diversi da VeraCrypt. + Rimozione delle chiavi di registro di VeraCrypt + Aggiunta delle chiavi di registro + Rimozione dati specifici dell'applicazione + Installazione + Arresto + Rimozione + Aggiunta icona + Creazione punto di ripristino di sistema + Creazione punto di ripristino di sistema fallita! + Aggiornamento del loader di avvio + Errore nell’intallazione di '%s'. %s Volete continuare l’installazione? + Errore nella disinstallazione di '%s'. %s Volete continuare con la disinstallazione? + Installazione completata. + Impossibile creare la cartella '%s' + Il driver di VeraCrypt non può essere rimosso.\n\nChiudere tutte le finestre di VeraCrypt. Se non funziona, riavviare Windows e provare di nuovo. + Tutti i volumi devono essere smontati prima di installare o disinstallare VeraCrypt. + Una versione obsoleta di VeraCrypt è attualmente installata in questo sistema. Deve essere disinstallata prima di installare questa nuova versione di VeraCrypt.\n\nNon appena avete chiuso questa finestra di messaggio, sarà lanciata la disinstallazione della vecchia versione. Notate che nessun volume sarà decrittata disinstallando VeraCrypt. Dopo la disinstallazione della vecchia versione di VeraCrypt, rilanciare l'installazione della nuova versione del programma. + L'installazione delle chiavi di registro è fallita + L'installazione del driver di unità è fallita. Riavviare Windows e provare nuovamente ad installare VeraCrypt. + Caricamento del driver di unità di VeraCrypt + La disinstallazione del driver di unità è fallita. Dovete notare che, a causa di un’esigenza di Windows, è necessario disconnettersi o riavviare il sistema prima che il driver di unità può essere disinstallato (oppure re-installato). + Installazione del driver di unità di VeraCrypt + Arresto del driver di unità di VeraCrypt + Disinstallazione del driver di unità di VeraCrypt + Registrazione della libreria di supporto per Controllo Account Utente fallita. + Deregistrazione della libreria di supporto per Controllo Account Utente fallita. + Note sulla modalità portabile:\n\nSi prega di notare che il sistema operativo richiede dei driver per essere registrato con esso prima di poter essere avviato. Di conseguenza, il driver VeraCrypt non è (e non può essere) completamente portatile (mentre VeraCrypt è completamente portatile laddove non c'è bisogno di essere installato o registrato con il sistema operativo). Si noti inoltre che VeraCrypt necessita di un driver per fornire una cifratura / decifratura 'al volo'. + Notate che se voi decidete di eseguire VeraCrypt in modslità portsbile (invece di eseguire una copia installata di VeraCrypt), il sistema vi richiederà i privilegi per l'esecuzione di VeraCrypt (prompt UAC) ogni volta che tentate di eseguirlo.\n\nLa ragione è che quando voi eseguite VeraCrypt in modalità portabile, VeraCrypt ha bisogno di caricare ed avviare il driver di periferica di VeraCrypt. VeraCrypt necessita di un driver di periferica per fornire la codifica/decodifica trasparente "al volo", e gli utenti senza privilegi di amministratore non possono avviare i drivers di periferica in Windows. Pertanto, il sistema vi chiederà il permesso di eseguire VeraCrypt con privilegi amministratore (prompt UAC).\n\nNotate che se installate VeraCrypt nel sistema (invece di eseguire VeraCrypt in modalità portabile), il sistema NON vii chiederà il permesso per eseguire VeraCrypt (prompt UAC prompt) ogni qualvolta tentate di eseguirlo.\n\nSiete sicuri di voler estrarre i file? + AVVERTENZA: Questa istanza della procedura creazione del volume ha i privilegi di amministratore.\n\nIl vostro nuovo volume deve essere creato con i permessi che non vi consentiranno di scrivere nel volume quando è montato. Se volete evitare questo, chiudete questa istanza di creazione volume e lanciatene un'altra senza i privilegi di amministratore.\n\nVolete chiudere questa istanza della Procedura creazione volume? + Errore: Impossibile mostrare la licenza. + Esterno(!) + giorni + ore + minuti + secondi + Apri + Smonta + Mostra VeraCrypt + Nascondi VeraCrypt + Dati letti dal momento del montaggio + Dati scritti dal momento del montaggio + Porzione Crittata + 100% (totalmente Crittata) + 0% (non Crittata) + %.3f%% + 100% + In attesa + In preparazione + In ridimensionamento + Codifica + Decodifica + In finalizzazione + In pausa + Finito + Errore + Unità disconnessa + Volume sistema preferito salvato.\n\nPer attivare il montaggio dei volumi sistema preferiti quando il sistema parte, selezionare 'Impostazioni' > 'Volumi sistema preferiti' > 'Monta volumi sistema prefriti all'avvio di Windows'. + Il volume che state aggiungendo ai preferiti non è una partizione né un volume dinamico. Pertanto, VeraCrypt non potrà montare questo volume preferito, se cambia il numero dell'unità. + Il volume che state aggiungendo ai preferiti è una partizione non riconosciuta da Windows.\n\nVeraCrypt non potrà montare questo volume preferito, se cambia il numero dell'unità. Impostate il tipo di partizione in uno riconosciuto da Windows (usare il comando SETID dello strumento di Windows 'diskpart'). Quindi aggiungere nuovamente questa partizione ai preferiti. + Il VeraCrypt Background Task VeraCrypt è disattivato o è configurato per uscire se non ci sono volumi montati (oppure VeraCrypt è in esecuzione in modalità portabile). Questo può evitare ai vostri volumi preferiti di essere montati automaticamente quando le unità ospiti vengono connesse ad essi.\n\nNota: per attivare il VeraCrypt Background Task, selezionare Impostazioni > Preferenze e spuntare la casella 'Attivato' nella sezione 'VeraCrypt Background Task'. + Un contenitore salvato in un filesystem remoto condiviso su una risorsa di rete non può essere montato automaticamente quando la sua periferica ospitante viene connessa. + La periferica mostrata sotto non è né una partizione né un volume dinamico. Pertanto, il volume ospitato dalla periferica non può essere montato automaticamente quando la periferica viene connessa. + Impostare il tipo di partizione mostrata sotto ad un tipo riconosciuto da Windows (usare il comando SETID dello strumento 'diskpart'di Windows). Rimuovere quindi la partizione dai preferiti ed aggiungerla nuovamente. Questo consentirà il montaggio automatico del volume ospite quando l'unità viene connessa + La periferica mostrata sotto non è né una partizione né un volume dinamico. Pertanto, non può essere assegnata nessuna etichetta ad essa. + Impostare il tipo di partizione mostrato sotto in un tipo riconosciuto da Windows (usare il comando SETID dello strumento 'diskpart'di Windows). Rimuovere quindi la partizione dai preferiti ed aggiungerla nuovamente. Questo consentirà a VeraCrypt di assegnare una etichetta alla partizione. + A causa di una limitazione di Windows, un contenitore salvato in un filesystem condiviso in una rete non può essere montato come volume preferito di sistema (pertanto, può essere montato come volume non preferito di sistema quando un utente si connette). + Digitare la password per %s + Digitare password for '%s' + Digitare la password per il volume normale/esterno + Digitare la password per il volume nascosto + Digitare la password per la testa memorizzata nel file di backup + Il file chiave è stato creato correttamente. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + ATTENZIONE: La testa di questo volume è danneggiato! VeraCrypt usa automaticamente il backup della testa del volume inserito in esso.\n\nDovete riparare la testa del volume selezionando ‘Strumenti’->'Ripristina testata volume'. + Il backup della testa del volume è stato creato con successo.\n\nIMPORTANTE: ripristinare la testa del volume usando questo backup si ripristinerà anche la password attuale. Inoltre, se per montare il volume sono necessari uno o più file chiave, questi saranno necessari per montare nuovamente il volume una volta che la testa è stata ripristinata.\n\nATTENZIONE: questo backup può essere usato per ripristinare SOLO la testa di questo specifico volume. Se si utilizza questo backup per ripristinare la testa di un altro volume, sarà possibile montare il volume ma NON decodificare i dati contenuti (essendo cambiata la chiave master). + La testa del volume è stata ripristinata con successo.\n\nIMPORTANTE: potrebbe essere stata ripristinata una vecchia password. Inoltre, se al momento della creazione del backup per montare il volume erano necessari dei file chiave, gli stessi file sono necessari per montare nuovamente il volume. + Per ragioni di sicurezza voi dovete digitare la password corretta (e/o fornire i file chiave corretti) per il volume.\n\nNota: Se il volume contiene un volume nascosto, dovete prima digitare la password corretta (e/o fornire i file chiave corretti) per il volume esterno. In seguito, se voi scegliete di fare il backup della testa del volume nascosto, dovete digitare la password corretta (e/o fornire i file chiave corretti) per il volume nascosto. + Siete sicuri di voler creare il backup della testa del volume per %s?\n\nDopo aver fatto click su Si, vi sarà chiesto di digitare un nome per il file di backup.\n\nNota: Sia la testa del volume standard che quella del volume nascosto saranno re-Codificati usando un nuovo valore e memorizzato nel file di backup. Se non esiste nessun volume nascosto al suo interno, l’area riservata per la testa del volume nascosto nel file di backup sarà riempita da dati casuali (per prevenire dei danneggiamenti plausibili). Quando si ripristina un’testata volume dal file di backup, dovete digitare la password corretta (e/o fornire i file chiave corretti) che era stata valida quando il backup della testa volume è stato creato. La password (e/o i file chiave) determineranno automaticamente anche il tipo di testata volume da ripristinare, cioè standard o nascosto (da notare che VeraCrypt determina il tipo attraverso il processo di prova ed errori). + Si è sicuri di voler ripristinare la testa del volume %s?\n\nATTENZIONE: ripristinando una testata si ripristina anche la password del volume al momento del backup. Inoltre, se al momento della creazione del backup per montare il volume erano necessari uno o più file chiave, gli stessi file saranno necessari per montare nuovamente il volume dopo il ripristino.\n\nDopo aver cliccato su 'Sì', sarà possibile selezionare il file di backup dela testa. + Il volume deve contenere un volume nascosto? + Il volume contiene un volume nascosto + Il volume non deve contenere un volume nascosto + Selezionate il tipo di backup testa volume da usare: + Ripristinare la testa volume dal backup inserito nel volume + Ripristina la testa del voume da un file di backup esterno + La dimensione del file di backup della testa volume è errata. + Non esiste nessun file di backup testa in questo volume (notate che solamente i volumi creati con VeraCrypt 6.0 o successivo contengono il file backup testa volume). + State tentando di fare il backup della testa della partizione/disco di sistema. Questo non è consentito. Le operazioni di backup/ripristino sono pertinenti alla partizione/disco di sistema e possono essere eseguite solamente con il disco di ripristino di VeraCrypt\n\nVolete creare un disco di ripristino di VeraCrypt? + State tentando di ripristinare la testa del volume virtuale di VeraCrypt ma avete selezionato la partizione/disco di sistema. Questo non è consentito. Le operazioni di backup/ripristino sono pertinenti alla partizione/disco di sistema e possono essere eseguite solamente con il disco di ripristino di VeraCrypt.\n\nVolete creare un disco di ripristino di VeraCrypt? + Dopo aver fatto click su OK, dovete selezionare un nome file per il nuovo file immagine ISO per il disco di ripristino di VeraCrypt ed il percorso dove volete salvarlo. + L'immagine del disco di ripristino è stata creata e salvata in questo file:\n%s\n\nDovete ora scrivere l'immagine in un CD o DVD.\n\nIMPORTANTE: Notate che questo file deve essere scritto in CD/DVD come immsgine disco ISO (non come un file individuale). Per informazioni su come fare questo, riferitevi alls documentazione del vostro software registrazione CD/DVD.\n\nDopo la scrittura del disco, selezionare 'Sistema' > 'Verifica disco di emergenza' per verificare che il disco sia stato scritto correttamente. + L'immagine del disco di ripristino è stata creata e salvata in questo file:\n%s\n\nDovete ora scrivere l'immagine in un CD o DVD.\n\nVolete lanciare ora Microsoft Windows Disc Image Burner?\n\nNota: dopo la scrittura del disco, selezionare 'Sistema' > 'Verifica disco di emergenza' per verificare che il disco sia stato scritto correttamente. + Inserite il vostro disco di ripristino di VeraCrypt nel lettore CD/DVD e fate click su OK per verificarlo. + Il disco di ripristino di VeraCrypt è stato verificato con successo. + Non è possibile verificare se il disco di ripristino è stato creato correttamente.\n\nSe avete scritto il disco di ripristino, espellete e reinserite il CD/DVD e ritentate. Se questo non vi aiuta, provate con altri software di masterizzazione CD/DVD e/o altre apparecchiature.\n\nSe tentate di verificare un disco di ripristino di VeraCrypt creato per una chiave master differente, password, ecc., dovete notare che questo disco di ripristino fallirà sempre questa verifica. Per creare un nuovo disco di ripristino compatibile pienamente con la vostra configurazione corrente selezionate ‘Sistema’>'Crea disco di ripristino'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Errore nella creazione del disco di ripristino. + Il disco di ripristino di VeraCrypt non può essere creato quando un sistema operativo nascosto è in esecuzione.\n\nPer creare un disco di ripristino di VeraCrypt, avviate il sistema operativo di richiamo e quindi selezionate 'Sistema'> 'Crea disco di ripristino'. + Impossibile verificare se il disco di ripristino sia stato scritto correttamente.\n\nSe avete scritto il disco di ripristino, espellete e reinserite il CD/DVD; quindi fate clic su Avanti per ritentare. Se questo non vi aiuta, tentare con un altro supporto%s.\n\nSe non avete ancora masterizzato il disco di ripristino, fatelo e quindi fate clic su Avanti.\n\nSe tentate di verificare un disco di ripristino di VeraCrypt creato prima di avviare questa procedura, notare che questo disco non può essere utilizzato in quanto creato per una chiave master differente. Dovete masterizzare il disco di ripristino generato nuovamente. + e/o altri software registrazione CD/DVD + VeraCrypt - Volumi di sistema preferiti + Cosa sono i volumi di sistema preferiti? + La partizione/disco di sistema non sembra essere cifrata.\n\nI volumi di sistema preferiti possono essere montati usando solo una password di autenticazione pre-boot authentication. Pertanto, per consentire l'uso dei volumi di sistema preferiti, dovete cifrare prima la partizione/unità di sistema. + Smontare il volume prima di procedere. + ERRORE: Impossibile impostare il timer. + Verifica del file system + Riparazione del file system + Aggiungi ai preferiti... + Aggiungi ai preferiti di sistema... + P&roprietà... + Volume nascosto protetto + Non valido + + No + Disattivato + 1 + 2 o più + Modalità operativa + Etichetta: + Dimensione: + Percorso: + Lettera unità: + ERRORE: la password deve contenere solo caratteri ASCII.\n\nCaratteri non ASCII nella password possono causare l'impossibilità di montare il volume qualora la configurazione del sistema dovesse cambiare.\n\nSono consentiti i seguenti caratteri:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + ATTENZIONE: la password contiene caratteri non ASCII. Ciò può portare all'impossibilità di montare il volume qualora la configurazione del sistema dovesse cambiare.\n\nE' opportuno sostituire tutti i caratteri non ASCII nella password con caratteri ASCII. Per fare ciò, cliccare su 'Volumi' -> 'Modifica password del volume'.\n\nI seguenti sono caratteri ASCII:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + ATTENZIONE: Vi raccomandiamo strettamente di evitare le estensioni dei file che vengono usate per i file eseguibili (come .exe, .sys, o .dll) oppure altre estensioni file problematiche simili. L'uso di queste estensioni causano a Windows ed ai software antivirus di interferire con il file contenitore, che hanno effetto dannoso nelle prestazioni del volume e possono anche causare altri problemi seri.\n\nVi raccomandiamo strettamente di rimuovere l'estensione al file oppure modificarla (ad esempio, a '.hc').\n\nVolete comunque usare le estensioni file problematiche descritte prima? + WARNING: Questo contenitore ha un'estensione file usata per file eseguibile (come .exe, .sys o .dll) oppure un'altra estensione file problematica simile. Essa molto probabilmente causa a Windows ed al software antivirus l'interferenza con il file contenitore, e questa ha effetto dannoso nelle prestazioni del volume e puòo anche causare altri problemi seri.\n\nVi raccomandiamo strettamente di rimuovere l'estensione al file oppure modificarla (ad esempio, a '.hc') dopo che voi avete smontato il volume. + Sito Web + ATTENZIONE: sembra che questa versione di Windows sia priva di Service Pack. E' sconsigliato scrivere su dischi IDE più grandi di 128 GB in Windows XP se non è stato installato il Service Pack 1 o superiore! In caso contrario, i dati sul disco (non importa se si tratta di un volume VeraCrypt oppure no) potrebbero essere corrotti. Questa è una limitazione di Windows, non un difetto di VeraCrypt. + ATTENZIONE: sembra che questa versione di Windows sia priva di Service Pack 3 o superiore. E' sconsigliato scrivere su dischi IDE più grandi di 128 GB in Windows 2000 se non è stato installato il Service Pack 3 o superiore! In caso contrario, i dati sul disco (non importa se si tratta di un volume VeraCrypt oppure no) potrebbero essere corrotti. Questa è una limitazione di Windows, non un bug di di VeraCrypt.\n\nNota: può essere necessario attivare anche il supporto LBA a 48 bit nel registro; per maggiori informazioni si veda http://support.microsoft.com/kb/305098/EN-US + ATTENZIONE: il supporto LBA ATAPI a 48 bit è disabilitato su questo sistema. E' sconsigliato scrivere su dischi IDE più grandi di 128 GB! In caso contrario, i dati sul disco (non importa se si tratta di un volume VeraCrypt o no) potrebbero essere corrotti. Questa è una limitazione di Windows, non un bug di VeraCrypt.\n\nPer abilitare il supporto LBA a 48 bit, aggiungere il valore 'EnableBigLba' nella chiave di registro HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters e impostarlo a 1.\n\nPer maggiori informazioni si veda http://support.microsoft.com/kb/305098 + ERRORE: I file maggiori di 4 GB non possono essere salvati su un file system FAT32. Pertanto, i file ospitati nei volumi VeraCrypt (contenitore) memorizzati su un file system FAT32 non possono essere più grandi di 4 GB.\n\nSe avete bisogno di un volume più grande, createlo su un file system NTFS (oppure, se voi usate Windows Vista SP1 o maggiore su un file system exFAT) invece di creare un volume ospite o di codificare una intera partizione o drive. + Attenzione: Windows XP non supporta file maggiori di 2048 GB (esso rapporterà che "Nessuna periferica è disponibile"). Pertanto, non potete creare un volume VeraCrypt ospitato da file (contenitore) maggiore di 2048 GB in Windows XP.\n\nNotate che è ancora possibile cifrare l'intera unità oppure creare un volume/partizione VeraCrypt maggiore di 2048 GB sotto Windows XP. + ATTENZIONE: se in futuro si vogliono aggiungere altri dati/file al volume esterno, andrebbe creato un volume nascosto più piccolo.\n\nSi è sicuri di voler continuare con la dimensione specificata? + Nessun volume selezionato.\n\nFare click su 'Unità...' oppure su 'Seleziona file...' per selezionare un volume VeraCrypt. + Nessuna partizione selezionata. Fate click su ‘Seleziona unità' per selezionare una partizione smontata che richiede normalmente l’autenticazione di pre-boot (per esempio, una partizione collocata su un system drive decriptato oppure un altro sistema operativo che non è in esecuzione, oppure la partizione di sistema deCrittata di un altro sistema opertativo).\n\nNota: La partizione selezionata sarà montata come un volume VeraCrypt regolare senza autenticazione pre-boot. Questo è utilissimo, ad esempio, per le operazioni di backup o di riparazione. + ATTENZIONE: Se i file chiave predefiniti sono impostati e attivati, sarà impossibile montare i volumi che non stanno usando questi file. Pertanto, dopo aver attivato i file chiave predefiniti, ricordatevi di deselezionare l’opzione 'Usare file chiave' (sotto un campo di inserimento password)ogni qualvolta montate tali voumi.\n\nSiete sicuri di voler salvare come default i file oppure i percorsi chiave selezionati? + Montaggio automatico delle unità + Smonta tutti + Azzera la cache + Smonta tutte & Cache ripulite + Forza lo smontaggio di tutti i volumi & azzera la cache + Forza lo smontaggio di tutti i volumi, azzera la cache & esci + Monta i volumi preferiti + Mostra/nascondi la finestra principale di VeraCrypt + (Fare click qui e premere un tasto) + Azione + Collegamento + ERRORE: questo collegamento è riservato. Scegliere un collegamento differente. + ERRORE: collegamento già in uso. + ATTENZIONE: uno o più tasti rapidi di VeraCrypt non funzioneranno!\n\nAssicurarsi che il sistema operativo o altre applicazioni non usino gli stessi collegamenti di VeraCrypt. + E' stata evitata la creazione di file di paging.\n\nNotare che, a causa di un problema di Windows, i file di paging non possono essere collocati in volumu VeraCrypt non di sistema (compresi i volumi di sistema preferiti). VeraCrypt supporta la creazione di file di paging solo su una partizione/disco di sistema criptato. + Un errore oppure un’incompatibilità previene VeraCrypt dalla codifica dei file in sospeso. Pertanto, la sospensione è stata evitata.\n\nNota: Quando un computer va in sospensione (oppure entra in modalità risparmio energetico), il contenuto della sua memoria di sistema viene scritto in un file di memoria in sospenso risiedente nel disco di sistema. VeraCrypt non può evitare che le chiavi di codifica e il contenuto dei file sensitivi aperti nella RAM vengano salvati non Codificati nel file di memoria in sospeso. + L'ibernazione è stata evitata.\n\nVeraCrypt non supporta l'ibernazione dei sistemi operativi ignoti che usano una partizione extra boot. Da notare che questa partizione di avvio è condivisa da entrambi i sistemi, nascosto e di inganno. Pertanto, allo scopo di prevenite la perdita dei dati ed i problemi mentre si ripristina dalla ibernazione, VeraCrypt ha da prevenire che il sistema nascosto scriva nella partizione di avvio condivisa e dalla ibernazione. + Il volume VeraCrypt montato come %c: è stato smontato. + Il volume VeraCrypt è stato smontato. + Il volume VeraCrypt è stao smontato e la password cancellata. + Smontato correttamente + ATTENZIONE: Se l'azione background di VeraCrypt è disattivata, le seguenti funzioni saranno disattivate:\n\n1) Tasti funzione\n2) Smontaggio automatico (cioè dopo disconnessione, rimozione periferica ospite senza avvertimento, time-out, ecc.)\n3) Montaggio automatico di volumi preferiti\n4) Notifiche (cioè, quando viene evitato il danno al volume nascosto)\n5) Icona nella barra di sistema\n\nNota: Potete disconnettere l'azione del background in ogni momento facendo clic con il tasto destro sull'icona di VeraCrypt nella barra di sistema e selezionando 'Esci'.\n\nSiete sicuri di voler disattivare definitivamente l'azione background di VeraCrypt? + ATTENZIONE: disabilitando questa opzione non sarà possibile smontare automaticamente i volumi contenenti file o cartelle aperti.\n\nSi è sicuri di voler disabilitare questa opzione? + ATTENZIONE: i volumi contenenti file o cartelle aperti NON saranno smontati automaticamente.\n\nPer impedire ciò, abilitare l'opzione seguente: 'Forza smontaggio automatico anche se il volume contiene file o cartelle aperti' + ATTENZIONE: Quando la carica della batteria del portatile è bassa, Windows può omettere l'invio dei messaggi appriopriati per eseguire le applicazioni quando il computer è passato in modalità di risparmio energetico. Comunque, VeraCrypt può fallire lo smontaggio automatico dei volumi in questi casi. + Avete programmato il processo di codifica di una partizione/volume. Il processo non è stato ancora completato.\n\nVolete avviare (riprendere) il processo ora? + Avete programmato il processo di codifica o decodifica della partizione/disco di sistema. Il processo non è stato ancora completato.\n\nVolete avviare (riprendere) il processo ora? + Volete che vi sia richiesto se volete ripristinare i processi di codifica delle partizioni o volumi non di sistema? + Si, mantieni la mia richiesta + No, non richiedermelo + IMPORTANTE: Tenete a mente che potete ripristinare il processo di codifica di qualsiasi partizione o volume non di sistema selezionando 'Volumi' > 'Riprendi i processi interrotti' dalla barra menu della finestra principale di VeraCrypt. + Avete programmato il processo codifica o decodifica della partizione/disco di sistema. Comunque, l’autenticazione di pre-boot è fallita (oppure è stata saltata).\n\nNota: Se voi DeCodificate la partizione/disco di sistema in ambiente di pre-boot, avete bisogno di finalizzare il processo selezionando 'Sistema' > 'Decodifica definitivamente la partizione/disco di sistema' dalla barra menu della finestra principale di VeraCrypt. + WARNING: Se si chiude ora VeraCrypt, le seguenti azioni verranno disattivate:\n\n1) Tasti funzione\n2) Smontaggio automatico (cioè dopo disconnessione, rimozione periferica ospite senza avvertimento, time-out, ecc.)\n3) Montaggio automatico di volumi preferiti\n4) Notifiche (cioè, quando viene evitato il danno al volume nascosto)\n5) Icona nella barra di sistema\n\nNota: Se non volete che VeraCrypt venga eseguito in background, disattivate la funzione background di VeraCrypt nelle preferenze (e, se necessario, disattivare l'avvio automatico di VeraCrypt).\n\nSiete sicuri di voler chiudere VeraCrypt? + Chiudere? + VeraCrypt non ha informazioni sufficienti per determinare se codificare o decodificare. + VeraCrypt non dispone di informazioni sufficienti per determinare se codificare o Decodificare.\n\nNota: Se voi codificate la partizione o disco di sistema in ambiente pre-boot, avete bisogno di finalizzare il processo facendo click su 'Decodifica'. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Volete interrompere e rimandare il processo di codifica della partizione/volume?\n\nNota: Tenete in mente che il volume non può essere montato finché esso non viene totalmente criptato. Potrete riprendere il processo di codifica ed esso continuerà dal punto in cui è stato fermato. Potete fare questo, per esempio, selezionando 'Volumi' > 'Riprendi i processi interrotti' dalla barra del menu nella finestra principale di VeraCrypt + Volete interrompere o rimandare il processo di codifica della partizione/disco di sistema?\n\nNota: Potrete riprendere il processo e continuare dal punto dove esso viene interrotto selezionando 'Sistema' > 'Riprendi i processi interrotti 'dalla barra menu della finestra principale di VeraCrypt. Se volete terminare o annullare definitivamente il processo di codifica, selezionare 'Sistema' > 'Decodifica definitivamente la partizione/disco di sistema'. + Volete interrompere o rimandare il processo di codifica della partizione/disco di sistema?\n\nNota: Potrete riprendere il processo e continuare dal punto dove esso viene interrotto selezionando 'Sistema' > 'Riprendi i processi interrotti ' dalla barra menu della finestra principale di VeraCrypt. Se volete terminare o annullare definitivamente il processo di decodifica (ed avviare la codifica) , selezionare 'Sistema' > 'Codifica la partizione/disco di sistema'. + ERRORE: Fallito nell’interrompere il processo di codifica o decodifica della partizione/disco di sistema. + ERRORE: Fallito nell’interruzione del processo di pulizia. + ERRORE: Fallito nel riprendere il processo di codifica o decodifica della partizione/disco di sistema. + ERRORE: Fallito nell’avviare il processo di pulizia. + Inconsistenza risolta.\n\n\n(Se voi segnalate un errore in connessione con questo, includere le seguenti informazioni tecniche nel rapporto di errore: %hs) + ERRORE: Stato inatteso.\n\n\n(Se segnalate un errore in connessione con questo, includere le seguenti informazioni tecniche nel rapporto di errore: %hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + ATTENZIONE: il processo in background di VeraCrypt è disabilitato. Dopo l'uscita da VeraCrypt non si riceveranno avvisi nel caso venga evitato il danneggiamento del volume nascosto.\n\nNota: è possibile chiudere il processo in background in qualsiasi momento facendo click destro sull'icona di VeraCrypt nella barra sistema e selezionando 'Esci'.\n\nAbilitare il processo in background di VeraCrypt? + Versione del file di lingua: %s + Controllo del file system sul volume VeraCrypt montato come %s... + Tentativo di riparazione del file system sul volume VeraCrypt montato come %s... + ATTENZIONE: Questo volume è criptato con un algoritmo con un blocco a 64 bit.\n\nTali algoritmi (es. Blowfish, CAST-128 o Triple DES) sono sconsigliati. Sarà possibile montare questo volume usando versioni successive di VeraCrypt. Tuttavia, non ci saranno ulteriori miglioramenti alle implementazioni di questi algoritmi. Si raccomanda di creare un nuovo volume VeraCrypt criptato con un algoritmo a blocchi di 128 bit (es. AES, Serpent, Twofish etc.) e di spostare i file da questo volume al nuovo. + Il vostro sistema non è configurato per montare automaticamente i nuovi volumi. Può risultare impossibile effettuare il montaggio di volumi VeraCrypt basati su unità. Il montaggio automatico può essere abilitato eseguendo il seguente comando e riavviando il sistema.\n\nmountvol.exe /E + Assegnare una lettera all’unità/partizione prima di procedere.\n\nDa notare che questo è richiesto dal sistema operativo. + Montare un volume VeraCrypt + Smonta tutti i volumi VeraCrypt + VeraCrypt non può ottenere i privilegi di amministrazione. + Il sistema operativo ha negato l'accesso.\n\nPossibile causa: per consentire di leggere/scrivere dati da/su alcune cartelle, file e unità il sistema operativo richiede i permessi di lettura/scrittura (o i privilegi di amministratore). Normalmente, un utente senza privilegi di amministratore ha il diritto di creare, leggere e modificare file solo nella propria cartella Documenti. + Errore: il drive usa una dimensione settore non supportata.\n\nNon è possibile ora creare volumi ospitati dalla partizione/periferica nei drivers che usano dei settori più grandi di 4096 byte. Comunque, notate che potete creare dei contenitori in tali driver. + Non è ora possibile cifrare un sistema installato su un disco che usa una dimensione settore diversa da 512 byte. + Il loader di avvio di VeraCrypt richiede almeno 32 KB di spazio libero all’inizio del sistema (Il VeraCrypt Boot Loader ha bisogno di essere salvato in questa area). Sfortunatamente, il vostro drive non incontra questa condizione.\n\nVi chiediamo di NON considerare questo come un difetto /problema in VeraCrypt. Per risolvere questo problema, avete bisogno di una ripartizione del vostro disco, lasciando i primi 32 KB di spazio libero (nella maggior parte dei casi, avrete bisogno di eliminare e ricreare la prima parizione). Vi raccomandiamo di usare il gestore partizioni Microsoft disponibile, ad esempio, quando state installando Windows. + Questa funzione non è supportata dalla versione del sistema operativo che state utilizzando attualmente. + VeraCrypt non supporta la codifica di una partizione o disco di sistema nella versione del sistema operativo che state utilizzando attualmente. + Prima che possiate codificare la partizione o drive di sistema in Windows Vista, dovete installare il Service Pack 1 o superiore per Windows Vista (nessun Service Pack è stato ancora installato in questo sistema).\n\nNota: il service Pack 1 per Windows Vista ha risolto un problema causando una riduzione della memoria libera di base durante il riavvio del sistema. + VeraCrypt non supporta più la codifica della partizione/disco di sistema in Windows Vista con nessun Service Pack installato. Prima di aggiornare VeraCrypt, installare il Service Pack 1 o superiore per Windows Vista. + Errore: Questa funzione richiede che VeraCrypt sia installato nel sistema (state eseguendo VeraCrypt in modalità portabile).\n\nInstallate VeraCrypt e ritentate. + AVVERTENZA: Windows non sembra essere installato nel drive dal quale esso viene avviato. Questo non è supportato.\n\nDovete continuare solo se voi siete sicuri che Windows sia installato nel drive dal quale esso viene avviato.\n\nVolete continuare? + Il vostro system drive ha una tabella GUID di partizione (GPT). Attualmente, sono supportati solamente i drive con una tabella di partizione MBR. + ATTENZIONE: Il loader di avvio di VeraCrypt Boot già installato nel vostro system drive!\n\nNon è possibile che un altro sistema sul vostro computer sia già criptato.\n\nATTENZIONE: PROCEDERE CON LA CODIFICA DEL SISTEMA ATTUALMENTE IN ESECUZIONE PUO’ RENDERE GLI ALTRI SISTEMI IMPOSSIBILE DA AVVIARE ED I RELATIVI DATI INACCESSIBILI.\n\nSiete sicuri di voler continuare? + Errore nel ripristino del loader originale di sistema.\n\nDovete usare il vostro disco di ripristino di VeraCrypt ('Opzioni riparazione' > 'Ripristina il loader di sistema originale') oppure il supporto di installazione di Windows per sostituire il loader di avvio di VeraCrypt con il loader di sistema di Windows. + Il system loader originale non sarà salvato sul disco di ripristino (causa probabile: file di backup mancante). + Errore nello scrivere il settore MBR .\n\nIl vostro BIOS non è configurato per proteggere il settore MBR. Verificate le impostazioni del vostro BIOS (pemete F2, Canc oppure Esc dopo aver acceso il vostro computer) per la protezione MBR/antivirus. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + La versione richiesta del loader di avvio di VeraCrypt attualmente non è installato. Questo può prevenire il salvataggio di alcune impostazioni. + Nota: In alcune situazioni, volete evitare ad una persona (avversario) che sta aspettando l’avvio del vostro computer per sapere che state usando VeraCrypt. Le opzioni in basso vi consentono di fare questo personalizzando lo schermo di avvio di VeraCrypt. Se abilitate la prima opzione, nessun testo sarà mostrato dal loader di avvio (non anche quando avete digitato la passwoed errata). Il computer sembrerà essere "congelato", mentre però voi potete digitare la vostra password. In aggiunta, un messaggio personale può essere mostrato per ingannare l’avversario. Per esempio, un messaggio di errore fasullo come "Sistema operativo mancante" (che viene normalmente mostrato dal loader di avvio di Windows se esso non trova nessuna partizione di avvio di Windows). E’ comunque importante notare che se l’avversario può analizzare il contenuto del disco rigido, esso può ancora trovare che esso contiene il loader di avvio di VeraCrypt. + AVVERTENZA: Tenere in mente che, se attivate questa opzione, il loader di avvio di VeraCrypt non mostrerà nessun testo (non anche quando inserite una password errata). Il computer sembrerà come "congelato" (non rispondente) mentre potete digitare la vostra password (Il cursore NON si muoverà e nessun asterisco non sarà mostrando premendo un tasto).\n\nSiete sicuri di voler attivare questa opzione? + La vostra partizione/disco di sistema sembra completamente Crittata. + VeraCrypt non supporta la codifica di un disco di sistema che è stato convertito in un disco dinamico. + L'unità di sistema contiene la partizione estesa (logica).\n\nPotete cifrare un intera unità di sistema contenente queste partizioni solo in Windows Vista e le ultime versioni di Windows. In Windows XP, potete cifrare un intera unità di sistema, fornendo che esso contenga solo le partizioni primarie.\n\nNota: Potete ancora cifrare la partizione di sistema invece dell'intera unità di sistema (ed, in aggiunta a questo, potete creare dei volumi VeraCrypt ospitati da partizioni all'interno di qualsiasi partizione non di sistema nel drive). + ATTENZIONE: Siccome siete in ambiente Windows XP/2003, dopo aver cominciato a cifrare l’unità, NON potete creare nessuna partizione estesa (logica) in essa (potete solo creare delle partizioni primarie). Qualsiasi partizione estesa (logica) sul drive può essere inaccessibile dopo aver iniziato la cifratura (il drive attualmente non contiene nessuna di tali partizioni).\n\nNota: Se questa limitazione non è accettabile, potete tornare indietro e scegliere di cifrare solo la partizione di sistema invece dell’intara unità (e, in aggiunta a questo, potete creare dei volumi VeraCrypt ospitati dalla partizione all’interno di partizioni non di sistema nell’unità).\n\nIn alternativa, se questa limitazione non è accettabile, potete voler considerare l’aggiornamento a Windows Vista oppure all’ultima versione di Windows (potete cifrare un’ intera unità di sistema contenente partizioni estese/logiche solo in Windows Vista o superiore). + Il vostro disco di sistema contiene una partizione non valida.\n\nSe state utilizzando un notebook, il vostro sistema probabilmente contiene una partizione di ripristino. Dopo la criptato dell'intero disco di sistema (incluse ogni partizione di ripristino), il sistema potrebbe diventare non avviabile se il computer utilizza un BIOS non appropriato. Inoltre potrebbe essere impossibile usare qualsiasi partizione di ripristino fino a quando il disco di sistema non fosse decriptato. Pertanto consigliamo di criptare solo la partizione di sistema. + Volete codificare la partizione di sistema invece di tutto il disco?\n\nDa notare che potete creare delle partizioni ospitate nei volumi VeraCrypt all’interno di qualsiasi partizione non di sistema nel drive (in aggiunta alla codifica della partizione di sistema). + Siccome il vostro disco di sistema contiene solamente una singola partizione che occupa tutto il disco, è preferibile (perchè più sicuro) codificare tutto il disco, compreso anche lo spazio libero di "slack" che circonda tipicamente tale partizione.\n\nVolete codificare l’intero disco di sistema? + Il vostro sistema è configurato per memorizzare i file temporanei su una partizione non di sistema.\n\nI file temporanei possono essere memorizzati solo nella partizione di sistema. + Il vostri file di profilo utente non sono memorizzati nella partizione di sistema.\n\nI file del profilo utente possono essere memorizzati solo nella partizione di sistema. + Ci sono dei file di paging in una partizione non di sistema.\n\nI file di paging devono essere localizzati solo nella partizione di sistema. + Volete ora configurare Windows per creare i file di paging solo nella partizione di Windows?\n\nNotate che se fate click su 'Sì', il computer sarà riavviato. Quindi avviare VeraCrypt e tentare nuovamente la creazione del sistema operativo nascosto. + Diversamente, un diniego plausibile del sistema operativo nascosto può essere colpito avversamente.\n\nNota: Se un avversario analizza il contenuto di certi file (residenti in una partizione non di sistema), può scoprire che avete usato questa procedura nella maniera di creazione del volume nascosto (il quale può indicare l’esistenza di un sistema operativo nascosto sul vostro computer). Notate pure che qualsiasi file di tale genere viene memorizzato nella partizione di sistema sarà cancellato definitivamente da VeraCrypt durante il processo di creazione del sistema operativo nascosto. + WARNING: Durante il processo di creazione del sistema operativo nascosto, vi verrà richiesta la reinstallazione completa del sistema attualmente in esecuzione (allo scopo di creare un sistema di inganno sicuro).\n\nNota: Il sistema operativo attualmente in esecuzione e l'intero contenuto della partizione di sistema saranno copiati nel volume nascosto (allo scopo di creare il sistema nascosto).\n\n\nSiete sicuri di poter installare Windows usando il supporto di installazione di Windows (oppure usando una partizione di servizio)? + Per ragioni di sicurezza, se il sistema operativo attualmente in esecuzione richiede l'attivazione, esso deve essere attivato prima di procedure Notate che il sistema operativo nascosto deve essere creato copiando il contenuto della partizione di sistema in un volume nascosto (in modo che, se questo sistema operative non è attivato, anche il sistema operaativo nascosto non sarà attivato). Per maggiori informazioni vedere la sezione "Security Requirements and Precautions Pertaining to Hidden Volumes" nella VeraCrypt User's Guide.\n\nImportante: Prima di procedure, assicuratevi di aver letto la sezione della guida di VeraCrypt citata sopra.\n\n\nIl sistema operativo attualmente in esecuzione incontra le condizioni di cui sopra? + Il vostro sistema usa un extra boot della partizione. VeraCrypt non supporta l’ibernazione nei sistemi operativi ignoti che usano tale extra boot (I sistemi “di inganno” possono essere ibernati senza nessun problema).\n\nDa notare che la partizione di avvio deve essere condivisa dai due sistemi operativi (di “inganno” ed nascosto). Per questo, allo scopo di prevenire la perdita di dati ed I problemi al riavvio dopo l’ibernazione, VeraCrypt ha da impedire al sistema nascosto di scrivere nella partizione di avvio condivisa e dalla ibernazione.\n\n\nVolete continuare? Selezionando “No”, verranno mostrate le istruzioni per rimuovere l’extra boot della partizione. + \nL’extra boot della partizione può essere rimosso prima di installare Windows. Per fare questo, seguite questa procedura:\n\n1) Avviate il vostro disco di installazione di Windows.\n\n2)Nello schermo di installazione di Windows fate clic su “Installa”> “Personalizzata (avanzata)”.\n\n3) Fate clic su “Opzioni unità”.\n\n4) Selezionare la partizione di sistema ed eliminatela facendo clic su “Elimina”e quindi “OK”.\n\n5) Selezionare la partizione “Riservata al sistema”, fate clic su “Estendi” ed aumentate la sua dimensione in modo che il sistema operative possa essere installato in essa.\n\n6)Fate clic su “Applica” ed “OK”.\n\n7) Installare Windows nella partizione “Riservata al sistema”.\n\n\nDovrebbe ora un attaccante chiedervi chi ha rimosso l’extra boot della partizione. Potreste quindi rispondere che volevate prevenire qualsiasi danno ai dati nella partizione di avvio non Crittata.\n\nNota: Potete stampare questo testo facendo clic sul tasto “Stampa” sotto. Se voi salvate una copia di questo testo o la stampate (raccomandata rigorosamente, finché la vostra stampante conserva delle copie di documenti nella sua unità interna), dovete distruggere qualsiasi copia di esso dopo la rimozione dell’extra boot della partizione (diversamente, se viene trovata una di tali copie, essa potrebbe segnalare la presenza di un sistema operativo nascosto in questo computer). + AVVERTENZA: C’è uno spazio non allocato tra la partizione di sistema e la prima partizione dietro di essa. Dopo aver creato il sistema operativo nascosto, non dovete creare nessuna nuova partizione in questo spazio non allocato. Diversamente sarà impossibile avviare il sistema operativo nascosto (finché voi eliminate tali nuove partizioni create). + Questo algoritmo non è attualmente supportato per la codifica del sistema. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + I file chiave sono attualmente non supportate dalla codifica di sistema. + AVVERTENZA: VeraCrypt non può ripristinare la configurazione originale della tastiera. Questo può causare la digitazione errata della password. + ERRORE: Impossibile impostare la configurazione della tastiera per VeraCrypt nel layout standard tastiera USA.\n\nNotare che la password necessita di essere digitata in ambiente di pre-boot (prima dell’avvio di Windows) dove la configurazione delle tastiere Windows non americane non sono disponibili. Pertanto, la password deve essere sempre digitata usando il layout tastiera standard USA. + Siccome VeraCrypt ha temporaneamente modificato il layout di tastiera in quello standard americano, non è possibile digitare i caratteri premendo i tasti mentre il tasto destro Alt è tenuto premuto. Comunque, potete digitare la maggior parte di tali caratteri premendo i tasti appropriati mentre il tasto Maiusc è tenuto premuto. + VeraCrypt ha impedito la modifica del layout della tastiera. + Nota: La password deve essere digitata in ambiente pre-boot (prima dell’avvio di Windows) dove le tastiere non americane non sono accettabili. Pertanto, la password deve essere sempre digitata usando la configurazione tastiera standard US. Quindi è importante notare che voi NON avete bisogno di disporre una reale tastiera americana. VeraCrypt assicura automaticamente che voi digitiate la password in sicurezza (sia ora che in ambiente pre-boot) anche se NON avete una vera tastiera americana. + Prima che voi possiate cifrare la partizione/unità, dovete creare un disco di ripristino di VeraCrypt (VRD), che serve ai seguenti scopi:\n\n- Se il VeraCrypt Boot Loader, la chiave principale oppure altri dati critici sono danneggiati, il VRD vi consente di ripristinarli(notare, comunque, che dovete sempre inserire la password corretta).\n\n- Se Windows risulta danneggiato e non può avviarsi, il VRD vi consente di decifrare permanentemente la partizione/drive prima dell'avvio di Windows.\n\n- Il VRD conterrà un backup del contenuto presente della prima traccia del disco (che contiene tipicamente un system loader oppure un boot manager) e vi consentirà di ripristinarli se necessario.\n\nIl file immagine ISO del disco di ripristino di VeraCrypt sarà creato nel percorso specificato sotto. + Dopo aver fatto clic su OK, Microsoft Windows Disc Image Burner sarà lanciato. Prego usatelo per masterizzare il file immagine ISO del disco di ripristino di VeraCrypt su un CD oppure DVD.\n\nDopo aver fatto questo, ritornare nella procedura di creazione volume di VeraCrypt e seguire le sue istruzioni. + L'immagine del disco di ripristino è stata creata e salvata in questo file:\n%s\n\nOra avete bisogno di masterizzarla in un CD o DVD.\n\n%lsDopo averla masterizzata, fate clic su Avanti per verificare che essa sia stata masterizzata correttamente. + L'immagine del disco di ripristino è stata creata e salvata in questo file:\n%s\n\nOra voi potete sia masterizzarla su CD/DVD oppure spostarla in un percorso sicuro per un uso in seguito.\n\n%lsFate clic su Avanti per continuare. + IMPORTANTE: Notare che il file deve essere scritto sul CD/DVD come file immagine disco ISO (non come file individuale). Per informazioni su come fare questo, fate riferimento alla documentazione del vostro programma di masterizzazione CD/DVD. Se non disponete di nessun software di scrittura CD/DVD che possa nasterizzare l'immagine ISO del disco su CD/DVD, fate clic sul link sotto per scaricare tale software libero.\n\n + Lancia Microsoft Windows Disc Image Burner + ATTENZIONE: Se avete già creato in passato un disco di ripristino di VeraCrypt non lo potete riutilizzare per questa partizione/disco di sistema perché è stato creato con una chiave master differente! Ogni volta che codificate una partizione/disco di sistema, dovete creare un nuovo disco di ripristino di VeraCrypt per esso, anche se usate la stessa password. + ERRORE: Impossibile salvare le impostazioni di codifica del sistema. + Impossibile d'iniziarizzare il pre-test codifica di sistema. + Impossibile inizializzare il processo di creazione del sistema operativo nascosto. + Modo pulizia + In alcuni tipi di periferiche di memoria, quando i dati vengono soprascritti da altri dati, può essere possibile recuperare i dati soprascritti usando delle tecniche come forza magnetica microscopica. Questo viene applicato pure ai dati che vengono soprascritti con la loro forma Crittata (questo avviene quando VeraCrypt codifica inizialmente codifica una partizione o disco decriptato). In accordo ad alcuni studi e pubblicazioni governative, il recupero dei dati soprascritti può essere evitato (o reso molto difficile) soprascrivendo i dati con certi dati pseudo casuali e non casuali per un certo numero di volte. Pertanto, se voi credete che un avversario possa essere capace di usare tali tecniche per recuperare i dati che intendete codificare, potete voler selezionare una delle modalità di pulizia (i dati esistenti NON saranno distrutti). Notate che questa modalità di pulizia NON può essere eseguita dopo la codifica della partizione/disco. Quando la partizione/disco è totalmente criptato, non viene scritto nessun dato non criptato in esso. Qualsiasi dato da scrivere in esso viene prima criptato al volo nella memoria, e solo quando esso viene criptato viene scritto sul disco. + In alcuni tipi di periferiche di memoria, quando i dati vengono soprascritti da altri dati, (cioè quando i dati vengono cancellati), può essere possibile recuperare i dati soprascritti usando delle tecniche come forza magnetica microscopica. In accordo ad alcuni studi e pubblicazioni governative, il recupero dei dati soprascritti può essere evitato (o reso molto difficile) soprascrivendo i dati con certi dati pseudo casuali e non casuali per un certo numero di volte. Pertanto, se voi credete che un avversario possa essere capace di usare tali tecniche per recuperare i dati cancellati, potete voler selezionare una delle modalità di pulizia a passaggi multipli.\n\nNota: Più passaggi di pulizia utilizzate, più tempo si impiega per cancellare i dati. + Pulizia + \nNota: Potete interrompere il processo di pulizia, spegnere il vostro computer, avviare il sistema nascosto nuovamente e riprendere il processo interrotto (questa procedura sarà lanciata automaticamente). Pertanto, se voi lo interrompete, l’intero processo di pulizia ripartirà dall’inizio. + \n\nNote: Se interrompete il processo di pulizia e quindi tentate di riprenderlo, l’intero processo di pulizia ripartirà dall’inizio. + Volete interrompere il processo di pulizia? + ATTENZIONE: L’intero contenuto della parizione/unità selezionata sarà cancellato e distrutto. + L’intero contenuto della partizione dove il sistema originale risiede sarà cancellato.\n\nNota: L’intero contenuto della partizione che è stato cancellato è stato copiato nella partizione del sistema nascosto. + AVVERTENZA: Notate che se scegliete ad esempio una modalità di pulizia a 3 passaggi, il tempo necessario a codificare la partizione/unità sarà più di 4 volte superiore. Allo stesso modo, se scegliete una modalità di pulizia a 35 passaggi, ci vorrà un tempo superiore di 36 volte (può essere anche alcune settimane).\n\nNotate, comunque, che la pulizia NON può essere eseguita dopo che la partizione/unità sia totalmente Crittata. Quando la partizione/unità è totalmente Crittata, nessun dato non criptato viene scritto in esso. Qualsiasi dato da scrivere viene prima criptato al volo nella memoria e solo quando viene criptato esso viene scritto su disco (così le prestazioni NON saranno influenzate).\n\nSiete sicuri di voler usare la modalità di pulizia? + Nessuno (il più veloce) + 1-passaggio (dati casuali) + 3-passaggi (US DoD 5220.22-M) + 7-passaggi (US DoD 5220.22-M) + 35-passaggi ("Gutmann") + 256-passaggi + Numero di sistemi operativi + AVVERTENZA: Gli utenti non esperti non devono mai tentare di codificare Windows in configurazione di multi-avvio.\n\nContinuare? + Quando si usa o si crea un sistema operativo nascosto, VeraCrypt supporta una configurazione multi-avvio solo quando si verificano le seguenti condizioni:\n\n- Il sistema operativo attualmente in uso deve essere installato sul disco d'avvio (di boot), il quale non deve contenere altri sistemi operativi.\n\n- Sistemi operativi installati su altri drive non devono usare boot d'avvio residenti sul disco nel quale è installato l'attuale sistema operativo in uso.\n\nSi sono verificate le condizioni di cui sopra? + VeraCrypt non supporta questa configurazione multi-avvio quando si crea o si utilizza un sistema operativo nascosto. + Disco di avvio + Il sistema operativo attualmente in esecuzione è installato nel disco di avvio?\n\nNota: Qualche volta, Windows non è installato sullo stesso percorso come il loader di avvio di Windows (partizione di avvio). Se siete in questa situazione, selezionate 'No'. + Attualmente, VeraCrypt non supporta la codifica di un sistema operativo che non si avvia dal drive dove è installato. + Numero dischi di sistema + Quanti dischi contengono un sistema operativo?\n\nNota: Per esempio, se avete uno qualsiasi dei sistemi operativi (esempio Windows, Mac OS X, Linux, ecc.) installato sul vostro drive primario ed uno dei sistemi operativi installati sul vostro disco secondario, selezionare '2 o più'. + Attualmente VeraCrypt non supporta la codifica dell’intero drive contenente sistemi operativi multipli.\n\nPossibili soluzioni:\n\n- Potete ancora codificare uno dei sistemi se voi andate indietro e scegliete la codifica di una singola partizione di sistema (in opposizione alla scelta di codifica dell’intero disco di sistema).\n\n- In alternativa, potete codificare l’intero drive se spostate alcuni dei sistemi in altre unità, lasciando solo un sistema sul drive che volete codificare. + Sistemi multipli su un drive singolo + Esiste un qualsiasi altro sistema operativo installato sul drive nel quale il sistema operativo attualmente in esecuzione è installato?\n\nNota: per esempio, se il sistema operativo attualmente in esecuzione è installato sul drive #0, che contene diverse partizioni, e se una delle partizioni contiene Windows ed un’altra partizione contiene qualsiasi sistema operativo aggiuntivo (cioè Windows, Mac OS X, Linux, ecc.), selezionare 'Sì'. + Loader di avvio non di Windows + Un loader o manager di avvio di Windows è installato nel manager di avvio principale (MBR)?\n\nNota: Per esempio, se la prima traccia del disco di avvio contiene GRUB, LILO, XOSL, o alcuni altri manager o loader di avvio non di Windows, selezionare 'Si'. + Avvio multiplo + Attualmente VeraCrypt non supporta ancora le configurazioni avvio multiplo dove un loader di avvio non di Windows è installato nel record di avvio principale.\n\nSoluzioni possibili:\n\n - Se usate un manager di avvio per avviare Windows e Linux, spostare il manager di avvio (chiamato tipicamente GRUB) dal record di avvio master ad una partizione, quindi avviate nuovamente questa procedura e Codificate la partizione/disco di sistema. Notate che il loader di avvio di VeraCrypt diventerà il vostro manager di avvio principale e vi consentirà di lanciare il manager di avvio originale (cioè GRUB) come il vostro manager di avvio secondario (premendo il tasto Esc nello schermo del loader di avvio di VeraCrypt) e quindi potrete lanciare Linux. + Se il sistema operativo in esecuzione è installato sulla partizione di avvio, dopo averla criptato, avrete bisogno di digitare la password corretta anche se volete avviare un altro sistema Windows non decriptato (siccome essi condividono una singolo loader/manager di avvio di Windows non criptato).\n\nA contrario, se il sistema operativo attualmente in esecuzione sulla partizione di avvio (o se il loader/manager di avvio di Windows non è utilizzato da nessun altro sistema), aver criptato sistema, non avrete bisogno di digitare la password corretta per avviare l'altro sistema decriptato. Dovrete solamente premere il tasto ESC per avviare il sistema decriptato (se ci sono sistemi DeCodificati multipli, avrete bisogno di selezionare pure quale sistema da avviare nel manager di avvio di VeraCrypt).\n\nNote: Tipicamente, il primo sistema di Windows è installato nella partizione di avvio. + Codifica dell’area ospite protetta + Alla fine di molti dischi, c'è un'area che è normalmente nascosta dal sistema operativo (tali aree sono chiamate di solito come Aree ospiti protette). Comunque, alcuni programmi possono leggere e possono scrivere dei dati da/in tali aree. n ATTENZIONE: Alcuni fabbricanti di computer possono usare tali aree per memorizzare degli strumenti e dei dati per il recupero di sistema RAID, per le impostazioni del sistema, per scopi diagnostici o altro. Se tali strumenti o dati devono essere accessibili prima dell’avvio, l'area ignota NON dovrebbe essere Crittata (scegliere NO sopra).\n\nVolete che VeraCrypt scopra e cifri tale area ignota (se esiste) alla fine del disco? + Tipo di codifica di sistema + Selezionare questa opzione se volete soltanto codificare la partizione di sistema oppure l’intero disco di sistema. + Può accadere che siate obbligati da qualcuno a decifrare il sistema operativo. Ci sono molte situazioni in cui non potete rifiutarvi di farlo (ad esempio, in caso di estorsione). Selezionando questa opzione creerete un sistema operativo nascosto la cui esistenza sarà impossibile da provare (a condizione che vengano seguite queste linee guida). Quindi, non avrete da decifrare o rivelare la password al sistema operativo nascosto. Per una spiegazione dettagliata, fate clic sul link in basso. + Può accadere che siate obbligati da qualcuno a decifrare il sistema operativo. Ci sono molte situazioni in cui non potete rifiutarvi di farlo (ad esempio, in caso di estorsione).\n\nUsando questa procedura potrete creare un sistema operativo nascosto la cui esistenza sarà impossibile da provare (a condizione che vengano seguite queste linee guida). Quindi, non avrete da decifrare o rivelare la password per il sistema operativo nascosto. + Sistema operativo nascosto + Nei passi seguenti, voi creerete due volumi VeraCrypt (esterno ed nascosto) all’interno della prima partizione dietro a quella di sistema. Il volume nascosto conterrà il sistema operativo nascosto (OS). VeraCrypt creerà l’OS nascosto copiando il contenuto della partizione di sistema (dove l’OS attualmente in esecuzione è installato) nel volume nascosto. Nel volume nascosto, copierete alcuni dati che sembrano sensitivi e che attualmente NON desiderate nascondere. Questi saranno qui a disposizione di chi vi forza a svelare la password per la partizione dell’OS nascosto. Potete rivelare la password per il volume esterno all’interno della partizione dell’OS nascosto (comunque, l’esistenza dell’OS nascosto rimane segreta).\n\nFinalmente, nella partizione di sistema dell’ OS attualmente in esecuzione, voi installerete un nuovo OS, cosiddetto OS di richiamo, e quindi codificarlo. Non deve contenere dei dati sensibili e deve essere presente per chiunque vi costringe a rivelare la password di autenticazione di preavvio. In totale, ci saranno tre password. Due di esse possono essere svelate (per l’OS di richiamo ed il volume esterno). Usando la terza password, l’OS nascosto potrà partire. + Scoperta di settori ignoti + Attendete mentre VeraCrypt sta scoprendo i possibili settori ignoti alla fine del disco di sistema. Notate che può impiegare un tempo lungo per essere completato.\n\nNota: In casi molto rari, su dei computer il sistema può diventare apatico durante questo processo di ricerca. Se questo accade, riavviate il computer, avviate VeraCrypt, ripetete i passi precedenti ma ignorate questo processo di ricerca. Notate che questo problema non è causato da un errore in VeraCrypt. + Area da codificare + Selezionare questa opzione se volete cifrare l’intera unità nella qualeè installato il sistema Windows attualmente in esecuzione. L’intera unità, comprese tutte le sue partizioni, sarà cifrata ad eccezione della prima traccia dove risiederà il Boot Loader di VeraCrypt . Chiunque voglia accedere al sistema installato sul disco, oppure ai file memorizzati sul disco, dovrà digitare la password corretta ogni qualvolta il sistema si avvia. Questa opzione non può essere usata per cifrare un disco secondario o esterno se Windows non è installato e non si avvia da esso. + Raccolta di dati casuali + Chiavi generate + VeraCrypt non ha trovato nessun masterizzatore CD/DVD connessa al vostro computer. VeraCrypt necessita di un masterizzatore CD/DVD per scrivere un disc o di ripristino VeraCrypt auto-avviante contenente un backup delle chiavi di codifica, il boot loader di VeraCrypt, il loader di sistema originale ecc.\n\nVi raccomandiamo strettamente di masterizzare il disco di ripristino di VeraCrypt . + Non ho nessun masterizzatore CD/DVD ma salverò l’immagine ISO del disco di ripristino su unità removibile (cioè unità flash USB ). + Connetterò un masterizzatore CD/DVD al mio computer in seguito. Terminare il processo ora. + Un masterizzatore CD/DVD è ora connesso al mio computer. Continua e scrivi il disco di ripristino. + Seguire questa procedura:\n\n1) Collegare ora un disco removibile, come un disco flash USB al vostro computer.\n\n2) Copiare il file imagine del disco di ripristino di VeraCrypt Rescue Disk (%s) nel disco removibile.\n\nNel caso in cui avete bisogno di usare il disco di ripristino in future, potrete collegare la vostra unità removibile (contenente l’immagine del disco di ripristino) ad un computer dotato di masterizzatore CD/DVD e create un disco di ripristino auto avviante, scrivendo l’immagine su CD o DVD. IMPORTANTE: Notate che il file imagine del disco di ripristino va scritto sul CD/DVD come un’immagine disco ISO (non come file individuale). + Creazione disco di ripristino + Disco di ripristino creato + Pre-test di codifica del sistema + Disco di ripristino verificato + \nIl disco di ripristino di VeraCrypt è stato verificato con successo. Rimuovetelo ora dal drive e conservatelo in un posto scuro.\n\nFate click su 'Avanti' per continuare. + AVVERTENZA: Durante i prossimi passi, il disco di ripristino di VeraCrypt NON deve essere nel drive, altrimenti non sarà possibile completare i passi correttamente.\n\nRimuovetelo ora dal drive e conservatelo in un posto sicuro, quindi fate click su OK. + AVVERTENZA: A causa di limitazioni tecniche dell'ambiente di pre-boot, i testi mostrati da VeraCrypt in questo ambiente (cioè prima dell’avvio di Windows) non può essere localizzati. L’interfaccia utente del loader di avvio di VeraCrypt è solamente in lingua inglese.\n\nContinuare? + Prima di codificare la vostra partizione o disco di sistema, VeraCrypt ha bisogno di verificare che tutto funzioni correttamente.\n\nDopo aver fatto click su Prova, tutti i componenti necessari (per esempio, il componente di autenticazione di pre-boot, cioè il loader di avvio di VeraCrypt) sarà installato ed il vostro computer sarà riavviato. Dovrete quindi digitare la password nello schermo del loader di avvio di VeraCrypt che apparirà prima dell’avvio di Windows. Dopo che Windows si avvia, sarete informato automaticamente sul risultato di questa verifica.\n\nLa seguente unità sarà modificata: Disco #%d\n\n\n Se ora fate click su Annulla, non sarà installato nulla e le verifiche non saranno eseguite. + NOTE IMPORTANTI – DA LEGGERE O STAMPARE (fate clic su “Stampa”):\n\nNotate che nessuno dei vostri file saranno cifrati prima di aver riavviato il vostro computer ed avviato Windows. In questo modo, se qualcosa fallisce, i vostri dati NON saranno persi. Comunque, se qualcosa va in errore, potrete incontrare delle difficoltà nell’avvio di Windows. Pertanto, leggere (e, se possible, stampare) le seguenti line guida su quello che va fatto se Windows non può partire dopo il riavvio del computer.\n\n + Quello che dovete fare se Windows non può partire\n------------------------------------------------\n\nNota: Queste istruzioni sono valide solo se non avete iniziato la codifica.\n\n- Se Windows non parte dopo aver digitato la password corretta (oppure se voi digitate ripetutamente la password corretta e VeraCrypt dice che la password è sbagliata), niente paura!. Riavviate (spegnete e riaccendete) il computer e, nello schermo del boot loader di VeraCrypt, premere il tasto Esc nella vostra tastiera (e, se avete più sistemi, scegliere quello da avviare). Quindi, Windows deve partire (non criptato) e VeraCrypt vi chiederà automaticamente se voi volete disinstallare il componente di autenticazione pre-boot. Da notare che i passi precedenti NON lavorano se la partizione/unità di sistema è criptato (nessuno può avviare Windows o accedere ai dati cifrati nel disco senza la password corretta anche se esso segue i passi precedenti).\n\n + -Se il passo precedente non vi aiuta oppure se lo schermo del boot loader di VeraCrypt non appare (prima dell’avvio di Windows), inserire il disco di ripristino di VeraCrypt nella vostra unità CD/DVD e riavviate il vostro computer. Se non appare lo schermo del disco di ripristino di VeraCrypt (oppure se non vedete la voce “Repair Options” nella sezione “Keyboard Controls” nello schermo del disco di ripristino di VeraCrypt), è possibile che il vostro BIOS sia configurato per tentare l’avvio da disco rigido prima dell’unità CD/DVD. Se siete in questo caso, riavviate il vostro computer, premete F2 o Canc (per accedere allo schermo di avvio del BIOS), ed attendete finché appare lo schermo di configurazione del BIOS. Se non appare nessuno schermo configurazione BIOS riavviare (reset) il computer e ripartire premendo F2 o Canc ripetutamente fino al riavvio del computer. Quando appare uno schermo di configurazione BIOS, configurare la vostra BIOS per l’avvio dall’unità CD/DVD per prima (per informazioni su come fare questo, riferitevi alla documentazione del vostro BIOS/scheda madre oppure contattare il supporto tecnico del vostro venditore per assistenza). Quindi riavviare il vostro computer. Lo schermo del disco di ripristino di VeraCrypt dovrà ora apparire. In questo schermo selezionare il menu “Repair Options” premendo il tasto F8 nella vostra tastiera. Da questo menu selezionare la voce “Restore original system loader”. Rimuovere il disco di ripristino dalla vostra unità CD/DVD e riavviare il vostro computer. Windows dovrà avviarsi normalmente (non criptato).\n\n + Da notare che il passo precedente NON lavora se la partizione/unità di sistema non è cifrata (nessuno può avviare Windows o accedere ai dati cifrati nel disco senza la password corretta anche se esso segue i passi precedenti).\n\n\nNotate che anche se perdete il vostro disco di ripristino di VeraCrypt ed un avversario lo ritrova, esso NON può decifrare la partizione di sistema senza aver digitato la password corretta. + Verifica terminata + Il pre-test è stato completato con successo.\n\nATTENZIONE: Notate che se l’alimentazione elettrica viene interrotta bruscamente mentre avviene la codifica in posto dei dati esistenti, oppure quando il sistema operativo va in crash a causa di un errore software o malfunzionamento hardware mentre VeraCrypt sta codificando i dati in posto, porzioni di dati potranno essere corrotte o distrutti. Pertanto, prima di avviare la codifica, assicuratevi di essere sicuri di aver fatto delle copie di back up dei file che volete codificare. Se non fate questo, fate ora il back up dei file (potete fare click su Rimanda, fare il back up dei file, eseguire VeraCrypt nuovamente, e selezionare 'Sistema' > 'Ripristina processi interrotti' per avviare la codifica).\n\nQuando siete pronti, fate click su Codifica per avviare la codifica. + Potete fare clic su Pausa oppure Rimanda ogni volta per interrompere il processo di codifica o decodifica, uscire da questa procedura, riavviare o spegnere il vostro computer e quindi riprendere il processo, che continuerà dal punto in cui è stato fermato. Per evitare il rallentamento quando il sistema o le applicazioni legge o scrive dati dal disco di sistema, VeraCrypt attende automaticamente finché i dati vengono scritti o letti (vedere Status sopra) e quindi continua automaticamente la cifratura o decifratura. + \n\nPotete fare click Pausa o Rimanda ogni volta per interrompere il processo di codifica, chiudere questa procedura, riavviare o spegnere il vostro computer e quindi riprendere il processo che continuerà dal punto in cui è stata fermata. Notate che il volume non può essere montato finché non viene totalmente criptato. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Sistema nascosto avviato + Sistema originale + Windows crea (tipicamente, a vostra insaputa e senza vostro consenso) vari file log, temporanei ecc. nella partizione di sistema. Esso anche salva il contenuto della RAM nei file di ibernazione e file paging collocati nella partizione di sistema. Pertanto, se un avversario analizza i file memorizzati nella partizione di sistema dove risiede il sistema originale (del quale il sistema nascosto è un clone), potrebbe scoprire, per esempio, che avete usato la procedura guidata di VeraCrypt nella modalità di creazione del sistema nascosto (che potrebbe segnalare l’esistenza di un sistema operativo nascosto nel vostro computer).\n\nPer evitare tale problema, VeraCrypt deve, nei passi successivi, eliminare sicuramente l’intero contenuto della partizione dove risiede il sistema originale. Dopo, allo scopo di realizzare una scusa plausibile, dovete installare un nuovo sistema nella partizione e codificarla. Quindi voi creerete il sistema di richiamo e l’intero processo di creazione del sistema operativo nascosto sarà completato. + Il sistema operativo nascosto è stato creato con successo. Comunque, prima di iniziare ad usarlo (e realizzare una scusa plausibile), dovete cancellare sicuramente (usando VeraCrypt) l’intero contenuto della partizione dove è installato il sistema operativo attualmente in esecuzione. Prima di fare questo, avete bisogno di riavviare il computer e, nello schermo del loader di avvio di VeraCrypt (che appare prima dell’avvio di Windows), digitare la password di autenticazione pre-bootper il sistema operativo nascosto. Quindi, dopo che il sistema nascosto si avvia, sarà lanciata automaticamente la procedura di VeraCrypt.\n\nNota: Se scegliete di terminare adesso il processo di creazione per il sistema operativo nascosto, voi NON potrete riprendere il processo ed il sistema NON sarà accessibile (perché il loader di avvio di VeraCrypt sarà rimosso). + Avete schedulato il processo della creazione del sistema operativo nascosto. Tale processo non è stato ancora completato. Per completarlo, dovete riavviare il computer e, nello schermo del loader di avvio di VeraCrypt (che appare prima dell’avvio di Windows), digitare la password per il sistema operativo nascosto.\n\nNota: Se scegliete ora il processo di creazione del sistema operativo nascosto, voi NON potrete riprendere il processo. + Riavviare il computer e procedere + Terminare definitivamente il processo di creazione del sistema operativo nascosto + Non fare niente ora e chiedere nuovamente in seguito + \nSE POSSIBILE, STAMPARE QUESTO TESTO (fare clic “Stampa” sotto).\n\n\nCome e quando usare il disco di ripristino di VeraCrypt (dopo la cifratura)\n-----------------------------------------------------------------------------------\n\n + I. Come avviare il disco di ripristino di VeraCrypt \n\nPer avviare un disco di rioristino di VeraCrypt , inserirlo nella vostra unità CD/DVD e riavviare il vostro computer. Se lo schermo del disco di ripristino non appare (oppure se non vedete la voce “Repair Options” nella sezione “Keyboard Controls” nello schermo), è possibile che il vostro BIOS sia configurato per tentare l’avvio da disco rigido prima dell’unità CD/DVD. Se siete in questo caso, riavviate il vostro computer, premete F2 o Canc (per accedere allo schermo di avvio del BIOS), ed attendete finché appare lo schermo di configurazione del BIOS. Se non appare nessuno schermo configurazione BIOS riavviare (reset) il computer e ripartire premendo F2 o Canc ripetutamente fino al riavvio (reset) del computer. Quando appare uno schermo di configurazione BIOS, configurare la vostra BIOS per l’avvio dall’unità CD/DVD per prima (per informazioni su come fare questo, riferitevi alla documentazione del vostro BIOS/scheda madre oppure contattare il supporto tecnico del vostro venditore per assistenza). Quindi riavviare il vostro computer. Lo schermo del disco di ripristino di VeraCrypt dovrà ora apparire.Nota: nello schermo del disco ripristino di TrueeCrypt potete selezionare “‘Repair Options” premendo il tasto F8 nella vostra tastiera.\n\n\n + II. Quando e come usare il disco di ripristino di VeraCrypt (dopo la cifratura)\n\n + 1) Se il boot loader di VeraCrypt non appare dopo l’avvio del vostro computer (o se Windows non si avvia), il boot loader di VeraCrypt può essere dannggiato. Il disco di ripristino di VeraCrypt vi consente di ripristinarlo e quindi riguadagnare l’accesso al vostro sistema criptato ed ai dati (dovete, comunque, digitare ancora la password corretta). Nello schermo del disco di ripristino, selezionare “Repair Options” > “Restore VeraCrypt Boot Loader”. Premere quindi “Y” per confermare l’azione, rimuovere il disco di ripristino dalla vostra unità CD/DVD e riavviare il computer.\n\n + 2) Se digitate ripetutamente la password corretta ma VeraCrypt vi dice che la password è errata, la chiave principale oppure altri dati critici possono essere danneggiati. Il disco di ripristino di VeraCrypt vi consente di ripristinarli e quindi riguadagnare l’accesso al vostro sistema e dati crittati (dovete comunque sempre digitare la password corretta). Nello schermo del disco di ripristino, selezionare “Repair Options” > “Restore key data”. Quindi digitare la vostra password, premere “Y” per confermare l’azione, rimuovere il vostro disco di ripristino dalla vostra unità CD/DVD e riavviare il vostrio computer.\n\n + 3) Se il boot loader di VeraCrypt è danneggiato, potete evitare la sua esecuzione avviando direttamente dal disco di ripristino di VeraCrypt . Inserire il vostro disco di ripristino nella vostra unità CD/DVD e quindi digitare la vostra password nello schermo del disco di ripristino.\n\n + 4) Se Windows è danneggiato e non può partire, il disco di ripristino di VeraCrypt vi consente di decrittare definitivamente la partizione/unità prima dell’avvio di Windows. Nello schermo del disco di ripristino selezionare “Repair Options” > “Permanently decrypt system partition/drive”. Digitare la password corretta ed attendere finché la decrittazione è completa. Quindi potete avviare il vostro CD/DVD di installazione MS Windows per riparare la vostra installazione di Windows.\n\n + Nota: in alternativa, se Windows è danneggiato (cioè non può partire) ed avete bisogno di ripararlo (oppure accedere ai file in esso), potete evitare di decrittare la partizione/unità di sistema seguendo questi passi: Se avete più sistemi operativi installati nel vostro computer, avviate quello che non richiede l’autenticazione di pre-boot. Se non avete sistemi operativi multipli nel vostro PC, potete avviare un CD/DVD WinPE oppure BartPE oppure potete collegare la vostra unità di sistema come un disco secondario o esterno a un altro computer e quindi avviare il sistema operative installato nel computer. Dopo aver avviato un sistema, eseguite VeraCrypt, fate clic “Select Device”, selezionare la partizione di sistema relativa, fate clic su “OK”, selezionare “System” > “Mount Without Pre-Boot Authentication”, digitare la vostra password di autenticazione pre-boot e fate clic su “OK”. La partizione sarà montata come un volume VeraCrypt regolare (I dati saranno crittati/decrittati al volo nella RAM all’accesso, come di solito).\n\n\n + Notate che anche se voi smarrite il vostro disco di ripristino di VeraCrypt ed un vostro avversario lo ritrova, egli NON potrà decrittare la partizione o disco di sistema senza la password corretta. + \n\nI M P O R T A N T E -- SE POSSIBILE STAMPARE QUESTO TESTO (facendo clic su 'Stampa' in basso).\n\n\nNota: Questo testo sarà mostrato automaticamente ogni volta che voi avviate il sistema nascosto dopo aver avviato la creazione del sistema di inganno.\n\n\n + Come creare un sistema di inganno sicuro ed in sicurezza\n----------------------------------------------------------------------------\n\nAllo scopo di consentire la negazione plausibile, dovete creare ora il sistema operativo di inganno. Per farlo, seguite questi passi:\n\n + 1) Per ragioni di sicurezza, spegnete il vostro computer e lasciatelo spento almeno per diversi minuti (meglio se molti). Questo viene richiesto per ripulire la memoria, che contiene i dati sensibili. Quindi, riaccendere il computer ma non avviate il sistema nascosto.\n\n + 2) Installare Windows nella partizione il quale contenuto è stato cancellato (cioè nella partizione dove il sistema originale, del quale il sistema nascosto è un clone, era installato).\n\nIMPORTANTE: QUANDO AVVIATE L'INSTALLAZIONE DEL SISTEMA DI INGANNO, NON SARA'POSSIBILE AVVIARE IL SISTEMA nascosto (perchè il loader di avvio di VeraCrypt verrà cancellato dall'installer del sistema operativo Windows). QUESTO E'NORMALE E PREVISTO. NESSUN PANICO. POTRETE RIAVVIARE IL SISTEMA nascosto APPENA AVVIATE LA CODIFICA DEL SISTEMA DI INGANNO (perchè VeraCrypt installerà automaticamente il suo loader di avvio nel drive di sistema).\n\nImportante: la dimensione del sistema di inganno deve rimnere la stessa del volume nascosto (questa condizione ora è richiesta). Inoltre, non dovet creare nessuna partizione tra quella del sistema di inganno e quella in cui risiede il sistema nascosto.\n\n + 3) Avviare il sistema di inganno (installato nel passo 2 ed installarvi VeraCrypt).\n\nTenete a mente che il sistema di inganno non deve contenere nessun dato sensibile.\n\n + 4) Nel sistema di inganno, avviate VeraCrypt e selezionate 'Sistema' > 'Codifica partizione/drive di sistema'. Apparirà la procedura di creazione volume VeraCrypt.\n\nI passi che seguono vengono applicati a questa procedura guidata.\n\n + 5) Nella procedura creazione volume VeraCrypt NON selezionare l'opzione 'nascosto'. Lasciare l'opzione 'Normale' selezionata e fate clic su 'Avanti'.\n\n + 6) Selezionare l'opzione 'Cifra la partizione di sistema Windows' e fare clic su 'Avanti'.\n\n + 7) Se nel computer vi sono installati solo il sistema operativo nascosto e quello di inganno, selezionate l'opzione 'Single-Boot' (se ci sono più di questi due sistemi installati nel PC selezionate 'Multi-boot'). Fate quindi clic su 'Avanti'.\n\n + 8) IMPORTANTE: In questo passo, PER IL SISTEMA DI INGANNO, dovete selezionare LO STESSO ALGORITMO DI CODIFICA E DI CONFUSIONE CHE AVETE SELEZIONATO PER IL SISTEMA nascosto! DIVERSAMENTE, IL SISTEMA nascosto SARA' INACCESSIBILE! In altre parole, il sistema di inganno sarà criptato con lo stesso algoritmo di codifica del sistema nascosto. Nota: La ragione è che il sistema di inganno e quello nascosto condivideranno un single boot loader, che supporta solo un algoritmo singolo, selezionato dall'utente (per ogni algoritmo, c'è una versione speciale del Boot loader di VeraCrypt).\n\n + 9) In questo passo, scegliere una password per il sistema operativo di inganno. Questa sarà la password che potrete rivelare ad un avversario se vi viene chiesto o se siete obbligati a svelare la vostra autenticazione di pre-boot (l'altra password che potete rivelare è una per il volume esterno). L'esistenza della terza password (cioè quella per l'autenticazione pre-boot del sistema operativo nascosto) rimarrà quindi segreta.\n\nImportante: la password da voi scelta per il sistema di inganno deve essere sostanzialmente differente da quella scelta per il volume nascosto (cioè per il sistema operativo nascosto).\n\n + 10) Seguire le istruzioni rimanenti nella procedura così da codificare il sistema operativo di inganno.\n\n\n\n + Dopo aver creato il sistema “di inganno”\n------------------------------------------------\n\nDopo aver criptato il sistema “di inganno” l’intero processo di creazione del sistema operativo nascosto verrà completato e voi potrete usare queste 3 passwords:\n\n1)Password di autenticazione pre-boot per il sistema operativo nascosto.\n\n2) Password di autenticazione pre-boot per il sistema operativo “di inganno” .\n\n3) Password per il volume esterno.\n\n + Se volete avviare il sistema operativo nascosto, dovete semplicemente digitare la password per questo sistema nello schermo del boot loader di VeraCrypt (che appare quando accendete o riavviate il vostro computer).\n\nDovete fare lo stesso per il sistema operativo “di inganno”.\n\nPotete solo rivelare la password per il sistema “di inganno” a chiunque vi obbliga a svelare la vostra password di autenticazione pre-boot. L’esistenza del volume nascosto (e quindi del sistema operativo nascosto) rimarrà segreta.\n\n + La terza password (quella per il volume esterno) può essere svelata a chiunque vi obblighi a rivelare la password per la prima partizione dietro a quella di sistema, dove risiedono entrambi i volumi, esterno ed nascosto (contenente il sistema operativo nascosto). L’esistenza del volume nascosto rimarrà segreta.\n\n\n + Se rivelate la password per il sistema “di inganno” ad un vostro avversario ed esso vi chiede perchè lo spazio libero della partizione del sistema (quello “di inganno”) contiene dei dati casuali, voi potete rispondere, ad esempio: "La partizione conteneva prima un sistema criptato da VeraCrypt, ma io ho dimenticato la password di autenticazione pre-boot (quindi il sistema è stato danneggiato e non si avvia) in modo che ho dovuto reinstallare Windows e ricrittare la partizione."\n\n\n + Se vengono seguite tutte le istruzoni come tutte le precauzioni eI requisiti elencati nella sezione "Security Requirements and Precautions Pertaining to Hidden Volumes" nella VeraCrypt User's Guide , sarà impossibile provare l’esistenza del volume e del sistema operative nascosto, anche quando viene montato il volume esterno o quando il sistema operative “di inganno” viene decriptato oppure viene avviato.\n\nSe salvate una copia di questo testo o lo stampate (molto raccomandato, finchè la vostra stampante conserva delle copie dei documenti in stampa nella suo drive interno), dovete distruggere qualsasi copia di esso dopo aver creato il sistema di inganno e dopo aver capito tutte le informazioni contenute nel testo (altrimenti, se viene trovata una copia di questo testo, si può dimostrare la presenza di un sistema operativo nascosto in questo computer).\n\n + ATTENZIONE: SE NON PROTEGGETE IL VOLUME nascosto (per informazioni su come fare questo fate riferimento alla sezione "Protection of Hidden Volumes Against Damage" nella VeraCrypt User's Guide), NON SCRIVERE SUL VOLUME ESTERNO (notare che il sistema operativo “di inganno” NON è installato nel volume esterno). DIVERSAMENTE, POTETE SOVRASCRIVERE E DANNEGGIARE IL VOLUME ESTERNO ED IL SISTEMA OPERATIVO nascosto AL SUO INTERNO)! + Clonazione del sistema operativo + Nei passi successivi, VeraCrypt creerà il sistema operativo nascosto copiando il contenuto della partizione di sistema nel volume nascosto (i dati in copia saranno Codificati al volo con una chiave di codifica differente da quella usata per il sistema operativo di richiamo).\n\nNotate che il processo sarà eseguito in ambiente di pre-boot(prima dell’avvio di Windows) e può impiegare molto tempo per essere completato; diverse ore o anche diversi giorni (a seconda della dimensione della partizione di sistema e dalle prestazioni del vostro computer).\n\nVoi potrete interrompere il processo, spegnere il vostro computer, avviare il sistema operativo e riavviare il processo. Comunque, se interrompete tale processo, l’intera procedura di copia del sistema dovrà ripartire dall’inizio (perché il contenuto della partizione di sistema non deve cambiare durante la clonazione). + Volete annullare l’intero processo di creazione del sistema operativo nascosto?\n\nNota: NON potrete ripristinare il processo se lo annullate adesso. + Volete annullare il pre-test per la codifica di sistema? + La richiesta di codifica di sistema VeraCrypt è fallita. Volete ritentare?\n\nSelezionando 'No', il componente di autenticazione in pre-boot sarà disinstallato.\n\nNota:\n\n- Se il Boot Loader di VeraCrypt non vi richiede di digitare la password prima dell'avvio di Windows, è possibile che il vostro sistema operativo non si it is avvia dall'unità nella quale esso è installato. Questo non è supportato.\n\n- Se usate un algoritmo di cifratura diverso di AES e la richiesta è fallita (ed avete digitato la password), questo è stato causato da un driver designato inadeguatamente. Selezionare 'No', e ritentare la cifratura della partizione/unità di sistema, usando l'algoritmo di codifica AES (che ha dei requisiti di memoria inferiori).\n\n- Per più possibili cause e soluzioni, visitare: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + La partizione/disco di sistema non sembra essere criptato (né parzialmente né interamente). + La vostra partizione/disco di sistema è criptato (parzialmente o completamente).\n\nDeCodificate la vostra partizione/disco interamente prima di procedere. Per fare questo, selezionate 'Sistema'>'Decodifica definitivamente la partizione/disco di sistema' dal menu della barra strumenti della finestra principale di VeraCrypt. + Quando la partizione/unità di sistema è crittata (parzialmente o totalmente), non potete tornare ad una precedente versione di VeraCrypt (ma potete aggiornare o reinstallare la stessa versione di esso). + La vostra partizione/disco di sistema verrà Crittata, deCrittata o modificata in un altro modo. Interrompere il processo in corso (oppure aspettare finché venga completata) prima di procedere. + Una sessione della Creazione guidata volume VeraCrypt è aperta attualmente in questo sistema ed esegue o prepara la codifica/decodifica della partizione/disco di sistema. Prima di procedere, attendere che la sessione precedente sia finita o chiusa. Se non potete chiuderla, riavviate il vostro computer prima di procedere. + Il processo di codifica o decodifica della partizione/disco di sistema non è stata completato. Attendere finché essa venga completata prima di procedere. + ERRORE! Il processo di codifica della partizione/disco di sistema non è completo. Esso deve essere prima completato. + ERRORE! Il processo di codifica della partizione/volume non è completo. Esso deve essere prima completato.\n\nNota: Per riprendere il processo selezionare 'Volumi' > 'Riprendi processi interrotti' dalla barra del menu della finestra principale di VeraCrypt. + La password è corretta, VeraCrypt ha decriptato la testa del volume e scoperto che questo volume è uno di sistema operativo nascosto. Comunque, non potete modificare in questo modo la testa di un voume di sistema nascosto.\n\nPer cambiare la password per un volume di sistema nascosto, avviate il sistema operativo risiedente nel volume nascosto e selezionate 'Sistema' > 'Cambia password...' dal menu degli strumenti della barra principale della finestra di VeraCrypt.\n\nPer impostare la chiave principale dell’algoritmo di derivazione, avviare il sistema operativo e selezionare 'Sistema' >'Impostare la chiave principale algoritmo di derivazione...'. + VeraCrypt non supporta la decodifica 'sul posto' di una partizione ignota.\n\nNota: Se volete decodificare la partizione di richiamo avviate il sistema operativo di richiamo e selezionate 'Sistema' > 'Decodificare definitivamente la partizione/disco di sistema' nel menu della barra strumenti finestra principale di VeraCrypt. + ERRORE: parametro errato o non valido. + Avete selezionato una partizione oppure una unità, ma la modalità guidata da voi selezionata è adatta solo per i contenitore dei file.\n\nVolete modificare la modalità guidata? + Volete invece creare un file contenitore di VeraCrypt? + Avete selezionato la partizione/unità di sistema (oppure la partizione di avvio),ma la modalità guidata è adeguata solo per partizioni /unità non di sistema.\n\nVolete impostare l’autenticazione di pre-boot (significa che voi dovete inserire la vostra password ogni volta prima del boot/avvio di Windows) e crittare la partizione/unità di sistema? + Siete sicuri di voler Decodificare definitivamente la partizione/disco di sistema? + ATTENZIONE: Se Decodificate in permanenza la partizione/disco di sistema, i dati Decodificati saranno scritti in essa.\n\nSiete sicuri di voler decodificare definitivamente la partizione/disco di sistema? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Attenzione: Se usate una cascata di cifre per la codifica del sistema, potete incontrare i seguenti problemi:\n\n1) Il loader di avvio di VeraCrypt è più grande che il normale e, pertanto, non c'è spazio sufficiente nella prima traccia del disco per un backup del loader di avvio di VeraCrypt. Da adesso, se esso risulta danneggiato (questo avviene spesso, per esempio, durante l'attivazione di una procedura anti pirateria designata inadeguatamente per certe applicazioni), voi avrete bisogno di usare il disco di emergenza di VeraCrypt per avviare o per riparare il loader di avvio di VeraCrypt.\n\n2) In alcuni computer, ritornando dallo stato di sospensione piuttosto lungo.\n\nQuesti problemi potenziali possono essere evitati scegliendo un algoritmo di cifratura non a cascata (esempio AES).\n\nSiete sicuri di voler usare una cascata di cifre? + Se riscontrate uno qualsiasi dei problemi descritti, Decodificate la partizione/disco di sistema (se esso è criptato) e quindi tentare di Codificarla usando un algoritmo di codifica non a cascata (esempio AES). + ATTENZIONE: Per ragioni di sicurezza, è necessario aggiornare VeraCrypt sul sistema operativo esca prima di aggiornarlo sul sistema operativo nascosto.\n\nPer farlo, avviare il sistema esca ed eseguire il programma di installazione VeraCrypt. Poi avviare il sistema nascosto ed eseguire il programma di installazione anche su quest'ultimo.\n\nNota: Il sistema esca e il sistema nascosto condividono un singolo boot d'avvio. Se avete aggiornato VeraCrypt solo sul sistema nascosto (ma non sul sistema esca), il sistema esca conterrebbe un driver e l'applicazioni di VeraCrypt il cui numero di versione è diverso dal numero di versione di VeraCrypt del boot d'avvio. Tale discrepanza potrebbe svelare che vi è un sistema operativo nascosto su questo computer.\n\n\nContinuare? + Il numero della versione del loader di avvio di VeraCrypt che è stato caricato in questo sistema operativo è differente dal numero della versione del driver di VeraCrypt (e della applicazione VeraCrypt) installata in questo sistema.\n\nDovete eseguire il file di installazione di VeraCrypt (il quale numero della versione è lo stesso del loader di avvio di VeraCrypt) per aggiornare VeraCrypt in questo sistema operativo. + Il numero della versione del boot loader di VeraCrypt che ha avviato questo sistema operativo è differente dal numero di versione del driver e dell’applicazione VeraCrypt installata in questo sistema. Notate che le precedent version possono contenere degli errori corretti nell’ultima versione.\n\nSe non aviate dal disco di ripristino di VeraCrypt, dovete reinstallare VeraCrypt oppure aggiornare all’ultima versione stabile (anche il boot loader sarà aggiornato).\n\nSe avete avviato dal disco di ripristino, dovete aggiornarlo (“Sistema” > “Crea disco di ripristino”). + Il loader di avvio di VeraCrypt è stato aggiornato.\n\nVi raccomandiamo di creare un nuovo disco di ripristino di VeraCrypt (il quale conterrà la nuova versione del boot loader di VeraCrypt Boot Loader) selezionando 'Sistema' > 'Creare un disco di ripristino' dopo aver riavviato il vostro computer. + Il loader di avvio di VeraCrypt è stato aggiornato.\n\nVi raccomandiamo vivamente di avviare il sistema operativo di richiamo e quindi creare un nuovo disco di ripristino di VeraCrypt (il quale conterrà la nuova versione del loader di avvio di VeraCrypt) selezionando 'Sistema' > Creare un disco di ripristino'. + Errore nell’aggiornamento del loader di avvio di VeraCrypt. + VeraCrypt ha fallito nel determinare la dimensione reale del disco di sistema e, pertanto, sarà usata la dimensione riportata dal sistema operativo (che può essere minore della dimensione reale). Notate pure che questo non è un difetto in VeraCrypt. + ATTENZIONE: Sembra che VeraCrypt ha già tentato di scoprire i settori ignoti in questo disco di sistema. Se avete riscontato un qualsiasi problema durante il processo di ricerca precedente, potete evitare tali problemi saltando ora la ricerca dei settori ignoti. Notate che, se fate questo, VeraCrypt userà la dimensione riportata dal sistema operativo (la quale può essere minore della dimensione reale).\n\nNotate che questa situazione non è causata da un difetto di VeraCrypt. + Saltare la scoperta di settori ignoti (usare la dimensione riportata dal sistema operativo) + Tentare nuovamente di scoprire i settori ignoti + Errore: Il contenuto di uno o più settori di questo disco non possono essere letti (probabilmente a causa di un difetto fisico).\n\nTIl processo di cifratura in-posto può proseguire solamente quando i settori sono stati resi nuovamente leggibili. VeraCrypt può tentare di fare questo scrivendo degli zeri nei settori (di conseguenza questi blocchi di tutto-zeri verrebbero codificati). Notate comunque che ogni dato immagazzinato nei settori illeggibili verranno persi. Se volete evitare questo, potete tentare di recuperare delle porzioni di dati corrotti usando degli strumenti adatti da terze parti.\n\nNota: In caso di settori danneggiati fisicamente (contrariamente alla mera corruzione dei dati ed il controllo degli errori)la maggior parte delle periferiche di memoria riassegnano internamente i settori quando si tenta di scrivere dei dati in essi (in questo modo, i dati esistenti nei settori danneggiati possono rimanere non codificati sul drive).\n\nVolete che VeraCrypt scrivi degli zero nei settori illegibili? + Errore: Il contenuto di uno o più settori di questo disco non possono essere letti (probabilmente a causa di un difetto fisico).\n\nPer poter procedere con la decifratura, VeraCrypt dovrà scartare il contenuto dei settori illegibili (esso sarà sostituito da dati pseudo-casuali). Da notare che, prima di procedere, potete tentare di recuperare delle porzioni di qualsiasi dato danneggiato usando degli strumenti di terze parti appropriati.\n\nVolete che VeraCrypt scarti i dati nei settori illegibili adesso? + Nota: VeraCrypt ha sostituito il contenuto di %I64d settori illegibili (%s) con blocchi di testo tutti-zero Decodificati. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Digitare la password/PIN per il gettone '%s': + Allo scopo di consentire a VeraCrypt di accedere al gettone di sicurezza o smart card, dovete prima installate una libreria software PKCS #11 per gettone o smartcard. Libreria di questo tipo può essere fornita con la periferica oppure essere disponibile per il download dal sito web del venditore oppure da altre terze parti.\n\nDopo aver installato la libreria, potete sia selezionarla manualmente facendo click su 'Seleziona libreria' o lasciare che VeraCrypt la trovi e selezioni automaticam. facendo click su 'Scopri automaticamente la libreria' (solo nella directory Windows System). + Nota: Per il nome e posizione del file libreria PKCS #11 installata per il vostro gettone di sicurezza o smart card, riferitevi alla documentazione fornita con il gettone, scheda oppure software di terze parti.\n\nFate click 'OK' per selezionare il percorso ed il nome del file. + Allo scopo di consentire a VeraCrypt di accedere al gettone di sicurezza o smart card, dovete selezionare prima un software libreria PKCS #11 per il gettone/scheda. Per fare questa, selezionare 'Impostazioni' > 'Tokens di sicurezza'. + Fallito nell’inizializzare la libreria del gettone di sicurezza PKCS #11.\n\nAssicuratevi che il percorso e file specificato sia riferito ad una valida libreria PKCS #11. Per specificare un percorso ed un file libreria PKCS #11, selezionare 'Impostazioni' > 'Tokens di sicurezza'. + Nessuna libreria PKCS #11 è stata trovata nella directory Windows System.\n\nAssicuratevi che una libreria PKCS #11 per il vostro gettone di sicurezza (o smart card) sia installata (tale libreria può essere fornita con il gettone/scheda oppure essere disponibile per il download dal sito internet del venditore oppure terze parti). Se esso è installato in una directory in una directory diversa dalla directory Windows System, fate click su 'Seleziona libreria' per localizzare la libreria (cioè nella cartella dove il software per il gettone/scheda è installato). + Nessun gettone di sicurezza trovato.\n\nAssicuratevi che il gettone di sicurezza sia connesso al vostro computer e ed il driver corretto per il vostro gettone sia installato. + File chiave per il gettone di sicurezza non trovato. + Un file chiave per il gettone di sicurezza con lo stesso nome esiste già. + Volete cancellare i file selezionati? + Il percorso per il file chiave del gettone di sicurezza non è valido. + Errore gettone di sicurezza + La password per il gettone di sicurezza non è corretta. + Il gettone di sicurezza non ha memoria/spazio sufficiente per compiere l’operazione richiesta.\n\nSe state tentando di importare un file chiave, dovete selezionare un file piccolo oppure usare un file chiave generato da VeraCrypt (selezionare “Strumenti” > Generatore di file chiave”). + Tutte le sessioni aperte del gettone di sicurezza sono state chiuse. + Selezionare i file chiave del gettone di sicurezza + Slot + Nome gettone + Nome file + IMPORTANTE: Notare che le password di autenticazione pre-boot sono sempre digitate usando La tastiera con layout second lo standard americano. Pertanto può essere impossibile montare un volume che usa una password di autenticazione digitata usando un qualsiasi altro layout tastiera (non è un difetto di VeraCrypt). Per consentire il montaggio di tale volume usando una password di autenticazione pre-boot seguire questi passi:\n\n1) Fate clic su “Seleziona file” oppure “Seleziona unità” e selezionare il volume.\n2) Selezionare “Volumi”' >”Modifica la password del volume”.\n3) Digitare la password corrente per il volume.\n4) Cambiare il layout della tatiera in Inglese (US) facendo clic sull’icona della barra della lingua nella barra applicazioni di Windows e selezionando “EN Inglese (Stati Uniti)”.\n5)In VeraCrypt, nel campo della nuova password ,digitare la password di autenticazione di pre-boot.\n6) Confermare la nuova password ridigitandola nel campo di confrma e facendo clic su “OK”.ATTENZIONE: Tenere a mente che, se voi seguite questi passi, la password del volume dovrà essere sempre digitata usando il layout tastiera US (che viene assicurata automaticamente solo in ambiente di pre-boot). + I volumi di sistema preferitii saranno montati usando la password di autenticazione di pre-boot. Qualsiasi altro volume di sistema preferito che usa una password differente non sarà montato. + Dovete notare che, se avete bisogno di evitare le operazioni normali per un volume VeraCrypt (come “Smonta tutti”, smontaggio automatic ecc.) da essere influenzati dai volumi preferiti di sistema, dovete attivare l’opzione”Consenti solo agli amministratori di vedere e smontare I volumi di sistema preferiti in VeraCrypt”. In aggiunta, quando VeraCrypt viene eseguito senza I privilegi di amministratore (predefinito in Windows Vista e successivo), i volumi di sistema preferiti non saranno mostrati nell’elenco delle lettere unità nella finestra principale di VeraCrypt. + IMPORTANTE: Tenere in mente che se questa opzione è attivata e VeraCrypt non ha I privilegi di amministratore, I volumi di sistema preferiti NON sono mostrati nella finestra di VeraCrypt e non possono essere smontati. Pertanto, se avete bisogno di smontare uno di tali volume, fate prima clic destro sull’icona di VeraCrypt (nel menu di Avvio) e selezionate “Esegui come amministratore”. La stessa restrizione è applicata alle funzioni “Smonta tutto”, “Smontaggio automatico”, “Smonta tutto” ecc. + Notate che queste impostazioni hanno effetto solo dopo il riavvio del sistema operativo. + Errore mentre viene analizzata la linea di comando. + Disco di ripristino + Seleziona &file e monta... + Seleziona &Unità e monta... + In VeraCrypt è consentito solo agli amministratori di vedere e smontare i volumi preferiti di sistema + Monta i volumi di sistema preferiti quando si avvia Windows(nella fase iniziale di avvio) + AVVERTENZA: Il file system nel volume montato come '%s' non è stato smontato pulitamente e quindi può contenere degli errori. Usando un file system corrotto può causare la perdita dei dati oppure la corruzione dei dati.\n\nNota: Prima di rimuovere fisicamente oppure spegnere una unità (come un flash drive USB oppure un disco rigido esterno) dove un volume VeraCrypt montato risiede, dovete sempre smontare prima il volume VeraCrypt in VeraCrypt.\n\n\nVolete che Windows tenti di scoprire e correggere gli errori (se ci sono) nel file system? + Attenzione: Uno o più volumi di sistema preferiti non sono stati smontati completamente e quindi possono contenere degli errori di filesystem. Vedere il registro eventi di sistema per ulterior dettagli.\nUsando un file system corrotto si può causare una perdita oppure una corruzione dei dati. Dovete verificare il relativo volume di sistema preferito per errori (facendo clic su di esso in VeraCrypt e selezionando “Ripara il filesystem”). + Avvertenza: La riparazione di un file system danneggiato usando lo strumento Microsoft 'chkdsk' può causare la perdita dei file nelle aree danneggiate. Pertanto, raccomandiamo di eseguire prima il back up dei file memorizzati nel volume VeraCrypt in un altro volume VeraCrypt alternativo.\n\nVolete riparare il file system ora? + Il Volume '%s' è stato montato in sola lettura perchè l’accesso in scrittura è stato negato.\n\nAssicuratevi di avere i permessi di sicurezza del file contenitore consentendovi di scrivere in esso (fate clic sul contenitore e selezionate “Proprietà” > “Sicurezza”).\n\nDa notare che, a causa di una regola di Windows, potrete leggere queste avvertenze anche dopo l’impostazione degli appropriati permessi di sicurezza. Questo non è causato da un difetto in VeraCrypt. Una soluzione possible è quella di muovere il vostro contenitore, ad esempio, alla cartella Documenti.\n\nSe intendete mantenere il vostro volume in sola lettura, impostate l’attributo di sola lettura del contenitore (facendo clic con il tasto destro sul contenitore e selezionando “Proprietà” >”Sola lettura”), che sopprimerà questo avvertimento. + Il volume '%s' è stato montato in sola lettura perchè l'accesso in scrittura è stato negato.\n\nAssicuratevi che nessun'altra applicazione (cioè antivirus) stia accedendo alla partizione/periferica nella quale il volume è ospitato. + Il volume '%s' è stato montato in sola lettura perchè il sistema operativo ha reportato che la periferica ospite è protetta da scrittura.\n\nNotare che alcuni chipset dei driver personali sono stati reportati come causa per i supporti scrivibili ad apparire erroneamente come protetti da scrittura. Questo problema non è causato da VeraCrypt. Esso può essere risolto aggiornando o disinstallando qualsiasi driver chipset personale (non-Microsoft) che è attualmente installato nel vostro sistema. + Si noti che la tecnologia Hyper-Threading offre più core logici per un singolo core fisico. Quando Hyper Threading è attivato, il numero selezionato qui sopra rappresenta il numero di processori/core logici. + %d processi + Notate che l’ hardware-accelerato AES è disattivato e questo influenza il comportamento risultante (bassa prestazione).\n\nPer attivare l’accelerazione hardware, selezionare “Impostazioni” > “Prestazioni” e disattivare l’opzione corrispondente. + Notate che il numero dei processi è attualmente limitato, e questo influenza il comportamento risultante (bassa prestazione).\n\nPer utilizzare la piena potenza dei processori selezionare “Impostazioni” > “Prestazioni” e disattivare l’opzione corrispondente. + Volete che VeraCrypt tenti di disattivare la protezione da scrittura della partizione o dell'unità? + ATTENZIONE: Queste impostazioni possono ridurre le prestazioni.\n\nSiete sicuri di voler usare queste impostazioni? + Attenzione: VolumeVeraCrypt auto-smontato + Prima di rimuovere fisicamente o spegnere un dispositivo contenente un volume montato, si dovrebbe sempre smontare il volume prima su VeraCrypt.\n\nUno smontaggio inprovviso e non voluto è generalmete causato da un'intermittenza sul cavo, disco, ecc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Prova + File chiave + Indietro + Tab + Canc + Invio + Pausa + Blocca maiuscole + Barra spaziatrice + Pagina giù + Pagina su + Fine + Home + Freccia sinistra + Freccia in alto + Freccia destra + Freccia in basso + Tasto selezione + Tasto stampa + Tasto esegui + Stampa schermo + Ins + Canc + Applicazioni + Pausa + Bloc Num. + Bloc Scorr. + Indietro (Browser) + Avanti(Browser) + Aggiorna (Browser) + Stop (Browser) + Ricerca (Browser) + Preferiti (Browser) + Home (Browser) + Silenzio + Volume - + Volume + + Traccia seguente + Traccia precedente + Stop + Riproduci/Pausa + Avvia programma di posta + Seleziona media + Applicazione 1 + Applicazione 2 + Attn + CrSel + ExSel + Avvio + Zoom + Tastierino numerico + Maiusc. + Ctrl + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.ja.xml b/Translations/Language.ja.xml index 1285dcf3..b853f203 100644 --- a/Translations/Language.ja.xml +++ b/Translations/Language.ja.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - キャンセル - 全てのユーザにインストール(&f) - 参照(&w)... - VeraCryptアイコンをデスクトップに作成する(&D) - 寄付する... - 拡張子「.hc」をVeraCryptに関連づける(&e) - 完了時にフォルダを開く(&O) - VeraCryptをスタートメニューに追加(&S) - システム復元ポイントの作成(&R) - アンインストール(&U) - 展開のみ(&E) - インストール(&I) - VeraCryptセットアップウィザード - VeraCryptのアンインストール - ヘルプ(&H) - 展開先を選択するか入力してください: - インストール先を選択するか入力してください。存在しないフォルダを指定した場合は自動的に作成します。 - VeraCryptをシステムから除去するためには「アンインストール」をクリックしてください。 - 中断 - ベンチマーク(&B) - テスト(&T) - 暗号化ボリュームを作成してフォーマット - パーティションをその場で暗号化 - 生成キーを表示 (部分) - プール内容の表示 - CD/DVDライティングソフトをダウンロード - 暗号化されたファイルコンテナを作成 - &GB - &TB - 詳細情報 - VeraCrypt隠しボリューム(&d) - 隠しボリュームについて - ダイレクトモード - 通常モード - &KB - キーファイルを使用(&S) - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - キーファイル(&K) - ハッシュアルゴリズムについて - 暗号について - Information on PIM - &MB - コンテナについて - システムの暗号化について - 詳細情報 - マルチブート - 非システムパーティション/ドライブを暗号化 - 履歴を保存しない(&N) - 外殻ボリュームを開く - ポーズ(&P) - Use P&IM - Use PIM - クイックフォーマット - パスワード表示(&D) - パスワードを表示(&D) - &Display PIM - シングルブート - VeraCrypt標準ボリューム - 隠し(&d) - 通常 - システムパーティションあるいはシステムドライブ全体を暗号化 - Windowsシステムパーティションを暗号化 - ドライブ全体の暗号化 - VeraCryptボリューム作成ウィザード - クラスター - 重要:このウィンドウ内にてできるかぎりランダムにマウスを動かしてください。これにより暗号鍵の強度を大幅に上げられます。長く動かすほど良い結果を得られます。終わったら「次へ」をクリックしてください。 - 確認入力(&C): - 完了 - Drive letter: - 暗号化アルゴリズム - ファイルシステム - ファイルとして仮想暗号化ディスクを作成します。\n初心者にはこちらを推奨します。 - オプション - ハッシュアルゴリズム - ヘッダーキー: - 残り - マスターキー: - このマシンに複数のOSがインストールされている場合はこのオプションを選択してください。\n\n例:\n- Windows XP + Windows XP\n- Windows XP + Windows Vista\n- Windows + Mac OS X\n- Windows + Linux\n- Windows + Linux + Mac OS X - 内蔵あるいは外付けの、システムを含まないパーティション(例:フラッシュドライブ)を暗号化します。隠しボリュームも作れます。 - カレントプールの内容(部分) - パス - パスワード: - Volume PIM: - Volume PIM: - 進行状況: - ランダムプール: - このマシンにインストールされたOSが一つだけの場合はこのオプションを選択してください(複数ユーザーで使っていても同様)。 - スピード - ステータス - 暗号鍵、ソルト、その他のデータの生成に成功しました。新しい暗号鍵を生成したい場合は「戻る」をクリックして「次へ」をクリックしてください。それ以外は「次へ」をクリックしてください。 - Windowsがインストールされているパーティションあるいはドライブを暗号化します。このシステム上のファイルを読み書きするためには、Windowsを起動するたびに正しいパスワードを入力しなければならなくなります。隠しシステムを作ることもできます。 - 現在起動中のWindowsがインストールされているパーティションを暗号化する場合はこのオプションを選択してください。 - Volume Label in Windows: - ワイプモード: - 閉じる - Escキーによる起動前認証のスキップを許可(ブートマネージャを有効化)(&a) - 何もしない - ボリュームの自動マウント(下欄で指定)(&A) - VeraCryptの起動(&S) - ライブラリ自動検出(&D) - メモリー上に起動前認証パスワードを(非システムボリュームのマウント用に)キャッシュする(&C) - 参照... - 参照... - パスワードやキーファイルをメモリに記憶する(&E) - 全てアンマウントされると常駐終了 - ボリュームのマウントに成功したときにトークンセッションを閉じる(&C) - Include VeraCrypt Volume Expander - VeraCryptボリューム作成ウィザードを含める - 作成 - ボリュームの作成(&C) - 起動前認証画面で一切の文字を表示しない(以下のカスタムメッセージを除く)(&s) - Disable "Evil Maid" attack detection - 可能ならCPUのAES処理命令セットを利用してAESによる暗号化/復号処理を高速化する - キーファイルを使用 - キーファイルを使用 - 終了(&X) - お気に入りボリュームについて - 選択したボリュームは「お気に入りをマウント」するホットキーが押されたとしてもマウントしない(&H) - 選択したボリュームをホストデバイスが接続されたときにマウントする(&c) - 選択したボリュームをログオン時にマウントする(&o) - 選択したボリュームを読み取り専用としてマウントする(&n) - 選択したボリュームをリムーバブルメディアとしてマウントする(&v) - 下へ(&D) - 上へ(&U) - 選択したボリュームのマウントに成功したらエクスプローラーを開く(&E) - 登録解除(&R) - Use favorite label as Explorer drive label - 全体設定 - ホットキーでのアンマウントに成功したときバルーンを表示 - ホットキーでのアンマウントに成功したとき音を鳴らす - Alt - Ctrl - Shift - Win - 割当 - 解除 - キーファイル... - 右に指定した数のプロセッサーは暗号化/復号処理に使用しない: - より詳しい情報へ - より詳しい情報へ - その他の設定... - デバイスの自動マウント(&A) - マウントオプション...(&O) - ボリュームを読み取り専用でマウント(&O) - キーファイル... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - 常駐する - パスワードをドライバのメモリに記憶する - 右に示す時間内に読み書きがなければ自動的にアンマウント - ユーザがログオフしたとき - User session locked - 省電力モードに入ったとき - スクリーンセーバの起動時 - ボリュームに開かれたファイルやフォルダがあっても強制的にアンマウント - すべてのデバイス型ボリュームをマウント - VeraCryptを常駐して開始 - ボリュームを読み取り専用でマウント - ボリュームをリムーバブルメディアとしてマウント - マウント成功時にそのボリュームのウィンドウを開く - Temporary Cache password during "Mount Favorite Volumes" operations - マウントされたボリュームがあるときにタスクバーアイコンを変える - 自動アンマウントの際に記憶していたパスワードを消去 - 終了時に記憶していたパスワードを消去 - コンテナファイルの更新日時を変更しない - リセット - デバイスの選択(&E) - ファイルの選択(&F) - ライブラリの選択(&L)... - パスワードを表示 - パスワードを表示 - マウントされたボリュームのウィンドウを開く(&E) - パスワードをドライバのメモリに記憶(&C) - TrueCrypt Mode - 全てアンマウント(&S) - ボリュームのプロパティ(&V)... - ボリュームツール(&T)... - 記憶済パスワードの消去(&W) - VeraCrypt - Mount Parameters - VeraCrypt - お気に入りボリューム - VeraCrypt - システム全体のホットキーの設定 - VeraCrypt - パスワードあるいはキーファイルの変更 - VeraCryptボリュームのパスワードの入力 - VeraCrypt - パフォーマンス設定 - VeraCrypt - 各種設定 - VeraCrypt - システム暗号化設定 - VeraCrypt - セキュリティトークン設定 - VeraCryptトラベラーディスクのセットアップ - VeraCryptボリュームのプロパティ - バージョン情報 - ボリュームへのキーファイルの追加/削除... - マウントされたボリュームをお気に入りに追加... - マウントされたボリュームをシステムお気に入りに追加... - システムクラッシュの解析... - ボリュームヘッダのバックアップ... - ベンチマーク... - ヘッダキー導出アルゴリズムの設定... - ボリュームパスワードの変更... - ヘッダキー導出アルゴリズムの設定... - パスワード変更... - ボリューム履歴の消去 - 全てのセキュリティトークンセッションを閉じる - 連絡先 - 隠しOSを作成... - レスキューディスク作成... - 新規ボリュームの作成... - Permanently Decrypt... - デフォルトキーファイル... - Default Mount Parameters... - 寄付する... - システムパーティション/ドライブの暗号化... - よくある質問と答え - ユーザーズガイド - ホームページ(&H) - ホットキー... - キーファイル生成 - 言語... - ライセンス表示 - セキュリティトークンキーファイルを管理... - 全てのデバイス型ボリュームをマウント - お気に入りに登録したボリュームをマウント - 起動前認証をせずにマウント(&A)... - ボリュームをマウント - ボリュームをオプションを指定しながらマウント - VeraCryptニュース - オンラインヘルプ - 初心者用チュートリアル - お気に入りボリュームを編成... - システムお気に入りボリュームを編成... - パフォーマンス... - システムパーティション/ドライブの暗号化を解除 - 各種設定... - ドライブリストの更新 - ボリュームから全てのキーファイルを削除... - ボリュームヘッダのリストア... - 中断処理を再開 - デバイスの選択... - ファイルの選択... - 中断処理を再開 - システムの暗号化... - プロパティ... - 設定... - システムお気に入りボリューム... - ダウンロード - ベクターのテスト... - セキュリティトークン... - トラベラーディスクのセットアップ... - 全てのボリュームをアンマウント - ボリュームをアンマウント - レスキューディスクのベリファイ - Verify Rescue Disk ISO Image - バージョン履歴 - Volume Expander - ボリュームのプロパティ - ボリューム作成ウィザード - VeraCryptウェブサイト - 記憶したパスワードの消去 - OK - ハードウェアによる高速化設定 - ショートカット - 自動実行ファイル(Autorun.inf)の設定 - 自動アンマウント - 右に示すときに \nすべてアンマウント: - ブートローダー画面オプション - パスワード確認: - 現在 - 起動前認証画面で次のメッセージを表示する(最大24文字): - デフォルトのマウントオプション - ホットキーオプション - Driver Configuration - Enable extended disk control codes support - 選択したお気に入りボリュームのラベル: - ファイルの設定 - 割り当てるキー: - このマシンのプロセッサ(CPU)がAES高速化に対応しているか: - ログオン時に自動的に実行する内容 - - ドライブレター: - マウントの設定 - 新規 - パスワード: - マルチスレッドによる並列処理設定 - PKCS#11ライブラリの場所 - 導出アルゴリズム: - PKCS-5 PRF: - パスワードの記憶 - セキュリティオプション - VeraCryptの常駐 - マウントするVeraCryptボリューム(トラベラーディスクからの相対位置): - トラベラーディスクが挿入されたとき: - トラベラーディスクファイルを作成する場所(トラベラーディスクのルートディレクトリ): - ボリューム - Windows - フォルダの追加(&P) - 全自動テスト(&A) - 続ける(&C) - 復号(&D) - 削除(&D) - 暗号化(&E) - エクスポート(&E)... - キーファイルの生成と保存... - ランダムキーファイルの生成(&G) - 言語パックをダウンロード - ハードウェアによるAES処理高速化: - キーファイルをトークンにインポート(&I)... - ファイルの追加(&F)... - キーファイルの使用(&S) - キーファイル(&K)... - 解除(&R) - 全て解除(&A) - 隠しボリュームによる保護とは? - キーファイルについて - ボリュームをリムーバブルメディアとしてマウント(&M) - システムを暗号化したパーティションを起動前認証せずにマウント(&u) - 並列処理: - ベンチマーク - 印刷(&P) - 隠しボリュームを外殻ボリュームへの書き込みによる破損から保護する(&P) - リセット(&R) - パスワード表示(&D) - トークンファイルの追加(&T)... - 可能ならボリュームに付加されたバックアップヘッダを使用する(&v) - XTSモード - VeraCryptについて - VeraCrypt - 暗号化アルゴリズムのベンチマーク - VeraCrypt - ベクターのテスト - コマンドラインのヘルプ - VeraCrypt - キーファイル - VeraCrypt - キーファイル生成 - VeraCrypt - 言語 - VeraCrypt - マウントオプション - 新しいセキュリティトークンキーファイルのプロパティ - VeraCrypt - ランダムプール強化 - パーティションまたはデバイスの選択 - VeraCrypt - セキュリティトークンキーファイル - セキュリティトークンのパスワードかPINが必要 - 現在の言語パック - 速度は CPU の負荷や記憶装置の特性に左右されます。\n\nこのテストはメモリ内で実行されます。 - バッファサイズ: - 暗号方式: - 隠しボリュームのパスワード(&A)(空なら記憶中のものを使用) - 隠しボリュームの保護 - 鍵サイズ: - 重要:このウィンドウ内にてできるかぎりランダムにマウスを動かしてください。これにより暗号鍵の強度を大幅に上げられます。長く動かすほど良い結果を得られます。 - 警告:もしキーファイルを紛失、あるいはその先頭1024キロバイト中に1ビットでも変化があった場合、そのキーファイルを使っているボリュームはマウントできなくなります! - ビット - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - 翻訳者: - 平文のサイズ: - ビット - 現在のプールの内容 - 混合用PRF: - 重要:このウィンドウ内でマウスをできるだけランダムに動かしてください。長く動かすほど良い結果となり、セキュリティを高められます。終了したら「続ける」をクリックしてください。 - セカンダリキー(16進) - セキュリティトークン: - 並び替え: - このままお待ちください。長時間かかるものと思われます。 - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - ブロック番号: - 暗号文(16進) - データユニット番号(64ビット16進, データユニットサイズ:512バイト) - 鍵(16進) - 平文(16進) - キーファイル名: - XTSモード - システム(&y) - ボリューム(&V) - お気に入り(&i) - ツール(&O) - 設定(&g) - ヘルプ(&H) - ホームページ(&P) - - バージョン情報(&A)... - 古いボリュームの読み取り専用属性を変更できません。ファイルのアクセス許可を確認してください。 - エラー:アクセスできません。\n\nアクセスしようとしたパーティションは、セクター長が0であるかブートデバイスであるかのいずれかです。 - 管理者 - VeraCryptのドライバをロードするためには、管理者権限を持つアカウントでログオンする必要があります。 - パーティションやデバイスを暗号化またはフォーマットするためには、管理者権限を持つアカウントでログオンする必要があります。\n\nただしファイル型ボリュームの場合はその限りではありません。 - 隠しボリュームの作成には管理者権限を持つアカウントでログオンする必要があります。\n\n作業を続けますか? - ボリュームをNTFSでフォーマットするには、管理者権限を持つアカウントでログオンする必要があります。\n\nただし管理者権限がなくても、FATでならフォーマット可能です。 - FIPS(連邦情報処理基準)で規格化された暗号化方式(Rijndael 1998年)であり、アメリカ政府の各省庁において、最高機密レベルの情報保護に使われています。256ビットの鍵長、128ビットブロックで、ラウンド数は14です(AES-256)。動作モードはXTSです。 - ボリュームはすでにマウントされています。 - 注意:自動セルフテストにおいて、暗号化あるいはハッシュのアルゴリズムのテストに失敗しました!\n\nおそらくVeraCryptのインストールに失敗しています。 - 注意:乱数生成器において、要求された量のランダムなデータを生成できませんでした。\n\nこれ以上作業を進めるべきではありません。メニューの[ヘルプ]-[バグを報告する]から、このエラーを報告してください。 - このドライブに障害(物理的な故障)があるか、ケーブルに異常があるか、あるいはメモリに異常があります。\n\nこれはハードウェアの問題であってVeraCryptの問題ではありません。したがってこの件についてVeraCryptフォーラムにバグ報告をしたり助けを求めたりしないでください。コンピュータメーカーの技術サポートへご連絡ください。よろしくお願いいたします。\n\n注:もしこのエラーが同じ箇所で何度も繰り返される場合、ディスクブロック不良の可能性が高いです。サードパーティ製の修正用ソフトで修正してください。(なお、ほとんどのケースでは 'chkdsk /r' コマンドは効きません。chkdskコマンドはファイルシステムレベルにしか働きません。chkdskコマンドはディスクブロック不良を発見できないことさえあります。) - リムーバブルメディア用のドライブにアクセスする際は、メディアがドライブに装着されているかをよくご確認ください。このドライブもしくはメディアが破損・故障している(おそらく物理的な異常です)か、あるいはケーブルが切断もしくは接続されていないようです。 - ご使用中のシステムのカスタムチップセットドライバに、システムドライブ全体の暗号化を妨げるバグがあるように思われます。\n\n手順を進める前に、(マイクロソフト以外の)カスタムチップセットドライバの更新あるいはアンインストールを試みてください。それでもうまくいかなければ、システムパーティションのみの暗号化を試してみてください。 - ドライブレターが無効です。 - 無効なパスです。 - キャンセル - デバイスにアクセスできません。選択したデバイスが存在しているか、あるいはシステムで使用中でないか確認してください。 - 警告:Caps Lockキーがオンになっています。 そのためパスワードの入力を誤る可能性があります。 - ボリュームタイプ - あなたは誰かに暗号化ボリュームのパスワードを明かすように強要されることがあるかもしれません。それを拒否できない状況(恐喝されるなど)もいろいろとあり得ます。「隠しボリューム」を使うことで、パスワードを明かさずに済むようになります。 - 通常のVeraCryptボリュームを作成する場合はこのオプションを選択してください。 - もし隠しパーティションにOSをインストールしたい場合、単一の鍵ではシステムドライブ全体を暗号化できないことに留意してください。 - 外殻ボリュームの暗号化オプション - 隠しボリュームの暗号化オプション - 暗号化オプション - 警告:(ファイル選択ダイアログが記憶している)最後に選択したボリュームあるいはキーファイルの場所の消去に失敗しました! - エラー:このコンテナはファイルシステムレベルで圧縮されています。VeraCryptは圧縮されたコンテナには対応していません(暗号化されたデータを圧縮するのは冗長であり、効果がありません)。\n\n次の方法で圧縮を解除してください。\n\n1) エクスプローラ上で(VeraCrypt上ではありません)コンテナを右クリック\n\n2) プロパティを選択\n\n3) プロパティダイアログで「詳細設定」をクリック\n\n4) 属性の詳細ダイアログで「内容を圧縮してディスク領域を節約する」のチェックを外し「OK」をクリック\n\n5) プロパティダイアログに戻るので「OK」をクリック - ボリューム %s の作成に失敗しました - %s のサイズは %.2f バイト - %s のサイズは %.2f KB - %s のサイズは %.2f MB - %s のサイズは %.2f GB - %s のサイズは %.2f TB - %s のサイズは %.2f PB - 警告:指定されたデバイスあるいはパーティションは、OSあるいはアプリケーションで使用されています。このデバイスあるいはパーティションをフォーマットすると、そのデータが破壊されてシステムが不安定になるかもしれません。\n\nフォーマットを続けますか? - 警告:そのパーティションはOSかアプリケーションで使用中です。まず使用されているパーティション上のすべてのアプリケーションを終了してください(アンチウィルスソフトも含みます)。\n\n続けますか? - エラー:指定されたデバイスあるいはパーティションに、アンマウントできないファイルシステムが含まれています。このファイルシステムはおそらくOSで使用されており、このデバイスあるいはパーティションをフォーマットすると、そのデータが破壊されてシステムが不安定になる可能性が高いです。\n\nこの問題を解決するためには、まず最初にパーティションを削除し、フォーマットをせずにパーティションを再作成することをお勧めします。そのためには以下の手順を行ってください。\n\n1) コンピュータ(マイコンピュータ)アイコンを右クリックして「管理」を選択し、「コンピュータの管理」画面を開く。 2) 「記憶域」>「ディスクの管理」を選択。 3) 暗号化したいパーティションを選んで右クリックし、「パーティションの削除」「ボリュームの削除」「論理ドライブの削除」のいずれかを選択。 4) 「はい」をクリック。もし再起動を要求されたら再起動し、手順(1)と(2)を行い(5)に進む。 5) 空き領域/未割り当て領域を右クリックし、「新しいパーティション」「新しいシンプルボリューム」「新しい論理ドライブ」のいずれかを選択。 6) 「新しいパーティションウィザード」か「新しいシンプルボリュームウィザード」が開くので、表示された内容に従って進める。ウィザードが「パーティションのフォーマット」まで進んだら、「このパーティションをフォーマットしない」「このボリュームをフォーマットしない」のいずれかを選択する。続いて「次へ」をクリックし、最後に「終了」をクリック。 7)この時点でVeraCryptで指定されているデバイスの位置がずれていると思われるので、(もしまだ実行中なら)VeraCryptボリューム作成ウィザードをいったん終了し、再び実行する。 8) VeraCryptに戻って、再びデバイスあるいはパーティションの暗号化を試す。\n\nもしVeraCryptが再度暗号化に失敗したときは、代わりにコンテナファイルの作成を検討してください。 - エラー:ファイルシステムのロックを取得できないかアンマウントできません。おそらくOSかアプリケーションが使用中です(例:アンチウィルスソフトなど)。このパーティションの暗号化を続けるとデータが破壊されてシステムが不安定になるかもしれません。\n\nまず使用されているパーティション上のすべてのアプリケーションを終了してから(アンチウィルスソフトも含みます)、改めて試してください。方法がわからない場合は、以下の手順に従ってください。 - 警告:マウントされたデバイスあるいはパーティションのいくつかはすでに使用中です!\n\nこれを無視して進めるとシステムが不安定になるなどの望まれない結果を引き起こす可能性があります。\n\nそのデバイスあるいはパーティションを使用していると思われるアプリケーションを終了させることを強く推奨します。 - 選択されたデバイスにはパーティションが含まれています。\n\nこのデバイスをフォーマットすることは、システムを不安定にし、データの破壊を引き起こすおそれがあります。デバイス全体ではなくいずれかのパーティションを選択するか、あるいは、このデバイスのすべてのパーティションを削除して、VeraCryptが安全にフォーマットできるようにしてください。 - 選択された非システムデバイスはパーティションを含んでいます。\n\nデバイス型の暗号化ボリュームを保持するデバイスには、パーティションを含むことができません(ハードディスクやSSDも含みます)。パーティションを含むデバイスでデバイス全体を暗号化(単一のマスターキーを使用)できるのは、そのドライブにWindowsがインストールされており、かつそこから起動するときに限ります。\n\nもし選択された非システムデバイスを(単一のマスターキーで)暗号化したい場合は、VeraCryptが安全にフォーマットできるよう(パーティションを含むデバイスをフォーマットすると、データを破壊したりシステムが不安定になるおそれがあります)に、最初にそのデバイスの全てのパーティションを削除する必要があります。あるいは、そのドライブ上のパーティションを個々に暗号化することもできます(パーティションごとに別々のマスターキーが使われます)。\n\n注:もしGPTディスク上の全パーティションを削除したい場合、隠しパーティションを削除するためには「コンピュータの管理」などからMBRディスクに変換しておく必要があるでしょう。 - 警告:もしこのデバイス全体を暗号化した場合、OSはこのデバイスを、新しく、空で、未フォーマット(つまりパーティションテーブルを持っていない)であるものとみなし、自動的に初期化しようとするかもしれません(あるいは初期化しますかと尋ねてくるでしょう)。初期化すると暗号化ボリュームは破壊されてしまいます。さらに、このことでお気に入りボリュームのマウント先の一貫性や(例えばドライブの数が変わった時など)、お気に入りボリュームのラベル割当状態が崩れたりするでしょう。\n\nこれらを避けるためには、デバイス全体を暗号化するのではではなく、デバイス上にパーティションを作成してからパーティションを個別に暗号化した方が無難です。\n\n本当にデバイス全体を暗号化して良いですか? - 重要:このボリュームは現在割り当てられている %c: ドライブとしてマウント、使用することができないことを忘れないでください!\n\nこのボリュームをマウントするためには、VeraCryptのメインウィンドウから「デバイスの自動マウント」をクリック(あるいは「デバイスの選択」をクリックしてからこのパーティション/デバイスを選択し、「マウント」をクリック)してください。このボリュームは、メインウィンドウで選択されていた別のドライブレターにマウントされます。\n\n元のドライブレター %c: はパーティション/デバイスの暗号化を解除したいとき(例:暗号化が不要になったときなど)にのみ使用してください。その場合は、コンピュータ(あるいはマイコンピュータ)の %c: ドライブを右クリックし、[フォーマット]を選択するようにします。それ以外でドライブレター %c: を使うことは避けてください(ただしこれを例えばVeraCrypt FAQで説明されているように取り外して、別のパーティション/デバイスを割り当てる時を除きます)。 - 現在使用中のOSではその場での非システムボリュームの暗号化には対応していません。これに対応しているのはVista以降のWindowsのみです。\n\nこれは、このバージョンのWindowsがファイルシステムの縮小に対応していないためです。ボリュームヘッダおよびバックアップヘッダの領域を確保するためには、ファイルシステムを縮小する必要があります。 - 選択されたパーティション上にNTFSファイルシステムが見あたりません。パーティションでその場での暗号化が可能なのはNTFSであるときのみです。\n\n注:これはWindowsがこれ以外のファイルシステムでの縮小に対応していないからです。ボリュームヘッダおよびバックアップヘッダの領域を確保するためには、ファイルシステムを縮小する必要があります。 - 選択されたパーティション上にNTFSファイルシステムが見あたりません。パーティションでその場での暗号化が可能なのはNTFSであるときのみです。\n\nこのパーティション上に暗号化ボリュームを作成するには、「パーティションをその場で暗号化」の代わりに「暗号化ボリュームを作成してフォーマット」オプションを選択してください。 - エラー:パーティションが小さすぎます。その場での暗号化はできません。 - このパーティションのデータを暗号化するには、次の手順に従ってください。\n\n1) 空のパーティション/デバイス上にVeraCryptボリュームを作成してマウントします。\n\n2) このパーティションにある暗号化したいすべてのデータを、手順1でマウントしたVeraCryptボリュームにコピーします。つまりそのデータの暗号化されたバックアップを作ります。\n\n3) 元々暗号化しようとしていたこのパーティションにVeraCryptボリュームを作成します。その際、VeraCryptのウィザードで「パーティションをその場で暗号化」ではなく、必ず「暗号化ボリュームを作成してフォーマット」を選択します。このとき、このパーティション上のデータが削除されることに注意してください。ボリュームが作成されたらそれをマウントしてください。\n\n4) 手順1で作成・マウントしていたバックアップのVeraCryptボリュームにあるすべてのファイルを、手順3で作ってマウントしたばかりのVeraCryptボリュームにコピーしてください。\n\n上記のすべての手順を終わったとき、このパーティション上のデータが暗号化されているのに加えて、暗号化されたバックアップもできあがっていることになります。 - その場での暗号化が可能なのは、パーティション、ダイナミックボリューム、あるいはシステムドライブ全体を暗号化するときに限られます。\n\n選択された非システムデバイスに暗号化ボリュームを作成するには、「パーティションをその場で暗号化」の代わりに「暗号化ボリュームを作成してフォーマット」オプションを選択してください。 - エラー:その場での暗号化が可能なのは、パーティション、ダイナミックボリューム、あるいはシステムドライブ全体を暗号化するときに限られます。指定されたパスが有効かどうか確認してください。 - エラー:ファイルシステムを縮小できません。ファイルシステムを縮小するためにはボリュームヘッダとバックアップヘッダのための領域が必要です。\n\n想定される原因と解決方法は次のとおりです。\n\n- ボリュームに十分な空きスペースがありません。他のアプリケーションがファイルを書き込んでいないか確認してください。\n\n- ファイルシステムが壊れています。次の方法でエラーをチェックし修復してみてください(該当ドライブを右クリックして「プロパティ」を選択→「ツール」タブを選び「チェックする」をクリック→「ファイルシステムエラーを自動的に修復する」オプションにチェックを入れて「開始」)。\n\nもし上記の手順でうまくいかなければ、以下の手順に従ってください。 - エラー:このボリュームに充分な空き容量がないため、ファイルシステムを縮小できません。ファイルシステムを縮小するためにはボリュームヘッダとバックアップヘッダのための領域が必要です。\n\n不要なファイルを削除したり「ごみ箱」を空にしたりして、空き容量を少なくとも256KBは確保した上でもう一度試してみてください。なおWindows自体の問題により、OSを再起動するまでエクスプローラは正しくない空き容量を報告してくることに注意してください。再起動してもうまくいかない場合は、ファイルシステムが壊れているものと思われます。次の方法でエラーをチェックし修復してみてください(該当ドライブを右クリックして「プロパティ」を選択→「ツール」タブを選び「チェックする」をクリック→「ファイルシステムエラーを自動的に修復する」オプションにチェックを入れて「開始」)。\n\nもし上記の手順でうまくいかなければ、以下の手順に従ってください。 - ドライブ %s の空き容量は %.2f バイトです。 - ドライブ %s の空き容量は %.2f KB - ドライブ %s の空き容量は %.2f MB - ドライブ %s の空き容量は %.2f GB - ドライブ %s の空き容量は %.2f TB - ドライブ %s の空き容量は %.2f PB - 有効なドライブ名を取得できませんでした。 - エラー:VeraCryptのドライバが見つかりません。\n\nVeraCrypt.exeと同じフォルダに、'veracrypt.sys' および 'veracrypt-x64.sys' ファイルをコピーしてください。 - エラー:違うバージョンのVeraCryptデバイスドライバが作動中です。\n\nもしVeraCryptをポータブルモードで動作させようとしており、かつ違うバージョンのVeraCryptが既にインストールされているのであれば、先にそれをアンインストール(あるいはインストーラーでアップグレード)する必要があります。VeraCryptのアンインストールは次の手順で行ってください:[Vista以降] スタートメニュー→コンピュータ→プログラムのアンインストールと変更→VeraCrypt→アンインストール [Win XP] スタートメニュー→設定→コントロールパネル→プログラムの追加と削除→VeraCrypt→削除\n\n同じように、もしVeraCryptをポータブルモードで動作させようとしていて、すでに違うバージョンのVeraCryptがポータブルモードで起動しているのであれば、まずシステムを再起動した後に新しいバージョンのみを起動してください。 - エラー:暗号処理の初期化に失敗しました。 - エラー:強度の弱い鍵が検出されました! この鍵は廃棄されます。やり直してください。 - 致命的なエラーが発生したためVeraCryptを終了しました。もしこれがVeraCryptのバグに起因するものなら修正したいと思います。そのためにも、自動生成されたエラーレポートをお送りください。このレポートには次の情報が含まれています。\n\n- プログラムのバージョン\n- OSのバージョン\n- CPUの種類\n- VeraCryptコンポーネント名\n- VeraCrypt実行ファイルのチェックサム\n- ダイアログウィンドウのシンボリックネーム\n- エラーのカテゴリ\n- エラーアドレス\n- VeraCryptのコールスタック\n\n「はい」を選択すると、次のURL(上記のエラー情報をすべて含んでいます)をデフォルトのインターネットブラウザを開いて呼び出します。\n\n%hs\n\n上記のエラーレポートを我々に送って良いですか? - システムで致命的なエラーが発生したため、VeraCryptが終了させられました。\n\nこれはVeraCryptに起因するエラーではありません。したがってVeraCryptの開発者はこの問題には対処できません。システム上に何か問題がないか確認してください(例:システムの設定、ネットワークの接続状況、ハードウェアエラーなど)。 - システムに致命的なエラーが発生し、VeraCryptは強制終了させられました。\n\nもしこの問題が続くようであれば、原因となり得るアプリケーションを無効にするかアンインストールする必要があるかもしれません。例としては、アンチウィルスやインターネットセキュリティソフト、その他、システムを拡張したり最適化したりなどといったシステムの深部を操作するようなものが挙げられます。もしそうしても問題が解決しないのであればOSを再インストールしてみてください。この問題はマルウェアに起因する可能性もあります。 - VeraCrypt 致命的なエラー - VeraCryptはシステムが最近クラッシュしたことを検出しました。なぜクラッシュしたのかについて様々な原因が考えられます。例えばハードウェアの故障、デバイスドライバのバグなどです。\n\nVeraCryptのバグがシステムクラッシュの原因であったかどうかチェックしますか? - VeraCryptによるシステムクラッシュの確認を続けますか? - システムクラッシュのミニダンプファイルは見つかりませんでした。 - ディスクの空き容量を増やすためにダンプファイルを削除しますか? - システムクラッシュの原因を解析するためには、Microsoft Debugging Tools for Windows を先にインストールする必要があります。\n\n「OK」をクリックすると、Windows Installer がそのインストールパッケージ(16 MB)をマイクロソフトのサーバーからダウンロードし、インストールします。なお Windows Installer がアクセスするサーバーの URL は truercyprt.org のサーバーから転送されます。これはマイクロソフトがインストールパッケージの場所を変更しても追随できるようにするためです。 - 「OK」をクリックするとシステムクラッシュの解析を始めます。これには数分かかる見込みです。 - 環境変数「PATH」に 'kd.exe' (Kernel Debugger) へのパスが含まれているか確認してください。 - 十中八九、VeraCryptはシステムクラッシュの原因ではないようです。システムがクラッシュした理由には様々な原因が考えられます。例えばハードウェアの故障、デバイスドライバのバグなどです。 - 解析結果によると、以下のドライバーをアップデートすることで問題が解決するかもしれません: - 私たちがVeraCryptにバグがあるのかを確認できるよう、以下の事項が含まれた自動生成のエラーレポートを送信することができます。\n- プログラムのバージョン\n- OSのバージョン\n- CPUの種類\n- エラーのカテゴリー\n- ドライバーの名前とバージョン\n- システムコールスタック\n\nもし「はい」を選択すると、下記のURL(エラーレポートの全項目が含まれる)がデフォルトのインターネットブラウザーで開かれます。 - 上記のエラーレポートを送信しますか? - 暗号化(&E) - 復号(&D) - 暗号解除(&P) - 終了 - この拡張パーティションに論理ドライブを作成してからやり直してください。 - VeraCryptのボリュームは、ハードディスクやUSBフラッシュドライブ中にあるファイル(VeraCryptコンテナと呼ばれます)として作ることができます。またVeraCryptコンテナは通常のファイルとまったく同じように移動や削除ができます。「ファイルの選択」をクリックして、作成したいコンテナのファイル名と場所を選んでください。\n\n注意:既存のファイルを選んだ場合、VeraCryptはそのファイルを暗号化するわけでは*ありません*。既存のファイルは削除され、新しく作成されたVeraCryptコンテナに置き換えられます。既存のファイルを暗号化したい場合は、ここで作成したVeraCryptコンテナの中に後で移動するようにします。 - 外殻ボリュームを作成する場所を指定してください(中に入れる隠しボリュームは後で作成されます)。\n\nVeraCryptのボリュームは、ハードディスクやUSBフラッシュドライブ等の中にあるファイルの中(VeraCryptコンテナと呼ばれます)に作ることができます。VeraCryptコンテナは通常のファイルとまったく同じように移動や削除ができます。「ファイルを選択」をクリックして、作成したいコンテナのファイル名と場所を選んでください。既存のファイルを選んだ場合、VeraCryptはそのファイルを暗号化するわけでは*ありません*。その既存ファイルは削除され、新しく作成されたVeraCryptコンテナに置き換えられます。既存のファイルを暗号化したい場合は、ここで作成したVeraCryptコンテナの中に後で移動するようにします。 - デバイス型のVeraCryptボリュームは、ハードディスクのパーティション・SSD・USBメモリースティックや、その他対応している記憶装置上に作成することができます。パーティションはその場で暗号化することも可能です。\n\nなお、デバイス型のVeraCryptボリュームはそのデバイスにパーティションがないときにも作成可能です(これはハードディスクやSSDも含みます)。\n\n注:パーティションを含むデバイス全体をその場で暗号化(単一のキーを使用)できるのは、そのドライブにWindowsがインストールされており、そこから起動する場合のみです。 - デバイス型のVeraCryptボリュームを作成できるのは、ハードディスクのパーティション、SSD、USBメモリースティックなどの記憶装置です。\n\n警告:パーティション/デバイスがフォーマットされ、そこにあるすべての既存データが失われることに注意してください。 - \n外殻ボリュームを作成する場所を選択してください(このボリュームの中に後で隠しボリュームが作られます)。\n\n外殻ボリュームはハードディスクのパーティション、SSD、USBメモリースティックなどの対応している記憶装置上に作成できます。パーティションの無いデバイス(ハードディスクやSSDを含みます)上にも作成可能です。\n\n警告:パーティション/デバイスがフォーマットされ、そこにあるすべての既存データが失われることに注意してください。 - 隠しボリュームを格納したいVeraCryptボリュームの場所を選択してください - 警告:そのファイルあるいはデバイスはすでに使われています!\n\nこれを無視して進めるとシステムが不安定になるなどの望まれない結果を引き起こす可能性があります。ファイルあるいはデバイスを使用しているすべてのアプリケーション(例えばアンチウィルスソフトやバックアップソフト等)を、このボリュームをマウントする前に終了してください。\n\nマウントを続行しますか? - エラー:ボリュームをマウントできません。マウントしようとしたファイルあるいはデバイスはすでに使用中です。 排他的でないマウントも試みましたが失敗しました。 - ファイルを開けません。 - ボリュームの位置 - 巨大なファイル - VeraCryptボリュームに4GB超のファイルを保存しようとしていますか? - 上記の選択に基づき、VeraCryptボリュームに適切なデフォルトのファイルシステムを設定します(次のステップでファイルシステムを選択できます)。 - 外殻ボリュームを作成しているのであれば「いいえ」を選択すべきです。「はい」を選ぶとデフォルトのファイルシステムはNTFSとなり、これは外殻ボリュームとしては適切ではありません(例えば外殻ボリュームをFATにした方が、より大きなサイズの隠しボリュームを内包できます)。通常は外殻ボリュームも通常ボリュームもFATがデフォルトとなります(つまりFATの方が怪しまれません)。しかし、もしサイズが4GBを越えるファイルを保存したいのであれば、FATがデフォルトにはなりません。FATでは4GB超のファイルを保存できません。 - 本当に「はい」を選択しますか? - ボリューム作成モード - これがパーティション型あるいはデバイス型のVeraCryptボリュームを作成するための最速の方法です(別オプションのその場での暗号化は、セクタごとに読み込み、暗号化し、書き込みを行うためにより時間がかかります)。選択されたパーティション/デバイス上の既存のデータはすべて削除されます(既存データは暗号化されるわけではなくランダムなデータで上書きされます)。このパーティション上の既存データを暗号化したいのであれば、別のオプションを選択してください。 - 選択されたパーティション上の全データがその場で暗号化されます。もしパーティションが空なら別のオプションを選択すべきです(より速くボリュームが作成されます)。 - 注: - レジューム(&R) - 保留(&D) - 開始(&S) - コンティニュー(&C) - フォーマット(&F) - ワイプ(&W) - フォーマットを中断? - 詳細情報を表示 - これを再び表示しない - パーティション/デバイス上のデータの抹消に成功しました。 - 元システム(隠しシステムのクローン元)パーティション上のデータの抹消に成功しました。 - (消去済みパーティションに)インストールしようとしているWindowsのバージョンが、現在起動中のものと一致しているかよく確認してください。これは双方のシステムが一つの共通の起動パーティションを共用する必要があるからです。 - システムパーティション/ドライブの暗号化に成功しました。\n\n注:もしWindows起動の度に毎回自動的にマウントしたい非システムのVeraCryptボリュームがあるのならば、それらをマウント後に[お気に入り]-[マウントされたボリュームをシステムお気に入りに追加]と選択することで実現できます。 - システムパーティション/ドライブの復号に成功しました。 - \n\nVeraCryptボリュームが作成され、使用できる状態になりました。VeraCryptボリュームを続けて作成する場合は「次へ」をクリックしてください。そうでなければ「終了」をクリックしてください。 - \n\n隠しボリュームの作成に成功しました(隠しOSがこの隠しボリュームに作成されます)。\n\n「次へ」をクリックしてください。 - ボリューム全体が暗号化されました。 - Volume Fully Decrypted - 重要:この新規作成したVeraCryptボリュームをマウントしてデータにアクセスするには、VeraCryptのメインウィンドウで「デバイスの自動マウント」をクリックしてください。そして正しいパスワードを入力(そして正しいキーファイルを指定)すると、メインウィンドウで選択していたドライブレターにそのボリュームがマウントされ、そのドライブを通して暗号化されたデータにアクセスすることができます。\n\n上記の手順を記憶するかメモしておいてください。このボリュームをマウントしてデータにアクセスするためにはこの手順に沿わなければなりません。あるいは、メインウィンドウで「デバイスを選択」をクリックし、このパーティションあるいはボリュームを選択してから「マウント」をクリックしてください。\n\nこのパーティション/デバイスの暗号化に成功し、使用する準備ができました。 - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCryptボリュームの作成に成功しました。 - ボリュームが作成されました - 重要:このウィンドウ内にてできるかぎりランダムにマウスを動かしてください。これにより暗号鍵の強度を大幅に上げられます。長く動かすほど良い結果を得られます。「フォーマット」をクリックするとボリュームを作成します。 - 「フォーマット」をクリックすると外殻ボリュームを作成します。詳細はユーザーズガイドをご覧ください。 - 外殻ボリュームのフォーマット - 隠しボリュームのフォーマット - ボリュームのフォーマット - ユーザーズガイドを表示・印刷するには、Adobe Reader(もしくはその互換品)が必要です。 Adobe Reader(フリーウェア)は www.adobe.com にてダウンロードできます。\n\n代わりにオンラインドキュメントを表示しますか? - このオプションを選択すると、作成ウィザードはまず通常のVeraCryptボリュームを新規作成し、次に隠しボリュームをその中に配置します。慣れている方以外は常にこのオプションを選択してください。 - このオプションを選択すると、既存のVeraCryptボリューム内に隠しボリュームを配置できます。隠しボリュームを納めることのできるVeraCryptボリュームが作成済みであることが前提となります。 - ボリューム作成モード - 隠しボリュームが作成されました - 隠しボリュームの作成に成功し、使用できる状態になりました。ユーザーズガイドの「隠しボリュームの安全に関する必要事項と予防策」に列挙されている必要事項および予防策に従い、正しい方法で使用するならば、たとえ外殻ボリュームがマウントされても、隠しボリュームを探索することはできません。\n\n重要な警告:もし隠しボリュームの保護をしていないならば(保護の方法はユーザーズガイドの「隠しボリュームを破損から守る」をご覧ください)、外殻ボリュームに書き込みをしないでください。さもなければ隠しボリュームを上書きして破壊してしまいます! - 隠しOSの使用を開始しました。お気づきと思いますが、隠しOSは元のOSと同じパーティションにインストールされているかのように見えます。しかしその実体は隠しボリュームにインストールされており、元のOSに対する全ての読み書き操作は、実際には隠しボリュームに対して行われます。\n\nOS自身だけでなく、どのアプリケーションも、システムパーティションへの読み書きが実際には隠しボリュームに対して行われていることを知りません。どのようなデータも(囮OSとは別の鍵で)透過的に暗号化・復号されます。\n\n\n「次へ」をクリックしてください。 - 外殻ボリュームが作成され、%hc: ドライブとしてマウントされました。この外殻ボリュームには、本当は隠す必要はないが、一見、秘密のように見えるファイルをいくつかコピーしてください。これは、システムパーティションのすぐ後にあるパーティション(外殻ボリュームと隠しボリュームを含んでいる)のパスワードの開示を強要されたときのためのものです。外殻ボリューム用のパスワードが漏れても、隠しボリューム(とその中の隠しOS)の存在は隠されたままです。\n\n重要:外殻ボリュームにコピーするファイルの総サイズは %s を越えてはいけません。さもなければ隠しボリュームのために十分な領域を確保できなくなり、その後の処理が継続できなくなるでしょう。ファイルのコピーが終了したら「次へ」をクリックしてください。外殻ボリュームはアンマウントしないでください。 - 外殻ボリュームが %hc:ドライブに無事に作成されました。このボリュームには、本当は隠す必要はないが、見た目は他人に隠したいように見えるファイルをいくつかコピーしておくべきです。それらのファイルは誰かがあなたにパスワードを明かすよう強要してきたときのためにあります。外殻ボリュームのパスワードは明かしても構いませんが、隠しボリュームのパスワードを明かしてはいけません。本当に大事なファイルは、この後、隠しボリュームを作ってからそこに入れてください。外殻ボリュームへのコピーが終わったら「次へ」をクリックしてください。このボリュームはアンマウントしないでください。\n\n注:「次へ」がクリックされると、ボリュームの終端まで連続する空き領域のサイズを調べるために外殻ボリュームのクラスタービットマップをスキャンします。その領域に隠しボリュームが置かれるため、そのサイズが隠しボリュームの最大サイズとなります。クラスタービットマップをスキャンすることで、外殻ボリュームのデータが隠しボリュームを上書きしないことを保証します。 - 外殻ボリュームの内容 - \n\n次のステップで、まず外殻ボリュームのオプションを設定します(中に入れる隠しボリュームは後で作成されます)。 - \n\n次のステップで、外殻ボリュームと呼ばれるものを作成します。前のステップで説明したとおり、これはシステムパーティションのすぐ次のパーティションに作成されます。 - 外殻ボリューム - 次の手順で隠しOSを格納する隠しボリュームのパスワードとオプションを設定してください。\n\n注:外殻ボリュームのクラスタービットマップが、外殻ボリュームの終端から連続した空き領域のサイズを調べるために走査されます。この空き領域が隠しボリューム用になるため、その容量が隠しボリュームとして可能な最大サイズとなります。また隠しボリュームのサイズは、システムパーティションより大きくなるように決定されます(システムパーティションの内容全体を隠しボリュームにコピーする必要があるからです)。この確認によって、隠しボリュームのデータで外殻ボリューム上のデータが上書きされないようにしています。 - 重要:このステップで選択した暗号化アルゴリズムを忘れないでください。囮システムでも同じ暗号化アルゴリズムを選択する必要があります。そうしなかった場合、隠しOSにアクセスできなくなります!\n\n注:その理由は、囮システムと隠しシステムは一つのブートローダーを共用しているためです。これはユーザが選択した一つのアルゴリズムしかサポートしていません。いずれのアルゴリズムの場合でも、VeraCryptによる特製バージョンのブートローダーとなっています。 - \n\nボリュームのクラスタービットマップが走査され、隠しボリュームの最大上限サイズが計測されました。この次のステップで、隠しボリュームのオプションやサイズ、パスワードを設定します。 - 隠しボリューム - 隠しボリュームは、これから外殻ボリュームがアンマウントされるまでの間、破壊から保護されます。\n\n警告:もし隠しボリューム領域に何らかのデータが書き込まれそうになったときには、VeraCryptはボリューム全体(外殻領域も隠し領域も)を、アンマウントされるまで書き込み禁止にします。このことは外殻ボリュームのファイルシステムに不整合状態を引き起こし、(そのようなことが繰り返されるなら)隠しボリュームに対する見せかけの拒否にも悪影響を及ぼします。したがってあなたは隠しボリューム領域に書き込みが起こらないように全力で務めるべきです。隠しボリューム領域に書き込もうとしたあらゆるデータは一切保存されずに失われます。Windowsは書き込みエラー(遅延書き込みの失敗/不正なパラメータ)が発生したと報告してくるでしょう。 - 新たにマウントされたボリューム内の隠しボリュームはいずれもアンマウントされるまでの間、破壊から保護されます。\n\n警告:もし保護中の隠しボリューム領域に何らかのデータが書き込まれそうになったときには、VeraCryptはボリューム全体(外殻領域も隠し領域も)を、アンマウントされるまで書き込み禁止にします。このことは外殻ボリュームのファイルシステムに不整合状態を引き起こし、(そのようなことが繰り返されるなら)隠しボリュームに対する見せかけの拒否にも悪影響を及ぼします。したがってあなたは隠しボリューム領域に書き込みが起こらないように全力で務めるべきです。隠しボリューム領域に書き込もうとしたあらゆるデータは一切保存されずに失われます。Windowsは書き込みエラー(遅延書き込みの失敗/不正なパラメータ)が発生したと報告してくるでしょう。 - 警告:%c:ドライブにマウントされたボリュームにある隠しボリューム領域にデータが書き込まれようとしました!\n\nVeraCryptは隠しボリュームを保護するため、この書き込みを防止しました。このことで外殻ボリュームのファイルシステムが不整合状態となり、Windowsは書き込みエラー(遅延書き込みの失敗/不正なパラメータ)が発生したと報告してくるでしょう。外殻ボリュームも隠しボリュームも含めたボリューム全体について、アンマウントされるまで書き込みが禁止されます。もし今回のようなケースが初めてでないのならば、この隠しボリュームに対するみせかけの拒否に悪影響があることでしょう(この外殻ボリュームのファイルシステムが特異な不整合状態をしばしば引き起こすからです)。したがって、新しくVeraCryptボリュームを(クイックフォーマットせずに)作成し、このボリュームから新ボリュームにファイルを移すことを検討してください。その際このボリュームは外殻・隠しいずれの領域も完全抹消すべきです。すぐにオペレーティングシステムを再起動するよう、強く推奨します。 - 4GBを超えるサイズのファイルの保存には、保存先のボリュームがNTFSでフォーマットされている必要がありますが、そうではないため保存できませんでした。 - 隠しOSの起動中は隠しではないVeraCryptボリュームをNTFSでフォーマットすることはできません。その理由は、NTFSでのフォーマットをOSに許可するためには、一時的とはいえ、対象ボリュームを書き込みへの保護がない状態でマウントしなければならないからです。なおFATでのフォーマットの場合は、OSによらず、またマウントもせずに、VeraCrypt自らが行うのでこの限りではありません。技術的な詳細は下記をご覧ください。囮OSからなら、隠しではないNTFSボリュームを作成できます。 - 隠しOSの起動中は、セキュリティ上の理由で外殻ボリュームは常に読み取り専用としてマウントされるため、ダイレクトモードでしか隠しボリュームを作成できません。隠しボリュームを安全に作成するには、以下の手順で行ってください。\n\n1) まず囮用OSを起動する。\n\n2) 標準ボリュームを作成し、本当は他人に見られても構わないが一見秘密にしたいように見えるファイルをコピーする(このボリュームは後で外殻ボリュームになります)。\n\n3) 隠しOSで起動し、VeraCryptボリューム作成ウィザードを開始する。もしボリュームがファイル型であればシステムパーティションか他の隠しボリュームに移動する(そうしないと、新規作成された隠しボリュームが読み取り専用としてマウントされてフォーマットできません)。そしてウィザードの指定に沿って進め、隠しボリュームの作成でダイレクトモードを選択する。\n\n4) そのウィザードでステップ2で作成したボリュームを選択し、その中に隠しボリュームを作成する。 - セキュリティ上の理由により、隠しOSの起動中は、ローカルの暗号化されていないファイルシステムと、隠しではないVeraCryptボリュームは読み取り専用でマウントされます。つまりそれらに何らかのデータを書き込むことはできません。\n\nデータは隠しボリューム上のファイルシステムにのみ書き込むことができます(ただしその隠しボリュームが、非暗号化ファイルシステム上あるいは読込専用のファイルシステム上、のコンテナファイルではない場合に限定されます)。 - このような対抗策が実装されているのは、主に3つの理由によります。\n\n- 隠しボリュームをマウントするための安全なプラットフォームを築くことができます。隠しボリュームをマウントするのは隠しOSの動作中に限定するよう、私たちが公式に推奨していることを忘れないでください(より詳しい情報はユーザーズガイドの「隠しボリュームの安全に関する必要事項と予防策」の項をご覧ください)。\n\n- いくつかのケースでは、一定の時刻に特殊なファイルシステムがマウントされていない(あるいはそのファイルシステム上の特殊なファイルが保存あるいは書き込みされていない)ことがわかってしまう可能性があります。これは例えば、ファイルシステムのジャーナル、ファイルのタイムスタンプ、アプリケーションのログやエラーログなどが、解析あるいは比較されたりしたときなどです。このことは隠しOSがそのコンピュータにインストールされていることを示唆することになりますが、この対抗策によってこのような問題は解決されます。\n\n- データの破損を防ぎ、安全な休止状態を提供できます。Windowsは休止状態から復帰した時、マウントされた全てのファイルシステムが、システムが休止状態に入った時と同じ状態を保持していることを仮定しています。VeraCryptはこのことを、囮および隠しシステムの双方からアクセスできるいかなるファイルシステムについても書き込みを禁止することによって保証しています。この保護機構がないと、一方のシステムが休止状態のときにもう一方のシステムからマウントされた場合に、ファイルシステムが破損してしまう可能性があります。 - 注:囮用のシステムから隠しシステムへ安全にファイルを転送したい場合は、以下の手順で行ってください。 1) 囮用OSで起動する。 2) 暗号化されていないボリューム、あるいは標準か外殻のVeraCryptボリュームにファイルを保存する。 3) 隠しOSで起動する。 4) もしそのファイルをVeraCryptボリュームに保存したのならそれをマウントする(自動的に読み取り専用になります)。 5) そのファイルを隠しシステムパーティションあるいはその他の隠しボリュームに保存する。 - このマシンは再起動する必要があります。\n\nすぐに再起動しますか? - システムの暗号ステータスの取得中にエラーが見つかりました。 - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - システムを暗号化するアプリケーションコンポーネントを初期化できませんでした。 - 乱数生成機構の初期化に失敗しました! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - アプリケーションを初期化できません。ダイアログクラスの登録に失敗しました。 - エラー:リッチエディットシステムライブラリの読込に失敗しました。 - VeraCryptボリューム作成ウィザード - このボリュームに格納できる隠しボリュームの最大サイズは %.2f バイトです。 - このボリュームに格納できる隠しボリュームの最大サイズは %.2f KB です。 - このボリュームに格納できる隠しボリュームの最大サイズは %.2f MB です。 - このボリュームに格納できる隠しボリュームの最大サイズは %.2f GB です。 - このボリュームに格納できる隠しボリュームの最大サイズは %.2f TB です。 - ボリュームのマウント中には、そのパスワードやキーファイルを変更できません。 まず先にそのボリュームをアンマウントしてください。 - ボリュームのマウント中には、そのヘッダキー導出アルゴリズムを変更できません。 まず先にそのボリュームをアンマウントしてください。 - マウント(&M) - このボリュームをマウントするには、新しいバージョンのVeraCryptが必要です。 - エラー:ボリューム作成ウィザードが見つかりません。\n\n'VeraCrypt.exe' が起動されたフォルダに 'VeraCrypt Format.exe' があるか確認してください。 もし存在しなければ、VeraCryptを再インストールするか、ディスク上の 'VeraCrypt Fromat.exe' を探し出して実行してください。 - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - 次へ(&N)> - 終了(&F) - インストール(&I) - 展開(&x) - VeraCryptデバイスドライバに接続できません。デバイスドライバが実行されていないとVeraCryptは実行できません。\n\nWindows自体の問題によって、デバイスドライバを読み込むためにはログオフあるいは再起動が必要かもしれません。 - フォントの読み込み・準備中にエラーが発生しました。 - ドライブレターが見つからないか、ドライブレターが指定されていません。 - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - ドライブレターが利用できません。 - ファイルが選択されていません! - 有効な空きドライブレターがありません。 - 外殻ボリューム用の空きドライブレターがありません! ボリュームの作成が続けられません。 - 使用中のオペレーティングシステムのバージョンがわかりません。もしくはサポートされていないオペレーティングシステムを使用しています。 - フォルダが選択されていません! - 隠しボリュームを格納できるだけの空き容量がありません! ボリュームの作成が続けられません。 - エラー:外殻ボリュームにコピーしようとしたファイルのサイズが大きすぎます。隠しボリュームの外殻ボリュームに十分な空き容量がありません。\n\n隠しボリュームはシステムパーティション(現在動作中のOSがインストールされているところです)より大きなサイズでなければなりません。隠しOSはシステムパーティションのファイルを隠しボリュームにコピーして作られる必要があるためです。\n\n\n隠しOSを作成する処理が続けられません。 - ドライバがそのボリュームをアンマウントできません。おそらくそのボリューム上のいくつかのファイルが開かれたままです。 - ボリュームのロックができません。ボリューム上のいくつかのファイルが開かれたままです。そのためにアンマウントできません。 - システムかアプリケーションがボリュームを使用中のため、ボリュームのロックに失敗しました(おそらくボリューム上のファイルが開かれています)。\n\nこのボリュームを強制的にアンマウントしますか? - VeraCryptボリュームの選択 - フォルダやファイル名の指定 - PKCS #11 ライブラリを選択 - メモリ不足 - 重要:慣れていない方は、デバイスあるいはパーティション全体を暗号化しようとするのではなく、選択されたパーティションあるいはデバイス上にVeraCryptコンテナファイルを作成することを強く推奨します。\n\nデバイスあるいはパーティション全体を暗号化する方法に対し、コンテナファイルを作成する方法は、たとえば大量のファイルを破壊してしまうような危険性がありません。VeraCryptコンテナファイルは、これは仮想的な暗号化ディスクでありながら、それ自体は普通のファイルと変わりありません。より詳しい情報は「ユーザーズガイド」の「初心者のためのチュートリアル」をご覧ください。\n\n本当にデバイスあるいはパーティション全体を暗号化しますか? - 警告:そのファイル '%s' はすでに存在しています!\n\n重要:VeraCryptはそのファイル自体を暗号化するのではなく、消去して上書きします。 本当にそのファイルを消去して新しいVeraCryptコンテナで置き換えますか? - 注意:選択された %s '%s'%s に存在しているすべてのファイルは消去され失われます(暗号化されるのではありません)!\n\n本当にフォーマットを続けてよいですか? - 警告:暗号化が完全に終了するまで、このボリューム上のファイルにはアクセスできなくなります。\n\n選択された %s '%s'%s の暗号化を開始して良いですか? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - 警告:既存データをその場で暗号化している最中に、電源が突然落ちたり、ソフトウェアエラーやハードウェア障害等によってOSがクラッシュした場合、データの一部が壊れたり失われたりする可能性があります。そのため、暗号化を開始する前に、必ず暗号化したいファイルのバックアップがあるかを確認してください。\n\nそのようなバックアップがありますか? - 注意:このパーティション '%s'%s (つまりシステムパーティションのすぐ次のパーティション)上に存在するすべてのファイルが削除され、失われます(暗号化されるわけではありません)!。\n\nこのままフォーマットを進めて良いですか? - 警告:選択されたパーティションには大量のデータがあります! そのパーティションにあるすべてのデータが削除され、失われます。それらのファイルは暗号化されません! - このパーティションにVeraCryptボリュームを作成して、既存データすべてを削除する - パスワード - PIM - ヘッダキー導出アルゴリズムの設定 - ボリュームへのキーファイルの追加/削除 - ボリュームから全てのキーファイルを削除 - パスワードまたはキーファイルの変更に成功しました。\n\n重要:ユーザーズガイドの「安全のための必要事項と予防策」の章にある「パスワードとキーファイルの変更」節をよくお読みください。 - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - 重要:VeraCryptレスキューディスクを壊していなければ、システムパーティション/ドライブはまだ古いパスワードで復号可能です(レスキューディスクで起動して古いパスワードを入力します)。新しいVeraCryptレスキューディスクを作成し、古い方は壊してしまうべきです。\n\n新しいVeraCryptレスキューディスクを作成しますか? - 今お持ちのVeraCryptレスキューディスクは従来の暗号化アルゴリズムが使用されています。もし従来の暗号化アルゴリズムが安全でないとお考えなら、新しいVeraCryptレスキューディスクを作成し、古い方は壊してしまうべきです。\n\n新しいVeraCryptレスキューディスクを作成しますか? - あらゆる種類のファイル(例:.mp3, .jpg, .zip, .avi)をVeraCryptのキーファイルとして使用できます。VeraCryptはキーファイルの内容を変更しません。キーファイルを複数選択することもできます(選択順序は無関係です)。フォルダを追加した場合は、その中にあって隠されていないファイルすべてがキーファイルとして使用されます。セキュリティトークンやスマートカードに保存されているキーファイルを選択する(あるいはキーファイルをセキュリティトークンやスマートカードにインポートする)には「トークンファイルの追加」をクリックしてください。 - キーファイルの追加あるいは除去に成功しました - キーファイルをエクスポートしました。 - ヘッダキー導出アルゴリズムの設定に成功しました - 非システムボリュームのその場での暗号化処理に復帰するため、パスワードを入力(またはキーファイルを指定)してください。\n\n\n注:「次へ」をクリックすると、VeraCryptは暗号化処理が中断されていて、与えられたパスワードあるいはキーファイルで復号できるすべての非システムボリュームを検索します。もし複数のボリュームが見つかった場合は、次のステップでその内の一つを選択する必要があります。 - ボリュームリストから一つ選択してください。このリストには、暗号化処理が中断されていて、与えられたパスワードあるいはキーファイルで復号できるすべての非システムボリュームが含まれています。 - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - 質の良いパスワードにすることが非常に重要です。辞書に載っているような単語一つだけにしたり、あるいはそれを三つ四つ組み合わせた程度のものは避けるべきです。また何らかの名前や誕生日なども含ませるべきではありません。それは簡単に推測されてしまいます。 良いパスワードとは、大文字や小文字、数字や記号( @ ^ = $ * + など)をランダムに組み合わせたものです。またパスワードの長さは20文字以上を推奨します(長い方がより良いです)。設定可能な最大長は64文字です。 - 隠しボリューム用のパスワードを入力してください - 隠しOS用のパスワードを入力してください(つまり隠しボリューム用です)。 - 重要:このステップで設定される隠しOS用のパスワードは、他の二つのパスワード(つまり外殻ボリュームおよび囮OS用のもの)とは大幅に変えておく必要があります。 - 隠しボリュームを作って入れたいボリュームのパスワードを入力してください。\n\n「次へ」をクリックすると、VeraCryptはそのボリュームのマウントを試みます。ボリュームがマウントされるとすぐにクラスタービットマップが走査され、ボリューム終端からどれだけ連続した空き領域があるのかが測定されます。その領域は隠しボリュームの格納場所であり、これによって隠しボリュームの上限サイズが決まります。クラスターマップの走査は、隠しボリュームによって外殻ボリュームのデータが上書きされてしまわないために必要です。 - \n外殻ボリューム用のパスワードを入力してください。これはあなたが誰かにパスワードを明かすよう強要されたときなどのためのものです。\n\n重要:このパスワードは隠しボリューム用のものとは大幅に変えておく必要があります。\n\n注:パスワードの最大文字数は64文字です。 - 外殻ボリューム用のパスワードを入力してください。これはあなたが誰かにシステムパーティションのすぐ次にある、外殻ボリュームと隠しボリューム(この中に隠しOSが含まれます)の入ったパーティションのパスワードを明かすよう強要されたときなどのためのものです。隠しボリューム(そして隠しOSも)の存在は秘匿されたままです。これは囮用OSのためのものではないことに注意してください。重要:このパスワードは隠しボリューム用(つまり隠しOS用)のものとは大幅に変えておく必要があります。 - 外殻ボリュームのパスワード - 隠しボリュームのパスワード - 隠しOS用のパスワード - 警告:短いパスワードは、総当たり攻撃によって容易に破られてしまいます! パスワードは20文字以上にすることを推奨します。\n\n本当にこの短いパスワードを使いますか? - ボリュームのパスワード - パスワードが正しくないか、VeraCryptのボリュームではありません。 - キーファイルもしくはパスワードが正しくないか、VeraCryptのボリュームではありません。 - マウントモードが違うか、パスワードが正しくないか、あるいはVeraCryptのボリュームではありません。 - マウントモードが違うか、キーファイルもしくはパスワードが正しくないか、あるいはVeraCryptのボリュームではありません。 - パスワードが正しくないか、VeraCryptボリュームが見つかりません。 - キーファイルあるいはパスワードが正しくないか、VeraCryptのボリュームが見つかりません。 - \n\n警告:Caps Lock がオンになっています。 そのためにパスワードの入力を誤るかもしれません。 - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\n警告:指定フォルダのキーファイル探索中に隠しファイルが見つかりました。このような隠しファイルはキーファイルとして使用されません。キーファイルとして使用したい場合は隠し属性を解除してください(該当ファイルを右クリックしてプロパティを開き、隠しファイルのチェックを外して「OK」をクリックします)。注:隠しファイルはフォルダオプションですべてのファイルを表示する設定になっていないと表示されません。 - もし隠しシステムを持つ隠しボリュームを保護しようとしているのであれば、隠しボリューム用のパスワードを入力する際には、標準USキーボードレイアウトであることを確認してください。Windows起動前の環境では、パスワードを入力する場合に非USキーボードレイアウトが無効であるためです。 - VeraCryptは、暗号化処理が中断されていて、与えられたパスワードあるいはキーファイルで復号できる非システムボリュームを見つけられませんでした。\n\nパスワードあるいはキーファイルが正しいか、またそのパーティション/ボリュームがシステムやアプリケーション(アンチウィルスソフトを含みます)で使用されていないか、確認してください。 - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\n注:メニューから[システム]-[起動前認証をせずにマウント]を選ぶことで、起動前の認証をせずに暗号化したシステムドライブ上のパーティションをマウントすること、あるいは起動していないオペレーションシステムを暗号化したパーティションをマウントすることが可能です。 - 現在のモードでは、アクティブなシステムの暗号化対象となっている部分を含むドライブ上のパーティションをマウントすることができません。\n\nこのモードでそのパーティションをマウントする前に、他のドライブ(暗号化されてる否かは問いません)にインストールされているシステムから起動するか、暗号化されていないOSを起動する必要があります。 - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < 戻る(&B) - このシステムのデバイスを列挙できません! - ボリューム '%s' は読み取り専用としてすでに存在しています。本当に置き換えますか? - フォルダの選択 - キーファイルの選択 - キーファイルを探すフォルダを選択してください。 警告:記憶されるのはフォルダであり、ファイル名ではありません! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Ross Anderson、Eli Biham、Lars Knudsenによって開発され1998年に公開されました。256ビットキー、128ビットブロックを使用します。動作モードはXTSです。SerpentはAES制定時の最終候補の一つでした。 - 作成するコンテナのサイズを指定してください。\n\nもしダイナミック(スパースファイル)コンテナを作成するのであれば、このパラメータは上限サイズの指定になります。\n\n下限サイズはFATボリュームの場合で292KB、NTFSボリュームの場合で3792KB となります。 - 新しい外殻ボリュームのサイズを指定してください(中に入れる隠しボリュームは後で作成します)。中に隠しボリュームを作成できる下限サイズは340KBです。 - 作成する隠しボリュームのサイズを指定してください。下限サイズはFATボリュームの場合は40KB、NTFSボリュームの場合は3664KB となります。上限サイズについてはこの上に表示されています。 - 外殻ボリュームのサイズ - 隠しボリュームのサイズ - 上に表示されている選択されたデバイス/パーティションのサイズが正しいかどうかを確認し、「次へ」をクリックしてください。 - 外殻ボリュームおよび隠しボリューム(隠しOSを含んでいます)は上記のパーティションに格納されます。これはシステムパーティションのすぐ次のパーティションである必要があります。\n\n上に表示されているパーティションのサイズおよび番号が正しいかどうか確認し、間違いがなければ「次へ」をクリックしてください。 - \n\n隠しボリュームを中に入れるためには、外殻となるボリュームのサイズが最低でも340KBは必要なことに注意してください。 - ボリュームのサイズ - ダイナミック - 注意:セルフテストに失敗しました! - 全アルゴリズムのセルフテストに成功しました。 - 与えられたデータユニット番号が長すぎるか、あるいは短すぎます。 - 与えられたセカンダリキーが長すぎるか、あるいは短すぎます。 - 入力されたテスト用暗号文は長すぎるか、あるいは短すぎます。 - 入力されたテスト用キーは長すぎるか、あるいは短すぎます。 - 入力されたテスト用平文は長すぎるか、あるいは短すぎます。 - 暗号化がXTSモードの二段のカスケードで実行されます。いずれのブロックも最初に %s(%d-bit key)で、次に %s(%d-bit key)で暗号化されます。いずれの暗号化でもそれ自身の鍵が使われ、全ての鍵が互いに独立しています。 - 暗号化がXTSモードの三段のカスケードで実行されます。いずれのブロックも最初に %s(%d-bit key)で、次に %s(%d-bit key)で、そして最後に %s(%d-bit key)で暗号化されます。いずれの暗号化でもそれ自身の鍵が使われ、全ての鍵が互いに独立しています。 - OSの設定によっては、これらのオートランあるいはオートマウントの機能が、書き込みのできないCDやDVDのようなメディア上にトラベラーディスクのファイルがあるときにしか働かないことに注意してください。これはVeraCryptのバグではなく、Windowsの制限です。 - VeraCryptトラベラーディスクは無事が作成されました。\n\nVeraCryptをポータブルモードで動作させるためには管理者権限が必要であることに注意してください。 また、たとえポータブルモードで動作させたとしても、 レジストリファイルを調べられると、そのWindowsでVeraCryptが動作したことがあると判ってしまうでしょう。 - VeraCryptトラベラーディスク - Bruce Schneier、John Kelsey、Doug Whiting、David Wagner、Chris Hall、そしてNiels Fergusonによって開発され、1998年に公開されました。256ビットキー、128ビットブロックを使用します。動作モードはXTSです。Twofishは、AES制定時の最終候補の一つでした。 - %sについての詳細 - 未知 - 詳細不明あるいは未知のエラーが発生しました。(%d) - いくつかのボリュームに、アプリケーションかシステムが使用中のファイルあるいはフォルダがあります。\n\n強制的にアンマウントしますか? - アンマウント(&D) - アンマウントに失敗しました! - ボリュームに、アプリケーションかシステムが使用中のファイルあるいはフォルダがあります。\n\n強制的にアンマウントしますか? - 指定されたドライブレターにはボリュームがマウントされませんでした。 - マウントしようとしたボリュームはすでにマウントされています。 - ボリュームのマウント中にエラーが発生しました。 - ボリューム内のシーク中にエラーが発生しました。 - エラー:ボリュームのサイズが正しくありません。 - 警告:クイックフォーマットを使うのは、次のケースに限られるべきです。\n\n1) このデバイスに秘匿したいデータが記録されておらず、かつ「見せかけの拒否」が不要な場合\n2) このデバイスに安全な暗号化がすでに全体的に施されている場合\n\n本当にクイックフォーマットを使用しますか? - ダイナミックコンテナとは、あらかじめNTFSに割り当てられた、新しいデータが追加されるにしたがって物理サイズ(ディスク上の実サイズ)が増加するスパースファイルのことです。\n\n警告:スパースファイルをホストにしたボリュームは、通常のボリュームに比べて効率が大変劣ります。またスパースファイルをホストにしたボリュームはセキュリティ面でも劣ります。なぜならボリュームのどの部分が未使用かがわかってしまい、さらに「見せかけの拒否」(隠しボリュームの外殻となること)が実質的に使い物になりません。また、もしディスクの空き容量が足りないときにスパースファイルコンテナにデータが書き込まれると、暗号化ファイルシステムが破損してしまうであろうことにも注意してください。\n\n本当にスパースファイルをホストにしたボリュームを作成しますか? - WindowsやVeraCryptが報告するダイナミックコンテナのサイズは、常に最大時のサイズであることに注意してください。現在の物理サイズ(ディスク上の実サイズ)を知るには、コンテナファイルを右クリック(VeraCrypt上ではなくWindows上で)し、プロパティを選んで「ディスク上のサイズ」の値を見てください。\n\n注:ダイナミックコンテナを他のボリュームあるいはドライブに移動すると、その物理サイズは最大時サイズまで拡張されてしまいます(移動先に新たにダイナミックコンテナを作成してからマウントし、古いコンテナから新しいコンテナへ各ファイルを移動すれば回避可能です)。 - パスワードキャッシュが抹消されました。 - VeraCryptドライバが記憶したパスワード(あるいはキーファイルの内容)は抹消されました。 - VeraCryptは未知の種類のボリュームのパスワードは変更できません。 - リストから空きドライブレターを選択してください。 - ドライブ一覧からマウント済みのボリュームを選択してください。 - 現在、2つの異なるボリュームが指定されています(一方はドライブリストに、もう一方はリストの下の入力欄に)。\n\n本当に指定したいボリュームを選択してください: - エラー:'autorun.inf' を作成できません。 - キーファイルの処理中にエラーが発生しました! - キーファイルのあるフォルダの処理中にエラーが発生しました! - キーファイルの場所として指定されたところにファイルが見つかりません。\n\n指定された場所の中にフォルダ(およびその中のファイル)があっても無視されますので、注意してください。 - VeraCryptはこのオペレーティングシステムには対応していません。 - エラー:VeraCryptは安定したバージョンのオペレーティングシステムにしか対応していません(ベータ/RC版には未対応です)。 - エラー:メモリを確保できません。 - エラー:パフォーマンスカウンタから値を取得できません。 - エラー:ボリュームのフォーマットが異常です。 - エラー:標準ボリュームではなく、隠しボリューム用のパスワードが与えられました。 - セキュリティ上の理由により、その場で暗号化されたファイルシステムを持つVeraCryptボリュームには、隠しボリュームを作成できません(そのボリュームの空き領域がランダムなデータで埋められていないため)。 - VeraCrypt - 法的告知事項 - 全てのファイル - VeraCryptボリューム - ライブラリモジュール - NTFS でのフォーマットを続けられません。 - ボリュームをマウントできません。 - ボリュームをアンマウントできません。 - WindowsはボリュームをNFTSでフォーマットすることに失敗しました。\n\n可能なら別のファイルシステムを選択してから再度試してください。あるいは、ボリュームをフォーマットせず(ファイルシステムなしを指定する)にウィザードを終了し、そのボリュームをマウントしてから、システムあるいはサードパーティのフォーマットツールを使ってみることもできます。ボリュームの暗号化状態は維持されます。 - WindowsはボリュームをNTFSでフォーマットすることに失敗しました。\n\n代わりにFATでフォーマットしますか? - デフォルト - パーティション - パーティション - デバイス - デバイス - デバイス - ボリューム - ボリューム - ボリューム - ラベル - 選択されたクラスタサイズはそのサイズのボリュームには小さすぎます。 代わりに、より大きなサイズを選択してください。 - エラー:ボリュームのサイズを取得できません!\n\nそのボリュームがシステムあるいはアプリケーションで使用中でないか確認してください。 - 隠しボリュームはダイナミック(スパースファイル)コンテナに作るべきではありません。「みせかけの拒否」を達成するためには、隠しボリュームは非ダイナミックコンテナ内に作成する必要があります。 - VeraCryptボリューム作成ウィザードが隠しボリュームを作成できるのはFATあるいはNTFSボリュームの中だけです。 - Windows2000では、VeraCryptボリューム作成ウィザードが隠しボリュームを作成できるのはFATボリュームの中だけです。 - 注:外殻ボリュームにはNTFSよりFATの方がより適しています。たとえば外殻ボリュームがFATでフォーマットされていると、隠しボリュームの最大サイズをより大きく取ることが可能となるでしょう。 - 外殻ボリュームにはNTFSよりFATの方がより適しています。たとえば外殻ボリュームがFATでフォーマットされていると、隠しボリュームの最大サイズをより大きく取ることが可能となるでしょう。これはNTFSが常にボリュームの中程に内部で使用するデータを保存することにより、隠しボリューム領域を外殻ボリュームの後半部分にしか確保できないためです。\n\n本当に外殻ボリュームをNTFSでフォーマットしますか? - 代わりにボリュームをFATでフォーマットしますか? - 注:このボリュームはFAT32でサポートされている最大ボリュームサイズを超えているため、FATでのフォーマットはできません。FAT32で適用可能なセクタサイズは2TBのとき512バイト、16TBでは4096バイトとなります。 - エラー:隠しOS用のパーティション(つまりシステムパーティションのすぐ次のパーティション)は、システムパーティション(現在動作中のOSがインストールされているもの)より少なくとも5%以上大きい必要があります。 - エラー:隠しOS用のパーティション(つまりシステムパーティションのすぐ次のパーティション)は、システムパーティション(現在動作中のOSがインストールされているもの)より少なくとも110%以上大きい(つまり2.1倍のサイズ)必要があります。これはNTFSは常にボリュームの中程に内部で使用するデータを保存するため、隠しボリューム(システムパーティションのクローンを保持する必要があります)は隠しOS用パーティションの後半部分にしか格納できないからです。 - エラー:隠しボリュームがNTFSでフォーマットされている場合、それはシステムパーティションより少なくとも110%以上大きい(つまり2.1倍のサイズ)必要があります。これはNTFSは常にボリュームの中程に内部で使用するデータを保存するため、隠しボリューム(システムパーティションのクローンを保持する必要があります)は外殻ボリュームの後半部分にしか格納できないからです。\n\n注:外殻ボリュームは隠しOSと同じパーティション(つまりシステムパーティションのすぐ次のパーティション)に属している必要があります。 - エラー:システムパーティションのすぐ次のパーティションがありません。\n\n隠しOSを作る前に、まずシステムドライブにそれ用のパーティションを作る必要があります。それはシステムパーティションのすぐ次のパーティションである必要があり、少なくともシステムパーティション(現在動作中のOSがインストールされているもの)より5%以上大きくなければなりません。ただしもし外殻ボリューム(システムパーティションと混同しないでください)がNTFSでフォーマットされている場合、隠しOS用のパーティションは少なくともシステムパーティションの110%(つまり2.1倍)以上大きい必要があります。これはNTFSは常にボリュームの中程に内部で使用するデータを保存するため、隠しボリューム(システムパーティションのクローンを保持する必要があります)は外殻ボリュームの後半部分にしか格納できないからです。 - 注:一つのパーティションに二つのVeraCryptボリュームを配置して双方にOSをインストールすることは非実用的であるため、対応していません。なぜなら、外殻ボリューム上のOSを使うことでしばしば隠しOSの領域に書き込みが行われるためです。あるいはそのときもし隠しボリュームへの書き込みを禁止していた場合は、システムクラッシュ、すなわちブルースクリーンエラーが発生してしまいます。 - パーティションの作成と管理の方法については、OS付属のマニュアルを参照するか、メーカーの技術サポートにご相談ください。 - エラー:現在動作中のOSはブートパーティション(最初のアクティブパーティション)にインストールされていません。この状態には対応していません。 - このVeraCryptボリュームに4GB超のファイルを保存する意向のようですが、ファイルシステムにはFATが指定されているため、4GB超のファイルを保存することはできません。\n\n本当に外殻ボリュームをFATでフォーマットしますか? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - エラー:ボリュームにアクセスできません!\n\n選択されたボリュームが実在するか、未マウントでないか、システムやアプリケーションですでに使用されていないか、そのボリュームへの読み書き権限があるか、書き込みプロテクトされていないか、などを確認してください。 - Error: Cannot obtain volume properties. - エラー:このボリュームにアクセスできないかボリュームの情報を取得できません。\n\n選択されたボリュームが存在しているか、そのボリュームがシステムやアプリケーションで使用されていないか、ボリュームへの読み書き権限があるか、ボリュームが書き込み禁止になっていないか、などを確認してください。 - エラー:このボリュームにアクセスできないかボリュームの情報を取得できません。\n\n選択されたボリュームが存在しているか、そのボリュームがシステムやアプリケーションで使用されていないか、ボリュームへの読み書き権限があるか、ボリュームが書き込み禁止になっていないか、などを確認してください。\n\n問題が解決しない場合は、以下の手順を試してみてください。 - エラーによりパーティションの暗号化が中断されました。ここまでに報告された問題を解決してから再度やり直してください。問題が解決しない場合は、以下の手順を試してみてください。 - エラーによりパーティションの暗号化処理への復帰が中断されました。\n\nここまでに報告された問題を解決してから再度やり直してみてください。なお、暗号化処理が完了するまではこのボリュームをマウントすることはできません。 - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - エラー:外殻ボリュームをアンマウントできません!\n\nボリューム内にプログラムやシステムで使用中のファイルあるいはフォルダがあると、ボリュームのアンマウントができません。\n\nファイルやフォルダを使用していると思われるプログラムを終了させてから「再試行」をクリックしてください。 - エラー:外殻ボリュームの情報を取得できませんでした! ボリュームの作成を続行できません。 - エラー:外殻ボリュームにアクセスできません! ボリュームの作成を続行できません。 - エラー:外殻ボリュームをマウントできません! ボリュームの作成を続行できません。 - エラー:ボリュームのクラスタビットマップを取得できません! ボリュームの作成を続行できません。 - 分類別(アルファベット順) - 平均速度(降順) - アルゴリズム - 暗号化 - 復号 - 平均 - ドライブ - サイズ - 暗号化アルゴリズム - 暗号化アルゴリズム - タイプ - - プロパティ - 場所 - バイト - 隠し - 外殻 - 通常 - システム - 隠しシステム - 読み取り専用 - システムドライブ - システムドライブ (暗号化 - %.2f%% 終了) - システムドライブ (復号 - %.2f%% 終了) - システムドライブ (%.2f%% 暗号化済み) - システムパーティション - 隠しシステムパーティション - システムパーティション (暗号化 - %.2f%% 終了) - システムパーティション (復号 - %.2f%% 終了) - システムパーティション (%.2f%% 暗号化済み) - はい(破損防止中!) - なし - マスターキーサイズ - セカンダリキーサイズ(XTSモード) - Tweakキーサイズ(LRWモード) - ビット - ブロックサイズ - PKCS#5 疑似乱数関数 - PKCS#5 反復回数 - ボリューム作成日時 - ヘッダ最終更新日時 - (%I64d 日前) - ボリュームフォーマットバージョン - 埋込バックアップヘッダ - VeraCryptブートローダーバージョン - 最初の空き - リムーバブルディスク - ハードディスク - 未変更 - 自動検出 - ウィザードモード - モードを選択してください。よくわからなければデフォルトのモードを使用してください。 - VeraCryptをこのシステムにインストールしたいときは、このオプションを選択してください。 - 注:システムパーティション/ドライブが暗号化されていたり、隠しOSを利用していたとしても、復号せずにアップグレードできます。 - このオプションを選択すると、パッケージ内のファイルがすべて展開されますが、システムへのインストールはされません。もしシステムパーティションあるいはシステムドライブを暗号化するのであれば、これは選択しないでください。このオプションは、たとえばVeraCryptをポータブルモードで使用する場合に有用です。VeraCryptを実行するとき、OSへのインストールは必須ではありません。すべてのファイルが展開された後、展開された'VeraCrypt.exe'を直接実行できます(ポータブルモードで動作します)。 - セットアップオプション - ここでインストールに関する数々のオプションを指定できます。 - インストール中 - VeraCryptがインストールされるまでしばらくお待ちください。 - VeraCryptのインストールに成功しました - VeraCryptのアップグレードに成功しました - どうぞ寄付をご検討ください。いつでも終了をクリックしてインストーラーを終了できます。 - 展開オプション - ここで展開に関する種々のオプションを指定できます。 - ファイルが展開されるまでしばらくお待ちください。 - ファイルの展開に成功しました - 指定された場所へのすべてのファイルの展開に成功しました。 - 指定されたフォルダが存在しない場合は自動的に作成されます。 - 既存のVeraCryptのインストール先にあるプログラムファイルがアップグレードされます。違う場所を指定したい場合は、まず先にVeraCryptをアンインストールしてください。 - VeraCryptの現在(最新安定版)のリリースノートを表示しますか? - VeraCryptを使うのが初めてならば、ユーザーズガイドの「初心者のためのチュートリアル」に目を通されるようお勧めします。ユーザーズガイドを読みますか? - 実行内容を以下から選択してください: - リペア/再インストール - アップグレード - アンインストール - VeraCryptのインストール/アンインストールを完了させるには、管理者権限が必要です。続けますか? - 現在VeraCryptインストーラが起動しており、インストールあるいはアップデートの実行中です。インストーラの処理が終わるのを待つか、閉じるかしてください。閉じることができない場合は再起動してください。 - インストールに失敗しました。 - アンインストールに失敗しました。 - この配布パッケージは破損しています。(なるべくVeraCryptの公式サイト https://veracrypt.codeplex.com から)もう一度ダウンロードしてみてください。 - ファイル %s を書き込めません。 - 展開 - パッケージからデータを読み込めません。 - この配布パッケージの完全性を検証できません。 - 展開に失敗しました。 - インストール内容はロールバックされました。 - VeraCryptのインストールに成功しました - VeraCryptの更新に成功しました。 - VeraCryptのアップグレードに成功しました。ただし使用を開始するためにはコンピュータを再起動する必要があります。\n\nすぐに再起動しますか? - VeraCryptのアップグレードに失敗しました!\n\n重要:システムをシャットダウンあるいは再起動する前に、システムの復元(スタート→すべてのプログラム→アクセサリ→システムツール→システムの復元)で「VeraCrypt installation」と名付けられた復元ポイントまでシステムをリストアすることを強くお勧めします。もし「システムの復元」が使えない場合は、代わりにVeraCryptの元の(あるいは新しい)バージョンの再インストールを、システムをシャットダウンあるいは再起動する前に行ってみてください。 - VeraCryptのアンインストールに成功しました。\n\n「終了」をクリックするとVeraCryptのインストーラーおよび %s フォルダが削除されます。ただしこのフォルダの中に「VeraCryptが作成したファイル」あるいは「VeraCryptインストーラーが入れたものではないファイル」があった場合は削除されません。 - VeraCryptのレジストリエントリを削除しています - レジストリにエントリを追加しています - アプリケーションに固有のデータを削除しています - インストール中 - 停止中 - 削除中 - アイコンを追加しています - システム復元ポイントを作成しています - システム復元ポイントの作成に失敗しました! - ブートローダーを更新しました - '%s'. %s へのインストールに失敗しました。 インストール作業を続けますか? - '%s'. %s からのアンインストールに失敗しました。 アンインストール作業を続けますか? - インストールが完了しました。 - フォルダ '%s' を作成できませんでした - VeraCryptのデバイスドライバをメモリ上から解放できませんでした。\n\nまず先にVeraCryptのウィンドウをすべて閉じてください。うまくいかないようでしたら、Windowsを再起動してからもう一度試してみてください。 - インストールあるいはアンインストールを続ける前に、VeraCryptのすべてのボリュームをアンマウントしなくてはなりません。 - VeraCryptの古いバージョンがこのシステムにインストールされています。VeraCryptの新しいバージョンをインストールする前に古いバージョンをアンインストールする必要があります。\n\nこのメッセージウィンドウを閉じると、古いバージョンのアンインストーラーがすぐに起動します。なおVeraCryptのアンインストール中に暗号化ボリュームが復号されることはありません。古いVeraCryptをアンインストールしてから、再びこの新しいバージョンのVeraCryptインストーラーを実行してください。 - レジストリエントリのインストールに失敗しました - デバイスドライバのインストールに失敗しました。Windowsを再起動してから、再度VeraCryptをインストールしてみてください。 - VeraCryptデバイスドライバを開始しています - デバイスドライバのアンインストールに失敗しました。これはWindowsの問題です。デバイスドライバをアンインストール(あるいは再インストール)する前に、ログオフあるいはシステムの再起動が必要でしょう。 - VeraCryptデバイスドライバをインストール中です - VeraCryptデバイスドライバを停止中です - VeraCryptデバイスドライバをアンインストール中です - ユーザアカウントコントロールサポートライブラリの登録に失敗しました。 - ユーザアカウントコントロールサポートライブラリの登録解除に失敗しました。 - ポータブルモードについて:\n\nOSはドライバーがその動作を開始するより前にそれがOSに登録済みであることを要求します。したがってVeraCryptのドライバーは完全なポータブルではなく、またそれは不可能です。ただしVeraCryptのアプリケーション自体は完全にポータブルです。たとえば事前にOSにインストールしておく必要がありません。なおVeraCryptは透過的に即時暗号化および復号を行うためにドライバーが必要であることもお知りおきください。 - VeraCryptを(インストールされたものではなく)ポータブルモードで実行させたい場合、VeraCryptを実行しようとするたびにシステムが実行権限について尋ねてくるでしょう(ユーザーアカウント制御)。\n\nこれはVeraCryptがポータブルモードで動作するときに、デバイスドライバの読み込みと開始を要求するからです。VeraCryptが即時の暗号化/復号処理を行うためにはデバイスドライバが必要ですが、Windowsでは管理者権限を持つユーザー以外はデバイスドライバを開始できません。そのため、システムはVeraCryptの起動に管理者権限を要求します。\n\nもしVeraCryptを(ポータブルモードではなく)システムにインストールした場合は、VeraCryptを実行するたびに権限を確認されることはありません。\n\n本当にファイルを展開しますか? - 警告:このボリューム作成ウィザードは管理者権限で動作しています。\n\nそのため、新規作成されたボリュームがマウントされたときに、権限が足りずに書き込めないおそれがあります。それを防ぐためには、このボリューム作成ウィザードをいったん終了し、管理者権限のない状態でボリューム作成ウィザードを起動してください。\n\nこのボリューム作成ウィザードを終了しますか? - エラー:ライセンスを表示できません。 - 外殻(!) - - 時間 - - - 開く - アンマウント - メインウィンドウを表示 - メインウィンドウを隠す - マウント後の読み込みデータ量 - マウント後の書き込みデータ量 - 暗号化された部分 - 100% (すべて暗号化) - 0% (未暗号化) - %.3f%% - 100% - 待機中 - 準備中 - リサイズ中 - 暗号化中 - 復号中 - 終了処理中 - 一時中断 - 完了 - エラー - デバイスが取り外されました - システムお気に入りボリュームが登録されました。\n\nシステムお気に入りボリュームをWindows起動の度に毎回自動的にマウントしたい場合は、[設定]-[システムお気に入りボリューム]-[Windows起動時にシステムお気に入りボリュームをマウント]と選択してください。 - お気に入りに登録しようとしたボリュームはパーティションでもダイナミックボリュームでもありませんでした。そのためデバイス数が変わった場合、お気に入りボリュームとしてはマウントできなくなります。 - お気に入りに登録しようとしたボリュームはWindowsが認識できないパーティションでした。\n\nデバイス数が変わった場合、お気に入りボリュームとしてはマウントできなくなります。まずパーティションをWindowsが認識できるタイプに設定してください(Windowsの 'diskpart' ツールでSETIDコマンドを使ってください)。それからこのパーティションをお気に入りに登録しなおしてください。 - VeraCryptの常駐が無効であるか、何もマウントされていないときに終了する設定になっています。あるいはポータブルモードで起動しています。このためデバイスが接続されたときに自動マウントされるようにしたお気に入りボリュームは使えないことがあります。\n\n注:VeraCryptの常駐を有効にするには [設定]-[各種設定] を選択し、「VeraCryptの常駐」で「常駐する」にチェックを入れてください。 - ネットワーク越しに共有しているリモートファイルシステム上のコンテナは、デバイスが接続されたときに自動マウントすることはできません。 - 以下に表示されているデバイスはパーティションでも非ダイナミックボリュームでもありません。したがってこのデバイス上のボリュームは、デバイスが接続されたときに自動マウントすることはできません。 - まず以下に表示されているパーティションのタイプをWindowsが認識できるタイプに設定してください(Windowsの 'diskpart' ツールでSETIDコマンドを使ってください)。その後、そのパーティションをお気に入りから削除し、追加しなおしてください。これによってそのデバイス型ボリュームを接続時に自動マウントできるようになります。 - 以下に表示されているデバイスはパーティションでも非ダイナミックボリュームでもありません。したがってラベルを割り当てることはできません。 - まず以下に表示されているパーティションのタイプをWindowsが認識できるタイプに設定してください(Windowsの 'diskpart' ツールでSETIDコマンドを使ってください)。その後、そのパーティションをお気に入りから削除し、追加しなおしてください。これによってそのパーティションにラベルを設定できるようになります。 - Windowsの制限により、ネットワーク越しに共有されているリモートファイルシステム上のコンテナはシステムお気に入りボリュームとしてマウントはできません。ただしユーザーがログオンすれば普通のお気に入りボリュームとしてマウントできます。 - %s のパスワードを入力してください。 - '%s' のパスワードを入力してください。 - 標準/外殻ボリュームのパスワードを入力してください。 - 隠しボリュームのパスワードを入力してください。 - バックアップファイルに保存されたヘッダのパスワードを入力してください。 - キーファイルの生成に成功しました。 - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - 警告:このボリュームのヘッダが壊れています! VeraCryptは自動的にこのボリュームに埋め込まれているバックアップを使用します。\n\n[ツール]-[ボリュームヘッダのリストア]を選択して、ボリュームヘッダを修復してください。 - ボリュームヘッダのバックアップを無事に作成しました。\n\n重要:このバックアップを使ってボリュームヘッダをリストアすることは、現在のボリュームのパスワードも同様に復元します。さらに、もしこのボリュームのマウントにキーファイルが必要だったのなら、同じキーファイルがこのボリュームのマウントのために必要です。\n\n警告:このボリュームヘッダのバックアップは、このボリュームにのみリストアできます。もし他のボリュームにこのヘッダのバックアップをリストアした場合、そのボリュームのマウントはできますが、格納されていたデータの復号化ができなくなります(マスターキーを変更したため)。 - ボリュームヘッダのリストアに成功しました。\n\n重要:古いパスワードも同様に復元されました。さらに、もしこのボリュームのマウントにキーファイルが必要だったのなら、同じキーファイルがこのボリュームのマウントのために必要です。 - セキュリティ上の理由により、このボリュームの正しいパスワードを入力する必要があります(キーファイルがあるならそれも正しく指定してください)。\n\n注:もしこのボリュームに隠しボリュームが含まれているなら、まず外殻ボリュームのパスワードを先に入力してください(キーファイルも同様)。隠しボリュームのヘッダをバックアップするのであれば、その後に、隠しボリュームの正しいパスワードを入力する必要があります(キーファイルも同様)。 - ボリューム %s のボリュームヘッダを本当にバックアップしますか?\n\n「はい」をクリックすると、ヘッダのバックアップを保存するファイル名を尋ねられます。\n\n注:標準および隠しのボリュームヘッダが新しいソルトによって再暗号化されてバックアップファイルに保存されます。もし隠しボリュームが存在していなくても、見せかけの拒否を守るため、バックアップファイルには隠しボリューム用の領域が確保されて、その領域はランダムなデータで充填されます。ボリュームヘッダをリストアするときには、ボリュームヘッダのバックアップを作成した時点の正しいパスワードを入力(および正しいキーファイルを指定)する必要があります。VeraCryptは入力されたパスワードによって、自動的に標準か隠しかどちらのボリュームヘッダをリストアするのかを決定します。 - ボリューム %s のボリュームヘッダを本当にリストアしますか?\n\n警告:ボリュームヘッダをリストアすると、パスワードもバックアップ作成時のものに復元されます。また、もしこのバックアップを作成した時点でこのボリュームのマウントにキーファイルが必要だったのなら、リストア後には同じキーファイルがマウントのために必要になります。\n\n「はい」をクリックした後、ヘッダのバックアップを選択してください。 - このボリュームは隠しボリュームを含んでいますか? - このボリュームは隠しボリュームを含んでいます。 - このボリュームは隠しボリュームを含んでいません。 - 使用したいボリュームヘッダバックアップの種類を選択してください: - ボリューム内に埋め込まれたバックアップからボリュームヘッダをリストアする - バックアップファイルからボリュームヘッダをリストアする - ボリュームヘッダのバックアップファイルのサイズが正しくありません。 - このボリュームにはボリュームヘッダのバックアップが埋め込まれていません(注:VeraCrypt6.0以降でボリュームを作成しないと、ボリューム内にバックアップを埋め込めません)。 - システムパーティション/ドライブのヘッダのバックアップは拒否されました。システムパーティション/ドライブに関するバックアップおよびリストアの操作は、VeraCryptレスキューディスクを使用したときのみ可能です。\n\nVeraCryptレスキューディスクを作成しますか? - VeraCrypt仮想ボリュームのヘッダをシステムパーティション/ドライブにリストアしようとしましたが拒否されました。システムパーティション/ドライブに関するバックアップおよびリストアの操作は、VeraCryptレスキューディスクを使用したときのみ可能です。\n\nVeraCryptレスキューディスクを作成しますか? - 「OK」をクリックして、VeraCryptレスキューディスクのISOイメージの新しいファイル名、および保存場所を指定してください。 - レスキューディスクのイメージファイルが次の名前で作成されました: %s\n\n次にレスキューディスクをCDかDVDに書き込む必要があります。\n\n重要:このファイルは個別のファイルとしてではなく、ISOディスクイメージとしてCD/DVDに書き込まなければなりません。具体的な方法はお使いのレコーディングソフトのマニュアルを参照してください。\n\nレスキューディスクを作成後、メニューから[システム]-[レスキューディスクの検証]を選択し、正しく作成されたかを検証してください。 - レスキューディスクのイメージファイルが次の名前で作成されました: %s\n\n次にレスキューディスクをCDかDVDに書き込む必要があります。\n\nWindowsディスクイメージ書き込みツールを起動しますか?\n\n注:レスキューディスクを作成後、メニューから[システム]-[レスキューディスクの検証]を選択し、正しく作成されたかを検証してください。 - VeraCryptレスキューディスクをCD/DVDドライブに挿入してから「OK」を押すと検証します。 - VeraCryptレスキューディスクの検証に成功しました。 - レスキューディスクが正しく作成されているか検証できませんでした。\n\nレスキューディスクをお持ちなら、CD/DVDをいったん排出してから再度挿入してみてください。もしこの方法でダメなら、他のレコーディングソフトあるいはメディアを使ってみてください。\n\nもし別のマスターキー、パスワード、ソルトを設定して作られたレスキューディスクを検証しようとしているのであれば、これは常に検証に失敗します。現在の設定に適合したレスキューディスクを作成するには、メニューから[システム]-[レスキューディスクの作成]を選択してください。 - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - VeraCryptレスキューディスクの作成中にエラーが発生しました。 - 隠しOSの起動中はVeraCryptレスキューディスクを作成することができません。\n\nレスキューディスクを作成するためには、囮用OSを起動し、[システム]-[レスキューディスク作成]を選択してください。 - レスキューディスクが正しく作成されているか検証できませんでした。\n\nもしレスキューディスクを作成したばかりであれば、CD/DVDをいったん排出してから再度挿入し「次へ」をクリックしてみてください。もしこの方法でダメなら、他のメディア%sを使ってみてください。\n\nもしまだレスキューディスクを作成していないのであれば、作成してから「次へ」をクリックしてください。\n\nもしこのウィザードを開始する前に作成されたVeraCryptレスキューディスクを検証しようとしているのであれば、そのようなディスクは使えません。それは異なるマスターキーのために作成されたものだからです。この場合は新たにレスキューディスクを作成する必要があります。 - (あるいは他のレコーディングソフト) - VeraCrypt - システムお気に入りボリューム - システムお気に入りボリュームとは? - システムパーティション/ドライブは暗号化されてないようです。\n\nシステムお気に入りボリュームは起動前認証用のパスワードでのみマウントできます。したがって、システムお気に入りボリュームを使用するためには、先にシステムパーティション/ドライブを暗号化しておく必要があります。 - 先に進む前にボリュームをアンマウントしてください。 - タイマーをセットできませんでした。 - ファイルシステムのチェック - ファイルシステムの修復 - お気に入りに追加... - システムお気に入りに追加... - プロパティ(&r)... - 隠しボリュームの保護 - N/A - はい - いいえ - 無効 - 1 - 2以上 - 動作モード - ラベル: - サイズ: - PATH: - ドライブレター: - エラー:パスワードにはASCII文字しか使えません。\n\nASCII文字以外を使うと、システムの設定が変更されたときにボリュームがマウントできなくなる可能性があります。\n\n次の文字を使うことができます:\n\n! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - 警告:パスワードにASCII文字以外の文字が含まれています。このことによって、システムの設定が変更されたときに、ボリュームのマウントが不可能になる可能性があります。\n\n全ての非ASCII文字をASCII文字に置き換えてください。 そのためには、[ボリューム]-[パスワードの変更]とクリックしてください。\n\n次の文字を使うことができます:\n\n! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - 警告:ファイル名の拡張子として、実行可能なもの(例:.exe, .sys, .dll)や、その他問題を起こしそうなものを使わないように強く推奨します。そのような拡張子のファイルはWindowsやアンチウィルスソフトのチェック対象になるため、パフォーマンスを悪化させたり、その他深刻な問題を引き起こす要因となります。\n\nこのような拡張子は消すかあるいは変更する(例えば .hc へ)ことを強く推奨します。\n\nこのような問題となりうる拡張子を本当に使用しますか? - 警告;このコンテナファイルには、実行可能(例:.exe, .sys, .dll)あるいは、同様に問題を引き起こしそうな種類の拡張子が使われています。そのような拡張子のコンテナファイルはWindowsやアンチウィルスソフトのチェック対象になるため、パフォーマンスを悪化させたり、その他深刻な問題を引き起こす要因となります。\n\nこのボリュームをアンマウントした後、このような拡張子を消すかあるいは変更する(例えば .hc へ)ことを強く推奨します。 - ホームページ - 警告:この Windows にはサービスパックが適用されていません。 サービスパック1以降が適用されていない WindowsXP では、128 GB を超えるサイズの IDE ハードディスクに書き込みができません! もし書き込もうとすると(VeraCryptボリュームであろうとなかろうと)ディスク上のデータが壊れてしまうでしょう。なお、これは Windows 自体の制限であって、VeraCryptのバグではありません。 - 警告:この Windows にはサービスパック3以降が適用されていません。 サービスパック3以降が適用されていない Windows2000 では、128 GB を超えるサイズの IDE ハードディスクに書き込みができません! もし書き込もうとすると(VeraCryptボリュームであろうとなかろうと)ディスク上のデータが壊れてしまうでしょう。なお、これは Windows 自体の制限であって、VeraCryptのバグではありません。\n\n注:レジストリの設定で 48ビットLBAを扱えるようにする必要があります。詳しくは http://support.microsoft.com/kb/305098/JA を参照してください。 - 警告:このシステムでは48ビットLBA ATAPIがサポートされていません。したがって 128 GB を超えるサイズのIDEハードディスクに書き込みができません! もし書き込もうとすると(VeraCryptボリュームであろうとなかろうと)ディスク上のデータが壊れてしまうでしょう。なお、これは Windows 自体の制限であって、VeraCryptの制限ではありません。\n\n48ビットLBA ATAPIのサポートを有効にするには、レジストリの HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters で、'EnableBigLba' の値を1にしてください。\n\n詳しくは http://support.microsoft.com/kb/305098/JA を参照してください。 - エラー:FAT32ファイルシステムには4GBを超えるサイズのファイルを書き込むことはできません。そのため、FAT32でフォーマットされたボリューム上にも、4GBを超えるサイズのVeraCryptコンテナファイルを作成することはできません。\n\nもしより大きなサイズのボリュームが必要であれば、NTFSでフォーマットされたボリューム上に作成するか(あるいはVista SP1以降ならexFATも可)、あるいはパーティション全体を暗号化してください。 - 警告:Windows XPは 2048GB 以上のファイルをサポートしていません(十分な容量がない旨のエラーが出ます)。したがって Windows XP 環境下では 2048GB より大きなコンテナファイルを作ることはできません。\n\n注:ただし Windows XP 環境下でも、デバイス全体あるいはパーティション型のボリュームなら 2048GB 以上のサイズであっても暗号化可能です。 - 警告:外殻ボリュームにファイルを追加できるようにしておきたいのであれば、隠しボリュームのサイズはもっと小さくするよう見直すべきです。\n\n指定されたサイズで処理を続けてよろしいですか? - ボリュームが選択されていません。\n\n「デバイスの選択」あるいは「ファイルの選択」をクリックして、VeraCryptボリュームを指定してください。 - パーティションが選択されていません。\n\n「デバイスの選択」をクリックし、通常は起動前認証が必要な未マウント状態のパーティション(例:未起動の他のOSの暗号化システムドライブ上のパーティションあるいは他のOSの暗号化システムパーティションなど)を選択してください。\n\n注:選択されたパーティションは、通常の起動前認証が不要なVeraCryptボリュームと同じようにマウントされます。これは例えばバックアップや修復作業のときに有用です。 - 警告:デフォルトのキーファイルを設定して有効にすると、それらのキーファイルを使っていないボリュームをマウントできなくなります。デフォルトのキーファイルを有効にした後に、そのようなボリュームをマウントする場合は「キーファイルを使用する」のチェック(パスワード入力欄の下にあります)を外すことを忘れないでください。\n\n指定されたキーファイルあるいはフォルダをデフォルトとして保存しますか? - デバイスの自動マウント - すべてアンマウント - 記憶したパスワードの消去 - すべてアンマウント→記憶したパスワードを消去 - すべて強制アンマウント→記憶したパスワードを消去 - すべて強制アンマウント→記憶したパスワードを消去→終了 - お気に入りをマウント - メインウィンドウの表示/消去 - (ここをクリックしてから割り当てるキーを押してください) - 動作 - ショートカット - エラー:そのショートカットは予約されています。違うショートカットにしてください。 - エラー:そのショートカットはすでに使われています。 - 警告:一つ以上のVeraCryptホットキーが使えなくなっています!\n\nほかのアプリケーションやオペレーティングシステムが、VeraCryptと同じショートカットを使用していないか確認してください。 - ページファイルの作成を中止しました。\n\nWindowsの問題により、ページファイルは非システムVeraCryptボリューム(システムお気に入りボリュームも含みます)上には作成できません。VeraCryptはページファイルを暗号化システムパーティション/ドライブ上にのみ作成可能です。 - エラーあるいは非互換性によりハイバネーションファイルは暗号化できません。そのため休止状態は阻止されました。\n\n注:コンピュータが休止状態(あるいはパワーセーブモード)になるとき、メモリーの内容がハイバネーションファイルとしてディスク上に保存されます。VeraCryptは、暗号鍵自体やRAM上に展開されている秘密にしたいファイルの内容が、暗号化されないままハイバネーションファイルに保存されることを止めることができません。 - 休止状態は阻止されました。\n\nVeraCryptは追加のブートパーティションを利用している隠しOS上での休止状態をサポートしていません。ブートパーティションは囮と隠しの両システムで共用されていることに留意してください。データの漏出防止と休止状態からの復帰時の問題に対処するため、VeraCryptは隠しシステムについて共用ブートパーティションへの書き込みおよびシステム休止を禁止する必要があるのです。 - %c: ドライブとしてマウントされていたVeraCryptボリュームがアンマウントされました。 - VeraCryptボリュームがアンマウントされました。 - VeraCryptボリュームがアンマウントされ、記憶されていたパスワードは抹消されました。 - アンマウントに成功しました - 警告:VeraCryptの常駐を無効にすると次の機能も無効になります:\n\n1) ホットキー\n2) 自動アンマウント(例:ログオフしたとき、不用意にホストにしていたデバイスを外したとき、タイムアウト時など)\n3) お気に入りボリュームの自動マウント\n4) 通知機能(例:隠しボリュームの保護機能が働いたときなど)\n5) トレイアイコンの表示\n\n注:トレイアイコンを右クリックして「終了」を選べば、いつでも常駐を終了できます。\n\n本当にVeraCryptの常駐機能を無効にしますか? - 警告:もしこのオプションを無効にすると、ボリューム上に開かれているファイルやフォルダがあった場合に、自動アンマウントできなくなります。\n\n本当にこのオプションを無効にしますか? - 警告:今の設定では開かれたファイルやフォルダが含まれるボリュームは、自動アンマウントされません。\n\nこれを防ぐには、この設定画面の「ボリュームに開かれたファイルやフォルダがあっても強制的にアンマウント」のチェックを有効にしてください。 - 警告:ノート型PCのバッテリー残量が低下したとき、Windowsは、実行中のアプリケーションへコンピュータが省電力モードに入ったときに通知すべきメッセージを送り損なう可能性があります。そのため、そのような場合にはVeraCryptがボリュームの自動アンマウントに失敗するかもしれません。 - 中断中のパーティション/ボリュームの暗号化処理があります。この処理は未完了です。\n\n今すぐ処理を再開しますか? - システムパーティション/ドライブの暗号化(もしくは復号)作業を予約しました。この作業はまだ完了していません。\n\nすぐに暗号化(もしくは復号)作業を開始しますか? - 現在の非システムパーティション/ボリュームの暗号化処理の再開が計画されているかどうかについて、通知しますか? - はい、通知してください - いいえ、通知しないでください - 重要:非システムパーティション/ボリュームの暗号化処理を再開するには、VeraCryptメインウィンドウのメニューから、[ボリューム]-[中断処理を再開]を選択してください。 - システムパーティション/ドライブの暗号化(もしくは復号)作業を予約しました。ただし起動前認証は失敗し(あるいはスキップされ)ました。\n\n注:起動前の環境下でシステムパーティション/ドライブを復号したのであれば、VeraCryptのメインウィンドウのメニューから[システム]-[システムパーティション/ドライブの暗号化を解除]を選んでその作業を完了させる必要があります。 - 警告:ここでVeraCryptを終了すると、次の機能が働かなくなります:\n\n1) ホットキー\n2) 自動アンマウント(例:ログオフしたとき、不用意にホストにしていたデバイスを外したとき、タイムアウト時など)\n3) お気に入りボリュームの自動マウント\n4) 通知機能(例:隠しボリュームの保護機能が働いたときなど)\n\n注:VeraCryptを常駐させたくない場合は、設定画面でVeraCryptの常駐を無効にしてください(必要なら起動時の自動実行も無効にしてください)。\n\n本当にVeraCryptを終了しますか? - 終了しますか? - 暗号化なのか復号なのかを決定するための十分な情報がありません。 - 暗号化なのか復号なのかを決定するための十分な情報がありません。\n\n注:もし起動前の環境下でシステムパーティション/ドライブを復号したのであれば、「復号」をクリックして作業を完了させる必要があります。 - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - パーティション/ボリュームの暗号化処理を中断して後に回しますか?\n\n注:ボリュームは暗号化処理を完了するまでマウントできないことに注意してください。後で暗号化処理を中断した箇所から再開することができます。その際はVeraCryptのメインウィンドウから、[ボリューム]-[中断処理を再開]を選択してください。 - システムパーティション/ドライブの暗号化処理を中断して先送りにしますか?\n\n注:この処理は中断した箇所から後で再開することができます。それはたとえばVeraCryptメインウィンドウのメニューから[システム]-[中断処理を再開]を選択することで可能です。もし暗号化自体を解除したい場合は[システム]-[システムパーティション/ドライブの暗号化を解除]を選択してください。 - システムパーティション/ドライブの暗号化解除処理を中断して先送りにしますか?\n\n注:この処理は中断した箇所から後で再開することができます。それはたとえばVeraCryptメインウィンドウのメニューから[システム]-[中断処理を再開]を選択することで可能です。もし暗号化解除をやめて暗号化する場合は[システム]-[システムパーティション/ドライブの暗号化]を選択してください。 - エラー:システムパーティション/ドライブの暗号化/復号処理の中断に失敗しました。 - エラー:ワイプ処理の中断に失敗しました。 - エラー:システムパーティション/ドライブの暗号化/復号処理の再開に失敗しました。 - エラー:ワイプ処理の開始に失敗しました。 - 不整合状態を解決しました。\n\n\n(もしこの問題についてバグ報告をしてくださるなら、以下の技術的情報を付け加えてくださるようお願いします: %hs) - エラー:予期しない状態です。\n\n\n(この状態をバグ報告する場合、次の情報も報告に含めるようお願いいたします。: %hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - 警告:VeraCryptの常駐は無効になっています。VeraCryptの終了後は、隠しボリュームの保護機能が働いても告知されません。\n\n注:VeraCryptのトレイアイコンを右クリックして終了を選べば、いつでも常駐を終了できます。\n\nVeraCryptの常駐を有効にしますか? - 言語パックのバージョン: %s - %s ドライブとしてマウントされた VeraCryptボリュームのファイルシステムをチェック中です... - %s ドライブとしてマウントされた VeraCryptボリュームのファイルシステム修復を試みています... - 警告:このボリュームは旧式の暗号化アルゴリズムで暗号化されています。\n\nすべての64ビットブロックの暗号化アルゴリズム(例:Blowfish, CAST-128, Triple DES)は非推奨です。VeraCryptの将来のバージョンでも、このボリュームをマウントすることはできるでしょう。ただしこれら旧式の暗号化アルゴリズムの実装については今後の拡張予定はありません。128ビットブロックの暗号化アルゴリズム(AES, Serpent, Twofish など)を使ったVeraCryptボリュームを新しく作成し、今のこのボリュームにあるすべてのファイルを、新しいボリュームに移すことをお勧めします。 - このシステムは新しいボリュームの自動マウントができるようには設定されていません。 このことによりデバイス型のVeraCryptボリュームのマウントは不可能でしょう。 次のコマンドを実行してから再起動することで、自動マウントを有効にできます。\n\nmountvol.exe /E - 作業を進める前に、先にパーティションあるいはデバイスにドライブレターを割り当ててください(Vistaならコントロールパネルから「システムとメンテナンス」→「管理ツール」とたどり、「ハードディスクパーティションの作成とフォーマット」を開きます)。\n\n注:これはオペレーティングシステム側の要請です。 - VeraCryptボリュームのマウント - VeraCryptボリュームのアンマウント - VeraCryptは管理者権限の取得に失敗しました。 - オペレーティングシステムによってアクセスが拒否されました。\n\n可能性のある原因:オペレーティングシステムは、指定されたフォルダやファイルあるいはデバイス等の読み書きについて、あなたが許可されている(あるいは管理者権限を持っている)ことを要求しています。普通は、管理者権限を持たない一般ユーザーであっても、自分自身のドキュメント置き場(マイドキュメントの中など)にファイルを新しく作成すること、ファイルの読み書きや修正することは許可されています。 - エラー:指定のドライブはサポートされていないセクタサイズを使用しています。\n\n今のところ、4096 バイトより大きいセクタが使われているドライブにはパーティション/デバイス型のボリュームを作成できません。ただしそのようなドライブでもファイルコンテナ型のボリュームなら作成可能です。 - セクタサイズが 512 バイト以外であるディスクにインストールされているシステムは、今のところ暗号化できません。 - VeraCryptのブートローダーはシステムドライブの先頭に最低でも32Kバイトの空き領域を必要とします(その領域にブートローダーが保存されます)。残念ながら指定のドライブは条件を満たしていません。\n\nこの件についてVeraCryptのバグ/問題として報告しないでください。この問題を解決するにはディスクに再パーティション処理を行って、先頭に32Kバイトの空き領域を残してください(たいていのケースでは一番目のパーティションを削除して作り直す必要があります)。マイクロソフトのパーティションマネージャ(たとえばWindowsをインストールすると使用できるようになります)を使うことを推奨します。 - この機能は現在ご使用中のバージョンのOSでは対応していません。 - 現在ご使用中のバージョンのOSではシステムパーティション/ドライブの暗号化に対応していません。 - Windows Vistaのシステムパーティション/ドライブを暗号化する前に、Windows Vista用のサービスパック1以降をシステムに適用してください(このシステムにはそのようなサービスパックが未適用です)。\n\n注:Windows Vista SP1では、システム起動時に必要なメモリー量不足の問題が解決されています。 - サービスパックが適用されていないWindows Vistaのシステムパーティション/ドライブの暗号化はもうサポートされません。VeraCryptをアップグレードする前にVistaにSP1以上を適用してください。 - エラー:この機能はVeraCryptがこのシステムにインストールされている必要があります(現在はポータブルモードです)。\n\nVeraCryptをインストールしてもう一度試してみてください。 - エラー:起動しようとしたドライブにWindowsがインストールされているか確認できません。この状態には対応していません。\n\n起動しようとしたドライブにWindowsがインストールされていることを確認してから続けるべきです。\n\n処理を続けますか? - システムドライブにGPT(GUIDパーティションテーブル)があります。現在はMBRパーティションテーブルのドライブのみ対応しています。 - 注意:VeraCryptブートローダーがすでにシステムドライブにインストールされています!\n\nこれはこのマシン上の別のシステムがすでに暗号化されている可能性を示唆しています。\n\n警告:現在実行中のシステムで暗号化処理を継続すると、その別のシステムを起動できなくなったり、そのデータを参照できなくなったりするでしょう。\n\n本当に処理を続けますか? - 元システムのブートローダーの復帰に失敗しました。\n\nVeraCryptブートローダーをWindowsのブートローダーに置き換えるには、VeraCryptレスキューディスクで 'Repair Options'→'Restore original system loader' を実行するか、Windowsのインストールディスクを使用してください。 - 元システムのブートローダーがレスキューディスクに保存されていないようです。おそらくバックアップファイルが失われています。 - MBRセクターに書き込めませんでした。\n\nBIOSの設定でMBRセクターが保護されていると思われますので、BIOSの設定を確認してください(電源投入後にF2、Delete、あるいはEscキーを押してください)。 - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - VeraCryptブートローダーの必要なバージョンがインストールされていません。そのため指定された設定のいくつかは保存されません。 - 注:時と場合によっては、このコンピュータを起動しているところを見ている他人に、あなたがVeraCryptを使っていることを知られたくないということもあるかもしれません。上記のオプションで、VeraCryptのブートローダー画面をカスタマイズすることができます。最初のオプションを有効にすると、ブートローダーの起動時に一切の文字表示をしません(誤ったパスワードを入力したときでさえもです)。コンピュータは正しいパスワードが入力されるまで固まっているように見えます。あるいはカスタムメッセージを表示させて敵対者に誤解を与えることもできます。たとえば次のような偽のエラーメッセージ「Missing operating system」(これは通常のWindowsブートローダーが、Windowsのブートパーティションを見つけられないときのものです)などです。ただし、もし敵対者がハードディスクの内容を解析できるのであれば、VeraCryptブートローダーの存在を検出することは可能です。 - 警告:このオプションを有効にした場合、VeraCryptブートローダーは起動画面において一切の文字表示を行いません(パスワードが誤っていても同様です)。このコンピュータは正しいパスワードが入力されるまで固まってしまったかのように見えます。カーソルは動かず、キーを押してもアスタリスクは表示されません。\n\n本当にこのオプションを有効にしますか? - システムパーティション/ドライブはすべて暗号化されているようです。 - VeraCryptはダイナミックディスクに変換されたシステムドライブの暗号化には対応していません。 - システムドライブに拡張(論理)パーティションが存在します。\n\nWindows Vista以降のみ、拡張(論理)パーティションを含むシステムドライブ全体の暗号化を行うことができます。Windows XPの場合は、プライマリ(基本)パーティションだけで構成されているシステムドライブに限り、全体を暗号化することができます。\n\n注:システムドライブ全体ではなくシステムパーティションなら今でも暗号化は可能です。また、このドライブのどの非システムパーティションもパーティション型のボリュームとして暗号化できます。 - 警告:WindowsXP/2003を起動している場合、このドライブを暗号化した後は、絶対に拡張(論理)パーティションを作成してはいけません。プライマリ(基本)パーティションのみ作成しても構いません。暗号化した後はこのドライブのすべての拡張(論理)パーティションがアクセスできなくなります(なおこのドライブには現在そのようなパーティションはありません)。\n\n注:この制限を受け入れられないのであれば、戻ってからドライブ全体の代わりにシステムパーティションのみ暗号化することを選択できます。また付け加えるなら、非システムパーティションをVeraCryptボリュームとして作成することができます。\n\nもう一つの手段としてはWindowsをVista以降にアップグレードするという方法があります。Vista以降のWindowsであれば、拡張(論理)パーティションを含んだドライブ全体を暗号化することができます。 - システムドライブに標準的でないパーティションが含まれています。\n\nもしノート型PCをお使いならば、リカバリ用の特殊なパーティションが含まれている可能性があります。システムドライブ全体をリカバリ用パーティションも含めて暗号化した場合、BIOSの設計が適切でなければ起動できなくなるかもしれません。つまりシステムドライブの暗号化を解除しない限り、リカバリ用パーティションが使用不可能になることを表します。したがって、システムパーティションのみ暗号化することをお勧めします。 - ドライブ全体の代わりにシステムパーティションを暗号化しますか?\n\n注:システムパーティションの暗号化に加えて、システムの入っていないパーティションをVeraCryptボリュームとして作成することができます。 - システムドライブ全体が単一のパーティションとして構成されているとき、そのようなパーティションはスラック領域を含むため、ドライブ全体を暗号化した方が安全性が高まります。\n\nシステムドライブ全体を暗号化しますか? - このシステムは一時ファイルが非システムパーティションに作られるように設定されています。\n\n一時ファイルはシステムパーティションにのみ作成するようにしてください。 - ユーザープロファイルがシステムパーティションに置かれていません。\n\nユーザープロファイルはシステムパーティションにのみ置いてください。 - ページングファイルが非システムパーティションに置かれています。\n\nページングファイルはシステムパーティションにのみ置いてください。 - Windowsのページングファイルを、Windowsのパーティション上のみに作成するよう設定を変更しますか?\n\n「はい」をクリックするとコンピュータは再起動されます。その後VeraCryptを起動し、隠しOSをもう一度作成してください。 - さもなければ、隠しOSに対する「みせかけの拒否」に影響を及ぼすでしょう。\n\n注:もし敵対者が非システムパーティションにあるページングファイルを解析したなら、あなたがこのウィザードを隠しシステム作成モードで使用したことが判明し、それはすなわちこのコンピュータに隠しシステムがあることを示してしまうことになります。そのためVeraCryptは、システムパーティション上のすべてのファイルについて、隠しOSの作成中に安全に抹消します。 - 警告:隠しOSの作成処理中、囮OSを安全に作成するために、現在起動中のシステムを再インストールする必要があります。\n\n注:隠しシステムを作成するために、現在起動中のシステムおよびシステムパーティション上のすべてのファイルは、隠しボリュームにコピーされます。\n\n\nWindowsをインストール可能なインストール用メディア(あるいはサービスパーティション)はお手元にありますか? - セキュリティ上の理由により、現在起動中のシステムにアクティベーションが必要な場合、処理を進める前にアクティベーションを済ませておく必要があります。隠しOSはシステムパーティションから隠しボリュームへファイルをコピーして作成されることに注意してください。現在起動中のシステムが未アクティベーションであるなら、隠しOSも同様に未アクティベーションとなります。より詳細な情報はユーザーズガイドの「隠しボリュームの安全に関する必要事項と予防策」をご覧ください。\n\n重要:処理を進める前に「隠しボリュームの安全に関する必要事項と予防策」をよくお読みください。\n\n\n現在起動中のシステムは上記の条件を満たしていますか? - このシステムは追加のブートパーティションを使用しています。VeraCryptは追加のブートパーティションを利用する隠しOSでの休止状態をサポートしていません(囮システムではそのような問題なく休止状態に入れます)。\n\nブートパーティションは囮と隠しの両システムで共用されることに留意してください。データの漏出防止と休止状態からの復帰時の問題に対処するため、VeraCryptは隠しシステムについて共用ブートパーティションへの書き込みおよびシステム休止を禁止する必要があるのです。\n\n\n処理を続けますか? 「いいえ」を選択した場合、追加ブートパーティションを消去する手順が表示されます。 - \nWindowsをインストールする前に追加のブートパーティションを削除できます。そのためには次の手順に従ってください:\n\n1) Windowsインストールディスクで起動します。\n\n2) Windowsインストール画面で「今すぐインストール」→「カスタム(詳細)」とクリックします。\n\n3) 「ドライブオプション」をクリックします。\n\n4) メインのシステムパーティションを選択し、「消去」→「OK」とクリックして消去します。\n\n5) 「System Reserved」パーティションを選択し、「拡張」をクリックしてOSをインストール可能なサイズを指定します。6) 「適用」→「OK」をクリックします。\n\n7) 「System Reserved」パーティションにWindowsをインストールします。\n\n\n攻撃者が追加のブートパーティションを削除した理由を尋ねてくるかもしれません。そのときは、あなたは暗号化されていないブートパーティションへのデータ漏洩の可能性を無くしたかったからだと言うことができます。\n\n注:下の「印刷」ボタンをクリックしてこの文章を印刷することができます。もしこの文章をコピーあるいは印刷(プリンタの内蔵ドライブに文面が保存されるのでなければ、強くお勧めします)したならば、追加のブートパーティションを削除後にその紙やコピーを破棄すべきです。そうしないと、もしその紙やコピーが見つかったならば、このコンピュータに隠しOSがあることを推測されるおそれがあるからです。 - 警告:システムパーティションとその次のパーティションの間に未割り当ての領域が存在しています。隠しOSを作成した後は、この未割り当ての領域に新たにパーティションを作成してはいけません。さもなければ(新たに作成したパーティションを削除するまで)隠しOSが起動できなくなります。 - このアルゴリズムはシステムの暗号化には現在対応していません。 - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - 現在、システムの暗号化でのキーファイル使用には対応していません。 - 警告:VeraCryptは元のキーボードレイアウトを復元できませんでした。そのためパスワードを正確に入力できないおそれがあります。 - エラー:キーボードのレイアウトを標準USキーボードとして設定できません。\n\nシステム起動前に必要なパスワードがUS Windowsレイアウト以外のキーボードで入力されても無効となります。したがってパスワードは常に標準USレイアウトのキーボードで入力される必要があります。 - VeraCryptはキーボードのレイアウトを一時的に標準USキーボードに変更するため、右ALTキーの押下が必要な文字を入力できません。ただしそのような文字の大部分はシフトキーを押下することで入力できます。 - VeraCryptはキーボードレイアウトの変更を阻止しました。 - 注:起動前の環境下(Windowsの起動前)では、US-Windows以外のキーボードレイアウトが必要なパスワードは無効です。そのため、パスワードは常に標準USキーボードレイアウトで入力される必要があります。ただし、これは物理的にUSキーボードが必要という意味では*ありません*。VeraCryptはたとえ物理的にUSキーボードではない環境であっても、今現在でも起動前環境下でも、自動的に正しくパスワードが入力できるようにします。 - このパーティション/ドライブを暗号化する前にVeraCryptレスキューディスク(VRD)を作成する必要があります。VRDには以下の目的があります。:\n\n- VeraCryptブートローダーやマスターキー、その他重要なデータが破損した場合、VRDで復旧できます(ただし正しいパスワードの入力が必要なことには変わりありません)。\n\n- Windowsが破損して起動不能になった場合、Windowsの起動前にVRDでシステムドライブ/パーティションの暗号化を解除できます。\n\n- VRDは最初のドライブトラックに記録されていた情報をバックアップし、必要であればリストアできます。通常この部分にはシステムローダーあるいはブートマネージャーが含まれています。\n\nVeraCryptレスキューディスクのISOイメージは下記に示された場所に作成されます。 - OKをクリックすると、Windowsディスクイメージ書き込みツールが起動します。このツールでVeraCryptレスキューディスクのISOイメージをCDやDVDに書き込んでください。\n\n書き込み後、VeraCryptボリューム作成ウィザードに戻って、以下の手順に従ってください。 - レスキューディスクのイメージファイルが次の場所に作成されました: %s\n\nこれをCDやDVDに書き込んでください。\n\n%ls レスキューディスクの作成後、「次へ」をクリックして正しく作成されたかを確認してください。 - レスキューディスクのイメージファイルが次の場所に作成されました: %s\n\nこのディスクイメージをCDやDVDに書き込むか、後で利用するために安全な場所に移動してください。\n\n%ls「次へ」で処理を続けます。 - 重要:このファイルは個別のファイルではなくISOイメージとしてCD/DVDに書き込む必要があります。詳しい方法についてはご使用中のレコーディングソフトのマニュアルを参照してください。もしISOイメージとして書き込めるCD/DVDレコーディングソフトをお持ちでない場合は、以下のリンク先からフリーソフトをダウンロードできます。\n\n - Windowsディスクイメージ書き込みツールを起動 - 警告:もし以前にVeraCryptレスキューディスクをすでに作成していたのであれば、異なるマスターキーが作成されたため、このシステムパーティション/ドライブ用には使えなくなります! システムパーティション/ドライブを暗号化するときは常に、たとえ以前と同じパスワードを使うのであっても、新しいVeraCryptレスキューディスクを作成する必要があります。 - エラー:システムの暗号化設定を保存できません。 - システム暗号化の予備検査を開始できません。 - 隠しOSの作成プロセスが初期化できません。 - ワイプモード - ある種の記録メディアでは、データが他のデータで上書きされた場合でも、磁力顕微鏡のような手法で上書きされたデータを復活することができます。これは元データを暗号化したデータで上書きした場合であっても当てはまります。VeraCryptでそのドライブ/パーティションを初めて暗号化した場合でも同様です。いくつかの研究や政府の発行物によれば、ランダムデータとある種のランダムでないデータで一定回数上書きすることによって、元データの復活を不可能あるいは極端に困難にすることが可能です。したがって敵対者が磁力顕微鏡のような手法で暗号化したデータを復活させてくると想定されるならば、以下に実装されたワイプモードを選択してください(既存のデータは失われません)。なおパーティションやドライブが暗号化された後ではワイプは機能しません。パーティションやドライブがすべて暗号化されているときは、暗号化されていないデータが書き込まれることがないからです。書き込もうとするすべてのデータは、メモリ上で即時に暗号化されてからディスクに書き込まれます。 - ある種の記録メディアでは、データが他のデータで上書きされた場合でも、磁力顕微鏡のような手法で上書きされたデータを復活することができます。いくつかの研究や政府の発行物によれば、ランダムデータとある種のランダムでないデータで一定回数上書きすることによって、元データの復活を不可能あるいは極端に困難にすることが可能です。したがって敵対者が磁力顕微鏡のような手法で暗号化したデータを復活させてくると想定されるならば、以下に実装されたワイプモードを選択してください。\n\n注:ワイプの回数を増やすと、データ抹消にも時間がかかるようになります。 - ワイプ処理 - \n注:この抹消処理は、中断し、コンピュータをシャットダウンして、隠しOSを起動してから処理を再開できます(このウィザードが自動的に起動します)。ただし中断した場合は、抹消処理全体を最初からやり直す必要があります。 - \n\n注:抹消処理を中断して後で再開する場合、抹消処理全体を最初からやり直す必要があります。 - ワイプ処理を中断しますか? - 警告:選択されたパーティション/デバイス上のすべてのデータは削除され、失われます。 - 元のシステムがあったパーティション上のすべてのデータは削除されます。\n\n注:削除されるこのパーティション上のすべてのデータは、隠しシステムパーティションにコピーされます。 - 警告:もしたとえば3パスワイプモードを選択した場合、ドライブ/パーティションの暗号化にかかる時間は最大で4倍必要となります。同様にもし35パスワイプモードを選択した場合は最大で36倍の時間がかかります(おそらく数週間かかるでしょう)。\n\nただし、パーティションやドライブがすべて暗号化された後ではワイプは機能しないことに注意してください。パーティションやドライブがすべて暗号化されているときは、暗号化されていないデータが書き込まれることがないからです。書き込もうとするすべてのデータは、メモリ上で即時に暗号化されてからディスクに書き込まれるため、ワイプが有効に機能しません。\n\n本当にワイプモードを使用しますか? - なし(最速) - 1パス (ランダムデータ) - 3パス(US DoD 5220.22-M) - 7パス(US DoD 5220.22-M) - 35パス ("Gutmann") - 256パス - OSの数 - 警告:慣れているユーザー以外はマルチブート設定のWindowsを暗号化しないでください。\n\n続けますか? - 隠しOSを作成あるいは使用する場合、VeraCryptは次の条件を満たすときのみ、マルチブート設定に対応します:\n\n-現在起動中のOSが起動用ドライブにインストールされており、かつそのドライブに他のOSが一切含まれていないこと\n\n-起動用以外のドライブにインストールされているOSが、現在起動中のOSがインストールされているドライブに置かれたブートローダーを使用していないこと\n\n以上の条件を満たしていますか? - VeraCryptは、このマルチブート設定において、隠しOSの作成/使用に対応していません。 - 起動ドライブ - 現在動作中のオペレーティングシステムは起動ドライブにインストールされているものですか?\n\n注:場合によってはWindowsシステムがWindowsブートローダーのあるドライブ(起動パーティション)とは別のドライブにインストールされているケースがあります。もしそのようなケースに該当する場合は「いいえ」を選択してください。 - VeraCryptは起動ドライブ以外にインストールされているオペレーティングシステムの暗号化には現在対応していません。 - システムドライブの数 - オペレーティングシステムの入ったドライブはいくつありますか?\n\n注:たとえばいずれかのOS(たとえばWindows, Mac OS X, Linuxなど)がプライマリドライブにインストールされており、セカンダリドライブに追加のOSがインストールされているなら「2以上」を選択してください。 - VeraCryptは複数のオペレーティングシステムを含むドライブ全体の暗号化には現在対応していません。\n\n対策として次の方法があります:\n\n- 前に戻ってから、システムドライブ全体ではなく、単一のシステムパーティションを暗号化する方法を選択できます。\n\n- 別の方法として、複数のうちの一つのシステムを他のドライブに移動し、このドライブを単一のシステムだけにしてからドライブ全体を暗号化することもできます。 - 単一のドライブに複数のシステム - 現在動作中のオペレーティングシステムがインストールされているドライブに、他のオペレーティングシステムもインストールされていますか?\n\n注:たとえば現在動作中のOSがドライブ#0にインストールされており、このドライブには他のパーティションがあってそこに別のOS(Windows, Mac OS X, Linuxなど)がインストールされている場合は「はい」を選択してください。 - Windows以外のブートローダー - Windows以外のブートローダー(あるいはブートマネージャー)がマスターブートレコード(MBR)にインストールされていますか?\n\nたとえば起動ドライブの第一トラックにGRUB, LILO, XOSL等のWindows以外のブートローダー(ブートマネージャー)が存在するなら「はい」を選択してください。 - マルチブート - VeraCryptはマスターブートレコード(MBR)にWindows以外のブートローダーがインストールされているマルチブート環境には現在対応していません。\n\n対策として次の方法があります:\n\n- もしWindowsとLinuxのためにブートマネージャーを使用しているなら、MBRからパーティションにブートマネージャー(一般的にはGRUB)を移動してください。その後再度ウィザードを実行してシステムパーティション/ドライブを暗号化してください。なおVeraCryptブートローダーはプライマリブートマネージャーとなり、元のブートマネージャー(GRUBなど)をセカンダリブートマネージャーとして呼び出せるようになります(VeraCryptブートローダー画面でESCキーを押してください)。そうすればLinuxを起動できます。 - もし現在動作中のOSがこの起動パーティションにインストールされているのであれば、それを暗号化した後は、他の暗号化されていないWindowsを起動しようとするときにも、正しいパスワードを入力する必要があります(それらは一つの暗号化されたブートローダー/マネージャーを共有しています)。\n\n対照的に、もし現在動作中のOSがWindowsの起動パーティションにインストールされているのでなければ(あるいはWindowsブートローダー/マネージャーが他のシステムから使用されていない場合)、それを暗号化した後は、暗号化されていないシステムを起動する際にはパスワードは要求されません。非暗号化システムを起動するときはESCキーを押すだけです。もし非暗号化システムが複数あるときは、VeraCryptブートマネージャーメニューで起動するシステムを選択できます。\n\n注:一般的には、一番最初にインストールされたWindowsが起動パーティションにインストールされます。 - HPA(ホスト保護領域)の暗号化 - 多くのドライブの終端には、OSから隠された領域(一般にHPA(Host Protected Area)として知られています)が存在しています。ただしいくつかのプログラムはこの領域を読み書き可能です。\n\n警告:一部のコンピュータメーカーは、たとえばRAID・システムリカバリ・システムセットアップ・システム診断等の目的で、この領域に何らかのツールやデータを保持しています。これらのツールやデータに、システムの起動前にアクセスできる必要がある場合は、この隠し領域は暗号化してはいけません(上で「いいえ」を選択してください)。\n\nシステムドライブの終端にあるこのような隠し領域についても検出し、暗号化しますか? - システム暗号化タイプ - 単にシステムパーティションあるいはシステムドライブ全体を暗号化したい場合は、このオプションを選択してください。 - あなたは誰かにOSを復号するよう強制されることがあるかもしれません。それを拒否できない状況は多数存在することでしょう(例えば脅迫されるなど)。このオプションを選択すれば、誰にもその存在を知られることのない隠しOSを作成できます(正しくガイドラインに沿うことが条件です)。かくて、隠しOSのパスワードを明かしたり、復号しなければならない状況を回避できます。詳しい説明は以下のリンクをクリックしてください。 - あなたは誰かにOSを復号するよう強制されることがあるかもしれません。それを拒否できない状況は多数存在することでしょう(例えば脅迫されるなど)。\n\nこのウィザードを使えば、誰にもその存在を知られることのない隠しOSを作成できます(正しくガイドラインに沿うことが条件です)。かくて、隠しOSのパスワードを明かしたり、復号しなければならない状況を回避できます。 - 隠しオペレーティングシステム - 以降のステップで、二つのVeraCryptボリューム(外殻と隠し)をシステムパーティションのすぐ次のパーティションに作成します。隠しボリュームには隠しOSを収めます。VeraCryptは隠しOSをシステムパーティション(現在起動中のOSがインストールされているところ)の内容をコピーして作成します。外殻ボリュームには、本当には隠す必要はないが一見秘密のように見えるファイルをコピーします。これらは、誰かがあなたに隠しOS用パーティションのパスワードを明かすように強制されたときのために存在します。隠しOS用パーティションにある外殻ボリュームのパスワードなら明かしても構いません。それでもなお隠しOSの存在は秘密に保たれます。\n\n最後に現在起動中のOSのシステムパーティションに新しくOSをインストールし、暗号化します。これは囮OSと呼ばれるものになります。これにはいかなる秘密のファイルも置いてはなりません。これは起動前認証用のパスワードを明かすように強制されたときのものです。結果的に、全体で三つのパスワードが存在することになります。そのうち二つ(囮OS用および外殻ボリューム用)は明かしても構いません。三つ目のパスワードを使用したとき、隠しOSが起動することになります。 - 隠しセクタの検出 - VeraCryptがシステムドライブ末端の隠しセクタを検出している間、しばらくお待ちください。検出し終わるまでに長時間かかるかもしれません。\n\n注:一部のコンピュータにおいては、ごくまれに、この検出処理中にシステムが無反応になってしまうかもしれません。もしそうなった場合は、コンピュータを再起動し、あらためてVeraCryptを実行してください。前回の処理を繰り返しますが検出処理はスキップします。この問題はVeraCryptのバグではありません。 - 暗号化する領域 - 現在起動中のWindowsがインストールされているドライブ全体を暗号化したい場合は、このオプションを選択してください。すべてのパーティションを含むドライブ全体(VeraCryptブートローダーを格納する先頭トラックを除く)が暗号化されます。その後、このドライブにインストールされたシステムおよびそこに保存されているデータを読み書きしたいときには、システムを起動するたびに正しいパスワードを入力しなければなりません。このオプションではWindowsがインストールされていない(あるいはそこからは起動しない)セカンダリドライブや外付けドライブは暗号化できません。 - ランダムデータの収集 - 鍵の生成 - CD/DVDを書き込めるドライブが接続されていません。起動可能なVeraCryptレスキューディスクを作成するためにはそのようなドライブが必要です。このレスキューディスクには、暗号鍵のバックアップ、VeraCryptブートローダー、オリジナルのシステムローダーなどが保存されます。\n\nVeraCryptレスキューディスクの作成を強く推奨します。 - CD/DVDを書き込めるドライブを持っていないので、レスキューディスクのISOイメージファイルをリムーバブルドライブ(USBフラッシュメモリなど)に保存する。 - 後でCD/DVDを書き込めるドライブを接続するので、処理をすぐに中止する。 - CD/DVDを書き込めるドライブを接続したので、レスキューディスクの作成を続行する。 - 以下の手順に従ってください:\n\n1) USBフラッシュメモリなどのリムーバブルドライブを接続する。\n\n2) VeraCryptレスキューディスクのイメージファイル (%s) をそのリムーバブルドライブにコピーする。\n\n将来VeraCryptレスキューディスクを使う必要ができた場合には、CD/DVDを書き込めるドライブを接続したコンピュータにこのリムーバブルドライブを接続し、CDあるいはDVDにイメージファイルを書き込むことで、起動可能なVeraCryptレスキューディスクを作成することができます。重要:VeraCryptレスキューディスクのイメージファイルは、個別のファイルではなくISOディスクイメージとして書き込む必要があることに注意してください。 - レスキューディスクのレコーディング - レスキューディスクが作成されました - システム暗号化の予備検査 - レスキューディスクの検証 - \nVeraCryptレスキューディスクの検証に成功しました。ドライブからディスクを排出し、安全な場所に保管してください。\n\n「次へ」で進みます。 - 警告:次のステップの間はVeraCryptレスキューディスクが挿入されていてはいけません。さもなければ正常に次のステップを完了することができません。\n\nレスキューディスクをドライブから抜き取り、安全な場所に保管してください。その後「はい」をクリックしてください。 - 警告:起動前の環境には技術的な制限があるため、起動前にVeraCryptが表示するメッセージ(例:Windows起動前)は日本語化されません。VeraCryptブートローダーのユーザーインターフェースは完全に英語表記となります。\n\n続けますか? - システムパーティション/ドライブを暗号化する前に、VeraCryptはすべてが正常に動作するか検証する必要があります。\n\n「テスト」をクリックすると、すべての必要なコンポーネント(例:起動前の認証モジュールやVeraCryptブートローダーなど)がインストールされ、コンピュータが再起動されます。そしてWindowsが起動する前に表示されるVeraCryptブートローダーでパスワードを入力する必要があります。Windowsが起動した後、予備検査の結果が自動的に通知されます。\n\n以下のデバイスに更新が行われます:ドライブ #%d\n\n\n「キャンセル」をクリックすると予備検査は実行されず、インストールも行われません。 - 重要なお知らせ -- 目を通してください(「印刷」で印刷します):\n\nWindowsの再起動に成功するまでは、どのファイルも暗号化されません。つまり何らかの失敗があってもデータが失われることはありません。ただし、何か誤ったことを行った場合、Windowsの起動が困難になるかもしれません。したがって以下のガイドラインを熟読し(できれば印刷してください)、もしWindowsが起動しなくなった場合にどうすれば良いかを把握してください。\n\n - Windowsが起動できない場合の対処方法 ------------------------------------------------\n\n注:以下の説明は暗号化前の段階のときのみ有効です。\n\n- もし正しいパスワードを入力してもWindowsが起動しなくなったとしても(あるいはいくら正しいパスワードを入力しても、VeraCryptにパスワードが違うと言われたとしても)どうか落ち着いてください。コンピュータの電源をいったん切ってから入れて再起動し、VeraCryptブートローダー画面になったらキーボードのESCキーを押してください(もしマルチブート設定になっていれば、起動するシステムを選択してください)。その後Windowsが起動し(暗号化されていない場合)、自動的にVeraCryptが起動前認証用コンポーネントをアンインストールするかどうかを尋ねてきます。強調しておきますが、このステップはシステムパーティション/ドライブが暗号化されている場合には働きません。たとえ誰かがこの手順を踏んだとしても、正しいパスワードなしにはそのドライブのWindowsを起動したりデータにアクセスしたりはできません。\n\n - - もしESCキーを押しても上記のように機能しない、Windows起動前にVeraCryptブートローダー画面が表示されないなどといった場合には、VeraCryptレスキューディスクをCD/DVDドライブに挿入してから再起動してください。もしVeraCryptレスキューディスク画面が表示されない、あるいは表示されても「Keyboard Controls」セクションに「Repair Options」が見あたらない場合は、BIOSがCD/DVDより先にハードディスクから起動するように設定されている可能性があります。もしそのケースに当てはまる場合は、再度コンピュータを再起動(リセット)してから、BIOSの起動画面が表示されたらすぐにF2かDELETEキーを押し、BIOSの設定画面が表示されるまで待ってください。もしBIOSの設定画面が表示されないようであれば、コンピュータを再起動(リセット)し、すぐにF2かDELETEキーを何度か繰り返し押してください。BIOS設定画面が表示されたら、CD/DVDドライブから先に起動するように設定を変更してください(具体的な方法はBIOSかマザーボードのマニュアルを参照してください)。それからコンピュータを再起動してください。これでVeraCryptレスキューディスク画面が表示されるはずです。VeraCryptレスキューディスク画面で「Repair Options」をF8キーを押して選択してください。この「Repair Options」メニューから「Restore original system loader」を選択してください。その後レスキューディスクをドライブから排出してコンピュータを再起動してください。これでWindowsが正常に起動するはずです(暗号化されていない場合)。\n\n - このプロセスはシステムパーティション/ドライブが暗号化されている場合には働き*ません*。たとえ誰かがこの手順を踏んだとしても、正しいパスワードなしにはそのドライブのWindowsを起動したりデータにアクセスしたりはできません。\n\n\nもしあなたがVeraCryptレスキューディスクを紛失して攻撃者がそれを見つけたとしても、正しいパスワードがなければ、システムパーティション/ドライブを復号することはでき*ません*。 - 予備検査完了 - 予備検査が無事に完了しました。\n\n警告:もし既存データをその場での暗号化中に電源が突然切られたり、ソフトウェアエラーやハードウェア障害によってOSがクラッシュしたりした場合、データの一部が壊れたり失われたりする可能性があります。したがって暗号化する前に必ずファイルのバックアップをとってください。まだバックアップをとっていなければすぐにバックアップしてください。「保留」をクリックしてから、ファイルのバックアップを行い、VeraCryptを再度起動して[システム]-[中断処理を再開]を選択することで暗号化を再開できます。\n\n準備ができたら「暗号化」で暗号化を開始してください。 - 「一時中断」か「保留」をクリックすることで暗号化あるいは復号処理をいつでも中断することができます。ウィザードを終了した後、コンピュータを再起動あるいはシャットダウンした後に、中断したところから処理を再開できます。またシステムやアプリケーションがシステムドライブを読み書きするときに遅くなることを防ぐため、VeraCryptは自動的にその読み書きが終わるのを待ちます(上のステータスを見てください)。その読み書きが終わると暗号化/復号処理を再開します。 - \n\n「ポーズ」あるいは「保留」をクリックして、いつでも暗号化を中断し、ウィザードを終了して、コンピュータを再起動あるいはシャットダウンし、中断した箇所から処理を再開することができます。なお、暗号化が完了するまではこのボリュームをマウントすることはできません。 - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - 隠しシステムの開始 - オリジナルシステム - Windowsは様々な種類のログファイルや一時ファイル等を、通常はユーザーに特に知らせることなくシステムパーティションに作成します。同様にメモリー上の情報を一時休止ファイルやページングファイルとして保存します。そのため、敵対者が元OSのパーティションにあるデータ(隠しシステムのコピー元)を解析した場合、たとえばあなたがVeraCryptのウィザードを隠しシステム作成モードで実行したことなどを見つけるかもしれません。これは隠しOSの存在を示唆します。\n\nこの問題を防ぐため、VeraCryptは次のステップで、元OSのあったパーティション上のデータすべてを安全に抹消します。その後、「みせかけの拒否」を達成するために、そのパーティションに新しいシステムをインストールし、暗号化しておく必要があります。このように囮システムを作成して、隠しOSを作成するすべての手順を終えてください。 - 隠しOSの作成に成功しました。ただし隠しOSの使用を開始する前に、そして「みせかけの拒否」を達成するためにも、VeraCryptを使って、現在起動中のシステムがインストールされているパーティションの内容すべてを抹消してください。まずその前に、コンピュータを再起動し、VeraCryptブートローダー画面(Windows起動前に表示されます)で、隠しOS用の起動前認証用のパスワードを入力してください。隠しシステムが起動するとVeraCryptウィザードが自動的に開始されます。\n\n注:もし今ここで隠しOSの作成を解除した場合、処理を再開できなくなり、隠しシステムにアクセスできなくなります(VeraCryptブートローダーが削除されるためです)。 - 中断中の隠しOS作成処理があります。この処理は未完了です。完了させるためには、コンピュータを再起動し、VeraCryptブートローダー画面(Windows起動前に表示されます)で、隠しOS用のパスワードを入力してください。\n\n注:もし今ここで隠しOSの作成を解除した場合、処理を再開できなくなくなります。 - 再起動して処理を続行する - 隠しOSの作成処理を解除する - 今は何もせずに後でまた尋ねる - \nできればこの文面を印刷してください(下の「印刷」をクリック)。\n\n\nVeraCryptレスキューディスクの使用方法(暗号化後) -------------------------------------------------------------------------------------\n\n - I. VeraCryptレスキューディスクの起動方法\n\nVeraCryptレスキューディスクを使うにはCD/DVDドライブにディスクを挿入してコンピュータを再起動してください。もしVeraCryptブートローダー画面が表示されない、あるいは表示されても「Keyboard Controls」に「Repair Options」が存在しない場合は、BIOSがCD/DVDより先にハードディスクから起動するように設定されている可能性があります。もしそのケースに当てはまる場合は、コンピュータを再起動してから、BIOSの起動画面が表示されたらすぐにF2かDELETEキーを押し、BIOSの設定画面が表示されるまで待ってください。もしBIOSの設定画面が表示されないようであれば、コンピュータを再起動(リセット)し、すぐにF2かDELETEキーを何度か繰り返し押してください。BIOS設定画面が表示されたら、CD/DVDドライブから先に起動するように設定を変更してください(具体的な方法はBIOSかマザーボードのマニュアルを参照してください)。それからコンピュータを再起動してください。これでVeraCryptレスキューディスク画面が表示されるはずですので「Repair Options」をF8キーを押して選択してください。\n\n\n - II.VeraCryptレスキューディスクの使用方法(暗号化後)\n\n - 1) もし起動後にVeraCryptブートローダー画面が表示されない(あるいはWindowsが起動しない)場合は、VeraCryptブートローダーが壊れている可能性があります。VeraCryptレスキューディスクによってブートローダーをリストアすることで、暗号化されたデータへのアクセスを復活させられます(ただし依然として正しいパスワードの入力が必要です)。レスキューディスクの画面で「Repair Options」→「Restore VeraCrypt Boot Loader」を選択して「Y」キーを押します。次にレスキューディスクを排出してコンピュータを再起動してください。\n\n - 2) もし何度正しいパスワードを入力してもパスワードが誤っていると言われる場合は、マスターキーあるいはその他の重要なデータが壊れている可能性があります。VeraCryptレスキューディスクによってそれらをリストアし、暗号化されたデータへのアクセスを復活させられます(ただし依然として正しいパスワードの入力が必要です)。レスキューディスクの画面で「Repair Options」→「Restore key data」を選択してください。パスワードを入力してから「Y」キーを押します。次にレスキューディスクを排出してコンピュータを再起動してください。\n\n - 3) もしVeraCryptブートローダーが壊れていた場合は、VeraCryptレスキューディスクから起動することで、ブートローダーの起動を回避できます。レスキューディスクをCD/DVDドライブに挿入してコンピュータを再起動します。レスキューディスクの画面でパスワードを入力してください。\n\n - 4) もしWindowsが壊れていて起動できないのであれば、VeraCryptレスキューディスクでWindowsの起動前にディスク/ドライブの暗号化を解除できます。レスキューディスク画面で「Repair Options」→「Permanently decrypt system partition/drive」を選択してください。正しいパスワードを入力を入力して、復号処理の終了をお待ちください。その後は、たとえばWindowsのセットアップディスクから起動するなどして、Windowsを修復してください。\n\n - 注:別の方法として、もしWindowsが破損しており(起動しない)、修復する(あるいはファイルにアクセスする)必要がある場合、次の手順でシステムパーティション/ドライブの暗号化解除を回避することもできます。 もし複数のOSを入れてマルチブート構成にしているのならば、その中で起動前認証が不要なものを起動してください。もしマルチブート構成にしていないのであれば、WinPE あるいは BartPE CD/DVD を使って起動したり、あるいはそのシステムドライブを他のマシンのセカンダリあるいは外付けドライブとして接続して、そのマシンを起動するという手もあります。いずれにせよそうやって起動した後、VeraCryptを実行して「デバイスの選択」をクリック、問題のシステムパーティションを選択して「OK」をクリック、[システム]-[起動前認証をせずにマウント]と選択して、起動前認証に使うパスワードを入力して「OK」をクリックします。このようにすることで、そのパーティションは通常のVeraCryptボリュームのようにマウントすることができます。\n\n\n - もしあなたがVeraCryptレスキューディスクを紛失して攻撃者がそれを見つけたとしても、正しいパスワードがなければ、システムパーティション/ドライブを復号することはできません。 - \n\n--非 常 に 重 要 -- できるだけ印刷してください(下の「印刷」をクリック)\n\n\n注:この文章は、囮システムの作成を開始するまで、隠しシステムを起動するたび毎回表示されます。\n\n\n - 安全かつ機密的に囮システムを作成する方法 ----------------------------------------------------------------------------\n\n「みせかけの拒否」を達成するため、囮OSをすぐ作成する必要があります。それには以下の手順に従ってください:\n\n - 1) セキュリティ上の理由のため、コンピュータをシャットダウンし、電源を切って少なくとも数分間(長いほど良いです)は放置してください。これはメモリー上に残ったデータをクリアするために必要です。その後、電源を入れてください。ただし隠しシステムは起動しないでください。\n\n - 2) 内容が削除されているパーティションにWindowsをインストールしてください(つまり、隠しシステムのコピー元であるOSがインストールされていたパーティション)。\n\n重要:囮システムのインストールを開始すると、WindowsインストーラーがVeraCryptブートローダーを上書きするため、隠しシステムを起動できなくなります。これは想定された事態であり異常ではありません。どうか慌てないでください。囮システムの暗号化を開始することですぐに、再び隠しシステムを起動できるようになります。VeraCryptがブートローダーを自動的にシステムドライブにインストールするからです。\n\n重要:囮システムパーティションのサイズは隠しシステムボリュームと同じままである必要があります(この状態は現在満たされています)。加えて、囮システムパーティションと隠しシステムパーティションの間にパーティションを作ってはなりません。\n\n - 3) 手順2でインストールした囮システムを起動します。VeraCryptもインストールしておいてください。\n\n囮システムには、秘密にしたいデータは一切保存してはなりません。\n\n - 4) 囮システムでVeraCryptを実行し、[システム]-[システムパーティション/ドライブの暗号化]を選択してください。VeraCryptボリューム作成ウィザードが起動します。\n\nウィザードを以下の手順で進めてください。\n\n - 5) ボリューム作成ウィザードでは「隠し」オプションを選択しないでください。「通常」オプションを選択し「次へ」をクリックしてください。\n\n - 6)「Windowsシステムパーティションの暗号化」オプションを選択し、「次へ」をクリックしてください。\n\n - 7) もしコンピュータに隠しシステムと囮システムの二つだけしかインストールされていないのなら、「シングルブート」オプションを選択してください。それ以外のシステムもインストールされているのであれば「マルチブート」オプションを選択してください。それから「次へ」をクリックしてください。\n\n - 8) 重要:このステップで、囮システムに対して“隠しシステムとまったく同じ”暗号化アルゴリズムとハッシュアルゴリズムを選択してください! さもなければ隠しシステムにアクセスできなくなります! つまり囮システムは隠しシステムと同じ暗号化アルゴリズムで暗号化される必要があります。注:これは囮システムと隠しシステムは単一のブートローダーを共用しているからであり、このブートローダーはユーザーに指定された単一のアルゴリズムのみサポートしていることによります。\n\n - 9) このステップで、囮OS用のパスワードを設定してください。このパスワードは、起動前認証用のパスワードの開示を敵対者に強要されたときに明かしても構わないものです(もう一つの明かして構わないパスワードは外殻ボリューム用のものです)。その場合でも、第三の、すなわち隠しOS用の起動前認証パスワードの存在は秘密に保たれたままです。\n\n重要:囮システム用のパスワードは、隠しボリューム用(すなわち隠しOS用)のものとは大幅に変えるようにしてください。\n\n - 10) ウィザードの残りに手順に従って進めると、囮OSが暗号化されます。\n\n\n\n - 囮システムの作成後 ------------------------------------------------\n\n囮システムを作成すれば、隠しOSの作成プロセスをすべて完了したことになります。その時点で、あなたは次の三つのパスワードを使い分けることになります:\n\n1) 隠しOS用の起動前認証パスワード\n\n2) 囮OS用の起動前認証パスワード\n\n3) 外殻ボリューム用のパスワード\n\n - 隠しOSを起動したい場合は、VeraCryptブートローダー画面(コンピュータの電源を入れるか再起動した後に表示)で、隠しOS用のパスワードを入力する必要があります。\n\n囮OSを起動したい場合は、VeraCryptブートローダー画面で、囮OS用のパスワードを入力する必要があります。\n\n囮OS用のパスワードは起動前認証パスワードの開示を強要する人に明かしても構いません。それでも隠しボリューム(および隠しOS)の存在は秘匿されたままです。\n\n - 第三のパスワード(外殻ボリューム用)は、システムパーティション直後のパーティション(外殻ボリュームと隠しボリュームが存在しています)のパスワードの開示を強要する人に明かしても構いません。それでも隠しボリューム(および隠しOS)の存在は秘匿されたままです。\n\n\n - もしも囮システム用のパスワードを敵対者に明かしたとき、なぜ(囮)システムパーティションの空き領域がランダムデータで埋められているのかを尋ねられたら、たとえば次のように答えることができるでしょう。「このパーティションは以前からVeraCryptでシステムの暗号化をしていましたが、起動前認証用のパスワードを忘れた(あるいはシステム障害で起動しなくなった)ため、Windowsを再インストールするはめになり、その後もう一度暗号化したのです」\n\n\n - もし、この説明書の手順がすべて遵守され、ユーザーズガイドの「隠しボリュームの安全に関する必要事項と予防策」の記載内容によく留意しておくならば、たとえ外殻ボリュームがマウントされたり、囮OSの暗号化が突破されたとしても、隠しボリュームや隠しOSの存在を検知することは不可能です。\n\nもしこの文面のコピーを保存したり印刷(プリンタの内蔵ドライブに文面が保存されるのでなければ、強く推奨します)したなら、囮システムを作成し、文書の内容すべてを理解した後、その紙やコピーを破棄すべきです。そうしないと、もしその紙が見つかったならば、このコンピュータに隠しOSがあることを推測されるおそれがあるからです。\n\n - 警告:隠しボリュームを保護(方法はユーザーズガイドの「隠しボリュームを破損から守る」を参照ください)していない場合、外殻ボリュームに書き込みをしないでください(囮OSは外殻ボリュームにインストールされているわけではありません)。さもなければ、隠しボリューム(そしてその中の隠しOS)の内容を上書きし、破壊してしまいます! - オペレーティングシステムの複製 - 次のステップで、VeraCryptはシステムパーティションから隠しボリュームへファイルをコピーすることで隠しOS領域を作成します(囮OS領域とは別の暗号鍵で即時暗号化しながらコピーします)。\n\nこの処理はWindows起動前の環境で行われ、完了するまでに長時間かかることに注意してください。処理時間はシステムパーティションのサイズやコンピュータの性能にもよりますが、数時間から数日かかることもあります。\n\nこの処理を途中で中断し、コンピュータを再起動した後にあらためて再開することも可能です。ただし、もし処理を中断した場合は、システムのコピー処理からやり直しになります。これはシステムパーティションとコピー先の内容を同一にするために必要です。 - 隠しOSの作成をキャンセルしますか?\n\nここで処理をキャンセルした場合、後で処理を再開することはできません。 - システム暗号化の予備検査をキャンセルしますか? - VeraCryptのシステム暗号化予備検査に失敗しました。もう一度予備検査をしますか?\n\nもし「いいえ」を選んだ場合、起動前認証用コンポーネントがアンインストールされます。\n\n注:\n\n- もしVeraCryptブートローダーがWindowsが起動する前にパスワードの入力を要求してこなかった場合、ブートローダーがインストールされたのではないドライブからOSが起動している可能性があります。このケースには対応していません。\n\n- もしAES以外の暗号化アルゴリズムを使って予備検査に失敗した(そしてパスワードは入力した)場合、不適切な設計のドライバーに起因している可能性があります。「いいえ」を選択し、システムパーティション/ドライブをAESを使って暗号化しなおしてみてください(メモリ使用量が最少になります)。\n\n- その他に考えられる原因や対処方法については、https://veracrypt.codeplex.com/wikipage?title=Troubleshooting をご覧ください。 - システムパーティション/ドライブは部分的にも全体的にも暗号化されていないようです。 - システムパーティション/デバイスは暗号化されています(部分的あるいは全体的)。\n\n処理を進める前にシステムパーティション/デバイス全体の暗号化を解除してください。VeraCryptのメインウィンドウのメニューから[システム]-[暗号化の解除]を選択することで解除できます。 - システムパーティション/ドライブが部分的であれ全体であれ暗号化されている場合は、VeraCryptをダウングレードできません。ただしアップグレードあるいは同じバージョンでの再インストールは可能です。 - システムパーティション/ドライブは暗号化中か復号中か、もしくはその他の処理で更新中です。処理を進める前に暗号化/復号/更新を中断してください。あるいはそれらが終了するまで待ってください。 - VeraCryptボリューム作成ウィザードが他に起動しており、システムパーティション/ドライブの暗号化あるいは復号の準備中あるいは実行中です。処理を進める前に、そちらを終了するかあるいは処理が終わるのを待ってください。もし終了できない場合はコンピュータを再起動してください。 - システムパーティション/ドライブの暗号化あるいは復号処理はまだ終了していません。処理を進める前にそちらが終了するのを待ってください。 - エラー:パーティション/ドライブの暗号化処理が完了していません。最初にこの処理を完了させる必要があります。 - エラー:パーティション/ボリュームの暗号化処理は完了していません。これは必ず最初に完了させる必要があります。\n\n注:処理を再開するには、メインウィンドウのメニューバーから[ボリューム]-[中断処理を再開]を選択してください。 - 正しいパスワードによって、VeraCryptはボリュームヘッダを復号し、このボリュームが隠しシステムボリュームであることを検出することに成功しました。ただし今の状態では隠しシステムボリュームのヘッダを変更することはできません。\n\n隠しシステムボリュームのパスワードを変更するには、隠しOSを起動してVeraCryptのメニューから[システム]-[パスワード変更]を選択してください。\n\nヘッダキーの導出アルゴリズムを設定するには隠しOSを起動し、[システム]-[ヘッダキー導出アルゴリズムの設定]を選択してください。 - VeraCryptは隠しシステムパーティションをその場所に復号することには対応していません。\n\n注:囮用OSを復号したい場合は、囮用OSを起動した後、VeraCryptのメニューから[システム]-[システムパーティション/ドライブの暗号化を解除]を選択してください。 - エラー:正しくないか無効なパラメータです。 - パーティションあるいはデバイスが選択されていますが、ウィザードモードではコンテナファイルのみ適応しています。\n\nウィザードモードから変更しますか? - 代わりにVeraCryptコンテナファイルを作成しますか? - システムパーティション/ドライブ(あるいはブートパーティション)が選択されていますが、このウィザードモードはシステム以外のパーティション/ドライブにのみ適応しています。\n\n起動前に認証(つまりWindowsを起動するたびに起動前のパスワード入力が必要になります)を行うようにし、システムパーティション/ドライブを暗号化しますか? - 本当にシステムパーティション/ドライブの暗号化を解除しますか? - 注意:システムパーティション/ドライブの暗号化を解除した場合、復号されたデータが書き込まれます。\n\n本当にシステムパーティション/ドライブの暗号化を解除しますか? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - 警告:多段アルゴリズムを使用してシステムを暗号化した場合、次のような問題に直面する可能性があります。\n\n1) VeraCryptブートローダーが通常より大きなサイズになるため、VeraCryptブートローダーのバックアップのための十分な領域をドライブの最初のトラックに得られません。そのためにその領域が破損する(これはしばしば発生します。たとえば設計が不適切なプログラムによるアクティベーション処理などです)たびにレスキューディスクから起動して、ブートローダー領域を修復する必要があります。\n\n2) 一部のコンピュータでは休止状態からの復帰により時間がかかるようになります。\n\n多段ではないアルゴリズム(例:AES)を使えば、このような潜在的な問題には遭遇しません。\n\n本当に多段アルゴリズムでの暗号化を行いますか? - もし上記の問題が発生した場合は、もし暗号化されているのならパーティション/ドライブを復号し、あらためて多段ではないアルゴリズム(例:AES)での再暗号化を試みてください。 - 警告:安全性とセキュリティ上の理由により、隠しOSより先に囮用OSのVeraCryptをアップデートすべきです。\n\nそのためにはまず囮用OSを起動し、そこに入れたVeraCryptインストーラを実行してください。次に隠しOSを起動し、そこに入れたVeraCryptインストーラを実行するようにします。\n\n注:囮用OSと隠しOSは一つのブートローダーを共有しています。もし隠しOSのVeraCryptのみアップグレードした場合、囮用OSにはブートローダーと違うバージョン番号を持つVeraCryptドライバおよびアプリケーションが残されることになります。このような矛盾は隠しOSが存在することを示唆することになります。\n\n\n本当に続けますか? - このOSを起動したVeraCryptブートローダーのバージョン番号が、このOSにインストールされているVeraCryptのドライバおよびアプリケーションのバージョン番号と異なっています。\n\nブートローダーと同じバージョン番号を持つVeraCryptインストーラを実行して、このOSのVeraCryptをアップデートすべきです。 - このOSを起動したVeraCryptブートローダーのバージョンが、このシステムにインストールされているVeraCryptのドライバおよびアプリケーションのものと異なります。古いバージョンは新しいバージョンで修正されたバグを含んでいる可能性があります。\n\nもしVeraCryptレスキューディスクから起動したのでなければ、最新かつ安定版のVeraCryptへアップグレードあるいは再インストールすべきです(ブートローダーも同時にアップグレードされます)。\n\nもしVeraCryptレスキューディスクから起動したのであれば、[システム]-[レスキューディスク作成] で最新のものにしてください。 - VeraCryptブートローダーがアップグレードされました。\n\nコンピューターを再起動後に[システム]-[レスキューディスク作成]を選択して、新しいレスキューディスク(新バージョンのブートローダー入り)を作成することを強く推奨します。 - VeraCryptブートローダーがアップグレードされました。\n\n囮用OSを起動し、[システム]-[レスキューディスク作成]を選択して、新しいVeraCryptレスキューディスク(新バージョンのVeraCryptブートローダーが含まれます)を作成することを強く推奨します。 - VeraCryptブートローダーのアップグレードに失敗しました。 - システムドライブの実サイズの検出に失敗したため、代わりにOSから得た情報を使用します(実サイズより小さい可能性があります)。これはVeraCryptのバグではありません。 - 警告:VeraCryptはすでにこのシステムドライブの隠しセクタを検出しようとしていたようです。もし前回の検出処理時に問題があったのであれば、今回の検出処理をスキップすることで問題を回避することができます。もしそうした場合は、VeraCryptはOSが報告してきたドライブサイズ(おそらく実際のサイズより小さいでしょう)を使用します。\n\nこの問題はVeraCryptのバグに起因するものではありません。 - 隠しセクタの検出をスキップする(OSが報告するサイズを使用する) - 隠しセクタの検出を再度行う - エラー:ディスク上の一つあるいは複数のセクターが読み込めません(おそらく物理的な原因です)。\n\nその場での暗号化処理は、セクターの読み込みが回復するまで続行できません。VeraCryptはセクターに0を書き込むことで読み込みが回復するか確認できます(その後、そのようにすべて0のブロックも暗号化されます)。ただしこの場合、読み込めなかったセクターの元の内容が失われることに注意してください。それを避けたいのであれば、他の適切なソフトウェアで破損データの回復を試すこともできます。\n\n注:単なるデータ破損やチェックサムエラーではなく、セクターが物理的に破損していた場合、ほとんどの記憶装置では、そのようなセクターへの書き込みを内部的に別セクターに差し替えます。そのため、破損セクター上のデータは暗号化されずに残ったままとなります。\n\nVeraCryptが読み込めないセクターに0を書き込んでも良いですか? - エラー:ディスク上の一つあるいは複数のセクターが読み込めません(おそらく物理的な原因です)。\n\n復号処理を続行するためには、VeraCryptは読み込めないセクターの内容を破棄する必要があります(その内容は疑似乱数データに書き換えられます)。復号処理を続行する前に他の適切なソフトウェアで破損データの回復を試すことができます。\n\n読み込めないセクターの内容を破棄しますか? - 注:VeraCryptは %I64d 個の読込不能セクター (%s) へ0を書き込み、暗号化しました。 - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - トークン '%s' に対するパスワード/PINを入力してください: - VeraCryptがセキュリティトークンやスマートカードへアクセスするためには、事前にPKCS#11ソフトウェアライブラリのインストールが必要です。そのようなライブラリは、トークンやカードに付属しているか、あるいはメーカー等のウェブサイトからダウンロードできるようになっているものと思われます。\n\nライブラリをインストールした後、「ライブラリの選択」をクリックしてライブラリを指定するか、「ライブラリ自動検出」をクリックしてライブラリの自動検出をしてください(なお自動検出はWindowsのシステムディレクトリのみ検索します)。 - 注:セキュリティトークンやスマートカード用のPKCS#11ライブラリの場所とファイル名を指定します。トークンやカードなどに付属の説明書も参照してください。「OK」をクリックしてファイル名と場所を指定してください。 - VeraCryptがセキュリティトークンやスマートカードへアクセスするためには、PKCS#11ソフトウェアライブラリを選択する必要があります。 [設定]-[セキュリティトークン]を選択してください。 - PKCS#11セキュリティトークン用ライブラリの初期化に失敗しました。\n\nPKCS#11ライブラリの場所とファイル名の設定に誤りがないか確認してください。設定をするには、[設定]-[セキュリティトークン]を選択してください。 - PKCS#11ライブラリがWindowsシステムディレクトリに見つかりませんでした。\n\nセキュリティトークンやスマートカード用のPKCS#11ライブラリがインストールされているか確認してください。そのようなライブラリはトークンやカードに付属しているか、あるいはメーカー等のウェブサイトからダウンロードできるようになっているものと思われます。Windowsシステムディレクトリ以外の場所にインストールされている場合は、「ライブラリの選択」をクリックしてライブラリの場所を指定してください(例:トークンやカード用のソフトウェアがインストールされているフォルダなど)。 - セキュリティトークンが見つかりませんでした。\n\nセキュリティトークンがコンピュータに接続されており、正しいデバイスドライバがインストールされているか確認してください。 - セキュリティトークンキーファイルが見つかりません。 - 同じ名前のセキュリティトークンキーファイルが既に存在しています。 - 選択されたファイルを削除しますか? - セキュリティトークンキーファイルの場所が正しくありません。 - セキュリティトークンエラー - セキュリティトークンのパスワードが正しくありません。 - セキュリティトークンに、要求された操作を行うための充分なメモリー/空き領域がありません。\n\nキーファイルをインポートしようとしているのであれば、もっと小さなファイルを指定するか、[ツール]-[キーファイル生成]を選択してVeraCryptでキーファイルを生成してください。 - すべてのセキュリティトークンセッションが閉じられました。 - セキュリティトークンキーファイルを選択 - スロット - トークン名 - ファイル名 - 重要:起動前認証時のパスワードは、キーボードが常にUS標準配列であるものとして入力されます。したがって、その他のキー配列のキーボードから入力したパスワードを使用したボリュームは、起動前認証パスワードを使ったマウントが不可能かもしれません(これはVeraCryptのバグではありません)。そのようなボリュームを起動前認証でマウントするには以下の手順を行ってください。\n\n1) 「ファイルの選択」あるいは「デバイスの選択」をクリックして、ボリュームを選択する。 2) メニューから [ボリューム]-[ボリュームパスワードの変更] を選択する。 3) そのボリュームの現在のパスワードを入力する。 4) Windowsタスクバーにある言語バーアイコンをクリックして「EN 英語(米国)」を選択することで、キーボードレイアウトを英語(米国)に切り替える。 5) VeraCryptの画面で新規パスワード欄に、起動前認証用のパスワードを入力する。 6) パスワード確認欄にも同じパスワードを入力し、「OK」をクリックする。 警告:これらの手順を行った場合は、そのボリュームのパスワードは常にUS標準配列で入力する必要があります(Windowsの起動前なら自動的にそのような状態になっています)。 - システムお気に入りボリュームは起動前認証用パスワードによってマウントされます。もし違うパスワードを使うシステムお気に入りボリュームがあった場合、そのボリュームはマウントされません。 - 通常のVeraCryptボリュームへの操作(全てアンマウント、自動マウントなど)が、システムお気に入りボリュームに波及しないようにしたい場合は、「システムお気に入りボリュームの表示およびアンマウントを管理者のみに限定する」オプションを有効にしてください。なおこのとき、もしVeraCryptを管理者権限なしに実行した場合は(Vista以降はこれがデフォルトです)、システムお気に入りボリュームはVeraCryptメインウィンドウのドライブリストに表示されなくなります。 - 重要:このオプションを有効にし、かつ管理者権限なしにVeraCryptが実行された場合、マウントされたシステムお気に入りボリュームはVeraCryptのメインウィンドウ上に表示されず、アンマウントもできないことを忘れないでください。したがって、もし、たとえばシステムお気に入りボリュームをアンマウントする必要があるのなら、まずスタートメニューのVeraCryptアイコンを右クリックして「管理者として実行」を選択してください。同様の制限が「全てアンマウント」「自動アンマウント」機能や、ホットキーによる「全てアンマウント」などにも適用されます。 - この設定の効果はOSの再起動後に有効になります。 - コマンドラインの解析でエラーが発生しました。 - レスキューディスク - ファイルを選択してマウント(&F)... - デバイスを選択してマウント(&D)... - システムお気に入りボリュームの表示およびアンマウントを管理者のみに限定する - Windows開始時にシステムお気に入りボリュームをマウントする - 警告:ドライブ '%s' としてマウントされたボリュームのファイルシステムは、正しくアンマウントされなかったためにエラーが発生しています。壊れたファイルシステムを使用することは、データを失ったり破損したりする原因となります。\n\n注:VeraCryptボリュームをマウント中のデバイスを、取り外したりその電源を切ったりする前(USBフラッシュドライブや外付けハードディスクなど)に、必ずボリュームのアンマウントを行ってください。\n\n\nWindowsにファイルシステムのエラーを検出させて修復しますか? - 警告:一つかそれ以上のシステムお気に入りボリュームが正しくアンマウントされなかったため、ファイルシステムにエラーが発生している可能性があります。詳細はシステムのイベントログを参照してください。\n\n破損したファイルシステムを使用することは、データの消失や破損の原因となります。システムお気に入りボリュームにエラーがないかチェックしてください(VeraCrypt上でそれらを右クリックし「ファイルシステムの修復」を選択してください)。 - 警告:マイクロソフトの「chkdsk」ツールで破損したファイルシステムを修復することで、破損領域内にあった各ファイルが失われる可能性があります。したがって、まず最初にこのVeraCryptボリューム内のファイルを、別の破損していないVeraCryptボリュームにバックアップすることをお勧めします。\n\n今すぐこのファイルシステムを修復しますか? - ボリューム '%s' は、書込が禁止されているため読み取り専用でマウントされました。\n\nコンテナファイルに書き込みが可能かどうか確認してください(コンテナファイルを右クリック→プロパティ→セキュリティ)。\n\nWindows自体の不具合により、適切なアクセス許可を設定した後でもこの警告が表示されることがあります。これはVeraCryptのバグによるものではありません。解決方法の一つとして、コンテナファイルをたとえば「ドキュメント」フォルダに移動するなどといった方法があります。\n\n意図的にボリュームを読み取り専用にしたい場合は、読み取り専用属性をコンテナファイルに設定してください(コンテナファイルを右クリック→プロパティ→「読み取り専用」にチェック)。この場合はこの警告は出なくなります。 - ボリューム '%s' は、書込が禁止されているため読み取り専用でマウントされました。\n\n他のアプリケーション(例:アンチウィルスソフトなど)が、このボリュームが存在しているパーティション/デバイスにアクセスしていないか確認してください。 - ホストとなっているデバイスが書込禁止のため、ボリューム '%s' は読み取り専用でマウントされました。\n\nいくつかのカスタムチップセットドライバは、書込可能なメディアを誤って書込禁止であるかのように通知してくることがあることに注意してください。これはVeraCryptの問題ではありません。現在のシステムにインストールされているカスタム(非マイクロソフト製)チップセットドライバをアンインストールあるいはアップデートすることで、この問題が解決するかもしれません。 - ハイパースレッディングテクノロジーは、単体の物理コアで複数の論理コアを提供します。ハイパースレッディングが有効になっているときは、上で選択した数は論理プロセッサ/コアの数を示します。 - %d スレッド - ハードウェアによるAES処理の高速化が無効であるため、ベンチマークの結果は悪くなります。\n\nハードウェアによる高速化を有効にするには [設定]-[パフォーマンス] を選択し、該当するオプションを有効にしてください。 - 処理に使用するスレッド数が現在制限されているため、ベンチマークの結果は悪くなります。\n\nプロセッサのポテンシャルを全て引き出すには [設定]-[パフォーマンス] を選択し、該当するオプションを無効にしてください。 - このパーティション/ドライブの書込禁止の解除を試みますか? - 警告:この設定はパフォーマンスを低下させます。\n\n本当にこの設定を使用しますか? - 警告:VeraCryptボリュームの自動的アンマウント - マウント中のボリュームが存在するデバイスを物理的に取り外したり電源を切ったりする先に、常にまずVeraCryptボリュームをアンマウントすべきです。\n\n想定外に勝手にアンマウントされるのは、ケーブルやドライブ等が断続的につながらなくなっているのが大抵の原因です。 - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - テスト - キーファイル - Backspace - Tab - Clear - Enter - Pause - Caps Lock - Spacebar - Page Up - Page Down - End - Home - - - - - Select Key - Print Key - Execute Key - Print Screen - Insert - Delete - Applications Key - Sleep - Num Lock - Scroll Lock - Browser Back - Browser Forward - Browser Refresh - Browser Stop - Browser Search - Browser Favorites - Browser Home - Mute - Volume Down - Volume Up - Next Track - Previous Track - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Application 1 - Application 2 - Attn - CrSel - ExSel - Play - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + キャンセル + 全てのユーザにインストール(&f) + 参照(&w)... + VeraCryptアイコンをデスクトップに作成する(&D) + 寄付する... + 拡張子「.hc」をVeraCryptに関連づける(&e) + 完了時にフォルダを開く(&O) + VeraCryptをスタートメニューに追加(&S) + システム復元ポイントの作成(&R) + アンインストール(&U) + 展開のみ(&E) + インストール(&I) + VeraCryptセットアップウィザード + VeraCryptのアンインストール + ヘルプ(&H) + 展開先を選択するか入力してください: + インストール先を選択するか入力してください。存在しないフォルダを指定した場合は自動的に作成します。 + VeraCryptをシステムから除去するためには「アンインストール」をクリックしてください。 + 中断 + ベンチマーク(&B) + テスト(&T) + 暗号化ボリュームを作成してフォーマット + パーティションをその場で暗号化 + 生成キーを表示 (部分) + プール内容の表示 + CD/DVDライティングソフトをダウンロード + 暗号化されたファイルコンテナを作成 + &GB + &TB + 詳細情報 + VeraCrypt隠しボリューム(&d) + 隠しボリュームについて + ダイレクトモード + 通常モード + &KB + キーファイルを使用(&S) + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + キーファイル(&K) + ハッシュアルゴリズムについて + 暗号について + Information on PIM + &MB + コンテナについて + システムの暗号化について + 詳細情報 + マルチブート + 非システムパーティション/ドライブを暗号化 + 履歴を保存しない(&N) + 外殻ボリュームを開く + ポーズ(&P) + Use P&IM + Use PIM + クイックフォーマット + パスワード表示(&D) + パスワードを表示(&D) + &Display PIM + シングルブート + VeraCrypt標準ボリューム + 隠し(&d) + 通常 + システムパーティションあるいはシステムドライブ全体を暗号化 + Windowsシステムパーティションを暗号化 + ドライブ全体の暗号化 + VeraCryptボリューム作成ウィザード + クラスター + 重要:このウィンドウ内にてできるかぎりランダムにマウスを動かしてください。これにより暗号鍵の強度を大幅に上げられます。長く動かすほど良い結果を得られます。終わったら「次へ」をクリックしてください。 + 確認入力(&C): + 完了 + Drive letter: + 暗号化アルゴリズム + ファイルシステム + ファイルとして仮想暗号化ディスクを作成します。\n初心者にはこちらを推奨します。 + オプション + ハッシュアルゴリズム + ヘッダーキー: + 残り + マスターキー: + このマシンに複数のOSがインストールされている場合はこのオプションを選択してください。\n\n例:\n- Windows XP + Windows XP\n- Windows XP + Windows Vista\n- Windows + Mac OS X\n- Windows + Linux\n- Windows + Linux + Mac OS X + 内蔵あるいは外付けの、システムを含まないパーティション(例:フラッシュドライブ)を暗号化します。隠しボリュームも作れます。 + カレントプールの内容(部分) + パス + パスワード: + Volume PIM: + Volume PIM: + 進行状況: + ランダムプール: + このマシンにインストールされたOSが一つだけの場合はこのオプションを選択してください(複数ユーザーで使っていても同様)。 + スピード + ステータス + 暗号鍵、ソルト、その他のデータの生成に成功しました。新しい暗号鍵を生成したい場合は「戻る」をクリックして「次へ」をクリックしてください。それ以外は「次へ」をクリックしてください。 + Windowsがインストールされているパーティションあるいはドライブを暗号化します。このシステム上のファイルを読み書きするためには、Windowsを起動するたびに正しいパスワードを入力しなければならなくなります。隠しシステムを作ることもできます。 + 現在起動中のWindowsがインストールされているパーティションを暗号化する場合はこのオプションを選択してください。 + Volume Label in Windows: + ワイプモード: + 閉じる + Escキーによる起動前認証のスキップを許可(ブートマネージャを有効化)(&a) + 何もしない + ボリュームの自動マウント(下欄で指定)(&A) + VeraCryptの起動(&S) + ライブラリ自動検出(&D) + メモリー上に起動前認証パスワードを(非システムボリュームのマウント用に)キャッシュする(&C) + 参照... + 参照... + パスワードやキーファイルをメモリに記憶する(&E) + 全てアンマウントされると常駐終了 + ボリュームのマウントに成功したときにトークンセッションを閉じる(&C) + Include VeraCrypt Volume Expander + VeraCryptボリューム作成ウィザードを含める + 作成 + ボリュームの作成(&C) + 起動前認証画面で一切の文字を表示しない(以下のカスタムメッセージを除く)(&s) + Disable "Evil Maid" attack detection + 可能ならCPUのAES処理命令セットを利用してAESによる暗号化/復号処理を高速化する + キーファイルを使用 + キーファイルを使用 + 終了(&X) + お気に入りボリュームについて + 選択したボリュームは「お気に入りをマウント」するホットキーが押されたとしてもマウントしない(&H) + 選択したボリュームをホストデバイスが接続されたときにマウントする(&c) + 選択したボリュームをログオン時にマウントする(&o) + 選択したボリュームを読み取り専用としてマウントする(&n) + 選択したボリュームをリムーバブルメディアとしてマウントする(&v) + 下へ(&D) + 上へ(&U) + 選択したボリュームのマウントに成功したらエクスプローラーを開く(&E) + 登録解除(&R) + Use favorite label as Explorer drive label + 全体設定 + ホットキーでのアンマウントに成功したときバルーンを表示 + ホットキーでのアンマウントに成功したとき音を鳴らす + Alt + Ctrl + Shift + Win + 割当 + 解除 + キーファイル... + 右に指定した数のプロセッサーは暗号化/復号処理に使用しない: + より詳しい情報へ + より詳しい情報へ + その他の設定... + デバイスの自動マウント(&A) + マウントオプション...(&O) + ボリュームを読み取り専用でマウント(&O) + キーファイル... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + 常駐する + パスワードをドライバのメモリに記憶する + 右に示す時間内に読み書きがなければ自動的にアンマウント + ユーザがログオフしたとき + User session locked + 省電力モードに入ったとき + スクリーンセーバの起動時 + ボリュームに開かれたファイルやフォルダがあっても強制的にアンマウント + すべてのデバイス型ボリュームをマウント + VeraCryptを常駐して開始 + ボリュームを読み取り専用でマウント + ボリュームをリムーバブルメディアとしてマウント + マウント成功時にそのボリュームのウィンドウを開く + Temporary Cache password during "Mount Favorite Volumes" operations + マウントされたボリュームがあるときにタスクバーアイコンを変える + 自動アンマウントの際に記憶していたパスワードを消去 + 終了時に記憶していたパスワードを消去 + コンテナファイルの更新日時を変更しない + リセット + デバイスの選択(&E) + ファイルの選択(&F) + ライブラリの選択(&L)... + パスワードを表示 + パスワードを表示 + マウントされたボリュームのウィンドウを開く(&E) + パスワードをドライバのメモリに記憶(&C) + TrueCrypt Mode + 全てアンマウント(&S) + ボリュームのプロパティ(&V)... + ボリュームツール(&T)... + 記憶済パスワードの消去(&W) + VeraCrypt - Mount Parameters + VeraCrypt - お気に入りボリューム + VeraCrypt - システム全体のホットキーの設定 + VeraCrypt + パスワードあるいはキーファイルの変更 + VeraCryptボリュームのパスワードの入力 + VeraCrypt - パフォーマンス設定 + VeraCrypt - 各種設定 + VeraCrypt - システム暗号化設定 + VeraCrypt - セキュリティトークン設定 + VeraCryptトラベラーディスクのセットアップ + VeraCryptボリュームのプロパティ + バージョン情報 + ボリュームへのキーファイルの追加/削除... + マウントされたボリュームをお気に入りに追加... + マウントされたボリュームをシステムお気に入りに追加... + システムクラッシュの解析... + ボリュームヘッダのバックアップ... + ベンチマーク... + ヘッダキー導出アルゴリズムの設定... + ボリュームパスワードの変更... + ヘッダキー導出アルゴリズムの設定... + パスワード変更... + ボリューム履歴の消去 + 全てのセキュリティトークンセッションを閉じる + 連絡先 + 隠しOSを作成... + レスキューディスク作成... + 新規ボリュームの作成... + Permanently Decrypt... + デフォルトキーファイル... + Default Mount Parameters... + 寄付する... + システムパーティション/ドライブの暗号化... + よくある質問と答え + ユーザーズガイド + ホームページ(&H) + ホットキー... + キーファイル生成 + 言語... + ライセンス表示 + セキュリティトークンキーファイルを管理... + 全てのデバイス型ボリュームをマウント + お気に入りに登録したボリュームをマウント + 起動前認証をせずにマウント(&A)... + ボリュームをマウント + ボリュームをオプションを指定しながらマウント + VeraCryptニュース + オンラインヘルプ + 初心者用チュートリアル + お気に入りボリュームを編成... + システムお気に入りボリュームを編成... + パフォーマンス... + システムパーティション/ドライブの暗号化を解除 + 各種設定... + ドライブリストの更新 + ボリュームから全てのキーファイルを削除... + ボリュームヘッダのリストア... + 中断処理を再開 + デバイスの選択... + ファイルの選択... + 中断処理を再開 + システムの暗号化... + プロパティ... + 設定... + システムお気に入りボリューム... + ダウンロード + ベクターのテスト... + セキュリティトークン... + トラベラーディスクのセットアップ... + 全てのボリュームをアンマウント + ボリュームをアンマウント + レスキューディスクのベリファイ + Verify Rescue Disk ISO Image + バージョン履歴 + Volume Expander + ボリュームのプロパティ + ボリューム作成ウィザード + VeraCryptウェブサイト + 記憶したパスワードの消去 + OK + ハードウェアによる高速化設定 + ショートカット + 自動実行ファイル(Autorun.inf)の設定 + 自動アンマウント + 右に示すときに \nすべてアンマウント: + ブートローダー画面オプション + パスワード確認: + 現在 + 起動前認証画面で次のメッセージを表示する(最大24文字): + デフォルトのマウントオプション + ホットキーオプション + Driver Configuration + Enable extended disk control codes support + 選択したお気に入りボリュームのラベル: + ファイルの設定 + 割り当てるキー: + このマシンのプロセッサ(CPU)がAES高速化に対応しているか: + ログオン時に自動的に実行する内容 + + ドライブレター: + マウントの設定 + 新規 + パスワード: + マルチスレッドによる並列処理設定 + PKCS#11ライブラリの場所 + 導出アルゴリズム: + PKCS-5 PRF: + パスワードの記憶 + セキュリティオプション + VeraCryptの常駐 + マウントするVeraCryptボリューム(トラベラーディスクからの相対位置): + トラベラーディスクが挿入されたとき: + トラベラーディスクファイルを作成する場所(トラベラーディスクのルートディレクトリ): + ボリューム + Windows + フォルダの追加(&P) + 全自動テスト(&A) + 続ける(&C) + 復号(&D) + 削除(&D) + 暗号化(&E) + エクスポート(&E)... + キーファイルの生成と保存... + ランダムキーファイルの生成(&G) + 言語パックをダウンロード + ハードウェアによるAES処理高速化: + キーファイルをトークンにインポート(&I)... + ファイルの追加(&F)... + キーファイルの使用(&S) + キーファイル(&K)... + 解除(&R) + 全て解除(&A) + 隠しボリュームによる保護とは? + キーファイルについて + ボリュームをリムーバブルメディアとしてマウント(&M) + システムを暗号化したパーティションを起動前認証せずにマウント(&u) + 並列処理: + ベンチマーク + 印刷(&P) + 隠しボリュームを外殻ボリュームへの書き込みによる破損から保護する(&P) + リセット(&R) + パスワード表示(&D) + トークンファイルの追加(&T)... + 可能ならボリュームに付加されたバックアップヘッダを使用する(&v) + XTSモード + VeraCryptについて + VeraCrypt - 暗号化アルゴリズムのベンチマーク + VeraCrypt - ベクターのテスト + コマンドラインのヘルプ + VeraCrypt - キーファイル + VeraCrypt - キーファイル生成 + VeraCrypt - 言語 + VeraCrypt - マウントオプション + 新しいセキュリティトークンキーファイルのプロパティ + VeraCrypt - ランダムプール強化 + パーティションまたはデバイスの選択 + VeraCrypt + セキュリティトークンキーファイル + セキュリティトークンのパスワードかPINが必要 + 現在の言語パック + 速度は CPU の負荷や記憶装置の特性に左右されます。\n\nこのテストはメモリ内で実行されます。 + バッファサイズ: + 暗号方式: + 隠しボリュームのパスワード(&A)(空なら記憶中のものを使用) + 隠しボリュームの保護 + 鍵サイズ: + 重要:このウィンドウ内にてできるかぎりランダムにマウスを動かしてください。これにより暗号鍵の強度を大幅に上げられます。長く動かすほど良い結果を得られます。 + 警告:もしキーファイルを紛失、あるいはその先頭1024キロバイト中に1ビットでも変化があった場合、そのキーファイルを使っているボリュームはマウントできなくなります! + ビット + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + 翻訳者: + 平文のサイズ: + ビット + 現在のプールの内容 + 混合用PRF: + 重要:このウィンドウ内でマウスをできるだけランダムに動かしてください。長く動かすほど良い結果となり、セキュリティを高められます。終了したら「続ける」をクリックしてください。 + セカンダリキー(16進) + セキュリティトークン: + 並び替え: + このままお待ちください。長時間かかるものと思われます。 + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + ブロック番号: + 暗号文(16進) + データユニット番号(64ビット16進, データユニットサイズ:512バイト) + 鍵(16進) + 平文(16進) + キーファイル名: + XTSモード + システム(&y) + ボリューム(&V) + お気に入り(&i) + ツール(&O) + 設定(&g) + ヘルプ(&H) + ホームページ(&P) + + バージョン情報(&A)... + 古いボリュームの読み取り専用属性を変更できません。ファイルのアクセス許可を確認してください。 + エラー:アクセスできません。\n\nアクセスしようとしたパーティションは、セクター長が0であるかブートデバイスであるかのいずれかです。 + 管理者 + VeraCryptのドライバをロードするためには、管理者権限を持つアカウントでログオンする必要があります。 + パーティションやデバイスを暗号化またはフォーマットするためには、管理者権限を持つアカウントでログオンする必要があります。\n\nただしファイル型ボリュームの場合はその限りではありません。 + 隠しボリュームの作成には管理者権限を持つアカウントでログオンする必要があります。\n\n作業を続けますか? + ボリュームをNTFSでフォーマットするには、管理者権限を持つアカウントでログオンする必要があります。\n\nただし管理者権限がなくても、FATでならフォーマット可能です。 + FIPS(連邦情報処理基準)で規格化された暗号化方式(Rijndael 1998年)であり、アメリカ政府の各省庁において、最高機密レベルの情報保護に使われています。256ビットの鍵長、128ビットブロックで、ラウンド数は14です(AES-256)。動作モードはXTSです。 + ボリュームはすでにマウントされています。 + 注意:自動セルフテストにおいて、暗号化あるいはハッシュのアルゴリズムのテストに失敗しました!\n\nおそらくVeraCryptのインストールに失敗しています。 + 注意:乱数生成器において、要求された量のランダムなデータを生成できませんでした。\n\nこれ以上作業を進めるべきではありません。メニューの[ヘルプ]-[バグを報告する]から、このエラーを報告してください。 + このドライブに障害(物理的な故障)があるか、ケーブルに異常があるか、あるいはメモリに異常があります。\n\nこれはハードウェアの問題であってVeraCryptの問題ではありません。したがってこの件についてVeraCryptフォーラムにバグ報告をしたり助けを求めたりしないでください。コンピュータメーカーの技術サポートへご連絡ください。よろしくお願いいたします。\n\n注:もしこのエラーが同じ箇所で何度も繰り返される場合、ディスクブロック不良の可能性が高いです。サードパーティ製の修正用ソフトで修正してください。(なお、ほとんどのケースでは 'chkdsk /r' コマンドは効きません。chkdskコマンドはファイルシステムレベルにしか働きません。chkdskコマンドはディスクブロック不良を発見できないことさえあります。) + リムーバブルメディア用のドライブにアクセスする際は、メディアがドライブに装着されているかをよくご確認ください。このドライブもしくはメディアが破損・故障している(おそらく物理的な異常です)か、あるいはケーブルが切断もしくは接続されていないようです。 + ご使用中のシステムのカスタムチップセットドライバに、システムドライブ全体の暗号化を妨げるバグがあるように思われます。\n\n手順を進める前に、(マイクロソフト以外の)カスタムチップセットドライバの更新あるいはアンインストールを試みてください。それでもうまくいかなければ、システムパーティションのみの暗号化を試してみてください。 + ドライブレターが無効です。 + 無効なパスです。 + キャンセル + デバイスにアクセスできません。選択したデバイスが存在しているか、あるいはシステムで使用中でないか確認してください。 + 警告:Caps Lockキーがオンになっています。 そのためパスワードの入力を誤る可能性があります。 + ボリュームタイプ + あなたは誰かに暗号化ボリュームのパスワードを明かすように強要されることがあるかもしれません。それを拒否できない状況(恐喝されるなど)もいろいろとあり得ます。「隠しボリューム」を使うことで、パスワードを明かさずに済むようになります。 + 通常のVeraCryptボリュームを作成する場合はこのオプションを選択してください。 + もし隠しパーティションにOSをインストールしたい場合、単一の鍵ではシステムドライブ全体を暗号化できないことに留意してください。 + 外殻ボリュームの暗号化オプション + 隠しボリュームの暗号化オプション + 暗号化オプション + 警告:(ファイル選択ダイアログが記憶している)最後に選択したボリュームあるいはキーファイルの場所の消去に失敗しました! + エラー:このコンテナはファイルシステムレベルで圧縮されています。VeraCryptは圧縮されたコンテナには対応していません(暗号化されたデータを圧縮するのは冗長であり、効果がありません)。\n\n次の方法で圧縮を解除してください。\n\n1) エクスプローラ上で(VeraCrypt上ではありません)コンテナを右クリック\n\n2) プロパティを選択\n\n3) プロパティダイアログで「詳細設定」をクリック\n\n4) 属性の詳細ダイアログで「内容を圧縮してディスク領域を節約する」のチェックを外し「OK」をクリック\n\n5) プロパティダイアログに戻るので「OK」をクリック + ボリューム %s の作成に失敗しました + %s のサイズは %.2f バイト + %s のサイズは %.2f KB + %s のサイズは %.2f MB + %s のサイズは %.2f GB + %s のサイズは %.2f TB + %s のサイズは %.2f PB + 警告:指定されたデバイスあるいはパーティションは、OSあるいはアプリケーションで使用されています。このデバイスあるいはパーティションをフォーマットすると、そのデータが破壊されてシステムが不安定になるかもしれません。\n\nフォーマットを続けますか? + 警告:そのパーティションはOSかアプリケーションで使用中です。まず使用されているパーティション上のすべてのアプリケーションを終了してください(アンチウィルスソフトも含みます)。\n\n続けますか? + エラー:指定されたデバイスあるいはパーティションに、アンマウントできないファイルシステムが含まれています。このファイルシステムはおそらくOSで使用されており、このデバイスあるいはパーティションをフォーマットすると、そのデータが破壊されてシステムが不安定になる可能性が高いです。\n\nこの問題を解決するためには、まず最初にパーティションを削除し、フォーマットをせずにパーティションを再作成することをお勧めします。そのためには以下の手順を行ってください。\n\n1) コンピュータ(マイコンピュータ)アイコンを右クリックして「管理」を選択し、「コンピュータの管理」画面を開く。 2) 「記憶域」>「ディスクの管理」を選択。 3) 暗号化したいパーティションを選んで右クリックし、「パーティションの削除」「ボリュームの削除」「論理ドライブの削除」のいずれかを選択。 4) 「はい」をクリック。もし再起動を要求されたら再起動し、手順(1)と(2)を行い(5)に進む。 5) 空き領域/未割り当て領域を右クリックし、「新しいパーティション」「新しいシンプルボリューム」「新しい論理ドライブ」のいずれかを選択。 6) 「新しいパーティションウィザード」か「新しいシンプルボリュームウィザード」が開くので、表示された内容に従って進める。ウィザードが「パーティションのフォーマット」まで進んだら、「このパーティションをフォーマットしない」「このボリュームをフォーマットしない」のいずれかを選択する。続いて「次へ」をクリックし、最後に「終了」をクリック。 7)この時点でVeraCryptで指定されているデバイスの位置がずれていると思われるので、(もしまだ実行中なら)VeraCryptボリューム作成ウィザードをいったん終了し、再び実行する。 8) VeraCryptに戻って、再びデバイスあるいはパーティションの暗号化を試す。\n\nもしVeraCryptが再度暗号化に失敗したときは、代わりにコンテナファイルの作成を検討してください。 + エラー:ファイルシステムのロックを取得できないかアンマウントできません。おそらくOSかアプリケーションが使用中です(例:アンチウィルスソフトなど)。このパーティションの暗号化を続けるとデータが破壊されてシステムが不安定になるかもしれません。\n\nまず使用されているパーティション上のすべてのアプリケーションを終了してから(アンチウィルスソフトも含みます)、改めて試してください。方法がわからない場合は、以下の手順に従ってください。 + 警告:マウントされたデバイスあるいはパーティションのいくつかはすでに使用中です!\n\nこれを無視して進めるとシステムが不安定になるなどの望まれない結果を引き起こす可能性があります。\n\nそのデバイスあるいはパーティションを使用していると思われるアプリケーションを終了させることを強く推奨します。 + 選択されたデバイスにはパーティションが含まれています。\n\nこのデバイスをフォーマットすることは、システムを不安定にし、データの破壊を引き起こすおそれがあります。デバイス全体ではなくいずれかのパーティションを選択するか、あるいは、このデバイスのすべてのパーティションを削除して、VeraCryptが安全にフォーマットできるようにしてください。 + 選択された非システムデバイスはパーティションを含んでいます。\n\nデバイス型の暗号化ボリュームを保持するデバイスには、パーティションを含むことができません(ハードディスクやSSDも含みます)。パーティションを含むデバイスでデバイス全体を暗号化(単一のマスターキーを使用)できるのは、そのドライブにWindowsがインストールされており、かつそこから起動するときに限ります。\n\nもし選択された非システムデバイスを(単一のマスターキーで)暗号化したい場合は、VeraCryptが安全にフォーマットできるよう(パーティションを含むデバイスをフォーマットすると、データを破壊したりシステムが不安定になるおそれがあります)に、最初にそのデバイスの全てのパーティションを削除する必要があります。あるいは、そのドライブ上のパーティションを個々に暗号化することもできます(パーティションごとに別々のマスターキーが使われます)。\n\n注:もしGPTディスク上の全パーティションを削除したい場合、隠しパーティションを削除するためには「コンピュータの管理」などからMBRディスクに変換しておく必要があるでしょう。 + 警告:もしこのデバイス全体を暗号化した場合、OSはこのデバイスを、新しく、空で、未フォーマット(つまりパーティションテーブルを持っていない)であるものとみなし、自動的に初期化しようとするかもしれません(あるいは初期化しますかと尋ねてくるでしょう)。初期化すると暗号化ボリュームは破壊されてしまいます。さらに、このことでお気に入りボリュームのマウント先の一貫性や(例えばドライブの数が変わった時など)、お気に入りボリュームのラベル割当状態が崩れたりするでしょう。\n\nこれらを避けるためには、デバイス全体を暗号化するのではではなく、デバイス上にパーティションを作成してからパーティションを個別に暗号化した方が無難です。\n\n本当にデバイス全体を暗号化して良いですか? + 重要:このボリュームは現在割り当てられている %c: ドライブとしてマウント、使用することができないことを忘れないでください!\n\nこのボリュームをマウントするためには、VeraCryptのメインウィンドウから「デバイスの自動マウント」をクリック(あるいは「デバイスの選択」をクリックしてからこのパーティション/デバイスを選択し、「マウント」をクリック)してください。このボリュームは、メインウィンドウで選択されていた別のドライブレターにマウントされます。\n\n元のドライブレター %c: はパーティション/デバイスの暗号化を解除したいとき(例:暗号化が不要になったときなど)にのみ使用してください。その場合は、コンピュータ(あるいはマイコンピュータ)の %c: ドライブを右クリックし、[フォーマット]を選択するようにします。それ以外でドライブレター %c: を使うことは避けてください(ただしこれを例えばVeraCrypt FAQで説明されているように取り外して、別のパーティション/デバイスを割り当てる時を除きます)。 + 現在使用中のOSではその場での非システムボリュームの暗号化には対応していません。これに対応しているのはVista以降のWindowsのみです。\n\nこれは、このバージョンのWindowsがファイルシステムの縮小に対応していないためです。ボリュームヘッダおよびバックアップヘッダの領域を確保するためには、ファイルシステムを縮小する必要があります。 + 選択されたパーティション上にNTFSファイルシステムが見あたりません。パーティションでその場での暗号化が可能なのはNTFSであるときのみです。\n\n注:これはWindowsがこれ以外のファイルシステムでの縮小に対応していないからです。ボリュームヘッダおよびバックアップヘッダの領域を確保するためには、ファイルシステムを縮小する必要があります。 + 選択されたパーティション上にNTFSファイルシステムが見あたりません。パーティションでその場での暗号化が可能なのはNTFSであるときのみです。\n\nこのパーティション上に暗号化ボリュームを作成するには、「パーティションをその場で暗号化」の代わりに「暗号化ボリュームを作成してフォーマット」オプションを選択してください。 + エラー:パーティションが小さすぎます。その場での暗号化はできません。 + このパーティションのデータを暗号化するには、次の手順に従ってください。\n\n1) 空のパーティション/デバイス上にVeraCryptボリュームを作成してマウントします。\n\n2) このパーティションにある暗号化したいすべてのデータを、手順1でマウントしたVeraCryptボリュームにコピーします。つまりそのデータの暗号化されたバックアップを作ります。\n\n3) 元々暗号化しようとしていたこのパーティションにVeraCryptボリュームを作成します。その際、VeraCryptのウィザードで「パーティションをその場で暗号化」ではなく、必ず「暗号化ボリュームを作成してフォーマット」を選択します。このとき、このパーティション上のデータが削除されることに注意してください。ボリュームが作成されたらそれをマウントしてください。\n\n4) 手順1で作成・マウントしていたバックアップのVeraCryptボリュームにあるすべてのファイルを、手順3で作ってマウントしたばかりのVeraCryptボリュームにコピーしてください。\n\n上記のすべての手順を終わったとき、このパーティション上のデータが暗号化されているのに加えて、暗号化されたバックアップもできあがっていることになります。 + その場での暗号化が可能なのは、パーティション、ダイナミックボリューム、あるいはシステムドライブ全体を暗号化するときに限られます。\n\n選択された非システムデバイスに暗号化ボリュームを作成するには、「パーティションをその場で暗号化」の代わりに「暗号化ボリュームを作成してフォーマット」オプションを選択してください。 + エラー:その場での暗号化が可能なのは、パーティション、ダイナミックボリューム、あるいはシステムドライブ全体を暗号化するときに限られます。指定されたパスが有効かどうか確認してください。 + エラー:ファイルシステムを縮小できません。ファイルシステムを縮小するためにはボリュームヘッダとバックアップヘッダのための領域が必要です。\n\n想定される原因と解決方法は次のとおりです。\n\n- ボリュームに十分な空きスペースがありません。他のアプリケーションがファイルを書き込んでいないか確認してください。\n\n- ファイルシステムが壊れています。次の方法でエラーをチェックし修復してみてください(該当ドライブを右クリックして「プロパティ」を選択→「ツール」タブを選び「チェックする」をクリック→「ファイルシステムエラーを自動的に修復する」オプションにチェックを入れて「開始」)。\n\nもし上記の手順でうまくいかなければ、以下の手順に従ってください。 + エラー:このボリュームに充分な空き容量がないため、ファイルシステムを縮小できません。ファイルシステムを縮小するためにはボリュームヘッダとバックアップヘッダのための領域が必要です。\n\n不要なファイルを削除したり「ごみ箱」を空にしたりして、空き容量を少なくとも256KBは確保した上でもう一度試してみてください。なおWindows自体の問題により、OSを再起動するまでエクスプローラは正しくない空き容量を報告してくることに注意してください。再起動してもうまくいかない場合は、ファイルシステムが壊れているものと思われます。次の方法でエラーをチェックし修復してみてください(該当ドライブを右クリックして「プロパティ」を選択→「ツール」タブを選び「チェックする」をクリック→「ファイルシステムエラーを自動的に修復する」オプションにチェックを入れて「開始」)。\n\nもし上記の手順でうまくいかなければ、以下の手順に従ってください。 + ドライブ %s の空き容量は %.2f バイトです。 + ドライブ %s の空き容量は %.2f KB + ドライブ %s の空き容量は %.2f MB + ドライブ %s の空き容量は %.2f GB + ドライブ %s の空き容量は %.2f TB + ドライブ %s の空き容量は %.2f PB + 有効なドライブ名を取得できませんでした。 + エラー:VeraCryptのドライバが見つかりません。\n\nVeraCrypt.exeと同じフォルダに、'veracrypt.sys' および 'veracrypt-x64.sys' ファイルをコピーしてください。 + エラー:違うバージョンのVeraCryptデバイスドライバが作動中です。\n\nもしVeraCryptをポータブルモードで動作させようとしており、かつ違うバージョンのVeraCryptが既にインストールされているのであれば、先にそれをアンインストール(あるいはインストーラーでアップグレード)する必要があります。VeraCryptのアンインストールは次の手順で行ってください:[Vista以降] スタートメニュー→コンピュータ→プログラムのアンインストールと変更→VeraCrypt→アンインストール [Win XP] スタートメニュー→設定→コントロールパネル→プログラムの追加と削除→VeraCrypt→削除\n\n同じように、もしVeraCryptをポータブルモードで動作させようとしていて、すでに違うバージョンのVeraCryptがポータブルモードで起動しているのであれば、まずシステムを再起動した後に新しいバージョンのみを起動してください。 + エラー:暗号処理の初期化に失敗しました。 + エラー:強度の弱い鍵が検出されました! この鍵は廃棄されます。やり直してください。 + 致命的なエラーが発生したためVeraCryptを終了しました。もしこれがVeraCryptのバグに起因するものなら修正したいと思います。そのためにも、自動生成されたエラーレポートをお送りください。このレポートには次の情報が含まれています。\n\n- プログラムのバージョン\n- OSのバージョン\n- CPUの種類\n- VeraCryptコンポーネント名\n- VeraCrypt実行ファイルのチェックサム\n- ダイアログウィンドウのシンボリックネーム\n- エラーのカテゴリ\n- エラーアドレス\n- VeraCryptのコールスタック\n\n「はい」を選択すると、次のURL(上記のエラー情報をすべて含んでいます)をデフォルトのインターネットブラウザを開いて呼び出します。\n\n%hs\n\n上記のエラーレポートを我々に送って良いですか? + システムで致命的なエラーが発生したため、VeraCryptが終了させられました。\n\nこれはVeraCryptに起因するエラーではありません。したがってVeraCryptの開発者はこの問題には対処できません。システム上に何か問題がないか確認してください(例:システムの設定、ネットワークの接続状況、ハードウェアエラーなど)。 + システムに致命的なエラーが発生し、VeraCryptは強制終了させられました。\n\nもしこの問題が続くようであれば、原因となり得るアプリケーションを無効にするかアンインストールする必要があるかもしれません。例としては、アンチウィルスやインターネットセキュリティソフト、その他、システムを拡張したり最適化したりなどといったシステムの深部を操作するようなものが挙げられます。もしそうしても問題が解決しないのであればOSを再インストールしてみてください。この問題はマルウェアに起因する可能性もあります。 + VeraCrypt 致命的なエラー + VeraCryptはシステムが最近クラッシュしたことを検出しました。なぜクラッシュしたのかについて様々な原因が考えられます。例えばハードウェアの故障、デバイスドライバのバグなどです。\n\nVeraCryptのバグがシステムクラッシュの原因であったかどうかチェックしますか? + VeraCryptによるシステムクラッシュの確認を続けますか? + システムクラッシュのミニダンプファイルは見つかりませんでした。 + ディスクの空き容量を増やすためにダンプファイルを削除しますか? + システムクラッシュの原因を解析するためには、Microsoft Debugging Tools for Windows を先にインストールする必要があります。\n\n「OK」をクリックすると、Windows Installer がそのインストールパッケージ(16 MB)をマイクロソフトのサーバーからダウンロードし、インストールします。なお Windows Installer がアクセスするサーバーの URL は truercyprt.org のサーバーから転送されます。これはマイクロソフトがインストールパッケージの場所を変更しても追随できるようにするためです。 + 「OK」をクリックするとシステムクラッシュの解析を始めます。これには数分かかる見込みです。 + 環境変数「PATH」に 'kd.exe' (Kernel Debugger) へのパスが含まれているか確認してください。 + 十中八九、VeraCryptはシステムクラッシュの原因ではないようです。システムがクラッシュした理由には様々な原因が考えられます。例えばハードウェアの故障、デバイスドライバのバグなどです。 + 解析結果によると、以下のドライバーをアップデートすることで問題が解決するかもしれません: + 私たちがVeraCryptにバグがあるのかを確認できるよう、以下の事項が含まれた自動生成のエラーレポートを送信することができます。\n- プログラムのバージョン\n- OSのバージョン\n- CPUの種類\n- エラーのカテゴリー\n- ドライバーの名前とバージョン\n- システムコールスタック\n\nもし「はい」を選択すると、下記のURL(エラーレポートの全項目が含まれる)がデフォルトのインターネットブラウザーで開かれます。 + 上記のエラーレポートを送信しますか? + 暗号化(&E) + 復号(&D) + 暗号解除(&P) + 終了 + この拡張パーティションに論理ドライブを作成してからやり直してください。 + VeraCryptのボリュームは、ハードディスクやUSBフラッシュドライブ中にあるファイル(VeraCryptコンテナと呼ばれます)として作ることができます。またVeraCryptコンテナは通常のファイルとまったく同じように移動や削除ができます。「ファイルの選択」をクリックして、作成したいコンテナのファイル名と場所を選んでください。\n\n注意:既存のファイルを選んだ場合、VeraCryptはそのファイルを暗号化するわけでは*ありません*。既存のファイルは削除され、新しく作成されたVeraCryptコンテナに置き換えられます。既存のファイルを暗号化したい場合は、ここで作成したVeraCryptコンテナの中に後で移動するようにします。 + 外殻ボリュームを作成する場所を指定してください(中に入れる隠しボリュームは後で作成されます)。\n\nVeraCryptのボリュームは、ハードディスクやUSBフラッシュドライブ等の中にあるファイルの中(VeraCryptコンテナと呼ばれます)に作ることができます。VeraCryptコンテナは通常のファイルとまったく同じように移動や削除ができます。「ファイルを選択」をクリックして、作成したいコンテナのファイル名と場所を選んでください。既存のファイルを選んだ場合、VeraCryptはそのファイルを暗号化するわけでは*ありません*。その既存ファイルは削除され、新しく作成されたVeraCryptコンテナに置き換えられます。既存のファイルを暗号化したい場合は、ここで作成したVeraCryptコンテナの中に後で移動するようにします。 + デバイス型のVeraCryptボリュームは、ハードディスクのパーティション・SSD・USBメモリースティックや、その他対応している記憶装置上に作成することができます。パーティションはその場で暗号化することも可能です。\n\nなお、デバイス型のVeraCryptボリュームはそのデバイスにパーティションがないときにも作成可能です(これはハードディスクやSSDも含みます)。\n\n注:パーティションを含むデバイス全体をその場で暗号化(単一のキーを使用)できるのは、そのドライブにWindowsがインストールされており、そこから起動する場合のみです。 + デバイス型のVeraCryptボリュームを作成できるのは、ハードディスクのパーティション、SSD、USBメモリースティックなどの記憶装置です。\n\n警告:パーティション/デバイスがフォーマットされ、そこにあるすべての既存データが失われることに注意してください。 + \n外殻ボリュームを作成する場所を選択してください(このボリュームの中に後で隠しボリュームが作られます)。\n\n外殻ボリュームはハードディスクのパーティション、SSD、USBメモリースティックなどの対応している記憶装置上に作成できます。パーティションの無いデバイス(ハードディスクやSSDを含みます)上にも作成可能です。\n\n警告:パーティション/デバイスがフォーマットされ、そこにあるすべての既存データが失われることに注意してください。 + 隠しボリュームを格納したいVeraCryptボリュームの場所を選択してください + 警告:そのファイルあるいはデバイスはすでに使われています!\n\nこれを無視して進めるとシステムが不安定になるなどの望まれない結果を引き起こす可能性があります。ファイルあるいはデバイスを使用しているすべてのアプリケーション(例えばアンチウィルスソフトやバックアップソフト等)を、このボリュームをマウントする前に終了してください。\n\nマウントを続行しますか? + エラー:ボリュームをマウントできません。マウントしようとしたファイルあるいはデバイスはすでに使用中です。 排他的でないマウントも試みましたが失敗しました。 + ファイルを開けません。 + ボリュームの位置 + 巨大なファイル + VeraCryptボリュームに4GB超のファイルを保存しようとしていますか? + 上記の選択に基づき、VeraCryptボリュームに適切なデフォルトのファイルシステムを設定します(次のステップでファイルシステムを選択できます)。 + 外殻ボリュームを作成しているのであれば「いいえ」を選択すべきです。「はい」を選ぶとデフォルトのファイルシステムはNTFSとなり、これは外殻ボリュームとしては適切ではありません(例えば外殻ボリュームをFATにした方が、より大きなサイズの隠しボリュームを内包できます)。通常は外殻ボリュームも通常ボリュームもFATがデフォルトとなります(つまりFATの方が怪しまれません)。しかし、もしサイズが4GBを越えるファイルを保存したいのであれば、FATがデフォルトにはなりません。FATでは4GB超のファイルを保存できません。 + 本当に「はい」を選択しますか? + ボリューム作成モード + これがパーティション型あるいはデバイス型のVeraCryptボリュームを作成するための最速の方法です(別オプションのその場での暗号化は、セクタごとに読み込み、暗号化し、書き込みを行うためにより時間がかかります)。選択されたパーティション/デバイス上の既存のデータはすべて削除されます(既存データは暗号化されるわけではなくランダムなデータで上書きされます)。このパーティション上の既存データを暗号化したいのであれば、別のオプションを選択してください。 + 選択されたパーティション上の全データがその場で暗号化されます。もしパーティションが空なら別のオプションを選択すべきです(より速くボリュームが作成されます)。 + 注: + レジューム(&R) + 保留(&D) + 開始(&S) + コンティニュー(&C) + フォーマット(&F) + ワイプ(&W) + フォーマットを中断? + 詳細情報を表示 + これを再び表示しない + パーティション/デバイス上のデータの抹消に成功しました。 + 元システム(隠しシステムのクローン元)パーティション上のデータの抹消に成功しました。 + (消去済みパーティションに)インストールしようとしているWindowsのバージョンが、現在起動中のものと一致しているかよく確認してください。これは双方のシステムが一つの共通の起動パーティションを共用する必要があるからです。 + システムパーティション/ドライブの暗号化に成功しました。\n\n注:もしWindows起動の度に毎回自動的にマウントしたい非システムのVeraCryptボリュームがあるのならば、それらをマウント後に[お気に入り]-[マウントされたボリュームをシステムお気に入りに追加]と選択することで実現できます。 + システムパーティション/ドライブの復号に成功しました。 + \n\nVeraCryptボリュームが作成され、使用できる状態になりました。VeraCryptボリュームを続けて作成する場合は「次へ」をクリックしてください。そうでなければ「終了」をクリックしてください。 + \n\n隠しボリュームの作成に成功しました(隠しOSがこの隠しボリュームに作成されます)。\n\n「次へ」をクリックしてください。 + ボリューム全体が暗号化されました。 + Volume Fully Decrypted + 重要:この新規作成したVeraCryptボリュームをマウントしてデータにアクセスするには、VeraCryptのメインウィンドウで「デバイスの自動マウント」をクリックしてください。そして正しいパスワードを入力(そして正しいキーファイルを指定)すると、メインウィンドウで選択していたドライブレターにそのボリュームがマウントされ、そのドライブを通して暗号化されたデータにアクセスすることができます。\n\n上記の手順を記憶するかメモしておいてください。このボリュームをマウントしてデータにアクセスするためにはこの手順に沿わなければなりません。あるいは、メインウィンドウで「デバイスを選択」をクリックし、このパーティションあるいはボリュームを選択してから「マウント」をクリックしてください。\n\nこのパーティション/デバイスの暗号化に成功し、使用する準備ができました。 + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCryptボリュームの作成に成功しました。 + ボリュームが作成されました + 重要:このウィンドウ内にてできるかぎりランダムにマウスを動かしてください。これにより暗号鍵の強度を大幅に上げられます。長く動かすほど良い結果を得られます。「フォーマット」をクリックするとボリュームを作成します。 + 「フォーマット」をクリックすると外殻ボリュームを作成します。詳細はユーザーズガイドをご覧ください。 + 外殻ボリュームのフォーマット + 隠しボリュームのフォーマット + ボリュームのフォーマット + ユーザーズガイドを表示・印刷するには、Adobe Reader(もしくはその互換品)が必要です。 Adobe Reader(フリーウェア)は www.adobe.com にてダウンロードできます。\n\n代わりにオンラインドキュメントを表示しますか? + このオプションを選択すると、作成ウィザードはまず通常のVeraCryptボリュームを新規作成し、次に隠しボリュームをその中に配置します。慣れている方以外は常にこのオプションを選択してください。 + このオプションを選択すると、既存のVeraCryptボリューム内に隠しボリュームを配置できます。隠しボリュームを納めることのできるVeraCryptボリュームが作成済みであることが前提となります。 + ボリューム作成モード + 隠しボリュームが作成されました + 隠しボリュームの作成に成功し、使用できる状態になりました。ユーザーズガイドの「隠しボリュームの安全に関する必要事項と予防策」に列挙されている必要事項および予防策に従い、正しい方法で使用するならば、たとえ外殻ボリュームがマウントされても、隠しボリュームを探索することはできません。\n\n重要な警告:もし隠しボリュームの保護をしていないならば(保護の方法はユーザーズガイドの「隠しボリュームを破損から守る」をご覧ください)、外殻ボリュームに書き込みをしないでください。さもなければ隠しボリュームを上書きして破壊してしまいます! + 隠しOSの使用を開始しました。お気づきと思いますが、隠しOSは元のOSと同じパーティションにインストールされているかのように見えます。しかしその実体は隠しボリュームにインストールされており、元のOSに対する全ての読み書き操作は、実際には隠しボリュームに対して行われます。\n\nOS自身だけでなく、どのアプリケーションも、システムパーティションへの読み書きが実際には隠しボリュームに対して行われていることを知りません。どのようなデータも(囮OSとは別の鍵で)透過的に暗号化・復号されます。\n\n\n「次へ」をクリックしてください。 + 外殻ボリュームが作成され、%hc: ドライブとしてマウントされました。この外殻ボリュームには、本当は隠す必要はないが、一見、秘密のように見えるファイルをいくつかコピーしてください。これは、システムパーティションのすぐ後にあるパーティション(外殻ボリュームと隠しボリュームを含んでいる)のパスワードの開示を強要されたときのためのものです。外殻ボリューム用のパスワードが漏れても、隠しボリューム(とその中の隠しOS)の存在は隠されたままです。\n\n重要:外殻ボリュームにコピーするファイルの総サイズは %s を越えてはいけません。さもなければ隠しボリュームのために十分な領域を確保できなくなり、その後の処理が継続できなくなるでしょう。ファイルのコピーが終了したら「次へ」をクリックしてください。外殻ボリュームはアンマウントしないでください。 + 外殻ボリュームが %hc:ドライブに無事に作成されました。このボリュームには、本当は隠す必要はないが、見た目は他人に隠したいように見えるファイルをいくつかコピーしておくべきです。それらのファイルは誰かがあなたにパスワードを明かすよう強要してきたときのためにあります。外殻ボリュームのパスワードは明かしても構いませんが、隠しボリュームのパスワードを明かしてはいけません。本当に大事なファイルは、この後、隠しボリュームを作ってからそこに入れてください。外殻ボリュームへのコピーが終わったら「次へ」をクリックしてください。このボリュームはアンマウントしないでください。\n\n注:「次へ」がクリックされると、ボリュームの終端まで連続する空き領域のサイズを調べるために外殻ボリュームのクラスタービットマップをスキャンします。その領域に隠しボリュームが置かれるため、そのサイズが隠しボリュームの最大サイズとなります。クラスタービットマップをスキャンすることで、外殻ボリュームのデータが隠しボリュームを上書きしないことを保証します。 + 外殻ボリュームの内容 + \n\n次のステップで、まず外殻ボリュームのオプションを設定します(中に入れる隠しボリュームは後で作成されます)。 + \n\n次のステップで、外殻ボリュームと呼ばれるものを作成します。前のステップで説明したとおり、これはシステムパーティションのすぐ次のパーティションに作成されます。 + 外殻ボリューム + 次の手順で隠しOSを格納する隠しボリュームのパスワードとオプションを設定してください。\n\n注:外殻ボリュームのクラスタービットマップが、外殻ボリュームの終端から連続した空き領域のサイズを調べるために走査されます。この空き領域が隠しボリューム用になるため、その容量が隠しボリュームとして可能な最大サイズとなります。また隠しボリュームのサイズは、システムパーティションより大きくなるように決定されます(システムパーティションの内容全体を隠しボリュームにコピーする必要があるからです)。この確認によって、隠しボリュームのデータで外殻ボリューム上のデータが上書きされないようにしています。 + 重要:このステップで選択した暗号化アルゴリズムを忘れないでください。囮システムでも同じ暗号化アルゴリズムを選択する必要があります。そうしなかった場合、隠しOSにアクセスできなくなります!\n\n注:その理由は、囮システムと隠しシステムは一つのブートローダーを共用しているためです。これはユーザが選択した一つのアルゴリズムしかサポートしていません。いずれのアルゴリズムの場合でも、VeraCryptによる特製バージョンのブートローダーとなっています。 + \n\nボリュームのクラスタービットマップが走査され、隠しボリュームの最大上限サイズが計測されました。この次のステップで、隠しボリュームのオプションやサイズ、パスワードを設定します。 + 隠しボリューム + 隠しボリュームは、これから外殻ボリュームがアンマウントされるまでの間、破壊から保護されます。\n\n警告:もし隠しボリューム領域に何らかのデータが書き込まれそうになったときには、VeraCryptはボリューム全体(外殻領域も隠し領域も)を、アンマウントされるまで書き込み禁止にします。このことは外殻ボリュームのファイルシステムに不整合状態を引き起こし、(そのようなことが繰り返されるなら)隠しボリュームに対する見せかけの拒否にも悪影響を及ぼします。したがってあなたは隠しボリューム領域に書き込みが起こらないように全力で務めるべきです。隠しボリューム領域に書き込もうとしたあらゆるデータは一切保存されずに失われます。Windowsは書き込みエラー(遅延書き込みの失敗/不正なパラメータ)が発生したと報告してくるでしょう。 + 新たにマウントされたボリューム内の隠しボリュームはいずれもアンマウントされるまでの間、破壊から保護されます。\n\n警告:もし保護中の隠しボリューム領域に何らかのデータが書き込まれそうになったときには、VeraCryptはボリューム全体(外殻領域も隠し領域も)を、アンマウントされるまで書き込み禁止にします。このことは外殻ボリュームのファイルシステムに不整合状態を引き起こし、(そのようなことが繰り返されるなら)隠しボリュームに対する見せかけの拒否にも悪影響を及ぼします。したがってあなたは隠しボリューム領域に書き込みが起こらないように全力で務めるべきです。隠しボリューム領域に書き込もうとしたあらゆるデータは一切保存されずに失われます。Windowsは書き込みエラー(遅延書き込みの失敗/不正なパラメータ)が発生したと報告してくるでしょう。 + 警告:%c:ドライブにマウントされたボリュームにある隠しボリューム領域にデータが書き込まれようとしました!\n\nVeraCryptは隠しボリュームを保護するため、この書き込みを防止しました。このことで外殻ボリュームのファイルシステムが不整合状態となり、Windowsは書き込みエラー(遅延書き込みの失敗/不正なパラメータ)が発生したと報告してくるでしょう。外殻ボリュームも隠しボリュームも含めたボリューム全体について、アンマウントされるまで書き込みが禁止されます。もし今回のようなケースが初めてでないのならば、この隠しボリュームに対するみせかけの拒否に悪影響があることでしょう(この外殻ボリュームのファイルシステムが特異な不整合状態をしばしば引き起こすからです)。したがって、新しくVeraCryptボリュームを(クイックフォーマットせずに)作成し、このボリュームから新ボリュームにファイルを移すことを検討してください。その際このボリュームは外殻・隠しいずれの領域も完全抹消すべきです。すぐにオペレーティングシステムを再起動するよう、強く推奨します。 + 4GBを超えるサイズのファイルの保存には、保存先のボリュームがNTFSでフォーマットされている必要がありますが、そうではないため保存できませんでした。 + 隠しOSの起動中は隠しではないVeraCryptボリュームをNTFSでフォーマットすることはできません。その理由は、NTFSでのフォーマットをOSに許可するためには、一時的とはいえ、対象ボリュームを書き込みへの保護がない状態でマウントしなければならないからです。なおFATでのフォーマットの場合は、OSによらず、またマウントもせずに、VeraCrypt自らが行うのでこの限りではありません。技術的な詳細は下記をご覧ください。囮OSからなら、隠しではないNTFSボリュームを作成できます。 + 隠しOSの起動中は、セキュリティ上の理由で外殻ボリュームは常に読み取り専用としてマウントされるため、ダイレクトモードでしか隠しボリュームを作成できません。隠しボリュームを安全に作成するには、以下の手順で行ってください。\n\n1) まず囮用OSを起動する。\n\n2) 標準ボリュームを作成し、本当は他人に見られても構わないが一見秘密にしたいように見えるファイルをコピーする(このボリュームは後で外殻ボリュームになります)。\n\n3) 隠しOSで起動し、VeraCryptボリューム作成ウィザードを開始する。もしボリュームがファイル型であればシステムパーティションか他の隠しボリュームに移動する(そうしないと、新規作成された隠しボリュームが読み取り専用としてマウントされてフォーマットできません)。そしてウィザードの指定に沿って進め、隠しボリュームの作成でダイレクトモードを選択する。\n\n4) そのウィザードでステップ2で作成したボリュームを選択し、その中に隠しボリュームを作成する。 + セキュリティ上の理由により、隠しOSの起動中は、ローカルの暗号化されていないファイルシステムと、隠しではないVeraCryptボリュームは読み取り専用でマウントされます。つまりそれらに何らかのデータを書き込むことはできません。\n\nデータは隠しボリューム上のファイルシステムにのみ書き込むことができます(ただしその隠しボリュームが、非暗号化ファイルシステム上あるいは読込専用のファイルシステム上、のコンテナファイルではない場合に限定されます)。 + このような対抗策が実装されているのは、主に3つの理由によります。\n\n- 隠しボリュームをマウントするための安全なプラットフォームを築くことができます。隠しボリュームをマウントするのは隠しOSの動作中に限定するよう、私たちが公式に推奨していることを忘れないでください(より詳しい情報はユーザーズガイドの「隠しボリュームの安全に関する必要事項と予防策」の項をご覧ください)。\n\n- いくつかのケースでは、一定の時刻に特殊なファイルシステムがマウントされていない(あるいはそのファイルシステム上の特殊なファイルが保存あるいは書き込みされていない)ことがわかってしまう可能性があります。これは例えば、ファイルシステムのジャーナル、ファイルのタイムスタンプ、アプリケーションのログやエラーログなどが、解析あるいは比較されたりしたときなどです。このことは隠しOSがそのコンピュータにインストールされていることを示唆することになりますが、この対抗策によってこのような問題は解決されます。\n\n- データの破損を防ぎ、安全な休止状態を提供できます。Windowsは休止状態から復帰した時、マウントされた全てのファイルシステムが、システムが休止状態に入った時と同じ状態を保持していることを仮定しています。VeraCryptはこのことを、囮および隠しシステムの双方からアクセスできるいかなるファイルシステムについても書き込みを禁止することによって保証しています。この保護機構がないと、一方のシステムが休止状態のときにもう一方のシステムからマウントされた場合に、ファイルシステムが破損してしまう可能性があります。 + 注:囮用のシステムから隠しシステムへ安全にファイルを転送したい場合は、以下の手順で行ってください。 1) 囮用OSで起動する。 2) 暗号化されていないボリューム、あるいは標準か外殻のVeraCryptボリュームにファイルを保存する。 3) 隠しOSで起動する。 4) もしそのファイルをVeraCryptボリュームに保存したのならそれをマウントする(自動的に読み取り専用になります)。 5) そのファイルを隠しシステムパーティションあるいはその他の隠しボリュームに保存する。 + このマシンは再起動する必要があります。\n\nすぐに再起動しますか? + システムの暗号ステータスの取得中にエラーが見つかりました。 + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + システムを暗号化するアプリケーションコンポーネントを初期化できませんでした。 + 乱数生成機構の初期化に失敗しました! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + アプリケーションを初期化できません。ダイアログクラスの登録に失敗しました。 + エラー:リッチエディットシステムライブラリの読込に失敗しました。 + VeraCryptボリューム作成ウィザード + このボリュームに格納できる隠しボリュームの最大サイズは %.2f バイトです。 + このボリュームに格納できる隠しボリュームの最大サイズは %.2f KB です。 + このボリュームに格納できる隠しボリュームの最大サイズは %.2f MB です。 + このボリュームに格納できる隠しボリュームの最大サイズは %.2f GB です。 + このボリュームに格納できる隠しボリュームの最大サイズは %.2f TB です。 + ボリュームのマウント中には、そのパスワードやキーファイルを変更できません。 まず先にそのボリュームをアンマウントしてください。 + ボリュームのマウント中には、そのヘッダキー導出アルゴリズムを変更できません。 まず先にそのボリュームをアンマウントしてください。 + マウント(&M) + このボリュームをマウントするには、新しいバージョンのVeraCryptが必要です。 + エラー:ボリューム作成ウィザードが見つかりません。\n\n'VeraCrypt.exe' が起動されたフォルダに 'VeraCrypt Format.exe' があるか確認してください。 もし存在しなければ、VeraCryptを再インストールするか、ディスク上の 'VeraCrypt Fromat.exe' を探し出して実行してください。 + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + 次へ(&N)> + 終了(&F) + インストール(&I) + 展開(&x) + VeraCryptデバイスドライバに接続できません。デバイスドライバが実行されていないとVeraCryptは実行できません。\n\nWindows自体の問題によって、デバイスドライバを読み込むためにはログオフあるいは再起動が必要かもしれません。 + フォントの読み込み・準備中にエラーが発生しました。 + ドライブレターが見つからないか、ドライブレターが指定されていません。 + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + ドライブレターが利用できません。 + ファイルが選択されていません! + 有効な空きドライブレターがありません。 + 外殻ボリューム用の空きドライブレターがありません! ボリュームの作成が続けられません。 + 使用中のオペレーティングシステムのバージョンがわかりません。もしくはサポートされていないオペレーティングシステムを使用しています。 + フォルダが選択されていません! + 隠しボリュームを格納できるだけの空き容量がありません! ボリュームの作成が続けられません。 + エラー:外殻ボリュームにコピーしようとしたファイルのサイズが大きすぎます。隠しボリュームの外殻ボリュームに十分な空き容量がありません。\n\n隠しボリュームはシステムパーティション(現在動作中のOSがインストールされているところです)より大きなサイズでなければなりません。隠しOSはシステムパーティションのファイルを隠しボリュームにコピーして作られる必要があるためです。\n\n\n隠しOSを作成する処理が続けられません。 + ドライバがそのボリュームをアンマウントできません。おそらくそのボリューム上のいくつかのファイルが開かれたままです。 + ボリュームのロックができません。ボリューム上のいくつかのファイルが開かれたままです。そのためにアンマウントできません。 + システムかアプリケーションがボリュームを使用中のため、ボリュームのロックに失敗しました(おそらくボリューム上のファイルが開かれています)。\n\nこのボリュームを強制的にアンマウントしますか? + VeraCryptボリュームの選択 + フォルダやファイル名の指定 + PKCS #11 ライブラリを選択 + メモリ不足 + 重要:慣れていない方は、デバイスあるいはパーティション全体を暗号化しようとするのではなく、選択されたパーティションあるいはデバイス上にVeraCryptコンテナファイルを作成することを強く推奨します。\n\nデバイスあるいはパーティション全体を暗号化する方法に対し、コンテナファイルを作成する方法は、たとえば大量のファイルを破壊してしまうような危険性がありません。VeraCryptコンテナファイルは、これは仮想的な暗号化ディスクでありながら、それ自体は普通のファイルと変わりありません。より詳しい情報は「ユーザーズガイド」の「初心者のためのチュートリアル」をご覧ください。\n\n本当にデバイスあるいはパーティション全体を暗号化しますか? + 警告:そのファイル '%s' はすでに存在しています!\n\n重要:VeraCryptはそのファイル自体を暗号化するのではなく、消去して上書きします。 本当にそのファイルを消去して新しいVeraCryptコンテナで置き換えますか? + 注意:選択された %s '%s'%s に存在しているすべてのファイルは消去され失われます(暗号化されるのではありません)!\n\n本当にフォーマットを続けてよいですか? + 警告:暗号化が完全に終了するまで、このボリューム上のファイルにはアクセスできなくなります。\n\n選択された %s '%s'%s の暗号化を開始して良いですか? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + 警告:既存データをその場で暗号化している最中に、電源が突然落ちたり、ソフトウェアエラーやハードウェア障害等によってOSがクラッシュした場合、データの一部が壊れたり失われたりする可能性があります。そのため、暗号化を開始する前に、必ず暗号化したいファイルのバックアップがあるかを確認してください。\n\nそのようなバックアップがありますか? + 注意:このパーティション '%s'%s (つまりシステムパーティションのすぐ次のパーティション)上に存在するすべてのファイルが削除され、失われます(暗号化されるわけではありません)!。\n\nこのままフォーマットを進めて良いですか? + 警告:選択されたパーティションには大量のデータがあります! そのパーティションにあるすべてのデータが削除され、失われます。それらのファイルは暗号化されません! + このパーティションにVeraCryptボリュームを作成して、既存データすべてを削除する + パスワード + PIM + ヘッダキー導出アルゴリズムの設定 + ボリュームへのキーファイルの追加/削除 + ボリュームから全てのキーファイルを削除 + パスワードまたはキーファイルの変更に成功しました。\n\n重要:ユーザーズガイドの「安全のための必要事項と予防策」の章にある「パスワードとキーファイルの変更」節をよくお読みください。 + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + 重要:VeraCryptレスキューディスクを壊していなければ、システムパーティション/ドライブはまだ古いパスワードで復号可能です(レスキューディスクで起動して古いパスワードを入力します)。新しいVeraCryptレスキューディスクを作成し、古い方は壊してしまうべきです。\n\n新しいVeraCryptレスキューディスクを作成しますか? + 今お持ちのVeraCryptレスキューディスクは従来の暗号化アルゴリズムが使用されています。もし従来の暗号化アルゴリズムが安全でないとお考えなら、新しいVeraCryptレスキューディスクを作成し、古い方は壊してしまうべきです。\n\n新しいVeraCryptレスキューディスクを作成しますか? + あらゆる種類のファイル(例:.mp3, .jpg, .zip, .avi)をVeraCryptのキーファイルとして使用できます。VeraCryptはキーファイルの内容を変更しません。キーファイルを複数選択することもできます(選択順序は無関係です)。フォルダを追加した場合は、その中にあって隠されていないファイルすべてがキーファイルとして使用されます。セキュリティトークンやスマートカードに保存されているキーファイルを選択する(あるいはキーファイルをセキュリティトークンやスマートカードにインポートする)には「トークンファイルの追加」をクリックしてください。 + キーファイルの追加あるいは除去に成功しました + キーファイルをエクスポートしました。 + ヘッダキー導出アルゴリズムの設定に成功しました + 非システムボリュームのその場での暗号化処理に復帰するため、パスワードを入力(またはキーファイルを指定)してください。\n\n\n注:「次へ」をクリックすると、VeraCryptは暗号化処理が中断されていて、与えられたパスワードあるいはキーファイルで復号できるすべての非システムボリュームを検索します。もし複数のボリュームが見つかった場合は、次のステップでその内の一つを選択する必要があります。 + ボリュームリストから一つ選択してください。このリストには、暗号化処理が中断されていて、与えられたパスワードあるいはキーファイルで復号できるすべての非システムボリュームが含まれています。 + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + 質の良いパスワードにすることが非常に重要です。辞書に載っているような単語一つだけにしたり、あるいはそれを三つ四つ組み合わせた程度のものは避けるべきです。また何らかの名前や誕生日なども含ませるべきではありません。それは簡単に推測されてしまいます。 良いパスワードとは、大文字や小文字、数字や記号( @ ^ = $ * + など)をランダムに組み合わせたものです。またパスワードの長さは20文字以上を推奨します(長い方がより良いです)。設定可能な最大長は64文字です。 + 隠しボリューム用のパスワードを入力してください + 隠しOS用のパスワードを入力してください(つまり隠しボリューム用です)。 + 重要:このステップで設定される隠しOS用のパスワードは、他の二つのパスワード(つまり外殻ボリュームおよび囮OS用のもの)とは大幅に変えておく必要があります。 + 隠しボリュームを作って入れたいボリュームのパスワードを入力してください。\n\n「次へ」をクリックすると、VeraCryptはそのボリュームのマウントを試みます。ボリュームがマウントされるとすぐにクラスタービットマップが走査され、ボリューム終端からどれだけ連続した空き領域があるのかが測定されます。その領域は隠しボリュームの格納場所であり、これによって隠しボリュームの上限サイズが決まります。クラスターマップの走査は、隠しボリュームによって外殻ボリュームのデータが上書きされてしまわないために必要です。 + \n外殻ボリューム用のパスワードを入力してください。これはあなたが誰かにパスワードを明かすよう強要されたときなどのためのものです。\n\n重要:このパスワードは隠しボリューム用のものとは大幅に変えておく必要があります。\n\n注:パスワードの最大文字数は64文字です。 + 外殻ボリューム用のパスワードを入力してください。これはあなたが誰かにシステムパーティションのすぐ次にある、外殻ボリュームと隠しボリューム(この中に隠しOSが含まれます)の入ったパーティションのパスワードを明かすよう強要されたときなどのためのものです。隠しボリューム(そして隠しOSも)の存在は秘匿されたままです。これは囮用OSのためのものではないことに注意してください。重要:このパスワードは隠しボリューム用(つまり隠しOS用)のものとは大幅に変えておく必要があります。 + 外殻ボリュームのパスワード + 隠しボリュームのパスワード + 隠しOS用のパスワード + 警告:短いパスワードは、総当たり攻撃によって容易に破られてしまいます! パスワードは20文字以上にすることを推奨します。\n\n本当にこの短いパスワードを使いますか? + ボリュームのパスワード + パスワードが正しくないか、VeraCryptのボリュームではありません。 + キーファイルもしくはパスワードが正しくないか、VeraCryptのボリュームではありません。 + マウントモードが違うか、パスワードが正しくないか、あるいはVeraCryptのボリュームではありません。 + マウントモードが違うか、キーファイルもしくはパスワードが正しくないか、あるいはVeraCryptのボリュームではありません。 + パスワードが正しくないか、VeraCryptボリュームが見つかりません。 + キーファイルあるいはパスワードが正しくないか、VeraCryptのボリュームが見つかりません。 + \n\n警告:Caps Lock がオンになっています。 そのためにパスワードの入力を誤るかもしれません。 + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\n警告:指定フォルダのキーファイル探索中に隠しファイルが見つかりました。このような隠しファイルはキーファイルとして使用されません。キーファイルとして使用したい場合は隠し属性を解除してください(該当ファイルを右クリックしてプロパティを開き、隠しファイルのチェックを外して「OK」をクリックします)。注:隠しファイルはフォルダオプションですべてのファイルを表示する設定になっていないと表示されません。 + もし隠しシステムを持つ隠しボリュームを保護しようとしているのであれば、隠しボリューム用のパスワードを入力する際には、標準USキーボードレイアウトであることを確認してください。Windows起動前の環境では、パスワードを入力する場合に非USキーボードレイアウトが無効であるためです。 + VeraCryptは、暗号化処理が中断されていて、与えられたパスワードあるいはキーファイルで復号できる非システムボリュームを見つけられませんでした。\n\nパスワードあるいはキーファイルが正しいか、またそのパーティション/ボリュームがシステムやアプリケーション(アンチウィルスソフトを含みます)で使用されていないか、確認してください。 + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\n注:メニューから[システム]-[起動前認証をせずにマウント]を選ぶことで、起動前の認証をせずに暗号化したシステムドライブ上のパーティションをマウントすること、あるいは起動していないオペレーションシステムを暗号化したパーティションをマウントすることが可能です。 + 現在のモードでは、アクティブなシステムの暗号化対象となっている部分を含むドライブ上のパーティションをマウントすることができません。\n\nこのモードでそのパーティションをマウントする前に、他のドライブ(暗号化されてる否かは問いません)にインストールされているシステムから起動するか、暗号化されていないOSを起動する必要があります。 + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < 戻る(&B) + このシステムのデバイスを列挙できません! + ボリューム '%s' は読み取り専用としてすでに存在しています。本当に置き換えますか? + フォルダの選択 + キーファイルの選択 + キーファイルを探すフォルダを選択してください。 警告:記憶されるのはフォルダであり、ファイル名ではありません! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Ross Anderson、Eli Biham、Lars Knudsenによって開発され1998年に公開されました。256ビットキー、128ビットブロックを使用します。動作モードはXTSです。SerpentはAES制定時の最終候補の一つでした。 + 作成するコンテナのサイズを指定してください。\n\nもしダイナミック(スパースファイル)コンテナを作成するのであれば、このパラメータは上限サイズの指定になります。\n\n下限サイズはFATボリュームの場合で292KB、NTFSボリュームの場合で3792KB となります。 + 新しい外殻ボリュームのサイズを指定してください(中に入れる隠しボリュームは後で作成します)。中に隠しボリュームを作成できる下限サイズは340KBです。 + 作成する隠しボリュームのサイズを指定してください。下限サイズはFATボリュームの場合は40KB、NTFSボリュームの場合は3664KB となります。上限サイズについてはこの上に表示されています。 + 外殻ボリュームのサイズ + 隠しボリュームのサイズ + 上に表示されている選択されたデバイス/パーティションのサイズが正しいかどうかを確認し、「次へ」をクリックしてください。 + 外殻ボリュームおよび隠しボリューム(隠しOSを含んでいます)は上記のパーティションに格納されます。これはシステムパーティションのすぐ次のパーティションである必要があります。\n\n上に表示されているパーティションのサイズおよび番号が正しいかどうか確認し、間違いがなければ「次へ」をクリックしてください。 + \n\n隠しボリュームを中に入れるためには、外殻となるボリュームのサイズが最低でも340KBは必要なことに注意してください。 + ボリュームのサイズ + ダイナミック + 注意:セルフテストに失敗しました! + 全アルゴリズムのセルフテストに成功しました。 + 与えられたデータユニット番号が長すぎるか、あるいは短すぎます。 + 与えられたセカンダリキーが長すぎるか、あるいは短すぎます。 + 入力されたテスト用暗号文は長すぎるか、あるいは短すぎます。 + 入力されたテスト用キーは長すぎるか、あるいは短すぎます。 + 入力されたテスト用平文は長すぎるか、あるいは短すぎます。 + 暗号化がXTSモードの二段のカスケードで実行されます。いずれのブロックも最初に %s(%d-bit key)で、次に %s(%d-bit key)で暗号化されます。いずれの暗号化でもそれ自身の鍵が使われ、全ての鍵が互いに独立しています。 + 暗号化がXTSモードの三段のカスケードで実行されます。いずれのブロックも最初に %s(%d-bit key)で、次に %s(%d-bit key)で、そして最後に %s(%d-bit key)で暗号化されます。いずれの暗号化でもそれ自身の鍵が使われ、全ての鍵が互いに独立しています。 + OSの設定によっては、これらのオートランあるいはオートマウントの機能が、書き込みのできないCDやDVDのようなメディア上にトラベラーディスクのファイルがあるときにしか働かないことに注意してください。これはVeraCryptのバグではなく、Windowsの制限です。 + VeraCryptトラベラーディスクは無事が作成されました。\n\nVeraCryptをポータブルモードで動作させるためには管理者権限が必要であることに注意してください。 また、たとえポータブルモードで動作させたとしても、 レジストリファイルを調べられると、そのWindowsでVeraCryptが動作したことがあると判ってしまうでしょう。 + VeraCryptトラベラーディスク + Bruce Schneier、John Kelsey、Doug Whiting、David Wagner、Chris Hall、そしてNiels Fergusonによって開発され、1998年に公開されました。256ビットキー、128ビットブロックを使用します。動作モードはXTSです。Twofishは、AES制定時の最終候補の一つでした。 + %sについての詳細 + 未知 + 詳細不明あるいは未知のエラーが発生しました。(%d) + いくつかのボリュームに、アプリケーションかシステムが使用中のファイルあるいはフォルダがあります。\n\n強制的にアンマウントしますか? + アンマウント(&D) + アンマウントに失敗しました! + ボリュームに、アプリケーションかシステムが使用中のファイルあるいはフォルダがあります。\n\n強制的にアンマウントしますか? + 指定されたドライブレターにはボリュームがマウントされませんでした。 + マウントしようとしたボリュームはすでにマウントされています。 + ボリュームのマウント中にエラーが発生しました。 + ボリューム内のシーク中にエラーが発生しました。 + エラー:ボリュームのサイズが正しくありません。 + 警告:クイックフォーマットを使うのは、次のケースに限られるべきです。\n\n1) このデバイスに秘匿したいデータが記録されておらず、かつ「見せかけの拒否」が不要な場合\n2) このデバイスに安全な暗号化がすでに全体的に施されている場合\n\n本当にクイックフォーマットを使用しますか? + ダイナミックコンテナとは、あらかじめNTFSに割り当てられた、新しいデータが追加されるにしたがって物理サイズ(ディスク上の実サイズ)が増加するスパースファイルのことです。\n\n警告:スパースファイルをホストにしたボリュームは、通常のボリュームに比べて効率が大変劣ります。またスパースファイルをホストにしたボリュームはセキュリティ面でも劣ります。なぜならボリュームのどの部分が未使用かがわかってしまい、さらに「見せかけの拒否」(隠しボリュームの外殻となること)が実質的に使い物になりません。また、もしディスクの空き容量が足りないときにスパースファイルコンテナにデータが書き込まれると、暗号化ファイルシステムが破損してしまうであろうことにも注意してください。\n\n本当にスパースファイルをホストにしたボリュームを作成しますか? + WindowsやVeraCryptが報告するダイナミックコンテナのサイズは、常に最大時のサイズであることに注意してください。現在の物理サイズ(ディスク上の実サイズ)を知るには、コンテナファイルを右クリック(VeraCrypt上ではなくWindows上で)し、プロパティを選んで「ディスク上のサイズ」の値を見てください。\n\n注:ダイナミックコンテナを他のボリュームあるいはドライブに移動すると、その物理サイズは最大時サイズまで拡張されてしまいます(移動先に新たにダイナミックコンテナを作成してからマウントし、古いコンテナから新しいコンテナへ各ファイルを移動すれば回避可能です)。 + パスワードキャッシュが抹消されました。 + VeraCryptドライバが記憶したパスワード(あるいはキーファイルの内容)は抹消されました。 + VeraCryptは未知の種類のボリュームのパスワードは変更できません。 + リストから空きドライブレターを選択してください。 + ドライブ一覧からマウント済みのボリュームを選択してください。 + 現在、2つの異なるボリュームが指定されています(一方はドライブリストに、もう一方はリストの下の入力欄に)。\n\n本当に指定したいボリュームを選択してください: + エラー:'autorun.inf' を作成できません。 + キーファイルの処理中にエラーが発生しました! + キーファイルのあるフォルダの処理中にエラーが発生しました! + キーファイルの場所として指定されたところにファイルが見つかりません。\n\n指定された場所の中にフォルダ(およびその中のファイル)があっても無視されますので、注意してください。 + VeraCryptはこのオペレーティングシステムには対応していません。 + エラー:VeraCryptは安定したバージョンのオペレーティングシステムにしか対応していません(ベータ/RC版には未対応です)。 + エラー:メモリを確保できません。 + エラー:パフォーマンスカウンタから値を取得できません。 + エラー:ボリュームのフォーマットが異常です。 + エラー:標準ボリュームではなく、隠しボリューム用のパスワードが与えられました。 + セキュリティ上の理由により、その場で暗号化されたファイルシステムを持つVeraCryptボリュームには、隠しボリュームを作成できません(そのボリュームの空き領域がランダムなデータで埋められていないため)。 + VeraCrypt - 法的告知事項 + 全てのファイル + VeraCryptボリューム + ライブラリモジュール + NTFS でのフォーマットを続けられません。 + ボリュームをマウントできません。 + ボリュームをアンマウントできません。 + WindowsはボリュームをNFTSでフォーマットすることに失敗しました。\n\n可能なら別のファイルシステムを選択してから再度試してください。あるいは、ボリュームをフォーマットせず(ファイルシステムなしを指定する)にウィザードを終了し、そのボリュームをマウントしてから、システムあるいはサードパーティのフォーマットツールを使ってみることもできます。ボリュームの暗号化状態は維持されます。 + WindowsはボリュームをNTFSでフォーマットすることに失敗しました。\n\n代わりにFATでフォーマットしますか? + デフォルト + パーティション + パーティション + デバイス + デバイス + デバイス + ボリューム + ボリューム + ボリューム + ラベル + 選択されたクラスタサイズはそのサイズのボリュームには小さすぎます。 代わりに、より大きなサイズを選択してください。 + エラー:ボリュームのサイズを取得できません!\n\nそのボリュームがシステムあるいはアプリケーションで使用中でないか確認してください。 + 隠しボリュームはダイナミック(スパースファイル)コンテナに作るべきではありません。「みせかけの拒否」を達成するためには、隠しボリュームは非ダイナミックコンテナ内に作成する必要があります。 + VeraCryptボリューム作成ウィザードが隠しボリュームを作成できるのはFATあるいはNTFSボリュームの中だけです。 + Windows2000では、VeraCryptボリューム作成ウィザードが隠しボリュームを作成できるのはFATボリュームの中だけです。 + 注:外殻ボリュームにはNTFSよりFATの方がより適しています。たとえば外殻ボリュームがFATでフォーマットされていると、隠しボリュームの最大サイズをより大きく取ることが可能となるでしょう。 + 外殻ボリュームにはNTFSよりFATの方がより適しています。たとえば外殻ボリュームがFATでフォーマットされていると、隠しボリュームの最大サイズをより大きく取ることが可能となるでしょう。これはNTFSが常にボリュームの中程に内部で使用するデータを保存することにより、隠しボリューム領域を外殻ボリュームの後半部分にしか確保できないためです。\n\n本当に外殻ボリュームをNTFSでフォーマットしますか? + 代わりにボリュームをFATでフォーマットしますか? + 注:このボリュームはFAT32でサポートされている最大ボリュームサイズを超えているため、FATでのフォーマットはできません。FAT32で適用可能なセクタサイズは2TBのとき512バイト、16TBでは4096バイトとなります。 + エラー:隠しOS用のパーティション(つまりシステムパーティションのすぐ次のパーティション)は、システムパーティション(現在動作中のOSがインストールされているもの)より少なくとも5%以上大きい必要があります。 + エラー:隠しOS用のパーティション(つまりシステムパーティションのすぐ次のパーティション)は、システムパーティション(現在動作中のOSがインストールされているもの)より少なくとも110%以上大きい(つまり2.1倍のサイズ)必要があります。これはNTFSは常にボリュームの中程に内部で使用するデータを保存するため、隠しボリューム(システムパーティションのクローンを保持する必要があります)は隠しOS用パーティションの後半部分にしか格納できないからです。 + エラー:隠しボリュームがNTFSでフォーマットされている場合、それはシステムパーティションより少なくとも110%以上大きい(つまり2.1倍のサイズ)必要があります。これはNTFSは常にボリュームの中程に内部で使用するデータを保存するため、隠しボリューム(システムパーティションのクローンを保持する必要があります)は外殻ボリュームの後半部分にしか格納できないからです。\n\n注:外殻ボリュームは隠しOSと同じパーティション(つまりシステムパーティションのすぐ次のパーティション)に属している必要があります。 + エラー:システムパーティションのすぐ次のパーティションがありません。\n\n隠しOSを作る前に、まずシステムドライブにそれ用のパーティションを作る必要があります。それはシステムパーティションのすぐ次のパーティションである必要があり、少なくともシステムパーティション(現在動作中のOSがインストールされているもの)より5%以上大きくなければなりません。ただしもし外殻ボリューム(システムパーティションと混同しないでください)がNTFSでフォーマットされている場合、隠しOS用のパーティションは少なくともシステムパーティションの110%(つまり2.1倍)以上大きい必要があります。これはNTFSは常にボリュームの中程に内部で使用するデータを保存するため、隠しボリューム(システムパーティションのクローンを保持する必要があります)は外殻ボリュームの後半部分にしか格納できないからです。 + 注:一つのパーティションに二つのVeraCryptボリュームを配置して双方にOSをインストールすることは非実用的であるため、対応していません。なぜなら、外殻ボリューム上のOSを使うことでしばしば隠しOSの領域に書き込みが行われるためです。あるいはそのときもし隠しボリュームへの書き込みを禁止していた場合は、システムクラッシュ、すなわちブルースクリーンエラーが発生してしまいます。 + パーティションの作成と管理の方法については、OS付属のマニュアルを参照するか、メーカーの技術サポートにご相談ください。 + エラー:現在動作中のOSはブートパーティション(最初のアクティブパーティション)にインストールされていません。この状態には対応していません。 + このVeraCryptボリュームに4GB超のファイルを保存する意向のようですが、ファイルシステムにはFATが指定されているため、4GB超のファイルを保存することはできません。\n\n本当に外殻ボリュームをFATでフォーマットしますか? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + エラー:ボリュームにアクセスできません!\n\n選択されたボリュームが実在するか、未マウントでないか、システムやアプリケーションですでに使用されていないか、そのボリュームへの読み書き権限があるか、書き込みプロテクトされていないか、などを確認してください。 + Error: Cannot obtain volume properties. + エラー:このボリュームにアクセスできないかボリュームの情報を取得できません。\n\n選択されたボリュームが存在しているか、そのボリュームがシステムやアプリケーションで使用されていないか、ボリュームへの読み書き権限があるか、ボリュームが書き込み禁止になっていないか、などを確認してください。 + エラー:このボリュームにアクセスできないかボリュームの情報を取得できません。\n\n選択されたボリュームが存在しているか、そのボリュームがシステムやアプリケーションで使用されていないか、ボリュームへの読み書き権限があるか、ボリュームが書き込み禁止になっていないか、などを確認してください。\n\n問題が解決しない場合は、以下の手順を試してみてください。 + エラーによりパーティションの暗号化が中断されました。ここまでに報告された問題を解決してから再度やり直してください。問題が解決しない場合は、以下の手順を試してみてください。 + エラーによりパーティションの暗号化処理への復帰が中断されました。\n\nここまでに報告された問題を解決してから再度やり直してみてください。なお、暗号化処理が完了するまではこのボリュームをマウントすることはできません。 + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + エラー:外殻ボリュームをアンマウントできません!\n\nボリューム内にプログラムやシステムで使用中のファイルあるいはフォルダがあると、ボリュームのアンマウントができません。\n\nファイルやフォルダを使用していると思われるプログラムを終了させてから「再試行」をクリックしてください。 + エラー:外殻ボリュームの情報を取得できませんでした! ボリュームの作成を続行できません。 + エラー:外殻ボリュームにアクセスできません! ボリュームの作成を続行できません。 + エラー:外殻ボリュームをマウントできません! ボリュームの作成を続行できません。 + エラー:ボリュームのクラスタビットマップを取得できません! ボリュームの作成を続行できません。 + 分類別(アルファベット順) + 平均速度(降順) + アルゴリズム + 暗号化 + 復号 + 平均 + ドライブ + サイズ + 暗号化アルゴリズム + 暗号化アルゴリズム + タイプ + + プロパティ + 場所 + バイト + 隠し + 外殻 + 通常 + システム + 隠しシステム + 読み取り専用 + システムドライブ + システムドライブ (暗号化 - %.2f%% 終了) + システムドライブ (復号 - %.2f%% 終了) + システムドライブ (%.2f%% 暗号化済み) + システムパーティション + 隠しシステムパーティション + システムパーティション (暗号化 - %.2f%% 終了) + システムパーティション (復号 - %.2f%% 終了) + システムパーティション (%.2f%% 暗号化済み) + はい(破損防止中!) + なし + マスターキーサイズ + セカンダリキーサイズ(XTSモード) + Tweakキーサイズ(LRWモード) + ビット + ブロックサイズ + PKCS#5 疑似乱数関数 + PKCS#5 反復回数 + ボリューム作成日時 + ヘッダ最終更新日時 + (%I64d 日前) + ボリュームフォーマットバージョン + 埋込バックアップヘッダ + VeraCryptブートローダーバージョン + 最初の空き + リムーバブルディスク + ハードディスク + 未変更 + 自動検出 + ウィザードモード + モードを選択してください。よくわからなければデフォルトのモードを使用してください。 + VeraCryptをこのシステムにインストールしたいときは、このオプションを選択してください。 + 注:システムパーティション/ドライブが暗号化されていたり、隠しOSを利用していたとしても、復号せずにアップグレードできます。 + このオプションを選択すると、パッケージ内のファイルがすべて展開されますが、システムへのインストールはされません。もしシステムパーティションあるいはシステムドライブを暗号化するのであれば、これは選択しないでください。このオプションは、たとえばVeraCryptをポータブルモードで使用する場合に有用です。VeraCryptを実行するとき、OSへのインストールは必須ではありません。すべてのファイルが展開された後、展開された'VeraCrypt.exe'を直接実行できます(ポータブルモードで動作します)。 + セットアップオプション + ここでインストールに関する数々のオプションを指定できます。 + インストール中 + VeraCryptがインストールされるまでしばらくお待ちください。 + VeraCryptのインストールに成功しました + VeraCryptのアップグレードに成功しました + どうぞ寄付をご検討ください。いつでも終了をクリックしてインストーラーを終了できます。 + 展開オプション + ここで展開に関する種々のオプションを指定できます。 + ファイルが展開されるまでしばらくお待ちください。 + ファイルの展開に成功しました + 指定された場所へのすべてのファイルの展開に成功しました。 + 指定されたフォルダが存在しない場合は自動的に作成されます。 + 既存のVeraCryptのインストール先にあるプログラムファイルがアップグレードされます。違う場所を指定したい場合は、まず先にVeraCryptをアンインストールしてください。 + VeraCryptの現在(最新安定版)のリリースノートを表示しますか? + VeraCryptを使うのが初めてならば、ユーザーズガイドの「初心者のためのチュートリアル」に目を通されるようお勧めします。ユーザーズガイドを読みますか? + 実行内容を以下から選択してください: + リペア/再インストール + アップグレード + アンインストール + VeraCryptのインストール/アンインストールを完了させるには、管理者権限が必要です。続けますか? + 現在VeraCryptインストーラが起動しており、インストールあるいはアップデートの実行中です。インストーラの処理が終わるのを待つか、閉じるかしてください。閉じることができない場合は再起動してください。 + インストールに失敗しました。 + アンインストールに失敗しました。 + この配布パッケージは破損しています。(なるべくVeraCryptの公式サイト https://veracrypt.codeplex.com から)もう一度ダウンロードしてみてください。 + ファイル %s を書き込めません。 + 展開 + パッケージからデータを読み込めません。 + この配布パッケージの完全性を検証できません。 + 展開に失敗しました。 + インストール内容はロールバックされました。 + VeraCryptのインストールに成功しました + VeraCryptの更新に成功しました。 + VeraCryptのアップグレードに成功しました。ただし使用を開始するためにはコンピュータを再起動する必要があります。\n\nすぐに再起動しますか? + VeraCryptのアップグレードに失敗しました!\n\n重要:システムをシャットダウンあるいは再起動する前に、システムの復元(スタート→すべてのプログラム→アクセサリ→システムツール→システムの復元)で「VeraCrypt installation」と名付けられた復元ポイントまでシステムをリストアすることを強くお勧めします。もし「システムの復元」が使えない場合は、代わりにVeraCryptの元の(あるいは新しい)バージョンの再インストールを、システムをシャットダウンあるいは再起動する前に行ってみてください。 + VeraCryptのアンインストールに成功しました。\n\n「終了」をクリックするとVeraCryptのインストーラーおよび %s フォルダが削除されます。ただしこのフォルダの中に「VeraCryptが作成したファイル」あるいは「VeraCryptインストーラーが入れたものではないファイル」があった場合は削除されません。 + VeraCryptのレジストリエントリを削除しています + レジストリにエントリを追加しています + アプリケーションに固有のデータを削除しています + インストール中 + 停止中 + 削除中 + アイコンを追加しています + システム復元ポイントを作成しています + システム復元ポイントの作成に失敗しました! + ブートローダーを更新しました + '%s'. %s へのインストールに失敗しました。 インストール作業を続けますか? + '%s'. %s からのアンインストールに失敗しました。 アンインストール作業を続けますか? + インストールが完了しました。 + フォルダ '%s' を作成できませんでした + VeraCryptのデバイスドライバをメモリ上から解放できませんでした。\n\nまず先にVeraCryptのウィンドウをすべて閉じてください。うまくいかないようでしたら、Windowsを再起動してからもう一度試してみてください。 + インストールあるいはアンインストールを続ける前に、VeraCryptのすべてのボリュームをアンマウントしなくてはなりません。 + VeraCryptの古いバージョンがこのシステムにインストールされています。VeraCryptの新しいバージョンをインストールする前に古いバージョンをアンインストールする必要があります。\n\nこのメッセージウィンドウを閉じると、古いバージョンのアンインストーラーがすぐに起動します。なおVeraCryptのアンインストール中に暗号化ボリュームが復号されることはありません。古いVeraCryptをアンインストールしてから、再びこの新しいバージョンのVeraCryptインストーラーを実行してください。 + レジストリエントリのインストールに失敗しました + デバイスドライバのインストールに失敗しました。Windowsを再起動してから、再度VeraCryptをインストールしてみてください。 + VeraCryptデバイスドライバを開始しています + デバイスドライバのアンインストールに失敗しました。これはWindowsの問題です。デバイスドライバをアンインストール(あるいは再インストール)する前に、ログオフあるいはシステムの再起動が必要でしょう。 + VeraCryptデバイスドライバをインストール中です + VeraCryptデバイスドライバを停止中です + VeraCryptデバイスドライバをアンインストール中です + ユーザアカウントコントロールサポートライブラリの登録に失敗しました。 + ユーザアカウントコントロールサポートライブラリの登録解除に失敗しました。 + ポータブルモードについて:\n\nOSはドライバーがその動作を開始するより前にそれがOSに登録済みであることを要求します。したがってVeraCryptのドライバーは完全なポータブルではなく、またそれは不可能です。ただしVeraCryptのアプリケーション自体は完全にポータブルです。たとえば事前にOSにインストールしておく必要がありません。なおVeraCryptは透過的に即時暗号化および復号を行うためにドライバーが必要であることもお知りおきください。 + VeraCryptを(インストールされたものではなく)ポータブルモードで実行させたい場合、VeraCryptを実行しようとするたびにシステムが実行権限について尋ねてくるでしょう(ユーザーアカウント制御)。\n\nこれはVeraCryptがポータブルモードで動作するときに、デバイスドライバの読み込みと開始を要求するからです。VeraCryptが即時の暗号化/復号処理を行うためにはデバイスドライバが必要ですが、Windowsでは管理者権限を持つユーザー以外はデバイスドライバを開始できません。そのため、システムはVeraCryptの起動に管理者権限を要求します。\n\nもしVeraCryptを(ポータブルモードではなく)システムにインストールした場合は、VeraCryptを実行するたびに権限を確認されることはありません。\n\n本当にファイルを展開しますか? + 警告:このボリューム作成ウィザードは管理者権限で動作しています。\n\nそのため、新規作成されたボリュームがマウントされたときに、権限が足りずに書き込めないおそれがあります。それを防ぐためには、このボリューム作成ウィザードをいったん終了し、管理者権限のない状態でボリューム作成ウィザードを起動してください。\n\nこのボリューム作成ウィザードを終了しますか? + エラー:ライセンスを表示できません。 + 外殻(!) + + 時間 + + + 開く + アンマウント + メインウィンドウを表示 + メインウィンドウを隠す + マウント後の読み込みデータ量 + マウント後の書き込みデータ量 + 暗号化された部分 + 100% (すべて暗号化) + 0% (未暗号化) + %.3f%% + 100% + 待機中 + 準備中 + リサイズ中 + 暗号化中 + 復号中 + 終了処理中 + 一時中断 + 完了 + エラー + デバイスが取り外されました + システムお気に入りボリュームが登録されました。\n\nシステムお気に入りボリュームをWindows起動の度に毎回自動的にマウントしたい場合は、[設定]-[システムお気に入りボリューム]-[Windows起動時にシステムお気に入りボリュームをマウント]と選択してください。 + お気に入りに登録しようとしたボリュームはパーティションでもダイナミックボリュームでもありませんでした。そのためデバイス数が変わった場合、お気に入りボリュームとしてはマウントできなくなります。 + お気に入りに登録しようとしたボリュームはWindowsが認識できないパーティションでした。\n\nデバイス数が変わった場合、お気に入りボリュームとしてはマウントできなくなります。まずパーティションをWindowsが認識できるタイプに設定してください(Windowsの 'diskpart' ツールでSETIDコマンドを使ってください)。それからこのパーティションをお気に入りに登録しなおしてください。 + VeraCryptの常駐が無効であるか、何もマウントされていないときに終了する設定になっています。あるいはポータブルモードで起動しています。このためデバイスが接続されたときに自動マウントされるようにしたお気に入りボリュームは使えないことがあります。\n\n注:VeraCryptの常駐を有効にするには [設定]-[各種設定] を選択し、「VeraCryptの常駐」で「常駐する」にチェックを入れてください。 + ネットワーク越しに共有しているリモートファイルシステム上のコンテナは、デバイスが接続されたときに自動マウントすることはできません。 + 以下に表示されているデバイスはパーティションでも非ダイナミックボリュームでもありません。したがってこのデバイス上のボリュームは、デバイスが接続されたときに自動マウントすることはできません。 + まず以下に表示されているパーティションのタイプをWindowsが認識できるタイプに設定してください(Windowsの 'diskpart' ツールでSETIDコマンドを使ってください)。その後、そのパーティションをお気に入りから削除し、追加しなおしてください。これによってそのデバイス型ボリュームを接続時に自動マウントできるようになります。 + 以下に表示されているデバイスはパーティションでも非ダイナミックボリュームでもありません。したがってラベルを割り当てることはできません。 + まず以下に表示されているパーティションのタイプをWindowsが認識できるタイプに設定してください(Windowsの 'diskpart' ツールでSETIDコマンドを使ってください)。その後、そのパーティションをお気に入りから削除し、追加しなおしてください。これによってそのパーティションにラベルを設定できるようになります。 + Windowsの制限により、ネットワーク越しに共有されているリモートファイルシステム上のコンテナはシステムお気に入りボリュームとしてマウントはできません。ただしユーザーがログオンすれば普通のお気に入りボリュームとしてマウントできます。 + %s のパスワードを入力してください。 + '%s' のパスワードを入力してください。 + 標準/外殻ボリュームのパスワードを入力してください。 + 隠しボリュームのパスワードを入力してください。 + バックアップファイルに保存されたヘッダのパスワードを入力してください。 + キーファイルの生成に成功しました。 + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + 警告:このボリュームのヘッダが壊れています! VeraCryptは自動的にこのボリュームに埋め込まれているバックアップを使用します。\n\n[ツール]-[ボリュームヘッダのリストア]を選択して、ボリュームヘッダを修復してください。 + ボリュームヘッダのバックアップを無事に作成しました。\n\n重要:このバックアップを使ってボリュームヘッダをリストアすることは、現在のボリュームのパスワードも同様に復元します。さらに、もしこのボリュームのマウントにキーファイルが必要だったのなら、同じキーファイルがこのボリュームのマウントのために必要です。\n\n警告:このボリュームヘッダのバックアップは、このボリュームにのみリストアできます。もし他のボリュームにこのヘッダのバックアップをリストアした場合、そのボリュームのマウントはできますが、格納されていたデータの復号化ができなくなります(マスターキーを変更したため)。 + ボリュームヘッダのリストアに成功しました。\n\n重要:古いパスワードも同様に復元されました。さらに、もしこのボリュームのマウントにキーファイルが必要だったのなら、同じキーファイルがこのボリュームのマウントのために必要です。 + セキュリティ上の理由により、このボリュームの正しいパスワードを入力する必要があります(キーファイルがあるならそれも正しく指定してください)。\n\n注:もしこのボリュームに隠しボリュームが含まれているなら、まず外殻ボリュームのパスワードを先に入力してください(キーファイルも同様)。隠しボリュームのヘッダをバックアップするのであれば、その後に、隠しボリュームの正しいパスワードを入力する必要があります(キーファイルも同様)。 + ボリューム %s のボリュームヘッダを本当にバックアップしますか?\n\n「はい」をクリックすると、ヘッダのバックアップを保存するファイル名を尋ねられます。\n\n注:標準および隠しのボリュームヘッダが新しいソルトによって再暗号化されてバックアップファイルに保存されます。もし隠しボリュームが存在していなくても、見せかけの拒否を守るため、バックアップファイルには隠しボリューム用の領域が確保されて、その領域はランダムなデータで充填されます。ボリュームヘッダをリストアするときには、ボリュームヘッダのバックアップを作成した時点の正しいパスワードを入力(および正しいキーファイルを指定)する必要があります。VeraCryptは入力されたパスワードによって、自動的に標準か隠しかどちらのボリュームヘッダをリストアするのかを決定します。 + ボリューム %s のボリュームヘッダを本当にリストアしますか?\n\n警告:ボリュームヘッダをリストアすると、パスワードもバックアップ作成時のものに復元されます。また、もしこのバックアップを作成した時点でこのボリュームのマウントにキーファイルが必要だったのなら、リストア後には同じキーファイルがマウントのために必要になります。\n\n「はい」をクリックした後、ヘッダのバックアップを選択してください。 + このボリュームは隠しボリュームを含んでいますか? + このボリュームは隠しボリュームを含んでいます。 + このボリュームは隠しボリュームを含んでいません。 + 使用したいボリュームヘッダバックアップの種類を選択してください: + ボリューム内に埋め込まれたバックアップからボリュームヘッダをリストアする + バックアップファイルからボリュームヘッダをリストアする + ボリュームヘッダのバックアップファイルのサイズが正しくありません。 + このボリュームにはボリュームヘッダのバックアップが埋め込まれていません(注:VeraCrypt6.0以降でボリュームを作成しないと、ボリューム内にバックアップを埋め込めません)。 + システムパーティション/ドライブのヘッダのバックアップは拒否されました。システムパーティション/ドライブに関するバックアップおよびリストアの操作は、VeraCryptレスキューディスクを使用したときのみ可能です。\n\nVeraCryptレスキューディスクを作成しますか? + VeraCrypt仮想ボリュームのヘッダをシステムパーティション/ドライブにリストアしようとしましたが拒否されました。システムパーティション/ドライブに関するバックアップおよびリストアの操作は、VeraCryptレスキューディスクを使用したときのみ可能です。\n\nVeraCryptレスキューディスクを作成しますか? + 「OK」をクリックして、VeraCryptレスキューディスクのISOイメージの新しいファイル名、および保存場所を指定してください。 + レスキューディスクのイメージファイルが次の名前で作成されました: %s\n\n次にレスキューディスクをCDかDVDに書き込む必要があります。\n\n重要:このファイルは個別のファイルとしてではなく、ISOディスクイメージとしてCD/DVDに書き込まなければなりません。具体的な方法はお使いのレコーディングソフトのマニュアルを参照してください。\n\nレスキューディスクを作成後、メニューから[システム]-[レスキューディスクの検証]を選択し、正しく作成されたかを検証してください。 + レスキューディスクのイメージファイルが次の名前で作成されました: %s\n\n次にレスキューディスクをCDかDVDに書き込む必要があります。\n\nWindowsディスクイメージ書き込みツールを起動しますか?\n\n注:レスキューディスクを作成後、メニューから[システム]-[レスキューディスクの検証]を選択し、正しく作成されたかを検証してください。 + VeraCryptレスキューディスクをCD/DVDドライブに挿入してから「OK」を押すと検証します。 + VeraCryptレスキューディスクの検証に成功しました。 + レスキューディスクが正しく作成されているか検証できませんでした。\n\nレスキューディスクをお持ちなら、CD/DVDをいったん排出してから再度挿入してみてください。もしこの方法でダメなら、他のレコーディングソフトあるいはメディアを使ってみてください。\n\nもし別のマスターキー、パスワード、ソルトを設定して作られたレスキューディスクを検証しようとしているのであれば、これは常に検証に失敗します。現在の設定に適合したレスキューディスクを作成するには、メニューから[システム]-[レスキューディスクの作成]を選択してください。 + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + VeraCryptレスキューディスクの作成中にエラーが発生しました。 + 隠しOSの起動中はVeraCryptレスキューディスクを作成することができません。\n\nレスキューディスクを作成するためには、囮用OSを起動し、[システム]-[レスキューディスク作成]を選択してください。 + レスキューディスクが正しく作成されているか検証できませんでした。\n\nもしレスキューディスクを作成したばかりであれば、CD/DVDをいったん排出してから再度挿入し「次へ」をクリックしてみてください。もしこの方法でダメなら、他のメディア%sを使ってみてください。\n\nもしまだレスキューディスクを作成していないのであれば、作成してから「次へ」をクリックしてください。\n\nもしこのウィザードを開始する前に作成されたVeraCryptレスキューディスクを検証しようとしているのであれば、そのようなディスクは使えません。それは異なるマスターキーのために作成されたものだからです。この場合は新たにレスキューディスクを作成する必要があります。 + (あるいは他のレコーディングソフト) + VeraCrypt - システムお気に入りボリューム + システムお気に入りボリュームとは? + システムパーティション/ドライブは暗号化されてないようです。\n\nシステムお気に入りボリュームは起動前認証用のパスワードでのみマウントできます。したがって、システムお気に入りボリュームを使用するためには、先にシステムパーティション/ドライブを暗号化しておく必要があります。 + 先に進む前にボリュームをアンマウントしてください。 + タイマーをセットできませんでした。 + ファイルシステムのチェック + ファイルシステムの修復 + お気に入りに追加... + システムお気に入りに追加... + プロパティ(&r)... + 隠しボリュームの保護 + N/A + はい + いいえ + 無効 + 1 + 2以上 + 動作モード + ラベル: + サイズ: + PATH: + ドライブレター: + エラー:パスワードにはASCII文字しか使えません。\n\nASCII文字以外を使うと、システムの設定が変更されたときにボリュームがマウントできなくなる可能性があります。\n\n次の文字を使うことができます:\n\n! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + 警告:パスワードにASCII文字以外の文字が含まれています。このことによって、システムの設定が変更されたときに、ボリュームのマウントが不可能になる可能性があります。\n\n全ての非ASCII文字をASCII文字に置き換えてください。 そのためには、[ボリューム]-[パスワードの変更]とクリックしてください。\n\n次の文字を使うことができます:\n\n! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + 警告:ファイル名の拡張子として、実行可能なもの(例:.exe, .sys, .dll)や、その他問題を起こしそうなものを使わないように強く推奨します。そのような拡張子のファイルはWindowsやアンチウィルスソフトのチェック対象になるため、パフォーマンスを悪化させたり、その他深刻な問題を引き起こす要因となります。\n\nこのような拡張子は消すかあるいは変更する(例えば .hc へ)ことを強く推奨します。\n\nこのような問題となりうる拡張子を本当に使用しますか? + 警告;このコンテナファイルには、実行可能(例:.exe, .sys, .dll)あるいは、同様に問題を引き起こしそうな種類の拡張子が使われています。そのような拡張子のコンテナファイルはWindowsやアンチウィルスソフトのチェック対象になるため、パフォーマンスを悪化させたり、その他深刻な問題を引き起こす要因となります。\n\nこのボリュームをアンマウントした後、このような拡張子を消すかあるいは変更する(例えば .hc へ)ことを強く推奨します。 + ホームページ + 警告:この Windows にはサービスパックが適用されていません。 サービスパック1以降が適用されていない WindowsXP では、128 GB を超えるサイズの IDE ハードディスクに書き込みができません! もし書き込もうとすると(VeraCryptボリュームであろうとなかろうと)ディスク上のデータが壊れてしまうでしょう。なお、これは Windows 自体の制限であって、VeraCryptのバグではありません。 + 警告:この Windows にはサービスパック3以降が適用されていません。 サービスパック3以降が適用されていない Windows2000 では、128 GB を超えるサイズの IDE ハードディスクに書き込みができません! もし書き込もうとすると(VeraCryptボリュームであろうとなかろうと)ディスク上のデータが壊れてしまうでしょう。なお、これは Windows 自体の制限であって、VeraCryptのバグではありません。\n\n注:レジストリの設定で 48ビットLBAを扱えるようにする必要があります。詳しくは http://support.microsoft.com/kb/305098/JA を参照してください。 + 警告:このシステムでは48ビットLBA ATAPIがサポートされていません。したがって 128 GB を超えるサイズのIDEハードディスクに書き込みができません! もし書き込もうとすると(VeraCryptボリュームであろうとなかろうと)ディスク上のデータが壊れてしまうでしょう。なお、これは Windows 自体の制限であって、VeraCryptの制限ではありません。\n\n48ビットLBA ATAPIのサポートを有効にするには、レジストリの HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters で、'EnableBigLba' の値を1にしてください。\n\n詳しくは http://support.microsoft.com/kb/305098/JA を参照してください。 + エラー:FAT32ファイルシステムには4GBを超えるサイズのファイルを書き込むことはできません。そのため、FAT32でフォーマットされたボリューム上にも、4GBを超えるサイズのVeraCryptコンテナファイルを作成することはできません。\n\nもしより大きなサイズのボリュームが必要であれば、NTFSでフォーマットされたボリューム上に作成するか(あるいはVista SP1以降ならexFATも可)、あるいはパーティション全体を暗号化してください。 + 警告:Windows XPは 2048GB 以上のファイルをサポートしていません(十分な容量がない旨のエラーが出ます)。したがって Windows XP 環境下では 2048GB より大きなコンテナファイルを作ることはできません。\n\n注:ただし Windows XP 環境下でも、デバイス全体あるいはパーティション型のボリュームなら 2048GB 以上のサイズであっても暗号化可能です。 + 警告:外殻ボリュームにファイルを追加できるようにしておきたいのであれば、隠しボリュームのサイズはもっと小さくするよう見直すべきです。\n\n指定されたサイズで処理を続けてよろしいですか? + ボリュームが選択されていません。\n\n「デバイスの選択」あるいは「ファイルの選択」をクリックして、VeraCryptボリュームを指定してください。 + パーティションが選択されていません。\n\n「デバイスの選択」をクリックし、通常は起動前認証が必要な未マウント状態のパーティション(例:未起動の他のOSの暗号化システムドライブ上のパーティションあるいは他のOSの暗号化システムパーティションなど)を選択してください。\n\n注:選択されたパーティションは、通常の起動前認証が不要なVeraCryptボリュームと同じようにマウントされます。これは例えばバックアップや修復作業のときに有用です。 + 警告:デフォルトのキーファイルを設定して有効にすると、それらのキーファイルを使っていないボリュームをマウントできなくなります。デフォルトのキーファイルを有効にした後に、そのようなボリュームをマウントする場合は「キーファイルを使用する」のチェック(パスワード入力欄の下にあります)を外すことを忘れないでください。\n\n指定されたキーファイルあるいはフォルダをデフォルトとして保存しますか? + デバイスの自動マウント + すべてアンマウント + 記憶したパスワードの消去 + すべてアンマウント→記憶したパスワードを消去 + すべて強制アンマウント→記憶したパスワードを消去 + すべて強制アンマウント→記憶したパスワードを消去→終了 + お気に入りをマウント + メインウィンドウの表示/消去 + (ここをクリックしてから割り当てるキーを押してください) + 動作 + ショートカット + エラー:そのショートカットは予約されています。違うショートカットにしてください。 + エラー:そのショートカットはすでに使われています。 + 警告:一つ以上のVeraCryptホットキーが使えなくなっています!\n\nほかのアプリケーションやオペレーティングシステムが、VeraCryptと同じショートカットを使用していないか確認してください。 + ページファイルの作成を中止しました。\n\nWindowsの問題により、ページファイルは非システムVeraCryptボリューム(システムお気に入りボリュームも含みます)上には作成できません。VeraCryptはページファイルを暗号化システムパーティション/ドライブ上にのみ作成可能です。 + エラーあるいは非互換性によりハイバネーションファイルは暗号化できません。そのため休止状態は阻止されました。\n\n注:コンピュータが休止状態(あるいはパワーセーブモード)になるとき、メモリーの内容がハイバネーションファイルとしてディスク上に保存されます。VeraCryptは、暗号鍵自体やRAM上に展開されている秘密にしたいファイルの内容が、暗号化されないままハイバネーションファイルに保存されることを止めることができません。 + 休止状態は阻止されました。\n\nVeraCryptは追加のブートパーティションを利用している隠しOS上での休止状態をサポートしていません。ブートパーティションは囮と隠しの両システムで共用されていることに留意してください。データの漏出防止と休止状態からの復帰時の問題に対処するため、VeraCryptは隠しシステムについて共用ブートパーティションへの書き込みおよびシステム休止を禁止する必要があるのです。 + %c: ドライブとしてマウントされていたVeraCryptボリュームがアンマウントされました。 + VeraCryptボリュームがアンマウントされました。 + VeraCryptボリュームがアンマウントされ、記憶されていたパスワードは抹消されました。 + アンマウントに成功しました + 警告:VeraCryptの常駐を無効にすると次の機能も無効になります:\n\n1) ホットキー\n2) 自動アンマウント(例:ログオフしたとき、不用意にホストにしていたデバイスを外したとき、タイムアウト時など)\n3) お気に入りボリュームの自動マウント\n4) 通知機能(例:隠しボリュームの保護機能が働いたときなど)\n5) トレイアイコンの表示\n\n注:トレイアイコンを右クリックして「終了」を選べば、いつでも常駐を終了できます。\n\n本当にVeraCryptの常駐機能を無効にしますか? + 警告:もしこのオプションを無効にすると、ボリューム上に開かれているファイルやフォルダがあった場合に、自動アンマウントできなくなります。\n\n本当にこのオプションを無効にしますか? + 警告:今の設定では開かれたファイルやフォルダが含まれるボリュームは、自動アンマウントされません。\n\nこれを防ぐには、この設定画面の「ボリュームに開かれたファイルやフォルダがあっても強制的にアンマウント」のチェックを有効にしてください。 + 警告:ノート型PCのバッテリー残量が低下したとき、Windowsは、実行中のアプリケーションへコンピュータが省電力モードに入ったときに通知すべきメッセージを送り損なう可能性があります。そのため、そのような場合にはVeraCryptがボリュームの自動アンマウントに失敗するかもしれません。 + 中断中のパーティション/ボリュームの暗号化処理があります。この処理は未完了です。\n\n今すぐ処理を再開しますか? + システムパーティション/ドライブの暗号化(もしくは復号)作業を予約しました。この作業はまだ完了していません。\n\nすぐに暗号化(もしくは復号)作業を開始しますか? + 現在の非システムパーティション/ボリュームの暗号化処理の再開が計画されているかどうかについて、通知しますか? + はい、通知してください + いいえ、通知しないでください + 重要:非システムパーティション/ボリュームの暗号化処理を再開するには、VeraCryptメインウィンドウのメニューから、[ボリューム]-[中断処理を再開]を選択してください。 + システムパーティション/ドライブの暗号化(もしくは復号)作業を予約しました。ただし起動前認証は失敗し(あるいはスキップされ)ました。\n\n注:起動前の環境下でシステムパーティション/ドライブを復号したのであれば、VeraCryptのメインウィンドウのメニューから[システム]-[システムパーティション/ドライブの暗号化を解除]を選んでその作業を完了させる必要があります。 + 警告:ここでVeraCryptを終了すると、次の機能が働かなくなります:\n\n1) ホットキー\n2) 自動アンマウント(例:ログオフしたとき、不用意にホストにしていたデバイスを外したとき、タイムアウト時など)\n3) お気に入りボリュームの自動マウント\n4) 通知機能(例:隠しボリュームの保護機能が働いたときなど)\n\n注:VeraCryptを常駐させたくない場合は、設定画面でVeraCryptの常駐を無効にしてください(必要なら起動時の自動実行も無効にしてください)。\n\n本当にVeraCryptを終了しますか? + 終了しますか? + 暗号化なのか復号なのかを決定するための十分な情報がありません。 + 暗号化なのか復号なのかを決定するための十分な情報がありません。\n\n注:もし起動前の環境下でシステムパーティション/ドライブを復号したのであれば、「復号」をクリックして作業を完了させる必要があります。 + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + パーティション/ボリュームの暗号化処理を中断して後に回しますか?\n\n注:ボリュームは暗号化処理を完了するまでマウントできないことに注意してください。後で暗号化処理を中断した箇所から再開することができます。その際はVeraCryptのメインウィンドウから、[ボリューム]-[中断処理を再開]を選択してください。 + システムパーティション/ドライブの暗号化処理を中断して先送りにしますか?\n\n注:この処理は中断した箇所から後で再開することができます。それはたとえばVeraCryptメインウィンドウのメニューから[システム]-[中断処理を再開]を選択することで可能です。もし暗号化自体を解除したい場合は[システム]-[システムパーティション/ドライブの暗号化を解除]を選択してください。 + システムパーティション/ドライブの暗号化解除処理を中断して先送りにしますか?\n\n注:この処理は中断した箇所から後で再開することができます。それはたとえばVeraCryptメインウィンドウのメニューから[システム]-[中断処理を再開]を選択することで可能です。もし暗号化解除をやめて暗号化する場合は[システム]-[システムパーティション/ドライブの暗号化]を選択してください。 + エラー:システムパーティション/ドライブの暗号化/復号処理の中断に失敗しました。 + エラー:ワイプ処理の中断に失敗しました。 + エラー:システムパーティション/ドライブの暗号化/復号処理の再開に失敗しました。 + エラー:ワイプ処理の開始に失敗しました。 + 不整合状態を解決しました。\n\n\n(もしこの問題についてバグ報告をしてくださるなら、以下の技術的情報を付け加えてくださるようお願いします: %hs) + エラー:予期しない状態です。\n\n\n(この状態をバグ報告する場合、次の情報も報告に含めるようお願いいたします。: %hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + 警告:VeraCryptの常駐は無効になっています。VeraCryptの終了後は、隠しボリュームの保護機能が働いても告知されません。\n\n注:VeraCryptのトレイアイコンを右クリックして終了を選べば、いつでも常駐を終了できます。\n\nVeraCryptの常駐を有効にしますか? + 言語パックのバージョン: %s + %s ドライブとしてマウントされた VeraCryptボリュームのファイルシステムをチェック中です... + %s ドライブとしてマウントされた VeraCryptボリュームのファイルシステム修復を試みています... + 警告:このボリュームは旧式の暗号化アルゴリズムで暗号化されています。\n\nすべての64ビットブロックの暗号化アルゴリズム(例:Blowfish, CAST-128, Triple DES)は非推奨です。VeraCryptの将来のバージョンでも、このボリュームをマウントすることはできるでしょう。ただしこれら旧式の暗号化アルゴリズムの実装については今後の拡張予定はありません。128ビットブロックの暗号化アルゴリズム(AES, Serpent, Twofish など)を使ったVeraCryptボリュームを新しく作成し、今のこのボリュームにあるすべてのファイルを、新しいボリュームに移すことをお勧めします。 + このシステムは新しいボリュームの自動マウントができるようには設定されていません。 このことによりデバイス型のVeraCryptボリュームのマウントは不可能でしょう。 次のコマンドを実行してから再起動することで、自動マウントを有効にできます。\n\nmountvol.exe /E + 作業を進める前に、先にパーティションあるいはデバイスにドライブレターを割り当ててください(Vistaならコントロールパネルから「システムとメンテナンス」→「管理ツール」とたどり、「ハードディスクパーティションの作成とフォーマット」を開きます)。\n\n注:これはオペレーティングシステム側の要請です。 + VeraCryptボリュームのマウント + VeraCryptボリュームのアンマウント + VeraCryptは管理者権限の取得に失敗しました。 + オペレーティングシステムによってアクセスが拒否されました。\n\n可能性のある原因:オペレーティングシステムは、指定されたフォルダやファイルあるいはデバイス等の読み書きについて、あなたが許可されている(あるいは管理者権限を持っている)ことを要求しています。普通は、管理者権限を持たない一般ユーザーであっても、自分自身のドキュメント置き場(マイドキュメントの中など)にファイルを新しく作成すること、ファイルの読み書きや修正することは許可されています。 + エラー:指定のドライブはサポートされていないセクタサイズを使用しています。\n\n今のところ、4096 バイトより大きいセクタが使われているドライブにはパーティション/デバイス型のボリュームを作成できません。ただしそのようなドライブでもファイルコンテナ型のボリュームなら作成可能です。 + セクタサイズが 512 バイト以外であるディスクにインストールされているシステムは、今のところ暗号化できません。 + VeraCryptのブートローダーはシステムドライブの先頭に最低でも32Kバイトの空き領域を必要とします(その領域にブートローダーが保存されます)。残念ながら指定のドライブは条件を満たしていません。\n\nこの件についてVeraCryptのバグ/問題として報告しないでください。この問題を解決するにはディスクに再パーティション処理を行って、先頭に32Kバイトの空き領域を残してください(たいていのケースでは一番目のパーティションを削除して作り直す必要があります)。マイクロソフトのパーティションマネージャ(たとえばWindowsをインストールすると使用できるようになります)を使うことを推奨します。 + この機能は現在ご使用中のバージョンのOSでは対応していません。 + 現在ご使用中のバージョンのOSではシステムパーティション/ドライブの暗号化に対応していません。 + Windows Vistaのシステムパーティション/ドライブを暗号化する前に、Windows Vista用のサービスパック1以降をシステムに適用してください(このシステムにはそのようなサービスパックが未適用です)。\n\n注:Windows Vista SP1では、システム起動時に必要なメモリー量不足の問題が解決されています。 + サービスパックが適用されていないWindows Vistaのシステムパーティション/ドライブの暗号化はもうサポートされません。VeraCryptをアップグレードする前にVistaにSP1以上を適用してください。 + エラー:この機能はVeraCryptがこのシステムにインストールされている必要があります(現在はポータブルモードです)。\n\nVeraCryptをインストールしてもう一度試してみてください。 + エラー:起動しようとしたドライブにWindowsがインストールされているか確認できません。この状態には対応していません。\n\n起動しようとしたドライブにWindowsがインストールされていることを確認してから続けるべきです。\n\n処理を続けますか? + システムドライブにGPT(GUIDパーティションテーブル)があります。現在はMBRパーティションテーブルのドライブのみ対応しています。 + 注意:VeraCryptブートローダーがすでにシステムドライブにインストールされています!\n\nこれはこのマシン上の別のシステムがすでに暗号化されている可能性を示唆しています。\n\n警告:現在実行中のシステムで暗号化処理を継続すると、その別のシステムを起動できなくなったり、そのデータを参照できなくなったりするでしょう。\n\n本当に処理を続けますか? + 元システムのブートローダーの復帰に失敗しました。\n\nVeraCryptブートローダーをWindowsのブートローダーに置き換えるには、VeraCryptレスキューディスクで 'Repair Options'→'Restore original system loader' を実行するか、Windowsのインストールディスクを使用してください。 + 元システムのブートローダーがレスキューディスクに保存されていないようです。おそらくバックアップファイルが失われています。 + MBRセクターに書き込めませんでした。\n\nBIOSの設定でMBRセクターが保護されていると思われますので、BIOSの設定を確認してください(電源投入後にF2、Delete、あるいはEscキーを押してください)。 + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + VeraCryptブートローダーの必要なバージョンがインストールされていません。そのため指定された設定のいくつかは保存されません。 + 注:時と場合によっては、このコンピュータを起動しているところを見ている他人に、あなたがVeraCryptを使っていることを知られたくないということもあるかもしれません。上記のオプションで、VeraCryptのブートローダー画面をカスタマイズすることができます。最初のオプションを有効にすると、ブートローダーの起動時に一切の文字表示をしません(誤ったパスワードを入力したときでさえもです)。コンピュータは正しいパスワードが入力されるまで固まっているように見えます。あるいはカスタムメッセージを表示させて敵対者に誤解を与えることもできます。たとえば次のような偽のエラーメッセージ「Missing operating system」(これは通常のWindowsブートローダーが、Windowsのブートパーティションを見つけられないときのものです)などです。ただし、もし敵対者がハードディスクの内容を解析できるのであれば、VeraCryptブートローダーの存在を検出することは可能です。 + 警告:このオプションを有効にした場合、VeraCryptブートローダーは起動画面において一切の文字表示を行いません(パスワードが誤っていても同様です)。このコンピュータは正しいパスワードが入力されるまで固まってしまったかのように見えます。カーソルは動かず、キーを押してもアスタリスクは表示されません。\n\n本当にこのオプションを有効にしますか? + システムパーティション/ドライブはすべて暗号化されているようです。 + VeraCryptはダイナミックディスクに変換されたシステムドライブの暗号化には対応していません。 + システムドライブに拡張(論理)パーティションが存在します。\n\nWindows Vista以降のみ、拡張(論理)パーティションを含むシステムドライブ全体の暗号化を行うことができます。Windows XPの場合は、プライマリ(基本)パーティションだけで構成されているシステムドライブに限り、全体を暗号化することができます。\n\n注:システムドライブ全体ではなくシステムパーティションなら今でも暗号化は可能です。また、このドライブのどの非システムパーティションもパーティション型のボリュームとして暗号化できます。 + 警告:WindowsXP/2003を起動している場合、このドライブを暗号化した後は、絶対に拡張(論理)パーティションを作成してはいけません。プライマリ(基本)パーティションのみ作成しても構いません。暗号化した後はこのドライブのすべての拡張(論理)パーティションがアクセスできなくなります(なおこのドライブには現在そのようなパーティションはありません)。\n\n注:この制限を受け入れられないのであれば、戻ってからドライブ全体の代わりにシステムパーティションのみ暗号化することを選択できます。また付け加えるなら、非システムパーティションをVeraCryptボリュームとして作成することができます。\n\nもう一つの手段としてはWindowsをVista以降にアップグレードするという方法があります。Vista以降のWindowsであれば、拡張(論理)パーティションを含んだドライブ全体を暗号化することができます。 + システムドライブに標準的でないパーティションが含まれています。\n\nもしノート型PCをお使いならば、リカバリ用の特殊なパーティションが含まれている可能性があります。システムドライブ全体をリカバリ用パーティションも含めて暗号化した場合、BIOSの設計が適切でなければ起動できなくなるかもしれません。つまりシステムドライブの暗号化を解除しない限り、リカバリ用パーティションが使用不可能になることを表します。したがって、システムパーティションのみ暗号化することをお勧めします。 + ドライブ全体の代わりにシステムパーティションを暗号化しますか?\n\n注:システムパーティションの暗号化に加えて、システムの入っていないパーティションをVeraCryptボリュームとして作成することができます。 + システムドライブ全体が単一のパーティションとして構成されているとき、そのようなパーティションはスラック領域を含むため、ドライブ全体を暗号化した方が安全性が高まります。\n\nシステムドライブ全体を暗号化しますか? + このシステムは一時ファイルが非システムパーティションに作られるように設定されています。\n\n一時ファイルはシステムパーティションにのみ作成するようにしてください。 + ユーザープロファイルがシステムパーティションに置かれていません。\n\nユーザープロファイルはシステムパーティションにのみ置いてください。 + ページングファイルが非システムパーティションに置かれています。\n\nページングファイルはシステムパーティションにのみ置いてください。 + Windowsのページングファイルを、Windowsのパーティション上のみに作成するよう設定を変更しますか?\n\n「はい」をクリックするとコンピュータは再起動されます。その後VeraCryptを起動し、隠しOSをもう一度作成してください。 + さもなければ、隠しOSに対する「みせかけの拒否」に影響を及ぼすでしょう。\n\n注:もし敵対者が非システムパーティションにあるページングファイルを解析したなら、あなたがこのウィザードを隠しシステム作成モードで使用したことが判明し、それはすなわちこのコンピュータに隠しシステムがあることを示してしまうことになります。そのためVeraCryptは、システムパーティション上のすべてのファイルについて、隠しOSの作成中に安全に抹消します。 + 警告:隠しOSの作成処理中、囮OSを安全に作成するために、現在起動中のシステムを再インストールする必要があります。\n\n注:隠しシステムを作成するために、現在起動中のシステムおよびシステムパーティション上のすべてのファイルは、隠しボリュームにコピーされます。\n\n\nWindowsをインストール可能なインストール用メディア(あるいはサービスパーティション)はお手元にありますか? + セキュリティ上の理由により、現在起動中のシステムにアクティベーションが必要な場合、処理を進める前にアクティベーションを済ませておく必要があります。隠しOSはシステムパーティションから隠しボリュームへファイルをコピーして作成されることに注意してください。現在起動中のシステムが未アクティベーションであるなら、隠しOSも同様に未アクティベーションとなります。より詳細な情報はユーザーズガイドの「隠しボリュームの安全に関する必要事項と予防策」をご覧ください。\n\n重要:処理を進める前に「隠しボリュームの安全に関する必要事項と予防策」をよくお読みください。\n\n\n現在起動中のシステムは上記の条件を満たしていますか? + このシステムは追加のブートパーティションを使用しています。VeraCryptは追加のブートパーティションを利用する隠しOSでの休止状態をサポートしていません(囮システムではそのような問題なく休止状態に入れます)。\n\nブートパーティションは囮と隠しの両システムで共用されることに留意してください。データの漏出防止と休止状態からの復帰時の問題に対処するため、VeraCryptは隠しシステムについて共用ブートパーティションへの書き込みおよびシステム休止を禁止する必要があるのです。\n\n\n処理を続けますか? 「いいえ」を選択した場合、追加ブートパーティションを消去する手順が表示されます。 + \nWindowsをインストールする前に追加のブートパーティションを削除できます。そのためには次の手順に従ってください:\n\n1) Windowsインストールディスクで起動します。\n\n2) Windowsインストール画面で「今すぐインストール」→「カスタム(詳細)」とクリックします。\n\n3) 「ドライブオプション」をクリックします。\n\n4) メインのシステムパーティションを選択し、「消去」→「OK」とクリックして消去します。\n\n5) 「System Reserved」パーティションを選択し、「拡張」をクリックしてOSをインストール可能なサイズを指定します。6) 「適用」→「OK」をクリックします。\n\n7) 「System Reserved」パーティションにWindowsをインストールします。\n\n\n攻撃者が追加のブートパーティションを削除した理由を尋ねてくるかもしれません。そのときは、あなたは暗号化されていないブートパーティションへのデータ漏洩の可能性を無くしたかったからだと言うことができます。\n\n注:下の「印刷」ボタンをクリックしてこの文章を印刷することができます。もしこの文章をコピーあるいは印刷(プリンタの内蔵ドライブに文面が保存されるのでなければ、強くお勧めします)したならば、追加のブートパーティションを削除後にその紙やコピーを破棄すべきです。そうしないと、もしその紙やコピーが見つかったならば、このコンピュータに隠しOSがあることを推測されるおそれがあるからです。 + 警告:システムパーティションとその次のパーティションの間に未割り当ての領域が存在しています。隠しOSを作成した後は、この未割り当ての領域に新たにパーティションを作成してはいけません。さもなければ(新たに作成したパーティションを削除するまで)隠しOSが起動できなくなります。 + このアルゴリズムはシステムの暗号化には現在対応していません。 + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + 現在、システムの暗号化でのキーファイル使用には対応していません。 + 警告:VeraCryptは元のキーボードレイアウトを復元できませんでした。そのためパスワードを正確に入力できないおそれがあります。 + エラー:キーボードのレイアウトを標準USキーボードとして設定できません。\n\nシステム起動前に必要なパスワードがUS Windowsレイアウト以外のキーボードで入力されても無効となります。したがってパスワードは常に標準USレイアウトのキーボードで入力される必要があります。 + VeraCryptはキーボードのレイアウトを一時的に標準USキーボードに変更するため、右ALTキーの押下が必要な文字を入力できません。ただしそのような文字の大部分はシフトキーを押下することで入力できます。 + VeraCryptはキーボードレイアウトの変更を阻止しました。 + 注:起動前の環境下(Windowsの起動前)では、US-Windows以外のキーボードレイアウトが必要なパスワードは無効です。そのため、パスワードは常に標準USキーボードレイアウトで入力される必要があります。ただし、これは物理的にUSキーボードが必要という意味では*ありません*。VeraCryptはたとえ物理的にUSキーボードではない環境であっても、今現在でも起動前環境下でも、自動的に正しくパスワードが入力できるようにします。 + このパーティション/ドライブを暗号化する前にVeraCryptレスキューディスク(VRD)を作成する必要があります。VRDには以下の目的があります。:\n\n- VeraCryptブートローダーやマスターキー、その他重要なデータが破損した場合、VRDで復旧できます(ただし正しいパスワードの入力が必要なことには変わりありません)。\n\n- Windowsが破損して起動不能になった場合、Windowsの起動前にVRDでシステムドライブ/パーティションの暗号化を解除できます。\n\n- VRDは最初のドライブトラックに記録されていた情報をバックアップし、必要であればリストアできます。通常この部分にはシステムローダーあるいはブートマネージャーが含まれています。\n\nVeraCryptレスキューディスクのISOイメージは下記に示された場所に作成されます。 + OKをクリックすると、Windowsディスクイメージ書き込みツールが起動します。このツールでVeraCryptレスキューディスクのISOイメージをCDやDVDに書き込んでください。\n\n書き込み後、VeraCryptボリューム作成ウィザードに戻って、以下の手順に従ってください。 + レスキューディスクのイメージファイルが次の場所に作成されました: %s\n\nこれをCDやDVDに書き込んでください。\n\n%ls レスキューディスクの作成後、「次へ」をクリックして正しく作成されたかを確認してください。 + レスキューディスクのイメージファイルが次の場所に作成されました: %s\n\nこのディスクイメージをCDやDVDに書き込むか、後で利用するために安全な場所に移動してください。\n\n%ls「次へ」で処理を続けます。 + 重要:このファイルは個別のファイルではなくISOイメージとしてCD/DVDに書き込む必要があります。詳しい方法についてはご使用中のレコーディングソフトのマニュアルを参照してください。もしISOイメージとして書き込めるCD/DVDレコーディングソフトをお持ちでない場合は、以下のリンク先からフリーソフトをダウンロードできます。\n\n + Windowsディスクイメージ書き込みツールを起動 + 警告:もし以前にVeraCryptレスキューディスクをすでに作成していたのであれば、異なるマスターキーが作成されたため、このシステムパーティション/ドライブ用には使えなくなります! システムパーティション/ドライブを暗号化するときは常に、たとえ以前と同じパスワードを使うのであっても、新しいVeraCryptレスキューディスクを作成する必要があります。 + エラー:システムの暗号化設定を保存できません。 + システム暗号化の予備検査を開始できません。 + 隠しOSの作成プロセスが初期化できません。 + ワイプモード + ある種の記録メディアでは、データが他のデータで上書きされた場合でも、磁力顕微鏡のような手法で上書きされたデータを復活することができます。これは元データを暗号化したデータで上書きした場合であっても当てはまります。VeraCryptでそのドライブ/パーティションを初めて暗号化した場合でも同様です。いくつかの研究や政府の発行物によれば、ランダムデータとある種のランダムでないデータで一定回数上書きすることによって、元データの復活を不可能あるいは極端に困難にすることが可能です。したがって敵対者が磁力顕微鏡のような手法で暗号化したデータを復活させてくると想定されるならば、以下に実装されたワイプモードを選択してください(既存のデータは失われません)。なおパーティションやドライブが暗号化された後ではワイプは機能しません。パーティションやドライブがすべて暗号化されているときは、暗号化されていないデータが書き込まれることがないからです。書き込もうとするすべてのデータは、メモリ上で即時に暗号化されてからディスクに書き込まれます。 + ある種の記録メディアでは、データが他のデータで上書きされた場合でも、磁力顕微鏡のような手法で上書きされたデータを復活することができます。いくつかの研究や政府の発行物によれば、ランダムデータとある種のランダムでないデータで一定回数上書きすることによって、元データの復活を不可能あるいは極端に困難にすることが可能です。したがって敵対者が磁力顕微鏡のような手法で暗号化したデータを復活させてくると想定されるならば、以下に実装されたワイプモードを選択してください。\n\n注:ワイプの回数を増やすと、データ抹消にも時間がかかるようになります。 + ワイプ処理 + \n注:この抹消処理は、中断し、コンピュータをシャットダウンして、隠しOSを起動してから処理を再開できます(このウィザードが自動的に起動します)。ただし中断した場合は、抹消処理全体を最初からやり直す必要があります。 + \n\n注:抹消処理を中断して後で再開する場合、抹消処理全体を最初からやり直す必要があります。 + ワイプ処理を中断しますか? + 警告:選択されたパーティション/デバイス上のすべてのデータは削除され、失われます。 + 元のシステムがあったパーティション上のすべてのデータは削除されます。\n\n注:削除されるこのパーティション上のすべてのデータは、隠しシステムパーティションにコピーされます。 + 警告:もしたとえば3パスワイプモードを選択した場合、ドライブ/パーティションの暗号化にかかる時間は最大で4倍必要となります。同様にもし35パスワイプモードを選択した場合は最大で36倍の時間がかかります(おそらく数週間かかるでしょう)。\n\nただし、パーティションやドライブがすべて暗号化された後ではワイプは機能しないことに注意してください。パーティションやドライブがすべて暗号化されているときは、暗号化されていないデータが書き込まれることがないからです。書き込もうとするすべてのデータは、メモリ上で即時に暗号化されてからディスクに書き込まれるため、ワイプが有効に機能しません。\n\n本当にワイプモードを使用しますか? + なし(最速) + 1パス (ランダムデータ) + 3パス(US DoD 5220.22-M) + 7パス(US DoD 5220.22-M) + 35パス ("Gutmann") + 256パス + OSの数 + 警告:慣れているユーザー以外はマルチブート設定のWindowsを暗号化しないでください。\n\n続けますか? + 隠しOSを作成あるいは使用する場合、VeraCryptは次の条件を満たすときのみ、マルチブート設定に対応します:\n\n-現在起動中のOSが起動用ドライブにインストールされており、かつそのドライブに他のOSが一切含まれていないこと\n\n-起動用以外のドライブにインストールされているOSが、現在起動中のOSがインストールされているドライブに置かれたブートローダーを使用していないこと\n\n以上の条件を満たしていますか? + VeraCryptは、このマルチブート設定において、隠しOSの作成/使用に対応していません。 + 起動ドライブ + 現在動作中のオペレーティングシステムは起動ドライブにインストールされているものですか?\n\n注:場合によってはWindowsシステムがWindowsブートローダーのあるドライブ(起動パーティション)とは別のドライブにインストールされているケースがあります。もしそのようなケースに該当する場合は「いいえ」を選択してください。 + VeraCryptは起動ドライブ以外にインストールされているオペレーティングシステムの暗号化には現在対応していません。 + システムドライブの数 + オペレーティングシステムの入ったドライブはいくつありますか?\n\n注:たとえばいずれかのOS(たとえばWindows, Mac OS X, Linuxなど)がプライマリドライブにインストールされており、セカンダリドライブに追加のOSがインストールされているなら「2以上」を選択してください。 + VeraCryptは複数のオペレーティングシステムを含むドライブ全体の暗号化には現在対応していません。\n\n対策として次の方法があります:\n\n- 前に戻ってから、システムドライブ全体ではなく、単一のシステムパーティションを暗号化する方法を選択できます。\n\n- 別の方法として、複数のうちの一つのシステムを他のドライブに移動し、このドライブを単一のシステムだけにしてからドライブ全体を暗号化することもできます。 + 単一のドライブに複数のシステム + 現在動作中のオペレーティングシステムがインストールされているドライブに、他のオペレーティングシステムもインストールされていますか?\n\n注:たとえば現在動作中のOSがドライブ#0にインストールされており、このドライブには他のパーティションがあってそこに別のOS(Windows, Mac OS X, Linuxなど)がインストールされている場合は「はい」を選択してください。 + Windows以外のブートローダー + Windows以外のブートローダー(あるいはブートマネージャー)がマスターブートレコード(MBR)にインストールされていますか?\n\nたとえば起動ドライブの第一トラックにGRUB, LILO, XOSL等のWindows以外のブートローダー(ブートマネージャー)が存在するなら「はい」を選択してください。 + マルチブート + VeraCryptはマスターブートレコード(MBR)にWindows以外のブートローダーがインストールされているマルチブート環境には現在対応していません。\n\n対策として次の方法があります:\n\n- もしWindowsとLinuxのためにブートマネージャーを使用しているなら、MBRからパーティションにブートマネージャー(一般的にはGRUB)を移動してください。その後再度ウィザードを実行してシステムパーティション/ドライブを暗号化してください。なおVeraCryptブートローダーはプライマリブートマネージャーとなり、元のブートマネージャー(GRUBなど)をセカンダリブートマネージャーとして呼び出せるようになります(VeraCryptブートローダー画面でESCキーを押してください)。そうすればLinuxを起動できます。 + もし現在動作中のOSがこの起動パーティションにインストールされているのであれば、それを暗号化した後は、他の暗号化されていないWindowsを起動しようとするときにも、正しいパスワードを入力する必要があります(それらは一つの暗号化されたブートローダー/マネージャーを共有しています)。\n\n対照的に、もし現在動作中のOSがWindowsの起動パーティションにインストールされているのでなければ(あるいはWindowsブートローダー/マネージャーが他のシステムから使用されていない場合)、それを暗号化した後は、暗号化されていないシステムを起動する際にはパスワードは要求されません。非暗号化システムを起動するときはESCキーを押すだけです。もし非暗号化システムが複数あるときは、VeraCryptブートマネージャーメニューで起動するシステムを選択できます。\n\n注:一般的には、一番最初にインストールされたWindowsが起動パーティションにインストールされます。 + HPA(ホスト保護領域)の暗号化 + 多くのドライブの終端には、OSから隠された領域(一般にHPA(Host Protected Area)として知られています)が存在しています。ただしいくつかのプログラムはこの領域を読み書き可能です。\n\n警告:一部のコンピュータメーカーは、たとえばRAID・システムリカバリ・システムセットアップ・システム診断等の目的で、この領域に何らかのツールやデータを保持しています。これらのツールやデータに、システムの起動前にアクセスできる必要がある場合は、この隠し領域は暗号化してはいけません(上で「いいえ」を選択してください)。\n\nシステムドライブの終端にあるこのような隠し領域についても検出し、暗号化しますか? + システム暗号化タイプ + 単にシステムパーティションあるいはシステムドライブ全体を暗号化したい場合は、このオプションを選択してください。 + あなたは誰かにOSを復号するよう強制されることがあるかもしれません。それを拒否できない状況は多数存在することでしょう(例えば脅迫されるなど)。このオプションを選択すれば、誰にもその存在を知られることのない隠しOSを作成できます(正しくガイドラインに沿うことが条件です)。かくて、隠しOSのパスワードを明かしたり、復号しなければならない状況を回避できます。詳しい説明は以下のリンクをクリックしてください。 + あなたは誰かにOSを復号するよう強制されることがあるかもしれません。それを拒否できない状況は多数存在することでしょう(例えば脅迫されるなど)。\n\nこのウィザードを使えば、誰にもその存在を知られることのない隠しOSを作成できます(正しくガイドラインに沿うことが条件です)。かくて、隠しOSのパスワードを明かしたり、復号しなければならない状況を回避できます。 + 隠しオペレーティングシステム + 以降のステップで、二つのVeraCryptボリューム(外殻と隠し)をシステムパーティションのすぐ次のパーティションに作成します。隠しボリュームには隠しOSを収めます。VeraCryptは隠しOSをシステムパーティション(現在起動中のOSがインストールされているところ)の内容をコピーして作成します。外殻ボリュームには、本当には隠す必要はないが一見秘密のように見えるファイルをコピーします。これらは、誰かがあなたに隠しOS用パーティションのパスワードを明かすように強制されたときのために存在します。隠しOS用パーティションにある外殻ボリュームのパスワードなら明かしても構いません。それでもなお隠しOSの存在は秘密に保たれます。\n\n最後に現在起動中のOSのシステムパーティションに新しくOSをインストールし、暗号化します。これは囮OSと呼ばれるものになります。これにはいかなる秘密のファイルも置いてはなりません。これは起動前認証用のパスワードを明かすように強制されたときのものです。結果的に、全体で三つのパスワードが存在することになります。そのうち二つ(囮OS用および外殻ボリューム用)は明かしても構いません。三つ目のパスワードを使用したとき、隠しOSが起動することになります。 + 隠しセクタの検出 + VeraCryptがシステムドライブ末端の隠しセクタを検出している間、しばらくお待ちください。検出し終わるまでに長時間かかるかもしれません。\n\n注:一部のコンピュータにおいては、ごくまれに、この検出処理中にシステムが無反応になってしまうかもしれません。もしそうなった場合は、コンピュータを再起動し、あらためてVeraCryptを実行してください。前回の処理を繰り返しますが検出処理はスキップします。この問題はVeraCryptのバグではありません。 + 暗号化する領域 + 現在起動中のWindowsがインストールされているドライブ全体を暗号化したい場合は、このオプションを選択してください。すべてのパーティションを含むドライブ全体(VeraCryptブートローダーを格納する先頭トラックを除く)が暗号化されます。その後、このドライブにインストールされたシステムおよびそこに保存されているデータを読み書きしたいときには、システムを起動するたびに正しいパスワードを入力しなければなりません。このオプションではWindowsがインストールされていない(あるいはそこからは起動しない)セカンダリドライブや外付けドライブは暗号化できません。 + ランダムデータの収集 + 鍵の生成 + CD/DVDを書き込めるドライブが接続されていません。起動可能なVeraCryptレスキューディスクを作成するためにはそのようなドライブが必要です。このレスキューディスクには、暗号鍵のバックアップ、VeraCryptブートローダー、オリジナルのシステムローダーなどが保存されます。\n\nVeraCryptレスキューディスクの作成を強く推奨します。 + CD/DVDを書き込めるドライブを持っていないので、レスキューディスクのISOイメージファイルをリムーバブルドライブ(USBフラッシュメモリなど)に保存する。 + 後でCD/DVDを書き込めるドライブを接続するので、処理をすぐに中止する。 + CD/DVDを書き込めるドライブを接続したので、レスキューディスクの作成を続行する。 + 以下の手順に従ってください:\n\n1) USBフラッシュメモリなどのリムーバブルドライブを接続する。\n\n2) VeraCryptレスキューディスクのイメージファイル (%s) をそのリムーバブルドライブにコピーする。\n\n将来VeraCryptレスキューディスクを使う必要ができた場合には、CD/DVDを書き込めるドライブを接続したコンピュータにこのリムーバブルドライブを接続し、CDあるいはDVDにイメージファイルを書き込むことで、起動可能なVeraCryptレスキューディスクを作成することができます。重要:VeraCryptレスキューディスクのイメージファイルは、個別のファイルではなくISOディスクイメージとして書き込む必要があることに注意してください。 + レスキューディスクのレコーディング + レスキューディスクが作成されました + システム暗号化の予備検査 + レスキューディスクの検証 + \nVeraCryptレスキューディスクの検証に成功しました。ドライブからディスクを排出し、安全な場所に保管してください。\n\n「次へ」で進みます。 + 警告:次のステップの間はVeraCryptレスキューディスクが挿入されていてはいけません。さもなければ正常に次のステップを完了することができません。\n\nレスキューディスクをドライブから抜き取り、安全な場所に保管してください。その後「はい」をクリックしてください。 + 警告:起動前の環境には技術的な制限があるため、起動前にVeraCryptが表示するメッセージ(例:Windows起動前)は日本語化されません。VeraCryptブートローダーのユーザーインターフェースは完全に英語表記となります。\n\n続けますか? + システムパーティション/ドライブを暗号化する前に、VeraCryptはすべてが正常に動作するか検証する必要があります。\n\n「テスト」をクリックすると、すべての必要なコンポーネント(例:起動前の認証モジュールやVeraCryptブートローダーなど)がインストールされ、コンピュータが再起動されます。そしてWindowsが起動する前に表示されるVeraCryptブートローダーでパスワードを入力する必要があります。Windowsが起動した後、予備検査の結果が自動的に通知されます。\n\n以下のデバイスに更新が行われます:ドライブ #%d\n\n\n「キャンセル」をクリックすると予備検査は実行されず、インストールも行われません。 + 重要なお知らせ -- 目を通してください(「印刷」で印刷します):\n\nWindowsの再起動に成功するまでは、どのファイルも暗号化されません。つまり何らかの失敗があってもデータが失われることはありません。ただし、何か誤ったことを行った場合、Windowsの起動が困難になるかもしれません。したがって以下のガイドラインを熟読し(できれば印刷してください)、もしWindowsが起動しなくなった場合にどうすれば良いかを把握してください。\n\n + Windowsが起動できない場合の対処方法 ------------------------------------------------\n\n注:以下の説明は暗号化前の段階のときのみ有効です。\n\n- もし正しいパスワードを入力してもWindowsが起動しなくなったとしても(あるいはいくら正しいパスワードを入力しても、VeraCryptにパスワードが違うと言われたとしても)どうか落ち着いてください。コンピュータの電源をいったん切ってから入れて再起動し、VeraCryptブートローダー画面になったらキーボードのESCキーを押してください(もしマルチブート設定になっていれば、起動するシステムを選択してください)。その後Windowsが起動し(暗号化されていない場合)、自動的にVeraCryptが起動前認証用コンポーネントをアンインストールするかどうかを尋ねてきます。強調しておきますが、このステップはシステムパーティション/ドライブが暗号化されている場合には働きません。たとえ誰かがこの手順を踏んだとしても、正しいパスワードなしにはそのドライブのWindowsを起動したりデータにアクセスしたりはできません。\n\n + - もしESCキーを押しても上記のように機能しない、Windows起動前にVeraCryptブートローダー画面が表示されないなどといった場合には、VeraCryptレスキューディスクをCD/DVDドライブに挿入してから再起動してください。もしVeraCryptレスキューディスク画面が表示されない、あるいは表示されても「Keyboard Controls」セクションに「Repair Options」が見あたらない場合は、BIOSがCD/DVDより先にハードディスクから起動するように設定されている可能性があります。もしそのケースに当てはまる場合は、再度コンピュータを再起動(リセット)してから、BIOSの起動画面が表示されたらすぐにF2かDELETEキーを押し、BIOSの設定画面が表示されるまで待ってください。もしBIOSの設定画面が表示されないようであれば、コンピュータを再起動(リセット)し、すぐにF2かDELETEキーを何度か繰り返し押してください。BIOS設定画面が表示されたら、CD/DVDドライブから先に起動するように設定を変更してください(具体的な方法はBIOSかマザーボードのマニュアルを参照してください)。それからコンピュータを再起動してください。これでVeraCryptレスキューディスク画面が表示されるはずです。VeraCryptレスキューディスク画面で「Repair Options」をF8キーを押して選択してください。この「Repair Options」メニューから「Restore original system loader」を選択してください。その後レスキューディスクをドライブから排出してコンピュータを再起動してください。これでWindowsが正常に起動するはずです(暗号化されていない場合)。\n\n + このプロセスはシステムパーティション/ドライブが暗号化されている場合には働き*ません*。たとえ誰かがこの手順を踏んだとしても、正しいパスワードなしにはそのドライブのWindowsを起動したりデータにアクセスしたりはできません。\n\n\nもしあなたがVeraCryptレスキューディスクを紛失して攻撃者がそれを見つけたとしても、正しいパスワードがなければ、システムパーティション/ドライブを復号することはでき*ません*。 + 予備検査完了 + 予備検査が無事に完了しました。\n\n警告:もし既存データをその場での暗号化中に電源が突然切られたり、ソフトウェアエラーやハードウェア障害によってOSがクラッシュしたりした場合、データの一部が壊れたり失われたりする可能性があります。したがって暗号化する前に必ずファイルのバックアップをとってください。まだバックアップをとっていなければすぐにバックアップしてください。「保留」をクリックしてから、ファイルのバックアップを行い、VeraCryptを再度起動して[システム]-[中断処理を再開]を選択することで暗号化を再開できます。\n\n準備ができたら「暗号化」で暗号化を開始してください。 + 「一時中断」か「保留」をクリックすることで暗号化あるいは復号処理をいつでも中断することができます。ウィザードを終了した後、コンピュータを再起動あるいはシャットダウンした後に、中断したところから処理を再開できます。またシステムやアプリケーションがシステムドライブを読み書きするときに遅くなることを防ぐため、VeraCryptは自動的にその読み書きが終わるのを待ちます(上のステータスを見てください)。その読み書きが終わると暗号化/復号処理を再開します。 + \n\n「ポーズ」あるいは「保留」をクリックして、いつでも暗号化を中断し、ウィザードを終了して、コンピュータを再起動あるいはシャットダウンし、中断した箇所から処理を再開することができます。なお、暗号化が完了するまではこのボリュームをマウントすることはできません。 + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + 隠しシステムの開始 + オリジナルシステム + Windowsは様々な種類のログファイルや一時ファイル等を、通常はユーザーに特に知らせることなくシステムパーティションに作成します。同様にメモリー上の情報を一時休止ファイルやページングファイルとして保存します。そのため、敵対者が元OSのパーティションにあるデータ(隠しシステムのコピー元)を解析した場合、たとえばあなたがVeraCryptのウィザードを隠しシステム作成モードで実行したことなどを見つけるかもしれません。これは隠しOSの存在を示唆します。\n\nこの問題を防ぐため、VeraCryptは次のステップで、元OSのあったパーティション上のデータすべてを安全に抹消します。その後、「みせかけの拒否」を達成するために、そのパーティションに新しいシステムをインストールし、暗号化しておく必要があります。このように囮システムを作成して、隠しOSを作成するすべての手順を終えてください。 + 隠しOSの作成に成功しました。ただし隠しOSの使用を開始する前に、そして「みせかけの拒否」を達成するためにも、VeraCryptを使って、現在起動中のシステムがインストールされているパーティションの内容すべてを抹消してください。まずその前に、コンピュータを再起動し、VeraCryptブートローダー画面(Windows起動前に表示されます)で、隠しOS用の起動前認証用のパスワードを入力してください。隠しシステムが起動するとVeraCryptウィザードが自動的に開始されます。\n\n注:もし今ここで隠しOSの作成を解除した場合、処理を再開できなくなり、隠しシステムにアクセスできなくなります(VeraCryptブートローダーが削除されるためです)。 + 中断中の隠しOS作成処理があります。この処理は未完了です。完了させるためには、コンピュータを再起動し、VeraCryptブートローダー画面(Windows起動前に表示されます)で、隠しOS用のパスワードを入力してください。\n\n注:もし今ここで隠しOSの作成を解除した場合、処理を再開できなくなくなります。 + 再起動して処理を続行する + 隠しOSの作成処理を解除する + 今は何もせずに後でまた尋ねる + \nできればこの文面を印刷してください(下の「印刷」をクリック)。\n\n\nVeraCryptレスキューディスクの使用方法(暗号化後) -------------------------------------------------------------------------------------\n\n + I. VeraCryptレスキューディスクの起動方法\n\nVeraCryptレスキューディスクを使うにはCD/DVDドライブにディスクを挿入してコンピュータを再起動してください。もしVeraCryptブートローダー画面が表示されない、あるいは表示されても「Keyboard Controls」に「Repair Options」が存在しない場合は、BIOSがCD/DVDより先にハードディスクから起動するように設定されている可能性があります。もしそのケースに当てはまる場合は、コンピュータを再起動してから、BIOSの起動画面が表示されたらすぐにF2かDELETEキーを押し、BIOSの設定画面が表示されるまで待ってください。もしBIOSの設定画面が表示されないようであれば、コンピュータを再起動(リセット)し、すぐにF2かDELETEキーを何度か繰り返し押してください。BIOS設定画面が表示されたら、CD/DVDドライブから先に起動するように設定を変更してください(具体的な方法はBIOSかマザーボードのマニュアルを参照してください)。それからコンピュータを再起動してください。これでVeraCryptレスキューディスク画面が表示されるはずですので「Repair Options」をF8キーを押して選択してください。\n\n\n + II.VeraCryptレスキューディスクの使用方法(暗号化後)\n\n + 1) もし起動後にVeraCryptブートローダー画面が表示されない(あるいはWindowsが起動しない)場合は、VeraCryptブートローダーが壊れている可能性があります。VeraCryptレスキューディスクによってブートローダーをリストアすることで、暗号化されたデータへのアクセスを復活させられます(ただし依然として正しいパスワードの入力が必要です)。レスキューディスクの画面で「Repair Options」→「Restore VeraCrypt Boot Loader」を選択して「Y」キーを押します。次にレスキューディスクを排出してコンピュータを再起動してください。\n\n + 2) もし何度正しいパスワードを入力してもパスワードが誤っていると言われる場合は、マスターキーあるいはその他の重要なデータが壊れている可能性があります。VeraCryptレスキューディスクによってそれらをリストアし、暗号化されたデータへのアクセスを復活させられます(ただし依然として正しいパスワードの入力が必要です)。レスキューディスクの画面で「Repair Options」→「Restore key data」を選択してください。パスワードを入力してから「Y」キーを押します。次にレスキューディスクを排出してコンピュータを再起動してください。\n\n + 3) もしVeraCryptブートローダーが壊れていた場合は、VeraCryptレスキューディスクから起動することで、ブートローダーの起動を回避できます。レスキューディスクをCD/DVDドライブに挿入してコンピュータを再起動します。レスキューディスクの画面でパスワードを入力してください。\n\n + 4) もしWindowsが壊れていて起動できないのであれば、VeraCryptレスキューディスクでWindowsの起動前にディスク/ドライブの暗号化を解除できます。レスキューディスク画面で「Repair Options」→「Permanently decrypt system partition/drive」を選択してください。正しいパスワードを入力を入力して、復号処理の終了をお待ちください。その後は、たとえばWindowsのセットアップディスクから起動するなどして、Windowsを修復してください。\n\n + 注:別の方法として、もしWindowsが破損しており(起動しない)、修復する(あるいはファイルにアクセスする)必要がある場合、次の手順でシステムパーティション/ドライブの暗号化解除を回避することもできます。 もし複数のOSを入れてマルチブート構成にしているのならば、その中で起動前認証が不要なものを起動してください。もしマルチブート構成にしていないのであれば、WinPE あるいは BartPE CD/DVD を使って起動したり、あるいはそのシステムドライブを他のマシンのセカンダリあるいは外付けドライブとして接続して、そのマシンを起動するという手もあります。いずれにせよそうやって起動した後、VeraCryptを実行して「デバイスの選択」をクリック、問題のシステムパーティションを選択して「OK」をクリック、[システム]-[起動前認証をせずにマウント]と選択して、起動前認証に使うパスワードを入力して「OK」をクリックします。このようにすることで、そのパーティションは通常のVeraCryptボリュームのようにマウントすることができます。\n\n\n + もしあなたがVeraCryptレスキューディスクを紛失して攻撃者がそれを見つけたとしても、正しいパスワードがなければ、システムパーティション/ドライブを復号することはできません。 + \n\n--非 常 に 重 要 -- できるだけ印刷してください(下の「印刷」をクリック)\n\n\n注:この文章は、囮システムの作成を開始するまで、隠しシステムを起動するたび毎回表示されます。\n\n\n + 安全かつ機密的に囮システムを作成する方法 ----------------------------------------------------------------------------\n\n「みせかけの拒否」を達成するため、囮OSをすぐ作成する必要があります。それには以下の手順に従ってください:\n\n + 1) セキュリティ上の理由のため、コンピュータをシャットダウンし、電源を切って少なくとも数分間(長いほど良いです)は放置してください。これはメモリー上に残ったデータをクリアするために必要です。その後、電源を入れてください。ただし隠しシステムは起動しないでください。\n\n + 2) 内容が削除されているパーティションにWindowsをインストールしてください(つまり、隠しシステムのコピー元であるOSがインストールされていたパーティション)。\n\n重要:囮システムのインストールを開始すると、WindowsインストーラーがVeraCryptブートローダーを上書きするため、隠しシステムを起動できなくなります。これは想定された事態であり異常ではありません。どうか慌てないでください。囮システムの暗号化を開始することですぐに、再び隠しシステムを起動できるようになります。VeraCryptがブートローダーを自動的にシステムドライブにインストールするからです。\n\n重要:囮システムパーティションのサイズは隠しシステムボリュームと同じままである必要があります(この状態は現在満たされています)。加えて、囮システムパーティションと隠しシステムパーティションの間にパーティションを作ってはなりません。\n\n + 3) 手順2でインストールした囮システムを起動します。VeraCryptもインストールしておいてください。\n\n囮システムには、秘密にしたいデータは一切保存してはなりません。\n\n + 4) 囮システムでVeraCryptを実行し、[システム]-[システムパーティション/ドライブの暗号化]を選択してください。VeraCryptボリューム作成ウィザードが起動します。\n\nウィザードを以下の手順で進めてください。\n\n + 5) ボリューム作成ウィザードでは「隠し」オプションを選択しないでください。「通常」オプションを選択し「次へ」をクリックしてください。\n\n + 6)「Windowsシステムパーティションの暗号化」オプションを選択し、「次へ」をクリックしてください。\n\n + 7) もしコンピュータに隠しシステムと囮システムの二つだけしかインストールされていないのなら、「シングルブート」オプションを選択してください。それ以外のシステムもインストールされているのであれば「マルチブート」オプションを選択してください。それから「次へ」をクリックしてください。\n\n + 8) 重要:このステップで、囮システムに対して“隠しシステムとまったく同じ”暗号化アルゴリズムとハッシュアルゴリズムを選択してください! さもなければ隠しシステムにアクセスできなくなります! つまり囮システムは隠しシステムと同じ暗号化アルゴリズムで暗号化される必要があります。注:これは囮システムと隠しシステムは単一のブートローダーを共用しているからであり、このブートローダーはユーザーに指定された単一のアルゴリズムのみサポートしていることによります。\n\n + 9) このステップで、囮OS用のパスワードを設定してください。このパスワードは、起動前認証用のパスワードの開示を敵対者に強要されたときに明かしても構わないものです(もう一つの明かして構わないパスワードは外殻ボリューム用のものです)。その場合でも、第三の、すなわち隠しOS用の起動前認証パスワードの存在は秘密に保たれたままです。\n\n重要:囮システム用のパスワードは、隠しボリューム用(すなわち隠しOS用)のものとは大幅に変えるようにしてください。\n\n + 10) ウィザードの残りに手順に従って進めると、囮OSが暗号化されます。\n\n\n\n + 囮システムの作成後 ------------------------------------------------\n\n囮システムを作成すれば、隠しOSの作成プロセスをすべて完了したことになります。その時点で、あなたは次の三つのパスワードを使い分けることになります:\n\n1) 隠しOS用の起動前認証パスワード\n\n2) 囮OS用の起動前認証パスワード\n\n3) 外殻ボリューム用のパスワード\n\n + 隠しOSを起動したい場合は、VeraCryptブートローダー画面(コンピュータの電源を入れるか再起動した後に表示)で、隠しOS用のパスワードを入力する必要があります。\n\n囮OSを起動したい場合は、VeraCryptブートローダー画面で、囮OS用のパスワードを入力する必要があります。\n\n囮OS用のパスワードは起動前認証パスワードの開示を強要する人に明かしても構いません。それでも隠しボリューム(および隠しOS)の存在は秘匿されたままです。\n\n + 第三のパスワード(外殻ボリューム用)は、システムパーティション直後のパーティション(外殻ボリュームと隠しボリュームが存在しています)のパスワードの開示を強要する人に明かしても構いません。それでも隠しボリューム(および隠しOS)の存在は秘匿されたままです。\n\n\n + もしも囮システム用のパスワードを敵対者に明かしたとき、なぜ(囮)システムパーティションの空き領域がランダムデータで埋められているのかを尋ねられたら、たとえば次のように答えることができるでしょう。「このパーティションは以前からVeraCryptでシステムの暗号化をしていましたが、起動前認証用のパスワードを忘れた(あるいはシステム障害で起動しなくなった)ため、Windowsを再インストールするはめになり、その後もう一度暗号化したのです」\n\n\n + もし、この説明書の手順がすべて遵守され、ユーザーズガイドの「隠しボリュームの安全に関する必要事項と予防策」の記載内容によく留意しておくならば、たとえ外殻ボリュームがマウントされたり、囮OSの暗号化が突破されたとしても、隠しボリュームや隠しOSの存在を検知することは不可能です。\n\nもしこの文面のコピーを保存したり印刷(プリンタの内蔵ドライブに文面が保存されるのでなければ、強く推奨します)したなら、囮システムを作成し、文書の内容すべてを理解した後、その紙やコピーを破棄すべきです。そうしないと、もしその紙が見つかったならば、このコンピュータに隠しOSがあることを推測されるおそれがあるからです。\n\n + 警告:隠しボリュームを保護(方法はユーザーズガイドの「隠しボリュームを破損から守る」を参照ください)していない場合、外殻ボリュームに書き込みをしないでください(囮OSは外殻ボリュームにインストールされているわけではありません)。さもなければ、隠しボリューム(そしてその中の隠しOS)の内容を上書きし、破壊してしまいます! + オペレーティングシステムの複製 + 次のステップで、VeraCryptはシステムパーティションから隠しボリュームへファイルをコピーすることで隠しOS領域を作成します(囮OS領域とは別の暗号鍵で即時暗号化しながらコピーします)。\n\nこの処理はWindows起動前の環境で行われ、完了するまでに長時間かかることに注意してください。処理時間はシステムパーティションのサイズやコンピュータの性能にもよりますが、数時間から数日かかることもあります。\n\nこの処理を途中で中断し、コンピュータを再起動した後にあらためて再開することも可能です。ただし、もし処理を中断した場合は、システムのコピー処理からやり直しになります。これはシステムパーティションとコピー先の内容を同一にするために必要です。 + 隠しOSの作成をキャンセルしますか?\n\nここで処理をキャンセルした場合、後で処理を再開することはできません。 + システム暗号化の予備検査をキャンセルしますか? + VeraCryptのシステム暗号化予備検査に失敗しました。もう一度予備検査をしますか?\n\nもし「いいえ」を選んだ場合、起動前認証用コンポーネントがアンインストールされます。\n\n注:\n\n- もしVeraCryptブートローダーがWindowsが起動する前にパスワードの入力を要求してこなかった場合、ブートローダーがインストールされたのではないドライブからOSが起動している可能性があります。このケースには対応していません。\n\n- もしAES以外の暗号化アルゴリズムを使って予備検査に失敗した(そしてパスワードは入力した)場合、不適切な設計のドライバーに起因している可能性があります。「いいえ」を選択し、システムパーティション/ドライブをAESを使って暗号化しなおしてみてください(メモリ使用量が最少になります)。\n\n- その他に考えられる原因や対処方法については、https://veracrypt.codeplex.com/wikipage?title=Troubleshooting をご覧ください。 + システムパーティション/ドライブは部分的にも全体的にも暗号化されていないようです。 + システムパーティション/デバイスは暗号化されています(部分的あるいは全体的)。\n\n処理を進める前にシステムパーティション/デバイス全体の暗号化を解除してください。VeraCryptのメインウィンドウのメニューから[システム]-[暗号化の解除]を選択することで解除できます。 + システムパーティション/ドライブが部分的であれ全体であれ暗号化されている場合は、VeraCryptをダウングレードできません。ただしアップグレードあるいは同じバージョンでの再インストールは可能です。 + システムパーティション/ドライブは暗号化中か復号中か、もしくはその他の処理で更新中です。処理を進める前に暗号化/復号/更新を中断してください。あるいはそれらが終了するまで待ってください。 + VeraCryptボリューム作成ウィザードが他に起動しており、システムパーティション/ドライブの暗号化あるいは復号の準備中あるいは実行中です。処理を進める前に、そちらを終了するかあるいは処理が終わるのを待ってください。もし終了できない場合はコンピュータを再起動してください。 + システムパーティション/ドライブの暗号化あるいは復号処理はまだ終了していません。処理を進める前にそちらが終了するのを待ってください。 + エラー:パーティション/ドライブの暗号化処理が完了していません。最初にこの処理を完了させる必要があります。 + エラー:パーティション/ボリュームの暗号化処理は完了していません。これは必ず最初に完了させる必要があります。\n\n注:処理を再開するには、メインウィンドウのメニューバーから[ボリューム]-[中断処理を再開]を選択してください。 + 正しいパスワードによって、VeraCryptはボリュームヘッダを復号し、このボリュームが隠しシステムボリュームであることを検出することに成功しました。ただし今の状態では隠しシステムボリュームのヘッダを変更することはできません。\n\n隠しシステムボリュームのパスワードを変更するには、隠しOSを起動してVeraCryptのメニューから[システム]-[パスワード変更]を選択してください。\n\nヘッダキーの導出アルゴリズムを設定するには隠しOSを起動し、[システム]-[ヘッダキー導出アルゴリズムの設定]を選択してください。 + VeraCryptは隠しシステムパーティションをその場所に復号することには対応していません。\n\n注:囮用OSを復号したい場合は、囮用OSを起動した後、VeraCryptのメニューから[システム]-[システムパーティション/ドライブの暗号化を解除]を選択してください。 + エラー:正しくないか無効なパラメータです。 + パーティションあるいはデバイスが選択されていますが、ウィザードモードではコンテナファイルのみ適応しています。\n\nウィザードモードから変更しますか? + 代わりにVeraCryptコンテナファイルを作成しますか? + システムパーティション/ドライブ(あるいはブートパーティション)が選択されていますが、このウィザードモードはシステム以外のパーティション/ドライブにのみ適応しています。\n\n起動前に認証(つまりWindowsを起動するたびに起動前のパスワード入力が必要になります)を行うようにし、システムパーティション/ドライブを暗号化しますか? + 本当にシステムパーティション/ドライブの暗号化を解除しますか? + 注意:システムパーティション/ドライブの暗号化を解除した場合、復号されたデータが書き込まれます。\n\n本当にシステムパーティション/ドライブの暗号化を解除しますか? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + 警告:多段アルゴリズムを使用してシステムを暗号化した場合、次のような問題に直面する可能性があります。\n\n1) VeraCryptブートローダーが通常より大きなサイズになるため、VeraCryptブートローダーのバックアップのための十分な領域をドライブの最初のトラックに得られません。そのためにその領域が破損する(これはしばしば発生します。たとえば設計が不適切なプログラムによるアクティベーション処理などです)たびにレスキューディスクから起動して、ブートローダー領域を修復する必要があります。\n\n2) 一部のコンピュータでは休止状態からの復帰により時間がかかるようになります。\n\n多段ではないアルゴリズム(例:AES)を使えば、このような潜在的な問題には遭遇しません。\n\n本当に多段アルゴリズムでの暗号化を行いますか? + もし上記の問題が発生した場合は、もし暗号化されているのならパーティション/ドライブを復号し、あらためて多段ではないアルゴリズム(例:AES)での再暗号化を試みてください。 + 警告:安全性とセキュリティ上の理由により、隠しOSより先に囮用OSのVeraCryptをアップデートすべきです。\n\nそのためにはまず囮用OSを起動し、そこに入れたVeraCryptインストーラを実行してください。次に隠しOSを起動し、そこに入れたVeraCryptインストーラを実行するようにします。\n\n注:囮用OSと隠しOSは一つのブートローダーを共有しています。もし隠しOSのVeraCryptのみアップグレードした場合、囮用OSにはブートローダーと違うバージョン番号を持つVeraCryptドライバおよびアプリケーションが残されることになります。このような矛盾は隠しOSが存在することを示唆することになります。\n\n\n本当に続けますか? + このOSを起動したVeraCryptブートローダーのバージョン番号が、このOSにインストールされているVeraCryptのドライバおよびアプリケーションのバージョン番号と異なっています。\n\nブートローダーと同じバージョン番号を持つVeraCryptインストーラを実行して、このOSのVeraCryptをアップデートすべきです。 + このOSを起動したVeraCryptブートローダーのバージョンが、このシステムにインストールされているVeraCryptのドライバおよびアプリケーションのものと異なります。古いバージョンは新しいバージョンで修正されたバグを含んでいる可能性があります。\n\nもしVeraCryptレスキューディスクから起動したのでなければ、最新かつ安定版のVeraCryptへアップグレードあるいは再インストールすべきです(ブートローダーも同時にアップグレードされます)。\n\nもしVeraCryptレスキューディスクから起動したのであれば、[システム]-[レスキューディスク作成] で最新のものにしてください。 + VeraCryptブートローダーがアップグレードされました。\n\nコンピューターを再起動後に[システム]-[レスキューディスク作成]を選択して、新しいレスキューディスク(新バージョンのブートローダー入り)を作成することを強く推奨します。 + VeraCryptブートローダーがアップグレードされました。\n\n囮用OSを起動し、[システム]-[レスキューディスク作成]を選択して、新しいVeraCryptレスキューディスク(新バージョンのVeraCryptブートローダーが含まれます)を作成することを強く推奨します。 + VeraCryptブートローダーのアップグレードに失敗しました。 + システムドライブの実サイズの検出に失敗したため、代わりにOSから得た情報を使用します(実サイズより小さい可能性があります)。これはVeraCryptのバグではありません。 + 警告:VeraCryptはすでにこのシステムドライブの隠しセクタを検出しようとしていたようです。もし前回の検出処理時に問題があったのであれば、今回の検出処理をスキップすることで問題を回避することができます。もしそうした場合は、VeraCryptはOSが報告してきたドライブサイズ(おそらく実際のサイズより小さいでしょう)を使用します。\n\nこの問題はVeraCryptのバグに起因するものではありません。 + 隠しセクタの検出をスキップする(OSが報告するサイズを使用する) + 隠しセクタの検出を再度行う + エラー:ディスク上の一つあるいは複数のセクターが読み込めません(おそらく物理的な原因です)。\n\nその場での暗号化処理は、セクターの読み込みが回復するまで続行できません。VeraCryptはセクターに0を書き込むことで読み込みが回復するか確認できます(その後、そのようにすべて0のブロックも暗号化されます)。ただしこの場合、読み込めなかったセクターの元の内容が失われることに注意してください。それを避けたいのであれば、他の適切なソフトウェアで破損データの回復を試すこともできます。\n\n注:単なるデータ破損やチェックサムエラーではなく、セクターが物理的に破損していた場合、ほとんどの記憶装置では、そのようなセクターへの書き込みを内部的に別セクターに差し替えます。そのため、破損セクター上のデータは暗号化されずに残ったままとなります。\n\nVeraCryptが読み込めないセクターに0を書き込んでも良いですか? + エラー:ディスク上の一つあるいは複数のセクターが読み込めません(おそらく物理的な原因です)。\n\n復号処理を続行するためには、VeraCryptは読み込めないセクターの内容を破棄する必要があります(その内容は疑似乱数データに書き換えられます)。復号処理を続行する前に他の適切なソフトウェアで破損データの回復を試すことができます。\n\n読み込めないセクターの内容を破棄しますか? + 注:VeraCryptは %I64d 個の読込不能セクター (%s) へ0を書き込み、暗号化しました。 + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + トークン '%s' に対するパスワード/PINを入力してください: + VeraCryptがセキュリティトークンやスマートカードへアクセスするためには、事前にPKCS#11ソフトウェアライブラリのインストールが必要です。そのようなライブラリは、トークンやカードに付属しているか、あるいはメーカー等のウェブサイトからダウンロードできるようになっているものと思われます。\n\nライブラリをインストールした後、「ライブラリの選択」をクリックしてライブラリを指定するか、「ライブラリ自動検出」をクリックしてライブラリの自動検出をしてください(なお自動検出はWindowsのシステムディレクトリのみ検索します)。 + 注:セキュリティトークンやスマートカード用のPKCS#11ライブラリの場所とファイル名を指定します。トークンやカードなどに付属の説明書も参照してください。「OK」をクリックしてファイル名と場所を指定してください。 + VeraCryptがセキュリティトークンやスマートカードへアクセスするためには、PKCS#11ソフトウェアライブラリを選択する必要があります。 [設定]-[セキュリティトークン]を選択してください。 + PKCS#11セキュリティトークン用ライブラリの初期化に失敗しました。\n\nPKCS#11ライブラリの場所とファイル名の設定に誤りがないか確認してください。設定をするには、[設定]-[セキュリティトークン]を選択してください。 + PKCS#11ライブラリがWindowsシステムディレクトリに見つかりませんでした。\n\nセキュリティトークンやスマートカード用のPKCS#11ライブラリがインストールされているか確認してください。そのようなライブラリはトークンやカードに付属しているか、あるいはメーカー等のウェブサイトからダウンロードできるようになっているものと思われます。Windowsシステムディレクトリ以外の場所にインストールされている場合は、「ライブラリの選択」をクリックしてライブラリの場所を指定してください(例:トークンやカード用のソフトウェアがインストールされているフォルダなど)。 + セキュリティトークンが見つかりませんでした。\n\nセキュリティトークンがコンピュータに接続されており、正しいデバイスドライバがインストールされているか確認してください。 + セキュリティトークンキーファイルが見つかりません。 + 同じ名前のセキュリティトークンキーファイルが既に存在しています。 + 選択されたファイルを削除しますか? + セキュリティトークンキーファイルの場所が正しくありません。 + セキュリティトークンエラー + セキュリティトークンのパスワードが正しくありません。 + セキュリティトークンに、要求された操作を行うための充分なメモリー/空き領域がありません。\n\nキーファイルをインポートしようとしているのであれば、もっと小さなファイルを指定するか、[ツール]-[キーファイル生成]を選択してVeraCryptでキーファイルを生成してください。 + すべてのセキュリティトークンセッションが閉じられました。 + セキュリティトークンキーファイルを選択 + スロット + トークン名 + ファイル名 + 重要:起動前認証時のパスワードは、キーボードが常にUS標準配列であるものとして入力されます。したがって、その他のキー配列のキーボードから入力したパスワードを使用したボリュームは、起動前認証パスワードを使ったマウントが不可能かもしれません(これはVeraCryptのバグではありません)。そのようなボリュームを起動前認証でマウントするには以下の手順を行ってください。\n\n1) 「ファイルの選択」あるいは「デバイスの選択」をクリックして、ボリュームを選択する。 2) メニューから [ボリューム]-[ボリュームパスワードの変更] を選択する。 3) そのボリュームの現在のパスワードを入力する。 4) Windowsタスクバーにある言語バーアイコンをクリックして「EN 英語(米国)」を選択することで、キーボードレイアウトを英語(米国)に切り替える。 5) VeraCryptの画面で新規パスワード欄に、起動前認証用のパスワードを入力する。 6) パスワード確認欄にも同じパスワードを入力し、「OK」をクリックする。 警告:これらの手順を行った場合は、そのボリュームのパスワードは常にUS標準配列で入力する必要があります(Windowsの起動前なら自動的にそのような状態になっています)。 + システムお気に入りボリュームは起動前認証用パスワードによってマウントされます。もし違うパスワードを使うシステムお気に入りボリュームがあった場合、そのボリュームはマウントされません。 + 通常のVeraCryptボリュームへの操作(全てアンマウント、自動マウントなど)が、システムお気に入りボリュームに波及しないようにしたい場合は、「システムお気に入りボリュームの表示およびアンマウントを管理者のみに限定する」オプションを有効にしてください。なおこのとき、もしVeraCryptを管理者権限なしに実行した場合は(Vista以降はこれがデフォルトです)、システムお気に入りボリュームはVeraCryptメインウィンドウのドライブリストに表示されなくなります。 + 重要:このオプションを有効にし、かつ管理者権限なしにVeraCryptが実行された場合、マウントされたシステムお気に入りボリュームはVeraCryptのメインウィンドウ上に表示されず、アンマウントもできないことを忘れないでください。したがって、もし、たとえばシステムお気に入りボリュームをアンマウントする必要があるのなら、まずスタートメニューのVeraCryptアイコンを右クリックして「管理者として実行」を選択してください。同様の制限が「全てアンマウント」「自動アンマウント」機能や、ホットキーによる「全てアンマウント」などにも適用されます。 + この設定の効果はOSの再起動後に有効になります。 + コマンドラインの解析でエラーが発生しました。 + レスキューディスク + ファイルを選択してマウント(&F)... + デバイスを選択してマウント(&D)... + システムお気に入りボリュームの表示およびアンマウントを管理者のみに限定する + Windows開始時にシステムお気に入りボリュームをマウントする + 警告:ドライブ '%s' としてマウントされたボリュームのファイルシステムは、正しくアンマウントされなかったためにエラーが発生しています。壊れたファイルシステムを使用することは、データを失ったり破損したりする原因となります。\n\n注:VeraCryptボリュームをマウント中のデバイスを、取り外したりその電源を切ったりする前(USBフラッシュドライブや外付けハードディスクなど)に、必ずボリュームのアンマウントを行ってください。\n\n\nWindowsにファイルシステムのエラーを検出させて修復しますか? + 警告:一つかそれ以上のシステムお気に入りボリュームが正しくアンマウントされなかったため、ファイルシステムにエラーが発生している可能性があります。詳細はシステムのイベントログを参照してください。\n\n破損したファイルシステムを使用することは、データの消失や破損の原因となります。システムお気に入りボリュームにエラーがないかチェックしてください(VeraCrypt上でそれらを右クリックし「ファイルシステムの修復」を選択してください)。 + 警告:マイクロソフトの「chkdsk」ツールで破損したファイルシステムを修復することで、破損領域内にあった各ファイルが失われる可能性があります。したがって、まず最初にこのVeraCryptボリューム内のファイルを、別の破損していないVeraCryptボリュームにバックアップすることをお勧めします。\n\n今すぐこのファイルシステムを修復しますか? + ボリューム '%s' は、書込が禁止されているため読み取り専用でマウントされました。\n\nコンテナファイルに書き込みが可能かどうか確認してください(コンテナファイルを右クリック→プロパティ→セキュリティ)。\n\nWindows自体の不具合により、適切なアクセス許可を設定した後でもこの警告が表示されることがあります。これはVeraCryptのバグによるものではありません。解決方法の一つとして、コンテナファイルをたとえば「ドキュメント」フォルダに移動するなどといった方法があります。\n\n意図的にボリュームを読み取り専用にしたい場合は、読み取り専用属性をコンテナファイルに設定してください(コンテナファイルを右クリック→プロパティ→「読み取り専用」にチェック)。この場合はこの警告は出なくなります。 + ボリューム '%s' は、書込が禁止されているため読み取り専用でマウントされました。\n\n他のアプリケーション(例:アンチウィルスソフトなど)が、このボリュームが存在しているパーティション/デバイスにアクセスしていないか確認してください。 + ホストとなっているデバイスが書込禁止のため、ボリューム '%s' は読み取り専用でマウントされました。\n\nいくつかのカスタムチップセットドライバは、書込可能なメディアを誤って書込禁止であるかのように通知してくることがあることに注意してください。これはVeraCryptの問題ではありません。現在のシステムにインストールされているカスタム(非マイクロソフト製)チップセットドライバをアンインストールあるいはアップデートすることで、この問題が解決するかもしれません。 + ハイパースレッディングテクノロジーは、単体の物理コアで複数の論理コアを提供します。ハイパースレッディングが有効になっているときは、上で選択した数は論理プロセッサ/コアの数を示します。 + %d スレッド + ハードウェアによるAES処理の高速化が無効であるため、ベンチマークの結果は悪くなります。\n\nハードウェアによる高速化を有効にするには [設定]-[パフォーマンス] を選択し、該当するオプションを有効にしてください。 + 処理に使用するスレッド数が現在制限されているため、ベンチマークの結果は悪くなります。\n\nプロセッサのポテンシャルを全て引き出すには [設定]-[パフォーマンス] を選択し、該当するオプションを無効にしてください。 + このパーティション/ドライブの書込禁止の解除を試みますか? + 警告:この設定はパフォーマンスを低下させます。\n\n本当にこの設定を使用しますか? + 警告:VeraCryptボリュームの自動的アンマウント + マウント中のボリュームが存在するデバイスを物理的に取り外したり電源を切ったりする先に、常にまずVeraCryptボリュームをアンマウントすべきです。\n\n想定外に勝手にアンマウントされるのは、ケーブルやドライブ等が断続的につながらなくなっているのが大抵の原因です。 + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + テスト + キーファイル + Backspace + Tab + Clear + Enter + Pause + Caps Lock + Spacebar + Page Up + Page Down + End + Home + + + + + Select Key + Print Key + Execute Key + Print Screen + Insert + Delete + Applications Key + Sleep + Num Lock + Scroll Lock + Browser Back + Browser Forward + Browser Refresh + Browser Stop + Browser Search + Browser Favorites + Browser Home + Mute + Volume Down + Volume Up + Next Track + Previous Track + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Application 1 + Application 2 + Attn + CrSel + ExSel + Play + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.ka.xml b/Translations/Language.ka.xml index 6b2b5e89..53915b5b 100644 --- a/Translations/Language.ka.xml +++ b/Translations/Language.ka.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - უარი - დაუყენე ყველა უზერს - ძებნა... - VeraCrypt-ის ხატულა სამუშაო ეკრანზე - Donate now... - დააკავშირე .hc გაფართოება VeraCrypt-თან - დასრულებისას გახსენი მისამართი - VeraCrypt-ის Start მენიუში ჩამატება - სისტემის აღდგენის წერტილის შექმნა - წაშლა - დეარქივაცია - ინსტალაცია - VeraCrypt-ის ინსტალაციის ოსტატი - VeraCrypt დეინსტალაცია - დახმარება - გთხოვთ, აირჩიოთ მისამართი, სადაც მოხდება ფაილების დეარქივაცია: - გთხოვთ, აირჩიოთ მისამართი, სადაც მოხდება პროგრამის ინსტალაცია. თუ ეს ფოლდერი არ არსებობს, იგი ავტომატურად შეიქმნება. - სისტემიდან VeraCrypt-ს წასაშლელად დააჭირეთ Uninstall-ს. - შეწყვეტა - &Benchmark - ტესტირება - Create encrypted volume and format it - Encrypt partition in place - გენერირებული გასაღებების (მათი ნაწილების) ჩვენება - პულის ჩვენება - CD/DVD ჩამწერი პროგრამების ჩამოტვირთვა - Create an encrypted file container - &GB - &TB - More information - VeraCrypt-ის ფარული ტომი - ფარული ტომების შესახებ დამატებითი ინფორმაცია - პირდაპირი რეჟიმი - ნორმალური რეჟიმი - კბ - გასაღების ფაილები - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - ფაილები - ჰეშ-ალგორითმების შესახებ - დამატებით ინფორმაცია - Information on PIM - მბ - დამატებით ინფორმაცია - დამატებით ინფორმაცია სისტემის შიფრაციის შესახებ - დამატებით ინფორმაცია - Multi-boot - Encrypt a non-system partition/drive - არ იქნას შენახული ისტორია - გარე ტომის გახსნა - პაუზა - Use P&IM - Use PIM - სწრაფი ფორმატირება - პაროლის ჩვენება - &Display password - &Display PIM - Single-boot - VeraCrypt-ის სტანდარტული ტომი - Hi&dden - Normal - სისტემური განაყოფის ან სისტემური დისკის შიფრაცია - Windows-ის სისტემური განაყოფის შიფრაცია - მთლიანი დისკის შიფრაცია - VeraCrypt-ის ტომის შექმნის ოსტატი - კლასტერი - მნიშვნელოვანია: ამოძრავეთ მაუსი რაც შეიძლება რთული ტრაექტორიით და დიდხანს. ეს აამაღლებს შიფრაციის გასაღებების კრიპტოგრაფიული დაცულობის დონეს. შემდეგ დააჭირეთ "შემდეგ"-ს გასაგრძელებლად. - დაამოწმეთ: - მზადაა - Drive letter: - შიფრაციის ალგორითმი - ფაილური სისტემა - ქმნის დაშიფრულ ტომს ფაილის შიგნით. რეკომენდებულია გამოუცდელი მომხმარებლისათვის. - ოფციები - ჰეშ-ალგორითმი - სათაურის გასაღები: - კიდევ - მთავარი გასაღები: - აირჩიეთ ეს ოფცია, თუ კომპიუტერზე ინსტალირებულია ორი ან მეტი ოპერაციული სისტემა.\n\nმაგ.:\n- Windows XP და Windows XP\n- Windows XP და Windows Vista\n- Windows და Mac OS X\n- Windows და Linux\n- Windows, Linux და Mac OS X - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - პულის მიმდინარე შიგთავსი (ნაწილობრივი) - Pass - პაროლი: - Volume PIM: - Volume PIM: - პროგრესი: - შემთხვევითი: - აირციეთ ეს ოფცია, თუ კომპიუტერზე ინსტალირებულია მხოლოდ ერთი ოპერაციული სისტემა (თუნდაც რამდენიმე მპომხმარებლით). - სიჩქარე - სტატუსი - გასაღებები, "მარილი", და სხვა მონაცემები წარმატების იქნა გენერირებული. თუ ახალი გასაღებების შექმნა გსურთ, დააჭირეთ "უკან" და "შემდეგ"-ს. სხვა შემთხვევაში გასაგრძელებლად დააჭირეთ "შემდეგ"-ს. - Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - წაშლის რეჟიმი: - დახურვა - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - უმოქმედო - VeraCrypt ტომის ავტომიერთება (მითითებულის) - VeraCrypt-ის გაშვება - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - დათვალიერება... - დათვალიერება... - პაროლების/გასაღების ფაილების ქეშირება - გასვლა, მიერთებული ტომების არარსებობისას - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - VeraCrypt ტომების შექმნის ოსტატით - შექმნა - ტომის შექმნა - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - გასაღების ფაილები - გასაღების ფაილები - გასვლა - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - დანიშვნა - წაშლა - ფაილები - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - ავტომიერთება - ოფციები - ტომის მიერთება მხოლოდ კითხვისთვის - გასაღების ფაილები - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - ჩართულია - პაროლების ქეშირება მეხსიერებაში - ტომის ავტოგამოერთება უმოქმედობისას - სეანსების დასრულება - User session locked - ენერგოშენახვის რეჟიმში შესვლისას - Screen Saver-ის ჩართვისას - ტომის ავტოგამოერთება გახსნილი ფაილების/ფოლდერების დროს - ყველა ტომის მიერთება მოწყობილობაზე - Start VeraCrypt Background Task - ტომის მიერთება მხოლოდ კითხვისათვის - მიერთება გარე მოწყობილობის სახით - წარმატებული მიერთების შემთხვევაში Explorer-ის გახსნა - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - პაროლების ქეშის წაშლა ავტოგამოერთებისას - პაროლების ქეშის წაშლა გასვლისას - Preserve modification timestamp of file containers - საწყისი - მოწყობილობა - ფაილი - Select &Library... - პაროლის ჩვენება - პაროლის ჩვენება - მიერთებული ტომის Explorer-ის ფანჯარაში გახსნა - პაროლის ქეშირება დრაივერის მეხსიერებაში - TrueCrypt Mode - ყველას გამოერთება - ტომის პარამეტრები - ოპერაციები - ქეშის წაშლა - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - საერთოსისტემური ცხელი კლავიშები - VeraCrypt - პაროლის ან გასაღების ფაილების შეცვლა - შეიტანეთ VeraCrypt-ის ტომის პაროლი - VeraCrypt - Performance and Driver Options - VeraCrypt - პარამეტრები - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - VeraCrypt-ის "მოგზაური დისკი"-ს შექმნა - VeraCrypt-ის ტომის მახასიათებლები - პროგრამის შესახებ - ტომიდან გასაღების ფაილის დამატება/წაშლა - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - ტომის სათაურის სარეზერვო ასლის შექმნა - სიჩქარის ტესტი - სათაურის გასაღების დერივაციის ალგორითმი - ტომის პაროლის შეცვლა - სათაურის გასაღების დერივაციის ალგორითმი - პაროლის შეცვლა - ტომების ისტორიის წაშლა - Close All Security Token Sessions - კავშირი ავტორებთან - Create Hidden Operating System... - აღმდგენი დისკის შექმნა - ახალი ტომის შექმნა - Permanently Decrypt... - გასაღების ფაილები (საწყისი) - Default Mount Parameters... - Donate now... - სისტემური განაყოფის/დისკის შიფრაცია - ხშირად დასმადი კითხვები - მომხმარებლის სახელმძღვანელო - ვებ-გვერდი - ცხელი კლავიშები - გასაღების ფაილების გენერატორი - ენა (language) - იურიდიული ინფორმაცია - Manage Security Token Keyfiles... - მოწყობილობის ბაზაზე ყველა ტომის ავტომიერთება - რჩეული ტომების მიერთება - მიერთება ჩატვირთვისწინა აუთენტიფიკაციის გარეშე - ტომის მიერთება - ტომის მიერთება პარამეტრებით - სიახლეები - დახმარება ინტერნეტში - სახელმძღვანელო დამწყებთათვის - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - სისტემური განაყოფის/დისკის სამუდამოდ დეშიფრაცია - პარამეტრები - დისკების ასოების განახლება - ტომიდან ყველა გასაღების ფაილების წაშლა - ტომის სათაურის აღდგენა - Resume Interrupted Process - მოწყობილობის არჩევა - ფაილის არჩევა - შეწყვეტილი პროცესის გაგრძელება - System Encryption... - Properties... - Settings... - System Favorite Volumes... - ჩატვირთვა - ვექტორების გენერირების ალგორითმების ტესტი - Security Tokens... - მოგზაური დისკის შექმნა - ყველა ტომის გამოერთება - ტომის გამოერთება - აღმდგენი დისკის შემოწმება - Verify Rescue Disk ISO Image - ვერსიების ისტორია - Volume Expander - ტომის მახასიათებლები - ტომების შექმნის ოსტატი - veracrypt.codeplex.com - პაროლების ქეშის წაშლა - დიახ - Hardware Acceleration - სწრაფი გამოძახების კლავიში - ავტოგაშვების ფაილის (autorun.inf) გამართვა - ავტოგამოერთება - ყველა ტომის გამოერთება: - Boot Loader Screen Options - დაადასტურეთ: - მიმდინარე - Display this custom message in the pre-boot authentication screen (24 characters maximum): - ტომების მიერთების საწყისი პარამეტრები - დამატებითი პარამეტრები - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - ფაილური პარამეტრები - კლავიში: - Processor (CPU) in this computer supports hardware acceleration for AES: - მოქმედებები Windows-ში შესვლის დროს - წთ - დისკის ასო: - VeraCrypt-ის ტომის მიერთების პარამეტრები - ახალი - პაროლი: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - პაროლების ქეშირება (დამახსოვრება) - Security Options - VeraCrypt-ის მუშაობა ფონურ რეჟიმში - VeraCrypt-ის მისაერთებელი ტომი (დისკის ძირეულ კატალოგთან მიმართებით): - მოგზაური დისკის მიერთებისას: - მოგზაური დისკის შექმნა მისამართზე: - ტომი - ფანჯრები - ფოლდერი - ყველას ავტოტესტი - &Continue - დეშიფრაცია - &Delete - შიფრაცია - &Export... - ფაილის შექმნა და შენახვა - შემთხვევითი გასაღების ფაილი - ენის მოდულის ჩამოტვირთვა საიტიდან - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - გასაღების ფაილები - გასაღების ფაილები - წაშლა - ყველას წაშლა - რას ნიშნავს "ფარული ტომების დაცვა"? - More information on keyfiles - ტომის მიერთება როგორც მობილური დისკისა - განაყოფის მიერთება სისტემური დაშიფრვით, ჩატვირთვისწინა აუთენტიფიკაციის გარეშე - Parallelization: - ტესტი - ბეჭდვა - ფარული ტომის დაცვა გარე ტომში ჩაწერის შედეგად დაზიანებისაგან - განულება - პაროლის ჩვენება - Add &Token Files... - Use backup header embedded in &volume if available - XTS რეჟიმი - VeraCrypt-ის შესახებ - VeraCrypt - შიფრაციის ალგორითმის სისწრაფის ტესტი - VeraCrypt - ვექტორების გენერირების ტესტი - დახმარება ბრძანებების სტრიქონთან დაკავშირებით - VeraCrypt - გასაღების ფაილები - VeraCrypt - გასაღების ფაილების გენერატორი - VeraCrypt - ინტერფეისის ენა - VeraCrypt - მიერთების პარამეტრები - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - აირჩიეთ განაყოფი ან მოწყობილობა - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - ინფორმაცია არჩეული ენის მოდულის შესახებ - სისწრაფეზე გავლენას ახდენს ცპ-ს დატვირთვა და შენახვის მოწყობილობების მახასიათებლები.\n\nეს ტესტები სრულდება ოპერატიულ მეხსიერებაში. - ბუფერი: - შიფრი: - ფარული ტომის პაროლი:\n(ქეშიდან, თუ ცარიელია) - ფარული ტომის დაცვა - გასაღების სიგრძე: - მნიშვნელოვანია: ამოძრავეთ მაუსი რაც შეიძლება რთული ტრაექტორიით და დიდხანს. ეს აამაღლებს გასაღების ფაილის კრიპტოგრაფიული დაცულობის დონეს. - !!!გასაღების ფაილის დაკარგვის ან პირველი 1024კბ დაზიანების შემდეგ, ტომების მიერთება შეუძლებელი იქნება! - ბიტი - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - თარგმანის ავტორი: - ზომა: - ბიტი - პულის მიმდინარე შიგთავსი: - გამეორების მიქშერი: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - მეორადი გასაღები (თექვსმეტობითი) - Security token: - სორტირება: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - ბლოკის ნომერი: - დაშიფრული ტექსტი (თექვსმეტნიშნა) - მონაცემთა ერთეულის ნომერი (64-ბიტი თექვსმეტობითი, ერთეულის ზომაა 512 ბაიტი) - გასაღები (თექვსმეტნიშნა) - ღია ტექსტი (თექვსმეტნიშნა) - Keyfile name: - XTS რეჟიმი - სისტემა - ტომები - Favor&ites - ინსტრუმენტები - Settin&gs - დახმარება - ვებ-გვერდი - - პროგრამის შესახებ - ძველი ტომიდან "მხოლოდ კითხვა" ატრიბუტის მოხსნა არ ხერხდება. შეამოწმეთ, წვდომადია თუ არა ფაილი. - შეცდომა! წვდომა არ არის.\n\nგანაყოფს, რომელსაც მიმართავთ, სექტორის ზომა აქვს 0, ან ეს ჩამტვირთავი მოწყობილობაა. - Administrator - VeraCrypt-ის დრაივერის ჩასატვირთად სისტემაში ადმინისტრატორის უფლებებით უნდა იყოთ შესული - განაყოფის/მოწყობილობის შიფრაციისათვის/ფორმატირებისათვის სისტემაში ადმინისტრატორის უფლებებით უნდა იყოთ შესული.\n\n ეს არ ეხება ტომებს ფაილის ბაზაზე. - ფარული ტომის შექმნისათვის სისტემაში ადმინისტრატორის უფლებებით უნდა იყოთ შესული.\n\nგავაგრძელო? - ტომის NTFS ფორმატირებისათვის სისტემაში ადმინისტრატორის უფლებებით უნდა იყოთ შესული.\n\nამის გარეშე ტომის ფორმატირება შესაძლებელია მხოლოდ როგორც FAT - FIPS-ის მიერ დამტკიცებული შიფრი (Rijndael, გამოქვეყნდა 1998წ), გამოიყენება სახელმწიფო უწყებებში ზესაიდუმლო ინფორმაციის დასაცავად. 256-ბიტი გასაღები, 128-ბიტი ბლოკი, 14 რაუნდი (AES-256). ქმედების რეჟიმი-XTS. - ტომი უკვე მიერთებულია. - ყურადღება: შიფრაციის ან ჰეშირების ერთერთმა ალგორითმმა ავტომატური თვითტესტირება ვერ გაიარა.\n\nშესაძლებელია დაზიანებულია VeraCrypt-ის ინსტალაცია. - ყურადღება: შემთხვევითი რიცხვების გენერატორის პულში არასაკმარისი მონაცემებია შემთხვევითი ინფორმაციის გენერირებისათვის.\n\nგთხოვთ აღნიშნული შეცდომა აცნობოთ პროგრამის ავტორებს. - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - დისკის არასწორი ასო. - არასწორი მისამართი. - უარი - მოწყობილობასთან წვდომა არ არის. შეამოწმეთ, მითითებული მოწყობილობა არსებობს თუ არა და ხომ არ არის დაკავებული. - ყურადღება! ჩართულია კლავიში Caps Lock. შესაძლოა ამან პაროლის არასწორი შეტანა გამოიწვიოს. - ტომის ტიპი - შეიძლება ვინმემ გამოგძალოთ დაშიფრული ტომის პაროლი. არსებობს მრავალი სიტუაცია, როდესაც უარს ვერ იტყვით პაროლის გაცემაზე (მაგ. გამოძალვა). ე.წ. ფარული ტომების გამოყენება ასეთ სიტუაციებში საშუალებას მოგცემთ დაიცვათ თქვენი საიდუმლო ინფორმაცია. - აირჩიეთ ეს ოფცია, თუ გსურთ VeraCrypt-ის ჩვეულებრივი ტომის შექმნა. - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - გარე ტომის შიფრაცია - ფარული ტომის შიფრაცია - შიფრაციის პარამეტრები - ყურადღება: ბოლო არჩეული ტომის ან გასაღების ფაილის მისამართის წაშლის შეცდომა. - შეცდომა: კონტეინერი შეკუმშულია ფაილური სისტემის დონეზე. VeraCrypt მხარ არ უჭერს კონტეინერის შეკუმშვას (დაშიფრული მონაცემების შეკუმშვა არაეფექტურია).\n\nგამორთეთ კონტეინერის კუმშვა, შემდეგი ინსტრუქციით: 1) კონტეინერზე მაუსის მარჯვენა ღილაკით დაწკაპეთ 2) აირჩიეთ მენიუ Properties.3) დიალოგურ ფანჯარაში Properties დააჭირეთ ღილაკს Advanced 4) დიალოგურ ფანჯარაში Advanced გამორთეთ ატრიბუტიი "Compress contents to save disk space" დააჭირეთ ღილაკს OK'. 5) დააჭირეთ ღილაკს OK დიალოგურ ფანჯარაში Properties. - %s ტომის შექმნის შეცდომა - %s-ის ზომა - %.2f ბაიტი - %s-ის ზომა - %.2f კბ - %s-ის ზომა - %.2f მბ - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - ყურადღება: მოწყობილობა/განაყოფი გამოიყენება ოპერაციული სისტემის ან პროგრამის მიერ. ფორმატირებამ შეიძლება გამოიწვიოს მონაცემთა დაკარგვა ან სისტემის არასტაბილურობა.\n\nგსურთ გაგრძელება? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - შეცდომა: მოწყობილობა/განაყოფი შეიცავს ფაილურ სისტემას, რომლის გამოერთებაც შეუძლებელია. ეს ფაილური სისტემა შესაძლოა გამოიყენება ოპერაციული სისტემის მიერ. მოწყობილობა/განაყოფის ფორმატირება გამოიწვევს მონაცემთა დაკარგვას და სისტემის არასტაბილურობას.\n\n პრობლემის გადასაჭრელად რეკომენდირებულია ამ განაყოფის გაუქმება, შემდეგ მისი კვლავ შექმნა ფორმატირების გარეშე. ინსტრუქცია: 1) მაუსის მარჯვენა ღილაკით დაწკაპეთ ხატულაზე "My computer" და აირჩიეთ მენიუ "Manage". 2) ფანჯარაში "Computer Management" აირჩიეთ "Storage"> "Disk Management". 3) მაუსის დაწკაპეთ იმ განაყოფზე, რომლის დაშიფრვაც გსურთ და აირჩიეთ ან "Delete Partition" ან "Delete volume" ან Delete logical volume". 4) დაწკაპეთ "Yes". 5) მაუსის მარჯვენა ღილაკით დაწკაპეთ დისკის ცარიელ ადგილზე (წარწერით "Unmounted") და აირჩიეთ "ძირითადი განაყოფი", "დამატებითი განაყოფი" ან "ლოგიკური დისკი". 6) გამოჩნდება განაყოფებისა და ტომების შექმნის ოსტატი, მიყევით მის ინსტრუქციებს. 7) დამხმარის გვერდზე სახელით "Formatting Partition" აირჩიეთ "Do not format partition" ან "Do not format volume". დაწკაპეთ "Next". 8) დაწკაპეთ "Finish". 9) VeraCrypt-ში ხელახლა სცადეთ ამ მოწყობილობის/განაყოფის დაშიფრვა.\n\nთუ VeraCrypt ისევ უარს იტყვის ამ მოწყობილობის/განაყოფის დაშიფრვაზე,მაშინ მოწყობილობის ბაზაზე კონტეინერის ნაცვლად შექმენით ფაილური კონტეინერი. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - ყურადღება მიერთებული მოწყობილობები/განაყოფებიდან ზოგიერთი უკვე გამოიყენება.\n\nმის იგნორირებამ შეიძლება გამოიწვიოს არასასურველი შედეგები, სისტემის არასტაბილურობის ჩათვლით.\n\nრეკომენდებულია დახუროთ ყველა პროგრამა, რომელიც იყენებს ამ მოწყობილობას/განაყოფს. - მითითებული მოწყობილობა შეიცავს განაყოფებს.\n\n მოწყობილობის ფორმატირებამ შეიძლება გამოიწვიოს სისტემის არასტაბილურობა ან/და მონაცემთა დაკარგვა. აირჩიეთ განაყოფი ამ მოწყობილობაზე ან წაშალეთ ყველა განაყოფი, რათა მისცეთ VeraCrypt-ს მოწყობილობის უსაფრთხო ფორმატირების საშუალება - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - დისკზე %s თავისუფალია %.2f ბაიტი - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - დისკის თავისუფალი ასოების მიღება ვერ ხერხდება. - შეცდომა: VeraCrypt-ის დრაივერი ვერ მოიძებნა.\n\nგადაწერეთ ფაილები 'veracrypt.sys' და 'veracrypt-x64.sys' დირექტორიაში, სადაც VeraCrypt-ის პროგრამაა (VeraCrypt.exe) განთავსებული. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - შიფრის ინციალიზაციის შეცდომა. - შეცდომა: სუსტი ან პოტენციურად სუსტი გასაღები! ეს გასაღები არ იქნა მიღებული. გაიმეორეთ. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt-ის კრიტიკული შეცდომა - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - შიფრაცია - დეშიფრაცია - დეშიფრაცია სამუდამოდ - გასვლა - შექმენით ლოგიკური დისკი ამ დამატებით განაყოფზე და გაიმეორეთ. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - აირჩიეთ განლაგება VeraCrypt-ის ტომისათვის, რომელშიც მოთავსდება ფარული ტომი. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - შეცდომა! ტომის მიერთება შეუძლებელია. ფაილი/მოწყობილობა უკვე გამოიყენება. მონოპოლური წვდომის გარეშე მიერთების მცდელობა ასევე წარუმატებლად დასრულდა. - ფაილის გახსნა შეუძლებელია. - ტომის განლაგება - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Note: - გაგრძელება - გადადება - &Start - &Continue - ფორმატირება - &Wipe - გსურთ ფორმატირების შეწყვეტა? - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - სისტემური განაყოფის/მოწყობილობის დეშიფრაცია წარმატებით დასრულდა.. - \n\nVeraCrypt-ის ტომი შექმნილია და გამოყენებისათვის მზადაა. თუ გსურთ სხვა ტომის შექმნა, დააჭირეთ ღილაკს "შემდეგ". - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCrypt-ს ტომი წარმატებით შეიქმნა. - ტომი შექმნილია - მნიშვნელოვანია: ამოძრავეთ მაუსი რაც შეიძლება რთული ტრაექტორიით და დიდხანს. ეს აამაღლებს გასაღების კრიპტოგრაფიული დაცულობის დონეს. შემდეგ დაწკაპეთ "ფორმატირება" ახალი ტომის შესაქმნელად. - დაწკაპეთ "ფორმატირება" გარე ტომის შესაქმნელად. დამატებით ინფორმაციისათვის მიმართეთ დოკუმენტაციას. - გარე ტომის ფორმატირება - ფარული ტომის ფორმატირება - ტომის ფორმატირება - მომხმარებლის სახელმძღვანელოს წასაკითხად/დასაბეჭდად საჭიროა პროგრამა Adobe Reader (ან თავსებადი). Adobe Reader შეიძლება ჩამოტვირთულ იქნას (უფასოდ) საიტიდან www.adobe.com\n\nგსურთ ამის ნაცვლად Online-დოკუმენტაცია იხილოთ? - თუ აირჩევთ ამ ოფციას, ოსტატი დაგეხმარებათ ჯერ ჩვეულებრივი ტომის შექმნაში, ხოლო შემდგომ ფარული ტომის შექმნაში მის შიგნით. გამოუცდელი მომხმარებლებისათვის რეკომენდებულია ამ ოფციის გამოყენება. - თუ აირჩევთ ამ ოფციას, შეიქმნება ფარული ტომი ჩვეულებრივი ტომის შიგნით. იგულისხმება, რომ ეს ჩვეულებრივი ტომი უკვე შექმნილია. - ტომის შექმნის რეჟიმი - ფარული ტომი შექმნილია - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - გარე ტომი შექმნილია და მიერთებულია, როგორც დისკი %hc:. ამ ტომში საჭიროა გადმოიწეროს რაიმე ფაილები, რომლებიც არ შეიცავენ თქვენთვის მნიშვნელოვან რაიმე ინფორმაციას, რათა შეცდომაში შეიყვანოთ უცხო პირი, თუკი ის გარე ტომის პაროლს გამოგძალავთ. ამ შემთხვევაში თქვენ მას გადასცემთ მხოლოდ გარე, და არა ფარული ტომის, პაროლს. ფაილები, თქვენთვის ნამდვილად ღირებული ინფორმაციით, შეინახება ფარულ ტომზე. როდესაც მორჩებით ფაილების გადმოწერას,დააჭირეთ "შემდეგ"-ს'. არ გამოაერთოთ ეს ტომი. შენიშვნა: "შემდეგ"-ზე დაჭერა გაუშვებს გარე ტომის კლასტერების რუკის სკანირების პროცესს, უწყვეტი თავისუფალი სივრცის გამოსავლენად, რომლის დაბოლოება ახალი ტომის დაბოლოება გახდება. ეს მონაკვეთი გამოყენებულ იქნება ფარული ტომის განსათავსებლად, ანუ მისი ზომით განისაზღვრება ფარული ტომის მაქსიმალური მოცულობა. კლასტერების რუკის სკანირება იმის გარანტია, რომ გარე ტომის მონაცემები არ დაზიანდება ფარული ტომში მომხდარი ჩანაწერების შედეგად. - გარე ტომის მონაცემები - \n\nშემდგომ ეტაპებზე მიუთითეთ გარე ტომის პარამეტრები - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - გარე ტომი - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nტომის კლასტერების რუკა გავლილია, ფარული ტომის მაქსიმალური ზომა განისაზღვრა. შემდგომ ეტაპებზე აირჩიეთ ფარული ტომის პარამეტრები, ზომა და პაროლი. - ფარული ტომი - ფარული ტომი დაცული იქნება მანამ, ვიდრე გარე ტომი მიერთებულია.\n\nყურადღება: თუ ფარული ტომის არეალში მონაცემთა ჩაწერის მცდელობა იქნება, ჩაირთვება მთელი ტომის (გარე და ფარული) დაცვა ჩაწერისგან, ვიდრე ტომები არ იქნება გამოერთებული. ამან შესაძლოა გარე ტომზე ფაილური სისტემის დაზიანება გამოიწვიოს, რის გამოც (გამეორების შემთხვევაში) ფარული ტომის არსებობის უარყოფა ნაკლებ დამაჯერებელი იქნება. ამიტომ ყველა ღონე უნდა იხმაროთ, რათა ფარული ტომის არეალში ჩაწერა თავიდან აიცილოთ. ნებისმიერი ჩასაწერი ინფორმაცია, რომლის ამ არეალში ჩაწერის მცდელობაც იქნება, დაიკარგება. Windows-მა შესაძლოა ამ დროს გამოიტანოს შეცდომის შეტყობინება ("Delayed Write Failed" ან "The parameter is incorrect"). - ყოველი ფარული ტომი ახლად მიერთებულ გარე ტომებში დაცული იქნება დაზიანებისგან.\n\nთუ ფარული ტომის არეალში მონაცემთა ჩაწერის მცდელობა იქნება, ჩაირთვება მთელი ტომის (გარე და ფარული) დაცვა ჩაწერისგან, ვიდრე ტომები არ იქნება გამოერთებული. ამან შესაძლოა გარე ტომზე ფაილური სისტემის დაზიანება გამოიწვიოს, რის გამოც (გამეორების შემთხვევაში) ფარული ტომის არსებობის უარყოფა ნაკლებ დამაჯერებელი იქნება. ამიტომ ყველა ღონე უნდა იხმაროთ, რათა ფარული ტომის არეალში ჩაწერა თავიდან აიცილოთ. ნებისმიერი ჩასაწერი ინფორმაცია, რომლის ამ არეალში ჩაწერის მცდელობაც იქნება, დაიკარგება. Windows-მა შესაძლოა ამ დროს გამოიტანოს შეცდომის შეტყობინება ("Delayed Write Failed" ან "The parameter is incorrect"). - გაფრთხილება: იყო ფარული ტომის არეალში მონაცემების ჩაწერის მცდელობა დისკზე, რომელიც მიერთებულია, როგორც %c:! VeraCrypt-მა დაბლოკა ეს მონაცემები ჩაწერისგან, რათა დაეცვა ფარული ტომი დაზიანებისგან. ამან შესაძლოა გარე ტომის ფაილური სისტემის დაზიანება გამოიწვია, Windows-მა შესაძლოა გამოიტანოს შეცდომის შეტყობინება ("Delayed Write Failed" ან "The parameter is incorrect"). მთლიანი ტომი (გარე და ფარული) მათ გამოერთებამდე დაცული იქნება ჩაწერისგან. თუ ეს ჩაწერისაგან დაცვის პირველი შემთხვევა არ არის, ფარული ტომის არსებობის უარყოფა ნაკლებ დამაჯერებელი იქნება (გარე ფაილურ სისტემაში კორელაციური დარღვევების გამო). ამიტომ უმჯობესი იქნება შექმნათ ახალი VeraCrypt ტომი (სწრაფი ფორმატირების გარეშე) და არსებული ფაილები გადაიტანოთ ახალ ტომში; ძველი ტომი დაცულად უნდა წაიშალოს (გარე და ფარული ტომები). რეკომენდებულია ახლავე გადატვირთოთ ოპერაციული სისტემა. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - თქვენი კომპიუტერი საჭიროებს გადატვირთვას.\n\nგსურთ ახლავე გადატვირთვა? - სისტემის შიფრაციის სტატუსის მიღების დროს მოხდა შეცდომა. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - ვერ ხერხდება სისტემის შიფრაციისათვის პროგრამის კომპონენტების ინიციალიზაცია. - შემთხვევითი რიცხვების გენერატორის ინიციალიზაციის შეცდომა. - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - პროგრამის ინიციალიზაციის შეცდომა. Dialog კლასის რეგისტრირება შეუძლებელია. - Error: Failed to load the Rich Edit system library. - VeraCrypt-ის ტომების შექმნის ოსტატი - ამ ტომზე ფარული ტომის მაქსიმალური ზომა შეადგენს %.2f ბაიტს - ამ ტომზე ფარული ტომის მაქსიმალური ზომა შეადგენს %.2f კბ-ს - ამ ტომზე ფარული ტომის მაქსიმალური ზომა შეადგენს %.2f მბ-ს - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - მიერთებული ტომის პაროლის/გასაღების ფაილების შეცვლა შეუძლებელია. გამოაერთეთ ტომი. - სანამ ტომი მიერთებულია, ამ ტომის სათაურის გასაღების დერივაციის ალგორითმის შეცვლა არ შეიძლება. ჯერ გამოაერთეთ ტომი. - მიერთება - ამ ტომის მიერთებისათვის საჭიროა VeraCrypt-ის უფრო ახალი ვერსია. - შეცდომა! ტომების შექმნის ოსტატი ვერ მოიძებნა.\n\nშეამოწმეთ, "VeraCrypt.exe"-ს ფოლდერში არის თუ არა ფაილი "VeraCrypt Format.exe". თუ არ არის, ხელახლა დააინსტალირეთ VeraCrypt ან მოძებნეთ დისკებზე ფაილი "VeraCrypt Format.exe" და გაუშვით. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - შემდეგ - მზადაა - ინსტალაცია - დეარქივაცია - VeraCrypt-ის მოწყობილობის დრაივერთან მიერთება არ ხერხდება. VeraCrypt-ის ფუნქციონირება ამ დრაივერის გარეშე შეუძლებელია.\n\nმოწყობილობის დრაივერის ჩართვამდე, შესაძლოა საჭირო გახდეს სისტემიდან გამოსვლა ან სისტემის გადატვირთვა. - შეცდომა ფონტების ჩატვირთვისას. - დისკის ასო არ მოიძებნა ან არ იქნა მითითებული. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - დისკის სახელი არ არის თავისუფალი. - ფაილი არ არის არჩეული. - დისკის თავისუფალი სახელები არ არის. - დისკის თავისუფალი სახელი გარე ტომისათვის აღარ არის. ტომის შექმნის გაგრძელება შეუძლებელია. - ოპერაციული სისტემის ვერსიის განსაზღვრა ვერ მოხერხდა, ან გამოიყენება არათავსებადი სისტემა. - მისამართი არ არის მითითებული. - ფარილი ტომისათვის არასაკმარისი თავისუფალი ადგილია. ტომის შექმნის გაგრძელება შეუძლებელია. - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - დრაივერის მიერ ტომის გამოერთება ვერ ხერხდება. შესაძლოა, ტომზე ფარული ფაილებია. - ტომის ბლოკირება შეუძლებელია. მასზე განთავსებულია ფარული ფაილებია, ამიტომ მისი გამოერთება არ შეიძლება. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - აირჩიეთ VeraCrypt-ის ტომი - მიუთითეთ ფაილის მისამართი დ სახელი - Select PKCS #11 Library - მეხსიერება არასაკმარისია - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - გაფრთხილება: ფაილი '%s' უკვე არსებობს!\n\nVeraCrypt არ დაშიფრავს ფაილს, იგი წაიშლება. დარწმუნებული ხართ, რომ გსურთ ამ ფაილის წაშლა და ახალი ფაილ-კონტეინერის შექმნა? - გაფრთხილება: %s '%s'%s -ზე შენახული ყველა ფაილი წაიშლება!\n\nნამდვილად გსურთ ფორმატირების გაგრძელება? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - პაროლი - PIM - სათაურის გასაღების დერივაციის ალგორითმი - ტომ(ებ)იდან გასაღების ფაილ(ებ)ის დამატება/წაშლა - ტომიდან ყველა გასაღების ფაილის წაშლა - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - შენიშვნა:VeraCrypt-ის აღმდგენი დისკი ჯერჯერობით ისევ ძველ ალგორითმს იყენებს. თუ ძველი ალგორითმი დაუცველად მიგაჩბნიათ, მაშინ შექმენით ახალი აღმდგენი დისკი და ძველი გაანადგურეთ.\n\nგსურთ ახალი აღმდგენი დისკის შექმნა? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - გასაღების ფაილები წარმატებით დაემატა/წაიშალა. - Keyfile exported. - სათაურის გასაღების დერივაციის ალგორითმი წარმატებით დაყენდა. - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. - აირციეთ პაროლი ფარული ტომისათვის. - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - შეიტანეთ პაროლი ტომისათვის, რომლის შიგნით შეიქმნება ფარული ტომი.\n\n"შემდეგ"-ის დაჭერით VeraCrypt შეეცდება მიაერთოს ტომი, რის შემდეგაც მოხდება მიერებულ ტომზე თავისუფალი არის კლასტერების რუკის სკანირება, რომლის ბოლოშიც იქნება ტომის დაბოლოება. ამ ადგილას განთავსდება ფარული ტომი, ანუ განისაზღვრება მისი მაქსიმალური ზომა. რუკის სკანირება გარანტიას იძლევა, რომ ფარული ტომის მონაცემები არ დააზიანებს გარე ტომის მონაცემებს. - \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - გარე ტომის პაროლი - ფარული ტომის პაროლი - Password for Hidden Operating System - ყურადღება: მოკლე პაროლები ადვილი გამოსაცნობია გადარჩევის ხერხით.\n\nრეკომენდებულია 20 სიმბოლოზე გრძელი პაროლების გამოყენება.\n\nნამდვილად გსურთ მაკლე პაროლის გამოყენება? - ტომის პაროლი - პაროლი არასწორია, ან ეს VeraCrypt-ის ტომი არ არის. - პაროლი ან/და გასაღების ფაილები არასწორია, ან ეს VeraCrypt-ის ტომი არ არის. - არასწორი მიერთების რეჟიმი, არასწორი პაროლი ან არა-VeraCrypt-ის ტომი. - არასწორი მიერთების რეჟიმი, არასწორი პაროლი/გასაღების ფაილები ან არა-VeraCrypt-ის ტომი. - პაროლი არასწორია, ან VeraCrypt-ის ტომი არ მოიძებნა. - პაროლი/გასაღების ფაილები არასწორია, ან VeraCrypt-ის ტომი არ მოიძებნა. - \n\nყურადღება! ჩართულია ღილაკი Caps Lock. ამან შესაზლოა პაროლის არასწორი აკრეფა გამოიწვიოს. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nშენიშვნა: თუ ცდილობთ დაშიფრულ სისტემურ დისკზე მოთავსებული განაყოფის მიერთებას, ჩატვირთვისწინა აუთენტიფიკაციის გარეშე ან დაშიფრული სისტემური განაყოფის მიერთებას, რომელზეც სისტემა არ მუშაობს, მაშინ აირჩიეთ "სისტემა">"ჩატვირთვისწინა აუთენტიფიკაციის გარეშე". - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - უკან - სისტემაში არსებული raw-მოწყობილობების სიის ჩვენება შეუძლებელია. - ტომი '%s' არსებობს და წვდომადია მხოლოდ კითხვისათვის. ნამდვილად გსურთ მისი შეცვლა? - აირჩიეთ მიზნობრივი ფოლდერი - აირჩიეთ გასაღების ფაილი - აირჩიეთ გასაღების ფაილების ძიების მისამართი. ყურადღება: შეინახება მხოლოდ მისამართი, და არა ფაილების სახელები. - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - შემუშავებულია როს ანდერსონის, ელი ბიჰამის და ლარს კნუდსენის მიერ. გამოქვეყნდა 1998წ. 256-ბიტი გასაღები, 128-ბიტი ბლოკი. ქმედების რეჟიმი - XTS. AES-ის ფინალისტი. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - გარე ტომის ზომა - ფარული ტომის ზომა - Please verify that the size of the selected device/partition shown above is correct and click Next. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - ტომის ზომა - დინამიური - ყურადღება! ტესტის შეცდომა. - ყველა ალგორითმის ტესტი გავლილია - მითითებული მონაცემთა ერთეულის ნომერი ძალიან გრძელი ან ძალიან მოკლეა. - მითითებული მეორეადი გასაღები ძალიან გრძელი ან ძალიან მოკლეა. - სატესტო დაშიფრული ტექსტის სიგრძე არასწორია. - სატესტო გასაღების სიგრძე არასწორია. - სატესტო ღია ტექსტის სიგრძე არასწორია. - ორი შიფრი, მოქმედი კასკადურად XTS რეჟიმში. ყოველი ბლოკი იშიფრება ჯერ %s-ით (%d-ბიტი გასაღები) და შემდგომ %s-ით (%d-ბიტი გასაღები). ყოველი შიფრი იყენებს დამოუკიდებელ გასაღებს. - სამი შიფრი, მოქმედი კასკადურად XTS რეჟიმში. ყოველი ბლოკი იშიფრება %s-ით (%d-ბიტი გასაღები), %s-ით (%d-ბიტი გასაღები), და %s-ით (%d-ბიტი გასაღები). ყოველი შიფრი იყენებს დამოუკიდებელ გასაღებს. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt-ის მოგზაური დისკი - შემუშავებულია ბრუს შნეიერის, ჯონ კელსის, დაგ ვაითინგის, დევიდ ვაგნერის, კრის ჰოლის და ნილს ფერგიუსონის მიერ. გამოქვეყნდა 1998წ. 256-ბიტი გასაღები, 128-ბიტი ბლოკი. ქმედების რეჟიმი-XTS. AES ფინალისტი. - დამატებით ინფორმაცია იხ. %s - უცნობია - An unspecified or unknown error occurred (%d). - ზოგიერთი ტომი შეიცავს ფაილებს ან ფოლდერებს, რომლებიც გამოიყენება სისტემის ან პროგრამების მიერ.\n\nმაინც გსურთ გამოერთება? - გამოერთება - შეცდომა გამოერთებისას. - ტომი შეიცავს ფაილებს ან ფოლდერებს, რომლებიც გამოიყენება სისტემის ან პროგრამების მიერ.\n\nმაინც გსურთ გამოერთება? - No volume is mounted to the specified drive letter. - ეს ტომი უკვე მიერთებულია. - შეცდომა ტომის მიერთების მცდელობისას. - შეცდომა ტომში ადგილმდებარეობის ძიებისას. - შეცდომა: ტომის არასწორი ზომა. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt ვერ შეცვლის მისთვის უცნობი ტიპის ტომის პაროლს. - აირჩიეთ სიიდან დისკის თავისუფალი ასო. - აირჩიეთ დისკების ასოების სიაში მიერთებული ტომი. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - შეცდომა: autorun.inf ფაილის შექმნა შეუძლებელია - შეცდომა გასაღების ფაილის დამუშავებისას. - შეცდომა გასაღების ფაილის მისამართის დამუშავებისას. - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt არათავსებადია ამ ოპერაციულ სისტემასთან. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - შეცდომა: მეხსიერების განაწილება შეუძლებელია. - შეცდომა: წარმადობის მთვლელის მნიშვნელობის აღდგენა შეუძლებელია. - შეცდომა: ტომის არასწორი ფორმატი. - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt-Legal Notices - ყველა ფაილი - VeraCrypt-ის ტომები - Library Modules - NTFS-ფორმატირების გაგრძელება შეუძლებელია. - ტომის მიერთება შეუძლებელია. - ტომის გამოერთება შეუძლებელია. - Windows ვერ აფორმატირებს ამ ტომს, როგორც NTFS.\n\nაირჩიეთ სხვა ფაილური სისტემა და გაიმეორეთ ცდა. ან შეგიძლიათ დასტოვოთ ეს ტომი დაუფორმატებელი (ფაილური სისტემის არჩევის ველში მიუთითეთ "არა"), დახურეტ ოსტატის ფანჯარა, მიაერთეთ ტომი, შემდეგ კი სისტემური ან სხვა უტილიტის დააფორმატირეთ მიერთებული ტომი (ამ დროს ტომი დაშიფრული რჩება). - ტომის NTFS ფორმატირება არ მოხერხდა.\n\nგსურთ დააფორმატოთ ტომი როგორც FAT? - საწყისად - partition - განაყოფი - მოწყობილობა - device - მოწყობილობა - ტომი - volume - VOLUME - Label - ამ ტომისათვის არჩეულია კლასტერების მეტად მცირე ზომა. გამოყენებულ იქნება შედარებით დიდი ზომის კლასტერი. - შეცდომა! ტომის ზომის დათვლა შეუძლებელია.\n\nშეამოწმეთ, ხომ არ გამოიყენება არჩეული ტომი სისტემის ან სხვა პროგრამის მიერ. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - VeraCrypt-ის ტომების შექმნის ოსტატს ფარული ტომის შექმნა შეუძლია მხოლოდ FAT ან NTFS ტომში. - Windows 2000-ში, VeraCrypt-ის ტომების შექმნის ოსტატს ფარული ტომის შექმნა შეუძლია მხოლოდ FAT ტომში. - Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). - Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - შეცდომა! ტომთან წვდომა არ არის.\n\nშეამოწმეთ, არსებობს თუ არა ეს ტომი, არ არის მიერთებული, არ გამოიყენება სისტემის ან სხვა პროგრამის მიერ, და დაცული არ არის ჩაწერისაგან. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - შეცდომა! გარე ტომის გამოერთება შეუძლებელია.\n\nტომის გამოერთება შეუძლებელია, თუ იგი შეიცავს ფაილებს ან ფოლდერებს, რომლებიც გამოიყენება სისტემის ან სხვა პროგრამის მიერ.\n\nდახურეთ ყველა პროგრამა, რომლებიც შესაძლოა იყენებენ ფაილებს ამ ტომში, და დააჭირეთ "გამეორება"-ს. - შეცდომა: გარე ტომის შესახებ ინფორმაციის მიღება ვერ ხერხდება! ტომის შექმნის პროცესი შეწყვეტილია. - შეცდომა! გარე ტომთან წვდომა არ არის. ტომის შექმნის გაგრძელება შეუძლებელია. - შეცდომა! გარე ტომის მიერთება შეუძლებელია. ტომის შექმნის გაგრძელება შეუძლებელია. - შეცდომა! ტომის კლასტერების რუკის მიღება შეუძლებელია. ტომის შექმნის გაგრძელება შეუძლებელია. - ანბანურად/კატეგორიებით - საშუალო სიჩქარე (კლებადობა) - ალგორითმი - შიფრაცია - დეშიფრაცია - საშუალო - დისკი - ზომა - შიფრაციის ალგორითმი - შიფრაციის ალგორითმი - ტიპი - მნიშვნელობა - თვისება - მდებარეობა - ბაიტი - ფარული - გარე - ჩვეულებრივი - სისტემური - Hidden (system) - მხოლოდ კითხვისათვის - სისტემური დისკი - სისტემური დისკი (შიფრაცია - %.2f%% დასრულდა) - სისტემური დისკი (დეშიფრაცია - %.2f%% დასრულდა) - სისტემური დისკი (%.2f%% დაშიფრულია) - სისტემური განაყოფი - Hidden system partition - სისტემური განაყოფი (შიფრაცია - %.2f%% დასრულდა) - სისტემური განაყოფი (დეშიფრაცია - %.2f%% დასრულდა) - სისტემური განაყოფი (%.2f%% დაშიფრულია) - დიახ (დაცვა დაზიანებისაგან) - არა - Primary Key Size - Secondary Key Size (XTS Mode) - Tweak Key Size (LRW Mode) - ბიტი - ბლოკის ზომა - PKCS-5 PRF - PKCS-5 ოპერაციების რაოდენობა - ტომი შექმნილია - სათაურის ბოლო ცვლილება - (განვლო დღემ: %I64d) - Volume Format Version - Embedded Backup Header - VeraCrypt Boot Loader Version - 1-ლი თავისუფალი - Removable Disk - მყარი დისკი - უცვლელი - Autodetection - ოსტატის რეჟიმი - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - ინსტალაციის ოფციები - აქ შეგიძლიათ მიუთითოთ ინსტალაციის პროცესის სამართავი სხვადასხვა პარამეტრები. - ინსტალაცია - გთხოვთ მოიცადოთ VeraCrypt-ის ინსტალაციის დასრულებამდე. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - დეარქივაციის ოფციები - აქ შეგიძლიათ მიუთითოთ დეარქივაციის პროცესის სამართავი სხვადასხვა პარამეტრები. - გთხოვთ მოიცადოთ დეარქივაციის დასრულებამდე. - Files successfully extracted - ყველა ფაილი წარმატებით იქნა დეარქივირებული მითითებულ მისამართზე. - თუ მითითებული ფოლდერი არ არსებობს, იგი ავტომატურად შეიქმნება. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - გსურთ იხილოთ VeraCrypt-ის მიმდინარე ვერსიის ანოტაცია? - თუ VeraCrypt-თან არასდროს გიმუშავიათ, რეკომენდებულია გაეცნოთ დამწყებთა განაყოფს VeraCrypt-ის მომხმარებლის სახელმძღვანელოში გსურთ დოკუმენტაციის წაკითხვა? - გთხოვთ აირჩიოთ შემდეგი მოქმედებებიდან: - აღდგენა/რეინსტალაცია - Upgrade - დეინსტალაცია - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - ინსტალაცია ჩაიშალა. - დეინსტალაცია ჩაიშალა. - ეს საინსტალაციო პაკეტი დაზიანებულია. გთხოვთ, ხელახლან ჩამოტვირთოთ (უმჯობესია ოფიციალური საიტიდან https://veracrypt.codeplex.com). - ფაილის %s ჩაწერა არ ხერხდება - დეარქივაცია - პაკეტიდან მონაცემთა წაკითხვა არ ხერხდება. - საინსტალაციო პაკეტის მთლიანობის შემოწმება არ ხერხდება. - დეარქივაცია ჩაიშალა. - მოხდა ინსტალაციის უკუქცევა. - პროგრამა VeraCrypt წარმატებით ინსტალირებულია. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - პროგრამა VeraCrypt წარმატებით დეინსტალირებულია.\n\nდააჭირეთ ღილაკს "მზადაა", რათა წაიშალოს VeraCrypt-ის ინსტალატორი და ფოლდერი %s. ფოლდერი არ წაიშლება, თუ იგი შეიცავს ფაილებს, რომლებიც ინსტალატორის ან VeraCrypt-ის მიერ არაა შექმნილი. - რეესტრიდან VeraCrypt-ის ჩანაწერების წაშლა - რეესტრში ელემენტის დამატება - პროგრამასთან დაკავშირებული მონაცემების წაშლა - ინსტალაცია - შეჩერება - წაშლა - ხატულას დამატება - სისტემის აღდგენის წერტილის შექმნა - შეცდომა სისტემის აღდგენის წერტილის შექმნისას. - Updating boot loader - "%s"-ის ინსტალაცია ჩაიშალა. %s გსურთ ინსტალაციია გაგრძელება? - "%s"-ის დეინსტალაცია ჩაიშალა. %s გსურთ დეინსტალაციის გაგრძელება? - ინსტალაცია დასრულებულია. - %s' ფოლდერის შექმნა არ მოხდა. - VeraCrypt-ის დრაივერის ამოტვირთვა შეუძლებელია.\n\nდახურეთ VeraCrypt-ის ყველა გახსნილი ფანჯარა. თუ შედეგი არ არის, გადატვირთეთ Windows და სცადეთ ხელახლა. - ინსტალაციის გაგრძელებამდე, საჭიროა VeraCrypt-ის ყველა მიერთებული ტომის გამოერთება. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - შეცდომა რეესტრში ელემენტების რეგისტრაციისას - შეცდომა მოწყობილობის დრაივერის ინსტალაციისას. გადატვირთეთ Windows და სცადეთ VeraCrypt-ის ინსტალაცია ხელახლა. - VeraCrypt-ის დრაივერის გაშვება - მოწყობილობის დრაივერის დეინსტალაცია ჩაიშალა. პროცესის გაგრძელებამდე შესაძლოა საჭირო გახდეს Windows-იდან გამოსვლა ან/და სისტემის გადატვირთვა. - VeraCrypt-ის დრაივერის ინსტალაცია - VeraCrypt-ის დრაივერის შეჩერება - VeraCrypt-ის დრაივერის დეინსტალაცია - შეცდომა მომხმარებლის ანგარიშების მართვის (User Account Control) დამხმარე ბიბლიოთეკის რეგისტრაციისას. - შეცდომა მომხმარებლის ანგარიშების მართვის (User Account Control) დამხმარე ბიბლიოთეკის რეგისტრაციის უარყოფისას. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - შეცდომა: ლიცენზიის ჩვენება არ ხერხდება. - გარე(!) - დღე - სთ - წთ - წმ - გახსნა - გამოერთება - VeraCrypt-ის ჩვენება - VeraCrypt-ის დამალვა - წაკითხულია მიერთების შემდეგ - ჩაწერილია მიერთების შემდეგ - დაშიფრული ნაწილი - 100% (სრულად დაშიფრული) - 0% (დაუშიფრავი) - %.3f%% - 100% - ვიცდით... - Preparing - Resizing - შიფრაცია - დეშიფრაცია - Finalizing - პაუზა - დასრულებულია - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - შეიტანეთ პაროლი %s-თვის - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - გასაღების ფაილი წარმატებით შეიქმნა. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - ტომის სათაურის სარეზერვო ასლი წარმატებით შეიქმნა.\n\nმნიშვნელოვანია: ამ ასლიდან სათაურის აღდგენისას ასევე აღდგება ტომის მიმდინარე პაროლი. მეტიც, თუ ტომის მიერთებისას გამოიყენება გასაღების ფაილები, მაშინ სათაურის აღდგენის შემდეგ ტომის მისაერთებლად საჭირო იქნება იგივე გასაღების ფაილები.\n\nყურადღება: სათაურის ეს ასლი შეიძლება გამოყენებულ იქნას მხოლოდ ამ კონკრეტული ტომისათვის. სხვა ტომისათვის ამ ასლის გამოყენების შემდეგ ტომის მიერთება შესაძლებელი იქნება, მაგრამ ტომიდან რაიმე მონაცემის წაკითხვა - შეუძლებელი (რადგან შეიცვლება მისი გასაღები). - ტომის სათაური წარმატებით აღდგა.\n\nმნიშვნელოვანია: გაიტვალისწინეთ, რომ სათაურის აღდგენით შესაძლოა აღდგა ძველი პაროლიც. მეტიც, თუ ტომის მიერთებისას გამოიყენება გასაღების ფაილები, მაშინ სათაურის აღდგენის შემდეგ ტომის მისაერთებლად საჭირო იქნება იგივე გასაღების ფაილები - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - ნამდვილად გსურთ %s ტომის სათაურის აღდგენა?\n\nყურადღება: სათაურის აღდგენისას ასევე აღდგება პაროლი, რომელიც მოქმედებდა სარეზერვო ასლის შენახვის დროს. მეტიც, თუ ტომის მიერთებისას გამოიყენება გასაღების ფაილები, მაშინ სათაურის აღდგენის შემდეგ ტომის მისაერთებლად საჭირო იქნება იგივე გასაღების ფაილები.\n\nდააჭირეთ "დიახ"-ს, რათა აირჩიოთ სათაურის სარეზერვო ასლის ფაილი. - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - თქვენ ცდილობთ სისტემური განაყოფის/მოწყობილობის სათაურის რეზერვირებას. ეს არ არის ნებადართული. სისტემური დისკის რეზევირება/აღდგენის ოპერაციები შიძლება განხორციელდეს მხოლოდ VeraCrypt-ის აღმდგენი დისკის გამოყენებით.\n\nგსურთ VeraCrypt-ის აღმდგენი დისკის შექმნა? - თქვენ ცდილობთ VeraCrypt-ის ვირტუალური ტომის სათაურის აღდგენას, მაგრამ არჩეულია სისტემური განაყოფი/მოწყობილობა. ეს არ არის ნებადართული. სისტემური დისკის რეზევირება/აღდგენის ოპერაციები შიძლება განხორციელდეს მხოლოდ VeraCrypt-ის აღმდგენი დისკის გამოყენებით.\n\nგსურთ VeraCrypt-ის აღმდგენი დისკის შექმნა? - OK-ის დაწკაპების შემდეგ აირჩიეთ VeraCrypt-ის ახალი აღმდგენი დისკის ISO ფაილის სახელი და მისამართი. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - მოათავსეთ VeraCrypt-ის აღმდგენი დისკი CD/DVD მოწყობილობაში და დაწკაპეთ OK. - VeraCrypt-ის აღმდგენი დისკი წარმატებით შემოწმდა. - აღმდგენი დისკის ჩაწერის სისწორის შემოწმება ვერ მოხერხდა.\n\nთუ აღმდგენი დისკი ჩაწერილია, დისკი გამოიღეთ და ხელახლა ჩადეთ CD/DVD მოწყობილობაში. თუ ეს არ შველის, მაშინ გამოიყენეთ სხვა დისკი ან/და სხვა ჩამწერი პროგრამა.\n\nთუ ამოწმებთ სხვა მთავარი გასაღებისათვის, მარილისათვის და ა.შ. შექმნილ აღმდგენ დისკს, შემოწმება ყოველთვის მცდარ შედეგს აჩვენებს. მიმდინარე კონფიგურაციის თავსებადი აღმდგენი დისკის შექმნისათვის, აირჩიეთ სისტემა>აღმდგენი დისკის შექმნა. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - VeraCrypt-ის აღმდგენი დისკის Rescue Disk. - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - გაგრძელებამდე, გამოაერთეთ ტომი. - შეცდომა: ტაიმერის დაყენება ვერ ხერხდება. - ფაილური სისტემის შემოწმება - ფაილური სისტემის შეკეთება - Add to Favorites... - Add to System Favorites... - P&roperties... - ფარული ტომი დაცულია - N/A - დიახ - არა - Disabled - 1 - 2 ან მეტი - ოპერაციის რეჟიმი - Label: - Size: - Path: - Drive Letter: - შეცდომა! პაროლი უნდა შეიცავდეს მხოლოდ სტანდარტულ ASCII სიმბოლოებს.\n\nარა-ASCII სიმბოლოების გამოყენება შეუძლებელს გახდის ტომის მიერთებას, თუ სისტემის კონფიგურაცია შეიცვლება.\n\nნებადართულია შემდეგი სიმბოლოების გამოყენება:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - ყურადღება! პაროლი შეიცავს არა-ASCII სიმბოლოებს. ეს შეუძლებელს გახდის ტომის მიერთებას, თუ სისტემის კონფიგურაცია შეიცვლება..\n\nშეცვალეთ ყველა არა-ASCII სიმბოლო ASCII სიმბოლოებით.\n\nASCII სიმბოლოებია:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - ვებ-გვერდი - ყურადღება: სისტემაში არ არის ინსტალირებული Windows-ის არცერთი განახლების პაკეტი (Service Pack).თუ Windows XP-ზე არ არის ინსტალირებული Service Pack 1 (ან უფრო ახალი), 128გბ-ზე მეტი მოცულობის IDE დისკებზე ჩაწერა არ არის რეკომენდებული, რადგან ეს გამოიწვევს მონაცემთა დაზიანებას (მიუხედავად იმისა, ეხება ეს VeraCrypt-ის ტომს თუ არა). ეს Windows-ის შეზღუდვაა და არა შეცდომა VeraCrypt-ში. - ყურადღება: სისტემაში არ არის ინსტალირებულიWindows-ის განახლების პაკეტი Service Pack 3 (ან ახალი). თუ Windows 2000-ზე არ არის ინსტალირებულია Service Pack 3 (ან ახალი), 128გბ-ზე მეტი მოცულობის IDE დისკებზე ჩაწერა არ არის რეკომენდებული, რადგან ეს გამოიწვევს მონაცემთა დაზიანებას (მიუხედავად იმისა, ეხება ეს VeraCrypt-ის ტომს თუ არა). ეს Windows-ის შეზღუდვაა და არა შეცდომა VeraCrypt-ში. ამის გარდა, შესაძლოა საჭირო გახდეს რეესტრში LBA-ს 48 ბიტიანი ადრესაციის მხარდაჭერის ჩართვა; დაწვრილებით იხ. http://support.microsoft.com/kb/305098/EN-US - ყურადღება: 48-bit LBA ATAPI-ის მხარდაჭერა სისტემაში გამორთულია. შესაბსამისად,128გბ-ზე მეტი მოცულობის IDE დისკებზე ჩაწერა არ შეიძლება! წინააღმდეგ შემთხვევაში შესაძლებელია მონაცემთა დაზიანება. ეს Windows-ის შეზღუდვაა და არა შეცდომა VeraCrypt-ში.\n\n48-ბიტიანი LBA მხარდაჭერის დამატებისათვის, რეგიტრში მისამართზე HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters ჩაამატეთ მნიშვნელობა "EnableBigLba" და მიანიჭეთ 1.\n\nდამატებით იხ. http://support.microsoft.com/kb/305098 - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - ყურადღება: თუ მომავალში დაგჭირდებათ გარე ტომში მონაცემების/ფაილების დამატება, წინასწარ იზრუნეთ მასში არსებული ფარული ტომის ზომის შემცირებაზე.\n\nგსურთ გააგრძელოთ და გამოიყენოთ თქვენს მიერ მითითებული ზომა? - ტომი არ არის არჩეული.\n\nდააჭირეთ ღილაკს "მოწყობილობა" ან "ფაილი" და აირჩიეთ VeraCrypt-ის ტომი. - ასარჩევია განაყოფი.\n\nდაწკაპეთ "აირჩიეთ მოწყობილობა" განაყოფის ასარჩევად, რომელიც ჩატვირთვისწინა აუთენტიფიკაციას მოითხოვს (მაგ. დაშიფრულ სისტემურ დისკზე მოთავსებული განაყოფი, ოპერაციული სისტემით, რომელიც არ მუშაობს).\n\nშენიშვნა: ეს განაყოფი მიერთდება, როგორც ჩვეულებრივი VeraCrypt-ის ტომი, ჩატვირთვისწინა აუთენტიფიკაციის გარეშე. ეს გამოსადეგია მაგ. რეზერვირების ან აღდგენის ოპერაციებისათვის. - გაფრთხილება: თუ საწყისი გასაღების ფაილები დანიშნულია, იმ ტომების მიერთება, რომლებიც არ იყენებენ ასეთ ფაილებს, შეუძლებელი იქნება. ამიტომ, საწყისი გასაღების ფაილების დანიშვნის შემდეგ, არ დაგავიწყდეთ, ასეთი ტომის ყოველი მიერთებისას გამორთოთ ოფცია "გამოიყენე გასაღების ფაილი' (პაროლის ველის ქვემოთ).\n\nნამდვილად გსურთ დანიშნოთ მითითებული გასაღების ფაილები საწყისად? - მოწყობილობების ავტომიერთება - ყველას გამოერთება - კეშის წაშლა - Dismount All & Wipe Cache - ყველას გამოერთება და კეშის წაშლა - ყველას გამოერთება, კეშის წაშლა და გასვლა - რჩეული ტომების მიერთება - VeraCrypt-ის მთავარი ფანჯრის ჩვენება/დამალვა - (დაწკაპეთ აქ დადააჭირეთ ღილაკს) - მოქმედება - სწრაფი გამოძახება - შეცდომა! ეს "ცხელი კლავიში" რეზერვირებულია. აირჩიეთ სხვა. - შეცდომა! ეს "ცხელი კლავიში" უკვე გამოიყენება. - ყურადღება: ზოგიერთი საერთოსისტემური "ცხელი კლავიშები" VeraCrypt-ში არ იმუშავებს!\n\nშეამოწმეთ, ხომ არ გამოიყენება ეს კომბინაცია ოპერაციული სისტემის ან სხვა პროგრამების მიერ. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - ყურადღება: თუ ეს ოპცია გამორთულია, ტომების, რომლებიც გახსნილ ფაილებს/ფოლდერებს შეიცავენ, აუტოგამოერთება არ მოხდება.\n\nნამდვილად გსურთ ამ ოპციის გამორთვა? - ყურადღება: ტომების, რომლებიც გახსნილ ფაილებს/ფოლდერებს შეიცავენ, აუტოგამოერთება არ მოხდება.\n\nამის თავიდან ასაცილებლად, ჩართეთ შესაბამისი ოფცია მენიუში" - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - თქვენ დაგეგმილი გაქვთ სისტემური განაოფის/მოწყობილობის შიფრაცია/დეშიფრაცია. ეს პროცესი ჯერ არ დასრულებულა.\n\nგსურთ ამ პროცესის დაწყება (გაგრძელება) ახლავე? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - თქვენ დაგეგმილი გაქვთ სისტემური განაყოფის/დისკის შიფრაცია ან დეშიფრაცია. თუმცა ჩატვირთვისწინა აუთენტიფიკაცია ჩაიშალა ან არ გამოიტოვა.\n\nშენიშვნა: თუ ჩატვირთვის დროს სისტემურ განაყოფს/დისკს დეშიფრაცია გაუკეთეთ, მაშინ დაასრულეთ პროცესი - აირჩიეთ მენიუში "სისტემა">"სისტემური განაყოფის/დისკის სამუდამო დეშიფრაცია". - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - გამოვიდეთ? - VeraCrypt არ აქვს საკმარისი ინფორმაცია, შეასრულოს შიფრაციის თუ დეშიფრაციის ოპერაცია. - VeraCrypt ვერ წყვეტს რა შეასრულოს, შიფრაცია თუ დეშიფრაცია.\n\nშენიშვნა: თუ ჩატვირთვის დროს სისტემურ განაყოფს/დისკს დეშიფრაცია გაუკეთეთ, მასინ დაასრულეთ პროცესი - დაწკაპეთ "დეშიფრაცია". - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - გსურთ შეწყვითოთ და გადადოთ სისტემური განაყოფის/მოწყობილობის შიფრაციის პროცესი?\n\nმომავალში შესაძლებლობა გექქნებათ შეწყვეტილი მომენტიდან გააგრძელოთ ეს პროცესი. ეს შეგიძლიათ გააკეთოთ შემდეგნაირად: აირჩიეთ მენიუდან სისტემა>შეწყვეტილი პროცესის გაგრძელება. თუ სამუდამოდ გსურთ შეწყვიტოთ ან უკუაგდოთ შიფრაციის პროცესი, აირჩიეთ სისტემა>სისტემური განაყოფის/მოწყობილობის სამუდამოდ დეშიფრაცია. - გსურთ შეწყვითოთ და გადადოთ სისტემური განაყოფის/მოწყობილობის დეშიფრაციის პროცესი?\n\nმომავალში შესაძლებლობა გექქნებათ შეწყვეტილი მომენტიდან გააგრძელოთ ეს პროცესი. ეს შეგიძლიათ გააკეთოთ შემდეგნაირად: აირჩიეთ მენიუდან სისტემა>შეწყვეტილი პროცესის გაგრძელება. თუ გსურთ დეშიფრაციის პროცესის უკან დაბრუნება (და შიფრაციის დაწყება), აირჩიეთ სისტემა>სისტემური განაყოფის/მოწყობილობის შიფრაცია. - შეცდომა: სისტემური განაყოფის/მოწყობილობის შიფრაცია/დეშიფრაციის პროცესის შეწყვეტა შეუძლებელია. - Error: Failed to interrupt the process of wiping. - შეცდომა: სისტემური განაყოფის/მოწყობილობის შიფრაცია/დეშიფრაციის პროცესის გაგრძელება შეუძლებელია. - Error: Failed to start the process of wiping. - გაუმართაობა აღმოფხვრილია.\n\n\n(თუ გამოგზავნით ამ შეცდომასთან დაკავშირებით ინფორმაციას, დაურთეთ შემდეგი ტექნიკური ინფორმაცია: %hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - ყურადღება: VeraCrypt-ის ფონური რეჟიმი გამორთულია. VeraCrypt-ის დახურვის შემდეგ, იგი არ შეგატყობინებთ ფარული ტომის დაზიანების შემთხვევაზე.\n\nგსურთ ჩართოთ VeraCrypt-ის ფონური რეჟიმი? - ენის მოდულის ვერსია: %s - მიმდინარეობს %s-ად მიერთებული ტომის ფაილური სისტემის შემოწმება... - მიმდინარეობს %s-ად მიერთებული ტომის ფაილური სისტემის აღდგენა... - ყურადღება: ეს ტომი დაშიფრულია 64-ბიტი ბლოკიანი შიფრაციის ალგორითმით.\n\n64-ბიტი ბლოკიანი დაშიფრვის ალგორითმები (Blowfish, CAST-128, and Triple DES) მოძველებულია. ამ ტომის მიერთება VeraCrypt 5.0-ით ან შემდგომი ვერსიებით შეუძლებელია. რეკომენდებულია შექმნათ VeraCrypt-ის ახალი ტომი 128 ბიტი ბლოკიანი სიფრაციის ალგორითმით (მაგ. AES, Serpent, Twofish) და შემდეგ გადაიტანოთ ამ ტომიდან ფაილები ახალ ტომში. - სისტემა არაა კონფიგურირებული ახალი ტომების ავტომიერთებისათვის. მოწყობილობის ბაზაზე არსებული ტომების მიერთება შესაძლოა ვერ მოხდეს. ავტომიერთების ჩართვა შეიძლება შემდეგი ბრძანების შესრულებით და სისტემის გადატვირთვით.\n\nmountvol.exe /E - გთხოვთ განაყოფს/მოწყობილობას მიანიჭოთ დისკის ასო (Control Panel>System and Maintenance>Administrative Tools - Create and format hard disk partitions).\n\nგაითვალისწინეთ, რომ ეს ოპერაციული სისტემის მოთხოვნაა. - VeraCrypt-ის ტომის მიერთება - VeraCrypt-ის ყველა ტომის გამოერთება - VeraCrypt-მა ვერ მოიპოვა ადმინისტრატორის პრივილეგიები. - ოპერაციულ სისტემასთან წვდომა არ არის.\n\nშესაძლო მიზეზებია: ოპერაციული სისტემა მოითხოვს, რომ გქონდეთ ჩაწერა/წაკითხვის უფლებები (ან ადმინისტრატორის პრივილეგიები) გარკვეულ ფოლდერებზე, ფაილებზედა მოწყობილობებზე, რათა წაიკითხოთ/ჩაწეროთ მათზე. ჩვეულებრივ, მომხმარებელს (ადმინისტრატორის პრივილეგიების გარეშე) უფლება აქვს წაიკითხოს, შექმნას და ჩაწეროს საკუთარ My Documents ფოლდერში. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - VeraCrypt ჩატვირთვის მოდული საჭიროებს მინიმუმ 32კბ თავისუფალ სივრცეს სისტემური დისკის დასაწყისში. სამწუხაროდ, თქვენი დისკი ამ პირობებს ვერ აკმაყოფილებს.\n\nგთხოვთ, ნუ ჩათვლით ამას VeraCrypt-ის შეცდომად. ამ პრობლემის აღმოსაფხვრელად, ხელახლა დაყავიტ თქვენი დისკი და დატოვეთ პირველი 32კბ თავისუფალი სივრცე (როგორც წესი, უბრალოდ წაშალეთ და თავიდან შექმენით პირველი განაყოფი). რეკომენდებულია Microsoft partition manager-ის გამოყენება, რომელიც Windows-ის ინსტალაციის დროს შეგხვდებათ. - ეს ფუნქცია ამ ოპერაციულ სისტემის ვერსიასთან თავსებადი არ არის. - VeraCrypt-ის ეს ვერსიას არ აქვს ამ ოპერაციულ სისტემის ვერსიაში სისტემური განაყოფის/მოწყობილობის შიფრაციის მხარდაჭერა. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - თქვენს სისტემურ დისკს GUID განაყოფთა ცხრილი (GPT). ამჟამად მხოლოდ MBR განაყოფთა ცხრილებია თავსებადი. - VeraCrypt-ის საწყისი ჩამტვირთავი ამ სისტემურ დისკზე უკვე ინსტალირებულია!\n\nშესაძლებელია თქვენს სისტემაში არსებული სხვა ოპერაციული სისტემა უკვე დაშიფრულია.\n\nგაფრთხილება: მიმდინარე სისტემის შიფრაციის მცდელობამ შესაძლოა გამოიწვიოს სხვა სისტემის ჩატვირთვის შეუძლებლობა და მისი მონაცემების დაკარგვა.\n\nნამდვილად გსურთ გაგრძელება? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - სისტემის ორიგინალი ჩამტვირთი არ შეინახება აღმდგენ დისკზე (შესაძლო მიზეზი: დაკარგულია სარეზერვო ფაილი). - MBR სექტორის ჩაწერა ჩაიშალა.\n\nთქვენი BIOS შესაძლოა ჩაწერისაგან იცავს MBR სექტორს. შეამოწმეთ BIOS-ის პარამეტრები. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - თქვენი სისტემური განაყოფი/დისკი მთლიანად დაშიფრულია. - VeraCrypt-ს არ აქვს იმ სისტემური დისკის შიფრაციის მხარდაჭერა, რომელიც გარდაიქმნა დინამიურ დისკად - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - გსურთ სისტემური განაყოფის შიფრაცია, ნაცვლად მთელი დისკის შიფრაციისა?\n\n თქვენ შეგიძლიათ შექმნათ განაყოფზე დაფუძნებული ტომები დისკზე არსებულ არასისტემურ განაყოფებზე. - რადგან თქვენი სისტემური დისკი მოიცავს მხოლოდ ერთ განაყოფს, რომელიც მთელ დისკს იკავებს, უმჯობესია (უფრო დაცულია) დაშიფროთ მთელი დისკი თავისუფალი სივრცის ჩათვლით.\n\nგსურთ მთელი სისტემური დისკის დაშიფრვა? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - სისტემის შიფრაციისათვის ეს ალგორითმი ჯერჯერობით არათავსებადია. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - გაფრთხილება: VeraCrypt ვერ აღადგენს კლავიატურის ორიგინალ განლაგებას. ამან შესაძლოა პაროლის არასწორი შეტანა გამოიწვიოს. - შეცდომა: VeraCrypt-ისთვის კლავიატურის სტანდარტული US განლაგების დაყენება ვერ ხერხდება.\n\nპაროლი შეტანილ უნდა იქნას ჩატვირთვის პროცესში (Windows-ის სტარტამდე), როდესაც არა-US განლაგების ჩართვა შეუძლებელია. ამიტომ პაროლი აკრეფილნ უნდა იქნას კლავიატურის სტანდარტული US განლაგებით. - VeraCrypt-მა კლავიატურის განლაგება დროებით სტანდარტულ US განლაგებაზე შეცვალა, ამიტომ სიმბოლოების აკრეფა მარჯვენა Alt კლავიშის დაჭერით შეუძლებელია. თუმცა ამ სიმბოლოების უმეტესობა შეგიძლიათ აკრიფოთ Shift კლავიშის დაჭერით. - VeraCrypt-მა დაბლოკა კლავიატურის განლაგების შეცვლა. - შენიშვნა: პაროლი შეტანილ უნდა იქნას ჩატვირეთვის დროს (Windows-ის სტარტამდე), სადაც არა-US კლავიატურის განლაგებები გამორთულია. ამიტომ პაროლი ყოველთვის სტანდარტული US განლაგებით უნდა იქნას შეტანილი. თუმცა, რეალური US კლავიატურის ქონა აუცილებელი არ არის. VeraCrypt ავტომატურად უქზრუნველყოფს პაროლის სწორად შეტანას ყველა შემთხვევაში. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - შეცდომა: სისტემის შიფრაციის პარამეტრების შენახვა შეუძლებელია. - სისტემის შიფრაციისწინა ტესტის ინიციირება შეუძლებელია. - Cannot initiate the process of creation of the hidden operating system. - წაშლის რეჟიმი - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - არანაირი (უსწრაფესი) - 1-გზის (random data) - 3-გზის (US DoD 5220.22-M) - 7-გზის (US DoD 5220.22-M) - 35-გზის ("Gutmann") - 256-გზის - ოპერაციული სისტემების რაოდენობა - გაფრთხილება: გამოუცდელი მომხმარებლისათვის არარეკომენდებულია Windows-ის შიფრაცია მრავალ-ჩატვირთვად კონფიგურაციაში.\n\nგავაგრძელოთ? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - ჩამტვირთი დისკი - მიმდინარე ოპერაციული სისტემა ინსტალირებულია ჩამტვირთ დისკზე?\n\nშენიშვნა:ზოგჯერ Windows არ არის ინსტალირებული იმავე დისკზე, საიდანაც იტვირთება. თუ ეს ის შემთხვევაა, აირჩიეთ "არა". - VeraCrypt-ს ამჟამად არ აქვს იმ ოპერაციული სისტემების შიფრაციის მხარდაჭერა, რომლებიც ინსტალირებულია არაჩამტვირთავ დისკზე. - სისტემური დისკების რაოდენობა - რამდენი დისკი მოიცავს ოპერაციულ სისტემას?\n\nშენიშვნა: მაგ., თუ გაქვთ რომელიმე ოპერაციული სისტემა (Windows, Mac OS X, Linux, ა.შ.) ინსტალირებული პირველად დისკზე, და დამატებით ოპერაციული სისტემა ინსტალირებული მეორად დისკზე, აირჩიეთ "2 ან მეტი". - VeraCrypt-ს არ აქვს მხარდაჭერა დისკებისა, რომლებიც მოიცავენ რამდენიმე ოპერაციულ სისტემას.\n\nშესაძლო გამოსავალი:\n\n- შეგიძლიათ დაშიფროთ რომელიმე სისტემა, თუ დაბრუნდებიტ უკან და აირჩევთ მხოლოდ ერთ სისტემურ განაყოფს (მთელი დისკის დაშიფვრის ნაცვლად).\n\n- შეგიძლიათ დაშიფროთ მთელი დისკი, თუ დისკზე დატოვებთ მხოლოდ ერთ ოპერაციულ სისტემას, ხოლო დანარჩენებს სხვაგან გადაიტანთ. - რამდენიმე ოპერაციული სისტემა ერთ დისკზე - იმავე დისკზე, რომელზეც მიმდინარე ოპერაციული სისტემაა ინსტალირებული, არის თუ არა სხვა ოპერაციული სისტემები?\n\nშენიშვნა: თუ მაგ. მიმდინარე ოპერაციული სისტემა ინსტალირებულია დისკზე #0, რომელიც მოიცავს რამდენიმე განაყოფს, და რომელიმე განაყოფზე ინსტალირებულია სხვა ოპერაციული სისტემა (Windows, Mac OS X, Linux, ა.შ.), დაწკაპეთ "დიახ". - არა-Windows-ის საწყისი ჩამტვირთი - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - მრავალ-ჩამტვირთი - VeraCrypt-ს არ აქვს მრავალ-ჩამტვირთი კონფუგურაციის მხარდაჭერა, როდესაც MBR-ზე ინსტალირებულია არა-Windows-ის ჩამტვირთი მოდული.\n\nშესაძლო გამოსავალი:\n\n- თუ იყენებთ ჩატვირთვის მენეჯერს Windows-ის და Linux-ის ჩასატვირთად, ჩატვირთვის მენეჯერი (GRUB) გადაიტანეთ MBR-დან განაყოფში. შემდეგ გაუშვით ეს ოსტატი ხელახლა და დაშიფრეტ სისტემური განაყოფი/დისკი. VeraCrypt-ის ჩამტვირთი მოდული გახდება მთავარი ჩამტვირთი მოდული და იგი მოგცემთ საშუალებას გაუშვათ ორიგინალი ჩამტვირთი (GRUB) როგორც მეორადი ჩატვირთვის მენეჯერი (Esc დაჭერით VeraCrypt-ის ჩამტვირთის ეკრანზე) და ამდენად ჩატვირთოთ Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - ფარული სექტორების აღმოჩენა - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - დასაშიფრი არეალი - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - შემთხვევითი მონაცემების შეგროვება - გასაღები გენერირებულია - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - აღდგენი დისკის ჩაწერა - აღმდგენი დისკი შეიქმნა. - სისტემის შიფრაციისწინა ტესტი - აღმდგენი დისკი შემოწმებულია - \nVeraCrypt-ის აღმდგენი დისკი წარმატებით შემოწმდა. გამოიღეთ იგი და შეინახეთ დაცულ ადგილზე.\n\nდაწკაპეთ "შემდეგი" გასაგრძელებლად. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - გაფრთხილება: ჩატვირთვისწინა გარემოს ტექნიკური შეზღუდულობის გამო, VeraCrypt-ის მიერ გამოტანილი ტექსტი ვერ იქნება ლოკალიზებული. VeraCrypt ჩამტვირთი მოდულის ინტერფეისი მთლიანად ინგლისურ ენაზეა.\n\nგავაგრძელოთ? - სისტემური განაყოფის ან დისკის შიფრაციის წინ, VeraCrypt შეამოწმებს მუშაობის გამართულობას.\n\n"ტესტი"-ს დაწკაპუნების შემდეგ, ყველა საჭირო კომპონენტი (მაგ. VeraCrypt ჩამტვირთი მოდული) დაინსტალირდება და კომპიუტერი დარესტარტდება. VeraCrypt ჩატვირთვის მოდულის ეკრანზე შეიტანეთ სწორეი პაროლი. Windows-ის ჩატვირთვის შემდეგ ავტომატურად იქნება გამოტანილი ინფორმაცია საწყისი ტესტირების შესახებ.\n\nმოდიფიცირებული იქნება შემდეგი მოწყობილობა: დისკი #%d\n\n\nთუ დაწკაპებთ ღილაკს "უარი", მაშინ ინსტალაცია არ მოხდება და საწყისი ტესტი არ გაეშვება. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - ტესტი დასრულებულია - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - გსურთ სისტემის შიფრაციისწინა ტესტირების შეწყვეტა? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - სისტემური განაყოფი/დისკი არ არის დაშიფრული (ნაწილობრივ ან მთლიანად). - სისტემური განაყოფი/დისკი დაშიფრულია (ნაწილობრივ ან მთლიანად).\n\nგაგრძელებამდე გთხოვთ, დეშიფრაცია გაუკეთოთ მთლიანად სისტემურ განაყოფს/დისკს. ამისათვის, აირჩიეთ პროგრამის მენიუში "სისტემა" > "სისტემური განაყოფის/დისკის სამუდამო დეშიფრაცია". - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - ამჟამად მიმდინარეობს სისტემური განაყოფის/დისკის შიფრაცია, დეშიფრაცია ან სხვა სახის მოდიფიცირება. ვიდრე გააგრძელებთ, გთხოვთ შეწყვიტოთ ეს პროცესი (ან მოიცადოთ მის დასრულებამდე). - VeraCrypt ტომის შექმნის ოსტატი უკვე გაშვებულია და ახდენს სისტემური განაყოფის/მოწყობილობის შიფრაცია/დეშიფრაციას. გაგრძელებამდე, გთხოვთ მოიცადოთ მის დასრულებამდე ან დახურეთ იგი. თუ იგი არ იხურება, ვიდრე გააგრძელებთ, გთხოვთ დაარესტარტოთ კომპიუტერი. - სისტემური მოწყობილობის/განაყოფის შიფრაციის ან დეშიფრაციის პროცესი არ დასრულებულა. გთხოვთ მოიცადოთ მის დასრულებამდე. - შეცდომა: განაყოფის/დისკის შიფრაცია არ დასრულებულა. ჯერ ეს პროცესი უნდა დასრულდეს. - Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - შეცდომა: არასწორი პარამეტრი. - თქვენ აირჩიეთ განაყოფი ან მოწყობილობა, მაგრამ ოსტატის არჩეული რეჟიმი გამოდგება მხოლოდ ფაილ-კონტეინერებისათვის.\n\nგსურთ შეცვალოთ ოსტატის რეჟიმი? - გსურთ ამის ნაცვლად შექმნათ VeraCrypt-ის ფაილ-კონტეინერი? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - ნამდვილად გსურთ სისტემური განაყოფის/დისკის სამუდამო დეშიფრაცია? - გაფრთხილება: თუ სამუდამოდ გაშიფრავთ სისტემურ განაყოფს/დისკს, მასზე ჩაიწერება დაუშიფრავი მონაცემები.\n\nნამდვილად გსურთ სისტემური განაყოფის/დისკის სამუდამო დეშიფრაცია? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - თუ რომელიმე ზემოთ აღწერილი პრობლემა შეგხვდათ, განაყოფს/დისკს გაუკეთეთ დეშიფრაცია და შემდეგ დაშიფრეტ არაკასკადური შიფრების გამოყენებით (მაგ. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - VeraCrypt ჩამტვირთი მოდული განახლდა.\n\nრეკომენდებულია შექმნათ VeraCrypt-ის ახალი აღმდგენი დისკი (რომელშიც ჩამტვირთი მოდულის ახალი ვერსია იქნება), აირჩიეთ მენიუში "სისტემა">"აღმდგენი დისკის შექმნა" კომპიუტერის რესტარტის შემდეგ. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - VeraCrypt-ის ჩამტვირთი მოდულის განახლება ჩაიშალა. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - გაფრთხილება: როგორც ჩანს, VeraCrypt-მა უკვე სცადა სისტემურ დისკზე ფარული სექტორების მოძიება. თუ ამ პროცესის დროს პრობლემები შეგექმნათ, მაშინ შეგიძლიათ გამოტოვოთ ძიების პროცესი. VeraCrypt გამოიყენებს ოპერაციული სისტემის მიერ მითითებულ დისკის ზომას (რაც რეალურ ზომაზე ნაკლები შეიძლება იყოს).\n\nეს VeraCrypt-ის რაიმე შეცდომით არ არის გამოწვეული. - გამოტოვეთ ფარული სექტორების ძიება (გამოიყენეთ ოპერაციული სისტემის მიერ მითითებული ზომა) - ფარული სექტორების ძიების განმეორება - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - აღმდგენი დისკი - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - ტესტი - გასაღების ფაილი - Backspace - Tab - გასუფთავება - Enter - Pause - Caps Lock - ჰარი - Page Up - Page Down - End - Home - ისარი მარცხნივ - ისარი მაღლა - ისარი მარჯვნივ - ისარი დაბლა - არჩევა - ბეჭდვის ღილაკი - შესრულების ღილაკი - Print Screen - Insert - Delete - პროგრამების ღილაკი - Sleep - Num Lock - Scroll Lock - ბრაუზერი - უკან - ბრაუზერი - წინ - ბრაუზერი - განახლება - ბრაუზერი - შეჩერება - ბრაუზერი - ძებნა - ბრაუზერი - რჩეული - ბრაუზერი - საწყისი გვერდი - ხმა - ხმის დაკლება - ბრაუზერი - ხმის მომატება - შემდეგი ტრეკი - წინა ტრეკი - სტოპი - გაშვება/პაუზა - ფოსტის კლავიშა - მატარებლის არჩევის ღილაკი - პროგრამა 1 - პროგრამა 2 - Attn - CrSel - ExSel - გაშვება - ზომა - NumPad - Shift - Control - Alt - Win - - კბ - მბ - გბ - ტბ - პბ - ბ/წმ - კბ/წმ - მბ/წმ - გბ/წმ - ტბ/წმ - პბ/წმ - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + უარი + დაუყენე ყველა უზერს + ძებნა... + VeraCrypt-ის ხატულა სამუშაო ეკრანზე + Donate now... + დააკავშირე .hc გაფართოება VeraCrypt-თან + დასრულებისას გახსენი მისამართი + VeraCrypt-ის Start მენიუში ჩამატება + სისტემის აღდგენის წერტილის შექმნა + წაშლა + დეარქივაცია + ინსტალაცია + VeraCrypt-ის ინსტალაციის ოსტატი + VeraCrypt დეინსტალაცია + დახმარება + გთხოვთ, აირჩიოთ მისამართი, სადაც მოხდება ფაილების დეარქივაცია: + გთხოვთ, აირჩიოთ მისამართი, სადაც მოხდება პროგრამის ინსტალაცია. თუ ეს ფოლდერი არ არსებობს, იგი ავტომატურად შეიქმნება. + სისტემიდან VeraCrypt-ს წასაშლელად დააჭირეთ Uninstall-ს. + შეწყვეტა + &Benchmark + ტესტირება + Create encrypted volume and format it + Encrypt partition in place + გენერირებული გასაღებების (მათი ნაწილების) ჩვენება + პულის ჩვენება + CD/DVD ჩამწერი პროგრამების ჩამოტვირთვა + Create an encrypted file container + &GB + &TB + More information + VeraCrypt-ის ფარული ტომი + ფარული ტომების შესახებ დამატებითი ინფორმაცია + პირდაპირი რეჟიმი + ნორმალური რეჟიმი + კბ + გასაღების ფაილები + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + ფაილები + ჰეშ-ალგორითმების შესახებ + დამატებით ინფორმაცია + Information on PIM + მბ + დამატებით ინფორმაცია + დამატებით ინფორმაცია სისტემის შიფრაციის შესახებ + დამატებით ინფორმაცია + Multi-boot + Encrypt a non-system partition/drive + არ იქნას შენახული ისტორია + გარე ტომის გახსნა + პაუზა + Use P&IM + Use PIM + სწრაფი ფორმატირება + პაროლის ჩვენება + &Display password + &Display PIM + Single-boot + VeraCrypt-ის სტანდარტული ტომი + Hi&dden + Normal + სისტემური განაყოფის ან სისტემური დისკის შიფრაცია + Windows-ის სისტემური განაყოფის შიფრაცია + მთლიანი დისკის შიფრაცია + VeraCrypt-ის ტომის შექმნის ოსტატი + კლასტერი + მნიშვნელოვანია: ამოძრავეთ მაუსი რაც შეიძლება რთული ტრაექტორიით და დიდხანს. ეს აამაღლებს შიფრაციის გასაღებების კრიპტოგრაფიული დაცულობის დონეს. შემდეგ დააჭირეთ "შემდეგ"-ს გასაგრძელებლად. + დაამოწმეთ: + მზადაა + Drive letter: + შიფრაციის ალგორითმი + ფაილური სისტემა + ქმნის დაშიფრულ ტომს ფაილის შიგნით. რეკომენდებულია გამოუცდელი მომხმარებლისათვის. + ოფციები + ჰეშ-ალგორითმი + სათაურის გასაღები: + კიდევ + მთავარი გასაღები: + აირჩიეთ ეს ოფცია, თუ კომპიუტერზე ინსტალირებულია ორი ან მეტი ოპერაციული სისტემა.\n\nმაგ.:\n- Windows XP და Windows XP\n- Windows XP და Windows Vista\n- Windows და Mac OS X\n- Windows და Linux\n- Windows, Linux და Mac OS X + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + პულის მიმდინარე შიგთავსი (ნაწილობრივი) + Pass + პაროლი: + Volume PIM: + Volume PIM: + პროგრესი: + შემთხვევითი: + აირციეთ ეს ოფცია, თუ კომპიუტერზე ინსტალირებულია მხოლოდ ერთი ოპერაციული სისტემა (თუნდაც რამდენიმე მპომხმარებლით). + სიჩქარე + სტატუსი + გასაღებები, "მარილი", და სხვა მონაცემები წარმატების იქნა გენერირებული. თუ ახალი გასაღებების შექმნა გსურთ, დააჭირეთ "უკან" და "შემდეგ"-ს. სხვა შემთხვევაში გასაგრძელებლად დააჭირეთ "შემდეგ"-ს. + Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + წაშლის რეჟიმი: + დახურვა + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + უმოქმედო + VeraCrypt ტომის ავტომიერთება (მითითებულის) + VeraCrypt-ის გაშვება + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + დათვალიერება... + დათვალიერება... + პაროლების/გასაღების ფაილების ქეშირება + გასვლა, მიერთებული ტომების არარსებობისას + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + VeraCrypt ტომების შექმნის ოსტატით + შექმნა + ტომის შექმნა + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + გასაღების ფაილები + გასაღების ფაილები + გასვლა + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + დანიშვნა + წაშლა + ფაილები + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + ავტომიერთება + ოფციები + ტომის მიერთება მხოლოდ კითხვისთვის + გასაღების ფაილები + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + ჩართულია + პაროლების ქეშირება მეხსიერებაში + ტომის ავტოგამოერთება უმოქმედობისას + სეანსების დასრულება + User session locked + ენერგოშენახვის რეჟიმში შესვლისას + Screen Saver-ის ჩართვისას + ტომის ავტოგამოერთება გახსნილი ფაილების/ფოლდერების დროს + ყველა ტომის მიერთება მოწყობილობაზე + Start VeraCrypt Background Task + ტომის მიერთება მხოლოდ კითხვისათვის + მიერთება გარე მოწყობილობის სახით + წარმატებული მიერთების შემთხვევაში Explorer-ის გახსნა + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + პაროლების ქეშის წაშლა ავტოგამოერთებისას + პაროლების ქეშის წაშლა გასვლისას + Preserve modification timestamp of file containers + საწყისი + მოწყობილობა + ფაილი + Select &Library... + პაროლის ჩვენება + პაროლის ჩვენება + მიერთებული ტომის Explorer-ის ფანჯარაში გახსნა + პაროლის ქეშირება დრაივერის მეხსიერებაში + TrueCrypt Mode + ყველას გამოერთება + ტომის პარამეტრები + ოპერაციები + ქეშის წაშლა + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - საერთოსისტემური ცხელი კლავიშები + VeraCrypt + პაროლის ან გასაღების ფაილების შეცვლა + შეიტანეთ VeraCrypt-ის ტომის პაროლი + VeraCrypt - Performance and Driver Options + VeraCrypt - პარამეტრები + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + VeraCrypt-ის "მოგზაური დისკი"-ს შექმნა + VeraCrypt-ის ტომის მახასიათებლები + პროგრამის შესახებ + ტომიდან გასაღების ფაილის დამატება/წაშლა + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + ტომის სათაურის სარეზერვო ასლის შექმნა + სიჩქარის ტესტი + სათაურის გასაღების დერივაციის ალგორითმი + ტომის პაროლის შეცვლა + სათაურის გასაღების დერივაციის ალგორითმი + პაროლის შეცვლა + ტომების ისტორიის წაშლა + Close All Security Token Sessions + კავშირი ავტორებთან + Create Hidden Operating System... + აღმდგენი დისკის შექმნა + ახალი ტომის შექმნა + Permanently Decrypt... + გასაღების ფაილები (საწყისი) + Default Mount Parameters... + Donate now... + სისტემური განაყოფის/დისკის შიფრაცია + ხშირად დასმადი კითხვები + მომხმარებლის სახელმძღვანელო + ვებ-გვერდი + ცხელი კლავიშები + გასაღების ფაილების გენერატორი + ენა (language) + იურიდიული ინფორმაცია + Manage Security Token Keyfiles... + მოწყობილობის ბაზაზე ყველა ტომის ავტომიერთება + რჩეული ტომების მიერთება + მიერთება ჩატვირთვისწინა აუთენტიფიკაციის გარეშე + ტომის მიერთება + ტომის მიერთება პარამეტრებით + სიახლეები + დახმარება ინტერნეტში + სახელმძღვანელო დამწყებთათვის + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + სისტემური განაყოფის/დისკის სამუდამოდ დეშიფრაცია + პარამეტრები + დისკების ასოების განახლება + ტომიდან ყველა გასაღების ფაილების წაშლა + ტომის სათაურის აღდგენა + Resume Interrupted Process + მოწყობილობის არჩევა + ფაილის არჩევა + შეწყვეტილი პროცესის გაგრძელება + System Encryption... + Properties... + Settings... + System Favorite Volumes... + ჩატვირთვა + ვექტორების გენერირების ალგორითმების ტესტი + Security Tokens... + მოგზაური დისკის შექმნა + ყველა ტომის გამოერთება + ტომის გამოერთება + აღმდგენი დისკის შემოწმება + Verify Rescue Disk ISO Image + ვერსიების ისტორია + Volume Expander + ტომის მახასიათებლები + ტომების შექმნის ოსტატი + veracrypt.codeplex.com + პაროლების ქეშის წაშლა + დიახ + Hardware Acceleration + სწრაფი გამოძახების კლავიში + ავტოგაშვების ფაილის (autorun.inf) გამართვა + ავტოგამოერთება + ყველა ტომის გამოერთება: + Boot Loader Screen Options + დაადასტურეთ: + მიმდინარე + Display this custom message in the pre-boot authentication screen (24 characters maximum): + ტომების მიერთების საწყისი პარამეტრები + დამატებითი პარამეტრები + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + ფაილური პარამეტრები + კლავიში: + Processor (CPU) in this computer supports hardware acceleration for AES: + მოქმედებები Windows-ში შესვლის დროს + წთ + დისკის ასო: + VeraCrypt-ის ტომის მიერთების პარამეტრები + ახალი + პაროლი: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + პაროლების ქეშირება (დამახსოვრება) + Security Options + VeraCrypt-ის მუშაობა ფონურ რეჟიმში + VeraCrypt-ის მისაერთებელი ტომი (დისკის ძირეულ კატალოგთან მიმართებით): + მოგზაური დისკის მიერთებისას: + მოგზაური დისკის შექმნა მისამართზე: + ტომი + ფანჯრები + ფოლდერი + ყველას ავტოტესტი + &Continue + დეშიფრაცია + &Delete + შიფრაცია + &Export... + ფაილის შექმნა და შენახვა + შემთხვევითი გასაღების ფაილი + ენის მოდულის ჩამოტვირთვა საიტიდან + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + გასაღების ფაილები + გასაღების ფაილები + წაშლა + ყველას წაშლა + რას ნიშნავს "ფარული ტომების დაცვა"? + More information on keyfiles + ტომის მიერთება როგორც მობილური დისკისა + განაყოფის მიერთება სისტემური დაშიფრვით, ჩატვირთვისწინა აუთენტიფიკაციის გარეშე + Parallelization: + ტესტი + ბეჭდვა + ფარული ტომის დაცვა გარე ტომში ჩაწერის შედეგად დაზიანებისაგან + განულება + პაროლის ჩვენება + Add &Token Files... + Use backup header embedded in &volume if available + XTS რეჟიმი + VeraCrypt-ის შესახებ + VeraCrypt - შიფრაციის ალგორითმის სისწრაფის ტესტი + VeraCrypt - ვექტორების გენერირების ტესტი + დახმარება ბრძანებების სტრიქონთან დაკავშირებით + VeraCrypt - გასაღების ფაილები + VeraCrypt - გასაღების ფაილების გენერატორი + VeraCrypt - ინტერფეისის ენა + VeraCrypt - მიერთების პარამეტრები + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + აირჩიეთ განაყოფი ან მოწყობილობა + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + ინფორმაცია არჩეული ენის მოდულის შესახებ + სისწრაფეზე გავლენას ახდენს ცპ-ს დატვირთვა და შენახვის მოწყობილობების მახასიათებლები.\n\nეს ტესტები სრულდება ოპერატიულ მეხსიერებაში. + ბუფერი: + შიფრი: + ფარული ტომის პაროლი:\n(ქეშიდან, თუ ცარიელია) + ფარული ტომის დაცვა + გასაღების სიგრძე: + მნიშვნელოვანია: ამოძრავეთ მაუსი რაც შეიძლება რთული ტრაექტორიით და დიდხანს. ეს აამაღლებს გასაღების ფაილის კრიპტოგრაფიული დაცულობის დონეს. + !!!გასაღების ფაილის დაკარგვის ან პირველი 1024კბ დაზიანების შემდეგ, ტომების მიერთება შეუძლებელი იქნება! + ბიტი + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + თარგმანის ავტორი: + ზომა: + ბიტი + პულის მიმდინარე შიგთავსი: + გამეორების მიქშერი: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + მეორადი გასაღები (თექვსმეტობითი) + Security token: + სორტირება: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + ბლოკის ნომერი: + დაშიფრული ტექსტი (თექვსმეტნიშნა) + მონაცემთა ერთეულის ნომერი (64-ბიტი თექვსმეტობითი, ერთეულის ზომაა 512 ბაიტი) + გასაღები (თექვსმეტნიშნა) + ღია ტექსტი (თექვსმეტნიშნა) + Keyfile name: + XTS რეჟიმი + სისტემა + ტომები + Favor&ites + ინსტრუმენტები + Settin&gs + დახმარება + ვებ-გვერდი + + პროგრამის შესახებ + ძველი ტომიდან "მხოლოდ კითხვა" ატრიბუტის მოხსნა არ ხერხდება. შეამოწმეთ, წვდომადია თუ არა ფაილი. + შეცდომა! წვდომა არ არის.\n\nგანაყოფს, რომელსაც მიმართავთ, სექტორის ზომა აქვს 0, ან ეს ჩამტვირთავი მოწყობილობაა. + Administrator + VeraCrypt-ის დრაივერის ჩასატვირთად სისტემაში ადმინისტრატორის უფლებებით უნდა იყოთ შესული + განაყოფის/მოწყობილობის შიფრაციისათვის/ფორმატირებისათვის სისტემაში ადმინისტრატორის უფლებებით უნდა იყოთ შესული.\n\n ეს არ ეხება ტომებს ფაილის ბაზაზე. + ფარული ტომის შექმნისათვის სისტემაში ადმინისტრატორის უფლებებით უნდა იყოთ შესული.\n\nგავაგრძელო? + ტომის NTFS ფორმატირებისათვის სისტემაში ადმინისტრატორის უფლებებით უნდა იყოთ შესული.\n\nამის გარეშე ტომის ფორმატირება შესაძლებელია მხოლოდ როგორც FAT + FIPS-ის მიერ დამტკიცებული შიფრი (Rijndael, გამოქვეყნდა 1998წ), გამოიყენება სახელმწიფო უწყებებში ზესაიდუმლო ინფორმაციის დასაცავად. 256-ბიტი გასაღები, 128-ბიტი ბლოკი, 14 რაუნდი (AES-256). ქმედების რეჟიმი-XTS. + ტომი უკვე მიერთებულია. + ყურადღება: შიფრაციის ან ჰეშირების ერთერთმა ალგორითმმა ავტომატური თვითტესტირება ვერ გაიარა.\n\nშესაძლებელია დაზიანებულია VeraCrypt-ის ინსტალაცია. + ყურადღება: შემთხვევითი რიცხვების გენერატორის პულში არასაკმარისი მონაცემებია შემთხვევითი ინფორმაციის გენერირებისათვის.\n\nგთხოვთ აღნიშნული შეცდომა აცნობოთ პროგრამის ავტორებს. + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + დისკის არასწორი ასო. + არასწორი მისამართი. + უარი + მოწყობილობასთან წვდომა არ არის. შეამოწმეთ, მითითებული მოწყობილობა არსებობს თუ არა და ხომ არ არის დაკავებული. + ყურადღება! ჩართულია კლავიში Caps Lock. შესაძლოა ამან პაროლის არასწორი შეტანა გამოიწვიოს. + ტომის ტიპი + შეიძლება ვინმემ გამოგძალოთ დაშიფრული ტომის პაროლი. არსებობს მრავალი სიტუაცია, როდესაც უარს ვერ იტყვით პაროლის გაცემაზე (მაგ. გამოძალვა). ე.წ. ფარული ტომების გამოყენება ასეთ სიტუაციებში საშუალებას მოგცემთ დაიცვათ თქვენი საიდუმლო ინფორმაცია. + აირჩიეთ ეს ოფცია, თუ გსურთ VeraCrypt-ის ჩვეულებრივი ტომის შექმნა. + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + გარე ტომის შიფრაცია + ფარული ტომის შიფრაცია + შიფრაციის პარამეტრები + ყურადღება: ბოლო არჩეული ტომის ან გასაღების ფაილის მისამართის წაშლის შეცდომა. + შეცდომა: კონტეინერი შეკუმშულია ფაილური სისტემის დონეზე. VeraCrypt მხარ არ უჭერს კონტეინერის შეკუმშვას (დაშიფრული მონაცემების შეკუმშვა არაეფექტურია).\n\nგამორთეთ კონტეინერის კუმშვა, შემდეგი ინსტრუქციით: 1) კონტეინერზე მაუსის მარჯვენა ღილაკით დაწკაპეთ 2) აირჩიეთ მენიუ Properties.3) დიალოგურ ფანჯარაში Properties დააჭირეთ ღილაკს Advanced 4) დიალოგურ ფანჯარაში Advanced გამორთეთ ატრიბუტიი "Compress contents to save disk space" დააჭირეთ ღილაკს OK'. 5) დააჭირეთ ღილაკს OK დიალოგურ ფანჯარაში Properties. + %s ტომის შექმნის შეცდომა + %s-ის ზომა - %.2f ბაიტი + %s-ის ზომა - %.2f კბ + %s-ის ზომა - %.2f მბ + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + ყურადღება: მოწყობილობა/განაყოფი გამოიყენება ოპერაციული სისტემის ან პროგრამის მიერ. ფორმატირებამ შეიძლება გამოიწვიოს მონაცემთა დაკარგვა ან სისტემის არასტაბილურობა.\n\nგსურთ გაგრძელება? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + შეცდომა: მოწყობილობა/განაყოფი შეიცავს ფაილურ სისტემას, რომლის გამოერთებაც შეუძლებელია. ეს ფაილური სისტემა შესაძლოა გამოიყენება ოპერაციული სისტემის მიერ. მოწყობილობა/განაყოფის ფორმატირება გამოიწვევს მონაცემთა დაკარგვას და სისტემის არასტაბილურობას.\n\n პრობლემის გადასაჭრელად რეკომენდირებულია ამ განაყოფის გაუქმება, შემდეგ მისი კვლავ შექმნა ფორმატირების გარეშე. ინსტრუქცია: 1) მაუსის მარჯვენა ღილაკით დაწკაპეთ ხატულაზე "My computer" და აირჩიეთ მენიუ "Manage". 2) ფანჯარაში "Computer Management" აირჩიეთ "Storage"> "Disk Management". 3) მაუსის დაწკაპეთ იმ განაყოფზე, რომლის დაშიფრვაც გსურთ და აირჩიეთ ან "Delete Partition" ან "Delete volume" ან Delete logical volume". 4) დაწკაპეთ "Yes". 5) მაუსის მარჯვენა ღილაკით დაწკაპეთ დისკის ცარიელ ადგილზე (წარწერით "Unmounted") და აირჩიეთ "ძირითადი განაყოფი", "დამატებითი განაყოფი" ან "ლოგიკური დისკი". 6) გამოჩნდება განაყოფებისა და ტომების შექმნის ოსტატი, მიყევით მის ინსტრუქციებს. 7) დამხმარის გვერდზე სახელით "Formatting Partition" აირჩიეთ "Do not format partition" ან "Do not format volume". დაწკაპეთ "Next". 8) დაწკაპეთ "Finish". 9) VeraCrypt-ში ხელახლა სცადეთ ამ მოწყობილობის/განაყოფის დაშიფრვა.\n\nთუ VeraCrypt ისევ უარს იტყვის ამ მოწყობილობის/განაყოფის დაშიფრვაზე,მაშინ მოწყობილობის ბაზაზე კონტეინერის ნაცვლად შექმენით ფაილური კონტეინერი. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + ყურადღება მიერთებული მოწყობილობები/განაყოფებიდან ზოგიერთი უკვე გამოიყენება.\n\nმის იგნორირებამ შეიძლება გამოიწვიოს არასასურველი შედეგები, სისტემის არასტაბილურობის ჩათვლით.\n\nრეკომენდებულია დახუროთ ყველა პროგრამა, რომელიც იყენებს ამ მოწყობილობას/განაყოფს. + მითითებული მოწყობილობა შეიცავს განაყოფებს.\n\n მოწყობილობის ფორმატირებამ შეიძლება გამოიწვიოს სისტემის არასტაბილურობა ან/და მონაცემთა დაკარგვა. აირჩიეთ განაყოფი ამ მოწყობილობაზე ან წაშალეთ ყველა განაყოფი, რათა მისცეთ VeraCrypt-ს მოწყობილობის უსაფრთხო ფორმატირების საშუალება + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + დისკზე %s თავისუფალია %.2f ბაიტი + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + დისკის თავისუფალი ასოების მიღება ვერ ხერხდება. + შეცდომა: VeraCrypt-ის დრაივერი ვერ მოიძებნა.\n\nგადაწერეთ ფაილები 'veracrypt.sys' და 'veracrypt-x64.sys' დირექტორიაში, სადაც VeraCrypt-ის პროგრამაა (VeraCrypt.exe) განთავსებული. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + შიფრის ინციალიზაციის შეცდომა. + შეცდომა: სუსტი ან პოტენციურად სუსტი გასაღები! ეს გასაღები არ იქნა მიღებული. გაიმეორეთ. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt-ის კრიტიკული შეცდომა + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + შიფრაცია + დეშიფრაცია + დეშიფრაცია სამუდამოდ + გასვლა + შექმენით ლოგიკური დისკი ამ დამატებით განაყოფზე და გაიმეორეთ. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + აირჩიეთ განლაგება VeraCrypt-ის ტომისათვის, რომელშიც მოთავსდება ფარული ტომი. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + შეცდომა! ტომის მიერთება შეუძლებელია. ფაილი/მოწყობილობა უკვე გამოიყენება. მონოპოლური წვდომის გარეშე მიერთების მცდელობა ასევე წარუმატებლად დასრულდა. + ფაილის გახსნა შეუძლებელია. + ტომის განლაგება + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Note: + გაგრძელება + გადადება + &Start + &Continue + ფორმატირება + &Wipe + გსურთ ფორმატირების შეწყვეტა? + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + სისტემური განაყოფის/მოწყობილობის დეშიფრაცია წარმატებით დასრულდა.. + \n\nVeraCrypt-ის ტომი შექმნილია და გამოყენებისათვის მზადაა. თუ გსურთ სხვა ტომის შექმნა, დააჭირეთ ღილაკს "შემდეგ". + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCrypt-ს ტომი წარმატებით შეიქმნა. + ტომი შექმნილია + მნიშვნელოვანია: ამოძრავეთ მაუსი რაც შეიძლება რთული ტრაექტორიით და დიდხანს. ეს აამაღლებს გასაღების კრიპტოგრაფიული დაცულობის დონეს. შემდეგ დაწკაპეთ "ფორმატირება" ახალი ტომის შესაქმნელად. + დაწკაპეთ "ფორმატირება" გარე ტომის შესაქმნელად. დამატებით ინფორმაციისათვის მიმართეთ დოკუმენტაციას. + გარე ტომის ფორმატირება + ფარული ტომის ფორმატირება + ტომის ფორმატირება + მომხმარებლის სახელმძღვანელოს წასაკითხად/დასაბეჭდად საჭიროა პროგრამა Adobe Reader (ან თავსებადი). Adobe Reader შეიძლება ჩამოტვირთულ იქნას (უფასოდ) საიტიდან www.adobe.com\n\nგსურთ ამის ნაცვლად Online-დოკუმენტაცია იხილოთ? + თუ აირჩევთ ამ ოფციას, ოსტატი დაგეხმარებათ ჯერ ჩვეულებრივი ტომის შექმნაში, ხოლო შემდგომ ფარული ტომის შექმნაში მის შიგნით. გამოუცდელი მომხმარებლებისათვის რეკომენდებულია ამ ოფციის გამოყენება. + თუ აირჩევთ ამ ოფციას, შეიქმნება ფარული ტომი ჩვეულებრივი ტომის შიგნით. იგულისხმება, რომ ეს ჩვეულებრივი ტომი უკვე შექმნილია. + ტომის შექმნის რეჟიმი + ფარული ტომი შექმნილია + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + გარე ტომი შექმნილია და მიერთებულია, როგორც დისკი %hc:. ამ ტომში საჭიროა გადმოიწეროს რაიმე ფაილები, რომლებიც არ შეიცავენ თქვენთვის მნიშვნელოვან რაიმე ინფორმაციას, რათა შეცდომაში შეიყვანოთ უცხო პირი, თუკი ის გარე ტომის პაროლს გამოგძალავთ. ამ შემთხვევაში თქვენ მას გადასცემთ მხოლოდ გარე, და არა ფარული ტომის, პაროლს. ფაილები, თქვენთვის ნამდვილად ღირებული ინფორმაციით, შეინახება ფარულ ტომზე. როდესაც მორჩებით ფაილების გადმოწერას,დააჭირეთ "შემდეგ"-ს'. არ გამოაერთოთ ეს ტომი. შენიშვნა: "შემდეგ"-ზე დაჭერა გაუშვებს გარე ტომის კლასტერების რუკის სკანირების პროცესს, უწყვეტი თავისუფალი სივრცის გამოსავლენად, რომლის დაბოლოება ახალი ტომის დაბოლოება გახდება. ეს მონაკვეთი გამოყენებულ იქნება ფარული ტომის განსათავსებლად, ანუ მისი ზომით განისაზღვრება ფარული ტომის მაქსიმალური მოცულობა. კლასტერების რუკის სკანირება იმის გარანტია, რომ გარე ტომის მონაცემები არ დაზიანდება ფარული ტომში მომხდარი ჩანაწერების შედეგად. + გარე ტომის მონაცემები + \n\nშემდგომ ეტაპებზე მიუთითეთ გარე ტომის პარამეტრები + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + გარე ტომი + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nტომის კლასტერების რუკა გავლილია, ფარული ტომის მაქსიმალური ზომა განისაზღვრა. შემდგომ ეტაპებზე აირჩიეთ ფარული ტომის პარამეტრები, ზომა და პაროლი. + ფარული ტომი + ფარული ტომი დაცული იქნება მანამ, ვიდრე გარე ტომი მიერთებულია.\n\nყურადღება: თუ ფარული ტომის არეალში მონაცემთა ჩაწერის მცდელობა იქნება, ჩაირთვება მთელი ტომის (გარე და ფარული) დაცვა ჩაწერისგან, ვიდრე ტომები არ იქნება გამოერთებული. ამან შესაძლოა გარე ტომზე ფაილური სისტემის დაზიანება გამოიწვიოს, რის გამოც (გამეორების შემთხვევაში) ფარული ტომის არსებობის უარყოფა ნაკლებ დამაჯერებელი იქნება. ამიტომ ყველა ღონე უნდა იხმაროთ, რათა ფარული ტომის არეალში ჩაწერა თავიდან აიცილოთ. ნებისმიერი ჩასაწერი ინფორმაცია, რომლის ამ არეალში ჩაწერის მცდელობაც იქნება, დაიკარგება. Windows-მა შესაძლოა ამ დროს გამოიტანოს შეცდომის შეტყობინება ("Delayed Write Failed" ან "The parameter is incorrect"). + ყოველი ფარული ტომი ახლად მიერთებულ გარე ტომებში დაცული იქნება დაზიანებისგან.\n\nთუ ფარული ტომის არეალში მონაცემთა ჩაწერის მცდელობა იქნება, ჩაირთვება მთელი ტომის (გარე და ფარული) დაცვა ჩაწერისგან, ვიდრე ტომები არ იქნება გამოერთებული. ამან შესაძლოა გარე ტომზე ფაილური სისტემის დაზიანება გამოიწვიოს, რის გამოც (გამეორების შემთხვევაში) ფარული ტომის არსებობის უარყოფა ნაკლებ დამაჯერებელი იქნება. ამიტომ ყველა ღონე უნდა იხმაროთ, რათა ფარული ტომის არეალში ჩაწერა თავიდან აიცილოთ. ნებისმიერი ჩასაწერი ინფორმაცია, რომლის ამ არეალში ჩაწერის მცდელობაც იქნება, დაიკარგება. Windows-მა შესაძლოა ამ დროს გამოიტანოს შეცდომის შეტყობინება ("Delayed Write Failed" ან "The parameter is incorrect"). + გაფრთხილება: იყო ფარული ტომის არეალში მონაცემების ჩაწერის მცდელობა დისკზე, რომელიც მიერთებულია, როგორც %c:! VeraCrypt-მა დაბლოკა ეს მონაცემები ჩაწერისგან, რათა დაეცვა ფარული ტომი დაზიანებისგან. ამან შესაძლოა გარე ტომის ფაილური სისტემის დაზიანება გამოიწვია, Windows-მა შესაძლოა გამოიტანოს შეცდომის შეტყობინება ("Delayed Write Failed" ან "The parameter is incorrect"). მთლიანი ტომი (გარე და ფარული) მათ გამოერთებამდე დაცული იქნება ჩაწერისგან. თუ ეს ჩაწერისაგან დაცვის პირველი შემთხვევა არ არის, ფარული ტომის არსებობის უარყოფა ნაკლებ დამაჯერებელი იქნება (გარე ფაილურ სისტემაში კორელაციური დარღვევების გამო). ამიტომ უმჯობესი იქნება შექმნათ ახალი VeraCrypt ტომი (სწრაფი ფორმატირების გარეშე) და არსებული ფაილები გადაიტანოთ ახალ ტომში; ძველი ტომი დაცულად უნდა წაიშალოს (გარე და ფარული ტომები). რეკომენდებულია ახლავე გადატვირთოთ ოპერაციული სისტემა. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + თქვენი კომპიუტერი საჭიროებს გადატვირთვას.\n\nგსურთ ახლავე გადატვირთვა? + სისტემის შიფრაციის სტატუსის მიღების დროს მოხდა შეცდომა. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + ვერ ხერხდება სისტემის შიფრაციისათვის პროგრამის კომპონენტების ინიციალიზაცია. + შემთხვევითი რიცხვების გენერატორის ინიციალიზაციის შეცდომა. + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + პროგრამის ინიციალიზაციის შეცდომა. Dialog კლასის რეგისტრირება შეუძლებელია. + Error: Failed to load the Rich Edit system library. + VeraCrypt-ის ტომების შექმნის ოსტატი + ამ ტომზე ფარული ტომის მაქსიმალური ზომა შეადგენს %.2f ბაიტს + ამ ტომზე ფარული ტომის მაქსიმალური ზომა შეადგენს %.2f კბ-ს + ამ ტომზე ფარული ტომის მაქსიმალური ზომა შეადგენს %.2f მბ-ს + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + მიერთებული ტომის პაროლის/გასაღების ფაილების შეცვლა შეუძლებელია. გამოაერთეთ ტომი. + სანამ ტომი მიერთებულია, ამ ტომის სათაურის გასაღების დერივაციის ალგორითმის შეცვლა არ შეიძლება. ჯერ გამოაერთეთ ტომი. + მიერთება + ამ ტომის მიერთებისათვის საჭიროა VeraCrypt-ის უფრო ახალი ვერსია. + შეცდომა! ტომების შექმნის ოსტატი ვერ მოიძებნა.\n\nშეამოწმეთ, "VeraCrypt.exe"-ს ფოლდერში არის თუ არა ფაილი "VeraCrypt Format.exe". თუ არ არის, ხელახლა დააინსტალირეთ VeraCrypt ან მოძებნეთ დისკებზე ფაილი "VeraCrypt Format.exe" და გაუშვით. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + შემდეგ + მზადაა + ინსტალაცია + დეარქივაცია + VeraCrypt-ის მოწყობილობის დრაივერთან მიერთება არ ხერხდება. VeraCrypt-ის ფუნქციონირება ამ დრაივერის გარეშე შეუძლებელია.\n\nმოწყობილობის დრაივერის ჩართვამდე, შესაძლოა საჭირო გახდეს სისტემიდან გამოსვლა ან სისტემის გადატვირთვა. + შეცდომა ფონტების ჩატვირთვისას. + დისკის ასო არ მოიძებნა ან არ იქნა მითითებული. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + დისკის სახელი არ არის თავისუფალი. + ფაილი არ არის არჩეული. + დისკის თავისუფალი სახელები არ არის. + დისკის თავისუფალი სახელი გარე ტომისათვის აღარ არის. ტომის შექმნის გაგრძელება შეუძლებელია. + ოპერაციული სისტემის ვერსიის განსაზღვრა ვერ მოხერხდა, ან გამოიყენება არათავსებადი სისტემა. + მისამართი არ არის მითითებული. + ფარილი ტომისათვის არასაკმარისი თავისუფალი ადგილია. ტომის შექმნის გაგრძელება შეუძლებელია. + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + დრაივერის მიერ ტომის გამოერთება ვერ ხერხდება. შესაძლოა, ტომზე ფარული ფაილებია. + ტომის ბლოკირება შეუძლებელია. მასზე განთავსებულია ფარული ფაილებია, ამიტომ მისი გამოერთება არ შეიძლება. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + აირჩიეთ VeraCrypt-ის ტომი + მიუთითეთ ფაილის მისამართი დ სახელი + Select PKCS #11 Library + მეხსიერება არასაკმარისია + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + გაფრთხილება: ფაილი '%s' უკვე არსებობს!\n\nVeraCrypt არ დაშიფრავს ფაილს, იგი წაიშლება. დარწმუნებული ხართ, რომ გსურთ ამ ფაილის წაშლა და ახალი ფაილ-კონტეინერის შექმნა? + გაფრთხილება: %s '%s'%s -ზე შენახული ყველა ფაილი წაიშლება!\n\nნამდვილად გსურთ ფორმატირების გაგრძელება? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + პაროლი + PIM + სათაურის გასაღების დერივაციის ალგორითმი + ტომ(ებ)იდან გასაღების ფაილ(ებ)ის დამატება/წაშლა + ტომიდან ყველა გასაღების ფაილის წაშლა + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + შენიშვნა:VeraCrypt-ის აღმდგენი დისკი ჯერჯერობით ისევ ძველ ალგორითმს იყენებს. თუ ძველი ალგორითმი დაუცველად მიგაჩბნიათ, მაშინ შექმენით ახალი აღმდგენი დისკი და ძველი გაანადგურეთ.\n\nგსურთ ახალი აღმდგენი დისკის შექმნა? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + გასაღების ფაილები წარმატებით დაემატა/წაიშალა. + Keyfile exported. + სათაურის გასაღების დერივაციის ალგორითმი წარმატებით დაყენდა. + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. + აირციეთ პაროლი ფარული ტომისათვის. + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + შეიტანეთ პაროლი ტომისათვის, რომლის შიგნით შეიქმნება ფარული ტომი.\n\n"შემდეგ"-ის დაჭერით VeraCrypt შეეცდება მიაერთოს ტომი, რის შემდეგაც მოხდება მიერებულ ტომზე თავისუფალი არის კლასტერების რუკის სკანირება, რომლის ბოლოშიც იქნება ტომის დაბოლოება. ამ ადგილას განთავსდება ფარული ტომი, ანუ განისაზღვრება მისი მაქსიმალური ზომა. რუკის სკანირება გარანტიას იძლევა, რომ ფარული ტომის მონაცემები არ დააზიანებს გარე ტომის მონაცემებს. + \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + გარე ტომის პაროლი + ფარული ტომის პაროლი + Password for Hidden Operating System + ყურადღება: მოკლე პაროლები ადვილი გამოსაცნობია გადარჩევის ხერხით.\n\nრეკომენდებულია 20 სიმბოლოზე გრძელი პაროლების გამოყენება.\n\nნამდვილად გსურთ მაკლე პაროლის გამოყენება? + ტომის პაროლი + პაროლი არასწორია, ან ეს VeraCrypt-ის ტომი არ არის. + პაროლი ან/და გასაღების ფაილები არასწორია, ან ეს VeraCrypt-ის ტომი არ არის. + არასწორი მიერთების რეჟიმი, არასწორი პაროლი ან არა-VeraCrypt-ის ტომი. + არასწორი მიერთების რეჟიმი, არასწორი პაროლი/გასაღების ფაილები ან არა-VeraCrypt-ის ტომი. + პაროლი არასწორია, ან VeraCrypt-ის ტომი არ მოიძებნა. + პაროლი/გასაღების ფაილები არასწორია, ან VeraCrypt-ის ტომი არ მოიძებნა. + \n\nყურადღება! ჩართულია ღილაკი Caps Lock. ამან შესაზლოა პაროლის არასწორი აკრეფა გამოიწვიოს. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nშენიშვნა: თუ ცდილობთ დაშიფრულ სისტემურ დისკზე მოთავსებული განაყოფის მიერთებას, ჩატვირთვისწინა აუთენტიფიკაციის გარეშე ან დაშიფრული სისტემური განაყოფის მიერთებას, რომელზეც სისტემა არ მუშაობს, მაშინ აირჩიეთ "სისტემა">"ჩატვირთვისწინა აუთენტიფიკაციის გარეშე". + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + უკან + სისტემაში არსებული raw-მოწყობილობების სიის ჩვენება შეუძლებელია. + ტომი '%s' არსებობს და წვდომადია მხოლოდ კითხვისათვის. ნამდვილად გსურთ მისი შეცვლა? + აირჩიეთ მიზნობრივი ფოლდერი + აირჩიეთ გასაღების ფაილი + აირჩიეთ გასაღების ფაილების ძიების მისამართი. ყურადღება: შეინახება მხოლოდ მისამართი, და არა ფაილების სახელები. + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + შემუშავებულია როს ანდერსონის, ელი ბიჰამის და ლარს კნუდსენის მიერ. გამოქვეყნდა 1998წ. 256-ბიტი გასაღები, 128-ბიტი ბლოკი. ქმედების რეჟიმი - XTS. AES-ის ფინალისტი. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + გარე ტომის ზომა + ფარული ტომის ზომა + Please verify that the size of the selected device/partition shown above is correct and click Next. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + ტომის ზომა + დინამიური + ყურადღება! ტესტის შეცდომა. + ყველა ალგორითმის ტესტი გავლილია + მითითებული მონაცემთა ერთეულის ნომერი ძალიან გრძელი ან ძალიან მოკლეა. + მითითებული მეორეადი გასაღები ძალიან გრძელი ან ძალიან მოკლეა. + სატესტო დაშიფრული ტექსტის სიგრძე არასწორია. + სატესტო გასაღების სიგრძე არასწორია. + სატესტო ღია ტექსტის სიგრძე არასწორია. + ორი შიფრი, მოქმედი კასკადურად XTS რეჟიმში. ყოველი ბლოკი იშიფრება ჯერ %s-ით (%d-ბიტი გასაღები) და შემდგომ %s-ით (%d-ბიტი გასაღები). ყოველი შიფრი იყენებს დამოუკიდებელ გასაღებს. + სამი შიფრი, მოქმედი კასკადურად XTS რეჟიმში. ყოველი ბლოკი იშიფრება %s-ით (%d-ბიტი გასაღები), %s-ით (%d-ბიტი გასაღები), და %s-ით (%d-ბიტი გასაღები). ყოველი შიფრი იყენებს დამოუკიდებელ გასაღებს. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt-ის მოგზაური დისკი + შემუშავებულია ბრუს შნეიერის, ჯონ კელსის, დაგ ვაითინგის, დევიდ ვაგნერის, კრის ჰოლის და ნილს ფერგიუსონის მიერ. გამოქვეყნდა 1998წ. 256-ბიტი გასაღები, 128-ბიტი ბლოკი. ქმედების რეჟიმი-XTS. AES ფინალისტი. + დამატებით ინფორმაცია იხ. %s + უცნობია + An unspecified or unknown error occurred (%d). + ზოგიერთი ტომი შეიცავს ფაილებს ან ფოლდერებს, რომლებიც გამოიყენება სისტემის ან პროგრამების მიერ.\n\nმაინც გსურთ გამოერთება? + გამოერთება + შეცდომა გამოერთებისას. + ტომი შეიცავს ფაილებს ან ფოლდერებს, რომლებიც გამოიყენება სისტემის ან პროგრამების მიერ.\n\nმაინც გსურთ გამოერთება? + No volume is mounted to the specified drive letter. + ეს ტომი უკვე მიერთებულია. + შეცდომა ტომის მიერთების მცდელობისას. + შეცდომა ტომში ადგილმდებარეობის ძიებისას. + შეცდომა: ტომის არასწორი ზომა. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt ვერ შეცვლის მისთვის უცნობი ტიპის ტომის პაროლს. + აირჩიეთ სიიდან დისკის თავისუფალი ასო. + აირჩიეთ დისკების ასოების სიაში მიერთებული ტომი. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + შეცდომა: autorun.inf ფაილის შექმნა შეუძლებელია + შეცდომა გასაღების ფაილის დამუშავებისას. + შეცდომა გასაღების ფაილის მისამართის დამუშავებისას. + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt არათავსებადია ამ ოპერაციულ სისტემასთან. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + შეცდომა: მეხსიერების განაწილება შეუძლებელია. + შეცდომა: წარმადობის მთვლელის მნიშვნელობის აღდგენა შეუძლებელია. + შეცდომა: ტომის არასწორი ფორმატი. + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt-Legal Notices + ყველა ფაილი + VeraCrypt-ის ტომები + Library Modules + NTFS-ფორმატირების გაგრძელება შეუძლებელია. + ტომის მიერთება შეუძლებელია. + ტომის გამოერთება შეუძლებელია. + Windows ვერ აფორმატირებს ამ ტომს, როგორც NTFS.\n\nაირჩიეთ სხვა ფაილური სისტემა და გაიმეორეთ ცდა. ან შეგიძლიათ დასტოვოთ ეს ტომი დაუფორმატებელი (ფაილური სისტემის არჩევის ველში მიუთითეთ "არა"), დახურეტ ოსტატის ფანჯარა, მიაერთეთ ტომი, შემდეგ კი სისტემური ან სხვა უტილიტის დააფორმატირეთ მიერთებული ტომი (ამ დროს ტომი დაშიფრული რჩება). + ტომის NTFS ფორმატირება არ მოხერხდა.\n\nგსურთ დააფორმატოთ ტომი როგორც FAT? + საწყისად + partition + განაყოფი + მოწყობილობა + device + მოწყობილობა + ტომი + volume + VOLUME + Label + ამ ტომისათვის არჩეულია კლასტერების მეტად მცირე ზომა. გამოყენებულ იქნება შედარებით დიდი ზომის კლასტერი. + შეცდომა! ტომის ზომის დათვლა შეუძლებელია.\n\nშეამოწმეთ, ხომ არ გამოიყენება არჩეული ტომი სისტემის ან სხვა პროგრამის მიერ. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + VeraCrypt-ის ტომების შექმნის ოსტატს ფარული ტომის შექმნა შეუძლია მხოლოდ FAT ან NTFS ტომში. + Windows 2000-ში, VeraCrypt-ის ტომების შექმნის ოსტატს ფარული ტომის შექმნა შეუძლია მხოლოდ FAT ტომში. + Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). + Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + შეცდომა! ტომთან წვდომა არ არის.\n\nშეამოწმეთ, არსებობს თუ არა ეს ტომი, არ არის მიერთებული, არ გამოიყენება სისტემის ან სხვა პროგრამის მიერ, და დაცული არ არის ჩაწერისაგან. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + შეცდომა! გარე ტომის გამოერთება შეუძლებელია.\n\nტომის გამოერთება შეუძლებელია, თუ იგი შეიცავს ფაილებს ან ფოლდერებს, რომლებიც გამოიყენება სისტემის ან სხვა პროგრამის მიერ.\n\nდახურეთ ყველა პროგრამა, რომლებიც შესაძლოა იყენებენ ფაილებს ამ ტომში, და დააჭირეთ "გამეორება"-ს. + შეცდომა: გარე ტომის შესახებ ინფორმაციის მიღება ვერ ხერხდება! ტომის შექმნის პროცესი შეწყვეტილია. + შეცდომა! გარე ტომთან წვდომა არ არის. ტომის შექმნის გაგრძელება შეუძლებელია. + შეცდომა! გარე ტომის მიერთება შეუძლებელია. ტომის შექმნის გაგრძელება შეუძლებელია. + შეცდომა! ტომის კლასტერების რუკის მიღება შეუძლებელია. ტომის შექმნის გაგრძელება შეუძლებელია. + ანბანურად/კატეგორიებით + საშუალო სიჩქარე (კლებადობა) + ალგორითმი + შიფრაცია + დეშიფრაცია + საშუალო + დისკი + ზომა + შიფრაციის ალგორითმი + შიფრაციის ალგორითმი + ტიპი + მნიშვნელობა + თვისება + მდებარეობა + ბაიტი + ფარული + გარე + ჩვეულებრივი + სისტემური + Hidden (system) + მხოლოდ კითხვისათვის + სისტემური დისკი + სისტემური დისკი (შიფრაცია - %.2f%% დასრულდა) + სისტემური დისკი (დეშიფრაცია - %.2f%% დასრულდა) + სისტემური დისკი (%.2f%% დაშიფრულია) + სისტემური განაყოფი + Hidden system partition + სისტემური განაყოფი (შიფრაცია - %.2f%% დასრულდა) + სისტემური განაყოფი (დეშიფრაცია - %.2f%% დასრულდა) + სისტემური განაყოფი (%.2f%% დაშიფრულია) + დიახ (დაცვა დაზიანებისაგან) + არა + Primary Key Size + Secondary Key Size (XTS Mode) + Tweak Key Size (LRW Mode) + ბიტი + ბლოკის ზომა + PKCS-5 PRF + PKCS-5 ოპერაციების რაოდენობა + ტომი შექმნილია + სათაურის ბოლო ცვლილება + (განვლო დღემ: %I64d) + Volume Format Version + Embedded Backup Header + VeraCrypt Boot Loader Version + 1-ლი თავისუფალი + Removable Disk + მყარი დისკი + უცვლელი + Autodetection + ოსტატის რეჟიმი + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + ინსტალაციის ოფციები + აქ შეგიძლიათ მიუთითოთ ინსტალაციის პროცესის სამართავი სხვადასხვა პარამეტრები. + ინსტალაცია + გთხოვთ მოიცადოთ VeraCrypt-ის ინსტალაციის დასრულებამდე. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + დეარქივაციის ოფციები + აქ შეგიძლიათ მიუთითოთ დეარქივაციის პროცესის სამართავი სხვადასხვა პარამეტრები. + გთხოვთ მოიცადოთ დეარქივაციის დასრულებამდე. + Files successfully extracted + ყველა ფაილი წარმატებით იქნა დეარქივირებული მითითებულ მისამართზე. + თუ მითითებული ფოლდერი არ არსებობს, იგი ავტომატურად შეიქმნება. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + გსურთ იხილოთ VeraCrypt-ის მიმდინარე ვერსიის ანოტაცია? + თუ VeraCrypt-თან არასდროს გიმუშავიათ, რეკომენდებულია გაეცნოთ დამწყებთა განაყოფს VeraCrypt-ის მომხმარებლის სახელმძღვანელოში გსურთ დოკუმენტაციის წაკითხვა? + გთხოვთ აირჩიოთ შემდეგი მოქმედებებიდან: + აღდგენა/რეინსტალაცია + Upgrade + დეინსტალაცია + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + ინსტალაცია ჩაიშალა. + დეინსტალაცია ჩაიშალა. + ეს საინსტალაციო პაკეტი დაზიანებულია. გთხოვთ, ხელახლან ჩამოტვირთოთ (უმჯობესია ოფიციალური საიტიდან https://veracrypt.codeplex.com). + ფაილის %s ჩაწერა არ ხერხდება + დეარქივაცია + პაკეტიდან მონაცემთა წაკითხვა არ ხერხდება. + საინსტალაციო პაკეტის მთლიანობის შემოწმება არ ხერხდება. + დეარქივაცია ჩაიშალა. + მოხდა ინსტალაციის უკუქცევა. + პროგრამა VeraCrypt წარმატებით ინსტალირებულია. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + პროგრამა VeraCrypt წარმატებით დეინსტალირებულია.\n\nდააჭირეთ ღილაკს "მზადაა", რათა წაიშალოს VeraCrypt-ის ინსტალატორი და ფოლდერი %s. ფოლდერი არ წაიშლება, თუ იგი შეიცავს ფაილებს, რომლებიც ინსტალატორის ან VeraCrypt-ის მიერ არაა შექმნილი. + რეესტრიდან VeraCrypt-ის ჩანაწერების წაშლა + რეესტრში ელემენტის დამატება + პროგრამასთან დაკავშირებული მონაცემების წაშლა + ინსტალაცია + შეჩერება + წაშლა + ხატულას დამატება + სისტემის აღდგენის წერტილის შექმნა + შეცდომა სისტემის აღდგენის წერტილის შექმნისას. + Updating boot loader + "%s"-ის ინსტალაცია ჩაიშალა. %s გსურთ ინსტალაციია გაგრძელება? + "%s"-ის დეინსტალაცია ჩაიშალა. %s გსურთ დეინსტალაციის გაგრძელება? + ინსტალაცია დასრულებულია. + %s' ფოლდერის შექმნა არ მოხდა. + VeraCrypt-ის დრაივერის ამოტვირთვა შეუძლებელია.\n\nდახურეთ VeraCrypt-ის ყველა გახსნილი ფანჯარა. თუ შედეგი არ არის, გადატვირთეთ Windows და სცადეთ ხელახლა. + ინსტალაციის გაგრძელებამდე, საჭიროა VeraCrypt-ის ყველა მიერთებული ტომის გამოერთება. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + შეცდომა რეესტრში ელემენტების რეგისტრაციისას + შეცდომა მოწყობილობის დრაივერის ინსტალაციისას. გადატვირთეთ Windows და სცადეთ VeraCrypt-ის ინსტალაცია ხელახლა. + VeraCrypt-ის დრაივერის გაშვება + მოწყობილობის დრაივერის დეინსტალაცია ჩაიშალა. პროცესის გაგრძელებამდე შესაძლოა საჭირო გახდეს Windows-იდან გამოსვლა ან/და სისტემის გადატვირთვა. + VeraCrypt-ის დრაივერის ინსტალაცია + VeraCrypt-ის დრაივერის შეჩერება + VeraCrypt-ის დრაივერის დეინსტალაცია + შეცდომა მომხმარებლის ანგარიშების მართვის (User Account Control) დამხმარე ბიბლიოთეკის რეგისტრაციისას. + შეცდომა მომხმარებლის ანგარიშების მართვის (User Account Control) დამხმარე ბიბლიოთეკის რეგისტრაციის უარყოფისას. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + შეცდომა: ლიცენზიის ჩვენება არ ხერხდება. + გარე(!) + დღე + სთ + წთ + წმ + გახსნა + გამოერთება + VeraCrypt-ის ჩვენება + VeraCrypt-ის დამალვა + წაკითხულია მიერთების შემდეგ + ჩაწერილია მიერთების შემდეგ + დაშიფრული ნაწილი + 100% (სრულად დაშიფრული) + 0% (დაუშიფრავი) + %.3f%% + 100% + ვიცდით... + Preparing + Resizing + შიფრაცია + დეშიფრაცია + Finalizing + პაუზა + დასრულებულია + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + შეიტანეთ პაროლი %s-თვის + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + გასაღების ფაილი წარმატებით შეიქმნა. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + ტომის სათაურის სარეზერვო ასლი წარმატებით შეიქმნა.\n\nმნიშვნელოვანია: ამ ასლიდან სათაურის აღდგენისას ასევე აღდგება ტომის მიმდინარე პაროლი. მეტიც, თუ ტომის მიერთებისას გამოიყენება გასაღების ფაილები, მაშინ სათაურის აღდგენის შემდეგ ტომის მისაერთებლად საჭირო იქნება იგივე გასაღების ფაილები.\n\nყურადღება: სათაურის ეს ასლი შეიძლება გამოყენებულ იქნას მხოლოდ ამ კონკრეტული ტომისათვის. სხვა ტომისათვის ამ ასლის გამოყენების შემდეგ ტომის მიერთება შესაძლებელი იქნება, მაგრამ ტომიდან რაიმე მონაცემის წაკითხვა - შეუძლებელი (რადგან შეიცვლება მისი გასაღები). + ტომის სათაური წარმატებით აღდგა.\n\nმნიშვნელოვანია: გაიტვალისწინეთ, რომ სათაურის აღდგენით შესაძლოა აღდგა ძველი პაროლიც. მეტიც, თუ ტომის მიერთებისას გამოიყენება გასაღების ფაილები, მაშინ სათაურის აღდგენის შემდეგ ტომის მისაერთებლად საჭირო იქნება იგივე გასაღების ფაილები + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + ნამდვილად გსურთ %s ტომის სათაურის აღდგენა?\n\nყურადღება: სათაურის აღდგენისას ასევე აღდგება პაროლი, რომელიც მოქმედებდა სარეზერვო ასლის შენახვის დროს. მეტიც, თუ ტომის მიერთებისას გამოიყენება გასაღების ფაილები, მაშინ სათაურის აღდგენის შემდეგ ტომის მისაერთებლად საჭირო იქნება იგივე გასაღების ფაილები.\n\nდააჭირეთ "დიახ"-ს, რათა აირჩიოთ სათაურის სარეზერვო ასლის ფაილი. + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + თქვენ ცდილობთ სისტემური განაყოფის/მოწყობილობის სათაურის რეზერვირებას. ეს არ არის ნებადართული. სისტემური დისკის რეზევირება/აღდგენის ოპერაციები შიძლება განხორციელდეს მხოლოდ VeraCrypt-ის აღმდგენი დისკის გამოყენებით.\n\nგსურთ VeraCrypt-ის აღმდგენი დისკის შექმნა? + თქვენ ცდილობთ VeraCrypt-ის ვირტუალური ტომის სათაურის აღდგენას, მაგრამ არჩეულია სისტემური განაყოფი/მოწყობილობა. ეს არ არის ნებადართული. სისტემური დისკის რეზევირება/აღდგენის ოპერაციები შიძლება განხორციელდეს მხოლოდ VeraCrypt-ის აღმდგენი დისკის გამოყენებით.\n\nგსურთ VeraCrypt-ის აღმდგენი დისკის შექმნა? + OK-ის დაწკაპების შემდეგ აირჩიეთ VeraCrypt-ის ახალი აღმდგენი დისკის ISO ფაილის სახელი და მისამართი. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + მოათავსეთ VeraCrypt-ის აღმდგენი დისკი CD/DVD მოწყობილობაში და დაწკაპეთ OK. + VeraCrypt-ის აღმდგენი დისკი წარმატებით შემოწმდა. + აღმდგენი დისკის ჩაწერის სისწორის შემოწმება ვერ მოხერხდა.\n\nთუ აღმდგენი დისკი ჩაწერილია, დისკი გამოიღეთ და ხელახლა ჩადეთ CD/DVD მოწყობილობაში. თუ ეს არ შველის, მაშინ გამოიყენეთ სხვა დისკი ან/და სხვა ჩამწერი პროგრამა.\n\nთუ ამოწმებთ სხვა მთავარი გასაღებისათვის, მარილისათვის და ა.შ. შექმნილ აღმდგენ დისკს, შემოწმება ყოველთვის მცდარ შედეგს აჩვენებს. მიმდინარე კონფიგურაციის თავსებადი აღმდგენი დისკის შექმნისათვის, აირჩიეთ სისტემა>აღმდგენი დისკის შექმნა. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + VeraCrypt-ის აღმდგენი დისკის Rescue Disk. + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + გაგრძელებამდე, გამოაერთეთ ტომი. + შეცდომა: ტაიმერის დაყენება ვერ ხერხდება. + ფაილური სისტემის შემოწმება + ფაილური სისტემის შეკეთება + Add to Favorites... + Add to System Favorites... + P&roperties... + ფარული ტომი დაცულია + N/A + დიახ + არა + Disabled + 1 + 2 ან მეტი + ოპერაციის რეჟიმი + Label: + Size: + Path: + Drive Letter: + შეცდომა! პაროლი უნდა შეიცავდეს მხოლოდ სტანდარტულ ASCII სიმბოლოებს.\n\nარა-ASCII სიმბოლოების გამოყენება შეუძლებელს გახდის ტომის მიერთებას, თუ სისტემის კონფიგურაცია შეიცვლება.\n\nნებადართულია შემდეგი სიმბოლოების გამოყენება:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + ყურადღება! პაროლი შეიცავს არა-ASCII სიმბოლოებს. ეს შეუძლებელს გახდის ტომის მიერთებას, თუ სისტემის კონფიგურაცია შეიცვლება..\n\nშეცვალეთ ყველა არა-ASCII სიმბოლო ASCII სიმბოლოებით.\n\nASCII სიმბოლოებია:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + ვებ-გვერდი + ყურადღება: სისტემაში არ არის ინსტალირებული Windows-ის არცერთი განახლების პაკეტი (Service Pack).თუ Windows XP-ზე არ არის ინსტალირებული Service Pack 1 (ან უფრო ახალი), 128გბ-ზე მეტი მოცულობის IDE დისკებზე ჩაწერა არ არის რეკომენდებული, რადგან ეს გამოიწვევს მონაცემთა დაზიანებას (მიუხედავად იმისა, ეხება ეს VeraCrypt-ის ტომს თუ არა). ეს Windows-ის შეზღუდვაა და არა შეცდომა VeraCrypt-ში. + ყურადღება: სისტემაში არ არის ინსტალირებულიWindows-ის განახლების პაკეტი Service Pack 3 (ან ახალი). თუ Windows 2000-ზე არ არის ინსტალირებულია Service Pack 3 (ან ახალი), 128გბ-ზე მეტი მოცულობის IDE დისკებზე ჩაწერა არ არის რეკომენდებული, რადგან ეს გამოიწვევს მონაცემთა დაზიანებას (მიუხედავად იმისა, ეხება ეს VeraCrypt-ის ტომს თუ არა). ეს Windows-ის შეზღუდვაა და არა შეცდომა VeraCrypt-ში. ამის გარდა, შესაძლოა საჭირო გახდეს რეესტრში LBA-ს 48 ბიტიანი ადრესაციის მხარდაჭერის ჩართვა; დაწვრილებით იხ. http://support.microsoft.com/kb/305098/EN-US + ყურადღება: 48-bit LBA ATAPI-ის მხარდაჭერა სისტემაში გამორთულია. შესაბსამისად,128გბ-ზე მეტი მოცულობის IDE დისკებზე ჩაწერა არ შეიძლება! წინააღმდეგ შემთხვევაში შესაძლებელია მონაცემთა დაზიანება. ეს Windows-ის შეზღუდვაა და არა შეცდომა VeraCrypt-ში.\n\n48-ბიტიანი LBA მხარდაჭერის დამატებისათვის, რეგიტრში მისამართზე HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters ჩაამატეთ მნიშვნელობა "EnableBigLba" და მიანიჭეთ 1.\n\nდამატებით იხ. http://support.microsoft.com/kb/305098 + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + ყურადღება: თუ მომავალში დაგჭირდებათ გარე ტომში მონაცემების/ფაილების დამატება, წინასწარ იზრუნეთ მასში არსებული ფარული ტომის ზომის შემცირებაზე.\n\nგსურთ გააგრძელოთ და გამოიყენოთ თქვენს მიერ მითითებული ზომა? + ტომი არ არის არჩეული.\n\nდააჭირეთ ღილაკს "მოწყობილობა" ან "ფაილი" და აირჩიეთ VeraCrypt-ის ტომი. + ასარჩევია განაყოფი.\n\nდაწკაპეთ "აირჩიეთ მოწყობილობა" განაყოფის ასარჩევად, რომელიც ჩატვირთვისწინა აუთენტიფიკაციას მოითხოვს (მაგ. დაშიფრულ სისტემურ დისკზე მოთავსებული განაყოფი, ოპერაციული სისტემით, რომელიც არ მუშაობს).\n\nშენიშვნა: ეს განაყოფი მიერთდება, როგორც ჩვეულებრივი VeraCrypt-ის ტომი, ჩატვირთვისწინა აუთენტიფიკაციის გარეშე. ეს გამოსადეგია მაგ. რეზერვირების ან აღდგენის ოპერაციებისათვის. + გაფრთხილება: თუ საწყისი გასაღების ფაილები დანიშნულია, იმ ტომების მიერთება, რომლებიც არ იყენებენ ასეთ ფაილებს, შეუძლებელი იქნება. ამიტომ, საწყისი გასაღების ფაილების დანიშვნის შემდეგ, არ დაგავიწყდეთ, ასეთი ტომის ყოველი მიერთებისას გამორთოთ ოფცია "გამოიყენე გასაღების ფაილი' (პაროლის ველის ქვემოთ).\n\nნამდვილად გსურთ დანიშნოთ მითითებული გასაღების ფაილები საწყისად? + მოწყობილობების ავტომიერთება + ყველას გამოერთება + კეშის წაშლა + Dismount All & Wipe Cache + ყველას გამოერთება და კეშის წაშლა + ყველას გამოერთება, კეშის წაშლა და გასვლა + რჩეული ტომების მიერთება + VeraCrypt-ის მთავარი ფანჯრის ჩვენება/დამალვა + (დაწკაპეთ აქ დადააჭირეთ ღილაკს) + მოქმედება + სწრაფი გამოძახება + შეცდომა! ეს "ცხელი კლავიში" რეზერვირებულია. აირჩიეთ სხვა. + შეცდომა! ეს "ცხელი კლავიში" უკვე გამოიყენება. + ყურადღება: ზოგიერთი საერთოსისტემური "ცხელი კლავიშები" VeraCrypt-ში არ იმუშავებს!\n\nშეამოწმეთ, ხომ არ გამოიყენება ეს კომბინაცია ოპერაციული სისტემის ან სხვა პროგრამების მიერ. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + ყურადღება: თუ ეს ოპცია გამორთულია, ტომების, რომლებიც გახსნილ ფაილებს/ფოლდერებს შეიცავენ, აუტოგამოერთება არ მოხდება.\n\nნამდვილად გსურთ ამ ოპციის გამორთვა? + ყურადღება: ტომების, რომლებიც გახსნილ ფაილებს/ფოლდერებს შეიცავენ, აუტოგამოერთება არ მოხდება.\n\nამის თავიდან ასაცილებლად, ჩართეთ შესაბამისი ოფცია მენიუში" + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + თქვენ დაგეგმილი გაქვთ სისტემური განაოფის/მოწყობილობის შიფრაცია/დეშიფრაცია. ეს პროცესი ჯერ არ დასრულებულა.\n\nგსურთ ამ პროცესის დაწყება (გაგრძელება) ახლავე? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + თქვენ დაგეგმილი გაქვთ სისტემური განაყოფის/დისკის შიფრაცია ან დეშიფრაცია. თუმცა ჩატვირთვისწინა აუთენტიფიკაცია ჩაიშალა ან არ გამოიტოვა.\n\nშენიშვნა: თუ ჩატვირთვის დროს სისტემურ განაყოფს/დისკს დეშიფრაცია გაუკეთეთ, მაშინ დაასრულეთ პროცესი - აირჩიეთ მენიუში "სისტემა">"სისტემური განაყოფის/დისკის სამუდამო დეშიფრაცია". + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + გამოვიდეთ? + VeraCrypt არ აქვს საკმარისი ინფორმაცია, შეასრულოს შიფრაციის თუ დეშიფრაციის ოპერაცია. + VeraCrypt ვერ წყვეტს რა შეასრულოს, შიფრაცია თუ დეშიფრაცია.\n\nშენიშვნა: თუ ჩატვირთვის დროს სისტემურ განაყოფს/დისკს დეშიფრაცია გაუკეთეთ, მასინ დაასრულეთ პროცესი - დაწკაპეთ "დეშიფრაცია". + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + გსურთ შეწყვითოთ და გადადოთ სისტემური განაყოფის/მოწყობილობის შიფრაციის პროცესი?\n\nმომავალში შესაძლებლობა გექქნებათ შეწყვეტილი მომენტიდან გააგრძელოთ ეს პროცესი. ეს შეგიძლიათ გააკეთოთ შემდეგნაირად: აირჩიეთ მენიუდან სისტემა>შეწყვეტილი პროცესის გაგრძელება. თუ სამუდამოდ გსურთ შეწყვიტოთ ან უკუაგდოთ შიფრაციის პროცესი, აირჩიეთ სისტემა>სისტემური განაყოფის/მოწყობილობის სამუდამოდ დეშიფრაცია. + გსურთ შეწყვითოთ და გადადოთ სისტემური განაყოფის/მოწყობილობის დეშიფრაციის პროცესი?\n\nმომავალში შესაძლებლობა გექქნებათ შეწყვეტილი მომენტიდან გააგრძელოთ ეს პროცესი. ეს შეგიძლიათ გააკეთოთ შემდეგნაირად: აირჩიეთ მენიუდან სისტემა>შეწყვეტილი პროცესის გაგრძელება. თუ გსურთ დეშიფრაციის პროცესის უკან დაბრუნება (და შიფრაციის დაწყება), აირჩიეთ სისტემა>სისტემური განაყოფის/მოწყობილობის შიფრაცია. + შეცდომა: სისტემური განაყოფის/მოწყობილობის შიფრაცია/დეშიფრაციის პროცესის შეწყვეტა შეუძლებელია. + Error: Failed to interrupt the process of wiping. + შეცდომა: სისტემური განაყოფის/მოწყობილობის შიფრაცია/დეშიფრაციის პროცესის გაგრძელება შეუძლებელია. + Error: Failed to start the process of wiping. + გაუმართაობა აღმოფხვრილია.\n\n\n(თუ გამოგზავნით ამ შეცდომასთან დაკავშირებით ინფორმაციას, დაურთეთ შემდეგი ტექნიკური ინფორმაცია: %hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + ყურადღება: VeraCrypt-ის ფონური რეჟიმი გამორთულია. VeraCrypt-ის დახურვის შემდეგ, იგი არ შეგატყობინებთ ფარული ტომის დაზიანების შემთხვევაზე.\n\nგსურთ ჩართოთ VeraCrypt-ის ფონური რეჟიმი? + ენის მოდულის ვერსია: %s + მიმდინარეობს %s-ად მიერთებული ტომის ფაილური სისტემის შემოწმება... + მიმდინარეობს %s-ად მიერთებული ტომის ფაილური სისტემის აღდგენა... + ყურადღება: ეს ტომი დაშიფრულია 64-ბიტი ბლოკიანი შიფრაციის ალგორითმით.\n\n64-ბიტი ბლოკიანი დაშიფრვის ალგორითმები (Blowfish, CAST-128, and Triple DES) მოძველებულია. ამ ტომის მიერთება VeraCrypt 5.0-ით ან შემდგომი ვერსიებით შეუძლებელია. რეკომენდებულია შექმნათ VeraCrypt-ის ახალი ტომი 128 ბიტი ბლოკიანი სიფრაციის ალგორითმით (მაგ. AES, Serpent, Twofish) და შემდეგ გადაიტანოთ ამ ტომიდან ფაილები ახალ ტომში. + სისტემა არაა კონფიგურირებული ახალი ტომების ავტომიერთებისათვის. მოწყობილობის ბაზაზე არსებული ტომების მიერთება შესაძლოა ვერ მოხდეს. ავტომიერთების ჩართვა შეიძლება შემდეგი ბრძანების შესრულებით და სისტემის გადატვირთვით.\n\nmountvol.exe /E + გთხოვთ განაყოფს/მოწყობილობას მიანიჭოთ დისკის ასო (Control Panel>System and Maintenance>Administrative Tools - Create and format hard disk partitions).\n\nგაითვალისწინეთ, რომ ეს ოპერაციული სისტემის მოთხოვნაა. + VeraCrypt-ის ტომის მიერთება + VeraCrypt-ის ყველა ტომის გამოერთება + VeraCrypt-მა ვერ მოიპოვა ადმინისტრატორის პრივილეგიები. + ოპერაციულ სისტემასთან წვდომა არ არის.\n\nშესაძლო მიზეზებია: ოპერაციული სისტემა მოითხოვს, რომ გქონდეთ ჩაწერა/წაკითხვის უფლებები (ან ადმინისტრატორის პრივილეგიები) გარკვეულ ფოლდერებზე, ფაილებზედა მოწყობილობებზე, რათა წაიკითხოთ/ჩაწეროთ მათზე. ჩვეულებრივ, მომხმარებელს (ადმინისტრატორის პრივილეგიების გარეშე) უფლება აქვს წაიკითხოს, შექმნას და ჩაწეროს საკუთარ My Documents ფოლდერში. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + VeraCrypt ჩატვირთვის მოდული საჭიროებს მინიმუმ 32კბ თავისუფალ სივრცეს სისტემური დისკის დასაწყისში. სამწუხაროდ, თქვენი დისკი ამ პირობებს ვერ აკმაყოფილებს.\n\nგთხოვთ, ნუ ჩათვლით ამას VeraCrypt-ის შეცდომად. ამ პრობლემის აღმოსაფხვრელად, ხელახლა დაყავიტ თქვენი დისკი და დატოვეთ პირველი 32კბ თავისუფალი სივრცე (როგორც წესი, უბრალოდ წაშალეთ და თავიდან შექმენით პირველი განაყოფი). რეკომენდებულია Microsoft partition manager-ის გამოყენება, რომელიც Windows-ის ინსტალაციის დროს შეგხვდებათ. + ეს ფუნქცია ამ ოპერაციულ სისტემის ვერსიასთან თავსებადი არ არის. + VeraCrypt-ის ეს ვერსიას არ აქვს ამ ოპერაციულ სისტემის ვერსიაში სისტემური განაყოფის/მოწყობილობის შიფრაციის მხარდაჭერა. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + თქვენს სისტემურ დისკს GUID განაყოფთა ცხრილი (GPT). ამჟამად მხოლოდ MBR განაყოფთა ცხრილებია თავსებადი. + VeraCrypt-ის საწყისი ჩამტვირთავი ამ სისტემურ დისკზე უკვე ინსტალირებულია!\n\nშესაძლებელია თქვენს სისტემაში არსებული სხვა ოპერაციული სისტემა უკვე დაშიფრულია.\n\nგაფრთხილება: მიმდინარე სისტემის შიფრაციის მცდელობამ შესაძლოა გამოიწვიოს სხვა სისტემის ჩატვირთვის შეუძლებლობა და მისი მონაცემების დაკარგვა.\n\nნამდვილად გსურთ გაგრძელება? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + სისტემის ორიგინალი ჩამტვირთი არ შეინახება აღმდგენ დისკზე (შესაძლო მიზეზი: დაკარგულია სარეზერვო ფაილი). + MBR სექტორის ჩაწერა ჩაიშალა.\n\nთქვენი BIOS შესაძლოა ჩაწერისაგან იცავს MBR სექტორს. შეამოწმეთ BIOS-ის პარამეტრები. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + თქვენი სისტემური განაყოფი/დისკი მთლიანად დაშიფრულია. + VeraCrypt-ს არ აქვს იმ სისტემური დისკის შიფრაციის მხარდაჭერა, რომელიც გარდაიქმნა დინამიურ დისკად + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + გსურთ სისტემური განაყოფის შიფრაცია, ნაცვლად მთელი დისკის შიფრაციისა?\n\n თქვენ შეგიძლიათ შექმნათ განაყოფზე დაფუძნებული ტომები დისკზე არსებულ არასისტემურ განაყოფებზე. + რადგან თქვენი სისტემური დისკი მოიცავს მხოლოდ ერთ განაყოფს, რომელიც მთელ დისკს იკავებს, უმჯობესია (უფრო დაცულია) დაშიფროთ მთელი დისკი თავისუფალი სივრცის ჩათვლით.\n\nგსურთ მთელი სისტემური დისკის დაშიფრვა? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + სისტემის შიფრაციისათვის ეს ალგორითმი ჯერჯერობით არათავსებადია. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + გაფრთხილება: VeraCrypt ვერ აღადგენს კლავიატურის ორიგინალ განლაგებას. ამან შესაძლოა პაროლის არასწორი შეტანა გამოიწვიოს. + შეცდომა: VeraCrypt-ისთვის კლავიატურის სტანდარტული US განლაგების დაყენება ვერ ხერხდება.\n\nპაროლი შეტანილ უნდა იქნას ჩატვირთვის პროცესში (Windows-ის სტარტამდე), როდესაც არა-US განლაგების ჩართვა შეუძლებელია. ამიტომ პაროლი აკრეფილნ უნდა იქნას კლავიატურის სტანდარტული US განლაგებით. + VeraCrypt-მა კლავიატურის განლაგება დროებით სტანდარტულ US განლაგებაზე შეცვალა, ამიტომ სიმბოლოების აკრეფა მარჯვენა Alt კლავიშის დაჭერით შეუძლებელია. თუმცა ამ სიმბოლოების უმეტესობა შეგიძლიათ აკრიფოთ Shift კლავიშის დაჭერით. + VeraCrypt-მა დაბლოკა კლავიატურის განლაგების შეცვლა. + შენიშვნა: პაროლი შეტანილ უნდა იქნას ჩატვირეთვის დროს (Windows-ის სტარტამდე), სადაც არა-US კლავიატურის განლაგებები გამორთულია. ამიტომ პაროლი ყოველთვის სტანდარტული US განლაგებით უნდა იქნას შეტანილი. თუმცა, რეალური US კლავიატურის ქონა აუცილებელი არ არის. VeraCrypt ავტომატურად უქზრუნველყოფს პაროლის სწორად შეტანას ყველა შემთხვევაში. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + შეცდომა: სისტემის შიფრაციის პარამეტრების შენახვა შეუძლებელია. + სისტემის შიფრაციისწინა ტესტის ინიციირება შეუძლებელია. + Cannot initiate the process of creation of the hidden operating system. + წაშლის რეჟიმი + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + არანაირი (უსწრაფესი) + 1-გზის (random data) + 3-გზის (US DoD 5220.22-M) + 7-გზის (US DoD 5220.22-M) + 35-გზის ("Gutmann") + 256-გზის + ოპერაციული სისტემების რაოდენობა + გაფრთხილება: გამოუცდელი მომხმარებლისათვის არარეკომენდებულია Windows-ის შიფრაცია მრავალ-ჩატვირთვად კონფიგურაციაში.\n\nგავაგრძელოთ? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + ჩამტვირთი დისკი + მიმდინარე ოპერაციული სისტემა ინსტალირებულია ჩამტვირთ დისკზე?\n\nშენიშვნა:ზოგჯერ Windows არ არის ინსტალირებული იმავე დისკზე, საიდანაც იტვირთება. თუ ეს ის შემთხვევაა, აირჩიეთ "არა". + VeraCrypt-ს ამჟამად არ აქვს იმ ოპერაციული სისტემების შიფრაციის მხარდაჭერა, რომლებიც ინსტალირებულია არაჩამტვირთავ დისკზე. + სისტემური დისკების რაოდენობა + რამდენი დისკი მოიცავს ოპერაციულ სისტემას?\n\nშენიშვნა: მაგ., თუ გაქვთ რომელიმე ოპერაციული სისტემა (Windows, Mac OS X, Linux, ა.შ.) ინსტალირებული პირველად დისკზე, და დამატებით ოპერაციული სისტემა ინსტალირებული მეორად დისკზე, აირჩიეთ "2 ან მეტი". + VeraCrypt-ს არ აქვს მხარდაჭერა დისკებისა, რომლებიც მოიცავენ რამდენიმე ოპერაციულ სისტემას.\n\nშესაძლო გამოსავალი:\n\n- შეგიძლიათ დაშიფროთ რომელიმე სისტემა, თუ დაბრუნდებიტ უკან და აირჩევთ მხოლოდ ერთ სისტემურ განაყოფს (მთელი დისკის დაშიფვრის ნაცვლად).\n\n- შეგიძლიათ დაშიფროთ მთელი დისკი, თუ დისკზე დატოვებთ მხოლოდ ერთ ოპერაციულ სისტემას, ხოლო დანარჩენებს სხვაგან გადაიტანთ. + რამდენიმე ოპერაციული სისტემა ერთ დისკზე + იმავე დისკზე, რომელზეც მიმდინარე ოპერაციული სისტემაა ინსტალირებული, არის თუ არა სხვა ოპერაციული სისტემები?\n\nშენიშვნა: თუ მაგ. მიმდინარე ოპერაციული სისტემა ინსტალირებულია დისკზე #0, რომელიც მოიცავს რამდენიმე განაყოფს, და რომელიმე განაყოფზე ინსტალირებულია სხვა ოპერაციული სისტემა (Windows, Mac OS X, Linux, ა.შ.), დაწკაპეთ "დიახ". + არა-Windows-ის საწყისი ჩამტვირთი + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + მრავალ-ჩამტვირთი + VeraCrypt-ს არ აქვს მრავალ-ჩამტვირთი კონფუგურაციის მხარდაჭერა, როდესაც MBR-ზე ინსტალირებულია არა-Windows-ის ჩამტვირთი მოდული.\n\nშესაძლო გამოსავალი:\n\n- თუ იყენებთ ჩატვირთვის მენეჯერს Windows-ის და Linux-ის ჩასატვირთად, ჩატვირთვის მენეჯერი (GRUB) გადაიტანეთ MBR-დან განაყოფში. შემდეგ გაუშვით ეს ოსტატი ხელახლა და დაშიფრეტ სისტემური განაყოფი/დისკი. VeraCrypt-ის ჩამტვირთი მოდული გახდება მთავარი ჩამტვირთი მოდული და იგი მოგცემთ საშუალებას გაუშვათ ორიგინალი ჩამტვირთი (GRUB) როგორც მეორადი ჩატვირთვის მენეჯერი (Esc დაჭერით VeraCrypt-ის ჩამტვირთის ეკრანზე) და ამდენად ჩატვირთოთ Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + ფარული სექტორების აღმოჩენა + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + დასაშიფრი არეალი + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + შემთხვევითი მონაცემების შეგროვება + გასაღები გენერირებულია + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + აღდგენი დისკის ჩაწერა + აღმდგენი დისკი შეიქმნა. + სისტემის შიფრაციისწინა ტესტი + აღმდგენი დისკი შემოწმებულია + \nVeraCrypt-ის აღმდგენი დისკი წარმატებით შემოწმდა. გამოიღეთ იგი და შეინახეთ დაცულ ადგილზე.\n\nდაწკაპეთ "შემდეგი" გასაგრძელებლად. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + გაფრთხილება: ჩატვირთვისწინა გარემოს ტექნიკური შეზღუდულობის გამო, VeraCrypt-ის მიერ გამოტანილი ტექსტი ვერ იქნება ლოკალიზებული. VeraCrypt ჩამტვირთი მოდულის ინტერფეისი მთლიანად ინგლისურ ენაზეა.\n\nგავაგრძელოთ? + სისტემური განაყოფის ან დისკის შიფრაციის წინ, VeraCrypt შეამოწმებს მუშაობის გამართულობას.\n\n"ტესტი"-ს დაწკაპუნების შემდეგ, ყველა საჭირო კომპონენტი (მაგ. VeraCrypt ჩამტვირთი მოდული) დაინსტალირდება და კომპიუტერი დარესტარტდება. VeraCrypt ჩატვირთვის მოდულის ეკრანზე შეიტანეთ სწორეი პაროლი. Windows-ის ჩატვირთვის შემდეგ ავტომატურად იქნება გამოტანილი ინფორმაცია საწყისი ტესტირების შესახებ.\n\nმოდიფიცირებული იქნება შემდეგი მოწყობილობა: დისკი #%d\n\n\nთუ დაწკაპებთ ღილაკს "უარი", მაშინ ინსტალაცია არ მოხდება და საწყისი ტესტი არ გაეშვება. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + ტესტი დასრულებულია + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + გსურთ სისტემის შიფრაციისწინა ტესტირების შეწყვეტა? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + სისტემური განაყოფი/დისკი არ არის დაშიფრული (ნაწილობრივ ან მთლიანად). + სისტემური განაყოფი/დისკი დაშიფრულია (ნაწილობრივ ან მთლიანად).\n\nგაგრძელებამდე გთხოვთ, დეშიფრაცია გაუკეთოთ მთლიანად სისტემურ განაყოფს/დისკს. ამისათვის, აირჩიეთ პროგრამის მენიუში "სისტემა" > "სისტემური განაყოფის/დისკის სამუდამო დეშიფრაცია". + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + ამჟამად მიმდინარეობს სისტემური განაყოფის/დისკის შიფრაცია, დეშიფრაცია ან სხვა სახის მოდიფიცირება. ვიდრე გააგრძელებთ, გთხოვთ შეწყვიტოთ ეს პროცესი (ან მოიცადოთ მის დასრულებამდე). + VeraCrypt ტომის შექმნის ოსტატი უკვე გაშვებულია და ახდენს სისტემური განაყოფის/მოწყობილობის შიფრაცია/დეშიფრაციას. გაგრძელებამდე, გთხოვთ მოიცადოთ მის დასრულებამდე ან დახურეთ იგი. თუ იგი არ იხურება, ვიდრე გააგრძელებთ, გთხოვთ დაარესტარტოთ კომპიუტერი. + სისტემური მოწყობილობის/განაყოფის შიფრაციის ან დეშიფრაციის პროცესი არ დასრულებულა. გთხოვთ მოიცადოთ მის დასრულებამდე. + შეცდომა: განაყოფის/დისკის შიფრაცია არ დასრულებულა. ჯერ ეს პროცესი უნდა დასრულდეს. + Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + შეცდომა: არასწორი პარამეტრი. + თქვენ აირჩიეთ განაყოფი ან მოწყობილობა, მაგრამ ოსტატის არჩეული რეჟიმი გამოდგება მხოლოდ ფაილ-კონტეინერებისათვის.\n\nგსურთ შეცვალოთ ოსტატის რეჟიმი? + გსურთ ამის ნაცვლად შექმნათ VeraCrypt-ის ფაილ-კონტეინერი? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + ნამდვილად გსურთ სისტემური განაყოფის/დისკის სამუდამო დეშიფრაცია? + გაფრთხილება: თუ სამუდამოდ გაშიფრავთ სისტემურ განაყოფს/დისკს, მასზე ჩაიწერება დაუშიფრავი მონაცემები.\n\nნამდვილად გსურთ სისტემური განაყოფის/დისკის სამუდამო დეშიფრაცია? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + თუ რომელიმე ზემოთ აღწერილი პრობლემა შეგხვდათ, განაყოფს/დისკს გაუკეთეთ დეშიფრაცია და შემდეგ დაშიფრეტ არაკასკადური შიფრების გამოყენებით (მაგ. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + VeraCrypt ჩამტვირთი მოდული განახლდა.\n\nრეკომენდებულია შექმნათ VeraCrypt-ის ახალი აღმდგენი დისკი (რომელშიც ჩამტვირთი მოდულის ახალი ვერსია იქნება), აირჩიეთ მენიუში "სისტემა">"აღმდგენი დისკის შექმნა" კომპიუტერის რესტარტის შემდეგ. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + VeraCrypt-ის ჩამტვირთი მოდულის განახლება ჩაიშალა. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + გაფრთხილება: როგორც ჩანს, VeraCrypt-მა უკვე სცადა სისტემურ დისკზე ფარული სექტორების მოძიება. თუ ამ პროცესის დროს პრობლემები შეგექმნათ, მაშინ შეგიძლიათ გამოტოვოთ ძიების პროცესი. VeraCrypt გამოიყენებს ოპერაციული სისტემის მიერ მითითებულ დისკის ზომას (რაც რეალურ ზომაზე ნაკლები შეიძლება იყოს).\n\nეს VeraCrypt-ის რაიმე შეცდომით არ არის გამოწვეული. + გამოტოვეთ ფარული სექტორების ძიება (გამოიყენეთ ოპერაციული სისტემის მიერ მითითებული ზომა) + ფარული სექტორების ძიების განმეორება + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + აღმდგენი დისკი + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + ტესტი + გასაღების ფაილი + Backspace + Tab + გასუფთავება + Enter + Pause + Caps Lock + ჰარი + Page Up + Page Down + End + Home + ისარი მარცხნივ + ისარი მაღლა + ისარი მარჯვნივ + ისარი დაბლა + არჩევა + ბეჭდვის ღილაკი + შესრულების ღილაკი + Print Screen + Insert + Delete + პროგრამების ღილაკი + Sleep + Num Lock + Scroll Lock + ბრაუზერი - უკან + ბრაუზერი - წინ + ბრაუზერი - განახლება + ბრაუზერი - შეჩერება + ბრაუზერი - ძებნა + ბრაუზერი - რჩეული + ბრაუზერი - საწყისი გვერდი + ხმა + ხმის დაკლება + ბრაუზერი - ხმის მომატება + შემდეგი ტრეკი + წინა ტრეკი + სტოპი + გაშვება/პაუზა + ფოსტის კლავიშა + მატარებლის არჩევის ღილაკი + პროგრამა 1 + პროგრამა 2 + Attn + CrSel + ExSel + გაშვება + ზომა + NumPad + Shift + Control + Alt + Win + + კბ + მბ + გბ + ტბ + პბ + ბ/წმ + კბ/წმ + მბ/წმ + გბ/წმ + ტბ/წმ + პბ/წმ + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.ko.xml b/Translations/Language.ko.xml index 1c72d208..0a75f895 100644 --- a/Translations/Language.ko.xml +++ b/Translations/Language.ko.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - 취소 - 모든 사용자를 위해 설치(&F) - 탐색(&W)... - 바탕화면에 VeraCrypt 아이콘 추가 - 기부하기... - VeraCrypt와 “.hc” 파일 확장자를 연결 - 완료시 타겟 위치 열기(&O) - 시작 메뉴에 VeraCrypt 추가 - 시스템 복구 시점 만들기 - 제거(&U) - 추출(&E) - 설치(&I) - VeraCrypt 설치 마법사 - VeraCrypt 제거 - 도움말(&H) - 추출된 파일을 둘 위치를 선택하거나 입력해 주세요: - VeraCrypt 프로그램 파일을 설치할 위치를 선택하거나 입력해 주세요. 지정한 폴더가 존재하지 않는 경우, 자동으로 폴더가 생성됩니다. - 현재 시스템에서 VeraCrypt를 제거하려면 “제거”를 클릭하세요. - 중지 - &벤치마크 테스트 - 테스트(&T) - 암호화된 볼륨을 만든 후 포맷 - 파티션 자체 암호화 - 생성된 키 표시 - 풀(Pool) 내용 표시 - CD/DVD 리코딩 소프트웨어 다운로드 - 암호화된 파일 보관소 만들기 - GB(&G) - TB(&T) - 추가 정보 - 숨긴 VeraCrypt 볼륨(&D) - 숨긴 볼륨에 대한 추가 정보 - 직접 방식 - 표준 방식 - KB(&K) - 키파일 사용(&S) - 빈 비밀번호를 먼저 사용 - 키파일 랜덤 사이즈 (64 <-> 1048576 바이트) - 키파일(&k)... - 해시 알고리듬에 대한 정보 - 추가 정보 - PIM에 대한 정보 - MB(&M) - 추가 정보 - 시스템 암호화에 대한 추가 정보 - 추가 정보 - 멀티-부트 - 비-시스템 파티션/드라이브 암호화 - 히스토리 저장 안함 - 외부 볼륨 열기 - 정지(&P) - P&IM 사용하기 - PIM 사용하기 - 빠른 포맷 - 비밀번호 표시(&D) - 비밀번호 표시(&D) - &PIM 표시 - 싱글-부트 - 표준 VeraCrypt 볼륨 - 숨김(&D) - 표준 - 시스템 파티션 또는 전체 시스템 드라이브의 암호화 - 윈도우 시스템 파티션 암호화 - 전체 드라이브 암호화 - VeraCrypt 볼륨 만들기 마법사 - 클러스터 - 중요: 이 창 안에서 마우스를 가능한 한 무작위로 움직이세요. 마우스를 더 오래 움직일수록 더욱 좋습니다. 이 작업은 암호키의 암호력을 상당히 증대시킵니다. 계속하려면 "다음"을 클릭하세요. - 확인(&C): - 완료 - 드라이브 문자: - 암호 알고리듬 - 파일시스템 - 파일 안에 가상의 암호화된 디스크를 만듭니다. 경험 없는 사용자에게 권장합니다. - 옵션 - 해시 알고리듬 - 헤더 키: - 남음 - 마스터 키: - 컴퓨터에 두 개 또는 그 이상의 운영체제가 설치되어 있는 경우에 이 옵션을 선택합니다.\n\n예:\n- Windows XP 및 Windows XP\n- Windows XP 및 Windows Vista\n- Windows 및 Mac OS X\n- Windows 및 Linux\n- Windows, Linux 및 Mac OS X - 내부 또는 외부 드라이브(예: 플래시 드라이브)에 시스템이 아닌 파티션을 암호화합니다. 숨긴 볼륨을 선택적으로 만들 수 있습니다. - 현재의 풀(Pool) 내용 (부분) - 패스 - 비밀번호: - 볼륨 PIM: - 볼륨 PIM: - 진행: - 무작위 풀: - 현재 컴퓨터에 설치된 운영체제가 한 개인 경우 (비록 사용자가 여럿 있는 경우라 하더라도) 이 옵션을 선택합니다. - 속도 - 상태 - 키, 소금(→ 패스워드 보호에서 패스워드 해시를 변환하는 데 사용되는 무작위 문자열) 및 기타 데이터를 성공적으로 생성했습니다. 새로운 키를 생성하려면 “뒤로”를 클릭한 후 “다음”을 누르세요. 계속하려면 “다음”을 클릭하세요. - 윈도우가 설치되어 있는 파티션/드라이브를 암호화합니다. 시스템에 접근해서 사용하고, 파일을 읽고 쓰는 등의 작업을 하려는 사람은 윈도우가 부팅할 때마다 올바른 비밀번호를 입력해야 합니다. 숨긴 시스템을 선택적으로 만들 수 있습니다. - 현재 실행 중인 윈도우 운영체제가 설치된 파티션을 암호화하려면 이 옵션을 선택합니다. - 윈도우 볼륨 표찰: - 지움 방식: - 닫기 - Esc 키를 눌러 부팅-전 인증을 건너뛸 수 있습니다(* 부트 관리자 사용)(&A) - 아무 것도 안함 - VeraCrypt 볼륨 자동삽입(&A) (아래에서 지정) - VeraCrypt 시작(&S) - 라이브러리 자동-탐지(&D) - 부팅-전-인증 암호를 드라이버 메모리에 캐시(* 시스템 아닌 볼륨의 삽입 목적)(&C) - 탐색... - 탐색... - 메모리에 비밀번호 및 키파일 보관 - 삽입된 볼륨이 없을 때 종료 - 볼륨이 성공적으로 삽입된 후 토큰 세션 닫기(* 로그 아웃)(&C) - VeraCrypt 볼륨확장기를 포함 - VeraCrypt 볼륨 만들기 마법사 포함 - 만들기 - 볼륨 만들기(&C) - 부팅-전 인증 화면에 어떠한 텍스트도 표시 안함(* 하단의 사용자 메시지는 제외)(&S) - "Evil Maid" 탐지를 사용 안함 - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - 키파일 사용 - 키파일 사용 - 종료(&X) - 즐겨찾기 도움 - 선택된 볼륨을 마운트하지 않기 ('즐겨찾기' 핫키를 눌럿을 경우) - 선택된 볼륨을 호스트 장치가 연결될때 마운트하기 - 선택된 볼륨을 로그인때 마운트하기 - 선택된 볼륨을 읽기 전용으로 마운트하기 - 선택된 볼륨을 이동식 매체로 마운트하기 - 아래로 & 이동 - 위로 & 이동 - 탐색기 창을 선택한 볼륨들이 성공적으로 마운트될때 열기 - &제거 - '즐겨찾기'의 표시를 탐색기 드라이브의 표시로 사용하기 - 전역 설정 - 풍선 툴탑을 성공적인 핫키 마운트 해재때 표시하기 - 시스템 소리를 성공적인 핫키 마운트 해재때 재생하기 - ALT - Ctrl - SHIFT - Win - 할당 - 제거 - 키파일... - 암호화/복호화에 다음의 프로세서의 재한수 (예: 2 = 2개의 프로세서만 사용가능): - 자세한 내용 - 자세한 내용 - 다른 설정... - 장치 자동삽입(&A) - 삽입 옵션(&O)... - 볼륨을 읽기-전용으로 삽입(&O) - 키파일... - (빈값 아니면 0은 기본 반복갚을 사용함) - (빈값 아니면 0은 기본 반복갚을 사용함) - 사용 - 드라이버 메모리에 비밀번호 보관 - 어떤 데이터가 읽기/쓰기된 후 볼륨 자동 꺼내기 - 사용자 로그오프할 때 - 사용자 세션이 잠겨있을 때 - 절전 모드로 들어갈 때 - 화면보호기가 실행될 때 - 볼륨에 열린 파일 또는 디렉토리가 있어도 강제로 꺼내기 - 장치-기반의 모든 VeraCrypt 볼륨 삽입 - VeraCrypt 백그라운드 작업 시작 - 볼륨을 읽기-전용으로 삽입 - 볼륨을 이동식 디스크로 삽입 - 성공적으로 삽입된 볼륨을 위한 탐색기 창 열기 - '즐겨찾기' 볼륨의 작업중에 암호를 임시 캐시(cache) 하기 - 볼륨이 장착될때 다른 작업 아이콘을 사용함 - “자동 꺼냄”시 보관된 비밀번호 삭제 - “종료”시 보관된 비밀번호 삭제 - 파일 보관소의 수정 타임스탬프 보존 - 초기화 - 장치 선택(&E)... - 파일 선택(&F)... - 라이브러리 선택(&L)... - 비밀번호 표시 - 비밀번호 표시 - 삽입된 볼륨을 위한 탐색기 창 열기 - 드라이버 메모리에 비밀번호 보관(&C) - TrueCrypt 모드 - 모두 꺼내기(&S) - 볼륨 속성(&V)... - 볼륨 도구(&T)... - 캐시 지우기(&W) - VeraCrypt - 마운트 변수 - VeraCrypt - 즐겨찾기 볼륨 - VeraCrypt - 시스템 일반 단축키 - VeraCrypt - 비밀번호 또는 키파일 변경 - VeraCrypt 볼륨 비밀번호 입력 - VeraCrypt - 성능과 드라이버 설정 - VeraCrypt - 옵션 - VeraCrypt - 시스템 암호화 설정 - VeraCrypt - 보안 토큰 설정 - VeraCrypt 휴대용 디스크 설치 - VeraCrypt 볼륨 속성 - 정보... - 볼륨에 키파일 추가/삭제... - 장착됀 볼륨을 즐겨찾기에 추가하기... - 장착됀 볼륨을 시스템 즐겨찾기에 추가하기... - 시스템 충돌을 분석하기... - 볼륨 헤더 백업... - 벤치마크... - 헤더 키 도출 알고리듬 설정... - 볼륨 비밀번호 변경... - 헤더 키 도출 알고리듬 설정... - 비밀번호 변경... - 볼륨 히스토리 지우기 - 모든 보안 토큰 세션 닫기 - 연락처... - 숨긴 운영체제 만들기... - 응급복구 디스크 만들기... - 새 볼륨 만들기... - 볼륨을 복호화 하기... - 기본 키파일... - 디폴트 삽입 변수... - 기부하기... - 시스템 파티션/드라이브 암호화... - 자주 묻는 질문 - 사용 안내서 - 홈페이지(&H) - 단축키... - 키파일 생성기... - 언어... - 법적 공지 - 보안 토큰 키파일 관리... - 장치-기반의 모든 볼륨 자동삽입 - 즐겨찾는 볼륨 삽입 - 부팅-전 인증 없이 삽입(&A)... - 볼륨 삽입 - 볼륨 삽입 (옵션 부가) - 뉴스 - 온라인 도움말 - 초보자 안내서 - 즐겨찾기를 정리하기... - 시스템 즐겨찻기를 정리하기... - 성능/드라이버 옵션 - 시스템 파티션/드라이브 영구적 암호해제... - 설정... - 드라이브 문자 새로 고침 - 볼륨에서 모든 키파일 제거... - 볼륨 헤더 복구... - 중단된 진행을 다시 시작 - 장치 선택... - 파일 선택... - 중단된 진행을 다시 시작 - 시스템 암호화... - 속성... - 설정... - 시스템 즐겨찾기 볼륨... - 다운로드 - 벡터 테스트... - 보안 토큰... - 휴대용 디스크 설치... - 삽입된 모든 볼륨 꺼내기 - 볼륨 꺼내기 - 응급복구 디스크 검증 - 응급복구 디스크 ISO 검증 - 버전 히스토리 - 볼륨확장기 - 볼륨 속성 - 볼륨 만들기 마법사 - VeraCrypt 웹사이트 - 보관된 비밀번호 지우기 - 확인 - Hardware Acceleration - 바로가기 - 자동-실행 설정 (autorun.inf) - 자동 꺼냄 - 모두 꺼낼 시기: - 부트 로더 화면 옵션 - 비밀번호 확인: - 현재 비밀번호 - 부팅-전 인증 화면에 사용자 메시지 표시(* 최대 문자수는 24개): - 기본 삽입 옵션 - 단축키 옵션 - 드라이버 설정 - Enable extended disk control codes support - 택된 볼륨의 레이블: - 파일 설정 - 할당할 키: - 이 컴퓨터의 프로세서는(CPU) AES의 하드웨어 가속(Hardware Acceleration)을 지원합니다: - 윈도우에 로그온할 때 수행할 작업 - - 특정 드라이브 문자로 삽입: - 삽입 설정 - 새 비밀번호 - 비밀번호: - Thread-Based Parallelization - PKCS #11 라이브러리 경로 - PKCS-5 PRF - PKCS-5 PRF: - 비밀번호 보관(→ 캐시) - 보안 옵션 - VeraCrypt 백그라운드 작업 - 삽입할 VeraCrypt 볼륨 (휴대용 디스크 루트에 상대적임): - 휴대용 디스크 삽입시: - 휴대용 디스크 파일을 만들 위치 (휴대용 디스크 루트 디렉토리): - 볼륨 - - 경로 추가(&P)... - 모두 자동-테스트 - 계속(&C) - 암호해제(&D) - 삭제(&D) - 암호화(&E) - 내보내기(&E)... - 키파일 생성 및 저장… - 무작위 키파일 생성... - 언어팩 다운로드 - Hardware-accelerated AES: - 토큰에 키파일 가져오기(&I)... - 파일 추가(&F)... - 키파일 사용(&S) - 키파일(&K)... - 제거(&R) - 모두 제거(&A) - 숨긴 볼륨 보호란 무엇인가? - 키파일에 대한 추가 정보 - 볼륨을 이동식 미디어로 삽입(&M) - 부팅-전 인증 없는 시스템 암호화를 사용해서 파티션 삽입(&U) - Parallelization: - 벤치마크 - 인쇄(&P) - 숨긴 볼륨 보호 (외부 볼륨에 쓰는 것에 의해 손상되는 것을 방지)(&P) - 초기화(&R) - 비밀번호 표시(&D) - 토큰 파일 추가(&T)... - 볼륨에 내장된 백업 헤더 사용 (가능한 경우)(&V) - XTS 모드 - VeraCrypt 정보 - VeraCrypt - 암호 알고리듬 벤치마크 - VeraCrypt - 벡터 테스트 - 명령줄 도움말 - VeraCrypt - 키파일 - VeraCrypt - 키파일 생성기 - VeraCrypt - 언어 - VeraCrypt - 삽입 옵션 - 새 보안 토큰 키파일 속성 - VeraCrypt - 무작위 풀 향상 - 파티션 또는 장치 선택 - VeraCrypt - 보안 토큰 키파일 - 보안 토큰 비밀번호/PIN이 요구됨 - 현재의 언어팩 - CPU 및 저장장치 특성에 따라 속도가 달라집니다.\n\n이 테스트는 RAM에서 실행됩니다. - 버퍼 크기: - 암호: - 숨긴 볼륨에 대한 비밀번호:\n(비어 있는 경우, 캐시 사용) - 숨긴 볼륨 보호 - 키(key) 크기: - 중요: 이 창 안에서 마우스를 가능한 한 무작위로 움직이세요. 마우스를 더 오래 움직일수록 더욱 좋습니다. 이 작업은 키파일의 암호력을 상당히 증대시킵니다. - 주의: 키파일을 분실하거나 키파일의 첫번째 1024KB가 변경되면, 키파일을 이용해서 볼륨을 삽입할 수 없게 됩니다! - 비트 - 키파일 수: - 키파일 사이즈 (Byte): - 키파일 배이스 이름: - 번역자: - 단순텍스트 크기: - 비트 - 현재의 풀(Pool) 내용 - PRF 혼합: - 중요: 이 창 안에서 마우스를 가능한 한 무작위로 움직이세요. 마우스를 더 오래 움직일수록 더욱 좋습니다. 이 작업은 보안력을 상당히 증가시킵니다. 작업이 완료되면 “계속”을 클릭합니다. - 보조 키(16진법) - 보안 토큰: - 정렬 방법: - 진행이 되는동한 기다려주세요. - 진행이 되는동한 기다려주세요 - VeraCrypt가 잠시 멈칠수도 있습니다. - 블록 수: - 암호문(16진법) - 데이터 단위 수 (64-비트 16진법, 데이터 단위 크기는 512 바이트) - 키(16진법) - 단순텍스트(16진법) - 키파일 이름: - XTS 모드 - 시스템(&Y) - 볼륨(&V) - 즐겨찾기 - 도구(&O) - 설정(&G) - 도움말(&H) - 홈페이지(&P) - - 정보(&A)... - 이전 볼륨의 읽기전용 속성을 변경할 수 없습니다. 파일 접근 권한을 확인해 주세요. - 오류: 접근이 허용되지 않습니다.\n\n접근하려고 하는 파티션의 0 섹터이거나 부팅 장치입니다. - 관리자 - VeraCrypt 드라이버를 로드하려면, 관리자 권한의 계정으로 로그온해야 합니다. - 파티션/장치를 암호화/암호해제/포맷하려면 관리자 권한의 계정으로 로그온해야 합니다.\n\n이는 파일에 의한 볼륨에는 해당되지 않습니다. - 숨긴 볼륨을 만들려면 관리자 권한의 계정으로 로그온해야 합니다.\n\n계속하시겠습니까? - NTFS로 볼륨을 포맷하려면 관리자 권한의 계정으로 로그온해야 합니다.\n\n관리자 권한이 없는 경우에는 볼륨을 FAT으로 포맷할 수 있습니다. - FIPS에 의해 승인된 암호(Rijndael, 1998년 발표)는 미국부무 및 각 부서에서 1급 기밀로 분류된 정보를 보호하는데 이용되고 있습니다. 256-비트 키, 128-비트 블록, 14 라운드 (AES-256). 작업 모드는 XTS입니다. - 볼륨이 이미 삽입되어 있습니다. - 주의: 적어도 한 개의 암호 또는 해시 알고리듬이 내장된 자동 셀프-테스트를 하는데 실패했습니다!\n\nVeraCrypt 설치가 손상되었습니다. - 주의: 요청된 양의 무작위 데이터를 제공하는 “무작위 숫자 생성기” 풀에서의 데이터가 불충분합니다.\n\n더 이상 진행할 수 없습니다. 도움말 메뉴에서 “버그 보고”를 선택해서 이 오류를 보고해 주세요. - 드라이브 손상(→ 드라이브에 물리적 결함이 있음), 케이블 손상 또는 메모리에 이상이 있습니다.\n\n이것은 VeraCrypt의 문제가 아니라 사용자의 하드웨어 문제입니다. 그러므로 VeraCrypt에서의 이러한 버그/문제점을 보고하지 않길 바랍니다. 또한 VeraCrypt 포럼에 도움을 요청하지도 않기를 바랍니다. 도움을 받으려면 컴퓨터 판매업체의 기술지원팀에 문의해 주세요. 감사합니다.\n\n참고: 만약 오류가 반복적으로 동일 장소에서 발생하는 경우라면 불량 디스크 블록이 원인일 수 있습니다. 이러한 경우는 제3의 소프트웨어를 사용해서 수리할 수 있습니다. (참고: 때론 “chkdsk /r” 명령으로 수리할 수 없는 경우가 많은데 이는 파일시스템 단계에서만 작동하기 때문입니다. 또한 어떤 때는 “chkdsk” 도구가 오류를 탐지하지 못하는 수도 있습니다.) - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - 전체 시스템 드라이브의 암호화를 방해하는 버그를 포함하고 있는 사용자 칩셋 드라이버를 사용하는 것으로 보입니다.\n\n계속하기 전에 (Microsoft가 아닌) 사용자 칩센 드라이버를 업데이트하거나 제거해 주시기 바랍니다. 이렇게 해도 도움이 되지 않은 경우, 시스템 파티션만을 암호화해 보시기 바랍니다. - 올바르지 못한 드라이브 문자. - 올바르지 않은 경로. - 취소 - 장치에 접근할 수 없습니다. 선택한 장치가 존재하는지 여부 및 시스템에 의해 사용 중인가를 확인하세요. - 주의: Caps Lock이 켜져 있습니다. 이 경우 비밀번호를 올바르게 입력할 수 없을지도 모릅니다. - 볼륨 형식 - 가끔 다른 사람에게 암호화된 볼륨에 대한 비밀번호를 공개해야 할 경우가 있을 수 있습니다. (예컨대 적대적인 폭력행사 앞에서) 비밀번호 표시를 거부할 수 없는 여러 상황들이 있을 수 있습니다. 이른바 “숨긴 볼륨”을 사용하여 볼륨에 대한 비밀번호의 노출없이 그런 상황을 별탈 없이 해결할 수 있습니다. - 표준 VeraCrypt 볼륨을 생성하려면 이 옵션을 선택합니다. - 운영체제를 “숨긴 파티션-기반의 볼륨”에 설치할 경우, 한 개의 키를 사용해서 전체 시스템 드라이브를 암호화할 수 없다는 점을 참고하세요. - 외부 볼륨 암호 옵션 - 숨긴 볼륨 암호 옵션 - 암호 옵션 - 주의: (파일 선택기에 의해 기억된) 선택한 볼륨/키파일의 최근 경로를 삭제하는 데 실패했습니다! - 오류: 보관소가 파일 시스템 레벨로 압축되어 있습니다. VeraCrypt는 압축된 보관소를 지원하지 않습니다(→ 암호화된 데이터 압축은 비효율적이고 중복되기만 합니다).\n\n다음 단계에 따라 보관소의 압축을 해제합니다: 1) (VeraCrypt가 아닌) 윈도우 탐색기에서 보관소를 오른쪽 클릭합니다. 2) “속성”을 선택합니다. 3) “속성” 대화창에서 “고급”을 클릭합니다. 4) “고급 속성” 대화창에서, “드라이브를 압축하여 디스크 공간 절약” 옵션을 체크해제하고 “확인”을 클릭합니다. 5) “속성” 대화창에서 “확인”을 클릭합니다. - %s 볼륨을 만드는데 실패했습니다. - 드라이브 %s의 크기 ▷ %.2f bytes - 드라이브 %s의 크기 ▷ %.2f KB - 드라이브 %s의 크기 ▷ %.2f MB - 드라이브 %s의 크기 ▷ %.2f GB - 드라이브 %s의 크기 ▷ %.2f TB - 드라이브 %s의 크기 ▷ %.2f PB - 주의: 장치/파티션이 운영체제나 프로그램에 의해 사용 중입니다. 장치/파티션을 포맷하면 데이터 손실 또는 시스템 불안정 등을 초래할 수 있습니다.\n\n계속하시겠습니까? - 주의: 파티션이 운영체제나 프로그램에 의해 사용 중입니다. 파티션을 사용 중인 프로그램(* 안티바이러스 소프트웨어 포함)을 종료해야 합니다.\n\n계속하시겠습니까? - 오류: 장치/파티션에 꺼낼 수 없는 파일 시스템이 있습니다. 파일 시스템이 운영체제에 의해 사용 중일 수도 있습니다. 장치/파티션을 포맷하면 데이터 손실 또는 시스템 불안정의 결과를 초래할 수도 있습니다.\n\n이 문제점의 해결책으로 먼저 파티션을 삭제하고, 포맷하지 않은 상태에서 파티션을 다시 만들 것을 권장합니다. 다음 단계를 따라야 합니다. 1) “시작 메뉴”에서 “내 컴퓨터”를 오른쪽 클릭한 다음 “관리”를 선택합니다. “컴퓨터 관리”창이 뜰 것입니다. 2) “컴퓨터 관리” 창에서 “저장소” ▶ “디스크 관리”를 선택합니다. 3) 암호화할 파티션을 오른쪽 클릭한 다음 “파티션 삭제”, “볼륨 삭제” 또는 “논리 드라이브 삭제” 중 하나를 선택합니다. 4) “예”를 클릭합니다. 윈도우가 컴퓨터를 재시작할 것인지 물으면 그렇게 해야 합니다. 그런 다음 1단계와 2단계를 반복한 후 5단계부터 계속합니다. 5) 빈 공간 영역(“할당 안됨”으로 표시됨)을 오른쪽 클릭한 다음 “새 파티션”, “새 단순 볼륨” 또는 “새 논리 드라이브”를 선택합니다. 6) “새 파티션 마법사” 또는 “새 단순 볼륨 마법사” 창이 뜨면 거기의 지침을 따릅니다. “파티션 포맷”이란 제목이 붙은 마법사에서, “현재 파티션 포맷 안함” 또는 “현재 볼륨 포맷 안함” 중 하나를 선택합니다. 동일한 마법사에서 “다음”을 클릭하고 “마침”을 클릭합니다. 7) VeraCrypt에서 선택했던 장치 경로가 지금은 틀릴 수도 있습니다. 이제 VeraCrypt 볼륨 만들기 마법사가 실행 중이라면 종료하고 다시 시작합니다. 8) VeraCrypt에서 장치/파티션 암호화를 다시 시도합니다.\n\n장치/파티션 암호화에 계속 실패할 경우, 암호화 대신에 “파일 보관소”를 만들 것을 고려해 봐야 합니다. - 오류: 파일시스템을 잠그거나 꺼낼 수 없습니다. 운영체제나 프로그램(예: 안티바이러스 소프트웨어)에 의해 사용 중입니다. 파티션 암호화는 데이터 손실 및 시스템 불안정을 초래할 수 있습니다.\n\n파일시스템을 사용할 수도 있는 프로그램(* 안티바이러스 소프트웨어 포함)을 닫은 후 다시 시도해 주십시오. 이렇게 해도 도움이 되지 않은 경우, 아래 단계를 따라주시기 바랍니다. - 주의: 삽입된 일부 장치/파티션이 현재 사용 중입니다!\n\n이를 무시하면 시스템 불안정을 포함한 바람직하지 않은 결과를 초래할 수 있습니다.\n\n장치/파티션을 사용 중인 프로그램을 닫을 것을 권장합니다. - 선택한 장치에 파티션이 포함되어 있습니다.\n\n장치를 포맷하면 시스템 불안정 또는 데이터 손상을 초래할 수 있습니다. VeraCrypt로 안전하게 포맷하려면 장치에서 파티션을 선택하거나 장치의 모든 파티션을 제거해야 합니다. - 선택한 비-시스템 장치는 파티션을 포함하고 있습니다.\n\n암호화된 장치-기반의 VeraCrypt 볼륨은 파티션을 포함하고 있지 않은 장치(* 하드 디스크 및 SSD 포함) 내에도 만들어질 수 있습니다. 파티션을 포함하고 있는 장치 자체를 (단 한 개의 키로써) 완전히 암호화할 수 있습니다. 다만 윈도우가 설치되어 있고 그곳에서 부팅이 가능한 드라이브인 경우에 가능합니다.\n\n한 개의 마스터 키를 사용해서 “선택한 비-시스템 장치”를 암호화하려면, 먼저 장치에 있는 모든 파티션을 제거해서 VeraCrypt가 안전하게 이를 포맷할 수 있도록 해야 합니다(* 파티션을 포함하고 있는 장치의 포맷은 시스템 불안정 또는 데이터 손상을 초래할 수도 있습니다). 대체방법으로 드라이브의 각 파티션을 개별적으로 암호화할 수 있습니다(* 각 파티션은 서로 다른 마스터 키를 이용해서 암호화됩니다).\n\n참고: GPT 디스크에서 모든 파티션을 제거하려는 경우, 숨겨진 파티션을 제거하기 위해 (예컨대 컴퓨터 관리 도구를 이용해서) 이 디스크를 MBR 디스크로 변환할 필요가 있습니다. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - 중요: 드라이브 문자 %c: 을(를) 이용해서 이 볼륨을 삽입하거나 이에 접근할 수 없습니다. 이 문자가 현재 할당되어 있기 때문입니다.\n\n이 볼륨을 삽입하려면, VeraCrypt 메인 창에서 “장치 자동삽입”을 클릭하세요(* 대체방법으로는 VeraCrypt 메인 창에서 “장치 선택”을 클릭한 후 이 파티션/장치를 선택한 다음 “삽입”을 클릭하는 것입니다). 볼륨은 다른 드라이브 문자에 삽입되고, 드라이브 문자는 VeraCrypt 창의 목록에서 선택가능합니다.\n\n원래의 드라이브 문자 %c: 은(는) 파티션/장치에서 암호를 제거할 경우에만 사용되어야 합니다(예: 암호화가 더 이상 필요하지 않은 경우). 이런 경우에 “내 컴퓨터” 목록에서 드라이브 문자 %c:를 오른쪽 클릭한 다음 “포맷”을 선택합니다. 이런 경우를 제외하고는 드라이브 문자 %c:를 사용해서는 안됩니다. 다만 VeraCrypt FAQ에서 설명했던 것처럼 이를 제거한 후 다른 파티션/장치에 할당하는 것은 가능합니다. - 비-시스템 볼륨 자체의 암호화는 사용자가 사용 중인 운영체제 버전에서는 지원되지 않습니다(* Windows Vista 및 그 이후 버전에서만 지원됨).\n\n왜냐하면 이 버전의 윈도우는 파일시스템의 축소를 지원하지 않기 때문입니다(* 파일시스템은 볼륨 헤더 및 백업 헤더를 위한 공간을 만들기 위해 축소되어야 할 필요가 있습니다). - 선택한 파티션은 NTFS 파일시스템을 포함하고 있지 않은 것으로 보입니다. NTFS 파일시스템을 포함한 파티션만이 자체적으로 암호화될 수 있습니다.\n\n참고: 왜냐하면 윈도우는 다른 형식의 파일시스템의 축소를 지원하지 않기 때문입니다(* 파일시스템은 볼륨 헤더 및 백업 헤더를 위한 공간을 만들기 위해 축소되어야 할 필요가 있습니다). - 선택한 파티션은 NTFS 파일시스템을 포함하고 있지 않은 것으로 보입니다. NTFS 파일시스템을 포함한 파티션만이 자체적으로 암호화될 수 있습니다.\n\n이 파티션 내에 암호화된 VeraCrypt 볼륨을 만들고자 하는 경우, (“파티션 자체 암호화” 옵션을 사용하는 대신에) “암호화된 볼륨을 만든 후 포맷” 옵션을 선택합니다. - 오류: 파티션이 너무 작습니다. 이 파티션의 자체 암호화를 할 수 없습니다. - 파티션에 있는 데이터를 암호화하려면 다음 단계를 따릅니다:\n\n1) 빈 파티션/장치에 VeraCrypt 볼륨을 만든 후 이를 삽입합니다.\n\n2) 처음에 암호화하려 했던 파티션에 있는 모든 파일을 (1단계에서 생성되어 삽입된) VeraCrypt 볼륨에 복사합니다. 이런 방식으로 VeraCrypt로 암호화된 데이터의 백업을 만듭니다.\n\n3) 처음에 암호화하려 했던 파티션에 VeraCrypt 볼륨을 만듭니다. 이때 VeraCrypt 마법사에서 (“파티션 자체 암호화” 옵션을 사용하는 대신에) “암호화된 볼륨을 만든 후 포맷” 옵션을 선택했는지 확인해야 합니다. 파티션에 저장되어 있는 모든 데이터가 지워진다는 것을 참고하시기 바랍니다. 볼륨이 생성된 후 이를 삽입합니다.\n\n4) (1단계에서 생성되어 삽입된) 백업용 VeraCrypt 볼륨의 모든 파일을 3단계에서 생성되어 삽입된 VeraCrypt 볼륨으로 복사합니다.\n\n이 단계를 마치게 되면 데이터는 암호화되고 또한 암호화된 데이터 백업도 있게 됩니다. - VeraCrypt는 파티션, 동적(dynamic) 볼륨 또는 전체 시스템 드라이브만을 자체 암호화할 수 있습니다.\n\n선택한 비-시스템 장치 내에 암호화된 VeraCrypt 볼륨을 만들려고 하는 경우, (“파티션 자체 암호화” 옵션을 사용하는 대신에) “암호화된 볼륨을 만든 후 포맷” 옵션을 선택하십시오. - 오류: VeraCrypt는 파티션, 동적(dynamic) 볼륨 또는 전체 시스템 드라이브만을 자체 암호화할 수 있습니다. 지정한 경로가 올바른지 확인해 주십시오. - 오류: 파일시스템의 크기를 줄일 수 없습니다(* 파일시스템은 볼륨 헤더 및 백업 헤더를 위한 공간을 만들기 위해 축소되어야 할 필요가 있습니다).\n\n가능한 원인 및 해결책:\n\n- 볼륨에 충분한 여유 공간이 없음. 다른 프로그램이 파일시스템에 작성을 하고 있는 것은 아닌지 확인해 주시기 바랍니다.\n\n- 손상된 파일 시스템. 시스템을 검사해서 오류를 바로 잡습니다(* “컴퓨터” 목록에 있는 해당 드라이브 문자를 오른쪽-클릭한 후 속성 > 도구 > “지금 검사”를 선택한 해서 “파일 시스템 오류 자동 수정” 옵션을 체크한 후 “시작”을 클릭합니다).\n\n이렇게 해도 도움이 되지 않는 경우, 아래 단계를 따라주시기 바랍니다. - 오류: 볼륨에 충분한 여유 공간이 없고 파일시스템을 줄일 수 없습니다(* 파일시스템은 볼륨 헤더 및 백업 헤더를 위한 공간을 만들기 위해 축소되어야 할 필요가 있습니다).\n\n중복되는 파일들을 삭제하고 휴지통을 비워서 적어도 256KB의 여유 공간을 만든 후 다시 시도해 주십시오. 윈도우의 문제점으로 인해, 운영체제를 다시 시작하기 전에는 여유 공간의 양을 윈도우 탐색기에서 올바르지 않게 보고할 수 있습니다. 시스템을 다시 시작해도 도움이 되지 않는 경우, 파일 시스템이 손상되었을 수도 있습니다. 시스템을 검사해서 오류를 바로 잡습니다(* “컴퓨터” 목록에 있는 해당 드라이브 문자를 오른쪽-클릭한 후 속성 > 도구 > “지금 검사”를 선택한 해서 “파일 시스템 오류 자동 수정” 옵션을 체크한 후 “시작”을 클릭합니다).\n\n이렇게 해도 도움이 되지 않는 경우, 아래 단계를 따라주시기 바랍니다. - 드라이브 %s의 여유 공간 ▷ %.2f bytes - 드라이브 %s의 여유 공간 ▷ %.2f KB - 드라이브 %s의 여유 공간 ▷ %.2f MB - 드라이브 %s의 여유 공간 ▷ %.2f GB - 드라이브 %s의 여유 공간 ▷ %.2f TB - 드라이브 %s의 여유 공간 ▷ %.2f PB - 이용가능한 드라이브 문자가 없습니다. - 오류: VeraCrypt 드라이버를 찾을 수 없습니다!\n\n프로그램(VeraCrypt.exe)이 위치한 디렉토리에 “veracrypt.sys” 및 “turecrypt-x64.sys” 파일을 복사해 주세요. - 오류: 호환되지 않는 VeraCrypt 드라이버 버전이 실행되고 있습니다.\n\n만약에 VeraCrypt를 휴대용 모드 (예: 설치하지않은 상태), 다른 버전의 VeraCrypt가 이미 설치가 되었으면, 먼저 제거 (아니면 VeraCrypt의 업데이트 옵션으로 업그레이드) 할 필요가 있습니다. 제거 할경우, 다음과 같은 단계를 따르세요: Windows Vista 그리고 후의 버전들은, 시작 메뉴 > 나의 컴퓨터 > '프로그램 밋 제거' > VeraCrypt > 제거; Windows XP는, 시작 메뉴 > 설정 > '제어판' > '프로그램 밋 제거' > VeraCrypt > 제거.\n\n비슷한 방식으로, 휴대용으로 사용한 결과 (그리고 다른 버전이 설치된후) 컴퓨터를 재시작후 새로운 최근버전의 VeraCrypt로 실행하세요. - 오류: 암호를 초기화하는데 실패했습니다. - 오류: 강력하지 않은 키가 탐지되었습니다. 이 키는 무시되었습니다. 다시 시도하세요. - 치명적인 오류가 발생해서 VeraCrypt를 종료해야 합니다. 만약 원인이 VeraCrypt의 버그라면, 이것을 고치고자 합니다. 우리를 돕고자 한다면, 다음 항목들을 포함해서 자동으로 생성된 오류 보고서를 저희에게 보내주시면 고맙겠습니다:\n\n- 프로그램 버전\n- 운영체제 버전\n- CPU 형식\n- VeraCrypt 콤포넌트 이름\n- VeraCrypt 실행파일 체크섬\n- VeraCrypt 대화창 식별기\n- 오류 카테고리\n- 오류 주소\n- VeraCrypt 콜 스택(call stack)\n\n“예”를 선택하면, (전체 오류 보고서를 포함한) 다음 URL이 기본 인터넷 브라우저에서 열립니다.\n\n%hs\n\n오류 보고서를 저희에게 보내시겠습니까? - VeraCrypt를 종료해야만 하는 치명적인 오류가 시스템에 발생했습니다.\n\n이 오류는 VeraCrypt에 의해 발생된 것이 아닙니다(그래서 VeraCrypt의 개발자가 고칠 수는 없습니다). 여러분의 시스템을 체크해 주세요(예: 시스템 설정, 네트워크 연결, 하드웨어 콤포넌트 실패 등). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt 치명적 오류 - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - VeraCrypt가 계속 시스템 충돌을 검출하기를 원하십니까? - VeraCrypt 미니덤프를 찻지 못했습니다. - 디스크의 공간을 확보하기 위해서 시스템 충돌파일을 지우는것을 원하십니까? - 시스템 충돌을 분석하기에 VeraCrypt가 Microsoft Debugging Tools를 Windows에 설치해야합니다.\n\nOK를 클릭하신후 Microsoft에서 Microsoft Debugging Tools (16 MB)를 다운로드를한후 설치를 실행합니다. (Windows installer가 Microsoft 서버에서부터 veracrypt.org 서버로 전송을 해서 Microsoft의 설치프로그램의 장소가 바뀌어도 실행을 할수있습니다). - OK를 클릭하시면 VeraCrypt의 시스템분석이 시작됩니다. 몇분이 될수있으니 기다려주세요. - 시스템 패스(PATH)가 커넬디버거를 (kd.exe, Kernel Debugger) 포함한것을 체크해주세요. - 시스템 충돌을 검사한 결과 VeraCrypt가 아닌 다른원인의 가능성이 있습니다 (예: 하드웨어의 오류, 장치 드라이버, etc.) - 시스템 충돌을 검사한 결과 다음의 드라이버들을 업데이트를 한후 다시 시도하세요: - 버그가 있슴을 확인을 결정하기 위해서 VeraCrypt에 자동으로 생성된 에러보고서를 보고서를 보네겟습니까? 보고서에는 다음과 같은 정보가 포함이 되어있습니다:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\n만약 'YES'를 클릭하시면 다음과같은 URL이 열립니다. - 위에 보이는 에러보고서를 VeraCrypt에게 보내고 싶습니까? - 암호화(&E) - 암호해제(&D) - 영구적 암호해제 - 종료 - 이 확장 파티션에 대한 논리 드라이브를 만든 후 다시 시도하세요. - (하드 디스크, USB 플래시 드라이브 등에 위치할 수 있는) VeraCrypt 보관소로 불리는 파일 안에 VeraCrypt 볼륨을 둘 수 있습니다. VeraCrypt 보관소는 일반의 보통 파일과 같습니다(* 예컨대 보통의 파일처럼 이동 또는 삭제가 가능합니다). 보관소를 위한 파일이름을 선택하고, 보관소가 만들어질 위치를 선택하려면 “파일 선택”을 클릭합니다.\n\n주의: 만약 기존의 파일을 선택하게 되면, VeraCrypt는 이 파일을 암호화하지 않습니다. 또한 이 파일은 삭제되고 “새롭게 생성된 VeraCrypt 보관소”로 교체됩니다. 기존의 파일을, 지금 만들려고 하는 VeraCrypt 보관소로 (나중에) 이동시켜서, 암호화할 수 있습니다. - 생성될 외부 볼륨의 위치를 선택합니다. 나중에 외부 볼륨 안에 “숨긴 볼륨”이 만들어집니다.\n\nVeraCrypt 볼륨은 하드 디스크, USB 플래시 드라이브 등에 위치할 수 있는 파일(→ VeraCrypt 보관소) 안에 둘 수 있습니다. VeraCrypt 보관소는 보통의 파일처럼 이동 또는 삭제가 가능합니다. 보관소를 위한 파일이름을 선택하고, 보관소가 만들어질 위치를 선택하려면 “파일 선택”을 클릭합니다. 만약 기존의 파일을 선택하게 되면, VeraCrypt는 이 파일을 암호화하지 않습니다. 또한 이 파일은 삭제되고 새롭게 생성된 VeraCrypt 보관소로 교체됩니다. 기존의 파일을, 지금 만들려고 하는 VeraCrypt 보관소로 (나중에) 이동시켜서, 암호화할 수 있습니다. - 암호화된 장치-기반의 VeraCrypt 볼륨은 ① 하드 디스크의 파티션, ② SSD(Solid State Drive), ③ USB 메모리 스틱 및 ④ 기타 지원되는 저장 장치 안에 만들어질 수 있습니다. 또한 파티션 자체를 암호화할 수도 있습니다.\n\n게다가 암호화된 장치-기반의 VeraCrypt 볼륨은 파티션을 포함하고 있지 않은 장치(* 하드 디스크 및 SSD 포함) 내에도 만들어질 수 있습니다.\n\n참고: 파티션을 포함하고 있는 장치 자체를 (단 한 개의 키로써) 완전히 암호화할 수 있습니다. 다만 윈도우가 설치되어 있고 그곳에서 부팅이 가능한 드라이브인 경우에 가능합니다. - 장치-기반의 VeraCrypt 볼륨은 ① 하드 디스크 파티션, ② SSD(Solid State Drive), ③ USB 메모리 스틱 및 ④ 기타 저장 장치 안에 만들어질 수 있습니다.\n\n주의: 파티션/장치가 포맷되고 현재 이곳에 저장된 모든 데이터를 잃게 됩니다. - \n생성될 “외부 볼륨”의 위치를 선택합니다. 나중에 외부 볼륨 안에 “숨긴 볼륨”이 만들어집니다.\n\n외부 볼륨은 ① 하드 디스크 파티션, ② SSD(Solid State Drive), ③ USB 메모리 스틱 및 ④ 기타 지원되는 저장 장치 안에 만들어질 수 있습니다. 외부 볼륨은 파티션을 포함하고 있지 않은 장치(* 하드 디스크 및 SSD 포함) 내에도 만들어질 수 있습니다.\n\n주의: 파티션/장치가 포맷되고 현재 이곳에 저장된 모든 데이터를 잃게 됩니다. - \n숨긴 볼륨을 생성할 VeraCrypt 외부 볼륨의 위치를 선택해 주세요. - 주의: 호스트 파일/장치가 이미 사용 중입니다!\n\n이것을 무시하면 시스템 불안정 등의 원하지 않는 결과를 초래할 수 있습니다. 호스트 파일/장치를 사용하는 모든 프로그램(예: 안티바이러스 또는 백업 프로그램)을 “볼륨이 삽입하기 전”에 닫아야 합니다.\n\n그래도 계속 하시겠습니까? - 오류: 볼륨을 삽입할 수 없습니다. 호스트 파일/장치가 이미 사용 중입니다. 접근권한 없는 삽입의 시도는 실패했습니다. - 파일을 열 수 없습니다. - 볼륨 위치 - 큰 파일 - 현재 VeraCrypt 볼륨에 4GB 이상의 파일을 저장하시겠습니까? - 여러분이 위에서 선택한 것에 따라 VeraCrypt는 VeraCrypt 볼륨을 위해 적절한 기본 파일 시스템을 선택하게 됩니다. (다음 단계에서 파일 시스템을 선택할 수 있습니다.) - 외부 볼륨을 만드는 동안 여러분은 “아니오”의 선택 여부를 고민해야 합니다. “예”를 선택하게 되면 기본 파일 시스템은 NTFS가 되는데 이는 외부 볼륨으로선 적당하지 않습니다(→ FAT이 적당). 예컨대 (외부 볼륨이 FAT으로 포맷된 경우) 숨긴 볼륨의 가능한 최대 크기는 훨씬 더 클 수도 있습니다. 대개 FAT은 표준 및 숨긴 볼륨에 기본 형식입니다. (그래서 FAT 볼륨은 별 문제가 없습니다.) 그러나 4GB 이상의 파일(→ FAT 파일 시스템에선 지원 안됨)을 저장하려고 하는 경우에는 FAT은 기본 형식이 아닙니다. - 그래도 “예”를 선택하시겠습니까? - 볼륨 생성 모드 - 이 방법은 파티션-기반 또는 장치-기반의 VeraCrypt 볼륨을 만드는 가장 빠른 방법입니다(* 다른 옵션인 “자체 암호화”는 각 섹터의 내용을 먼저 읽고, 암호화해서 쓰기 때문에 비교적 느립니다). 선택한 파티션/장치에 현재 저장되어 있는 모든 데이터는 잃게 됩니다(* 데이터는 암호화되지 않고 무작위 데이터로 덮어쓰기됩니다). 파티션에 있는 기존 데이터를 암호화하려면, 다른 옵션을 선택합니다. - 선택한 전체 파티션 및 이곳에 저장된 모든 데이터는 자체(in place) 암호화됩니다. 파티션이 비어 있는 경우, 다른 옵션을 선택해야 합니다(* 볼륨이 훨씬 더 빠르게 생성됩니다). - 참고: - 다시 시작(&R) - 연기(&D) - 시작(&S) - 계속(&C) - 포맷(&F) - 지우기(&W) - 포맷 중단? - 추가 정보 표시 - 다시 표시 안함 - 파티션/장치의 내용을 성공적으로 지웠습니다. - 원래의 시스템(* 이 시스템의 숨겨진 시스템은 복제된 것임)이 존재했던 파티션의 내용을 성공적으로 지웠습니다. - (지워진 파티션에) 설치하려는 윈도우 버전이 현재 실행 중인 윈도우 버전과 동일한 것인가를 확인해 주세요. 이 작업은 두 시스템이 부트 파티션을 공통으로 공유하기 때문에 필요합니다. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - 시스템 파티션/드라이브를 성공적으로 암호해제했습니다. - \n\n볼륨이 성공적으로 만들어졌고, 사용할 준비가 되었습니다. 또 다른 VeraCrypt 볼륨을 만들려면 “다음”을 클릭하세요. 마법사를 끝내려면 “종료”를 클릭하세요. - \n\n숨겨진 VeraCrypt 볼륨을 성공적으로 만들었습니다(* 숨겨진 운영체제는 이 숨겨진 볼륨에 존재하게 됩니다).\n\n계속하려면 “다음”을 클릭합니다. - 볼륨이 완전히 암호화됨 - 볼륨이 완전히 암호해제됨 - 중요: 새롭게 만들어진 VeraCrypt 볼륨을 삽입해서 이에 저장된 데이터에 접근하려면, VeraCrypt 메인 창에서 “장치 자동삽입”을 클릭합니다. 올바른 비밀번호 또는 키파일을 입력한 이후 사용자가 VeraCrypt 메인 창에 있는 목록에서 선택한 드라이브 문자에 볼륨이 삽입됩니다(* 선택한 드라이브 문자를 통해 암호화된 데이터에 접근할 수 있게 됩니다).\n\n위에서 언급한 단계를 기억해 두거나 작성해 주십시오. 볼륨을 삽입하거나 그곳에 저장된 데이터에 접근하려 할 때마다 이 단계를 반드시 따라야 합니다. 대체방법은 VeraCrypt 메인 창에서 “장치 선택”을 클릭한 후 해당 파티션/볼륨을 선택해서 “삽입”을 클릭하는 것입니다.\n\n파티션/볼륨이 성공적으로 암호화되었고(* 완전히 암호화된 VeraCrypt 볼륨 포함) 사용할 준비가 되었습니다. - VeraCrypt 볼륨이 성공적으로 암호가 해제되고, 사용할 준비가 되었습니다. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - 볼륨이 성공적으로 만들어졌고, 사용할 준비가 되었습니다. - 볼륨 생성 - 중요: 이 창 안에서 마우스를 가능한 한 무작위로 움직이세요. 마우스를 더 오래 움직일수록 더욱 좋습니다. 이 작업은 암호키의 암호력을 상당히 증대시킵니다. 이제 볼륨을 생성하려면 “포맷”을 클릭하세요. - 외부 볼륨을 만들 준비가 되면 “포맷”을 클릭하세요. 더 자세한 정보를 보려면 문서를 참고하세요. - 외부 볼륨 포맷 - 숨긴 볼륨 포맷 - 볼륨 포맷 - VeraCrypt 사용자 안내서를 보거나 인쇄하려면 Adobe Reader(또는 호환가능한 도구)가 필요합니다. Adobe Reader (프리웨어) 다운로드 주소: www.adobe.com\n\n대신 온라인 문서를 보시겠습니까? - 만약 이 옵션을 선택했다면, 마법사가 ① 표준 VeraCrypt 볼륨을 만들고 ② 그 안에 숨긴 VeraCrypt 볼륨을 만드는 것을 도와줍니다. 경험이 없는 사용자는 항상 이 옵션을 선택해야 합니다. - 만약 이 옵션을 선택했다면, 기존의 VeraCrypt 볼륨 안에 숨긴 볼륨을 만들게 됩니다. “숨긴 볼륨”의 호스트에 적당한 VeraCrypt “외부 볼륨”은 이미 만들었다고 간주됩니다. - 볼륨 생성 모드 - 숨긴 볼륨을 생성했습니다. - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - 숨긴 운영체제를 시작했습니다. 주지했다시피 숨긴 운영체제는 원래의 운영체제와 동일한 파티션에 설치된 것으로 보이게 됩니다. 그러나 실제로는 (숨긴 볼륨 내에 있는) 파티션 안에 설치되어 있습니다. 모든 읽기 및 쓰기 작업은 원래의 시스템 파티션에서 숨긴 볼륨으로 (눈에 띄지 않게) 재전환됩니다.\n\n시스템 파티션에서 읽고 쓰여지는 데이터가 실제로는 숨긴 볼륨에서 읽고 쓰여지고 있다는 사실을 운영체제 뿐만 아니라 프로그램도 전혀 알지 못합니다. 이러한 데이터는 실시간으로 보통 때와 마찬가지로 (미끼용 운영체제에서 사용되는 키와는 다른 키를 사용해서) 암호화되고 암호해제됩니다.\n\n\n계속하려면 “다음”을 클릭해 주십시오. - 외부 볼륨이 만들어졌고, 드라이브 %hc:에 삽입되었습니다:. 실제로는 숨기고 싶지 않지만 겉으로 보기에 상당히 민감하게 보이는 파일들을 이 외부 볼륨에 지금 복사해야 합니다. 이러한 파일들은 노출을 강요하는 자에게 공개되어도 상관이 없는 “시스템 파티션 뒤의 첫번째 파티션에 대한 비밀번호용”입니다. 시스템 파티션에는 ① 외부 볼륨 및 ② 숨긴 볼륨(→ 숨긴 운영체제 포함)이 자리잡고 있습니다. 이러한 외부 볼륨용 비밀번호는 공개될 수 있지만, 숨긴 볼륨 (및 숨긴 운영체제)의 존재는 여전히 비밀로 남습니다.\n\n중요: 외부 볼륨에 복사한 파일이 %s 이상을 차지해선 안됩니다. 그렇지 않으면 외부 볼륨에 “숨긴 볼륨을 위한 충분한 공간”이 확보되지 않기 때문입니다. 이런 경우 계속 진행할 수 없게 됩니다. 복사 작업을 마친 후 “다음”을 클릭합니다(→ 볼륨을 꺼내지 마세요). - 외부 볼륨이 성공적으로 만들어졌고, 드라이브 %hc:에 삽입되었습니다. 실제로는 숨기고 싶지 않지만 겉으로 보기에 상당히 민감한 파일을 이 볼륨에 지금 복사해야 합니다. 강요에 의해 비밀번호를 노출해야만 하는 경우, 거기에 있는 파일들이 표시됩니다. 외부 볼륨에 대한 비밀번호만 노출될 뿐, 숨긴 볼륨은 안전합니다. 나중에 만들어질 “숨긴 볼륨”에 진짜 소중한 파일을 저장하면 됩니다. 복사 작업이 끝나면 “다음”을 클릭하세요. 볼륨을 꺼내지 마세요.\n\n참고: “다음”을 클릭하면, 여유 공간(이 공간의 끝이 볼륨의 끝과 정렬됨)의 간섭받지 않는 영역의 크기를 결정하기 위해, 외부 볼륨의 클러스터 비트맵을 스캔하게 됩니다. 이 영역은 숨긴 볼륨을 위한 것이기 때문에, 숨긴 볼륨의 가능한 최대 크기를 제한하게 됩니다. 클러스터 비트맵 스캔은 “숨긴 볼륨”이 외부 볼륨을 데이터로 덮어쓰지 못하도록 하는 것입니다. - 외부 볼륨 내용 - \n\n다음 단계에서 외부 볼륨에 대한 옵션을 설정하게 됩니다(→ 외부 볼륨 안에 숨긴 볼륨이 나중에 만들어집니다). - \n\n다음 단계에서, (이전 단계에서 설명했듯이) 시스템 파티션 뒤의 첫번째 파티션 안에 이른바 “외부 VeraCrypt 볼륨”을 만들게 됩니다. - 외부 볼륨 - 다음 단계에서 (숨긴 운영체제를 포함하고 있는) 숨긴 볼륨에 대한 옵션 및 비밀번호를 설정하게 됩니다.\n\n참고: 여유 공간(→ 이 공간의 끝이 볼륨의 끝과 정렬됨)의 간섭받지 않는 영역의 크기를 결정하기 위해, 외부 볼륨의 클러스터 비트맵을 스캔하게 됩니다. 이 영역은 숨긴 볼륨을 위한 것이기 때문에 “숨긴 볼륨의 가능한 최대 크기”를 제한하게 됩니다. 숨긴 볼륨의 가능한 최대 크기는 시스템 파티션의 것보다 더 크게 정해지게 됩니다. 이는 시스템 파티션의 전체 내용이 숨긴 볼륨에 복사될 필요가 있기 때문입니다. 이를 통해 숨긴 볼륨 영역에 쓰여진 데이터가 “외부 볼륨에 현재 저장되어 있는 데이터”를 덮어쓰지 못하도록 방지합니다. - 중요: 이 단계에서 선택한 알고리듬을 기억해 두십시오. 미끼용 시스템을 위해 동일한 알고리듬을 선택해야 할 것입니다. 그렇지 않으면 “숨긴 시스템”에 접근하지 못하게 됩니다! (미끼용 시스템은 “숨긴 시스템”과 동일한 암호 알고리듬으로 암호화되어야 합니다.)\n\n참고: 그 이유는 미끼용 시스템과 숨긴 시스템은 한 개의 부트 로더를 공유하게 되는데, 이 부트 로더는 사용자가 선택한 단일 알고리듬만을 지원하기 때문입니다(* 각 알고리듬에 대해 특별한 버전의 VeraCrypt 부트 로더가 있습니다). - \n\n볼륨 클러스트 비트맵이 스캔되었고, 숨긴 볼륨의 가능한 최대 크기가 결정되었습니다. 다음 단계에서 숨긴 볼륨에 대한 옵션, 크기 및 비밀번호를 설정하게 됩니다. - 숨긴 볼륨 - 이제 외부 볼륨을 꺼내기 전에는 숨긴 볼륨이 손상으로부터 보호됩니다.\n\n주의: 만약 어떤 데이터를 숨긴 볼륨 영역에 쓰고자 시도한다면, 볼륨이 꺼내지기 전까지 VeraCrypt는 전체 볼륨(외부/숨긴 볼륨)을 쓰기금지로 보호합니다. 이는 외부 볼륨에 대한 파일시스템 손상으로 이어질 수 있습니다. 또한 이것이 반복되면 “숨긴 볼륨의 효과적인 거부방법”에 악영향을 미치게 됩니다. 그러므로 여러분은 숨긴 볼륨 영역에의 쓰기작업을 피하기 위해 노력을 해야만 합니다. 숨긴 볼륨 영역에 저장되어 있는 데이터는 저장되지도 않고 손실되지도 않습니다. 윈도우는 이를 “쓰기 오류”로 보고하게 됩니다(“지연된 쓰기 실패” 또는 “변수가 올바르지 않습니다”). - 이제 새로 삽입된 볼륨의 내부에 위치한 각 숨긴 볼륨은 꺼내지기 전까지는 손상으로부터 보호됩니다.\n\n주의: 만약 어떤 데이터를 보호된 숨긴 볼륨 영역에 쓰고자 시도한다면, 볼륨이 꺼내지기 전까지 VeraCrypt는 전체 볼륨(외부/숨긴 볼륨)을 쓰기금지로 보호합니다. 이는 외부 볼륨에 대한 파일시스템 손상으로 이어질 수 있습니다. 또한 이것이 반복되면 “숨긴 볼륨의 효과적인 거부방법”에 악영향을 미치게 됩니다. 그러므로 여러분은 숨긴 볼륨 영역에의 쓰기작업을 피하기 위해 노력을 해야만 합니다. 보호된 숨긴 볼륨 영역에 저장되어 있는 데이터는 저장되지도 않고 손실되지도 않습니다. 윈도우는 이를 “쓰기 오류”로 보고하게 됩니다(“지연된 쓰기 실패” 또는 “변수가 올바르지 않습니다”). - 주의: %c:로서 삽입된 볼륨의 숨긴 볼륨 영역에 데이터를 저장되는 작업이 시도되고 있습니다! 숨긴 볼륨을 보호하기 위해 VeraCrypt가 이러한 데이터 저장 작업을 방지했습니다. 이는 외부 볼륨에 대한 파일 시스템 손상을 초래할 수 있고, 윈도우는 이를 “쓰기 오류”로 보고하게 됩니다(“지연된 쓰기 실패” 또는 “변수가 올바르지 않습니다”). 볼륨이 꺼내지기 전까지 VeraCrypt는 전체 볼륨(외부 및 숨긴 볼륨)을 쓰기금지로 보호합니다. 만약 VeraCrypt가 이 볼륨의 숨긴 볼륨 영역에 데이터를 저장하는 작업을 방해한 것이 처음이 아니라면, 숨긴 볼륨의 그럴싸한 거부방법은 악영향을 받았을 수도 있습니다(→ 외부 볼륨 파일 시스템 내에서의 특이하게 관련된 불일치가 원인일 수 있음). 그러므로 새로운 VeraCrypt 볼륨을 (빠른 포맷을 사용하지 않고) 만들고, 이 볼륨의 파일들을 새 볼륨으로 이동시키는 것을 고려해 봐야 합니다. 이 볼륨은 안전하게 (외부 및 숨긴 부분 둘다) 지워져야 합니다. 지금 운영체제를 다시 시작할 것을 적극권장합니다. - 볼륨에 4GB 이상의 파일을 저장할려는 위도를 발견햇습니다. 이상의 파일을 저장을 할려면 지정된 볼륨은 NTFS로 포맷이 필요합니다. 하지만 지금은 불가능 합니다. - 참고: 숨긴 운영체제가 실행 중인 경우, 숨긴 볼륨이 아는 볼륨은 NTFS로 포맷을 할수 없습니다 (* 왜냐하면 외부 볼륨은 일시적으로 쓰기 보호 없이 삽입이 되서 운영체제가 볼륨을 NTFS로 포맷이 가능할수있기 때문입니다 - 하지만 FAT은 운영체제가 아닌 VeraCrypt로 포멧이 가능합니다). 더 기술적인 자세한 내용은 아래를 참조하십시오. - 보안상의 이유로 숨긴 운영체제가 실행 중인 경우, 숨긴 볼륨은 “직접” 모드에서만 만들어질 수 있습니다(* 왜냐하면 외부 볼륨은 항상 읽기-전용으로만 삽입되기 때문입니다). 숨긴 볼륨을 안전하게 만드려면, 다음 지침을 따릅니다:\n\n1) 미끼용 시스템을 부팅합니다.\n\n2) 표준 VeraCrypt 볼륨을 만들고 이 볼륨 안에 민감한 파일처럼 보이지만 실제로는 숨기고 싶지 않은 일부 파일들을 복사합니다. 이 볼륨은 외부 볼륨이 됩니다.\n\n3) 숨긴 시스템을 부팅한 후 “VeraCrypt 볼륨 만들기 마법사”를 시작합니다. 파일-기반의 볼륨인 경우, 이 볼륨을 시스템 파티션 또는 다른 숨겨진 볼륨으로 이동시킵니다. 그렇지 않으면 새롭게 생성된 숨긴 볼륨이 읽기-전용으로 삽입되거나 이를 포맷할 수 없게 됩니다. 마법사의 지침에서 숨긴 볼륨 만들기 “직접 방식”을 선택합니다.\n\n4) 마법사의 2단계에서 여러분이 만든 볼륨을 선택한 다음 이 안에 “숨긴 볼륨”을 만들도록 지침을 따릅니다. - 보안상의 이유로, 숨긴 운영체제가 실행 중일 때, ① 암호화되지 않은 로컬 파일 시스템 및 ② 숨긴 볼륨이 아닌 VeraCrypt 볼륨은 읽기-전용으로 삽입됩니다. 어떠한 데이터도 그러한 파일 시스템 또는 VeraCrypt 볼륨에 쓰여질 수 없습니다.\n\n데이터는 숨긴 VeraCrypt 볼륨 내에 있는 파일 시스템에 쓰여지도록 되어 있습니다(* 숨긴 볼륨이 암호화되지 않은 파일시스템 또는 다른 읽기-전용 파일시스템에 저장되어 있는 보관소에 위치하지 않은 경우에 한함). - 이러한 대응책이 만들어진 주요한 3가지 이유가 있습니다:\n\n- 숨긴 VeraCrypt 볼륨의 삽입에 대한 안전한 플랫폼의 생성을 가능하게 합니다. 우리는 공식적으로 숨긴 운영 시스템이 실행 중일 때만 “숨긴 볼륨을 삽입할 것”을 권장하고 있습니다. (더 자세한 정보는 문서의 “Security Requirements and Precautions Pertaining to Hidden Volumes” 부분을 참고하세요.\n\n- 가끔 ① 특정 파일 시스템이 특정 운영 시스템에서는 삽입되지 않거나 ② 파일 시스템의 특정 파일이 특정 시스템에서 저장되지 않거나 접근할 수 없는 경우를 발견할 수 있습니다. 이는 컴퓨터에 “숨긴 운영체제”가 설치되어 있다는 것을 나타냅니다. 대응책은 이러한 문제점을 방지합니다.\n\n- 이를 통해 데이터 손상을 방지하고 최대 절전 모드로 안전하게 진입할 수 있게 합니다. 최대 절전 모드에서 윈도우가 다시 시작될 때, 윈도우는 (삽입된 모든 파일 시스템들이) 최대 절전 모드에 들어갈 때의 상태와 동일한 상태에 있다고 가정을 합니다. VeraCrypt는 미끼용 및 숨겨진 시스템 내에 접근가능한 파일 시스템의 쓰기를 금지합니다. 이러한 보호책이 없는 경우, 다른 시스템이 최대 절전 모드 상태로 진입하는 동안 또다른 시스템이 삽입(mount)될 때 파일 시스템이 손상될 수 있습니다. - 참고: 미끼용 시스템에서 숨긴 시스템으로 파일을 안전하게 전송할 필요가 있는 경우에는 다음 단계를 따릅니다. 1) 미끼용 시스템을 시작합니다. 2) 암호화되지 않은 볼륨 또는 외부/표준 VeraCrypt 볼륨에 파일을 저장합니다. 3) 숨긴 시스템을 시작합니다. 4) VeraCrypt 볼륨에 파일을 저장한 경우, 이 볼륨을 삽입합니다(→ 읽기-전용으로 자동으로 삽입됩니다). 5) 파일을 ① 숨긴 시스템 파티션 또는 ② 다른 숨긴 볼륨에 복사합니다. - 컴퓨터를 다시 시작해야 합니다.\n\n지금 다시 시작하시겠습니까? - 오류: 시스템 암호 상태를 얻는 동안 오류가 발생했습니다. - 오류: 명령 프롬프트에 지정된 암호가 없습니다. 볼륨을 만들 수 없습니다. - 오류: 명령 프롬프트에 지정된 볼륨이 없습니다. 볼륨을 만들 수 없습니다. - 오류: 명령 프롬프트에 지정된 볼륨 사이즈는 선택된 NTFS 파일 시스템과 호환이 되지 않습니다. - 오류: 명령 프롬프트에 지정된 볼륨 사이즈는 선택된 FAT32 파일 시스템과 호환이 되지 않습니다. - 오류: 대상 드라이브의 파일 시스템은 변경(dynamic)되는 볼륨에 필요한 파일의 제작을 호환이 되지 않습니다. - 오류: 명령 프롬프트로 컨테이너 파일들만 만들어 질수 있습니다. - 오류: 명령 프롬프트에 지정된 볼륨 사이즈는 디스크에서 사용 가능한 크기보다 큽니다. 볼륨을 만들 수 없습니다. - 오류: 명령 프롬프트에 지정된 볼륨 사이즈는 최소갚 보다 적습니다. 볼륨을 만들 수 없습니다. - 오류: 명령 프롬프트에 지정된 볼륨 사이즈는 최고갚 보다 큽니다. 볼륨을 만들 수 없습니다. - 시스템 암호화를 위한 프로그램 구성요소를 초기화하지 못했습니다. - 무작위 숫자 생성기를 초기화하는데 실패했습니다! - 윈도우의 암호화 API가 실패했습니다!\n\n\n(만약 버그보고를 보낼경우 다음과 같은 내용을 포함하십시오:\n%hs, Last Error = 0x%.8X) - 프로그램을 초기화할 수 없습니다. 다이얼로그 클래스 등록에 실패했습니다. - 오류: Rich Edit 시스템 라이브러리를 로드하는데 실패했습니다. - VeraCrypt 볼륨 만들기 마법사 - 이 볼륨에 대한 숨긴 볼륨의 가능한 최대 크기 ▷ %.2f bytes - 이 볼륨에 대한 숨긴 볼륨의 가능한 최대 크기 ▷ %.2f KB - 이 볼륨에 대한 숨긴 볼륨의 가능한 최대 크기 ▷ %.2f MB - 이 볼륨에 대한 숨긴 볼륨의 가능한 최대 크기 ▷ %.2f GB - 이 볼륨에 대한 숨긴 볼륨의 가능한 최대 크기 ▷ %.2f TB - 볼륨이 삽입된 상태에서 “비밀번호/키파일”을 변경할 수 없습니다. 먼저 볼륨을 꺼내야 합니다. - 볼륨이 삽입된 상태에서 “헤더 키 도출 알고리듬”을 변경할 수 없습니다. 먼저 볼륨을 꺼내야 합니다. - 삽입(&M) - 이 볼륨을 삽입하려면 최신 버전의 VeraCrypt가 필요합니다. - 오류: 볼륨 만들기 마법사를 찾을 수 없습니다.\n\n“VeraCrypt.exe”가 실행된 폴더에서 “VeraCrypt Format.exe” 파일을 찾아보시기 바랍니다. 만약 없으면 VeraCrypt를 다시 설치하거나, 디스크에서 “VeraCrypt Format.exe” 파일의 위치를 지정한 실행하세요. - 오류: 볼륨확장기을 찾을수 없습니다.\n\n'VeraCryptExpander.exe'가 'VeraCrypt.exe'을 실행한 폴더에 있는지 확인하시길 바랍니다. 그렇지 않을 경우 VeraCrypt를 다시 설치하거나 'VeraCryptExpander.exe'를 찾아 폴더에 포함하세요. - 다음(&N) > - 마침(&F) - 설치(&I) - 추출(&X) - VeraCrypt 장치 드라이버에 연결할 수 없습니다. 장치 드라이버가 실행 중이 아니라면 VeraCrypt가 작동하지 않습니다.\n\n(윈도우의 문제로 인해) 장치 드라이버를 로드하기 전에 시스템을 로그오프하거나 다시 시작해야 합니다. - 글꼴을 로딩/준비할 때 오류가 발생했습니다. - 드라이브 문자를 찾을 수 없거나 지정한 드라이브 문자가 없습니다. - 오류: 드라이브 문자를 지정할수 없습니다.\n\n볼륨의 드라이브 문자가 지정될때까지 저장된 데이터를 액세스 할수 없습니다.\n\n시도를 다시 하겟습니까? - 드라이브 문자를 사용할 수 없습니다. - 선택한 파일이 없습니다! - 이용가능한 드라이브 문자가 없습니다. - 외부 볼륨을 위해 할당한 드라이브 문자가 없습니다! 볼륨 만들기를 계속할 수 없습니다. - 사용 중인 운영체제를 확인할 수 없거나 지원되지 않는 운영체제를 사용 중입니다. - 선택한 경로가 없습니다! - 숨긴 볼륨에 충분한 여유 공간이 없습니다! 볼륨 만들기를 계속할 수 없습니다. - 오류: 외부 볼륨에 복사한 파일들이 너무 많은 공간을 차지합니다. 그 결과 외부 볼륨 공간에 (숨긴 볼륨을 위한) 충분한 여유 공간이 없습니다.\n\n숨긴 볼륨은 시스템 파티션 만큼 커야 합니다(→ 시스템 파티션은 현재 실행 중인 운영체제가 설치되어 있는 파티션입니다). 왜냐하면 숨긴 운영체제는 (시스템 파티션의 내용을 숨긴 볼륨에 복사함으로써) 만들어질 필요가 있기 때문입니다.\n\n\n숨긴 운영체제의 생성 진행을 계속할 수 없습니다. - 드라이버가 볼륨을 꺼낼 수 없습니다. 볼륨의 일부 파일이 여전히 열려 있을 수도 있습니다. - 볼륨을 잠글 수 없습니다. 볼륨의 일부 파일이 여전히 열려 있습니다. 그래서 볼륨을 꺼낼 수 없습니다. - 볼륨이 시스템 또는 프로그램에 의해 사용 중이기 때문에(* 볼륨에 열려 있는 파일이 있을 수 있음) VeraCrypt가 이 볼륨을 잠글 수 없습니다.\n\n볼륨을 강제로 꺼내시겠습니까? - VeraCrypt 볼륨 선택 - 경로 및 파일이름 지정 - PKCS #11 라이브러리 선택 - 메모리 부족 - 중요: 경험이 없는 사용자는 모든 장치/파티션을 암호화하는 대신에 선택한 장치/파티션에 “VeraCrypt 파일 보관소”를 만들 것을 권장합니다.\n\nVeraCrypt 파일 보관소를 만들게 되면 수많은 파일을 파괴할지도 모르는 위험을 피할 수 있습니다. VeraCrypt 파일 보관소는 (비록 가상의 암호화된 디스크를 포함할지라도) 실제로 보통 파일과 같습니다. 추가 정보를 보려면, VeraCrypt 사용자 안내서에서 Beginner´s Tutorial을 읽어보세요.\n\n정말로 모든 장치/파티션을 암호화하시겠습니까? - 주의: “%s” 파일이 이미 존재합니다! 중요: VeraCrypt는 파일을 암호화하지 않고, 삭제합니다. 파일을 삭제하고, 그 파일을 새로운 VeraCrypt 보관소로 교체하시겠습니까? - 주의: 선택한 %s “%s”%s에 현재 저장되어 있는 모든 파일이 삭제되고 사라지게 됩니다(이 파일들은 암호화되지 않습니다)!\n\n정말로 포맷을 계속 진행하시겠습니까? - 주의: 볼륨이 완전히 암호화되기 전에는 이 볼륨을 삽입하거나 볼륨에 저장된 파일에 접근할 수 없습니다.\n\n선택한 %s “%s”%s의 암호화 작업을 시작하시겠습니까? - 주의: 볼륨이 완전히 암호화해독되기 전에는 이 볼륨을 삽입하거나 볼륨에 저장된 파일에 접근할 수 없습니다.\n\n선택한 %s “%s”%s의 암호화 작업을 시작하시겠습니까? - 주의: 기존의 자체 데이터를 암호화하는 동안 ① 전력 공급이 갑자기 중단되거나 ② 소프트웨어 또는 하드웨어의 문제때문에 운영체제가 충돌을 일으키면, 일부 데이터가 손상되거나 유실될 수 있습니다. 그러므로 암호화 작업을 시작하기 전에 암호화하고자 하는 파일의 복사본을 백업해 두었는지 확인해야 합니다.\n\n파일의 백업이 있습니까? - 주의: “%s”%s 파티션(→ 예: 시스템 파티션 뒤에 있는 첫번째 파티션)에 현재 저장되어 있는 모든 파일이 삭제되고 사라지게 됩니다(이 파일들은 암호화되지 않습니다)!\n\n정말로 포맷을 계속 진행하시겠습니까? - 주의: 선택한 파티션에 큰 규모의 데이터가 포함되어 있습니다! 파티션에 저장되어 있는 파일들은 지워지고 손실됩니다(* 이들은 암호화되지 않습니다)! - VeraCrypt 볼륨을 파티션 내에 만들면서 이 파티션에 저장되어 있는 파일들은 지워집니다. - 비밀번호 - PIM - 헤더 키 도출 알고리듬 설정 - 볼륨에 키파일 추가/삭제 - 볼륨에서 모든 키파일 제거 - 비밀번호/키파일이 성공적으로 변경되었습니다.\n\n중요: VeraCrypt 사용자 안내서의 “Security Requirements and Precautions” 장에 있는 “Changing Passwords and Keyfiles(비밀번호 및 키파일 변경)” 섹션을 읽어볼 것을 권장합니다. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - 중요: 만약 사용자가 VeraCrypt 응급복구 디스크를 파괴하지 않았다면, 이전의 비밀번호를 사용해서 시스템 파티션/드라이브의 암호를 해제할 수 있습니다(→ VeraCrypt 응급복구 디스크를 부팅한 다음 이전의 비밀번호를 입력하는 방법). 새로운 VeraCrypt 응급복구 디스크를 만들고 이전 복구 디스크를 파괴해야 합니다.\n\n새로운 VeraCrypt 응급복구 디스크를 만드시겠습니까? - VeraCrypt 응급복구 디스크는 여전히 이전의 알고리듬을 사용하고 있습니다. 만약 이전의 알고리듬이 불안하다고 생각되면, 새로운 VeraCrypt 응급복구 디스크를 만들고 이전 복구 디스크를 파괴해야 합니다.\n\n새로운 VeraCrypt 응급복구 디스크를 만드시겠습니까? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - 키파일이 성공적으로 추가/제거되었습니다. - 키파일을 내보냈습니다. - 헤더 키 도출 알고리듬을 성공적으로 설정했습니다. - 자체 암호화 과정을 다시 시작하고자 하는 “비-시스템 볼륨”에 대한 비밀번호/키파일을 입력해 주십시오.\n\n\n참고: “다음”을 클릭하면 VeraCrypt는 ① 암호화 과정이 중단된 곳에서의 모든 비-시스템 볼륨 및 ② 제공된 비밀번호/키파일을 사용해서 VeraCrypt 볼륨 헤더의 암호를 해제할 수 있는 곳에서의 모든 비-시스템 볼륨의 검색을 시도합니다. 한 개 이상의 볼륨이 검색되면, 사용자는 다음 단계에서 이러한 볼륨 중 하나를 선택해야 합니다. - 나열된 볼륨 중 하나를 선택해 주십시오. 목록에는 ① 암호화 과정이 중단된 곳에서의 모든 비-시스템 볼륨 및 ② 제공된 비밀번호/키파일을 사용해서 VeraCrypt 볼륨 헤더의 암호를 해제할 수 있는 곳에서의 접근가능한 모든 비-시스템 볼륨이 포함되어 있습니다. - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - 좋은 비밀번호를 선택하는 것은 매우 중요합니다. 사전에 나오는 한 개의 단어만을 포함하는 것 또는 2, 3개 단어의 조합은 피해야 합니다. 이름이나 생일 등도 피해야 합니다. 추측하기가 쉽기 때문입니다. 좋은 비밀번호는 무작위 조합입니다. 즉 대소문자, 숫자 및 @ ^ = $ * + 등과 같은 특수기호의 조합입니다. 적어도 20개 이상의 문자로 이루어진 비밀번호를 선택할 것을 권장합니다. 가능한 최대 길이는 64개 문자입니다. - 숨긴 볼륨에 대한 비밀번호를 선택해 주세요. - 숨긴 운영체제(즉 숨긴 볼륨)에 대한 비밀번호를 입력해 주세요. - 중요: 현재 단계에서 “숨긴 운영체제용으로 선택한 비밀번호”는 다른 2개의 비밀번호(→ 외부 볼륨용 비밀번호 및 미끼용 운영체제용 비밀번호)와 서로 달라야 합니다. - 볼륨(→ 이 안에 숨긴 볼륨을 만듬)의 비밀번호를 입력하세요.\n\n“다음”을 클릭하면, VeraCrypt가 볼륨을 삽입하기 위해 시도를 하게 됩니다. 볼륨이 삽입되었을 때, 여유 공간(이 공간의 끝이 볼륨의 끝과 정렬됨)의 간섭받지 않는 영역의 크기를 결정하기 위해, 외부 볼륨의 클러스터 비트맵을 스캔하게 됩니다. 이 영역은 숨긴 볼륨을 위한 것이기 때문에, 숨긴 볼륨의 가능한 최대 크기를 제한하게 됩니다. 클러스터 비트맵 스캔은 “숨긴 볼륨”이 외부 볼륨을 데이터로 덮어쓰지 못하도록 하기 위한 것이므로 필요한 작업입니다. - \n외부 볼륨에 대한 비밀번호를 선택해 주세요. 이것은 적대자로부터 비밀번호를 강요당하거나 요청받은 경우에 그에게 표시할 수 있는 비밀번호입니다.\n\n중요: 비밀번호는 숨긴 볼륨용으로 선택했던 비밀번호와 서로 달라야 합니다.\n\n참고: 비밀번호의 가능한 최대 길이는 64개 문자입니다. - 외부 볼륨에 대한 비밀번호를 선택해 주세요. 이것은 노출을 강요하는 자에게 공개되어도 상관이 없는 “시스템 파티션 뒤의 첫번째 파티션을 위한 비밀번호”입니다. 시스템 파티션에는 ① 외부 볼륨 및 ② 숨긴 볼륨(→ 숨긴 운영체제 포함)이 자리잡고 있습니다. 숨긴 볼륨 (및 숨긴 운영체제)의 존재는 여전히 비밀로 남습니다. 이 비밀번호는 미끼용 운영체제를 위한 것이 아닙니다.\n\n중요: 비밀번호는 숨긴 볼륨(→ 숨긴 운용체제)용으로 선택했던 비밀번호와 서로 달라야 합니다. - 외부 볼륨 비밀번호 - 숨긴 볼륨 비밀번호 - 숨긴 운영체제를 위한 비밀번호 - 주의: 짧은 비밀번호는 주먹구구식 기술로도 쉽게 크랙될 수 있습니다!\n\n적어도 20개 이상의 문자 및 숫자로 이루어진 비밀번호를 만들 것을 권장합니다. 그래도 짧은 비밀번호를 사용하시겠습니까? - 볼륨 비밀번호 - 올바르지 못한 비밀번호이거나 VeraCrypt 볼륨이 아닙니다. - 올바르지 못한 키파일 또는 비밀번호이거나 VeraCrypt 볼륨이 아닙니다. - 올바르지 않은 삽입 모드 또는 비밀번호이거나 VeraCrypt 볼륨이 아닙니다. - 올바르지 않은 삽입 모드 또는 키파일/비밀번호이거나 VeraCrypt 볼륨이 아닙니다. - 올바르지 못한 비밀번호이거나 VeraCrypt 볼륨을 찾을 수 없습니다. - 올바르지 못한 키파일 또는 비밀번호이거나 VeraCrypt 볼륨을 찾을 수 없습니다. - \n\n주의: Caps Lock이 켜져 있습니다. 이 경우 비밀번호를 올바르게 입력할 수 없을지도 모릅니다. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - 숨긴 시스템을 포함하고 있는 숨긴 볼륨을 보호하려는 경우, 숨긴 볼륨에 대한 비밀번호를 입력할 때 “표준 US 키보드 레이아웃”을 사용하고 있는지 확인해 주십시오. (윈도우 시작 전에) US가 아닌 윈도우 키보드 레이아웃을 사용할 수 없는 부팅 전 환경에서 비밀번호를 입력할 필요가 있기 때문입니다. - ① 암호화 과정이 중단된 곳에서의 비-시스템 볼륨 및 ② 제공된 비밀번호/키파일을 사용해서 VeraCrypt 볼륨 헤더의 암호를 해제할 수 있는 곳에서의 비-시스템 볼륨을 찾지 못했습니다.\n\n비밀번호/키파일이 올바른지 확인해 주시고, 파티션/볼륨이 시스템 또는 프로그램(* 안티바이러스 소프트웨어 포함)에 의해 사용되고 있는지를 확인해 주십시오. - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\n참고: ① 부팅-전 인증 없이 암호화된 시스템 드라이브에 위치한 파티션에 삽입을 시도하거나 ② 실행 중이 아닌 운영체제의 암호화된 시스템 파티션에 삽입하려고 하는 경우, “시스템 ▶ 부팅-전 인증 없이 삽입”을 선택해서 이 작업을 할 수 있습니다. - 이 방식에서, 드라이브의 일부가 활성 시스템 암호화의 키 범위에 있는 경우, 드라이브에 위치한 파티션을 삽입할 수 없습니다.\n\n이 방식에서 이 파티션을 삽입하기 전에, ① 다른 드라이브에 설치되어 있는 운영체제로 부팅하거나 ② 암호화되지 않은 운영체제로 부팅해야 합니다. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < 뒤로(&B) - 시스템에 설치된 RAW 장치를 나열할 수 없습니다! - “%s” 볼륨이 존재하고, 읽기전용 상태입니다. 그래도 교체하시겠습니까? - 대상 디렉토리 선택 - 키파일 선택 - 키파일 찾기 경로를 선택하세요. 주의: 경로만 기억되고, 파일 이름은 기억되지 않습니다! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Ross Anderson, Eli Biham, 및 Lars Knudsen에 의해 디자인됨. 1998년 발표됨. 256-비트 키, 128-비트 블록. 작업 모드는 XTS입니다. Serpent는 AES 결선작 중의 하나였습니다. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - 외부 볼륨 크기 - 숨긴 볼륨 크기 - 위에 표시된 선택한 장치/파티션의 크기가 올바른지 확인한 후 “다음”을 클릭하십시오. - 외부 볼륨 및 숨긴 볼륨(→ 여기에 숨긴 운영체제를 포함)은 위 파티션 안에 존재하게 됩니다. 이는 시스템 파티션 뒤의 첫번째 파티션에 있어야 합니다.\n\n위에 표시된 파티션의 크기 및 숫자가 올바른지 확인한 후 “다음”을 클릭합니다. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - 볼륨 크기 - 동적 보관소 - 주의: 셀프-테스트 실패! - 모든 알고리듬이 셀프-테스트를 통과했습니다. - 제공한 데이터 단위 수가 너무 길거나 짧습니다. - 제공한 보조 키가 너무 길거나 짧습니다. - 제공한 테스트 암호가 너무 길거나 짧습니다. - 제공한 테스트 키가 너무 길거나 짧습니다. - 제공한 “테스트 단순텍스트”가 너무 길거나 짧습니다. - 2개의 암호가 층계적으로 XTS 모드에서 작동. 각 블록은 처음에 %s (%d-비트 키)로 암호화되고, 이어서 %s (%d-비트 키)로 암호화됩니다. 각 암호는 각각의 키를 사용합니다. 모든 키는 상호 독립적입니다. - 3개의 암호가 층계적으로 XTS 모드에서 작동. 각 블록은 처음에 %s (%d-비트 키)로 암호화되고, 이어서 %s (%d-비트 키)로 암호화됩니다. 마지막으로 %s (%d-비트 키)로 암호화됩니다. 각 암호는 각각의 키를 사용합니다. 모든 키는 상호 독립적입니다. - 운영체제의 설정에 의존하는 이러한 자동-실행 및 자동-삽입 기능은 “휴대용 디스크 파일”이 작성이 불가능한 CD/DVD 같은 매체에 생성될 경우에만 작동된다는 것을 참고해 주십시오. 이는 윈도우의 제한사항이지, VeraCrypt의 버그가 아닙니다. - VeraCrypt 휴대용 디스크가 성공적으로 만들어졌습니다.\n\n휴대용 모드에서 VeraCrypt를 실행하려면 관리자(administrator) 권한이 필요합니다. 레지스트리 파일을 검사한 후에, 비록 휴대용 모드로 실행될지라도 VeraCrypt가 윈도우 시스템에서 실행된 것으로 간주될 수도 있다는 것을 참고하세요. - VeraCrypt 휴대용 디스크 - Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, 및 Niels Ferguson에 의해 디자인됨. 1998년 발표됨. 256-비트 키, 128-비트 블록. 작업 모드는 XTS입니다. Twofish는 AES 결선작 중의 하나였습니다. - %s에 대한 추가 정보 - 알 수 없음 - An unspecified or unknown error occurred (%d). - 일부 볼륨은 “프로그램 또는 시스템에 의해 사용되는” 파일 또는 폴더를 포함하고 있습니다.\n\n강제로 꺼내시겠습니까? - 꺼내기(&D) - 꺼내기 실패! - 볼륨이 “프로그램 또는 시스템에 의해 사용되는” 파일 또는 폴더를 포함하고 있습니다.\n\n강제로 꺼내시겠습니까? - No volume is mounted to the specified drive letter. - 삽입하고자 하는 볼륨은 이미 삽입되어 있습니다. - 볼륨을 삽입하는 동안 오류가 발생했습니다. - 볼륨 내에서 위치를 찾는데 오류가 발생했습니다. - 오류: 올바르지 않는 볼륨 크기 - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - 동적인 보관소는 미리 할당된 NTFS 바구니 파일(sparse file)이고, 이 바구니 파일의 물리적 크기(실제 디스크 사용 공간)는 새로운 데이터가 추가될 때마다 증가합니다.\n\n주의: 바구니 파일에 기반한 볼륨의 성능은 보통의 볼륨 성능보다 매우 좋지 않습니다. 바구니 파일에 의한 볼륨은 또한 비교적 안전하지 못합니다. 왜냐하면 사용되지 않는 볼륨 섹터를 구분할 수 있기 때문입니다. 게다가 바구니-파일-기반의 볼륨은 (숨긴 볼륨 관리차원에서의) 그럴싸한 거절방법을 제공할 수 없습니다. 또한 호스트 파일 시스템에 충분한 여유 공간이 없는 경우, 데이터가 바구니 파일 보관소에 쓰여진다면, 암호화된 파일 시스템이 손상될 수도 있습니다.\n\n바구니-파일에 기반한 볼륨을 만드시겠습니까? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - 외계 볼륨에 대해 비밀번호를 변경할 수 없습니다. - 비어 있는 드라이브 문자를 목록에서 선택해 주세요. - 드라이브 문자 목록에서 삽입된 볼륨을 선택해 주세요. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - 오류: autorun.inf를 만들 수 없습니다. - 키파일을 처리하는 동안 오류가 발생했습니다! - 키파일 경로를 처리하는 동안 오류가 발생했습니다! - 키파일 경로에 어떠한 파일도 포함되지 않았습니다.\n\n키파일 찾기 경로에서 발견된 폴더 (및 그 폴더 내의 파일들)를 무시한 것은 아닌지 확인해 주십시오. - VeraCrypt가 현재 운영체제를 지원하지 않습니다. - 오류: VeraCrypt는 정식 버전의 운영체제만을 지원합니다(* 베타/RC 버전은 지원되지 않습니다). - 오류: 메모리 할당을 할 수 없습니다. - 오류: 성능 계산값을 검색할 수 없습니다. - 오류: 잘못된 볼륨 포맷. - 오류: (표준 볼륨이 아닌) 숨긴 볼륨에 대한 비밀번호를 입력해야 합니다. - 보안상의 이유로, 그 자체가 암호화된 파일시스템을 포함하고 있는 VeraCrypt 볼륨 내에 “숨긴 볼륨”을 만들 수 없습니다. 왜냐하면 볼륨의 여유 공간이 무작위 데이터로 채워지지 않았기 때문입니다. - VeraCrypt - 법적 공지 - 모든 파일 - VeraCrypt 볼륨 - 라이브러리 모듈 - NTFS 포맷을 계속할 수 없습니다. - 볼륨을 삽입할 수 없습니다. - 볼륨을 꺼낼 수 없습니다. - 윈도우가 NTFS로 볼륨을 포맷하는데 실패했습니다.\n\n가능하다면 다른 파일 형식을 선택한 다음 다시 시도하세요. 다른 방식으로는 현재 볼륨을 포맷되지 않은 상태로 그대로 두고(파일시스템을 “없음”으로 선택), 마법사를 종료합니다. 그 다음 볼륨을 삽입하고 시스템 도구 또는 제3자의 도구를 이용해서 삽입된 볼륨을 포맷합니다(볼륨은 여전히 암호화된 상태입니다). - 윈도우가 볼륨을 NTFS로 포맷하는 데 실패했습니다.\n\n대신에 볼륨을 FAT로 포맷하시겠습니까? - 기본값 - 파티션 - 파티션 - 장치 - 장치 - 장치 - 볼륨 - 볼륨 - 볼륨 - 레이블 - 선택한 클러스터 크기는 이 볼륨 크기에 비해 너무 작습니다. 대신 더 큰 클러스터 크기가 사용될 것입니다. - 오류: 볼륨 크기를 가져올 수 없습니다!\n\n선택한 볼륨이 시스템이나 프로그램에 의해 사용 중인지 확인해 주세요. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - “VeraCrypt 볼륨 만들기 마법사”는 FAT 또는 NTFS 볼륨에만 숨긴 볼륨을 만들 수 있습니다. - Windows 2000에서, “VeraCrypt 볼륨 만들기 마법사”는 FAT 볼륨에만 숨긴 볼륨을 만들 수 있습니다. - 참고: 외부 볼륨에는 NTFS 파일 시스템보다 FAT 파일 시스템이 더욱 적당합니다. 예컨대 숨긴 볼륨의 가능한 최대 크기는 (외부 볼륨이 FAT으로 포맷된 경우보다) 훨씬 클 수도 있습니다. - 외부 볼륨으로는 (NTFS 파일 시스템보다) FAT 파일 시스템이 훨씬 적당합니다. 예컨대 숨긴 볼륨의 가능한 최대 크기는 (외부 볼륨이 FAT으로 포맷된 경우보다) 훨씬 클 수도 있습니다. 왜냐하면 NTFS 파일 시스템은 내부 데이터를 항상 볼륨의 중앙에 저장하고 그 결과 숨긴 볼륨은 외부 볼륨의 후반부에만 존재하기 때문입니다.\n\n외부 볼륨을 NTFS로 포맷하시겠습니까? - 그 대신에 볼륨을 FAT으로 포맷하시겠습니까? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - 오류: 숨긴 운영체제를 위한 파티션(→ 시스템 파티션 뒤의 첫번째 파티션)은 시스템 파티션보다 적어도 5%는 더 커야 합니다(→ 시스템 파티션은 현재 실행 중인 운영체제가 설치되어 있는 파티션입니다). - 오류: 숨긴 운영체제를 위한 파티션(→ 시스템 파티션 뒤의 첫번째 파티션)은 시스템 파티션보다 적어도 110% (2.1배)는 더 커야 합니다(→ 시스템 파티션은 현재 실행 중인 운영체제가 설치되어 있는 파티션입니다). 왜냐하면 NTFS 파일 시스템은 내부 데이터를 항상 볼륨의 중앙에 저장하고 그 결과 숨긴 볼륨(→ 시스템 파티션의 복사본을 포함하고 있음)은 외부 볼륨의 후반부에만 존재하기 때문입니다. - 오류: 외부 볼륨이 NFTF로 포맷된 경우라면 (시스템 파티션 보다) 적어도 110% (2.1배)는 더 커야 합니다. 왜냐하면 NTFS 파일 시스템은 내부 데이터를 항상 볼륨의 중앙에 저장하고 그 결과 숨긴 볼륨(→ 시스템 파티션의 복사본을 포함하고 있음)은 외부 볼륨의 후반부에만 존재하기 때문입니다.\n\n참고: 외부 볼륨은 숨긴 운영체제와 동일한 파티션 내에 위치해야 합니다(→ 시스템 파티션 뒤의 첫번째 파티션). - 오류: 시스템 파티션 뒤에 어떠한 파티션도 없습니다.\n\n숨긴 운영체제를 만들기 전에 반드시 시스템 드라이브에 “숨긴 OS를 포함할 파티션”을 만들어야 합니다. 숨긴 운영체제를 위한 파티션(→ 시스템 파티션 뒤의 첫번째 파티션)은 시스템 파티션보다 적어도 5%는 더 커야 합니다(→ 시스템 파티션은 현재 실행 중인 운영체제가 설치되어 있는 파티션입니다). 그러나 외부 볼륨(→ 시스템 파티션과 혼동하지 말 것)이 NTFS로 포맷된 경우, 숨긴 운영체제는 시스템 파티션 보다 최소 110% (2.1배)는 더 커야 합니다. 왜냐하면 NTFS 파일 시스템은 내부 데이터를 항상 볼륨의 중앙에 저장하고 그 결과 숨긴 볼륨(→ 시스템 파티션의 복사본을 포함하고 있음)은 외부 볼륨의 후반부에만 존재하기 때문입니다. - 의견: 1개의 파티션 내에 포함되어 있는 2개의 VeraCrypt 볼륨에 운영체제를 설치하는 것은 효과적이지 않습니다(→ 그래서 이는 지원되지 않습니다). 왜냐하면 가끔 외부 운영체제는 데이터를 숨긴 운영체제에 쓰도록 요구하기 때문입니다. (만약 이러한 쓰기 작업이 숨긴 볼륨의 보호 기능때문에 방해를 받게 되는 경우, 본질적으로 시스템 충돌, 즉 파란 화면 오류를 일으킵니다.) - 파티션의 생성과 관리에 대한 자세한 정보는 운영체제와 함께 제공된 문서를 참고하거나 컴퓨터 판매업체의 기술지원 팀에게 도움을 요청하시기 바랍니다. - 오류: 현재 실행 중인 운영체제는 부트 파티션(→ 첫번째 활성 파티션)에 설치되어 있지 않습니다. 이것은 지원되지 않습니다. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - 오류: 볼륨에 접근할 수 없습니다!\n\n선택한 볼륨이 존재하는지 여부, 삽입되었는지 여부, 시스템 또는 프로그램에 의해 사용 중인지 여부 및 볼륨에 대한 읽기/쓰기 권한이 있는지 아니면 쓰기금지가 되어 있는지 확인해 주세요. - Error: Cannot obtain volume properties. - 오류: 볼륨에 접근할 수 없거나 볼륨 정보를 얻을 수 없습니다.\n\n선택한 볼륨이 존재하는지 여부, 삽입되었는지 여부, 시스템 또는 프로그램에 의해 사용 중인지 여부 및 볼륨에 대한 읽기/쓰기 권한이 있는지 아니면 쓰기금지가 되어 있는지 확인해 주세요. - 오류: 볼륨에 접근할 수 없거나 볼륨 정보를 얻을 수 없습니다. 선택한 볼륨이 존재하는지 여부, 삽입되었는지 여부, 시스템 또는 프로그램에 의해 사용 중인지 여부 및 볼륨에 대한 읽기/쓰기 권한이 있는지 아니면 쓰기금지가 되어 있는지 확인해 주세요.\n\n문자가 계속되면 다음 단계를 따르면 도움이 될 것입니다. - 오류로 인해 VeraCrypt가 파티션을 암호화하는데 방해가 됩니다. 이전에 보고된 문제점들을 고친 후 다시 시도해 보십시오. 문제가 계속되면 다음 단계를 따르면 도움이 될 것입니다. - 오류로 인해 VeraCrypt가 파티션 암호화 과정을 재개하는데 문제가 있습니다.\n\n이전에 보고된 문제점들을 고친 후 과정을 재개하는 작업을 다시 시도해 보십시오. 볼륨이 완전히 암호화되기 전에는 이 볼륨을 삽입할 수 없습니다. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - 오류: 외부 볼륨을 꺼낼 수 없습니다!\n\n프로그램이나 시스템에 의해 사용 중인 파일이나 폴더가 볼륨에 있는 경우에는 볼륨을 꺼낼 수 없습니다.\n\n볼륨에 있는 파일 또는 폴더를 사용 중인 다른 프로그램을 종료한 다음 “다시 시도”를 클릭하세요. - 오류: 외부 볼륨에 대한 정보를 얻을 수 없습니다! 볼륨 만들기를 계속할 수 없습니다. - 오류: 외부 볼륨에 접근할 수 없습니다! 볼륨 만들기를 계속할 수 없습니다. - 오류: 외부 볼륨에 삽입할 수 없습니다! 볼륨 만들기를 계속할 수 없습니다. - 오류: 볼륨 클러스터 비트맵을 가져올 수 없습니다! 볼륨 만들기를 계속할 수 없습니다. - 알파벳/카테고리 - 평균 속도 (내림차순) - 알고리듬 - 암호화 - 암호해제 - 평균 - 드라이브 - 크기 - 암호 알고리듬 - 암호 알고리듬 - 형식 - - 속성 - 위치 - 바이트 - 숨김 - 외부 - 표준 - 시스템 - 숨김 (시스템) - 읽기-전용 - 시스템 드라이브 - 시스템 드라이브 (암호화 중 - %.2f%% 완료) - 시스템 드라이브 (암호해제 중 - %.2f%% 완료) - 시스템 드라이브 (%.2f%% 암호화) - 시스템 파티션 - 숨긴 시스템 파티션 - 시스템 파티션 (암호화 중 - %.2f%% 완료) - 시스템 파티션 (암호해제 중 - %.2f%% 완료) - 시스템 파티션 (%.2f%% 암호화) - 예 (손상이 방지됨!) - 없음 - 1차 키 크기 - 2차 키 크기 (XTS 모드) - 트윅 키 크기 (LRW 모드) - 비트 - 블록 크기 - PKCS-5 PRF - PKCS-5 반복 수 - 볼륨 생성 - 헤더 최종 수정 - (%I64d일 전) - 볼륨 포맷 버전 - 포함된 백업 백업 - VeraCrypt Boot Loader Version - 이용가능한 첫번째 - 이동식 디스크 - 하드디스크 - 변경 없음 - Autodetection - 마법사 모드 - 한 가지 모드를 선택하세요. 무엇을 선택해야 할 지 모르는 경우에는 “기본” 모드를 사용합니다. - VeraCrypt를 현재 시스템에 설치하려면 이 옵션을 선택합니다. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - 이 옵션을 선택하면, 패키지에서 모든 파일이 추출되고, 시스템에는 어떤 것도 설치되지 않습니다. 시스템 파티션 또는 시스템 드라이브를 암호화하고자 한다면 이 옵션을 선택하지 마십시오. 이 옵션을 선택하면 예컨대 VeraCrypt를 휴대용(portable) 모드로 실행하고자 할 때 유용합니다. VeraCrypt를 실행 중인 운영체제에 반드시 설치할 필요는 없습니다. 모든 파일이 추출된 후, 실행 파일인 “VeraCrypt.exe”를 바로 실행할 수 있습니다. 이 경우 VeraCrypt는 휴대용 모드로 실행됩니다. - 설치 옵션 - 여기에서 설치 과정을 제어할 수 있는 다양한 옵션을 설정할 수 있습니다. - 설치 중 - VeraCrypt가 설치되는 동안 잠시 기다려 주세요. - VeraCrypt가 성공적으로 설치 되었습니다 - VeraCrypt가 성공적으로 업그레이드 되었습니다 - 기부금을 고려하시기 바랍니다. 설치가 완료됬으니 프로그램을 언제든지 닫을수 있습니다. - 추출 옵션 - 여기에서 추출 과정을 제어할 수 있는 다양한 옵션을 설정할 수 있습니다. - 파일이 추출되는 동안 잠시 기다려 주세요. - 파일이 성공적으로 추출되었습니다. - 타겟 위치에 모든 파일이 성공적으로 추출되었습니다. - 지정한 폴더가 존재하지 않는 경우, 자동으로 폴더가 생성됩니다. - VeraCrypt가 설치된 위치에서 VeraCrypt 프로그램 파일들이 업그레이드됩니다. 다른 위치를 선택할 필요가 있는 경우, 먼저 VeraCrypt를 제거해 주십시오. - VeraCrypt 최신 버전의 배포 정보를 보시겠습니까? - 이전에 VeraCrypt를 사용해 본 적이 없는 경우, VeraCrypt 사용자 안내서에서 Beginner’s Tutorial을 읽어볼 것을 권장합니다. 지금 읽어 보시겠습니까? - 아래에서 실행한 동작을 선택해 주세요: - 수리/재설치 - 업그레이드 - 제거 - VeraCrypt를 성공적으로 설치하거나 제거하려면 관리자 권한을 가지고 있어야 합니다. 계속하시겠습니까? - VeraCrypt 설치기가 ① 현재 시스템에서 실행되고 있거나 ② 설치의 실행 및 준비 또는 ③ VeraCrypt를 업데이트하고 있습니다. 진행하기 전에, 그 작업이 끝날 때까지 기다리거나 닫아 주세요. 만약 닫기 작업이 되지 않는 경우에는 진행 전에 컴퓨터를 다시 시작해야 합니다. - 설치 실패. - 제거 실패. - 배포 패키지가 손상되었습니다. 다시 다운로드해 보시기 바랍니다(VeraCrypt 공식 웹사이트 - https://veracrypt.codeplex.com). - %s 파일을 쓸 수 없습니다. - 추출 중 - 패키지에서 데이터를 읽을 수 없습니다. - 현재 배포 패키지의 완전성(무결성)을 검증할 수 없습니다. - 추출 실패. - 설치가 롤백되었습니다. - VeraCrypt를 성공적으로 설치했습니다. - VeraCrypt를 성공적으로 업데이트했습니다. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt를 성공적으로 제거했습니다.\n\nVeraCrypt 설치기와 %s 폴더를 제거하려면 “마침”을 클릭하세요. VeraCrypt 설치기에 의해 설치되거나 VeraCrypt에 의해 생성된 것이 아닌 파일을 포함하고 있는 폴더는 제거되지 않는다는 것을 참고하세요. - VeraCrypt 레지스트리 항목을 제거하는 중 - 레지스트리 항목 추가 중 - 지정된 프로그램 데이터 제거 중 - 설치 중 - 중단하는 중 - 제거하는 중 - 아이콘 추가 - 시스템 복구 시점 만들기 - 시스템 복원 시점을 만들 수 없습니다! - 부트 로더를 업데이트하는 중 - “%s”을(를) 설치하는 데 실패했습니다. %s 설치를 계속하시겠습니까? - “%s”을(를) 제거하는 데 실패했습니다. %s 제거 작업을 계속하시겠습니까? - 설치를 마쳤습니다. - “%s” 폴더를 만들 수 없습니다. - VeraCrypt 장치 드라이버를 언로드할 수 없습니다.\n\n먼저 열려 있는 VeraCrypt 창을 모두 닫아 주세요. 창을 닫아도 도움이 되지 않으면, 윈도우를 다시 시작해 보세요. - 설치 또는 제거를 계속하려면 모든 VeraCrypt 볼륨을 먼저 꺼내야 합니다. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - 레지스트리 항목을 설치하는 데 실패했습니다. - 장치 드라이버를 설치하는 데 실패했습니다. 윈도우를 다시 시작한 다음 VeraCrypt 설치를 다시 시도해 보세요. - VeraCrypt 장치 드라이버 시작 중 - 장치 드라이버를 제거하는 데 실패했습니다. (윈도우의 문제로 인해) 장치 드라이버를 제거하거나 재설치하기 전에 시스템을 로그오프하거나 다시 시작해야 합니다. - VeraCrypt 장치 드라이버 설치 중 - VeraCrypt 장치 드라이버 중지 중 - VeraCrypt 장치 드라이버 제거 중 - 사용자 계정 컨트롤(UAC) 지원 라이브러리를 등록하는 데 실패했습니다. - 사용자 계정 컨트롤(UAC) 지원 라이브러리를 해제하는 데 실패했습니다. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - VeraCrypt를 휴대용 모드로 실행하기로 결정한 경우(* 이는 VeraCrypt 복사본을 설치해서 실행하는 것과 반대개념임), 이를 실행할 때마다 시스템에서 VeraCrypt 실행 권한(* UAC 묻기)을 요구하게 됩니다.\n\n왜냐하면 VeraCrypt를 휴대용 모드로 실행할 때 VeraCrypt 장치 드라이버를 로드해서 시작해야 하기 때문입니다. VeraCrypt는 실시간 암호화/암호해제를 제공하는 장치 드라이버를 필요로 합니다. 관리자 권한이 없는 사용자는 윈도우에서 장치 드라이버를 시작할 수 없습니다. 그래서 시스템에서 VeraCrypt 실행 권한(UAC 묻기)을 요구하게 되는 것입니다.\n\nVeraCrypt를 시스템에 설치한 경우(* 이는 휴대용 모드로 VeraCrypt를 실행하는 것과 반대개념임), 사용자가 VeraCrypt를 실행할 때마다 실행 권한을 묻지 않습니다.\n\n정말로 파일을 추출하시겠습니까? - 주의: 이 볼륨 만들기 마법사가 관리자 권한을 가지고 있습니다.\n\n사용자의 새로운 볼륨은, 볼륨이 삽입되었을 때 이 볼륨에 쓰기가 금지된 권한으로 생성될 수 있습니다. 이러한 점을 피하려면, 현재의 볼륨 만들기 마법사를 닫은 후 관리자 권한이 없는 새로운 마법사를 실행시키십시오.\n\n이 볼륨 만들기 마법사를 닫으시겠습니까? - 오류: 라이선스를 표시할 수 없습니다. - 외부(!) - - 시간 - - - 열기 - 꺼내기 - VeraCrypt 보기 - VeraCrypt 숨김 - 삽입 후 읽은 데이터 - 삽입 후 쓰여진 데이터 - 암호화된 부분 - 100% (완전 암호화됨) - 0% (암호화 안됨) - %.3f%% - 100% - 기다려 주세요 - 준비 중 - 크기 조절 중 - 암호화 중 - 암호해제 중 - 완료 중 - 정지됨 - 완료됨 - 오류 - 장치 연결끊김 - 시스템 즐겨찾기 볼륨이 저장되었습니다.\n\n시스템이 시작될 때 “시스템 즐겨찾기 볼륨”이 삽입되게 하려면, “설정” > “시스템 즐겨찾기 볼륨” > “윈도우 시작시 시스템 볼륨 삽입”을 선택해 주십시오. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - 비밀번호 입력▷ %s - '%s'의 비밀번호 입력 - 표준/외부 볼륨을 위한 비밀번호 입력 - 숨긴 볼륨을 위한 비밀번호 입력 - 백업 파일에 저장된 헤더를 위한 비밀번호 입력 - 키파일이 성공적으로 만들어졌습니다. - 제공된 키파일의 개수가 잘못되었습니다. - 키파일의 크기는 64 <-> 1048576 바이트만 입력이 됩니다. - 생성되는 키파일(들)의 이름을 입력 해주세요. - 키파일(들)의 기본 이름이 잘못되었습니다 - 키파일 '%s'가 이미 존재합니다.\n덮어 쓰시겠습니까? 'No'일경우 생성 과정은 중지됩니다 - 주의: 이 볼륨의 헤더가 손상되었습니다! VeraCrypt는 볼륨에 포함된 볼륨 헤더의 백업을 자동으로 사용했습니다.\n\n“도구” ▶ “볼륨 헤더 복구”를 선택해서 볼륨 헤더를 수리해야 합니다. - 볼륨 헤더 백업을 성공적으로 만들었습니다.\n\n중요: 이 백업을 이용해서 볼륨 헤더를 복구하게 되면 볼륨의 현재 비밀번호도 같이 복구합니다. 또한 볼륨을 삽입하는데 키파일이 필요한 경우, 볼륨 헤더가 복구되었을 때 볼륨을 다시 삽입하려면 동일한 키파일이 필요합니다.\n\n주의: 이 볼륨 헤더 백업은 현재의 특정 볼륨의 헤더만 복구하는 데 사용됩니다. 만약 이 헤더 백업으로 다른 볼륨의 헤더를 복구할 경우에 그 볼륨을 삽입할 수는 있지만, (그 볼륨의 마스터 키가 변경되기 때문에) 볼륨에 저장된 데이터의 암호해제는 할 수 없습니다. - 볼륨 헤더가 성공적으로 복구되었습니다.\n\n중요: 이전 비밀번호도 같이 복구되었다는 것을 참고하세요. 또한 백업이 만들어졌을 당시 볼륨을 삽입하는데 키파일이 필요했다면, 볼륨을 다시 삽입하고자 할 때도 동일한 키파일이 필요합니다. - 보안상의 이유로 볼륨에 대한 올바른 비밀번호(또는 올바른 키파일)을 입력 또는 제공해야 합니다.\n\n참고: 볼륨에 숨긴 볼륨이 있는 경우, 먼저 “외부 볼륨”에 대한 올바른 비밀번호(또는 올바른 키파일)을 입력 또는 제공해야 합니다. 나중에 숨긴 볼륨 헤더의 백업을 선택한 경우, “숨긴 볼륨”에 대한 올바른 비밀번호(또는 올바른 키파일)을 입력 또는 제공해야 합니다. - %s에 대한 볼륨 헤더 백업을 만드시겠습니까?\n\n“예”를 클릭하면, 헤더 백업의 파일 이름을 묻게 됩니다.\n\n참고: 새로운 소금(→ 무작위 문자열)을 이용해서 ① 표준 볼륨 헤더 및 ② 숨긴 볼륨 헤더는 재암호화되고 백업 파일에 저장됩니다. 현재 볼륨 안에 “숨긴 볼륨”이 없을지라도, 백업 파일에 있는 숨긴 볼륨 헤더를 위해 남겨진 공간은 무작위 데이터로 채워지게 됩니다(→ 숨긴 볼륨의 효과적인 방법방법). 백업 파일에서 볼륨 헤더를 복구할 때, 볼륨 헤더 백업이 생성된 당시에 타당했던 ① 올바른 비밀번호 입력 또는 ② 올바른 키파일을 제공해야 합니다. 또한 비밀번호(또는 키파일)은 복구할 볼륨 헤더의 형식(→ 표준 또는 숨김)을 자동을 결정합니다. VeraCrypt는 시행착오를 거쳐 그 형식을 결정하게 됩니다. - %s의 볼륨 헤더를 복구하시겠습니까?\n\n주의: 볼륨 헤더의 복구는 “백업이 만들어졌을 당시의 볼륨 비밀번호”도 동시에 복구합니다. 또한 백업이 만들어졌을 당시 볼륨을 삽입하는데 키파일이 필요했다면, 볼륨 헤더가 복구된 후 다시 볼륨을 삽입하고자 할 때도 동일한 키파일이 필요합니다.\n\n“예”를 클릭하면, 헤더 백업 파일을 선택할 수 있습니다. - 볼륨에 “숨긴 볼륨”이 포함되어 있습니까? - 볼륨에 “숨긴 볼륨”이 포함되어 있습니다. - 볼륨에 “숨긴 볼륨”이 포함되어 있지 않습니다. - 사용하고자 하는 “볼륨 헤더 백업 형식”을 선택해 주세요: - 볼륨에 포함된 백업에서 “볼륨 헤더” 복구 - 외부의 백업 파일에서 “볼륨 헤더” 복구 - 볼륨 헤더 백업 파일의 크기가 올바르지 않습니다. - 이 볼륨에 포함된 백업 헤더가 없습니다. VeraCrypt 6.0 또는 그 이상의 버전에서 생성된 볼륨만 “포함된 백업 헤더”를 가질 수 있습니다. - 사용자가 시스템 파티션/드라이브의 헤더를 백업하려고 합니다. 이것은 허용되지 않습니다. 시스템 파티션/드라이브에 관계된 백업/복구 작업은 VeraCrypt 응급복구 디스크를 사용해서만 실행될 수 있습니다.\n\nVeraCrypt 응급복구 디스크를 만드시겠습니까? - 사용자가 가상의 VeraCrypt 볼륨 헤더를 복구하려고 시도하면서 시스템 파티션/드라이브를 선택했습니다. 이것은 허용되지 않습니다. 시스템 파티션/드라이브에 관계된 백업/복구 작업은 VeraCrypt 응급복구 디스크를 사용해서만 실행될 수 있습니다.\n\nVeraCrypt 응급복구 디스크를 만드시겠습니까? - 확인을 클릭한 다음, 새로운 VeraCrypt 응급복구 디스크 ISO 이미지를 위한 파일 이름 및 그 파일을 둘 위치를 선택하게 됩니다. - 응급복구 디스크 이미지가 생성되어 다음 파일에 저장되었습니다: %s\n\n이제 응급복구 디스크를 CD 또는 DVD에 구울 필요가 있습니다.\n\n중요: 파일은 (개별 파일이 아닌) ISO 디스크 이미지로 CD/DVD에 구워져야 합니다. 작업 방법에 대한 자세한 정보는 CD/DVD 리코딩 소프트웨어의 문서를 참고하세요.\n\n응급복구 디스크를 구운 후에 “시스템 ▶ 응급복구 디스크 검증”을 선택해서 응급복구 디스크가 올바르게 구워졌는지를 확인합니다. - 응급복구 디스크 이미지가 생성되어 다음 파일에 저장되었습니다: %s\n\n이제 응급복구 디스크를 CD 또는 DVD에 구울 필요가 있습니다.\n\n지금 Microsoft Windows Disc Image Burner를 실행하시겠습니까?\n\n참고: 응급복구 디스크를 구운 후에 “시스템 ▶ 응급복구 디스크 검증”을 선택해서 응급복구 디스크가 올바르게 구워졌는지를 확인합니다. - 검증하려면 VeraCrypt 응급복구 디스크를 CD/DVD 드라이브에 삽입한 다음 “확인”을 클릭하세요. - VeraCrypt 응급복구 디스크를 성공적으로 검증했습니다. - 응급복구 디스크가 올바르게 구워졌는지를 검증할 수 없습니다.\n\n응급복구 디스크를 구웠다면, CD/DVD를 꺼내서 다시 삽입한 다음 다시 시도해 주세요. 이것이 도움이 되지 않는 경우, 다른 CD/DVD 리코딩 소프트웨어 및 매체로 시도해 주세요.\n\n다른 마스터 키, 비밀번호, 소금 등을 위해 생성된 응급복구 디스크를 검증하려고 하는 경우, 그러한 응급복구 디스크는 항상 검증작업에 실패하게 됩니다. 현재 설정과 완전히 호환되는 새로운 응급복구 디스크를 만들려면, “시스템” ▶ “응급복구 디스크 만들기”를 선택하세요. - VeraCrypt 응급복구 디스크 ISO가 성공적으로 확인되었습니다. - VeraCrypt 응급복구 디스크 ISO의 확인이 실패했습니다.\n\n만약 VeraCrypt의 응급복구 디스크를 다른 마스터 키, 비밀번호, 또한 소금(Salt) 등을 사용할 경우, 확인이 실패할경우를 주의하시기 바랍니다. - VeraCrypt 응급복구 디스크 만들기 오류. - 숨긴 운영체제가 실행 중일 때 VeraCrypt 응급복구 디스크를 만들 수 없습니다.\n\nVeraCrypt 응급복구 디스크를 만들려면 미끼용 운영체제를 부팅한 다음 “시스템” ▶ “응급복구 디스크 만들기”를 선택하세요. - 응급복구 디스크가 올바르게 구워졌는지를 검증할 수 없습니다.\n\n응급복구 디스크를 구웠다면, CD/DVD를 꺼내서 다시 삽입한 다음, “다음”을 클릭해서 다시 시도해 주세요. 이것이 도움이 되지 않는 경우, 다른 매체%s로 시도해 주십시오.\n\n아직 응급복구 디스크를 굽지 않았다면, 다음을 클릭하세요.\n\n이 마법사를 시작하기 전에 VeraCrypt 응급복구 디스크를 검증하려고 할 경우, 이러한 응급복구 디스크는 (다른 마스터 키를 위해 생성되었기 때문에) 사용될 수 없습니다. 새롭게 생성된 응급복구 디스크를 구울 필요가 있습니다. - 또는 다른 CD/DVD 리코딩 소프트웨어 - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - 시스템 파티션/드라이브가 암호화되지 않은 것으로 보입니다.\n\n시스템 즐겨찾기 볼륨은 부팅-전 인증 비밀번호의 사용을 통해서만 삽입(mount)될 수 있습니다. 그러므로 시스템 즐겨찾기 볼륨을 사용하려면, 먼저 시스템 파티션/드라이브를 암호화해야 합니다. - 계속하기 전에 볼륨을 꺼내야 합니다. - 오류: 타이머를 설정할 수 없습니다. - 파일시스템 체크 - 파일시스템 수리 - 즐겨찾기에 포함하기... - 시스템 즐겨찾기에 포함하기... - Properties... - 숨긴 볼륨 보호 - N/A - - 아니오 - 비활성화 - 1 - 2 또는 그 이상 - 작업 모드 - 레이블: - 크기: - 경로: - 드라이브 문자: - 오류: 비밀번호는 ASCII 문자만을 포함해야 합니다.\n\n비밀번호에 ASCII 아닌 문자가 있는 경우, 시스템 설정의 변경이 있으면 볼륨을 삽입할 수 없게 될 수도 있습니다.\n\n다음 문자는 허용됩니다:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - 주의: 비밀번호에 ASCII 아닌 문자가 포함되어 있습니다. 이 경우 시스템 설정의 변경이 있으면 볼륨을 삽입할 수 없게 될 수도 있습니다.\n\nASCII 아닌 문자를 ASCII 문자로 모두 교체해야 합니다. 이렇게 하려면, “볼륨” ▶ “볼륨 비밀번호 변경”을 클릭하세요.\n\n다음은 ASCII 문자입니다:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - 주의: 실행 파일로 사용되는 확장자(예: .exe, .sys, .dll) 및 문제를 일으키는 유사한 파일 확장자는 사용하지 않길 권장합니다. 이런 파일 확장자를 사용하게 되면 윈도우와 안티바이러스 소프트웨어가 보관소에 간섭을 하게 될 수도 있고 결국 볼륨의 성능에 악영향을 초래하고 다른 중대한 문제를 일으킬 수도 있습니다.\n\n파일 확장자를 제거하거나 (예컨대 “.hc”) 등으로 변경할 것을 적극권장합니다.\n\n문제가 될 만한 파일 확장자를 정말로 사용하시겠습니까? - 주의: 이 보관소는 실행 파일로 사용되는 확장자(예: .exe, .sys, .dll) 또는 유사한 문제를 일으킬 수 있는 파일 확장자를 가지고 있습니다. 이런 파일 확장자를 사용하게 되면 윈도우와 안티바이러스 소프트웨어가 보관소에 간섭을 하게 될 수도 있고 결국 볼륨의 성능에 악영향을 초래하고 다른 중대한 문제를 일으킬 수도 있습니다.\n\n(볼륨을 꺼낸 후에) 보관소의 확장자를 변경(예: “.hc”)하거나 제거할 것을 권장합니다. - 홈페이지 - 주의: 윈도우 설치에 서비스팩을 적용하지 않은 것으로 보입니다. 서비스팩 1 또는 그 이상을 적용하지 않은 Windows XP를 사용하는 경우, 128 GB보다 큰 IDE 디스크에 데이터를 쓰면 안됩니다! 만약 그 디스크(VeraCrypt 볼륨인지 여부에 상관없음)에 데이터를 쓰게 되면, 데이터가 손상될 수도 있습니다. 이는 윈도우의 버그이지, VeraCrypt의 버그가 아닙니다. - 주의: 윈도우 설치에 서비스팩 3 또는 그 이상을 적용하지 않은 것으로 보입니다. 서비스팩 3 또는 그 이상을 적용하지 않은 Windows 2000을 사용하는 경우, 128 GB보다 큰 IDE 디스크에 데이터를 쓰면 안됩니다! 만약 그 디스크(VeraCrypt 볼륨인지 여부에 상관없음)에 데이터를 쓰게 되면, 데이터가 손상될 수도 있습니다. 이는 윈도우의 제한이지, VeraCrypt의 버그가 아닙니다.\n\n참고: 레지스트리에서 48-비트 LBA 지원을 사용가능하게 해야 할지도 모릅니다. 추가정보 → http://support.microsoft.com/kb/305098/EN-US - 주의: 현재 시스템에서 48-bit LBA ATAPI 지원이 되지 않습니다. 그러므로 128GB보다 큰 IDE 디스크에 데이터를 작성하면 안됩니다! 만약 그 디스크(VeraCrypt 볼륨인지 여부에 상관없음)에 데이터를 쓰게 되면, 데이터가 손상될 수도 있습니다. 이는 윈도우의 제한이지, VeraCrypt의 제한이 아닙니다.\n\n48비트 LBA 지원을 사용하려면, 레지스트리 키 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters에 레지스트리 값을 추가하고 설정을 1로 합니다.\n\n추가 정보를 보려면 http://support.microsoft.com/kb/305098을 참고하세요. - 오류: 4 GB보다 큰 파일은 FAT32 파일 시스템에 저장될 수 없습니다. 그러므로 FAT32 파일 시스템에 저장된 “파일-기반 VeraCrypt 볼륨 (보관소)”는 4 GB 이상이 될 수 없습니다.\n\n만약 더 큰 볼륨이 필요하다면, NTFS 파일 시스템에 볼륨을 만들거나(→ Windows Vista SP1 또는 그 이상 경우는 exFAT 파일 시스템에 생성), 파일-기반 볼륨을 만드는 대신에 전체 파티션 또는 장치를 암호화합니다. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - 주의: 외부 볼륨에 더 많은 데이터/파일을 나중에 추가할 수 있게 하려면, 숨긴 볼륨의 크기를 작게 해야 합니다.\n\n지정한 크기로 계속하시겠습니까? - 선택한 볼륨이 없습니다.\n\nVeraCrypt 볼륨을 선택하려면 “파일 선택” 또는 “장치 선택”을 클릭하세요. - 선택된 파티션이 없습니다.\n\n일반적으로 부팅-전 인증을 요하는 꺼내진 파티션(→ 예컨대 ① 실행 중이 아닌 다른 운영체제의 암호화된 시스템 드라이브에 위치한 파티션, ② 다른 운영체제의 암호화된 시스템 파티션)을 선택하려면 “장치 선택”을 클릭합니다.\n\n참고: 선택한 파티션은 부팅-전 인증 없이 보통의 VeraCrypt 볼륨으로 삽입됩니다. 이는 예컨대 운영체제의 백업이나 수리에 유용합니다. - 주의: 기본값인 키파일이 사용되도록 설정되면, 이 키파일(들)을 사용하지 않는 볼륨은 삽입이 되지 않습니다. 그러므로 기본 키파일이 사용되도록 설정한 후에는, 그 볼륨을 삽입할 때마다 (비밀번호 입력 필드 아래의) “키파일 사용”을 체크해제해야 합니다.\n\n선택한 키파일/경로를 기본값으로 저장하시겠습니까? - 장치 자동삽입 - 모두 꺼내기 - 캐시 지우기 - 모두 꺼내기 및 캐시 지우기 - 강제로 모두 꺼내기 및 캐시 지우기 - 강제로 모두 꺼내기, 캐시 지우기 및 종료 - 즐겨찾는 볼륨 삽입 - VeraCrypt 창 보기/숨김 - (여기를 클릭하고 키를 누르세요) - 동작 - 바로가기 - 오류: 이 바로가기는 할당되어 있습니다. 다른 바로가기를 선택하세요. - 오류: 바로가기가 이미 사용 중입니다. - 주의: 한 개 또는 수 개의 VeraCrypt - 시스템 일반 단축키가 작동하지 않습니다!\n\n다른 프로그램이나 운영체제가 동일한 바로가기를 사용하고 있는지 확인해 주세요. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - 오류 또는 비호환성으로 인해 VeraCrypt가 최대 절전 모드 파일을 암호화하지 못했습니다. 그 결과 최대 절전 모드로의 진입을 못했습니다.\n\n참고: 컴퓨터가 최대 절전 모드(또는 절전 모드)로 들어갈 때, 그 시스템 메모리의 내용은 (시스템 드라이브 상에 위치하는) 최대 절전 모드 저장 파일에 쓰여지게 됩니다. VeraCrypt는 “RAM에 열려 있는 암호화된 키 및 민감한 파일의 내용”이 암호화되지 않은 채 최대 절전 모드 저장 파일에 저장되는 것을 막을 수 없습니다. - 최대 절전 모드 진입을 방지했습니다.\n\nVeraCrypt는 (별도의 부트 파티션을 사용하는) 숨겨진 운영체제에서의 최대 절전 모드를 지원하지 않습니다. 부트 파티션이 미끼용 및 숨겨진 시스템에 의해 공유되는 것은 아닌지 확인해 주십시오. 그래서 최대 절전 모드 상태에서 깨어날 때 데이터 누수 및 문제점을 방지하기 위해, VeraCrypt는 숨겨진 시스템이 공유된 부트 파티션에 쓰는 것을 방지하고 또한 이 시스템이 최대 절전 모드로 진입하는 것을 막게되는 것입니다. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - 주의: 이 옵션을 사용하지 않으면, 열려 있는 파일/디렉토리를 포함하고 있는 볼륨을 자동으로 꺼낼 수 없습니다.\n\n이 옵션을 사용하지 않으시겠습니까? - 주의: 열려 있는 파일/디렉토리를 포함하고 있는 볼륨을 자동으로 꺼낼 수 없습니다.\n\n이를 방지하려면, 이 대화창에서 다음 옵션을 사용가능하게 합니다: “볼륨에 열린 파일 또는 디렉토리가 있어도 강제로 꺼내기” - 주의: 노트북 배터리 전력이 부족하게 되면, 컴퓨터가 절전 모드로 들어갈 때 윈도우의 적절한 메시지 보내기를 생략할 수도 있습니다. 이런 경우 VeraCrypt의 볼륨 자동-꺼내기 작업이 실패할 수도 있습니다. - 파티션/볼륨의 만들기 과정을 예약했습니다. 아직 작업을 완전히 마치지 못했습니다.\n\n지금 그 작업을 다시 시작하시겠습니까? - 시스템 파티션/드라이브의 암호화 또는 암호해제 작업을 예약했습니다. 아직 작업을 완전히 마치지 못했습니다.\n\n지금 그 작업을 시작 (다시 시작) 하시겠습니까? - 현재 예약된 “비-시스템 파티션/볼륨의 암호화 과정”을 다시 시작할 것인지를 묻는 창을 표시하시겠습니까? - 예, 사용자에게 묻습니다. - 아니오, 사용자에게 묻지 않습니다. - 중요: 비-시스템 파티션/볼륨의 암호화 과정은 VeraCrypt 메인 창의 메뉴 표시줄에 있는 “볼륨” ▶ “중단된 진행을 다시 시작”을 선택해서 다시 시작할 수 있습니다. - 시스템 파티션/드라이브의 암호화 또는 암호해제 작업을 예약했습니다. 그러나 부팅-전 인증에 실패했습니다(또는 건너뛰었습니다).\n\n참고: 부팅-전 환경에서 시스템 파티션/드라이브를 암호해제한 경우라면, VeraCrypt 창의 메뉴표시줄에서 “시스템” ▶ “시스템 파티션/드라이브 영구적 암호해제”를 선택해서 작업을 마무리할 필요가 있습니다. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - 종료? - VeraCrypt가 암호화를 할 지 아니면 암호해제를 할 것인가를 결정하는데 충분한 정보를 가지고 있지 않습니다. - VeraCrypt가 암호화를 할 지 아니면 암호해제를 할 것인가를 결정하는데 충분한 정보를 가지고 있지 않습니다.\n\n참고: 부팅-전 환경에서 시스템 파티션/드라이브를 암호해제한 경우라면, 암호해제를 클릭해서 작업을 마무리할 필요가 있습니다. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - 파티션/볼륨의 암호화 진행을 중단하고 나중으로 연기하시겠습니까?\n\n참고: 볼륨이 완전히 암호화되기 전에는 이 볼륨을 삽입할 수 없습니다. 나중에 암호화 과정을 다시 시작할 수 있고, 이 경우 중단된 시점부터 계속 진행됩니다. 이 작업은 예컨대 VeraCrypt 메인 창의 메뉴 표시줄에 있는 “볼륨” ▶ “중단된 진행을 다시 시작”을 선택해서 실행할 수 있습니다. - 시스템 파티션/드라이브의 암호화 진행을 중단하고 나중으로 연기하시겠습니까?\n\n참고: 나중에 이 과정을 다시 시작할 수 있고 중단된 시점부터 계속 진행됩니다. 이 작업은 예컨대 VeraCrypt 메인 창의 메뉴 표시줄에 있는 “시스템” ▶ “중단된 진행을 다시 시작”을 선택해서 실행할 수 있습니다. 암호화 진행을 완전히 종료하거나 되돌리려면, “시스템” ▶ “시스템 파티션/드라이브의 영구적 암호해제”를 선택하세요. - 시스템 파티션/드라이브의 암호해제 진행을 중단하고 나중으로 연기하시겠습니까?\n\n참고: 나중에 이 과정을 다시 시작할 수 있고 중단된 시점부터 계속 진행됩니다. 이 작업은 예컨대 VeraCrypt 메인 창의 메뉴 표시줄에 있는 “시스템” ▶ “중단된 진행을 다시 시작”을 선택해서 실행할 수 있습니다. 암호해제 진행을 되돌리고, 암호화를 시작하려면, “시스템” ▶ “시스템 파티션/드라이브 암호화”를 선택하세요. - 오류: 시스템 파티션/드라이브의 암호화 또는 암호해제 진행을 중단하는데 실패했습니다. - 오류: 지우기 진행을 중단하는데 실패했습니다. - 오류: 시스템 파티션/드라이브의 암호화 또는 암호해제 진행을 다시 시작하는데 실패했습니다. - 오류: 지우기 진행을 시작하는데 실패했습니다. - 불일치가 해결되었습니다.\n\n\n이와 관련된 버그를 보고하려면, 버그 보고서에 다음과 같은 기술 정보를 포함해 주세요: %hs - 오류: 예기치 않은 상태.\n\n\n(이와 관련된 버그를 보고하려면, 버그 보고서에 다음과 같은 기술 정보를 포함해 주세요: %hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - 주의: VeraCrypt 백그라운드 작업의 사용이 해제되었습니다. 프로그램을 종료하면, 숨긴 볼륨의 손상이 방지된 경우에도 그 알림을 통보받지 못합니다.\n\n참고: 언제라도 VeraCrypt 트레이 아이콘을 오른쪽 클릭하고 “종료”를 선택해서 백그라운드 작업을 종료할 수 있습니다.\n\nVeraCrypt 백그라운드 작업을 지금 사용가능하게 할까요? - 언어팩 버전: %s - %s로 삽입된 VeraCrypt 볼륨에 대한 파일 시스템을 체크하는 중... - %s로 삽입된 VeraCrypt 볼륨에 대한 파일 시스템의 수리를 시도하는 중... - 주의: 이 볼륨은 64-비트-블록 레거시 알고리듬으로 암호화되어 있습니다.\n\n모든 64-비트-블록 알고리듬(Blowfish, CAST-128, 및 Triple DES)은 비난받고 있습니다. 앞으로 나올 VeraCrypt 버전으로 이 볼륨을 삽입할 수 있을 것입니다. 그러나 이러한 레거시 암호화 알고리듬의 구현에 전혀 향상이 없는 상태입니다. 128-비트-블록 알고리듬(예: AES, Serpent, Twofish)으로 새로운 VeraCrypt 볼륨을 만들고, 모든 파일을 이 볼륨에서 새로운 볼륨으로 옮길 것을 권장합니다. - 새 볼륨을 자동으로 삽입하도록 시스템 설정이 되어 있지 않습니다. 장치-기반의 VeraCrypt 볼륨을 삽입할 수 없습니다. “자동삽입”은 다음 명령을 실행하고 시스템을 다시 시작하면 사용할 수 있습니다.\n\nmountvol.exe /E - 계속하기 전에 드라이브 문자를 파티션/장치에 할당해 주세요 (제어판 → 시스템 관리 → 관리자 도구 - 하드 디스크 파티션 생성 및 포맷)\n\n이것은 운영체제의 요구사항입니다. - VeraCrypt 볼륨 삽입 - 모든 VeraCrypt 볼륨 꺼내기 - VeraCrypt가 관리자 권한을 얻는데 실패했습니다. - 운영체제에 의해 접근이 거부되었습니다.\n\n가능한 원인: 시스템을 읽고 데이터를 쓰기 위해서는 폴더, 파일, 장치에 대한 읽기/쓰기 권한 (또는 관리자 권한)을 가지고 있어야 합니다. 보통 관리자 권한이 없는 사용자는 그의 문서 폴더에서만 파일을 만들고, 읽고 수정하는 것이 허용되어 있습니다. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - VeraCrypt 부트 로더는 (시스템 드라이브의 시작 부분에) 최소 32 KBytes의 여유 공간을 필요로 합니다. 왜냐하면 VeraCrypt 부트 로더가 그 시작 부분에 저장되어야 하기 때문입니다. 불행하게도 사용자의 드라이브가 이 조건을 충족시키지 못합니다.\n\nVeraCrypt에서의 이 버그/문제점을 보고하지 않길 바랍니다. 이 문제점을 해결하려면, 사용자의 디스크 파티션을 재조정해서 32 Kbytes의 여유 공간을 남겨두어야 합니다. 대부분의 경우에 첫번째 파티션을 삭제하고 다시 만들어야 할 것입니다. 예를 들면 윈도우를 설치할 때 이용되는 Microsoft 파티션 관리자를 사용하실 것을 권장합니다. - 이 기능은 현재 사용 중인 운영체제 버전에서는 지원되지 않습니다. - 현재 사용 중인 운영체제 버전 상의 시스템 파티션/드라이브의 암호화를 VeraCrypt가 지원하지 않습니다. - Windows Vista에 시스템 파티션/드라이브를 암호화하려면, 먼저 비스타용 서비스팩 1 또는 그 이상을 설치해야 합니다(* 현재 시스템에 서비스팩이 설치되지 않았습니다).\n\n참고: Windows Vista의 서비스팩 1은 시스템 부팅 도중에 기본 여유 메모리의 부족상태를 만드는 문제점을 해결했습니다. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - 오류: 이 기능은 (현재 VeraCrypt가 포터블 모드로 실행 되고 있는) 시스템에 VeraCrypt가 설치되어 있을 것을 요구합니다.\n\nVeraCrypt를 다시 설치한 후 다시 시도해 주십시오. - 주의: 부팅이 되는 드라이브에 윈도우가 설치되지 않은 것으로 보입니다. 이 작업은 지원되지 않습니다.\n\n부팅이 되는 드라이브에 윈도우가 설치된 경우에만 계속 진행해야 합니다.\n\n계속하시겠습니까? - 시스템 드라이브에 GUID 파티션 테이블(GPT)이 있습니다. 현재 MBR 파티션 테이블을 가진 드라이브만 지원합니다. - 주의: VeraCrypt 부트 로더가 이미 시스템 드라이브에 설치되어 있습니다!\n\n컴퓨터 상의 다른 시스템이 이미 암호화되어 있을 수도 있습니다.\n\n주의: 현재 실행 중인 시스템의 암호화로 진행하면 다른 시스템이 시작이 안되고 관련 데이터에 접근할 수 없게될 지도 모릅니다.\n\n그래도 계속하시겠습니까? - 원래의 시스템 로더를 복구하는 데 실패했습니다.\n\nVeraCrypt 응급복구 디스크를 사용하거나(→ “Repair Options” 메뉴에서 “Restore original system loader”를 선택), VeraCrypt 부트 로더를 윈도우 시스템 로더로 교체하려면 윈도우 설치 매체를 사용해 주십시오. - 원래의 시스템 로더가 응급복구 디스크에 저장되지 않을 것입니다 (원인: 백업 파일 분실). - MBR 섹터에 쓰는 데 실패했습니다.\n\n사용자의 BIOS가 MBR 섹터를 보호하도록 설정된 것으로 보입니다. MBR/안티바이러스 보호 상태를 확인하려면 (컴퓨터에 전원이 들어온 후 F2, Delete 또는 Esc를 눌러) BIOS 설정을 체크합니다. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - 필요한 VeraCrypt Boot Loader 버전이 현재 설치되어 있지 않습니다. 이로 인해 일부 설정이 저장되지 않을 수도 있습니다. - 참고: 사용자가 컴퓨터를 시작하는 것을 특정인(* 적대자)이 지켜보는 가운데 VeraCrypt를 사용한다는 사실을 숨기고 싶을 때가 있을 것입니다. VeraCrypt 부트 로더 화면을 정의하는 위 옵션을 이용해서 이러한 작업을 할 수 있습니다. 첫번째 옵션을 사용하게 되면, 부트 로더에 어떠한 텍스트도 표시되지 않습니다(* 심지어 잘못된 비밀번호를 입력했을 때도 마찬가지입니다). 사용자가 비밀번호를 입력할 수 있는 동안 컴퓨터는 작동이 멈춘 것처럼 보입니다. 게다가 적대자를 속이는 사용자 메시지를 표시할 수도 있습니다. 예컨대 “Missing operating system” 같은 가짜 오류 메시지입니다(* 이는 윈도우 부트 파티션을 찾을 수 없을 때 윈도우 부트 로더에 의해 표시되는 문구입니다). 그러나 적대자가 하드 드라이브의 내용을 분석할 수 있는 경우에는 드라이브에 VeraCrypt 부트 로더가 포함되어 있음을 발견할 수 있을 것입니다. - 주의: 이 옵션을 사용하게 되면, VeraCrypt 부트 로더에 어떠한 텍스트도 표시되지 않습니다(* 심지어 잘못된 비밀번호를 입력했을 때도 마찬가지입니다). 사용자가 비밀번호를 입력할 수 있는 동안 컴퓨터는 작동이 멈춘 것처럼 보입니다(→ 커서가 움직이지 않고, 키를 누를 때 어떠한 별표(*)도 표시되지 않습니다.\n\n이 옵션을 사용하시겠습니까? - 사용자의 시스템 파티션/드라이바가 완전히 암호화된 것으로 보입니다. - VeraCrypt는 동적(dynamic) 디스크로 변환된 시스템 드라이브의 암호화는 지원하지 않습니다. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - 전체 드라이브 대신 시스템 파티션을 암호화하시겠습니까?\n\n(시스템 파티션의 암호화뿐만 아니라) 드라이브 상의 시스템 아닌 파티션 내에 파티션-기반의 VeraCrypt 볼륨을 만들 수 있습니다. - 시스템 드라이브가 (전체 드라이브를 점유하고 있는) 한 개의 파티션을 포함한 경우, 보통 그 파티션을 둘러싸고 있는 “느슨한” 여유 공간을 포함하고 있는 전체 드라이브를 암호화하는 것이 보다 안전합니다. - 임시 파일이 비-시스템 파티션에 저장되도록 시스템이 설정되어 있습니다.\n\n임시 파일은 시스템 파티션에만 저장될 수 있습니다. - 사용자 프로필 파일이 시스템 파티션에 저장되어 있지 않습니다.\n\n사용자 프로필 파일은 시스템 파티션에만 저장될 수 있습니다. - 페이징 파일이 비-시스템 파티션에 있습니다.\n\n페이징 파일은 시스템 파티션에만 위치할 수 있습니다. - 윈도우 파티션에만 페이징 파일이 만들어지도록 윈도우를 설정하시겠습니까?\n\n“예”를 클릭하면 컴퓨터가 다시 시작됩니다. 그런 다음 VeraCrypt를 시작한 후 숨긴 OS를 다시 만듭니다. - 그렇지 않으면 숨긴 운영체제의 그럴싸한 거부방법에 악영향을 끼치게 됩니다.\n\n참고: 적대자가 비-시스템 파티션에 존재하는 그 파일들의 내용을 분석해서 숨긴-시스템-생성 모드에서 사용자가 이 마법사를 사용했다는 사실(→ 이는 컴퓨터에 숨긴 운영체제가 존재한다는 것을 의미)을 발견할 수도 있습니다. 또한 시스템 파티션에 저장되어 있는 파일들은 (숨긴 운영체제를 만드는 과정 동안) VeraCrypt에 의해 안전하게 지워집니다. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - 보안상의 이유로, 현재 실행 중인 운영체제가 인증을 요구할 경우, 진행하기 전에 인증을 해야 합니다. 왜냐하면 “숨긴 운영체제”는 시스템 파티션의 내용을 숨긴 볼륨에 복사함으로써 생성되기 때문입니다. 만약 이러한 운영체제가 인증되지 않은 경우에는 숨긴 운영체제 또한 인증되지 않습니다. 더 자세한 정보를 보려면 VeraCrypt 사용자 안내서의 “Security Requirements and Precautions Pertaning to Hidden Volumes” 장을 참고하시기 바랍니다.\n\n중요: 진행하기 전에 VeraCrypt 사용자 안내서에 있는 “Security Requirements and Precautions Pertaining to Hidden Volumes”(숨긴 볼륨에 관련된 보안 지침)의 내용을 읽어보시길 권장합니다.\n\n\n현재 운영체제가 위 조건들을 충족시키고 있습니까? - 사용자의 시스템이 별도의 부트 파티션을 사용하고 있습니다. VeraCrypt는 별도의 부트 파티션을 사용하는 숨겨진 운영체제에서의 최대 절전 모드를 지원하지 않습니다(* 미끼용 시스템에서는 별 문제없이 최대 절전 모드 기능을 사용할 수 있습니다).\n\n부트 파티션이 미끼용 및 숨겨진 시스템에 의해 공유되는 것은 아닌지 확인해 주십시오. 그래서 최대 절전 모드 상태에서 깨어날 때 데이터 누수 및 문제점을 방지하기 위해, VeraCrypt는 숨겨진 시스템이 공유된 부트 파티션에 쓰는 것을 방지하고 또한 이 시스템이 최대 절전 모드로 진입하는 것을 막게 되는 것입니다.\n\n계속하시겠습니까? “아니오”를 선택하면, 별도의 부트 파티션을 제거하기 위한 지침이 표시됩니다. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - 주의: 시스템 파티션과 그 뒤에 있는 첫번쩨 파티션 사이에 할당되지 않은 공간이 있습니다. 숨긴 운영체제를 생성한 후에, 이러한 미할당 공간에 새로운 파티션을 만들어선 안됩니다. 그렇지 않으면 (새롭게 만들어진 파티션을 제거하기 전까지는) 숨긴 운영체제로 부팅을 할 수 없게 됩니다. - 이 알고리듬은 현재 시스템 암호화에 지원되지 않습니다. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - 키파일이 현재 시스템 암호화에서 지원되지 않습니다. - 주의: VeraCrypt가 원래의 키보드 레이아웃을 복구할 수 없습니다. 이 경우 비밀번호를 올바르게 입력할 수 없을지도 모릅니다. - 오류: VeraCrypt 키보드 레이아웃을 표준 US 키보드 레이아웃에 설정할 수 없습니다.\n\n(윈도우 시작 전에) US가 아닌 윈도우 키보드 레이아웃을 사용할 수 없는 부팅-전 환경에서 비밀번호를 입력할 필요가 있다는 것을 참고하세요. 그래서 표준 US 키보드 레이아웃을 사용해서 항상 비밀번호를 입력해야 합니다. - VeraCrypt가 키보드 레이아웃을 표준 US 키보드 레이아웃으로 잠시 변경했기 때문에, 오른쪽 Alt 키가 눌러진 상태에서 키를 눌러 문자를 입력할 수 없습니다. 그러나 Shift 키가 눌러진 상태에서는 적당한 키를 눌러 대부분의 문자를 입력할 수 있습니다. - VeraCrypt가 키보드 레이아웃의 변경을 방지했습니다. - 참고: (윈도우 시작 전에) US가 아닌 윈도우 키보드 레이아웃을 사용할 수 없는 부팅-전 환경에서 비밀번호를 입력할 필요가 있다는 것을 참고하세요. 그래서 표준 US 키보드 레이아웃을 사용해서 항상 비밀번호를 입력해야 합니다. 그러나 실제 US 키보드가 필요하지 않다는 사실을 명심하세요. 실제 US 키보드가 없는 경우일지라도, VeraCrypt는 (현재 및 부팅-전 환경에서) 사용자가 안전하게 비밀번호를 입력했는지를 자동으로 확인합니다. - 사용자가 파티션/드라이브를 암호화하기 전에, VeraCrypt 응급복구 디스크(VRD)를 먼저 만들어야 합니다. 그 목적은 다음과 같습니다:\n\n- 만약 VeraCrypt 부트 로더, 마스터 키 또는 다른 중요한 데이터가 손상된 경우, VRD를 이용해서 복구할 수 있습니다(그러나 여전히 올바른 비밀번호를 입력해야 합니다).\n\n- 만약 윈도우가 손상되어 시작이 되지 않는다면, VRD를 이용해서 윈도우의 시작 전에 파티션/드라이브를 영구적으로 암호해제할 수 있습니다.\n\n- VRD는 첫번째 드라이브 트랙(* 보통 시스템 로더나 부트 관리자를 포함하고 있음)의 내용에 대한 백업을 포함하고 있으므로 이를 이용해서 필요한 경우 복구할 수 있습니다.\n\nVeraCrypt 응급복구 디스크 ISO 이미지는 아래의 지정된 위치에서 생성됩니다. - “확인”을 클릭하면 Microsoft Windows Disc Image Burner가 실행됩니다. 이를 이용해서 VeraCrypt 응급복구 디스크 ISO 이미지를 CD 또는 DVD에 굽습니다.\n\n이 작업을 마친 후에 VeraCrypt 볼륨 만들기 마법사로 돌아가서 그 지침을 따릅니다. - 응급복구 디스크 이미지가 생성되어 다음 파일에 저장되었습니다: %s\n\n이제 이미지를 CD 또는 DVD에 구울 필요가 있습니다.\n\n%ls응급복구 디스크를 구운 후, “다음”을 클릭해서 응급복구 디스크가 올바르게 구워졌는지를 확인합니다. - 응급복구 디스크 이미지가 생성되어 다음 파일에 저장되었습니다: %s\n\n이제 응급복구 디스크를 CD/DVD에 굽거나 나중에 사용하기 위해 안전한 위치에 ISO 이미지를 이동해야 합니다.\n\n%ls계속하려면 “다음”을 클릭합니다. - 중요: 파일은 (개별 파일이 아닌) ISO 디스크 이미지로 CD/DVD에 구워져야 합니다. 굽기 작업에 대한 정보는 CD/DVD 리코딩 소프트웨어에 대한 문서를 참고해 주세요. ISO 디스크 이미지를 CD/DVD에 작성할 리코딩 소프트웨어가 없는 경우, 아래 링크를 클릭해서 무료 소프트웨어를 다운로드합니다.\n\n - Microsoft Windows Disc Image Burner 실행 - 주의: 과거에 VeraCrypt 응급복구 디스크를 이미 만든 경우, 이 디스크를 현재 시스템 파티션/드라이브에 다시 사용할 수 없습니다. 왜냐하면 서로 다른 마스터 키로 디스크가 생성되었기 때문입니다. 시스템 파티션/드라이브를 암호화할 때마다, 비록 동일한 비밀번호를 사용할지라도, 새로운 VeraCrypt 응급복구 디스크를 만들어야 합니다. - 오류: 시스템 암호화 설정을 저장할 수 없습니다. - 시스템 암호화 예비테스트를 시작할 수 없습니다. - 숨긴 운영체제의 생성 과정을 시작할 수 없습니다. - 지움 방식 - 일부 형식의 저장 매체에서, 데이터를 다른 데이터로 덮어쓰게 되면, Magnetic Force Microscopy 같은 기술을 이용해서 덮어쓰여진 데이터를 복구할 수 있습니다. 이것은 암호화된 형태로 덮어쓰여진 데이터에만 적용됩니다(→ 이는 VeraCrypt가 암호화되지 않은 파티션 또는 드라이브를 초기에 암호화한 경우에 발생합니다). 일부 연구와 정부 발표에 따르면, (의사무작위 및 비무작위 데이터로 여러번 데이터를 덮어쓰는 방법으로) 덮어쓰여진 데이터의 복구를 방지하거나 또는 매우 어렵게 할 수 있습니다. 그래서 만약 암호화할 데이터를 “적대적인 사람이 그러한 기술을 이용해서 복구할 수 있다”고 믿고 있다면, 여러분은 지움(wipe) 방식 중의 하나를 선택하고자 할 것입니다(→ 기존 데이터의 손실 없음). 지움(wiping)은 파티션/드라이브가 암호화된 후에는 실행되지 않습니다. 파티션/드라이브가 완전히 암호화되었을 때, 암호화되지 않은 모든 데이터는 쓰여질 수 없게 됩니다. 암호화된 파티션/드라이브에 쓰여지는 데이터는 먼저 실시간으로 메모리에서 암호화되고 그 후 (암호화된) 데이터가 디스크에 쓰여집니다. - 일부 형식의 저장 매체에서, 데이터를 다른 데이터로 덮어쓰게 되면(예: 데이터가 지워진 경우), Magnetic Force Microscopy 같은 기술을 이용해서 덮어쓰여진 데이터를 복구할 수 있습니다. 일부 연구와 정부 발표에 따르면, (의사무작위 및 비무작위 데이터로 여러번 데이터를 덮어쓰는 방법으로) 덮어쓰여진 데이터의 복구를 방지하거나 또는 매우 어렵게 할 수 있습니다. 그래서 만약 지워진 데이터를 “적대적인 사람이 그러한 기술을 이용해서 복구할 수 있다”고 믿고 있다면, 여러분은 다중-지움 방식 중의 하나를 선택하고자 할 것입니다.\n\n참고: 지움 횟수가 많은 방식을 이용할수록 데이터를 지우는 시간은 더욱 길어지게 됩니다. - 지우기 - \n참고: 사용자는 지우기 작업을 중단할 수 있고, 컴퓨터를 종료해서 숨긴 시스템을 다시 시작한 후 작업을 재개할 수 있습니다(* 이 마법사는 자동으로 실행됩니다). 그러나 사용자가 이를 중단하면, 지움 작업은 처음부터 다시 진행됩니다. - \n\n참고: 사용자가 지움 작업을 중단하고 이 작업을 다시 시작하면, 지움 작업은 처음부터 다시 진행됩니다. - 지움 작업을 중단하시겠습니까? - 주의: 선택한 파티션/장치의 모든 데이터는 지워지고 이를 잃게 됩니다. - 원래의 시스템이 존재했던 파티션의 모든 데이터는 지워지게 됩니다.\n\n참고: 지워질 파티션의 모든 데이터는 이 숨긴 시스템 파티션으로 복사되었습니다. - 주의: 예컨대 3번 지움 방식을 선택하게 되면 파티션/드라이브를 암호화하는 데 필요한 시간은 최대 4배가 길어집니다. 마찬가지로 35번 지움 방식을 선택하면, 최대 36배의 시간이 더 걸립니다(→ 이는 수주일이 걸릴 것입니다).\n\n그러나 지움(wiping)은 파티션/드라이브가 완전히 암호화된 후에는 실행되지 않습니다. 파티션/드라이브가 완전히 암호화되었을 때, 암호화되지 않은 모든 데이터는 쓰여질 수 없게 됩니다. 암호화된 파티션/드라이브에 쓰여지는 데이터는 먼저 실시간으로 메모리에서 암호화되고 그 후 (암호화된) 데이터가 디스크에 쓰여집니다(→ 그래서 실행에는 영향을 미치지 않습니다).\n\n지움 방식을 사용하시겠습니까? - 없음 (가장 빠름) - 1-번 (무작위 데이터) - 3-번 (US DoD 5220.22-M) - 7-번 (US DoD 5220.22-M) - 35-번 (“GUtmann”) - 256-번 - 운영체제 개수 - 주의: 경험이 없는 사용자는 “멀티-부트 설정의 윈도우”를 암호화하려고 시도해서는 안됩니다.\n\n계속하시겠습니까? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - 부트 드라이브 - 현재 실행 중인 운영체제가 부트 드라이브에 설치되어 있습니까?\n\n참고: 때로 윈도우가 윈도우 부트 로더 (부트 파티션)와 동일한 드라이브에 설치되지 않은 경우도 있습니다. 이 경우에 “아니오”를 선택합니다. - VeraCrypt는 운영체제가 설치되어 있는 드라이브에서 부팅을 하지 않는 운영체제의 암호화를 현재 지원하지 않고 있습니다. - 시스템 드라이브 수 - 운영체제에 몇 개의 드라이브가 있습니까?\n\n참고: 예컨대 사용자가 특정 운영체제(Windows, Mac OS X, Linux 등)를 첫번째(Primary) 드라이브에 설치하고, 다른 운영체제를 두번째(Secondary) 드라이브에 설치한 상태라면, “2 또는 그 이상”을 선택합니다. - VeraCrypt는 다수의 운영체제를 포함하고 있는 전체 드라이브의 암호화를 현재 지원하지 않습니다.\n\n가능한 해결책:\n\n- 뒤로 가서 단일 시스템 파티션만을 암호화하는 것을 선택한다면(→ 이는 전체 시스템 드라이브를 암호화하는 것을 선택하는 것과 반대개념), 그 시스템 중 하나를 암호화할 수 있습니다.\n\n- 대체방법으로 사용자가 (암호화할 드라이브에 한 개의 시스템만 남겨둔 채) 시스템의 일부를 다른 드라이브로 옮긴 경우라면 전체 드라이브를 암호화할 수 있습니다. - 한 개 드라이브에 다중 시스템 - 현재 실행 중인 운영체제가 설치되어 있는 드라이브에 설치된 다른 운영체제가 있습니까?\n\n참고: 예컨대 현재 실행되고 있는 운영체제가 드라이브 #0에 설치된 경우, 이 드라이브엔 여러 개의 파티션이 있고, 그 중 하나의 파티션이 윈도우를 포함하고 있고, 다른 파티션이 또다른 운영체제를 포함하고 있는 경우라면(예: Windows, Mac OS X, Linux 등), “예”를 선택합니다. - 비-윈도우 부트 로더 - 비-윈도우 부트 로드(또는 부트 관리자)가 마스터 부트 레코드(MBR)에 설치되어 있습니까?\n\n참고: 예컨대 부트 드라이브의 첫번째 트랙에 GRUB, LILO, XOS 또는 다른 비-윈도우 부트 관리자(또는 부트 로더)가 있는 경우, “예”를 선택합니다. - 멀티-부트 - VeraCrypt는 MBR에 비-윈도우 부트 로더가 설치되어 있는 멀티-부트 설정을 현재 지원하지 않고 있습니다.\n\n가능한 해결책:\n\n- 윈도우와 리눅스를 부팅하기 위해 부트 관리자(보통 GRUB)를 사용 중이라면, 부트 관리자를 MBR에서 특정 파티션으로 이동시킵니다. 그런 다음 이 마법사를 다시 시작하고 시스템 파티션/드라이브를 암호화합니다. VeraCrypt 부트 로더는 사용자의 주요한 부트 관리자가 될 것이고, 원래의 부트 관리자(보통 GRUB)는 (VeraCrypt 부트 로더 화면에서 Esc를 눌러) 부차적으로 사용할 수 있습니다. 이런 방법으로 리눅스를 부팅할 수 있게 됩니다. - 현재 실행 중인 운영체제가 부트 파티션에 설치된 경우, 시스템을 암호화 후에는 (비록 사용자가 암호화되지 않은 다른 시스템을 시작하기를 원할 경우일지라도) 사용자는 올바른 비밀번호를 입력할 필요가 있습니다.\n\n반대로 현재 실행 중인 운영체제가 윈도우 부트 파티션에 설치되어 있지 않은 경우 (또는 윈도우 부트 로더/관리자가 다른 시스템에 의해 사용되지 않고 있는 경우), 시스템을 암호화한 후에는 암호화되지 않은 시스템을 부팅하기 위해 올바른 비밀번호를 입력할 필요가 없습니다. -- 암호화되지 않은 시스템을 시작하려면 Esc 키만 누르면 됩니다. (만약 다수의 암호화되지 않은 시스템이 있는 경우라면, VeraCrypt Boot Manager 메뉴에서 시작할 시스템을 선택할 필요가 있습니다.)\n\n참고: 보통 가장 초기에 설치된 윈도우 시스템은 부트 파티션에 설치되어 있습니다. - 호스트로 보호된 영역의 암호화 - 많은 드라이브의 끝에는 이른바 “호스트로 보호된 영역(Host Protected Area)”이라 불리며 대개 운영체제로부터 숨겨진 영역이 있습니다. 그러나 일부 프로그램은 그러한 영역의 데이터를 읽고 쓸 수 있습니다.\n\n주의: 일부 컴퓨터 제작자들은 그러한 영역에 RAID, 시스템 복구, 시스템 설정, 진단 또는 다른 목적을 위한 도구 및 데이터를 저장하기도 합니다. 만약 부팅-전에 그러한 도구 또는 데이터에 접근할 수 있는 경우라면, 숨긴 영역을 암호화해서는 안됩니다(→ 위에서 “아니오” 선택).\n\n시스템 드라이브의 끝에 있는 그러한 숨긴 영역이 존재하는 경우에 VeraCrypt가 이를 발견해서 암호화하도록 하시겠습니까? - 시스템 암호화 형식 - ① 시스템 파티션 또는 ② 전체 시스템 드라이브를 단지 암호화만 하려면 이 옵션을 선택합니다. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - 숨긴 운영체제 - 다음 단계에서 여러분은 시스템 파티션 뒤에 있는 첫번째 파티션 안에 2개의 VeraCrypt (외부 및 숨긴) 볼륨을 만들게 됩니다. 숨긴 볼륨은 “숨긴 운영체제(OS)”를 포함하게 됩니다. VeraCrypt는 현재 실행 중인 OS가 설치된 곳의 “시스템 파티션의 내용을 숨긴 볼륨에 복사함”으로써 숨긴 OS를 만듭니다. 겉으로 보기에 상당히 민감하게 보이지만 숨기고 싶지 않은 일부 파일들을 외부 볼륨에 복사합니다. 강요에 의해 “숨긴 OS 파티션의 비밀번호”를 노출해야만 하는 경우, 거기에 있는 파일들이 표시됩니다. 숨긴 OS 파티션 내에 있는 “외부 볼륨의 비밀번호”는 노출될 수 있지만, 숨긴 OS의 존재는 여전히 비밀로 남습니다.\n\n마지막으로 현재 실행 중인 운영체제에서 새로운 OS(→ 이른바 미끼용 OS)를 설치하고 이를 암호화할 수 있습니다. 미끼용 OS는 민감한 데이터를 포함하지 않아야 하며, 이는 부팅-전 인증 비밀번호의 노출을 강요하는 사람을 위한 것입니다. 정리하면 3개의 비밀번호가 있습니다. 그 중 2개의(→ 미끼용 OS 및 외부 볼륨을 위한) 비밀번호는 공격자에게 공개해도 무방합니다. 제3의 비밀번호를 사용하면, “숨긴 OS”가 시작됩니다. - 숨겨진 섹터를 탐지 중 - VeraCrypt가 시스템 드라이브의 끝에 있음직한 숨겨진 섹터를 탐지하는 동안 잠시 기다려 주세요. 완료하려면 상당한 시간이 걸릴 수도 있습니다.\n\n참고: 아주 가끔 일부 컴퓨터에서 탐지 과정 중에 시스템의 응답이 없을 수도 있습니다. 이러한 경우에는, ① 컴퓨터를 다시 시작한 후 ② VeraCrypt를 시작해서 ③ (이러한 탐지 과정을 제외한) 이전 단계를 반복합니다. 이 문제는 VeraCrypt의 버그에 의해 발생한 문제가 아닙니다. - 암호화할 영역 - 현재 실행 중인 윈도우 시스템이 설치된 드라이브 전체를 암호화하려면 이 옵션을 선택합니다. 전체 드라이브(→ 모든 파티션 포함)가 암호화됩니다만, VeraCrypt 부트 로더가 자리잡는 첫번째 트랙은 암호화에서 제외됩니다. 드라이브에 설치된 시스템 또는 드라이브에 저장된 파일에 접근하려는 사람은 시스템 시작 전에 매번 올바른 비밀번호를 입력해야 합니다. 이 옵션은 윈도우가 설치되지 않았고 또한 부팅이 되지 않는 두번째 또는 외부 드라이브를 암호화하는 데 사용될 수 없습니다. - 무작위 데이터를 수집 중 - 키가 생성됨 - VeraCrypt가 컴퓨터에 연결된 CD/DVD 버너를 발견하지 못햇습니다.\n\nCD/DVD 버너로 응급 복구 디스크 이미지 (암호화 키, VeraCrypt 부트 로더, 원래의 시스템 로더 등)를 작성하거나 적어도 백업을 하는게 좋습니다. - CD/DVD 버너가 없지만 이동식 드라이브 (예: USB 플래시 드라이브) 에 응급 복구 디스크 이미지를 저장합니다. - 나중에 내 컴퓨터에 CD/DVD 버너를 연결합니다. 프로세스를 종료합니다. - 지금 내 컴퓨터에 CD/DVD 버너가 연결되어 있습니다. 계속 응급 복구 디스크를 작성합니다. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - 응급복구 디스크 굽기 - 응급복구 디스크가 생성됨 - 시스템 암호화 예비테스트 - 응급복구 디스크 검증 - \nVeraCrypt 응급복구 디스크를 성공적으로 검증했습니다. 이제 드라이브에서 디스크를 제거하고 안전한 장소에 보관해 주세요.\n\n계속하려면 “다음”을 클릭하세요. - 주의: 다음 단계를 진행하는 동안 VeraCrypt 응급복구 디스크가 드라이브에 존재하지 않아야 합니다. 그렇지 않으면, 그 단계를 올바르게 완료할 수 없게 됩니다.\n\n드라이브에서 제거한 다음 안전한 장소에 보관해 주세요. 그 다음에 “확인”을 클릭합니다. - 주의: 부팅-전 환경의 기술적 제한때문에, 부팅-전 환경(예: 윈도우 시작 전)에서 VeraCrypt에 의해 표시되는 텍스트는 현지화될 수 없습니다. VeraCrypt 부트 로더 인터페이스는 모두 영어입니다.\n\n계속하시겠습니까? - 시스템 파티션 또는 드라이브를 암호화하기 전에, VeraCrypt는 모든 것이 올바르게 작동하는지 여부를 검증할 필요가 있습니다.\n\n“테스트”를 클릭하면, 필요한 모든 구성요소(예: 부팅-전 인증 요소 즉 VeraCrypt 부트 로더)가 설치되고 컴퓨터가 다시 시작될 것입니다. 그리고나서 윈도우가 시작되기 전에 VeraCrypt 부트 로더 화면에서 비밀번호를 입력해야 합니다. 윈도우가 시작되면, 예비테스트 결과를 자동으로 통지받게 됩니다.\n\n다음과 같은 장치가 수정됩니다: 장치 #%d\n\n\n지금 “취소”를 클릭하면 어떤 것도 설치되지 않고 예비테스트는 실행되지 않습니다. - 중요한 메모 -- 읽거나 (“인쇄”를 클릭해서) 인쇄를 해주세요:\n\n컴퓨터를 성공적으로 다시 시작하거나 윈도우를 시작하기 전에는 어떤 파일도 암호화되지 않습니다. 그래서 어떤 실패가 있더라도 사용자의 데이터는 손실되지 않습니다. 그러나 무엇인가 잘못될 경우, 윈도우를 시작하는 데 어려움을 겪을 수도 있습니다. 그러므로 컴퓨터를 다시 시작한 후에 “윈도우가 시작되지 않는 경우 해야 할 일”에 대한 다음 안내문을 반드시 읽어 주십시오(* 가능하다면 인쇄하길 권장합니다).\n\n - 윈도우가 시작되지 않는 경우 해야 할 일 ------------------------------------------------\n\n참고: 이 지침은 사용자가 암호화 작업을 시작하지 않은 경우에만 타당합니다.\n\n- 반복해서 올바른 비밀번호를 입력했는데도 VeraCrypt가 잘못된 비밀번호를 입력했다고 말할 경우에 당황하지 마세요. 컴퓨터를 다시 시작하고, VeraCrypt 부트 로더 화면에서, Esc 키를 누릅니다. 멀티 시스템인 경우에는 시작할 시스템을 선택하세요. 그러면 윈도우가 시작되고(→ 암호화가 되지 않은 경우에 해당) VeraCrypt가 부팅-전 인증 요소를 제거할 것인지 여부를 자동으로 묻게 됩니다. 만약 시스템 파티션/드라이브가 암호화된 경우라면 이전 단계가 동작하지 않게 됩니다. 어느 누구도 (설령 그가 이전 단계를 따랐다고 하더라도) 올바른 비밀번호 없이 드라이브의 암호화된 데이터에 접근하거나 윈도우를 시작할 수 없습니다.\n\n - - 만약 이전 단계가 도움이 되지 않거나 (윈도우가 시작되기 전에) VeraCrypt 부트 로더 화면이 나타나지 않으면, VeraCrypt 응급복구 디스크를 CD/DVD 드라이브에 삽입한 다음 컴퓨터를 다시 시작합니다. 만약 ① VeraCrypt 응급복구 디스크 화면이 나타나지 않거나 ② VeraCrypt 응급복구 디스크 화면의 “키보드 컨트롤” 섹션에서 Repair Option(수리 옵션) 항목을 볼 수 없는 경우, BIOS 설정에서 CD/DVD 부팅보다 하드 디스크 부팅이 먼저 되도록 설정되어 있는 경우일 수 있습니다. 이런 경우라면, 컴퓨터를 다시 시작한 다음 (BIOS 화면이 나타난 순간) F2 또는 Delete 키를 누르고 잠시 기다리면 BIOS 설정 화면이 나타납니다. BIOS 설정 화면이 나타나지 않으면 컴퓨터를 다시 시작하고 F2 또는 Delete 키를 누르는 것을 반복합니다. BIOS 설정 화면이 나타나면, CD/DVD 드라이브가 제일 먼저 부팅되도록 설정합니다(자세한 정보는 BIOS 또는 motherboard를 위한 문서를 참고하거나 컴퓨터 판매처의 기술지원 팀에게 도움을 요청하시기 바랍니다). 그런 다음 컴퓨터를 다시 시작합니다. 이제 VeraCrypt 응급복구 디스크 화면이 나타날 것입니다. VeraCrypt 응급복구 디스크 화면에서, F8을 눌러 “Repair Options”를 선택합니다. “Repair Options” 메뉴에서 “Restore original system loader”를 선택합니다. 그런 다음 응급복구 디스크를 CD/DVD 드라이브에서 제거한 다음 컴퓨터를 다시 시작합니다. (암호화가 해제된 경우) 윈도우가 정상적으로 시작됩니다.\n\n - 만약 시스템 파티션/드라이브가 암호화된 경우라면 이전 단계가 동작하지 않게 됩니다. 어느 누구도 (설령 그가 이전 단계를 따랐다고 하더라도) 올바른 비밀번호 없이 드라이브의 암호화된 데이터에 접근하거나 윈도우를 시작할 수 없습니다.\n\n\n사용자가 VeraCrypt 응급복구 디스크를 분실하고 공격자가 이를 발견했을지라도 올바른 비밀번호 없이는 시스템 파티션 또는 드라이브의 암호를 해제할 수 없습니다. - 예비테스트 완료 - 예비테스트를 성공적으로 완료했습니다.\n\n주의: 기존의 자체 데이터를 암호화하는 동안 ① 전력 공급이 갑자기 중단되거나 ② 소프트웨어 또는 하드웨어의 문제때문에 운영체제가 충돌을 일으키면, 일부 데이터가 손상되거나 유실될 수 있습니다. 그러므로 암호화 작업을 시작하기 전에 암호화하고자 하는 파일의 복사을 백업해 두었는지를 확인해야 합니다. 백업을 하지 않은 경우라면 지금 파일들을 백업해 두시기 바랍니다. “연기”를 클릭해서 파일을 백업하고 VeraCrypt를 다시 실행한 다음, 암호화를 시작하려면 “시스템” ▶ “중단된 진행을 다시 시작”을 선택합니다.\n\n준비가 되었고 암호화 작업을 시작하려면 “암호화”를 클릭하세요. - 사용자는 언제라도 암호화 또는 암호해제 작업을 중단시키기 위해 “정지” 또는 “연기”를 클릭할 수 있고, 마법사를 종료한 후 컴퓨터를 다시 시작하고, 중단된 시점부터 다시 작업을 진행시킬 수 있습니다. 시스템 또는 프로그램이 시스템 드라이브의 데이터를 읽고 쓸 때 속도저하를 막기 위해, VeraCrypt는 데이터가 읽고 쓰여질 때까지 자동으로 대기한 다음 암호화 또는 암호해제 작업을 자동으로 계속합니다. - \n\n사용자는 언제라도 암호화 작업을 중단시키기 위해 “정지” 또는 “연기”를 클릭할 수 있고, 마법사를 종료한 후 컴퓨터를 다시 시작하고, 중단된 시점부터 다시 작업을 진행시킬 수 있습니다. 볼륨이 완전히 암호화되기 전에는 이 볼륨을 삽입할 수 없습니다. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - 숨겨진 시스템이 시작됨 - 원래의 시스템 - 윈도우는 (대개 사용자의 인식 또는 동의 없이) 시스템 파티션에 다양한 로그 파일, 임시 파일 등을 만듭니다. 또한 RAM의 내용을 시스템 파티션에 위치한 최대 절전 모드 및 페이징 파일에 저장하기도 합니다. 그래서 적대자가 원래의 시스템(* 이 시스템의 숨겨진 시스템은 복제된 것임)이 존재했던 파티션에 저장된 내용을 분석해서 예컨대 숨긴-시스템-생성 모드에서 VeraCrypt 마법사를 사용했다는 사실(→ 이는 컴퓨터에 숨긴 운영체제가 존재한다는 것을 의미)을 발견할 수도 있습니다.\n\n이런 문제점을 방지하기 위해 VeraCrypt는 다음 단계에서 원래의 시스템이 있었던 파티션의 전체 내용을 안전하게 지우게 됩니다. 이후 그럴싸한 거절방법을 만들기 위해 사용자는 “파티션에 새로운 시스템을 설치해서 이를 암호화”할 필요가 있습니다. 사용자가 미끼용 시스템을 만들게 되면, 숨긴 운영체제 생성의 전체 과정은 마무리되게 됩니다. - 숨긴 운영체제가 성공적으로 만들어졌습니다. 그러나 이를 사용하기 전에(* 또한 그럴싸한 거절방법을 만들기 전에), 현재 실행 중인 운영체제가 설치되어 있는 파티션의 전체 내용을 VeraCrypt를 이용해서 안전하게 지워야 할 필요가 있습니다. 이 작업을 하기 전에 컴퓨터를 다시 시작한 다음 VeraCrypt 부트 로더 화면(→ 윈도우 시작 전에 나타남)에서 미끼용 운영체제에 대한 비밀번호를 입력합니다. 그러면 숨긴 시스템이 시작이 되고, VeraCrypt 마법사가 자동으로 실행됩니다.\n\n참고: 숨긴 운영체제의 생성 과정 작업을 지금 종료하도록 선택한 경우, 이 작업을 다시 시작할 수 없게 되고, 숨긴 시스템에 접근할 수 없게 됩니다(* VeraCrypt 부트 로더가 제거되었기 때문). - 숨긴 운영체제의 생성 과정을 예약했습니다. 진행 작업이 아직 완료되지 않았습니다. 작업을 완료하려면 컴퓨터를 다시 시작한 다음 VeraCrypt 부트 로더 화면(→ 윈도우 시작 전에 나타남)에서 미끼용 운영체제에 대한 비밀번호를 입력해야 합니다.\n\n참고: 숨긴 운영체제의 생성 과정 작업을 지금 종료하도록 선택한 경우, 이 작업을 다시 시작할 수 없게 됩니다. - 컴퓨터를 다시 시작한 후 계속 진행 - 숨긴 운영체제의 생성 과정 작업을 완전히 종료 - 지금 아무 것도 안하고 나중에 다시 묻기 - \n가능하다면 다음 텍스트를 인쇄해 주세요(* 아래의 “인쇄” 클릭).\n\n\n(암호화 후) VeraCrypt 응급복구 디스크 사용 방법 및 그 시기 -----------------------------------------------------------------------------------\n\n - I. VeraCrypt 응급복구 디스크 부팅 방법\n\nVeraCrypt 응급복구 디스크로 부팅하려면, CD/DVD 드라이브를 삽입한 다음 컴퓨터를 다시 시작합니다. 만약 ① VeraCrypt 응급복구 디스크 화면이 나타나지 않거나 ② VeraCrypt 응급복구 디스크 화면의 “키보드 컨트롤” 섹션에서 Repair Option(수리 옵션) 항목을 볼 수 없는 경우, BIOS 설정에서 CD/DVD 부팅보다 하드 디스크 부팅이 먼저 되도록 설정되어 있는 경우일 수 있습니다. 이런 경우라면, 컴퓨터를 다시 시작한 다음 (BIOS 화면이 나타난 순간) F2 또는 Delete 키를 누르고 잠시 기다리면 BIOS 설정 화면이 나타납니다. BIOS 설정 화면이 나타나지 않으면 컴퓨터를 다시 시작하고 F2 또는 Delete 키를 누르는 것을 반복합니다. BIOS 설정 화면이 나타나면, CD/DVD 드라이브가 제일 먼저 부팅되도록 설정합니다(자세한 정보는 BIOS 또는 motherboard를 위한 문서를 참고하거나 컴퓨터 판매처의 기술지원 팀에게 도움을 요청하시기 바랍니다). 그런 다음 컴퓨터를 다시 시작합니다. 이제 VeraCrypt 응급복구 디스크 화면이 나타날 것입니다. 참고: VeraCrypt 응급복구 디스크 화면에서, F8을 눌러 “Repair Options”를 선택합니다.\n\n\n - II. (암호화 후) VeraCrypt 응급복구 디스크 사용 방법 및 그 시기\n\n - 1) 만약 컴퓨터를 다시 시작한 후에 VeraCrypt 부트 로더 화면이 나타나지 않거나 (또는 윈도우 부팅이 되지 않는 경우), VeraCrypt 부트 로더가 손상되었을 수도 있습니다. VeraCrypt 응급복구 디스크를 이용해서 이를 복구할 수 있고 암호화된 시스템 및 데이터에 다시 접근할 수 있습니다. 그러나 여전히 올바른 비밀번호를 입력해야만 합니다. 응급복구 디스크 화면에서, “Repair Options” ▶ “Restore VeraCrypt Boot Loader”를 선택합니다. 작업을 승인하려면 “Y”를 누른 다음, CD/DVD 드라이브에서 응급복구 디스크를 제거한 후 컴퓨터를 다시 시작합니다.\n\n - 2) 올바른 비밀번호를 반복해서 입력했지만 VeraCrypt가 잘못된 비밀번호라고 하는 경우, 마스터 키 또는 다른 중요한 데이터가 손상되었을 수도 있습니다. VeraCrypt 응급복구 디스크를 이용해서 이를 복구할 수 있고 암호화된 시스템 및 데이터에 다시 접근할 수 있습니다. 그러나 여전히 올바른 비밀번호를 입력해야만 합니다. 응급복구 디스크 화면에서, “Repair Options” ▶ “Restore key data”를 선택합니다. 비밀번호를 입력 후 “Y”를 눌러 이를 승인한 다음, CD/DVD 드라이브에서 응급복구 디스크를 제거한 후 컴퓨터를 다시 시작합니다.\n\n - 3) 만약 VeraCrypt 부트 로더가 손상된 경우, VeraCrypt 응급복구 디스크로 직접 부팅해서 그 실행을 피할 수 있습니다. CD/DVD 드라이브에 응급복구 디스크를 삽입한 다음 응급복구 화면에서 비밀번호를 입력합니다.\n\n - 4) 만약 윈도우기 손상되어 시작되지 않는 경우, (VeraCrypt 응급복구 디스크를 이용해서) 윈도우가 시작되기 전에 파티션/드라이브를 영구적으로 암호해제할 수 있습니다. 응급복구 디스크 화면에서, “Repair Options”(수리 옵션) ▶ “Permanently decrypt system partition/drive”(시스템 파티션/드라이브의 영구적 암호해제)를 선택합니다. 그런 다음 올바른 비밀번호를 입력하고 암호해제 작업이 끝날 때까지 기다립니다. 이제 윈도우 설치를 수리하기 위해 예컨대 MS 윈도우 설치 CD/DVD로 부팅할 수 있습니다.\n\n - 참고: 또다른 방법으로는, 만약 윈도우가 손상되어(→ 시작 불능) 이를 수리할 필요가 있는 경우(→ 또는 윈도우의 파일에 접근해야 하는 경우) 다음 단계에 의해 시스템 파티션/드라이브의 암호해제를 피할 수 있습니다. 컴퓨터에 설치된 운영체제가 여러 개인 경우, 부팅-전 인증을 필요로 하지 않는 운영체제로 부팅을 합니다. 컴퓨터에 여러 운영체제가 없는 경우에는 ① WinPE 또는 BartPE CD/DVD로 부팅을 하거나 ② 두번째(Secondary) 또는 외부 드라이브인 시스템 드라이브를 다른 컴퓨터에 연결해서 컴퓨터에 설치되어 있는 운영체제에 연결할 수 있습니다. 시스템을 부팅한 다음 VeraCrypt를 실행하고 “장치 선택”을 클릭해서 문제가 생긴 시스템 파티션을 선택한 후 “확인”을 클릭하고 “시스템 ▶ 부팅-전 인증 없이 삽입”을 선택한 다음 부팅-전-인증 암호를 입력한 후 “확인”을 클릭합니다. 보통의 VeraCrypt 볼륨으로서 파티션이 삽입됩니다(→ 여느 때처럼 데이터가 RAM에서 바로 암호해제/암호화됩니다).\n\n\n - 사용자가 VeraCrypt 응급복구 디스크를 분실하고 공격자가 이를 발견했을지라도 올바른 비밀번호 없이는 시스템 파티션 또는 드라이브의 암호를 해제할 수 없습니다. - \n\n중 요 -- 가능하다면 다음 텍스트를 인쇄해 주십시오(→ 아래 “인쇄” 클릭).\n\n참고: 이 텍스트는 사용자가 숨긴 시스템을 시작할 때마다 미끼용 시스템을 만들기 시작할 때까지 자동으로 표시됩니다.\n\n\n - 미끼용 시스템을 안전하게 만드는 방법 ----------------------------------------------------------------------------\n\n그럴싸한 거절방법을 만들려면, 사용자는 미끼용 시스템을 지금 만들어야 합니다. 이 작업을 하려면 다음 지침을 따릅니다:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) 지워진 데이터를 가지고 있었던 파티션(예: 원래의 시스템이 설치되어 있었던 파티션)에 윈도우를 설치합니다.\n\n중 요: 미끼용 시스템의 설치를 시작하면, 숨긴 시스템을 부팅되지 않습니다(→ 왜냐하면 윈도우 시스템 설치기에 의해 VeraCrypt 부트 로더가 지워지기 때문입니다). 이는 예견되었던 정상적인 상태입니다. 당황하지 마시기 바랍니다. 미끼용 시스템의 암호화를 시작하는 순간부터 숨긴 시스템을 다시 부팅시킬 수 있습니다(* VeraCrypt가 시스템 드라이브에 VeraCrypt 부트 로더를 자동으로 설치하기 때문입니다).\n\n중요: 미끼용 시스템 파티션의 크기는 숨긴 볼륨의 크기와 동일해야 합니다(* 이 조건은 이제 충족되었습니다). 또한 “미끼용 시스템 파티션”과 “숨긴 시스템이 존재하는 파티션” 사이에 다른 파티션을 만들어서는 안됩니다.\n\n - 3) 미끼용 시스템(→ 2단계에서 설치하고 이에 VeraCrypt를 설치한 파티션)을 부팅합니다.\n\n미끼용 시스템에 민감한 데이터를 포함시켜선 안됩니다.\n\n - 4) 미끼용 시스템에서 VeraCrypt를 실행한 후 “시스템” > “시스템 파티션/드라이브 암호화”를 선택합니다. VeraCrypt 볼륨 만들기 마법사 창이 나타날 것입니다.\n\nVeraCrypt 볼륨 만들기 마법사에 다음 단계들이 적용됩니다.\n\n - 5) VeraCrypt 볼륨 만들기 마법사에서 “숨김” 옵션을 선택하지 마시기 바랍니다. 선택된 “표준” 옵션을 그래도 둔 채 “다음”을 클릭합니다.\n\n - 6) “윈도우 시스템 파티션 암호화” 옵션을 선택한 후 “다음”을 클릭합니다.\n\n - 7) 컴퓨터에 숨긴 시스템과 미끼용 시스템만 설치되어 있는 경우, “싱글-부트” 옵션을 선택합니다(* 이러한 2개 시스템 이상이 컴퓨터에 설치되어 있는 경우라면 “멀티-부트”를 선택합니다). “다음”을 클릭합니다.\n\n - 8) 중요: 이 단계에서 “숨긴 시스템”을 위해 선택했던 암호화 알고리듬과 해시 알고리듬을 “미끼용 시스템”에도 동일하게 적용해야 합니다. 그렇지 않으면 “숨긴 시스템”에 접근하지 못하게 됩니다! 다시 말해 미끼용 시스템은 “숨긴 시스템”과 동일한 암호 알고리듬으로 암호화되어야 합니다. 참고: 그 이유는 미끼용 시스템과 숨긴 시스템은 한 개의 부트 로더를 공유하게 되는데, 이 부트 로더는 사용자가 선택한 단일 알고리듬만을 지원하기 때문입니다(* 각 알고리듬에 대해 특별한 버전의 VeraCrypt 부트 로더가 있습니다).\n\n - 9) 이 단계에서 미끼용 운영체제에 대한 비밀번호를 선택합니다. 이것은 부팅-전 인증 비밀번호를 강요하거나 요청받은 경우에 그 강요자에게 표시할 비밀번호입니다. 표시할 수 있는 다른 비밀번호는 외부 볼륨에 대한 것입니다. 제3의 비밀번호(→ 숨긴 운영체제를 위한 부팅-전 인증 비밀번호)의 존재는 여전히 비밀로 남습니다.\n\n중요: 미끼용 시스템을 위해 선택한 비밀번호는 숨긴 볼륨(→ 숨긴 운용체제)용으로 선택했던 비밀번호와 서로 달라야 합니다. - 10) 마법사의 나머지 지침들을 따라 미끼용 운영체제를 암호화합니다.\n\n\n\n - 미끼용 시스템이 만들어진 이후 ------------------------------------------------\n\n미끼용 시스템을 암호화한 이후, 숨긴 운영체제의 생성 과정은 모두 완료되고 사용자는 이제 3가지의 비밀번호를 사용할 수 있게 됩니다:\n\n1) 숨긴 운영체제용 부팅-전 인증 비밀번호\n\n2) 미끼용 운영체제용 부팅-전 인증 비밀번호\n\n3) 외부 볼륨용 비밀번호\n\n - 숨긴 운영체제를 시작하려면, VeraCrypt 부트 로더 화면(→ 컴퓨터를 켜거나 재시작할 때 나타남)에서 숨긴 운영체제용 비밀번호를 입력합니다.\n\n미끼용 운영체제를 시작하려면, VeraCrypt 부트 로더 화면에서 미끼용 운영체제용 비밀번호를 입력합니다.\n\n미끼용 시스템에 대한 비밀번호는, 부팅-전 인증 비밀번호의 노출을 강요하는 사람에게, 표시될 수 있습니다. 숨긴 볼륨 (및 숨긴 운영체제)의 존재는 여전히 비밀로 남습니다.\n\n - 세번째 비밀번호(* 외부 볼륨용)는 노출을 강요하는 자에게 공개되어도 상관이 없는 “시스템 파티션 뒤의 첫번째 파티션에 대한 비밀번호용”입니다. 시스템 파티션에는 ① 외부 볼륨 및 ② 숨긴 볼륨(→ 숨긴 운영체제 포함)이 자리잡고 있습니다. 숨긴 볼륨 (및 숨긴 운영체제)의 존재는 여전히 비밀로 남습니다.\n\n\n - 적대자에게 미끼용 시스템의 비밀번호를 노출했는데, 그가 (미끼용) 시스템의 여유 공간에 왜 무작위 데이터가 있는지를 물어볼 경우, 다음의 예와 같이 답변할 수 있습니다: “이 파티션은 VeraCrypt에 의해 암호화된 시스템을 포함하고 있었던 이전에 포함하고 있었다. 그러나 부팅-전 인증 비밀번호를 잊어버렸다(* 또는 시스템이 손상되었거나 부팅이 되지 않는다). 그래서 윈도우를 다시 설치한 후 파티션을 다시 암호화할 수밖에 없었다.”\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - 주의: “숨긴 볼륨을 보호하지 않은 경우라면(→ 보호하는 방법은 VeraCrypt 사용자 안내서의 “Protection of Hidden Volumes Against Damage” 부분 참고), 절대로 “외부 볼륨”에 쓰기를 해서는 안됩니다. 미끼용 운영체제가 외부 볼륨에 설치되어 있지 않다는 점을 명심하세요. 만약 외부 볼륨에 데이터를 작성해 버리면 숨긴 볼륨(→ 이 안에 숨긴 운영체제가 존재함)을 덮어쓰게 되고 이를 손상시키게 됩니다. - 운영체제 복제(cloning) - 다음 단계에서 VeraCrypt는 시스템 파티션의 내용을 숨긴 볼륨에 복사하는 방법으로 숨긴 운영체제를 만듭니다. 복사되는 데이터는 미끼용 운영체제에서 사용되는 키와 다른 것으로 실시간으로 암호화됩니다.\n\n진행 과정은 부팅-전 환경(→ 윈도우 시작 전)에서 실행되고, 완료하는데 많은 시간이 소요될 수 있습니다(→ 시스템 파티션의 크기 및 컴퓨터의 성능에 따라 몇 시간 또는 몇 일이 걸릴 수 있습니다).\n\n여러분은 진행 과정에 간섭할 수 있으며, 컴퓨터를 종료하고 운영체제를 시작하며 진행 과정을 다시 시작할 수도 있습니다. 그러나 진행 과정에 간섭을 할 경우, 시스템 복사 작업은 처음부터 시작하게 됩니다. 왜냐하면 시스템 파티션의 내용은 복제하는 동안 변경되어선 안되기 때문입니다. - 숨긴 운영체제의 전체 생성 작업을 취소하시겠습니까?\n\n참고: 지금 취소하게 되면 이 진행 작업을 다시 시작할 수 없게 됩니다. - 시스템 암호화 예비테스트를 취소하시겠습니까? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - 시스템 파티션/드라이브가 (부분적으로 또는 완전히) 암호화되지 않은 것으로 보입니다. - 시스템 파티션/드라이브가 (완전히 또는 부분적으로) 암호화되었습니다.\n\n작업을 진행하기 전에 시스템 파티션/드라이브를 완전히 암호해제시켜 주세요. 해제하려면 VeraCrypt 메인 창의 메뉴표시줄에서 “시스템” ▶ “시스템 파티션/드라이브 영구적 암호해제”를 선택하세요. - 시스템 파티션/드라이브가 (완전히 또는 부분적으로) 암호화된 경우, VeraCrypt를 다운그레이드할 수 없습니다(* 업그레이드하거나 동일 버전을 재설치할 수는 있습니다). - 시스템 파티션/드라이브가 현재 암호화, 암호해제 또는 다른 방식으로 수정되었습니다. 작업을 진행하기 전에 암호화/암호해제/수정 작업 진행을 중단해 주세요(또는 마칠 때까지 기다립니다). - VeraCrypt 볼륨 만들기 마법사가 현재 이 시스템에서 실행되어 시스템 파티션/드라이브에 대해 암호화/암호해제 작업을 수행 중이거나 준비 중입니다. 진행하기 전에, 그 작업이 끝날 때까지 기다리거나 닫아 주세요. 만약 닫기 작업이 되지 않는 경우에는 진행 전에 컴퓨터를 다시 시작해야 합니다. - 시스템 파티션/드라이브에 대한 암호화 또는 암호해제 작업 진행이 완료되지 않았습니다. 진행하기 전에 작업이 마칠 때까지 기다려 주세요. - 오류: 시스템 파티션/드라이브에 대한 암호화 작업이 완료되지 않았습니다. 먼저 작업을 완료해야 합니다. - 오류: 시스템 파티션/볼륨에 대한 암호화 작업이 완료되지 않았습니다. 먼저 작업을 완료해야 합니다.\n\n참고: 이 작업을 다시 시작하려면, VeraCrypt 메인 창의 메뉴 표시줄에 있는 “볼륨” > “중단된 진행을 다시 시작”을 선택해서 실행할 수 있습니다. - 올바른 비밀번호입니다. VeraCrypt가 볼륨 헤더를 성공적으로 암호해제하고, 현재 볼륨이 숨긴 시스템 볼륨임을 탐지했습니다. 그러나 숨긴 시스템 볼륨의 헤더를 이런 방식으로 수정할 수는 없습니다.\n\n숨긴 시스템 볼륨에 대한 비밀번호를 변경하려면, 숨긴 볼륨에 위치한 운영체제를 부팅한 다음 메뉴에서 “시스템” ▶ “비밀번호 변경”을 선택합니다.\n\n헤더 키 도출 알고리듬을 설정하려면, 숨긴 운영체제로 부팅한 다음 “시스템” ▶ “헤더 키 도출 알고리듬 설정”을 선택합니다. - VeraCrypt는 “숨긴 시스템 파티션의 자체 암호해제”를 지원하지 않습니다.\n\n참고: 미끼용 시스템 파티션의 암호를 해제하려는 경우, 미끼용 시스템으로 부팅한 다음 VeraCrypt 메뉴에서 “시스템” ▶ “시스템 파티션/드라이브의 영구적 암호해제”를 선택합니다. - 오류: 올바르지 않은/잘못된 변수. - 사용자가 파티션 또는 장치를 선택했습니다만, 선택한 마법사 모드는 파일 보관소용으로만 적당합니다.\n\n마법사 모드를 변경하시겠습니까? - 대신 VeraCrypt 파일 보관소를 만드시겠습니까? - 사용자가 시스템 파티션/드라이브 (또는 부트 파티션)을 선택했지만, 선택한 마법사 모드는 비-시스템 파티션/드라이브에만 해당됩니다.\n\n부팅-전 인증(→ 이는 윈도우 부팅/시작 전에 매번 비밀번호를 입력해야 한다는 것을 의미)을 설정하고, 시스템/드라이브를 암호화하시겠습니까? - 시스템 파티션/드라이브를 영구적으로 암호해제하시겠습니까? - 주의: 만약 시스템 파티션/드라이브를 영구적으로 암호해제시키면, 암호화되지 않은 데이터가 그곳에 덮여쓰여지게 됩니다.\n\n시스템 파티션/드라이브를 영구적으로 암호해제시키겠습니까? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - 주의: 시스템 암호화에 층계적 암호문을 사용한 경우, 다음과 같은 문제점을 만날 수 있습니다:\n\n1) VeraCrypt 부트 로더의 크기가 보통보다 커서 부트 로더의 백업용 첫번째 드라이브의 트랙에 충분한 공간이 없습니다. 그러므로 부트 로더가 손상(→ 악성코드 프로그램의 실행 등으로 종종 발생함)될 때마다 부팅하기 위해 또는 부트 로더를 수리하기 위해 VeraCrypt 응급복구 디스크를 사용할 필요가 있습니다.\n\n2) (일부 컴퓨터에서) 최대 절전 모드에서의 시스템 시작 시간이 길어집니다.\n\n이러한 잠재적 문제점은 비-층계적 암호 알고리듬(예: AES)을 선택해서 방지할 수 있습니다.\n\n정말로 층계적 암호문을 사용하시겠습니까? - 이전에 설명된 문제점을 만날 경우, (암호화된 경우라면) 파티션/드라이브를 암호해제한 다음 비-층계적 암호 알고리듬(예: AES)을 사용해서 다시 암호화를 시도합니다. - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - 현재 운영체제를 부팅시켰던 VeraCrypt 부트 로더의 버전 번호는 “현재 시스템에 설치된 VeraCrypt 드라이버 및 VeraCrypt 프로그램의 버전 번호”와 서로 다릅니다.\n\n현재 운영체제에 있는 VeraCrypt를 업데이트하려면 (버전 번호가 VeraCrypt 부트 로더의 것과 동일한) VeraCrypt 설치기를 실행해야 합니다. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - VeraCrypt 부트 로더가 업그레이드되었습니다.\n\n(VeraCrypt 부트 로더의 새 버전을 포함할) 새로운 VeraCrypt 응급복구 디스크를 만들 것을 권장합니다(→ 컴퓨터를 다시 시작한 다음 “시스템” ▶ “응급복구 디스크 만들기” 선택). - VeraCrypt 부트 로더가 업그레이드되었습니다.\n\n미끼용 운영체제로 부팅한 다음 “시스템” ▶ “응급복구 디스크 만들기” 선택해서 (VeraCrypt 부트 로더의 새 버전을 포함할) 새로운 VeraCrypt 응급복구 디스크를 만들 것을 권장합니다. - VeraCrypt 부트 로더를 업그레이드하는 데 실패했습니다. - VeraCrypt가 시스템 드라이브의 실제 크기를 탐지하지 못해서 운영체제에 의해 보고된 크기(→ 이는 실제 크기보다 작을 수도 있음)가 사용됩니다. 또한 이 문제는 VeraCrypt의 버그가 아닙니다. - 주의: VeraCrypt가 이미 현재의 시스템 드라이브의 숨겨진 섹터를 탐지하려고 시도한 것으로 보입니다. 이전 탐지 과정에서 어떤 문제점이 발생한 경우, 숨겨진 섹터의 탐지를 건너뜀으로써 문제를 피할 수 있습니다. 이렇게 할 경우 VeraCrypt는 운영체제에 의해 보고된 크기를 사용합니다. 이 크기는 드라이브의 실제 크기보다 더 작을 수도 있습니다.\n\n이러한 문제점은 VeraCrypt에 의해 발생한 것이 아님을 참고하시기 바랍니다. - 숨겨진 섹트의 탐지를 건너뛰기 (운영체제에 의해 보고된 크기를 사용) - 숨겨진 섹터의 탐지를 다시 시도하기 - 오류: 디스크에서 한 개 또는 그 이상의 섹터 내용을 읽을 수 없습니다(* 물리적 결함일 수 있음).\n\n자체 암호화 과정은 섹터를 다시 읽을 수 있을 때만 계속될 수 있습니다. VeraCrypt는 이러한 섹터에 0을 작성해서 이 섹터들을 읽을 수 있도록 시도할 수 있습니다(* 그 결과 0으로 된 모든 블록은 암호화됨). 그러나 읽을 수 없는 섹터에 저장된 데이터는 모두 손실된다는 것을 참고해 주십시오. 이러한 경우, 적당한 제3의 도구를 이용해서 손상된 데이터의 복구를 시도해 볼 수 있습니다.\n\n참고: 섹터가 물리적으로 손상된 경우(→ 이는 단순한 데이터 손실 및 체크섬 오류와는 반대개념), 대부분 형식의 저장 장치는 데이터가 장치에 쓰여질 때 이를 내부적으로 재할당하게 됩니다(* 그 결과 손상된 섹터에 있던 기존 데이터는 암호화되지 않은 상태로 드라이브에 남게 됩니다).\n\n읽을 수 없는 섹터에 0을 VeraCrypt를 이용해서 작성하시겠습니까? - 오류: 디스크에서 한 개 또는 그 이상의 섹터 내용을 읽을 수 없습니다(* 물리적 결함일 수 있음).\n\n암호해제 작업을 계속 진행할 수 있으려면, 읽기-불능 섹터의 내용을 모두 버려야 합니다(→ 그 섹터의 내용은 유사무작위 데이터로 교체됩니다). 작업을 계속하기 전에, 적당한 제3의 도구를 이용해서 손상된 데이터의 복구를 시도해 볼 수 있습니다.\n\n읽기-불능 섹터의 데이터를 지금 버리시겠습니까? - 참고: VeraCrypt에서 %I64d 읽기-불능 섹터 (%s)의 내용을 암호화된 단순텍스트 블록(* 모두 0으로 되어 있음)으로 교체했습니다. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - “%s” 토큰을 위한 비밀번호/PIN 입력: - VeraCrypt를 통해 보안 토큰 또는 스마트 카드에 접근하려면 먼저 토큰 또는 스마트 카드용 PKCS #11 소프트웨어 라이브러리를 설치해야 합니다. 해당 라이브러리는 장치에 의해 제공되거나 판매업체 또는 다른 제3업체의 웹사이트를 통해 다운로드할 수 있습니다.\n\n라이브러리를 설치한 이후 ① “라이브러리 선택”을 클릭해서 수동으로 이를 선택하거나 ② “라이브러리 자동-탐지”를 클릭해서 자동으로 선택할 수 있습니다(* 윈도우 시스템 디렉토리만 검색됩니다). - 참고: 보안 토큰 또는 스마트 카드를 위해 설치된 PKCS #11 라이브러리의 파일 이름 및 경로를 알아보려면, 토큰, 카드 또는 제3자 소프트웨어와 함께 제공된 문서를 참고해 주십시오.\n\n“확인”을 클릭한 후 경로 및 파일 이름을 선택해 주십시오. - 보안 토큰 또는 스마트 카드에의 VeraCrypt 접근을 허용하려면, 토큰/카드를 위한 PKCS #11 소프트웨어 라이브러리를 미리 설치해야 합니다. 이 작업을 하려면 “설정” > “보안 토큰”을 선택해 주세요. - PKCS #11 보안 토큰 라이브러리를 초기화하는 데 실패했습니다.\n\nPKCS #11 라이브러리에 대한 경로 및 파일이름이 올바른지 확인해 주십시오. PKCS #11 라이브러리의 경로 및 파일이름을 지정하려면, “설정” > “보안 토큰”을 선택합니다. - 윈도우 시스템 디렉토리에서 어떠한 PKCS #11 라이브러리도 찾을 수 없습니다.\n\n보안 토큰(또는 스마트 카드)를 위한 PKCS #11 라이브러리가 설치되어 있는지 확인해 주십시오(* 이러한 라이브러리는 토큰/카드와 함께 제공되거나 판매업체 또는 제3업체의 웹사이트에서 다운로드할 수 있습니다). 윈도우 시스템 디렉토리가 아닌 디렉토리에 설치된 경우라면, “라이브러리 선택”을 클릭해서 라이브러리의 위치(예: 토큰/카드용 소프트웨어가 설치되어 있는 폴더)를 지정해 주십시오. - 보안 토큰을 찾을 수 없습니다.\n\n보안 토큰이 컴퓨터에 연결되어 있고 올바른 토큰용 장치 드라이버가 설치되어 있는지 확인해 주십시오. - 보안 토큰을 찾을 수 없습니다. - 동일한 이름을 가진 보안 토큰 키파일이 이미 존재합니다. - 선택한 파일(들)을 삭제하시겠습니까? - 보안 토큰 키파일의 경로가 올바르지 않습니다. - 보안 토큰 오류 - 보안 토큰의 비밀번호가 올바르지 않습니다. - 보안 토큰이 요청한 작업을 수행하기에 충분한 메모리/공간이 없습니다.\n\n키파일을 가져오는 작업이엿다면, 작은 키파일을 선택하거나 VeraCrypt에서 생성된 파일을 ('도구' > '키파일 생성기') 사용해주세요. - 열려 있는 모든 토큰 세션을 닫았습니다. - 보안 토큰 키파일 선택 - 슬롯 - 토큰 이름 - 토큰 레이블 - 중요: 부팅-전 인증 비밀번호를 입력할 때는 항상 “표준 US 키보드 레이아웃”을 사용해야 합니다. 그러므로 다른 키보드 레이아웃을 사용해서 입력된 비밀번호를 사용하는 볼륨은 “캐시로 보관된 부팅-전 인증 비밀번호”를 사용해서 삽입될 수 없습니다(* 이는 VeraCrypt의 버그가 아닙니다). 이러한 볼륨을 부팅-전 인증 비밀번호를 사용해서 삽입하려면, 다음 지침을 따릅니다:\n\n1) “파일 선택” 또는 “장치 선택”을 클릭한 후 볼륨을 선택합니다. 2) “볼륨” ▶ “볼륨 비밀번호 변경”을 선택합니다. 3) 볼륨을 위한 현재 비밀번호를 입력합니다. 4) 키보드 레이아웃을 English (US)로 변경합니다(* 윈도우 작업 표시줄의 언어 바 아이콘을 클릭한 후 “EN English (United States)” 선택) 5) Truerypt의 새 비밀번호 필드에 부팅-전 인증 비밀번호를 입력합니다. 6) 비밀번호 재입력 필드에 새 비밀번호를 다시 입력한 후 “확인”을 클릭합니다. 주의: 이러한 단계들을 따른 경우, 볼륨 비밀번호는 항상 US 키보드 레이아웃을 이용해서 입력되어야 합니다(* 부팅-전 환경에서는 자동으로 이 레이아웃이 사용됩니다). - 시스템 즐겨찾기 볼륨은 부팅-전 인증 비밀번호를 이용해서 삽입됩니다. 특정 시스템 즐겨찾기 볼륨이 다른 비밀번호를 사용하는 경우, 이 볼륨은 삽입되지 않습니다. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - 중요: 이 옵션을 선택하고 VeraCrypt가 관리자 권한을 갖지 못한 경우, 삽입된 시스템 즐겨찾기 볼륨이 VeraCrypt 프로그램 창에 표시되지 않고 또한 이를 꺼낼 수도 없습니다. 그러므로 예컨대 시스템 즐겨찾기 볼륨을 꺼내려면, (시작 메뉴에서) VeraCrypt 아이콘을 오른쪽-클릭한 후 “관리한 권한으로 실행”을 선택해야 합니다. 동일한 제한은 “모두 꺼냄” 기능, “자동-꺼냄” 기능, “모두 꺼냄” 단축키 등에 적용됩니다. - 이 설정은 운영 체제가 다시 시작된 후에만 효과가 있습니다. - 명령 줄을 분석하는 동안 오류가 발생했습니다. - 응급복구 디스크 - 파일 선택 후 삽입(&F)... - 장치 선택 후 삽입(&D)... - 시스템 관리자만 VeraCrypt의 즐겨찾기에 해당되는 볼륨을 확인하고 마운트 해제를 허용 - 윈도우가 시작될때 시스템 즐겨찾기에 해당되는 볼륨을 마운트 (초기 단계) - 주의: “%s”로 삽입된 볼륨에 있는 파일 시스템이 제대로 꺼내지지 않아 오류를 포함하고 있습니다. 손상된 파일 시스템을 사용하면 데이터 손실이나 데이터의 손상이 발생할 수 있습니다.\n\n참고: 삽입된 VeraCrypt 볼륨이 위치하는 장치(예: USB 플래시 드라이브 또는 외장 하드 드라이브)를 물리적으로 제거하거나 시스템에서 중지하기 전에, VeraCrypt에서 VeraCrypt 볼륨을 먼저 꺼내줘야 합니다.\n\n\n윈도우를 통해 파일 시스템의 오류를 탐지해서 이를 수리하시겠습니까? - 주의: 한 개 또는 수 개의 시스템 즐겨찾기 볼륨이 제대로 꺼내지지 않았기 때문에 파일시스템 오류를 포함하고 있을 수도 있습니다. 자세한 정보를 보려면 시스템 이벤트 로그를 참고해 주세요.\n\n손상된 파일시스템의 사용은 데이터 손실 또는 데이터 손상을 초래할 수 있습니다. 오류가 발생했을지도 모르는 시스템 즐겨찾기 볼륨을 체크해야 합니다(* VeraCrypt에서 각 볼륨을 오른쪽-클릭한 후 “파일시스템 수리”를 선택합니다). - 주의: Microsoft의 “chkdsk” 도구를 이용해서 손상된 파일 시스템을 수리하게 되면 손상된 영역에 있는 파일의 손실이 발생할 수 있습니다. 그러므로 VeraCrypt 볼륨에 저장되어 있는 파일들을 상태가 좋은 다른 VeraCrypt 볼륨에 백업할 것을 권장합니다.\n\n파일 시스템의 오류를 지금 수리하시겠습니까? - 쓰기 권한이 거부되었기 때문에 “%s” 볼륨이 읽기-전용으로 삽입되었습니다.\n\n파일 보관소의 보안 권한이 작성을 허용하는 것인지 확인해 주십시오(* 보관소를 오른쪽-클릭한 후 “속성” > “보안”을 선택합니다).\n\n윈도우의 문제로 인해, 보안 허가(security permission)을 적절하게 설정한 후에도 이러한 경고가 나타날 수 있습니다. 이 문제는 VeraCrypt의 버그가 아닙니다. 가능한 해결책은 사용자의 보관소(container)를 예컨대 “문서” 폴더로 이동시키는 것입니다.\n\n사용자의 볼륨을 읽기-전용으로 유지하려면, 보관소의 속성을 읽기-전용으로 설정합니다(* 보관소를 오른쪽-클릭한 후 “”속성 > 읽기-전용을 선택합니다). 이렇게 하면 경고를 알리는 창이 뜨지 않게 됩니다. - 쓰기 권한이 거부되었기 때문에 “%s” 볼륨은 읽기-전용으로 삽입되어야 합니다.\n\n볼륨이 기반으로 하고 있는 파티션/장치에 다른 프로그램(예: 안티바이러스 소프트웨어)이 접근하고 있는지를 확인해 주십시오. - 운영체제가 호스트 장치를 쓰기-금지로 보고했기 때문에 “%s” 볼륨이 읽기-전용으로 삽입되었습니다.\n\n일부 사용자 칩셉 드라이버는 쓰기-허용된 미디어를 쓰기-금지된 것으로 잘못 표시한다는 보고가 있음을 참고해 주십시오. 이 문제는 VeraCrypt에 의해 야기된 것이 아닙니다. 현재 시스템에 설치되어 있는 (* Microsoft가 아닌) 사용자 칩셉 드라이버를 업데이트하거나 제거해서 해결될 수 있습니다. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - VeraCrypt를 이용해서 파티션/드라이브의 쓰기-금지를 제거해 보시겠습니까? - 경고: 이 설정은 성능이 저하 될수 있습니다.\n\n이설정을 사용 하시겠습니까?? - 경고: VeraCrypt볼륨이 자동으로 마운트 해재가 되었습니다. - 삽입이 된 볼륨을 소유한 장치를 꺼내거나 끄기 전에 마운트상태를 확인해 주십시오.\n\n예상치 못한 마운트 해제는 일반적으로 문제가 발생할수 있습니다. - 이 볼륨은 TrueCrypt %x.%x 로 생성이 되어졌습니다. VeraCrypt는 TrueCrypt 6.x/7.x에서 생성된 볼륨만 지원이 됩니다. - 테스트 - 키파일 - Backspace - Tab - 제거 - Enter - Pause - Caps Lock - Spacebar - Page Up - Page Down - End - Home - Left Arrow - Up Arrow - Right Arrow - Down Arrow - 키 선택 - Print Key - Execute Key - Print Screen - Insert - Delete - Applications Key - Sleep - Num Lock - Scroll Lock - Browser Back - Browser Forward - Browser Refresh - Browser Stop - Browser Search - Browser Favorites - Browser Home - 음소거 - Volume Down - Volume Up - Next Track - Previous Track - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Application 1 - Application 2 - Attn - CrSel - ExSel - Play - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - 오류: 명령 프롬프트에 지정된 볼륨 사이즈는 선택된 exFAT 파일 시스템과 호환이 되지 않습니다. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + 취소 + 모든 사용자를 위해 설치(&F) + 탐색(&W)... + 바탕화면에 VeraCrypt 아이콘 추가 + 기부하기... + VeraCrypt와 “.hc” 파일 확장자를 연결 + 완료시 타겟 위치 열기(&O) + 시작 메뉴에 VeraCrypt 추가 + 시스템 복구 시점 만들기 + 제거(&U) + 추출(&E) + 설치(&I) + VeraCrypt 설치 마법사 + VeraCrypt 제거 + 도움말(&H) + 추출된 파일을 둘 위치를 선택하거나 입력해 주세요: + VeraCrypt 프로그램 파일을 설치할 위치를 선택하거나 입력해 주세요. 지정한 폴더가 존재하지 않는 경우, 자동으로 폴더가 생성됩니다. + 현재 시스템에서 VeraCrypt를 제거하려면 “제거”를 클릭하세요. + 중지 + &벤치마크 테스트 + 테스트(&T) + 암호화된 볼륨을 만든 후 포맷 + 파티션 자체 암호화 + 생성된 키 표시 + 풀(Pool) 내용 표시 + CD/DVD 리코딩 소프트웨어 다운로드 + 암호화된 파일 보관소 만들기 + GB(&G) + TB(&T) + 추가 정보 + 숨긴 VeraCrypt 볼륨(&D) + 숨긴 볼륨에 대한 추가 정보 + 직접 방식 + 표준 방식 + KB(&K) + 키파일 사용(&S) + 빈 비밀번호를 먼저 사용 + 키파일 랜덤 사이즈 (64 <-> 1048576 바이트) + 키파일(&k)... + 해시 알고리듬에 대한 정보 + 추가 정보 + PIM에 대한 정보 + MB(&M) + 추가 정보 + 시스템 암호화에 대한 추가 정보 + 추가 정보 + 멀티-부트 + 비-시스템 파티션/드라이브 암호화 + 히스토리 저장 안함 + 외부 볼륨 열기 + 정지(&P) + P&IM 사용하기 + PIM 사용하기 + 빠른 포맷 + 비밀번호 표시(&D) + 비밀번호 표시(&D) + &PIM 표시 + 싱글-부트 + 표준 VeraCrypt 볼륨 + 숨김(&D) + 표준 + 시스템 파티션 또는 전체 시스템 드라이브의 암호화 + 윈도우 시스템 파티션 암호화 + 전체 드라이브 암호화 + VeraCrypt 볼륨 만들기 마법사 + 클러스터 + 중요: 이 창 안에서 마우스를 가능한 한 무작위로 움직이세요. 마우스를 더 오래 움직일수록 더욱 좋습니다. 이 작업은 암호키의 암호력을 상당히 증대시킵니다. 계속하려면 "다음"을 클릭하세요. + 확인(&C): + 완료 + 드라이브 문자: + 암호 알고리듬 + 파일시스템 + 파일 안에 가상의 암호화된 디스크를 만듭니다. 경험 없는 사용자에게 권장합니다. + 옵션 + 해시 알고리듬 + 헤더 키: + 남음 + 마스터 키: + 컴퓨터에 두 개 또는 그 이상의 운영체제가 설치되어 있는 경우에 이 옵션을 선택합니다.\n\n예:\n- Windows XP 및 Windows XP\n- Windows XP 및 Windows Vista\n- Windows 및 Mac OS X\n- Windows 및 Linux\n- Windows, Linux 및 Mac OS X + 내부 또는 외부 드라이브(예: 플래시 드라이브)에 시스템이 아닌 파티션을 암호화합니다. 숨긴 볼륨을 선택적으로 만들 수 있습니다. + 현재의 풀(Pool) 내용 (부분) + 패스 + 비밀번호: + 볼륨 PIM: + 볼륨 PIM: + 진행: + 무작위 풀: + 현재 컴퓨터에 설치된 운영체제가 한 개인 경우 (비록 사용자가 여럿 있는 경우라 하더라도) 이 옵션을 선택합니다. + 속도 + 상태 + 키, 소금(→ 패스워드 보호에서 패스워드 해시를 변환하는 데 사용되는 무작위 문자열) 및 기타 데이터를 성공적으로 생성했습니다. 새로운 키를 생성하려면 “뒤로”를 클릭한 후 “다음”을 누르세요. 계속하려면 “다음”을 클릭하세요. + 윈도우가 설치되어 있는 파티션/드라이브를 암호화합니다. 시스템에 접근해서 사용하고, 파일을 읽고 쓰는 등의 작업을 하려는 사람은 윈도우가 부팅할 때마다 올바른 비밀번호를 입력해야 합니다. 숨긴 시스템을 선택적으로 만들 수 있습니다. + 현재 실행 중인 윈도우 운영체제가 설치된 파티션을 암호화하려면 이 옵션을 선택합니다. + 윈도우 볼륨 표찰: + 지움 방식: + 닫기 + Esc 키를 눌러 부팅-전 인증을 건너뛸 수 있습니다(* 부트 관리자 사용)(&A) + 아무 것도 안함 + VeraCrypt 볼륨 자동삽입(&A) (아래에서 지정) + VeraCrypt 시작(&S) + 라이브러리 자동-탐지(&D) + 부팅-전-인증 암호를 드라이버 메모리에 캐시(* 시스템 아닌 볼륨의 삽입 목적)(&C) + 탐색... + 탐색... + 메모리에 비밀번호 및 키파일 보관 + 삽입된 볼륨이 없을 때 종료 + 볼륨이 성공적으로 삽입된 후 토큰 세션 닫기(* 로그 아웃)(&C) + VeraCrypt 볼륨확장기를 포함 + VeraCrypt 볼륨 만들기 마법사 포함 + 만들기 + 볼륨 만들기(&C) + 부팅-전 인증 화면에 어떠한 텍스트도 표시 안함(* 하단의 사용자 메시지는 제외)(&S) + "Evil Maid" 탐지를 사용 안함 + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + 키파일 사용 + 키파일 사용 + 종료(&X) + 즐겨찾기 도움 + 선택된 볼륨을 마운트하지 않기 ('즐겨찾기' 핫키를 눌럿을 경우) + 선택된 볼륨을 호스트 장치가 연결될때 마운트하기 + 선택된 볼륨을 로그인때 마운트하기 + 선택된 볼륨을 읽기 전용으로 마운트하기 + 선택된 볼륨을 이동식 매체로 마운트하기 + 아래로 & 이동 + 위로 & 이동 + 탐색기 창을 선택한 볼륨들이 성공적으로 마운트될때 열기 + &제거 + '즐겨찾기'의 표시를 탐색기 드라이브의 표시로 사용하기 + 전역 설정 + 풍선 툴탑을 성공적인 핫키 마운트 해재때 표시하기 + 시스템 소리를 성공적인 핫키 마운트 해재때 재생하기 + ALT + Ctrl + SHIFT + Win + 할당 + 제거 + 키파일... + 암호화/복호화에 다음의 프로세서의 재한수 (예: 2 = 2개의 프로세서만 사용가능): + 자세한 내용 + 자세한 내용 + 다른 설정... + 장치 자동삽입(&A) + 삽입 옵션(&O)... + 볼륨을 읽기-전용으로 삽입(&O) + 키파일... + (빈값 아니면 0은 기본 반복갚을 사용함) + (빈값 아니면 0은 기본 반복갚을 사용함) + 사용 + 드라이버 메모리에 비밀번호 보관 + 어떤 데이터가 읽기/쓰기된 후 볼륨 자동 꺼내기 + 사용자 로그오프할 때 + 사용자 세션이 잠겨있을 때 + 절전 모드로 들어갈 때 + 화면보호기가 실행될 때 + 볼륨에 열린 파일 또는 디렉토리가 있어도 강제로 꺼내기 + 장치-기반의 모든 VeraCrypt 볼륨 삽입 + VeraCrypt 백그라운드 작업 시작 + 볼륨을 읽기-전용으로 삽입 + 볼륨을 이동식 디스크로 삽입 + 성공적으로 삽입된 볼륨을 위한 탐색기 창 열기 + '즐겨찾기' 볼륨의 작업중에 암호를 임시 캐시(cache) 하기 + 볼륨이 장착될때 다른 작업 아이콘을 사용함 + “자동 꺼냄”시 보관된 비밀번호 삭제 + “종료”시 보관된 비밀번호 삭제 + 파일 보관소의 수정 타임스탬프 보존 + 초기화 + 장치 선택(&E)... + 파일 선택(&F)... + 라이브러리 선택(&L)... + 비밀번호 표시 + 비밀번호 표시 + 삽입된 볼륨을 위한 탐색기 창 열기 + 드라이버 메모리에 비밀번호 보관(&C) + TrueCrypt 모드 + 모두 꺼내기(&S) + 볼륨 속성(&V)... + 볼륨 도구(&T)... + 캐시 지우기(&W) + VeraCrypt - 마운트 변수 + VeraCrypt - 즐겨찾기 볼륨 + VeraCrypt - 시스템 일반 단축키 + VeraCrypt + 비밀번호 또는 키파일 변경 + VeraCrypt 볼륨 비밀번호 입력 + VeraCrypt - 성능과 드라이버 설정 + VeraCrypt - 옵션 + VeraCrypt - 시스템 암호화 설정 + VeraCrypt - 보안 토큰 설정 + VeraCrypt 휴대용 디스크 설치 + VeraCrypt 볼륨 속성 + 정보... + 볼륨에 키파일 추가/삭제... + 장착됀 볼륨을 즐겨찾기에 추가하기... + 장착됀 볼륨을 시스템 즐겨찾기에 추가하기... + 시스템 충돌을 분석하기... + 볼륨 헤더 백업... + 벤치마크... + 헤더 키 도출 알고리듬 설정... + 볼륨 비밀번호 변경... + 헤더 키 도출 알고리듬 설정... + 비밀번호 변경... + 볼륨 히스토리 지우기 + 모든 보안 토큰 세션 닫기 + 연락처... + 숨긴 운영체제 만들기... + 응급복구 디스크 만들기... + 새 볼륨 만들기... + 볼륨을 복호화 하기... + 기본 키파일... + 디폴트 삽입 변수... + 기부하기... + 시스템 파티션/드라이브 암호화... + 자주 묻는 질문 + 사용 안내서 + 홈페이지(&H) + 단축키... + 키파일 생성기... + 언어... + 법적 공지 + 보안 토큰 키파일 관리... + 장치-기반의 모든 볼륨 자동삽입 + 즐겨찾는 볼륨 삽입 + 부팅-전 인증 없이 삽입(&A)... + 볼륨 삽입 + 볼륨 삽입 (옵션 부가) + 뉴스 + 온라인 도움말 + 초보자 안내서 + 즐겨찾기를 정리하기... + 시스템 즐겨찻기를 정리하기... + 성능/드라이버 옵션 + 시스템 파티션/드라이브 영구적 암호해제... + 설정... + 드라이브 문자 새로 고침 + 볼륨에서 모든 키파일 제거... + 볼륨 헤더 복구... + 중단된 진행을 다시 시작 + 장치 선택... + 파일 선택... + 중단된 진행을 다시 시작 + 시스템 암호화... + 속성... + 설정... + 시스템 즐겨찾기 볼륨... + 다운로드 + 벡터 테스트... + 보안 토큰... + 휴대용 디스크 설치... + 삽입된 모든 볼륨 꺼내기 + 볼륨 꺼내기 + 응급복구 디스크 검증 + 응급복구 디스크 ISO 검증 + 버전 히스토리 + 볼륨확장기 + 볼륨 속성 + 볼륨 만들기 마법사 + VeraCrypt 웹사이트 + 보관된 비밀번호 지우기 + 확인 + Hardware Acceleration + 바로가기 + 자동-실행 설정 (autorun.inf) + 자동 꺼냄 + 모두 꺼낼 시기: + 부트 로더 화면 옵션 + 비밀번호 확인: + 현재 비밀번호 + 부팅-전 인증 화면에 사용자 메시지 표시(* 최대 문자수는 24개): + 기본 삽입 옵션 + 단축키 옵션 + 드라이버 설정 + Enable extended disk control codes support + 택된 볼륨의 레이블: + 파일 설정 + 할당할 키: + 이 컴퓨터의 프로세서는(CPU) AES의 하드웨어 가속(Hardware Acceleration)을 지원합니다: + 윈도우에 로그온할 때 수행할 작업 + + 특정 드라이브 문자로 삽입: + 삽입 설정 + 새 비밀번호 + 비밀번호: + Thread-Based Parallelization + PKCS #11 라이브러리 경로 + PKCS-5 PRF + PKCS-5 PRF: + 비밀번호 보관(→ 캐시) + 보안 옵션 + VeraCrypt 백그라운드 작업 + 삽입할 VeraCrypt 볼륨 (휴대용 디스크 루트에 상대적임): + 휴대용 디스크 삽입시: + 휴대용 디스크 파일을 만들 위치 (휴대용 디스크 루트 디렉토리): + 볼륨 + + 경로 추가(&P)... + 모두 자동-테스트 + 계속(&C) + 암호해제(&D) + 삭제(&D) + 암호화(&E) + 내보내기(&E)... + 키파일 생성 및 저장… + 무작위 키파일 생성... + 언어팩 다운로드 + Hardware-accelerated AES: + 토큰에 키파일 가져오기(&I)... + 파일 추가(&F)... + 키파일 사용(&S) + 키파일(&K)... + 제거(&R) + 모두 제거(&A) + 숨긴 볼륨 보호란 무엇인가? + 키파일에 대한 추가 정보 + 볼륨을 이동식 미디어로 삽입(&M) + 부팅-전 인증 없는 시스템 암호화를 사용해서 파티션 삽입(&U) + Parallelization: + 벤치마크 + 인쇄(&P) + 숨긴 볼륨 보호 (외부 볼륨에 쓰는 것에 의해 손상되는 것을 방지)(&P) + 초기화(&R) + 비밀번호 표시(&D) + 토큰 파일 추가(&T)... + 볼륨에 내장된 백업 헤더 사용 (가능한 경우)(&V) + XTS 모드 + VeraCrypt 정보 + VeraCrypt - 암호 알고리듬 벤치마크 + VeraCrypt - 벡터 테스트 + 명령줄 도움말 + VeraCrypt - 키파일 + VeraCrypt - 키파일 생성기 + VeraCrypt - 언어 + VeraCrypt - 삽입 옵션 + 새 보안 토큰 키파일 속성 + VeraCrypt - 무작위 풀 향상 + 파티션 또는 장치 선택 + VeraCrypt + 보안 토큰 키파일 + 보안 토큰 비밀번호/PIN이 요구됨 + 현재의 언어팩 + CPU 및 저장장치 특성에 따라 속도가 달라집니다.\n\n이 테스트는 RAM에서 실행됩니다. + 버퍼 크기: + 암호: + 숨긴 볼륨에 대한 비밀번호:\n(비어 있는 경우, 캐시 사용) + 숨긴 볼륨 보호 + 키(key) 크기: + 중요: 이 창 안에서 마우스를 가능한 한 무작위로 움직이세요. 마우스를 더 오래 움직일수록 더욱 좋습니다. 이 작업은 키파일의 암호력을 상당히 증대시킵니다. + 주의: 키파일을 분실하거나 키파일의 첫번째 1024KB가 변경되면, 키파일을 이용해서 볼륨을 삽입할 수 없게 됩니다! + 비트 + 키파일 수: + 키파일 사이즈 (Byte): + 키파일 배이스 이름: + 번역자: + 단순텍스트 크기: + 비트 + 현재의 풀(Pool) 내용 + PRF 혼합: + 중요: 이 창 안에서 마우스를 가능한 한 무작위로 움직이세요. 마우스를 더 오래 움직일수록 더욱 좋습니다. 이 작업은 보안력을 상당히 증가시킵니다. 작업이 완료되면 “계속”을 클릭합니다. + 보조 키(16진법) + 보안 토큰: + 정렬 방법: + 진행이 되는동한 기다려주세요. + 진행이 되는동한 기다려주세요 - VeraCrypt가 잠시 멈칠수도 있습니다. + 블록 수: + 암호문(16진법) + 데이터 단위 수 (64-비트 16진법, 데이터 단위 크기는 512 바이트) + 키(16진법) + 단순텍스트(16진법) + 키파일 이름: + XTS 모드 + 시스템(&Y) + 볼륨(&V) + 즐겨찾기 + 도구(&O) + 설정(&G) + 도움말(&H) + 홈페이지(&P) + + 정보(&A)... + 이전 볼륨의 읽기전용 속성을 변경할 수 없습니다. 파일 접근 권한을 확인해 주세요. + 오류: 접근이 허용되지 않습니다.\n\n접근하려고 하는 파티션의 0 섹터이거나 부팅 장치입니다. + 관리자 + VeraCrypt 드라이버를 로드하려면, 관리자 권한의 계정으로 로그온해야 합니다. + 파티션/장치를 암호화/암호해제/포맷하려면 관리자 권한의 계정으로 로그온해야 합니다.\n\n이는 파일에 의한 볼륨에는 해당되지 않습니다. + 숨긴 볼륨을 만들려면 관리자 권한의 계정으로 로그온해야 합니다.\n\n계속하시겠습니까? + NTFS로 볼륨을 포맷하려면 관리자 권한의 계정으로 로그온해야 합니다.\n\n관리자 권한이 없는 경우에는 볼륨을 FAT으로 포맷할 수 있습니다. + FIPS에 의해 승인된 암호(Rijndael, 1998년 발표)는 미국부무 및 각 부서에서 1급 기밀로 분류된 정보를 보호하는데 이용되고 있습니다. 256-비트 키, 128-비트 블록, 14 라운드 (AES-256). 작업 모드는 XTS입니다. + 볼륨이 이미 삽입되어 있습니다. + 주의: 적어도 한 개의 암호 또는 해시 알고리듬이 내장된 자동 셀프-테스트를 하는데 실패했습니다!\n\nVeraCrypt 설치가 손상되었습니다. + 주의: 요청된 양의 무작위 데이터를 제공하는 “무작위 숫자 생성기” 풀에서의 데이터가 불충분합니다.\n\n더 이상 진행할 수 없습니다. 도움말 메뉴에서 “버그 보고”를 선택해서 이 오류를 보고해 주세요. + 드라이브 손상(→ 드라이브에 물리적 결함이 있음), 케이블 손상 또는 메모리에 이상이 있습니다.\n\n이것은 VeraCrypt의 문제가 아니라 사용자의 하드웨어 문제입니다. 그러므로 VeraCrypt에서의 이러한 버그/문제점을 보고하지 않길 바랍니다. 또한 VeraCrypt 포럼에 도움을 요청하지도 않기를 바랍니다. 도움을 받으려면 컴퓨터 판매업체의 기술지원팀에 문의해 주세요. 감사합니다.\n\n참고: 만약 오류가 반복적으로 동일 장소에서 발생하는 경우라면 불량 디스크 블록이 원인일 수 있습니다. 이러한 경우는 제3의 소프트웨어를 사용해서 수리할 수 있습니다. (참고: 때론 “chkdsk /r” 명령으로 수리할 수 없는 경우가 많은데 이는 파일시스템 단계에서만 작동하기 때문입니다. 또한 어떤 때는 “chkdsk” 도구가 오류를 탐지하지 못하는 수도 있습니다.) + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + 전체 시스템 드라이브의 암호화를 방해하는 버그를 포함하고 있는 사용자 칩셋 드라이버를 사용하는 것으로 보입니다.\n\n계속하기 전에 (Microsoft가 아닌) 사용자 칩센 드라이버를 업데이트하거나 제거해 주시기 바랍니다. 이렇게 해도 도움이 되지 않은 경우, 시스템 파티션만을 암호화해 보시기 바랍니다. + 올바르지 못한 드라이브 문자. + 올바르지 않은 경로. + 취소 + 장치에 접근할 수 없습니다. 선택한 장치가 존재하는지 여부 및 시스템에 의해 사용 중인가를 확인하세요. + 주의: Caps Lock이 켜져 있습니다. 이 경우 비밀번호를 올바르게 입력할 수 없을지도 모릅니다. + 볼륨 형식 + 가끔 다른 사람에게 암호화된 볼륨에 대한 비밀번호를 공개해야 할 경우가 있을 수 있습니다. (예컨대 적대적인 폭력행사 앞에서) 비밀번호 표시를 거부할 수 없는 여러 상황들이 있을 수 있습니다. 이른바 “숨긴 볼륨”을 사용하여 볼륨에 대한 비밀번호의 노출없이 그런 상황을 별탈 없이 해결할 수 있습니다. + 표준 VeraCrypt 볼륨을 생성하려면 이 옵션을 선택합니다. + 운영체제를 “숨긴 파티션-기반의 볼륨”에 설치할 경우, 한 개의 키를 사용해서 전체 시스템 드라이브를 암호화할 수 없다는 점을 참고하세요. + 외부 볼륨 암호 옵션 + 숨긴 볼륨 암호 옵션 + 암호 옵션 + 주의: (파일 선택기에 의해 기억된) 선택한 볼륨/키파일의 최근 경로를 삭제하는 데 실패했습니다! + 오류: 보관소가 파일 시스템 레벨로 압축되어 있습니다. VeraCrypt는 압축된 보관소를 지원하지 않습니다(→ 암호화된 데이터 압축은 비효율적이고 중복되기만 합니다).\n\n다음 단계에 따라 보관소의 압축을 해제합니다: 1) (VeraCrypt가 아닌) 윈도우 탐색기에서 보관소를 오른쪽 클릭합니다. 2) “속성”을 선택합니다. 3) “속성” 대화창에서 “고급”을 클릭합니다. 4) “고급 속성” 대화창에서, “드라이브를 압축하여 디스크 공간 절약” 옵션을 체크해제하고 “확인”을 클릭합니다. 5) “속성” 대화창에서 “확인”을 클릭합니다. + %s 볼륨을 만드는데 실패했습니다. + 드라이브 %s의 크기 ▷ %.2f bytes + 드라이브 %s의 크기 ▷ %.2f KB + 드라이브 %s의 크기 ▷ %.2f MB + 드라이브 %s의 크기 ▷ %.2f GB + 드라이브 %s의 크기 ▷ %.2f TB + 드라이브 %s의 크기 ▷ %.2f PB + 주의: 장치/파티션이 운영체제나 프로그램에 의해 사용 중입니다. 장치/파티션을 포맷하면 데이터 손실 또는 시스템 불안정 등을 초래할 수 있습니다.\n\n계속하시겠습니까? + 주의: 파티션이 운영체제나 프로그램에 의해 사용 중입니다. 파티션을 사용 중인 프로그램(* 안티바이러스 소프트웨어 포함)을 종료해야 합니다.\n\n계속하시겠습니까? + 오류: 장치/파티션에 꺼낼 수 없는 파일 시스템이 있습니다. 파일 시스템이 운영체제에 의해 사용 중일 수도 있습니다. 장치/파티션을 포맷하면 데이터 손실 또는 시스템 불안정의 결과를 초래할 수도 있습니다.\n\n이 문제점의 해결책으로 먼저 파티션을 삭제하고, 포맷하지 않은 상태에서 파티션을 다시 만들 것을 권장합니다. 다음 단계를 따라야 합니다. 1) “시작 메뉴”에서 “내 컴퓨터”를 오른쪽 클릭한 다음 “관리”를 선택합니다. “컴퓨터 관리”창이 뜰 것입니다. 2) “컴퓨터 관리” 창에서 “저장소” ▶ “디스크 관리”를 선택합니다. 3) 암호화할 파티션을 오른쪽 클릭한 다음 “파티션 삭제”, “볼륨 삭제” 또는 “논리 드라이브 삭제” 중 하나를 선택합니다. 4) “예”를 클릭합니다. 윈도우가 컴퓨터를 재시작할 것인지 물으면 그렇게 해야 합니다. 그런 다음 1단계와 2단계를 반복한 후 5단계부터 계속합니다. 5) 빈 공간 영역(“할당 안됨”으로 표시됨)을 오른쪽 클릭한 다음 “새 파티션”, “새 단순 볼륨” 또는 “새 논리 드라이브”를 선택합니다. 6) “새 파티션 마법사” 또는 “새 단순 볼륨 마법사” 창이 뜨면 거기의 지침을 따릅니다. “파티션 포맷”이란 제목이 붙은 마법사에서, “현재 파티션 포맷 안함” 또는 “현재 볼륨 포맷 안함” 중 하나를 선택합니다. 동일한 마법사에서 “다음”을 클릭하고 “마침”을 클릭합니다. 7) VeraCrypt에서 선택했던 장치 경로가 지금은 틀릴 수도 있습니다. 이제 VeraCrypt 볼륨 만들기 마법사가 실행 중이라면 종료하고 다시 시작합니다. 8) VeraCrypt에서 장치/파티션 암호화를 다시 시도합니다.\n\n장치/파티션 암호화에 계속 실패할 경우, 암호화 대신에 “파일 보관소”를 만들 것을 고려해 봐야 합니다. + 오류: 파일시스템을 잠그거나 꺼낼 수 없습니다. 운영체제나 프로그램(예: 안티바이러스 소프트웨어)에 의해 사용 중입니다. 파티션 암호화는 데이터 손실 및 시스템 불안정을 초래할 수 있습니다.\n\n파일시스템을 사용할 수도 있는 프로그램(* 안티바이러스 소프트웨어 포함)을 닫은 후 다시 시도해 주십시오. 이렇게 해도 도움이 되지 않은 경우, 아래 단계를 따라주시기 바랍니다. + 주의: 삽입된 일부 장치/파티션이 현재 사용 중입니다!\n\n이를 무시하면 시스템 불안정을 포함한 바람직하지 않은 결과를 초래할 수 있습니다.\n\n장치/파티션을 사용 중인 프로그램을 닫을 것을 권장합니다. + 선택한 장치에 파티션이 포함되어 있습니다.\n\n장치를 포맷하면 시스템 불안정 또는 데이터 손상을 초래할 수 있습니다. VeraCrypt로 안전하게 포맷하려면 장치에서 파티션을 선택하거나 장치의 모든 파티션을 제거해야 합니다. + 선택한 비-시스템 장치는 파티션을 포함하고 있습니다.\n\n암호화된 장치-기반의 VeraCrypt 볼륨은 파티션을 포함하고 있지 않은 장치(* 하드 디스크 및 SSD 포함) 내에도 만들어질 수 있습니다. 파티션을 포함하고 있는 장치 자체를 (단 한 개의 키로써) 완전히 암호화할 수 있습니다. 다만 윈도우가 설치되어 있고 그곳에서 부팅이 가능한 드라이브인 경우에 가능합니다.\n\n한 개의 마스터 키를 사용해서 “선택한 비-시스템 장치”를 암호화하려면, 먼저 장치에 있는 모든 파티션을 제거해서 VeraCrypt가 안전하게 이를 포맷할 수 있도록 해야 합니다(* 파티션을 포함하고 있는 장치의 포맷은 시스템 불안정 또는 데이터 손상을 초래할 수도 있습니다). 대체방법으로 드라이브의 각 파티션을 개별적으로 암호화할 수 있습니다(* 각 파티션은 서로 다른 마스터 키를 이용해서 암호화됩니다).\n\n참고: GPT 디스크에서 모든 파티션을 제거하려는 경우, 숨겨진 파티션을 제거하기 위해 (예컨대 컴퓨터 관리 도구를 이용해서) 이 디스크를 MBR 디스크로 변환할 필요가 있습니다. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + 중요: 드라이브 문자 %c: 을(를) 이용해서 이 볼륨을 삽입하거나 이에 접근할 수 없습니다. 이 문자가 현재 할당되어 있기 때문입니다.\n\n이 볼륨을 삽입하려면, VeraCrypt 메인 창에서 “장치 자동삽입”을 클릭하세요(* 대체방법으로는 VeraCrypt 메인 창에서 “장치 선택”을 클릭한 후 이 파티션/장치를 선택한 다음 “삽입”을 클릭하는 것입니다). 볼륨은 다른 드라이브 문자에 삽입되고, 드라이브 문자는 VeraCrypt 창의 목록에서 선택가능합니다.\n\n원래의 드라이브 문자 %c: 은(는) 파티션/장치에서 암호를 제거할 경우에만 사용되어야 합니다(예: 암호화가 더 이상 필요하지 않은 경우). 이런 경우에 “내 컴퓨터” 목록에서 드라이브 문자 %c:를 오른쪽 클릭한 다음 “포맷”을 선택합니다. 이런 경우를 제외하고는 드라이브 문자 %c:를 사용해서는 안됩니다. 다만 VeraCrypt FAQ에서 설명했던 것처럼 이를 제거한 후 다른 파티션/장치에 할당하는 것은 가능합니다. + 비-시스템 볼륨 자체의 암호화는 사용자가 사용 중인 운영체제 버전에서는 지원되지 않습니다(* Windows Vista 및 그 이후 버전에서만 지원됨).\n\n왜냐하면 이 버전의 윈도우는 파일시스템의 축소를 지원하지 않기 때문입니다(* 파일시스템은 볼륨 헤더 및 백업 헤더를 위한 공간을 만들기 위해 축소되어야 할 필요가 있습니다). + 선택한 파티션은 NTFS 파일시스템을 포함하고 있지 않은 것으로 보입니다. NTFS 파일시스템을 포함한 파티션만이 자체적으로 암호화될 수 있습니다.\n\n참고: 왜냐하면 윈도우는 다른 형식의 파일시스템의 축소를 지원하지 않기 때문입니다(* 파일시스템은 볼륨 헤더 및 백업 헤더를 위한 공간을 만들기 위해 축소되어야 할 필요가 있습니다). + 선택한 파티션은 NTFS 파일시스템을 포함하고 있지 않은 것으로 보입니다. NTFS 파일시스템을 포함한 파티션만이 자체적으로 암호화될 수 있습니다.\n\n이 파티션 내에 암호화된 VeraCrypt 볼륨을 만들고자 하는 경우, (“파티션 자체 암호화” 옵션을 사용하는 대신에) “암호화된 볼륨을 만든 후 포맷” 옵션을 선택합니다. + 오류: 파티션이 너무 작습니다. 이 파티션의 자체 암호화를 할 수 없습니다. + 파티션에 있는 데이터를 암호화하려면 다음 단계를 따릅니다:\n\n1) 빈 파티션/장치에 VeraCrypt 볼륨을 만든 후 이를 삽입합니다.\n\n2) 처음에 암호화하려 했던 파티션에 있는 모든 파일을 (1단계에서 생성되어 삽입된) VeraCrypt 볼륨에 복사합니다. 이런 방식으로 VeraCrypt로 암호화된 데이터의 백업을 만듭니다.\n\n3) 처음에 암호화하려 했던 파티션에 VeraCrypt 볼륨을 만듭니다. 이때 VeraCrypt 마법사에서 (“파티션 자체 암호화” 옵션을 사용하는 대신에) “암호화된 볼륨을 만든 후 포맷” 옵션을 선택했는지 확인해야 합니다. 파티션에 저장되어 있는 모든 데이터가 지워진다는 것을 참고하시기 바랍니다. 볼륨이 생성된 후 이를 삽입합니다.\n\n4) (1단계에서 생성되어 삽입된) 백업용 VeraCrypt 볼륨의 모든 파일을 3단계에서 생성되어 삽입된 VeraCrypt 볼륨으로 복사합니다.\n\n이 단계를 마치게 되면 데이터는 암호화되고 또한 암호화된 데이터 백업도 있게 됩니다. + VeraCrypt는 파티션, 동적(dynamic) 볼륨 또는 전체 시스템 드라이브만을 자체 암호화할 수 있습니다.\n\n선택한 비-시스템 장치 내에 암호화된 VeraCrypt 볼륨을 만들려고 하는 경우, (“파티션 자체 암호화” 옵션을 사용하는 대신에) “암호화된 볼륨을 만든 후 포맷” 옵션을 선택하십시오. + 오류: VeraCrypt는 파티션, 동적(dynamic) 볼륨 또는 전체 시스템 드라이브만을 자체 암호화할 수 있습니다. 지정한 경로가 올바른지 확인해 주십시오. + 오류: 파일시스템의 크기를 줄일 수 없습니다(* 파일시스템은 볼륨 헤더 및 백업 헤더를 위한 공간을 만들기 위해 축소되어야 할 필요가 있습니다).\n\n가능한 원인 및 해결책:\n\n- 볼륨에 충분한 여유 공간이 없음. 다른 프로그램이 파일시스템에 작성을 하고 있는 것은 아닌지 확인해 주시기 바랍니다.\n\n- 손상된 파일 시스템. 시스템을 검사해서 오류를 바로 잡습니다(* “컴퓨터” 목록에 있는 해당 드라이브 문자를 오른쪽-클릭한 후 속성 > 도구 > “지금 검사”를 선택한 해서 “파일 시스템 오류 자동 수정” 옵션을 체크한 후 “시작”을 클릭합니다).\n\n이렇게 해도 도움이 되지 않는 경우, 아래 단계를 따라주시기 바랍니다. + 오류: 볼륨에 충분한 여유 공간이 없고 파일시스템을 줄일 수 없습니다(* 파일시스템은 볼륨 헤더 및 백업 헤더를 위한 공간을 만들기 위해 축소되어야 할 필요가 있습니다).\n\n중복되는 파일들을 삭제하고 휴지통을 비워서 적어도 256KB의 여유 공간을 만든 후 다시 시도해 주십시오. 윈도우의 문제점으로 인해, 운영체제를 다시 시작하기 전에는 여유 공간의 양을 윈도우 탐색기에서 올바르지 않게 보고할 수 있습니다. 시스템을 다시 시작해도 도움이 되지 않는 경우, 파일 시스템이 손상되었을 수도 있습니다. 시스템을 검사해서 오류를 바로 잡습니다(* “컴퓨터” 목록에 있는 해당 드라이브 문자를 오른쪽-클릭한 후 속성 > 도구 > “지금 검사”를 선택한 해서 “파일 시스템 오류 자동 수정” 옵션을 체크한 후 “시작”을 클릭합니다).\n\n이렇게 해도 도움이 되지 않는 경우, 아래 단계를 따라주시기 바랍니다. + 드라이브 %s의 여유 공간 ▷ %.2f bytes + 드라이브 %s의 여유 공간 ▷ %.2f KB + 드라이브 %s의 여유 공간 ▷ %.2f MB + 드라이브 %s의 여유 공간 ▷ %.2f GB + 드라이브 %s의 여유 공간 ▷ %.2f TB + 드라이브 %s의 여유 공간 ▷ %.2f PB + 이용가능한 드라이브 문자가 없습니다. + 오류: VeraCrypt 드라이버를 찾을 수 없습니다!\n\n프로그램(VeraCrypt.exe)이 위치한 디렉토리에 “veracrypt.sys” 및 “turecrypt-x64.sys” 파일을 복사해 주세요. + 오류: 호환되지 않는 VeraCrypt 드라이버 버전이 실행되고 있습니다.\n\n만약에 VeraCrypt를 휴대용 모드 (예: 설치하지않은 상태), 다른 버전의 VeraCrypt가 이미 설치가 되었으면, 먼저 제거 (아니면 VeraCrypt의 업데이트 옵션으로 업그레이드) 할 필요가 있습니다. 제거 할경우, 다음과 같은 단계를 따르세요: Windows Vista 그리고 후의 버전들은, 시작 메뉴 > 나의 컴퓨터 > '프로그램 밋 제거' > VeraCrypt > 제거; Windows XP는, 시작 메뉴 > 설정 > '제어판' > '프로그램 밋 제거' > VeraCrypt > 제거.\n\n비슷한 방식으로, 휴대용으로 사용한 결과 (그리고 다른 버전이 설치된후) 컴퓨터를 재시작후 새로운 최근버전의 VeraCrypt로 실행하세요. + 오류: 암호를 초기화하는데 실패했습니다. + 오류: 강력하지 않은 키가 탐지되었습니다. 이 키는 무시되었습니다. 다시 시도하세요. + 치명적인 오류가 발생해서 VeraCrypt를 종료해야 합니다. 만약 원인이 VeraCrypt의 버그라면, 이것을 고치고자 합니다. 우리를 돕고자 한다면, 다음 항목들을 포함해서 자동으로 생성된 오류 보고서를 저희에게 보내주시면 고맙겠습니다:\n\n- 프로그램 버전\n- 운영체제 버전\n- CPU 형식\n- VeraCrypt 콤포넌트 이름\n- VeraCrypt 실행파일 체크섬\n- VeraCrypt 대화창 식별기\n- 오류 카테고리\n- 오류 주소\n- VeraCrypt 콜 스택(call stack)\n\n“예”를 선택하면, (전체 오류 보고서를 포함한) 다음 URL이 기본 인터넷 브라우저에서 열립니다.\n\n%hs\n\n오류 보고서를 저희에게 보내시겠습니까? + VeraCrypt를 종료해야만 하는 치명적인 오류가 시스템에 발생했습니다.\n\n이 오류는 VeraCrypt에 의해 발생된 것이 아닙니다(그래서 VeraCrypt의 개발자가 고칠 수는 없습니다). 여러분의 시스템을 체크해 주세요(예: 시스템 설정, 네트워크 연결, 하드웨어 콤포넌트 실패 등). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt 치명적 오류 + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + VeraCrypt가 계속 시스템 충돌을 검출하기를 원하십니까? + VeraCrypt 미니덤프를 찻지 못했습니다. + 디스크의 공간을 확보하기 위해서 시스템 충돌파일을 지우는것을 원하십니까? + 시스템 충돌을 분석하기에 VeraCrypt가 Microsoft Debugging Tools를 Windows에 설치해야합니다.\n\nOK를 클릭하신후 Microsoft에서 Microsoft Debugging Tools (16 MB)를 다운로드를한후 설치를 실행합니다. (Windows installer가 Microsoft 서버에서부터 veracrypt.org 서버로 전송을 해서 Microsoft의 설치프로그램의 장소가 바뀌어도 실행을 할수있습니다). + OK를 클릭하시면 VeraCrypt의 시스템분석이 시작됩니다. 몇분이 될수있으니 기다려주세요. + 시스템 패스(PATH)가 커넬디버거를 (kd.exe, Kernel Debugger) 포함한것을 체크해주세요. + 시스템 충돌을 검사한 결과 VeraCrypt가 아닌 다른원인의 가능성이 있습니다 (예: 하드웨어의 오류, 장치 드라이버, etc.) + 시스템 충돌을 검사한 결과 다음의 드라이버들을 업데이트를 한후 다시 시도하세요: + 버그가 있슴을 확인을 결정하기 위해서 VeraCrypt에 자동으로 생성된 에러보고서를 보고서를 보네겟습니까? 보고서에는 다음과 같은 정보가 포함이 되어있습니다:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\n만약 'YES'를 클릭하시면 다음과같은 URL이 열립니다. + 위에 보이는 에러보고서를 VeraCrypt에게 보내고 싶습니까? + 암호화(&E) + 암호해제(&D) + 영구적 암호해제 + 종료 + 이 확장 파티션에 대한 논리 드라이브를 만든 후 다시 시도하세요. + (하드 디스크, USB 플래시 드라이브 등에 위치할 수 있는) VeraCrypt 보관소로 불리는 파일 안에 VeraCrypt 볼륨을 둘 수 있습니다. VeraCrypt 보관소는 일반의 보통 파일과 같습니다(* 예컨대 보통의 파일처럼 이동 또는 삭제가 가능합니다). 보관소를 위한 파일이름을 선택하고, 보관소가 만들어질 위치를 선택하려면 “파일 선택”을 클릭합니다.\n\n주의: 만약 기존의 파일을 선택하게 되면, VeraCrypt는 이 파일을 암호화하지 않습니다. 또한 이 파일은 삭제되고 “새롭게 생성된 VeraCrypt 보관소”로 교체됩니다. 기존의 파일을, 지금 만들려고 하는 VeraCrypt 보관소로 (나중에) 이동시켜서, 암호화할 수 있습니다. + 생성될 외부 볼륨의 위치를 선택합니다. 나중에 외부 볼륨 안에 “숨긴 볼륨”이 만들어집니다.\n\nVeraCrypt 볼륨은 하드 디스크, USB 플래시 드라이브 등에 위치할 수 있는 파일(→ VeraCrypt 보관소) 안에 둘 수 있습니다. VeraCrypt 보관소는 보통의 파일처럼 이동 또는 삭제가 가능합니다. 보관소를 위한 파일이름을 선택하고, 보관소가 만들어질 위치를 선택하려면 “파일 선택”을 클릭합니다. 만약 기존의 파일을 선택하게 되면, VeraCrypt는 이 파일을 암호화하지 않습니다. 또한 이 파일은 삭제되고 새롭게 생성된 VeraCrypt 보관소로 교체됩니다. 기존의 파일을, 지금 만들려고 하는 VeraCrypt 보관소로 (나중에) 이동시켜서, 암호화할 수 있습니다. + 암호화된 장치-기반의 VeraCrypt 볼륨은 ① 하드 디스크의 파티션, ② SSD(Solid State Drive), ③ USB 메모리 스틱 및 ④ 기타 지원되는 저장 장치 안에 만들어질 수 있습니다. 또한 파티션 자체를 암호화할 수도 있습니다.\n\n게다가 암호화된 장치-기반의 VeraCrypt 볼륨은 파티션을 포함하고 있지 않은 장치(* 하드 디스크 및 SSD 포함) 내에도 만들어질 수 있습니다.\n\n참고: 파티션을 포함하고 있는 장치 자체를 (단 한 개의 키로써) 완전히 암호화할 수 있습니다. 다만 윈도우가 설치되어 있고 그곳에서 부팅이 가능한 드라이브인 경우에 가능합니다. + 장치-기반의 VeraCrypt 볼륨은 ① 하드 디스크 파티션, ② SSD(Solid State Drive), ③ USB 메모리 스틱 및 ④ 기타 저장 장치 안에 만들어질 수 있습니다.\n\n주의: 파티션/장치가 포맷되고 현재 이곳에 저장된 모든 데이터를 잃게 됩니다. + \n생성될 “외부 볼륨”의 위치를 선택합니다. 나중에 외부 볼륨 안에 “숨긴 볼륨”이 만들어집니다.\n\n외부 볼륨은 ① 하드 디스크 파티션, ② SSD(Solid State Drive), ③ USB 메모리 스틱 및 ④ 기타 지원되는 저장 장치 안에 만들어질 수 있습니다. 외부 볼륨은 파티션을 포함하고 있지 않은 장치(* 하드 디스크 및 SSD 포함) 내에도 만들어질 수 있습니다.\n\n주의: 파티션/장치가 포맷되고 현재 이곳에 저장된 모든 데이터를 잃게 됩니다. + \n숨긴 볼륨을 생성할 VeraCrypt 외부 볼륨의 위치를 선택해 주세요. + 주의: 호스트 파일/장치가 이미 사용 중입니다!\n\n이것을 무시하면 시스템 불안정 등의 원하지 않는 결과를 초래할 수 있습니다. 호스트 파일/장치를 사용하는 모든 프로그램(예: 안티바이러스 또는 백업 프로그램)을 “볼륨이 삽입하기 전”에 닫아야 합니다.\n\n그래도 계속 하시겠습니까? + 오류: 볼륨을 삽입할 수 없습니다. 호스트 파일/장치가 이미 사용 중입니다. 접근권한 없는 삽입의 시도는 실패했습니다. + 파일을 열 수 없습니다. + 볼륨 위치 + 큰 파일 + 현재 VeraCrypt 볼륨에 4GB 이상의 파일을 저장하시겠습니까? + 여러분이 위에서 선택한 것에 따라 VeraCrypt는 VeraCrypt 볼륨을 위해 적절한 기본 파일 시스템을 선택하게 됩니다. (다음 단계에서 파일 시스템을 선택할 수 있습니다.) + 외부 볼륨을 만드는 동안 여러분은 “아니오”의 선택 여부를 고민해야 합니다. “예”를 선택하게 되면 기본 파일 시스템은 NTFS가 되는데 이는 외부 볼륨으로선 적당하지 않습니다(→ FAT이 적당). 예컨대 (외부 볼륨이 FAT으로 포맷된 경우) 숨긴 볼륨의 가능한 최대 크기는 훨씬 더 클 수도 있습니다. 대개 FAT은 표준 및 숨긴 볼륨에 기본 형식입니다. (그래서 FAT 볼륨은 별 문제가 없습니다.) 그러나 4GB 이상의 파일(→ FAT 파일 시스템에선 지원 안됨)을 저장하려고 하는 경우에는 FAT은 기본 형식이 아닙니다. + 그래도 “예”를 선택하시겠습니까? + 볼륨 생성 모드 + 이 방법은 파티션-기반 또는 장치-기반의 VeraCrypt 볼륨을 만드는 가장 빠른 방법입니다(* 다른 옵션인 “자체 암호화”는 각 섹터의 내용을 먼저 읽고, 암호화해서 쓰기 때문에 비교적 느립니다). 선택한 파티션/장치에 현재 저장되어 있는 모든 데이터는 잃게 됩니다(* 데이터는 암호화되지 않고 무작위 데이터로 덮어쓰기됩니다). 파티션에 있는 기존 데이터를 암호화하려면, 다른 옵션을 선택합니다. + 선택한 전체 파티션 및 이곳에 저장된 모든 데이터는 자체(in place) 암호화됩니다. 파티션이 비어 있는 경우, 다른 옵션을 선택해야 합니다(* 볼륨이 훨씬 더 빠르게 생성됩니다). + 참고: + 다시 시작(&R) + 연기(&D) + 시작(&S) + 계속(&C) + 포맷(&F) + 지우기(&W) + 포맷 중단? + 추가 정보 표시 + 다시 표시 안함 + 파티션/장치의 내용을 성공적으로 지웠습니다. + 원래의 시스템(* 이 시스템의 숨겨진 시스템은 복제된 것임)이 존재했던 파티션의 내용을 성공적으로 지웠습니다. + (지워진 파티션에) 설치하려는 윈도우 버전이 현재 실행 중인 윈도우 버전과 동일한 것인가를 확인해 주세요. 이 작업은 두 시스템이 부트 파티션을 공통으로 공유하기 때문에 필요합니다. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + 시스템 파티션/드라이브를 성공적으로 암호해제했습니다. + \n\n볼륨이 성공적으로 만들어졌고, 사용할 준비가 되었습니다. 또 다른 VeraCrypt 볼륨을 만들려면 “다음”을 클릭하세요. 마법사를 끝내려면 “종료”를 클릭하세요. + \n\n숨겨진 VeraCrypt 볼륨을 성공적으로 만들었습니다(* 숨겨진 운영체제는 이 숨겨진 볼륨에 존재하게 됩니다).\n\n계속하려면 “다음”을 클릭합니다. + 볼륨이 완전히 암호화됨 + 볼륨이 완전히 암호해제됨 + 중요: 새롭게 만들어진 VeraCrypt 볼륨을 삽입해서 이에 저장된 데이터에 접근하려면, VeraCrypt 메인 창에서 “장치 자동삽입”을 클릭합니다. 올바른 비밀번호 또는 키파일을 입력한 이후 사용자가 VeraCrypt 메인 창에 있는 목록에서 선택한 드라이브 문자에 볼륨이 삽입됩니다(* 선택한 드라이브 문자를 통해 암호화된 데이터에 접근할 수 있게 됩니다).\n\n위에서 언급한 단계를 기억해 두거나 작성해 주십시오. 볼륨을 삽입하거나 그곳에 저장된 데이터에 접근하려 할 때마다 이 단계를 반드시 따라야 합니다. 대체방법은 VeraCrypt 메인 창에서 “장치 선택”을 클릭한 후 해당 파티션/볼륨을 선택해서 “삽입”을 클릭하는 것입니다.\n\n파티션/볼륨이 성공적으로 암호화되었고(* 완전히 암호화된 VeraCrypt 볼륨 포함) 사용할 준비가 되었습니다. + VeraCrypt 볼륨이 성공적으로 암호가 해제되고, 사용할 준비가 되었습니다. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + 볼륨이 성공적으로 만들어졌고, 사용할 준비가 되었습니다. + 볼륨 생성 + 중요: 이 창 안에서 마우스를 가능한 한 무작위로 움직이세요. 마우스를 더 오래 움직일수록 더욱 좋습니다. 이 작업은 암호키의 암호력을 상당히 증대시킵니다. 이제 볼륨을 생성하려면 “포맷”을 클릭하세요. + 외부 볼륨을 만들 준비가 되면 “포맷”을 클릭하세요. 더 자세한 정보를 보려면 문서를 참고하세요. + 외부 볼륨 포맷 + 숨긴 볼륨 포맷 + 볼륨 포맷 + VeraCrypt 사용자 안내서를 보거나 인쇄하려면 Adobe Reader(또는 호환가능한 도구)가 필요합니다. Adobe Reader (프리웨어) 다운로드 주소: www.adobe.com\n\n대신 온라인 문서를 보시겠습니까? + 만약 이 옵션을 선택했다면, 마법사가 ① 표준 VeraCrypt 볼륨을 만들고 ② 그 안에 숨긴 VeraCrypt 볼륨을 만드는 것을 도와줍니다. 경험이 없는 사용자는 항상 이 옵션을 선택해야 합니다. + 만약 이 옵션을 선택했다면, 기존의 VeraCrypt 볼륨 안에 숨긴 볼륨을 만들게 됩니다. “숨긴 볼륨”의 호스트에 적당한 VeraCrypt “외부 볼륨”은 이미 만들었다고 간주됩니다. + 볼륨 생성 모드 + 숨긴 볼륨을 생성했습니다. + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + 숨긴 운영체제를 시작했습니다. 주지했다시피 숨긴 운영체제는 원래의 운영체제와 동일한 파티션에 설치된 것으로 보이게 됩니다. 그러나 실제로는 (숨긴 볼륨 내에 있는) 파티션 안에 설치되어 있습니다. 모든 읽기 및 쓰기 작업은 원래의 시스템 파티션에서 숨긴 볼륨으로 (눈에 띄지 않게) 재전환됩니다.\n\n시스템 파티션에서 읽고 쓰여지는 데이터가 실제로는 숨긴 볼륨에서 읽고 쓰여지고 있다는 사실을 운영체제 뿐만 아니라 프로그램도 전혀 알지 못합니다. 이러한 데이터는 실시간으로 보통 때와 마찬가지로 (미끼용 운영체제에서 사용되는 키와는 다른 키를 사용해서) 암호화되고 암호해제됩니다.\n\n\n계속하려면 “다음”을 클릭해 주십시오. + 외부 볼륨이 만들어졌고, 드라이브 %hc:에 삽입되었습니다:. 실제로는 숨기고 싶지 않지만 겉으로 보기에 상당히 민감하게 보이는 파일들을 이 외부 볼륨에 지금 복사해야 합니다. 이러한 파일들은 노출을 강요하는 자에게 공개되어도 상관이 없는 “시스템 파티션 뒤의 첫번째 파티션에 대한 비밀번호용”입니다. 시스템 파티션에는 ① 외부 볼륨 및 ② 숨긴 볼륨(→ 숨긴 운영체제 포함)이 자리잡고 있습니다. 이러한 외부 볼륨용 비밀번호는 공개될 수 있지만, 숨긴 볼륨 (및 숨긴 운영체제)의 존재는 여전히 비밀로 남습니다.\n\n중요: 외부 볼륨에 복사한 파일이 %s 이상을 차지해선 안됩니다. 그렇지 않으면 외부 볼륨에 “숨긴 볼륨을 위한 충분한 공간”이 확보되지 않기 때문입니다. 이런 경우 계속 진행할 수 없게 됩니다. 복사 작업을 마친 후 “다음”을 클릭합니다(→ 볼륨을 꺼내지 마세요). + 외부 볼륨이 성공적으로 만들어졌고, 드라이브 %hc:에 삽입되었습니다. 실제로는 숨기고 싶지 않지만 겉으로 보기에 상당히 민감한 파일을 이 볼륨에 지금 복사해야 합니다. 강요에 의해 비밀번호를 노출해야만 하는 경우, 거기에 있는 파일들이 표시됩니다. 외부 볼륨에 대한 비밀번호만 노출될 뿐, 숨긴 볼륨은 안전합니다. 나중에 만들어질 “숨긴 볼륨”에 진짜 소중한 파일을 저장하면 됩니다. 복사 작업이 끝나면 “다음”을 클릭하세요. 볼륨을 꺼내지 마세요.\n\n참고: “다음”을 클릭하면, 여유 공간(이 공간의 끝이 볼륨의 끝과 정렬됨)의 간섭받지 않는 영역의 크기를 결정하기 위해, 외부 볼륨의 클러스터 비트맵을 스캔하게 됩니다. 이 영역은 숨긴 볼륨을 위한 것이기 때문에, 숨긴 볼륨의 가능한 최대 크기를 제한하게 됩니다. 클러스터 비트맵 스캔은 “숨긴 볼륨”이 외부 볼륨을 데이터로 덮어쓰지 못하도록 하는 것입니다. + 외부 볼륨 내용 + \n\n다음 단계에서 외부 볼륨에 대한 옵션을 설정하게 됩니다(→ 외부 볼륨 안에 숨긴 볼륨이 나중에 만들어집니다). + \n\n다음 단계에서, (이전 단계에서 설명했듯이) 시스템 파티션 뒤의 첫번째 파티션 안에 이른바 “외부 VeraCrypt 볼륨”을 만들게 됩니다. + 외부 볼륨 + 다음 단계에서 (숨긴 운영체제를 포함하고 있는) 숨긴 볼륨에 대한 옵션 및 비밀번호를 설정하게 됩니다.\n\n참고: 여유 공간(→ 이 공간의 끝이 볼륨의 끝과 정렬됨)의 간섭받지 않는 영역의 크기를 결정하기 위해, 외부 볼륨의 클러스터 비트맵을 스캔하게 됩니다. 이 영역은 숨긴 볼륨을 위한 것이기 때문에 “숨긴 볼륨의 가능한 최대 크기”를 제한하게 됩니다. 숨긴 볼륨의 가능한 최대 크기는 시스템 파티션의 것보다 더 크게 정해지게 됩니다. 이는 시스템 파티션의 전체 내용이 숨긴 볼륨에 복사될 필요가 있기 때문입니다. 이를 통해 숨긴 볼륨 영역에 쓰여진 데이터가 “외부 볼륨에 현재 저장되어 있는 데이터”를 덮어쓰지 못하도록 방지합니다. + 중요: 이 단계에서 선택한 알고리듬을 기억해 두십시오. 미끼용 시스템을 위해 동일한 알고리듬을 선택해야 할 것입니다. 그렇지 않으면 “숨긴 시스템”에 접근하지 못하게 됩니다! (미끼용 시스템은 “숨긴 시스템”과 동일한 암호 알고리듬으로 암호화되어야 합니다.)\n\n참고: 그 이유는 미끼용 시스템과 숨긴 시스템은 한 개의 부트 로더를 공유하게 되는데, 이 부트 로더는 사용자가 선택한 단일 알고리듬만을 지원하기 때문입니다(* 각 알고리듬에 대해 특별한 버전의 VeraCrypt 부트 로더가 있습니다). + \n\n볼륨 클러스트 비트맵이 스캔되었고, 숨긴 볼륨의 가능한 최대 크기가 결정되었습니다. 다음 단계에서 숨긴 볼륨에 대한 옵션, 크기 및 비밀번호를 설정하게 됩니다. + 숨긴 볼륨 + 이제 외부 볼륨을 꺼내기 전에는 숨긴 볼륨이 손상으로부터 보호됩니다.\n\n주의: 만약 어떤 데이터를 숨긴 볼륨 영역에 쓰고자 시도한다면, 볼륨이 꺼내지기 전까지 VeraCrypt는 전체 볼륨(외부/숨긴 볼륨)을 쓰기금지로 보호합니다. 이는 외부 볼륨에 대한 파일시스템 손상으로 이어질 수 있습니다. 또한 이것이 반복되면 “숨긴 볼륨의 효과적인 거부방법”에 악영향을 미치게 됩니다. 그러므로 여러분은 숨긴 볼륨 영역에의 쓰기작업을 피하기 위해 노력을 해야만 합니다. 숨긴 볼륨 영역에 저장되어 있는 데이터는 저장되지도 않고 손실되지도 않습니다. 윈도우는 이를 “쓰기 오류”로 보고하게 됩니다(“지연된 쓰기 실패” 또는 “변수가 올바르지 않습니다”). + 이제 새로 삽입된 볼륨의 내부에 위치한 각 숨긴 볼륨은 꺼내지기 전까지는 손상으로부터 보호됩니다.\n\n주의: 만약 어떤 데이터를 보호된 숨긴 볼륨 영역에 쓰고자 시도한다면, 볼륨이 꺼내지기 전까지 VeraCrypt는 전체 볼륨(외부/숨긴 볼륨)을 쓰기금지로 보호합니다. 이는 외부 볼륨에 대한 파일시스템 손상으로 이어질 수 있습니다. 또한 이것이 반복되면 “숨긴 볼륨의 효과적인 거부방법”에 악영향을 미치게 됩니다. 그러므로 여러분은 숨긴 볼륨 영역에의 쓰기작업을 피하기 위해 노력을 해야만 합니다. 보호된 숨긴 볼륨 영역에 저장되어 있는 데이터는 저장되지도 않고 손실되지도 않습니다. 윈도우는 이를 “쓰기 오류”로 보고하게 됩니다(“지연된 쓰기 실패” 또는 “변수가 올바르지 않습니다”). + 주의: %c:로서 삽입된 볼륨의 숨긴 볼륨 영역에 데이터를 저장되는 작업이 시도되고 있습니다! 숨긴 볼륨을 보호하기 위해 VeraCrypt가 이러한 데이터 저장 작업을 방지했습니다. 이는 외부 볼륨에 대한 파일 시스템 손상을 초래할 수 있고, 윈도우는 이를 “쓰기 오류”로 보고하게 됩니다(“지연된 쓰기 실패” 또는 “변수가 올바르지 않습니다”). 볼륨이 꺼내지기 전까지 VeraCrypt는 전체 볼륨(외부 및 숨긴 볼륨)을 쓰기금지로 보호합니다. 만약 VeraCrypt가 이 볼륨의 숨긴 볼륨 영역에 데이터를 저장하는 작업을 방해한 것이 처음이 아니라면, 숨긴 볼륨의 그럴싸한 거부방법은 악영향을 받았을 수도 있습니다(→ 외부 볼륨 파일 시스템 내에서의 특이하게 관련된 불일치가 원인일 수 있음). 그러므로 새로운 VeraCrypt 볼륨을 (빠른 포맷을 사용하지 않고) 만들고, 이 볼륨의 파일들을 새 볼륨으로 이동시키는 것을 고려해 봐야 합니다. 이 볼륨은 안전하게 (외부 및 숨긴 부분 둘다) 지워져야 합니다. 지금 운영체제를 다시 시작할 것을 적극권장합니다. + 볼륨에 4GB 이상의 파일을 저장할려는 위도를 발견햇습니다. 이상의 파일을 저장을 할려면 지정된 볼륨은 NTFS로 포맷이 필요합니다. 하지만 지금은 불가능 합니다. + 참고: 숨긴 운영체제가 실행 중인 경우, 숨긴 볼륨이 아는 볼륨은 NTFS로 포맷을 할수 없습니다 (* 왜냐하면 외부 볼륨은 일시적으로 쓰기 보호 없이 삽입이 되서 운영체제가 볼륨을 NTFS로 포맷이 가능할수있기 때문입니다 - 하지만 FAT은 운영체제가 아닌 VeraCrypt로 포멧이 가능합니다). 더 기술적인 자세한 내용은 아래를 참조하십시오. + 보안상의 이유로 숨긴 운영체제가 실행 중인 경우, 숨긴 볼륨은 “직접” 모드에서만 만들어질 수 있습니다(* 왜냐하면 외부 볼륨은 항상 읽기-전용으로만 삽입되기 때문입니다). 숨긴 볼륨을 안전하게 만드려면, 다음 지침을 따릅니다:\n\n1) 미끼용 시스템을 부팅합니다.\n\n2) 표준 VeraCrypt 볼륨을 만들고 이 볼륨 안에 민감한 파일처럼 보이지만 실제로는 숨기고 싶지 않은 일부 파일들을 복사합니다. 이 볼륨은 외부 볼륨이 됩니다.\n\n3) 숨긴 시스템을 부팅한 후 “VeraCrypt 볼륨 만들기 마법사”를 시작합니다. 파일-기반의 볼륨인 경우, 이 볼륨을 시스템 파티션 또는 다른 숨겨진 볼륨으로 이동시킵니다. 그렇지 않으면 새롭게 생성된 숨긴 볼륨이 읽기-전용으로 삽입되거나 이를 포맷할 수 없게 됩니다. 마법사의 지침에서 숨긴 볼륨 만들기 “직접 방식”을 선택합니다.\n\n4) 마법사의 2단계에서 여러분이 만든 볼륨을 선택한 다음 이 안에 “숨긴 볼륨”을 만들도록 지침을 따릅니다. + 보안상의 이유로, 숨긴 운영체제가 실행 중일 때, ① 암호화되지 않은 로컬 파일 시스템 및 ② 숨긴 볼륨이 아닌 VeraCrypt 볼륨은 읽기-전용으로 삽입됩니다. 어떠한 데이터도 그러한 파일 시스템 또는 VeraCrypt 볼륨에 쓰여질 수 없습니다.\n\n데이터는 숨긴 VeraCrypt 볼륨 내에 있는 파일 시스템에 쓰여지도록 되어 있습니다(* 숨긴 볼륨이 암호화되지 않은 파일시스템 또는 다른 읽기-전용 파일시스템에 저장되어 있는 보관소에 위치하지 않은 경우에 한함). + 이러한 대응책이 만들어진 주요한 3가지 이유가 있습니다:\n\n- 숨긴 VeraCrypt 볼륨의 삽입에 대한 안전한 플랫폼의 생성을 가능하게 합니다. 우리는 공식적으로 숨긴 운영 시스템이 실행 중일 때만 “숨긴 볼륨을 삽입할 것”을 권장하고 있습니다. (더 자세한 정보는 문서의 “Security Requirements and Precautions Pertaining to Hidden Volumes” 부분을 참고하세요.\n\n- 가끔 ① 특정 파일 시스템이 특정 운영 시스템에서는 삽입되지 않거나 ② 파일 시스템의 특정 파일이 특정 시스템에서 저장되지 않거나 접근할 수 없는 경우를 발견할 수 있습니다. 이는 컴퓨터에 “숨긴 운영체제”가 설치되어 있다는 것을 나타냅니다. 대응책은 이러한 문제점을 방지합니다.\n\n- 이를 통해 데이터 손상을 방지하고 최대 절전 모드로 안전하게 진입할 수 있게 합니다. 최대 절전 모드에서 윈도우가 다시 시작될 때, 윈도우는 (삽입된 모든 파일 시스템들이) 최대 절전 모드에 들어갈 때의 상태와 동일한 상태에 있다고 가정을 합니다. VeraCrypt는 미끼용 및 숨겨진 시스템 내에 접근가능한 파일 시스템의 쓰기를 금지합니다. 이러한 보호책이 없는 경우, 다른 시스템이 최대 절전 모드 상태로 진입하는 동안 또다른 시스템이 삽입(mount)될 때 파일 시스템이 손상될 수 있습니다. + 참고: 미끼용 시스템에서 숨긴 시스템으로 파일을 안전하게 전송할 필요가 있는 경우에는 다음 단계를 따릅니다. 1) 미끼용 시스템을 시작합니다. 2) 암호화되지 않은 볼륨 또는 외부/표준 VeraCrypt 볼륨에 파일을 저장합니다. 3) 숨긴 시스템을 시작합니다. 4) VeraCrypt 볼륨에 파일을 저장한 경우, 이 볼륨을 삽입합니다(→ 읽기-전용으로 자동으로 삽입됩니다). 5) 파일을 ① 숨긴 시스템 파티션 또는 ② 다른 숨긴 볼륨에 복사합니다. + 컴퓨터를 다시 시작해야 합니다.\n\n지금 다시 시작하시겠습니까? + 오류: 시스템 암호 상태를 얻는 동안 오류가 발생했습니다. + 오류: 명령 프롬프트에 지정된 암호가 없습니다. 볼륨을 만들 수 없습니다. + 오류: 명령 프롬프트에 지정된 볼륨이 없습니다. 볼륨을 만들 수 없습니다. + 오류: 명령 프롬프트에 지정된 볼륨 사이즈는 선택된 NTFS 파일 시스템과 호환이 되지 않습니다. + 오류: 명령 프롬프트에 지정된 볼륨 사이즈는 선택된 FAT32 파일 시스템과 호환이 되지 않습니다. + 오류: 대상 드라이브의 파일 시스템은 변경(dynamic)되는 볼륨에 필요한 파일의 제작을 호환이 되지 않습니다. + 오류: 명령 프롬프트로 컨테이너 파일들만 만들어 질수 있습니다. + 오류: 명령 프롬프트에 지정된 볼륨 사이즈는 디스크에서 사용 가능한 크기보다 큽니다. 볼륨을 만들 수 없습니다. + 오류: 명령 프롬프트에 지정된 볼륨 사이즈는 최소갚 보다 적습니다. 볼륨을 만들 수 없습니다. + 오류: 명령 프롬프트에 지정된 볼륨 사이즈는 최고갚 보다 큽니다. 볼륨을 만들 수 없습니다. + 시스템 암호화를 위한 프로그램 구성요소를 초기화하지 못했습니다. + 무작위 숫자 생성기를 초기화하는데 실패했습니다! + 윈도우의 암호화 API가 실패했습니다!\n\n\n(만약 버그보고를 보낼경우 다음과 같은 내용을 포함하십시오:\n%hs, Last Error = 0x%.8X) + 프로그램을 초기화할 수 없습니다. 다이얼로그 클래스 등록에 실패했습니다. + 오류: Rich Edit 시스템 라이브러리를 로드하는데 실패했습니다. + VeraCrypt 볼륨 만들기 마법사 + 이 볼륨에 대한 숨긴 볼륨의 가능한 최대 크기 ▷ %.2f bytes + 이 볼륨에 대한 숨긴 볼륨의 가능한 최대 크기 ▷ %.2f KB + 이 볼륨에 대한 숨긴 볼륨의 가능한 최대 크기 ▷ %.2f MB + 이 볼륨에 대한 숨긴 볼륨의 가능한 최대 크기 ▷ %.2f GB + 이 볼륨에 대한 숨긴 볼륨의 가능한 최대 크기 ▷ %.2f TB + 볼륨이 삽입된 상태에서 “비밀번호/키파일”을 변경할 수 없습니다. 먼저 볼륨을 꺼내야 합니다. + 볼륨이 삽입된 상태에서 “헤더 키 도출 알고리듬”을 변경할 수 없습니다. 먼저 볼륨을 꺼내야 합니다. + 삽입(&M) + 이 볼륨을 삽입하려면 최신 버전의 VeraCrypt가 필요합니다. + 오류: 볼륨 만들기 마법사를 찾을 수 없습니다.\n\n“VeraCrypt.exe”가 실행된 폴더에서 “VeraCrypt Format.exe” 파일을 찾아보시기 바랍니다. 만약 없으면 VeraCrypt를 다시 설치하거나, 디스크에서 “VeraCrypt Format.exe” 파일의 위치를 지정한 실행하세요. + 오류: 볼륨확장기을 찾을수 없습니다.\n\n'VeraCryptExpander.exe'가 'VeraCrypt.exe'을 실행한 폴더에 있는지 확인하시길 바랍니다. 그렇지 않을 경우 VeraCrypt를 다시 설치하거나 'VeraCryptExpander.exe'를 찾아 폴더에 포함하세요. + 다음(&N) > + 마침(&F) + 설치(&I) + 추출(&X) + VeraCrypt 장치 드라이버에 연결할 수 없습니다. 장치 드라이버가 실행 중이 아니라면 VeraCrypt가 작동하지 않습니다.\n\n(윈도우의 문제로 인해) 장치 드라이버를 로드하기 전에 시스템을 로그오프하거나 다시 시작해야 합니다. + 글꼴을 로딩/준비할 때 오류가 발생했습니다. + 드라이브 문자를 찾을 수 없거나 지정한 드라이브 문자가 없습니다. + 오류: 드라이브 문자를 지정할수 없습니다.\n\n볼륨의 드라이브 문자가 지정될때까지 저장된 데이터를 액세스 할수 없습니다.\n\n시도를 다시 하겟습니까? + 드라이브 문자를 사용할 수 없습니다. + 선택한 파일이 없습니다! + 이용가능한 드라이브 문자가 없습니다. + 외부 볼륨을 위해 할당한 드라이브 문자가 없습니다! 볼륨 만들기를 계속할 수 없습니다. + 사용 중인 운영체제를 확인할 수 없거나 지원되지 않는 운영체제를 사용 중입니다. + 선택한 경로가 없습니다! + 숨긴 볼륨에 충분한 여유 공간이 없습니다! 볼륨 만들기를 계속할 수 없습니다. + 오류: 외부 볼륨에 복사한 파일들이 너무 많은 공간을 차지합니다. 그 결과 외부 볼륨 공간에 (숨긴 볼륨을 위한) 충분한 여유 공간이 없습니다.\n\n숨긴 볼륨은 시스템 파티션 만큼 커야 합니다(→ 시스템 파티션은 현재 실행 중인 운영체제가 설치되어 있는 파티션입니다). 왜냐하면 숨긴 운영체제는 (시스템 파티션의 내용을 숨긴 볼륨에 복사함으로써) 만들어질 필요가 있기 때문입니다.\n\n\n숨긴 운영체제의 생성 진행을 계속할 수 없습니다. + 드라이버가 볼륨을 꺼낼 수 없습니다. 볼륨의 일부 파일이 여전히 열려 있을 수도 있습니다. + 볼륨을 잠글 수 없습니다. 볼륨의 일부 파일이 여전히 열려 있습니다. 그래서 볼륨을 꺼낼 수 없습니다. + 볼륨이 시스템 또는 프로그램에 의해 사용 중이기 때문에(* 볼륨에 열려 있는 파일이 있을 수 있음) VeraCrypt가 이 볼륨을 잠글 수 없습니다.\n\n볼륨을 강제로 꺼내시겠습니까? + VeraCrypt 볼륨 선택 + 경로 및 파일이름 지정 + PKCS #11 라이브러리 선택 + 메모리 부족 + 중요: 경험이 없는 사용자는 모든 장치/파티션을 암호화하는 대신에 선택한 장치/파티션에 “VeraCrypt 파일 보관소”를 만들 것을 권장합니다.\n\nVeraCrypt 파일 보관소를 만들게 되면 수많은 파일을 파괴할지도 모르는 위험을 피할 수 있습니다. VeraCrypt 파일 보관소는 (비록 가상의 암호화된 디스크를 포함할지라도) 실제로 보통 파일과 같습니다. 추가 정보를 보려면, VeraCrypt 사용자 안내서에서 Beginner´s Tutorial을 읽어보세요.\n\n정말로 모든 장치/파티션을 암호화하시겠습니까? + 주의: “%s” 파일이 이미 존재합니다! 중요: VeraCrypt는 파일을 암호화하지 않고, 삭제합니다. 파일을 삭제하고, 그 파일을 새로운 VeraCrypt 보관소로 교체하시겠습니까? + 주의: 선택한 %s “%s”%s에 현재 저장되어 있는 모든 파일이 삭제되고 사라지게 됩니다(이 파일들은 암호화되지 않습니다)!\n\n정말로 포맷을 계속 진행하시겠습니까? + 주의: 볼륨이 완전히 암호화되기 전에는 이 볼륨을 삽입하거나 볼륨에 저장된 파일에 접근할 수 없습니다.\n\n선택한 %s “%s”%s의 암호화 작업을 시작하시겠습니까? + 주의: 볼륨이 완전히 암호화해독되기 전에는 이 볼륨을 삽입하거나 볼륨에 저장된 파일에 접근할 수 없습니다.\n\n선택한 %s “%s”%s의 암호화 작업을 시작하시겠습니까? + 주의: 기존의 자체 데이터를 암호화하는 동안 ① 전력 공급이 갑자기 중단되거나 ② 소프트웨어 또는 하드웨어의 문제때문에 운영체제가 충돌을 일으키면, 일부 데이터가 손상되거나 유실될 수 있습니다. 그러므로 암호화 작업을 시작하기 전에 암호화하고자 하는 파일의 복사본을 백업해 두었는지 확인해야 합니다.\n\n파일의 백업이 있습니까? + 주의: “%s”%s 파티션(→ 예: 시스템 파티션 뒤에 있는 첫번째 파티션)에 현재 저장되어 있는 모든 파일이 삭제되고 사라지게 됩니다(이 파일들은 암호화되지 않습니다)!\n\n정말로 포맷을 계속 진행하시겠습니까? + 주의: 선택한 파티션에 큰 규모의 데이터가 포함되어 있습니다! 파티션에 저장되어 있는 파일들은 지워지고 손실됩니다(* 이들은 암호화되지 않습니다)! + VeraCrypt 볼륨을 파티션 내에 만들면서 이 파티션에 저장되어 있는 파일들은 지워집니다. + 비밀번호 + PIM + 헤더 키 도출 알고리듬 설정 + 볼륨에 키파일 추가/삭제 + 볼륨에서 모든 키파일 제거 + 비밀번호/키파일이 성공적으로 변경되었습니다.\n\n중요: VeraCrypt 사용자 안내서의 “Security Requirements and Precautions” 장에 있는 “Changing Passwords and Keyfiles(비밀번호 및 키파일 변경)” 섹션을 읽어볼 것을 권장합니다. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + 중요: 만약 사용자가 VeraCrypt 응급복구 디스크를 파괴하지 않았다면, 이전의 비밀번호를 사용해서 시스템 파티션/드라이브의 암호를 해제할 수 있습니다(→ VeraCrypt 응급복구 디스크를 부팅한 다음 이전의 비밀번호를 입력하는 방법). 새로운 VeraCrypt 응급복구 디스크를 만들고 이전 복구 디스크를 파괴해야 합니다.\n\n새로운 VeraCrypt 응급복구 디스크를 만드시겠습니까? + VeraCrypt 응급복구 디스크는 여전히 이전의 알고리듬을 사용하고 있습니다. 만약 이전의 알고리듬이 불안하다고 생각되면, 새로운 VeraCrypt 응급복구 디스크를 만들고 이전 복구 디스크를 파괴해야 합니다.\n\n새로운 VeraCrypt 응급복구 디스크를 만드시겠습니까? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + 키파일이 성공적으로 추가/제거되었습니다. + 키파일을 내보냈습니다. + 헤더 키 도출 알고리듬을 성공적으로 설정했습니다. + 자체 암호화 과정을 다시 시작하고자 하는 “비-시스템 볼륨”에 대한 비밀번호/키파일을 입력해 주십시오.\n\n\n참고: “다음”을 클릭하면 VeraCrypt는 ① 암호화 과정이 중단된 곳에서의 모든 비-시스템 볼륨 및 ② 제공된 비밀번호/키파일을 사용해서 VeraCrypt 볼륨 헤더의 암호를 해제할 수 있는 곳에서의 모든 비-시스템 볼륨의 검색을 시도합니다. 한 개 이상의 볼륨이 검색되면, 사용자는 다음 단계에서 이러한 볼륨 중 하나를 선택해야 합니다. + 나열된 볼륨 중 하나를 선택해 주십시오. 목록에는 ① 암호화 과정이 중단된 곳에서의 모든 비-시스템 볼륨 및 ② 제공된 비밀번호/키파일을 사용해서 VeraCrypt 볼륨 헤더의 암호를 해제할 수 있는 곳에서의 접근가능한 모든 비-시스템 볼륨이 포함되어 있습니다. + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + 좋은 비밀번호를 선택하는 것은 매우 중요합니다. 사전에 나오는 한 개의 단어만을 포함하는 것 또는 2, 3개 단어의 조합은 피해야 합니다. 이름이나 생일 등도 피해야 합니다. 추측하기가 쉽기 때문입니다. 좋은 비밀번호는 무작위 조합입니다. 즉 대소문자, 숫자 및 @ ^ = $ * + 등과 같은 특수기호의 조합입니다. 적어도 20개 이상의 문자로 이루어진 비밀번호를 선택할 것을 권장합니다. 가능한 최대 길이는 64개 문자입니다. + 숨긴 볼륨에 대한 비밀번호를 선택해 주세요. + 숨긴 운영체제(즉 숨긴 볼륨)에 대한 비밀번호를 입력해 주세요. + 중요: 현재 단계에서 “숨긴 운영체제용으로 선택한 비밀번호”는 다른 2개의 비밀번호(→ 외부 볼륨용 비밀번호 및 미끼용 운영체제용 비밀번호)와 서로 달라야 합니다. + 볼륨(→ 이 안에 숨긴 볼륨을 만듬)의 비밀번호를 입력하세요.\n\n“다음”을 클릭하면, VeraCrypt가 볼륨을 삽입하기 위해 시도를 하게 됩니다. 볼륨이 삽입되었을 때, 여유 공간(이 공간의 끝이 볼륨의 끝과 정렬됨)의 간섭받지 않는 영역의 크기를 결정하기 위해, 외부 볼륨의 클러스터 비트맵을 스캔하게 됩니다. 이 영역은 숨긴 볼륨을 위한 것이기 때문에, 숨긴 볼륨의 가능한 최대 크기를 제한하게 됩니다. 클러스터 비트맵 스캔은 “숨긴 볼륨”이 외부 볼륨을 데이터로 덮어쓰지 못하도록 하기 위한 것이므로 필요한 작업입니다. + \n외부 볼륨에 대한 비밀번호를 선택해 주세요. 이것은 적대자로부터 비밀번호를 강요당하거나 요청받은 경우에 그에게 표시할 수 있는 비밀번호입니다.\n\n중요: 비밀번호는 숨긴 볼륨용으로 선택했던 비밀번호와 서로 달라야 합니다.\n\n참고: 비밀번호의 가능한 최대 길이는 64개 문자입니다. + 외부 볼륨에 대한 비밀번호를 선택해 주세요. 이것은 노출을 강요하는 자에게 공개되어도 상관이 없는 “시스템 파티션 뒤의 첫번째 파티션을 위한 비밀번호”입니다. 시스템 파티션에는 ① 외부 볼륨 및 ② 숨긴 볼륨(→ 숨긴 운영체제 포함)이 자리잡고 있습니다. 숨긴 볼륨 (및 숨긴 운영체제)의 존재는 여전히 비밀로 남습니다. 이 비밀번호는 미끼용 운영체제를 위한 것이 아닙니다.\n\n중요: 비밀번호는 숨긴 볼륨(→ 숨긴 운용체제)용으로 선택했던 비밀번호와 서로 달라야 합니다. + 외부 볼륨 비밀번호 + 숨긴 볼륨 비밀번호 + 숨긴 운영체제를 위한 비밀번호 + 주의: 짧은 비밀번호는 주먹구구식 기술로도 쉽게 크랙될 수 있습니다!\n\n적어도 20개 이상의 문자 및 숫자로 이루어진 비밀번호를 만들 것을 권장합니다. 그래도 짧은 비밀번호를 사용하시겠습니까? + 볼륨 비밀번호 + 올바르지 못한 비밀번호이거나 VeraCrypt 볼륨이 아닙니다. + 올바르지 못한 키파일 또는 비밀번호이거나 VeraCrypt 볼륨이 아닙니다. + 올바르지 않은 삽입 모드 또는 비밀번호이거나 VeraCrypt 볼륨이 아닙니다. + 올바르지 않은 삽입 모드 또는 키파일/비밀번호이거나 VeraCrypt 볼륨이 아닙니다. + 올바르지 못한 비밀번호이거나 VeraCrypt 볼륨을 찾을 수 없습니다. + 올바르지 못한 키파일 또는 비밀번호이거나 VeraCrypt 볼륨을 찾을 수 없습니다. + \n\n주의: Caps Lock이 켜져 있습니다. 이 경우 비밀번호를 올바르게 입력할 수 없을지도 모릅니다. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + 숨긴 시스템을 포함하고 있는 숨긴 볼륨을 보호하려는 경우, 숨긴 볼륨에 대한 비밀번호를 입력할 때 “표준 US 키보드 레이아웃”을 사용하고 있는지 확인해 주십시오. (윈도우 시작 전에) US가 아닌 윈도우 키보드 레이아웃을 사용할 수 없는 부팅 전 환경에서 비밀번호를 입력할 필요가 있기 때문입니다. + ① 암호화 과정이 중단된 곳에서의 비-시스템 볼륨 및 ② 제공된 비밀번호/키파일을 사용해서 VeraCrypt 볼륨 헤더의 암호를 해제할 수 있는 곳에서의 비-시스템 볼륨을 찾지 못했습니다.\n\n비밀번호/키파일이 올바른지 확인해 주시고, 파티션/볼륨이 시스템 또는 프로그램(* 안티바이러스 소프트웨어 포함)에 의해 사용되고 있는지를 확인해 주십시오. + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\n참고: ① 부팅-전 인증 없이 암호화된 시스템 드라이브에 위치한 파티션에 삽입을 시도하거나 ② 실행 중이 아닌 운영체제의 암호화된 시스템 파티션에 삽입하려고 하는 경우, “시스템 ▶ 부팅-전 인증 없이 삽입”을 선택해서 이 작업을 할 수 있습니다. + 이 방식에서, 드라이브의 일부가 활성 시스템 암호화의 키 범위에 있는 경우, 드라이브에 위치한 파티션을 삽입할 수 없습니다.\n\n이 방식에서 이 파티션을 삽입하기 전에, ① 다른 드라이브에 설치되어 있는 운영체제로 부팅하거나 ② 암호화되지 않은 운영체제로 부팅해야 합니다. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < 뒤로(&B) + 시스템에 설치된 RAW 장치를 나열할 수 없습니다! + “%s” 볼륨이 존재하고, 읽기전용 상태입니다. 그래도 교체하시겠습니까? + 대상 디렉토리 선택 + 키파일 선택 + 키파일 찾기 경로를 선택하세요. 주의: 경로만 기억되고, 파일 이름은 기억되지 않습니다! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Ross Anderson, Eli Biham, 및 Lars Knudsen에 의해 디자인됨. 1998년 발표됨. 256-비트 키, 128-비트 블록. 작업 모드는 XTS입니다. Serpent는 AES 결선작 중의 하나였습니다. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + 외부 볼륨 크기 + 숨긴 볼륨 크기 + 위에 표시된 선택한 장치/파티션의 크기가 올바른지 확인한 후 “다음”을 클릭하십시오. + 외부 볼륨 및 숨긴 볼륨(→ 여기에 숨긴 운영체제를 포함)은 위 파티션 안에 존재하게 됩니다. 이는 시스템 파티션 뒤의 첫번째 파티션에 있어야 합니다.\n\n위에 표시된 파티션의 크기 및 숫자가 올바른지 확인한 후 “다음”을 클릭합니다. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + 볼륨 크기 + 동적 보관소 + 주의: 셀프-테스트 실패! + 모든 알고리듬이 셀프-테스트를 통과했습니다. + 제공한 데이터 단위 수가 너무 길거나 짧습니다. + 제공한 보조 키가 너무 길거나 짧습니다. + 제공한 테스트 암호가 너무 길거나 짧습니다. + 제공한 테스트 키가 너무 길거나 짧습니다. + 제공한 “테스트 단순텍스트”가 너무 길거나 짧습니다. + 2개의 암호가 층계적으로 XTS 모드에서 작동. 각 블록은 처음에 %s (%d-비트 키)로 암호화되고, 이어서 %s (%d-비트 키)로 암호화됩니다. 각 암호는 각각의 키를 사용합니다. 모든 키는 상호 독립적입니다. + 3개의 암호가 층계적으로 XTS 모드에서 작동. 각 블록은 처음에 %s (%d-비트 키)로 암호화되고, 이어서 %s (%d-비트 키)로 암호화됩니다. 마지막으로 %s (%d-비트 키)로 암호화됩니다. 각 암호는 각각의 키를 사용합니다. 모든 키는 상호 독립적입니다. + 운영체제의 설정에 의존하는 이러한 자동-실행 및 자동-삽입 기능은 “휴대용 디스크 파일”이 작성이 불가능한 CD/DVD 같은 매체에 생성될 경우에만 작동된다는 것을 참고해 주십시오. 이는 윈도우의 제한사항이지, VeraCrypt의 버그가 아닙니다. + VeraCrypt 휴대용 디스크가 성공적으로 만들어졌습니다.\n\n휴대용 모드에서 VeraCrypt를 실행하려면 관리자(administrator) 권한이 필요합니다. 레지스트리 파일을 검사한 후에, 비록 휴대용 모드로 실행될지라도 VeraCrypt가 윈도우 시스템에서 실행된 것으로 간주될 수도 있다는 것을 참고하세요. + VeraCrypt 휴대용 디스크 + Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, 및 Niels Ferguson에 의해 디자인됨. 1998년 발표됨. 256-비트 키, 128-비트 블록. 작업 모드는 XTS입니다. Twofish는 AES 결선작 중의 하나였습니다. + %s에 대한 추가 정보 + 알 수 없음 + An unspecified or unknown error occurred (%d). + 일부 볼륨은 “프로그램 또는 시스템에 의해 사용되는” 파일 또는 폴더를 포함하고 있습니다.\n\n강제로 꺼내시겠습니까? + 꺼내기(&D) + 꺼내기 실패! + 볼륨이 “프로그램 또는 시스템에 의해 사용되는” 파일 또는 폴더를 포함하고 있습니다.\n\n강제로 꺼내시겠습니까? + No volume is mounted to the specified drive letter. + 삽입하고자 하는 볼륨은 이미 삽입되어 있습니다. + 볼륨을 삽입하는 동안 오류가 발생했습니다. + 볼륨 내에서 위치를 찾는데 오류가 발생했습니다. + 오류: 올바르지 않는 볼륨 크기 + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + 동적인 보관소는 미리 할당된 NTFS 바구니 파일(sparse file)이고, 이 바구니 파일의 물리적 크기(실제 디스크 사용 공간)는 새로운 데이터가 추가될 때마다 증가합니다.\n\n주의: 바구니 파일에 기반한 볼륨의 성능은 보통의 볼륨 성능보다 매우 좋지 않습니다. 바구니 파일에 의한 볼륨은 또한 비교적 안전하지 못합니다. 왜냐하면 사용되지 않는 볼륨 섹터를 구분할 수 있기 때문입니다. 게다가 바구니-파일-기반의 볼륨은 (숨긴 볼륨 관리차원에서의) 그럴싸한 거절방법을 제공할 수 없습니다. 또한 호스트 파일 시스템에 충분한 여유 공간이 없는 경우, 데이터가 바구니 파일 보관소에 쓰여진다면, 암호화된 파일 시스템이 손상될 수도 있습니다.\n\n바구니-파일에 기반한 볼륨을 만드시겠습니까? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + 외계 볼륨에 대해 비밀번호를 변경할 수 없습니다. + 비어 있는 드라이브 문자를 목록에서 선택해 주세요. + 드라이브 문자 목록에서 삽입된 볼륨을 선택해 주세요. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + 오류: autorun.inf를 만들 수 없습니다. + 키파일을 처리하는 동안 오류가 발생했습니다! + 키파일 경로를 처리하는 동안 오류가 발생했습니다! + 키파일 경로에 어떠한 파일도 포함되지 않았습니다.\n\n키파일 찾기 경로에서 발견된 폴더 (및 그 폴더 내의 파일들)를 무시한 것은 아닌지 확인해 주십시오. + VeraCrypt가 현재 운영체제를 지원하지 않습니다. + 오류: VeraCrypt는 정식 버전의 운영체제만을 지원합니다(* 베타/RC 버전은 지원되지 않습니다). + 오류: 메모리 할당을 할 수 없습니다. + 오류: 성능 계산값을 검색할 수 없습니다. + 오류: 잘못된 볼륨 포맷. + 오류: (표준 볼륨이 아닌) 숨긴 볼륨에 대한 비밀번호를 입력해야 합니다. + 보안상의 이유로, 그 자체가 암호화된 파일시스템을 포함하고 있는 VeraCrypt 볼륨 내에 “숨긴 볼륨”을 만들 수 없습니다. 왜냐하면 볼륨의 여유 공간이 무작위 데이터로 채워지지 않았기 때문입니다. + VeraCrypt - 법적 공지 + 모든 파일 + VeraCrypt 볼륨 + 라이브러리 모듈 + NTFS 포맷을 계속할 수 없습니다. + 볼륨을 삽입할 수 없습니다. + 볼륨을 꺼낼 수 없습니다. + 윈도우가 NTFS로 볼륨을 포맷하는데 실패했습니다.\n\n가능하다면 다른 파일 형식을 선택한 다음 다시 시도하세요. 다른 방식으로는 현재 볼륨을 포맷되지 않은 상태로 그대로 두고(파일시스템을 “없음”으로 선택), 마법사를 종료합니다. 그 다음 볼륨을 삽입하고 시스템 도구 또는 제3자의 도구를 이용해서 삽입된 볼륨을 포맷합니다(볼륨은 여전히 암호화된 상태입니다). + 윈도우가 볼륨을 NTFS로 포맷하는 데 실패했습니다.\n\n대신에 볼륨을 FAT로 포맷하시겠습니까? + 기본값 + 파티션 + 파티션 + 장치 + 장치 + 장치 + 볼륨 + 볼륨 + 볼륨 + 레이블 + 선택한 클러스터 크기는 이 볼륨 크기에 비해 너무 작습니다. 대신 더 큰 클러스터 크기가 사용될 것입니다. + 오류: 볼륨 크기를 가져올 수 없습니다!\n\n선택한 볼륨이 시스템이나 프로그램에 의해 사용 중인지 확인해 주세요. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + “VeraCrypt 볼륨 만들기 마법사”는 FAT 또는 NTFS 볼륨에만 숨긴 볼륨을 만들 수 있습니다. + Windows 2000에서, “VeraCrypt 볼륨 만들기 마법사”는 FAT 볼륨에만 숨긴 볼륨을 만들 수 있습니다. + 참고: 외부 볼륨에는 NTFS 파일 시스템보다 FAT 파일 시스템이 더욱 적당합니다. 예컨대 숨긴 볼륨의 가능한 최대 크기는 (외부 볼륨이 FAT으로 포맷된 경우보다) 훨씬 클 수도 있습니다. + 외부 볼륨으로는 (NTFS 파일 시스템보다) FAT 파일 시스템이 훨씬 적당합니다. 예컨대 숨긴 볼륨의 가능한 최대 크기는 (외부 볼륨이 FAT으로 포맷된 경우보다) 훨씬 클 수도 있습니다. 왜냐하면 NTFS 파일 시스템은 내부 데이터를 항상 볼륨의 중앙에 저장하고 그 결과 숨긴 볼륨은 외부 볼륨의 후반부에만 존재하기 때문입니다.\n\n외부 볼륨을 NTFS로 포맷하시겠습니까? + 그 대신에 볼륨을 FAT으로 포맷하시겠습니까? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + 오류: 숨긴 운영체제를 위한 파티션(→ 시스템 파티션 뒤의 첫번째 파티션)은 시스템 파티션보다 적어도 5%는 더 커야 합니다(→ 시스템 파티션은 현재 실행 중인 운영체제가 설치되어 있는 파티션입니다). + 오류: 숨긴 운영체제를 위한 파티션(→ 시스템 파티션 뒤의 첫번째 파티션)은 시스템 파티션보다 적어도 110% (2.1배)는 더 커야 합니다(→ 시스템 파티션은 현재 실행 중인 운영체제가 설치되어 있는 파티션입니다). 왜냐하면 NTFS 파일 시스템은 내부 데이터를 항상 볼륨의 중앙에 저장하고 그 결과 숨긴 볼륨(→ 시스템 파티션의 복사본을 포함하고 있음)은 외부 볼륨의 후반부에만 존재하기 때문입니다. + 오류: 외부 볼륨이 NFTF로 포맷된 경우라면 (시스템 파티션 보다) 적어도 110% (2.1배)는 더 커야 합니다. 왜냐하면 NTFS 파일 시스템은 내부 데이터를 항상 볼륨의 중앙에 저장하고 그 결과 숨긴 볼륨(→ 시스템 파티션의 복사본을 포함하고 있음)은 외부 볼륨의 후반부에만 존재하기 때문입니다.\n\n참고: 외부 볼륨은 숨긴 운영체제와 동일한 파티션 내에 위치해야 합니다(→ 시스템 파티션 뒤의 첫번째 파티션). + 오류: 시스템 파티션 뒤에 어떠한 파티션도 없습니다.\n\n숨긴 운영체제를 만들기 전에 반드시 시스템 드라이브에 “숨긴 OS를 포함할 파티션”을 만들어야 합니다. 숨긴 운영체제를 위한 파티션(→ 시스템 파티션 뒤의 첫번째 파티션)은 시스템 파티션보다 적어도 5%는 더 커야 합니다(→ 시스템 파티션은 현재 실행 중인 운영체제가 설치되어 있는 파티션입니다). 그러나 외부 볼륨(→ 시스템 파티션과 혼동하지 말 것)이 NTFS로 포맷된 경우, 숨긴 운영체제는 시스템 파티션 보다 최소 110% (2.1배)는 더 커야 합니다. 왜냐하면 NTFS 파일 시스템은 내부 데이터를 항상 볼륨의 중앙에 저장하고 그 결과 숨긴 볼륨(→ 시스템 파티션의 복사본을 포함하고 있음)은 외부 볼륨의 후반부에만 존재하기 때문입니다. + 의견: 1개의 파티션 내에 포함되어 있는 2개의 VeraCrypt 볼륨에 운영체제를 설치하는 것은 효과적이지 않습니다(→ 그래서 이는 지원되지 않습니다). 왜냐하면 가끔 외부 운영체제는 데이터를 숨긴 운영체제에 쓰도록 요구하기 때문입니다. (만약 이러한 쓰기 작업이 숨긴 볼륨의 보호 기능때문에 방해를 받게 되는 경우, 본질적으로 시스템 충돌, 즉 파란 화면 오류를 일으킵니다.) + 파티션의 생성과 관리에 대한 자세한 정보는 운영체제와 함께 제공된 문서를 참고하거나 컴퓨터 판매업체의 기술지원 팀에게 도움을 요청하시기 바랍니다. + 오류: 현재 실행 중인 운영체제는 부트 파티션(→ 첫번째 활성 파티션)에 설치되어 있지 않습니다. 이것은 지원되지 않습니다. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + 오류: 볼륨에 접근할 수 없습니다!\n\n선택한 볼륨이 존재하는지 여부, 삽입되었는지 여부, 시스템 또는 프로그램에 의해 사용 중인지 여부 및 볼륨에 대한 읽기/쓰기 권한이 있는지 아니면 쓰기금지가 되어 있는지 확인해 주세요. + Error: Cannot obtain volume properties. + 오류: 볼륨에 접근할 수 없거나 볼륨 정보를 얻을 수 없습니다.\n\n선택한 볼륨이 존재하는지 여부, 삽입되었는지 여부, 시스템 또는 프로그램에 의해 사용 중인지 여부 및 볼륨에 대한 읽기/쓰기 권한이 있는지 아니면 쓰기금지가 되어 있는지 확인해 주세요. + 오류: 볼륨에 접근할 수 없거나 볼륨 정보를 얻을 수 없습니다. 선택한 볼륨이 존재하는지 여부, 삽입되었는지 여부, 시스템 또는 프로그램에 의해 사용 중인지 여부 및 볼륨에 대한 읽기/쓰기 권한이 있는지 아니면 쓰기금지가 되어 있는지 확인해 주세요.\n\n문자가 계속되면 다음 단계를 따르면 도움이 될 것입니다. + 오류로 인해 VeraCrypt가 파티션을 암호화하는데 방해가 됩니다. 이전에 보고된 문제점들을 고친 후 다시 시도해 보십시오. 문제가 계속되면 다음 단계를 따르면 도움이 될 것입니다. + 오류로 인해 VeraCrypt가 파티션 암호화 과정을 재개하는데 문제가 있습니다.\n\n이전에 보고된 문제점들을 고친 후 과정을 재개하는 작업을 다시 시도해 보십시오. 볼륨이 완전히 암호화되기 전에는 이 볼륨을 삽입할 수 없습니다. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + 오류: 외부 볼륨을 꺼낼 수 없습니다!\n\n프로그램이나 시스템에 의해 사용 중인 파일이나 폴더가 볼륨에 있는 경우에는 볼륨을 꺼낼 수 없습니다.\n\n볼륨에 있는 파일 또는 폴더를 사용 중인 다른 프로그램을 종료한 다음 “다시 시도”를 클릭하세요. + 오류: 외부 볼륨에 대한 정보를 얻을 수 없습니다! 볼륨 만들기를 계속할 수 없습니다. + 오류: 외부 볼륨에 접근할 수 없습니다! 볼륨 만들기를 계속할 수 없습니다. + 오류: 외부 볼륨에 삽입할 수 없습니다! 볼륨 만들기를 계속할 수 없습니다. + 오류: 볼륨 클러스터 비트맵을 가져올 수 없습니다! 볼륨 만들기를 계속할 수 없습니다. + 알파벳/카테고리 + 평균 속도 (내림차순) + 알고리듬 + 암호화 + 암호해제 + 평균 + 드라이브 + 크기 + 암호 알고리듬 + 암호 알고리듬 + 형식 + + 속성 + 위치 + 바이트 + 숨김 + 외부 + 표준 + 시스템 + 숨김 (시스템) + 읽기-전용 + 시스템 드라이브 + 시스템 드라이브 (암호화 중 - %.2f%% 완료) + 시스템 드라이브 (암호해제 중 - %.2f%% 완료) + 시스템 드라이브 (%.2f%% 암호화) + 시스템 파티션 + 숨긴 시스템 파티션 + 시스템 파티션 (암호화 중 - %.2f%% 완료) + 시스템 파티션 (암호해제 중 - %.2f%% 완료) + 시스템 파티션 (%.2f%% 암호화) + 예 (손상이 방지됨!) + 없음 + 1차 키 크기 + 2차 키 크기 (XTS 모드) + 트윅 키 크기 (LRW 모드) + 비트 + 블록 크기 + PKCS-5 PRF + PKCS-5 반복 수 + 볼륨 생성 + 헤더 최종 수정 + (%I64d일 전) + 볼륨 포맷 버전 + 포함된 백업 백업 + VeraCrypt Boot Loader Version + 이용가능한 첫번째 + 이동식 디스크 + 하드디스크 + 변경 없음 + Autodetection + 마법사 모드 + 한 가지 모드를 선택하세요. 무엇을 선택해야 할 지 모르는 경우에는 “기본” 모드를 사용합니다. + VeraCrypt를 현재 시스템에 설치하려면 이 옵션을 선택합니다. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + 이 옵션을 선택하면, 패키지에서 모든 파일이 추출되고, 시스템에는 어떤 것도 설치되지 않습니다. 시스템 파티션 또는 시스템 드라이브를 암호화하고자 한다면 이 옵션을 선택하지 마십시오. 이 옵션을 선택하면 예컨대 VeraCrypt를 휴대용(portable) 모드로 실행하고자 할 때 유용합니다. VeraCrypt를 실행 중인 운영체제에 반드시 설치할 필요는 없습니다. 모든 파일이 추출된 후, 실행 파일인 “VeraCrypt.exe”를 바로 실행할 수 있습니다. 이 경우 VeraCrypt는 휴대용 모드로 실행됩니다. + 설치 옵션 + 여기에서 설치 과정을 제어할 수 있는 다양한 옵션을 설정할 수 있습니다. + 설치 중 + VeraCrypt가 설치되는 동안 잠시 기다려 주세요. + VeraCrypt가 성공적으로 설치 되었습니다 + VeraCrypt가 성공적으로 업그레이드 되었습니다 + 기부금을 고려하시기 바랍니다. 설치가 완료됬으니 프로그램을 언제든지 닫을수 있습니다. + 추출 옵션 + 여기에서 추출 과정을 제어할 수 있는 다양한 옵션을 설정할 수 있습니다. + 파일이 추출되는 동안 잠시 기다려 주세요. + 파일이 성공적으로 추출되었습니다. + 타겟 위치에 모든 파일이 성공적으로 추출되었습니다. + 지정한 폴더가 존재하지 않는 경우, 자동으로 폴더가 생성됩니다. + VeraCrypt가 설치된 위치에서 VeraCrypt 프로그램 파일들이 업그레이드됩니다. 다른 위치를 선택할 필요가 있는 경우, 먼저 VeraCrypt를 제거해 주십시오. + VeraCrypt 최신 버전의 배포 정보를 보시겠습니까? + 이전에 VeraCrypt를 사용해 본 적이 없는 경우, VeraCrypt 사용자 안내서에서 Beginner’s Tutorial을 읽어볼 것을 권장합니다. 지금 읽어 보시겠습니까? + 아래에서 실행한 동작을 선택해 주세요: + 수리/재설치 + 업그레이드 + 제거 + VeraCrypt를 성공적으로 설치하거나 제거하려면 관리자 권한을 가지고 있어야 합니다. 계속하시겠습니까? + VeraCrypt 설치기가 ① 현재 시스템에서 실행되고 있거나 ② 설치의 실행 및 준비 또는 ③ VeraCrypt를 업데이트하고 있습니다. 진행하기 전에, 그 작업이 끝날 때까지 기다리거나 닫아 주세요. 만약 닫기 작업이 되지 않는 경우에는 진행 전에 컴퓨터를 다시 시작해야 합니다. + 설치 실패. + 제거 실패. + 배포 패키지가 손상되었습니다. 다시 다운로드해 보시기 바랍니다(VeraCrypt 공식 웹사이트 - https://veracrypt.codeplex.com). + %s 파일을 쓸 수 없습니다. + 추출 중 + 패키지에서 데이터를 읽을 수 없습니다. + 현재 배포 패키지의 완전성(무결성)을 검증할 수 없습니다. + 추출 실패. + 설치가 롤백되었습니다. + VeraCrypt를 성공적으로 설치했습니다. + VeraCrypt를 성공적으로 업데이트했습니다. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt를 성공적으로 제거했습니다.\n\nVeraCrypt 설치기와 %s 폴더를 제거하려면 “마침”을 클릭하세요. VeraCrypt 설치기에 의해 설치되거나 VeraCrypt에 의해 생성된 것이 아닌 파일을 포함하고 있는 폴더는 제거되지 않는다는 것을 참고하세요. + VeraCrypt 레지스트리 항목을 제거하는 중 + 레지스트리 항목 추가 중 + 지정된 프로그램 데이터 제거 중 + 설치 중 + 중단하는 중 + 제거하는 중 + 아이콘 추가 + 시스템 복구 시점 만들기 + 시스템 복원 시점을 만들 수 없습니다! + 부트 로더를 업데이트하는 중 + “%s”을(를) 설치하는 데 실패했습니다. %s 설치를 계속하시겠습니까? + “%s”을(를) 제거하는 데 실패했습니다. %s 제거 작업을 계속하시겠습니까? + 설치를 마쳤습니다. + “%s” 폴더를 만들 수 없습니다. + VeraCrypt 장치 드라이버를 언로드할 수 없습니다.\n\n먼저 열려 있는 VeraCrypt 창을 모두 닫아 주세요. 창을 닫아도 도움이 되지 않으면, 윈도우를 다시 시작해 보세요. + 설치 또는 제거를 계속하려면 모든 VeraCrypt 볼륨을 먼저 꺼내야 합니다. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + 레지스트리 항목을 설치하는 데 실패했습니다. + 장치 드라이버를 설치하는 데 실패했습니다. 윈도우를 다시 시작한 다음 VeraCrypt 설치를 다시 시도해 보세요. + VeraCrypt 장치 드라이버 시작 중 + 장치 드라이버를 제거하는 데 실패했습니다. (윈도우의 문제로 인해) 장치 드라이버를 제거하거나 재설치하기 전에 시스템을 로그오프하거나 다시 시작해야 합니다. + VeraCrypt 장치 드라이버 설치 중 + VeraCrypt 장치 드라이버 중지 중 + VeraCrypt 장치 드라이버 제거 중 + 사용자 계정 컨트롤(UAC) 지원 라이브러리를 등록하는 데 실패했습니다. + 사용자 계정 컨트롤(UAC) 지원 라이브러리를 해제하는 데 실패했습니다. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + VeraCrypt를 휴대용 모드로 실행하기로 결정한 경우(* 이는 VeraCrypt 복사본을 설치해서 실행하는 것과 반대개념임), 이를 실행할 때마다 시스템에서 VeraCrypt 실행 권한(* UAC 묻기)을 요구하게 됩니다.\n\n왜냐하면 VeraCrypt를 휴대용 모드로 실행할 때 VeraCrypt 장치 드라이버를 로드해서 시작해야 하기 때문입니다. VeraCrypt는 실시간 암호화/암호해제를 제공하는 장치 드라이버를 필요로 합니다. 관리자 권한이 없는 사용자는 윈도우에서 장치 드라이버를 시작할 수 없습니다. 그래서 시스템에서 VeraCrypt 실행 권한(UAC 묻기)을 요구하게 되는 것입니다.\n\nVeraCrypt를 시스템에 설치한 경우(* 이는 휴대용 모드로 VeraCrypt를 실행하는 것과 반대개념임), 사용자가 VeraCrypt를 실행할 때마다 실행 권한을 묻지 않습니다.\n\n정말로 파일을 추출하시겠습니까? + 주의: 이 볼륨 만들기 마법사가 관리자 권한을 가지고 있습니다.\n\n사용자의 새로운 볼륨은, 볼륨이 삽입되었을 때 이 볼륨에 쓰기가 금지된 권한으로 생성될 수 있습니다. 이러한 점을 피하려면, 현재의 볼륨 만들기 마법사를 닫은 후 관리자 권한이 없는 새로운 마법사를 실행시키십시오.\n\n이 볼륨 만들기 마법사를 닫으시겠습니까? + 오류: 라이선스를 표시할 수 없습니다. + 외부(!) + + 시간 + + + 열기 + 꺼내기 + VeraCrypt 보기 + VeraCrypt 숨김 + 삽입 후 읽은 데이터 + 삽입 후 쓰여진 데이터 + 암호화된 부분 + 100% (완전 암호화됨) + 0% (암호화 안됨) + %.3f%% + 100% + 기다려 주세요 + 준비 중 + 크기 조절 중 + 암호화 중 + 암호해제 중 + 완료 중 + 정지됨 + 완료됨 + 오류 + 장치 연결끊김 + 시스템 즐겨찾기 볼륨이 저장되었습니다.\n\n시스템이 시작될 때 “시스템 즐겨찾기 볼륨”이 삽입되게 하려면, “설정” > “시스템 즐겨찾기 볼륨” > “윈도우 시작시 시스템 볼륨 삽입”을 선택해 주십시오. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + 비밀번호 입력▷ %s + '%s'의 비밀번호 입력 + 표준/외부 볼륨을 위한 비밀번호 입력 + 숨긴 볼륨을 위한 비밀번호 입력 + 백업 파일에 저장된 헤더를 위한 비밀번호 입력 + 키파일이 성공적으로 만들어졌습니다. + 제공된 키파일의 개수가 잘못되었습니다. + 키파일의 크기는 64 <-> 1048576 바이트만 입력이 됩니다. + 생성되는 키파일(들)의 이름을 입력 해주세요. + 키파일(들)의 기본 이름이 잘못되었습니다 + 키파일 '%s'가 이미 존재합니다.\n덮어 쓰시겠습니까? 'No'일경우 생성 과정은 중지됩니다 + 주의: 이 볼륨의 헤더가 손상되었습니다! VeraCrypt는 볼륨에 포함된 볼륨 헤더의 백업을 자동으로 사용했습니다.\n\n“도구” ▶ “볼륨 헤더 복구”를 선택해서 볼륨 헤더를 수리해야 합니다. + 볼륨 헤더 백업을 성공적으로 만들었습니다.\n\n중요: 이 백업을 이용해서 볼륨 헤더를 복구하게 되면 볼륨의 현재 비밀번호도 같이 복구합니다. 또한 볼륨을 삽입하는데 키파일이 필요한 경우, 볼륨 헤더가 복구되었을 때 볼륨을 다시 삽입하려면 동일한 키파일이 필요합니다.\n\n주의: 이 볼륨 헤더 백업은 현재의 특정 볼륨의 헤더만 복구하는 데 사용됩니다. 만약 이 헤더 백업으로 다른 볼륨의 헤더를 복구할 경우에 그 볼륨을 삽입할 수는 있지만, (그 볼륨의 마스터 키가 변경되기 때문에) 볼륨에 저장된 데이터의 암호해제는 할 수 없습니다. + 볼륨 헤더가 성공적으로 복구되었습니다.\n\n중요: 이전 비밀번호도 같이 복구되었다는 것을 참고하세요. 또한 백업이 만들어졌을 당시 볼륨을 삽입하는데 키파일이 필요했다면, 볼륨을 다시 삽입하고자 할 때도 동일한 키파일이 필요합니다. + 보안상의 이유로 볼륨에 대한 올바른 비밀번호(또는 올바른 키파일)을 입력 또는 제공해야 합니다.\n\n참고: 볼륨에 숨긴 볼륨이 있는 경우, 먼저 “외부 볼륨”에 대한 올바른 비밀번호(또는 올바른 키파일)을 입력 또는 제공해야 합니다. 나중에 숨긴 볼륨 헤더의 백업을 선택한 경우, “숨긴 볼륨”에 대한 올바른 비밀번호(또는 올바른 키파일)을 입력 또는 제공해야 합니다. + %s에 대한 볼륨 헤더 백업을 만드시겠습니까?\n\n“예”를 클릭하면, 헤더 백업의 파일 이름을 묻게 됩니다.\n\n참고: 새로운 소금(→ 무작위 문자열)을 이용해서 ① 표준 볼륨 헤더 및 ② 숨긴 볼륨 헤더는 재암호화되고 백업 파일에 저장됩니다. 현재 볼륨 안에 “숨긴 볼륨”이 없을지라도, 백업 파일에 있는 숨긴 볼륨 헤더를 위해 남겨진 공간은 무작위 데이터로 채워지게 됩니다(→ 숨긴 볼륨의 효과적인 방법방법). 백업 파일에서 볼륨 헤더를 복구할 때, 볼륨 헤더 백업이 생성된 당시에 타당했던 ① 올바른 비밀번호 입력 또는 ② 올바른 키파일을 제공해야 합니다. 또한 비밀번호(또는 키파일)은 복구할 볼륨 헤더의 형식(→ 표준 또는 숨김)을 자동을 결정합니다. VeraCrypt는 시행착오를 거쳐 그 형식을 결정하게 됩니다. + %s의 볼륨 헤더를 복구하시겠습니까?\n\n주의: 볼륨 헤더의 복구는 “백업이 만들어졌을 당시의 볼륨 비밀번호”도 동시에 복구합니다. 또한 백업이 만들어졌을 당시 볼륨을 삽입하는데 키파일이 필요했다면, 볼륨 헤더가 복구된 후 다시 볼륨을 삽입하고자 할 때도 동일한 키파일이 필요합니다.\n\n“예”를 클릭하면, 헤더 백업 파일을 선택할 수 있습니다. + 볼륨에 “숨긴 볼륨”이 포함되어 있습니까? + 볼륨에 “숨긴 볼륨”이 포함되어 있습니다. + 볼륨에 “숨긴 볼륨”이 포함되어 있지 않습니다. + 사용하고자 하는 “볼륨 헤더 백업 형식”을 선택해 주세요: + 볼륨에 포함된 백업에서 “볼륨 헤더” 복구 + 외부의 백업 파일에서 “볼륨 헤더” 복구 + 볼륨 헤더 백업 파일의 크기가 올바르지 않습니다. + 이 볼륨에 포함된 백업 헤더가 없습니다. VeraCrypt 6.0 또는 그 이상의 버전에서 생성된 볼륨만 “포함된 백업 헤더”를 가질 수 있습니다. + 사용자가 시스템 파티션/드라이브의 헤더를 백업하려고 합니다. 이것은 허용되지 않습니다. 시스템 파티션/드라이브에 관계된 백업/복구 작업은 VeraCrypt 응급복구 디스크를 사용해서만 실행될 수 있습니다.\n\nVeraCrypt 응급복구 디스크를 만드시겠습니까? + 사용자가 가상의 VeraCrypt 볼륨 헤더를 복구하려고 시도하면서 시스템 파티션/드라이브를 선택했습니다. 이것은 허용되지 않습니다. 시스템 파티션/드라이브에 관계된 백업/복구 작업은 VeraCrypt 응급복구 디스크를 사용해서만 실행될 수 있습니다.\n\nVeraCrypt 응급복구 디스크를 만드시겠습니까? + 확인을 클릭한 다음, 새로운 VeraCrypt 응급복구 디스크 ISO 이미지를 위한 파일 이름 및 그 파일을 둘 위치를 선택하게 됩니다. + 응급복구 디스크 이미지가 생성되어 다음 파일에 저장되었습니다: %s\n\n이제 응급복구 디스크를 CD 또는 DVD에 구울 필요가 있습니다.\n\n중요: 파일은 (개별 파일이 아닌) ISO 디스크 이미지로 CD/DVD에 구워져야 합니다. 작업 방법에 대한 자세한 정보는 CD/DVD 리코딩 소프트웨어의 문서를 참고하세요.\n\n응급복구 디스크를 구운 후에 “시스템 ▶ 응급복구 디스크 검증”을 선택해서 응급복구 디스크가 올바르게 구워졌는지를 확인합니다. + 응급복구 디스크 이미지가 생성되어 다음 파일에 저장되었습니다: %s\n\n이제 응급복구 디스크를 CD 또는 DVD에 구울 필요가 있습니다.\n\n지금 Microsoft Windows Disc Image Burner를 실행하시겠습니까?\n\n참고: 응급복구 디스크를 구운 후에 “시스템 ▶ 응급복구 디스크 검증”을 선택해서 응급복구 디스크가 올바르게 구워졌는지를 확인합니다. + 검증하려면 VeraCrypt 응급복구 디스크를 CD/DVD 드라이브에 삽입한 다음 “확인”을 클릭하세요. + VeraCrypt 응급복구 디스크를 성공적으로 검증했습니다. + 응급복구 디스크가 올바르게 구워졌는지를 검증할 수 없습니다.\n\n응급복구 디스크를 구웠다면, CD/DVD를 꺼내서 다시 삽입한 다음 다시 시도해 주세요. 이것이 도움이 되지 않는 경우, 다른 CD/DVD 리코딩 소프트웨어 및 매체로 시도해 주세요.\n\n다른 마스터 키, 비밀번호, 소금 등을 위해 생성된 응급복구 디스크를 검증하려고 하는 경우, 그러한 응급복구 디스크는 항상 검증작업에 실패하게 됩니다. 현재 설정과 완전히 호환되는 새로운 응급복구 디스크를 만들려면, “시스템” ▶ “응급복구 디스크 만들기”를 선택하세요. + VeraCrypt 응급복구 디스크 ISO가 성공적으로 확인되었습니다. + VeraCrypt 응급복구 디스크 ISO의 확인이 실패했습니다.\n\n만약 VeraCrypt의 응급복구 디스크를 다른 마스터 키, 비밀번호, 또한 소금(Salt) 등을 사용할 경우, 확인이 실패할경우를 주의하시기 바랍니다. + VeraCrypt 응급복구 디스크 만들기 오류. + 숨긴 운영체제가 실행 중일 때 VeraCrypt 응급복구 디스크를 만들 수 없습니다.\n\nVeraCrypt 응급복구 디스크를 만들려면 미끼용 운영체제를 부팅한 다음 “시스템” ▶ “응급복구 디스크 만들기”를 선택하세요. + 응급복구 디스크가 올바르게 구워졌는지를 검증할 수 없습니다.\n\n응급복구 디스크를 구웠다면, CD/DVD를 꺼내서 다시 삽입한 다음, “다음”을 클릭해서 다시 시도해 주세요. 이것이 도움이 되지 않는 경우, 다른 매체%s로 시도해 주십시오.\n\n아직 응급복구 디스크를 굽지 않았다면, 다음을 클릭하세요.\n\n이 마법사를 시작하기 전에 VeraCrypt 응급복구 디스크를 검증하려고 할 경우, 이러한 응급복구 디스크는 (다른 마스터 키를 위해 생성되었기 때문에) 사용될 수 없습니다. 새롭게 생성된 응급복구 디스크를 구울 필요가 있습니다. + 또는 다른 CD/DVD 리코딩 소프트웨어 + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + 시스템 파티션/드라이브가 암호화되지 않은 것으로 보입니다.\n\n시스템 즐겨찾기 볼륨은 부팅-전 인증 비밀번호의 사용을 통해서만 삽입(mount)될 수 있습니다. 그러므로 시스템 즐겨찾기 볼륨을 사용하려면, 먼저 시스템 파티션/드라이브를 암호화해야 합니다. + 계속하기 전에 볼륨을 꺼내야 합니다. + 오류: 타이머를 설정할 수 없습니다. + 파일시스템 체크 + 파일시스템 수리 + 즐겨찾기에 포함하기... + 시스템 즐겨찾기에 포함하기... + Properties... + 숨긴 볼륨 보호 + N/A + + 아니오 + 비활성화 + 1 + 2 또는 그 이상 + 작업 모드 + 레이블: + 크기: + 경로: + 드라이브 문자: + 오류: 비밀번호는 ASCII 문자만을 포함해야 합니다.\n\n비밀번호에 ASCII 아닌 문자가 있는 경우, 시스템 설정의 변경이 있으면 볼륨을 삽입할 수 없게 될 수도 있습니다.\n\n다음 문자는 허용됩니다:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + 주의: 비밀번호에 ASCII 아닌 문자가 포함되어 있습니다. 이 경우 시스템 설정의 변경이 있으면 볼륨을 삽입할 수 없게 될 수도 있습니다.\n\nASCII 아닌 문자를 ASCII 문자로 모두 교체해야 합니다. 이렇게 하려면, “볼륨” ▶ “볼륨 비밀번호 변경”을 클릭하세요.\n\n다음은 ASCII 문자입니다:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + 주의: 실행 파일로 사용되는 확장자(예: .exe, .sys, .dll) 및 문제를 일으키는 유사한 파일 확장자는 사용하지 않길 권장합니다. 이런 파일 확장자를 사용하게 되면 윈도우와 안티바이러스 소프트웨어가 보관소에 간섭을 하게 될 수도 있고 결국 볼륨의 성능에 악영향을 초래하고 다른 중대한 문제를 일으킬 수도 있습니다.\n\n파일 확장자를 제거하거나 (예컨대 “.hc”) 등으로 변경할 것을 적극권장합니다.\n\n문제가 될 만한 파일 확장자를 정말로 사용하시겠습니까? + 주의: 이 보관소는 실행 파일로 사용되는 확장자(예: .exe, .sys, .dll) 또는 유사한 문제를 일으킬 수 있는 파일 확장자를 가지고 있습니다. 이런 파일 확장자를 사용하게 되면 윈도우와 안티바이러스 소프트웨어가 보관소에 간섭을 하게 될 수도 있고 결국 볼륨의 성능에 악영향을 초래하고 다른 중대한 문제를 일으킬 수도 있습니다.\n\n(볼륨을 꺼낸 후에) 보관소의 확장자를 변경(예: “.hc”)하거나 제거할 것을 권장합니다. + 홈페이지 + 주의: 윈도우 설치에 서비스팩을 적용하지 않은 것으로 보입니다. 서비스팩 1 또는 그 이상을 적용하지 않은 Windows XP를 사용하는 경우, 128 GB보다 큰 IDE 디스크에 데이터를 쓰면 안됩니다! 만약 그 디스크(VeraCrypt 볼륨인지 여부에 상관없음)에 데이터를 쓰게 되면, 데이터가 손상될 수도 있습니다. 이는 윈도우의 버그이지, VeraCrypt의 버그가 아닙니다. + 주의: 윈도우 설치에 서비스팩 3 또는 그 이상을 적용하지 않은 것으로 보입니다. 서비스팩 3 또는 그 이상을 적용하지 않은 Windows 2000을 사용하는 경우, 128 GB보다 큰 IDE 디스크에 데이터를 쓰면 안됩니다! 만약 그 디스크(VeraCrypt 볼륨인지 여부에 상관없음)에 데이터를 쓰게 되면, 데이터가 손상될 수도 있습니다. 이는 윈도우의 제한이지, VeraCrypt의 버그가 아닙니다.\n\n참고: 레지스트리에서 48-비트 LBA 지원을 사용가능하게 해야 할지도 모릅니다. 추가정보 → http://support.microsoft.com/kb/305098/EN-US + 주의: 현재 시스템에서 48-bit LBA ATAPI 지원이 되지 않습니다. 그러므로 128GB보다 큰 IDE 디스크에 데이터를 작성하면 안됩니다! 만약 그 디스크(VeraCrypt 볼륨인지 여부에 상관없음)에 데이터를 쓰게 되면, 데이터가 손상될 수도 있습니다. 이는 윈도우의 제한이지, VeraCrypt의 제한이 아닙니다.\n\n48비트 LBA 지원을 사용하려면, 레지스트리 키 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters에 레지스트리 값을 추가하고 설정을 1로 합니다.\n\n추가 정보를 보려면 http://support.microsoft.com/kb/305098을 참고하세요. + 오류: 4 GB보다 큰 파일은 FAT32 파일 시스템에 저장될 수 없습니다. 그러므로 FAT32 파일 시스템에 저장된 “파일-기반 VeraCrypt 볼륨 (보관소)”는 4 GB 이상이 될 수 없습니다.\n\n만약 더 큰 볼륨이 필요하다면, NTFS 파일 시스템에 볼륨을 만들거나(→ Windows Vista SP1 또는 그 이상 경우는 exFAT 파일 시스템에 생성), 파일-기반 볼륨을 만드는 대신에 전체 파티션 또는 장치를 암호화합니다. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + 주의: 외부 볼륨에 더 많은 데이터/파일을 나중에 추가할 수 있게 하려면, 숨긴 볼륨의 크기를 작게 해야 합니다.\n\n지정한 크기로 계속하시겠습니까? + 선택한 볼륨이 없습니다.\n\nVeraCrypt 볼륨을 선택하려면 “파일 선택” 또는 “장치 선택”을 클릭하세요. + 선택된 파티션이 없습니다.\n\n일반적으로 부팅-전 인증을 요하는 꺼내진 파티션(→ 예컨대 ① 실행 중이 아닌 다른 운영체제의 암호화된 시스템 드라이브에 위치한 파티션, ② 다른 운영체제의 암호화된 시스템 파티션)을 선택하려면 “장치 선택”을 클릭합니다.\n\n참고: 선택한 파티션은 부팅-전 인증 없이 보통의 VeraCrypt 볼륨으로 삽입됩니다. 이는 예컨대 운영체제의 백업이나 수리에 유용합니다. + 주의: 기본값인 키파일이 사용되도록 설정되면, 이 키파일(들)을 사용하지 않는 볼륨은 삽입이 되지 않습니다. 그러므로 기본 키파일이 사용되도록 설정한 후에는, 그 볼륨을 삽입할 때마다 (비밀번호 입력 필드 아래의) “키파일 사용”을 체크해제해야 합니다.\n\n선택한 키파일/경로를 기본값으로 저장하시겠습니까? + 장치 자동삽입 + 모두 꺼내기 + 캐시 지우기 + 모두 꺼내기 및 캐시 지우기 + 강제로 모두 꺼내기 및 캐시 지우기 + 강제로 모두 꺼내기, 캐시 지우기 및 종료 + 즐겨찾는 볼륨 삽입 + VeraCrypt 창 보기/숨김 + (여기를 클릭하고 키를 누르세요) + 동작 + 바로가기 + 오류: 이 바로가기는 할당되어 있습니다. 다른 바로가기를 선택하세요. + 오류: 바로가기가 이미 사용 중입니다. + 주의: 한 개 또는 수 개의 VeraCrypt - 시스템 일반 단축키가 작동하지 않습니다!\n\n다른 프로그램이나 운영체제가 동일한 바로가기를 사용하고 있는지 확인해 주세요. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + 오류 또는 비호환성으로 인해 VeraCrypt가 최대 절전 모드 파일을 암호화하지 못했습니다. 그 결과 최대 절전 모드로의 진입을 못했습니다.\n\n참고: 컴퓨터가 최대 절전 모드(또는 절전 모드)로 들어갈 때, 그 시스템 메모리의 내용은 (시스템 드라이브 상에 위치하는) 최대 절전 모드 저장 파일에 쓰여지게 됩니다. VeraCrypt는 “RAM에 열려 있는 암호화된 키 및 민감한 파일의 내용”이 암호화되지 않은 채 최대 절전 모드 저장 파일에 저장되는 것을 막을 수 없습니다. + 최대 절전 모드 진입을 방지했습니다.\n\nVeraCrypt는 (별도의 부트 파티션을 사용하는) 숨겨진 운영체제에서의 최대 절전 모드를 지원하지 않습니다. 부트 파티션이 미끼용 및 숨겨진 시스템에 의해 공유되는 것은 아닌지 확인해 주십시오. 그래서 최대 절전 모드 상태에서 깨어날 때 데이터 누수 및 문제점을 방지하기 위해, VeraCrypt는 숨겨진 시스템이 공유된 부트 파티션에 쓰는 것을 방지하고 또한 이 시스템이 최대 절전 모드로 진입하는 것을 막게되는 것입니다. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + 주의: 이 옵션을 사용하지 않으면, 열려 있는 파일/디렉토리를 포함하고 있는 볼륨을 자동으로 꺼낼 수 없습니다.\n\n이 옵션을 사용하지 않으시겠습니까? + 주의: 열려 있는 파일/디렉토리를 포함하고 있는 볼륨을 자동으로 꺼낼 수 없습니다.\n\n이를 방지하려면, 이 대화창에서 다음 옵션을 사용가능하게 합니다: “볼륨에 열린 파일 또는 디렉토리가 있어도 강제로 꺼내기” + 주의: 노트북 배터리 전력이 부족하게 되면, 컴퓨터가 절전 모드로 들어갈 때 윈도우의 적절한 메시지 보내기를 생략할 수도 있습니다. 이런 경우 VeraCrypt의 볼륨 자동-꺼내기 작업이 실패할 수도 있습니다. + 파티션/볼륨의 만들기 과정을 예약했습니다. 아직 작업을 완전히 마치지 못했습니다.\n\n지금 그 작업을 다시 시작하시겠습니까? + 시스템 파티션/드라이브의 암호화 또는 암호해제 작업을 예약했습니다. 아직 작업을 완전히 마치지 못했습니다.\n\n지금 그 작업을 시작 (다시 시작) 하시겠습니까? + 현재 예약된 “비-시스템 파티션/볼륨의 암호화 과정”을 다시 시작할 것인지를 묻는 창을 표시하시겠습니까? + 예, 사용자에게 묻습니다. + 아니오, 사용자에게 묻지 않습니다. + 중요: 비-시스템 파티션/볼륨의 암호화 과정은 VeraCrypt 메인 창의 메뉴 표시줄에 있는 “볼륨” ▶ “중단된 진행을 다시 시작”을 선택해서 다시 시작할 수 있습니다. + 시스템 파티션/드라이브의 암호화 또는 암호해제 작업을 예약했습니다. 그러나 부팅-전 인증에 실패했습니다(또는 건너뛰었습니다).\n\n참고: 부팅-전 환경에서 시스템 파티션/드라이브를 암호해제한 경우라면, VeraCrypt 창의 메뉴표시줄에서 “시스템” ▶ “시스템 파티션/드라이브 영구적 암호해제”를 선택해서 작업을 마무리할 필요가 있습니다. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + 종료? + VeraCrypt가 암호화를 할 지 아니면 암호해제를 할 것인가를 결정하는데 충분한 정보를 가지고 있지 않습니다. + VeraCrypt가 암호화를 할 지 아니면 암호해제를 할 것인가를 결정하는데 충분한 정보를 가지고 있지 않습니다.\n\n참고: 부팅-전 환경에서 시스템 파티션/드라이브를 암호해제한 경우라면, 암호해제를 클릭해서 작업을 마무리할 필요가 있습니다. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + 파티션/볼륨의 암호화 진행을 중단하고 나중으로 연기하시겠습니까?\n\n참고: 볼륨이 완전히 암호화되기 전에는 이 볼륨을 삽입할 수 없습니다. 나중에 암호화 과정을 다시 시작할 수 있고, 이 경우 중단된 시점부터 계속 진행됩니다. 이 작업은 예컨대 VeraCrypt 메인 창의 메뉴 표시줄에 있는 “볼륨” ▶ “중단된 진행을 다시 시작”을 선택해서 실행할 수 있습니다. + 시스템 파티션/드라이브의 암호화 진행을 중단하고 나중으로 연기하시겠습니까?\n\n참고: 나중에 이 과정을 다시 시작할 수 있고 중단된 시점부터 계속 진행됩니다. 이 작업은 예컨대 VeraCrypt 메인 창의 메뉴 표시줄에 있는 “시스템” ▶ “중단된 진행을 다시 시작”을 선택해서 실행할 수 있습니다. 암호화 진행을 완전히 종료하거나 되돌리려면, “시스템” ▶ “시스템 파티션/드라이브의 영구적 암호해제”를 선택하세요. + 시스템 파티션/드라이브의 암호해제 진행을 중단하고 나중으로 연기하시겠습니까?\n\n참고: 나중에 이 과정을 다시 시작할 수 있고 중단된 시점부터 계속 진행됩니다. 이 작업은 예컨대 VeraCrypt 메인 창의 메뉴 표시줄에 있는 “시스템” ▶ “중단된 진행을 다시 시작”을 선택해서 실행할 수 있습니다. 암호해제 진행을 되돌리고, 암호화를 시작하려면, “시스템” ▶ “시스템 파티션/드라이브 암호화”를 선택하세요. + 오류: 시스템 파티션/드라이브의 암호화 또는 암호해제 진행을 중단하는데 실패했습니다. + 오류: 지우기 진행을 중단하는데 실패했습니다. + 오류: 시스템 파티션/드라이브의 암호화 또는 암호해제 진행을 다시 시작하는데 실패했습니다. + 오류: 지우기 진행을 시작하는데 실패했습니다. + 불일치가 해결되었습니다.\n\n\n이와 관련된 버그를 보고하려면, 버그 보고서에 다음과 같은 기술 정보를 포함해 주세요: %hs + 오류: 예기치 않은 상태.\n\n\n(이와 관련된 버그를 보고하려면, 버그 보고서에 다음과 같은 기술 정보를 포함해 주세요: %hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + 주의: VeraCrypt 백그라운드 작업의 사용이 해제되었습니다. 프로그램을 종료하면, 숨긴 볼륨의 손상이 방지된 경우에도 그 알림을 통보받지 못합니다.\n\n참고: 언제라도 VeraCrypt 트레이 아이콘을 오른쪽 클릭하고 “종료”를 선택해서 백그라운드 작업을 종료할 수 있습니다.\n\nVeraCrypt 백그라운드 작업을 지금 사용가능하게 할까요? + 언어팩 버전: %s + %s로 삽입된 VeraCrypt 볼륨에 대한 파일 시스템을 체크하는 중... + %s로 삽입된 VeraCrypt 볼륨에 대한 파일 시스템의 수리를 시도하는 중... + 주의: 이 볼륨은 64-비트-블록 레거시 알고리듬으로 암호화되어 있습니다.\n\n모든 64-비트-블록 알고리듬(Blowfish, CAST-128, 및 Triple DES)은 비난받고 있습니다. 앞으로 나올 VeraCrypt 버전으로 이 볼륨을 삽입할 수 있을 것입니다. 그러나 이러한 레거시 암호화 알고리듬의 구현에 전혀 향상이 없는 상태입니다. 128-비트-블록 알고리듬(예: AES, Serpent, Twofish)으로 새로운 VeraCrypt 볼륨을 만들고, 모든 파일을 이 볼륨에서 새로운 볼륨으로 옮길 것을 권장합니다. + 새 볼륨을 자동으로 삽입하도록 시스템 설정이 되어 있지 않습니다. 장치-기반의 VeraCrypt 볼륨을 삽입할 수 없습니다. “자동삽입”은 다음 명령을 실행하고 시스템을 다시 시작하면 사용할 수 있습니다.\n\nmountvol.exe /E + 계속하기 전에 드라이브 문자를 파티션/장치에 할당해 주세요 (제어판 → 시스템 관리 → 관리자 도구 - 하드 디스크 파티션 생성 및 포맷)\n\n이것은 운영체제의 요구사항입니다. + VeraCrypt 볼륨 삽입 + 모든 VeraCrypt 볼륨 꺼내기 + VeraCrypt가 관리자 권한을 얻는데 실패했습니다. + 운영체제에 의해 접근이 거부되었습니다.\n\n가능한 원인: 시스템을 읽고 데이터를 쓰기 위해서는 폴더, 파일, 장치에 대한 읽기/쓰기 권한 (또는 관리자 권한)을 가지고 있어야 합니다. 보통 관리자 권한이 없는 사용자는 그의 문서 폴더에서만 파일을 만들고, 읽고 수정하는 것이 허용되어 있습니다. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + VeraCrypt 부트 로더는 (시스템 드라이브의 시작 부분에) 최소 32 KBytes의 여유 공간을 필요로 합니다. 왜냐하면 VeraCrypt 부트 로더가 그 시작 부분에 저장되어야 하기 때문입니다. 불행하게도 사용자의 드라이브가 이 조건을 충족시키지 못합니다.\n\nVeraCrypt에서의 이 버그/문제점을 보고하지 않길 바랍니다. 이 문제점을 해결하려면, 사용자의 디스크 파티션을 재조정해서 32 Kbytes의 여유 공간을 남겨두어야 합니다. 대부분의 경우에 첫번째 파티션을 삭제하고 다시 만들어야 할 것입니다. 예를 들면 윈도우를 설치할 때 이용되는 Microsoft 파티션 관리자를 사용하실 것을 권장합니다. + 이 기능은 현재 사용 중인 운영체제 버전에서는 지원되지 않습니다. + 현재 사용 중인 운영체제 버전 상의 시스템 파티션/드라이브의 암호화를 VeraCrypt가 지원하지 않습니다. + Windows Vista에 시스템 파티션/드라이브를 암호화하려면, 먼저 비스타용 서비스팩 1 또는 그 이상을 설치해야 합니다(* 현재 시스템에 서비스팩이 설치되지 않았습니다).\n\n참고: Windows Vista의 서비스팩 1은 시스템 부팅 도중에 기본 여유 메모리의 부족상태를 만드는 문제점을 해결했습니다. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + 오류: 이 기능은 (현재 VeraCrypt가 포터블 모드로 실행 되고 있는) 시스템에 VeraCrypt가 설치되어 있을 것을 요구합니다.\n\nVeraCrypt를 다시 설치한 후 다시 시도해 주십시오. + 주의: 부팅이 되는 드라이브에 윈도우가 설치되지 않은 것으로 보입니다. 이 작업은 지원되지 않습니다.\n\n부팅이 되는 드라이브에 윈도우가 설치된 경우에만 계속 진행해야 합니다.\n\n계속하시겠습니까? + 시스템 드라이브에 GUID 파티션 테이블(GPT)이 있습니다. 현재 MBR 파티션 테이블을 가진 드라이브만 지원합니다. + 주의: VeraCrypt 부트 로더가 이미 시스템 드라이브에 설치되어 있습니다!\n\n컴퓨터 상의 다른 시스템이 이미 암호화되어 있을 수도 있습니다.\n\n주의: 현재 실행 중인 시스템의 암호화로 진행하면 다른 시스템이 시작이 안되고 관련 데이터에 접근할 수 없게될 지도 모릅니다.\n\n그래도 계속하시겠습니까? + 원래의 시스템 로더를 복구하는 데 실패했습니다.\n\nVeraCrypt 응급복구 디스크를 사용하거나(→ “Repair Options” 메뉴에서 “Restore original system loader”를 선택), VeraCrypt 부트 로더를 윈도우 시스템 로더로 교체하려면 윈도우 설치 매체를 사용해 주십시오. + 원래의 시스템 로더가 응급복구 디스크에 저장되지 않을 것입니다 (원인: 백업 파일 분실). + MBR 섹터에 쓰는 데 실패했습니다.\n\n사용자의 BIOS가 MBR 섹터를 보호하도록 설정된 것으로 보입니다. MBR/안티바이러스 보호 상태를 확인하려면 (컴퓨터에 전원이 들어온 후 F2, Delete 또는 Esc를 눌러) BIOS 설정을 체크합니다. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + 필요한 VeraCrypt Boot Loader 버전이 현재 설치되어 있지 않습니다. 이로 인해 일부 설정이 저장되지 않을 수도 있습니다. + 참고: 사용자가 컴퓨터를 시작하는 것을 특정인(* 적대자)이 지켜보는 가운데 VeraCrypt를 사용한다는 사실을 숨기고 싶을 때가 있을 것입니다. VeraCrypt 부트 로더 화면을 정의하는 위 옵션을 이용해서 이러한 작업을 할 수 있습니다. 첫번째 옵션을 사용하게 되면, 부트 로더에 어떠한 텍스트도 표시되지 않습니다(* 심지어 잘못된 비밀번호를 입력했을 때도 마찬가지입니다). 사용자가 비밀번호를 입력할 수 있는 동안 컴퓨터는 작동이 멈춘 것처럼 보입니다. 게다가 적대자를 속이는 사용자 메시지를 표시할 수도 있습니다. 예컨대 “Missing operating system” 같은 가짜 오류 메시지입니다(* 이는 윈도우 부트 파티션을 찾을 수 없을 때 윈도우 부트 로더에 의해 표시되는 문구입니다). 그러나 적대자가 하드 드라이브의 내용을 분석할 수 있는 경우에는 드라이브에 VeraCrypt 부트 로더가 포함되어 있음을 발견할 수 있을 것입니다. + 주의: 이 옵션을 사용하게 되면, VeraCrypt 부트 로더에 어떠한 텍스트도 표시되지 않습니다(* 심지어 잘못된 비밀번호를 입력했을 때도 마찬가지입니다). 사용자가 비밀번호를 입력할 수 있는 동안 컴퓨터는 작동이 멈춘 것처럼 보입니다(→ 커서가 움직이지 않고, 키를 누를 때 어떠한 별표(*)도 표시되지 않습니다.\n\n이 옵션을 사용하시겠습니까? + 사용자의 시스템 파티션/드라이바가 완전히 암호화된 것으로 보입니다. + VeraCrypt는 동적(dynamic) 디스크로 변환된 시스템 드라이브의 암호화는 지원하지 않습니다. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + 전체 드라이브 대신 시스템 파티션을 암호화하시겠습니까?\n\n(시스템 파티션의 암호화뿐만 아니라) 드라이브 상의 시스템 아닌 파티션 내에 파티션-기반의 VeraCrypt 볼륨을 만들 수 있습니다. + 시스템 드라이브가 (전체 드라이브를 점유하고 있는) 한 개의 파티션을 포함한 경우, 보통 그 파티션을 둘러싸고 있는 “느슨한” 여유 공간을 포함하고 있는 전체 드라이브를 암호화하는 것이 보다 안전합니다. + 임시 파일이 비-시스템 파티션에 저장되도록 시스템이 설정되어 있습니다.\n\n임시 파일은 시스템 파티션에만 저장될 수 있습니다. + 사용자 프로필 파일이 시스템 파티션에 저장되어 있지 않습니다.\n\n사용자 프로필 파일은 시스템 파티션에만 저장될 수 있습니다. + 페이징 파일이 비-시스템 파티션에 있습니다.\n\n페이징 파일은 시스템 파티션에만 위치할 수 있습니다. + 윈도우 파티션에만 페이징 파일이 만들어지도록 윈도우를 설정하시겠습니까?\n\n“예”를 클릭하면 컴퓨터가 다시 시작됩니다. 그런 다음 VeraCrypt를 시작한 후 숨긴 OS를 다시 만듭니다. + 그렇지 않으면 숨긴 운영체제의 그럴싸한 거부방법에 악영향을 끼치게 됩니다.\n\n참고: 적대자가 비-시스템 파티션에 존재하는 그 파일들의 내용을 분석해서 숨긴-시스템-생성 모드에서 사용자가 이 마법사를 사용했다는 사실(→ 이는 컴퓨터에 숨긴 운영체제가 존재한다는 것을 의미)을 발견할 수도 있습니다. 또한 시스템 파티션에 저장되어 있는 파일들은 (숨긴 운영체제를 만드는 과정 동안) VeraCrypt에 의해 안전하게 지워집니다. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + 보안상의 이유로, 현재 실행 중인 운영체제가 인증을 요구할 경우, 진행하기 전에 인증을 해야 합니다. 왜냐하면 “숨긴 운영체제”는 시스템 파티션의 내용을 숨긴 볼륨에 복사함으로써 생성되기 때문입니다. 만약 이러한 운영체제가 인증되지 않은 경우에는 숨긴 운영체제 또한 인증되지 않습니다. 더 자세한 정보를 보려면 VeraCrypt 사용자 안내서의 “Security Requirements and Precautions Pertaning to Hidden Volumes” 장을 참고하시기 바랍니다.\n\n중요: 진행하기 전에 VeraCrypt 사용자 안내서에 있는 “Security Requirements and Precautions Pertaining to Hidden Volumes”(숨긴 볼륨에 관련된 보안 지침)의 내용을 읽어보시길 권장합니다.\n\n\n현재 운영체제가 위 조건들을 충족시키고 있습니까? + 사용자의 시스템이 별도의 부트 파티션을 사용하고 있습니다. VeraCrypt는 별도의 부트 파티션을 사용하는 숨겨진 운영체제에서의 최대 절전 모드를 지원하지 않습니다(* 미끼용 시스템에서는 별 문제없이 최대 절전 모드 기능을 사용할 수 있습니다).\n\n부트 파티션이 미끼용 및 숨겨진 시스템에 의해 공유되는 것은 아닌지 확인해 주십시오. 그래서 최대 절전 모드 상태에서 깨어날 때 데이터 누수 및 문제점을 방지하기 위해, VeraCrypt는 숨겨진 시스템이 공유된 부트 파티션에 쓰는 것을 방지하고 또한 이 시스템이 최대 절전 모드로 진입하는 것을 막게 되는 것입니다.\n\n계속하시겠습니까? “아니오”를 선택하면, 별도의 부트 파티션을 제거하기 위한 지침이 표시됩니다. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + 주의: 시스템 파티션과 그 뒤에 있는 첫번쩨 파티션 사이에 할당되지 않은 공간이 있습니다. 숨긴 운영체제를 생성한 후에, 이러한 미할당 공간에 새로운 파티션을 만들어선 안됩니다. 그렇지 않으면 (새롭게 만들어진 파티션을 제거하기 전까지는) 숨긴 운영체제로 부팅을 할 수 없게 됩니다. + 이 알고리듬은 현재 시스템 암호화에 지원되지 않습니다. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + 키파일이 현재 시스템 암호화에서 지원되지 않습니다. + 주의: VeraCrypt가 원래의 키보드 레이아웃을 복구할 수 없습니다. 이 경우 비밀번호를 올바르게 입력할 수 없을지도 모릅니다. + 오류: VeraCrypt 키보드 레이아웃을 표준 US 키보드 레이아웃에 설정할 수 없습니다.\n\n(윈도우 시작 전에) US가 아닌 윈도우 키보드 레이아웃을 사용할 수 없는 부팅-전 환경에서 비밀번호를 입력할 필요가 있다는 것을 참고하세요. 그래서 표준 US 키보드 레이아웃을 사용해서 항상 비밀번호를 입력해야 합니다. + VeraCrypt가 키보드 레이아웃을 표준 US 키보드 레이아웃으로 잠시 변경했기 때문에, 오른쪽 Alt 키가 눌러진 상태에서 키를 눌러 문자를 입력할 수 없습니다. 그러나 Shift 키가 눌러진 상태에서는 적당한 키를 눌러 대부분의 문자를 입력할 수 있습니다. + VeraCrypt가 키보드 레이아웃의 변경을 방지했습니다. + 참고: (윈도우 시작 전에) US가 아닌 윈도우 키보드 레이아웃을 사용할 수 없는 부팅-전 환경에서 비밀번호를 입력할 필요가 있다는 것을 참고하세요. 그래서 표준 US 키보드 레이아웃을 사용해서 항상 비밀번호를 입력해야 합니다. 그러나 실제 US 키보드가 필요하지 않다는 사실을 명심하세요. 실제 US 키보드가 없는 경우일지라도, VeraCrypt는 (현재 및 부팅-전 환경에서) 사용자가 안전하게 비밀번호를 입력했는지를 자동으로 확인합니다. + 사용자가 파티션/드라이브를 암호화하기 전에, VeraCrypt 응급복구 디스크(VRD)를 먼저 만들어야 합니다. 그 목적은 다음과 같습니다:\n\n- 만약 VeraCrypt 부트 로더, 마스터 키 또는 다른 중요한 데이터가 손상된 경우, VRD를 이용해서 복구할 수 있습니다(그러나 여전히 올바른 비밀번호를 입력해야 합니다).\n\n- 만약 윈도우가 손상되어 시작이 되지 않는다면, VRD를 이용해서 윈도우의 시작 전에 파티션/드라이브를 영구적으로 암호해제할 수 있습니다.\n\n- VRD는 첫번째 드라이브 트랙(* 보통 시스템 로더나 부트 관리자를 포함하고 있음)의 내용에 대한 백업을 포함하고 있으므로 이를 이용해서 필요한 경우 복구할 수 있습니다.\n\nVeraCrypt 응급복구 디스크 ISO 이미지는 아래의 지정된 위치에서 생성됩니다. + “확인”을 클릭하면 Microsoft Windows Disc Image Burner가 실행됩니다. 이를 이용해서 VeraCrypt 응급복구 디스크 ISO 이미지를 CD 또는 DVD에 굽습니다.\n\n이 작업을 마친 후에 VeraCrypt 볼륨 만들기 마법사로 돌아가서 그 지침을 따릅니다. + 응급복구 디스크 이미지가 생성되어 다음 파일에 저장되었습니다: %s\n\n이제 이미지를 CD 또는 DVD에 구울 필요가 있습니다.\n\n%ls응급복구 디스크를 구운 후, “다음”을 클릭해서 응급복구 디스크가 올바르게 구워졌는지를 확인합니다. + 응급복구 디스크 이미지가 생성되어 다음 파일에 저장되었습니다: %s\n\n이제 응급복구 디스크를 CD/DVD에 굽거나 나중에 사용하기 위해 안전한 위치에 ISO 이미지를 이동해야 합니다.\n\n%ls계속하려면 “다음”을 클릭합니다. + 중요: 파일은 (개별 파일이 아닌) ISO 디스크 이미지로 CD/DVD에 구워져야 합니다. 굽기 작업에 대한 정보는 CD/DVD 리코딩 소프트웨어에 대한 문서를 참고해 주세요. ISO 디스크 이미지를 CD/DVD에 작성할 리코딩 소프트웨어가 없는 경우, 아래 링크를 클릭해서 무료 소프트웨어를 다운로드합니다.\n\n + Microsoft Windows Disc Image Burner 실행 + 주의: 과거에 VeraCrypt 응급복구 디스크를 이미 만든 경우, 이 디스크를 현재 시스템 파티션/드라이브에 다시 사용할 수 없습니다. 왜냐하면 서로 다른 마스터 키로 디스크가 생성되었기 때문입니다. 시스템 파티션/드라이브를 암호화할 때마다, 비록 동일한 비밀번호를 사용할지라도, 새로운 VeraCrypt 응급복구 디스크를 만들어야 합니다. + 오류: 시스템 암호화 설정을 저장할 수 없습니다. + 시스템 암호화 예비테스트를 시작할 수 없습니다. + 숨긴 운영체제의 생성 과정을 시작할 수 없습니다. + 지움 방식 + 일부 형식의 저장 매체에서, 데이터를 다른 데이터로 덮어쓰게 되면, Magnetic Force Microscopy 같은 기술을 이용해서 덮어쓰여진 데이터를 복구할 수 있습니다. 이것은 암호화된 형태로 덮어쓰여진 데이터에만 적용됩니다(→ 이는 VeraCrypt가 암호화되지 않은 파티션 또는 드라이브를 초기에 암호화한 경우에 발생합니다). 일부 연구와 정부 발표에 따르면, (의사무작위 및 비무작위 데이터로 여러번 데이터를 덮어쓰는 방법으로) 덮어쓰여진 데이터의 복구를 방지하거나 또는 매우 어렵게 할 수 있습니다. 그래서 만약 암호화할 데이터를 “적대적인 사람이 그러한 기술을 이용해서 복구할 수 있다”고 믿고 있다면, 여러분은 지움(wipe) 방식 중의 하나를 선택하고자 할 것입니다(→ 기존 데이터의 손실 없음). 지움(wiping)은 파티션/드라이브가 암호화된 후에는 실행되지 않습니다. 파티션/드라이브가 완전히 암호화되었을 때, 암호화되지 않은 모든 데이터는 쓰여질 수 없게 됩니다. 암호화된 파티션/드라이브에 쓰여지는 데이터는 먼저 실시간으로 메모리에서 암호화되고 그 후 (암호화된) 데이터가 디스크에 쓰여집니다. + 일부 형식의 저장 매체에서, 데이터를 다른 데이터로 덮어쓰게 되면(예: 데이터가 지워진 경우), Magnetic Force Microscopy 같은 기술을 이용해서 덮어쓰여진 데이터를 복구할 수 있습니다. 일부 연구와 정부 발표에 따르면, (의사무작위 및 비무작위 데이터로 여러번 데이터를 덮어쓰는 방법으로) 덮어쓰여진 데이터의 복구를 방지하거나 또는 매우 어렵게 할 수 있습니다. 그래서 만약 지워진 데이터를 “적대적인 사람이 그러한 기술을 이용해서 복구할 수 있다”고 믿고 있다면, 여러분은 다중-지움 방식 중의 하나를 선택하고자 할 것입니다.\n\n참고: 지움 횟수가 많은 방식을 이용할수록 데이터를 지우는 시간은 더욱 길어지게 됩니다. + 지우기 + \n참고: 사용자는 지우기 작업을 중단할 수 있고, 컴퓨터를 종료해서 숨긴 시스템을 다시 시작한 후 작업을 재개할 수 있습니다(* 이 마법사는 자동으로 실행됩니다). 그러나 사용자가 이를 중단하면, 지움 작업은 처음부터 다시 진행됩니다. + \n\n참고: 사용자가 지움 작업을 중단하고 이 작업을 다시 시작하면, 지움 작업은 처음부터 다시 진행됩니다. + 지움 작업을 중단하시겠습니까? + 주의: 선택한 파티션/장치의 모든 데이터는 지워지고 이를 잃게 됩니다. + 원래의 시스템이 존재했던 파티션의 모든 데이터는 지워지게 됩니다.\n\n참고: 지워질 파티션의 모든 데이터는 이 숨긴 시스템 파티션으로 복사되었습니다. + 주의: 예컨대 3번 지움 방식을 선택하게 되면 파티션/드라이브를 암호화하는 데 필요한 시간은 최대 4배가 길어집니다. 마찬가지로 35번 지움 방식을 선택하면, 최대 36배의 시간이 더 걸립니다(→ 이는 수주일이 걸릴 것입니다).\n\n그러나 지움(wiping)은 파티션/드라이브가 완전히 암호화된 후에는 실행되지 않습니다. 파티션/드라이브가 완전히 암호화되었을 때, 암호화되지 않은 모든 데이터는 쓰여질 수 없게 됩니다. 암호화된 파티션/드라이브에 쓰여지는 데이터는 먼저 실시간으로 메모리에서 암호화되고 그 후 (암호화된) 데이터가 디스크에 쓰여집니다(→ 그래서 실행에는 영향을 미치지 않습니다).\n\n지움 방식을 사용하시겠습니까? + 없음 (가장 빠름) + 1-번 (무작위 데이터) + 3-번 (US DoD 5220.22-M) + 7-번 (US DoD 5220.22-M) + 35-번 (“GUtmann”) + 256-번 + 운영체제 개수 + 주의: 경험이 없는 사용자는 “멀티-부트 설정의 윈도우”를 암호화하려고 시도해서는 안됩니다.\n\n계속하시겠습니까? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + 부트 드라이브 + 현재 실행 중인 운영체제가 부트 드라이브에 설치되어 있습니까?\n\n참고: 때로 윈도우가 윈도우 부트 로더 (부트 파티션)와 동일한 드라이브에 설치되지 않은 경우도 있습니다. 이 경우에 “아니오”를 선택합니다. + VeraCrypt는 운영체제가 설치되어 있는 드라이브에서 부팅을 하지 않는 운영체제의 암호화를 현재 지원하지 않고 있습니다. + 시스템 드라이브 수 + 운영체제에 몇 개의 드라이브가 있습니까?\n\n참고: 예컨대 사용자가 특정 운영체제(Windows, Mac OS X, Linux 등)를 첫번째(Primary) 드라이브에 설치하고, 다른 운영체제를 두번째(Secondary) 드라이브에 설치한 상태라면, “2 또는 그 이상”을 선택합니다. + VeraCrypt는 다수의 운영체제를 포함하고 있는 전체 드라이브의 암호화를 현재 지원하지 않습니다.\n\n가능한 해결책:\n\n- 뒤로 가서 단일 시스템 파티션만을 암호화하는 것을 선택한다면(→ 이는 전체 시스템 드라이브를 암호화하는 것을 선택하는 것과 반대개념), 그 시스템 중 하나를 암호화할 수 있습니다.\n\n- 대체방법으로 사용자가 (암호화할 드라이브에 한 개의 시스템만 남겨둔 채) 시스템의 일부를 다른 드라이브로 옮긴 경우라면 전체 드라이브를 암호화할 수 있습니다. + 한 개 드라이브에 다중 시스템 + 현재 실행 중인 운영체제가 설치되어 있는 드라이브에 설치된 다른 운영체제가 있습니까?\n\n참고: 예컨대 현재 실행되고 있는 운영체제가 드라이브 #0에 설치된 경우, 이 드라이브엔 여러 개의 파티션이 있고, 그 중 하나의 파티션이 윈도우를 포함하고 있고, 다른 파티션이 또다른 운영체제를 포함하고 있는 경우라면(예: Windows, Mac OS X, Linux 등), “예”를 선택합니다. + 비-윈도우 부트 로더 + 비-윈도우 부트 로드(또는 부트 관리자)가 마스터 부트 레코드(MBR)에 설치되어 있습니까?\n\n참고: 예컨대 부트 드라이브의 첫번째 트랙에 GRUB, LILO, XOS 또는 다른 비-윈도우 부트 관리자(또는 부트 로더)가 있는 경우, “예”를 선택합니다. + 멀티-부트 + VeraCrypt는 MBR에 비-윈도우 부트 로더가 설치되어 있는 멀티-부트 설정을 현재 지원하지 않고 있습니다.\n\n가능한 해결책:\n\n- 윈도우와 리눅스를 부팅하기 위해 부트 관리자(보통 GRUB)를 사용 중이라면, 부트 관리자를 MBR에서 특정 파티션으로 이동시킵니다. 그런 다음 이 마법사를 다시 시작하고 시스템 파티션/드라이브를 암호화합니다. VeraCrypt 부트 로더는 사용자의 주요한 부트 관리자가 될 것이고, 원래의 부트 관리자(보통 GRUB)는 (VeraCrypt 부트 로더 화면에서 Esc를 눌러) 부차적으로 사용할 수 있습니다. 이런 방법으로 리눅스를 부팅할 수 있게 됩니다. + 현재 실행 중인 운영체제가 부트 파티션에 설치된 경우, 시스템을 암호화 후에는 (비록 사용자가 암호화되지 않은 다른 시스템을 시작하기를 원할 경우일지라도) 사용자는 올바른 비밀번호를 입력할 필요가 있습니다.\n\n반대로 현재 실행 중인 운영체제가 윈도우 부트 파티션에 설치되어 있지 않은 경우 (또는 윈도우 부트 로더/관리자가 다른 시스템에 의해 사용되지 않고 있는 경우), 시스템을 암호화한 후에는 암호화되지 않은 시스템을 부팅하기 위해 올바른 비밀번호를 입력할 필요가 없습니다. -- 암호화되지 않은 시스템을 시작하려면 Esc 키만 누르면 됩니다. (만약 다수의 암호화되지 않은 시스템이 있는 경우라면, VeraCrypt Boot Manager 메뉴에서 시작할 시스템을 선택할 필요가 있습니다.)\n\n참고: 보통 가장 초기에 설치된 윈도우 시스템은 부트 파티션에 설치되어 있습니다. + 호스트로 보호된 영역의 암호화 + 많은 드라이브의 끝에는 이른바 “호스트로 보호된 영역(Host Protected Area)”이라 불리며 대개 운영체제로부터 숨겨진 영역이 있습니다. 그러나 일부 프로그램은 그러한 영역의 데이터를 읽고 쓸 수 있습니다.\n\n주의: 일부 컴퓨터 제작자들은 그러한 영역에 RAID, 시스템 복구, 시스템 설정, 진단 또는 다른 목적을 위한 도구 및 데이터를 저장하기도 합니다. 만약 부팅-전에 그러한 도구 또는 데이터에 접근할 수 있는 경우라면, 숨긴 영역을 암호화해서는 안됩니다(→ 위에서 “아니오” 선택).\n\n시스템 드라이브의 끝에 있는 그러한 숨긴 영역이 존재하는 경우에 VeraCrypt가 이를 발견해서 암호화하도록 하시겠습니까? + 시스템 암호화 형식 + ① 시스템 파티션 또는 ② 전체 시스템 드라이브를 단지 암호화만 하려면 이 옵션을 선택합니다. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + 숨긴 운영체제 + 다음 단계에서 여러분은 시스템 파티션 뒤에 있는 첫번째 파티션 안에 2개의 VeraCrypt (외부 및 숨긴) 볼륨을 만들게 됩니다. 숨긴 볼륨은 “숨긴 운영체제(OS)”를 포함하게 됩니다. VeraCrypt는 현재 실행 중인 OS가 설치된 곳의 “시스템 파티션의 내용을 숨긴 볼륨에 복사함”으로써 숨긴 OS를 만듭니다. 겉으로 보기에 상당히 민감하게 보이지만 숨기고 싶지 않은 일부 파일들을 외부 볼륨에 복사합니다. 강요에 의해 “숨긴 OS 파티션의 비밀번호”를 노출해야만 하는 경우, 거기에 있는 파일들이 표시됩니다. 숨긴 OS 파티션 내에 있는 “외부 볼륨의 비밀번호”는 노출될 수 있지만, 숨긴 OS의 존재는 여전히 비밀로 남습니다.\n\n마지막으로 현재 실행 중인 운영체제에서 새로운 OS(→ 이른바 미끼용 OS)를 설치하고 이를 암호화할 수 있습니다. 미끼용 OS는 민감한 데이터를 포함하지 않아야 하며, 이는 부팅-전 인증 비밀번호의 노출을 강요하는 사람을 위한 것입니다. 정리하면 3개의 비밀번호가 있습니다. 그 중 2개의(→ 미끼용 OS 및 외부 볼륨을 위한) 비밀번호는 공격자에게 공개해도 무방합니다. 제3의 비밀번호를 사용하면, “숨긴 OS”가 시작됩니다. + 숨겨진 섹터를 탐지 중 + VeraCrypt가 시스템 드라이브의 끝에 있음직한 숨겨진 섹터를 탐지하는 동안 잠시 기다려 주세요. 완료하려면 상당한 시간이 걸릴 수도 있습니다.\n\n참고: 아주 가끔 일부 컴퓨터에서 탐지 과정 중에 시스템의 응답이 없을 수도 있습니다. 이러한 경우에는, ① 컴퓨터를 다시 시작한 후 ② VeraCrypt를 시작해서 ③ (이러한 탐지 과정을 제외한) 이전 단계를 반복합니다. 이 문제는 VeraCrypt의 버그에 의해 발생한 문제가 아닙니다. + 암호화할 영역 + 현재 실행 중인 윈도우 시스템이 설치된 드라이브 전체를 암호화하려면 이 옵션을 선택합니다. 전체 드라이브(→ 모든 파티션 포함)가 암호화됩니다만, VeraCrypt 부트 로더가 자리잡는 첫번째 트랙은 암호화에서 제외됩니다. 드라이브에 설치된 시스템 또는 드라이브에 저장된 파일에 접근하려는 사람은 시스템 시작 전에 매번 올바른 비밀번호를 입력해야 합니다. 이 옵션은 윈도우가 설치되지 않았고 또한 부팅이 되지 않는 두번째 또는 외부 드라이브를 암호화하는 데 사용될 수 없습니다. + 무작위 데이터를 수집 중 + 키가 생성됨 + VeraCrypt가 컴퓨터에 연결된 CD/DVD 버너를 발견하지 못햇습니다.\n\nCD/DVD 버너로 응급 복구 디스크 이미지 (암호화 키, VeraCrypt 부트 로더, 원래의 시스템 로더 등)를 작성하거나 적어도 백업을 하는게 좋습니다. + CD/DVD 버너가 없지만 이동식 드라이브 (예: USB 플래시 드라이브) 에 응급 복구 디스크 이미지를 저장합니다. + 나중에 내 컴퓨터에 CD/DVD 버너를 연결합니다. 프로세스를 종료합니다. + 지금 내 컴퓨터에 CD/DVD 버너가 연결되어 있습니다. 계속 응급 복구 디스크를 작성합니다. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + 응급복구 디스크 굽기 + 응급복구 디스크가 생성됨 + 시스템 암호화 예비테스트 + 응급복구 디스크 검증 + \nVeraCrypt 응급복구 디스크를 성공적으로 검증했습니다. 이제 드라이브에서 디스크를 제거하고 안전한 장소에 보관해 주세요.\n\n계속하려면 “다음”을 클릭하세요. + 주의: 다음 단계를 진행하는 동안 VeraCrypt 응급복구 디스크가 드라이브에 존재하지 않아야 합니다. 그렇지 않으면, 그 단계를 올바르게 완료할 수 없게 됩니다.\n\n드라이브에서 제거한 다음 안전한 장소에 보관해 주세요. 그 다음에 “확인”을 클릭합니다. + 주의: 부팅-전 환경의 기술적 제한때문에, 부팅-전 환경(예: 윈도우 시작 전)에서 VeraCrypt에 의해 표시되는 텍스트는 현지화될 수 없습니다. VeraCrypt 부트 로더 인터페이스는 모두 영어입니다.\n\n계속하시겠습니까? + 시스템 파티션 또는 드라이브를 암호화하기 전에, VeraCrypt는 모든 것이 올바르게 작동하는지 여부를 검증할 필요가 있습니다.\n\n“테스트”를 클릭하면, 필요한 모든 구성요소(예: 부팅-전 인증 요소 즉 VeraCrypt 부트 로더)가 설치되고 컴퓨터가 다시 시작될 것입니다. 그리고나서 윈도우가 시작되기 전에 VeraCrypt 부트 로더 화면에서 비밀번호를 입력해야 합니다. 윈도우가 시작되면, 예비테스트 결과를 자동으로 통지받게 됩니다.\n\n다음과 같은 장치가 수정됩니다: 장치 #%d\n\n\n지금 “취소”를 클릭하면 어떤 것도 설치되지 않고 예비테스트는 실행되지 않습니다. + 중요한 메모 -- 읽거나 (“인쇄”를 클릭해서) 인쇄를 해주세요:\n\n컴퓨터를 성공적으로 다시 시작하거나 윈도우를 시작하기 전에는 어떤 파일도 암호화되지 않습니다. 그래서 어떤 실패가 있더라도 사용자의 데이터는 손실되지 않습니다. 그러나 무엇인가 잘못될 경우, 윈도우를 시작하는 데 어려움을 겪을 수도 있습니다. 그러므로 컴퓨터를 다시 시작한 후에 “윈도우가 시작되지 않는 경우 해야 할 일”에 대한 다음 안내문을 반드시 읽어 주십시오(* 가능하다면 인쇄하길 권장합니다).\n\n + 윈도우가 시작되지 않는 경우 해야 할 일 ------------------------------------------------\n\n참고: 이 지침은 사용자가 암호화 작업을 시작하지 않은 경우에만 타당합니다.\n\n- 반복해서 올바른 비밀번호를 입력했는데도 VeraCrypt가 잘못된 비밀번호를 입력했다고 말할 경우에 당황하지 마세요. 컴퓨터를 다시 시작하고, VeraCrypt 부트 로더 화면에서, Esc 키를 누릅니다. 멀티 시스템인 경우에는 시작할 시스템을 선택하세요. 그러면 윈도우가 시작되고(→ 암호화가 되지 않은 경우에 해당) VeraCrypt가 부팅-전 인증 요소를 제거할 것인지 여부를 자동으로 묻게 됩니다. 만약 시스템 파티션/드라이브가 암호화된 경우라면 이전 단계가 동작하지 않게 됩니다. 어느 누구도 (설령 그가 이전 단계를 따랐다고 하더라도) 올바른 비밀번호 없이 드라이브의 암호화된 데이터에 접근하거나 윈도우를 시작할 수 없습니다.\n\n + - 만약 이전 단계가 도움이 되지 않거나 (윈도우가 시작되기 전에) VeraCrypt 부트 로더 화면이 나타나지 않으면, VeraCrypt 응급복구 디스크를 CD/DVD 드라이브에 삽입한 다음 컴퓨터를 다시 시작합니다. 만약 ① VeraCrypt 응급복구 디스크 화면이 나타나지 않거나 ② VeraCrypt 응급복구 디스크 화면의 “키보드 컨트롤” 섹션에서 Repair Option(수리 옵션) 항목을 볼 수 없는 경우, BIOS 설정에서 CD/DVD 부팅보다 하드 디스크 부팅이 먼저 되도록 설정되어 있는 경우일 수 있습니다. 이런 경우라면, 컴퓨터를 다시 시작한 다음 (BIOS 화면이 나타난 순간) F2 또는 Delete 키를 누르고 잠시 기다리면 BIOS 설정 화면이 나타납니다. BIOS 설정 화면이 나타나지 않으면 컴퓨터를 다시 시작하고 F2 또는 Delete 키를 누르는 것을 반복합니다. BIOS 설정 화면이 나타나면, CD/DVD 드라이브가 제일 먼저 부팅되도록 설정합니다(자세한 정보는 BIOS 또는 motherboard를 위한 문서를 참고하거나 컴퓨터 판매처의 기술지원 팀에게 도움을 요청하시기 바랍니다). 그런 다음 컴퓨터를 다시 시작합니다. 이제 VeraCrypt 응급복구 디스크 화면이 나타날 것입니다. VeraCrypt 응급복구 디스크 화면에서, F8을 눌러 “Repair Options”를 선택합니다. “Repair Options” 메뉴에서 “Restore original system loader”를 선택합니다. 그런 다음 응급복구 디스크를 CD/DVD 드라이브에서 제거한 다음 컴퓨터를 다시 시작합니다. (암호화가 해제된 경우) 윈도우가 정상적으로 시작됩니다.\n\n + 만약 시스템 파티션/드라이브가 암호화된 경우라면 이전 단계가 동작하지 않게 됩니다. 어느 누구도 (설령 그가 이전 단계를 따랐다고 하더라도) 올바른 비밀번호 없이 드라이브의 암호화된 데이터에 접근하거나 윈도우를 시작할 수 없습니다.\n\n\n사용자가 VeraCrypt 응급복구 디스크를 분실하고 공격자가 이를 발견했을지라도 올바른 비밀번호 없이는 시스템 파티션 또는 드라이브의 암호를 해제할 수 없습니다. + 예비테스트 완료 + 예비테스트를 성공적으로 완료했습니다.\n\n주의: 기존의 자체 데이터를 암호화하는 동안 ① 전력 공급이 갑자기 중단되거나 ② 소프트웨어 또는 하드웨어의 문제때문에 운영체제가 충돌을 일으키면, 일부 데이터가 손상되거나 유실될 수 있습니다. 그러므로 암호화 작업을 시작하기 전에 암호화하고자 하는 파일의 복사을 백업해 두었는지를 확인해야 합니다. 백업을 하지 않은 경우라면 지금 파일들을 백업해 두시기 바랍니다. “연기”를 클릭해서 파일을 백업하고 VeraCrypt를 다시 실행한 다음, 암호화를 시작하려면 “시스템” ▶ “중단된 진행을 다시 시작”을 선택합니다.\n\n준비가 되었고 암호화 작업을 시작하려면 “암호화”를 클릭하세요. + 사용자는 언제라도 암호화 또는 암호해제 작업을 중단시키기 위해 “정지” 또는 “연기”를 클릭할 수 있고, 마법사를 종료한 후 컴퓨터를 다시 시작하고, 중단된 시점부터 다시 작업을 진행시킬 수 있습니다. 시스템 또는 프로그램이 시스템 드라이브의 데이터를 읽고 쓸 때 속도저하를 막기 위해, VeraCrypt는 데이터가 읽고 쓰여질 때까지 자동으로 대기한 다음 암호화 또는 암호해제 작업을 자동으로 계속합니다. + \n\n사용자는 언제라도 암호화 작업을 중단시키기 위해 “정지” 또는 “연기”를 클릭할 수 있고, 마법사를 종료한 후 컴퓨터를 다시 시작하고, 중단된 시점부터 다시 작업을 진행시킬 수 있습니다. 볼륨이 완전히 암호화되기 전에는 이 볼륨을 삽입할 수 없습니다. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + 숨겨진 시스템이 시작됨 + 원래의 시스템 + 윈도우는 (대개 사용자의 인식 또는 동의 없이) 시스템 파티션에 다양한 로그 파일, 임시 파일 등을 만듭니다. 또한 RAM의 내용을 시스템 파티션에 위치한 최대 절전 모드 및 페이징 파일에 저장하기도 합니다. 그래서 적대자가 원래의 시스템(* 이 시스템의 숨겨진 시스템은 복제된 것임)이 존재했던 파티션에 저장된 내용을 분석해서 예컨대 숨긴-시스템-생성 모드에서 VeraCrypt 마법사를 사용했다는 사실(→ 이는 컴퓨터에 숨긴 운영체제가 존재한다는 것을 의미)을 발견할 수도 있습니다.\n\n이런 문제점을 방지하기 위해 VeraCrypt는 다음 단계에서 원래의 시스템이 있었던 파티션의 전체 내용을 안전하게 지우게 됩니다. 이후 그럴싸한 거절방법을 만들기 위해 사용자는 “파티션에 새로운 시스템을 설치해서 이를 암호화”할 필요가 있습니다. 사용자가 미끼용 시스템을 만들게 되면, 숨긴 운영체제 생성의 전체 과정은 마무리되게 됩니다. + 숨긴 운영체제가 성공적으로 만들어졌습니다. 그러나 이를 사용하기 전에(* 또한 그럴싸한 거절방법을 만들기 전에), 현재 실행 중인 운영체제가 설치되어 있는 파티션의 전체 내용을 VeraCrypt를 이용해서 안전하게 지워야 할 필요가 있습니다. 이 작업을 하기 전에 컴퓨터를 다시 시작한 다음 VeraCrypt 부트 로더 화면(→ 윈도우 시작 전에 나타남)에서 미끼용 운영체제에 대한 비밀번호를 입력합니다. 그러면 숨긴 시스템이 시작이 되고, VeraCrypt 마법사가 자동으로 실행됩니다.\n\n참고: 숨긴 운영체제의 생성 과정 작업을 지금 종료하도록 선택한 경우, 이 작업을 다시 시작할 수 없게 되고, 숨긴 시스템에 접근할 수 없게 됩니다(* VeraCrypt 부트 로더가 제거되었기 때문). + 숨긴 운영체제의 생성 과정을 예약했습니다. 진행 작업이 아직 완료되지 않았습니다. 작업을 완료하려면 컴퓨터를 다시 시작한 다음 VeraCrypt 부트 로더 화면(→ 윈도우 시작 전에 나타남)에서 미끼용 운영체제에 대한 비밀번호를 입력해야 합니다.\n\n참고: 숨긴 운영체제의 생성 과정 작업을 지금 종료하도록 선택한 경우, 이 작업을 다시 시작할 수 없게 됩니다. + 컴퓨터를 다시 시작한 후 계속 진행 + 숨긴 운영체제의 생성 과정 작업을 완전히 종료 + 지금 아무 것도 안하고 나중에 다시 묻기 + \n가능하다면 다음 텍스트를 인쇄해 주세요(* 아래의 “인쇄” 클릭).\n\n\n(암호화 후) VeraCrypt 응급복구 디스크 사용 방법 및 그 시기 -----------------------------------------------------------------------------------\n\n + I. VeraCrypt 응급복구 디스크 부팅 방법\n\nVeraCrypt 응급복구 디스크로 부팅하려면, CD/DVD 드라이브를 삽입한 다음 컴퓨터를 다시 시작합니다. 만약 ① VeraCrypt 응급복구 디스크 화면이 나타나지 않거나 ② VeraCrypt 응급복구 디스크 화면의 “키보드 컨트롤” 섹션에서 Repair Option(수리 옵션) 항목을 볼 수 없는 경우, BIOS 설정에서 CD/DVD 부팅보다 하드 디스크 부팅이 먼저 되도록 설정되어 있는 경우일 수 있습니다. 이런 경우라면, 컴퓨터를 다시 시작한 다음 (BIOS 화면이 나타난 순간) F2 또는 Delete 키를 누르고 잠시 기다리면 BIOS 설정 화면이 나타납니다. BIOS 설정 화면이 나타나지 않으면 컴퓨터를 다시 시작하고 F2 또는 Delete 키를 누르는 것을 반복합니다. BIOS 설정 화면이 나타나면, CD/DVD 드라이브가 제일 먼저 부팅되도록 설정합니다(자세한 정보는 BIOS 또는 motherboard를 위한 문서를 참고하거나 컴퓨터 판매처의 기술지원 팀에게 도움을 요청하시기 바랍니다). 그런 다음 컴퓨터를 다시 시작합니다. 이제 VeraCrypt 응급복구 디스크 화면이 나타날 것입니다. 참고: VeraCrypt 응급복구 디스크 화면에서, F8을 눌러 “Repair Options”를 선택합니다.\n\n\n + II. (암호화 후) VeraCrypt 응급복구 디스크 사용 방법 및 그 시기\n\n + 1) 만약 컴퓨터를 다시 시작한 후에 VeraCrypt 부트 로더 화면이 나타나지 않거나 (또는 윈도우 부팅이 되지 않는 경우), VeraCrypt 부트 로더가 손상되었을 수도 있습니다. VeraCrypt 응급복구 디스크를 이용해서 이를 복구할 수 있고 암호화된 시스템 및 데이터에 다시 접근할 수 있습니다. 그러나 여전히 올바른 비밀번호를 입력해야만 합니다. 응급복구 디스크 화면에서, “Repair Options” ▶ “Restore VeraCrypt Boot Loader”를 선택합니다. 작업을 승인하려면 “Y”를 누른 다음, CD/DVD 드라이브에서 응급복구 디스크를 제거한 후 컴퓨터를 다시 시작합니다.\n\n + 2) 올바른 비밀번호를 반복해서 입력했지만 VeraCrypt가 잘못된 비밀번호라고 하는 경우, 마스터 키 또는 다른 중요한 데이터가 손상되었을 수도 있습니다. VeraCrypt 응급복구 디스크를 이용해서 이를 복구할 수 있고 암호화된 시스템 및 데이터에 다시 접근할 수 있습니다. 그러나 여전히 올바른 비밀번호를 입력해야만 합니다. 응급복구 디스크 화면에서, “Repair Options” ▶ “Restore key data”를 선택합니다. 비밀번호를 입력 후 “Y”를 눌러 이를 승인한 다음, CD/DVD 드라이브에서 응급복구 디스크를 제거한 후 컴퓨터를 다시 시작합니다.\n\n + 3) 만약 VeraCrypt 부트 로더가 손상된 경우, VeraCrypt 응급복구 디스크로 직접 부팅해서 그 실행을 피할 수 있습니다. CD/DVD 드라이브에 응급복구 디스크를 삽입한 다음 응급복구 화면에서 비밀번호를 입력합니다.\n\n + 4) 만약 윈도우기 손상되어 시작되지 않는 경우, (VeraCrypt 응급복구 디스크를 이용해서) 윈도우가 시작되기 전에 파티션/드라이브를 영구적으로 암호해제할 수 있습니다. 응급복구 디스크 화면에서, “Repair Options”(수리 옵션) ▶ “Permanently decrypt system partition/drive”(시스템 파티션/드라이브의 영구적 암호해제)를 선택합니다. 그런 다음 올바른 비밀번호를 입력하고 암호해제 작업이 끝날 때까지 기다립니다. 이제 윈도우 설치를 수리하기 위해 예컨대 MS 윈도우 설치 CD/DVD로 부팅할 수 있습니다.\n\n + 참고: 또다른 방법으로는, 만약 윈도우가 손상되어(→ 시작 불능) 이를 수리할 필요가 있는 경우(→ 또는 윈도우의 파일에 접근해야 하는 경우) 다음 단계에 의해 시스템 파티션/드라이브의 암호해제를 피할 수 있습니다. 컴퓨터에 설치된 운영체제가 여러 개인 경우, 부팅-전 인증을 필요로 하지 않는 운영체제로 부팅을 합니다. 컴퓨터에 여러 운영체제가 없는 경우에는 ① WinPE 또는 BartPE CD/DVD로 부팅을 하거나 ② 두번째(Secondary) 또는 외부 드라이브인 시스템 드라이브를 다른 컴퓨터에 연결해서 컴퓨터에 설치되어 있는 운영체제에 연결할 수 있습니다. 시스템을 부팅한 다음 VeraCrypt를 실행하고 “장치 선택”을 클릭해서 문제가 생긴 시스템 파티션을 선택한 후 “확인”을 클릭하고 “시스템 ▶ 부팅-전 인증 없이 삽입”을 선택한 다음 부팅-전-인증 암호를 입력한 후 “확인”을 클릭합니다. 보통의 VeraCrypt 볼륨으로서 파티션이 삽입됩니다(→ 여느 때처럼 데이터가 RAM에서 바로 암호해제/암호화됩니다).\n\n\n + 사용자가 VeraCrypt 응급복구 디스크를 분실하고 공격자가 이를 발견했을지라도 올바른 비밀번호 없이는 시스템 파티션 또는 드라이브의 암호를 해제할 수 없습니다. + \n\n중 요 -- 가능하다면 다음 텍스트를 인쇄해 주십시오(→ 아래 “인쇄” 클릭).\n\n참고: 이 텍스트는 사용자가 숨긴 시스템을 시작할 때마다 미끼용 시스템을 만들기 시작할 때까지 자동으로 표시됩니다.\n\n\n + 미끼용 시스템을 안전하게 만드는 방법 ----------------------------------------------------------------------------\n\n그럴싸한 거절방법을 만들려면, 사용자는 미끼용 시스템을 지금 만들어야 합니다. 이 작업을 하려면 다음 지침을 따릅니다:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) 지워진 데이터를 가지고 있었던 파티션(예: 원래의 시스템이 설치되어 있었던 파티션)에 윈도우를 설치합니다.\n\n중 요: 미끼용 시스템의 설치를 시작하면, 숨긴 시스템을 부팅되지 않습니다(→ 왜냐하면 윈도우 시스템 설치기에 의해 VeraCrypt 부트 로더가 지워지기 때문입니다). 이는 예견되었던 정상적인 상태입니다. 당황하지 마시기 바랍니다. 미끼용 시스템의 암호화를 시작하는 순간부터 숨긴 시스템을 다시 부팅시킬 수 있습니다(* VeraCrypt가 시스템 드라이브에 VeraCrypt 부트 로더를 자동으로 설치하기 때문입니다).\n\n중요: 미끼용 시스템 파티션의 크기는 숨긴 볼륨의 크기와 동일해야 합니다(* 이 조건은 이제 충족되었습니다). 또한 “미끼용 시스템 파티션”과 “숨긴 시스템이 존재하는 파티션” 사이에 다른 파티션을 만들어서는 안됩니다.\n\n + 3) 미끼용 시스템(→ 2단계에서 설치하고 이에 VeraCrypt를 설치한 파티션)을 부팅합니다.\n\n미끼용 시스템에 민감한 데이터를 포함시켜선 안됩니다.\n\n + 4) 미끼용 시스템에서 VeraCrypt를 실행한 후 “시스템” > “시스템 파티션/드라이브 암호화”를 선택합니다. VeraCrypt 볼륨 만들기 마법사 창이 나타날 것입니다.\n\nVeraCrypt 볼륨 만들기 마법사에 다음 단계들이 적용됩니다.\n\n + 5) VeraCrypt 볼륨 만들기 마법사에서 “숨김” 옵션을 선택하지 마시기 바랍니다. 선택된 “표준” 옵션을 그래도 둔 채 “다음”을 클릭합니다.\n\n + 6) “윈도우 시스템 파티션 암호화” 옵션을 선택한 후 “다음”을 클릭합니다.\n\n + 7) 컴퓨터에 숨긴 시스템과 미끼용 시스템만 설치되어 있는 경우, “싱글-부트” 옵션을 선택합니다(* 이러한 2개 시스템 이상이 컴퓨터에 설치되어 있는 경우라면 “멀티-부트”를 선택합니다). “다음”을 클릭합니다.\n\n + 8) 중요: 이 단계에서 “숨긴 시스템”을 위해 선택했던 암호화 알고리듬과 해시 알고리듬을 “미끼용 시스템”에도 동일하게 적용해야 합니다. 그렇지 않으면 “숨긴 시스템”에 접근하지 못하게 됩니다! 다시 말해 미끼용 시스템은 “숨긴 시스템”과 동일한 암호 알고리듬으로 암호화되어야 합니다. 참고: 그 이유는 미끼용 시스템과 숨긴 시스템은 한 개의 부트 로더를 공유하게 되는데, 이 부트 로더는 사용자가 선택한 단일 알고리듬만을 지원하기 때문입니다(* 각 알고리듬에 대해 특별한 버전의 VeraCrypt 부트 로더가 있습니다).\n\n + 9) 이 단계에서 미끼용 운영체제에 대한 비밀번호를 선택합니다. 이것은 부팅-전 인증 비밀번호를 강요하거나 요청받은 경우에 그 강요자에게 표시할 비밀번호입니다. 표시할 수 있는 다른 비밀번호는 외부 볼륨에 대한 것입니다. 제3의 비밀번호(→ 숨긴 운영체제를 위한 부팅-전 인증 비밀번호)의 존재는 여전히 비밀로 남습니다.\n\n중요: 미끼용 시스템을 위해 선택한 비밀번호는 숨긴 볼륨(→ 숨긴 운용체제)용으로 선택했던 비밀번호와 서로 달라야 합니다. + 10) 마법사의 나머지 지침들을 따라 미끼용 운영체제를 암호화합니다.\n\n\n\n + 미끼용 시스템이 만들어진 이후 ------------------------------------------------\n\n미끼용 시스템을 암호화한 이후, 숨긴 운영체제의 생성 과정은 모두 완료되고 사용자는 이제 3가지의 비밀번호를 사용할 수 있게 됩니다:\n\n1) 숨긴 운영체제용 부팅-전 인증 비밀번호\n\n2) 미끼용 운영체제용 부팅-전 인증 비밀번호\n\n3) 외부 볼륨용 비밀번호\n\n + 숨긴 운영체제를 시작하려면, VeraCrypt 부트 로더 화면(→ 컴퓨터를 켜거나 재시작할 때 나타남)에서 숨긴 운영체제용 비밀번호를 입력합니다.\n\n미끼용 운영체제를 시작하려면, VeraCrypt 부트 로더 화면에서 미끼용 운영체제용 비밀번호를 입력합니다.\n\n미끼용 시스템에 대한 비밀번호는, 부팅-전 인증 비밀번호의 노출을 강요하는 사람에게, 표시될 수 있습니다. 숨긴 볼륨 (및 숨긴 운영체제)의 존재는 여전히 비밀로 남습니다.\n\n + 세번째 비밀번호(* 외부 볼륨용)는 노출을 강요하는 자에게 공개되어도 상관이 없는 “시스템 파티션 뒤의 첫번째 파티션에 대한 비밀번호용”입니다. 시스템 파티션에는 ① 외부 볼륨 및 ② 숨긴 볼륨(→ 숨긴 운영체제 포함)이 자리잡고 있습니다. 숨긴 볼륨 (및 숨긴 운영체제)의 존재는 여전히 비밀로 남습니다.\n\n\n + 적대자에게 미끼용 시스템의 비밀번호를 노출했는데, 그가 (미끼용) 시스템의 여유 공간에 왜 무작위 데이터가 있는지를 물어볼 경우, 다음의 예와 같이 답변할 수 있습니다: “이 파티션은 VeraCrypt에 의해 암호화된 시스템을 포함하고 있었던 이전에 포함하고 있었다. 그러나 부팅-전 인증 비밀번호를 잊어버렸다(* 또는 시스템이 손상되었거나 부팅이 되지 않는다). 그래서 윈도우를 다시 설치한 후 파티션을 다시 암호화할 수밖에 없었다.”\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + 주의: “숨긴 볼륨을 보호하지 않은 경우라면(→ 보호하는 방법은 VeraCrypt 사용자 안내서의 “Protection of Hidden Volumes Against Damage” 부분 참고), 절대로 “외부 볼륨”에 쓰기를 해서는 안됩니다. 미끼용 운영체제가 외부 볼륨에 설치되어 있지 않다는 점을 명심하세요. 만약 외부 볼륨에 데이터를 작성해 버리면 숨긴 볼륨(→ 이 안에 숨긴 운영체제가 존재함)을 덮어쓰게 되고 이를 손상시키게 됩니다. + 운영체제 복제(cloning) + 다음 단계에서 VeraCrypt는 시스템 파티션의 내용을 숨긴 볼륨에 복사하는 방법으로 숨긴 운영체제를 만듭니다. 복사되는 데이터는 미끼용 운영체제에서 사용되는 키와 다른 것으로 실시간으로 암호화됩니다.\n\n진행 과정은 부팅-전 환경(→ 윈도우 시작 전)에서 실행되고, 완료하는데 많은 시간이 소요될 수 있습니다(→ 시스템 파티션의 크기 및 컴퓨터의 성능에 따라 몇 시간 또는 몇 일이 걸릴 수 있습니다).\n\n여러분은 진행 과정에 간섭할 수 있으며, 컴퓨터를 종료하고 운영체제를 시작하며 진행 과정을 다시 시작할 수도 있습니다. 그러나 진행 과정에 간섭을 할 경우, 시스템 복사 작업은 처음부터 시작하게 됩니다. 왜냐하면 시스템 파티션의 내용은 복제하는 동안 변경되어선 안되기 때문입니다. + 숨긴 운영체제의 전체 생성 작업을 취소하시겠습니까?\n\n참고: 지금 취소하게 되면 이 진행 작업을 다시 시작할 수 없게 됩니다. + 시스템 암호화 예비테스트를 취소하시겠습니까? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + 시스템 파티션/드라이브가 (부분적으로 또는 완전히) 암호화되지 않은 것으로 보입니다. + 시스템 파티션/드라이브가 (완전히 또는 부분적으로) 암호화되었습니다.\n\n작업을 진행하기 전에 시스템 파티션/드라이브를 완전히 암호해제시켜 주세요. 해제하려면 VeraCrypt 메인 창의 메뉴표시줄에서 “시스템” ▶ “시스템 파티션/드라이브 영구적 암호해제”를 선택하세요. + 시스템 파티션/드라이브가 (완전히 또는 부분적으로) 암호화된 경우, VeraCrypt를 다운그레이드할 수 없습니다(* 업그레이드하거나 동일 버전을 재설치할 수는 있습니다). + 시스템 파티션/드라이브가 현재 암호화, 암호해제 또는 다른 방식으로 수정되었습니다. 작업을 진행하기 전에 암호화/암호해제/수정 작업 진행을 중단해 주세요(또는 마칠 때까지 기다립니다). + VeraCrypt 볼륨 만들기 마법사가 현재 이 시스템에서 실행되어 시스템 파티션/드라이브에 대해 암호화/암호해제 작업을 수행 중이거나 준비 중입니다. 진행하기 전에, 그 작업이 끝날 때까지 기다리거나 닫아 주세요. 만약 닫기 작업이 되지 않는 경우에는 진행 전에 컴퓨터를 다시 시작해야 합니다. + 시스템 파티션/드라이브에 대한 암호화 또는 암호해제 작업 진행이 완료되지 않았습니다. 진행하기 전에 작업이 마칠 때까지 기다려 주세요. + 오류: 시스템 파티션/드라이브에 대한 암호화 작업이 완료되지 않았습니다. 먼저 작업을 완료해야 합니다. + 오류: 시스템 파티션/볼륨에 대한 암호화 작업이 완료되지 않았습니다. 먼저 작업을 완료해야 합니다.\n\n참고: 이 작업을 다시 시작하려면, VeraCrypt 메인 창의 메뉴 표시줄에 있는 “볼륨” > “중단된 진행을 다시 시작”을 선택해서 실행할 수 있습니다. + 올바른 비밀번호입니다. VeraCrypt가 볼륨 헤더를 성공적으로 암호해제하고, 현재 볼륨이 숨긴 시스템 볼륨임을 탐지했습니다. 그러나 숨긴 시스템 볼륨의 헤더를 이런 방식으로 수정할 수는 없습니다.\n\n숨긴 시스템 볼륨에 대한 비밀번호를 변경하려면, 숨긴 볼륨에 위치한 운영체제를 부팅한 다음 메뉴에서 “시스템” ▶ “비밀번호 변경”을 선택합니다.\n\n헤더 키 도출 알고리듬을 설정하려면, 숨긴 운영체제로 부팅한 다음 “시스템” ▶ “헤더 키 도출 알고리듬 설정”을 선택합니다. + VeraCrypt는 “숨긴 시스템 파티션의 자체 암호해제”를 지원하지 않습니다.\n\n참고: 미끼용 시스템 파티션의 암호를 해제하려는 경우, 미끼용 시스템으로 부팅한 다음 VeraCrypt 메뉴에서 “시스템” ▶ “시스템 파티션/드라이브의 영구적 암호해제”를 선택합니다. + 오류: 올바르지 않은/잘못된 변수. + 사용자가 파티션 또는 장치를 선택했습니다만, 선택한 마법사 모드는 파일 보관소용으로만 적당합니다.\n\n마법사 모드를 변경하시겠습니까? + 대신 VeraCrypt 파일 보관소를 만드시겠습니까? + 사용자가 시스템 파티션/드라이브 (또는 부트 파티션)을 선택했지만, 선택한 마법사 모드는 비-시스템 파티션/드라이브에만 해당됩니다.\n\n부팅-전 인증(→ 이는 윈도우 부팅/시작 전에 매번 비밀번호를 입력해야 한다는 것을 의미)을 설정하고, 시스템/드라이브를 암호화하시겠습니까? + 시스템 파티션/드라이브를 영구적으로 암호해제하시겠습니까? + 주의: 만약 시스템 파티션/드라이브를 영구적으로 암호해제시키면, 암호화되지 않은 데이터가 그곳에 덮여쓰여지게 됩니다.\n\n시스템 파티션/드라이브를 영구적으로 암호해제시키겠습니까? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + 주의: 시스템 암호화에 층계적 암호문을 사용한 경우, 다음과 같은 문제점을 만날 수 있습니다:\n\n1) VeraCrypt 부트 로더의 크기가 보통보다 커서 부트 로더의 백업용 첫번째 드라이브의 트랙에 충분한 공간이 없습니다. 그러므로 부트 로더가 손상(→ 악성코드 프로그램의 실행 등으로 종종 발생함)될 때마다 부팅하기 위해 또는 부트 로더를 수리하기 위해 VeraCrypt 응급복구 디스크를 사용할 필요가 있습니다.\n\n2) (일부 컴퓨터에서) 최대 절전 모드에서의 시스템 시작 시간이 길어집니다.\n\n이러한 잠재적 문제점은 비-층계적 암호 알고리듬(예: AES)을 선택해서 방지할 수 있습니다.\n\n정말로 층계적 암호문을 사용하시겠습니까? + 이전에 설명된 문제점을 만날 경우, (암호화된 경우라면) 파티션/드라이브를 암호해제한 다음 비-층계적 암호 알고리듬(예: AES)을 사용해서 다시 암호화를 시도합니다. + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + 현재 운영체제를 부팅시켰던 VeraCrypt 부트 로더의 버전 번호는 “현재 시스템에 설치된 VeraCrypt 드라이버 및 VeraCrypt 프로그램의 버전 번호”와 서로 다릅니다.\n\n현재 운영체제에 있는 VeraCrypt를 업데이트하려면 (버전 번호가 VeraCrypt 부트 로더의 것과 동일한) VeraCrypt 설치기를 실행해야 합니다. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + VeraCrypt 부트 로더가 업그레이드되었습니다.\n\n(VeraCrypt 부트 로더의 새 버전을 포함할) 새로운 VeraCrypt 응급복구 디스크를 만들 것을 권장합니다(→ 컴퓨터를 다시 시작한 다음 “시스템” ▶ “응급복구 디스크 만들기” 선택). + VeraCrypt 부트 로더가 업그레이드되었습니다.\n\n미끼용 운영체제로 부팅한 다음 “시스템” ▶ “응급복구 디스크 만들기” 선택해서 (VeraCrypt 부트 로더의 새 버전을 포함할) 새로운 VeraCrypt 응급복구 디스크를 만들 것을 권장합니다. + VeraCrypt 부트 로더를 업그레이드하는 데 실패했습니다. + VeraCrypt가 시스템 드라이브의 실제 크기를 탐지하지 못해서 운영체제에 의해 보고된 크기(→ 이는 실제 크기보다 작을 수도 있음)가 사용됩니다. 또한 이 문제는 VeraCrypt의 버그가 아닙니다. + 주의: VeraCrypt가 이미 현재의 시스템 드라이브의 숨겨진 섹터를 탐지하려고 시도한 것으로 보입니다. 이전 탐지 과정에서 어떤 문제점이 발생한 경우, 숨겨진 섹터의 탐지를 건너뜀으로써 문제를 피할 수 있습니다. 이렇게 할 경우 VeraCrypt는 운영체제에 의해 보고된 크기를 사용합니다. 이 크기는 드라이브의 실제 크기보다 더 작을 수도 있습니다.\n\n이러한 문제점은 VeraCrypt에 의해 발생한 것이 아님을 참고하시기 바랍니다. + 숨겨진 섹트의 탐지를 건너뛰기 (운영체제에 의해 보고된 크기를 사용) + 숨겨진 섹터의 탐지를 다시 시도하기 + 오류: 디스크에서 한 개 또는 그 이상의 섹터 내용을 읽을 수 없습니다(* 물리적 결함일 수 있음).\n\n자체 암호화 과정은 섹터를 다시 읽을 수 있을 때만 계속될 수 있습니다. VeraCrypt는 이러한 섹터에 0을 작성해서 이 섹터들을 읽을 수 있도록 시도할 수 있습니다(* 그 결과 0으로 된 모든 블록은 암호화됨). 그러나 읽을 수 없는 섹터에 저장된 데이터는 모두 손실된다는 것을 참고해 주십시오. 이러한 경우, 적당한 제3의 도구를 이용해서 손상된 데이터의 복구를 시도해 볼 수 있습니다.\n\n참고: 섹터가 물리적으로 손상된 경우(→ 이는 단순한 데이터 손실 및 체크섬 오류와는 반대개념), 대부분 형식의 저장 장치는 데이터가 장치에 쓰여질 때 이를 내부적으로 재할당하게 됩니다(* 그 결과 손상된 섹터에 있던 기존 데이터는 암호화되지 않은 상태로 드라이브에 남게 됩니다).\n\n읽을 수 없는 섹터에 0을 VeraCrypt를 이용해서 작성하시겠습니까? + 오류: 디스크에서 한 개 또는 그 이상의 섹터 내용을 읽을 수 없습니다(* 물리적 결함일 수 있음).\n\n암호해제 작업을 계속 진행할 수 있으려면, 읽기-불능 섹터의 내용을 모두 버려야 합니다(→ 그 섹터의 내용은 유사무작위 데이터로 교체됩니다). 작업을 계속하기 전에, 적당한 제3의 도구를 이용해서 손상된 데이터의 복구를 시도해 볼 수 있습니다.\n\n읽기-불능 섹터의 데이터를 지금 버리시겠습니까? + 참고: VeraCrypt에서 %I64d 읽기-불능 섹터 (%s)의 내용을 암호화된 단순텍스트 블록(* 모두 0으로 되어 있음)으로 교체했습니다. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + “%s” 토큰을 위한 비밀번호/PIN 입력: + VeraCrypt를 통해 보안 토큰 또는 스마트 카드에 접근하려면 먼저 토큰 또는 스마트 카드용 PKCS #11 소프트웨어 라이브러리를 설치해야 합니다. 해당 라이브러리는 장치에 의해 제공되거나 판매업체 또는 다른 제3업체의 웹사이트를 통해 다운로드할 수 있습니다.\n\n라이브러리를 설치한 이후 ① “라이브러리 선택”을 클릭해서 수동으로 이를 선택하거나 ② “라이브러리 자동-탐지”를 클릭해서 자동으로 선택할 수 있습니다(* 윈도우 시스템 디렉토리만 검색됩니다). + 참고: 보안 토큰 또는 스마트 카드를 위해 설치된 PKCS #11 라이브러리의 파일 이름 및 경로를 알아보려면, 토큰, 카드 또는 제3자 소프트웨어와 함께 제공된 문서를 참고해 주십시오.\n\n“확인”을 클릭한 후 경로 및 파일 이름을 선택해 주십시오. + 보안 토큰 또는 스마트 카드에의 VeraCrypt 접근을 허용하려면, 토큰/카드를 위한 PKCS #11 소프트웨어 라이브러리를 미리 설치해야 합니다. 이 작업을 하려면 “설정” > “보안 토큰”을 선택해 주세요. + PKCS #11 보안 토큰 라이브러리를 초기화하는 데 실패했습니다.\n\nPKCS #11 라이브러리에 대한 경로 및 파일이름이 올바른지 확인해 주십시오. PKCS #11 라이브러리의 경로 및 파일이름을 지정하려면, “설정” > “보안 토큰”을 선택합니다. + 윈도우 시스템 디렉토리에서 어떠한 PKCS #11 라이브러리도 찾을 수 없습니다.\n\n보안 토큰(또는 스마트 카드)를 위한 PKCS #11 라이브러리가 설치되어 있는지 확인해 주십시오(* 이러한 라이브러리는 토큰/카드와 함께 제공되거나 판매업체 또는 제3업체의 웹사이트에서 다운로드할 수 있습니다). 윈도우 시스템 디렉토리가 아닌 디렉토리에 설치된 경우라면, “라이브러리 선택”을 클릭해서 라이브러리의 위치(예: 토큰/카드용 소프트웨어가 설치되어 있는 폴더)를 지정해 주십시오. + 보안 토큰을 찾을 수 없습니다.\n\n보안 토큰이 컴퓨터에 연결되어 있고 올바른 토큰용 장치 드라이버가 설치되어 있는지 확인해 주십시오. + 보안 토큰을 찾을 수 없습니다. + 동일한 이름을 가진 보안 토큰 키파일이 이미 존재합니다. + 선택한 파일(들)을 삭제하시겠습니까? + 보안 토큰 키파일의 경로가 올바르지 않습니다. + 보안 토큰 오류 + 보안 토큰의 비밀번호가 올바르지 않습니다. + 보안 토큰이 요청한 작업을 수행하기에 충분한 메모리/공간이 없습니다.\n\n키파일을 가져오는 작업이엿다면, 작은 키파일을 선택하거나 VeraCrypt에서 생성된 파일을 ('도구' > '키파일 생성기') 사용해주세요. + 열려 있는 모든 토큰 세션을 닫았습니다. + 보안 토큰 키파일 선택 + 슬롯 + 토큰 이름 + 토큰 레이블 + 중요: 부팅-전 인증 비밀번호를 입력할 때는 항상 “표준 US 키보드 레이아웃”을 사용해야 합니다. 그러므로 다른 키보드 레이아웃을 사용해서 입력된 비밀번호를 사용하는 볼륨은 “캐시로 보관된 부팅-전 인증 비밀번호”를 사용해서 삽입될 수 없습니다(* 이는 VeraCrypt의 버그가 아닙니다). 이러한 볼륨을 부팅-전 인증 비밀번호를 사용해서 삽입하려면, 다음 지침을 따릅니다:\n\n1) “파일 선택” 또는 “장치 선택”을 클릭한 후 볼륨을 선택합니다. 2) “볼륨” ▶ “볼륨 비밀번호 변경”을 선택합니다. 3) 볼륨을 위한 현재 비밀번호를 입력합니다. 4) 키보드 레이아웃을 English (US)로 변경합니다(* 윈도우 작업 표시줄의 언어 바 아이콘을 클릭한 후 “EN English (United States)” 선택) 5) Truerypt의 새 비밀번호 필드에 부팅-전 인증 비밀번호를 입력합니다. 6) 비밀번호 재입력 필드에 새 비밀번호를 다시 입력한 후 “확인”을 클릭합니다. 주의: 이러한 단계들을 따른 경우, 볼륨 비밀번호는 항상 US 키보드 레이아웃을 이용해서 입력되어야 합니다(* 부팅-전 환경에서는 자동으로 이 레이아웃이 사용됩니다). + 시스템 즐겨찾기 볼륨은 부팅-전 인증 비밀번호를 이용해서 삽입됩니다. 특정 시스템 즐겨찾기 볼륨이 다른 비밀번호를 사용하는 경우, 이 볼륨은 삽입되지 않습니다. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + 중요: 이 옵션을 선택하고 VeraCrypt가 관리자 권한을 갖지 못한 경우, 삽입된 시스템 즐겨찾기 볼륨이 VeraCrypt 프로그램 창에 표시되지 않고 또한 이를 꺼낼 수도 없습니다. 그러므로 예컨대 시스템 즐겨찾기 볼륨을 꺼내려면, (시작 메뉴에서) VeraCrypt 아이콘을 오른쪽-클릭한 후 “관리한 권한으로 실행”을 선택해야 합니다. 동일한 제한은 “모두 꺼냄” 기능, “자동-꺼냄” 기능, “모두 꺼냄” 단축키 등에 적용됩니다. + 이 설정은 운영 체제가 다시 시작된 후에만 효과가 있습니다. + 명령 줄을 분석하는 동안 오류가 발생했습니다. + 응급복구 디스크 + 파일 선택 후 삽입(&F)... + 장치 선택 후 삽입(&D)... + 시스템 관리자만 VeraCrypt의 즐겨찾기에 해당되는 볼륨을 확인하고 마운트 해제를 허용 + 윈도우가 시작될때 시스템 즐겨찾기에 해당되는 볼륨을 마운트 (초기 단계) + 주의: “%s”로 삽입된 볼륨에 있는 파일 시스템이 제대로 꺼내지지 않아 오류를 포함하고 있습니다. 손상된 파일 시스템을 사용하면 데이터 손실이나 데이터의 손상이 발생할 수 있습니다.\n\n참고: 삽입된 VeraCrypt 볼륨이 위치하는 장치(예: USB 플래시 드라이브 또는 외장 하드 드라이브)를 물리적으로 제거하거나 시스템에서 중지하기 전에, VeraCrypt에서 VeraCrypt 볼륨을 먼저 꺼내줘야 합니다.\n\n\n윈도우를 통해 파일 시스템의 오류를 탐지해서 이를 수리하시겠습니까? + 주의: 한 개 또는 수 개의 시스템 즐겨찾기 볼륨이 제대로 꺼내지지 않았기 때문에 파일시스템 오류를 포함하고 있을 수도 있습니다. 자세한 정보를 보려면 시스템 이벤트 로그를 참고해 주세요.\n\n손상된 파일시스템의 사용은 데이터 손실 또는 데이터 손상을 초래할 수 있습니다. 오류가 발생했을지도 모르는 시스템 즐겨찾기 볼륨을 체크해야 합니다(* VeraCrypt에서 각 볼륨을 오른쪽-클릭한 후 “파일시스템 수리”를 선택합니다). + 주의: Microsoft의 “chkdsk” 도구를 이용해서 손상된 파일 시스템을 수리하게 되면 손상된 영역에 있는 파일의 손실이 발생할 수 있습니다. 그러므로 VeraCrypt 볼륨에 저장되어 있는 파일들을 상태가 좋은 다른 VeraCrypt 볼륨에 백업할 것을 권장합니다.\n\n파일 시스템의 오류를 지금 수리하시겠습니까? + 쓰기 권한이 거부되었기 때문에 “%s” 볼륨이 읽기-전용으로 삽입되었습니다.\n\n파일 보관소의 보안 권한이 작성을 허용하는 것인지 확인해 주십시오(* 보관소를 오른쪽-클릭한 후 “속성” > “보안”을 선택합니다).\n\n윈도우의 문제로 인해, 보안 허가(security permission)을 적절하게 설정한 후에도 이러한 경고가 나타날 수 있습니다. 이 문제는 VeraCrypt의 버그가 아닙니다. 가능한 해결책은 사용자의 보관소(container)를 예컨대 “문서” 폴더로 이동시키는 것입니다.\n\n사용자의 볼륨을 읽기-전용으로 유지하려면, 보관소의 속성을 읽기-전용으로 설정합니다(* 보관소를 오른쪽-클릭한 후 “”속성 > 읽기-전용을 선택합니다). 이렇게 하면 경고를 알리는 창이 뜨지 않게 됩니다. + 쓰기 권한이 거부되었기 때문에 “%s” 볼륨은 읽기-전용으로 삽입되어야 합니다.\n\n볼륨이 기반으로 하고 있는 파티션/장치에 다른 프로그램(예: 안티바이러스 소프트웨어)이 접근하고 있는지를 확인해 주십시오. + 운영체제가 호스트 장치를 쓰기-금지로 보고했기 때문에 “%s” 볼륨이 읽기-전용으로 삽입되었습니다.\n\n일부 사용자 칩셉 드라이버는 쓰기-허용된 미디어를 쓰기-금지된 것으로 잘못 표시한다는 보고가 있음을 참고해 주십시오. 이 문제는 VeraCrypt에 의해 야기된 것이 아닙니다. 현재 시스템에 설치되어 있는 (* Microsoft가 아닌) 사용자 칩셉 드라이버를 업데이트하거나 제거해서 해결될 수 있습니다. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + VeraCrypt를 이용해서 파티션/드라이브의 쓰기-금지를 제거해 보시겠습니까? + 경고: 이 설정은 성능이 저하 될수 있습니다.\n\n이설정을 사용 하시겠습니까?? + 경고: VeraCrypt볼륨이 자동으로 마운트 해재가 되었습니다. + 삽입이 된 볼륨을 소유한 장치를 꺼내거나 끄기 전에 마운트상태를 확인해 주십시오.\n\n예상치 못한 마운트 해제는 일반적으로 문제가 발생할수 있습니다. + 이 볼륨은 TrueCrypt %x.%x 로 생성이 되어졌습니다. VeraCrypt는 TrueCrypt 6.x/7.x에서 생성된 볼륨만 지원이 됩니다. + 테스트 + 키파일 + Backspace + Tab + 제거 + Enter + Pause + Caps Lock + Spacebar + Page Up + Page Down + End + Home + Left Arrow + Up Arrow + Right Arrow + Down Arrow + 키 선택 + Print Key + Execute Key + Print Screen + Insert + Delete + Applications Key + Sleep + Num Lock + Scroll Lock + Browser Back + Browser Forward + Browser Refresh + Browser Stop + Browser Search + Browser Favorites + Browser Home + 음소거 + Volume Down + Volume Up + Next Track + Previous Track + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Application 1 + Application 2 + Attn + CrSel + ExSel + Play + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + 오류: 명령 프롬프트에 지정된 볼륨 사이즈는 선택된 exFAT 파일 시스템과 호환이 되지 않습니다. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.lv.xml b/Translations/Language.lv.xml index bc53b65a..1ec835ed 100644 --- a/Translations/Language.lv.xml +++ b/Translations/Language.lv.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Atcelt - Install &for all users - Bro&wse... - Add VeraCrypt icon to &desktop - Donate now... - Associate the .hc file &extension with VeraCrypt - &Open the destination location when finished - Add VeraCrypt to &Start menu - Create System &Restore point - &Uninstall - &Extract - &Install - VeraCrypt Setup Wizard - Uninstall VeraCrypt - Palīgs - Please select or type the location where you want to place the extracted files: - Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. - Click Uninstall to remove VeraCrypt from this system. - Pārtraukt - &Benchmark - &Tests - Create encrypted volume and format it - Encrypt partition in place - Display generated keys (their portions) - Rādīt tvertnes saturu - Download CD/DVD recording software - Create an encrypted file container - &GB - &TB - More information - Hi&dden VeraCrypt volume - More information about hidden volumes - Direct mode - Normal mode - &KB - U&se keyfiles - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - &Keyfiles... - Information on hash algorithms - More information - Information on PIM - &MB - More information - More information about system encryption - More information - Multi-boot - Encrypt a non-system partition/drive - &Never save history - Atvērt ārējo apgabalu - &Pause - Use P&IM - Use PIM - Ātrā formatēšana - &Display password - &Display password - &Display PIM - Single-boot - Standard VeraCrypt volume - Hi&dden - Normal - Encrypt the system partition or entire system drive - Encrypt the Windows system partition - Encrypt the whole drive - VeraCrypt Volume Creation Wizard - Klasters - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. - Atkārtoti: - Izpildīts - Drive letter: - Šifrēšanas algoritms - Datņu sistēma - Creates a virtual encrypted disk within a file. Recommended for inexperienced users. - Iespējas - Sajaukšanas algoritms - Galvenes atsl.: - Atlicis - Virsatslēga: - Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - Current pool content (partial) - Pass - Parole: - Volume PIM: - Volume PIM: - Progress: - Gadījumatlase: - Select this option if there is only one operating system installed on this computer (even if it has multiple users). - Ātrums - Status - The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. - Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Wipe mode: - Aizvērt - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - Nedarīt neko - &Auto-mount VeraCrypt volume (specified below) - Palaist VeraCrypt - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - Pārlūkot... - Pārlūkot... - Cache passwords and keyfil&es in memory - Iziet, kad vairs nav uzstādītu apgabalu - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - Iekļaut VeraCrypt apgabala izveidošanas vedni - Izveidot - Izveidot apgabalu - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Lietot atslēgdatnes - Lietot atslēgdatnes - Aizvērt šo logu - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Piešķirt - Noņemt - Atslēgdatnes... - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - &Auto-uzstādīt ierīces - Mount Opti&ons... - Uzstādīt apgabalu tikai lasīšanai - Atslēgdatnes... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Iespējots - Ierakstīt paroles dziņa kešatmiņā - Auto-demontēt apgabalu, ja dati tajā nav lasīti/rakstīti tajā ilgāk par - Lietotājs atsakās sistēmā - User session locked - Ieejot enerģijas taupīš. režīmā - Tiek aktivēts ekrānsaudz. - Veikt auto-demontēšanu arī gadījumā, ja apgabalā ir atvērtas datnes vai mapes - Uzstādīt visus ierīčveida VeraCrypt apgab. - Start VeraCrypt Background Task - Uzstādīt apgabalus tikai lasīšanai - Uzstādīt apgabalus kā removable media - Atvērt sekmīgi uzstādītu apgabalu Explorer logā - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Auto-demontējot, iznīcināt kešatmiņā ierakstītās paroles - Aizverot, iznīcināt kešatmiņā ier. paroles - Preserve modification timestamp of file containers - Atsaukt - Izvēlēties ierīci... - Izvēlēties datni... - Select &Library... - Display password - Display password - Atvērt uzstādīto apgabalu Explorer logā - Ierakstīt paroles dziņa kešatmiņā - TrueCrypt Mode - &Demontēt visus - &Apgabala īpašības... - Apgabala rīki... - Izdzēst kešatmiņu - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - sistēmas līmeņa karstie taustiņi - VeraCrypt - Change Password or Keyfiles - Ievadiet VeraCrypt apgabala paroli - VeraCrypt - Performance and Driver Options - VeraCrypt - Iespējas - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - VeraCrypt Traveler Disk Setup - VeraCrypt apgabala īpašības - Par... - Pievienot/noņemt atslēgdatnes apgabalam... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Rezervkopēt apgabala galveni... - Etalons... - Uzstādīt galvenes atslēgas izcelsmes algoritmu... - Mainīt apgabala paroli... - Set Header Key Derivation Algorithm... - Change Password... - Dzēst apgabala vēsturi - Close All Security Token Sessions - Kontakti... - Create Hidden Operating System... - Create Rescue Disk... - Izveidot jaunu apgabalu... - Permanently Decrypt... - Noklusētās atslēgdatnes... - Default Mount Parameters... - Donate now... - Encrypt System Partition/Drive... - Bieži uzdotie jautājumi - Lietotāja pamācība - Mājaslapa - Karstie taustiņi... - Atslēgdatnes ģenerators - Valoda... - Tiesību priekšraksti - Manage Security Token Keyfiles... - Auto-uzstādīt visus ierīčveida apgabalus - Uzstādīt izvēlētos apgabalus - Mount Without Pre-Boot &Authentication... - Uzstādīt apgabalu - Uzstādīt apgabalu ar iespējām - Janumi - Online Help - Beginner's Tutorial - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Permanently Decrypt System Partition/Drive - Iespējas... - Atsvaidzināt diskdziņu burtus - Izņemt visas atslēgdatnes no apagabala... - Atjaunot apgabala galveni... - Resume Interrupted Process - Izvēlēties ierīci... - Izvēlēties datni... - Resume Interrupted Process - System Encryption... - Properties... - Settings... - System Favorite Volumes... - Lejupielādētie - Testa vektori... - Security Tokens... - Traveler Disk Setup... - Demontēt visus uzstādītos apgabalus - Demontēt apgabalu - Verify Rescue Disk - Verify Rescue Disk ISO Image - Versijas vēsture - Volume Expander - Apgabala īpšības - Apgabala izveidošanas vednis - VeraCrypt mājaslapa - Iznīcināt paroles no kešatmiņas - Labi - Hardware Acceleration - Taustiņu kombinācija - Auto-palaišanas konfigurācija (autorun.inf) - Auto-demontēšana - Demontēt visus kad - Boot Loader Screen Options - Apstipriniet paroli: - Aktuālais - Display this custom message in the pre-boot authentication screen (24 characters maximum): - Noklusētās uzstādīšanas iespējas - Karsto taustiņu iespējas - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Datnes iestatījumi - Karstais taustiņš: - Processor (CPU) in this computer supports hardware acceleration for AES: - Windows pieteikšanās brīdī izpildāmās darbības - minūtēm - Uzstādīt apg. ar diskburtu: - Uzstādīšanas iestatījumi - Jauns - Parole: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - Paroles kešatmiņa - Security Options - VeraCrypt fona uzdevums - VeraCrypt volume to mount (relative to traveler disk root): - Upon insertion of traveler disk: - Create traveler disk files at (traveler disk root directory): - Apgabals - Windows - Add &Path... - &Auto-testēt visus - &Continue - &Atšifrēt - &Delete - Šifrēt - &Export... - Ģenerēt un saglabāt atslēgdatni... - &Generate Random Keyfile... - Download language pack - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - U&se keyfiles - Atslēgdatnes... - &Remove - Remove &All - What is hidden volume protection? - More information on keyfiles - Uzstādīt apgabalu kā removable medium - Mount partition &using system encryption without pre-boot authentication - Parallelization: - Etalons - &Print - Aizsargāt neredz. apg. pret bojājumu ārējā apgabala rakstīšanas rezultātā - Atsaukt - &Display password - Add &Token Files... - Use backup header embedded in &volume if available - XTS mode - Par VeraCrypt - VeraCrypt - Šifrēšanas algoritma etalons - VeraCrypt - testa vektors - Komandlīnijas palīgs - VeraCrypt - atslēgdatnes - VeraCrypt - atslēgdatnes ģenerators - VeraCrypt - Valoda - VeraCrypt - Uzstādīšanas iespējas - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Izvēlieties diska partīciju vai ierīci - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Aktuālā valodas pakotne - Ātrums ir atkarīgs no procesora un atmiņas (diska) ierīces parametriem.\n\nŠie testi tiek veikti operatīvajā (RAM) atmiņā. - Bufera izmērs: - Šifrs: - Neredz. apgabala parole:\n(nenor. tiek izm. kešatmiņa) - Neredzamā apgabala aizsardzība - Atslēgas izmērs: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. - WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile! - biti - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Tulkojis: - Vienkāršteksta izmērs: - biti - Aktuālais tvertnes saturs - PRF sajaukšana: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Secondary key (hexadecimal) - Security token: - Kārtošanas metode: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Block number: - Šifrteksts (hexadecimal) - Data unit number (64-bit hexadecimal, data unit size is 512 bytes) - Atslēga (hexadecimal) - Vienkāršs teksts (hexadecimal) - Keyfile name: - XTS mode - S&ystem - &Volumes - Favor&ites - T&ools - Settin&gs - &Help - Home&page - - &Par... - The read-only attribute on your old volume could not be changed. Please check the file access permissions. - Error: Access denied.\n\nThe partition you are trying to access is either 0 sectors long, or it is the boot device. - Administrator - In order to load the VeraCrypt driver, you need to be logged into an account with administrator privileges. - Please note that in order to encrypt, decrypt or format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes. - In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue? - Please note that in order to format the volume as NTFS you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT. - FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. - Apgabals jau ir uzstādīts. - CAUTION: At least one encryption or hash algorithm failed the built-in automatic self-tests!\n\nVeraCrypt installation may be corrupted. - CAUTION: There is not enough data in the Random Number Generator pool to provide the requested amount of random data.\n\nYou should not proceed any further. Please select 'Report a Bug' from the Help menu, and report this error. - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Invalid drive letter. - Invalid path. - Atcelt - Nav iespējams piekļūt ierīcei. Pārliecinieties, ka izvēlētā ierīce pastāv un ka to pašlaik neizmanto sistēma. - Uzmanību: Caps Lock ir ieslēgts. Tas var likt jums ievadīt paroli nepareizi. - Volume Type - It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. - Select this option if you want to create a normal VeraCrypt volume. - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - Ārējā apgabala šifrēšanas iespējas - Apslēptā apgabala šifrēšanas iespējas - Šifrēšanas iespējas - WARNING: Failed to clear the path of the last selected volume/keyfile (remembered by file selector)! - Error: The container has been compressed at the filesystem level. VeraCrypt does not support compressed containers (note that compression of encrypted data is ineffective and redundant).\n\nPlease disable compression for the container by following these steps:\n1) Right-click the container in Windows Explorer (not in VeraCrypt).\n2) Select 'Properties'.\n3) In the 'Properties' dialog box, click 'Advanced'.\n4) In the 'Advanced Attributes' dialog box, disable the option 'Compress contents to save disk space' and click 'OK'.\n5) In the 'Properties' dialog box, click 'OK'. - Failed to create volume %s - Size of %s is %.2f bytes - Size of %s is %.2f KB - Size of %s is %.2f MB - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - WARNING: The device/partition is in use by the operating system or applications. Formatting the device/partition might cause data corruption and system instability.\n\nContinue? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - Error: The device/partition contains a file system that could not be dismounted. The file system may be in use by the operating system. Formatting the device/partition would very likely cause data corruption and system instability.\n\nTo solve this issue, we recommend that you first delete the partition and then recreate it without formatting. To do so, follow these steps:\n1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear.\n2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'.\n3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'.\n4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5.\n5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'.\n6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'.\n7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again.\n8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - WARNING: Some of the mounted devices/partitions were already in use!\n\nIgnoring this can cause undesired results including system instability.\n\nWe strongly recommend that you close any application that might be using the devices/partitions. - The selected device contains partitions.\n\nFormatting the device might cause system instability and/or data corruption. Please either select a partition on the device, or remove all partitions on the device to enable VeraCrypt to format it safely. - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Diskā %s ir %.2f baiti brīvas vietas. - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - Could not get available drive letters. - Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Error: Cipher initialization failure. - Error: A weak or a potentially weak key has been detected. The key will be discarded. Please try again. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt Critical Error - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Encrypt - &Decrypt - &Permanently Decrypt - Aizvērt - Please create a logical drive for this extended partition, and then try again. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the VeraCrypt volume within which you wish to create a hidden volume. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - Error: Cannot mount volume. The host file/device is already in use. Attempt to mount without exclusive access failed as well. - The file could not be opened. - Apgabala izvietojums - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Note: - &Resume - &Defer - &Start - &Continue - &Format - &Wipe - Pārtraukt formatēšanu? - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - The system partition/drive has been successfully decrypted. - \n\nThe VeraCrypt volume has been created and is ready for use. If you wish to create another VeraCrypt volume, click Next. Otherwise, click Exit. - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - The VeraCrypt volume has been successfully created. - Apgabals izveidots - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. - Click Format to create the outer volume. For more information, please refer to the documentation. - Outer Volume Format - Apslēpta apgabala formāts - Apgabala formāts - Adobe Reader (or a compatible tool) is necessary to view or print the VeraCrypt User's Guide. Adobe Reader (freeware) can be downloaded at: www.adobe.com\n\nDo you want to view the online documentation instead? - If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. - If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. - Volume Creation Mode - Hidden Volume Created - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - Outer volume has been successfully created and mounted as drive %hc:. To this volume you should now copy some sensitive-looking files that you actually do NOT want to hide. The files will be there for anyone forcing you to disclose your password. You will reveal only the password for this outer volume, not for the hidden one. The files that you really care about will be stored in the hidden volume, which will be created later on. When you finish copying, click Next. Do not dismount the volume.\n\nNote: After you click Next, cluster bitmap of the outer volume will be scanned to determine the size of uninterrupted area of free space whose end is aligned with the end of the volume. This area will accommodate the hidden volume, so it will limit its maximum possible size. Cluster bitmap scanning ensures that no data on the outer volume are overwritten by the hidden volume. - Outer Volume Contents - \n\nIn the next steps, you will set the options for the outer volume (within which the hidden volume will be created later on). - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - Outer Volume - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nThe volume cluster bitmap has been scanned and the maximum possible size of the hidden volume has been determined. In the next steps you will set the options, the size, and the password for the hidden volume. - Hidden Volume - The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - Your computer must be restarted.\n\nDo you want to restart it now? - An error occurred when obtaining the system encryption status. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Cannot initialize application components for system encryption. - Failed to initialize the random number generator!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Unable to initialize the application. Failed to register the Dialog class. - Error: Failed to load the Rich Edit system library. - VeraCrypt apgabala izveidošanas vednis - Maximum possible hidden volume size for this volume is %.2f bytes. - Maximum possible hidden volume size for this volume is %.2f KB. - Maximum possible hidden volume size for this volume is %.2f MB. - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - Volume password/keyfiles cannot be changed while the volume is mounted. Please dismount the volume first. - The header key derivation algorithm cannot be changed while the volume is mounted. Please dismount the volume first. - Uzstādīt izvēlēto - A newer version of VeraCrypt is required to mount this volume. - Error: Volume Creation Wizard not found.\n\nPlease make sure that the file 'VeraCrypt Format.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCrypt Format.exe' on your disk and run it. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - Nākamais > - &Finish - &Install - E&xtract - Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. - Error occurred when loading/preparing fonts. - The drive letter was not found or no drive letter was specified. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Drive letter not available. - No file selected! - No drive letters available. - No free drive letter for the outer volume! Volume creation cannot continue. - Could not determine your operating system version or you are using an unsupported operating system. - No path selected! - Not enough free space for the hidden volume! Volume creation cannot continue. - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - The driver is unable to dismount the volume. Some files located on the volume are probably still open. - Unable to lock the volume. There are still open files on the volume. Therefore, it cannot be dismounted. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - Select a VeraCrypt Volume - Specify Path and File Name - Select PKCS #11 Library - Out of Memory - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? - CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - Parole - PIM - Set Header Key Derivation Algorithm - Add/Remove Keyfiles to/from Volume - Remove All Keyfiles from Volume - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Keyfile(s) successfully added/removed. - Keyfile exported. - Header key derivation algorithm successfully set. - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. - Please choose a password for the hidden volume. - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - Please enter the password for the volume within which you wish to create a hidden volume.\n\nAfter you click Next, VeraCrypt will attempt to mount the volume. As soon as the volume is mounted, its cluster bitmap will be scanned to determine the size of the uninterrupted area of free space (if there is any) whose end is aligned with the end of the volume. This area will accommodate the hidden volume and therefore will limit its maximum possible size. Cluster map scanning is necessary to ensure that no data on the outer volume will be overwritten by the hidden volume. - \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - Ārējā apgabala parole - Apslēptā apgabala parole - Password for Hidden Operating System - UZMANĪBU: Īsas paroles ir samērā viegli uzlauzt, izmantojot rupjus spēka paņēmienus!\n\nIeteicamais paroles garums ir 20 vai vairāk rakstu zīmes.\n\nVai esat pārliecināts, ka vēlaties izmantot īsu paroli? - Apgabala parole - Nepareiza parole vai šis nav VeraCrypt apgabals. - Incorrect keyfile(s) and/or password or not a VeraCrypt volume. - Wrong mount mode, incorrect password, or not a VeraCrypt volume. - Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. - Incorrect password or no VeraCrypt volume found. - Incorrect keyfile(s)/password or no VeraCrypt volume found. - \n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Back - Unable to list raw devices installed on your system! - The volume '%s' exists, and is read-only. Are you sure you want to replace it? - Select destination directory - Izvēlieties atslēgdatni - Izvēlieties atslēgdatnes izvietojumu. UZMANĪBU: Tiks iegaumēts tikai izvietojums, nevis datņu nosaukums! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Ārējā apgabala izmērs - Apslēptā apgabala izmērs - Please verify that the size of the selected device/partition shown above is correct and click Next. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Apgabala izmērs - Dynamic - CAUTION: SELF-TEST FAILED! - Self-tests of all algorithms passed - The data unit number that you supplied is too long or short. - The secondary key that you supplied is too long or short. - The test ciphertext you have supplied is too long or short. - The test key you have supplied is too long or short. - The test plaintext you have supplied is too long or short. - Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt Traveler Disk - Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. - More information on %s - Unknown - An unspecified or unknown error occurred (%d). - Some volumes contain files or folders being used by applications or system.\n\nForce dismount? - Demontēt - Demontēšana nesekmīga. - Apgabals satur datnes vai mapes, kas ko pašlaik izmantoto sistēma vai programmas.\n\nForce dismount? - No volume is mounted to the specified drive letter. - The volume you are trying to mount is already mounted. - An error occurred when attempting to mount volume. - Error seeking location within volume. - Kļūda: Nepareizs apgabala izmērs. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt nevar mainīt paroli svešas izcelsmes apgabalam. - Izvēlieties brīvu diskburtu no saraksta. - Izvēlieties uzstādīto apgabalu diskburtu sarakstā. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Kļūda: Nav iespējams izveidot datni autorun.inf - Kļūda atslēgdatnes apstrādē. - Kļūda atslēgdatnes izvietojuma apstrādē. - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt neuztur šo operētājsistēmu. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Kļūda: Nav iespējams iedalīt atmiņu. - Kļūda: Neizdevās iegūt veiktspējas skaitītāja vērtību. - Error: Bad volume format. - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - Legal Notices - Visas datnes - VeraCrypt apgabali - Library Modules - NTFS formatēšanu nav iespējams turpināt. - Nav iespējams uzstādīt apgabalu. - Nav iespējams demontēt apgabalu. - Windows failed to format the volume as NTFS.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). - Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? - Noklus. - partition - PARTITION - Ierīce - device - DEVICE - Apgabals - volume - VOLUME - Label - The selected cluster size is too small for this volume size. A greater cluster size will be used instead. - Error: Cannot get volume size!\n\nMake sure the selected volume is not being used by the system or an application. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. - Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. - Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). - Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. - Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. - Error: Cannot access the outer volume! Volume creation cannot continue. - Error: Cannot mount the outer volume! Volume creation cannot continue. - Error: Cannot get volume cluster bitmap! Volume creation cannot continue. - Alphabetical/Categorized - Mean Speed (Descending) - Algoritms - Šifrēšana - Atšifrēšana - Nozīme - Disks - Izmērs - Šifrēšanas algoritms - Encryption algorithm - Tips - Vērtība - Īpašība - Izvietojums - biti - Apslēpts - Ārējs - Parasts - System - Hidden (system) - Tikai lasīšanai - System drive - System drive (encrypting - %.2f%% done) - System drive (decrypting - %.2f%% done) - System drive (%.2f%% encrypted) - System partition - Hidden system partition - System partition (encrypting - %.2f%% done) - System partition (decrypting - %.2f%% done) - System partition (%.2f%% encrypted) - Jā (bojājums novērsts) - Neviens - Primary Key Size - Secondary Key Size (XTS Mode) - Tweak Key Size (LRW Mode) - biti - Bloka izmērs - PKCS-5 PRF - PKCS-5 Iterāciju skaits - Apgabals izveidots - Galvene pēdējoreiz modificēta - (pirms %I64d dienām) - Volume Format Version - Embedded Backup Header - VeraCrypt Boot Loader Version - Pirmais pieej. - Removable Disk - Cietnis - Nemainīts - Autodetection - Wizard Mode - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Setup Options - Here you can set various options to control the installation process. - Installing - Please wait while VeraCrypt is being installed. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Extraction Options - Here you can set various options to control the extraction process. - Please wait while files are being extracted. - Files successfully extracted - All files have been successfully extracted to the destination location. - If the specified folder does not exist, it will be automatically created. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Do you want to view release notes for the current (latest stable) version of VeraCrypt? - If you have never used VeraCrypt before, we recommend that you read the chapter Beginner's Tutorial in the VeraCrypt User Guide. Do you want to view the tutorial? - Please select an action to perform from the following: - Repair/Reinstall - Upgrade - Uninstall - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - Installation failed. - Uninstallation failed. - This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). - Cannot write file %s - Extracting - Cannot read data from the package. - Cannot verify the integrity of this distribution package. - Extraction failed. - The installation has been rolled back. - VeraCrypt has been successfully installed. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt has been successfully uninstalled.\n\nClick 'Finish' to remove the VeraCrypt installer and the folder %s. Note that the folder will not be removed if it contains any files that were not installed by the VeraCrypt installer or created by VeraCrypt. - Removing VeraCrypt registry entries - Adding registry entry - Removing application-specific data - Installing - Apturēšana - Noņemšana - Ikonas uzstādīšana - Sistēmas atjaunošanas punkta izveidošana - Sistēmas atjaunošanas punkta izveidošana nesekmīga. - Updating boot loader - Failed to install '%s'. %s\nDo you want to continue installing? - Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? - Uzstādīšana paveikta. - Mapi '%s' nav iespējams izveidot - The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. - All VeraCrypt volumes must be dismounted before installing or uninstalling VeraCrypt. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - The installation of the registry entries has failed - The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. - Starting VeraCrypt device driver - Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). - Installing VeraCrypt device driver - Stopping VeraCrypt device driver - Uninstalling VeraCrypt device driver - Registration of the User Account Control support library failed. - Unregistration of the User Account Control support library failed. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - Error: Cannot display license. - Outer(!) - dienas - stundas - minūtes - s - Atvērt - Demontēt - Parādīt VeraCrypt - Aizvērt VeraCrypt logu - Nolasīts kopš uzstādīšanas - Ierakstīts kopš uzstādīšanas - Encrypted Portion - 100% (fully encrypted) - 0% (not encrypted) - %.3f%% - 100% - Waiting - Preparing - Resizing - Encrypting - Decrypting - Finalizing - Paused - Finished - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Ievadiet paroli apgabalam %s - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - Atslēgdatne izveidota sekmīgi. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). - The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. - The VeraCrypt Rescue Disk has been successfully verified. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Error creating VeraCrypt Rescue Disk. - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Lai turpinātu, vispirms demontējiet apgabalu. - Error: Cannot set timer. - Pārbaudīt datņu sistēmu - Labot datņu sistēmu - Add to Favorites... - Add to System Favorites... - P&roperties... - Apslēptais apgabals aizsargāts - N/A - - - Disabled - 1 - 2 or more - Darbības režīms - Label: - Size: - Path: - Drive Letter: - Error: Password must contain only ASCII characters.\n\nNon-ASCII characters in password might cause the volume to be impossible to mount when your system configuration changes.\n\nThe following characters are allowed:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Warning: Password contains non-ASCII characters. This may cause the volume to be impossible to mount when your system configuration changes.\n\nYou should replace all non-ASCII characters in the password with ASCII characters. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nThe following are ASCII characters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Mājaslapa - WARNING: It appears that you have not applied any Service Pack to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows XP to which you did not apply Service Pack 1 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt. - WARNING: It appears that you have not applied Service Pack 3 or later to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows 2000 to which you did not apply Service Pack 3 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt.\n\nNote: You may also need to enable the 48-bit LBA support in the registry; for more information, see http://support.microsoft.com/kb/305098/EN-US - WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - WARNING: If you want to be able to add more data/files to the outer volume in future, you should consider choosing a smaller size for the hidden volume.\n\nAre you sure you want to continue with the size you specified? - Neviens apgabals nav izvēlēts. Nospiediet 'Izvēlēties datni...' vai 'Izvēlēties ierīci...', lai izvēlētos VeraCrypt apgabalu. - No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. - WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? - Auto-Mount Devices - Dismount All - Wipe Cache - Dismount All & Wipe Cache - Force Dismount All & Wipe Cache - Force Dismount All, Wipe Cache & Exit - Mount Favorite Volumes - Show/Hide Main VeraCrypt Window - (Click here and press a key) - Darbība - Taustiņu kombinācija - Kļūda: Šī taustiņu kombinācija ir aizņemta. Izvēlieties citu taustiņu. - Kļūda: Šī taustiņu kombinācija jau ir aizņemta. - WARNING: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - WARNING: If this option is disabled, volumes containing open files/directories will not be possible to auto-dismount.\n\nAre you sure you want to disable this option? - WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Exit? - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. - Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. - Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. - Error: Failed to interrupt the process of wiping. - Error: Failed to resume the process of encryption/decryption of the system partition/drive. - Error: Failed to start the process of wiping. - Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - WARNING: VeraCrypt Background Task is disabled. After you exit VeraCrypt, you will not be notified if damage to hidden volume is prevented.\n\nNote: You may shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nEnable VeraCrypt Background Task? - Valodas pakotnes versija: %s - Checking the file system on the VeraCrypt volume mounted as %s... - Attempting to repair the file system on the VeraCrypt volume mounted as %s... - Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. - Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E - Please assign a drive letter to the partition/device before proceeding ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nNote that this is a requirement of the operating system. - Mount VeraCrypt volume - Dismount all VeraCrypt volumes - VeraCrypt failed to obtain Administrator privileges. - Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. - The feature is not supported on the version of the operating system you are currently using. - VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. - CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). - Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - Your system partition/drive appears to be fully encrypted. - VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). - As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - This algorithm is currently not supported for system encryption. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. - Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. - As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. - VeraCrypt prevented change of keyboard layout. - Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - Error: Cannot save system encryption settings. - Cannot initiate the system encryption pretest. - Cannot initiate the process of creation of the hidden operating system. - Wipe Mode - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - None (fastest) - 1-pass (random data) - 3-pass (US DoD 5220.22-M) - 7-pass (US DoD 5220.22-M) - 35-pass ("Gutmann") - 256-pass - Number of Operating Systems - WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Boot Drive - Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. - VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. - Number of System Drives - How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. - VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. - Multiple Systems on Single Drive - Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. - Non-Windows Boot Loader - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - Multi-Boot - VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - Detecting Hidden Sectors - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - Area to Encrypt - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Collecting Random Data - Keys Generated - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Rescue Disk Recording - Rescue Disk Created - System Encryption Pretest - Rescue Disk Verified - \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? - Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Pretest Completed - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - Do you want to cancel the system encryption pretest? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - The system partition/drive does not appear to be encrypted (neither partially nor fully). - Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. - An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. - Error: The process of encryption of the partition/drive has not been completed. It must be completed first. - Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - Error: Incorrect/invalid parameter. - You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? - Do you want to create a VeraCrypt file container instead? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Are you sure you want to permanently decrypt the system partition/drive? - CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Failed to upgrade the VeraCrypt Boot Loader. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. - Skip detection of hidden sectors (use the size reported by the operating system) - Try to detect hidden sectors again - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Rescue Disk - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Test - Keyfile - Backspace - Tab - Clear - Enter - Pause - Caps Lock - Spacebar - Page Up - Page Down - End - Home - Left Arrow - Up Arrow - Right Arrow - Down Arrow - Select Key - Print Key - Execute Key - Print Screen - Insert - Delete - Applications Key - Sleep - Num Lock - Scroll Lock - Browser Back - Browser Forward - Browser Refresh - Browser Stop - Browser Search - Browser Favorites - Browser Home - Mute - Volume Down - Volume Up - Next Track - Previous Track - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Application 1 - Application 2 - Attn - CrSel - ExSel - Play - Zoom - NumPad - Shift - Ctrl - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Atcelt + Install &for all users + Bro&wse... + Add VeraCrypt icon to &desktop + Donate now... + Associate the .hc file &extension with VeraCrypt + &Open the destination location when finished + Add VeraCrypt to &Start menu + Create System &Restore point + &Uninstall + &Extract + &Install + VeraCrypt Setup Wizard + Uninstall VeraCrypt + Palīgs + Please select or type the location where you want to place the extracted files: + Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. + Click Uninstall to remove VeraCrypt from this system. + Pārtraukt + &Benchmark + &Tests + Create encrypted volume and format it + Encrypt partition in place + Display generated keys (their portions) + Rādīt tvertnes saturu + Download CD/DVD recording software + Create an encrypted file container + &GB + &TB + More information + Hi&dden VeraCrypt volume + More information about hidden volumes + Direct mode + Normal mode + &KB + U&se keyfiles + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + &Keyfiles... + Information on hash algorithms + More information + Information on PIM + &MB + More information + More information about system encryption + More information + Multi-boot + Encrypt a non-system partition/drive + &Never save history + Atvērt ārējo apgabalu + &Pause + Use P&IM + Use PIM + Ātrā formatēšana + &Display password + &Display password + &Display PIM + Single-boot + Standard VeraCrypt volume + Hi&dden + Normal + Encrypt the system partition or entire system drive + Encrypt the Windows system partition + Encrypt the whole drive + VeraCrypt Volume Creation Wizard + Klasters + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. + Atkārtoti: + Izpildīts + Drive letter: + Šifrēšanas algoritms + Datņu sistēma + Creates a virtual encrypted disk within a file. Recommended for inexperienced users. + Iespējas + Sajaukšanas algoritms + Galvenes atsl.: + Atlicis + Virsatslēga: + Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + Current pool content (partial) + Pass + Parole: + Volume PIM: + Volume PIM: + Progress: + Gadījumatlase: + Select this option if there is only one operating system installed on this computer (even if it has multiple users). + Ātrums + Status + The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. + Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Wipe mode: + Aizvērt + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + Nedarīt neko + &Auto-mount VeraCrypt volume (specified below) + Palaist VeraCrypt + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + Pārlūkot... + Pārlūkot... + Cache passwords and keyfil&es in memory + Iziet, kad vairs nav uzstādītu apgabalu + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + Iekļaut VeraCrypt apgabala izveidošanas vedni + Izveidot + Izveidot apgabalu + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Lietot atslēgdatnes + Lietot atslēgdatnes + Aizvērt šo logu + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Piešķirt + Noņemt + Atslēgdatnes... + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + &Auto-uzstādīt ierīces + Mount Opti&ons... + Uzstādīt apgabalu tikai lasīšanai + Atslēgdatnes... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Iespējots + Ierakstīt paroles dziņa kešatmiņā + Auto-demontēt apgabalu, ja dati tajā nav lasīti/rakstīti tajā ilgāk par + Lietotājs atsakās sistēmā + User session locked + Ieejot enerģijas taupīš. režīmā + Tiek aktivēts ekrānsaudz. + Veikt auto-demontēšanu arī gadījumā, ja apgabalā ir atvērtas datnes vai mapes + Uzstādīt visus ierīčveida VeraCrypt apgab. + Start VeraCrypt Background Task + Uzstādīt apgabalus tikai lasīšanai + Uzstādīt apgabalus kā removable media + Atvērt sekmīgi uzstādītu apgabalu Explorer logā + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Auto-demontējot, iznīcināt kešatmiņā ierakstītās paroles + Aizverot, iznīcināt kešatmiņā ier. paroles + Preserve modification timestamp of file containers + Atsaukt + Izvēlēties ierīci... + Izvēlēties datni... + Select &Library... + Display password + Display password + Atvērt uzstādīto apgabalu Explorer logā + Ierakstīt paroles dziņa kešatmiņā + TrueCrypt Mode + &Demontēt visus + &Apgabala īpašības... + Apgabala rīki... + Izdzēst kešatmiņu + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - sistēmas līmeņa karstie taustiņi + VeraCrypt + Change Password or Keyfiles + Ievadiet VeraCrypt apgabala paroli + VeraCrypt - Performance and Driver Options + VeraCrypt - Iespējas + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + VeraCrypt Traveler Disk Setup + VeraCrypt apgabala īpašības + Par... + Pievienot/noņemt atslēgdatnes apgabalam... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Rezervkopēt apgabala galveni... + Etalons... + Uzstādīt galvenes atslēgas izcelsmes algoritmu... + Mainīt apgabala paroli... + Set Header Key Derivation Algorithm... + Change Password... + Dzēst apgabala vēsturi + Close All Security Token Sessions + Kontakti... + Create Hidden Operating System... + Create Rescue Disk... + Izveidot jaunu apgabalu... + Permanently Decrypt... + Noklusētās atslēgdatnes... + Default Mount Parameters... + Donate now... + Encrypt System Partition/Drive... + Bieži uzdotie jautājumi + Lietotāja pamācība + Mājaslapa + Karstie taustiņi... + Atslēgdatnes ģenerators + Valoda... + Tiesību priekšraksti + Manage Security Token Keyfiles... + Auto-uzstādīt visus ierīčveida apgabalus + Uzstādīt izvēlētos apgabalus + Mount Without Pre-Boot &Authentication... + Uzstādīt apgabalu + Uzstādīt apgabalu ar iespējām + Janumi + Online Help + Beginner's Tutorial + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Permanently Decrypt System Partition/Drive + Iespējas... + Atsvaidzināt diskdziņu burtus + Izņemt visas atslēgdatnes no apagabala... + Atjaunot apgabala galveni... + Resume Interrupted Process + Izvēlēties ierīci... + Izvēlēties datni... + Resume Interrupted Process + System Encryption... + Properties... + Settings... + System Favorite Volumes... + Lejupielādētie + Testa vektori... + Security Tokens... + Traveler Disk Setup... + Demontēt visus uzstādītos apgabalus + Demontēt apgabalu + Verify Rescue Disk + Verify Rescue Disk ISO Image + Versijas vēsture + Volume Expander + Apgabala īpšības + Apgabala izveidošanas vednis + VeraCrypt mājaslapa + Iznīcināt paroles no kešatmiņas + Labi + Hardware Acceleration + Taustiņu kombinācija + Auto-palaišanas konfigurācija (autorun.inf) + Auto-demontēšana + Demontēt visus kad + Boot Loader Screen Options + Apstipriniet paroli: + Aktuālais + Display this custom message in the pre-boot authentication screen (24 characters maximum): + Noklusētās uzstādīšanas iespējas + Karsto taustiņu iespējas + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Datnes iestatījumi + Karstais taustiņš: + Processor (CPU) in this computer supports hardware acceleration for AES: + Windows pieteikšanās brīdī izpildāmās darbības + minūtēm + Uzstādīt apg. ar diskburtu: + Uzstādīšanas iestatījumi + Jauns + Parole: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + Paroles kešatmiņa + Security Options + VeraCrypt fona uzdevums + VeraCrypt volume to mount (relative to traveler disk root): + Upon insertion of traveler disk: + Create traveler disk files at (traveler disk root directory): + Apgabals + Windows + Add &Path... + &Auto-testēt visus + &Continue + &Atšifrēt + &Delete + Šifrēt + &Export... + Ģenerēt un saglabāt atslēgdatni... + &Generate Random Keyfile... + Download language pack + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + U&se keyfiles + Atslēgdatnes... + &Remove + Remove &All + What is hidden volume protection? + More information on keyfiles + Uzstādīt apgabalu kā removable medium + Mount partition &using system encryption without pre-boot authentication + Parallelization: + Etalons + &Print + Aizsargāt neredz. apg. pret bojājumu ārējā apgabala rakstīšanas rezultātā + Atsaukt + &Display password + Add &Token Files... + Use backup header embedded in &volume if available + XTS mode + Par VeraCrypt + VeraCrypt - Šifrēšanas algoritma etalons + VeraCrypt - testa vektors + Komandlīnijas palīgs + VeraCrypt - atslēgdatnes + VeraCrypt - atslēgdatnes ģenerators + VeraCrypt - Valoda + VeraCrypt - Uzstādīšanas iespējas + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Izvēlieties diska partīciju vai ierīci + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Aktuālā valodas pakotne + Ātrums ir atkarīgs no procesora un atmiņas (diska) ierīces parametriem.\n\nŠie testi tiek veikti operatīvajā (RAM) atmiņā. + Bufera izmērs: + Šifrs: + Neredz. apgabala parole:\n(nenor. tiek izm. kešatmiņa) + Neredzamā apgabala aizsardzība + Atslēgas izmērs: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. + WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile! + biti + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Tulkojis: + Vienkāršteksta izmērs: + biti + Aktuālais tvertnes saturs + PRF sajaukšana: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Secondary key (hexadecimal) + Security token: + Kārtošanas metode: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Block number: + Šifrteksts (hexadecimal) + Data unit number (64-bit hexadecimal, data unit size is 512 bytes) + Atslēga (hexadecimal) + Vienkāršs teksts (hexadecimal) + Keyfile name: + XTS mode + S&ystem + &Volumes + Favor&ites + T&ools + Settin&gs + &Help + Home&page + + &Par... + The read-only attribute on your old volume could not be changed. Please check the file access permissions. + Error: Access denied.\n\nThe partition you are trying to access is either 0 sectors long, or it is the boot device. + Administrator + In order to load the VeraCrypt driver, you need to be logged into an account with administrator privileges. + Please note that in order to encrypt, decrypt or format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes. + In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue? + Please note that in order to format the volume as NTFS you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT. + FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. + Apgabals jau ir uzstādīts. + CAUTION: At least one encryption or hash algorithm failed the built-in automatic self-tests!\n\nVeraCrypt installation may be corrupted. + CAUTION: There is not enough data in the Random Number Generator pool to provide the requested amount of random data.\n\nYou should not proceed any further. Please select 'Report a Bug' from the Help menu, and report this error. + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Invalid drive letter. + Invalid path. + Atcelt + Nav iespējams piekļūt ierīcei. Pārliecinieties, ka izvēlētā ierīce pastāv un ka to pašlaik neizmanto sistēma. + Uzmanību: Caps Lock ir ieslēgts. Tas var likt jums ievadīt paroli nepareizi. + Volume Type + It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. + Select this option if you want to create a normal VeraCrypt volume. + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + Ārējā apgabala šifrēšanas iespējas + Apslēptā apgabala šifrēšanas iespējas + Šifrēšanas iespējas + WARNING: Failed to clear the path of the last selected volume/keyfile (remembered by file selector)! + Error: The container has been compressed at the filesystem level. VeraCrypt does not support compressed containers (note that compression of encrypted data is ineffective and redundant).\n\nPlease disable compression for the container by following these steps:\n1) Right-click the container in Windows Explorer (not in VeraCrypt).\n2) Select 'Properties'.\n3) In the 'Properties' dialog box, click 'Advanced'.\n4) In the 'Advanced Attributes' dialog box, disable the option 'Compress contents to save disk space' and click 'OK'.\n5) In the 'Properties' dialog box, click 'OK'. + Failed to create volume %s + Size of %s is %.2f bytes + Size of %s is %.2f KB + Size of %s is %.2f MB + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + WARNING: The device/partition is in use by the operating system or applications. Formatting the device/partition might cause data corruption and system instability.\n\nContinue? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + Error: The device/partition contains a file system that could not be dismounted. The file system may be in use by the operating system. Formatting the device/partition would very likely cause data corruption and system instability.\n\nTo solve this issue, we recommend that you first delete the partition and then recreate it without formatting. To do so, follow these steps:\n1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear.\n2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'.\n3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'.\n4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5.\n5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'.\n6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'.\n7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again.\n8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + WARNING: Some of the mounted devices/partitions were already in use!\n\nIgnoring this can cause undesired results including system instability.\n\nWe strongly recommend that you close any application that might be using the devices/partitions. + The selected device contains partitions.\n\nFormatting the device might cause system instability and/or data corruption. Please either select a partition on the device, or remove all partitions on the device to enable VeraCrypt to format it safely. + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Diskā %s ir %.2f baiti brīvas vietas. + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + Could not get available drive letters. + Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Error: Cipher initialization failure. + Error: A weak or a potentially weak key has been detected. The key will be discarded. Please try again. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt Critical Error + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Encrypt + &Decrypt + &Permanently Decrypt + Aizvērt + Please create a logical drive for this extended partition, and then try again. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the VeraCrypt volume within which you wish to create a hidden volume. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + Error: Cannot mount volume. The host file/device is already in use. Attempt to mount without exclusive access failed as well. + The file could not be opened. + Apgabala izvietojums + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Note: + &Resume + &Defer + &Start + &Continue + &Format + &Wipe + Pārtraukt formatēšanu? + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + The system partition/drive has been successfully decrypted. + \n\nThe VeraCrypt volume has been created and is ready for use. If you wish to create another VeraCrypt volume, click Next. Otherwise, click Exit. + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + The VeraCrypt volume has been successfully created. + Apgabals izveidots + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. + Click Format to create the outer volume. For more information, please refer to the documentation. + Outer Volume Format + Apslēpta apgabala formāts + Apgabala formāts + Adobe Reader (or a compatible tool) is necessary to view or print the VeraCrypt User's Guide. Adobe Reader (freeware) can be downloaded at: www.adobe.com\n\nDo you want to view the online documentation instead? + If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. + If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. + Volume Creation Mode + Hidden Volume Created + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + Outer volume has been successfully created and mounted as drive %hc:. To this volume you should now copy some sensitive-looking files that you actually do NOT want to hide. The files will be there for anyone forcing you to disclose your password. You will reveal only the password for this outer volume, not for the hidden one. The files that you really care about will be stored in the hidden volume, which will be created later on. When you finish copying, click Next. Do not dismount the volume.\n\nNote: After you click Next, cluster bitmap of the outer volume will be scanned to determine the size of uninterrupted area of free space whose end is aligned with the end of the volume. This area will accommodate the hidden volume, so it will limit its maximum possible size. Cluster bitmap scanning ensures that no data on the outer volume are overwritten by the hidden volume. + Outer Volume Contents + \n\nIn the next steps, you will set the options for the outer volume (within which the hidden volume will be created later on). + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + Outer Volume + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nThe volume cluster bitmap has been scanned and the maximum possible size of the hidden volume has been determined. In the next steps you will set the options, the size, and the password for the hidden volume. + Hidden Volume + The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + Your computer must be restarted.\n\nDo you want to restart it now? + An error occurred when obtaining the system encryption status. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Cannot initialize application components for system encryption. + Failed to initialize the random number generator!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Unable to initialize the application. Failed to register the Dialog class. + Error: Failed to load the Rich Edit system library. + VeraCrypt apgabala izveidošanas vednis + Maximum possible hidden volume size for this volume is %.2f bytes. + Maximum possible hidden volume size for this volume is %.2f KB. + Maximum possible hidden volume size for this volume is %.2f MB. + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + Volume password/keyfiles cannot be changed while the volume is mounted. Please dismount the volume first. + The header key derivation algorithm cannot be changed while the volume is mounted. Please dismount the volume first. + Uzstādīt izvēlēto + A newer version of VeraCrypt is required to mount this volume. + Error: Volume Creation Wizard not found.\n\nPlease make sure that the file 'VeraCrypt Format.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCrypt Format.exe' on your disk and run it. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + Nākamais > + &Finish + &Install + E&xtract + Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. + Error occurred when loading/preparing fonts. + The drive letter was not found or no drive letter was specified. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Drive letter not available. + No file selected! + No drive letters available. + No free drive letter for the outer volume! Volume creation cannot continue. + Could not determine your operating system version or you are using an unsupported operating system. + No path selected! + Not enough free space for the hidden volume! Volume creation cannot continue. + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + The driver is unable to dismount the volume. Some files located on the volume are probably still open. + Unable to lock the volume. There are still open files on the volume. Therefore, it cannot be dismounted. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + Select a VeraCrypt Volume + Specify Path and File Name + Select PKCS #11 Library + Out of Memory + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? + CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + Parole + PIM + Set Header Key Derivation Algorithm + Add/Remove Keyfiles to/from Volume + Remove All Keyfiles from Volume + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Keyfile(s) successfully added/removed. + Keyfile exported. + Header key derivation algorithm successfully set. + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. + Please choose a password for the hidden volume. + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + Please enter the password for the volume within which you wish to create a hidden volume.\n\nAfter you click Next, VeraCrypt will attempt to mount the volume. As soon as the volume is mounted, its cluster bitmap will be scanned to determine the size of the uninterrupted area of free space (if there is any) whose end is aligned with the end of the volume. This area will accommodate the hidden volume and therefore will limit its maximum possible size. Cluster map scanning is necessary to ensure that no data on the outer volume will be overwritten by the hidden volume. + \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + Ārējā apgabala parole + Apslēptā apgabala parole + Password for Hidden Operating System + UZMANĪBU: Īsas paroles ir samērā viegli uzlauzt, izmantojot rupjus spēka paņēmienus!\n\nIeteicamais paroles garums ir 20 vai vairāk rakstu zīmes.\n\nVai esat pārliecināts, ka vēlaties izmantot īsu paroli? + Apgabala parole + Nepareiza parole vai šis nav VeraCrypt apgabals. + Incorrect keyfile(s) and/or password or not a VeraCrypt volume. + Wrong mount mode, incorrect password, or not a VeraCrypt volume. + Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. + Incorrect password or no VeraCrypt volume found. + Incorrect keyfile(s)/password or no VeraCrypt volume found. + \n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Back + Unable to list raw devices installed on your system! + The volume '%s' exists, and is read-only. Are you sure you want to replace it? + Select destination directory + Izvēlieties atslēgdatni + Izvēlieties atslēgdatnes izvietojumu. UZMANĪBU: Tiks iegaumēts tikai izvietojums, nevis datņu nosaukums! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Ārējā apgabala izmērs + Apslēptā apgabala izmērs + Please verify that the size of the selected device/partition shown above is correct and click Next. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Apgabala izmērs + Dynamic + CAUTION: SELF-TEST FAILED! + Self-tests of all algorithms passed + The data unit number that you supplied is too long or short. + The secondary key that you supplied is too long or short. + The test ciphertext you have supplied is too long or short. + The test key you have supplied is too long or short. + The test plaintext you have supplied is too long or short. + Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt Traveler Disk + Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. + More information on %s + Unknown + An unspecified or unknown error occurred (%d). + Some volumes contain files or folders being used by applications or system.\n\nForce dismount? + Demontēt + Demontēšana nesekmīga. + Apgabals satur datnes vai mapes, kas ko pašlaik izmantoto sistēma vai programmas.\n\nForce dismount? + No volume is mounted to the specified drive letter. + The volume you are trying to mount is already mounted. + An error occurred when attempting to mount volume. + Error seeking location within volume. + Kļūda: Nepareizs apgabala izmērs. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt nevar mainīt paroli svešas izcelsmes apgabalam. + Izvēlieties brīvu diskburtu no saraksta. + Izvēlieties uzstādīto apgabalu diskburtu sarakstā. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Kļūda: Nav iespējams izveidot datni autorun.inf + Kļūda atslēgdatnes apstrādē. + Kļūda atslēgdatnes izvietojuma apstrādē. + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt neuztur šo operētājsistēmu. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Kļūda: Nav iespējams iedalīt atmiņu. + Kļūda: Neizdevās iegūt veiktspējas skaitītāja vērtību. + Error: Bad volume format. + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - Legal Notices + Visas datnes + VeraCrypt apgabali + Library Modules + NTFS formatēšanu nav iespējams turpināt. + Nav iespējams uzstādīt apgabalu. + Nav iespējams demontēt apgabalu. + Windows failed to format the volume as NTFS.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). + Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? + Noklus. + partition + PARTITION + Ierīce + device + DEVICE + Apgabals + volume + VOLUME + Label + The selected cluster size is too small for this volume size. A greater cluster size will be used instead. + Error: Cannot get volume size!\n\nMake sure the selected volume is not being used by the system or an application. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. + Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. + Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). + Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. + Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. + Error: Cannot access the outer volume! Volume creation cannot continue. + Error: Cannot mount the outer volume! Volume creation cannot continue. + Error: Cannot get volume cluster bitmap! Volume creation cannot continue. + Alphabetical/Categorized + Mean Speed (Descending) + Algoritms + Šifrēšana + Atšifrēšana + Nozīme + Disks + Izmērs + Šifrēšanas algoritms + Encryption algorithm + Tips + Vērtība + Īpašība + Izvietojums + biti + Apslēpts + Ārējs + Parasts + System + Hidden (system) + Tikai lasīšanai + System drive + System drive (encrypting - %.2f%% done) + System drive (decrypting - %.2f%% done) + System drive (%.2f%% encrypted) + System partition + Hidden system partition + System partition (encrypting - %.2f%% done) + System partition (decrypting - %.2f%% done) + System partition (%.2f%% encrypted) + Jā (bojājums novērsts) + Neviens + Primary Key Size + Secondary Key Size (XTS Mode) + Tweak Key Size (LRW Mode) + biti + Bloka izmērs + PKCS-5 PRF + PKCS-5 Iterāciju skaits + Apgabals izveidots + Galvene pēdējoreiz modificēta + (pirms %I64d dienām) + Volume Format Version + Embedded Backup Header + VeraCrypt Boot Loader Version + Pirmais pieej. + Removable Disk + Cietnis + Nemainīts + Autodetection + Wizard Mode + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Setup Options + Here you can set various options to control the installation process. + Installing + Please wait while VeraCrypt is being installed. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Extraction Options + Here you can set various options to control the extraction process. + Please wait while files are being extracted. + Files successfully extracted + All files have been successfully extracted to the destination location. + If the specified folder does not exist, it will be automatically created. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Do you want to view release notes for the current (latest stable) version of VeraCrypt? + If you have never used VeraCrypt before, we recommend that you read the chapter Beginner's Tutorial in the VeraCrypt User Guide. Do you want to view the tutorial? + Please select an action to perform from the following: + Repair/Reinstall + Upgrade + Uninstall + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + Installation failed. + Uninstallation failed. + This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). + Cannot write file %s + Extracting + Cannot read data from the package. + Cannot verify the integrity of this distribution package. + Extraction failed. + The installation has been rolled back. + VeraCrypt has been successfully installed. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt has been successfully uninstalled.\n\nClick 'Finish' to remove the VeraCrypt installer and the folder %s. Note that the folder will not be removed if it contains any files that were not installed by the VeraCrypt installer or created by VeraCrypt. + Removing VeraCrypt registry entries + Adding registry entry + Removing application-specific data + Installing + Apturēšana + Noņemšana + Ikonas uzstādīšana + Sistēmas atjaunošanas punkta izveidošana + Sistēmas atjaunošanas punkta izveidošana nesekmīga. + Updating boot loader + Failed to install '%s'. %s\nDo you want to continue installing? + Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? + Uzstādīšana paveikta. + Mapi '%s' nav iespējams izveidot + The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. + All VeraCrypt volumes must be dismounted before installing or uninstalling VeraCrypt. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + The installation of the registry entries has failed + The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. + Starting VeraCrypt device driver + Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). + Installing VeraCrypt device driver + Stopping VeraCrypt device driver + Uninstalling VeraCrypt device driver + Registration of the User Account Control support library failed. + Unregistration of the User Account Control support library failed. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + Error: Cannot display license. + Outer(!) + dienas + stundas + minūtes + s + Atvērt + Demontēt + Parādīt VeraCrypt + Aizvērt VeraCrypt logu + Nolasīts kopš uzstādīšanas + Ierakstīts kopš uzstādīšanas + Encrypted Portion + 100% (fully encrypted) + 0% (not encrypted) + %.3f%% + 100% + Waiting + Preparing + Resizing + Encrypting + Decrypting + Finalizing + Paused + Finished + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Ievadiet paroli apgabalam %s + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + Atslēgdatne izveidota sekmīgi. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). + The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. + The VeraCrypt Rescue Disk has been successfully verified. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Error creating VeraCrypt Rescue Disk. + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Lai turpinātu, vispirms demontējiet apgabalu. + Error: Cannot set timer. + Pārbaudīt datņu sistēmu + Labot datņu sistēmu + Add to Favorites... + Add to System Favorites... + P&roperties... + Apslēptais apgabals aizsargāts + N/A + + + Disabled + 1 + 2 or more + Darbības režīms + Label: + Size: + Path: + Drive Letter: + Error: Password must contain only ASCII characters.\n\nNon-ASCII characters in password might cause the volume to be impossible to mount when your system configuration changes.\n\nThe following characters are allowed:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Warning: Password contains non-ASCII characters. This may cause the volume to be impossible to mount when your system configuration changes.\n\nYou should replace all non-ASCII characters in the password with ASCII characters. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nThe following are ASCII characters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Mājaslapa + WARNING: It appears that you have not applied any Service Pack to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows XP to which you did not apply Service Pack 1 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt. + WARNING: It appears that you have not applied Service Pack 3 or later to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows 2000 to which you did not apply Service Pack 3 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt.\n\nNote: You may also need to enable the 48-bit LBA support in the registry; for more information, see http://support.microsoft.com/kb/305098/EN-US + WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + WARNING: If you want to be able to add more data/files to the outer volume in future, you should consider choosing a smaller size for the hidden volume.\n\nAre you sure you want to continue with the size you specified? + Neviens apgabals nav izvēlēts. Nospiediet 'Izvēlēties datni...' vai 'Izvēlēties ierīci...', lai izvēlētos VeraCrypt apgabalu. + No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. + WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? + Auto-Mount Devices + Dismount All + Wipe Cache + Dismount All & Wipe Cache + Force Dismount All & Wipe Cache + Force Dismount All, Wipe Cache & Exit + Mount Favorite Volumes + Show/Hide Main VeraCrypt Window + (Click here and press a key) + Darbība + Taustiņu kombinācija + Kļūda: Šī taustiņu kombinācija ir aizņemta. Izvēlieties citu taustiņu. + Kļūda: Šī taustiņu kombinācija jau ir aizņemta. + WARNING: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + WARNING: If this option is disabled, volumes containing open files/directories will not be possible to auto-dismount.\n\nAre you sure you want to disable this option? + WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Exit? + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. + Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. + Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. + Error: Failed to interrupt the process of wiping. + Error: Failed to resume the process of encryption/decryption of the system partition/drive. + Error: Failed to start the process of wiping. + Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + WARNING: VeraCrypt Background Task is disabled. After you exit VeraCrypt, you will not be notified if damage to hidden volume is prevented.\n\nNote: You may shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nEnable VeraCrypt Background Task? + Valodas pakotnes versija: %s + Checking the file system on the VeraCrypt volume mounted as %s... + Attempting to repair the file system on the VeraCrypt volume mounted as %s... + Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. + Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E + Please assign a drive letter to the partition/device before proceeding ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nNote that this is a requirement of the operating system. + Mount VeraCrypt volume + Dismount all VeraCrypt volumes + VeraCrypt failed to obtain Administrator privileges. + Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. + The feature is not supported on the version of the operating system you are currently using. + VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. + CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). + Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + Your system partition/drive appears to be fully encrypted. + VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). + As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + This algorithm is currently not supported for system encryption. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. + Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. + As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. + VeraCrypt prevented change of keyboard layout. + Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + Error: Cannot save system encryption settings. + Cannot initiate the system encryption pretest. + Cannot initiate the process of creation of the hidden operating system. + Wipe Mode + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + None (fastest) + 1-pass (random data) + 3-pass (US DoD 5220.22-M) + 7-pass (US DoD 5220.22-M) + 35-pass ("Gutmann") + 256-pass + Number of Operating Systems + WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Boot Drive + Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. + VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. + Number of System Drives + How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. + VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. + Multiple Systems on Single Drive + Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. + Non-Windows Boot Loader + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + Multi-Boot + VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + Detecting Hidden Sectors + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + Area to Encrypt + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Collecting Random Data + Keys Generated + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Rescue Disk Recording + Rescue Disk Created + System Encryption Pretest + Rescue Disk Verified + \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? + Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Pretest Completed + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + Do you want to cancel the system encryption pretest? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + The system partition/drive does not appear to be encrypted (neither partially nor fully). + Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. + An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. + Error: The process of encryption of the partition/drive has not been completed. It must be completed first. + Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + Error: Incorrect/invalid parameter. + You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? + Do you want to create a VeraCrypt file container instead? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Are you sure you want to permanently decrypt the system partition/drive? + CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Failed to upgrade the VeraCrypt Boot Loader. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. + Skip detection of hidden sectors (use the size reported by the operating system) + Try to detect hidden sectors again + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Rescue Disk + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Test + Keyfile + Backspace + Tab + Clear + Enter + Pause + Caps Lock + Spacebar + Page Up + Page Down + End + Home + Left Arrow + Up Arrow + Right Arrow + Down Arrow + Select Key + Print Key + Execute Key + Print Screen + Insert + Delete + Applications Key + Sleep + Num Lock + Scroll Lock + Browser Back + Browser Forward + Browser Refresh + Browser Stop + Browser Search + Browser Favorites + Browser Home + Mute + Volume Down + Volume Up + Next Track + Previous Track + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Application 1 + Application 2 + Attn + CrSel + ExSel + Play + Zoom + NumPad + Shift + Ctrl + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.my.xml b/Translations/Language.my.xml index f622273b..08ff710f 100644 --- a/Translations/Language.my.xml +++ b/Translations/Language.my.xml @@ -1,1458 +1,1458 @@ - - - - - - - - - - - - ဖျက်သိမ်းရန်​ - သုံးစွဲသူ အားလုံးအတွက် စက်ထဲ ထည့်သွင်းရန် - ဖွင့်ကြည့်ရန်... - VeraCrypt အိုင်ကွန်ပုံကို &Desktop ထဲ ထည့်သွင်းရန် - ယခု လှူဒါန်းရန်... - .hc ဖိုင် &extension ကို VeraCrypt ဖြင့် တွဲဖက်ရန် - ပြီးစီးသည့်အခါ ထားရှိမည့် နေရာကို ဖွင့်ရန် - VeraCrypt ကို &Start မီနူးထဲ ထည့်သွင်းရန် - စက်လည်ပတ်မှုစနစ် ပြန်ရယူနိုင်သည့် အချိန်တစ်ခုခု သတ်မှတ်ရန် - ဖယ်ထုတ်ရန် - ဖြည်ချရန် - စက်ထဲ ထည့်သွင်းရန် - VeraCrypt တည်ဆောက်မှု အညွှန်း - VeraCrypt ကို ဖယ်ထုတ်ရန် - အကူအညီ - ဖြည်ချခဲ့သည့် ဖိုင်များကို ထားရှိလိုသော ​တည်နေရာကို ရွေးချယ်ပါ (သို့) ရေးထည့်ပါ - - VeraCrypt ပရိုဂရမ် ဖိုင်များကို ထည့်သွင်းလိုသည့် တည်နေရာကို ရွေးချယ်ပါ (သို့) ရေးထည့်ပါ။ သတ်မှတ်ထားသော ဖိုင်တွဲ မရှိပါက၊ အလိုလျှောက် ဖန်တီးပေးလိမ့်မည်။ - VeraCrypt ကို ဤစက်ထဲမှ ဖယ်ရှားရန် ဖယ်ထုတ်ရန်ကို နှိပ်ပါ။ - ရပ်ဆိုင်းရန် - &Benchmark - စမ်းသပ်ရန် - စာဝှက်ထားသော volume ကို ဖန်တီးပြီး ​၄င်းကို ဖော်မက်ချရန် - အခန်းကန့်ကို နေရာတကျ စာဝှက်ရန် - ထုတ်လုပ်ခဲ့သော ကီးများ (၎င်းတို့၏ အပိုင်းများ) ကို ပြပါ - စုပေါင်း အကြောင်းအရာကို ပြရန် - စီဒီ/ဒီဗွီဒီ မှတ်တမ်းတင် ဆော့ဗ်ဝဲကို ဒေါင်းလုဒ် ဆွဲရန် - စာဝှက်ထားသော ဖိုင် သိမ်းဆည်းခန်း တစ်ခု ဖန်တီးရန် - &GB - &TB - နောက်ထပ် အချက်အလက် - လျှို့ဝှက် VeraCrypt volume - လျှို့ဝှက် volumes များအကြောင်း နောက်ထပ် အ​ချက်အလက်များ - တိုက်ရိုက် နည်းစနစ် - ပုံမှန် နည်းစနစ် - &KB - ကီးဖိုင်ကို သုံးရန် - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - ကီးဖိုင်များ... - H​ash အယ်လဂိုရီသမ်များ၏ အချက်အလက်များ - နောက်ထပ် အချက်အလက် - Information on PIM - &MB - နောက်ထပ် အချက်အလက် - ကွန်ပျူတာစနစ် စာဝှက်ခြင်းအကြောင်း အသေးစိတ် အချက်အလက်များ - နောက်ထပ် အချက်အလက် - Multi-boot - ကွန်ပျူတာ စနစ်မဟုတ်သော အခန်းကန့်/drive တစ်ခု စာဝှက်ရန် - မှတ်တမ်း လုံး၀ မတင်ရန် - ပြင်ပ volume ကို ဖွင့်ရန် - ခေတ္တရပ်နားရန် - Use P&IM - Use PIM - အမြန် မော်မက်ချရန် - စကားဝှက်ကို ပြရန် - စကားဝှက်ကို ပြရန် - &Display PIM - Single-boot - သာမန် VeraCrypt volume - လျှို့ဝှက် - ပုံမှန် - ကွန်ပျူတာ အခန်းကန့် (သို့) ကွန်ပျူတာ drive တစ်ခုလုံးကို စာဝှက်ရန် - ဝင်းဒိုးစနစ် အခန်းကန့်ကို စာဝှက်ရန် - Drive တစ်ခုလုံးကို စာဝှက်ရန် - VeraCrypt Volume ဖန်တီးမှု အညွှန်း - အစုအဝေး - အရေးကြီးချက် - ဤ ၀င်းဒိုးအတွင်း သင့်ကြွက်ခလုတ်ကို ကျပန်းနည်းဖြင့် ရွှေ့လျားပါ။ အချိန်ပိုကြာလေ၊ ပိုကောင်းလေ ဖြစ်သည်။ ဤသို့ဖြင့် စာဝှက်ထားသော ကီးများ၏ ဝှက်စာ ရေးသားခြင်း အားကောင်းခိုင်မာမှုကို တိုးမြှင့်စေမည် ဖြစ်သည်။ လုပ်ပြီးပါက volume ကို ဖန်တီးရန် ဖော်မက်ချရန် ခလုတ်ကို နှိပ်ပါ။ - အတည်ပြုရန် - - ပြီးသွားပြီ - Drive letter: - စာဝှက်စနစ် အယ်လဂိုရီသမ် - ဖိုင်စနစ် - စာဝှက်ထားသော disk အတု တစ်ခုကို ဖိုင်တစ်ခုထဲ ဖန်တီးလိုက်ပါ။ အတွေ့အကြုံ မရှိသေးသော သုံးစွဲသူများအတွက် သင့်လျှော်သည်။ - ရွေးစရာများ - Hash အယ်လဂိုရီသမ် - ခေါင်းစဉ် ကီး - - ဘယ်ဖက် - မာစတာကီး - - အကယ်၍ ဤကွန်ပျူတာ၌ OS နှစ်ခု (သို့) နှစ်ခုထက် ပိုပြီး ထည့်သွင်းထားပါက၊ ဒီရွေးစရာကို ရွေးပါ။\n\nဥပမာ အားဖြင့် -\n- Windows XP နှင့် Windows XP\n- Windows XP နှင့် Windows Vista\n- Windows နှင့် Mac OS X\n- Windows နှင့် Linux\n- Windows, Linux နှင့် Mac OS X - ကွန်ပျူတာ စနစ်မဟုတ်သော အခန်းကန့် တစ်ခုကို စက်တွင်း (သို့) ပြင်ပ drive တစ်ခုခု (ဥပမာ - flash drive တစ်ခု) ထဲ စာဝှက်ပါ။ လိုအပ်လျှင်၊ လျှို့ဝှက် volume တစ်ခု ဖန်တီးပါ။ - လက်ရှိ စုပေါင်း အကြောင်းအရာ (တစ်ပိုင်းတစ်စ) - အောင်မြင်သည် - စကားဝှက် - - Volume PIM: - Volume PIM: - တိုးတက်မှု - - ကျပန်း စုစည်းမှု - - ဤကွန်ပြူတာ၌ OS တစ်ခုတည်း ထည့်သွင်းထားလျှင် (သုံးစွဲသူ အများ ရှိနေလျှင်လည်း) ဒီရွေးစရာကို ရွေးပါ။ - အမြန်နှုန်း - အနေအထား - ကီး salt နှင့် အခြား ဒေတာများကို အောင်မြင်စွာ ထုတ်လုပ်လိုက်ပြီ။ ကီးအသစ် ထပ်လုပ်လိုပါက နောက်သို့ ခလုတ်ကို နှိပ်ပြီး ရှေ့သို့ ခလုတ်ကို ပြန်နှိပ်ပါ။ ဒါမှမဟုတ်၊ ဆက်လက် လုပ်ဆောင်ရန် ရှေ့သို့ ခလုတ်ကို နှိပ်ပါ။ - ၀င်းဒိုးစနစ် ထည့်သွင်းထားသော အခန်းကန့်/drive ကို စာဝှက်ပါ။ ၀င်းဒိုးစနစ် မပိတ်မီ စက်ထဲ ၀င်၍ ဖိုင်များကို ဖတ်ရှုလို၊ စာရေးလိုသူ မည်သူမဆို အကြိမ်တိုင်း စကားဝှက် အမှန် ရေးထည့်ပေးရမည် ဖြစ်သည်။ လိုအပ်လျှင်၊ လျှို့ဝှက် ကွန်ပျူတာ စနစ် တစ်ခုကို ဖန်တီးပါ။ - လက်ရှိ အသုံးပြုနေသော ဝင်းဒိုး OS ထည့်သွင်းထားသည့် ​အခန်းကန့်ကို စာဝှက်ရန် ဒီရွေးစရာကို ရွေးပါ။ - Volume Label in Windows: - ရှင်းလင်းသည့် စနစ် - - ပိတ်ရန် - ရှောင်ကွင်းရမည့် စက်မတက်မီ စစ်ဆေးမှု ပြုလုပ်ရန် Esc ကီး(စက်အတက် မန်နေဂျာကို ဖွင့်ထားရန်၏) ကို နှိပ်ပါ - ဘာမျှ လုပ်ရန် မလို - အလိုအလျောက် အစပျိုးသော VeraCrypt volume (အောက်တွင် ဖေါ်ပြထားသည်) - VeraCrypt ကို စဖွင့်ရန် - လိုင်ဘရာရီကို အလိုအလျောက် ရှာဖွေရန် - စက်မတက်မီ စစ်ဆေး အတည်ပြု စကားဝှက်ကို (ကွန်ပျူတာ စနစ်မဟုတ်သော volumes များကို အစပျိုးရန်) ဒရိုင်ဘာ မှတ်ဉာဏ်၌ ခေတ္တ မှတ်ထားရန် - ဖွင့်ကြည့်ရန်... - ဖွင့်ကြည့်ရန်... - စကားဝှက်များနှင့် ကီးဖိုင်များကို မှတ်ဉာဏ်ထဲတွင် ခေတ္တ သိမ်းဆည်းရန် - အစပျိုးထာသော volumes မရှိသည့်အခါ ထွက်ပါ - Volume တစ်ခုကို အောင်မြင်စွာ အစပျိုးပြီးသောအခါ တိုကင်ဖြင့် ဝင်ရောက်မှုကို ပိတ်ပါ - Include VeraCrypt Volume Expander - VeraCrypt Volume ဖန်တီးမှု အညွှန်းကို ထည့်သွင်းရန် - ဖန်တီးရန် - Volume ဖန်တီးရန် - စက်မတက်မီ စစ်ဆေးမှုပြ မျက်နှာပြင်တွင် မည်သည့်စာသားမျှ မပြပါနှင့်(အောက်ဖေါ်ပြပါ စိတ်ကြိုက် စာတမ်းမှ လွဲ၍) - Disable "Evil Maid" attack detection - ပရိုဆက်ဆာ၏ AES လမ်းညွှန်မှုကိုအသုံးပြု၍ AES ဝှက်စာခြင်း/စာဝှက်ဖေါ်ခြင်းကို အရိုန်မြှင့်ပါ (အကယ်၍ ရနိုင်ပါက) - ကီးဖိုင် သုံးရန် - ကီးဖိုင် သုံးရန် - ထွက်ရန် - စိတ်ကြိုက် volumes အတွက် အကူအညီ - 'စိတ်ကြိုက် volumes များ အစပျိုးရန်' အထူးကီးကို နှိပ်သည့်အခါ ရွေးချယ်ထားသော volume ကို အစမပျိုးပါနှင့် - ၄င်း၏ ပင်မ စက်နှင့် ချိတ်ဆက်မိသည့်အခါ ရွေးချယ်ထားသော volume ကို အစပျိုးပါ - အထဲ ၀င်ရောက်သည့်အခါ ရွေးချယ်ထားသော volume ကို အစပျိုးပါ - ရွေးချယ်ထားသော volume ကို ဖတ်ရှုရန် အတွက်သာ အစပျိုးပါ - ရွေးချယ်ထားသော volume ကို ဖြုတ်တပ်နိုင်သည့် ကြားခံအဖြင့်သာ အစပျိုးပါ - အောက်သို့ ရွှေ့ရန် - အပေါ်သို့ ရွှေ့ရန် - ရွေးချယ်ထားသော volume ကို အောင်မြင်စွာ အစပျိုးပြီးပါက Explorer ဝင်းဒိုးကို ဖွင့်ပါ - ဖယ်ရှားရန် - Use favorite label as Explorer drive label - ဘုံသုံး ချိန်ညှိချက်များ - အထူး ကီးကို အောင်မြင်စွာ အဆုံးသတ်ပြီးပါက ပူပေါင်း လမ်းညွှန်ကို ပြပါ - အထူး ကီးကို အောင်မြင်စွာ အဆုံးသတ်ပြီးပါက စက် အချက်ပြ အသံကို ဖွင့်ပါ - Alt - Ctrl - Shift - Win - သတ်မှတ်ရန် - ဖယ်ရှားရန် - ကီးဖိုင်များ... - အောက်ပါ ပရိုဆက်ဆာများကို စာဝှက်ခြင်း/စာဝှက်ဖေါ်ခြင်းအတွက် အသုံးမပြုပါနှင့် - - နောက်ထပ် အချက်အလက် - နောက်ထပ် အချက်အလက် - နောက်ထပ် ချိန်ညှိချက်များ... - အလိုအလျောက် အစပျိုး စက်ကိရိယာများ - ရွေးစရာများကို အစပျိုးရန်... - Volume ကို ဖတ်ရှုရန်အတွက်သာ အစပျိုးရန် - ကီးဖိုင်များ... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - ဖွင့်ထားသည် - စကားဝှက်ကို ဒရိုင်ဘာ မှတ်ဉာဏ်ထဲ၌ ခေတ္တ သိမ်းဆည်းရန် - ဒေတာများကို ဖတ်ရှုခြင်း/ရေးသားခြင်း မပြုသည့်အခါ volume ကို အလိုအလျောက် အဆုံးသတ်ပါ - သုံးစွဲသူ ထွက်ရန် - User session locked - စွမ်းအင် ချွေတာရေးစနစ်ကို သုံးစွဲရန် - Screen saver ဖွင့်ထားသည် - Volume ၌ ဖွင့်ထားသော ဖိုင်များ (သို့) ဖိုင်တွဲများ ပါ၀င်နေလျှင်လည်း ၎င်းကို အလိုအလျှောက် အတင်း အဆုံးသတ်ပါ - စက်ထဲရှိ VeraCrypt volumes အားလုံးကို အစပျိုးရန် - VeraCrypt နောက်ခံ လုပ်ငန်းများ စတင်ရန် - Volumes များကို ဖတ်ရှုရန် အတွက်သာ အစပျိုးရန် - Volumes များကို ဖြုတ်တပ်နိုင်သော ကြားခံအဖြစ်သာ အစပျိုးရန် - အောင်မြင်စွာ အစပျိုးလိုက်သော volume အတွက် Explorer ၀င်းဒိုးကို ဖွင့်ရန် - Temporary Cache password during "Mount Favorite Volumes" operations - အစပျိုးထားသော volumes များ ရှိပါက ခြားနားသော taskbar ပုံများကို သုံးစွဲရန် - အလိုအလျောက် အဆုံးသတ်သည့်အခါ ခေတ္တ မှတ်ထားသော စကားဝှက်များကို ရှင်းလင်းရန် - ထွက်သည့်အခါ ခေတ္တ မှတ်ထားသော စကားဝှက်များကို ရှင်းလင်းရန် - ဖိုင် သိမ်းဆည်းခန်းများ၏ ပြုပြင်မှု အချိန်စာရင်းကို ထိန်းသိမ်းရန် - ပြန်ချိန်ရန် - စက်ပစ္စည်း ရွေးချယ်ရန်... - ဖိုင် ရွေးချယ်ရန် - လိုင်ဘရာရီ ရွေးချယ်ရန်... - စကားဝှက် ပြရန် - စကားဝှက် ပြရန် - အစပျိုးထားသော volume အတွက် Explorer ၀င်းဒိုး ဖွင့်ရန် - ဒရိုင်ဘာ မှတ်ဉာဏ်ထဲရှိ ယာယီ စကားဝှက် - TrueCrypt Mode - အားလုံးကို အဆုံးသတ်ရန် - Volume ဂုဏ်အင်္ဂါရပ်များ... - Volume ကိရိယာများ... - ယာယီဖိုင်များကို ရှင်းလင်းရန် - VeraCrypt - Mount Parameters - VeraCrypt - စိတ်ကြိုက် Volumes များ - VeraCrypt - စက်သုံး အထူး ကီးများ - VeraCrypt - စကားဝှက် (သို့) ကီးဖိုင်ကို ပြောင်းရန် - VeraCrypt Volume စကားဝှက် ရေးထည့်ရန် - VeraCrypt - စွမ်းဆောင်မှု ရွေးစရာများ - VeraCrypt - ဦးစားပေးချက်များ - VeraCrypt - ကွန်ပျူတာ စာဝှက်စနစ် ချိန်ညှိချက်များ - VeraCrypt - လုံခြုံရေး တိုကင် ဦးစားပေးချက်များ - VeraCrypt ခရီးဆောင် Disk တည်ဆောက်မှု - VeraCrypt Volume အင်္ဂါရပ်များ - အကြောင်း - Volume ဆီမှ ကီးဖိုင်များကို ထည့်သွင်းရန်/ဖယ်ထုတ်ရန်... - အစပျိုးလိုက်သော Volume ကို စိတ်ကြိုက်စာရင်းထဲ ထည့်သွင်းရန်... - အစပျိုးထားသော Volume ကို ကွန်ပျူတာ စိတ်ကြိုက်စာရင်းထဲ ထည့်သွင်းရန်... - လည်ပတ်မှုစနစ် ပျက်စီးမှုကို စစ်ဆေးရန်... - Volume ခေါင်းစဉ်ကို အရန်သင့် သိမ်းဆည်းရန်... - Benchmark... - ခေါင်းစဉ် ကီး ဆင်းသက်မှု အယ်လဂိုရီသမ်ကို သတ်မှတ်ရန်... - Volume စကားဝှက် ပြောင်းရန်... - ခေါင်းစဉ် ကီး ဆင်းသက်မှု အယ်လဂိုရီသမ်ကို သတ်မှတ်ရန်... - စကားဝှက် ပြောင်းရန်... - Volume မှတ်တမ်းကို ရှင်းလင်းရန် - လုံခြုံရေး တိုကင် လုပ်ငန်းအားလုံးကို ပိတ်ရန် - အဆက်အသွယ် - လျှို့ဝှက် OS ဖန်တီးရန်... - ကယ်ဆယ်ရေး Disk ဖန်တီးရန်... - Volume အသစ် ဖန်တီးရန်... - Permanently Decrypt... - မူလ ကီးဖိုင်များ... - Default Mount Parameters... - ယခု လှူဒါန်းရန်... - ကွန်ပျူတာ အခန်းကန့်/Drive ကို စာဝှက်ရန်... - မေးလေ့ရှိသော မေခွန်းများ - သုံးစွဲသူ လမ်းညွှန် - ပင်မ စာမျက်နှာ - အထူး ကီးများ... - ကီးဖိုင် ထုတ်လုပ်စနစ် - ဘာသာစကား... - တရားဝင် ထုတ်ပြန်ချက်များ - လုံခြုံရေး တိုကင် ကီးဖိုင်များကို စီမံရန်... - စက်ထဲရှိ Volumes အားလုံးကို အလိုလျောက် အစပျိုးရန် - စိတ်ကြိုက် Volumes များ အစပျိုးရန် - စက်မတက်မီ စစ်ဆေးမှု မပြုပဲ အစပျိုးရန်... - Volume အစပျိုးရန် - Volume ကို ရွေးစရာများနှင့် အစပျိုးရန် - သတင်း - အွန်လိုင်း အကူအညီ - စတင် သုံးစွဲသူ၏ သင်တန်း လမ်းညွှန် - စိတ်ကြိုက် Volumes များကို စီမံရန်... - ကွန်ပျူတာစနစ်၏ စိတ်ကြိုက် Volumes များကို စီမံရန်... - စွမ်းဆောင်ရည်... - ကွန်ပျူတာစနစ်၏ အခန်းကန့်/Drive ကို အမြဲတမ်း စာဝှက်​ဖြည်ရန် - ဦးစားပေးချက်များ... - Drive အက္ခရာများ ပြန်ခေါ်ရန် - Volume ထဲရှိ ကီးဖိုင် အားလုံးကို ဖယ်ရှားရန်... - Volume ခေါင်းစီးကို နဂိုနေရာ ပြန်ထားရန်... - ရပ်တန့်နေသော လုပ်ငန်းစဉ်ကို ပြန်စရန် - စက် ပစ္စည်း ရွေးချယ်ရန်... - ဖိုင် ရွေးချယ်ရန်... - ရပ်တန့်နေသော လုပ်ငန်းစဉ်ကို ပြန်စရန် - ကွန်ပျူတာ စာဝှက်စနစ်... - ဂုဏ်အင်္ဂါရပ်များ... - ချိန်ညှိချက်များ... - ကွန်ပျူတာစနစ် စိတ်ကြိုက် Volumes များ... - ဒေါင်းလုဒ် ဆွဲရန် - Vectors များ စမ်းသပ်ရန်... - လုံခြုံရေး တိုကင်များ... - ခရီးဆောင် Disk တည်ဆောက်မှု... - အစပျိုးထားသော Volumes အားလုံး အဆုံးသတ်ရန် - Volume အဆုံးသတ်ရန် - ကယ်ဆယ်ရေး Disk စစ်ဆေးရန် - Verify Rescue Disk ISO Image - ဗားရှင်း မှတ်တမ်း - Volume Expander - Volume ဂုဏ်အင်္ဂါရပ်များ - Volume ဖန်တီးမှု အညွှန်း - VeraCrypt ကွန်ရက် စာမျက်နှာ - ခေတ္တမှတ်ထားသော စကားဝှက်များကို ရှင်းလင်းရန် - ကောင်းပြီ - Hardware စွမ်းရည်မြှင့်ခြင်း - ဖြတ်လမ်း - AutoRun ပြုပြင်ဖန်တီးမှု (autorun.inf) - အလိုအလျောက် အဆုံးသတ်ရန် - အားလုံး အဆုံးသတ်မည့် အချိန် - - Boot Loader မျက်နှာပြင် ရွေးစရာများ - စကားဝှက် အတည်ပြုရန် - - လက်ရှိ - စက်မတက်မီ စစ်ဆေးမှု မျက်နှာပြင်တွင် ဤစိတ်ကြိုက် စာတမ်းကို ပြရန် (စာလုံးရေ အများဆုံး ၂၄ လုံးသာ) - - မူလ အစပျိုး ရွေးစရာများ - အထူး ကီး ရွေးစရာများ - Driver Configuration - Enable extended disk control codes support - ရွေးချယ်ထားသော စိတ်ကြိုက် volume အညွှန်း - - ဖိုင် ချိန်ညှိချက်များ - သတ်မှတ်ရမည့် ကီး - - ဤကွန်ပျူတာရှိ ပရိုဆက်ဆာ (CPU) သည် AES အတွက် hardware ကို အရိုန်မြှင့် လုပ်ဆောင်ပေးသည် - - ဝင်းဒိုးထဲ ဝင်ရောက်သည့်အခါ လုပ်ဆောင်ရမည့် အချက်များ - မိနစ် - Volume ကို drive အက္ခရာအဖြစ် အစပျိုးရန် - - အစပျိုး ချိန်ညှိချက်များ - အသစ် - စကားဝှက် - - Thread-အခြေပြု ပြိုင်တူပြုလုပ်ခြင်း - PKCS #11 လိုင်ဘရာရီ လမ်းကြောင်း - PKCS-5 PRF- - PKCS-5 PRF: - စကားဝှက် ယာယီ သိမ်းဆည်းခန်း - လုံခြုံရေး ရွေးစရာများ - VeraCrypt နောက်ခံ လုပ်ငန်း - အစပျိုးရမည့် VeraCrypt volume (ခရီးဆောင် disk root နှင့် ဆက်စပ်သည်) - - Traveler disk ကို ထည့်လိုက်သည့်အခါ - - ခရီးဆောင် disk ဖိုင်များကို ဖန်တီးမည့် နေရာ (ခရီးဆောင် disk root ဖိုင်တည်နေရာ) - - Volume - ဝင်းဒိုး - လမ်းကြောင်း ထည့်သွင်းရန်... - အားလုံးကို အလိုလျောက် စမ်းသပ်ရန် - ဆက်လုပ်ရန် - စာဝှက်ဖော်ရန် - ပယ်ဖျက်ရန် - စာဝှက်ရန် - တင်ပို့ရန်... - ကီးဖိုင်ကို ထုတ်လုပ်ပြီး သိမ်းဆည်းရန်... - ကျပန်း ကီးဖိုင်ကို ထုတ်လုပ်ရန်... - ဘာသာစကားများကို ဒေါင်းလုဒ် ဆွဲရန် - Hardware ကို အရိုန်မြှင့်ပေးသော AES - - ကီးဖိုင်ကို တိုကင်ထဲ တင်သွင်းရန်... - ဖိုင်များကို ထည့်သွင်းရန်... - ကီးဖိုင်ကို သုံးရန် - ကီးဖိုင်များ... - ဖယ်ရှားရန် - အားလုံး ဖယ်ရှားရန် - လျှို့ဝှက် volume ကာကွယ်ခြင်း ဆိုသည်မှာ အဘယ်နည်း? - ကီးဖိုင်များ၏ အသေးစိတ် အချက်အလက်များ - Volume ကို ဖြုတ်တပ်နိုင်သော ကြားခံအဖြစ် အစပျိုးရန် - အခန်းကန့်ကို ကွန်ပျူတာ စာဝှက်စနစ် သုံးပြီး စက်မတက်မီ စစ်ဆေးစရာမလိုဘဲ အစပျိုးရန် - ပြိုင်တူဖြစ်ခြင်း - Benchmark - ပရင့်ထုတ်ရန် - လျှို့ဝှက် volume ကို ပြင်ပ volume ထဲ စာရေးခြင်းကြောင့် ဖြစ်ပေါ်လာမည့် ပျက်စီးခြင်းမှ ကာကွယ်ရန် - ပြန်ချိန်ရန် - စကားဝှက်ကို ပြရန် - တိုကင် ဖိုင်များကို ထည့်သွင်းရန်... - Volume ထဲ၌ ထည့်မြှုပ်ထားသော အရန်သင့် ​ခေါင်းစဉ်များကို ရနိုင်ပါက အသုံးပြုရန် - XTS နည်းစနစ် - VeraCrypt အကြောင်း - VeraCrypt - စာဝှက်စနစ် အယ်လဂိုရီသမ် Benchmark - VeraCrypt - Vectors များ စမ်းသပ်ရန် - Command Line အကူအညီ - VeraCrypt - ကီးဖိုင်များ - VeraCrypt - ကီးဖိုင် ထုတ်လုပ်စနစ် - VeraCrypt - ဘာသာစကား - VeraCrypt - အစပျိုး ရွေးစရာများ - လုံခြုံရေး တိုကင် ကီးဖိုင်သစ်၏ ဂုဏ်အင်္ဂါရပ်များ - VeraCrypt - ကျပန်း စုပေါင်း တိုးတက်မှု - အခန်းကန့် (သို့) စက်ပစ္စည်း တစ်ခု ရွေးချယ်ရန် - VeraCrypt - လုံခြုံရေး တိုကင် ကီးဖိုင်များ - လုံခြုံရေး တိုကင် စကားဝှက်/PIN လိုအပ်သည် - လက်ရှိ သုံးစွဲသော ဘာသာစကား - အမြန်နှုန်းသည် CPU အားနှင့် သိုလှောင် ပစ္စည်း၏ ဂုဏ်အင်္ဂါရပ်အပေါ် မူတည်သည်။\n\n ၄င်းစမ်းသပ်မှုကို RAM ထဲတွင် လုပ်ဆောင်နေသည်။ - ဘတ်ဖာ အရွယ် - - ဝှက်စာ စနစ် - - လျှို့ဝှက် Volume အတွက် စကားဝှက် -\n(နေရာလွတ်နေလျှင်၊ ယာယီ သိမ်းဆည်းခန်းကို သုံးသည်) - လျှို့ဝှက် Volume ကာကွယ်ခြင်း - ကီး အရွယ် - - အရေးကြီးချက် - ဤ၀င်းဒိုးထဲ၌ သင့် ကြွက်ခလုတ်ကို တက်နိုင်သမျှ ကျပန်းနည်းဖြင့် လှုပ်ရှားပေးပါ။ ကြာကြာ​ ရွှေ့လေ၊ ပိုကောင်းလေ ဖြစ်သည်။ ဤအရာက ကီးဖိုင်၏ စာဝှက်အားကို တိုးမြှင့်စေသည်။ - သတိပေးချက် - ကီးဖိုင်​ ပျောက်သွားသည် ဖြစ်စေ (သို့) ၄င်း၏ ပထမဆုံး ၁၀၂၄ kilobytes ပြောင်းသွားသည် ဖြစ်စေ၊ အဲဒီ ကီးဖိုင်ကို အသုံးပြုသော volumes များကို အစပျိုးနိုင်မည် မဟုတ်ပါ။ - bits - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - ဘာသာပြန်ဆိုသူ - - စာသား သက်သက် အရွယ် - - bits - လက်ရှိ စုပေါင်း အကြောင်းအရာ - PRF ပေါင်းစပ်ခြင်း - - အရေးကြီးချက် - ဤဝင်းဒိုးထဲ၌ သင့် ကြွက်ခလုတ်ကို တက်နိုင်သမျှ ကျပန်းနည်းဖြင့် လှုပ်ရှားပေးပါ။ ကြာကြာ ရွှေ့လေ၊ ပိုကောင်းလေ ဖြစ်သည်။ ၄င်းက လုံခြုံရေးကို တိုးမြှင့်စေသည်။ ပြီးသွားလျှင်၊ 'ဆက်လုပ်ရန်' ခလုတ်ကို နှိပ်ပါ။ - အရန်ကီး (hexadecimal) - လုံခြုံရေး တိုကင် - - မျိုးတူစုနည်း - - ကျေးဇူးပြု၍ စောင့်ပါ။ ဤလုပ်ငန်းစဉ်သည် အတော် ကြာနိုင်ပါသည်... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - နံပါတ် အစု - - ဝှက်စာ စာသား (hexadecimal) - ဒေတာ ယူနစ် နံပါတ် (64-bit hexadecimal, ဒေတာ ယူနစ် အရွယ်သည် 512 bytes ဖြစ်သည်) - ကီး (hexadecimal) - စာသားသက်သက် (hexadecimal) - ကီးဖိုင် အမည် - - XTS နည်းစနစ် - ကွန်ပျူတာစနစ် - &Volumes များ - စိတ်ကြိုက်များ - ကိရိယာများ - ချိန်ညှိချက်များ - အကူအညီ - ပင်မ စာမျက်နှာ - - အ​ကြောင်း... - သင့် volume အဟောင်းမှ ဖတ်ရှုရန်အတွက်သာ ဖြစ်သော သတ်မှတ်ချက်ကို ပြောင်း၍ မရပါ။ ဖိုင်ထဲ ၀င်ရောက်မှု ခွင့်ပြုချက်ကို စစ်ဆေးပါ။ - ချို့ယွင်းချက် - ၀င်ရောက်ခွင့် မပြုပါ။ \n\n ၀င်ရောက်ရန် သင် ကြိုးစားနေသော အခန်းကန့်သည် အခန်း 0 ရှည်နေသည်၊ (သို့) စက်ဖွင့်​ပစ္စည်း ဖြစ်သည်။ - စီမံခန့်ခွဲသူ - VeraCrypt ဒရိုင်ဘာကို ဖွင့်ရန်၊ အကောင့်ထဲသို့ စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်ဖြင့် ၀င်ရောက် ဝင်ရောက်ရန် လိုအပ်သည်။ - အခန်းကန့်/စက်ပစ္စည်း တစ်ခုကို စာဝှက်ရန်/ဖော်မက်ချရန် သင်သည် အကောင့်ထဲသို့ စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်ဖြင့် ဝင်ရောက်ရန် လိုအပ်သည်။\n\n ၎င်းသည် ဖိုင် သိမ်းဆည်းသော volumes များနှင့် မသက်ဆိုင်ပါ။ - လျှို့ဝှက် volume တစ်ခုကို ဖန်တီးရန် သင်သည် အကောင့်ထဲသို့ စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်ဖြစ် ဝင်ရောက်ရန် လိုအပ်သည်။\n\nဆက်လုပ်မည်လား? - Volume ကို NTFS အဖြစ် ဖော်မက်ချရန် သင်သည် ​အကောင့်ထဲသို့ စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်ဖြင့် ဝင်ရောက်ရန် လိုအပ်သည်။\n\n စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်မပါပဲ၊ မဟုတ်ပါက volume ကို FAT အဖြစ်သာ ဖော်မက်ချနိုင်မည် ဖြစ်သည်။ - FIPS မှ ထောက်ခံထားသော စာဝှက်စနစ် (Rijndael, ၁၉၉၈ ခုနှစ်၌ ထုတ်ပြန်ထားသည်) ကို ယူအက်စ် အစိုးရ အဖွဲ့အစည်းနှင့် အခြား အေဂျင်စီများသည် ထိပ်တန်း လျှို့ဝှက် အဆင့် 256-bit ကီး၊ 128-bit block, 14 rounds (AES-256) အထိ သတ်မှတ်ထားသော အချက်အလက်များကို ကာကွယ်ရန် အသုံးပြုနိုင်ကြသည်။ လုပ်ဆောင်ပုံ စနစ်မှာ XTS ဖြစ်သည်။ - Volume ကို အစပျိုးထားပြီ။ - သတိပေးချက် - အနည်းဆုံး စာဝှက်စနစ် (သို့) hash အယ်လဂိုရီသမ် တစ်ခုသည် အလို​အလျောက် စမ်းသပ်မှုများ၌ မအောင်မြင်ပါ။\n\n VeraCrypt ထည့်သွင်းမှု ပျက်သွား၍ ဖြစ်မည်။ - သတိပေးချက် - တောင်းဆိုထားသည့် ကျပန်း ​ဒေတာ ပမာဏကို ပံ့ပိုးပေးရန် ကျပန်းဂဏန်း ထုတ်လုပ်စနစ်၌ ဒေတာ အလုံအလောက် မရှိပါ။\n\n သင် ရှေ့ဆက် လုပ်ဆောင်ရန် မလိုပါ။ အကူအညီ မီနူးမှ 'ပရိုဂရမ်အမှား သတင်းပို့ရန်' ကို ရွေးချယ်ပြီး၊ ဤချို့ယွင်းချက်ကို သတင်းပို့ပါ။ - Drive ပျက်စီးနေသည် (စက်ပိုင်းဆိုင်ရာ ပျက်စီးမှု ရှိသည်) သို့မဟုတ် ကယ်​ဘယ်လ်ကြိုး ပြတ်နေသည်၊ သို့မဟုတ် မှတ်ဉာဏ် ပျက်စီးနေသည်။\n\n ဤအရာသည် သင့် hardware ပိုင်း ပြဿနာ ဖြစ်သည်၊ VeraCrypt နဲ့မဆိုင်ပါ။ ထို့ကြောင့်၊ VeraCrypt ၏ ပြဿနာအဖြစ် သတင်း မပို့ပါနှင့်။ ဤအကြောင်းနှင့် ပါတ်သက်၍ VeraCrypt ဖိုရမ်၌ အကူအညီ မတောင်းပါနှင့်။ ကွန်ပျူတာ ထုတ်လုပ် ရောင်းချသူထံ နည်းပညာဆိုင်ရာ အကူအညီ တောင်းခံပါ။ ကျေးဇူးတင်ပါသည်။\n\n မှတ်ချက် - ချို့ယွင်းချက်သည် တစ်နေရာထဲ၌ ထပ်ခါတလဲလဲ ဖြစ်နေလျှင်၊ ၄င်းသည် ​မကောင်းသော disk block တစ်ခုကြောင့် ဖြစ်နိုင်သည်။ ၄င်းကို တခြား ဆော့ဗ်ဝဲ အသုံးပြုပြီး ပြုပြင်ကောင်း ပြုပြင်နိုင်မည် ဖြစ်သည် (ပြဿနာ အတော်မျာများတွင် 'chkdsk /r' ညွှန်ကြားချက်ဖြင့် မဖြေရှင်းနိုင်ပါ၊ အဘယ့်ကြောင့် ဆိုသော် ၄င်းသည် filesystem အဆင့်၌သာ လုပ်ဆောင်သောကြောင့် ဖြစ်သည်။ အချို့အခြေအနေတွင်၊ 'chkdsk' သည် ပျက်စီးမှုကို မရှာဖွေနိုင်ချေ)။ - အကယ်၍ သင်သည် ဖြုတ်တပ်နိုင်သော မီဒီယာ အတွက် drive တစ်ခုထဲ ၀င်ရောက်နေပါက၊ ကြားခံတစ်ခုကို drive ထဲ​ သေချာ သွင်းပါ။ Drive/ကြားခံ ပျက်စီးနေခြင်း (ရုပ်ပိုင်းဆိုင်ရာ ပျက်စီးမှု) ဖြစ်နိုင်သည် (သို့) ကယ်ဘယ်ကြိုး ပျက်စီးနေခြင်း/ပြတ်နေခြင်း ဖြစ်နိုင်သည်။ - သင့် ကွန်ပျူတာစနစ်သည် drive စနစ် တစ်ခုလုံးကို စာဝှက်ခြင်း မပြုနိုင်ရန် အဟန့်အတားပြုနေသော ပရိုဂရမ်အမှား တစ်ခု ပါရှိသော ကိုယ်ပိုင် chipset ဒရိုင်ဘာများကို အသုံးပြုနေပုံ ရသည်။\n\n ရှေ့ဆက်မသွားမီ ကိုယ်ပိုင် (Microsoft မဟုတ်သော) chipset ဒရိုင်ဘာများကို မွမ်းမံပါ (သို့) ဖယ်ထုတ်ပါ။ အကယ်၍ အကြောင်းမထူးပါက၊ ကွန်ပျူတာစနစ် အခန်းကန့် တစ်ခုတည်းကိုသာ စာဝှက်ကြည့်ပါ။ - မှားနေသော drive အက္ခရာ။ - မှားနေသော လမ်းကြောင်း။ - ဖျက်သိမ်းရန်​ - စက်ပစ္စည်းကို ဆက်သွယ်၍ မရပါ။ ရွေးချယ်ထားသော စက်ပစ္စည်း ရှိ/မရှိ စစ်ဆေးပြီး၊ ၄င်းကို ကွန်ပျူတာစနစ်က အသုံးမပြုဖို့ လိုသည်။ - သတိပေးချက် - Caps Lock ဖွင့်ထားသည်။ ၎င်းကြောင့် စကားဝှက် ရေးထည့်ရာတွင် မှားယွင်းစေနိုင်သည်။ - Volume အမျိုးအစား - စာဝှက်ထားသော volume တစ်ခု၏ စကားဝှက်ကို ဖေါ်ပြရန် သင့်ကို တစ်စုံတစ်ယောက်က ဖိအားပေး တောင်းဆိုလာနိုင်သည်။ သင်အနေဖြင့် စကားဝှက်ကို မဖြစ်မနေ ပေးရမည့် အခြေအနေမျိုး ကြုံလာနိုင်သည်။ ယင်းအခြေအနေမျိုး၌ လျှို့ဝှက် volume ကို သုံးစွဲခြင်းဖြင့် သင့် စကားဝှက်ကို ဖေါ်ပြရန် လိုအပ်တော့မည် မဟုတ်ပါ။ - သာမန် VeraCrypt volume တစ်ခုကို ဖန်တီးလိုပါက ဒီရွေးစရာကို ရွေးပါ။ - အကယ်၍ OS တစ်ခုကို လျှို့ဝှက် အခန်းကန့် volume တစ်ခုထဲ၌ ထည်သွင်းလိုပါက၊ ကွန်ပျူတာစနစ် တစ်ခုလုံးကို ကီးတစ်မျိုးတည်းဖြင့် စာဝှက်နိုင်မည် မဟုတ်ပါ။ - ပြင်ပ Volume စာဝှက်စနစ် ရွေးစရာများ - လျှို့ဝှက် Volume စာဝှက်စနစ် ရွေးစရာများ - စာဝှက်စနစ် ရွေးစရာများ - သတိပေးချက် - နောက်ဆုံး ရွေးချယ်ထားသော volume/(ဖိုင် ရွေးချယ်စနစ်က မှတ်သားထားသော) ကီးဖိုင် လမ်းကြောင်းကို ရှင်းလင်း၍ မရပါ! - ချို့ယွင်းချက် - သိမ်းဆည်းခန်းကို filesystem အဆင့်၌ ဖိသိပ်ထားသည်။ VeraCrypt သည် သိမ်းဆည်းခန်းများကို ဖိသိပ်မှု မပြုပါ (စာဝှက်ထားသော ဒေတာကို ဖိသိပ်ခြင်းသည် ထိရောက်မှု မရှိ၍ မလိုအပ်ချေ)။\n\n အောက်ပါ အဆင့်များဖြင့် သိမ်းဆည်းခန်း ဖိသိပ်မှုကို ပိတ်ပါ -\n၁) ဝင်းဒိုး Explorer (VeraCrypt ထဲ၌ မဟုတ်ပါ) ထဲရှိ သိမ်းဆည်းခန်းကို ညာဖက် နှိပ်ပါ။\n၂) 'ဂုဏ်အင်္ဂါရပ်များ' ကို ရွေးချယ်ပါ။\n၃) 'ဂုဏ်အင်္ဂါရပ်များ' အညွှန်းထဲ၌၊ 'အဆင့်မြင့်' ကို နှိပ်ပါ။\n၄) 'အဆင့်မြင့် သတ်မှတ်ချက်များ' အညွှန်းထဲ၌၊ 'disk နေရာလွတ် ရရှိရန် အကြောင်းအရာများကို ဖိသိပ်ရန်' ရွေးစရာကို ပိတ်ပြီး 'ကောင်းပြီ' ကို နှိပ်ပါ။၅) 'ဂုဏ်အင်္ဂါရပ်များ' အညွှန်းထဲ၌၊ 'ကောင်းပြီ' ကို နှိပ်ပါ။ - Volume %s ဖန်တီးရာတွင် မအောင်မြင်ပါ - %s ၏အရွယ်မှာ %.2f bytes ဖြစ်သည် - %s ၏အရွယ်မှာ %.2f KB ဖြစ်သည် - %s ၏အရွယ်မှာ %.2f MB ဖြစ်သည် - %s ၏ အရွယ်မှာ %.2f GB ဖြစ်သည် - %s ၏အရွယ်မှာ %.2f TB ဖြစ်သည် - %s ၏အရွယ်မှာ %.2f PB ဖြစ်သည် - သတိပေးချက် - စက်ပစ္စည်း/အခန်းကန့်ကို OS မှ (သို့) အ​ပ္ပလီကေးရှင်းများမှ အသုံးပြုထားသည်။ စက်ပစ္စည်း/အခန်းကန့်ကို ဖော်မက်ချခြင်းဖြင့် ဒေတာ ပျက်စီမှုနှင့် စက်လည်ပတ်မှု မတည်မငြိမ် ဖြစ်စေနိုင်သည်။\n\nဆက်လုပ်မည်လား? - သတိပေးချက် - စက်ပစ္စည်း/အခန်းကန့်ကို OS မှ (သို့) အ​ပ္ပလီကေးရှင်းများမှ အသုံးပြုထားသည်။ အခန်းကန့်ကို အသုံးပြုသော ​အပ္ပလီကေးရှင်းများ (ဗိုင်းရပ်စ်သတ် ဆော့ဗ်ဝဲ အပါအဝင်)ကို ပိတ်ထားပါ။\n\n ဆက်လုပ်မည်လား? - ချို့ယွင်းချက် - စက်ပစ္စည်း/အခန်းကန့်၌ အဆုံးသတ်၍ မရနိုင်သော ဖိုင်စနစ် တစ်ခု ပါရှိနေသည်။ ​၎င်းဖိုင်စနစ်ကို စက်လည်ပတ်မှုစနစ်က အသုံးပြုထားနိုင်သည်။ စက်ပစ္စည်း/အခန်းကန့်ကို ဖော်မက်ချခြင်းဖြင့် ဒေတာ ပျက်စီခြင်းနှင့် စက်လည်ပတ်မှုစနစ် မတည်ငြိမ်မှုများ ဖြစ်ပေါ်စေနိုင်သည်။\n\nဤပြဿနာကို ဖြေရှင်းရန်၊ ထိုအခန်းကန့်ကို ဦးစွာ ပယ်ဖျက်ပြီး ၄င်းကို ဖော်မက်ချစရာ မလိုပဲ အသစ် ပြန်ဖန်တီးပါ။ ထိုသို့ ဆောင်ရွတ်ရန်၊ အောက်ပါ အဆင့်များကို လုပ်ဆောင်ပါ -\n၁) 'Start ​Menu' ရှိ 'Computer' ပုံကို ညာဖက် နှိပ်ပြီး 'Manage' ကို ရွေးပါ။ 'Computer Management' ၀င်းဒိုး ပေါ်လာလိမ့်မည်။\n၂) 'Disk Management' ဝင်းဒိုးထဲ၌ 'Storage' > 'Disk Management' ကို ရွေးပါ။\n၃) သင် စာဝှက်လိုသော အခန်းကန့်ကို ညာဖက် နှိပ်ပြီး 'Delete Partition', (သို့) 'Delete Volume', (သို့) 'Delete Logical Drive' ကို ရွေးပါ။\n၄) 'Yes' ကို နှိပ်ပါ။ အကယ်၍ ဝင်းဒိုးက စက်ပြန်ဖွင့်ရန် တောင်းဆိုလာပါက ကွန်ပျူတာစက်ကို ပြန်စလိုက်ပါ။ ထို့နောက် အဆင့် ၁ နှင့် ၂ ကို ပြန်လုပ်ပြီး အဆင့် ၅ မှ ဆက်လုပ်ပါ။\n၅) နေရာမယူထားသော/နေရာလွတ်၌ ညာဖက် နှိပ်ပြီး 'New Partition', (သို့) 'New Simple Volume', (သို့) 'New Logical Drive' ကို ရွေးပါ။\n၆) ယခုအချိန်၌ 'New Partition Wizard' (သို့) 'New Simple Volume Wizard' ၀င်းဒိုး ပေါ်လာမည် ဖြစ်သည်။ ညွန်ကြားချက်အတိုင်း ဆက်လုပ်ပါ။ 'Format Partition' ခေါင်းစဉ်အောက်ရှိ 'Do not format this partition' (သို့) 'Do not format this volume' တစ်ခုခုကို ရွေးချယ်ပါ။ အညွှန်း တစ်ခုထဲ၌၊ 'Next' ကို နှိပ်ပြီးနောက် 'Finish' ကို နှိပ်ပါ။\n၇) VeraCrypt ၌ သင် ရွေးချယ်ခဲ့သော လမ်းကြောင်း မှားနေနိုင်သည်ကို သတိပြုပါ။ ထို့ကြောင့်၊ VeraCrypt Volume ဖန်တီးမှု အညွှန်းမှ ထွက်ပြီး ပြန်ဖွင့်ပါ။\n၈) စက်ပစ္စည်း/အခန်းကန့်ကို တဖန် စာဝှက်လိုက်ပါ။\n\n အကယ်၍ VeraCrypt သည် စက်ပစ္စည်း/အခန်းကန့်ကို စာဝှက်ရန် အကြိမ်ကြိမ် မအောင်မြင်ပါက၊ ၄င်းအစား ဖိုင် သိမ်းဆည်းခန်းတစ်ခုကို ဖန်တီးရန် စဉ်းစားပါ။ - ချို့ယွင်းချက် - filesystem ကို သော့ခတ်၍ မရ/အဆုံးသတ်၍ မရ ဖြစ်နေသည်။ ၎င်းကို စက်လည်ပတ်မှုစနစ် (သို့) အပ္ပလီကေးရှင်းများ (ဥပမာ - ဗိုင်းရပ်စ် ဖယ်ရှား ဆော့ဗ်ဝဲ) မှ အသုံးပြုနေခြင်း ဖြစ်နိုင်သည်။ ၎င်းအခန်းကန့်ကို စာဝှက်ခြင်းဖြင့် ဒေတာ ပျက်စီးခြင်းနှင့် စက်လည်ပတ်မှုစနစ် မတည်မငြိမ် ဖြစ်စေနိုင်သည်။\n\n Filesystem ကို အသုံးပြုနေသည့် အပ္ပလီကေးရှင်းများကို ပိတ်ပြီး ထပ်ကြိုးစားပါ။ အကြောင်းမထူးပါက၊ အောက်ပါ အဆင့်များကို လုပ်ဆောင်ပါ။ - သတိပေးချက် - အစပျိုးထားသော စက်ပစ္စည်းများ/အခန်းကန့်များ အချို့ကို သုံးစွဲထားပြီး ဖြစ်နိုင်သည်။\n\n ၎င်းကို လျှစ်လျှူရှုခြင်းဖြင့် စက်လည်ပတ်ရာ၌ မတည်ငြိမ်မှုများကဲ့သို့ မလိုလားအပ်သော ရလဒ်များကို ဖြစ်ပေါ်စေနိုင်သည်။\n\n စက်ပစ္စည်းများ/အခန်းကန့်များကို အသုံးပြုနေနိုင်သော အပ္ပလီကေးရှင်းများကို ပိတ်ထားရန် အလေးအနက် အကြံပြုလိုပါသည်။ - ရွေးချယ်ထားသော စက်ပစ္စည်း၌ အခန်းကန့်များ ပါရှိသည်။\n\n စက်ပစ္စည်းကို ဖော်မက်ချခြင်းဖြင့် စက်လည်ပတ်မှု စနစ်ပိုင်းဆိုင်ရာ မတည်ငြိမ်မှုများ/ဒေတာ ပျက်စီးမှုများ ဖြစ်ပေါ်စေနိုင်သည်။ VeraCrypt ကို သုံးပြီး လုံခြုံ​စွာ ဖော်မက်ချနိုင်ရန် စက်ပစ္စည်းပေါ်၌ အခန်းကန့် တစ်ခုကို ရွေးချယ်ပါ၊ (သို့) စက်ပစ္စည်းပေါ်မှ အခန်းကန့် အားလုံးကို ဖယ်ရှားပါ။ - ကွန်ပျူတာစနစ် မဟုတ်သော စက်ပစ္စည်း၌ အခန်းကန့်များ ပါရှိသည်။\n\n အခန်းကန့်များ မရှိသော စက်ပစ္စည်းများထဲ၌ စာဝှက်ထားသော စက်ပစ္စည်း အခြေပြု VeraCrypt volumes များကို (hard disks နှင့် solid-state drives များ အပါအဝင်) ဖန်တီးနိုင်သည်။ ၄င်းစက်ပစ္စည်းထဲ၌ ဝင်းဒိုးတင်ထားပြီး ၎င်းမှ ဝင်းဒိုးတက်မည် ဆိုလျှင်၊ အခန်းကန့်များ ပါရှိသော စက်ပစ္စည်း တစ်ခုလုံးကို နေရာတကျ စာဝှက်နိုင်မည် ဖြစ်သည်။\n\nမာစတာကီး တစ်ခုတည်းကို သုံးပြီး ရွေးချယ်ထားသော ကွန်ပျူတာစနစ် မဟုတ်သည့် စက်ပစ္စည်းကို စာှက်လိုပါက၊ ၄င်းကို VeraCrypt ဖြင့် လုံခြုံစွာ ဖော်မက်ချနိုင်ရန် စက်ပစ္စည်းထဲရှိ အခန်းကန့် အားလုံးကို သင် ဖယ်ရှားရမည် (အခန်းကန့်များ ပါရှိသော စက်ပစ္စည်း တစ်ခုကို ဖော်မက်ချခြင်းကြောင့် စက်လည်ပတ်မှု စနစ်ကို မတည်ငြိမ်မှု/ ဒေတာ ပျက်စီးမှု ဖြစ်ပေါ်စေနိုင်သည်)။ တစ်နည်းအားဖြင့်၊ စက်ပစ္စည်းရှိ အခန်းကန့် တစ်ခုစီကို သီးခြား စာဝှက်နိုင်သည် (အခန်းကန့် တစ်ခုစီကို သီးခြား မာစတာကီး အသုံးပြုပြီး စာဝှက်နိုင်မည် ဖြစ်သည်)။ \n\n မှတ်ချက် - GPT disk မှ အခန်းကန့် အားလုံးကို သင် ဖယ်ရှားလိုပါက၊ လျှို့ဝှက် အခန်းကန့်များကို ဖယ်ရှားရန် MBR disk (ဥပမာ -Computer Management tool ကို အသုံးပြုပြီး) အဖြစ် ပြောင်းလဲရန် လိုအပ်သည်။ - သတိပေးချက်- device တစ်ခုလုံးကို သင် စာဝှက်လိုပါက (အခန်းကန့် တစ်ခုတည်းကိုသာ စာဝှက်မည့်အစား)၊ OS က device ကို အသစ်၊ အလွတ်၊ ဖော်မက်ချမထားသော အပိုင်း တစ်ခုအဖြစ် မှတ်ယူပြီး volume ကို ပျက်စီးစေနိုင်​သည့် device ကို အလိုအလျောက် အစပျိုးလာစေနိုင်သည် (သို့မဟုတ် သင် လုပ်ဆောင်လို မလို မေးလာလိမ့်မည်)။ ဒီအပြင်၊ volume ကို (drive နံပါတ် ပြောင်းသွားသည့်အခါ) စိတ်တိုင်းကျ တစ်သမတ်တည်း အစပျိုးနိုင်မည် မဟုတ်ပါ (သို့) စိတ်ကြိုက်-volume အညွှန်းကို သတ်မှတ်နိုင်မည် မဟုတ်ပါ။\n\n ဤအဖြစ်မျိုးကို ရှောင်ရှားရန် device ​ပေါ်၌ အခန်းကန့် တစ်ခုကို ဖန်တီးပြီး အခန်းကန့်ကို စာဝှက်ရန် စဉ်းစားသင့်ပါသည်။\n\n device တစ်ခုလုံးကို စာဝှက်လိုသလား? - အရေးကြီးချက် - Drive အက္ခရာ %c ကို သုံးပြီး ဤ volume ကို အစပျိုးခြင်း/အထဲ ဝင်ရောက်ခြင်း ပြုနိုင်မည် မဟုတ်ပါ။\n\n ဤ volume ကို အစပျိုးရန်၊ ပင်မ VeraCrypt ဝင်းဒိုးရှိ 'အလိုအလျောက်-အစပျိုး Devices များ' (တနည်းအားဖြင့် - ပင်မ VeraCrypt ဝင်းဒိုးထဲရှိ 'Device ရွေးချယ်ရန်' ကို နှိပ်ပါ၊ နောက်ပြီး ဤအခန်းကန့်/device ကို ရွေးပြီး၊ 'အစပျိုးရန်' ကို နှိပ်ပါ) ကို နှိပ်ပါ။ ဤ volume ကို ပင်မ VeraCrypt ဝင်းဒိုးရှိ စာရင်းမှ သင် ရွေးထားသော တခြား drive အက္ခရာ တစ်ခုဖြင့် အစပျိုးလာလိမ့်မည်။\n\n အခန်းကန့်/device ရှိ စာဝှက်စနစ်ကို သင် ဖယ်ရှားဖို့ လိုအပ်မှသာ (ဥပမာ - အကယ်၍ စာဝှက်စနစ်ကို သင် မလိုအပ်တော့သည့်အခါ) မူရင်း drive အက္ခရာ %c ကို သုံးစွဲသင့်သည်။ ဤကဲ့သို့ ကိစ္စမျိုးတွင်၊ 'Computer' (သို့မဟုတ် 'My Computer') စာရင်းမှ drive အက္ခရာ %c ကို ညာဖက် နှိပ်ပြီး၊ 'ဖော်မက်ချရန်' ကို ရွေးပါ။ ထိုသို့မလုပ်ပါက (VeraCrypt အမေးအဖြေ၌ ဖေါ်ပြထားသကဲ့သို့ ၄င်းကို ဖယ်ရှားခြင်း မပြုပါက) drive အက္ခရာ %c ကို အသုံးပြုရတော့မည် မဟုတ်ပါ။ (ထို့နောက် အခြား အခန်းကန့်/device ကို သတ်မှတ်ပါ) - ယခု သင်အသုံးပြုနေသော OS ဗားရှင်း၌ ကွန်ပျူတာစနစ် မဟုတ်သော volumes များကို အစီအစဉ်တကျ စာဝှက်ခြင်း လုပ်ဆောင်၍ မရပါ (၎င်းကို Windows Vista နှင့် နောက်ထွက် ဗားရှင်းများတွင်သာ ပံ့ပိုးထားသည်)။\n\n ဤ၀င်ဒိုး ဗားရှင်းသည် filesystem ကျုံ့ခြင်းကို ပံ့ပိုးမထားပါ (volume ခေါင်းစီးနှင့် အရန်သင့် ခေါင်းစီး​အတွက် နေရာလွတ် ရရှိရန် filesystem ကို ကျုံ့ရမည် ဖြစ်သည်)။ - ရွေးချယ်ထားသော အခန်းကန့်သည် NTFS filesystem ဟုတ်ဟန် မတူပါ။ NTFS filesystem အခန်းကန့်များကိုသာ အစီအစဉ်တကျ စာဝှက်နိုင်သည်။\n\n မှတ်ချက် - ဤ၀င်ဒိုး ဗားရှင်းသည် filesystem ကျုံ့ခြင်းကို ပံ့ပိုးမထားပါ (volume ခေါင်းစီးနှင့် အရန်သင့် ခေါင်းစီး​အတွက် နေရာလွတ် ရရှိရန် filesystem ကို ကျုံ့ရမည် ဖြစ်သည်)။ - ရွေးချယ်ထားသော အခန်းကန့်သည် filesystem ဟုတ်ဟန်မတူပါ။ NTFS filesystem အခန်းကန့်များကိုသာ အစီအစဉ်တကျ စာဝှက်နိင်သည်။\n\nဤအခန်းကန့်ထဲ၌ စာဝှက်ထားသော VeraCrypt volume တစ်ခု ဖန်တီးလိုပါက၊ ( ရွေးစရာ "အခန်းကန့်ကို အစီအစဉ်တကျ စာဝှက်ရန်" ကို ရွေးမည့်အစား) ရွေးစရာ "စာဝှက်ထားသော volume ဖန်တီးရန်၊ ဖော်မက်ချရန်" ကို ရွေးပါ။ - ချို့ယွင်းချက် - အခန်းကန့်သည် သေးလွန်ပါသည်။ VeraCrypt သည် ၄င်းကို အစီအစဉ်တကျ စာမဝှက်နိုင်ပါ။ - ဤအခန်းကန့်ရှိ ဒေတာကို စာဝှက်ရန်၊ အောက်ပါ အဆင့်များကို လုပ်ဆောင်ပါ -\n\n၁) အခန်းကန့် အလွတ်/device တစ်ခု၌ VeraCrypt volume အလွတ်တစ်ခု ဖန်တီးပြီး ၄င်းကို အစပျိုးပါ။\n\n၂) အစပျိုးထားသော VeraCrypt volume ထဲ၌ နဂိုကတည်းက သင် စာဝှက်လိုသော အခန်းကန့်ရှိ ဖိုင်အားလုံးကို ကော်ပီကူးပါ (၄င်းကို အဆင့် ၁ ၌ ဖန်တီးပြီး အစပျိုးထားသည်)။\n\n၃) နဂိုကတည်းက သင် စာဝှက်လိုသော အခန်းကန့်၌ VeraCrypt volume တစ်ခု ဖန်တီးပြီး (ရွေးစရာ "အခန်းကန့်ကို ​အစီအစဉ်တကျ စာဝှက်ရန်" အစား) ရွေးစရာ "စာဝှက်ထားသော volume ဖန်တီးရန်၊ ဖော်မက်ရန်" ​ကို ရွေးချယ်ရန် သတိပြုပါ။ အခန်းကန့်၌ သိုလှောင်ထားသော ဒေတာ အားလုံးကို ဖျက်ပစ်မည် ဖြစ်သည်။ volume ကို ဖန်တီးပြီးပါက ၄င်းကို အစပျိုးလိုက်ပါ။\n\n၄) (အဆင့် ၁ ၌ ဖန်တီးပြီး အစပျိုးထားသော) အရန်သင့် VeraCrypt volume ထဲမှ ဖိုင်အားလုံးကို အဆင့် ၃ ၌ ဖန်တီး(ပြီး အစပျိုး)ထားသော VeraCrypt volume ထဲ ကော်ပီကူးလိုက်ပါ။\n\n၎င်းအဆင့်များ ပြီးဆုံးသောအခါ၊ ဒေတာများ စာဝှက်ပေးမည် ဖြစ်ပြီး၊ နောက်ဆက်တွဲ၌၊ ​​စာဝှက်ထားသော ဒေတာ အရန်သင့် သိမ်းဆည်းမှု တစ်ခု ရလာမည် ဖြစ်သည်။ - VeraCrypt သည် အခန်းကန့် တစ်ခု၊ တက်ကြွ volume တစ်ခု၊ (သို့) ကွန်ပျူတာစနစ် ​drive တစ်ခုလုံးကို အစီအစဉ်တကျ စာဝှက်နိုင်သည်။\n\n အကယ်၍ ကွန်ပျူတာစနစ် မဟုတ်သော device အတွင်း၌ စာဝှက်ထားသော VeraCrypt volume တစ်ခုကို ဖန်တီးလိုပါက၊ (ရွေးစရာ "အခန်းကန့်ကို ​အစီအစဉ်တကျ စာဝှက်ရန်" အစား) ရွေးစရာ "စာဝှက်ထားသော volume ကို ဖန်တီးပြီး ဖော်မက်ရန်" ကို ရွေးပါ။ - ချို့ယွင်းချက် - VeraCrypt သည် အခန်းကန့် တစ်ခု၊ တက်ကြွ volume တစ်ခု၊ (သို့) ကွန်ပျူတာစနစ် ​drive တစ်ခုလုံးကို အစီအစဉ်တကျ စာဝှက်နိုင်သည်။ သတ်မှတ်ထားသော လမ်းကြောင်း မှန်မမှန် စစ်​ဆေးပါ။ - ချို့ယွင်းချက် - filesystem ကို ကျုံ့၍ မရပါ (volume ခေါင်းစီးနှင့် အရန်သင့် ခေါင်းစီးအတွက် နေရာပေးရန် filesystem ကို ကျုံ့ရန် လိုသည်)။\n\nဖြစ်နိုင်ချ အကြောင်းရင်းနှင့် ဖြေရှင်းချက်များ -\n\nဤ volume ၌ လုံလောက်သော နေရာလွတ်မရှိပါ။ ဤ filesystem ၌ အခြား အပ္ပလီကေးရှင်းကို ရေးသားခြင်း မပြုရန် သတိပြုပါ။\n\n- ပျက်စီးနေသော ဖိုင်စနစ် ဖြစ်သည်။ ၄င်းကို စစ်ဆေးပြီး ချို့ယွင်းချက်များကို ပြင်ဆင်ပါ ('Computer' စာရင်းရှိ သက်ဆိုင်ရာ drive အက္ခရာကို ညာဖက် နှိပ်ပါ၊ ထို့နောက် Properties > Tools > ကို ရွေးပြီး 'Check Now' ကို ရွေးပါ၊ ရွေးစရာ 'Automatically fix file system errors' ကို ဖွင့်ပြီး Start ကို နှိပ်ပါ)။\n\n အထက်ပါ အဆင့်များ အလုပ်မဖြစ်ပါက၊ အောက်ပါ အဆင့်များကို ဆက်လုပ်ပါ။ - ချို့ယွင်းချက် - ဤ volume ထဲ၌ နေရာလွတ် အလုံအလောက် မရှိသောကြောင့် filesystem ကို ကျုံ့၍ မရပါ (volume ခေါင်းစီးနှင့် အရန်သင့် ခေါင်းစီးအတွက် နေရာပေးရန် filesystem ကို ကျုံ့ရန် လိုအပ်သည်)\n\n နေရာလွတ် အနည်းဆုံး 256 KB ရရှိအောင် မလိုအပ်သော ဖိုင်များကို ပယ်ဖျက်ပြီး Recycle Bin ကို ရှင်းလင်းကာ ထပ်ကြိုးစားပါ။ ဝင်းဒိုး ပြဿနာ တစ်ရပ်ကြောင့် OS ကို စက်ပြန်မဖွင့်မချင်း Windows Explorer မှ ဖေါ်ပြသော နေရာလွတ် ပမာဏမှာ မှန်ကန်လိမ့်မည် မဟုတ်ပါ။ အကယ်၍ စက်ပြန်တက်၍ ​အကြောင်းမထူးလျှင်၊ ဖိုင်စနစ် ပျက်စီး၍ ဖြစ်မည်။ ၄င်းကို စစ်ဆေးပြီး ချို့ယွင်းချက်များကို ပြင်ဆင်ပါ ('Computer' စာရင်းရှိ သက်ဆိုင်ရာ drive အက္ခရာကို ညာဖက် နှိပ်ပါ၊ ထို့နောက် Properties > Tools > ကို ရွေးပြီး 'Check Now' ကို ရွေးပါ၊ ရွေးစရာ 'Automatically fix file system errors' ကို ဖွင့်ပြီး Start ကို နှိပ်ပါ)။\n\n အထက်ပါ အဆင့်များ အလုပ်မဖြစ်ပါက၊ အောက်ပါ အဆင့်များကို ဆက်လုပ်ပါ။ - Drive %s ပေါ်၌ နေရာလွတ် %.2f bytes ရှိသည် - Drive %s ပေါ်၌ နေရာလွတ် %.2f KB ရှိသည် - Drive %s ပေါ်၌ နေရာလွတ် %.2f MB ရှိသည် - Drive %s ပေါ်၌ နေရာလွတ် %.2f GB ရှိသည် - Drive %s ပေါ်၌ နေရာလွတ် %.2f TB ရှိသည် - Drive %s ပေါ်၌ နေရာလွတ် %.2f PB ရှိသည် - လွတ်နေသော drive အက္ခရာများ မရှိပါ။ - ချို့ယွင်းချက် - VeraCrypt ဒရိုင်ဘာကို ရှာမတွေ့ပါ။\n\nကျေးဇူးပြု၍ 'veracrypt.sys' နှင့် 'veracrypt-x64.sys' ဖိုင်များကို ပင်မ VeraCrypt ​အ​ပ္ပလီကေးရှင်း (VeraCrypt.exe) တည်ရှိရာ ဖိုင်တွဲထဲ ကော်ပီကူးပါ။ - ချို့ယွင်းချက် - လောလောဆယ် လိုက်ဖက်ကိုက်ညီမှု မရှိသော VeraCrypt ဒရိုင်ဘာ ဗားရှင်းdriver ကို သုံးစွဲနေသည်။\n\n အကယ်၍ သင်သည် VeraCrypt ကို (စက်ထဲ မထည့်သွင်းပဲ) အိတ်ဆောင်စနစ်ဖြင့် သုံးစွဲရန် ကြိုးစားနေပြီး၊ တခြား VeraCrypt ဗားရှင်းကို စက်ထဲ ထည့်သွင်းပြီး ဖြစ်ပါက၊ ၄င်းကို အလျင် ဖယ်ထုတ်ရမည် (သို့မဟုတ် VeraCrypt ထည့်သွင်းစနစ်ကို သုံး၍ အဆင့်မြှင့်ပါ)။ ၄င်းကို ဖယ်ထုတ်ရန်၊ ဖေါ်ပြပါ အဆင့်များကို လိုက်နာပါ - Window Vista (သို့) ၄င်းထက် အဆင့်မြင့်၌၊ 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall ကို ရွေးပါ၊ Windows XP ၌၊ 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove ကို ရွေးပါ။\n\nအလားတူ၊ အကယ်၍ သင်သည် VeraCrypt ကို အိတ်ဆောင်စနစ်ဖြင့် (စက်ထဲ ထည့်သွင်းစရာမလိုပဲ) သုံးစွဲရန် ကြိုးစားနေပြီး၊ အခြား VeraCrypt ဗားရှင်း တစ်ခုကို အိတ်ဆောင်စနစ်ဖြင့် သုံးစွဲနေပါက၊ အရင်ဦးဆုံး စက်ကို ပြန်ဖွင့်ပြီးနောက် ဤဗားရှင်းအသစ်ကိုသာ သုံးစွဲပါ။ - မှားယွင်းချက် - ဝှက်စာ စတင်လုပ်ဆောင်မှု မအောင်မြင်ပါ။ - ချို့ယွင်းချက် - ကီး၏ အားနည်းချက်/အားနည်းနိုင်ချေ တွေ့ရှိထားသည်။ ၎င်းကီးကို ဖယ်ထုတ်ရမည် ဖြစ်သည်။ ကျေးဇူးပြု၍ ထပ်ကြိုးစားပါ။ - ကြီးမားသော ချို့ယွင်းချက် တစ်ခု ဖြစ်ပေါ်နေသောကြောင့် VeraCrypt ကို အဆုံးသတ်မည် ဖြစ်သည်။ ၎င်းသည် VeraCrypt ထဲမှ ပရိုဂရမ်အမှား တစ်ခုကြောင့် ဖြစ်ပါက၊ ကျွန်ုပ်တို့ ပြုပြင်ပေးပါမည်။ ကျွန်ုပ်တို့ကို ကူညီရန် အောက်ပါ အချက်များ ပါဝင်သော အလို​အလျှောက် ထုတ်ပြန်သည့် ချို့ယွင်းချက် အကြောင်းကြားစာကို ပေးပို့နိုင်ပါသည်။\n\n- ပရိုဂရမ် ဗားရှင်း\n- OS ဗားရှင်း\n- CPU အမျိုးအစား\n- VeraCrypt အစိတ်အပိုင်း အမည်\n- Checksum of VeraCrypt executable\n- အညွန်း ၀င်းဒိုး အမှတ်အသား အမည်\n- ချို့ယွင်းချက် အမျိုးအစား\n- ချို့ယွင်းချက် တည်နေရာ\n- VeraCrypt ခေါ်ဆိုသော အကန့်\n\nအကယ်၍ 'ဟုတ်ကဲ့' ခလုတ်ကို နှိပ်ပါက၊ အောက်ပါ URL သည် သင့် ပုံမှန် အင်တာနက် ဘရောင်ဆာ၌ ဖွင့်လာမည် ဖြစ်သည်။\n\n%hs\n\n အထက်ပါ ချို့ယွင်းချက် အကြောင်းကြားစာကို ကျွန်ုပ်တို့ထံ ပေးပို့လိုသလား? - သင့်စက်၌ ကြီးကျယ်သော ချို့ယွင်းချက် တစ်ခု ဖြစ်ပေါ်နေသောကြောင့် VeraCrypt ကို အဆုံးသတ်မည် ဖြစ်သည်။\n\n ဤချို့ယွင်းချက်သည် VeraCrypt ကြောင့် မဟုတ်ပါ (ထို့ကြောင့် VeraCrypt ကို စီစဉ်ဖန်တီးသူများက ဖြေရှင်းပေး၍ မရပါ)။ သင့်ကွန်ပျူတာစနစ်၏ ဖြစ်နိုင်ချေ ပြဿနာများ (ဥပမာ - ကွန်ပျူတာစနစ် ပြင်ဆင်ချက်၊ ကွန်ရက် ဆက်သွယ်မှု၊ hardware အစိတ်အပိုင်း အလုပ်မလုပ်မှု) ကို စစ်ဆေးပါ။ - သင့်စက်၌ ကြီးကျယ်သော ချို့ယွင်းချက် တစ်ခု ဖြစ်ပေါ်နေသောကြောင့် VeraCrypt ကို အဆုံးသတ်မည် ဖြစ်သည်။\n\n အကယ်၍ ပြဿနာ ဆက်ရှိနေပါက၊ ဤပြဿနာကို ဖြစ်ပေါ်စေသော - ​ဗိုင်းရပ်စ် ဖယ်ရှား ဆော့ဗ်ဝဲ (သို့) အင်တာနက် လုံခြုံရေး ဆော့ဗ်ဝဲ၊ စက်လည်ပတ်မှုစနစ် "enhancers", "optimizers" (သို့) "tweakers" စသည့် ဖြစ်နိုင်ချေ အ​ပ္ပလီကေးရှင်းများကို ပိတ်ထားခြင်း (သို့) ဖယ်ထုတ်ခြင်း လုပ်ဆောင်နိုင်သည်။ အကယ်၍ အလုပ်မဖြစ်ပါက၊ (ဤပြဿနာသည် malware ကြောင့် ဖြစ်နိုင်သောကြောင့်) သင့် OS စနစ်ကို ပြန်လည် ထည့်သွင်းရန် လိုအပ်နိုင်သည်။ - VeraCrypt ၏ ကြီးမားသော ချို့ယွင်းချက် - rueCrypt သည် လတ်တလော၌ OS ပျက်စီးနေကြောင်း တွေ့ရှိရသည်။ OS ပျက်စီးရခြင်း၏ အကြောင်းရင်း များစွာရှိနိုင်ပါသည် (ဥပမာ အားဖြင့် -စက်ပိုင်းဆိုင်ရာ ပျက်စီးမှု၊ စက်ပစ္စည်း ဒရိုင်ဘာထဲ၌ ပရိုဂရမ် အမှား တစ်ခုခု ရှိနေ၍ စသဖြင့်...)။\n\n VeraCrypt ထဲ၌ ကွန်ပျူတာ လည်ပတ်မှု စနစ် ချို့ယွင်းစေသော ပရိုဂရမ် အမှား တစ်ခုခု ရှိမရှိ VeraCrypt အဖွဲ့ကို စစ်ဆေးစေလိုသလား? - VeraCrypt ကို ကွန်ပျူတာ လည်ပတ်မှုစနစ် ပျက်စီးမှုများအကြောင်း ဆက်လက် စုံစမ်းစေလိုသလား? - VeraCrypt သည် ကွန်ပျူတာ လည်ပတ်မှုစနစ်၌ ပျက်စီးနေသော minidump ဖိုင်ကို ရှာမတွေ့ပါ။ - Disk နေရာလွတ် ရရှိရန် ၀င်းဒိုးထဲက ပျက်စီးနေသော dump ဖိုင်ကို ပယ်ဖျက်လိုသလား? - ကွန်ပျူတာစနစ် ပျက်စီးမှုကို စစ်ဆေးနိုင်ရန်၊ ပထမဆုံး VeraCrypt သည် ၀င်းဒိုးထဲ၌ မိုက်ခရိုဆော့ဗ် Debugging Tools များကို ထည့်သွင်းရန် လိုအပ်သည်။\n\n 'ကောင်းပြီ' ခလုတ်ကို နှိပ်ပြီးနောက်၊ ဝင်းဒိုး ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်သည် မိုက်ခရိုဆော့ဗ် ဆာဗာမှ မိုက်ခရိုဆော့​ဗ် Debugging Tools (16 MB) ကို ဒေါင်းလုပ် ဆွဲယူသွားမည် ဖြစ်သည်။ (Windows ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်သည် veracrypt.org ဆာဗာ မှတဆင့် မိုက်ခရိုဆော့ဗ် ဆာဗာ ရှိရာသို့ ပို့ဆောင်ပေးမည် ဖြစ်သည်။ ဤ​နည်းဖြင့် မိုက်ခရိုဆော့ဗ်၏ ဆော့ဗ်ဝဲ ထည့်သွင်းမှုဖိုင်၏ တည်နေရာ ​​ပြောင်းသွားလျှင်ပင်၊ ဤအင်္ဂါရပ်ကို ဆက်လက် အလုပ်လုပ်သွားစေမည် ဖြစ်သည်။) - ကောင်းပြီ ခလုတ်ကို နှိပ်ပြီးပါက၊ VeraCrypt သည် ကွန်ပျူတာစနစ် ပျက်စီးမှုကို စစ်ဆေးသွားမည် ဖြစ်သည်။ ဒီအတွက် မိနစ်အ​တန်ကြာ အချိန်ယူမည် ဖြစ်သည်။ - Environment variable 'PATH' တွင် 'kd.exe' (Kernel Debugger) ပါဝင်နေရမည် ဖြစ်သည်။ - ကွန်ပျူတာစနစ် ပျက်စီးမှုသည် VeraCrypt ကြောင့် မဟုတ်ကြောင်း ပေါ်လွင်နေသည်။ ကွန်ပျူတာစနစ် ပျက်စီးရခြင်း အကြောင်းရင်း များစွာရှိနိုင်ပါသည် (ဥပမာ အားဖြင့် - စက်ပိုင်းဆိုင်ရာ ပျက်စီးမှု၊ စက်ပစ္စည်း၏ ဒရိုင်ဘာထဲမှ ပရိုဂရမ် အမှားတစ်ခုခု စသဖြင့်)။ - စစ်ဆေးမှု ရလဒ်အရ အောက်ပါ ဒရိုင်ဘာကို မွမ်းမံခြင်းအားဖြင့် ဤပြဿနာကို ဖြေရှင်းနိုင်ကြောင်း ညွှန်​ပြနေသည် - - TryeCrypt ၌ ပရိုဂရမ် အမှား ရှိမရှိ သိရှိနိုင်ရန်၊ သင့်အနေဖြင့် အောက်ပါ အချက်များ အပါအဝင် အလိုအလျောက် ထုတ်ပြန်သော ချို့ယွင်းချက် အကြောင်းကြားစာကို ကျွန်တော်တို့ထံ ပေးပို့နိုင်ပါသည်။\n- ပရိုဂရမ် ဗားရှင်း\n- OS ဗားရှင်း\n - CPU အမျိုးအစား\n- ချို့ယွင်းချက် အမျိုးအစား\n- ဒရိုင်ဘာ အမည်နှင့်ဗားရှင်း\n - System call stack\n\n 'ကောင်းပြီ' ကို ရွေးချယ်လိုက်ပါက၊ (ချို့ယွင်းချက် အကြောင်းကြားစာ အားလုံး ပါ၀င်သော) အောက်ပါ ကွန်ရက် လိပ်စာသည် သင့် ပုံမှန် အင်တာနက် ဘရောင်ဆာပေါ်တွင် ဖွင့်လာလိမ့်မည်။ - အထက်ပါ ချို့ယွင်းချက် မှတ်တမ်းကို ကျွန်တော်တို့ထံ ပေးပို့လိုသလား? - စာဝှက်ရန် - စာဝှက်ဖော်ရန် - &အမြဲတမ်း စာဝှက်ဖေါ်ရန် - ထွက်ရန် - ဤတိုးချဲ့ အခန်းကန့်အတွက် ယုတ္တိတန် drive တစ်ခု ဖန်တီးပြီး၊ ထပ်ကြိုးစားကြည့်ပါ။ - VeraCrypt volume တစ်ခုသည် (VeraCrypt သိမ်းဆည်းခန်းခေါ်) ဖိုင်တစ်ခုထဲ၌ တည်ရှိနိုင်သည်၊ ၄င်းကို hard disk ထဲ ဖြစ်စေ၊ USB flash drive တစ်ခုထဲ၌ ဖြစ်စေ ထားရှိနိုင်သည်။ VeraCrypt သိမ်းဆည်းခန်းသည် သာမန် ဖိုင် (ပုံမှန် ဖိုင်ကဲ့သို့ ရွှေ့​ပြောင်းနိုင်၊ ပယ်ဖျက်နိုင်သည်) နှင့် ဆင်တူသည်။ သိမ်းဆည်းခန်း တစ်ခုအတွက် ဖိုင်အမည် တစ်ခုကို ရွေးချယ်ရန်နှင့် သိမ်းဆည်းခန်း ဖန်တီးလိုသည့် နေရာကို ရွေးချယ်ရန် 'ဖိုင် ရွေးရန်' ကို နှိပ်ပါ။\n\nသတိပေးချက် - လက်ရှိ ဖိုင်တစ်ပုဒ်ကို သင် ရွေးချယ်ပါက၊ VeraCrypt သည် ၄င်းကို စာဝှက်ပေးမည် မဟုတ်ပါ။ ၄င်းဖိုင်သည် ပယ်ဖျက်ခံရပြီး အသစ် ဖန်တီးလိုက်သော VeraCrypt သိမ်းဆည်းခန်းဖြင့် အစားထိုးသွားမည် ဖြစ်သည်။ ယခု သင် ဖန်တီးတော့မည့် VeraCrypt သိမ်းဆည်းခန်းထဲတွင် လက်ရှိ ဖိုင်များကို (နောင်အခါ) ရွှေ့ပြောင်းခြင်းဖြင့် စာဝှက်နိုင်သည်။ - ပြင်ပ volume (ဤ volume ထဲ၌ လျှို့ဝှက် volume ကို နောင်ပိုင်းတွင် ဖန်တီးသွားမည် ဖြစ်သည်) ဖန်တီးမည့် နေရာကို ရွေးချယ်ပါ။\n\nVeraCrypt volume တစ်ခုသည် VeraCrypt သိမ်းဆည်းခန်းဟု ခေါ်သော ဖိုင်တစ်ခုထဲ၌ တည်ရှိနိုင်သည်။ ၄င်းကို hard disk နှင့် USB flash drive တစ်ခုခုထဲတွင် ထားရှိနိုင်သည်။ VeraCrypt သိမ်းဆည်းခန်းကို ပုံမှန် ဖိုင်တစ်ခုကဲ့သို့ ရွေ့ပြောင်းခြင်း၊ ဖျက်ခြင်းများ ပြုလုပ်နိုင်သည်။ သိမ်းဆည်းခန်းအတွက် ဖိုင်အမည်ကို ရွေးရန်နှင့် သိမ်းဆည်းခန်း ဖန်တီးမည့် နေရာကို ရွေးချယ်ရန် 'ဖိုင် ရွေးရန်' ကို နှိပ်ပါ။ လက်ရှိ ဖိုင်တစ်ခုကို သင် ရွေးချယ်ပါက၊ VeraCrypt ​သည် ၄င်းကို စာဝှက်ပေးမည် မဟုတ်ပါ။ ၄င်းသည် ပယ်ဖျက်ခံရမည် ဖြစ်ပြီး အသစ်ဖန်တီးလိုက်သော သိမ်းဆည်းခန်းနှင့် အစားထိုးသွားမည် ဖြစ်သည်။ ယခု ဖန်တီးလိုက်သော VeraCrypt သိမ်းဆည်းခန်းထဲတွင် လက်ရှိ ဖိုင်များကို (နောင်တွင်) ရွေ့ပြောင်းပြီး စာဝှက်ပေးနိုင်သည်။ - စာဝှက်ထားသော device သိမ်းထားသည့် VeraCrypt volumes များကို hard disks များ၊ solid-state drives များ၊ USB မှတ်ဉာဏ်ချောင်းများနှင့်၊ အခြား ပံ့ပိုး​ထားသော သိုလှောင်ရေး devices များရှိ အခန်းကန့်များတွင် ဖန်တီးနိုင်သည်။ အခန်းကန့်များ ​အစီအစဉ်တကျ စာဝှက်ပေးနိုင်သည်။\n\n ဒီ့အပြင်၊ စာဝှက်ထားသော စက်ကိရိယာ သိမ်းထားသည့် VeraCrypt volumes များကို အခန်းကန့်များ မပါရှိသော devices များ (hard disks နှင့် solid-state drives အပါအဝင်) ထဲတွင် ဖန်တီးနိုင်သည်။\n\nမှတ်ချက် - အကယ်၍ drive တစ်ခုထဲ၌ ၀င်းဒိုး တင်ထားပြီး ၄င်းကို သုံးစွဲနေပါက၊ အခန်းကန့်များ ပါရှိသော ၄င်း device တစ်ခုလုံးကို (ကီး တစ်ခုတည်း သုံးပြီး) အစီအစဉ်တကျ စာဝှက်နိုင်သည်။ - Device တစ်ခုထဲတွင် ထားရှိမည့် VeraCrypt volume ကို hard disk အခန်းကန့်၊ solid-state drive, USB မှတ်ဉာဏ်ချောင်းနှင့် အခြားသိုလှောင်ရေး devices များထဲတွင် ဖန်တီးနိုင်သည်။\n\n သတိပေးချက် - ယင်း အခန်းကန့်/device ကို ဖော်မက်ချမည် ဖြစ်ပြီး လောလောဆယ် သိုလှောင်ထားသော ဒေတာအားလုံး ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ - \n ပြင်ပ volume ဖန်တီးမည့် နေရာကို ရွေးချယ်ပါ (ဤ volume ထဲ၌ နောင်တွင် လျှို့ဝှက် volume ကို ဖန်တီးသွားမည် ဖြစ်သည်)။\n\n ပြင်ပ volume ကို hard disks, solid-state drives, USB မှတ်ဉာဏ်ချောင်းများနှင့်၊ အခြား ထောက်ပံ့ထားသော သိုလှောင်ရေး devices များ၏ အခန်းကန့်များအတွင်း ဖန်တီးနိုင်သည်။ ပြင် volume ကို အခြား အခန်းကန့်များ မရှိသည့် devices များအတွင်း ဖန်တီးနိုင်သည်။\n\nသတိပေးချက် - အခန်းကန့်/device ကို ဖော်မက်ချသွားပြီး ၄င်းအထဲ၌ သိုလှောင်ထားသော ဒေတာအားလုံး ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ - \n လျှို့ဝှက် volume တစ်ခု သင် ဖန်တီးလိုသည့် VeraCrypt volume နေရာကို ရွေးချယ်ပါ။ - သတိပေးချက် - Host ဖိုင်/device ကို အသုံးပြုထားပြီ။\n\n ဤအချက်ကို လျှစ်လျှူရှူခြင်း အားဖြင့် ကွန်ပျူတာစနစ် မတည်ငြိမ်မှု စသော မလိုလားအပ်သည့် ရလဒ်များ ဖြစ်ပေါ်စေနိုင်သည်။ Volume ကို အစမ​ပျိုးခင် host ဖိုင်/device ကို သုံစွဲနေသည့် အပ္ပလီကေးရှင်း အားလုံးကို ပိတ်ထားရမည်။\n\n ဆက်လက် အစပျိုးမည်လား? - ချို့ယွင်းချက် - volume ကို အစပျိုး၍ မရပါ။ host ဖိုင်/device ကို အသုံးပြုထားပြီး ဖြစ်သည်။ သီးခြား ၀င်ရောက်ခွင့် မပါပဲ အစပျိုးရန် ကြိုးပမ်းမှု မအောင်မြင်ပါ။ - ဖိုင်ကို ဖွင့်၍ မရပါ။ - Volume တည်နေရာ - ဖိုင်ကြီးများ - VeraCrypt volume ထဲ၌ 4 GB ထက်ကြီးသော ဖိုင်များကို သိမ်းဆည်းမည်လား? - အထက်မှ သင့် ရွေးချယ်မှုအပေါ် မူတည်၍၊ VeraCrypt သည် VeraCrypt volume အတွက် သင့်လျော်သော ပုံမှန် ဖိုင်စနစ်ကို ရွေးချယ်သွားမည် ဖြစ်သည် (နောက်လာမည့် အဆင့်တွင် ဖိုင်စနစ် တစ်ခုကို သင်ကိုယ်တိုင် ရွေးချယ်နိုင်မည် ဖြစ်သည်)။ - သင်သည် ပြင်ပ volume တစ်ခုကို ဖန်တီးနေသည့်အတွက်၊ 'မဟုတ်ပါ' ကို ရွေးချယ်ရန် စဉ်းစားသင့်သည်။ ပုံမှန် ဖိုင်စနစ်သည် NTFS ဖြစ်ပြီး၊ ၄င်းသည် ပြင်ပ volume အတွက် FAT (ဥပမာ အားဖြင့် - အကယ်၍ ပြင်ပ volume ကို FAT အဖြစ် မော်မက်ချပါက လျှို့ဝှက် volume ၏ ဖြစ်နိုင်ချေ အကြီဆုံး အရွယ်အစားသည် သိသိသာသာ ကြီးမားလာမည် ဖြစ်သည်) အဖြစ် ထားရှိရန် မသင့်တော်ပါ။ ပုံမှန်အားဖြင့်၊ FAT သည် လျှို့ဝှက် volume နှင့် သာမန် volume တို့အတွက် ပုံမှန် ဖြစ်သည် (FAT volume ကို သံသယ ဖြစ်မည် မဟုတ်ပါ)။ သို့သော်၊ အကယ်၍ သုံးစွဲသူသည် 4 GB ထက် ကြီးသော ဖိုင်များကို သိုလှောင်ရန် ရည်ရွယ်နေပါက၊ FAT ကို ပုံမှန် အဖြစ် ထားရှိ၍ မရပါ။ - 'ဟုတ်ကဲ့' ခလုတ်ကို ရွေးချယ်ရန် သေချာပြီလား? - Volume ဖန်တီးမှု စနစ် - အခန်းကန့် (သို့) device တစ်ခုခု၌ သိမ်းထားသော VeraCrypt volume (အခြား ရွေးစရာ ဖြစ်သော အစီအစဉ်တကျ စာဝှက်ခြင်းသည် နှေးကွေးသည်၊ အဘယ့်ကြောင့် ဆိုသော် အပိုင်းတစ်ခုစီ၌ ရှိသော အချက်အလက်များကို အရင် ဖတ်ရှုရမည်၊ စာဝှက်ရမည်၊ ရေးသားရမည် ဖြစ်သည်)။ ရွေးချယ်ထားသော အခန်းကန့်/device ထဲ၌ လောလောဆယ် သိုလှောင်ထားသော ဒေတာများ ပျောက်ဆုံးသွားမည် ဖြစ်သည် (ဒေတာများကို စာဝှက်ထားမည် မဟုတ်ပဲ၊ ကျပန်း ဒေတာများဖြင့် အစားထိုးသွားမည် ဖြစ်သည်)။ အခန်းကန့် တစ်ခုထဲရှိ လက်ရှိ ဒေတာများကိ စာဝှက်လိုပါက၊ အခြား ရွေးစရာကို ရွေးချယ်ပါ။ - ရွေးချယ်ထားသော အခန်းကန့် တစ်ခုလုံးနှင့် ၄င်း၌ သိုလှောင်ထားသော ဒေတာ အားလုံးကို အစီအစဉ်တကျ စာဝှက်ပေးမည် ဖြစ်သည်။ အကယ်၍ အခန်းကန့် နေရာသည် လွတ်နေလျှင်၊ အခြား ရွေးစရာကကို ရွေးချယ်ပါ (volume ကို ပိုပြီး မြန်ဆန်စွာ ဖန်တီးနိုင်မည် ဖြစ်သည်)။ - မှတ်ချက် - - &ပြန်စရန် - &ရွှေ့ဆိုင်းရန် - &စတင်ရန် - ဆက်လုပ်ရန် - &ဖော်မက်ချရန် - &ရှင်းလင်းရန် - ဖော်မက်ချခြင်း ရပ်ဆိုင်းမည်လား? - နောက်ထပ် အချက်အလက်များ ပြရန် - ဤအရာကို ထပ်မပြပါနှင့် - အခန်းကန့်/device ၌ ရှိသော အကြောင်းအရာများကို အောင်မြင်စွာ ဖျက်ဆီးလိုက်ပြီ။ - မူလ ကွန်ပျူတာစနစ် (လျှို့ဝှက်စနစ်ကို ပွားယူသော) တည်ရှိခဲ့သော အခန်းကန့်ရှိ အကြောင်းအရာများကို အောင်မြင်စွာ ဖျက်ဆီးလိုက်ပြီ။ - စက်ထဲ သင် (ရှင်းလင်းထားသော အခန်းကန့်​၌) ထည့်သွင်းတော့မည့် ဝင်းဒိုး ဗားရှင်းသည် လောလောဆယ် သင် သုံးစွဲနေသော ဝင်းဒိုး ဗားရှင်းနှင့် တူညီရမည်။ အဘယ်ကြောင့် ဆိုသော် ၄င်း ကွန်ပျူတာစနစ် နှစ်ခုစလုံးသည် boot အခန်းကန့် တစ်ခုတည်းကို မျှဝေ သုံးစွဲကြမည် ဖြစ်သည်။ - ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို အောင်မြင်စွာ စာဝှက်လိုက်ပါပြီ။ \n\n မှတ်ချက် - အကယ်၍ ဝင်းဒိုး စဖွင့်သည့် အခါတိုင်းတွင် အလိုအလျောက် အစပျိုးစေလိုသည့် ကွန်ပျူတာစနစ် မဟုတ်သော VeraCrypt volumes ရှိပါက၊ ၄င်းတို့ တစ်ခုချင်းစီကို အစပျိုးခြင်းဖြင့် ၄င်း၊ 'စိတ်ကြိုက်များ' > 'အစပျိုးခဲ့သော Volume ကို ကွန်ပျူတာစနစ် စိတ်ကြိုက်များ' ရွေးချယ်ခြင်းဖြင့်၄င်း စီစဉ်နိုင်သည်။ - ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို အောင်မြင်စွာ စာဝှက်ဖြည်လိုက်ပြီ။ - \n\n VeraCrypt volume ကို ဖန်တီးလိုက်ပြီ ဖြစ်၍ သုံးစွဲရန် အသင့် ဖြစ်နေပြီ။ အခြား VeraCrypt volume ကို ဖန်တီးလိုပါက၊ 'ရှေ့သို့' ကို နှိပ်ပါ။ ဒါမှမဟုတ် 'ထွက်ရန်' ကို နှိပ်ပါ။ - \n\n လျှို့ဝှက် VeraCrypt volume ကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီ (လျှို့ဝှက် OS သည် ဤလျှို့ဝှက် volume ထဲ၌ ရှိနေမည် ဖြစ်သည်)။\n\n ဆက်လုပ်ရန် 'ရှေ့သို့' ကို နှိပ်ပါ။ - Volume ကို အပြည့်အ၀ စာဝှက်ထားပြီ - Volume Fully Decrypted - အရေးကြီးချက် - အသစ်စက်စက် ဖန်တီးလိုက်သော VERACRYPT VOLUME ကို အစပျိုးပြီး ၄င်းအထဲ၌ သိုလှောင်ထားသော ဒေတာကို ရယူရန်၊ 'Devices များ အလိုလို အစပျိုးရန်' ကို နှိပ်ပါ။ စကားဝှက် (နှင့် ကီးဖိုင်) အမှန်ကို ထည့်သွင်းပြီးပါက ()၊ VeraCrypt ၏ ပင်မ ၀င်းဒိုးပေါ်ရှိ စာရင်းမှ သင် ရွေးချယ်လိုက်သော drive အက္ခရာဖြင့် volume ကို အစပျိုးလာမည် (ပြီးနောက် စာဝှက်ထားသော ဒေတာကို ရွေးချယ်​ထားသော drive အက္ခရာမှတဆင့် ၀င်ရောက်နိုင်မည်) ဖြစ်သည်။\n\nအ​ထက် ဖေါ်ပြပါ အဆင့်များကို မှတ်ထားခြင်း/ရေးမှတ်ခြင်း ပြုထားပါ။ VOLUME ကို အစပျိုးလိုသော အချိန်၊ အထဲ၌ သိုလှောင်ထားသော ဒေတာများကို ရယူလိုသည့်အချိန်တွင် ၄င်းအဆင့်များအတိုင်း လုပ်ဆောင်ပါ။ တနည်းအားဖြင့် - VeraCrypt ၏ ပင်မ ဝင်းဒိုးထဲ၌ တွင် 'Device ရွေးရန်' ကို နှိပ်ပါ၊ ထို့နောက် ဤ အခန်းကန့်/volume ကို ရေးပြီး၊ 'အစပျိုးရန်' ကို နှိပ်ပါ။\n\n အခန်းကန့်/volume ကို အောင်မြင်စွာ စာဝှက်လိုက်ပြီ ဖြစ်၍ သုံးစွဲရန် အသင့် ဖြစ်နေပြီ။ - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCrypt volume ကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီ။ - Volume ဖန်တီးလိုက်ပြီ - အရေးကြီးချက် - သင့် ကြွက်ခလုတ်ကို ဤဝင်းဒိုးအတွင်း တက်နိုင်သမျ ကျပန်း ရွေ့လျားပါ။ ပိုကြာလေ ကောင်းလေ ဖြစ်သည်။ ၎င်းသည် စာဝှက် ကီးများ၏ ဝှက်စာ ကြံ့ခိုင်မှုကို အားကောင်းစေသည်။ ထို့နောက် volume ကို ဖန်တီးရန် ဖော်မက်ချရန် ကို နှိပ်ပါ။ - ပြင်ပ volume ကို ဖန်တီးရန် ဖော်မက်ချရန် ကို နှိပ်ပါ။ အချက်အလက် အပြည့်အစုံကို အသုံးပြုနည်း လမ်းညွှန်၌ ​ဖတ်ရှုပါ။ - ပြင်ပ Volume ပုံစံ - လျှို့ဝှက် Volume ပုံစံ - Volume ပုံစံ - VeraCrypt သုံးစွဲသူ လမ်းညွှန်ကို ဖတ်ရှုရန် (သို့) ပရင့်ထုတ်ရန် Adobe Reader လိုအပ်သည်။ Adobe Reader (အခမဲ့ ဆော့ဗ်ဝဲ) ကို www.adobe.com တွင် ဒေါင်းလုဒ် ဆွဲယူနိုင်သည်။\n\n ၄င်းအစား အွန်လိုင်း သုံးစွဲနည်း လမ်းညွှန်ကို ဖတ်ရှုလိုသလား? - ဤရွေးစရာကို သင် ရွေးချယ်ပါက၊ အညွှန်းစာမျက်နှာ တစ်ခုသည် ပုံမှန် VeraCrypt volume တစ်ခုကို ဖန်တီးပြီး ၄င်း အထဲ၌ လျှို့ဝှက် volume တစ်ခုကို ဖန်တီးရန် အထောက်အကူ ပေးမည် ဖြစ်သည်။ အတွေ့အကြုံ မရှိသေးသော သုံးစွဲသူများသည် ဤရွေးစရာကို အမြဲ ရွေးချယ်ထားရမည် ဖြစ်သည်။ - ဤရွေးစရာကို သင် ရွေးချယ်ပါက၊ လက်ရှိ VeraCrypt volume တစ်ခု အထဲ၌ လျှို့ဝှက် volume တစ်ခုကို သင် ဖန်တီးရမည် ဖြစ်သည်။ သင့်အနေဖြင့် လျှို့ဝှက် volume တစ်ခု ထားရှိရန် သင့်လျှော်သော VeraCrypt volume တစ်ခုကို ဖန်တီးလိုက်ပြီဟု ယူဆပါမည်။ - Volume ဖန်တီးမှု စနစ် - လျှို့ဝှက် Volume ဖန်တီးလိုက်ပြီ - လျှို့ဝှက် VeraCrypt volume ကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီး သုံးစွဲရန် အသင့်ဖြစ်ပါပြီ။ အကယ်၍ ညွှန်ကြားချက်များကို လိုက်နာပြီး၊ VeraCrypt သုံးစွဲသူ လမ်းညွှန် အခန်း "လျှို့ဝှက် Volumes များ အတွက် လုံခြုံရေး လိုအပ်ချက်များနှင့် ကြိုတင် ကာကွယ်မှုများ" ထဲ၌ ဖေါ်ပြထားသည့် ကြိုတင်ကာကွယ်မှုများနှင့် လိုအပ်ချက်များကို လိုက်နာပါက၊ ပြင်ပ volume ကို အစပျိုးထားလျှင်ပင်၊ လျှို့ဝှက် volume တည်ရှိကြောင်း ​သက်သေပြနိုင်မည် ဖြစ်သည်။\n\nသတိပေးချက် - အကယ်၍ သင်သည် လျှို့ဝှက် VOLUME ကို (လုပ်ဆောင်နည်းနဲ့ ပါတ်သက်သော အချက်အလက်ကို VERACRYPT သုံးစွဲသူ လမ်းညွှန်ထဲရှိ "လျှို့ဝှက် VOLUMES များကို မပျက်စီးအောင် ကာကွယ်နည်း" ကို လေ့လာပါ) မကာကွယ်ထားပါက၊ ပြင်ပ VOLUME ထဲ၌ ရေးသားခြင်း မပြုပါနှင့်။ သို့မဟုတ်ပါက၊ လျှို့ဝှက် VOLUME ပေါ် သင် ထပ်ရေးမိပြီး ၄င်းကို ပျက်စီးစေလိမ့်မည် ဖြစ်သည်။ - သင်သည် လျှို့ဝှက် OS ကို စတင် လည်ပတ်​​နေပြီ။ လျှို့ဝှက် OS သည် မူလ လျှို့ဝှက် OS ကဲ့သို့ အခန်းကန့် တစ်ခုထဲ၌ ထည့်သွင်းထာသကဲ့သို့ ပေါ်လွင်နေသည်ကို သင် သတိပြုမိလိမ့်မည်။ သို့သော်၊ လက်တွေ့၌၊ လျှို့ဝှက် volume ၏ နောက်ကွယ်ရှိ အခန်းကန့်ထဲတွင် ထည့်သွင်းထားခြင်း ဖြစ်သည်။ အရေး/အဖတ် လုပ်ငန်းစဉ်အားလုံးကို မှုလ ကွန်ပျူတာစနစ် အခန်းကန့်မှ လျှို့ဝှက် volume ထဲ လွှဲပြောင်းပေးနေသည်။\n\nOS ဒါမှမဟုတ် အပ္ပလီကေးရှင်းများကပင် ကွန်ပျူတာစနစ် အခန်းကန့်ထဲ၌ ဒေတာများ ရေးသားချက်/ဖတ်ရှုချက်များသည် လျှို့ဝှက် volume နောက်ကွယ်က အခန်းကန့်မှ ပြုလုပ်နေကြောင်း သိရှိမည် မဟုတ်ပါ။ ယင်းကဲ့သို့ ဒေတာများကို ထုံးစံအတိုင်း (မျက်လှည့် OS အတွက် အသုံးပြုမည့် စာဝှက် ကီးနှင့် မတူသော) လက်ငင်း စာဝှက်ပေးခြင်း၊ စာဝှက်ဖြည်ပေးခြင်းများ ဆောင်ရွတ်ပေးသည်။\n\n ဆက်လုပ်ရန် 'ရှေ့သို့' ကို နှိပ်ပါ။ - ပြင်ပ volume ကို ဖန်တီးခဲ့ပြီး drive %hc အဖြစ် အစပျိုးလိုက်ပြီ။ ဤပြင်ပ volume ထဲ၌ သင် တကယ် မဝှက်ထားလိုသော အရေးကြီးပုံပေါ်သည့် ဖိုင်အချို့ကို ကော်ပီကူးလိုက်ပါ။ ဤအရာသည် သင့်ကို ကွန်ပျူတာစနစ် အခန်းကန့်၏ နောက်ကွယ်မှ ပထမ အခန်းကန့်၏ စကားဝှက်ကို အကျပ်ကိုင် တောင်းဆိုလာသူအား ပေးရန် ဖြစ်သည်။ ထိုနေရာ၌ ပြင်ပ volume နှင့် (လျှို့ဝှက် OS အပါအ၀င်) လျှို့ဝှက် volume နှစ်ခုစလုံး တည်ရှိနေကြသည်။\n\n အရေးကြီးချက် - ပြင်ပ volume သို့ သင် ကော်ပီကူးသော ဖိုင်များသည် %s ထက် နေရာ မယူစေရပါ။ သို့မဟုတ်ပါက၊ ပြင်ပ volume ၌ လျှို့ဝှက် volume ထားရှိရန်အတွက် နေရာအလွတ် ရှိမည် မဟုတ်ပါ (နောက်ပြီး သင် အလုပ် ဆက်လုပ်၍ ရမည် မဟုတ်ပါ)။ ကော်ပီ ကူးပြီးပါက၊ 'ရှေ့သို့' ကို နှိပ်ပါ (volume ကို အဆုံးမသတ်ပါနှင့်)။ - ပြင်ပ volume ကို ဖန်တီးခဲ့ပြီး drive %hc အဖြစ် အစပျိုးလိုက်ပြီ။ ဤပြင်ပ volume ထဲ၌ သင် တကယ် မဝှက်ထားလိုသော အရေးကြီးပုံပေါ်သည့် ဖိုင်အချို့ကို ကော်ပီကူးလိုက်ပါ။ ၎င်းဖိုင်များသည် သင့် စကားဝှက်ကို အကျပ်ကိုင် တောင်းဆိုလာသူများအား ပြသရန်အတွက် ဖြစ်သည်။ သင်အနေဖြင့် လျှို့ဝှက် volume မဟုတ်ပဲ၊ ပြင်ပ volume ၏ စကားဝှက်ကိုသာ ဖေါ်ပြရမည် ဖြစ်သည်။ သင် တကယ် ဂရုစိုက်ရမည့် ဖိုင်များကို လျှို့ဝှက် volume ထဲတွင် သိမ်းဆည်းမည် ဖြစ်သည်။ ၄င်းကို နောက်ပိုင်းတွင် ဖန်တီးသွားမည် ဖြစ်သည်။ ကော်ပီ ကူးပြီးပါက၊ ရှေ့သို့ ကို နှိပ်ပါ။ ဤ volume ကို အဆုံးမသတ်ပါနှင့်။ \n\n မှတ်ချက် - ရှေ့သို့ ကို သင်နှိပ်ပြီးပါက၊ ကျန်ရှိနေသေးသည့် နေရာလွတ် ပမာဏကို သိရှိရန် ပြင်ပ volume ၏cluster bitmap ကို စကင်ဖတ် စစ်ဆေးသွားမည် ဖြစ်သည်။ ၄င်းသည် volume ၏ အဆုံးပိုင်းနှင့် တစ်ဆက်တည်း တည်ရှိသည်။ ဤနေရာ၌ လျှို့ဝှက် volume ကို ထားရှိသွားမည်။ ဤသို့ဖြင့် ၄င်း၏ အများဆုံး အရွယ်ပမာဏကို ရရှိလာမည် ဖြစ်သည်။ Cluster bitmap စကင်ဖတ် စစ်ဆေးခြင်းဖြင့် ပြင်ပ volume ရှိ ဒေတာများကို လျှို့ဝှက် volume မှ မပျက်စီးစေရန် သေချာစေမည် ဖြစ်သည်။ - ပြင်ပ Volume အကြောင်းအရာများ - \n\n နောက်တဆင့်တွင်၊ ပြင်ပ volume ၏​ ရွေးစရာများကို သင် သတ်မှတ်ရမည် ဖြစ်သည် (၄င်းအထဲ၌ လျှို့ဝှက် volume ကို နောက်ပိုင်းတွင် ဖန်တီးသွားမည် ဖြစ်သည်)။ - \n\n နောက်တဆင့်တွင်၊ ကွန်ပျူတာစနစ် အခန်းကန့် နောက်ကွယ်ရှိ ပထမ အခန်းကန့်အတွင်း၌ (အရင် အဆင့်များ၌ ရှင်းပြခဲ့သည်အတိုင်း) ပြင်ပ VeraCrypt volume ကို ဖန်တီးရမည် ဖြစ်သည်။ - ပြင်ပ Volume - အောက်ပါ အဆင့်များတွင်၊ လျှို့ဝှက် volume အတွက် ရွေးစရာများနှင့် စကားဝှက်ကို သတ်မှတ်ရမည်။ ၄င်း၌ လျှို့ဝှက် volume ပါရှိရမည် ဖြစ်သည်။\n\n မှတ်ချက် - ကျန်ရှိနေသေးသည့် နေရာလွတ် ပမာဏကို သိရှိရန် ပြင်ပ volume ၏cluster bitmap ကို စကင်ဖတ် စစ်ဆေးသွားမည် ဖြစ်သည်။ ၄င်းသည် volume ၏ အဆုံးပိုင်းနှင့် တစ်ဆက်တည်း တည်ရှိသည်။ ဤနေရာ၌ လျှို့ဝှက် volume ကို ထားရှိသွားခြင်းဖြင့် ၄င်း၏ အများဆုံး အရွယ်ပမာဏကို ရရှိမည် ဖြစ်သည်။ လျှို့ဝှက် volume ၏ အများဆုံး အရွယ်ပမာဏကို ဆုံးဖြတ်ပြီး ကွန်ပျူတာစနစ်၏ အရွယ်အစားထက် ပိုကြီးကြောင်း အတည်ပြုမည် ဖြစ်သည် (ဤအချက်သည် အရေးကြီးသည်၊ အဘယ်ကြောင့်ဆိုသော်၊ ကွန်ပျူတာစနစ် အခန်းကန့်၏ အကြောင်းအရာ တစ်ခုလုံးကို လျှို့ဝှက် volume ထဲ၌ ကော်ပီကူးရမည် ဖြစ်သည်)။ ဤသို့ဖြင့် ပြင်ပ volume ရှိ ဒေတာများကို လျှို့ဝှက် volume မှ မဖျက်မိစေရန် သေချာစေမည် ဖြစ်သည်။ - အရေးကြီးချက် - ဤအဆင့်၌ သင် ရွေးချယ်ထားသော အယ်လ်ဂိုရစ်သမ်များကို မှတ်ထားပါ။ မျက်လှည့် ကွန်ပျူတာစနစ်အတွက် အလားတူ အယ်လ်ဂိုရစ်သမ်ကို ရွေးချယ်ရမည် ဖြစ်သည်။ သို့မဟုတ်ပါက၊ လျှို့ဝှက် ကွန်ပျူတာစနစ်ထဲ ၀င်နိုင်မည် မဟုတ်ပါ။ (မျက်လှည့် ကွန်ပျူတာစနစ်ကို လျှို့ဝှက် ကွန်ပျူတာစနစ်ကဲ့သို့ အလားတူ စာဝှက်ထားသော အယ်လ်ဂိုရစ်သမ်ဖြင့် စာဝှက်ထားမည် ဖြစ်သည်။)\n\n မှတ်ချက် - အကြောင်းမှာ မျက်လှည့် ကွန်ပျူတာစနစ်နှင့် လျှို့ဝှက် ကွန်ပျူတာစနစ်တို့သည် သုံးစွဲသူက ရွေးချယ်ပြီး အယ်လဂိုရီသမ် တစ်မျိုးတည်းကိုသာ ပံ့ပိုးထားသော boot loader တစ်ခုတည်းကို မျှဝေ ကြမည် ဖြစ်သည် (အယ်လ်ဂိုရစ်သမ် တစ်ခုစီအတွက်၊ VeraCrypt ၏ Boot Loader အထူး ဗားရှင်း တမျိုး ရှိသည်)။ - \n\n Volume cluster bitmap ကို စစ်ဆေးပြီး၊ လျှို့ဝှက် volume ၏ အများဆုံး အ​ရွယ်ပမာဏကို ဆုံးဖြတ်လိုက်ပြီ။ နောက်အဆင့်များတွင်၊ လျှို့ဝှက် volume အတွက် ရွေးစရာများ၊ အရွယ်ပမာဏနှင့်၊ စကားဝှက်များကို သင် သတ်မှတ်ရမည် ဖြစ်သည်။ - လျှို့ဝှက် Volume - ယခုအချိန်တွင် လျှို့ဝှက် volume ကို ပြင်ပြ volume အဆုံးသတ်သည့် အထိ ပျက်စီမှု မရှိအောင် ကာကွယ်ထားသည်။\n\nသတိပေးချက် - အကယ်၍ ဒေတာများကို လျှို့ဝှက် volume နေရာတွင် သိမ်းဆည်းရန် ကြိုးပမ်းပါက၊ VeraCrypt သည် volume တစ်ခုလုံး (ပြင်ပနှင့် လျှို့ဝှက် အပိုင်း နှစ်ခုစလုံး) ကို အဆုံးမသတ်မီအထိ ရေးသား၍ မရအောင် ကာကွယ်ပေးမည် ဖြစ်သည်။ ဤသို့ ပြုလုပ်ခြင်းကြောင့် ပြင်ပ volume ၌ ဖိုင်စနစ် ပျက်စီးမှု ဖြစ်ပေါ်စေနိုင်သည်။ ၄င်းကို ထပ်တလဲလဲ လုပ်ဆောင်ပါက လျှို့ဝှက် volume ၏ ငြင်းပယ်နိုင်မှုကို ဆိုးဆိုးရွားရွား ထိခိုက်စေနိုင်သည်။ ထို့ကြောင့်၊ လျှို့ဝှက် volume နေရာ၌ ရေးသားမှုကို ရှောင်ရှားရန် ကြိုးစားရမည်။ လျှို့ဝှက် volume နေရာ၌ သိမ်းဆည်းထားသော ဒေတာများကို သိမ်းဆည်းပေးမှာ မဟုတ်ပဲ၊ ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ ၀င်းဒိုးသည် ၄င်းကို ရေးသားမှု ချို့ယွင်းချက် ("ကြန့်ကြာ​သော ရေးသားမှု မအောင်မြင်ပါ" (သို့) "ပါရာမီတာ မမှန်ကန်ပါ") အဖြစ် မှတ်တမ်းတင်နိုင်သည်။ - အသစ်စက်စက် အစပျိုးလိုက်သော volumes ထဲမှ လျှို့ဝှက် volumes များ တစ်ခုစီကို အဆုံးမသတ်မီအထိ ပျက်စီးမှု မရှိရန် ကာကွယ်ထားသည်။\n\nသတိပေးချက် - အကယ်၍ ၄င်း volumes များ၏ ကာကွယ်ထားသော လျှို့ဝှက် volumes နေရာ၌ ဒေတာများကို သိမ်းဆည်းရန် ကြိုးစားပါက၊ VeraCrypt သည် volume တစ်ခုလုံး (ပြင်ပနှင့် လျှို့ဝှက် အပိုင်း အပါအ၀င်) ကို အဆုံးမသတ်မီအထိ ရေးသားမှု မပြုနိုင်ရန် ကာကွယ်ပေးမည် ဖြစ်သည်။ ၎င်းကို ထပ်ခါတလဲလဲ ပြုလုပ်ပါက လျှို့ဝှက် volume ၏ ငြင်းပယ်နိုင်မှုကို ဆိုးဆိုးရွားရွား ထိခိုက်စေနိုင်သည်။ ထို့ကြောင့်၊ လျှို့ဝှက် volume နေရာ၌ ရေးသားခြင်း မပြုရန် တတ်နိုင်သမျှ ရှောင်ရှားရမည်။ ကာကွယ်ထားသော လျှို့ဝှက် volume နေရာများ၌ သိမ်းဆည်းထားသော ဒေတာများကို သိမ်းဆည်းပေးမှာ မဟုတ်ပဲ၊ ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ ၀င်းဒိုးသည် ၄င်းကို ရေးသားမှု ချို့ယွင်းချက် ("ကြန့်ကြာ​သော ရေးသားမှု မအောင်မြင်ပါ" (သို့) "ပါရာမီတာ မမှန်ကန်ပါ") အဖြစ် မှတ်တမ်းတင်နိုင်သည်။ - သတိပေးချက် - %c အဖြစ် အစပျိုးထားသော volume ၏ လျှို့ဝှက် volume နေရာ၌ ဒေတာများကို သိမ်းဆည်းရန် ကြိုးစားနေသည်။ VeraCrypt သည် လျှို့ဝှက် volume ကို ကာကွယ်နိုင်ရန် ၄င်းဒေတာများကို သိမ်းဆည်း၍ မရအောင် တားဆီးနေသည်။ ၄င်းသည် ပြင်ပ volume ၌ ဖိုင်စနစ်ကို ပျက်စီးစေနိုင်ပြီး ၀င်းဒိုးသည် ၄င်းကို ရေးသားမှု ချို့ယွင်းချက် ("ကြန့်ကြာ​သော ရေးသားမှု မအောင်မြင်ပါ" (သို့) "ပါရာမီတာ မမှန်ကန်ပါ") အဖြစ် မှတ်တမ်းတင်နိုင်သည်။ Volume တစ်ခုလုံး (ပြင်ပနှင့် လျှို့ဝှက် အပိုင်း အပါအ၀င်) ကို အဆုံးမသတ်မီအထိ ရေးသားမှု မပြုနိုင်ရန် ကာကွယ်ပေးမည် ဖြစ်သည်။ အကယ်၍ ဤ volume ရှိ လျှို့ဝှက် volume နေရာသို့ ဒေတာများ သိမ်းဆည်းနေမှုကို VeraCrypt က ပထမဆုံးအကြိမ် တားမြစ်နေခြင်း ဖြစ်ပါက၊ ဤလျှို့ဝှက် volume ၏ ငြင်းပယ်နိုင်မှုကို (ပြင်ပ volume ဖိုင်စနစ်အတွင်း သာမန် မဟုတ်သော ဖြစ်နိုင်ဖွယ် လိုက်ဖက်မှု မရှိခြင်းကြောင့်) ဆိုးဆိုးရွားရွား ထိခိုက်စေနိင်သည်။ ထို့ကြောင့်၊ (အမြန် မော်မက်ချစနစ်ကို ပိတ်ထားပြီး) VeraCrypt volume အသစ် တစ်ခုကို ဖန်တီးရန် စဉ်းစားပါ။ ဤ volume မှ ဖိုင်များကို ​volume အသစ်ဆီ ရွှေ့ပြောင်းပါ။ ဤ volume ကို လုံခြုံစွာ (ပြင်ပနှင့် လျှို့ဝှက် အပိုင်း) ဖျက်ဆီးရမည် ဖြစ်သည်။ OS ကို ယခု ပြန်ဖွင့်ရန် အထူး အကြံပြုလိုသည်။ - သင်သည် ဤ volume ၌ 4 GB ထက်ကြီးသော ဖိုင်များကို သိမ်းဆည်းရန် ရည်ရွယ်နေကြောင်း ဖော်ပြနေသည်။ Volume သည် NTFS ဖြစ်ရမှာ ဖြစ်သည်၊ သို့သော် ၄င်းသည် မဖြစ်နိုင်ပါ။ - လျှို့ဝှက် OS ကို အသုံးပြုသည့်အခါ၊ လျှို့ဝှက် မထားသော VeraCrypt volumes များကို NTFS အဖြစ် ဖော်မက်ချ၌ မရပါ။ အကြောင်းရင်းမှာ ၄င်း volume ကို ရေးသား​ရန် ပိတ်ပင်ချက် မရှိပဲ ယာယီ အစပျိုးဖို့ လိုအပ်သည်။ သို့မှသာ OS ကို NTFS အဖြစ် ​ဖော်မက်ချနိုင်မည် ဖြစ်သည် (FAT အဖြစ် ဖော်မက်ချခြင်းကို VeraCrypt ကသာ ​လုပ်ဆောင်ပြီး၊ OS မှ လုပ်ဆောင်ခြင်း မဟုတ်ပါ၊ volume ကို အစပျိုးစရာ မလိုပါ)။ နောက်ထပ် နည်းပညာဆိုင်ရာ အသေးစိတ်များကို အောက်တွင် လေ့လာပါ။ မျက်လှည့် OS အတွင်း၌ လျှို့ဝှက် မထားသော NTFS volume ကို သင် ဖန်တီးနိုင်သည်။ - လုံခြုံရေး အကြောင်းများကြောင့်၊ လျှို့ဝှက် OS အသုံးပြုသည့်အခါ၊ လျှို့ဝှက် volumes များကို 'တိုက်ရိုက်' စနစ်ဖြစ်သာ ဖန်တီးနိုင်မည် ဖြစ်သည် (အဘယ့်ကြောင့်ဆိုသော် volumes များကို ဖတ်ရှုရန်အတွက်သာ အမြဲတမ်း အစပျိုးရပါမည်)။ လျှို့ဝှက် volume တစ်ခုကို လုံခြုံ​စွာ ဖန်တီးရန်၊ အောက်ပါ အဆင့်များကို လိုက်နာပါ -\n\n၁) မျက်လှည့် ကွန်ပျူတာစနစ်ကို ဖွင့်ပါ။\n\n၂) ပုံမှန် VeraCrypt volume ကို ဖန်တီးပြီး၊ ၄င်း volume ထဲ၌ သင်သည် အမှန်တကယ် မဝှက်ထားလိုသော အရေးကြီးပုံပေါ်သည့် ဖိုင်အချို့ကို ကော်ပီ ကူးပါ (ဤ volume သည် ပြင်ပ volume ဖြစ်လာမည် ဖြစ်သည်)ပါ။\n\n၃) လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို ဖွင့်ပြီး VeraCrypt Volume ဖန်တီးမှု အညွှန်းကို စတင်ပါ။ အကယ်၍ Volume ၌ ဖိုင်သိမ်းထားပါက၊ ၄င်းကို ကွန်ပျူတာစနစ် အခန်းကန့်ထဲ (သို့) အခြား လျှို့ဝှက် Volume ထဲ ရွှေ့​​ပြောင်းလိုက်ပါ (သို့မဟုတ်ပါက၊ အသစ် ဖန်တီးလိုက်သော လျှို့ဝှက် Volume သည် ဖတ်ရှုရန်အတွက်သာ အစပျိုးနိုင်မည် ဖြစ်ပြီး ၄င်းကို ဖော်မက်ချနိုင်မည် မဟုတ်ပါ)။ 'တိုက်ရိုက်' လျှို့ဝှက် Volume ဖန်တီးမှု စနစ်ကို ရွေးချယ်ရန် အညွှန်း၌ ဖေါ်ပြထားသည် ညွှန်ကြားချက်များကို လိုက်နာပါ။\n\n၄) အညွှန်းထဲ၌၊ အဆင့် ၂ တွင် သင် ဖန်တီးခဲ့သော Volume ကို ရွေးချယ်ပြီး၊ ၄င်းအထဲ၌ လျှို့ဝှက် Volume တစ်ခု ဖန်တီးရန် ညွန်ကြားချက်များကို လိုက်နာပါ။ - လုံခြုံရေး အကြောင်းများကြောင့်၊ လျှို့ဝှက် OS အသုံးပြုသည့်အခါ၊ စာဝှက်မထားသော လောကယ် ဖိုင်စနစ်များနှင့် လျှို့ဝှက်မထားသော VeraCrypt volumes များကို ဖတ်ရှုရန်သက်သက် အဖြစ် အစပျိုးလာသည် (ထိုကဲ့သို့သော ဖိုင်စနစ်များ (သို့) VeraCrypt volumes များထဲ၌ ဒေတာများကို ရေးသား၍ မရပါ)။\n\nလျှို့ဝှက် VeraCrypt volume ထဲ၌ ရှိသော ဖိုင်စနစ်များထဲ​ ဒေတာများကို ရေးသားနိုင်သည် (လျှို့ဝှက် volume သည် စာဝှက်မထားသော ဖိုင်စနစ် (သို့) အခြား ဖတ်ရှုရန် သက်သက် ဖိုင်စနစ်ထဲ၌ ရှိသော သိမ်းဆည်းခန်းထဲ၌ မရှိပါ)။ - - ၄င်းသည် လျှို့ဝှက် VeraCrypt Volumes များကို အစပျိုးရန် လုံခြုံသော ပလက်ဖောင်း တစ်ခုကို ဖန်တီးစေသည်။ လျှို့ဝှက် volumes များသည် လျှို့ဝှက် OS ကို အသုံးပြုသည့်အခါ၌သာ အစပျိုးရန် ကျွန်ုပ်တို့ တရားဝင် အကြံပြုပါသည်။ (နောက်ထပ် အချက်အလက်များကို အသုံးပြုနည်း လက်စွဲထဲရှိ လျှို့ဝှက် volumes များနှင့် သက်ဆိုင်သော လုံခြုံရေး လိုအပ်ချက်များနှင့် ကြိုတင်ကာကွယ်မှုများ' အပိုင်းခွဲကို လေ့လာပါ။) -\n- အချို့ ကိစ္စများ၌၊ သီးခြား ဖိုင်စနစ် တစ်ခုကို OS တစ်ခု၏ သီးခြား ဖြစ်စဉ် တစ်ခု​​​အောက်၌ အစမ​ပျိုးပါ (သို့မဟုတ် ဖိုင်စနစ်၌ရှိသော သီးခြား ဖိုင်တစ်ခုကို သိမ်းဆည်းမထားပါ (သို့) အတွင်းမှ မဝင်ရောက်နိုင်ပါ)။ ဥပမာ အားဖြင့်၊ ဖိုင်စနစ် journals များ၊ ဖိုင်အချိန်မှတ်များ၊ အပ္ပလီကေးရှင်း မှတ်တမ်းများ၊ ချို့ယွင်းချက် မှတ်တမ်းများ စသည်တို့ကို ခွဲခြမ်းစိတ်ဖြာခြင်း၊ နှိုင်းယှဉ်ခြင်း ပြုလုပ်ပေးသည်။ ၎င်းသည် ကွန်ပျူတာထဲ၌ လျှို့ဝှက် OS တစ်ခုကို ထည့်သွင်းထားကြောင်း ပြညွှန်နိုင်သည်။ တန်ပြန်ရေး အစီအမံသည် ၄င်းကို တားဆီးပေးတသည်။\n\n- ၎င်းသည် ဒေတာ ပျက်စီးခြင်းကို ကာကွယ်ပေးပြီးလုံခြုံသော hibernation ကို ခွင့်ပြုပေးသည်။ အကယ်၍ ဝင်းဒိုးကို hibernation စနစ်မှ ပြန်ခေါ်သည့်အခါ၊ အစပျိုးထားသော ဖိုင်စနစ် အားလုံးသည် အလားတူ ​အနေအထား၌ ရှိနေကြောင်း ယူဆထားသည်။ VeraCrypt သည် မျက်လှည့် ကွန်ပျူတာစနစ်နှင့် လျှို့ဝှက် ကွန်ပျူတာစနစ် နှစ်ခုစလုံးမှ ရယူနိုင်သော ဖိုင်စနစ်များသည် ရေးသား၍ မရအောင် ကာကွယ်ထားကြောင်း သေချာစေသည်။ ယင်းကဲ့သို့ ကာကွယ်မှု မရှိပဲ၊ အခြား ကွန်ပျူတာစနစ်ကို hibernation ပြုလုပ်ထားစဉ် ကွန်ပျူတာစနစ် တစ်ခုကို အစပျိုးခြင်းအားဖြင့် ဖိုင်စနစ်များ ပျက်စီးနိုင်သည်။ - မှတ်ချက် - အကယ်၍ မျက်လှည့် ကွန်ပျူတာစနစ်ထဲမှ ဖိုင်များကို လျှို့ဝှက် ကွန်ပျူတာစနစ်ထဲ လုံခြုံစွာ ပြောင်းရွှေ့လိုက်ပါက၊ အောက်ပါ အဆင့်များကို လိုက်နာပါ -\n၁) မျက်လှည့် ကွန်ပျူတာစနစ်ကို စဖွင့်ပါ။\n၂) ဖိုင်များကို စာဝှက်မထားသော volume တစ်ခုထဲ သိမ်းဆည်းပါ (သို့) ပြင်ပ/ပုံမှန် VeraCrypt volume တစ်ခုထဲ သိမ်းဆည်းပါ။\n၃) လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို စတင်ပါ။\n၄) အကယ်၍ ဖိုင်များကို VeraCrypt volume တစ်ခုထဲ သိမ်းဆည်းထားပါက၊ ၄င်းကို အစပျိုးပါ (၎င်းကို ဖတ်ရှုရန်သက်သက်အဖြစ် အလိုအလျောက် အစပျိုးလာမည် ဖြစ်သည်)\n၅) ဖိုင်များကို လျှို့ဝှက် ကွန်ပျူတာစနစ် အခန်းကန့်ထဲ (သို့) အခြား လျှို့ဝှက် volume ထဲ ကော်ပီးကူးလိုက်ပါ။ - သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ဖို့ လိုအပ်သည်။\n\nကွန်ပျူတာကို ယခု ပြန်ဖွင့်လိုသလား? - ကွန်ပျူတာစနစ်၏ စာဝှက်ခြင်း အနေအထားကို ရယူနေစဉ် ချို့ယွင်းချက် တစ်ခု ဖြစ်ပေါ်နေသည်။ - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - ကွန်ပျူတာစနစ် စာဝှက်ရန်အတွက် အပ္ပလီကေးရှင်း အစိတ်အပိုင်းများကို အစပြု၍ မရပါ။ - ကျပန်း နံပါတ် ထုတ်စနစ်ကို အစပြု၍ မရပါ။ - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - အပ္ပလီကေးရှင်းကို အစပြု၍ မရပါ။ Dialog class ကို မှတ်ပုံတင်ရန် မအောင်မြင်ပါ။ - ချို့ယွင်းချက် - Rich Edit စနစ် လိုင်ဘရာရီကို ဖွင့်မရပါ။ - VeraCrypt Volume ဖန်တီးမှု အညွှန်း - ဤ volume အတွက် လျှို့ဝှက် volume ၏ အများဆုံး အရွယ်အစားမှာ %.2f bytes ဖြစ်သည်။ - ဤ volume အတွက် လျှို့ဝှက် volume ၏ အများဆုံး အရွယ်အစားမှာ %.2f KB ဖြစ်သည်။ - ဤ volume အတွက် လျှို့ဝှက် volume ၏ အများဆုံး အရွယ်အစားမှာ %.2f MB ဖြစ်သည်။ - ဤ volume အတွက် လျှို့ဝှက် volume ၏ အများဆုံး အရွယ်အစားမှာ %.2f GB ဖြစ်သည်။ - ဤ volume အတွက် လျှို့ဝှက် volume ၏ အများဆုံး အရွယ်အစားမှာ %.2f TB ဖြစ်သည်။ - ဤ volume ကို အစပျိုးထားစဉ် volume စကားဝှက်/ကီးဖိုင်များကို ပြောင်းလဲ၍ မရပါ။ ဤ volume ကို အရင် အဆုံးသတ်လိုက်ပါ။ - ဤ volume ကို အစပျိုးနေစဉ် ခေါင်းစီး ဆင်းသက်ပုံ အယ်လဂိုရီသမ်ကို ပြောင်း၍ မရပါ။ ဤ volume ကို အရင် အဆုံးသတ်ပါ။ - &အစပျိုးပါ - ဤ volume ကို အစပျိုးရန် VeraCrypt ဗားရှင်း အသစ် လိုအပ်သည်။ - ချို့ယွင်းချက် - Volume ဖန်တီးခြင်း အညွှန်းကို ရှာမတွေ့ပါ။\n\nဖိုင်တွဲထဲ၌ 'VeraCrypt Format.exe' ရှိရမည် ဖြစ်ပြီး၊ ၄င်းဖိုင်တွဲမှာ 'VeraCrypt.exe' ကို ဖွင့်ရမည် ဖြစ်သည်။ အကယ်၍ မရှိခဲ့လျှင် VeraCrypt ကို ဖက်ထဲ ထပ်မထည့်သွင်းပါ၊ (သို့) သင့် disk တွင် 'VeraCrypt Format.exe' ကို ရှာပြီး ၄င်းကို ဖွင့်ပါ။ - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &ရှေ့သို့ > - &ပြီးသွားပြီ - စက်ထဲ ထည့်သွင်းရန် - &ဖြည်ချရန် - VeraCrypt device ဒရိုင်ဘာကို ဆက်သွယ်၍ မရပါ။ အကယ်၍ device ဒရိုင်ဘာ အလုပ်မလုပ်လျှင် VeraCrypt အလုပ်လုပ်နိုင်မည် မဟုတ်ပါ။\n\nဝင်းဒိုး ပြဿနာ တစ်ရပ်ကြောင့်၊ device ဒရိုင်ဘာကို မဖွင့်ခင် ကွန်ပျူတာစနစ်ကို ခေတ္တပိတ်ထားရန် (သို့) စက်ပြန်ဖွင့်ရန် လိုအပ်လာနိုင်သည်။ - ဖောင့်များကို ဖွင့်နေစဉ်/ပြင်ဆင်နေစဉ် ချို့ယွင်းချက် ဖြစ်ပွားသည်။ - Drive အက္ခရာကို ရှာမတွေ့ပါ (သို့) drive အက္ခရာကို သတ်မှတ်မထားပါ။ - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Drive အက္ခရာ မရနိုင်ပါ။ - ဖိုင် ရွေးမထားပါ! - Drive အက္ခရာ မရနိုင်ပါ။ - ပြင်ပ volume အတွက် လွတ်နေသော drive အက္ခရာ မရှိပါ။ Volume ကို ဆက်လက် မဖန်တီးနိုင်ပါ။ - သင့် OS ဗားရှင်းကို မခွဲခြားနိုင်ပါ (သို့) သင်သည် ပံ့ပိုးမထားသော OS တစ်ခုကို သုံးစွဲနေသည်။ - ဖိုင်လမ်းကြောင်း ရွေးချယ်မထားပါ! - လျှို့ဝှက် volume အတွက် နေရာလွတ် မရှိပါ။ Volume ကို ဆက်လက် မဖန်တီးနိုင်ပါ။ - ျို့ယွင်းချက် - ပြင်ပ volume ၌ သင် ကော်ပီးလိုက်သော ဖိုင်များသည် နေရာယူလွန်းသည်။ ထိုကြောင့်၊ ပြင်ပ volume ၌ လျှို့ဝှက် volume အတွက် နေရာလွတ် မလုံလောက်ပါ။\n\nလျှို့ဝှက် volume (လောလောဆယ် OS ထည့်သွင်းထားသော အခန်းကန့်) သည် ကွန်ပျူတာစနစ် အခန်းကန့်ကဲ့သို့ ကြီးနေရမည်။ အကြောင်းရင်းမှာ ကွန်ပျူတာစနစ် အခန်းကန့်ရှိ ​အကြောင်းအရာကို လျှို့ဝှက် volume ထဲ ကော်ပီးကူးပြီး လျှို့ဝှက် OS စနစ် ဖန်တီးရမည် ဖြစ်​​​သောကြောင့် ဖြစ်သည်။\n\n\nလျှို့ဝှက် OS စနစ် ဖန်တီးမှု လုပ်ငန်းစဉ်ကို ဆက်လက် မလုပ်ဆောင်နိုင်ပါ။ - ဒရိုင်ဘာကို volume ကို အဆုံးမသတ်နိုင်ပါ။ volume ထဲရှိ အချို့ဖိုင်များကို ဖွင့်နေသေး၌ ဖြစ်မည်။ - Volume ကို ပိတ်ထား၌ မရပါ။ Volume ထဲ၌ ဖွင့်နေဆဲ ဖိုင်များ ရှိနေသေးသည်။ ထိုကြောင့်၊ ၄င်းကို အဆုံးသတ်၍ မရပါ။ - VeraCrypt သည် volume ကို ပိတ်​ထား၍ မရပါ၊ အဘယ်ကြောင့် ဆိုသော် ၄င်းကို ကွန်ပျူတာစနစ်က (သို့) အပ္ပလီကေးရှင်း () က အသုံးပြုနေသည်။\n\nVolume ကို အတင်း အဆုံးသတ်လိုသလား? - VeraCrypt Volume တစ်ခု ရွေးချယ်ရန် - ဖိုင် လမ်းကြောင်းနှင့် ဖိုင်အမည် သတ်မှတ်ရန် - PKCS #11 လိုင်ဘရာရီ ရွေးချယ်ရန် - မှတ်ဉာဏ် မရှိတော့ပါ - အရေးကြီးချက် - အတွေ့အကြုံ မရှိသေးသော သုံးစွဲသူများသည် VeraCrypt ဖိုင် သိမ်းဆည်းခန်းကို device/အခန်းကန့် တစ်ခုလုံး၌ ဖန်တီးမည့်အစား၊ ရွေးချယ်ထားသော device/အခန်းကန့်၌ ဖန်တီးရန် အထူး အကြံပြုအပ်ပါသည်။\n\nVeraCrypt ဖိုင် သိမ်းဆည်းခန်း (device တစ်ခု (သို့) အခန်းကန့် တစ်ခုကို စာဝှက်ခြင်း မဟုတ်ပဲ) တစ်ခုကို သင် ဖန်တီးသည့်အခါ၊ ဖိုင်အများအပြား ပျက်စီးသွားမည့် အန္တရာယ် မရှိပါ။ VeraCrypt ဖိုင် သိမ်းဆည်းခန်း (၄င်း၌ စာဝှက်ထားသော disk အတု တစ်ခု ရှိနေသော်လည်း) သည် ပုံမှန် ဖိုင် တစ်ဖိုင်ကဲ့သို့ ဖြစ်သည်။ နောက်ထပ် အချက်အလက်များကို VeraCrypt သုံးစွဲသူ လမ်းညွှန်ထဲရှိ စတင် လေ့လာသူ သင်တန်း လမ်းညွှန် အခန်းကို လေ့လာပါ။\n\nDevice/အခန်းကန့် တစ်ခုလုံးကို သင် စာဝှက်လိုသလား? - သတိပေးချက် - ဖိုင်အမည် '%s' ရှိနေပြီ ဖြစ်သည်!\n\nအရေးကြီးချက် - VeraCrypt သည် ဖိုင်ကို စာဝှက်ပေးမည် မဟုတ်ပါ၊ သို့သော် ၄င်းကို ပယ်ဖျက်မည် မဟုတ်ပါ။ ဖိုင်ကို ပယ်ဖျက်ပြီး VeraCrypt သိမ်းဆည်းခန်း အသစ် တစ်ခုနှင့် အစားထိုးလိုသလား? - သတိပေးချက် - လောလောဆယ် ရွေးချယ်ထားသော %s '%s'%s ၌ သိမ်းဆည်းထားသော ဖိုင်အားလုံးကို ဖျက်ပစ်မည် ဖြစ်ပြီး၊ ​ပျောက်ဆုံးသွားမည် ဖြစ်သည် (၄င်းတို့ကို စာဝှက်ထားမည် မဟုတ်ပါ)!\n\nဖော်မက်ချပြီး သင် ဆက်လက် လုပ်ဆောင်လိုသလား? - သတိပေးချက် - Volume ကို အပြည့်အ၀ စာမဝှက်မီ ၎င်းကို အစပျိုးနိုင်မည် မဟုတ်ပါ (သို့) ၄င်းအထဲရှိ ဖိုင်များကို ရယူနိုင်မည် မဟုတ်ပါ။\n\nရွေးချယ်ထားသော %s '%s'%s ကို စတင် စာဝှက်လိုသလား? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - သတိပေးချက် - လက်ရှိ ဒေတာများကို အစီအစဉ်တကျ စာဝှက်နေစဉ် ​ပါဝါအား ပျက်သွားပါက၊ (သို့) VeraCrypt သည် လက်ရှိ ဒေတာများကို အစီအစဉ်တကျ စာဝှက်နေစဉ် ဆော့ဗ်ဝဲ ချို့ယွင်းချက်ကြောင့် သို့မဟုတ် စက်ပိုင်းဆိုင်ရာ ချို့ယွင်းချက်ကြောင့် OS စနစ် ပျက်စီးသွားပါက၊ ဒေတာ တစ်စိတ်တစ်ပိုင်းသည် ပျက်စီးသွားမည် (သို့) ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ ထို့ကြောင့်၊ စာဝှက်ခြင်း မပြုမီ၊ သင် စာဝှက်​လိုသော ဖိုင်များ၏ အရန်သင့်​ ကော်ပီ ထားရှိရမည် ဖြစ်သည်။\n\nယင်းကဲ့သို့ အရန်သင့် သိမ်းဆည်းချက် သင့်ထံ၌ ရှိသလား? - သတိပေးချက် - လောလောဆယ် '%s'%s အခန်းကန့် (ကွန်ပျူတာစနစ် အခန်းကန့်​ နောက်ကွယ်မှ ပထမ အခန်းကန့်) ၌ သိမ်းဆည်းထားသော ဖိုင်များ (၄်းတို့ကို စာဝှက်ထားမည် မဟုတ်) သည် ပယ်ဖျက်ခံရလိမ့်မည် (သို့) ပျောက်ဆုံးသွားလိမ့်မည်!\n\nဖော်မက်ချပြီး ဆက်လက် လုပ်ဆောင်ရန် သေချာသလား? - သတိပေးချက် - ရွေးချယ်ထားသော အခန်းကန့်၌ ဒေတာ အများအပြား ရှိနေသည်။ ၄င်း အခန်းကန့်၌ သိမ်းဆည်းထားသော ဖိုင်များသည် ဖျက်ဆီးခံရမည် ဖြစ်ပြီး ပျောက်ဆုံးသွားမည် ဖြစ်သည် (၎င်းဖိုင်များကို စာဝှက်မထားပါ)! - အခန်းကန့်ထဲ၌ VeraCrypt volume တစ်ခု ဖန်တီးပြီး သိမ်းဆည်းထားသော ဖိုင်များကို ပယ်ဖျက်ပါ။ - စကားဝှက် - PIM - ခေါင်းစီး ကီး ဆင်းသက်မှုလအယ်လဂိုရစ်သမ် သတ်မှတ်ရန် - Volume ထဲရှိ ကီးဖိုင်များကို ထည့်သွင်းရန်/ဖယ်ရှားရန် - Volume ထဲရှိ ကီးဖိုင်အားလုံးကို ဖယ်ရှားရန် - စကားဝှက်နှင့် ကီးဖိုင်(များ)ကို အောင်မြင်စွာ ပြောင်းလိုက်ပြီး။\n\nအရေးကြီးချက် - VeraCrypt သုံးစွဲသူ လမ်းညွှန်ထဲမှ 'လုံခြုံရေး လိုအပ်ချက်များနှင့် ကြိုတင်ကာကွယ်မှုများ' အခန်းမှ 'စကားဝှက်များနှင့် ကီးဖိုင်များ ပြောင်းလဲခြင်း' အပိုင်းကို သေချာ ဖတ်ရှုပါ။ - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - အရေးကြီးချက် - အကယ်၍ VeraCrypt ဆယ်တင်​ရေး အခွေကို သင် မဖျက်ဆီးပါက၊သင့် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စကားဝှက် အဟောင်းဖြင့် (VeraCrypt ဆယ်တင်ရေး အခွေကို ထည့်၊ စကားဝှက်ကို ရေးထည့်ပြီး) စာဝှက်ဖြည်နိုင်မည် ဖြစ်သည်။ VeraCrypt ဆယ်ဆင်ရေး အခွေကို ဖန်တီးပြီး အဟောင်းကို ဖျက်ဆီးလိုက်ပါ။\n\nVeraCrypt ဆယ်တင်ရေး ​အခွေသစ် တစ်ခုကို သင် ဖန်တီးလိုသလား? - သင့် VeraCrypt ဆယ်တင်ရေး ​အခွေသည် ယခင် အယ်လဂိုရီသမ်ကို သုံးစွဲနေဆဲဖြစ်သည်ကို သတိပြုပါ။ အကယ်၍ ယခင်က အယ်လဂိုရီသမ်သည် လုံခြုံမှုမရှိဟု ယူဆပါက၊ VeraCrypt ဆယ်တင်ရေး အခွေသစ် တစ်ခု ဖန်တီးပြီး အဟောင်းကို ဖျက်ဆီးလိုက်ပါ။\n\nVeraCrypt ပျက်စီးဒေတာပြန်ဖော်ဓာတ်ပြားကို သင်သည် ဖန်တီးလိုပါသလား? - မည်သည့် ဖိုင်အမျိုးအစားမဆို (ဥပမာ - .mp3, .jpg, .zip, .avi) VeraCrypt ကီးဖိုင် အဖြစ် အသုံးပြုနိုင်သည်။ VeraCrypt သည် ကီးဖိုင်ပါ အကြောင်းအရာများကို အပြောင်းအလဲ မလုပ်ပါ။ သင်သည် ကီးဖိုင် တစ်ခုပို၍ ရွေးချယ်နိုင်သည် (ဖိုင်ဟောင်းလျှင်လည်း ကိစ္စမရှိပါ)။ အကယ်၍ ဖိုင်တွဲ တစ်ခုကို သင် ထည့်သွင်းလျှင်၊ ၄င်း၌ တွေ့ရှိသော လျှို့ဝှက်မထားသည့် ဖိုင်အားလုံးကို ကီးဖိုင်များအဖြင့် အသုံးပြုလိမ့်မည်။ လုံခြုံရေး တိုကင်များ သို့မဟုတ် စမတ်ကတ်များ၌ သိမ်းဆည်းထားသော ကီးဖိုင်များကို ရွေးချယ်ရန် (သို့မဟုတ် တိုကင်များ (သို့) စမတ်ကတ်များ အတွက် ကီးဖိုင်များကို တင်သွင်းရန်) 'တိုကင် ဖိုင်များ ထည့်သွင်းရန်' ကို နှိပ်ပါ။ - ကီးဖိုင်(များ) ကို အောင်မြင်စွာ ထည့်သွင်းလိုက်ပြီ/ဖယ်ရှားလိုက်ပြီ။ - ကီးဖိုင် တင်ပို့လိုက်ပြီ။ - ခေါင်းစီး ကီး ဆင်းသက်မှု အယ်လဂိုရီသမ်ကို အောင်မြင်စွာ သတ်မှတ်လိုက်ပြီ။ - စာဝှက်သည့် လုပ်ငန်းစဉ်ကို အစီအစဉ်တကျ ပြန်လည် လုပ်ဆောင်လိုသည့် စာဝှက်မထားသော ကွန်ပျူတာစနစ် volume အတွက် စကားဝှက်/ကီးဖိုင်(များ)ကို ရေးထည့်ပါ။\n\n\nမှတ်ချက် - ရှေ့သို့ ခလုတ်ကို နှိပ်ပြီးနောက် VeraCrypt သည် စာဝှက်ခြင်း လုပ်ငန်းစဉ် အနှောင့်အယှက် ခံရသောနေရာ့၊ VeraCrypt volume ခေါင်းစီးသည် ပေး​ထားသော စကာဝှက်/ကီးဖိုင်(များ)ကို သုံးပြီး စာဝှက်ဖြည်နိုင်သော နေရာ ဖြစ်သည့် ကွန်ပျူတာစနစ် မဟုတ်သည့် volumes အားလုံးကို ကြိုးစား ရှာဖွေ​လာလိမ့်မည်။ အကယ်၍ ယင်းကဲ့သို့ volume ကို တစ်ခုထက်ပိုပြီး တွေ့ရှိပါက၊ ၄င်းတို့အထဲက တစ်ခုကို နောက်အဆင့်၌ သင် ရွေးချယ်ရမည် ဖြစ်သည်။ - စာရင်းထဲ၌ ပါသော volumes များထဲက တစ်ခုကို ရွေးချယ်ပါ။ စာရင်းထဲ၌ စာဝှက်ခြင်း လုပ်ငန်းစဉ် အနှောင့်အယှက် ခံရသည့် ကွန်ပျူတာစနစ် မဟုတ်သော volume ပါရှိပြီး ၄င်း၏ ခေါင်းစီးကို ပေးထားသော စကားဝှက်/ကီး(ဖိုင်)များကို သုံးပြီး စာဝှက်ဖြည်နိုင်သည်။ - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - ကြံ့ခိုင်သော စကားဝှက် တစ်ခုကို ရွေးချယ်ရန် အရေးကြီးသည်။ အဘိဓါန်ကျမ်း၌ တွေ့နိုင်​သည့် စာလုံး တစ်လုံးတည်း (၂၊ ၃၊ ၄ ကဲ့သို့ စာလုံး စုစည်းချက် တစ်ခုခု) ပါ၀င်သော စာလုံးမျိုးကို မရွေးချယ်မိရန် ရှောင်ရှားပါ။ နာမည်များ (သို့) မွေးနေ့များ မပါရပါ။ ခန့်မှန်းရန် လွယ်ကူသော စာလုံး မဖြစ်ရပါ။ ကြံ့ခိုင်သော စကားဝှက် ဟူသည် စာလုံးအကြီး အသေး၊ နံပါတ်များ၊ @ ^ = $ * + ကဲ့သို့သော အထူး စာလုံးများ ပါ၀င်သော ကျန်ပန်း အစုအစည်း ဖြစ်သည်။ စာလုံးရေ ၂၀ ကျော် ပါသော စကားဝှက် တစ်ခုခုကို ရွေးချယ်ရန် ကျွန်ုပ်တို့ အကြံပြုလိုသည် (စာလုံးရေ များလေ၊ ကောင်းလေ ဖြစ်သည်)။ အများဆုံး လက်ခံနိုင်သော အရေအတွက်မှာ ၆၄ လုံး ဖြစ်သည်။ - လျှို့ဝှက် volume အတွက် စကားဝှက် တစ်ခု ရွေးပါ။ - လျှို့ဝှက် OS အတွက် စကားဝှက် တစ်ခု ရွေးပါ (ဥပမာ လျှို့ဝှက် volume အတွက်)။ - အရေးကြီးချက် - ဤအဆင့်၌ လျှို့ဝှက် OS အတွက် ရွေးချယ်ထားသော စကားဝှက်သည် အဓိကအားဖြင့် အခြား စကားဝှက် နှစ်ခုနှင့် ကွာခြားနေရမည် (ဥပမာ အားဖြင့် ပြင်ပ volume အတွက် စကားဝှက်နှင့် မျက်လှည့် OS အတွက် စကားဝှက် စသည်ဖြင့်)။ - လျှို့ဝှက် volume တစ်ခု ထားရှိလိုသော volume အတွက် စကားဝှက် ရေးထည့်ပါ။\n\nရှေ့သို့ ခလုတ်ကို နှိပ်ပြီးနောက်၊ VeraCrypt သည် volume ကို အစပျိုးရန် ကြိုးစားလာလိမ့်မည်။ volume ကို အစပျိုးသည်နှင့်၊ ၄င်း၏ cluster bitmap သည် အနှောင့်အယှက် ကင်းသော နေရာလွတ် အ​ရွယ်ပမာဏကို သိရှိရန် စကင်ဖတ် စစ်ဆေးလိမ့်မည်။ ၄င်းနေရာ၌ လျှို့ဝှက် volume ကို ထားရှိမည် ဖြစ်သည်။ ထို့​ကြောင့် ၄င်း၏ ဖြစ်နိုင်ချေ အများဆုံး အရွယ် ပမာဏကို ကန့်သတ်ပေးမည် ဖြစ်သည်။ Cluster Map စကင်ဖတ်ခြင်းသည် ပြင်ပ volume မှ ဒေတာများကို လျှို့ဝှက် volume က မဖျက်မိစေရန် ဖြစ်သည်။ - ပြင်ပ volume အတွက် စကားဝှက် တစ်ခု ရွေးပါ။ ၄င်းသည် သင့် ရန်သူတစ်ဦးတစ်ယောက်က စကားဝှက်ကို ဖွင့်ပြောရန် အတင်းအကျပ် စေခိုင်းလာလျှင် သင်ထုတ်ပြရမည် အရာ ဖြစ်သည်။\n\nအရေးကြီးချက် - ၄င်းစကားဝှက်သည် အဓိကအားဖြင့် လျှို့ဝှက် volume အတွက် သင် ရွေးချယ်ခဲ့သော အရာနှင့် ကွာခြားရမည်။ -\nမှတ်ချက် - အများဆုံး လက်ခံနိုင်သော စကားဝှက်၏ စာလုံးရေသည် ၆၄ လုံး ဖြစ်သည်။ - ပြင်ပ volume အတွက် စကားဝှက် တစ်ခုကို ရွေးချယ်ပါ။ ၄င်းသည် ပြင်ပ volume နှင့် လျှို့ဝှက် volume (လျှို့ဝှက် OS အပါအဝင်) တည်ရှိသော ကွန်ပျူတာစနစ် အခန်းကန့် နောက်ကွယ်မှ ပထမ အခန်းကန့်၏ စကားဝှက်ကို တစ်ဦးတစ်ယောက်က ဖွင့်ပြောရန် အတင်းအကျပ် စေခိုင်းလာလျှင် သင်ထုတ်ပြရမည် အရာ ဖြစ်သည်။(လျှို့ဝှက် OS ထဲက) လျှို့ဝှက် volume ၏ တည်ရှိမှုကို ဆက်လက် ဖုံးကွယ်ထားရမည်။ ဤစကားဝှက်သည် မျက်လှည့် OS အတွက် မဟုတ်ပါ။\n\nအရေးကြီးချက် - စကားဝှက်သည် အဓိကအားဖြင့် လျှို့ဝှက် volume (ဥပမာ - လျှို့ဝှက် OS) အတွက် သင် ရွေးချယ်ခဲ့သော အရာနှင့် ကွာခြားနေရမည်။ - ပြင်ပ Volume စကားဝှက် - လျှို့ဝှက် Volume စကားဝှက် - လျှို့ဝှက် OS အတွက် စကားဝှက် - သတိပေးချက် - စကားဝှက် အတိုများသည် Brute Force နည်းဖြင့် အလွယ်တကူ ဖော်ထုတ်နိုင်သည်!\n\nစာလုံးရေ ၂၀ ကျော် ပါ၀င်သော စကားဝှက်ကို ရွေးချယ်ရန် ကျွန်တော်တို့ အကြံပြုလိုသည်။ စကားဝှက် အတို တစ်ခု သုံးစွဲဖို့ သေချာသလား? - Volume စကားဝှက် - စကားဝှက် မမှန်ပါ (သို့) VeraCrypt volume မဟုတ်ပါ။ - ကီးဖိုင်(များ) နှင့်/သို့မဟုတ် စကားဝှက် မမှန်ပါ (သို့) VeraCrypt volume မဟုတ်ပါ။ - အစပျိုး စနစ် မမှန်ပါ၊ စကားဝှက် မမှန်ပါ၊ (သို့) VeraCrypt volume မဟုတ်ပါ။ - အစပျိုး စနစ် မမှန်ပါ၊ ကီးဖိုင်(များ)/စကားဝှက် မမှန်ပါ၊ (သို့) VeraCrypt volume မဟုတ်ပါ။ - စကားဝှက် မမှန်ပါ (သို့) VeraCrypt volume မရှိပါ။ - ကီးဖိုင်(များ)/စကားဝှက် မမှန်ပါ (သို့) VeraCrypt volume မရှိပါ။ - \n\nသတိပေးချက် - Caps Lock ဖွင့်နေသည်။ ဤအချက်ကြောင့် စကားဝှက် အမှား ရေးမိနိုင်သည်။ - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nသတိပေးချက် - လျှို့ဝှက် ဖိုင်(များ)ကို ကီးဖိုင် ရှာဖွေရေး လမ်းကြောင်း၌ တွေ့ရှိရသည်။ ယင်းကဲ့သို့ လျှို့ဝှက် ဖိုင်များကို ကီးဖိုင်အဖြစ် သုံးစွဲ၍ မရပါ။ ၄င်းတို့ကို ကီးဖိုင်များ အဖြစ် သုံးစွဲလိုပါက၊ ၄င်းတို့၏ 'Hidden' သတ်မှတ်ချက်ကို ဖယ်ရှားလိုက်ပါ (၄င်းတို့ကို ညာဖက် နှိပ်ပါ၊ 'Properties' ကို ရွေး၊ 'Hidden' အမှန်ခြစ်ကို ​ဖြုတ်ပြီး OK နှိပ်လိုက်ပါ)။ မှတ်ချက် - လျှို့ဝှက် ဖိုင်များသည် အကယ်၍ သက်ဆိုင်ရာ ရွေးစရာ (Computer > Organize > 'Folder and search options' > View)ကို ဖွင့်ထားမှသာ မြင်နိုင်သည်။ - အကယ်၍ သင်သည် လျှို့ဝှက် ကွန်ပျူတာစနစ် ပါရှိသော လျှို့ဝှက် volume တစ်ခုကို ကာကွယ်ရန် ကြိုးစားနေပါက၊ လျှို့ဝှက် volume အတွက် စကားဝှက် ​ရိုက်ထည့်သည့်အခါ အမေရိကန် ကီးဘုတ် လေးအောက်ကို သုံးပါ။ ဤကဲ့သို့ ပြုလုပ်ရခြင်း အကြောင်းမှာ အမေရိကန် ကီးဘုတ် မဟုတ်သော ကီးဘုတ် မရှိနိုင်သောနေရာတွင် စကားဝှက်ကို စက်မဖွင့်မီ (ဝင်းဒိုးမတက်ခင်) အနေအထား၌ ရိုက်ထည့်ရမည် ဖြစ်​သောကြောင့် ဖြစ်သည်။ - VeraCrypt သည် ကွန်ပျူတာစနစ် မဟုတ်သော စာဝှက်စနစ် အနှောင့်အယှက် ခံရသည့်နေရာ၊ volume ခေါင်းစီးကို ပေးထားသော စကားဝှက်နှင့် ကီးဖိုင်(များ) သုံးပြီး စာဝှက်ဖြည်နိုင်သည့်နေရာတွေ volume တစ်ခုမျှ မတွေ့ရပါ။\n\nစကားဝှက်နှင့် ကီးဖိုင်(များ)သည် မှန်ကန်ရမည် ဖြစ်ပြီး၊ အခန်းကန့်/volume ကို (ဗိုင်းရပ်စ်သတ် ဆော့ဗ်ဝဲ အပါအ၀င်) ကွန်ပျူတာစနစ် (သို့) အပ္ပလီကေးရှင်းများက အသုံးမပြု​ရချေ။ - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nမှတ်ချက် - အကယ်၍ သင်သည် လျှို့ဝှက် ကွန်ပျူတာစနစ် drive ထဲ၌ ရှိသော အခန်းကန့် တစ်ခုကို စက်ဖွင့်ပြီး စစ်ဆေးစရာ မလိုပဲ အစပျိုးရန် (သို့) အသုံးမပြုသော OS စနစ် တစ်ခု၏ စာဝှက်ထားသော ကွန်ပျူတာစနစ် အခန်းကန့်ကို အစပျိုးရန် သင် ကြိုးစားနေပါက၊ သင်သည် 'ကွန်ပျူတာစနစ်' > 'စက်ဖွင့်ပြီး စစ်ဆေးစရာ မလိုပဲ အစပျိုးရန်' ကို ရွေးပြီး လုပ်ဆောင်နိုင်သည်။ - ဤစနစ်တွင်၊ လက်ရှိ သက်၀င်နေသော စာဝှက်စနစ်၏ ကီးနယ်ပယ်အတွင်း ရှိနေသော drive တစ်ခု၌ တည်ရှိသော အခန်းကန့်ကို အစပျိုး၍ မရပါ။\n\nဤအခန်းကန့်ကို ဒီစနစ်ဖြင့် အစမပျိုးခင်၊ (စာဝှက်ထားသော သို့မစုတ် စာဝှက်မထားသော) အခြား drive (သို့) စာဝှက်မထားသော OS စနစ်၌ ထည့်သွင်းထာသော OS စနစ်ကို သင် ပြန်ဖွင့်ရန် လိုအပ်သည်။ - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &နောက်သို့ - သင့် ကွန်ပျူတာစနစ်၌ ထည့်သွင်းထားသော devices များ အကြမ်းစာရင်းကို ထုတ်ပြန်၍ မရပါ။ - Volume '%s' ရှိနေပြီး ၄င်းသည် ဖတ်ရှုရန်သက်သက် ဖြစ်သည်။ ၄င်းကို အစားထိုးရန် သေချာသလား? - ဖိုင်တွဲ ထားမည့်နေရာကို ရွေးရန် - ကီးဖိုင် ရွေးရန် - ကီးဖိုင် ရှာဖွေရေး လမ်းကြောင်း တစ်ခုကို ရွေးပါ။ သတိပေးချက် - ဖိုင်အမည်များ မပါပဲ၊ ဖိုင်လမ်းကြောင်းကိုသာ မှတ်သားမည် ဖြစ်သည်။ - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Ross Anderson, , Eli Biham နှင့် Lars Knudsen တို့မှ ဒီဇိုင်းဆွဲသည်။ ၁၉၉၈ ခုနှစ်၌ ပုံနှိပ်ထုတ်ဝေသည်။ 256-bit key, 128-bit block ရှိသည်။ လုပ်ဆောင်သည့် စနစ်မှာ XTS ဖြစ်သည်။ Serpent သည် AES ၏ နောက်ဆုံး ရွေးချယ်စာရင်းထဲမှ တစ်ခု ဖြစ်သည်။ - သင် ဖန်တီးလိုသော သိမ်းဆည်းခန်း၏ အရွယ်အစားကို သတ်မှတ်ပါ။\n\nအကယ်၍ တက်ကြွ (sparse-file) သိမ်းဆည်းခန်း တစ်ခုကို သင် ဖန်တီးပါက၊ ဒီပါရာမီတာသည် ၄င်း၏ အများဆုံး အရွယ်အစားကို သတ်မှတ်ပေးမည် ဖြစ်သည်။\n\nFAT volume ၏ အနည်းဆုံး အရွယ်အစားသည် 292 KB ဖြစ်သည်။ NTFS volume ၏ အနည်းဆုံး အရွယ်အစားမှာ 3792 KB ဖြစ်သည်။ - သင် ဖန်တီးမည့် ပြင်ပ volume ၏ အရွယ်အစားကို သတ်မှတ်ပါ (ပြင်ပ volume ကို သင် အရင် ဖန်တီးပြီး၊ ၄င်းအထဲ၌ လျှို့ဝှက် volume တစ်ခု ဖန်တီးရမည် ဖြစ်သည်)။ လျှို့ဝှက် volume တည်ရှိသော volume ၏ အနည်းဆုံး အရွယ်အစားမှာ340 KB ဖြစ်သည်။ - သင် ဖန်တီးမည့် လျှို့ဝှက် volume ၏ အရွယ်အစားကို သတ်မှတ်ပါ။ လျှို့ဝှက် volume ၏ အနည်းဆုံး အရွယ်အစားမှာ 40 KB (သို့မဟုတ် ၄င်းကို NTFS အဖြစ် ဖော်မက်ချပါက 3664 KB) ဖြစ်သည်။ လျှို့ဝှက် volume အတွက် သင် သတ်မှတ်နိုင်သော အများဆုံး အရွယ်အစားမှာ အထက်ပါ ဖေါ်ပြချက် အတိုင်း ဖြစ်သည်။ - ပြင်ပ Volume အရွယ်အစား - လျှို့ဝှက် Volume အရွယ်အစား - အထက်၌ ဖေါ်ပြသော ရွေးချယ်ထားသည့် device/အခန်းကန့်၏ အရွယ်အစား မှန်ကန်ပါက၊ ရှေ့သို့ကို နှိပ်ပါ။ - ပြင်ပ volume နှင့် လျှို့ဝှက် volume (လျှို့ဝှက် OS) တို့သည် အထက်ဖေါ်ပြပါ အခန်းကန့်၌ တည်ရှိမည် ဖြစ်သည်။ ၄်းသည် ကွန်ပျူတာစနစ် အခန်းကန့် နောက်ကွယ်ရှိ ပထမ အခန်းကန့် ဖြစ်သည်။\n\nအထက်၌ ဖေါ်ပြသော အခန်းကန့်၏ အရွယ်အစားနှင့် ၄င်း၏ နံပါတ် မှန်ကန်ပါက၊ ရှေ့သို့ကို နှိပ်ပါ။ - \n\nလျှို့ဝှက် volume ဖန်တီးရန် ရည်ရွယ်ထားသော volume တစ်ခု၏ အနည်းဆုံး အရွယ်အစားမှာ 340 KB ဖြစ်သည်ကို သတိပြုပါ။ - Volume အရွယ်အစား - တက်ကြွသော - သတိပြုရန် - ကိုယ်တိုင် စမ်းသပ်မှု မအောင်မြင်ပါ! - ကိုယ်တိုင် စမ်းသပ်သော အယ်လဂိုရီသမ် အားလုံး အောင်မြင်သည် - သင် ဖြည့်စွက်သော ဒေတာ ယူနစ် နံပါတ်မှာ ရှည်လွန်းသည် (သို့) တိုလွန်းသည်။ - သင် ဖြည့်စွက်သော အရန်ကီးမှာ ရှည်လွန်းသည် (သို့) တိုလွန်းသည်။ - သင် ဖြည့်စွက်သော အစမ်း ဝှက်စာသည် ရှည်လွန်းသည် (သို့) တိုလွန်းသည်။ - သင် ဖြည့်စွက်သော အစမ်း ကီးသည် ရှည်လွန်းသည် (သို့) တိုလွန်းသည်။ - င် ဖြည့်စွက်သော အစမ်း စာသားသည် ရှည်လွန်းသည် (သို့) တိုလွန်းသည်။ - XTS စနစ်၌ cascade လုပ်ဆောင်နေသော ဝှက်စာ နှစ်ခု။ အကွက် တစ်ခုစီကို အရင်ဆုံး ပထမဆုံး %s (%d-bit ကီး) ဖြင့် စာဝှက်ထားပြီးနောက် %s (%d-bit ကီး) ဖြင့် စာဝှက်ထားသည်။ ဝှက်စာ တစ်ခုစီသည် ကိုယ်ပိုင် ကီးကို အသုံးပြုသည်။ ကီး အားလုံးသည် နှစ်ဦးနှစ်ဖက် သီးခြား လုပ်ဆောင်ကြသည်။ - XTS စနစ်၌ cascade လုပ်ဆောင်နေသော ဝှက်စာ သုံးခု။ အကွက် တစ်ခုစီကို အရင်ဆုံး ပထမဆုံး %s (%d-bit ကီး) ဖြင့်လည်းကောင်း၊ ၄င်းနောက် %s (%d-bit ကီး) ဖြင့်လည်းကောင်း၊ နောက်ဆုံးတွင် %s (%d-bit ကီး) ဖြင့်လည်းကောင်း စာဝှက်ထားသည်။ ဝှက်စာ တစ်ခုစီသည် ကိုယ်ပိုင် ကီးကို အသုံးပြုသည်။ ကီး အားလုံးသည် နှစ်ဦးနှစ်ဖက် သီးခြား လုပ်ဆောင်ကြသည်။ - OS စနစ် ပြုပြင်ဖန်တီးမှုအပေါ် မူတည်ပြီး၊ ယင်း auto-run နှင့် auto-mount အင်္ဂါရပ်များသည် ခရီးဆောင် disk ဖိုင်များကို စီဒီ/ဒီဗွီဒီကဲ့သို့ ကြားခံဖြင့် ဖန်တီးမှသာ အလုပ်လုပ်နိုင်မည်ကို သတိပြုပါ။ ၄င်းသည် VeraCrypt ထဲမှ ပရိုဂရမ် အမှားတစ်ခု မဟုတ်ပါ (၎င်းသည် ၀င်းဒိုး၏ ကန့်သတ်ချက် တစ်ရပ် ဖြစ်သည်) - VeraCrypt ခရီးဆောင် အခွေကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီ။\n\n VeraCrypt ကို အိတ်ဆောင်စနစ်ဖြင့် သုံးစွဲနိုင်ရန် သင်သည် စီမံခန့်ခွဲမှုဆိုင်ရာ လုပ်ပိုင်ခွင့် ရရှိထားရမည် ဖြစ်သည်။ Registry ဖိုင်ကို စစ်ဆေးပြီးနောက်၊ အကယ်၍ VeraCrypt သည် အိတ်ဆောင်စနစ်ဖြင့် လည်ပတ်​နေလျှင်ပင် ၄င်းသည် ၀င်းဒိုးစနစ်ဖြင့် လည်ပတ်နေသည်ဟု ပြောနိုင်မည် ဖြစ်သည်။ - VeraCrypt ခရီးဆောင် အခွေ - Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall နှင့် Niels Ferguson တို့မှ ဒီဇိုင်း ရေးဆွဲထားသည်။ ၁၉၉၈ တွင် ထုတ်လုပ်သည်။ 256-bit key, 128-bit block ဖြစ်သည်။ လည်ပတ်မှု စနစ်မှာ XTS ဖြစ်သည်။ Twofish သည် AES ၏ နောက်ဆုံး ရွေးချယ်စာရင်းမှ တစ်ခု ဖြစ်သည်။ - %s နှင့် ပါတ်သက်သည့် နောက်ထပ် အချက်အလက်များ - အမည်မသိ - သတ်မှတ်၍ မရသော (သို့) အမည်မသိသော ချို့ယွင်းချက် ဖြစ်ပေါ်နေသည် (%d)။ - အချို့ volumes များ၌ အပ္ပလီကေးရှင်း (သို့) ကွန်ပျူတာစနစ်မှ အသုံးပြုနေသော ဖိုင်များ (သို့) ဖိုင်တွဲများ ပါ၀င်နေသည်။\n\nအတင်း အဆုံးသတ်မည်လား? - &အဆုံးသတ်ရန် - အဆုံးသတ်ရန် မအောင်မြင်ပါ! - Volumes များ၌ အပ္ပလီကေးရှင်း (သို့) ကွန်ပျူတာစနစ်မှ အသုံးပြုနေသော ဖိုင်များ (သို့) ဖိုင်တွဲများ ပါ၀င်နေသည်။\n\nအတင်း အဆုံးသတ်မည်လား? - သတ်မှတ်ထားသော drive အက္ခရာ၌ အစပျိုးထားသော volume မရှိပါ။ - အစပျိုးရန် သင် ကြိုးစားနေသော volume သည် အစပျိုးထားပြီး ဖြစ်သည်။ - Volumes ကို အစပျိုးရန် ကြိုးစားနေစဉ် ချို့ယွင်းချက် တစ်ခု ဖြစ်ပေါ်နေသည်။ - Volumes ထဲ ဖိုင်တည်နေရာ ရှာဖွေမှု ချို့ယွင်းချက်။ - ချို့ယွင်းချက် - volume အရွယ်အစား မမှန်ပါ။ - သတိပေးချက် - အမြန် ဖော်မက်စနစ်ကို အောက်ပါ ကိစ္စများ၌သာ သုံးစွဲပါ -\n\n၁) device ထဲ၌ အရေးကြီးသော ဒေတာများ မရှိပဲ၊ ငြင်းပယ်နိုင်ဖွယ် မရှိသည့်အခါ\n၂) device သည် လုံခြုံပြီးသား ဖြစ်ပြီး အပြည့်အ၀ စာဝှက်ထားလျှင်\n\nအမြန် ဖော်မက်စနစ် သုံးစွဲရန် သေချာသလား? - တက်ကြွ သိမ်းဆည်းခန်းသည် ကြိုတင် နေရာချထားသော NTFS sparse ဖိုင်တစ်ခု ဖြစ်သည်၊ ၄င်း၏ ရုပ်ပိုင်းဆိုင်ရာ အရွယ်အစား (တကယ့် disk သုံးစွဲသည့် နေရာလွတ်) မှာ ၄င်းအထဲ၌ ဒေတာအသစ် ထည့်သွင်းသည်နှင့် တိုးလာသည်။\n\nသတိပေးချက် - Sparse-ဖိုင်-သိမ်းထားသော volumes များသည် လုံခြုံမှု အားနည်းသည်၊ အဘယ့်ကြောင့် ဆိုသော် အသုံးမပြုသော volume အပိုင်းများကို ပြောရန် လွယ်ကူ​သောကြောင့် ဖြစ်သည်။ Sparse-ဖိုင်-သိမ်းထားသော volumes များသည် ငြင်းပယ်နိုင်မှု (လျှို့ဝှက် volumes တစ်ခု ထားရှိမှု) ကို ထောက်ပံ့မထားပါ။ အကယ်၍ ဖိုင် သိမ်းဆည်းသော ကွန်ပျူတာစနစ်၌ နေရာလွတ် အလုံအလောက် မရှိသည့်အခါ ဒေတာများကို sparse ဖိုင် သိမ်းဆည်းခန်း တစ်ခု၌ ရေးထားလျှင့်၊ စာဝှက်ထားသော ဖိုင်စနစ် ပျက်စီးသွားနိုင်သည်။\n\nSparse-ဖိုင်-သိမ်းထားသော volume တစ်ခုကို သင် အမှန်တကယ် ဖန်တီးလိုသလား? - ဝင်းဒိုးနှင့် VeraCrypt မှ တင်ပြသော တက်ကြွ သိမ်းဆည်းခန်း၏ အရွယ်အစားမှာ ၄င်း၏ အများဆုံး အရွယ်အစားနှင့် အမြဲတမ်း တူညီနေမည်ကို သတိပြုပါ။ သိမ်းဆည်းခန်း၏ ရုပ်ပိုင်းဆိုင်ရာ လက်ရှိ အရွယ်အစား (၎င်းအမှန်တကယ် သုံးစွဲသော disk နေရာလွတ်) ကို သိရှိရန်၊ (VeraCrypt ထဲ၌ မဟုတ်ပဲ၊ Window Explorer ၀င်းဒိုးထဲ၌) သိမ်းဆည်းခန်းကို ညာဖက်နှိပ်၊ 'ဂုဏ်အင်္ဂါရပ်များ' ကို ရွေးပြီး၊ 'disk အရွယ်အစား' မှ တန်ဖိုးကို ကြည့်ပါ။\n\nအကယ်၍ သင်သည် တက်ကြွ သိမ်းဆည်းခန်း တစ်ခုကို အခြားvolume ၌ (သို့) drive ၌​ ရွှေ့ပြောင်းပါက၊ သိမ်းဆည်းခန်း၏ ရုပ်ပိုင်းဆိုင်ရာ အရွယ်အစားမှာ အများဆုံး အရွယ်အစားသို့ တိုးချဲ့သွားမည်ကို သတိပြုပါ။ (ဤအချင်းအရာကို ဖိုင်ထားမည့် နေရာ၌ တက်ကြွ သိမ်းဆည်းခန်း အသစ် တစ်ခု ဖန်တီးခြင်းဖြင့် လည်းကောင်း၊ ၄င်းကို အစပျိုးပြီး ဖိုင်များကို သိမ်းဆည်းခန်း အဟောင်းမှ ​အသစ်ဆီ ရွှေ့ပြောင်းခြင်းဖြင့် လည်းကောင်း သင် တားဆီးနိုင်သည်။) - စကားဝှက် ကေ့ချ်ကို ရှင်းလင်းလိုက်ပြီ - VeraCrypt ဒရိုင်ဘာ ကေ့ချ်ထဲ၌ သိမ်းဆည်းထားသော စကားဝှက်များ (ကီးဖိုင် အကြောင်းအရာများ) ကို ရှင်းလင်းလိုက်ပြီ။ - VeraCrypt သည် ပြင်ပ volume အတွက် စကားဝှက်ကို မပြောင်းပေးနိုင်ပါ။ - စာရင်းထဲမှ drive အလွတ် တစ်ခုကို ရွေးပါ။ - Drive စာရင်းထဲမှ အစပျိုးထားသော volume တစ်ခုကို ရွေးပါ။ - အစပျိုးထားသော သီးခြား volumes နှစ်ခုကို လောလောဆယ် ရွေးချယ်ထားသည် (ပထမမှာ drive အက္ခရာ စာရင်းမှ ဖြစ်ပြီး၊ အခြားမှာ အောက်ပါ စာရင်းထဲရှိ စာထည့်ကွက်မှ ဖြစ်သည်)။\n\nသင် ရွေးချယ်လိုသည့် volume ကို ​ရွေးပါ - - ချို့ယွင်းချက် - autorun.inf ကို မဖန်တီးနိုင်ပါ - ကီးဖိုင် ပြုလုပ်နေစဉ် ချို့ယွင်းချက်! - ကီးဖိုင် လမ်းကြောင်း ပြုလုပ်နေစဉ် ချို့ယွင်းချက်! - ကီးဖိုင်လမ်းကြောင်း၌ ဖိုင်များ မရှိပါ။\n\nကီးဖိုင် ရှာဖွေမှု လမ်းကြောင်းများထဲ၌ တွေ့ရသော ဖိုင်တွဲများ (နှင့် ဖိုင်များ) ကို လျစ်လျူရှုထားသည်ကို သတိပြုပါ။ - VeraCrypt သည် ဤ OS စနစ်ကို ထောက်ပံ့မပေးပါ။ - ချို့ယွင်းချက် - VeraCrypt သည် တည်ငြိမ်သော OS စနစ်ကိုသာ ပံ့ပိုးပေးသည် (beta/RC ဗားရှင်းများကို ထောက်ပံ့ မပေးပါ)။ - ချို့ယွင်းချက် - မှတ်ဉာဏ်ကို နေရာချ မပေးနိုင်ပါ။ - ချို့ယွင်းချက် - ​စွမ်းဆောင်ရည် မှတ်စက်၏ တန်ဖိုးကို မထုတ်နိုင်ပါ။ - ချို့ယွင်းချက် - မကောင်းသော volume အမျိုးအသား။ - ချို့ယွင်းချက် - သင်သည် (ပုံမှန် volume တစ်ခုအတွက် မဟုတ်ပဲ) လျှို့ဝှက် volume တစ်ခုအတွက် စကားဝှက် တစ်ခု ပေးထားသည်။ - လုံခြုံရေး အကြောင်း​များကြောင့်၊ လျှို့ဝှက် volume ကို အစီအစဉ်တကျ စာဝှက်ထားသော ဖိုင်စနစ် တစ်ခု ပါရှိ​သည့် VeraCrypt volume ထဲ၌ မဖန်တီးနိုင်ပါ (အဘယ်ကြောင့် ဆိုသော် volume ၌ ရှိသော နေရာလွတ်ကို ကျပန်း ဒေတာများနှင့် ဖြည့်ဆည်းမထားသောကြောင့် ဖြစ်သည်)။ - VeraCrypt - တရား၀င် မှတ်ချက်များ - ဖိုင်အားလုံး - VeraCrypt Volumes များ - လိုင်ဘရာရီ အခန်းများ - NTFS ​ဖော်မက် ဆက်လုပ်၍ မရပါ - Volume ကို အစပျိုး၍ မရပါ။ - Volume ကို အဆုံးသတ်၍ မရပါ။ - ဝင်းဒိုးသည် volume ကို NTFS ဖော်မက်ချ၍ မရပါ။\n\nဖြစ်နိုင်ပါက အခြား ဖိုင်စနစ် အမျိုးအစား တစ်ခုခုကို ရွေးပြီး ထပ်ကြိုးစားပါ။ တနည်းအားဖြင့်၊ volume ကို ဖော်မက်မချပဲ ('ဘာမျှမရှိ' ဖိုင်စနစ်အဖြစ် ရွေးပြီး)၊ ဤအညွှန်းမှ ထွက်ပါ၊ volume ကို အစပျိုးပြီး၊ အစပျိုးထားသော volume ကို ဖော်မက်ချရန် ကွန်ပျူတာစနစ် တစ်ခု (သို့) အခြား ကိရိယာ တစ်ခုကို သုံးပါ (volume သည် ဆက်ပြီး စာဝှက်နေမည် ဖြစ်သည်) - ဝင်းဒိုးသည် volume ကို NTFS အဖြစ် ဖော်မက်ချ၍ မရပါ။\n\nဤ volume ကို FAT အဖြစ် ဖော်မက်ချလိုသလား? - ပုံမှန် - အခန်းကန့် - အခန်းကန့် - Device - Device - Device - Volume - volume - VOLUME - အညွှန်း - ဤ volume အရွယ်အစားအတွက် ရွေးချယ်ထားသော cluster အရွယ်အစားမှာ သေးလွန်းနေသည်။ အရွယ်အစား ပိုကြီးသော cluster ကို အသုံးပြုသွားမည် ဖြစ်သည်။ - ချို့ယွင်းချက် - Volume အရွယ်အစား မရနိုင်ပါ။\n\nရွေးချယ်ထားသော volume ကို ကွန်ပျူတာစနစ် (သို့) အပ္ပလီကေးရှင်း တစ်ခုခုမှ အသုံးမပြုရန် သတိပြုပါ။ - လျှို့ဝှက် volumes များကို တက်ကြွ (sparse ဖိုင်) သိမ်းဆည်းခန်းများထဲတွင် မဖန်တီးရပါ။ ငြင်းပယ်ခံနိုင်​မှုကို ရောက်ရှိရန်၊ လျှို့ဝှက် volume ကို မတက်ကြွသော သိမ်းဆည်းခန်းထဲ၌ ဖန်တီးရမည် ဖြစ်သည်။ - VeraCrypt Volume ဖန်တီးမှု အညွှန်းသည် FAT (သို့) NTFS volume အတွင်း၌သာ လျှို့ဝှက် volume တစ်ခုကို ဖန်တီးနိုင်သည်။ - Windows 2000 ၌၊ VeraCrypt Volume ဖန်တီးမှု အညွှန်းသည် FAT volume အတွင်း၌သာ လျှို့ဝှက် volume တစ်ခုကို ဖန်တီးနိုင်သည်။ - မှတ်ချက် - ပြင်ပ volumes များအတွက် FAT ဖိုင်စနစ်သည် NTFS ဖိုင်စနစ်ထက် ပို၍ သင့်တော်သည် (ဥပမာ အားဖြင့် - အကယ်၍ ပြင်ပ volume ကို FAT အဖြစ် ဖော်မက်ချထားပါက လျှို့ဝှက် volume ၏ အများဆုံး ဖြစ်နိုင်ချေ အရွယ်အစားသည် ပိုကြီးနိုင်သည်)။ - ပြင်ပ volumes များအတွက် FAT ဖိုင်စနစ်သည် NTFS ဖိုင်စနစ်ထက် ပို၍ သင့်တော်ကြောင်း သတိပြုပါ။ ဥပမာ အားဖြင့် - အကယ်၍ ပြင်ပ volume ကို FAT ဖိုင်စနစ်အဖြစ် ဖော်မက်ချထားပါက လျှို့ဝှက် volume ၏ အများဆုံး ဖြစ်နိုင်ချေ အရွယ်အစားသည် သိသိသာသာ ကြီးလာမည် ဖြစ်သည် (အကြောင်းရင်းမှာ NTFS ဖိုင်စနစ်သည် volume ၏ အလယ်၌ အတွင်းပိုင် ဒေတာများကို အမြဲ သိမ်းဆည်းထားသည်၊ ထို့ကြောင့်၊ လျှို့ဝှက် volume သည် ပြင်ပ volume ၏ အလယ် ထက်၀က်၌သာ တည်ရှိနိုင်သည်)။\n\nပြင်ပ volume ကို NTFS ဖိုင်စနစ်အဖြစ် သင်တကယ် ဖော်မက်ချလိုသလား? - ၎င်းအစား volume ကို FAT ဖိုင်အဖြစ် သင် ဖော်မက်ချလိုသလား? - မှတ်ချက် - ဤ volume ကို FAT အဖြစ် ဖော်မက်ချ၍ မရပါ၊ အဘယ်ကြောင့်ဆိုသော် ၄င်းသည် FAT32 ဖိုင်စနစ်မှ ​ပံ့ပိုးထားသော အများဆုံး volume အရွယ်အစားကို ကျော်လွန်သွားသည် (512-byte sector အတွက် 2 TB နှင့် 4096-byte sectors အတွက် 16 TB)။ - ချို့ယွင်းချက် - လျှို့ဝှက် OS စနစ် (ဥပမာ - ကွန်ပျူတာစနစ် အခန်းကန့် ​​​နောက်ကွယ်မှ ပထမ အခန်းကန့်) ၏ အခန်းကန့်သည် ကွန်ပျူတာစနစ် (ဤအခန်းသည် လက်ရှိ လည်ပတ်နေသော OS စနစ် ထည့်သွင်းထားသည့် နေရာ ဖြစ်သည်) အခန်းကန့်ထက် အနည်းဆုံး ၅% ပိုကြီးရမည်။ - ချို့ယွင်းချက် - လျှို့ဝှက် OS စနစ် (ဥပမာ - ကွန်ပျူတာစနစ် အခန်းကန့် ​​​နောက်ကွယ်မှ ပထမ အခန်းကန့်) ၏ အခန်းကန့်သည် ကွန်ပျူတာစနစ် (ဤအခန်းသည် လက်ရှိ လည်ပတ်နေသော OS စနစ် ထည့်သွင်းထားသည့် နေရာ ဖြစ်သည်) အခန်းကန့်ထက် အနည်းဆုံး ၁၁၀% (၂.၁ ဆ) ပိုကြီးရမည်။ အကြောင်းရင်းမှာ NTFS ဖိုင်စနစ်သည် volume ၏ အလယ်တည့်တည့်၌ အတွင်းပိုင်း ဒေတာများကို အမြဲသိမ်းဆည်းထားသောကြောင့် ဖြစ်သည်၊ ထို့ကြောင့်၊ လျှို့ဝှက် volume (ဤနေရာ၌ ကွန်ပျူတာစနစ် အခန်းကန့် ကိုယ်ပွား ထားရှိသွားမည် ဖြစ်သည်) သည် ယင်း အခန်းကန့်၏ ဒုတိယ ထက်၀က်၌သာ တည်ရှိနိင်သည်။ - ချို့ယွင်းချက် - အကယ်၍ ပြင်ပ volume ကို NTFS အဖြစ် ဖော်မက်ချပါက၊ ၄င်းသည် ကွန်ပျူတာစနစ် အခန်းကန့်ထက် အနည်းဆုံး ၁၁၀% (၂.၁ ဆ) ပိုကြီးလာမည် ဖြစ်သည်။ အကြောင်းရင်းမှာ NTFS ဖိုင်စနစ်သည် volume ၏ အလယ်တည့်တည့်တွင် အတွင်းပိုင်း ဒေတာများကို အမြဲ သိမ်းဆည်းထားသည်၊ ထို့ကြောင့်၊ လျှို့ဝှက် volume သည် ပြင်ပ volume ၏ အလယ်ထက်၀က်၌သာ တည်ရှိနေနိုင်သည်။\n\nမှတ်ချက် - ပြင်ပ volume သည် လျှို့ဝှက် OS စနစ်ကဲ့သို့ အခန်းကန့် တစ်ခုတည်းတွင် တည်ရှိနေဖို့ လိုသည် (ဥပမာ - ကွန်ပျူတာစနစ် နောက်ကွယ်ရှိ ပထမ အခန်းကန့်၌)။ - ချို့ယွင်းချက် - ကွန်ပျူတာစနစ် နောက်ကွယ်၌ မည်သည့် အခန်းကန့်မှ မရှိပါ။\n\nလျှို့ဝှက် OS စနစ်ကို သင် မဖန်တီးနိုင်ခင်၊ ၄င်းအတွက် အခန်းကန့်တစ်ခုကို ကွန်ပျူတာစနစ် drive ထဲ၌ သင် ဖန်တီးဖို့ လိုသည်။ ၄င်းသည် ကွန်ပျူတာစနစ် အခန်းကန့် နောက်ကွယ်မှ ပထမ အခန်းကန့် ဖြစ်ရမည် ဖြစ်ပြီး ၄င်းသည် ကွန်ပျူတာစနစ်ထက် အနည်းဆုံး ၅% ပိုကြီးရမည် ဖြစ်သည် (ကွန်ပျူတာစနစ် အခန်းကန့်သည် လက်ရှိ လည်ပတ်နေသော OS စနစ် ထည့်သွင်းထားသော နေရာ ဖြစ်သည်)။ သို့သော်၊ ပြင် volume ကို NTFS အဖြစ် ဖော်မက်ချထားပါက၊ လျှို့ဝှက် OS စနစ်၏ အခန်းကန့်သည် ကွန်ပျူတာစနစ် အခန်းကန့်ထက် အ​နည်းဆုံး ၁၁၀% (၂.၁ ဆ) ရှိရမည် ဖြစ်သည် (အကြောင်းရင်းမှာ NTFS ဖိုင်စနစ်သည် volume ၏ အလယ်တည့်တည့်၌ အတွင်းပိုင်း ဒေတာများကို အမြဲသိမ်းဆည်းထားသောကြောင့် ဖြစ်သည်၊ ထို့ကြောင့်၊ ကွန်ပျူတာစနစ် အခန်းကန့် ကိုယ်ပွား ထားရှိသွားမည် လျှို့ဝှက် volume သည် ယင်း အခန်းကန့်၏ ဒုတိယ ထက်၀က်၌သာ တည်ရှိနိင်သည်)။ - မှတ်ချက် - အခန်းကန့် တစ်ခုထဲ၌ ထည့်မြှုပ်ထားသော VeraCrypt volumes နှစ်ခုထဲ၌ OS စနစ်ကို ထည့်သွင်းခြင်းသည် လက်တွေ့မဆန်ချေ၊ အဘယ်ကြောင့်ဆိုသော် ပြင်ပ OS စနစ်သည် ဒေတာများကို လျှို့ဝှက် OS ထဲ၌ ရေးသားရမည် ဖြစ်​သည် (နောက်ပြီး အကယ်၍ ယင်းကဲ့သို့ ရေးသားခြင်းကို လျှို့ဝှက် volume ကာကွယ်ရေး အင်္ဂါရပ်ကို သုံးပြီး တားမြစ်ထားလျှင်၊ ကွန်ပျူတာစနစ် ပျက်စီးစေနိုင်သည်၊ ဥပမာ - 'အပြာရောင် မျက်နှာပြင်' ချို့ယွင်းချက်များ)။ - အခန်းကန့်များ ဖန်တီးနည်းနှင် စီမံခန့်ခွဲနည်း အကြောင်း အချက်အလက်​များကို သင့် OS စနစ်နှင့် ပါလာသော အသုံးပြုနည်း လက်စွဲ၌ လေ့လာပါ (သို့) သင့် ကွန်ပျူတာ ရောင်းချပေးသူ၏ နည်းပညာဆိုင်ရာ ထောက်ပံ့ရေး အဖွဲ့ထံမှ အကူအညီ တောင်းခံနိုင်သည်။ - ချို့ယွင်းချက် - လက်ရှိ သုံးစွဲနေသော OS စနစ်သည် boot အခန်းကန့် (ပထမ သုံးစွဲနေသော အခန်းကန့်) တွင် မထည့်သွင်းထားပါ။ ဤအရာကို ထောက်ပံ့ မထားပါ။ - သင်သည် ဤ VeraCrypt volume ထဲ၌ 4 GB ထက် ပိုကြီးသော ဖိုင်များကို သိမ်းဆည်းရန် ရည်ရွယ်ထားပုံရသည်။ သို့သော်၊ 4 GB ထက် ကြီးသော ဖိုင်များကို သိမ်းဆည်း၍ မရသည့် FAT ဖိုင်စနစ်ကို သင် ရွေးချယ်ထားသည်။\n\nသင်သည် volume ကို FAT အဖြစ် ဖော်မက်ချရန် သေချာပါသလား? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - ချို့ယွင်းချက် - Volume ကို မဖွင့်နိုင်ပါ!\n\nရွေးထားသော volume သည် အစပျိုးထားခြင်း ရှိမရှိ (သို့) ကွန်ပျူတာစနစ် သို့မဟုတ် အပ္ပလီကေးရှင်းမှ အသုံးပြုမပြု၊ volume သည် ​အရေး/အဖတ် ခွင့်ပြုချက် ရှိမရှိ၊ ရေးသား၍ မရအောင် ကာကွယ်ထားခြင်း ရှိမရှိကို စစ်ဆေးပါ။ - Error: Cannot obtain volume properties. - ချို့ယွင်းချက် - Volume ကို ဖွင့်မရပါ/volume အကြောင်း အချက်အလက် မရနိုင်ပါ!\n\nရွေးထားသော volume ရှိမရှိ၊ ကွန်ပျူတာစနစ် သို့မဟုတ် အပ္ပလီကေးရှင်းမှ အသုံးပြုမပြု၊ volume သည် ​အရေး/အဖတ် ခွင့်ပြုချက် ရှိမရှိ၊ ရေးသား၍ မရအောင် ကာကွယ်ထားခြင်း ရှိမရှိကို စစ်ဆေးပါ။ - ချို့ယွင်းချက် - Volume ကို ဖွင့်မရပါ/volume အကြောင်း အချက်အလက် မရနိုင်ပါ! ရွေးထားသော volume ရှိမရှိ၊ ကွန်ပျူတာစနစ် သို့မဟုတ် အပ္ပလီကေးရှင်းမှ အသုံးပြုမပြု၊ volume သည် ​အရေး/အဖတ် ခွင့်ပြုချက် ရှိမရှိ၊ ရေးသား၍ မရအောင် ကာကွယ်ထားခြင်း ရှိမရှိကို စစ်ဆေးပါ။\n\nအကယ်၍ ပြဿနာ ဆက်ရှိနေပါက၊ အောက်ပါ အဆင့်များကို လိုက်နာခြင်းဖြင့် အ​ကူအညီ ရနိုင်သည်။ - ချို့ယွင်းချက် တစ်ခုသည် VeraCrypt ကို အခန်းကန့် စာဝှက်၍ မရနိုင်အောင် တားဆီးနေသည်။ ယခင်က သတင်း​ပို့ထားသော ပြဿနာများကို ပြင်ဆင်ပြီး ထပ်ကြိုးစားပါ။ အကယ်၍ ပြဿနာ ဆက်ရှိနေပါက၊ အောက်ပါ အဆင့်များကို လိုက်နာခြင်းဖြင့် အ​ကူအညီ ရနိုင်သည်။ - ချို့ယွင်းချက် တစ်ခုသည် VeraCrypt ကို အခန်းကန့် စာဝှက်သည့် လုပ်ငန်းစဉ် ပြန်စ၍ မရနိုင်အောင် တားဆီးနေသည်။\n\nယခင်က သတင်း​ပို့ထားသော ပြဿနာများကို ပြင်ဆင်ပြီး လုပ်ငန်းစဉ်ကို ပြန်စပါ။ Volume ကို အပြည့်အ၀ စာဝှက်ခြင်း မပြီးမချင်း ၄င်းကို ​အစပျိုး၍ ရမည် မဟုတ်ပါ။ - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - ချို့ယွင်းချက် - ပြင်ပ volume ကို အဆုံးသတ်၍ မရပါ!\n\nVolume သည် ၄င်း၌ ပါသော ဖိုင်များ (သို့) ဖိုင်တွဲများကို ပရိုဂရမ် တစ်ခုခု (သို့) ကွန်ပျူတာစနစ် တစ်ခုခုက အသုံးပြုနေပါက အဆုံးသတ်၍ ရမည် မဟုတ်ပါ။\n\nVolume ထဲမှ ဖိုင်များ (သို့) ဖိုင်တွဲများကို သုံးစွဲနေသော ပရိုဂရမ်ကို ပိတ်ပြီး ထပ်ကြိုးစားပါ။ - ချို့ယွင်းချက် - ပြင်ပ volume နှင့်ပါတ်သက်သော အချက်အလက် မရနိုင်ပါ!\n\nVolume ကို ဆက်လက် မဖန်တီးနိုင်ပါ။ - ချို့ယွင်းချက် - ပြင်ပ volume ကို မဖွင့်နိုင်ပါ! Volume ကို ဆက်လက် မဖန်တီးနိုင်ပါ။ - ချို့ယွင်းချက် - ပြင်ပ volume ကို အစပျိုး၍ မရပါ! Volume ကို ဆက်လက် မဖန်တီးနိုင်ပါ။ - ချို့ယွင်းချက် - Volume cluster bitmap မရနိုင်ပါ! Volume ကို ဆက်လက် မဖန်တီးနိုင်ပါ။ - အက္ခရာ အစဉ်လိုက်/မျိုးကွဲ အလိုက် - ပျမ်းမျှ အမြန်နှုန်း (အဆင်း) - အယ်လဂိုရီသမ် - စာဝှက်စနစ် - စာဝှက်ဖေါ်စနစ် - ပျမ်းမျှ - Drive - အရွယ်အစား - စာဝှက်စနစ် အယ်လဂိုရီသမ် - စာဝှက်စနစ် အယ်လဂိုရီသမ် - အမျိုးအစား - တန်ဖိုး - ဂုဏ်အင်္ဂါရပ် - တည်နေရာ - bytes - လျှို့ဝှက် - ပြင်ပ - ပုံမှန် - ကွန်ပျူတာစနစ် - လျှို့ဝှက် (ကွန်ပျူတာစနစ်) - ဖတ်ရှုရန် အတွက်သာ - ကွန်ပျူတာစနစ် drive - ကွန်ပျူတာစနစ် drive (စာဝှက်ခြင်း - %.2f%% ပြီးပါပြီ) - ကွန်ပျူတာစနစ် drive (စာဝှက်ဖြည်ခြင်း - %.2f%% ပြီးပါပြီ) - ကွန်ပျူတာစနစ် drive (%.2f%% စာဝှက်ပြီးပါပြီ) - ကွန်ပျူတာစနစ် အခန်းကန့် - လျှို့ဝှက် ကွန်ပျူတာစနစ် အခန်းကန့် - ကွန်ပျူတာစနစ် အခန်းကန့် (စာဝှက်ခြင်း - %.2f%% ပြီးပါပြီ) - ကွန်ပျူတာစနစ် အခန်းကန့် (စာဝှက်ဖြည်ခြင်း - %.2f%% ပြီးပါပြီ) - ကွန်ပျူတာစနစ် အခန်းကန့် (%.2f%% စာဝှက်ပြီးပါပြီ) - ဟုတ်ကဲ့ (ပျက်စီးမှု တားဆီးလိုက်ပြီ) - ဘာမှမရှိ - မူလ ကီး အရွယ်ပမာဏ - အရန် ကီး အရွယ်ပမာဏ (XTS စနစ်) - Tweak ကီး အရွယ်ပမာဏ (LRW စနစ်) - bits - အကန့် အရွယ်ပမာဏ - PKCS-5 PRF - PKCS-5 ထပ်မံ ရေတွက်ခြင်း - Volume ဖန်တီးလိုက်ပြီ - ခေါင်းစီး နောက်ဆုံး ပြုပြင်မှု - (လွန်ခဲ့သော %I64d ရက်) - Volume ဖော်မက် ဗားရှင်း - ထည့်မြှပ်ထားသော အရံသင့် ခေါင်းစီး - VeraCrypt Boot Loader ဗားရှင်း - ဦးစွာ ရရှိနိုင်မှု - ဖြုတ်တပ်နိုင်သော Disk - Harddisk - အပြောင်းအလဲ မရှိ - Autodetection - အညွှန်းစနစ် - စနစ် တစ်ခုခုကို ရွေးပါ။ ရွေးချယ်မည့် အရာကို မသေချာပါက၊ ပုံမှန်စနစ်ကို ရွေးပါ။ - VeraCrypt ကို ကွန်ပျူတာစနစ်ထဲ ထည့်သွင်းလိုပါက ဤရွေးစရာကို ရွေးချယ်ပါ။ - မှတ်ချက် - ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ထားသည် ဖြစ်စေ (သို့) လျှို့ဝှက် OS ​ကို သုံးစွဲသည် ဖြစ်စေ စာဝှက်ဖြည်ခြင်း မပြုပဲ သင် အဆင့်မြှင့်နိုင်သည်။ - ဤရွေးစရာကို သင် ရွေးချယ်ပါ​က၊ ဒီဖိုင်ထုတ်မှ ဖိုင်များအားလုံး ဖြည်ချလာမည် ဖြစ်​သော်လည်း စက်ထဲ ထည့်သွင်းမည် မဟုတ်ပါ။ အကယ်၍ ကွန်ပျူတာစနစ် အခန်းကန့် (သို့) ကွန်ပျူတာစနစ် drive ကို စာဝှက်ရန် ရည်ရွယ်ပါက ဒါကို မရွေးချယ်ပါနှင့်။ အကယ်၍ သင်သည် VeraCrypt ကို အိတ်ဆောင်စနစ်ဖြင့် သုံးစွဲလိုပါက၊ ဤရွေးစရာကို ရွေးချယ်ခြင်းသည် အကျိုးရှိမည် ဖြစ်သည်။ VeraCrypt ကို OS ထဲ၌ ထည့်သွင်းစရာ မလိုပါ။ ဖိုင်အားလုံးကို ဖြည်ချပြီးပါက၊ ဖြည်ချထားသော 'VeraCrypt.exe' ကို နှိပ်လိုက်ရုံဖြင့် အသုံးပြုနိုင်သည်။ - တည်ဆောက်မှု ရွေးစရာများ - ဤနေရာ၌ စက်ထံ ထည့်သွင်းမှု လုပ်ငန်းစဉ်ကို ထိန်းချုပ်နိုင်ရန် ရွေးစရာ အမျိုးမျိုးကို သင် ချမှတ်နိုင်သည်။ - စက်ထဲ ထည့်သွင်းနေသည် - VeraCrypt ကို စက်ထဲ ထည့်သွင်းနေစဉ် ခေတ္တ စောင့်ဆိုင်းပါ။ - VeraCrypt ကို အောင်မြင်စွာ ထည့်သွင်းလိုက်ပါပြီ - VeraCrypt ကို အောင်မြင်စွာ အဆင့်မြှင်လိုက်ပါပြီ - လှူဒါန်းမှု ပြုလုပ်ရန် စဉ်းစားပါ။ ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်ကို ပိတ်ရန် အချိန်မရွေး ပြီးသွားပြီ ကို သင် နှိပ်နိုင်သည်။ - ဖြည်ချမှု ရွေးစရာများ - ဖိုင် ဖြည်ချမှု လုပ်ငန်းစဉ်ကို ထိန်းချုပ်ရန် ဤနေရာ၌ ရွေးစရာ အမျိုးမျိုးကို သင် သတ်မှတ်နိုင်သည်။ - ဖိုင်များကို ဖြည်ချနေစဉ် ခေတ္တ စောင့်ဆိုင်းပါ။ - ဖိုင်များကို အောင်မြင်စွာ ဖြည်ချလိုက်ပါပြီ - ဖိုင် အားလုံးကို ထားရှိမည့် နေရာသို့ အောင်မြင်စွာ ဖြည်ချလိုက်ပါပြီ။ - အကယ်၍ သတ်မှတ်ထားသော ဖိုင်တွဲ မရှိပါက၊ ၄င်းကို အလိုအလျောက် ဖန်တီးပေးလိမ့်မည်။ - VeraCrypt ပရိုဂရမ် ဖိုင်များကို VeraCrypt ထည့်သွင်းသည့် နေရာ၌ပင် အဆင့်မြှင့်ပေးမည် ဖြစ်သည်။ အခြား နေရာကို သင် ရွေးချယ်လိုပါက၊ VeraCrypt ကို အရင် ဖယ်ထုတ်လိုက်ပါ။ - VeraCrypt ၏ လက်ရှိ ဗားရှင်းအတွက် ထုတ်ပြန်မှု မှတ်တမ်းကို ကြည့်ရှုလိုသလား? - VeraCrypt ကို မသုံးစွဲခဲ့ဖူးပါက၊ VeraCrypt သုံးစွဲသူ လမ်းညွှန်ထဲရှိ စတင် သုံးစွဲသူ သင်တန်း လမ်းညွှန်ကို ဖတ်ရှု​ရန် အကြံပြုအပ်ပါသည်။ ၎င်း သင်တန်း လမ်းညွှန်ကို ဖတ်ရှုမည်လား? - ရှေ့ဆက် ဆောင်ရွက်မည့် လုပ်ဆောင်ချက် တစ်ခုကို ရွေးချယ်ပါ - - ပြုပြင်ရန်/ပြန်ထည့်သွင်းရန် - အဆင်မြှင့်ရန် - ဖယ်ထုတ်ရန် - VeraCrypt ကို အောင်မြင်စွာ ထည့်သွင်းခြင်း/ဖယ်ထုတ်ခြင်း ပြုလုပ်နိုင်ရန်၊ သင်၌ စီမံခန့်ခွဲသူ ရပိုင်ခွင့်များ ရရှိရန် လိုအပ်သည်။ ဆက်လုပ်သွားမည်လား? - VeraCrypt ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်သည် လောလောဆယ် ဤစက်ပေါ်၌ အလုပ်လုပ်နေပြီး စက်ထဲ ထည့်သွင်းရန် ပြင်ဆင်နေသည် (သို့) VeraCrypt မွမ်းမံချက်ကို လုပ်ဆောင်နေသည်။ ရှေ့ဆက် မသွားမီ၊ ၄င်းပြီးဆုံးသည့်အထိ စောင့်ဆိုင်းပါ (သို့) ပိတ်လိုက်ပါ။ အကယ်၍ ပိတ် မရပါက ကွန်ပြူတာကို ပြန်ဖွင့်ပါ။ - စက်ထဲ ထည့်သွင်းမှု မအောင်မြင်ပါ။ - ဖယ်ထုတ်မှု မအောင်မြင်ပါ။ - ဖြန့်ချီသော ဖိုင်ထုတ် ပျက်စီးနေသည်။ ထပ်မံ၍ ဒေါင်းလုဒ် ဆွဲယူပါ (တရား၀င် VeraCrypt ကွန်ရက် စာမျက်နှာ www.teuecrypt.org ၌ ရယူရန် ပိုသင့်လျှော်သည်)။ - %s ဖိုင်ကို ရေး၍ မရပါ - ဖြည်ချနေသည် - ဒေတာများကို ဖိုင်ထုတ်ထဲမှ ဖတ်၍ မရပါ။ - ဤဖြန့်ဖြူးရေး ဖိုင်ထုတ်၏ တည်တံ့ခိုင်မြဲမှုကို အတည်ပြု၍ မရနိုင်ပါ။ - ဖိုင် ဖြည်ချမှု မအောင်မြင်ပါ။ - စက်ထဲ ထည့်သွင်းမှု ပြန်ရုပ်သိမ်းသွားသည်။ - VeraCrypt ကို စက်ထဲ အောင်မြင်စွာ ထည့်သွင်းလိုက်ပြီ။ - VeraCrypt ကို အောင်မြင်စွာ အဆင့်မြှင့်လိုက်ပြီ။ - VeraCrypt ကို အောင်မြင်စွာ အဆင့်မြှင့်လိုက်ပြီ။ သို့သော်၊ ၄င်းကို အသုံးမပြုခင် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။\n\n ကွန်ပျူတာကို ယ​ခု ပြန်ဖွင့်မည်လား? - VeraCrypt ကို အဆင့်မြှင့်၍ မရပါ!\n\n အရေးကြီးချက် - ကွန်ပျူတာစနစ်ကို မပိတ်ခင် (သို့) ပြန်မဖွင့်ခင်၊ 'VeraCrypt ထည့်သွင်းစနစ်' ဟု ခေါ်သော နေရာ၌ သင့် ကွန်ပျူတာ လည်ပတ်မှုစနစ်ကို ပြန်ထားရန် ကွန်ပျူတာ လည်ပတ်မှုစနစ် ပြန်ရယူခြင်း (Windows Start ​menu > All programs > Accessories > System Tools > System Restore) ကို အသုံးပြုရန် ကျွန်ုပ်တို့ အထူး အကြုံပြုလိုပါသည်။ အကယ်၍ 'VeraCrypt ထည့်သွင်းစနစ်' ဟု ခေါ်သော နေရာ၌ သင့် ကွန်ပျူတာ လည်ပတ်မှုစနစ်ကို ပြန်ထားရန် 'ကွန်ပျူတာ လည်ပတ်မှုစနစ် ပြန်ရယူခြင်း' မရှိပါက၊ ကွန်ပျူတာစနစ်ကို မပိတ်ခင် (သို့) ပြန်မဖွင့်ခင် မူလ VeraCrypt (သို့) ဗားရှင်းအသစ်ကို ထည့်သွင်းကြည့်ပါ။ - VeraCrypt ကို အောင်မြင်စွာ ဖယ်ထုတ်လိုက်ပြီ။\n\n VeraCrypt ထည့်သွင်းစနစ်နှင့် ဖိုင်တွဲ %s ကို ဖယ်ရှားရန် 'ပြီးသွားပြီ' ကို နှိပ်ပါ။ VeraCrypt ထည့်သွင်းစနစ်နှင့် မသက်ဆိုင်သော ဖိုင်များ ပါရှိသည် ဖိုင်တွဲ ရှိနေပါက၊ ၄င်းကို ဖယ်ရှားပေးမည် မဟုတ်ပါ။ - VeraCrypt registry ရေးသွင်းချက်များကို ဖယ်ရှားနေသည် - Registery ရေးသွင်းချက်ကို ထည့်သွင်းနေသည် - အပ္ပလီကေးရှင်း-သီးသန့် ဒေတာများကို ဖယ်ရှားနေသည် - စက်ထဲ ထည့်သွင်းနေသည် - ရပ်တန့်နေသည် - ဖယ်ရှားနေသည် - ပုံ အိုင်ကွန် ထည့်သွင်းနေသည် - ကွန်ပျူတာ လည်ပတ်မှုစနစ် ပြန်ရယူနိုင်သည့် အချိန် ဖန်တီးရန် - ကွန်ပျူတာ လည်ပတ်မှုစနစ် ပြန်ရယူနိုင်သည့် အချိန် ဖန်တီး၍ မရပါ! - Boot loader မွမ်းမံနေသည် - '%s' ကို ထည့်သွင်း၍ မရပါ။ %s \nဆက်ပြီး ထည့်သွင်းမည်လား? - '%s' ကို ဖယ်ထုတ်၍ မရပါ။ %s \nဆက်ပြီး ဖယ်ထုတ်မည်လား? - စက်ထဲ ထည့်သွင်းမှု ပြီးစီးသွားပြီ။ - ဖိုင်တွဲ '%s' ကို ဖန်တီး၍ မရပါ - VeraCrypt device ဒရိုင်ဘာကို ရပ်တန့်၍ မရပါ။\n\n ဦးစွာ VeraCrypt ဝင်းဒိုး အားလုံးကို ပိတ်ပါ။ အကယ်၍ အလုပ်မဖြစ်ပါက၊ ၀င်းဒိုးကို ပြန်ဖွင့်ပြီး ထပ်ကြိုးစားပါ။ - VeraCrypt ကို စက်ထဲ မထည့်သွင်းမီ (သို့) ဖယ်ထုတ်ခြင်း မပြုမီ VeraCrypt volumes အားလုံကို အဆုံးသတ်ပါ။ - တိမ်ကောနေပြီ ဖြစ်သော VeraCrypt ဗားရှင်း တစ်ခုကို ဤစက်ထဲတွင် သုံးစွဲနေသည်။ VeraCrypt ဗားရှင်း မသွင်းမီ ၄င်းကို ဖယ်ထုတ်ရမည် ဖြစ်သည်။\n\n ဤစာပုံးကို သင် ပိတ်သည့်အခါ၊ ဗားရှင်း အဟောင်၏ ဆော့ဗ်ဝဲ ဖယ်ထုတ်စနစ် ပွင့်လာလိမ့်မည်။ VeraCrypt ကို ဖယ်ထုတ်နေစဉ် မည်သည့် volume ကိုမျှ စာဝှက်ပေးမည် မဟုတ်ပါ။ VeraCrypt ဗားရှင်း အဟောင်းကို ဖယ်ထုတ်ပြီးနောက်၊ ဗားရှင်းအသစ်ကို ထည့်သွင်းပါ။ - Registery ရေးသွင်းချက်ထဲ ထည့်သွင်းမှု မအောင်မြင်ပါ - Device ဒရိုင်ဘာ ထည့်သွင်းမှု မအောင်မြင်ပါ။ ဝင်းဒိုးကို ပြန်ဖွင့်ပြီး VeraCrypt ကို စက်ထဲ ထည့်သွင်းရန် ထပ်ကြိုးစားပါ။ - VeraCrypt device ဒရိုင်ဘာ စတင်ဖွင့်နေသည် - Device ဒရိုင်ဘာ ဖယ်ထုတ်မှု မအောင်မြင်ပါ။ ၎င်းသည် ဝင်းဒိုး ပြဿနာ တစ်ရပ်ကြောင့် ဖြစ်သည်၊ Device ဒရိုင်ဘာကို ဖယ်ထုတ်ခြင်း မပြုမီ ကွန်ပျူတာစနစ်ကို ခေတ္တပိတ်ပါ (သို့) ပြန်ဖွင့်ပါ (ဒါမှမဟုတ် စက်ထဲ ပြန်ထည့်ပါ)။ - VeraCrypt device ဒရိုင်ဘာ ထည့်သွင်းနေသည် - VeraCrypt device ဒရိုင်ဘာ ရပ်တန့်နေသည် - VeraCrypt device ဒရိုင်ဘာ ဖယ်ထုတ်နေသည် - သုံးစွဲသူ အကောင့် ထိန်းချုပ်ရေး ပံ့ပိုးမှု လိုင်ဘရာရီကို မှတ်ပုံတင်၍ မရပါ။ - သုံးစွဲသူ အကောင့် ထိန်းချုပ်ရေး ပံ့ပိုးမှု လိုင်ဘရာရီကို စာရင်းဖျက်၍ မရပါ။ - အိတ်ဆောင်စနစ် အကြောင်း သိကောင်းစရာ -\n\n OS သည် ဒရိုင်ဘာများကို မှတ်ပုံတင်ရန် လိုအပ်သည်၊ သို့မှသာ ၄င်းတို့ကို သုံးစွဲနိုင်မည် ဖြစ်သည်။ ထို့ကြောင့် VeraCrypt ဒရိုင်ဘာသည် လုံးလုံး အိတ်ဆောင်စနစ် မဟုတ်ပါ။ VeraCrypt အ​ပ္ပလီကေးရှင်းမှာမူ လုံး၀ အိတ်ဆောင်စနစ် ဖြစ်သည်၊ ၄င်းကို OS စက်ထဲ ထည့်သွင်းရန် မလို (သို့) မှတ်ပုံတင်ရန် မလိုပါ။ VeraCrypt သည် စာဝှက်ခြင်း/စာဝှက်ဖေါ်ခြင်းကို လက်ငင်း လုပ်ဆောင်နိုင်ရန် ဒရိုင်ဘာ တစ်ခုခု လိုအပ်သည်။ - VeraCrypt ကို အိတ်ဆောင်စနစ် (စက်ထဲ ထည့်သွင်းသော VeraCrypt နှင့်မတူပဲ) ဖြင့် သုံးစွဲရန် ဆုံးဖြတ်ပါက၊ ကွန်ပျူတာစနစ်သည် VeraCrypt (UAC prompt) ကို ဖွင့်သည့်အခါတိုင်း ခွင့်ပြုချက် တောင်းခံနေမည် ဖြစ်ပါသည်။\n\nအဘယ့်ကြောင့်ဆိုသော် VeraCrypt ကို အိတ်ဆောင်စနစ်ဖြင့် ဖွင့်သည့်အခါ၊ VeraCrypt သည် ၄င်း၏ device ဒရိုင်ဘာကို ဖွင့်ပေးရန် လိုအပ်နေသောကြောင့် ဖြစ်သည်။ VeraCrypt သည် စာဝှက်ခြင်း/စာဝှက်ဖေါ်ခြင်းကို လက်ငင်း ဆောင်ရွတ်နိုင်ရန် device ဒရိုင်ဘာ လိုအပ်နေသည်။ စီမံခန့်ခွဲသူ၏ လုပ်ပိုင်ခွင့် မရှိပဲ သုံးစွဲသူများသည် ၀င်းဒိုးထဲမှ device ဒရိုင်ဘာများကို စဖွင့်ပေးနိုင်မည် မဟုတ်ပါ။ ထို့ကြောင့် ကွန်ပျူတာစနစ်သည် VeraCrypt ကို စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့် (UAC prompt) ဖြင့် ဖွင့်ရန် တောင်းခံလာမည် ဖြစ်သည်။\n\n အကယ်၍ VeraCrypt ကို ကွန်ပျူတာစနစ်ထဲတွင် ထည့်သွင်းပါက၊ VeraCrypt (UAC prompt) ကို သင် ဖွင့်သည့်အခါတိုင်း၌ ကွန်ပျူတာစနစ်သည် ခွင့်ပြုချက်ကို တောင်းခံလာတော့မည် မဟုတ်ပါ။ \n\n ဖိုင်များကို ဖြည်ထုတ်ရန် သေချာသလား? - သတိပေးချက် - Volume ဖန်တီးမှု အညွှန်း ဖြစ်စဉ်တွင် စီမံခန့်ခွဲသူ၏ လုပ်ငန်းခွင့်များ ရှိရန် လိုအပ်သည်။\n\nသင်သည် volume အသစ်ကို ၄င်းအထဲ၌ စာများ ရေးသားခွင့် မရှိသော ခွင့်ပြုချက်မျိုးဖြင့် သင် ဖန်တီးနိုင်လိမ့်မည်။ဤဖြစ်ရပ်မျိုးကို ရှောင်ရှားလိုလျှင်၊ volume ဖန်တီးမှု အညွှန်းကို ပိတ်ပြီး စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့် မရှိသော volume အသစ် တစ်ခုကို ဖွင့်ပါ။\n\n Volume ဖန်တီးမှု အညွှန်းကို သင် ပိတ်လိုသလား? - ချို့ယွင်းချက် - လိုင်စင်ကို မပြနိုင်ပါ။ - အပြင်ဖက်(!) - ရက် - နာရီ - မိနစ် - စက္ကန့် - ဖွင့်ရန် - အဆုံးသတ်ရန် - VeraCrypt ကို ပြန်ရန် - VeraCrypt ကို ဖျောက်ထားရန် - အစပျိုး ကတည်းက ဖတ်ရှုသော ဒေတာများ - အစပျိုး ကတည်းက ရေးသားခဲ့သော ဒေတာများ - စာဝှက်ထားသည့် အပိုင်း - ၁၀၀% (လုံး စာဝှက်ထားပြီ) - ၀% (စာမဝှက်ရသေးပါ) - %.3f%% - ၁၀၀% - စောင့်ဆိုင်းဆဲ - ပြင်ဆင်နေတယ် - အရွယ် ပြန်ညှိနေသည် - စာဝှက်နေသည် - စာဝှက်ဖြည်နေသည် - အဆုံးသတ်နေသည် - ခေတ္တရပ်နားသည် - ပြီးသွားပြီ - ချို့ယွင်းချက် - Device အဆက်ဖြက်လိုက်သည် - ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို သိမ်းဆည်းလိုက်ပြီ။\n\n ကွန်ပျူတာစနစ် စဖွင့်သည့်အခါ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များ အစပျိုးမှုကို ဖွင့်ထားရန် 'ချိန်ညှိချက်များ' > 'ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များ' > 'ဝင်းဒိုး စဖွင့်သည့်အခါ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များ အစပျိုးရန်' ကို ရွေးပါ။ - စိတ်ကြိုက်များ စာရင်းထဲ သင် ထည့်သွင်းလိုသော volume သည် အခန်းကန့်လည်း မဟုတ်၊ တက်ကြွ volume လည်း မဟုတ်ပါ။ ထို့ကြောင့် VeraCrypt သည် device နံပါတ် ပြောင်းသွားပါက ဤ စိတ်ကြိုက် volume ကို အစပျိုးနိုင်မည် မဟုတ်ပါ။ - စိတ်ကြိုက်များ စာရင်းထဲ သင် ထည့်သွင်းလိုသော volume ကို ၀င်းဒိုးမှ အသိအမှတ် မပြုပါ။ ၀င်းဒိုးမှ အသိအမှတ်ပြုသော အခန်းကန့် အမျိုးအစားကို ချမှတ်ပါ (၀င်းဒိုး၏ 'diskpart' ကိရိယာ ဖြစ်သော SETID ညွှန်ကြားချက်ကို သုံးစွဲပါ)။ ထို့နောက် အခန်းကန့်ကို စိတ်​ကြိုက် စာရှင်းထဲ ပြန်ထည့်ပါ။ - အစပျိုးထားသော volumes များ မရှိပါက (သို့မဟုတ် VeraCrypt ကို အိ​တ်ဆောင်စနစ်ဖြင့် သုံးစွဲပါက) VeraCrypt ၏ နောက်ခံ လုပ်ငန်းများကို ပိတ်ထားသည် (သို့) ထွက်ရန် စီစဉ်ထားသည်။ ဤအချက်က သင့် စိတ်ကြိုက် volumes များ အလိုလျှောက် အစမပျိုးနိုင်ရန် အတားအဆီး ဖြစ်စေနိုင်သည်။\n\nမှတ်ချက် - VeraCrypt ၏ နောက်ခံ လုပ်ငန်းများကို ဖွင့်ရန်၊ 'VeraCrypt နောက်ခံ လုပ်ငန်း' အပိုင်းမှ ချိန်ညှိချက်များ > ဦးစားပေးချက်များ ကို ရွေးပါ။ - ကွန်ရက် တစ်ခုဖြင့် ဝေမျှသော ရပ်ဝေးမှ ဖိုင်စနစ် တစ်ခု၌ သိမ်းဆည်းထားသော သိမ်းဆည်းခန်းသည် ၄င်းရှိ​​နေသော device အဆက်အသွယ် ရ​သွားသောအခါ အလိုအလျောက် ဖွင့်နိုင်မည် မဟုတ်ပါ။ - အောက်တွင် ဖော်ပြသော device သည် အခန်းကန့်လည်း မဟုတ်၊ တက်ကြွ volume လည်း မဟုတ်ပါ။ ထို့ကြောင့်၊ device ​ထဲ၌ ထားရှိသော volume သည် device အဆက်အသွယ် ရသည့်အခါ ၄င်းကို အလိုအလျောက် အစပျိုးနိုင်မည် မဟုတ်ပါ။ - အောက်တွင် ဖော်ပြသော အခန်းကန့်ကို ဝင်းဒိုးမှ အသိအမှတ်ပြုသော အမျိုးအစားအဖြင့် သတ်မှတ်ပါ (ဝင်းဒိုး၏ 'diskpart' ကိရိယာမှ SETID ညွှန်ကြားချက်ကို သုံးစွဲပါ)။ အခန်းကန့်ကို စိတ်ကြိုက်များ စာရင်းမှ ဖယ်ရှားပြီး ပြန်ထည့်သွင်းပါ။ ထိုသို့ ပြုလုပ်ခြင်းဖြင့် device အဆက်အသွယ် ရသည့်အခါ device ၌ ရှိသော volume အလိုအလျောက် အစပျိုးရန် ဖွင့်ပေးမည် ဖြစ်သည်။ - အောက်တွင် ဖော်ပြသော device မှာ အခန်းကန့်လည်း မဟုတ်၊ တက်ကြွ volume လည်း မဟုတ်ပါ။ ထို့ကြောင့်၊ ၎င်းအတွက် မည်သည့် လေဘယ်လ်ကိုမျှ သတ်မှတ်၍ ရမည် မဟုတ်ပါ။ - အောက်တွင် ဖော်ပြသော အခန်းကန့်ကို ဝင်းဒိုးမှ အသိအမှတ်ပြုသော အမျိုးအစားအဖြင့် သတ်မှတ်ပါ (ဝင်းဒိုး၏ 'diskpart' ကိရိယာမှ SETID ညွှန်ကြားချက်ကို သုံးစွဲပါ)။ အခန်းကန့်ကို စိတ်ကြိုက်များ စာရင်းမှ ဖယ်ရှားပြီး ပြန်ထည့်သွင်းပါ။ ထိုသို့ ပြုလုပ်ခြင်းဖြင့် VeraCrypt သည် အခန်းကန့်အတွက် လေဘယ်လ် တစ်ခု သတ်မှတ်ပေးနိုင်မည် ဖြစ်သည်။ - ဝင်းဒိုး၏ ကန့်သတ်ချက်ကြောင့်၊ ကွန်ရက် တစ်ခုအတွင်း ဝေမျှထားသော ရပ်ဝေး ဖိုင်စနစ်ထဲ၌ သိမ်းဆည်းထားသော သိမ်းဆည်းခန်း တစ်ခုကို ကွန်ပျူတာစနစ် စိတ်ကြိုက် volume တစ်ခုအဖြစ် အစပျိုး၍ မရနိုင်ပါ (သို့သော်၊ အကောင့်ထဲ သုံးစွဲသူ တစ်ဦး ၀င်ရောက်လာသောအခါ ကွန်ပျူတာစနစ် မဟုတ်သော စိတ်ကြိုက် volume တစ်ခုအဖြစ် ​အစပျိုးနိုင်သည်)။ - %s အတွက် စကားဝှက် ရေးထည့်ပါ - '%s' အတွက် စကားဝှက် ရေးထည့်ပါ - ပုံမှန် volume/ ပြင်ပ volume အတွက် စကားဝှက် ရေးထည့်ပါ - လျှို့ဝှက် volume အတွက် စကားဝှက် ရေးထည့်ပါ - အရံသင့် ဖိုင်ထဲ၌ သိမ်းဆည်းထားသော ခေါင်းစီးအတွက် စကားဝှက် ရေးထည့်ပါ - ကီးဖိုင်ကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီ။ - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - သတိပေးချက် - ဤ volume ၏ ခေါင်းစီး ပျက်စီးသွားပြီ! ၎င်း volume ထဲ၌ ထည့်မြှပ်ထားသော volume ခေါင်းစီး အရံသင့် သိမ်းဆည်းချက်ကို VeraCrypt သည် အလိုအလျောက် သုံးစွဲထားသည်။\n\n Volume ခေါင်းစီးကို 'ကိရိယာများ' > 'Volume ​ခေါင်းစီး ပြန်ထားရန်' ကို ရွေးပြီး ပြုပြင်ပါ။ - Volume ခေါင်းစီးကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီ။\n\nအရေးကြီးချက် - ဤအရန်သင့် ဖိုင်ကို အသုံးပြုပြီး volume ခေါင်းစီးကို ပြန်ထားခြင်းဖြင့် လက်ရှိ volume ၏ စကားဝှက်ကိုလည်း ပြန်ထားပေးမည် ဖြစ်သည်။ ထို့အပြင် volume ကို အစပျိုးရန် ကီးဖိုင်(များ) လိုအပ်လာပါက၊ volume ခေါင်းစီးကို ပြန်ထားသည့်အခါ ၄င်း volume ကို အစပျိုးရန်အတွက် အလားတူ ကီးဖိုင် လိုအပ်လာမည်ဖြစ်သည်။\n\nသတိပေးချက် - ဤ volume ခေါင်းစီးကို သီးခြား volume ၏ ခေါင်းစီးကို ပြန်ထားရန် သုံးစွဲနိုင်သည်။ အကယ်၍ ဤခေါင်းစီး အရန်သင့် ဖိုင်ကို အခြား volume တစ်ခု၏ ခေါင်းစီး ပြန်ထားရန် အသုံးပြုပါက၊ ၄င်း volume ကို သင် အစပျိုးနိုင်မည် ဖြစ်သည်၊ သို့သော် volume ထဲ၌ သိမ်းဆည်းထားသော ဒေတာများကို သင် စာဝှက်ဖေါ်နိုင်မည် မဟုတ်ပါ (အဘယ့်ကြောင့် ဆိုသော် ၄င်း၏ မာစတာ ကီးကို သင် ပြောင်းလဲရမည် ဖြစ်သည်)။ - volume ခေါင်းစီးကို အောင်မြင်စွာ ပြန်ထားလိုက်ပြီ။\n\nအရေးကြီးချက် - စကားဝှက် အဟောင်းကိုပါ ပြန်ထားနိုင်သည်ကို သတိပြုပါ။ ဒါ့အပြင်၊ အကယ်၍ အရန်သင့်ဖိုင်ကို ဖန်တီးသည့်အခါ volume ကို အစပျိုးရန်အတွက် ကီးဖိုင်(များ) လိုအပ်လာပါက၊ ၄င်း volume ကို အစပျိုးရန်အတွက် အလားတူ ကီးဖိုင်များ လိုအပ်လာမည် ဖြစ်သည်။ - လုံခြုံရေး အကြောင်းကြောင့်၊ ဤ volume အတွက် စကားဝှက် အမှန် (နှင့် ကီးဖိုင် အမှန်) ကို သင် ရေးထည့်ရမည်။\n\nမှတ်ချက် - အကယ်၍ volume ၌ လျှို့ဝှက် volume တစ်ခု ပါရှိပါက၊ ပြင်ပ volume အတွက် စကားဝှက် အမှန်ကို အရင် ရေးထည့်ပေးရမည် ဖြစ်သည်။ ထိုမှတဆင့်၊ လျှို့ဝှက် volume ၏ ခေါင်းစီးကို အရန်သင့် ဖိုင် ပြုလုပ်မည် ဆိုပါက၊ လျှို့ဝှက် volume အတွက် စကားဝှက်အမှန် (နှင့် ကီးဖိုင် အမှန်) ကို သင် ရေးထည့်ရမည် ဖြစ်သည်။ - %s အတွက် volume အရန်သင့် ခေါင်းစီးကို ဖန်တီးရန် သေချာသလား?\n\n ဟုတ်ကဲ့ ခလုတ်ကို နှိပ်ပြီးပါက၊အရန်သင့် ခေါင်းစီးအတွက် ဖိုင်အမည်ကို တောင်းလာလိမ့်မည်။\n\nမှတ်ချက် - ပုံမှန် volume နှင့် လျှို့ဝှက် volume ခေါင်းစီးများကို salt အသစ် တစ်ခု သုံးပြီး ထပ်မံ စာဝှက်ပေးမည် ဖြစ်ပြီး၊ အရန်ဖိုင်တွင် သိမ်းဆည်းထားမည် ဖြစ်သည်။ ဤ volume အထဲ၌ လျှို့ဝှက် volume မရှိပါက၊ အရန်သင့် ဖိုင်အတွင်းရှိ လျှို့ဝှက် volume အတွက် ချန်ထား​ပေးသော နေရာ၌ (ပေါ်ပေါက်လာနိုင်သော ငြင်းဆိုမှုကို ထိန်းသိမ်းရန်) ကျပန်း ဒေတာများ နေရာယူသွားမည် ဖြစ်သည်။ Volume ​ခေါင်းစီး တစ်ခုကို အရန်သင့် ဖိုင်ထဲမှ ပြန်ထားသည့်အခါ၊ volume အရန်သင့် ခေါင်းစီးကို ဖန်တီးသည့်အခါ သုံးစွဲသော စကားဝှက် အမှန် (နှင့် ကီးဖိုင် အမှန်) ကို သင် ရေးထည့်ရမည်။ စကားဝှက် (နှင့် ကီးဖိုင်များ) သည် ပြန်ထားရမည့် volume ခေါင်းစီး အမျိုးအစားကို အလိုအလျောက် ဆုံးဖြတ်ပေးမည် ဖြစ်သည်၊ ဥပ​မာ အားဖြင့် - ပုံမှန်လား (သို့) လျှို့ဝှက်လား (VeraCrypt သည် ယင်း အမျိုးအစားကို အစမ်း သုံးစွဲမှုနှင့် ချို့ယွင်းချက်များမှ တဆင့် ဆုံးဖြတ်ပေးသည်)။ - %s ၏ volume ခေါင်းစီးကို ပြန်ထားရန် သေချာသလား?\n\n သတိပေးချက် - Volume ခေါင်းစီးကို ပြန်ထားခြင်းသည် အရန်သင့် ဖိုင် ဖန်တီးခဲ့စဉ်က သုံးစွဲခဲ့သော volume စကားဝှက်ကိုလည်း ပြန်ထားပေးမည် ဖြစ်သည်။ ထို့အပြင် အရန်သင့်ဖိုင် ဖန်တီးခဲ့စဉ်က volume ကို အစပျိုးရန် ကီးဖိုင်(များ) လိုအပ်ပါက၊ volume ခေါင်းစီးကို ပြန်ထားပြီးနောက် အဲဒီ volume ကို အစပျိုးဖို့ အလားတူ ကီးဖိုင်(များ) လိုအပ်လာမည် ဖြစ်သည်။\n\nဟုတ်ကဲ့ ခလုတ်ကို နှိပ်ပြီးပါက၊ အရန်သင့် ခေါင်းစီးဖိုင်ကို သင် ရွေးချယ်ရပါမည် ဖြစ်သည်။ - ဤ volume ထဲ၌ လျှို့ဝှက် volume ပါရှိသလား? - ဤ volume ထဲ၌ လျှို့ဝှက် volume ပါရှိသည် - ဤ volume ထဲ၌ လျှို့ဝှက် volume မရှိပါ - သင် အသုံးပြုလိုသောvolume ခေါင်းစီး အရန်သင့်ဖိုင် အမျိုးအစားကို ရွေးချယ်ပါ - - Volume ခေါင်းစီးကို volume ထဲ၌ ထည့်မြှပ်ထားသော အရန်သင့်ဖိုင်ထဲမှ ပြန်ထားလိုက်ပါ - Volume ခေါင်းစီးကို ပြင်ပ အရန်သင့် ဖိုင်တစ်ခုထဲမှ ပြန်ထားပါ - Volume ခေါင်းစီး အရန်သင့်ဖိုင်၏ အရွယ်အစား မှန်ကန်မှု မရှိပါ။ - ဤ volume အတွင်း၌ ထည့်မြှပ်ထားသော အရန်သင့် ခေါင်းစီး မရှိပါ (VeraCrypt 6.0 နှင့် နောက်ပိုင်း ထုတ်သော ဗားရှင်းများ၌ ပါရှိသော volumes များ၌သာ ထည့်မြှပ်ထားသော အရန်သင့် ခေါင်းစီးများ ပါရှိသည်)။ - သင်သည် ကွန်ပျူတာစနစ်မှ အခန်းကန့်/drive ၏ ခေါင်းစီးကို အရန်သင့် ပြုလုပ်ရန် ကြိုးစားနေသည်။၎င်းကို ခွင့်မပြုပါ။ ကွန်ပျူတာစနစ်မှ အခန်းကန့်/drive နှင့် သက်ဆိုင်သော အရန်သင့် ပြုလုပ်ခြင်း/ပြန်ထားခြင်း လုပ်ငန်းများကို VeraCrypt ဆယ်တင်ရေး ခွေဖြင့်သာ ပြုလုပ်နိုင်သည်။\n\n VeraCrypt ဆယ်တင်ရေးခွေကို ပြုလုပ်လိုသလား? - သင်သည် VeraCrypt volume အတု၏ ခေါင်းစီးကို ပြန်ထားရန် ကြိုးစားနေသည်၊ သို့သော် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို သင် ရွေးချယ်ထားသည်။ ၎င်းကို ခွင့်မပြုပါ။ ကွန်ပျူတာစနစ်မှ အခန်းကန့်/drive နှင့် သက်ဆိုင်သော အရန်သင့် ပြုလုပ်ခြင်း/ပြန်ထားခြင်း လုပ်ငန်းများကို VeraCrypt ဆယ်တင်ရေး ခွေဖြင့်သာ ပြုလုပ်နိုင်သည်။\n\n VeraCrypt ဆယ်တင်ရေးခွေကို ပြုလုပ်လိုသလား? - ကောင်းပြီ ခလုတ်ကို နှိပ်ပြီးနောက်၊ လိုက်ပါက VeraCrypt ဆယ်တင်ရေး အခွေ ISO image အသစ် အတွက် ဖိုင်အမည်နှင့် ၄င်းကို ထားရှိလိုသည့် နေရာကို သင် ရွေးချယ်ရမည်။ - ဆယ်တင်ရေး အခွေ image ကို ဖန်တီးလိုက်ပြီး ၄င်းကို ဤဖိုင်ထဲ၌ သိမ်းဆည်းထားသည် -\n%s\n\nယခုအခါ ဆယ်တင်ရေး အခွေကို စီဒီ/ဒီဗွီဒီ ခွေအဖြစ် သင် ဖန်တီးရမည် ဖြစ်သည်။\n\nအရေးကြီးချက် - ၄င်းဖိုင်ကို (သီးခြားဖိုင် အဖြစ် မဟုတ်ပဲ) ISO ​အခွေ image အဖြစ် စီဒီ/ဒီဗွီဒီထဲ၌ ရေးရမည် ဖြစ်သည်။ ပြုလုပ်နည်း အချက်အလက်ကို၊ သင့် စီဒီ/ဒီဗွီဒီ မှတ်တမ်းတင် ဆော့ဗ်ဝဲထဲရှိ သုံးစွဲနည်း လမ်းညွှန်၌ လေ့လာပါ။\n\n ဆယ်တင်ရေး အခွေ ပြုလုပ်ပြီးပါက၊ အခွေကို မှန်မှန်ကန်ကန် ကူးယူမှု ရှိမရှိ စစ်ဆေးရန် 'System' > 'ဆယ်တင်ရေး အခွေ စစ်ဆေးရန်' ကို ရွေးပါ။ - ဆယ်တင်ရေး အခွေ image ကို ဖန်တီးလိုက်ပြီး ၄င်းကို ဤဖိုင်ထဲ၌ သိမ်းဆည်းထားသည် -\n%s\n\nယခုအခါ ဆယ်တင်ရေး အခွေကို စီဒီ/ဒီဗွီဒီ ခွေအဖြစ် သင် ဖန်တီးရမည် ဖြစ်သည်။\n\nမိုက်ခရိုဆော့ဗ် ၀င်းဒိုး အခွေ Image ကူးစနစ်ကို ယခု ဖွင့်မည်လား?\n\nမှတ်ချက် - ဆယ်တင်ရေး အခွေကို ကူးယူပြီးပါက၊ အခွေကို မှန်မှန်ကန်ကန် ကူးယူမှု ရှိမရှိ စစ်ဆေးရန် 'System' > 'ဆယ်တင်ရေး အခွေ စစ်ဆေးရန်' ကို ရွေးပါ။ - VeraCrypt ဆယ်တင်ရေး အခွေကို သင့် CD/DVD drive ထဲ ထည့်ပြီး ၄င်းကို စစ်ဆေးရန် ကောင်းပြီး ခလုတ်ကို နှိပ်ပါ။ - VeraCrypt ဆယ်တင်ရေး အခွေကို အောင်မြင်စွာ စစ်ဆေးလိုက်ပြီ။ - ဆယ်တင်ရေး အခွေကို မှန်မှန်ကန်ကန် ရေးကူးမှု ရှိမရှိ စစ်ဆေး၍ မရပါ။\n\nဆယ်တင်ရေး ​အခွေကို ကူးပြီးပါ​က၊ စီဒီ/ဒီဗွီဒီကို ထုတ်ပြီး ပြန်သွင်းကာ ထပ်စမ်းကြည့်ပါ။ အကယ်၍ အလုပ်မဖြစ်ပါက၊ အခြား စီဒီ/ဒီဗွီဒီ ခွေကူး ဆော့ဗ်ဝဲ (သို့) ကြားခံဖြင့် ထပ်စမ်းကြည့်ပါ။\n\nအကယ်၍ သင်သည် အခြား မာစတာ ကီး၊ စကားဝှက်၊ salt နှင့် အခြားအတွက် ဖန်တီးထားသော VeraCrypt ဆယ်တင်ရေး အခွေကို စစ်ဆေးရန် ကြိုးပမ်း​နေပါက၊ ယင်းကဲ့သို့ ဆယ်တင်ရေး အခွေသည် ဤကဲ့သို့ စစ်ဆေးမှုကို အောင်မြင်မည် မဟုတ်ပါ။ သင့် လက်ရှိ ပြုပြင်ဖန်တီးမှုနှင့် ကိုက်ညီသော ဆယ်တင်ရေး အခွေသစ် တစ်ခုကို သင် ပြုလုပ်လိုပါက 'System' > 'ဆယ်တင်ရေး ​အခွေ ဖန်တီးရန်' ကို ရွေးပါ။ - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - VeraCrypt ဆယ်တင်ရေး အ​ခွေ ဖန်တီးမှု ချို့ယွင်းချက်။ - လျှို့ဝှက် OS ကို သုံးစွဲ​​နေစဉ် VeraCrypt ဆယ်တင်ရေး အခွေကို ဖန်တီး၍ မရပါ။\n\nVeraCrypt ဆယ်တင်ရေး အခွေကို ဖန်တီးရန်၊ မျက်လှည့် OS ကို ဖွင့်ပြီး 'System' > 'ဆယ်တင်ရေး အခွေ ဖန်တီးရန်' ကို ရွေးပါ။ - ဆယ်တင်ရေး အခွေကို မှန်မှန်ကန်ကန် ရေးကူးမှု ရှိမရှိ စစ်ဆေး၍ မရပါ။\n\nဆယ်တင်ရေး ​အခွေကို ကူးပြီးပါ​က၊ စီဒီ/ဒီဗွီဒီကို ထုတ်ပြီး ပြန်သွင်းကာ ထပ်စမ်းကြည့်ပါ။ အကယ်၍ အလုပ်မဖြစ်ပါက၊ အခြား စီဒီ/ဒီဗွီဒီ ခွေကူး ဆော့ဗ်ဝဲ (သို့) ကြားခံ %s ဖြင့် ထပ်စမ်းကြည့်ပါ။\n\nအကယ်၍ သင်သည် ဆယ်တင်ရေး အခွေကို မကူးသေးပါက၊ ယခု ကူးယူပြီးနောက်၊ ရှေ့သို့ ခလုတ်ကို နှိပ်ပါ။\n\n ဤအညွှန်းကို မဖွင့်မီ သင် ဖန်တီးခဲ့သော VeraCrypt ဆယ်တင်ရေး အခွေကို စစ်ဆေးရန် သင် ကြိုးပမ်းနေပါက၊ ယင်းကဲ့သို့ ဆယ်တင်ရေး အခွေကို သုံးစွဲနိုင်မည် မဟုတ်ပါ၊ အဘယ်ကြောင့် ဆိုသော် ၄င်းသည် အခြား မာစတာ ကီးအတွက် ဖန်တီးထား၍ ဖြစ်သည်။ အသစ် ထုတ်လုပ်ထားသော ဆယ်တင်ရေး အခွေကို သင် ကူးယူရန် လိုအပ်သည်။ - ၄င်းအပြင် အခြား စီဒီ/ဒီဗွီဒီ မှတ်တမ်းတင် ဆော့ဗ်ဝဲ - VeraCrypt - ကွန်ပျူတာစနစ် စိတ်ကြိုက် Volumes များ - ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes ဆိုသည်မှာ အဘယ်နည်း? - ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ထားပုံ မပေါ်ပါ။\n\nကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes ကို စက်မဖွင့်မီ အတည်ပြု စကားဝှက်ဖြင့်သာ အစပျိုးနိုင်မည် ဖြစ်သည်။ ထို့ကြောင့်၊ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို ဖွင့်ရန်၊ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို အရင် စာဝှက်ထားရန် လိုသည်။ - ဆက်မလုပ်မီ volume ကို အဆုံးသတ်လိုက်ပါ။ - ချို့ယွင်းချက် - အချိန် သတ်မှတ်၍ မရပါ။ - ဖိုင်စနစ် စစ်ဆေးရန် - ဖိုင်စနစ် ပြုပြင်ရန် - စတ်ကြိုက်များ စာရင်းထဲ ထည့်သွင်းပါ... - ကွန်ပျူတာစနစ် စိတ်ကြိုက်များ စာရင်းထဲ ထည့်သွင်းပါ... - &r ဂုဏ်အင်္ဂါရပ်များ - လျှို့ဝှက် Volume ကာကွယ်ထားပြီ - N/A - ဟုတ်ကဲ့ - မဟုတ်ပါ - ပိတ်ထားသည် - - ၂ (သို့) ထိုထက်ပိုသော - လည်ပတ်မှု စနစ် - လေဘယ်လ် - - အရွယ်အစား- - ဖိုင် လမ်းကြောင်း - - Drive အက္ခရာ - - ချို့ယွင်းချက် - စကားဝှက်၌ ASCII အက္ခရာ စာလုံးများသာ ပါ၀င်ရမည်။\n\nစကားဝှက်တွင် ASCII အက္ခရာ စာလုံးများ မဟုတ်သော စာလုံးများ ရှိပါက၊ သင့် ကွန်ပျူတာစနစ် ပြုပြင်ဖန်တီးမှု ပြောင်းသွားသောအခါ volume ကို ဖွင့်နိုင်မည် မဟုတ်ပါ။\n\nအောက်ပါ အက္ခရာ စာလုံးများကို ခွင့်ပြုထားသည် -\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - သတိပေးချက် - စကားဝှက်၌ ASCII မဟုတ်သော အက္ခရာစာလုံးများ ပါရှိနေသည်။ ဤအချက်ကြောင့် သင့် ကွန်ပျူတာစနစ် ပြုပြင်ဖန်တီးမှု ပြောင်းသွားသောအခါ volume ကို ဖွင့်နိုင်မည် မဟုတ်ပါ။\n\n စကားဝှက်၌ ပါသော ASCII မဟုတ်သော စကားဝှက်များကို ASCII အက္ခရာများနှင့် အစားထိုးပါ။ ထိုသို့ ပြုလုပ်ရန် 'Volumes' -> 'Volume စကားဝှက် ပြောင်းရန်' ကို နှိပ်ပါ။\n\n ASCII အက္ခရာစာလုံးများကို အောက်ပါအတိုင်း ဖေါ်ပြထားသည် -\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - သတိပေးချက် - ဖိုင် extensions များ (such as .exe, .sys, or .dll) နှင့် အခြား အလားတူ ပြဿနာ ရှိနိုင်သော ဖိုင် extensions များကို ရှောင်ရန် အထူး တိုက်တွန်းလိုသည်။ ယင်းကဲ့သို့ ဖိုင် extensions များကို သုံးစွဲခြင်းဖြင့် ဝင်းဒိုးနှင့် ဗိုင်းရပ်စ်သတ် ဆော့ဗ်ဝဲတို့သည် သိမ်းဆည်းခန်းနှင့် အနှောင့်အယှက် ဖြစ်လာနိုင်သည်။ ၄င်းကြောင့် volume ၏ စွမ်းဆောင်ရည်ကို ထိ​ခိုက်စေပြီး အခြား ပြင်းထန်သော ပြဿနာများ ပေါ်ပေါက်စေနိုင်သည်။\n \nဖိုင် extension ကို ဖယ်ရှားပြီး ​အမည်ပြောင်းရန် အထူး အကြံပြုလိုသည် (ဥပမာ - '.hc' စသဖြင့်)။\n \nဤပြဿနာများ ဖြစ်စေနိုင်သည့် ဖိုင် extension ကို အသုံးပြုရန် သေချာသလား? - သတိပေးချက် - ဤသိမ်းဆည်းခန်း၌ ဖိုင် extensions များ (such as .exe, .sys, or .dll) နှင့် အခြား အလားတူ ပြဿနာ ရှိနိုင်သော ဖိုင် extensions များ၌ သုံးစွဲသော ဖိုင် extension တစ်ခု ရှိနေသည်။ ယင်းကြောင့် ဝင်းဒိုးနှင့် ဗိုင်းရပ်စ်သတ် ဆော့ဗ်ဝဲတို့သည် သိမ်းဆည်းခန်းနှင့် အနှောင့်အယှက် ဖြစ်လာနိုင်ပြီး volume ၏ စွမ်းဆောင်ရည်ကို ထိ​ခိုက်စေပြီး အခြား ပြင်းထန်သော ပြဿနာများ ပေါ်ပေါက်စေနိုင်သည်။\n\n Volume ကို အဆုံးသတ်ပြီးနောက် ဖိုင် extension ကို ဖယ်ရှားပြီး ​(ဥပမာ - '.hc' စသဖြင့်) အမည်ပြောင်းရန် အထူး အကြံပြုလိုသည်။ - ပင်မ စာမျက်နှာ - သတိပေးချက် - ဝင်းဒိုး ထည့်သွင်းရာ၌ မည်သည့် Service Pack ကိုမျှ သုံးစွဲထားပုံ မပေါ်ပါ။ Service Pack 1 (သို့) နောက်ဆုံးထွက်ကို သုံးစွဲမထားသော Windows XP ထဲ၌ 128GB ထက် ကြီးသော IDE disks များကို ရေးသားခြင်း မပြုရ။ အကယ်၍ ပြုလုပ်ပါက၊ disk ပေါ်ရှိ (VeraCrypt volume ဟုတ်သည် ဖြစ်စေ၊ မဟုတ်သည် ဖြစ်စေ) ဒေတာများ ပျက်စီးနိုင်သည်။ ၎င်းမှာ ဝင်းဒိုး၏ ကန့်သတ်ချက် ဖြစ်ပြီး၊ VeraCrypt ၏ ပရိုဂရမ်အမှား မဟုတ်ပါ။ - သတိပေးချက် - ဝင်းဒိုး ထည့်သွင်းရာ၌ Service Pack 3 နှင့် နောက်ဆုံးထွက်ကို သင် သုံးစွဲထားပုံ မပေါ်ပါ။ Service Pack 3 (သို့) နောက်ဆုံးထွက်ကို သုံးစွဲမထားသော Windows 2000 ထဲ၌ 128GB ထက် ကြီးသော IDE disks များကို ရေးသားခြင်း မပြုရ။ အကယ်၍ ပြုလုပ်ပါက၊ disk ပေါ်ရှိ (VeraCrypt volume ဟုတ်သည် ဖြစ်စေ၊ မဟုတ်သည် ဖြစ်စေ) ဒေတာများ ပျက်စီးနိုင်သည်။ ၎င်းမှာ ဝင်းဒိုး၏ ကန့်သတ်ချက် ဖြစ်ပြီး၊ VeraCrypt ၏ ပရိုဂရမ်အမှား မဟုတ်ပါ။\n\nမှတ်ချက် - Registry ထဲ၌ 48-bit LBA အထောက်အပံ့ကို ဖွင့်ထားရန် လိုအပ်နိုင်သည်။ အသေးစိတ် အချက်အလက်ကို http://support.microsoft.com/kb/305098/EN-US ၌ လေ့လာပါ။ - သတိပေးချက် - သင့် ကွန်ပျူတာစနစ်တွင် 48-bit LBA ATAPI အထောက်အပံ့ကို ပိတ်ထားသည်။ ထို့ကြောင့်၊ IDE disks ထဲ၌ 128GB ထက်ပို၍ မရေးသားသင့်ပါ။ အကယ်၍ ထိုသို့ ပြုလုပ်ပါက (VeraCrypt volume ဟုတ်သည် ဖြစ်စေ၊ မဟုတ်သည် ဖြစ်စေ) disk ထဲရှိ ဒေတာများ ပျက်စီးနိုင်သည်။ ၎င်းမှာ ဝင်းဒိုး၏ ကန့်သတ်ချက် ဖြစ်ပြီး၊ VeraCrypt ၏ ကန့်သတ်ချက် မဟုတ်ကြောင်း သတိပြုပါ။\n\n 48-bit LBA ATAPI အထောက်အပံ့ ဖွင့်ရန်၊ registry ကီး HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters ထဲမှ 'EnableBigLba' ၏တန်ဖိုးကို 1 ဟု သတ်မှတ်ပါ။\n\nအသေးစိတ် အချက်အလက်ကို http://support.microsoft.com/kb/305098 တွင် လေ့လာပါ။ - ချို့ယွင်းချက် - 4GB ထက်ကြီးသော ဖိုင်များကို FAT32 ဖိုင်စနစ်တွင် သိမ်းဆည်း၍ မရပါ။ ထို့ကြောင့် FAT32 ဖိုင်စနစ်ထဲ၌ သိမ်းထားသော VeraCrypt volumes များ(သိမ်းဆည်းခန်များ) သည် 4GB ထပ်ပို၍ မထားနိုင်ပါ။\n\nအကယ်၍ ပိုကြီးသော volume လိုအပ်ပါက၊ ၄င်းကို NTFS ဖိုင်စနစ်တွင် ဖန်တီးပါ (သို့မဟုတ် အကယ်၍ Windows Vista SP1 နှင့် နောက်ဆုံးပေါ် သုံးစွဲပါက၊ exFAT ဖိုင်စနစ်ကို အသုံးပြုပါ) ဒါမှမဟုတ် ဖိုင် သိမ်းထားသော volume ကို ဖန်တီးပြီး၊ အခန်းကန့် (သို့) device တစခုလုံးကို စာဝှက်လိုက်ပါ။ - သတိပေးချက် - Windows XP သည် မှ 2048 GB ထက်ပိုကြီးသော ဖိုင်များကို လက်မခံပါ ("Not enough storage is available" ဟု သတိပေးလာမည် ဖြစ်သည်)။ ထို့ကြောင့် Windows XP တွင် 2048 GB ထက်ကြီးသော VeraCrypt volume (သိမ်းဆည်းခန်း) ကို ဖန်တီးနိုင်မည် မဟုတ်ပါ။\n\n သို့သော် Windows XP တွင် drive တစ်ခုလုံး ကို ဖန်တီးနိုင်သည် (သို့) 2048 GB ထက်ကြီးသော VeraCrypt volume အခန်းကန့် တစ်ခုကို သင် ဖန်တီးနိုင်သည်။ - သတိပေးချက် - နောင်အချိန်၌ ပြင် volume တွင် ဒေတာများ/ဖိုင်များကို ထပ်မံ ထည့်သွင်းလိုပါက၊ အရွယ်ပမာဏ ပို၍ သေးငယ်သော လျှို့ဝှက် volume ကို သင် ရွေးချယ်နိုင်သည်။\n\nသင် သတ်မှတ်ထားသည့် အရွယ်ပမာဏ အတိုင်း ဆက်လုပ်ရန် သေချာသလား? - Volume ကို ရွေးမထားပါ။\n\n VeraCrypt volume တစ်ခုကို ရွေးချယ်ရန် 'Device ရွေးရန်' (သို့) 'ဖိုင် ရွေးရန်' ကို နှိပ်ပါ။ - ရွေးထားသော အခန်းကန့် မရှိပါ။\n\nစက်မတက်မီ အတည်ပြုချက် လိုအပ်သော အဆုံးသတ်ထားသော အခန်းကန့် တစ်ခုကို ရွေးချယ်ရန် 'Device ရွေးချယ်ရန်' ကို နှိပ်ပါ (ဥပမာ အားဖြင့်၊ အခြား OS ၏ စာဝှက်ထားသော drive ထဲ၌ ရှိသော အခန်းကန့် တစ်ခု၊ (သို့) အခြား OS ၏ စာဝှက်ထားသော အခန်းကန့်)။ \n\n မှတ်ချက် - ရွေးချယ်ထားသော အခန်းကန့်ကို စက်မတက်မီ အတည်ပြုစရာ မလိုပဲ ပုံမှန် VeraCrypt volume ကဲ့သို့ အစပျိုးနိုင်သည်။ ဤအချက်သည် အရန်သင့် သိမ်းဆည်းရန် (သို့) လုပ်​ငန်းလည်ပတ်မှုများ ပြုပြင်ရန် အသုံး၀င်သည်။ - သတိပေးချက် - အကယ်၍ ကီးဖိုင်များကို သတ်မှတ်ပြီး ဖွင့်ထားပါက၊ ၄င်းကီးဖိုင်များကို အသုံးမပြုသော volumes များကို အစပျိုးနိုင်မည် မဟုတ်ပါ။ ထို့ကြောင့်၊ ပုံမှန် ကီးဖိုင်များကို ဖွင့်ပြီးပါက၊ ယင်းကဲ့သို့ volumes မျိုးကို အစပျိုးသည့်အခါတိုင်း အမှန်ခြစ်ကွက်ထဲမှ 'ကီးဖိုင်များ သုံးရန်' ကို မရွေးရန် သတိပြပါ။\n\nရွေးချယ်ထားသော ကီးဖိုင်/ဖိုင်လမ်းကြောင်းများကို ပုံမှန်အတိုင်း သိမ်းဆည်းရန် သေချာသလား? - အလိုလို-အစပျိုးသော Devices များ - အားလုံးကို အဆုံးသတ်ရန် - ကေ့ချ်ကို ရှင်းလင်းရန် - အားလုံးကို အဆုံးသတ်ပါ၊ ကေ့ချ်ကို ရှင်းလင်းပါ - အားလုံးကို အတင်း အဆုံးသတ်ပါ၊ ကေ့ချ်ကို ရှင်းလင်းပါ - အားလုံးကို အတင်း အဆုံးသတ်ပါ၊ ကေ့ချ်ကို ရှင်းလင်းပါ & ထွက်ပါ - စိတ်ကြိုက် Volumes များ အစပျိုးရန် - ပင်မ VeraCrypt ဝင်းဒိုးကို ပြပါ/ဝှက်ပါ - (ဤနေရာကို နှိပ်ပြီး ကီးတစ်ခု နှိပ်ပါ) - လုပ်ဆောင်ချက် - ဖြတ်လမ်း - ချို့ယွင်းချက် - ဤဖြတ်လမ်းကို သီးသန့်ဖယ်ထားသည်။ အခြား ဖြတ်လမ်း တစ်ကို ရွေးပါ။ - ချို့ယွင်းချက် - ဖြတ်လမ်းကို အသုံးပြုနေသည်။ - သတိပေးချက် - VeraCrypt စနစ် တစ်ခုလုံးသုံး အထူးကီး တစ်ခု (သို့) ထိုထက်ပို၍ အလုပ်လုပ်မည် မဟုတ်ပါ။\n\nအခြား အပ္ပလီကေးရှင်းများနှင့် OS စနစ်တို့သည် VeraCrypt ကဲ့သို့ ဖြတ်လမ်း(များ) တမျိုးတည်းကို မသုံးစွဲရန် သတိပြုပါ။ - ဆက်သွယ်​ရေး ဖိုင် ဖန်တီးမှုကို တားမြစ်ထားသည်။\n\n၀င်းဒိုး ပြဿနာကြောင့်၊ ကွန်ပျူတာစနစ် မဟုတ်သော (ကွန်ပျူတာ စိတ်ကြိုက် volumes) VeraCrypt volumes များထဲ၌ ဆက်သွယ်ရေး ဖိုင်များကို မ​ရှာနိုင်ပါ။ VeraCrypt သည် ဆက်သွယ်ရေး ဖိုင်များကို စာဝှက်ထားသော ကွန်ပျူတာစနစ် အခန်းကန့်/drive ၌သာ ပံ့ပိုးထားသည်။ - ချို့ယွင်းချက် (သို့) မညီမျှမှု တစ်ခုသည် VeraCrypt က hibernation ဖိုင်ကို စာဝှက်၍ မရအောင် တားမြစ်နေသည်။ ထို့ကြောင့်၊ hibernation လုပ်ခြင်းကို တားမြစ်ထားသည်။\n\nမှတ်ချက် - ကွန်ပျူတာ တစ်လုံး hibernate လုပ်သည့်အခါ (သို့မဟုတ် ဓါတ်အား ​​​​​​​​​​ချွေတာရေးစနစ်၌ ထားသည့်အခါ)၊ ၄င်း၏ ကွန်ပျူတာစနစ် မှတ်ဉာဏ်ထဲမှ အကြောင်းအရာကို ကွန်ပျူတာစနစ် drive ၌ တည်ရှိသော hibernation သိုလှောင်ရေး ဖိုင်ထဲသို့ ရေးသားထားသည်။ VeraCrypt သည် RAM ထဲ၌ ဖွင့်ထားသော စာဝှက်စနစ် ကီးများနှင့် အ​ထိခိုက်မခံသော ဖိုင်များကို hibernation သိုလှောင်ရေး ဖိုင်ထဲ၌ စာဝှက်မထားပဲ သိမ်းဆည်းထားမည် မဟုတ်ပါ။ - Hibernation ပြုလုပ်ခြင်းကို တားမြစ်ထားသည်။\n\nVeraCrypt သည် အပို boot အခန်းကန့် တစ်ခု ပါရှိသော လျှို့ဝှက် OS စနစ်၌ hibernation ကို ထောက်ပံ့မပေးပါ။ ၄င်း boot အခန်းကန့်သည် မျက်လှည့် စနစ်နှင့် လျှို့ဝှက် စနစ်တို့က ဝေမျှထားသည်ကို သတိပြုပါ။ ထို့ကြောင့်၊ hibernation ပြုလုပ်ရာမှ ပြန်ဖွင့်သည့်အခါ ဒေတာ ယိုဖိတ်မှုများနှင့် ပြဿနာများကို ကာကွယ်နိုင်ရန်၊ VeraCrypt သည် လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို ဝေမျှသော boot အခန်းကန့်ထဲ ရေးသားခြင်း မပြုနိုင်ရန်နှင့် hibernating မလုပ်နိုင်ရန် တားဆီးပေးမည် ဖြစ်သည်။ - %c အဖြစ် အစပျိုးထားသော VeraCrypt volume ကို အဆုံးသတ်ထားသည်။ - VeraCrypt volumes များကို အဆုံးသတ်ထားသည်။ - VeraCrypt volumes များကို အဆုံးသတ်ထားပြီး စကားဝှက် ကေ့ချ်ကို ရှင်းလင်းထားသည်။ - အောင်မြင်စွာ အဆုံးသတ်ထားသည် - သတိပေးချက် - အကယ်၍ VeraCrypt နောက်ခံ လုပ်ဆောင်မှုကို ပိတ်ထားပါက၊ အောက်ပါ လုပ်ဆောင်ချက်များကို ပိတ်ထားမည် ဖြစ်သည် -\n\n၁) အထူးကီးများ\n၂) အလိုလို-အဆုံးသတ်ရန် (ဥပမာ - ခေတ္တ ပိတ်ထားခြင်း၊ လွတ်နေသော host device ဖယ်ရှားခြင်း၊ အချိန်ကုန်သွားခြင်း၊ စသဖြင့်။)\n၃) စိတ်ကြိုက် volumes များကို အလိုလို-အစပျိုးခြင်း၄) သတိပေးချက်များ (ဥပမာ - လျှို့ဝှက် volume ဖျက်ဆီးမှုကို တားမြစ်သည့်အခါ)\n၅) အမှိုက်ပုံး အိုင်ကွန်ပုံ\nမှတ်ချက် - VeraCrypt ၏ အမှိုက်ပုံး အိုင်ကွန်ပုံကို ညာဖက် နှိပ်ခြင်းဖြင့်၊ 'ထွက်ရန်' ကို ရွေးခြင်းဖြင့် နောက်ခံ လုပ်ဆောင်ချက်ကို အချိန်မရွေး ပိတ်နိုင်သည်။\n\nVeraCrypt ၏ နောက်ခံ လုပ်ဆောင်ချက်ကို အမြဲတမ်း ပိတ်ရန် သေချာသလား? - သတိပေးချက် - အကယ်၍ ဤရွေးစရာကို ပိတ်ထားပါက၊ ဖွင့်ထားသော ဖိုင်များ/ဖိုင်တွဲများ ပါရှိသော volumes များကို အလိုလို-အဆုံးသတ်နိုင်မည် မဟုတ်ပါ။\n\nဤရွေးစရာကို သင် ပိတ်ထားရန် အလိုရှိသလား? - သတိပေးချက် - ဖွင့်ထားသော ဖိုင်များ/ဖိုင်တွဲများ ပါရှိသော volumes များကို အလိုလို-အဆုံးသတ်နိုင်မည် မဟုတ်ပါ။\n\nဤအချက်ကို တားမြစ်ရန်၊ ​အောက်ပါ ရွေးစရာကို အညွှန်း ၀င်းဒိုးထဲ၌ ဖွင့်ထားပါ - အကယ်၍ 'volume ၌ ဖွင့်ထားသော ဖိုင်များ/ဖိုင်တွဲများ ရှိနေလျှင်ပင် အတင်းအကျပ် အလိုလို-အဆုံးသက်ပါ' - သတိပေးချက် - ဘက်ထရီ အားနည်းလာသည့်အခါ၊ ကွန်ပျူတာသည် ဓါတ်အား ​ချွေတာရေး စနစ်ထဲ ၀င်လာသည့်နှင့် အလုပ်လုပ်နေသော အပ္ပလီကေးရှင်းများထံ သင့်လျှော်သော စာတမ်းများ ပေးပို့မှု ရပ်ဆိုင်းမည် ဖြစ်သည်။ ထို့ကြောင့်၊ ယင်းကဲ့သို့ အခြေအနေများတွင် VeraCrypt သည် volumes များကို အလိုလို-အဆုံးသတ်နိုင်မည် မဟုတ်ပါ။ - သင်သည် အခန်းကန့်/volume တစ်ခုခု စာဝှက်နေမှု လုပ်ငန်းစဉ်အတွက် အချိန်သတ်မှတ်ထားပြီး။ ၄င်းလုပ်ငန်းစဉ်သည် မပြီးဆုံးသေးပါ။\n\nလုပ်ငန်းစဉ်ကို ယခု ပြန်စတင်ရန် အလိုရှိသလား? - သင်သည် အခန်းကန့်/volume တစ်ခုခု စာဝှက်နေမှု (သို့) စာဝှက်ဖြည်မှု လုပ်ငန်းစဉ်အတွက် အချိန်သတ်မှတ်ထားပြီး။ ၄င်းလုပ်ငန်းစဉ်သည် မပြီးဆုံးသေးပါ။\n\nလုပ်ငန်းစဉ်ကို ယခု ပြန်စတင်ရန် အလိုရှိသလား? - လက်ရှိ အချိန်သတ်မှတ်ထားသော ကွန်ပျူတာစနစ် မဟုတ်သည့် အခန်းကန့်များ/volumes များ စာဝှက်သည့် လုပ်ငန်းစဉ်များကို ပြန်စတင်ရန် အချက်ပေး စေလိုသလား? - ဟုတ်ကဲ့၊ ဆက်ပြီး သတိပေးပါ - မဟုတ်ပါ၊ သတိမပေးပါနှင့် - အရေးကြီးချက် - ပင်မ VeraCrypt ၀င်းဒိုးရှိ မီနူးဘားမှ 'Volumes များ' > 'ပိတ်ပင်ထာသည့် လုပ်ငန်းစဉ် ပြန်စရန်' ကို ရွေးခြင်းဖြင့် ကွန်ပျူတာစနစ် မဟုတ်သော အခန်းကန့်/volume စာဝှက်သည့် စနစ်ကို ပြန်စတင်နိုင်သည်ကို သတိပြုပါ။ - သင်သည် ကွန်ပျူတာစနစ် အခန်းကန့်/drive စာဝှက်ခြင်း (သို့) စာဝှက်ဖြည်ခြင်း လုပ်ငန်းစဉ်အတွက် အချိန် သတ်မှတ်ထားသည်။ သို့ရာတွင်၊ စက်မတက်မီ အတည်ပြုချက် အလုပ်မလုပ်ပါ (သို့မဟုတ် လမ်းလွှဲခံရသည်)\n\nမှတ်ချက် - အကယ်၍ သင်သည် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စက်မတက်မီ အခြေအနေ၌ စာဝှက်ဖြည်ခဲ့လျှင်၊ ပင်မ VeraCrypt ၀င်းဒိုးမှ မီနူးဘာရှိ 'ကွန်ပျူတာစနစ်' > 'ကွန်ပျူတာစနစ် အခန်းကန့်/Drive ကို အမြဲတမ်း စာဝှက်ဖြည်ရန်' ကို ရွေးခြင်းဖြင့် လုပ်ငန်းစဉ်ကို အပြီးသတ်နိုင်သည်။ - သတိပေးချက် - အကယ်၍ VeraCrypt ကို ယခု ​ထွက်လိုက်လျှင်၊ နောက်ပါ လုပ်ဆောင်ချက်များကို ပိတ်မည် ဖြစ်သည် -\n\n၁) အထူး ကီးများ\n၂) အလိုလို-အဆုံးသတ်ရန် (ဥပမာ - ခေတ္တ ပိတ်ထားခြင်း၊ လွတ်နေသော host device ဖယ်ရှားခြင်း၊ အချိန်ကုန်ခြင်း၊ အစရှိသဖြင့်...)\n၃) စိတ်ကြိုက် volumes များကို အလိုလို-အစပျိုးခြင်း\n၄) သတိပေးချက်များ (ဥပမာ အားဖြင့် - လျှို့ဝှက် volume ပျက်စီးမှုကို တားမြစ်ရန်)\n \nမှတ်ချက် - အကယ်၍ ​VeraCrypt ကို နောက်ခံ၌ အလုပ်မလုပ်စေလိုပါက၊ ဦးစားပေးချက်များ ၌ရှိ VeraCrypt နောက်ခံ လုပ်ဆောင်ချက်ကို ပိတ်ပါ (လိုအပ်ပါက၊ VeraCrypt အလိုအလျောက် စတင်မှုကို ဦးစားပေးချက်များမှ ပိတ်နိုင်သည်)။\n\n VeraCrypt ကို ထွက်ရန် သေချာသလား? - ထွက်မည်လား? - VeraCrypt ၌ စာဝှက်ခြင်း (သို့) စာဝှက်ဖြည်ခြင်း ပြုလုပ်ရန် ဆုံးဖြတ်ရမည့် အချက်အလက် အလုံ​အလောက် မရှိပါ။ - VeraCrypt ၌ စာဝှက်ခြင်း (သို့) စာဝှက်ဖြည်ခြင်း ပြုလုပ်ရန် ဆုံးဖြတ်ရမည့် အချက်အလက် အလုံ​အလောက် မရှိပါ။\n\nမှတ်ချက် - အကယ်၍ သင်သည် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စက်မတင်မီ အခြေအနေ၌ စာဝှက်ခဲ့လျှင်၊ လုပ်ငန်းစဉ်ကို စာဝှက်ဖြည်ရန် ကို နှိပ်ခြင်းဖြင့် အပြီးသတ်ရန် လိုအပ်သည်။ - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - အခန်းကန့်/volume စာဝှက်ခြင်း လုပ်ငန်းစဉ်ကို ဟန့်တားလိုသလား/ရပ်တန့်လိုသလား?\n\nမှတ်ချက် - Volume ကို အပြည့်အ၀ စာဝှက် မပြီးမချင်း အစပျိုး၍ မရပါ။ စာဝှက်ခြင်း လုပ်ငန်းစဉ်ကို ပြန်စရမည်ဖြစ်ပြီး ၄င်းကို ရပ်တန့်ထားသည့် နေရာမှ ပြန်ဆက်ရမည် ဖြစ်သည်။ ဤသို့ ပြုလုပ်ရန်၊ ဥပမာ အားဖြင့်၊ ပင်မ VeraCrypt ၀င်းဒိုးရှိ မီနူးဘားမှ 'Volumes များ' > 'ဟန့်တားသည့် လုပ်ငန်းစဉ် ပြန်စရန်' ကို ရွေးချယ်ခြင်းဖြစ် လုပ်ဆောင်နိုင်သည်။ - အခန်းကန့်/volume စာဝှက်ခြင်း လုပ်ငန်းစဉ်ကို ဟန့်တားလိုသလား/ရပ်တန့်လိုသလား?\n\nမှတ်ချက် - လုပ်ငန်းစဉ်ကို သင် ပြန်စနိုင်မည် ဖြစ်ပြီး ၄င်းရပ်တန့်ထားသည့် နေရာမှ ပြန်ဆက်ရမည် ဖြစ်သည်။ ဤသို့ ပြုလုပ်ရန်၊ ဥပမာ အားဖြင့်၊ ပင်မ VeraCrypt ၀င်းဒိုးရှိ မီနူးဘားမှ 'Volumes များ' > 'ဟန့်တားသည့် လုပ်ငန်းစဉ် ပြန်စရန်' ကို ရွေးချယ်ခြင်းဖြစ် လုပ်ဆောင်နိုင်သည်။ အကယ်၍ သင်သည် စာဝှက်ခြင်း လုပ်ငန်းစဉ်ကို အမြဲတမ်း အဆုံးသတ်လိုပါက (သို့) နောက်ကြောင်း ပြန်လှည့်လိုပါက၊ 'ကွန်ပျူတာ စနစ်' > 'ကွန်ပျူတာစနစ် အခန်းကန့်/Drive အမြဲတမ်း စာဝှက်​ဖြည်ရန်' ကို ရွေးပါ။ - အခန်းကန့်/volume စာဝှက်ဖြည်ခြင်း လုပ်ငန်းစဉ်ကို ဟန့်တားလိုသလား/ရပ်တန့်လိုသလား?\n\nမှတ်ချက် - လုပ်ငန်းစဉ်ကို သင် ပြန်စနိုင်မည် ဖြစ်ပြီး ၄င်းရပ်တန့်ထားသည့် နေရာမှ ပြန်ဆက်ရမည် ဖြစ်သည်။ ဤသို့ ပြုလုပ်ရန်၊ ဥပမာ အားဖြင့်၊ ပင်မ VeraCrypt ၀င်းဒိုးရှိ မီနူးဘားမှ 'Volumes များ' > 'ဟန့်တားသည့် လုပ်ငန်းစဉ် ပြန်စရန်' ကို ရွေးချယ်ခြင်းဖြစ် လုပ်ဆောင်နိုင်သည်။ အကယ်၍ သင်သည် စာဝှက်ဖြည်ခြင်း လုပ်ငန်းစဉ်ကို နောက်ကြောင်း ပြန်လှည့် (ပြီး စတင် စာဝှက်) လိုပါက၊ 'ကွန်ပျူတာ စနစ်' > 'ကွန်ပျူတာစနစ် အခန်းကန့်/Drive စာဝှက်​ရန်' ကို ရွေးပါ။ - ချို့ယွင်းချက် - ကွန်ပျူတာစနစ်/drive စာဝှက်ခြင်း/စာဝှက်ဖြည်ခြင်း လုပ်ငန်းစဉ်ကို ဟန့်တားရန် မအောင်မြင်ပါ။ - ချို့ယွင်းချက် - ရှင်းလင်းသည့် လုပ်ငန်းစဉ်ကို ဟန့်တားရန် မအောင်မြင်ပါ။ - ချို့ယွင်းချက် - ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ခြင်း/စာဝှက်ဖြည်ခြင်း လုပ်ငန်းစဉ် ပြန်စရန် မအောင်မြင်ပါ။ - ချို့ယွင်းချက် - ရှင်းလင်းသည့် လုပ်ငန်းစဉ် စတင်ရန်မအောင်မြင်ပါ။ - မကိုက်ညီသော ဖြေရှင်းချက်။\n\n\n(ဤအကြောင်းနှင့် ပါတ်သက်၍ ပရိုဂရမ် အမှား တစ်ခုကို သတင်းပို့မည် ဆိုလျှင်၊ ပရိုဂရမ် အမှား သတင်းပေးပို့ချက်၌ အောက်ပါ နည်းပညာဆိုင်ရာ အချက်အလက်များကို ထည့်သွင်းပါ -\n%hs) - ချို့ယွင်းချက် - မျော်လင့်မထားသော အ​ခြေအနေ။\n\n\n(ဤအကြောင်းနှင့် ပါတ်သက်၍ ပရိုဂရမ် အမှား တစ်ခုကို သတင်းပို့မည် ဆိုလျှင်၊ ပရိုဂရမ် အမှား သတင်းပေးပို့ချက်၌ အောက်ပါ နည်းပညာဆိုင်ရာ အချက်အလက်များကို ထည့်သွင်းပါ -\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - သတိပေးချက် - VeraCrypt နောက်ခံ လုပ်ဆောင်ချက်ကို ပိတ်ထားသည်။ VeraCrypt မှ ထွက်ပြီးပါက၊ လျှို့ဝှက် volume ထဲမှ ပျက်စီးမှုကို တားဆီးထားလျှင် သင့်ကို အချက်ပေးမည် မဟုတ်ပါ။\n\nမှတ်ချက် - VeraCrypt အမှိုက်ပုံး အိုင်ကွန်ကို ညာဖက် နှိပ်၊ 'ထွက်ရန်' ကို ရွေးပြီး နောက်ခံ လုပ်ဆောင်ချက်ကို သင် အချိန်မရွေး ပိတ်နိုင်သည်။\n\nVeraCrypt နောက်ခံ လုပ်ဆောင်ချက်ကို ဖွင့်လိုသလား? - ဘာသာစကား အထုပ် ဗားရှင်း - %s - %s အနေဖြင့် အစပျိုးထားသော VeraCrypt volume မှ ဖိုင်စနစ်ကို စစ်ဆေးနေသည်... - %s အနေဖြင့် အစပျိုးထားသော VeraCrypt volume မှ ဖိုင်စနစ်ကို ပြုပြင်ရန် ကြိုးစားနေသည်... - သတိပေးချက် - ဤ volume ကို တရား၀င် စာဝှက်စနစ် အယ်လဂိုရီသမ်ဖြင့် စာဝှက်ထားသည်။\n\n 64-bit-block စာဝှက်စနစ် အယ်လဂိုရီသမ်များ (e.g., Blowfish, CAST-128, or Triple DES) အာလုံးကို ကန့်ကွက်ထားသည်။ ဤ volume ကို နောက်ထွက်မည့် VeraCrypt ဗားရှင်းများဖြင့် အစပျိုးနိုင်မည် ဖြစ်သည်။ သို့သော် ယင်း legacy စာဝှက်စနစ် အယ်လဂိုရီသမ်များ သုံးစွဲမှုအတွက် နောက်ထပ် တိုးမြှင့်ချက်များ ရှိမည် မဟုတ်ပါ။ VeraCrypt volume အသစ်ကို 128-bit-block စာဝှက်စနစ် အယ်လဂိုရီသမ် (ဥပမာ - AES, Serpent, Twofish စသဖြင့်) ဖြင့် ဖန်တီးပြီး ဤ volume မှ ဖိုင်အားလုံးကို volume အသစ်သို့ ပြောင်းရွှေ့ရန် အကြံပြုလိုသည်။ - သင့်ကွန်ပျူတာစနစ်သည် အလိုလို-အစပျိုး volume အသစ်များအတွက် ပြုပြင်ဖန်တီးထားခြင်း မရှိပါ။ Device-အခြေခံ VeraCrypt volumes များကို အစပျိုးရန် မဖြစ်နိုင်ပါ။ အောက်ပါ ညွှန်ကြားချက်ကို လုပ်ဆောင်ပြိး ကွန်ပျူတာစနစ်ကို ပြန်ဖွင့်ခြင်းဖြင့် အလိုလို-အစပျိုးခြင်းကို ဖွင့်ထားနိုင်သည်။\n\nmountvol.exe /E - ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions') ကို ဆက်လက် မလုပ်​ဆောင်မီ အခန်းကန့်/device အတွက် drive အက္ခရာ တစ်ခု သတ်မှတ်ပါ။\n\n၄င်းသည် OS စနစ်၏ တောင်းဆိုချက် တစ်ခု ဖြစ်သည်။ - VeraCrypt volume ကို အစပျိုးရန် - VeraCrypt volume အားလုံးကို အဆုံးသတ်ရန် - VeraCrypt သည် စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်များ မရရှိနိုင်ပါ။ - OS စနစ်ထဲ ၀င်ရောက်မှု ငြင်းပယ်ခံရသည်။\n\n ဖြစ်နိုင်ချ အကြောင်းရင်း - OS စနစ်သည် အချို့ ဖိုင်တွဲများ၊ ဖိုင်များနှင့် devices ကို သင် ရေးသားနိုင်/ဖတ်ရှုနိုင်ရန်အတွက် အရေး/အဖတ် ခွင့်ပြုချက် (သို့မဟုတ် စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်များ) ကို တောင်းဆိုထားသည်။ ပုံမှန်အားဖြင့်၊ စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်များ မရထားသော သုံးစွဲသူကို ၄င်း၏Documents ဖိုင်တွဲကို ဖန်တီးခွင့်၊ ဖတ်ရှုခွင့်၊ ပြုပြင်ခွင့် မရှိပါ။ - ချို့ယွင်းချက် - ဤ drive သည် ထောက်ပံ့မထာသော sector အရွယ်အစားကို သုံးစွဲထားသည်။\n\n လောလောဆယ်၌ 4096 bytes ထက် များသော sectors များကို သုံးစွဲသော drives ပေါ်၌ အခန်းကန့်/device-အခြေခံ volumes များကို ဖန်တီး၍ မရပါ။ သို့သော်၊ ယင်းကဲ့သို့ drives များတွင် ဖိုင်-အခြေခံ volumes (သိမ်းဆည်းခန်းများ) ကို သင် ဖန်တီးနိုင်သည်။ - လောလောဆယ်၌ sector အ​ရွယ်အစား 512 bytes ထက် သုံးစွဲထားသော disk တစ်ခု၌ ကွန်ပျူတာစနစ် တစ်ခုကို စာဝှက်ရန် မဖြစ်နိုင်ပါ။ - VeraCrypt Boot Loader သည် ကွန်ပျူတာစနစ် drive အစပိုင်း (VeraCrypt Boot Loader ကို ၄င်းနေရာ၌ သိမ်းဆည်းရန် လိုအပ်သည်) ၌ နေရာလွတ် အနည်းဆုံး 32 KBytes လိုအပ်သည်။ သို့သော်၊ ဤအနေအထားကို သင့် drive က မပြည့်မီနိုင်ပါ။\n\n ၄င်းကို VeraCrypt ထံ ပရိုဂရမ်အမှား/ပြဿနာ အဖြစ် သတင်းမပို့ပါနှင့်။ ဤပြဿနာကို ဖြေရှင်းရန်၊ သင် disk ကို အခန်း ပြန်ခွဲပြီး နေရာလွတ်၏ ပထမ 32 KBytes ကို ချန်ထားရန် လိုအပ်လာမည် ဖြစ်သည် (များသောအားဖြင့်၊ ပထမ အပိုင်းကို သင် ပယ်ဖျက်ပြီး ပြန်ဖန်တီးရန် လိုအပ်သည်)။ Windows ကို စက်ထဲ ထည့်သွင်းသည့်အခါ ရရှိနိုင်သော Microsoft partition manager ကို အသုံးပြုရန် ကျွန်ုပ်တို့ အကြံပြုလိုသည်။ - သင် ယခု သုံးစွဲနေသော OS ဗားရှင်း၌ ဤအင်္ဂါရပ်ကို ထောက်ပံ့မထားပါ။ - သင် လောလောဆယ် သုံးစွဲနေသော OS ဗားရှင်းပေါ်၌ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ခြင်း ထောက်ပံ့မထားပါ။ - Windows Vista ရှိ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို သင် စာဝှက်ခြင်း မပြုမီ၊ Windows Vista အတွက် Service Pack 1 နှင့် အထက် (ယင်းကဲ့သို့ Service Pack မျိုးကို ဤကွန်ပျူတာစနစ်ထဲ မထည့်သွင်းသေးပါ) ကို သင် ထည့်သွင်းရန် လိုအပ်သည်။\n\nမှတ်ချက် - Windows Vista ၏ Service Pack 1 သည် ကွန်ပျူတာစနစ် boot လုပ်နေစဉ် မှတ်ဉာဏ် အလွတ် လျှော့နည်းမှုကို ဖြစ်ပေါ်စေသော ပြဿနာ တစ်ရပ်ကို ဖြေရှင်းပေးသည်။ - VeraCrypt သည် Service Pack ထည့်သွင်းမထားသော Windows Vista ၌ ကွန်ပျူတာစနစ် အခန်းကန့်/drive စာဝှက်ခြင်းကို ထောက်ပံ့ခြင်း မပြုတော့ပါ။ VeraCrypt ကို အဆင့်မြှင့်တင်ခြင်း မပြုမီ Windows Vista ၏ Service Pack 1 နှင့်အထက်ကို ထည့်သွင်းပါ။ - ချို့ယွင်းချက် - ဤအင်္ဂါရပ်သည် ကွန်ပျူတာစနစ်ထဲ၌ VeraCrypt ကို ထည့်သွင်းရန် တောင်းဆိုထားသည် (သင်သည် VeraCrypt အိတ်ဆောင်စနစ်ကို သုံးစွဲနေသည်)။\n\n VeraCrypt ကို စက်ထဲ ထည့်သွင်းပြီး ထပ်ကြိုးစားပါ။ - သတိပေးချက် - Windows သည် ၄င်းကို boot ထားသည့် နေရာရှိ drive ၌ ထည့်သွင်းထားပုံ မပေါ်ပါ။ ၄င်းကို ထောက်ပံ့မထားပါ။\n\n Windows ကို ၄င်း boot တက်လာသည့် drive ၌ ထည့်သွင်းထားကြောင်း သေချာပါက သင် ဆက်လက် လုပ်ဆောင်နိုင်သည်။\n\nဆက်လုပ်မည်လား? - သင့် ကွန်ပျူတာစနစ်၌ GUID partition table (GPT) တစ်ခု ရှိသည်။ ​​​လောလောဆယ်၌၊ MBR partition table ပါသော drives များကိုသာ ထောက်ပံ့ထားသည်။ - သတိပြုရန် - VeraCrypt Boot Loader ကို သင့် ကွန်ပျူတာစနစ် drive ထဲ၌ ထည့်သွင်းထားပြီး ဖြစ်သည်!\n\n သင့်ကွန်ပျူတာရှိ အခြား လည်ပတ်မှုစနစ်ကို စာဝှက်ထား၍ ဖြစ်မည်။\n\nသတိပေးချက် - လောလောဆယ် သုံးစွဲနေသော ကွန်ပျူတာစနစ်ကို ဆက်လက် စာဝှက်ခြင်းဖြင့် အခြား ကွန်ပျူတာစနစ်(များ)ကို ဖွင့်နိုင်မည်မဟုတ်သကဲ့သို့ သက်ဆိုင်ရာ ဒေတာများကို ရယူနိုင်မည် မဟုတ်ပါ။\n\n ဆက်လုပ်မည်လား? - မူရင်း system loader ကို နဂိုနေရာ ပြန်ထား၍ မရပါ။\n\n VeraCrypt Boot Loade ကို Windows system loader ဖြင့် အစားထိုးရန် VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') သို့မဟုတ် Windows အခွေကို အသုံးပြုပါ။ - မူရင်း system loader ကို Rescue Disk (ဖြစ်နိုင်ချေ အကြောင်းရင် - အရန်သင့် သိမ်းဆည်းဖိုင် ပျောက်ဆုံးခြင်း) ၌ သိမ်းဆည်းမည် မဟုတ်ပါ။ - MBR sector ကို ရေးသာ၍ မရပါ။\n\n သင့် BIOS သည် MBR sector ကို ကာကွယ်ရန် ပြုပြင်ထားပုံပေါ်သည်။ MBR/ဗိုင်းရပ်စ်သတ် ဆော့ဗ်ဝဲ အကာအကွယ်အတွက် သင့် BIOS ချိန်ညှိချက်များကို စစ်ဆေးပါ (စက်ဖွင့်နေစဉ် F2, Delete, သို့မဟုတ် Esc တစ်ခုခုကို နှိပ်ပါ)။ - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - လိုအပ်သော VeraCrypt Boot Loader ဗားရှင်းကို လောလောဆယ် ထည့်သွင်းမထားပါ။ ဤအချက်ကြောင့် အခြား ချိန်ညှိချက်များ သိမ်းဆည်း၍ မရခြင်း ဖြစ်နိုင်သည်။ - မှတ်ချက် - တစ်ခါတစ်ရံ၊ သင့်ကို စောင့်ကြည့်နေသော ပုဂ္ဂိုလ် တစ်စုံတစ်ယောက်သည် သင် VeraCrypt သုံးစွဲနေသည်ကို မသိစေလိုသည့် အခြေအနေမျိုး ရှိလာနိုင်သည်။ အထက်ပါ ရွေးစရာ၌ VeraCrypt boot loader မျက်နှာပြင်ကို စိတ်ကြိုက်ဖန်တီးခြင်းဖြင့် ပြုလုပ်နိုင်သည်။ ပထမ ရွေးစရာကို သင် ဖွင့်ထားပါက၊ boot loader ၌ (စကားဝှက် အမှား ရေးထည့်သည်အခါ၌ပင်) မည်သည့် စာတမ်းမျှ ပေါ်လာမည် မဟုတ်ပါ။ သင့် စကားဝှက်ကို ရေးထည့်နေစဉ် ကွန်ပြူတာသည် "ရပ်တန့်နေ"သယောင် မြင်တွေ့ရမည် ဖြစ်သည်။ သည့်အပြင်၊ ရန်သူကို လမ်းကြောင်းလွှဲစေရန် စိတ်ကြိုက် ရေးထားသော စာတမ်း ပေါ်လာမည် ဖြစ်သည်။ဥပမာ အားဖြင့် - "Missing operating system" (၄င်းသည် Windows boot loader က Windows boot partition ကို မတွေ့သည့်အခါ ပုံမှန် ပြသနေသော စာတမ်းဖြစ်သည်။ သို့သော်၊ အကယ်၍ ရန်သူသည် hard drive ၌ ပါရှိသော အကြောင်းအရာကို စစ်ဆေးလာပါက၊ VeraCrypt boot loader ပါရှိနေသည်ကို သိရှိနိုင်ပါသည်။ - သတိပေးချက် - ဤရွေးစရာကို ဖွင့်ထားပါက၊ VeraCrypt boot loader သည် မည်သည့် စာတမ်း (စကားဝှက် အမှား ရေးထည့်လျှင်လည်း) ကိုမျှ ပြမည် မဟုတ်သည်ကို သတိပြုပါ။ စကားဝှက်ကို သင် ရေးထည့်ချိန်၌ ကွန်ပြူတာသည် "ရပ်တန့်"နေသကဲ့သို့ (တုံ့ပြန်မှုမရှိပဲ​) မြင်တွေ့ရမည် (cursor ရွှေ့လျားမည် မဟုတ်သကဲ့သို့ ကီးတစ်ခုခုကို နှိပ်သည့်အခါ ကြယ်ပွင့် တစ်ခုမျှ မြင်ရမည် မဟုတ်ပါ)။\n\n ဤရွေးစရာကို ဖွင့်ရန် သင် တကယ်အလိုရှိသလား? - သင့် ကွန်ပျူတာစနစ် အခန်းကန့်/drive သည် အပြည့်အ၀ စာဝှက်ထားပုံပေါ်သည်။ - VeraCrypt သည် dynamic disk သို့ အသွင်ပြောင်းထားသော ကွန်ပျူတာစနစ် drive ကို စာဝှက်မပေးနိုင်ပါ။ - ကွန်ပျူတာစနစ် drive ၌ တိုးချဲ့ (ယုတ္တိဆိုင်ရာ) အခန်းကန့်များ ပါရှိသည်။\n\n သင်သည် တိုးချဲ့ (ယုတ္တိဆိုင်ရာ) အခန်းကန့်များ ပါရှိသော ကွန်ပျူတာစနစ် တစ်ခုလုံးကို Windows Vista နှင့် နောက်ထွက် ဗားရှင်းများ၌သာ စာဝှက်နိုင်သည်။ Primary အခန်းကန့်များသာ ပါရှိသော Windows XP ၌၊ ကွန်ပျူတာစနစ် drive တစ်ခုလုံးကို သင် စာဝှက်နိုင်သည်။\n\n မှတ်ချက် - သင်သည် ကွန်ပျူတာစနစ် drive တစ်ခုလုံး အစား ကွန်ပျူတာစနစ် အခန်းကန့်ကို စာဝှက်ပေးနိုင်သည် (ထို့အပြင်၊ drive​ ထဲရှိ ကွန်ပျူတာစနစ် မဟုတ်သော အခန်းကန့်များထဲ၌ အခန်းကန့်-အခြေခံ-VeraCrypt volumes များကို သင် ဖန်တီးနိုင်သည်)။ - သတိပေးချက် - Window XP/2003 ကို အသုံးပြုသည့်အခါ၊ drive ကို စတင် စာဝှက်ပြီးသောအခါ၊ ၄င်းအထဲ၌ တိုးချဲ့ (ယုတ္တိဆိုင်ရာ) အခန်းကန့်များ မဖန်တီးရပေ (primary အခန်းကန့်များကိုသာ ဖန်တီးရမည် ဖြစ်သည်)။ Drive ပေါ်ရှိ တိုးချဲ့ (ယုတ္တိဆိုင်ရာ) အခန်းကန့်များကို စတင် စာဝှက်သည့်အခါ ၄င်းတို့ကို ဖွင့်၍ ရမည် မဟုတ်ပါ (လက်ရှိ drive ၌ ယင်းကဲ့သို့ အခန်းကန့် မရှိ​ပါ)။\n\nမှတ်ချက် - အကယ်၍ ဤကန့်သတ်ချက်ကို လက်မခံနိုင်ပါက၊ နောက်ပြန်သွားပြီး drive တစ်ခုလုံး အစား ကွန်ပျူတာစနစ် အခန်းကန့်ကိုသာ စာဝှက်ရန် သင် ရွေးချယ်နိုင်သည် (ထို့အပြင်၊ drive ပေါ်မှ ကွန်ပျူတာစနစ်မဟုတ်သော အခန်းကန့်များအထဲ၌ အခန်းကန့်-အခြေခံ VeraCrypt volumes များကို သင် ဖန်တီးနိုင်သည်)။\n\n တနည်းအားဖြင့်၊ အကယ်၍ ဤကန့်သတ်ချက်ကို လက်မခံနိုင်ပါက၊ Windows Vista နှင့် နောက်ထွက် Windows ဗားရှင်းများသို့ အဆင့်မြှင့်ရန် စဉ်းစားပါ (Windows Vista နှင့် နောက်ထွက် ဗားရှင်းများ၌သာ တိုးချဲ့/ယုတ္တိဆိုင်ရာ အခန်းကန့်များ ပါ၀င်သော ကွန်ပျူတာစနစ် drive တစ်ခုလုံးကို သင် စာဝှက်နိုင်သည်)။ - သင့် ကွန်ပျူတာစနစ် drive ထဲ၌ standard မဟုတ်သော အခန်းကန့် တစ်ခု ပါရှိသည်။\n\n အကယ်၍ သင်သည် notebook ကို သုံးစွဲနေပါက၊ သင့်ကွန်ပျူတာစနစ် drive ထဲ၌ အထူး ဆယ်တင်ရေး အခန်းကန့် တစ်ခု ပါရှိမည် ဖြစ်သည်။ ကွန်ပျူတာစနစ် drive တစ်ခုလုံးကို (ဆယ်တင်ရေး အခန်းကန့် အပါအ၀င်) စာဝှက်ပြီးနောက်၊ အကယ်၍ သင့် ကွန်ပျူတာစနစ်သည် စနစ်တကျ ပုံစံထုတ် ရေးသားခြင်း မပြုသော BIOS တစ်ခုကို အသုံးပြုနေပါက ၄င်းကို ဖွင့်၍ ရမည် မဟုတ်ပါ။ ကွန်ပျူတာ drive ကို စာဝှက်ခြင်း မပြီးမချင်း မည်သည် ဆယ်တင်ရေး အခန်းကန့်ကိုမျှ သုံးစွဲနိုင်မည် မဟုတ်ပါ။ ထို့ကြောင့်၊ ကွန်ပျူတာစနစ် အခန်းကန့်ကိုသာ စာဝှက်ရန် ကျွန်တော်တို့ အကြံပြုလိုသည်။ - သင့် ကွန်ပျူတာစနစ် drive ၌ standard မဟုတ်သော အခန်းကန့် တစ်ခု ပါရှိသည်။\n\n အကယ်၍ သင်သည် notebook တစ်လုံး သုံးစွဲနေပါက၊ သင့် ကွန်ပျူတာစနစ် drive ၌ အထူး ဆယ်တင်ရေး အခန်းကန့် တစ်ခု ပါရှိမည် ဖြစ်သည်။ ကွန်ပျူတာစနစ် တစ်ခုလုံးကို (ဆယ်တင်ရေး အခန်းကန့် အပါအ၀င်) စာဝှက်ပြီးပါက၊ အကယ်၍ သင့် ကွန်ပျူတာစနစ်သည် စနစ်တကျ ပုံစံထုတ် ရေးသားခြင်း မပြုသော BIOS တစ်ခုကို အသုံးပြုနေပါက ၄င်းကို ဖွင့်၍ ရမည် မဟုတ်ပါ။ ကွန်ပျူတာစနစ် drive ကို စာဝှက်ဖြည်ခြင်း မပြီးမချင်း မည်သည် ဆယ်တင်ရေး အခန်းကန့်ကိုမျှ သုံးစွဲနိုင်မည် မဟုတ်ပါ။ ထို့ကြောင့်၊ ကွန်ပျူတာစနစ် အခန်းကန့်ကိုသာ စာဝှက်ရန် ကျွန်တော်တို့ အကြံပြုလိုသည်။ - သင့် ကွန်ပျူတာစနစ် drive ၌ drive တစ်ခုလုံးကို နေရာယူထားသော အခန်းကန့် တစ်ခု ရှိနေသည်။ ဖြစ်နိုင်ပါက၊ drive တစ်ခုလုံးကို အခန်းကန့် ပတ်လည်ရှိ နေရာလွတ် အ​ပါအ၀င် စာဝှက်ပါက ပို၍ လုံခြုံစိတ်ချရသည်။\n\n ကွန်ပျူတာစနစ် drive တစ်ခုလုံးကို စာဝှက်လိုသလား? - သင့် ကွန်ပျူတာစနစ်ကို ကွန်ပျူတာစနစ်မဟုတ်သော အခန်းကန့်၌ ယာယီဖိုင်များကို သိမ်းဆည်းရန် ပြုပြင်ထားသည်။\n\nယာယီဖိုင်များကို ကွန်ပျူတာစနစ် အခန်းကန့်၌သာ သိမ်းဆည်းထားသည်။ - သင့် သုံးစွဲသူ ပရိုဖိုင်း ဖိုင်များကို ကွန်ပျူတာစနစ် အခန်းကန့်ထဲ၌ သိမ်းဆည်းမထားပါ။\n\n သုံးစွဲသူ ပရိုဖိုင်း ဖိုင်များကို ကွန်ပျူတာစနစ် အခန်းကန့်၌သာ သိမ်းဆည်းနေနိုင်သည်။ - ကွန်ပျူတာစနစ် မဟုတ်သော အခန်းကန့်များ၌ ဆက်သွယ်ရေး ဖိုင်(များ) ရှိသည်။\n\n ဆက်သွယ်ရေး ဖိုင်များသည် ကွန်ပျူတာစနစ် အခန်းကန့်၌သာ တည်ရှိနိုင်သည်။ - Windows အခန်းကန့်၌သာ ဆက်သွယ်ရေး ဖိုင်များကို ဖန်တီးရန် Windows ကို ယခု ပြုပြင်ဖန်တီးမည်လား? \n\n အကယ်၍ 'ဟုတ်ကဲ့' ကို နှိပ်ပါက၊ ကွန်ပျူတာ ပြန်ဖွင့်လာမည် ဖြစ်သည်။ ထို့နောက် VeraCrypt ကို ဖွင့်ပြီး လျှို့ဝှက် OS ကို ပြန်ဖန်တီးပါ။ - သို့မဟုတ်ပါက၊ လျှို့ဝှက် OS စနစ် ငြင်းပယ်နိုင်မှု​ကို တန်ပြန် ထိခိုက်မှု ရှိနိုင်သည်။\n\n မှတ်ချက် - အကယ်၍ ရန်သူသည် ယင်းကဲ့သို့သော (ကွန်ပျူတာစနစ် မဟုတ်သော အခန်းကန့်၌ ရှိသော) ဖိုင်များကို ​စစ်ဆေးပါက၊ သင်သည် ဤအညွှန်းကို လျှို့ဝှက်-နည်းစနစ်-ဖန်တီးမှု စနစ်၌ သုံးစွဲနေသည်ကို သိရှိသွားနိုင်သည် (ဤနည်းဖြင့် သင့် ကွန်ပျူတာ၌ လျှို့ဝှက် OS စနစ် တစ်ခု ရှိနေကြောင်း ညွှန်ပြနိုင်သည်)။ ယင်းကဲ့သို့ ကွန်ပျူတာစနစ် အခန်းကန့်ထဲ၌ သိမ်းဆည်းထားသော ဖိုင်များကို လျှို့ဝှက် OS စနစ် ​ဖန်တီးနေစဉ် VeraCrypt သည် လုံလုံခြုံခြုံ ပယ်ဖျက်သွားမည် ဖြစ်သည်။ - သတိပေးချက် - လျှို့ဝှက် OS ကို ဖန်တီးနေစဉ်၊ (မျက်လှည့် ကွန်ပျူတာစနစ်ကို ဖန်တီးနိုင်ရန်) လက်ရှိ အသုံးပြုနေသော ကွန်ပျူတာစနစ်ကို အပြည့်အ၀ ပြန်လည် ထည့်သွင်းရန် လိုအပ်မည် ဖြစ်သည်။\n\n မှတ်ချက်- လက်ရှိ အသုံးပြုနေသော OS နှင့် ကွန်ပျူတာစနစ် အခန်းကန့်ပါ အကြောင်းအရာ တစ်ခုလုံးကို (လျှို့ဝှက် ကွန်ပျူတာစနစ် ဖန်တီးနိုင်ရန်) လျှို့ဝှက် volume ထဲ၌ ကော်ပီးကူးရမည် ဖြစ်သည်\n\n\n Windows Setup medium (သို့မဟုတ် ၀န်ဆောင်မှု အခန်းကန့် တစ်ခုကို သုံးပြီး) Windows ကို စက်ထဲ သင် ထည့်သွင်းနိုင်မည်လား? - လုံခြုံရေး အကြောင်းများကြောင့်၊ အကယ်၍ လက်ရှိ OS စနစ်သည် activation ပြုလုပ်ရန် လိုအပ်ပါက၊ ၄င်းကို ရှေ့ဆက်မသွားမီ သက်၀င်စေရမည်။ ကွန်ပျူတာ အခန်းကန့်ထဲမှ အကြောင်းအရာများကို လျှို့ဝှက် volume ထဲသို့ ကော်ပီးကူးခြင်းဖြင့် လျှို့ဝှက် OS ကို ဖန်တီးမည် ဖြစ်သည် (အကယ်၍ OS စနစ်ကို activate လုပ်မထားပါက၊ လျှို့ဝှက် OS သည်လည်း သက်၀င်လာမည် မဟုတ်ပါ)။ အသေးစိတ် အ​ချက်အလက်ကို၊ VeraCrypt သုံးစွဲသူ လမ်းညွှန်ရှိ "လျှို့ဝှက် Volumes နှင့် ပါတ်သက်သော လုံခြုရေး လိုအပ်ချက်များနှင့် ကြိုတင်ကာကွယ်မှုများ" အပိုင်းကို ကြည့်ရှပါ။\n\n အရေးကြီးချက် - ရှေ့ဆက် မသွားမီ၊ VeraCrypt သုံးစွဲသူ လမ်းညွှန်ရှိ "လျှို့ဝှက် Volumes နှင့် ပါတ်သက်သော လုံခြုရေး လိုအပ်ချက်များနှင့် ကြိုတင်ကာကွယ်မှုများ" အပိုင်းကို ဖတ်ရှုပါ။\n\n\nလက်ရှိ သုံးစွဲနေသော OS သည် အထက်မှ အခြေအနေနှင့် ကိုက်ညီမှု ရှိသလား? - သင့် ကွန်ပျူတာစနစ်သည် အပို boot အခန်းကန့် တစ်ခုကို အသုံးပြုနေသည်။ VeraCrypt သည် လျှို့ဝှက် OS စနစ်၌ hibernation ပြုလုပ်ခြင်းကို ထောက်ပံ့မထားပါ (မျက်လှည့် ကွန်ပျူတာစနစ်ကို ပြဿနာမရှိပဲ hibernation လုပ်နိုင်သည်)။\n\nBoot အခန်းကန့်ကို မျက်လှည့် စနစ်နှင့် လျှို့ဝှက် စနစ်တို့က အတူတူ သုံးစွဲကြမည် ဖြစ်သည်။ ထို့ကြောင့်၊ hibernation စနစ်မှ ပြန်ဖွင့်သည့်အခါ ဒေတာ​ အယိုအဖိတ်များနှင့် ပြဿနာများ မရှိအောင်၊ VeraCrypt သည် လျှို့ဝှက် စနစ်ကို မျှ​ဝေထားသော boot ၏ အခန်းကန့်ထဲသို့ ရေးသား၍ မရအောင် တားဆီးပေးသည်။\n\n ဆက်လုပ်မည်လား? အကယ်၍ 'မဟုတ်ဘူး' ကို ရွေးချယ်ပါက၊ အပို boot အခန်းကန့်ကို ဖယ်ရှားရန် လမ်းညွှန်ချက်များ တွေ့ရှိရမည် ဖြစ်သည်။ - \nအပို boot အခန်းကန့်ကို Windows မထည့်သွင်းမီ ဖယ်ရှားနိုင်သည်။ ထိုသို့ ပြုလုပ်ရန်၊ အောက်ပါ အဆင့်များကို လိုက်နာပါ -\n\n၁) Windows အခွေကို ဖွင့်ပါ။\n\n၂) Windows ထည့်သွင်းစနစ် မျက်နှာပြင်၌၊ 'Install now' > 'Custom (advanced)' ကို နှိပ်ပါ။\n\n၃) 'Drive Options' ကို နှိပ်ပါ။\n\n၄) ပင်မ ကွန်ပျူတာစနစ် အခန်းကန့်ကို ရွေးပါ။ ၄င်းကို 'Delete' နှိပ်ပြီး 'OK' နှိပ်ပါ။\n\n၅) 'System Reserved' အခန်းကန့်ကို ရွေးပြီး၊ 'Extend' ကို နှိပ်ပါ။ OS စနစ် ထည့်သွင်းမည့် အခန်းကန့်​ အရွယ်အစားကို တိုးမြှင့်လိုက်ပါ။\n\n၆) 'Apply' နှင့် 'OK' ကို နှိပ်ပါ။\n\n၇) Windows ကို 'System Reserved' အခန်းကန့်၌ ထည့်သွင်းပါ။\n\n\nရန်သူက အပို boot အခန်းကန့်ကို ဖယ်ရှားရသည့် အကြောင်းရင်းကို မေးသည့်အခါ၊ သင့်အနေဖြင့် စာဝှက်မထားသော boot အခန်းကန့်ထဲ၌ ဒေတာ ယိုဖိတ်မှု မရှိစေရန် လုပ်ဆောင်ခြင်း ဖြစ်ကြောင်း ဖြေကြားနိုင်သည်။\n\nမှတ်ချက် - ဤစာတမ်းကို အောက်မှ 'Print' ခလုတ် နှိပ်ပြီး ပရင့်ထုတ်နိုင်သည်။ အကယ်၍ ဤစာတမ်းကို သိမ်းထားသည် ဖြစ်စေ၊ ပရင့်ထုတ်သည့် ဖြစ်စေ (သင့်ပရင်တာသည် ၄င်းပရင့်ထုတ်ထားသော မှတ်တမ်းမှတ်ရာများကို ၄င်း၏ အတွင်း drive ထဲ၌ သိမ်းဆည်းမထားပါက)၊ အပို boot အခန်းကန့် (အကယ်၍ ယင်းကော်ပီကို တွေ့ခဲ့လျှင်၊ ဤကွန်ပျူတာ၌ လျှို့ဝှက် OS စနစ် တစ်ခု ​ရှိနေကြောင်း ညွှန်ပြနေမည် ဖြစ်သည်) ကို ဖယ်ရှားပြီးသည့်အခါ ၄င်းကော်ပီးများကို ဖျက်ဆီးပစ်ရမည် ဖြစ်သည်။ - သတိပေးချက် - ကွန်ပျူတာစနစ် အခန်းကန့်နှင့် ပထမ အခန်းကန့်တို့ အကြား၌ မသတ်မှတ်ရသေးသော နေရာရှိသည်။ လျှို့ဝှက် OS စနစ်ကို ဖန်တီးပြီးသောအခါ၊ ယင်း မသတ်မှတ်ရသေးသော နေရာ၌ အခန်းကန့်အသစ် မဖန်တီးရ။ သို့မဟုတ်ပါက၊ (ယင်းကဲ့သို့ အသစ် ဖန်တီးလိုက်သော အခန်းကန့်များကို မဖျက်မချင်း) လျှို့ဝှက် OS စနစ်ကို ဖွင့်၍ မရ ဖြစ်သွားနိုင်သည်။ - ဤအယ်လဂိုရီသမ်၌ လောလောဆယ် ကွန်ပျူတာစနစ် စာဝှက်ခြင်းအတွက် ထောက်ပံ့မပေးပါ။ - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - ကီးဖိုင်များသည် လောလောဆယ် ကွန်ပျူတာစနစ် စာဝှက်ခြင်းအတွက် ထောက်ပံ့မပေးပါ။​ - သတိပေးချက် - VeraCrypt သည် မူရင်း ​ကီးဘုတ် လေးအောက်ကို နဂိုအတိုင်း ပြန်မထားနိုင်ပါ။ ဤအချက်ကြောင့် စကားဝှက်ကို မှားယွင်းစွာ ရေးထည့်မိနိုင်သည်။ - ချို့ယွင်းချက် - VeraCrypt အတွက် ကီးဘုတ် လေးအောက်ကို standard US ကီးဘုတ် လေးအောက် အဖြစ် သတ်မှတ်၍ မရပါ။\n\n US စနစ် မဟုတ်သော ဝင်းဒိုး ကီးဘုတ် လေးအောက် မရနိုင်သည့် နေရာ၌ စက်မတက်ခင် အခြေအနေ (ကွန်ပျူတာ မတက်မီ) တွင် စကားဝှက်ကို ရေးထည့်ရန် လိုအပ်သည်။ ထို့ကြာင့်၊ စကားဝှက်ကို ဝှက်စာကို standard US ကီးဘုတ် လေးအောက် သုံးပြီး အမြဲတမ်း ရေးထည့်ရမည်။ - VeraCrypt သည် ယာယီအားဖြင့် ကီး​ဘုတ် လေးအောက်ကို standard US ကီးဘုတ် လေးအောက်အဖြစ် ပြောင်းလဲထားသောကြောင့်၊ ညာဖက် Alt ကီးကို နှိပ်ထားစဉ် အက္ခရာများကို ရေးထည့်၍ မရပါ။ သို့သော်၊ အက္ခရာ အများစုကို Shift ကီး နှိပ်ထားရင်း သင့်လျော်သော ကီးများကို ရေးထည့်နိုင်သည်။ - VeraCrypt သည် ကီးဘုတ် လေးအောက်ကို ပြောင်းခွင့် မပေးပါ။ - မှတ်ချက် - US မဟုတ်သော ၀င်းဒိုး ကီး​ဘုတ် လေးအောက် မရနိုင်​သော နေရာတွင် စကားဝှက်ကို စက်မတက်မီ အခြေအနေ (၀င်းဒိုး မတက်မီ) တွင် ရေးထည့်ရမည် ဖြစ်သည်။ ထို့ကြောင့်၊ စကားဝှက်ကို standard US ကီးဘုတ် လေးအောက် သုံးပြီး အမြဲတမ်း ရေးထည့်ရမည် ဖြစ်သည်။ သို့သော်၊ ကီးဘုတ် အစစ်ရှိရန် မလိုပါ၊ အကယ်၍ US ကီးဘုတ် လေးအောက် အစစ် မရှိလျှင်လည်း စကားဝှက်ကို လုံခြုံစွာ ရေးထည့်နိုင်ရန် VeraCrypt က အလိုအလျှောက် လုပ်ပေးမည် ဖြစ်သည်။ - အခန်းကန့်/drive ကို စာဝှက်ခြင်း မပြုမီ၊ အောက်ပါ အချက်များကို လုပ်ဆောင်နိုင်ရန် VeraCrypt Rescue Disk (VRD) တစ်ခုကို သင် ဖန်တီးရမည် ဖြစ်သည်။\n\n- အကယ်၍ VeraCrypt Boot Loader ၊ မာစတာကီး (သို့) အခြား အရေးကြီးသော ဒေတာများ ပျက်စီးသွားလျှင်၊ VRD ကို အသုံးပြုပြီး နဂိုဖိုင်များကို ပြန်ထားနိုင်သည် (သို့သော်၊ စကားဝှက် အမှန်ကို သင် ရေးထည့်ရမည် ဖြစ်သည်)။\n\nအကယ်၍ ၀င်းဒိုး ပျက်သွားပြီး ဖွင့်မရပါက၊ VRD သည် ဝင်းဒိုး မစမီ အခန်းကန့်/drive ကို အမြဲတမ်း စာဝှက်ပေးမည် ဖြစ်သည်။\n\n- VRD ထဲ၌ (system loader သို့မဟုတ် boot manager ပါ၀င်သော) ပထမ drive track မှ လက်​ရှိ အကြောင်းအရာအတွက် အရန်သင့် သိမ်းဆည်းချက် တစ်ခု ရှိမည် ဖြစ်သည်။ လိုအပ်ပါက ၄င်းကို နဂိုအတိုင်း ပြန်ထားနိုင်သည်။\n\nVeraCrypt Rescue Disk ISO image ကို အောက်တွင် ​သတ်မှတ်ထားသော နေရာတွင် ဖန်တီးသွားမည် ဖြစ်သည်။ - 'ကောင်းပြီ' ကို နှိပ်ပြီးပါက၊ Microsoft Windows Disc Image Burner ဖွင့်လာမည် ဖြစ်သည်။ VeraCrypt Rescue Disk ISO image ကို စီဒီ (သို့) ဒီဗွီဒီ၌ ကူးရန် ၄င်းကို အသုံးပြုပါ။\n\n အဲဒီနောက်၊ rueCrypt Volume ဖန်တီးမှု အညွှန်းကို ပြန်သွားပြီး ၄င်း၌ပါသော ညွန်ကြားချက်များ အတိုင်း လုပ်ဆောင်ပါ။ - ဆယ်တင်ရေး Disk image ကို ဖန်တီးလိုက်ပြီး ဤဖိုင်ထဲ၌ သိမ်းထားသည် -\n%s\n\n ၎င်းကို ယခုအချိန်၌ စီဒီ/ဒီဗွီဒီထဲ ကူးရန်လိုအပ်သည်။\n\n%ls ဆယ်တင်ရေး Disk ကို ကူးပြီးပါက၊ မှန်မှန်ကန်ကန် ကူးမကူး စစ်ဆေးရန် ရှေ့သို့ ကို နှိပ်ပါ။ - ဆယ်တင်ရေး Disk image ကို ဖန်တီးလိုက်ပြီး ဤဖိုင်ထဲ၌ သိမ်းထားသည် -\n%s\n\n ၎င်းကို ယခုအချိန်၌ စီဒီ/ဒီဗွီဒီထဲ ကူးထားပြီး နောက် အသုံးပြုရန် လုံခြုံသော နေရာ၌ သိမ်းထားပါ။\n\n%ls ဆက်လုပ်ရန် ရှေ့သို့ ကို နှိပ်ပါ။ - အရေးကြီးချက် - ဖိုင်ကို စီဒီ/ဒီဗွီဒီထဲ၌ (သီးသန့်ဖိုင် အဖြစ် မဟုတ်ပဲ) ISO disk image အဖြစ် ရေးကူးရမည်။ လုပ်ဆောင်နည်းနဲ့ပါတ်သက်သော အချက်အလက်မျာကို စီဒီ/ဒီဗွီဒီ ကူးဆော့ဗ်ဝဲရှိ အသုံးပြုနည်း လမ်းညွှန်ကို လေ့လာပါ။ အကယ်၍ သင့်ထံ၌ မရှိပါက၊ အောက်မှ လင့်ခ်ကို သွားပြီး ယင်းကဲ့သို့ အခမဲ့ ဆော့ဗ်ဝဲကို ဒေါင်းလုဒ် ဆွဲယူပါ။\n\n - မိုက်ခရိုဆော့ဗ်ဝဲ ၀င်းဒိုး Disc Image Burner ကို ဖွင့်ရန် - သတိပေးချက် - ယခင်က VeraCrypt ဆယ်တင်ရေး အခွေကို ဖန်တီးခဲ့ပြီး ဖြစ်ပါက၊ ၄င်းကို ကွန်ပျူတာစနစ် အခန်းကန့်/drive အတွက် ပြန်သုံး၍ ရမည် မဟုတ်ပါ၊ အဘယ့်ကြောင့် ဆိုသော်၊ ၄င်းကို အခြား မာစတာကီးအတွက် ဖန်တီးထားသောကြောင့် ဖြစ်သည်။ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို သင် စာဝှက်သည့်အချိန်တိုင်း၊ စကားဝှက် တစ်ခုတည်းကို သင် အသုံးပြုလျှင်လည်း VeraCrypt ဆယ်တင်ရေး အခွေ တစ်ခုကို သင် ဖန်တီးရမည် ဖြစ်သည်။ - ချို့ယွင်းချက် - ကွန်ပျူတာစနစ် စာဝှက်ခြင်း ချိန်ညှိချက်များကို သိမ်းဆည်း၍ မရပါ။ - ကွန်ပျူတာစနစ် စာဝှက်ခြင်း အကြိုစစ်ဆေးချက်ကို မစတင်နိုင်ပါ။ - လျှို့ဝှက် OS စနစ် ဖန်တီးမှု လုပ်ငန်းစဉ် မစတင်နိုင်ပါ။ - ရှင်းလင်းမှု စနစ် - အချို့ သိုလှောင်ရေး မီဒီယာ အမျိုးအစားများ၌၊ ဒေတာကို အခြား ဒေတာများနှင့် ​အစားထိုးသည့်အခါ၊ magnetic force microscopy ကဲ့သို့သော နည်းပညာကို သုံးပြီး အစားထိုးလိုက်သော ဒေတာများကို ပြန်လည် ဆယ်တင်နိုင်သည်။ ဤနေရာ၌ ၄င်းတို့ (VeraCrypt အနေဖြင့် စာဝှက်မထားသော အခန်းကန့် သို့မဟုတ် drive ကို စတင် စာဝှက်သည့်အခါ ပေါ်ပေါက်လာသော) စာဝှက်ထားသည့် ဖြည့်စွတ်ပုံစံဖြင့် အစားထိုးလိုက်သော ဒေတာများလည်း အကျုံး၀င်သည်။ ထို့ကြောင့်၊ အကယ်၍ ရန်သူ တစ်ဦးတစ်ယောက်က သင် စာဝှက်ရန် ရည်ရွယ်ထားသော ဒေတာများကို ဆယ်တင်နိုင်​သည့် နည်းလမ်းများကို အသုံးပြုနိုင်လျှင်၊ ရှင်းလင်းသော စနစ် (လက်ရှိ ဒေတာများ ပျောက်သွားမည် မဟုတ်ပါ) တစ်ခုခုကို သင် ရွေးချယ်နိုင်သည်။ အခန်းကန့်/drive ကို စာဝှက်ပြီးသည့်အခါ ရှင်းလင်းမှု ပြုလုပ်တော့မည် မဟုတ်ပါ။ အခန်းကန့်/drive ကို အပြည့်အ၀ စာဝှက်သည့်အခါ၊ ၄င်းအထဲ၌ စာဝှက်မထားသော ဒေတာများကို ရေးသားခြင်း မပြုပါ။ ၄င်းအထဲ၌ ပထမဦးဆုံး ရေးသားလိုက်သော ဒေတာများကို မှတ်ဉာဏ်ထဲ၌ ချက်ခြင်း စာဝှက်လိုက်ပြီးနောက် (စာဝှက်ထားသော) ဒေတာများကို disk ထဲ၌ ရေးထည့်လိုက်သည်။ - အချို့ သိုလှောင်ရေး မီဒီယာ အမျိုးအစားများ၌၊ ဒေတာကို (ဒေတာများကို ပယ်ဖျက်သည့်အခါ) အခြား ဒေတာများနှင့် ​အစားထိုးသည့်အခါ၊ magnetic force microscopy ကဲ့သို့သော နည်းပညာကို သုံးပြီး အစားထိုးလိုက်သော ဒေတာများကို ပြန်လည် ဆယ်တင်နိုင်သည်။ အချို့သော လေ့လာ ဆန်းစစ်ချက်များနှင့် အစိုးရ ထုတ်ပြန်ချက်များအရ၊ ဒေတာများကို pseudorandom စနစ်နှင့် အချို့ ကျပန်း မဟုတ်သော ဒေတာများကို အကြိမ်ကြိမ် အစားထိုးခြင်းဖြင့် ဒေတာများ ပြန်လည်ဆယ်တင်နိုင်မှုကို တားဆီး (ခက်ခဲစေ) နိုင်သည်။ ထို့ကြောင့်၊ အကယ်၍ ရန်သူ တစ်ဉီးတစ်ယောက်သည် ပယ်ဖျက်​မည့် ဒေတာများကို ဆယ်တင်နိုင်သည့် နည်းလမ်းများကို သုံးစွဲနိုင်လျှင်၊ အကြိမ်ပေါင်း များစွာ ရှင်းလင်းပေးသည့် စနစ် တစ်ခုခုကို ရွေးချယ်ရမည် ဖြစ်သည်။\n\nမှတ်ချက် - အကြိမ်များများ ရွေးလေ၊ ဒေတာ ရှင်းလင်းမှု ကြာလေ ဖြစ်သည်။ - ရှင်းလင်းနေသည် - \n မှတ်ချက် - ရှင်းလင်းသည့် လုပ်ငန်းစဉ်ကို သင် ရပ်ဆိုင်းနိုင်သည်၊ ကွန်ပျူတာကို ပိတ်နိုင်သည်၊ လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို နောက်တစ်ခါ ပြန်​ဖွင့်ပြီး လုပ်ငန်းစဉ် (ဤအညွှန်းကို အလိုအလျောက် စတင်နိုင်သည်) ကို ပြန်စတင်နိုင်သည်။ သို့သော်၊ အကယ်၍ ၄င်းကို ရပ်လိုက်ပါက၊ ရှင်းလင်းသော လုပ်ငန်းစဉ် တစ်ခုလုံး အစမှ ပြန်လည် စတင်မည် ဖြစ်သည်။ - \n\n မှတ်ချက် - အကယ်၍ ရှင်းလင်းသော လုပ်ငန်းစဉ်ကို သင် ရပ်တန့်ပါက၊ ၄င်းကို ပြန်စပါ။ လုပ်ငန်းစဉ် တစ်ခုလုံးကို အစမှ ပြန်လည် စတင်ရမည် ဖြစ်သည်။ - ရှင်းလင်းခြင်း လုပ်ငန်းစဉ်ကို ရပ်ဆိုင်းမည်လား? - သတိပေးချက် - ရွေးချယ်ထားသော အခန်းကန့်/device တစ်ခုလုံးကို ပယ်ဖျက်သွားမည် ဖြစ်ပြီး ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ - မူရင်း ကွန်ပျူတာစနစ် တည်ရှိသော အခန်းကန့်ထဲရှိ အကြောင်းအရာ တစ်ခုလုံးကို ပယ်ဖျက်သွားမည် ဖြစ်သည်။\n\n မှတ်ချက် - ပယ်ဖျက်သွားမည့် အခန်းကန့်ထဲရှိ အကြောင်းအရာ တစ်ခုလုံးကို လျှို့ဝှက် ကွန်ပျူတာစနစ်ထဲသို့ ကော်ပီကူးသွားမည် ဖြစ်သည်။ - သတိပေးချက် - ရှင်းလင်းမှု စနစ် 3-pass (ခေါ် သုံးကြိမ်) ကို ရွေးချယ်လိုက်ပါက၊ အခန်းကန့်/drive ကို စာဝှက်ရန် အချိန် ၄ ဆ ပိုကြာမည် ဖြစ်သည်။ ထိုနည်းတူ၊ အကယ်၍ 35-pass ကို ရွေးပါက ၃၆ ဆ ပိုကြာသွားမည် ဖြစ်သည်။\n\n သို့သော်၊ အခန်းကန့်/drive ကို အပြည့်အ၀ စာဝှက်ပြီးသည့်အခါ ရှင်းလင်းသည့် လုပ်ငန်းကို လုပ်ဆောင်မည် မဟုတ်ပါ။ အခန်းကန့်/drive ကို အပြည့်အ၀ စာဝှက်ပြီးသည့်အခါ၊ ၄င်းအထဲ၌ စာဝှက်မထားသေးသော ဒေတာများကို ရေးသားမည် မဟုတ်ပါ။ ၄င်းအထဲ၌ ရေးသားလိုက်သော ဒေတာ အားလုံးကို ချက်ခြင်း စာဝှက်သွားမည် ဖြစ်ပြီး၊ ထို့နောက်မှ (စာဝှက်ထားသော) ဒေတာများကို disk ထဲ၌ ရေးသားမည် ဖြစ်သည် (ဤနည်းဖြင့် စွမ်းဆောင်ရည်ကို ထိခိုက်မည် မဟုတ်ပါ)။\n\n ရှင်းလင်းမှု စနစ်ကို သုံးစွဲလိုသလား? - ဘာမျှမရွေး (အမြန်ဆုံး) - ၁-ကြိမ် (ကျပန်း ဒေတာ) - ၃-ကြိမ် (US DoD 5220.22-M) - ၇-ကြိမ် (US DoD 5220.22-M) - ၃၅-ကြိမ် ("Gutmann") - 256-pass - OS စနစ် အရေအတွက် - သတိပေးချက် - အတွေ့အကြုံမရှိသေးသော သုံးစွဲသူများသည် ၀င်းဒိုးကို Multi-boot ပြုပြင်ဖန်တီးစနစ်ဖြင့် စာဝှက်ရန် မကြိုးစားသင့်ပါ။\n\n ဆက်လုပ်မည်လား? - လျှို့ဝှက် OS စနစ်ကို ဖန်တီး/သုံးစွဲသည့်အခါ၊ VeraCrypt သည် အောက်ပါ အခြေအနေများနှင့် ကိုက်ညီမှ multi-boot ပြုပြင်ဖန်တီးမှုကကို ထောက်ပံ့ပေးသည် -\n\n- လောလောဆယ် အသုံးပြုနေသော OS စနစ်ကို boot drive ထဲတွင် ထည့်သွင်းရမည် ဖြစ်သည်၊ ၄င်း၌ အခြား OS စနစ်များ ရှိမည် မဟုတ်ပါ။\n\n အခြား drives များ၌ ထည့်သွင်းထားသော OS စနစ်များသည် လောလောဆယ် အသုံးပြုနေသော OS စနစ် ထည့်သွင်းထားသည့် drive ထဲတွင် ရှိသော မည်သည့် boot loader ကို အသုံးမပြုရပါ။\n\n အထက်မှ အခြေအနေများနှင့် ကိုက်ညီသလား? - VeraCrypt သည် လျှို့ဝှက် OS စနစ်ကို ဖန်တီး/သုံးစွဲသည့်အခါ ဤ multi-boot ပြုပြင်ဖန်တီးမှုကို လက်မခံပါ။ - Boot Drive - လက်ရှိ အသုံးပြုနေသော OS စနစ်ကို boot drive ပေါ်တွင် ထည့်သွင်းထားသလား?\n\nမှတ်ချက် - တစ်ခါတစ်ရံ၊ Windows ကို Windows boot loader (boot အခန်းကန့်) ကဲ့သို့ drive တစ်ခုထဲ၌ ထည့်သွင်းမထားပါ။ အကယ်၍ ပြဿနာ ရှိပါက၊ 'မဟုတ်ဘူး' ကို ရွေးပါ။ - လော​လောဆယ်၌ VeraCrypt သည် OS စနစ် ထည့်သွင်းထားသော drive မှ boot မလုပ်သော OS စနစ်ကို စာဝှက်ရန် ထောက်ပံ့​မပေးပါ။ - ကွန်ပျူတာစနစ် Drives အရေအတွက် - OS စနစ် တစ်ခု၌ drives မည်မျှ ပါရှိသနည်း?\n\n မှတ်ချက် - ဥပမာ- ဥပမာ အားဖြင့်၊ သင့် primary drive နှင့် အခြား OS စနစ်ကို secondary drive ထဲ၌ OS စနစ် (Windows, Mac OS X, Linux နှင့်အခြား) ကို ထည့်သွင်းထားလျှင်၊ '၂ (သို့) အထက်' ကို ရွေးချယ်ပါ။ - VeraCrypt သည် OS စနစ် အများ ပါရှိသော drive တစ်ခုလုံးကို စာဝှက်ရန် ထောက်ပံ့မှု မပေးပါ။\n\nဖြစ်နိုင်သော ဖြေရှင်းချက်များ -\n\n အကယ်၍ နောက် ပြန်သွားပြီး ကွန်ပျူတာစနစ် အခန်းကန့် တစ်ခုကို သာ စာဝှက်ရန် ရွေးချယ်ပါက ကွန်ပျူတာ စနစ်ထဲက တစ်ခုကို သင် စာဝှက်နိုင်မည် ဖြစ်သည်။\n\n နောက်တနည်းဖြင့်၊ သင် စာဝှက်လိုသော drive ထဲ၌ ကွန်ပျူတာစနစ် တစ်ခုကိုသာ ချန်ထားပြီး အချို့ ကွန်ပျူတာစနစ်ကို အခြား drives ထဲ၌ ရွေ့သွားပါက၊ drive တစ်ခုလုံးကို သင် စာဝှက်နိုင်မည် ဖြစ်သည်။ - Drive တစ်ခုထဲ၌ ကွန်ပျူတာစနစ် မျိုးစုံ - လက်ရှိ အသုံးပြုနေသော OS စနစ်ကို ထည့်သွင်းထားသော drive ၌ OS စနစ် ဘယ်နှစ်ခု ထည့်သွင်းထားသနည်း။\n\nမှတ်ချက် - ဥပမာ အားဖြင့်၊ အကယ်၍ လက်ရှိ အသုံးပြုနေသော OS စနစ်ကို အခန်းကန့် တချို့ ပါရှိသော drive #0 ထဲ၌ ထည့်သွင်းပါက၊ နောက်ပြီး အကယ်၍ အခန်းကန့် တစ်ခု၌ Windows နှင့် အခြား အခန်းကန့်၌ နောက်ထပ် OS စနစ် (ဥပမာ -Windows, Mac OS X, Linux, စသဖြင့်) ပါရှိပါက၊ ​'ဟုတ်ကဲ့' ကို ရွေးပါ။ - ဝင်းဒိုးမဟုတ်သည့် Boot Loader - The master boot record (MBR) ထဲတွင် (boot manager မဟုတ်သော) non-Windows boot loader ကို ထည့်သွင်းထားသလား?\n\n မှတ်ချက် - ဥပမာ အားဖြင့်၊ ပထမ boot drive လမ်းကြောင့်၌ GRUB, LILO, XOSL ၊ (သို့) အခြား non-Windows boot manager (boot loader) ပါရှိပါက၊ 'ဟုတ်ကဲ့' ကို နှိပ်ပါ။ - Multi-Boot - VeraCrypt သည် လောလောဆယ် Master Boot Record ၌ ထည့်သွင်းထားသော non-Windows boot loader တစ်ခု ရှိသည့်နေရာ၌ multi-boot ပြုပြင်ဖန်တီးခြင်းကို အထောက်အပံ့ ​မပေးပါ။\n\n ဖြစ်နိုင်ချေ ဖြေရှင်းချက်များ -\n\n - အကယ်၍ Windows နှင့် Linux တို့ကို ဖွင့်ရန် boot manager တစ်ခုကို အသုံးပြုပါက၊ boot manager(GRUB) ကို Master Boot Record မှ အခန်းကန့် တစ်ခုသို့ ရွေ့ပြောင်းပါ။ ​ထို့နောက် ဒီအညွှန်းကို စဖွင့်ပြီး ကွန်ပျူတာစနစ် အခန်းကန့်/driveကို စာဝှက်လိုက်ပါ။ VeraCrypt Boot Loader သည် သင့် primary boot manager ဖြစ်လာမည် ဖြစ်ပြီး ၄င်းမှ မူရင်း boot manager (ဥပမာ - GRUB) ကို secondary boot manager အဖြစ် (VeraCrypt Boot Loader မျက်နှာပြင်မှ Esc ကို နှိပ်ခြင်းပြီး) ဖွင့်ပေးနိုင်မည် ဖြစ်သည်။ ထို့နောက် Linux ကို boot လုပ်နိုင်မည် ဖြစ်သည်။ - အကယ်၍ လက်ရှိ သုံးစွဲနေသော OS စနစ်သည် boot အခန်းကန့်ပေါ်တွင် ထည့်သွင်းထားပါက၊ ၄င်းကို စာဝှက်ပြီးသောအခါ၊ အခြား စာဝှက်မထားသော Windows စနစ်(များ)ကို စတင်လိုလျှင်လည်း စကားဝှက်အမှန်ကို ရေးထည့်ရမည် ဖြစ်သည် (၄င်းတို့သည် စာဝှက်ထားသော Windows boot loader/manager တစ်ခုတည်းကို ဝေမျှကြမည် ဖြစ်သောကြောင့် ဖြစ်သည်)။\n\n နောက်တစ်မျိုး အနေနဲ့၊ အကယ်၍ သင် လက်ရှိ သုံးစွဲနေသော OS စနစ်ကို boot အခန်းကန့် (သို့မဟုတ် အကယ်၍ Windows boot loader/manager ကို အခြား ကွန်ပျူတာ စနစ်က အသုံးမပြုပါက) တွင် ထည့်သွင်းမထားပါက၊ ဤကွန်ပျူတာစနစ်ကို စာဝှက်ပြီးနောက်၊ အခြား စာဝှက်မထားသော ကွန်ပျူတာစနစ်(များ)ကို ဖွင့်သည့်အခါ စကားဝှက် အမှန်ကို ​ရေးထည့် မလိုပါ -- စာဝှက်မထားသော ကွန်ပျူတာစနစ်ကို စဖွင့်ရန် Esc ကီးကိုသာ နှိပ်ရမည် ဖြစ်သည် (အကယ်၍ စာဝှက်မထားသော ကွန်ပျူတာစနစ် အများအပြား ရှိပါက၊ VeraCrypt Boot Manager မီနူးမှ သင် ဖွင့်လိုသော ကွန်ပျူတာ စနစ်ကို ရွေးချယ်ရမည် ဖြစ်သည်)။\n\nမှတ်ချက် - ပုံမှန်အားဖြင့်၊ အစောဆုံး ထည့်သွင်းထားသော OS စနစ်ကို boot အခန်းကန့်တွင် ထည့်သွင်းထားသည်။ - Host Protected Area ကို စာဝှက်ခြင်း - Drives များ၏ အဆုံး၌၊ OS စနစ်မှ ဖျောက်ထားသော နေရာ တစ်ခု ရှိသည် (ယင်းနေရာမျိုးကို Host Protected Areas ဟု​ ခေါ်သည်)။ သို့သော်၊ ယင်းနေရာများမှ ဒေတာများကို အခြား ပရိုဂရမ်များက ဖတ်နိုင်၊ ရေးနိုင်သည်။\n\n သတိပေးချက် - အချို့ ကွန်ပျူတာ ထုတ်လုပ်သူများသည် ယင်းနေရာများကို ​ကိရိယာများနှင့် RAID ဒေတာများ၊ ကွန်ပျူတာစနစ် ဆယ်တင်ရေး၊ ကွန်ပျူတာစနစ် တည်ဆောက်ခြင်း၊ ပြဿနာ ရှာဖွေခြင်း၊ (သို့) အခြား ​ရည်ရွယ်ချက်များ သိမ်းဆည်းရန်အတွက် သုံးစွဲနိုင်သည်။ ​ယင်းကဲ့သို့ ကိရိယာများ (သို့) ဒေတာများကို boot မလုပ်ခင်၊ လျှို့ဝှက် နေရာကို စာဝှက်မည် မဟုတ်ပါ (အထက်မှ 'မဟုတ်ဘူး' ကို ရွေးပါ)။\n\n VeraCrypt သည် ကွန်ပျူတာစနစ် drive ၏ အဆုံး၌ လျှို့ဝှက် နေရာ တစ်ခုကို ရှာဖွေပြီး စာဝှက်လိုသလား? - ကွန်ပျူတာ စာဝှက်စနစ် အမျိုးအစား - အကယ်၍ ကွန်ပျူတာစနစ် အခန်းကန့် (သို့) ကွန်ပျူတာစနစ် drive တစ်ခုလုံးကို စာဝှက်လိုလျှင် ဤရွေးစရာကို ရွေးချယ်ပါ။ - တစ်စုံတစ်ယောက်သည် OS စနစ်ကို စာဝှက်ဖြည်ရန် အတင်းအကျပ် တောင်းဆိုလာနိုင်သည်။ ထိုသို့ တောင်းဆိုချက်ကို ငြင်း၍မရသော အ​ခြေအနေများ (ဥပမာ အားဖြင့် - ခြိမ်းခြောက်လာ၍) ရှိလာနိုင်သည်။ အကယ်၍ ဤရွေးစရာကို သင် ရွေးချယ်ပါက၊ ၄င်းတည်​ရှိနေသော နေရာကို ရှိကြောင်း မပြနိုင်သည့် လျှို့ဝှက် OS စနစ်ကို (အချို့ လမ်းညွှန်ချက်များကို လိုက်နာပြီး)သင် ဖန်တီးနိုင်လိမ့်မည် ဖြစ်သည်။ ဤနည်းဖြင့်၊ လျှို့ဝှက် OS စနစ်ကို စာဝှက်ဖြည်ရန် မလို (သို့) စကားဝှက် ဖေါ်ပြစရာ လိုမည် မဟုတ်ပါ။ အသေးစိတ် ရှင်းလင်းချက်ကို လေ့လာရန် အောက်ပါ လင့်ခ်ကို နှိပ်ပါ။ - တစ်စုံတစ်ယောက်သည် OS စနစ်ကို စာဝှက်ဖြည်ရန် အတင်းအကျပ် တောင်းဆိုလာနိုင်သည်။ ထိုသို့ တောင်းဆိုချက်ကို ငြင်း၍မရသော အ​ခြေအနေများ (ဥပမာ အားဖြင့် - ခြိမ်းခြောက်လာ၍) ရှိလာနိုင်သည်။ \n\nဤအညွှန်းကို သုံးပြီး၊ ၄င်းတည်​ရှိနေသော နေရာကို ရှိကြောင်း မပြနိုင်သည့် လျှို့ဝှက် OS စနစ်ကို (အချို့ လမ်းညွှန်ချက်များကို လိုက်နာပြီး) သင် ဖန်တီးနိုင်လိမ့်မည်။ ဤနည်းဖြင့်၊ လျှို့ဝှက် OS စနစ်ကို စာဝှက်ဖြည်ရန် မလို (သို့) စကားဝှက် ဖေါ်ပြစရာ လိုမည် မဟုတ်ပါ။ - လျှို့ဝှက် OS စနစ် - အောက်ပါ အဆင့်များတွင်၊ ကွန်ပျူတာစနစ် အခန်းကန့်​ နောက်ကွယ်ရှိ ပထမ အခန်းကန့် အတွင်း၌ (ပြင်ပ နှင့် လျှို့ဝှက်) VeraCrypt volumes နှစ်ခုကို သင် ဖန်တီးရမည် ဖြစ်သည်။ လျှို့ဝှက် volume ထဲ၌ လျှို့ဝှက် OS စနစ် ရှိမည် ဖြစ်သည်။ VeraCrypt သည် ကွန်ပျူတာစနစ် အခန်းကန့် (လက်ရှိ OS စနစ် လည်ပတ်နေသော နေရာ) ၏ အကြောင်းအရာများကို လျှို့ဝှက် volume ထဲသို့ ကော်ပီကူးပြီး လျှို့ဝှက် OS စနစ်ကို ဖန်တီးပေးလိမ့်မည်။ ပြင်ပ volume ၌ သင် အမှန်တကယ် ဝှက်ထားစရာ မလိုအပ်သော အရေးကြီးပုံပေါ်သည့် ဖိုင်များကို ကော်ပီကူးရလိမ့်မည်။ လျှို့ဝှက် OS အခန်းကန့်၏ စကားဝှက်ကို ဖေါ်ပြပေးရန် အတင်းအကျပ် စေခိုင်း ခံရနိုင်သည်။ လျှို့ဝှက် OS အခန်းကန့် အတွင်းရှိ ပြင်ပြ volume ၏ စကားဝှက်ကို သင် ဖေါ်ပြနိုင်သည် (လျှို့ဝှက် OS စနစ်သည် လျှို့ဝှက် ရှိနေမည် ဖြစ်သည်)။\n\n နောက်ဆုံးအနေဖြင့်၊ လက်ရှိ အသုံးပြုနေသော OS စနစ် ၏ ကွန်ပျူတာစနစ် အခန်းကန့်ထဲတွင်၊ မျက်လှည့် OS စနစ်ဟု ခေါ်သော OS စနစ် အသစ် တစ်ခုကို ထည့်သွင်းပြီး၊ ၄င်းကို စာဝှက်ထားပါ။ ၄င်း၌ အရေးကြီးသည့် ဒေတာများ မထားရပါ။ တစ်စုံတစ်ယောက်သည် စက်မတက်မီ စစ်ဆေးအတည်ပြုသော စကားဝှက်ကို ဖေါ်ပြရန် အတင်းအကျပ် တောင်းဆိုလာနိုင်သည်။ မျက်လှည့် OS စနစ်နှင့် ပြင်ပ volume နှစ်ခုစလုံးကို ဖွင့်နိုင်မည် ဖြစ်သည်။ အကယ်၍ သင်သည် တတိယ အချက်ကို သုံးစွဲပါက၊ လျှို့ဝှက် OS စနစ် စဖွင့်လာမည် ဖြစ်သည်။ - လျှို့ဝှက် Sectors များကို ရှာဖွေခြင်း - VeraCrypt သည် ကွန်ပျူတာစနစ် drive ၏ အဆုံးရှိ လျှို့ဝှက် sectors များကို စစ်ဆေးနေစဉ် ​ခဏစောင့်ပါ။ အပြီးသတ်ရန်အတွက် အချိန်အတော် ကြာနိုင်သည်။\n\n မှတ်ချက် - အလွန် ဖြစ်တောင့်ဖြစ်ခဲ အခြေအနေများ၌၊ ကွန်ပျူတာ အချို့သည် ဤစစ်ဆေးမှု လုပ်ဆောင်နေစဉ် တုံပြန်မှု မရှိ ဖြစ်တက်သည်။ ထိုသို့ ဖြစ်လာပါက၊ ကွန်ပျူတာကို ပြန်ဖွင့်ပါ၊ VeraCrypt ကို ဖွင့်ပြီး၊ ယခင်က အဆင့်များကို ထပ်လုပ်ပါ၊ သို့သော် ဤစစ်ဆေးခြင်း လုပ်ငန်းစဉ်ကို ကျော်ပါ။ ဤပြဿနာသည် VeraCrypt ကြောင့်မဟုတ်ကြောင်း သတိပြုပါ။ - စာဝှက်မည့် နေရာ - အကယ်၍ လက်ရှိ အသုံးပြုနေသော Windows စနစ်ရှိ drive တစ်ခုလုံးကို စာဝှက်လိုပါက၊ ဤရွေးစရာကို ရွေးချယ်ပါ။ Drive တစ်ခုလုံး အပါအဝင်၊ ၄င်း၏ အခန်းကန့် အားလုံးကို၊ VeraCrypt Boot Loader တည်ရှိသည့် ပထမ track မပါပဲ၊ စာဝှက်သွားမည် ဖြစ်သည်။ Drive ထဲ (သို့) Drive ၌ သိမ်းဆည်းထားသော ဖိုင်များကို ရယူလိုသော သူသည် ကွန်ပျူတာစနစ် မဖွင့်မီ စကားဝှက် အမှန်ကို အကြိမ်တိုင်း ရေးထည့်ရမည် ဖြစ်သည်။ အကယ်၍ Windows ကို secondary (သို့) ပြင်ပ drive ၌ ထည့်သွင်း မထားသောကြောင့် ၄င်းအထဲမှ boot လုပ်စရာ မလိုပါက ၄င်းတို့ကို စာဝှက်ရန် ဤရွေးစရာကို အသုံးပြု၍ မရပါ။ - ကျပန်း ဒေတာများကို စု​ဆောင်းနေသည် - ကီးများ ထုတ်လုပ်လိုက်ပြီ - VeraCrypt သည် ကွန်ပြူတာနှင့် ဆက်သွယ်ထားသော စီဒီ/ဒီဗွီဒီ ကူးစက် မတွေ့ရပါ။ VeraCrypt သည် စာဝှက်စနစ် ကီးများ၊ VeraCrypt boot loader ၊ မူရင်း system loader စသည်တို့၏ အရန်သင့် သိမ်းဆည်းချက် တစ်ခု ပါရှိသော ootable VeraCrypt Rescue Disk တစ်ခုကို CD/DVD burner ဖြင့် ကူးရန် လိုအပ်နေသည်။\n\n သင့်အနေဖြင့် VeraCrypt Rescue Disk ပြုလုပ်ထားရန် အထူး တိုက်တွန်းလိုသည်။ - ကျွန်ုပ်ထံ CD/DVD burner မရှိပါ၊ သို့ရာတွင် Rescue Disk ISO image ကို ဖြုတ်တပ်နိုင်သော drive တစ်ခုတွင် သိမ်းဆည်းထားမည် (ဥပမာ - USB flash drive) - CD/DVD ကူးစက် တစ်ခုကို ကွန်ပျူတာဖြင့် နောက်မှ တပ်ဆင်ထားပါမည်။ လုပ်ငန်းစဉ်ကို ယခု အဆုံးသတ်လိုက်ပါ။ - CD/DVD ကူးစက်သည် ကွန်ပြူတာနှင့် ယခု ဆက်သွယ်လိုက်ပြီ။ ဆက်လုပ်ပြီး ဆယ်တင်ရေး အခွေကို ပြုလုပ်ပါ။ - အောက်ပါ အဆင့်များကို လုပ်ဆောင်ပါ -\n\n၁) USB flash drive ကဲ့သို့ ဖြုတ်တပ်နိုင်သော drive တစ်ခုကို သင့် ကွန်ပျူတာနှင့် ချိတ်ဆက်ထားပါ။\n\n၂) VeraCrypt ဆယ်တင်ရေး အခွေ ဖိုင် (%s) ကို ဖြုတ်တပ်နိုင်သော drive ထဲ ကော်ပီးကူးပါ။\n\n နောင်တွင် VeraCrypt ဆယ်တင်ရေး အခွေကို လိုအပ်လာပါက၊ သင့် ဖြုတ်တပ်နိုင်သော drive (VeraCrypt ဆယ်တင်​ရေး အခွေ image) ကို CD/DVD ကူးစက်ပါသည့် ကွန်ပျူတာနှင့် ချိတ်ဆက်ပြီး image ကို စီဒီ/ဒီဗွီဒီထဲ ကVeraCrypt ဆယ်တင်ရေး အခွေကို ပြုလုပ်နိုင်မည် ဖြစ်သည်။ အရေးကြီးချက် - VeraCrypt ဆယ်တင်ရေး အခွေကို CD/DVD ထဲသို့ (သီးသန့်ဖိုင် မဟုတ်ပဲ) ISO disk image တစ်ခု အဖြင့် ကူးယူရမည် ဖြစ်သည်။ - ဆင်တင်ရေး အခွေ ပြုလုပ်ခြင်း - ဆင်တင်ရေး အခွေ ပြုလုပ်နေသည် - ကွန်ပျူတာစနစ် စာဝှက်ခြင်း ကြိုတင် စမ်းသပ်မှု - ဆယ်တင်ရေး အခွေ စစ်ဆေးပြီ - \n VeraCrypt ဆယ်တင်ရေး အခွေကို အောင်မြင်စွာ စစ်ဆေးလိုက်ပြီ။ ၄င်းကို drive ထဲမှ ယခု ဖယ်ရှားလိုက်ပြီး လုံခြုံသော နေရာတွင် သိမ်းထားပါ။\n\n ဆက်သွားရန် ရှေ့သို့ ကို နှိပ်ပါ။ - သတိပေးချက် - နောက်အဆင့်​ သွားစဉ်တွင် VeraCrypt ဆယ်တင်ရေး အခွေသည် drive ထဲ၌ ရှိမည် မဟုတ်ပါ။ သို့မဟုတ်ပါက၊ အဆင့်များကို မှန်မှန်ကန်ကန် ပြီးစီးဖို့ ဖြစ်နိုင်မည် မဟုတ်ပါ။\n\n ၄င်းကို drive ထဲမှ ဖယ်ရှားပြီး လုံခြုံသော နေရာတွင် သိမ်းထားပါ။ ထို့နောက် 'ကောင်းပြီ' ကို နှိပ်ပါ။ - သတိပေးချက် - စက်မတက်ခင် အခြေအနေ (Windows မဖွင့်မီ) ၏ နည်းပညာ ဆိုင်ရာ ကန့်သတ်ချက်များကြောင့်၊ VeraCrypt သည် စက်မတက်ခင် အခြေအနေကို ဖေါ်ပြသော စာတမ်းကို ဒေသဆိုင်ရာ ဘာသာစကားသို့ ပြန်ဆိုနိုင်မည် မဟုတ်ပါ။ VeraCrypt Boot Loader သုံးစွဲသူ မျက်နှာပြင် တစ်ခုလုံးသည် အင်္ဂလိပ် ဘာသာဖြင့် ဖြစ်သည်။\n\n ဆက်လုပ်မည်လား? - သင့် ကွန်ပျူတာစနစ် (သို့) drive ကို စာဝှက်ခြင်း မပြုမီ၊ VeraCrypt သည် အရာအားလုံး ကောင်းကောင်းမွန်မွန် အလုပ်လုပ်မလုပ် စစ်ဆေးမည် ဖြစ်သည်။\n\n စမ်းသပ်ရန် ကို နှိပ်ပြီးသောအခါ၊ လိုအပ်သော အစိတ်အပိုင်းအားလုံးကို စက်ထဲ ထည့်သွင်းသွားမည် ဖြစ်ပြီး သင့်ကွန်ပျူတာကို ပြန်ဖွင့်လာမည် ဖြစ်သည်။ အဲဒီနောက် Windows မဖွင့်မီ မြင်ရသော VeraCrypt Boot Loader မျက်နှာပြင်တွင် စကားဝှက်ကို သင် ရေးထည့်ရမည် ဖြစ်သည်။ Windows စတင်လာသည့်အခါ၊ အကြို စမ်းသပ်ချက်အတွက် ရလဒ်ကို အလိုအ​လျောက် အကြောင်းကြားလာလိမ့်မည်။\n\n အောက်ပါ device ကို ပြုပြင်​သွားမည် ဖြစ်သည် - Drive #%d\n\n\n ဖျက်သိမ်းရန် ကို ယခု နှိပ်လျှင်၊ ဘာမျှ စက်ထဲ ထည့်သွင်းမည် မဟုတ်ပဲ အကြို စမ်းသပ်မှုကိုလည်း လုပ်ဆောင်နိုင်မည် မဟုတ်ပါ။ - အရေးကြီး မှတ်ချက်များ - ဖတ်ရှုပါ/ပရင့်ထုတ်ပါ ('ပုံနှိပ်ရန်' ကို နှိပ်ပါ) -\n\n သင့် ကွန်ပျူတာကို အောင်မြင်စွာ ပြန်ဖွင့်ပြီး Windows ကို မစတင်မချင်း သင့်ဖိုင်များ တစ်ခုကိုမျှ စာဝှက်မည် မဟုတ်ပါ။ ထို့ကြောင့်၊ အကယ်၍ တစ်ခုခု ချို့ယွင်းပါက၊ သင့် ဒေတာများ ပျေက်သွားမည် မဟုတ်ပါ။ သို့ရာတွင်၊ တစ်စုံတစ်ခု မှားယွင်းသွားပါက၊ Windows စတင်သည့်အခါ အခက်အခဲ ရင်ဆိုင်ရနိုင်သည်။ ထို့ကြောင့်၊ သင့်ကွန်ပျူတာ ပြန်ဖွင့်ပြီး Windows မပွင့်လာခဲ့လျှင် လုပ်ဆောင်ရမည့် အချက်ကို အောက်ပါ လမ်းညွှန်ချက်များထဲတွင် ဖတ်ရှု (ဖြစ်နိုင်ပါက ပရင့်ထုတ်) နိုင်သည်။\n\n - Windows မဖွင့်နိုင်ပါက လုပ်ဆောင်ရမည့် အချက်များ\n---------------------------------------------------------\n\nမှတ်ချက် - အကယ်၍ စာဝှက်ခြင်း မစတင်မချင်း ဤညွှန်ကြားချက်များသည် မှန်ကန်မှု ရှိသည်။\n\n- သင့် စကားဝှက် အမှန်ကို ရေးထည့်ပြီးနောက် (သို့မဟုတ် အကယ်၍ စကားဝှက် အမှန်ကို ထပ်ခါ ထပ်ခါ ရေးထည့်သည့်အခါ VeraCrypt က စကားဝှက် မှားနေသည် ဟု ​ပြနေပြီး) Windows မဖွင့်လာလျှင်၊ စိတ်မပျက်ပါနှင့်။ ကွန်ပျူတာကို ပြန်ဖွင့် (စက်ပိတ်ပြီး ပြန်ဖွင့်) ပြီး၊ VeraCrypt Boot Loader မျက်နှာပြင် ပေါ်လာသည့်အခါ၊ သင့် ကီးဘုတ်မှ (အကယ်၍ သင်၌ ကွန်ပျူတာစနစ် အများအပြား ရှိလျှင်၊ စတင်မည့်အရာကို ရွေးပြီး) Esc ကီး ကို နှိပ်ပါ။ ထို့နောက် Windows တက်လာမည် ဖြစ်ပြီး VeraCrypt က စက်မတက်မီ စစ်ဆေးမှု အစိတ်အပိုင်းကို ဖယ်ထုတ်မည် မဖယ်ထုတ်မည်ကို မေးမြန်းလာလိမ့်မည်။ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ထားပါက ယခင်က အဆင့်များ အလုပ်လုပ်မည် မဟုတ်ပါ (မည်သူမဆို ယခင်က အဆင့်များကို လိုက်နာသည် ဖြစ်စေ စကားဝှက် မမှန်ပါက drive ထဲက Windows ကို ဖွင့်နိုင်မည် မဟုတ်သကဲ့သို့ စာဝှက်ထားသော ဒေတာများကို ရယူနိုင်မည် မဟုတ်ပါ)။\n\n - - အကယ်၍ ယခင်က အဆင့်များသည် အလုပ်မဖြစ်ပါက (သို့) VeraCrypt Boot Loader မျက်နှာပြင်ကို (Windows မစခင်) မတွေ့ရပါက၊ VeraCrypt ဆယ်တင်ရေး ​အခွေကို CD/DVD drive ထဲ ထည့်ပြီး သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။ အကယ်၍ VeraCrypt ဆယ်တင်ရေး အခွေ ပေါ်မလာပါက (သို့မဟုတ်၊ VeraCrypt ဆယ်တင်ရေး အခွေ မျက်နှာပြင်၏'Keyboard Controls' ၌ 'Repair Options'ကို မမြင်ရပါက)၊ သင့် BIOS ကို hard disk မှ စက်တက်ရန် ပြုလုပ်ထားခြင်းကြောင့် ဖြစ်နိုင်သည်။ ဤအချက်သည် ပြဿနာ တစ်ရပ် ဖြစ်လာပါက၊ သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ၊ (BIOS စတက်လာသည့် မျက်နှာပြင်ကို မြင်ရသည့်အခါ) F2 (သို့) Delete ကို နှိပ်ပြီး၊ BIOS ပြုပြင်ဖန်တီးရေး မျက်နှာပြင် ပေါ်လာသည့်အထိ စောင့်ဆိုင်းပါ။ အကယ်၍ BIOS ပြုပြင်ဖန်တီးရေး မျက်နှာပြင် မပေါ်လာပါက၊ သင့်ကွန်ပျူတာကို ထပ်မံ ပြန်ဖွင့် (ပြန်ချိန်) ပါ။ BIOS ပြုပြင်ဖန်တီးရေး မျက်နှာပြင် ပေါ်လာသည့်အခါ၊ သင့် BIOS ကို CD/DVD drive မှ ပထမဆုံး တက်လာရန် (လုပ်ဆောင်ပုံနဲ့ ပါတ်သက်သော အချက်အလက်များအတွက်၊ BIOS/motherboard အသုံးပြုနည်း လက်စွဲကို လေ့လာပါ သို့မဟုတ် ကွန်ပျူတာ ရောင်းချသော နေရာ၌ နည်းပညာဆိုင်ရာ ထောက်ပံ့ရေး အဖွဲ့ထံ အကူအညီ တောင်းခံပါ) ပြုပြင်လိုက်ပါ။ ထို့နောက်၊ သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။ ယခုအချိန်တွင် VeraCrypt ဆယ်တင်ရေး အခွေ ပေါ်လာမည် ဖြစ်သည်။ VeraCrypt ဆယ်တင်ရေး အခွေ မျက်နှာပြင်အရောက်တွင်၊ သင့် ကီးဘုတ်မှ F8 ကို နှိပ်ပြီး 'Repair Options' ကို ရွေးပါ။ 'Repair Options' မီနူးမှ၊ 'Restore original system loader' ကို ရွေးပါ။ ထို့နောက် ဆယ်တင်ရေး အခွေကို သင့် CD/DVD drive ထဲမှ ဖယ်ရှားပြီး ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။ Windows သည် ပုံမှန်အတိုင်း ဖွင့်လာမည် ဖြစ်သည်။\n\n - အကယ်၍ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ထားပါက ယခင်က အဆင့်များ အလုပ်လုပ်မည် မဟုတ်ပါ (မည်သူမဆို ယခင်က အဆင့်များကို လိုက်နာပြီး စကားဝှက်အမှန် မရေးထည့်နိုင်ပါက Windows ကို ဖွင့်နိုင်မည် မဟုတ်ပါ (သို့) rive ထဲရှိ စာဝှက်ထားသော ဒေတာများကို ရယူနိုင်မည် မဟုတ်ပါ)။\n\n\nအကယ်၍ သင့် VeraCrypt ဆယ်တင်ရေး အခွေ ပျောက်သွားခြင်း၊ ရန်သူထံ ရောက်သွားခြင်း ဖြစ်လာပါက၊ သူသည် စကားဝှက် အမှန်မပါပဲ ကွန်ပျူတာစနစ် အခန်းကန့် (သို့) drive ကို စာဝှက်ဖြည်နိုင်မည် မဟုတ်ပါ။ - အကြို စမ်းသပ်မှု ပြီးသွားပြီ - အကြို စမ်းသပ်မှု အောင်မြင်စွာ ပြီးစီးသွားပြီ။\n\n သတိပေးချက် - လက်ရှိ ဒေတာများကို စနစ်တကျ စာဝှက်နေစဉ် ရုတ်တရက် မီးပျက်သွားပါက၊ (သို့) VeraCrypt သည် လက်ရှိ ဒေတာများကို အစီအစဉ်တကျ စာဝှက်နေစဉ် ကို ဆော့ဗ်ဝဲ အမှား (သို့) hardware ချို့ယွင်းချက် တစ်ခုခုကြောင့် OS စနစ် ပျက်သွားပါက ​​ဒေတာ တချို့သည် ​ပျက်သွားလိမ့်မည် (သို့) ပျောက်ဆုံးသွားလိမ့်မည်။ ထို့ကြောင့် စာဝှက်ခြင်းမပြုခင်၊ သင် စာဝှက်မည့် ဖိုင်များကို အရန်သင့် သိမ်းဆည်းရန် သတိပြုပါ။ အကယ်၍ မလုပ်ထားပါက၊ ဖိုင်များကို ယခု အရန်သင့် သိမ်းဆည်းလိုက်ပါ (Defer ကို နှိပ်ပြီး၊ ဖိုင်များကို အရန်သင့် သိမ်းဆည်းပါ၊ ထို့နောက် VeraCrypt ကို ထပ်ဖွင့်ပါ၊ စာဝှက်စနစ်ကို စတင်ရန် 'System' > 'Resume Interrupted Process' ကို နှိပ်ပါ)။\n\nအဆင်သင့် ဖြစ်သည့်အခါ၊ စာဝှက်စနစ် စတင်ရန် စာဝှက်ရန် ကို နှိပ်ပါ။ - စာဝှက်ခြင်း (သို့) စာဝှက်ဖေါ်ခြင်း လုပ်ငန်းစဉ်ကို ရပ်တန်းရန် ခေတ္တရပ်နားရန် (သို့) ရွှေ့ဆိုင်းရန် ကို အချိန်မရွေး နှိပ်ပါ၊ ဤအညွှန်းမှ ထွက်ပြီး၊ သင့်ကွန်ပျူတာကို ပြန်ဖွင့်ပါ (သို့) စက်ပိတ်လိုက်ပါ။ ထို့နောက် လုပ်ငန်းစဉ်ကို ပြန်စပါ။ ယခင်က ရပ်တန့်ခဲ့သော နေရာမှ ပြန်စတင်မည် ဖြစ်သည်။ ကွန်ပျူတာစနစ် drive ထဲမှ ဒေတာများကို ရေးသားနေစဉ် (သို့) ဖတ်ရှုနေစဉ် ကွန်ပျူတာစနစ် (သို့) အ​ပ္ပလီကေးရှင်းများ နှေးကွေးမရှိစေရန်၊ VeraCrypt သည် ဒေတာများကို ရေးသားခြင်း (သို့) ဖတ်ရှုခြင်း (အထက်မှ အနေအထားကို ကြည့်ပါ) ပြီးစီးသည့်အခါ စောင့်​ဆိုင်းမည် ဖြစ်ပြီး၊ စာဝှက်ခြင်း (သို့) စာဝှက် ဖေါ်ခြင်းကို အလိုအလျောက် ဆက်လုပ်မည် ဖြစ်သည်။ - \n\n စာဝှက်ခြင်း လုပ်ငန်းစဉ်ကို ရပ်တန့်ရန် ခေတ္တရပ်နားရန်၊ ရွှေ့ဆိုင်းရန် ကို သင် နှိပ်နိုင်သည်။ ဤအညွှန်းကို ပိတ်ပါ၊ သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ (သို့) စက်ပိတ်ပါ။ ထို့နောက် လုပ်ငန်းစဉ်ကို ​ပြန်စပါ။ ၄င်းသည် ယခင်က ရပ်နားထားသည့် နေရာမှ ပြန်စမည် ဖြစ်သည်။ volume ကို အပြည့်အ၀ စာဝှက် မပြီးမချင်း အစပျိုးနိုင်မည် မဟုတ်ပါ။ - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - လျှို့ဝှက် ကွန်ပျူတာစနစ် စတင်နေပြီ - မူလ ကွန်ပျူတာစနစ် - Windows သည် မှတ်တမ်းဖိုင်များ၊ ယာယီဖိုင်များ အမျိုးမျိုးကို (သင် မသိရှိပဲ) ကွန်ပျူတာစနစ် အခန်းကန့်ထဲ၌ ဖန်တီးလေ့ရှိသည်။ RAM ၌ ရှိသော အကြောင်းအရာကိုလည်း hibernation ပြုလုပ်ရာ၌ နေရာ သက်သာစေပြီး ကွန်ပျူတာစနစ် အခန်းကန့်၌ ရှိသော ဖိုင်များကို ဆက်သွယ်ပေးသည်။ ရန်သူ တစ်ဦးတစ်ယောက်သည် သင့် မူရင်း ကွန်ပျူတာစနစ် (မူပွားထားသော လျှို့ဝှက် ကွန်ပျူတာစနစ်ထဲ) ၌ တည်ရှိနေသော အခန်းကန့်ထဲ သိမ်းဆည်းခဲ့သော ဖိုင်များကို စစ်ဆေးပြီး သိရှိသွားနိုင်သည်။ ဥပမာ အားဖြင့်၊ VeraCrypt အညွှန်းကို hidden-system-creation စနစ်ဖြင့် သုံးစွဲနေမှု (ဤနည်းဖြင့် သင့်ကွန်ပျူတာ၌ လျှို့ဝှက် OS ရှိနေကြောင်း ညွှန်​ပြပေးနိုင်သည်)။\n\n ယင်းကဲ့သို့ ပြဿနာမျိုး မဖြစ်ပွားရန်၊ VeraCrypt သည်၊ နောက်တစ်ဆင့်၌၊ မူရင်း ကွန်ပျူတာစနစ် တည်ရှိသော အခန်းကန့်မှ အကြောင်းအရာ တစ်ခုလုံးကို ပယ်ရှင်းပစ်မည် ဖြစ်သည်။ ထို့နောက်၊ ငြင်းပယ်နိုင်မှုကို ​​ရရှိနိုင်ရန်၊ အခန်းကန့်ထဲ၌ ကွန်ပျူတာစနစ် အသစ်တစ်ခုကို သင် ထည့်သွင်းပြီး ၄င်းကို စာဝှက်ရန် လိုအပ်လိမ့်မည်။ ဤ​နည်းဖြင့်၊ မျက်လှည့် ကွန်ပျူတာစနစ်ကို ဖန်တီးပြီး လျှို့ဝှက် OS စနစ် ဖန်တီးမှု လုပ်ငန်းစဉ် ပြီးမြောက်သွားမည် ဖြစ်သည်။ - လျှို့ဝှက် OS စနစ်ကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီ။ ၄င်းကို စတင် အသုံးမပြုမီ (ငြင်းပယ်နိုင်မှု မ​ရရှိမီ)၊ လက်ရှိ OS စနစ် ထည့်သွင်းထားသော အခန်းကန့်ရှိ အကြောင်းအရာ တစ်ခုလုံးကို (VeraCrypt အသုံးပြုပြီး) လုံခြုံ​စွာ ပယ်ဖျက်ရန် လိုအပ်သည်။ ဤကဲ့သို့ မလုပ်ဆောင်မီ၊ ကွန်ပျူတာကို ပြန်ဖွင့်ရန် လိုအပ်ပြီး၊ (Windows မစမီ ​မြင်ရသော) VeraCrypt Boot Loader မျက်နှာပြင်၌ လျှို့ဝှက် OS စနစ်အတွက် စက်မတင်မီ အတည်ပြု စကားဝှက်ကို ရေးထည့်ပါ။ ထို့နောက်၊ လျှို့ဝှက် ကွန်ပျူတာစနစ် စတင်ပြီးနောက်၊ VeraCrypt အညွှန်းသည် အလိုအလျောက် ပွင့်လာလိမ့်မည်။\n\n မှတ်ချက် - အကယ်၍ လျှို့ဝှက် ကွန်ပျူတာစနစ် ဖန်တီးသည့် လုပ်ငန်းစဉ်ကို ယခု ရပ်ဆိုင်းရန် ရွေးချယ်ပါက၊ လုပ်ငန်းစဉ်ကို သင် ပြန်စနိုင်မည် မဟုတ်ပဲ လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို (VeraCrypt Boot Loader ကို ဖယ်ရှားမည် ဖြစ်သောကြောင့်) ဖွင့်နိုင်မည် မဟုတ်ပါ။ - သင်သည် လျှို့ဝှက် OS စနစ် ဖန်တီးမှု လုပ်ငန်းစဉ် အစီအစဉ်ကို သတ်မှတ်လိုက်ပြီ။ လုပ်ငန်းစဉ် မပြီးစီးသေးပါ။ ၄င်းကို အပြီးသတ်ရန်၊ သင့်ကွန်ပျူတာကို ပြန်ဖွင့်ပြီး (Windows မပွင့်ခင် မြင်ရသော) VeraCrypt Boot Loade မျက်နှာပြင်၌ လျှို့ဝှက် OS စနစ်အတွက် စကားဝှက်ကို ရေးထည့်ပါ။\n\nမှတ်ချက် - လျှို့ဝှက် OS စနစ် ဖန်တီးသော လုပ်ငန်းစဉ်ကို အဆုံးသတ်ရန် သင် ရွေးချယ်ပါက၊ ၄င်းလုပ်ငန်းစဉ်ကို ပြန်စနိုင်တော့မည် မဟုတ်ပါ။ - ကွန်ပျူတာကို ပြန်ဖွင့်ပြီး ဆက်လုပ်ပါ - လျှို့ဝှက် OS စနစ် ဖန်တီးမှု လုပ်ငန်းစဉ်ကို အမြဲတမ်း အဆုံးသတ်ရန် - ယခု ဘာမှ လုပ်ဆောင်ရန်မလိုပဲ နောက်မှ ထပ်မေးပါ - \nအကယ်၍ ဖြစ်နိုင်လျှင်၊ ဤစာတမ်းကို ပရင့်ထုတ်ပါ (အောက်မှ 'ပရင့်ထုတ်ရန်' ကို နှိပ်ပါ)။\n\n\n(စာဝှက်ပြီးနောက်) VeraCrypt ဆယ်တင်ရေး အခွေကို မည်သည့်အခါ မည်ကဲ့သို့ အသုံးပြုမည်နည်း။\n-------------------------------------------------------------------------------------------------------\n\n - ၁။ VeraCrypt ဆယ်တင်ရေး အခွေမှ Boot တက်နည်း\n\nVeraCrypt ဆယ်တင်ရေး အခွေမှ boot တက်ရန်၊ ၄င်းကို CD/DVD drive ထဲ ထည့်ပြီး ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။ အကယ်၍ VeraCrypt ဆယ်တင်ရေး အခွေ ပေါ်မလာပါက (သို့မဟုတ်၊ မျက်နှာပြင်ရှိ 'Keyboard Controls' အခန်း၌ 'Repair Options' ကို မတွေ့ရပါက)၊ BIOS ကို hard drives မှ boot တက်ရန် ပြုပြင်ထားသောကြောင့် ဖြစ်နိုင်သည်။ အကယ်၍ ယင်းသည် ပြဿနာ ဖြစ်လာပါက၊ သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ၊ (BIOS စတက်လာသည့်အချိန်တွင်) F2 (သို့) Delete ကို နှိပ်ပြီး BIOS ပြုပြင်ဖန်တီးရေး မျက်နှာပြင် ပေါ်လာသည့်အထိ စောင့်ဆိုင်းပါ။ အကယ်၍ BIOS ပြုပြင်ဖန်တီးရေး မျက်နှာပြင် ပေါ်မလာပါက၊ ကွန်ပျူတာကို ပြန်ဖွင့် (ပြန်ချိန်) ပြီး F2 (သို့) Delete ကို ထပ်ခါတလဲလဲ ဖိထားပါ။ BIOS ပြုပြင်ဖန်တီးရေး မျက်နှာပြင် ပေါ်လာသည့်အခါ၊ သင့် BIOS ကို CD/DVD drive (ထိုသို့ လုပ်ဆောင်နည်းကို BIOS/motherboard အတွက် အသုံးပြုနည်း လမ်းညွှန်ကို လေ့လာပါ သို့မဟုတ် ကွန်ပျူတာ ရောင်းချသူထံမှ နည်းပညာဆိုင်ရာ အထောက်အပံ့ အဖွဲ့၏ အကူအညီကို ရယူပါ) မှ စတင် boot တက်လာရန် ပြုပြင်လိုက်ပါ။ ထို့နောက် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။ VeraCrypt ဆယ်တင်ရေး အခွေမှ မျက်နှာပြင်ကို မြင်ရ​လိမ့်မည်။ မှတ်ချက် - VeraCrypt ဆယ်တင်ရေး အခွေမှ မျက်နှာပြင်၌၊ သင့် ကီးဘုတ်မှ F8 ကို နှိပ်ပြီး၊ 'Repair Options' ကို ရွေးချယ်နိုင်သည်။\n\n\n - ၂။ (စာဝှက်ပြီးသည့်အခါ) VeraCrypt ဆယ်တင်ရေး အခွေကို သုံးစွဲမည့် အချိန်နှင့် သုံစွဲနည်း\n\n - ၁) အကယ်၍ ကွန်ပျူတာကို စဖွင့်သည့်အခါ VeraCrypt Boot Loader မျက်နှာပြင် တက်မလာပါက (သို့မဟုတ် Windows boot မတက်ပါက)၊ VeraCrypt Boot Loader ပျက်စီးသွား၍ ဖြစ်နိုင်သည်။ VeraCrypt ဆယ်တင်ရေး အခွေကို သုံးပြီး ၎င်းကို နဂိုအတိုင်း ပြန်ထားနိုင်ပြီး စာဝှက်ထားသော သင် ကွန်ပျူတာစနစ်နှင့် ဒေတာများကို ပြန်လည် ရရှိစေနိုင်သည် (သို့သော်၊ စကားဝှက်အမှန်ကို သင် ရေးထည့်ရဦးမည် ဖြစ်သည်)။ ဆယ်တင်ရေး ​အခွေတွင်၊ 'Repair Options' > 'Restore VeraCrypt Boot Loader' ကို ရွေးပါ။ ထို့နောက် လုပ်ဆောင်ချက်ကို အတည်ပြုရန် 'Y' ကို နှိပ်ပါ။ သင့် ဆယ်တင်ရေး အခွေကို CD/DVD drive မှ ထုတ်ပြီး ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။\n\n - ၂) အကယ်၍ သင်သည် စကားဝှက်အမှန်ကို ထပ်ခါတလဲလဲ ရေးထည့်သော်လည်း စကားဝှက် မှားသည့်ဟု​ ဖေါ်ပြပါက၊ မာစတာကီး (သို့) အခြား အရေးကြီး ဒေတာများ ပျက်စီးသွား၍ ဖြစ်နိုင်သည်။ VeraCrypt ဆယ်တင်ရေး အခွေကို သုံးပြီး ၄င်းတို့ကို နဂိုအတိုင်း ပြန်ထားနိုင်ပြီး စာဝှက်ထားသော ကွန်ပျူတာစနစ်နှင့် ဒေတာများကို ပြန်လည် ရယူနိုင်သည် (သို့သော်၊ စကားဝှက်အမှန်ကို သင် ရေးထည့်ရမည် ဖြစ်သည်)။ ဆယ်တင်ရေး အခွေတွင်၊ 'Repair Options' > 'Restore key data' ကို ရွေးချယ်ပါ။ ထို့နောက် စကားဝှက်ကို ရေးထည့်ပြီး၊ လုပ်ဆောင်ချက်ကို အတည်ပြုရန် 'Y' ကို နှိပ်ပါ။ ဆယ်တင်ရေး အခွေကို CD/DVD drive မှ ထုတ်ပြီး သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။\n\n - ၃) အကယ်၍ VeraCrypt Boot Loade ပျက်စီးသွားပါက၊ VeraCrypt ဆယ်တင်ရေး အခွေမှ တိုက်ရိုက် boot တက်ပြီး ၄င်းကို ရှောင်လွှဲနိုင်သည်။ ဆယ်တင်ရေး အခွေကို CD/DVD drive ထဲတွင် ထည့်ပြီး ဆယ်တင်ရေး မျက်နှာပြင်တွင် သင့် စကားဝှက်ကို ရေးထည့်ပါ။\n\n - ၄) အကယ်၍ Windows ပျက်စီးသွားပြီး စက်မတက်နိုင်ပါက၊ VeraCrypt ဆယ်တင်ရေး အ​ခွေကို သုံးပြီးWindows မတက်မီ အခန်းကန့်/drive ကို အမြဲတမ်း စာဝှက်ဖြည်နိုင်သည်။ ဆယ်တင်ရေး အခွေ မျက်နှာပြင်ပေါ်တွင်၊ 'Repair Options' > 'Permanently decrypt system partition/drive' ကို ရွေးပါ။ စကားဝှက် အမှန်ကို ရေးထည့်ပြီး စာဝှက်ဖြည်ခြင်း ပြီးဆုံးသည်အထိ စောင့်ဆိုင်းပါ။ ထို့နောက် သင့် Windows ထည့်သွင်းမှုကို ပြုပြင်ရန် MS Windows setup CD/DVD ဖြင့် boot တက်နိုင်သည်။\n\n - မှတ်ချက် - တစ်နည်းအားဖြင့်၊ Windows ပျက်စီးသွားပြီး (ဖွင့်မရ) ၄င်းကို (ဖိုင်များကို ရယူရန်) ပြုပြင်ရန် လိုအပ်ပါက၊ အောက်ပါ အဆင့်များဖြင့် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်မဖြည်နိုင်ရန် ရှောင်ရှားနိုင်သည် - အကယ်၍ သင့် ကွန်ပျူတာ၌ OS စနစ် မျိုးစုံ ထည့်သွင်းထားပါက၊ ၄င်းကို စက်မတက်မီ ကြိုတင် စစ်ဆေးစရာမလိုပဲ boot တက်နိုင်သည်။ အကယ်၍ သင့်ကွန်ပျူတာတွင် OS စနစ် မျိုးစုံ ထည့်သွင်းမထားပါက၊ WinPE (သို့) BartPE CD/DVD မှ boot တက်နိုင်သည်။ သို့မဟုတ် သင့် ကွန်ပျူတာစနစ် drive ကို secondary drive (သို့) ပြင် drive အနေဖြင့် အခြား ကွန်ပျူတာနှင့် ချိတ်ဆက်ပြီး ကွန်ပျူတာ​ထဲတွင် ထည့်သွင်းထာသော OS စနစ်မှ boot တက်လိုက်ပါ။ ကွန်ပျူတာစနစ်ကို boot တက်ပြီးနောက်၊ VeraCrypt ကို ဖွင့်ပါ။ 'Select Device' ကို ရွေးပါ။ ထိခိုက်နေသော ကွန်ပျူတာစနစ် အခန်းကန့်ကို ရွေးပြီး၊ 'OK' နှိပ်ပါ။ 'System' > 'Mount Without Pre-Boot Authentication' ကို ရွေးပြီး၊ စက်မတက်မီ ကြိုတင် အတည်ပြု စကားဝှက်ကို ရေးထည့်ကာ၊ 'OK' ခလုတ်ကို နှိပ်ပါ။ အခန်းကန့်ကို ပုံမှန် VeraCrypt volume အစပျိုးလာလိမ့်မည် (ဒေတာများကို RAM ထဲ၌ ချက်ခြင်း စာဝှက်/စာဝှက်ဖြည်ပေးသွားမည် ဖြစ်သည်)။\n\n\n - အကယ်၍ သင့် VeraCrypt ဆယ်တင်ရေး အခွေ ​ပျောက်ဆုံးသွားပြီး ရန်သူလက်ထဲ ရောက်သွားပါက၊ ကွန်ပျူတာစနစ် အခန်းကန့် (သို့) drive ကို စကားဝှက်အမှန် မပါကဲ စာဝှက်ဖြည်နိုင်မည် မဟုတ်ပါ။ - \n\nအ ရေး ကြီး ချက် -- ဖြစ်နိုင်လျှင် ဤစာတမ်းကို ပရင့်ထုတ်ပါ (အောက်ပါ 'ပရင့်ထုတ်ရန်' ခလုတ်ကို နှိပ်ပါ)။\n\n\nမှတ်ချက် - ဤစာတမ်းသည် မျက်လှည့် ကွန်ပျူတာစနစ်ကို သင် စတင် ဖန်တီးသည်အထိ လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို သင် စဖွင့်သည့်အခါတိုင်း အလိုအလျောက် ပြနေမည် ဖြစ်သည်။\n\n\n - မျက်လှည့် ကွန်ပျူတာစနစ်ကို လုံခြုံစိတ်ချစွာ ဖန်တီးနည်း\n-------------------------------------------------------------\n\nငြင်းပယ်နိုင်မှုကို ရရှိနိုင်ရန်၊ မျက်လှည့် ကွန်ပျူတာစနစ်ကို ယခု သင်ဖန်တီးရန် လိုအပ်သည်။ ထိုသို့ ပြုလုပ်ရန်၊ အောက်ပါ အဆင့်များကို လုပ်ဆောင်ပါ -\n\n - ၁) လုံခြုံရေး အကြောင်းများကြောင့်၊ သင့်ကွန်ပျူတာကို စက်ပိတ်ပြီး မိနစ် အတန်ကြာ မီးပိတ်ထားပါ (ကြာလေ၊ ကောင်းလေ ဖြစ်သည်)။ အရေးကြီး ဒေတာများ ပါရှိသော မှတ်ဉာဏ်ကို ရှင်းလင်းပေးရန် လိုအပ်သည်။ ထို့နောက် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ၊ သို့သော် လျှို့ဝှက် ကွန်ပျူတာစနစ်မှboot မတက်ပါနှင့်။\n\n - ၂) Windows ကို အကြောင်းအရာများ ပယ်ဖျက်လိုက်သည့် အခန်းကန့်ထဲ၌ (ဥပမာ - မူရင်း ကွန်ပျူတာစနစ် တည်ရှိသော အခန်းကန့်တွင်) ထည့်သွင်းပါ။\n\nအရေးကြီးချက် - မျက်လှည့် ကွန်ပျူတာစနစ်ကို စတင် ထည့်သွင်းသည့်အခါ၊ လျှို့ဝှက် ကွန်ပျူတာစနစ်မှ BOOT တက်နိုင်မည် မဟုတ်ပါ (အဘယ်ကြောင့် ဆိုသော် VeraCrypt Boot Loader ကို Windows စနစ် ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်က ပယ်ဖျက်သွားမည် ဖြစ်သည်)။ ၎င်းသည် ပုံမှန်ဖြစ်ပြီး လိုချင်သည့် အချက် ဖြစ်သည်။အထိတ်တလန့် မဖြစ်ပါနှင့်။ မျက်လှည့် ကွန်ပျူတာစနစ်ကို စတင် စာဝှက်သည်နှင့် တပြိုင်နက် လျှို့ဝှက် ကွန်ပျူတာစနစ်မှ BOOT တက်နိုင်မည် ဖြစ်သည်။(အဘယ်ကြောင့်ဆိုသော် TrueCrpyt သည် ကွန်ပျူတာစနစ် drive ထဲတွင် VeraCrypt Boot Loader ကို အလို​အလျောက် ထည့်သွင်းနိုင်မည် ဖြစ်သည်)။\n\nအရေးကြီးချက် - မျက်လှည့် ကွန်ပျူတာစနစ်၏ အရွယ်အစားသည် လျှို့ဝှက် volume ၏ အရွယ်အစားနှင့် အတူတူ ဖြစ်ရမည်။ ထို့နောက်၊ မျက်လှည့် ကွန်ပျူတာစနစ် အခန်းကန့်နှင့် လျှို့ဝှက် ကွန်ပျူတာစနစ် တည်ရှိသော နေရာအ​ကြားတွင် မည်သည့် အခန်းကန့်ကိုမျှ သင် မဖန်တီးရပါ။\n\n - ၃) မျက်လှည့် ကွန်ပျူတာစနစ်မှ Boot တက်ပါ (အဆင့် ၂ ၌ ၄င်းကို သင် ထည့်သွင်းထားပြီး ၄င်း၌ VeraCrypt ကို ထည့်သွင်းထားသည်)။\n\nမျက်လှည့် ကွန်ပျူတာစနစ်၌ အရေးကြီးသော ဒေတာများ မပါရန် သတိပြုပါ။\n\n - ၄) မျက်လှည့် ကွန်ပျူတာစနစ်၌၊ VeraCrypt ကို ဖွင့်ပြီး 'System' > 'Encrypt System Partition/Drive' ကို ရွေးပါ။ VeraCrypt Volume ဖန်တီးမှု အညွှန်း ၀င်းဒိုးပေါ်လာလိမ့်မည်။\n\nအောက်ပါ အဆင့်များသည် VeraCrypt Volume ဖန်တီးမှု အညွှန်းနှင့် ကိုက်ညီသည်။\n\n - ၅) VeraCrypt Volume ဖန်တီးမှု အညွှန်းထဲတွင်၊ 'Hidden' ရွေးစရာကို မရွေးချယ်ပါနှင့်။ 'Normal' ရွေးစရာကို ရွေးထားပြီး 'ရှေ့သို့' ကို နှိပ်ပါ။\n\n - ၆) 'Encrypt the Windows system partition' ရွေးစရာကို ရွေးပြီးနောက်၊ 'ရှေ့သို့' ကို နှိပ်ပါ။\n\n - ၇) အကယ်၍ သင့်ကွန်ပျူတာ၌ လျှို့ဝှက် ကွန်ပျူတာစနစ်နှင့် မျက်လှည့် ကွန်ပျူတာစနစ်ကိုသာ ထည့်သွင်းထားလျှင်၊ ရေးစရာ 'Single-boot' ကို ရွေးပြီး (အကယ်၍ ကွန်ပျူတာစနစ် နှစ်ခုထက် ပို၍ ထည့်သွင်းထားလျှင်၊'Multi-boot' ကို ရွေးချယ်ပါ) 'ရှေ့သို့' ခလုတ်ကို နှိပ်ပါ။\n\n - ၈) အရေးကြီးချက် - ဤအဆင့်၌၊ မျက်လှည့် ကွန်ပျူတာစနစ်အတွက်နှင့် ပါတ်သက်ပြီး၊ လျှို့ဝှက် ကွန်ပျူတာစနစ်အတွက် သင် ရွေးချယ်ခဲ့သော အလားတူ စာဝှက်စနစ် အယ်လဂိုရီသမ်နှင့် HASH အယ်လဂိုရီသမ်တို့ကို သင် ရွေးချယ်ရမည်။ တနည်းအားဖြင့်၊ လျှို့ဝှက် ကွန်ပျူတာစနစ်ထဲ ၀င်နိုင်မည် မဟုတ်ပါ။ တစ်မျိုး ပြောရလျှင်၊ မျက်လှည့် ကွန်ပျူတာစနစ်ကို လျှို့ဝှက် ကွန်ပျူတာစနစ်ကဲ့သို့ အလားတူ အယ်လဂိုရီသမ်ဖြင့် စာဝှက်ထားရမည် ဖြစ်သည်။ မှတ်ရန် - အကြောင်းမှာ မျက်လှည့် ကွန်ပျူတာစနစ်နှင့် လျှို့ဝှက် ကွန်ပျူတာစနစ်တို့သည် အယ်လဂိုရီသမ် တစ်မျိုးတည်းကိုသာ ထောက်ပံ့​ထားသော boot loader တစ်မျိုးတည်းကို သုံးစွဲသူ၏ ရွေးချယ်မှုဖြင့် မျှဝေ သုံးစွဲကြသည် (အယ်လဂိုရီသမ် တစ်ခုစီအတွက်၊ VeraCrypt Boot Loader အထူးဗားရှား တစ်ခု ရှိသည်။)\n\n - ၉) ဤအဆင့်၌၊ မျက်လှည့် OS စနစ်အတွက် စကားဝှက် တစ်ခုကို ရွေးချယ်ပါ။အကယ်၍ ရန်သူ တစ်ဦးတစ်ယောက်က စက်မတက်မီ အတည်ပြု စကားဝှက်ကို ဖေါ်ပြရန် အတင်းအကျပ် တောင်းဆိုလာသည့်အခါ ထုတ်ပြနိုင်သည့် စကားဝှက် ဖြစ်သည် (အခြား စကားဝှက်မှာ ပြင်ပ volume အတွက် ဖြစ်သည်)။ တတိယ စကားဝှက် (လျှို့ဝှက် OS စနစ်အတွက် စက်မတက်မီ အတည်ပြု စကားဝှက် ဖြစ်သည်) ကို လျှို့ဝှက် ထားရမည် ဖြစ်သည်။\n\nအရေးကြီးချက် - မျက်လှည့် ကွန်ပျူတာစနစ်အတွက် သင် ရွေးချယ်ထားသော စကားဝှက်သည် လျှို့ဝှက် volume အတွက် သင် ရွေးချယ်ခဲ့သော စကားဝှက်နှင့် ခြားနားရမည် (လျှို့ဝှက် OS စနစ်အတွက်)။\n\n - ၁၀) မျက်လှည့် OS စနစ်ကို စာဝှက်ရန် အညွှန်းထဲ၌ ပါသော ညွန်ကြားချက်အတိုင်း လုပ်ဆောင်ပါ။\n\n\n\n - မျက်လှည့် ကွန်ပျူတာစနစ် ဖန်တီးပြီးနောက်\n-----------------------------------------------\n\nမျက်လှည့် ကွန်ပျူတာစနစ်ကို စာဝှက်ပြီးနောက်၊ လျှို့ဝှက် OS စနစ် ဖန်တီးသည့် လုပ်ငန်းစဉ် တစ်ခုလုံး ပြီးစီးသွားမည် ဖြစ်ပြီး၊ အောက်ပါ စကားဝှက် သုံးမျိုးကို သင် သုံးစွဲနိုင်မည် ဖြစ်သည် - \n\n၁) လျှို့ဝှက် OS စနစ်အတွက် စက်မတက်မီ အတည်ပြု စကားဝှက်။\n\n၂) မျက်လှည် OS စနစ်အတွက် စက်မတက်မီ အတည်ပြု စကားဝှက်။\n\n၃) ပြင်ပ volume အတွက် စကားဝှက်။\n\n - အကယ်၍ လျှို့ဝှက် OS စနစ်ကို သင် စဖွင့်လိုပါက၊ VeraCrypt Boot Loader မျက်နှာပြင်ရှိ လျှို့ဝှက် OS စနစ်၏ စကားဝှက်ကို သင် ရေးထည့်ရန် လိုအပ်သည် (ကွန်ပျူတာ ဖွင့်သည့်အခါ ပေါ်လာသည်)။\n\nအကယ်၍ မျက်လှည့် OS စနစ်ကို စဖွင့်လိုပါက၊ VeraCrypt Boot Loader မျက်နှာပြင်ရှိ မျက်လှည့် OS စနစ်၏ စကားဝှက်ကို သင် ရေးထည့်ရမည် ဖြစ်သည်။\n\nမျက်လှည့် ကွန်ပျူတာစနစ်၏ စကားဝှက်ကို စက်မတက်မီ အတည်ပြု စကားဝှက်ကို ဖေါ်ပြရန် တစ်ဦးတစ်ယောက်က တောင်းဆိုလာပါက ဖွင့်ပြုနိုင်သည်။ လျှို့ဝှက် volume (နှင့် လျှို့ဝှက် OS စနစ်) ၏ တည်ရှိမှုကို ဆက်လက် လျှို့ဝှက်ထားရမည် ဖြစ်သည်။\n\n - တတိယ စကားဝှက် (ပြင်ပ volume အတွက်) ကို ပြင်ပ volume နှင် လျှို့ဝှက် volume (လျှို့ဝှက် OS စနစ် အပါအဝင်) တို့ တည်ရှိသော ကွန်ပျူတာစနစ် အခန်းကန့်​ နောက်ကွယ်ရှိ ပထမ အခန်းကန့်၏ စကားဝှက်ကို ဖေါ်ပြရန် တစ်စုံတစ်ယောက်က အတင်းအကျပ် တောင်းဆိုလာပါက သင် ဖွင့်ပြနိုင်သည်။ လျှို့ဝှက် volume ၏ တည်ရှိမှုကို ဆက်လယ် လျှို့ဝှက်ထားမည် ဖြစ်သည်။\n\n\n - အကယ်၍ ရန်သူ တစ်ဦးတစ်ယောက်ထံ မျက်လှည့် ကွန်ပျူတာစနစ်၏ စကားဝှက်ကို ဖေါ်ပြမိပါက၊ (မျက်လှည့်) ကွန်ပျူတာစနစ် အခန်းခန့် အလွတ်၌ အဘယ်ကြောင့် ကျပန်း ဒေတာများ ရှိနေသနည်းဟု မေးလာလျှင်၊ သင်အနေဖြင့် ဥပမာ အားဖြင့် - "ယခင်က အခန်းကန့်၌ VeraCrypt က စာဝှက်ခဲ့သော ကွန်ပျူတာစနစ် တစ်ခု ရှိခဲ့သည်၊ သို့သော် စက်မတင်မီ အတည်ပြု စကားဝှက် (သို့မဟုတ် ကွန်ပျူတာစနစ် ပျက်သွားပြီး boot မလုပ်တော့ပါ) ကို ကျွန်တော် မေ့သွားသည်။ ထို့ကြောင့် Windows ကို ကျွန်တော် ထပ်သွင်းပြီး အခန်းကန့်ကို စာဝှက်ထားရခြင်း ဖြစ်သည်" ဟူ၍ ဖြေဆိုနိုင်သည်။\n\n\n - အကယ်၍ ညွှန်ကြားချက် အားလုံးကို လိုက်နာပြီး VeraCrypt သုံးစွဲသူ လမ်းညွှန်ရှိ "လျှို့ဝှက် Volumes နှင့် ပါတ်သက်သော လုံခြုံရေး လိုအပ်ချက်များနှင့် ကြိုတင်ကာကွယ်မှုများ" အခန်းထဲ၌ ဖေါ်ပြထားသော ကြိုတင်ကာကွယ်မှုများနှင့် လိုအပ်ချက်များအတိုင်း လိုက်နာလျှင်၊ ပြင်ပ volume ကို အစပျိုးထားခြင်း (သို့) မျက်လှည့် OS စနစ်ကို စာဝှက်ဖြည်ခြင်း သို့မဟုတ် စဖွင့်ခြင်း ပြုလုပ်လျှင်ပင် လျှို့ဝှက် volume နှင့် လျှို့ဝှက် OS စနစ် တည်ရှိကြောင်း သက်သေပြနိုင်မည် မဟုတ်ပေ။\n\nအကယ်၍ ဤစာတမ်းကို ကော်ပီ တစ်ခုကို သိမ်းဆည်းလျှင် (သို့) ပရင့်ထုတ် (ပရင်တာသည် ၄င်းပရင့်ထုတ်ခဲ့သော မှတ်တမ်းမှတ်ရာများကို ၄င်း၏ drive ထဲ၌ သိမ်းဆည်းမထားပါက) ပြီးလျှင်၊ ၄င်းကို မျက်လှည့် ကွန်ပျူတာစနစ်ကို ဖန်တီးပြီး စာတမ်း (အကယ်၍ ယင်းကော်ပီကို တွေ့ရှိပါက၊ ဤကွန်ပျူတာထဲ၌ လျှို့ဝှက် OS စနစ် ရှိနေကြောင်း ညွှန်​ပြနေလိမ့်မည်) ပါ အချက်အလက် အားလုံးကို နားလည်သဘောပေါက်ပါက ဖျက်ဆီးပစ်ပါ။\n\n - သတိပေးချက် - အကယ်၍ လျှို့ဝှက် VOLUME (လုပ်ဆောင်နည်း အချက်အလက်များကို VeraCrypt သုံးစွဲသူ လမ်းညွှန်ရှိ "လျှို့ဝှက် Volumes များကို မပျက်စီးအောင် ကာကွယ်ခြင်း" ကို လေ့လာပါ) ကို သင် ကာကွယ်မထားပါက၊ ပြင်ပ VOLUME (မျက်လှည့် OS စနစ်ကို ပြင်ပ volume ထဲ၌ ထည့်သွင်းမထားပါ) ၌ ရေးသားခြင်း မပြုပါနှင့်။ သို့မဟုတ်ပါက၊ လျှို့ဝှက် VOLUME (နှင့် ၄င်းအထဲ၌ ရှိသော လျှို့ဝှက် OS စနစ်) ကို အစားထိုးမိနိုင်၊ ဖျက်ဆီးမိနိုင်သည်! - OS စနစ် ကိုယ်ပွား - နောက်အဆင့်များတွင်၊ VeraCrypt သည် ကွန်ပျူတာစနစ် အခန်းကန့်ထဲရှိ အကြောင်းအရာများကို လျှို့ဝှက် volume ထဲ ကော်ပီကူးခြင်းဖြင့် လျှို့ဝှက် OS စနစ်ကို ဖန်တီးသွားမည် ဖြစ်သည် (ကော်ပီးကူးနေသည့် ဒေတာများကို မျက်လှည့် OS စနစ်အတွက် အသုံးပြုမည့် ကီးနှင့် မတူသော စာဝှက်စနစ် ကီးတစ်ခုဖြင့် ချက်ခြင်း စာဝှက်ပေးမည် ဖြစ်သည်)။\n\nစက်မတက်မီ အခြေအနေ (Windows မဖွင့်မီ) တွင် လုပ်ငန်းစဉ်ကို လုပ်ဆောင်သွားမည် ဖြစ်ပြီး ပြီးစီးရန် (ကွန်ပျူတာ အခန်းကန့် အရွယ်အစားနှင့် စွမ်းဆောင်ရည်တို့အပေါ် မူတည်ပြီး) အ​ချိန်အတော်ကြာ ယူမည် ဖြစ်သည် - နာရီ အတော်ကြာ (သို့) ရက်အတန်ကြာ ဖြစ်နိုင်သည်။\n\nဤလုပ်ငန်းစဉ်ကို သင် ရပ်ဆိုင်းနိုင်သည်။ ကွန်ပျူတာကို စက်ပိတ်ထားနိုင်သည်။ OS စနစ်ကို စဖွင့်ပြီး လုပ်ငန်းစဉ်ကို ပြန်စနိုင်သည်။ သို့သော်၊ ၄င်းကို ရပ်ဆိုင်းလိုက်ပါက၊ ကွန်ပျူတာစနစ် ကော်ပီ လုပ်ခြင်း လုပ်ငန်းစဉ် တစ်ခုလုံးကို အစမှ ပြန်လည် စတင်ရမည် ဖြစ်သည် (အဘယ်ကြောင့် ဆိုသော် ကွန်ပျူတာစနစ် အခန်းကန့်ရှိ အကြောင်းအရာသည် ကိုယ်ပွား ပြုလုပ်နေစဉ် ပြောင်းလဲမည် မဟုတ်သောကြောင့် ဖြစ်သည်) - လျှို့ဝှက် OS စနစ် ဖန်တီးမှု လုပ်ငန်းစဉ် တစ်ခုလုံးကို ဖျက်သိမ်းရန် အလိုရှိသလား?\n\nမှတ်ချက် - အကယ်၍ ၄င်းကို ယခု ဖျက်သိမ်းပါက လုပ်ငန်းစဉ်ကို ပြန်စနိုင်မည် မဟုတ်ပါ။ - ကွန်ပျူတာစနစ် စာဝှက်ခြင်း အကြို စမ်းသပ်ချက်ကို ဖျက်သိမ်းလိုသလား? - VeraCrypt စနစ် စာဝှက်ခြင်း အကြို စမ်းသပ်ချက် မအောင်မြင်ပါ။ သင် ထပ်မံ ကြိုးစားလိုသလား?\n\nအကယ်၍ 'မဟုတ်ပါ' ကို ရွေးချယ်ပါက၊ စက်မတင်မီ စစ်ဆေးအတည်ပြုချက် အစိတ်အပိုင်းကို ဖယ်ထုတ်သွားမည် ဖြစ်သည်။\n\nမှတ်ချက်များ - \n\n- အကယ်၍ Windows မတက်မီ VeraCrypt Boot Loader က စကားဝှက် ရေးထည့်ရန် မတောင်းပါက၊ သင့် OS စနစ်သည် ၄င်းကို ထည့်သွင်းထားသော drive မှ boot မတက်၍ ဖြစ်မည်။ ဤအချက်အတွက် ပံ့ပိုးမထားပါ။\n\n- အကယ်၍ သင်သည် AES ကို မသုံးပဲ စာဝှက်စနစ် အယ်လဂိုရီသမ် တစ်ခုကို အသုံးပြုပြီး အကြို စမ်းသပ်ချက် မအောင်မြင်ပါက (စကားဝှက် ရေးထည့်သော်လည်း)၊ စနစ်တကျ စီမံရေးသားခြင်း မပြုသော ဒရိုင်ဘာ တစ်ခုကြောင့် ဖြစ်နိုင်သည်။ 'မဟုတ်ပါ' ကို ရွေးပြီး၊ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို ထပ်မံ စာဝှက်ကြည့်ပါ၊ သို့သော် AES စာဝှက်စနစ် အယ်လဂိုရီသမ်ကို အသုံးပြုပါ (၄င်း၌ မှတ်ဉာဏ် လုပ်အပ်ချက် အနိမ့်ဆုံး ရှိသည်)။\n\nဖြစ်နိုင်ချေ အကြောင်းရင်းများနှင့် ဖြေရှင်းချက်များအတွက်၊ https://veracrypt.codeplex.com/wikipage?title=Troubleshooting ကို လေ့လာပါ။ - ကွန်ပျူတာစနစ် အခန်းကန့်/drive သည် (တစ်၀က်တစ်ပိုင်း ဖြစ်စေ၊ အပြည့်အ၀ ဖြစ်စေ) စာဝှက်ထားပုံ မပေါ်ပါ။ - ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို (တစ်၀က်တစ်ပိုင်း ဖြစ်စေ၊ အပြည့်အ၀ ဖြစ်စေ) စာဝှက်ထားသည်။\n\nဆက်လက် မလုပ်ဆောင်မီ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ဖြည်ပါ။ ထိုသို့ ပြုလုပ်ရန်၊ ပင်မ VeraCrypt ၀င်းဒိုးရှိ မီနူးဘားမှ 'System' > 'Permanently Decrypt System Partition/Drive' ကို ရွေးပါ။ - ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို (တစ်၀က်တစ်ပိုင်း ဖြစ်စေ၊ အပြည့်အ၀ ဖြစ်စေ) စာဝှက်ပြီးသည့်အခါ၊ VeraCrypt (သို့ရာတွင် ၄င်းကို အဆင့်မြှင့်နိုင်ပြီး အလားတူ ဗားရှင်းကို ပြန်လည် ထည့်သွင်းနိုင်သည်) ကို အဆင့်လျှော့၍ မရပါ။ - သင့် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို လောလောဆယ် စာဝှက်ခြင်း၊ စာဝှက်ဖြည်ခြင်း၊ (သို့) ပြုပြင်ခြင်း လုပ်ဆောင်နေသည်။ စာဝှက်ခြင်း/စာဝှက်ဖြည်ခြင်း/ပြုပြင်ခြင်း လုပ်ငန်းစဉ်များကို (သို့မဟုတ် ၄င်း ပြီးစီးသည့်အထိ) ဆက်လက် မလုပ်ဆောင်မီ၊ ရပ်ဆိုင်းလိုက်ပါ။ - VeraCrypt Volume ဖန်တီးခြင်း အညွှန်း ဖြစ်စဉ် တစ်ခုသည် လောလောဆယ် ဤကွန်ပျူတာစနစ်တွင် အလုပ်လုပ်နေပြီး ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ရန်/စာဝှက်​ဖြည်ရန် ပြင်ဆင် လုပ်ဆောင်နေသည်။ ဆက်လက် မလုပ်ဆောင်မီ၊ ၄င်းပြီးစီးသည့်အထိ စောင့်ဆိုင်းပါ (သို့) ပိတ်လိုက်ပါ။ အကယ်၍ ၄င်းကို မပိတ်နိုင်ပါက၊ ဆက်လက် မလုပ်ဆောင်မီ သင့်ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။ - ကွန်ပျူတာစနစ် အခန်းကန့်ကို စာဝှက်ခြင်း (သို့) စာဝှက်ဖြည်ခြင်း လုပ်ငန်းစဉ် မပြီးစီးသေးပါ။ ဆက်လက် မလုပ်ဆောင်မီ ၄င်းပြီးစီးသည့်အထိ စောင့်ဆိုင်းပါ။ - ချို့ယွင်းချက် - ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ခြင်း လုပ်ငန်းစဉ် မပြီးစီးသေးပါ။ ၄င်းကို ပထမဦးစွာ ပြီးစီးရမည် ဖြစ်သသည်။ - ချို့ယွင်းချက် - အခန်းကန့်/volume ကို စာဝှက်သည့် လုပ်ငန်းစဉ် မပြီးစီးသေးပါ။ ၄င်းကို ပထမဦးစွာ ပြီးစီးရမည် ဖြစ်သည်။\n\nမှတ်ချက် - ထိုလုပ်ငန်းစဉ်ကို ပြန်လည် စတင်ရန်၊ VeraCrypt ၏ ပင်မ ၀င်းဒိုးရှိ မီနူးဘားမှ 'Volumes' > 'Resume Interrupted Process' ကို ရွေးပါ။ - စကားဝှက်သည် မှန်ကန်သည်။ VeraCrypt သည် volume ခေါင်းစီးကို အောင်မြင်စွာ စာဝှက်ဖြည်လိုက်ပြီး၊ ဤ volume သည် လျှို့ဝှက် ကွန်ပျူတာစနစ် volume ဖြစ်ကြောင်း စစ်ဆေးတွေ့ရှိသည်။ သို့သော်၊ ဤနည်းဖြင့် လျှို့ဝှက် ကွန်ပျူတာစနစ် volume ၏ ခေါင်းစီးကို မပြုပြင်နိုင်ပါ။\n\nလျှို့ဝှက် ကွန်ပျူတာစနစ် volume ၏ စကားဝှက်ကို ပြောင်းရန်၊ လျှို့ဝှက် volume ၌ရှိသော OS စနစ်ကို boot လုပ်ပါ။ ထို့နောက်၊ VeraCrypt ပင်မ ၀င်းဒိုးရှိ မီနူးဘားမှ 'System' > 'Change Password' ကို ရွေးပါ။\n\n​ခေါင်းစီး ကီး ဆင်းသက်မှု အယ်လဂိုရီသမ်ကို သတ်မှတ်ရန်၊ လျှို့ဝှက် OS စနစ်ကို boot လုပ်ပြီး 'System' > 'Set Header Key Derivation Algorithm' ကို ရွေးပါ။ - VeraCrypt သည် လျှို့ဝှက် ကွန်ပျူတာစနစ် အခန်းကန့်ကို နေရာတကျ စာဝှက်ဖြည်ခြင်းကို ထောက်ပံ့မ​ပေးပါ။\n\nမှတ်ချက် - အကယ်၍ မျက်လှည့် အခန်းကန့်ကို သင် စာဝှက်ဖြည်လိုပါက၊ မျက်လှည့် ကွန်ပျူတာစနစ်ကို boot လုပ်ပါ၊ ထို့နောက် VeraCrypt ပင်မ ဝင်းဒိုးရှိ မီနူးဘားမှ 'System' > 'Permanently Decrypt System Partition/Drive' ကို ရွေးပါ။ - ချို့ယွင်းချက် - မှားနေသော ပါရာမီတာ။ - သင်သည် အခန်းကန့် (သို့) device တစ်ခုကို ရွေးချယ်ခဲ့သည် သို့ရာတါင် သင် ရွေးချယ်လိုက်သော အညွှန်းစနစ်သည် ဖိုင် သိမ်းဆည်းခန်းများအတွက်သာ သင့်လျော်သည်။\n\nအညွန်း စနစ်ကို ပြောင်းလိုသလား? - VeraCrypt ဖိုင် သိမ်းဆည်းခန်းကိုသာ ဖန်တီးလိုသလား? - သင်သည် ကွန်ပျူတာစနစ် အခန်းကန့်/drive (သို့မဟုတ် boot အခန်းကန့်) ကို ရွေးချယ်ခဲ့သည်၊ သို့သော် သင်ရွေးချယ်ခဲ့သော အညွှန်းစနစ်သည် ကွန်ပျူတာစနစ် မဟုတ်သော အခန်းကန့်များ/drives အတွက်သာ သင့်လျှော်သည်။\n\nစက်မတက်မီ စစ်ဆေးအတည်ပြုချက်ကို သင် သတ်မှတ်လိုသလား (ဆိုလိုသည်မှာ Windows boot မတက်မီ/စဖွင့်မီ သင့်စကားဝှက်ကို အကြိမ်တိုင်း ရေးထည့်ရန် လိုအပ်လာမည် ဖြစ်သည်) ထို့နောက် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်လိုသလား? - ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို အမြဲတမ်း စာဝှက်ဖြည်လိုသလား? - သတိပေးချက် - အကယ်၍ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို အမြဲတမ်း စာဝှက်ဖြည်ပါက၊ စာဝှက်မထားသော ဒေတာများကို ၄င်းအထဲ၌ ရေးသားလိမ့်မည် ဖြစ်သည်။\n\nကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို သင် အမြဲတမ်း စာဝှက်ဖြည်လိုသလား? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - သတိပေးချက် - အကယ်၍ သင်သည် ကွန်ပျူတာစနစ် စာဝှက်ရန်အတွက် ဝှက်စာ အဆင့်ဆင့်ကို အသုံးပြုပါက၊ အောက်ပါ ပြဿနာများကို သင် ရင်ဆိုင်ရနိုင်သည် - \n\n၁) VeraCrypt Boot Loader သည် ပုံမှန်ထက် ပိုကြီးသည်။ ထို့ကြောင့်၊ VeraCrypt Boot Loader ၏ အရန်သင့် သိမ်းဆည်းမှု တစ်ခုအတွက် drive track ထဲ၌ နေရာ အလုံအလောက် မရှိပါ။ ထို့ကြောင့်၊ ၄င်းပျက်စီးသွားသည့်အခါတိုင်း (အချို့ ပရိုဂရမ်များအတွက် မူပိုင်ခွင့် တားဆီးရေး activation လုပ်ငန်းစဉ်ကို စနစ်တကျ စီစဉ်ရေးသားခြင်း မလုပ်​သည့်အချိန်အတွင်း)၊ VeraCrypt Boot Loader ကို boot တက်ရန် (သို့) ပြုပြင်ရန် VeraCrypt ဆယ်တင်ရေး အခွေကို သင် သုံးစွဲရမည် ဖြစ်သည်။\n\n၂) အချို့ ကွန်ပျူတာများ၌ Hibernation မှ ပြန်စရန် အချိန် အတော်ကြာတတ်သည်။\n\nထိုကဲ့သို့ ဖြစ်နိုင်ချေ ပြဿနာများကို အဆင့်ဆင့် မဟုတ်သည့် စာဝှက်စနစ် အယ်လဂိုရီသမ်ကို ရွေးခြင်းဖြင့် တားဆီးနိုင်သည် (ဥပမာ - AES)။\n\nသင်သည် ဝှက်စာ အဆင့်ဆင့်ကို အသုံးပြုမည်လား? - အကယ်၍ ယခင်က ဖေါ်ပြခဲ့သော ပြဿနာများ အချို့ကို သင် တွေ့ကြုံရပါက၊ အခန်းကန့်/drive ကို စာဝှက်ပြီး အဆင့်ဆင့်မဟုတ်သော စာဝှက်စနစ် အယ်လဂိုရီသမ်ကို သုံးကာ ထပ်မံ စာဝှက်ကြည့်ပါ (ဥပမာ - AES)။ - သတိပေးချက် - လုံခြုံစိတ်ချရန်အတွက်၊ VeraCrypt ကို လျှို့ဝှက် OS စနစ်၌ မွမ်းမံခြင်း မပြုမီ မျက်လှည့် OS ၌ ၄င်းကို မွမ်းမံထားရမည်။\n\nထိုသို့ ပြုလုပ်ရန်၊ မျက်လှည့် ကွန်ပျူတာစနစ်ကို boot တက်ပြီး ၄င်းအထဲမှ VeraCrypt ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်ကို ဖွင့်ပါ။ လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို boot တက်ပြီး ၄င်းအထဲမှ ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်ကို ဖွင့်ပါ။\n\nမှတ်ချက် - မျက်လှည့် ကွန်ပျူတာစနစ်နှင့် လျှို့ဝှက် ကွန်ပျူတာစနစ် တို့သည် boot loader တစ်ခုတည်းကို မျှဝေ သုံးစွဲနေကြသည်။ အကယ်၍ VeraCrypt ကို လျှို့ဝှက် ကွန်ပျူတာစနစ်ထဲ၌သာ အဆင့်မြှင့်ပါက ()၊ မျက်လှည့် ကွန်ပျူတာစနစ်ထဲ VeraCrypt ဒရိုင်ဘာ တစ်ခုနှင့် VeraCrypt အ​ပ္ပလီကေးရှင်းများ ပါရှိမည် ဖြစ်သည်။ ၄င်းတို့၏ဗားရှင်း နံပါတ်များသည် VeraCrypt Boot Loader ၏ ဗားရှင်း နံပါတ်နှင့် ကွာခြားနေမည် ဖြစ်သည်။ ထိုကဲ့သို့ ကွဲပြားခြားနားမှု​ကြောင့် ဤကွန်ပျူတာ၌ လျှို့ဝှက် OS စနစ် တစ်ခု ရှိနေကြောင်း ညွှန်ပြနေနိုင်သည်။\n\nဆက်လက် လုပ်ဆောင်မည်လား? - ဤ OS စနစ်ကို boot တက်စေသည့် VeraCrypt Boot Loader ၏ ဗားရှင်း နံပါတ်သည် ဤကွန်ပျူတာစနစ်၌ ထည့်သွင်းထားသော VeraCrypt ဒရိုဘာ (အပြင် VeraCrypt အပ္ပလီကေးရှင်းများ) နှင့် ကွာခြားနိုင်သည်။ \n\nဤ OS စနစ်၌ VeraCrypt ကို မွမ်းမံရန် VeraCrypt ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ် (၄င်း၏ ဗားရှင်း နံပါတ်သည် VeraCrypt Boot Loader ၏ နံပါတ်နှင့် အတူတူ ဖြစ်သည်) ကို ဖွင့်ပါ။ - ဤ OS စနစ်ကို boot တက်စေသည့် VeraCrypt Boot Loader ၏ ဗားရှင်း နံပါတ်သည် ဤကွန်ပျူတာစနစ်၌ ထည့်သွင်းထားသော VeraCrypt ဒရိုဘာ (အပြင် VeraCrypt အပ္ပလီကေးရှင်းများ) နှင့် ကွာခြားနိုင်သည်။ ဗားရှင်း အဟောင်းများ၌ နောက်ပိုင်း ဗားရှင်းများတွင် ပြုပြင်လိုက်သော ပရိုဂရမ်အမှား ပါရှိနိုင်သည်။\n\nအကယ်၍ သင်သည် VeraCrypt ဆယ်တင်ရေး အခွေမှ boot မတက်ခဲ့ပါက၊ VeraCrypt ကို ပြန်လည် ထည့်သွင်းပါ (သို့) နောက်ဆုံး ဗားရှင်းသို့ အဆင့်မြှင့်ပါ (boot loader ကိုလည်း မွမ်းမံနိုင်သည်)။\n\n အကယ်၍ VeraCrypt ဆယ်တင်ရေး အခွေမှ boot တက်ပါက၊ ၄င်းကို မွမ်းမံပါ ('System' > 'Create Rescue Disk')။ - VeraCrypt Boot Loader ကို အဆင့်မြှင့်လိုက်ပြီး\n\nVeraCrypt ဆယ်တင်ရေး အခွေ အသစ်ကို ဖန်တီးရန် (VeraCrypt Boot Loader ဗားရှင်းအသစ် ပါ၀င်သော) သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပြီးနောက် 'System' > 'Create Rescue Disk' ကို ရွေးချယ်ရန် အထူး အ​ကြံပြုလိုသည်။ - VeraCrypt Boot Loader ကို အဆင့်မြှင့်လိုက်ပြီး\n\nမျက်လှည့် OS စနစ်ကို boot တက်ပြီးနောက် VeraCrypt ဆယ်တင်ရေး အခွေ အသစ်ကို ဖန်တီးရန် (VeraCrypt Boot Loader ဗားရှင်းအသစ် ပါ၀င်သော) သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပြီးနောက် 'System' > 'Create Rescue Disk' ကို ရွေးချယ်ရန် အထူး အ​ကြံပြုလိုသည်။ - VeraCrypt Boot Loader ကို အဆင့်မြှင့်၍ မရပါ။ - VeraCrypt သည် ကွန်ပျူတာစနစ်၏ drive အရွယ်အစား အမှန်ကို မစစ်ဆေးနိုင်ပါ။ ထို့ကြောင့်၊ OS စနစ် (၄င်းသည် အရွယ်အစား အမှန်ထက် ပိုသေးနိုင်သည်) မှ ထုတ်ပြန်သော အရွယ်အစားကို အသုံးပြုမည် ဖြစ်သည်။ ၄င်းသည် VeraCrypt ၏ ပရိုဂရမ်အမှား တစ်ခု မဟုတ်ပါ။ - သတိပေးချက် - VeraCrypt သည် ဤကွန်ပျူတာစနစ် drive ထဲရှိ လျှို့ဝှက် sectors များကို စစ်ဆေးရန် ကြိုးစားခဲ့ပုံပေါ်သည်။ အကယ်၍ ယခင် စစ်ဆေးမှု လုပ်ငန်းစဉ် အတောအတွင်း ပြဿနာ တစ်စုံတစ်ခု ​ကြုံတွေ့ခဲ့ပါက၊ လျှို့ဝှက် sectors များ စစ်ဆေးခြင်းကို ယခု ကျော်သွားခြင်းဖြင့် ပြဿနာများကို ရှောင်ရှားနိုင်သည်။ အကယ်၍ ဤသို့ ပြုလုပ်ပါက၊ VeraCrypt သည် OS စနစ်မှ ထုတ်ပြန်သော အရွယ်အစားကို အသုံးပြုသွားမည် ဖြစ်သည် (၄င်းသည် drive ၏ အရွယ်အစား အမှန်ထက် ပိုသေးနိုင်သည်)။\n\nဤပြဿနာသည် VeraCrypt ၏ ပရိုဂရမ်အမှား တစ်ခု မဟုတ်ပါ။ - လျှို့ဝှက် sectors များကို စစ်ဆေးခြင်း ကျော်သွားရန် (OS စနစ်မှ ထုတ်ပြန်သော အရွယ်အစားကို သုံးစွဲရန်) - လျှို့ဝှက် sectors များ ထပ်မံ စစ်ဆေးရန် - ချို့ယွင်းချက် - Disk ၌ ရှိသော sectors များ၏ အကြောင်းအရာကို မဖတ်နိုင်ပါ (စက်ပိုင်းဆိုင်ရာ ပျက်စီးမှုကြောင့် ဖြစ်သည်)။\n\nSectors များကို ဖတ်ရှုနိုင်အောင် လုပ်ဆောင်သည့်အခါမှသာ အစီအစဉ်တကျ စာဝှက်ခြင်း လုပ်ငန်းစဉ်ကို လုပ်ဆောင်နိုင်သည်။ Sectors ထဲ၌ သုညများကို ရေးသားခြင်းဖြင့် VeraCrypt သည် ယင်း sectors များကို ဖတ်ရှုနိုင်အောင် လုပ်ဆောင်နိုင်သည် (နောက်ဆက်တွဲ​အနေဖြင့်၊ ယင်းသုည blocks များ အားလုံးကို စာဝှက်နိုင်မည် ဖြစ်သည်)။ သို့သော်၊ ဖတ်မရသော sectors ၌ ရှိသည့် ဒေတာအားလုံး ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ အကယ်၍ ၄င်းကို ရှောင်ရှားလိုပါက၊ သင့်လျှော်သော အခြား ကိရိယာများကို သုံးပြီး ပျက်စီးသွားသော ​ဒေတာ အချို့ကို ပြန်လည် ဆယ်တင်ရန် ကြိုးစားနိုင်သည်။\n\nမှတ်ချက် - ရုပ်ပိုင်းဆိုင်ရာ ပျက်စီးသွားသည့် sectors များနှင့် ပါတ်သက်၍ (ဒေတာ ပျက်စီးခြင်းနှင့် checksum ချို့ယွင်းချက်များနှင့် မတူပဲ) သိုလှောင်ရေး devices အမျိုးအစား အများစုသည် ၄င်းတို့ အထဲတွင် (ပျက်စီးသွားသော sectors များထဲ၌ ရှိသော လက်ရှိ ဒေတာများသည် drive အထဲ၌ စာမဝှက်ပဲ ဆက်လက် တည်ရှိနိုင်ရန်) ဒေတာများကို ရေးသားသည့်အခါ sectors များကို နေရာ ပြောင်းရွှေ့ပေးသည်။\n\nVeraCrypt သည် ဖတ်မရသော sectors များ၌ သုညများ ရေးသားစေလိုသလား? - ျို့ယွင်းချက် - Disk ၌ ရှိသော sectors များ၏ အကြောင်းအရာကို မဖတ်နိုင်ပါ (စက်ပိုင်းဆိုင်ရာ ပျက်စီးမှုကြောင့် ဖြစ်သည်)။\n\nစာဝှက်သည့် လုပ်ငန်းစဉ်ကို ဆက်လုပ်နိုင်ရန်၊ VeraCrypt သည် ဖတ်မရသော sectors များ၏ အကြောင်းအရာများကို စွန့်ပစ်ရမည် ဖြစ်သည် (အကြောင်းအရာများကို pseudorandom ဒေတာများဖြင့် အ​စားထိုးသွားမည် ဖြစ်သည်။ ဆက်လက် မ​လုပ်ဆောင်မီ၊ သင့်လျှော်သော အခြား ကိရိယာများကို သုံးပြီး ပျက်စီးသွားသော ဒေတာ တချို့ကို ပြန်လည် ဆယ်တင်ရန် သင် ကြိုးစားနိုင်သည်။\n\nဖတ်၍ မရသော sectors များရှိ ဒေတာများကို VeraCrypt ကို သုံးပြီး စွန့်ပစ်လိုသလား?ဖတ်၍ မရသော sectors များ၌ VeraCrypt ဖြင့် သုညများကို ရေးသားလိုသလား? - မှတ်ချက် - VeraCrypt သည် %I64d ဖတ်မရသော sectors (%s) ရှိ ​အကြောင်းအရာများကို စာဝှက်ထားသော all-zero စသား block များနှင့် အစားထိုးလိုက်သည်။ - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - တိုကင် '%s' အတွက် စကားဝှက်/PIN နံပါတ် ရေးထည့်ပါ - - VeraCrypt သည် လုံခြုံရေး တိုကင် (သို့) စမတ်ကတ်ကို သုံးစွဲနိုင်ရန်၊ တိုကင် (သို့) စမတ်ကတ် အတွက် ပထမဦးဆုံး PKCS #11 ဆော့ဗ်ဝဲ လိုင်ဘရာရီ တစ်ခုကို ထည့်သွင်း ရမည်ဖြစ်သည်။ ယင်းလိုင်ဘရာရီမျိုးကို device ထဲ၌ ပါလာနိုင်သည် (သို့) ဆော့ဗ်ဝဲ ရောင်းချသော သူ၏ ကွန်ရက် စာမျက်နှာ သို့မဟုတ် အခြား နေရာများမှ ဒေါင်းလုဒ်ဆွဲယူ နိုင်မည် ဖြစ်သည်။\n\nစက်ထဲ လိုင်ဘရာရီကို ထည့်သွင်းပြီးနောက်၊ 'Select Library' ကို နှိပ်ခြင်းဖြင့် ၄င်းကို ကိုယ်တိုင် ရွေးနိုင်သည် (သို့) VeraCrypt ကို ​ရှာစေနိုင်ပြီး 'Auto-Detect Library' (Windows စနစ် ဖိုင်တွဲထဲ၌သာ ​ရှာဖွေမည် ဖြစ်သည်) ကို နှိပ်ပြီး အလိုအလျောက် ရွေးချယ်နိုင်သည်။ - မှတ်ချက် - သင့် လုံခြုံရေး တိုကင် (သို့) စမတ်ကတ် အတွက် ထည့်သွင်းခဲ့သော PKCS #11 လိုင်ဘရာရီ၏ ဖိုင်အမည်နှင့် တည်နေရာအတွက်၊ တိုကင်၊ ကတ်၊ သို့မဟုတ် အခြား ဆော့ဗ်ဝဲနှင့် အတူပါလာသော အသုံးပြုနည်း လက်စွဲကို လေ့လာပါ။\n\nဖိုင် လမ်းကြောင်းနှင့် ဖိုင်အမည်များကို ရွေးချယ်ရန် 'ကောင်းပြီ' ခလုတ်ကို နှိပ်ပါ။ - VeraCrypt သည် လုံခြုံရေး တိုကင် (သို့) စမတ်ကတ်ထဲ ၀င်ရောက်နိုင်ရန်၊ ပထမဦးဆုံး တိုကင်/ကတ်အတွက် PKCS #11 ဆော့ဗ်ဝဲ လိုင်ဘရာရီ တစ်ခုကို ရွေးချယ်ရမည် ဖြစ်သည်။ ထိုသို့ ပြုလုပ်ရန် 'Settings' > 'Security Tokens' ကို ရွေးချယ်ပါ။ - PKCS #11 လုံခြုံရေး တိုကင် လိုင်ဘရာရီကို အစပြု၍ မရပါ။\n\nPKCS #11 လိုင်ဘရာရီ အမှန်သို့ ရည်ညွှန်းသော သတ်မှတ်ထားသည့် ဖိုင် လမ်းကြောင်းနှင့် ဖိုင်အမည်ကို မှန်မမှန် စစ်ဆေးပါ။ PKCS #11 လိုင်ဘရာရီနှင့် ဖိုင်အမည်ကို သတ်မှတ်ရန်၊ 'Settings' > 'Security Tokens' ကို ရွေးချယ်ပါ။ - Windows စနစ် ဖိုင်တွဲထဲ၌ PKCS #11 လိုင်ဘရာရီကို မတွေ့ပါ။\n\nသင့် လုံခြုံရေး တိုကင် (သို့မဟုတ် စမတ်ကတ်) အတွက် PKCS #11 လိုင်ဘရာရီကို (ယင်း လိုင်ပရာရီမျိုးကို တိုကင်/ကတ်နှင့်အတူ ပါလာနိုင်သည် သို့မဟုတ် ဆော့ဗ်ဝဲ ရောင်းချသူ၏ ကွန်ရက် စာမျက်နှာမှ (သို့) အခြား နေရာမှ ဒေါင်းလုဒ် ဆွဲယူနိုင်သည်) စက်ထဲ ထည့်သွင်းရမည် ဖြစ်သည်။ အကယ်၍ ၄င်းကို Windows စနစ် ဖိုင်တွဲထဲ၌ မဟုတ်ပဲ ဖိုင်တွဲ တစ်ခုခု၌ ထည့်သွင်းထားပါက၊ (ဥပမာ - တိုကင်/ကတ် အတွက် ဆော့ဗ်ဝဲ တည်ရှိသော နေရာမှ ဖိုင်တွဲထဲရှိ) လိုင်ဘရာရီကို ဖွင့်ရန် 'Select Library' ကို ​နှိပ်ပါ။ - လုံခြုံရေး တိုကင် ရှာမတွေ့ပါ။\n\nလုံခြုံရေး တိုကင်သည် သင့် ကွန်ပျူတာနှင့် ချိတ်ဆက်ပြီး ၄င်းတိုကင်၏ ဒရိုင်ဘာ အမှန်ကို စက်ထဲ ထည့်သွင်းထားရမည်။ - လုံခြုံရေး တိုကင် ကီးဖိုင် ရှာ​မတွေ့ပါ။ - လုံခြုံရေး တိုကင် ကီးဖိုင်၏ နာမည်တူ ရှိနေပြီး ဖြစ်သည်။ - ရွေးထားသော ဖိုင်များကို ပယ်ဖျက်လိုသလား? - လုံခြုံရေး တိုကင် ကီးဖိုင် လမ်းကြောင်း မမှန်ပါ။ - လုံခြုံရေး တိုကင် ချို့ယွင်းချက် - လုံခြုံရေး တိုကင်၏ စကားဝှက် မမှန်ပါ။ - တောင်းဆိုထားသော လုပ်ငန်းကို ဆောင်ရွတ်ရန် လုံခြုံရေး တိုကင်၌ မှတ်ဉာဏ်/နေရာ အလုံအလောက် မရှိပါ။\n\nအကယ်၍ သင်သည် ကီးဖိုင် တစ်ခုကို တင်သွင်းရန် ကြိုးစားပါက၊ VeraCrypt ('Tools' > 'Keyfile Generator' ကို ရွေးချယ်ပါ) မှ ထုတ်လုပ်သော ဖိုင်အသေး တစ်ခု (သို့) ကီးဖိုင် တစ်ခုကို ရွေးချယ်ပါ။ - ဖွင့်ထားသော လုံခြုံရေး တိုကင် အခန်းများ ပိတ်လိုက်ပြီ။ - လုံခြုံရေး တိုကင် ကီးဖိုင်များကို ရွေးချယ်ပါ - Slot - တိုကင် အမည် - ဖိုင်အမည် - အရေးကြီးချက် - စက်မတက်မီ အတည်​ပြု စကားဝှက်ကို standard US ကီးဘုတ် လေးအောက်ဖြင့် အမြဲ ရေးထည့်ရသည်။ ထို့ကြောင့်၊ အခြား ကီးဘုတ် လေးအောက်ကို အသုံးပြုပြီး စကားဝှက် ရေးထည့်ရသော volume ကို စက်မတက်မီ အတည်ပြု စကားဝှက်ဖြင့် (ဤအရာသည် VeraCrypt ၏ ပရိုဂရမ် အမှား မဟုတ်ပါ) အစပျိုးရန် မဖြစ်နိုင်ချေ။ ယင်းကဲ့သို့ volume မျိုးကို စက်မတက်မီ အတည်ပြု စကားဝှက်ဖြင့် အစပျိုးနိုင်ရန်၊ အောက်ပါ အဆင့်များကို လိုက်နာပါ -\n\n၁) 'ဖိုင် ရွေးရန်' (သို့) 'Device ရွေးရန်' ကို နှိပ်ပြီး volume ကို ရွေးပါ။\n၂) 'Volumes များ' > 'Volume စကားဝှက် ပြောင်းရန်' ကို ရွေးချယ်ပါ။\n၃) Volume ၏ လက်ရှိ စကားဝှက်ကို ရေးထည့်ပါ။\n၄) Windows taskbar မှ ဘာသာစကား ဘား အိုင်ကွန်ပုံကို နှိပ်ပြီးဖြစ်စေ၊ 'EN English (United States)' ကို ရွေးပြီး ဖြစ်စေ ကီးဘုတ် လေးအောက်ကို English (US) အဖြစ် ပြောင်းပါ။\n၅) VeraCrypt ၏ စကားဝှက်အသစ် နေရာကွက်တွင်၊ စက်မတက်မီ အတည်ပြု စကားဝှက်ကို ရေးထည့်ပါ။\n၆) စကားဝှက်အသစ်ကို အတည်ပြုရန် ထပ်မံ ရေးထည့်ပြီး 'ကောင်းပြီ' ခလုတ်ကို နှိပ်ပါ။\nသတိပေးချက် - အကယ်၍ အောက်ပါ အဆင့်များကို လိုက်နာပါက၊ volume စကားဝှက်ကို US ကီး​ဘုတ် လေးအောက် သုံးပြီး အမြဲ ရေးထည့်ရမည် ဖြစ်သည် (၄င်းကို စက်မတက်မီ အခြေအနေတွင်သာ အလိုအလျောက် အတည်ပြုသည်)။ - ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များသည် စက်မတက်မီ အတည်ပြု စကားဝှက်ကို သုံးပြီး အစပျိုးမည် ဖြစ်သည်။ အကယ်၍ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volume တစ်ခုခုသည် အခြား စကားဝှက်တစ်ခုကို အသုံးပြုပါက၊ ၄င်းကို အစပျိုးနိုင်မည် မဟတ်ပါ။ - ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို မထိခိုက်စေရန် အကယ်၍ သာမန် VeraCrypt volume လုပ်ဆောင်ချက်များကို ('အားလုံး အဆုံးသတ်ရန်'၊ အလိုလို-အဆုံးသတ်ရန်၊ စသဖြင့်) တားဆီး​လိုပါက၊ ရွေးစရာ 'စီမံခန့်ခွဲသူကိုသာ ကြည့်ရှုခွင့်ပြုရန်နှင့် VeraCrypt ထဲရှိ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို အဆုံးသတ်ရန်' ကို ဖွင့်ပါ။ ထို့အပြင်၊ VeraCrypt သည် စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်မပါပဲ သုံးစွဲသည့်အခါ၊ ကွန်ပျူတာစနစ် စိက်ကြိုက် volumes များသည် VeraCrypt ပင်ပ အပ္ပလီကေးရှင်း ၀င်းဒိုးရှိ 'Dismount All'အခွင့်အရေးများ (Windows Vista နှင့် နောက်ထွက်တွင် ပုံမှန် ပါရှိသည်) မပါဘဲ ဖွင့်သည့်အခါ VeraCrypt အသုံးချဆော့ဖ်ဝဲလ်အဓိကဝင်းဒိုးထဲရှိ drive အက္ခရာစာရင်းတွင် ဖေါ်ပြလာမည် မဟုတ်ပါ။ - အရေးကြီးချက် - အကယ်၍ ဤရွေးစရာကို ဖွင့်ထားပြီး VeraCrypt ၌ စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့် မရှိပါက၊ အစပျိုးထားသော ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို VeraCrypt အပ္ပလီကေးရှင်းတွင် မြင်တွေ့ရမည် မဟုတ်ပါ၊ ၄င်းတို့ကို အဆုံးသတ်နိုင်မည် မဟုတ်ပါ။ ထို့ကြောင့်၊ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volume ကို အဆုံးသတ်လိုပါက၊ VeraCrypt အိုင်ကွန် (Start မီနူးထဲ) ၌ ညာဖက်နှိပ်ပြီး ပထမဦးဆုံး 'စီမံခန့်ခွဲသူ အဖြစ် ဖွင့်ရန်' ကို ရွေးချယ်ပါ။ အလားတူ ကန့်သတ်ချက်သည် 'အားလုံး အဆုံးသတ်ရန်' ဖန်ရှင်၊ 'အလိုလို-အဆုံးသတ်ရန်' ဖန်ရှင်များ၊ 'အားလုံး အဆုံးသတ်ရန်' အထူးကီးများ၊ စသည်တို့၌ အကျုံးဝင်သည်။ - ဤချိန်ညှိချက်သည် OS စနစ်ကို ပြန်ဖွင့်သည့်အခါ၌သာ သက်ရောက်မှု ရှိမည် ဖြစ်သည်။ - Command line ပိုင်းခြားစိစစ်နေစဉ် ချို့ယွင်းချက်။ - ဆယ်တင်ရေး အခွေ - &ဖိုင်ကို ရွေးပြီး အစပျိုးပါ... - &Device ကို ရွေးပြီး အစပျိုးပါ... - စီမံခန့်ခွဲသူများကိုသာ ကြည့်ရှုခွင့် ပေးပြီး Veracrypt ထဲရှိ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို အဆုံးသတ်ပါ - Windows ဖွင့်လာသည့်အခါ (စက်အတက် လုပ်ငန်းစဉ် အစပိုင်း အဆင့်တွင်) ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို အစပျိုးပါ - သတိပေးချက် - '%s' အဖြစ် အစပျိုးခဲ့​​သော volume ထဲရှိ ဖိုင်စနစ်ကို ရှင်းရှင်း အဆုံးသတ် မထားပါ၊ ၄င်းကြောင့် ချို့ယွင်းချက်များ ပါ၀င်နိုင်သည်။ ပျက်စီးသွားသော ဖိုင်စနစ်ကြောင့် ဒေတာများ ပျောက်ဆုံးနိုင်သည် (သို့) ဒေတာ ပျက်စီးနိုင်သည်။\n\nမှတ်ချက်ရန် - ဖွင့်ထားသော VeraCrypt volume တည်ရှိနေသော နေရာရှိ device တစ်ခု () ကို မဖယ်ရှားမီ၊ VeraCrypt ထဲမှ VeraCrypt volume ကို ပထမဦးဆုံး အမြဲတမ်း အဆုံးသတ်ပေးရမည် ဖြစ်သည်။\n\n\nWindows သည် ဖိုင်စနစ်၌ ရှိသော ချို့ယွင်းချက်များကို (အကယ်၍ ရှိပါက) စစ်ဆေးပြီး ပြုပြင်လိုသလား? - သတိပေးချက် - ကွန်ပျူတာစနစ် စိတ်ကြိုက် volume တစ်ခု (သို့) အများကို ရှင်းလင်းစွာ အဆုံးသတ်မထားပါ၊ ထိုအချက်ကြောင့် ဖိုင်စနစ် ချို့ယွင်းချက်များ ပါရှိနေခြင်း ဖြစ်နိုင်သည်။ နောက်ထပ် အသေးစိတ် အချက်အလက်များကို ကွန်ပျူတာစနစ် ဖြစ်ရပ် မှတ်တမ်းကို လေ့လာပါ။\n\nပျက်စီးသွားသော ဖိုင်စနစ်သည် ဒေတာ ပျောက်ဆုံးခြင်း (သို့) ဒေတာ ပျက်စီးခြင်းကို ​ဖြစ်စေနိုင်သည်။ ထိခိုက်ခံရသော ကွန်ပျူတာစနစ် စိတ်ကြိုက် volume(များ)၌ ချို့ယွင်းချက်များ (VeraCrypt ၌ တစ်ခုချင်းကို ညာဖက်နှိပ်ပြီး 'ဖိုင်စနစ် ပြုပြင်ရန်' ကို ရွေးပါ) ကို သင် စစ်ဆေးကြည့်ရန် လိုသည်။ - သတိပေးချက် - Microsoft 'chkdsk' ကိရိယာ အသုံးပြုပြီး ပျက်စီးသွားသော ဖိုင်စနစ်ကို ပြုပြင်ခြင်းကြောင့် ပျက်စီးသွားသော နေရာများရှိ ဖိုင်များ ပျောက်ဆုံးစေနိုင်သည်။ ထို့ကြောင့်၊ VeraCrypt volume ရှိ ဖိုင်များကို အရန်သင့် သိမ်းဆည်းပြီး အခြား VeraCrypt volume အကောင်း တစ်ခုခု၌ သိမ်းဆည်းရန် အ​ကြံပြုလိုသသည်။\n\nဖိုင်စနစ်ကို ယခု ပြုပြင်လိုသလား? - Volume '%s' ကို ဖတ်နိုင်ရန်သက်သက်သာ အစပျိုးထားသည်၊ အဘယ်ကြောင့် ဆိုသော် ရေးသားခွင့် ပိတ်ထားသောကြောင့် ဖြစ်သည်။\n\nဖိုင် သိမ်းဆည်းခန်း၏ လုံခြုံရေး ခွင့်ပြုချက်များဖြင့် ရေးသားခွင့် ရရှိရန် လုပ်ဆောင်ပါ (သိမ်းဆည်းခန်းကို ညာဖက်နှိပ်ပြီး ဂုဏ်အင်္ဂါရပ်များ > လုံခြုံရေး ကို ရွေးပါ)။\n\nWindows ပြဿနာ တစ်ခုကြောင့်၊ ဤသတိပေးချက်ကို သင့်လျော်သော လုံခြုံရေး ခွင့်ပြုချက်များ ချမှတ်ပြီးနောက် သင် မြင်တွေ့ရမည် ဖြစ်သည်။ ၄င်းသည် VeraCrypt ရှိ ပရိုဂရမ် အမှား တစ်ခုကြောင့် မဟုတ်ပါ။ ဖြစ်နိုင်ချေ ဖြေရှင်းချက်မှာ သင့် သိမ်းဆည်းခန်းကို 'Documents' ဖိုင်တွဲထဲ ပြောင်းရွှေ့ရန် ဖြစ်သည်။\n\nအကယ်၍ သင့် volume ကို ဆက်ထားရန် ရည်ရွယ်ပါက၊ သိမ်းဆည်းခန်း၏ ဖတ်ရှုရန်သက်သက် သတ်မှတ်ချက် (သိမ်းဆည်းခန်းကို ညာဖက်နှိပ်ပြီး ဂုဏ်အင်္ဂါရပ်များ > ဖတ်ရှုရန်သက်သက် ကို ရွေးပါ) ကို ချမှတ်ပါ။ ဤ​နည်းဖြင့် ဒီသတိပေးချက်ကို ပိတ်ထားနိုင်မည် ဖြစ်သည်။ - Volume '%s' ကို ဖတ်ရှုရန်သက်သက် အဖြစ် အစ​ပျိုးပါ၊ အဘယ်ကြောင့် ဆိုသော် ရေးသားခွင့်ကို ပိတ်ထားသောကြောင့် ဖြစ်သည်။\n\nVolume ထားရှိသော ​အခန်းကန့်/device ၌ အခြား အပ္ပလီကေးရှင်းများ (ဥပမာ - ဗိုင်းရပ်စ်သတ် ဆော့ဗ်ဝဲ) မရှိရန် သတိပြုပါ။ - Volume '%s' ကို ဖတ်ရှုရန်သက်သက် အဖြစ် အစပျိုးထားသည်၊ အဘယ်ကြောင့် ဆိုသော် OS စနစ်သည် host device ကို ရေးသားခွင့် ပိတ်ထားရန် တင်ပြထားသောကြောင့် ဖြစ်သည်။\n\nအချို့ စိတ်ကြိုက် chipset ဒရိုင်ဘာများသည် ရေးကူးနိုင်သော မီဒီယာကို ရေးသားခွင့် ပိတ်ထားသည့် ပုံစံပေါ်အောင် တင်ပြထားသည်။ ဤပြဿနာသည် VeraCrypt ကြောင့် မဟုတ်ပါ။ ဤပြဿနာကို ဒီကွန်ပျူတာစနစ်၌ လောလောဆယ် ထည့်သွင်းထားသော (မိုက်ခရိုဆော့ဗ် စနစ်မဟုတ်သော) chipset ဒရိုင်ဘာများကို မွမ်းမံခြင်း (သို့) ဖယ်ထုတ်ခြင်းဖြင့် ဖြေရှင်းနိုင်သည်။ - Hyper-Threading နည်းပညာသည် Physical Core တစ်ခုစီအတွက် Logical Core အများအပြားကို ထောက်ပံ့ပေးသည်။ Hyper-Threading ကို ဖွင့်ထားသည့်အခါ၊ အထက်၌ ရွေးချယ်ထားသော နံပါတ်သည် logical processors/cores များ၏ နံပါတ်ကို ကိုယ်စားပြုပေးသည်။ - %d threads - (စွမ်းဆောင်ရည် အားနည်းသော) Benchmark ရလဒ်များကို ထိခိုက်​​စေသော hardware-accelerated AES ကို ပိတ်ထားသည်။\n\nHardware acceleration ကို ဖွင့်ရန်၊ 'ချိန်ညှိချက်များ' > 'လုပ်ဆောင်ချက်' ကို ရွေးချယ်ပြီး၊ သက်ဆိုင်သော ရွေးစရာကို ပိတ်ထားပါ။ - (စွမ်းဆောင်ရည် အားနည်းသော) Benchmark ရလဒ်များကို ထိခိုက်​​စေသော threads အရေအတွက်ကို လောလောဆယ် ကန့်သတ်ထားသည်။\n\nProcessor(များ) ၏ စွမ်းရည် အပြည့်အ၀ကို အသုံးချရန်၊ 'ချိန်ညှိချက်များ' > 'လုပ်ဆောင်ချက်' ကို ရွေးချယ်ပြီး၊ သက်ဆိုင်သော ရွေးစရာကို ပိတ်ထားပါ။ - အခန်းကန့်/drive ကို ရေးသားနိုင်မှု ပိတ်ထားချက်ကို VeraCrypt ဖြင့် ပိတ်လိုသလား? - သတိပေးချက် - ဤချိန်ညှိချက်သည် စွမ်းဆောင်ရည်ကို နိမ့်ကျစေနိုင်သည်။\n\nဤချိန်ညှိချက်ကို သင်တကယ် အသုံးပြုလိုသလား? - သတိပေးချက် - VeraCrypt volume ကို အလိုလို-အဆုံးသတ်ထားသည် - အစပျိုးထားသော volume တစ်ခုပါသော device တစ်ခုကို ရုပ်ပိုင်းဆိုင်ရာ မဖယ်ရှားမီ (သို့) စက်မပိတ်မီ၊ VeraCrypt ဖြင့် volume ကို ပထမဦးဆုံး အမြဲတမ်း အဆုံးသတ်ရမည် ဖြစ်သည်။\n\nကေဘယ်ကြိုး၊ drive (enclosure) တို့ ပြတ်တောင်းပြတ်တောင်း ဖြစ်နေမှုကြောင့် မမျှော်လင့်သော အလိုလို အဆုံးသတ်မှု ဖြစ်ပွားနေသည်။ - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - စမ်းသပ်ရန် - ကီးဖိုင် - နောက်ပြန်ခလုတ် - Tab ခလုတ် - Clear ခလုတ် - Enter ခလုတ် - ခေတ္တရပ်နား ခလုတ် - Caps Lock ခလုတ် - Spacebar ခလုတ် - Page Up ခလုတ် - Page Down ခလုတ် - End ခလုတ် - Home ခလုတ် - ဘယ်ဖက် မြှား - အထက် မြှား - ညာဖက် မြှား - အောက်ဖက် မြှား - ရွေးချယ် ခလုတ် - ပရင့်ထုတ် ခလုတ် - လုပ်ငန်း ခလုတ် - ပုံရိပ်ဖမ်း ခလုတ် - Insert ခလုတ် - Delete ခလုတ် - အပ္ပလီကေးရှင်း ခလုတ် - စက်ခေတ္တနား ခလုတ် - Num Lock ခလုတ် - Scroll Lock ခလုတ် - ဘရောက်ဇာ နောက်သို့ သွားရန် - ဘရောက်ဇာ ရှေ့သို့ သွားရန် - ဘရောက်ဇာ ပြန်ခေါ်ရန် - ဘရောက်ဇာ ရပ်တန့်ရန် - ဘရောက်ဇာတွင် ရှာဖွေရန် - ဘရောက်ဇာ စိတ်ကြိုက်များ - ဘရောက်ဇာ ပင်မ စာမျက်နှာ - အသံပိတ် ခလုတ် - အသံတိုး ခလုတ် - အသံချဲ့ ခလုတ် - နောက်တစ်ပုဒ် - အရင်တစ်ပုဒ် - မီဒီယာ ရပ်တန့်ရန် - မီဒီယာ ဖွင့်ရန်/ခေတ္တရပ်ရန် - မေးလ်ကီး စဖွင့်ရန် - မီဒီယာကီး ရွေးရန် - အပ္ပလီကေးရှင်း ၁ - အပ္ပလီကေးရှင်း ၂ - Attn ခလုတ် - CrSel ခလုတ် - ExSel ခလုတ် - သီချင်း ဖွင့်ရန် - ချုံ့/ ချဲ့ ခလုတ် - NumPad ခလုတ် - Shift ခလုတ် - Ctrl ခလုတ် - Alt ခလုတ် - Win ခလုတ် - ဘိုက် - ကီလိုဘိုက် - မီဂါဘိုက် - ဂစ်ဂါဘိုက် - တယ်ရာဘိုက် - ပီတာဘိုက် - ဘိုက်/စက္ကန့် - ကီလိုဘိုက်/စက္ကန့် - မီဂါဘိုက်/စက္ကန့် - ဂစ်ဂါဘိုက်/စက္ကန့် - တယ်ရာဘိုက်/စက္ကန့် - ပီတာဘိုက်/စက္ကန့် - ... - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + ဖျက်သိမ်းရန်​ + သုံးစွဲသူ အားလုံးအတွက် စက်ထဲ ထည့်သွင်းရန် + ဖွင့်ကြည့်ရန်... + VeraCrypt အိုင်ကွန်ပုံကို &Desktop ထဲ ထည့်သွင်းရန် + ယခု လှူဒါန်းရန်... + .hc ဖိုင် &extension ကို VeraCrypt ဖြင့် တွဲဖက်ရန် + ပြီးစီးသည့်အခါ ထားရှိမည့် နေရာကို ဖွင့်ရန် + VeraCrypt ကို &Start မီနူးထဲ ထည့်သွင်းရန် + စက်လည်ပတ်မှုစနစ် ပြန်ရယူနိုင်သည့် အချိန်တစ်ခုခု သတ်မှတ်ရန် + ဖယ်ထုတ်ရန် + ဖြည်ချရန် + စက်ထဲ ထည့်သွင်းရန် + VeraCrypt တည်ဆောက်မှု အညွှန်း + VeraCrypt ကို ဖယ်ထုတ်ရန် + အကူအညီ + ဖြည်ချခဲ့သည့် ဖိုင်များကို ထားရှိလိုသော ​တည်နေရာကို ရွေးချယ်ပါ (သို့) ရေးထည့်ပါ - + VeraCrypt ပရိုဂရမ် ဖိုင်များကို ထည့်သွင်းလိုသည့် တည်နေရာကို ရွေးချယ်ပါ (သို့) ရေးထည့်ပါ။ သတ်မှတ်ထားသော ဖိုင်တွဲ မရှိပါက၊ အလိုလျှောက် ဖန်တီးပေးလိမ့်မည်။ + VeraCrypt ကို ဤစက်ထဲမှ ဖယ်ရှားရန် ဖယ်ထုတ်ရန်ကို နှိပ်ပါ။ + ရပ်ဆိုင်းရန် + &Benchmark + စမ်းသပ်ရန် + စာဝှက်ထားသော volume ကို ဖန်တီးပြီး ​၄င်းကို ဖော်မက်ချရန် + အခန်းကန့်ကို နေရာတကျ စာဝှက်ရန် + ထုတ်လုပ်ခဲ့သော ကီးများ (၎င်းတို့၏ အပိုင်းများ) ကို ပြပါ + စုပေါင်း အကြောင်းအရာကို ပြရန် + စီဒီ/ဒီဗွီဒီ မှတ်တမ်းတင် ဆော့ဗ်ဝဲကို ဒေါင်းလုဒ် ဆွဲရန် + စာဝှက်ထားသော ဖိုင် သိမ်းဆည်းခန်း တစ်ခု ဖန်တီးရန် + &GB + &TB + နောက်ထပ် အချက်အလက် + လျှို့ဝှက် VeraCrypt volume + လျှို့ဝှက် volumes များအကြောင်း နောက်ထပ် အ​ချက်အလက်များ + တိုက်ရိုက် နည်းစနစ် + ပုံမှန် နည်းစနစ် + &KB + ကီးဖိုင်ကို သုံးရန် + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + ကီးဖိုင်များ... + H​ash အယ်လဂိုရီသမ်များ၏ အချက်အလက်များ + နောက်ထပ် အချက်အလက် + Information on PIM + &MB + နောက်ထပ် အချက်အလက် + ကွန်ပျူတာစနစ် စာဝှက်ခြင်းအကြောင်း အသေးစိတ် အချက်အလက်များ + နောက်ထပ် အချက်အလက် + Multi-boot + ကွန်ပျူတာ စနစ်မဟုတ်သော အခန်းကန့်/drive တစ်ခု စာဝှက်ရန် + မှတ်တမ်း လုံး၀ မတင်ရန် + ပြင်ပ volume ကို ဖွင့်ရန် + ခေတ္တရပ်နားရန် + Use P&IM + Use PIM + အမြန် မော်မက်ချရန် + စကားဝှက်ကို ပြရန် + စကားဝှက်ကို ပြရန် + &Display PIM + Single-boot + သာမန် VeraCrypt volume + လျှို့ဝှက် + ပုံမှန် + ကွန်ပျူတာ အခန်းကန့် (သို့) ကွန်ပျူတာ drive တစ်ခုလုံးကို စာဝှက်ရန် + ဝင်းဒိုးစနစ် အခန်းကန့်ကို စာဝှက်ရန် + Drive တစ်ခုလုံးကို စာဝှက်ရန် + VeraCrypt Volume ဖန်တီးမှု အညွှန်း + အစုအဝေး + အရေးကြီးချက် - ဤ ၀င်းဒိုးအတွင်း သင့်ကြွက်ခလုတ်ကို ကျပန်းနည်းဖြင့် ရွှေ့လျားပါ။ အချိန်ပိုကြာလေ၊ ပိုကောင်းလေ ဖြစ်သည်။ ဤသို့ဖြင့် စာဝှက်ထားသော ကီးများ၏ ဝှက်စာ ရေးသားခြင်း အားကောင်းခိုင်မာမှုကို တိုးမြှင့်စေမည် ဖြစ်သည်။ လုပ်ပြီးပါက volume ကို ဖန်တီးရန် ဖော်မက်ချရန် ခလုတ်ကို နှိပ်ပါ။ + အတည်ပြုရန် - + ပြီးသွားပြီ + Drive letter: + စာဝှက်စနစ် အယ်လဂိုရီသမ် + ဖိုင်စနစ် + စာဝှက်ထားသော disk အတု တစ်ခုကို ဖိုင်တစ်ခုထဲ ဖန်တီးလိုက်ပါ။ အတွေ့အကြုံ မရှိသေးသော သုံးစွဲသူများအတွက် သင့်လျှော်သည်။ + ရွေးစရာများ + Hash အယ်လဂိုရီသမ် + ခေါင်းစဉ် ကီး - + ဘယ်ဖက် + မာစတာကီး - + အကယ်၍ ဤကွန်ပျူတာ၌ OS နှစ်ခု (သို့) နှစ်ခုထက် ပိုပြီး ထည့်သွင်းထားပါက၊ ဒီရွေးစရာကို ရွေးပါ။\n\nဥပမာ အားဖြင့် -\n- Windows XP နှင့် Windows XP\n- Windows XP နှင့် Windows Vista\n- Windows နှင့် Mac OS X\n- Windows နှင့် Linux\n- Windows, Linux နှင့် Mac OS X + ကွန်ပျူတာ စနစ်မဟုတ်သော အခန်းကန့် တစ်ခုကို စက်တွင်း (သို့) ပြင်ပ drive တစ်ခုခု (ဥပမာ - flash drive တစ်ခု) ထဲ စာဝှက်ပါ။ လိုအပ်လျှင်၊ လျှို့ဝှက် volume တစ်ခု ဖန်တီးပါ။ + လက်ရှိ စုပေါင်း အကြောင်းအရာ (တစ်ပိုင်းတစ်စ) + အောင်မြင်သည် + စကားဝှက် - + Volume PIM: + Volume PIM: + တိုးတက်မှု - + ကျပန်း စုစည်းမှု - + ဤကွန်ပြူတာ၌ OS တစ်ခုတည်း ထည့်သွင်းထားလျှင် (သုံးစွဲသူ အများ ရှိနေလျှင်လည်း) ဒီရွေးစရာကို ရွေးပါ။ + အမြန်နှုန်း + အနေအထား + ကီး salt နှင့် အခြား ဒေတာများကို အောင်မြင်စွာ ထုတ်လုပ်လိုက်ပြီ။ ကီးအသစ် ထပ်လုပ်လိုပါက နောက်သို့ ခလုတ်ကို နှိပ်ပြီး ရှေ့သို့ ခလုတ်ကို ပြန်နှိပ်ပါ။ ဒါမှမဟုတ်၊ ဆက်လက် လုပ်ဆောင်ရန် ရှေ့သို့ ခလုတ်ကို နှိပ်ပါ။ + ၀င်းဒိုးစနစ် ထည့်သွင်းထားသော အခန်းကန့်/drive ကို စာဝှက်ပါ။ ၀င်းဒိုးစနစ် မပိတ်မီ စက်ထဲ ၀င်၍ ဖိုင်များကို ဖတ်ရှုလို၊ စာရေးလိုသူ မည်သူမဆို အကြိမ်တိုင်း စကားဝှက် အမှန် ရေးထည့်ပေးရမည် ဖြစ်သည်။ လိုအပ်လျှင်၊ လျှို့ဝှက် ကွန်ပျူတာ စနစ် တစ်ခုကို ဖန်တီးပါ။ + လက်ရှိ အသုံးပြုနေသော ဝင်းဒိုး OS ထည့်သွင်းထားသည့် ​အခန်းကန့်ကို စာဝှက်ရန် ဒီရွေးစရာကို ရွေးပါ။ + Volume Label in Windows: + ရှင်းလင်းသည့် စနစ် - + ပိတ်ရန် + ရှောင်ကွင်းရမည့် စက်မတက်မီ စစ်ဆေးမှု ပြုလုပ်ရန် Esc ကီး(စက်အတက် မန်နေဂျာကို ဖွင့်ထားရန်၏) ကို နှိပ်ပါ + ဘာမျှ လုပ်ရန် မလို + အလိုအလျောက် အစပျိုးသော VeraCrypt volume (အောက်တွင် ဖေါ်ပြထားသည်) + VeraCrypt ကို စဖွင့်ရန် + လိုင်ဘရာရီကို အလိုအလျောက် ရှာဖွေရန် + စက်မတက်မီ စစ်ဆေး အတည်ပြု စကားဝှက်ကို (ကွန်ပျူတာ စနစ်မဟုတ်သော volumes များကို အစပျိုးရန်) ဒရိုင်ဘာ မှတ်ဉာဏ်၌ ခေတ္တ မှတ်ထားရန် + ဖွင့်ကြည့်ရန်... + ဖွင့်ကြည့်ရန်... + စကားဝှက်များနှင့် ကီးဖိုင်များကို မှတ်ဉာဏ်ထဲတွင် ခေတ္တ သိမ်းဆည်းရန် + အစပျိုးထာသော volumes မရှိသည့်အခါ ထွက်ပါ + Volume တစ်ခုကို အောင်မြင်စွာ အစပျိုးပြီးသောအခါ တိုကင်ဖြင့် ဝင်ရောက်မှုကို ပိတ်ပါ + Include VeraCrypt Volume Expander + VeraCrypt Volume ဖန်တီးမှု အညွှန်းကို ထည့်သွင်းရန် + ဖန်တီးရန် + Volume ဖန်တီးရန် + စက်မတက်မီ စစ်ဆေးမှုပြ မျက်နှာပြင်တွင် မည်သည့်စာသားမျှ မပြပါနှင့်(အောက်ဖေါ်ပြပါ စိတ်ကြိုက် စာတမ်းမှ လွဲ၍) + Disable "Evil Maid" attack detection + ပရိုဆက်ဆာ၏ AES လမ်းညွှန်မှုကိုအသုံးပြု၍ AES ဝှက်စာခြင်း/စာဝှက်ဖေါ်ခြင်းကို အရိုန်မြှင့်ပါ (အကယ်၍ ရနိုင်ပါက) + ကီးဖိုင် သုံးရန် + ကီးဖိုင် သုံးရန် + ထွက်ရန် + စိတ်ကြိုက် volumes အတွက် အကူအညီ + 'စိတ်ကြိုက် volumes များ အစပျိုးရန်' အထူးကီးကို နှိပ်သည့်အခါ ရွေးချယ်ထားသော volume ကို အစမပျိုးပါနှင့် + ၄င်း၏ ပင်မ စက်နှင့် ချိတ်ဆက်မိသည့်အခါ ရွေးချယ်ထားသော volume ကို အစပျိုးပါ + အထဲ ၀င်ရောက်သည့်အခါ ရွေးချယ်ထားသော volume ကို အစပျိုးပါ + ရွေးချယ်ထားသော volume ကို ဖတ်ရှုရန် အတွက်သာ အစပျိုးပါ + ရွေးချယ်ထားသော volume ကို ဖြုတ်တပ်နိုင်သည့် ကြားခံအဖြင့်သာ အစပျိုးပါ + အောက်သို့ ရွှေ့ရန် + အပေါ်သို့ ရွှေ့ရန် + ရွေးချယ်ထားသော volume ကို အောင်မြင်စွာ အစပျိုးပြီးပါက Explorer ဝင်းဒိုးကို ဖွင့်ပါ + ဖယ်ရှားရန် + Use favorite label as Explorer drive label + ဘုံသုံး ချိန်ညှိချက်များ + အထူး ကီးကို အောင်မြင်စွာ အဆုံးသတ်ပြီးပါက ပူပေါင်း လမ်းညွှန်ကို ပြပါ + အထူး ကီးကို အောင်မြင်စွာ အဆုံးသတ်ပြီးပါက စက် အချက်ပြ အသံကို ဖွင့်ပါ + Alt + Ctrl + Shift + Win + သတ်မှတ်ရန် + ဖယ်ရှားရန် + ကီးဖိုင်များ... + အောက်ပါ ပရိုဆက်ဆာများကို စာဝှက်ခြင်း/စာဝှက်ဖေါ်ခြင်းအတွက် အသုံးမပြုပါနှင့် - + နောက်ထပ် အချက်အလက် + နောက်ထပ် အချက်အလက် + နောက်ထပ် ချိန်ညှိချက်များ... + အလိုအလျောက် အစပျိုး စက်ကိရိယာများ + ရွေးစရာများကို အစပျိုးရန်... + Volume ကို ဖတ်ရှုရန်အတွက်သာ အစပျိုးရန် + ကီးဖိုင်များ... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + ဖွင့်ထားသည် + စကားဝှက်ကို ဒရိုင်ဘာ မှတ်ဉာဏ်ထဲ၌ ခေတ္တ သိမ်းဆည်းရန် + ဒေတာများကို ဖတ်ရှုခြင်း/ရေးသားခြင်း မပြုသည့်အခါ volume ကို အလိုအလျောက် အဆုံးသတ်ပါ + သုံးစွဲသူ ထွက်ရန် + User session locked + စွမ်းအင် ချွေတာရေးစနစ်ကို သုံးစွဲရန် + Screen saver ဖွင့်ထားသည် + Volume ၌ ဖွင့်ထားသော ဖိုင်များ (သို့) ဖိုင်တွဲများ ပါ၀င်နေလျှင်လည်း ၎င်းကို အလိုအလျှောက် အတင်း အဆုံးသတ်ပါ + စက်ထဲရှိ VeraCrypt volumes အားလုံးကို အစပျိုးရန် + VeraCrypt နောက်ခံ လုပ်ငန်းများ စတင်ရန် + Volumes များကို ဖတ်ရှုရန် အတွက်သာ အစပျိုးရန် + Volumes များကို ဖြုတ်တပ်နိုင်သော ကြားခံအဖြစ်သာ အစပျိုးရန် + အောင်မြင်စွာ အစပျိုးလိုက်သော volume အတွက် Explorer ၀င်းဒိုးကို ဖွင့်ရန် + Temporary Cache password during "Mount Favorite Volumes" operations + အစပျိုးထားသော volumes များ ရှိပါက ခြားနားသော taskbar ပုံများကို သုံးစွဲရန် + အလိုအလျောက် အဆုံးသတ်သည့်အခါ ခေတ္တ မှတ်ထားသော စကားဝှက်များကို ရှင်းလင်းရန် + ထွက်သည့်အခါ ခေတ္တ မှတ်ထားသော စကားဝှက်များကို ရှင်းလင်းရန် + ဖိုင် သိမ်းဆည်းခန်းများ၏ ပြုပြင်မှု အချိန်စာရင်းကို ထိန်းသိမ်းရန် + ပြန်ချိန်ရန် + စက်ပစ္စည်း ရွေးချယ်ရန်... + ဖိုင် ရွေးချယ်ရန် + လိုင်ဘရာရီ ရွေးချယ်ရန်... + စကားဝှက် ပြရန် + စကားဝှက် ပြရန် + အစပျိုးထားသော volume အတွက် Explorer ၀င်းဒိုး ဖွင့်ရန် + ဒရိုင်ဘာ မှတ်ဉာဏ်ထဲရှိ ယာယီ စကားဝှက် + TrueCrypt Mode + အားလုံးကို အဆုံးသတ်ရန် + Volume ဂုဏ်အင်္ဂါရပ်များ... + Volume ကိရိယာများ... + ယာယီဖိုင်များကို ရှင်းလင်းရန် + VeraCrypt - Mount Parameters + VeraCrypt - စိတ်ကြိုက် Volumes များ + VeraCrypt - စက်သုံး အထူး ကီးများ + VeraCrypt + စကားဝှက် (သို့) ကီးဖိုင်ကို ပြောင်းရန် + VeraCrypt Volume စကားဝှက် ရေးထည့်ရန် + VeraCrypt - စွမ်းဆောင်မှု ရွေးစရာများ + VeraCrypt - ဦးစားပေးချက်များ + VeraCrypt - ကွန်ပျူတာ စာဝှက်စနစ် ချိန်ညှိချက်များ + VeraCrypt - လုံခြုံရေး တိုကင် ဦးစားပေးချက်များ + VeraCrypt ခရီးဆောင် Disk တည်ဆောက်မှု + VeraCrypt Volume အင်္ဂါရပ်များ + အကြောင်း + Volume ဆီမှ ကီးဖိုင်များကို ထည့်သွင်းရန်/ဖယ်ထုတ်ရန်... + အစပျိုးလိုက်သော Volume ကို စိတ်ကြိုက်စာရင်းထဲ ထည့်သွင်းရန်... + အစပျိုးထားသော Volume ကို ကွန်ပျူတာ စိတ်ကြိုက်စာရင်းထဲ ထည့်သွင်းရန်... + လည်ပတ်မှုစနစ် ပျက်စီးမှုကို စစ်ဆေးရန်... + Volume ခေါင်းစဉ်ကို အရန်သင့် သိမ်းဆည်းရန်... + Benchmark... + ခေါင်းစဉ် ကီး ဆင်းသက်မှု အယ်လဂိုရီသမ်ကို သတ်မှတ်ရန်... + Volume စကားဝှက် ပြောင်းရန်... + ခေါင်းစဉ် ကီး ဆင်းသက်မှု အယ်လဂိုရီသမ်ကို သတ်မှတ်ရန်... + စကားဝှက် ပြောင်းရန်... + Volume မှတ်တမ်းကို ရှင်းလင်းရန် + လုံခြုံရေး တိုကင် လုပ်ငန်းအားလုံးကို ပိတ်ရန် + အဆက်အသွယ် + လျှို့ဝှက် OS ဖန်တီးရန်... + ကယ်ဆယ်ရေး Disk ဖန်တီးရန်... + Volume အသစ် ဖန်တီးရန်... + Permanently Decrypt... + မူလ ကီးဖိုင်များ... + Default Mount Parameters... + ယခု လှူဒါန်းရန်... + ကွန်ပျူတာ အခန်းကန့်/Drive ကို စာဝှက်ရန်... + မေးလေ့ရှိသော မေခွန်းများ + သုံးစွဲသူ လမ်းညွှန် + ပင်မ စာမျက်နှာ + အထူး ကီးများ... + ကီးဖိုင် ထုတ်လုပ်စနစ် + ဘာသာစကား... + တရားဝင် ထုတ်ပြန်ချက်များ + လုံခြုံရေး တိုကင် ကီးဖိုင်များကို စီမံရန်... + စက်ထဲရှိ Volumes အားလုံးကို အလိုလျောက် အစပျိုးရန် + စိတ်ကြိုက် Volumes များ အစပျိုးရန် + စက်မတက်မီ စစ်ဆေးမှု မပြုပဲ အစပျိုးရန်... + Volume အစပျိုးရန် + Volume ကို ရွေးစရာများနှင့် အစပျိုးရန် + သတင်း + အွန်လိုင်း အကူအညီ + စတင် သုံးစွဲသူ၏ သင်တန်း လမ်းညွှန် + စိတ်ကြိုက် Volumes များကို စီမံရန်... + ကွန်ပျူတာစနစ်၏ စိတ်ကြိုက် Volumes များကို စီမံရန်... + စွမ်းဆောင်ရည်... + ကွန်ပျူတာစနစ်၏ အခန်းကန့်/Drive ကို အမြဲတမ်း စာဝှက်​ဖြည်ရန် + ဦးစားပေးချက်များ... + Drive အက္ခရာများ ပြန်ခေါ်ရန် + Volume ထဲရှိ ကီးဖိုင် အားလုံးကို ဖယ်ရှားရန်... + Volume ခေါင်းစီးကို နဂိုနေရာ ပြန်ထားရန်... + ရပ်တန့်နေသော လုပ်ငန်းစဉ်ကို ပြန်စရန် + စက် ပစ္စည်း ရွေးချယ်ရန်... + ဖိုင် ရွေးချယ်ရန်... + ရပ်တန့်နေသော လုပ်ငန်းစဉ်ကို ပြန်စရန် + ကွန်ပျူတာ စာဝှက်စနစ်... + ဂုဏ်အင်္ဂါရပ်များ... + ချိန်ညှိချက်များ... + ကွန်ပျူတာစနစ် စိတ်ကြိုက် Volumes များ... + ဒေါင်းလုဒ် ဆွဲရန် + Vectors များ စမ်းသပ်ရန်... + လုံခြုံရေး တိုကင်များ... + ခရီးဆောင် Disk တည်ဆောက်မှု... + အစပျိုးထားသော Volumes အားလုံး အဆုံးသတ်ရန် + Volume အဆုံးသတ်ရန် + ကယ်ဆယ်ရေး Disk စစ်ဆေးရန် + Verify Rescue Disk ISO Image + ဗားရှင်း မှတ်တမ်း + Volume Expander + Volume ဂုဏ်အင်္ဂါရပ်များ + Volume ဖန်တီးမှု အညွှန်း + VeraCrypt ကွန်ရက် စာမျက်နှာ + ခေတ္တမှတ်ထားသော စကားဝှက်များကို ရှင်းလင်းရန် + ကောင်းပြီ + Hardware စွမ်းရည်မြှင့်ခြင်း + ဖြတ်လမ်း + AutoRun ပြုပြင်ဖန်တီးမှု (autorun.inf) + အလိုအလျောက် အဆုံးသတ်ရန် + အားလုံး အဆုံးသတ်မည့် အချိန် - + Boot Loader မျက်နှာပြင် ရွေးစရာများ + စကားဝှက် အတည်ပြုရန် - + လက်ရှိ + စက်မတက်မီ စစ်ဆေးမှု မျက်နှာပြင်တွင် ဤစိတ်ကြိုက် စာတမ်းကို ပြရန် (စာလုံးရေ အများဆုံး ၂၄ လုံးသာ) - + မူလ အစပျိုး ရွေးစရာများ + အထူး ကီး ရွေးစရာများ + Driver Configuration + Enable extended disk control codes support + ရွေးချယ်ထားသော စိတ်ကြိုက် volume အညွှန်း - + ဖိုင် ချိန်ညှိချက်များ + သတ်မှတ်ရမည့် ကီး - + ဤကွန်ပျူတာရှိ ပရိုဆက်ဆာ (CPU) သည် AES အတွက် hardware ကို အရိုန်မြှင့် လုပ်ဆောင်ပေးသည် - + ဝင်းဒိုးထဲ ဝင်ရောက်သည့်အခါ လုပ်ဆောင်ရမည့် အချက်များ + မိနစ် + Volume ကို drive အက္ခရာအဖြစ် အစပျိုးရန် - + အစပျိုး ချိန်ညှိချက်များ + အသစ် + စကားဝှက် - + Thread-အခြေပြု ပြိုင်တူပြုလုပ်ခြင်း + PKCS #11 လိုင်ဘရာရီ လမ်းကြောင်း + PKCS-5 PRF- + PKCS-5 PRF: + စကားဝှက် ယာယီ သိမ်းဆည်းခန်း + လုံခြုံရေး ရွေးစရာများ + VeraCrypt နောက်ခံ လုပ်ငန်း + အစပျိုးရမည့် VeraCrypt volume (ခရီးဆောင် disk root နှင့် ဆက်စပ်သည်) - + Traveler disk ကို ထည့်လိုက်သည့်အခါ - + ခရီးဆောင် disk ဖိုင်များကို ဖန်တီးမည့် နေရာ (ခရီးဆောင် disk root ဖိုင်တည်နေရာ) - + Volume + ဝင်းဒိုး + လမ်းကြောင်း ထည့်သွင်းရန်... + အားလုံးကို အလိုလျောက် စမ်းသပ်ရန် + ဆက်လုပ်ရန် + စာဝှက်ဖော်ရန် + ပယ်ဖျက်ရန် + စာဝှက်ရန် + တင်ပို့ရန်... + ကီးဖိုင်ကို ထုတ်လုပ်ပြီး သိမ်းဆည်းရန်... + ကျပန်း ကီးဖိုင်ကို ထုတ်လုပ်ရန်... + ဘာသာစကားများကို ဒေါင်းလုဒ် ဆွဲရန် + Hardware ကို အရိုန်မြှင့်ပေးသော AES - + ကီးဖိုင်ကို တိုကင်ထဲ တင်သွင်းရန်... + ဖိုင်များကို ထည့်သွင်းရန်... + ကီးဖိုင်ကို သုံးရန် + ကီးဖိုင်များ... + ဖယ်ရှားရန် + အားလုံး ဖယ်ရှားရန် + လျှို့ဝှက် volume ကာကွယ်ခြင်း ဆိုသည်မှာ အဘယ်နည်း? + ကီးဖိုင်များ၏ အသေးစိတ် အချက်အလက်များ + Volume ကို ဖြုတ်တပ်နိုင်သော ကြားခံအဖြစ် အစပျိုးရန် + အခန်းကန့်ကို ကွန်ပျူတာ စာဝှက်စနစ် သုံးပြီး စက်မတက်မီ စစ်ဆေးစရာမလိုဘဲ အစပျိုးရန် + ပြိုင်တူဖြစ်ခြင်း + Benchmark + ပရင့်ထုတ်ရန် + လျှို့ဝှက် volume ကို ပြင်ပ volume ထဲ စာရေးခြင်းကြောင့် ဖြစ်ပေါ်လာမည့် ပျက်စီးခြင်းမှ ကာကွယ်ရန် + ပြန်ချိန်ရန် + စကားဝှက်ကို ပြရန် + တိုကင် ဖိုင်များကို ထည့်သွင်းရန်... + Volume ထဲ၌ ထည့်မြှုပ်ထားသော အရန်သင့် ​ခေါင်းစဉ်များကို ရနိုင်ပါက အသုံးပြုရန် + XTS နည်းစနစ် + VeraCrypt အကြောင်း + VeraCrypt - စာဝှက်စနစ် အယ်လဂိုရီသမ် Benchmark + VeraCrypt - Vectors များ စမ်းသပ်ရန် + Command Line အကူအညီ + VeraCrypt - ကီးဖိုင်များ + VeraCrypt - ကီးဖိုင် ထုတ်လုပ်စနစ် + VeraCrypt - ဘာသာစကား + VeraCrypt - အစပျိုး ရွေးစရာများ + လုံခြုံရေး တိုကင် ကီးဖိုင်သစ်၏ ဂုဏ်အင်္ဂါရပ်များ + VeraCrypt - ကျပန်း စုပေါင်း တိုးတက်မှု + အခန်းကန့် (သို့) စက်ပစ္စည်း တစ်ခု ရွေးချယ်ရန် + VeraCrypt + လုံခြုံရေး တိုကင် ကီးဖိုင်များ + လုံခြုံရေး တိုကင် စကားဝှက်/PIN လိုအပ်သည် + လက်ရှိ သုံးစွဲသော ဘာသာစကား + အမြန်နှုန်းသည် CPU အားနှင့် သိုလှောင် ပစ္စည်း၏ ဂုဏ်အင်္ဂါရပ်အပေါ် မူတည်သည်။\n\n ၄င်းစမ်းသပ်မှုကို RAM ထဲတွင် လုပ်ဆောင်နေသည်။ + ဘတ်ဖာ အရွယ် - + ဝှက်စာ စနစ် - + လျှို့ဝှက် Volume အတွက် စကားဝှက် -\n(နေရာလွတ်နေလျှင်၊ ယာယီ သိမ်းဆည်းခန်းကို သုံးသည်) + လျှို့ဝှက် Volume ကာကွယ်ခြင်း + ကီး အရွယ် - + အရေးကြီးချက် - ဤ၀င်းဒိုးထဲ၌ သင့် ကြွက်ခလုတ်ကို တက်နိုင်သမျှ ကျပန်းနည်းဖြင့် လှုပ်ရှားပေးပါ။ ကြာကြာ​ ရွှေ့လေ၊ ပိုကောင်းလေ ဖြစ်သည်။ ဤအရာက ကီးဖိုင်၏ စာဝှက်အားကို တိုးမြှင့်စေသည်။ + သတိပေးချက် - ကီးဖိုင်​ ပျောက်သွားသည် ဖြစ်စေ (သို့) ၄င်း၏ ပထမဆုံး ၁၀၂၄ kilobytes ပြောင်းသွားသည် ဖြစ်စေ၊ အဲဒီ ကီးဖိုင်ကို အသုံးပြုသော volumes များကို အစပျိုးနိုင်မည် မဟုတ်ပါ။ + bits + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + ဘာသာပြန်ဆိုသူ - + စာသား သက်သက် အရွယ် - + bits + လက်ရှိ စုပေါင်း အကြောင်းအရာ + PRF ပေါင်းစပ်ခြင်း - + အရေးကြီးချက် - ဤဝင်းဒိုးထဲ၌ သင့် ကြွက်ခလုတ်ကို တက်နိုင်သမျှ ကျပန်းနည်းဖြင့် လှုပ်ရှားပေးပါ။ ကြာကြာ ရွှေ့လေ၊ ပိုကောင်းလေ ဖြစ်သည်။ ၄င်းက လုံခြုံရေးကို တိုးမြှင့်စေသည်။ ပြီးသွားလျှင်၊ 'ဆက်လုပ်ရန်' ခလုတ်ကို နှိပ်ပါ။ + အရန်ကီး (hexadecimal) + လုံခြုံရေး တိုကင် - + မျိုးတူစုနည်း - + ကျေးဇူးပြု၍ စောင့်ပါ။ ဤလုပ်ငန်းစဉ်သည် အတော် ကြာနိုင်ပါသည်... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + နံပါတ် အစု - + ဝှက်စာ စာသား (hexadecimal) + ဒေတာ ယူနစ် နံပါတ် (64-bit hexadecimal, ဒေတာ ယူနစ် အရွယ်သည် 512 bytes ဖြစ်သည်) + ကီး (hexadecimal) + စာသားသက်သက် (hexadecimal) + ကီးဖိုင် အမည် - + XTS နည်းစနစ် + ကွန်ပျူတာစနစ် + &Volumes များ + စိတ်ကြိုက်များ + ကိရိယာများ + ချိန်ညှိချက်များ + အကူအညီ + ပင်မ စာမျက်နှာ + + အ​ကြောင်း... + သင့် volume အဟောင်းမှ ဖတ်ရှုရန်အတွက်သာ ဖြစ်သော သတ်မှတ်ချက်ကို ပြောင်း၍ မရပါ။ ဖိုင်ထဲ ၀င်ရောက်မှု ခွင့်ပြုချက်ကို စစ်ဆေးပါ။ + ချို့ယွင်းချက် - ၀င်ရောက်ခွင့် မပြုပါ။ \n\n ၀င်ရောက်ရန် သင် ကြိုးစားနေသော အခန်းကန့်သည် အခန်း 0 ရှည်နေသည်၊ (သို့) စက်ဖွင့်​ပစ္စည်း ဖြစ်သည်။ + စီမံခန့်ခွဲသူ + VeraCrypt ဒရိုင်ဘာကို ဖွင့်ရန်၊ အကောင့်ထဲသို့ စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်ဖြင့် ၀င်ရောက် ဝင်ရောက်ရန် လိုအပ်သည်။ + အခန်းကန့်/စက်ပစ္စည်း တစ်ခုကို စာဝှက်ရန်/ဖော်မက်ချရန် သင်သည် အကောင့်ထဲသို့ စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်ဖြင့် ဝင်ရောက်ရန် လိုအပ်သည်။\n\n ၎င်းသည် ဖိုင် သိမ်းဆည်းသော volumes များနှင့် မသက်ဆိုင်ပါ။ + လျှို့ဝှက် volume တစ်ခုကို ဖန်တီးရန် သင်သည် အကောင့်ထဲသို့ စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်ဖြစ် ဝင်ရောက်ရန် လိုအပ်သည်။\n\nဆက်လုပ်မည်လား? + Volume ကို NTFS အဖြစ် ဖော်မက်ချရန် သင်သည် ​အကောင့်ထဲသို့ စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်ဖြင့် ဝင်ရောက်ရန် လိုအပ်သည်။\n\n စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်မပါပဲ၊ မဟုတ်ပါက volume ကို FAT အဖြစ်သာ ဖော်မက်ချနိုင်မည် ဖြစ်သည်။ + FIPS မှ ထောက်ခံထားသော စာဝှက်စနစ် (Rijndael, ၁၉၉၈ ခုနှစ်၌ ထုတ်ပြန်ထားသည်) ကို ယူအက်စ် အစိုးရ အဖွဲ့အစည်းနှင့် အခြား အေဂျင်စီများသည် ထိပ်တန်း လျှို့ဝှက် အဆင့် 256-bit ကီး၊ 128-bit block, 14 rounds (AES-256) အထိ သတ်မှတ်ထားသော အချက်အလက်များကို ကာကွယ်ရန် အသုံးပြုနိုင်ကြသည်။ လုပ်ဆောင်ပုံ စနစ်မှာ XTS ဖြစ်သည်။ + Volume ကို အစပျိုးထားပြီ။ + သတိပေးချက် - အနည်းဆုံး စာဝှက်စနစ် (သို့) hash အယ်လဂိုရီသမ် တစ်ခုသည် အလို​အလျောက် စမ်းသပ်မှုများ၌ မအောင်မြင်ပါ။\n\n VeraCrypt ထည့်သွင်းမှု ပျက်သွား၍ ဖြစ်မည်။ + သတိပေးချက် - တောင်းဆိုထားသည့် ကျပန်း ​ဒေတာ ပမာဏကို ပံ့ပိုးပေးရန် ကျပန်းဂဏန်း ထုတ်လုပ်စနစ်၌ ဒေတာ အလုံအလောက် မရှိပါ။\n\n သင် ရှေ့ဆက် လုပ်ဆောင်ရန် မလိုပါ။ အကူအညီ မီနူးမှ 'ပရိုဂရမ်အမှား သတင်းပို့ရန်' ကို ရွေးချယ်ပြီး၊ ဤချို့ယွင်းချက်ကို သတင်းပို့ပါ။ + Drive ပျက်စီးနေသည် (စက်ပိုင်းဆိုင်ရာ ပျက်စီးမှု ရှိသည်) သို့မဟုတ် ကယ်​ဘယ်လ်ကြိုး ပြတ်နေသည်၊ သို့မဟုတ် မှတ်ဉာဏ် ပျက်စီးနေသည်။\n\n ဤအရာသည် သင့် hardware ပိုင်း ပြဿနာ ဖြစ်သည်၊ VeraCrypt နဲ့မဆိုင်ပါ။ ထို့ကြောင့်၊ VeraCrypt ၏ ပြဿနာအဖြစ် သတင်း မပို့ပါနှင့်။ ဤအကြောင်းနှင့် ပါတ်သက်၍ VeraCrypt ဖိုရမ်၌ အကူအညီ မတောင်းပါနှင့်။ ကွန်ပျူတာ ထုတ်လုပ် ရောင်းချသူထံ နည်းပညာဆိုင်ရာ အကူအညီ တောင်းခံပါ။ ကျေးဇူးတင်ပါသည်။\n\n မှတ်ချက် - ချို့ယွင်းချက်သည် တစ်နေရာထဲ၌ ထပ်ခါတလဲလဲ ဖြစ်နေလျှင်၊ ၄င်းသည် ​မကောင်းသော disk block တစ်ခုကြောင့် ဖြစ်နိုင်သည်။ ၄င်းကို တခြား ဆော့ဗ်ဝဲ အသုံးပြုပြီး ပြုပြင်ကောင်း ပြုပြင်နိုင်မည် ဖြစ်သည် (ပြဿနာ အတော်မျာများတွင် 'chkdsk /r' ညွှန်ကြားချက်ဖြင့် မဖြေရှင်းနိုင်ပါ၊ အဘယ့်ကြောင့် ဆိုသော် ၄င်းသည် filesystem အဆင့်၌သာ လုပ်ဆောင်သောကြောင့် ဖြစ်သည်။ အချို့အခြေအနေတွင်၊ 'chkdsk' သည် ပျက်စီးမှုကို မရှာဖွေနိုင်ချေ)။ + အကယ်၍ သင်သည် ဖြုတ်တပ်နိုင်သော မီဒီယာ အတွက် drive တစ်ခုထဲ ၀င်ရောက်နေပါက၊ ကြားခံတစ်ခုကို drive ထဲ​ သေချာ သွင်းပါ။ Drive/ကြားခံ ပျက်စီးနေခြင်း (ရုပ်ပိုင်းဆိုင်ရာ ပျက်စီးမှု) ဖြစ်နိုင်သည် (သို့) ကယ်ဘယ်ကြိုး ပျက်စီးနေခြင်း/ပြတ်နေခြင်း ဖြစ်နိုင်သည်။ + သင့် ကွန်ပျူတာစနစ်သည် drive စနစ် တစ်ခုလုံးကို စာဝှက်ခြင်း မပြုနိုင်ရန် အဟန့်အတားပြုနေသော ပရိုဂရမ်အမှား တစ်ခု ပါရှိသော ကိုယ်ပိုင် chipset ဒရိုင်ဘာများကို အသုံးပြုနေပုံ ရသည်။\n\n ရှေ့ဆက်မသွားမီ ကိုယ်ပိုင် (Microsoft မဟုတ်သော) chipset ဒရိုင်ဘာများကို မွမ်းမံပါ (သို့) ဖယ်ထုတ်ပါ။ အကယ်၍ အကြောင်းမထူးပါက၊ ကွန်ပျူတာစနစ် အခန်းကန့် တစ်ခုတည်းကိုသာ စာဝှက်ကြည့်ပါ။ + မှားနေသော drive အက္ခရာ။ + မှားနေသော လမ်းကြောင်း။ + ဖျက်သိမ်းရန်​ + စက်ပစ္စည်းကို ဆက်သွယ်၍ မရပါ။ ရွေးချယ်ထားသော စက်ပစ္စည်း ရှိ/မရှိ စစ်ဆေးပြီး၊ ၄င်းကို ကွန်ပျူတာစနစ်က အသုံးမပြုဖို့ လိုသည်။ + သတိပေးချက် - Caps Lock ဖွင့်ထားသည်။ ၎င်းကြောင့် စကားဝှက် ရေးထည့်ရာတွင် မှားယွင်းစေနိုင်သည်။ + Volume အမျိုးအစား + စာဝှက်ထားသော volume တစ်ခု၏ စကားဝှက်ကို ဖေါ်ပြရန် သင့်ကို တစ်စုံတစ်ယောက်က ဖိအားပေး တောင်းဆိုလာနိုင်သည်။ သင်အနေဖြင့် စကားဝှက်ကို မဖြစ်မနေ ပေးရမည့် အခြေအနေမျိုး ကြုံလာနိုင်သည်။ ယင်းအခြေအနေမျိုး၌ လျှို့ဝှက် volume ကို သုံးစွဲခြင်းဖြင့် သင့် စကားဝှက်ကို ဖေါ်ပြရန် လိုအပ်တော့မည် မဟုတ်ပါ။ + သာမန် VeraCrypt volume တစ်ခုကို ဖန်တီးလိုပါက ဒီရွေးစရာကို ရွေးပါ။ + အကယ်၍ OS တစ်ခုကို လျှို့ဝှက် အခန်းကန့် volume တစ်ခုထဲ၌ ထည်သွင်းလိုပါက၊ ကွန်ပျူတာစနစ် တစ်ခုလုံးကို ကီးတစ်မျိုးတည်းဖြင့် စာဝှက်နိုင်မည် မဟုတ်ပါ။ + ပြင်ပ Volume စာဝှက်စနစ် ရွေးစရာများ + လျှို့ဝှက် Volume စာဝှက်စနစ် ရွေးစရာများ + စာဝှက်စနစ် ရွေးစရာများ + သတိပေးချက် - နောက်ဆုံး ရွေးချယ်ထားသော volume/(ဖိုင် ရွေးချယ်စနစ်က မှတ်သားထားသော) ကီးဖိုင် လမ်းကြောင်းကို ရှင်းလင်း၍ မရပါ! + ချို့ယွင်းချက် - သိမ်းဆည်းခန်းကို filesystem အဆင့်၌ ဖိသိပ်ထားသည်။ VeraCrypt သည် သိမ်းဆည်းခန်းများကို ဖိသိပ်မှု မပြုပါ (စာဝှက်ထားသော ဒေတာကို ဖိသိပ်ခြင်းသည် ထိရောက်မှု မရှိ၍ မလိုအပ်ချေ)။\n\n အောက်ပါ အဆင့်များဖြင့် သိမ်းဆည်းခန်း ဖိသိပ်မှုကို ပိတ်ပါ -\n၁) ဝင်းဒိုး Explorer (VeraCrypt ထဲ၌ မဟုတ်ပါ) ထဲရှိ သိမ်းဆည်းခန်းကို ညာဖက် နှိပ်ပါ။\n၂) 'ဂုဏ်အင်္ဂါရပ်များ' ကို ရွေးချယ်ပါ။\n၃) 'ဂုဏ်အင်္ဂါရပ်များ' အညွှန်းထဲ၌၊ 'အဆင့်မြင့်' ကို နှိပ်ပါ။\n၄) 'အဆင့်မြင့် သတ်မှတ်ချက်များ' အညွှန်းထဲ၌၊ 'disk နေရာလွတ် ရရှိရန် အကြောင်းအရာများကို ဖိသိပ်ရန်' ရွေးစရာကို ပိတ်ပြီး 'ကောင်းပြီ' ကို နှိပ်ပါ။၅) 'ဂုဏ်အင်္ဂါရပ်များ' အညွှန်းထဲ၌၊ 'ကောင်းပြီ' ကို နှိပ်ပါ။ + Volume %s ဖန်တီးရာတွင် မအောင်မြင်ပါ + %s ၏အရွယ်မှာ %.2f bytes ဖြစ်သည် + %s ၏အရွယ်မှာ %.2f KB ဖြစ်သည် + %s ၏အရွယ်မှာ %.2f MB ဖြစ်သည် + %s ၏ အရွယ်မှာ %.2f GB ဖြစ်သည် + %s ၏အရွယ်မှာ %.2f TB ဖြစ်သည် + %s ၏အရွယ်မှာ %.2f PB ဖြစ်သည် + သတိပေးချက် - စက်ပစ္စည်း/အခန်းကန့်ကို OS မှ (သို့) အ​ပ္ပလီကေးရှင်းများမှ အသုံးပြုထားသည်။ စက်ပစ္စည်း/အခန်းကန့်ကို ဖော်မက်ချခြင်းဖြင့် ဒေတာ ပျက်စီမှုနှင့် စက်လည်ပတ်မှု မတည်မငြိမ် ဖြစ်စေနိုင်သည်။\n\nဆက်လုပ်မည်လား? + သတိပေးချက် - စက်ပစ္စည်း/အခန်းကန့်ကို OS မှ (သို့) အ​ပ္ပလီကေးရှင်းများမှ အသုံးပြုထားသည်။ အခန်းကန့်ကို အသုံးပြုသော ​အပ္ပလီကေးရှင်းများ (ဗိုင်းရပ်စ်သတ် ဆော့ဗ်ဝဲ အပါအဝင်)ကို ပိတ်ထားပါ။\n\n ဆက်လုပ်မည်လား? + ချို့ယွင်းချက် - စက်ပစ္စည်း/အခန်းကန့်၌ အဆုံးသတ်၍ မရနိုင်သော ဖိုင်စနစ် တစ်ခု ပါရှိနေသည်။ ​၎င်းဖိုင်စနစ်ကို စက်လည်ပတ်မှုစနစ်က အသုံးပြုထားနိုင်သည်။ စက်ပစ္စည်း/အခန်းကန့်ကို ဖော်မက်ချခြင်းဖြင့် ဒေတာ ပျက်စီခြင်းနှင့် စက်လည်ပတ်မှုစနစ် မတည်ငြိမ်မှုများ ဖြစ်ပေါ်စေနိုင်သည်။\n\nဤပြဿနာကို ဖြေရှင်းရန်၊ ထိုအခန်းကန့်ကို ဦးစွာ ပယ်ဖျက်ပြီး ၄င်းကို ဖော်မက်ချစရာ မလိုပဲ အသစ် ပြန်ဖန်တီးပါ။ ထိုသို့ ဆောင်ရွတ်ရန်၊ အောက်ပါ အဆင့်များကို လုပ်ဆောင်ပါ -\n၁) 'Start ​Menu' ရှိ 'Computer' ပုံကို ညာဖက် နှိပ်ပြီး 'Manage' ကို ရွေးပါ။ 'Computer Management' ၀င်းဒိုး ပေါ်လာလိမ့်မည်။\n၂) 'Disk Management' ဝင်းဒိုးထဲ၌ 'Storage' > 'Disk Management' ကို ရွေးပါ။\n၃) သင် စာဝှက်လိုသော အခန်းကန့်ကို ညာဖက် နှိပ်ပြီး 'Delete Partition', (သို့) 'Delete Volume', (သို့) 'Delete Logical Drive' ကို ရွေးပါ။\n၄) 'Yes' ကို နှိပ်ပါ။ အကယ်၍ ဝင်းဒိုးက စက်ပြန်ဖွင့်ရန် တောင်းဆိုလာပါက ကွန်ပျူတာစက်ကို ပြန်စလိုက်ပါ။ ထို့နောက် အဆင့် ၁ နှင့် ၂ ကို ပြန်လုပ်ပြီး အဆင့် ၅ မှ ဆက်လုပ်ပါ။\n၅) နေရာမယူထားသော/နေရာလွတ်၌ ညာဖက် နှိပ်ပြီး 'New Partition', (သို့) 'New Simple Volume', (သို့) 'New Logical Drive' ကို ရွေးပါ။\n၆) ယခုအချိန်၌ 'New Partition Wizard' (သို့) 'New Simple Volume Wizard' ၀င်းဒိုး ပေါ်လာမည် ဖြစ်သည်။ ညွန်ကြားချက်အတိုင်း ဆက်လုပ်ပါ။ 'Format Partition' ခေါင်းစဉ်အောက်ရှိ 'Do not format this partition' (သို့) 'Do not format this volume' တစ်ခုခုကို ရွေးချယ်ပါ။ အညွှန်း တစ်ခုထဲ၌၊ 'Next' ကို နှိပ်ပြီးနောက် 'Finish' ကို နှိပ်ပါ။\n၇) VeraCrypt ၌ သင် ရွေးချယ်ခဲ့သော လမ်းကြောင်း မှားနေနိုင်သည်ကို သတိပြုပါ။ ထို့ကြောင့်၊ VeraCrypt Volume ဖန်တီးမှု အညွှန်းမှ ထွက်ပြီး ပြန်ဖွင့်ပါ။\n၈) စက်ပစ္စည်း/အခန်းကန့်ကို တဖန် စာဝှက်လိုက်ပါ။\n\n အကယ်၍ VeraCrypt သည် စက်ပစ္စည်း/အခန်းကန့်ကို စာဝှက်ရန် အကြိမ်ကြိမ် မအောင်မြင်ပါက၊ ၄င်းအစား ဖိုင် သိမ်းဆည်းခန်းတစ်ခုကို ဖန်တီးရန် စဉ်းစားပါ။ + ချို့ယွင်းချက် - filesystem ကို သော့ခတ်၍ မရ/အဆုံးသတ်၍ မရ ဖြစ်နေသည်။ ၎င်းကို စက်လည်ပတ်မှုစနစ် (သို့) အပ္ပလီကေးရှင်းများ (ဥပမာ - ဗိုင်းရပ်စ် ဖယ်ရှား ဆော့ဗ်ဝဲ) မှ အသုံးပြုနေခြင်း ဖြစ်နိုင်သည်။ ၎င်းအခန်းကန့်ကို စာဝှက်ခြင်းဖြင့် ဒေတာ ပျက်စီးခြင်းနှင့် စက်လည်ပတ်မှုစနစ် မတည်မငြိမ် ဖြစ်စေနိုင်သည်။\n\n Filesystem ကို အသုံးပြုနေသည့် အပ္ပလီကေးရှင်းများကို ပိတ်ပြီး ထပ်ကြိုးစားပါ။ အကြောင်းမထူးပါက၊ အောက်ပါ အဆင့်များကို လုပ်ဆောင်ပါ။ + သတိပေးချက် - အစပျိုးထားသော စက်ပစ္စည်းများ/အခန်းကန့်များ အချို့ကို သုံးစွဲထားပြီး ဖြစ်နိုင်သည်။\n\n ၎င်းကို လျှစ်လျှူရှုခြင်းဖြင့် စက်လည်ပတ်ရာ၌ မတည်ငြိမ်မှုများကဲ့သို့ မလိုလားအပ်သော ရလဒ်များကို ဖြစ်ပေါ်စေနိုင်သည်။\n\n စက်ပစ္စည်းများ/အခန်းကန့်များကို အသုံးပြုနေနိုင်သော အပ္ပလီကေးရှင်းများကို ပိတ်ထားရန် အလေးအနက် အကြံပြုလိုပါသည်။ + ရွေးချယ်ထားသော စက်ပစ္စည်း၌ အခန်းကန့်များ ပါရှိသည်။\n\n စက်ပစ္စည်းကို ဖော်မက်ချခြင်းဖြင့် စက်လည်ပတ်မှု စနစ်ပိုင်းဆိုင်ရာ မတည်ငြိမ်မှုများ/ဒေတာ ပျက်စီးမှုများ ဖြစ်ပေါ်စေနိုင်သည်။ VeraCrypt ကို သုံးပြီး လုံခြုံ​စွာ ဖော်မက်ချနိုင်ရန် စက်ပစ္စည်းပေါ်၌ အခန်းကန့် တစ်ခုကို ရွေးချယ်ပါ၊ (သို့) စက်ပစ္စည်းပေါ်မှ အခန်းကန့် အားလုံးကို ဖယ်ရှားပါ။ + ကွန်ပျူတာစနစ် မဟုတ်သော စက်ပစ္စည်း၌ အခန်းကန့်များ ပါရှိသည်။\n\n အခန်းကန့်များ မရှိသော စက်ပစ္စည်းများထဲ၌ စာဝှက်ထားသော စက်ပစ္စည်း အခြေပြု VeraCrypt volumes များကို (hard disks နှင့် solid-state drives များ အပါအဝင်) ဖန်တီးနိုင်သည်။ ၄င်းစက်ပစ္စည်းထဲ၌ ဝင်းဒိုးတင်ထားပြီး ၎င်းမှ ဝင်းဒိုးတက်မည် ဆိုလျှင်၊ အခန်းကန့်များ ပါရှိသော စက်ပစ္စည်း တစ်ခုလုံးကို နေရာတကျ စာဝှက်နိုင်မည် ဖြစ်သည်။\n\nမာစတာကီး တစ်ခုတည်းကို သုံးပြီး ရွေးချယ်ထားသော ကွန်ပျူတာစနစ် မဟုတ်သည့် စက်ပစ္စည်းကို စာှက်လိုပါက၊ ၄င်းကို VeraCrypt ဖြင့် လုံခြုံစွာ ဖော်မက်ချနိုင်ရန် စက်ပစ္စည်းထဲရှိ အခန်းကန့် အားလုံးကို သင် ဖယ်ရှားရမည် (အခန်းကန့်များ ပါရှိသော စက်ပစ္စည်း တစ်ခုကို ဖော်မက်ချခြင်းကြောင့် စက်လည်ပတ်မှု စနစ်ကို မတည်ငြိမ်မှု/ ဒေတာ ပျက်စီးမှု ဖြစ်ပေါ်စေနိုင်သည်)။ တစ်နည်းအားဖြင့်၊ စက်ပစ္စည်းရှိ အခန်းကန့် တစ်ခုစီကို သီးခြား စာဝှက်နိုင်သည် (အခန်းကန့် တစ်ခုစီကို သီးခြား မာစတာကီး အသုံးပြုပြီး စာဝှက်နိုင်မည် ဖြစ်သည်)။ \n\n မှတ်ချက် - GPT disk မှ အခန်းကန့် အားလုံးကို သင် ဖယ်ရှားလိုပါက၊ လျှို့ဝှက် အခန်းကန့်များကို ဖယ်ရှားရန် MBR disk (ဥပမာ -Computer Management tool ကို အသုံးပြုပြီး) အဖြစ် ပြောင်းလဲရန် လိုအပ်သည်။ + သတိပေးချက်- device တစ်ခုလုံးကို သင် စာဝှက်လိုပါက (အခန်းကန့် တစ်ခုတည်းကိုသာ စာဝှက်မည့်အစား)၊ OS က device ကို အသစ်၊ အလွတ်၊ ဖော်မက်ချမထားသော အပိုင်း တစ်ခုအဖြစ် မှတ်ယူပြီး volume ကို ပျက်စီးစေနိုင်​သည့် device ကို အလိုအလျောက် အစပျိုးလာစေနိုင်သည် (သို့မဟုတ် သင် လုပ်ဆောင်လို မလို မေးလာလိမ့်မည်)။ ဒီအပြင်၊ volume ကို (drive နံပါတ် ပြောင်းသွားသည့်အခါ) စိတ်တိုင်းကျ တစ်သမတ်တည်း အစပျိုးနိုင်မည် မဟုတ်ပါ (သို့) စိတ်ကြိုက်-volume အညွှန်းကို သတ်မှတ်နိုင်မည် မဟုတ်ပါ။\n\n ဤအဖြစ်မျိုးကို ရှောင်ရှားရန် device ​ပေါ်၌ အခန်းကန့် တစ်ခုကို ဖန်တီးပြီး အခန်းကန့်ကို စာဝှက်ရန် စဉ်းစားသင့်ပါသည်။\n\n device တစ်ခုလုံးကို စာဝှက်လိုသလား? + အရေးကြီးချက် - Drive အက္ခရာ %c ကို သုံးပြီး ဤ volume ကို အစပျိုးခြင်း/အထဲ ဝင်ရောက်ခြင်း ပြုနိုင်မည် မဟုတ်ပါ။\n\n ဤ volume ကို အစပျိုးရန်၊ ပင်မ VeraCrypt ဝင်းဒိုးရှိ 'အလိုအလျောက်-အစပျိုး Devices များ' (တနည်းအားဖြင့် - ပင်မ VeraCrypt ဝင်းဒိုးထဲရှိ 'Device ရွေးချယ်ရန်' ကို နှိပ်ပါ၊ နောက်ပြီး ဤအခန်းကန့်/device ကို ရွေးပြီး၊ 'အစပျိုးရန်' ကို နှိပ်ပါ) ကို နှိပ်ပါ။ ဤ volume ကို ပင်မ VeraCrypt ဝင်းဒိုးရှိ စာရင်းမှ သင် ရွေးထားသော တခြား drive အက္ခရာ တစ်ခုဖြင့် အစပျိုးလာလိမ့်မည်။\n\n အခန်းကန့်/device ရှိ စာဝှက်စနစ်ကို သင် ဖယ်ရှားဖို့ လိုအပ်မှသာ (ဥပမာ - အကယ်၍ စာဝှက်စနစ်ကို သင် မလိုအပ်တော့သည့်အခါ) မူရင်း drive အက္ခရာ %c ကို သုံးစွဲသင့်သည်။ ဤကဲ့သို့ ကိစ္စမျိုးတွင်၊ 'Computer' (သို့မဟုတ် 'My Computer') စာရင်းမှ drive အက္ခရာ %c ကို ညာဖက် နှိပ်ပြီး၊ 'ဖော်မက်ချရန်' ကို ရွေးပါ။ ထိုသို့မလုပ်ပါက (VeraCrypt အမေးအဖြေ၌ ဖေါ်ပြထားသကဲ့သို့ ၄င်းကို ဖယ်ရှားခြင်း မပြုပါက) drive အက္ခရာ %c ကို အသုံးပြုရတော့မည် မဟုတ်ပါ။ (ထို့နောက် အခြား အခန်းကန့်/device ကို သတ်မှတ်ပါ) + ယခု သင်အသုံးပြုနေသော OS ဗားရှင်း၌ ကွန်ပျူတာစနစ် မဟုတ်သော volumes များကို အစီအစဉ်တကျ စာဝှက်ခြင်း လုပ်ဆောင်၍ မရပါ (၎င်းကို Windows Vista နှင့် နောက်ထွက် ဗားရှင်းများတွင်သာ ပံ့ပိုးထားသည်)။\n\n ဤ၀င်ဒိုး ဗားရှင်းသည် filesystem ကျုံ့ခြင်းကို ပံ့ပိုးမထားပါ (volume ခေါင်းစီးနှင့် အရန်သင့် ခေါင်းစီး​အတွက် နေရာလွတ် ရရှိရန် filesystem ကို ကျုံ့ရမည် ဖြစ်သည်)။ + ရွေးချယ်ထားသော အခန်းကန့်သည် NTFS filesystem ဟုတ်ဟန် မတူပါ။ NTFS filesystem အခန်းကန့်များကိုသာ အစီအစဉ်တကျ စာဝှက်နိုင်သည်။\n\n မှတ်ချက် - ဤ၀င်ဒိုး ဗားရှင်းသည် filesystem ကျုံ့ခြင်းကို ပံ့ပိုးမထားပါ (volume ခေါင်းစီးနှင့် အရန်သင့် ခေါင်းစီး​အတွက် နေရာလွတ် ရရှိရန် filesystem ကို ကျုံ့ရမည် ဖြစ်သည်)။ + ရွေးချယ်ထားသော အခန်းကန့်သည် filesystem ဟုတ်ဟန်မတူပါ။ NTFS filesystem အခန်းကန့်များကိုသာ အစီအစဉ်တကျ စာဝှက်နိင်သည်။\n\nဤအခန်းကန့်ထဲ၌ စာဝှက်ထားသော VeraCrypt volume တစ်ခု ဖန်တီးလိုပါက၊ ( ရွေးစရာ "အခန်းကန့်ကို အစီအစဉ်တကျ စာဝှက်ရန်" ကို ရွေးမည့်အစား) ရွေးစရာ "စာဝှက်ထားသော volume ဖန်တီးရန်၊ ဖော်မက်ချရန်" ကို ရွေးပါ။ + ချို့ယွင်းချက် - အခန်းကန့်သည် သေးလွန်ပါသည်။ VeraCrypt သည် ၄င်းကို အစီအစဉ်တကျ စာမဝှက်နိုင်ပါ။ + ဤအခန်းကန့်ရှိ ဒေတာကို စာဝှက်ရန်၊ အောက်ပါ အဆင့်များကို လုပ်ဆောင်ပါ -\n\n၁) အခန်းကန့် အလွတ်/device တစ်ခု၌ VeraCrypt volume အလွတ်တစ်ခု ဖန်တီးပြီး ၄င်းကို အစပျိုးပါ။\n\n၂) အစပျိုးထားသော VeraCrypt volume ထဲ၌ နဂိုကတည်းက သင် စာဝှက်လိုသော အခန်းကန့်ရှိ ဖိုင်အားလုံးကို ကော်ပီကူးပါ (၄င်းကို အဆင့် ၁ ၌ ဖန်တီးပြီး အစပျိုးထားသည်)။\n\n၃) နဂိုကတည်းက သင် စာဝှက်လိုသော အခန်းကန့်၌ VeraCrypt volume တစ်ခု ဖန်တီးပြီး (ရွေးစရာ "အခန်းကန့်ကို ​အစီအစဉ်တကျ စာဝှက်ရန်" အစား) ရွေးစရာ "စာဝှက်ထားသော volume ဖန်တီးရန်၊ ဖော်မက်ရန်" ​ကို ရွေးချယ်ရန် သတိပြုပါ။ အခန်းကန့်၌ သိုလှောင်ထားသော ဒေတာ အားလုံးကို ဖျက်ပစ်မည် ဖြစ်သည်။ volume ကို ဖန်တီးပြီးပါက ၄င်းကို အစပျိုးလိုက်ပါ။\n\n၄) (အဆင့် ၁ ၌ ဖန်တီးပြီး အစပျိုးထားသော) အရန်သင့် VeraCrypt volume ထဲမှ ဖိုင်အားလုံးကို အဆင့် ၃ ၌ ဖန်တီး(ပြီး အစပျိုး)ထားသော VeraCrypt volume ထဲ ကော်ပီကူးလိုက်ပါ။\n\n၎င်းအဆင့်များ ပြီးဆုံးသောအခါ၊ ဒေတာများ စာဝှက်ပေးမည် ဖြစ်ပြီး၊ နောက်ဆက်တွဲ၌၊ ​​စာဝှက်ထားသော ဒေတာ အရန်သင့် သိမ်းဆည်းမှု တစ်ခု ရလာမည် ဖြစ်သည်။ + VeraCrypt သည် အခန်းကန့် တစ်ခု၊ တက်ကြွ volume တစ်ခု၊ (သို့) ကွန်ပျူတာစနစ် ​drive တစ်ခုလုံးကို အစီအစဉ်တကျ စာဝှက်နိုင်သည်။\n\n အကယ်၍ ကွန်ပျူတာစနစ် မဟုတ်သော device အတွင်း၌ စာဝှက်ထားသော VeraCrypt volume တစ်ခုကို ဖန်တီးလိုပါက၊ (ရွေးစရာ "အခန်းကန့်ကို ​အစီအစဉ်တကျ စာဝှက်ရန်" အစား) ရွေးစရာ "စာဝှက်ထားသော volume ကို ဖန်တီးပြီး ဖော်မက်ရန်" ကို ရွေးပါ။ + ချို့ယွင်းချက် - VeraCrypt သည် အခန်းကန့် တစ်ခု၊ တက်ကြွ volume တစ်ခု၊ (သို့) ကွန်ပျူတာစနစ် ​drive တစ်ခုလုံးကို အစီအစဉ်တကျ စာဝှက်နိုင်သည်။ သတ်မှတ်ထားသော လမ်းကြောင်း မှန်မမှန် စစ်​ဆေးပါ။ + ချို့ယွင်းချက် - filesystem ကို ကျုံ့၍ မရပါ (volume ခေါင်းစီးနှင့် အရန်သင့် ခေါင်းစီးအတွက် နေရာပေးရန် filesystem ကို ကျုံ့ရန် လိုသည်)။\n\nဖြစ်နိုင်ချ အကြောင်းရင်းနှင့် ဖြေရှင်းချက်များ -\n\nဤ volume ၌ လုံလောက်သော နေရာလွတ်မရှိပါ။ ဤ filesystem ၌ အခြား အပ္ပလီကေးရှင်းကို ရေးသားခြင်း မပြုရန် သတိပြုပါ။\n\n- ပျက်စီးနေသော ဖိုင်စနစ် ဖြစ်သည်။ ၄င်းကို စစ်ဆေးပြီး ချို့ယွင်းချက်များကို ပြင်ဆင်ပါ ('Computer' စာရင်းရှိ သက်ဆိုင်ရာ drive အက္ခရာကို ညာဖက် နှိပ်ပါ၊ ထို့နောက် Properties > Tools > ကို ရွေးပြီး 'Check Now' ကို ရွေးပါ၊ ရွေးစရာ 'Automatically fix file system errors' ကို ဖွင့်ပြီး Start ကို နှိပ်ပါ)။\n\n အထက်ပါ အဆင့်များ အလုပ်မဖြစ်ပါက၊ အောက်ပါ အဆင့်များကို ဆက်လုပ်ပါ။ + ချို့ယွင်းချက် - ဤ volume ထဲ၌ နေရာလွတ် အလုံအလောက် မရှိသောကြောင့် filesystem ကို ကျုံ့၍ မရပါ (volume ခေါင်းစီးနှင့် အရန်သင့် ခေါင်းစီးအတွက် နေရာပေးရန် filesystem ကို ကျုံ့ရန် လိုအပ်သည်)\n\n နေရာလွတ် အနည်းဆုံး 256 KB ရရှိအောင် မလိုအပ်သော ဖိုင်များကို ပယ်ဖျက်ပြီး Recycle Bin ကို ရှင်းလင်းကာ ထပ်ကြိုးစားပါ။ ဝင်းဒိုး ပြဿနာ တစ်ရပ်ကြောင့် OS ကို စက်ပြန်မဖွင့်မချင်း Windows Explorer မှ ဖေါ်ပြသော နေရာလွတ် ပမာဏမှာ မှန်ကန်လိမ့်မည် မဟုတ်ပါ။ အကယ်၍ စက်ပြန်တက်၍ ​အကြောင်းမထူးလျှင်၊ ဖိုင်စနစ် ပျက်စီး၍ ဖြစ်မည်။ ၄င်းကို စစ်ဆေးပြီး ချို့ယွင်းချက်များကို ပြင်ဆင်ပါ ('Computer' စာရင်းရှိ သက်ဆိုင်ရာ drive အက္ခရာကို ညာဖက် နှိပ်ပါ၊ ထို့နောက် Properties > Tools > ကို ရွေးပြီး 'Check Now' ကို ရွေးပါ၊ ရွေးစရာ 'Automatically fix file system errors' ကို ဖွင့်ပြီး Start ကို နှိပ်ပါ)။\n\n အထက်ပါ အဆင့်များ အလုပ်မဖြစ်ပါက၊ အောက်ပါ အဆင့်များကို ဆက်လုပ်ပါ။ + Drive %s ပေါ်၌ နေရာလွတ် %.2f bytes ရှိသည် + Drive %s ပေါ်၌ နေရာလွတ် %.2f KB ရှိသည် + Drive %s ပေါ်၌ နေရာလွတ် %.2f MB ရှိသည် + Drive %s ပေါ်၌ နေရာလွတ် %.2f GB ရှိသည် + Drive %s ပေါ်၌ နေရာလွတ် %.2f TB ရှိသည် + Drive %s ပေါ်၌ နေရာလွတ် %.2f PB ရှိသည် + လွတ်နေသော drive အက္ခရာများ မရှိပါ။ + ချို့ယွင်းချက် - VeraCrypt ဒရိုင်ဘာကို ရှာမတွေ့ပါ။\n\nကျေးဇူးပြု၍ 'veracrypt.sys' နှင့် 'veracrypt-x64.sys' ဖိုင်များကို ပင်မ VeraCrypt ​အ​ပ္ပလီကေးရှင်း (VeraCrypt.exe) တည်ရှိရာ ဖိုင်တွဲထဲ ကော်ပီကူးပါ။ + ချို့ယွင်းချက် - လောလောဆယ် လိုက်ဖက်ကိုက်ညီမှု မရှိသော VeraCrypt ဒရိုင်ဘာ ဗားရှင်းdriver ကို သုံးစွဲနေသည်။\n\n အကယ်၍ သင်သည် VeraCrypt ကို (စက်ထဲ မထည့်သွင်းပဲ) အိတ်ဆောင်စနစ်ဖြင့် သုံးစွဲရန် ကြိုးစားနေပြီး၊ တခြား VeraCrypt ဗားရှင်းကို စက်ထဲ ထည့်သွင်းပြီး ဖြစ်ပါက၊ ၄င်းကို အလျင် ဖယ်ထုတ်ရမည် (သို့မဟုတ် VeraCrypt ထည့်သွင်းစနစ်ကို သုံး၍ အဆင့်မြှင့်ပါ)။ ၄င်းကို ဖယ်ထုတ်ရန်၊ ဖေါ်ပြပါ အဆင့်များကို လိုက်နာပါ - Window Vista (သို့) ၄င်းထက် အဆင့်မြင့်၌၊ 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall ကို ရွေးပါ၊ Windows XP ၌၊ 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove ကို ရွေးပါ။\n\nအလားတူ၊ အကယ်၍ သင်သည် VeraCrypt ကို အိတ်ဆောင်စနစ်ဖြင့် (စက်ထဲ ထည့်သွင်းစရာမလိုပဲ) သုံးစွဲရန် ကြိုးစားနေပြီး၊ အခြား VeraCrypt ဗားရှင်း တစ်ခုကို အိတ်ဆောင်စနစ်ဖြင့် သုံးစွဲနေပါက၊ အရင်ဦးဆုံး စက်ကို ပြန်ဖွင့်ပြီးနောက် ဤဗားရှင်းအသစ်ကိုသာ သုံးစွဲပါ။ + မှားယွင်းချက် - ဝှက်စာ စတင်လုပ်ဆောင်မှု မအောင်မြင်ပါ။ + ချို့ယွင်းချက် - ကီး၏ အားနည်းချက်/အားနည်းနိုင်ချေ တွေ့ရှိထားသည်။ ၎င်းကီးကို ဖယ်ထုတ်ရမည် ဖြစ်သည်။ ကျေးဇူးပြု၍ ထပ်ကြိုးစားပါ။ + ကြီးမားသော ချို့ယွင်းချက် တစ်ခု ဖြစ်ပေါ်နေသောကြောင့် VeraCrypt ကို အဆုံးသတ်မည် ဖြစ်သည်။ ၎င်းသည် VeraCrypt ထဲမှ ပရိုဂရမ်အမှား တစ်ခုကြောင့် ဖြစ်ပါက၊ ကျွန်ုပ်တို့ ပြုပြင်ပေးပါမည်။ ကျွန်ုပ်တို့ကို ကူညီရန် အောက်ပါ အချက်များ ပါဝင်သော အလို​အလျှောက် ထုတ်ပြန်သည့် ချို့ယွင်းချက် အကြောင်းကြားစာကို ပေးပို့နိုင်ပါသည်။\n\n- ပရိုဂရမ် ဗားရှင်း\n- OS ဗားရှင်း\n- CPU အမျိုးအစား\n- VeraCrypt အစိတ်အပိုင်း အမည်\n- Checksum of VeraCrypt executable\n- အညွန်း ၀င်းဒိုး အမှတ်အသား အမည်\n- ချို့ယွင်းချက် အမျိုးအစား\n- ချို့ယွင်းချက် တည်နေရာ\n- VeraCrypt ခေါ်ဆိုသော အကန့်\n\nအကယ်၍ 'ဟုတ်ကဲ့' ခလုတ်ကို နှိပ်ပါက၊ အောက်ပါ URL သည် သင့် ပုံမှန် အင်တာနက် ဘရောင်ဆာ၌ ဖွင့်လာမည် ဖြစ်သည်။\n\n%hs\n\n အထက်ပါ ချို့ယွင်းချက် အကြောင်းကြားစာကို ကျွန်ုပ်တို့ထံ ပေးပို့လိုသလား? + သင့်စက်၌ ကြီးကျယ်သော ချို့ယွင်းချက် တစ်ခု ဖြစ်ပေါ်နေသောကြောင့် VeraCrypt ကို အဆုံးသတ်မည် ဖြစ်သည်။\n\n ဤချို့ယွင်းချက်သည် VeraCrypt ကြောင့် မဟုတ်ပါ (ထို့ကြောင့် VeraCrypt ကို စီစဉ်ဖန်တီးသူများက ဖြေရှင်းပေး၍ မရပါ)။ သင့်ကွန်ပျူတာစနစ်၏ ဖြစ်နိုင်ချေ ပြဿနာများ (ဥပမာ - ကွန်ပျူတာစနစ် ပြင်ဆင်ချက်၊ ကွန်ရက် ဆက်သွယ်မှု၊ hardware အစိတ်အပိုင်း အလုပ်မလုပ်မှု) ကို စစ်ဆေးပါ။ + သင့်စက်၌ ကြီးကျယ်သော ချို့ယွင်းချက် တစ်ခု ဖြစ်ပေါ်နေသောကြောင့် VeraCrypt ကို အဆုံးသတ်မည် ဖြစ်သည်။\n\n အကယ်၍ ပြဿနာ ဆက်ရှိနေပါက၊ ဤပြဿနာကို ဖြစ်ပေါ်စေသော - ​ဗိုင်းရပ်စ် ဖယ်ရှား ဆော့ဗ်ဝဲ (သို့) အင်တာနက် လုံခြုံရေး ဆော့ဗ်ဝဲ၊ စက်လည်ပတ်မှုစနစ် "enhancers", "optimizers" (သို့) "tweakers" စသည့် ဖြစ်နိုင်ချေ အ​ပ္ပလီကေးရှင်းများကို ပိတ်ထားခြင်း (သို့) ဖယ်ထုတ်ခြင်း လုပ်ဆောင်နိုင်သည်။ အကယ်၍ အလုပ်မဖြစ်ပါက၊ (ဤပြဿနာသည် malware ကြောင့် ဖြစ်နိုင်သောကြောင့်) သင့် OS စနစ်ကို ပြန်လည် ထည့်သွင်းရန် လိုအပ်နိုင်သည်။ + VeraCrypt ၏ ကြီးမားသော ချို့ယွင်းချက် + rueCrypt သည် လတ်တလော၌ OS ပျက်စီးနေကြောင်း တွေ့ရှိရသည်။ OS ပျက်စီးရခြင်း၏ အကြောင်းရင်း များစွာရှိနိုင်ပါသည် (ဥပမာ အားဖြင့် -စက်ပိုင်းဆိုင်ရာ ပျက်စီးမှု၊ စက်ပစ္စည်း ဒရိုင်ဘာထဲ၌ ပရိုဂရမ် အမှား တစ်ခုခု ရှိနေ၍ စသဖြင့်...)။\n\n VeraCrypt ထဲ၌ ကွန်ပျူတာ လည်ပတ်မှု စနစ် ချို့ယွင်းစေသော ပရိုဂရမ် အမှား တစ်ခုခု ရှိမရှိ VeraCrypt အဖွဲ့ကို စစ်ဆေးစေလိုသလား? + VeraCrypt ကို ကွန်ပျူတာ လည်ပတ်မှုစနစ် ပျက်စီးမှုများအကြောင်း ဆက်လက် စုံစမ်းစေလိုသလား? + VeraCrypt သည် ကွန်ပျူတာ လည်ပတ်မှုစနစ်၌ ပျက်စီးနေသော minidump ဖိုင်ကို ရှာမတွေ့ပါ။ + Disk နေရာလွတ် ရရှိရန် ၀င်းဒိုးထဲက ပျက်စီးနေသော dump ဖိုင်ကို ပယ်ဖျက်လိုသလား? + ကွန်ပျူတာစနစ် ပျက်စီးမှုကို စစ်ဆေးနိုင်ရန်၊ ပထမဆုံး VeraCrypt သည် ၀င်းဒိုးထဲ၌ မိုက်ခရိုဆော့ဗ် Debugging Tools များကို ထည့်သွင်းရန် လိုအပ်သည်။\n\n 'ကောင်းပြီ' ခလုတ်ကို နှိပ်ပြီးနောက်၊ ဝင်းဒိုး ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်သည် မိုက်ခရိုဆော့ဗ် ဆာဗာမှ မိုက်ခရိုဆော့​ဗ် Debugging Tools (16 MB) ကို ဒေါင်းလုပ် ဆွဲယူသွားမည် ဖြစ်သည်။ (Windows ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်သည် veracrypt.org ဆာဗာ မှတဆင့် မိုက်ခရိုဆော့ဗ် ဆာဗာ ရှိရာသို့ ပို့ဆောင်ပေးမည် ဖြစ်သည်။ ဤ​နည်းဖြင့် မိုက်ခရိုဆော့ဗ်၏ ဆော့ဗ်ဝဲ ထည့်သွင်းမှုဖိုင်၏ တည်နေရာ ​​ပြောင်းသွားလျှင်ပင်၊ ဤအင်္ဂါရပ်ကို ဆက်လက် အလုပ်လုပ်သွားစေမည် ဖြစ်သည်။) + ကောင်းပြီ ခလုတ်ကို နှိပ်ပြီးပါက၊ VeraCrypt သည် ကွန်ပျူတာစနစ် ပျက်စီးမှုကို စစ်ဆေးသွားမည် ဖြစ်သည်။ ဒီအတွက် မိနစ်အ​တန်ကြာ အချိန်ယူမည် ဖြစ်သည်။ + Environment variable 'PATH' တွင် 'kd.exe' (Kernel Debugger) ပါဝင်နေရမည် ဖြစ်သည်။ + ကွန်ပျူတာစနစ် ပျက်စီးမှုသည် VeraCrypt ကြောင့် မဟုတ်ကြောင်း ပေါ်လွင်နေသည်။ ကွန်ပျူတာစနစ် ပျက်စီးရခြင်း အကြောင်းရင်း များစွာရှိနိုင်ပါသည် (ဥပမာ အားဖြင့် - စက်ပိုင်းဆိုင်ရာ ပျက်စီးမှု၊ စက်ပစ္စည်း၏ ဒရိုင်ဘာထဲမှ ပရိုဂရမ် အမှားတစ်ခုခု စသဖြင့်)။ + စစ်ဆေးမှု ရလဒ်အရ အောက်ပါ ဒရိုင်ဘာကို မွမ်းမံခြင်းအားဖြင့် ဤပြဿနာကို ဖြေရှင်းနိုင်ကြောင်း ညွှန်​ပြနေသည် - + TryeCrypt ၌ ပရိုဂရမ် အမှား ရှိမရှိ သိရှိနိုင်ရန်၊ သင့်အနေဖြင့် အောက်ပါ အချက်များ အပါအဝင် အလိုအလျောက် ထုတ်ပြန်သော ချို့ယွင်းချက် အကြောင်းကြားစာကို ကျွန်တော်တို့ထံ ပေးပို့နိုင်ပါသည်။\n- ပရိုဂရမ် ဗားရှင်း\n- OS ဗားရှင်း\n - CPU အမျိုးအစား\n- ချို့ယွင်းချက် အမျိုးအစား\n- ဒရိုင်ဘာ အမည်နှင့်ဗားရှင်း\n - System call stack\n\n 'ကောင်းပြီ' ကို ရွေးချယ်လိုက်ပါက၊ (ချို့ယွင်းချက် အကြောင်းကြားစာ အားလုံး ပါ၀င်သော) အောက်ပါ ကွန်ရက် လိပ်စာသည် သင့် ပုံမှန် အင်တာနက် ဘရောင်ဆာပေါ်တွင် ဖွင့်လာလိမ့်မည်။ + အထက်ပါ ချို့ယွင်းချက် မှတ်တမ်းကို ကျွန်တော်တို့ထံ ပေးပို့လိုသလား? + စာဝှက်ရန် + စာဝှက်ဖော်ရန် + &အမြဲတမ်း စာဝှက်ဖေါ်ရန် + ထွက်ရန် + ဤတိုးချဲ့ အခန်းကန့်အတွက် ယုတ္တိတန် drive တစ်ခု ဖန်တီးပြီး၊ ထပ်ကြိုးစားကြည့်ပါ။ + VeraCrypt volume တစ်ခုသည် (VeraCrypt သိမ်းဆည်းခန်းခေါ်) ဖိုင်တစ်ခုထဲ၌ တည်ရှိနိုင်သည်၊ ၄င်းကို hard disk ထဲ ဖြစ်စေ၊ USB flash drive တစ်ခုထဲ၌ ဖြစ်စေ ထားရှိနိုင်သည်။ VeraCrypt သိမ်းဆည်းခန်းသည် သာမန် ဖိုင် (ပုံမှန် ဖိုင်ကဲ့သို့ ရွှေ့​ပြောင်းနိုင်၊ ပယ်ဖျက်နိုင်သည်) နှင့် ဆင်တူသည်။ သိမ်းဆည်းခန်း တစ်ခုအတွက် ဖိုင်အမည် တစ်ခုကို ရွေးချယ်ရန်နှင့် သိမ်းဆည်းခန်း ဖန်တီးလိုသည့် နေရာကို ရွေးချယ်ရန် 'ဖိုင် ရွေးရန်' ကို နှိပ်ပါ။\n\nသတိပေးချက် - လက်ရှိ ဖိုင်တစ်ပုဒ်ကို သင် ရွေးချယ်ပါက၊ VeraCrypt သည် ၄င်းကို စာဝှက်ပေးမည် မဟုတ်ပါ။ ၄င်းဖိုင်သည် ပယ်ဖျက်ခံရပြီး အသစ် ဖန်တီးလိုက်သော VeraCrypt သိမ်းဆည်းခန်းဖြင့် အစားထိုးသွားမည် ဖြစ်သည်။ ယခု သင် ဖန်တီးတော့မည့် VeraCrypt သိမ်းဆည်းခန်းထဲတွင် လက်ရှိ ဖိုင်များကို (နောင်အခါ) ရွှေ့ပြောင်းခြင်းဖြင့် စာဝှက်နိုင်သည်။ + ပြင်ပ volume (ဤ volume ထဲ၌ လျှို့ဝှက် volume ကို နောင်ပိုင်းတွင် ဖန်တီးသွားမည် ဖြစ်သည်) ဖန်တီးမည့် နေရာကို ရွေးချယ်ပါ။\n\nVeraCrypt volume တစ်ခုသည် VeraCrypt သိမ်းဆည်းခန်းဟု ခေါ်သော ဖိုင်တစ်ခုထဲ၌ တည်ရှိနိုင်သည်။ ၄င်းကို hard disk နှင့် USB flash drive တစ်ခုခုထဲတွင် ထားရှိနိုင်သည်။ VeraCrypt သိမ်းဆည်းခန်းကို ပုံမှန် ဖိုင်တစ်ခုကဲ့သို့ ရွေ့ပြောင်းခြင်း၊ ဖျက်ခြင်းများ ပြုလုပ်နိုင်သည်။ သိမ်းဆည်းခန်းအတွက် ဖိုင်အမည်ကို ရွေးရန်နှင့် သိမ်းဆည်းခန်း ဖန်တီးမည့် နေရာကို ရွေးချယ်ရန် 'ဖိုင် ရွေးရန်' ကို နှိပ်ပါ။ လက်ရှိ ဖိုင်တစ်ခုကို သင် ရွေးချယ်ပါက၊ VeraCrypt ​သည် ၄င်းကို စာဝှက်ပေးမည် မဟုတ်ပါ။ ၄င်းသည် ပယ်ဖျက်ခံရမည် ဖြစ်ပြီး အသစ်ဖန်တီးလိုက်သော သိမ်းဆည်းခန်းနှင့် အစားထိုးသွားမည် ဖြစ်သည်။ ယခု ဖန်တီးလိုက်သော VeraCrypt သိမ်းဆည်းခန်းထဲတွင် လက်ရှိ ဖိုင်များကို (နောင်တွင်) ရွေ့ပြောင်းပြီး စာဝှက်ပေးနိုင်သည်။ + စာဝှက်ထားသော device သိမ်းထားသည့် VeraCrypt volumes များကို hard disks များ၊ solid-state drives များ၊ USB မှတ်ဉာဏ်ချောင်းများနှင့်၊ အခြား ပံ့ပိုး​ထားသော သိုလှောင်ရေး devices များရှိ အခန်းကန့်များတွင် ဖန်တီးနိုင်သည်။ အခန်းကန့်များ ​အစီအစဉ်တကျ စာဝှက်ပေးနိုင်သည်။\n\n ဒီ့အပြင်၊ စာဝှက်ထားသော စက်ကိရိယာ သိမ်းထားသည့် VeraCrypt volumes များကို အခန်းကန့်များ မပါရှိသော devices များ (hard disks နှင့် solid-state drives အပါအဝင်) ထဲတွင် ဖန်တီးနိုင်သည်။\n\nမှတ်ချက် - အကယ်၍ drive တစ်ခုထဲ၌ ၀င်းဒိုး တင်ထားပြီး ၄င်းကို သုံးစွဲနေပါက၊ အခန်းကန့်များ ပါရှိသော ၄င်း device တစ်ခုလုံးကို (ကီး တစ်ခုတည်း သုံးပြီး) အစီအစဉ်တကျ စာဝှက်နိုင်သည်။ + Device တစ်ခုထဲတွင် ထားရှိမည့် VeraCrypt volume ကို hard disk အခန်းကန့်၊ solid-state drive, USB မှတ်ဉာဏ်ချောင်းနှင့် အခြားသိုလှောင်ရေး devices များထဲတွင် ဖန်တီးနိုင်သည်။\n\n သတိပေးချက် - ယင်း အခန်းကန့်/device ကို ဖော်မက်ချမည် ဖြစ်ပြီး လောလောဆယ် သိုလှောင်ထားသော ဒေတာအားလုံး ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ + \n ပြင်ပ volume ဖန်တီးမည့် နေရာကို ရွေးချယ်ပါ (ဤ volume ထဲ၌ နောင်တွင် လျှို့ဝှက် volume ကို ဖန်တီးသွားမည် ဖြစ်သည်)။\n\n ပြင်ပ volume ကို hard disks, solid-state drives, USB မှတ်ဉာဏ်ချောင်းများနှင့်၊ အခြား ထောက်ပံ့ထားသော သိုလှောင်ရေး devices များ၏ အခန်းကန့်များအတွင်း ဖန်တီးနိုင်သည်။ ပြင် volume ကို အခြား အခန်းကန့်များ မရှိသည့် devices များအတွင်း ဖန်တီးနိုင်သည်။\n\nသတိပေးချက် - အခန်းကန့်/device ကို ဖော်မက်ချသွားပြီး ၄င်းအထဲ၌ သိုလှောင်ထားသော ဒေတာအားလုံး ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ + \n လျှို့ဝှက် volume တစ်ခု သင် ဖန်တီးလိုသည့် VeraCrypt volume နေရာကို ရွေးချယ်ပါ။ + သတိပေးချက် - Host ဖိုင်/device ကို အသုံးပြုထားပြီ။\n\n ဤအချက်ကို လျှစ်လျှူရှူခြင်း အားဖြင့် ကွန်ပျူတာစနစ် မတည်ငြိမ်မှု စသော မလိုလားအပ်သည့် ရလဒ်များ ဖြစ်ပေါ်စေနိုင်သည်။ Volume ကို အစမ​ပျိုးခင် host ဖိုင်/device ကို သုံစွဲနေသည့် အပ္ပလီကေးရှင်း အားလုံးကို ပိတ်ထားရမည်။\n\n ဆက်လက် အစပျိုးမည်လား? + ချို့ယွင်းချက် - volume ကို အစပျိုး၍ မရပါ။ host ဖိုင်/device ကို အသုံးပြုထားပြီး ဖြစ်သည်။ သီးခြား ၀င်ရောက်ခွင့် မပါပဲ အစပျိုးရန် ကြိုးပမ်းမှု မအောင်မြင်ပါ။ + ဖိုင်ကို ဖွင့်၍ မရပါ။ + Volume တည်နေရာ + ဖိုင်ကြီးများ + VeraCrypt volume ထဲ၌ 4 GB ထက်ကြီးသော ဖိုင်များကို သိမ်းဆည်းမည်လား? + အထက်မှ သင့် ရွေးချယ်မှုအပေါ် မူတည်၍၊ VeraCrypt သည် VeraCrypt volume အတွက် သင့်လျော်သော ပုံမှန် ဖိုင်စနစ်ကို ရွေးချယ်သွားမည် ဖြစ်သည် (နောက်လာမည့် အဆင့်တွင် ဖိုင်စနစ် တစ်ခုကို သင်ကိုယ်တိုင် ရွေးချယ်နိုင်မည် ဖြစ်သည်)။ + သင်သည် ပြင်ပ volume တစ်ခုကို ဖန်တီးနေသည့်အတွက်၊ 'မဟုတ်ပါ' ကို ရွေးချယ်ရန် စဉ်းစားသင့်သည်။ ပုံမှန် ဖိုင်စနစ်သည် NTFS ဖြစ်ပြီး၊ ၄င်းသည် ပြင်ပ volume အတွက် FAT (ဥပမာ အားဖြင့် - အကယ်၍ ပြင်ပ volume ကို FAT အဖြစ် မော်မက်ချပါက လျှို့ဝှက် volume ၏ ဖြစ်နိုင်ချေ အကြီဆုံး အရွယ်အစားသည် သိသိသာသာ ကြီးမားလာမည် ဖြစ်သည်) အဖြစ် ထားရှိရန် မသင့်တော်ပါ။ ပုံမှန်အားဖြင့်၊ FAT သည် လျှို့ဝှက် volume နှင့် သာမန် volume တို့အတွက် ပုံမှန် ဖြစ်သည် (FAT volume ကို သံသယ ဖြစ်မည် မဟုတ်ပါ)။ သို့သော်၊ အကယ်၍ သုံးစွဲသူသည် 4 GB ထက် ကြီးသော ဖိုင်များကို သိုလှောင်ရန် ရည်ရွယ်နေပါက၊ FAT ကို ပုံမှန် အဖြစ် ထားရှိ၍ မရပါ။ + 'ဟုတ်ကဲ့' ခလုတ်ကို ရွေးချယ်ရန် သေချာပြီလား? + Volume ဖန်တီးမှု စနစ် + အခန်းကန့် (သို့) device တစ်ခုခု၌ သိမ်းထားသော VeraCrypt volume (အခြား ရွေးစရာ ဖြစ်သော အစီအစဉ်တကျ စာဝှက်ခြင်းသည် နှေးကွေးသည်၊ အဘယ့်ကြောင့် ဆိုသော် အပိုင်းတစ်ခုစီ၌ ရှိသော အချက်အလက်များကို အရင် ဖတ်ရှုရမည်၊ စာဝှက်ရမည်၊ ရေးသားရမည် ဖြစ်သည်)။ ရွေးချယ်ထားသော အခန်းကန့်/device ထဲ၌ လောလောဆယ် သိုလှောင်ထားသော ဒေတာများ ပျောက်ဆုံးသွားမည် ဖြစ်သည် (ဒေတာများကို စာဝှက်ထားမည် မဟုတ်ပဲ၊ ကျပန်း ဒေတာများဖြင့် အစားထိုးသွားမည် ဖြစ်သည်)။ အခန်းကန့် တစ်ခုထဲရှိ လက်ရှိ ဒေတာများကိ စာဝှက်လိုပါက၊ အခြား ရွေးစရာကို ရွေးချယ်ပါ။ + ရွေးချယ်ထားသော အခန်းကန့် တစ်ခုလုံးနှင့် ၄င်း၌ သိုလှောင်ထားသော ဒေတာ အားလုံးကို အစီအစဉ်တကျ စာဝှက်ပေးမည် ဖြစ်သည်။ အကယ်၍ အခန်းကန့် နေရာသည် လွတ်နေလျှင်၊ အခြား ရွေးစရာကကို ရွေးချယ်ပါ (volume ကို ပိုပြီး မြန်ဆန်စွာ ဖန်တီးနိုင်မည် ဖြစ်သည်)။ + မှတ်ချက် - + &ပြန်စရန် + &ရွှေ့ဆိုင်းရန် + &စတင်ရန် + ဆက်လုပ်ရန် + &ဖော်မက်ချရန် + &ရှင်းလင်းရန် + ဖော်မက်ချခြင်း ရပ်ဆိုင်းမည်လား? + နောက်ထပ် အချက်အလက်များ ပြရန် + ဤအရာကို ထပ်မပြပါနှင့် + အခန်းကန့်/device ၌ ရှိသော အကြောင်းအရာများကို အောင်မြင်စွာ ဖျက်ဆီးလိုက်ပြီ။ + မူလ ကွန်ပျူတာစနစ် (လျှို့ဝှက်စနစ်ကို ပွားယူသော) တည်ရှိခဲ့သော အခန်းကန့်ရှိ အကြောင်းအရာများကို အောင်မြင်စွာ ဖျက်ဆီးလိုက်ပြီ။ + စက်ထဲ သင် (ရှင်းလင်းထားသော အခန်းကန့်​၌) ထည့်သွင်းတော့မည့် ဝင်းဒိုး ဗားရှင်းသည် လောလောဆယ် သင် သုံးစွဲနေသော ဝင်းဒိုး ဗားရှင်းနှင့် တူညီရမည်။ အဘယ်ကြောင့် ဆိုသော် ၄င်း ကွန်ပျူတာစနစ် နှစ်ခုစလုံးသည် boot အခန်းကန့် တစ်ခုတည်းကို မျှဝေ သုံးစွဲကြမည် ဖြစ်သည်။ + ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို အောင်မြင်စွာ စာဝှက်လိုက်ပါပြီ။ \n\n မှတ်ချက် - အကယ်၍ ဝင်းဒိုး စဖွင့်သည့် အခါတိုင်းတွင် အလိုအလျောက် အစပျိုးစေလိုသည့် ကွန်ပျူတာစနစ် မဟုတ်သော VeraCrypt volumes ရှိပါက၊ ၄င်းတို့ တစ်ခုချင်းစီကို အစပျိုးခြင်းဖြင့် ၄င်း၊ 'စိတ်ကြိုက်များ' > 'အစပျိုးခဲ့သော Volume ကို ကွန်ပျူတာစနစ် စိတ်ကြိုက်များ' ရွေးချယ်ခြင်းဖြင့်၄င်း စီစဉ်နိုင်သည်။ + ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို အောင်မြင်စွာ စာဝှက်ဖြည်လိုက်ပြီ။ + \n\n VeraCrypt volume ကို ဖန်တီးလိုက်ပြီ ဖြစ်၍ သုံးစွဲရန် အသင့် ဖြစ်နေပြီ။ အခြား VeraCrypt volume ကို ဖန်တီးလိုပါက၊ 'ရှေ့သို့' ကို နှိပ်ပါ။ ဒါမှမဟုတ် 'ထွက်ရန်' ကို နှိပ်ပါ။ + \n\n လျှို့ဝှက် VeraCrypt volume ကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီ (လျှို့ဝှက် OS သည် ဤလျှို့ဝှက် volume ထဲ၌ ရှိနေမည် ဖြစ်သည်)။\n\n ဆက်လုပ်ရန် 'ရှေ့သို့' ကို နှိပ်ပါ။ + Volume ကို အပြည့်အ၀ စာဝှက်ထားပြီ + Volume Fully Decrypted + အရေးကြီးချက် - အသစ်စက်စက် ဖန်တီးလိုက်သော VERACRYPT VOLUME ကို အစပျိုးပြီး ၄င်းအထဲ၌ သိုလှောင်ထားသော ဒေတာကို ရယူရန်၊ 'Devices များ အလိုလို အစပျိုးရန်' ကို နှိပ်ပါ။ စကားဝှက် (နှင့် ကီးဖိုင်) အမှန်ကို ထည့်သွင်းပြီးပါက ()၊ VeraCrypt ၏ ပင်မ ၀င်းဒိုးပေါ်ရှိ စာရင်းမှ သင် ရွေးချယ်လိုက်သော drive အက္ခရာဖြင့် volume ကို အစပျိုးလာမည် (ပြီးနောက် စာဝှက်ထားသော ဒေတာကို ရွေးချယ်​ထားသော drive အက္ခရာမှတဆင့် ၀င်ရောက်နိုင်မည်) ဖြစ်သည်။\n\nအ​ထက် ဖေါ်ပြပါ အဆင့်များကို မှတ်ထားခြင်း/ရေးမှတ်ခြင်း ပြုထားပါ။ VOLUME ကို အစပျိုးလိုသော အချိန်၊ အထဲ၌ သိုလှောင်ထားသော ဒေတာများကို ရယူလိုသည့်အချိန်တွင် ၄င်းအဆင့်များအတိုင်း လုပ်ဆောင်ပါ။ တနည်းအားဖြင့် - VeraCrypt ၏ ပင်မ ဝင်းဒိုးထဲ၌ တွင် 'Device ရွေးရန်' ကို နှိပ်ပါ၊ ထို့နောက် ဤ အခန်းကန့်/volume ကို ရေးပြီး၊ 'အစပျိုးရန်' ကို နှိပ်ပါ။\n\n အခန်းကန့်/volume ကို အောင်မြင်စွာ စာဝှက်လိုက်ပြီ ဖြစ်၍ သုံးစွဲရန် အသင့် ဖြစ်နေပြီ။ + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCrypt volume ကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီ။ + Volume ဖန်တီးလိုက်ပြီ + အရေးကြီးချက် - သင့် ကြွက်ခလုတ်ကို ဤဝင်းဒိုးအတွင်း တက်နိုင်သမျ ကျပန်း ရွေ့လျားပါ။ ပိုကြာလေ ကောင်းလေ ဖြစ်သည်။ ၎င်းသည် စာဝှက် ကီးများ၏ ဝှက်စာ ကြံ့ခိုင်မှုကို အားကောင်းစေသည်။ ထို့နောက် volume ကို ဖန်တီးရန် ဖော်မက်ချရန် ကို နှိပ်ပါ။ + ပြင်ပ volume ကို ဖန်တီးရန် ဖော်မက်ချရန် ကို နှိပ်ပါ။ အချက်အလက် အပြည့်အစုံကို အသုံးပြုနည်း လမ်းညွှန်၌ ​ဖတ်ရှုပါ။ + ပြင်ပ Volume ပုံစံ + လျှို့ဝှက် Volume ပုံစံ + Volume ပုံစံ + VeraCrypt သုံးစွဲသူ လမ်းညွှန်ကို ဖတ်ရှုရန် (သို့) ပရင့်ထုတ်ရန် Adobe Reader လိုအပ်သည်။ Adobe Reader (အခမဲ့ ဆော့ဗ်ဝဲ) ကို www.adobe.com တွင် ဒေါင်းလုဒ် ဆွဲယူနိုင်သည်။\n\n ၄င်းအစား အွန်လိုင်း သုံးစွဲနည်း လမ်းညွှန်ကို ဖတ်ရှုလိုသလား? + ဤရွေးစရာကို သင် ရွေးချယ်ပါက၊ အညွှန်းစာမျက်နှာ တစ်ခုသည် ပုံမှန် VeraCrypt volume တစ်ခုကို ဖန်တီးပြီး ၄င်း အထဲ၌ လျှို့ဝှက် volume တစ်ခုကို ဖန်တီးရန် အထောက်အကူ ပေးမည် ဖြစ်သည်။ အတွေ့အကြုံ မရှိသေးသော သုံးစွဲသူများသည် ဤရွေးစရာကို အမြဲ ရွေးချယ်ထားရမည် ဖြစ်သည်။ + ဤရွေးစရာကို သင် ရွေးချယ်ပါက၊ လက်ရှိ VeraCrypt volume တစ်ခု အထဲ၌ လျှို့ဝှက် volume တစ်ခုကို သင် ဖန်တီးရမည် ဖြစ်သည်။ သင့်အနေဖြင့် လျှို့ဝှက် volume တစ်ခု ထားရှိရန် သင့်လျှော်သော VeraCrypt volume တစ်ခုကို ဖန်တီးလိုက်ပြီဟု ယူဆပါမည်။ + Volume ဖန်တီးမှု စနစ် + လျှို့ဝှက် Volume ဖန်တီးလိုက်ပြီ + လျှို့ဝှက် VeraCrypt volume ကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီး သုံးစွဲရန် အသင့်ဖြစ်ပါပြီ။ အကယ်၍ ညွှန်ကြားချက်များကို လိုက်နာပြီး၊ VeraCrypt သုံးစွဲသူ လမ်းညွှန် အခန်း "လျှို့ဝှက် Volumes များ အတွက် လုံခြုံရေး လိုအပ်ချက်များနှင့် ကြိုတင် ကာကွယ်မှုများ" ထဲ၌ ဖေါ်ပြထားသည့် ကြိုတင်ကာကွယ်မှုများနှင့် လိုအပ်ချက်များကို လိုက်နာပါက၊ ပြင်ပ volume ကို အစပျိုးထားလျှင်ပင်၊ လျှို့ဝှက် volume တည်ရှိကြောင်း ​သက်သေပြနိုင်မည် ဖြစ်သည်။\n\nသတိပေးချက် - အကယ်၍ သင်သည် လျှို့ဝှက် VOLUME ကို (လုပ်ဆောင်နည်းနဲ့ ပါတ်သက်သော အချက်အလက်ကို VERACRYPT သုံးစွဲသူ လမ်းညွှန်ထဲရှိ "လျှို့ဝှက် VOLUMES များကို မပျက်စီးအောင် ကာကွယ်နည်း" ကို လေ့လာပါ) မကာကွယ်ထားပါက၊ ပြင်ပ VOLUME ထဲ၌ ရေးသားခြင်း မပြုပါနှင့်။ သို့မဟုတ်ပါက၊ လျှို့ဝှက် VOLUME ပေါ် သင် ထပ်ရေးမိပြီး ၄င်းကို ပျက်စီးစေလိမ့်မည် ဖြစ်သည်။ + သင်သည် လျှို့ဝှက် OS ကို စတင် လည်ပတ်​​နေပြီ။ လျှို့ဝှက် OS သည် မူလ လျှို့ဝှက် OS ကဲ့သို့ အခန်းကန့် တစ်ခုထဲ၌ ထည့်သွင်းထာသကဲ့သို့ ပေါ်လွင်နေသည်ကို သင် သတိပြုမိလိမ့်မည်။ သို့သော်၊ လက်တွေ့၌၊ လျှို့ဝှက် volume ၏ နောက်ကွယ်ရှိ အခန်းကန့်ထဲတွင် ထည့်သွင်းထားခြင်း ဖြစ်သည်။ အရေး/အဖတ် လုပ်ငန်းစဉ်အားလုံးကို မှုလ ကွန်ပျူတာစနစ် အခန်းကန့်မှ လျှို့ဝှက် volume ထဲ လွှဲပြောင်းပေးနေသည်။\n\nOS ဒါမှမဟုတ် အပ္ပလီကေးရှင်းများကပင် ကွန်ပျူတာစနစ် အခန်းကန့်ထဲ၌ ဒေတာများ ရေးသားချက်/ဖတ်ရှုချက်များသည် လျှို့ဝှက် volume နောက်ကွယ်က အခန်းကန့်မှ ပြုလုပ်နေကြောင်း သိရှိမည် မဟုတ်ပါ။ ယင်းကဲ့သို့ ဒေတာများကို ထုံးစံအတိုင်း (မျက်လှည့် OS အတွက် အသုံးပြုမည့် စာဝှက် ကီးနှင့် မတူသော) လက်ငင်း စာဝှက်ပေးခြင်း၊ စာဝှက်ဖြည်ပေးခြင်းများ ဆောင်ရွတ်ပေးသည်။\n\n ဆက်လုပ်ရန် 'ရှေ့သို့' ကို နှိပ်ပါ။ + ပြင်ပ volume ကို ဖန်တီးခဲ့ပြီး drive %hc အဖြစ် အစပျိုးလိုက်ပြီ။ ဤပြင်ပ volume ထဲ၌ သင် တကယ် မဝှက်ထားလိုသော အရေးကြီးပုံပေါ်သည့် ဖိုင်အချို့ကို ကော်ပီကူးလိုက်ပါ။ ဤအရာသည် သင့်ကို ကွန်ပျူတာစနစ် အခန်းကန့်၏ နောက်ကွယ်မှ ပထမ အခန်းကန့်၏ စကားဝှက်ကို အကျပ်ကိုင် တောင်းဆိုလာသူအား ပေးရန် ဖြစ်သည်။ ထိုနေရာ၌ ပြင်ပ volume နှင့် (လျှို့ဝှက် OS အပါအ၀င်) လျှို့ဝှက် volume နှစ်ခုစလုံး တည်ရှိနေကြသည်။\n\n အရေးကြီးချက် - ပြင်ပ volume သို့ သင် ကော်ပီကူးသော ဖိုင်များသည် %s ထက် နေရာ မယူစေရပါ။ သို့မဟုတ်ပါက၊ ပြင်ပ volume ၌ လျှို့ဝှက် volume ထားရှိရန်အတွက် နေရာအလွတ် ရှိမည် မဟုတ်ပါ (နောက်ပြီး သင် အလုပ် ဆက်လုပ်၍ ရမည် မဟုတ်ပါ)။ ကော်ပီ ကူးပြီးပါက၊ 'ရှေ့သို့' ကို နှိပ်ပါ (volume ကို အဆုံးမသတ်ပါနှင့်)။ + ပြင်ပ volume ကို ဖန်တီးခဲ့ပြီး drive %hc အဖြစ် အစပျိုးလိုက်ပြီ။ ဤပြင်ပ volume ထဲ၌ သင် တကယ် မဝှက်ထားလိုသော အရေးကြီးပုံပေါ်သည့် ဖိုင်အချို့ကို ကော်ပီကူးလိုက်ပါ။ ၎င်းဖိုင်များသည် သင့် စကားဝှက်ကို အကျပ်ကိုင် တောင်းဆိုလာသူများအား ပြသရန်အတွက် ဖြစ်သည်။ သင်အနေဖြင့် လျှို့ဝှက် volume မဟုတ်ပဲ၊ ပြင်ပ volume ၏ စကားဝှက်ကိုသာ ဖေါ်ပြရမည် ဖြစ်သည်။ သင် တကယ် ဂရုစိုက်ရမည့် ဖိုင်များကို လျှို့ဝှက် volume ထဲတွင် သိမ်းဆည်းမည် ဖြစ်သည်။ ၄င်းကို နောက်ပိုင်းတွင် ဖန်တီးသွားမည် ဖြစ်သည်။ ကော်ပီ ကူးပြီးပါက၊ ရှေ့သို့ ကို နှိပ်ပါ။ ဤ volume ကို အဆုံးမသတ်ပါနှင့်။ \n\n မှတ်ချက် - ရှေ့သို့ ကို သင်နှိပ်ပြီးပါက၊ ကျန်ရှိနေသေးသည့် နေရာလွတ် ပမာဏကို သိရှိရန် ပြင်ပ volume ၏cluster bitmap ကို စကင်ဖတ် စစ်ဆေးသွားမည် ဖြစ်သည်။ ၄င်းသည် volume ၏ အဆုံးပိုင်းနှင့် တစ်ဆက်တည်း တည်ရှိသည်။ ဤနေရာ၌ လျှို့ဝှက် volume ကို ထားရှိသွားမည်။ ဤသို့ဖြင့် ၄င်း၏ အများဆုံး အရွယ်ပမာဏကို ရရှိလာမည် ဖြစ်သည်။ Cluster bitmap စကင်ဖတ် စစ်ဆေးခြင်းဖြင့် ပြင်ပ volume ရှိ ဒေတာများကို လျှို့ဝှက် volume မှ မပျက်စီးစေရန် သေချာစေမည် ဖြစ်သည်။ + ပြင်ပ Volume အကြောင်းအရာများ + \n\n နောက်တဆင့်တွင်၊ ပြင်ပ volume ၏​ ရွေးစရာများကို သင် သတ်မှတ်ရမည် ဖြစ်သည် (၄င်းအထဲ၌ လျှို့ဝှက် volume ကို နောက်ပိုင်းတွင် ဖန်တီးသွားမည် ဖြစ်သည်)။ + \n\n နောက်တဆင့်တွင်၊ ကွန်ပျူတာစနစ် အခန်းကန့် နောက်ကွယ်ရှိ ပထမ အခန်းကန့်အတွင်း၌ (အရင် အဆင့်များ၌ ရှင်းပြခဲ့သည်အတိုင်း) ပြင်ပ VeraCrypt volume ကို ဖန်တီးရမည် ဖြစ်သည်။ + ပြင်ပ Volume + အောက်ပါ အဆင့်များတွင်၊ လျှို့ဝှက် volume အတွက် ရွေးစရာများနှင့် စကားဝှက်ကို သတ်မှတ်ရမည်။ ၄င်း၌ လျှို့ဝှက် volume ပါရှိရမည် ဖြစ်သည်။\n\n မှတ်ချက် - ကျန်ရှိနေသေးသည့် နေရာလွတ် ပမာဏကို သိရှိရန် ပြင်ပ volume ၏cluster bitmap ကို စကင်ဖတ် စစ်ဆေးသွားမည် ဖြစ်သည်။ ၄င်းသည် volume ၏ အဆုံးပိုင်းနှင့် တစ်ဆက်တည်း တည်ရှိသည်။ ဤနေရာ၌ လျှို့ဝှက် volume ကို ထားရှိသွားခြင်းဖြင့် ၄င်း၏ အများဆုံး အရွယ်ပမာဏကို ရရှိမည် ဖြစ်သည်။ လျှို့ဝှက် volume ၏ အများဆုံး အရွယ်ပမာဏကို ဆုံးဖြတ်ပြီး ကွန်ပျူတာစနစ်၏ အရွယ်အစားထက် ပိုကြီးကြောင်း အတည်ပြုမည် ဖြစ်သည် (ဤအချက်သည် အရေးကြီးသည်၊ အဘယ်ကြောင့်ဆိုသော်၊ ကွန်ပျူတာစနစ် အခန်းကန့်၏ အကြောင်းအရာ တစ်ခုလုံးကို လျှို့ဝှက် volume ထဲ၌ ကော်ပီကူးရမည် ဖြစ်သည်)။ ဤသို့ဖြင့် ပြင်ပ volume ရှိ ဒေတာများကို လျှို့ဝှက် volume မှ မဖျက်မိစေရန် သေချာစေမည် ဖြစ်သည်။ + အရေးကြီးချက် - ဤအဆင့်၌ သင် ရွေးချယ်ထားသော အယ်လ်ဂိုရစ်သမ်များကို မှတ်ထားပါ။ မျက်လှည့် ကွန်ပျူတာစနစ်အတွက် အလားတူ အယ်လ်ဂိုရစ်သမ်ကို ရွေးချယ်ရမည် ဖြစ်သည်။ သို့မဟုတ်ပါက၊ လျှို့ဝှက် ကွန်ပျူတာစနစ်ထဲ ၀င်နိုင်မည် မဟုတ်ပါ။ (မျက်လှည့် ကွန်ပျူတာစနစ်ကို လျှို့ဝှက် ကွန်ပျူတာစနစ်ကဲ့သို့ အလားတူ စာဝှက်ထားသော အယ်လ်ဂိုရစ်သမ်ဖြင့် စာဝှက်ထားမည် ဖြစ်သည်။)\n\n မှတ်ချက် - အကြောင်းမှာ မျက်လှည့် ကွန်ပျူတာစနစ်နှင့် လျှို့ဝှက် ကွန်ပျူတာစနစ်တို့သည် သုံးစွဲသူက ရွေးချယ်ပြီး အယ်လဂိုရီသမ် တစ်မျိုးတည်းကိုသာ ပံ့ပိုးထားသော boot loader တစ်ခုတည်းကို မျှဝေ ကြမည် ဖြစ်သည် (အယ်လ်ဂိုရစ်သမ် တစ်ခုစီအတွက်၊ VeraCrypt ၏ Boot Loader အထူး ဗားရှင်း တမျိုး ရှိသည်)။ + \n\n Volume cluster bitmap ကို စစ်ဆေးပြီး၊ လျှို့ဝှက် volume ၏ အများဆုံး အ​ရွယ်ပမာဏကို ဆုံးဖြတ်လိုက်ပြီ။ နောက်အဆင့်များတွင်၊ လျှို့ဝှက် volume အတွက် ရွေးစရာများ၊ အရွယ်ပမာဏနှင့်၊ စကားဝှက်များကို သင် သတ်မှတ်ရမည် ဖြစ်သည်။ + လျှို့ဝှက် Volume + ယခုအချိန်တွင် လျှို့ဝှက် volume ကို ပြင်ပြ volume အဆုံးသတ်သည့် အထိ ပျက်စီမှု မရှိအောင် ကာကွယ်ထားသည်။\n\nသတိပေးချက် - အကယ်၍ ဒေတာများကို လျှို့ဝှက် volume နေရာတွင် သိမ်းဆည်းရန် ကြိုးပမ်းပါက၊ VeraCrypt သည် volume တစ်ခုလုံး (ပြင်ပနှင့် လျှို့ဝှက် အပိုင်း နှစ်ခုစလုံး) ကို အဆုံးမသတ်မီအထိ ရေးသား၍ မရအောင် ကာကွယ်ပေးမည် ဖြစ်သည်။ ဤသို့ ပြုလုပ်ခြင်းကြောင့် ပြင်ပ volume ၌ ဖိုင်စနစ် ပျက်စီးမှု ဖြစ်ပေါ်စေနိုင်သည်။ ၄င်းကို ထပ်တလဲလဲ လုပ်ဆောင်ပါက လျှို့ဝှက် volume ၏ ငြင်းပယ်နိုင်မှုကို ဆိုးဆိုးရွားရွား ထိခိုက်စေနိုင်သည်။ ထို့ကြောင့်၊ လျှို့ဝှက် volume နေရာ၌ ရေးသားမှုကို ရှောင်ရှားရန် ကြိုးစားရမည်။ လျှို့ဝှက် volume နေရာ၌ သိမ်းဆည်းထားသော ဒေတာများကို သိမ်းဆည်းပေးမှာ မဟုတ်ပဲ၊ ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ ၀င်းဒိုးသည် ၄င်းကို ရေးသားမှု ချို့ယွင်းချက် ("ကြန့်ကြာ​သော ရေးသားမှု မအောင်မြင်ပါ" (သို့) "ပါရာမီတာ မမှန်ကန်ပါ") အဖြစ် မှတ်တမ်းတင်နိုင်သည်။ + အသစ်စက်စက် အစပျိုးလိုက်သော volumes ထဲမှ လျှို့ဝှက် volumes များ တစ်ခုစီကို အဆုံးမသတ်မီအထိ ပျက်စီးမှု မရှိရန် ကာကွယ်ထားသည်။\n\nသတိပေးချက် - အကယ်၍ ၄င်း volumes များ၏ ကာကွယ်ထားသော လျှို့ဝှက် volumes နေရာ၌ ဒေတာများကို သိမ်းဆည်းရန် ကြိုးစားပါက၊ VeraCrypt သည် volume တစ်ခုလုံး (ပြင်ပနှင့် လျှို့ဝှက် အပိုင်း အပါအ၀င်) ကို အဆုံးမသတ်မီအထိ ရေးသားမှု မပြုနိုင်ရန် ကာကွယ်ပေးမည် ဖြစ်သည်။ ၎င်းကို ထပ်ခါတလဲလဲ ပြုလုပ်ပါက လျှို့ဝှက် volume ၏ ငြင်းပယ်နိုင်မှုကို ဆိုးဆိုးရွားရွား ထိခိုက်စေနိုင်သည်။ ထို့ကြောင့်၊ လျှို့ဝှက် volume နေရာ၌ ရေးသားခြင်း မပြုရန် တတ်နိုင်သမျှ ရှောင်ရှားရမည်။ ကာကွယ်ထားသော လျှို့ဝှက် volume နေရာများ၌ သိမ်းဆည်းထားသော ဒေတာများကို သိမ်းဆည်းပေးမှာ မဟုတ်ပဲ၊ ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ ၀င်းဒိုးသည် ၄င်းကို ရေးသားမှု ချို့ယွင်းချက် ("ကြန့်ကြာ​သော ရေးသားမှု မအောင်မြင်ပါ" (သို့) "ပါရာမီတာ မမှန်ကန်ပါ") အဖြစ် မှတ်တမ်းတင်နိုင်သည်။ + သတိပေးချက် - %c အဖြစ် အစပျိုးထားသော volume ၏ လျှို့ဝှက် volume နေရာ၌ ဒေတာများကို သိမ်းဆည်းရန် ကြိုးစားနေသည်။ VeraCrypt သည် လျှို့ဝှက် volume ကို ကာကွယ်နိုင်ရန် ၄င်းဒေတာများကို သိမ်းဆည်း၍ မရအောင် တားဆီးနေသည်။ ၄င်းသည် ပြင်ပ volume ၌ ဖိုင်စနစ်ကို ပျက်စီးစေနိုင်ပြီး ၀င်းဒိုးသည် ၄င်းကို ရေးသားမှု ချို့ယွင်းချက် ("ကြန့်ကြာ​သော ရေးသားမှု မအောင်မြင်ပါ" (သို့) "ပါရာမီတာ မမှန်ကန်ပါ") အဖြစ် မှတ်တမ်းတင်နိုင်သည်။ Volume တစ်ခုလုံး (ပြင်ပနှင့် လျှို့ဝှက် အပိုင်း အပါအ၀င်) ကို အဆုံးမသတ်မီအထိ ရေးသားမှု မပြုနိုင်ရန် ကာကွယ်ပေးမည် ဖြစ်သည်။ အကယ်၍ ဤ volume ရှိ လျှို့ဝှက် volume နေရာသို့ ဒေတာများ သိမ်းဆည်းနေမှုကို VeraCrypt က ပထမဆုံးအကြိမ် တားမြစ်နေခြင်း ဖြစ်ပါက၊ ဤလျှို့ဝှက် volume ၏ ငြင်းပယ်နိုင်မှုကို (ပြင်ပ volume ဖိုင်စနစ်အတွင်း သာမန် မဟုတ်သော ဖြစ်နိုင်ဖွယ် လိုက်ဖက်မှု မရှိခြင်းကြောင့်) ဆိုးဆိုးရွားရွား ထိခိုက်စေနိင်သည်။ ထို့ကြောင့်၊ (အမြန် မော်မက်ချစနစ်ကို ပိတ်ထားပြီး) VeraCrypt volume အသစ် တစ်ခုကို ဖန်တီးရန် စဉ်းစားပါ။ ဤ volume မှ ဖိုင်များကို ​volume အသစ်ဆီ ရွှေ့ပြောင်းပါ။ ဤ volume ကို လုံခြုံစွာ (ပြင်ပနှင့် လျှို့ဝှက် အပိုင်း) ဖျက်ဆီးရမည် ဖြစ်သည်။ OS ကို ယခု ပြန်ဖွင့်ရန် အထူး အကြံပြုလိုသည်။ + သင်သည် ဤ volume ၌ 4 GB ထက်ကြီးသော ဖိုင်များကို သိမ်းဆည်းရန် ရည်ရွယ်နေကြောင်း ဖော်ပြနေသည်။ Volume သည် NTFS ဖြစ်ရမှာ ဖြစ်သည်၊ သို့သော် ၄င်းသည် မဖြစ်နိုင်ပါ။ + လျှို့ဝှက် OS ကို အသုံးပြုသည့်အခါ၊ လျှို့ဝှက် မထားသော VeraCrypt volumes များကို NTFS အဖြစ် ဖော်မက်ချ၌ မရပါ။ အကြောင်းရင်းမှာ ၄င်း volume ကို ရေးသား​ရန် ပိတ်ပင်ချက် မရှိပဲ ယာယီ အစပျိုးဖို့ လိုအပ်သည်။ သို့မှသာ OS ကို NTFS အဖြစ် ​ဖော်မက်ချနိုင်မည် ဖြစ်သည် (FAT အဖြစ် ဖော်မက်ချခြင်းကို VeraCrypt ကသာ ​လုပ်ဆောင်ပြီး၊ OS မှ လုပ်ဆောင်ခြင်း မဟုတ်ပါ၊ volume ကို အစပျိုးစရာ မလိုပါ)။ နောက်ထပ် နည်းပညာဆိုင်ရာ အသေးစိတ်များကို အောက်တွင် လေ့လာပါ။ မျက်လှည့် OS အတွင်း၌ လျှို့ဝှက် မထားသော NTFS volume ကို သင် ဖန်တီးနိုင်သည်။ + လုံခြုံရေး အကြောင်းများကြောင့်၊ လျှို့ဝှက် OS အသုံးပြုသည့်အခါ၊ လျှို့ဝှက် volumes များကို 'တိုက်ရိုက်' စနစ်ဖြစ်သာ ဖန်တီးနိုင်မည် ဖြစ်သည် (အဘယ့်ကြောင့်ဆိုသော် volumes များကို ဖတ်ရှုရန်အတွက်သာ အမြဲတမ်း အစပျိုးရပါမည်)။ လျှို့ဝှက် volume တစ်ခုကို လုံခြုံ​စွာ ဖန်တီးရန်၊ အောက်ပါ အဆင့်များကို လိုက်နာပါ -\n\n၁) မျက်လှည့် ကွန်ပျူတာစနစ်ကို ဖွင့်ပါ။\n\n၂) ပုံမှန် VeraCrypt volume ကို ဖန်တီးပြီး၊ ၄င်း volume ထဲ၌ သင်သည် အမှန်တကယ် မဝှက်ထားလိုသော အရေးကြီးပုံပေါ်သည့် ဖိုင်အချို့ကို ကော်ပီ ကူးပါ (ဤ volume သည် ပြင်ပ volume ဖြစ်လာမည် ဖြစ်သည်)ပါ။\n\n၃) လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို ဖွင့်ပြီး VeraCrypt Volume ဖန်တီးမှု အညွှန်းကို စတင်ပါ။ အကယ်၍ Volume ၌ ဖိုင်သိမ်းထားပါက၊ ၄င်းကို ကွန်ပျူတာစနစ် အခန်းကန့်ထဲ (သို့) အခြား လျှို့ဝှက် Volume ထဲ ရွှေ့​​ပြောင်းလိုက်ပါ (သို့မဟုတ်ပါက၊ အသစ် ဖန်တီးလိုက်သော လျှို့ဝှက် Volume သည် ဖတ်ရှုရန်အတွက်သာ အစပျိုးနိုင်မည် ဖြစ်ပြီး ၄င်းကို ဖော်မက်ချနိုင်မည် မဟုတ်ပါ)။ 'တိုက်ရိုက်' လျှို့ဝှက် Volume ဖန်တီးမှု စနစ်ကို ရွေးချယ်ရန် အညွှန်း၌ ဖေါ်ပြထားသည် ညွှန်ကြားချက်များကို လိုက်နာပါ။\n\n၄) အညွှန်းထဲ၌၊ အဆင့် ၂ တွင် သင် ဖန်တီးခဲ့သော Volume ကို ရွေးချယ်ပြီး၊ ၄င်းအထဲ၌ လျှို့ဝှက် Volume တစ်ခု ဖန်တီးရန် ညွန်ကြားချက်များကို လိုက်နာပါ။ + လုံခြုံရေး အကြောင်းများကြောင့်၊ လျှို့ဝှက် OS အသုံးပြုသည့်အခါ၊ စာဝှက်မထားသော လောကယ် ဖိုင်စနစ်များနှင့် လျှို့ဝှက်မထားသော VeraCrypt volumes များကို ဖတ်ရှုရန်သက်သက် အဖြစ် အစပျိုးလာသည် (ထိုကဲ့သို့သော ဖိုင်စနစ်များ (သို့) VeraCrypt volumes များထဲ၌ ဒေတာများကို ရေးသား၍ မရပါ)။\n\nလျှို့ဝှက် VeraCrypt volume ထဲ၌ ရှိသော ဖိုင်စနစ်များထဲ​ ဒေတာများကို ရေးသားနိုင်သည် (လျှို့ဝှက် volume သည် စာဝှက်မထားသော ဖိုင်စနစ် (သို့) အခြား ဖတ်ရှုရန် သက်သက် ဖိုင်စနစ်ထဲ၌ ရှိသော သိမ်းဆည်းခန်းထဲ၌ မရှိပါ)။ + - ၄င်းသည် လျှို့ဝှက် VeraCrypt Volumes များကို အစပျိုးရန် လုံခြုံသော ပလက်ဖောင်း တစ်ခုကို ဖန်တီးစေသည်။ လျှို့ဝှက် volumes များသည် လျှို့ဝှက် OS ကို အသုံးပြုသည့်အခါ၌သာ အစပျိုးရန် ကျွန်ုပ်တို့ တရားဝင် အကြံပြုပါသည်။ (နောက်ထပ် အချက်အလက်များကို အသုံးပြုနည်း လက်စွဲထဲရှိ လျှို့ဝှက် volumes များနှင့် သက်ဆိုင်သော လုံခြုံရေး လိုအပ်ချက်များနှင့် ကြိုတင်ကာကွယ်မှုများ' အပိုင်းခွဲကို လေ့လာပါ။) +\n- အချို့ ကိစ္စများ၌၊ သီးခြား ဖိုင်စနစ် တစ်ခုကို OS တစ်ခု၏ သီးခြား ဖြစ်စဉ် တစ်ခု​​​အောက်၌ အစမ​ပျိုးပါ (သို့မဟုတ် ဖိုင်စနစ်၌ရှိသော သီးခြား ဖိုင်တစ်ခုကို သိမ်းဆည်းမထားပါ (သို့) အတွင်းမှ မဝင်ရောက်နိုင်ပါ)။ ဥပမာ အားဖြင့်၊ ဖိုင်စနစ် journals များ၊ ဖိုင်အချိန်မှတ်များ၊ အပ္ပလီကေးရှင်း မှတ်တမ်းများ၊ ချို့ယွင်းချက် မှတ်တမ်းများ စသည်တို့ကို ခွဲခြမ်းစိတ်ဖြာခြင်း၊ နှိုင်းယှဉ်ခြင်း ပြုလုပ်ပေးသည်။ ၎င်းသည် ကွန်ပျူတာထဲ၌ လျှို့ဝှက် OS တစ်ခုကို ထည့်သွင်းထားကြောင်း ပြညွှန်နိုင်သည်။ တန်ပြန်ရေး အစီအမံသည် ၄င်းကို တားဆီးပေးတသည်။\n\n- ၎င်းသည် ဒေတာ ပျက်စီးခြင်းကို ကာကွယ်ပေးပြီးလုံခြုံသော hibernation ကို ခွင့်ပြုပေးသည်။ အကယ်၍ ဝင်းဒိုးကို hibernation စနစ်မှ ပြန်ခေါ်သည့်အခါ၊ အစပျိုးထားသော ဖိုင်စနစ် အားလုံးသည် အလားတူ ​အနေအထား၌ ရှိနေကြောင်း ယူဆထားသည်။ VeraCrypt သည် မျက်လှည့် ကွန်ပျူတာစနစ်နှင့် လျှို့ဝှက် ကွန်ပျူတာစနစ် နှစ်ခုစလုံးမှ ရယူနိုင်သော ဖိုင်စနစ်များသည် ရေးသား၍ မရအောင် ကာကွယ်ထားကြောင်း သေချာစေသည်။ ယင်းကဲ့သို့ ကာကွယ်မှု မရှိပဲ၊ အခြား ကွန်ပျူတာစနစ်ကို hibernation ပြုလုပ်ထားစဉ် ကွန်ပျူတာစနစ် တစ်ခုကို အစပျိုးခြင်းအားဖြင့် ဖိုင်စနစ်များ ပျက်စီးနိုင်သည်။ + မှတ်ချက် - အကယ်၍ မျက်လှည့် ကွန်ပျူတာစနစ်ထဲမှ ဖိုင်များကို လျှို့ဝှက် ကွန်ပျူတာစနစ်ထဲ လုံခြုံစွာ ပြောင်းရွှေ့လိုက်ပါက၊ အောက်ပါ အဆင့်များကို လိုက်နာပါ -\n၁) မျက်လှည့် ကွန်ပျူတာစနစ်ကို စဖွင့်ပါ။\n၂) ဖိုင်များကို စာဝှက်မထားသော volume တစ်ခုထဲ သိမ်းဆည်းပါ (သို့) ပြင်ပ/ပုံမှန် VeraCrypt volume တစ်ခုထဲ သိမ်းဆည်းပါ။\n၃) လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို စတင်ပါ။\n၄) အကယ်၍ ဖိုင်များကို VeraCrypt volume တစ်ခုထဲ သိမ်းဆည်းထားပါက၊ ၄င်းကို အစပျိုးပါ (၎င်းကို ဖတ်ရှုရန်သက်သက်အဖြစ် အလိုအလျောက် အစပျိုးလာမည် ဖြစ်သည်)\n၅) ဖိုင်များကို လျှို့ဝှက် ကွန်ပျူတာစနစ် အခန်းကန့်ထဲ (သို့) အခြား လျှို့ဝှက် volume ထဲ ကော်ပီးကူးလိုက်ပါ။ + သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ဖို့ လိုအပ်သည်။\n\nကွန်ပျူတာကို ယခု ပြန်ဖွင့်လိုသလား? + ကွန်ပျူတာစနစ်၏ စာဝှက်ခြင်း အနေအထားကို ရယူနေစဉ် ချို့ယွင်းချက် တစ်ခု ဖြစ်ပေါ်နေသည်။ + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + ကွန်ပျူတာစနစ် စာဝှက်ရန်အတွက် အပ္ပလီကေးရှင်း အစိတ်အပိုင်းများကို အစပြု၍ မရပါ။ + ကျပန်း နံပါတ် ထုတ်စနစ်ကို အစပြု၍ မရပါ။ + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + အပ္ပလီကေးရှင်းကို အစပြု၍ မရပါ။ Dialog class ကို မှတ်ပုံတင်ရန် မအောင်မြင်ပါ။ + ချို့ယွင်းချက် - Rich Edit စနစ် လိုင်ဘရာရီကို ဖွင့်မရပါ။ + VeraCrypt Volume ဖန်တီးမှု အညွှန်း + ဤ volume အတွက် လျှို့ဝှက် volume ၏ အများဆုံး အရွယ်အစားမှာ %.2f bytes ဖြစ်သည်။ + ဤ volume အတွက် လျှို့ဝှက် volume ၏ အများဆုံး အရွယ်အစားမှာ %.2f KB ဖြစ်သည်။ + ဤ volume အတွက် လျှို့ဝှက် volume ၏ အများဆုံး အရွယ်အစားမှာ %.2f MB ဖြစ်သည်။ + ဤ volume အတွက် လျှို့ဝှက် volume ၏ အများဆုံး အရွယ်အစားမှာ %.2f GB ဖြစ်သည်။ + ဤ volume အတွက် လျှို့ဝှက် volume ၏ အများဆုံး အရွယ်အစားမှာ %.2f TB ဖြစ်သည်။ + ဤ volume ကို အစပျိုးထားစဉ် volume စကားဝှက်/ကီးဖိုင်များကို ပြောင်းလဲ၍ မရပါ။ ဤ volume ကို အရင် အဆုံးသတ်လိုက်ပါ။ + ဤ volume ကို အစပျိုးနေစဉ် ခေါင်းစီး ဆင်းသက်ပုံ အယ်လဂိုရီသမ်ကို ပြောင်း၍ မရပါ။ ဤ volume ကို အရင် အဆုံးသတ်ပါ။ + &အစပျိုးပါ + ဤ volume ကို အစပျိုးရန် VeraCrypt ဗားရှင်း အသစ် လိုအပ်သည်။ + ချို့ယွင်းချက် - Volume ဖန်တီးခြင်း အညွှန်းကို ရှာမတွေ့ပါ။\n\nဖိုင်တွဲထဲ၌ 'VeraCrypt Format.exe' ရှိရမည် ဖြစ်ပြီး၊ ၄င်းဖိုင်တွဲမှာ 'VeraCrypt.exe' ကို ဖွင့်ရမည် ဖြစ်သည်။ အကယ်၍ မရှိခဲ့လျှင် VeraCrypt ကို ဖက်ထဲ ထပ်မထည့်သွင်းပါ၊ (သို့) သင့် disk တွင် 'VeraCrypt Format.exe' ကို ရှာပြီး ၄င်းကို ဖွင့်ပါ။ + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &ရှေ့သို့ > + &ပြီးသွားပြီ + စက်ထဲ ထည့်သွင်းရန် + &ဖြည်ချရန် + VeraCrypt device ဒရိုင်ဘာကို ဆက်သွယ်၍ မရပါ။ အကယ်၍ device ဒရိုင်ဘာ အလုပ်မလုပ်လျှင် VeraCrypt အလုပ်လုပ်နိုင်မည် မဟုတ်ပါ။\n\nဝင်းဒိုး ပြဿနာ တစ်ရပ်ကြောင့်၊ device ဒရိုင်ဘာကို မဖွင့်ခင် ကွန်ပျူတာစနစ်ကို ခေတ္တပိတ်ထားရန် (သို့) စက်ပြန်ဖွင့်ရန် လိုအပ်လာနိုင်သည်။ + ဖောင့်များကို ဖွင့်နေစဉ်/ပြင်ဆင်နေစဉ် ချို့ယွင်းချက် ဖြစ်ပွားသည်။ + Drive အက္ခရာကို ရှာမတွေ့ပါ (သို့) drive အက္ခရာကို သတ်မှတ်မထားပါ။ + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Drive အက္ခရာ မရနိုင်ပါ။ + ဖိုင် ရွေးမထားပါ! + Drive အက္ခရာ မရနိုင်ပါ။ + ပြင်ပ volume အတွက် လွတ်နေသော drive အက္ခရာ မရှိပါ။ Volume ကို ဆက်လက် မဖန်တီးနိုင်ပါ။ + သင့် OS ဗားရှင်းကို မခွဲခြားနိုင်ပါ (သို့) သင်သည် ပံ့ပိုးမထားသော OS တစ်ခုကို သုံးစွဲနေသည်။ + ဖိုင်လမ်းကြောင်း ရွေးချယ်မထားပါ! + လျှို့ဝှက် volume အတွက် နေရာလွတ် မရှိပါ။ Volume ကို ဆက်လက် မဖန်တီးနိုင်ပါ။ + ျို့ယွင်းချက် - ပြင်ပ volume ၌ သင် ကော်ပီးလိုက်သော ဖိုင်များသည် နေရာယူလွန်းသည်။ ထိုကြောင့်၊ ပြင်ပ volume ၌ လျှို့ဝှက် volume အတွက် နေရာလွတ် မလုံလောက်ပါ။\n\nလျှို့ဝှက် volume (လောလောဆယ် OS ထည့်သွင်းထားသော အခန်းကန့်) သည် ကွန်ပျူတာစနစ် အခန်းကန့်ကဲ့သို့ ကြီးနေရမည်။ အကြောင်းရင်းမှာ ကွန်ပျူတာစနစ် အခန်းကန့်ရှိ ​အကြောင်းအရာကို လျှို့ဝှက် volume ထဲ ကော်ပီးကူးပြီး လျှို့ဝှက် OS စနစ် ဖန်တီးရမည် ဖြစ်​​​သောကြောင့် ဖြစ်သည်။\n\n\nလျှို့ဝှက် OS စနစ် ဖန်တီးမှု လုပ်ငန်းစဉ်ကို ဆက်လက် မလုပ်ဆောင်နိုင်ပါ။ + ဒရိုင်ဘာကို volume ကို အဆုံးမသတ်နိုင်ပါ။ volume ထဲရှိ အချို့ဖိုင်များကို ဖွင့်နေသေး၌ ဖြစ်မည်။ + Volume ကို ပိတ်ထား၌ မရပါ။ Volume ထဲ၌ ဖွင့်နေဆဲ ဖိုင်များ ရှိနေသေးသည်။ ထိုကြောင့်၊ ၄င်းကို အဆုံးသတ်၍ မရပါ။ + VeraCrypt သည် volume ကို ပိတ်​ထား၍ မရပါ၊ အဘယ်ကြောင့် ဆိုသော် ၄င်းကို ကွန်ပျူတာစနစ်က (သို့) အပ္ပလီကေးရှင်း () က အသုံးပြုနေသည်။\n\nVolume ကို အတင်း အဆုံးသတ်လိုသလား? + VeraCrypt Volume တစ်ခု ရွေးချယ်ရန် + ဖိုင် လမ်းကြောင်းနှင့် ဖိုင်အမည် သတ်မှတ်ရန် + PKCS #11 လိုင်ဘရာရီ ရွေးချယ်ရန် + မှတ်ဉာဏ် မရှိတော့ပါ + အရေးကြီးချက် - အတွေ့အကြုံ မရှိသေးသော သုံးစွဲသူများသည် VeraCrypt ဖိုင် သိမ်းဆည်းခန်းကို device/အခန်းကန့် တစ်ခုလုံး၌ ဖန်တီးမည့်အစား၊ ရွေးချယ်ထားသော device/အခန်းကန့်၌ ဖန်တီးရန် အထူး အကြံပြုအပ်ပါသည်။\n\nVeraCrypt ဖိုင် သိမ်းဆည်းခန်း (device တစ်ခု (သို့) အခန်းကန့် တစ်ခုကို စာဝှက်ခြင်း မဟုတ်ပဲ) တစ်ခုကို သင် ဖန်တီးသည့်အခါ၊ ဖိုင်အများအပြား ပျက်စီးသွားမည့် အန္တရာယ် မရှိပါ။ VeraCrypt ဖိုင် သိမ်းဆည်းခန်း (၄င်း၌ စာဝှက်ထားသော disk အတု တစ်ခု ရှိနေသော်လည်း) သည် ပုံမှန် ဖိုင် တစ်ဖိုင်ကဲ့သို့ ဖြစ်သည်။ နောက်ထပ် အချက်အလက်များကို VeraCrypt သုံးစွဲသူ လမ်းညွှန်ထဲရှိ စတင် လေ့လာသူ သင်တန်း လမ်းညွှန် အခန်းကို လေ့လာပါ။\n\nDevice/အခန်းကန့် တစ်ခုလုံးကို သင် စာဝှက်လိုသလား? + သတိပေးချက် - ဖိုင်အမည် '%s' ရှိနေပြီ ဖြစ်သည်!\n\nအရေးကြီးချက် - VeraCrypt သည် ဖိုင်ကို စာဝှက်ပေးမည် မဟုတ်ပါ၊ သို့သော် ၄င်းကို ပယ်ဖျက်မည် မဟုတ်ပါ။ ဖိုင်ကို ပယ်ဖျက်ပြီး VeraCrypt သိမ်းဆည်းခန်း အသစ် တစ်ခုနှင့် အစားထိုးလိုသလား? + သတိပေးချက် - လောလောဆယ် ရွေးချယ်ထားသော %s '%s'%s ၌ သိမ်းဆည်းထားသော ဖိုင်အားလုံးကို ဖျက်ပစ်မည် ဖြစ်ပြီး၊ ​ပျောက်ဆုံးသွားမည် ဖြစ်သည် (၄င်းတို့ကို စာဝှက်ထားမည် မဟုတ်ပါ)!\n\nဖော်မက်ချပြီး သင် ဆက်လက် လုပ်ဆောင်လိုသလား? + သတိပေးချက် - Volume ကို အပြည့်အ၀ စာမဝှက်မီ ၎င်းကို အစပျိုးနိုင်မည် မဟုတ်ပါ (သို့) ၄င်းအထဲရှိ ဖိုင်များကို ရယူနိုင်မည် မဟုတ်ပါ။\n\nရွေးချယ်ထားသော %s '%s'%s ကို စတင် စာဝှက်လိုသလား? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + သတိပေးချက် - လက်ရှိ ဒေတာများကို အစီအစဉ်တကျ စာဝှက်နေစဉ် ​ပါဝါအား ပျက်သွားပါက၊ (သို့) VeraCrypt သည် လက်ရှိ ဒေတာများကို အစီအစဉ်တကျ စာဝှက်နေစဉ် ဆော့ဗ်ဝဲ ချို့ယွင်းချက်ကြောင့် သို့မဟုတ် စက်ပိုင်းဆိုင်ရာ ချို့ယွင်းချက်ကြောင့် OS စနစ် ပျက်စီးသွားပါက၊ ဒေတာ တစ်စိတ်တစ်ပိုင်းသည် ပျက်စီးသွားမည် (သို့) ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ ထို့ကြောင့်၊ စာဝှက်ခြင်း မပြုမီ၊ သင် စာဝှက်​လိုသော ဖိုင်များ၏ အရန်သင့်​ ကော်ပီ ထားရှိရမည် ဖြစ်သည်။\n\nယင်းကဲ့သို့ အရန်သင့် သိမ်းဆည်းချက် သင့်ထံ၌ ရှိသလား? + သတိပေးချက် - လောလောဆယ် '%s'%s အခန်းကန့် (ကွန်ပျူတာစနစ် အခန်းကန့်​ နောက်ကွယ်မှ ပထမ အခန်းကန့်) ၌ သိမ်းဆည်းထားသော ဖိုင်များ (၄်းတို့ကို စာဝှက်ထားမည် မဟုတ်) သည် ပယ်ဖျက်ခံရလိမ့်မည် (သို့) ပျောက်ဆုံးသွားလိမ့်မည်!\n\nဖော်မက်ချပြီး ဆက်လက် လုပ်ဆောင်ရန် သေချာသလား? + သတိပေးချက် - ရွေးချယ်ထားသော အခန်းကန့်၌ ဒေတာ အများအပြား ရှိနေသည်။ ၄င်း အခန်းကန့်၌ သိမ်းဆည်းထားသော ဖိုင်များသည် ဖျက်ဆီးခံရမည် ဖြစ်ပြီး ပျောက်ဆုံးသွားမည် ဖြစ်သည် (၎င်းဖိုင်များကို စာဝှက်မထားပါ)! + အခန်းကန့်ထဲ၌ VeraCrypt volume တစ်ခု ဖန်တီးပြီး သိမ်းဆည်းထားသော ဖိုင်များကို ပယ်ဖျက်ပါ။ + စကားဝှက် + PIM + ခေါင်းစီး ကီး ဆင်းသက်မှုလအယ်လဂိုရစ်သမ် သတ်မှတ်ရန် + Volume ထဲရှိ ကီးဖိုင်များကို ထည့်သွင်းရန်/ဖယ်ရှားရန် + Volume ထဲရှိ ကီးဖိုင်အားလုံးကို ဖယ်ရှားရန် + စကားဝှက်နှင့် ကီးဖိုင်(များ)ကို အောင်မြင်စွာ ပြောင်းလိုက်ပြီး။\n\nအရေးကြီးချက် - VeraCrypt သုံးစွဲသူ လမ်းညွှန်ထဲမှ 'လုံခြုံရေး လိုအပ်ချက်များနှင့် ကြိုတင်ကာကွယ်မှုများ' အခန်းမှ 'စကားဝှက်များနှင့် ကီးဖိုင်များ ပြောင်းလဲခြင်း' အပိုင်းကို သေချာ ဖတ်ရှုပါ။ + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + အရေးကြီးချက် - အကယ်၍ VeraCrypt ဆယ်တင်​ရေး အခွေကို သင် မဖျက်ဆီးပါက၊သင့် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စကားဝှက် အဟောင်းဖြင့် (VeraCrypt ဆယ်တင်ရေး အခွေကို ထည့်၊ စကားဝှက်ကို ရေးထည့်ပြီး) စာဝှက်ဖြည်နိုင်မည် ဖြစ်သည်။ VeraCrypt ဆယ်ဆင်ရေး အခွေကို ဖန်တီးပြီး အဟောင်းကို ဖျက်ဆီးလိုက်ပါ။\n\nVeraCrypt ဆယ်တင်ရေး ​အခွေသစ် တစ်ခုကို သင် ဖန်တီးလိုသလား? + သင့် VeraCrypt ဆယ်တင်ရေး ​အခွေသည် ယခင် အယ်လဂိုရီသမ်ကို သုံးစွဲနေဆဲဖြစ်သည်ကို သတိပြုပါ။ အကယ်၍ ယခင်က အယ်လဂိုရီသမ်သည် လုံခြုံမှုမရှိဟု ယူဆပါက၊ VeraCrypt ဆယ်တင်ရေး အခွေသစ် တစ်ခု ဖန်တီးပြီး အဟောင်းကို ဖျက်ဆီးလိုက်ပါ။\n\nVeraCrypt ပျက်စီးဒေတာပြန်ဖော်ဓာတ်ပြားကို သင်သည် ဖန်တီးလိုပါသလား? + မည်သည့် ဖိုင်အမျိုးအစားမဆို (ဥပမာ - .mp3, .jpg, .zip, .avi) VeraCrypt ကီးဖိုင် အဖြစ် အသုံးပြုနိုင်သည်။ VeraCrypt သည် ကီးဖိုင်ပါ အကြောင်းအရာများကို အပြောင်းအလဲ မလုပ်ပါ။ သင်သည် ကီးဖိုင် တစ်ခုပို၍ ရွေးချယ်နိုင်သည် (ဖိုင်ဟောင်းလျှင်လည်း ကိစ္စမရှိပါ)။ အကယ်၍ ဖိုင်တွဲ တစ်ခုကို သင် ထည့်သွင်းလျှင်၊ ၄င်း၌ တွေ့ရှိသော လျှို့ဝှက်မထားသည့် ဖိုင်အားလုံးကို ကီးဖိုင်များအဖြင့် အသုံးပြုလိမ့်မည်။ လုံခြုံရေး တိုကင်များ သို့မဟုတ် စမတ်ကတ်များ၌ သိမ်းဆည်းထားသော ကီးဖိုင်များကို ရွေးချယ်ရန် (သို့မဟုတ် တိုကင်များ (သို့) စမတ်ကတ်များ အတွက် ကီးဖိုင်များကို တင်သွင်းရန်) 'တိုကင် ဖိုင်များ ထည့်သွင်းရန်' ကို နှိပ်ပါ။ + ကီးဖိုင်(များ) ကို အောင်မြင်စွာ ထည့်သွင်းလိုက်ပြီ/ဖယ်ရှားလိုက်ပြီ။ + ကီးဖိုင် တင်ပို့လိုက်ပြီ။ + ခေါင်းစီး ကီး ဆင်းသက်မှု အယ်လဂိုရီသမ်ကို အောင်မြင်စွာ သတ်မှတ်လိုက်ပြီ။ + စာဝှက်သည့် လုပ်ငန်းစဉ်ကို အစီအစဉ်တကျ ပြန်လည် လုပ်ဆောင်လိုသည့် စာဝှက်မထားသော ကွန်ပျူတာစနစ် volume အတွက် စကားဝှက်/ကီးဖိုင်(များ)ကို ရေးထည့်ပါ။\n\n\nမှတ်ချက် - ရှေ့သို့ ခလုတ်ကို နှိပ်ပြီးနောက် VeraCrypt သည် စာဝှက်ခြင်း လုပ်ငန်းစဉ် အနှောင့်အယှက် ခံရသောနေရာ့၊ VeraCrypt volume ခေါင်းစီးသည် ပေး​ထားသော စကာဝှက်/ကီးဖိုင်(များ)ကို သုံးပြီး စာဝှက်ဖြည်နိုင်သော နေရာ ဖြစ်သည့် ကွန်ပျူတာစနစ် မဟုတ်သည့် volumes အားလုံးကို ကြိုးစား ရှာဖွေ​လာလိမ့်မည်။ အကယ်၍ ယင်းကဲ့သို့ volume ကို တစ်ခုထက်ပိုပြီး တွေ့ရှိပါက၊ ၄င်းတို့အထဲက တစ်ခုကို နောက်အဆင့်၌ သင် ရွေးချယ်ရမည် ဖြစ်သည်။ + စာရင်းထဲ၌ ပါသော volumes များထဲက တစ်ခုကို ရွေးချယ်ပါ။ စာရင်းထဲ၌ စာဝှက်ခြင်း လုပ်ငန်းစဉ် အနှောင့်အယှက် ခံရသည့် ကွန်ပျူတာစနစ် မဟုတ်သော volume ပါရှိပြီး ၄င်း၏ ခေါင်းစီးကို ပေးထားသော စကားဝှက်/ကီး(ဖိုင်)များကို သုံးပြီး စာဝှက်ဖြည်နိုင်သည်။ + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + ကြံ့ခိုင်သော စကားဝှက် တစ်ခုကို ရွေးချယ်ရန် အရေးကြီးသည်။ အဘိဓါန်ကျမ်း၌ တွေ့နိုင်​သည့် စာလုံး တစ်လုံးတည်း (၂၊ ၃၊ ၄ ကဲ့သို့ စာလုံး စုစည်းချက် တစ်ခုခု) ပါ၀င်သော စာလုံးမျိုးကို မရွေးချယ်မိရန် ရှောင်ရှားပါ။ နာမည်များ (သို့) မွေးနေ့များ မပါရပါ။ ခန့်မှန်းရန် လွယ်ကူသော စာလုံး မဖြစ်ရပါ။ ကြံ့ခိုင်သော စကားဝှက် ဟူသည် စာလုံးအကြီး အသေး၊ နံပါတ်များ၊ @ ^ = $ * + ကဲ့သို့သော အထူး စာလုံးများ ပါ၀င်သော ကျန်ပန်း အစုအစည်း ဖြစ်သည်။ စာလုံးရေ ၂၀ ကျော် ပါသော စကားဝှက် တစ်ခုခုကို ရွေးချယ်ရန် ကျွန်ုပ်တို့ အကြံပြုလိုသည် (စာလုံးရေ များလေ၊ ကောင်းလေ ဖြစ်သည်)။ အများဆုံး လက်ခံနိုင်သော အရေအတွက်မှာ ၆၄ လုံး ဖြစ်သည်။ + လျှို့ဝှက် volume အတွက် စကားဝှက် တစ်ခု ရွေးပါ။ + လျှို့ဝှက် OS အတွက် စကားဝှက် တစ်ခု ရွေးပါ (ဥပမာ လျှို့ဝှက် volume အတွက်)။ + အရေးကြီးချက် - ဤအဆင့်၌ လျှို့ဝှက် OS အတွက် ရွေးချယ်ထားသော စကားဝှက်သည် အဓိကအားဖြင့် အခြား စကားဝှက် နှစ်ခုနှင့် ကွာခြားနေရမည် (ဥပမာ အားဖြင့် ပြင်ပ volume အတွက် စကားဝှက်နှင့် မျက်လှည့် OS အတွက် စကားဝှက် စသည်ဖြင့်)။ + လျှို့ဝှက် volume တစ်ခု ထားရှိလိုသော volume အတွက် စကားဝှက် ရေးထည့်ပါ။\n\nရှေ့သို့ ခလုတ်ကို နှိပ်ပြီးနောက်၊ VeraCrypt သည် volume ကို အစပျိုးရန် ကြိုးစားလာလိမ့်မည်။ volume ကို အစပျိုးသည်နှင့်၊ ၄င်း၏ cluster bitmap သည် အနှောင့်အယှက် ကင်းသော နေရာလွတ် အ​ရွယ်ပမာဏကို သိရှိရန် စကင်ဖတ် စစ်ဆေးလိမ့်မည်။ ၄င်းနေရာ၌ လျှို့ဝှက် volume ကို ထားရှိမည် ဖြစ်သည်။ ထို့​ကြောင့် ၄င်း၏ ဖြစ်နိုင်ချေ အများဆုံး အရွယ် ပမာဏကို ကန့်သတ်ပေးမည် ဖြစ်သည်။ Cluster Map စကင်ဖတ်ခြင်းသည် ပြင်ပ volume မှ ဒေတာများကို လျှို့ဝှက် volume က မဖျက်မိစေရန် ဖြစ်သည်။ + ပြင်ပ volume အတွက် စကားဝှက် တစ်ခု ရွေးပါ။ ၄င်းသည် သင့် ရန်သူတစ်ဦးတစ်ယောက်က စကားဝှက်ကို ဖွင့်ပြောရန် အတင်းအကျပ် စေခိုင်းလာလျှင် သင်ထုတ်ပြရမည် အရာ ဖြစ်သည်။\n\nအရေးကြီးချက် - ၄င်းစကားဝှက်သည် အဓိကအားဖြင့် လျှို့ဝှက် volume အတွက် သင် ရွေးချယ်ခဲ့သော အရာနှင့် ကွာခြားရမည်။ +\nမှတ်ချက် - အများဆုံး လက်ခံနိုင်သော စကားဝှက်၏ စာလုံးရေသည် ၆၄ လုံး ဖြစ်သည်။ + ပြင်ပ volume အတွက် စကားဝှက် တစ်ခုကို ရွေးချယ်ပါ။ ၄င်းသည် ပြင်ပ volume နှင့် လျှို့ဝှက် volume (လျှို့ဝှက် OS အပါအဝင်) တည်ရှိသော ကွန်ပျူတာစနစ် အခန်းကန့် နောက်ကွယ်မှ ပထမ အခန်းကန့်၏ စကားဝှက်ကို တစ်ဦးတစ်ယောက်က ဖွင့်ပြောရန် အတင်းအကျပ် စေခိုင်းလာလျှင် သင်ထုတ်ပြရမည် အရာ ဖြစ်သည်။(လျှို့ဝှက် OS ထဲက) လျှို့ဝှက် volume ၏ တည်ရှိမှုကို ဆက်လက် ဖုံးကွယ်ထားရမည်။ ဤစကားဝှက်သည် မျက်လှည့် OS အတွက် မဟုတ်ပါ။\n\nအရေးကြီးချက် - စကားဝှက်သည် အဓိကအားဖြင့် လျှို့ဝှက် volume (ဥပမာ - လျှို့ဝှက် OS) အတွက် သင် ရွေးချယ်ခဲ့သော အရာနှင့် ကွာခြားနေရမည်။ + ပြင်ပ Volume စကားဝှက် + လျှို့ဝှက် Volume စကားဝှက် + လျှို့ဝှက် OS အတွက် စကားဝှက် + သတိပေးချက် - စကားဝှက် အတိုများသည် Brute Force နည်းဖြင့် အလွယ်တကူ ဖော်ထုတ်နိုင်သည်!\n\nစာလုံးရေ ၂၀ ကျော် ပါ၀င်သော စကားဝှက်ကို ရွေးချယ်ရန် ကျွန်တော်တို့ အကြံပြုလိုသည်။ စကားဝှက် အတို တစ်ခု သုံးစွဲဖို့ သေချာသလား? + Volume စကားဝှက် + စကားဝှက် မမှန်ပါ (သို့) VeraCrypt volume မဟုတ်ပါ။ + ကီးဖိုင်(များ) နှင့်/သို့မဟုတ် စကားဝှက် မမှန်ပါ (သို့) VeraCrypt volume မဟုတ်ပါ။ + အစပျိုး စနစ် မမှန်ပါ၊ စကားဝှက် မမှန်ပါ၊ (သို့) VeraCrypt volume မဟုတ်ပါ။ + အစပျိုး စနစ် မမှန်ပါ၊ ကီးဖိုင်(များ)/စကားဝှက် မမှန်ပါ၊ (သို့) VeraCrypt volume မဟုတ်ပါ။ + စကားဝှက် မမှန်ပါ (သို့) VeraCrypt volume မရှိပါ။ + ကီးဖိုင်(များ)/စကားဝှက် မမှန်ပါ (သို့) VeraCrypt volume မရှိပါ။ + \n\nသတိပေးချက် - Caps Lock ဖွင့်နေသည်။ ဤအချက်ကြောင့် စကားဝှက် အမှား ရေးမိနိုင်သည်။ + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nသတိပေးချက် - လျှို့ဝှက် ဖိုင်(များ)ကို ကီးဖိုင် ရှာဖွေရေး လမ်းကြောင်း၌ တွေ့ရှိရသည်။ ယင်းကဲ့သို့ လျှို့ဝှက် ဖိုင်များကို ကီးဖိုင်အဖြစ် သုံးစွဲ၍ မရပါ။ ၄င်းတို့ကို ကီးဖိုင်များ အဖြစ် သုံးစွဲလိုပါက၊ ၄င်းတို့၏ 'Hidden' သတ်မှတ်ချက်ကို ဖယ်ရှားလိုက်ပါ (၄င်းတို့ကို ညာဖက် နှိပ်ပါ၊ 'Properties' ကို ရွေး၊ 'Hidden' အမှန်ခြစ်ကို ​ဖြုတ်ပြီး OK နှိပ်လိုက်ပါ)။ မှတ်ချက် - လျှို့ဝှက် ဖိုင်များသည် အကယ်၍ သက်ဆိုင်ရာ ရွေးစရာ (Computer > Organize > 'Folder and search options' > View)ကို ဖွင့်ထားမှသာ မြင်နိုင်သည်။ + အကယ်၍ သင်သည် လျှို့ဝှက် ကွန်ပျူတာစနစ် ပါရှိသော လျှို့ဝှက် volume တစ်ခုကို ကာကွယ်ရန် ကြိုးစားနေပါက၊ လျှို့ဝှက် volume အတွက် စကားဝှက် ​ရိုက်ထည့်သည့်အခါ အမေရိကန် ကီးဘုတ် လေးအောက်ကို သုံးပါ။ ဤကဲ့သို့ ပြုလုပ်ရခြင်း အကြောင်းမှာ အမေရိကန် ကီးဘုတ် မဟုတ်သော ကီးဘုတ် မရှိနိုင်သောနေရာတွင် စကားဝှက်ကို စက်မဖွင့်မီ (ဝင်းဒိုးမတက်ခင်) အနေအထား၌ ရိုက်ထည့်ရမည် ဖြစ်​သောကြောင့် ဖြစ်သည်။ + VeraCrypt သည် ကွန်ပျူတာစနစ် မဟုတ်သော စာဝှက်စနစ် အနှောင့်အယှက် ခံရသည့်နေရာ၊ volume ခေါင်းစီးကို ပေးထားသော စကားဝှက်နှင့် ကီးဖိုင်(များ) သုံးပြီး စာဝှက်ဖြည်နိုင်သည့်နေရာတွေ volume တစ်ခုမျှ မတွေ့ရပါ။\n\nစကားဝှက်နှင့် ကီးဖိုင်(များ)သည် မှန်ကန်ရမည် ဖြစ်ပြီး၊ အခန်းကန့်/volume ကို (ဗိုင်းရပ်စ်သတ် ဆော့ဗ်ဝဲ အပါအ၀င်) ကွန်ပျူတာစနစ် (သို့) အပ္ပလီကေးရှင်းများက အသုံးမပြု​ရချေ။ + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nမှတ်ချက် - အကယ်၍ သင်သည် လျှို့ဝှက် ကွန်ပျူတာစနစ် drive ထဲ၌ ရှိသော အခန်းကန့် တစ်ခုကို စက်ဖွင့်ပြီး စစ်ဆေးစရာ မလိုပဲ အစပျိုးရန် (သို့) အသုံးမပြုသော OS စနစ် တစ်ခု၏ စာဝှက်ထားသော ကွန်ပျူတာစနစ် အခန်းကန့်ကို အစပျိုးရန် သင် ကြိုးစားနေပါက၊ သင်သည် 'ကွန်ပျူတာစနစ်' > 'စက်ဖွင့်ပြီး စစ်ဆေးစရာ မလိုပဲ အစပျိုးရန်' ကို ရွေးပြီး လုပ်ဆောင်နိုင်သည်။ + ဤစနစ်တွင်၊ လက်ရှိ သက်၀င်နေသော စာဝှက်စနစ်၏ ကီးနယ်ပယ်အတွင်း ရှိနေသော drive တစ်ခု၌ တည်ရှိသော အခန်းကန့်ကို အစပျိုး၍ မရပါ။\n\nဤအခန်းကန့်ကို ဒီစနစ်ဖြင့် အစမပျိုးခင်၊ (စာဝှက်ထားသော သို့မစုတ် စာဝှက်မထားသော) အခြား drive (သို့) စာဝှက်မထားသော OS စနစ်၌ ထည့်သွင်းထာသော OS စနစ်ကို သင် ပြန်ဖွင့်ရန် လိုအပ်သည်။ + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &နောက်သို့ + သင့် ကွန်ပျူတာစနစ်၌ ထည့်သွင်းထားသော devices များ အကြမ်းစာရင်းကို ထုတ်ပြန်၍ မရပါ။ + Volume '%s' ရှိနေပြီး ၄င်းသည် ဖတ်ရှုရန်သက်သက် ဖြစ်သည်။ ၄င်းကို အစားထိုးရန် သေချာသလား? + ဖိုင်တွဲ ထားမည့်နေရာကို ရွေးရန် + ကီးဖိုင် ရွေးရန် + ကီးဖိုင် ရှာဖွေရေး လမ်းကြောင်း တစ်ခုကို ရွေးပါ။ သတိပေးချက် - ဖိုင်အမည်များ မပါပဲ၊ ဖိုင်လမ်းကြောင်းကိုသာ မှတ်သားမည် ဖြစ်သည်။ + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Ross Anderson, , Eli Biham နှင့် Lars Knudsen တို့မှ ဒီဇိုင်းဆွဲသည်။ ၁၉၉၈ ခုနှစ်၌ ပုံနှိပ်ထုတ်ဝေသည်။ 256-bit key, 128-bit block ရှိသည်။ လုပ်ဆောင်သည့် စနစ်မှာ XTS ဖြစ်သည်။ Serpent သည် AES ၏ နောက်ဆုံး ရွေးချယ်စာရင်းထဲမှ တစ်ခု ဖြစ်သည်။ + သင် ဖန်တီးလိုသော သိမ်းဆည်းခန်း၏ အရွယ်အစားကို သတ်မှတ်ပါ။\n\nအကယ်၍ တက်ကြွ (sparse-file) သိမ်းဆည်းခန်း တစ်ခုကို သင် ဖန်တီးပါက၊ ဒီပါရာမီတာသည် ၄င်း၏ အများဆုံး အရွယ်အစားကို သတ်မှတ်ပေးမည် ဖြစ်သည်။\n\nFAT volume ၏ အနည်းဆုံး အရွယ်အစားသည် 292 KB ဖြစ်သည်။ NTFS volume ၏ အနည်းဆုံး အရွယ်အစားမှာ 3792 KB ဖြစ်သည်။ + သင် ဖန်တီးမည့် ပြင်ပ volume ၏ အရွယ်အစားကို သတ်မှတ်ပါ (ပြင်ပ volume ကို သင် အရင် ဖန်တီးပြီး၊ ၄င်းအထဲ၌ လျှို့ဝှက် volume တစ်ခု ဖန်တီးရမည် ဖြစ်သည်)။ လျှို့ဝှက် volume တည်ရှိသော volume ၏ အနည်းဆုံး အရွယ်အစားမှာ340 KB ဖြစ်သည်။ + သင် ဖန်တီးမည့် လျှို့ဝှက် volume ၏ အရွယ်အစားကို သတ်မှတ်ပါ။ လျှို့ဝှက် volume ၏ အနည်းဆုံး အရွယ်အစားမှာ 40 KB (သို့မဟုတ် ၄င်းကို NTFS အဖြစ် ဖော်မက်ချပါက 3664 KB) ဖြစ်သည်။ လျှို့ဝှက် volume အတွက် သင် သတ်မှတ်နိုင်သော အများဆုံး အရွယ်အစားမှာ အထက်ပါ ဖေါ်ပြချက် အတိုင်း ဖြစ်သည်။ + ပြင်ပ Volume အရွယ်အစား + လျှို့ဝှက် Volume အရွယ်အစား + အထက်၌ ဖေါ်ပြသော ရွေးချယ်ထားသည့် device/အခန်းကန့်၏ အရွယ်အစား မှန်ကန်ပါက၊ ရှေ့သို့ကို နှိပ်ပါ။ + ပြင်ပ volume နှင့် လျှို့ဝှက် volume (လျှို့ဝှက် OS) တို့သည် အထက်ဖေါ်ပြပါ အခန်းကန့်၌ တည်ရှိမည် ဖြစ်သည်။ ၄်းသည် ကွန်ပျူတာစနစ် အခန်းကန့် နောက်ကွယ်ရှိ ပထမ အခန်းကန့် ဖြစ်သည်။\n\nအထက်၌ ဖေါ်ပြသော အခန်းကန့်၏ အရွယ်အစားနှင့် ၄င်း၏ နံပါတ် မှန်ကန်ပါက၊ ရှေ့သို့ကို နှိပ်ပါ။ + \n\nလျှို့ဝှက် volume ဖန်တီးရန် ရည်ရွယ်ထားသော volume တစ်ခု၏ အနည်းဆုံး အရွယ်အစားမှာ 340 KB ဖြစ်သည်ကို သတိပြုပါ။ + Volume အရွယ်အစား + တက်ကြွသော + သတိပြုရန် - ကိုယ်တိုင် စမ်းသပ်မှု မအောင်မြင်ပါ! + ကိုယ်တိုင် စမ်းသပ်သော အယ်လဂိုရီသမ် အားလုံး အောင်မြင်သည် + သင် ဖြည့်စွက်သော ဒေတာ ယူနစ် နံပါတ်မှာ ရှည်လွန်းသည် (သို့) တိုလွန်းသည်။ + သင် ဖြည့်စွက်သော အရန်ကီးမှာ ရှည်လွန်းသည် (သို့) တိုလွန်းသည်။ + သင် ဖြည့်စွက်သော အစမ်း ဝှက်စာသည် ရှည်လွန်းသည် (သို့) တိုလွန်းသည်။ + သင် ဖြည့်စွက်သော အစမ်း ကီးသည် ရှည်လွန်းသည် (သို့) တိုလွန်းသည်။ + င် ဖြည့်စွက်သော အစမ်း စာသားသည် ရှည်လွန်းသည် (သို့) တိုလွန်းသည်။ + XTS စနစ်၌ cascade လုပ်ဆောင်နေသော ဝှက်စာ နှစ်ခု။ အကွက် တစ်ခုစီကို အရင်ဆုံး ပထမဆုံး %s (%d-bit ကီး) ဖြင့် စာဝှက်ထားပြီးနောက် %s (%d-bit ကီး) ဖြင့် စာဝှက်ထားသည်။ ဝှက်စာ တစ်ခုစီသည် ကိုယ်ပိုင် ကီးကို အသုံးပြုသည်။ ကီး အားလုံးသည် နှစ်ဦးနှစ်ဖက် သီးခြား လုပ်ဆောင်ကြသည်။ + XTS စနစ်၌ cascade လုပ်ဆောင်နေသော ဝှက်စာ သုံးခု။ အကွက် တစ်ခုစီကို အရင်ဆုံး ပထမဆုံး %s (%d-bit ကီး) ဖြင့်လည်းကောင်း၊ ၄င်းနောက် %s (%d-bit ကီး) ဖြင့်လည်းကောင်း၊ နောက်ဆုံးတွင် %s (%d-bit ကီး) ဖြင့်လည်းကောင်း စာဝှက်ထားသည်။ ဝှက်စာ တစ်ခုစီသည် ကိုယ်ပိုင် ကီးကို အသုံးပြုသည်။ ကီး အားလုံးသည် နှစ်ဦးနှစ်ဖက် သီးခြား လုပ်ဆောင်ကြသည်။ + OS စနစ် ပြုပြင်ဖန်တီးမှုအပေါ် မူတည်ပြီး၊ ယင်း auto-run နှင့် auto-mount အင်္ဂါရပ်များသည် ခရီးဆောင် disk ဖိုင်များကို စီဒီ/ဒီဗွီဒီကဲ့သို့ ကြားခံဖြင့် ဖန်တီးမှသာ အလုပ်လုပ်နိုင်မည်ကို သတိပြုပါ။ ၄င်းသည် VeraCrypt ထဲမှ ပရိုဂရမ် အမှားတစ်ခု မဟုတ်ပါ (၎င်းသည် ၀င်းဒိုး၏ ကန့်သတ်ချက် တစ်ရပ် ဖြစ်သည်) + VeraCrypt ခရီးဆောင် အခွေကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီ။\n\n VeraCrypt ကို အိတ်ဆောင်စနစ်ဖြင့် သုံးစွဲနိုင်ရန် သင်သည် စီမံခန့်ခွဲမှုဆိုင်ရာ လုပ်ပိုင်ခွင့် ရရှိထားရမည် ဖြစ်သည်။ Registry ဖိုင်ကို စစ်ဆေးပြီးနောက်၊ အကယ်၍ VeraCrypt သည် အိတ်ဆောင်စနစ်ဖြင့် လည်ပတ်​နေလျှင်ပင် ၄င်းသည် ၀င်းဒိုးစနစ်ဖြင့် လည်ပတ်နေသည်ဟု ပြောနိုင်မည် ဖြစ်သည်။ + VeraCrypt ခရီးဆောင် အခွေ + Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall နှင့် Niels Ferguson တို့မှ ဒီဇိုင်း ရေးဆွဲထားသည်။ ၁၉၉၈ တွင် ထုတ်လုပ်သည်။ 256-bit key, 128-bit block ဖြစ်သည်။ လည်ပတ်မှု စနစ်မှာ XTS ဖြစ်သည်။ Twofish သည် AES ၏ နောက်ဆုံး ရွေးချယ်စာရင်းမှ တစ်ခု ဖြစ်သည်။ + %s နှင့် ပါတ်သက်သည့် နောက်ထပ် အချက်အလက်များ + အမည်မသိ + သတ်မှတ်၍ မရသော (သို့) အမည်မသိသော ချို့ယွင်းချက် ဖြစ်ပေါ်နေသည် (%d)။ + အချို့ volumes များ၌ အပ္ပလီကေးရှင်း (သို့) ကွန်ပျူတာစနစ်မှ အသုံးပြုနေသော ဖိုင်များ (သို့) ဖိုင်တွဲများ ပါ၀င်နေသည်။\n\nအတင်း အဆုံးသတ်မည်လား? + &အဆုံးသတ်ရန် + အဆုံးသတ်ရန် မအောင်မြင်ပါ! + Volumes များ၌ အပ္ပလီကေးရှင်း (သို့) ကွန်ပျူတာစနစ်မှ အသုံးပြုနေသော ဖိုင်များ (သို့) ဖိုင်တွဲများ ပါ၀င်နေသည်။\n\nအတင်း အဆုံးသတ်မည်လား? + သတ်မှတ်ထားသော drive အက္ခရာ၌ အစပျိုးထားသော volume မရှိပါ။ + အစပျိုးရန် သင် ကြိုးစားနေသော volume သည် အစပျိုးထားပြီး ဖြစ်သည်။ + Volumes ကို အစပျိုးရန် ကြိုးစားနေစဉ် ချို့ယွင်းချက် တစ်ခု ဖြစ်ပေါ်နေသည်။ + Volumes ထဲ ဖိုင်တည်နေရာ ရှာဖွေမှု ချို့ယွင်းချက်။ + ချို့ယွင်းချက် - volume အရွယ်အစား မမှန်ပါ။ + သတိပေးချက် - အမြန် ဖော်မက်စနစ်ကို အောက်ပါ ကိစ္စများ၌သာ သုံးစွဲပါ -\n\n၁) device ထဲ၌ အရေးကြီးသော ဒေတာများ မရှိပဲ၊ ငြင်းပယ်နိုင်ဖွယ် မရှိသည့်အခါ\n၂) device သည် လုံခြုံပြီးသား ဖြစ်ပြီး အပြည့်အ၀ စာဝှက်ထားလျှင်\n\nအမြန် ဖော်မက်စနစ် သုံးစွဲရန် သေချာသလား? + တက်ကြွ သိမ်းဆည်းခန်းသည် ကြိုတင် နေရာချထားသော NTFS sparse ဖိုင်တစ်ခု ဖြစ်သည်၊ ၄င်း၏ ရုပ်ပိုင်းဆိုင်ရာ အရွယ်အစား (တကယ့် disk သုံးစွဲသည့် နေရာလွတ်) မှာ ၄င်းအထဲ၌ ဒေတာအသစ် ထည့်သွင်းသည်နှင့် တိုးလာသည်။\n\nသတိပေးချက် - Sparse-ဖိုင်-သိမ်းထားသော volumes များသည် လုံခြုံမှု အားနည်းသည်၊ အဘယ့်ကြောင့် ဆိုသော် အသုံးမပြုသော volume အပိုင်းများကို ပြောရန် လွယ်ကူ​သောကြောင့် ဖြစ်သည်။ Sparse-ဖိုင်-သိမ်းထားသော volumes များသည် ငြင်းပယ်နိုင်မှု (လျှို့ဝှက် volumes တစ်ခု ထားရှိမှု) ကို ထောက်ပံ့မထားပါ။ အကယ်၍ ဖိုင် သိမ်းဆည်းသော ကွန်ပျူတာစနစ်၌ နေရာလွတ် အလုံအလောက် မရှိသည့်အခါ ဒေတာများကို sparse ဖိုင် သိမ်းဆည်းခန်း တစ်ခု၌ ရေးထားလျှင့်၊ စာဝှက်ထားသော ဖိုင်စနစ် ပျက်စီးသွားနိုင်သည်။\n\nSparse-ဖိုင်-သိမ်းထားသော volume တစ်ခုကို သင် အမှန်တကယ် ဖန်တီးလိုသလား? + ဝင်းဒိုးနှင့် VeraCrypt မှ တင်ပြသော တက်ကြွ သိမ်းဆည်းခန်း၏ အရွယ်အစားမှာ ၄င်း၏ အများဆုံး အရွယ်အစားနှင့် အမြဲတမ်း တူညီနေမည်ကို သတိပြုပါ။ သိမ်းဆည်းခန်း၏ ရုပ်ပိုင်းဆိုင်ရာ လက်ရှိ အရွယ်အစား (၎င်းအမှန်တကယ် သုံးစွဲသော disk နေရာလွတ်) ကို သိရှိရန်၊ (VeraCrypt ထဲ၌ မဟုတ်ပဲ၊ Window Explorer ၀င်းဒိုးထဲ၌) သိမ်းဆည်းခန်းကို ညာဖက်နှိပ်၊ 'ဂုဏ်အင်္ဂါရပ်များ' ကို ရွေးပြီး၊ 'disk အရွယ်အစား' မှ တန်ဖိုးကို ကြည့်ပါ။\n\nအကယ်၍ သင်သည် တက်ကြွ သိမ်းဆည်းခန်း တစ်ခုကို အခြားvolume ၌ (သို့) drive ၌​ ရွှေ့ပြောင်းပါက၊ သိမ်းဆည်းခန်း၏ ရုပ်ပိုင်းဆိုင်ရာ အရွယ်အစားမှာ အများဆုံး အရွယ်အစားသို့ တိုးချဲ့သွားမည်ကို သတိပြုပါ။ (ဤအချင်းအရာကို ဖိုင်ထားမည့် နေရာ၌ တက်ကြွ သိမ်းဆည်းခန်း အသစ် တစ်ခု ဖန်တီးခြင်းဖြင့် လည်းကောင်း၊ ၄င်းကို အစပျိုးပြီး ဖိုင်များကို သိမ်းဆည်းခန်း အဟောင်းမှ ​အသစ်ဆီ ရွှေ့ပြောင်းခြင်းဖြင့် လည်းကောင်း သင် တားဆီးနိုင်သည်။) + စကားဝှက် ကေ့ချ်ကို ရှင်းလင်းလိုက်ပြီ + VeraCrypt ဒရိုင်ဘာ ကေ့ချ်ထဲ၌ သိမ်းဆည်းထားသော စကားဝှက်များ (ကီးဖိုင် အကြောင်းအရာများ) ကို ရှင်းလင်းလိုက်ပြီ။ + VeraCrypt သည် ပြင်ပ volume အတွက် စကားဝှက်ကို မပြောင်းပေးနိုင်ပါ။ + စာရင်းထဲမှ drive အလွတ် တစ်ခုကို ရွေးပါ။ + Drive စာရင်းထဲမှ အစပျိုးထားသော volume တစ်ခုကို ရွေးပါ။ + အစပျိုးထားသော သီးခြား volumes နှစ်ခုကို လောလောဆယ် ရွေးချယ်ထားသည် (ပထမမှာ drive အက္ခရာ စာရင်းမှ ဖြစ်ပြီး၊ အခြားမှာ အောက်ပါ စာရင်းထဲရှိ စာထည့်ကွက်မှ ဖြစ်သည်)။\n\nသင် ရွေးချယ်လိုသည့် volume ကို ​ရွေးပါ - + ချို့ယွင်းချက် - autorun.inf ကို မဖန်တီးနိုင်ပါ + ကီးဖိုင် ပြုလုပ်နေစဉ် ချို့ယွင်းချက်! + ကီးဖိုင် လမ်းကြောင်း ပြုလုပ်နေစဉ် ချို့ယွင်းချက်! + ကီးဖိုင်လမ်းကြောင်း၌ ဖိုင်များ မရှိပါ။\n\nကီးဖိုင် ရှာဖွေမှု လမ်းကြောင်းများထဲ၌ တွေ့ရသော ဖိုင်တွဲများ (နှင့် ဖိုင်များ) ကို လျစ်လျူရှုထားသည်ကို သတိပြုပါ။ + VeraCrypt သည် ဤ OS စနစ်ကို ထောက်ပံ့မပေးပါ။ + ချို့ယွင်းချက် - VeraCrypt သည် တည်ငြိမ်သော OS စနစ်ကိုသာ ပံ့ပိုးပေးသည် (beta/RC ဗားရှင်းများကို ထောက်ပံ့ မပေးပါ)။ + ချို့ယွင်းချက် - မှတ်ဉာဏ်ကို နေရာချ မပေးနိုင်ပါ။ + ချို့ယွင်းချက် - ​စွမ်းဆောင်ရည် မှတ်စက်၏ တန်ဖိုးကို မထုတ်နိုင်ပါ။ + ချို့ယွင်းချက် - မကောင်းသော volume အမျိုးအသား။ + ချို့ယွင်းချက် - သင်သည် (ပုံမှန် volume တစ်ခုအတွက် မဟုတ်ပဲ) လျှို့ဝှက် volume တစ်ခုအတွက် စကားဝှက် တစ်ခု ပေးထားသည်။ + လုံခြုံရေး အကြောင်း​များကြောင့်၊ လျှို့ဝှက် volume ကို အစီအစဉ်တကျ စာဝှက်ထားသော ဖိုင်စနစ် တစ်ခု ပါရှိ​သည့် VeraCrypt volume ထဲ၌ မဖန်တီးနိုင်ပါ (အဘယ်ကြောင့် ဆိုသော် volume ၌ ရှိသော နေရာလွတ်ကို ကျပန်း ဒေတာများနှင့် ဖြည့်ဆည်းမထားသောကြောင့် ဖြစ်သည်)။ + VeraCrypt - တရား၀င် မှတ်ချက်များ + ဖိုင်အားလုံး + VeraCrypt Volumes များ + လိုင်ဘရာရီ အခန်းများ + NTFS ​ဖော်မက် ဆက်လုပ်၍ မရပါ + Volume ကို အစပျိုး၍ မရပါ။ + Volume ကို အဆုံးသတ်၍ မရပါ။ + ဝင်းဒိုးသည် volume ကို NTFS ဖော်မက်ချ၍ မရပါ။\n\nဖြစ်နိုင်ပါက အခြား ဖိုင်စနစ် အမျိုးအစား တစ်ခုခုကို ရွေးပြီး ထပ်ကြိုးစားပါ။ တနည်းအားဖြင့်၊ volume ကို ဖော်မက်မချပဲ ('ဘာမျှမရှိ' ဖိုင်စနစ်အဖြစ် ရွေးပြီး)၊ ဤအညွှန်းမှ ထွက်ပါ၊ volume ကို အစပျိုးပြီး၊ အစပျိုးထားသော volume ကို ဖော်မက်ချရန် ကွန်ပျူတာစနစ် တစ်ခု (သို့) အခြား ကိရိယာ တစ်ခုကို သုံးပါ (volume သည် ဆက်ပြီး စာဝှက်နေမည် ဖြစ်သည်) + ဝင်းဒိုးသည် volume ကို NTFS အဖြစ် ဖော်မက်ချ၍ မရပါ။\n\nဤ volume ကို FAT အဖြစ် ဖော်မက်ချလိုသလား? + ပုံမှန် + အခန်းကန့် + အခန်းကန့် + Device + Device + Device + Volume + volume + VOLUME + အညွှန်း + ဤ volume အရွယ်အစားအတွက် ရွေးချယ်ထားသော cluster အရွယ်အစားမှာ သေးလွန်းနေသည်။ အရွယ်အစား ပိုကြီးသော cluster ကို အသုံးပြုသွားမည် ဖြစ်သည်။ + ချို့ယွင်းချက် - Volume အရွယ်အစား မရနိုင်ပါ။\n\nရွေးချယ်ထားသော volume ကို ကွန်ပျူတာစနစ် (သို့) အပ္ပလီကေးရှင်း တစ်ခုခုမှ အသုံးမပြုရန် သတိပြုပါ။ + လျှို့ဝှက် volumes များကို တက်ကြွ (sparse ဖိုင်) သိမ်းဆည်းခန်းများထဲတွင် မဖန်တီးရပါ။ ငြင်းပယ်ခံနိုင်​မှုကို ရောက်ရှိရန်၊ လျှို့ဝှက် volume ကို မတက်ကြွသော သိမ်းဆည်းခန်းထဲ၌ ဖန်တီးရမည် ဖြစ်သည်။ + VeraCrypt Volume ဖန်တီးမှု အညွှန်းသည် FAT (သို့) NTFS volume အတွင်း၌သာ လျှို့ဝှက် volume တစ်ခုကို ဖန်တီးနိုင်သည်။ + Windows 2000 ၌၊ VeraCrypt Volume ဖန်တီးမှု အညွှန်းသည် FAT volume အတွင်း၌သာ လျှို့ဝှက် volume တစ်ခုကို ဖန်တီးနိုင်သည်။ + မှတ်ချက် - ပြင်ပ volumes များအတွက် FAT ဖိုင်စနစ်သည် NTFS ဖိုင်စနစ်ထက် ပို၍ သင့်တော်သည် (ဥပမာ အားဖြင့် - အကယ်၍ ပြင်ပ volume ကို FAT အဖြစ် ဖော်မက်ချထားပါက လျှို့ဝှက် volume ၏ အများဆုံး ဖြစ်နိုင်ချေ အရွယ်အစားသည် ပိုကြီးနိုင်သည်)။ + ပြင်ပ volumes များအတွက် FAT ဖိုင်စနစ်သည် NTFS ဖိုင်စနစ်ထက် ပို၍ သင့်တော်ကြောင်း သတိပြုပါ။ ဥပမာ အားဖြင့် - အကယ်၍ ပြင်ပ volume ကို FAT ဖိုင်စနစ်အဖြစ် ဖော်မက်ချထားပါက လျှို့ဝှက် volume ၏ အများဆုံး ဖြစ်နိုင်ချေ အရွယ်အစားသည် သိသိသာသာ ကြီးလာမည် ဖြစ်သည် (အကြောင်းရင်းမှာ NTFS ဖိုင်စနစ်သည် volume ၏ အလယ်၌ အတွင်းပိုင် ဒေတာများကို အမြဲ သိမ်းဆည်းထားသည်၊ ထို့ကြောင့်၊ လျှို့ဝှက် volume သည် ပြင်ပ volume ၏ အလယ် ထက်၀က်၌သာ တည်ရှိနိုင်သည်)။\n\nပြင်ပ volume ကို NTFS ဖိုင်စနစ်အဖြစ် သင်တကယ် ဖော်မက်ချလိုသလား? + ၎င်းအစား volume ကို FAT ဖိုင်အဖြစ် သင် ဖော်မက်ချလိုသလား? + မှတ်ချက် - ဤ volume ကို FAT အဖြစ် ဖော်မက်ချ၍ မရပါ၊ အဘယ်ကြောင့်ဆိုသော် ၄င်းသည် FAT32 ဖိုင်စနစ်မှ ​ပံ့ပိုးထားသော အများဆုံး volume အရွယ်အစားကို ကျော်လွန်သွားသည် (512-byte sector အတွက် 2 TB နှင့် 4096-byte sectors အတွက် 16 TB)။ + ချို့ယွင်းချက် - လျှို့ဝှက် OS စနစ် (ဥပမာ - ကွန်ပျူတာစနစ် အခန်းကန့် ​​​နောက်ကွယ်မှ ပထမ အခန်းကန့်) ၏ အခန်းကန့်သည် ကွန်ပျူတာစနစ် (ဤအခန်းသည် လက်ရှိ လည်ပတ်နေသော OS စနစ် ထည့်သွင်းထားသည့် နေရာ ဖြစ်သည်) အခန်းကန့်ထက် အနည်းဆုံး ၅% ပိုကြီးရမည်။ + ချို့ယွင်းချက် - လျှို့ဝှက် OS စနစ် (ဥပမာ - ကွန်ပျူတာစနစ် အခန်းကန့် ​​​နောက်ကွယ်မှ ပထမ အခန်းကန့်) ၏ အခန်းကန့်သည် ကွန်ပျူတာစနစ် (ဤအခန်းသည် လက်ရှိ လည်ပတ်နေသော OS စနစ် ထည့်သွင်းထားသည့် နေရာ ဖြစ်သည်) အခန်းကန့်ထက် အနည်းဆုံး ၁၁၀% (၂.၁ ဆ) ပိုကြီးရမည်။ အကြောင်းရင်းမှာ NTFS ဖိုင်စနစ်သည် volume ၏ အလယ်တည့်တည့်၌ အတွင်းပိုင်း ဒေတာများကို အမြဲသိမ်းဆည်းထားသောကြောင့် ဖြစ်သည်၊ ထို့ကြောင့်၊ လျှို့ဝှက် volume (ဤနေရာ၌ ကွန်ပျူတာစနစ် အခန်းကန့် ကိုယ်ပွား ထားရှိသွားမည် ဖြစ်သည်) သည် ယင်း အခန်းကန့်၏ ဒုတိယ ထက်၀က်၌သာ တည်ရှိနိင်သည်။ + ချို့ယွင်းချက် - အကယ်၍ ပြင်ပ volume ကို NTFS အဖြစ် ဖော်မက်ချပါက၊ ၄င်းသည် ကွန်ပျူတာစနစ် အခန်းကန့်ထက် အနည်းဆုံး ၁၁၀% (၂.၁ ဆ) ပိုကြီးလာမည် ဖြစ်သည်။ အကြောင်းရင်းမှာ NTFS ဖိုင်စနစ်သည် volume ၏ အလယ်တည့်တည့်တွင် အတွင်းပိုင်း ဒေတာများကို အမြဲ သိမ်းဆည်းထားသည်၊ ထို့ကြောင့်၊ လျှို့ဝှက် volume သည် ပြင်ပ volume ၏ အလယ်ထက်၀က်၌သာ တည်ရှိနေနိုင်သည်။\n\nမှတ်ချက် - ပြင်ပ volume သည် လျှို့ဝှက် OS စနစ်ကဲ့သို့ အခန်းကန့် တစ်ခုတည်းတွင် တည်ရှိနေဖို့ လိုသည် (ဥပမာ - ကွန်ပျူတာစနစ် နောက်ကွယ်ရှိ ပထမ အခန်းကန့်၌)။ + ချို့ယွင်းချက် - ကွန်ပျူတာစနစ် နောက်ကွယ်၌ မည်သည့် အခန်းကန့်မှ မရှိပါ။\n\nလျှို့ဝှက် OS စနစ်ကို သင် မဖန်တီးနိုင်ခင်၊ ၄င်းအတွက် အခန်းကန့်တစ်ခုကို ကွန်ပျူတာစနစ် drive ထဲ၌ သင် ဖန်တီးဖို့ လိုသည်။ ၄င်းသည် ကွန်ပျူတာစနစ် အခန်းကန့် နောက်ကွယ်မှ ပထမ အခန်းကန့် ဖြစ်ရမည် ဖြစ်ပြီး ၄င်းသည် ကွန်ပျူတာစနစ်ထက် အနည်းဆုံး ၅% ပိုကြီးရမည် ဖြစ်သည် (ကွန်ပျူတာစနစ် အခန်းကန့်သည် လက်ရှိ လည်ပတ်နေသော OS စနစ် ထည့်သွင်းထားသော နေရာ ဖြစ်သည်)။ သို့သော်၊ ပြင် volume ကို NTFS အဖြစ် ဖော်မက်ချထားပါက၊ လျှို့ဝှက် OS စနစ်၏ အခန်းကန့်သည် ကွန်ပျူတာစနစ် အခန်းကန့်ထက် အ​နည်းဆုံး ၁၁၀% (၂.၁ ဆ) ရှိရမည် ဖြစ်သည် (အကြောင်းရင်းမှာ NTFS ဖိုင်စနစ်သည် volume ၏ အလယ်တည့်တည့်၌ အတွင်းပိုင်း ဒေတာများကို အမြဲသိမ်းဆည်းထားသောကြောင့် ဖြစ်သည်၊ ထို့ကြောင့်၊ ကွန်ပျူတာစနစ် အခန်းကန့် ကိုယ်ပွား ထားရှိသွားမည် လျှို့ဝှက် volume သည် ယင်း အခန်းကန့်၏ ဒုတိယ ထက်၀က်၌သာ တည်ရှိနိင်သည်)။ + မှတ်ချက် - အခန်းကန့် တစ်ခုထဲ၌ ထည့်မြှုပ်ထားသော VeraCrypt volumes နှစ်ခုထဲ၌ OS စနစ်ကို ထည့်သွင်းခြင်းသည် လက်တွေ့မဆန်ချေ၊ အဘယ်ကြောင့်ဆိုသော် ပြင်ပ OS စနစ်သည် ဒေတာများကို လျှို့ဝှက် OS ထဲ၌ ရေးသားရမည် ဖြစ်​သည် (နောက်ပြီး အကယ်၍ ယင်းကဲ့သို့ ရေးသားခြင်းကို လျှို့ဝှက် volume ကာကွယ်ရေး အင်္ဂါရပ်ကို သုံးပြီး တားမြစ်ထားလျှင်၊ ကွန်ပျူတာစနစ် ပျက်စီးစေနိုင်သည်၊ ဥပမာ - 'အပြာရောင် မျက်နှာပြင်' ချို့ယွင်းချက်များ)။ + အခန်းကန့်များ ဖန်တီးနည်းနှင် စီမံခန့်ခွဲနည်း အကြောင်း အချက်အလက်​များကို သင့် OS စနစ်နှင့် ပါလာသော အသုံးပြုနည်း လက်စွဲ၌ လေ့လာပါ (သို့) သင့် ကွန်ပျူတာ ရောင်းချပေးသူ၏ နည်းပညာဆိုင်ရာ ထောက်ပံ့ရေး အဖွဲ့ထံမှ အကူအညီ တောင်းခံနိုင်သည်။ + ချို့ယွင်းချက် - လက်ရှိ သုံးစွဲနေသော OS စနစ်သည် boot အခန်းကန့် (ပထမ သုံးစွဲနေသော အခန်းကန့်) တွင် မထည့်သွင်းထားပါ။ ဤအရာကို ထောက်ပံ့ မထားပါ။ + သင်သည် ဤ VeraCrypt volume ထဲ၌ 4 GB ထက် ပိုကြီးသော ဖိုင်များကို သိမ်းဆည်းရန် ရည်ရွယ်ထားပုံရသည်။ သို့သော်၊ 4 GB ထက် ကြီးသော ဖိုင်များကို သိမ်းဆည်း၍ မရသည့် FAT ဖိုင်စနစ်ကို သင် ရွေးချယ်ထားသည်။\n\nသင်သည် volume ကို FAT အဖြစ် ဖော်မက်ချရန် သေချာပါသလား? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + ချို့ယွင်းချက် - Volume ကို မဖွင့်နိုင်ပါ!\n\nရွေးထားသော volume သည် အစပျိုးထားခြင်း ရှိမရှိ (သို့) ကွန်ပျူတာစနစ် သို့မဟုတ် အပ္ပလီကေးရှင်းမှ အသုံးပြုမပြု၊ volume သည် ​အရေး/အဖတ် ခွင့်ပြုချက် ရှိမရှိ၊ ရေးသား၍ မရအောင် ကာကွယ်ထားခြင်း ရှိမရှိကို စစ်ဆေးပါ။ + Error: Cannot obtain volume properties. + ချို့ယွင်းချက် - Volume ကို ဖွင့်မရပါ/volume အကြောင်း အချက်အလက် မရနိုင်ပါ!\n\nရွေးထားသော volume ရှိမရှိ၊ ကွန်ပျူတာစနစ် သို့မဟုတ် အပ္ပလီကေးရှင်းမှ အသုံးပြုမပြု၊ volume သည် ​အရေး/အဖတ် ခွင့်ပြုချက် ရှိမရှိ၊ ရေးသား၍ မရအောင် ကာကွယ်ထားခြင်း ရှိမရှိကို စစ်ဆေးပါ။ + ချို့ယွင်းချက် - Volume ကို ဖွင့်မရပါ/volume အကြောင်း အချက်အလက် မရနိုင်ပါ! ရွေးထားသော volume ရှိမရှိ၊ ကွန်ပျူတာစနစ် သို့မဟုတ် အပ္ပလီကေးရှင်းမှ အသုံးပြုမပြု၊ volume သည် ​အရေး/အဖတ် ခွင့်ပြုချက် ရှိမရှိ၊ ရေးသား၍ မရအောင် ကာကွယ်ထားခြင်း ရှိမရှိကို စစ်ဆေးပါ။\n\nအကယ်၍ ပြဿနာ ဆက်ရှိနေပါက၊ အောက်ပါ အဆင့်များကို လိုက်နာခြင်းဖြင့် အ​ကူအညီ ရနိုင်သည်။ + ချို့ယွင်းချက် တစ်ခုသည် VeraCrypt ကို အခန်းကန့် စာဝှက်၍ မရနိုင်အောင် တားဆီးနေသည်။ ယခင်က သတင်း​ပို့ထားသော ပြဿနာများကို ပြင်ဆင်ပြီး ထပ်ကြိုးစားပါ။ အကယ်၍ ပြဿနာ ဆက်ရှိနေပါက၊ အောက်ပါ အဆင့်များကို လိုက်နာခြင်းဖြင့် အ​ကူအညီ ရနိုင်သည်။ + ချို့ယွင်းချက် တစ်ခုသည် VeraCrypt ကို အခန်းကန့် စာဝှက်သည့် လုပ်ငန်းစဉ် ပြန်စ၍ မရနိုင်အောင် တားဆီးနေသည်။\n\nယခင်က သတင်း​ပို့ထားသော ပြဿနာများကို ပြင်ဆင်ပြီး လုပ်ငန်းစဉ်ကို ပြန်စပါ။ Volume ကို အပြည့်အ၀ စာဝှက်ခြင်း မပြီးမချင်း ၄င်းကို ​အစပျိုး၍ ရမည် မဟုတ်ပါ။ + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + ချို့ယွင်းချက် - ပြင်ပ volume ကို အဆုံးသတ်၍ မရပါ!\n\nVolume သည် ၄င်း၌ ပါသော ဖိုင်များ (သို့) ဖိုင်တွဲများကို ပရိုဂရမ် တစ်ခုခု (သို့) ကွန်ပျူတာစနစ် တစ်ခုခုက အသုံးပြုနေပါက အဆုံးသတ်၍ ရမည် မဟုတ်ပါ။\n\nVolume ထဲမှ ဖိုင်များ (သို့) ဖိုင်တွဲများကို သုံးစွဲနေသော ပရိုဂရမ်ကို ပိတ်ပြီး ထပ်ကြိုးစားပါ။ + ချို့ယွင်းချက် - ပြင်ပ volume နှင့်ပါတ်သက်သော အချက်အလက် မရနိုင်ပါ!\n\nVolume ကို ဆက်လက် မဖန်တီးနိုင်ပါ။ + ချို့ယွင်းချက် - ပြင်ပ volume ကို မဖွင့်နိုင်ပါ! Volume ကို ဆက်လက် မဖန်တီးနိုင်ပါ။ + ချို့ယွင်းချက် - ပြင်ပ volume ကို အစပျိုး၍ မရပါ! Volume ကို ဆက်လက် မဖန်တီးနိုင်ပါ။ + ချို့ယွင်းချက် - Volume cluster bitmap မရနိုင်ပါ! Volume ကို ဆက်လက် မဖန်တီးနိုင်ပါ။ + အက္ခရာ အစဉ်လိုက်/မျိုးကွဲ အလိုက် + ပျမ်းမျှ အမြန်နှုန်း (အဆင်း) + အယ်လဂိုရီသမ် + စာဝှက်စနစ် + စာဝှက်ဖေါ်စနစ် + ပျမ်းမျှ + Drive + အရွယ်အစား + စာဝှက်စနစ် အယ်လဂိုရီသမ် + စာဝှက်စနစ် အယ်လဂိုရီသမ် + အမျိုးအစား + တန်ဖိုး + ဂုဏ်အင်္ဂါရပ် + တည်နေရာ + bytes + လျှို့ဝှက် + ပြင်ပ + ပုံမှန် + ကွန်ပျူတာစနစ် + လျှို့ဝှက် (ကွန်ပျူတာစနစ်) + ဖတ်ရှုရန် အတွက်သာ + ကွန်ပျူတာစနစ် drive + ကွန်ပျူတာစနစ် drive (စာဝှက်ခြင်း - %.2f%% ပြီးပါပြီ) + ကွန်ပျူတာစနစ် drive (စာဝှက်ဖြည်ခြင်း - %.2f%% ပြီးပါပြီ) + ကွန်ပျူတာစနစ် drive (%.2f%% စာဝှက်ပြီးပါပြီ) + ကွန်ပျူတာစနစ် အခန်းကန့် + လျှို့ဝှက် ကွန်ပျူတာစနစ် အခန်းကန့် + ကွန်ပျူတာစနစ် အခန်းကန့် (စာဝှက်ခြင်း - %.2f%% ပြီးပါပြီ) + ကွန်ပျူတာစနစ် အခန်းကန့် (စာဝှက်ဖြည်ခြင်း - %.2f%% ပြီးပါပြီ) + ကွန်ပျူတာစနစ် အခန်းကန့် (%.2f%% စာဝှက်ပြီးပါပြီ) + ဟုတ်ကဲ့ (ပျက်စီးမှု တားဆီးလိုက်ပြီ) + ဘာမှမရှိ + မူလ ကီး အရွယ်ပမာဏ + အရန် ကီး အရွယ်ပမာဏ (XTS စနစ်) + Tweak ကီး အရွယ်ပမာဏ (LRW စနစ်) + bits + အကန့် အရွယ်ပမာဏ + PKCS-5 PRF + PKCS-5 ထပ်မံ ရေတွက်ခြင်း + Volume ဖန်တီးလိုက်ပြီ + ခေါင်းစီး နောက်ဆုံး ပြုပြင်မှု + (လွန်ခဲ့သော %I64d ရက်) + Volume ဖော်မက် ဗားရှင်း + ထည့်မြှပ်ထားသော အရံသင့် ခေါင်းစီး + VeraCrypt Boot Loader ဗားရှင်း + ဦးစွာ ရရှိနိုင်မှု + ဖြုတ်တပ်နိုင်သော Disk + Harddisk + အပြောင်းအလဲ မရှိ + Autodetection + အညွှန်းစနစ် + စနစ် တစ်ခုခုကို ရွေးပါ။ ရွေးချယ်မည့် အရာကို မသေချာပါက၊ ပုံမှန်စနစ်ကို ရွေးပါ။ + VeraCrypt ကို ကွန်ပျူတာစနစ်ထဲ ထည့်သွင်းလိုပါက ဤရွေးစရာကို ရွေးချယ်ပါ။ + မှတ်ချက် - ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ထားသည် ဖြစ်စေ (သို့) လျှို့ဝှက် OS ​ကို သုံးစွဲသည် ဖြစ်စေ စာဝှက်ဖြည်ခြင်း မပြုပဲ သင် အဆင့်မြှင့်နိုင်သည်။ + ဤရွေးစရာကို သင် ရွေးချယ်ပါ​က၊ ဒီဖိုင်ထုတ်မှ ဖိုင်များအားလုံး ဖြည်ချလာမည် ဖြစ်​သော်လည်း စက်ထဲ ထည့်သွင်းမည် မဟုတ်ပါ။ အကယ်၍ ကွန်ပျူတာစနစ် အခန်းကန့် (သို့) ကွန်ပျူတာစနစ် drive ကို စာဝှက်ရန် ရည်ရွယ်ပါက ဒါကို မရွေးချယ်ပါနှင့်။ အကယ်၍ သင်သည် VeraCrypt ကို အိတ်ဆောင်စနစ်ဖြင့် သုံးစွဲလိုပါက၊ ဤရွေးစရာကို ရွေးချယ်ခြင်းသည် အကျိုးရှိမည် ဖြစ်သည်။ VeraCrypt ကို OS ထဲ၌ ထည့်သွင်းစရာ မလိုပါ။ ဖိုင်အားလုံးကို ဖြည်ချပြီးပါက၊ ဖြည်ချထားသော 'VeraCrypt.exe' ကို နှိပ်လိုက်ရုံဖြင့် အသုံးပြုနိုင်သည်။ + တည်ဆောက်မှု ရွေးစရာများ + ဤနေရာ၌ စက်ထံ ထည့်သွင်းမှု လုပ်ငန်းစဉ်ကို ထိန်းချုပ်နိုင်ရန် ရွေးစရာ အမျိုးမျိုးကို သင် ချမှတ်နိုင်သည်။ + စက်ထဲ ထည့်သွင်းနေသည် + VeraCrypt ကို စက်ထဲ ထည့်သွင်းနေစဉ် ခေတ္တ စောင့်ဆိုင်းပါ။ + VeraCrypt ကို အောင်မြင်စွာ ထည့်သွင်းလိုက်ပါပြီ + VeraCrypt ကို အောင်မြင်စွာ အဆင့်မြှင်လိုက်ပါပြီ + လှူဒါန်းမှု ပြုလုပ်ရန် စဉ်းစားပါ။ ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်ကို ပိတ်ရန် အချိန်မရွေး ပြီးသွားပြီ ကို သင် နှိပ်နိုင်သည်။ + ဖြည်ချမှု ရွေးစရာများ + ဖိုင် ဖြည်ချမှု လုပ်ငန်းစဉ်ကို ထိန်းချုပ်ရန် ဤနေရာ၌ ရွေးစရာ အမျိုးမျိုးကို သင် သတ်မှတ်နိုင်သည်။ + ဖိုင်များကို ဖြည်ချနေစဉ် ခေတ္တ စောင့်ဆိုင်းပါ။ + ဖိုင်များကို အောင်မြင်စွာ ဖြည်ချလိုက်ပါပြီ + ဖိုင် အားလုံးကို ထားရှိမည့် နေရာသို့ အောင်မြင်စွာ ဖြည်ချလိုက်ပါပြီ။ + အကယ်၍ သတ်မှတ်ထားသော ဖိုင်တွဲ မရှိပါက၊ ၄င်းကို အလိုအလျောက် ဖန်တီးပေးလိမ့်မည်။ + VeraCrypt ပရိုဂရမ် ဖိုင်များကို VeraCrypt ထည့်သွင်းသည့် နေရာ၌ပင် အဆင့်မြှင့်ပေးမည် ဖြစ်သည်။ အခြား နေရာကို သင် ရွေးချယ်လိုပါက၊ VeraCrypt ကို အရင် ဖယ်ထုတ်လိုက်ပါ။ + VeraCrypt ၏ လက်ရှိ ဗားရှင်းအတွက် ထုတ်ပြန်မှု မှတ်တမ်းကို ကြည့်ရှုလိုသလား? + VeraCrypt ကို မသုံးစွဲခဲ့ဖူးပါက၊ VeraCrypt သုံးစွဲသူ လမ်းညွှန်ထဲရှိ စတင် သုံးစွဲသူ သင်တန်း လမ်းညွှန်ကို ဖတ်ရှု​ရန် အကြံပြုအပ်ပါသည်။ ၎င်း သင်တန်း လမ်းညွှန်ကို ဖတ်ရှုမည်လား? + ရှေ့ဆက် ဆောင်ရွက်မည့် လုပ်ဆောင်ချက် တစ်ခုကို ရွေးချယ်ပါ - + ပြုပြင်ရန်/ပြန်ထည့်သွင်းရန် + အဆင်မြှင့်ရန် + ဖယ်ထုတ်ရန် + VeraCrypt ကို အောင်မြင်စွာ ထည့်သွင်းခြင်း/ဖယ်ထုတ်ခြင်း ပြုလုပ်နိုင်ရန်၊ သင်၌ စီမံခန့်ခွဲသူ ရပိုင်ခွင့်များ ရရှိရန် လိုအပ်သည်။ ဆက်လုပ်သွားမည်လား? + VeraCrypt ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်သည် လောလောဆယ် ဤစက်ပေါ်၌ အလုပ်လုပ်နေပြီး စက်ထဲ ထည့်သွင်းရန် ပြင်ဆင်နေသည် (သို့) VeraCrypt မွမ်းမံချက်ကို လုပ်ဆောင်နေသည်။ ရှေ့ဆက် မသွားမီ၊ ၄င်းပြီးဆုံးသည့်အထိ စောင့်ဆိုင်းပါ (သို့) ပိတ်လိုက်ပါ။ အကယ်၍ ပိတ် မရပါက ကွန်ပြူတာကို ပြန်ဖွင့်ပါ။ + စက်ထဲ ထည့်သွင်းမှု မအောင်မြင်ပါ။ + ဖယ်ထုတ်မှု မအောင်မြင်ပါ။ + ဖြန့်ချီသော ဖိုင်ထုတ် ပျက်စီးနေသည်။ ထပ်မံ၍ ဒေါင်းလုဒ် ဆွဲယူပါ (တရား၀င် VeraCrypt ကွန်ရက် စာမျက်နှာ www.teuecrypt.org ၌ ရယူရန် ပိုသင့်လျှော်သည်)။ + %s ဖိုင်ကို ရေး၍ မရပါ + ဖြည်ချနေသည် + ဒေတာများကို ဖိုင်ထုတ်ထဲမှ ဖတ်၍ မရပါ။ + ဤဖြန့်ဖြူးရေး ဖိုင်ထုတ်၏ တည်တံ့ခိုင်မြဲမှုကို အတည်ပြု၍ မရနိုင်ပါ။ + ဖိုင် ဖြည်ချမှု မအောင်မြင်ပါ။ + စက်ထဲ ထည့်သွင်းမှု ပြန်ရုပ်သိမ်းသွားသည်။ + VeraCrypt ကို စက်ထဲ အောင်မြင်စွာ ထည့်သွင်းလိုက်ပြီ။ + VeraCrypt ကို အောင်မြင်စွာ အဆင့်မြှင့်လိုက်ပြီ။ + VeraCrypt ကို အောင်မြင်စွာ အဆင့်မြှင့်လိုက်ပြီ။ သို့သော်၊ ၄င်းကို အသုံးမပြုခင် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။\n\n ကွန်ပျူတာကို ယ​ခု ပြန်ဖွင့်မည်လား? + VeraCrypt ကို အဆင့်မြှင့်၍ မရပါ!\n\n အရေးကြီးချက် - ကွန်ပျူတာစနစ်ကို မပိတ်ခင် (သို့) ပြန်မဖွင့်ခင်၊ 'VeraCrypt ထည့်သွင်းစနစ်' ဟု ခေါ်သော နေရာ၌ သင့် ကွန်ပျူတာ လည်ပတ်မှုစနစ်ကို ပြန်ထားရန် ကွန်ပျူတာ လည်ပတ်မှုစနစ် ပြန်ရယူခြင်း (Windows Start ​menu > All programs > Accessories > System Tools > System Restore) ကို အသုံးပြုရန် ကျွန်ုပ်တို့ အထူး အကြုံပြုလိုပါသည်။ အကယ်၍ 'VeraCrypt ထည့်သွင်းစနစ်' ဟု ခေါ်သော နေရာ၌ သင့် ကွန်ပျူတာ လည်ပတ်မှုစနစ်ကို ပြန်ထားရန် 'ကွန်ပျူတာ လည်ပတ်မှုစနစ် ပြန်ရယူခြင်း' မရှိပါက၊ ကွန်ပျူတာစနစ်ကို မပိတ်ခင် (သို့) ပြန်မဖွင့်ခင် မူလ VeraCrypt (သို့) ဗားရှင်းအသစ်ကို ထည့်သွင်းကြည့်ပါ။ + VeraCrypt ကို အောင်မြင်စွာ ဖယ်ထုတ်လိုက်ပြီ။\n\n VeraCrypt ထည့်သွင်းစနစ်နှင့် ဖိုင်တွဲ %s ကို ဖယ်ရှားရန် 'ပြီးသွားပြီ' ကို နှိပ်ပါ။ VeraCrypt ထည့်သွင်းစနစ်နှင့် မသက်ဆိုင်သော ဖိုင်များ ပါရှိသည် ဖိုင်တွဲ ရှိနေပါက၊ ၄င်းကို ဖယ်ရှားပေးမည် မဟုတ်ပါ။ + VeraCrypt registry ရေးသွင်းချက်များကို ဖယ်ရှားနေသည် + Registery ရေးသွင်းချက်ကို ထည့်သွင်းနေသည် + အပ္ပလီကေးရှင်း-သီးသန့် ဒေတာများကို ဖယ်ရှားနေသည် + စက်ထဲ ထည့်သွင်းနေသည် + ရပ်တန့်နေသည် + ဖယ်ရှားနေသည် + ပုံ အိုင်ကွန် ထည့်သွင်းနေသည် + ကွန်ပျူတာ လည်ပတ်မှုစနစ် ပြန်ရယူနိုင်သည့် အချိန် ဖန်တီးရန် + ကွန်ပျူတာ လည်ပတ်မှုစနစ် ပြန်ရယူနိုင်သည့် အချိန် ဖန်တီး၍ မရပါ! + Boot loader မွမ်းမံနေသည် + '%s' ကို ထည့်သွင်း၍ မရပါ။ %s \nဆက်ပြီး ထည့်သွင်းမည်လား? + '%s' ကို ဖယ်ထုတ်၍ မရပါ။ %s \nဆက်ပြီး ဖယ်ထုတ်မည်လား? + စက်ထဲ ထည့်သွင်းမှု ပြီးစီးသွားပြီ။ + ဖိုင်တွဲ '%s' ကို ဖန်တီး၍ မရပါ + VeraCrypt device ဒရိုင်ဘာကို ရပ်တန့်၍ မရပါ။\n\n ဦးစွာ VeraCrypt ဝင်းဒိုး အားလုံးကို ပိတ်ပါ။ အကယ်၍ အလုပ်မဖြစ်ပါက၊ ၀င်းဒိုးကို ပြန်ဖွင့်ပြီး ထပ်ကြိုးစားပါ။ + VeraCrypt ကို စက်ထဲ မထည့်သွင်းမီ (သို့) ဖယ်ထုတ်ခြင်း မပြုမီ VeraCrypt volumes အားလုံကို အဆုံးသတ်ပါ။ + တိမ်ကောနေပြီ ဖြစ်သော VeraCrypt ဗားရှင်း တစ်ခုကို ဤစက်ထဲတွင် သုံးစွဲနေသည်။ VeraCrypt ဗားရှင်း မသွင်းမီ ၄င်းကို ဖယ်ထုတ်ရမည် ဖြစ်သည်။\n\n ဤစာပုံးကို သင် ပိတ်သည့်အခါ၊ ဗားရှင်း အဟောင်၏ ဆော့ဗ်ဝဲ ဖယ်ထုတ်စနစ် ပွင့်လာလိမ့်မည်။ VeraCrypt ကို ဖယ်ထုတ်နေစဉ် မည်သည့် volume ကိုမျှ စာဝှက်ပေးမည် မဟုတ်ပါ။ VeraCrypt ဗားရှင်း အဟောင်းကို ဖယ်ထုတ်ပြီးနောက်၊ ဗားရှင်းအသစ်ကို ထည့်သွင်းပါ။ + Registery ရေးသွင်းချက်ထဲ ထည့်သွင်းမှု မအောင်မြင်ပါ + Device ဒရိုင်ဘာ ထည့်သွင်းမှု မအောင်မြင်ပါ။ ဝင်းဒိုးကို ပြန်ဖွင့်ပြီး VeraCrypt ကို စက်ထဲ ထည့်သွင်းရန် ထပ်ကြိုးစားပါ။ + VeraCrypt device ဒရိုင်ဘာ စတင်ဖွင့်နေသည် + Device ဒရိုင်ဘာ ဖယ်ထုတ်မှု မအောင်မြင်ပါ။ ၎င်းသည် ဝင်းဒိုး ပြဿနာ တစ်ရပ်ကြောင့် ဖြစ်သည်၊ Device ဒရိုင်ဘာကို ဖယ်ထုတ်ခြင်း မပြုမီ ကွန်ပျူတာစနစ်ကို ခေတ္တပိတ်ပါ (သို့) ပြန်ဖွင့်ပါ (ဒါမှမဟုတ် စက်ထဲ ပြန်ထည့်ပါ)။ + VeraCrypt device ဒရိုင်ဘာ ထည့်သွင်းနေသည် + VeraCrypt device ဒရိုင်ဘာ ရပ်တန့်နေသည် + VeraCrypt device ဒရိုင်ဘာ ဖယ်ထုတ်နေသည် + သုံးစွဲသူ အကောင့် ထိန်းချုပ်ရေး ပံ့ပိုးမှု လိုင်ဘရာရီကို မှတ်ပုံတင်၍ မရပါ။ + သုံးစွဲသူ အကောင့် ထိန်းချုပ်ရေး ပံ့ပိုးမှု လိုင်ဘရာရီကို စာရင်းဖျက်၍ မရပါ။ + အိတ်ဆောင်စနစ် အကြောင်း သိကောင်းစရာ -\n\n OS သည် ဒရိုင်ဘာများကို မှတ်ပုံတင်ရန် လိုအပ်သည်၊ သို့မှသာ ၄င်းတို့ကို သုံးစွဲနိုင်မည် ဖြစ်သည်။ ထို့ကြောင့် VeraCrypt ဒရိုင်ဘာသည် လုံးလုံး အိတ်ဆောင်စနစ် မဟုတ်ပါ။ VeraCrypt အ​ပ္ပလီကေးရှင်းမှာမူ လုံး၀ အိတ်ဆောင်စနစ် ဖြစ်သည်၊ ၄င်းကို OS စက်ထဲ ထည့်သွင်းရန် မလို (သို့) မှတ်ပုံတင်ရန် မလိုပါ။ VeraCrypt သည် စာဝှက်ခြင်း/စာဝှက်ဖေါ်ခြင်းကို လက်ငင်း လုပ်ဆောင်နိုင်ရန် ဒရိုင်ဘာ တစ်ခုခု လိုအပ်သည်။ + VeraCrypt ကို အိတ်ဆောင်စနစ် (စက်ထဲ ထည့်သွင်းသော VeraCrypt နှင့်မတူပဲ) ဖြင့် သုံးစွဲရန် ဆုံးဖြတ်ပါက၊ ကွန်ပျူတာစနစ်သည် VeraCrypt (UAC prompt) ကို ဖွင့်သည့်အခါတိုင်း ခွင့်ပြုချက် တောင်းခံနေမည် ဖြစ်ပါသည်။\n\nအဘယ့်ကြောင့်ဆိုသော် VeraCrypt ကို အိတ်ဆောင်စနစ်ဖြင့် ဖွင့်သည့်အခါ၊ VeraCrypt သည် ၄င်း၏ device ဒရိုင်ဘာကို ဖွင့်ပေးရန် လိုအပ်နေသောကြောင့် ဖြစ်သည်။ VeraCrypt သည် စာဝှက်ခြင်း/စာဝှက်ဖေါ်ခြင်းကို လက်ငင်း ဆောင်ရွတ်နိုင်ရန် device ဒရိုင်ဘာ လိုအပ်နေသည်။ စီမံခန့်ခွဲသူ၏ လုပ်ပိုင်ခွင့် မရှိပဲ သုံးစွဲသူများသည် ၀င်းဒိုးထဲမှ device ဒရိုင်ဘာများကို စဖွင့်ပေးနိုင်မည် မဟုတ်ပါ။ ထို့ကြောင့် ကွန်ပျူတာစနစ်သည် VeraCrypt ကို စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့် (UAC prompt) ဖြင့် ဖွင့်ရန် တောင်းခံလာမည် ဖြစ်သည်။\n\n အကယ်၍ VeraCrypt ကို ကွန်ပျူတာစနစ်ထဲတွင် ထည့်သွင်းပါက၊ VeraCrypt (UAC prompt) ကို သင် ဖွင့်သည့်အခါတိုင်း၌ ကွန်ပျူတာစနစ်သည် ခွင့်ပြုချက်ကို တောင်းခံလာတော့မည် မဟုတ်ပါ။ \n\n ဖိုင်များကို ဖြည်ထုတ်ရန် သေချာသလား? + သတိပေးချက် - Volume ဖန်တီးမှု အညွှန်း ဖြစ်စဉ်တွင် စီမံခန့်ခွဲသူ၏ လုပ်ငန်းခွင့်များ ရှိရန် လိုအပ်သည်။\n\nသင်သည် volume အသစ်ကို ၄င်းအထဲ၌ စာများ ရေးသားခွင့် မရှိသော ခွင့်ပြုချက်မျိုးဖြင့် သင် ဖန်တီးနိုင်လိမ့်မည်။ဤဖြစ်ရပ်မျိုးကို ရှောင်ရှားလိုလျှင်၊ volume ဖန်တီးမှု အညွှန်းကို ပိတ်ပြီး စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့် မရှိသော volume အသစ် တစ်ခုကို ဖွင့်ပါ။\n\n Volume ဖန်တီးမှု အညွှန်းကို သင် ပိတ်လိုသလား? + ချို့ယွင်းချက် - လိုင်စင်ကို မပြနိုင်ပါ။ + အပြင်ဖက်(!) + ရက် + နာရီ + မိနစ် + စက္ကန့် + ဖွင့်ရန် + အဆုံးသတ်ရန် + VeraCrypt ကို ပြန်ရန် + VeraCrypt ကို ဖျောက်ထားရန် + အစပျိုး ကတည်းက ဖတ်ရှုသော ဒေတာများ + အစပျိုး ကတည်းက ရေးသားခဲ့သော ဒေတာများ + စာဝှက်ထားသည့် အပိုင်း + ၁၀၀% (လုံး စာဝှက်ထားပြီ) + ၀% (စာမဝှက်ရသေးပါ) + %.3f%% + ၁၀၀% + စောင့်ဆိုင်းဆဲ + ပြင်ဆင်နေတယ် + အရွယ် ပြန်ညှိနေသည် + စာဝှက်နေသည် + စာဝှက်ဖြည်နေသည် + အဆုံးသတ်နေသည် + ခေတ္တရပ်နားသည် + ပြီးသွားပြီ + ချို့ယွင်းချက် + Device အဆက်ဖြက်လိုက်သည် + ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို သိမ်းဆည်းလိုက်ပြီ။\n\n ကွန်ပျူတာစနစ် စဖွင့်သည့်အခါ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များ အစပျိုးမှုကို ဖွင့်ထားရန် 'ချိန်ညှိချက်များ' > 'ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များ' > 'ဝင်းဒိုး စဖွင့်သည့်အခါ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များ အစပျိုးရန်' ကို ရွေးပါ။ + စိတ်ကြိုက်များ စာရင်းထဲ သင် ထည့်သွင်းလိုသော volume သည် အခန်းကန့်လည်း မဟုတ်၊ တက်ကြွ volume လည်း မဟုတ်ပါ။ ထို့ကြောင့် VeraCrypt သည် device နံပါတ် ပြောင်းသွားပါက ဤ စိတ်ကြိုက် volume ကို အစပျိုးနိုင်မည် မဟုတ်ပါ။ + စိတ်ကြိုက်များ စာရင်းထဲ သင် ထည့်သွင်းလိုသော volume ကို ၀င်းဒိုးမှ အသိအမှတ် မပြုပါ။ ၀င်းဒိုးမှ အသိအမှတ်ပြုသော အခန်းကန့် အမျိုးအစားကို ချမှတ်ပါ (၀င်းဒိုး၏ 'diskpart' ကိရိယာ ဖြစ်သော SETID ညွှန်ကြားချက်ကို သုံးစွဲပါ)။ ထို့နောက် အခန်းကန့်ကို စိတ်​ကြိုက် စာရှင်းထဲ ပြန်ထည့်ပါ။ + အစပျိုးထားသော volumes များ မရှိပါက (သို့မဟုတ် VeraCrypt ကို အိ​တ်ဆောင်စနစ်ဖြင့် သုံးစွဲပါက) VeraCrypt ၏ နောက်ခံ လုပ်ငန်းများကို ပိတ်ထားသည် (သို့) ထွက်ရန် စီစဉ်ထားသည်။ ဤအချက်က သင့် စိတ်ကြိုက် volumes များ အလိုလျှောက် အစမပျိုးနိုင်ရန် အတားအဆီး ဖြစ်စေနိုင်သည်။\n\nမှတ်ချက် - VeraCrypt ၏ နောက်ခံ လုပ်ငန်းများကို ဖွင့်ရန်၊ 'VeraCrypt နောက်ခံ လုပ်ငန်း' အပိုင်းမှ ချိန်ညှိချက်များ > ဦးစားပေးချက်များ ကို ရွေးပါ။ + ကွန်ရက် တစ်ခုဖြင့် ဝေမျှသော ရပ်ဝေးမှ ဖိုင်စနစ် တစ်ခု၌ သိမ်းဆည်းထားသော သိမ်းဆည်းခန်းသည် ၄င်းရှိ​​နေသော device အဆက်အသွယ် ရ​သွားသောအခါ အလိုအလျောက် ဖွင့်နိုင်မည် မဟုတ်ပါ။ + အောက်တွင် ဖော်ပြသော device သည် အခန်းကန့်လည်း မဟုတ်၊ တက်ကြွ volume လည်း မဟုတ်ပါ။ ထို့ကြောင့်၊ device ​ထဲ၌ ထားရှိသော volume သည် device အဆက်အသွယ် ရသည့်အခါ ၄င်းကို အလိုအလျောက် အစပျိုးနိုင်မည် မဟုတ်ပါ။ + အောက်တွင် ဖော်ပြသော အခန်းကန့်ကို ဝင်းဒိုးမှ အသိအမှတ်ပြုသော အမျိုးအစားအဖြင့် သတ်မှတ်ပါ (ဝင်းဒိုး၏ 'diskpart' ကိရိယာမှ SETID ညွှန်ကြားချက်ကို သုံးစွဲပါ)။ အခန်းကန့်ကို စိတ်ကြိုက်များ စာရင်းမှ ဖယ်ရှားပြီး ပြန်ထည့်သွင်းပါ။ ထိုသို့ ပြုလုပ်ခြင်းဖြင့် device အဆက်အသွယ် ရသည့်အခါ device ၌ ရှိသော volume အလိုအလျောက် အစပျိုးရန် ဖွင့်ပေးမည် ဖြစ်သည်။ + အောက်တွင် ဖော်ပြသော device မှာ အခန်းကန့်လည်း မဟုတ်၊ တက်ကြွ volume လည်း မဟုတ်ပါ။ ထို့ကြောင့်၊ ၎င်းအတွက် မည်သည့် လေဘယ်လ်ကိုမျှ သတ်မှတ်၍ ရမည် မဟုတ်ပါ။ + အောက်တွင် ဖော်ပြသော အခန်းကန့်ကို ဝင်းဒိုးမှ အသိအမှတ်ပြုသော အမျိုးအစားအဖြင့် သတ်မှတ်ပါ (ဝင်းဒိုး၏ 'diskpart' ကိရိယာမှ SETID ညွှန်ကြားချက်ကို သုံးစွဲပါ)။ အခန်းကန့်ကို စိတ်ကြိုက်များ စာရင်းမှ ဖယ်ရှားပြီး ပြန်ထည့်သွင်းပါ။ ထိုသို့ ပြုလုပ်ခြင်းဖြင့် VeraCrypt သည် အခန်းကန့်အတွက် လေဘယ်လ် တစ်ခု သတ်မှတ်ပေးနိုင်မည် ဖြစ်သည်။ + ဝင်းဒိုး၏ ကန့်သတ်ချက်ကြောင့်၊ ကွန်ရက် တစ်ခုအတွင်း ဝေမျှထားသော ရပ်ဝေး ဖိုင်စနစ်ထဲ၌ သိမ်းဆည်းထားသော သိမ်းဆည်းခန်း တစ်ခုကို ကွန်ပျူတာစနစ် စိတ်ကြိုက် volume တစ်ခုအဖြစ် အစပျိုး၍ မရနိုင်ပါ (သို့သော်၊ အကောင့်ထဲ သုံးစွဲသူ တစ်ဦး ၀င်ရောက်လာသောအခါ ကွန်ပျူတာစနစ် မဟုတ်သော စိတ်ကြိုက် volume တစ်ခုအဖြစ် ​အစပျိုးနိုင်သည်)။ + %s အတွက် စကားဝှက် ရေးထည့်ပါ + '%s' အတွက် စကားဝှက် ရေးထည့်ပါ + ပုံမှန် volume/ ပြင်ပ volume အတွက် စကားဝှက် ရေးထည့်ပါ + လျှို့ဝှက် volume အတွက် စကားဝှက် ရေးထည့်ပါ + အရံသင့် ဖိုင်ထဲ၌ သိမ်းဆည်းထားသော ခေါင်းစီးအတွက် စကားဝှက် ရေးထည့်ပါ + ကီးဖိုင်ကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီ။ + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + သတိပေးချက် - ဤ volume ၏ ခေါင်းစီး ပျက်စီးသွားပြီ! ၎င်း volume ထဲ၌ ထည့်မြှပ်ထားသော volume ခေါင်းစီး အရံသင့် သိမ်းဆည်းချက်ကို VeraCrypt သည် အလိုအလျောက် သုံးစွဲထားသည်။\n\n Volume ခေါင်းစီးကို 'ကိရိယာများ' > 'Volume ​ခေါင်းစီး ပြန်ထားရန်' ကို ရွေးပြီး ပြုပြင်ပါ။ + Volume ခေါင်းစီးကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီ။\n\nအရေးကြီးချက် - ဤအရန်သင့် ဖိုင်ကို အသုံးပြုပြီး volume ခေါင်းစီးကို ပြန်ထားခြင်းဖြင့် လက်ရှိ volume ၏ စကားဝှက်ကိုလည်း ပြန်ထားပေးမည် ဖြစ်သည်။ ထို့အပြင် volume ကို အစပျိုးရန် ကီးဖိုင်(များ) လိုအပ်လာပါက၊ volume ခေါင်းစီးကို ပြန်ထားသည့်အခါ ၄င်း volume ကို အစပျိုးရန်အတွက် အလားတူ ကီးဖိုင် လိုအပ်လာမည်ဖြစ်သည်။\n\nသတိပေးချက် - ဤ volume ခေါင်းစီးကို သီးခြား volume ၏ ခေါင်းစီးကို ပြန်ထားရန် သုံးစွဲနိုင်သည်။ အကယ်၍ ဤခေါင်းစီး အရန်သင့် ဖိုင်ကို အခြား volume တစ်ခု၏ ခေါင်းစီး ပြန်ထားရန် အသုံးပြုပါက၊ ၄င်း volume ကို သင် အစပျိုးနိုင်မည် ဖြစ်သည်၊ သို့သော် volume ထဲ၌ သိမ်းဆည်းထားသော ဒေတာများကို သင် စာဝှက်ဖေါ်နိုင်မည် မဟုတ်ပါ (အဘယ့်ကြောင့် ဆိုသော် ၄င်း၏ မာစတာ ကီးကို သင် ပြောင်းလဲရမည် ဖြစ်သည်)။ + volume ခေါင်းစီးကို အောင်မြင်စွာ ပြန်ထားလိုက်ပြီ။\n\nအရေးကြီးချက် - စကားဝှက် အဟောင်းကိုပါ ပြန်ထားနိုင်သည်ကို သတိပြုပါ။ ဒါ့အပြင်၊ အကယ်၍ အရန်သင့်ဖိုင်ကို ဖန်တီးသည့်အခါ volume ကို အစပျိုးရန်အတွက် ကီးဖိုင်(များ) လိုအပ်လာပါက၊ ၄င်း volume ကို အစပျိုးရန်အတွက် အလားတူ ကီးဖိုင်များ လိုအပ်လာမည် ဖြစ်သည်။ + လုံခြုံရေး အကြောင်းကြောင့်၊ ဤ volume အတွက် စကားဝှက် အမှန် (နှင့် ကီးဖိုင် အမှန်) ကို သင် ရေးထည့်ရမည်။\n\nမှတ်ချက် - အကယ်၍ volume ၌ လျှို့ဝှက် volume တစ်ခု ပါရှိပါက၊ ပြင်ပ volume အတွက် စကားဝှက် အမှန်ကို အရင် ရေးထည့်ပေးရမည် ဖြစ်သည်။ ထိုမှတဆင့်၊ လျှို့ဝှက် volume ၏ ခေါင်းစီးကို အရန်သင့် ဖိုင် ပြုလုပ်မည် ဆိုပါက၊ လျှို့ဝှက် volume အတွက် စကားဝှက်အမှန် (နှင့် ကီးဖိုင် အမှန်) ကို သင် ရေးထည့်ရမည် ဖြစ်သည်။ + %s အတွက် volume အရန်သင့် ခေါင်းစီးကို ဖန်တီးရန် သေချာသလား?\n\n ဟုတ်ကဲ့ ခလုတ်ကို နှိပ်ပြီးပါက၊အရန်သင့် ခေါင်းစီးအတွက် ဖိုင်အမည်ကို တောင်းလာလိမ့်မည်။\n\nမှတ်ချက် - ပုံမှန် volume နှင့် လျှို့ဝှက် volume ခေါင်းစီးများကို salt အသစ် တစ်ခု သုံးပြီး ထပ်မံ စာဝှက်ပေးမည် ဖြစ်ပြီး၊ အရန်ဖိုင်တွင် သိမ်းဆည်းထားမည် ဖြစ်သည်။ ဤ volume အထဲ၌ လျှို့ဝှက် volume မရှိပါက၊ အရန်သင့် ဖိုင်အတွင်းရှိ လျှို့ဝှက် volume အတွက် ချန်ထား​ပေးသော နေရာ၌ (ပေါ်ပေါက်လာနိုင်သော ငြင်းဆိုမှုကို ထိန်းသိမ်းရန်) ကျပန်း ဒေတာများ နေရာယူသွားမည် ဖြစ်သည်။ Volume ​ခေါင်းစီး တစ်ခုကို အရန်သင့် ဖိုင်ထဲမှ ပြန်ထားသည့်အခါ၊ volume အရန်သင့် ခေါင်းစီးကို ဖန်တီးသည့်အခါ သုံးစွဲသော စကားဝှက် အမှန် (နှင့် ကီးဖိုင် အမှန်) ကို သင် ရေးထည့်ရမည်။ စကားဝှက် (နှင့် ကီးဖိုင်များ) သည် ပြန်ထားရမည့် volume ခေါင်းစီး အမျိုးအစားကို အလိုအလျောက် ဆုံးဖြတ်ပေးမည် ဖြစ်သည်၊ ဥပ​မာ အားဖြင့် - ပုံမှန်လား (သို့) လျှို့ဝှက်လား (VeraCrypt သည် ယင်း အမျိုးအစားကို အစမ်း သုံးစွဲမှုနှင့် ချို့ယွင်းချက်များမှ တဆင့် ဆုံးဖြတ်ပေးသည်)။ + %s ၏ volume ခေါင်းစီးကို ပြန်ထားရန် သေချာသလား?\n\n သတိပေးချက် - Volume ခေါင်းစီးကို ပြန်ထားခြင်းသည် အရန်သင့် ဖိုင် ဖန်တီးခဲ့စဉ်က သုံးစွဲခဲ့သော volume စကားဝှက်ကိုလည်း ပြန်ထားပေးမည် ဖြစ်သည်။ ထို့အပြင် အရန်သင့်ဖိုင် ဖန်တီးခဲ့စဉ်က volume ကို အစပျိုးရန် ကီးဖိုင်(များ) လိုအပ်ပါက၊ volume ခေါင်းစီးကို ပြန်ထားပြီးနောက် အဲဒီ volume ကို အစပျိုးဖို့ အလားတူ ကီးဖိုင်(များ) လိုအပ်လာမည် ဖြစ်သည်။\n\nဟုတ်ကဲ့ ခလုတ်ကို နှိပ်ပြီးပါက၊ အရန်သင့် ခေါင်းစီးဖိုင်ကို သင် ရွေးချယ်ရပါမည် ဖြစ်သည်။ + ဤ volume ထဲ၌ လျှို့ဝှက် volume ပါရှိသလား? + ဤ volume ထဲ၌ လျှို့ဝှက် volume ပါရှိသည် + ဤ volume ထဲ၌ လျှို့ဝှက် volume မရှိပါ + သင် အသုံးပြုလိုသောvolume ခေါင်းစီး အရန်သင့်ဖိုင် အမျိုးအစားကို ရွေးချယ်ပါ - + Volume ခေါင်းစီးကို volume ထဲ၌ ထည့်မြှပ်ထားသော အရန်သင့်ဖိုင်ထဲမှ ပြန်ထားလိုက်ပါ + Volume ခေါင်းစီးကို ပြင်ပ အရန်သင့် ဖိုင်တစ်ခုထဲမှ ပြန်ထားပါ + Volume ခေါင်းစီး အရန်သင့်ဖိုင်၏ အရွယ်အစား မှန်ကန်မှု မရှိပါ။ + ဤ volume အတွင်း၌ ထည့်မြှပ်ထားသော အရန်သင့် ခေါင်းစီး မရှိပါ (VeraCrypt 6.0 နှင့် နောက်ပိုင်း ထုတ်သော ဗားရှင်းများ၌ ပါရှိသော volumes များ၌သာ ထည့်မြှပ်ထားသော အရန်သင့် ခေါင်းစီးများ ပါရှိသည်)။ + သင်သည် ကွန်ပျူတာစနစ်မှ အခန်းကန့်/drive ၏ ခေါင်းစီးကို အရန်သင့် ပြုလုပ်ရန် ကြိုးစားနေသည်။၎င်းကို ခွင့်မပြုပါ။ ကွန်ပျူတာစနစ်မှ အခန်းကန့်/drive နှင့် သက်ဆိုင်သော အရန်သင့် ပြုလုပ်ခြင်း/ပြန်ထားခြင်း လုပ်ငန်းများကို VeraCrypt ဆယ်တင်ရေး ခွေဖြင့်သာ ပြုလုပ်နိုင်သည်။\n\n VeraCrypt ဆယ်တင်ရေးခွေကို ပြုလုပ်လိုသလား? + သင်သည် VeraCrypt volume အတု၏ ခေါင်းစီးကို ပြန်ထားရန် ကြိုးစားနေသည်၊ သို့သော် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို သင် ရွေးချယ်ထားသည်။ ၎င်းကို ခွင့်မပြုပါ။ ကွန်ပျူတာစနစ်မှ အခန်းကန့်/drive နှင့် သက်ဆိုင်သော အရန်သင့် ပြုလုပ်ခြင်း/ပြန်ထားခြင်း လုပ်ငန်းများကို VeraCrypt ဆယ်တင်ရေး ခွေဖြင့်သာ ပြုလုပ်နိုင်သည်။\n\n VeraCrypt ဆယ်တင်ရေးခွေကို ပြုလုပ်လိုသလား? + ကောင်းပြီ ခလုတ်ကို နှိပ်ပြီးနောက်၊ လိုက်ပါက VeraCrypt ဆယ်တင်ရေး အခွေ ISO image အသစ် အတွက် ဖိုင်အမည်နှင့် ၄င်းကို ထားရှိလိုသည့် နေရာကို သင် ရွေးချယ်ရမည်။ + ဆယ်တင်ရေး အခွေ image ကို ဖန်တီးလိုက်ပြီး ၄င်းကို ဤဖိုင်ထဲ၌ သိမ်းဆည်းထားသည် -\n%s\n\nယခုအခါ ဆယ်တင်ရေး အခွေကို စီဒီ/ဒီဗွီဒီ ခွေအဖြစ် သင် ဖန်တီးရမည် ဖြစ်သည်။\n\nအရေးကြီးချက် - ၄င်းဖိုင်ကို (သီးခြားဖိုင် အဖြစ် မဟုတ်ပဲ) ISO ​အခွေ image အဖြစ် စီဒီ/ဒီဗွီဒီထဲ၌ ရေးရမည် ဖြစ်သည်။ ပြုလုပ်နည်း အချက်အလက်ကို၊ သင့် စီဒီ/ဒီဗွီဒီ မှတ်တမ်းတင် ဆော့ဗ်ဝဲထဲရှိ သုံးစွဲနည်း လမ်းညွှန်၌ လေ့လာပါ။\n\n ဆယ်တင်ရေး အခွေ ပြုလုပ်ပြီးပါက၊ အခွေကို မှန်မှန်ကန်ကန် ကူးယူမှု ရှိမရှိ စစ်ဆေးရန် 'System' > 'ဆယ်တင်ရေး အခွေ စစ်ဆေးရန်' ကို ရွေးပါ။ + ဆယ်တင်ရေး အခွေ image ကို ဖန်တီးလိုက်ပြီး ၄င်းကို ဤဖိုင်ထဲ၌ သိမ်းဆည်းထားသည် -\n%s\n\nယခုအခါ ဆယ်တင်ရေး အခွေကို စီဒီ/ဒီဗွီဒီ ခွေအဖြစ် သင် ဖန်တီးရမည် ဖြစ်သည်။\n\nမိုက်ခရိုဆော့ဗ် ၀င်းဒိုး အခွေ Image ကူးစနစ်ကို ယခု ဖွင့်မည်လား?\n\nမှတ်ချက် - ဆယ်တင်ရေး အခွေကို ကူးယူပြီးပါက၊ အခွေကို မှန်မှန်ကန်ကန် ကူးယူမှု ရှိမရှိ စစ်ဆေးရန် 'System' > 'ဆယ်တင်ရေး အခွေ စစ်ဆေးရန်' ကို ရွေးပါ။ + VeraCrypt ဆယ်တင်ရေး အခွေကို သင့် CD/DVD drive ထဲ ထည့်ပြီး ၄င်းကို စစ်ဆေးရန် ကောင်းပြီး ခလုတ်ကို နှိပ်ပါ။ + VeraCrypt ဆယ်တင်ရေး အခွေကို အောင်မြင်စွာ စစ်ဆေးလိုက်ပြီ။ + ဆယ်တင်ရေး အခွေကို မှန်မှန်ကန်ကန် ရေးကူးမှု ရှိမရှိ စစ်ဆေး၍ မရပါ။\n\nဆယ်တင်ရေး ​အခွေကို ကူးပြီးပါ​က၊ စီဒီ/ဒီဗွီဒီကို ထုတ်ပြီး ပြန်သွင်းကာ ထပ်စမ်းကြည့်ပါ။ အကယ်၍ အလုပ်မဖြစ်ပါက၊ အခြား စီဒီ/ဒီဗွီဒီ ခွေကူး ဆော့ဗ်ဝဲ (သို့) ကြားခံဖြင့် ထပ်စမ်းကြည့်ပါ။\n\nအကယ်၍ သင်သည် အခြား မာစတာ ကီး၊ စကားဝှက်၊ salt နှင့် အခြားအတွက် ဖန်တီးထားသော VeraCrypt ဆယ်တင်ရေး အခွေကို စစ်ဆေးရန် ကြိုးပမ်း​နေပါက၊ ယင်းကဲ့သို့ ဆယ်တင်ရေး အခွေသည် ဤကဲ့သို့ စစ်ဆေးမှုကို အောင်မြင်မည် မဟုတ်ပါ။ သင့် လက်ရှိ ပြုပြင်ဖန်တီးမှုနှင့် ကိုက်ညီသော ဆယ်တင်ရေး အခွေသစ် တစ်ခုကို သင် ပြုလုပ်လိုပါက 'System' > 'ဆယ်တင်ရေး ​အခွေ ဖန်တီးရန်' ကို ရွေးပါ။ + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + VeraCrypt ဆယ်တင်ရေး အ​ခွေ ဖန်တီးမှု ချို့ယွင်းချက်။ + လျှို့ဝှက် OS ကို သုံးစွဲ​​နေစဉ် VeraCrypt ဆယ်တင်ရေး အခွေကို ဖန်တီး၍ မရပါ။\n\nVeraCrypt ဆယ်တင်ရေး အခွေကို ဖန်တီးရန်၊ မျက်လှည့် OS ကို ဖွင့်ပြီး 'System' > 'ဆယ်တင်ရေး အခွေ ဖန်တီးရန်' ကို ရွေးပါ။ + ဆယ်တင်ရေး အခွေကို မှန်မှန်ကန်ကန် ရေးကူးမှု ရှိမရှိ စစ်ဆေး၍ မရပါ။\n\nဆယ်တင်ရေး ​အခွေကို ကူးပြီးပါ​က၊ စီဒီ/ဒီဗွီဒီကို ထုတ်ပြီး ပြန်သွင်းကာ ထပ်စမ်းကြည့်ပါ။ အကယ်၍ အလုပ်မဖြစ်ပါက၊ အခြား စီဒီ/ဒီဗွီဒီ ခွေကူး ဆော့ဗ်ဝဲ (သို့) ကြားခံ %s ဖြင့် ထပ်စမ်းကြည့်ပါ။\n\nအကယ်၍ သင်သည် ဆယ်တင်ရေး အခွေကို မကူးသေးပါက၊ ယခု ကူးယူပြီးနောက်၊ ရှေ့သို့ ခလုတ်ကို နှိပ်ပါ။\n\n ဤအညွှန်းကို မဖွင့်မီ သင် ဖန်တီးခဲ့သော VeraCrypt ဆယ်တင်ရေး အခွေကို စစ်ဆေးရန် သင် ကြိုးပမ်းနေပါက၊ ယင်းကဲ့သို့ ဆယ်တင်ရေး အခွေကို သုံးစွဲနိုင်မည် မဟုတ်ပါ၊ အဘယ်ကြောင့် ဆိုသော် ၄င်းသည် အခြား မာစတာ ကီးအတွက် ဖန်တီးထား၍ ဖြစ်သည်။ အသစ် ထုတ်လုပ်ထားသော ဆယ်တင်ရေး အခွေကို သင် ကူးယူရန် လိုအပ်သည်။ + ၄င်းအပြင် အခြား စီဒီ/ဒီဗွီဒီ မှတ်တမ်းတင် ဆော့ဗ်ဝဲ + VeraCrypt - ကွန်ပျူတာစနစ် စိတ်ကြိုက် Volumes များ + ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes ဆိုသည်မှာ အဘယ်နည်း? + ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ထားပုံ မပေါ်ပါ။\n\nကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes ကို စက်မဖွင့်မီ အတည်ပြု စကားဝှက်ဖြင့်သာ အစပျိုးနိုင်မည် ဖြစ်သည်။ ထို့ကြောင့်၊ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို ဖွင့်ရန်၊ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို အရင် စာဝှက်ထားရန် လိုသည်။ + ဆက်မလုပ်မီ volume ကို အဆုံးသတ်လိုက်ပါ။ + ချို့ယွင်းချက် - အချိန် သတ်မှတ်၍ မရပါ။ + ဖိုင်စနစ် စစ်ဆေးရန် + ဖိုင်စနစ် ပြုပြင်ရန် + စတ်ကြိုက်များ စာရင်းထဲ ထည့်သွင်းပါ... + ကွန်ပျူတာစနစ် စိတ်ကြိုက်များ စာရင်းထဲ ထည့်သွင်းပါ... + &r ဂုဏ်အင်္ဂါရပ်များ + လျှို့ဝှက် Volume ကာကွယ်ထားပြီ + N/A + ဟုတ်ကဲ့ + မဟုတ်ပါ + ပိတ်ထားသည် + + ၂ (သို့) ထိုထက်ပိုသော + လည်ပတ်မှု စနစ် + လေဘယ်လ် - + အရွယ်အစား- + ဖိုင် လမ်းကြောင်း - + Drive အက္ခရာ - + ချို့ယွင်းချက် - စကားဝှက်၌ ASCII အက္ခရာ စာလုံးများသာ ပါ၀င်ရမည်။\n\nစကားဝှက်တွင် ASCII အက္ခရာ စာလုံးများ မဟုတ်သော စာလုံးများ ရှိပါက၊ သင့် ကွန်ပျူတာစနစ် ပြုပြင်ဖန်တီးမှု ပြောင်းသွားသောအခါ volume ကို ဖွင့်နိုင်မည် မဟုတ်ပါ။\n\nအောက်ပါ အက္ခရာ စာလုံးများကို ခွင့်ပြုထားသည် -\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + သတိပေးချက် - စကားဝှက်၌ ASCII မဟုတ်သော အက္ခရာစာလုံးများ ပါရှိနေသည်။ ဤအချက်ကြောင့် သင့် ကွန်ပျူတာစနစ် ပြုပြင်ဖန်တီးမှု ပြောင်းသွားသောအခါ volume ကို ဖွင့်နိုင်မည် မဟုတ်ပါ။\n\n စကားဝှက်၌ ပါသော ASCII မဟုတ်သော စကားဝှက်များကို ASCII အက္ခရာများနှင့် အစားထိုးပါ။ ထိုသို့ ပြုလုပ်ရန် 'Volumes' -> 'Volume စကားဝှက် ပြောင်းရန်' ကို နှိပ်ပါ။\n\n ASCII အက္ခရာစာလုံးများကို အောက်ပါအတိုင်း ဖေါ်ပြထားသည် -\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + သတိပေးချက် - ဖိုင် extensions များ (such as .exe, .sys, or .dll) နှင့် အခြား အလားတူ ပြဿနာ ရှိနိုင်သော ဖိုင် extensions များကို ရှောင်ရန် အထူး တိုက်တွန်းလိုသည်။ ယင်းကဲ့သို့ ဖိုင် extensions များကို သုံးစွဲခြင်းဖြင့် ဝင်းဒိုးနှင့် ဗိုင်းရပ်စ်သတ် ဆော့ဗ်ဝဲတို့သည် သိမ်းဆည်းခန်းနှင့် အနှောင့်အယှက် ဖြစ်လာနိုင်သည်။ ၄င်းကြောင့် volume ၏ စွမ်းဆောင်ရည်ကို ထိ​ခိုက်စေပြီး အခြား ပြင်းထန်သော ပြဿနာများ ပေါ်ပေါက်စေနိုင်သည်။\n \nဖိုင် extension ကို ဖယ်ရှားပြီး ​အမည်ပြောင်းရန် အထူး အကြံပြုလိုသည် (ဥပမာ - '.hc' စသဖြင့်)။\n \nဤပြဿနာများ ဖြစ်စေနိုင်သည့် ဖိုင် extension ကို အသုံးပြုရန် သေချာသလား? + သတိပေးချက် - ဤသိမ်းဆည်းခန်း၌ ဖိုင် extensions များ (such as .exe, .sys, or .dll) နှင့် အခြား အလားတူ ပြဿနာ ရှိနိုင်သော ဖိုင် extensions များ၌ သုံးစွဲသော ဖိုင် extension တစ်ခု ရှိနေသည်။ ယင်းကြောင့် ဝင်းဒိုးနှင့် ဗိုင်းရပ်စ်သတ် ဆော့ဗ်ဝဲတို့သည် သိမ်းဆည်းခန်းနှင့် အနှောင့်အယှက် ဖြစ်လာနိုင်ပြီး volume ၏ စွမ်းဆောင်ရည်ကို ထိ​ခိုက်စေပြီး အခြား ပြင်းထန်သော ပြဿနာများ ပေါ်ပေါက်စေနိုင်သည်။\n\n Volume ကို အဆုံးသတ်ပြီးနောက် ဖိုင် extension ကို ဖယ်ရှားပြီး ​(ဥပမာ - '.hc' စသဖြင့်) အမည်ပြောင်းရန် အထူး အကြံပြုလိုသည်။ + ပင်မ စာမျက်နှာ + သတိပေးချက် - ဝင်းဒိုး ထည့်သွင်းရာ၌ မည်သည့် Service Pack ကိုမျှ သုံးစွဲထားပုံ မပေါ်ပါ။ Service Pack 1 (သို့) နောက်ဆုံးထွက်ကို သုံးစွဲမထားသော Windows XP ထဲ၌ 128GB ထက် ကြီးသော IDE disks များကို ရေးသားခြင်း မပြုရ။ အကယ်၍ ပြုလုပ်ပါက၊ disk ပေါ်ရှိ (VeraCrypt volume ဟုတ်သည် ဖြစ်စေ၊ မဟုတ်သည် ဖြစ်စေ) ဒေတာများ ပျက်စီးနိုင်သည်။ ၎င်းမှာ ဝင်းဒိုး၏ ကန့်သတ်ချက် ဖြစ်ပြီး၊ VeraCrypt ၏ ပရိုဂရမ်အမှား မဟုတ်ပါ။ + သတိပေးချက် - ဝင်းဒိုး ထည့်သွင်းရာ၌ Service Pack 3 နှင့် နောက်ဆုံးထွက်ကို သင် သုံးစွဲထားပုံ မပေါ်ပါ။ Service Pack 3 (သို့) နောက်ဆုံးထွက်ကို သုံးစွဲမထားသော Windows 2000 ထဲ၌ 128GB ထက် ကြီးသော IDE disks များကို ရေးသားခြင်း မပြုရ။ အကယ်၍ ပြုလုပ်ပါက၊ disk ပေါ်ရှိ (VeraCrypt volume ဟုတ်သည် ဖြစ်စေ၊ မဟုတ်သည် ဖြစ်စေ) ဒေတာများ ပျက်စီးနိုင်သည်။ ၎င်းမှာ ဝင်းဒိုး၏ ကန့်သတ်ချက် ဖြစ်ပြီး၊ VeraCrypt ၏ ပရိုဂရမ်အမှား မဟုတ်ပါ။\n\nမှတ်ချက် - Registry ထဲ၌ 48-bit LBA အထောက်အပံ့ကို ဖွင့်ထားရန် လိုအပ်နိုင်သည်။ အသေးစိတ် အချက်အလက်ကို http://support.microsoft.com/kb/305098/EN-US ၌ လေ့လာပါ။ + သတိပေးချက် - သင့် ကွန်ပျူတာစနစ်တွင် 48-bit LBA ATAPI အထောက်အပံ့ကို ပိတ်ထားသည်။ ထို့ကြောင့်၊ IDE disks ထဲ၌ 128GB ထက်ပို၍ မရေးသားသင့်ပါ။ အကယ်၍ ထိုသို့ ပြုလုပ်ပါက (VeraCrypt volume ဟုတ်သည် ဖြစ်စေ၊ မဟုတ်သည် ဖြစ်စေ) disk ထဲရှိ ဒေတာများ ပျက်စီးနိုင်သည်။ ၎င်းမှာ ဝင်းဒိုး၏ ကန့်သတ်ချက် ဖြစ်ပြီး၊ VeraCrypt ၏ ကန့်သတ်ချက် မဟုတ်ကြောင်း သတိပြုပါ။\n\n 48-bit LBA ATAPI အထောက်အပံ့ ဖွင့်ရန်၊ registry ကီး HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters ထဲမှ 'EnableBigLba' ၏တန်ဖိုးကို 1 ဟု သတ်မှတ်ပါ။\n\nအသေးစိတ် အချက်အလက်ကို http://support.microsoft.com/kb/305098 တွင် လေ့လာပါ။ + ချို့ယွင်းချက် - 4GB ထက်ကြီးသော ဖိုင်များကို FAT32 ဖိုင်စနစ်တွင် သိမ်းဆည်း၍ မရပါ။ ထို့ကြောင့် FAT32 ဖိုင်စနစ်ထဲ၌ သိမ်းထားသော VeraCrypt volumes များ(သိမ်းဆည်းခန်များ) သည် 4GB ထပ်ပို၍ မထားနိုင်ပါ။\n\nအကယ်၍ ပိုကြီးသော volume လိုအပ်ပါက၊ ၄င်းကို NTFS ဖိုင်စနစ်တွင် ဖန်တီးပါ (သို့မဟုတ် အကယ်၍ Windows Vista SP1 နှင့် နောက်ဆုံးပေါ် သုံးစွဲပါက၊ exFAT ဖိုင်စနစ်ကို အသုံးပြုပါ) ဒါမှမဟုတ် ဖိုင် သိမ်းထားသော volume ကို ဖန်တီးပြီး၊ အခန်းကန့် (သို့) device တစခုလုံးကို စာဝှက်လိုက်ပါ။ + သတိပေးချက် - Windows XP သည် မှ 2048 GB ထက်ပိုကြီးသော ဖိုင်များကို လက်မခံပါ ("Not enough storage is available" ဟု သတိပေးလာမည် ဖြစ်သည်)။ ထို့ကြောင့် Windows XP တွင် 2048 GB ထက်ကြီးသော VeraCrypt volume (သိမ်းဆည်းခန်း) ကို ဖန်တီးနိုင်မည် မဟုတ်ပါ။\n\n သို့သော် Windows XP တွင် drive တစ်ခုလုံး ကို ဖန်တီးနိုင်သည် (သို့) 2048 GB ထက်ကြီးသော VeraCrypt volume အခန်းကန့် တစ်ခုကို သင် ဖန်တီးနိုင်သည်။ + သတိပေးချက် - နောင်အချိန်၌ ပြင် volume တွင် ဒေတာများ/ဖိုင်များကို ထပ်မံ ထည့်သွင်းလိုပါက၊ အရွယ်ပမာဏ ပို၍ သေးငယ်သော လျှို့ဝှက် volume ကို သင် ရွေးချယ်နိုင်သည်။\n\nသင် သတ်မှတ်ထားသည့် အရွယ်ပမာဏ အတိုင်း ဆက်လုပ်ရန် သေချာသလား? + Volume ကို ရွေးမထားပါ။\n\n VeraCrypt volume တစ်ခုကို ရွေးချယ်ရန် 'Device ရွေးရန်' (သို့) 'ဖိုင် ရွေးရန်' ကို နှိပ်ပါ။ + ရွေးထားသော အခန်းကန့် မရှိပါ။\n\nစက်မတက်မီ အတည်ပြုချက် လိုအပ်သော အဆုံးသတ်ထားသော အခန်းကန့် တစ်ခုကို ရွေးချယ်ရန် 'Device ရွေးချယ်ရန်' ကို နှိပ်ပါ (ဥပမာ အားဖြင့်၊ အခြား OS ၏ စာဝှက်ထားသော drive ထဲ၌ ရှိသော အခန်းကန့် တစ်ခု၊ (သို့) အခြား OS ၏ စာဝှက်ထားသော အခန်းကန့်)။ \n\n မှတ်ချက် - ရွေးချယ်ထားသော အခန်းကန့်ကို စက်မတက်မီ အတည်ပြုစရာ မလိုပဲ ပုံမှန် VeraCrypt volume ကဲ့သို့ အစပျိုးနိုင်သည်။ ဤအချက်သည် အရန်သင့် သိမ်းဆည်းရန် (သို့) လုပ်​ငန်းလည်ပတ်မှုများ ပြုပြင်ရန် အသုံး၀င်သည်။ + သတိပေးချက် - အကယ်၍ ကီးဖိုင်များကို သတ်မှတ်ပြီး ဖွင့်ထားပါက၊ ၄င်းကီးဖိုင်များကို အသုံးမပြုသော volumes များကို အစပျိုးနိုင်မည် မဟုတ်ပါ။ ထို့ကြောင့်၊ ပုံမှန် ကီးဖိုင်များကို ဖွင့်ပြီးပါက၊ ယင်းကဲ့သို့ volumes မျိုးကို အစပျိုးသည့်အခါတိုင်း အမှန်ခြစ်ကွက်ထဲမှ 'ကီးဖိုင်များ သုံးရန်' ကို မရွေးရန် သတိပြပါ။\n\nရွေးချယ်ထားသော ကီးဖိုင်/ဖိုင်လမ်းကြောင်းများကို ပုံမှန်အတိုင်း သိမ်းဆည်းရန် သေချာသလား? + အလိုလို-အစပျိုးသော Devices များ + အားလုံးကို အဆုံးသတ်ရန် + ကေ့ချ်ကို ရှင်းလင်းရန် + အားလုံးကို အဆုံးသတ်ပါ၊ ကေ့ချ်ကို ရှင်းလင်းပါ + အားလုံးကို အတင်း အဆုံးသတ်ပါ၊ ကေ့ချ်ကို ရှင်းလင်းပါ + အားလုံးကို အတင်း အဆုံးသတ်ပါ၊ ကေ့ချ်ကို ရှင်းလင်းပါ & ထွက်ပါ + စိတ်ကြိုက် Volumes များ အစပျိုးရန် + ပင်မ VeraCrypt ဝင်းဒိုးကို ပြပါ/ဝှက်ပါ + (ဤနေရာကို နှိပ်ပြီး ကီးတစ်ခု နှိပ်ပါ) + လုပ်ဆောင်ချက် + ဖြတ်လမ်း + ချို့ယွင်းချက် - ဤဖြတ်လမ်းကို သီးသန့်ဖယ်ထားသည်။ အခြား ဖြတ်လမ်း တစ်ကို ရွေးပါ။ + ချို့ယွင်းချက် - ဖြတ်လမ်းကို အသုံးပြုနေသည်။ + သတိပေးချက် - VeraCrypt စနစ် တစ်ခုလုံးသုံး အထူးကီး တစ်ခု (သို့) ထိုထက်ပို၍ အလုပ်လုပ်မည် မဟုတ်ပါ။\n\nအခြား အပ္ပလီကေးရှင်းများနှင့် OS စနစ်တို့သည် VeraCrypt ကဲ့သို့ ဖြတ်လမ်း(များ) တမျိုးတည်းကို မသုံးစွဲရန် သတိပြုပါ။ + ဆက်သွယ်​ရေး ဖိုင် ဖန်တီးမှုကို တားမြစ်ထားသည်။\n\n၀င်းဒိုး ပြဿနာကြောင့်၊ ကွန်ပျူတာစနစ် မဟုတ်သော (ကွန်ပျူတာ စိတ်ကြိုက် volumes) VeraCrypt volumes များထဲ၌ ဆက်သွယ်ရေး ဖိုင်များကို မ​ရှာနိုင်ပါ။ VeraCrypt သည် ဆက်သွယ်ရေး ဖိုင်များကို စာဝှက်ထားသော ကွန်ပျူတာစနစ် အခန်းကန့်/drive ၌သာ ပံ့ပိုးထားသည်။ + ချို့ယွင်းချက် (သို့) မညီမျှမှု တစ်ခုသည် VeraCrypt က hibernation ဖိုင်ကို စာဝှက်၍ မရအောင် တားမြစ်နေသည်။ ထို့ကြောင့်၊ hibernation လုပ်ခြင်းကို တားမြစ်ထားသည်။\n\nမှတ်ချက် - ကွန်ပျူတာ တစ်လုံး hibernate လုပ်သည့်အခါ (သို့မဟုတ် ဓါတ်အား ​​​​​​​​​​ချွေတာရေးစနစ်၌ ထားသည့်အခါ)၊ ၄င်း၏ ကွန်ပျူတာစနစ် မှတ်ဉာဏ်ထဲမှ အကြောင်းအရာကို ကွန်ပျူတာစနစ် drive ၌ တည်ရှိသော hibernation သိုလှောင်ရေး ဖိုင်ထဲသို့ ရေးသားထားသည်။ VeraCrypt သည် RAM ထဲ၌ ဖွင့်ထားသော စာဝှက်စနစ် ကီးများနှင့် အ​ထိခိုက်မခံသော ဖိုင်များကို hibernation သိုလှောင်ရေး ဖိုင်ထဲ၌ စာဝှက်မထားပဲ သိမ်းဆည်းထားမည် မဟုတ်ပါ။ + Hibernation ပြုလုပ်ခြင်းကို တားမြစ်ထားသည်။\n\nVeraCrypt သည် အပို boot အခန်းကန့် တစ်ခု ပါရှိသော လျှို့ဝှက် OS စနစ်၌ hibernation ကို ထောက်ပံ့မပေးပါ။ ၄င်း boot အခန်းကန့်သည် မျက်လှည့် စနစ်နှင့် လျှို့ဝှက် စနစ်တို့က ဝေမျှထားသည်ကို သတိပြုပါ။ ထို့ကြောင့်၊ hibernation ပြုလုပ်ရာမှ ပြန်ဖွင့်သည့်အခါ ဒေတာ ယိုဖိတ်မှုများနှင့် ပြဿနာများကို ကာကွယ်နိုင်ရန်၊ VeraCrypt သည် လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို ဝေမျှသော boot အခန်းကန့်ထဲ ရေးသားခြင်း မပြုနိုင်ရန်နှင့် hibernating မလုပ်နိုင်ရန် တားဆီးပေးမည် ဖြစ်သည်။ + %c အဖြစ် အစပျိုးထားသော VeraCrypt volume ကို အဆုံးသတ်ထားသည်။ + VeraCrypt volumes များကို အဆုံးသတ်ထားသည်။ + VeraCrypt volumes များကို အဆုံးသတ်ထားပြီး စကားဝှက် ကေ့ချ်ကို ရှင်းလင်းထားသည်။ + အောင်မြင်စွာ အဆုံးသတ်ထားသည် + သတိပေးချက် - အကယ်၍ VeraCrypt နောက်ခံ လုပ်ဆောင်မှုကို ပိတ်ထားပါက၊ အောက်ပါ လုပ်ဆောင်ချက်များကို ပိတ်ထားမည် ဖြစ်သည် -\n\n၁) အထူးကီးများ\n၂) အလိုလို-အဆုံးသတ်ရန် (ဥပမာ - ခေတ္တ ပိတ်ထားခြင်း၊ လွတ်နေသော host device ဖယ်ရှားခြင်း၊ အချိန်ကုန်သွားခြင်း၊ စသဖြင့်။)\n၃) စိတ်ကြိုက် volumes များကို အလိုလို-အစပျိုးခြင်း၄) သတိပေးချက်များ (ဥပမာ - လျှို့ဝှက် volume ဖျက်ဆီးမှုကို တားမြစ်သည့်အခါ)\n၅) အမှိုက်ပုံး အိုင်ကွန်ပုံ\nမှတ်ချက် - VeraCrypt ၏ အမှိုက်ပုံး အိုင်ကွန်ပုံကို ညာဖက် နှိပ်ခြင်းဖြင့်၊ 'ထွက်ရန်' ကို ရွေးခြင်းဖြင့် နောက်ခံ လုပ်ဆောင်ချက်ကို အချိန်မရွေး ပိတ်နိုင်သည်။\n\nVeraCrypt ၏ နောက်ခံ လုပ်ဆောင်ချက်ကို အမြဲတမ်း ပိတ်ရန် သေချာသလား? + သတိပေးချက် - အကယ်၍ ဤရွေးစရာကို ပိတ်ထားပါက၊ ဖွင့်ထားသော ဖိုင်များ/ဖိုင်တွဲများ ပါရှိသော volumes များကို အလိုလို-အဆုံးသတ်နိုင်မည် မဟုတ်ပါ။\n\nဤရွေးစရာကို သင် ပိတ်ထားရန် အလိုရှိသလား? + သတိပေးချက် - ဖွင့်ထားသော ဖိုင်များ/ဖိုင်တွဲများ ပါရှိသော volumes များကို အလိုလို-အဆုံးသတ်နိုင်မည် မဟုတ်ပါ။\n\nဤအချက်ကို တားမြစ်ရန်၊ ​အောက်ပါ ရွေးစရာကို အညွှန်း ၀င်းဒိုးထဲ၌ ဖွင့်ထားပါ - အကယ်၍ 'volume ၌ ဖွင့်ထားသော ဖိုင်များ/ဖိုင်တွဲများ ရှိနေလျှင်ပင် အတင်းအကျပ် အလိုလို-အဆုံးသက်ပါ' + သတိပေးချက် - ဘက်ထရီ အားနည်းလာသည့်အခါ၊ ကွန်ပျူတာသည် ဓါတ်အား ​ချွေတာရေး စနစ်ထဲ ၀င်လာသည့်နှင့် အလုပ်လုပ်နေသော အပ္ပလီကေးရှင်းများထံ သင့်လျှော်သော စာတမ်းများ ပေးပို့မှု ရပ်ဆိုင်းမည် ဖြစ်သည်။ ထို့ကြောင့်၊ ယင်းကဲ့သို့ အခြေအနေများတွင် VeraCrypt သည် volumes များကို အလိုလို-အဆုံးသတ်နိုင်မည် မဟုတ်ပါ။ + သင်သည် အခန်းကန့်/volume တစ်ခုခု စာဝှက်နေမှု လုပ်ငန်းစဉ်အတွက် အချိန်သတ်မှတ်ထားပြီး။ ၄င်းလုပ်ငန်းစဉ်သည် မပြီးဆုံးသေးပါ။\n\nလုပ်ငန်းစဉ်ကို ယခု ပြန်စတင်ရန် အလိုရှိသလား? + သင်သည် အခန်းကန့်/volume တစ်ခုခု စာဝှက်နေမှု (သို့) စာဝှက်ဖြည်မှု လုပ်ငန်းစဉ်အတွက် အချိန်သတ်မှတ်ထားပြီး။ ၄င်းလုပ်ငန်းစဉ်သည် မပြီးဆုံးသေးပါ။\n\nလုပ်ငန်းစဉ်ကို ယခု ပြန်စတင်ရန် အလိုရှိသလား? + လက်ရှိ အချိန်သတ်မှတ်ထားသော ကွန်ပျူတာစနစ် မဟုတ်သည့် အခန်းကန့်များ/volumes များ စာဝှက်သည့် လုပ်ငန်းစဉ်များကို ပြန်စတင်ရန် အချက်ပေး စေလိုသလား? + ဟုတ်ကဲ့၊ ဆက်ပြီး သတိပေးပါ + မဟုတ်ပါ၊ သတိမပေးပါနှင့် + အရေးကြီးချက် - ပင်မ VeraCrypt ၀င်းဒိုးရှိ မီနူးဘားမှ 'Volumes များ' > 'ပိတ်ပင်ထာသည့် လုပ်ငန်းစဉ် ပြန်စရန်' ကို ရွေးခြင်းဖြင့် ကွန်ပျူတာစနစ် မဟုတ်သော အခန်းကန့်/volume စာဝှက်သည့် စနစ်ကို ပြန်စတင်နိုင်သည်ကို သတိပြုပါ။ + သင်သည် ကွန်ပျူတာစနစ် အခန်းကန့်/drive စာဝှက်ခြင်း (သို့) စာဝှက်ဖြည်ခြင်း လုပ်ငန်းစဉ်အတွက် အချိန် သတ်မှတ်ထားသည်။ သို့ရာတွင်၊ စက်မတက်မီ အတည်ပြုချက် အလုပ်မလုပ်ပါ (သို့မဟုတ် လမ်းလွှဲခံရသည်)\n\nမှတ်ချက် - အကယ်၍ သင်သည် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စက်မတက်မီ အခြေအနေ၌ စာဝှက်ဖြည်ခဲ့လျှင်၊ ပင်မ VeraCrypt ၀င်းဒိုးမှ မီနူးဘာရှိ 'ကွန်ပျူတာစနစ်' > 'ကွန်ပျူတာစနစ် အခန်းကန့်/Drive ကို အမြဲတမ်း စာဝှက်ဖြည်ရန်' ကို ရွေးခြင်းဖြင့် လုပ်ငန်းစဉ်ကို အပြီးသတ်နိုင်သည်။ + သတိပေးချက် - အကယ်၍ VeraCrypt ကို ယခု ​ထွက်လိုက်လျှင်၊ နောက်ပါ လုပ်ဆောင်ချက်များကို ပိတ်မည် ဖြစ်သည် -\n\n၁) အထူး ကီးများ\n၂) အလိုလို-အဆုံးသတ်ရန် (ဥပမာ - ခေတ္တ ပိတ်ထားခြင်း၊ လွတ်နေသော host device ဖယ်ရှားခြင်း၊ အချိန်ကုန်ခြင်း၊ အစရှိသဖြင့်...)\n၃) စိတ်ကြိုက် volumes များကို အလိုလို-အစပျိုးခြင်း\n၄) သတိပေးချက်များ (ဥပမာ အားဖြင့် - လျှို့ဝှက် volume ပျက်စီးမှုကို တားမြစ်ရန်)\n \nမှတ်ချက် - အကယ်၍ ​VeraCrypt ကို နောက်ခံ၌ အလုပ်မလုပ်စေလိုပါက၊ ဦးစားပေးချက်များ ၌ရှိ VeraCrypt နောက်ခံ လုပ်ဆောင်ချက်ကို ပိတ်ပါ (လိုအပ်ပါက၊ VeraCrypt အလိုအလျောက် စတင်မှုကို ဦးစားပေးချက်များမှ ပိတ်နိုင်သည်)။\n\n VeraCrypt ကို ထွက်ရန် သေချာသလား? + ထွက်မည်လား? + VeraCrypt ၌ စာဝှက်ခြင်း (သို့) စာဝှက်ဖြည်ခြင်း ပြုလုပ်ရန် ဆုံးဖြတ်ရမည့် အချက်အလက် အလုံ​အလောက် မရှိပါ။ + VeraCrypt ၌ စာဝှက်ခြင်း (သို့) စာဝှက်ဖြည်ခြင်း ပြုလုပ်ရန် ဆုံးဖြတ်ရမည့် အချက်အလက် အလုံ​အလောက် မရှိပါ။\n\nမှတ်ချက် - အကယ်၍ သင်သည် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စက်မတင်မီ အခြေအနေ၌ စာဝှက်ခဲ့လျှင်၊ လုပ်ငန်းစဉ်ကို စာဝှက်ဖြည်ရန် ကို နှိပ်ခြင်းဖြင့် အပြီးသတ်ရန် လိုအပ်သည်။ + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + အခန်းကန့်/volume စာဝှက်ခြင်း လုပ်ငန်းစဉ်ကို ဟန့်တားလိုသလား/ရပ်တန့်လိုသလား?\n\nမှတ်ချက် - Volume ကို အပြည့်အ၀ စာဝှက် မပြီးမချင်း အစပျိုး၍ မရပါ။ စာဝှက်ခြင်း လုပ်ငန်းစဉ်ကို ပြန်စရမည်ဖြစ်ပြီး ၄င်းကို ရပ်တန့်ထားသည့် နေရာမှ ပြန်ဆက်ရမည် ဖြစ်သည်။ ဤသို့ ပြုလုပ်ရန်၊ ဥပမာ အားဖြင့်၊ ပင်မ VeraCrypt ၀င်းဒိုးရှိ မီနူးဘားမှ 'Volumes များ' > 'ဟန့်တားသည့် လုပ်ငန်းစဉ် ပြန်စရန်' ကို ရွေးချယ်ခြင်းဖြစ် လုပ်ဆောင်နိုင်သည်။ + အခန်းကန့်/volume စာဝှက်ခြင်း လုပ်ငန်းစဉ်ကို ဟန့်တားလိုသလား/ရပ်တန့်လိုသလား?\n\nမှတ်ချက် - လုပ်ငန်းစဉ်ကို သင် ပြန်စနိုင်မည် ဖြစ်ပြီး ၄င်းရပ်တန့်ထားသည့် နေရာမှ ပြန်ဆက်ရမည် ဖြစ်သည်။ ဤသို့ ပြုလုပ်ရန်၊ ဥပမာ အားဖြင့်၊ ပင်မ VeraCrypt ၀င်းဒိုးရှိ မီနူးဘားမှ 'Volumes များ' > 'ဟန့်တားသည့် လုပ်ငန်းစဉ် ပြန်စရန်' ကို ရွေးချယ်ခြင်းဖြစ် လုပ်ဆောင်နိုင်သည်။ အကယ်၍ သင်သည် စာဝှက်ခြင်း လုပ်ငန်းစဉ်ကို အမြဲတမ်း အဆုံးသတ်လိုပါက (သို့) နောက်ကြောင်း ပြန်လှည့်လိုပါက၊ 'ကွန်ပျူတာ စနစ်' > 'ကွန်ပျူတာစနစ် အခန်းကန့်/Drive အမြဲတမ်း စာဝှက်​ဖြည်ရန်' ကို ရွေးပါ။ + အခန်းကန့်/volume စာဝှက်ဖြည်ခြင်း လုပ်ငန်းစဉ်ကို ဟန့်တားလိုသလား/ရပ်တန့်လိုသလား?\n\nမှတ်ချက် - လုပ်ငန်းစဉ်ကို သင် ပြန်စနိုင်မည် ဖြစ်ပြီး ၄င်းရပ်တန့်ထားသည့် နေရာမှ ပြန်ဆက်ရမည် ဖြစ်သည်။ ဤသို့ ပြုလုပ်ရန်၊ ဥပမာ အားဖြင့်၊ ပင်မ VeraCrypt ၀င်းဒိုးရှိ မီနူးဘားမှ 'Volumes များ' > 'ဟန့်တားသည့် လုပ်ငန်းစဉ် ပြန်စရန်' ကို ရွေးချယ်ခြင်းဖြစ် လုပ်ဆောင်နိုင်သည်။ အကယ်၍ သင်သည် စာဝှက်ဖြည်ခြင်း လုပ်ငန်းစဉ်ကို နောက်ကြောင်း ပြန်လှည့် (ပြီး စတင် စာဝှက်) လိုပါက၊ 'ကွန်ပျူတာ စနစ်' > 'ကွန်ပျူတာစနစ် အခန်းကန့်/Drive စာဝှက်​ရန်' ကို ရွေးပါ။ + ချို့ယွင်းချက် - ကွန်ပျူတာစနစ်/drive စာဝှက်ခြင်း/စာဝှက်ဖြည်ခြင်း လုပ်ငန်းစဉ်ကို ဟန့်တားရန် မအောင်မြင်ပါ။ + ချို့ယွင်းချက် - ရှင်းလင်းသည့် လုပ်ငန်းစဉ်ကို ဟန့်တားရန် မအောင်မြင်ပါ။ + ချို့ယွင်းချက် - ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ခြင်း/စာဝှက်ဖြည်ခြင်း လုပ်ငန်းစဉ် ပြန်စရန် မအောင်မြင်ပါ။ + ချို့ယွင်းချက် - ရှင်းလင်းသည့် လုပ်ငန်းစဉ် စတင်ရန်မအောင်မြင်ပါ။ + မကိုက်ညီသော ဖြေရှင်းချက်။\n\n\n(ဤအကြောင်းနှင့် ပါတ်သက်၍ ပရိုဂရမ် အမှား တစ်ခုကို သတင်းပို့မည် ဆိုလျှင်၊ ပရိုဂရမ် အမှား သတင်းပေးပို့ချက်၌ အောက်ပါ နည်းပညာဆိုင်ရာ အချက်အလက်များကို ထည့်သွင်းပါ -\n%hs) + ချို့ယွင်းချက် - မျော်လင့်မထားသော အ​ခြေအနေ။\n\n\n(ဤအကြောင်းနှင့် ပါတ်သက်၍ ပရိုဂရမ် အမှား တစ်ခုကို သတင်းပို့မည် ဆိုလျှင်၊ ပရိုဂရမ် အမှား သတင်းပေးပို့ချက်၌ အောက်ပါ နည်းပညာဆိုင်ရာ အချက်အလက်များကို ထည့်သွင်းပါ -\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + သတိပေးချက် - VeraCrypt နောက်ခံ လုပ်ဆောင်ချက်ကို ပိတ်ထားသည်။ VeraCrypt မှ ထွက်ပြီးပါက၊ လျှို့ဝှက် volume ထဲမှ ပျက်စီးမှုကို တားဆီးထားလျှင် သင့်ကို အချက်ပေးမည် မဟုတ်ပါ။\n\nမှတ်ချက် - VeraCrypt အမှိုက်ပုံး အိုင်ကွန်ကို ညာဖက် နှိပ်၊ 'ထွက်ရန်' ကို ရွေးပြီး နောက်ခံ လုပ်ဆောင်ချက်ကို သင် အချိန်မရွေး ပိတ်နိုင်သည်။\n\nVeraCrypt နောက်ခံ လုပ်ဆောင်ချက်ကို ဖွင့်လိုသလား? + ဘာသာစကား အထုပ် ဗားရှင်း - %s + %s အနေဖြင့် အစပျိုးထားသော VeraCrypt volume မှ ဖိုင်စနစ်ကို စစ်ဆေးနေသည်... + %s အနေဖြင့် အစပျိုးထားသော VeraCrypt volume မှ ဖိုင်စနစ်ကို ပြုပြင်ရန် ကြိုးစားနေသည်... + သတိပေးချက် - ဤ volume ကို တရား၀င် စာဝှက်စနစ် အယ်လဂိုရီသမ်ဖြင့် စာဝှက်ထားသည်။\n\n 64-bit-block စာဝှက်စနစ် အယ်လဂိုရီသမ်များ (e.g., Blowfish, CAST-128, or Triple DES) အာလုံးကို ကန့်ကွက်ထားသည်။ ဤ volume ကို နောက်ထွက်မည့် VeraCrypt ဗားရှင်းများဖြင့် အစပျိုးနိုင်မည် ဖြစ်သည်။ သို့သော် ယင်း legacy စာဝှက်စနစ် အယ်လဂိုရီသမ်များ သုံးစွဲမှုအတွက် နောက်ထပ် တိုးမြှင့်ချက်များ ရှိမည် မဟုတ်ပါ။ VeraCrypt volume အသစ်ကို 128-bit-block စာဝှက်စနစ် အယ်လဂိုရီသမ် (ဥပမာ - AES, Serpent, Twofish စသဖြင့်) ဖြင့် ဖန်တီးပြီး ဤ volume မှ ဖိုင်အားလုံးကို volume အသစ်သို့ ပြောင်းရွှေ့ရန် အကြံပြုလိုသည်။ + သင့်ကွန်ပျူတာစနစ်သည် အလိုလို-အစပျိုး volume အသစ်များအတွက် ပြုပြင်ဖန်တီးထားခြင်း မရှိပါ။ Device-အခြေခံ VeraCrypt volumes များကို အစပျိုးရန် မဖြစ်နိုင်ပါ။ အောက်ပါ ညွှန်ကြားချက်ကို လုပ်ဆောင်ပြိး ကွန်ပျူတာစနစ်ကို ပြန်ဖွင့်ခြင်းဖြင့် အလိုလို-အစပျိုးခြင်းကို ဖွင့်ထားနိုင်သည်။\n\nmountvol.exe /E + ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions') ကို ဆက်လက် မလုပ်​ဆောင်မီ အခန်းကန့်/device အတွက် drive အက္ခရာ တစ်ခု သတ်မှတ်ပါ။\n\n၄င်းသည် OS စနစ်၏ တောင်းဆိုချက် တစ်ခု ဖြစ်သည်။ + VeraCrypt volume ကို အစပျိုးရန် + VeraCrypt volume အားလုံးကို အဆုံးသတ်ရန် + VeraCrypt သည် စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်များ မရရှိနိုင်ပါ။ + OS စနစ်ထဲ ၀င်ရောက်မှု ငြင်းပယ်ခံရသည်။\n\n ဖြစ်နိုင်ချ အကြောင်းရင်း - OS စနစ်သည် အချို့ ဖိုင်တွဲများ၊ ဖိုင်များနှင့် devices ကို သင် ရေးသားနိုင်/ဖတ်ရှုနိုင်ရန်အတွက် အရေး/အဖတ် ခွင့်ပြုချက် (သို့မဟုတ် စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်များ) ကို တောင်းဆိုထားသည်။ ပုံမှန်အားဖြင့်၊ စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်များ မရထားသော သုံးစွဲသူကို ၄င်း၏Documents ဖိုင်တွဲကို ဖန်တီးခွင့်၊ ဖတ်ရှုခွင့်၊ ပြုပြင်ခွင့် မရှိပါ။ + ချို့ယွင်းချက် - ဤ drive သည် ထောက်ပံ့မထာသော sector အရွယ်အစားကို သုံးစွဲထားသည်။\n\n လောလောဆယ်၌ 4096 bytes ထက် များသော sectors များကို သုံးစွဲသော drives ပေါ်၌ အခန်းကန့်/device-အခြေခံ volumes များကို ဖန်တီး၍ မရပါ။ သို့သော်၊ ယင်းကဲ့သို့ drives များတွင် ဖိုင်-အခြေခံ volumes (သိမ်းဆည်းခန်းများ) ကို သင် ဖန်တီးနိုင်သည်။ + လောလောဆယ်၌ sector အ​ရွယ်အစား 512 bytes ထက် သုံးစွဲထားသော disk တစ်ခု၌ ကွန်ပျူတာစနစ် တစ်ခုကို စာဝှက်ရန် မဖြစ်နိုင်ပါ။ + VeraCrypt Boot Loader သည် ကွန်ပျူတာစနစ် drive အစပိုင်း (VeraCrypt Boot Loader ကို ၄င်းနေရာ၌ သိမ်းဆည်းရန် လိုအပ်သည်) ၌ နေရာလွတ် အနည်းဆုံး 32 KBytes လိုအပ်သည်။ သို့သော်၊ ဤအနေအထားကို သင့် drive က မပြည့်မီနိုင်ပါ။\n\n ၄င်းကို VeraCrypt ထံ ပရိုဂရမ်အမှား/ပြဿနာ အဖြစ် သတင်းမပို့ပါနှင့်။ ဤပြဿနာကို ဖြေရှင်းရန်၊ သင် disk ကို အခန်း ပြန်ခွဲပြီး နေရာလွတ်၏ ပထမ 32 KBytes ကို ချန်ထားရန် လိုအပ်လာမည် ဖြစ်သည် (များသောအားဖြင့်၊ ပထမ အပိုင်းကို သင် ပယ်ဖျက်ပြီး ပြန်ဖန်တီးရန် လိုအပ်သည်)။ Windows ကို စက်ထဲ ထည့်သွင်းသည့်အခါ ရရှိနိုင်သော Microsoft partition manager ကို အသုံးပြုရန် ကျွန်ုပ်တို့ အကြံပြုလိုသည်။ + သင် ယခု သုံးစွဲနေသော OS ဗားရှင်း၌ ဤအင်္ဂါရပ်ကို ထောက်ပံ့မထားပါ။ + သင် လောလောဆယ် သုံးစွဲနေသော OS ဗားရှင်းပေါ်၌ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ခြင်း ထောက်ပံ့မထားပါ။ + Windows Vista ရှိ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို သင် စာဝှက်ခြင်း မပြုမီ၊ Windows Vista အတွက် Service Pack 1 နှင့် အထက် (ယင်းကဲ့သို့ Service Pack မျိုးကို ဤကွန်ပျူတာစနစ်ထဲ မထည့်သွင်းသေးပါ) ကို သင် ထည့်သွင်းရန် လိုအပ်သည်။\n\nမှတ်ချက် - Windows Vista ၏ Service Pack 1 သည် ကွန်ပျူတာစနစ် boot လုပ်နေစဉ် မှတ်ဉာဏ် အလွတ် လျှော့နည်းမှုကို ဖြစ်ပေါ်စေသော ပြဿနာ တစ်ရပ်ကို ဖြေရှင်းပေးသည်။ + VeraCrypt သည် Service Pack ထည့်သွင်းမထားသော Windows Vista ၌ ကွန်ပျူတာစနစ် အခန်းကန့်/drive စာဝှက်ခြင်းကို ထောက်ပံ့ခြင်း မပြုတော့ပါ။ VeraCrypt ကို အဆင့်မြှင့်တင်ခြင်း မပြုမီ Windows Vista ၏ Service Pack 1 နှင့်အထက်ကို ထည့်သွင်းပါ။ + ချို့ယွင်းချက် - ဤအင်္ဂါရပ်သည် ကွန်ပျူတာစနစ်ထဲ၌ VeraCrypt ကို ထည့်သွင်းရန် တောင်းဆိုထားသည် (သင်သည် VeraCrypt အိတ်ဆောင်စနစ်ကို သုံးစွဲနေသည်)။\n\n VeraCrypt ကို စက်ထဲ ထည့်သွင်းပြီး ထပ်ကြိုးစားပါ။ + သတိပေးချက် - Windows သည် ၄င်းကို boot ထားသည့် နေရာရှိ drive ၌ ထည့်သွင်းထားပုံ မပေါ်ပါ။ ၄င်းကို ထောက်ပံ့မထားပါ။\n\n Windows ကို ၄င်း boot တက်လာသည့် drive ၌ ထည့်သွင်းထားကြောင်း သေချာပါက သင် ဆက်လက် လုပ်ဆောင်နိုင်သည်။\n\nဆက်လုပ်မည်လား? + သင့် ကွန်ပျူတာစနစ်၌ GUID partition table (GPT) တစ်ခု ရှိသည်။ ​​​လောလောဆယ်၌၊ MBR partition table ပါသော drives များကိုသာ ထောက်ပံ့ထားသည်။ + သတိပြုရန် - VeraCrypt Boot Loader ကို သင့် ကွန်ပျူတာစနစ် drive ထဲ၌ ထည့်သွင်းထားပြီး ဖြစ်သည်!\n\n သင့်ကွန်ပျူတာရှိ အခြား လည်ပတ်မှုစနစ်ကို စာဝှက်ထား၍ ဖြစ်မည်။\n\nသတိပေးချက် - လောလောဆယ် သုံးစွဲနေသော ကွန်ပျူတာစနစ်ကို ဆက်လက် စာဝှက်ခြင်းဖြင့် အခြား ကွန်ပျူတာစနစ်(များ)ကို ဖွင့်နိုင်မည်မဟုတ်သကဲ့သို့ သက်ဆိုင်ရာ ဒေတာများကို ရယူနိုင်မည် မဟုတ်ပါ။\n\n ဆက်လုပ်မည်လား? + မူရင်း system loader ကို နဂိုနေရာ ပြန်ထား၍ မရပါ။\n\n VeraCrypt Boot Loade ကို Windows system loader ဖြင့် အစားထိုးရန် VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') သို့မဟုတ် Windows အခွေကို အသုံးပြုပါ။ + မူရင်း system loader ကို Rescue Disk (ဖြစ်နိုင်ချေ အကြောင်းရင် - အရန်သင့် သိမ်းဆည်းဖိုင် ပျောက်ဆုံးခြင်း) ၌ သိမ်းဆည်းမည် မဟုတ်ပါ။ + MBR sector ကို ရေးသာ၍ မရပါ။\n\n သင့် BIOS သည် MBR sector ကို ကာကွယ်ရန် ပြုပြင်ထားပုံပေါ်သည်။ MBR/ဗိုင်းရပ်စ်သတ် ဆော့ဗ်ဝဲ အကာအကွယ်အတွက် သင့် BIOS ချိန်ညှိချက်များကို စစ်ဆေးပါ (စက်ဖွင့်နေစဉ် F2, Delete, သို့မဟုတ် Esc တစ်ခုခုကို နှိပ်ပါ)။ + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + လိုအပ်သော VeraCrypt Boot Loader ဗားရှင်းကို လောလောဆယ် ထည့်သွင်းမထားပါ။ ဤအချက်ကြောင့် အခြား ချိန်ညှိချက်များ သိမ်းဆည်း၍ မရခြင်း ဖြစ်နိုင်သည်။ + မှတ်ချက် - တစ်ခါတစ်ရံ၊ သင့်ကို စောင့်ကြည့်နေသော ပုဂ္ဂိုလ် တစ်စုံတစ်ယောက်သည် သင် VeraCrypt သုံးစွဲနေသည်ကို မသိစေလိုသည့် အခြေအနေမျိုး ရှိလာနိုင်သည်။ အထက်ပါ ရွေးစရာ၌ VeraCrypt boot loader မျက်နှာပြင်ကို စိတ်ကြိုက်ဖန်တီးခြင်းဖြင့် ပြုလုပ်နိုင်သည်။ ပထမ ရွေးစရာကို သင် ဖွင့်ထားပါက၊ boot loader ၌ (စကားဝှက် အမှား ရေးထည့်သည်အခါ၌ပင်) မည်သည့် စာတမ်းမျှ ပေါ်လာမည် မဟုတ်ပါ။ သင့် စကားဝှက်ကို ရေးထည့်နေစဉ် ကွန်ပြူတာသည် "ရပ်တန့်နေ"သယောင် မြင်တွေ့ရမည် ဖြစ်သည်။ သည့်အပြင်၊ ရန်သူကို လမ်းကြောင်းလွှဲစေရန် စိတ်ကြိုက် ရေးထားသော စာတမ်း ပေါ်လာမည် ဖြစ်သည်။ဥပမာ အားဖြင့် - "Missing operating system" (၄င်းသည် Windows boot loader က Windows boot partition ကို မတွေ့သည့်အခါ ပုံမှန် ပြသနေသော စာတမ်းဖြစ်သည်။ သို့သော်၊ အကယ်၍ ရန်သူသည် hard drive ၌ ပါရှိသော အကြောင်းအရာကို စစ်ဆေးလာပါက၊ VeraCrypt boot loader ပါရှိနေသည်ကို သိရှိနိုင်ပါသည်။ + သတိပေးချက် - ဤရွေးစရာကို ဖွင့်ထားပါက၊ VeraCrypt boot loader သည် မည်သည့် စာတမ်း (စကားဝှက် အမှား ရေးထည့်လျှင်လည်း) ကိုမျှ ပြမည် မဟုတ်သည်ကို သတိပြုပါ။ စကားဝှက်ကို သင် ရေးထည့်ချိန်၌ ကွန်ပြူတာသည် "ရပ်တန့်"နေသကဲ့သို့ (တုံ့ပြန်မှုမရှိပဲ​) မြင်တွေ့ရမည် (cursor ရွှေ့လျားမည် မဟုတ်သကဲ့သို့ ကီးတစ်ခုခုကို နှိပ်သည့်အခါ ကြယ်ပွင့် တစ်ခုမျှ မြင်ရမည် မဟုတ်ပါ)။\n\n ဤရွေးစရာကို ဖွင့်ရန် သင် တကယ်အလိုရှိသလား? + သင့် ကွန်ပျူတာစနစ် အခန်းကန့်/drive သည် အပြည့်အ၀ စာဝှက်ထားပုံပေါ်သည်။ + VeraCrypt သည် dynamic disk သို့ အသွင်ပြောင်းထားသော ကွန်ပျူတာစနစ် drive ကို စာဝှက်မပေးနိုင်ပါ။ + ကွန်ပျူတာစနစ် drive ၌ တိုးချဲ့ (ယုတ္တိဆိုင်ရာ) အခန်းကန့်များ ပါရှိသည်။\n\n သင်သည် တိုးချဲ့ (ယုတ္တိဆိုင်ရာ) အခန်းကန့်များ ပါရှိသော ကွန်ပျူတာစနစ် တစ်ခုလုံးကို Windows Vista နှင့် နောက်ထွက် ဗားရှင်းများ၌သာ စာဝှက်နိုင်သည်။ Primary အခန်းကန့်များသာ ပါရှိသော Windows XP ၌၊ ကွန်ပျူတာစနစ် drive တစ်ခုလုံးကို သင် စာဝှက်နိုင်သည်။\n\n မှတ်ချက် - သင်သည် ကွန်ပျူတာစနစ် drive တစ်ခုလုံး အစား ကွန်ပျူတာစနစ် အခန်းကန့်ကို စာဝှက်ပေးနိုင်သည် (ထို့အပြင်၊ drive​ ထဲရှိ ကွန်ပျူတာစနစ် မဟုတ်သော အခန်းကန့်များထဲ၌ အခန်းကန့်-အခြေခံ-VeraCrypt volumes များကို သင် ဖန်တီးနိုင်သည်)။ + သတိပေးချက် - Window XP/2003 ကို အသုံးပြုသည့်အခါ၊ drive ကို စတင် စာဝှက်ပြီးသောအခါ၊ ၄င်းအထဲ၌ တိုးချဲ့ (ယုတ္တိဆိုင်ရာ) အခန်းကန့်များ မဖန်တီးရပေ (primary အခန်းကန့်များကိုသာ ဖန်တီးရမည် ဖြစ်သည်)။ Drive ပေါ်ရှိ တိုးချဲ့ (ယုတ္တိဆိုင်ရာ) အခန်းကန့်များကို စတင် စာဝှက်သည့်အခါ ၄င်းတို့ကို ဖွင့်၍ ရမည် မဟုတ်ပါ (လက်ရှိ drive ၌ ယင်းကဲ့သို့ အခန်းကန့် မရှိ​ပါ)။\n\nမှတ်ချက် - အကယ်၍ ဤကန့်သတ်ချက်ကို လက်မခံနိုင်ပါက၊ နောက်ပြန်သွားပြီး drive တစ်ခုလုံး အစား ကွန်ပျူတာစနစ် အခန်းကန့်ကိုသာ စာဝှက်ရန် သင် ရွေးချယ်နိုင်သည် (ထို့အပြင်၊ drive ပေါ်မှ ကွန်ပျူတာစနစ်မဟုတ်သော အခန်းကန့်များအထဲ၌ အခန်းကန့်-အခြေခံ VeraCrypt volumes များကို သင် ဖန်တီးနိုင်သည်)။\n\n တနည်းအားဖြင့်၊ အကယ်၍ ဤကန့်သတ်ချက်ကို လက်မခံနိုင်ပါက၊ Windows Vista နှင့် နောက်ထွက် Windows ဗားရှင်းများသို့ အဆင့်မြှင့်ရန် စဉ်းစားပါ (Windows Vista နှင့် နောက်ထွက် ဗားရှင်းများ၌သာ တိုးချဲ့/ယုတ္တိဆိုင်ရာ အခန်းကန့်များ ပါ၀င်သော ကွန်ပျူတာစနစ် drive တစ်ခုလုံးကို သင် စာဝှက်နိုင်သည်)။ + သင့် ကွန်ပျူတာစနစ် drive ထဲ၌ standard မဟုတ်သော အခန်းကန့် တစ်ခု ပါရှိသည်။\n\n အကယ်၍ သင်သည် notebook ကို သုံးစွဲနေပါက၊ သင့်ကွန်ပျူတာစနစ် drive ထဲ၌ အထူး ဆယ်တင်ရေး အခန်းကန့် တစ်ခု ပါရှိမည် ဖြစ်သည်။ ကွန်ပျူတာစနစ် drive တစ်ခုလုံးကို (ဆယ်တင်ရေး အခန်းကန့် အပါအ၀င်) စာဝှက်ပြီးနောက်၊ အကယ်၍ သင့် ကွန်ပျူတာစနစ်သည် စနစ်တကျ ပုံစံထုတ် ရေးသားခြင်း မပြုသော BIOS တစ်ခုကို အသုံးပြုနေပါက ၄င်းကို ဖွင့်၍ ရမည် မဟုတ်ပါ။ ကွန်ပျူတာ drive ကို စာဝှက်ခြင်း မပြီးမချင်း မည်သည် ဆယ်တင်ရေး အခန်းကန့်ကိုမျှ သုံးစွဲနိုင်မည် မဟုတ်ပါ။ ထို့ကြောင့်၊ ကွန်ပျူတာစနစ် အခန်းကန့်ကိုသာ စာဝှက်ရန် ကျွန်တော်တို့ အကြံပြုလိုသည်။ + သင့် ကွန်ပျူတာစနစ် drive ၌ standard မဟုတ်သော အခန်းကန့် တစ်ခု ပါရှိသည်။\n\n အကယ်၍ သင်သည် notebook တစ်လုံး သုံးစွဲနေပါက၊ သင့် ကွန်ပျူတာစနစ် drive ၌ အထူး ဆယ်တင်ရေး အခန်းကန့် တစ်ခု ပါရှိမည် ဖြစ်သည်။ ကွန်ပျူတာစနစ် တစ်ခုလုံးကို (ဆယ်တင်ရေး အခန်းကန့် အပါအ၀င်) စာဝှက်ပြီးပါက၊ အကယ်၍ သင့် ကွန်ပျူတာစနစ်သည် စနစ်တကျ ပုံစံထုတ် ရေးသားခြင်း မပြုသော BIOS တစ်ခုကို အသုံးပြုနေပါက ၄င်းကို ဖွင့်၍ ရမည် မဟုတ်ပါ။ ကွန်ပျူတာစနစ် drive ကို စာဝှက်ဖြည်ခြင်း မပြီးမချင်း မည်သည် ဆယ်တင်ရေး အခန်းကန့်ကိုမျှ သုံးစွဲနိုင်မည် မဟုတ်ပါ။ ထို့ကြောင့်၊ ကွန်ပျူတာစနစ် အခန်းကန့်ကိုသာ စာဝှက်ရန် ကျွန်တော်တို့ အကြံပြုလိုသည်။ + သင့် ကွန်ပျူတာစနစ် drive ၌ drive တစ်ခုလုံးကို နေရာယူထားသော အခန်းကန့် တစ်ခု ရှိနေသည်။ ဖြစ်နိုင်ပါက၊ drive တစ်ခုလုံးကို အခန်းကန့် ပတ်လည်ရှိ နေရာလွတ် အ​ပါအ၀င် စာဝှက်ပါက ပို၍ လုံခြုံစိတ်ချရသည်။\n\n ကွန်ပျူတာစနစ် drive တစ်ခုလုံးကို စာဝှက်လိုသလား? + သင့် ကွန်ပျူတာစနစ်ကို ကွန်ပျူတာစနစ်မဟုတ်သော အခန်းကန့်၌ ယာယီဖိုင်များကို သိမ်းဆည်းရန် ပြုပြင်ထားသည်။\n\nယာယီဖိုင်များကို ကွန်ပျူတာစနစ် အခန်းကန့်၌သာ သိမ်းဆည်းထားသည်။ + သင့် သုံးစွဲသူ ပရိုဖိုင်း ဖိုင်များကို ကွန်ပျူတာစနစ် အခန်းကန့်ထဲ၌ သိမ်းဆည်းမထားပါ။\n\n သုံးစွဲသူ ပရိုဖိုင်း ဖိုင်များကို ကွန်ပျူတာစနစ် အခန်းကန့်၌သာ သိမ်းဆည်းနေနိုင်သည်။ + ကွန်ပျူတာစနစ် မဟုတ်သော အခန်းကန့်များ၌ ဆက်သွယ်ရေး ဖိုင်(များ) ရှိသည်။\n\n ဆက်သွယ်ရေး ဖိုင်များသည် ကွန်ပျူတာစနစ် အခန်းကန့်၌သာ တည်ရှိနိုင်သည်။ + Windows အခန်းကန့်၌သာ ဆက်သွယ်ရေး ဖိုင်များကို ဖန်တီးရန် Windows ကို ယခု ပြုပြင်ဖန်တီးမည်လား? \n\n အကယ်၍ 'ဟုတ်ကဲ့' ကို နှိပ်ပါက၊ ကွန်ပျူတာ ပြန်ဖွင့်လာမည် ဖြစ်သည်။ ထို့နောက် VeraCrypt ကို ဖွင့်ပြီး လျှို့ဝှက် OS ကို ပြန်ဖန်တီးပါ။ + သို့မဟုတ်ပါက၊ လျှို့ဝှက် OS စနစ် ငြင်းပယ်နိုင်မှု​ကို တန်ပြန် ထိခိုက်မှု ရှိနိုင်သည်။\n\n မှတ်ချက် - အကယ်၍ ရန်သူသည် ယင်းကဲ့သို့သော (ကွန်ပျူတာစနစ် မဟုတ်သော အခန်းကန့်၌ ရှိသော) ဖိုင်များကို ​စစ်ဆေးပါက၊ သင်သည် ဤအညွှန်းကို လျှို့ဝှက်-နည်းစနစ်-ဖန်တီးမှု စနစ်၌ သုံးစွဲနေသည်ကို သိရှိသွားနိုင်သည် (ဤနည်းဖြင့် သင့် ကွန်ပျူတာ၌ လျှို့ဝှက် OS စနစ် တစ်ခု ရှိနေကြောင်း ညွှန်ပြနိုင်သည်)။ ယင်းကဲ့သို့ ကွန်ပျူတာစနစ် အခန်းကန့်ထဲ၌ သိမ်းဆည်းထားသော ဖိုင်များကို လျှို့ဝှက် OS စနစ် ​ဖန်တီးနေစဉ် VeraCrypt သည် လုံလုံခြုံခြုံ ပယ်ဖျက်သွားမည် ဖြစ်သည်။ + သတိပေးချက် - လျှို့ဝှက် OS ကို ဖန်တီးနေစဉ်၊ (မျက်လှည့် ကွန်ပျူတာစနစ်ကို ဖန်တီးနိုင်ရန်) လက်ရှိ အသုံးပြုနေသော ကွန်ပျူတာစနစ်ကို အပြည့်အ၀ ပြန်လည် ထည့်သွင်းရန် လိုအပ်မည် ဖြစ်သည်။\n\n မှတ်ချက်- လက်ရှိ အသုံးပြုနေသော OS နှင့် ကွန်ပျူတာစနစ် အခန်းကန့်ပါ အကြောင်းအရာ တစ်ခုလုံးကို (လျှို့ဝှက် ကွန်ပျူတာစနစ် ဖန်တီးနိုင်ရန်) လျှို့ဝှက် volume ထဲ၌ ကော်ပီးကူးရမည် ဖြစ်သည်\n\n\n Windows Setup medium (သို့မဟုတ် ၀န်ဆောင်မှု အခန်းကန့် တစ်ခုကို သုံးပြီး) Windows ကို စက်ထဲ သင် ထည့်သွင်းနိုင်မည်လား? + လုံခြုံရေး အကြောင်းများကြောင့်၊ အကယ်၍ လက်ရှိ OS စနစ်သည် activation ပြုလုပ်ရန် လိုအပ်ပါက၊ ၄င်းကို ရှေ့ဆက်မသွားမီ သက်၀င်စေရမည်။ ကွန်ပျူတာ အခန်းကန့်ထဲမှ အကြောင်းအရာများကို လျှို့ဝှက် volume ထဲသို့ ကော်ပီးကူးခြင်းဖြင့် လျှို့ဝှက် OS ကို ဖန်တီးမည် ဖြစ်သည် (အကယ်၍ OS စနစ်ကို activate လုပ်မထားပါက၊ လျှို့ဝှက် OS သည်လည်း သက်၀င်လာမည် မဟုတ်ပါ)။ အသေးစိတ် အ​ချက်အလက်ကို၊ VeraCrypt သုံးစွဲသူ လမ်းညွှန်ရှိ "လျှို့ဝှက် Volumes နှင့် ပါတ်သက်သော လုံခြုရေး လိုအပ်ချက်များနှင့် ကြိုတင်ကာကွယ်မှုများ" အပိုင်းကို ကြည့်ရှပါ။\n\n အရေးကြီးချက် - ရှေ့ဆက် မသွားမီ၊ VeraCrypt သုံးစွဲသူ လမ်းညွှန်ရှိ "လျှို့ဝှက် Volumes နှင့် ပါတ်သက်သော လုံခြုရေး လိုအပ်ချက်များနှင့် ကြိုတင်ကာကွယ်မှုများ" အပိုင်းကို ဖတ်ရှုပါ။\n\n\nလက်ရှိ သုံးစွဲနေသော OS သည် အထက်မှ အခြေအနေနှင့် ကိုက်ညီမှု ရှိသလား? + သင့် ကွန်ပျူတာစနစ်သည် အပို boot အခန်းကန့် တစ်ခုကို အသုံးပြုနေသည်။ VeraCrypt သည် လျှို့ဝှက် OS စနစ်၌ hibernation ပြုလုပ်ခြင်းကို ထောက်ပံ့မထားပါ (မျက်လှည့် ကွန်ပျူတာစနစ်ကို ပြဿနာမရှိပဲ hibernation လုပ်နိုင်သည်)။\n\nBoot အခန်းကန့်ကို မျက်လှည့် စနစ်နှင့် လျှို့ဝှက် စနစ်တို့က အတူတူ သုံးစွဲကြမည် ဖြစ်သည်။ ထို့ကြောင့်၊ hibernation စနစ်မှ ပြန်ဖွင့်သည့်အခါ ဒေတာ​ အယိုအဖိတ်များနှင့် ပြဿနာများ မရှိအောင်၊ VeraCrypt သည် လျှို့ဝှက် စနစ်ကို မျှ​ဝေထားသော boot ၏ အခန်းကန့်ထဲသို့ ရေးသား၍ မရအောင် တားဆီးပေးသည်။\n\n ဆက်လုပ်မည်လား? အကယ်၍ 'မဟုတ်ဘူး' ကို ရွေးချယ်ပါက၊ အပို boot အခန်းကန့်ကို ဖယ်ရှားရန် လမ်းညွှန်ချက်များ တွေ့ရှိရမည် ဖြစ်သည်။ + \nအပို boot အခန်းကန့်ကို Windows မထည့်သွင်းမီ ဖယ်ရှားနိုင်သည်။ ထိုသို့ ပြုလုပ်ရန်၊ အောက်ပါ အဆင့်များကို လိုက်နာပါ -\n\n၁) Windows အခွေကို ဖွင့်ပါ။\n\n၂) Windows ထည့်သွင်းစနစ် မျက်နှာပြင်၌၊ 'Install now' > 'Custom (advanced)' ကို နှိပ်ပါ။\n\n၃) 'Drive Options' ကို နှိပ်ပါ။\n\n၄) ပင်မ ကွန်ပျူတာစနစ် အခန်းကန့်ကို ရွေးပါ။ ၄င်းကို 'Delete' နှိပ်ပြီး 'OK' နှိပ်ပါ။\n\n၅) 'System Reserved' အခန်းကန့်ကို ရွေးပြီး၊ 'Extend' ကို နှိပ်ပါ။ OS စနစ် ထည့်သွင်းမည့် အခန်းကန့်​ အရွယ်အစားကို တိုးမြှင့်လိုက်ပါ။\n\n၆) 'Apply' နှင့် 'OK' ကို နှိပ်ပါ။\n\n၇) Windows ကို 'System Reserved' အခန်းကန့်၌ ထည့်သွင်းပါ။\n\n\nရန်သူက အပို boot အခန်းကန့်ကို ဖယ်ရှားရသည့် အကြောင်းရင်းကို မေးသည့်အခါ၊ သင့်အနေဖြင့် စာဝှက်မထားသော boot အခန်းကန့်ထဲ၌ ဒေတာ ယိုဖိတ်မှု မရှိစေရန် လုပ်ဆောင်ခြင်း ဖြစ်ကြောင်း ဖြေကြားနိုင်သည်။\n\nမှတ်ချက် - ဤစာတမ်းကို အောက်မှ 'Print' ခလုတ် နှိပ်ပြီး ပရင့်ထုတ်နိုင်သည်။ အကယ်၍ ဤစာတမ်းကို သိမ်းထားသည် ဖြစ်စေ၊ ပရင့်ထုတ်သည့် ဖြစ်စေ (သင့်ပရင်တာသည် ၄င်းပရင့်ထုတ်ထားသော မှတ်တမ်းမှတ်ရာများကို ၄င်း၏ အတွင်း drive ထဲ၌ သိမ်းဆည်းမထားပါက)၊ အပို boot အခန်းကန့် (အကယ်၍ ယင်းကော်ပီကို တွေ့ခဲ့လျှင်၊ ဤကွန်ပျူတာ၌ လျှို့ဝှက် OS စနစ် တစ်ခု ​ရှိနေကြောင်း ညွှန်ပြနေမည် ဖြစ်သည်) ကို ဖယ်ရှားပြီးသည့်အခါ ၄င်းကော်ပီးများကို ဖျက်ဆီးပစ်ရမည် ဖြစ်သည်။ + သတိပေးချက် - ကွန်ပျူတာစနစ် အခန်းကန့်နှင့် ပထမ အခန်းကန့်တို့ အကြား၌ မသတ်မှတ်ရသေးသော နေရာရှိသည်။ လျှို့ဝှက် OS စနစ်ကို ဖန်တီးပြီးသောအခါ၊ ယင်း မသတ်မှတ်ရသေးသော နေရာ၌ အခန်းကန့်အသစ် မဖန်တီးရ။ သို့မဟုတ်ပါက၊ (ယင်းကဲ့သို့ အသစ် ဖန်တီးလိုက်သော အခန်းကန့်များကို မဖျက်မချင်း) လျှို့ဝှက် OS စနစ်ကို ဖွင့်၍ မရ ဖြစ်သွားနိုင်သည်။ + ဤအယ်လဂိုရီသမ်၌ လောလောဆယ် ကွန်ပျူတာစနစ် စာဝှက်ခြင်းအတွက် ထောက်ပံ့မပေးပါ။ + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + ကီးဖိုင်များသည် လောလောဆယ် ကွန်ပျူတာစနစ် စာဝှက်ခြင်းအတွက် ထောက်ပံ့မပေးပါ။​ + သတိပေးချက် - VeraCrypt သည် မူရင်း ​ကီးဘုတ် လေးအောက်ကို နဂိုအတိုင်း ပြန်မထားနိုင်ပါ။ ဤအချက်ကြောင့် စကားဝှက်ကို မှားယွင်းစွာ ရေးထည့်မိနိုင်သည်။ + ချို့ယွင်းချက် - VeraCrypt အတွက် ကီးဘုတ် လေးအောက်ကို standard US ကီးဘုတ် လေးအောက် အဖြစ် သတ်မှတ်၍ မရပါ။\n\n US စနစ် မဟုတ်သော ဝင်းဒိုး ကီးဘုတ် လေးအောက် မရနိုင်သည့် နေရာ၌ စက်မတက်ခင် အခြေအနေ (ကွန်ပျူတာ မတက်မီ) တွင် စကားဝှက်ကို ရေးထည့်ရန် လိုအပ်သည်။ ထို့ကြာင့်၊ စကားဝှက်ကို ဝှက်စာကို standard US ကီးဘုတ် လေးအောက် သုံးပြီး အမြဲတမ်း ရေးထည့်ရမည်။ + VeraCrypt သည် ယာယီအားဖြင့် ကီး​ဘုတ် လေးအောက်ကို standard US ကီးဘုတ် လေးအောက်အဖြစ် ပြောင်းလဲထားသောကြောင့်၊ ညာဖက် Alt ကီးကို နှိပ်ထားစဉ် အက္ခရာများကို ရေးထည့်၍ မရပါ။ သို့သော်၊ အက္ခရာ အများစုကို Shift ကီး နှိပ်ထားရင်း သင့်လျော်သော ကီးများကို ရေးထည့်နိုင်သည်။ + VeraCrypt သည် ကီးဘုတ် လေးအောက်ကို ပြောင်းခွင့် မပေးပါ။ + မှတ်ချက် - US မဟုတ်သော ၀င်းဒိုး ကီး​ဘုတ် လေးအောက် မရနိုင်​သော နေရာတွင် စကားဝှက်ကို စက်မတက်မီ အခြေအနေ (၀င်းဒိုး မတက်မီ) တွင် ရေးထည့်ရမည် ဖြစ်သည်။ ထို့ကြောင့်၊ စကားဝှက်ကို standard US ကီးဘုတ် လေးအောက် သုံးပြီး အမြဲတမ်း ရေးထည့်ရမည် ဖြစ်သည်။ သို့သော်၊ ကီးဘုတ် အစစ်ရှိရန် မလိုပါ၊ အကယ်၍ US ကီးဘုတ် လေးအောက် အစစ် မရှိလျှင်လည်း စကားဝှက်ကို လုံခြုံစွာ ရေးထည့်နိုင်ရန် VeraCrypt က အလိုအလျှောက် လုပ်ပေးမည် ဖြစ်သည်။ + အခန်းကန့်/drive ကို စာဝှက်ခြင်း မပြုမီ၊ အောက်ပါ အချက်များကို လုပ်ဆောင်နိုင်ရန် VeraCrypt Rescue Disk (VRD) တစ်ခုကို သင် ဖန်တီးရမည် ဖြစ်သည်။\n\n- အကယ်၍ VeraCrypt Boot Loader ၊ မာစတာကီး (သို့) အခြား အရေးကြီးသော ဒေတာများ ပျက်စီးသွားလျှင်၊ VRD ကို အသုံးပြုပြီး နဂိုဖိုင်များကို ပြန်ထားနိုင်သည် (သို့သော်၊ စကားဝှက် အမှန်ကို သင် ရေးထည့်ရမည် ဖြစ်သည်)။\n\nအကယ်၍ ၀င်းဒိုး ပျက်သွားပြီး ဖွင့်မရပါက၊ VRD သည် ဝင်းဒိုး မစမီ အခန်းကန့်/drive ကို အမြဲတမ်း စာဝှက်ပေးမည် ဖြစ်သည်။\n\n- VRD ထဲ၌ (system loader သို့မဟုတ် boot manager ပါ၀င်သော) ပထမ drive track မှ လက်​ရှိ အကြောင်းအရာအတွက် အရန်သင့် သိမ်းဆည်းချက် တစ်ခု ရှိမည် ဖြစ်သည်။ လိုအပ်ပါက ၄င်းကို နဂိုအတိုင်း ပြန်ထားနိုင်သည်။\n\nVeraCrypt Rescue Disk ISO image ကို အောက်တွင် ​သတ်မှတ်ထားသော နေရာတွင် ဖန်တီးသွားမည် ဖြစ်သည်။ + 'ကောင်းပြီ' ကို နှိပ်ပြီးပါက၊ Microsoft Windows Disc Image Burner ဖွင့်လာမည် ဖြစ်သည်။ VeraCrypt Rescue Disk ISO image ကို စီဒီ (သို့) ဒီဗွီဒီ၌ ကူးရန် ၄င်းကို အသုံးပြုပါ။\n\n အဲဒီနောက်၊ rueCrypt Volume ဖန်တီးမှု အညွှန်းကို ပြန်သွားပြီး ၄င်း၌ပါသော ညွန်ကြားချက်များ အတိုင်း လုပ်ဆောင်ပါ။ + ဆယ်တင်ရေး Disk image ကို ဖန်တီးလိုက်ပြီး ဤဖိုင်ထဲ၌ သိမ်းထားသည် -\n%s\n\n ၎င်းကို ယခုအချိန်၌ စီဒီ/ဒီဗွီဒီထဲ ကူးရန်လိုအပ်သည်။\n\n%ls ဆယ်တင်ရေး Disk ကို ကူးပြီးပါက၊ မှန်မှန်ကန်ကန် ကူးမကူး စစ်ဆေးရန် ရှေ့သို့ ကို နှိပ်ပါ။ + ဆယ်တင်ရေး Disk image ကို ဖန်တီးလိုက်ပြီး ဤဖိုင်ထဲ၌ သိမ်းထားသည် -\n%s\n\n ၎င်းကို ယခုအချိန်၌ စီဒီ/ဒီဗွီဒီထဲ ကူးထားပြီး နောက် အသုံးပြုရန် လုံခြုံသော နေရာ၌ သိမ်းထားပါ။\n\n%ls ဆက်လုပ်ရန် ရှေ့သို့ ကို နှိပ်ပါ။ + အရေးကြီးချက် - ဖိုင်ကို စီဒီ/ဒီဗွီဒီထဲ၌ (သီးသန့်ဖိုင် အဖြစ် မဟုတ်ပဲ) ISO disk image အဖြစ် ရေးကူးရမည်။ လုပ်ဆောင်နည်းနဲ့ပါတ်သက်သော အချက်အလက်မျာကို စီဒီ/ဒီဗွီဒီ ကူးဆော့ဗ်ဝဲရှိ အသုံးပြုနည်း လမ်းညွှန်ကို လေ့လာပါ။ အကယ်၍ သင့်ထံ၌ မရှိပါက၊ အောက်မှ လင့်ခ်ကို သွားပြီး ယင်းကဲ့သို့ အခမဲ့ ဆော့ဗ်ဝဲကို ဒေါင်းလုဒ် ဆွဲယူပါ။\n\n + မိုက်ခရိုဆော့ဗ်ဝဲ ၀င်းဒိုး Disc Image Burner ကို ဖွင့်ရန် + သတိပေးချက် - ယခင်က VeraCrypt ဆယ်တင်ရေး အခွေကို ဖန်တီးခဲ့ပြီး ဖြစ်ပါက၊ ၄င်းကို ကွန်ပျူတာစနစ် အခန်းကန့်/drive အတွက် ပြန်သုံး၍ ရမည် မဟုတ်ပါ၊ အဘယ့်ကြောင့် ဆိုသော်၊ ၄င်းကို အခြား မာစတာကီးအတွက် ဖန်တီးထားသောကြောင့် ဖြစ်သည်။ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို သင် စာဝှက်သည့်အချိန်တိုင်း၊ စကားဝှက် တစ်ခုတည်းကို သင် အသုံးပြုလျှင်လည်း VeraCrypt ဆယ်တင်ရေး အခွေ တစ်ခုကို သင် ဖန်တီးရမည် ဖြစ်သည်။ + ချို့ယွင်းချက် - ကွန်ပျူတာစနစ် စာဝှက်ခြင်း ချိန်ညှိချက်များကို သိမ်းဆည်း၍ မရပါ။ + ကွန်ပျူတာစနစ် စာဝှက်ခြင်း အကြိုစစ်ဆေးချက်ကို မစတင်နိုင်ပါ။ + လျှို့ဝှက် OS စနစ် ဖန်တီးမှု လုပ်ငန်းစဉ် မစတင်နိုင်ပါ။ + ရှင်းလင်းမှု စနစ် + အချို့ သိုလှောင်ရေး မီဒီယာ အမျိုးအစားများ၌၊ ဒေတာကို အခြား ဒေတာများနှင့် ​အစားထိုးသည့်အခါ၊ magnetic force microscopy ကဲ့သို့သော နည်းပညာကို သုံးပြီး အစားထိုးလိုက်သော ဒေတာများကို ပြန်လည် ဆယ်တင်နိုင်သည်။ ဤနေရာ၌ ၄င်းတို့ (VeraCrypt အနေဖြင့် စာဝှက်မထားသော အခန်းကန့် သို့မဟုတ် drive ကို စတင် စာဝှက်သည့်အခါ ပေါ်ပေါက်လာသော) စာဝှက်ထားသည့် ဖြည့်စွတ်ပုံစံဖြင့် အစားထိုးလိုက်သော ဒေတာများလည်း အကျုံး၀င်သည်။ ထို့ကြောင့်၊ အကယ်၍ ရန်သူ တစ်ဦးတစ်ယောက်က သင် စာဝှက်ရန် ရည်ရွယ်ထားသော ဒေတာများကို ဆယ်တင်နိုင်​သည့် နည်းလမ်းများကို အသုံးပြုနိုင်လျှင်၊ ရှင်းလင်းသော စနစ် (လက်ရှိ ဒေတာများ ပျောက်သွားမည် မဟုတ်ပါ) တစ်ခုခုကို သင် ရွေးချယ်နိုင်သည်။ အခန်းကန့်/drive ကို စာဝှက်ပြီးသည့်အခါ ရှင်းလင်းမှု ပြုလုပ်တော့မည် မဟုတ်ပါ။ အခန်းကန့်/drive ကို အပြည့်အ၀ စာဝှက်သည့်အခါ၊ ၄င်းအထဲ၌ စာဝှက်မထားသော ဒေတာများကို ရေးသားခြင်း မပြုပါ။ ၄င်းအထဲ၌ ပထမဦးဆုံး ရေးသားလိုက်သော ဒေတာများကို မှတ်ဉာဏ်ထဲ၌ ချက်ခြင်း စာဝှက်လိုက်ပြီးနောက် (စာဝှက်ထားသော) ဒေတာများကို disk ထဲ၌ ရေးထည့်လိုက်သည်။ + အချို့ သိုလှောင်ရေး မီဒီယာ အမျိုးအစားများ၌၊ ဒေတာကို (ဒေတာများကို ပယ်ဖျက်သည့်အခါ) အခြား ဒေတာများနှင့် ​အစားထိုးသည့်အခါ၊ magnetic force microscopy ကဲ့သို့သော နည်းပညာကို သုံးပြီး အစားထိုးလိုက်သော ဒေတာများကို ပြန်လည် ဆယ်တင်နိုင်သည်။ အချို့သော လေ့လာ ဆန်းစစ်ချက်များနှင့် အစိုးရ ထုတ်ပြန်ချက်များအရ၊ ဒေတာများကို pseudorandom စနစ်နှင့် အချို့ ကျပန်း မဟုတ်သော ဒေတာများကို အကြိမ်ကြိမ် အစားထိုးခြင်းဖြင့် ဒေတာများ ပြန်လည်ဆယ်တင်နိုင်မှုကို တားဆီး (ခက်ခဲစေ) နိုင်သည်။ ထို့ကြောင့်၊ အကယ်၍ ရန်သူ တစ်ဉီးတစ်ယောက်သည် ပယ်ဖျက်​မည့် ဒေတာများကို ဆယ်တင်နိုင်သည့် နည်းလမ်းများကို သုံးစွဲနိုင်လျှင်၊ အကြိမ်ပေါင်း များစွာ ရှင်းလင်းပေးသည့် စနစ် တစ်ခုခုကို ရွေးချယ်ရမည် ဖြစ်သည်။\n\nမှတ်ချက် - အကြိမ်များများ ရွေးလေ၊ ဒေတာ ရှင်းလင်းမှု ကြာလေ ဖြစ်သည်။ + ရှင်းလင်းနေသည် + \n မှတ်ချက် - ရှင်းလင်းသည့် လုပ်ငန်းစဉ်ကို သင် ရပ်ဆိုင်းနိုင်သည်၊ ကွန်ပျူတာကို ပိတ်နိုင်သည်၊ လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို နောက်တစ်ခါ ပြန်​ဖွင့်ပြီး လုပ်ငန်းစဉ် (ဤအညွှန်းကို အလိုအလျောက် စတင်နိုင်သည်) ကို ပြန်စတင်နိုင်သည်။ သို့သော်၊ အကယ်၍ ၄င်းကို ရပ်လိုက်ပါက၊ ရှင်းလင်းသော လုပ်ငန်းစဉ် တစ်ခုလုံး အစမှ ပြန်လည် စတင်မည် ဖြစ်သည်။ + \n\n မှတ်ချက် - အကယ်၍ ရှင်းလင်းသော လုပ်ငန်းစဉ်ကို သင် ရပ်တန့်ပါက၊ ၄င်းကို ပြန်စပါ။ လုပ်ငန်းစဉ် တစ်ခုလုံးကို အစမှ ပြန်လည် စတင်ရမည် ဖြစ်သည်။ + ရှင်းလင်းခြင်း လုပ်ငန်းစဉ်ကို ရပ်ဆိုင်းမည်လား? + သတိပေးချက် - ရွေးချယ်ထားသော အခန်းကန့်/device တစ်ခုလုံးကို ပယ်ဖျက်သွားမည် ဖြစ်ပြီး ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ + မူရင်း ကွန်ပျူတာစနစ် တည်ရှိသော အခန်းကန့်ထဲရှိ အကြောင်းအရာ တစ်ခုလုံးကို ပယ်ဖျက်သွားမည် ဖြစ်သည်။\n\n မှတ်ချက် - ပယ်ဖျက်သွားမည့် အခန်းကန့်ထဲရှိ အကြောင်းအရာ တစ်ခုလုံးကို လျှို့ဝှက် ကွန်ပျူတာစနစ်ထဲသို့ ကော်ပီကူးသွားမည် ဖြစ်သည်။ + သတိပေးချက် - ရှင်းလင်းမှု စနစ် 3-pass (ခေါ် သုံးကြိမ်) ကို ရွေးချယ်လိုက်ပါက၊ အခန်းကန့်/drive ကို စာဝှက်ရန် အချိန် ၄ ဆ ပိုကြာမည် ဖြစ်သည်။ ထိုနည်းတူ၊ အကယ်၍ 35-pass ကို ရွေးပါက ၃၆ ဆ ပိုကြာသွားမည် ဖြစ်သည်။\n\n သို့သော်၊ အခန်းကန့်/drive ကို အပြည့်အ၀ စာဝှက်ပြီးသည့်အခါ ရှင်းလင်းသည့် လုပ်ငန်းကို လုပ်ဆောင်မည် မဟုတ်ပါ။ အခန်းကန့်/drive ကို အပြည့်အ၀ စာဝှက်ပြီးသည့်အခါ၊ ၄င်းအထဲ၌ စာဝှက်မထားသေးသော ဒေတာများကို ရေးသားမည် မဟုတ်ပါ။ ၄င်းအထဲ၌ ရေးသားလိုက်သော ဒေတာ အားလုံးကို ချက်ခြင်း စာဝှက်သွားမည် ဖြစ်ပြီး၊ ထို့နောက်မှ (စာဝှက်ထားသော) ဒေတာများကို disk ထဲ၌ ရေးသားမည် ဖြစ်သည် (ဤနည်းဖြင့် စွမ်းဆောင်ရည်ကို ထိခိုက်မည် မဟုတ်ပါ)။\n\n ရှင်းလင်းမှု စနစ်ကို သုံးစွဲလိုသလား? + ဘာမျှမရွေး (အမြန်ဆုံး) + ၁-ကြိမ် (ကျပန်း ဒေတာ) + ၃-ကြိမ် (US DoD 5220.22-M) + ၇-ကြိမ် (US DoD 5220.22-M) + ၃၅-ကြိမ် ("Gutmann") + 256-pass + OS စနစ် အရေအတွက် + သတိပေးချက် - အတွေ့အကြုံမရှိသေးသော သုံးစွဲသူများသည် ၀င်းဒိုးကို Multi-boot ပြုပြင်ဖန်တီးစနစ်ဖြင့် စာဝှက်ရန် မကြိုးစားသင့်ပါ။\n\n ဆက်လုပ်မည်လား? + လျှို့ဝှက် OS စနစ်ကို ဖန်တီး/သုံးစွဲသည့်အခါ၊ VeraCrypt သည် အောက်ပါ အခြေအနေများနှင့် ကိုက်ညီမှ multi-boot ပြုပြင်ဖန်တီးမှုကကို ထောက်ပံ့ပေးသည် -\n\n- လောလောဆယ် အသုံးပြုနေသော OS စနစ်ကို boot drive ထဲတွင် ထည့်သွင်းရမည် ဖြစ်သည်၊ ၄င်း၌ အခြား OS စနစ်များ ရှိမည် မဟုတ်ပါ။\n\n အခြား drives များ၌ ထည့်သွင်းထားသော OS စနစ်များသည် လောလောဆယ် အသုံးပြုနေသော OS စနစ် ထည့်သွင်းထားသည့် drive ထဲတွင် ရှိသော မည်သည့် boot loader ကို အသုံးမပြုရပါ။\n\n အထက်မှ အခြေအနေများနှင့် ကိုက်ညီသလား? + VeraCrypt သည် လျှို့ဝှက် OS စနစ်ကို ဖန်တီး/သုံးစွဲသည့်အခါ ဤ multi-boot ပြုပြင်ဖန်တီးမှုကို လက်မခံပါ။ + Boot Drive + လက်ရှိ အသုံးပြုနေသော OS စနစ်ကို boot drive ပေါ်တွင် ထည့်သွင်းထားသလား?\n\nမှတ်ချက် - တစ်ခါတစ်ရံ၊ Windows ကို Windows boot loader (boot အခန်းကန့်) ကဲ့သို့ drive တစ်ခုထဲ၌ ထည့်သွင်းမထားပါ။ အကယ်၍ ပြဿနာ ရှိပါက၊ 'မဟုတ်ဘူး' ကို ရွေးပါ။ + လော​လောဆယ်၌ VeraCrypt သည် OS စနစ် ထည့်သွင်းထားသော drive မှ boot မလုပ်သော OS စနစ်ကို စာဝှက်ရန် ထောက်ပံ့​မပေးပါ။ + ကွန်ပျူတာစနစ် Drives အရေအတွက် + OS စနစ် တစ်ခု၌ drives မည်မျှ ပါရှိသနည်း?\n\n မှတ်ချက် - ဥပမာ- ဥပမာ အားဖြင့်၊ သင့် primary drive နှင့် အခြား OS စနစ်ကို secondary drive ထဲ၌ OS စနစ် (Windows, Mac OS X, Linux နှင့်အခြား) ကို ထည့်သွင်းထားလျှင်၊ '၂ (သို့) အထက်' ကို ရွေးချယ်ပါ။ + VeraCrypt သည် OS စနစ် အများ ပါရှိသော drive တစ်ခုလုံးကို စာဝှက်ရန် ထောက်ပံ့မှု မပေးပါ။\n\nဖြစ်နိုင်သော ဖြေရှင်းချက်များ -\n\n အကယ်၍ နောက် ပြန်သွားပြီး ကွန်ပျူတာစနစ် အခန်းကန့် တစ်ခုကို သာ စာဝှက်ရန် ရွေးချယ်ပါက ကွန်ပျူတာ စနစ်ထဲက တစ်ခုကို သင် စာဝှက်နိုင်မည် ဖြစ်သည်။\n\n နောက်တနည်းဖြင့်၊ သင် စာဝှက်လိုသော drive ထဲ၌ ကွန်ပျူတာစနစ် တစ်ခုကိုသာ ချန်ထားပြီး အချို့ ကွန်ပျူတာစနစ်ကို အခြား drives ထဲ၌ ရွေ့သွားပါက၊ drive တစ်ခုလုံးကို သင် စာဝှက်နိုင်မည် ဖြစ်သည်။ + Drive တစ်ခုထဲ၌ ကွန်ပျူတာစနစ် မျိုးစုံ + လက်ရှိ အသုံးပြုနေသော OS စနစ်ကို ထည့်သွင်းထားသော drive ၌ OS စနစ် ဘယ်နှစ်ခု ထည့်သွင်းထားသနည်း။\n\nမှတ်ချက် - ဥပမာ အားဖြင့်၊ အကယ်၍ လက်ရှိ အသုံးပြုနေသော OS စနစ်ကို အခန်းကန့် တချို့ ပါရှိသော drive #0 ထဲ၌ ထည့်သွင်းပါက၊ နောက်ပြီး အကယ်၍ အခန်းကန့် တစ်ခု၌ Windows နှင့် အခြား အခန်းကန့်၌ နောက်ထပ် OS စနစ် (ဥပမာ -Windows, Mac OS X, Linux, စသဖြင့်) ပါရှိပါက၊ ​'ဟုတ်ကဲ့' ကို ရွေးပါ။ + ဝင်းဒိုးမဟုတ်သည့် Boot Loader + The master boot record (MBR) ထဲတွင် (boot manager မဟုတ်သော) non-Windows boot loader ကို ထည့်သွင်းထားသလား?\n\n မှတ်ချက် - ဥပမာ အားဖြင့်၊ ပထမ boot drive လမ်းကြောင့်၌ GRUB, LILO, XOSL ၊ (သို့) အခြား non-Windows boot manager (boot loader) ပါရှိပါက၊ 'ဟုတ်ကဲ့' ကို နှိပ်ပါ။ + Multi-Boot + VeraCrypt သည် လောလောဆယ် Master Boot Record ၌ ထည့်သွင်းထားသော non-Windows boot loader တစ်ခု ရှိသည့်နေရာ၌ multi-boot ပြုပြင်ဖန်တီးခြင်းကို အထောက်အပံ့ ​မပေးပါ။\n\n ဖြစ်နိုင်ချေ ဖြေရှင်းချက်များ -\n\n - အကယ်၍ Windows နှင့် Linux တို့ကို ဖွင့်ရန် boot manager တစ်ခုကို အသုံးပြုပါက၊ boot manager(GRUB) ကို Master Boot Record မှ အခန်းကန့် တစ်ခုသို့ ရွေ့ပြောင်းပါ။ ​ထို့နောက် ဒီအညွှန်းကို စဖွင့်ပြီး ကွန်ပျူတာစနစ် အခန်းကန့်/driveကို စာဝှက်လိုက်ပါ။ VeraCrypt Boot Loader သည် သင့် primary boot manager ဖြစ်လာမည် ဖြစ်ပြီး ၄င်းမှ မူရင်း boot manager (ဥပမာ - GRUB) ကို secondary boot manager အဖြစ် (VeraCrypt Boot Loader မျက်နှာပြင်မှ Esc ကို နှိပ်ခြင်းပြီး) ဖွင့်ပေးနိုင်မည် ဖြစ်သည်။ ထို့နောက် Linux ကို boot လုပ်နိုင်မည် ဖြစ်သည်။ + အကယ်၍ လက်ရှိ သုံးစွဲနေသော OS စနစ်သည် boot အခန်းကန့်ပေါ်တွင် ထည့်သွင်းထားပါက၊ ၄င်းကို စာဝှက်ပြီးသောအခါ၊ အခြား စာဝှက်မထားသော Windows စနစ်(များ)ကို စတင်လိုလျှင်လည်း စကားဝှက်အမှန်ကို ရေးထည့်ရမည် ဖြစ်သည် (၄င်းတို့သည် စာဝှက်ထားသော Windows boot loader/manager တစ်ခုတည်းကို ဝေမျှကြမည် ဖြစ်သောကြောင့် ဖြစ်သည်)။\n\n နောက်တစ်မျိုး အနေနဲ့၊ အကယ်၍ သင် လက်ရှိ သုံးစွဲနေသော OS စနစ်ကို boot အခန်းကန့် (သို့မဟုတ် အကယ်၍ Windows boot loader/manager ကို အခြား ကွန်ပျူတာ စနစ်က အသုံးမပြုပါက) တွင် ထည့်သွင်းမထားပါက၊ ဤကွန်ပျူတာစနစ်ကို စာဝှက်ပြီးနောက်၊ အခြား စာဝှက်မထားသော ကွန်ပျူတာစနစ်(များ)ကို ဖွင့်သည့်အခါ စကားဝှက် အမှန်ကို ​ရေးထည့် မလိုပါ -- စာဝှက်မထားသော ကွန်ပျူတာစနစ်ကို စဖွင့်ရန် Esc ကီးကိုသာ နှိပ်ရမည် ဖြစ်သည် (အကယ်၍ စာဝှက်မထားသော ကွန်ပျူတာစနစ် အများအပြား ရှိပါက၊ VeraCrypt Boot Manager မီနူးမှ သင် ဖွင့်လိုသော ကွန်ပျူတာ စနစ်ကို ရွေးချယ်ရမည် ဖြစ်သည်)။\n\nမှတ်ချက် - ပုံမှန်အားဖြင့်၊ အစောဆုံး ထည့်သွင်းထားသော OS စနစ်ကို boot အခန်းကန့်တွင် ထည့်သွင်းထားသည်။ + Host Protected Area ကို စာဝှက်ခြင်း + Drives များ၏ အဆုံး၌၊ OS စနစ်မှ ဖျောက်ထားသော နေရာ တစ်ခု ရှိသည် (ယင်းနေရာမျိုးကို Host Protected Areas ဟု​ ခေါ်သည်)။ သို့သော်၊ ယင်းနေရာများမှ ဒေတာများကို အခြား ပရိုဂရမ်များက ဖတ်နိုင်၊ ရေးနိုင်သည်။\n\n သတိပေးချက် - အချို့ ကွန်ပျူတာ ထုတ်လုပ်သူများသည် ယင်းနေရာများကို ​ကိရိယာများနှင့် RAID ဒေတာများ၊ ကွန်ပျူတာစနစ် ဆယ်တင်ရေး၊ ကွန်ပျူတာစနစ် တည်ဆောက်ခြင်း၊ ပြဿနာ ရှာဖွေခြင်း၊ (သို့) အခြား ​ရည်ရွယ်ချက်များ သိမ်းဆည်းရန်အတွက် သုံးစွဲနိုင်သည်။ ​ယင်းကဲ့သို့ ကိရိယာများ (သို့) ဒေတာများကို boot မလုပ်ခင်၊ လျှို့ဝှက် နေရာကို စာဝှက်မည် မဟုတ်ပါ (အထက်မှ 'မဟုတ်ဘူး' ကို ရွေးပါ)။\n\n VeraCrypt သည် ကွန်ပျူတာစနစ် drive ၏ အဆုံး၌ လျှို့ဝှက် နေရာ တစ်ခုကို ရှာဖွေပြီး စာဝှက်လိုသလား? + ကွန်ပျူတာ စာဝှက်စနစ် အမျိုးအစား + အကယ်၍ ကွန်ပျူတာစနစ် အခန်းကန့် (သို့) ကွန်ပျူတာစနစ် drive တစ်ခုလုံးကို စာဝှက်လိုလျှင် ဤရွေးစရာကို ရွေးချယ်ပါ။ + တစ်စုံတစ်ယောက်သည် OS စနစ်ကို စာဝှက်ဖြည်ရန် အတင်းအကျပ် တောင်းဆိုလာနိုင်သည်။ ထိုသို့ တောင်းဆိုချက်ကို ငြင်း၍မရသော အ​ခြေအနေများ (ဥပမာ အားဖြင့် - ခြိမ်းခြောက်လာ၍) ရှိလာနိုင်သည်။ အကယ်၍ ဤရွေးစရာကို သင် ရွေးချယ်ပါက၊ ၄င်းတည်​ရှိနေသော နေရာကို ရှိကြောင်း မပြနိုင်သည့် လျှို့ဝှက် OS စနစ်ကို (အချို့ လမ်းညွှန်ချက်များကို လိုက်နာပြီး)သင် ဖန်တီးနိုင်လိမ့်မည် ဖြစ်သည်။ ဤနည်းဖြင့်၊ လျှို့ဝှက် OS စနစ်ကို စာဝှက်ဖြည်ရန် မလို (သို့) စကားဝှက် ဖေါ်ပြစရာ လိုမည် မဟုတ်ပါ။ အသေးစိတ် ရှင်းလင်းချက်ကို လေ့လာရန် အောက်ပါ လင့်ခ်ကို နှိပ်ပါ။ + တစ်စုံတစ်ယောက်သည် OS စနစ်ကို စာဝှက်ဖြည်ရန် အတင်းအကျပ် တောင်းဆိုလာနိုင်သည်။ ထိုသို့ တောင်းဆိုချက်ကို ငြင်း၍မရသော အ​ခြေအနေများ (ဥပမာ အားဖြင့် - ခြိမ်းခြောက်လာ၍) ရှိလာနိုင်သည်။ \n\nဤအညွှန်းကို သုံးပြီး၊ ၄င်းတည်​ရှိနေသော နေရာကို ရှိကြောင်း မပြနိုင်သည့် လျှို့ဝှက် OS စနစ်ကို (အချို့ လမ်းညွှန်ချက်များကို လိုက်နာပြီး) သင် ဖန်တီးနိုင်လိမ့်မည်။ ဤနည်းဖြင့်၊ လျှို့ဝှက် OS စနစ်ကို စာဝှက်ဖြည်ရန် မလို (သို့) စကားဝှက် ဖေါ်ပြစရာ လိုမည် မဟုတ်ပါ။ + လျှို့ဝှက် OS စနစ် + အောက်ပါ အဆင့်များတွင်၊ ကွန်ပျူတာစနစ် အခန်းကန့်​ နောက်ကွယ်ရှိ ပထမ အခန်းကန့် အတွင်း၌ (ပြင်ပ နှင့် လျှို့ဝှက်) VeraCrypt volumes နှစ်ခုကို သင် ဖန်တီးရမည် ဖြစ်သည်။ လျှို့ဝှက် volume ထဲ၌ လျှို့ဝှက် OS စနစ် ရှိမည် ဖြစ်သည်။ VeraCrypt သည် ကွန်ပျူတာစနစ် အခန်းကန့် (လက်ရှိ OS စနစ် လည်ပတ်နေသော နေရာ) ၏ အကြောင်းအရာများကို လျှို့ဝှက် volume ထဲသို့ ကော်ပီကူးပြီး လျှို့ဝှက် OS စနစ်ကို ဖန်တီးပေးလိမ့်မည်။ ပြင်ပ volume ၌ သင် အမှန်တကယ် ဝှက်ထားစရာ မလိုအပ်သော အရေးကြီးပုံပေါ်သည့် ဖိုင်များကို ကော်ပီကူးရလိမ့်မည်။ လျှို့ဝှက် OS အခန်းကန့်၏ စကားဝှက်ကို ဖေါ်ပြပေးရန် အတင်းအကျပ် စေခိုင်း ခံရနိုင်သည်။ လျှို့ဝှက် OS အခန်းကန့် အတွင်းရှိ ပြင်ပြ volume ၏ စကားဝှက်ကို သင် ဖေါ်ပြနိုင်သည် (လျှို့ဝှက် OS စနစ်သည် လျှို့ဝှက် ရှိနေမည် ဖြစ်သည်)။\n\n နောက်ဆုံးအနေဖြင့်၊ လက်ရှိ အသုံးပြုနေသော OS စနစ် ၏ ကွန်ပျူတာစနစ် အခန်းကန့်ထဲတွင်၊ မျက်လှည့် OS စနစ်ဟု ခေါ်သော OS စနစ် အသစ် တစ်ခုကို ထည့်သွင်းပြီး၊ ၄င်းကို စာဝှက်ထားပါ။ ၄င်း၌ အရေးကြီးသည့် ဒေတာများ မထားရပါ။ တစ်စုံတစ်ယောက်သည် စက်မတက်မီ စစ်ဆေးအတည်ပြုသော စကားဝှက်ကို ဖေါ်ပြရန် အတင်းအကျပ် တောင်းဆိုလာနိုင်သည်။ မျက်လှည့် OS စနစ်နှင့် ပြင်ပ volume နှစ်ခုစလုံးကို ဖွင့်နိုင်မည် ဖြစ်သည်။ အကယ်၍ သင်သည် တတိယ အချက်ကို သုံးစွဲပါက၊ လျှို့ဝှက် OS စနစ် စဖွင့်လာမည် ဖြစ်သည်။ + လျှို့ဝှက် Sectors များကို ရှာဖွေခြင်း + VeraCrypt သည် ကွန်ပျူတာစနစ် drive ၏ အဆုံးရှိ လျှို့ဝှက် sectors များကို စစ်ဆေးနေစဉ် ​ခဏစောင့်ပါ။ အပြီးသတ်ရန်အတွက် အချိန်အတော် ကြာနိုင်သည်။\n\n မှတ်ချက် - အလွန် ဖြစ်တောင့်ဖြစ်ခဲ အခြေအနေများ၌၊ ကွန်ပျူတာ အချို့သည် ဤစစ်ဆေးမှု လုပ်ဆောင်နေစဉ် တုံပြန်မှု မရှိ ဖြစ်တက်သည်။ ထိုသို့ ဖြစ်လာပါက၊ ကွန်ပျူတာကို ပြန်ဖွင့်ပါ၊ VeraCrypt ကို ဖွင့်ပြီး၊ ယခင်က အဆင့်များကို ထပ်လုပ်ပါ၊ သို့သော် ဤစစ်ဆေးခြင်း လုပ်ငန်းစဉ်ကို ကျော်ပါ။ ဤပြဿနာသည် VeraCrypt ကြောင့်မဟုတ်ကြောင်း သတိပြုပါ။ + စာဝှက်မည့် နေရာ + အကယ်၍ လက်ရှိ အသုံးပြုနေသော Windows စနစ်ရှိ drive တစ်ခုလုံးကို စာဝှက်လိုပါက၊ ဤရွေးစရာကို ရွေးချယ်ပါ။ Drive တစ်ခုလုံး အပါအဝင်၊ ၄င်း၏ အခန်းကန့် အားလုံးကို၊ VeraCrypt Boot Loader တည်ရှိသည့် ပထမ track မပါပဲ၊ စာဝှက်သွားမည် ဖြစ်သည်။ Drive ထဲ (သို့) Drive ၌ သိမ်းဆည်းထားသော ဖိုင်များကို ရယူလိုသော သူသည် ကွန်ပျူတာစနစ် မဖွင့်မီ စကားဝှက် အမှန်ကို အကြိမ်တိုင်း ရေးထည့်ရမည် ဖြစ်သည်။ အကယ်၍ Windows ကို secondary (သို့) ပြင်ပ drive ၌ ထည့်သွင်း မထားသောကြောင့် ၄င်းအထဲမှ boot လုပ်စရာ မလိုပါက ၄င်းတို့ကို စာဝှက်ရန် ဤရွေးစရာကို အသုံးပြု၍ မရပါ။ + ကျပန်း ဒေတာများကို စု​ဆောင်းနေသည် + ကီးများ ထုတ်လုပ်လိုက်ပြီ + VeraCrypt သည် ကွန်ပြူတာနှင့် ဆက်သွယ်ထားသော စီဒီ/ဒီဗွီဒီ ကူးစက် မတွေ့ရပါ။ VeraCrypt သည် စာဝှက်စနစ် ကီးများ၊ VeraCrypt boot loader ၊ မူရင်း system loader စသည်တို့၏ အရန်သင့် သိမ်းဆည်းချက် တစ်ခု ပါရှိသော ootable VeraCrypt Rescue Disk တစ်ခုကို CD/DVD burner ဖြင့် ကူးရန် လိုအပ်နေသည်။\n\n သင့်အနေဖြင့် VeraCrypt Rescue Disk ပြုလုပ်ထားရန် အထူး တိုက်တွန်းလိုသည်။ + ကျွန်ုပ်ထံ CD/DVD burner မရှိပါ၊ သို့ရာတွင် Rescue Disk ISO image ကို ဖြုတ်တပ်နိုင်သော drive တစ်ခုတွင် သိမ်းဆည်းထားမည် (ဥပမာ - USB flash drive) + CD/DVD ကူးစက် တစ်ခုကို ကွန်ပျူတာဖြင့် နောက်မှ တပ်ဆင်ထားပါမည်။ လုပ်ငန်းစဉ်ကို ယခု အဆုံးသတ်လိုက်ပါ။ + CD/DVD ကူးစက်သည် ကွန်ပြူတာနှင့် ယခု ဆက်သွယ်လိုက်ပြီ။ ဆက်လုပ်ပြီး ဆယ်တင်ရေး အခွေကို ပြုလုပ်ပါ။ + အောက်ပါ အဆင့်များကို လုပ်ဆောင်ပါ -\n\n၁) USB flash drive ကဲ့သို့ ဖြုတ်တပ်နိုင်သော drive တစ်ခုကို သင့် ကွန်ပျူတာနှင့် ချိတ်ဆက်ထားပါ။\n\n၂) VeraCrypt ဆယ်တင်ရေး အခွေ ဖိုင် (%s) ကို ဖြုတ်တပ်နိုင်သော drive ထဲ ကော်ပီးကူးပါ။\n\n နောင်တွင် VeraCrypt ဆယ်တင်ရေး အခွေကို လိုအပ်လာပါက၊ သင့် ဖြုတ်တပ်နိုင်သော drive (VeraCrypt ဆယ်တင်​ရေး အခွေ image) ကို CD/DVD ကူးစက်ပါသည့် ကွန်ပျူတာနှင့် ချိတ်ဆက်ပြီး image ကို စီဒီ/ဒီဗွီဒီထဲ ကVeraCrypt ဆယ်တင်ရေး အခွေကို ပြုလုပ်နိုင်မည် ဖြစ်သည်။ အရေးကြီးချက် - VeraCrypt ဆယ်တင်ရေး အခွေကို CD/DVD ထဲသို့ (သီးသန့်ဖိုင် မဟုတ်ပဲ) ISO disk image တစ်ခု အဖြင့် ကူးယူရမည် ဖြစ်သည်။ + ဆင်တင်ရေး အခွေ ပြုလုပ်ခြင်း + ဆင်တင်ရေး အခွေ ပြုလုပ်နေသည် + ကွန်ပျူတာစနစ် စာဝှက်ခြင်း ကြိုတင် စမ်းသပ်မှု + ဆယ်တင်ရေး အခွေ စစ်ဆေးပြီ + \n VeraCrypt ဆယ်တင်ရေး အခွေကို အောင်မြင်စွာ စစ်ဆေးလိုက်ပြီ။ ၄င်းကို drive ထဲမှ ယခု ဖယ်ရှားလိုက်ပြီး လုံခြုံသော နေရာတွင် သိမ်းထားပါ။\n\n ဆက်သွားရန် ရှေ့သို့ ကို နှိပ်ပါ။ + သတိပေးချက် - နောက်အဆင့်​ သွားစဉ်တွင် VeraCrypt ဆယ်တင်ရေး အခွေသည် drive ထဲ၌ ရှိမည် မဟုတ်ပါ။ သို့မဟုတ်ပါက၊ အဆင့်များကို မှန်မှန်ကန်ကန် ပြီးစီးဖို့ ဖြစ်နိုင်မည် မဟုတ်ပါ။\n\n ၄င်းကို drive ထဲမှ ဖယ်ရှားပြီး လုံခြုံသော နေရာတွင် သိမ်းထားပါ။ ထို့နောက် 'ကောင်းပြီ' ကို နှိပ်ပါ။ + သတိပေးချက် - စက်မတက်ခင် အခြေအနေ (Windows မဖွင့်မီ) ၏ နည်းပညာ ဆိုင်ရာ ကန့်သတ်ချက်များကြောင့်၊ VeraCrypt သည် စက်မတက်ခင် အခြေအနေကို ဖေါ်ပြသော စာတမ်းကို ဒေသဆိုင်ရာ ဘာသာစကားသို့ ပြန်ဆိုနိုင်မည် မဟုတ်ပါ။ VeraCrypt Boot Loader သုံးစွဲသူ မျက်နှာပြင် တစ်ခုလုံးသည် အင်္ဂလိပ် ဘာသာဖြင့် ဖြစ်သည်။\n\n ဆက်လုပ်မည်လား? + သင့် ကွန်ပျူတာစနစ် (သို့) drive ကို စာဝှက်ခြင်း မပြုမီ၊ VeraCrypt သည် အရာအားလုံး ကောင်းကောင်းမွန်မွန် အလုပ်လုပ်မလုပ် စစ်ဆေးမည် ဖြစ်သည်။\n\n စမ်းသပ်ရန် ကို နှိပ်ပြီးသောအခါ၊ လိုအပ်သော အစိတ်အပိုင်းအားလုံးကို စက်ထဲ ထည့်သွင်းသွားမည် ဖြစ်ပြီး သင့်ကွန်ပျူတာကို ပြန်ဖွင့်လာမည် ဖြစ်သည်။ အဲဒီနောက် Windows မဖွင့်မီ မြင်ရသော VeraCrypt Boot Loader မျက်နှာပြင်တွင် စကားဝှက်ကို သင် ရေးထည့်ရမည် ဖြစ်သည်။ Windows စတင်လာသည့်အခါ၊ အကြို စမ်းသပ်ချက်အတွက် ရလဒ်ကို အလိုအ​လျောက် အကြောင်းကြားလာလိမ့်မည်။\n\n အောက်ပါ device ကို ပြုပြင်​သွားမည် ဖြစ်သည် - Drive #%d\n\n\n ဖျက်သိမ်းရန် ကို ယခု နှိပ်လျှင်၊ ဘာမျှ စက်ထဲ ထည့်သွင်းမည် မဟုတ်ပဲ အကြို စမ်းသပ်မှုကိုလည်း လုပ်ဆောင်နိုင်မည် မဟုတ်ပါ။ + အရေးကြီး မှတ်ချက်များ - ဖတ်ရှုပါ/ပရင့်ထုတ်ပါ ('ပုံနှိပ်ရန်' ကို နှိပ်ပါ) -\n\n သင့် ကွန်ပျူတာကို အောင်မြင်စွာ ပြန်ဖွင့်ပြီး Windows ကို မစတင်မချင်း သင့်ဖိုင်များ တစ်ခုကိုမျှ စာဝှက်မည် မဟုတ်ပါ။ ထို့ကြောင့်၊ အကယ်၍ တစ်ခုခု ချို့ယွင်းပါက၊ သင့် ဒေတာများ ပျေက်သွားမည် မဟုတ်ပါ။ သို့ရာတွင်၊ တစ်စုံတစ်ခု မှားယွင်းသွားပါက၊ Windows စတင်သည့်အခါ အခက်အခဲ ရင်ဆိုင်ရနိုင်သည်။ ထို့ကြောင့်၊ သင့်ကွန်ပျူတာ ပြန်ဖွင့်ပြီး Windows မပွင့်လာခဲ့လျှင် လုပ်ဆောင်ရမည့် အချက်ကို အောက်ပါ လမ်းညွှန်ချက်များထဲတွင် ဖတ်ရှု (ဖြစ်နိုင်ပါက ပရင့်ထုတ်) နိုင်သည်။\n\n + Windows မဖွင့်နိုင်ပါက လုပ်ဆောင်ရမည့် အချက်များ\n---------------------------------------------------------\n\nမှတ်ချက် - အကယ်၍ စာဝှက်ခြင်း မစတင်မချင်း ဤညွှန်ကြားချက်များသည် မှန်ကန်မှု ရှိသည်။\n\n- သင့် စကားဝှက် အမှန်ကို ရေးထည့်ပြီးနောက် (သို့မဟုတ် အကယ်၍ စကားဝှက် အမှန်ကို ထပ်ခါ ထပ်ခါ ရေးထည့်သည့်အခါ VeraCrypt က စကားဝှက် မှားနေသည် ဟု ​ပြနေပြီး) Windows မဖွင့်လာလျှင်၊ စိတ်မပျက်ပါနှင့်။ ကွန်ပျူတာကို ပြန်ဖွင့် (စက်ပိတ်ပြီး ပြန်ဖွင့်) ပြီး၊ VeraCrypt Boot Loader မျက်နှာပြင် ပေါ်လာသည့်အခါ၊ သင့် ကီးဘုတ်မှ (အကယ်၍ သင်၌ ကွန်ပျူတာစနစ် အများအပြား ရှိလျှင်၊ စတင်မည့်အရာကို ရွေးပြီး) Esc ကီး ကို နှိပ်ပါ။ ထို့နောက် Windows တက်လာမည် ဖြစ်ပြီး VeraCrypt က စက်မတက်မီ စစ်ဆေးမှု အစိတ်အပိုင်းကို ဖယ်ထုတ်မည် မဖယ်ထုတ်မည်ကို မေးမြန်းလာလိမ့်မည်။ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ထားပါက ယခင်က အဆင့်များ အလုပ်လုပ်မည် မဟုတ်ပါ (မည်သူမဆို ယခင်က အဆင့်များကို လိုက်နာသည် ဖြစ်စေ စကားဝှက် မမှန်ပါက drive ထဲက Windows ကို ဖွင့်နိုင်မည် မဟုတ်သကဲ့သို့ စာဝှက်ထားသော ဒေတာများကို ရယူနိုင်မည် မဟုတ်ပါ)။\n\n + - အကယ်၍ ယခင်က အဆင့်များသည် အလုပ်မဖြစ်ပါက (သို့) VeraCrypt Boot Loader မျက်နှာပြင်ကို (Windows မစခင်) မတွေ့ရပါက၊ VeraCrypt ဆယ်တင်ရေး ​အခွေကို CD/DVD drive ထဲ ထည့်ပြီး သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။ အကယ်၍ VeraCrypt ဆယ်တင်ရေး အခွေ ပေါ်မလာပါက (သို့မဟုတ်၊ VeraCrypt ဆယ်တင်ရေး အခွေ မျက်နှာပြင်၏'Keyboard Controls' ၌ 'Repair Options'ကို မမြင်ရပါက)၊ သင့် BIOS ကို hard disk မှ စက်တက်ရန် ပြုလုပ်ထားခြင်းကြောင့် ဖြစ်နိုင်သည်။ ဤအချက်သည် ပြဿနာ တစ်ရပ် ဖြစ်လာပါက၊ သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ၊ (BIOS စတက်လာသည့် မျက်နှာပြင်ကို မြင်ရသည့်အခါ) F2 (သို့) Delete ကို နှိပ်ပြီး၊ BIOS ပြုပြင်ဖန်တီးရေး မျက်နှာပြင် ပေါ်လာသည့်အထိ စောင့်ဆိုင်းပါ။ အကယ်၍ BIOS ပြုပြင်ဖန်တီးရေး မျက်နှာပြင် မပေါ်လာပါက၊ သင့်ကွန်ပျူတာကို ထပ်မံ ပြန်ဖွင့် (ပြန်ချိန်) ပါ။ BIOS ပြုပြင်ဖန်တီးရေး မျက်နှာပြင် ပေါ်လာသည့်အခါ၊ သင့် BIOS ကို CD/DVD drive မှ ပထမဆုံး တက်လာရန် (လုပ်ဆောင်ပုံနဲ့ ပါတ်သက်သော အချက်အလက်များအတွက်၊ BIOS/motherboard အသုံးပြုနည်း လက်စွဲကို လေ့လာပါ သို့မဟုတ် ကွန်ပျူတာ ရောင်းချသော နေရာ၌ နည်းပညာဆိုင်ရာ ထောက်ပံ့ရေး အဖွဲ့ထံ အကူအညီ တောင်းခံပါ) ပြုပြင်လိုက်ပါ။ ထို့နောက်၊ သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။ ယခုအချိန်တွင် VeraCrypt ဆယ်တင်ရေး အခွေ ပေါ်လာမည် ဖြစ်သည်။ VeraCrypt ဆယ်တင်ရေး အခွေ မျက်နှာပြင်အရောက်တွင်၊ သင့် ကီးဘုတ်မှ F8 ကို နှိပ်ပြီး 'Repair Options' ကို ရွေးပါ။ 'Repair Options' မီနူးမှ၊ 'Restore original system loader' ကို ရွေးပါ။ ထို့နောက် ဆယ်တင်ရေး အခွေကို သင့် CD/DVD drive ထဲမှ ဖယ်ရှားပြီး ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။ Windows သည် ပုံမှန်အတိုင်း ဖွင့်လာမည် ဖြစ်သည်။\n\n + အကယ်၍ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ထားပါက ယခင်က အဆင့်များ အလုပ်လုပ်မည် မဟုတ်ပါ (မည်သူမဆို ယခင်က အဆင့်များကို လိုက်နာပြီး စကားဝှက်အမှန် မရေးထည့်နိုင်ပါက Windows ကို ဖွင့်နိုင်မည် မဟုတ်ပါ (သို့) rive ထဲရှိ စာဝှက်ထားသော ဒေတာများကို ရယူနိုင်မည် မဟုတ်ပါ)။\n\n\nအကယ်၍ သင့် VeraCrypt ဆယ်တင်ရေး အခွေ ပျောက်သွားခြင်း၊ ရန်သူထံ ရောက်သွားခြင်း ဖြစ်လာပါက၊ သူသည် စကားဝှက် အမှန်မပါပဲ ကွန်ပျူတာစနစ် အခန်းကန့် (သို့) drive ကို စာဝှက်ဖြည်နိုင်မည် မဟုတ်ပါ။ + အကြို စမ်းသပ်မှု ပြီးသွားပြီ + အကြို စမ်းသပ်မှု အောင်မြင်စွာ ပြီးစီးသွားပြီ။\n\n သတိပေးချက် - လက်ရှိ ဒေတာများကို စနစ်တကျ စာဝှက်နေစဉ် ရုတ်တရက် မီးပျက်သွားပါက၊ (သို့) VeraCrypt သည် လက်ရှိ ဒေတာများကို အစီအစဉ်တကျ စာဝှက်နေစဉ် ကို ဆော့ဗ်ဝဲ အမှား (သို့) hardware ချို့ယွင်းချက် တစ်ခုခုကြောင့် OS စနစ် ပျက်သွားပါက ​​ဒေတာ တချို့သည် ​ပျက်သွားလိမ့်မည် (သို့) ပျောက်ဆုံးသွားလိမ့်မည်။ ထို့ကြောင့် စာဝှက်ခြင်းမပြုခင်၊ သင် စာဝှက်မည့် ဖိုင်များကို အရန်သင့် သိမ်းဆည်းရန် သတိပြုပါ။ အကယ်၍ မလုပ်ထားပါက၊ ဖိုင်များကို ယခု အရန်သင့် သိမ်းဆည်းလိုက်ပါ (Defer ကို နှိပ်ပြီး၊ ဖိုင်များကို အရန်သင့် သိမ်းဆည်းပါ၊ ထို့နောက် VeraCrypt ကို ထပ်ဖွင့်ပါ၊ စာဝှက်စနစ်ကို စတင်ရန် 'System' > 'Resume Interrupted Process' ကို နှိပ်ပါ)။\n\nအဆင်သင့် ဖြစ်သည့်အခါ၊ စာဝှက်စနစ် စတင်ရန် စာဝှက်ရန် ကို နှိပ်ပါ။ + စာဝှက်ခြင်း (သို့) စာဝှက်ဖေါ်ခြင်း လုပ်ငန်းစဉ်ကို ရပ်တန်းရန် ခေတ္တရပ်နားရန် (သို့) ရွှေ့ဆိုင်းရန် ကို အချိန်မရွေး နှိပ်ပါ၊ ဤအညွှန်းမှ ထွက်ပြီး၊ သင့်ကွန်ပျူတာကို ပြန်ဖွင့်ပါ (သို့) စက်ပိတ်လိုက်ပါ။ ထို့နောက် လုပ်ငန်းစဉ်ကို ပြန်စပါ။ ယခင်က ရပ်တန့်ခဲ့သော နေရာမှ ပြန်စတင်မည် ဖြစ်သည်။ ကွန်ပျူတာစနစ် drive ထဲမှ ဒေတာများကို ရေးသားနေစဉ် (သို့) ဖတ်ရှုနေစဉ် ကွန်ပျူတာစနစ် (သို့) အ​ပ္ပလီကေးရှင်းများ နှေးကွေးမရှိစေရန်၊ VeraCrypt သည် ဒေတာများကို ရေးသားခြင်း (သို့) ဖတ်ရှုခြင်း (အထက်မှ အနေအထားကို ကြည့်ပါ) ပြီးစီးသည့်အခါ စောင့်​ဆိုင်းမည် ဖြစ်ပြီး၊ စာဝှက်ခြင်း (သို့) စာဝှက် ဖေါ်ခြင်းကို အလိုအလျောက် ဆက်လုပ်မည် ဖြစ်သည်။ + \n\n စာဝှက်ခြင်း လုပ်ငန်းစဉ်ကို ရပ်တန့်ရန် ခေတ္တရပ်နားရန်၊ ရွှေ့ဆိုင်းရန် ကို သင် နှိပ်နိုင်သည်။ ဤအညွှန်းကို ပိတ်ပါ၊ သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ (သို့) စက်ပိတ်ပါ။ ထို့နောက် လုပ်ငန်းစဉ်ကို ​ပြန်စပါ။ ၄င်းသည် ယခင်က ရပ်နားထားသည့် နေရာမှ ပြန်စမည် ဖြစ်သည်။ volume ကို အပြည့်အ၀ စာဝှက် မပြီးမချင်း အစပျိုးနိုင်မည် မဟုတ်ပါ။ + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + လျှို့ဝှက် ကွန်ပျူတာစနစ် စတင်နေပြီ + မူလ ကွန်ပျူတာစနစ် + Windows သည် မှတ်တမ်းဖိုင်များ၊ ယာယီဖိုင်များ အမျိုးမျိုးကို (သင် မသိရှိပဲ) ကွန်ပျူတာစနစ် အခန်းကန့်ထဲ၌ ဖန်တီးလေ့ရှိသည်။ RAM ၌ ရှိသော အကြောင်းအရာကိုလည်း hibernation ပြုလုပ်ရာ၌ နေရာ သက်သာစေပြီး ကွန်ပျူတာစနစ် အခန်းကန့်၌ ရှိသော ဖိုင်များကို ဆက်သွယ်ပေးသည်။ ရန်သူ တစ်ဦးတစ်ယောက်သည် သင့် မူရင်း ကွန်ပျူတာစနစ် (မူပွားထားသော လျှို့ဝှက် ကွန်ပျူတာစနစ်ထဲ) ၌ တည်ရှိနေသော အခန်းကန့်ထဲ သိမ်းဆည်းခဲ့သော ဖိုင်များကို စစ်ဆေးပြီး သိရှိသွားနိုင်သည်။ ဥပမာ အားဖြင့်၊ VeraCrypt အညွှန်းကို hidden-system-creation စနစ်ဖြင့် သုံးစွဲနေမှု (ဤနည်းဖြင့် သင့်ကွန်ပျူတာ၌ လျှို့ဝှက် OS ရှိနေကြောင်း ညွှန်​ပြပေးနိုင်သည်)။\n\n ယင်းကဲ့သို့ ပြဿနာမျိုး မဖြစ်ပွားရန်၊ VeraCrypt သည်၊ နောက်တစ်ဆင့်၌၊ မူရင်း ကွန်ပျူတာစနစ် တည်ရှိသော အခန်းကန့်မှ အကြောင်းအရာ တစ်ခုလုံးကို ပယ်ရှင်းပစ်မည် ဖြစ်သည်။ ထို့နောက်၊ ငြင်းပယ်နိုင်မှုကို ​​ရရှိနိုင်ရန်၊ အခန်းကန့်ထဲ၌ ကွန်ပျူတာစနစ် အသစ်တစ်ခုကို သင် ထည့်သွင်းပြီး ၄င်းကို စာဝှက်ရန် လိုအပ်လိမ့်မည်။ ဤ​နည်းဖြင့်၊ မျက်လှည့် ကွန်ပျူတာစနစ်ကို ဖန်တီးပြီး လျှို့ဝှက် OS စနစ် ဖန်တီးမှု လုပ်ငန်းစဉ် ပြီးမြောက်သွားမည် ဖြစ်သည်။ + လျှို့ဝှက် OS စနစ်ကို အောင်မြင်စွာ ဖန်တီးလိုက်ပြီ။ ၄င်းကို စတင် အသုံးမပြုမီ (ငြင်းပယ်နိုင်မှု မ​ရရှိမီ)၊ လက်ရှိ OS စနစ် ထည့်သွင်းထားသော အခန်းကန့်ရှိ အကြောင်းအရာ တစ်ခုလုံးကို (VeraCrypt အသုံးပြုပြီး) လုံခြုံ​စွာ ပယ်ဖျက်ရန် လိုအပ်သည်။ ဤကဲ့သို့ မလုပ်ဆောင်မီ၊ ကွန်ပျူတာကို ပြန်ဖွင့်ရန် လိုအပ်ပြီး၊ (Windows မစမီ ​မြင်ရသော) VeraCrypt Boot Loader မျက်နှာပြင်၌ လျှို့ဝှက် OS စနစ်အတွက် စက်မတင်မီ အတည်ပြု စကားဝှက်ကို ရေးထည့်ပါ။ ထို့နောက်၊ လျှို့ဝှက် ကွန်ပျူတာစနစ် စတင်ပြီးနောက်၊ VeraCrypt အညွှန်းသည် အလိုအလျောက် ပွင့်လာလိမ့်မည်။\n\n မှတ်ချက် - အကယ်၍ လျှို့ဝှက် ကွန်ပျူတာစနစ် ဖန်တီးသည့် လုပ်ငန်းစဉ်ကို ယခု ရပ်ဆိုင်းရန် ရွေးချယ်ပါက၊ လုပ်ငန်းစဉ်ကို သင် ပြန်စနိုင်မည် မဟုတ်ပဲ လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို (VeraCrypt Boot Loader ကို ဖယ်ရှားမည် ဖြစ်သောကြောင့်) ဖွင့်နိုင်မည် မဟုတ်ပါ။ + သင်သည် လျှို့ဝှက် OS စနစ် ဖန်တီးမှု လုပ်ငန်းစဉ် အစီအစဉ်ကို သတ်မှတ်လိုက်ပြီ။ လုပ်ငန်းစဉ် မပြီးစီးသေးပါ။ ၄င်းကို အပြီးသတ်ရန်၊ သင့်ကွန်ပျူတာကို ပြန်ဖွင့်ပြီး (Windows မပွင့်ခင် မြင်ရသော) VeraCrypt Boot Loade မျက်နှာပြင်၌ လျှို့ဝှက် OS စနစ်အတွက် စကားဝှက်ကို ရေးထည့်ပါ။\n\nမှတ်ချက် - လျှို့ဝှက် OS စနစ် ဖန်တီးသော လုပ်ငန်းစဉ်ကို အဆုံးသတ်ရန် သင် ရွေးချယ်ပါက၊ ၄င်းလုပ်ငန်းစဉ်ကို ပြန်စနိုင်တော့မည် မဟုတ်ပါ။ + ကွန်ပျူတာကို ပြန်ဖွင့်ပြီး ဆက်လုပ်ပါ + လျှို့ဝှက် OS စနစ် ဖန်တီးမှု လုပ်ငန်းစဉ်ကို အမြဲတမ်း အဆုံးသတ်ရန် + ယခု ဘာမှ လုပ်ဆောင်ရန်မလိုပဲ နောက်မှ ထပ်မေးပါ + \nအကယ်၍ ဖြစ်နိုင်လျှင်၊ ဤစာတမ်းကို ပရင့်ထုတ်ပါ (အောက်မှ 'ပရင့်ထုတ်ရန်' ကို နှိပ်ပါ)။\n\n\n(စာဝှက်ပြီးနောက်) VeraCrypt ဆယ်တင်ရေး အခွေကို မည်သည့်အခါ မည်ကဲ့သို့ အသုံးပြုမည်နည်း။\n-------------------------------------------------------------------------------------------------------\n\n + ၁။ VeraCrypt ဆယ်တင်ရေး အခွေမှ Boot တက်နည်း\n\nVeraCrypt ဆယ်တင်ရေး အခွေမှ boot တက်ရန်၊ ၄င်းကို CD/DVD drive ထဲ ထည့်ပြီး ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။ အကယ်၍ VeraCrypt ဆယ်တင်ရေး အခွေ ပေါ်မလာပါက (သို့မဟုတ်၊ မျက်နှာပြင်ရှိ 'Keyboard Controls' အခန်း၌ 'Repair Options' ကို မတွေ့ရပါက)၊ BIOS ကို hard drives မှ boot တက်ရန် ပြုပြင်ထားသောကြောင့် ဖြစ်နိုင်သည်။ အကယ်၍ ယင်းသည် ပြဿနာ ဖြစ်လာပါက၊ သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ၊ (BIOS စတက်လာသည့်အချိန်တွင်) F2 (သို့) Delete ကို နှိပ်ပြီး BIOS ပြုပြင်ဖန်တီးရေး မျက်နှာပြင် ပေါ်လာသည့်အထိ စောင့်ဆိုင်းပါ။ အကယ်၍ BIOS ပြုပြင်ဖန်တီးရေး မျက်နှာပြင် ပေါ်မလာပါက၊ ကွန်ပျူတာကို ပြန်ဖွင့် (ပြန်ချိန်) ပြီး F2 (သို့) Delete ကို ထပ်ခါတလဲလဲ ဖိထားပါ။ BIOS ပြုပြင်ဖန်တီးရေး မျက်နှာပြင် ပေါ်လာသည့်အခါ၊ သင့် BIOS ကို CD/DVD drive (ထိုသို့ လုပ်ဆောင်နည်းကို BIOS/motherboard အတွက် အသုံးပြုနည်း လမ်းညွှန်ကို လေ့လာပါ သို့မဟုတ် ကွန်ပျူတာ ရောင်းချသူထံမှ နည်းပညာဆိုင်ရာ အထောက်အပံ့ အဖွဲ့၏ အကူအညီကို ရယူပါ) မှ စတင် boot တက်လာရန် ပြုပြင်လိုက်ပါ။ ထို့နောက် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။ VeraCrypt ဆယ်တင်ရေး အခွေမှ မျက်နှာပြင်ကို မြင်ရ​လိမ့်မည်။ မှတ်ချက် - VeraCrypt ဆယ်တင်ရေး အခွေမှ မျက်နှာပြင်၌၊ သင့် ကီးဘုတ်မှ F8 ကို နှိပ်ပြီး၊ 'Repair Options' ကို ရွေးချယ်နိုင်သည်။\n\n\n + ၂။ (စာဝှက်ပြီးသည့်အခါ) VeraCrypt ဆယ်တင်ရေး အခွေကို သုံးစွဲမည့် အချိန်နှင့် သုံစွဲနည်း\n\n + ၁) အကယ်၍ ကွန်ပျူတာကို စဖွင့်သည့်အခါ VeraCrypt Boot Loader မျက်နှာပြင် တက်မလာပါက (သို့မဟုတ် Windows boot မတက်ပါက)၊ VeraCrypt Boot Loader ပျက်စီးသွား၍ ဖြစ်နိုင်သည်။ VeraCrypt ဆယ်တင်ရေး အခွေကို သုံးပြီး ၎င်းကို နဂိုအတိုင်း ပြန်ထားနိုင်ပြီး စာဝှက်ထားသော သင် ကွန်ပျူတာစနစ်နှင့် ဒေတာများကို ပြန်လည် ရရှိစေနိုင်သည် (သို့သော်၊ စကားဝှက်အမှန်ကို သင် ရေးထည့်ရဦးမည် ဖြစ်သည်)။ ဆယ်တင်ရေး ​အခွေတွင်၊ 'Repair Options' > 'Restore VeraCrypt Boot Loader' ကို ရွေးပါ။ ထို့နောက် လုပ်ဆောင်ချက်ကို အတည်ပြုရန် 'Y' ကို နှိပ်ပါ။ သင့် ဆယ်တင်ရေး အခွေကို CD/DVD drive မှ ထုတ်ပြီး ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။\n\n + ၂) အကယ်၍ သင်သည် စကားဝှက်အမှန်ကို ထပ်ခါတလဲလဲ ရေးထည့်သော်လည်း စကားဝှက် မှားသည့်ဟု​ ဖေါ်ပြပါက၊ မာစတာကီး (သို့) အခြား အရေးကြီး ဒေတာများ ပျက်စီးသွား၍ ဖြစ်နိုင်သည်။ VeraCrypt ဆယ်တင်ရေး အခွေကို သုံးပြီး ၄င်းတို့ကို နဂိုအတိုင်း ပြန်ထားနိုင်ပြီး စာဝှက်ထားသော ကွန်ပျူတာစနစ်နှင့် ဒေတာများကို ပြန်လည် ရယူနိုင်သည် (သို့သော်၊ စကားဝှက်အမှန်ကို သင် ရေးထည့်ရမည် ဖြစ်သည်)။ ဆယ်တင်ရေး အခွေတွင်၊ 'Repair Options' > 'Restore key data' ကို ရွေးချယ်ပါ။ ထို့နောက် စကားဝှက်ကို ရေးထည့်ပြီး၊ လုပ်ဆောင်ချက်ကို အတည်ပြုရန် 'Y' ကို နှိပ်ပါ။ ဆယ်တင်ရေး အခွေကို CD/DVD drive မှ ထုတ်ပြီး သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။\n\n + ၃) အကယ်၍ VeraCrypt Boot Loade ပျက်စီးသွားပါက၊ VeraCrypt ဆယ်တင်ရေး အခွေမှ တိုက်ရိုက် boot တက်ပြီး ၄င်းကို ရှောင်လွှဲနိုင်သည်။ ဆယ်တင်ရေး အခွေကို CD/DVD drive ထဲတွင် ထည့်ပြီး ဆယ်တင်ရေး မျက်နှာပြင်တွင် သင့် စကားဝှက်ကို ရေးထည့်ပါ။\n\n + ၄) အကယ်၍ Windows ပျက်စီးသွားပြီး စက်မတက်နိုင်ပါက၊ VeraCrypt ဆယ်တင်ရေး အ​ခွေကို သုံးပြီးWindows မတက်မီ အခန်းကန့်/drive ကို အမြဲတမ်း စာဝှက်ဖြည်နိုင်သည်။ ဆယ်တင်ရေး အခွေ မျက်နှာပြင်ပေါ်တွင်၊ 'Repair Options' > 'Permanently decrypt system partition/drive' ကို ရွေးပါ။ စကားဝှက် အမှန်ကို ရေးထည့်ပြီး စာဝှက်ဖြည်ခြင်း ပြီးဆုံးသည်အထိ စောင့်ဆိုင်းပါ။ ထို့နောက် သင့် Windows ထည့်သွင်းမှုကို ပြုပြင်ရန် MS Windows setup CD/DVD ဖြင့် boot တက်နိုင်သည်။\n\n + မှတ်ချက် - တစ်နည်းအားဖြင့်၊ Windows ပျက်စီးသွားပြီး (ဖွင့်မရ) ၄င်းကို (ဖိုင်များကို ရယူရန်) ပြုပြင်ရန် လိုအပ်ပါက၊ အောက်ပါ အဆင့်များဖြင့် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်မဖြည်နိုင်ရန် ရှောင်ရှားနိုင်သည် - အကယ်၍ သင့် ကွန်ပျူတာ၌ OS စနစ် မျိုးစုံ ထည့်သွင်းထားပါက၊ ၄င်းကို စက်မတက်မီ ကြိုတင် စစ်ဆေးစရာမလိုပဲ boot တက်နိုင်သည်။ အကယ်၍ သင့်ကွန်ပျူတာတွင် OS စနစ် မျိုးစုံ ထည့်သွင်းမထားပါက၊ WinPE (သို့) BartPE CD/DVD မှ boot တက်နိုင်သည်။ သို့မဟုတ် သင့် ကွန်ပျူတာစနစ် drive ကို secondary drive (သို့) ပြင် drive အနေဖြင့် အခြား ကွန်ပျူတာနှင့် ချိတ်ဆက်ပြီး ကွန်ပျူတာ​ထဲတွင် ထည့်သွင်းထာသော OS စနစ်မှ boot တက်လိုက်ပါ။ ကွန်ပျူတာစနစ်ကို boot တက်ပြီးနောက်၊ VeraCrypt ကို ဖွင့်ပါ။ 'Select Device' ကို ရွေးပါ။ ထိခိုက်နေသော ကွန်ပျူတာစနစ် အခန်းကန့်ကို ရွေးပြီး၊ 'OK' နှိပ်ပါ။ 'System' > 'Mount Without Pre-Boot Authentication' ကို ရွေးပြီး၊ စက်မတက်မီ ကြိုတင် အတည်ပြု စကားဝှက်ကို ရေးထည့်ကာ၊ 'OK' ခလုတ်ကို နှိပ်ပါ။ အခန်းကန့်ကို ပုံမှန် VeraCrypt volume အစပျိုးလာလိမ့်မည် (ဒေတာများကို RAM ထဲ၌ ချက်ခြင်း စာဝှက်/စာဝှက်ဖြည်ပေးသွားမည် ဖြစ်သည်)။\n\n\n + အကယ်၍ သင့် VeraCrypt ဆယ်တင်ရေး အခွေ ​ပျောက်ဆုံးသွားပြီး ရန်သူလက်ထဲ ရောက်သွားပါက၊ ကွန်ပျူတာစနစ် အခန်းကန့် (သို့) drive ကို စကားဝှက်အမှန် မပါကဲ စာဝှက်ဖြည်နိုင်မည် မဟုတ်ပါ။ + \n\nအ ရေး ကြီး ချက် -- ဖြစ်နိုင်လျှင် ဤစာတမ်းကို ပရင့်ထုတ်ပါ (အောက်ပါ 'ပရင့်ထုတ်ရန်' ခလုတ်ကို နှိပ်ပါ)။\n\n\nမှတ်ချက် - ဤစာတမ်းသည် မျက်လှည့် ကွန်ပျူတာစနစ်ကို သင် စတင် ဖန်တီးသည်အထိ လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို သင် စဖွင့်သည့်အခါတိုင်း အလိုအလျောက် ပြနေမည် ဖြစ်သည်။\n\n\n + မျက်လှည့် ကွန်ပျူတာစနစ်ကို လုံခြုံစိတ်ချစွာ ဖန်တီးနည်း\n-------------------------------------------------------------\n\nငြင်းပယ်နိုင်မှုကို ရရှိနိုင်ရန်၊ မျက်လှည့် ကွန်ပျူတာစနစ်ကို ယခု သင်ဖန်တီးရန် လိုအပ်သည်။ ထိုသို့ ပြုလုပ်ရန်၊ အောက်ပါ အဆင့်များကို လုပ်ဆောင်ပါ -\n\n + ၁) လုံခြုံရေး အကြောင်းများကြောင့်၊ သင့်ကွန်ပျူတာကို စက်ပိတ်ပြီး မိနစ် အတန်ကြာ မီးပိတ်ထားပါ (ကြာလေ၊ ကောင်းလေ ဖြစ်သည်)။ အရေးကြီး ဒေတာများ ပါရှိသော မှတ်ဉာဏ်ကို ရှင်းလင်းပေးရန် လိုအပ်သည်။ ထို့နောက် ကွန်ပျူတာကို ပြန်ဖွင့်ပါ၊ သို့သော် လျှို့ဝှက် ကွန်ပျူတာစနစ်မှboot မတက်ပါနှင့်။\n\n + ၂) Windows ကို အကြောင်းအရာများ ပယ်ဖျက်လိုက်သည့် အခန်းကန့်ထဲ၌ (ဥပမာ - မူရင်း ကွန်ပျူတာစနစ် တည်ရှိသော အခန်းကန့်တွင်) ထည့်သွင်းပါ။\n\nအရေးကြီးချက် - မျက်လှည့် ကွန်ပျူတာစနစ်ကို စတင် ထည့်သွင်းသည့်အခါ၊ လျှို့ဝှက် ကွန်ပျူတာစနစ်မှ BOOT တက်နိုင်မည် မဟုတ်ပါ (အဘယ်ကြောင့် ဆိုသော် VeraCrypt Boot Loader ကို Windows စနစ် ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်က ပယ်ဖျက်သွားမည် ဖြစ်သည်)။ ၎င်းသည် ပုံမှန်ဖြစ်ပြီး လိုချင်သည့် အချက် ဖြစ်သည်။အထိတ်တလန့် မဖြစ်ပါနှင့်။ မျက်လှည့် ကွန်ပျူတာစနစ်ကို စတင် စာဝှက်သည်နှင့် တပြိုင်နက် လျှို့ဝှက် ကွန်ပျူတာစနစ်မှ BOOT တက်နိုင်မည် ဖြစ်သည်။(အဘယ်ကြောင့်ဆိုသော် TrueCrpyt သည် ကွန်ပျူတာစနစ် drive ထဲတွင် VeraCrypt Boot Loader ကို အလို​အလျောက် ထည့်သွင်းနိုင်မည် ဖြစ်သည်)။\n\nအရေးကြီးချက် - မျက်လှည့် ကွန်ပျူတာစနစ်၏ အရွယ်အစားသည် လျှို့ဝှက် volume ၏ အရွယ်အစားနှင့် အတူတူ ဖြစ်ရမည်။ ထို့နောက်၊ မျက်လှည့် ကွန်ပျူတာစနစ် အခန်းကန့်နှင့် လျှို့ဝှက် ကွန်ပျူတာစနစ် တည်ရှိသော နေရာအ​ကြားတွင် မည်သည့် အခန်းကန့်ကိုမျှ သင် မဖန်တီးရပါ။\n\n + ၃) မျက်လှည့် ကွန်ပျူတာစနစ်မှ Boot တက်ပါ (အဆင့် ၂ ၌ ၄င်းကို သင် ထည့်သွင်းထားပြီး ၄င်း၌ VeraCrypt ကို ထည့်သွင်းထားသည်)။\n\nမျက်လှည့် ကွန်ပျူတာစနစ်၌ အရေးကြီးသော ဒေတာများ မပါရန် သတိပြုပါ။\n\n + ၄) မျက်လှည့် ကွန်ပျူတာစနစ်၌၊ VeraCrypt ကို ဖွင့်ပြီး 'System' > 'Encrypt System Partition/Drive' ကို ရွေးပါ။ VeraCrypt Volume ဖန်တီးမှု အညွှန်း ၀င်းဒိုးပေါ်လာလိမ့်မည်။\n\nအောက်ပါ အဆင့်များသည် VeraCrypt Volume ဖန်တီးမှု အညွှန်းနှင့် ကိုက်ညီသည်။\n\n + ၅) VeraCrypt Volume ဖန်တီးမှု အညွှန်းထဲတွင်၊ 'Hidden' ရွေးစရာကို မရွေးချယ်ပါနှင့်။ 'Normal' ရွေးစရာကို ရွေးထားပြီး 'ရှေ့သို့' ကို နှိပ်ပါ။\n\n + ၆) 'Encrypt the Windows system partition' ရွေးစရာကို ရွေးပြီးနောက်၊ 'ရှေ့သို့' ကို နှိပ်ပါ။\n\n + ၇) အကယ်၍ သင့်ကွန်ပျူတာ၌ လျှို့ဝှက် ကွန်ပျူတာစနစ်နှင့် မျက်လှည့် ကွန်ပျူတာစနစ်ကိုသာ ထည့်သွင်းထားလျှင်၊ ရေးစရာ 'Single-boot' ကို ရွေးပြီး (အကယ်၍ ကွန်ပျူတာစနစ် နှစ်ခုထက် ပို၍ ထည့်သွင်းထားလျှင်၊'Multi-boot' ကို ရွေးချယ်ပါ) 'ရှေ့သို့' ခလုတ်ကို နှိပ်ပါ။\n\n + ၈) အရေးကြီးချက် - ဤအဆင့်၌၊ မျက်လှည့် ကွန်ပျူတာစနစ်အတွက်နှင့် ပါတ်သက်ပြီး၊ လျှို့ဝှက် ကွန်ပျူတာစနစ်အတွက် သင် ရွေးချယ်ခဲ့သော အလားတူ စာဝှက်စနစ် အယ်လဂိုရီသမ်နှင့် HASH အယ်လဂိုရီသမ်တို့ကို သင် ရွေးချယ်ရမည်။ တနည်းအားဖြင့်၊ လျှို့ဝှက် ကွန်ပျူတာစနစ်ထဲ ၀င်နိုင်မည် မဟုတ်ပါ။ တစ်မျိုး ပြောရလျှင်၊ မျက်လှည့် ကွန်ပျူတာစနစ်ကို လျှို့ဝှက် ကွန်ပျူတာစနစ်ကဲ့သို့ အလားတူ အယ်လဂိုရီသမ်ဖြင့် စာဝှက်ထားရမည် ဖြစ်သည်။ မှတ်ရန် - အကြောင်းမှာ မျက်လှည့် ကွန်ပျူတာစနစ်နှင့် လျှို့ဝှက် ကွန်ပျူတာစနစ်တို့သည် အယ်လဂိုရီသမ် တစ်မျိုးတည်းကိုသာ ထောက်ပံ့​ထားသော boot loader တစ်မျိုးတည်းကို သုံးစွဲသူ၏ ရွေးချယ်မှုဖြင့် မျှဝေ သုံးစွဲကြသည် (အယ်လဂိုရီသမ် တစ်ခုစီအတွက်၊ VeraCrypt Boot Loader အထူးဗားရှား တစ်ခု ရှိသည်။)\n\n + ၉) ဤအဆင့်၌၊ မျက်လှည့် OS စနစ်အတွက် စကားဝှက် တစ်ခုကို ရွေးချယ်ပါ။အကယ်၍ ရန်သူ တစ်ဦးတစ်ယောက်က စက်မတက်မီ အတည်ပြု စကားဝှက်ကို ဖေါ်ပြရန် အတင်းအကျပ် တောင်းဆိုလာသည့်အခါ ထုတ်ပြနိုင်သည့် စကားဝှက် ဖြစ်သည် (အခြား စကားဝှက်မှာ ပြင်ပ volume အတွက် ဖြစ်သည်)။ တတိယ စကားဝှက် (လျှို့ဝှက် OS စနစ်အတွက် စက်မတက်မီ အတည်ပြု စကားဝှက် ဖြစ်သည်) ကို လျှို့ဝှက် ထားရမည် ဖြစ်သည်။\n\nအရေးကြီးချက် - မျက်လှည့် ကွန်ပျူတာစနစ်အတွက် သင် ရွေးချယ်ထားသော စကားဝှက်သည် လျှို့ဝှက် volume အတွက် သင် ရွေးချယ်ခဲ့သော စကားဝှက်နှင့် ခြားနားရမည် (လျှို့ဝှက် OS စနစ်အတွက်)။\n\n + ၁၀) မျက်လှည့် OS စနစ်ကို စာဝှက်ရန် အညွှန်းထဲ၌ ပါသော ညွန်ကြားချက်အတိုင်း လုပ်ဆောင်ပါ။\n\n\n\n + မျက်လှည့် ကွန်ပျူတာစနစ် ဖန်တီးပြီးနောက်\n-----------------------------------------------\n\nမျက်လှည့် ကွန်ပျူတာစနစ်ကို စာဝှက်ပြီးနောက်၊ လျှို့ဝှက် OS စနစ် ဖန်တီးသည့် လုပ်ငန်းစဉ် တစ်ခုလုံး ပြီးစီးသွားမည် ဖြစ်ပြီး၊ အောက်ပါ စကားဝှက် သုံးမျိုးကို သင် သုံးစွဲနိုင်မည် ဖြစ်သည် - \n\n၁) လျှို့ဝှက် OS စနစ်အတွက် စက်မတက်မီ အတည်ပြု စကားဝှက်။\n\n၂) မျက်လှည် OS စနစ်အတွက် စက်မတက်မီ အတည်ပြု စကားဝှက်။\n\n၃) ပြင်ပ volume အတွက် စကားဝှက်။\n\n + အကယ်၍ လျှို့ဝှက် OS စနစ်ကို သင် စဖွင့်လိုပါက၊ VeraCrypt Boot Loader မျက်နှာပြင်ရှိ လျှို့ဝှက် OS စနစ်၏ စကားဝှက်ကို သင် ရေးထည့်ရန် လိုအပ်သည် (ကွန်ပျူတာ ဖွင့်သည့်အခါ ပေါ်လာသည်)။\n\nအကယ်၍ မျက်လှည့် OS စနစ်ကို စဖွင့်လိုပါက၊ VeraCrypt Boot Loader မျက်နှာပြင်ရှိ မျက်လှည့် OS စနစ်၏ စကားဝှက်ကို သင် ရေးထည့်ရမည် ဖြစ်သည်။\n\nမျက်လှည့် ကွန်ပျူတာစနစ်၏ စကားဝှက်ကို စက်မတက်မီ အတည်ပြု စကားဝှက်ကို ဖေါ်ပြရန် တစ်ဦးတစ်ယောက်က တောင်းဆိုလာပါက ဖွင့်ပြုနိုင်သည်။ လျှို့ဝှက် volume (နှင့် လျှို့ဝှက် OS စနစ်) ၏ တည်ရှိမှုကို ဆက်လက် လျှို့ဝှက်ထားရမည် ဖြစ်သည်။\n\n + တတိယ စကားဝှက် (ပြင်ပ volume အတွက်) ကို ပြင်ပ volume နှင် လျှို့ဝှက် volume (လျှို့ဝှက် OS စနစ် အပါအဝင်) တို့ တည်ရှိသော ကွန်ပျူတာစနစ် အခန်းကန့်​ နောက်ကွယ်ရှိ ပထမ အခန်းကန့်၏ စကားဝှက်ကို ဖေါ်ပြရန် တစ်စုံတစ်ယောက်က အတင်းအကျပ် တောင်းဆိုလာပါက သင် ဖွင့်ပြနိုင်သည်။ လျှို့ဝှက် volume ၏ တည်ရှိမှုကို ဆက်လယ် လျှို့ဝှက်ထားမည် ဖြစ်သည်။\n\n\n + အကယ်၍ ရန်သူ တစ်ဦးတစ်ယောက်ထံ မျက်လှည့် ကွန်ပျူတာစနစ်၏ စကားဝှက်ကို ဖေါ်ပြမိပါက၊ (မျက်လှည့်) ကွန်ပျူတာစနစ် အခန်းခန့် အလွတ်၌ အဘယ်ကြောင့် ကျပန်း ဒေတာများ ရှိနေသနည်းဟု မေးလာလျှင်၊ သင်အနေဖြင့် ဥပမာ အားဖြင့် - "ယခင်က အခန်းကန့်၌ VeraCrypt က စာဝှက်ခဲ့သော ကွန်ပျူတာစနစ် တစ်ခု ရှိခဲ့သည်၊ သို့သော် စက်မတင်မီ အတည်ပြု စကားဝှက် (သို့မဟုတ် ကွန်ပျူတာစနစ် ပျက်သွားပြီး boot မလုပ်တော့ပါ) ကို ကျွန်တော် မေ့သွားသည်။ ထို့ကြောင့် Windows ကို ကျွန်တော် ထပ်သွင်းပြီး အခန်းကန့်ကို စာဝှက်ထားရခြင်း ဖြစ်သည်" ဟူ၍ ဖြေဆိုနိုင်သည်။\n\n\n + အကယ်၍ ညွှန်ကြားချက် အားလုံးကို လိုက်နာပြီး VeraCrypt သုံးစွဲသူ လမ်းညွှန်ရှိ "လျှို့ဝှက် Volumes နှင့် ပါတ်သက်သော လုံခြုံရေး လိုအပ်ချက်များနှင့် ကြိုတင်ကာကွယ်မှုများ" အခန်းထဲ၌ ဖေါ်ပြထားသော ကြိုတင်ကာကွယ်မှုများနှင့် လိုအပ်ချက်များအတိုင်း လိုက်နာလျှင်၊ ပြင်ပ volume ကို အစပျိုးထားခြင်း (သို့) မျက်လှည့် OS စနစ်ကို စာဝှက်ဖြည်ခြင်း သို့မဟုတ် စဖွင့်ခြင်း ပြုလုပ်လျှင်ပင် လျှို့ဝှက် volume နှင့် လျှို့ဝှက် OS စနစ် တည်ရှိကြောင်း သက်သေပြနိုင်မည် မဟုတ်ပေ။\n\nအကယ်၍ ဤစာတမ်းကို ကော်ပီ တစ်ခုကို သိမ်းဆည်းလျှင် (သို့) ပရင့်ထုတ် (ပရင်တာသည် ၄င်းပရင့်ထုတ်ခဲ့သော မှတ်တမ်းမှတ်ရာများကို ၄င်း၏ drive ထဲ၌ သိမ်းဆည်းမထားပါက) ပြီးလျှင်၊ ၄င်းကို မျက်လှည့် ကွန်ပျူတာစနစ်ကို ဖန်တီးပြီး စာတမ်း (အကယ်၍ ယင်းကော်ပီကို တွေ့ရှိပါက၊ ဤကွန်ပျူတာထဲ၌ လျှို့ဝှက် OS စနစ် ရှိနေကြောင်း ညွှန်​ပြနေလိမ့်မည်) ပါ အချက်အလက် အားလုံးကို နားလည်သဘောပေါက်ပါက ဖျက်ဆီးပစ်ပါ။\n\n + သတိပေးချက် - အကယ်၍ လျှို့ဝှက် VOLUME (လုပ်ဆောင်နည်း အချက်အလက်များကို VeraCrypt သုံးစွဲသူ လမ်းညွှန်ရှိ "လျှို့ဝှက် Volumes များကို မပျက်စီးအောင် ကာကွယ်ခြင်း" ကို လေ့လာပါ) ကို သင် ကာကွယ်မထားပါက၊ ပြင်ပ VOLUME (မျက်လှည့် OS စနစ်ကို ပြင်ပ volume ထဲ၌ ထည့်သွင်းမထားပါ) ၌ ရေးသားခြင်း မပြုပါနှင့်။ သို့မဟုတ်ပါက၊ လျှို့ဝှက် VOLUME (နှင့် ၄င်းအထဲ၌ ရှိသော လျှို့ဝှက် OS စနစ်) ကို အစားထိုးမိနိုင်၊ ဖျက်ဆီးမိနိုင်သည်! + OS စနစ် ကိုယ်ပွား + နောက်အဆင့်များတွင်၊ VeraCrypt သည် ကွန်ပျူတာစနစ် အခန်းကန့်ထဲရှိ အကြောင်းအရာများကို လျှို့ဝှက် volume ထဲ ကော်ပီကူးခြင်းဖြင့် လျှို့ဝှက် OS စနစ်ကို ဖန်တီးသွားမည် ဖြစ်သည် (ကော်ပီးကူးနေသည့် ဒေတာများကို မျက်လှည့် OS စနစ်အတွက် အသုံးပြုမည့် ကီးနှင့် မတူသော စာဝှက်စနစ် ကီးတစ်ခုဖြင့် ချက်ခြင်း စာဝှက်ပေးမည် ဖြစ်သည်)။\n\nစက်မတက်မီ အခြေအနေ (Windows မဖွင့်မီ) တွင် လုပ်ငန်းစဉ်ကို လုပ်ဆောင်သွားမည် ဖြစ်ပြီး ပြီးစီးရန် (ကွန်ပျူတာ အခန်းကန့် အရွယ်အစားနှင့် စွမ်းဆောင်ရည်တို့အပေါ် မူတည်ပြီး) အ​ချိန်အတော်ကြာ ယူမည် ဖြစ်သည် - နာရီ အတော်ကြာ (သို့) ရက်အတန်ကြာ ဖြစ်နိုင်သည်။\n\nဤလုပ်ငန်းစဉ်ကို သင် ရပ်ဆိုင်းနိုင်သည်။ ကွန်ပျူတာကို စက်ပိတ်ထားနိုင်သည်။ OS စနစ်ကို စဖွင့်ပြီး လုပ်ငန်းစဉ်ကို ပြန်စနိုင်သည်။ သို့သော်၊ ၄င်းကို ရပ်ဆိုင်းလိုက်ပါက၊ ကွန်ပျူတာစနစ် ကော်ပီ လုပ်ခြင်း လုပ်ငန်းစဉ် တစ်ခုလုံးကို အစမှ ပြန်လည် စတင်ရမည် ဖြစ်သည် (အဘယ်ကြောင့် ဆိုသော် ကွန်ပျူတာစနစ် အခန်းကန့်ရှိ အကြောင်းအရာသည် ကိုယ်ပွား ပြုလုပ်နေစဉ် ပြောင်းလဲမည် မဟုတ်သောကြောင့် ဖြစ်သည်) + လျှို့ဝှက် OS စနစ် ဖန်တီးမှု လုပ်ငန်းစဉ် တစ်ခုလုံးကို ဖျက်သိမ်းရန် အလိုရှိသလား?\n\nမှတ်ချက် - အကယ်၍ ၄င်းကို ယခု ဖျက်သိမ်းပါက လုပ်ငန်းစဉ်ကို ပြန်စနိုင်မည် မဟုတ်ပါ။ + ကွန်ပျူတာစနစ် စာဝှက်ခြင်း အကြို စမ်းသပ်ချက်ကို ဖျက်သိမ်းလိုသလား? + VeraCrypt စနစ် စာဝှက်ခြင်း အကြို စမ်းသပ်ချက် မအောင်မြင်ပါ။ သင် ထပ်မံ ကြိုးစားလိုသလား?\n\nအကယ်၍ 'မဟုတ်ပါ' ကို ရွေးချယ်ပါက၊ စက်မတင်မီ စစ်ဆေးအတည်ပြုချက် အစိတ်အပိုင်းကို ဖယ်ထုတ်သွားမည် ဖြစ်သည်။\n\nမှတ်ချက်များ - \n\n- အကယ်၍ Windows မတက်မီ VeraCrypt Boot Loader က စကားဝှက် ရေးထည့်ရန် မတောင်းပါက၊ သင့် OS စနစ်သည် ၄င်းကို ထည့်သွင်းထားသော drive မှ boot မတက်၍ ဖြစ်မည်။ ဤအချက်အတွက် ပံ့ပိုးမထားပါ။\n\n- အကယ်၍ သင်သည် AES ကို မသုံးပဲ စာဝှက်စနစ် အယ်လဂိုရီသမ် တစ်ခုကို အသုံးပြုပြီး အကြို စမ်းသပ်ချက် မအောင်မြင်ပါက (စကားဝှက် ရေးထည့်သော်လည်း)၊ စနစ်တကျ စီမံရေးသားခြင်း မပြုသော ဒရိုင်ဘာ တစ်ခုကြောင့် ဖြစ်နိုင်သည်။ 'မဟုတ်ပါ' ကို ရွေးပြီး၊ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို ထပ်မံ စာဝှက်ကြည့်ပါ၊ သို့သော် AES စာဝှက်စနစ် အယ်လဂိုရီသမ်ကို အသုံးပြုပါ (၄င်း၌ မှတ်ဉာဏ် လုပ်အပ်ချက် အနိမ့်ဆုံး ရှိသည်)။\n\nဖြစ်နိုင်ချေ အကြောင်းရင်းများနှင့် ဖြေရှင်းချက်များအတွက်၊ https://veracrypt.codeplex.com/wikipage?title=Troubleshooting ကို လေ့လာပါ။ + ကွန်ပျူတာစနစ် အခန်းကန့်/drive သည် (တစ်၀က်တစ်ပိုင်း ဖြစ်စေ၊ အပြည့်အ၀ ဖြစ်စေ) စာဝှက်ထားပုံ မပေါ်ပါ။ + ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို (တစ်၀က်တစ်ပိုင်း ဖြစ်စေ၊ အပြည့်အ၀ ဖြစ်စေ) စာဝှက်ထားသည်။\n\nဆက်လက် မလုပ်ဆောင်မီ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ဖြည်ပါ။ ထိုသို့ ပြုလုပ်ရန်၊ ပင်မ VeraCrypt ၀င်းဒိုးရှိ မီနူးဘားမှ 'System' > 'Permanently Decrypt System Partition/Drive' ကို ရွေးပါ။ + ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို (တစ်၀က်တစ်ပိုင်း ဖြစ်စေ၊ အပြည့်အ၀ ဖြစ်စေ) စာဝှက်ပြီးသည့်အခါ၊ VeraCrypt (သို့ရာတွင် ၄င်းကို အဆင့်မြှင့်နိုင်ပြီး အလားတူ ဗားရှင်းကို ပြန်လည် ထည့်သွင်းနိုင်သည်) ကို အဆင့်လျှော့၍ မရပါ။ + သင့် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို လောလောဆယ် စာဝှက်ခြင်း၊ စာဝှက်ဖြည်ခြင်း၊ (သို့) ပြုပြင်ခြင်း လုပ်ဆောင်နေသည်။ စာဝှက်ခြင်း/စာဝှက်ဖြည်ခြင်း/ပြုပြင်ခြင်း လုပ်ငန်းစဉ်များကို (သို့မဟုတ် ၄င်း ပြီးစီးသည့်အထိ) ဆက်လက် မလုပ်ဆောင်မီ၊ ရပ်ဆိုင်းလိုက်ပါ။ + VeraCrypt Volume ဖန်တီးခြင်း အညွှန်း ဖြစ်စဉ် တစ်ခုသည် လောလောဆယ် ဤကွန်ပျူတာစနစ်တွင် အလုပ်လုပ်နေပြီး ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ရန်/စာဝှက်​ဖြည်ရန် ပြင်ဆင် လုပ်ဆောင်နေသည်။ ဆက်လက် မလုပ်ဆောင်မီ၊ ၄င်းပြီးစီးသည့်အထိ စောင့်ဆိုင်းပါ (သို့) ပိတ်လိုက်ပါ။ အကယ်၍ ၄င်းကို မပိတ်နိုင်ပါက၊ ဆက်လက် မလုပ်ဆောင်မီ သင့်ကွန်ပျူတာကို ပြန်ဖွင့်ပါ။ + ကွန်ပျူတာစနစ် အခန်းကန့်ကို စာဝှက်ခြင်း (သို့) စာဝှက်ဖြည်ခြင်း လုပ်ငန်းစဉ် မပြီးစီးသေးပါ။ ဆက်လက် မလုပ်ဆောင်မီ ၄င်းပြီးစီးသည့်အထိ စောင့်ဆိုင်းပါ။ + ချို့ယွင်းချက် - ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်ခြင်း လုပ်ငန်းစဉ် မပြီးစီးသေးပါ။ ၄င်းကို ပထမဦးစွာ ပြီးစီးရမည် ဖြစ်သသည်။ + ချို့ယွင်းချက် - အခန်းကန့်/volume ကို စာဝှက်သည့် လုပ်ငန်းစဉ် မပြီးစီးသေးပါ။ ၄င်းကို ပထမဦးစွာ ပြီးစီးရမည် ဖြစ်သည်။\n\nမှတ်ချက် - ထိုလုပ်ငန်းစဉ်ကို ပြန်လည် စတင်ရန်၊ VeraCrypt ၏ ပင်မ ၀င်းဒိုးရှိ မီနူးဘားမှ 'Volumes' > 'Resume Interrupted Process' ကို ရွေးပါ။ + စကားဝှက်သည် မှန်ကန်သည်။ VeraCrypt သည် volume ခေါင်းစီးကို အောင်မြင်စွာ စာဝှက်ဖြည်လိုက်ပြီး၊ ဤ volume သည် လျှို့ဝှက် ကွန်ပျူတာစနစ် volume ဖြစ်ကြောင်း စစ်ဆေးတွေ့ရှိသည်။ သို့သော်၊ ဤနည်းဖြင့် လျှို့ဝှက် ကွန်ပျူတာစနစ် volume ၏ ခေါင်းစီးကို မပြုပြင်နိုင်ပါ။\n\nလျှို့ဝှက် ကွန်ပျူတာစနစ် volume ၏ စကားဝှက်ကို ပြောင်းရန်၊ လျှို့ဝှက် volume ၌ရှိသော OS စနစ်ကို boot လုပ်ပါ။ ထို့နောက်၊ VeraCrypt ပင်မ ၀င်းဒိုးရှိ မီနူးဘားမှ 'System' > 'Change Password' ကို ရွေးပါ။\n\n​ခေါင်းစီး ကီး ဆင်းသက်မှု အယ်လဂိုရီသမ်ကို သတ်မှတ်ရန်၊ လျှို့ဝှက် OS စနစ်ကို boot လုပ်ပြီး 'System' > 'Set Header Key Derivation Algorithm' ကို ရွေးပါ။ + VeraCrypt သည် လျှို့ဝှက် ကွန်ပျူတာစနစ် အခန်းကန့်ကို နေရာတကျ စာဝှက်ဖြည်ခြင်းကို ထောက်ပံ့မ​ပေးပါ။\n\nမှတ်ချက် - အကယ်၍ မျက်လှည့် အခန်းကန့်ကို သင် စာဝှက်ဖြည်လိုပါက၊ မျက်လှည့် ကွန်ပျူတာစနစ်ကို boot လုပ်ပါ၊ ထို့နောက် VeraCrypt ပင်မ ဝင်းဒိုးရှိ မီနူးဘားမှ 'System' > 'Permanently Decrypt System Partition/Drive' ကို ရွေးပါ။ + ချို့ယွင်းချက် - မှားနေသော ပါရာမီတာ။ + သင်သည် အခန်းကန့် (သို့) device တစ်ခုကို ရွေးချယ်ခဲ့သည် သို့ရာတါင် သင် ရွေးချယ်လိုက်သော အညွှန်းစနစ်သည် ဖိုင် သိမ်းဆည်းခန်းများအတွက်သာ သင့်လျော်သည်။\n\nအညွန်း စနစ်ကို ပြောင်းလိုသလား? + VeraCrypt ဖိုင် သိမ်းဆည်းခန်းကိုသာ ဖန်တီးလိုသလား? + သင်သည် ကွန်ပျူတာစနစ် အခန်းကန့်/drive (သို့မဟုတ် boot အခန်းကန့်) ကို ရွေးချယ်ခဲ့သည်၊ သို့သော် သင်ရွေးချယ်ခဲ့သော အညွှန်းစနစ်သည် ကွန်ပျူတာစနစ် မဟုတ်သော အခန်းကန့်များ/drives အတွက်သာ သင့်လျှော်သည်။\n\nစက်မတက်မီ စစ်ဆေးအတည်ပြုချက်ကို သင် သတ်မှတ်လိုသလား (ဆိုလိုသည်မှာ Windows boot မတက်မီ/စဖွင့်မီ သင့်စကားဝှက်ကို အကြိမ်တိုင်း ရေးထည့်ရန် လိုအပ်လာမည် ဖြစ်သည်) ထို့နောက် ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို စာဝှက်လိုသလား? + ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို အမြဲတမ်း စာဝှက်ဖြည်လိုသလား? + သတိပေးချက် - အကယ်၍ ကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို အမြဲတမ်း စာဝှက်ဖြည်ပါက၊ စာဝှက်မထားသော ဒေတာများကို ၄င်းအထဲ၌ ရေးသားလိမ့်မည် ဖြစ်သည်။\n\nကွန်ပျူတာစနစ် အခန်းကန့်/drive ကို သင် အမြဲတမ်း စာဝှက်ဖြည်လိုသလား? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + သတိပေးချက် - အကယ်၍ သင်သည် ကွန်ပျူတာစနစ် စာဝှက်ရန်အတွက် ဝှက်စာ အဆင့်ဆင့်ကို အသုံးပြုပါက၊ အောက်ပါ ပြဿနာများကို သင် ရင်ဆိုင်ရနိုင်သည် - \n\n၁) VeraCrypt Boot Loader သည် ပုံမှန်ထက် ပိုကြီးသည်။ ထို့ကြောင့်၊ VeraCrypt Boot Loader ၏ အရန်သင့် သိမ်းဆည်းမှု တစ်ခုအတွက် drive track ထဲ၌ နေရာ အလုံအလောက် မရှိပါ။ ထို့ကြောင့်၊ ၄င်းပျက်စီးသွားသည့်အခါတိုင်း (အချို့ ပရိုဂရမ်များအတွက် မူပိုင်ခွင့် တားဆီးရေး activation လုပ်ငန်းစဉ်ကို စနစ်တကျ စီစဉ်ရေးသားခြင်း မလုပ်​သည့်အချိန်အတွင်း)၊ VeraCrypt Boot Loader ကို boot တက်ရန် (သို့) ပြုပြင်ရန် VeraCrypt ဆယ်တင်ရေး အခွေကို သင် သုံးစွဲရမည် ဖြစ်သည်။\n\n၂) အချို့ ကွန်ပျူတာများ၌ Hibernation မှ ပြန်စရန် အချိန် အတော်ကြာတတ်သည်။\n\nထိုကဲ့သို့ ဖြစ်နိုင်ချေ ပြဿနာများကို အဆင့်ဆင့် မဟုတ်သည့် စာဝှက်စနစ် အယ်လဂိုရီသမ်ကို ရွေးခြင်းဖြင့် တားဆီးနိုင်သည် (ဥပမာ - AES)။\n\nသင်သည် ဝှက်စာ အဆင့်ဆင့်ကို အသုံးပြုမည်လား? + အကယ်၍ ယခင်က ဖေါ်ပြခဲ့သော ပြဿနာများ အချို့ကို သင် တွေ့ကြုံရပါက၊ အခန်းကန့်/drive ကို စာဝှက်ပြီး အဆင့်ဆင့်မဟုတ်သော စာဝှက်စနစ် အယ်လဂိုရီသမ်ကို သုံးကာ ထပ်မံ စာဝှက်ကြည့်ပါ (ဥပမာ - AES)။ + သတိပေးချက် - လုံခြုံစိတ်ချရန်အတွက်၊ VeraCrypt ကို လျှို့ဝှက် OS စနစ်၌ မွမ်းမံခြင်း မပြုမီ မျက်လှည့် OS ၌ ၄င်းကို မွမ်းမံထားရမည်။\n\nထိုသို့ ပြုလုပ်ရန်၊ မျက်လှည့် ကွန်ပျူတာစနစ်ကို boot တက်ပြီး ၄င်းအထဲမှ VeraCrypt ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်ကို ဖွင့်ပါ။ လျှို့ဝှက် ကွန်ပျူတာစနစ်ကို boot တက်ပြီး ၄င်းအထဲမှ ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ်ကို ဖွင့်ပါ။\n\nမှတ်ချက် - မျက်လှည့် ကွန်ပျူတာစနစ်နှင့် လျှို့ဝှက် ကွန်ပျူတာစနစ် တို့သည် boot loader တစ်ခုတည်းကို မျှဝေ သုံးစွဲနေကြသည်။ အကယ်၍ VeraCrypt ကို လျှို့ဝှက် ကွန်ပျူတာစနစ်ထဲ၌သာ အဆင့်မြှင့်ပါက ()၊ မျက်လှည့် ကွန်ပျူတာစနစ်ထဲ VeraCrypt ဒရိုင်ဘာ တစ်ခုနှင့် VeraCrypt အ​ပ္ပလီကေးရှင်းများ ပါရှိမည် ဖြစ်သည်။ ၄င်းတို့၏ဗားရှင်း နံပါတ်များသည် VeraCrypt Boot Loader ၏ ဗားရှင်း နံပါတ်နှင့် ကွာခြားနေမည် ဖြစ်သည်။ ထိုကဲ့သို့ ကွဲပြားခြားနားမှု​ကြောင့် ဤကွန်ပျူတာ၌ လျှို့ဝှက် OS စနစ် တစ်ခု ရှိနေကြောင်း ညွှန်ပြနေနိုင်သည်။\n\nဆက်လက် လုပ်ဆောင်မည်လား? + ဤ OS စနစ်ကို boot တက်စေသည့် VeraCrypt Boot Loader ၏ ဗားရှင်း နံပါတ်သည် ဤကွန်ပျူတာစနစ်၌ ထည့်သွင်းထားသော VeraCrypt ဒရိုဘာ (အပြင် VeraCrypt အပ္ပလီကေးရှင်းများ) နှင့် ကွာခြားနိုင်သည်။ \n\nဤ OS စနစ်၌ VeraCrypt ကို မွမ်းမံရန် VeraCrypt ဆော့ဗ်ဝဲ ထည့်သွင်းစနစ် (၄င်း၏ ဗားရှင်း နံပါတ်သည် VeraCrypt Boot Loader ၏ နံပါတ်နှင့် အတူတူ ဖြစ်သည်) ကို ဖွင့်ပါ။ + ဤ OS စနစ်ကို boot တက်စေသည့် VeraCrypt Boot Loader ၏ ဗားရှင်း နံပါတ်သည် ဤကွန်ပျူတာစနစ်၌ ထည့်သွင်းထားသော VeraCrypt ဒရိုဘာ (အပြင် VeraCrypt အပ္ပလီကေးရှင်းများ) နှင့် ကွာခြားနိုင်သည်။ ဗားရှင်း အဟောင်းများ၌ နောက်ပိုင်း ဗားရှင်းများတွင် ပြုပြင်လိုက်သော ပရိုဂရမ်အမှား ပါရှိနိုင်သည်။\n\nအကယ်၍ သင်သည် VeraCrypt ဆယ်တင်ရေး အခွေမှ boot မတက်ခဲ့ပါက၊ VeraCrypt ကို ပြန်လည် ထည့်သွင်းပါ (သို့) နောက်ဆုံး ဗားရှင်းသို့ အဆင့်မြှင့်ပါ (boot loader ကိုလည်း မွမ်းမံနိုင်သည်)။\n\n အကယ်၍ VeraCrypt ဆယ်တင်ရေး အခွေမှ boot တက်ပါက၊ ၄င်းကို မွမ်းမံပါ ('System' > 'Create Rescue Disk')။ + VeraCrypt Boot Loader ကို အဆင့်မြှင့်လိုက်ပြီး\n\nVeraCrypt ဆယ်တင်ရေး အခွေ အသစ်ကို ဖန်တီးရန် (VeraCrypt Boot Loader ဗားရှင်းအသစ် ပါ၀င်သော) သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပြီးနောက် 'System' > 'Create Rescue Disk' ကို ရွေးချယ်ရန် အထူး အ​ကြံပြုလိုသည်။ + VeraCrypt Boot Loader ကို အဆင့်မြှင့်လိုက်ပြီး\n\nမျက်လှည့် OS စနစ်ကို boot တက်ပြီးနောက် VeraCrypt ဆယ်တင်ရေး အခွေ အသစ်ကို ဖန်တီးရန် (VeraCrypt Boot Loader ဗားရှင်းအသစ် ပါ၀င်သော) သင့် ကွန်ပျူတာကို ပြန်ဖွင့်ပြီးနောက် 'System' > 'Create Rescue Disk' ကို ရွေးချယ်ရန် အထူး အ​ကြံပြုလိုသည်။ + VeraCrypt Boot Loader ကို အဆင့်မြှင့်၍ မရပါ။ + VeraCrypt သည် ကွန်ပျူတာစနစ်၏ drive အရွယ်အစား အမှန်ကို မစစ်ဆေးနိုင်ပါ။ ထို့ကြောင့်၊ OS စနစ် (၄င်းသည် အရွယ်အစား အမှန်ထက် ပိုသေးနိုင်သည်) မှ ထုတ်ပြန်သော အရွယ်အစားကို အသုံးပြုမည် ဖြစ်သည်။ ၄င်းသည် VeraCrypt ၏ ပရိုဂရမ်အမှား တစ်ခု မဟုတ်ပါ။ + သတိပေးချက် - VeraCrypt သည် ဤကွန်ပျူတာစနစ် drive ထဲရှိ လျှို့ဝှက် sectors များကို စစ်ဆေးရန် ကြိုးစားခဲ့ပုံပေါ်သည်။ အကယ်၍ ယခင် စစ်ဆေးမှု လုပ်ငန်းစဉ် အတောအတွင်း ပြဿနာ တစ်စုံတစ်ခု ​ကြုံတွေ့ခဲ့ပါက၊ လျှို့ဝှက် sectors များ စစ်ဆေးခြင်းကို ယခု ကျော်သွားခြင်းဖြင့် ပြဿနာများကို ရှောင်ရှားနိုင်သည်။ အကယ်၍ ဤသို့ ပြုလုပ်ပါက၊ VeraCrypt သည် OS စနစ်မှ ထုတ်ပြန်သော အရွယ်အစားကို အသုံးပြုသွားမည် ဖြစ်သည် (၄င်းသည် drive ၏ အရွယ်အစား အမှန်ထက် ပိုသေးနိုင်သည်)။\n\nဤပြဿနာသည် VeraCrypt ၏ ပရိုဂရမ်အမှား တစ်ခု မဟုတ်ပါ။ + လျှို့ဝှက် sectors များကို စစ်ဆေးခြင်း ကျော်သွားရန် (OS စနစ်မှ ထုတ်ပြန်သော အရွယ်အစားကို သုံးစွဲရန်) + လျှို့ဝှက် sectors များ ထပ်မံ စစ်ဆေးရန် + ချို့ယွင်းချက် - Disk ၌ ရှိသော sectors များ၏ အကြောင်းအရာကို မဖတ်နိုင်ပါ (စက်ပိုင်းဆိုင်ရာ ပျက်စီးမှုကြောင့် ဖြစ်သည်)။\n\nSectors များကို ဖတ်ရှုနိုင်အောင် လုပ်ဆောင်သည့်အခါမှသာ အစီအစဉ်တကျ စာဝှက်ခြင်း လုပ်ငန်းစဉ်ကို လုပ်ဆောင်နိုင်သည်။ Sectors ထဲ၌ သုညများကို ရေးသားခြင်းဖြင့် VeraCrypt သည် ယင်း sectors များကို ဖတ်ရှုနိုင်အောင် လုပ်ဆောင်နိုင်သည် (နောက်ဆက်တွဲ​အနေဖြင့်၊ ယင်းသုည blocks များ အားလုံးကို စာဝှက်နိုင်မည် ဖြစ်သည်)။ သို့သော်၊ ဖတ်မရသော sectors ၌ ရှိသည့် ဒေတာအားလုံး ပျောက်ဆုံးသွားမည် ဖြစ်သည်။ အကယ်၍ ၄င်းကို ရှောင်ရှားလိုပါက၊ သင့်လျှော်သော အခြား ကိရိယာများကို သုံးပြီး ပျက်စီးသွားသော ​ဒေတာ အချို့ကို ပြန်လည် ဆယ်တင်ရန် ကြိုးစားနိုင်သည်။\n\nမှတ်ချက် - ရုပ်ပိုင်းဆိုင်ရာ ပျက်စီးသွားသည့် sectors များနှင့် ပါတ်သက်၍ (ဒေတာ ပျက်စီးခြင်းနှင့် checksum ချို့ယွင်းချက်များနှင့် မတူပဲ) သိုလှောင်ရေး devices အမျိုးအစား အများစုသည် ၄င်းတို့ အထဲတွင် (ပျက်စီးသွားသော sectors များထဲ၌ ရှိသော လက်ရှိ ဒေတာများသည် drive အထဲ၌ စာမဝှက်ပဲ ဆက်လက် တည်ရှိနိုင်ရန်) ဒေတာများကို ရေးသားသည့်အခါ sectors များကို နေရာ ပြောင်းရွှေ့ပေးသည်။\n\nVeraCrypt သည် ဖတ်မရသော sectors များ၌ သုညများ ရေးသားစေလိုသလား? + ျို့ယွင်းချက် - Disk ၌ ရှိသော sectors များ၏ အကြောင်းအရာကို မဖတ်နိုင်ပါ (စက်ပိုင်းဆိုင်ရာ ပျက်စီးမှုကြောင့် ဖြစ်သည်)။\n\nစာဝှက်သည့် လုပ်ငန်းစဉ်ကို ဆက်လုပ်နိုင်ရန်၊ VeraCrypt သည် ဖတ်မရသော sectors များ၏ အကြောင်းအရာများကို စွန့်ပစ်ရမည် ဖြစ်သည် (အကြောင်းအရာများကို pseudorandom ဒေတာများဖြင့် အ​စားထိုးသွားမည် ဖြစ်သည်။ ဆက်လက် မ​လုပ်ဆောင်မီ၊ သင့်လျှော်သော အခြား ကိရိယာများကို သုံးပြီး ပျက်စီးသွားသော ဒေတာ တချို့ကို ပြန်လည် ဆယ်တင်ရန် သင် ကြိုးစားနိုင်သည်။\n\nဖတ်၍ မရသော sectors များရှိ ဒေတာများကို VeraCrypt ကို သုံးပြီး စွန့်ပစ်လိုသလား?ဖတ်၍ မရသော sectors များ၌ VeraCrypt ဖြင့် သုညများကို ရေးသားလိုသလား? + မှတ်ချက် - VeraCrypt သည် %I64d ဖတ်မရသော sectors (%s) ရှိ ​အကြောင်းအရာများကို စာဝှက်ထားသော all-zero စသား block များနှင့် အစားထိုးလိုက်သည်။ + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + တိုကင် '%s' အတွက် စကားဝှက်/PIN နံပါတ် ရေးထည့်ပါ - + VeraCrypt သည် လုံခြုံရေး တိုကင် (သို့) စမတ်ကတ်ကို သုံးစွဲနိုင်ရန်၊ တိုကင် (သို့) စမတ်ကတ် အတွက် ပထမဦးဆုံး PKCS #11 ဆော့ဗ်ဝဲ လိုင်ဘရာရီ တစ်ခုကို ထည့်သွင်း ရမည်ဖြစ်သည်။ ယင်းလိုင်ဘရာရီမျိုးကို device ထဲ၌ ပါလာနိုင်သည် (သို့) ဆော့ဗ်ဝဲ ရောင်းချသော သူ၏ ကွန်ရက် စာမျက်နှာ သို့မဟုတ် အခြား နေရာများမှ ဒေါင်းလုဒ်ဆွဲယူ နိုင်မည် ဖြစ်သည်။\n\nစက်ထဲ လိုင်ဘရာရီကို ထည့်သွင်းပြီးနောက်၊ 'Select Library' ကို နှိပ်ခြင်းဖြင့် ၄င်းကို ကိုယ်တိုင် ရွေးနိုင်သည် (သို့) VeraCrypt ကို ​ရှာစေနိုင်ပြီး 'Auto-Detect Library' (Windows စနစ် ဖိုင်တွဲထဲ၌သာ ​ရှာဖွေမည် ဖြစ်သည်) ကို နှိပ်ပြီး အလိုအလျောက် ရွေးချယ်နိုင်သည်။ + မှတ်ချက် - သင့် လုံခြုံရေး တိုကင် (သို့) စမတ်ကတ် အတွက် ထည့်သွင်းခဲ့သော PKCS #11 လိုင်ဘရာရီ၏ ဖိုင်အမည်နှင့် တည်နေရာအတွက်၊ တိုကင်၊ ကတ်၊ သို့မဟုတ် အခြား ဆော့ဗ်ဝဲနှင့် အတူပါလာသော အသုံးပြုနည်း လက်စွဲကို လေ့လာပါ။\n\nဖိုင် လမ်းကြောင်းနှင့် ဖိုင်အမည်များကို ရွေးချယ်ရန် 'ကောင်းပြီ' ခလုတ်ကို နှိပ်ပါ။ + VeraCrypt သည် လုံခြုံရေး တိုကင် (သို့) စမတ်ကတ်ထဲ ၀င်ရောက်နိုင်ရန်၊ ပထမဦးဆုံး တိုကင်/ကတ်အတွက် PKCS #11 ဆော့ဗ်ဝဲ လိုင်ဘရာရီ တစ်ခုကို ရွေးချယ်ရမည် ဖြစ်သည်။ ထိုသို့ ပြုလုပ်ရန် 'Settings' > 'Security Tokens' ကို ရွေးချယ်ပါ။ + PKCS #11 လုံခြုံရေး တိုကင် လိုင်ဘရာရီကို အစပြု၍ မရပါ။\n\nPKCS #11 လိုင်ဘရာရီ အမှန်သို့ ရည်ညွှန်းသော သတ်မှတ်ထားသည့် ဖိုင် လမ်းကြောင်းနှင့် ဖိုင်အမည်ကို မှန်မမှန် စစ်ဆေးပါ။ PKCS #11 လိုင်ဘရာရီနှင့် ဖိုင်အမည်ကို သတ်မှတ်ရန်၊ 'Settings' > 'Security Tokens' ကို ရွေးချယ်ပါ။ + Windows စနစ် ဖိုင်တွဲထဲ၌ PKCS #11 လိုင်ဘရာရီကို မတွေ့ပါ။\n\nသင့် လုံခြုံရေး တိုကင် (သို့မဟုတ် စမတ်ကတ်) အတွက် PKCS #11 လိုင်ဘရာရီကို (ယင်း လိုင်ပရာရီမျိုးကို တိုကင်/ကတ်နှင့်အတူ ပါလာနိုင်သည် သို့မဟုတ် ဆော့ဗ်ဝဲ ရောင်းချသူ၏ ကွန်ရက် စာမျက်နှာမှ (သို့) အခြား နေရာမှ ဒေါင်းလုဒ် ဆွဲယူနိုင်သည်) စက်ထဲ ထည့်သွင်းရမည် ဖြစ်သည်။ အကယ်၍ ၄င်းကို Windows စနစ် ဖိုင်တွဲထဲ၌ မဟုတ်ပဲ ဖိုင်တွဲ တစ်ခုခု၌ ထည့်သွင်းထားပါက၊ (ဥပမာ - တိုကင်/ကတ် အတွက် ဆော့ဗ်ဝဲ တည်ရှိသော နေရာမှ ဖိုင်တွဲထဲရှိ) လိုင်ဘရာရီကို ဖွင့်ရန် 'Select Library' ကို ​နှိပ်ပါ။ + လုံခြုံရေး တိုကင် ရှာမတွေ့ပါ။\n\nလုံခြုံရေး တိုကင်သည် သင့် ကွန်ပျူတာနှင့် ချိတ်ဆက်ပြီး ၄င်းတိုကင်၏ ဒရိုင်ဘာ အမှန်ကို စက်ထဲ ထည့်သွင်းထားရမည်။ + လုံခြုံရေး တိုကင် ကီးဖိုင် ရှာ​မတွေ့ပါ။ + လုံခြုံရေး တိုကင် ကီးဖိုင်၏ နာမည်တူ ရှိနေပြီး ဖြစ်သည်။ + ရွေးထားသော ဖိုင်များကို ပယ်ဖျက်လိုသလား? + လုံခြုံရေး တိုကင် ကီးဖိုင် လမ်းကြောင်း မမှန်ပါ။ + လုံခြုံရေး တိုကင် ချို့ယွင်းချက် + လုံခြုံရေး တိုကင်၏ စကားဝှက် မမှန်ပါ။ + တောင်းဆိုထားသော လုပ်ငန်းကို ဆောင်ရွတ်ရန် လုံခြုံရေး တိုကင်၌ မှတ်ဉာဏ်/နေရာ အလုံအလောက် မရှိပါ။\n\nအကယ်၍ သင်သည် ကီးဖိုင် တစ်ခုကို တင်သွင်းရန် ကြိုးစားပါက၊ VeraCrypt ('Tools' > 'Keyfile Generator' ကို ရွေးချယ်ပါ) မှ ထုတ်လုပ်သော ဖိုင်အသေး တစ်ခု (သို့) ကီးဖိုင် တစ်ခုကို ရွေးချယ်ပါ။ + ဖွင့်ထားသော လုံခြုံရေး တိုကင် အခန်းများ ပိတ်လိုက်ပြီ။ + လုံခြုံရေး တိုကင် ကီးဖိုင်များကို ရွေးချယ်ပါ + Slot + တိုကင် အမည် + ဖိုင်အမည် + အရေးကြီးချက် - စက်မတက်မီ အတည်​ပြု စကားဝှက်ကို standard US ကီးဘုတ် လေးအောက်ဖြင့် အမြဲ ရေးထည့်ရသည်။ ထို့ကြောင့်၊ အခြား ကီးဘုတ် လေးအောက်ကို အသုံးပြုပြီး စကားဝှက် ရေးထည့်ရသော volume ကို စက်မတက်မီ အတည်ပြု စကားဝှက်ဖြင့် (ဤအရာသည် VeraCrypt ၏ ပရိုဂရမ် အမှား မဟုတ်ပါ) အစပျိုးရန် မဖြစ်နိုင်ချေ။ ယင်းကဲ့သို့ volume မျိုးကို စက်မတက်မီ အတည်ပြု စကားဝှက်ဖြင့် အစပျိုးနိုင်ရန်၊ အောက်ပါ အဆင့်များကို လိုက်နာပါ -\n\n၁) 'ဖိုင် ရွေးရန်' (သို့) 'Device ရွေးရန်' ကို နှိပ်ပြီး volume ကို ရွေးပါ။\n၂) 'Volumes များ' > 'Volume စကားဝှက် ပြောင်းရန်' ကို ရွေးချယ်ပါ။\n၃) Volume ၏ လက်ရှိ စကားဝှက်ကို ရေးထည့်ပါ။\n၄) Windows taskbar မှ ဘာသာစကား ဘား အိုင်ကွန်ပုံကို နှိပ်ပြီးဖြစ်စေ၊ 'EN English (United States)' ကို ရွေးပြီး ဖြစ်စေ ကီးဘုတ် လေးအောက်ကို English (US) အဖြစ် ပြောင်းပါ။\n၅) VeraCrypt ၏ စကားဝှက်အသစ် နေရာကွက်တွင်၊ စက်မတက်မီ အတည်ပြု စကားဝှက်ကို ရေးထည့်ပါ။\n၆) စကားဝှက်အသစ်ကို အတည်ပြုရန် ထပ်မံ ရေးထည့်ပြီး 'ကောင်းပြီ' ခလုတ်ကို နှိပ်ပါ။\nသတိပေးချက် - အကယ်၍ အောက်ပါ အဆင့်များကို လိုက်နာပါက၊ volume စကားဝှက်ကို US ကီး​ဘုတ် လေးအောက် သုံးပြီး အမြဲ ရေးထည့်ရမည် ဖြစ်သည် (၄င်းကို စက်မတက်မီ အခြေအနေတွင်သာ အလိုအလျောက် အတည်ပြုသည်)။ + ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များသည် စက်မတက်မီ အတည်ပြု စကားဝှက်ကို သုံးပြီး အစပျိုးမည် ဖြစ်သည်။ အကယ်၍ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volume တစ်ခုခုသည် အခြား စကားဝှက်တစ်ခုကို အသုံးပြုပါက၊ ၄င်းကို အစပျိုးနိုင်မည် မဟတ်ပါ။ + ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို မထိခိုက်စေရန် အကယ်၍ သာမန် VeraCrypt volume လုပ်ဆောင်ချက်များကို ('အားလုံး အဆုံးသတ်ရန်'၊ အလိုလို-အဆုံးသတ်ရန်၊ စသဖြင့်) တားဆီး​လိုပါက၊ ရွေးစရာ 'စီမံခန့်ခွဲသူကိုသာ ကြည့်ရှုခွင့်ပြုရန်နှင့် VeraCrypt ထဲရှိ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို အဆုံးသတ်ရန်' ကို ဖွင့်ပါ။ ထို့အပြင်၊ VeraCrypt သည် စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့်မပါပဲ သုံးစွဲသည့်အခါ၊ ကွန်ပျူတာစနစ် စိက်ကြိုက် volumes များသည် VeraCrypt ပင်ပ အပ္ပလီကေးရှင်း ၀င်းဒိုးရှိ 'Dismount All'အခွင့်အရေးများ (Windows Vista နှင့် နောက်ထွက်တွင် ပုံမှန် ပါရှိသည်) မပါဘဲ ဖွင့်သည့်အခါ VeraCrypt အသုံးချဆော့ဖ်ဝဲလ်အဓိကဝင်းဒိုးထဲရှိ drive အက္ခရာစာရင်းတွင် ဖေါ်ပြလာမည် မဟုတ်ပါ။ + အရေးကြီးချက် - အကယ်၍ ဤရွေးစရာကို ဖွင့်ထားပြီး VeraCrypt ၌ စီမံခန့်ခွဲသူ လုပ်ပိုင်ခွင့် မရှိပါက၊ အစပျိုးထားသော ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို VeraCrypt အပ္ပလီကေးရှင်းတွင် မြင်တွေ့ရမည် မဟုတ်ပါ၊ ၄င်းတို့ကို အဆုံးသတ်နိုင်မည် မဟုတ်ပါ။ ထို့ကြောင့်၊ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volume ကို အဆုံးသတ်လိုပါက၊ VeraCrypt အိုင်ကွန် (Start မီနူးထဲ) ၌ ညာဖက်နှိပ်ပြီး ပထမဦးဆုံး 'စီမံခန့်ခွဲသူ အဖြစ် ဖွင့်ရန်' ကို ရွေးချယ်ပါ။ အလားတူ ကန့်သတ်ချက်သည် 'အားလုံး အဆုံးသတ်ရန်' ဖန်ရှင်၊ 'အလိုလို-အဆုံးသတ်ရန်' ဖန်ရှင်များ၊ 'အားလုံး အဆုံးသတ်ရန်' အထူးကီးများ၊ စသည်တို့၌ အကျုံးဝင်သည်။ + ဤချိန်ညှိချက်သည် OS စနစ်ကို ပြန်ဖွင့်သည့်အခါ၌သာ သက်ရောက်မှု ရှိမည် ဖြစ်သည်။ + Command line ပိုင်းခြားစိစစ်နေစဉ် ချို့ယွင်းချက်။ + ဆယ်တင်ရေး အခွေ + &ဖိုင်ကို ရွေးပြီး အစပျိုးပါ... + &Device ကို ရွေးပြီး အစပျိုးပါ... + စီမံခန့်ခွဲသူများကိုသာ ကြည့်ရှုခွင့် ပေးပြီး Veracrypt ထဲရှိ ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို အဆုံးသတ်ပါ + Windows ဖွင့်လာသည့်အခါ (စက်အတက် လုပ်ငန်းစဉ် အစပိုင်း အဆင့်တွင်) ကွန်ပျူတာစနစ် စိတ်ကြိုက် volumes များကို အစပျိုးပါ + သတိပေးချက် - '%s' အဖြစ် အစပျိုးခဲ့​​သော volume ထဲရှိ ဖိုင်စနစ်ကို ရှင်းရှင်း အဆုံးသတ် မထားပါ၊ ၄င်းကြောင့် ချို့ယွင်းချက်များ ပါ၀င်နိုင်သည်။ ပျက်စီးသွားသော ဖိုင်စနစ်ကြောင့် ဒေတာများ ပျောက်ဆုံးနိုင်သည် (သို့) ဒေတာ ပျက်စီးနိုင်သည်။\n\nမှတ်ချက်ရန် - ဖွင့်ထားသော VeraCrypt volume တည်ရှိနေသော နေရာရှိ device တစ်ခု () ကို မဖယ်ရှားမီ၊ VeraCrypt ထဲမှ VeraCrypt volume ကို ပထမဦးဆုံး အမြဲတမ်း အဆုံးသတ်ပေးရမည် ဖြစ်သည်။\n\n\nWindows သည် ဖိုင်စနစ်၌ ရှိသော ချို့ယွင်းချက်များကို (အကယ်၍ ရှိပါက) စစ်ဆေးပြီး ပြုပြင်လိုသလား? + သတိပေးချက် - ကွန်ပျူတာစနစ် စိတ်ကြိုက် volume တစ်ခု (သို့) အများကို ရှင်းလင်းစွာ အဆုံးသတ်မထားပါ၊ ထိုအချက်ကြောင့် ဖိုင်စနစ် ချို့ယွင်းချက်များ ပါရှိနေခြင်း ဖြစ်နိုင်သည်။ နောက်ထပ် အသေးစိတ် အချက်အလက်များကို ကွန်ပျူတာစနစ် ဖြစ်ရပ် မှတ်တမ်းကို လေ့လာပါ။\n\nပျက်စီးသွားသော ဖိုင်စနစ်သည် ဒေတာ ပျောက်ဆုံးခြင်း (သို့) ဒေတာ ပျက်စီးခြင်းကို ​ဖြစ်စေနိုင်သည်။ ထိခိုက်ခံရသော ကွန်ပျူတာစနစ် စိတ်ကြိုက် volume(များ)၌ ချို့ယွင်းချက်များ (VeraCrypt ၌ တစ်ခုချင်းကို ညာဖက်နှိပ်ပြီး 'ဖိုင်စနစ် ပြုပြင်ရန်' ကို ရွေးပါ) ကို သင် စစ်ဆေးကြည့်ရန် လိုသည်။ + သတိပေးချက် - Microsoft 'chkdsk' ကိရိယာ အသုံးပြုပြီး ပျက်စီးသွားသော ဖိုင်စနစ်ကို ပြုပြင်ခြင်းကြောင့် ပျက်စီးသွားသော နေရာများရှိ ဖိုင်များ ပျောက်ဆုံးစေနိုင်သည်။ ထို့ကြောင့်၊ VeraCrypt volume ရှိ ဖိုင်များကို အရန်သင့် သိမ်းဆည်းပြီး အခြား VeraCrypt volume အကောင်း တစ်ခုခု၌ သိမ်းဆည်းရန် အ​ကြံပြုလိုသသည်။\n\nဖိုင်စနစ်ကို ယခု ပြုပြင်လိုသလား? + Volume '%s' ကို ဖတ်နိုင်ရန်သက်သက်သာ အစပျိုးထားသည်၊ အဘယ်ကြောင့် ဆိုသော် ရေးသားခွင့် ပိတ်ထားသောကြောင့် ဖြစ်သည်။\n\nဖိုင် သိမ်းဆည်းခန်း၏ လုံခြုံရေး ခွင့်ပြုချက်များဖြင့် ရေးသားခွင့် ရရှိရန် လုပ်ဆောင်ပါ (သိမ်းဆည်းခန်းကို ညာဖက်နှိပ်ပြီး ဂုဏ်အင်္ဂါရပ်များ > လုံခြုံရေး ကို ရွေးပါ)။\n\nWindows ပြဿနာ တစ်ခုကြောင့်၊ ဤသတိပေးချက်ကို သင့်လျော်သော လုံခြုံရေး ခွင့်ပြုချက်များ ချမှတ်ပြီးနောက် သင် မြင်တွေ့ရမည် ဖြစ်သည်။ ၄င်းသည် VeraCrypt ရှိ ပရိုဂရမ် အမှား တစ်ခုကြောင့် မဟုတ်ပါ။ ဖြစ်နိုင်ချေ ဖြေရှင်းချက်မှာ သင့် သိမ်းဆည်းခန်းကို 'Documents' ဖိုင်တွဲထဲ ပြောင်းရွှေ့ရန် ဖြစ်သည်။\n\nအကယ်၍ သင့် volume ကို ဆက်ထားရန် ရည်ရွယ်ပါက၊ သိမ်းဆည်းခန်း၏ ဖတ်ရှုရန်သက်သက် သတ်မှတ်ချက် (သိမ်းဆည်းခန်းကို ညာဖက်နှိပ်ပြီး ဂုဏ်အင်္ဂါရပ်များ > ဖတ်ရှုရန်သက်သက် ကို ရွေးပါ) ကို ချမှတ်ပါ။ ဤ​နည်းဖြင့် ဒီသတိပေးချက်ကို ပိတ်ထားနိုင်မည် ဖြစ်သည်။ + Volume '%s' ကို ဖတ်ရှုရန်သက်သက် အဖြစ် အစ​ပျိုးပါ၊ အဘယ်ကြောင့် ဆိုသော် ရေးသားခွင့်ကို ပိတ်ထားသောကြောင့် ဖြစ်သည်။\n\nVolume ထားရှိသော ​အခန်းကန့်/device ၌ အခြား အပ္ပလီကေးရှင်းများ (ဥပမာ - ဗိုင်းရပ်စ်သတ် ဆော့ဗ်ဝဲ) မရှိရန် သတိပြုပါ။ + Volume '%s' ကို ဖတ်ရှုရန်သက်သက် အဖြစ် အစပျိုးထားသည်၊ အဘယ်ကြောင့် ဆိုသော် OS စနစ်သည် host device ကို ရေးသားခွင့် ပိတ်ထားရန် တင်ပြထားသောကြောင့် ဖြစ်သည်။\n\nအချို့ စိတ်ကြိုက် chipset ဒရိုင်ဘာများသည် ရေးကူးနိုင်သော မီဒီယာကို ရေးသားခွင့် ပိတ်ထားသည့် ပုံစံပေါ်အောင် တင်ပြထားသည်။ ဤပြဿနာသည် VeraCrypt ကြောင့် မဟုတ်ပါ။ ဤပြဿနာကို ဒီကွန်ပျူတာစနစ်၌ လောလောဆယ် ထည့်သွင်းထားသော (မိုက်ခရိုဆော့ဗ် စနစ်မဟုတ်သော) chipset ဒရိုင်ဘာများကို မွမ်းမံခြင်း (သို့) ဖယ်ထုတ်ခြင်းဖြင့် ဖြေရှင်းနိုင်သည်။ + Hyper-Threading နည်းပညာသည် Physical Core တစ်ခုစီအတွက် Logical Core အများအပြားကို ထောက်ပံ့ပေးသည်။ Hyper-Threading ကို ဖွင့်ထားသည့်အခါ၊ အထက်၌ ရွေးချယ်ထားသော နံပါတ်သည် logical processors/cores များ၏ နံပါတ်ကို ကိုယ်စားပြုပေးသည်။ + %d threads + (စွမ်းဆောင်ရည် အားနည်းသော) Benchmark ရလဒ်များကို ထိခိုက်​​စေသော hardware-accelerated AES ကို ပိတ်ထားသည်။\n\nHardware acceleration ကို ဖွင့်ရန်၊ 'ချိန်ညှိချက်များ' > 'လုပ်ဆောင်ချက်' ကို ရွေးချယ်ပြီး၊ သက်ဆိုင်သော ရွေးစရာကို ပိတ်ထားပါ။ + (စွမ်းဆောင်ရည် အားနည်းသော) Benchmark ရလဒ်များကို ထိခိုက်​​စေသော threads အရေအတွက်ကို လောလောဆယ် ကန့်သတ်ထားသည်။\n\nProcessor(များ) ၏ စွမ်းရည် အပြည့်အ၀ကို အသုံးချရန်၊ 'ချိန်ညှိချက်များ' > 'လုပ်ဆောင်ချက်' ကို ရွေးချယ်ပြီး၊ သက်ဆိုင်သော ရွေးစရာကို ပိတ်ထားပါ။ + အခန်းကန့်/drive ကို ရေးသားနိုင်မှု ပိတ်ထားချက်ကို VeraCrypt ဖြင့် ပိတ်လိုသလား? + သတိပေးချက် - ဤချိန်ညှိချက်သည် စွမ်းဆောင်ရည်ကို နိမ့်ကျစေနိုင်သည်။\n\nဤချိန်ညှိချက်ကို သင်တကယ် အသုံးပြုလိုသလား? + သတိပေးချက် - VeraCrypt volume ကို အလိုလို-အဆုံးသတ်ထားသည် + အစပျိုးထားသော volume တစ်ခုပါသော device တစ်ခုကို ရုပ်ပိုင်းဆိုင်ရာ မဖယ်ရှားမီ (သို့) စက်မပိတ်မီ၊ VeraCrypt ဖြင့် volume ကို ပထမဦးဆုံး အမြဲတမ်း အဆုံးသတ်ရမည် ဖြစ်သည်။\n\nကေဘယ်ကြိုး၊ drive (enclosure) တို့ ပြတ်တောင်းပြတ်တောင်း ဖြစ်နေမှုကြောင့် မမျှော်လင့်သော အလိုလို အဆုံးသတ်မှု ဖြစ်ပွားနေသည်။ + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + စမ်းသပ်ရန် + ကီးဖိုင် + နောက်ပြန်ခလုတ် + Tab ခလုတ် + Clear ခလုတ် + Enter ခလုတ် + ခေတ္တရပ်နား ခလုတ် + Caps Lock ခလုတ် + Spacebar ခလုတ် + Page Up ခလုတ် + Page Down ခလုတ် + End ခလုတ် + Home ခလုတ် + ဘယ်ဖက် မြှား + အထက် မြှား + ညာဖက် မြှား + အောက်ဖက် မြှား + ရွေးချယ် ခလုတ် + ပရင့်ထုတ် ခလုတ် + လုပ်ငန်း ခလုတ် + ပုံရိပ်ဖမ်း ခလုတ် + Insert ခလုတ် + Delete ခလုတ် + အပ္ပလီကေးရှင်း ခလုတ် + စက်ခေတ္တနား ခလုတ် + Num Lock ခလုတ် + Scroll Lock ခလုတ် + ဘရောက်ဇာ နောက်သို့ သွားရန် + ဘရောက်ဇာ ရှေ့သို့ သွားရန် + ဘရောက်ဇာ ပြန်ခေါ်ရန် + ဘရောက်ဇာ ရပ်တန့်ရန် + ဘရောက်ဇာတွင် ရှာဖွေရန် + ဘရောက်ဇာ စိတ်ကြိုက်များ + ဘရောက်ဇာ ပင်မ စာမျက်နှာ + အသံပိတ် ခလုတ် + အသံတိုး ခလုတ် + အသံချဲ့ ခလုတ် + နောက်တစ်ပုဒ် + အရင်တစ်ပုဒ် + မီဒီယာ ရပ်တန့်ရန် + မီဒီယာ ဖွင့်ရန်/ခေတ္တရပ်ရန် + မေးလ်ကီး စဖွင့်ရန် + မီဒီယာကီး ရွေးရန် + အပ္ပလီကေးရှင်း ၁ + အပ္ပလီကေးရှင်း ၂ + Attn ခလုတ် + CrSel ခလုတ် + ExSel ခလုတ် + သီချင်း ဖွင့်ရန် + ချုံ့/ ချဲ့ ခလုတ် + NumPad ခလုတ် + Shift ခလုတ် + Ctrl ခလုတ် + Alt ခလုတ် + Win ခလုတ် + ဘိုက် + ကီလိုဘိုက် + မီဂါဘိုက် + ဂစ်ဂါဘိုက် + တယ်ရာဘိုက် + ပီတာဘိုက် + ဘိုက်/စက္ကန့် + ကီလိုဘိုက်/စက္ကန့် + မီဂါဘိုက်/စက္ကန့် + ဂစ်ဂါဘိုက်/စက္ကန့် + တယ်ရာဘိုက်/စက္ကန့် + ပီတာဘိုက်/စက္ကန့် + ... + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.nl.xml b/Translations/Language.nl.xml index da3a5065..3ff2e47d 100644 --- a/Translations/Language.nl.xml +++ b/Translations/Language.nl.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Annuleren - Installeer &voor alle gebruikers - Bro&wse - Voeg VeraCrypt icoon toe aan &desktop - Donate now... - Associeer de .hc bestand &extensie met VeraCrypt - &Open de bestemmingslocatie zodra gereed - Voeg VeraCrypt toe aan &Start menu - Maak Systeem &Herstel Punt - &De-installeer - &Uitpakken - &Installeer - VeraCrypt Setup Wizard - De-installeer VeraCrypt - &Help - Selecteer of type de locatie waar u de uitgepakte bestanden naartoe wilt kopieren: - Selecteer of type de locatie waar u de VeraCrypt programma bestanden naartoe wilt kopieren. Als de gespecificeerde map niet bestaaat, zal deze automatisch worden aangemaak. - Klik op Deinstalleer om VeraCrypt te verwijderen van dit systeem. - Afbreken - &Benchmark - &Test - Aanmaak en formattering gecodeerd Volume - Op-De-Plaats Codering van de partitie (Windows Vista) - Toon gegenereerde sleutels (their portions) - Toon inhoud - Download CD/DVD brandersoftware - Maak een gecodeerde bestandscontainer - &GB - &TB - Meer informatie - Ve&rborgen VeraCrypt volume - Meer informatie over Verborgen Volumes - Directe modus - Normale modus - &KB - G&ebruik Sleutel Best. - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - &Sleutelbestanden - Informatie over hash algoritmes - Meer informatie - Information on PIM - &MB - Meer informatie - Meer informatie over systeem codering - Meer informatie - Multi-boot - Codeer een niet-system partitie/station - Nooit &geschiedenis opslaan - Buiten-volume - &Pauze - Use P&IM - Use PIM - Snel Formatteren - &Laat wachtwoord zien - &Toon wachtwoord - &Display PIM - Single-boot - Standaard VeraCrypt volume - Ver&borgen - Normaal - Codeer de systeem partitie of gehele systeem schijf - Codeer de Windows systeem partitie - Codeer de gehele schijf - VeraCrypt Volume Aanmaak Wizard - Cluster - BELANGRIJK: Beweeg de muis zo willekeurig mogelijk binnen dit scherm. Hoe langer u hem beweegt, hoe beter. Dit verbetert significant de cryptografische sterkte van de codeersleutels. Klik vervolgens op Volgende om door te gaan. - &Bevestig: - Klaar - Drive letter: - Codering Algoritme - Filesysteem - Maakt een virtueel gecodeerde schijf aan binnen een bestand. Aanbevolen voor onervaren gebruikers. - Opties - Hash Algoritme - Header Key: - Nog - Master Key: - Selecteer deze optie als er twee of meer operating systemen geïnstalleeerd zijn op deze computer.\n\nBijvoorbeeld:\n- Windows XP en Windows XP\n- Windows XP en Windows Vista\n- Windows en Mac OS X\n- Windows en Linux\n- Windows, Linux en Mac OS X - Codeert een niet-systeem partitie op iedere in/externe schijf (bijv. USB Stick). Kan ook een Verborgen Volume aanmaken. - Huidige pool inhoud (gedeelte) - OK - Wachtwoord: - Volume PIM: - Volume PIM: - Voortgang: - Random Pool: - Selecteer deze optie als er maar één operating systeem geïnstalleerd is op deze computer (ook als de computer meerdere gebruikers telt). - Snelheid - Status - De sleutels, salt, en andere data zijn met succes aangemaakt. Als u nieuwe sleutels wilt aanmaken, klik op Terug en dan op Volgende, klik Volgende om door te gaan. - Codeert de partitie/schijf waarop Windows is geïnstalleerd. Eenieder die toegang tot het systeem wil hebben, zal vóór iedere start van Windows het juiste wachtwoord moeten ingeven. Evt. kan een Verborgen Systeem worden aangemaakt. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Wis modus: - Sluiten - Sla de pre-boot &authenticatie over door het indrukken van de Esc key (roept de boot manager op) - Doe niets - &Auto-koppel VeraCrypt volume (hieronder beschreven) - &Start VeraCrypt - Auto-&Detect Library - &Cache pre-boot authenticatie wachtwoord in het driver geheugen (voor het koppelen van niet-systeem volumes) - Bladeren - Bladeren - &Cache wachtwoorden en sleutels in geheugen - Sluiten als er geen gekoppelde volumes zijn - &Sluit token sessie (log uit) nadat een volume met succes is gekoppeld - Include VeraCrypt Volume Expander - Inclusief VeraCrypt Volume Aanmaak Wizard - Maak aan - Maa&k Volume - Laat geen &tekst zien in het pre-boot authenticatie scherm (behalve de onderstaande aangepaste boodschap) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Gebruik Sleutel Best. - Gebruik Sleutel Best. - S&luiten - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Toewijzen - Verwijderen - Sleutelbestanden - Do not use the following number of processors for encryption/decryption: - More information - More information - Meer Instellingen - &Auto-Koppel Apparaten - &Koppel Opties - Koppel volume als alleen-&lezen - Sleutelbestanden - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Geactiveerd - Cache wachtwoorden in geheugen - Auto-ontkoppeling volume als geen data gelezen/geschreven gedurende - Gebruiker uitlogt - User session locked - Power save modus gestart is - Screensaver geactiveerd is - Forceer auto-ontkoppeling, zelfs als volume open bestanden of directories bevat - Koppel alle in een apparaat gehuisveste VeraCrypt volumes - Start VeraCrypt Achtergrond Taak - Koppel volumes als alleen-lezen - Koppel volumes als verwijderbare media - Open Explorer venster voor succesvol gekoppeld volume - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Wis wachtwoorden in de cache bij auto-ontkoppeling - Wis wachtwoorden in de cache bij afsluiten - Preserve modification timestamp of file containers - Wis - Selecteer A&pparaat - Selecteer &Bestand - Selecteer &Library - Toon wachtwoord - Toon wachtwoord - Open &Explorer venster voor gekoppeld volume - &Cache wachtwoorden in programmageheugen - TrueCrypt Mode - O&ntkoppel Alles - Volume &Eigenschappen - Vol&ume Tools - &Wis Cache - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - Sneltoetsen - VeraCrypt - Verander Wachtwoord of Sleutelbestanden - Voer VeraCrypt Volume Wachtwoord In - VeraCrypt - Performance and Driver Options - VeraCrypt - Voorkeuren - VeraCrypt - Systeem Codeer Instellingen - VeraCrypt - Security Token Voorkeuren - VeraCrypt Traveler Disk Aanmaak - VeraCrypt Volume Eigenschappen - Over - Toevoegen/Verwijderen Sleutelbestanden aan/van Volume - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Backup Volume Header - Test Prestaties Codering Algoritmes - Creëer Header Key Afleidingsalgoritme - Verander Volume Wachtwoord - Creëer Header Key Afleidingsalgoritme - Verander Systeem Wachtwoord - Verwijder Volume Geschiedenis - Sluit alle Security Token Sessies - Contact - Aanmaak Verborgen Operating Systeem - Maak Reddingsschijf aan - Volume Aanmaak Wizard - Permanently Decrypt... - Creëer Standaard Sleutelbestanden - Default Mount Parameters... - Donate now... - Codeer Systeem Partitie/Schijf - Veel Gestelde Vragen - Gebruikers Handleiding - &Homepage - Sneltoetsen - Sleutelbestand Generator - Taal - Algemene Voorwaarden - Beheer Security Token Sleutelbestanden - Automatisch koppelen alle in Stations gehuisveste Volumes - Koppel Favoriete Volumes - Koppel Zonder Pre-Boot &Authenticatie - Koppel Volume - Koppel Volume met Opties - Nieuws - Online Documentatie - Beginners Tutorial - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Permanent Decoderen Systeem Partitie/Schijf - Voorkeuren - Lees Station Letters opnieuw in - Verwijder alle Sleutelbestanden van Volume - Herstel Volume Header - Hervat Onderbroken Proces - Selecteer Apparaat - Selecteer Bestand - Hervat Onderbroken Proces - Systeem Codering - Eigenschappen - Instellingen - System Favorite Volumes... - Downloads - Test Vectoren - Security Tokens - Traveler Disk Aanmaak - Ontkoppel alle Gekoppelde Volumes - Ontkoppel Volume - Controleer Reddingsschijf - Verify Rescue Disk ISO Image - Versie Geschiedenis - Volume Expander - Volume Eigenschappen - Volume Aanmaak Wizard - VeraCrypt Website - Wis Wachtwoorden in Cache - OK - Hardware Acceleration - Toekennen Sneltoets (selecteer actie boven, druk op toets en klik op Toewijzen) - AutoRun Configuratie (autorun.inf) - Auto-ontkoppeling - Auto-ontkoppel als: - Boot Lader Scherm Opties - Bevestig Wachtwoord: - Huidig - Laat deze aangepaste boodschap zien in het pre-boot authenticatie scherm (24 karakters maximaal): - Standaard Koppel Opties - Sneltoets Opties - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Bestand Instellingen - Toe te wijzen toetsen: - Processor (CPU) in this computer supports hardware acceleration for AES: - Acties bij opstarten van Windows - minuten - Koppel volume aan station: - Koppel Instellingen - Nieuw - Wachtwoord: - Thread-Based Parallelization - PKCS #11 Library Pad - PKCS-5 PRF: - PKCS-5 PRF: - Wachtwoord Cache - Security Opties - VeraCrypt Achtergrond Taak - VeraCrypt Volume te koppelen (t.o.v. Traveler Disk root directory): - Na aanbrengen Traveler Disk: - Maak Traveler Disk bestanden in (Traveler Disk root directory): - Volume - Windows - Voeg &Pad Toe - &Auto-Test Alles - &Doorgaan - &Decodeer - &Verwijder - &Codeer - &Exporteer - Genereer en bewaar Sleutelbestand - &Genereer Random Sleutelbestand - Download vertaling - Hardware-accelerated AES: - &Importeer Sleutelbestand naar Token - Toevoegen &Best. - G&ebruik Sleutel Best. - &Sleutelbestanden - &Verwijderen - Verwijder &Alles - Wat is verborgen volume bescherming? - Meer informatie over Sleutelbestanden - Koppel volume als verwijderbaar &medium - Koppel partitie &middels systeem codering zonder pre-boot authenticatie - Parallelization: - Start Tests - &Print - &Bescherm Verborgen Volume tegen schade door schrijven in Buitenste - &Reset - &Toon wachtwoord - Toev. &Token Best. - Gebruik backup van header ingebed in &volume indien aanwezig - XTS modus - Over VeraCrypt - VeraCrypt - Test Prestaties Codering Algoritmes - VeraCrypt - Test Vectoren - Command Line Help - VeraCrypt - Sleutelbestanden - VeraCrypt - Sleutelbestand Generator - VeraCrypt - Taal - VeraCrypt - Koppel Opties - Nieuwe Security Token Sleutelbestand Eigenschappen - VeraCrypt - Random Pool Verrijking - Selecteer een Partitie of Apparaat - VeraCrypt - Security Token Sleutelbestanden - Security Token wachtwoord/PIN benodigd - Huidige Taal Instelling - De snelheid wordt beïnvloed door CPU belasting en eigenschappen van het opslagmedium.\n\nDeze tests worden uitgevoerd in het RAM. - Buffer Grootte: - Code: - W&achtwoord voor het Verborgen Volume:\n(als dit leeg is wordt de cache gebruikt) - Verborgen Volume Protectie - Sleutel grootte: - BELANGRIJK: Beweeg de muis zo willekeurig mogelijk binnen dit scherm. Hoe langer u hem beweegt, hoe beter. Dit verbetert significant de cryptografische sterkte van de codeersleutels. - Let op: Als een Sleutelbestand zoekraakt of in de eerste 1024 kilobytes verandert, zal het corresponderende Volume niet meer gekoppeld kunnen worden! - bits - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Vertaald door: - Platte tekst grootte: - bits - Huidige Inhoud - Mixing PRF: - BELANGRIJK: Beweeg uw muis zo willekeurig als mogelijk binnen dit scherm. Hoe langer, hoe beter. Dit verbetert significant de veiligheid. Indien gereed klikt u op ‘Doorgaan’. - Secundaire sleutel (hexadecimaal) - Security token: - Weergave: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Blok nummer: - Codetekst (hexadecimaal) - Data eenheid nummer (64-bit hexadecimaal, data eenheid grootte is 512 bytes) - Sleutel (hexadecimaal) - Platte tekst (hexadecimaal) - Naam Sleutelbestand: - XTS modus - S&ysteem - &Volumes - Favor&ites - T&ools - Instellin&gen - &Help - Homep&age - - &Over - Het alleen-lezen attribuut op uw oude volume kon niet worden aangepast. Controleer de permissies van het bestand. - Fout: Toegang geweigerd.\n\nDe partitie die u probeert te bereiken is of 0 sectoren groot, of is uw opstart partitie. - Administrator - Om de VeraCrypt driver te laden moet u zijn ingelogd met een account met administrator rechten. - Noot: om een apparaat/partitie te kunnen coderen/Decodeer/formatteren moet u ingelogd zijn met een beheersaccount, dus met administrator rechten.\n\nDit geldt niet voor het formatteren/coderen van volumes die zijn opgenomen in een Bestandscontainer. - Om een Verborgen Volume te kunnen maken moet u ingelogd zijn in een account met administrator rechten.\n\nDoorgaan? - Om het volume te kunen formatteren in NTFS formaat moet u ingelogd zijn in een account met administrator rechten.\n\nZonder administrator rechten kunt u het volume in FAT formaat formatteren. - FIPS-goedgekeurde code (Rijndael, gepubliceerd 1998) die mag worden gebruikt door U.S. overheids departementen en agentschappen om geclassificeerde informatie te beveiligen tot aan Top Secret level. 256-bit sleutel, 128-bit blok, 14 rondgangen (AES-256). Operatiemodus is XTS. - Volume is reeds gekoppeld. - WAARSCHUWING: Bij tenminste een codering of hash algoritme is de ingebouwde automatische zelftest mislukt!\n\nDe installatie van VeraCrypt kan mogelijk beschadigd zijn. - Waarschuwing: Er zijn niet genoeg data in de Random Nummer Generator om te voorzien in de gevraagde hoeveelheid random data.\n\nGa niet verder in het programma. Wilt u a.u.b.'Rapporteer een fout' uit het Help menu kiezen en deze fout rapporteren? - De schijf is beschadigd (fysiek defect) of een kabel is beschadigd, of het geheugen disfunctioneert.\n\nMerk aub op dat dit een probleem met uw hardware is, niet met VeraCrypt. Rapporteer dit daarom a.u.b. NIET als een bug of probleem in VeraCrypt en vraag hiervoor NIET om hulp in het VeraCrypt Forum. Neem a.u.b. contact op met het technisch ondersteunings team van uw computer verkoper voor hulp. Dank u wel.\n\nMerk op: Als de fout herhaaldelijk op dezelfde plaats optreedt, wordt deze waarschijnlijk veroorzaakt door een zgn. bad cluster op de schijf. Dit zou gecorrigeerd moeten kunnen worden middels software van een derde partij (in veel gevallen is de opdracht 'chkdsk /r' niet in staat deze fout te corrigeren omdat dit programma op bestandsnivo werkt; in sommige gevallen zal 'chkdsk' de fout zelfs niet opmerken). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Uw system heeft aangepaste chipset drivers met daarin een bug die codering van de gehele systeem schijf verhindert.\n\nProbeer a.u.b. (niet-Microsoft) aangepaste chipset drivers bij te werken of te deïnstalleren voordat u verder gaat. Codeer alleen de systeem partitie als het probleem blijft. - Ongeldige stationsletter. - Ongeldig pad. - Annuleer - Kan geen toegang tot station verkrijgen. Overtuigt u zich ervan dat het opgegeven station bestaat en niet gebruikt wordt door het systeem. - Waarschuwing: Caps Lock staat aan. Houd hier rekening mee bij het invoeren van het wachtwoord. - Volume Type - Het zou kunnen dat u door iemand gedwongen wordt het wachtwoord van een gecodeerd volume prijs te geven. Er zijn veel situaties waarin u niet kunt weigeren het wachtwoord te onthullen (bijvoorbeeld in geval van afpersing). Door een Verborgen Volume te gebruiken kunt u in zulke situaties voorkomen dat u het wachtwoord prijs hoeft te geven. - Selecteer deze optie als u een normaal VeraCrypt volume wilt aanmaken. - Indien u een operating systeem wilt installeren in een verborgen volume dat is gehuisvest in een partitie kunt u de gehele systeemschijf NIET coderen met gebruik van één enkele sleutel. - Buiten Volume Codering Opties - Verborgen Volume Codering Opties - Codering Opties - WAARSCHUWING: Het pad (als opgeslagen door de bestandsselectie) van het laatst geselecteerde volume/sleutelbestand kon niet geschoond worden! - Fout: De bestandscontainer is gecomprimeerd op bestandsniveau. VeraCrypt ondersteunt geen gecomprimeerde containers (noot: Compressie van gecodeerde data is ineffectief en overbodig).\n\nSchakel a.u.b. compressie voor deze container uit door de volgende stappen te nemen: 1) Klik de container RECHTS aan in Windows Explorer (niet in VeraCrypt). 2) Selecteer 'Eigenschappen'. 3) Kies 'Geavanceerd' in de 'Eigenschappen' dialoog. 4) Haal het vinkje bij 'Inhoud Comprimeren om schijfruimte vrij te maken' weg in het Geavanceerde Dialoog Scherm en klik op 'OK'. 5) Klik op 'OK' in het 'Eigenschappen' dialoog scherm. - Niet succesvol in het aanmaken van volume %s - Grootte van %s is %.2f bytes - Grootte van %s is %.2f KB - Grootte van %s is %.2f MB - Grootte van %s is %.2f GB - Grootte van %s is %.2f TB - Grootte van %s is %.2f PB - WAARSCHUWING: Het apparaat/partitie is in gebruik door het operating systeem of door programma's. Het formatteren van het apparaat/partitie kan dataverminking en systeeminstabiliteit tot gevolg hebben.\n\nWilt u doorgaan? - Waarschuwing: Deze partitie is in gebruik door het operating systeem of programma's. U dient iedere applicatie die deze partitie zou kunnen gebruiken (incl. antivirusprogramma's) te sluiten.\n\nDoorgaan? - Fout: Het apparaat/partitie bevat een bestandssysteem dat niet kan worden ontkoppeld. Dit bestandssyteem kan in gebruik zijn door het operating systeem. Het formatteren van het apparaat/partitie zal waarschijnlijk dataverminking en systeeminstabiliteit tot gevolg hebben.\n\nOm dit probleem op te lossen raden we aan deze partitie eerst te verwijderen en dan opnieuw aan te maken zonder deze te formatteren. Volg hiertoe de volgende stappen: 1) Klik RECHTS op het 'Deze Computer' (of 'Mijn Computer') icoontje in het 'Start Menu' en kies 'Beheren'. Het 'Computer Beheer' scherm verschijnt nu. 2) In het 'Computer Beheer' scherm, kies 'Opslag' > 'Schijfbeheer'. 3) Klik RECHTS op de partitie die u wilt gaan coderen en kies voor 'Partitie Verwijderen', of 'Verwijder Schijf', of 'Logisch Station Verwijderen'. 4) Klik op 'Ja'. Als Windows u vraagt de computer te herstarten, doet u dit dan. Herhaal dan de stappen 1 en 2 en ga verder met stap 5. 5) Klik nu RECHTS op de niet-toegewezen/vrije ruimte en selecteer 'Nieuwe Partitie', of 'Nieuw Eenvoudig Volume', of 'Nieuw Logisch Station'. 6) De 'Wizard Nieuwe Partitie' of 'Wizard Nieuw Eenvoudig Volume' moet nu verschijnen; volg de instructies. Op de wizard-pagina met de titel 'Formatteer Partitie', selecteer 'Formatteer deze partitie NIET' of 'Formatteer dit volume NIET'. In dezelfde wizard, klik op 'Volgende' en dan 'Voltooien'. 7) Merk op dat het stationspad dat u hebt geselecteerd in VeraCrypt nu verandert en dus verkeerd kan zijn. Verlaat daarom de VeraCrypt Volume Aanmaak Wizard (als die nog draait) en start deze opnieuw. 8) Probeer het apparaat/partitie opnieuw te coderen.\n\nMocht VeraCrypt herhaaldelijk falen in zijn pogingen dit apparaat/partitie te coderen, dan kunt u overwegen een bestandscontainer aan te maken. - Fout: Het bestandssysteem kon niet gekoppeld en/of ontkoppeld worden. Het bestandssysteem kan in gebruik zijn door het operating systeem of programma's (bijv. antivirus software). Het coderen van de partitie kan dan data corruptie en systeeminstabiliteit veroorzaken.\n\nSluit a.u.b. ieder programma dat het bestandssysteem zou kunnen gebruiken (incl. antivirus software) en probeer het opnieuw. Indien dit niet helpt, volg a.u.b. de stappen hieronder. - WAARSCHUWING: Sommige van de gekoppelde apparaten/partities waren reeds in gebruik!\n\nIndien u dit negeert kan dit ongewenste gevolgen en systeeminstabiliteit tot gevolg hebben.\n\nWe raden u sterk aan ieder programma dat het apparaat/partitie in gebruik zou kunnen hebben te beëindigen. - Het geselecteerde apparaat bevat partities!\n\nDit apparaat formatteren zou systeem instabiliteit en dataverlies tot gevolg kunnen hebben. Selecteert u a.u.b. een partitie op dit apparaat, of verwijdert u alle partities zodat VeraCrypt het apparaat vervolgens veilig kan formatteren. - Op apparaten die niet gepartitioneerd zijn (incl. harde schijven en Solid State drives) kunnen gecodeerde VeraCrypt Volumes worden aangemaakt. Een apparaat dat partities bevat kan slechts als één geheel worden gecodeerd (met één master key) indien Windows daarop geïnstalleerd is en ermee opgestart wordt.\n\nAls u het geselecteerde niet-systeem apparaat als één geheel wilt coderen met één master key, dient u eerst alle partities te verwijderen waarna VeraCrypt dit apparaat als één geheel kan formatteren. Als alternatief kunt u iedere partitie op dit apparaat afzonderlijk selecteren voor aanmaak van een VeraCrypt Volume. (Iedere partitie wordt dan met een andere master key gecodeerd).\n\nNoot:Als u alle partities wilt verwijderen van een GPT disk, zou u deze kunnen converteren naar een MBR disk (middels bijv. Computerbeheer in Windows) teneinde de verborgen partities te kunnen verwijderen. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - Op-De-Plaats codering van niet-systeem volumes wordt niet ondersteund door uw operating system (het wordt slechts door Windows Vista en latere versies van Windows ondersteund).\n\nDe reden is dat deze versie krimpen van het bestandsysteem niet ondersteunt (hetgeen noodzakelijk is om plaats te maken voor de volume header en backup header). - De geselecteerde partitie blijkt geen NTFS bestandssysteem te bevatten. Alleen partities met daarop het NTFS bestandssysteem kunnen Op-De-Plaats gecodeerd worden.De reden hiervoor is dat alleen onder NTFS het krimpen van het bestandssyteem mogelijk is zodat er ruimte vrijkomt voor de volume header en de backup header). - De geselecteerde partitie blijkt geen NTFS bestandssysteem te bevatten. Alleen partities met daarop het NTFS bestandssysteem kunnen Op-De-Plaats gecodeerd worden.\n\nIndien u een VeraCrypt Volume wilt aanmaken in deze partitie, kies dan ‘Aanmaak en formattering gecodeerd volume’ (i.p.v. ‘Op-De-Plaats Codering van de partitie (Windows Vista))’ - Fout: De partitie is te klein. VeraCrypt kan het niet Op-De-Plaats coderen. - Volg a.u.b. de volgende stappen om de bestanden op deze partitie te coderen:\n\n1) Maak een VeraCrypt Volume aan op een lege partitie/apparaat en koppel dit Volume.\n\n2) Kopieer alle bestanden van de partitie die u oorspronkelijk wilde coderen naar het in stap 1 aangemaakte en gekoppelde VeraCrypt Volume. U heeft nu een in VeraCrypt gecodeerde backup van uw bestanden gemaakt.\n\n3) Maak een VeraCrypt Volume aan op de partitie die u oorspronkelijk wilde coderen en zorg ervoor dat u in de‘VeraCrypt Volume Aanmaak Wizard’ de keuze ‘Aanmaak en formattering gecodeerd volume’ doet en dus niet ‘Op-De-Plaats Codering van de partitie (Windows Vista)’. Alle data op de partitie worden nu gewist. Na de aanmaak kunt u het volume koppelen.\n\n4) Kopieer nu alle backup-bestanden die u op het in stap 1 gekoppelde VeraCrypt Volume hebt veiliggesteld naar het Volume dat u in stap 3 heeft aangemaakt en gekoppeld.\n\nNadat u deze stappen hebt doorlopen zijn uw bestanden gecodeerd én heeft u er een back-up van. - VeraCrypt kan alleen maar een partitie, een dynamisch volume of een gehele systeem schijf Op-De-Plaats coderen.\n\nIndien u een VeraCrypt Volume wilt maken in het geselecteerde niet-systeem apparaat, kies dan ‘Aanmaak en formattering gecodeerd volume’ (i.p.v. ‘Op-De-Plaats Codering van de partitie (Windows Vista))’ - Fout: VeraCrypt kan alleen maar een partitie, een dynamisch volume of een gehele systeem schijf Op-De-Plaats coderen.Controleer a.u.b. of het opgegeven pad geldig is. - Fout: Kan het bestandssysteem niet krimpen (dit is noodzakelijk om plaats te maken voor de volume header en de backup header).\n\nMogelijke oorzaken en oplossingen:\n\n- Niet voldoende vrije ruimte op het volume. Zorg ervoor dat geen ander programma aan het schrijven is naar het bestandssysteem.\n\n- Corrupt bestandssysteem. Controleer en repareer indien nodig de fouten: Klik rechts op de overeenkomende stationsletter in ‘Mijn Computer’, klik op ‘Eigenschappen’ > Extra > ‘Volume op fouten controleren’, zorg dat de optie ‘Fouten in het bestandssysteem automatisch corrigeren’ is aangevinkt en druk op ‘Starten’.\n\nAls deze stappen niet helpen, volg dan a.u.b. de volgende stappen. - Fout: er is niet genoeg vrije ruimte op het volume waardoor het bestandssysteem niet ingekrompen kan worden (dit is noodzakelijk om ruimte te maken voor de volume header en de backup header).\n\nVerwijder a.u.b. alle overbodige bestanden en maak de prullenbak leeg om zo minstens 256 KB ruimte vrij te maken en probeer het daarna opnieuw. Door een probleem in Windows kan de vrije ruimte, gemeld door Windows Explorer, incorrect kan zijn zolang de computer niet opnieuw is gestart. Als opnieuw starten van de computer niet helpt, kan het bestandssysteem mogelijk corrupt zijn. Controleer dit dan en repareer de fouten: Klik rechts op de stationsletter in ‘Mijn Computer’, klik op ‘Eigenschappen’ > Extra > ‘Volume op fouten controleren’, zorg dat de optie ‘Fouten in het bestandssysteem automatisch corrigeren’ is aangevinkt en druk op ‘Starten’.\n\nAls deze stappen niet helpen, volg dan a.u.b. de volgende stappen. - Vrije ruimte op schijf %s is %.2f bytes. - Vrije ruimte op schijf %s is %.2f KB - Vrije ruimte op schijf %s is %.2f MB - Vrije ruimte op schijf %s is %.2f GB - Vrije ruimte op schijf %s is %.2f TB - Vrije ruimte op schijf %s is %.2f PB - Kon geen beschikbare station letters verkrijgen. - Fout: VeraCrypt driver niet gevonden.\n\nKopieer a.u.b. de bestanden 'veracrypt.sys' en 'veracrypt-x64.sys' naar de map waar VeraCrypt (VeraCrypt.exe) is geïnstalleerd. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Error: Code initialisatie mislukt. - Fout: Een zwakke of potentieel-zwakke sleutel is ontdekt. De sleutel zal worden verwijderd. Probeert u het a.u.b. opnieuw. - Een kritische fout is opgetreden in VeraCrypt waardoor dit beëindigd moet worden. Als dit veroorzaakt is door een fout in VeraCrypt willen we deze graag herstellen. Om ons te helpen kunt u ons een automatisch aangemaakt foutrapport sturen met de volgende informatie:\n\n- Programma versie\n- Operating systeem versie\n- Type CPU\n- VeraCrypt component naam\n- Checksum van VeraCrypt executable\n- Symbolische naam van dialoog scherm\n- Fout categorie\n- Fout adres\n- VeraCrypt call stack\n\nAls u op 'Ja' drukt, zal de volgende URL (met daarin het hele foutrapport) worden geopend in uw standaard internet browser.\n\n%hs\n\nWilt u ons dit rapport zenden? - Een kritische fout is opgetreden in uw systeem waardoor VeraCrypt moet worden beëindigd.\n\nMerk op dat deze fout NIET is veroorzaakt door VeraCrypt. (De VeraCrypt ontwikkelaars kunnen deze fout dus NIET oplossen). Controleer uw computer op mogelijke problemen (bijv. systeem configuratie, netwerkverbinding, defecte hardware componenten). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt kritieke fout - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Codeer - &Decodeer - &Permanent Decoderen - Sluiten - Maak a.u.b. een logisch station aan voor deze extended partitie en probeer het dan nogmaals. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Partities op harde schijven, Solid State Drives, USB sticks en andere ondersteunde apparaten kunnen worden gecodeerd tot VeraCrypt Volumes.\n\nIndien een apparaat (incl. Solid State Drives en USB sticks) geen partities bevat kan het ook als geheel worden gecodeerd tot een VeraCrypt Volume.\n\nNoot: Een apparaat dat partities bevat kan als geheel worden gecodeerd (met gebruik van één sleutel) alléén indien op dit apparaat Windows is gehuisvest en er vanaf wordt opgestart. - Een VeraCrypt Volume kan worden aangemaakt binnen een harde schijf partitie, Solid-State Drive, USB stick en andere ondersteunde apparaten.\n\nWAARSCHUWING: Het apparaat/partitie zal in dit proces worden geformatteerd waardoor alle erop aanwezige bestanden verloren zullen gaan. - \nSelecteer de locatie waar het Buiten Volume moet worden aangemaakt (binnen dit Buiten Volume zal later het Verborgen Volume worden aangemaakt).\n\nPartities op harde schijven, Solid State Drives, USB sticks en andere ondersteunde apparaten kunnen worden gecodeerd tot een Buiten Volume. Apparaten die geen partities bevatten (incl. Solid State Drives en USB sticks) kunnen ook als geheel worden gecodeerd tot een Buiten Volume.\n\nWAARSCHUWING: Het gehele apparaat of partitie wordt tijdens het coderen geformatteerd en alle data die er op staan gaan verloren! - Selecteer de locatie van het VeraCrypt volume waarin u een Verborgen Volume wilt aanmaken. - WAARSCHUWING: Het huisvestende bestand/apparaat is in gebruik!\n\nDit negeren kan ongewenste gevolgen hebben zoals systeem instabiliteit. Alle programma’s die het huisvestende bestand/apparaat gebruiken (bijv. antivirus/backup) stoppen alvorens het volume te koppelen.\n\nDoorgaan met koppelen? - Fout: Kan het volume niet koppelen. Het huisvestende bestand/apparaat is reeds in gebruik. Een poging te koppelen met exclusieve toegang is ook mislukt. - Het bestand kon niet worden geopend. - Volume Locatie - Grote Bestanden - Wilt u bestanden groter dan 4 GB opslaan in dit VeraCrypt Volume? - Gebaseerd op uw keuze hierboven zal VeraCrypt een passend bestandssyteem kiezen voor het aan te maken VeraCrypt volume (u kunt deze keuze in de volgende stap desgewenst aanpassen). - Gelieve, omdat u een buiten volume aanmaakt, a.u.b. ‘Nee’ in overweging te nemen. Als u ‘Ja’ kiest, zal het standaard systeem NTFS zijn, hetgeen minder geschikt is voor buitenvolumes dan FAT (de max. grootte van verborgen volumes is bijv. veel kleiner bij NTFS dan bij FAT). Normaal gesproken is de standaard FAT voor zowel verborgen als normale volumes (dus wekt FAT ook geen argwaan). Echter, indien u aangeeft bestanden groter dan 4 GB op te willen slaan, dan is FAT niet de standaard. - Bent u zeker van uw keuze 'Ja'? - Volume Aanmaak Modus - Dit is de snelste manier om van deze partitie/apparaat een VeraCrypt Volume te maken. (De andere optie, codering, is langzamer omdat alle bestanden erop dan gecodeerd moeten worden.) Deze snelle manier zal alle bestanden op het apparaat/partitie wissen en overschrijven met random data. De bestanden zullen dus NIET worden gecodeerd. Indien u de bestanden wenst te behouden en coderen, kies dan de andere optie. - De geselecteerde partitie en alle bestanden erop worden gecodeerd. Uw bestanden blijven dan toegankelijk via VeraCrypt. Indien deze partitie leeg is, kies dan de ander optie (de volume aanmaak zal dan veel sneller geschieden). - Noot: - &Hervat - &Pauzeer - &Start - &Vervolg - &Formatteer - &Wis - Stop formatteren? - Laat meer informatie zien - Laat dit niet meer zien - De inhoud van de partitie/apparaat is met succes gewist. - De inhoud van de partitie waar het oorspronkelijke system aanwezig was is met succes gewist. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - De systeem partitie/schijf is met succes gedecodeerd. - \n\nHet VeraCrypt Volume is succesvol aangemaakt en is klaar voor gebruik. Als u nog een VeraCrypt Volume wilt aanmaken, klik dan op Volgende. Anders op Sluiten klikken. - \n\nHet Verborgen VeraCrypt Volume is aangemaakt (het verborgen operating system zal zich in dit Verborgen Volume bevinden).\n\nKlik op Volgende om door te gaan. - Volume Geheel Gecodeerd - Volume Fully Decrypted - BELANGRIJK: OM TOEGANG TOT DIT NIEUW AANGEMAAKT VERACRYPT VOLUME TE KRIJGEN MOET HET EERST GEKOPPELD WORDEN, KLIK OP ‘Auto-Koppel Apparaten’ IN HET VERACRYPT HOOFDSCHERM. Na ingave van het wachtwoord (en/of indien de juiste sleutelbestanden op aanwezigheid zijn gecontroleerd) zal het Volume worden gekoppeld aan de stationsletter die u heeft geselecteerd in het hoofdscherm. Via deze stationsletter heeft u toegang tot de data op uw VeraCrypt Volume.\n\nONTHOUDT DEZE STAPPEN GOED WANT U MOET ZE IEDERE KEER WEER UITVOEREN OM BIJ DE DATA TE KUNNEN KOMEN DIE OP HET VOLUME GECODEERD ZIJN OPGESLAGEN. Als alternatief kunt u in het hoofdscherm klikken op ‘Selecteer Apparaat’, selecteer dan deze partitie/apparaat, klik een lege stationsletter aan in het hoofdscherm en klik op ‘Koppel’.\n\nDe partitie/apparaat is met succes gecodeerd, het bevat nu een volledig gecodeerd VeraCrypt Volume en is klaar voor gebruik. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - Het VeraCrypt Volume is met succes aangemaakt. - Volume Aangemaakt - BELANGRIJK: Beweeg de muis zo willekeurig als mogelijk binnen dit scherm. Hoe langer, hoe beter. Dit verbetert significant de cryptografische sterkte van de codeersleutels. Klik daarna op Formatteer om het volume aan te maken. - Klik op Formatteer om het Buiten Volume aan te maken. Voor meer informatie, raadpleeg de documentatie. - Buiten Volume Formatteren - Verborgen Volume Formatteren - Volume Formatteren - Adobe Reader (of een vergelijkbaar programma) is benodigd om de VeraCrypt Gebruikershandleiding te bekijken of te printen. Het gratis programma Adobe Reader kan worden gedownload op: www.adobe.com\n\nWilt u in de plaats hiervan de Online Documentatie raadplegen? - Als u deze optie kiest, zal de wizard u eerst helpen een normaal VeraCrypt volume aan te maken en daarna een Verborgen VeraCrypt Volume daar binnen. Onervaren gebruikers wordt sterk aangeraden altijd deze optie te kiezen. - Als u deze optie kiest, gaat u een Verborgen Volume aanmaken binnen een bestaand VeraCrypt volume. Er wordt aangenomen dat u reeds een VeraCrypt volume heeft aangemaakt dat geschikt is om het Verborgen Volume te huisvesten. - Volume Aanmaak Modus - Verborgen Volume Gemaakt - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - U heeft het verborgen operating system gestart. Zoals u misschien heeft opgemerkt, lijkt het verborgen operating systeem geïnstalleerd te zijn op dezelfde partitie als het originele operating systeem. In werkelijkheid echter, is het aanwezig op de partitie erachter (in het Verborgen Volume). Alle lees- en schrijf operaties worden transparant doorgesluisd van het originele operating systeem naar het operating systeem in het Verborgen Volume.\n\nZowel het operating systeem als de applicaties ‘weten’ niet dat de data gelezen van en geschreven naar de systeem partitie in werkelijkheid worden gelezen van/geschreven naar de partitie erachter (van/naar het Verborgen Volume daar). Alle data worden on-the-fly gecodeerd met een codeersleutel die verschilt van de key die wordt gebruikt voor het lokaas operating systeem.\n\nKlik a.u.b. op ‘Volgende’ om door te gaan. - Het buiten volume is aangemaakt en gekoppeld als schijf %hc:. Kopieer nu enige belangrijk-uitziende bestanden naar dit buiten volume die u NIET wilt verbergen. Ze zullen daar staan t.b.v. eenieder die u zal dwingen het wachtwoord te onthullen van de eerste partitie achter de systeem partitie, waar naast het buiten volume ook het verborgen volume aanwezig is. U kunt dan het wachtwoord van het buiten volume onthullen waardoor het verborgen volume met daarin het verborgen operating systeem onontdekt zal blijven.\n\nBELANGRIJK: De bestanden die u gaat kopieren naar het buitenvolume mogen niet meer ruimte in beslag nemen dan %s. Anders is er mogelijk te weinig ruimte voor het verborgen volume waarna u niet verder kunt. Klik na het kopiëren op Volgende. - Het Buiten Volume is aangemaakt en gekoppeld als station %hc:. Naar dit volume moet u nu wat gevoelig uitziende bestanden kopiëren die u NIET wilt verbergen. Deze bestanden zijn voor degene die u onverhoopt dwingt uw wachtwoord prijs te geven. U kunt dan alleen het wachtwoord prijsgeven van het Buiten Volume. De bestanden die belangrijk zijn staan dan in het Verborgen Volume (dat nog moet worden aangemaakt). Druk op Volgende als u klaar bent met kopiëren. Ontkoppel het Buiten Volume niet.\n\nNoot: Nadat u op Volgende hebt gedrukt, zal de cluster bitmap van het Buiten Volume worden gescand om de grootte van de aaneengesloten vrije ruimte te bepalen die samenvalt met het einde van het Buiten Volume. Deze vrije ruimte zal het Verborgen Volume gaan huisvesten en dus meteen de maximum omvang ervan beperken. Dit scannen verzekert ervan dat geen data van het Buiten Volume zullen worden overschreven door het Verborgen Volume. - Buiten Volume Inhoud - \n\nIn de volgende stappen zullen alle eigenschappen worden vastgesteld van het Buiten Volume (waarin later het Verborgen Volume zal worden aangemaakt). - \n\nIn de volgende stappen wordt nu het Buiten Volume aangemaakt in de eerste partitie achter de systeempartitie. - Buiten Volume - Hierna worden de opties en het wachtwoord bepaald voor het Verborgen Volume dat het verborgen operating systeem zal bevatten.\n\nOpmerking: De cluster bitmap van het buiten volume is gescand om de grootte te bepalen van de ononderbroken vrije ruimte waarvan het einde samenvalt met het einde van het buitenvolume. Dit in grootte beperkte gebied zal het verborgen volume bevatten. Van deze maximum grootte is vastgesteld dat hij groter is dan de systeempartitie, hetgeen ook nodig is omdat de systeempartitie in het geheel naar het verborgen volume gekopieerd gaat worden). Aldus is vastgesteld dat data aanwezig in het buitenvolume niet overschreven zullen worden door data die naar het verborgen volume worden geschreven. - BELANGRIJK: Onthoud de in deze stap gekozen algoritmes!! U dient dezelfde algoritmes te selecteren bij aanmaak van het lokaas systeem. Anders zal het verborgen systeem niet toegankelijk zijn. (Het lokaas systeem moet worden gecodeerd met dezelfde algoritmes als het verborgen systeem.)\n\nNoot: De reden hiervoor is dat beide systemen dezelfde boot lader gebruiken. Een boot lader ondersteunt slechts één algoritmen. (Voor ieder algoritme is er een eigen versie van de bootlader.) - \n\nDe Volume Cluster Bitmap is gescand en de maximaal mogelijke grootte van het Verborgen Volume is vastgesteld. In de volgende stap kunt u de opties, de grootte en het wachtwoord voor het Verborgen Volume bepalen. - Verborgen Volume - Het Verborgen Volume is nu beveiligd tegen schade totdat het Buiten Volume is ontkoppeld.\n\nWAARSCHUWING: Als data wordt geprobeerd te schrijven naar het Verborgen Volume, zal VeraCrypt schrijf-bescherming instellen voor het gehele volume (zowel het buiten als het verborgen deel) todat het is ontkoppeld. Dit kan beschadiging van gegevens in het Buiten Volume tot gevolg hebben, wat (indien herhaald) de aannemelijke ontkenbaarheid van het Verborgen Volume kan aantasten. Gelieve daarom te voorkomen dat er nu geschreven wordt in het Verborgen Volume gedeelte. Alle gegevens weggeschreven naar het Verborgen Volume zullen verloren gaan. Windows kan dit rapporteren als een schrijffout ("Uitgestelde schrijfactie mislukt" of "Verkeerde parameter"). - Ieder van de Verborgen Volumes binnen de nieuw gekoppelde volumes is nu beschermd tegen schade tot het moment van ontkoppeling.\n\nWAARSCHUWING: Als data wordt geprobeerd te schrijven naar het Verborgen Volume van ieder van deze volumes, zal VeraCrypt schrijf-bescherming instellen voor het gehele volume (zowel het buiten als het verborgen deel) totdat het is ontkoppeld. Dit kan beschadiging van gegevens in het Buiten Volume tot gevolg hebben, wat (indien herhaald) de aannemelijke ontkenbaarheid van het Verborgen Volume kan aantasten. Gelieve daarom te voorkomen dat er nu geschreven wordt in het Verborgen Volume gedeelte. Alle gegevens weggeschreven naar het Verborgen Volume zullen verloren gaan. Windows kan dit rapporteren als een schrijffout ("Uitgestelde schrijfactie mislukt" of "Verkeerde parameter"). - WAARSCHUWING: Er is geprobeerd data te schrijven in het Verborgen Volume gedeelte van het volume dat is gekoppeld als %c:! Om het Verborgen Volume te beschermen voorkwam VeraCrypt dat deze data werden opgeslagen. Dit kan beschadiging van gegevens tot gevolg hebben in het Buiten Volume. Windows kan een schrijffout gerapporteerd hebben ("uitgestelde Schrijfactie mislukt" of "Verkeerde parameter"). Het gehele volume (zowel het Buiten als het Verborgen gedeelte) zullen nu tegen schrijven beschermd zijn tot het ontkoppelen. Als VeraCrypt al eerder voorkomen heeft dat data geschreven werden naar het Verborgen Volume gedeelte van dit volume, kan de aannemelijke ontkenbaarheid van dit Verborgen Volume aangetast zijn (als gevolg van mogelijke ongebruikelijke gerelateerde inconstitenties binnen het bestandssyteem van het Buiten Volume). Neem daarom in overweging een nieuw VeraCrypt volume aan te maken (met Snelformatteren uitgeschakeld) en de bestanden van dit volume naar het nieuwe volume te verplaatsen; dit volume moet beveiligd gewist worden (zowel het Buiten als het Verborgen gedeelte). We raden u sterk aan de computer nu opnieuw op te starten. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - Wanneer een verborgen operating system draait kunnen locale ongecodeerde bestandssystemen en niet-verborgen VeraCrypt volumes alleen als read-only worden gekoppeld (data schrijven onmogelijk).\n\nData kunnen dan slechts worden geschreven naar bestanden in een Verborgen VeraCrypt Volume (indien dit verborgen volume NIET is geplaatst in een container in een ongecodeerd bestandssysteem of een read-only bestandssysteem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Als u veilig bestanden wilt kopieren van het lokvogel system naar het verborgen systeem, volg dan deze stappen. 1) Start het lokvogel systeem. 2) Sla de bestanden op in een ongecodeerd volume of een normaal/buiten VeraCrypt Volume. 3) Start het verborgen systeem. 4) Als u de bestanden op een TryeCrypt Volume opsloeg, koppel dit (het wordt automatisch gekoppeld als read-only). 5) Kopieer de bestanden naar de verborgen systeem partitie of een ander verborgen volume. - Uw computer moet opnieuw gestart worden.\n\nWilt u nu herstarten? - Er trad een fout op tijdens een poging de systeem codeer status op te halen. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Applicatie componenten voor systeem codering kunnen niet geïnitialiseerd worden. - Het programma heeft de initialisatie van de random nummer generator niet kunnen voltooien! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Het programma heeft de initialisatie niet kunnen voltooien. Het registreren van de 'Dialog Class' is mislukt. - Fout: Laden van Rich Edit systeem library mislukt. - VeraCrypt Volume Aanmaak Wizard - De maximaal mogelijke grootte voor dit Verborgen Volume is %.2f bytes. - De maximaal mogelijke grootte voor dit Verborgen Volume is %.2f KB. - De maximaal mogelijke grootte voor dit Verborgen Volume is %.2f MB. - De Maximaal mogelijke grootte voor dit Verborgen Volume is %.2f GB. - De Maximaal mogelijke grootte voor dit Verborgen Volume is %.2f TB. - Volume wachtwoord/sleutelbestanden kunnen niet worden gewijzigd als het volume is gekoppeld. A.u.b. eerst het volume ontkoppelen. - Het Header Key Afleidingsalgoritme kan niet worden gewijzigd als het volume gekoppeld is. A.u.b. eerst het volume ontkoppelen. - Koppe&l - Een nieuwere versie van VeraCrypt is vereist om dit volume te kunnen koppelen. - Error: Volume Aanmaak Wizard niet gevonden.\n\nOvertuig u ervan dat het bestand 'VeraCrypt Format.exe' zich in de map bevindt waaruit ook 'VeraCrypt.exe' werd gestart. Als dit niet het geval is, herinstalleer dan VeraCrypt, of zoek 'VeraCrypt Format.exe' op uw schijf en start het. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - Vol&gende > - &Beëindig - I&nstalleer - U&itpakken - Kan geen verbinding maken met het VeraCrypt apparaat stuurprogramma. VeraCrypt kan niet werken als dit stuurprogramma niet gestart is.\n\nDoor de eigenschappen van Windows kan het nodig zijn uit te loggen of het systeem te herstarten voordat het apparaatstuurprogramma kan worden geladen. - Error ontstaan tijdens laden/voorbereiden lettertypes. - De stations letter is niet gevonden of er is geen stations letter opgegeven. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Geen stations letter beschikbaar. - Geen bestand geselecteerd! - Geen Stations letters beschikbaar. - Geen vrije stations letter gevonden voor het Buiten Volume! Aanmaak Volume kan niet doorgaan. - Het was niet mogelijk de versie van uw operating systeem te herkennen. Het kan mogelijk zijn dat u een niet-ondersteund operating systeem gebruikt. - Geen pad geselecteerd! - Niet genoeg ruimte om volume aan te maken! Aanmaken van Volume kan niet worden voortgezet. - Fout: De bestanden die u naar buiten volume kopieerde nemen te veel plaats in. Daarom is hier te weinig ruimte overgebleven voor het verborgen volume.\n\nHet verborgen volume dient even groot dient te zijn als de systeem partitie (de partitie waar het nu actieve operating systeem (OS) staat). De reden is dat het verborgen OS wordt aangemaakt door de inhoud van de system partitie naar het verborgen volume te kopieren).\n\n\nAanmaak van verborgen OS gestopt. - Het volume kan niet ontkoppeld worden. Sommige bestanden in het volume zijn waarschijnlijk nog geopend. - Het was niet mogelijk het volume te locken (exclusief te gebruiken). Er zijn nog bestanden in gebruik op het volume. Daarom kan het volume niet ontkoppeld worden. - VeraCrypt kan volume niet sluiten omdat het in gebruik is door het systeem of programma’s (er kunnen geopende bestanden op het volume aanwezig zijn).\n\nWilt u ontkoppeling van het volume forceren? - Selecteer een VeraCrypt Volume - Geef een Pad en Bestandsnaam op - Selecteer PKCS #11 Library - Te weinig geheugen - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - WAARSCHUWING: Het bestand '%s' bestaat reeds!\n\nBELANGRIJK: VERACRYPT ZAL DIT BESTAND NIET CODEREN MAAR VERWIJDEREN. Bent u er zeker van dat u het bestand wilt verwijderen en vervangen door een nieuwe VeraCrypt bestandscontainer? - VOORZICHTIG: ALLE BESTANDEN DIE MOMENTEEL AANWEZIG ZIJN OP DE GESELECTEERDE %s '%s'%s ZULLEN WORDEN GEWIST EN ZIJN VERLOREN (ZIJ ZULLEN NIET GECODEERD WORDEN)!\n\nBent u er zeker van dat u door wilt gaan met formatteren? - LET OP: U kunt het volume niet koppelen en hebt dus geen toegang tot de bestanden totdat het coderen klaar is.\n\nWilt u starten met coderen van het geslecteerde %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - LET OP: Indien de spanning onderbroken wordt, of het operating systeem loopt onverhoopt vast door een soft/hardware fout tijdens de Op-De-Plaats Codering, dan kan hierdoor data verminkt raken of verloren gaan! Wij raden u daarom aan alvorens het coderen te starten, een deugdelijke back-up van de te coderen data te maken.\n\nHeeft u een back-up gemaakt? - VOORZICHTIG: ALLE BESTANDEN OP DE PARTITIE '%s'%s (DE EERSTE PARTITIE ACHTER DE SYSTEEM PARTITIE) WORDEN GEWIST (ZE WORDEN NIET GECODEERD)!\n\nBent u er zeker van dat u wilt formatteren? - WAARSCHUWING! DE GESELECTEERDE PARTITIE BEVAT VEEL DATA! Alle bestanden op deze partitie zullen worden gewist (ze worden NIET gecodeerd)! - Wis alle bestanden op de partitie door er een VeraCrypt Volume aan te maken - Wachtwoord - PIM - Creëer Header Key Afwijkingsalgoritme - Toevoegen/Verwijderen Sleutelbestanden aan/van Volume - Verwijder Alle Sleutelbestanden van Volume - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - BELANGRIJK: Als u uw VeraCrypt Reddingsschijf nog heeft, kan uw systeempartitie/schijf nog gedecodeerd worden met het oude wachtwoord (door op te starten met deze Reddingsschijf en het oude wachtwoord in te geven.) U dient een nieuwe Reddingsschijf aan te maken en dan de oude te vernietigen.\n\nWilt u een nieuwe Reddingsschijf maken? - Merk op dat uw VeraCrypt Reddingsschijf nog steeds het vorige algoritme gebruikt. Als u het vorige algoritme als onveilig beschouwt, maak dan een nieuwe VeraCrypt Reddingsschijf aan en vernietig daarna de oude.\n\nWilt u een nieuwe VeraCrypt Reddingsschijf aanmaken? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Sleutelbestand(en) met succes toegevoegd/verwijderd. - Sleutelbestand geëxporteerd. - Header Key Afleidingsalgoritme met succes gecreëerd. - Geef a.u.b. wachtwoord en/of sleutelbestand(en) voor het niet-systeem volume waarvan u de Op-De-Plaats coderings wilt hervatten.\n\nNadat u op Volgende heeft gedrukt, zal VeraCrypt proberen alle niet-systeemvolumes te vinden waarvan de codering is onderbroken en waarop het verstrekte wachtwoord en/of de sleutelbestand(en) van toepassing zijn. Indien meer dan één zo’n volume wordt gevonden, dient u het juiste in de volgende stap te selecteren. - Selecteer a.u.b. een van de getoonde volumes. De lijst bevat ieder toegankelijk niet-syteem volume waarvan de codering is onderbroken en waarop het verstrekte wachtwoord en/of sleutelbestand(en) van toepassing zijn. - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - Het is erg belangrijk dat u een goed wachtwoord kiest. U dient een wachtwoord te vermijden dat bestaat uit een of meerdere woorden die kunnen worden teruggevonden in een woordenboek. Ook moeten eigennamen en geboortedata vermeden worden, evenmin mag het makkelijk te raden zijn. We raden u dringend een willekeurige combinatie van hoofd- en kleine letters, nummers en speciale karakters (zoals @ ^ = $ * +) aan. Het is heel belangrijk dat het meer dan 20 karakters telt (hoe langer hoe beter). The maximaal mogelijke lengte is 64 karakters. - Kies een wachtwoord voor het Verborgen Volume. - Kies een wachtwoord voor het verborgen operating systeem (d.w.z. verborgen volume). - BELANGRIJK: Het wachtwoord dat u in deze stap koos voor het verborgen operating systeem dient flink verschillend te zijn van de andere twee wachtwoorden (de wachtwoorden voor het buitenvolume en voor het lokvogel operating systeem). - Kies hier een wachtwoord voor het Buitenvolume waarin u een Verborgen Volume wilt aanmaken.\n\nNadat u op Volgende hebt gedrukt, zal VeraCrypt proberen het Volume te koppelen. Zodra dit is gebeurd zal de cluster bitmap van het volume worden gescand om de grootte van het aaneengesloten stuk vrije ruimte te bepalen (indien aanwezig) waarvan het einde samenvalt met het Buiten Volume. Deze ruimte zal het Verborgen Volume huisvesten en daarmee meteen de maximale grootte ervan beperken. De Cluster map scan is nodig om ervan te verzekeren dat geen data op het Buiten Volume zullen worden overschreven door het Verborgen Volume. - \nKiest u a.u.b. een wachtwoord voor het Buiten Volume. Dit wachtwoord kunt u onthullen aan een evt. vijand indien deze u geen andere keuze laat.\n\nBELANGRIJK: Dit wachtwoord dient verschillend te zijn van het wachtwoord dat u later zult gaan kiezen voor het Verborgen Binnen Volume.\n\nNoot: De maximaal mogelijke lengte voor een wachtwoord is 64 karakters. - Kies a.u.b. een wachtwoord voor het buiten volume. Dit wachtwoord zult u kunnen onthullen aan eenieder die u dwingt de toegang kenbaar te maken tot de eerste partitie achter de systeem partitie, waar zowel een buitenvolume en een verborgen volume (met het verborgen operating systeem (OS)) in aanwezig zijn. Het verborgen volume en dus het verborgen OS zullen dan geheim blijven. Merk op dat dit wachtwoord niet dient voor het lokvogel OS.\n\nBELANGRIJK: Het wachtwoord dient flink te verschillen van hetgeen u kiest voor het verborgen volume (d.w.z. het verborgen OS). - Buiten Volume Wachtwoord - Verborgen Volume Wachtwoord - Wachtwoord voor Verborgen Operating Systeem - Waarschuwing: Korte wachtwoorden zijn makkelijk te kraken m.b.v. brute kracht technieken!\n\nWij raden een wachtwoord aan dat uit meer dan 20 tekens bestaat. Bent u er zeker van dat u een kort wachtwoord wilt? - Volume Wachtwoord - Verkeerd wachtwoord of het is geen VeraCrypt volume. - Verkeerde sleutel(s) en/of wachtwoord of het is geen VeraCrypt volume. - Verkeerde koppel modus, verkeerd wachtwoord, of dit is geen VeraCrypt volume. - Verkeerde koppel modus, verkeerd(e) sleutelbestand(en) en/of wachtwoord, of dit is geen VeraCrypt volume. - Verkeerd wachtwoord of geen VeraCrypt volume gevonden. - Incorrect Sleutelbestand(en)/wachtwoord of geen VeraCrypt volume gevonden. - \n\nWaarschuwing: Caps Lock staat aan. Dit kan er de oorzaak van zijn dat u het wachtwoord verkeerd ingeeft. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - Indien u de bescherming instelt voor een verborgen volume met daarin een verborgen system, gebruik dan de standaard US toetsenbord layout bij het typen van het wachtwoord voor het verborgen volume. Dit is noodzakelijk omdat het wachtwoord in de pre boot omgeving (voordat Windows start) moet worden ingegeven waar niet-US toetsenbord layouts NIET beschikbaar zijn. - VeraCrypt vond geen volume waarop niet-systeem codering werd onderbroken en waarop het verstrekte wachtwoord en/of sleutelbestanden(en) van toepassing zijn.\n\nControleer of het ingegeven wachtwoord en/of sleutelbestand(en) juist zijn en of de partitie/volume niet gebruikt wordt door het systeem of programma’s (bijv. een antivirus programma). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNoot: Als u probeert een partitie te koppelen die is gelegen op een systeem schijf zonder pre-boot authenticatie of probeert de gecodeerde system partitie te koppelen van een operating systeem dat niet draait, dan doet u dit door te selecteren 'Systeem' > 'Koppel Zonder Pre-Boot Authenticatie'. - In deze modus kunt u geen partitie koppelen die aanwezig is op een schijf die momenteel actief gecodeerd wordt.\n\nVoordat u deze partitie kunt koppelen in deze modus, dient u op te starten met een operating systeem vanaf een andere schijf (gecodeerd of ongecodeerd) òf op te starten met een ongecodeerd operating systeem. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Terug - Niet in staat om een lijst te maken van de ongebruikte stukken harddisk (raw devices) op uw systeem! - Het volume '%s' bestaat, en is geregistreerd voor alleen-lezen. Bent u er zeker van dat u het wilt vervangen? - Selecteer bestemmingsdirectory - Selecteer Sleutelbestand - Selecteer een sleutelbestand zoekpad. WAARSCHUWING: Alleen het pad wordt onthouden, niet de bestandsnamen! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Ontworpen door Ross Anderson, Eli Biham, en Lars Knudsen. Gepubliceerd in 1998. 256-bit sleutel, 128-bit blok. Operatiemodus is XTS. Serpent was een van de AES finalisten. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Buiten Volume Grootte - Verborgen Volume Grootte - Controleer a.u.b. of de grootte van het door u opgegeven apparaat/partitie die hierboven staat correct is en klik dan op Volgende. - Het buiten én verborgen volume (met het verborgen operating system) zullen te vinden zijn in bovenvermelde partitie. Dit zou de eerste partitie moeten zijn ná de systeem partitie.\n\nControleer of de grootte van de partitie en het nummer ervan correct zijn en als dit zo is, klik op Volgende. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Volume Grootte - Dynamisch - VOORZICHTIG: ZELF-TEST MISLUKT! - Zelf-test van alle algoritmes succesvol - Het data eenheid nummer dat u heeft opgegeven is te lang of te kort. - De secundaire sleutel die u heeft opgegeven is te lang of te kort. - De test codetekst die u hebt opgegeven is te lang of te kort. - De test sleutel die u hebt opgegeven is te lang of te kort. - De test plattetekst die u hebt opgegeven is te lang of te kort. - Twee codes in cascade die opereren in XTS modus. Ieder blok wordt eerst gecodeerd met %s (%d-bit sleutel) en daarna met %s (%d-bit sleutel). Iedere code gebruikt zijn eigen sleutel. Alle sleutels zijn wederzijds onafhankelijk. - Drie codes in cascade die opereren in XTS modus. Ieder blok wordt eerst gecodeerd met %s (%d-bit sleutel), daarna met %s (%d-bit sleutel), en uiteindelijk met %s (%d-bit sleutel). Iedere code gebruikt zijn eigen sleutel. Alle sleutels zijn wederzijds onafhankelijk. - Afhankelijk van de operating system instellingen, kunnen auto-run en auto-koppel mogelijk alleen werken als de traveler disk bestanden zijn aangemaakt op een niet beschrijfbaar CD/DVD-ahtig medium. Dit is geen fout in VeraCrypt maar een beperking in Windows. - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt Traveler Disk - Ontworpen door Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, en Niels Ferguson. Gepubliceerd in 1998. 256-bit sleutel, 128-bit blok. Operatiemodus is XTS. Twofish was een van de AES finalisten. - Meer informatie over %s - Onbekend - An unspecified or unknown error occurred (%d). - Sommige volumes bevatten bestanden of mappen die in gebruik zijn door het systeem of programma's.\n\nOntkoppeling forceren? - &Ontkoppel - Ontkoppeling mislukt! - Het volume bevat bestanden of mappen die in gebruik zijn door het systeem of programma's.\n\nForceer ontkoppeling? - No volume is mounted to the specified drive letter. - Het volume dat u probeert te koppelen is reeds gekoppeld. - Een fout is opgetreden bij de poging het volume te koppelen. - Fout bij het zoeken van een locatie binnen het volume. - Fout: Verkeerde grootte van het volume. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Een dynamische container is een pre-gealloceerde NTFS sparse file waarvan de fysieke grootte (feitelijke gebruikte diskruimte) groeit naarmate data worden toegevoegd.\n\nWAARSCHUWING:De performance van volumes, ondergebracht in sparse-files is beduidend slechter dan van normale volumes. Daarnaast zijn ze ook minder veilig omdat na te gaan is welke sectoren van het volume ongebruikt zijn. Daarnaast kunnen ze geen aannemelijke ontkenbaarheid verschaffen. Ook kan het gecodeerde bestandssysteem corrupt raken wanneer er data geschreven worden naar een sparse-file container en er geen ruimte beschikbaar is in het huisvestende bestandssysteem.\n\nWeet u zeker dat u een volume wilt aanmaken dat ondergebracht is in een sparse-file? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt kan het wachtwoord van een vreemd volume niet veranderen. - Selecteer a.u.b. een vrije stationsletter uit de lijst. - Selecteer a.u.b. een gekoppeld volume uit de lijst met stationsletters. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Fout: kan autorun.inf niet maken - Fout bij het verwerken van het sleutelbestand! - Fout bij het verwerken van het pad van sleutelbestanden! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt ondersteund dit besturingssysteem niet. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Fout: Kan geheugen niet toewijzen. - Fout: Kon de waarde van de performance-teller niet achterhalen. - Fout: Slecht volume format. - Fout: u gaf een wachtwoord voor een verborgen i.p.v. een normaal volume. - Om veiligheidsredenen kan een verborgen volume niet gemaakt worden in een VeraCrypt volume met daarin een bestandssyteem dat Op-De-Plaats is gecodeerd (de vrije ruimte ervan is nml. niet willekeurig overschreven). - VeraCrypt - Juridische Informatie - Alle Bestanden - VeraCrypt Volumes - Library Modules - NTFS formatteren kan niet worden voorgezet. - Kan volume niet koppelen. - Kan volume niet ontkoppelen. - Windows kon het volume niet als NTFS formatteren.\n\nSelecteer a.u.b. een ander type bestandssysteem (indien mogelijk) en probeer het opnieuw. Als een alternatief kunt u het volume ongeformatteerd laten (seleceer 'geen' als het bestandssysteem), beëindig de wizard, koppel het volume en formatteer het volume dan via het systeem of met een formatteer programma van een derde (het volume blijft gecodeerd). - Windows kon het volume niet als NTFS formatteren.\n\nWilt u het in plaats hiervan als FAT formatteren? - Standaard - partitie - PARTITIE - Apparaat - apparaat - APPARAAT - Volume - volume - VOLUME - Label - De geselecteerde clustergrootte is te klein gezien de grootte van dit volume. Een grotere cluster-grootte zal worden gebruikt. - Fout: Kan de volumegrootte niet lezen!\n\nOvertuig u ervan dat het geselecteerde volume niet wordt gebruikt door het systeem of een programma. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - De VeraCrypt Volume Aanmaak Wizard kan een Verborgen Volume alleen aanmaken binnen een FAT of NTFS volume. - Onder Windows 2000 kan de VeraCrypt Volume Aanmaak Wizard alleen maar een Verborgen Volume aanmaken binnen een FAT volume. - Noot: Het FAT bestandssysteem is meer geschikt voor buitenvolumes dan het NTFS bestandssysteem. (De maximum grootte van het verborgen volume zal bijv. veel groter zijn als het buitenvolume geformatteerd is onder FAT). - Merk op dat het FAT bestandssysteem geschikter is voor buitenvolumes dan het NTFS systeem. De maximum grootte van het verborgen volume zal waarschijnlijk veel groter zijn als het buitenvolume geformatteerd is onder FAT. De reden hiervoor is dat het NTFS systeem zijn meta-data altijd opslaat in het midden van het volume en dat daarom het verborgen volume alleen hierachter kan worden aan gemaakt.\n\nBent u er zeker van dat u het buitenvolume wilt formatteren als NTFS? - Wilt u het volume formatteren als FAT? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Fout: De partitie voor het verborgen operating system (OS) (dit is de eerste partitie achter de systeempartitie) moet minstens 5% groter zijn dan de systeempartitie (dit is de partitie waarop het nu actieve OS staat). - Fout: De partitie voor het verborgen operating system (dit is de eerste partitie achter de system partitie) moet minstens 110% (2.1 maal) groter zijn dan de systeem partitie (dit is de partitie waarop het operating systeem staat dat nu draait). De reden is dat het NTFS bestandssysteem haar meta-data altijd precies in het midden van het volume opslaat en dat daardoor het verborgen volume, dat een kloon is van de systeempartitie, alleen maar een plekje kan vinden in de tweede helft van de partitie). - Fout: als het buiten volume is geformatteerd als NTFS, moet het minstens 110% (2.1 maal) groter zijn dan de systeem partitie. De reden is dat het NTFS systeem haar meta- data precies in het midden van het volume opslaat en dat daardoor het verborgen volume (waarin een kloon van de systeem partitie moet passen) slechts op de tweede helft van het buitenvolume kan staan.\n\nNoot: Het buitenvolume dient op dezelfde partitie te staan als het verborgen operating systeem (de eerste partitie na de systeem partitie). - Fout: Er bevindt zich geen partitie na de systeem partitie.\n\nMerk op dat u, voor de aanmaak van het verborgen operating systeem, eerst een partitie op de systeemschijf dient aan te maken. Deze partitie moet de éérste partitie zijn na de systeem partitie en moet minstens 5% groter zijn dan de systeem partitie (dit is de partitie waar het operating systeem staat dat nu draait). Echter, als het buitenvolume (niet te verwarren met de systeem partitie) als NTFS wordt geformatteerd, moet de partitie voor het verborgen operating systeem minstens (let op!) 110% (2.1 maal) groter zijn dan de systeem partitie (de reden hiervoor is dat het NTFS bestands systeem haar meta-data altijd opslaat precies in het midden van het volume, hierdoor kan het verborgen volume, waarin een kloon van de systeem partitie moet passen, slechts op de tweede helft van de partitie staan). - Opmerking: Het is niet praktisch (dus niet ondersteund) operating systemen te installeren in twee TryeCrypt Volumes binnen één partitie, omdat het gebruik van het buitenste systeem vaak data schrijven tot gevolg heeft in het gebied van het verborgen operating systeem. Als zulke schrijfacties worden gestopt door het gebruik van verborgen volume bescherming, zou dit zeker een crash tot gevolg hebben (een Blauw Scherm). - Voor informatie over het maken en beheren van een partitie kunt u zich wenden tot de documentatie bij uw operating systeem of neem contact op met de technische helpdesk van uw computerverkoper. - Fout: Het nu actieve operating systeem staat niet op de boot partitie (eerste Actieve partitie). Dit wordt niet ondersteund. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Fout: Toegang tot volume niet mogelijk!\n\nControleer of het geselecteerde volume bestaat, dat het niet is gekoppeld of wordt gebruikt door het systeem of een ander programma, dat er lees en schrijfbevoegdheid aanwezig is voor het volume, en dat het niet beschermd is tegen schrijven. - Error: Cannot obtain volume properties. - Fout: Het is onmogelijk toegang tot het volume te krijgen of er informatie over te verkrijgen.\n\nOvertuig u ervan dat dit volume bestaat, dat het niet wordt gebruikt door het systeem of programma’s, dat u lees/schrijf toegang ertoe hebt en dat het niet schrijf beveiligd is. - Fout: Het is onmogelijk toegang tot het volume te krijgen of er informatie over te verkrijgen.\n\nOvertuig u ervan dat dit volume bestaat, dat het niet wordt gebruikt door het systeem of programma’s, dat u lees/schrijf toegang ertoe hebt en dat het niet schrijf beveiligd is.\n\nIndien dit probleem blijft bestaan, volg evt. de volgende stappen. - Een fout verhinderde VeraCrypt de partitie te coderen. Los evt. eerder gerapporteerde fouten op en probeer het dan opnieuw. Als het probleem blijft bestaan probeer dan de volgende stappen. - Een fout verhinderde VeraCrypt het codering proces van de partitie te hervatten.\n\nLos evt. eerder gerapporteerde fouten op en probeer het proces dan te hervatten. Noot: het volume kan niet gekoppeld worden tenzij het volledig gecodeerd is. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Fout: Het Buiten Volume kan niet ontkoppeld worden!\n\nEen volume kan niet ontkoppeld worden als het bestanden of mappen bevat die worden gebruikt door een programma of het systeem.\n\nSluit u alstublieft ieder programma dat bestanden of mappen zou kunnen gebruiken op het volume en klik op Opnieuw. - Fout: Kan geen informatie verkrijgen over het Buiten Volume! Volume aanmaak kan niet doorgaan. - Fout: Het Buiten Volume kan niet bereikt worden! Volume aanmaak kan geen doorgang vinden. - Fout: Het Buiten Volume kan niet gekoppeld worden! Volume aanmaak kan geen doorgang vinden. - Fout: De Volume Cluster Bitmap kan niet gelezen worden! Volume aanmaak kan geen doorgang vinden. - Alfabetisch/Gecategoriseerd - Gemiddelde snelheid (Aflopend) - Algoritme - Codering - Decodering - Gemiddeld - Station - Grootte - Codering Algoritme - Codering Algoritme - Type - Waarde - Eigenschap - Locatie - bytes - Verborgen - Buitenste - Normaal - Systeem - Verborgen (systeem) - Alleen-Lezen - Systeem schijf - Systeem schijf (coderen - %.2f%% gereed) - Systeem schijf (decoderen - %.2f%% gereed) - Systeem schijf (%.2f%% gecodeerd) - Systeem partitie - Verborgen systeem partitie - Systeem partitie (coderen - %.2f%% gereed) - Systeem partitie (decoderen - %.2f%% gereed) - Systeem partitie (%.2f%% gedecodeerd) - Ja (Schade Voorkomen!) - Geen - Primaire Key Grootte - Secondaire Key Grootte (XTS Mode) - Tweak Key Grootte (LRW Mode) - bits - Blok Grootte - PKCS-5 PRF - PKCS-5 Iteratie Teller - Volume Aangemaakt - Header Laatst Aangepast - (%I64d dagen geleden) - Volume Format Versie - Embedded Back-up Header - VeraCrypt Boot Loader Version - eerst beschikbare - Verwisselbare Schijf - Harde schijf - Onveranderd - Autodetection - Wizard Modus - Selecteer een van de modi. Als u niet zeker bent welke te kiezen, neem de standaard modus. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Setup Opties - Hier kunt u verschillende opties instellen om het installatieproces te controleren. - Installeren - Wacht u a.u.b. terwijl VeraCrypt wordt geïnstalleerd. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Uitpak Opties - Hier kunt u opties kiezen om het uitpakproces te controleren. - Wacht a.u.b. terwijl de bestanden worden uitgepakt. - Files successfully extracted - Alle bestanden zijn met succes uitgepakt naar de bestemmingslocatie. - Als de opgegeven map niet bestaat, wordt deze automatisch aangemaakt. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Wilt u release notes zien voor de huidige (laatste stabiele) versie van VeraCrypt? - Als u nog nooit eerder VeraCrypt heeft gebruikt, raden we u aan het hoofdstuk Beginner's Tutorial in de VeraCrypt Gebruikershandleiding te lezen. Wilt u deze tutorial zien? - Wilt u a.u.b. een van de volgende te verrichten acties selecteren: - Repareer/Herinstalleer - Upgrade - Deïnstalleer - Om VeraCrypt met succes te kunnen de/installeren dient u administrator rechten te hebben. Wilt u doorgaan? - De VeraCrypt Installer verzorgt op dit systeem op dit moment een installatie of update van VeraCrypt. Alvorens verder te gaan, wacht totdat deze is beëindigd of afgesloten. Indien afsluiten niet lukt, herstart dan de computer alvorens verder te gaan. - Installatie mislukt. - Deïnstallatie mislukt. - Dit installatiebestand is beschadigd. Wilt u het a.u.b. opnieuw downloaden (bij voorkeur van de officiële VeraCrypt website op https://veracrypt.codeplex.com). - Kan niet schrijven bestand %s - Uitpakken - Kan geen data lezen in het installatiebestand. - Kan de integriteit van het installatiebestand niet vaststellen. - Uitpakken mislukt. - De installatie heeft een roll-back ondergaan. - VeraCrypt is met succes geïnstalleerd. - Update van VeraCrypt was succesvol. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt is met succes gedeinstalleerd.\n\nKlik 'Sluiten' om de VeraCrypt installer en de map te verwijderen %s. Merk op dat de map niet wordt verwijderd indien er zich bestanden in bevinden die niet door de VeraCrypt installer zijn aangebracht, of die niet zijn aangemaakt door VeraCrypt. - Verwijderen VeraCrypt register gegevens - Toevoegen register gegeven - Verwijderen applicatie-specifieke data - Installeren - Aan het stoppen - Aan het verwijderen - Icoon aan het toevoegen - Systeem herstel punt aan het maken - Maken van systeem herstelpunt niet gelukt! - Updaten boot lader - Installeren mislukt van '%s'. %s Wilt u doorgaan met installeren? - Deïnstalleren mislukt van '%s'. %s Wilt u doorgaan met deïnstalleren? - Installatie voltooid. - De directory '%s' kon niet gemaakt worden - Het VeraCrypt apparaat stuurprogramma kan niet worden beëindigd.\n\nSluit alstublieft alle geopende VeraCrypt schermen eerst. Als dit niet helpt, herstart dan Windows en probeer het opnieuw. - Alle VeraCrypt volumes moeten worden ontkoppeld voordat u VeraCrypt kunt installeren of deinstalleren. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - Het toevoegen van gegevens aan het register is mislukt. - Het installeren van het apparaatstuurprogramma is mislukt. Herstart Windows alstublieft en probeer daarna VeraCrypt opnieuw te installeren. - Starten VeraCrypt apparaat stuurprogramma - Deïnstallatie van het apparaat stuurprogramma is mislukt. Merk op dat, door de eigenschappen van Windows, het nodig kan zijn uit te loggen of de computer opnieuw op te starten voordat het apparaat stuurprogramma kan worden gedeïnstalleerd of herinstalleerd. - Installeren van het VeraCrypt apparaat stuurprogramma. - Stoppen van het VeraCrypt apparaat stuurprogramma. - Deinstalleren van het VeraCrypt apparaat stuurprogramma. - Registratie van de User Account Control Support Library is mislukt. - Registratie ongedaan maken van de User Account Control Support Library is mislukt. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Waarschuwing: Dit exemplaar van de Volume Aanmaak Wizard heeft administrator rechten.\n\nUw nieuwe volume zou aangemaakt kunnen worden met rechten die u niet toe zullen staan naar het volume te schrijven na koppeling. Als u dit wilt vermijden, sluit dan deze Volume Aanmaak Wizard en start een nieuw exemplaar zonder administrator rechten.\n\nWilt u dit exemplaar van de Volume Aanmaak Wizard sluiten? - Fout: Kan licentie niet op scherm vertonen. - Buiten(!) - dagen - uren - minuten - s - Open - Ontkoppel - Toon VeraCrypt - Verberg VeraCrypt - Data gelezen sinds koppeling - Data geschreven sinds koppeling - Gecodeerd Deel - 100% (geheel gecodeerd) - 0% (niet gecodeerd) - %.3f%% - 100% - Wachtend - Preparatie - Grootte aanpassen - Coderen - Decoderen - Afronden - Gepauzeerd - Einde - Fout - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Voer wachtwoord in voor %s - Enter password for '%s' - Geef wachtwoord voor het normale/buiten volume - Geef wachtwoord voor het verborgen volume - Geef wachtwoord voor header opgeslagen in de back-up - Sleutelbestand is aangemaakt. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WAARSCHUWING: De header van dit volume is beschadigd! VeraCrypt heeft automatisch de back-up ervan gebruikt die was opgeslagen in het volume.\n\nU dient de volume header te repareren d.m.v. het tool ‘Herstel Volume Header’. - Volume Header backup is met succes aangemaakt.\n\nBelangrijk: Het herstellen van de Volume Header door deze backup te gebruiken zal ook het huidige wachtwoord herstellen. Verder, als nu sleutelbestanden nodig zijn om het volume te koppelen, zullen dezelfde sleutelbestanden weer nodig zijn om te koppelen als de Volume Header is hersteld via het terugzetten van deze backup.\n\nWAARSCHUWING: Deze Volume Header backup kan uitsluitend worden gebruikt om de header van DIT volume te herstellen. Indien u deze header backup gebruikt om een ander Volume te herstellen, zult u daarna het volume kunnen koppelen, maar zult u niet in staat zijn enige data die op dit volume zijn opgeslagen te lezen (omdat u de master key dan heeft veranderd). - De Volume Header is succesvol hersteld.\n\nBELANGRIJK: Neemt u er nota van dat een oud wachtwoord ook hersteld kan zijn. Verder, de sleutelbestanden die nodig waren om het volume te koppelen toen de backup werd gemaakt, zijn nu, na het terugzetten van deze backup, weer nodig om het volume te koppelen. - Om veiligheidsredenen dient u het juiste wachtwoord en/of sleutelbestanden te geven voor het volume.\n\nNoot: Als het volume een verborgen volume bevat, dient u eerst het juiste wachtwoord en/of sleutelbestanden te geven voor het buiten volume. Daarna, als u een back-up wilt maken van de header van het verborgen volume zult u het juiste wachtwoord en/of sleutelbestanden dienen te geven voor het verborgen volume. - Bent u zeker dat u een back-up wilt maken van de volume header voor %s?\n\nNadat u op Ja hebt geklikt zal u om een bestandsnaam gevraagd worden voor deze back-up.\n\nNoot: zowel de standaard als de verborgen volume headers zullen worden gehercodeerd met een nieuwe salt en opgeslagen in het back-up bestand. Indien er in het volume geen verborgen volume is, zal de ruimte die gereserveerd is voor de verborgen volume header in het back-up bestand worden gevuld met random data (om de aannemelijke ontkenbaarheid te bewaren). Als u een volume header gaat terugzetten uit een backup bestand zult u het wachtwoord en/of sleutelbestanden dienen te verstrekken zoals die waren toen de back-up werd gemaakt. Dit wachtwoord en/of sleutelbestanden zullen dan ook automatisch het type header dat teruggezet moet worden vaststellen (standaard of verborgen, merk op dat VeraCrypt dit vaststelt d.m.v. trail and error). - Bent u er zeker van dat u de Volume Header van %s wilt herstellen?\n\nWAARSCHUWING: Het herstellen van de Volume Header herstelt ook het Volume wachtwoord dat gold toen de backup werd gemaakt. Meer, indien er sleutelbestanden nodig waren om het volume te koppelen toen de backup werd gemaakt, zullen dezelfde sleutelbestanden nu weer nodig zijn, na het terugzetten van de backup van de volume header.\n\nNadat u op Ja heeft geklikt, kunt u het backup bestand van de Header selecteren. - Bevat het volume een verborgen volume? - Het volume bevat een verborgen volume - Het volume bevat geen verborgen volume - Geef a.u.b. het gewenste type volume header back-up aan: - Herstel de volume header vanaf de back-up aanwezig in het volume - Herstel de volume header vanaf een extern back-up bestand - De grootte van het volume header back-up bestand is incorrect. - Er is geen back-up van de header aanwezig in dit volume (alleen volumes aangemaakt door VeraCrypt 6.0 of later bevatten back-up headers). - U probeert een backup te maken van de header van de systeem partitie/schijf. Dit is niet toegestaan. Backup/restore operaties van de systeem partitie/schijf kunnen alleen worden uitgevoerd m.b.v. de VeraCrypt Reddingsschijf.\n\nWilt u een VeraCrypt Reddingsschijf aanmaken? - U probeert de header terug te zetten van een virtueel VeraCrypt volume maar u selecteerde de systeem partitie/schijf. Dit is niet toegestaan. Backup/restore operaties van de systeem partitie/schijf kunnen alleen worden uitgevoerd m.b.v. de VeraCrypt Reddingsschijf.\n\nWilt u een VeraCrypt Reddingsschijf aanmaken? - Nadat u op OK heeft geklikt, kunt u een bestandsnaam en opslaglocatie uitkiezen voor het zgn. ISO bestand van de nieuwe VeraCrypt Reddingsschijf. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Breng uw VeraCrypt Reddingsschijf aan in het CD/DVD station en klik op OK om deze te controleren. - De VeraCrypt Reddingsschijf is met succes gecontroleerd. - Kan niet controleren of de Reddingsschijf foutloos is gebrand.\n\nIndien u de Reddingsschijf heeft gebrand, haal de CD/DVD uit het station en breng hem opnieuw aan; daarna opnieuw controleren. Indien dit niet helpt, probeert u a.u.b. een ander brandprogramma en/of andere CD/DVD.\n\nIndien u probeerde een VeraCrypt Reddingsschijf te controleren die is aangemaakt voor een andere Hoofdsleutel, wachtwoord, salt, etc., merk dan op dat een dergelijke Reddingsschijf altijd zal falen in deze controle. Om een nieuwe reddingsschijf aan te maken die volledig compatibel is met uw huidige configuratie, selecteer 'Systeem' > 'Maak Reddingsschijf Aan'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Fout bij het aanmaken van de VeraCrypt Reddingsschijf. - VeraCrypt Reddingsschijf kan niet gemaakt worden als een verborgen operating system draait.\n\nOm een Reddingsschijf te maken, start op van het lokvogel operating syteem en selecteer 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Ontkoppel het volume voordat u verder gaat. - Fout: Kan de timer niet instellen. - Controleer Filesysteem - Repareer Filesysteem - Add to Favorites... - Add to System Favorites... - P&roperties... - Verborgen Volume Beschermd - N.v.t. - Ja - Nee - Disabled - 1 - 2 of meer - Operatie Modus - Label: - Grootte: - Pad: - Stationsletter: - Fout: Een wachtwoord mag alleen zgn. ASCII karakters bevatten.\n\nNiet-ASCII karakters in een wachtwoord kunnen tot gevolg hebben dat het volume niet gekoppeld kan worden als de systeemconfiguratie verandert.\n\nDe volgende karakters zijn toegestaan:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Waarschuwing: Het wachtwoord bevat niet-ASCII karakters. Dit kan tot gevolg hebben dat het volume niet meer gekoppeld kan worden als de systeemconfiguratie verandert.\n\nU wordt dringened aangeraden alle niet-ASCII karakters in het wachtwoord te vervangen door ASCII karakters. Klik hiertoe op 'Volumes' -> 'Verander Volume Wachtwoord'.\n\nDe volgende tekens zijn ASCII karakters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WAARSCHUWING: We raden u sterk aan bestandsextensies te vermijden die gebruikt worden voor uitvoerbare bestanden, zoals .exe, .sys, .dll en andere problematische bestandsextensies. Het gebruik van zulke extensies zorgt ervoor dat Windows en antivirus software zich ongewenst bemoeien met de container, hetgeen de performance van het volume nadelig beïnvloedt en mogelijk andere serieuze problemen veroorzaakt.\n\nWe raden u nogmaals sterk aan deze bestandsextensie te verwijderen of te veranderen (bijv. in '.hc').\n\nBent u er zeker van dat u deze problematische bestandsextensie wilt gebruiken? - WAARSCHUWING: Deze bestandscontainer heeft een bestandsextensie die wordt gebruikt voor uitvoerbare bestanden (zoals .exe, .sys, of .dll), of een andere extensie die vergelijkbaar problematisch is. Deze extensie zal waarschijnlijk voor ongewenste bemoeienis zorgen van Windows en antivirussoftware met deze container, hetgeen de performance van het volume nadelig zal beïnvloeden en mogelijk ook andere serieuzere problemen zal veroorzaken.\n\nWe raden u sterk aan deze extensie te verwijderen of te veranderen (bijv. in '.hc') na ontkoppeling van het volume. - Homepage - WAARSCHUWING: Het blijkt dat u geen Service Pack heeft geïnstalleerd voor Windows. U kunt beter niet schrijven naar IDE schijven groter dan 128 GB onder Windows XP als u geen Service Pack 1 of later heeft geïnstalleerd! Als u dit toch doet kunnen de data op de schijf (onafhankelijk of dit een VeraCrypt volume is of niet) verminkt raken. Noot: dit is een beperking van Windows en geen bug in VeraCrypt. - WAARSCHUWING: Het blijkt dat u geen Service Pack 3 of later heeft geïnstalleerd in Windows. U kunt beter niet schrijven naar IDE schijven groter dan 128 GB onder Windows 2000 als u geen Service Pack 3 of later heeft geïnstalleerd! Als u dit toch doet kunnen de data op de schijf (onafhankelijk of dit een VeraCrypt volume is of niet) verminkt raken. Noot: dit is een beperking van Windows en geen bug in VeraCrypt.\n\nNoot: Het zou kunnen dat u naast de installatie van Service Pack 3 ook de 48-bit LBA ondersteuning in het register dient aan te zetten. Voor meer informatie, kijk op http://support.microsoft.com/kb/305098/EN-US - WAARSCHUWING: 48-bit LBA ATAPI ondersteuning is op uw systeem uitgeschakeld. Daarom wordt u afgeraden data te schrijven naar IDE schijven die groter zijn dan 128 GB! Als u dit toch doet, kunnen de data op de schijf (onafhankelijk of dit een VeraCrypt volume is of niet) verminkt raken. Merk op dat dit een beperking is van Windows en niet van Veracrypt.\n\nOm de 48-bit LBA ondersteuning aan te zetten, dient u de 'EnableBigLba' register waarde toe te voegen aan de registersleutel HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters en deze op 1 te zetten.\n\nVoor meer informatie, zie http://support.microsoft.com/kb/305098 - Fout: bestanden groter dan 4 GB kunnen niet opgeslagen worden op een FAT32 systeem. Daarom kunnen VeraCrypt bestandscontainers, die zijn opgeslagen op een FAT32 systeem, niet groter zijn dan 4 GB.\n\nAls u een groter volume nodig heeft, maak het dan aan op een NTFS systeem (of, als u Windows Vista SP1 of later heeft, op een exFAT systeem) of, codeer een gehele partitie of apparaat. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - Waarschuwing: Als u in de toekomst meer bestanden wilt toevoegen aan het Buiten Volume, zou u misschien beter een kleinere grootte kunnen kiezen voor het Verborgen Volume.\n\nBent u er zeker van dat u wilt doorgaan met de grootte die u hebt ingegeven? - Geen volume geselecteerd.\n\nKlik op 'Selecteer Apparaat' of 'Selecteer Bestand' om een VeraCrypt volume te selecteren. - Geen partitie geselecteerd.\n\nKlik 'Selecteer Apparaat' om een ontkoppelde partitie te selecteren die normaal gesproken pre-boot authenticatie vereist (bijvoorbeeld een partitie gesitueerd op de gecodeerde systeem schijf van een ander operating systeem, dat niet draait, of de gecodeerde systeem partitie van een ander operating systeem).\n\nNoot: De geselecteerde partitie zal worden gekoppeld als een gewoon VeraCrypt volume zonder pre-boot authenticatie. Dit is nuttig bijv. voor backup of reparatie acties. - WAARSCHUWING: Als Standaard Sleutelbestanden zijn geselecteerd en opgeslagen, kunnen volumes die deze sleutelbestanden niet gebruiken onmogelijk meer worden gekoppeld. Daarom dient u, na aanzetten van de optie Standaard Sleutelbestanden, niet te vergeten dit vinkje weer weg te halen bij het vakje "gebruik sleutelbestanden" onder het vakje "laat wachtwoord zien" wanneer u dergelijke volumes wilt gebruiken.\n\nBent u er zeker van de Standaard Sleutelbestanden plus pad op te slaan? - Auto-Koppel Apparaten - Ontkoppel Alles - Wis Cache - Ontkoppel Alles & Wis Cache - Forceer Ontkoppeling Alles & Wis Cache - Forceer Ontkoppeling Alles, Wis Cache & Sluiten - Koppel Favoriete Volumes - Toon/Verberg Algemeen VeraCrypt Venster - (Klik hier en druk op een toets) - Actie - Sneltoets - Error: Deze snelkoppeling mag niet gebruikt worden. Kies een andere. - Error: Snelkoppeling is al in gebruik. - WAARSCHUWING: Een of meer van de VeraCrypt system-brede hot keys zal niet werken!\n\nOvertuigt u zich er van dat het operating systeem en/of andere programma's niet dezelfde hot keys gebruiken als True Crypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - Door een fout of incompatibiliteit kon VeraCrypt het slaapstand bestand niet coderen. Daarom werd de slaapstand niet toegestaan.\n\nNoot: Als een computer in slaapstand gaat wordt de inhoud van het systeem geheugen geschreven naar het slaapstand bestand op de systeem schijf. VeraCrypt zou dan niet kunnen voorkomen dat codeer sleutels en andere gevoelige informatie die in het systeem geheugen aanwezig is ongecodeerd naar dit bestand worden geschreven. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - WAARSCHUWING: Als deze optie wordt uitgeschakeld, kunnen volumes die geopende bestanden/mappen bevatten niet meer automatisch ontkoppeld worden.\n\nBent u er zeker van dat u deze optie wilt uitschakelen? - WAARSCHUWING: Volume bevat geopende bestanden/directories en zal NIET automatisch ontkoppeld worden.\n\nOm dit te voorkomen, vink de volgende optie aan in dit dialoog scherm: 'Forceer auto-ontkoppeling, zelfs als het volume geopende bestanden of directories bevat' - WAARSCHUWING: als de batterij van de notebook bijna leeg is, kan Windows verzuimen de juiste boodschappen te sturen aan draaiende programma’s wanneer de notebook in power-save modus gaat. In zulke gevallen kan VeraCrypt er evt. niet in slagen volumes te auto-ontkoppelen. - U heeft de codering van een partitie/volume gepland in de tijd. Het proces is nog niet voltooid.\n\nWilt u het proces nu hervatten? - U heeft het (de)coderen van de systeem partitie/schijf als proces gepland. Het proces is nog niet voltooid.\n\nWilt u dit proces nu starten (hervatten)? - Wilt u eraan herinnerd worden de geplande codering van niet-systeem partities/volumes te hervatten? - Ja, herinner me - Nee, herinner me niet - BELANGRIJK: Onthoud dat u de codering van elke niet system partitie/volume kunt hervatten door 'Volumes' > 'Hervat Onderbroken Proces' uit het menu van het hoofdscherm van VeraCrypt te kiezen. - U heeft de codering of decodering gepland van de systeem partitie/schijf. Echter, pre-boot authenticatie is mislukt (of werd overgeslagen).\n\nNoot: Als u de systeem partitie/schijf in de pre-boot omgeving decodeerde ,zou u het proces evt. moeten afmaken door te selecteren 'Systeem' > 'Permanent Decoderen Systeem Partitie/Schijf' uit het menu van het hoofdscherm van VeraCrypt. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Sluiten? - VeraCrypt heeft niet voldoende informatie om te kunnen bepalen of het moet coderen of decoderen. - VeraCrypt heeft onvoldoende informatie om te bepalen of het moet coderen of decoderen.\n\nNoot: Als u de systeem partitie/schijf in de pre-boot omgeving decodeerde, zou het nodig kunnen zijn het proces af te maken door te klikken op Decodeer. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Wilt u de codering van de partitie/volume onderbreken en tot een latere tijd uitstellen?\n\nNoot:Onthoud dat het volume niet kan worden gekoppeld totdat het geheel is gecodeerd. U kunt het proces hervatten, dit zal dan starten op de plaats waar u het stopte. U kunt dit zelf doen bijv. door 'Volumes' > 'Hervat Onderbroken Proces' te kiezen uit het menu van het hoofdscherm van VeraCrypt. - Wilt u het coderen van de systeem partitie/schijf onderbreken en uitstellen?\n\nNoot: U zult het proces kunnen hervatten vanaf het punt waar het onderbroken was. U kunt dit bijv. doen door te kiezen voor 'Systeem' > 'Hervat Onderbroken Proces' uit het systeemmenu van het hoofdscherm van VeraCrypt. Indien u het coderen helemaal wilt terugdraaien of beëindigen, selecteer 'Systeem' > 'Permanent Decoderen Systeem Partitie/Schijf'. - Wilt u het decoderen van de systeem partitie/schijf onderbreken en uitstellen?\n\nNoot: U zult het proces kunnen hervatten vanaf het punt waar het onderbroken was. U kunt dit bijv. doen door te kiezen voor 'Systeem' > 'Hervat Onderbroken Proces' uit het systeemmenu van het hoofdscherm van VeraCrypt. Indien u het decoderen helemaal wilt terugdraaien (en met coderen starten), selecteer 'Systeem' > 'Codeer Systeem Partitie/Schijf'. - Fout: Stoppen coderen/decoderen van de systeem partitie/schijf mislukt. - Fout: Onderbreken van het wissen is mislukt. - Fout: Hervatten coderen/decoderen van de systeem partitie/schijf mislukt. - Fout: Starten van het wissen is mislukt. - Inconsistentie opgelost.\n\n\n(Indien u een programmafout in relatie hiermee wilt rapporteren, wilt u dan de volgende technische informatie meesturen in het bug rapport: %hs) - Fout: Niet verwachte toestand.\n\n\n(Indien u deze fout rapporteert hiermee, neem dan a.u.b. de volgende technische informatie mee in de fout rapportage: %hs - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - WAARSCHUWING: De VeraCrypt Achtergrond Taak is uitgeschakeld. Nadat VeraCrypt is beëindigd, zal niet worden gemeld indien schade aan een Verborgen Volume is voorkomen.\n\nNoot: U kunt op ieder moment de VeraCrypt Achtergrond Taak beëindigen door het VeraCrypt Systeem Tray Icoon rechts aan te klikken en te kiezen voor 'Sluiten'.\n\nWilt u dat de VeraCrypt Achtergrond Taak ingeschakeld wordt? - Vertaling versie: %s - Controleren van het bestandssyteem op het VeraCrypt volume dat is gekoppeld als %s... - Uitvoeren van een poging tot reparatie van het bestandssysteem op het VeraCrypt Volume dat is gekoppeld als %s... - Waarschuwing: Dit volume is gecodeerd met een legacy codering algoritme.\n\nAlle 64-bit-blok codering algoritmes (e.g., Blowfish, CAST-128, of Triple DES) zijn afgekeurd. Het zal mogelijk zijn dit volume te koppelen met toekomstige versies van VeraCrypt. Er zullen echter geen verdere verbeteringen van de implementaties van deze legacy codering algoritmes komen. We raden u aan een nieuw VeraCrypt Volume aan te maken dat is gecodeerd middels een 128-bit-blok codering algoritme (bijv., AES, Serpent, Twofish, etc.) en dat u alle bestanden van dit volume naar het nieuw aan te maken volume verplaatst. - Uw systeem is niet geconfigureerd om automatisch nieuwe volumes te koppelen. Het kan onmogelijk blijken om in apparaten gehuisveste VeraCrypt volumes te koppelen. Automatisch koppelen kan worden aangezet door de volgende opdracht uit te voeren en de computer te herstarten.\n\nmountvol.exe /E - Wilt u a.u.b. een stationsletter toekennen aan de partitie/apparaat voordat u verder gaat ('Configuratiescherm' > 'Prestaties en Onderhoud' > 'Systeembeheer' - 'Computerbeheer' - 'Schijfbeheer').\n\nMerk op dat dit een vereiste van het operating systeem is. - Koppel VeraCrypt volume - Ontkoppel alle VeraCrypt volumes - VeraCrypt kon geen Administrator rechten verkrijgen. - Toegang geweigerd door het operating systeem.\n\nMogelijke oorzaak: Het operating systeem vereist dat u recht om te lezen/schrijven heeft (of administrator privileges) voor bepaalde mappen, bestanden en apparaten, zodat u toegestaan wordt data te lezen en te schrijven naar/van deze bestanden/mappen. Normaal gesproken is het een gebruiker zonder administrator privileges toegestaan om bestanden aan te maken, te lezen en erin te schrijven binnen de eigen Mijn Documenten map. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - De VeraCrypt Boot Lader vereist minstens 32 KBytes vrije ruimte aan het begin van de systeem schijf (de VeraCrypt Boot Lader moet daar opgeslagen worden). Helaas voldoet uw systeem schijf niet aan deze voorwaarde.\n\nWilt u dit a.u.b. NIET als een programmafout/probleem van VeraCrypt melden. Om dit probleem op te lossen, zult u uw schijf moeten herpartitioneren en de eerste 32 KBytes van de schijf vrijlaten (in de meeste gevallen voldoet het de eerste partitie te verwijderen en opnieuw aan te maken). We raden u aan hiervoor de Microsoft partitie manager te gebruiken die beschikbaar is bijv. bij installeren van Windows. - Deze functie wordt niet ondersteund door de versie van het operating systeem die u momenteel gebruikt. - VeraCrypt ondersteunt geen codering van de systeem partitie/schijf onder de versie van het operating systeem die u momenteel gebruikt. - Voordat u de system partitie/schijf onder Windows Vista kunt coderen, dient u Service Pack 1 of hoger te installeren voor Windows Vista. Dit is op uw systeem niet aanwezig.\n\nNoot:Service Pack 1 voor Windows Vista loste een probleem op dat er te weinig geheugen aanwezig was tijdens het opstarten van het systeem. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Uw systeem heeft een GUID partitie tabel (GPT). Op dit moment worden door VeraCrypt alleen stations met een MBR partitie tabel ondersteund. - VOORZICHTIG: De VeraCrypt Boot Lader is reeds geïnstalleerd op uw system schijf!\n\nHet is mogelijk dat een ander systeem op uw computer reeds gecodeerd is.\n\nWAARSCHUWING: DOORGAAN MET CODERING VAN HET NU ACTIEVE SYSTEEM KAN ERVOOR ZORGEN DAT EEN ANDER SYSTEEM/SYSTEMEN NIET MEER GESTART KUNNEN WORDEN EN DE AANWEZIGE DATA NIET MEER TOEGANKELIJK.\n\nBent u er zeker van dat u door wilt gaan? - Fout in herstellen van de originele systeemlader.\n\nGebruik aub uw VeraCrypt reddingsschijf ('Repair Options' > 'Restore original system loader') of Windows installatie medium om de VeraCrypt Boot Lader te vervangen door de Windows systeem lader. - De originele systeem lader zal niet opgeslagen worden op de Reddingsschijf (waarschijnlijke oorzaak: ontbrekende backup). - Kon de MBR sector niet schrijven.\n\nUw BIOS zou ingesteld kunnen zijn om de MBR sector te beschermen. Controleer uw BIOS (druk op F2, Delete, or Esc, tijdens het eerste opstartscherm van uw computer) voor MBR/antivirus protectie instellingen. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - De juiste versie van de VeraCrypt Boot Lader is niet geïnstalleerd. Hierdoor kunnen enkele instellingen evt. niet worden opgeslagen. - In sommige situaties zult u willen voorkomen dat iemand die u de computer ziet starten (een vijand) erachter komt dat VeraCrypt aanwezig is op de computer. De bovenstaande optie stelt u in staat het VeraCrypt Boot Lader scherm aan te passen. Als u de eerste optie kiest zal geen enkele tekst worden weergegeven door de boot lader (zelfs niet als u een verkeerd wachtwoord ingeeft). De computer zal “bevroren” lijken terwijl u uw wachtwoord intypt. Als extra kan er een zelfgemaakte boodschap worden weergegeven om de vijand te misleiden. Bijv. “Ontbrekend Operating Systeem” (wat normaal wordt weergegeven door de Windows Boot Lader als deze geen boot partitie vindt.) Het is echter belangrijk dat u zich realiseert dat, als de vijand in staat is de inhoud van de harde schijf te analyseren, hij erachter kan komen dat er een VeraCrypt Boot Lader aanwezig is. - WAARSCHUWING: Na selectie van deze optie zal de VeraCrypt Boot Lader geen enkele tekst laten zien (zelfs niet bij ingave van een verkeerd wachtwoord). De computer zal “bevroren” lijken terwijl u uw wachtwoord kunt ingeven (de cursor zal NIET bewegen en geen sterretjes worden zichtbaar bij intypen).\n\nBent u er zeker van dat u deze optie wilt selecteren? - Uw systeem partitie/schijf blijkt helemaal gecodeerd te zijn. - VeraCrypt ondersteunt geen codering van een systeem station dat is geconverteerd tot een dynamische schijf. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Wilt u de systeem partitie coderen in plaats van de gehele schijf?\n\nMerk op dat u in partities gehuisveste VeraCrypt volumes kunt aanmaken op iedere niet-systeem partitie op de schijf (naast het coderen van de systeem partitie). - Aangezien uw systeem schijf maar één partitie bevat die alle ruimte in beslag neemt, is het aan te raden (veiliger) om de gehele schijf te coderen, inclusief de vrije ruimte die vaak zo'n partitie omgeeft.\n\nWilt u de gehele systeem schijf coderen? - Uw system is ingesteld om tijdelijke bestanden op te slaan op een niet-systeem partitie.\n\nDeze opslag kan daar niet plaatsvinden. - Uw gebruikersprofiel bestanden zijn niet opgeslagen op de system partitie.\n\n Dit profiel kan daar niet plaatsvinden. - Er is/zijn wisselbestand(en) aanwezig op niet-systeem partitie(s).\n\nWisselbestand(en) kunnen daar niet opgeslagen zijn. - Wilt u Windows instellen dat er alleen op de Windows partitie een wisselbestand wordt aangemaakt?\n\nAls u 'Ja' klikt wordt de computer opnieuw gestart. Start daarna VeraCrypt en de aanmaak van een verborgen OS opnieuw. - Anders zal de aannemelijke ontkenbaarheid van het verborgen operating system aangetast worden.\n\nNoot: indien een vijand de inhoud van deze bestanden (op een niet-systeem partitie) zal analyseren, zou hij kunnen ontdekken dat u deze wizard gebruikte in de verborgen-systeem modus (hetgeen de aanwezigheid van een verborgen operating systeem op uw computer kan aantonen). Merk ook op dat deze bestanden door VeraCrypt worden gewist gedurende de aanmaak van een verborgen operating systeem. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - WAARSCHUWING: Er is niet-toegewezen ruimte aanwezig tussen de systeem partitie en de eerste partitie daar achter. Na aanmaken van het verborgen operating systeem (OS) mag u geen partitie meer maken in deze ruimte, anders zal het verborgen OS systeem niet meer te starten zijn (totdat u deze partitie weer verwijdert). - Dit algoritme wordt momenteel niet ondersteund voor systeem codering. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Sleutelbestanden zijn niet ondersteund bij systeemcodering. - Waarschuwing: VeraCrypt kon de originele toetsenbord lay-out niet terugzetten. Dit zou ertoe kunnen leiden dat u een wachtwoord verkeerd ingeeft. - Fout: Kan de toetsenbord indeling voor VeraCrypt niet instellen op de standaard (US) toetsenbord indeling.\n\nMerk op dat het wachtwoord ingetypt moet worden in de pre-boot omgeving (voor Windows start) waar niet-standaard (US) Windows toetsenbord indelingen niet beschikbaar zijn. Daarom moet het wachtwoord altijd worden ingetypt met gebruik van de standaard (US) toetsenbord indeling. - Omdat VeraCrypt tijdelijk de toetsenbord lay-out veranderde naar de standaard (US) toetsenbordindeling, is het niet mogelijk karakters te typen terwijl u de rechter ALT toets ingedrukt houdt. Echter, u kunt de meeste van dit soort karakters creëren door de betreffende toets in te drukken terwijl u de SHIFT toets ingedrukt houdt. - VeraCrypt verhinderde het veranderen van de toetsenbord lay-out. - Noot: Het wachtwoord moet worden ingetypt in de pre-boot omgeving (voordat Windows start) waar niet-standaard (US) Windows toetsenbord indelingen niet beschikbaar zijn. Daarom moet het wachtwoord altijd worden ingetypt met gebruik van de standaard (US) toetsenbord indeling. Echter, het is belangrijk op te merken dat u geen ECHT standaard (US) toetsenbord nodig hebt. VeraCrypt zorgt er automatisch voor dat u het wachtwoord veilig kunt intypen (nu direct en in de pre-boot omgeving) zelfs als u geen echt standaard (US) toetsenbord hebt. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - LET OP: Indien u een VeraCrypt Reddingsschijf heeft kan deze niet gebruikt worden voor deze systeem partitie/schijf omdat hij is gemaakt voor een andere master key! Na iedere codering van een systeem partitie/schijf moet een nieuwe reddingsschijf worden aangemaakt, zelfs als u hetzelfde wachtwoord gebruikt. - Fout: Kan de systeem codering settings niet opslaan. - Kan de systeem codering pre-test niet initiëren. - Voorbereiding tot aanmaak van verborgen operating system mislukt. - Wis Modus - Op sommige typen opslagmedia is het mogelijk oorspronkelijke data, die overschreven zijn door andere data, weer te herstellen met geavanceerde technieken. Dit geldt ook voor data die worden overschreven door hun gecodeerde variant. (Dit gebeurt als VeraCrypt een ongecodeerde partitie of schijf codeert.) Volgens studies en overheidspublicaties kan deze hersteltechniek voorkomen worden (of zeer bemoeilijkt) door de data eerst een aantal malen met pseudo-random en niet-random data te overschrijven. Indien u gelooft dat een vijand mogelijk uw originele data met een dergelijke techniek zou kunnen herstellen, kunt u één van de volgende wismethoden kiezen (let op bestaande data gaan NIET verloren). Merk op dat het wissen NIET zal plaatsvinden na de codering van de partitie/schijf. Als de partie/schijf geheel is gecodeerd worden er geen ongecodeerde data meer op geschreven, deze data worden in het interne geheugen “on the fly” gecodeerd en daarna pas weggeschreven naar de schijf. - Op sommige typen opslagmedia is het mogelijk oorspronkelijke data, die overschreven zijn door andere data, weer te herstellen met geavanceerde technieken. Volgens studies en overheidspublicaties kan deze hersteltechniek voorkomen worden (of zeer bemoeilijkt) door de data eerst een aantal malen met pseudo-random en niet-random data te overschrijven. Indien u gelooft dat een vijand mogelijk uw originele data die gewist gaat worden met een dergelijke techniek zou kunnen herstellen, kunt u één van de volgende cyclische wismethoden kiezen.\n\nNoot:Hoe meer wis cycli u kiest, des te langer zal het proces duren. - Wissen - \nNoot: U kunt het wisproces onderbreken, de computer afsluiten, het verborgen systeem opnieuw starten en het proces weer hervatten (deze wizard zal automatisch weer worden gestart). Echter, het wisproces zal dan weer van voren af beginnnen. - \n\nNoot: Als u het wisproces onderbreekt en het probeert te hervatten, zal het gehele wisproces van voren af beginnen. - Wilt u het wisproces afbreken? - LET OP: De gehele inhoud van deze partitie/apparaat zal worden gewist. - De gehele inhoud van de partitie waar het originele system staat wordt gewist.\n\nNoot: De gehele inhoud van de te wissen partitie is reeds gekopieerd naar de verborgen systeem partitie. - WAARSCHUWING: indien u bijv. de 3-cycli wismodus kiest, zal de tijd die nodig is om de partitie/schijf te coderen tot 4 maal langer duren. Zo ook zal, indien u de 35-cycli modus kiest, de benodigde tijd tot 36 maal langer duren. Dit kan zelfs oplopen tot enkele weken.\n\nEchter, merk op dat wissen niet zal geschieden na volledige codering van de partitie/schijf. Wanneer deze codering voltooid is zullen alle data die er naartoe geschreven worden eerst volledig in het interne geheugen gecodeerd worden alvorens geschreven te worden. Dan wordt de performance dus NIET aangetast.\n\nBent u er zeker van dat u de wismodus wilt kiezen? - Geen (snelst) - 1-maal (random data) - 3-maal (US DoD 5220.22-M) - 7-maal (US DoD 5220.22-M) - 35-maal ("Gutmann") - 256-maal - Aantal Operating Systemen - WAARSCHUWING: Onervaren gebruikers wordt het dringend afgeraden Windows te coderen in een multi-boot configuratie.\n\nDoorgaan? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Boot Schijf - Is het nu actieve operating systeem geïnstalleerd op de boot-schijf?\n\nNoot: Soms is Windows niet geïnstalleerd op dezelfde schijf als de Windows Boot Lader (boot partitie). Indien dit het geval is, kies 'Nee'. - VeraCrypt ondersteunt momenteel niet het coderen van een operating systeem dat niet opstart vanaf de schijf waarop het is geïnstalleerd. - Aantal Systeem Schijven - Hoeveel schijven bevatten een operating systeem?\n\nNoot: Bijvoorbeeld, als u een operating systeem (bijv. Windows, Mac OS X, Linux, etc.) heeft geïnstalleerd op de primaire schijf en enig toegevoegd operating systeem geïnstalleerd op een secundair schijf, selecteer dan '2 of meer'. - VeraCrypt ondersteunt momenteel geen codering van een gehele schijf die meerdere operating systemen bevat.\n\nMogelijke oplossingen:\n\n- U kunt nog steeds één van de systemen coderen als u terug gaat en kiest voor codering van een enkele systeem partitie (in tegenstelling tot het coderen van een gehele systeem schijf).\n\n- Als een alternatief kunt u de gehele schijf coderen als u enkele van de systemen verplaatst naar een andere schijf zodat er maar één systeem achterblijft op de schijf die u wilt coderen. - Meerdere Systemen op Enkele Schijf - Zijn er andere operating systemen geïnstalleerd op de schijf waarop het huidige actieve operating systeem is geïnstalleerd?\n\nNoot: Bijvoorbeeld, als het huidige actieve operating systeem is geïnstalleerd op schijf #0, dat meerdere partities bevat, en indien één van deze partities Windows bevat en een andere partitie bevat een ander operating systeem (bijv. Windows, Mac OS X, Linux, etc.), selecteer dan 'Ja'. - Niet-Windows Boot Lader - Is een niet-Windows boot lader (of boot manager) geïnstalleerd in het Master Boot Record (MBR)?\n\nNoot: Als de eerste track van de boot schijf bijv. GRUB, LILO, XOSL of een andere niet-Windows boot manager (of boot lader) bevat, klik dan op ‘Ja’. - Multi-Boot - VeraCrypt ondersteunt momenteel geen multi-boot configuraties waar een niet-Windows boot lader is geïnstalleerd in het Master Boot Record.\n\nMogelijke oplossingen:\n\n- Als u een boot manager gebruikt om Windows en Linux te starten, verplaats de boot manager (meestal GRUB) van het Master Boot Record naar een partitie. Start dan deze wizard nogmaals en codeer de systeem partitie/schijf. Merk op dat de VeraCrypt Boot Lader uw primaire boot manager zal worden en u zal toestaan de originele boot manager (bijv. GRUB) te starten als een secundaire boot manager (door op ESC te drukken in het VeraCrypt Boot Lader scherm). Aldus zult u Linux kunnen starten. - Als het nu draaiende operating system (OS) is geïnstalleerd op de boot partitie zult u na codering ervan het wachtwoord dienen op te geven, zelfs als u een ander ongecodeerd Windows systeem wilt starten. Dit omdat ze dezelfde gecodeerde Windows boot lader/manager delen.\n\nIn contrast hiermee: als het nu draaiende OS NIET geïnstalleerd is op de boot partitie (of als de Windows boot lader/manager niet door een ander systeem wordt gebruikt) dan zal, na codering van dit systeem het ingeven van een wachtwoord voor andere ongecodeerde syste(e)m(en) niet nodig zijn. Dan zal alleen het indrukken van de ESC toets voldoende zijn om het ongecodeerde systeem te starten. (Indien er meerdere van deze ongecodeerde systemen zijn zult u in het VeraCrypt Boot Manager Menu moeten aangeven welk systeem te starten).\n\nNoot: Kenmerkend is dat het éérst geïnstalleerde Windows systeem op de boot partitie staat. - Codering van "Host Protected Area" - Aan het einde van veel harde schijven bestaat een gebied dat normaal gesproken verborgen is voor het operating systeem, het ‘Hort Protected Area’ (HPA). Sommige programma’s kunnen echter data lezen en schrijven naar dit gebied.\n\nWAARSCHUWING: Sommige computerfabrikanten gebruiken dit gebied voor de opslag van tools, data voor RAID, systeemherstel, systeem setup, diagnostiek enz. Indien deze data toegankelijk moeten zijn vóór het opstarten, mag de HPA NIET gecodeerd worden. (Kies boven ‘Nee’)\n\nWilt u dat VeraCrypt een HPA opzoekt en codeert? - Type Systeem Codering - Selecteer deze optie als u de systeempartitie of de gehele systeemschijf wilt coderen zonder deze te verbergen. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Verborgen Operating Systeem - In de stappen hierna worden twee volumes (Buiten en Verborgen) aangemaakt in de eerste partitie achter de systeem partitie. Het Verborgen Volume zal het verborgen operating systeem (OS) bevatten. VeraCrypt zal dit verborgen OS aanmaken door de inhoud van de systeem partitie (met daarop het nu draaiende OS) te kopiëren naar het Verborgen Volume. Naar het Buiten Volume zult u enige belangrijk uitziende bestanden kopiëren die u NIET wilt verbergen. Ze staan daar voor degene die u dwingt het wachtwoord te onthullen van de Verborgen OS partitie. Als u dan het wachtwoord van het Buiten Volume in de verborgen OS partitie geeft zal het Verborgen Volume met daarin het verborgen OS verborgen blijven.\n\nUiteindelijk zult u op de systeem partitie van het nu draaiende OS een nieuw OS installeren, het zgn. lokvogel OS en dit coderen. Dit mag geen gevoelige data bevatten en zal er staan t.b.v. degene die u dwingt het pre-boot authenticatie wachtwoord prijs te geven. Totaal zullen er drie wachtoorden zijn. Twee ervan kunt u onthullen (voor het buiten volume en het lokvogel OS). Na ingave van het derde wachtwoord zal het verborgen OS starten. - Opsporen Verborgen Sectoren - Wacht a.u.b. terwijl VeraCrypt mogelijke verborgen sectoren detecteert aan het einde van de systeem schijf. Dit kan lang duren.\n\nNoot: in zeldzame gevallen zal het systeem niet meer reageren tijdens dit detectie proces. Indien dit gebeurt, herstart dan de computer en start VeraCrypt opnieuw. Volg dan dezelfde stappen maar sla dit detectie proces over. Merk op dat dit probleem niet wordt veroorzaakt door een fout in VeraCrypt. - Te Coderen Gebied - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Verzamelen Random Data - Sleutels Aangemaakt - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Reddingsschijf Maken - Reddingsschijf Aangemaakt - System Codering Pre-test - Reddingsschijf Geverifieerd - \nDe VeraCrypt Reddingsschijf is met succes gecontroleerd. Verwijder het a.u.b. uit het station en bewaar het op een veilige plaats.\n\nKlik op Volgende om door te gaan. - WAARSCHUWING: Bij de volgende stappen mag de VeraCrypt Reddingsschijf NIET in het station zitten. Anders is het niet mogelijk het proces goed af te ronden.\n\nHaal het uit het station en berg hem op een veilige plaats op. Klik dan op OK. - Waarschuwing: Door technische beperkingen van de pre-boot omgeving, kunnen alleen maar Engelse teksten door VeraCrypt worden weergegeven in de pre-boot omgeving (voordat Windows start). Het VeraCrypt Boot Lader gebruikersscherm is helemaal in het Engels.\n\nDoorgaan? - Alvorens uw systeem partitie of schijf te coderen, moet VeraCrypt eerst verifieren dat alles goed werkt.\n\nNadat u op Test heeft geklikt, zullen alle benodigde componenten (bijv. de pre-boot authenticatie component, d.w.z. de VeraCrypt Boot Lader) worden geïnstalleerd en wordt uw computer opnieuw opgestart. Daarna moet u uw wachtwoord intypen in het VeraCrypt Boot Lader scherm dat zal verschijnen voordat Windows start. Na het starten van Windows, zult u automatisch worden geïnformeerd over de resultaten van de pre-test.\n\nHet volgende apparaat zal worden aangepast: Schijf #%d\n\n\nAls u op Annuleer drukt, zal niets worden geïnstalleerd en zal de pre-test niet worden uitgevoerd. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Pre-test Voltooid - De pre-test is met succes voltooid.\n\nWaarschuwing: Indien de stroomtoevoer onderbroken wordt of het operating systeem crasht door een fout, tijdens het Op-De-Plaats coderen van data, kunnen er gegevens verloren gaan of verminkt raken. Maak daarom een back-up van de te coderen bestanden. Indien u dit nog niet heeft gedaan, doe dit nu door op 'Pauzeer' te klikken en dan de back-up te maken. Start daarna VeraCrypt en selecteer 'Systeem' > 'Hervat Onderbroken Proces' om het decoderen te hervatten.\n\nIndien u klaar bent, klik op 'Codeer' om het Coderingsproces te starten. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nU kunt op Pauzeer drukken wanneer u het coderingsproces wilt stoppen, deze wizard beëindigen en de computer afsluiten. Na herstart van de computer en van dit proces zal het verdergaan op het punt van onderbreking. Het volume kan niet gekoppeld worden totdat het volledig gecodeerd is. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Origineel Systeem - Windows maakt (zonder uw medeweten) log-bestanden en tijdelijke bestanden aan op de syteempartitie. Ook de inhoud van RAM wordt opgeslagen in de slaap- en wisselbestanden op de systeem partitie. Indien een afperser bestanden op de partitie waar het originele operating systeem (OS) staat zou analyseren (waarvan het verborgen systeem een kloon is), zou hij bijv. kunnen achterhalen dat u de VeraCrypt wizard gebruikte om een verborgen OS aan te maken (hetgeen een sterke aanwijzing is voor het bestaan van een verborgen OS op uw computer).\n\nOm dit te voorkomen zal in de volgende stappen de gehele inhoud van de partitie waar het originele OS staat veilig worden gewist. Daarna, t.b.v. de aannemelijke ontkenbaarheid, moet u een nieuw OS installeren op deze partitie en dit coderen. Daarmee maakt u een lokvogel OS waarna het proces van aanmaak van een verborgen OS afgerond zal zijn. - Het verborgen operating system is met succes aangemaakt. Voordat u het echter kunt gebruiken (en het aannemelijk ontkenbaar is), dient u de gehele inhoud van de partitie met daarop het nu draaiende operating systeem (OS) m.b.v. VeraCrypt veilig te wissen. U dient hiertoe nu eerst de computer te herstarten en dan bij de pre-boot authenticatie het wachtwoord in te geven van het verborgen OS. Dan zal, na het starten van dit verborgen OS, de VeraCrypt wizard automatisch starten.\n\nNoot: Als u ervoor kiest het proces tot aanmaak van een verborgen operating syteen NU te beëindigen, zult u het proces NIET kunnen hervatten en zal het verborgen operating systeem NIET toegankelijk zijn omdat de VeraCrypt boot lader dan wordt verwijderd. - U heeft het aanmaken van een verborgen operating system gepland. Het proces is nog niet afgerond. Voor de afronding dient u de computer opnieuw op te starten en dan in het scherm van de VeraCrypt Boot Lader (dat vóór Windows verschijnt) uw wachtwoord voor het verborgen operating systeem in te geven.\n\nNoot: indien u ervoor kiest het proces nu af te breken zult u NIET in staat zijn het te hervatten. - Herstart de computer en ga verder - Permanent afbreken proces tot aanmaak van verborgen operating system - Doe nu niets, vraag later opnieuw - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Klonen Operating Systeem - In de volgende stappen zal VeraCrypt het verborgen operating systeem aanmaken door de inhoud van de system partitie naar het verborgen volume te kopiëren (de te kopiëren data worden on-the-fly gecodeerd met een andere codering sleutel dan die van het lokvogel operating systeem)\n\nMerk op dat dit proces wordt uitgevoerd in de pre-boot omgeving (dus voordat Windows start) en dat voltooiing lang kan duren: meerder uren of zelfs dagen (afhankelijk van de grootte van de systeem partitie en van de performance van uw computer).\n\nU kunt het proces onderbreken, de computer afsluiten, en weer hervatten na aanzetten van de computer. Echter, na onderbreking zal het proces van het kopiëren en coderen van de systeem partitie altijd weer van voren af aan beginnen omdat de inhoud van deze partitie tijdens het klonen niet gewijzigd mag worden. - Wilt u het gehele proces tot aanmaak van een verborgen operating systeem stoppen?\n\nNoot: U zult het proces NIET kunnen hervatten als u nu stopt. - Wilt u de systeem codering pre-test annuleren? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - De systeem partitie/schijf blijkt niet gecodeerd te zijn (ook niet gedeeltelijk). - Uw systeem partitie/schijf is gecodeerd (volledig of geheel).\n\nDecodeer a.u.b. uw systeem partitie/schijf geheel alvorens verder te gaan. Om dit te doen, selecteer 'Systeem' > 'Permanent Decoderen Systeem Partitie/Schijf' uit het menu van het hoofdscherm van VeraCrypt. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Uw systeem partitie/schijf wordt op dit moment gecodeerd, gedecodeerd, of op andere wijze aangepast. Onderbreek a.u.b. de codering/decodering/aanpassing, of wacht tot het proces is afgerond, alvorens verder te gaan. - Een exemplaar van de VeraCrypt Volume Aanmaak Wizard draait op dit moment op dit systeem en is bezig met voorbereiden tot of de codering/decodering zelf van de systeem partitie/schijf. Voordat u verder gaat, wacht a.u.b.totdat deze klaar is of sluit hem af. Als u deze niet af kunt sluiten, herstart a.u.b. uw computer alvorens verder te gaan. - Het coderen/decoderen van de systeem partitie/schijf is niet voltooid. Wacht a.u.b. tot het is voltooid alvorens verder te gaan. - Fout: Het coderen/decoderen van de partitie/schijf is niet voltooid. Het moet eerst afgerond worden. - Fout: Het coderingsproces van de partitie/volume is niet voltooid. Het moet eerst voltooid worden.\n\nOm het proces te hervatten, selecteer 'Volumes' > 'Hervat Onderbroken Proces' uit het menu van het hoofdscherm van VeraCrypt. - Het wachtwoord is goed, VeraCrypt heeft de volume header gedecodeerd maar ontdekt dat dit een verborgen systeem volume is. U kunt de volume header van een verborgen systeem volume niet op deze manier wijzigen.\n\nOm het wachtwoord van een verborgen systeem volume te wijzigen, start het verborgen operating systeem en kies dan 'Systeem' > 'Verander wachtwoord' uit het menu van het hoofdscherm van VeraCrypt.\n\nOm het header key afleidingsalgoritme aan te maken, start het verborgen operating systeem en lies dan 'Systeem' > 'Creëer Header Key Afleidingsalgoritme'. - VeraCrypt ondersteunt geen Op-De-Plaats decodering van een verborgen systeem partitie.\n\nNoot:Als u de lokvogel systeem partitie wilt decoderen, start het lokvogel operating systeem en selecteer 'Systeem' > 'Permanent Decoderen Systeem Partitie/Schijf' in het VeraCrypt hoofdscherm. - Fout: Incorrecte/ongeldige parameter. - U heeft een partitie of apparaat geselecteerd maar de functie van de wizard die u koos is alleen maar geschikt voor bestandscontainers.\n\nWilt u een andere functie van de wizard kiezen? - Wilt u in plaats hiervan een VeraCrypt bestandscontainer aanmaken? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Bent u er zeker van dat u de systeem partitie/schijf permanent wilt decoderen? - VOORZICHTIG: Als u de systeem partitie/schijf permanent decodeert, worden er ongecodeerde data naar geschreven.\n\nBent u er zeker van dat u de systeem partitie/schijf permanent wilt decoderen? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Waarschuwing: als u codes in cascade gebruikt voor system codering, kunt u de volgende problemen tegenkomen:\n\n)1 De VeraCrypt Boot Lader is dan groter dan normaal waardoor er niet genoeg ruimte zou kunnen zijn op de eerste track van de schijf voor een backup van deze Boot Lader. Als de Boot Lader beschadigd raakt, hetgeen nogal eens gebeurt (bijv. door slecht ontworpen anti-piraterij activatieprocedures van bepaalde programma’s), heeft u de VeraCrypt Reddingsschijf nodig om op te starten of om de Boot Lader te repareren.\n\n2) Op sommige computers neemt het herstarten uit de slaapstand meer tijd in beslag.\n\nDeze mogelijke problemen kunt u vermijden door een niet-cascade coderingsalgoritme (bijv. AES) te kiezen.\n\nBent u er zeker van dat u codes in cascade wilt gebruiken? - Als u enige van de hiervoor beschreven problemen tegenkomt, decodeer de partitie/schijf (als het is gecodeerd) en codeer het daarna opnieuw met gebruik van een niet-cascade-code (bijv. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - Het versienummer van de VeraCrypt Boot Lader waarmee dit operating systeem (OS) opstartte verschilt van het versienummer van de VeraCrypt driver (en applicaties) geïnstalleerd op dit OS.\n\nU zou de VeraCrypt installer met eenzelfde versienummer als dat van de boot lader moeten starten om VeraCrypt op dit OS bij te werken. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - De VeraCrypt Boot Lader heeft een upgrade gehad.\n\nHet wordt sterk aangeraden een nieuwe VeraCrypt Reddingsschijf aan te maken (die ook de nieuwe versie van de VeraCrypt Boot Lader zal bevatten) door te selecteren 'Systeem' > 'Maak Reddingsschijf aan' nadat u uw computer opnieuw opgestart heeft. - De VeraCrypt Boot Lader is ge-upgrade.\n\nHet wordt sterk aangeraden het lokvogel operating systeem te starten en dan een nieuwe VeraCrypt Reddingsschijf te maken (die de nieuwe VeraCrypt Boot Lader zal bevatten) door 'Systeem' > 'Maak Reddingsschijf Aan' te selecteren. - Fout: Kon geen update uitvoeren op de VeraCrypt Boot Lader. - VeraCrypt kon de werkelijke grootte van de systeemschijf niet vaststellen, daarom zal de grootte zoals vastgesteld door het operating system (die kleiner kan zijn) worden gebruikt. Dit is geen fout in VeraCrypt. - WAARSCHUWING: Het blijkt dat VeraCrypt al eerder heeft geprobeerd verborgen sectoren te ontdekken op deze systeem schijf. Als u enig probleem tegenkwam gedurende het vorige detectie proces, kunt u deze problemen vermijden door het detectieproces over te slaan. Merk op dat VeraCrypt dan de grootte van de systeem schijf zal gebruiken die gerapporteerd wordt door het operatingsysteem (die kleiner kan zijn dan de werkelijke grootte).\n\nMerk op dat dit probleem niet veroorzaakt wordt door een fout in VeraCrypt. - Sla de detectie over van verborgen sectoren (gebruik de grootte gevonden door het operating systeem) - Probeer verborgen sectors weer te detecteren - Fout: De inhoud van een of meerdere sectoren van de schijf kon niet gelezen worden, waarschijnlijk ten gevolge van een fysieke fout.\n\nDe Op-De-Plaats codering kan alleen maar voortgang vinden als deze sectoren weer leesbaar gemaakt zijn. VeraCrypt kan proberen deze sectoren weer leesbaar te maken door er nullen in te schrijven, waarna al deze nullen gecodeerd zullen worden. Merk echter op dat ten gevolge van deze oplossing alle (onleesbare) data die in deze sectoren liggen opgeslagen verloren zullen zijn. Indien u dit wilt vermijden kunt u proberen stukken van de betreffende data te herstellen met toepasselijke software van derden.\n\nNoot: Indien de sectoren fysiek beschadigd zijn (dus tegengesteld aan data corruptie en checksum fouten) zullen de meeste typen opslag media deze sectoren intern doorverwijzen naar andere goed functionerende sectoren wanneer geprobeerd wordt data er naartoe te schrijven. In dit geval kunnen de bestaande data op de beschadigde sectoren ongecodeerd op de schijf achterblijven).\n\nWilt u dat VeraCrypt nullen schrijft naar de onleesbare sectoren? - Fout: De inhoud van een of meer sectoren op de schijf kan niet worden gelezen (waarschijnlijk ten gevolgen van een fysieke fout).\n\nTeneinde door te kunnen gaan met de codering dient VeraCrypt de inhoud van de onleesbare sectoren te wissen (deze worden dan gevuld met pseudo-random data). Merk op dat u, alvorens verder te gaan, de inhoud van deze sectoren kunt proberen te herstellen middels software van derden.\n\nWilt u dat VeraCrypt de data in de onleesbare sectoren nu wist? - Noot: VeraCrypt heeft de inhoud van %I64d onleesbare sectoren (%s) vervangen door gecodeerde nullen in platte tekst blokken. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Geef wachtwoord/PIN voor token '%s': - Voordat VeraCrypt toegang kan krijgen tot een security token of smartcard, moet u eerst een PKCS #11 software library voor het token of smartcard installeren. Deze library kan meegeleverd zijn met het apparaat of kan op de website van de verkoper of van derden te vinden zijn.\n\nNa installatie van de library kunt u deze selecteren door te klikken op 'Selecteer Library' of u kunt VeraCrypt de bibliotheek automatisch laten vinden en selecteren door te klikken op 'Auto-Detect Library' (er wordt dan alleen in de Windows systeem mappen gezocht). - Noot: Raadpleeg voor de bestandsnaam en plaats van de PKCS #11 library van uw security token of smartcard de documentaie van het token, smartcard of software van derden.\n\nKlik op 'OK' om het pad en bestandsnaam te selecteren. - Voordat VeraCrypt toegang kan krijgen tot een security token of smartcard dient u een PKCS #11 software library voor het token/smartcard te selecteren. Selecteer hiertoe 'Instellingen' > 'Security Tokens'. - VeraCrypt kon de PKCS #11 library niet initialiseren.\n\nZorg dat het opgegeven pad en bestandsnaam naar een geldige PKCS #11 library verwijzen. Om een PKCS #11 library op te geven, selecteer 'Instellingen' > 'Security Tokens'. - De PKCS #11 library werd niet gevonden in de windows systeem map.\n\nZorg ervoor dat een PKCS #11 library voor uw security token of smart card is geïnstalleerd. Een dergelijke library kan meegeleverd zijn bij het apparaat of te vinden zijn op de website van de leverancier of van derden. Als de library is geïnstalleerd in een niet-windows map, klik dan op 'Selecteer Library' om de library te selecteren (bijv. in de map waar de software voor het token/smartcard is geïnstalleerd). - Er werd geen security token gevonden.\n\nZorg ervoor dat uw security token is aangesloten op de computer en dat de juiste driver is geïnstalleerd. - Security token sleutelbestand niet gevonden. - Security token sleutelbestand met deze naam bestaat reeds. - Wilt u de geselecteerde bestanden verwijderen? - Security token sleutelbestand pad is ongeldig. - Security token fout - Wachtwoord voor security token is fout. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - Alle open security token sessiess zijn gesloten. - Selecteer Security Token Sleutelbestanden - Slot - Token naam - Bestandsnaam - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Fout bij parsen command line. - Reddingsschijf - Selecteer &Bestand en Koppel - Selecteer &Apparaat en Koppel - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Waarschuwing: Het volume gekoppeld als '%s' werd niet correct ontkoppeld en kan derhalve fouten bevatten. Het gebruik van een corrupt bestandssysteem kan dataverlies of verminking tot gevolg hebben.\n\nNoot: Voordat u een apparaat fysiek verwijdert of uitschakelt (bijv. een USB flash-drive of een externe harddisk) waarop een gekoppeld VeraCrypt volume staat, moet u altijd eerst dit volume ontkoppelen.\n\nWilt u dat windows probeert evt. fouten op dit volume op te sporen en te repareren? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Waarschuwing: Een beschadigd bestandssysteem repareren m.b.v. Microsoft ‘chkdsk’ kan verlies van bestanden in beschadigde gebieden tot gevolg hebben. Daarom wordt het aangeraden dat u eerst de bestanden uit het VeraCrypt volume kopieert naar een ander, intact, VeraCrypt Volume.\n\nWilt u het bestandssysteem nu repareren? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' moest als read-only gekoppeld worden omdat schrijftoegang verboden werd.\n\nZorg ervoor dat geen ander programma (zoals antivirus software) bezig is met toegang tot de partitie/apparaat waarop het volume staat. - Volume '%s' is gekoppeld als alleen-lezen omdat het operating system heeft gemeld dat het huisvestende apparaat tegen schrijven beveiligd is.\n\nMerk a.u.b. op dat van sommige aangepaste chipset drivers is gerapporteerd dat ze onterecht bepaalde media als schrijf-beveiligd lieten zien. Dit probleem wordt niet veroorzaakt door VeraCrypt. Het kan evt. worden opgelost door de aangepaste (niet-Microsoft) chipset drivers te updaten of te de-installeren. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Wilt u dat VeraCrypt probeert de schrijfbeveiliging op de partitie/schijf uit te zetten? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Test - Sleutel - Backspace - Tab - Clear - Enter - Pauze - Caps Lock - Spatie - Page Up - Page Down - End - Home - Linker Pijltje - Pijltje Omhoog - Rechter Pijltje - Pijltje Omlaag - Selecteer toets - Print toets - Execute toets - Print Screen - Insert - Delete - Applicaties toets - Sleep - Num Lock - Scroll Lock - Browser Terug - Browser Forward - Browser Vernieuwen - Browser Stop - Browser Zoeken - Browser Favorieten - Browser Home - Dempen - Volume Lager - Volume Hoger - Volgende Track - Vorige Track - Stop Media - Afspelen/Pauzeren Media - Start Mail Key - Selecteer Media Key - Applicatie 1 - Applicatie 2 - Attn - CrSel - ExSel - Afspelen - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Annuleren + Installeer &voor alle gebruikers + Bro&wse + Voeg VeraCrypt icoon toe aan &desktop + Donate now... + Associeer de .hc bestand &extensie met VeraCrypt + &Open de bestemmingslocatie zodra gereed + Voeg VeraCrypt toe aan &Start menu + Maak Systeem &Herstel Punt + &De-installeer + &Uitpakken + &Installeer + VeraCrypt Setup Wizard + De-installeer VeraCrypt + &Help + Selecteer of type de locatie waar u de uitgepakte bestanden naartoe wilt kopieren: + Selecteer of type de locatie waar u de VeraCrypt programma bestanden naartoe wilt kopieren. Als de gespecificeerde map niet bestaaat, zal deze automatisch worden aangemaak. + Klik op Deinstalleer om VeraCrypt te verwijderen van dit systeem. + Afbreken + &Benchmark + &Test + Aanmaak en formattering gecodeerd Volume + Op-De-Plaats Codering van de partitie (Windows Vista) + Toon gegenereerde sleutels (their portions) + Toon inhoud + Download CD/DVD brandersoftware + Maak een gecodeerde bestandscontainer + &GB + &TB + Meer informatie + Ve&rborgen VeraCrypt volume + Meer informatie over Verborgen Volumes + Directe modus + Normale modus + &KB + G&ebruik Sleutel Best. + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + &Sleutelbestanden + Informatie over hash algoritmes + Meer informatie + Information on PIM + &MB + Meer informatie + Meer informatie over systeem codering + Meer informatie + Multi-boot + Codeer een niet-system partitie/station + Nooit &geschiedenis opslaan + Buiten-volume + &Pauze + Use P&IM + Use PIM + Snel Formatteren + &Laat wachtwoord zien + &Toon wachtwoord + &Display PIM + Single-boot + Standaard VeraCrypt volume + Ver&borgen + Normaal + Codeer de systeem partitie of gehele systeem schijf + Codeer de Windows systeem partitie + Codeer de gehele schijf + VeraCrypt Volume Aanmaak Wizard + Cluster + BELANGRIJK: Beweeg de muis zo willekeurig mogelijk binnen dit scherm. Hoe langer u hem beweegt, hoe beter. Dit verbetert significant de cryptografische sterkte van de codeersleutels. Klik vervolgens op Volgende om door te gaan. + &Bevestig: + Klaar + Drive letter: + Codering Algoritme + Filesysteem + Maakt een virtueel gecodeerde schijf aan binnen een bestand. Aanbevolen voor onervaren gebruikers. + Opties + Hash Algoritme + Header Key: + Nog + Master Key: + Selecteer deze optie als er twee of meer operating systemen geïnstalleeerd zijn op deze computer.\n\nBijvoorbeeld:\n- Windows XP en Windows XP\n- Windows XP en Windows Vista\n- Windows en Mac OS X\n- Windows en Linux\n- Windows, Linux en Mac OS X + Codeert een niet-systeem partitie op iedere in/externe schijf (bijv. USB Stick). Kan ook een Verborgen Volume aanmaken. + Huidige pool inhoud (gedeelte) + OK + Wachtwoord: + Volume PIM: + Volume PIM: + Voortgang: + Random Pool: + Selecteer deze optie als er maar één operating systeem geïnstalleerd is op deze computer (ook als de computer meerdere gebruikers telt). + Snelheid + Status + De sleutels, salt, en andere data zijn met succes aangemaakt. Als u nieuwe sleutels wilt aanmaken, klik op Terug en dan op Volgende, klik Volgende om door te gaan. + Codeert de partitie/schijf waarop Windows is geïnstalleerd. Eenieder die toegang tot het systeem wil hebben, zal vóór iedere start van Windows het juiste wachtwoord moeten ingeven. Evt. kan een Verborgen Systeem worden aangemaakt. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Wis modus: + Sluiten + Sla de pre-boot &authenticatie over door het indrukken van de Esc key (roept de boot manager op) + Doe niets + &Auto-koppel VeraCrypt volume (hieronder beschreven) + &Start VeraCrypt + Auto-&Detect Library + &Cache pre-boot authenticatie wachtwoord in het driver geheugen (voor het koppelen van niet-systeem volumes) + Bladeren + Bladeren + &Cache wachtwoorden en sleutels in geheugen + Sluiten als er geen gekoppelde volumes zijn + &Sluit token sessie (log uit) nadat een volume met succes is gekoppeld + Include VeraCrypt Volume Expander + Inclusief VeraCrypt Volume Aanmaak Wizard + Maak aan + Maa&k Volume + Laat geen &tekst zien in het pre-boot authenticatie scherm (behalve de onderstaande aangepaste boodschap) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Gebruik Sleutel Best. + Gebruik Sleutel Best. + S&luiten + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Toewijzen + Verwijderen + Sleutelbestanden + Do not use the following number of processors for encryption/decryption: + More information + More information + Meer Instellingen + &Auto-Koppel Apparaten + &Koppel Opties + Koppel volume als alleen-&lezen + Sleutelbestanden + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Geactiveerd + Cache wachtwoorden in geheugen + Auto-ontkoppeling volume als geen data gelezen/geschreven gedurende + Gebruiker uitlogt + User session locked + Power save modus gestart is + Screensaver geactiveerd is + Forceer auto-ontkoppeling, zelfs als volume open bestanden of directories bevat + Koppel alle in een apparaat gehuisveste VeraCrypt volumes + Start VeraCrypt Achtergrond Taak + Koppel volumes als alleen-lezen + Koppel volumes als verwijderbare media + Open Explorer venster voor succesvol gekoppeld volume + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Wis wachtwoorden in de cache bij auto-ontkoppeling + Wis wachtwoorden in de cache bij afsluiten + Preserve modification timestamp of file containers + Wis + Selecteer A&pparaat + Selecteer &Bestand + Selecteer &Library + Toon wachtwoord + Toon wachtwoord + Open &Explorer venster voor gekoppeld volume + &Cache wachtwoorden in programmageheugen + TrueCrypt Mode + O&ntkoppel Alles + Volume &Eigenschappen + Vol&ume Tools + &Wis Cache + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - Sneltoetsen + VeraCrypt + Verander Wachtwoord of Sleutelbestanden + Voer VeraCrypt Volume Wachtwoord In + VeraCrypt - Performance and Driver Options + VeraCrypt - Voorkeuren + VeraCrypt - Systeem Codeer Instellingen + VeraCrypt - Security Token Voorkeuren + VeraCrypt Traveler Disk Aanmaak + VeraCrypt Volume Eigenschappen + Over + Toevoegen/Verwijderen Sleutelbestanden aan/van Volume + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Backup Volume Header + Test Prestaties Codering Algoritmes + Creëer Header Key Afleidingsalgoritme + Verander Volume Wachtwoord + Creëer Header Key Afleidingsalgoritme + Verander Systeem Wachtwoord + Verwijder Volume Geschiedenis + Sluit alle Security Token Sessies + Contact + Aanmaak Verborgen Operating Systeem + Maak Reddingsschijf aan + Volume Aanmaak Wizard + Permanently Decrypt... + Creëer Standaard Sleutelbestanden + Default Mount Parameters... + Donate now... + Codeer Systeem Partitie/Schijf + Veel Gestelde Vragen + Gebruikers Handleiding + &Homepage + Sneltoetsen + Sleutelbestand Generator + Taal + Algemene Voorwaarden + Beheer Security Token Sleutelbestanden + Automatisch koppelen alle in Stations gehuisveste Volumes + Koppel Favoriete Volumes + Koppel Zonder Pre-Boot &Authenticatie + Koppel Volume + Koppel Volume met Opties + Nieuws + Online Documentatie + Beginners Tutorial + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Permanent Decoderen Systeem Partitie/Schijf + Voorkeuren + Lees Station Letters opnieuw in + Verwijder alle Sleutelbestanden van Volume + Herstel Volume Header + Hervat Onderbroken Proces + Selecteer Apparaat + Selecteer Bestand + Hervat Onderbroken Proces + Systeem Codering + Eigenschappen + Instellingen + System Favorite Volumes... + Downloads + Test Vectoren + Security Tokens + Traveler Disk Aanmaak + Ontkoppel alle Gekoppelde Volumes + Ontkoppel Volume + Controleer Reddingsschijf + Verify Rescue Disk ISO Image + Versie Geschiedenis + Volume Expander + Volume Eigenschappen + Volume Aanmaak Wizard + VeraCrypt Website + Wis Wachtwoorden in Cache + OK + Hardware Acceleration + Toekennen Sneltoets (selecteer actie boven, druk op toets en klik op Toewijzen) + AutoRun Configuratie (autorun.inf) + Auto-ontkoppeling + Auto-ontkoppel als: + Boot Lader Scherm Opties + Bevestig Wachtwoord: + Huidig + Laat deze aangepaste boodschap zien in het pre-boot authenticatie scherm (24 karakters maximaal): + Standaard Koppel Opties + Sneltoets Opties + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Bestand Instellingen + Toe te wijzen toetsen: + Processor (CPU) in this computer supports hardware acceleration for AES: + Acties bij opstarten van Windows + minuten + Koppel volume aan station: + Koppel Instellingen + Nieuw + Wachtwoord: + Thread-Based Parallelization + PKCS #11 Library Pad + PKCS-5 PRF: + PKCS-5 PRF: + Wachtwoord Cache + Security Opties + VeraCrypt Achtergrond Taak + VeraCrypt Volume te koppelen (t.o.v. Traveler Disk root directory): + Na aanbrengen Traveler Disk: + Maak Traveler Disk bestanden in (Traveler Disk root directory): + Volume + Windows + Voeg &Pad Toe + &Auto-Test Alles + &Doorgaan + &Decodeer + &Verwijder + &Codeer + &Exporteer + Genereer en bewaar Sleutelbestand + &Genereer Random Sleutelbestand + Download vertaling + Hardware-accelerated AES: + &Importeer Sleutelbestand naar Token + Toevoegen &Best. + G&ebruik Sleutel Best. + &Sleutelbestanden + &Verwijderen + Verwijder &Alles + Wat is verborgen volume bescherming? + Meer informatie over Sleutelbestanden + Koppel volume als verwijderbaar &medium + Koppel partitie &middels systeem codering zonder pre-boot authenticatie + Parallelization: + Start Tests + &Print + &Bescherm Verborgen Volume tegen schade door schrijven in Buitenste + &Reset + &Toon wachtwoord + Toev. &Token Best. + Gebruik backup van header ingebed in &volume indien aanwezig + XTS modus + Over VeraCrypt + VeraCrypt - Test Prestaties Codering Algoritmes + VeraCrypt - Test Vectoren + Command Line Help + VeraCrypt - Sleutelbestanden + VeraCrypt - Sleutelbestand Generator + VeraCrypt - Taal + VeraCrypt - Koppel Opties + Nieuwe Security Token Sleutelbestand Eigenschappen + VeraCrypt - Random Pool Verrijking + Selecteer een Partitie of Apparaat + VeraCrypt + Security Token Sleutelbestanden + Security Token wachtwoord/PIN benodigd + Huidige Taal Instelling + De snelheid wordt beïnvloed door CPU belasting en eigenschappen van het opslagmedium.\n\nDeze tests worden uitgevoerd in het RAM. + Buffer Grootte: + Code: + W&achtwoord voor het Verborgen Volume:\n(als dit leeg is wordt de cache gebruikt) + Verborgen Volume Protectie + Sleutel grootte: + BELANGRIJK: Beweeg de muis zo willekeurig mogelijk binnen dit scherm. Hoe langer u hem beweegt, hoe beter. Dit verbetert significant de cryptografische sterkte van de codeersleutels. + Let op: Als een Sleutelbestand zoekraakt of in de eerste 1024 kilobytes verandert, zal het corresponderende Volume niet meer gekoppeld kunnen worden! + bits + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Vertaald door: + Platte tekst grootte: + bits + Huidige Inhoud + Mixing PRF: + BELANGRIJK: Beweeg uw muis zo willekeurig als mogelijk binnen dit scherm. Hoe langer, hoe beter. Dit verbetert significant de veiligheid. Indien gereed klikt u op ‘Doorgaan’. + Secundaire sleutel (hexadecimaal) + Security token: + Weergave: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Blok nummer: + Codetekst (hexadecimaal) + Data eenheid nummer (64-bit hexadecimaal, data eenheid grootte is 512 bytes) + Sleutel (hexadecimaal) + Platte tekst (hexadecimaal) + Naam Sleutelbestand: + XTS modus + S&ysteem + &Volumes + Favor&ites + T&ools + Instellin&gen + &Help + Homep&age + + &Over + Het alleen-lezen attribuut op uw oude volume kon niet worden aangepast. Controleer de permissies van het bestand. + Fout: Toegang geweigerd.\n\nDe partitie die u probeert te bereiken is of 0 sectoren groot, of is uw opstart partitie. + Administrator + Om de VeraCrypt driver te laden moet u zijn ingelogd met een account met administrator rechten. + Noot: om een apparaat/partitie te kunnen coderen/Decodeer/formatteren moet u ingelogd zijn met een beheersaccount, dus met administrator rechten.\n\nDit geldt niet voor het formatteren/coderen van volumes die zijn opgenomen in een Bestandscontainer. + Om een Verborgen Volume te kunnen maken moet u ingelogd zijn in een account met administrator rechten.\n\nDoorgaan? + Om het volume te kunen formatteren in NTFS formaat moet u ingelogd zijn in een account met administrator rechten.\n\nZonder administrator rechten kunt u het volume in FAT formaat formatteren. + FIPS-goedgekeurde code (Rijndael, gepubliceerd 1998) die mag worden gebruikt door U.S. overheids departementen en agentschappen om geclassificeerde informatie te beveiligen tot aan Top Secret level. 256-bit sleutel, 128-bit blok, 14 rondgangen (AES-256). Operatiemodus is XTS. + Volume is reeds gekoppeld. + WAARSCHUWING: Bij tenminste een codering of hash algoritme is de ingebouwde automatische zelftest mislukt!\n\nDe installatie van VeraCrypt kan mogelijk beschadigd zijn. + Waarschuwing: Er zijn niet genoeg data in de Random Nummer Generator om te voorzien in de gevraagde hoeveelheid random data.\n\nGa niet verder in het programma. Wilt u a.u.b.'Rapporteer een fout' uit het Help menu kiezen en deze fout rapporteren? + De schijf is beschadigd (fysiek defect) of een kabel is beschadigd, of het geheugen disfunctioneert.\n\nMerk aub op dat dit een probleem met uw hardware is, niet met VeraCrypt. Rapporteer dit daarom a.u.b. NIET als een bug of probleem in VeraCrypt en vraag hiervoor NIET om hulp in het VeraCrypt Forum. Neem a.u.b. contact op met het technisch ondersteunings team van uw computer verkoper voor hulp. Dank u wel.\n\nMerk op: Als de fout herhaaldelijk op dezelfde plaats optreedt, wordt deze waarschijnlijk veroorzaakt door een zgn. bad cluster op de schijf. Dit zou gecorrigeerd moeten kunnen worden middels software van een derde partij (in veel gevallen is de opdracht 'chkdsk /r' niet in staat deze fout te corrigeren omdat dit programma op bestandsnivo werkt; in sommige gevallen zal 'chkdsk' de fout zelfs niet opmerken). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Uw system heeft aangepaste chipset drivers met daarin een bug die codering van de gehele systeem schijf verhindert.\n\nProbeer a.u.b. (niet-Microsoft) aangepaste chipset drivers bij te werken of te deïnstalleren voordat u verder gaat. Codeer alleen de systeem partitie als het probleem blijft. + Ongeldige stationsletter. + Ongeldig pad. + Annuleer + Kan geen toegang tot station verkrijgen. Overtuigt u zich ervan dat het opgegeven station bestaat en niet gebruikt wordt door het systeem. + Waarschuwing: Caps Lock staat aan. Houd hier rekening mee bij het invoeren van het wachtwoord. + Volume Type + Het zou kunnen dat u door iemand gedwongen wordt het wachtwoord van een gecodeerd volume prijs te geven. Er zijn veel situaties waarin u niet kunt weigeren het wachtwoord te onthullen (bijvoorbeeld in geval van afpersing). Door een Verborgen Volume te gebruiken kunt u in zulke situaties voorkomen dat u het wachtwoord prijs hoeft te geven. + Selecteer deze optie als u een normaal VeraCrypt volume wilt aanmaken. + Indien u een operating systeem wilt installeren in een verborgen volume dat is gehuisvest in een partitie kunt u de gehele systeemschijf NIET coderen met gebruik van één enkele sleutel. + Buiten Volume Codering Opties + Verborgen Volume Codering Opties + Codering Opties + WAARSCHUWING: Het pad (als opgeslagen door de bestandsselectie) van het laatst geselecteerde volume/sleutelbestand kon niet geschoond worden! + Fout: De bestandscontainer is gecomprimeerd op bestandsniveau. VeraCrypt ondersteunt geen gecomprimeerde containers (noot: Compressie van gecodeerde data is ineffectief en overbodig).\n\nSchakel a.u.b. compressie voor deze container uit door de volgende stappen te nemen: 1) Klik de container RECHTS aan in Windows Explorer (niet in VeraCrypt). 2) Selecteer 'Eigenschappen'. 3) Kies 'Geavanceerd' in de 'Eigenschappen' dialoog. 4) Haal het vinkje bij 'Inhoud Comprimeren om schijfruimte vrij te maken' weg in het Geavanceerde Dialoog Scherm en klik op 'OK'. 5) Klik op 'OK' in het 'Eigenschappen' dialoog scherm. + Niet succesvol in het aanmaken van volume %s + Grootte van %s is %.2f bytes + Grootte van %s is %.2f KB + Grootte van %s is %.2f MB + Grootte van %s is %.2f GB + Grootte van %s is %.2f TB + Grootte van %s is %.2f PB + WAARSCHUWING: Het apparaat/partitie is in gebruik door het operating systeem of door programma's. Het formatteren van het apparaat/partitie kan dataverminking en systeeminstabiliteit tot gevolg hebben.\n\nWilt u doorgaan? + Waarschuwing: Deze partitie is in gebruik door het operating systeem of programma's. U dient iedere applicatie die deze partitie zou kunnen gebruiken (incl. antivirusprogramma's) te sluiten.\n\nDoorgaan? + Fout: Het apparaat/partitie bevat een bestandssysteem dat niet kan worden ontkoppeld. Dit bestandssyteem kan in gebruik zijn door het operating systeem. Het formatteren van het apparaat/partitie zal waarschijnlijk dataverminking en systeeminstabiliteit tot gevolg hebben.\n\nOm dit probleem op te lossen raden we aan deze partitie eerst te verwijderen en dan opnieuw aan te maken zonder deze te formatteren. Volg hiertoe de volgende stappen: 1) Klik RECHTS op het 'Deze Computer' (of 'Mijn Computer') icoontje in het 'Start Menu' en kies 'Beheren'. Het 'Computer Beheer' scherm verschijnt nu. 2) In het 'Computer Beheer' scherm, kies 'Opslag' > 'Schijfbeheer'. 3) Klik RECHTS op de partitie die u wilt gaan coderen en kies voor 'Partitie Verwijderen', of 'Verwijder Schijf', of 'Logisch Station Verwijderen'. 4) Klik op 'Ja'. Als Windows u vraagt de computer te herstarten, doet u dit dan. Herhaal dan de stappen 1 en 2 en ga verder met stap 5. 5) Klik nu RECHTS op de niet-toegewezen/vrije ruimte en selecteer 'Nieuwe Partitie', of 'Nieuw Eenvoudig Volume', of 'Nieuw Logisch Station'. 6) De 'Wizard Nieuwe Partitie' of 'Wizard Nieuw Eenvoudig Volume' moet nu verschijnen; volg de instructies. Op de wizard-pagina met de titel 'Formatteer Partitie', selecteer 'Formatteer deze partitie NIET' of 'Formatteer dit volume NIET'. In dezelfde wizard, klik op 'Volgende' en dan 'Voltooien'. 7) Merk op dat het stationspad dat u hebt geselecteerd in VeraCrypt nu verandert en dus verkeerd kan zijn. Verlaat daarom de VeraCrypt Volume Aanmaak Wizard (als die nog draait) en start deze opnieuw. 8) Probeer het apparaat/partitie opnieuw te coderen.\n\nMocht VeraCrypt herhaaldelijk falen in zijn pogingen dit apparaat/partitie te coderen, dan kunt u overwegen een bestandscontainer aan te maken. + Fout: Het bestandssysteem kon niet gekoppeld en/of ontkoppeld worden. Het bestandssysteem kan in gebruik zijn door het operating systeem of programma's (bijv. antivirus software). Het coderen van de partitie kan dan data corruptie en systeeminstabiliteit veroorzaken.\n\nSluit a.u.b. ieder programma dat het bestandssysteem zou kunnen gebruiken (incl. antivirus software) en probeer het opnieuw. Indien dit niet helpt, volg a.u.b. de stappen hieronder. + WAARSCHUWING: Sommige van de gekoppelde apparaten/partities waren reeds in gebruik!\n\nIndien u dit negeert kan dit ongewenste gevolgen en systeeminstabiliteit tot gevolg hebben.\n\nWe raden u sterk aan ieder programma dat het apparaat/partitie in gebruik zou kunnen hebben te beëindigen. + Het geselecteerde apparaat bevat partities!\n\nDit apparaat formatteren zou systeem instabiliteit en dataverlies tot gevolg kunnen hebben. Selecteert u a.u.b. een partitie op dit apparaat, of verwijdert u alle partities zodat VeraCrypt het apparaat vervolgens veilig kan formatteren. + Op apparaten die niet gepartitioneerd zijn (incl. harde schijven en Solid State drives) kunnen gecodeerde VeraCrypt Volumes worden aangemaakt. Een apparaat dat partities bevat kan slechts als één geheel worden gecodeerd (met één master key) indien Windows daarop geïnstalleerd is en ermee opgestart wordt.\n\nAls u het geselecteerde niet-systeem apparaat als één geheel wilt coderen met één master key, dient u eerst alle partities te verwijderen waarna VeraCrypt dit apparaat als één geheel kan formatteren. Als alternatief kunt u iedere partitie op dit apparaat afzonderlijk selecteren voor aanmaak van een VeraCrypt Volume. (Iedere partitie wordt dan met een andere master key gecodeerd).\n\nNoot:Als u alle partities wilt verwijderen van een GPT disk, zou u deze kunnen converteren naar een MBR disk (middels bijv. Computerbeheer in Windows) teneinde de verborgen partities te kunnen verwijderen. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + Op-De-Plaats codering van niet-systeem volumes wordt niet ondersteund door uw operating system (het wordt slechts door Windows Vista en latere versies van Windows ondersteund).\n\nDe reden is dat deze versie krimpen van het bestandsysteem niet ondersteunt (hetgeen noodzakelijk is om plaats te maken voor de volume header en backup header). + De geselecteerde partitie blijkt geen NTFS bestandssysteem te bevatten. Alleen partities met daarop het NTFS bestandssysteem kunnen Op-De-Plaats gecodeerd worden.De reden hiervoor is dat alleen onder NTFS het krimpen van het bestandssyteem mogelijk is zodat er ruimte vrijkomt voor de volume header en de backup header). + De geselecteerde partitie blijkt geen NTFS bestandssysteem te bevatten. Alleen partities met daarop het NTFS bestandssysteem kunnen Op-De-Plaats gecodeerd worden.\n\nIndien u een VeraCrypt Volume wilt aanmaken in deze partitie, kies dan ‘Aanmaak en formattering gecodeerd volume’ (i.p.v. ‘Op-De-Plaats Codering van de partitie (Windows Vista))’ + Fout: De partitie is te klein. VeraCrypt kan het niet Op-De-Plaats coderen. + Volg a.u.b. de volgende stappen om de bestanden op deze partitie te coderen:\n\n1) Maak een VeraCrypt Volume aan op een lege partitie/apparaat en koppel dit Volume.\n\n2) Kopieer alle bestanden van de partitie die u oorspronkelijk wilde coderen naar het in stap 1 aangemaakte en gekoppelde VeraCrypt Volume. U heeft nu een in VeraCrypt gecodeerde backup van uw bestanden gemaakt.\n\n3) Maak een VeraCrypt Volume aan op de partitie die u oorspronkelijk wilde coderen en zorg ervoor dat u in de‘VeraCrypt Volume Aanmaak Wizard’ de keuze ‘Aanmaak en formattering gecodeerd volume’ doet en dus niet ‘Op-De-Plaats Codering van de partitie (Windows Vista)’. Alle data op de partitie worden nu gewist. Na de aanmaak kunt u het volume koppelen.\n\n4) Kopieer nu alle backup-bestanden die u op het in stap 1 gekoppelde VeraCrypt Volume hebt veiliggesteld naar het Volume dat u in stap 3 heeft aangemaakt en gekoppeld.\n\nNadat u deze stappen hebt doorlopen zijn uw bestanden gecodeerd én heeft u er een back-up van. + VeraCrypt kan alleen maar een partitie, een dynamisch volume of een gehele systeem schijf Op-De-Plaats coderen.\n\nIndien u een VeraCrypt Volume wilt maken in het geselecteerde niet-systeem apparaat, kies dan ‘Aanmaak en formattering gecodeerd volume’ (i.p.v. ‘Op-De-Plaats Codering van de partitie (Windows Vista))’ + Fout: VeraCrypt kan alleen maar een partitie, een dynamisch volume of een gehele systeem schijf Op-De-Plaats coderen.Controleer a.u.b. of het opgegeven pad geldig is. + Fout: Kan het bestandssysteem niet krimpen (dit is noodzakelijk om plaats te maken voor de volume header en de backup header).\n\nMogelijke oorzaken en oplossingen:\n\n- Niet voldoende vrije ruimte op het volume. Zorg ervoor dat geen ander programma aan het schrijven is naar het bestandssysteem.\n\n- Corrupt bestandssysteem. Controleer en repareer indien nodig de fouten: Klik rechts op de overeenkomende stationsletter in ‘Mijn Computer’, klik op ‘Eigenschappen’ > Extra > ‘Volume op fouten controleren’, zorg dat de optie ‘Fouten in het bestandssysteem automatisch corrigeren’ is aangevinkt en druk op ‘Starten’.\n\nAls deze stappen niet helpen, volg dan a.u.b. de volgende stappen. + Fout: er is niet genoeg vrije ruimte op het volume waardoor het bestandssysteem niet ingekrompen kan worden (dit is noodzakelijk om ruimte te maken voor de volume header en de backup header).\n\nVerwijder a.u.b. alle overbodige bestanden en maak de prullenbak leeg om zo minstens 256 KB ruimte vrij te maken en probeer het daarna opnieuw. Door een probleem in Windows kan de vrije ruimte, gemeld door Windows Explorer, incorrect kan zijn zolang de computer niet opnieuw is gestart. Als opnieuw starten van de computer niet helpt, kan het bestandssysteem mogelijk corrupt zijn. Controleer dit dan en repareer de fouten: Klik rechts op de stationsletter in ‘Mijn Computer’, klik op ‘Eigenschappen’ > Extra > ‘Volume op fouten controleren’, zorg dat de optie ‘Fouten in het bestandssysteem automatisch corrigeren’ is aangevinkt en druk op ‘Starten’.\n\nAls deze stappen niet helpen, volg dan a.u.b. de volgende stappen. + Vrije ruimte op schijf %s is %.2f bytes. + Vrije ruimte op schijf %s is %.2f KB + Vrije ruimte op schijf %s is %.2f MB + Vrije ruimte op schijf %s is %.2f GB + Vrije ruimte op schijf %s is %.2f TB + Vrije ruimte op schijf %s is %.2f PB + Kon geen beschikbare station letters verkrijgen. + Fout: VeraCrypt driver niet gevonden.\n\nKopieer a.u.b. de bestanden 'veracrypt.sys' en 'veracrypt-x64.sys' naar de map waar VeraCrypt (VeraCrypt.exe) is geïnstalleerd. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Error: Code initialisatie mislukt. + Fout: Een zwakke of potentieel-zwakke sleutel is ontdekt. De sleutel zal worden verwijderd. Probeert u het a.u.b. opnieuw. + Een kritische fout is opgetreden in VeraCrypt waardoor dit beëindigd moet worden. Als dit veroorzaakt is door een fout in VeraCrypt willen we deze graag herstellen. Om ons te helpen kunt u ons een automatisch aangemaakt foutrapport sturen met de volgende informatie:\n\n- Programma versie\n- Operating systeem versie\n- Type CPU\n- VeraCrypt component naam\n- Checksum van VeraCrypt executable\n- Symbolische naam van dialoog scherm\n- Fout categorie\n- Fout adres\n- VeraCrypt call stack\n\nAls u op 'Ja' drukt, zal de volgende URL (met daarin het hele foutrapport) worden geopend in uw standaard internet browser.\n\n%hs\n\nWilt u ons dit rapport zenden? + Een kritische fout is opgetreden in uw systeem waardoor VeraCrypt moet worden beëindigd.\n\nMerk op dat deze fout NIET is veroorzaakt door VeraCrypt. (De VeraCrypt ontwikkelaars kunnen deze fout dus NIET oplossen). Controleer uw computer op mogelijke problemen (bijv. systeem configuratie, netwerkverbinding, defecte hardware componenten). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt kritieke fout + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Codeer + &Decodeer + &Permanent Decoderen + Sluiten + Maak a.u.b. een logisch station aan voor deze extended partitie en probeer het dan nogmaals. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Partities op harde schijven, Solid State Drives, USB sticks en andere ondersteunde apparaten kunnen worden gecodeerd tot VeraCrypt Volumes.\n\nIndien een apparaat (incl. Solid State Drives en USB sticks) geen partities bevat kan het ook als geheel worden gecodeerd tot een VeraCrypt Volume.\n\nNoot: Een apparaat dat partities bevat kan als geheel worden gecodeerd (met gebruik van één sleutel) alléén indien op dit apparaat Windows is gehuisvest en er vanaf wordt opgestart. + Een VeraCrypt Volume kan worden aangemaakt binnen een harde schijf partitie, Solid-State Drive, USB stick en andere ondersteunde apparaten.\n\nWAARSCHUWING: Het apparaat/partitie zal in dit proces worden geformatteerd waardoor alle erop aanwezige bestanden verloren zullen gaan. + \nSelecteer de locatie waar het Buiten Volume moet worden aangemaakt (binnen dit Buiten Volume zal later het Verborgen Volume worden aangemaakt).\n\nPartities op harde schijven, Solid State Drives, USB sticks en andere ondersteunde apparaten kunnen worden gecodeerd tot een Buiten Volume. Apparaten die geen partities bevatten (incl. Solid State Drives en USB sticks) kunnen ook als geheel worden gecodeerd tot een Buiten Volume.\n\nWAARSCHUWING: Het gehele apparaat of partitie wordt tijdens het coderen geformatteerd en alle data die er op staan gaan verloren! + Selecteer de locatie van het VeraCrypt volume waarin u een Verborgen Volume wilt aanmaken. + WAARSCHUWING: Het huisvestende bestand/apparaat is in gebruik!\n\nDit negeren kan ongewenste gevolgen hebben zoals systeem instabiliteit. Alle programma’s die het huisvestende bestand/apparaat gebruiken (bijv. antivirus/backup) stoppen alvorens het volume te koppelen.\n\nDoorgaan met koppelen? + Fout: Kan het volume niet koppelen. Het huisvestende bestand/apparaat is reeds in gebruik. Een poging te koppelen met exclusieve toegang is ook mislukt. + Het bestand kon niet worden geopend. + Volume Locatie + Grote Bestanden + Wilt u bestanden groter dan 4 GB opslaan in dit VeraCrypt Volume? + Gebaseerd op uw keuze hierboven zal VeraCrypt een passend bestandssyteem kiezen voor het aan te maken VeraCrypt volume (u kunt deze keuze in de volgende stap desgewenst aanpassen). + Gelieve, omdat u een buiten volume aanmaakt, a.u.b. ‘Nee’ in overweging te nemen. Als u ‘Ja’ kiest, zal het standaard systeem NTFS zijn, hetgeen minder geschikt is voor buitenvolumes dan FAT (de max. grootte van verborgen volumes is bijv. veel kleiner bij NTFS dan bij FAT). Normaal gesproken is de standaard FAT voor zowel verborgen als normale volumes (dus wekt FAT ook geen argwaan). Echter, indien u aangeeft bestanden groter dan 4 GB op te willen slaan, dan is FAT niet de standaard. + Bent u zeker van uw keuze 'Ja'? + Volume Aanmaak Modus + Dit is de snelste manier om van deze partitie/apparaat een VeraCrypt Volume te maken. (De andere optie, codering, is langzamer omdat alle bestanden erop dan gecodeerd moeten worden.) Deze snelle manier zal alle bestanden op het apparaat/partitie wissen en overschrijven met random data. De bestanden zullen dus NIET worden gecodeerd. Indien u de bestanden wenst te behouden en coderen, kies dan de andere optie. + De geselecteerde partitie en alle bestanden erop worden gecodeerd. Uw bestanden blijven dan toegankelijk via VeraCrypt. Indien deze partitie leeg is, kies dan de ander optie (de volume aanmaak zal dan veel sneller geschieden). + Noot: + &Hervat + &Pauzeer + &Start + &Vervolg + &Formatteer + &Wis + Stop formatteren? + Laat meer informatie zien + Laat dit niet meer zien + De inhoud van de partitie/apparaat is met succes gewist. + De inhoud van de partitie waar het oorspronkelijke system aanwezig was is met succes gewist. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + De systeem partitie/schijf is met succes gedecodeerd. + \n\nHet VeraCrypt Volume is succesvol aangemaakt en is klaar voor gebruik. Als u nog een VeraCrypt Volume wilt aanmaken, klik dan op Volgende. Anders op Sluiten klikken. + \n\nHet Verborgen VeraCrypt Volume is aangemaakt (het verborgen operating system zal zich in dit Verborgen Volume bevinden).\n\nKlik op Volgende om door te gaan. + Volume Geheel Gecodeerd + Volume Fully Decrypted + BELANGRIJK: OM TOEGANG TOT DIT NIEUW AANGEMAAKT VERACRYPT VOLUME TE KRIJGEN MOET HET EERST GEKOPPELD WORDEN, KLIK OP ‘Auto-Koppel Apparaten’ IN HET VERACRYPT HOOFDSCHERM. Na ingave van het wachtwoord (en/of indien de juiste sleutelbestanden op aanwezigheid zijn gecontroleerd) zal het Volume worden gekoppeld aan de stationsletter die u heeft geselecteerd in het hoofdscherm. Via deze stationsletter heeft u toegang tot de data op uw VeraCrypt Volume.\n\nONTHOUDT DEZE STAPPEN GOED WANT U MOET ZE IEDERE KEER WEER UITVOEREN OM BIJ DE DATA TE KUNNEN KOMEN DIE OP HET VOLUME GECODEERD ZIJN OPGESLAGEN. Als alternatief kunt u in het hoofdscherm klikken op ‘Selecteer Apparaat’, selecteer dan deze partitie/apparaat, klik een lege stationsletter aan in het hoofdscherm en klik op ‘Koppel’.\n\nDe partitie/apparaat is met succes gecodeerd, het bevat nu een volledig gecodeerd VeraCrypt Volume en is klaar voor gebruik. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + Het VeraCrypt Volume is met succes aangemaakt. + Volume Aangemaakt + BELANGRIJK: Beweeg de muis zo willekeurig als mogelijk binnen dit scherm. Hoe langer, hoe beter. Dit verbetert significant de cryptografische sterkte van de codeersleutels. Klik daarna op Formatteer om het volume aan te maken. + Klik op Formatteer om het Buiten Volume aan te maken. Voor meer informatie, raadpleeg de documentatie. + Buiten Volume Formatteren + Verborgen Volume Formatteren + Volume Formatteren + Adobe Reader (of een vergelijkbaar programma) is benodigd om de VeraCrypt Gebruikershandleiding te bekijken of te printen. Het gratis programma Adobe Reader kan worden gedownload op: www.adobe.com\n\nWilt u in de plaats hiervan de Online Documentatie raadplegen? + Als u deze optie kiest, zal de wizard u eerst helpen een normaal VeraCrypt volume aan te maken en daarna een Verborgen VeraCrypt Volume daar binnen. Onervaren gebruikers wordt sterk aangeraden altijd deze optie te kiezen. + Als u deze optie kiest, gaat u een Verborgen Volume aanmaken binnen een bestaand VeraCrypt volume. Er wordt aangenomen dat u reeds een VeraCrypt volume heeft aangemaakt dat geschikt is om het Verborgen Volume te huisvesten. + Volume Aanmaak Modus + Verborgen Volume Gemaakt + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + U heeft het verborgen operating system gestart. Zoals u misschien heeft opgemerkt, lijkt het verborgen operating systeem geïnstalleerd te zijn op dezelfde partitie als het originele operating systeem. In werkelijkheid echter, is het aanwezig op de partitie erachter (in het Verborgen Volume). Alle lees- en schrijf operaties worden transparant doorgesluisd van het originele operating systeem naar het operating systeem in het Verborgen Volume.\n\nZowel het operating systeem als de applicaties ‘weten’ niet dat de data gelezen van en geschreven naar de systeem partitie in werkelijkheid worden gelezen van/geschreven naar de partitie erachter (van/naar het Verborgen Volume daar). Alle data worden on-the-fly gecodeerd met een codeersleutel die verschilt van de key die wordt gebruikt voor het lokaas operating systeem.\n\nKlik a.u.b. op ‘Volgende’ om door te gaan. + Het buiten volume is aangemaakt en gekoppeld als schijf %hc:. Kopieer nu enige belangrijk-uitziende bestanden naar dit buiten volume die u NIET wilt verbergen. Ze zullen daar staan t.b.v. eenieder die u zal dwingen het wachtwoord te onthullen van de eerste partitie achter de systeem partitie, waar naast het buiten volume ook het verborgen volume aanwezig is. U kunt dan het wachtwoord van het buiten volume onthullen waardoor het verborgen volume met daarin het verborgen operating systeem onontdekt zal blijven.\n\nBELANGRIJK: De bestanden die u gaat kopieren naar het buitenvolume mogen niet meer ruimte in beslag nemen dan %s. Anders is er mogelijk te weinig ruimte voor het verborgen volume waarna u niet verder kunt. Klik na het kopiëren op Volgende. + Het Buiten Volume is aangemaakt en gekoppeld als station %hc:. Naar dit volume moet u nu wat gevoelig uitziende bestanden kopiëren die u NIET wilt verbergen. Deze bestanden zijn voor degene die u onverhoopt dwingt uw wachtwoord prijs te geven. U kunt dan alleen het wachtwoord prijsgeven van het Buiten Volume. De bestanden die belangrijk zijn staan dan in het Verborgen Volume (dat nog moet worden aangemaakt). Druk op Volgende als u klaar bent met kopiëren. Ontkoppel het Buiten Volume niet.\n\nNoot: Nadat u op Volgende hebt gedrukt, zal de cluster bitmap van het Buiten Volume worden gescand om de grootte van de aaneengesloten vrije ruimte te bepalen die samenvalt met het einde van het Buiten Volume. Deze vrije ruimte zal het Verborgen Volume gaan huisvesten en dus meteen de maximum omvang ervan beperken. Dit scannen verzekert ervan dat geen data van het Buiten Volume zullen worden overschreven door het Verborgen Volume. + Buiten Volume Inhoud + \n\nIn de volgende stappen zullen alle eigenschappen worden vastgesteld van het Buiten Volume (waarin later het Verborgen Volume zal worden aangemaakt). + \n\nIn de volgende stappen wordt nu het Buiten Volume aangemaakt in de eerste partitie achter de systeempartitie. + Buiten Volume + Hierna worden de opties en het wachtwoord bepaald voor het Verborgen Volume dat het verborgen operating systeem zal bevatten.\n\nOpmerking: De cluster bitmap van het buiten volume is gescand om de grootte te bepalen van de ononderbroken vrije ruimte waarvan het einde samenvalt met het einde van het buitenvolume. Dit in grootte beperkte gebied zal het verborgen volume bevatten. Van deze maximum grootte is vastgesteld dat hij groter is dan de systeempartitie, hetgeen ook nodig is omdat de systeempartitie in het geheel naar het verborgen volume gekopieerd gaat worden). Aldus is vastgesteld dat data aanwezig in het buitenvolume niet overschreven zullen worden door data die naar het verborgen volume worden geschreven. + BELANGRIJK: Onthoud de in deze stap gekozen algoritmes!! U dient dezelfde algoritmes te selecteren bij aanmaak van het lokaas systeem. Anders zal het verborgen systeem niet toegankelijk zijn. (Het lokaas systeem moet worden gecodeerd met dezelfde algoritmes als het verborgen systeem.)\n\nNoot: De reden hiervoor is dat beide systemen dezelfde boot lader gebruiken. Een boot lader ondersteunt slechts één algoritmen. (Voor ieder algoritme is er een eigen versie van de bootlader.) + \n\nDe Volume Cluster Bitmap is gescand en de maximaal mogelijke grootte van het Verborgen Volume is vastgesteld. In de volgende stap kunt u de opties, de grootte en het wachtwoord voor het Verborgen Volume bepalen. + Verborgen Volume + Het Verborgen Volume is nu beveiligd tegen schade totdat het Buiten Volume is ontkoppeld.\n\nWAARSCHUWING: Als data wordt geprobeerd te schrijven naar het Verborgen Volume, zal VeraCrypt schrijf-bescherming instellen voor het gehele volume (zowel het buiten als het verborgen deel) todat het is ontkoppeld. Dit kan beschadiging van gegevens in het Buiten Volume tot gevolg hebben, wat (indien herhaald) de aannemelijke ontkenbaarheid van het Verborgen Volume kan aantasten. Gelieve daarom te voorkomen dat er nu geschreven wordt in het Verborgen Volume gedeelte. Alle gegevens weggeschreven naar het Verborgen Volume zullen verloren gaan. Windows kan dit rapporteren als een schrijffout ("Uitgestelde schrijfactie mislukt" of "Verkeerde parameter"). + Ieder van de Verborgen Volumes binnen de nieuw gekoppelde volumes is nu beschermd tegen schade tot het moment van ontkoppeling.\n\nWAARSCHUWING: Als data wordt geprobeerd te schrijven naar het Verborgen Volume van ieder van deze volumes, zal VeraCrypt schrijf-bescherming instellen voor het gehele volume (zowel het buiten als het verborgen deel) totdat het is ontkoppeld. Dit kan beschadiging van gegevens in het Buiten Volume tot gevolg hebben, wat (indien herhaald) de aannemelijke ontkenbaarheid van het Verborgen Volume kan aantasten. Gelieve daarom te voorkomen dat er nu geschreven wordt in het Verborgen Volume gedeelte. Alle gegevens weggeschreven naar het Verborgen Volume zullen verloren gaan. Windows kan dit rapporteren als een schrijffout ("Uitgestelde schrijfactie mislukt" of "Verkeerde parameter"). + WAARSCHUWING: Er is geprobeerd data te schrijven in het Verborgen Volume gedeelte van het volume dat is gekoppeld als %c:! Om het Verborgen Volume te beschermen voorkwam VeraCrypt dat deze data werden opgeslagen. Dit kan beschadiging van gegevens tot gevolg hebben in het Buiten Volume. Windows kan een schrijffout gerapporteerd hebben ("uitgestelde Schrijfactie mislukt" of "Verkeerde parameter"). Het gehele volume (zowel het Buiten als het Verborgen gedeelte) zullen nu tegen schrijven beschermd zijn tot het ontkoppelen. Als VeraCrypt al eerder voorkomen heeft dat data geschreven werden naar het Verborgen Volume gedeelte van dit volume, kan de aannemelijke ontkenbaarheid van dit Verborgen Volume aangetast zijn (als gevolg van mogelijke ongebruikelijke gerelateerde inconstitenties binnen het bestandssyteem van het Buiten Volume). Neem daarom in overweging een nieuw VeraCrypt volume aan te maken (met Snelformatteren uitgeschakeld) en de bestanden van dit volume naar het nieuwe volume te verplaatsen; dit volume moet beveiligd gewist worden (zowel het Buiten als het Verborgen gedeelte). We raden u sterk aan de computer nu opnieuw op te starten. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + Wanneer een verborgen operating system draait kunnen locale ongecodeerde bestandssystemen en niet-verborgen VeraCrypt volumes alleen als read-only worden gekoppeld (data schrijven onmogelijk).\n\nData kunnen dan slechts worden geschreven naar bestanden in een Verborgen VeraCrypt Volume (indien dit verborgen volume NIET is geplaatst in een container in een ongecodeerd bestandssysteem of een read-only bestandssysteem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Als u veilig bestanden wilt kopieren van het lokvogel system naar het verborgen systeem, volg dan deze stappen. 1) Start het lokvogel systeem. 2) Sla de bestanden op in een ongecodeerd volume of een normaal/buiten VeraCrypt Volume. 3) Start het verborgen systeem. 4) Als u de bestanden op een TryeCrypt Volume opsloeg, koppel dit (het wordt automatisch gekoppeld als read-only). 5) Kopieer de bestanden naar de verborgen systeem partitie of een ander verborgen volume. + Uw computer moet opnieuw gestart worden.\n\nWilt u nu herstarten? + Er trad een fout op tijdens een poging de systeem codeer status op te halen. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Applicatie componenten voor systeem codering kunnen niet geïnitialiseerd worden. + Het programma heeft de initialisatie van de random nummer generator niet kunnen voltooien! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Het programma heeft de initialisatie niet kunnen voltooien. Het registreren van de 'Dialog Class' is mislukt. + Fout: Laden van Rich Edit systeem library mislukt. + VeraCrypt Volume Aanmaak Wizard + De maximaal mogelijke grootte voor dit Verborgen Volume is %.2f bytes. + De maximaal mogelijke grootte voor dit Verborgen Volume is %.2f KB. + De maximaal mogelijke grootte voor dit Verborgen Volume is %.2f MB. + De Maximaal mogelijke grootte voor dit Verborgen Volume is %.2f GB. + De Maximaal mogelijke grootte voor dit Verborgen Volume is %.2f TB. + Volume wachtwoord/sleutelbestanden kunnen niet worden gewijzigd als het volume is gekoppeld. A.u.b. eerst het volume ontkoppelen. + Het Header Key Afleidingsalgoritme kan niet worden gewijzigd als het volume gekoppeld is. A.u.b. eerst het volume ontkoppelen. + Koppe&l + Een nieuwere versie van VeraCrypt is vereist om dit volume te kunnen koppelen. + Error: Volume Aanmaak Wizard niet gevonden.\n\nOvertuig u ervan dat het bestand 'VeraCrypt Format.exe' zich in de map bevindt waaruit ook 'VeraCrypt.exe' werd gestart. Als dit niet het geval is, herinstalleer dan VeraCrypt, of zoek 'VeraCrypt Format.exe' op uw schijf en start het. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + Vol&gende > + &Beëindig + I&nstalleer + U&itpakken + Kan geen verbinding maken met het VeraCrypt apparaat stuurprogramma. VeraCrypt kan niet werken als dit stuurprogramma niet gestart is.\n\nDoor de eigenschappen van Windows kan het nodig zijn uit te loggen of het systeem te herstarten voordat het apparaatstuurprogramma kan worden geladen. + Error ontstaan tijdens laden/voorbereiden lettertypes. + De stations letter is niet gevonden of er is geen stations letter opgegeven. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Geen stations letter beschikbaar. + Geen bestand geselecteerd! + Geen Stations letters beschikbaar. + Geen vrije stations letter gevonden voor het Buiten Volume! Aanmaak Volume kan niet doorgaan. + Het was niet mogelijk de versie van uw operating systeem te herkennen. Het kan mogelijk zijn dat u een niet-ondersteund operating systeem gebruikt. + Geen pad geselecteerd! + Niet genoeg ruimte om volume aan te maken! Aanmaken van Volume kan niet worden voortgezet. + Fout: De bestanden die u naar buiten volume kopieerde nemen te veel plaats in. Daarom is hier te weinig ruimte overgebleven voor het verborgen volume.\n\nHet verborgen volume dient even groot dient te zijn als de systeem partitie (de partitie waar het nu actieve operating systeem (OS) staat). De reden is dat het verborgen OS wordt aangemaakt door de inhoud van de system partitie naar het verborgen volume te kopieren).\n\n\nAanmaak van verborgen OS gestopt. + Het volume kan niet ontkoppeld worden. Sommige bestanden in het volume zijn waarschijnlijk nog geopend. + Het was niet mogelijk het volume te locken (exclusief te gebruiken). Er zijn nog bestanden in gebruik op het volume. Daarom kan het volume niet ontkoppeld worden. + VeraCrypt kan volume niet sluiten omdat het in gebruik is door het systeem of programma’s (er kunnen geopende bestanden op het volume aanwezig zijn).\n\nWilt u ontkoppeling van het volume forceren? + Selecteer een VeraCrypt Volume + Geef een Pad en Bestandsnaam op + Selecteer PKCS #11 Library + Te weinig geheugen + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + WAARSCHUWING: Het bestand '%s' bestaat reeds!\n\nBELANGRIJK: VERACRYPT ZAL DIT BESTAND NIET CODEREN MAAR VERWIJDEREN. Bent u er zeker van dat u het bestand wilt verwijderen en vervangen door een nieuwe VeraCrypt bestandscontainer? + VOORZICHTIG: ALLE BESTANDEN DIE MOMENTEEL AANWEZIG ZIJN OP DE GESELECTEERDE %s '%s'%s ZULLEN WORDEN GEWIST EN ZIJN VERLOREN (ZIJ ZULLEN NIET GECODEERD WORDEN)!\n\nBent u er zeker van dat u door wilt gaan met formatteren? + LET OP: U kunt het volume niet koppelen en hebt dus geen toegang tot de bestanden totdat het coderen klaar is.\n\nWilt u starten met coderen van het geslecteerde %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + LET OP: Indien de spanning onderbroken wordt, of het operating systeem loopt onverhoopt vast door een soft/hardware fout tijdens de Op-De-Plaats Codering, dan kan hierdoor data verminkt raken of verloren gaan! Wij raden u daarom aan alvorens het coderen te starten, een deugdelijke back-up van de te coderen data te maken.\n\nHeeft u een back-up gemaakt? + VOORZICHTIG: ALLE BESTANDEN OP DE PARTITIE '%s'%s (DE EERSTE PARTITIE ACHTER DE SYSTEEM PARTITIE) WORDEN GEWIST (ZE WORDEN NIET GECODEERD)!\n\nBent u er zeker van dat u wilt formatteren? + WAARSCHUWING! DE GESELECTEERDE PARTITIE BEVAT VEEL DATA! Alle bestanden op deze partitie zullen worden gewist (ze worden NIET gecodeerd)! + Wis alle bestanden op de partitie door er een VeraCrypt Volume aan te maken + Wachtwoord + PIM + Creëer Header Key Afwijkingsalgoritme + Toevoegen/Verwijderen Sleutelbestanden aan/van Volume + Verwijder Alle Sleutelbestanden van Volume + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + BELANGRIJK: Als u uw VeraCrypt Reddingsschijf nog heeft, kan uw systeempartitie/schijf nog gedecodeerd worden met het oude wachtwoord (door op te starten met deze Reddingsschijf en het oude wachtwoord in te geven.) U dient een nieuwe Reddingsschijf aan te maken en dan de oude te vernietigen.\n\nWilt u een nieuwe Reddingsschijf maken? + Merk op dat uw VeraCrypt Reddingsschijf nog steeds het vorige algoritme gebruikt. Als u het vorige algoritme als onveilig beschouwt, maak dan een nieuwe VeraCrypt Reddingsschijf aan en vernietig daarna de oude.\n\nWilt u een nieuwe VeraCrypt Reddingsschijf aanmaken? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Sleutelbestand(en) met succes toegevoegd/verwijderd. + Sleutelbestand geëxporteerd. + Header Key Afleidingsalgoritme met succes gecreëerd. + Geef a.u.b. wachtwoord en/of sleutelbestand(en) voor het niet-systeem volume waarvan u de Op-De-Plaats coderings wilt hervatten.\n\nNadat u op Volgende heeft gedrukt, zal VeraCrypt proberen alle niet-systeemvolumes te vinden waarvan de codering is onderbroken en waarop het verstrekte wachtwoord en/of de sleutelbestand(en) van toepassing zijn. Indien meer dan één zo’n volume wordt gevonden, dient u het juiste in de volgende stap te selecteren. + Selecteer a.u.b. een van de getoonde volumes. De lijst bevat ieder toegankelijk niet-syteem volume waarvan de codering is onderbroken en waarop het verstrekte wachtwoord en/of sleutelbestand(en) van toepassing zijn. + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + Het is erg belangrijk dat u een goed wachtwoord kiest. U dient een wachtwoord te vermijden dat bestaat uit een of meerdere woorden die kunnen worden teruggevonden in een woordenboek. Ook moeten eigennamen en geboortedata vermeden worden, evenmin mag het makkelijk te raden zijn. We raden u dringend een willekeurige combinatie van hoofd- en kleine letters, nummers en speciale karakters (zoals @ ^ = $ * +) aan. Het is heel belangrijk dat het meer dan 20 karakters telt (hoe langer hoe beter). The maximaal mogelijke lengte is 64 karakters. + Kies een wachtwoord voor het Verborgen Volume. + Kies een wachtwoord voor het verborgen operating systeem (d.w.z. verborgen volume). + BELANGRIJK: Het wachtwoord dat u in deze stap koos voor het verborgen operating systeem dient flink verschillend te zijn van de andere twee wachtwoorden (de wachtwoorden voor het buitenvolume en voor het lokvogel operating systeem). + Kies hier een wachtwoord voor het Buitenvolume waarin u een Verborgen Volume wilt aanmaken.\n\nNadat u op Volgende hebt gedrukt, zal VeraCrypt proberen het Volume te koppelen. Zodra dit is gebeurd zal de cluster bitmap van het volume worden gescand om de grootte van het aaneengesloten stuk vrije ruimte te bepalen (indien aanwezig) waarvan het einde samenvalt met het Buiten Volume. Deze ruimte zal het Verborgen Volume huisvesten en daarmee meteen de maximale grootte ervan beperken. De Cluster map scan is nodig om ervan te verzekeren dat geen data op het Buiten Volume zullen worden overschreven door het Verborgen Volume. + \nKiest u a.u.b. een wachtwoord voor het Buiten Volume. Dit wachtwoord kunt u onthullen aan een evt. vijand indien deze u geen andere keuze laat.\n\nBELANGRIJK: Dit wachtwoord dient verschillend te zijn van het wachtwoord dat u later zult gaan kiezen voor het Verborgen Binnen Volume.\n\nNoot: De maximaal mogelijke lengte voor een wachtwoord is 64 karakters. + Kies a.u.b. een wachtwoord voor het buiten volume. Dit wachtwoord zult u kunnen onthullen aan eenieder die u dwingt de toegang kenbaar te maken tot de eerste partitie achter de systeem partitie, waar zowel een buitenvolume en een verborgen volume (met het verborgen operating systeem (OS)) in aanwezig zijn. Het verborgen volume en dus het verborgen OS zullen dan geheim blijven. Merk op dat dit wachtwoord niet dient voor het lokvogel OS.\n\nBELANGRIJK: Het wachtwoord dient flink te verschillen van hetgeen u kiest voor het verborgen volume (d.w.z. het verborgen OS). + Buiten Volume Wachtwoord + Verborgen Volume Wachtwoord + Wachtwoord voor Verborgen Operating Systeem + Waarschuwing: Korte wachtwoorden zijn makkelijk te kraken m.b.v. brute kracht technieken!\n\nWij raden een wachtwoord aan dat uit meer dan 20 tekens bestaat. Bent u er zeker van dat u een kort wachtwoord wilt? + Volume Wachtwoord + Verkeerd wachtwoord of het is geen VeraCrypt volume. + Verkeerde sleutel(s) en/of wachtwoord of het is geen VeraCrypt volume. + Verkeerde koppel modus, verkeerd wachtwoord, of dit is geen VeraCrypt volume. + Verkeerde koppel modus, verkeerd(e) sleutelbestand(en) en/of wachtwoord, of dit is geen VeraCrypt volume. + Verkeerd wachtwoord of geen VeraCrypt volume gevonden. + Incorrect Sleutelbestand(en)/wachtwoord of geen VeraCrypt volume gevonden. + \n\nWaarschuwing: Caps Lock staat aan. Dit kan er de oorzaak van zijn dat u het wachtwoord verkeerd ingeeft. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + Indien u de bescherming instelt voor een verborgen volume met daarin een verborgen system, gebruik dan de standaard US toetsenbord layout bij het typen van het wachtwoord voor het verborgen volume. Dit is noodzakelijk omdat het wachtwoord in de pre boot omgeving (voordat Windows start) moet worden ingegeven waar niet-US toetsenbord layouts NIET beschikbaar zijn. + VeraCrypt vond geen volume waarop niet-systeem codering werd onderbroken en waarop het verstrekte wachtwoord en/of sleutelbestanden(en) van toepassing zijn.\n\nControleer of het ingegeven wachtwoord en/of sleutelbestand(en) juist zijn en of de partitie/volume niet gebruikt wordt door het systeem of programma’s (bijv. een antivirus programma). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNoot: Als u probeert een partitie te koppelen die is gelegen op een systeem schijf zonder pre-boot authenticatie of probeert de gecodeerde system partitie te koppelen van een operating systeem dat niet draait, dan doet u dit door te selecteren 'Systeem' > 'Koppel Zonder Pre-Boot Authenticatie'. + In deze modus kunt u geen partitie koppelen die aanwezig is op een schijf die momenteel actief gecodeerd wordt.\n\nVoordat u deze partitie kunt koppelen in deze modus, dient u op te starten met een operating systeem vanaf een andere schijf (gecodeerd of ongecodeerd) òf op te starten met een ongecodeerd operating systeem. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Terug + Niet in staat om een lijst te maken van de ongebruikte stukken harddisk (raw devices) op uw systeem! + Het volume '%s' bestaat, en is geregistreerd voor alleen-lezen. Bent u er zeker van dat u het wilt vervangen? + Selecteer bestemmingsdirectory + Selecteer Sleutelbestand + Selecteer een sleutelbestand zoekpad. WAARSCHUWING: Alleen het pad wordt onthouden, niet de bestandsnamen! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Ontworpen door Ross Anderson, Eli Biham, en Lars Knudsen. Gepubliceerd in 1998. 256-bit sleutel, 128-bit blok. Operatiemodus is XTS. Serpent was een van de AES finalisten. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Buiten Volume Grootte + Verborgen Volume Grootte + Controleer a.u.b. of de grootte van het door u opgegeven apparaat/partitie die hierboven staat correct is en klik dan op Volgende. + Het buiten én verborgen volume (met het verborgen operating system) zullen te vinden zijn in bovenvermelde partitie. Dit zou de eerste partitie moeten zijn ná de systeem partitie.\n\nControleer of de grootte van de partitie en het nummer ervan correct zijn en als dit zo is, klik op Volgende. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Volume Grootte + Dynamisch + VOORZICHTIG: ZELF-TEST MISLUKT! + Zelf-test van alle algoritmes succesvol + Het data eenheid nummer dat u heeft opgegeven is te lang of te kort. + De secundaire sleutel die u heeft opgegeven is te lang of te kort. + De test codetekst die u hebt opgegeven is te lang of te kort. + De test sleutel die u hebt opgegeven is te lang of te kort. + De test plattetekst die u hebt opgegeven is te lang of te kort. + Twee codes in cascade die opereren in XTS modus. Ieder blok wordt eerst gecodeerd met %s (%d-bit sleutel) en daarna met %s (%d-bit sleutel). Iedere code gebruikt zijn eigen sleutel. Alle sleutels zijn wederzijds onafhankelijk. + Drie codes in cascade die opereren in XTS modus. Ieder blok wordt eerst gecodeerd met %s (%d-bit sleutel), daarna met %s (%d-bit sleutel), en uiteindelijk met %s (%d-bit sleutel). Iedere code gebruikt zijn eigen sleutel. Alle sleutels zijn wederzijds onafhankelijk. + Afhankelijk van de operating system instellingen, kunnen auto-run en auto-koppel mogelijk alleen werken als de traveler disk bestanden zijn aangemaakt op een niet beschrijfbaar CD/DVD-ahtig medium. Dit is geen fout in VeraCrypt maar een beperking in Windows. + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt Traveler Disk + Ontworpen door Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, en Niels Ferguson. Gepubliceerd in 1998. 256-bit sleutel, 128-bit blok. Operatiemodus is XTS. Twofish was een van de AES finalisten. + Meer informatie over %s + Onbekend + An unspecified or unknown error occurred (%d). + Sommige volumes bevatten bestanden of mappen die in gebruik zijn door het systeem of programma's.\n\nOntkoppeling forceren? + &Ontkoppel + Ontkoppeling mislukt! + Het volume bevat bestanden of mappen die in gebruik zijn door het systeem of programma's.\n\nForceer ontkoppeling? + No volume is mounted to the specified drive letter. + Het volume dat u probeert te koppelen is reeds gekoppeld. + Een fout is opgetreden bij de poging het volume te koppelen. + Fout bij het zoeken van een locatie binnen het volume. + Fout: Verkeerde grootte van het volume. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Een dynamische container is een pre-gealloceerde NTFS sparse file waarvan de fysieke grootte (feitelijke gebruikte diskruimte) groeit naarmate data worden toegevoegd.\n\nWAARSCHUWING:De performance van volumes, ondergebracht in sparse-files is beduidend slechter dan van normale volumes. Daarnaast zijn ze ook minder veilig omdat na te gaan is welke sectoren van het volume ongebruikt zijn. Daarnaast kunnen ze geen aannemelijke ontkenbaarheid verschaffen. Ook kan het gecodeerde bestandssysteem corrupt raken wanneer er data geschreven worden naar een sparse-file container en er geen ruimte beschikbaar is in het huisvestende bestandssysteem.\n\nWeet u zeker dat u een volume wilt aanmaken dat ondergebracht is in een sparse-file? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt kan het wachtwoord van een vreemd volume niet veranderen. + Selecteer a.u.b. een vrije stationsletter uit de lijst. + Selecteer a.u.b. een gekoppeld volume uit de lijst met stationsletters. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Fout: kan autorun.inf niet maken + Fout bij het verwerken van het sleutelbestand! + Fout bij het verwerken van het pad van sleutelbestanden! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt ondersteund dit besturingssysteem niet. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Fout: Kan geheugen niet toewijzen. + Fout: Kon de waarde van de performance-teller niet achterhalen. + Fout: Slecht volume format. + Fout: u gaf een wachtwoord voor een verborgen i.p.v. een normaal volume. + Om veiligheidsredenen kan een verborgen volume niet gemaakt worden in een VeraCrypt volume met daarin een bestandssyteem dat Op-De-Plaats is gecodeerd (de vrije ruimte ervan is nml. niet willekeurig overschreven). + VeraCrypt - Juridische Informatie + Alle Bestanden + VeraCrypt Volumes + Library Modules + NTFS formatteren kan niet worden voorgezet. + Kan volume niet koppelen. + Kan volume niet ontkoppelen. + Windows kon het volume niet als NTFS formatteren.\n\nSelecteer a.u.b. een ander type bestandssysteem (indien mogelijk) en probeer het opnieuw. Als een alternatief kunt u het volume ongeformatteerd laten (seleceer 'geen' als het bestandssysteem), beëindig de wizard, koppel het volume en formatteer het volume dan via het systeem of met een formatteer programma van een derde (het volume blijft gecodeerd). + Windows kon het volume niet als NTFS formatteren.\n\nWilt u het in plaats hiervan als FAT formatteren? + Standaard + partitie + PARTITIE + Apparaat + apparaat + APPARAAT + Volume + volume + VOLUME + Label + De geselecteerde clustergrootte is te klein gezien de grootte van dit volume. Een grotere cluster-grootte zal worden gebruikt. + Fout: Kan de volumegrootte niet lezen!\n\nOvertuig u ervan dat het geselecteerde volume niet wordt gebruikt door het systeem of een programma. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + De VeraCrypt Volume Aanmaak Wizard kan een Verborgen Volume alleen aanmaken binnen een FAT of NTFS volume. + Onder Windows 2000 kan de VeraCrypt Volume Aanmaak Wizard alleen maar een Verborgen Volume aanmaken binnen een FAT volume. + Noot: Het FAT bestandssysteem is meer geschikt voor buitenvolumes dan het NTFS bestandssysteem. (De maximum grootte van het verborgen volume zal bijv. veel groter zijn als het buitenvolume geformatteerd is onder FAT). + Merk op dat het FAT bestandssysteem geschikter is voor buitenvolumes dan het NTFS systeem. De maximum grootte van het verborgen volume zal waarschijnlijk veel groter zijn als het buitenvolume geformatteerd is onder FAT. De reden hiervoor is dat het NTFS systeem zijn meta-data altijd opslaat in het midden van het volume en dat daarom het verborgen volume alleen hierachter kan worden aan gemaakt.\n\nBent u er zeker van dat u het buitenvolume wilt formatteren als NTFS? + Wilt u het volume formatteren als FAT? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Fout: De partitie voor het verborgen operating system (OS) (dit is de eerste partitie achter de systeempartitie) moet minstens 5% groter zijn dan de systeempartitie (dit is de partitie waarop het nu actieve OS staat). + Fout: De partitie voor het verborgen operating system (dit is de eerste partitie achter de system partitie) moet minstens 110% (2.1 maal) groter zijn dan de systeem partitie (dit is de partitie waarop het operating systeem staat dat nu draait). De reden is dat het NTFS bestandssysteem haar meta-data altijd precies in het midden van het volume opslaat en dat daardoor het verborgen volume, dat een kloon is van de systeempartitie, alleen maar een plekje kan vinden in de tweede helft van de partitie). + Fout: als het buiten volume is geformatteerd als NTFS, moet het minstens 110% (2.1 maal) groter zijn dan de systeem partitie. De reden is dat het NTFS systeem haar meta- data precies in het midden van het volume opslaat en dat daardoor het verborgen volume (waarin een kloon van de systeem partitie moet passen) slechts op de tweede helft van het buitenvolume kan staan.\n\nNoot: Het buitenvolume dient op dezelfde partitie te staan als het verborgen operating systeem (de eerste partitie na de systeem partitie). + Fout: Er bevindt zich geen partitie na de systeem partitie.\n\nMerk op dat u, voor de aanmaak van het verborgen operating systeem, eerst een partitie op de systeemschijf dient aan te maken. Deze partitie moet de éérste partitie zijn na de systeem partitie en moet minstens 5% groter zijn dan de systeem partitie (dit is de partitie waar het operating systeem staat dat nu draait). Echter, als het buitenvolume (niet te verwarren met de systeem partitie) als NTFS wordt geformatteerd, moet de partitie voor het verborgen operating systeem minstens (let op!) 110% (2.1 maal) groter zijn dan de systeem partitie (de reden hiervoor is dat het NTFS bestands systeem haar meta-data altijd opslaat precies in het midden van het volume, hierdoor kan het verborgen volume, waarin een kloon van de systeem partitie moet passen, slechts op de tweede helft van de partitie staan). + Opmerking: Het is niet praktisch (dus niet ondersteund) operating systemen te installeren in twee TryeCrypt Volumes binnen één partitie, omdat het gebruik van het buitenste systeem vaak data schrijven tot gevolg heeft in het gebied van het verborgen operating systeem. Als zulke schrijfacties worden gestopt door het gebruik van verborgen volume bescherming, zou dit zeker een crash tot gevolg hebben (een Blauw Scherm). + Voor informatie over het maken en beheren van een partitie kunt u zich wenden tot de documentatie bij uw operating systeem of neem contact op met de technische helpdesk van uw computerverkoper. + Fout: Het nu actieve operating systeem staat niet op de boot partitie (eerste Actieve partitie). Dit wordt niet ondersteund. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Fout: Toegang tot volume niet mogelijk!\n\nControleer of het geselecteerde volume bestaat, dat het niet is gekoppeld of wordt gebruikt door het systeem of een ander programma, dat er lees en schrijfbevoegdheid aanwezig is voor het volume, en dat het niet beschermd is tegen schrijven. + Error: Cannot obtain volume properties. + Fout: Het is onmogelijk toegang tot het volume te krijgen of er informatie over te verkrijgen.\n\nOvertuig u ervan dat dit volume bestaat, dat het niet wordt gebruikt door het systeem of programma’s, dat u lees/schrijf toegang ertoe hebt en dat het niet schrijf beveiligd is. + Fout: Het is onmogelijk toegang tot het volume te krijgen of er informatie over te verkrijgen.\n\nOvertuig u ervan dat dit volume bestaat, dat het niet wordt gebruikt door het systeem of programma’s, dat u lees/schrijf toegang ertoe hebt en dat het niet schrijf beveiligd is.\n\nIndien dit probleem blijft bestaan, volg evt. de volgende stappen. + Een fout verhinderde VeraCrypt de partitie te coderen. Los evt. eerder gerapporteerde fouten op en probeer het dan opnieuw. Als het probleem blijft bestaan probeer dan de volgende stappen. + Een fout verhinderde VeraCrypt het codering proces van de partitie te hervatten.\n\nLos evt. eerder gerapporteerde fouten op en probeer het proces dan te hervatten. Noot: het volume kan niet gekoppeld worden tenzij het volledig gecodeerd is. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Fout: Het Buiten Volume kan niet ontkoppeld worden!\n\nEen volume kan niet ontkoppeld worden als het bestanden of mappen bevat die worden gebruikt door een programma of het systeem.\n\nSluit u alstublieft ieder programma dat bestanden of mappen zou kunnen gebruiken op het volume en klik op Opnieuw. + Fout: Kan geen informatie verkrijgen over het Buiten Volume! Volume aanmaak kan niet doorgaan. + Fout: Het Buiten Volume kan niet bereikt worden! Volume aanmaak kan geen doorgang vinden. + Fout: Het Buiten Volume kan niet gekoppeld worden! Volume aanmaak kan geen doorgang vinden. + Fout: De Volume Cluster Bitmap kan niet gelezen worden! Volume aanmaak kan geen doorgang vinden. + Alfabetisch/Gecategoriseerd + Gemiddelde snelheid (Aflopend) + Algoritme + Codering + Decodering + Gemiddeld + Station + Grootte + Codering Algoritme + Codering Algoritme + Type + Waarde + Eigenschap + Locatie + bytes + Verborgen + Buitenste + Normaal + Systeem + Verborgen (systeem) + Alleen-Lezen + Systeem schijf + Systeem schijf (coderen - %.2f%% gereed) + Systeem schijf (decoderen - %.2f%% gereed) + Systeem schijf (%.2f%% gecodeerd) + Systeem partitie + Verborgen systeem partitie + Systeem partitie (coderen - %.2f%% gereed) + Systeem partitie (decoderen - %.2f%% gereed) + Systeem partitie (%.2f%% gedecodeerd) + Ja (Schade Voorkomen!) + Geen + Primaire Key Grootte + Secondaire Key Grootte (XTS Mode) + Tweak Key Grootte (LRW Mode) + bits + Blok Grootte + PKCS-5 PRF + PKCS-5 Iteratie Teller + Volume Aangemaakt + Header Laatst Aangepast + (%I64d dagen geleden) + Volume Format Versie + Embedded Back-up Header + VeraCrypt Boot Loader Version + eerst beschikbare + Verwisselbare Schijf + Harde schijf + Onveranderd + Autodetection + Wizard Modus + Selecteer een van de modi. Als u niet zeker bent welke te kiezen, neem de standaard modus. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Setup Opties + Hier kunt u verschillende opties instellen om het installatieproces te controleren. + Installeren + Wacht u a.u.b. terwijl VeraCrypt wordt geïnstalleerd. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Uitpak Opties + Hier kunt u opties kiezen om het uitpakproces te controleren. + Wacht a.u.b. terwijl de bestanden worden uitgepakt. + Files successfully extracted + Alle bestanden zijn met succes uitgepakt naar de bestemmingslocatie. + Als de opgegeven map niet bestaat, wordt deze automatisch aangemaakt. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Wilt u release notes zien voor de huidige (laatste stabiele) versie van VeraCrypt? + Als u nog nooit eerder VeraCrypt heeft gebruikt, raden we u aan het hoofdstuk Beginner's Tutorial in de VeraCrypt Gebruikershandleiding te lezen. Wilt u deze tutorial zien? + Wilt u a.u.b. een van de volgende te verrichten acties selecteren: + Repareer/Herinstalleer + Upgrade + Deïnstalleer + Om VeraCrypt met succes te kunnen de/installeren dient u administrator rechten te hebben. Wilt u doorgaan? + De VeraCrypt Installer verzorgt op dit systeem op dit moment een installatie of update van VeraCrypt. Alvorens verder te gaan, wacht totdat deze is beëindigd of afgesloten. Indien afsluiten niet lukt, herstart dan de computer alvorens verder te gaan. + Installatie mislukt. + Deïnstallatie mislukt. + Dit installatiebestand is beschadigd. Wilt u het a.u.b. opnieuw downloaden (bij voorkeur van de officiële VeraCrypt website op https://veracrypt.codeplex.com). + Kan niet schrijven bestand %s + Uitpakken + Kan geen data lezen in het installatiebestand. + Kan de integriteit van het installatiebestand niet vaststellen. + Uitpakken mislukt. + De installatie heeft een roll-back ondergaan. + VeraCrypt is met succes geïnstalleerd. + Update van VeraCrypt was succesvol. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt is met succes gedeinstalleerd.\n\nKlik 'Sluiten' om de VeraCrypt installer en de map te verwijderen %s. Merk op dat de map niet wordt verwijderd indien er zich bestanden in bevinden die niet door de VeraCrypt installer zijn aangebracht, of die niet zijn aangemaakt door VeraCrypt. + Verwijderen VeraCrypt register gegevens + Toevoegen register gegeven + Verwijderen applicatie-specifieke data + Installeren + Aan het stoppen + Aan het verwijderen + Icoon aan het toevoegen + Systeem herstel punt aan het maken + Maken van systeem herstelpunt niet gelukt! + Updaten boot lader + Installeren mislukt van '%s'. %s Wilt u doorgaan met installeren? + Deïnstalleren mislukt van '%s'. %s Wilt u doorgaan met deïnstalleren? + Installatie voltooid. + De directory '%s' kon niet gemaakt worden + Het VeraCrypt apparaat stuurprogramma kan niet worden beëindigd.\n\nSluit alstublieft alle geopende VeraCrypt schermen eerst. Als dit niet helpt, herstart dan Windows en probeer het opnieuw. + Alle VeraCrypt volumes moeten worden ontkoppeld voordat u VeraCrypt kunt installeren of deinstalleren. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + Het toevoegen van gegevens aan het register is mislukt. + Het installeren van het apparaatstuurprogramma is mislukt. Herstart Windows alstublieft en probeer daarna VeraCrypt opnieuw te installeren. + Starten VeraCrypt apparaat stuurprogramma + Deïnstallatie van het apparaat stuurprogramma is mislukt. Merk op dat, door de eigenschappen van Windows, het nodig kan zijn uit te loggen of de computer opnieuw op te starten voordat het apparaat stuurprogramma kan worden gedeïnstalleerd of herinstalleerd. + Installeren van het VeraCrypt apparaat stuurprogramma. + Stoppen van het VeraCrypt apparaat stuurprogramma. + Deinstalleren van het VeraCrypt apparaat stuurprogramma. + Registratie van de User Account Control Support Library is mislukt. + Registratie ongedaan maken van de User Account Control Support Library is mislukt. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Waarschuwing: Dit exemplaar van de Volume Aanmaak Wizard heeft administrator rechten.\n\nUw nieuwe volume zou aangemaakt kunnen worden met rechten die u niet toe zullen staan naar het volume te schrijven na koppeling. Als u dit wilt vermijden, sluit dan deze Volume Aanmaak Wizard en start een nieuw exemplaar zonder administrator rechten.\n\nWilt u dit exemplaar van de Volume Aanmaak Wizard sluiten? + Fout: Kan licentie niet op scherm vertonen. + Buiten(!) + dagen + uren + minuten + s + Open + Ontkoppel + Toon VeraCrypt + Verberg VeraCrypt + Data gelezen sinds koppeling + Data geschreven sinds koppeling + Gecodeerd Deel + 100% (geheel gecodeerd) + 0% (niet gecodeerd) + %.3f%% + 100% + Wachtend + Preparatie + Grootte aanpassen + Coderen + Decoderen + Afronden + Gepauzeerd + Einde + Fout + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Voer wachtwoord in voor %s + Enter password for '%s' + Geef wachtwoord voor het normale/buiten volume + Geef wachtwoord voor het verborgen volume + Geef wachtwoord voor header opgeslagen in de back-up + Sleutelbestand is aangemaakt. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WAARSCHUWING: De header van dit volume is beschadigd! VeraCrypt heeft automatisch de back-up ervan gebruikt die was opgeslagen in het volume.\n\nU dient de volume header te repareren d.m.v. het tool ‘Herstel Volume Header’. + Volume Header backup is met succes aangemaakt.\n\nBelangrijk: Het herstellen van de Volume Header door deze backup te gebruiken zal ook het huidige wachtwoord herstellen. Verder, als nu sleutelbestanden nodig zijn om het volume te koppelen, zullen dezelfde sleutelbestanden weer nodig zijn om te koppelen als de Volume Header is hersteld via het terugzetten van deze backup.\n\nWAARSCHUWING: Deze Volume Header backup kan uitsluitend worden gebruikt om de header van DIT volume te herstellen. Indien u deze header backup gebruikt om een ander Volume te herstellen, zult u daarna het volume kunnen koppelen, maar zult u niet in staat zijn enige data die op dit volume zijn opgeslagen te lezen (omdat u de master key dan heeft veranderd). + De Volume Header is succesvol hersteld.\n\nBELANGRIJK: Neemt u er nota van dat een oud wachtwoord ook hersteld kan zijn. Verder, de sleutelbestanden die nodig waren om het volume te koppelen toen de backup werd gemaakt, zijn nu, na het terugzetten van deze backup, weer nodig om het volume te koppelen. + Om veiligheidsredenen dient u het juiste wachtwoord en/of sleutelbestanden te geven voor het volume.\n\nNoot: Als het volume een verborgen volume bevat, dient u eerst het juiste wachtwoord en/of sleutelbestanden te geven voor het buiten volume. Daarna, als u een back-up wilt maken van de header van het verborgen volume zult u het juiste wachtwoord en/of sleutelbestanden dienen te geven voor het verborgen volume. + Bent u zeker dat u een back-up wilt maken van de volume header voor %s?\n\nNadat u op Ja hebt geklikt zal u om een bestandsnaam gevraagd worden voor deze back-up.\n\nNoot: zowel de standaard als de verborgen volume headers zullen worden gehercodeerd met een nieuwe salt en opgeslagen in het back-up bestand. Indien er in het volume geen verborgen volume is, zal de ruimte die gereserveerd is voor de verborgen volume header in het back-up bestand worden gevuld met random data (om de aannemelijke ontkenbaarheid te bewaren). Als u een volume header gaat terugzetten uit een backup bestand zult u het wachtwoord en/of sleutelbestanden dienen te verstrekken zoals die waren toen de back-up werd gemaakt. Dit wachtwoord en/of sleutelbestanden zullen dan ook automatisch het type header dat teruggezet moet worden vaststellen (standaard of verborgen, merk op dat VeraCrypt dit vaststelt d.m.v. trail and error). + Bent u er zeker van dat u de Volume Header van %s wilt herstellen?\n\nWAARSCHUWING: Het herstellen van de Volume Header herstelt ook het Volume wachtwoord dat gold toen de backup werd gemaakt. Meer, indien er sleutelbestanden nodig waren om het volume te koppelen toen de backup werd gemaakt, zullen dezelfde sleutelbestanden nu weer nodig zijn, na het terugzetten van de backup van de volume header.\n\nNadat u op Ja heeft geklikt, kunt u het backup bestand van de Header selecteren. + Bevat het volume een verborgen volume? + Het volume bevat een verborgen volume + Het volume bevat geen verborgen volume + Geef a.u.b. het gewenste type volume header back-up aan: + Herstel de volume header vanaf de back-up aanwezig in het volume + Herstel de volume header vanaf een extern back-up bestand + De grootte van het volume header back-up bestand is incorrect. + Er is geen back-up van de header aanwezig in dit volume (alleen volumes aangemaakt door VeraCrypt 6.0 of later bevatten back-up headers). + U probeert een backup te maken van de header van de systeem partitie/schijf. Dit is niet toegestaan. Backup/restore operaties van de systeem partitie/schijf kunnen alleen worden uitgevoerd m.b.v. de VeraCrypt Reddingsschijf.\n\nWilt u een VeraCrypt Reddingsschijf aanmaken? + U probeert de header terug te zetten van een virtueel VeraCrypt volume maar u selecteerde de systeem partitie/schijf. Dit is niet toegestaan. Backup/restore operaties van de systeem partitie/schijf kunnen alleen worden uitgevoerd m.b.v. de VeraCrypt Reddingsschijf.\n\nWilt u een VeraCrypt Reddingsschijf aanmaken? + Nadat u op OK heeft geklikt, kunt u een bestandsnaam en opslaglocatie uitkiezen voor het zgn. ISO bestand van de nieuwe VeraCrypt Reddingsschijf. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Breng uw VeraCrypt Reddingsschijf aan in het CD/DVD station en klik op OK om deze te controleren. + De VeraCrypt Reddingsschijf is met succes gecontroleerd. + Kan niet controleren of de Reddingsschijf foutloos is gebrand.\n\nIndien u de Reddingsschijf heeft gebrand, haal de CD/DVD uit het station en breng hem opnieuw aan; daarna opnieuw controleren. Indien dit niet helpt, probeert u a.u.b. een ander brandprogramma en/of andere CD/DVD.\n\nIndien u probeerde een VeraCrypt Reddingsschijf te controleren die is aangemaakt voor een andere Hoofdsleutel, wachtwoord, salt, etc., merk dan op dat een dergelijke Reddingsschijf altijd zal falen in deze controle. Om een nieuwe reddingsschijf aan te maken die volledig compatibel is met uw huidige configuratie, selecteer 'Systeem' > 'Maak Reddingsschijf Aan'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Fout bij het aanmaken van de VeraCrypt Reddingsschijf. + VeraCrypt Reddingsschijf kan niet gemaakt worden als een verborgen operating system draait.\n\nOm een Reddingsschijf te maken, start op van het lokvogel operating syteem en selecteer 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Ontkoppel het volume voordat u verder gaat. + Fout: Kan de timer niet instellen. + Controleer Filesysteem + Repareer Filesysteem + Add to Favorites... + Add to System Favorites... + P&roperties... + Verborgen Volume Beschermd + N.v.t. + Ja + Nee + Disabled + 1 + 2 of meer + Operatie Modus + Label: + Grootte: + Pad: + Stationsletter: + Fout: Een wachtwoord mag alleen zgn. ASCII karakters bevatten.\n\nNiet-ASCII karakters in een wachtwoord kunnen tot gevolg hebben dat het volume niet gekoppeld kan worden als de systeemconfiguratie verandert.\n\nDe volgende karakters zijn toegestaan:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Waarschuwing: Het wachtwoord bevat niet-ASCII karakters. Dit kan tot gevolg hebben dat het volume niet meer gekoppeld kan worden als de systeemconfiguratie verandert.\n\nU wordt dringened aangeraden alle niet-ASCII karakters in het wachtwoord te vervangen door ASCII karakters. Klik hiertoe op 'Volumes' -> 'Verander Volume Wachtwoord'.\n\nDe volgende tekens zijn ASCII karakters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WAARSCHUWING: We raden u sterk aan bestandsextensies te vermijden die gebruikt worden voor uitvoerbare bestanden, zoals .exe, .sys, .dll en andere problematische bestandsextensies. Het gebruik van zulke extensies zorgt ervoor dat Windows en antivirus software zich ongewenst bemoeien met de container, hetgeen de performance van het volume nadelig beïnvloedt en mogelijk andere serieuze problemen veroorzaakt.\n\nWe raden u nogmaals sterk aan deze bestandsextensie te verwijderen of te veranderen (bijv. in '.hc').\n\nBent u er zeker van dat u deze problematische bestandsextensie wilt gebruiken? + WAARSCHUWING: Deze bestandscontainer heeft een bestandsextensie die wordt gebruikt voor uitvoerbare bestanden (zoals .exe, .sys, of .dll), of een andere extensie die vergelijkbaar problematisch is. Deze extensie zal waarschijnlijk voor ongewenste bemoeienis zorgen van Windows en antivirussoftware met deze container, hetgeen de performance van het volume nadelig zal beïnvloeden en mogelijk ook andere serieuzere problemen zal veroorzaken.\n\nWe raden u sterk aan deze extensie te verwijderen of te veranderen (bijv. in '.hc') na ontkoppeling van het volume. + Homepage + WAARSCHUWING: Het blijkt dat u geen Service Pack heeft geïnstalleerd voor Windows. U kunt beter niet schrijven naar IDE schijven groter dan 128 GB onder Windows XP als u geen Service Pack 1 of later heeft geïnstalleerd! Als u dit toch doet kunnen de data op de schijf (onafhankelijk of dit een VeraCrypt volume is of niet) verminkt raken. Noot: dit is een beperking van Windows en geen bug in VeraCrypt. + WAARSCHUWING: Het blijkt dat u geen Service Pack 3 of later heeft geïnstalleerd in Windows. U kunt beter niet schrijven naar IDE schijven groter dan 128 GB onder Windows 2000 als u geen Service Pack 3 of later heeft geïnstalleerd! Als u dit toch doet kunnen de data op de schijf (onafhankelijk of dit een VeraCrypt volume is of niet) verminkt raken. Noot: dit is een beperking van Windows en geen bug in VeraCrypt.\n\nNoot: Het zou kunnen dat u naast de installatie van Service Pack 3 ook de 48-bit LBA ondersteuning in het register dient aan te zetten. Voor meer informatie, kijk op http://support.microsoft.com/kb/305098/EN-US + WAARSCHUWING: 48-bit LBA ATAPI ondersteuning is op uw systeem uitgeschakeld. Daarom wordt u afgeraden data te schrijven naar IDE schijven die groter zijn dan 128 GB! Als u dit toch doet, kunnen de data op de schijf (onafhankelijk of dit een VeraCrypt volume is of niet) verminkt raken. Merk op dat dit een beperking is van Windows en niet van Veracrypt.\n\nOm de 48-bit LBA ondersteuning aan te zetten, dient u de 'EnableBigLba' register waarde toe te voegen aan de registersleutel HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters en deze op 1 te zetten.\n\nVoor meer informatie, zie http://support.microsoft.com/kb/305098 + Fout: bestanden groter dan 4 GB kunnen niet opgeslagen worden op een FAT32 systeem. Daarom kunnen VeraCrypt bestandscontainers, die zijn opgeslagen op een FAT32 systeem, niet groter zijn dan 4 GB.\n\nAls u een groter volume nodig heeft, maak het dan aan op een NTFS systeem (of, als u Windows Vista SP1 of later heeft, op een exFAT systeem) of, codeer een gehele partitie of apparaat. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + Waarschuwing: Als u in de toekomst meer bestanden wilt toevoegen aan het Buiten Volume, zou u misschien beter een kleinere grootte kunnen kiezen voor het Verborgen Volume.\n\nBent u er zeker van dat u wilt doorgaan met de grootte die u hebt ingegeven? + Geen volume geselecteerd.\n\nKlik op 'Selecteer Apparaat' of 'Selecteer Bestand' om een VeraCrypt volume te selecteren. + Geen partitie geselecteerd.\n\nKlik 'Selecteer Apparaat' om een ontkoppelde partitie te selecteren die normaal gesproken pre-boot authenticatie vereist (bijvoorbeeld een partitie gesitueerd op de gecodeerde systeem schijf van een ander operating systeem, dat niet draait, of de gecodeerde systeem partitie van een ander operating systeem).\n\nNoot: De geselecteerde partitie zal worden gekoppeld als een gewoon VeraCrypt volume zonder pre-boot authenticatie. Dit is nuttig bijv. voor backup of reparatie acties. + WAARSCHUWING: Als Standaard Sleutelbestanden zijn geselecteerd en opgeslagen, kunnen volumes die deze sleutelbestanden niet gebruiken onmogelijk meer worden gekoppeld. Daarom dient u, na aanzetten van de optie Standaard Sleutelbestanden, niet te vergeten dit vinkje weer weg te halen bij het vakje "gebruik sleutelbestanden" onder het vakje "laat wachtwoord zien" wanneer u dergelijke volumes wilt gebruiken.\n\nBent u er zeker van de Standaard Sleutelbestanden plus pad op te slaan? + Auto-Koppel Apparaten + Ontkoppel Alles + Wis Cache + Ontkoppel Alles & Wis Cache + Forceer Ontkoppeling Alles & Wis Cache + Forceer Ontkoppeling Alles, Wis Cache & Sluiten + Koppel Favoriete Volumes + Toon/Verberg Algemeen VeraCrypt Venster + (Klik hier en druk op een toets) + Actie + Sneltoets + Error: Deze snelkoppeling mag niet gebruikt worden. Kies een andere. + Error: Snelkoppeling is al in gebruik. + WAARSCHUWING: Een of meer van de VeraCrypt system-brede hot keys zal niet werken!\n\nOvertuigt u zich er van dat het operating systeem en/of andere programma's niet dezelfde hot keys gebruiken als True Crypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + Door een fout of incompatibiliteit kon VeraCrypt het slaapstand bestand niet coderen. Daarom werd de slaapstand niet toegestaan.\n\nNoot: Als een computer in slaapstand gaat wordt de inhoud van het systeem geheugen geschreven naar het slaapstand bestand op de systeem schijf. VeraCrypt zou dan niet kunnen voorkomen dat codeer sleutels en andere gevoelige informatie die in het systeem geheugen aanwezig is ongecodeerd naar dit bestand worden geschreven. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + WAARSCHUWING: Als deze optie wordt uitgeschakeld, kunnen volumes die geopende bestanden/mappen bevatten niet meer automatisch ontkoppeld worden.\n\nBent u er zeker van dat u deze optie wilt uitschakelen? + WAARSCHUWING: Volume bevat geopende bestanden/directories en zal NIET automatisch ontkoppeld worden.\n\nOm dit te voorkomen, vink de volgende optie aan in dit dialoog scherm: 'Forceer auto-ontkoppeling, zelfs als het volume geopende bestanden of directories bevat' + WAARSCHUWING: als de batterij van de notebook bijna leeg is, kan Windows verzuimen de juiste boodschappen te sturen aan draaiende programma’s wanneer de notebook in power-save modus gaat. In zulke gevallen kan VeraCrypt er evt. niet in slagen volumes te auto-ontkoppelen. + U heeft de codering van een partitie/volume gepland in de tijd. Het proces is nog niet voltooid.\n\nWilt u het proces nu hervatten? + U heeft het (de)coderen van de systeem partitie/schijf als proces gepland. Het proces is nog niet voltooid.\n\nWilt u dit proces nu starten (hervatten)? + Wilt u eraan herinnerd worden de geplande codering van niet-systeem partities/volumes te hervatten? + Ja, herinner me + Nee, herinner me niet + BELANGRIJK: Onthoud dat u de codering van elke niet system partitie/volume kunt hervatten door 'Volumes' > 'Hervat Onderbroken Proces' uit het menu van het hoofdscherm van VeraCrypt te kiezen. + U heeft de codering of decodering gepland van de systeem partitie/schijf. Echter, pre-boot authenticatie is mislukt (of werd overgeslagen).\n\nNoot: Als u de systeem partitie/schijf in de pre-boot omgeving decodeerde ,zou u het proces evt. moeten afmaken door te selecteren 'Systeem' > 'Permanent Decoderen Systeem Partitie/Schijf' uit het menu van het hoofdscherm van VeraCrypt. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Sluiten? + VeraCrypt heeft niet voldoende informatie om te kunnen bepalen of het moet coderen of decoderen. + VeraCrypt heeft onvoldoende informatie om te bepalen of het moet coderen of decoderen.\n\nNoot: Als u de systeem partitie/schijf in de pre-boot omgeving decodeerde, zou het nodig kunnen zijn het proces af te maken door te klikken op Decodeer. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Wilt u de codering van de partitie/volume onderbreken en tot een latere tijd uitstellen?\n\nNoot:Onthoud dat het volume niet kan worden gekoppeld totdat het geheel is gecodeerd. U kunt het proces hervatten, dit zal dan starten op de plaats waar u het stopte. U kunt dit zelf doen bijv. door 'Volumes' > 'Hervat Onderbroken Proces' te kiezen uit het menu van het hoofdscherm van VeraCrypt. + Wilt u het coderen van de systeem partitie/schijf onderbreken en uitstellen?\n\nNoot: U zult het proces kunnen hervatten vanaf het punt waar het onderbroken was. U kunt dit bijv. doen door te kiezen voor 'Systeem' > 'Hervat Onderbroken Proces' uit het systeemmenu van het hoofdscherm van VeraCrypt. Indien u het coderen helemaal wilt terugdraaien of beëindigen, selecteer 'Systeem' > 'Permanent Decoderen Systeem Partitie/Schijf'. + Wilt u het decoderen van de systeem partitie/schijf onderbreken en uitstellen?\n\nNoot: U zult het proces kunnen hervatten vanaf het punt waar het onderbroken was. U kunt dit bijv. doen door te kiezen voor 'Systeem' > 'Hervat Onderbroken Proces' uit het systeemmenu van het hoofdscherm van VeraCrypt. Indien u het decoderen helemaal wilt terugdraaien (en met coderen starten), selecteer 'Systeem' > 'Codeer Systeem Partitie/Schijf'. + Fout: Stoppen coderen/decoderen van de systeem partitie/schijf mislukt. + Fout: Onderbreken van het wissen is mislukt. + Fout: Hervatten coderen/decoderen van de systeem partitie/schijf mislukt. + Fout: Starten van het wissen is mislukt. + Inconsistentie opgelost.\n\n\n(Indien u een programmafout in relatie hiermee wilt rapporteren, wilt u dan de volgende technische informatie meesturen in het bug rapport: %hs) + Fout: Niet verwachte toestand.\n\n\n(Indien u deze fout rapporteert hiermee, neem dan a.u.b. de volgende technische informatie mee in de fout rapportage: %hs + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + WAARSCHUWING: De VeraCrypt Achtergrond Taak is uitgeschakeld. Nadat VeraCrypt is beëindigd, zal niet worden gemeld indien schade aan een Verborgen Volume is voorkomen.\n\nNoot: U kunt op ieder moment de VeraCrypt Achtergrond Taak beëindigen door het VeraCrypt Systeem Tray Icoon rechts aan te klikken en te kiezen voor 'Sluiten'.\n\nWilt u dat de VeraCrypt Achtergrond Taak ingeschakeld wordt? + Vertaling versie: %s + Controleren van het bestandssyteem op het VeraCrypt volume dat is gekoppeld als %s... + Uitvoeren van een poging tot reparatie van het bestandssysteem op het VeraCrypt Volume dat is gekoppeld als %s... + Waarschuwing: Dit volume is gecodeerd met een legacy codering algoritme.\n\nAlle 64-bit-blok codering algoritmes (e.g., Blowfish, CAST-128, of Triple DES) zijn afgekeurd. Het zal mogelijk zijn dit volume te koppelen met toekomstige versies van VeraCrypt. Er zullen echter geen verdere verbeteringen van de implementaties van deze legacy codering algoritmes komen. We raden u aan een nieuw VeraCrypt Volume aan te maken dat is gecodeerd middels een 128-bit-blok codering algoritme (bijv., AES, Serpent, Twofish, etc.) en dat u alle bestanden van dit volume naar het nieuw aan te maken volume verplaatst. + Uw systeem is niet geconfigureerd om automatisch nieuwe volumes te koppelen. Het kan onmogelijk blijken om in apparaten gehuisveste VeraCrypt volumes te koppelen. Automatisch koppelen kan worden aangezet door de volgende opdracht uit te voeren en de computer te herstarten.\n\nmountvol.exe /E + Wilt u a.u.b. een stationsletter toekennen aan de partitie/apparaat voordat u verder gaat ('Configuratiescherm' > 'Prestaties en Onderhoud' > 'Systeembeheer' - 'Computerbeheer' - 'Schijfbeheer').\n\nMerk op dat dit een vereiste van het operating systeem is. + Koppel VeraCrypt volume + Ontkoppel alle VeraCrypt volumes + VeraCrypt kon geen Administrator rechten verkrijgen. + Toegang geweigerd door het operating systeem.\n\nMogelijke oorzaak: Het operating systeem vereist dat u recht om te lezen/schrijven heeft (of administrator privileges) voor bepaalde mappen, bestanden en apparaten, zodat u toegestaan wordt data te lezen en te schrijven naar/van deze bestanden/mappen. Normaal gesproken is het een gebruiker zonder administrator privileges toegestaan om bestanden aan te maken, te lezen en erin te schrijven binnen de eigen Mijn Documenten map. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + De VeraCrypt Boot Lader vereist minstens 32 KBytes vrije ruimte aan het begin van de systeem schijf (de VeraCrypt Boot Lader moet daar opgeslagen worden). Helaas voldoet uw systeem schijf niet aan deze voorwaarde.\n\nWilt u dit a.u.b. NIET als een programmafout/probleem van VeraCrypt melden. Om dit probleem op te lossen, zult u uw schijf moeten herpartitioneren en de eerste 32 KBytes van de schijf vrijlaten (in de meeste gevallen voldoet het de eerste partitie te verwijderen en opnieuw aan te maken). We raden u aan hiervoor de Microsoft partitie manager te gebruiken die beschikbaar is bijv. bij installeren van Windows. + Deze functie wordt niet ondersteund door de versie van het operating systeem die u momenteel gebruikt. + VeraCrypt ondersteunt geen codering van de systeem partitie/schijf onder de versie van het operating systeem die u momenteel gebruikt. + Voordat u de system partitie/schijf onder Windows Vista kunt coderen, dient u Service Pack 1 of hoger te installeren voor Windows Vista. Dit is op uw systeem niet aanwezig.\n\nNoot:Service Pack 1 voor Windows Vista loste een probleem op dat er te weinig geheugen aanwezig was tijdens het opstarten van het systeem. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Uw systeem heeft een GUID partitie tabel (GPT). Op dit moment worden door VeraCrypt alleen stations met een MBR partitie tabel ondersteund. + VOORZICHTIG: De VeraCrypt Boot Lader is reeds geïnstalleerd op uw system schijf!\n\nHet is mogelijk dat een ander systeem op uw computer reeds gecodeerd is.\n\nWAARSCHUWING: DOORGAAN MET CODERING VAN HET NU ACTIEVE SYSTEEM KAN ERVOOR ZORGEN DAT EEN ANDER SYSTEEM/SYSTEMEN NIET MEER GESTART KUNNEN WORDEN EN DE AANWEZIGE DATA NIET MEER TOEGANKELIJK.\n\nBent u er zeker van dat u door wilt gaan? + Fout in herstellen van de originele systeemlader.\n\nGebruik aub uw VeraCrypt reddingsschijf ('Repair Options' > 'Restore original system loader') of Windows installatie medium om de VeraCrypt Boot Lader te vervangen door de Windows systeem lader. + De originele systeem lader zal niet opgeslagen worden op de Reddingsschijf (waarschijnlijke oorzaak: ontbrekende backup). + Kon de MBR sector niet schrijven.\n\nUw BIOS zou ingesteld kunnen zijn om de MBR sector te beschermen. Controleer uw BIOS (druk op F2, Delete, or Esc, tijdens het eerste opstartscherm van uw computer) voor MBR/antivirus protectie instellingen. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + De juiste versie van de VeraCrypt Boot Lader is niet geïnstalleerd. Hierdoor kunnen enkele instellingen evt. niet worden opgeslagen. + In sommige situaties zult u willen voorkomen dat iemand die u de computer ziet starten (een vijand) erachter komt dat VeraCrypt aanwezig is op de computer. De bovenstaande optie stelt u in staat het VeraCrypt Boot Lader scherm aan te passen. Als u de eerste optie kiest zal geen enkele tekst worden weergegeven door de boot lader (zelfs niet als u een verkeerd wachtwoord ingeeft). De computer zal “bevroren” lijken terwijl u uw wachtwoord intypt. Als extra kan er een zelfgemaakte boodschap worden weergegeven om de vijand te misleiden. Bijv. “Ontbrekend Operating Systeem” (wat normaal wordt weergegeven door de Windows Boot Lader als deze geen boot partitie vindt.) Het is echter belangrijk dat u zich realiseert dat, als de vijand in staat is de inhoud van de harde schijf te analyseren, hij erachter kan komen dat er een VeraCrypt Boot Lader aanwezig is. + WAARSCHUWING: Na selectie van deze optie zal de VeraCrypt Boot Lader geen enkele tekst laten zien (zelfs niet bij ingave van een verkeerd wachtwoord). De computer zal “bevroren” lijken terwijl u uw wachtwoord kunt ingeven (de cursor zal NIET bewegen en geen sterretjes worden zichtbaar bij intypen).\n\nBent u er zeker van dat u deze optie wilt selecteren? + Uw systeem partitie/schijf blijkt helemaal gecodeerd te zijn. + VeraCrypt ondersteunt geen codering van een systeem station dat is geconverteerd tot een dynamische schijf. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Wilt u de systeem partitie coderen in plaats van de gehele schijf?\n\nMerk op dat u in partities gehuisveste VeraCrypt volumes kunt aanmaken op iedere niet-systeem partitie op de schijf (naast het coderen van de systeem partitie). + Aangezien uw systeem schijf maar één partitie bevat die alle ruimte in beslag neemt, is het aan te raden (veiliger) om de gehele schijf te coderen, inclusief de vrije ruimte die vaak zo'n partitie omgeeft.\n\nWilt u de gehele systeem schijf coderen? + Uw system is ingesteld om tijdelijke bestanden op te slaan op een niet-systeem partitie.\n\nDeze opslag kan daar niet plaatsvinden. + Uw gebruikersprofiel bestanden zijn niet opgeslagen op de system partitie.\n\n Dit profiel kan daar niet plaatsvinden. + Er is/zijn wisselbestand(en) aanwezig op niet-systeem partitie(s).\n\nWisselbestand(en) kunnen daar niet opgeslagen zijn. + Wilt u Windows instellen dat er alleen op de Windows partitie een wisselbestand wordt aangemaakt?\n\nAls u 'Ja' klikt wordt de computer opnieuw gestart. Start daarna VeraCrypt en de aanmaak van een verborgen OS opnieuw. + Anders zal de aannemelijke ontkenbaarheid van het verborgen operating system aangetast worden.\n\nNoot: indien een vijand de inhoud van deze bestanden (op een niet-systeem partitie) zal analyseren, zou hij kunnen ontdekken dat u deze wizard gebruikte in de verborgen-systeem modus (hetgeen de aanwezigheid van een verborgen operating systeem op uw computer kan aantonen). Merk ook op dat deze bestanden door VeraCrypt worden gewist gedurende de aanmaak van een verborgen operating systeem. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + WAARSCHUWING: Er is niet-toegewezen ruimte aanwezig tussen de systeem partitie en de eerste partitie daar achter. Na aanmaken van het verborgen operating systeem (OS) mag u geen partitie meer maken in deze ruimte, anders zal het verborgen OS systeem niet meer te starten zijn (totdat u deze partitie weer verwijdert). + Dit algoritme wordt momenteel niet ondersteund voor systeem codering. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Sleutelbestanden zijn niet ondersteund bij systeemcodering. + Waarschuwing: VeraCrypt kon de originele toetsenbord lay-out niet terugzetten. Dit zou ertoe kunnen leiden dat u een wachtwoord verkeerd ingeeft. + Fout: Kan de toetsenbord indeling voor VeraCrypt niet instellen op de standaard (US) toetsenbord indeling.\n\nMerk op dat het wachtwoord ingetypt moet worden in de pre-boot omgeving (voor Windows start) waar niet-standaard (US) Windows toetsenbord indelingen niet beschikbaar zijn. Daarom moet het wachtwoord altijd worden ingetypt met gebruik van de standaard (US) toetsenbord indeling. + Omdat VeraCrypt tijdelijk de toetsenbord lay-out veranderde naar de standaard (US) toetsenbordindeling, is het niet mogelijk karakters te typen terwijl u de rechter ALT toets ingedrukt houdt. Echter, u kunt de meeste van dit soort karakters creëren door de betreffende toets in te drukken terwijl u de SHIFT toets ingedrukt houdt. + VeraCrypt verhinderde het veranderen van de toetsenbord lay-out. + Noot: Het wachtwoord moet worden ingetypt in de pre-boot omgeving (voordat Windows start) waar niet-standaard (US) Windows toetsenbord indelingen niet beschikbaar zijn. Daarom moet het wachtwoord altijd worden ingetypt met gebruik van de standaard (US) toetsenbord indeling. Echter, het is belangrijk op te merken dat u geen ECHT standaard (US) toetsenbord nodig hebt. VeraCrypt zorgt er automatisch voor dat u het wachtwoord veilig kunt intypen (nu direct en in de pre-boot omgeving) zelfs als u geen echt standaard (US) toetsenbord hebt. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + LET OP: Indien u een VeraCrypt Reddingsschijf heeft kan deze niet gebruikt worden voor deze systeem partitie/schijf omdat hij is gemaakt voor een andere master key! Na iedere codering van een systeem partitie/schijf moet een nieuwe reddingsschijf worden aangemaakt, zelfs als u hetzelfde wachtwoord gebruikt. + Fout: Kan de systeem codering settings niet opslaan. + Kan de systeem codering pre-test niet initiëren. + Voorbereiding tot aanmaak van verborgen operating system mislukt. + Wis Modus + Op sommige typen opslagmedia is het mogelijk oorspronkelijke data, die overschreven zijn door andere data, weer te herstellen met geavanceerde technieken. Dit geldt ook voor data die worden overschreven door hun gecodeerde variant. (Dit gebeurt als VeraCrypt een ongecodeerde partitie of schijf codeert.) Volgens studies en overheidspublicaties kan deze hersteltechniek voorkomen worden (of zeer bemoeilijkt) door de data eerst een aantal malen met pseudo-random en niet-random data te overschrijven. Indien u gelooft dat een vijand mogelijk uw originele data met een dergelijke techniek zou kunnen herstellen, kunt u één van de volgende wismethoden kiezen (let op bestaande data gaan NIET verloren). Merk op dat het wissen NIET zal plaatsvinden na de codering van de partitie/schijf. Als de partie/schijf geheel is gecodeerd worden er geen ongecodeerde data meer op geschreven, deze data worden in het interne geheugen “on the fly” gecodeerd en daarna pas weggeschreven naar de schijf. + Op sommige typen opslagmedia is het mogelijk oorspronkelijke data, die overschreven zijn door andere data, weer te herstellen met geavanceerde technieken. Volgens studies en overheidspublicaties kan deze hersteltechniek voorkomen worden (of zeer bemoeilijkt) door de data eerst een aantal malen met pseudo-random en niet-random data te overschrijven. Indien u gelooft dat een vijand mogelijk uw originele data die gewist gaat worden met een dergelijke techniek zou kunnen herstellen, kunt u één van de volgende cyclische wismethoden kiezen.\n\nNoot:Hoe meer wis cycli u kiest, des te langer zal het proces duren. + Wissen + \nNoot: U kunt het wisproces onderbreken, de computer afsluiten, het verborgen systeem opnieuw starten en het proces weer hervatten (deze wizard zal automatisch weer worden gestart). Echter, het wisproces zal dan weer van voren af beginnnen. + \n\nNoot: Als u het wisproces onderbreekt en het probeert te hervatten, zal het gehele wisproces van voren af beginnen. + Wilt u het wisproces afbreken? + LET OP: De gehele inhoud van deze partitie/apparaat zal worden gewist. + De gehele inhoud van de partitie waar het originele system staat wordt gewist.\n\nNoot: De gehele inhoud van de te wissen partitie is reeds gekopieerd naar de verborgen systeem partitie. + WAARSCHUWING: indien u bijv. de 3-cycli wismodus kiest, zal de tijd die nodig is om de partitie/schijf te coderen tot 4 maal langer duren. Zo ook zal, indien u de 35-cycli modus kiest, de benodigde tijd tot 36 maal langer duren. Dit kan zelfs oplopen tot enkele weken.\n\nEchter, merk op dat wissen niet zal geschieden na volledige codering van de partitie/schijf. Wanneer deze codering voltooid is zullen alle data die er naartoe geschreven worden eerst volledig in het interne geheugen gecodeerd worden alvorens geschreven te worden. Dan wordt de performance dus NIET aangetast.\n\nBent u er zeker van dat u de wismodus wilt kiezen? + Geen (snelst) + 1-maal (random data) + 3-maal (US DoD 5220.22-M) + 7-maal (US DoD 5220.22-M) + 35-maal ("Gutmann") + 256-maal + Aantal Operating Systemen + WAARSCHUWING: Onervaren gebruikers wordt het dringend afgeraden Windows te coderen in een multi-boot configuratie.\n\nDoorgaan? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Boot Schijf + Is het nu actieve operating systeem geïnstalleerd op de boot-schijf?\n\nNoot: Soms is Windows niet geïnstalleerd op dezelfde schijf als de Windows Boot Lader (boot partitie). Indien dit het geval is, kies 'Nee'. + VeraCrypt ondersteunt momenteel niet het coderen van een operating systeem dat niet opstart vanaf de schijf waarop het is geïnstalleerd. + Aantal Systeem Schijven + Hoeveel schijven bevatten een operating systeem?\n\nNoot: Bijvoorbeeld, als u een operating systeem (bijv. Windows, Mac OS X, Linux, etc.) heeft geïnstalleerd op de primaire schijf en enig toegevoegd operating systeem geïnstalleerd op een secundair schijf, selecteer dan '2 of meer'. + VeraCrypt ondersteunt momenteel geen codering van een gehele schijf die meerdere operating systemen bevat.\n\nMogelijke oplossingen:\n\n- U kunt nog steeds één van de systemen coderen als u terug gaat en kiest voor codering van een enkele systeem partitie (in tegenstelling tot het coderen van een gehele systeem schijf).\n\n- Als een alternatief kunt u de gehele schijf coderen als u enkele van de systemen verplaatst naar een andere schijf zodat er maar één systeem achterblijft op de schijf die u wilt coderen. + Meerdere Systemen op Enkele Schijf + Zijn er andere operating systemen geïnstalleerd op de schijf waarop het huidige actieve operating systeem is geïnstalleerd?\n\nNoot: Bijvoorbeeld, als het huidige actieve operating systeem is geïnstalleerd op schijf #0, dat meerdere partities bevat, en indien één van deze partities Windows bevat en een andere partitie bevat een ander operating systeem (bijv. Windows, Mac OS X, Linux, etc.), selecteer dan 'Ja'. + Niet-Windows Boot Lader + Is een niet-Windows boot lader (of boot manager) geïnstalleerd in het Master Boot Record (MBR)?\n\nNoot: Als de eerste track van de boot schijf bijv. GRUB, LILO, XOSL of een andere niet-Windows boot manager (of boot lader) bevat, klik dan op ‘Ja’. + Multi-Boot + VeraCrypt ondersteunt momenteel geen multi-boot configuraties waar een niet-Windows boot lader is geïnstalleerd in het Master Boot Record.\n\nMogelijke oplossingen:\n\n- Als u een boot manager gebruikt om Windows en Linux te starten, verplaats de boot manager (meestal GRUB) van het Master Boot Record naar een partitie. Start dan deze wizard nogmaals en codeer de systeem partitie/schijf. Merk op dat de VeraCrypt Boot Lader uw primaire boot manager zal worden en u zal toestaan de originele boot manager (bijv. GRUB) te starten als een secundaire boot manager (door op ESC te drukken in het VeraCrypt Boot Lader scherm). Aldus zult u Linux kunnen starten. + Als het nu draaiende operating system (OS) is geïnstalleerd op de boot partitie zult u na codering ervan het wachtwoord dienen op te geven, zelfs als u een ander ongecodeerd Windows systeem wilt starten. Dit omdat ze dezelfde gecodeerde Windows boot lader/manager delen.\n\nIn contrast hiermee: als het nu draaiende OS NIET geïnstalleerd is op de boot partitie (of als de Windows boot lader/manager niet door een ander systeem wordt gebruikt) dan zal, na codering van dit systeem het ingeven van een wachtwoord voor andere ongecodeerde syste(e)m(en) niet nodig zijn. Dan zal alleen het indrukken van de ESC toets voldoende zijn om het ongecodeerde systeem te starten. (Indien er meerdere van deze ongecodeerde systemen zijn zult u in het VeraCrypt Boot Manager Menu moeten aangeven welk systeem te starten).\n\nNoot: Kenmerkend is dat het éérst geïnstalleerde Windows systeem op de boot partitie staat. + Codering van "Host Protected Area" + Aan het einde van veel harde schijven bestaat een gebied dat normaal gesproken verborgen is voor het operating systeem, het ‘Hort Protected Area’ (HPA). Sommige programma’s kunnen echter data lezen en schrijven naar dit gebied.\n\nWAARSCHUWING: Sommige computerfabrikanten gebruiken dit gebied voor de opslag van tools, data voor RAID, systeemherstel, systeem setup, diagnostiek enz. Indien deze data toegankelijk moeten zijn vóór het opstarten, mag de HPA NIET gecodeerd worden. (Kies boven ‘Nee’)\n\nWilt u dat VeraCrypt een HPA opzoekt en codeert? + Type Systeem Codering + Selecteer deze optie als u de systeempartitie of de gehele systeemschijf wilt coderen zonder deze te verbergen. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Verborgen Operating Systeem + In de stappen hierna worden twee volumes (Buiten en Verborgen) aangemaakt in de eerste partitie achter de systeem partitie. Het Verborgen Volume zal het verborgen operating systeem (OS) bevatten. VeraCrypt zal dit verborgen OS aanmaken door de inhoud van de systeem partitie (met daarop het nu draaiende OS) te kopiëren naar het Verborgen Volume. Naar het Buiten Volume zult u enige belangrijk uitziende bestanden kopiëren die u NIET wilt verbergen. Ze staan daar voor degene die u dwingt het wachtwoord te onthullen van de Verborgen OS partitie. Als u dan het wachtwoord van het Buiten Volume in de verborgen OS partitie geeft zal het Verborgen Volume met daarin het verborgen OS verborgen blijven.\n\nUiteindelijk zult u op de systeem partitie van het nu draaiende OS een nieuw OS installeren, het zgn. lokvogel OS en dit coderen. Dit mag geen gevoelige data bevatten en zal er staan t.b.v. degene die u dwingt het pre-boot authenticatie wachtwoord prijs te geven. Totaal zullen er drie wachtoorden zijn. Twee ervan kunt u onthullen (voor het buiten volume en het lokvogel OS). Na ingave van het derde wachtwoord zal het verborgen OS starten. + Opsporen Verborgen Sectoren + Wacht a.u.b. terwijl VeraCrypt mogelijke verborgen sectoren detecteert aan het einde van de systeem schijf. Dit kan lang duren.\n\nNoot: in zeldzame gevallen zal het systeem niet meer reageren tijdens dit detectie proces. Indien dit gebeurt, herstart dan de computer en start VeraCrypt opnieuw. Volg dan dezelfde stappen maar sla dit detectie proces over. Merk op dat dit probleem niet wordt veroorzaakt door een fout in VeraCrypt. + Te Coderen Gebied + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Verzamelen Random Data + Sleutels Aangemaakt + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Reddingsschijf Maken + Reddingsschijf Aangemaakt + System Codering Pre-test + Reddingsschijf Geverifieerd + \nDe VeraCrypt Reddingsschijf is met succes gecontroleerd. Verwijder het a.u.b. uit het station en bewaar het op een veilige plaats.\n\nKlik op Volgende om door te gaan. + WAARSCHUWING: Bij de volgende stappen mag de VeraCrypt Reddingsschijf NIET in het station zitten. Anders is het niet mogelijk het proces goed af te ronden.\n\nHaal het uit het station en berg hem op een veilige plaats op. Klik dan op OK. + Waarschuwing: Door technische beperkingen van de pre-boot omgeving, kunnen alleen maar Engelse teksten door VeraCrypt worden weergegeven in de pre-boot omgeving (voordat Windows start). Het VeraCrypt Boot Lader gebruikersscherm is helemaal in het Engels.\n\nDoorgaan? + Alvorens uw systeem partitie of schijf te coderen, moet VeraCrypt eerst verifieren dat alles goed werkt.\n\nNadat u op Test heeft geklikt, zullen alle benodigde componenten (bijv. de pre-boot authenticatie component, d.w.z. de VeraCrypt Boot Lader) worden geïnstalleerd en wordt uw computer opnieuw opgestart. Daarna moet u uw wachtwoord intypen in het VeraCrypt Boot Lader scherm dat zal verschijnen voordat Windows start. Na het starten van Windows, zult u automatisch worden geïnformeerd over de resultaten van de pre-test.\n\nHet volgende apparaat zal worden aangepast: Schijf #%d\n\n\nAls u op Annuleer drukt, zal niets worden geïnstalleerd en zal de pre-test niet worden uitgevoerd. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Pre-test Voltooid + De pre-test is met succes voltooid.\n\nWaarschuwing: Indien de stroomtoevoer onderbroken wordt of het operating systeem crasht door een fout, tijdens het Op-De-Plaats coderen van data, kunnen er gegevens verloren gaan of verminkt raken. Maak daarom een back-up van de te coderen bestanden. Indien u dit nog niet heeft gedaan, doe dit nu door op 'Pauzeer' te klikken en dan de back-up te maken. Start daarna VeraCrypt en selecteer 'Systeem' > 'Hervat Onderbroken Proces' om het decoderen te hervatten.\n\nIndien u klaar bent, klik op 'Codeer' om het Coderingsproces te starten. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nU kunt op Pauzeer drukken wanneer u het coderingsproces wilt stoppen, deze wizard beëindigen en de computer afsluiten. Na herstart van de computer en van dit proces zal het verdergaan op het punt van onderbreking. Het volume kan niet gekoppeld worden totdat het volledig gecodeerd is. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Origineel Systeem + Windows maakt (zonder uw medeweten) log-bestanden en tijdelijke bestanden aan op de syteempartitie. Ook de inhoud van RAM wordt opgeslagen in de slaap- en wisselbestanden op de systeem partitie. Indien een afperser bestanden op de partitie waar het originele operating systeem (OS) staat zou analyseren (waarvan het verborgen systeem een kloon is), zou hij bijv. kunnen achterhalen dat u de VeraCrypt wizard gebruikte om een verborgen OS aan te maken (hetgeen een sterke aanwijzing is voor het bestaan van een verborgen OS op uw computer).\n\nOm dit te voorkomen zal in de volgende stappen de gehele inhoud van de partitie waar het originele OS staat veilig worden gewist. Daarna, t.b.v. de aannemelijke ontkenbaarheid, moet u een nieuw OS installeren op deze partitie en dit coderen. Daarmee maakt u een lokvogel OS waarna het proces van aanmaak van een verborgen OS afgerond zal zijn. + Het verborgen operating system is met succes aangemaakt. Voordat u het echter kunt gebruiken (en het aannemelijk ontkenbaar is), dient u de gehele inhoud van de partitie met daarop het nu draaiende operating systeem (OS) m.b.v. VeraCrypt veilig te wissen. U dient hiertoe nu eerst de computer te herstarten en dan bij de pre-boot authenticatie het wachtwoord in te geven van het verborgen OS. Dan zal, na het starten van dit verborgen OS, de VeraCrypt wizard automatisch starten.\n\nNoot: Als u ervoor kiest het proces tot aanmaak van een verborgen operating syteen NU te beëindigen, zult u het proces NIET kunnen hervatten en zal het verborgen operating systeem NIET toegankelijk zijn omdat de VeraCrypt boot lader dan wordt verwijderd. + U heeft het aanmaken van een verborgen operating system gepland. Het proces is nog niet afgerond. Voor de afronding dient u de computer opnieuw op te starten en dan in het scherm van de VeraCrypt Boot Lader (dat vóór Windows verschijnt) uw wachtwoord voor het verborgen operating systeem in te geven.\n\nNoot: indien u ervoor kiest het proces nu af te breken zult u NIET in staat zijn het te hervatten. + Herstart de computer en ga verder + Permanent afbreken proces tot aanmaak van verborgen operating system + Doe nu niets, vraag later opnieuw + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Klonen Operating Systeem + In de volgende stappen zal VeraCrypt het verborgen operating systeem aanmaken door de inhoud van de system partitie naar het verborgen volume te kopiëren (de te kopiëren data worden on-the-fly gecodeerd met een andere codering sleutel dan die van het lokvogel operating systeem)\n\nMerk op dat dit proces wordt uitgevoerd in de pre-boot omgeving (dus voordat Windows start) en dat voltooiing lang kan duren: meerder uren of zelfs dagen (afhankelijk van de grootte van de systeem partitie en van de performance van uw computer).\n\nU kunt het proces onderbreken, de computer afsluiten, en weer hervatten na aanzetten van de computer. Echter, na onderbreking zal het proces van het kopiëren en coderen van de systeem partitie altijd weer van voren af aan beginnen omdat de inhoud van deze partitie tijdens het klonen niet gewijzigd mag worden. + Wilt u het gehele proces tot aanmaak van een verborgen operating systeem stoppen?\n\nNoot: U zult het proces NIET kunnen hervatten als u nu stopt. + Wilt u de systeem codering pre-test annuleren? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + De systeem partitie/schijf blijkt niet gecodeerd te zijn (ook niet gedeeltelijk). + Uw systeem partitie/schijf is gecodeerd (volledig of geheel).\n\nDecodeer a.u.b. uw systeem partitie/schijf geheel alvorens verder te gaan. Om dit te doen, selecteer 'Systeem' > 'Permanent Decoderen Systeem Partitie/Schijf' uit het menu van het hoofdscherm van VeraCrypt. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Uw systeem partitie/schijf wordt op dit moment gecodeerd, gedecodeerd, of op andere wijze aangepast. Onderbreek a.u.b. de codering/decodering/aanpassing, of wacht tot het proces is afgerond, alvorens verder te gaan. + Een exemplaar van de VeraCrypt Volume Aanmaak Wizard draait op dit moment op dit systeem en is bezig met voorbereiden tot of de codering/decodering zelf van de systeem partitie/schijf. Voordat u verder gaat, wacht a.u.b.totdat deze klaar is of sluit hem af. Als u deze niet af kunt sluiten, herstart a.u.b. uw computer alvorens verder te gaan. + Het coderen/decoderen van de systeem partitie/schijf is niet voltooid. Wacht a.u.b. tot het is voltooid alvorens verder te gaan. + Fout: Het coderen/decoderen van de partitie/schijf is niet voltooid. Het moet eerst afgerond worden. + Fout: Het coderingsproces van de partitie/volume is niet voltooid. Het moet eerst voltooid worden.\n\nOm het proces te hervatten, selecteer 'Volumes' > 'Hervat Onderbroken Proces' uit het menu van het hoofdscherm van VeraCrypt. + Het wachtwoord is goed, VeraCrypt heeft de volume header gedecodeerd maar ontdekt dat dit een verborgen systeem volume is. U kunt de volume header van een verborgen systeem volume niet op deze manier wijzigen.\n\nOm het wachtwoord van een verborgen systeem volume te wijzigen, start het verborgen operating systeem en kies dan 'Systeem' > 'Verander wachtwoord' uit het menu van het hoofdscherm van VeraCrypt.\n\nOm het header key afleidingsalgoritme aan te maken, start het verborgen operating systeem en lies dan 'Systeem' > 'Creëer Header Key Afleidingsalgoritme'. + VeraCrypt ondersteunt geen Op-De-Plaats decodering van een verborgen systeem partitie.\n\nNoot:Als u de lokvogel systeem partitie wilt decoderen, start het lokvogel operating systeem en selecteer 'Systeem' > 'Permanent Decoderen Systeem Partitie/Schijf' in het VeraCrypt hoofdscherm. + Fout: Incorrecte/ongeldige parameter. + U heeft een partitie of apparaat geselecteerd maar de functie van de wizard die u koos is alleen maar geschikt voor bestandscontainers.\n\nWilt u een andere functie van de wizard kiezen? + Wilt u in plaats hiervan een VeraCrypt bestandscontainer aanmaken? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Bent u er zeker van dat u de systeem partitie/schijf permanent wilt decoderen? + VOORZICHTIG: Als u de systeem partitie/schijf permanent decodeert, worden er ongecodeerde data naar geschreven.\n\nBent u er zeker van dat u de systeem partitie/schijf permanent wilt decoderen? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Waarschuwing: als u codes in cascade gebruikt voor system codering, kunt u de volgende problemen tegenkomen:\n\n)1 De VeraCrypt Boot Lader is dan groter dan normaal waardoor er niet genoeg ruimte zou kunnen zijn op de eerste track van de schijf voor een backup van deze Boot Lader. Als de Boot Lader beschadigd raakt, hetgeen nogal eens gebeurt (bijv. door slecht ontworpen anti-piraterij activatieprocedures van bepaalde programma’s), heeft u de VeraCrypt Reddingsschijf nodig om op te starten of om de Boot Lader te repareren.\n\n2) Op sommige computers neemt het herstarten uit de slaapstand meer tijd in beslag.\n\nDeze mogelijke problemen kunt u vermijden door een niet-cascade coderingsalgoritme (bijv. AES) te kiezen.\n\nBent u er zeker van dat u codes in cascade wilt gebruiken? + Als u enige van de hiervoor beschreven problemen tegenkomt, decodeer de partitie/schijf (als het is gecodeerd) en codeer het daarna opnieuw met gebruik van een niet-cascade-code (bijv. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + Het versienummer van de VeraCrypt Boot Lader waarmee dit operating systeem (OS) opstartte verschilt van het versienummer van de VeraCrypt driver (en applicaties) geïnstalleerd op dit OS.\n\nU zou de VeraCrypt installer met eenzelfde versienummer als dat van de boot lader moeten starten om VeraCrypt op dit OS bij te werken. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + De VeraCrypt Boot Lader heeft een upgrade gehad.\n\nHet wordt sterk aangeraden een nieuwe VeraCrypt Reddingsschijf aan te maken (die ook de nieuwe versie van de VeraCrypt Boot Lader zal bevatten) door te selecteren 'Systeem' > 'Maak Reddingsschijf aan' nadat u uw computer opnieuw opgestart heeft. + De VeraCrypt Boot Lader is ge-upgrade.\n\nHet wordt sterk aangeraden het lokvogel operating systeem te starten en dan een nieuwe VeraCrypt Reddingsschijf te maken (die de nieuwe VeraCrypt Boot Lader zal bevatten) door 'Systeem' > 'Maak Reddingsschijf Aan' te selecteren. + Fout: Kon geen update uitvoeren op de VeraCrypt Boot Lader. + VeraCrypt kon de werkelijke grootte van de systeemschijf niet vaststellen, daarom zal de grootte zoals vastgesteld door het operating system (die kleiner kan zijn) worden gebruikt. Dit is geen fout in VeraCrypt. + WAARSCHUWING: Het blijkt dat VeraCrypt al eerder heeft geprobeerd verborgen sectoren te ontdekken op deze systeem schijf. Als u enig probleem tegenkwam gedurende het vorige detectie proces, kunt u deze problemen vermijden door het detectieproces over te slaan. Merk op dat VeraCrypt dan de grootte van de systeem schijf zal gebruiken die gerapporteerd wordt door het operatingsysteem (die kleiner kan zijn dan de werkelijke grootte).\n\nMerk op dat dit probleem niet veroorzaakt wordt door een fout in VeraCrypt. + Sla de detectie over van verborgen sectoren (gebruik de grootte gevonden door het operating systeem) + Probeer verborgen sectors weer te detecteren + Fout: De inhoud van een of meerdere sectoren van de schijf kon niet gelezen worden, waarschijnlijk ten gevolge van een fysieke fout.\n\nDe Op-De-Plaats codering kan alleen maar voortgang vinden als deze sectoren weer leesbaar gemaakt zijn. VeraCrypt kan proberen deze sectoren weer leesbaar te maken door er nullen in te schrijven, waarna al deze nullen gecodeerd zullen worden. Merk echter op dat ten gevolge van deze oplossing alle (onleesbare) data die in deze sectoren liggen opgeslagen verloren zullen zijn. Indien u dit wilt vermijden kunt u proberen stukken van de betreffende data te herstellen met toepasselijke software van derden.\n\nNoot: Indien de sectoren fysiek beschadigd zijn (dus tegengesteld aan data corruptie en checksum fouten) zullen de meeste typen opslag media deze sectoren intern doorverwijzen naar andere goed functionerende sectoren wanneer geprobeerd wordt data er naartoe te schrijven. In dit geval kunnen de bestaande data op de beschadigde sectoren ongecodeerd op de schijf achterblijven).\n\nWilt u dat VeraCrypt nullen schrijft naar de onleesbare sectoren? + Fout: De inhoud van een of meer sectoren op de schijf kan niet worden gelezen (waarschijnlijk ten gevolgen van een fysieke fout).\n\nTeneinde door te kunnen gaan met de codering dient VeraCrypt de inhoud van de onleesbare sectoren te wissen (deze worden dan gevuld met pseudo-random data). Merk op dat u, alvorens verder te gaan, de inhoud van deze sectoren kunt proberen te herstellen middels software van derden.\n\nWilt u dat VeraCrypt de data in de onleesbare sectoren nu wist? + Noot: VeraCrypt heeft de inhoud van %I64d onleesbare sectoren (%s) vervangen door gecodeerde nullen in platte tekst blokken. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Geef wachtwoord/PIN voor token '%s': + Voordat VeraCrypt toegang kan krijgen tot een security token of smartcard, moet u eerst een PKCS #11 software library voor het token of smartcard installeren. Deze library kan meegeleverd zijn met het apparaat of kan op de website van de verkoper of van derden te vinden zijn.\n\nNa installatie van de library kunt u deze selecteren door te klikken op 'Selecteer Library' of u kunt VeraCrypt de bibliotheek automatisch laten vinden en selecteren door te klikken op 'Auto-Detect Library' (er wordt dan alleen in de Windows systeem mappen gezocht). + Noot: Raadpleeg voor de bestandsnaam en plaats van de PKCS #11 library van uw security token of smartcard de documentaie van het token, smartcard of software van derden.\n\nKlik op 'OK' om het pad en bestandsnaam te selecteren. + Voordat VeraCrypt toegang kan krijgen tot een security token of smartcard dient u een PKCS #11 software library voor het token/smartcard te selecteren. Selecteer hiertoe 'Instellingen' > 'Security Tokens'. + VeraCrypt kon de PKCS #11 library niet initialiseren.\n\nZorg dat het opgegeven pad en bestandsnaam naar een geldige PKCS #11 library verwijzen. Om een PKCS #11 library op te geven, selecteer 'Instellingen' > 'Security Tokens'. + De PKCS #11 library werd niet gevonden in de windows systeem map.\n\nZorg ervoor dat een PKCS #11 library voor uw security token of smart card is geïnstalleerd. Een dergelijke library kan meegeleverd zijn bij het apparaat of te vinden zijn op de website van de leverancier of van derden. Als de library is geïnstalleerd in een niet-windows map, klik dan op 'Selecteer Library' om de library te selecteren (bijv. in de map waar de software voor het token/smartcard is geïnstalleerd). + Er werd geen security token gevonden.\n\nZorg ervoor dat uw security token is aangesloten op de computer en dat de juiste driver is geïnstalleerd. + Security token sleutelbestand niet gevonden. + Security token sleutelbestand met deze naam bestaat reeds. + Wilt u de geselecteerde bestanden verwijderen? + Security token sleutelbestand pad is ongeldig. + Security token fout + Wachtwoord voor security token is fout. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + Alle open security token sessiess zijn gesloten. + Selecteer Security Token Sleutelbestanden + Slot + Token naam + Bestandsnaam + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Fout bij parsen command line. + Reddingsschijf + Selecteer &Bestand en Koppel + Selecteer &Apparaat en Koppel + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Waarschuwing: Het volume gekoppeld als '%s' werd niet correct ontkoppeld en kan derhalve fouten bevatten. Het gebruik van een corrupt bestandssysteem kan dataverlies of verminking tot gevolg hebben.\n\nNoot: Voordat u een apparaat fysiek verwijdert of uitschakelt (bijv. een USB flash-drive of een externe harddisk) waarop een gekoppeld VeraCrypt volume staat, moet u altijd eerst dit volume ontkoppelen.\n\nWilt u dat windows probeert evt. fouten op dit volume op te sporen en te repareren? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Waarschuwing: Een beschadigd bestandssysteem repareren m.b.v. Microsoft ‘chkdsk’ kan verlies van bestanden in beschadigde gebieden tot gevolg hebben. Daarom wordt het aangeraden dat u eerst de bestanden uit het VeraCrypt volume kopieert naar een ander, intact, VeraCrypt Volume.\n\nWilt u het bestandssysteem nu repareren? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' moest als read-only gekoppeld worden omdat schrijftoegang verboden werd.\n\nZorg ervoor dat geen ander programma (zoals antivirus software) bezig is met toegang tot de partitie/apparaat waarop het volume staat. + Volume '%s' is gekoppeld als alleen-lezen omdat het operating system heeft gemeld dat het huisvestende apparaat tegen schrijven beveiligd is.\n\nMerk a.u.b. op dat van sommige aangepaste chipset drivers is gerapporteerd dat ze onterecht bepaalde media als schrijf-beveiligd lieten zien. Dit probleem wordt niet veroorzaakt door VeraCrypt. Het kan evt. worden opgelost door de aangepaste (niet-Microsoft) chipset drivers te updaten of te de-installeren. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Wilt u dat VeraCrypt probeert de schrijfbeveiliging op de partitie/schijf uit te zetten? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Test + Sleutel + Backspace + Tab + Clear + Enter + Pauze + Caps Lock + Spatie + Page Up + Page Down + End + Home + Linker Pijltje + Pijltje Omhoog + Rechter Pijltje + Pijltje Omlaag + Selecteer toets + Print toets + Execute toets + Print Screen + Insert + Delete + Applicaties toets + Sleep + Num Lock + Scroll Lock + Browser Terug + Browser Forward + Browser Vernieuwen + Browser Stop + Browser Zoeken + Browser Favorieten + Browser Home + Dempen + Volume Lager + Volume Hoger + Volgende Track + Vorige Track + Stop Media + Afspelen/Pauzeren Media + Start Mail Key + Selecteer Media Key + Applicatie 1 + Applicatie 2 + Attn + CrSel + ExSel + Afspelen + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.nn.xml b/Translations/Language.nn.xml index 39a98263..9739a437 100644 --- a/Translations/Language.nn.xml +++ b/Translations/Language.nn.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Avbryt - Install &for all users - Bro&wse... - Legg til VeraCrypt ikon til skrivebordet - Donate now... - Associate the .hc file &extension with VeraCrypt - &Open the destination location when finished - Legg VeraCrypt til Start menyen - Lag System Gjennopprettings Punkt - &Avinstaller - &Extract - &Install - VeraCrypt Setup Wizard - Avinstaller VeraCrypt - &Hjelp - Please select or type the location where you want to place the extracted files: - Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. - Click Uninstall to remove VeraCrypt from this system. - Avbryt - &Benchmark - &Test - Create encrypted volume and format it - Encrypt partition in place - Display generated keys (their portions) - Skjerm basseng innhald - Download CD/DVD recording software - Create an encrypted file container - &GB - &TB - More information - Hi&dden VeraCrypt volume - More information about hidden volumes - Direct mode - Normal mode - &KB - U&Bruk nøkkelfiler - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - Nø&kkelfiler.. - Informasjon om hash algoritmar - Meir informasjon - Information on PIM - &MB - More information - More information about system encryption - More information - Multi-Boot - Encrypt a non-system partition/drive - &Aldri lagra historie - Opne Ytre Volum - &Pause - Use P&IM - Use PIM - Rask Formatering - &Vis passord - &Display password - &Display PIM - Single-boot - Standard VeraCrypt volume - Hi&dden - Normal - Encrypt the system partition or entire system drive - Encrypt the Windows system partition - Encrypt the whole drive - VeraCrypt Volume Creation Wizard - Sektorgruppe - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. - &Bekreft: - Ferdig - Drive letter: - Krypterings Algoritme - Filsystem - Creates a virtual encrypted disk within a file. Recommended for inexperienced users. - Alternativ - Hash Algoritme - Over Nøkkel: - Venstre - Hovud Nøkkel: - Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - Current pool content (partial) - Pass - Passord: - Volume PIM: - Volume PIM: - Progress: - Tilfeldig Gruppe: - Select this option if there is only one operating system installed on this computer (even if it has multiple users). - Hastigheit - Status - The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. - Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Wipe mode: - Avslutt - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - Ikkje gjer noko - &Automatisk monter VeraCrypt volum (spesifiser under) - &Start VeraCrypt - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - Bla gjennom... - Bla gjennom... - Hurtiglagra passord og &nøkkelfiler i minne - Avslutt når det ikkje er monterte volum - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - Inkluder VeraCrypt Volum Opprettings Vegvisar - Opprett - &Opprett Volum - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Bruk nøkkelfiler - Bruk nøkkelfiler - Avs&lutt - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - alt - Ctrl - Skift - Windows - Anngje - Fjern - Nøkkelfiler... - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - &Auto monter einheiter - &Alternativ... - Monter volum &som skriveverna - Nøkkelfiler... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Aktivert - Snøgglagra passord i drivar minne - Auto avmonter volum vist det ikkje er skrive/lese data til det på - Brukar loggar av - User session locked - Går inn i straum sparings modus - Skjerm sparar er starta - Tving auto avmontering sjølv om voluma inneheld opne filer og mapper - Monter alle einings-verta VeraCrypt volum - Start VeraCrypt Background Task - Monter volum som skriveverna - Monter volum som fjernbart medium - Opne Utforskar vindauga for vellykka monterte volum - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Slett snøgglagra passord ved automatisk avmontering - Slett snøgglagra passord ved avslutning - Preserve modification timestamp of file containers - Tilbakestill - Vel &Eining... - Vel &Fil... - Select &Library... - Vis passord - Vis passord - Opne &Utforskar vindauga for montert volum - &snøgglagra passord i drivar minne - TrueCrypt Mode - &Avmonter Alle - &Volum Eigenskapar... - Volum Verk&tøy... - &Slett Snøgglager - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - System snøgg tastar - VeraCrypt - Change Password or Keyfiles - Skriv inn VeraCrypt Volum Passord - VeraCrypt - Performance and Driver Options - VeraCrypt - Innstillingar - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - VeraCrypt Traveler Disk Setup - VeraCrypt Volum Eigenskapar - Om... - Legg til/fjern Nøkkelfiler til/frå Volum... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Sikkerhetskopier Volum Header... - "Ytingsprøve" - Set Header Nøkkel Derivasjons Algoritme... - Endre Volum Passord... - Set Header Key Derivation Algorithm... - Change Password... - Slett Volum Historie - Close All Security Token Sessions - Kontakt - Create Hidden Operating System... - Create Rescue Disk... - Lag nytt Volum... - Permanently Decrypt... - Standard Nøkkelfiler... - Default Mount Parameters... - Donate now... - Encrypt System Partition/Drive... - Ofte Stilte Spørsmål - Brukarrettleiing - &Heimeside - Snøggtastar... - Nøkkelfil Generator - Språk... - Juridisk Merknad - Manage Security Token Keyfiles... - Auto-Monter Alle Einings-verta Volum - Monter Favoritt Volum - Mount Without Pre-Boot &Authentication... - Monter Volum - Monter Volum med Alternativ - Nyheiter - Online Hjelp - Nybegynnar rettleiing - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Permanently Decrypt System Partition/Drive - Innstillingar... - Oppfrisk Stasjons bokstavar - Fjern Alle Nøkkel filer frå Volum... - Gjennoprett Volum Header... - Resume Interrupted Process - Vel Eining... - Vel Fil... - Resume Interrupted Process - System Encryption... - Properties... - Settings... - System Favorite Volumes... - Nedlastingar - Test Vektorar... - Security Tokens... - Traveler Disk Setup... - Avmonter Alle Monterte Volum - Avmonter Volum - Verify Rescue Disk - Verify Rescue Disk ISO Image - Versjons Historie - Volume Expander - Volum Eigenskapar - Volum Oppretting Vegvisar - VeraCrypt Heimeside - Slett snøgglagra Passord - OK - Hardware Acceleration - Snarveg - AutoKøyr Konfigurasjon (autorun.inf) - Auto-Avmonter - Avmonter alle når: - Boot Loader Screen Options - Bekreft Passord: - Gjeldande - Display this custom message in the pre-boot authentication screen (24 characters maximum): - Standard Monternigs Alternativ - Snøggtast Alternativ - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Fil Innstillingar - Nøkkel å Anngje: - Processor (CPU) in this computer supports hardware acceleration for AES: - Handlingar som skal gjerast ved Windows pålogging - min - Monter volum som stasjons bokstav: - Monterings Innstillingar - Ny - Passord: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - Passord Snøgglager - Security Options - VeraCrypt Bakgrunns Oppgåve - VeraCrypt volume to mount (relative to traveler disk root): - Upon insertion of traveler disk: - Create traveler disk files at (traveler disk root directory): - Volum - Windows - Legg til &katalog... - &Auto-Test Alle - &Continue - &Dekrypter - &Delete - &Krypter - &Export... - Lag og Lagra Nøkkelfil... - La&g tilfeldig Nøkkelfil... - Last ned språkpakke - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - &Bruk nøkkelfiler - &Nøkkelfiler... - Fje&rn - Fjern &Alle - Kva er skjult volum beskytting? - More information on keyfiles - Monter volum som flyttbart &medium - Mount partition &using system encryption without pre-boot authentication - Parallelization: - Ytingstest - &Print - &Vern skjult volum mot skade frå skriving til ytre volum - &Tilakestill - &Vis passord - Add &Token Files... - Use backup header embedded in &volume if available - XTS mode - Om VeraCrypt - VeraCrypt - Krypterings Algoritme Ytingstest - VeraCrypt - Test Vektorar - Kommando Linje Hjelp - VeraCrypt - Nøkkelfiler - VeraCrypt - Nøkkelfil Generator - VeraCrypt - Språk - VeraCrypt - Monterings Alternativer - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Vel ein partisjon eller ei Eining - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Bruk språk pakke - Hastighet er berørt av prosessor last og lagrings eininga sin karakteristikk.\n\n Desse testane vert gjort i minne. - Buffer Storleik: - Kodenøkkel: - P&assord til skjult volum:\n(vist tomt, vert snøggminne nytta) - Skjult Volum verning - Nøkkel storleik: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. - ÅTVARING: Vist du misser ei nøkkel fil eller vist ein bit av dei fyrste 1024 kilobyta i fila vert endra, vill det ikkje vera mogeleg å montera volum som brukar nøkkelfila! - bits - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Omsett av: - Klartekst storleik: - bits - Gjeldande Basseng Innhald - Blandande Krypt Alg: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Secondary key (hexadecimal) - Security token: - Sorterings metode: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Block number: - Kodenøkkel tekst (heksadesimal) - Data unit number (64-bit hexadecimal, data unit size is 512 bytes) - Nøkkel (heksadesimal) - Klartekst (heksadesimal) - Keyfile name: - XTS mode - S&ystem - &Volum - Favor&ites - Verk&tøy - Settin&gs - &Hjelp - ..Heime&side .. - - &Om... - Skrivevernings attributten på ditt gamle volum kunne ikkje endrast. Sjekk om du har tilgang til fila. - Feil: Ingen tilgang.\n\nPartisjonen du prøvar å opna er anten 0 sektorar lang, eller der er ein oppstarts eining. - Administrator - For å kunne lasta VeraCrypt drivaren må du vera logga inn med ein konto som har administrator rettigheiter. - Obs for å kryptera/formatera ein partisjon/ei eining må du vera logga inn med ein konto som har administrator rettigheiter.\n\nDette gjeld ikkje fil-verta volum. - For å oppretta eit skjult volum må du vera logga inn med ein konto som har administrator rettigheiter.\n\nFortsetja? - Obs for å kunna formatera volumet som NTFS må du vera logga inn med ein konto som har administrator rettigheiter.\n\nUtan administrator rettigheiter, kan du berre formatera volumet som FAT. - FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. - Volumet er allereie montert. - ADVARSEL: Minst ein kryptering eller hash algorytme besto ikkje den innebygde automatiske sjølv testen!\n\nVeraCrypt installasjonen kan vera korrupt. - ADVARSEL: Det er ikkje nok data i Tilfeldig Nummer Generator til att ein kan laga den forespurde mengden data.\n\nDu bør ikkje halda fram. Ver vennleg å vel 'Rapporter feil' frå Hjelp menyen, og rapporter denne feilen. - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Ugyldig stasjons bokstav. - Invalid path. - Avbryt - Får ikkje tilgang til eininga. Sjå etter att den valde eininga eksisterar og att den ikkje er i bruk av systemet. - Advarsel: Caps Lock er på. Dette kan føra til att du skriv passordet feil. - Volume Type - It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. - Select this option if you want to create a normal VeraCrypt volume. - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - Ytre Volum krypterings alternativ - Skjult Volum krypterings alternativ - Krypterings Alternativer - ADVARSEL: Kunne ikkje fjerna stien til den sist valde volum/nøkkelfila (hugsa av fil veljar)! - Feil: Kontainaren har vorte komprimert på filsystem nivå. VeraCrypt støttar ikkje komprimerte kontainerar (merk att komprimering av krypterte data er fåfengt og bortkasta).\n\nSlå av komprimering for kontainaren ved å fylja desse stega: 1) Høgre klikk på kontainaren i windows utforskaren (ikkje inne i VeraCrypt). 2) Vel 'Eigenskapar'. 3) Frå 'Eigenskapar' dialog boksen, klikk 'Avansert'. 4) I 'Avanserte Attributter' dialog boksen, deaktiver valet 'Komprimer innhold for å spare plass' og klikk 'OK'. 5) I 'Eigenskapar' dialog boksen, klikk 'OK'. - Kunne ikkje oppretta volum %s - %s er %.2f bytes stor - %s er %.2f KB - %s er %.2f MB - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - ADVARSEL: Einheita/partisjonen er i bruk av opperativsystemet eller eit program. Å formatera einheiten/partisjonen kan føra til att data vert korrupte og systemet vert ustabilt.\n\nHaldfram? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - Feil: Einheita/partisjonen inneheld eit filsystem som ikkje kunne demonterast. Filsystemet kan vera i bruk av opperativ systemet. Å formatera einheta/patisjonen vil nesten garantert føra til korupte data og ustabilt system.\n\nFor å løysa dette problemt , anbefallar me att du fyrst slettar partisjonen for så og oppretta den på nytt utan å formatera den. For å gjera dette, fylja desse stega: 1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear. 2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'. 3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'. 4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5. 5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'. 6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'. 7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again. 8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - ADVARSEL: Nokre av dei monterte einingane/partisjonane var allereie i bruk!\n\nÅ oversjå dette kan føra til utilsikta resultat inkludert ustabilt system.\n\nMe anbefaler på det sterkaste att du lukkar alle program som kan bruka einingane/partisjonane. - Valgt einheit inneheld partisjonar.\n\nÅ formatera einheiten kan føra til ustabilt system og korrupte data. Vel annten vel ein partisjon på einheiten, eller fjern alle partisjonar på einheiten slik att VeraCrypt kan formatera den trygt. - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Stasjon %s har %.2f bytes ledig. - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - Kunne ikkje få tilgjengelege stasjons bokstavar. - Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Feil: Cipher initialisering feila. - Feil: Ein svak nøkkel har vorte oppdaga! Prøv omatt. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt kritisk feil - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Encrypt - &Decrypt - &Permanently Decrypt - Avslutt - Opprett ein logisk stasjon for denne utvida partisjonen, og prøv omatt. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - Vel plassering av VeraCrypt volum innanfor der du ønskjer å oppretta eit skjult volum. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - Feil: Kan ikkje montera volum. Eining/partisjon er allereie i bruk. Forsøk på å montera utan ekslusiv tilgang feila og. - Fila kunne ikkje opnast. - Volum Plassering - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Note: - &Resume - &Defer - &Start - &Continue - &Formater - &Wipe - Avbryt formatering? - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - The system partition/drive has been successfully decrypted. - \n\nVeraCrypt volum har vorte oppretta og er klart til bruk. Vist du vill oppretta fleire VeraCrypt volum, klikk Neste. Vist ikkje, klikk Avslutt. - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCrypt volum har vorte oppretta utan feil. - Volum Oppretta - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. - Click Format to create the outer volume. For more information, please refer to the documentation. - Ytre Volum Formatering - Skjult Volum Formatering - Volum Formatering - Adobe Reader (eller kompatibelt program) er nødvendig for å lesa og/eller skriva ut VeraCrypt Brukarhandboka. Adobe Reader (freeware) kan lastast ned frå: www.adobe.com\n\nVil du sjå online dokumentasjonen istadenfor? - If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. - If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. - Volume Creation Mode - Skjult Volum Oppretta - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - Outer volume has been successfully created and mounted as drive %hc:. To this volume you should now copy some sensitive-looking files that you actually do NOT want to hide. The files will be there for anyone forcing you to disclose your password. You will reveal only the password for this outer volume, not for the hidden one. The files that you really care about will be stored in the hidden volume, which will be created later on. When you finish copying, click Next. Do not dismount the volume.\n\nNote: After you click Next, cluster bitmap of the outer volume will be scanned to determine the size of uninterrupted area of free space whose end is aligned with the end of the volume. This area will accommodate the hidden volume, so it will limit its maximum possible size. Cluster bitmap scanning ensures that no data on the outer volume are overwritten by the hidden volume. - Innhald på Ytre Volum - \n\nI dei neste stega vel du alternativa for det ytre volumet (som du seinare opprettar det skjulte volumet i). - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - Ytre Volum - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nVolum sektorgruppe punktkartet har vorte skanna og den maksimale mogelege storleiken på det skjulte volumet har vorte fastsett. I det neste steget vill du setja alternativa, storleiken og passord for det skjulte volumet. - Skjult Volum - The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - Your computer must be restarted.\n\nDo you want to restart it now? - An error occurred when obtaining the system encryption status. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Cannot initialize application components for system encryption. - Failed to initialize the random number generator!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Kunne ikkje initialisera programmet. Klarte ikkje å registrera Dialog klassen. - Error: Failed to load the Rich Edit system library. - VeraCrypt Volum Opprettings Vegvisar - Størst mogleg skjult volum storleik for dette volumet er %.2f bytes. - Størst mogleg skjult volum storleik for dette volumet er %.2f KB. - Størst mogleg skjult volum storleik for dette volumet er %.2f MB. - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - Volum passord/nøkkelfiler kan ikkje endrast så lenge volumet er montert. Demonter volumet fyrst. - Hovud nøkkel derivasjons algoritme kan ikkje endrast så lenge volumet er montert. demonter volumet fyrst. - &Monter - Ein nyare versjon av VeraCrypt er nødvendig for å montera dette volumet. - Feil: Volum Opprettings Vegvisar vart ikkje funnen.\n\nSjekk att fila 'VeraCrypt Format.exe' er i same mappe som 'VeraCrypt.exe' vart starta i. Viss den ikkje er der, må du ominstallera VeraCrypt eller finna 'VeraCrypt Format.exe' på hardisken din - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Neste > - &Avslutting - &Install - E&xtract - Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. - Feil ved lasting/klargjering av skrifttypar. - The drive letter was not found or no drive letter was specified. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Stasjons bokstav ikkje tiljengeleg. - Ingen filer Valt! - Ingen stasjons bokstavar tilgjengeleg. - Ingen ledige stasjons bokstavar for det ytre volumet! Volum skaping kan ikkje halda fram. - Kunne ikkje fastsetja kva operativsystem du brukar eller så brukar du eit operativsystem som ikkje er støtta. - Ingen sti valt! - Ikkje nok ledig plass til å oppretta det skjulte volumet Volum skaping kan ikkje halda fram. - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - Drivaren klarte ikkje å demontera volumet. Nokre filer som ligg på volumet kan framleis vera opne. - Kunne ikkje lukka volumet. Det er framleis opne filer på volumet. Derfor kan ikkje volumet demonterast. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - Vel eit VeraCrypt Volum - Spesifiser Sti og Fil namn - Select PKCS #11 Library - Ikkje meir minne - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? - CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - Passord - PIM - Set Header Nøkkel Derivasjon Algorytme - Legg til/Fjern Nøkkelfiler til/frå Volum - Fjern alle Nøkkelfiler frå Volum - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Nøkkelfil(er) lagt til/fjerna. - Keyfile exported. - Hovud nøkkel derivasjons algorytme vellykka sett. - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption/decryption.\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption/decryption has been interrupted and where the VeraCrypt volume header can be deciphered using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains each accessible non-system volume where the process of encryption/decryption has been interrupted and where the volume header was successfully deciphered using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. - Vel eit passord for det skjulte volumet. - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - Skriv inn passordet for volumet som du ønskjer å oppretta eit skjult volum i.\n\nNår du klikkar Neste kjem VeraCrypt til å montera volumet. Når volumet er montert vil sektorgruppe punktkartet av det ytre volumet bli undersøkt for å finna storleiken på det uavbrotne område med ledig plass (vist det er nokon) som sluttar mot slutten av volumet. Dette området vill verta tilpassa det skjulte volumet og derfor vill det begrensa dets maksimale mogelege storleik. Sektorgruppe kart skanning er nødvendig for å sikra att ingen data i det ytre volumet vert overskrive av det skjulte volumet - \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - Ytre Volum Passord - Skjult Volum Passord - Password for Hidden Operating System - ADVARSEL: Korte passord er enkle å knekka ved bruk av 'brute force' teknikkar!\n\nMe anbefaler å velja eit passord som består av minst 20 teikn.\n\nEr du sikker på att du vil bruka eit kort passord? - Volum Passord - Operation failed due to one or more of the following:\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. - Operation failed due to one or more of the following:\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. - Operation failed due to one or more of the following:\n - Wrong mount mode.\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. - Operation failed due to one or more of the following:\n - Wrong mount mode.\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. - Auto-mount failed due to one or more of the following:\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found. - Auto-mount failed due to one or more of the following:\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found. - \n\nAdvarsel: Caps Lock er på. Dette kan føra til att du skriv inn passordet feil. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where the process of encryption/decryption of a non-system volume has been interrupted and where the volume header can be deciphered using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Back - Kunne ikkje lista raw einingar installert på systemet ditt! - Volumet '%s' eksisterer, og er skrive verna. Er du sikker på att du vill erstatta det? - Vel destinasjons katalog - Vel Nøkkelfil - Vel ei nøkkelfil søke sti. ADVARSEL: merk att det er berre stien som vert hugsa, ikkje filnamna! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Ytre Volum storleik - Skjult Volum storleik - Please verify that the size of the selected device/partition shown above is correct and click Next. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Volum storleik - Dynamisk - ADVARSEL: SJØLVTEST-FEILA! - Sjølvtest av alle algoritmar godkjent - The data unit number that you supplied is too long or short. - The secondary key that you supplied is too long or short. - Test cipherteksten som du har valt er for kort eller lang. - Test nøkkelen som du har valt er for lang eller kort. - Test klarteksten du har valt er for lang eller kort. - Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt Traveler Disk - Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. - Meir info på %s - Ukjent - An unspecified or unknown error occurred (%d). - Eit eller anna volum inneheld filer som er i bruk av eit program eller system.\n\nTving demontering? - &Demonter - Demontering feila! - Volum inneheld filer eller mapper som er i bruk av eit program eller system.\n\nTving demontering? - No volume is mounted to the specified drive letter. - Volumet som du prøver å montera er allereie montert. - Ein feil oppstod ved forsøk på montering av volumet. - Feil ved søkings lokasjon innanfor volum. - Feil: Feil volum storleik. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt kan ikkje endra passordet for eit framand volum. - Ver gild å vel ein ledig stasjons bokstav frå lista. - Ver gild å vel eit montert volum i stasjons bokstav lista. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Feil: Kunne ikkje oppretta autorun.inf - Feil ved prosesering av nøkkelfil! - Feil ved proseserig av nøkkelfil sti! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt støttar ikkje dette operativ systemet. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Feil: Kunne allokere minne. - Feil: Kunne ikkje gjenoppretta verdiane av ytelse teljar. - Error: Bad volume format. - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - Legal Notices - Alle Filer - VeraCrypt Volum - Library Modules - NTFS formatering kan ikkje halde fram. - Kan ikkje montera volum. - Kan ikkje demontera volum. - Windows failed to format the volume as NTFS.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). - Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? - Standard - partisjon - PARTISJON - Einheit - device - EINHEIT - Volum - volume - VOLUME - Label - Valte cluster storleik er for liten for denne volum storleiken. Ein større cluster størrelse vill verta brukat i staden. - Feil: Kan ikkje skaffa volum Storleik!\n\nForviss deg om att valt volum ikkje er i bruk av systemet eller eit program. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. - Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. - Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). - Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption/decryption of the partition/volume.\n\nPlease try fixing any previously reported problems and then try resuming the process again if possible. Note that the volume cannot be mounted until it has been fully encrypted or fully decrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. - Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. - Feil: Kan ikkje opna det ytre volumet! Volum oppretting kan ikkje halde fram. - Feil: Kan ikkje montera det ytre volumet! Volum oppretting kan ikkje halde fram. - Feil: Kan ikkje skaffa volum cluster bitmap! Volum oppretting kan ikkje halde fram. - Alfabetisk/Kategorisert - Gjennomsnits fart (Synkande) - Algoritme - Kryptering - Dekryptering - Hovud - Stasjonar - Storleik - Krypt Algoritme - Krypterings Algoritme - Type - Verdi - Eigneskapar - Lokalitet - byte - Skjult - Ytre - Normal - System - Hidden (system) - Skriveverna - System drive - System drive (encrypting - %.2f%% done) - System drive (decrypting - %.2f%% done) - System drive (%.2f%% encrypted) - System partition - Hidden system partition - System partition (encrypting - %.2f%% done) - System partition (decrypting - %.2f%% done) - System partition (%.2f%% encrypted) - Ja (skade ungått!) - Ingen - Primary Key Size - Secondary Key Size (XTS Mode) - Tweak Key Size (LRW Mode) - bits - Blokk Størrelse - PKCS-5 PRF - PKCS-5 gjenntakings tal - Volum Oppretta - Header Sist Endra - (%I64d dagar sidan) - Volume Format Version - Embedded Backup Header - VeraCrypt Boot Loader Version - Fyrst tilgjengeleg - Removable Disk - Harddisk - Uendra - Autodetection - Wizard Mode - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Setup Options - Here you can set various options to control the installation process. - Installing - Please wait while VeraCrypt is being installed. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Extraction Options - Here you can set various options to control the extraction process. - Please wait while files are being extracted. - Files successfully extracted - All files have been successfully extracted to the destination location. - If the specified folder does not exist, it will be automatically created. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Vill du sjå release notes for gjeldande (sise stabile) versjon av VeraCrypt? - Vist du ikkje har brukt VeraCrypt før, annbefallar me att du les Beginner's Tutorial i VeraCrypt brukarretliing. Vill du visa tutorialen? - Please select an action to perform from the following: - Repair/Reinstall - Upgrade - Uninstall - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - Installation failed. - Uninstallation failed. - This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). - Cannot write file %s - Extracting - Cannot read data from the package. - Cannot verify the integrity of this distribution package. - Extraction failed. - Installasjonen har vorte rulla tilbake. - VeraCrypt vart installert utan feil. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt har vorte avinstallert utan feil.\n\nKlikk 'Avslutt' for å fjerna VeraCrypt installer og mappa %s. Mappa vill ikkje verta fjerna vist den inneheld filer som ikkje vart innstallert av VeraCrypt installer eller av VeraCrypt. - Fjerner VeraCrypt register oppføringar - Legg til register oppføring - Fjernar program spesifikke data - Installerer - Stoppar - Fjernar - Legg til ikon - Lag system gjennopprettings punkt - Kunne ikkje laga system gjennopprettings punkt! - Updating boot loader - Failed to install '%s'. %s\nDo you want to continue installing? - Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? - Installasjonen er fullført. - Mappe '%s' kunne ikkje opprettast - The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. - Alle VeraCrypt volum må demonterast før du installerar eller avinstallerar VeraCrypt. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - Installasjonen av register oppføringane har feila - The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. - Startar VeraCrypt einings drivarane - Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). - Installerer VeraCrypt einings drivarane - Stoppar VeraCrypt einings drivarane - Avinstallerar VeraCrypt einings drivarane - Registrering av brukerkontroll (UAC) støtte bibliotek feila. - Avregistrering av brukerkontroll (UAC) støtte bibliotek feila. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - Error: Cannot display license. - Ytre(!) - dagar - timar - minuttar - s - Opne - Demonter - Vis VeraCrypt - Skjul VeraCrypt - Data Lest sidan Montering - Data Skreve sidan Montering - Encrypted Portion - 100% (fully encrypted) - 0% (not encrypted) - %.3f%% - 100% - Waiting - Preparing - Resizing - Encrypting - Decrypting - Finalizing - Paused - Finished - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Skriv inn passord for %s - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - Nøkkelfil har vorte laga. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). - The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. - The VeraCrypt Rescue Disk has been successfully verified. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Error creating VeraCrypt Rescue Disk. - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Ver venleg å demonter volum før du held fram. - Error: Cannot set timer. - Sjekk Filsystem - Reparer Filsystem - Add to Favorites... - Add to System Favorites... - P&roperties... - Vern Skjult Volum - N/A - Ja - Nei - Disabled - 1 - 2 or more - Modus for Operasjon - Label: - Size: - Path: - Drive Letter: - Feil: Passord kan berre innehalde ASCII teikn.\n\nikkje-ASCII teikn i passord kan føra til att det ikkje vert mogeleg å montera volumet når system konfigen din endrar seg.\n\nFølgjande teken er lov:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Advarsel: Passord inneheld ikkje-ASCII teikn. Dette kan føra til att det ikkje vert mogeleg å montera volumet når system konfigen din endrar seg.\n\nDu bør byta ut alle ikkje-ASCII teken i passordet med ASCII teken. For å gjera det, trykk på 'Volum' -> 'Endre Volum passord'.\n\nFølgjande er ASCII teikn:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Heimeside - ADVARSEL: Det ser ut til att du ikkje har installert nokon service pakke til din Windows installasjon. Du skal ikkje skriva til IDE diskar større enn 128 GB under Windows XP som ikkje har SP 1 eller høgare! Vist du gjere det kan data som er på disken (uansett om det er eit VeraCrypt Volum eller ikkje) verta korrupte. Dette er ein begrensing i Windows, ikkje ein feil i VeraCrypt. - ADVARSEL: Det ser ut til att du ikkje har installert service pack 2 eller seinare til din Windows installasjon. Du skal ikkje skriva til IDE diskar større enn 128 GB under Windows 2000 som ikkje har installert SP 3 eller høgare! Vist du gjere det kan data som er på disken (uansett om det er eit VeraCrypt Volum eller ikkje) verta korrupte. Dette er ein begrensing i Windows, ikkje ein feil i VeraCrypt.\n\nMerk: Det kan og hende du må aktivere støtta for 48-bit LBA i Windows registeret; for meir info, sjå http://support.microsoft.com/kb/305098/EN-US - WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - WARNING: If you want to be able to add more data/files to the outer volume in future, you should consider choosing a smaller size for the hidden volume.\n\nAre you sure you want to continue with the size you specified? - Ingen volum valgt.\n\nKlikk 'Vel Einheit' eller 'Vel Fil' for å velgja eit VeraCrypt volum. - No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. - WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? - Auto monter einheiter - Demonter alle - Slett snøgglager - Dismount All & Wipe Cache - Tving demontering av alle & Visk ut snøgglager - Tving demontering av alle, Visk ut snøgglager & Avslutt - Monter Favoritt Volum - Vis/skjul Hovud VeraCrypt vindauga - (Klikk her og trykk ein tast) - Sett i gang - Snarveg - Feil: Denne snarvegen er reservert. Vel ein annan snarveg. - Feil: Snarvegen er allereie i bruk. - Advarsel: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - Advarsel: Vist denne mogelegheita vert aktivert, vill ikkje volum som inneheld opne filer/mapper vera mogeleg å auto-demontera.\n\nEr du sikker på att du vill deaktivera denne mogelegheita? - WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption/decryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption/decryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption/decryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Exit? - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption/decryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted or decrypted. You will be able to resume the process of encryption/decryption and it will continue from the point where it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. - Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. - Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. - Error: Failed to interrupt the process of wiping. - Error: Failed to resume the process of encryption/decryption of the system partition/drive. - Error: Failed to start the process of wiping. - Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - ADVARSEL: VeraCrypt Bakgrunns oppgåve er deaktivert. Etter att du avsluttar VeraCrypt, vil du ikkje lenger få melding om skade på skjult volum er ungått.\n\nMerk: Du kan og slå av bakgrunns oppgåva kor tid som helst ved å høgre klikka på VeraCrypt systemstatus felt ikonet og vel 'Avslutt'.\n\n\nAktivera VeraCrypt bakgrunns oppgåve? - Språk pakke versjon: %s - Sjekkar filsystemet på VeraCrypt volumet montert som %s... - Forsøk på å reparere filsystemet på VeraCrypt volumet montert som har %s... - Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. - Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E - Tildel ein stasjons bokstav til pertisjonen/einheiten før du held fram ('Kontrollpanel' > 'System og Vedlikehold' > 'Administrative Vertøy' - 'Lag og formater harddiskpartisjoner').\n\nMerk att dette er eit krav frå opperativ systemet. - Mounter VeraCrypt volum - Demonter alle VeraCrypt volum - VeraCrypt kunne ikkje skaffa Administrator rettigheiter. - Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. - The feature is not supported on the version of the operating system you are currently using. - VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. - CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). - Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - Your system partition/drive appears to be fully encrypted. - VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). - As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - This algorithm is currently not supported for system encryption. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. - Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. - As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. - VeraCrypt prevented change of keyboard layout. - Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - Error: Cannot save system encryption settings. - Cannot initiate the system encryption pretest. - Cannot initiate the process of creation of the hidden operating system. - Wipe Mode - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - None (fastest) - 1-pass (random data) - 3-pass (US DoD 5220.22-M) - 7-pass (US DoD 5220.22-M) - 35-pass ("Gutmann") - 256-pass - Number of Operating Systems - WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Boot Drive - Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. - VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. - Number of System Drives - How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. - VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. - Multiple Systems on Single Drive - Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. - Non-Windows Boot Loader - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - Multi-Boot - VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - Detecting Hidden Sectors - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - Area to Encrypt - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Collecting Random Data - Keys Generated - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Rescue Disk Recording - Rescue Disk Created - System Encryption Pretest - Rescue Disk Verified - \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? - Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Pretest Completed - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - Do you want to cancel the system encryption pretest? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - The system partition/drive does not appear to be encrypted (neither partially nor fully). - Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. - An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. - Error: The process of encryption of the partition/drive has not been completed. It must be completed first. - Error: The process of encryption or decryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - Error: Incorrect/invalid parameter. - You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? - Do you want to create a VeraCrypt file container instead? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Are you sure you want to permanently decrypt the system partition/drive? - CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Failed to upgrade the VeraCrypt Boot Loader. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. - Skip detection of hidden sectors (use the size reported by the operating system) - Try to detect hidden sectors again - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Rescue Disk - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Test - Nøkkelfil - Backspace - Tab - Clear - Enter - Pause - Caps Lock - mellomrom - Page Up - Page Down - End - Home - Venstre Piltast - Opp Piltast - Høgre Piltast - Ned Piltast - Vel Nøkkel - Utskrift tast - Utførings tast - Print Screen - Insert - Delete - Program Tastar - Sov - Num Lock - Scroll Lock - Utforskar Tilbake - Utforskar Fram - Utforskar Oppfrisking - Utforskar Stop - Utforskar Søk - Utforskar Favorittar - Utforskar Heim - Stille - Volum Ned - Volum Opp - Neste Spor - Forrige Spor - Stopp Media - Spel/Pause Media - Start E-post Tast - Vel Media Tast - Program 1 - Program 2 - Attn - CrSel - ExSel - Spel - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Avbryt + Install &for all users + Bro&wse... + Legg til VeraCrypt ikon til skrivebordet + Donate now... + Associate the .hc file &extension with VeraCrypt + &Open the destination location when finished + Legg VeraCrypt til Start menyen + Lag System Gjennopprettings Punkt + &Avinstaller + &Extract + &Install + VeraCrypt Setup Wizard + Avinstaller VeraCrypt + &Hjelp + Please select or type the location where you want to place the extracted files: + Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. + Click Uninstall to remove VeraCrypt from this system. + Avbryt + &Benchmark + &Test + Create encrypted volume and format it + Encrypt partition in place + Display generated keys (their portions) + Skjerm basseng innhald + Download CD/DVD recording software + Create an encrypted file container + &GB + &TB + More information + Hi&dden VeraCrypt volume + More information about hidden volumes + Direct mode + Normal mode + &KB + U&Bruk nøkkelfiler + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + Nø&kkelfiler.. + Informasjon om hash algoritmar + Meir informasjon + Information on PIM + &MB + More information + More information about system encryption + More information + Multi-Boot + Encrypt a non-system partition/drive + &Aldri lagra historie + Opne Ytre Volum + &Pause + Use P&IM + Use PIM + Rask Formatering + &Vis passord + &Display password + &Display PIM + Single-boot + Standard VeraCrypt volume + Hi&dden + Normal + Encrypt the system partition or entire system drive + Encrypt the Windows system partition + Encrypt the whole drive + VeraCrypt Volume Creation Wizard + Sektorgruppe + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. + &Bekreft: + Ferdig + Drive letter: + Krypterings Algoritme + Filsystem + Creates a virtual encrypted disk within a file. Recommended for inexperienced users. + Alternativ + Hash Algoritme + Over Nøkkel: + Venstre + Hovud Nøkkel: + Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + Current pool content (partial) + Pass + Passord: + Volume PIM: + Volume PIM: + Progress: + Tilfeldig Gruppe: + Select this option if there is only one operating system installed on this computer (even if it has multiple users). + Hastigheit + Status + The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. + Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Wipe mode: + Avslutt + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + Ikkje gjer noko + &Automatisk monter VeraCrypt volum (spesifiser under) + &Start VeraCrypt + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + Bla gjennom... + Bla gjennom... + Hurtiglagra passord og &nøkkelfiler i minne + Avslutt når det ikkje er monterte volum + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + Inkluder VeraCrypt Volum Opprettings Vegvisar + Opprett + &Opprett Volum + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Bruk nøkkelfiler + Bruk nøkkelfiler + Avs&lutt + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + alt + Ctrl + Skift + Windows + Anngje + Fjern + Nøkkelfiler... + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + &Auto monter einheiter + &Alternativ... + Monter volum &som skriveverna + Nøkkelfiler... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Aktivert + Snøgglagra passord i drivar minne + Auto avmonter volum vist det ikkje er skrive/lese data til det på + Brukar loggar av + User session locked + Går inn i straum sparings modus + Skjerm sparar er starta + Tving auto avmontering sjølv om voluma inneheld opne filer og mapper + Monter alle einings-verta VeraCrypt volum + Start VeraCrypt Background Task + Monter volum som skriveverna + Monter volum som fjernbart medium + Opne Utforskar vindauga for vellykka monterte volum + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Slett snøgglagra passord ved automatisk avmontering + Slett snøgglagra passord ved avslutning + Preserve modification timestamp of file containers + Tilbakestill + Vel &Eining... + Vel &Fil... + Select &Library... + Vis passord + Vis passord + Opne &Utforskar vindauga for montert volum + &snøgglagra passord i drivar minne + TrueCrypt Mode + &Avmonter Alle + &Volum Eigenskapar... + Volum Verk&tøy... + &Slett Snøgglager + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - System snøgg tastar + VeraCrypt + Change Password or Keyfiles + Skriv inn VeraCrypt Volum Passord + VeraCrypt - Performance and Driver Options + VeraCrypt - Innstillingar + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + VeraCrypt Traveler Disk Setup + VeraCrypt Volum Eigenskapar + Om... + Legg til/fjern Nøkkelfiler til/frå Volum... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Sikkerhetskopier Volum Header... + "Ytingsprøve" + Set Header Nøkkel Derivasjons Algoritme... + Endre Volum Passord... + Set Header Key Derivation Algorithm... + Change Password... + Slett Volum Historie + Close All Security Token Sessions + Kontakt + Create Hidden Operating System... + Create Rescue Disk... + Lag nytt Volum... + Permanently Decrypt... + Standard Nøkkelfiler... + Default Mount Parameters... + Donate now... + Encrypt System Partition/Drive... + Ofte Stilte Spørsmål + Brukarrettleiing + &Heimeside + Snøggtastar... + Nøkkelfil Generator + Språk... + Juridisk Merknad + Manage Security Token Keyfiles... + Auto-Monter Alle Einings-verta Volum + Monter Favoritt Volum + Mount Without Pre-Boot &Authentication... + Monter Volum + Monter Volum med Alternativ + Nyheiter + Online Hjelp + Nybegynnar rettleiing + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Permanently Decrypt System Partition/Drive + Innstillingar... + Oppfrisk Stasjons bokstavar + Fjern Alle Nøkkel filer frå Volum... + Gjennoprett Volum Header... + Resume Interrupted Process + Vel Eining... + Vel Fil... + Resume Interrupted Process + System Encryption... + Properties... + Settings... + System Favorite Volumes... + Nedlastingar + Test Vektorar... + Security Tokens... + Traveler Disk Setup... + Avmonter Alle Monterte Volum + Avmonter Volum + Verify Rescue Disk + Verify Rescue Disk ISO Image + Versjons Historie + Volume Expander + Volum Eigenskapar + Volum Oppretting Vegvisar + VeraCrypt Heimeside + Slett snøgglagra Passord + OK + Hardware Acceleration + Snarveg + AutoKøyr Konfigurasjon (autorun.inf) + Auto-Avmonter + Avmonter alle når: + Boot Loader Screen Options + Bekreft Passord: + Gjeldande + Display this custom message in the pre-boot authentication screen (24 characters maximum): + Standard Monternigs Alternativ + Snøggtast Alternativ + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Fil Innstillingar + Nøkkel å Anngje: + Processor (CPU) in this computer supports hardware acceleration for AES: + Handlingar som skal gjerast ved Windows pålogging + min + Monter volum som stasjons bokstav: + Monterings Innstillingar + Ny + Passord: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + Passord Snøgglager + Security Options + VeraCrypt Bakgrunns Oppgåve + VeraCrypt volume to mount (relative to traveler disk root): + Upon insertion of traveler disk: + Create traveler disk files at (traveler disk root directory): + Volum + Windows + Legg til &katalog... + &Auto-Test Alle + &Continue + &Dekrypter + &Delete + &Krypter + &Export... + Lag og Lagra Nøkkelfil... + La&g tilfeldig Nøkkelfil... + Last ned språkpakke + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + &Bruk nøkkelfiler + &Nøkkelfiler... + Fje&rn + Fjern &Alle + Kva er skjult volum beskytting? + More information on keyfiles + Monter volum som flyttbart &medium + Mount partition &using system encryption without pre-boot authentication + Parallelization: + Ytingstest + &Print + &Vern skjult volum mot skade frå skriving til ytre volum + &Tilakestill + &Vis passord + Add &Token Files... + Use backup header embedded in &volume if available + XTS mode + Om VeraCrypt + VeraCrypt - Krypterings Algoritme Ytingstest + VeraCrypt - Test Vektorar + Kommando Linje Hjelp + VeraCrypt - Nøkkelfiler + VeraCrypt - Nøkkelfil Generator + VeraCrypt - Språk + VeraCrypt - Monterings Alternativer + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Vel ein partisjon eller ei Eining + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Bruk språk pakke + Hastighet er berørt av prosessor last og lagrings eininga sin karakteristikk.\n\n Desse testane vert gjort i minne. + Buffer Storleik: + Kodenøkkel: + P&assord til skjult volum:\n(vist tomt, vert snøggminne nytta) + Skjult Volum verning + Nøkkel storleik: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. + ÅTVARING: Vist du misser ei nøkkel fil eller vist ein bit av dei fyrste 1024 kilobyta i fila vert endra, vill det ikkje vera mogeleg å montera volum som brukar nøkkelfila! + bits + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Omsett av: + Klartekst storleik: + bits + Gjeldande Basseng Innhald + Blandande Krypt Alg: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Secondary key (hexadecimal) + Security token: + Sorterings metode: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Block number: + Kodenøkkel tekst (heksadesimal) + Data unit number (64-bit hexadecimal, data unit size is 512 bytes) + Nøkkel (heksadesimal) + Klartekst (heksadesimal) + Keyfile name: + XTS mode + S&ystem + &Volum + Favor&ites + Verk&tøy + Settin&gs + &Hjelp + ..Heime&side .. + + &Om... + Skrivevernings attributten på ditt gamle volum kunne ikkje endrast. Sjekk om du har tilgang til fila. + Feil: Ingen tilgang.\n\nPartisjonen du prøvar å opna er anten 0 sektorar lang, eller der er ein oppstarts eining. + Administrator + For å kunne lasta VeraCrypt drivaren må du vera logga inn med ein konto som har administrator rettigheiter. + Obs for å kryptera/formatera ein partisjon/ei eining må du vera logga inn med ein konto som har administrator rettigheiter.\n\nDette gjeld ikkje fil-verta volum. + For å oppretta eit skjult volum må du vera logga inn med ein konto som har administrator rettigheiter.\n\nFortsetja? + Obs for å kunna formatera volumet som NTFS må du vera logga inn med ein konto som har administrator rettigheiter.\n\nUtan administrator rettigheiter, kan du berre formatera volumet som FAT. + FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. + Volumet er allereie montert. + ADVARSEL: Minst ein kryptering eller hash algorytme besto ikkje den innebygde automatiske sjølv testen!\n\nVeraCrypt installasjonen kan vera korrupt. + ADVARSEL: Det er ikkje nok data i Tilfeldig Nummer Generator til att ein kan laga den forespurde mengden data.\n\nDu bør ikkje halda fram. Ver vennleg å vel 'Rapporter feil' frå Hjelp menyen, og rapporter denne feilen. + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Ugyldig stasjons bokstav. + Invalid path. + Avbryt + Får ikkje tilgang til eininga. Sjå etter att den valde eininga eksisterar og att den ikkje er i bruk av systemet. + Advarsel: Caps Lock er på. Dette kan føra til att du skriv passordet feil. + Volume Type + It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. + Select this option if you want to create a normal VeraCrypt volume. + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + Ytre Volum krypterings alternativ + Skjult Volum krypterings alternativ + Krypterings Alternativer + ADVARSEL: Kunne ikkje fjerna stien til den sist valde volum/nøkkelfila (hugsa av fil veljar)! + Feil: Kontainaren har vorte komprimert på filsystem nivå. VeraCrypt støttar ikkje komprimerte kontainerar (merk att komprimering av krypterte data er fåfengt og bortkasta).\n\nSlå av komprimering for kontainaren ved å fylja desse stega: 1) Høgre klikk på kontainaren i windows utforskaren (ikkje inne i VeraCrypt). 2) Vel 'Eigenskapar'. 3) Frå 'Eigenskapar' dialog boksen, klikk 'Avansert'. 4) I 'Avanserte Attributter' dialog boksen, deaktiver valet 'Komprimer innhold for å spare plass' og klikk 'OK'. 5) I 'Eigenskapar' dialog boksen, klikk 'OK'. + Kunne ikkje oppretta volum %s + %s er %.2f bytes stor + %s er %.2f KB + %s er %.2f MB + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + ADVARSEL: Einheita/partisjonen er i bruk av opperativsystemet eller eit program. Å formatera einheiten/partisjonen kan føra til att data vert korrupte og systemet vert ustabilt.\n\nHaldfram? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + Feil: Einheita/partisjonen inneheld eit filsystem som ikkje kunne demonterast. Filsystemet kan vera i bruk av opperativ systemet. Å formatera einheta/patisjonen vil nesten garantert føra til korupte data og ustabilt system.\n\nFor å løysa dette problemt , anbefallar me att du fyrst slettar partisjonen for så og oppretta den på nytt utan å formatera den. For å gjera dette, fylja desse stega: 1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear. 2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'. 3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'. 4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5. 5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'. 6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'. 7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again. 8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + ADVARSEL: Nokre av dei monterte einingane/partisjonane var allereie i bruk!\n\nÅ oversjå dette kan føra til utilsikta resultat inkludert ustabilt system.\n\nMe anbefaler på det sterkaste att du lukkar alle program som kan bruka einingane/partisjonane. + Valgt einheit inneheld partisjonar.\n\nÅ formatera einheiten kan føra til ustabilt system og korrupte data. Vel annten vel ein partisjon på einheiten, eller fjern alle partisjonar på einheiten slik att VeraCrypt kan formatera den trygt. + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Stasjon %s har %.2f bytes ledig. + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + Kunne ikkje få tilgjengelege stasjons bokstavar. + Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Feil: Cipher initialisering feila. + Feil: Ein svak nøkkel har vorte oppdaga! Prøv omatt. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt kritisk feil + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Encrypt + &Decrypt + &Permanently Decrypt + Avslutt + Opprett ein logisk stasjon for denne utvida partisjonen, og prøv omatt. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + Vel plassering av VeraCrypt volum innanfor der du ønskjer å oppretta eit skjult volum. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + Feil: Kan ikkje montera volum. Eining/partisjon er allereie i bruk. Forsøk på å montera utan ekslusiv tilgang feila og. + Fila kunne ikkje opnast. + Volum Plassering + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Note: + &Resume + &Defer + &Start + &Continue + &Formater + &Wipe + Avbryt formatering? + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + The system partition/drive has been successfully decrypted. + \n\nVeraCrypt volum har vorte oppretta og er klart til bruk. Vist du vill oppretta fleire VeraCrypt volum, klikk Neste. Vist ikkje, klikk Avslutt. + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCrypt volum har vorte oppretta utan feil. + Volum Oppretta + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. + Click Format to create the outer volume. For more information, please refer to the documentation. + Ytre Volum Formatering + Skjult Volum Formatering + Volum Formatering + Adobe Reader (eller kompatibelt program) er nødvendig for å lesa og/eller skriva ut VeraCrypt Brukarhandboka. Adobe Reader (freeware) kan lastast ned frå: www.adobe.com\n\nVil du sjå online dokumentasjonen istadenfor? + If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. + If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. + Volume Creation Mode + Skjult Volum Oppretta + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + Outer volume has been successfully created and mounted as drive %hc:. To this volume you should now copy some sensitive-looking files that you actually do NOT want to hide. The files will be there for anyone forcing you to disclose your password. You will reveal only the password for this outer volume, not for the hidden one. The files that you really care about will be stored in the hidden volume, which will be created later on. When you finish copying, click Next. Do not dismount the volume.\n\nNote: After you click Next, cluster bitmap of the outer volume will be scanned to determine the size of uninterrupted area of free space whose end is aligned with the end of the volume. This area will accommodate the hidden volume, so it will limit its maximum possible size. Cluster bitmap scanning ensures that no data on the outer volume are overwritten by the hidden volume. + Innhald på Ytre Volum + \n\nI dei neste stega vel du alternativa for det ytre volumet (som du seinare opprettar det skjulte volumet i). + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + Ytre Volum + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nVolum sektorgruppe punktkartet har vorte skanna og den maksimale mogelege storleiken på det skjulte volumet har vorte fastsett. I det neste steget vill du setja alternativa, storleiken og passord for det skjulte volumet. + Skjult Volum + The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + Your computer must be restarted.\n\nDo you want to restart it now? + An error occurred when obtaining the system encryption status. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Cannot initialize application components for system encryption. + Failed to initialize the random number generator!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Kunne ikkje initialisera programmet. Klarte ikkje å registrera Dialog klassen. + Error: Failed to load the Rich Edit system library. + VeraCrypt Volum Opprettings Vegvisar + Størst mogleg skjult volum storleik for dette volumet er %.2f bytes. + Størst mogleg skjult volum storleik for dette volumet er %.2f KB. + Størst mogleg skjult volum storleik for dette volumet er %.2f MB. + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + Volum passord/nøkkelfiler kan ikkje endrast så lenge volumet er montert. Demonter volumet fyrst. + Hovud nøkkel derivasjons algoritme kan ikkje endrast så lenge volumet er montert. demonter volumet fyrst. + &Monter + Ein nyare versjon av VeraCrypt er nødvendig for å montera dette volumet. + Feil: Volum Opprettings Vegvisar vart ikkje funnen.\n\nSjekk att fila 'VeraCrypt Format.exe' er i same mappe som 'VeraCrypt.exe' vart starta i. Viss den ikkje er der, må du ominstallera VeraCrypt eller finna 'VeraCrypt Format.exe' på hardisken din + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Neste > + &Avslutting + &Install + E&xtract + Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. + Feil ved lasting/klargjering av skrifttypar. + The drive letter was not found or no drive letter was specified. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Stasjons bokstav ikkje tiljengeleg. + Ingen filer Valt! + Ingen stasjons bokstavar tilgjengeleg. + Ingen ledige stasjons bokstavar for det ytre volumet! Volum skaping kan ikkje halda fram. + Kunne ikkje fastsetja kva operativsystem du brukar eller så brukar du eit operativsystem som ikkje er støtta. + Ingen sti valt! + Ikkje nok ledig plass til å oppretta det skjulte volumet Volum skaping kan ikkje halda fram. + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + Drivaren klarte ikkje å demontera volumet. Nokre filer som ligg på volumet kan framleis vera opne. + Kunne ikkje lukka volumet. Det er framleis opne filer på volumet. Derfor kan ikkje volumet demonterast. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + Vel eit VeraCrypt Volum + Spesifiser Sti og Fil namn + Select PKCS #11 Library + Ikkje meir minne + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? + CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + Passord + PIM + Set Header Nøkkel Derivasjon Algorytme + Legg til/Fjern Nøkkelfiler til/frå Volum + Fjern alle Nøkkelfiler frå Volum + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Nøkkelfil(er) lagt til/fjerna. + Keyfile exported. + Hovud nøkkel derivasjons algorytme vellykka sett. + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption/decryption.\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption/decryption has been interrupted and where the VeraCrypt volume header can be deciphered using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains each accessible non-system volume where the process of encryption/decryption has been interrupted and where the volume header was successfully deciphered using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. + Vel eit passord for det skjulte volumet. + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + Skriv inn passordet for volumet som du ønskjer å oppretta eit skjult volum i.\n\nNår du klikkar Neste kjem VeraCrypt til å montera volumet. Når volumet er montert vil sektorgruppe punktkartet av det ytre volumet bli undersøkt for å finna storleiken på det uavbrotne område med ledig plass (vist det er nokon) som sluttar mot slutten av volumet. Dette området vill verta tilpassa det skjulte volumet og derfor vill det begrensa dets maksimale mogelege storleik. Sektorgruppe kart skanning er nødvendig for å sikra att ingen data i det ytre volumet vert overskrive av det skjulte volumet + \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + Ytre Volum Passord + Skjult Volum Passord + Password for Hidden Operating System + ADVARSEL: Korte passord er enkle å knekka ved bruk av 'brute force' teknikkar!\n\nMe anbefaler å velja eit passord som består av minst 20 teikn.\n\nEr du sikker på att du vil bruka eit kort passord? + Volum Passord + Operation failed due to one or more of the following:\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. + Operation failed due to one or more of the following:\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. + Operation failed due to one or more of the following:\n - Wrong mount mode.\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. + Operation failed due to one or more of the following:\n - Wrong mount mode.\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. + Auto-mount failed due to one or more of the following:\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found. + Auto-mount failed due to one or more of the following:\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found. + \n\nAdvarsel: Caps Lock er på. Dette kan føra til att du skriv inn passordet feil. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where the process of encryption/decryption of a non-system volume has been interrupted and where the volume header can be deciphered using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Back + Kunne ikkje lista raw einingar installert på systemet ditt! + Volumet '%s' eksisterer, og er skrive verna. Er du sikker på att du vill erstatta det? + Vel destinasjons katalog + Vel Nøkkelfil + Vel ei nøkkelfil søke sti. ADVARSEL: merk att det er berre stien som vert hugsa, ikkje filnamna! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Ytre Volum storleik + Skjult Volum storleik + Please verify that the size of the selected device/partition shown above is correct and click Next. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Volum storleik + Dynamisk + ADVARSEL: SJØLVTEST-FEILA! + Sjølvtest av alle algoritmar godkjent + The data unit number that you supplied is too long or short. + The secondary key that you supplied is too long or short. + Test cipherteksten som du har valt er for kort eller lang. + Test nøkkelen som du har valt er for lang eller kort. + Test klarteksten du har valt er for lang eller kort. + Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt Traveler Disk + Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. + Meir info på %s + Ukjent + An unspecified or unknown error occurred (%d). + Eit eller anna volum inneheld filer som er i bruk av eit program eller system.\n\nTving demontering? + &Demonter + Demontering feila! + Volum inneheld filer eller mapper som er i bruk av eit program eller system.\n\nTving demontering? + No volume is mounted to the specified drive letter. + Volumet som du prøver å montera er allereie montert. + Ein feil oppstod ved forsøk på montering av volumet. + Feil ved søkings lokasjon innanfor volum. + Feil: Feil volum storleik. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt kan ikkje endra passordet for eit framand volum. + Ver gild å vel ein ledig stasjons bokstav frå lista. + Ver gild å vel eit montert volum i stasjons bokstav lista. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Feil: Kunne ikkje oppretta autorun.inf + Feil ved prosesering av nøkkelfil! + Feil ved proseserig av nøkkelfil sti! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt støttar ikkje dette operativ systemet. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Feil: Kunne allokere minne. + Feil: Kunne ikkje gjenoppretta verdiane av ytelse teljar. + Error: Bad volume format. + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - Legal Notices + Alle Filer + VeraCrypt Volum + Library Modules + NTFS formatering kan ikkje halde fram. + Kan ikkje montera volum. + Kan ikkje demontera volum. + Windows failed to format the volume as NTFS.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). + Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? + Standard + partisjon + PARTISJON + Einheit + device + EINHEIT + Volum + volume + VOLUME + Label + Valte cluster storleik er for liten for denne volum storleiken. Ein større cluster størrelse vill verta brukat i staden. + Feil: Kan ikkje skaffa volum Storleik!\n\nForviss deg om att valt volum ikkje er i bruk av systemet eller eit program. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. + Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. + Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). + Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption/decryption of the partition/volume.\n\nPlease try fixing any previously reported problems and then try resuming the process again if possible. Note that the volume cannot be mounted until it has been fully encrypted or fully decrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. + Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. + Feil: Kan ikkje opna det ytre volumet! Volum oppretting kan ikkje halde fram. + Feil: Kan ikkje montera det ytre volumet! Volum oppretting kan ikkje halde fram. + Feil: Kan ikkje skaffa volum cluster bitmap! Volum oppretting kan ikkje halde fram. + Alfabetisk/Kategorisert + Gjennomsnits fart (Synkande) + Algoritme + Kryptering + Dekryptering + Hovud + Stasjonar + Storleik + Krypt Algoritme + Krypterings Algoritme + Type + Verdi + Eigneskapar + Lokalitet + byte + Skjult + Ytre + Normal + System + Hidden (system) + Skriveverna + System drive + System drive (encrypting - %.2f%% done) + System drive (decrypting - %.2f%% done) + System drive (%.2f%% encrypted) + System partition + Hidden system partition + System partition (encrypting - %.2f%% done) + System partition (decrypting - %.2f%% done) + System partition (%.2f%% encrypted) + Ja (skade ungått!) + Ingen + Primary Key Size + Secondary Key Size (XTS Mode) + Tweak Key Size (LRW Mode) + bits + Blokk Størrelse + PKCS-5 PRF + PKCS-5 gjenntakings tal + Volum Oppretta + Header Sist Endra + (%I64d dagar sidan) + Volume Format Version + Embedded Backup Header + VeraCrypt Boot Loader Version + Fyrst tilgjengeleg + Removable Disk + Harddisk + Uendra + Autodetection + Wizard Mode + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Setup Options + Here you can set various options to control the installation process. + Installing + Please wait while VeraCrypt is being installed. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Extraction Options + Here you can set various options to control the extraction process. + Please wait while files are being extracted. + Files successfully extracted + All files have been successfully extracted to the destination location. + If the specified folder does not exist, it will be automatically created. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Vill du sjå release notes for gjeldande (sise stabile) versjon av VeraCrypt? + Vist du ikkje har brukt VeraCrypt før, annbefallar me att du les Beginner's Tutorial i VeraCrypt brukarretliing. Vill du visa tutorialen? + Please select an action to perform from the following: + Repair/Reinstall + Upgrade + Uninstall + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + Installation failed. + Uninstallation failed. + This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). + Cannot write file %s + Extracting + Cannot read data from the package. + Cannot verify the integrity of this distribution package. + Extraction failed. + Installasjonen har vorte rulla tilbake. + VeraCrypt vart installert utan feil. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt har vorte avinstallert utan feil.\n\nKlikk 'Avslutt' for å fjerna VeraCrypt installer og mappa %s. Mappa vill ikkje verta fjerna vist den inneheld filer som ikkje vart innstallert av VeraCrypt installer eller av VeraCrypt. + Fjerner VeraCrypt register oppføringar + Legg til register oppføring + Fjernar program spesifikke data + Installerer + Stoppar + Fjernar + Legg til ikon + Lag system gjennopprettings punkt + Kunne ikkje laga system gjennopprettings punkt! + Updating boot loader + Failed to install '%s'. %s\nDo you want to continue installing? + Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? + Installasjonen er fullført. + Mappe '%s' kunne ikkje opprettast + The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. + Alle VeraCrypt volum må demonterast før du installerar eller avinstallerar VeraCrypt. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + Installasjonen av register oppføringane har feila + The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. + Startar VeraCrypt einings drivarane + Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). + Installerer VeraCrypt einings drivarane + Stoppar VeraCrypt einings drivarane + Avinstallerar VeraCrypt einings drivarane + Registrering av brukerkontroll (UAC) støtte bibliotek feila. + Avregistrering av brukerkontroll (UAC) støtte bibliotek feila. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + Error: Cannot display license. + Ytre(!) + dagar + timar + minuttar + s + Opne + Demonter + Vis VeraCrypt + Skjul VeraCrypt + Data Lest sidan Montering + Data Skreve sidan Montering + Encrypted Portion + 100% (fully encrypted) + 0% (not encrypted) + %.3f%% + 100% + Waiting + Preparing + Resizing + Encrypting + Decrypting + Finalizing + Paused + Finished + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Skriv inn passord for %s + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + Nøkkelfil har vorte laga. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). + The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. + The VeraCrypt Rescue Disk has been successfully verified. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Error creating VeraCrypt Rescue Disk. + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Ver venleg å demonter volum før du held fram. + Error: Cannot set timer. + Sjekk Filsystem + Reparer Filsystem + Add to Favorites... + Add to System Favorites... + P&roperties... + Vern Skjult Volum + N/A + Ja + Nei + Disabled + 1 + 2 or more + Modus for Operasjon + Label: + Size: + Path: + Drive Letter: + Feil: Passord kan berre innehalde ASCII teikn.\n\nikkje-ASCII teikn i passord kan føra til att det ikkje vert mogeleg å montera volumet når system konfigen din endrar seg.\n\nFølgjande teken er lov:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Advarsel: Passord inneheld ikkje-ASCII teikn. Dette kan føra til att det ikkje vert mogeleg å montera volumet når system konfigen din endrar seg.\n\nDu bør byta ut alle ikkje-ASCII teken i passordet med ASCII teken. For å gjera det, trykk på 'Volum' -> 'Endre Volum passord'.\n\nFølgjande er ASCII teikn:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Heimeside + ADVARSEL: Det ser ut til att du ikkje har installert nokon service pakke til din Windows installasjon. Du skal ikkje skriva til IDE diskar større enn 128 GB under Windows XP som ikkje har SP 1 eller høgare! Vist du gjere det kan data som er på disken (uansett om det er eit VeraCrypt Volum eller ikkje) verta korrupte. Dette er ein begrensing i Windows, ikkje ein feil i VeraCrypt. + ADVARSEL: Det ser ut til att du ikkje har installert service pack 2 eller seinare til din Windows installasjon. Du skal ikkje skriva til IDE diskar større enn 128 GB under Windows 2000 som ikkje har installert SP 3 eller høgare! Vist du gjere det kan data som er på disken (uansett om det er eit VeraCrypt Volum eller ikkje) verta korrupte. Dette er ein begrensing i Windows, ikkje ein feil i VeraCrypt.\n\nMerk: Det kan og hende du må aktivere støtta for 48-bit LBA i Windows registeret; for meir info, sjå http://support.microsoft.com/kb/305098/EN-US + WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + WARNING: If you want to be able to add more data/files to the outer volume in future, you should consider choosing a smaller size for the hidden volume.\n\nAre you sure you want to continue with the size you specified? + Ingen volum valgt.\n\nKlikk 'Vel Einheit' eller 'Vel Fil' for å velgja eit VeraCrypt volum. + No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. + WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? + Auto monter einheiter + Demonter alle + Slett snøgglager + Dismount All & Wipe Cache + Tving demontering av alle & Visk ut snøgglager + Tving demontering av alle, Visk ut snøgglager & Avslutt + Monter Favoritt Volum + Vis/skjul Hovud VeraCrypt vindauga + (Klikk her og trykk ein tast) + Sett i gang + Snarveg + Feil: Denne snarvegen er reservert. Vel ein annan snarveg. + Feil: Snarvegen er allereie i bruk. + Advarsel: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + Advarsel: Vist denne mogelegheita vert aktivert, vill ikkje volum som inneheld opne filer/mapper vera mogeleg å auto-demontera.\n\nEr du sikker på att du vill deaktivera denne mogelegheita? + WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption/decryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption/decryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption/decryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Exit? + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption/decryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted or decrypted. You will be able to resume the process of encryption/decryption and it will continue from the point where it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. + Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. + Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. + Error: Failed to interrupt the process of wiping. + Error: Failed to resume the process of encryption/decryption of the system partition/drive. + Error: Failed to start the process of wiping. + Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + ADVARSEL: VeraCrypt Bakgrunns oppgåve er deaktivert. Etter att du avsluttar VeraCrypt, vil du ikkje lenger få melding om skade på skjult volum er ungått.\n\nMerk: Du kan og slå av bakgrunns oppgåva kor tid som helst ved å høgre klikka på VeraCrypt systemstatus felt ikonet og vel 'Avslutt'.\n\n\nAktivera VeraCrypt bakgrunns oppgåve? + Språk pakke versjon: %s + Sjekkar filsystemet på VeraCrypt volumet montert som %s... + Forsøk på å reparere filsystemet på VeraCrypt volumet montert som har %s... + Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. + Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E + Tildel ein stasjons bokstav til pertisjonen/einheiten før du held fram ('Kontrollpanel' > 'System og Vedlikehold' > 'Administrative Vertøy' - 'Lag og formater harddiskpartisjoner').\n\nMerk att dette er eit krav frå opperativ systemet. + Mounter VeraCrypt volum + Demonter alle VeraCrypt volum + VeraCrypt kunne ikkje skaffa Administrator rettigheiter. + Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. + The feature is not supported on the version of the operating system you are currently using. + VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. + CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). + Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + Your system partition/drive appears to be fully encrypted. + VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). + As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + This algorithm is currently not supported for system encryption. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. + Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. + As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. + VeraCrypt prevented change of keyboard layout. + Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + Error: Cannot save system encryption settings. + Cannot initiate the system encryption pretest. + Cannot initiate the process of creation of the hidden operating system. + Wipe Mode + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + None (fastest) + 1-pass (random data) + 3-pass (US DoD 5220.22-M) + 7-pass (US DoD 5220.22-M) + 35-pass ("Gutmann") + 256-pass + Number of Operating Systems + WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Boot Drive + Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. + VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. + Number of System Drives + How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. + VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. + Multiple Systems on Single Drive + Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. + Non-Windows Boot Loader + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + Multi-Boot + VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + Detecting Hidden Sectors + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + Area to Encrypt + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Collecting Random Data + Keys Generated + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Rescue Disk Recording + Rescue Disk Created + System Encryption Pretest + Rescue Disk Verified + \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? + Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Pretest Completed + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + Do you want to cancel the system encryption pretest? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + The system partition/drive does not appear to be encrypted (neither partially nor fully). + Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. + An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. + Error: The process of encryption of the partition/drive has not been completed. It must be completed first. + Error: The process of encryption or decryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + Error: Incorrect/invalid parameter. + You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? + Do you want to create a VeraCrypt file container instead? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Are you sure you want to permanently decrypt the system partition/drive? + CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Failed to upgrade the VeraCrypt Boot Loader. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. + Skip detection of hidden sectors (use the size reported by the operating system) + Try to detect hidden sectors again + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Rescue Disk + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Test + Nøkkelfil + Backspace + Tab + Clear + Enter + Pause + Caps Lock + mellomrom + Page Up + Page Down + End + Home + Venstre Piltast + Opp Piltast + Høgre Piltast + Ned Piltast + Vel Nøkkel + Utskrift tast + Utførings tast + Print Screen + Insert + Delete + Program Tastar + Sov + Num Lock + Scroll Lock + Utforskar Tilbake + Utforskar Fram + Utforskar Oppfrisking + Utforskar Stop + Utforskar Søk + Utforskar Favorittar + Utforskar Heim + Stille + Volum Ned + Volum Opp + Neste Spor + Forrige Spor + Stopp Media + Spel/Pause Media + Start E-post Tast + Vel Media Tast + Program 1 + Program 2 + Attn + CrSel + ExSel + Spel + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.pl.xml b/Translations/Language.pl.xml index c5649355..670b9737 100644 --- a/Translations/Language.pl.xml +++ b/Translations/Language.pl.xml @@ -1,1457 +1,1457 @@ - - - - - - - - - - - - Anuluj - Instaluj dla &wszystkich użytkowników - &Przeglądaj... - Umieść ikonę VeraCrypt na p&ulpicie - Dotuj teraz... - Skojarz &rozszerzenie pliku .hc z VeraCrypt - Po zakończeniu &otwórz lokalizację docelową - Dodaj VeraCrypt do Menu &Start - Utwórz punkt przy&wracania systemu - &Odinstaluj - &Wyodrębnij - &Zainstaluj - Kreator instalacji VeraCrypt - Odinstaluj VeraCrypt - Pomo&c - Wybierz lub wpisz lokalizację, w której chcesz zapisać wyodrębniane pliki: - Wybierz lub wpisz lokalizację, w której chcesz zainstalować pliki programu VeraCrypt. Jeśli podany folder nie istnieje, zostanie automatycznie utworzony. - Kliknij przycisk Odinstaluj, aby usunąć program VeraCrypt z systemu. - Przerwij - Tes&t wydajności - &Testuj - Stwórz zaszyfrowany wolumen i sformatuj go - Zaszyfruj partycję w miejscu - Wyświetl wygenerowane klucze (ich części) - Wyświetl zawartość puli - Pobierz oprogramowanie do zapisu CD/DVD - Stwórz zaszyfrowany plik (magazyn) - &GB - &TB - Więcej informacji - &Ukryty wolumen VeraCrypt - Więcej informacji o wolumenach ukrytych - Tryb bezpośredni - Tryb zwykły - &kB - Użyj plików-&kluczy - Próbuj najpierw zamontować z pustym hasłem - Losowy rozmiar ( 64 <-> 1048576 ) - Pliki-kl&ucze... - Informacja o algorytmach mieszających - Informacje dodatkowe - Informacje o MOI - &MB - Informacje dodatkowe - Więcej informacji o systemie szyfrowania - Informacje dodatkowe - Wiele systemów - Zaszyfruj bezsystemową partycję lub dysk - Nigdy nie zapisuj &historii - Otwórz wolumen zewn. - W&strzymaj - Użyj MO&I - Użyj MOI - Szybkie formatowanie - Wyświetl ha&sło - &Wyświetl hasło - Wyświe&tl MOI - Jeden system - Standardowy wolumen VeraCrypt - Uk&ryty - Normalny - Zaszyfruj partycję lub cały dysk systemowy - Zaszyfruj systemową partycję Windows - Zaszyfruj cały dysk - Kreator tworzenia wolumenów VeraCrypt - Klaster - WAŻNE: Wykonuj w tym oknie losowe ruchy myszą. Im dłużej to robisz, tym lepiej. Poprawia to znacząco kryptograficzną jakość kluczy. Następnie kliknij przycisk Dalej, aby kontynuować. - &Potwierdź: - Skończone - Litera napędu: - Algorytm szyfrowania - Sys. plików - Tworzy dysk wirtualny w zaszyfrowanym pliku. Zalecane dla początkujących użytkowników. - Opcje - Algorytm mieszający - Klucz nagłówka: - Zostało - Klucz główny: - Wybierz tę opcję, jeśli na tym komputerze zainstalowano kilka systemów operacyjnych.\n\nNa przykład:\n- Windows XP i Windows XP\n- Windows XP i Windows Vista\n- Windows i Mac OS X\n- Windows i Linux\n- Windows, Linux i Mac OS X - Zaszyfruj bezsystemową partycję na każdym wewnętrznym lub zewnętrznym dysku (np. na dysku falsh). Opcjonalnie stwórz ukryty wolumen. - Zawartość bieżącej puli (część) - Hasło - Hasło: - MOI wolumenu: - MOI wolumenu: - Postęp: - Pula losowa: - Wybierz tę opcję, jeśli na tym komputerze jest zainstalowany tylko jeden system operacyjny (nawet jeśli ma wielu użytkowników). - Szybkość - Status - Klucze, ciągi zaburzające (salt) i inne dane zostały pomyślnie wygenerowane. Jeśli chcesz generować nowe klucze, kliknij przycisk Wstecz, a następnie Dalej. W przeciwnym wypadku kliknij przycisk Dalej, aby kontynuować. - Zaszyfruj partycję lub dysk, na którym zainstalowany jest Windows. Każdy, kto będzie chciał uzyskać dostęp do systemu, czytać i zapisywać pliki itd., będzie musiał wpisać poprawne hasło za każdym razem, gdy będzie uruchamiany Windows. - Wybierz tą opcję, aby zaszyfrować partycję, gdzie obecnie jest zainstalowany i uruchomiony Windows. - Etykieta wolumenu w Windows: - Wymaż - Zamknij - Pozwól ominąć &autoryzację podczas startowania przez naciśnięcie klawisza Esc (menedżer rozruchu) - Nic nie rób - &Automatycznie podłącz poniższy wolumen VeraCrypt - &Uruchom VeraCrypt - Auto&wykrywanie biblioteki - &Przechowuj w pamięci hasło uwierzytelniania rozruchu wstępnego (bezsystemowe wolumeny) - Przeglądaj... - Przeglądaj... - Przechowuj w pamięci hasła i pliki-&klucze - Wyjdź, jeśli nie ma podłączonych wolumenów - &Zamknij token sesji (wylogowanie), gdy wolumen zostanie pomyślnie podłączony - Dołącz rozszerzacz wolumenów VeraCrypt - Włącz kreatora wolumenów VeraCrypt - Utwórz - &Utwórz wolumen - Nie wyś&wietlaj żadnego tekstu podczas autoryzacji przy starcie (z wyjątkiem poniższego tekstu) - Wyłącz wykrywanie ataku "Zła pokojówka" - Przyspiesz szyfrowanie i deszyfrowanie AES przy użyciu instrukcji AES procesora (jeśli dostępne) - Użyj plików-kluczy - Użyj nowych plików-kluczy - &Wyjdź - Pomoc dla ulubionych wolumenów - Nie montuj wybranego wolumenu, gdy wciśnięto skrót klawiszowy 'Mon&tuj ulubione wolumeny' - Montuj wybrany wolumen, gdy jego nośnik zostanie podłą&czany - Montuj wybrany wolumen podczas l&ogowania - Montuj wybrany wolume&n w trybie do odczytu - Montuj wybrany wolumen jako nośnik wymienny - Przesuń w &dół - Przes&uń w górę - Otwórz okno &Eksploratora dla wybranego wolumenu po pomyślnym montowaniu - Usu&ń - Użyj etykiety ulubionego jako etykiety napędu Eksploratora - Ustawienia ogólne - Wyświetl podpowiedź w dymku po udanym odłączeniu klawisza skrótu - Odtwórz systemowy dźwięk powiadomienia po pomyślnym odłączeniu klawisza skrótu - Alt - Ctrl - Shift - Win - Przypisz - Usuń - Pliki-klucze... - Nie używaj poniższej liczby procesorów dla szyfrowania i deszyfrowania: - Informacje dodatkowe - Informacje dodatkowe - Więcej ustawień... - Podłącz &automatycznie - &Opcje... - Podłącz wolumen tylko do &odczytu - Pliki-klucze... - (Puste albo 0 dla domyślnych iteracji) - (Puste albo 0 dla domyślnych iteracji) - Aktywny - Przechowuj hasła w pamięci sterownika - Automatycznie odłącz wolumen, jeśli nie był używany przez - Użytkownik się wylogował - Zablokowano sesję użytkownika - W trybie oszczędzania energii - Zadziałał wygaszacz ekranu - Wymuś odłączanie, nawet gdy są otwarte pliki lub katalogi - Podłącz wszystkie wolumeny VC w urządzeniach - Uruchom VC jako zadanie w tle - Podłącz wolumeny tylko do odczytu - Podłącz wolumeny jako urządzenia wymienne - Otwórz okno Eksploratora Windows po podłączeniu - Czasowo przechowuj hasło podczas operacji "Montowanie ulubionych wolumenów" - Użyj innej ikony na pasku zadań, gdy są podłączone wolumeny - Wyczyść pamięć haseł po automatycznym odłączeniu - Wyczyść pamięć haseł przy wyjściu - Zachowaj stempel czasowy plików kontenetrów - Zresetuj - Wybierz &urządzenie... - Wy&bierz plik... - Wybierz &bibliotekę... - Wyświetl hasło - Wyświetl hasło - Otwórz okno &Eksploratora dla podłączonego wolumenu - &Przechowuj hasło w pamięci sterownika - Tryb TrueCrypt - Odłącz w&szystko - Właściwośc&i wolumenu... - &Narzędzia wolumenu... - Wyczyść pamięć &haseł - VeraCrypt - Parametry montowania - VeraCrypt - Ulubione woluminy - VeraCrypt - Systemowe skróty klawiaturowe - VeraCrypt - Zmiana hasła lub pliku-klucza - Wprowadź hasło dla wolumenu VeraCrypt - VeraCrypt - Opcje wydajności i sterownika - VeraCrypt - Preferencje - VeraCrypt - Ustawienia szyfrowania systemu - VeraCrypt - Ustawienia bezpieczeństwa tokenu - Konfigurowanie dysku podróżnego VeraCrypt - Właściwości wolumenu VeraCrypt - Informacje... - Dodaj lub usuń plik-klucz do lub z wolumenu... - Dodaj montowany wolumen do ulubionych... - Dodaj montowany wolumen do ulubionych systemu... - Analiza awarii systemu... - Utwórz kopię zapasową nagłówka wolumenu... - Testuj... - Ustaw algorytm klucza nagłówka... - Zmień hasło wolumenu... - Ustaw algorytm klucza nagłówka... - Zmień hasło... - Wyczyść historię wolumenu - Zamknięcie wszystkich sesyjnych tokenów - Kontakt... - Tworzenie ukrytego systemu operacyjnego... - Utwórz płytę ratunkową... - Utwórz nowy wolumen... - Trwale odszyfruj... - Domyślne pliki-klucze... - Domyślne parametry montowania... - Dotuj teraz... - Szyfruj partycję lub dysk systemowy... - Często zadawane pytania (FAQ) - Podręcznik użytkownika - St&rona WWW - Skróty klawiaturowe... - Generator plików-kluczy - Język... - Informacje prawne - Zarządzaj kluczem tokenu bezpieczeństwa... - Podłącz automatycznie wszystkie wolumeny obsługiwane przez urządzenia - Podłącz wolumeny ulubione - Podłącz bez wstępnego &uwierzytelniania... - Podłącz wolumen - Podłącz wolumen z opcjami - Nowości - Dokumentacja - Kurs dla początkujących - Porządkuj ulubione wolumeny... - Porządkuj ulubione wolumeny systemu... - Konfiguracja wydajności i sterownika - Trwale odszyfruj partycję lub dysk systemowy - Preferencje... - Odśwież litery dysków - Usuń wszystkie pliki-klucze z wolumenu... - Odtwórz nagłówek wolumenu... - Kontynuuj przerwany proces - Wybierz urządzenie... - Wybierz plik... - Wznów przerwany proces - Szyfrowanie systemu... - Właściwości... - Ustawienia... - Ulubione wolumeny systemu... - Pobieranie - Wektory testowe... - Tokeny bezpieczeństwa... - Konfigurowanie dysku podróżnego... - Odłącz wszystkie podłączone wolumeny - Odłącz wolumen - Sprawdź płytę ratunkową - Sprawdź obraz ISO płyty ratunkowej - Historia wersji - Rozszerzacz wolumenu - Właściwości wolumenu - Kreator wolumenu - Strona WWW VeraCrypt - Wymaż przechowywane hasła - OK - Akceleracja sprzętowa - Skrót - Konfiguracja automatycznego uruchamiania (autorun.inf) - Automatyczne odłączanie - Odłącz wszystko, gdy: - Opcje obrazu 'Programu startowego' - Potwierdź hasło: - Bieżące - Wyświetlenie twojej wiadomości podczas autoryzowania i startowania (maksimum 24 znaki): - Domyślne opcje podłączania - Opcje klawiatury - Konfiguracja sterownika - Włącz obsługę rozszerzonych kodów sterujących dysku - Etykieta wybranego ulubionego wolumenu: - Ustawienia pliku - Klawisz do przypisania: - Procesor (CPU) tego komputera obsługuje akcelerację sprzętową AES: - Działania wykonywane podczas logowania do systemu Windows - minut(y) - Podłącz wolumen jako dysk: - Ustawienia podłączania - Nowe - Hasło: - Zrównoleglanie Wątkowe - Ścieżka biblioteki PKCS #11 - PKCS-5 PRF: - PKCS-5 PRF: - Pamięć haseł - Opcje bezpieczeństwa - Proces VeraCrypt uruchamiany w tle - Podłączany wolumen VeraCrypt (względem gł. katalogu dysku podróżnego): - Przy włożeniu dysku podróżnego: - Utwórz pliki dysku podróżnego w (katalog główny dysku podróżnego): - Wolumen - Windows - &Dodaj ścieżkę... - &Testuj wszystko - &Kontynuuj - &Odszyfruj - &Usuń - &Zaszyfruj - &Eksport... - Generuj i zapisz plik-klucz... - &Generuj losowy plik-klucz... - Pobierz pakiet językowy - Sprzętowo przyspieszony AES: - &Importuj plik-klucz do tokena... - Dodaj &plik... - Użyj plików-&kluczy - Pliki-&klucze... - &Usuń - Usuń &wszystko - Co to jest wolumen ukryty? - Informacje o plikach-kluczach - Podłącz wolumen jako nośnik &wymienny - Podłącz partycję, &używając szyfrowania bez wstępnego uwierzytelniania - Zrównoleglanie: - Testuj - &Drukuj - &Chroń wolumeny ukryte przed zniszczeniem - &Zresetuj - &Wyświetl hasło - Dodaj &token... - Użyj wbudowa. systemu kopii bezpiecz. nagłówka wolumenu, jeżeli możliwe - Tryb XTS - O VeraCrypt... - VeraCrypt - Testowanie szybkości algorytmów szyfrujących - VeraCrypt - Wektory testowe - Pomoc dla wiersza komend - VeraCrypt - Pliki-klucze - VeraCrypt - Generator plików-kluczy - VeraCrypt - Język - VeraCrypt - Opcje podłączania - Właściwości nowego tokenu pliku-klucza - VeraCrypt - Wzbogacony losowy zakres - Wybierz partycję lub urządzenie - VeraCrypt - Plik-klucz tokenu bezpieczeństwa - Wymagane hasło/PIN tokenu bezpieczeństwa - Aktywny pakiet językowy - Szybkość jest zależna od wydajności procesora i charakterystyki urządzeń składujących.\n\nTesty są przeprowadzane w pamięci RAM. - Bufor: - Szyfr: - &Hasło do ukrytego wolumenu:\n(jeśli puste, zostanie użyte zapamiętane) - Wolumen ukryty - Wielkość klucza: - WAŻNE: Wykonuj w tym oknie losowe ruchy myszą. Im dłużej to robisz, tym lepiej. Poprawia to znacząco kryptograficzną jakość pliku-klucza. - Uwaga: Jeśli zgubisz plik-klucz lub zostanie zmieniony choć jeden bit z pierwszych 1024 kB, podłączenie wolumenów nie będzie możliwe! - bity - Liczba plików-kluczy: - Rozmiar plków-kluczy (w bajtach): - Nazwa bazowa plików-kluczy: - Przetłumaczony przez: - Długość: - bity - Zawartość bieżącej puli - Mieszanie PRF: - WAŻNE: Przesuwaj losowo mysz wewnątrz tego okna. Im dłużej będziesz ruszał myszą, tym lepiej. Ma to znaczenie w kontekście zwiększenia bezpieczeństwa. Kiedy skończysz, kliknij 'Kontynuuj'. - Klucz drugorzędny (szesnastkowo) - Token bezpieczeństwa: - Metoda sortowania: - Czekaj. Ten proces może trwać długo... - Proszę czekać...\nTen proces może trwać długo, a VeraCrypt może przestać odpowiadać. - Numer bloku: - Tekst zaszyfrowany (szesnastkowo) - Numer jednostki danych (64 bity - szesnastkowo, wielkość jednostki danych: 512 bajtów) - Klucz (szesnastkowo) - Tekst jawny (szesnastkowo) - Nazwa pliku-klucza: - Tryb XTS - Sys&tem - Wolu&meny - Ulub&ione - Nar&zędzia - Usta&wienia - Pomo&c - St&rona WWW - - I&nformacje... - Atrybut tylko do odczytu na starym wolumenie nie może być zmieniony. Sprawdź prawa dostępu do pliku. - Błąd: Brak dostępu.\n\nPartycja, do której chcesz uzyskać dostęp, nie zawiera sektorów lub służy do uruchomienia systemu. - Administrator - Do załadowania sterowników VeraCrypt wymagane jest użycie konta z uprawnieniami administratora. - Aby zaszyfrować/sformatować partycję lub urządzenie, należy użyć konta z uprawnieniami administratora.\n\nPowyższe ograniczenie nie dotyczy wolumenów tworzonych w plikach. - W przypadku tworzenia wolumenu ukrytego należy użyć konta z uprawnieniami administratora.\n\nCzy kontynuować? - Do formatowania wolumenu w formacie NTFS należy użyć konta z uprawnieniami administratora.\n\nBez uprawnień administratora można formatować wolumen w formacie FAT. - Zaakceptowany przez FIPS szyfr (Rijndael, opublikowany w 1998) może być używany przez agencje rządowe USA Do ochrony informacji zaklasyfikowanych jako ściśle tajne. Klucz 256-bitowy, z blokiem 128-bitowym, 14 przebiegów (AES-256). Tryb szyfrowania: XTS. - Wolumen jest już podłączony. - UWAGA: Co najmniej jeden algorytm szyfrowania lub mieszający nie przeszedł wbudowanej automatycznej procedury testowej!\n\nInstalacja VeraCrypt może być uszkodzona! - UWAGA: Nie ma wystarczających danych w puli generatora losowego dla zapewnienia wymaganej ilości danych losowych.\n\nNie zaleca się kontynuowania. Wybierz w menu Pomoc opcję 'Zgłoszenie błędu' i zgłoś ten błąd. - Uszkodzony dysk (występują fizyczne uszkodzenia dysku), uszkodzony kabel lub uszkodzona pamięć.\n\nProszę rozwiąż problem ze sprzętem, nie z VeraCrypt. Zatem proszę NIE wysyłać tego błędu/problemu jako błędu VeraCrypt i proszę NIE pytać o pomoc na forum VeraCrypt. Proszę skontaktować się ze swoim serwisem sprzętu. Dziękuje.\n\nUwaga: Jeżeli błąd pojawia się cały czas w tym samym miejscu, jest prawdopodobne, że masz błędny blok na dysku, który może być naprawiony przy użyciu innego oprogramowania (zauważ, że polecenie 'chkdsk /r' może nie naprawić tego, ponieważ działa tylko na poziomie systemu plików; w niektórych przypadkach, polecenie 'chkdsk' nie wykryje błędu). - Jeśli uzyskujesz dostęp do dysku na nośniku wymiennym, upewnij się, że nośnik został umieszczony w czytniku. Dysk/nośnik może też być uszkodzony (występuje na nim błąd fizyczny) lub przewód został odłączony/uszkodzony. - Twój system używa dysku, który ma zostać zaszyfrowany, co powoduje błąd.\n\nProszę spróbować uaktualnić/odinstalować dodatkowe sterowniki do chipsetu przed uruchomieniem procesu. Jeżeli to nie pomoże, spróbuj zaszyfrować tylko partycję systemową. - Niepoprawna litera dysku. - Niepoprawna ścieżka. - Anuluj - Brak dostępu do urządzenia. Upewnij się, że wybrane urządzenie istnieje i nie jest używane przez system. - Ostrzeżenie: Wciśnięto klawisz Caps Lock. Może to spowodować niepoprawne wprowadzenie hasła. - Typ wolumenu - Czasem może wystąpić sytuacja, w której ktoś zmusza do ujawnienia hasła do zaszyfrowanego wolumenu. Istnieje wiele sytuacji, gdy nie można odmówić ujawnienia hasła (np. w sytuacji zagrożenia życia lub zdrowia). Użycie tzw. wolumenów ukrytych pozwala na wyjście z opresji bez ujawnienia właściwego hasła. - Wybierz tę opcję, aby utworzyć zwykły wolumen VeraCrypt. - Proszę zapisz to, jeżeli chcesz zainstalować system system operacyjny na ukrytej partycji/wolumenie - dysk systemowy nie może zostać zaszyfrowany używając pojedynczego klucza. - Opcje szyfrowania wolumenu zewnętrznego - Opcje szyfrowania wolumenu ukrytego - Opcje szyfrowania - Ostrzeżenie: Nie można wyczyścić ścieżki ostatnio wybranego wolumenu/pliku-klucza (zapamiętanego przez mechanizm wyboru plików)! - Błąd: Kontener został skompresowany na poziomie systemu plików. Program VeraCrypt nie obsługuje używania skompresowanych kontenerów (kompresja szyfrowanych danych jest nieefektywna i redundantna).\n\nWyłącz kompresję dla kontenera, wykonując następujące czynności: 1) Kliknij prawym przyciskiem myszy kontener w Eksploratorze Windows (nie w VeraCrypt). 2) Kliknij opcję 'Właściwości'. 3) W oknie dialogowym 'Właściwości' kliknij przycisk 'Zaawansowane'. 4) W oknie 'Atrybuty zaawansowane' anuluj zaznaczenie pola wyboru 'Kompresuj zawartość, aby zaoszczędzić miejsce na dysku' i kliknij przycisk 'OK'. 5) Zamknij okno dialogowe 'Właściwości', klikając przycisk 'OK'. - Niepowodzenie tworzenia wolumenu %s - Wielkość %s wynosi %.2f B - Wielkość %s wynosi %.2f kB - Wielkość %s wynosi %.2f MB - Wielkość %s wynosi %.2f GB - Wielkość %s wynosi %.2f TB - Wilekość %s wynosi %.2f PB - Ostrzeżenie: Urządzenie/partycja jest już w użyciu przez system operacyjny lub aplikację. Formatowanie urządzenia/partycji może spowodować uszkodzenie danych i niestabilność systemu.\n\nCzy kontynuować? - Uwaga: Partycja jest w użyciu przez system operacyjny lub aplikacje. Zamknij wszystkie aplikacje, które mogą używać partycji (włączając w to system antywirusowy).\n\nKontynuować? - Błąd: Urządzenie/partycja zawiera system plików, który nie może zostać odłączony. System plików może być używany przez system operacyjny. Formatowanie urządzenia/partycji z dużym prawdopodobieństwem spowoduje uszkodzenie danych i niestabilność systemu.\n\nAby rozwiązać ten problem, zaleca się wcześniejsze usunięcie partycji i ponowne jej utworzenie bez formatowania. W tym celu: 1) Kliknij prawym przyciskiem myszy ikonę 'Komputer' (lub 'Mój Komputer') w 'Menu Start' i wybierz opcję 'Zarządzaj'. Zostanie wyświetlone okno 'Zarządzanie komputerem'. 2) W oknie 'Zarządzanie komputerem' wybierz 'Magazyn' > 'Zarządzanie dyskami'. 3) Kliknij prawym przyciskiem myszy partycję, którą chcesz zaszyfrować, następnie wybierz opcję 'Usuń partycję' lub 'Usuń dysk logiczny'. 4) Kliknij przycisk 'Tak'. Jeśli system poprosi o zrestartowanie komputera, zrób to. Następnie powtórz krok 1 i 2 i kontynuuj od kroku 5. 5) Kliknij nieprzydzielone/wolne miejsce i wybierz opcję 'Nowa partycja', 'Nowy prosty wolumen' lub 'Nowy dysk logiczny'. 6) Zostanie uruchomione okno 'Kreatora partycji' lub 'Kreatora prostych wolumenów'. Postępuj zgodnie z instrukcjami. Na stronie zatytułowanej 'Formatowanie partycji', wybierz 'Nie formatuj tej partycji' lub 'Nie formatuj tego wolumenu'. W tym samym kreatorze, kliknij 'Dalej' a następnie 'Zakończ'. 7) Ścieżka urządzenia wybranego w programie VeraCrypt może być teraz nieprawidłowa. Dlatego wyjdź z kreatora tworzenia wolumenów VeraCrypt (jeśli jest nadal uruchomiony) i uruchom go ponownie. 8) Ponownie spróbuj zaszyfrować urządzenie.\n\nJeśli program VeraCrypt ponownie nie będzie mógł zaszyfrować urządzenia/partycji, należy rozważyć utworzenie pliku kontenera. - Błąd: System plików nie może być zablokowany i/lub odłączony. Może jest używany system operacyjny lub aplikacje (np. system antywirusowy). Szyfrowanie partycji może spowodować uszkodzenie danych i niedostępność systemu.\n\nProszę zamknąć wszystkie aplikacje, które mogą używać systemu plików (włączając w to system antywirusowy) i proszę spróbować ponownie. Jeżeli to nie pomoże, prosze postępować zgodnie z poniższymi krokami. - ostrzeżenie: Niektóre podłączone urządzenia/partycje były w użyciu!\n\nZignorowanie tego faktu może spowodować niepożądane skutki z niestabilnością systemu włącznie!\n\nNależy koniecznie zamknąć wszystkie aplikacje, które mogą używać tych urządzeń/partycji. - Wybrane urządzenie zawiera partycje.\n\nFormatowanie urządzenia może spowodować niestabilność i/lub uszkodzenie danych. Wybierz partycję na tym urządzeniu lub usuń z niego wszystkie partycje, aby umożliwić programowi VeraCrypt bezpieczne jej sformatowanie. - Wybrane nie systemowe urządzenie zawiera partycje.\n\nZadzyfrowane urządzenia w wolumenie VeraCrypt mogą być stworzone wewnątrz urządzenia, które nie zawiera żadnych partycji (włączając dyski twarde i pamięci dyskowe). Urządzenia zawierające partycje mogą być zaszyfrowane "w locie" (używając pojedynczego głównego klucza) tylko jeżeli dysk jest uruchomiony i jest na nim zainstalowany Windows.\n\nJeżeli chcesz zaszyfrować wybrany nie systemowy dysk używając pojedynczego głównego klucza, musisz najpierw usunąć wszystkie partycje na urządzeniu, aby bezpiecznie go sformatować w VeraCrypt (formatowanie urządzenia z istniejącymi partycjami może powodować niestabilność systemu i/lub uszkodzeniem danych). Opcjonalnie, możesz zaszyfrować osobno każdą partycję na dysku (każda partycja będzie zaszyfrowana używając innego głównego klucza).\n\nUwaga: Jeżeli chcesz usunąć wszystkie partycje z dysku GPT, możesz potrzebować wykonać konwersję do dysku MBR (używając np. narzędzi w Zarządzaj komputerem), aby usunąć ukryte partycje na dysku. - Uwaga: Jeśli zaszyfrujesz człe urządzenie (w przeciwieństwie do szyfrowania tylko jego partycji), system operacyjny będzie uważał urządzenie za nowe, puste i niesformatowane (jako że nie zawiera tablicy partycji) i może spontanicznie zainicjować urządzenia (lub spytać, czy ma to uczynić), co może uszkodzić wolumen. W konsekwencji po takim zdarzeniu może być niemożliwe montowanie wolumenu jako ulubionego (np. przy zmianie numeru dysku) lub przydzielenie mu etykiety ulubionego wolumenu.\n\nAby tego uniknąć, prosimy rozważyć utworzenie partycji na urządzeniu i zaszyfrowanie partycji.\n\nCzy na pewno zaszyfrować urządzenie w całości? - Uwaga: Proszę zapamiętać, że ten wolumen nie może być zamontowany/dostępny przy użyciu litery %c:, która jest obecnie przypisana do niej!\n\nAby zamontować ten wolumen, kliknij 'Podłącz automatycznie...' w głównym oknie VeraCrypt. Wolumen zostanie zamontowany pod inną literą dysku, którą wybierzesz z listy w głównym oknie VeraCrypt.\n\nOryginalna litera dysku %c: powinna być użyta tylko w przypadku, gdy chcesz usunąć szyfrowanie z partycji/dysku (np. jeżeli nie potrzebujesz więcej szyfrowania). W takim przypadku, kliknij prawy przycisk myszy na literze dysku %c: w 'Komputer' (lub 'Mój komputer') i wybierz 'Formatuj'. Inaczej litera dysku %c: nie będzie możliwa nigdy do użycia (chyba że ją usuniesz lub przypiszesz do innej partycji/dysku). - Szyfrowanie w miejscu nie jest obsługiwane w tej wersji systemu operacyjnego, który aktualnie używasz (obsługiwane są tylko Windows Vista i późniejsze wersje Windows).\n\nPowodem jest to, że ta wersja Windows nie obsługuje "przecinania" systemu plików (system plików musi być przycięty, aby zrobić miejsce na nagłówek wolumenu i na kopię nagłówka). - Wybrana partycja wygląda tak jakby nie zawierała systemu NTFS. Tylko partycje zawierające NTFS mogą być zaszyfrowane w miejscu (w czasie działania systemu).\n\nUwaga: Powód jest taki, że Windows nie obsługuje przycinania systemu plików innego typu poza NTFS (system plików musi być przycięty, aby zrobić miejsce na nagłówek wolumenu i na kopię nagłówka). - Wybrana partycja wygląda tak jakby nie zawierała systemu NTFS. Tylko partycje zawierające NTFS mogą być zaszyfrowane w miejscu (w czasie działania systemu).\n\nJeżeli chcesz stworzyć zaszyfrowany wolumen VeraCrypt w wolumenie wewnątrz niej, wybierz opcję "Stwórz zaszyfrowany wolumen i sformatuj go" (w opcji "Szyfruj partycję"). - Błąd: Partycja jest za mała. VeraCrypt nie może szyfrować jej "w locie". - Aby zaszyfrować dane na tej partycji, proszę postępować według następujących kroków:\n\n1) Stwórz wolumen w VeraCrypt na pustej partycji/urządzeniu i zamontuj go.\n\n2) Skopiuj wszystkie plik i foldery z partycji, którą chcesz zaszyfrować do zamontowanego wolumenu VeraCrypt (który została stworzony i zamontowany w kroku 1). Tym sposobem, będziesz mógł stworzyć zaszyfrowaną kopię danych i umieścić ją w VeraCrypt.\n\n3) Stwórz wolumen VeraCrypt na partycji, którą chcesz zaszyfrować i upewnij się, że masz zaznaczoną opcję (w Wizardzie VeraCrypt) "Stwórz zaszyfrowany wolumen i sformatuj go" (wewnątrz opcji "Szyfruj partycję"). Uwaga, wszystkie dane zapisane na partycji zostaną skasowane. Po stworzeniu wolumenu, zamontuj go.\n\n4) Skopij wszystkie pliki i foldery z wolumenu VeraCrypt (stworzonego i zamontowanego w kroku 1) do zamontowanego wolumenu VeraCrypt który został stworzony (i zamontowany) w kroku 3.\n\nPo wykonaniu powyższych kroków, wszystkie dane będą zaszyfrowane, i dodatkowo, będzie zaszyfrowana kopia tych danych. - VeraCrypt może szyfrować "w locie" tylko partycje, dynamiczne wolumeny, lub całe dyski systemowe.\n\nJeżeli chcesz stworzyć zaszyfrowany wolumen VeraCrypt wewnątrz zaznaczonego nie systemowego dysku, wybierz opcje "Stwórz zaszyfrowany wolumen i sformatuj go" (wewnątrz opcji "Szyfruj partycje"). - Błąd: VeraCrypt może szyfrować "w locie" tylko partycje, dynamiczne wolumeny, lub całe dyski systemowe. Proszę się upewnić, że wskazana ścieżka jest poprawna. - Błąd: Nie można przyciąć systemu plików (system plików do przycięcia wymaga zrobienia wolnego miejsca na nagłówek wolumenu i kopie bezpieczeństwa).\n\nMożliwe przyczyny i rozwiązania:\n\n- Mało wolnego miejsca na wolumenie. Spróbuj zrobić defragmentacje (prawy przycisk myszy na odpowiednim dysku w 'Mój komputer', wybierz Właściwości > Narzędzia > Defragmentuj teraz > Defragmentuj teraz). Jeżeli to nie pomoże, usuń powtarzające się pliki i opróżnij Kosz.\n\n- Uszkodzony system plików. Spróbuj sprawdzić i naprawić błędy (prawy przycisk myszy na odpowiednim dysku w 'Mój komputer', wybierz Właściwości > Narzędzia > 'Sprawdź teraz', upewnij się że opcja 'Automatycznie napraw błędy' jest włączona i włącz Rozpocznij).\n\nJeżeli powyższe kroki nie pomogły, postępuj następująco. - Błąd: Nie ma miejsca na wolumenie więc system plików nie może być przycięty (system plików do przycięcia wymaga zrobienia wolnego miejsca na nagłówek wolumenu i kopie bezpieczeństwa).\n\nProszę skasować powtarzające się pliki i opróżnić Kosz to może zwolnić miejsce i proszę spróbować jeszcze raz. Jeżeli nie możesz tego zrobić, postępuj następująco. - Wolne miejsce na dysku %s wynosi %.2f B. - Wolne miejsce na dysku %s wynosi %.2f KB - Wolne miejsce na dysku %s wynosi %.2f MB - Wolne miejsce na dysku %s wynosi %.2f GB - Wolne miejsce na dysku %s wynosi %.2f TB - Wolne miejsce na dysku %s wynosi %.2f PB - Nie można uzyskać dostępnej litery dysku. - Błąd: Nie znaleziono sterownika programu VeraCrypt.\n\nSkopiuj pliki 'veracrypt.sys' i 'veracrypt-x64.sys' do katalogu, w którym znajduje się główna aplikacja VeraCrypt (VeraCrypt.exe). - Błąd: Uruchomiona jest niezgodna wersja sterownika VeraCrypt.\n\nJeśli próbujesz uruchomic VeraCrypt w trybie przenośnym (tj bez jego instalacji) a zainstalowana jest juz inna wersja VeraCrypt, musisz ja odinstalować (lub zaktualizować przy użyciu instalatora VeraCrypt). Aby go odinstalować, wykonaj następujące kroki: W Windows Vista lub późniejszych, wybierz 'Menu Start' > Komputer > 'Odinstaluj lub zmień program' > VeraCrypt > Odinstaluj; na Windows XP, wybierz 'Menu Start' > Ustawienia > 'Panel sterowania' > 'Dodaj lub usuń programy' > VeraCrypt > Usuń.\n\nPodobnie, jeśli próbujesz uruchomić VeraCrypt w trybie przenośnym (tj bez jego instalacji) a działa już inna wersja VeraCrypt w trybie przenośnym, musisz najpierw zrestartować system a następnie uruchomić tylko tą nową wersję. - Błąd: Zainicjowanie szyfru nie powiodło się. - Błąd: Wykryto słaby lub potencjalnie słaby klucz. Klucz zostanie odrzucony. Ponów próbę. - Nastąpił błąd krytyczny i VeraCrypt musi zostać przerwany. Jeżeli jest to błąd VeraCrypt, spróbujemy go naprawić. Aby nam pomóc, możesz wysłać do nas automatycznie wygenerowany raport błędu zawierający:\n\n- Wersję programu\n- Wersję systemu operacyjnego\n- Nazwę komponentu VeraCrypt\n- Sumę kontrolną pliku wykonywalnego VeraCrypt\n- Symboliczną nazwę okienka dialogowego\n- Kategorię błędu\n- Adres błędu\n- Rodzaj CPU\n- Wywołanie stosu VeraCrypt\n\nJeżeli naciśniesz 'Tak', otworzy się strona WWW (z zawartością błędu) w twojej domyślnej przeglądarce Internetowej (może to trwać ok. 30 sekund).\n\n%hs\n\nCzy chcesz wysłać do nas raport o błędzie? - Wystąpił błąd krytyczy w Twoim systemie, co spowodowało zamknięcie VeraCrypt.\n\nBłąd nie wynika z działania VeraCrypt (więc development VeraCrypt nie naprawi go). Proszę, sprawdzić swój system pod kątem występowania problemów (np. konfiguracja systemu, połączenie sieciowe, uszkodzenia elementów sprzętowych). - Wystąpił krytyczny błąd systemu, wymagający zamknięcia VeraCrypt.\n\nJeśli problem będzie się powtarzał, wymagane będzie zablokowanie lub odinstalowanie aplikacji, które potencjalnie mogły spowodować problem, jak programy antywirusowe lub zabezpieczające internet, "polepszające", "optymizujące" lub "tweakujące" system, etc. Jeśli to nie pomoże, być może należy przeinstalować system operacyjny (Problem może być spowodowany przez malware). - Błąd krytyczny VeraCrypt - VeraCrypt wykrył, że padł ostatnio system operacyjny. Jest wiele potencjalnych przyczyn upadku systemu (na przykład wadliwy komponent sprzętowy, błąd w sterowniku urządzenia, itp.)\n\nCzy VeraCrypt ma sprawdzić cy to z jego powodu mógł nastąpić upadek systemu? - Czy VeraCrypt ma dalej wykrywać upadki systemu? - VeraCrypt nie odnalazł pliku minizrzutu po upadku systemu. - Czy chcesz usunąć plik zrzutu awaryjnego Windows, by zwolnić przestrzeń na dysku? - W celu wykonania analizy upadku systemu, VeraCrypt wymaga uprzedniej instalacji Microsoft Debugging Tools for Windows.\n\nPo wciśnięciu OK, Instalator Windows pobierze pakiet instalacyjny Microsoft Debugging Tools (16 MB) z serwera Microsoftu i zainstaluje go. (Instalator Windows zostanie przekierowany do na adres serwera Microsoft z serwera veracrypt.org server, co zapewni wykonanie procedury nawet jeśli Microsoft zmieni położenie pakietu instalacyjnego). - Po wciśnięciu OK, VeraCrypt wykona analizę upadku systemu. Może to potrwać kilka(naście) minut. - Sprawdź, czy zmienna systemowa 'PATH' zawiera ścieżkę do 'kd.exe' (Kernel Debugger). - Wydaje się, że VeraCrypt najprawdopodobniej nie spowodował upadku systemu. Istnieje wiele potencjalnych przyczyn upadku (na przykład wadliwy komponent sprzętowy, błąd w sterowniku urządzenia, itp.) - Wyniki analizy wskazują, że aktualizacja wskazanego sterownika może rozwiązać problem: - Aby pomóc nam określić, czy występuje błąd w VeraCrypt, proszę wysłać automatycznie wygenerowany raport zawierający następujące pozycje:\n- Wersja programu\n- Wersja systemu operacyjnego\n- Typ CPU\n- Kategoria błędu\n- Nazwa i wersja sterownika\n- Stos wywołań systemowych\n\nJeśli wybierzesz 'Tak', poniższy URL (zawierający pełny raport błędu) zostanie otwarty w domyślnej przeglądarce internetowej. - Czy chcesz wysłać powyższy raport błędu? - &Zaszyfruj - &Odszyfruj - &Trwale odszyfruj - Wyjście - Utwórz dysk logiczny na tej partycji rozszerzonej, następnie ponów próbę. - Wolumen VeraCrypt jest umieszczony w pliku (zwanym kontenerem/magazynem VeraCrypt), który może być umieszczony na dysku twardym lub USB itp. Magazyn VeraCrypt jest jak normalny plik (może on być, np. przeniesiony lun skasowany jak każdy normalny plik). Kliknij 'Wybierz plik' i wybierz nazwę pliku dla magazynu i wybierz lokalizację, gdzie chcesz, aby został stworzony.\n\nUwaga: Jeżeli wybierzesz istniejący plik, VeraCrypt NIE zaszyfruje go; plik zostanie skasowany i zastąpiony nowo tworzonym magazynem VeraCrypt. Jeżeli chcesz zaszyfrować istniejący plik (lub później) przesuń go do magazynu VeraCrypt, który teraz tworzysz. - Wybierz miejsce, gdzie będzie stworzony zewnętrzny wolumen (bez tego wolumenu ukryty wolumen będzie stworzony później).\n\nWolumen VeraCrypt będzie umieszczony w pliku (zwanym kontenerem/magazynem VeraCrypt), który będzie umieszczony na dysku twardym, na USB itp.. Magazyn VeraCrypt może być przesunięty lub skasowny jak normalny plik. Kliknij 'Wybierz plik' aby wybrać nazwę pliku dla magazynu i wybierz lokalizację w której ma on być stworzony. Jeżelu wybierzesz istniejący plik, VeraCrypt NIE zaszyfruje go; będzie ona skasowany i zastąpiony nową zawartością magazynu. Możesz zaszyfrować plik teraz (lub później) przesuwając go do kontenera/magazynu VeraCrypt, który teraz tworzysz. - Zaszyfrowane urządzenie - wolumen VeraCrypt może być stworzone wewnątrz partycji na dysku twardym, pamięci przenośnej, pamięciach USB, i innych obsługiwanych urządzeniach. Partycje mogą być zaszyfrowanie "w locie".\n\nW dodatku, zaszyfrowane urządzenia - wolumeny VeraCrypt mogą być tworzone wewnątrz urządzeń, które nie zawierają partycji (włącznie z dyskami twardymi i pamięciami przenośnymi).\n\nUwaga: Urządzenie które zawiera partycje może być całkowicie zaszyfrowane w "locie" (używając pojedynczego klucza) tylko jeżeli jest uruchomione i zainstalowany jest Windows. - Urządzenie - wolumen VeraCrypt może być stworzone wewnątrz partycji na dysku twardym, pamięci przenośnej, pamięciach USB, i innych obsługiwanych urządzeniach.\n\nUwaga: Pamiętaj że partycja/urządzenie będzie sformatowane i wszystkie dane zawarte na nim będą utracone. - \nWybierz lokalizację poza tworzonym wolumenem (wewnątrz którego będzie stworzony ukryty wolumen).\n\nZewnętrzny wolumen może być stworzony wewnątrz partycji na dysku twardym, pamięci zewnętrznej, pamięci USB, i innych obsługiwanych urządzeniach. Zewnętrzne wolumeny mogą być więc tworzone wewnątrz urządzeń, które nie zawierają partycji (włącznie z dyskami twardymi i pamięciami przenośnymi).\n\nOstrzeżenie: Pamiętaj że partycja/urządzenie będzie sformatowane i wszystkie dane zawarte na nim będą utracone. - Wybierz lokalizację wolumenu VeraCrypt, w którym chcesz utworzyć wolumen ukryty. - Ostrzeżenie: Plik/urządzenie jest aktualnie w użyciu!\n\nZignorowanie tego ostrzeżenia może spowodować nieoczekiwane rezultaty, z niestabilnością systemu włącznie. Przed podłączeniem tego wolumenu należy zamknąć wszystkie aplikacje, które mogą używać tego pliku/urządzenia.\n\nCzy kontynuować podłączanie wolumenu? - Błąd: Nie można podłączyć wolumenu. Plik/urządzenie jest aktualnie w użyciu. Próba podłączenia bez dostępu na wyłączność także zakończyła się niepowodzeniem. - Nie można otworzyć pliku. - Lokalizacja wolumenu - Duże pliki - Czy planujesz przechowywać pliki większe niż 4 GB w tym wolumenie VeraCrypt? - Polegając na Twoim wyborze, VeraCrypt będzie wybierał odpowiednio domyślny system plików wolumenu VeraCrypt (będziesz mógł wybrać system plików w kolejnym kroku). - Ponieważ wybierasz tworzenie zewnętrznego wolumenu, powinieneś rozważyć wybranie 'Nie'. Jeżeli wybierzesz 'Tak', domyślnie system plików będzie NTFS, który nie jest najdogodniejszy dla zewnętrznych wolumenów tak jak FAT (np. największa możliwa wielkość ukrytego wolumenu zostanie oznaczona jeżeli jest system plików FAT). Normalnie, FAT jest domyślnym systemem dla obu wolumenów: Ukrytego i normalnego (więc wolumeny FAT nie są podejrzane). Jednakże, jeżeli użytkownik sygnalizuje trzymanie plików większych niż 4 GB (gdzie na systemie FAT są one niedozwolone), system FAT nie jest domyślnym. - Czy jesteś pewien że chcesz wybrać 'Tak'? - Tryb tworzenia wolumenu - To jest najszybsza droga do stworzenia partycji lub urządzenia z wolumenem VeraCrypt (szyfrowanie "w locie" z dodatkowymi opcjami jest wolniejsze ponieważ zawartość każdego sektora musi być najpierw przeczytana, zaszyfrowana i dopiero zapisana). Jakiekoliwek dane zapisane na obecnie wybranej partycji/urządzeniu zostaną utracone (dane NIE zostaną zaszyfrowane; zostaną pokryte przypadkowymi bitami). Jeżeli chcesz zaszyfrować istniejące dane na partycji, wybierz inną opcję. - Cała wybrana partycja i wszystkie zapisane na niej dane zostaną zaszyfrowane "w locie/w miejscu". Jeżeli partycja jest pusta, powinieneś wybrać inną opcję (wolumen zostanie stworzony znacznie szybciej). - Informacja: - &Wznów - &Opóźnij - &Rozpocznij - &Kontynuuj - &Sformatuj - &Wyczyść - Przerwać formatowanie? - Pokaż więcej informacji - Nie pokazuj tego ponownie - Zawartość partycji/dysku została pomyślnie usunięta.. - Zawartość partycji, gdzie znajdował się oryginalny system operacyjny (jego klon jest w ukrytym systemie) został poprawnie skasowany. - Proszę upewnić się że wersja Windows, którą instalujesz jest tą samą wersją, którą masz obecnie uruchomioną. To jest wymagane ponieważ oba systemy współdzielą boot partycje. - Partycja/dysk systemowy został skutecznie zaszyfrowany.\n\nUwaga: Jeśli występują bezsystemowe wolumeny VeraCrypt, które wymagają automatycznego montowania przy starcie Windows, można to ustawić przez zamontowanie ich i wybranie 'Ulubione' > 'Dodaj zamontowany wolumen do ulubionych systemu'). - Pomyślnie odszyfrowano partycję lub dysk systemowy. - \n\nWolumen VeraCrypt został utworzony i jest gotowy do użycia. Jeśli chcesz utworzyć inny wolumen VeraCrypt, kliknij przycisk Dalej. W przeciwnym wypadku kliknij przycisk Wyjście. - \n\nUkryty wolumen VeraCrypt został pomyślnie stworzony (ukryty system operacyjny został umieszczony wewnątrz ukrytego wolumenu).\n\nNaciśnij Dalej, aby kontynuować. - Cały wolumen zaszyfrowany - Wolumen w pełni odszyfrowany - WAŻNE: ABY DOSTAĆ SIĘ DO DANYCH W NOWYM WOLUMENIE VERACRYPT PODŁĄCZ GO, KLIKNIJ 'Podłącz automatycznie' W GŁÓWNYM OKNIE VERACRYPT. Po wprowadzeniu poprawnego hasła (i/lub wskazania poprawnego pliku-klucza), wolumen zostanie podłączony pod literę dysku wybraną z listy w oknie VeraCrypt (i będziesz miał dostęp do zaszyfrowanych danych poprzez ten dysk).\n\nPROSZĘ ZAPAMIĘTAĆ LUB ZAPISAĆ SOBIE POWYŻSZE KROKI. MUSISZ TAK POSTĘPOWAĆ JEŻELI KIEDYKOLWIEK CHCESZ PODŁĄCZYĆ WOLUMEN I MIEĆ DOSTĘP DO DANYCH ZAWARTYCH W NIM. Opcjonalnie, w głównym oknie VeraCrypt, kliknij 'Wybierz urządzenie', wybierz partycję lub wolumen, kliknij 'Podłącz'.\n\nPartycja/wolumen zostanie poprawnie odszyfrowana (zawartość wolumenu jest zaszyfrowana przez VeraCrypt) i jest gotowa do użycia. - Wolumen VeraCrypt został pomyślnie odszyfrowany. - Wolumen VeraCrypt został pomyślnie odszyfrowany.\n\nProszę wybrać literę napędu, którą chcesz przypisać odszyfrowanemu wolumenowi oraz kliknąć Zakończ.\n\nWAŻNE: Dopóki litera napędu nie jest przypisana do odszyfrowanego napędu, dopóty nie będziesz mieć dostępu do danych zgromadzonych na wolumenie. - Ostrzeżenie: Aby mieć dostęp do odszyfrowanych danych, litera napędu musi być przypisana do odszyfrowanego wolumenu. Jednak obecnie nie jest dostępna żadna litera napędu.\n\nProszę zwolnić literę napędu (na przykład poprzez odłącznie napędu flash USB albo zewnętrznego dysku twardego, etc.) oraz kliknąć OK. - Wolumen VeraCrypt został pomyślnie utworzony. - Utworzono wolumen - Ważne: Wykonuj w tym oknie losowe ruchy myszą. Im dłużej to robisz, tym lepiej. Poprawia to znacząco kryptograficzną jakość kluczy. Następnie kliknij przycisk Sformatuj, aby utworzyć wolumen. - Kliknij Sformatuj, aby utworzyć wolumen zewnętrzny. Aby uzyskać więcej informacji, skorzystaj z dokumentacji. - Formatowanie wolumenu zewnętrznego - Formatowanie wolumenu ukrytego - Formatowanie wolumenu - Do wyświetlenia lub wydrukowania instrukcji użytkownika programu VeraCrypt jest wymagany program Adobe Reader (lub kompatybilny). Program Adobe Reader można bezpłatnie pobrać z serwisu: www.adobe.com\n\nCzy chcesz teraz obejrzeć dokumentację? - Jeśli wybierzesz tę opcję, kreator najpierw pomoże w utworzeniu zwykłego wolumenu programu VeraCrypt, a następnie wolumenu ukrytego (wewnątrz wolumenu zwykłego). Niedoświadczeni użytkownicy powinni zawsze wybierać tę opcję. - Zamierzasz utworzyć wolumen ukryty w istniejącym wolumenie VeraCrypt. Zostało przyjęte założenie, że właśnie utworzono wolumen VeraCrypt odpowiedni do przechowywania wolumenu ukrytego. - Tryb tworzenia wolumenu - Wolumen ukryty został utworzony - Ukryty wolumen VeraCrypt został pomyślnie utworzony i jest gotowy do użycia. Jeśli wykonano wszystkie instrukcje a ostrzeżenia wymagania wymienione w sekcji "Security Requirements and Precautions Pertaining to Hidden Volumes" w Instrukcji użytkownika VeraCrypt, powinno być niemożliwe udowodnienie że ukryty wolumen istnieje, nawet, gdy wolumen zewnętrzny jest zamontowany.\n\nUWAGA: JEŚLI NIE CHRONISZ UKRYTEGO WOLUMENU (BY DOWIEDZIEĆ SIĘ JAK, CZYTAJ W SEKCJI "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" W INSTRUKCJI UŻYTKOWNIKA VERACRYPT), NIE ZAPISUJ NA WOLUMINIE ZEWNĘTRZNYM. INACZEJ MOŻESZ NADPISAĆ I USZKODZIĆ WOLUMEN UKRYTY! - Wystartowałeś ukryty system operacyjny. Jak zostałeś poinformowany, ukryty system operacyjny zostanie zainstalowany na tej samej partycji co oryginalny system operacyjny. Jednakże, w rzeczywistości, jest on zainstalowany na zewnątrz partycji - za nią (w ukrytym wolumenie). Wszystkie odczyty i zapisy będą transparentnie przekazywane z oryginalnej partycji systemowej do ukrytego wolumenu.\n\nŻaden system operacyjny lub aplikacja nie wie że zapis danych i odczyt z partycji systemowej są realizowane spoza partycji (od/do ukrytego wolumenu). Wszystkie szukane dane są szyfrowanie i deszyfrowane w locie.\n\n\nProszę kliknąć Dalej, aby kontynuować. - Zewnętrzny wolumen został stworzony i podłączony jako %hc:. Do tego wolumenu możesz skopiować jakieś pliki, które aktualnie nie były ukryte.\n\nWażne: Pliki kopiowane na zewnętrzny wolumen nie powinny być większe niż %s. Inaczej, może nie być wystarczającej ilości wolnego miejsca na zewnętrznym wolumenie dla ukrytego wolumenu (i nie da się przejść dalej). Po zakończeniu kopiowania, kliknij Dalej (nie odłączaj wolumenu). - Wolumen zewnętrzny został pomyślnie utworzony i podłączony jako dysk %hc:. Należy teraz skopiować do niego dane sprawiające wrażenie cennych, a których w rzeczywistości NIE chcesz chronić. Dane te będą udostępnione osobie zmuszającej Cię do wyjawienia hasła. Możesz zdradzić tylko hasło do wolumenu zewnętrznego, a nie do ukrytego. Dane, które NAPRAWDĘ chcesz chronić, będą zapisywane w wolumenie ukrytym, który zostanie utworzony później. Kiedy skończysz kopiowanie, kliknij przycisk Dalej. Nie odłączaj tego wolumenu.\n\nPamiętaj: Po kliknięciu przycisku Dalej, mapa bitowa klastrów wolumenu zewnętrznego zostanie przeskanowana w celu określenia wielkości ciągłego obszaru wolnego, którego koniec pokrywa się z końcem wolumenu. Ten obszar może być wykorzystany przez wolumen ukryty i ogranicza jego maksymalną wielkość. Skanowanie mapy bitowej klastrów zapewnia, że żadne dane wolumenu zewnętrznego nie zostaną nadpisane przez wolumen ukryty. - Zawartość wolumenu zewnętrznego - \n\nW następnym kroku należy ustawić opcje dla wolumenu zewnętrznego (w którym później będzie utworzony wolumen ukryty). - \n\nW następnym kroku, stworzysz tak zwany zewnętrzny wolumen VeraCrypt będzie on pierwszą partycją za partycją systemową (jak zostało to wytłumaczone w poprzednich krokach). - Wolumen zewnętrzny - W obecnym kroku, możesz ustawić opcję i hasło dla ukrytego wolumenu, w który będzie zawierał ukryty system operacyjny.\n\nUwaga: Klaster zewnętrznego wolumenu został sprawdzony, aby wykryć wielkość nieprzerwanego wolnego obszaru. Ten obszar będzie mieścił ukryty wolumen, więc limitem jest maksymalna możliwa wielkość. Maksymalna możliwa wielkość ukrytego wolumenu została wykryta i zatwierdzona jako najlepsza wielkość partycji systemowej (jaka jest wymagana, ponieważ cała zawartość partycji systemowej zostanie skopiowana do ukrytego wolumenu). To zapewnia, że żadne dane obecnie zeskładowane na zewnętrznym wolumenie nie zostaną pokryte na obszarze ukrytego wolumenu. - WAŻNE: Proszę pamiętać wybrany algorytm w tym kroku. Będziesz musiał wybrać ten sam algorytm dla systemu zwodzącego. Inaczej ukryty system będzie niedostępny! (System zwodzący musi być zaszyfrowany tym samym algorytmem szyfrowania jak ukryty system.)\n\nUwaga: Powodem jest to, że system zwodzący i ukryty będą współdzielić program startowy, który obsługuje tylko jeden sposób (algorytm) szyfrowania, wybrany przez użytkownika (dla każdego algorytmu jest specjalna wersja programu startowego VeraCrypt). - \n\nMapa bitowa klastrów została przeskanowana i została ustalona maksymalna możliwa wielkość wolumenu ukrytego. W następnym kroku należy ustawić opcje, wielkość i hasło wolumenu ukrytego. - Wolumen ukryty - Wolumen ukryty jest teraz zabezpieczony przed uszkodzeniem na czas podłączenia wolumenu zewnętrznego.\n\nOSTRZEŻENIE: W przypadku próby zapisania danych w wolumenie zewnętrznym program VeraCrypt włączy blokadę zapisu dla całego wolumenu (zarówno dla części zewnętrznej jak i wewnętrznej) aż do momentu odłączenia. To może spowodować uszkodzenie systemu plików wolumenu zewnętrznego, oraz (jeśli się powtarza) zagrożenie zapewnienia możliwości wiarygodnego zaprzeczenia istnienia wolumenu ukrytego. Dlatego nie należy zapisywać danych w obszarze zajmowanym przez wolumen ukryty. Wszystkie dane zapisywane w obszarze zajmowanym przez wolumen ukryty nie zostaną zapisane i będą utracone. System Windows może to zgłaszać jako błąd zapisu ("Opóźniony zapis nie powiódł się" lub "Parametr jest niepoprawny"). - Każdy z wolumenów ukrytych wewnątrz nowo podłączanych wolumenów jest teraz zabezpieczony przed uszkodzeniem do momentu odłączenia.\n\nOSTRZEŻENIE: W przypadku próby zapisania danych w wolumenie zewnętrznym program VeraCrypt włączy blokadę zapisu dla całego wolumenu (zarówno dla części zewnętrznej jak i wewnętrznej) aż do momentu odłączenia. To może spowodować uszkodzenie systemu plików wolumenu zewnętrznego, oraz (jeśli się powtarza) zagrożenie zapewnienia możliwości wiarygodnego zaprzeczenia istnienia wolumenu ukrytego. Dlatego nie należy zapisywać danych w obszarze zajmowanym przez wolumen ukryty. Wszystkie dane zapisywane w obszarze zajmowanym przez wolumen ukryty nie zostaną zapisane i będą utracone. System Windows może to zgłaszać jako błąd zapisu ("Opóźniony zapis nie powiódł się" lub "Parametr jest niepoprawny"). - OSTRZEŻENIE: Próba zapisu danych w obszarze zarezerwowanym dla wolumenu ukrytego w wolumenie podłączonym jako %c:! Program VeraCrypt zapobiegł zapisowi tych danych z powodu ochrony wolumenu ukrytego. Mogło to spowodować uszkodzenie systemu plików wolumenu zewnętrznego. System Windows może to zgłaszać jako błąd zapisu ("Opóźniony zapis nie powiódł się" lub "Parametr jest niepoprawny"). Program VeraCrypt włączy blokadę zapisu dla całego wolumenu (zarówno dla części zewnętrznej jak i wewnętrznej) aż do momentu odłączenia. Jeśli to nie jest pierwszy przypadek uniemożliwienia przez program VeraCrypt zapisu w obszarze wolumenu ukrytego, wiarygodne zaprzeczenie istnienia wolumenu ukrytego może być zagrożone (przez możliwe wystąpienie nienormalnie skorelowanych niespójności w systemie plików wolumenu zewnętrznego). Dlatego należy rozważyć utworzenie nowego wolumenu VeraCrypt (z wyłączoną opcją szybkiego formatowania) i przenieść pliki z tego wolumenu do nowego. Po przeniesieniu danych nieużywany już wolumen powinien zostać wymazany w sposób bezpieczny (zarówno część zewnętrzna jak i ukryta). Należy teraz koniecznie ponownie uruchomić system. - Wskazujesz chęć przechowywania plików większych niż 4 GB w wolumenie. Wymaga to, by wolumen był sformatowany jako NTFS, co jednak nie będzie możliwe. - Zauważ, że gdy uruchomiony jest ukryty system operacyjny, nieukryte wolumeny VeraCrypt nie moga byc sformatowane jako NTFS. Powodem jest, że wolumen wymagać będzie tymczasowego podłączenia bez zabezpieczenia przed zapisem, aby system operacyjny mógł sformatować go jako NTFS (formatowanie jako FAT natomiast jest wykonywane przez VeraCrypt, nie system operacyjny, i bez podłączania wolumenu). Patrz niżej, by poznać szczegóły techniczne. Możesz utworzyć nieukryty wolumen NTFS ze zwodzącego systemu operacyjnego. - Z powodów bezpieczeństwa, kiedy jest uruchomiony ukryty system operacyjny, możesz tworzyć tylko wolumeny w trybie 'direct (bezpośrednio)' (ponieważ zewnętrzny wolumen musi być zawsze zamontowany w trybie tylko do odczytu zewnętrznego). Aby stworzyć bezpieczny ukryty wolumen, postępuj zgodnie z wskazówkami:\n\n1) Uruchom pierwszy system.\n\n2) Stwórz normalny wolumen VeraCrypt i do tego wolumenu skopuj jakieś pliki, które nie będą aktualnie chronione i ukryte (wolumen będzie zewnętrznym wolumenem).\n\n3) Uruchom ukryty system operacyjny i uruchom kreatora wolumenów VeraCrypt. Jeżeli wolumen jest w pliku, przesuń go do partycji systemowej lub do innego ukrytego wolumenu (inaczej nowo stworzony ukryty wolumen może być podłączony tylko do odczytu i nie może być sformatowany). Postępuj zgodnie z instrukcjami w kreatorze i wybierz tryb 'direct (bezpośredni)' tworzenia ukrytego wolumenu.\n\n4) W kreatorze, wybierz wolumen który stworzyłeś w kroku 2 i postępuj zgodnie z instrukcjami tworzenia ukrytego wolumenu. - Z powodów bezpieczeństwa, kiedy jest uruchomiony ukryty system operacyjny, lokalne niezaszyfrowane systemy plików i nie ukryte wolumeny VeraCrypt są zamontowane tylko od odczytu (nie można na nich zapisać żadnych danych).\n\nDane są dostępne do zapisu na każdym systemie plików który rezyduje w ukrytym wolumenie VeraCrypt (dostarczony ukryty wolumen nie jest umieszczony na niezaszyfrowanym systemie plików lub na żadnym systemie plików tylko do odczytu). - Są trzy główne powody dla których podjęte zostały środki zaradcze:\n\n- Umożliwia tworzenie bezpiecznej platformy dla bezpiecznego montowania ukrytych wolumenów VeraCrypt. Zauważ, że oficjalnie zalecamy, by ukrytw wolumeny były montowane tylko wtedy, gdy uruchomiony jest ukryty system operacyjny. (By uzyskać więcej informacji przeczytaj podrozdział dokumentacji 'Security Requirements and Precautions Pertaining to Hidden Volumes'.)\n\n- W pewnych przypadkach możliwe jest ustalenie tego, że dany system plików nie został zamontowany pod (lub że dany plik w systemie plików nie został zapisany lub udostępniony z poziomu) określonej instancji systemu operacyjnego (np przez analizę i porównanie dzienników systemu plików, stempli czasowych pliku, logów aplikacji, logów błędów itp.). To może wskazywać, że ukryty system operacyjny został zainstalowany na komputerze. Środki zaradcze zapobiegają takim przypadkom.\n\n- Zapobiegają uszkodzeniu danych i pozwalają na bezpieczne usypianie. Kiedy Windows wznawia pracę po uśpieniu, zakłada, że wszystkie zamontowane systemy plików są w tym samym stanie w jakim system został uśpiony. VeraCrypt zapewnia to przez zabezpieczenie przed zapisem dowolnego systemu plików dostępnego zarówno z systemu zwodzącego jak i ukrytego. Bez takiego zabezpieczenia system plików mógłby zostać uszkodzony podczas montowania przez jeden z systemów podczas, gdy drugi jest uśpiony. - Uwaga: Jeżeli potrzebujesz szyfrowanej transmisji plików pomiedzy pierwszym systemem a ukrytym systemem, postępuj wg kroków: 1) Uruchom pierwszy system (decoy system). 2) Zapisz pliki na niezaszyfrowanym wolumenie lub na zewnętrznym/normalnym wolumenie VeraCrypt. 3) Uruchom ukryty sytsem operacyjny. 4) Jeżeli zapisałeś pliki na wolumenie VeraCrypt, podłącz go (zostanie on automatycznie podłączony jako tylko do odczytu). 5) Skopiuj pliki do ukrytego systemu operacyjnego lub do innego ukrytego wolumenu. - Komputer musi być ponownie uruchomiony.\n\nCzy wykonać to teraz? - Wystąpił błąd podczas pobierania statusu szyfrowania systemu. - Nie określono hasła w linii poleceń. Wolumen nie może zostać stworzony. - Nie określono rozmiaru w linii poleceń. Wolumen nie może zostać stworzony. - Rozmiar plku wolumenu określonego w linii poleceń jest niekompatybilny z wybranym systemem plików NTFS. - Rozmiar plku wolumenu określonego w linii poleceń jest niekompatybilny z wybranym systemem plików FAT32. - System plików napędu docelowego nie obsługuje tworzenia plików rozrzedzonych, które wymagają wolumeny dynamiczne. - Tylko pliki kontenera mogą być tworzone poprzez linię poleceń. - Rozmiar pliku kontenera określony w linii poleceń jest większy niż dostępna ilość wolnego miejsca na dysku. Wolumen nie może zostać stworzony. - Rozmiar wolumenu określony w linii poleceń jest zbyt mały. Wolumen nie może zostać stworzony. - Rozmiar wolumenu określony w linii poleceń jest zbyt mały. Wolumen nie może zostać stworzony. - Nie można zainicjować komponentów aplikacji dla szyfrowania systemu. - Błąd inicjowania generatora liczb losowych! - Błąd API Windows Crypto!\n\n\n(Jeżeli zgłosisz powiązany z tym błąd, proszę dołączyć następujące informacje techniczne w raporcie błędu:\n%hs, Last Error = 0x%.8X) - Nie można zainicjować aplikacji. Błąd rejestracji klasy okna dialogowego. - BŁĄD: Nie można załadować systemowej biblioteki edytora Rich Edit. - Kreator tworzenia wolumenów VeraCrypt - Maksymalna możliwa wielkość wolumenu ukrytego dla tego wolumenu (w bajtach): %.2f. - Maksymalna możliwa wielkość wolumenu ukrytego dla tego wolumenu (w kilobajtach): %.2f. - Maksymalna możliwa wielkość wolumenu ukrytego dla tego wolumenu (w megabajtach): %.2f. - Maksymalna możliwa wielkość wolumenu ukrytego dla tego wolumenu (w gigabajtach): %.2f. - Maksymalna możliwa wielkość wolumenu ukrytego dla tego wolumenu (w terabajtach): %.2f. - Nie można zmienić hasła/pliku-klucza dla podłączonego wolumenu. Najpierw należy odłączyć ten wolumen. - Nie można zmienić algorytmu klucza nagłówka dla podłączonego wolumenu. Najpierw należy odłączyć ten wolumen. - &Podłącz - Do podłączenia tego wolumenu jest wymagana nowsza wersja programu VeraCrypt. - Błąd: Nie znaleziono kreatora wolumenów VeraCrypt.\n\nUpewnij się, że plik 'VeraCrypt Format.exe' znajduje się w katalogu, z którego uruchomiono 'VeraCrypt.exe'. Jeśli nie, ponownie zainstaluj program VeraCrypt lub znajdź program 'VeraCrypt Format.exe' na dysku i uruchom go. - Bład: Nie odnaleziono rozszerzacza wolumenu.\n\nProszę upewnić się, że plik 'VeraCryptExpander.exe' znajduje się w folderze, z którego uruchomiono 'VeraCrypt.exe'. Jeżeli nie, proszę przeinstalować VeraCrypt albo zlokalizować 'VeraCryptExpander.exe' na dysku i uruchomić. - &Dalej > - &Zakończ - &Zainstaluj - Wy&odrębnij - Nie można połączyć ze sterownikiem urządzenia VeraCrypt. Program VeraCrypt nie może pracować, jeśli sterownik nie jest uruchomiony.\n\nZ powodu rozwiązań przyjętych w systemie Windows przed załadowaniem sterownika może być konieczne wylogowanie lub restart systemu. - Wystąpił błąd w czasie ładowania/przygotowania czcionek. - Nie podano lub nie znaleziono litery dysku. - Błąd: Nie można przypisać litery napędu.\n\nDopóki litera napędu nie jest przypisana do odszyfrowanego napędu, dopóty nie będziesz mieć dostępu do danych zgromadzonych na wolumenie.\n\nPonowić? - Litera dysku nie jest dostępna. - Nie wybrano pliku! - Nie ma dostępnych liter dysków. - Nie ma wolnej litery dysku dla oznaczenia wolumenu zewnętrznego! Nie można kontynuować tworzenia wolumenu. - Nie można ustalić wersji używanego systemu operacyjnego albo używasz nieobsługiwanego systemu operacyjnego. - Nie wybrano ścieżki! - Niewystarczająca ilość wolnego miejsca dla wolumenu ukrytego! Nie można kontynuować tworzenia wolumenu. - BŁĄD: Pliki kopiowane do zewnętrznego wolumenu wymagają więcej miejsca. Brak jest wolnego miejsca na zewnętrznym wolumenie dla ukrytego wolumenu.\n\nPamiętaj, że wielkość ukrytego wolumenu musi być większa od systemowej partycji (od partycji, gdzie aktualnie uruchomiony jest system operacyjny). Powód jest taki, że ukryty system operacyjny musi być stworzony przez skopiowanie zawartości partycji systemowej do ukrytego wolumenu.\n\n\nProces tworzenia ukrytego systemu operacyjnego nie może być kontynuowany. - Sterownik nie może odłączyć wolumenu. Prawdopodobnie niektóre z umieszczonych w nim plików wciąż są otwarte. - Nie można zablokować wolumenu. Niektóre z umieszczonych w nim plików wciąż są otwarte. Dlatego nie można odłączyć wolumenu. - VeraCrypt mie może zablokować wolumenu ponieważ jest on używany przez system lub aplikacje (mogą być otwarte pliki na wolumenie).\n\nCzy chcesz wymusić odłączenie wolumenu? - Wybierz wolumen VeraCrypt - Podaj ścieżkę i nazwę pliku - Wybierz PKCS #11 bibliotekę - Brak pamięci - WAŻNE: Mocno rekomendujemy niedoświadczonym użytkownikom tworzenie kontenerów VeraCrypt w plikach na wybranych urządzeniach/partycjach, zamiast szyfrować całe urządzenie/partycję.\n\nKiedy tworzysz kontener VeraCrypt plik (jako alternatywę zaszyfrowania urządzenia lub partycji) nie ma ryzyka np. uszkodzenia dużej ilości plików. Pamiętaj, że kontener - plik VeraCrypt (każdy wirtualny zaszyfrowany dysk) jest tak jak każdy normalny plik. Po więcej informacji, zajrzyj do instrukcji Beginner's Tutorial w dokumentacji VeraCrypt.\n\nCzy jesteś pewien że chcesz zaszyfrować całe urządzenie/partycję? - OSTRZEŻENIE: Plik '%s' już istnieje!\n\nWAŻNE: PROGRAM VERACRYPT NIE ZASZYFRUJE TEGO PLIKU, ALE GO USUNIE! Czy na pewno usunąć ten plik i zastąpić go nowym kontenerem VeraCrypt? - UWAGA: WSZYSTKIE PLIKI OBECNIE ZAPISANE W %s '%s'%s BĘDĄ USUNIĘTE I ZOSTANĄ UTRACONE (NIE BĘDĄ ZASZYFROWANE)!\n\nCzy na pewno chcesz kontynuować formatowanie? - UWAGA: Nie zostaniesz dopuszczony do podłączenia wolumenu lub dostępu do zapisanych plików dopóki nie zostaną one w pełni zaszyfrowane.\n\nCzy jesteś pewien, że chcesz uruchomić szyfrowanie: %s '%s'%s? - UWAGA: Nie będziesz mógł zamontować wolumenu oraz mieć dostępu do jakichkolwiek plików zgromadzonych na nim, aż nie zostanie w pełni odszyfrowany.\n\nCzy na pewno chcesz rozpocząć odszyfrowywanie wybranego %s '%s'%s? - UWAGA: Należy pamiętać, że jeśli zasilanie zostanie nagle przerwane podczas szyfrowania lub deszyfrowania istniejących danych "w locie", lub gdy nastąpi awaria systemu operacyjnego z powodu błędu oprogramowania lub sprzętu, podczas gdy VeraCrypt szyfruje lub deszyfruje istniejące dane "w locie", część danych zostanie uszkodzona lub utracona. W związku z tym, przed rozpoczęciem szyfrowania lub deszyfrowania, upewnij się, że masz kopie zapasowe plików, które chcesz zaszyfrować lub odszyfrować.\n\nCzy masz taką kopię zapasową? - UWAGA: KAŻDE PLIKI AKTUALNIE ZAPISANE NA PARTYCJI '%s'%s (NP. NA PIERWSZEJ PARTYCJI ZA PARTYCJĄ SYSTEMOWĄ) ZOSTANĄ SKASOWANE I UTRACONE (NIE BĘDĄ ONE ZASZYFROWANE)!\n\nCzy jesteś pewien, że chcesz kontynuować z formatowaniem? - UWAGA: WYBRANA PARTYCJA ZAWIERA DUŻĄ ILOŚĆ DANYCH! Wszystkie pliki zapisane na partycji zostaną skasowane i utracone (NIE będą one zaszyfrowane)! - Skasowanie wszystkich zapisanych plików na partycji przez stworzenie wewnątrz wolumenu VeraCrypt - Hasło - MOI - Ustaw algorytm klucza nagłówka - Dodaj lub usuń pliki-klucze do lub z wolumenu - Usuń wszystkie pliki-klucze z wolumenu - Hasło, MOI i/lub pliki-klucze pomyślnie zmienione.\n\nWAŻNE: Proszę się upewnić, że przeczytałeś sekcje 'Changing Passwords and Keyfiles' w rozdziale 'Security Requirements and Precautions' w dokumentacji VeraCrypt. - Ten wolumen jest zarejestrowany jako ulubiony systemu. \nCzy chcesz, aby VeraCrypt automatycznie uaktualnił konfigurację ulubionych systemu (wymagane uprawnienia administratora)?\n\nProszę zauważyć, że jeśli wybierzesz "nie", będziesz musiał uaktualnić ręcznie ulubione systemu. - WAŻNE: Jeżeli nie zniszczyłeś płyty ratunkowej VeraCrypt, twój system partycja/dysk może być ciągle odszyfrowany używając starego hasła (poprzez uruchomienie płyty ratunkowej VeraCrypt i wprowadzeniu starego hasła). Powinieneś stworzyć nową płytę ratunkową VeraCrypt i później skasować starą.\n\nCzy chcesz stworzyć nową płytę ratunkową VeraCrypt? - Płyta ratunkowa programu VeraCrypt nadal używa poprzedniego algorytmu. Jeśli poprzedni algorytm uważany jest za niebezpieczny, należy utworzyć nową płytę ratunkową i zniszczyć poprzednią.\n\nCzy chcesz utworzyć nową płytę ratunkową? - Plik dowolnego typu (np. .mp3, .jpg, .zip, .avi) może zostać użyty jako plik-klucza VC. Zauważ, że VC nigdy nie zmienia zawartości pliku-klucza. Możesz wybrać więcej niż jeden plik-klucza (porządek nie ma znaczenia). Jeśli dodasz folder, wszystkie nieukryte pliki z niego zostana użyte jako plik- klucze. Kliknij 'Dodaj token...', by wskazać pliki-kluczy przechowywane na tokenach bezpieczeństwa lub kartach pamięci (albo zaimportować pliki-klucze na tokeny bezpieczeństwa lub karty pamięci). - Pliki-klucze zostały pomyślnie dodane/usunięte. - Plik-klucz wyeksportowano. - Algorytm klucza nagłówka został pomyślnie ustawiony. - Proszę wprowadzić hasło i/lub plik/i-klucz/e dla bezsystemowego wolumenu, gdzie chcesz wznowić proces szyfrownia "w locie".\n\n\nZapamiętaj: Po kliknięciu Dalej, VeraCrypt przystąpi do wyszukania wszystkich nie systemowych wolumenów, gdzie proces szyfrowania został przerwany, i gdzie nagłówek wolumenu VeraCrypt moż być odszyfrowany używając podanego hasła i/lub pliku/ów-klucza/y. Jeżeli jest znaleziony więcej niż jeden wolumen, będziesz musiał wybrać jeden z nich w następnym kroku. - Proszę wybrać jeden z wyszczególnionych wolumenów. Lista zawiera każdy dostępny nie systemowy wolumen, gdzie proces szyfrowania został przerwany, i gdzie nagłówek mógł być odszyfrowany używając podanego hasła i/lub pliku/ów-klucza/y. - Proszę wprowadzić hasło i/lub plik/i-klucz/e dla bezsystemowego wolumenu VeraCrypt, który chcesz odszyfrować. - Bardzo ważne jest wybranie dobrego hasła. Powinieneś unikać wybrania pojedynczych słów, które mogą być znalezione w słowniku (lub kombinacji 2, 3, lub 4 znalezionych słów). Nie powinno zawierać, żadnych nazw, imion lub dat urodzin. Nie powinno być łatwe do wymyślenia. Dobrym hasłem jest przypadkowa kombinacja dużych i małych liter, cyfr, i znaków specjalnych, takich jak @ ^ = $ * + itd. Zalecamy wybranie hasła zawierającego więcej niż 20 znaków (dłuższe, lepsze). Maksymalna długość - 64 znaki. - Wybierz hasło dla wolumenu ukrytego. - Proszę wybrać hasło dla ukrytego systemu operacyjnego (np. dla ukrytej partycji). - WAŻNE: Hasło które wybrałeś dla ukrytego systemu operacyjnego w tym kroku musi być zasadniczo inne od pozostałych dwóch haseł (np. od hasła do zewnętrznego wolumenu i od hasła do zwodzącego systemu operacyjnego). - Podaj hasło dla wolumenu, w którym chcesz utworzyć wolumen ukryty.\n\nPo kliknięciu przycisku Dalej program VeraCrypt spróbuje podłączyć ten wolumen. Natychmiast po podłączeniu nastąpi skanowanie mapy bitowej klastrów w celu określenia wielkości ciągłego, wolnego obszaru (jeśli jest) wyrównanego do końca wolumenu. Ten obszar będzie wykorzystany przez wolumen ukryty i dlatego ogranicza maksymalną możliwą wielkość. Skanowanie mapy klastrów jest niezbędne dla zapewnienia, że żadne dane z wolumenu zewnętrznego nie zostaną nadpisane przez wolumen ukryty. - \nProszę wybrać hasło do zewnętrznego wolumenu. To będzie hasło które może być ujawnione, gdy będziesz tego chciał lub zostaniesz zmuszony.\n\nWAŻNE: Hasło musi być zasadniczo inne od innych których używasz do ukrytego wolumenu.\n\nPamiętaj: Maksymalna możliwa długość hasła to 64 znaki. - Proszę wybrać hasło do zewnętrznego wolumenu. To będzie hasło które może być ujawnione, gdy będziesz tego chciał do pierwszej partycji za partycją systemową, gdzie umieszczone są oba: zewnętrzny wolumen i ukryty wolumen (zawierający ukryty system operacyjny). Istnienie ukrytego wolumenu (i ukrytego systemu operacyjnego) pozostanie dalej w tajemnicy. Pamiętaj hasło nie jest do zwodzącego systemu operacyjnego.\n\nWAŻNE: Hasło musi być zasadniczo inne od pozostałych które wybrałeś do ukrytego wolumenu (np. do ukrytego systemu operacyjnego). - Hasło wolumenu zewnętrznego - Hasło wolumenu ukrytego - Hasło ukrytego Systemu Operacyjnego - OSTRZEŻENIE: Krótkie hasła są łatwe do złamania przez zastosowanie techniki brutalnego ataku!\n\nZaleca się używanie haseł składających się przynajmniej z 20 znaków. Czy na pewno użyć krótkiego hasła? - Hasło wolumenu - Niepoprawne hasło albo to nie jest wolumen VeraCrypt. - Niepoprawne pliki-klucze i/lub hasło albo to nie jest wolumen VeraCrypt. - Zły tryb podłączania, niepoprawne hasło lub to nie jest wolumen VeraCrypt. - Niepoprawny tryb podłączania, niepoprawne pliki-klucze, błędne hasło lub to nie jest wolumen VeraCrypt. - Niepoprawne hasło lub nie znaleziono wolumenu VeraCrypt. - Niepoprawne pliki-klucze/hasło lub nie znaleziono wolumenu VeraCrypt. - \n\nOstrzeżenie: Tryb Caps Lock (wielkie litery) jest włączony. Może to spowodować niepoprawne wprowadzenie hasła. - Zapamietaj liczbę, aby zamontować wolumen - MOI zewnętrznego wolumenu - MOI ukrytego wolumenu - MOI ukrytego systemu operacyjnego - MOI (Mnożnik Osobistych Iteracji) to wartość, która następująco kontroluje liczbę iteracji używanych przez derywację klucza nagłówka:\n Iteracje = 15000 + (MOI x 1000).\n\nGdy pozostawione puste lub ustawione na 0, VeraCrypt użyje wartości domyślnej (485), która zapewnia wysokie bezpieczeństwo.\nGdy hasło jest krótsze niż 20 znaków, MOI nie może być mniejszy niż 485, aby zapewnić minimalny poziom bezpieczeństwa.\nGdy hasło ma 20 znaków lub więcej, MOI może mieć dowolną wartość.\nWartość MOI większa niż 485 spowoduje wolniejsze montowanie, mała wartość MOI (mniejsza niż 485) spowoduje szybsze montowanie, ale może zmniejszyć poziom bezpieczeństwa, gdy hasło nie jest wystarczająco silne. - MOI (Mnożnik Osobistych Iteracji) to wartość, która następująco kontroluje liczbę iteracji używanych przez derywację klucza nagłówka:\n Iteracje = MOI x 2048.\n\nGdy pozostawione puste lub ustawione na 0, VeraCrypt użyje wartości domyślnej, która zapewnia wysokie bezpieczeństwo.\nGdy hasło jest krótsze niż 20 znaków, MOI nie może być mniejszy niż 98, aby zapewnić minimalny poziom bezpieczeństwa.\nGdy hasło ma 20 znaków lub więcej, MOI może mieć dowolną wartość.\nWartość MOI większa niż 98 spowoduje wolniejsze montowanie, mała wartość MOI (mniejsza niż 98) spowoduje szybsze montowanie, ale może zmniejszyć poziom bezpieczeństwa, gdy hasło nie jest wystarczająco silne. - Zapamiętaj liczbę do uruchomienia systemu - Wybrałeś wartość MOI, która jest większa niż standardowa wartość VeraCrypt.\nProszę zauważyć, że doprowadzi to do znacznie wolniejszego montowania lub uruchamiania. - Wybrałeś Mnożnik Osobistych Iteracji (MOI), który jest mniejszy niż podstawowa wartość VeraCrypt. Proszę zauważyć, że jeżeli twoje hasło nie jest wystarczająco mocne, moze to doprowadzić do osłabienia bezpieczeństwa.\n\nCzy potwierdzasz użycie silnego hasła? - Maksymalna wartość Mnożnika Osobistych Iteracji (MOI) dla szyfrowania systemu wynosi 65535. - MOI wolumenu - \n\nOSTRZEŻENIE: Odnaleziono pliki ukryte na ścieżce wyszukiwaniu plików-kluczy. Takie pliki nie moga zostać użyte jako pliki-klucze. Jeśli potrzebujesz ich jako plików-kluczy, usuń atrybut 'ukryty' (kliknij prawym przyciskiem myszki na każdym z nich, wybierz 'Właściwości', odznacz 'Ukryty' i wciśnij OK). Sugestia: Pliki ukryte widoczne są tylko jeśli włączona jest odpowiednia opcja (Komputer > Organizuj > 'Opcje folderów i wyszukiwania' > Widok). - Jeżeli przystąpiłeś do zabezpieczania ukrytego wolumenu zawierającego ukryty system operacyjny, proszę się upewnić że używasz standartowego układu klawiatury US kiedy piszesz hasło do ukrytego wolumenu. Jest to wymagane, aby wpisać hasło potrzebne do pre-boot (przed uruchomieniem Windows), gdzie układ klawiatury w Windows jest inny niż standard US. - VeraCrypt nie znalazł żadnego wolumenu, gdzie nie systemowe szyfrowanie zostało przerwane, i gdzie nagłówek wolumenu może być odszyfrowany używając podanego hasła i/lub plikiem/ami-kluczem/ami.\n\nProszę upewnić się, że hasło i/lub plik/i-klucz/e są poprawne i że partycja/wolumen nie jest używana przez system lub aplikacje (włączając w to system antywirusowy). - Wybrana partycja/urządzenie jest już w pełni zaszyfrowana.\nFlagi nagłówka = 0x%.8X - Wybrana partycja/urządzenie nie używa szyfrowania w miejscu.\nFlagi nagłówka = 0x%.8X - \n\nUwaga: Aby podłączyć partycję zlokalizowaną na zaszyfrowanym dysku systemowym bez wstępnego uwierzytelniania lub podłączyć zaszyfrowaną partycję systemową systemu, który nie jest uruchomiony, należy wybrać opcję 'System' > 'Podłącz bez wstępnego uwierzytelniania'. - W tym trybie, nie możesz podłączyć partycji umieszczonej na dysku, gdzie część zakresu klucza jest umieszczona w aktywnie zaszyfrowanym systemie.\n\nPrzed podłączeniem partycji w tym trybie, musisz uruchomić system operacyjny zainstalowany na innym dysku (zaszyfrowanym lub niezaszyfrowanym) lub uruchomić niezaszyfrowany system operacyjny. - VeraCrypt nie może odszyfrować indywidualnej partycji na całkowicie zaszyfrowanym napędzie systemowym (możesz odszyfrować tylko cały napęd systemowy). - Ostrzeżenie: Ponieważ ten napęd zawiera program startowy VeraCrypt, może to być całkowicie zaszyfrowany napęd systemowy. Jeżeli jest, proszę zauważyć że VeraCrypt nie może odszyfrować pojedynczej partycji na całkowicie zaszyfrowanym napędzie systemowym (możesz odszyfrować tylko cały napęd systemowy). Jeżeli ma to miejsce, będziesz mógł teraz kontynuować, ale otrzymasz później wiadomość 'Nieprawidłowe hasło'. - < &Wstecz - Nie można utworzyć listy urządzeń surowych zainstalowanych w tym systemie! - Wolumen '%s' istnieje i jest tylko do odczytu. Czy na pewno go zastąpić? - Wybierz katalog docelowy - Wybierz plik-klucz - Wskaż ścieżkę wyszukiwania pliku-klucza. UWAGA: Zapisana będzie tylko ścieżka a nie nazwy plików! - Wybierz katalog do przechowywania plików-kluczy. - Bieżący plik kontenera został wybrany jako plik-klucz. Zostanie on pominięty. - Zaprojektowany przez Rossa Andersona, Eli Bihama i Larsa Knudsena. Opublikowany w 1998. 256-bitowy klucz, 128-bitowy blok. Tryb szyfrowania: XTS. Algorytm Serpent był jednym z finalistów konkursu na algorytm AES. - Wskaż rozmiar kontenera do utworzenia.\n\nJeśli tworzysz dynamiczny (sparse-file) kontener, ten parametr wskazuje maksymalny możliwy rozmiar.\n\nZauważ, że minimalny możliwy rozmiar woluminu FAT wynosi 292 KB. Minimalny możliwy rozmiar wolumenu NTFS to 3792 KB. - Wskaż rozmiar zewnętrznego wolumenu do utworzenia (na początku zostanie utworzony wolumen zewnętrzny a następnie wolumen ukryty wewnątrz niego). Minimalny możliwy rozmiar wolumenu, wewnątrz którego tworzony jest wolumen ukryty wynosi 340 KB. - Wskaż rozmiar ukrytego wolumenu do utworzenia. Minimalny dozwolony rozmiar ukrytego wolumenu jest 40 KB (lub 3664 KB jeśli jest formatowany jako NTFS). Maksymalny możliwy rozmiar możliwy do wskazania dla ukrytego wolumenu wyświetlono powyżej. - Wielkość wolumenu zewnętrznego - Wielkość wolumenu ukrytego - Proszę zweryfikować, że wielkość wybranego urządzenia/partycji wskazanej wcześniej jest poprawna i kliknąć Dalej. - Zewnętrzny wolumen i ukryty wolumen (zawierający ukryty sysytem operacyjny) będą umieszczone wewnątrz wskazanej partycji. Będą to pierwsze partycje za partycją systemową.\n\nProszę zweryfikować poprawność wielkości partycji i jej numer, jeżeli jest dobrze, kliknąć Dalej. - \n\nZauważ, że minimalny dozwolony rozmiar wolumenu, wewnątrz którego ma się znaleźć wolumen ukryty wynosi 340 KB. - Wielkość wolumenu - Dynamiczny - UWAGA: NIEPOWODZENIE TESTU! - Test zakończono pomyślnie - Podany numer jednostki danych jest za długi lub za krótki. - Podany klucz dodatkowy jest za długi lub za krótki. - Podany tekst zaszyfrowany jest za długi lub za krótki. - Podany klucz testowy jest za długi lub za krótki. - Podany tekst jawny jest za długi lub za krótki. - Dwa szyfry używane kaskadowo w trybie XTS. Każdy blok jest najpierw szyfrowany przez %s (klucz %d-bitowy), a potem przez %s (klucz %d-bitowy). Każdy szyfr używa własnego klucza. Klucze są całkowicie niezależne. - Trzy szyfry używane kaskadowo w trybie XTS. Każdy blok jest najpierw szyfrowany przez %s (klucz %d-bitowy), potem przez %s (klucz %d-bitowy), a na końcu przez %s (klucz %d-bitowy). Każdy szyfr używa własnego klucza. Klucze są całkowicie niezależne. - Pamiętaj że, konfiguracja zależna jest od systemu operacyjnego, gdzie auto-run i auto-mount może działać tylko kiedy przenośne pliki są stworzone na urządzeniach z zablokowanym zapisem np. CD/DVD. Więc pamiętaj, że to nie jest błąd w VeraCrypt (jest to ograniczenie Windows). - VeraCrypt przenośny dysk został stworzony poprawnie.\n\nPamiętaj, że musisz posiadać uprawnienia administracyjne, aby uruchomić VeraCrypt w trybie przenośnym. - Dysk podróżny VeraCrypt - Zaprojektowany przez Bruce'a Schneiera, Johna Kelseya, Douga Whitinga, Davida Wagnera, Chrisa Halla i Nielsa Fergusona. Opublikowany w 1998. Klucz 256-bitowy, blok 128-bitowy. Tryb szyfrowania: XTS. Algorytm Twofish był jednym z finalistów konkursu na algorytm AES. - Więcej informacji na temat %s - Nieznany - Wystąpił nieokreślony bądź nieznany błąd (%d). - Niektóre wolumeny zawierają pliki lub foldery używane przez aplikacje lub system.\n\nWymusić odłączenie? - &Odłącz - Odłączenie nie powiodło się! - Wolumen zawiera pliki lub foldery używane przez aplikacje lub system.\n\nWymusić odłączenie? - Nie podłączono żadnego wolumenu do wskazanej litery dysku. - Wolumen, który próbujesz podłączyć, jest już podłączony. - Napotkano błąd przy próbie podłączenia wolumenu. - Błąd ustawienia pozycji zapisu/odczytu wewnątrz wolumenu. - Błąd: Niepoprawna wielkość wolumenu. - OSTRZEŻENIE: Opcja szybkiego formatowania powinna być używana tylko w następujących wypadkach:\n\n1) Urządzenie zawiera losowe dane (np. jest już bezpiecznie i w pełni zaszyfrowane).\n2) Cała dostępna wielkość będzie natychmiast wykorzystana.\n3) Bezpieczeństwo nie jest istotne (testowanie).\n\nCzy na pewno użyć szybkiego formatowania? - Kontener dynamiczny jest plikiem rzadkim NTFS, którego fizyczna wielkość (bieżące użycie miejsca na dysku) rośnie wraz z dodawaniem danych.\n\nOstrzeżenie: Wydajność wolumenu wykorzystującego plik rzadki jest znacząco gorsza o wydajności zwykłego wolumenu. Wolumeny wykorzystujące plik rzadki są także mniej bezpieczne, gdyż jest możliwe określenie, które sektory nie są używane. Dodatkowo, jeśli dane są zapisywane do pliku rzadkiego i zabraknie wolnego miejsca w systemie plików, zaszyfrowany system plików może zostać uszkodzony.\n\nCzy na pewno utworzyć wolumen w pliku rzadkim? - Zauważ, że wielkość dynamicznego kontenera pokazywana przez Windows i VeraCrypt będzie zawsze równa jego maksymalnemu rozmiarowi. Aby określić aktualną fizyczną wielkość kontenera (aktualną używaną przez niego przestrzeń dyskową), kliknij prawym przyciskiem myszy na pliku kontenera (w oknie Eksploratora Windows, nie w VeraCrypt), następnie wybierz 'Właściwości' i sprawdź wartość 'Rozmiar na dysku'.\n\nZauważ również, że jeśli przeniesiesz kontener na inny wolumen lub dysk, wielkość fizyczna kontenera zostanie zwiększona do maksimum. (Możesz temu zapobiec tworząc nowy kontener dynamiczny w miejscu docelowym, podłączając go a następnie przenosząc pliki ze starego kontenera do nowego.) - Bufor hasła wyczyszczony - Hasła (oraz zawartość przetwarzanego pliku-klucza) przechowywane w buforze sterownika VeraCrypt zostały wyczyszczone. - VeraCrypt nie może zmienić hasła dla wolumenu obcego. - Wybierz z listy wolną literę dysku. - Wybierz z listy podłączony wolumen. - Wybrano obecnie dwa różne zamontowane wolumeny (jeden na liście liter dysków a inny na polu poniżej listy).\n\nProszę wskazać odpowiedni wolumen: - Błąd: Nie można utworzyć pliku autorun.inf - Błąd podczas przetwarzania pliku-klucza! - Błąd podczas przetwarzania ścieżki pliku-klucza! - Ścieżka plików-kluczy nie zawiera plików.\n\nPamiętaj, że foldery (i zawartość plików) znalezionych na ścieżce przeszukiwań plików-kluczy zostały pominięte. - Program VeraCrypt nie obsługuje tego systemu operacyjnego. - Błąd: VeraCrypt wspiera tylko stabilne wersje systemów operacyjnych (wersje beta/RC nie są wspierane). - Błąd: Nie można przydzielić pamięci. - Błąd: Nie można pobrać wartości z licznika wydajności. - Błąd: Nieodpowiedni format wolumenu. - Błąd: Podałeś hasło do ukrytego wolumenu (nie dla normalnego wolumenu). - Z powodów bezpieczeństwa, ukryty wolumen nie może być stworzony wewnątrz wolumenu VeraCrypt zawierającego system plików (ponieważ wolne miejsce na wolumenie nie będzie mogło zostać wypełnione losowymi danymi). - VeraCrypt - Informacje prawne - Wszystkie pliki - Wolumeny programu VeraCrypt - Moduły bibliotek - Kontynuowanie formatowania NTFS nie jest możliwe. - Nie można podłączyć wolumenu. - Nie można odłączyć wolumenu. - System Windows nie może sformatować tego wolumenu jako NTFS.\n\nWybierz inny typ systemu plików (jeśli to możliwe) i ponów próbę. Alternatywnie pozostaw ten wolumen jako niesformatowany (wybierz system plików 'Żaden'), wyjdź z kreatora, podłącz wolumen i sformatuj go innym programem narzędziowym (systemowym lub pochodzącym od innego dostawcy). Wolumen pozostanie zaszyfrowany. - System Windows nie mógł sformatować tego wolumenu jako NTFS.\n\nCzy sformatować go jako FAT? - Domyślny - partycja - PARTYCJA - Urządzenie - urządzenie - URZĄDZENIE - Wolumen - wolumen - WOLUMEN - Etykieta - Wybrana wielkość klastra jest zbyt mała dla wolumenu o tej wielkości. Należy użyć klastra o większej wielkości. - Błąd: Nie można uzyskać wielkości wolumenu!\n\nUpewnij się, że wybrany wolumen nie jest używany przez system lub aplikację. - Wolumeny ukryte nie mogą być tworzone w kontenerach dynamicznych (sparse file). Aby osiągnąć wiarygodne możliwości kontroli, wolumen ukryty musi być utworzony w kontenerze o stałym rozmiarze. - Kreator wolumenu VeraCrypt może utworzyć wolumen ukryty tylko w wolumenie z system plików FAT lub NTFS. - W systemie Windows 2000 kreator wolumenów VeraCrypt może utworzyć wolumen ukryty tylko w wolumenie z systemem plików FAT. - Uwaga: System plików FAT jest bardziej odpowiedni dla zewnętrznego wolumenu niż NTFS (np. maksymalna możliwa wielkość ukrytego wolumenu będzie prawdopodobnie większa jeżeli zewnętrzny wolumen jest sformatowany jako FAT). - System plików FAT jest bardziej odpowiedni dla zewnętrznych wolumenów niż system NTFS. Np. maksymalna możliwa wielkość ukrytego wolumenu będzie prawdopodobnie większa jeżeli zewnętrzny wolumen jest sformatowany jako FAT (Powód jest taki, że NTFS zawsze utrzymuje wewnętrzne dane dokładnie w środku wolumenu i dlatego ukryty wolumen może być umieszczony tylko w drugiej połówce partycji).\n\nCzy jesteś pewien, że chcesz sformatować zewnętrzny wolumen jako NTFS? - Czy chcesz sformatować wolumen jako FAT? - Uwaga: Ten wolumen nie może być sformatowany jako FAT, ponieważ przekracza maksymalną wielkość wolumenu obsługiwaną przez system plików FAT32 dla odpowiedniego rozmiaru sektora (2 TB dla sektorów 512-bajtowych oraz 16 TB dla sektorów 4096-bajtowych). - Błąd: Partycja dla ukrytego systemu operacyjnego (tzn. pierwsza partycja za partycją systemową) musi być przynajmniej 5% większa od partycji systemowej (partycja systemowa to taka, gdzie obecnie jest zainstalowany i uruchomiony system operacyjny). - Błąd: Partycja dla ukrytego systemu operacyjnego (np. pierwsza partycja za partycją systemową) musi być przynajmniej 110% (2.1 razy) większa od partycji systemowej (partycja systemowa to ta, gdzie obecnie zainstalowany i uruchomiony jest system the system operacyjny). Powód jest taki, że NTFS zawsze utrzymuje wewnętrzne dane dokładnie w środku wolumenu i dlatego ukryty wolumen (który zawiera klon partycji systemowej) może być umieszczony tylko w drugiej połówce partycji. - Błąd: Jeżeli zewnętrzny wolumen jest NTFS, musi być przynajmniej 110% (2.1 raza) większy niż partycja systemowa. Powód jest taki, że NTFS zawsze zapisuje wewnętrzne dane dokładnie w środku wolumenu i dlatego ukryty wolumen (który zawiera klon partycji systemowej) może być umieszczony tylko w drugiej połówce zewnętrznego wolumenu.\n\nUwaga: Zewnętrzny wolumen wymaga, aby był umieszczony wewnątrz tej samej partycji co ukryty system operacyjny (np. wewnątrz pierwszej partycja za partycją systemową). - Błąd: Nie ma partycji za partycją systemową.\n\nUwaga, przed stworzeniem ukrytego systemu operacyjnego wymagane jest stworzenie partycji dla tego systemu na systemowym dysku. Ona musi być pierwszą partycją za partycją systemową i musi być przynajmniej 5% większa od systemowej partycji (systemowa partycja to ta, gdzie aktualnie jest zainstalowany i uruchomiony system operacyjny). Jednakże, jeżeli zewnętrzny wolumen (nie mylić z partycją systemową) jest sformatowany jako NTFS, partycja na ukryty system operacyjny musi być przynajmniej 110% (2.1 raza) większa od systemowej partycji (powodem jest to, że NTFS zawsze zapisuje wewnętrzne dane dokładnie w środku wolumenu i dlatego ukryty wolumen który jest klonem zawartości partycji systemowej, może być umieszczony w drugiej połówce partycji). - Zapamiętaj: Nie jest praktykowane (i dlatego nie jest wspierane) zainstalowanie dwóch systemów operacyjnych w dwóch wolumenach VeraCrypt zawartych wewnątrz jednej partycji, ponieważ używanie zewnętrznego systemu operacyjnego często wymaga zapisania danych na obszarze ukrytego systemu operacyjnego. - Aby uzyskać informacje jak stworzyć i zarządzać partycjami, proszę przeczytać dokumentację zawartą w systemie operacyjnym lub skontaktować się ze swoim serwisem sprzętu. - BŁĄD: Obecnie uruchomiony system operacyjny nie jest zainstalowany na partycji bootującej (pierwszej aktywnej partycji). To nie jest obsługiwane. - Stwierdziłeś, że będziesz przechowywał na tym wolumenie pliki większe niż 4 GB. Jednodcześnie wybrałeś system plików FAT, na którym nie można umieścić plików większych niż 4 GB.\n\nCzy jesteś pewien że chcesz sformatować zewnętrzny wolumen jako FAT? - Błąd: VeraCrypt nie obsługuje deszyfrowania "w locie" starych bezsystemowych wolumenów stworzonych przez VeraCrypt 1.0b albo wcześniejsze.\n\nUwaga: Wciąż możesz odszyfrować pliki zgromadzone na wolumenie poprzez skopiowanie lub przeniesienie ich na niezaszyfrowany wolumen. - Błąd: Nie może odszyfrować "w locie" ukrytego wolumenu VeraCrypt.\n\nUwaga: Wciąż możesz odszyfrować pliki zgromadzone na wolumenie poprzez skopiowanie lub przeniesienie ich na niezaszyfrowany wolumen. - Ostrzeżenie: Zauważ, że VeraCrypt nie może odszyfrować "w locie" wolumenu, który zawiera ukryty wolumen VeraCrypt (ukryty wolumen zostałby nadpisany danymi pseudolosowymi).\n\nProszę potwierdzić, że wolumen, który zamierzasz odszyfrować nie zawiera ukrytego wolumenu.\n\nUwaga: Jeżeli wolumen zawiera ukryty wolumen, ale nie obawiasz się jego utraty, możesz wybrać Kontynuuj (zewnętrzny wolumen zostanie bezpiecznie odszyfrowany). - Wolumen nie zawiera żadnego ukrytego wolumenu. Kontynuuj. - Wolumen zawiera ukryty wolumen. Anuluj - Błąd: Brak dostępu do wolumenu!\n\nUpewnij się, że wybrany wolumen istnieje, nie jest podłączony lub używany przez system albo aplikację, że masz prawa do zapisu i odczytu wolumenu i że nie jest zabezpieczony przed zapisem. - Błąd: Nie można uzyskać właściwości wolumenu. - BŁĄD: Brak dostępu do wolumenu i/lub uzyskania informacji o wolumenie.\n\nUpewnij się, że wskazany wolumen istnieje, i że nie jest używany przez system lub aplikacje, że posiadasz uprawnienia do czytania/zapisania wolumenu, i że nie jest on zabezpieczony przed zapisem. - BŁĄD: Brak dostępu do wolumenu i/lub uzyskania informacji o wolumenie. Upewnij się, że wskazany wolumen istnieje, i że nie jest używany przez system lub aplikacje, że posiadasz uprawnienia do czytania/zapisania wolumenu, i że nie jest on zabezpieczony przed zapisem.\n\nJeżeli problem się powtarza, mogą pomóc następujące kroki. - Błąd uniemożliwił VeraCrypt do zaszyfrowania partycji. Proszę najpierw rozwiązać problem i spróbować ponownie. Jeżeli problem będzie się powtarzał, mogą pomóc następujące kroki. - Błąd uniemożliwił VeraCrypt wznowienie procesu szyfrowania partycji.\n\nProszę najpierw rozwiązać problem i spróbować ponownie wznowić proces. Uwaga, wolumen nie może być podłączony dopóki nie zostanie w pełni zaszyfrowany. - Błąd uniemożliwił VeraCrypt deszyfrowanie wolumenu. Proszę spróbować naprawić wcześniej zgłoszone problemy i spróbować ponownie, jeżeli to możliwe. - Błąd: Nie można odłączyć wolumenu zewnętrznego!\n\nWolumen nie może być odłączony, jeśli zawiera pliki lub foldery używane przez dowolny program lub system.\n\nZamknij wszystkie programy, które mogą używać plików lub katalogów na tym wolumenie, następnie kliknij przycisk Powtórz. - Błąd: Nie można uzyskać informacji o wolumenie zewnętrznym! Tworzenie wolumenu nie może być kontynuowane. - Błąd: Brak dostępu do wolumenu zewnętrznego! Nie można kontynuować tworzenia wolumenu. - Błąd: Nie można podłączyć wolumenu zewnętrznego! Nie można kontynuować tworzenia wolumenu. - Błąd: Nie można pobrać mapy bitowej klastrów! Nie można kontynuować tworzenia wolumenu. - Alfabetycznie/Kategoriami - Średnia prędkość (malejąco) - Algorytm - Szyfrowanie - Deszyfrowanie - Średnia - Dysk - Wielkość - Algorytm szyfrowania - Algorytm szyfrowania - Typ - Wartość - Właściwość - Położenie - bajty(ów) - Ukryty - Zewnętrzny - Zwykły - Systemowy - Ukryty (system) - Tylko do odczytu - Dysk systemowy - Dysk systemowy (zaszyfrowano: %.2f%%) - Dysk systemowy (zdeszyfrowano: %.2f%%) - Dysk systemowy (zaszyfrowano: %.2f%%) - Partycja systemowa - Ukryta partycja systemowa - Partycja systemowa (zaszyfrowano: %.2f%%) - Partycja systemowa (zdeszyfrowano: %.2f%%) - Partycja systemowa (zaszyfrowano: %.2f%%) - Tak (zabezpieczony przed uszkodzeniem!) - Żaden - Wielkość pierwszego klucza - Wielkość drugiego klucza (tryb XTS) - Dopasowanie wielkości klucza (tryb LRW) - bity - Wielkość bloku - PKCS-5 PRF - Licznik Iteracji PKCS-5 - Utworzono wolumen - Data ostatniej modyfikacji nagłówka - (%I64d dni temu) - Wersja formatu wolumenu - Wbudowana kopia nagłówka - Wersja prog. rozru. VC - Pierwszy dostępny - Wymienny dysk - Dysk twardy - Niezmieniony - Autodetekcja - Tryb kreatora - Wybierz jedną z metod. Jeżeli nie jesteś pewny co wybrać, wybierz wartość domyślną. - Wybierz tą opcję jeżeli chcesz zainstalować VeraCrypt w tym systemie. - Wskazówka: Możesz uaktualnić bez rozszyfrowywania nawet jeśli zaszyfrowana jest partycja/dysk systemowy lub używasz ukrytego systemu operacyjnego. - Jeżeli wybierzesz tą opcję, wszystkie pliki będą wypakone z tego archiwum ale nic nie zostanie zainstalowane w systemie. Nie zaznaczaj, jeżeli rzeczywiście chcesz zaszyfrować systemową partycję lub systemowy dysk. Zaznaczenie tej opcji może być używane np. jeżeli chcesz uruchomić VeraCrypt np. w trybie przenośnym. VeraCrypt nie zostanie zainstalowany w systemie operacyjnym. Po wypakowaniu wszystkich plików, możesz bezpośrednio uruchomić rozpakowany 'VeraCrypt.exe' (VeraCrypt uruchomi się w trybie przenośnym). - Opcje instalowania - W tym oknie można ustawić opcje kontrolujące proces instalacji. - Instalowanie - Proszę czekać na zainstalowanie programu VeraCrypt. - VeraCrypt został pomyślnie zainstalowany - VeraCrypt został pomyślnie uaktualniony - Rozważ proszę przekazanie dotacji. W dowolnej chwili możesz wcisnąć przycisk Zakończ, by zamknąć instalator. - Opcje wyodrębniania - W tym oknie można ustawić opcje kontrolujące proces wyodrębniania. - Proszę czekać na wyodrębnienie plików. - Pliki skutecznie wyodrębnione - Wszystkie pliki zostały pomyślnie wyodrębnione i zapisane w położeniu docelowym. - Jeśli podany folder nie istnieje, zostanie automatycznie utworzony. - VeraCrypt zostanie zaktualizowany w lokalizacji, gdzie jest zainstalowany VeraCrypt. Jeżeli potrzebujesz wybrać inną lokalizację, proszę odinstalować najpierw VeraCrypt. - Czy chcesz zobaczyć informacje na temat wydania dla bieżącej (ostatniej stabilnej) wersji programu VeraCrypt? - Jeśli nigdy wcześniej nie używałeś programu VeraCrypt, zalecamy przeczytanie rozdziału Beginner's Tutorial w podręczniku użytkownika VeraCrypt. Chcesz wyświetlić ten rozdział? - Wybierz działanie do wykonania: - Naprawa/Reinstalacja - Aktualizacja - Deinstalacja - Aby pomyślnie zainstalować/odinstalować VeraCrypt, musisz posiadać uprawnienia administratora. Czy chcesz kontynuować? - VeraCrypt Installer jest uruchomiony w twoim systemie i przygotowuje lub dokonuje instalacji lub uaktualnienia VeraCrypt. Przed dalszym kontynuowaniem instalacji, proszę poczekać na zakończenie aktualnego działania lub zamknij aplikacje. Jeżeli nie możesz zamknąć, proszę zrestartuj komputer przed uruchomieniem procesu instalacji. - Niepowodzenie instalacji. - Niepowodzenie deinstalacji. - Pakiet dystrybucyjny jest uszkodzony. Pobierz go ponownie (najlepiej z oficjalnej strony programu VeraCrypt po adresem www.veracrypt.org). - Nie można zapisać pliku %s - Wyodrębnianie - Nie można odczytać danych z tego pakietu. - Nie można zweryfikować integralności tego pakietu dystrybucyjnego. - Niepowodzenie wyodrębniania. - Instalacja została wycofana. - Program VeraCrypt został pomyślnie zainstalowany. - VeraCrypt został pomyślnie uaktualniony. - Program VeraCrypt został zaktualizowany do nowej wersji. Przed rozpoczęciem korzystania w programu należy ponownie uruchomić komputer.\n\nCzy chcesz teraz zrestartować system? - Nie udało się uaktualnić VeraCrypt!\n\nWAŻNE: Zanim wyłączysz lub uruchomisz ponownie system, zalecamy stanowczo użycie Przywracania systemu (Menu Start Windows > Wszystkie programy > Akcesoria > Narzędzia systemowe > Przywracanie systemu), by przywrócić stan systemu do punktu przywracania o nazwie 'VeraCrypt installation'. Jeśli Przywracanie systemu jest niedostępne, należy spróbować zainstalować oryginalną lub nową wersję VeraCrypt raz jeszcze zanim wyłączysz lub zrestartujesz system. - Program VeraCrypt został pomyślnie odinstalowany.\n\nKliknij przycisk 'Zakończ', aby usunąć program instalacyjny VeraCrypt oraz folder %s. Folder nie zostanie usunięty, jeśli zawiera jakieś pliki, które nie zostały zainstalowane lub utworzone przez program VeraCrypt. - Usuwanie wpisów rejestru VeraCrypt - Dodawanie pozycji rejestru - Usuwanie danych aplikacji - Instalowanie - Zatrzymywanie - Usuwanie - Dodawanie ikon - Tworzenie punktu przywracania systemu - Niepowodzenie tworzenia punktu przywracania systemu! - Uaktualnienie programu startowego - Zainstalowanie '%s' nie powiodło się. %s Czy chcesz kontynuowań instalowanie? - Odinstalowanie '%s' nie powiodło się. %s Czy chcesz kontynuować odinstalowanie? - Instalacja została zakończona. - Nie można utworzyć folderu '%s' - Sterownik urządzenia VeraCrypt nie może zostać wyładowany.\n\nZamknij wszystkie otwarte okna programu VeraCrypt. Jeśli to nie pomoże, zrestartuj system Windows i ponów próbę. - Wszystkie wolumeny programu VeraCrypt muszą zostać odłączone przed instalacją lub odinstalowaniem programu VeraCrypt. - W tym systemie jest zainstalowana przestarzała wersja programu VeraCrypt. Musi być ona zostać odinstalowana zanim będzie można zainstalować tę wersję programu VeraCrypt.\n\nNatychmiast po zamknięciu tego komunikatu zostanie uruchomiony deinstalator starej wersji. Należy pamiętać, że żaden z wolumenów nie zostanie odszyfrowany. Po odinstalowaniu starej wersji programu VeraCrypt ponownie uruchom instalator nowej wersji. - Nie powiodła się instalacja wpisów rejestru - Instalacja sterownika urządzenia nie powiodła się. Zrestartuj system Windows i ponów próbę zainstalowania programu VeraCrypt. - Uruchamianie sterownika urządzenia VeraCrypt - Niepowodzenie odinstalowania sterownika urządzenia. Z powodu rozwiązań przyjętych w systemie Windows przed odinstalowaniem (lub ponownym zainstalowaniem) sterownika może być konieczne wylogowanie lub restart systemu. - Instalowanie sterownika urządzenia VeraCrypt - Zatrzymywanie sterownika urządzenia VeraCrypt - Deinstalacja sterownika urządzenia VeraCrypt - Rejestracja biblioteki obsługującej zarządzanie kontami użytkowników nie powiodła się. - Wyrejestrowanie biblioteki obsługującej zarządzanie kontami użytkowników nie powiodło się. - Uwaga o trybie przenośnym:\n\nProszę zauważyć, że system operacyjny wymaga zarejestrowania w nim sterowników, zanim będą mogły być uruchomione. Dlatego sterownik VeraCrypt nie jest (i nie może być) w pełni przenośny (chociaż aplikacja VeraCrypt jest w pełni przenośna, tzn. nie musi być zainstalowana ani zarejestrowana w systemie operacyjnym). Należy również pamiętać, że VeraCrypt potrzebuje sterownika, aby zapewnić przejrzyste szyfrowanie/deszyfrowanie w locie. - Pamiętaj, że jeżeli zdecydujesz się uruchomić VeraCrypt w trybie przenośnym (w przeciwieństwie do uruchomienia zainstalowanej wersji VeraCrypt), system zapyta cię o uprawnienia do uruchomienia VeraCrypt (UAC prompt) za każdym razem, gdy będziesz go uruchamiał.\n\nPowodem jest to, że VeraCrypt w trybie przenośnym wymaga załadowania i uruchomienia sterownika urządzeń VeraCrypt. VeraCrypt potrzebuje sterownika, aby zapewnić przeźroczysty dostęp do szyfrowania/odszyfrowania i użytkownicy bez uprawnień administracyjnych nie mogą uruchomić sterownika urządzeń w Windows. Dlatego, system zapyta Cię o uprawnienia administracyjne przy uruchomieniu VeraCrypt (UAC prompt).\n\nPamiętaj, że jeżeli zainstalujesz VeraCrypt w systemie, system NIE będzie pytał o uprawnienia do uruchomienia VeraCrypt (UAC prompt).\n\nCzy jesteś pewien, że chcesz wypakować pliki? - UWAGA: Obecne wystąpienie kreatora wolumenów ma uprawnienia administratora.\n\nTwój nowy wolumen może być stworzony z uprawnieniami, które nie pozwolą Ci na zapisanie do wolumenu, gdy jest on podłączony. Jeżeli chcesz to ominąć, zamknij to wystąpienie kreatora i uruchom nową kopię bez uprawnień administratora.\n\nCzy chcesz zamknąć to okno kreatora? - Błąd: Nie można wyświetlić licencji. - Zewnętrzny(!) - dni - godz. - minuty - s - Otwórz - Odłącz - Pokaż VeraCrypt - Ukryj VeraCrypt - Dane odczytane od podłączenia - Dane zapisane od podłączenia - Część zaszyfrowana - 100% (całkowicie zaszyfrowane) - 0% (nie zaszyfrowane) - %.3f%% - 100% - Oczekiwanie - Przygotowanie - Rozszerzanie - Szyfrowanie - Deszyfrowanie - Kończenie - Wstrzymane - Zakończone - Błąd - Urządzenie odłączone - Ulubione wolumeny systemowe zapisane.\n\nAby włączyć podłączanie ulubionych wolumenów systemowych kiedy system startuje, proszę wybrać 'Ustawienia' > 'Ulubione wolumeny systemowe' > 'Podłączyć ulubione wolumeny systemowe podczas startu Windows'. - Wolumen, który właśnie dodajesz do ulubionych nie jest ani partycją ani wolumenem dynamicznym. Dlatego VeraCrypt nie będzie mógł podłączyć tego ulubionego wolumenu jeśli zmieni się numer urządzenia. - Wolumen, który właśnie dodajesz do ulubionych jest partycją nierozpoznawalną dla Windows.\n\nVeraCrypt nie będzie w stanie podłączyć tego ulubionego wolumenu jeśli zmieni się numer urządzenia. Wymagane jest ustawienie typu partycji tak, by był rozpoznawalny przez Windows (użyj polecenia SETID z windowsowego narzędzia 'diskpart'). Następnie dodaj ponownie partycję do ulubionych. - Wykonywane w tle Zadanie VeraCrypt zostało zablokowane lub skonfigurowane, by zakończyć się, gdy brak zamontowanych wolumenów (lub VeraCrypt jest uruchomiony w trybie przenośnym). Może to blokować automatyczne montowanie ulubionych wolumenów po podłączeniu ich nośników.\n\nUwaga: Aby odblokować Zadanie VeraCrypt w tle, należy wybrać Ustawienia > Preferencje i zaznacz pole wyboru 'Aktywny' w sekcji 'Proces VeraCrypt uruchamiany w tle'. - Nośnik przechowywany na zdalnym systemie plików współdzielonym w sieci nie może być automatycznie dołączany, gdy podłączane jest jego urządzenie. - Urządzenie wyświetlane poniżej nie jest ani partycją ani wolumenem dynamicznym. Stąd wolumen zawarty w urządzeniu nie może być automatycznie montowany, gdy urządzenie jest podłączane. - Należy ustawić typ partycji wyświetlany poniżej na typ rozpoznawany przez Windows (użyj polecenia SETID narzędzia Windows 'diskpart'). Następnie usuń partycję z ulubionych i dodaj ją ponownie. Pozwoli to wolumenowi mieszczącemu sie na urządzeniu zostać automatycznie podłączonym po podpięciu urządzenia. - Urządzenie wyświetlane poniżej nie jest ani partycją ani wolumenem dynamicznym. Dlatego nie można do niego przypisać etykiety. - Należy ustawić typ partycji wyświetlany poniżej na typ rozpoznawany przez Windows (użyj polecenia SETID narzędzia Windows 'diskpart'). Następnie usuń partycję z ulubionych i dodaj ją ponownie. Pozwoli to programowi VeraCrypt przypisać etykietę do partycji. - Ze względu na ograniczenia Windows, nośnik przechowywany w zdalnym systemie plików współdzielonym przez sieć nie może być montowany jako systemowy wolumen ulubiony (jednakże może być montowany jako bezsystemowy wolumen ulubiony podczas logowania użytkownika). - Podaj hasło dla %s - Podaj hasło dla '%s' - Wprowadź hasło dla normalnego/innego wolumentu - Wprowadź hasło dla ukrytego wolumenu - Wprowadź hasło do zapisania do pliku kopii bezpieczeństwa nagłówka - Plik-klucz został pomyślnie utworzony. - Liczba plików-kluczy, którą podałeś jest nieprawidłowa. - Rozmiar pliku-klucza musi być zawarty pomiędzy 64 a 1048576 bajtów. - Proszę podać nazwę pliku/ów-klucza/y do wygenerowania - Nazwa bazowa pliku/ów-klucza/ów jest nieprawidłowa. - Plik-klucz'%s' już istnieje.\nCzy chcesz go nadpisać? Proces generowania zostanie zakończony, jeżeli odpowiesz Nie. - UWAGA: Nagłówek tego wolumenu jest uszkodzony! VeraCrypt automatycznie użyje wbudowanej kopii bezpieczeństwa nagłówka wolumenu.\n\nMożesz naprawić nagłówek wolumenu wybierając 'Narzędzia' > 'Odtwórz nagłówek wolumenu'. - Pomyślnie utworzono kopię zapasową nagłówka wolumenu.\n\nWAŻNE: Odtworzenie nagłówka wolumenu z użyciem tej kopii spowoduje odtworzenie aktualnego hasła wolumenu. Oprócz tego, jeśli pliki-klucze są potrzebne do podłączania, te same pliki klucze będą niezbędne do podłączenia wolumenu po odtworzeniu jego nagłówka.\n\nOSTRZEŻENIE: Obecna kopia zapasowa nagłówka może być użyta TYLKO dla tego wolumenu. Użycie tej kopii nagłówka dla innego wolumenu umożliwi jego podłączenie, ale NIE BĘDZIE MOŻLIWE odszyfrowanie danych zapisanych w wolumenie (ponieważ zmieni się jego klucz nadrzędny). - Nagłówek wolumenu został pomyślnie odtworzony.\n\nWAŻNE: Stare hasło również zostało odtworzone. Jeśli w chwili utworzenia tej kopii zapasowej do podłączenia wolumenu były konieczne pliki-klucze, te same pliki będą znów potrzebne do podłączenia wolumenu. - Z powodów bezpieczeństwa, powinieneś wprowadzić poprawne hasło (i/lub podać pliki-klucze) do wolumenu.\n\nUwaga: Jeżeli wolumen zawiera ukryty wolumen, powinieneś wprowadzić poprawne hasło (i/lub podać poprawne pliki-klucze) najpierw do zewnętrznego wolumenu. Potem, jeżeli wybierzesz kopię nagłówka ukrytego wolumenu, będziesz musiał wprowadzić poprawne hasło (i/lub podać poprawne pliki-klucze) do ukrytego wolumenu. - Czy jesteś pewien, że chcesz zrobić kopię zapasową nagłówka wolumenu %s?\n\nPo naciśnięciu Tak, zostaniesz zapytany o nazwę pliku do którego kopia zostanie zapisana.\n\nUwaga: Oba - standardowe i ukryte nagłówki wolumenów będą ponownie zaszyfrowane używając nowego klucza (new salt) i zostaną zapisane w pliku kopii. Jeżeli nie ma w tym wolumenie ukrytego wolumenu, miejsce zarezerwowane na nagłówek ukrytego wolumenu w kopii bezpieczeństwa zostanie wypełniona losowymi danymi. Kiedy będzięsz odtwarzał nagłówek wolumenu z kopii, będziesz potrzebował wprowadzenia poprawnego hasła (i/lub podania poprawnego pliku/ów-klucza/y) które zostało ustawione podczas tworzenia kopii nagłówka wolumenu. Na podstawie hasła (i/lub plików-kluczy) zostanie automatycznie wykryty typ nagłówka wolumenu do odtworzenia, np. standardowy lub ukryty (VeraCrypt wykrywa to w trakcie procesu testu i zwracanych błędów). - Czy na pewno odtworzyć nagłówek %s?\n\nOSTRZEŻENIE: Odtworzenie nagłówka wolumenu spowoduje również przywrócenie hasła, które było aktualne w momencie tworzenia kopii zapasowej. Oprócz tego jeśli pliki-klucze są potrzebne do podłączania, te same pliki-klucze będą niezbędne do podłączenia wolumenu po odtworzeniu jego nagłówka.\n\nPo potwierdzeniu konieczne będzie wybranie pliku kopii zapasowej nagłówka. - Czy wolumen zawiera ukryte wolumeny? - Wolumen zawiera ukryte wolumeny - Wolumen nie zawiera ukrytych wolumenów - Proszę wybrać typ nagłówka wolumenu, którego chesz zrobić kopię bezpieczeństwa: - Odtwórz nagłówek wolumenu z wbudowanej w wolumen kopii bezpieczeństwa - Odtwórz nagłówek wolumenu z zewnętrznego pliku kopii bezpieczeństwa - Wielkość kopii nagłówka wolumenu z pliku kopii jest niepoprawna. - Nie ma kopii nagłowna we wbudowanej kopii bezpieczeństwa tego wolumenu (uwaga tylko dla wolumenów stworzonych przez VeraCrypt 6.0 lub późniejszych). - Zamierzasz utworzyć kopię zapasową nagłówka dla partycji/dysku systemowego. To nie jest dozwolone. Zabezpieczanie/odtwarzanie dla partycji/dysku systemowego może być przeprowadzane wyłącznie przy użyciu płyty ratunkowej programu VeraCrypt.\n\nCzy utworzyć płytę ratunkową programu VeraCrypt? - Zamierzasz odtworzyć nagłówek wolumenu wirtualnego VeraCrypt, ale wybrano partycję lub dysk systemowy. To nie jest dozwolone. Zabezpieczanie/odtwarzanie dla partycji/dysku systemowego może być przeprowadzane wyłącznie przy użyciu płyty ratunkowej programu VeraCrypt.\n\nCzy utworzyć płytę ratunkową programu VeraCrypt? - Po kliknięciu przycisku OK należy wybrać nazwę pliku dla nowego obrazu ISO płyty ratunkowej programu VeraCrypt i miejsce, w którym zostanie zapisany. - Obraz płyty ratunkowej został stworzony i zapisany w pliku: %s\n\nTeraz musisz nagrać obraz płyty ratunkowej na CD lub DVD.\n\nWAŻNE: Pamiętaj, że plik musi być nagrany na CD/DVD jako obraz płyty ISO (nie jako pojedynczy plik). Informacje jak to zrobić znajdziesz w dokumentacji twojego oprogramowania nagrywarki CD/DVD.\n\nPo nagraniu płyty ratunkowej, wybierz 'System' > 'Sprawdź płytę ratunkową', aby sprawdzić poprawność nagrania płyty. - Obraz płyty ratunkowej został stworzony i zapisany w pliku: %s\n\nTeraz musisz nagrać obraz płyty ratunkowej na CD lub DVD.\n\nCzy chcesz teraz załadować Microsoft Windows Disc Image Burner?\n\nPamiętaj: Po nagraniu płyty ratunkowej, wybierz 'System' > 'Sprawdź płytę ratunkową', aby sprawdzić poprawność nagrania płyty. - Włóż płytę ratunkową programu VeraCrypt do napędu CD/DVD i kliknij przycisk OK w celu jego sprawdzenia. - Płyta ratunkowa programu VeraCrypt została pomyślnie sprawdzona. - Nie można zweryfikować poprawności zapisania płyty ratunkowej.\n\nJeśli płyta ratunkowa została zapisana, wyjmij i ponownie włóż płytę CD/DVD, a następnie ponów próbę. Jeśli to nie pomoże, należy spróbować użyć innego oprogramowania CD/DVD lub nośnika.\n\nPróba zweryfikowania płyty ratunkowej utworzonej dla innego klucza nadrzędnego, hasła, itp. nigdy nie zakończy się pozytywnie. Aby utworzyć nową płytę ratunkową w pełni kompatybilną z aktualną konfiguracją, wybierz opcję 'System' > 'Utwórz płytę ratunkową'. - Obraz ISO płyty ratunkowej VeraCrypt został pomyślnie sprawdzony. - Nieudane sprawdzenie obrazu ISO płyty ratunkowej.\n\nJeżeli próbujesz sprawdzić obraz ISO płyty ratunkowej VeraCrypt stworzony dla innego klucza głównego, hasła, soli itp., proszę zauważyć, że taki obraz ISO płyty ratunkowej zawsze nie przejdzie weryfikacji. Aby stworzyć nowy obraz ISO płyty ratunkowej VeraCrypt w pełni kompatybilny z twoją obecną konfiguracją, wybierz 'System' > 'Utwórz płytę ratunkową'. - Błąd tworzenia płyty ratunkowej - Płyta ratunkowa VeraCrypt nie może zostać stworzona podczas uruchomionego ukrytego systemu operacyjnego.\n\nAby stworzyć płytę ratunkową VeraCrypt, zrestartuj system operacyjny i wybierz 'System' > 'Tworzenie płyty ratunkowej'. - Nie można zweryfikować poprawności zapisu płyty ratunkowej.\n\nJeżeli masz nagraną płytę ratunkową, proszę wyjąć ją i włożyć ponownie do CD/DVD; kliknij Dalej, aby spróbować jeszcze raz. Jeżeli to nie pomoże, proszę spróbować z innym nośnikiem %s.\n\nJeżeli nie nagrałeś jeszcze płyty ratunkowej, zrób to, i kliknij Dalej.\n\nJeżeli przystąpisz do sprawdzenia płyty ratunkowej VeraCrypt przed uruchomieniem tego kreatora, proszę pamiętać że płyta ratunkowa nie może byc użyta, ponieważ została stworzona z innym kluczem głównym. Powinieneś nagrać nowo wygenerowaną płytę ratunkową. - i/lub inne oprogramowanie nagrywające CD/DVD - VeraCrypt - Ulubione wolumeny systemowe - Co to są ulubione wolumeny systemowe? - Systemowa partycja/dysk nie wydaje się być zaszyfrowana.\n\nUlubione wolumeny systemowe mogą być podłączane używając tylko autoryzacji hasłem pre-boot. Dlatego, aby włączyć używanie ulubionych wolumenów systemowych, musisz najpierw zaszyfrować systemową partycję lub dysk. - Odłącz wolumen przed przejściem dalej. - Błąd: Nie można ustawić stopera. - Sprawdź system plików - Napraw system plików - Dodaj do ulubionych... - Dodaj do ulubionych systemowych... - Właśc&iwości... - Zabezpieczony wolumen ukryty - niedostępny - Tak - Nie - Zablokowane - 1 - 2 lub więcej - Tryb działania - Etykieta: - Wielkość: - Ścieżka: - Litera dysku: - Błąd: Hasło może zawierać tylko znaki ASCII.\n\nZnaki spoza zestawu ASCII w haśle mogą spowodować brak możliwości podłączenia po zmianie konfiguracji systemu.\n\nDozwolone jest użycie następujących znaków:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - OSTRZEŻENIE: Hasło zawiera znaki spoza zestawu ASCII. Może to spowodować brak możliwości podłączenia wolumenu po zmianie konfiguracji systemu operacyjnego.\n\nNależy zastąpić wszystkie znaki spoza zestawu ASCII w haśle znakami ASCII. W tym celu kliknij 'Wolumeny' -> 'Zmień hasło wolumenu'.\n\nNastępujące znaki należą do zestawu ASCII:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - OSTRZEŻENIE: Stanowczo zaleca się unikanie używania rozszerzeń nazw plików używanych przez pliki wykonywalne (takich jak .exe, .sys lub .dll) i innych podobnych problematycznych rozszerzeń nazw plików. Użycie takich rozszerzeń nazw sugeruje systemowi Windows i oprogramowaniu antywirusowemu ingerowanie w kontenery, co może spowodować obniżenie wydajności wolumenu a także poważne problemy.\n\nStanowczo zaleca się usunięcie tego rozszerzenia pliku lub jego zmianę (np. na .raw, .iso, .img, .dat lub .rnd).\n\nCzy na pewno chcesz użyć problematycznego rozszerzenia nazwy pliku? - OSTRZEŻENIE: Ten kontener ma rozszerzenie nazwy pliku, które jest zarezerwowane dla plików wykonywalnych (takich jak .exe, .sys lub .dll) lub inne podobnie problematyczne rozszerzenie nazwy pliku. To prawdopodobnie spowoduje ingerencję systemu Windows i oprogramowania antywirusowego w kontener, co wpłynie na wydajność wolumenu i może być przyczyną poważnych problemów.\n\nStanowczo zaleca się usunięcie rozszerzenia lub jego zmianę (np. na .raw, .iso, .img, .dat lub .rnd) po odłączeniu tego wolumenu. - Strona WWW - OSTRZEŻENIE: Ten komunikat pojawił się, ponieważ w systemie Windows XP nie jest zainstalowany żaden pakiet poprawek. W systemie Windows XP bez żadnego pakietu poprawek nie należy zapisywać na dyskach IDE większych niż 128 GB! Jeśli to zrobisz, dane na dysku (bez znaczenia, czy jest to wolumen VeraCrypt, czy nie) mogą zostać uszkodzone. Jest ograniczenie systemu Windows, a nie błąd w VeraCrypt. - OSTRZEŻENIE: Ten komunikat pojawił się, ponieważ w Windows 2000 nie jest zainstalowany pakiet poprawek 3 lub nowszy. W systemie Windows 2000 bez pakietu poprawek 3 lub nowszego nie należy zapisywać na dyskach IDE większych niż 128 GB! Jeśli to zrobisz, dane na dysku (bez znaczenia, czy jest to wolumen VeraCrypt, czy nie) mogą zostać uszkodzone. Jest ograniczenie systemu Windows, a nie błąd w VeraCrypt.\n\nWskazówka: Może zajść potrzeba włączenia w rejestrze obsługi LBA w trybie 48-bitowym. Aby uzyskać więcej informacji, patrz http://support.microsoft.com/kb/305098 - OSTRZEŻENIE: W używanym systemie wyłączona jest obsługa ATAPI LBA w trybie 48-bitowym. Dlatego nie należy zapisywać na dyskach IDE większych niż 128 GB! Jeśli to zrobisz, dane na dysku (bez znaczenia, czy jest to wolumen VeraCrypt, czy nie) mogą zostać uszkodzone. Jest to ograniczenie systemu Windows, a nie błąd w VeraCrypt.\n\nAby włączyć obsługę LBA w trybie 48-bitowym, dodaj wartość rejestru 'EnableBigLba' do klucza rejestru HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters i ustaw ją na 1.\n\nAby uzyskać więcej informacji, patrz http://support.microsoft.com/kb/305098 - Błąd: Pliki większe niż 4 GB nie mogą być przechowywane na systemie plików FAT32. Dlatego, plik-hosty zawierające wolumeny VeraCrypt zapisane na FAT32 nie mogą być większe niż 4 GB.\n\nJeżeli potrzebujesz większe wolumeny, stwórz je na NTFS (lub, jeżeli używasz Windows Vista SP1 lub późniejsze, na exFAT) lub, wewnątrz stworzonego wolumenu który zawiera zaszyfrowane partycje. - Uwaga: Windows XP nie wspiera plików dłuższych niż 2048 GB (wystąpi komunikat "Not enough storage is available"). Zatem nie możesz tworzyć wolumenów VeraCrypt mieszczących się w plikach (nośnik) większych niż 2048 GB pod Windows XP.\n\nZauważ, że wciąż możliwe jest szyfrowanie całego dysku lub utworzenie wolumenu VeraCrypt mieszczącego się na partycji, większego niż 2048 GB pod Windows XP. - OSTRZEŻENIE: Aby w przyszłości było możliwe dodawanie danych/plików do wolumenu zewnętrznego, należy rozważyć utworzenie wolumenu ukrytego o mniejszej wielkości.\n\nCzy na pewno kontynuować z użyciem podanej wielkości? - Nie wybrano wolumenu.\n\nKliknij przycisk 'Wybierz urządzenie' lub 'Wybierz plik’, aby wybrać wolumen VeraCrypt. - Nie wybrano partycji.\n\nKliknij przycisk 'Wybierz urządzenie', aby wybrać niepodłączoną partycję, która normalnie wymaga wstępnego uwierzytelniania (np. partycja umieszczona na zaszyfrowanym dysku systemowym innego systemu operacyjnego, który nie jest uruchomiony lub zaszyfrowana partycja systemowa innego systemu operacyjnego).\n\nUwaga: Wybrana partycja zostanie podłączona tak jak zwykły wolumen VeraCrypt bez wstępnego uwierzytelniania. To jest przydatne np. do wykonania kopii zapasowej lub naprawy systemu. - OSTRZEŻENIE: Jeśli zostaną zdefiniowane i włączone domyślne pliki-klucze, wolumeny nie używające tych kluczy nie będą mogły być podłączone. Dlatego po włączeniu domyślnych plików-kluczy należy pamiętać o anulowaniu zaznaczenia pola wyboru 'Użyj plików-kluczy' (poniżej pola wprowadzania hasła) zawsze, gdy podłączane są takie wolumeny.\n\nCzy na pewno chcesz zapisać wybrane pliki-klucze lub ich ścieżki jako domyślne? - Automatycznie podłączanie urządzeń - Odłącz wszystko - Wyczyść pamięć podręczną - Odmontuj wszystko i wyczyść pamięć podręczną - Wymuszaj odłączanie wszystkiego i wyczyść pamięć podręczną - Wymuszaj odłączanie wszystkiego, wyczyść pamięć podręczną i zakończ pracę - Podłącz wolumeny ulubione - Pokaż/ukryj główne okno programu VeraCrypt - (Kliknij tu i naciśnij wybrany klawisz) - Działanie - Skrót - Błąd: Skrót jest zarezerwowany. Wybierz inny skrót. - Błąd: Skrót jest już używany. - OSTRZEŻENIE: Przynajmniej jeden systemowy klawisz skrótu VeraCrypt nie będzie poprawnie działać!\n\nUpewnij się, że inna aplikacja lub system nie używają tego samego skrótu, co program VeraCrypt. - Tworzenie pliku stronicowania zostało zabronione.\n\nZauważ, że w poszczególnych wersjach Windows, pliki stronicowania nie mogą leżeć na bezsystemowych wolumenach VeraCrypt (włączając ulubione wolumeny systemowe). VeraCrypt wspiera tworzenie plików stronicowania tylko na szyfrowanych systemowych dyskach/partycjach. - Błąd lub niezgodność uniemożliwia VeraCrypt szyfrowanie pliku hibernacji. Dlatego, hibernacja nie jest możliwa.\n\nInformacja: Kiedy komputer jest hibernowany (lub wchodzi w stan oszczędzania energii), zawartość pamięci systemowej RAM jest zapisywana do pliku hibernacji składowanego na dysku. VeraCrypt nie mógł uniemożliwić kluczom szyfrującym na zapisanie danych w pamięci RAM jako niezaszyfrowanych w pliku hibernacji na dysku. - Hibernacja została wstrzymana.\n\nVeraCrypt nie wspiera hibernacji w ukrytym systemie operacyjnym, który używa ekstra boot partycji. Proszę pamiętać, że boot partycja jest współdzielona przez oba systemy (pierwszy i ukryty). Dlatego, aby zapobiec wyciekom danych i problemom podczas wznowienia systemu, VeraCrypt wstrzymuje w ukrytym systemie operacyjnym zapis do współdzielonej boot partycji. - Wolumen VeraCrypt podłączony jako %c: został odłączony. - Wolumeny VeraCrypt zostały odłączone. - Wolumeny VeraCrypt zostały odłączone a bufor haseł wyczyszczony. - Pomyślnie odłączone - UWAGA: Jeśli Zadanie VeraCrypt w Tle jest zablokowane, odłączone są następujące funkcje:\n\n1) Klawisze skrótu\n2) Auto-dismount (tj., podczas wylogowywania, niezapowiedzianego odłączeniu nośnika, tajmautu, itp.)\n3) Auto-mount ulubionych wolumenów\n4) Powiadomienia (np, przy zapobieganiu uszkodzenia ukrytego wolumenu)\n5) Ikony powiadomień\n\nZauważ: Można w każdej chwili zakończyć Zadanie w Tle prawym przyciskiem myszki na ikonie powiadomień i wybierając 'Zakończ'.\n\nCzy na pewno trwale zablokować Zadanie VeraCrypt w Tle? - OSTRZEŻENIE: Jeśli opcja ta zostanie wyłączona, wolumeny zawierające otwarte pliki/katalogi nie będą mogły być automatycznie odłączane.\n\nCzy na pewno wyłączyć tę opcję? - OSTRZEŻENIE: Wolumeny zawierające otwarte pliki/katalogi nie będą automatycznie odłączane.\n\nAby to zmienić, włącz następującą opcję w tym oknie dialogowym: 'Wymuś odłączanie, nawet gdy są otwarte pliki lub katalogi'. - OSTRZEŻENIE: Kiedy w laptopie bateria jest słaba, Windows może wysłać informacje do uruchomionych aplikacji, że wchodzi w stan oszczędzania energii. Dlatego, VeraCrypt w tych przypadkach może błędnie automatycznie odłączać wolumeny. - Zaplanowano proces szyfrowania partycji/wplumenu. Proces jeszcze nie został zakończony.\n\nCzy chcesz teraz wznowić proces? - Zaplanowano proces szyfrowania lub deszyfrowania partycji lub dysku systemowego. Proces ten nie został jeszcze zakończony.\n\nCzy chcesz go teraz uruchomić (wznowić)? - Czy chcesz być zapytany o dokończenie obecnego procesu szyfrowania nie systemowej partycji/wolumenu? - Tak, pytaj mnie ciągle - Nie, nie pytaj mnie - WAŻNE: Pamiętaj, że możesz wznowić proces szyfrowania każdego nie systemowej partycji/wolumenu wybierając 'Wolumeny' > 'Wznów Przerwany Proces' z menu okna VeraCrypt. - Zaplanowano proces szyfrowania lub deszyfrowania partycji lub dysku systemowego. Wstępne uwierzytelnianie zakończyło się jednak niepowodzeniem (lub zostało pominięte).\n\nJeśli partycja lub dysk systemowy jest deszyfrowany w środowisku z wstępnym uwierzytelnianiem, należy zakończyć ten proces, wybierając w menu głównym programu VeraCrypt opcję 'System' > 'Trwale odszyfruj partycję lub dysk systemowy'. - UWAGA: Jeśli VeraCrypt zakończy się teraz, następujące funkcje zostaną zablokowane:\n\n1) Klawisze skrótu\n2) Auto-dismount (np., podczas wylogowania, niezapowiedzialnego odłączenia nośnika, tajmautu, itp.)\n3) Auto-mount ulubionych wolumenów\n4) Powiadomienia (np., podczas zapobiegania uszkodzenia ukrytego wolumenu)\n\nZauważ: Jeśli nie chcesz, by VeraCrypt pracował w tle, zablokuj Zadanie VeraCrypt w Tle w Preferencjach (i, o ile konieczne, zablokować automatyczny start VeraCrypt w Preferencjach).\n\nCzy na pewno wyjść z VeraCrypt? - Wyjść? - Program VeraCrypt nie ma wystarczających informacji, aby zdecydować, czy należy szyfrować czy deszyfrować. - Program VeraCrypt nie ma wystarczających informacji, aby zdecydować, czy szyfrować, czy deszyfrować.\n\nUwaga: Jeśli partycja/dysk systemowy została odszyfrowana w środowisku z wstępnym uwierzytelnieniem, może być konieczne dokończenie procesu przez kliknięcie przycisku Odszyfruj. - Uwaga: Gdy szyfrujesz bezsystemową partycję lub wolumen "w locie", a błąd trwale uniemożliwia skończenie procesu, nie będziesz mógł zamontować wolumenu (i uzyskać dostępu do zgromadzonych na nim danych), ąz do czasu pełnego ODSZYFROWANIA wolumenu (tj. odwrócenia procesu).\n\nJeżelu musisz to zrobić, podążaj tymi krokamni:\n1) Wyłącz ten kreator.\n2) W głównym oknie VeraCrypt, wybierz 'Wolumeny' > 'Kontynuuj przerwany proces'.\n3) Wybierz 'Odszyfruj'. - Czy chcesz przerwać i odłożyć proces szyfrowania partycji/wolumenu?\n\nUwaga: Pamiętaj, że wolumen nie może być podłączony do czasu całkowitego zaszyfrowania. Możesz wznowić proces szyfrowania i będzie on kontynuowany od miejsca, gdzie został zatrzymany. Możesz to zrobić, np. wybierając 'Wolumeny' > 'Kontynuuj przerwany proces' z menu głównego okna VeraCrypt. - Czy chcesz przerwać i odłożyć proces szyfrowania partycji/dysku systemowego?\n\nUwaga: Proces ten będzie można później wznowić od miejsca, w którym został zatrzymany. W tym celu należy wybrać w głównym oknie programu VeraCrypt opcję 'System' > 'Wznów przerwany proces'. Aby ostatecznie przerwać lub odwrócić proces szyfrowania, wybierz opcję 'System' > 'Trwale odszyfruj partycję lub dysk systemowy'. - Czy chcesz wstrzymać i odłożyć proces deszyfrowania partycji/dysku systemowego?\n\nUwaga: Proces ten będzie można później wznowić od miejsca, w którym został zatrzymany. W tym celu należy wybrać w głównym oknie programu VeraCrypt opcję 'System' > 'Wznów przerwany proces'. Aby odwrócić proces deszyfrowania (i rozpocząć szyfrowanie), wybierz opcję 'System' > 'Szyfruj partycję lub dysk systemowy'. - Błąd: Niepowodzenie przerwania procesu szyfrowania/deszyfrowania partycji/dysku systemowego. - BŁĄD: Błąd przerwania procesu czyszczenia/wymazywania. - Błąd: Niepowodzenie wznowienia procesu szyfrowania/deszyfrowania partycji/dysku systemowego. - BŁĄD: Błąd uruchomienia procesu czyszczenia/wymazywania. - Wykryto i usunięto niespójność.\n\n\n(Jeśli będziesz zgłaszać związany z tym błąd, umieść w raporcie błędu następujące informacje techniczne: %hs) - BŁĄD: Stan nieoznaczony.\n\n\n(Jeżeli będziesz wykonywał raport z błędem, proszę dołącz te techniczne informacje: %hs) - Nie ma przerwanego procesu szyfrowania lub deszyfrowania partycji systemowej lub napędu do wznowienia.\n\nZawuaż: Jeżeli chcesz wznowić przerwany proces szyfrowania lub deszyfrowania partycji lub wolumenu bezsystemowego, wybierz 'Wolumeny' > 'Kontynuuj przerwany proces'. - OSTRZEŻENIE: Proces VeraCrypt uruchamiany w tle jest wyłączony. Po zakończeniu pracy programu VeraCrypt nie będą generowane ostrzeżenia o podjęciu działań zabezpieczających przed uszkodzeniem wolumenów ukrytych.\n\nProces uruchamiany w tle można zamknąć w dowolnym momencie, klikając prawym przyciskiem myszy ikonę VeraCrypt w zasobniku i wybierając opcję 'Wyjście'.\n\nUruchomić proces programu VeraCrypt w tle? - Wersja pakietu językowego: %s - Sprawdzanie systemu plików w wolumenie VeraCrypt podłączonym jako %s... - Próba naprawy systemu plików w wolumenie VeraCrypt podłączonym jako %s... - Ostrzeżenie: Ten wolumen jest zaszyfrowany z wykorzystaniem starego algorytmu szyfrowania.\n\nWszystkie algorytmy o 64-bitowym bloku (np. Blowfish, CAST-128 lub Triple DES) są niezalecane. Będzie możliwe podłączenie tego wolumenu w przyszłych wersjach VeraCrypt. Implementacje tych algorytmów nie będą jednak w przyszłości rozwijane. Zaleca się utworzenie nowego wolumenu szyfrowanego algorytmem o 128-bitowym bloku (np. AES, Serpent, Twofish, itp.) i przeniesienie wszystkich plików do nowego wolumenu. - System nie jest skonfigurowany do automatycznego podłączania nowych wolumenów. Może być niemożliwe podłączenie wolumenów VeraCrypt wykorzystujących urządzenia. Automatyczne podłączanie może być włączone przez wydanie następującej komendy i ponowne uruchomienie systemu.\n\nmountvol.exe /E - Przypisz literę dysku do partycji/urządzenia przed uruchomieniem ('Panel sterowania' > 'Wydajność i konserwacja' > 'Narzędzia administracyjne' > 'Zarządzanie komputerem' > 'Zarządzanie dyskami').\n\nJest to wymaganie systemu operacyjnego. - Podłącz wolumen VeraCrypt - Odłącz wszystkie wolumeny VeraCrypt - Program VeraCrypt nie mógł uzyskać uprawnień administratora. - System operacyjny odmówił dostępu.\n\nMożliwa przyczyna: system wymaga posiadania praw odczytu/zapisu (lub praw administratora) dla niektórych folderów, plików i urządzeń. Zwykle użytkownik bez praw administratora może tworzyć, odczytywać i modyfikować pliki w swoim folderze z dokumentami. - Błąd: Dysk używa niewspierany rozmiar sektora.\n\nNie jest możliwe utworzenie wolumenów opartych o dysk/partycję, używające sektorów dłuższych niż 4096 bajtów. Jednakże wciąż można stworzyć wolumeny oparte na plikach znajdujących się na takich dyskach. - Obecnie nie jest możliwe zaszyfrowanie systemu zainstalowanego na dysku używającym rozmiaru sektora innego niż 512 bajtów. - Program startowy VeraCrypt wymaga co najmniej 32 kB wolnego miejsca na początku dysku systemowego (program startowy VeraCrypt musi być zapisany w tym obszarze). Niestety, używany dysk nie spełnia tego warunku.\n\nProsimy NIE zgłaszać tego problemu jako błędu programu VeraCrypt. Aby rozwiązać ten problem, będzie konieczne ponowne podzielenie dysku na partycje i pozostawienie wolnych pierwszych 32 kilobajtów (w większości przypadków należy usunąć i ponownie utworzyć pierwszą partycję). Zaleca się użycie menedżera partycji firmy Microsoft, który jest dostępny np. podczas instalowania systemu Windows. - Ta funkcjonalność nie jest obsługiwana w obecnie używanej wersji systemu operacyjnego. - Program VeraCrypt nie obsługuje szyfrowania partycji/dysku systemowego w obecnie używanej wersji systemu operacyjnego. - Przed zaszyfrowaniem systemowej partycji/dysku Windows Vista, wymagane jest zainstalowanie Service Pack 1 lub nowszego do Windows Vista (nie znaleziono zainstalowanego Service Pack w twoim systemie).\n\nZauważ: Service Pack 1 do Windows Vista rozwiązuje problemy z obsługą pamięci podczas bootowania systemu. - VeraCrypt nie wspiera już szyfrowania systemowego dysku/partycji na systemie Windows Vista bez zainstalowanego Service Pack. Przed aktualizacją VeraCrypt, zainstaluj Service Pack 1 lub wyżej dla Windows Vista. - Błąd: Ten dodatek wymaga instalacji VeraCrypt w systemie (masz uruchomiony VeraCrypt w trybie przenośnym).\n\nProszę zainstalować VeraCrypt i spróbować jeszcze raz. - UWAGA: Wydaje się, że Windows nie jest zainstalowany na partycji z której jest uruchomiony. To nie jest wspierane.\n\nMożesz kontynuować tylko jeżeli jesteś pewny, że Windows jest zainstalowany na dysku z którego jest zabootowany.\n\nCzy chcesz kontynuować? - Dysk systemowy posiada tablicę partycji typu GUID (GPT). Obecnie obsługiwane są tylko dyski z tablicą partycji typu MBR. - UWAGA: Program startowy VeraCrypt jest już zainstalowany na tym dysku systemowym!\n\nJest możliwe, że inny system na tym komputerze jest już zaszyfrowany.\n\nOSTRZEŻENIE: URUCHOMIENIE SZYFROWANIA NA AKTUALNIE PRACUJĄCYM SYSTEMIE MOŻE UNIEMOŻLIWIĆ INNYM SYSTEMOM START I ZABLOKOWAĆ DOSTĘP DO DANYCH.\n\nCzy na pewno chcesz kontynuować? - Błąd odtwarzania oryginalnego systemu ładowania.\n\nProszę użyć swojej płyty ratunkowej VeraCrypt ('Wybrać opcję napraw' > 'Odtwórz oryginalny system ładowania') lub płyt instalacyjnych Windows, aby zastąpić program startowy VeraCrypt. - Oryginalny program startowy NIE będzie zapisany na płycie ratunkowej (prawdopodobna przyczyna: Brak pliku zapasowego). - Niepowodzenie zapisu do sektora MBR.\n\nBIOS może być skonfigurowany do ochrony sektora MBR. Sprawdź ustawienia BIOS (naciśnij klawisz F2, Delete lub Esc tuż po włączeniu komputera) pod kątem ustawień MBR i ochrony antywirusowej. - OSTRZEŻENIE: Nieudana weryfikacja odcisku palca programu rozruchowego!\nTwój dysk mógł zostać zmodyfikowany przez atakującego (atak "Zła pokojówka").\n\nTo ostrzeżenie również może zostać wywołane, jeżeli przywróciłeś program rozruchowy VeraCrypt przy użyciu płyty ratunkowej, która została wygenerowana przez inną wersję VeraCrypt.\n\nZaleca się natychmiastową zmianę hasła, które ponadto przywróci poprawny program rozruchowy VeraCrypt. Zalecane jest ponowne zainstalowanie VeraCrypt oraz podjęcie środków w celu uniknięcia dostępu do tej maszyny przez niezaufane jednostki. - Wymagana wersja programu startowego VeraCrypt obecnie nie jest zainstalowana. To może uniemożliwić obsługę dodatkowych opcji w sytuacji odtworzenia. - Uwaga: W niektórych wypadkach, możesz nie życzyć sobie, by osoby postronne wiedziały, że startujesz komputer przy użyciu VeraCrypt. Aby to zrobić, musisz dokonać dostosowania programu startowego VeraCrypt. Jeżeli włączysz pierwszą opcję, program startowy nie będzie się wyświetlał żadnego tekstu (nawet jeśli wprowadzisz błędne hasło). Komputer będzie wyglądał jakby "zawiesił" się na czas wprowadzenia hasła. Dodatkowo, możesz wprowadzić własną informację do wyświetlenia, by zwieść napastnika. Np. niepoprawne informacje o błędzie takie jak "Missing operating system" (która jest zwykle wyświetlana, gdy starter nie znajdzie się systemu operacyjnego). Należy jednak zauważyć, że jeżeli przeciwnik będzie miał możliwość analizy zawartości dysku twardego, wciąż będzie mógł stwierdzić obecność programu startowego VeraCrypt. - UWAGA: Pamiętaj że włączyłeś tą opcję, program startowy VeraCrypt nie będzie wyświetlał żadnego tekstu (nawet jeśli wprowadzisz złe hasło). Komputer będzie wyglądał "jak zawieszony", nawet gdy będziesz wprowadzał hasło.\n\nCzy jesteś pewien, że chcesz włączyć tą opcję? - Partycja/dysk systemowy jest całkowicie zaszyfrowana. - Program VeraCrypt nie obsługuje szyfrowania dysku systemowego, który został przekształcony w dysk dynamiczny. - Dysk systemowy zawiera rozszerzone (logiczne) partycje.\n\nMożesz zaszyfrować cały dysk systemowy zawierający rozszerzone (logiczne) partycje tylko pod Windows Vista lub późniejsze wersje Windows. Na Windows XP możesz zaszyfrować cały dysk systemowy pod warunkiem że zawiera on tylko partycje podstawowe.\n\nUwaga: Możesz wciąż zaszyfrować partycję systemową zamiast całego dysku systemowego (a ponadto możesz utworzyć możesz utworzyć partycyjne wolumeny VeraCrypt na wszystkich partycjach bezsystemowych dysku). - OSTRZEŻENIE: Ponieważ pracujesz na Windows XP/2003, po uruchomieniu szyfrowania dysku NIE wolno ci utworzyć rozszerzonych (logicznych) partycji na nim (możesz tworzyć tylko partycje podstawowe). Dowolna rozszerzona (logiczna) partycja na dysku stanie się niedostępna po rozpoczęciu szyfrowania (dysk nie zawiera teraz takich partycji).\n\nUwaga: Jeśli to ograniczenie jest nie do przyjęcia, możesz się wycofać i wybrać szyfrowanie tylko partycji systemowej zamiast całego dysku (ponadto możesz utworzyć partycyjne wolumeny VeraCrypt na wszystkich bezsystemowych partycjach dysku).\n\nZ drugiej strony, jeśli to ograniczenie jest nie do przyjęcia, możesz rozważyć aktualizację do Windows Vista lub najnowszej wersji Windows (Możesz szyfrować cały dysk zawierający rozszerzone/logiczne partycje tylko pod Windows Vista lub późniejszymi). - Twój dysk systemowy zawiera niestandardową partycję.\n\nJeśli używasz laptopa, napęd systemowy zawiera specjalną partycję przywracania. Gdy cały napęd systemowy zostanie zaszyfrowany (włączając partycję przywracania), system może stać się niebutowalny jeśli komputer używa niewłaściwie zaprojektowanego BIOSa. Będzie równiez niemożliwe użycie jakiejkolwiek partycji przywracania do czasu aż aystem zostanie odszyfrowany. Zaleczmy w takim przypadku zaszyfrować tylko partycję systemową. - Czy chcesz zaszyfrować partycję systemową zamiast całego dysku?\n\nMożna utworzyć wolumen VeraCrypt w partycji w każdej nie systemowej partycji tego dysku (oprócz zaszyfrowania partycji systemowej). - Jeśli dysk systemowy zawiera tylko jedną partycję zajmującą cały dysk, bardziej bezpieczne jest zaszyfrowanie całego dysku, włączając w to wolne miejsce, które zwykle otacza taką partycję.\n\nCzy chcesz zaszyfrować cały dysk? - Twój system jest ustawiony, tak aby przechowywać pliki tymczasowe na nie systemowej partycji.\n\nPliki tymczasowe mogą być przechowywane tylko na partycji systemowej. - Twój pliki profilu nie są przechowywane na partycji systemowej.\n\nPliki profilu użytkownika mogą być przechowywane tylko na partycji systemowej. - Jest/są plik/pliki stronicowania na nie systemowej partycji.\n\nPliki stronicowania mogą być przechowywane tylko na partycji systemowej. - Czy chcesz teraz ustawić Windows, aby tworzył pliki stronicowania tylko na partycji Windows?\n\nPamiętaj, że jeżeli naciśniesz 'Tak', komputer będzie zrestartowany. Później uruchom VeraCrypt i spróbuj ponownie stworzyć ukryty OS. - Inaczej, przeciwnik może wykryć istnienie ukrytego systemu operacyjnego.\n\nUwaga: Jeżeli przeciwnik będzie analizował zawartość plików (umieszczonych na nie systemowej partycji, może odkryć, że użyłeś kreatora w trybie tworzenia ukrytego systemu (co może świadczyć, że na dysku znajduje się ukryty system operacyjny). Ważne jest zatem, aby wszystkie pliki umieszczone na partycji systemowej zostały bezpiecznie skasowane przez VeraCrypt podczas procesu tworzenia ukrytego systemu operacyjnego. - UWAGA: Podczas procesu tworzenia ukrytego systemu operacyjnego, jest wymagane pełne przeinstalowanie obecnie uruchomionego systemu operacyjnego (aby bezpiecznie utworzyć system zwodzący).\n\nUwaga: Obecnie uruchomiony system operacyjny i cała zawartość partycji systemowej będzie skopiowana do ukrytego wolumenu (aby stworzyć ukryty system operacyjny).\n\n\nCzy jesteś pewien, że będziesz mógł zainstalować Windows używając mediów instalatora Windows (lub partycji serwisowej)? - Z powodu bezpieczeństwa, jeżeli obecnie uruchomiony system wymaga aktywacji, musi ona być wykonana przed przejściem dalej. Pamiętaj, że ukryty system operacyjny zostanie stworzonu przez skopiowanie zawartości systemowej partycji do ukrytego wolumenu (więc, jeżeli system nie jest zaktywowany, ukryty system operacyjny też nie będzie zaktywowany). Więcej informacji, zobacz w "Security Requirements and Precautions Pertaining to Hidden Volumes" w dokumentacji do VeraCrypt.\n\nWażne: Przed wykonaniem następnego kroku, proszę się upewnić, że przeczytałeś sekcje "Security Requirements and Precautions Pertaining to Hidden Volumes" w dokumentacji VeraCrypt.\n\n\nCzy obecnie uruchomiony system operacyjny spełnia ten warunek? - Twój system używa osobnej boot partycji. VeraCrypt nie wspiera hibernacji w ukrytym systemie operacyjnym, który używa osobna boot partycja (pierwszy system może być hibernowany bez problemu).\n\nProszę pamiętać, że boot partycja jest współdzielona przez oba systemy - pierwszy i ukryty. Dlatego, aby zapobiegać wyciekom pamięci i problemom z przywróceniem z hibernacji, VeraCrypt zabezpiecza współdzieloną boot partycję przed zapisem z ukrytego systemu operacyjnego.\n\n\nCzy chcesz kontynuować? Jeżeli wybierzesz 'Nie', instrukcje do usunięcia extra boot partition zostaną wyświetlone. - \nOsobna boot partycja może zostać usunięta przed instalacją Windows. Aby to zrobić wykonaj następujące kroki:\n\n1) Uruchom dysk instalacyjny Windows.\n\n2) Na ekranie instalatora Windows, wciśnij 'Instaluj teraz' > 'Użytkownika (zaawansowane)'.\n\n3) Wciśnij 'Opcje Dysku'.\n\n4) Wybierz podstawową partycję systemową i usuń ją wciskając 'Delete' i 'OK'.\n\n5) Wybierz partycję 'System Reserved', wciśnij 'Rozszerz' i zwiększ jej rozmiar, tak by można było zainstalować na niej.\n\n6) Wciśnij 'Zastosuj' i 'OK'.\n\n7) Zainstaluj Windows na partycji 'System Reserved'.\n\n\nNapastnik może cię spytać, dlaczego usunąłeś the osobną boot partycję, możesz odpowiedzieć, że chciałeś zapobiec możliwym wyciekom danych przez niezaszyfrowaną partycję uruchomieniową.\n\nUwaga: Możesz wydrukować ten tekst wciskając przycisk 'Drukuj' poniżej. Jeśli zachowasz ten tekst lub go wydrukujesz (gorąco sugerowane, chyba że drukarka zapisuje kopie drukowanych dokumentów na wewnętrznym dysku twardym), powinieneś zniszczyć wszystkie jego kopie po usunięciu osobnej boot partycji (w przeciwnym razie, jeśli taka kopia zostanie znaleziona, może wskazywać że zainstalowano ukryty system operacyjny na komputerze). - UWAGA: Istnieje niezalokowane miejsce pomiędzy partycją systemową i pierwszą partycją za partycją systemową. Po stworzeniu ukrytego systemu operacyjnego nie mżesz tworzyć nowych partycji w niezaalokowanym miejscu. Inaczej zabootowanie ukrytego systemu operacyjnego może być niemożliwe (dopóki nie skasujesz nowo stworzonej partycji). - Ten algorytm nie jest obecnie obsługiwany do szyfrowania systemu. - Ten algorytm nie jest obsługiwany w trybie TrueCrypt. - MOI (Mnożnik Osobistych Iteracji) nie obsługuje trybu TrueCrypt. - Hasło musi zawierać przynajmniej 20 albo więcej znaków, aby móc używać określonego MOI.\nKrótsze hasła mogą być używane tylko wtedy, gdy MOI wynosi 485 albo więcej. - Hasło uwierzytelniania przed uruchomieniem musi zawierać 20 albo więcej znaków, aby móc używać określonego MOI.\nKrótsze hasła mogą być używane tylko wtedy, gdy MOI wynosi 98 albo więcej. - Pliki-klucze nie są obecnie obsługiwane/wspierane do szyfrowania systemu. - Ostrzeżenie: Program VeraCrypt nie mógł odtworzyć oryginalnych ustawień klawiatury. To może spowodować błędne wprowadzenie hasła. - Błąd: Nie można ustawić trybu klawiatury dla VeraCrypt na układ USA.\n\nHasło będzie wprowadzane w środowisku PRZED uruchomieniem systemu Windows, gdzie inne niż standardowy układy klawiatury nie są dostępne. Dlatego, hasło MUSI być zawsze wprowadzane przy użyciu standardowego układu klawiatury USA. - Ponieważ program VeraCrypt czasowo zmienił ustawienia klawiatury na standard USA, nie jest możliwe wprowadzanie znaków przy wciśniętym prawym klawiszu ALT. Można jednak wprowadzać znaki osiągane przez przytrzymanie klawisza Shift. - Program VeraCrypt zapobiegł zmianie ustawień klawiatury. - Hasło będzie wprowadzane w środowisku PRZED uruchomieniem systemu Windows, gdzie inne niż standardowy (USA) układy klawiatury nie są dostępne. Dlatego, hasło MUSI być zawsze wprowadzane przy użyciu standardowego układu klawiatury USA. Do tego celu nie jest jednak konieczne używanie klawiatury fizycznej z układem USA. Program VeraCrypt pozwala automatycznie na bezpieczne wprowadzanie hasła (teraz i w środowisku przed uruchomieniem systemu) nawet jeśli NIE masz prawdziwej klawiatury amerykańskiej. - Przed zaszyfrowaniem partycji/dysku, musisz stworzyć płytę ratunkową VeraCrypt, która służy następującym celom:\n\n- Jeżeli program startowy VeraCrypt, główny klucz, lub inne krytyczne dane są uszkodzone, płyta ratunkowa pozwoli Ci na odtworzenie ich (pamiętaj, jednakże, że wciąż będziesz musiał wprowadzić poprawne hasło).\n\n- Jeżeli Windows jest uszkodzony i nie może wystartować, płyta ratunkowa pozwala na całkowite odszyfrowanie partycji/dysku przed uruchomieniem Windows.\n\n- Płyta ratunkowa będzie zawierała kopię aktualnej pierwszej ścieżki dysku (która typowo zawiera systemowy loader lub boot manager) i pozwoli Ci na odtworzenie jej.\n\nPłyta ratunkowa VeraCrypt - obraz ISO - zostanie stworzona w poniższej lokalizacji. - Po kliknięciu OK, Microsoft Windows Disc Image Burner zostanie załadowany. Proszę użyć go do nagrania płyty ratunkowej VeraCrypt (ISO) - obrazu na CD lub DVD.\n\nPo zrobieniu tego, wróć do kreatora wolumenów VeraCrypt i postępuj zgodnie z instrukcjami. - Obraz płyty ratunkowej został stworzony i zapisany w pliku: %s\n\nTeraz potrzebujesz go nagrać na CD lub DVD.\n\n%lsPo zapisaniu płyty ratunkowej, kliknij Dalej, aby zweryfikować czy nagrana płyta jest w porządku. - Obraz płyty ratunkowej został stworzony i zapisany w pliku: %s\n\nTeraz powinieneś go nagrać na CD/DVD lub umieścić go w bezpiecznym miejscu, gdy będzie później potrzebny.\n\n%lsKliknij Dalej, aby kontynuować. - WAŻNE: Pamiętaj, że plik musi być zapisany na CD/DVD jako obraz dysku ISO (nie jako indywidualny plik). Aby dowiedzieć się jak to zrobić, proszę zobaczyć w dokumentację swojego programu nagrywającego CD/DVD. Jeżeli nie posiadasz programu do nagrywania na CD/DVD obrazów dysków ISO, kliknij łącze, aby ściągnąć oprogramowanie.\n\n - Załaduj Nagrywanie płyt (obrazów) Microsoft Windows - UWAGA: Stworzona płyta ratunkowa VeraCrypt, nie może być odtąd użyta do tego systemu partycji/dysku bo został stworzony z innym kluczem głównym! Za każdym razem, gdy szyfrujesz system partycję lub dysk musisz stworzyć nową płytę ratunkową VeraCrypt nawet jeśli użyjesz tego samego hasła. - Błąd: Nie można zapisać systemowych ustawień szyfrowania. - Nie można zainicjować testu szyfrowania systemu. - Proces tworzenia ukrytego systemu operacyjnego nie może zostać zainicjowany. - Tryb wymazywania - Na niektórych typach urządzeń, jeżeli dane są nadpisywane, może być możliwe odtworzenie ich. Stosuje się również metodę nadpisania danych ich zaszyfrowaną zawartością (co ma miejsce podczas rozpoczęcia szyfrowania w VeraCrypt niezaszyfrowanej partycji lub dysku). Zgodnie z nauką i rządowymi publikacjami, odtworzenie nadpisanych danych może być niemożliwe (lub może być bardzo trudne) przez nadpisanie danych losowymi danymi i pewną nie losową kombinacją liczb kilka razy. Dlatego, jeżeli chcesz wierzyć że przeciwnik nie będzie mógł odzyskać skasowanych danych, powinieneś wybrać jeden z trybów czyszczenia/wymazywania z wieloprzebiegowych. Uwaga, czyszczenie/wymazywanie NIE może być wykonane zaszyfrowania partycji/dysku. Kiedy partycja/dysk jest w pełni zaszyfrowana, niezaszyfrowane dane są zapisane jako zaszyfrowane. Wiele danych zapisanych jest najpierw do pamięci, szyfowanych "w locie" i zapisywanych zaszyfrowanych na dysku (tak aby nie obniżyć wydajności). - Na niektórych typach urządzeń, jeżeli dane są nadpisywane, może być możliwe odtworzenie ich używając specjalnych technik, np. mikroskopu sił magnetycznych. Zgodnie z nauką i rządowymi publikacjami, odtworzenie nadpisanych danych może być niemożliwe (lub może być bardzo trudne) przez nadpisanie danych losowymi danymi i pewną nielosową kombinacją liczb kilka razy. Dlatego, jeżeli obawiasz się że przeciwnik będzie mógł odzyskać skasowane dane, powinieneś wybrać jeden z trybów czyszczenia/wymazywania z wieloprzebiegowych.\n\nUwaga: Im więcej przebiegów użyjesz, tym dłużej będzie trwało kasowanie danych. - Wymazywanie - \nUwaga: Możesz przerwać proces czyszczenia/wymazywania, wyłączyć komputer, uruchomić ponownie ukryty system i wznowić proces (ten kreator włączy się automatycznie). Jednakże, jeżeli przerwiesz proces czyszczenia/wymazywania i później go wznowisz, cały proces wystartuje od początku. - \n\nUwaga: Jeżeli przerwiesz proces czyszczenia/wymazywania i później go wznowisz, cały proces wystartuje od początku. - Czy chcesz przerwać proces wymazywania? - UWAGA: Cała zawartość zaznaczonej partycji/urządzenia zostanie skasowana i utracona. - Cała zawartość partycji, gdzie jest oryginalny system operacyjny zostanie skasowana.\n\nUwaga: Cała zawartość partycji, która ma być skasowana została skopiowana do ukrytej partycji systemowej. - OSTRZEŻENIE: Pamiętaj, że jeżeli wybrałeś tryb 3-przebiegowego czyszczenia, czas niezbędny do zaszyfrowania partycji/dysku wydłuży się 4-ro krotnie. Podobnie, jeżeli wybierzesz tryb 35-przebiegowego czyszczenia, czas wydłuży 36-cio krotnie (może potrwać kilka tygodni).\n\nJednakże, proszę pamiętać, że czyszczenie NIE musi być wykonane po pełnym zaszyfrowaniu partycji/dysku. Jeżeli partycja/dysk jest w pełni zaszyfrowana, niezaszyfrowane dane są zapisane jako zaszyfrowane. Wiele danych zapisanych jest najpierw do pamięci, szyfrowanych "w locie" i zapisywanych zaszyfrowanych na dysku (tak aby nie obniżyć wydajności).\n\nCzy jesteś pewien, że chcesz użyć trybu czyszczenia/wymazywania? - Brak (najszybszy) - 1-przebieg (dane losowe) - 3-przebiegowy (US DoD 5220.22-M) - 7-przebiegowy (US DoD 5220.22-M) - 35-przebiegowy ("Gutmann") - 256-przebiegowy - Liczba systemów operacyjnych - OSTRZEŻENIE: Niedoświadczeni użytkownicy nie powinni nigdy próbować szyfrować systemu Windows w konfiguracji z wieloma uruchamianymi systemami.\n\nCzy kontynuować? - Podczas tworzenia/używania ukrytego systemu operacyjnego, VeraCrypt obsługuje konfigurację uruchamiania wielu systemów tylko, gdy zostaną spełnione następujące warunki:\n\n- Obecnie działający system operacyjny musi być zainstalowany na napędzie rozruchowym, który nie może zawieraćżadnych innych systemów operacyjnych.\n\n- Systemy operacyjne zainstalowane na innych dyskach nie mogą używać żadnego programu startowego znajdującego się na dysku, na którym zainstalowany jest obecnie działający system operacyjny.\n\nCzy powyższe wymagania są spełnione? - VeraCrypt nie obsługuje takiej konfiguracji uruchamiania wielu systemów, gdy jest tworzony/używany ukryty system operacyjny. - Dysk startowy - Czy aktualnie uruchomiony system jest uruchamiany z dysku, na którym jest zainstalowany?\n\nWyjaśnienie: Czasami system Windows nie jest instalowany na tym samym dysku, co program startowy Windows (na partycji startowej). W takim przypadku wybierz 'Nie'. - Program VeraCrypt obecnie nie obsługuje szyfrowania systemu operacyjnego, który nie jest uruchamiany z dysku, na którym jest zainstalowany. - Liczba dysków systemowych - Ile dysków zawiera system operacyjny?\n\nNa przykład, jeśli używanych jest wiele systemów operacyjnych (np. Windows, Mac OS X, Linux, itp. zainstalowany na pierwszym dysku i dodatkowy system zainstalowany na drugim dysku), wybierz opcję '2 lub więcej'. - Program VeraCrypt obecnie nie obsługuje szyfrowania całego dysku, który zawiera wiele systemów operacyjnych.\n\nMożliwe rozwiązania:\n\n- Można na poprzednim panelu wybrać opcję zaszyfrowania jednego systemu na jednej partycji systemowej (w przeciwieństwie do szyfrowania całego dysku).\n\n- Można zaszyfrować cały dysk, jeśli inne systemy operacyjne zostaną przeniesione na inne dyski, pozostawiając ten dysk tylko dla jednego systemu operacyjnego. - Wiele systemów na jednym dysku - Czy inne systemy operacyjne zostały zainstalowane na dysku, na którym jest zainstalowany aktualnie uruchomiony system operacyjny?\n\nNa przykład, jeśli aktualnie uruchomiony system operacyjny jest zainstalowany na dysku 0 (zawierającym kilka partycji), którego jedna z partycji zawiera Windows, a inna zawiera dodatkowy system operacyjny (np. Windows, Mac OS X, Linux, itp.), wybierz opcję 'Tak'. - Program startowy z innego systemu - W MBR jest wpis pochodzący od programu startowego innego niż Windows?\n\nUwaga: Na przykład, jeżeli pierwsza ścieżka dysku zawiera GRUB, LILO, XOSL, lub inny niż menedżer startowy Windows (lub program startowy), wybierz 'Tak'. - Wiele systemów - Program VeraCrypt obecnie nie obsługuje konfiguracji wielosystemowej, w której w głównym rekordzie startowym (MBR) jest zainstalowany program startowy z systemu innego niż Windows.\n\nMożliwe rozwiązania:\n\n- Jeśli używasz menedżera uruchamiania do uruchamiania systemów Windows i Linux, przenieś menedżera uruchamiania (np. GRUB lub LILO) z MBR do partycji. Następnie uruchom ponownie kreator i zaszyfruj partycję lub dysk systemowy. Program startowy VeraCrypt stanie się podstawowym menedżerem uruchamiania i będzie pozwalał na uruchamianie oryginalnego menedżera uruchamiania (np. GRUB lub LILO) jako drugiego menedżera uruchamiania (przez naciśnięcie klawisza Esc na ekranie programu startowego VeraCrypt), co umożliwi uruchamianie systemu Linux. - Jeżeli obecnie uruchomiony system operacyjny jest zainstalowany na boot partycji, wówczas po zaszyfrowaniu jej, będziesz musiał wprowadzić poprawne hasło za każdym razem kiedy będziesz uruchamiał system (nawet ten niezaszyfrowany).\n\nNatomiast, jeżeli obecnie uruchomiony system operacyjny nie jest zainstalowany na boot partycji (lub jeżeli program startowy Windows nie jest używany przez inny system), wówczas, po zaszyfrowaniu systemu nie będziesz musiał wprowadzać hasła do uruchomienia innych systemów (również tych niezaszyfrowanych) -- będziesz musiał wcisnąć tylko klawisz Esc, aby uruchomić niezaszyfrowany system (jeżeli jest wiele niezaszyfrowanych systemów będziesz musiał wybrać, który system chcesz uruchomić).\n\nUwaga: Typowo, Windows jest zainstalowany na boot partycji. - Szyfrowanie Obszeru Chronionego Hosta - Na końcu wielu dysków są ukryte miejsca, gdzie nie ma dostępu system operacyjny (są to zwykle Host Protected Areas). Jednakże niektóre programy potrafią czytać i pisać dane z/do tych sektorów.\n\nUWAGA: Niektórzy producenci sprzętu używają tych miejsc do przechowywania narzędzi np. do RAID, odtwarzania systemu, konfiguracji systemu, diagnostyki lub innych narzędzi. Jeżeli te narzędzia lub dane muszą być dostępne przed bootowaniem, obszar ten NIE powinien być zaszyfrowany (wybierz 'Nie' powyżej).\n\nCzy chcesz, aby VeraCrypt wykrył i zaszyfrował te ukryte obszary na końcu dysku? - Typ Systemu Szyfrowania - Wybierz tą opcję jeżeli chcesz zaszyfrować jedynie partycję systemową lub cały dysk systemowy. - Może się zdarzyć, że będziesz zmuszony przez kogoś do odszyfrowania systemu operacyjnego. Jest wiele sytuacji, gdy nie możesz tego odmówić (na przykład w wyniku wymuszenia). Jeżeli wybierzesz tę opcję, utworzysz ukryty system operacyjny, którego istnienie będzie niemożliwe do odkrycia (o ile zastosujesz się do pewnych wytycznych). Stąd nie będziesz zmuszony odszyfrowywać ani zdradzać hasła do ukrytego systemu operacyjnego. By uzyskać dokładniejsze wyjaśnienia, wybierz link poniżej. - Może się zdarzyć, że zostaniesz zmuszony przez kogoś do odszyfrowania systemu operacyjnego. Jest wiele sytuacji, gdy nie możesz tego odmówić (na przykład w wyniku wymuszenia).\n\nUżywając tego kreatora możesz utworzyć ukryty system operacyjny, którego istnienie powinno być niemożliwe do udowodnienia (o ile zastosujesz się do pewnych wytycznych). Stąd nie będziesz zmuszony odszyfrowywać ani zdradzać hasła do ukrytego systemu operacyjnego. - Ukryty System Operacyjny - Wykonując kolejne kroki, stworzysz dwa wolumeny VeraCrypt (zewnętrzny i ukryty) które będą za pierwszą partycją systemową. Ukryty wolumen będzie zawierał ukryty system operacyjny (OS). VeraCrypt będzie tworzył ukryty OS poprzez skopiowanie partycji systemowej (gdzie obecnie jest zainstalowany i uruchomiony OS) do ukrytego wolumenu. Do zewnętrznego wolumenu skopiuj jakieś pliki, które NIE będą ukryte. One będą dostępne dla każdego po to, aby utajnić hasło ukrytej partycji OS. Możesz ujawnić hasło do zewnętrznego wolumenu który zawiera system operacyjny OS.\n\nNa koniec, na partycji, gdzie aktualnie masz uruchomiony OS, możesz zainstalować nowy OS, zwany dalej zwodzącym OS, i zaszyfrować go. On nie może zawierać wrażliwych danych. W sumie, będą trzy hasła. Dwa z nich można ujawnić (do zwodzącego OS i zewnętrznego wolumenu). Jeżeli użyjesz trzeciego hasła, zostanie uruchomiony ukryty system operacyjny. - Wykrywanie ukrytych sektorów - Proszę poczekać dopóki VeraCrypt wykrywa możliwe ukryte sektory na końcu dysku systemowego. Może to potrwać dłuższą chwile.\n\nUwaga: W bardzo rzadkich przypadkach, na niektórych komputerach, system wykrywania może zawiesić komputer. Jeżeli to się zdarzy, uruchom ponownie komputer, uruchom VeraCrypt, powtórz poprzednie kroki ale pomiń ten proces wyszukiwania. Informacja: To nie jest błąd VeraCrypt. - Obszar do zaszyfrowania - Wybierz tą opcję jeżeli chcesz zaszyfrować cały dysk na którym aktualnie jest uruchomiony system Windows. Powierzchnia dysku, zawierająca wszystkie partycje, zostanie zaszyfrowana z wyjątkiem pierwszej ścieżki, gdzie program startowy VeraCrypt jest umieszczony. Każdy kto chce mieć dostęp do systemu zainstalowanego na dysku lub plików umieszczonych na dysku będzie musiał wprowadzić poprawne hasło za każdym razem przed uruchomieniem systemu. Ta opcja nie może być użyta do zaszyfrowania drugiego lub zewnętrznego dysku jeżeli nie jest na nim zainstalowany Windows i nie jest z niego bootowany. - Zbieranie danych losowych - Wygenerowano klucze - VeraCrypt nie odnalazł nagrywarki CD/DVD podłączonej do komputera. VeraCrypt wymaga nagrywarki CD/DVD, aby wypalić bootowalną płytę ratunkową VeraCrypt zawierający kopię kluczy szyfrowania, program startowy VeraCrypt, oryginalny program startowy systemu itd.\n\nSugerujemy gorąco wypalenie płyty ratunkowej VeraCrypt. - Nie mam nagrywarki CD/DVD ale zapiszę obraz ISO płyty ratunkowej na urządzeniu przenośnym (np. pendrive). - Podłączę później nagrywarkę CD/DVD do komputera. Zakończ proces. - Nagrywarka CD/DVD jest teraz podłączona do komputera. Kontynuuj i zapisz płytę ratunkową. - Wykonaj następujące czynności:\n\n1) Podłącz teraz urządzenie przenośne, np. pendrive, do komputera.\n\n2) Skopiuj plik obrazu płyty ratunkowej VeraCrypt (%s) na urządzenie przenośne.\n\nW przypadku konieczności użycia w przyszłości, będziesz mógł podłączyć dysk przenośny (zawierający obraz płyty ratunkowej VeraCrypt) do komputera z nagrywarką CD/DVD i utworzyć bootowalną płytę ratunkową VeraCrypt wypalając obraz na płycie CD lub DVD. WAŻNE: Pamiętaj, że płyta ratunkowa VeraCrypt musi zostać zapisana na CD/DVD jako obraz ISO płyty (nie jako plik). - Zapisywanie płyty ratunkowej - Utworzono płytę ratunkową - Test szyfrowania - Zweryfikowano płytę ratunkową - \nPłyta ratunkowa VeraCrypt została zweryfikowana. Wyjmij ją z napędu i umieść w bezpiecznym miejscu.\n\nKliknij przycisk Dalej, aby kontynuować. - UWAGA: Podczas następnych kroków nie może być płyty ratunkowej VeraCrypt w czytniku. Inaczej nie będzie możliwe poprawne dokończenie kolejnych kroków.\n\nProszę usunąć ją z czytnika i schować w bezpiecznym miejscu. Później kliknąć OK. - Ostrzeżenie: Ze względu na techniczne ograniczenia środowiska przed ładowaniem systemu, tekst wyświetlany przez program VeraCrypt w tym środowisku (zanim zostanie uruchomiony system Windows) nie może być przetłumaczony. Interfejs użytkownika programu startowego VeraCrypt jest całkowicie w języku angielskim.\n\nCzy kontynuować? - Przed zaszyfrowaniem partycji lub dysku systemowego program VeraCrypt musi zweryfikować, czy wszystko działa poprawnie.\n\nPo kliknięciu przycisku Test wszystkie niezbędne komponenty (komponent odpowiedzialny za uwierzytelnianie przed załadowaniem systemu, program startowy VeraCrypt, itp.) zostaną zainstalowane i komputer zostanie ponownie uruchomiony. Następnie zostanie wyświetlone okno programu VeraCrypt, w którym należy podać hasło. Po uruchomieniu systemu Windows zostanie automatycznie wyświetlony wynik tego testu.\n\nZostaną zmodyfikowane następujące urządzenia: Dysk %d\n\n\nAby przerwać instalację i testowanie, kliknij przycisk Anuluj. - WAŻNA INFORMACJA -- PROSZĘ PRZECZYTAĆ LUB WYDRUKOWAĆ (kliknij 'Drukuj'):\n\nZauważ, że żaden z plików nie zostanie zaszyfrowany zanim zrestartujesz komputer i uruchomisz Windows. Wtedy, jeśli coś zawiedzie, twoje dane NIE zostaną utracone. Jednakże, jeśli coś pójdzie nie tak, możesz napotkać trudności w uruchomieniu Windows. Dlatego przeczytaj (i wydrukuj, jeśli możesz) następujące the following wytyczne odnośnie tego co zrobić jeśli Windows nie będzie mógł się uruchomić po restarcie komputera.\n\n - Co zrobić, jeżeli Windows nie może wystartować ------------------------------------------------\n\nZauważ: Instrukcje są poprawne tylko jeśli nie zacząłeś szyfrowania.\n\n- Jeśli Windows nie startuje po podaniu poprawnego hasła (lub jeśli wielokrotnie wprowadziłeś właściwe hasło ale VeraCrypt informuje, że hasło jest niepoprawne), nie panikuj. Restart (wyłączenie i włączenie zasilania) komputera, a na ekranie programu startowego VeraCrypt, wciśnij klawisz Esc (a jeśli masz wiele systemów, wybierz, który uruchomić). Wtedy Windows powinien się uruchomić (przy założeniu że nie został zaszyfrowany) a VeraCrypt zapyta automatycznie, czy chcesz odinstalować komponentu autentykującego preinicjacyjnego. Zauważ, że poprzednie kroki NIE powiodą się jeśli partycja/dysk systemowy został zaszyfrowany (nikt nie może uruchomić Windows ani uzyskać dostępu do danych na dysku bez poprawnego hasła nawet jeśli poprawnie wykonano poprzednie kroki).\n\n - - Jeśli poprzednie kroki nie pomogły lub jeśli ekran programu startowego VeraCrypt nie pojawił się (przed uruchomieniem Windows), włóż płytę ratunkową VeraCrypt do napędu CD/DVD i uruchom ponownie komputer. Jeśli ekran płyty ratunkowej VeraCrypt nie pojawił się (lub jeśli nie widzisz elementu 'Repair Options' na sekcji 'Keyboard Controls' ekranu płyty ratunkowej VeraCrypt), jest możliwe, że BIOS jest skonfigurowany do wykonania startu z dysku twardego przed próbami z płyt CD/DVD. O ile to ten przypadek, restart komputer, wciśnij F2 lub Delete (jak tylko widać ekran uruchamiania BIOS), i poczekać na pojawienie ekranu konfiguracji BIOS. Jeśli nie pojawi się ekran konfiguracji BIOS, zrestartuj (reset) komputer raz jeszcze i wciskaj F2 lub Delete wielokrotnie od samego restartu (resetu) komputera. Gdy pojawi się ekran konfiguracji BIOS, ustaw BIOS tak, by uruchamiał się najpierw z dysku CD/DVD (aby uzyskać informację jak to zrobić, sprawdź dokumentację BIOSu/płyty głównej lub skontaktuj się ze sprzedawcą lub serwisem komputera, aby uzyskać pomoc). Następnie uruchom ponownie komputer. Ekran płyty ratunkowej VeraCrypt powinien się teraz pokazać. Na ekranie płyty ratunkowej VeraCrypt wybierz 'Repair Options' wciskając klawisz F8. Z menu 'Repair Options', wybierz 'Restore original system loader'. Następnie usuń płytę ratunkową z napędu CD/DVD po czym zrestartuj komputer. Windows powinien uruchomić się normalnie (o ile nie został zaszyfrowany).\n\n - Zauważ, że poprzednie kroki nie działają jeśli partycja/dysk systemowy jest zaszyfrowany (nikt nie może uruchomić Windows ani uzyskać dostępu do danych zaszyfrowanych na dysku bez poprawnego hasła nawet jeśli poprawnie wykonał poprzednie kroki).\n\n\nZauważ, że nawet jeśli w przypadku utraty płyty ratunkowej VeraCrypt i jej pozyskania przez napastnika, NIE będzie on w stanie odszyfrować systemowej partycji lub dysku bez poprawnego hasła. - Test zakończony - Test (pretest) został przeprowadzony poprawnie.\n\nUWAGA: Proszę pamiętać, że jeżeli nastąpi brak zasilania podczas szyfrowania "w locie" lub nastąpi błąd systemu operacyjnego porzez błąd sprzętowy lub oprogramowanie w czasie szyfrowania "w locie" część danych może ulec uszkodzniu lub utracie. Dlatego, przed rozpoczęciem szyfrowania, proszę upewnić się, że masz kopię zapasową danych, które chcesz zaszyfrować. Jeżeli nie, proszę zrób teraz kopię plików (możesz kliknąć Odłóż, zrobić kopię plików i później ponownie uruchomić VeraCrypt wybrać 'System' > 'Wznów Przerwany Proces' w celu kontynuowania szyfrowania).\n\nJeżeli jesteś gotów, kliknij Szyfruj, aby uruchomić szyfrowanie. - Możesz kliknąć Pauza lub Odłóż na później, aby przerwać proces szyfrowania lub deszyfrowania, wyjść z kreatora, uruchomić ponownie lub zamknąć komputer, a później wznowić proces, który będzie kontynuował szyfrowanie od miejsca, gdzie zakończył. Szyfrowanie będzie spowalnianie kiedy system lub aplikacje zapisują lub czytają dane z dysku systemowego, VeraCrypt automatycznie będzie czekał aż dane zostaną zapisane lub odczytane (popatrz Status powyżej) i będzie automatycznie kontynuował szyfrowanie bądź odszyfrowanie. - \n\nMożesz wcisnąć Pauza lub Odłóż na później, aby przerwać proces szyfrowania, wyjść z tego kreatora, zrestartować lub wyłączyć komputer i później wznowić proces, który będzie kontynuował szyfrowanie od miejsca, gdzie zakończył. Wolumen nie może być podłączony do czasu pełnego zaszyfrowania. - \n\nMożesz wcisnąć Pauza lub Odłóż na później, aby przerwać proces deszyfrowania, wyjść z tego kreatora, zrestartować lub wyłączyć komputer i później wznowić proces, który będzie kontynuował deszyfrowanie od miejsca, gdzie zakończył. Wolumen nie może być podłączony do czasu pełnego deszyfrowania. - Wystartował ukryty system - Oryginalny system - Windows tworzy (standardowo, bez twojej wiedzy i zgody) pliki logów, pliki tymczasowe, itp., na partycji systemowej. Zawartość RAM w trakcie hibernacji i zawartość pliku stronicowania umieszczona jest na partycji systemowej. Dlatego, jeżeli narzędzia analizują pliki umieszczone na oryginalnym systemie operacyjnym (z którego klonujemy ukryty system), wykryją, że np. użyłeś kreatora VeraCrypt w trybie tworzenia ukrytego systemu (to może wskazywać na istnienie ukrytego systemu operacyjnego na twoim komputerze).\n\nAby temu zapobiec, VeraCrypt będzie w kolejnych krokach, bezpiecznie usuwał całą zawartość partycji, gdzie jest oryginalny system operacyjny. Potem, w celu bezpieczeństwa, będziesz musiał zainstalować nowy system na partycji i zaszyfrować go. Później możesz stworzyć system zwodzący i całość procesu tworzenia ukrytego systemu operacyjnego zostanie zakończona poprawnie. - Ukryty system operacyjny został stworzony poprawnie. Dlatego, przed rozpoczęciem używania go, wymagane jest bezpiecznie usunięcie (używając VeraCrypt) całości zawartości partycji, gdzie obecnie jest uruchomiony i zainstalowany system operacyjny. Przed wykonaniem tego, musisz zrestartować komputer i w programie startowym VeraCrypt (który nastąpi przed uruchomieniem Windows) wpisz hasło do ukrytego systemu operacyjnego. Później, po uruchomieniu ukrytego systemu, kreator VeraCrypt zostanie automatycznie włączony.\n\nInfo: Jeżeli wybierzesz teraz przerwanie procesu tworzenia ukrytego systemu operacyjnego, Nie będziesz mógł go wznowić ponownie i NIE będzie dostępny ukryty system operacyjny (ponieważ program startowy VeraCrypt zostanie usunięty). - Wstawiono w harmonogram proces tworzenia ukrytego systemu operacyjnego. Proces nie jest jeszcze kompletny. Aby go dokończyć, musisz zrestartować komputer i w programie startowym VeraCrypt (który nastąpi przed uruchomieniem Windows) wprowadź hasło do ukrytego systemu operacyjnego.\n\nInfo: Jeżeli wybierzesz teraz przerwanie procesu tworzenia ukrytego systemu operacyjnego, Nie będziesz mógł go wznowić ponownie. - Restart komputera i uruchomienie procesu - Permanentne przerwanie procesu tworzenia ukrytego systemu operacyjnego - Nie rób teraz nic później zostaniesz zapytany ponownie - \nJEŻELI MOŻLIWE, WYDRUKUJ TEN TEKST (kliknij 'Drukuj').\n\n\nJak i kiedy używać Plyty ratunkowej VeraCrypt (po zaszyfrowaniu) -----------------------------------------------------------------------------------\n\n - I. Jak Zainicjować komputer z płyty ratunkowej VeraCrypt\n\nAby uruchomić komputer z -płyty ratunkowej VeraCrypt, włóż ją do napędu CD/DVD i uruchom ponownie komputer. Jeśli ekran płyty ratunkowej VeraCrypt nie pojawia się (lub nie widać elementu 'Repair Options' w sekcji 'Keyboard Controls' na ekranie), prawdopodobnie BIOS został ustawiony tak, by próbować uruchamiać system z dysków twardych przed dyskami CD/DVD. Jeśli tak jest, uruchom ponownie komputer, wciśnij klawisz F2 lub Delete (natychmiast po pojawieniu ekranu uruchomieniowego BIOS) i poczekaj na wyświetlenie ekranu konfiguracji BIOS. Jeśli ekran konfiguracji BIOS nie pojawi się, zrestartuj (zresetuj) komputer raz jeszcze i powtarzaj wciśnięcia klawiszy F2 lub Delete od momentu restartu (resetu) komputera. Gdy pojawi się ekran konfiguracji BIOS, ustaw w BIOS-ie kolejność uruchamiania tak, by napęd CD/DVD był na pierwszym miejscu (Aby dowiedzieć się jak to zrobić, sprawdź w dokumentacji BIOS-u/płyty głównej lub skontaktuj się ze sprzedawcą lub wsparciem technicznym, by uzyskać pomoc). Następnie zrestartuj komputer. Ekran płyty ratunkowej VeraCrypt powinien się teraz pokazać. Uwaga: Na ekranie płyty ratunkowej VeraCrypt wybierz 'Repair Options' wciskając klawisz F8.\n\n\n - II. Kiedy i jak użyć płyty ratunkowej VeraCrypt (po Zaszyfrowaniu)\n\n - 1) Jeśli ekran programu startowego VeraCrypt nie pojawia się po uruchomieniu komputera (lub jeśli nie startuje Windows), program startowy VeraCrypt może być uszkodzony. Płyta ratunowa VeraCrypt pozwala odtworzyć go a przez to odzyskać dostęp do zaszyfrowanego systemu i danych (jednak pamiętaj, że wciąż należy podać poprawne hasło). Na ekranie płyty ratunkowej wybierz 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Następnie wciśnij 'Y', by potwierdzić akcję, usuń płytę ratunkową z napędu CD/DVD i uruchom ponownie komputer.\n\n - 2) Jeśli wielokrotnie wpisujesz poprawne hasło ale VeraCrypt informuje, że hasło jest niepoprawne, prawdopodobnie został uszkodzony klucz główny lub inne dane krytyczne. Płyta ratunkowa VeraCrypt pozwala odtworzyć je i odzyskać dostęp do zaszyfrowanego systemu i danych (jednak pamiętaj, że wciąż należy podać poprawne hasło). Na ekranie płyty ratunkowej wybierz 'Repair Options' > 'Restore key data'. Następnie wpisz hasło i wciśnij 'Y', by potwierdzić akcję, usuń płytę ratunkową z napędu CD/DVD i uruchom ponownie komputer.\n\n - 3) Jeśli program startowy VeraCrypt jest uszkodzony, możesz uniknąć wykonania go inicjując komputer bezpośrednio z płyty ratunkowej VeraCrypt. Włóż płytę ratunkową do napędu CD/DVD i wprowadź hasło na ekranie płyty ratunkowej.\n\n - 4) Jeśli Windows jest uszkodzony i nie może się uruchomić, płyta ratunkowa VeraCrypt pozwala na trwale odszyfrować partycję lub dysk przed uruchomieniem Windows. Na ekranie płyty ratunkowej wybierz 'Repair Options' > 'Permanently decrypt system partition/drive'. Wprowadź poprawne hasło i poczekaj aż odszyfrowywanie się zakończy. Można wtedy np. uruchomić dysk instalacyjny w celu naprawy instalacji Windows.\n\n - Uwaga: Innym wyjściem, jeśli Windows jest uszkodzony (nie może się uruchomić) i chcesz go naprawić (lub uzyskać dostęp do jego plików), można uniknąć odszyfrowywania artycję lub dysk systemowy wykonując następujące kroki: Jeśli zainstalowano wiele systemów operacyjnych na komputerze, uruchom ten, który nie wymaga autentykacji przeduruchomieniowej. Jeśli jest tylko jeden system zainstalowany na komputerze, można uruchomić system z CD/DVD WinPE lub BartPE lub można podłączyć dysk systemowy jako dysk drugorzędny lub zewnętrzny do innego komputera i uruchomić system operacyjny zainstalowany na komputerze. Po uruchomieniu systemu uruchom VeraCrypt, wciśnij 'Wybierz Urządzenie', wskaż tą dołączoną partycję systemową, wciśnij 'OK', po czym wybierz 'System' > 'Mount Without Pre-Boot Authentication', wprowadź przeduruchomieniowe hasło autentykacyjnei wciśnij 'OK'. Partycja zostanie zamontowana jako zwykły wolumen VeraCrypt (dane będą szyfrowane/rozszyfrowywane w locie w RAM podczas dostępu, jak zwykle).\n\n\n - Zauważ, że nawet jeśli stracisz swoją płytę ratunkową VeraCrypt i napastnik ją odnajdzie, NIE będzie w stanie odszyfrować partycji systemowej czy dysku bez poprawnego hasła. - \n\nW A Ż N E -- WYDRUKUJ TO JEŻELI TO MOŻLIWE (kliknij 'Drukuj').\n\n\nUwaga: Ten tekst będzie automatycznie wyświetlany za każdym razem, gdy uruchomisz ukryty system operacyjny dopóki nie zaczniesz tworzyć zwodzącego systemu operacyjnego.\n\n\n - Jak utworzyć system zwodzący spokojnie i bezpiecznie ----------------------------------------------------------------------------\n\nAby osiągnąć wiarygodne możliwości kontroli, musisz teraz utworzyć system zwodzący. By to osiągnąć, wykonaj następujące kroki:\n\n - 1) Ze względów bezpieczeństwa wyłącz komputer i pozostaw wyłączony co najmniej kilka minut (im dłużej tym lepiej). Jest to konieczne, aby wyczyścić pamięć, która zawiera wrażliwe dane. Następnie włącz komputer ale nie ładuj ukrytego systemu.\n\n - 2) Zainstaluj Windows na partycji, której zawartość ma być usunięta (tj. na partycji, której ukryty system jest klonem, został zainstalowany).\n\nWAŻNE: GDY ROZPOCZNIESZ INSTALACJĘ SYSTEMU ZWODZĄCEGO, SYSTEM UKRYTY *NIE* BĘDZIE MIAŁ MOŻLIWOŚCI URUCHOMIENIA (ponieważ program startowy VeraCrypt zostanie wymazany przez instalator systemu Windows). JEST TO NORMALNE I OCZEKIWANE. NIE PANIKOWAĆ. DOSTĘP DO URUCHOMIENIA UKRYTEGO SYSTEMU ZOSTANIE PRZYWRÓCONY PO ZASZYFROWANIU SYSTEMU ZWODZĄCEGO (ponieważ VeraCrypt zainstaluje wtedy automatycznie program startowy VeraCrypt na dysku systemowym).\n\nWażne: Wielkość partycji wydawać się taka sama jak wielkość ukrytego wolumenu (ten warunek będzie teraz spełniony). Ponadto, musisz nie możesz tworzyć żadnych partycji pomiędzy partycją systemu zwodzącego i partycją na której umieszczono system ukryty.\n\n - 3) Uruchom system zwodzący (zainstalowany w kroku 2 i zainstaluj na nim VeraCrypt).\n\nZapamiętaj, że system zwodzący nie może zawierać żadnych wrażliwych danych.\n\n - 4) W systemie zwodzącym uruchom VeraCrypt i wybierz 'System' > 'Szyfruj partycję lub dysk systemowy'. Powinno pojawić się okno Kreatora Tworzenia Wolumenu VeraCrypt.\n\nWykonaj następujące kroki w Kreatorze Tworzenia Wolumenu VeraCrypt.\n\n - 5) W Kreatorze Tworzenia Wolumenu VeraCrypt, NIE wybieraj opcji 'Ukryty'. Pozostaw zaznaczoną opcję 'Normalny' i wciśnij 'Dalej'.\n\n - 6) Wybierz opcję 'Koduj partycję systemową Windows' a następnie wciśnij 'Dalej'.\n\n - 7) Jeśli na komputerze zainstalowano tylko systemy ukryty i zwodzący, wybierz opcję 'Jeden system' (jeśli jest więcej niż te dwa systemy na komputerze, wybierz 'Wiele systemów'). Następnie wciśnij 'Dalej'.\n\n - 8) WAŻNE: W TYM KROKU, DLA SYSTEMU ZWODZĄCEGO MUSISZ WYBRAĆ TEN SAM ALGORYTM SZYFROWANIA I ALGORYTM HASZOWANIA, KTÓRY WYBRAŁEŚ DLA SYSTEMU UKRYTEGO! W PRZECIWNYM RAZIE UKRYTY SYSTEM POZOSTANIE NIEDOSTĘPNY! Innymi słowy, system zwodzący musi być zaszyfrowany tym samym algorytmem szyfrującym jak system ukryty. Uwaga: Powodem tego jest fakt, że system zwodzący i ukryty dzielą ten sam program startowy, który wspiera tylko jeden algorytm, wybrany przez użytkownika (dla każdego algorytmu jest dedykowana wersja programu startowego VeraCrypt).\n\n - 9) W tym kroku wybierz hasło dla zwodzącego systemu operacyjnego. Będzie to hasło, które możesz wyjawić przeciwnikowi jeśli będziesz proszony lub zmuszony wyjawić przeduruchomieniowe hasło autentykacyjne (innym hasłem, które możesz podać jest hasło do modułu zewnętrznego). Istnienie trzeciego hasła (tj przeduruchomieniowego hasła autentykacyjnego do ukrytego systemu operacyjnego) powinno pozostać tajemnicą.\n\nWażne: Hasło wybrane do systemu zwodzącego musi znacznie różnić się od tego do wolumenu ukrytego (tj do ukrytego systemu operacyjnego).\n\n - 10) Wykonuj następne instrukcje kreatora aż do zaszyfrowania zwodzącego systemu operacyjnego.\n\n\n\n - Po Utworzeniu Zwodzącego Systemu Operacyjnego ------------------------------------------------\n\nPo zaszyfrowaniu systemu zwodzącego cały proces tworzenia ukrytego systemu operacyjnego zostanie zakończony i będziesz mógł używać trzech haseł:\n\n1) Przeduruchomieniowe hasło autentykacyjne do ukrytego systemu operacyjnego.\n\n2) Przeduruchomieniowe hasło autentykacyjne dla zwodzącego systemu operacyjnego.\n\n3) Hasło do zewnętrznego wolumenu.\n\n - Jeśli chcesz uruchomić ukryty system operacyjny, wystarczy tylko wpisać hasło do ukrytego systemu operacyjnego na ekranie programu startowego VeraCrypt (który pojawia się po włączeniu lub restarcie komputera).\n\nJeśli chcesz uruchomić zwodzący system operacyjny, wystarczy wpisać hasło dla zwodzącego systemu operacyjnego na ekranie programu startowego VeraCrypt.\n\nHasło do zwodzącego systemu operacyjnego może zostać ujawnione każdemu zmuszającemu Cię do zdradzenia przeduruchomieniowego hasła autentykacyjnego. Istnienie ukrytego wolumenu (i ukrytego systemu operacyjnego) pozostanie tajemnicą.\n\n - Trzecie hasło (do wolumenu zewnętrznego) może zostać wyjawiony każdemu zmuszającemu do zdradzenia hasła do pierwszej partycji za partycją systemową, gdzie mieszczą się wolumen zewnętrzny i ukryty (zawierający ukryty system operacyjny). Istnienie ukrytego wolumenu (i ukrytego systemu operacyjnego) pozostanie tajemnicą.\n\n\n - Jeśli zdradziłeś hasło do zwodzącego systemu operacyjnego przeciwnikowi a ten spyta, czemu wolna przestrzeń (zwodzącej) partycji systemowej zawiera dane losowe, możesz odpowiedzieć na przykład: "Partycja zawierała przedtem system zaszyfrowany przez VeraCrypt, ale zapomniałem przeduruchomieniowego hasła autentykacyjnego (albo system został uszkodzony i przestał się uruchamiać), więc musiałem ponownie zainstalować partycję windows i zaszyfrować ją."\n\n\n - Jeśli wykonano wszystkie instrukcje i zapewniono wszystkie środki ostrożności i i wymagania wymienione w sekcji "Security Requirements and Precautions Pertaining to Hidden Volumes" w instrukcji użytkownika VeraCrypt, powinno być niemożliwe udowodnienie, że ukryty wolumen i ukryty system operacyjny istnieje, nawet gdy zewnętrzny wolumen został zamontowany lub gdy zwodzący system operacyjny jest odcyfrowany i uruchomiony.\n\nJeśli zapiszesz kopię tego tekstu lub wydrukujesz go (gorąco polecane, chyba, że drukarka przechowuje kopie drukowanych dokumentów na wewnętrznym dysku), musisz zniszczyć wszystkie jego kopie po utworzeniu systemu zwodzącego i zrozumieniu wszystkich informacji zawartych w tekście (w przeciwnym przypadku, jeśli taka kopia zostanie znaleziona, mogłaby wskazywać, że na tym komputerze zainstalowano ukryty system operacyjny).\n\n - UWAGA: JEŚLI NIE CHRONISZ UKRYTEGO WOLUMENU (by uzyskać informację jak to zrobić, sprawdź sekcję "Protection of Hidden Volumes Against Damage" w Instrukcji Użytkownika VeraCrypt), NIE ZAPISYWAĆ DANYCH NA WOLUMENIE ZEWNĘTRZNYM (zauważ że zwodzący system operacyjny NIE jest zainstalowany na wolumenie zewnętrznym). W PRZECIWNYM PRZYPADKU MOŻESZ NADPISAĆ I USZKODZIĆ UKRYTY WOLUMEN (I UKRYTY SYSTEM OPERACYJNY NA NIM)! - Klonowanie Systemu Operacyjnego - W następnym kroku, VeraCrypt będzie tworzył ukryty system operacyjny przez skopiowanie zawartości partycji systemowej do ukrytego wolumenu (kopiowane dane zostaną zaszyfrowane "w locie" z innym kluczem niż został użyty w zwodzącym systemie operacyjnym).\n\nProszę pamiętać, że proces zacznie się od pre-boot (przed uruchomieniem Windows) i może zabrać dość dużo czasu aż skończy; od kilu godzin lub nieraz kliku dni (w zależności od wielkości partycji systemowej i wydajności twojego komputera).\n\nMożesz przerwać proces, wyłączając komputer, a proces wznowi się, gdy włączysz go ponownie. Jednakże, jeżeli przerwiesz proces, cały proces kopiowania zacznie się od początku (ponieważ zawartość systemowej partycji nie może ulec zmianie podczas klonowania). - Czy chcesz anulować cały proces tworzenia ukrytego systemu operacyjnego?\n\nInfo: Nie będziesz mógł wznowić procesu jeżeli go anulujesz teraz. - Chcesz anulować test szyfrowania systemu? - Test szyfrowania systemu przez program VeraCrypt nie powiódł się. Czy chcesz spróbować jeszcze raz?\n\nJeśli wybierzesz 'Nie', komponent odpowiedzialny za uwierzytelnienie przed uruchomieniem zostanie odinstalowany.\n\nUwagi: \n\n- Jeśli program startowy VeraCrypt nie pytał o hasło przed uruchomieniem systemu Windows, jest możliwe, że system operacyjny nie startuje z dysku, na którym jest zainstalowany. \n\n- Jeśli używasz algorytmu szyfrującego innego niż AES i test się nie powiódł (po wpisaniu hasła), mogło to być spowodowane przez niepoprawnie przydzielony sterownik. Wybierz 'Nie' i spróbuj zaszyfrować ponownie partycję lub dysk systemowy, jednak przy użyciu algorytmu szyfrowania AES (który ma najmniejsze wymagania co do pamięci).\n\n- Więcej możliwych powodów i rozwiązań na stronie https://veracrypt.codeplex.com/wikipage?title=Troubleshooting (w języku angielskim). - Partycja/dysk systemowy nie jest zaszyfrowany (ani częściowo, ani w pełni). - Partycja/dysk systemowy jest zaszyfrowany (częściowo lub całkowicie).\n\nOdszyfruj partycję lub dysk systemowy przed kontynuowaniem. W tym celu wybierz opcję 'System' > 'Trwale odszyfruj partycję lub dysk systemowy' w menu głównym programu VeraCrypt. - Kiedy systemowa partycja/dysk jest zaszyfrowany (częściowo lub całkowicie), nie możesz wykonać instalacji wcześniejszej wersji VeraCrypt (ale możesz zrobić aktualizacji lub reinstalację tej samej wersji). - Partycja/dysk systemowy jest właśnie w trakcie szyfrowania, odszyfrowywania lub jest modyfikowany w inny sposób. Aby kontynuować, przerwij ten proces (lub poczekaj na jego zakończenie). - Instancja kreatora tworzenia wolumenu programu VeraCrypt jest w tej chwili uruchomiona i wykonuje operację szyfrowania/deszyfrowania partycji/dysku systemowego. Aby kontynuować, przerwij ten proces (lub poczekaj na jego zakończenie). Jeśli zamknięcie nie jest możliwe, zrestartuj komputer przed kontynuowaniem. - Proces szyfrowania lub deszyfrowania partycji/dysku systemowego nie został zakończony. Aby kontynuować, przerwij ten proces (lub poczekaj na jego zakończenie). - Błąd: Proces szyfrowania partycji lub dysku systemowego nie został zakończony. Ten proces musi zostać najpierw zakończony. - Błąd: Proces szyfrowania partycji/wolumenu nie jest kompletny. Musi być najpierw kompletny.\n\nUwaga: Aby wznowić proces, wybierz 'Wolumeny' > 'Kontynuuj przerwany proces' z menu głównego okna VeraCrypt. - Hasło jest poprawne, VeraCrypt poprawnie odszyfrował nagłówek wolumenu i wykrył że wolumen jest ukrytym wolumenem systemowym. Dlatego, nie możesz modyfikować nagłówka ukrytego wolumenu systemowego w tym kroku.\n\nAby zmienić hasło dla ukrytego wolumenu systemowego, uruchom system operacyjny zlokalizowany na ukrytym wolumenie, i wybierz 'System' > 'Zmień hasło' z menu głównego okna VeraCrypt.\n\nAby zmienić algorytm klucz nagłówka, uruchom ukryty system operacyjny i wybierz 'System' > 'Ustaw algorytm klucza nagłówka'. - VeraCrypt nie obsługuje odszyfrowania "w locie" ukrytego systemu operacyjnego.\n\nUwaga: Jeżeli chcesz odszyfrować partycję systemu zwodzącego, uruchom system zwodzący i wybierz 'System' > 'Trwale odszyfruj partycję lub dysk systemowy' z menu w głównym oknie VeraCrypt. - Błąd: Niepoprawny parametr. - Wybrano partycję lub urządzenie ale wybrany tryb kreatora jest odpowiedni tylko dla kontenerów plikowych.\n\nCzy zmienić tryb kreatora? - Czy zamiast tego utworzyć kontener plikowy VeraCrypt? - Wybrałeś systemową partycję lub dysk (lub partycję startową), ale w trybie kreatora możesz zaznaczyć tylko nie-systemowe partycje/dyski.\n\nCzy chcesz ustawić autoryzację przed uruchomieniem (co oznacza, że będziesz musiał wpisać hasło za każdym razem przed startowaniem Windows) i zaszyfrować systemową partycję lub dysk? - Czy na pewno trwale zdeszyfrować partycję lub dysk systemowy? - OSTRZEŻENIE: W wyniku trwałego odszyfrowania partycji/dysku systemowego zostaną na nim zapisane niezaszyfrowane dane.\n\nCzy na pewno trwale zdeszyfrować partycję lub dysk systemowy? - Czy na pewno chcesz trwale odszyfrować następujący wolumen? - OSTRZEŻENIE: Jeżeli trwale odszyfrujesz wolumen VeraCrypt, niezaszyfrowane dane zostaną zapisane na dysku.\n\nCzy na pewno chcesz trwale odszyfrować wybrany wolumen? - OSTRZEŻENIE: Jeżeli używasz kaskadowego szyfrowania w systemie, możesz spotkać się z:\n\n1) Program startowym VeraCrypt jest większy niż normalny ponieważ, nie ma miejsca w pierwszej ścieżce dysku na kopię programu startowego VeraCrypt. Stąd, ilekroć zostanie uszkodzony (co zdarza się często, np. podczas uruchamiania pirackiego oprogramowania modyfikującego sektory startowe), możesz wymagać użycia płyty ratunkowej VeraCrypt do uruchomienia lub do naprawy programu startowego VeraCrypt.\n\n2) Z powodu podniesienia wymagań ilości pamięci, możne być niemożliwe zaszyfrowanie partycji/dysku.\n\n3) Na niektórych komputerach, po włączeniu po długim czasie hibernacji.\n\nTych potencjalnych problemów unikamy stosując nie kaskadowych algorytmów szyfrowania (np. AES).\n\nCzy jesteś pewien, że chcesz użyć kaskadowych algorytmów szyfrowania? - W przypadku wystąpienia jednego z poprzednio opisanych problemów, odszyfruj partycję lub dysk systemowy (jeśli jest zaszyfrowany), następnie zaszyfruj go, używając niekaskadowego algorytmu szyfrowania (np. AES). - OSTRZEŻENIE: Dla bezpieczeństwa, powinieneś uaktualnić VeraCrypt na pierwszym systemie operacyjnym przed aktualizacją na ukrytym systemie operacyjnym.\n\nAby to zrobić, wystartuj system zwodzący i zainstaluj na nim VeraCrypt. Później uruchom ukryty system i uruchom instalacje.\n\nUwaga: System zwodzący i ukryty współdzielą ten sam program startowy. Jeżeli uaktualnisz VeraCrypt tylko w ukrytym systemie (a nie w systemie zwodzącym), system zwodzący może zawierać sterownik i aplikację VeraCrypt której wersja jest różna od wersji programu startowego VeraCrypt. Taka rozbieżność może wskazywać, że na tym komputerze jest ukryty system.\n\n\nCzy chcesz kontynuować? (Nie polecane.) - Wersja programu startowego VeraCrypt wystartowanego na tym systemie operacyjnym jest różna z wersją VeraCrypt zainstalowanego w tym systemie.\n\nPowinieneś uruchomić instalację VeraCrypt (gdzie wersja VeraCrypt jest taka sama jak użyta w programie startowym), aby zaktualizować VeraCrypt w systemie operacyjnym. - Numer wersji programu startowego VeraCrypt który uruchomił system operacyjny jest inna niż wersja sterownika VeraCrypt (oraz aplikacji VeraCrypt) zainstalowany w systemie. Zauważ, że starsze wersje mogą zawierać błędy poprawione w nowszych wersjach.\n\nJeśli nie startowałeś z płyty ratunkowej VeraCrypt, powinieneś przeinstalować VeraCrypt lub aktualizować do najnowszej stabilnej wersji (program startowy zostanie również zaktualizowany).\n\nJeśli startowałeś z płyty ratunkowej VeraCrypt, powinieneś go aktualizować ('System' > 'Utwórz płytę ratunkową'). - Program startowy VeraCrypt został zaktualizowany.\n\nStanowczo zaleca się utworzenie nowej płyty ratunkowej VeraCrypt (która będzie zawierała nową wersję programu startowego VeraCrypt). W tym celu zrestartuj komputer i wybierz opcję 'System' > 'Utwórz płytę ratunkową'. - Program startowy VeraCrypt został zaktualizowany.\n\nRekomendowane i wymagane jest zrestartowanie systemu operacyjnego i wykonanie nowej płyty ratunkowej VeraCrypt (która będzie zawierała nową wersję programu startowego VeraCrypt) przez wybranie 'System' > 'Twórz płytę ratunkową'. - Nie można zaktualizować programu startowego VeraCrypt. - VeraCrypt nie mógł ustalić rzeczywistej wielkości dysku systemowego, dlatego zostanie użyta wielkość dysku jaką raportuje system operacyjny (która może być mniejsza niż rzeczywista wielkość dysku). Jednak to nie jest błąd w VeraCrypt. - OSTRZEŻENIE: Wygląda na to, że program VeraCrypt już próbował wykryć ukryte sektory na tym dysku systemowym. Jeśli w poprzednim procesie wykrywania wystąpiły jakieś problemy, można je ominąć, pomijając wykrywanie ukrytych sektorów. W takim wypadku program VeraCrypt użyje wielkości zgłaszanej przez system operacyjny (która może być mniejsza od wielkości rzeczywistej). Ten problem nie jest spowodowany przez błąd w programie VeraCrypt. - Pomiń wykrywanie ukrytych sektorów (użyj wielkości zgłaszanej przez system operacyjny) - Ponownie spróbuj wykryć ukryte sektory - BŁĄD: Zawartość jednego lub więcej sektorów dysku nie może być odczytana.\n\nProces szyfrowania może zostać kontynuowany tylko gdy sektory będą ponownie możliwe do odczytu. VeraCrypt spróbuje uczynić te sektory dostępne poprzez zapisanie w nich wartości zerowych (następnie wszystkie zerowe bloki zostaną zaszyfrowane). Jednakże, wszystkie dane zapisane w nieodczytywalnych sektorach zostaną zniszczone. Jeżeli chcesz tego uniknąć, możesz przystąpić do odratowania części uszkodzonych danych (ignorując wszystkie błędy sum kontrolnych) używając oprogramowania firm trzecich.\n\nUwaga: W przypadku fizycznego uszkodzenia sektorów (w przeciwieństwie do zwykłego naruszenia integralności danych i błędów sumy kontrolnej) większość urządzeń wewnętrznie przesuwa sektory kiedy dane mają zostać zapisane do nich (więc istniejące dane w uszkodzonych sektorach mogą być niezaszyfrowane na urządzeniu).\n\nCzy chcesz, aby VeraCrypt zapisał zerami nieodczytywalne sektory? - BŁĄD: Zawartość jednego bądź więcej sektorów dysku nie może być odczytany (prawdopodobnie jest problem sprzętowy).\n\nAby dokonać odszyfrowania, VeraCrypt będzie odrzucać zawartość nieodczytywalnych sektorów (zawartość będzie wypełniona losowymi danymi). Proszę pamiętać że, przed uruchomieniem procesu, możesz odzyskać częsi uszkodzonych danych narzędziami trzecich firm.\n\nCzy chcesz, aby VeraCrypt odrzucił dane z nieodczytywalnych sektorów? - Uwaga: VeraCrypt zastąpił zawartość %I64d nieodczytywalego sektora (%s) zaszyfrowaną zerową, tekstową informacją w bloku. - Uwaga: VeraCrypt zastąpił zawartość %I64d nieodczytywalego sektora (%s) pseudolosowymi danymi. - Wprowadź hasło/PIN dla tokena '%s': - Aby pozwolić VeraCrypt na dostęp do tokena bezpieczeństwa lub karty pamięci, musisz najpierw zainstalować oprogramowanie biblioteki PKCS #11 dla tego tokena lub karty pamięci. Poszukiwana biblioteka może być na urządzeniu lub może być dostępna na stronach internetowych producenta lub firm trzecich.\n\nPo instalacji biblioteki, możesz dopiero ją ręcznie wybrać przez kliknięcie 'Wybierz bibliotekę' lub możesz pozwolić VeraCrypt znaleźć i wybrać automatycznie klikając 'Autowkrywanie biblioteki' (tylko katalog systemowy Windows będzie przeszukany). - Uwaga: Dla zainstalowania biblioteki PKCS #11 (lokalizacja i nazwa pliku) twojego tokena lub twojej karty pamięci, proszę sprawdź tą informację w dokumentacji użytego tokena, karty lub innego oprogramowania.\n\nNaciśnij 'OK' aby wybrać ścieżkę i plik. - W przypadku zezwolenia VeraCrypt do dostępu do tokenu bezpieczeństwa lub karty pamięci, musisz najpierw wskazać oprogramowanie biblioteki PKCS #11 do token/karty. Aby to zrobić, wybierz 'Ustawienia' > 'Tokeny bezpieczeństwa'. - Błąd przy zainicjowaniu biblioteki PKCS #11.\n\nProszę się upewnić, że wskazana ścieżka i nazwa pliku to poprawny plik biblioteki PKCS #11. Aby wskazać ścieżkę i plik biblioteki PKCS #11, wybierz 'Ustawienia' > 'Tokeny bezpieczeństwa'. - Nie znaleziono bibliotek PKCS #11 w katalogu Windows.\n\nProszę upewnić się, że biblioteki PKCS #11 do twojego tokena (lub twojej karty pamięci) są zainstalowane (poszukaj bibliotek, które współpracują z tokenem/kartą - mogą być one dostępne na stronach producentów lub partnerów). Jeżeli są zainstalowane w innym katalogu niż katalog systemowy Windows, kliknij 'Wybierz bibliotekę' i wskaż tą bibliotekę (np. w katalogu, gdzie jest zainstalowane oprogramowanie tokena/karty). - Nie znaleziono tokena zabezpieczenia.\n\nProszę się upewnić, że token jest podłączony do twojego komputera i że jest poprawnie zainstalowane urządzenie z tokenem. - Plik-klucz nie został znaleziony. - Istnieje plik-klucz tokena o tej samej nazwie. - Czy chcesz skasować zaznaczone pliki? - Błędna ścieżka do pliku-klucz tokena. - Błąd tokenu bezpieczeństwa - Niepoprawne hasło do tokena bezpieczeństwa. - Token bezpieczeństwa nie ma wystarczającej pamięci/przestrzeni, aby wykonać żądaną operację.\n\nJeśli próbujesz zaimportować plik-klucz, musisz wybrać mniejszy plik lub użyć pliku-klucza utworzonego przez VeraCrypt (wybierz 'Narzędzia' > 'Generator pliku-klucza'). - Wszystkie otwarte sesje tokenów bezpieczeństwa zostały zamknięte. - Wybierz token - plik-klucz bezpieczeństwa - Slot - Nazwa tokena - Nazwa pliku - WAŻNE: Proszę pamiętać, że hasło autoryzacyjne pre-boot jest zawsze pisane używając klawiatury w standardzie US (US keyboard layout). Dlatego wolumeny używające hasła pisanego w innym układzie klawiatury mogą być niemożliwe do podłączenia używając autoryzacji pre-boot (pamiętaj, że to nie jest błąd VeraCrypt). Aby pozwolić montować wolumen używając autoryzacji pre-boot, postępuj następująco:\n\n1) Kliknij 'Wybierz Plik' lub 'Wybierz Urządzenie' i wybierz wolumen. 2) Wybierz 'Wolumeny' > 'Zmień Hasło Wolumenu'. 3) Wprowadź bieżące hasło do wolumenu. 4) Zmień układ klawiatury na Angielski - English (US) - przez kliknięcie w Panelu Sterowania w Ustawienia Regionalne. 5) W VeraCrypt w polu nowe hasło wpisz hasło autoryzacyjne pre-boot. 6) Potwierdź nowe hasło przez ponowne jego wpisanie i kliknij 'OK'. UWAGA: Proszę pamiętać te kroki, hasła wolumenów zawsze są wpisywane używając układu klawiatury US (US keyboard layout) (on jest automatycznie wymuszany tylko w środowisku pre-boot). - Systemowe ulubione wolumeny będą montowane używając autoryzacyjnego hasła z pre-boot. Jeżeli jakieś ulubione wolumeny używają innych haseł, nie zostaną zamontowane. - Zauważ, że jeśli wymagasz zablokowania zwykłych akcji na wolumenach VeraCrypt (jak 'Odłącz wszystko', odłącz automatycznie, itd.) na ulubionych wolumenach, powinieneś zaznaczyć opcję 'Zezwalaj tylko administratorom przeglądać i odmontowywać ulubione wolumeny systemowe VeraCrypt'. Ponadto, gdy VeraCrypt działa bez uprawnień administratora (domyślnie na Windows Vista i późniejszych), ulubione wolumeny systemowe nie będą wyświetlone na liście liter dysków na głównym oknie aplikacji VeraCrypt. - WAŻNE: Pamiętaj o tym, że jeżeli ta opcja jest włączona i VeraCrypt nie ma uprawnień administracyjnych, montowane ulubione wolumeny NIE będą wyświetlone w oknie aplikacji VeraCrypt i nie będą mogły być odłączone. Dlatego, jeżeli potrzebujesz np. odłączyć ulubione systemowe wolumeny, proszę kliknąć prawy przycisk myszy na ikonie VeraCrypt (w Menu Start) i wybrać 'Uruchom jako administrator'. Takie same ograniczenia dotyczą funkcji odłączenia 'Odłącz wszystkie', funkcji 'Automatyczne-Odłączanie', skrótów klawiaturowych 'Odłącz wszystko' itp. - Zauważ, że to ustawienie zostanie aktywowane dopiero po restarcie systemu operacyjnego. - Błąd podczas parsowania wiersza poleceń. - Płyta ratunkowa - Wybierz &plik i podłącz... - Wybierz &dysk i podłącz... - Zezwalaj tylko administratorom przeglądać i odmontowywać ulubione wolumeny systemowe VeraCrypt - Montuj ulubione wolumeny systemowe podczas startu Windows (w początkowej fazie procedury startup) - OSTRZEŻENIE: System plików na wolumenie podłączonym jako '%s' nie został poprawnie odłączony i może to spowodować błędy. Używanie uszkodzonego systemu plików może spowodować utratę danych lub ich uszkodzenie.\n\nInformacja: Przed fizycznym usunięciem lub wyłączeniem urządzenia (np. dysków USB flash lub zewnętrznych dysków twardych) które są zamontowane VeraCrypt-em, powinieneś zawsze najpierw odłączyć wolumen w VeraCrypt.\n\n\nCzy chcesz pozwolić Windows wykryć i naprawiść (jeżeli umie) błędy na systemie plików? - OSTRZEŻENIE: Jeden lub więcej ulubionych systemowych wolumenów nie został poprawnie odmontowany i stąd system plików może zawierać błędy. Proszę zobaczyć do dziennika zdarzeń po więcej informacji.\n\nUżywając uszkodzonego systemu plików możesz utracić lub uszkodzić dane. Powinieneś sprawdzić dotknięty błędem wolumen/y na błędy (kliknij prawym przyciskiem na każdym z wolumenów VeraCrypt i wybierz 'Napraw System Plików'). - OSTRZEŻENIE: Naprawianie uszkodzonego systemu plików używając narzędzia Microsoft 'chkdsk' może spowodować utratę plików w uszkodzonym zakresie. Dlatego, zalecane jest najpierw skopiowanie plików umieszczonych w wolumenie VeraCrypt do innego dobrego wolumenu VeraCrypt.\n\nCzy chcesz teraz naprawiać system plików? - Wolumen '%s' został podłączony w trybie tylko do odczytu ponieważ nie ma prawa do zapisu.\n\nProszę upewnić się, że uprawnienia pliku kontenera zezwalają na jego zapis (kliknij prawy przycisk kontenera i wybierz Właściwości > Uprawnienia).\n\nPamiętaj o tym, używając Windows, możesz zobaczyć to ostrzeżenie za każdym razem jak zmienisz uprawnienia. To nie jest błąd VeraCrypt. Możliwym rozwiązaniem jest przesunięcie kontenera np. do twoich 'Moje dokumenty'.\n\nJeżeli rzeczywiście chcesz utrzymywać twój wolumen w trybie tylko do odczytu, to ustaw atrybut tylko do odczytu (prawy przycisk myszy na kontenerze - Właściwości > Tylko-do-odczytu), to wyłączy to ostrzeżenie. - Wolumen '%s' został podłączony w trybie tylko do odczyty ponieważ nie ma prawa zapisu.\n\nProszę się upewnić, że aplikacje (np. system antywirusowy) są dostępne na partycji/urządzeniu które znajduje się na wolumenie. - Wolumen '%s' został podłączony w trybie tylko do odczytu ponieważ system operacyjny raportuje że urządzenie jest zabezpieczone przed zapisem.\n\nProszę mieć na uwadze, że niektóre sterowniki do chipset-ów błędnie raportują zabezpieczenie przed zapisem urządzeń. To nie jest problem z VeraCrypt. Można ten problem rozwiązać przez uaktualnienie lub odinstalowanie sterowników (nie Microsoft) do chipsetu które są obecnie zainstalowane w systemie. - Zauważ, że technika Hyper-Threading oferuje wiele rdzeni logicznych na pojedynczy rdzeń fizyczny. Gdy Hyper Threading jest włączony, liczba wybrana powyżej reprezentuje liczbę procesorów/rdzeni logicznych. - %d wątek(ki) - Zauważ, że przyspieszenie sprzętowe AES jest zablokowane, co wpływa na wyniki testów (gorsza wydajność).\n\nAby aktywować przyspieszenie sprzętowe, wybierz 'Ustawienia' > 'Wydajność' i zaznaczyć odpowiednią opcję. - Zauważ, że liczba wątków jest obecnie ograniczona, co wpływa na wyniki testów (gorsza wydajność).\n\nAby wykorzystać pełny potencjał procesora(ów), wybierz 'Ustawienia' > 'Wydajność' i odznacz odpowiednią opcję. - Czy chcesz, aby VeraCrypt wyłączył ochronę zapisu na partycji/dysku? - UWAGA: Takie ustawienie może zmniejszyć wydajność.\n\nNa pewno wprowadzić to ustawienie? - Ostrzeżenie: Wolumen VeraCrypt automatycznie odłączony - Zanim fizycznie usuniesz lub wyłączysz nośnik zawierający podłączony wolumen, musisz najpierw zawsze odłączyć wolumen VeraCrypt.\n\nNieoczekiwane spontaniczne odłączenie jest często spowodowane sporadycznie rozłączający się przewód, napęd (obudowa), itp. - Ten wolumen został stworzony w TrueCrypt %x.%x, ale VeraCrypt obsługuje jedynie wolumeny TrueCrypt stworzone w serii TrueCrypt 6.x/7.x - Test - Plik-klucz - Backspace - Tab - Czyść - Enter - Pauza - Caps Lock - Spacja - Page Up - Page Down - End - Home - Strzałka w lewo - Strzałka w górę - Strzałka w prawo - Strzałka w dół - Klawisz wyboru - Klawisz drukowania - Klawisz wykonywania - Wydruk ekranu - Insert - Delete - Klawisz aplikacji - Sleep - Num Lock - Scroll Lock - Poprzednia strona - Następna strona - Odśwież stronę - Zatrzymaj przeglądanie - Przeszukiwanie - Ulubione - Strona WWW - Wyciszanie - Ciszej - Głośniej - Następna ścieżka - Poprzednia ścieżka - Zatrzymaj odtwarzanie - Odtwarzanie/Pauza - Klawisz poczty - Klawisz wyboru mediów - Aplikacja 1 - Aplikacja 2 - Attn - CrSel - ExSel - Odtwarzaj - Powiększ - NumPad - Shift - Control - Alt - Win - B - kB - MB - GB - TB - PB - B/s - kB/s - MB/s - GB/s - TB/s - PB/s - - Dołączaj &MOI w trakcie przechowywania hasła uwierzytelniania rozruchu wstępnego - Dołączaj MOI w trakcie przechowywania hasła w pamięci - Uczyń odłączone napędy sieciowe dostępnymi do montowania - Wpisane hasło jest zbyt długie: jego reprezentacja UTF-8 przekracza 64 bajty. - Wpisane hasło zawiera znaki Unicode, które nie mogą zostać przekonwertowane do reprezentacji UTF-8. - Błąd: Nie można załadować biblioteki systemowej. - Rozmiar pliku wolumenu, który określono w wierszu poleceń, jest niekompatybilny z wybranym systemem plików exFAT. - Losowość zebrana z ruchów myszką - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Anuluj + Instaluj dla &wszystkich użytkowników + &Przeglądaj... + Umieść ikonę VeraCrypt na p&ulpicie + Dotuj teraz... + Skojarz &rozszerzenie pliku .hc z VeraCrypt + Po zakończeniu &otwórz lokalizację docelową + Dodaj VeraCrypt do Menu &Start + Utwórz punkt przy&wracania systemu + &Odinstaluj + &Wyodrębnij + &Zainstaluj + Kreator instalacji VeraCrypt + Odinstaluj VeraCrypt + Pomo&c + Wybierz lub wpisz lokalizację, w której chcesz zapisać wyodrębniane pliki: + Wybierz lub wpisz lokalizację, w której chcesz zainstalować pliki programu VeraCrypt. Jeśli podany folder nie istnieje, zostanie automatycznie utworzony. + Kliknij przycisk Odinstaluj, aby usunąć program VeraCrypt z systemu. + Przerwij + Tes&t wydajności + &Testuj + Stwórz zaszyfrowany wolumen i sformatuj go + Zaszyfruj partycję w miejscu + Wyświetl wygenerowane klucze (ich części) + Wyświetl zawartość puli + Pobierz oprogramowanie do zapisu CD/DVD + Stwórz zaszyfrowany plik (magazyn) + &GB + &TB + Więcej informacji + &Ukryty wolumen VeraCrypt + Więcej informacji o wolumenach ukrytych + Tryb bezpośredni + Tryb zwykły + &kB + Użyj plików-&kluczy + Próbuj najpierw zamontować z pustym hasłem + Losowy rozmiar ( 64 <-> 1048576 ) + Pliki-kl&ucze... + Informacja o algorytmach mieszających + Informacje dodatkowe + Informacje o MOI + &MB + Informacje dodatkowe + Więcej informacji o systemie szyfrowania + Informacje dodatkowe + Wiele systemów + Zaszyfruj bezsystemową partycję lub dysk + Nigdy nie zapisuj &historii + Otwórz wolumen zewn. + W&strzymaj + Użyj MO&I + Użyj MOI + Szybkie formatowanie + Wyświetl ha&sło + &Wyświetl hasło + Wyświe&tl MOI + Jeden system + Standardowy wolumen VeraCrypt + Uk&ryty + Normalny + Zaszyfruj partycję lub cały dysk systemowy + Zaszyfruj systemową partycję Windows + Zaszyfruj cały dysk + Kreator tworzenia wolumenów VeraCrypt + Klaster + WAŻNE: Wykonuj w tym oknie losowe ruchy myszą. Im dłużej to robisz, tym lepiej. Poprawia to znacząco kryptograficzną jakość kluczy. Następnie kliknij przycisk Dalej, aby kontynuować. + &Potwierdź: + Skończone + Litera napędu: + Algorytm szyfrowania + Sys. plików + Tworzy dysk wirtualny w zaszyfrowanym pliku. Zalecane dla początkujących użytkowników. + Opcje + Algorytm mieszający + Klucz nagłówka: + Zostało + Klucz główny: + Wybierz tę opcję, jeśli na tym komputerze zainstalowano kilka systemów operacyjnych.\n\nNa przykład:\n- Windows XP i Windows XP\n- Windows XP i Windows Vista\n- Windows i Mac OS X\n- Windows i Linux\n- Windows, Linux i Mac OS X + Zaszyfruj bezsystemową partycję na każdym wewnętrznym lub zewnętrznym dysku (np. na dysku falsh). Opcjonalnie stwórz ukryty wolumen. + Zawartość bieżącej puli (część) + Hasło + Hasło: + MOI wolumenu: + MOI wolumenu: + Postęp: + Pula losowa: + Wybierz tę opcję, jeśli na tym komputerze jest zainstalowany tylko jeden system operacyjny (nawet jeśli ma wielu użytkowników). + Szybkość + Status + Klucze, ciągi zaburzające (salt) i inne dane zostały pomyślnie wygenerowane. Jeśli chcesz generować nowe klucze, kliknij przycisk Wstecz, a następnie Dalej. W przeciwnym wypadku kliknij przycisk Dalej, aby kontynuować. + Zaszyfruj partycję lub dysk, na którym zainstalowany jest Windows. Każdy, kto będzie chciał uzyskać dostęp do systemu, czytać i zapisywać pliki itd., będzie musiał wpisać poprawne hasło za każdym razem, gdy będzie uruchamiany Windows. + Wybierz tą opcję, aby zaszyfrować partycję, gdzie obecnie jest zainstalowany i uruchomiony Windows. + Etykieta wolumenu w Windows: + Wymaż + Zamknij + Pozwól ominąć &autoryzację podczas startowania przez naciśnięcie klawisza Esc (menedżer rozruchu) + Nic nie rób + &Automatycznie podłącz poniższy wolumen VeraCrypt + &Uruchom VeraCrypt + Auto&wykrywanie biblioteki + &Przechowuj w pamięci hasło uwierzytelniania rozruchu wstępnego (bezsystemowe wolumeny) + Przeglądaj... + Przeglądaj... + Przechowuj w pamięci hasła i pliki-&klucze + Wyjdź, jeśli nie ma podłączonych wolumenów + &Zamknij token sesji (wylogowanie), gdy wolumen zostanie pomyślnie podłączony + Dołącz rozszerzacz wolumenów VeraCrypt + Włącz kreatora wolumenów VeraCrypt + Utwórz + &Utwórz wolumen + Nie wyś&wietlaj żadnego tekstu podczas autoryzacji przy starcie (z wyjątkiem poniższego tekstu) + Wyłącz wykrywanie ataku "Zła pokojówka" + Przyspiesz szyfrowanie i deszyfrowanie AES przy użyciu instrukcji AES procesora (jeśli dostępne) + Użyj plików-kluczy + Użyj nowych plików-kluczy + &Wyjdź + Pomoc dla ulubionych wolumenów + Nie montuj wybranego wolumenu, gdy wciśnięto skrót klawiszowy 'Mon&tuj ulubione wolumeny' + Montuj wybrany wolumen, gdy jego nośnik zostanie podłą&czany + Montuj wybrany wolumen podczas l&ogowania + Montuj wybrany wolume&n w trybie do odczytu + Montuj wybrany wolumen jako nośnik wymienny + Przesuń w &dół + Przes&uń w górę + Otwórz okno &Eksploratora dla wybranego wolumenu po pomyślnym montowaniu + Usu&ń + Użyj etykiety ulubionego jako etykiety napędu Eksploratora + Ustawienia ogólne + Wyświetl podpowiedź w dymku po udanym odłączeniu klawisza skrótu + Odtwórz systemowy dźwięk powiadomienia po pomyślnym odłączeniu klawisza skrótu + Alt + Ctrl + Shift + Win + Przypisz + Usuń + Pliki-klucze... + Nie używaj poniższej liczby procesorów dla szyfrowania i deszyfrowania: + Informacje dodatkowe + Informacje dodatkowe + Więcej ustawień... + Podłącz &automatycznie + &Opcje... + Podłącz wolumen tylko do &odczytu + Pliki-klucze... + (Puste albo 0 dla domyślnych iteracji) + (Puste albo 0 dla domyślnych iteracji) + Aktywny + Przechowuj hasła w pamięci sterownika + Automatycznie odłącz wolumen, jeśli nie był używany przez + Użytkownik się wylogował + Zablokowano sesję użytkownika + W trybie oszczędzania energii + Zadziałał wygaszacz ekranu + Wymuś odłączanie, nawet gdy są otwarte pliki lub katalogi + Podłącz wszystkie wolumeny VC w urządzeniach + Uruchom VC jako zadanie w tle + Podłącz wolumeny tylko do odczytu + Podłącz wolumeny jako urządzenia wymienne + Otwórz okno Eksploratora Windows po podłączeniu + Czasowo przechowuj hasło podczas operacji "Montowanie ulubionych wolumenów" + Użyj innej ikony na pasku zadań, gdy są podłączone wolumeny + Wyczyść pamięć haseł po automatycznym odłączeniu + Wyczyść pamięć haseł przy wyjściu + Zachowaj stempel czasowy plików kontenetrów + Zresetuj + Wybierz &urządzenie... + Wy&bierz plik... + Wybierz &bibliotekę... + Wyświetl hasło + Wyświetl hasło + Otwórz okno &Eksploratora dla podłączonego wolumenu + &Przechowuj hasło w pamięci sterownika + Tryb TrueCrypt + Odłącz w&szystko + Właściwośc&i wolumenu... + &Narzędzia wolumenu... + Wyczyść pamięć &haseł + VeraCrypt - Parametry montowania + VeraCrypt - Ulubione woluminy + VeraCrypt - Systemowe skróty klawiaturowe + VeraCrypt + Zmiana hasła lub pliku-klucza + Wprowadź hasło dla wolumenu VeraCrypt + VeraCrypt - Opcje wydajności i sterownika + VeraCrypt - Preferencje + VeraCrypt - Ustawienia szyfrowania systemu + VeraCrypt - Ustawienia bezpieczeństwa tokenu + Konfigurowanie dysku podróżnego VeraCrypt + Właściwości wolumenu VeraCrypt + Informacje... + Dodaj lub usuń plik-klucz do lub z wolumenu... + Dodaj montowany wolumen do ulubionych... + Dodaj montowany wolumen do ulubionych systemu... + Analiza awarii systemu... + Utwórz kopię zapasową nagłówka wolumenu... + Testuj... + Ustaw algorytm klucza nagłówka... + Zmień hasło wolumenu... + Ustaw algorytm klucza nagłówka... + Zmień hasło... + Wyczyść historię wolumenu + Zamknięcie wszystkich sesyjnych tokenów + Kontakt... + Tworzenie ukrytego systemu operacyjnego... + Utwórz płytę ratunkową... + Utwórz nowy wolumen... + Trwale odszyfruj... + Domyślne pliki-klucze... + Domyślne parametry montowania... + Dotuj teraz... + Szyfruj partycję lub dysk systemowy... + Często zadawane pytania (FAQ) + Podręcznik użytkownika + St&rona WWW + Skróty klawiaturowe... + Generator plików-kluczy + Język... + Informacje prawne + Zarządzaj kluczem tokenu bezpieczeństwa... + Podłącz automatycznie wszystkie wolumeny obsługiwane przez urządzenia + Podłącz wolumeny ulubione + Podłącz bez wstępnego &uwierzytelniania... + Podłącz wolumen + Podłącz wolumen z opcjami + Nowości + Dokumentacja + Kurs dla początkujących + Porządkuj ulubione wolumeny... + Porządkuj ulubione wolumeny systemu... + Konfiguracja wydajności i sterownika + Trwale odszyfruj partycję lub dysk systemowy + Preferencje... + Odśwież litery dysków + Usuń wszystkie pliki-klucze z wolumenu... + Odtwórz nagłówek wolumenu... + Kontynuuj przerwany proces + Wybierz urządzenie... + Wybierz plik... + Wznów przerwany proces + Szyfrowanie systemu... + Właściwości... + Ustawienia... + Ulubione wolumeny systemu... + Pobieranie + Wektory testowe... + Tokeny bezpieczeństwa... + Konfigurowanie dysku podróżnego... + Odłącz wszystkie podłączone wolumeny + Odłącz wolumen + Sprawdź płytę ratunkową + Sprawdź obraz ISO płyty ratunkowej + Historia wersji + Rozszerzacz wolumenu + Właściwości wolumenu + Kreator wolumenu + Strona WWW VeraCrypt + Wymaż przechowywane hasła + OK + Akceleracja sprzętowa + Skrót + Konfiguracja automatycznego uruchamiania (autorun.inf) + Automatyczne odłączanie + Odłącz wszystko, gdy: + Opcje obrazu 'Programu startowego' + Potwierdź hasło: + Bieżące + Wyświetlenie twojej wiadomości podczas autoryzowania i startowania (maksimum 24 znaki): + Domyślne opcje podłączania + Opcje klawiatury + Konfiguracja sterownika + Włącz obsługę rozszerzonych kodów sterujących dysku + Etykieta wybranego ulubionego wolumenu: + Ustawienia pliku + Klawisz do przypisania: + Procesor (CPU) tego komputera obsługuje akcelerację sprzętową AES: + Działania wykonywane podczas logowania do systemu Windows + minut(y) + Podłącz wolumen jako dysk: + Ustawienia podłączania + Nowe + Hasło: + Zrównoleglanie Wątkowe + Ścieżka biblioteki PKCS #11 + PKCS-5 PRF: + PKCS-5 PRF: + Pamięć haseł + Opcje bezpieczeństwa + Proces VeraCrypt uruchamiany w tle + Podłączany wolumen VeraCrypt (względem gł. katalogu dysku podróżnego): + Przy włożeniu dysku podróżnego: + Utwórz pliki dysku podróżnego w (katalog główny dysku podróżnego): + Wolumen + Windows + &Dodaj ścieżkę... + &Testuj wszystko + &Kontynuuj + &Odszyfruj + &Usuń + &Zaszyfruj + &Eksport... + Generuj i zapisz plik-klucz... + &Generuj losowy plik-klucz... + Pobierz pakiet językowy + Sprzętowo przyspieszony AES: + &Importuj plik-klucz do tokena... + Dodaj &plik... + Użyj plików-&kluczy + Pliki-&klucze... + &Usuń + Usuń &wszystko + Co to jest wolumen ukryty? + Informacje o plikach-kluczach + Podłącz wolumen jako nośnik &wymienny + Podłącz partycję, &używając szyfrowania bez wstępnego uwierzytelniania + Zrównoleglanie: + Testuj + &Drukuj + &Chroń wolumeny ukryte przed zniszczeniem + &Zresetuj + &Wyświetl hasło + Dodaj &token... + Użyj wbudowa. systemu kopii bezpiecz. nagłówka wolumenu, jeżeli możliwe + Tryb XTS + O VeraCrypt... + VeraCrypt - Testowanie szybkości algorytmów szyfrujących + VeraCrypt - Wektory testowe + Pomoc dla wiersza komend + VeraCrypt - Pliki-klucze + VeraCrypt - Generator plików-kluczy + VeraCrypt - Język + VeraCrypt - Opcje podłączania + Właściwości nowego tokenu pliku-klucza + VeraCrypt - Wzbogacony losowy zakres + Wybierz partycję lub urządzenie + VeraCrypt + Plik-klucz tokenu bezpieczeństwa + Wymagane hasło/PIN tokenu bezpieczeństwa + Aktywny pakiet językowy + Szybkość jest zależna od wydajności procesora i charakterystyki urządzeń składujących.\n\nTesty są przeprowadzane w pamięci RAM. + Bufor: + Szyfr: + &Hasło do ukrytego wolumenu:\n(jeśli puste, zostanie użyte zapamiętane) + Wolumen ukryty + Wielkość klucza: + WAŻNE: Wykonuj w tym oknie losowe ruchy myszą. Im dłużej to robisz, tym lepiej. Poprawia to znacząco kryptograficzną jakość pliku-klucza. + Uwaga: Jeśli zgubisz plik-klucz lub zostanie zmieniony choć jeden bit z pierwszych 1024 kB, podłączenie wolumenów nie będzie możliwe! + bity + Liczba plików-kluczy: + Rozmiar plków-kluczy (w bajtach): + Nazwa bazowa plików-kluczy: + Przetłumaczony przez: + Długość: + bity + Zawartość bieżącej puli + Mieszanie PRF: + WAŻNE: Przesuwaj losowo mysz wewnątrz tego okna. Im dłużej będziesz ruszał myszą, tym lepiej. Ma to znaczenie w kontekście zwiększenia bezpieczeństwa. Kiedy skończysz, kliknij 'Kontynuuj'. + Klucz drugorzędny (szesnastkowo) + Token bezpieczeństwa: + Metoda sortowania: + Czekaj. Ten proces może trwać długo... + Proszę czekać...\nTen proces może trwać długo, a VeraCrypt może przestać odpowiadać. + Numer bloku: + Tekst zaszyfrowany (szesnastkowo) + Numer jednostki danych (64 bity - szesnastkowo, wielkość jednostki danych: 512 bajtów) + Klucz (szesnastkowo) + Tekst jawny (szesnastkowo) + Nazwa pliku-klucza: + Tryb XTS + Sys&tem + Wolu&meny + Ulub&ione + Nar&zędzia + Usta&wienia + Pomo&c + St&rona WWW + + I&nformacje... + Atrybut tylko do odczytu na starym wolumenie nie może być zmieniony. Sprawdź prawa dostępu do pliku. + Błąd: Brak dostępu.\n\nPartycja, do której chcesz uzyskać dostęp, nie zawiera sektorów lub służy do uruchomienia systemu. + Administrator + Do załadowania sterowników VeraCrypt wymagane jest użycie konta z uprawnieniami administratora. + Aby zaszyfrować/sformatować partycję lub urządzenie, należy użyć konta z uprawnieniami administratora.\n\nPowyższe ograniczenie nie dotyczy wolumenów tworzonych w plikach. + W przypadku tworzenia wolumenu ukrytego należy użyć konta z uprawnieniami administratora.\n\nCzy kontynuować? + Do formatowania wolumenu w formacie NTFS należy użyć konta z uprawnieniami administratora.\n\nBez uprawnień administratora można formatować wolumen w formacie FAT. + Zaakceptowany przez FIPS szyfr (Rijndael, opublikowany w 1998) może być używany przez agencje rządowe USA Do ochrony informacji zaklasyfikowanych jako ściśle tajne. Klucz 256-bitowy, z blokiem 128-bitowym, 14 przebiegów (AES-256). Tryb szyfrowania: XTS. + Wolumen jest już podłączony. + UWAGA: Co najmniej jeden algorytm szyfrowania lub mieszający nie przeszedł wbudowanej automatycznej procedury testowej!\n\nInstalacja VeraCrypt może być uszkodzona! + UWAGA: Nie ma wystarczających danych w puli generatora losowego dla zapewnienia wymaganej ilości danych losowych.\n\nNie zaleca się kontynuowania. Wybierz w menu Pomoc opcję 'Zgłoszenie błędu' i zgłoś ten błąd. + Uszkodzony dysk (występują fizyczne uszkodzenia dysku), uszkodzony kabel lub uszkodzona pamięć.\n\nProszę rozwiąż problem ze sprzętem, nie z VeraCrypt. Zatem proszę NIE wysyłać tego błędu/problemu jako błędu VeraCrypt i proszę NIE pytać o pomoc na forum VeraCrypt. Proszę skontaktować się ze swoim serwisem sprzętu. Dziękuje.\n\nUwaga: Jeżeli błąd pojawia się cały czas w tym samym miejscu, jest prawdopodobne, że masz błędny blok na dysku, który może być naprawiony przy użyciu innego oprogramowania (zauważ, że polecenie 'chkdsk /r' może nie naprawić tego, ponieważ działa tylko na poziomie systemu plików; w niektórych przypadkach, polecenie 'chkdsk' nie wykryje błędu). + Jeśli uzyskujesz dostęp do dysku na nośniku wymiennym, upewnij się, że nośnik został umieszczony w czytniku. Dysk/nośnik może też być uszkodzony (występuje na nim błąd fizyczny) lub przewód został odłączony/uszkodzony. + Twój system używa dysku, który ma zostać zaszyfrowany, co powoduje błąd.\n\nProszę spróbować uaktualnić/odinstalować dodatkowe sterowniki do chipsetu przed uruchomieniem procesu. Jeżeli to nie pomoże, spróbuj zaszyfrować tylko partycję systemową. + Niepoprawna litera dysku. + Niepoprawna ścieżka. + Anuluj + Brak dostępu do urządzenia. Upewnij się, że wybrane urządzenie istnieje i nie jest używane przez system. + Ostrzeżenie: Wciśnięto klawisz Caps Lock. Może to spowodować niepoprawne wprowadzenie hasła. + Typ wolumenu + Czasem może wystąpić sytuacja, w której ktoś zmusza do ujawnienia hasła do zaszyfrowanego wolumenu. Istnieje wiele sytuacji, gdy nie można odmówić ujawnienia hasła (np. w sytuacji zagrożenia życia lub zdrowia). Użycie tzw. wolumenów ukrytych pozwala na wyjście z opresji bez ujawnienia właściwego hasła. + Wybierz tę opcję, aby utworzyć zwykły wolumen VeraCrypt. + Proszę zapisz to, jeżeli chcesz zainstalować system system operacyjny na ukrytej partycji/wolumenie - dysk systemowy nie może zostać zaszyfrowany używając pojedynczego klucza. + Opcje szyfrowania wolumenu zewnętrznego + Opcje szyfrowania wolumenu ukrytego + Opcje szyfrowania + Ostrzeżenie: Nie można wyczyścić ścieżki ostatnio wybranego wolumenu/pliku-klucza (zapamiętanego przez mechanizm wyboru plików)! + Błąd: Kontener został skompresowany na poziomie systemu plików. Program VeraCrypt nie obsługuje używania skompresowanych kontenerów (kompresja szyfrowanych danych jest nieefektywna i redundantna).\n\nWyłącz kompresję dla kontenera, wykonując następujące czynności: 1) Kliknij prawym przyciskiem myszy kontener w Eksploratorze Windows (nie w VeraCrypt). 2) Kliknij opcję 'Właściwości'. 3) W oknie dialogowym 'Właściwości' kliknij przycisk 'Zaawansowane'. 4) W oknie 'Atrybuty zaawansowane' anuluj zaznaczenie pola wyboru 'Kompresuj zawartość, aby zaoszczędzić miejsce na dysku' i kliknij przycisk 'OK'. 5) Zamknij okno dialogowe 'Właściwości', klikając przycisk 'OK'. + Niepowodzenie tworzenia wolumenu %s + Wielkość %s wynosi %.2f B + Wielkość %s wynosi %.2f kB + Wielkość %s wynosi %.2f MB + Wielkość %s wynosi %.2f GB + Wielkość %s wynosi %.2f TB + Wilekość %s wynosi %.2f PB + Ostrzeżenie: Urządzenie/partycja jest już w użyciu przez system operacyjny lub aplikację. Formatowanie urządzenia/partycji może spowodować uszkodzenie danych i niestabilność systemu.\n\nCzy kontynuować? + Uwaga: Partycja jest w użyciu przez system operacyjny lub aplikacje. Zamknij wszystkie aplikacje, które mogą używać partycji (włączając w to system antywirusowy).\n\nKontynuować? + Błąd: Urządzenie/partycja zawiera system plików, który nie może zostać odłączony. System plików może być używany przez system operacyjny. Formatowanie urządzenia/partycji z dużym prawdopodobieństwem spowoduje uszkodzenie danych i niestabilność systemu.\n\nAby rozwiązać ten problem, zaleca się wcześniejsze usunięcie partycji i ponowne jej utworzenie bez formatowania. W tym celu: 1) Kliknij prawym przyciskiem myszy ikonę 'Komputer' (lub 'Mój Komputer') w 'Menu Start' i wybierz opcję 'Zarządzaj'. Zostanie wyświetlone okno 'Zarządzanie komputerem'. 2) W oknie 'Zarządzanie komputerem' wybierz 'Magazyn' > 'Zarządzanie dyskami'. 3) Kliknij prawym przyciskiem myszy partycję, którą chcesz zaszyfrować, następnie wybierz opcję 'Usuń partycję' lub 'Usuń dysk logiczny'. 4) Kliknij przycisk 'Tak'. Jeśli system poprosi o zrestartowanie komputera, zrób to. Następnie powtórz krok 1 i 2 i kontynuuj od kroku 5. 5) Kliknij nieprzydzielone/wolne miejsce i wybierz opcję 'Nowa partycja', 'Nowy prosty wolumen' lub 'Nowy dysk logiczny'. 6) Zostanie uruchomione okno 'Kreatora partycji' lub 'Kreatora prostych wolumenów'. Postępuj zgodnie z instrukcjami. Na stronie zatytułowanej 'Formatowanie partycji', wybierz 'Nie formatuj tej partycji' lub 'Nie formatuj tego wolumenu'. W tym samym kreatorze, kliknij 'Dalej' a następnie 'Zakończ'. 7) Ścieżka urządzenia wybranego w programie VeraCrypt może być teraz nieprawidłowa. Dlatego wyjdź z kreatora tworzenia wolumenów VeraCrypt (jeśli jest nadal uruchomiony) i uruchom go ponownie. 8) Ponownie spróbuj zaszyfrować urządzenie.\n\nJeśli program VeraCrypt ponownie nie będzie mógł zaszyfrować urządzenia/partycji, należy rozważyć utworzenie pliku kontenera. + Błąd: System plików nie może być zablokowany i/lub odłączony. Może jest używany system operacyjny lub aplikacje (np. system antywirusowy). Szyfrowanie partycji może spowodować uszkodzenie danych i niedostępność systemu.\n\nProszę zamknąć wszystkie aplikacje, które mogą używać systemu plików (włączając w to system antywirusowy) i proszę spróbować ponownie. Jeżeli to nie pomoże, prosze postępować zgodnie z poniższymi krokami. + ostrzeżenie: Niektóre podłączone urządzenia/partycje były w użyciu!\n\nZignorowanie tego faktu może spowodować niepożądane skutki z niestabilnością systemu włącznie!\n\nNależy koniecznie zamknąć wszystkie aplikacje, które mogą używać tych urządzeń/partycji. + Wybrane urządzenie zawiera partycje.\n\nFormatowanie urządzenia może spowodować niestabilność i/lub uszkodzenie danych. Wybierz partycję na tym urządzeniu lub usuń z niego wszystkie partycje, aby umożliwić programowi VeraCrypt bezpieczne jej sformatowanie. + Wybrane nie systemowe urządzenie zawiera partycje.\n\nZadzyfrowane urządzenia w wolumenie VeraCrypt mogą być stworzone wewnątrz urządzenia, które nie zawiera żadnych partycji (włączając dyski twarde i pamięci dyskowe). Urządzenia zawierające partycje mogą być zaszyfrowane "w locie" (używając pojedynczego głównego klucza) tylko jeżeli dysk jest uruchomiony i jest na nim zainstalowany Windows.\n\nJeżeli chcesz zaszyfrować wybrany nie systemowy dysk używając pojedynczego głównego klucza, musisz najpierw usunąć wszystkie partycje na urządzeniu, aby bezpiecznie go sformatować w VeraCrypt (formatowanie urządzenia z istniejącymi partycjami może powodować niestabilność systemu i/lub uszkodzeniem danych). Opcjonalnie, możesz zaszyfrować osobno każdą partycję na dysku (każda partycja będzie zaszyfrowana używając innego głównego klucza).\n\nUwaga: Jeżeli chcesz usunąć wszystkie partycje z dysku GPT, możesz potrzebować wykonać konwersję do dysku MBR (używając np. narzędzi w Zarządzaj komputerem), aby usunąć ukryte partycje na dysku. + Uwaga: Jeśli zaszyfrujesz człe urządzenie (w przeciwieństwie do szyfrowania tylko jego partycji), system operacyjny będzie uważał urządzenie za nowe, puste i niesformatowane (jako że nie zawiera tablicy partycji) i może spontanicznie zainicjować urządzenia (lub spytać, czy ma to uczynić), co może uszkodzić wolumen. W konsekwencji po takim zdarzeniu może być niemożliwe montowanie wolumenu jako ulubionego (np. przy zmianie numeru dysku) lub przydzielenie mu etykiety ulubionego wolumenu.\n\nAby tego uniknąć, prosimy rozważyć utworzenie partycji na urządzeniu i zaszyfrowanie partycji.\n\nCzy na pewno zaszyfrować urządzenie w całości? + Uwaga: Proszę zapamiętać, że ten wolumen nie może być zamontowany/dostępny przy użyciu litery %c:, która jest obecnie przypisana do niej!\n\nAby zamontować ten wolumen, kliknij 'Podłącz automatycznie...' w głównym oknie VeraCrypt. Wolumen zostanie zamontowany pod inną literą dysku, którą wybierzesz z listy w głównym oknie VeraCrypt.\n\nOryginalna litera dysku %c: powinna być użyta tylko w przypadku, gdy chcesz usunąć szyfrowanie z partycji/dysku (np. jeżeli nie potrzebujesz więcej szyfrowania). W takim przypadku, kliknij prawy przycisk myszy na literze dysku %c: w 'Komputer' (lub 'Mój komputer') i wybierz 'Formatuj'. Inaczej litera dysku %c: nie będzie możliwa nigdy do użycia (chyba że ją usuniesz lub przypiszesz do innej partycji/dysku). + Szyfrowanie w miejscu nie jest obsługiwane w tej wersji systemu operacyjnego, który aktualnie używasz (obsługiwane są tylko Windows Vista i późniejsze wersje Windows).\n\nPowodem jest to, że ta wersja Windows nie obsługuje "przecinania" systemu plików (system plików musi być przycięty, aby zrobić miejsce na nagłówek wolumenu i na kopię nagłówka). + Wybrana partycja wygląda tak jakby nie zawierała systemu NTFS. Tylko partycje zawierające NTFS mogą być zaszyfrowane w miejscu (w czasie działania systemu).\n\nUwaga: Powód jest taki, że Windows nie obsługuje przycinania systemu plików innego typu poza NTFS (system plików musi być przycięty, aby zrobić miejsce na nagłówek wolumenu i na kopię nagłówka). + Wybrana partycja wygląda tak jakby nie zawierała systemu NTFS. Tylko partycje zawierające NTFS mogą być zaszyfrowane w miejscu (w czasie działania systemu).\n\nJeżeli chcesz stworzyć zaszyfrowany wolumen VeraCrypt w wolumenie wewnątrz niej, wybierz opcję "Stwórz zaszyfrowany wolumen i sformatuj go" (w opcji "Szyfruj partycję"). + Błąd: Partycja jest za mała. VeraCrypt nie może szyfrować jej "w locie". + Aby zaszyfrować dane na tej partycji, proszę postępować według następujących kroków:\n\n1) Stwórz wolumen w VeraCrypt na pustej partycji/urządzeniu i zamontuj go.\n\n2) Skopiuj wszystkie plik i foldery z partycji, którą chcesz zaszyfrować do zamontowanego wolumenu VeraCrypt (który została stworzony i zamontowany w kroku 1). Tym sposobem, będziesz mógł stworzyć zaszyfrowaną kopię danych i umieścić ją w VeraCrypt.\n\n3) Stwórz wolumen VeraCrypt na partycji, którą chcesz zaszyfrować i upewnij się, że masz zaznaczoną opcję (w Wizardzie VeraCrypt) "Stwórz zaszyfrowany wolumen i sformatuj go" (wewnątrz opcji "Szyfruj partycję"). Uwaga, wszystkie dane zapisane na partycji zostaną skasowane. Po stworzeniu wolumenu, zamontuj go.\n\n4) Skopij wszystkie pliki i foldery z wolumenu VeraCrypt (stworzonego i zamontowanego w kroku 1) do zamontowanego wolumenu VeraCrypt który został stworzony (i zamontowany) w kroku 3.\n\nPo wykonaniu powyższych kroków, wszystkie dane będą zaszyfrowane, i dodatkowo, będzie zaszyfrowana kopia tych danych. + VeraCrypt może szyfrować "w locie" tylko partycje, dynamiczne wolumeny, lub całe dyski systemowe.\n\nJeżeli chcesz stworzyć zaszyfrowany wolumen VeraCrypt wewnątrz zaznaczonego nie systemowego dysku, wybierz opcje "Stwórz zaszyfrowany wolumen i sformatuj go" (wewnątrz opcji "Szyfruj partycje"). + Błąd: VeraCrypt może szyfrować "w locie" tylko partycje, dynamiczne wolumeny, lub całe dyski systemowe. Proszę się upewnić, że wskazana ścieżka jest poprawna. + Błąd: Nie można przyciąć systemu plików (system plików do przycięcia wymaga zrobienia wolnego miejsca na nagłówek wolumenu i kopie bezpieczeństwa).\n\nMożliwe przyczyny i rozwiązania:\n\n- Mało wolnego miejsca na wolumenie. Spróbuj zrobić defragmentacje (prawy przycisk myszy na odpowiednim dysku w 'Mój komputer', wybierz Właściwości > Narzędzia > Defragmentuj teraz > Defragmentuj teraz). Jeżeli to nie pomoże, usuń powtarzające się pliki i opróżnij Kosz.\n\n- Uszkodzony system plików. Spróbuj sprawdzić i naprawić błędy (prawy przycisk myszy na odpowiednim dysku w 'Mój komputer', wybierz Właściwości > Narzędzia > 'Sprawdź teraz', upewnij się że opcja 'Automatycznie napraw błędy' jest włączona i włącz Rozpocznij).\n\nJeżeli powyższe kroki nie pomogły, postępuj następująco. + Błąd: Nie ma miejsca na wolumenie więc system plików nie może być przycięty (system plików do przycięcia wymaga zrobienia wolnego miejsca na nagłówek wolumenu i kopie bezpieczeństwa).\n\nProszę skasować powtarzające się pliki i opróżnić Kosz to może zwolnić miejsce i proszę spróbować jeszcze raz. Jeżeli nie możesz tego zrobić, postępuj następująco. + Wolne miejsce na dysku %s wynosi %.2f B. + Wolne miejsce na dysku %s wynosi %.2f KB + Wolne miejsce na dysku %s wynosi %.2f MB + Wolne miejsce na dysku %s wynosi %.2f GB + Wolne miejsce na dysku %s wynosi %.2f TB + Wolne miejsce na dysku %s wynosi %.2f PB + Nie można uzyskać dostępnej litery dysku. + Błąd: Nie znaleziono sterownika programu VeraCrypt.\n\nSkopiuj pliki 'veracrypt.sys' i 'veracrypt-x64.sys' do katalogu, w którym znajduje się główna aplikacja VeraCrypt (VeraCrypt.exe). + Błąd: Uruchomiona jest niezgodna wersja sterownika VeraCrypt.\n\nJeśli próbujesz uruchomic VeraCrypt w trybie przenośnym (tj bez jego instalacji) a zainstalowana jest juz inna wersja VeraCrypt, musisz ja odinstalować (lub zaktualizować przy użyciu instalatora VeraCrypt). Aby go odinstalować, wykonaj następujące kroki: W Windows Vista lub późniejszych, wybierz 'Menu Start' > Komputer > 'Odinstaluj lub zmień program' > VeraCrypt > Odinstaluj; na Windows XP, wybierz 'Menu Start' > Ustawienia > 'Panel sterowania' > 'Dodaj lub usuń programy' > VeraCrypt > Usuń.\n\nPodobnie, jeśli próbujesz uruchomić VeraCrypt w trybie przenośnym (tj bez jego instalacji) a działa już inna wersja VeraCrypt w trybie przenośnym, musisz najpierw zrestartować system a następnie uruchomić tylko tą nową wersję. + Błąd: Zainicjowanie szyfru nie powiodło się. + Błąd: Wykryto słaby lub potencjalnie słaby klucz. Klucz zostanie odrzucony. Ponów próbę. + Nastąpił błąd krytyczny i VeraCrypt musi zostać przerwany. Jeżeli jest to błąd VeraCrypt, spróbujemy go naprawić. Aby nam pomóc, możesz wysłać do nas automatycznie wygenerowany raport błędu zawierający:\n\n- Wersję programu\n- Wersję systemu operacyjnego\n- Nazwę komponentu VeraCrypt\n- Sumę kontrolną pliku wykonywalnego VeraCrypt\n- Symboliczną nazwę okienka dialogowego\n- Kategorię błędu\n- Adres błędu\n- Rodzaj CPU\n- Wywołanie stosu VeraCrypt\n\nJeżeli naciśniesz 'Tak', otworzy się strona WWW (z zawartością błędu) w twojej domyślnej przeglądarce Internetowej (może to trwać ok. 30 sekund).\n\n%hs\n\nCzy chcesz wysłać do nas raport o błędzie? + Wystąpił błąd krytyczy w Twoim systemie, co spowodowało zamknięcie VeraCrypt.\n\nBłąd nie wynika z działania VeraCrypt (więc development VeraCrypt nie naprawi go). Proszę, sprawdzić swój system pod kątem występowania problemów (np. konfiguracja systemu, połączenie sieciowe, uszkodzenia elementów sprzętowych). + Wystąpił krytyczny błąd systemu, wymagający zamknięcia VeraCrypt.\n\nJeśli problem będzie się powtarzał, wymagane będzie zablokowanie lub odinstalowanie aplikacji, które potencjalnie mogły spowodować problem, jak programy antywirusowe lub zabezpieczające internet, "polepszające", "optymizujące" lub "tweakujące" system, etc. Jeśli to nie pomoże, być może należy przeinstalować system operacyjny (Problem może być spowodowany przez malware). + Błąd krytyczny VeraCrypt + VeraCrypt wykrył, że padł ostatnio system operacyjny. Jest wiele potencjalnych przyczyn upadku systemu (na przykład wadliwy komponent sprzętowy, błąd w sterowniku urządzenia, itp.)\n\nCzy VeraCrypt ma sprawdzić cy to z jego powodu mógł nastąpić upadek systemu? + Czy VeraCrypt ma dalej wykrywać upadki systemu? + VeraCrypt nie odnalazł pliku minizrzutu po upadku systemu. + Czy chcesz usunąć plik zrzutu awaryjnego Windows, by zwolnić przestrzeń na dysku? + W celu wykonania analizy upadku systemu, VeraCrypt wymaga uprzedniej instalacji Microsoft Debugging Tools for Windows.\n\nPo wciśnięciu OK, Instalator Windows pobierze pakiet instalacyjny Microsoft Debugging Tools (16 MB) z serwera Microsoftu i zainstaluje go. (Instalator Windows zostanie przekierowany do na adres serwera Microsoft z serwera veracrypt.org server, co zapewni wykonanie procedury nawet jeśli Microsoft zmieni położenie pakietu instalacyjnego). + Po wciśnięciu OK, VeraCrypt wykona analizę upadku systemu. Może to potrwać kilka(naście) minut. + Sprawdź, czy zmienna systemowa 'PATH' zawiera ścieżkę do 'kd.exe' (Kernel Debugger). + Wydaje się, że VeraCrypt najprawdopodobniej nie spowodował upadku systemu. Istnieje wiele potencjalnych przyczyn upadku (na przykład wadliwy komponent sprzętowy, błąd w sterowniku urządzenia, itp.) + Wyniki analizy wskazują, że aktualizacja wskazanego sterownika może rozwiązać problem: + Aby pomóc nam określić, czy występuje błąd w VeraCrypt, proszę wysłać automatycznie wygenerowany raport zawierający następujące pozycje:\n- Wersja programu\n- Wersja systemu operacyjnego\n- Typ CPU\n- Kategoria błędu\n- Nazwa i wersja sterownika\n- Stos wywołań systemowych\n\nJeśli wybierzesz 'Tak', poniższy URL (zawierający pełny raport błędu) zostanie otwarty w domyślnej przeglądarce internetowej. + Czy chcesz wysłać powyższy raport błędu? + &Zaszyfruj + &Odszyfruj + &Trwale odszyfruj + Wyjście + Utwórz dysk logiczny na tej partycji rozszerzonej, następnie ponów próbę. + Wolumen VeraCrypt jest umieszczony w pliku (zwanym kontenerem/magazynem VeraCrypt), który może być umieszczony na dysku twardym lub USB itp. Magazyn VeraCrypt jest jak normalny plik (może on być, np. przeniesiony lun skasowany jak każdy normalny plik). Kliknij 'Wybierz plik' i wybierz nazwę pliku dla magazynu i wybierz lokalizację, gdzie chcesz, aby został stworzony.\n\nUwaga: Jeżeli wybierzesz istniejący plik, VeraCrypt NIE zaszyfruje go; plik zostanie skasowany i zastąpiony nowo tworzonym magazynem VeraCrypt. Jeżeli chcesz zaszyfrować istniejący plik (lub później) przesuń go do magazynu VeraCrypt, który teraz tworzysz. + Wybierz miejsce, gdzie będzie stworzony zewnętrzny wolumen (bez tego wolumenu ukryty wolumen będzie stworzony później).\n\nWolumen VeraCrypt będzie umieszczony w pliku (zwanym kontenerem/magazynem VeraCrypt), który będzie umieszczony na dysku twardym, na USB itp.. Magazyn VeraCrypt może być przesunięty lub skasowny jak normalny plik. Kliknij 'Wybierz plik' aby wybrać nazwę pliku dla magazynu i wybierz lokalizację w której ma on być stworzony. Jeżelu wybierzesz istniejący plik, VeraCrypt NIE zaszyfruje go; będzie ona skasowany i zastąpiony nową zawartością magazynu. Możesz zaszyfrować plik teraz (lub później) przesuwając go do kontenera/magazynu VeraCrypt, który teraz tworzysz. + Zaszyfrowane urządzenie - wolumen VeraCrypt może być stworzone wewnątrz partycji na dysku twardym, pamięci przenośnej, pamięciach USB, i innych obsługiwanych urządzeniach. Partycje mogą być zaszyfrowanie "w locie".\n\nW dodatku, zaszyfrowane urządzenia - wolumeny VeraCrypt mogą być tworzone wewnątrz urządzeń, które nie zawierają partycji (włącznie z dyskami twardymi i pamięciami przenośnymi).\n\nUwaga: Urządzenie które zawiera partycje może być całkowicie zaszyfrowane w "locie" (używając pojedynczego klucza) tylko jeżeli jest uruchomione i zainstalowany jest Windows. + Urządzenie - wolumen VeraCrypt może być stworzone wewnątrz partycji na dysku twardym, pamięci przenośnej, pamięciach USB, i innych obsługiwanych urządzeniach.\n\nUwaga: Pamiętaj że partycja/urządzenie będzie sformatowane i wszystkie dane zawarte na nim będą utracone. + \nWybierz lokalizację poza tworzonym wolumenem (wewnątrz którego będzie stworzony ukryty wolumen).\n\nZewnętrzny wolumen może być stworzony wewnątrz partycji na dysku twardym, pamięci zewnętrznej, pamięci USB, i innych obsługiwanych urządzeniach. Zewnętrzne wolumeny mogą być więc tworzone wewnątrz urządzeń, które nie zawierają partycji (włącznie z dyskami twardymi i pamięciami przenośnymi).\n\nOstrzeżenie: Pamiętaj że partycja/urządzenie będzie sformatowane i wszystkie dane zawarte na nim będą utracone. + Wybierz lokalizację wolumenu VeraCrypt, w którym chcesz utworzyć wolumen ukryty. + Ostrzeżenie: Plik/urządzenie jest aktualnie w użyciu!\n\nZignorowanie tego ostrzeżenia może spowodować nieoczekiwane rezultaty, z niestabilnością systemu włącznie. Przed podłączeniem tego wolumenu należy zamknąć wszystkie aplikacje, które mogą używać tego pliku/urządzenia.\n\nCzy kontynuować podłączanie wolumenu? + Błąd: Nie można podłączyć wolumenu. Plik/urządzenie jest aktualnie w użyciu. Próba podłączenia bez dostępu na wyłączność także zakończyła się niepowodzeniem. + Nie można otworzyć pliku. + Lokalizacja wolumenu + Duże pliki + Czy planujesz przechowywać pliki większe niż 4 GB w tym wolumenie VeraCrypt? + Polegając na Twoim wyborze, VeraCrypt będzie wybierał odpowiednio domyślny system plików wolumenu VeraCrypt (będziesz mógł wybrać system plików w kolejnym kroku). + Ponieważ wybierasz tworzenie zewnętrznego wolumenu, powinieneś rozważyć wybranie 'Nie'. Jeżeli wybierzesz 'Tak', domyślnie system plików będzie NTFS, który nie jest najdogodniejszy dla zewnętrznych wolumenów tak jak FAT (np. największa możliwa wielkość ukrytego wolumenu zostanie oznaczona jeżeli jest system plików FAT). Normalnie, FAT jest domyślnym systemem dla obu wolumenów: Ukrytego i normalnego (więc wolumeny FAT nie są podejrzane). Jednakże, jeżeli użytkownik sygnalizuje trzymanie plików większych niż 4 GB (gdzie na systemie FAT są one niedozwolone), system FAT nie jest domyślnym. + Czy jesteś pewien że chcesz wybrać 'Tak'? + Tryb tworzenia wolumenu + To jest najszybsza droga do stworzenia partycji lub urządzenia z wolumenem VeraCrypt (szyfrowanie "w locie" z dodatkowymi opcjami jest wolniejsze ponieważ zawartość każdego sektora musi być najpierw przeczytana, zaszyfrowana i dopiero zapisana). Jakiekoliwek dane zapisane na obecnie wybranej partycji/urządzeniu zostaną utracone (dane NIE zostaną zaszyfrowane; zostaną pokryte przypadkowymi bitami). Jeżeli chcesz zaszyfrować istniejące dane na partycji, wybierz inną opcję. + Cała wybrana partycja i wszystkie zapisane na niej dane zostaną zaszyfrowane "w locie/w miejscu". Jeżeli partycja jest pusta, powinieneś wybrać inną opcję (wolumen zostanie stworzony znacznie szybciej). + Informacja: + &Wznów + &Opóźnij + &Rozpocznij + &Kontynuuj + &Sformatuj + &Wyczyść + Przerwać formatowanie? + Pokaż więcej informacji + Nie pokazuj tego ponownie + Zawartość partycji/dysku została pomyślnie usunięta.. + Zawartość partycji, gdzie znajdował się oryginalny system operacyjny (jego klon jest w ukrytym systemie) został poprawnie skasowany. + Proszę upewnić się że wersja Windows, którą instalujesz jest tą samą wersją, którą masz obecnie uruchomioną. To jest wymagane ponieważ oba systemy współdzielą boot partycje. + Partycja/dysk systemowy został skutecznie zaszyfrowany.\n\nUwaga: Jeśli występują bezsystemowe wolumeny VeraCrypt, które wymagają automatycznego montowania przy starcie Windows, można to ustawić przez zamontowanie ich i wybranie 'Ulubione' > 'Dodaj zamontowany wolumen do ulubionych systemu'). + Pomyślnie odszyfrowano partycję lub dysk systemowy. + \n\nWolumen VeraCrypt został utworzony i jest gotowy do użycia. Jeśli chcesz utworzyć inny wolumen VeraCrypt, kliknij przycisk Dalej. W przeciwnym wypadku kliknij przycisk Wyjście. + \n\nUkryty wolumen VeraCrypt został pomyślnie stworzony (ukryty system operacyjny został umieszczony wewnątrz ukrytego wolumenu).\n\nNaciśnij Dalej, aby kontynuować. + Cały wolumen zaszyfrowany + Wolumen w pełni odszyfrowany + WAŻNE: ABY DOSTAĆ SIĘ DO DANYCH W NOWYM WOLUMENIE VERACRYPT PODŁĄCZ GO, KLIKNIJ 'Podłącz automatycznie' W GŁÓWNYM OKNIE VERACRYPT. Po wprowadzeniu poprawnego hasła (i/lub wskazania poprawnego pliku-klucza), wolumen zostanie podłączony pod literę dysku wybraną z listy w oknie VeraCrypt (i będziesz miał dostęp do zaszyfrowanych danych poprzez ten dysk).\n\nPROSZĘ ZAPAMIĘTAĆ LUB ZAPISAĆ SOBIE POWYŻSZE KROKI. MUSISZ TAK POSTĘPOWAĆ JEŻELI KIEDYKOLWIEK CHCESZ PODŁĄCZYĆ WOLUMEN I MIEĆ DOSTĘP DO DANYCH ZAWARTYCH W NIM. Opcjonalnie, w głównym oknie VeraCrypt, kliknij 'Wybierz urządzenie', wybierz partycję lub wolumen, kliknij 'Podłącz'.\n\nPartycja/wolumen zostanie poprawnie odszyfrowana (zawartość wolumenu jest zaszyfrowana przez VeraCrypt) i jest gotowa do użycia. + Wolumen VeraCrypt został pomyślnie odszyfrowany. + Wolumen VeraCrypt został pomyślnie odszyfrowany.\n\nProszę wybrać literę napędu, którą chcesz przypisać odszyfrowanemu wolumenowi oraz kliknąć Zakończ.\n\nWAŻNE: Dopóki litera napędu nie jest przypisana do odszyfrowanego napędu, dopóty nie będziesz mieć dostępu do danych zgromadzonych na wolumenie. + Ostrzeżenie: Aby mieć dostęp do odszyfrowanych danych, litera napędu musi być przypisana do odszyfrowanego wolumenu. Jednak obecnie nie jest dostępna żadna litera napędu.\n\nProszę zwolnić literę napędu (na przykład poprzez odłącznie napędu flash USB albo zewnętrznego dysku twardego, etc.) oraz kliknąć OK. + Wolumen VeraCrypt został pomyślnie utworzony. + Utworzono wolumen + Ważne: Wykonuj w tym oknie losowe ruchy myszą. Im dłużej to robisz, tym lepiej. Poprawia to znacząco kryptograficzną jakość kluczy. Następnie kliknij przycisk Sformatuj, aby utworzyć wolumen. + Kliknij Sformatuj, aby utworzyć wolumen zewnętrzny. Aby uzyskać więcej informacji, skorzystaj z dokumentacji. + Formatowanie wolumenu zewnętrznego + Formatowanie wolumenu ukrytego + Formatowanie wolumenu + Do wyświetlenia lub wydrukowania instrukcji użytkownika programu VeraCrypt jest wymagany program Adobe Reader (lub kompatybilny). Program Adobe Reader można bezpłatnie pobrać z serwisu: www.adobe.com\n\nCzy chcesz teraz obejrzeć dokumentację? + Jeśli wybierzesz tę opcję, kreator najpierw pomoże w utworzeniu zwykłego wolumenu programu VeraCrypt, a następnie wolumenu ukrytego (wewnątrz wolumenu zwykłego). Niedoświadczeni użytkownicy powinni zawsze wybierać tę opcję. + Zamierzasz utworzyć wolumen ukryty w istniejącym wolumenie VeraCrypt. Zostało przyjęte założenie, że właśnie utworzono wolumen VeraCrypt odpowiedni do przechowywania wolumenu ukrytego. + Tryb tworzenia wolumenu + Wolumen ukryty został utworzony + Ukryty wolumen VeraCrypt został pomyślnie utworzony i jest gotowy do użycia. Jeśli wykonano wszystkie instrukcje a ostrzeżenia wymagania wymienione w sekcji "Security Requirements and Precautions Pertaining to Hidden Volumes" w Instrukcji użytkownika VeraCrypt, powinno być niemożliwe udowodnienie że ukryty wolumen istnieje, nawet, gdy wolumen zewnętrzny jest zamontowany.\n\nUWAGA: JEŚLI NIE CHRONISZ UKRYTEGO WOLUMENU (BY DOWIEDZIEĆ SIĘ JAK, CZYTAJ W SEKCJI "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" W INSTRUKCJI UŻYTKOWNIKA VERACRYPT), NIE ZAPISUJ NA WOLUMINIE ZEWNĘTRZNYM. INACZEJ MOŻESZ NADPISAĆ I USZKODZIĆ WOLUMEN UKRYTY! + Wystartowałeś ukryty system operacyjny. Jak zostałeś poinformowany, ukryty system operacyjny zostanie zainstalowany na tej samej partycji co oryginalny system operacyjny. Jednakże, w rzeczywistości, jest on zainstalowany na zewnątrz partycji - za nią (w ukrytym wolumenie). Wszystkie odczyty i zapisy będą transparentnie przekazywane z oryginalnej partycji systemowej do ukrytego wolumenu.\n\nŻaden system operacyjny lub aplikacja nie wie że zapis danych i odczyt z partycji systemowej są realizowane spoza partycji (od/do ukrytego wolumenu). Wszystkie szukane dane są szyfrowanie i deszyfrowane w locie.\n\n\nProszę kliknąć Dalej, aby kontynuować. + Zewnętrzny wolumen został stworzony i podłączony jako %hc:. Do tego wolumenu możesz skopiować jakieś pliki, które aktualnie nie były ukryte.\n\nWażne: Pliki kopiowane na zewnętrzny wolumen nie powinny być większe niż %s. Inaczej, może nie być wystarczającej ilości wolnego miejsca na zewnętrznym wolumenie dla ukrytego wolumenu (i nie da się przejść dalej). Po zakończeniu kopiowania, kliknij Dalej (nie odłączaj wolumenu). + Wolumen zewnętrzny został pomyślnie utworzony i podłączony jako dysk %hc:. Należy teraz skopiować do niego dane sprawiające wrażenie cennych, a których w rzeczywistości NIE chcesz chronić. Dane te będą udostępnione osobie zmuszającej Cię do wyjawienia hasła. Możesz zdradzić tylko hasło do wolumenu zewnętrznego, a nie do ukrytego. Dane, które NAPRAWDĘ chcesz chronić, będą zapisywane w wolumenie ukrytym, który zostanie utworzony później. Kiedy skończysz kopiowanie, kliknij przycisk Dalej. Nie odłączaj tego wolumenu.\n\nPamiętaj: Po kliknięciu przycisku Dalej, mapa bitowa klastrów wolumenu zewnętrznego zostanie przeskanowana w celu określenia wielkości ciągłego obszaru wolnego, którego koniec pokrywa się z końcem wolumenu. Ten obszar może być wykorzystany przez wolumen ukryty i ogranicza jego maksymalną wielkość. Skanowanie mapy bitowej klastrów zapewnia, że żadne dane wolumenu zewnętrznego nie zostaną nadpisane przez wolumen ukryty. + Zawartość wolumenu zewnętrznego + \n\nW następnym kroku należy ustawić opcje dla wolumenu zewnętrznego (w którym później będzie utworzony wolumen ukryty). + \n\nW następnym kroku, stworzysz tak zwany zewnętrzny wolumen VeraCrypt będzie on pierwszą partycją za partycją systemową (jak zostało to wytłumaczone w poprzednich krokach). + Wolumen zewnętrzny + W obecnym kroku, możesz ustawić opcję i hasło dla ukrytego wolumenu, w który będzie zawierał ukryty system operacyjny.\n\nUwaga: Klaster zewnętrznego wolumenu został sprawdzony, aby wykryć wielkość nieprzerwanego wolnego obszaru. Ten obszar będzie mieścił ukryty wolumen, więc limitem jest maksymalna możliwa wielkość. Maksymalna możliwa wielkość ukrytego wolumenu została wykryta i zatwierdzona jako najlepsza wielkość partycji systemowej (jaka jest wymagana, ponieważ cała zawartość partycji systemowej zostanie skopiowana do ukrytego wolumenu). To zapewnia, że żadne dane obecnie zeskładowane na zewnętrznym wolumenie nie zostaną pokryte na obszarze ukrytego wolumenu. + WAŻNE: Proszę pamiętać wybrany algorytm w tym kroku. Będziesz musiał wybrać ten sam algorytm dla systemu zwodzącego. Inaczej ukryty system będzie niedostępny! (System zwodzący musi być zaszyfrowany tym samym algorytmem szyfrowania jak ukryty system.)\n\nUwaga: Powodem jest to, że system zwodzący i ukryty będą współdzielić program startowy, który obsługuje tylko jeden sposób (algorytm) szyfrowania, wybrany przez użytkownika (dla każdego algorytmu jest specjalna wersja programu startowego VeraCrypt). + \n\nMapa bitowa klastrów została przeskanowana i została ustalona maksymalna możliwa wielkość wolumenu ukrytego. W następnym kroku należy ustawić opcje, wielkość i hasło wolumenu ukrytego. + Wolumen ukryty + Wolumen ukryty jest teraz zabezpieczony przed uszkodzeniem na czas podłączenia wolumenu zewnętrznego.\n\nOSTRZEŻENIE: W przypadku próby zapisania danych w wolumenie zewnętrznym program VeraCrypt włączy blokadę zapisu dla całego wolumenu (zarówno dla części zewnętrznej jak i wewnętrznej) aż do momentu odłączenia. To może spowodować uszkodzenie systemu plików wolumenu zewnętrznego, oraz (jeśli się powtarza) zagrożenie zapewnienia możliwości wiarygodnego zaprzeczenia istnienia wolumenu ukrytego. Dlatego nie należy zapisywać danych w obszarze zajmowanym przez wolumen ukryty. Wszystkie dane zapisywane w obszarze zajmowanym przez wolumen ukryty nie zostaną zapisane i będą utracone. System Windows może to zgłaszać jako błąd zapisu ("Opóźniony zapis nie powiódł się" lub "Parametr jest niepoprawny"). + Każdy z wolumenów ukrytych wewnątrz nowo podłączanych wolumenów jest teraz zabezpieczony przed uszkodzeniem do momentu odłączenia.\n\nOSTRZEŻENIE: W przypadku próby zapisania danych w wolumenie zewnętrznym program VeraCrypt włączy blokadę zapisu dla całego wolumenu (zarówno dla części zewnętrznej jak i wewnętrznej) aż do momentu odłączenia. To może spowodować uszkodzenie systemu plików wolumenu zewnętrznego, oraz (jeśli się powtarza) zagrożenie zapewnienia możliwości wiarygodnego zaprzeczenia istnienia wolumenu ukrytego. Dlatego nie należy zapisywać danych w obszarze zajmowanym przez wolumen ukryty. Wszystkie dane zapisywane w obszarze zajmowanym przez wolumen ukryty nie zostaną zapisane i będą utracone. System Windows może to zgłaszać jako błąd zapisu ("Opóźniony zapis nie powiódł się" lub "Parametr jest niepoprawny"). + OSTRZEŻENIE: Próba zapisu danych w obszarze zarezerwowanym dla wolumenu ukrytego w wolumenie podłączonym jako %c:! Program VeraCrypt zapobiegł zapisowi tych danych z powodu ochrony wolumenu ukrytego. Mogło to spowodować uszkodzenie systemu plików wolumenu zewnętrznego. System Windows może to zgłaszać jako błąd zapisu ("Opóźniony zapis nie powiódł się" lub "Parametr jest niepoprawny"). Program VeraCrypt włączy blokadę zapisu dla całego wolumenu (zarówno dla części zewnętrznej jak i wewnętrznej) aż do momentu odłączenia. Jeśli to nie jest pierwszy przypadek uniemożliwienia przez program VeraCrypt zapisu w obszarze wolumenu ukrytego, wiarygodne zaprzeczenie istnienia wolumenu ukrytego może być zagrożone (przez możliwe wystąpienie nienormalnie skorelowanych niespójności w systemie plików wolumenu zewnętrznego). Dlatego należy rozważyć utworzenie nowego wolumenu VeraCrypt (z wyłączoną opcją szybkiego formatowania) i przenieść pliki z tego wolumenu do nowego. Po przeniesieniu danych nieużywany już wolumen powinien zostać wymazany w sposób bezpieczny (zarówno część zewnętrzna jak i ukryta). Należy teraz koniecznie ponownie uruchomić system. + Wskazujesz chęć przechowywania plików większych niż 4 GB w wolumenie. Wymaga to, by wolumen był sformatowany jako NTFS, co jednak nie będzie możliwe. + Zauważ, że gdy uruchomiony jest ukryty system operacyjny, nieukryte wolumeny VeraCrypt nie moga byc sformatowane jako NTFS. Powodem jest, że wolumen wymagać będzie tymczasowego podłączenia bez zabezpieczenia przed zapisem, aby system operacyjny mógł sformatować go jako NTFS (formatowanie jako FAT natomiast jest wykonywane przez VeraCrypt, nie system operacyjny, i bez podłączania wolumenu). Patrz niżej, by poznać szczegóły techniczne. Możesz utworzyć nieukryty wolumen NTFS ze zwodzącego systemu operacyjnego. + Z powodów bezpieczeństwa, kiedy jest uruchomiony ukryty system operacyjny, możesz tworzyć tylko wolumeny w trybie 'direct (bezpośrednio)' (ponieważ zewnętrzny wolumen musi być zawsze zamontowany w trybie tylko do odczytu zewnętrznego). Aby stworzyć bezpieczny ukryty wolumen, postępuj zgodnie z wskazówkami:\n\n1) Uruchom pierwszy system.\n\n2) Stwórz normalny wolumen VeraCrypt i do tego wolumenu skopuj jakieś pliki, które nie będą aktualnie chronione i ukryte (wolumen będzie zewnętrznym wolumenem).\n\n3) Uruchom ukryty system operacyjny i uruchom kreatora wolumenów VeraCrypt. Jeżeli wolumen jest w pliku, przesuń go do partycji systemowej lub do innego ukrytego wolumenu (inaczej nowo stworzony ukryty wolumen może być podłączony tylko do odczytu i nie może być sformatowany). Postępuj zgodnie z instrukcjami w kreatorze i wybierz tryb 'direct (bezpośredni)' tworzenia ukrytego wolumenu.\n\n4) W kreatorze, wybierz wolumen który stworzyłeś w kroku 2 i postępuj zgodnie z instrukcjami tworzenia ukrytego wolumenu. + Z powodów bezpieczeństwa, kiedy jest uruchomiony ukryty system operacyjny, lokalne niezaszyfrowane systemy plików i nie ukryte wolumeny VeraCrypt są zamontowane tylko od odczytu (nie można na nich zapisać żadnych danych).\n\nDane są dostępne do zapisu na każdym systemie plików który rezyduje w ukrytym wolumenie VeraCrypt (dostarczony ukryty wolumen nie jest umieszczony na niezaszyfrowanym systemie plików lub na żadnym systemie plików tylko do odczytu). + Są trzy główne powody dla których podjęte zostały środki zaradcze:\n\n- Umożliwia tworzenie bezpiecznej platformy dla bezpiecznego montowania ukrytych wolumenów VeraCrypt. Zauważ, że oficjalnie zalecamy, by ukrytw wolumeny były montowane tylko wtedy, gdy uruchomiony jest ukryty system operacyjny. (By uzyskać więcej informacji przeczytaj podrozdział dokumentacji 'Security Requirements and Precautions Pertaining to Hidden Volumes'.)\n\n- W pewnych przypadkach możliwe jest ustalenie tego, że dany system plików nie został zamontowany pod (lub że dany plik w systemie plików nie został zapisany lub udostępniony z poziomu) określonej instancji systemu operacyjnego (np przez analizę i porównanie dzienników systemu plików, stempli czasowych pliku, logów aplikacji, logów błędów itp.). To może wskazywać, że ukryty system operacyjny został zainstalowany na komputerze. Środki zaradcze zapobiegają takim przypadkom.\n\n- Zapobiegają uszkodzeniu danych i pozwalają na bezpieczne usypianie. Kiedy Windows wznawia pracę po uśpieniu, zakłada, że wszystkie zamontowane systemy plików są w tym samym stanie w jakim system został uśpiony. VeraCrypt zapewnia to przez zabezpieczenie przed zapisem dowolnego systemu plików dostępnego zarówno z systemu zwodzącego jak i ukrytego. Bez takiego zabezpieczenia system plików mógłby zostać uszkodzony podczas montowania przez jeden z systemów podczas, gdy drugi jest uśpiony. + Uwaga: Jeżeli potrzebujesz szyfrowanej transmisji plików pomiedzy pierwszym systemem a ukrytym systemem, postępuj wg kroków: 1) Uruchom pierwszy system (decoy system). 2) Zapisz pliki na niezaszyfrowanym wolumenie lub na zewnętrznym/normalnym wolumenie VeraCrypt. 3) Uruchom ukryty sytsem operacyjny. 4) Jeżeli zapisałeś pliki na wolumenie VeraCrypt, podłącz go (zostanie on automatycznie podłączony jako tylko do odczytu). 5) Skopiuj pliki do ukrytego systemu operacyjnego lub do innego ukrytego wolumenu. + Komputer musi być ponownie uruchomiony.\n\nCzy wykonać to teraz? + Wystąpił błąd podczas pobierania statusu szyfrowania systemu. + Nie określono hasła w linii poleceń. Wolumen nie może zostać stworzony. + Nie określono rozmiaru w linii poleceń. Wolumen nie może zostać stworzony. + Rozmiar plku wolumenu określonego w linii poleceń jest niekompatybilny z wybranym systemem plików NTFS. + Rozmiar plku wolumenu określonego w linii poleceń jest niekompatybilny z wybranym systemem plików FAT32. + System plików napędu docelowego nie obsługuje tworzenia plików rozrzedzonych, które wymagają wolumeny dynamiczne. + Tylko pliki kontenera mogą być tworzone poprzez linię poleceń. + Rozmiar pliku kontenera określony w linii poleceń jest większy niż dostępna ilość wolnego miejsca na dysku. Wolumen nie może zostać stworzony. + Rozmiar wolumenu określony w linii poleceń jest zbyt mały. Wolumen nie może zostać stworzony. + Rozmiar wolumenu określony w linii poleceń jest zbyt mały. Wolumen nie może zostać stworzony. + Nie można zainicjować komponentów aplikacji dla szyfrowania systemu. + Błąd inicjowania generatora liczb losowych! + Błąd API Windows Crypto!\n\n\n(Jeżeli zgłosisz powiązany z tym błąd, proszę dołączyć następujące informacje techniczne w raporcie błędu:\n%hs, Last Error = 0x%.8X) + Nie można zainicjować aplikacji. Błąd rejestracji klasy okna dialogowego. + BŁĄD: Nie można załadować systemowej biblioteki edytora Rich Edit. + Kreator tworzenia wolumenów VeraCrypt + Maksymalna możliwa wielkość wolumenu ukrytego dla tego wolumenu (w bajtach): %.2f. + Maksymalna możliwa wielkość wolumenu ukrytego dla tego wolumenu (w kilobajtach): %.2f. + Maksymalna możliwa wielkość wolumenu ukrytego dla tego wolumenu (w megabajtach): %.2f. + Maksymalna możliwa wielkość wolumenu ukrytego dla tego wolumenu (w gigabajtach): %.2f. + Maksymalna możliwa wielkość wolumenu ukrytego dla tego wolumenu (w terabajtach): %.2f. + Nie można zmienić hasła/pliku-klucza dla podłączonego wolumenu. Najpierw należy odłączyć ten wolumen. + Nie można zmienić algorytmu klucza nagłówka dla podłączonego wolumenu. Najpierw należy odłączyć ten wolumen. + &Podłącz + Do podłączenia tego wolumenu jest wymagana nowsza wersja programu VeraCrypt. + Błąd: Nie znaleziono kreatora wolumenów VeraCrypt.\n\nUpewnij się, że plik 'VeraCrypt Format.exe' znajduje się w katalogu, z którego uruchomiono 'VeraCrypt.exe'. Jeśli nie, ponownie zainstaluj program VeraCrypt lub znajdź program 'VeraCrypt Format.exe' na dysku i uruchom go. + Bład: Nie odnaleziono rozszerzacza wolumenu.\n\nProszę upewnić się, że plik 'VeraCryptExpander.exe' znajduje się w folderze, z którego uruchomiono 'VeraCrypt.exe'. Jeżeli nie, proszę przeinstalować VeraCrypt albo zlokalizować 'VeraCryptExpander.exe' na dysku i uruchomić. + &Dalej > + &Zakończ + &Zainstaluj + Wy&odrębnij + Nie można połączyć ze sterownikiem urządzenia VeraCrypt. Program VeraCrypt nie może pracować, jeśli sterownik nie jest uruchomiony.\n\nZ powodu rozwiązań przyjętych w systemie Windows przed załadowaniem sterownika może być konieczne wylogowanie lub restart systemu. + Wystąpił błąd w czasie ładowania/przygotowania czcionek. + Nie podano lub nie znaleziono litery dysku. + Błąd: Nie można przypisać litery napędu.\n\nDopóki litera napędu nie jest przypisana do odszyfrowanego napędu, dopóty nie będziesz mieć dostępu do danych zgromadzonych na wolumenie.\n\nPonowić? + Litera dysku nie jest dostępna. + Nie wybrano pliku! + Nie ma dostępnych liter dysków. + Nie ma wolnej litery dysku dla oznaczenia wolumenu zewnętrznego! Nie można kontynuować tworzenia wolumenu. + Nie można ustalić wersji używanego systemu operacyjnego albo używasz nieobsługiwanego systemu operacyjnego. + Nie wybrano ścieżki! + Niewystarczająca ilość wolnego miejsca dla wolumenu ukrytego! Nie można kontynuować tworzenia wolumenu. + BŁĄD: Pliki kopiowane do zewnętrznego wolumenu wymagają więcej miejsca. Brak jest wolnego miejsca na zewnętrznym wolumenie dla ukrytego wolumenu.\n\nPamiętaj, że wielkość ukrytego wolumenu musi być większa od systemowej partycji (od partycji, gdzie aktualnie uruchomiony jest system operacyjny). Powód jest taki, że ukryty system operacyjny musi być stworzony przez skopiowanie zawartości partycji systemowej do ukrytego wolumenu.\n\n\nProces tworzenia ukrytego systemu operacyjnego nie może być kontynuowany. + Sterownik nie może odłączyć wolumenu. Prawdopodobnie niektóre z umieszczonych w nim plików wciąż są otwarte. + Nie można zablokować wolumenu. Niektóre z umieszczonych w nim plików wciąż są otwarte. Dlatego nie można odłączyć wolumenu. + VeraCrypt mie może zablokować wolumenu ponieważ jest on używany przez system lub aplikacje (mogą być otwarte pliki na wolumenie).\n\nCzy chcesz wymusić odłączenie wolumenu? + Wybierz wolumen VeraCrypt + Podaj ścieżkę i nazwę pliku + Wybierz PKCS #11 bibliotekę + Brak pamięci + WAŻNE: Mocno rekomendujemy niedoświadczonym użytkownikom tworzenie kontenerów VeraCrypt w plikach na wybranych urządzeniach/partycjach, zamiast szyfrować całe urządzenie/partycję.\n\nKiedy tworzysz kontener VeraCrypt plik (jako alternatywę zaszyfrowania urządzenia lub partycji) nie ma ryzyka np. uszkodzenia dużej ilości plików. Pamiętaj, że kontener - plik VeraCrypt (każdy wirtualny zaszyfrowany dysk) jest tak jak każdy normalny plik. Po więcej informacji, zajrzyj do instrukcji Beginner's Tutorial w dokumentacji VeraCrypt.\n\nCzy jesteś pewien że chcesz zaszyfrować całe urządzenie/partycję? + OSTRZEŻENIE: Plik '%s' już istnieje!\n\nWAŻNE: PROGRAM VERACRYPT NIE ZASZYFRUJE TEGO PLIKU, ALE GO USUNIE! Czy na pewno usunąć ten plik i zastąpić go nowym kontenerem VeraCrypt? + UWAGA: WSZYSTKIE PLIKI OBECNIE ZAPISANE W %s '%s'%s BĘDĄ USUNIĘTE I ZOSTANĄ UTRACONE (NIE BĘDĄ ZASZYFROWANE)!\n\nCzy na pewno chcesz kontynuować formatowanie? + UWAGA: Nie zostaniesz dopuszczony do podłączenia wolumenu lub dostępu do zapisanych plików dopóki nie zostaną one w pełni zaszyfrowane.\n\nCzy jesteś pewien, że chcesz uruchomić szyfrowanie: %s '%s'%s? + UWAGA: Nie będziesz mógł zamontować wolumenu oraz mieć dostępu do jakichkolwiek plików zgromadzonych na nim, aż nie zostanie w pełni odszyfrowany.\n\nCzy na pewno chcesz rozpocząć odszyfrowywanie wybranego %s '%s'%s? + UWAGA: Należy pamiętać, że jeśli zasilanie zostanie nagle przerwane podczas szyfrowania lub deszyfrowania istniejących danych "w locie", lub gdy nastąpi awaria systemu operacyjnego z powodu błędu oprogramowania lub sprzętu, podczas gdy VeraCrypt szyfruje lub deszyfruje istniejące dane "w locie", część danych zostanie uszkodzona lub utracona. W związku z tym, przed rozpoczęciem szyfrowania lub deszyfrowania, upewnij się, że masz kopie zapasowe plików, które chcesz zaszyfrować lub odszyfrować.\n\nCzy masz taką kopię zapasową? + UWAGA: KAŻDE PLIKI AKTUALNIE ZAPISANE NA PARTYCJI '%s'%s (NP. NA PIERWSZEJ PARTYCJI ZA PARTYCJĄ SYSTEMOWĄ) ZOSTANĄ SKASOWANE I UTRACONE (NIE BĘDĄ ONE ZASZYFROWANE)!\n\nCzy jesteś pewien, że chcesz kontynuować z formatowaniem? + UWAGA: WYBRANA PARTYCJA ZAWIERA DUŻĄ ILOŚĆ DANYCH! Wszystkie pliki zapisane na partycji zostaną skasowane i utracone (NIE będą one zaszyfrowane)! + Skasowanie wszystkich zapisanych plików na partycji przez stworzenie wewnątrz wolumenu VeraCrypt + Hasło + MOI + Ustaw algorytm klucza nagłówka + Dodaj lub usuń pliki-klucze do lub z wolumenu + Usuń wszystkie pliki-klucze z wolumenu + Hasło, MOI i/lub pliki-klucze pomyślnie zmienione.\n\nWAŻNE: Proszę się upewnić, że przeczytałeś sekcje 'Changing Passwords and Keyfiles' w rozdziale 'Security Requirements and Precautions' w dokumentacji VeraCrypt. + Ten wolumen jest zarejestrowany jako ulubiony systemu. \nCzy chcesz, aby VeraCrypt automatycznie uaktualnił konfigurację ulubionych systemu (wymagane uprawnienia administratora)?\n\nProszę zauważyć, że jeśli wybierzesz "nie", będziesz musiał uaktualnić ręcznie ulubione systemu. + WAŻNE: Jeżeli nie zniszczyłeś płyty ratunkowej VeraCrypt, twój system partycja/dysk może być ciągle odszyfrowany używając starego hasła (poprzez uruchomienie płyty ratunkowej VeraCrypt i wprowadzeniu starego hasła). Powinieneś stworzyć nową płytę ratunkową VeraCrypt i później skasować starą.\n\nCzy chcesz stworzyć nową płytę ratunkową VeraCrypt? + Płyta ratunkowa programu VeraCrypt nadal używa poprzedniego algorytmu. Jeśli poprzedni algorytm uważany jest za niebezpieczny, należy utworzyć nową płytę ratunkową i zniszczyć poprzednią.\n\nCzy chcesz utworzyć nową płytę ratunkową? + Plik dowolnego typu (np. .mp3, .jpg, .zip, .avi) może zostać użyty jako plik-klucza VC. Zauważ, że VC nigdy nie zmienia zawartości pliku-klucza. Możesz wybrać więcej niż jeden plik-klucza (porządek nie ma znaczenia). Jeśli dodasz folder, wszystkie nieukryte pliki z niego zostana użyte jako plik- klucze. Kliknij 'Dodaj token...', by wskazać pliki-kluczy przechowywane na tokenach bezpieczeństwa lub kartach pamięci (albo zaimportować pliki-klucze na tokeny bezpieczeństwa lub karty pamięci). + Pliki-klucze zostały pomyślnie dodane/usunięte. + Plik-klucz wyeksportowano. + Algorytm klucza nagłówka został pomyślnie ustawiony. + Proszę wprowadzić hasło i/lub plik/i-klucz/e dla bezsystemowego wolumenu, gdzie chcesz wznowić proces szyfrownia "w locie".\n\n\nZapamiętaj: Po kliknięciu Dalej, VeraCrypt przystąpi do wyszukania wszystkich nie systemowych wolumenów, gdzie proces szyfrowania został przerwany, i gdzie nagłówek wolumenu VeraCrypt moż być odszyfrowany używając podanego hasła i/lub pliku/ów-klucza/y. Jeżeli jest znaleziony więcej niż jeden wolumen, będziesz musiał wybrać jeden z nich w następnym kroku. + Proszę wybrać jeden z wyszczególnionych wolumenów. Lista zawiera każdy dostępny nie systemowy wolumen, gdzie proces szyfrowania został przerwany, i gdzie nagłówek mógł być odszyfrowany używając podanego hasła i/lub pliku/ów-klucza/y. + Proszę wprowadzić hasło i/lub plik/i-klucz/e dla bezsystemowego wolumenu VeraCrypt, który chcesz odszyfrować. + Bardzo ważne jest wybranie dobrego hasła. Powinieneś unikać wybrania pojedynczych słów, które mogą być znalezione w słowniku (lub kombinacji 2, 3, lub 4 znalezionych słów). Nie powinno zawierać, żadnych nazw, imion lub dat urodzin. Nie powinno być łatwe do wymyślenia. Dobrym hasłem jest przypadkowa kombinacja dużych i małych liter, cyfr, i znaków specjalnych, takich jak @ ^ = $ * + itd. Zalecamy wybranie hasła zawierającego więcej niż 20 znaków (dłuższe, lepsze). Maksymalna długość - 64 znaki. + Wybierz hasło dla wolumenu ukrytego. + Proszę wybrać hasło dla ukrytego systemu operacyjnego (np. dla ukrytej partycji). + WAŻNE: Hasło które wybrałeś dla ukrytego systemu operacyjnego w tym kroku musi być zasadniczo inne od pozostałych dwóch haseł (np. od hasła do zewnętrznego wolumenu i od hasła do zwodzącego systemu operacyjnego). + Podaj hasło dla wolumenu, w którym chcesz utworzyć wolumen ukryty.\n\nPo kliknięciu przycisku Dalej program VeraCrypt spróbuje podłączyć ten wolumen. Natychmiast po podłączeniu nastąpi skanowanie mapy bitowej klastrów w celu określenia wielkości ciągłego, wolnego obszaru (jeśli jest) wyrównanego do końca wolumenu. Ten obszar będzie wykorzystany przez wolumen ukryty i dlatego ogranicza maksymalną możliwą wielkość. Skanowanie mapy klastrów jest niezbędne dla zapewnienia, że żadne dane z wolumenu zewnętrznego nie zostaną nadpisane przez wolumen ukryty. + \nProszę wybrać hasło do zewnętrznego wolumenu. To będzie hasło które może być ujawnione, gdy będziesz tego chciał lub zostaniesz zmuszony.\n\nWAŻNE: Hasło musi być zasadniczo inne od innych których używasz do ukrytego wolumenu.\n\nPamiętaj: Maksymalna możliwa długość hasła to 64 znaki. + Proszę wybrać hasło do zewnętrznego wolumenu. To będzie hasło które może być ujawnione, gdy będziesz tego chciał do pierwszej partycji za partycją systemową, gdzie umieszczone są oba: zewnętrzny wolumen i ukryty wolumen (zawierający ukryty system operacyjny). Istnienie ukrytego wolumenu (i ukrytego systemu operacyjnego) pozostanie dalej w tajemnicy. Pamiętaj hasło nie jest do zwodzącego systemu operacyjnego.\n\nWAŻNE: Hasło musi być zasadniczo inne od pozostałych które wybrałeś do ukrytego wolumenu (np. do ukrytego systemu operacyjnego). + Hasło wolumenu zewnętrznego + Hasło wolumenu ukrytego + Hasło ukrytego Systemu Operacyjnego + OSTRZEŻENIE: Krótkie hasła są łatwe do złamania przez zastosowanie techniki brutalnego ataku!\n\nZaleca się używanie haseł składających się przynajmniej z 20 znaków. Czy na pewno użyć krótkiego hasła? + Hasło wolumenu + Niepoprawne hasło albo to nie jest wolumen VeraCrypt. + Niepoprawne pliki-klucze i/lub hasło albo to nie jest wolumen VeraCrypt. + Zły tryb podłączania, niepoprawne hasło lub to nie jest wolumen VeraCrypt. + Niepoprawny tryb podłączania, niepoprawne pliki-klucze, błędne hasło lub to nie jest wolumen VeraCrypt. + Niepoprawne hasło lub nie znaleziono wolumenu VeraCrypt. + Niepoprawne pliki-klucze/hasło lub nie znaleziono wolumenu VeraCrypt. + \n\nOstrzeżenie: Tryb Caps Lock (wielkie litery) jest włączony. Może to spowodować niepoprawne wprowadzenie hasła. + Zapamietaj liczbę, aby zamontować wolumen + MOI zewnętrznego wolumenu + MOI ukrytego wolumenu + MOI ukrytego systemu operacyjnego + MOI (Mnożnik Osobistych Iteracji) to wartość, która następująco kontroluje liczbę iteracji używanych przez derywację klucza nagłówka:\n Iteracje = 15000 + (MOI x 1000).\n\nGdy pozostawione puste lub ustawione na 0, VeraCrypt użyje wartości domyślnej (485), która zapewnia wysokie bezpieczeństwo.\nGdy hasło jest krótsze niż 20 znaków, MOI nie może być mniejszy niż 485, aby zapewnić minimalny poziom bezpieczeństwa.\nGdy hasło ma 20 znaków lub więcej, MOI może mieć dowolną wartość.\nWartość MOI większa niż 485 spowoduje wolniejsze montowanie, mała wartość MOI (mniejsza niż 485) spowoduje szybsze montowanie, ale może zmniejszyć poziom bezpieczeństwa, gdy hasło nie jest wystarczająco silne. + MOI (Mnożnik Osobistych Iteracji) to wartość, która następująco kontroluje liczbę iteracji używanych przez derywację klucza nagłówka:\n Iteracje = MOI x 2048.\n\nGdy pozostawione puste lub ustawione na 0, VeraCrypt użyje wartości domyślnej, która zapewnia wysokie bezpieczeństwo.\nGdy hasło jest krótsze niż 20 znaków, MOI nie może być mniejszy niż 98, aby zapewnić minimalny poziom bezpieczeństwa.\nGdy hasło ma 20 znaków lub więcej, MOI może mieć dowolną wartość.\nWartość MOI większa niż 98 spowoduje wolniejsze montowanie, mała wartość MOI (mniejsza niż 98) spowoduje szybsze montowanie, ale może zmniejszyć poziom bezpieczeństwa, gdy hasło nie jest wystarczająco silne. + Zapamiętaj liczbę do uruchomienia systemu + Wybrałeś wartość MOI, która jest większa niż standardowa wartość VeraCrypt.\nProszę zauważyć, że doprowadzi to do znacznie wolniejszego montowania lub uruchamiania. + Wybrałeś Mnożnik Osobistych Iteracji (MOI), który jest mniejszy niż podstawowa wartość VeraCrypt. Proszę zauważyć, że jeżeli twoje hasło nie jest wystarczająco mocne, moze to doprowadzić do osłabienia bezpieczeństwa.\n\nCzy potwierdzasz użycie silnego hasła? + Maksymalna wartość Mnożnika Osobistych Iteracji (MOI) dla szyfrowania systemu wynosi 65535. + MOI wolumenu + \n\nOSTRZEŻENIE: Odnaleziono pliki ukryte na ścieżce wyszukiwaniu plików-kluczy. Takie pliki nie moga zostać użyte jako pliki-klucze. Jeśli potrzebujesz ich jako plików-kluczy, usuń atrybut 'ukryty' (kliknij prawym przyciskiem myszki na każdym z nich, wybierz 'Właściwości', odznacz 'Ukryty' i wciśnij OK). Sugestia: Pliki ukryte widoczne są tylko jeśli włączona jest odpowiednia opcja (Komputer > Organizuj > 'Opcje folderów i wyszukiwania' > Widok). + Jeżeli przystąpiłeś do zabezpieczania ukrytego wolumenu zawierającego ukryty system operacyjny, proszę się upewnić że używasz standartowego układu klawiatury US kiedy piszesz hasło do ukrytego wolumenu. Jest to wymagane, aby wpisać hasło potrzebne do pre-boot (przed uruchomieniem Windows), gdzie układ klawiatury w Windows jest inny niż standard US. + VeraCrypt nie znalazł żadnego wolumenu, gdzie nie systemowe szyfrowanie zostało przerwane, i gdzie nagłówek wolumenu może być odszyfrowany używając podanego hasła i/lub plikiem/ami-kluczem/ami.\n\nProszę upewnić się, że hasło i/lub plik/i-klucz/e są poprawne i że partycja/wolumen nie jest używana przez system lub aplikacje (włączając w to system antywirusowy). + Wybrana partycja/urządzenie jest już w pełni zaszyfrowana.\nFlagi nagłówka = 0x%.8X + Wybrana partycja/urządzenie nie używa szyfrowania w miejscu.\nFlagi nagłówka = 0x%.8X + \n\nUwaga: Aby podłączyć partycję zlokalizowaną na zaszyfrowanym dysku systemowym bez wstępnego uwierzytelniania lub podłączyć zaszyfrowaną partycję systemową systemu, który nie jest uruchomiony, należy wybrać opcję 'System' > 'Podłącz bez wstępnego uwierzytelniania'. + W tym trybie, nie możesz podłączyć partycji umieszczonej na dysku, gdzie część zakresu klucza jest umieszczona w aktywnie zaszyfrowanym systemie.\n\nPrzed podłączeniem partycji w tym trybie, musisz uruchomić system operacyjny zainstalowany na innym dysku (zaszyfrowanym lub niezaszyfrowanym) lub uruchomić niezaszyfrowany system operacyjny. + VeraCrypt nie może odszyfrować indywidualnej partycji na całkowicie zaszyfrowanym napędzie systemowym (możesz odszyfrować tylko cały napęd systemowy). + Ostrzeżenie: Ponieważ ten napęd zawiera program startowy VeraCrypt, może to być całkowicie zaszyfrowany napęd systemowy. Jeżeli jest, proszę zauważyć że VeraCrypt nie może odszyfrować pojedynczej partycji na całkowicie zaszyfrowanym napędzie systemowym (możesz odszyfrować tylko cały napęd systemowy). Jeżeli ma to miejsce, będziesz mógł teraz kontynuować, ale otrzymasz później wiadomość 'Nieprawidłowe hasło'. + < &Wstecz + Nie można utworzyć listy urządzeń surowych zainstalowanych w tym systemie! + Wolumen '%s' istnieje i jest tylko do odczytu. Czy na pewno go zastąpić? + Wybierz katalog docelowy + Wybierz plik-klucz + Wskaż ścieżkę wyszukiwania pliku-klucza. UWAGA: Zapisana będzie tylko ścieżka a nie nazwy plików! + Wybierz katalog do przechowywania plików-kluczy. + Bieżący plik kontenera został wybrany jako plik-klucz. Zostanie on pominięty. + Zaprojektowany przez Rossa Andersona, Eli Bihama i Larsa Knudsena. Opublikowany w 1998. 256-bitowy klucz, 128-bitowy blok. Tryb szyfrowania: XTS. Algorytm Serpent był jednym z finalistów konkursu na algorytm AES. + Wskaż rozmiar kontenera do utworzenia.\n\nJeśli tworzysz dynamiczny (sparse-file) kontener, ten parametr wskazuje maksymalny możliwy rozmiar.\n\nZauważ, że minimalny możliwy rozmiar woluminu FAT wynosi 292 KB. Minimalny możliwy rozmiar wolumenu NTFS to 3792 KB. + Wskaż rozmiar zewnętrznego wolumenu do utworzenia (na początku zostanie utworzony wolumen zewnętrzny a następnie wolumen ukryty wewnątrz niego). Minimalny możliwy rozmiar wolumenu, wewnątrz którego tworzony jest wolumen ukryty wynosi 340 KB. + Wskaż rozmiar ukrytego wolumenu do utworzenia. Minimalny dozwolony rozmiar ukrytego wolumenu jest 40 KB (lub 3664 KB jeśli jest formatowany jako NTFS). Maksymalny możliwy rozmiar możliwy do wskazania dla ukrytego wolumenu wyświetlono powyżej. + Wielkość wolumenu zewnętrznego + Wielkość wolumenu ukrytego + Proszę zweryfikować, że wielkość wybranego urządzenia/partycji wskazanej wcześniej jest poprawna i kliknąć Dalej. + Zewnętrzny wolumen i ukryty wolumen (zawierający ukryty sysytem operacyjny) będą umieszczone wewnątrz wskazanej partycji. Będą to pierwsze partycje za partycją systemową.\n\nProszę zweryfikować poprawność wielkości partycji i jej numer, jeżeli jest dobrze, kliknąć Dalej. + \n\nZauważ, że minimalny dozwolony rozmiar wolumenu, wewnątrz którego ma się znaleźć wolumen ukryty wynosi 340 KB. + Wielkość wolumenu + Dynamiczny + UWAGA: NIEPOWODZENIE TESTU! + Test zakończono pomyślnie + Podany numer jednostki danych jest za długi lub za krótki. + Podany klucz dodatkowy jest za długi lub za krótki. + Podany tekst zaszyfrowany jest za długi lub za krótki. + Podany klucz testowy jest za długi lub za krótki. + Podany tekst jawny jest za długi lub za krótki. + Dwa szyfry używane kaskadowo w trybie XTS. Każdy blok jest najpierw szyfrowany przez %s (klucz %d-bitowy), a potem przez %s (klucz %d-bitowy). Każdy szyfr używa własnego klucza. Klucze są całkowicie niezależne. + Trzy szyfry używane kaskadowo w trybie XTS. Każdy blok jest najpierw szyfrowany przez %s (klucz %d-bitowy), potem przez %s (klucz %d-bitowy), a na końcu przez %s (klucz %d-bitowy). Każdy szyfr używa własnego klucza. Klucze są całkowicie niezależne. + Pamiętaj że, konfiguracja zależna jest od systemu operacyjnego, gdzie auto-run i auto-mount może działać tylko kiedy przenośne pliki są stworzone na urządzeniach z zablokowanym zapisem np. CD/DVD. Więc pamiętaj, że to nie jest błąd w VeraCrypt (jest to ograniczenie Windows). + VeraCrypt przenośny dysk został stworzony poprawnie.\n\nPamiętaj, że musisz posiadać uprawnienia administracyjne, aby uruchomić VeraCrypt w trybie przenośnym. + Dysk podróżny VeraCrypt + Zaprojektowany przez Bruce'a Schneiera, Johna Kelseya, Douga Whitinga, Davida Wagnera, Chrisa Halla i Nielsa Fergusona. Opublikowany w 1998. Klucz 256-bitowy, blok 128-bitowy. Tryb szyfrowania: XTS. Algorytm Twofish był jednym z finalistów konkursu na algorytm AES. + Więcej informacji na temat %s + Nieznany + Wystąpił nieokreślony bądź nieznany błąd (%d). + Niektóre wolumeny zawierają pliki lub foldery używane przez aplikacje lub system.\n\nWymusić odłączenie? + &Odłącz + Odłączenie nie powiodło się! + Wolumen zawiera pliki lub foldery używane przez aplikacje lub system.\n\nWymusić odłączenie? + Nie podłączono żadnego wolumenu do wskazanej litery dysku. + Wolumen, który próbujesz podłączyć, jest już podłączony. + Napotkano błąd przy próbie podłączenia wolumenu. + Błąd ustawienia pozycji zapisu/odczytu wewnątrz wolumenu. + Błąd: Niepoprawna wielkość wolumenu. + OSTRZEŻENIE: Opcja szybkiego formatowania powinna być używana tylko w następujących wypadkach:\n\n1) Urządzenie zawiera losowe dane (np. jest już bezpiecznie i w pełni zaszyfrowane).\n2) Cała dostępna wielkość będzie natychmiast wykorzystana.\n3) Bezpieczeństwo nie jest istotne (testowanie).\n\nCzy na pewno użyć szybkiego formatowania? + Kontener dynamiczny jest plikiem rzadkim NTFS, którego fizyczna wielkość (bieżące użycie miejsca na dysku) rośnie wraz z dodawaniem danych.\n\nOstrzeżenie: Wydajność wolumenu wykorzystującego plik rzadki jest znacząco gorsza o wydajności zwykłego wolumenu. Wolumeny wykorzystujące plik rzadki są także mniej bezpieczne, gdyż jest możliwe określenie, które sektory nie są używane. Dodatkowo, jeśli dane są zapisywane do pliku rzadkiego i zabraknie wolnego miejsca w systemie plików, zaszyfrowany system plików może zostać uszkodzony.\n\nCzy na pewno utworzyć wolumen w pliku rzadkim? + Zauważ, że wielkość dynamicznego kontenera pokazywana przez Windows i VeraCrypt będzie zawsze równa jego maksymalnemu rozmiarowi. Aby określić aktualną fizyczną wielkość kontenera (aktualną używaną przez niego przestrzeń dyskową), kliknij prawym przyciskiem myszy na pliku kontenera (w oknie Eksploratora Windows, nie w VeraCrypt), następnie wybierz 'Właściwości' i sprawdź wartość 'Rozmiar na dysku'.\n\nZauważ również, że jeśli przeniesiesz kontener na inny wolumen lub dysk, wielkość fizyczna kontenera zostanie zwiększona do maksimum. (Możesz temu zapobiec tworząc nowy kontener dynamiczny w miejscu docelowym, podłączając go a następnie przenosząc pliki ze starego kontenera do nowego.) + Bufor hasła wyczyszczony + Hasła (oraz zawartość przetwarzanego pliku-klucza) przechowywane w buforze sterownika VeraCrypt zostały wyczyszczone. + VeraCrypt nie może zmienić hasła dla wolumenu obcego. + Wybierz z listy wolną literę dysku. + Wybierz z listy podłączony wolumen. + Wybrano obecnie dwa różne zamontowane wolumeny (jeden na liście liter dysków a inny na polu poniżej listy).\n\nProszę wskazać odpowiedni wolumen: + Błąd: Nie można utworzyć pliku autorun.inf + Błąd podczas przetwarzania pliku-klucza! + Błąd podczas przetwarzania ścieżki pliku-klucza! + Ścieżka plików-kluczy nie zawiera plików.\n\nPamiętaj, że foldery (i zawartość plików) znalezionych na ścieżce przeszukiwań plików-kluczy zostały pominięte. + Program VeraCrypt nie obsługuje tego systemu operacyjnego. + Błąd: VeraCrypt wspiera tylko stabilne wersje systemów operacyjnych (wersje beta/RC nie są wspierane). + Błąd: Nie można przydzielić pamięci. + Błąd: Nie można pobrać wartości z licznika wydajności. + Błąd: Nieodpowiedni format wolumenu. + Błąd: Podałeś hasło do ukrytego wolumenu (nie dla normalnego wolumenu). + Z powodów bezpieczeństwa, ukryty wolumen nie może być stworzony wewnątrz wolumenu VeraCrypt zawierającego system plików (ponieważ wolne miejsce na wolumenie nie będzie mogło zostać wypełnione losowymi danymi). + VeraCrypt - Informacje prawne + Wszystkie pliki + Wolumeny programu VeraCrypt + Moduły bibliotek + Kontynuowanie formatowania NTFS nie jest możliwe. + Nie można podłączyć wolumenu. + Nie można odłączyć wolumenu. + System Windows nie może sformatować tego wolumenu jako NTFS.\n\nWybierz inny typ systemu plików (jeśli to możliwe) i ponów próbę. Alternatywnie pozostaw ten wolumen jako niesformatowany (wybierz system plików 'Żaden'), wyjdź z kreatora, podłącz wolumen i sformatuj go innym programem narzędziowym (systemowym lub pochodzącym od innego dostawcy). Wolumen pozostanie zaszyfrowany. + System Windows nie mógł sformatować tego wolumenu jako NTFS.\n\nCzy sformatować go jako FAT? + Domyślny + partycja + PARTYCJA + Urządzenie + urządzenie + URZĄDZENIE + Wolumen + wolumen + WOLUMEN + Etykieta + Wybrana wielkość klastra jest zbyt mała dla wolumenu o tej wielkości. Należy użyć klastra o większej wielkości. + Błąd: Nie można uzyskać wielkości wolumenu!\n\nUpewnij się, że wybrany wolumen nie jest używany przez system lub aplikację. + Wolumeny ukryte nie mogą być tworzone w kontenerach dynamicznych (sparse file). Aby osiągnąć wiarygodne możliwości kontroli, wolumen ukryty musi być utworzony w kontenerze o stałym rozmiarze. + Kreator wolumenu VeraCrypt może utworzyć wolumen ukryty tylko w wolumenie z system plików FAT lub NTFS. + W systemie Windows 2000 kreator wolumenów VeraCrypt może utworzyć wolumen ukryty tylko w wolumenie z systemem plików FAT. + Uwaga: System plików FAT jest bardziej odpowiedni dla zewnętrznego wolumenu niż NTFS (np. maksymalna możliwa wielkość ukrytego wolumenu będzie prawdopodobnie większa jeżeli zewnętrzny wolumen jest sformatowany jako FAT). + System plików FAT jest bardziej odpowiedni dla zewnętrznych wolumenów niż system NTFS. Np. maksymalna możliwa wielkość ukrytego wolumenu będzie prawdopodobnie większa jeżeli zewnętrzny wolumen jest sformatowany jako FAT (Powód jest taki, że NTFS zawsze utrzymuje wewnętrzne dane dokładnie w środku wolumenu i dlatego ukryty wolumen może być umieszczony tylko w drugiej połówce partycji).\n\nCzy jesteś pewien, że chcesz sformatować zewnętrzny wolumen jako NTFS? + Czy chcesz sformatować wolumen jako FAT? + Uwaga: Ten wolumen nie może być sformatowany jako FAT, ponieważ przekracza maksymalną wielkość wolumenu obsługiwaną przez system plików FAT32 dla odpowiedniego rozmiaru sektora (2 TB dla sektorów 512-bajtowych oraz 16 TB dla sektorów 4096-bajtowych). + Błąd: Partycja dla ukrytego systemu operacyjnego (tzn. pierwsza partycja za partycją systemową) musi być przynajmniej 5% większa od partycji systemowej (partycja systemowa to taka, gdzie obecnie jest zainstalowany i uruchomiony system operacyjny). + Błąd: Partycja dla ukrytego systemu operacyjnego (np. pierwsza partycja za partycją systemową) musi być przynajmniej 110% (2.1 razy) większa od partycji systemowej (partycja systemowa to ta, gdzie obecnie zainstalowany i uruchomiony jest system the system operacyjny). Powód jest taki, że NTFS zawsze utrzymuje wewnętrzne dane dokładnie w środku wolumenu i dlatego ukryty wolumen (który zawiera klon partycji systemowej) może być umieszczony tylko w drugiej połówce partycji. + Błąd: Jeżeli zewnętrzny wolumen jest NTFS, musi być przynajmniej 110% (2.1 raza) większy niż partycja systemowa. Powód jest taki, że NTFS zawsze zapisuje wewnętrzne dane dokładnie w środku wolumenu i dlatego ukryty wolumen (który zawiera klon partycji systemowej) może być umieszczony tylko w drugiej połówce zewnętrznego wolumenu.\n\nUwaga: Zewnętrzny wolumen wymaga, aby był umieszczony wewnątrz tej samej partycji co ukryty system operacyjny (np. wewnątrz pierwszej partycja za partycją systemową). + Błąd: Nie ma partycji za partycją systemową.\n\nUwaga, przed stworzeniem ukrytego systemu operacyjnego wymagane jest stworzenie partycji dla tego systemu na systemowym dysku. Ona musi być pierwszą partycją za partycją systemową i musi być przynajmniej 5% większa od systemowej partycji (systemowa partycja to ta, gdzie aktualnie jest zainstalowany i uruchomiony system operacyjny). Jednakże, jeżeli zewnętrzny wolumen (nie mylić z partycją systemową) jest sformatowany jako NTFS, partycja na ukryty system operacyjny musi być przynajmniej 110% (2.1 raza) większa od systemowej partycji (powodem jest to, że NTFS zawsze zapisuje wewnętrzne dane dokładnie w środku wolumenu i dlatego ukryty wolumen który jest klonem zawartości partycji systemowej, może być umieszczony w drugiej połówce partycji). + Zapamiętaj: Nie jest praktykowane (i dlatego nie jest wspierane) zainstalowanie dwóch systemów operacyjnych w dwóch wolumenach VeraCrypt zawartych wewnątrz jednej partycji, ponieważ używanie zewnętrznego systemu operacyjnego często wymaga zapisania danych na obszarze ukrytego systemu operacyjnego. + Aby uzyskać informacje jak stworzyć i zarządzać partycjami, proszę przeczytać dokumentację zawartą w systemie operacyjnym lub skontaktować się ze swoim serwisem sprzętu. + BŁĄD: Obecnie uruchomiony system operacyjny nie jest zainstalowany na partycji bootującej (pierwszej aktywnej partycji). To nie jest obsługiwane. + Stwierdziłeś, że będziesz przechowywał na tym wolumenie pliki większe niż 4 GB. Jednodcześnie wybrałeś system plików FAT, na którym nie można umieścić plików większych niż 4 GB.\n\nCzy jesteś pewien że chcesz sformatować zewnętrzny wolumen jako FAT? + Błąd: VeraCrypt nie obsługuje deszyfrowania "w locie" starych bezsystemowych wolumenów stworzonych przez VeraCrypt 1.0b albo wcześniejsze.\n\nUwaga: Wciąż możesz odszyfrować pliki zgromadzone na wolumenie poprzez skopiowanie lub przeniesienie ich na niezaszyfrowany wolumen. + Błąd: Nie może odszyfrować "w locie" ukrytego wolumenu VeraCrypt.\n\nUwaga: Wciąż możesz odszyfrować pliki zgromadzone na wolumenie poprzez skopiowanie lub przeniesienie ich na niezaszyfrowany wolumen. + Ostrzeżenie: Zauważ, że VeraCrypt nie może odszyfrować "w locie" wolumenu, który zawiera ukryty wolumen VeraCrypt (ukryty wolumen zostałby nadpisany danymi pseudolosowymi).\n\nProszę potwierdzić, że wolumen, który zamierzasz odszyfrować nie zawiera ukrytego wolumenu.\n\nUwaga: Jeżeli wolumen zawiera ukryty wolumen, ale nie obawiasz się jego utraty, możesz wybrać Kontynuuj (zewnętrzny wolumen zostanie bezpiecznie odszyfrowany). + Wolumen nie zawiera żadnego ukrytego wolumenu. Kontynuuj. + Wolumen zawiera ukryty wolumen. Anuluj + Błąd: Brak dostępu do wolumenu!\n\nUpewnij się, że wybrany wolumen istnieje, nie jest podłączony lub używany przez system albo aplikację, że masz prawa do zapisu i odczytu wolumenu i że nie jest zabezpieczony przed zapisem. + Błąd: Nie można uzyskać właściwości wolumenu. + BŁĄD: Brak dostępu do wolumenu i/lub uzyskania informacji o wolumenie.\n\nUpewnij się, że wskazany wolumen istnieje, i że nie jest używany przez system lub aplikacje, że posiadasz uprawnienia do czytania/zapisania wolumenu, i że nie jest on zabezpieczony przed zapisem. + BŁĄD: Brak dostępu do wolumenu i/lub uzyskania informacji o wolumenie. Upewnij się, że wskazany wolumen istnieje, i że nie jest używany przez system lub aplikacje, że posiadasz uprawnienia do czytania/zapisania wolumenu, i że nie jest on zabezpieczony przed zapisem.\n\nJeżeli problem się powtarza, mogą pomóc następujące kroki. + Błąd uniemożliwił VeraCrypt do zaszyfrowania partycji. Proszę najpierw rozwiązać problem i spróbować ponownie. Jeżeli problem będzie się powtarzał, mogą pomóc następujące kroki. + Błąd uniemożliwił VeraCrypt wznowienie procesu szyfrowania partycji.\n\nProszę najpierw rozwiązać problem i spróbować ponownie wznowić proces. Uwaga, wolumen nie może być podłączony dopóki nie zostanie w pełni zaszyfrowany. + Błąd uniemożliwił VeraCrypt deszyfrowanie wolumenu. Proszę spróbować naprawić wcześniej zgłoszone problemy i spróbować ponownie, jeżeli to możliwe. + Błąd: Nie można odłączyć wolumenu zewnętrznego!\n\nWolumen nie może być odłączony, jeśli zawiera pliki lub foldery używane przez dowolny program lub system.\n\nZamknij wszystkie programy, które mogą używać plików lub katalogów na tym wolumenie, następnie kliknij przycisk Powtórz. + Błąd: Nie można uzyskać informacji o wolumenie zewnętrznym! Tworzenie wolumenu nie może być kontynuowane. + Błąd: Brak dostępu do wolumenu zewnętrznego! Nie można kontynuować tworzenia wolumenu. + Błąd: Nie można podłączyć wolumenu zewnętrznego! Nie można kontynuować tworzenia wolumenu. + Błąd: Nie można pobrać mapy bitowej klastrów! Nie można kontynuować tworzenia wolumenu. + Alfabetycznie/Kategoriami + Średnia prędkość (malejąco) + Algorytm + Szyfrowanie + Deszyfrowanie + Średnia + Dysk + Wielkość + Algorytm szyfrowania + Algorytm szyfrowania + Typ + Wartość + Właściwość + Położenie + bajty(ów) + Ukryty + Zewnętrzny + Zwykły + Systemowy + Ukryty (system) + Tylko do odczytu + Dysk systemowy + Dysk systemowy (zaszyfrowano: %.2f%%) + Dysk systemowy (zdeszyfrowano: %.2f%%) + Dysk systemowy (zaszyfrowano: %.2f%%) + Partycja systemowa + Ukryta partycja systemowa + Partycja systemowa (zaszyfrowano: %.2f%%) + Partycja systemowa (zdeszyfrowano: %.2f%%) + Partycja systemowa (zaszyfrowano: %.2f%%) + Tak (zabezpieczony przed uszkodzeniem!) + Żaden + Wielkość pierwszego klucza + Wielkość drugiego klucza (tryb XTS) + Dopasowanie wielkości klucza (tryb LRW) + bity + Wielkość bloku + PKCS-5 PRF + Licznik Iteracji PKCS-5 + Utworzono wolumen + Data ostatniej modyfikacji nagłówka + (%I64d dni temu) + Wersja formatu wolumenu + Wbudowana kopia nagłówka + Wersja prog. rozru. VC + Pierwszy dostępny + Wymienny dysk + Dysk twardy + Niezmieniony + Autodetekcja + Tryb kreatora + Wybierz jedną z metod. Jeżeli nie jesteś pewny co wybrać, wybierz wartość domyślną. + Wybierz tą opcję jeżeli chcesz zainstalować VeraCrypt w tym systemie. + Wskazówka: Możesz uaktualnić bez rozszyfrowywania nawet jeśli zaszyfrowana jest partycja/dysk systemowy lub używasz ukrytego systemu operacyjnego. + Jeżeli wybierzesz tą opcję, wszystkie pliki będą wypakone z tego archiwum ale nic nie zostanie zainstalowane w systemie. Nie zaznaczaj, jeżeli rzeczywiście chcesz zaszyfrować systemową partycję lub systemowy dysk. Zaznaczenie tej opcji może być używane np. jeżeli chcesz uruchomić VeraCrypt np. w trybie przenośnym. VeraCrypt nie zostanie zainstalowany w systemie operacyjnym. Po wypakowaniu wszystkich plików, możesz bezpośrednio uruchomić rozpakowany 'VeraCrypt.exe' (VeraCrypt uruchomi się w trybie przenośnym). + Opcje instalowania + W tym oknie można ustawić opcje kontrolujące proces instalacji. + Instalowanie + Proszę czekać na zainstalowanie programu VeraCrypt. + VeraCrypt został pomyślnie zainstalowany + VeraCrypt został pomyślnie uaktualniony + Rozważ proszę przekazanie dotacji. W dowolnej chwili możesz wcisnąć przycisk Zakończ, by zamknąć instalator. + Opcje wyodrębniania + W tym oknie można ustawić opcje kontrolujące proces wyodrębniania. + Proszę czekać na wyodrębnienie plików. + Pliki skutecznie wyodrębnione + Wszystkie pliki zostały pomyślnie wyodrębnione i zapisane w położeniu docelowym. + Jeśli podany folder nie istnieje, zostanie automatycznie utworzony. + VeraCrypt zostanie zaktualizowany w lokalizacji, gdzie jest zainstalowany VeraCrypt. Jeżeli potrzebujesz wybrać inną lokalizację, proszę odinstalować najpierw VeraCrypt. + Czy chcesz zobaczyć informacje na temat wydania dla bieżącej (ostatniej stabilnej) wersji programu VeraCrypt? + Jeśli nigdy wcześniej nie używałeś programu VeraCrypt, zalecamy przeczytanie rozdziału Beginner's Tutorial w podręczniku użytkownika VeraCrypt. Chcesz wyświetlić ten rozdział? + Wybierz działanie do wykonania: + Naprawa/Reinstalacja + Aktualizacja + Deinstalacja + Aby pomyślnie zainstalować/odinstalować VeraCrypt, musisz posiadać uprawnienia administratora. Czy chcesz kontynuować? + VeraCrypt Installer jest uruchomiony w twoim systemie i przygotowuje lub dokonuje instalacji lub uaktualnienia VeraCrypt. Przed dalszym kontynuowaniem instalacji, proszę poczekać na zakończenie aktualnego działania lub zamknij aplikacje. Jeżeli nie możesz zamknąć, proszę zrestartuj komputer przed uruchomieniem procesu instalacji. + Niepowodzenie instalacji. + Niepowodzenie deinstalacji. + Pakiet dystrybucyjny jest uszkodzony. Pobierz go ponownie (najlepiej z oficjalnej strony programu VeraCrypt po adresem www.veracrypt.org). + Nie można zapisać pliku %s + Wyodrębnianie + Nie można odczytać danych z tego pakietu. + Nie można zweryfikować integralności tego pakietu dystrybucyjnego. + Niepowodzenie wyodrębniania. + Instalacja została wycofana. + Program VeraCrypt został pomyślnie zainstalowany. + VeraCrypt został pomyślnie uaktualniony. + Program VeraCrypt został zaktualizowany do nowej wersji. Przed rozpoczęciem korzystania w programu należy ponownie uruchomić komputer.\n\nCzy chcesz teraz zrestartować system? + Nie udało się uaktualnić VeraCrypt!\n\nWAŻNE: Zanim wyłączysz lub uruchomisz ponownie system, zalecamy stanowczo użycie Przywracania systemu (Menu Start Windows > Wszystkie programy > Akcesoria > Narzędzia systemowe > Przywracanie systemu), by przywrócić stan systemu do punktu przywracania o nazwie 'VeraCrypt installation'. Jeśli Przywracanie systemu jest niedostępne, należy spróbować zainstalować oryginalną lub nową wersję VeraCrypt raz jeszcze zanim wyłączysz lub zrestartujesz system. + Program VeraCrypt został pomyślnie odinstalowany.\n\nKliknij przycisk 'Zakończ', aby usunąć program instalacyjny VeraCrypt oraz folder %s. Folder nie zostanie usunięty, jeśli zawiera jakieś pliki, które nie zostały zainstalowane lub utworzone przez program VeraCrypt. + Usuwanie wpisów rejestru VeraCrypt + Dodawanie pozycji rejestru + Usuwanie danych aplikacji + Instalowanie + Zatrzymywanie + Usuwanie + Dodawanie ikon + Tworzenie punktu przywracania systemu + Niepowodzenie tworzenia punktu przywracania systemu! + Uaktualnienie programu startowego + Zainstalowanie '%s' nie powiodło się. %s Czy chcesz kontynuowań instalowanie? + Odinstalowanie '%s' nie powiodło się. %s Czy chcesz kontynuować odinstalowanie? + Instalacja została zakończona. + Nie można utworzyć folderu '%s' + Sterownik urządzenia VeraCrypt nie może zostać wyładowany.\n\nZamknij wszystkie otwarte okna programu VeraCrypt. Jeśli to nie pomoże, zrestartuj system Windows i ponów próbę. + Wszystkie wolumeny programu VeraCrypt muszą zostać odłączone przed instalacją lub odinstalowaniem programu VeraCrypt. + W tym systemie jest zainstalowana przestarzała wersja programu VeraCrypt. Musi być ona zostać odinstalowana zanim będzie można zainstalować tę wersję programu VeraCrypt.\n\nNatychmiast po zamknięciu tego komunikatu zostanie uruchomiony deinstalator starej wersji. Należy pamiętać, że żaden z wolumenów nie zostanie odszyfrowany. Po odinstalowaniu starej wersji programu VeraCrypt ponownie uruchom instalator nowej wersji. + Nie powiodła się instalacja wpisów rejestru + Instalacja sterownika urządzenia nie powiodła się. Zrestartuj system Windows i ponów próbę zainstalowania programu VeraCrypt. + Uruchamianie sterownika urządzenia VeraCrypt + Niepowodzenie odinstalowania sterownika urządzenia. Z powodu rozwiązań przyjętych w systemie Windows przed odinstalowaniem (lub ponownym zainstalowaniem) sterownika może być konieczne wylogowanie lub restart systemu. + Instalowanie sterownika urządzenia VeraCrypt + Zatrzymywanie sterownika urządzenia VeraCrypt + Deinstalacja sterownika urządzenia VeraCrypt + Rejestracja biblioteki obsługującej zarządzanie kontami użytkowników nie powiodła się. + Wyrejestrowanie biblioteki obsługującej zarządzanie kontami użytkowników nie powiodło się. + Uwaga o trybie przenośnym:\n\nProszę zauważyć, że system operacyjny wymaga zarejestrowania w nim sterowników, zanim będą mogły być uruchomione. Dlatego sterownik VeraCrypt nie jest (i nie może być) w pełni przenośny (chociaż aplikacja VeraCrypt jest w pełni przenośna, tzn. nie musi być zainstalowana ani zarejestrowana w systemie operacyjnym). Należy również pamiętać, że VeraCrypt potrzebuje sterownika, aby zapewnić przejrzyste szyfrowanie/deszyfrowanie w locie. + Pamiętaj, że jeżeli zdecydujesz się uruchomić VeraCrypt w trybie przenośnym (w przeciwieństwie do uruchomienia zainstalowanej wersji VeraCrypt), system zapyta cię o uprawnienia do uruchomienia VeraCrypt (UAC prompt) za każdym razem, gdy będziesz go uruchamiał.\n\nPowodem jest to, że VeraCrypt w trybie przenośnym wymaga załadowania i uruchomienia sterownika urządzeń VeraCrypt. VeraCrypt potrzebuje sterownika, aby zapewnić przeźroczysty dostęp do szyfrowania/odszyfrowania i użytkownicy bez uprawnień administracyjnych nie mogą uruchomić sterownika urządzeń w Windows. Dlatego, system zapyta Cię o uprawnienia administracyjne przy uruchomieniu VeraCrypt (UAC prompt).\n\nPamiętaj, że jeżeli zainstalujesz VeraCrypt w systemie, system NIE będzie pytał o uprawnienia do uruchomienia VeraCrypt (UAC prompt).\n\nCzy jesteś pewien, że chcesz wypakować pliki? + UWAGA: Obecne wystąpienie kreatora wolumenów ma uprawnienia administratora.\n\nTwój nowy wolumen może być stworzony z uprawnieniami, które nie pozwolą Ci na zapisanie do wolumenu, gdy jest on podłączony. Jeżeli chcesz to ominąć, zamknij to wystąpienie kreatora i uruchom nową kopię bez uprawnień administratora.\n\nCzy chcesz zamknąć to okno kreatora? + Błąd: Nie można wyświetlić licencji. + Zewnętrzny(!) + dni + godz. + minuty + s + Otwórz + Odłącz + Pokaż VeraCrypt + Ukryj VeraCrypt + Dane odczytane od podłączenia + Dane zapisane od podłączenia + Część zaszyfrowana + 100% (całkowicie zaszyfrowane) + 0% (nie zaszyfrowane) + %.3f%% + 100% + Oczekiwanie + Przygotowanie + Rozszerzanie + Szyfrowanie + Deszyfrowanie + Kończenie + Wstrzymane + Zakończone + Błąd + Urządzenie odłączone + Ulubione wolumeny systemowe zapisane.\n\nAby włączyć podłączanie ulubionych wolumenów systemowych kiedy system startuje, proszę wybrać 'Ustawienia' > 'Ulubione wolumeny systemowe' > 'Podłączyć ulubione wolumeny systemowe podczas startu Windows'. + Wolumen, który właśnie dodajesz do ulubionych nie jest ani partycją ani wolumenem dynamicznym. Dlatego VeraCrypt nie będzie mógł podłączyć tego ulubionego wolumenu jeśli zmieni się numer urządzenia. + Wolumen, który właśnie dodajesz do ulubionych jest partycją nierozpoznawalną dla Windows.\n\nVeraCrypt nie będzie w stanie podłączyć tego ulubionego wolumenu jeśli zmieni się numer urządzenia. Wymagane jest ustawienie typu partycji tak, by był rozpoznawalny przez Windows (użyj polecenia SETID z windowsowego narzędzia 'diskpart'). Następnie dodaj ponownie partycję do ulubionych. + Wykonywane w tle Zadanie VeraCrypt zostało zablokowane lub skonfigurowane, by zakończyć się, gdy brak zamontowanych wolumenów (lub VeraCrypt jest uruchomiony w trybie przenośnym). Może to blokować automatyczne montowanie ulubionych wolumenów po podłączeniu ich nośników.\n\nUwaga: Aby odblokować Zadanie VeraCrypt w tle, należy wybrać Ustawienia > Preferencje i zaznacz pole wyboru 'Aktywny' w sekcji 'Proces VeraCrypt uruchamiany w tle'. + Nośnik przechowywany na zdalnym systemie plików współdzielonym w sieci nie może być automatycznie dołączany, gdy podłączane jest jego urządzenie. + Urządzenie wyświetlane poniżej nie jest ani partycją ani wolumenem dynamicznym. Stąd wolumen zawarty w urządzeniu nie może być automatycznie montowany, gdy urządzenie jest podłączane. + Należy ustawić typ partycji wyświetlany poniżej na typ rozpoznawany przez Windows (użyj polecenia SETID narzędzia Windows 'diskpart'). Następnie usuń partycję z ulubionych i dodaj ją ponownie. Pozwoli to wolumenowi mieszczącemu sie na urządzeniu zostać automatycznie podłączonym po podpięciu urządzenia. + Urządzenie wyświetlane poniżej nie jest ani partycją ani wolumenem dynamicznym. Dlatego nie można do niego przypisać etykiety. + Należy ustawić typ partycji wyświetlany poniżej na typ rozpoznawany przez Windows (użyj polecenia SETID narzędzia Windows 'diskpart'). Następnie usuń partycję z ulubionych i dodaj ją ponownie. Pozwoli to programowi VeraCrypt przypisać etykietę do partycji. + Ze względu na ograniczenia Windows, nośnik przechowywany w zdalnym systemie plików współdzielonym przez sieć nie może być montowany jako systemowy wolumen ulubiony (jednakże może być montowany jako bezsystemowy wolumen ulubiony podczas logowania użytkownika). + Podaj hasło dla %s + Podaj hasło dla '%s' + Wprowadź hasło dla normalnego/innego wolumentu + Wprowadź hasło dla ukrytego wolumenu + Wprowadź hasło do zapisania do pliku kopii bezpieczeństwa nagłówka + Plik-klucz został pomyślnie utworzony. + Liczba plików-kluczy, którą podałeś jest nieprawidłowa. + Rozmiar pliku-klucza musi być zawarty pomiędzy 64 a 1048576 bajtów. + Proszę podać nazwę pliku/ów-klucza/y do wygenerowania + Nazwa bazowa pliku/ów-klucza/ów jest nieprawidłowa. + Plik-klucz'%s' już istnieje.\nCzy chcesz go nadpisać? Proces generowania zostanie zakończony, jeżeli odpowiesz Nie. + UWAGA: Nagłówek tego wolumenu jest uszkodzony! VeraCrypt automatycznie użyje wbudowanej kopii bezpieczeństwa nagłówka wolumenu.\n\nMożesz naprawić nagłówek wolumenu wybierając 'Narzędzia' > 'Odtwórz nagłówek wolumenu'. + Pomyślnie utworzono kopię zapasową nagłówka wolumenu.\n\nWAŻNE: Odtworzenie nagłówka wolumenu z użyciem tej kopii spowoduje odtworzenie aktualnego hasła wolumenu. Oprócz tego, jeśli pliki-klucze są potrzebne do podłączania, te same pliki klucze będą niezbędne do podłączenia wolumenu po odtworzeniu jego nagłówka.\n\nOSTRZEŻENIE: Obecna kopia zapasowa nagłówka może być użyta TYLKO dla tego wolumenu. Użycie tej kopii nagłówka dla innego wolumenu umożliwi jego podłączenie, ale NIE BĘDZIE MOŻLIWE odszyfrowanie danych zapisanych w wolumenie (ponieważ zmieni się jego klucz nadrzędny). + Nagłówek wolumenu został pomyślnie odtworzony.\n\nWAŻNE: Stare hasło również zostało odtworzone. Jeśli w chwili utworzenia tej kopii zapasowej do podłączenia wolumenu były konieczne pliki-klucze, te same pliki będą znów potrzebne do podłączenia wolumenu. + Z powodów bezpieczeństwa, powinieneś wprowadzić poprawne hasło (i/lub podać pliki-klucze) do wolumenu.\n\nUwaga: Jeżeli wolumen zawiera ukryty wolumen, powinieneś wprowadzić poprawne hasło (i/lub podać poprawne pliki-klucze) najpierw do zewnętrznego wolumenu. Potem, jeżeli wybierzesz kopię nagłówka ukrytego wolumenu, będziesz musiał wprowadzić poprawne hasło (i/lub podać poprawne pliki-klucze) do ukrytego wolumenu. + Czy jesteś pewien, że chcesz zrobić kopię zapasową nagłówka wolumenu %s?\n\nPo naciśnięciu Tak, zostaniesz zapytany o nazwę pliku do którego kopia zostanie zapisana.\n\nUwaga: Oba - standardowe i ukryte nagłówki wolumenów będą ponownie zaszyfrowane używając nowego klucza (new salt) i zostaną zapisane w pliku kopii. Jeżeli nie ma w tym wolumenie ukrytego wolumenu, miejsce zarezerwowane na nagłówek ukrytego wolumenu w kopii bezpieczeństwa zostanie wypełniona losowymi danymi. Kiedy będzięsz odtwarzał nagłówek wolumenu z kopii, będziesz potrzebował wprowadzenia poprawnego hasła (i/lub podania poprawnego pliku/ów-klucza/y) które zostało ustawione podczas tworzenia kopii nagłówka wolumenu. Na podstawie hasła (i/lub plików-kluczy) zostanie automatycznie wykryty typ nagłówka wolumenu do odtworzenia, np. standardowy lub ukryty (VeraCrypt wykrywa to w trakcie procesu testu i zwracanych błędów). + Czy na pewno odtworzyć nagłówek %s?\n\nOSTRZEŻENIE: Odtworzenie nagłówka wolumenu spowoduje również przywrócenie hasła, które było aktualne w momencie tworzenia kopii zapasowej. Oprócz tego jeśli pliki-klucze są potrzebne do podłączania, te same pliki-klucze będą niezbędne do podłączenia wolumenu po odtworzeniu jego nagłówka.\n\nPo potwierdzeniu konieczne będzie wybranie pliku kopii zapasowej nagłówka. + Czy wolumen zawiera ukryte wolumeny? + Wolumen zawiera ukryte wolumeny + Wolumen nie zawiera ukrytych wolumenów + Proszę wybrać typ nagłówka wolumenu, którego chesz zrobić kopię bezpieczeństwa: + Odtwórz nagłówek wolumenu z wbudowanej w wolumen kopii bezpieczeństwa + Odtwórz nagłówek wolumenu z zewnętrznego pliku kopii bezpieczeństwa + Wielkość kopii nagłówka wolumenu z pliku kopii jest niepoprawna. + Nie ma kopii nagłowna we wbudowanej kopii bezpieczeństwa tego wolumenu (uwaga tylko dla wolumenów stworzonych przez VeraCrypt 6.0 lub późniejszych). + Zamierzasz utworzyć kopię zapasową nagłówka dla partycji/dysku systemowego. To nie jest dozwolone. Zabezpieczanie/odtwarzanie dla partycji/dysku systemowego może być przeprowadzane wyłącznie przy użyciu płyty ratunkowej programu VeraCrypt.\n\nCzy utworzyć płytę ratunkową programu VeraCrypt? + Zamierzasz odtworzyć nagłówek wolumenu wirtualnego VeraCrypt, ale wybrano partycję lub dysk systemowy. To nie jest dozwolone. Zabezpieczanie/odtwarzanie dla partycji/dysku systemowego może być przeprowadzane wyłącznie przy użyciu płyty ratunkowej programu VeraCrypt.\n\nCzy utworzyć płytę ratunkową programu VeraCrypt? + Po kliknięciu przycisku OK należy wybrać nazwę pliku dla nowego obrazu ISO płyty ratunkowej programu VeraCrypt i miejsce, w którym zostanie zapisany. + Obraz płyty ratunkowej został stworzony i zapisany w pliku: %s\n\nTeraz musisz nagrać obraz płyty ratunkowej na CD lub DVD.\n\nWAŻNE: Pamiętaj, że plik musi być nagrany na CD/DVD jako obraz płyty ISO (nie jako pojedynczy plik). Informacje jak to zrobić znajdziesz w dokumentacji twojego oprogramowania nagrywarki CD/DVD.\n\nPo nagraniu płyty ratunkowej, wybierz 'System' > 'Sprawdź płytę ratunkową', aby sprawdzić poprawność nagrania płyty. + Obraz płyty ratunkowej został stworzony i zapisany w pliku: %s\n\nTeraz musisz nagrać obraz płyty ratunkowej na CD lub DVD.\n\nCzy chcesz teraz załadować Microsoft Windows Disc Image Burner?\n\nPamiętaj: Po nagraniu płyty ratunkowej, wybierz 'System' > 'Sprawdź płytę ratunkową', aby sprawdzić poprawność nagrania płyty. + Włóż płytę ratunkową programu VeraCrypt do napędu CD/DVD i kliknij przycisk OK w celu jego sprawdzenia. + Płyta ratunkowa programu VeraCrypt została pomyślnie sprawdzona. + Nie można zweryfikować poprawności zapisania płyty ratunkowej.\n\nJeśli płyta ratunkowa została zapisana, wyjmij i ponownie włóż płytę CD/DVD, a następnie ponów próbę. Jeśli to nie pomoże, należy spróbować użyć innego oprogramowania CD/DVD lub nośnika.\n\nPróba zweryfikowania płyty ratunkowej utworzonej dla innego klucza nadrzędnego, hasła, itp. nigdy nie zakończy się pozytywnie. Aby utworzyć nową płytę ratunkową w pełni kompatybilną z aktualną konfiguracją, wybierz opcję 'System' > 'Utwórz płytę ratunkową'. + Obraz ISO płyty ratunkowej VeraCrypt został pomyślnie sprawdzony. + Nieudane sprawdzenie obrazu ISO płyty ratunkowej.\n\nJeżeli próbujesz sprawdzić obraz ISO płyty ratunkowej VeraCrypt stworzony dla innego klucza głównego, hasła, soli itp., proszę zauważyć, że taki obraz ISO płyty ratunkowej zawsze nie przejdzie weryfikacji. Aby stworzyć nowy obraz ISO płyty ratunkowej VeraCrypt w pełni kompatybilny z twoją obecną konfiguracją, wybierz 'System' > 'Utwórz płytę ratunkową'. + Błąd tworzenia płyty ratunkowej + Płyta ratunkowa VeraCrypt nie może zostać stworzona podczas uruchomionego ukrytego systemu operacyjnego.\n\nAby stworzyć płytę ratunkową VeraCrypt, zrestartuj system operacyjny i wybierz 'System' > 'Tworzenie płyty ratunkowej'. + Nie można zweryfikować poprawności zapisu płyty ratunkowej.\n\nJeżeli masz nagraną płytę ratunkową, proszę wyjąć ją i włożyć ponownie do CD/DVD; kliknij Dalej, aby spróbować jeszcze raz. Jeżeli to nie pomoże, proszę spróbować z innym nośnikiem %s.\n\nJeżeli nie nagrałeś jeszcze płyty ratunkowej, zrób to, i kliknij Dalej.\n\nJeżeli przystąpisz do sprawdzenia płyty ratunkowej VeraCrypt przed uruchomieniem tego kreatora, proszę pamiętać że płyta ratunkowa nie może byc użyta, ponieważ została stworzona z innym kluczem głównym. Powinieneś nagrać nowo wygenerowaną płytę ratunkową. + i/lub inne oprogramowanie nagrywające CD/DVD + VeraCrypt - Ulubione wolumeny systemowe + Co to są ulubione wolumeny systemowe? + Systemowa partycja/dysk nie wydaje się być zaszyfrowana.\n\nUlubione wolumeny systemowe mogą być podłączane używając tylko autoryzacji hasłem pre-boot. Dlatego, aby włączyć używanie ulubionych wolumenów systemowych, musisz najpierw zaszyfrować systemową partycję lub dysk. + Odłącz wolumen przed przejściem dalej. + Błąd: Nie można ustawić stopera. + Sprawdź system plików + Napraw system plików + Dodaj do ulubionych... + Dodaj do ulubionych systemowych... + Właśc&iwości... + Zabezpieczony wolumen ukryty + niedostępny + Tak + Nie + Zablokowane + 1 + 2 lub więcej + Tryb działania + Etykieta: + Wielkość: + Ścieżka: + Litera dysku: + Błąd: Hasło może zawierać tylko znaki ASCII.\n\nZnaki spoza zestawu ASCII w haśle mogą spowodować brak możliwości podłączenia po zmianie konfiguracji systemu.\n\nDozwolone jest użycie następujących znaków:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + OSTRZEŻENIE: Hasło zawiera znaki spoza zestawu ASCII. Może to spowodować brak możliwości podłączenia wolumenu po zmianie konfiguracji systemu operacyjnego.\n\nNależy zastąpić wszystkie znaki spoza zestawu ASCII w haśle znakami ASCII. W tym celu kliknij 'Wolumeny' -> 'Zmień hasło wolumenu'.\n\nNastępujące znaki należą do zestawu ASCII:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + OSTRZEŻENIE: Stanowczo zaleca się unikanie używania rozszerzeń nazw plików używanych przez pliki wykonywalne (takich jak .exe, .sys lub .dll) i innych podobnych problematycznych rozszerzeń nazw plików. Użycie takich rozszerzeń nazw sugeruje systemowi Windows i oprogramowaniu antywirusowemu ingerowanie w kontenery, co może spowodować obniżenie wydajności wolumenu a także poważne problemy.\n\nStanowczo zaleca się usunięcie tego rozszerzenia pliku lub jego zmianę (np. na .raw, .iso, .img, .dat lub .rnd).\n\nCzy na pewno chcesz użyć problematycznego rozszerzenia nazwy pliku? + OSTRZEŻENIE: Ten kontener ma rozszerzenie nazwy pliku, które jest zarezerwowane dla plików wykonywalnych (takich jak .exe, .sys lub .dll) lub inne podobnie problematyczne rozszerzenie nazwy pliku. To prawdopodobnie spowoduje ingerencję systemu Windows i oprogramowania antywirusowego w kontener, co wpłynie na wydajność wolumenu i może być przyczyną poważnych problemów.\n\nStanowczo zaleca się usunięcie rozszerzenia lub jego zmianę (np. na .raw, .iso, .img, .dat lub .rnd) po odłączeniu tego wolumenu. + Strona WWW + OSTRZEŻENIE: Ten komunikat pojawił się, ponieważ w systemie Windows XP nie jest zainstalowany żaden pakiet poprawek. W systemie Windows XP bez żadnego pakietu poprawek nie należy zapisywać na dyskach IDE większych niż 128 GB! Jeśli to zrobisz, dane na dysku (bez znaczenia, czy jest to wolumen VeraCrypt, czy nie) mogą zostać uszkodzone. Jest ograniczenie systemu Windows, a nie błąd w VeraCrypt. + OSTRZEŻENIE: Ten komunikat pojawił się, ponieważ w Windows 2000 nie jest zainstalowany pakiet poprawek 3 lub nowszy. W systemie Windows 2000 bez pakietu poprawek 3 lub nowszego nie należy zapisywać na dyskach IDE większych niż 128 GB! Jeśli to zrobisz, dane na dysku (bez znaczenia, czy jest to wolumen VeraCrypt, czy nie) mogą zostać uszkodzone. Jest ograniczenie systemu Windows, a nie błąd w VeraCrypt.\n\nWskazówka: Może zajść potrzeba włączenia w rejestrze obsługi LBA w trybie 48-bitowym. Aby uzyskać więcej informacji, patrz http://support.microsoft.com/kb/305098 + OSTRZEŻENIE: W używanym systemie wyłączona jest obsługa ATAPI LBA w trybie 48-bitowym. Dlatego nie należy zapisywać na dyskach IDE większych niż 128 GB! Jeśli to zrobisz, dane na dysku (bez znaczenia, czy jest to wolumen VeraCrypt, czy nie) mogą zostać uszkodzone. Jest to ograniczenie systemu Windows, a nie błąd w VeraCrypt.\n\nAby włączyć obsługę LBA w trybie 48-bitowym, dodaj wartość rejestru 'EnableBigLba' do klucza rejestru HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters i ustaw ją na 1.\n\nAby uzyskać więcej informacji, patrz http://support.microsoft.com/kb/305098 + Błąd: Pliki większe niż 4 GB nie mogą być przechowywane na systemie plików FAT32. Dlatego, plik-hosty zawierające wolumeny VeraCrypt zapisane na FAT32 nie mogą być większe niż 4 GB.\n\nJeżeli potrzebujesz większe wolumeny, stwórz je na NTFS (lub, jeżeli używasz Windows Vista SP1 lub późniejsze, na exFAT) lub, wewnątrz stworzonego wolumenu który zawiera zaszyfrowane partycje. + Uwaga: Windows XP nie wspiera plików dłuższych niż 2048 GB (wystąpi komunikat "Not enough storage is available"). Zatem nie możesz tworzyć wolumenów VeraCrypt mieszczących się w plikach (nośnik) większych niż 2048 GB pod Windows XP.\n\nZauważ, że wciąż możliwe jest szyfrowanie całego dysku lub utworzenie wolumenu VeraCrypt mieszczącego się na partycji, większego niż 2048 GB pod Windows XP. + OSTRZEŻENIE: Aby w przyszłości było możliwe dodawanie danych/plików do wolumenu zewnętrznego, należy rozważyć utworzenie wolumenu ukrytego o mniejszej wielkości.\n\nCzy na pewno kontynuować z użyciem podanej wielkości? + Nie wybrano wolumenu.\n\nKliknij przycisk 'Wybierz urządzenie' lub 'Wybierz plik’, aby wybrać wolumen VeraCrypt. + Nie wybrano partycji.\n\nKliknij przycisk 'Wybierz urządzenie', aby wybrać niepodłączoną partycję, która normalnie wymaga wstępnego uwierzytelniania (np. partycja umieszczona na zaszyfrowanym dysku systemowym innego systemu operacyjnego, który nie jest uruchomiony lub zaszyfrowana partycja systemowa innego systemu operacyjnego).\n\nUwaga: Wybrana partycja zostanie podłączona tak jak zwykły wolumen VeraCrypt bez wstępnego uwierzytelniania. To jest przydatne np. do wykonania kopii zapasowej lub naprawy systemu. + OSTRZEŻENIE: Jeśli zostaną zdefiniowane i włączone domyślne pliki-klucze, wolumeny nie używające tych kluczy nie będą mogły być podłączone. Dlatego po włączeniu domyślnych plików-kluczy należy pamiętać o anulowaniu zaznaczenia pola wyboru 'Użyj plików-kluczy' (poniżej pola wprowadzania hasła) zawsze, gdy podłączane są takie wolumeny.\n\nCzy na pewno chcesz zapisać wybrane pliki-klucze lub ich ścieżki jako domyślne? + Automatycznie podłączanie urządzeń + Odłącz wszystko + Wyczyść pamięć podręczną + Odmontuj wszystko i wyczyść pamięć podręczną + Wymuszaj odłączanie wszystkiego i wyczyść pamięć podręczną + Wymuszaj odłączanie wszystkiego, wyczyść pamięć podręczną i zakończ pracę + Podłącz wolumeny ulubione + Pokaż/ukryj główne okno programu VeraCrypt + (Kliknij tu i naciśnij wybrany klawisz) + Działanie + Skrót + Błąd: Skrót jest zarezerwowany. Wybierz inny skrót. + Błąd: Skrót jest już używany. + OSTRZEŻENIE: Przynajmniej jeden systemowy klawisz skrótu VeraCrypt nie będzie poprawnie działać!\n\nUpewnij się, że inna aplikacja lub system nie używają tego samego skrótu, co program VeraCrypt. + Tworzenie pliku stronicowania zostało zabronione.\n\nZauważ, że w poszczególnych wersjach Windows, pliki stronicowania nie mogą leżeć na bezsystemowych wolumenach VeraCrypt (włączając ulubione wolumeny systemowe). VeraCrypt wspiera tworzenie plików stronicowania tylko na szyfrowanych systemowych dyskach/partycjach. + Błąd lub niezgodność uniemożliwia VeraCrypt szyfrowanie pliku hibernacji. Dlatego, hibernacja nie jest możliwa.\n\nInformacja: Kiedy komputer jest hibernowany (lub wchodzi w stan oszczędzania energii), zawartość pamięci systemowej RAM jest zapisywana do pliku hibernacji składowanego na dysku. VeraCrypt nie mógł uniemożliwić kluczom szyfrującym na zapisanie danych w pamięci RAM jako niezaszyfrowanych w pliku hibernacji na dysku. + Hibernacja została wstrzymana.\n\nVeraCrypt nie wspiera hibernacji w ukrytym systemie operacyjnym, który używa ekstra boot partycji. Proszę pamiętać, że boot partycja jest współdzielona przez oba systemy (pierwszy i ukryty). Dlatego, aby zapobiec wyciekom danych i problemom podczas wznowienia systemu, VeraCrypt wstrzymuje w ukrytym systemie operacyjnym zapis do współdzielonej boot partycji. + Wolumen VeraCrypt podłączony jako %c: został odłączony. + Wolumeny VeraCrypt zostały odłączone. + Wolumeny VeraCrypt zostały odłączone a bufor haseł wyczyszczony. + Pomyślnie odłączone + UWAGA: Jeśli Zadanie VeraCrypt w Tle jest zablokowane, odłączone są następujące funkcje:\n\n1) Klawisze skrótu\n2) Auto-dismount (tj., podczas wylogowywania, niezapowiedzianego odłączeniu nośnika, tajmautu, itp.)\n3) Auto-mount ulubionych wolumenów\n4) Powiadomienia (np, przy zapobieganiu uszkodzenia ukrytego wolumenu)\n5) Ikony powiadomień\n\nZauważ: Można w każdej chwili zakończyć Zadanie w Tle prawym przyciskiem myszki na ikonie powiadomień i wybierając 'Zakończ'.\n\nCzy na pewno trwale zablokować Zadanie VeraCrypt w Tle? + OSTRZEŻENIE: Jeśli opcja ta zostanie wyłączona, wolumeny zawierające otwarte pliki/katalogi nie będą mogły być automatycznie odłączane.\n\nCzy na pewno wyłączyć tę opcję? + OSTRZEŻENIE: Wolumeny zawierające otwarte pliki/katalogi nie będą automatycznie odłączane.\n\nAby to zmienić, włącz następującą opcję w tym oknie dialogowym: 'Wymuś odłączanie, nawet gdy są otwarte pliki lub katalogi'. + OSTRZEŻENIE: Kiedy w laptopie bateria jest słaba, Windows może wysłać informacje do uruchomionych aplikacji, że wchodzi w stan oszczędzania energii. Dlatego, VeraCrypt w tych przypadkach może błędnie automatycznie odłączać wolumeny. + Zaplanowano proces szyfrowania partycji/wplumenu. Proces jeszcze nie został zakończony.\n\nCzy chcesz teraz wznowić proces? + Zaplanowano proces szyfrowania lub deszyfrowania partycji lub dysku systemowego. Proces ten nie został jeszcze zakończony.\n\nCzy chcesz go teraz uruchomić (wznowić)? + Czy chcesz być zapytany o dokończenie obecnego procesu szyfrowania nie systemowej partycji/wolumenu? + Tak, pytaj mnie ciągle + Nie, nie pytaj mnie + WAŻNE: Pamiętaj, że możesz wznowić proces szyfrowania każdego nie systemowej partycji/wolumenu wybierając 'Wolumeny' > 'Wznów Przerwany Proces' z menu okna VeraCrypt. + Zaplanowano proces szyfrowania lub deszyfrowania partycji lub dysku systemowego. Wstępne uwierzytelnianie zakończyło się jednak niepowodzeniem (lub zostało pominięte).\n\nJeśli partycja lub dysk systemowy jest deszyfrowany w środowisku z wstępnym uwierzytelnianiem, należy zakończyć ten proces, wybierając w menu głównym programu VeraCrypt opcję 'System' > 'Trwale odszyfruj partycję lub dysk systemowy'. + UWAGA: Jeśli VeraCrypt zakończy się teraz, następujące funkcje zostaną zablokowane:\n\n1) Klawisze skrótu\n2) Auto-dismount (np., podczas wylogowania, niezapowiedzialnego odłączenia nośnika, tajmautu, itp.)\n3) Auto-mount ulubionych wolumenów\n4) Powiadomienia (np., podczas zapobiegania uszkodzenia ukrytego wolumenu)\n\nZauważ: Jeśli nie chcesz, by VeraCrypt pracował w tle, zablokuj Zadanie VeraCrypt w Tle w Preferencjach (i, o ile konieczne, zablokować automatyczny start VeraCrypt w Preferencjach).\n\nCzy na pewno wyjść z VeraCrypt? + Wyjść? + Program VeraCrypt nie ma wystarczających informacji, aby zdecydować, czy należy szyfrować czy deszyfrować. + Program VeraCrypt nie ma wystarczających informacji, aby zdecydować, czy szyfrować, czy deszyfrować.\n\nUwaga: Jeśli partycja/dysk systemowy została odszyfrowana w środowisku z wstępnym uwierzytelnieniem, może być konieczne dokończenie procesu przez kliknięcie przycisku Odszyfruj. + Uwaga: Gdy szyfrujesz bezsystemową partycję lub wolumen "w locie", a błąd trwale uniemożliwia skończenie procesu, nie będziesz mógł zamontować wolumenu (i uzyskać dostępu do zgromadzonych na nim danych), ąz do czasu pełnego ODSZYFROWANIA wolumenu (tj. odwrócenia procesu).\n\nJeżelu musisz to zrobić, podążaj tymi krokamni:\n1) Wyłącz ten kreator.\n2) W głównym oknie VeraCrypt, wybierz 'Wolumeny' > 'Kontynuuj przerwany proces'.\n3) Wybierz 'Odszyfruj'. + Czy chcesz przerwać i odłożyć proces szyfrowania partycji/wolumenu?\n\nUwaga: Pamiętaj, że wolumen nie może być podłączony do czasu całkowitego zaszyfrowania. Możesz wznowić proces szyfrowania i będzie on kontynuowany od miejsca, gdzie został zatrzymany. Możesz to zrobić, np. wybierając 'Wolumeny' > 'Kontynuuj przerwany proces' z menu głównego okna VeraCrypt. + Czy chcesz przerwać i odłożyć proces szyfrowania partycji/dysku systemowego?\n\nUwaga: Proces ten będzie można później wznowić od miejsca, w którym został zatrzymany. W tym celu należy wybrać w głównym oknie programu VeraCrypt opcję 'System' > 'Wznów przerwany proces'. Aby ostatecznie przerwać lub odwrócić proces szyfrowania, wybierz opcję 'System' > 'Trwale odszyfruj partycję lub dysk systemowy'. + Czy chcesz wstrzymać i odłożyć proces deszyfrowania partycji/dysku systemowego?\n\nUwaga: Proces ten będzie można później wznowić od miejsca, w którym został zatrzymany. W tym celu należy wybrać w głównym oknie programu VeraCrypt opcję 'System' > 'Wznów przerwany proces'. Aby odwrócić proces deszyfrowania (i rozpocząć szyfrowanie), wybierz opcję 'System' > 'Szyfruj partycję lub dysk systemowy'. + Błąd: Niepowodzenie przerwania procesu szyfrowania/deszyfrowania partycji/dysku systemowego. + BŁĄD: Błąd przerwania procesu czyszczenia/wymazywania. + Błąd: Niepowodzenie wznowienia procesu szyfrowania/deszyfrowania partycji/dysku systemowego. + BŁĄD: Błąd uruchomienia procesu czyszczenia/wymazywania. + Wykryto i usunięto niespójność.\n\n\n(Jeśli będziesz zgłaszać związany z tym błąd, umieść w raporcie błędu następujące informacje techniczne: %hs) + BŁĄD: Stan nieoznaczony.\n\n\n(Jeżeli będziesz wykonywał raport z błędem, proszę dołącz te techniczne informacje: %hs) + Nie ma przerwanego procesu szyfrowania lub deszyfrowania partycji systemowej lub napędu do wznowienia.\n\nZawuaż: Jeżeli chcesz wznowić przerwany proces szyfrowania lub deszyfrowania partycji lub wolumenu bezsystemowego, wybierz 'Wolumeny' > 'Kontynuuj przerwany proces'. + OSTRZEŻENIE: Proces VeraCrypt uruchamiany w tle jest wyłączony. Po zakończeniu pracy programu VeraCrypt nie będą generowane ostrzeżenia o podjęciu działań zabezpieczających przed uszkodzeniem wolumenów ukrytych.\n\nProces uruchamiany w tle można zamknąć w dowolnym momencie, klikając prawym przyciskiem myszy ikonę VeraCrypt w zasobniku i wybierając opcję 'Wyjście'.\n\nUruchomić proces programu VeraCrypt w tle? + Wersja pakietu językowego: %s + Sprawdzanie systemu plików w wolumenie VeraCrypt podłączonym jako %s... + Próba naprawy systemu plików w wolumenie VeraCrypt podłączonym jako %s... + Ostrzeżenie: Ten wolumen jest zaszyfrowany z wykorzystaniem starego algorytmu szyfrowania.\n\nWszystkie algorytmy o 64-bitowym bloku (np. Blowfish, CAST-128 lub Triple DES) są niezalecane. Będzie możliwe podłączenie tego wolumenu w przyszłych wersjach VeraCrypt. Implementacje tych algorytmów nie będą jednak w przyszłości rozwijane. Zaleca się utworzenie nowego wolumenu szyfrowanego algorytmem o 128-bitowym bloku (np. AES, Serpent, Twofish, itp.) i przeniesienie wszystkich plików do nowego wolumenu. + System nie jest skonfigurowany do automatycznego podłączania nowych wolumenów. Może być niemożliwe podłączenie wolumenów VeraCrypt wykorzystujących urządzenia. Automatyczne podłączanie może być włączone przez wydanie następującej komendy i ponowne uruchomienie systemu.\n\nmountvol.exe /E + Przypisz literę dysku do partycji/urządzenia przed uruchomieniem ('Panel sterowania' > 'Wydajność i konserwacja' > 'Narzędzia administracyjne' > 'Zarządzanie komputerem' > 'Zarządzanie dyskami').\n\nJest to wymaganie systemu operacyjnego. + Podłącz wolumen VeraCrypt + Odłącz wszystkie wolumeny VeraCrypt + Program VeraCrypt nie mógł uzyskać uprawnień administratora. + System operacyjny odmówił dostępu.\n\nMożliwa przyczyna: system wymaga posiadania praw odczytu/zapisu (lub praw administratora) dla niektórych folderów, plików i urządzeń. Zwykle użytkownik bez praw administratora może tworzyć, odczytywać i modyfikować pliki w swoim folderze z dokumentami. + Błąd: Dysk używa niewspierany rozmiar sektora.\n\nNie jest możliwe utworzenie wolumenów opartych o dysk/partycję, używające sektorów dłuższych niż 4096 bajtów. Jednakże wciąż można stworzyć wolumeny oparte na plikach znajdujących się na takich dyskach. + Obecnie nie jest możliwe zaszyfrowanie systemu zainstalowanego na dysku używającym rozmiaru sektora innego niż 512 bajtów. + Program startowy VeraCrypt wymaga co najmniej 32 kB wolnego miejsca na początku dysku systemowego (program startowy VeraCrypt musi być zapisany w tym obszarze). Niestety, używany dysk nie spełnia tego warunku.\n\nProsimy NIE zgłaszać tego problemu jako błędu programu VeraCrypt. Aby rozwiązać ten problem, będzie konieczne ponowne podzielenie dysku na partycje i pozostawienie wolnych pierwszych 32 kilobajtów (w większości przypadków należy usunąć i ponownie utworzyć pierwszą partycję). Zaleca się użycie menedżera partycji firmy Microsoft, który jest dostępny np. podczas instalowania systemu Windows. + Ta funkcjonalność nie jest obsługiwana w obecnie używanej wersji systemu operacyjnego. + Program VeraCrypt nie obsługuje szyfrowania partycji/dysku systemowego w obecnie używanej wersji systemu operacyjnego. + Przed zaszyfrowaniem systemowej partycji/dysku Windows Vista, wymagane jest zainstalowanie Service Pack 1 lub nowszego do Windows Vista (nie znaleziono zainstalowanego Service Pack w twoim systemie).\n\nZauważ: Service Pack 1 do Windows Vista rozwiązuje problemy z obsługą pamięci podczas bootowania systemu. + VeraCrypt nie wspiera już szyfrowania systemowego dysku/partycji na systemie Windows Vista bez zainstalowanego Service Pack. Przed aktualizacją VeraCrypt, zainstaluj Service Pack 1 lub wyżej dla Windows Vista. + Błąd: Ten dodatek wymaga instalacji VeraCrypt w systemie (masz uruchomiony VeraCrypt w trybie przenośnym).\n\nProszę zainstalować VeraCrypt i spróbować jeszcze raz. + UWAGA: Wydaje się, że Windows nie jest zainstalowany na partycji z której jest uruchomiony. To nie jest wspierane.\n\nMożesz kontynuować tylko jeżeli jesteś pewny, że Windows jest zainstalowany na dysku z którego jest zabootowany.\n\nCzy chcesz kontynuować? + Dysk systemowy posiada tablicę partycji typu GUID (GPT). Obecnie obsługiwane są tylko dyski z tablicą partycji typu MBR. + UWAGA: Program startowy VeraCrypt jest już zainstalowany na tym dysku systemowym!\n\nJest możliwe, że inny system na tym komputerze jest już zaszyfrowany.\n\nOSTRZEŻENIE: URUCHOMIENIE SZYFROWANIA NA AKTUALNIE PRACUJĄCYM SYSTEMIE MOŻE UNIEMOŻLIWIĆ INNYM SYSTEMOM START I ZABLOKOWAĆ DOSTĘP DO DANYCH.\n\nCzy na pewno chcesz kontynuować? + Błąd odtwarzania oryginalnego systemu ładowania.\n\nProszę użyć swojej płyty ratunkowej VeraCrypt ('Wybrać opcję napraw' > 'Odtwórz oryginalny system ładowania') lub płyt instalacyjnych Windows, aby zastąpić program startowy VeraCrypt. + Oryginalny program startowy NIE będzie zapisany na płycie ratunkowej (prawdopodobna przyczyna: Brak pliku zapasowego). + Niepowodzenie zapisu do sektora MBR.\n\nBIOS może być skonfigurowany do ochrony sektora MBR. Sprawdź ustawienia BIOS (naciśnij klawisz F2, Delete lub Esc tuż po włączeniu komputera) pod kątem ustawień MBR i ochrony antywirusowej. + OSTRZEŻENIE: Nieudana weryfikacja odcisku palca programu rozruchowego!\nTwój dysk mógł zostać zmodyfikowany przez atakującego (atak "Zła pokojówka").\n\nTo ostrzeżenie również może zostać wywołane, jeżeli przywróciłeś program rozruchowy VeraCrypt przy użyciu płyty ratunkowej, która została wygenerowana przez inną wersję VeraCrypt.\n\nZaleca się natychmiastową zmianę hasła, które ponadto przywróci poprawny program rozruchowy VeraCrypt. Zalecane jest ponowne zainstalowanie VeraCrypt oraz podjęcie środków w celu uniknięcia dostępu do tej maszyny przez niezaufane jednostki. + Wymagana wersja programu startowego VeraCrypt obecnie nie jest zainstalowana. To może uniemożliwić obsługę dodatkowych opcji w sytuacji odtworzenia. + Uwaga: W niektórych wypadkach, możesz nie życzyć sobie, by osoby postronne wiedziały, że startujesz komputer przy użyciu VeraCrypt. Aby to zrobić, musisz dokonać dostosowania programu startowego VeraCrypt. Jeżeli włączysz pierwszą opcję, program startowy nie będzie się wyświetlał żadnego tekstu (nawet jeśli wprowadzisz błędne hasło). Komputer będzie wyglądał jakby "zawiesił" się na czas wprowadzenia hasła. Dodatkowo, możesz wprowadzić własną informację do wyświetlenia, by zwieść napastnika. Np. niepoprawne informacje o błędzie takie jak "Missing operating system" (która jest zwykle wyświetlana, gdy starter nie znajdzie się systemu operacyjnego). Należy jednak zauważyć, że jeżeli przeciwnik będzie miał możliwość analizy zawartości dysku twardego, wciąż będzie mógł stwierdzić obecność programu startowego VeraCrypt. + UWAGA: Pamiętaj że włączyłeś tą opcję, program startowy VeraCrypt nie będzie wyświetlał żadnego tekstu (nawet jeśli wprowadzisz złe hasło). Komputer będzie wyglądał "jak zawieszony", nawet gdy będziesz wprowadzał hasło.\n\nCzy jesteś pewien, że chcesz włączyć tą opcję? + Partycja/dysk systemowy jest całkowicie zaszyfrowana. + Program VeraCrypt nie obsługuje szyfrowania dysku systemowego, który został przekształcony w dysk dynamiczny. + Dysk systemowy zawiera rozszerzone (logiczne) partycje.\n\nMożesz zaszyfrować cały dysk systemowy zawierający rozszerzone (logiczne) partycje tylko pod Windows Vista lub późniejsze wersje Windows. Na Windows XP możesz zaszyfrować cały dysk systemowy pod warunkiem że zawiera on tylko partycje podstawowe.\n\nUwaga: Możesz wciąż zaszyfrować partycję systemową zamiast całego dysku systemowego (a ponadto możesz utworzyć możesz utworzyć partycyjne wolumeny VeraCrypt na wszystkich partycjach bezsystemowych dysku). + OSTRZEŻENIE: Ponieważ pracujesz na Windows XP/2003, po uruchomieniu szyfrowania dysku NIE wolno ci utworzyć rozszerzonych (logicznych) partycji na nim (możesz tworzyć tylko partycje podstawowe). Dowolna rozszerzona (logiczna) partycja na dysku stanie się niedostępna po rozpoczęciu szyfrowania (dysk nie zawiera teraz takich partycji).\n\nUwaga: Jeśli to ograniczenie jest nie do przyjęcia, możesz się wycofać i wybrać szyfrowanie tylko partycji systemowej zamiast całego dysku (ponadto możesz utworzyć partycyjne wolumeny VeraCrypt na wszystkich bezsystemowych partycjach dysku).\n\nZ drugiej strony, jeśli to ograniczenie jest nie do przyjęcia, możesz rozważyć aktualizację do Windows Vista lub najnowszej wersji Windows (Możesz szyfrować cały dysk zawierający rozszerzone/logiczne partycje tylko pod Windows Vista lub późniejszymi). + Twój dysk systemowy zawiera niestandardową partycję.\n\nJeśli używasz laptopa, napęd systemowy zawiera specjalną partycję przywracania. Gdy cały napęd systemowy zostanie zaszyfrowany (włączając partycję przywracania), system może stać się niebutowalny jeśli komputer używa niewłaściwie zaprojektowanego BIOSa. Będzie równiez niemożliwe użycie jakiejkolwiek partycji przywracania do czasu aż aystem zostanie odszyfrowany. Zaleczmy w takim przypadku zaszyfrować tylko partycję systemową. + Czy chcesz zaszyfrować partycję systemową zamiast całego dysku?\n\nMożna utworzyć wolumen VeraCrypt w partycji w każdej nie systemowej partycji tego dysku (oprócz zaszyfrowania partycji systemowej). + Jeśli dysk systemowy zawiera tylko jedną partycję zajmującą cały dysk, bardziej bezpieczne jest zaszyfrowanie całego dysku, włączając w to wolne miejsce, które zwykle otacza taką partycję.\n\nCzy chcesz zaszyfrować cały dysk? + Twój system jest ustawiony, tak aby przechowywać pliki tymczasowe na nie systemowej partycji.\n\nPliki tymczasowe mogą być przechowywane tylko na partycji systemowej. + Twój pliki profilu nie są przechowywane na partycji systemowej.\n\nPliki profilu użytkownika mogą być przechowywane tylko na partycji systemowej. + Jest/są plik/pliki stronicowania na nie systemowej partycji.\n\nPliki stronicowania mogą być przechowywane tylko na partycji systemowej. + Czy chcesz teraz ustawić Windows, aby tworzył pliki stronicowania tylko na partycji Windows?\n\nPamiętaj, że jeżeli naciśniesz 'Tak', komputer będzie zrestartowany. Później uruchom VeraCrypt i spróbuj ponownie stworzyć ukryty OS. + Inaczej, przeciwnik może wykryć istnienie ukrytego systemu operacyjnego.\n\nUwaga: Jeżeli przeciwnik będzie analizował zawartość plików (umieszczonych na nie systemowej partycji, może odkryć, że użyłeś kreatora w trybie tworzenia ukrytego systemu (co może świadczyć, że na dysku znajduje się ukryty system operacyjny). Ważne jest zatem, aby wszystkie pliki umieszczone na partycji systemowej zostały bezpiecznie skasowane przez VeraCrypt podczas procesu tworzenia ukrytego systemu operacyjnego. + UWAGA: Podczas procesu tworzenia ukrytego systemu operacyjnego, jest wymagane pełne przeinstalowanie obecnie uruchomionego systemu operacyjnego (aby bezpiecznie utworzyć system zwodzący).\n\nUwaga: Obecnie uruchomiony system operacyjny i cała zawartość partycji systemowej będzie skopiowana do ukrytego wolumenu (aby stworzyć ukryty system operacyjny).\n\n\nCzy jesteś pewien, że będziesz mógł zainstalować Windows używając mediów instalatora Windows (lub partycji serwisowej)? + Z powodu bezpieczeństwa, jeżeli obecnie uruchomiony system wymaga aktywacji, musi ona być wykonana przed przejściem dalej. Pamiętaj, że ukryty system operacyjny zostanie stworzonu przez skopiowanie zawartości systemowej partycji do ukrytego wolumenu (więc, jeżeli system nie jest zaktywowany, ukryty system operacyjny też nie będzie zaktywowany). Więcej informacji, zobacz w "Security Requirements and Precautions Pertaining to Hidden Volumes" w dokumentacji do VeraCrypt.\n\nWażne: Przed wykonaniem następnego kroku, proszę się upewnić, że przeczytałeś sekcje "Security Requirements and Precautions Pertaining to Hidden Volumes" w dokumentacji VeraCrypt.\n\n\nCzy obecnie uruchomiony system operacyjny spełnia ten warunek? + Twój system używa osobnej boot partycji. VeraCrypt nie wspiera hibernacji w ukrytym systemie operacyjnym, który używa osobna boot partycja (pierwszy system może być hibernowany bez problemu).\n\nProszę pamiętać, że boot partycja jest współdzielona przez oba systemy - pierwszy i ukryty. Dlatego, aby zapobiegać wyciekom pamięci i problemom z przywróceniem z hibernacji, VeraCrypt zabezpiecza współdzieloną boot partycję przed zapisem z ukrytego systemu operacyjnego.\n\n\nCzy chcesz kontynuować? Jeżeli wybierzesz 'Nie', instrukcje do usunięcia extra boot partition zostaną wyświetlone. + \nOsobna boot partycja może zostać usunięta przed instalacją Windows. Aby to zrobić wykonaj następujące kroki:\n\n1) Uruchom dysk instalacyjny Windows.\n\n2) Na ekranie instalatora Windows, wciśnij 'Instaluj teraz' > 'Użytkownika (zaawansowane)'.\n\n3) Wciśnij 'Opcje Dysku'.\n\n4) Wybierz podstawową partycję systemową i usuń ją wciskając 'Delete' i 'OK'.\n\n5) Wybierz partycję 'System Reserved', wciśnij 'Rozszerz' i zwiększ jej rozmiar, tak by można było zainstalować na niej.\n\n6) Wciśnij 'Zastosuj' i 'OK'.\n\n7) Zainstaluj Windows na partycji 'System Reserved'.\n\n\nNapastnik może cię spytać, dlaczego usunąłeś the osobną boot partycję, możesz odpowiedzieć, że chciałeś zapobiec możliwym wyciekom danych przez niezaszyfrowaną partycję uruchomieniową.\n\nUwaga: Możesz wydrukować ten tekst wciskając przycisk 'Drukuj' poniżej. Jeśli zachowasz ten tekst lub go wydrukujesz (gorąco sugerowane, chyba że drukarka zapisuje kopie drukowanych dokumentów na wewnętrznym dysku twardym), powinieneś zniszczyć wszystkie jego kopie po usunięciu osobnej boot partycji (w przeciwnym razie, jeśli taka kopia zostanie znaleziona, może wskazywać że zainstalowano ukryty system operacyjny na komputerze). + UWAGA: Istnieje niezalokowane miejsce pomiędzy partycją systemową i pierwszą partycją za partycją systemową. Po stworzeniu ukrytego systemu operacyjnego nie mżesz tworzyć nowych partycji w niezaalokowanym miejscu. Inaczej zabootowanie ukrytego systemu operacyjnego może być niemożliwe (dopóki nie skasujesz nowo stworzonej partycji). + Ten algorytm nie jest obecnie obsługiwany do szyfrowania systemu. + Ten algorytm nie jest obsługiwany w trybie TrueCrypt. + MOI (Mnożnik Osobistych Iteracji) nie obsługuje trybu TrueCrypt. + Hasło musi zawierać przynajmniej 20 albo więcej znaków, aby móc używać określonego MOI.\nKrótsze hasła mogą być używane tylko wtedy, gdy MOI wynosi 485 albo więcej. + Hasło uwierzytelniania przed uruchomieniem musi zawierać 20 albo więcej znaków, aby móc używać określonego MOI.\nKrótsze hasła mogą być używane tylko wtedy, gdy MOI wynosi 98 albo więcej. + Pliki-klucze nie są obecnie obsługiwane/wspierane do szyfrowania systemu. + Ostrzeżenie: Program VeraCrypt nie mógł odtworzyć oryginalnych ustawień klawiatury. To może spowodować błędne wprowadzenie hasła. + Błąd: Nie można ustawić trybu klawiatury dla VeraCrypt na układ USA.\n\nHasło będzie wprowadzane w środowisku PRZED uruchomieniem systemu Windows, gdzie inne niż standardowy układy klawiatury nie są dostępne. Dlatego, hasło MUSI być zawsze wprowadzane przy użyciu standardowego układu klawiatury USA. + Ponieważ program VeraCrypt czasowo zmienił ustawienia klawiatury na standard USA, nie jest możliwe wprowadzanie znaków przy wciśniętym prawym klawiszu ALT. Można jednak wprowadzać znaki osiągane przez przytrzymanie klawisza Shift. + Program VeraCrypt zapobiegł zmianie ustawień klawiatury. + Hasło będzie wprowadzane w środowisku PRZED uruchomieniem systemu Windows, gdzie inne niż standardowy (USA) układy klawiatury nie są dostępne. Dlatego, hasło MUSI być zawsze wprowadzane przy użyciu standardowego układu klawiatury USA. Do tego celu nie jest jednak konieczne używanie klawiatury fizycznej z układem USA. Program VeraCrypt pozwala automatycznie na bezpieczne wprowadzanie hasła (teraz i w środowisku przed uruchomieniem systemu) nawet jeśli NIE masz prawdziwej klawiatury amerykańskiej. + Przed zaszyfrowaniem partycji/dysku, musisz stworzyć płytę ratunkową VeraCrypt, która służy następującym celom:\n\n- Jeżeli program startowy VeraCrypt, główny klucz, lub inne krytyczne dane są uszkodzone, płyta ratunkowa pozwoli Ci na odtworzenie ich (pamiętaj, jednakże, że wciąż będziesz musiał wprowadzić poprawne hasło).\n\n- Jeżeli Windows jest uszkodzony i nie może wystartować, płyta ratunkowa pozwala na całkowite odszyfrowanie partycji/dysku przed uruchomieniem Windows.\n\n- Płyta ratunkowa będzie zawierała kopię aktualnej pierwszej ścieżki dysku (która typowo zawiera systemowy loader lub boot manager) i pozwoli Ci na odtworzenie jej.\n\nPłyta ratunkowa VeraCrypt - obraz ISO - zostanie stworzona w poniższej lokalizacji. + Po kliknięciu OK, Microsoft Windows Disc Image Burner zostanie załadowany. Proszę użyć go do nagrania płyty ratunkowej VeraCrypt (ISO) - obrazu na CD lub DVD.\n\nPo zrobieniu tego, wróć do kreatora wolumenów VeraCrypt i postępuj zgodnie z instrukcjami. + Obraz płyty ratunkowej został stworzony i zapisany w pliku: %s\n\nTeraz potrzebujesz go nagrać na CD lub DVD.\n\n%lsPo zapisaniu płyty ratunkowej, kliknij Dalej, aby zweryfikować czy nagrana płyta jest w porządku. + Obraz płyty ratunkowej został stworzony i zapisany w pliku: %s\n\nTeraz powinieneś go nagrać na CD/DVD lub umieścić go w bezpiecznym miejscu, gdy będzie później potrzebny.\n\n%lsKliknij Dalej, aby kontynuować. + WAŻNE: Pamiętaj, że plik musi być zapisany na CD/DVD jako obraz dysku ISO (nie jako indywidualny plik). Aby dowiedzieć się jak to zrobić, proszę zobaczyć w dokumentację swojego programu nagrywającego CD/DVD. Jeżeli nie posiadasz programu do nagrywania na CD/DVD obrazów dysków ISO, kliknij łącze, aby ściągnąć oprogramowanie.\n\n + Załaduj Nagrywanie płyt (obrazów) Microsoft Windows + UWAGA: Stworzona płyta ratunkowa VeraCrypt, nie może być odtąd użyta do tego systemu partycji/dysku bo został stworzony z innym kluczem głównym! Za każdym razem, gdy szyfrujesz system partycję lub dysk musisz stworzyć nową płytę ratunkową VeraCrypt nawet jeśli użyjesz tego samego hasła. + Błąd: Nie można zapisać systemowych ustawień szyfrowania. + Nie można zainicjować testu szyfrowania systemu. + Proces tworzenia ukrytego systemu operacyjnego nie może zostać zainicjowany. + Tryb wymazywania + Na niektórych typach urządzeń, jeżeli dane są nadpisywane, może być możliwe odtworzenie ich. Stosuje się również metodę nadpisania danych ich zaszyfrowaną zawartością (co ma miejsce podczas rozpoczęcia szyfrowania w VeraCrypt niezaszyfrowanej partycji lub dysku). Zgodnie z nauką i rządowymi publikacjami, odtworzenie nadpisanych danych może być niemożliwe (lub może być bardzo trudne) przez nadpisanie danych losowymi danymi i pewną nie losową kombinacją liczb kilka razy. Dlatego, jeżeli chcesz wierzyć że przeciwnik nie będzie mógł odzyskać skasowanych danych, powinieneś wybrać jeden z trybów czyszczenia/wymazywania z wieloprzebiegowych. Uwaga, czyszczenie/wymazywanie NIE może być wykonane zaszyfrowania partycji/dysku. Kiedy partycja/dysk jest w pełni zaszyfrowana, niezaszyfrowane dane są zapisane jako zaszyfrowane. Wiele danych zapisanych jest najpierw do pamięci, szyfowanych "w locie" i zapisywanych zaszyfrowanych na dysku (tak aby nie obniżyć wydajności). + Na niektórych typach urządzeń, jeżeli dane są nadpisywane, może być możliwe odtworzenie ich używając specjalnych technik, np. mikroskopu sił magnetycznych. Zgodnie z nauką i rządowymi publikacjami, odtworzenie nadpisanych danych może być niemożliwe (lub może być bardzo trudne) przez nadpisanie danych losowymi danymi i pewną nielosową kombinacją liczb kilka razy. Dlatego, jeżeli obawiasz się że przeciwnik będzie mógł odzyskać skasowane dane, powinieneś wybrać jeden z trybów czyszczenia/wymazywania z wieloprzebiegowych.\n\nUwaga: Im więcej przebiegów użyjesz, tym dłużej będzie trwało kasowanie danych. + Wymazywanie + \nUwaga: Możesz przerwać proces czyszczenia/wymazywania, wyłączyć komputer, uruchomić ponownie ukryty system i wznowić proces (ten kreator włączy się automatycznie). Jednakże, jeżeli przerwiesz proces czyszczenia/wymazywania i później go wznowisz, cały proces wystartuje od początku. + \n\nUwaga: Jeżeli przerwiesz proces czyszczenia/wymazywania i później go wznowisz, cały proces wystartuje od początku. + Czy chcesz przerwać proces wymazywania? + UWAGA: Cała zawartość zaznaczonej partycji/urządzenia zostanie skasowana i utracona. + Cała zawartość partycji, gdzie jest oryginalny system operacyjny zostanie skasowana.\n\nUwaga: Cała zawartość partycji, która ma być skasowana została skopiowana do ukrytej partycji systemowej. + OSTRZEŻENIE: Pamiętaj, że jeżeli wybrałeś tryb 3-przebiegowego czyszczenia, czas niezbędny do zaszyfrowania partycji/dysku wydłuży się 4-ro krotnie. Podobnie, jeżeli wybierzesz tryb 35-przebiegowego czyszczenia, czas wydłuży 36-cio krotnie (może potrwać kilka tygodni).\n\nJednakże, proszę pamiętać, że czyszczenie NIE musi być wykonane po pełnym zaszyfrowaniu partycji/dysku. Jeżeli partycja/dysk jest w pełni zaszyfrowana, niezaszyfrowane dane są zapisane jako zaszyfrowane. Wiele danych zapisanych jest najpierw do pamięci, szyfrowanych "w locie" i zapisywanych zaszyfrowanych na dysku (tak aby nie obniżyć wydajności).\n\nCzy jesteś pewien, że chcesz użyć trybu czyszczenia/wymazywania? + Brak (najszybszy) + 1-przebieg (dane losowe) + 3-przebiegowy (US DoD 5220.22-M) + 7-przebiegowy (US DoD 5220.22-M) + 35-przebiegowy ("Gutmann") + 256-przebiegowy + Liczba systemów operacyjnych + OSTRZEŻENIE: Niedoświadczeni użytkownicy nie powinni nigdy próbować szyfrować systemu Windows w konfiguracji z wieloma uruchamianymi systemami.\n\nCzy kontynuować? + Podczas tworzenia/używania ukrytego systemu operacyjnego, VeraCrypt obsługuje konfigurację uruchamiania wielu systemów tylko, gdy zostaną spełnione następujące warunki:\n\n- Obecnie działający system operacyjny musi być zainstalowany na napędzie rozruchowym, który nie może zawieraćżadnych innych systemów operacyjnych.\n\n- Systemy operacyjne zainstalowane na innych dyskach nie mogą używać żadnego programu startowego znajdującego się na dysku, na którym zainstalowany jest obecnie działający system operacyjny.\n\nCzy powyższe wymagania są spełnione? + VeraCrypt nie obsługuje takiej konfiguracji uruchamiania wielu systemów, gdy jest tworzony/używany ukryty system operacyjny. + Dysk startowy + Czy aktualnie uruchomiony system jest uruchamiany z dysku, na którym jest zainstalowany?\n\nWyjaśnienie: Czasami system Windows nie jest instalowany na tym samym dysku, co program startowy Windows (na partycji startowej). W takim przypadku wybierz 'Nie'. + Program VeraCrypt obecnie nie obsługuje szyfrowania systemu operacyjnego, który nie jest uruchamiany z dysku, na którym jest zainstalowany. + Liczba dysków systemowych + Ile dysków zawiera system operacyjny?\n\nNa przykład, jeśli używanych jest wiele systemów operacyjnych (np. Windows, Mac OS X, Linux, itp. zainstalowany na pierwszym dysku i dodatkowy system zainstalowany na drugim dysku), wybierz opcję '2 lub więcej'. + Program VeraCrypt obecnie nie obsługuje szyfrowania całego dysku, który zawiera wiele systemów operacyjnych.\n\nMożliwe rozwiązania:\n\n- Można na poprzednim panelu wybrać opcję zaszyfrowania jednego systemu na jednej partycji systemowej (w przeciwieństwie do szyfrowania całego dysku).\n\n- Można zaszyfrować cały dysk, jeśli inne systemy operacyjne zostaną przeniesione na inne dyski, pozostawiając ten dysk tylko dla jednego systemu operacyjnego. + Wiele systemów na jednym dysku + Czy inne systemy operacyjne zostały zainstalowane na dysku, na którym jest zainstalowany aktualnie uruchomiony system operacyjny?\n\nNa przykład, jeśli aktualnie uruchomiony system operacyjny jest zainstalowany na dysku 0 (zawierającym kilka partycji), którego jedna z partycji zawiera Windows, a inna zawiera dodatkowy system operacyjny (np. Windows, Mac OS X, Linux, itp.), wybierz opcję 'Tak'. + Program startowy z innego systemu + W MBR jest wpis pochodzący od programu startowego innego niż Windows?\n\nUwaga: Na przykład, jeżeli pierwsza ścieżka dysku zawiera GRUB, LILO, XOSL, lub inny niż menedżer startowy Windows (lub program startowy), wybierz 'Tak'. + Wiele systemów + Program VeraCrypt obecnie nie obsługuje konfiguracji wielosystemowej, w której w głównym rekordzie startowym (MBR) jest zainstalowany program startowy z systemu innego niż Windows.\n\nMożliwe rozwiązania:\n\n- Jeśli używasz menedżera uruchamiania do uruchamiania systemów Windows i Linux, przenieś menedżera uruchamiania (np. GRUB lub LILO) z MBR do partycji. Następnie uruchom ponownie kreator i zaszyfruj partycję lub dysk systemowy. Program startowy VeraCrypt stanie się podstawowym menedżerem uruchamiania i będzie pozwalał na uruchamianie oryginalnego menedżera uruchamiania (np. GRUB lub LILO) jako drugiego menedżera uruchamiania (przez naciśnięcie klawisza Esc na ekranie programu startowego VeraCrypt), co umożliwi uruchamianie systemu Linux. + Jeżeli obecnie uruchomiony system operacyjny jest zainstalowany na boot partycji, wówczas po zaszyfrowaniu jej, będziesz musiał wprowadzić poprawne hasło za każdym razem kiedy będziesz uruchamiał system (nawet ten niezaszyfrowany).\n\nNatomiast, jeżeli obecnie uruchomiony system operacyjny nie jest zainstalowany na boot partycji (lub jeżeli program startowy Windows nie jest używany przez inny system), wówczas, po zaszyfrowaniu systemu nie będziesz musiał wprowadzać hasła do uruchomienia innych systemów (również tych niezaszyfrowanych) -- będziesz musiał wcisnąć tylko klawisz Esc, aby uruchomić niezaszyfrowany system (jeżeli jest wiele niezaszyfrowanych systemów będziesz musiał wybrać, który system chcesz uruchomić).\n\nUwaga: Typowo, Windows jest zainstalowany na boot partycji. + Szyfrowanie Obszeru Chronionego Hosta + Na końcu wielu dysków są ukryte miejsca, gdzie nie ma dostępu system operacyjny (są to zwykle Host Protected Areas). Jednakże niektóre programy potrafią czytać i pisać dane z/do tych sektorów.\n\nUWAGA: Niektórzy producenci sprzętu używają tych miejsc do przechowywania narzędzi np. do RAID, odtwarzania systemu, konfiguracji systemu, diagnostyki lub innych narzędzi. Jeżeli te narzędzia lub dane muszą być dostępne przed bootowaniem, obszar ten NIE powinien być zaszyfrowany (wybierz 'Nie' powyżej).\n\nCzy chcesz, aby VeraCrypt wykrył i zaszyfrował te ukryte obszary na końcu dysku? + Typ Systemu Szyfrowania + Wybierz tą opcję jeżeli chcesz zaszyfrować jedynie partycję systemową lub cały dysk systemowy. + Może się zdarzyć, że będziesz zmuszony przez kogoś do odszyfrowania systemu operacyjnego. Jest wiele sytuacji, gdy nie możesz tego odmówić (na przykład w wyniku wymuszenia). Jeżeli wybierzesz tę opcję, utworzysz ukryty system operacyjny, którego istnienie będzie niemożliwe do odkrycia (o ile zastosujesz się do pewnych wytycznych). Stąd nie będziesz zmuszony odszyfrowywać ani zdradzać hasła do ukrytego systemu operacyjnego. By uzyskać dokładniejsze wyjaśnienia, wybierz link poniżej. + Może się zdarzyć, że zostaniesz zmuszony przez kogoś do odszyfrowania systemu operacyjnego. Jest wiele sytuacji, gdy nie możesz tego odmówić (na przykład w wyniku wymuszenia).\n\nUżywając tego kreatora możesz utworzyć ukryty system operacyjny, którego istnienie powinno być niemożliwe do udowodnienia (o ile zastosujesz się do pewnych wytycznych). Stąd nie będziesz zmuszony odszyfrowywać ani zdradzać hasła do ukrytego systemu operacyjnego. + Ukryty System Operacyjny + Wykonując kolejne kroki, stworzysz dwa wolumeny VeraCrypt (zewnętrzny i ukryty) które będą za pierwszą partycją systemową. Ukryty wolumen będzie zawierał ukryty system operacyjny (OS). VeraCrypt będzie tworzył ukryty OS poprzez skopiowanie partycji systemowej (gdzie obecnie jest zainstalowany i uruchomiony OS) do ukrytego wolumenu. Do zewnętrznego wolumenu skopiuj jakieś pliki, które NIE będą ukryte. One będą dostępne dla każdego po to, aby utajnić hasło ukrytej partycji OS. Możesz ujawnić hasło do zewnętrznego wolumenu który zawiera system operacyjny OS.\n\nNa koniec, na partycji, gdzie aktualnie masz uruchomiony OS, możesz zainstalować nowy OS, zwany dalej zwodzącym OS, i zaszyfrować go. On nie może zawierać wrażliwych danych. W sumie, będą trzy hasła. Dwa z nich można ujawnić (do zwodzącego OS i zewnętrznego wolumenu). Jeżeli użyjesz trzeciego hasła, zostanie uruchomiony ukryty system operacyjny. + Wykrywanie ukrytych sektorów + Proszę poczekać dopóki VeraCrypt wykrywa możliwe ukryte sektory na końcu dysku systemowego. Może to potrwać dłuższą chwile.\n\nUwaga: W bardzo rzadkich przypadkach, na niektórych komputerach, system wykrywania może zawiesić komputer. Jeżeli to się zdarzy, uruchom ponownie komputer, uruchom VeraCrypt, powtórz poprzednie kroki ale pomiń ten proces wyszukiwania. Informacja: To nie jest błąd VeraCrypt. + Obszar do zaszyfrowania + Wybierz tą opcję jeżeli chcesz zaszyfrować cały dysk na którym aktualnie jest uruchomiony system Windows. Powierzchnia dysku, zawierająca wszystkie partycje, zostanie zaszyfrowana z wyjątkiem pierwszej ścieżki, gdzie program startowy VeraCrypt jest umieszczony. Każdy kto chce mieć dostęp do systemu zainstalowanego na dysku lub plików umieszczonych na dysku będzie musiał wprowadzić poprawne hasło za każdym razem przed uruchomieniem systemu. Ta opcja nie może być użyta do zaszyfrowania drugiego lub zewnętrznego dysku jeżeli nie jest na nim zainstalowany Windows i nie jest z niego bootowany. + Zbieranie danych losowych + Wygenerowano klucze + VeraCrypt nie odnalazł nagrywarki CD/DVD podłączonej do komputera. VeraCrypt wymaga nagrywarki CD/DVD, aby wypalić bootowalną płytę ratunkową VeraCrypt zawierający kopię kluczy szyfrowania, program startowy VeraCrypt, oryginalny program startowy systemu itd.\n\nSugerujemy gorąco wypalenie płyty ratunkowej VeraCrypt. + Nie mam nagrywarki CD/DVD ale zapiszę obraz ISO płyty ratunkowej na urządzeniu przenośnym (np. pendrive). + Podłączę później nagrywarkę CD/DVD do komputera. Zakończ proces. + Nagrywarka CD/DVD jest teraz podłączona do komputera. Kontynuuj i zapisz płytę ratunkową. + Wykonaj następujące czynności:\n\n1) Podłącz teraz urządzenie przenośne, np. pendrive, do komputera.\n\n2) Skopiuj plik obrazu płyty ratunkowej VeraCrypt (%s) na urządzenie przenośne.\n\nW przypadku konieczności użycia w przyszłości, będziesz mógł podłączyć dysk przenośny (zawierający obraz płyty ratunkowej VeraCrypt) do komputera z nagrywarką CD/DVD i utworzyć bootowalną płytę ratunkową VeraCrypt wypalając obraz na płycie CD lub DVD. WAŻNE: Pamiętaj, że płyta ratunkowa VeraCrypt musi zostać zapisana na CD/DVD jako obraz ISO płyty (nie jako plik). + Zapisywanie płyty ratunkowej + Utworzono płytę ratunkową + Test szyfrowania + Zweryfikowano płytę ratunkową + \nPłyta ratunkowa VeraCrypt została zweryfikowana. Wyjmij ją z napędu i umieść w bezpiecznym miejscu.\n\nKliknij przycisk Dalej, aby kontynuować. + UWAGA: Podczas następnych kroków nie może być płyty ratunkowej VeraCrypt w czytniku. Inaczej nie będzie możliwe poprawne dokończenie kolejnych kroków.\n\nProszę usunąć ją z czytnika i schować w bezpiecznym miejscu. Później kliknąć OK. + Ostrzeżenie: Ze względu na techniczne ograniczenia środowiska przed ładowaniem systemu, tekst wyświetlany przez program VeraCrypt w tym środowisku (zanim zostanie uruchomiony system Windows) nie może być przetłumaczony. Interfejs użytkownika programu startowego VeraCrypt jest całkowicie w języku angielskim.\n\nCzy kontynuować? + Przed zaszyfrowaniem partycji lub dysku systemowego program VeraCrypt musi zweryfikować, czy wszystko działa poprawnie.\n\nPo kliknięciu przycisku Test wszystkie niezbędne komponenty (komponent odpowiedzialny za uwierzytelnianie przed załadowaniem systemu, program startowy VeraCrypt, itp.) zostaną zainstalowane i komputer zostanie ponownie uruchomiony. Następnie zostanie wyświetlone okno programu VeraCrypt, w którym należy podać hasło. Po uruchomieniu systemu Windows zostanie automatycznie wyświetlony wynik tego testu.\n\nZostaną zmodyfikowane następujące urządzenia: Dysk %d\n\n\nAby przerwać instalację i testowanie, kliknij przycisk Anuluj. + WAŻNA INFORMACJA -- PROSZĘ PRZECZYTAĆ LUB WYDRUKOWAĆ (kliknij 'Drukuj'):\n\nZauważ, że żaden z plików nie zostanie zaszyfrowany zanim zrestartujesz komputer i uruchomisz Windows. Wtedy, jeśli coś zawiedzie, twoje dane NIE zostaną utracone. Jednakże, jeśli coś pójdzie nie tak, możesz napotkać trudności w uruchomieniu Windows. Dlatego przeczytaj (i wydrukuj, jeśli możesz) następujące the following wytyczne odnośnie tego co zrobić jeśli Windows nie będzie mógł się uruchomić po restarcie komputera.\n\n + Co zrobić, jeżeli Windows nie może wystartować ------------------------------------------------\n\nZauważ: Instrukcje są poprawne tylko jeśli nie zacząłeś szyfrowania.\n\n- Jeśli Windows nie startuje po podaniu poprawnego hasła (lub jeśli wielokrotnie wprowadziłeś właściwe hasło ale VeraCrypt informuje, że hasło jest niepoprawne), nie panikuj. Restart (wyłączenie i włączenie zasilania) komputera, a na ekranie programu startowego VeraCrypt, wciśnij klawisz Esc (a jeśli masz wiele systemów, wybierz, który uruchomić). Wtedy Windows powinien się uruchomić (przy założeniu że nie został zaszyfrowany) a VeraCrypt zapyta automatycznie, czy chcesz odinstalować komponentu autentykującego preinicjacyjnego. Zauważ, że poprzednie kroki NIE powiodą się jeśli partycja/dysk systemowy został zaszyfrowany (nikt nie może uruchomić Windows ani uzyskać dostępu do danych na dysku bez poprawnego hasła nawet jeśli poprawnie wykonano poprzednie kroki).\n\n + - Jeśli poprzednie kroki nie pomogły lub jeśli ekran programu startowego VeraCrypt nie pojawił się (przed uruchomieniem Windows), włóż płytę ratunkową VeraCrypt do napędu CD/DVD i uruchom ponownie komputer. Jeśli ekran płyty ratunkowej VeraCrypt nie pojawił się (lub jeśli nie widzisz elementu 'Repair Options' na sekcji 'Keyboard Controls' ekranu płyty ratunkowej VeraCrypt), jest możliwe, że BIOS jest skonfigurowany do wykonania startu z dysku twardego przed próbami z płyt CD/DVD. O ile to ten przypadek, restart komputer, wciśnij F2 lub Delete (jak tylko widać ekran uruchamiania BIOS), i poczekać na pojawienie ekranu konfiguracji BIOS. Jeśli nie pojawi się ekran konfiguracji BIOS, zrestartuj (reset) komputer raz jeszcze i wciskaj F2 lub Delete wielokrotnie od samego restartu (resetu) komputera. Gdy pojawi się ekran konfiguracji BIOS, ustaw BIOS tak, by uruchamiał się najpierw z dysku CD/DVD (aby uzyskać informację jak to zrobić, sprawdź dokumentację BIOSu/płyty głównej lub skontaktuj się ze sprzedawcą lub serwisem komputera, aby uzyskać pomoc). Następnie uruchom ponownie komputer. Ekran płyty ratunkowej VeraCrypt powinien się teraz pokazać. Na ekranie płyty ratunkowej VeraCrypt wybierz 'Repair Options' wciskając klawisz F8. Z menu 'Repair Options', wybierz 'Restore original system loader'. Następnie usuń płytę ratunkową z napędu CD/DVD po czym zrestartuj komputer. Windows powinien uruchomić się normalnie (o ile nie został zaszyfrowany).\n\n + Zauważ, że poprzednie kroki nie działają jeśli partycja/dysk systemowy jest zaszyfrowany (nikt nie może uruchomić Windows ani uzyskać dostępu do danych zaszyfrowanych na dysku bez poprawnego hasła nawet jeśli poprawnie wykonał poprzednie kroki).\n\n\nZauważ, że nawet jeśli w przypadku utraty płyty ratunkowej VeraCrypt i jej pozyskania przez napastnika, NIE będzie on w stanie odszyfrować systemowej partycji lub dysku bez poprawnego hasła. + Test zakończony + Test (pretest) został przeprowadzony poprawnie.\n\nUWAGA: Proszę pamiętać, że jeżeli nastąpi brak zasilania podczas szyfrowania "w locie" lub nastąpi błąd systemu operacyjnego porzez błąd sprzętowy lub oprogramowanie w czasie szyfrowania "w locie" część danych może ulec uszkodzniu lub utracie. Dlatego, przed rozpoczęciem szyfrowania, proszę upewnić się, że masz kopię zapasową danych, które chcesz zaszyfrować. Jeżeli nie, proszę zrób teraz kopię plików (możesz kliknąć Odłóż, zrobić kopię plików i później ponownie uruchomić VeraCrypt wybrać 'System' > 'Wznów Przerwany Proces' w celu kontynuowania szyfrowania).\n\nJeżeli jesteś gotów, kliknij Szyfruj, aby uruchomić szyfrowanie. + Możesz kliknąć Pauza lub Odłóż na później, aby przerwać proces szyfrowania lub deszyfrowania, wyjść z kreatora, uruchomić ponownie lub zamknąć komputer, a później wznowić proces, który będzie kontynuował szyfrowanie od miejsca, gdzie zakończył. Szyfrowanie będzie spowalnianie kiedy system lub aplikacje zapisują lub czytają dane z dysku systemowego, VeraCrypt automatycznie będzie czekał aż dane zostaną zapisane lub odczytane (popatrz Status powyżej) i będzie automatycznie kontynuował szyfrowanie bądź odszyfrowanie. + \n\nMożesz wcisnąć Pauza lub Odłóż na później, aby przerwać proces szyfrowania, wyjść z tego kreatora, zrestartować lub wyłączyć komputer i później wznowić proces, który będzie kontynuował szyfrowanie od miejsca, gdzie zakończył. Wolumen nie może być podłączony do czasu pełnego zaszyfrowania. + \n\nMożesz wcisnąć Pauza lub Odłóż na później, aby przerwać proces deszyfrowania, wyjść z tego kreatora, zrestartować lub wyłączyć komputer i później wznowić proces, który będzie kontynuował deszyfrowanie od miejsca, gdzie zakończył. Wolumen nie może być podłączony do czasu pełnego deszyfrowania. + Wystartował ukryty system + Oryginalny system + Windows tworzy (standardowo, bez twojej wiedzy i zgody) pliki logów, pliki tymczasowe, itp., na partycji systemowej. Zawartość RAM w trakcie hibernacji i zawartość pliku stronicowania umieszczona jest na partycji systemowej. Dlatego, jeżeli narzędzia analizują pliki umieszczone na oryginalnym systemie operacyjnym (z którego klonujemy ukryty system), wykryją, że np. użyłeś kreatora VeraCrypt w trybie tworzenia ukrytego systemu (to może wskazywać na istnienie ukrytego systemu operacyjnego na twoim komputerze).\n\nAby temu zapobiec, VeraCrypt będzie w kolejnych krokach, bezpiecznie usuwał całą zawartość partycji, gdzie jest oryginalny system operacyjny. Potem, w celu bezpieczeństwa, będziesz musiał zainstalować nowy system na partycji i zaszyfrować go. Później możesz stworzyć system zwodzący i całość procesu tworzenia ukrytego systemu operacyjnego zostanie zakończona poprawnie. + Ukryty system operacyjny został stworzony poprawnie. Dlatego, przed rozpoczęciem używania go, wymagane jest bezpiecznie usunięcie (używając VeraCrypt) całości zawartości partycji, gdzie obecnie jest uruchomiony i zainstalowany system operacyjny. Przed wykonaniem tego, musisz zrestartować komputer i w programie startowym VeraCrypt (który nastąpi przed uruchomieniem Windows) wpisz hasło do ukrytego systemu operacyjnego. Później, po uruchomieniu ukrytego systemu, kreator VeraCrypt zostanie automatycznie włączony.\n\nInfo: Jeżeli wybierzesz teraz przerwanie procesu tworzenia ukrytego systemu operacyjnego, Nie będziesz mógł go wznowić ponownie i NIE będzie dostępny ukryty system operacyjny (ponieważ program startowy VeraCrypt zostanie usunięty). + Wstawiono w harmonogram proces tworzenia ukrytego systemu operacyjnego. Proces nie jest jeszcze kompletny. Aby go dokończyć, musisz zrestartować komputer i w programie startowym VeraCrypt (który nastąpi przed uruchomieniem Windows) wprowadź hasło do ukrytego systemu operacyjnego.\n\nInfo: Jeżeli wybierzesz teraz przerwanie procesu tworzenia ukrytego systemu operacyjnego, Nie będziesz mógł go wznowić ponownie. + Restart komputera i uruchomienie procesu + Permanentne przerwanie procesu tworzenia ukrytego systemu operacyjnego + Nie rób teraz nic później zostaniesz zapytany ponownie + \nJEŻELI MOŻLIWE, WYDRUKUJ TEN TEKST (kliknij 'Drukuj').\n\n\nJak i kiedy używać Plyty ratunkowej VeraCrypt (po zaszyfrowaniu) -----------------------------------------------------------------------------------\n\n + I. Jak Zainicjować komputer z płyty ratunkowej VeraCrypt\n\nAby uruchomić komputer z +płyty ratunkowej VeraCrypt, włóż ją do napędu CD/DVD i uruchom ponownie komputer. Jeśli ekran płyty ratunkowej VeraCrypt nie pojawia się (lub nie widać elementu 'Repair Options' w sekcji 'Keyboard Controls' na ekranie), prawdopodobnie BIOS został ustawiony tak, by próbować uruchamiać system z dysków twardych przed dyskami CD/DVD. Jeśli tak jest, uruchom ponownie komputer, wciśnij klawisz F2 lub Delete (natychmiast po pojawieniu ekranu uruchomieniowego BIOS) i poczekaj na wyświetlenie ekranu konfiguracji BIOS. Jeśli ekran konfiguracji BIOS nie pojawi się, zrestartuj (zresetuj) komputer raz jeszcze i powtarzaj wciśnięcia klawiszy F2 lub Delete od momentu restartu (resetu) komputera. Gdy pojawi się ekran konfiguracji BIOS, ustaw w BIOS-ie kolejność uruchamiania tak, by napęd CD/DVD był na pierwszym miejscu (Aby dowiedzieć się jak to zrobić, sprawdź w dokumentacji BIOS-u/płyty głównej lub skontaktuj się ze sprzedawcą lub wsparciem technicznym, by uzyskać pomoc). Następnie zrestartuj komputer. Ekran płyty ratunkowej VeraCrypt powinien się teraz pokazać. Uwaga: Na ekranie płyty ratunkowej VeraCrypt wybierz 'Repair Options' wciskając klawisz F8.\n\n\n + II. Kiedy i jak użyć płyty ratunkowej VeraCrypt (po Zaszyfrowaniu)\n\n + 1) Jeśli ekran programu startowego VeraCrypt nie pojawia się po uruchomieniu komputera (lub jeśli nie startuje Windows), program startowy VeraCrypt może być uszkodzony. Płyta ratunowa VeraCrypt pozwala odtworzyć go a przez to odzyskać dostęp do zaszyfrowanego systemu i danych (jednak pamiętaj, że wciąż należy podać poprawne hasło). Na ekranie płyty ratunkowej wybierz 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Następnie wciśnij 'Y', by potwierdzić akcję, usuń płytę ratunkową z napędu CD/DVD i uruchom ponownie komputer.\n\n + 2) Jeśli wielokrotnie wpisujesz poprawne hasło ale VeraCrypt informuje, że hasło jest niepoprawne, prawdopodobnie został uszkodzony klucz główny lub inne dane krytyczne. Płyta ratunkowa VeraCrypt pozwala odtworzyć je i odzyskać dostęp do zaszyfrowanego systemu i danych (jednak pamiętaj, że wciąż należy podać poprawne hasło). Na ekranie płyty ratunkowej wybierz 'Repair Options' > 'Restore key data'. Następnie wpisz hasło i wciśnij 'Y', by potwierdzić akcję, usuń płytę ratunkową z napędu CD/DVD i uruchom ponownie komputer.\n\n + 3) Jeśli program startowy VeraCrypt jest uszkodzony, możesz uniknąć wykonania go inicjując komputer bezpośrednio z płyty ratunkowej VeraCrypt. Włóż płytę ratunkową do napędu CD/DVD i wprowadź hasło na ekranie płyty ratunkowej.\n\n + 4) Jeśli Windows jest uszkodzony i nie może się uruchomić, płyta ratunkowa VeraCrypt pozwala na trwale odszyfrować partycję lub dysk przed uruchomieniem Windows. Na ekranie płyty ratunkowej wybierz 'Repair Options' > 'Permanently decrypt system partition/drive'. Wprowadź poprawne hasło i poczekaj aż odszyfrowywanie się zakończy. Można wtedy np. uruchomić dysk instalacyjny w celu naprawy instalacji Windows.\n\n + Uwaga: Innym wyjściem, jeśli Windows jest uszkodzony (nie może się uruchomić) i chcesz go naprawić (lub uzyskać dostęp do jego plików), można uniknąć odszyfrowywania artycję lub dysk systemowy wykonując następujące kroki: Jeśli zainstalowano wiele systemów operacyjnych na komputerze, uruchom ten, który nie wymaga autentykacji przeduruchomieniowej. Jeśli jest tylko jeden system zainstalowany na komputerze, można uruchomić system z CD/DVD WinPE lub BartPE lub można podłączyć dysk systemowy jako dysk drugorzędny lub zewnętrzny do innego komputera i uruchomić system operacyjny zainstalowany na komputerze. Po uruchomieniu systemu uruchom VeraCrypt, wciśnij 'Wybierz Urządzenie', wskaż tą dołączoną partycję systemową, wciśnij 'OK', po czym wybierz 'System' > 'Mount Without Pre-Boot Authentication', wprowadź przeduruchomieniowe hasło autentykacyjnei wciśnij 'OK'. Partycja zostanie zamontowana jako zwykły wolumen VeraCrypt (dane będą szyfrowane/rozszyfrowywane w locie w RAM podczas dostępu, jak zwykle).\n\n\n + Zauważ, że nawet jeśli stracisz swoją płytę ratunkową VeraCrypt i napastnik ją odnajdzie, NIE będzie w stanie odszyfrować partycji systemowej czy dysku bez poprawnego hasła. + \n\nW A Ż N E -- WYDRUKUJ TO JEŻELI TO MOŻLIWE (kliknij 'Drukuj').\n\n\nUwaga: Ten tekst będzie automatycznie wyświetlany za każdym razem, gdy uruchomisz ukryty system operacyjny dopóki nie zaczniesz tworzyć zwodzącego systemu operacyjnego.\n\n\n + Jak utworzyć system zwodzący spokojnie i bezpiecznie ----------------------------------------------------------------------------\n\nAby osiągnąć wiarygodne możliwości kontroli, musisz teraz utworzyć system zwodzący. By to osiągnąć, wykonaj następujące kroki:\n\n + 1) Ze względów bezpieczeństwa wyłącz komputer i pozostaw wyłączony co najmniej kilka minut (im dłużej tym lepiej). Jest to konieczne, aby wyczyścić pamięć, która zawiera wrażliwe dane. Następnie włącz komputer ale nie ładuj ukrytego systemu.\n\n + 2) Zainstaluj Windows na partycji, której zawartość ma być usunięta (tj. na partycji, której ukryty system jest klonem, został zainstalowany).\n\nWAŻNE: GDY ROZPOCZNIESZ INSTALACJĘ SYSTEMU ZWODZĄCEGO, SYSTEM UKRYTY *NIE* BĘDZIE MIAŁ MOŻLIWOŚCI URUCHOMIENIA (ponieważ program startowy VeraCrypt zostanie wymazany przez instalator systemu Windows). JEST TO NORMALNE I OCZEKIWANE. NIE PANIKOWAĆ. DOSTĘP DO URUCHOMIENIA UKRYTEGO SYSTEMU ZOSTANIE PRZYWRÓCONY PO ZASZYFROWANIU SYSTEMU ZWODZĄCEGO (ponieważ VeraCrypt zainstaluje wtedy automatycznie program startowy VeraCrypt na dysku systemowym).\n\nWażne: Wielkość partycji wydawać się taka sama jak wielkość ukrytego wolumenu (ten warunek będzie teraz spełniony). Ponadto, musisz nie możesz tworzyć żadnych partycji pomiędzy partycją systemu zwodzącego i partycją na której umieszczono system ukryty.\n\n + 3) Uruchom system zwodzący (zainstalowany w kroku 2 i zainstaluj na nim VeraCrypt).\n\nZapamiętaj, że system zwodzący nie może zawierać żadnych wrażliwych danych.\n\n + 4) W systemie zwodzącym uruchom VeraCrypt i wybierz 'System' > 'Szyfruj partycję lub dysk systemowy'. Powinno pojawić się okno Kreatora Tworzenia Wolumenu VeraCrypt.\n\nWykonaj następujące kroki w Kreatorze Tworzenia Wolumenu VeraCrypt.\n\n + 5) W Kreatorze Tworzenia Wolumenu VeraCrypt, NIE wybieraj opcji 'Ukryty'. Pozostaw zaznaczoną opcję 'Normalny' i wciśnij 'Dalej'.\n\n + 6) Wybierz opcję 'Koduj partycję systemową Windows' a następnie wciśnij 'Dalej'.\n\n + 7) Jeśli na komputerze zainstalowano tylko systemy ukryty i zwodzący, wybierz opcję 'Jeden system' (jeśli jest więcej niż te dwa systemy na komputerze, wybierz 'Wiele systemów'). Następnie wciśnij 'Dalej'.\n\n + 8) WAŻNE: W TYM KROKU, DLA SYSTEMU ZWODZĄCEGO MUSISZ WYBRAĆ TEN SAM ALGORYTM SZYFROWANIA I ALGORYTM HASZOWANIA, KTÓRY WYBRAŁEŚ DLA SYSTEMU UKRYTEGO! W PRZECIWNYM RAZIE UKRYTY SYSTEM POZOSTANIE NIEDOSTĘPNY! Innymi słowy, system zwodzący musi być zaszyfrowany tym samym algorytmem szyfrującym jak system ukryty. Uwaga: Powodem tego jest fakt, że system zwodzący i ukryty dzielą ten sam program startowy, który wspiera tylko jeden algorytm, wybrany przez użytkownika (dla każdego algorytmu jest dedykowana wersja programu startowego VeraCrypt).\n\n + 9) W tym kroku wybierz hasło dla zwodzącego systemu operacyjnego. Będzie to hasło, które możesz wyjawić przeciwnikowi jeśli będziesz proszony lub zmuszony wyjawić przeduruchomieniowe hasło autentykacyjne (innym hasłem, które możesz podać jest hasło do modułu zewnętrznego). Istnienie trzeciego hasła (tj przeduruchomieniowego hasła autentykacyjnego do ukrytego systemu operacyjnego) powinno pozostać tajemnicą.\n\nWażne: Hasło wybrane do systemu zwodzącego musi znacznie różnić się od tego do wolumenu ukrytego (tj do ukrytego systemu operacyjnego).\n\n + 10) Wykonuj następne instrukcje kreatora aż do zaszyfrowania zwodzącego systemu operacyjnego.\n\n\n\n + Po Utworzeniu Zwodzącego Systemu Operacyjnego ------------------------------------------------\n\nPo zaszyfrowaniu systemu zwodzącego cały proces tworzenia ukrytego systemu operacyjnego zostanie zakończony i będziesz mógł używać trzech haseł:\n\n1) Przeduruchomieniowe hasło autentykacyjne do ukrytego systemu operacyjnego.\n\n2) Przeduruchomieniowe hasło autentykacyjne dla zwodzącego systemu operacyjnego.\n\n3) Hasło do zewnętrznego wolumenu.\n\n + Jeśli chcesz uruchomić ukryty system operacyjny, wystarczy tylko wpisać hasło do ukrytego systemu operacyjnego na ekranie programu startowego VeraCrypt (który pojawia się po włączeniu lub restarcie komputera).\n\nJeśli chcesz uruchomić zwodzący system operacyjny, wystarczy wpisać hasło dla zwodzącego systemu operacyjnego na ekranie programu startowego VeraCrypt.\n\nHasło do zwodzącego systemu operacyjnego może zostać ujawnione każdemu zmuszającemu Cię do zdradzenia przeduruchomieniowego hasła autentykacyjnego. Istnienie ukrytego wolumenu (i ukrytego systemu operacyjnego) pozostanie tajemnicą.\n\n + Trzecie hasło (do wolumenu zewnętrznego) może zostać wyjawiony każdemu zmuszającemu do zdradzenia hasła do pierwszej partycji za partycją systemową, gdzie mieszczą się wolumen zewnętrzny i ukryty (zawierający ukryty system operacyjny). Istnienie ukrytego wolumenu (i ukrytego systemu operacyjnego) pozostanie tajemnicą.\n\n\n + Jeśli zdradziłeś hasło do zwodzącego systemu operacyjnego przeciwnikowi a ten spyta, czemu wolna przestrzeń (zwodzącej) partycji systemowej zawiera dane losowe, możesz odpowiedzieć na przykład: "Partycja zawierała przedtem system zaszyfrowany przez VeraCrypt, ale zapomniałem przeduruchomieniowego hasła autentykacyjnego (albo system został uszkodzony i przestał się uruchamiać), więc musiałem ponownie zainstalować partycję windows i zaszyfrować ją."\n\n\n + Jeśli wykonano wszystkie instrukcje i zapewniono wszystkie środki ostrożności i i wymagania wymienione w sekcji "Security Requirements and Precautions Pertaining to Hidden Volumes" w instrukcji użytkownika VeraCrypt, powinno być niemożliwe udowodnienie, że ukryty wolumen i ukryty system operacyjny istnieje, nawet gdy zewnętrzny wolumen został zamontowany lub gdy zwodzący system operacyjny jest odcyfrowany i uruchomiony.\n\nJeśli zapiszesz kopię tego tekstu lub wydrukujesz go (gorąco polecane, chyba, że drukarka przechowuje kopie drukowanych dokumentów na wewnętrznym dysku), musisz zniszczyć wszystkie jego kopie po utworzeniu systemu zwodzącego i zrozumieniu wszystkich informacji zawartych w tekście (w przeciwnym przypadku, jeśli taka kopia zostanie znaleziona, mogłaby wskazywać, że na tym komputerze zainstalowano ukryty system operacyjny).\n\n + UWAGA: JEŚLI NIE CHRONISZ UKRYTEGO WOLUMENU (by uzyskać informację jak to zrobić, sprawdź sekcję "Protection of Hidden Volumes Against Damage" w Instrukcji Użytkownika VeraCrypt), NIE ZAPISYWAĆ DANYCH NA WOLUMENIE ZEWNĘTRZNYM (zauważ że zwodzący system operacyjny NIE jest zainstalowany na wolumenie zewnętrznym). W PRZECIWNYM PRZYPADKU MOŻESZ NADPISAĆ I USZKODZIĆ UKRYTY WOLUMEN (I UKRYTY SYSTEM OPERACYJNY NA NIM)! + Klonowanie Systemu Operacyjnego + W następnym kroku, VeraCrypt będzie tworzył ukryty system operacyjny przez skopiowanie zawartości partycji systemowej do ukrytego wolumenu (kopiowane dane zostaną zaszyfrowane "w locie" z innym kluczem niż został użyty w zwodzącym systemie operacyjnym).\n\nProszę pamiętać, że proces zacznie się od pre-boot (przed uruchomieniem Windows) i może zabrać dość dużo czasu aż skończy; od kilu godzin lub nieraz kliku dni (w zależności od wielkości partycji systemowej i wydajności twojego komputera).\n\nMożesz przerwać proces, wyłączając komputer, a proces wznowi się, gdy włączysz go ponownie. Jednakże, jeżeli przerwiesz proces, cały proces kopiowania zacznie się od początku (ponieważ zawartość systemowej partycji nie może ulec zmianie podczas klonowania). + Czy chcesz anulować cały proces tworzenia ukrytego systemu operacyjnego?\n\nInfo: Nie będziesz mógł wznowić procesu jeżeli go anulujesz teraz. + Chcesz anulować test szyfrowania systemu? + Test szyfrowania systemu przez program VeraCrypt nie powiódł się. Czy chcesz spróbować jeszcze raz?\n\nJeśli wybierzesz 'Nie', komponent odpowiedzialny za uwierzytelnienie przed uruchomieniem zostanie odinstalowany.\n\nUwagi: \n\n- Jeśli program startowy VeraCrypt nie pytał o hasło przed uruchomieniem systemu Windows, jest możliwe, że system operacyjny nie startuje z dysku, na którym jest zainstalowany. \n\n- Jeśli używasz algorytmu szyfrującego innego niż AES i test się nie powiódł (po wpisaniu hasła), mogło to być spowodowane przez niepoprawnie przydzielony sterownik. Wybierz 'Nie' i spróbuj zaszyfrować ponownie partycję lub dysk systemowy, jednak przy użyciu algorytmu szyfrowania AES (który ma najmniejsze wymagania co do pamięci).\n\n- Więcej możliwych powodów i rozwiązań na stronie https://veracrypt.codeplex.com/wikipage?title=Troubleshooting (w języku angielskim). + Partycja/dysk systemowy nie jest zaszyfrowany (ani częściowo, ani w pełni). + Partycja/dysk systemowy jest zaszyfrowany (częściowo lub całkowicie).\n\nOdszyfruj partycję lub dysk systemowy przed kontynuowaniem. W tym celu wybierz opcję 'System' > 'Trwale odszyfruj partycję lub dysk systemowy' w menu głównym programu VeraCrypt. + Kiedy systemowa partycja/dysk jest zaszyfrowany (częściowo lub całkowicie), nie możesz wykonać instalacji wcześniejszej wersji VeraCrypt (ale możesz zrobić aktualizacji lub reinstalację tej samej wersji). + Partycja/dysk systemowy jest właśnie w trakcie szyfrowania, odszyfrowywania lub jest modyfikowany w inny sposób. Aby kontynuować, przerwij ten proces (lub poczekaj na jego zakończenie). + Instancja kreatora tworzenia wolumenu programu VeraCrypt jest w tej chwili uruchomiona i wykonuje operację szyfrowania/deszyfrowania partycji/dysku systemowego. Aby kontynuować, przerwij ten proces (lub poczekaj na jego zakończenie). Jeśli zamknięcie nie jest możliwe, zrestartuj komputer przed kontynuowaniem. + Proces szyfrowania lub deszyfrowania partycji/dysku systemowego nie został zakończony. Aby kontynuować, przerwij ten proces (lub poczekaj na jego zakończenie). + Błąd: Proces szyfrowania partycji lub dysku systemowego nie został zakończony. Ten proces musi zostać najpierw zakończony. + Błąd: Proces szyfrowania partycji/wolumenu nie jest kompletny. Musi być najpierw kompletny.\n\nUwaga: Aby wznowić proces, wybierz 'Wolumeny' > 'Kontynuuj przerwany proces' z menu głównego okna VeraCrypt. + Hasło jest poprawne, VeraCrypt poprawnie odszyfrował nagłówek wolumenu i wykrył że wolumen jest ukrytym wolumenem systemowym. Dlatego, nie możesz modyfikować nagłówka ukrytego wolumenu systemowego w tym kroku.\n\nAby zmienić hasło dla ukrytego wolumenu systemowego, uruchom system operacyjny zlokalizowany na ukrytym wolumenie, i wybierz 'System' > 'Zmień hasło' z menu głównego okna VeraCrypt.\n\nAby zmienić algorytm klucz nagłówka, uruchom ukryty system operacyjny i wybierz 'System' > 'Ustaw algorytm klucza nagłówka'. + VeraCrypt nie obsługuje odszyfrowania "w locie" ukrytego systemu operacyjnego.\n\nUwaga: Jeżeli chcesz odszyfrować partycję systemu zwodzącego, uruchom system zwodzący i wybierz 'System' > 'Trwale odszyfruj partycję lub dysk systemowy' z menu w głównym oknie VeraCrypt. + Błąd: Niepoprawny parametr. + Wybrano partycję lub urządzenie ale wybrany tryb kreatora jest odpowiedni tylko dla kontenerów plikowych.\n\nCzy zmienić tryb kreatora? + Czy zamiast tego utworzyć kontener plikowy VeraCrypt? + Wybrałeś systemową partycję lub dysk (lub partycję startową), ale w trybie kreatora możesz zaznaczyć tylko nie-systemowe partycje/dyski.\n\nCzy chcesz ustawić autoryzację przed uruchomieniem (co oznacza, że będziesz musiał wpisać hasło za każdym razem przed startowaniem Windows) i zaszyfrować systemową partycję lub dysk? + Czy na pewno trwale zdeszyfrować partycję lub dysk systemowy? + OSTRZEŻENIE: W wyniku trwałego odszyfrowania partycji/dysku systemowego zostaną na nim zapisane niezaszyfrowane dane.\n\nCzy na pewno trwale zdeszyfrować partycję lub dysk systemowy? + Czy na pewno chcesz trwale odszyfrować następujący wolumen? + OSTRZEŻENIE: Jeżeli trwale odszyfrujesz wolumen VeraCrypt, niezaszyfrowane dane zostaną zapisane na dysku.\n\nCzy na pewno chcesz trwale odszyfrować wybrany wolumen? + OSTRZEŻENIE: Jeżeli używasz kaskadowego szyfrowania w systemie, możesz spotkać się z:\n\n1) Program startowym VeraCrypt jest większy niż normalny ponieważ, nie ma miejsca w pierwszej ścieżce dysku na kopię programu startowego VeraCrypt. Stąd, ilekroć zostanie uszkodzony (co zdarza się często, np. podczas uruchamiania pirackiego oprogramowania modyfikującego sektory startowe), możesz wymagać użycia płyty ratunkowej VeraCrypt do uruchomienia lub do naprawy programu startowego VeraCrypt.\n\n2) Z powodu podniesienia wymagań ilości pamięci, możne być niemożliwe zaszyfrowanie partycji/dysku.\n\n3) Na niektórych komputerach, po włączeniu po długim czasie hibernacji.\n\nTych potencjalnych problemów unikamy stosując nie kaskadowych algorytmów szyfrowania (np. AES).\n\nCzy jesteś pewien, że chcesz użyć kaskadowych algorytmów szyfrowania? + W przypadku wystąpienia jednego z poprzednio opisanych problemów, odszyfruj partycję lub dysk systemowy (jeśli jest zaszyfrowany), następnie zaszyfruj go, używając niekaskadowego algorytmu szyfrowania (np. AES). + OSTRZEŻENIE: Dla bezpieczeństwa, powinieneś uaktualnić VeraCrypt na pierwszym systemie operacyjnym przed aktualizacją na ukrytym systemie operacyjnym.\n\nAby to zrobić, wystartuj system zwodzący i zainstaluj na nim VeraCrypt. Później uruchom ukryty system i uruchom instalacje.\n\nUwaga: System zwodzący i ukryty współdzielą ten sam program startowy. Jeżeli uaktualnisz VeraCrypt tylko w ukrytym systemie (a nie w systemie zwodzącym), system zwodzący może zawierać sterownik i aplikację VeraCrypt której wersja jest różna od wersji programu startowego VeraCrypt. Taka rozbieżność może wskazywać, że na tym komputerze jest ukryty system.\n\n\nCzy chcesz kontynuować? (Nie polecane.) + Wersja programu startowego VeraCrypt wystartowanego na tym systemie operacyjnym jest różna z wersją VeraCrypt zainstalowanego w tym systemie.\n\nPowinieneś uruchomić instalację VeraCrypt (gdzie wersja VeraCrypt jest taka sama jak użyta w programie startowym), aby zaktualizować VeraCrypt w systemie operacyjnym. + Numer wersji programu startowego VeraCrypt który uruchomił system operacyjny jest inna niż wersja sterownika VeraCrypt (oraz aplikacji VeraCrypt) zainstalowany w systemie. Zauważ, że starsze wersje mogą zawierać błędy poprawione w nowszych wersjach.\n\nJeśli nie startowałeś z płyty ratunkowej VeraCrypt, powinieneś przeinstalować VeraCrypt lub aktualizować do najnowszej stabilnej wersji (program startowy zostanie również zaktualizowany).\n\nJeśli startowałeś z płyty ratunkowej VeraCrypt, powinieneś go aktualizować ('System' > 'Utwórz płytę ratunkową'). + Program startowy VeraCrypt został zaktualizowany.\n\nStanowczo zaleca się utworzenie nowej płyty ratunkowej VeraCrypt (która będzie zawierała nową wersję programu startowego VeraCrypt). W tym celu zrestartuj komputer i wybierz opcję 'System' > 'Utwórz płytę ratunkową'. + Program startowy VeraCrypt został zaktualizowany.\n\nRekomendowane i wymagane jest zrestartowanie systemu operacyjnego i wykonanie nowej płyty ratunkowej VeraCrypt (która będzie zawierała nową wersję programu startowego VeraCrypt) przez wybranie 'System' > 'Twórz płytę ratunkową'. + Nie można zaktualizować programu startowego VeraCrypt. + VeraCrypt nie mógł ustalić rzeczywistej wielkości dysku systemowego, dlatego zostanie użyta wielkość dysku jaką raportuje system operacyjny (która może być mniejsza niż rzeczywista wielkość dysku). Jednak to nie jest błąd w VeraCrypt. + OSTRZEŻENIE: Wygląda na to, że program VeraCrypt już próbował wykryć ukryte sektory na tym dysku systemowym. Jeśli w poprzednim procesie wykrywania wystąpiły jakieś problemy, można je ominąć, pomijając wykrywanie ukrytych sektorów. W takim wypadku program VeraCrypt użyje wielkości zgłaszanej przez system operacyjny (która może być mniejsza od wielkości rzeczywistej). Ten problem nie jest spowodowany przez błąd w programie VeraCrypt. + Pomiń wykrywanie ukrytych sektorów (użyj wielkości zgłaszanej przez system operacyjny) + Ponownie spróbuj wykryć ukryte sektory + BŁĄD: Zawartość jednego lub więcej sektorów dysku nie może być odczytana.\n\nProces szyfrowania może zostać kontynuowany tylko gdy sektory będą ponownie możliwe do odczytu. VeraCrypt spróbuje uczynić te sektory dostępne poprzez zapisanie w nich wartości zerowych (następnie wszystkie zerowe bloki zostaną zaszyfrowane). Jednakże, wszystkie dane zapisane w nieodczytywalnych sektorach zostaną zniszczone. Jeżeli chcesz tego uniknąć, możesz przystąpić do odratowania części uszkodzonych danych (ignorując wszystkie błędy sum kontrolnych) używając oprogramowania firm trzecich.\n\nUwaga: W przypadku fizycznego uszkodzenia sektorów (w przeciwieństwie do zwykłego naruszenia integralności danych i błędów sumy kontrolnej) większość urządzeń wewnętrznie przesuwa sektory kiedy dane mają zostać zapisane do nich (więc istniejące dane w uszkodzonych sektorach mogą być niezaszyfrowane na urządzeniu).\n\nCzy chcesz, aby VeraCrypt zapisał zerami nieodczytywalne sektory? + BŁĄD: Zawartość jednego bądź więcej sektorów dysku nie może być odczytany (prawdopodobnie jest problem sprzętowy).\n\nAby dokonać odszyfrowania, VeraCrypt będzie odrzucać zawartość nieodczytywalnych sektorów (zawartość będzie wypełniona losowymi danymi). Proszę pamiętać że, przed uruchomieniem procesu, możesz odzyskać częsi uszkodzonych danych narzędziami trzecich firm.\n\nCzy chcesz, aby VeraCrypt odrzucił dane z nieodczytywalnych sektorów? + Uwaga: VeraCrypt zastąpił zawartość %I64d nieodczytywalego sektora (%s) zaszyfrowaną zerową, tekstową informacją w bloku. + Uwaga: VeraCrypt zastąpił zawartość %I64d nieodczytywalego sektora (%s) pseudolosowymi danymi. + Wprowadź hasło/PIN dla tokena '%s': + Aby pozwolić VeraCrypt na dostęp do tokena bezpieczeństwa lub karty pamięci, musisz najpierw zainstalować oprogramowanie biblioteki PKCS #11 dla tego tokena lub karty pamięci. Poszukiwana biblioteka może być na urządzeniu lub może być dostępna na stronach internetowych producenta lub firm trzecich.\n\nPo instalacji biblioteki, możesz dopiero ją ręcznie wybrać przez kliknięcie 'Wybierz bibliotekę' lub możesz pozwolić VeraCrypt znaleźć i wybrać automatycznie klikając 'Autowkrywanie biblioteki' (tylko katalog systemowy Windows będzie przeszukany). + Uwaga: Dla zainstalowania biblioteki PKCS #11 (lokalizacja i nazwa pliku) twojego tokena lub twojej karty pamięci, proszę sprawdź tą informację w dokumentacji użytego tokena, karty lub innego oprogramowania.\n\nNaciśnij 'OK' aby wybrać ścieżkę i plik. + W przypadku zezwolenia VeraCrypt do dostępu do tokenu bezpieczeństwa lub karty pamięci, musisz najpierw wskazać oprogramowanie biblioteki PKCS #11 do token/karty. Aby to zrobić, wybierz 'Ustawienia' > 'Tokeny bezpieczeństwa'. + Błąd przy zainicjowaniu biblioteki PKCS #11.\n\nProszę się upewnić, że wskazana ścieżka i nazwa pliku to poprawny plik biblioteki PKCS #11. Aby wskazać ścieżkę i plik biblioteki PKCS #11, wybierz 'Ustawienia' > 'Tokeny bezpieczeństwa'. + Nie znaleziono bibliotek PKCS #11 w katalogu Windows.\n\nProszę upewnić się, że biblioteki PKCS #11 do twojego tokena (lub twojej karty pamięci) są zainstalowane (poszukaj bibliotek, które współpracują z tokenem/kartą - mogą być one dostępne na stronach producentów lub partnerów). Jeżeli są zainstalowane w innym katalogu niż katalog systemowy Windows, kliknij 'Wybierz bibliotekę' i wskaż tą bibliotekę (np. w katalogu, gdzie jest zainstalowane oprogramowanie tokena/karty). + Nie znaleziono tokena zabezpieczenia.\n\nProszę się upewnić, że token jest podłączony do twojego komputera i że jest poprawnie zainstalowane urządzenie z tokenem. + Plik-klucz nie został znaleziony. + Istnieje plik-klucz tokena o tej samej nazwie. + Czy chcesz skasować zaznaczone pliki? + Błędna ścieżka do pliku-klucz tokena. + Błąd tokenu bezpieczeństwa + Niepoprawne hasło do tokena bezpieczeństwa. + Token bezpieczeństwa nie ma wystarczającej pamięci/przestrzeni, aby wykonać żądaną operację.\n\nJeśli próbujesz zaimportować plik-klucz, musisz wybrać mniejszy plik lub użyć pliku-klucza utworzonego przez VeraCrypt (wybierz 'Narzędzia' > 'Generator pliku-klucza'). + Wszystkie otwarte sesje tokenów bezpieczeństwa zostały zamknięte. + Wybierz token - plik-klucz bezpieczeństwa + Slot + Nazwa tokena + Nazwa pliku + WAŻNE: Proszę pamiętać, że hasło autoryzacyjne pre-boot jest zawsze pisane używając klawiatury w standardzie US (US keyboard layout). Dlatego wolumeny używające hasła pisanego w innym układzie klawiatury mogą być niemożliwe do podłączenia używając autoryzacji pre-boot (pamiętaj, że to nie jest błąd VeraCrypt). Aby pozwolić montować wolumen używając autoryzacji pre-boot, postępuj następująco:\n\n1) Kliknij 'Wybierz Plik' lub 'Wybierz Urządzenie' i wybierz wolumen. 2) Wybierz 'Wolumeny' > 'Zmień Hasło Wolumenu'. 3) Wprowadź bieżące hasło do wolumenu. 4) Zmień układ klawiatury na Angielski - English (US) - przez kliknięcie w Panelu Sterowania w Ustawienia Regionalne. 5) W VeraCrypt w polu nowe hasło wpisz hasło autoryzacyjne pre-boot. 6) Potwierdź nowe hasło przez ponowne jego wpisanie i kliknij 'OK'. UWAGA: Proszę pamiętać te kroki, hasła wolumenów zawsze są wpisywane używając układu klawiatury US (US keyboard layout) (on jest automatycznie wymuszany tylko w środowisku pre-boot). + Systemowe ulubione wolumeny będą montowane używając autoryzacyjnego hasła z pre-boot. Jeżeli jakieś ulubione wolumeny używają innych haseł, nie zostaną zamontowane. + Zauważ, że jeśli wymagasz zablokowania zwykłych akcji na wolumenach VeraCrypt (jak 'Odłącz wszystko', odłącz automatycznie, itd.) na ulubionych wolumenach, powinieneś zaznaczyć opcję 'Zezwalaj tylko administratorom przeglądać i odmontowywać ulubione wolumeny systemowe VeraCrypt'. Ponadto, gdy VeraCrypt działa bez uprawnień administratora (domyślnie na Windows Vista i późniejszych), ulubione wolumeny systemowe nie będą wyświetlone na liście liter dysków na głównym oknie aplikacji VeraCrypt. + WAŻNE: Pamiętaj o tym, że jeżeli ta opcja jest włączona i VeraCrypt nie ma uprawnień administracyjnych, montowane ulubione wolumeny NIE będą wyświetlone w oknie aplikacji VeraCrypt i nie będą mogły być odłączone. Dlatego, jeżeli potrzebujesz np. odłączyć ulubione systemowe wolumeny, proszę kliknąć prawy przycisk myszy na ikonie VeraCrypt (w Menu Start) i wybrać 'Uruchom jako administrator'. Takie same ograniczenia dotyczą funkcji odłączenia 'Odłącz wszystkie', funkcji 'Automatyczne-Odłączanie', skrótów klawiaturowych 'Odłącz wszystko' itp. + Zauważ, że to ustawienie zostanie aktywowane dopiero po restarcie systemu operacyjnego. + Błąd podczas parsowania wiersza poleceń. + Płyta ratunkowa + Wybierz &plik i podłącz... + Wybierz &dysk i podłącz... + Zezwalaj tylko administratorom przeglądać i odmontowywać ulubione wolumeny systemowe VeraCrypt + Montuj ulubione wolumeny systemowe podczas startu Windows (w początkowej fazie procedury startup) + OSTRZEŻENIE: System plików na wolumenie podłączonym jako '%s' nie został poprawnie odłączony i może to spowodować błędy. Używanie uszkodzonego systemu plików może spowodować utratę danych lub ich uszkodzenie.\n\nInformacja: Przed fizycznym usunięciem lub wyłączeniem urządzenia (np. dysków USB flash lub zewnętrznych dysków twardych) które są zamontowane VeraCrypt-em, powinieneś zawsze najpierw odłączyć wolumen w VeraCrypt.\n\n\nCzy chcesz pozwolić Windows wykryć i naprawiść (jeżeli umie) błędy na systemie plików? + OSTRZEŻENIE: Jeden lub więcej ulubionych systemowych wolumenów nie został poprawnie odmontowany i stąd system plików może zawierać błędy. Proszę zobaczyć do dziennika zdarzeń po więcej informacji.\n\nUżywając uszkodzonego systemu plików możesz utracić lub uszkodzić dane. Powinieneś sprawdzić dotknięty błędem wolumen/y na błędy (kliknij prawym przyciskiem na każdym z wolumenów VeraCrypt i wybierz 'Napraw System Plików'). + OSTRZEŻENIE: Naprawianie uszkodzonego systemu plików używając narzędzia Microsoft 'chkdsk' może spowodować utratę plików w uszkodzonym zakresie. Dlatego, zalecane jest najpierw skopiowanie plików umieszczonych w wolumenie VeraCrypt do innego dobrego wolumenu VeraCrypt.\n\nCzy chcesz teraz naprawiać system plików? + Wolumen '%s' został podłączony w trybie tylko do odczytu ponieważ nie ma prawa do zapisu.\n\nProszę upewnić się, że uprawnienia pliku kontenera zezwalają na jego zapis (kliknij prawy przycisk kontenera i wybierz Właściwości > Uprawnienia).\n\nPamiętaj o tym, używając Windows, możesz zobaczyć to ostrzeżenie za każdym razem jak zmienisz uprawnienia. To nie jest błąd VeraCrypt. Możliwym rozwiązaniem jest przesunięcie kontenera np. do twoich 'Moje dokumenty'.\n\nJeżeli rzeczywiście chcesz utrzymywać twój wolumen w trybie tylko do odczytu, to ustaw atrybut tylko do odczytu (prawy przycisk myszy na kontenerze - Właściwości > Tylko-do-odczytu), to wyłączy to ostrzeżenie. + Wolumen '%s' został podłączony w trybie tylko do odczyty ponieważ nie ma prawa zapisu.\n\nProszę się upewnić, że aplikacje (np. system antywirusowy) są dostępne na partycji/urządzeniu które znajduje się na wolumenie. + Wolumen '%s' został podłączony w trybie tylko do odczytu ponieważ system operacyjny raportuje że urządzenie jest zabezpieczone przed zapisem.\n\nProszę mieć na uwadze, że niektóre sterowniki do chipset-ów błędnie raportują zabezpieczenie przed zapisem urządzeń. To nie jest problem z VeraCrypt. Można ten problem rozwiązać przez uaktualnienie lub odinstalowanie sterowników (nie Microsoft) do chipsetu które są obecnie zainstalowane w systemie. + Zauważ, że technika Hyper-Threading oferuje wiele rdzeni logicznych na pojedynczy rdzeń fizyczny. Gdy Hyper Threading jest włączony, liczba wybrana powyżej reprezentuje liczbę procesorów/rdzeni logicznych. + %d wątek(ki) + Zauważ, że przyspieszenie sprzętowe AES jest zablokowane, co wpływa na wyniki testów (gorsza wydajność).\n\nAby aktywować przyspieszenie sprzętowe, wybierz 'Ustawienia' > 'Wydajność' i zaznaczyć odpowiednią opcję. + Zauważ, że liczba wątków jest obecnie ograniczona, co wpływa na wyniki testów (gorsza wydajność).\n\nAby wykorzystać pełny potencjał procesora(ów), wybierz 'Ustawienia' > 'Wydajność' i odznacz odpowiednią opcję. + Czy chcesz, aby VeraCrypt wyłączył ochronę zapisu na partycji/dysku? + UWAGA: Takie ustawienie może zmniejszyć wydajność.\n\nNa pewno wprowadzić to ustawienie? + Ostrzeżenie: Wolumen VeraCrypt automatycznie odłączony + Zanim fizycznie usuniesz lub wyłączysz nośnik zawierający podłączony wolumen, musisz najpierw zawsze odłączyć wolumen VeraCrypt.\n\nNieoczekiwane spontaniczne odłączenie jest często spowodowane sporadycznie rozłączający się przewód, napęd (obudowa), itp. + Ten wolumen został stworzony w TrueCrypt %x.%x, ale VeraCrypt obsługuje jedynie wolumeny TrueCrypt stworzone w serii TrueCrypt 6.x/7.x + Test + Plik-klucz + Backspace + Tab + Czyść + Enter + Pauza + Caps Lock + Spacja + Page Up + Page Down + End + Home + Strzałka w lewo + Strzałka w górę + Strzałka w prawo + Strzałka w dół + Klawisz wyboru + Klawisz drukowania + Klawisz wykonywania + Wydruk ekranu + Insert + Delete + Klawisz aplikacji + Sleep + Num Lock + Scroll Lock + Poprzednia strona + Następna strona + Odśwież stronę + Zatrzymaj przeglądanie + Przeszukiwanie + Ulubione + Strona WWW + Wyciszanie + Ciszej + Głośniej + Następna ścieżka + Poprzednia ścieżka + Zatrzymaj odtwarzanie + Odtwarzanie/Pauza + Klawisz poczty + Klawisz wyboru mediów + Aplikacja 1 + Aplikacja 2 + Attn + CrSel + ExSel + Odtwarzaj + Powiększ + NumPad + Shift + Control + Alt + Win + B + kB + MB + GB + TB + PB + B/s + kB/s + MB/s + GB/s + TB/s + PB/s + + Dołączaj &MOI w trakcie przechowywania hasła uwierzytelniania rozruchu wstępnego + Dołączaj MOI w trakcie przechowywania hasła w pamięci + Uczyń odłączone napędy sieciowe dostępnymi do montowania + Wpisane hasło jest zbyt długie: jego reprezentacja UTF-8 przekracza 64 bajty. + Wpisane hasło zawiera znaki Unicode, które nie mogą zostać przekonwertowane do reprezentacji UTF-8. + Błąd: Nie można załadować biblioteki systemowej. + Rozmiar pliku wolumenu, który określono w wierszu poleceń, jest niekompatybilny z wybranym systemem plików exFAT. + Losowość zebrana z ruchów myszką + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.pt-br.xml b/Translations/Language.pt-br.xml index 8efe6ea0..edda351e 100644 --- a/Translations/Language.pt-br.xml +++ b/Translations/Language.pt-br.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Cancelar - Instalar &para todos os usuários - Pro&curar... - Adicionar ícone à área de &trabalho - Donate now... - Associar a &extensão .hc ao VeraCrypt - &Abrir o local de destino quando concluído - Incluir o Veracrypt no menu &Iniciar - Criar um ponto de &restauração do sistema - &Desinstalar - &Extrair - &Instalar - Assistente de Instalação do VeraCrypt - Desinstalar o VeraCrypt - A&juda - Favor selecionar ou digitar o local onde você deseja que os arquivos sejam extraídos: - Favor selecionar ou digitar o local onde você deseja instalar o VeraCrypt. Se a pasta especificada não existir, ela será criada automaticamente. - Clique em Desinstalar para remover o VeraCrypt do sistema. - Abortar - &Benchmark - &Testar - Criar volume encriptado e formatá-lo - Criptografar partição no local - Exibir (parcialmente) chaves geradas - Mostrar conteúdo do pool - Baixar software de gravação de CD/DVD - Crie um recipiente de arquivo criptografado - & GB - & TB - Mais informações - Volume o&culto VeraCrypt - Mais informações sobre volumes ocultos - Modo direto - Modo normal - &KB - U&sar arquivos-chave - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - &Arquivos-chave... - Informação sobre algoritmos hash - Mais Informações - Information on PIM - &MB - Mais informações - Mais informações sobre criptografia do sistema - Mais informações - Boot múltiplo - Criptografar uma partição/unidade não-sistema - Nunca &salvar histórico - Abrir volume externo - &Pausar - Use P&IM - Use PIM - Formatação rápida - &Mostrar senha - &Mostrar senha - &Display PIM - Boot Único - Volume VeraCrypt padrão - O&culto - Normal - Criptografar a partição ou unidade de sistema inteira - Criptografar a partição de sistema do Windows - Criptografar a unidade inteira - Assistente de Criação de Volume VeraCrypt - Cluster - IMPORTANTE: Mova seu mouse tão aleatoriamente quanto possível nesta janela. Quanto mais você demorar movendo-o, melhor. Isto aumenta significativamente a força de criptografia das chaves. Depois clique em Avançar para continuar. - &Confirmar: - Concl. - Drive letter: - Algoritmo de Criptografia - Sistema de arquivos - Cria um disco virtual criptografado em um arquivo. Recomendado para usuários inexperientes. - Opções - Algoritmo de hash - Chave do cabeçalho: - Faltam - Chave mestra: - Selecione esta opção se houver dois ou mais sistemas operacionais instalados neste computador.\n\nPor exemplo:\n- Windows XP e Windows XP\n- Windows XP e Windows Vista\n- Windows e Mac OS X\n- Windows e Linux\n- Windows, Linux e Mac OS X - Criptografa uma partição não-sistema em qualquer unidade interna ou externa (por exemplo, um pendrive). Opcionalmente, cria um volume oculto. - Conteúdo atual do pool (parcial) - Passar - Senha: - Volume PIM: - Volume PIM: - Progresso: - Pool aleatório: - Selecione esta opção se houver apenas um sistema operacional instalado neste computador(mesmo se ele tiver vários usuários). - Velocid - Status - As chaves, salt e outros dados foram gerados com sucesso. Se você deseja gerar novas chaves, clique em Voltar e depois em Avançar. Caso contrário, clique em Avançar para continuar. - Criptografa a partição/unidade onde o Windows está instalado. Quem quiser ter acesso e utilizar o sistema, ler e escrever arquivos, etc, precisará digitar a senha correta toda vez antes de inicializar o Windows. Opcionalmente, cria um sistema oculto. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Modo de limpeza: - Fechar - Permitir que a autenticação pré-boot seja contornada pressionando a tecla Esc (permite gerenciador de inicialização) - Não executar - Montar &automaticamente um volume VeraCrypt (definido abaixo) - &Iniciar o VeraCrypt - Auto-&Detectar Biblioteca - &Armazenar temporariamente a senha de autenticação pré-boot na memória do driver (para a montagem de volumes sem sistema) - Explorar... - Explorar... - Mant&er senhas e arquivos-chave na memória - Sair quando não existirem volumes montados - Fe&char a sessão do token (deslogar) após um volume ser montado com sucesso - Include VeraCrypt Volume Expander - Incluir assistente de criação de volume VeraCrypt - Criar - &Criar Volume - Não mo&strar quaisquer textos na tela de autenticação pré-boot (exceto a mensagem personalizada abaixo) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Usar arquivos-chave - Usar arquivos-chave - Sai&r - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Atribuir - Remover - Arquivos-chave... - Do not use the following number of processors for encryption/decryption: - More information - More information - Mais Configurações ... - &Auto-montar Dispositivos - Mais &Opções... - Montar v&olume apenas para leitura - Arquivos-chave... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Ativado - Manter as senhas na memória do driver - Desmontar volume automaticamente se nenhum dado for lido/escrito por - Usuário fizer log-off - User session locked - Entrar em modo de economia de energia - Protetor de tela for ativado - Forçar desmonte automático mesmo que o volume tenha arquivos ou diretórios abertos - Montar todos os volumes armazenados no dispositivo - Iniciar VeraCrypt em Segundo Plano - Montar volumes apenas para leitura - Montar volumes como mídia removível - Abrir janela do Explorer para volumes montados com sucesso - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Apagar senhas ao desmontar automaticamente - Apagar senhas ao sair - Preserve modification timestamp of file containers - Resetar - Dis&positivo... - Ar&quivo... - Selecionar Bib&lioteca... - Mostrar senha - Mostrar senha - Abrir janela do &Explorer para os volumes montados - Armazenar as senhas na memória da unidade - TrueCrypt Mode - De&smontar Todos - Propriedades do &Volume - Ferramen&tas do Volume - &Limpar Cache - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - Atalhos - VeraCrypt - Mudar Senha ou Arquivos-Chaves - Digitar a Senha do Volume VeraCrypt - VeraCrypt - Performance and Driver Options - VeraCrypt - Preferências - VeraCrypt - Configurações de Criptografia de Sistema - VeraCrypt - Preferências de Token de Segurança - Configuração do VeraCrypt para Disco Removível - Propriedades do Volume VeraCrypt - Sobre... - Adicionar/Remover Arquivos-chave para/do Volume... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Backup do Cabeçalho do Volume... - Analisar... - Alterar Algoritmo de Derivação da Chave de Cabeçalho... - Mudar Senha do Volume... - Alterar Algoritmo de Derivação de Chave de Cabeçalho... - Mudar Senha... - Limpar Histórico do Volume - Fechar Todas As Sessões de Token de Segurança - Contato... - Criar Sistema Operacional Oculto ... - Criar Disco de Emergência... - Criar Novo Volume... - Permanently Decrypt... - Arquivos-chave padrão... - Default Mount Parameters... - Donate now... - Criptografar Unidade/Partição de Sistema... - Perguntas Frequentes - Guia do Usuário - &Site na Internet - Atalhos... - Gerador de arquivo-chave - Idioma... - Avisos Legais - Gerenciar Arquivos-chave de Token de Segurança... - Montar Automaticamente Todos os Volumes do Dispositivo - Montar Volumes Favoritos - Montar sem &Autenticação Pré-Boot... - Montar Volume - Montar Volume com Opções - Novidades - Ajuda On-line - Tutorial Para Iniciantes - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Descriptografar Unidade/Partição de Sistema Permanentemente - Preferências... - Atualizar Letras de Unidade - Remover todos os arquivos-chave do volume... - Restaurar Cabeçalho do Volume... - Continuar Processo Interrompido - Selecionar Dispositivo... - Selecionar Arquivo... - Continuar Processo Interrompido - Criptografia de Sistema... - Propriedades... - Configurações... - System Favorite Volumes... - Downloads - Vetores de Teste... - Tokens de Segurança... - Configurar Disco Removível... - Desmontar Todos os Volumes Montados - Desmontar Volume - Verificar Disco de Emergência - Verify Rescue Disk ISO Image - Histórico de Versões - Volume Expander - Propriedades do Volume - Assistente de Criação de Volume - Website do VeraCrypt - Apagar Senhas em Memória - OK - Hardware Acceleration - Atalho - Configuração de Execução Automática (autorun.inf) - Desmontar Automaticamente - Desmontar todos quando: - Opções da Tela de Carregamento do Boot - Confirmar Senha: - Atual - Mostrar esta mensagem personalizada na tela de autenticação pré-boot (24 caracteres no máximo): - Opções Padrão de Montagem - Opções de Atalhos - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Configurações de Arquivo - Chave a atribuir: - Processor (CPU) in this computer supports hardware acceleration for AES: - Ações a executar ao logar no Windows - minutos - Montar disco como drive: - Configurações de montagem - Novo - Senha: - Thread-Based Parallelization - Caminho da Biblioteca PKCS #11 - PKCS-5 PRF: - PKCS-5 PRF: - Cache de senhas - Opções de Segurança - Execução em Segundo Plano - Volume VeraCrypt a montar (em relação à raiz do disco removível): - Ao inserir o disco removível: - Criar arquivos de disco removível em (diretório raiz do disco removível): - Disco - Windows - Incluir &Caminho... - &Auto-Testar Todos - Con&tinuar - &Descriptografar - &Excluir - &Criptografar - &Exportar... - Gerar e Salvar Arquivo-Chave... - &Gerar Arquivo-Chave Aleatório... - Download de pacote de idioma - Hardware-accelerated AES: - &Importar Arquivo-Chave para Token... - Mais &Arquivos... - &Usar Arquivos-chave - Ar&quivos-chave... - &Remover - Remover &Todos - O que é a proteção de volume oculto? - Sobre Arquivos-chave - Montar &volume como mídia removível - Montar par&tição usando criptografia de sistema sem autenticação pré-boot - Parallelization: - Analisar - Im&primir - &Proteger disco oculto contra danos por gravações no volume externo - &Resetar - &Mostrar senha - Arquivos de To&ken - Usar &cabeçalho de backup embutido no volume se disponível - Modo XTS - Sobre o VeraCrypt - VeraCrypt - Analisar Algoritmo de Criptografia - VeraCrypt - Vetores de Teste - Ajuda de Linha de Comando - VeraCrypt - Arquivos-chave - VeraCrypt - Gerador de Arquivos-chave - VeraCrypt - Idioma - VeraCrypt - Opções de montagem - Propriedades de Novo Arquivo-Chave de Token de Segurança - VeraCrypt - Melhoramento do Pool Aleatório - Selecione uma partição ou dispositivo - VeraCrypt - Arquivos-Chave de Token de Segurança - Senha/PIN do Token de Segurança Exigida - Pacote de Idioma Ativo - A velocidade é afetada pela carga da CPU e pelas características dos dispositivos de armazenamento.\n\nEste teste é feito em RAM. - Tam. do Buffer: - Cifra: - Sen&ha para o volume oculto:\n(cache usado se vazio) - Proteção de Volume Oculto - Tam. da chave: - IMPORTANTE: Mova seu mouse tão aleatoriamente quanto possível nesta janela. Quanto mais você demorar movendo-o, melhor. Isto aumenta significativamente a força de criptografia do arquivo-chave. - ALERTA: Se você perder um arquivo-chave ou algum bit dos seus primeiros 1024 kilobytes for alterado, será impossível montar os volumes que usam esse arquivo-chave! - bits - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Traduzido por: - Tamanho do Texto em Claro: - bits - Conteúdo Atual do Pool - PRF de mistura: - IMPORTANTE: Mova seu mouse o mais aleatoriamente possível dentro desta janela. Quanto mais você movê-lo, melhor. Isto aumentará significativamente a segurança. Quando terminar, clique em 'Continuar'. - Chave secundária (hexadecimal) - Token de Segurança: - Ordenar por: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Número do Bloco: - Texto cifrado (hexadecimal) - Número de unidade de dados (hexadecimal de 64 bits, tamanho da unidade de dados: 512 bytes) - Chave (hexadecimal) - Texto em claro (hexadecimal) - Nome do Arquivo-Chave: - Modo XTS - S&istema - &Volumes - Favor&ites - &Ferramentas - Confi&gurações - A&juda - Site na Internet - - &Sobre... - O atributo de somente-leitura de seu disco antigo não pôde ser alterado. Por favor verifique as permissões de acesso ao arquivo. - Erro: Acesso negado.\n\nA partição que você está tentando acessar tem 0 setores ou é o dispositivo de sistema. - Administrator - Para carregar o driver do VeraCrypt, você deve estar logado em uma conta com privilégio de administrador. - Para criptografar/Descriptografar/formatar uma partição/dispositivo você deve estar logado em uma conta com privilégios de administrador.\n\nIsto não se aplica a volumes armazenados em arquivos. - Para criar um disco oculto, você deve estar logado em uma conta com privilégios de administrador.\n\nDeseja continuar? - Para formatar o disco como NTFS você precisa estar logado em uma conta com privilégios de administrador.\n\nSem estes privilégios, você pode formatar o disco como FAT. - Cifra aprovada pela FIPS (Rijndael, publicada em 1998) para ser usada pelos departamentos e agências do governo dos EUA para proteger as informações mais confidenciais. Chave de 256 bits, bloco de 128 bits, 14 ciclos (AES-256). Modo de operação XTS. - O volume já está montado. - ATENÇÃO: Pelo menos um algoritmo de criptografia ou hash falhou no teste automático.\n\nA instalação do VeraCrypt pode estar corrompida. - ATENÇÃO: Não há dados suficientes no pool do Gerador de Números Aleatórios para prover a quantidade necessária.\n\nVocê não deve continuar. Selecione 'Relatar erro' no menu Ajuda e relate este erro. - A unidade está danificada (há um defeito físico) ou um cabo está danificado, ou a memória está com problemas .\n\nPor favor note que este é um problema com seu hardware, e não com VeraCrypt. Portanto, por favor, NÃO reporte isto como um erro/problema no VeraCrypt e NÃO peça ajuda sobre isto nos Fóruns do VeraCrypt. Entre em contato com o suporte técnico do fornecedor do computador para assistência. Obrigado.\n\nNota: Se o erro ocorrer repetidamente no mesmo local, muito provavelmente é causado por um bloco defeituoso do disco, o que deve ser possível corrigir usando softwares de terceiros (note que, em muitos casos, o comando 'cchkdsk /r' não o corrige, porque ele só funciona no nível de sistema de arquivos; em alguns casos, o 'chkdsk' nem mesmo pode detectá-lo). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - O seu sistema parece usar drivers personalizados de chipset que contêm um erro que impede a criptografia de toda a unidade de sistema.\n\nTente atualizar ou desinstalar qualquer driver personalizado de chipset antes de prosseguir. Se isso não ajudar, tente criptografar somente a partição do sistema. - Letra de drive inválida. - Caminho inválido. - &Cancelar - Acesso ao dispositivo negado. Favor garantir que o dispositivo selecionado existe e não é usado pelo sistema. - AVISO: A tecla 'Caps Lock' está ligada. Isto pode causar erros na digitação da senha. - Tipo de Volume - Pode acontecer de você ser forçado por alguém a revelar a senha de um volume criptografado. Há muitas situações em que não é possível recusar-se a revelar a senha (por exemplo, extorsão). Usar o volume oculto permite resolver essas situações sem revelar a senha do volume. - Selecione esta opção se você deseja criar um volume VeraCrypt normal. - Observe que, se você quiser instalar um sistema operacional em um volume de uma partição oculta, então não será possível criptografar toda a unidade de sistema usando uma única chave. - Opções de Criptografia para o Volume Externo - Opções de Criptografia para o Volume Oculto - Opções de Criptografia - AVISO: Falha ao limpar o caminho do último disco/arquivo-chave selecionado (mantido via 'seletor de arquivos')! - Erro: O recipiente foi compactado a nível de sistema de arquivo. O VeraCrypt não suporta recipientes compactados (observe que compressão de dados criptografados é ineficiente e redundante).\n\nPor favor, desative a compressão do recipiente através dos seguintes passos: 1) Clique com o botão direito no arquivo recipiente no Windows Explorer (não no VeraCrypt). 2) Selecione 'Propriedades'. 3) Na caixa de diálogo 'Propriedades', clique 'Avançado'. 4) Em 'Atributos Avançados', desative a opção 'Compactar conteúdo para economizar espaço em disco' e clique 'OK'. 5) Na caixa de diálogo 'Propriedades', clique 'OK'. - Falha ao criar volumes %s - Tamanho de %s é %.2f bytes - Tamanho de %s é %.2f KB - Tamanho de %s é %.2f MB - Tamanho de %s é %.2f GB - Tamanho de %s é %.2f TB - Tamanho de %s é %.2f PB - AVISO: O dispositivo/partição está em uso pelo sistema operacional ou por programas. Formatar o dispositivo/partição pode causar corrupção de dados e instabilidade do sistema.\n\nDeseja continuar? - Aviso: A partição está em uso pelo sistema operacional ou aplicações. Você deve fechar todas as aplicações que possam estar utilizando a partição (incluindo software antivírus) .\n\nContinuar? - Erro: O dispositivo/partição contém um sistema de arquivo que não pôde ser desmontado. O sistema de arquivo pode estar em uso pelo sistema operacional. Formatar o dispositivo/partição provavelmente causaria corrupção de dados e instabilidade do sistema.\n\nPara resolver esse problema, recomendamos que você primeiro exclua a partição e depois a recrie sem formatar. Para isso, siga os seguintes passos: 1) Clique com o botão direito no ícone 'Meu Computador' no 'Menu Iniciar' e selecione 'Gerenciar'. A janela 'Gerenciamento do Computador' deverá aparecer. 2) Na janela 'Gerenciamento do Computador', selecione 'Armazenamento' e 'Gerenciamento de Disco'. 3) Clique na partição que você deseja criptografar e selecione 'Excluir Partição', 'Excluir Volume', ou 'Excluir Unidade Lógica'. 4) Clique 'Sim'. Se o Windows solicitar, reinicie o computador. Depois, repita os passos 1 e 2 e continue a partir do 5. 5) Clique no espaço não-alocado/livre e selecione 'Nova Partição', 'Novo Volume Simples', ou 'Nova Unidade Logica'. 6) O 'Assistente para Novas Partições' ou 'Assistente para Novo Volume' deverá aparecer agora; siga as instruções. Na página 'Formatar Partição', selecione 'Não formatar esta partição' ou 'Não formatar este volume'. No mesmo assistente, clique em 'Avançar' e em 'Concluir'. 7) Observe que o caminho de dispositivo que você selecionou no VeraCrypt pode estar errado agora. Por isso, saia do Assistente de Criação de Volume do VeraCrypt (se ainda estiver aberto) e abra novamente. 8) Tente criptografar o dispositivo/partição novamente.\n\nSe o VeraCrypt nao conseguir criptografar o dispositivo/partição novamente, você pode tentar criar um arquivo recipiente. - Erro: O sistema de arquivos não pôde ser bloqueado e/ou desmontado. Ele pode estar em uso pelo sistema operacional ou aplicativos (por exemplo, um software antivírus). Criptografar a partição pode causar corrupção de dados e instabilidade do sistema.\n\nPor favor, feche todos os programas que estejam usando o sistema de arquivos (incluindo antivírus) e tente novamente. Se isso não funcionar, siga os passos abaixo. - AVISO: Algumas das partições/dispositivos montados já estavam em uso!\n\nIgnorar este fato pode causar resultados indesejáveis, incluindo instabilidade do sistema.\n\nRecomendamos que você feche qualquer aplicativo que possa estar usando os dispositivos/partições. - O dispositivo selecionado contém partições.\n\nFormatar este dispositivo pode causar corrupção de dados e instabilidade do sistema. Por favor, selecione uma partição no dispositivo ou remova todas as partições e use o VeraCrypt para formatá-lo com segurança. - O dispositivo não-sistema selecionado contém partições.\n\nVolumes VeraCrypt em dispositivos criptografados podem ser criados dentro de dispositivos que não contenham partições (incluindo discos rígidos e drives de estado sólido). Um dispositivo que contém partições pode ser totalmente criptografado num local (utilizando uma única chave mestra), apenas se ele for a unidade onde o Windows está instalado e de onde ele inicializa .\n\nSe você quiser criptografar o dispositivo não-sistema selecionado usando uma única chave-mestra, será necessário remover todas as partições no dispositivo primeiro a fim de permitir que o VeraCrypt possa formatá-lo com segurança (formatar um dispositivo que contém partições poderia causar instabilidade no sistema e/ou corrupção de dados). Alternativamente, você pode criptografar cada partição na unidade individualmente (cada partição será criptografada usando uma chave mestra diferente).\n\nNota: Se você quiser remover todas as partições de um disco GPT, pode ser necessário convertê-lo para um disco MBR (por exemplo, usando a ferramenta Gerenciamento do computador), a fim de remover partições ocultas. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - A criptografia in-place de volumes sem sistema não é suportada na versão do sistema operacional que você está usando (suportada apenas no Windows Vista e versões posteriores).\n\nO motivo é que esta versão do Windows não suporta compactação do sistema de arquivos (ele precisa ser compactado para criar espaço para o cabeçalho do volume e para o cabeçalho de backup). - A partição selecionada não parece conter um sistema de arquivo NTFS. Apenas as partições que contém um sistema de arquivos NTFS podem ser criptografadas no local.\n\nNota: A razão é que o Windows não suporta compactação de outros tipos de sistemas de arquivos (o sistema de arquivos tem de ser compactado para criar espaço para o cabeçalho de volume e o cabeçalho de backup). - A partição selecionada não parece conter um sistema de arquivo NTFS. Apenas as partições que contém um sistema de arquivos NTFS podem ser criptografadas no local.\n\nSe você deseja criar um volume criptografado VeraCrypt dentro desta partição, escolha a opção 'Criar volume criptografado e formatá-lo' (em vez da opção 'Criptografar partição no local'). - Erro: A partição é muito pequena. O VeraCrypt não pode criptografá-la no local. - Para criptografar os dados nesta partição, siga estas etapas:\n\n1) Crie um volume VeraCrypt em uma partição/dispositivo vazia e depois monte-a.\n\n2) Copie todos os arquivos da partição que você pretendia criptografar inicialmente para o volume VeraCrypt montado (criado e montado no passo 1). Dessa forma, você vai criar um backup criptografado VeraCrypt dos dados.\n\n3) Crie um volume VeraCrypt na partição que você pretendia inicialmente criptografar e certifique-se de (no assistente do VeraCrypt) escolher a opção 'Criar volume criptografado e formatá-lo' (em vez da opção 'Criptografar partição no local'). Note que todos os dados armazenados na partição serão apagados. Após o volume ser criado, monte-o.\n\n4) Copie todos os arquivos do volume de backup VeraCrypt montado (criado e montado no passo 1 para o volume VeraCrypt montado que foi criado (e montado) no passo 3.\n\nDepois de concluir essas etapas, os dados serão criptografados e, além disso, haverá um backup criptografado dos dados. - O VeraCrypt pode criptografar no local apenas uma partição, um volume dinâmico, ou toda uma unidade de sistema.\n\nCaso deseje criar um volume VeraCrypt criptografado dentro do dispositivo não-sistema selecionado, escolha a opção 'Criar volume criptografado e formatá-lo' (em vez da opção 'Criptografar partição no local'). - Erro: O VeraCrypt pode criptografar no local apenas uma partição, um volume dinâmico, ou toda uma unidade de sistema. Verifique se o caminho especificado é válido. - Erro: Não é possível compactar o sistema de arquivos (o sistema de arquivos precisa ser compactado para criar espaço para o cabeçalho de volume e o cabeçalho de backup).\n\nPossíveis causas e soluções:\n\n- Espaço livre insuficiente no volume. Certifique-se que nenhuma outra aplicação está gravando no sistema de arquivos.\n\n- Sistema de arquivos corrompido. Tente verificar e corrigir eventuais erros (clique com o botão direito na letra do drive correspondente na lista do 'Meu Computador', depois selecione Propriedades > Ferramentas > 'Verificar agora', certifique-se que a opção 'Corrigir automaticamente erros no sistema de arquivos' está ativada e clique em Iniciar).\n\nSe as etapas acima não ajudarem, por favor, siga os passos abaixo. - Erro: Não há espaço livre suficiente no volume e, portanto, o sistema de arquivos não pode ser compactado (o sistema de arquivos precisa ser compactado para criar espaço para o cabeçalho de volume e o cabeçalho de backup).\n\nPor favor, exclua quaisquer arquivos redundantes e esvazie a lixeira a fim de liberar pelo menos 256 KB de espaço e então tente novamente. Note que devido a um problema do Windows, a quantidade de espaço livre indicada pelo Windows Explorer pode estar incorreta até o sistema operacional ser reiniciado. Se reiniciar o sistema não funcionar, o sistema de arquivos pode estar corrompido. Tente checá-lo e corrigir quaisquer erros (clique com o botão direito na letra do drive correspondente na lista do 'Meu Computador', depois selecione Propriedades > Ferramentas > 'Verificar agora', certifique-se que a opção 'Corrigir automaticamente erros no sistema de arquivos' está ativada e clique em Iniciar).\n\nSe as etapas acima não ajudarem, por favor, siga os passos abaixo. - Espaço livre na unidade %s é %.2f bytes - Espaço livre na unidade %s é %.2f KB - Espaço livre na unidade %s é %.2f MB - Espaço livre na unidade %s é %.2f GB - Espaço livre na unidade %s é %.2f TB - Espaço livre na unidade %s é %.2f PB - Não foi possível obter letras de drive disponíveis. - Erro: Driver do VeraCrypt não encontrado.\n\nFavor copiar os arquivos 'veracrypt.sys' e 'veracrypt-x64.sys' para a pasta onde o programa principal do VeraCrypt (VeraCrypt.exe) está localizado. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Erro: Falha ao iniciar a cifra. - Erro: Uma chave fraca ou potencialmente fraca foi detectada. A chave será descartada. Favor tentar novamente. - Um erro crítico ocorreu e o VeraCrypt deve ser encerrado. Se isto for causado por um bug no VeraCrypt, gostaríamos de corrigí-lo. Para nos ajudar, você pode nos enviar um relatório de erro gerado automaticamente contendo os seguintes itens:\n\n- Versão do programa\n- Versão do sistema operacional\n- Tipo de CPU\n- Nome do componente VeraCrypt\n- Checksum do executável do VeraCrypt\n- Nome simbólico da janela\n- Categoria do erro\n- Endereço do erro\n- Chamada de pilha do VeraCrypt\n\nSe você selecionar 'Sim', a seguinte URL (que contém todo o relatório de erro) será aberta no seu navegador de Internet padrão.\n\n%hs\n\nVocê deseja nos enviar o relatório de erro acima? - Um erro crítico ocorreu e o VeraCrypt deve ser encerrado.\n\nNote que este erro não foi causado pelo VeraCrypt (por isso seus desenvolvedores não pode corrigí-lo). Por favor, verifique o seu sistema para possíveis problemas (por exemplo, configuração de sistema, conexões de rede, falha em componentes de hardware). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - Erro Crítico do VeraCrypt - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Criptografar - &Descriptografar - &Descriptografar Definitivamente - Fechar - Favor criar uma unidade lógica para esta partição estendida e tentar novamente. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Volumes VeraCrypt em dispositivos criptografados podem ser criados dentro de partições em discos rígidos, unidades de estado sólido, memory sticks USB, bem como sobre quaisquer outros dispositivos de armazenamento suportados. Partições também podem ser codificadas no local.\n\nAlém disso, volumes VeraCrypt em dispositivos criptografados podem ser criados dentro de dispositivos que não contenham partições (incluindo discos rígidos e unidades de estado sólido).\n\nNota: Um dispositivo com partições pode ser totalmente criptografado no local (usando uma única chave) apenas se ele for a unidade onde o Windows está instalado e de onde ele inicializa. - Um Volumes VeraCrypt hopedado num dispositivo pode ser criado dentro de uma partição do disco rígido, unidade de estado sólido, memory stick USB, e outros dispositivos de armazenamento.\n\nATENÇÃO: Note que a partição/dispositivo será formatada e todos os dados armazenados no momento serão perdidas. - \nSelecione a localização do volume externo a ser criado (dentro deste volume o volume oculto será criado mais tarde sobre).\n\nVolumes externos podem ser criados dentro de partições em discos rígidos, unidades de estado sólido, memory sticks USB e em qualquer outro dispositivo de armazenamento suportado. Volumes externos também podem ser criados dentro de dispositivos que não contenham partições (incluindo discos rígidos e unidades de estado sólido).\n\nATENÇÃO: Note que a partição/dispositivo será formatada e todos os dados armazenados no momento serão perdido. - Selecione a localização do volume VeraCrypt dentro do qual você deseja criar o volume oculto. - AVISO: O arquivo ou dispositivo já está sendo usado!\n\nIgnorar este aviso pode levar a resultados indesejados incluindo instabilidade do sistema. Todos os aplicativos que possam estar usando o arquivo ou dispositivo (por exemplo, anti-vírus ou programas de backup) devem ser fechados antes de montar o volume.\n\nDeseja continuar? - Erro: O disco não pôde ser montado. O arquivo ou dispositivo já está em uso. A tentativa de montar sem acesso exclusivo também falhou. - O arquivo não pode ser aberto. - Localização do Volume - Arquivos Grandes - Você pretende armazenar arquivos maiores que 4 GB neste volume VeraCrypt? - Dependendo de sua escolha acima, o VeraCrypt irá escolher um sistema de arquivos padrão adequado para o VeraCrypt volume (você será capaz de escolher um sistema de arquivo na próxima etapa). - Como você está criando um volume externo, você deve considerar escolher 'Não'. Se você escolher 'Sim', o sistema de arquivos padrão será NTFS, que não é tão apropriado para volumes externo como FAT (por exemplo, o tamanho máximo possível do volume oculto será significativamente maior se o volume externo for formatado como FAT). Normalmente, FAT é o padrão para ambos os volumes oculto e normal (então volumes FAT não são suspeitos). No entanto, se o usuário indicar a intenção de armazenar arquivos maiores que 4 GB (que o sistema de arquivos FAT não permite) então FAT não será o padrão. - Tem certeza de que deseja escolher 'Sim'? - Modo de Criação de Volume - Este é o caminho mais rápido para criar uma volume VeraCrypt armazenado numa partição ou dispositivo (criptografia no local, que é a outra opção, é mais lenta porque o conteúdo de cada setor tem que ser primeiro lido, criptografado e depois, escrito). Os dados atualmente armazenados na partição/dispositivo selecionado(a) serão perdido (os dados NÃO serão criptografados e serão sobrescritos com dados aleatórios). Se você quiser criptografar os dados existentes em uma partição, escolha a outra opção. - Toda a partição selecionada e todos os dados armazenados nela serão criptografados no local. Se a partição estiver vazia, você deve escolher a outra opção (o volume será criado muito mais rápido). - Nota: - Continua&r - &Adiar - &Iniciar - &Continuar - &Formatar - &Limpar - Abortar a formatação? - Mostrar mais informações - Não mostrar novamente - O conteúdo da partição/dispositivo foi apagado com sucesso. - O conteúdo da partição onde o sistema operacional (do qual o sistema oculta é um clone) está instalado foi apagado com sucesso. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - O dispositivo/partição de sistema foi descriptografado com sucesso. - \n\nO volume VeraCrypt foi criado e está pronto para uso. Se você deseja criar outro volume VeraCrypt, clique em Avançar. Caso contrário, clique em Sair. - \n\nO volume VeraCrypt oculto foi criado com sucesso (o sistema operacional oculto residirá dentro deste volume oculto).\n\nClique em Avançar para continuar. - Volume Totalmente Criptografado - Volume Fully Decrypted - IMPORTANTE: PARA MONTAR ESTE RECÉM-CRIADO VOLUME VERACRYPT E ACESSAR OS DADOS ARMAZENADOS NELE, CLIQUE EM 'AUTO-MONTAR DISPOSITIVOS' NO JANELA PRINCIPAL DO VERACRYPT. Depois de digitar a senha correta (e/ou fornecer os arquivos-chave corretos), o volume será montado para a letra de unidade selecionada a partir da lista na janela principal do VeraCrypt (e você poderá acessar os dados criptografados por meio da letra de unidade selecionada).\n\nPOR FAVOR, LEMBRE-SE OU ANOTE OS PASSOS ACIMA. VOCÊ DEVE SEGUÍ-LOS, SEMPRE QUE DESEJAR MONTAR O VOLUME E ACESSAR OS DADOS ARMAZENADOS NELE. Alternativamente, na janela principal do VeraCrypt, clique em 'Selecionar dispositivo', selecione esta partição/volume e clique em 'Montar'.\n\nA partição/volume foi criptografada(o) com sucesso (agora ela contém um volume VeraCrypt totalmente criptografado) e está pronto para uso. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - O volume VeraCrypt foi criado com sucesso. - Disco Criado com Sucesso - IMPORTANTE: Mova seu mouse tão aleatoriamente quanto possível nesta janela. Quanto mais você demorar movendo-o, melhor. Isto aumenta significativamente a força de criptografia das chaves. Depois clique em Formatar para continuar. - Clique em Formatar para criar o volume externo. Para mais informações consulte a documentação. - Formatação do volume externo - Formatação do Volume Oculto - Formatação do Volume - É necessário o Adobe Reader (ou ferramenta compatível) para ver ou imprimir o Manual do Usuário do VeraCrypt. O Adobe Reader (freeware) pode ser baixado a partir de: www.adobe.com\n\nDeseja ver a documentação on-line? - Caso selecione esta opção, o assistente irá ajudá-lo primeiro a criar um volume VeraCrypt normal e em seguida o volume oculto dentro do normal. Usuários inexperientes deve selecionar esta opção. - Caso selecione esta opção, você irá criar um volume oculto dentro de um volume VeraCrypt normal. Presumimos que você já tem um volume VeraCrypt normal que pode conter um volume oculto. - Modo de Criação de Volume - Volume Oculto Criado - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - Você iniciou o sistema operacional oculto. Como você deve ter notado, ele aparenta estar instalado na mesma partição que o sistema operacional original. Entretanto, na realidade, ele está instalado dentro da partição por trás dele (no volume oculto). Todos as operações de leitura e escrita estão sendo transparentemente redirecionadas da partição do sistema original para o volume oculto.\n\nNem o sistema operacional nem os aplicativos saberão que os dados escritos e lidos da partição do sistema estão na verdade sendo escritos e lidos da partição por trás dela (de um volume oculto). Tais dados são criptografados e descriptografados normalmente (com uma chave de criptografia diferente daquela que será usada para o sistema operacional ).\n\n\nPor favor, clique em Avançar para continuar. - O volume externo foi criado e montado como unidade %hc:. Para este volume externo você deve agora copiar alguns arquivos que você realmente NÃO quer esconder. Eles estarão lá caso alguém force você a revelar a senha para a primeira partição atrás da partição do sistema, onde tanto o volume externo quanto o oculto (que contém o sistema operacional oculto) irão residir. Você será capaz de revelar a senha para esse volume externo, e a existência do volume oculto (e do sistema operacional oculto) permanecerá secreta.\n\nIMPORTANTE: Os arquivos que você copiar para o volume externo não devem ocupar mais de %s. Caso contrário, pode não haver espaço livre suficiente no volume externo para volume oculto (e você não poderá continuar). Depois de terminar de copiar, clique em Avançar (não desmonte o volume). - O volume oculto foi criado com sucesso e montado como unidade %hc:. Você deve copiar alguns arquivos que pareçam confidenciais e você não deseja realmente esconder. Os arquivos estarão disponíveis para quem forçá-lo a revelar sua senha. Você irá revelar apenas a senha para esse volume externo, não para o oculto. Os arquivos com que você realmente se importa serão armazenados no volume oculto, que será criado em seguida. Quando você terminar de copiar, clique em avançar. Não desmonte o volume.\n\nObserve: Depois que você clicar em avançar, o bitmap de clusters volume do volume externo será analisado para determinar o tamanho do espaço livre contínuo que termina no fim do volume. Este espaço irá acomodar o volume oculto, seu maior tamanho possível será determinado agora. A análise do bitmap de clusters assegura que nenhum dado no volume externo será sobrescrito. - Conteúdo do volume externo - \n\nNas próximas etapas, você deverá escolher as opções para o volume externo (dentro do qual o volume oculto será criado mais tarde). - \n\nNos próximos passos, você criará um volume VeraCrypt externo dentro da primeira partição atrás da partição do sistema (como foi explicado em uma das etapas anteriores). - Volume Externo - Nos passos a seguir, você definirá as opções e senha para o volume oculto, que conterá o sistema operacional oculto.\n\nObservação: O mapa de clusters do volume externo foi examinado a fim de determinar o tamanho da área ininterrupta de espaço de livre, cujo fim está alinhado com o final do volume externo. Esta área vai acomodar o volume oculto, por isso, ela limita o seu tamanho máximo possível. O tamanho máximo possível do volume oculto foi determinado e confirmado como sendo maior do que o tamanho da partição do sistema (o que é necessário, pois todo o conteúdo da partição do sistema será copiado para o volume oculto). Isto assegura que nenhum dado armazenado atualmente no volume externo será sobrescrito pelos dados escritos na área do volume oculto. - IMPORTANTE: Por favor, lembre-se dos algoritmos que você selecionar nesta etapa. Você terá que selecionar os mesmos algoritmos para o sistema . Caso contrário, o sistema oculto estará inacessível! (O sistema deve ser criptografado com o mesmo algoritmo de criptografia do sistema oculto.)\n\nNota: A razão é que o sistema isca e o oculto irão compartilhar um único gestor de inicialização, que suporta apenas um único algoritmo, selecionado pelo usuário (para cada algoritmo, existe uma versão especial do VeraCrypt Boot Loader). - \n\nO bitmap de clusters foi analisado e o tamanho máximo possível para o volume oculto foi determinado. Nas próximas etapas, você deverá escolher as opções, o tamanho e a senha a serem usados para o volume oculto. - Volume Oculto - Agora o volume oculto está protegido contra danos até que o volume externo seja desmontado.\n\nAVISO: Se houver alguma tentativa de gravação de dados na área do volume oculto, o VeraCrypt irá começar a proteger o volume inteiro contra gravação (tanto a parte externa quanto a oculta) até que ele seja desmontado. Isto pode causar corrupção no sistema de arquivo do volume externo, o que (se repetido) poderá afetar adversamente a camuflagem de informações do volume oculto. Por isso, você deve tomar todas as medidas para evitar gravar na área do volume oculto. Qualquer dado que estiver sendo gravado na área do volume oculto não será salvo e será perdido. O Windows poderá relatar isso como um erro de gravação ("Delayed Write Failed" ou "The parameter is incorrect"). - Todos os volumes ocultos nos volumes montados estão protegidos contra danos até que sejam desmontados.\n\nAVISO: Se houver alguma tentativa de gravação de dados na área de algum desses volumes ocultos, o VeraCrypt irá começar a proteger o volume inteiro contra gravação (tanto a parte externa quanto a oculta) até que ele seja desmontado. Isto pode causar corrupção no sistema de arquivo do volume externo, o que (se repetido) poderá afetar adversamente a camuflagem de informação do volume oculto. Por isso, você deve tomar todas as medidas para evitar gravar na área do volume oculto. Qualquer dado que estiver sendo gravado na área do volume oculto não será salvo e será perdido. O Windows poderá relatar isso como um erro de gravação ("Delayed Write Failed" ou "The parameter is incorrect"). - AVISO: Houve uma tentativa de gravação de dados na área do volume oculto do volume montado como %c:! O VeraCrypt impediu que esses dados fossem gravados para proteger o volume oculto. Isto pode ter causado corrupção no sistema de arquivo do volume externo e o Windows poderá relatar um erro de gravação ("Delayed Write Failed" ou "The parameter is incorrect"). Todo o volume (tanto a parte externa quanto a oculta) será protegido contra gravação até ser desmontado. Se esta não for a primeira vez que isto acontece com esse volume, a camuflagem de informação desse volume oculto pode ter sido afetada (devido a inconsistências não usuais correlacionadas no sistema de arquivo do volume externo). Por isso, você deve pensar em criar novo volume VeraCrypt (com a opção Formatação Rápida desmarcada) e mover seus arquivos deste volume para o novo; este volume deve ser apagado com segurança (tanto a parte externa quanto a oculta). Sugerimos fortemente que você reinicie seu sistema operacional agora. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - Por motivos de segurança, quando um sistema operacional oculto estiver sendo executado, sistemas de arquivo locais não-criptografados e volumes VeraCrypt não-ocultos são montados como somente leitura (dados não podem ser gravados em tais sistemas de arquivo ou volumes VeraCrypt).\n\nÉ autorizada a gravação de dados em qualquer sistema de arquivo que esteja dentro de um volume VeraCrypt oculto (desde que o volume oculto não esteja localizado em um recipiente armazenado em um sistema de arquivo não-criptografado ou em qualquer outro sistema de arquivo somente leitura). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Nota: Caso necessite transferir arquivos com segurança do sistema isca para o sistema oculto, siga estas etapas: 1) Inicie o sistema isca. 2) Salve os arquivos para um volume não-criptografado ou para um volume VeraCrypt externo/normal. 3) Inicie o sistema oculto. 4) Se você salvou os arquivos em um volume VeraCrypt, monte-o (ele será automaticamente montado como somente leitura). 5) Copie os arquivos para a partição do sistema oculto ou para outro volume oculto. - Seu computador precisa ser reiniciado.\n\nVocê deseja reiniciá-lo agora? - Ocorreu um erro ao obter o estado de criptografia do sistema. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Não foi possível iniciar componentes do programa de criptografia do sistema. - Falha ao iniciar o gerador de números aleatórios! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Não foi possível iniciar a aplicação. Falha ao registrar a classe 'Dialog'. - Erro: Falha ao carregar a biblioteca de sistema Rich Edit. - Criação de Volume VeraCrypt - O tamanho máximo de um volume oculto para este disco é %.2f bytes. - O tamanho máximo de um volume oculto para este disco é %.2f KB. - O tamanho máximo de um volume oculto para este disco é %.2f MB. - O tamanho máximo de um volume oculto para este disco é %.2f GB. - O tamanho máximo de um volume oculto para este disco é %.2f TB. - A senha ou arquivo-chave não podem ser alterados enquanto o disco estiver montado. Favor desmontar o disco primeiro. - O algoritmo de derivação da chave não pode ser trocado enquanto o volume está montado. Favor desmontar o disco primeiro. - &Montar - Uma versão mais recente do VeraCrypt é necessária para montar este disco. - Erro: O Assistente de Criação de Disco não foi encontrado.\n\nFavor certifique-se de que o arquivo 'VeraCrypt Format.exe' está na pasta de onde o VeraCrypt foi executado. Caso contrário, reinstale o VeraCrypt ou localize o arquivo 'VeraCrypt Format.exe' no seu sistema e execute-o. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Avançar > - &Concluir - &Instalar - E&xtrair - Não foi possível conectar ao driver de dispositivo do VeraCrypt. O VeraCrypt não pode funcionar sem o seu driver de dispositivo executando.\n\nObserve que, devido a características do Windows, pode ser necessário fazer log off ou reiniciar o sistema operacional antes de executar o driver de dispositivo. - Um erro ocorreu quando da carga/preparação das fontes. - A letra de unidade não foi encontrada ou não foi especificada. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Letra de Unidade não disponível. - Nenhum arquivo foi selecionado! - Nenhuma letra de drive está disponível. - Não há letra de drive livre para o volume externo! A criação do disco não pode continuar. - Não foi possível determinar a versão do seu sistema operacional ou você está usando um sistema operacional não suportado. - Nenhum caminho selecionado! - Não há espaço livre suficiente para o volume oculto! A criação dos disco não pode continuar. - Erro: Os arquivos copiados para o volume externo ocupam muito espaço. Portanto, não há espaço livre suficiente no volume externo para o volume oculto.\n\nNote que o volume oculto deve ser tão grande quanto a partição do sistema (a partição onde o sistema operacional sendo executando agora está instalado). A razão é que o sistema operacional oculto precisa ser criado copiando o conteúdo da partição do sistema para o volume oculto.\n\n\nO processo de criação do sistema operacional oculto não pode continuar. - O driver não conseguiu de desmontar o disco. Algum dos arquivos localizados nele ainda deve estar aberto. - Não foi possível bloquear o disco. Ainda existem arquivos abertos no disco. Desta forma, este não pode ser desmontado. - VeraCrypt não pode bloquear o volume, porque ele está em uso pelo sistema ou aplicativos (pode haver arquivos abertos no volume).\n\nVocê deseja desmontar forçadamente o volume? - Selecione o Volume VeraCrypt - Selecione o Caminho e o Nome do Arquivo - Selecione a biblioteca PKCS #11 - Memória Esgotada - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - AVISO: O arquivo '%s' ja existe!\n\nIMPORTANTE: O VERACRYPT NÃO IRÁ CRIPTOGRAFAR O ARQUIVO, MAS APAGÁ-LO. Você tem certeza de que deseja apagar o arquivo e substituí-lo com um novo recipiente VeraCrypt? - CUIDADO: TODOS OS ARQUIVOS ARMAZENADOS NO %s '%s'%s SELECIONADO SERÃO APAGADOS E PERDIDOS (NÃO CRIPTOGRAFADOS)!\n\nVocê tem certeza de que deseja continuar e formatar? - AVISO: Você não será capaz de montar o volume ou acessar quaisquer arquivos armazenados nele até que ele tenha sido totalmente criptografado.\n\nTem certeza de que deseja iniciar a criptografia do %s '%s'%s selecionado? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - AVISO: Por favor, note que se o fornecimento de energia for interrompido de repente durante a criptografia dos dados existentes no local, ou quando o sistema operacional falhar devido a um erro de software ou hardware defeituoso enquanto o VeraCrypt estiver criptografando os dados existentes no local, porções dos dados serão corrompidos ou perdidos. Portanto, antes de começar a criptografia, certifique-se de possuir cópias de backup dos arquivos que você deseja criptografar.\n\nVocê tem um backup desses? - CUIDADO: OS ARQUIVOS ATUALMENTE ARMAZENADOS NA PARTIÇÃO '%s'%s (OU SEJA, A PRIMEIRA PARTIÇÃO ATRÁS DA PARTIÇÃO DO SISTEMA) SERÃO APAGADOS E PERDIDOS (ELES NÃO SERÃO CRIPTOGRAFADOS)!\n\nTem certeza que deseja prosseguir com o formato? - AVISO: A PARTIÇÃO SELECIONADA CONTÉM UMA GRANDE QUANTIDADE DE DADOS! Todos os arquivos armazenados na partição serão apagados e perdidos (eles não serão criptografados)! - Apague todos os arquivos armazenados na partição, criando um volume VeraCrypt dentro dele - Senha - PIM - Definir Algoritmo de Derivação da Chave de Cabeçalho - Adicionar/Remover Arquivo-chave do disco - Remover Todos os Arquivos-chave do disco - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANTE: Se você não destruir o seu VeraCrypt Rescue Disk, sua partição de sistema / unidade ainda pode ser descriptografado usando a senha antiga (por arrancar o VeraCrypt Rescue Disk e inserir a senha antiga). Você deve criar um novo VeraCrypt Rescue Disk e, em seguida, destruir o velho um .\n\nVocê deseja criar um novo VeraCrypt Rescue Disk? - Lembre que o Disco de Emergência VeraCrypt ainda usa o algoritmo anterior. Se você considera o algoritmo anterior inseguro, você deve criar um novo Disco de Emergência VeraCrypt e destruir o antigo.\n\nVocê deseja criar um novo disco de emergência VeraCrypt? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Arquivo(s)-chave adicionado(s)/removido(s) com sucesso. - Arquivo-chave exportado. - Algoritmo de derivação da chave ajustado com sucesso. - Digite a senha e/ou arquivo(s)-chave para o volume não-sistema em que pretende retomar o processo de criptografia no local.\n\n\nObservação: Após clicar em Avançar, o VeraCrypt tentará encontrar todos os volumes não-sistema onde o processo de criptografia tenha sido interrompido e onde o cabeçalho do volume VeraCrypt pode ser descriptografado usando a senha e/ou arquivo(s)-chave fornecidos. Se mais de um volume assim for encontrado, você terá que escolher um deles na próxima etapa. - Selecione um dos volumes listados. A lista contém todos os volumes não-sistema acessíveis em que o processo de criptografia tenha sido interrompido e cujo cabeçalho poderia ser descriptografado usando a senha e/ou arquivo(s)-chave fornecidos. - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - É muito importante que você escolha uma boa senha. Evite escolher uma que contenha apenas uma única palavra que pode ser encontrada em um dicionário (ou uma combinação de 2, 3 ou 4 palavras assim). A senha não deve conter quaisquer nomes ou datas de nascimento. Não deve ser fácil de adivinhar. Uma boa senha é uma combinação aleatória de letras maiúsculas e minúsculas, números e caracteres especiais, como @ ^ = $ * + etc. Recomendamos escolher uma senha com mais de 20 caracteres (quanto mais longo, melhor). O comprimento máximo é 64 caracteres. - Escolha uma senha para o volume oculto. - Por favor, escolha uma senha para o sistema operacional oculto (ou seja, para o volume oculto). - IMPORTANTE: A senha que você escolher para o sistema operacional oculto nesta etapa deve ser substancialmente diferente das outras duas senhas (ou seja, da senha do volume externo e da senha do sistema operacional isca). - Favor digitar a senha para o disco que você dentro do qual você deseja criar o volume oculto.\n\nDepois de clicar 'Próximo', o VeraCrypt vai tentar montar o disco. Assim que o disco estiver montado, seu bitmap de cluster será varrido para determinar o tamanho da área livre ininterrupta (se houver) cujo final está alinhado com o final do disco. Esta área irá acomodar o volume oculto e irá limitar seu tamanho máximo. A varredura do mapa de clusters é necessária para garantir que nenhum dado do volume externo será sobrescrito pelo volume oculto. - \nPor favor escolha uma senha para o volume externo. Esta será a senha que você poderá revelar a um adversário se lhe for pedido ou forçado a fazê-lo.\n\nIMPORTANTE: A senha deve ser substancialmente diferente da que você vai escolher para o volume oculto.\n\nNota: O comprimento máximo possível da senha é 64 caracteres. - Por favor, escolha uma senha para o volume externo. Esta será a senha que você poderá revelar a alguém forçando-o a expor a senha para a primeira partição atrás da partição do sistema, onde tanto o volume externo quanto o volume oculto (que contém o sistema operacional oculto) irão residir. A existência do volume oculto (e do sistema operacional oculto) permanecerá secreta. Note que esta senha não é para o sistema operacional isca.\n\nIMPORTANTE: A senha deve ser substancialmente diferente da que você vai escolher para o volume oculto (isto é, para o sistema operacional oculto). - Senha do volume externo - Senha do volume oculto - Senha para o Sistema Operacional Oculto - AVISO: Senha curtas são fáceis de quebrar usando técnicas de força bruta!\n\nÉ recomendado que seja escolhida um senha com pelo menos 20 caracteres.\n\nDeseja realmente usar uma senha curta? - Senha do Volume - Senha incorreta ou não se trata de um volume VeraCrypt. - Senha e/ou arquivo-chave incorretos ou não se trata de um volume VeraCrypt. - Modo de montagem, senha ou volume VeraCrypt incorretos. - Modo de montagem, senha, arquivo-chave ou volume VeraCrypt incorretos. - Senha incorreta ou nenhum volume VeraCrypt encontrado. - Senha e/ou arquivo-chave incorretos ou nenhum volume VeraCrypt encontrado. - \n\nAVISO: A função Caps Lock está ligada. Isto pode levar a uma digitação incorreta da senha. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - Se você está tentando proteger um volume oculto contendo um sistema oculto, certifique-se de estar usando uma configuração de teclado padrão US quando digitar a senha do volume oculto. Isto porque tal senha precisará ser digitada no ambiente pré-boot (antes do Windows iniciar) onde configurações diferentes do padrão US de teclado não estão disponíveis. - O VeraCrypt não encontrou nenhum volume onde a criptografia não-sistema tenha sido interrompida e onde o cabeçalho do volume pode ser descriptografado usando a senha e/ou arquivo(s)-chave fornecidos.\n\nPor favor, certifique-se que a senha e/ou arquivo(s)-chave estão corretos e que a partição/volume não está sendo usada pelo sistema ou aplicativos (incluindo software antivírus). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nDica: Se você está tentando montar uma partição localizada em um disco de sistema criptografado sem usar a autenticação pré-inicialização ou uma partição criptografada de um sistema operacional que não está sendo executado, você pode fazê-lo clicando em 'Sistema' > 'Moutar sem Autenticação Pré-Inicialização'. - Neste modo, você não pode montar uma partição localizada em uma unidade cuja porção está dentro do alcance de aplicação da criptografia de sistema ativa.\n\nAntes que você possa montar esta partição neste modo, você precisa inicializar um sistema operacional instalado em uma unidade diferente (criptografado ou não), ou inicializar um sistema operacional não-criptografado. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Voltar - Não foi possível listar os dispositivos instalados em seu sistema! - O disco '%s' já existe e está protegido contra gravação. Tem certeza que deseja substituí-lo? - Selecione o Diretório de Destino - Selecione o Arquivo-chave - Selecione o caminho do arquivo-chave. AVISO: Lembre que apenas o caminho sera lembrado, não os nomes dos arquivos! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Criada por Ross Anderson, Eli Biham e Lars Knudsen. Publicada em 1998. chave de 256 bits, bloco de 128 bits. O modo de operação é o XTS. Serpent foi um dos finalistas no AES. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Tamanho do Volume Externo - Tamanho do Volume Oculto - Verifique se o tamanho do dispositivo/partição selecionado(a) mostrado acima está correto e clique em Avançar. - O volume externo e o volume oculto (que contém o sistema operacional oculto) irão residir dentro da partição acima. Deve ser a primeira partição atrás da partição do sistema.\n\nPor favor, verifique se o tamanho da partição e seu número mostrados acimas estão corretos e, se estiverem, clique em Avançar. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Tamanho do Disco - Dinâmico - CUIDADO: AUTO-TESTE FALHOU! - Todos os algoritmos passaram nos testes - O número de unidades de dados que você forneceu é muito curto ou muito longo. - A chave secundária que você forneceu é muito curta ou muito longa. - O texto cifrado de teste que você escolheu é muito curto ou muito longo. - A chave de teste que você escolheu é muito curta ou muito longa. - O texto em claro de teste que você escolheu é muito curto ou muito longo. - Duas cifras operando em modo XTS em cascata. Cada bloco é criptografado primeiro com %s (chave de %d bits) e depois com %s (chave de %d bits). Cada cifra utiliza sua própria chave. Todas as chaves são independentes das outras. - Três cifras operando em modo XTS em cascata. Cada bloco é criptografado primeiro com %s (chave de %d bits), depois com %s (chave de %d bits) e, finalmente, com %s (chave de %d bits). Cada cifra utiliza sua própria chave. Todas as chaves são independentes das outras. - Note que, dependendo da configuração do sistema operacional, os recursos de auto-executar e auto-montar podem funcionar só quando os arquivos do disco removível estiverem criados em uma mídia de CD/DVD não-regravável. Note também que este não é um bug do VeraCrypt (é uma limitação do Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - Disco Removível VeraCrypt - Criado por Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall e Niels Ferguson. Publicado em 1998. chave de 256 bits, bloco de 128 bits. Modo de operação XTS. O Twofish foi um dos finalistas para o AES. - Mais informações sobre %s - Desconhecido - An unspecified or unknown error occurred (%d). - Alguns discos contem arquivos ou pastas que estão sendo usadas.\n\nDesmontar forçadamente? - &Desmontar - Falha ao desmontar! - Disco contém arquivos ou pastas que estão sendo usadas.\n\nDesmontar forçadamente? - No volume is mounted to the specified drive letter. - O disco que voce está tebntando montar já está montado. - Um erro ocorreu ao tentar montar o disco. - Erro ao procurar a localização dentro do disco. - Erro: Tamanho do disco incorreto. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Recipiente dinâmico é um arquivo NTFS esparso cujo tamanho físico (espaço em disco realmente usado) cresce à medida que novos dados são gravados.\n\nAVISO: O desempenho de volumes hospedados em arquivos esparsos é significativamente pior que o desempenho de volumes normais. Volumes em arquivos esparsos são também menos seguros porque permitem saber quais setores não estão em uso. Além disto, tais volumes não podem prover camuflagem de informação (hospedar um volume oculto). Note que se houver escrita num recipiente esparso quando não houver espaço livre suficiente no sistema de arquivos que o hospeda, o sistema de arquivos criptografado pode ser corrompido.\n\nTem certeza de que quer criar um volume hospedado em arquivo esparso? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - O VeraCrypt não pode mudar a senha de um volume externo. - Favor selecionar uma letra de drive na lista. - Favor selecionar um disco montado na lista de letras de drive. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Erro: Não foi possível criar autorun.inf - Erro enquanto processava o arquivo-chave! - Erro enquanto processava o caminho de arquivos-chave! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt não suporta este sistema operacional. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Erro: Não foi possível de alocar memória. - Erro: Não foi possível recuperar o valor do contador de desempenho. - Erro: Formato [de volume] inválido. - Erro: Você forneceu uma senha para um volume oculto (não para um volume normal). - Por motivos de segurança, um volume oculto não pode ser criado dentro de um volume VeraCrypt contendo um sistema de arquivos que foi criptografado no local (porque o espaço livre no volume não foi preenchido com dados aleatórios). - VeraCrypt - Observações Legais - Todos os Arquivos - Discos VeraCrypt - Módulos de Biblioteca - A formatação em NTFS não pode continuar. - Não foi possível montar o disco. - Não foi possível desmontar o disco. - O Windows não conseguiu formatar o volume como NTFS.\n\nFavor selecionar um tipo de sistema de arquivo diferente (se possível) e tentar novamente. Você também pode deixar o volume sem formato (selecione 'Nenhum' como sistema de arquivo), sair desse assistente, montar o volume, e usar o sistema ou algum ferramenta de terceiros para formatar o volume montado (o volume irá permanecer criptografado). - O Windows não conseguiu formatar o volume como NTFS.\n\nVocê deseja formatar o volume como FAT? - Padrão - partição - PARTIÇÃO - Dispositivo - dispositivo - DISPOSITIVO - Volume - volume - VOLUME - Label - O tamanho de cluster selecionado é muito pequeno para este tamanho de disco. Um tamanho maior será usado. - Erro: Não foi possível determinar o tamanho do disco!\n\nGaranta que o disco selecionado não está sendo usado pelo sistema ou alguma aplicação. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - O Assistente para Criação de Volume VeraCrypt só pode criar um volume oculto dentro de um FAT ou NTFS. - No Windows 2000, o Assistente para Criação de Volume VeraCrypt só pode criar um volume oculto dentro de um FAT. - Nota: O sistema de arquivos FAT é mais adequado para os volumes externos do que o sistema de arquivos NTFS (por exemplo, o tamanho máximo possível do volume oculto muito provavelmente teria sido muito maior se o volume externo tivesse sido formatado como FAT). - Note que o sistema de arquivos FAT é mais adequado para os volumes externos do que o sistema de arquivos NTFS. Por exemplo, o tamanho máximo possível do volume oculto, muito provavelmente, será significativamente maior se o volume externo for formatado como FAT (porque o sistema de arquivos NTFS sempre armazena dados internos exatamente no meio do volume e, portanto, o volume oculto pode residir apenas na segunda metade do volume externo).\n\nTem certeza que deseja formatar o volume externo como NTFS? - Você deseja formatar o volume como FAT ao invés disso? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Erro: A partição para o sistema operacional oculto (ou seja, a primeira partição atrás da partição do sistema) deve ser de pelo menos 5% maior do que a partição do sistema (a partição do sistema é a que o sistema operacional atualmente em execução está instalado). - Erro: A partição para o sistema operacional oculto (ou seja, a primeira partição atrás da partição do sistema) deve ser de pelo menos 110% (2,1 vezes) maior do que a partição do sistema (a partição do sistema é a que o sistema operacional atualmente em execução está instalado). A razão é que o sistema de arquivos NTFS sempre armazena dados internos exatamente no meio do volume e, portanto, o volume oculto (que é para conter um clone da partição do sistema) pode residir apenas na segunda metade da partição. - Erro: Se o volume externo estiver formatado como NTFS, ele deve ser de pelo menos 110% (2,1 vezes) maior do que a partição do sistema. A razão é que o sistema de arquivos NTFS sempre armazena dados internos exatamente no meio do volume e, portanto, o volume oculto (que é para conter um clone da partição do sistema) pode residir apenas na segunda metade do volume externo.\n\nNota: O volume externo deve residir na mesma partição que o sistema operacional oculto (ou seja, a primeira partição atrás da partição do sistema). - Erro: Não há partição atrás da partição do sistema.\n\nObserve que, antes de poder criar um sistema operacional oculto, você precisa criar uma partição para ele na unidade do sistema. Deve ser a primeira partição atrás da partição do sistema e deve ser pelo menos 5% maior do que a partição do sistema (a partição do sistema é a que o sistema operacional atualmente em execução está instalado). No entanto, se o volume externo (que não deve ser confundido com a partição do sistema) estiver formatado como NTFS, a partição para o sistema operacional oculto deve ser, pelo menos, 110% (2,1 vezes) maior do que a partição do sistema (o motivo é que o sistema de arquivos NTFS sempre armazena dados internos exatamente no meio do volume e, portanto, o volume oculto – que é para conter um clone da partição do sistema – pode residir apenas na segunda metade da partição). - Observação: Não é prático (e, portanto, não suportado) instalar sistemas operacionais em dois volumes VeraCrypt que estejam embutidos dentro de uma única partição, pois utilizar o sistema operacional externo muitas vezes exige gravação de dados na área do sistema operacional oculto (e se essas operações de gravação fossem impedidas usando a característica de proteção de volume oculto, isto invariavelmente causaria falhas do sistema, ou seja, erros de "tela azul"). - Para informações sobre como criar e gerir partições, por favor, consulte a documentação fornecida com seu sistema operacional ou entre em contato com o suporte técnico do fornecedor do computador para assistência. - Erro: O sistema operacional atualmente em execução não está instalado na partição de inicialização (primeira partição ativa). Isto não é suportado. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Erro: Não foi possível acessar o volume!\n\nCertifique-se de que o volume selecionado realmente existe, que ele não está montado ou sendo usado pelo sistema ou outro programa, que você tem permissão para ler/gravar nesse volume e que ele não está protegido contra gravação. - Error: Cannot obtain volume properties. - Erro: Não foi possível acessar o volume e/ou obter informações sobre o volume.\n\nCertifique-se que o volume selecionado existe, que não está sendo usado pelo sistema ou aplicativos, que você tem privilégio de leitura/escrita no volume, e que ele não está protegido contra gravação. - Erro: Não foi possível acessar o volume e/ou obter informações sobre o volume.\n\nCertifique-se que o volume selecionado existe, que não está sendo usado pelo sistema ou aplicativos, que você tem privilégio de leitura/escrita no volume, e que ele não está protegido contra gravação.\n\nSe o problema persistir, os passos abaixo podem ajudar. - Um erro impediu o VeraCrypt de criptografar a partição. Tente corrigir quaisquer problemas reportados anteriormente e, em seguida, tente novamente. Se os problemas persistirem, as etapas abaixo pode ajudar. - Um erro impediu o VeraCrypt de retomar o processo de criptografia da partição.\n\nPor favor, tente corrigir quaisquer problemas reportados anteriormente e, em seguida, tentar retomar o processo novamente. Note que o volume não pode ser montado até que tenha sido totalmente criptografado. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Erro: Não foi possível desmontar o volume externo!\n\nUm disco não pode ser desmontado se contiver arquivos ou pastas que estiverem sendo usadas por algum programa ou pelo sistema.\n\nFavor fechar qualquer programa que possa estar usando estes arquivos ou diretórios do disco e clique em "Repetir". - Erro: Não foi possível obter informações sobre o volume externo! a Criação do volume não pode continuar. - Erro: Não foi possível acessar o volume externo! A criação do volume não pode continuar. - Erro: Não foi possível montar o volume externo! A criação dos volumes não pode continuar. - Erro: Não foi possível ler o bitmap de clusters! A criação dos volumes não pode continuar. - Alfabética/Por Categoria - Velocidade Mídia (Decresc.) - Algoritmo - Cifrar - Decifrar - Mídia - Drive - Tamanho - Algoritmo de Criptografia - Algoritmo de Criptografia - Tipo - Valor - Propriedades - Localização - bytes - Oculto - Externo - Normal - Sistema - Oculto (sistema) - Somente Leitura - Disco de sistema - Disco de sistema (criptografando - %.2f%%) - Disco de sistema (descriptografando - %.2f%%) - Disco de sistema (%.2f%% criptografado) - Partição de sistema - Partição do sistema oculto - Partição de sistema (criptografando - %.2f%%) - Partição de sistema (descriptografando - %.2f%%) - Partição de sistema (%.2f%% criptografado) - Sim (protegido contra danos!) - Nenhum - Tamanho da Chave Primária - Tamanho da Chave Secundária (Modo XTS) - Tamanho da chave de ajuste (Modo LRW) - bits - Tamanho do Bloco - PKCS-5 PRF - Contagem de Iterações do PKCS-5 - Disco Criado - Última modificação do cabeçalho - (%I64d dias atrás) - Versão de Formatação do Volume - Cabeçalho de Backup Embutido - VeraCrypt Boot Loader Version - Primeiro disponível - Disco Removível - Disco Rígido - Não alterado - Autodetection - Modo Assistente - Selecione um dos modos. Se não tiver certeza de qual selecionar, use o modo padrão. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Opções de Instalação - Aqui você pode configurar várias opções para controlar o processo de instalação. - Instalando - Aguarde enquanto o VeraCrypt é instalado. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Opções de Extração - Aqui você pode configurar várias opções para controlar o processo de extração. - Aguarde enquanto os arquivos são extraidos. - Files successfully extracted - Todos os arquivos foram extraídos no local de destino. - Se a pasta especificada não existir, ela será criada automaticamente. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Você deseja ler notícias sobre a versão atual (última estável) do VeraCrypt? - Se você nunca usou o VeraCrypt, recomendamos que você leia o capítulo Tutorial para Iniciantes no Guia do Usuário do VeraCrypt. Você deseja ler o tutorial? - Favor escolher uma das seguintes ações: - Reparar/Reinstalar - Upgrade - Desinstalar - Para instalar/desinstalar o VeraCrypt com sucesso, você deve ter privilégios de administrador. Deseja continuar? - O instalador do VeraCrypt está atualmente em execução, realizando ou preparando uma instalação ou atualização do VeraCrypt. Antes de continuar, por favor, aguarde o seu término ou feche-o. Se você não puder fechá-lo, por favor, reinicie o computador antes de prosseguir. - A instalação falhou. - A desinstalação falhou. - Este pacote de distribuição parece estar danificado. Tente baixá-lo novamente (de preferência a partir do nosso site oficial https://veracrypt.codeplex.com). - Não foi possível gravr o arquivoe %s - Extraindo - Não foi possível ler alguns dados do pacote de instalação. - Não foi possível verificar a integridade do pacote de instalação. - A extração falhou. - A instalação foi revertida. - O VeraCrypt foi instalado com sucesso. - O VeraCrypt foi atualizado com sucesso. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - O VeraCrypt foi desinstalado com sucesso.\n\nClique em 'Concluir' para remover o instalador do VeraCrypt e a pasta %s. Observe que a pasta não será removida se ela contiver algum arquivo que não tenha sido criado pelo VeraCrypt ou instalado pelo seu instalador. - Removendo entradas do VeraCrypt do registro - Adicionando entrada no registro - Removendo dados específicos da aplicação - Instalando - Parando - Removendo - Adicionando ícone - Criando ponto de restauração do sistema - Falha ao criar o ponto de restauração do sistema! - Atualizando gerenciador de boot - Não foi possível instalar '%s'. %s Você deseja continuar instalando? - Não foi possível desinstalar '%s'. %s Você deseja continuar desinstalando? - Instalação concluída. - A pasta '%s' não pode ser criada - O driver de dispositivo do VeraCrypt não pôde ser encerrado.\n\nFavor fechar todas as janelas do VeraCrypt primeiro. Se não adiantar, reinicie o Windows e tente novamente. - Todos os volumes VeraCrypt precisam ser fechados antes de instalar ou desinstalar o VeraCrypt. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - A instalação das entradas do registro falharam - A instalação do driver de dispositivo falhou. Favor reiniciar o Windows e tentar instalar o VeraCrypt novamente. - Iniciando o driver de dispositivo do VeraCrypt - Não foi possível desinstalar o driver de dispositivo VeraCrypt. Lembre que, devido a características do Windows, pode ser necessário fazer log off ou reiniciar o sistema antes de desinstalar (ou reinstalar) o driver de dispositivo. - Instalando o driver de dispositivo do VeraCrypt - Parando o driver de dispositivo do VeraCrypt - Desinstalando o driver de dispositivo do VeraCrypt - Erro ao registrar biblioteca de suporte a Controle de Conta de Usuário. - Erro ao remover registro de biblioteca de suporte a Controle de Conta de Usuário. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Aviso: Esta instância do Assistente de Criação de Volume tem privilégios de administrador.\n\nSeu novo volume pode ser criado com permissões que não o deixarão gravar no volume quando ele estiver montado. Caso queira evitar isso, feche esta instância do Assistente e inicie uma nova sem privilégios de administrador.\n\nDeseja fechar essa instância do Assistente de Criação de Volume? - Erro: Não foi possível exibir a licensa. - Externo(!) - dias - horas - minutos - s - Abrir - Desmontar - Mostrar VeraCrypt - Ocultar VeraCrypt - Dados lidos desde a montagem - Dados escritos desde a montagem - Parte Criptografada - 100% (completamente criptografado) - 0% (não criptografado) - %.3f%% - 100% - Aguardando - Preparando - Redimensionando - Criptograf.. - Descriptog.. - Finalizando - Pausado - Concluído - Erro - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Entre senha para %s - Enter password for '%s' - Digite a senha para o volume normal/externo - Digite a senha para o volume oculto - Digite a senha para o cabeçalho armazenado no arquivo de backup - O arquivo-chave foi criado com sucesso. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - AVISO: O cabeçalho deste volume está danificado! O VeraCrypt usou automaticamente o backup do cabeçalho embutido no volume.\n\nVocê deve corrigir o cabeçalho do volume selecionando a opção 'Ferramentas' > 'Restaurar Cabeçalho do Volume'. - O cabeçalho do volume foi copiado com sucesso.\n\nIMPORTANTE: Restaurar o cabeçalho do volume usando essa cópia também irá restaurar a senha do volume. Além disso, se algum(s) arquivo(s)-chave for(em) necessário(s) para montar este volume, o(s) mesmo(s) arquivo(s)-chave será(ão) necessário(s) para montar o volume de novo quando seu cabeçalho for restaurado.\n\nAVISO: Esta cópia so poderá ser usada para restaurar o cabeçalho DESTE volume. Se você utilizar esta cópia para restaurar o cabeçalho de outro volume, ainda será possível montá-lo, mas não descriptografar qualquer dado nele (porque você irá mudar a chave mestra). - O cabeçalho do volume foi restaurado com sucesso.\n\nIMPORTANTE: Lembre que as senhas antigas foram restauras também. Além disto, se eram necessários arquivos-chave para montar o disco, os mesmos arquivos serão necessários novamente. - Por motivos de segurança, você terá que digitar a senha correta (e/ou fornecer o arquivo-chave correto) para o volume.\n\nNota: Se o volume contém um volume oculto, você terá que digitar a senha correta (e/ou fornecer o arquivo-chave correto) para o volume externo primeiro. Depois, se você optar por fazer um backup do cabeçalho do volume oculto, você terá de digitar a senha correta (e/ou fornecer o arquivo-chave correto) para o volume oculto. - Tem certeza de que deseja criar um backup do cabeçalho do volume para %s?\n\nDepois de clicar em Sim, você será perguntado por um nome de arquivo para o backup.\n\nNota: Ambos os cabeçalhos do volume normal e do oculto serão re-criptografados usando um novo salt e armazenados no arquivo de backup. Se não existir um volume oculto dentro deste volume, a área reservada para o cabeçalho do volume oculto no arquivo de backup será preenchida com dados aleatórios (para preservar a camuflagem de informação). Ao restaurar um cabeçalho de volume do arquivo de backup, você precisará digitar a senha correta (e/ou fornecer os arquivos-chave corretos) que era válida quando o backup do cabeçalho foi criado. A senha (e/ou arquivos-chave) também determinará automaticamente o tipo de cabeçalho de volume para restaurar, ou seja, normal ou oculto (note que o VeraCrypt determina o tipo através do processo de tentativa e erro). - Tem certeza que deseja restaurar o cabeçalho do disco %s?\n\nAVISO: Ao restaurar o cabeçalho de um disco, também é restaurada a senha que era válida no momento em que o cabeçalho foi copiado. Além disto, se eram necessários arquivos-chave para montar o disco, os mesmos arquivos serão necessários novamente.\n\nSe voce clicar 'Sim', voce deverá selecionar o arquivo com a cópia do cabeçalho. - O volume contém um volume oculto? - O volume contém um volume oculto - O volume não contém um volume oculto - Por favor, selecione o tipo de backup de cabeçalho do volume que deseja usar: - Restaurar o cabeçalho do volume a partir do backup embutido no volume - Restaurar o cabeçalho do volume a partir de um arquivo de backup externo - O tamanho do arquivo de backup do cabeçalho do volume está incorreto. - Não há cabeçalho de backup embutido neste volume (note que apenas volumes criados pelo VeraCrypt 6.0 ou posterior contém cabeçalhos de backup embutidos). - Você está tentando fazer back up do cabeçalho do dispositivo/partição de sistema. Isto não é permitido. Operações de backup e restauração com o dispositivo/partição de sistema só podem ser realizadas utilizando o Disco de Emergência VeraCrypt.\n\nVocê deseja criar um Disco de Emergência VeraCrypt? - Você está tentando restaurar o cabeçalho do dispositivo/partição de sistema. Isto não é permitido. Operações de backup e restauração com o dispositivo/partição de sistema só podem ser realizadas utilizando o Disco de Emergência VeraCrypt.\n\nVocê deseja criar um Disco de Emergência VeraCrypt? - Depois de clicar em OK, você irá selecionar um nome para o arquivo da imagem ISO do novo Disco de Emergência VeraCrypt e o local onde você deseja salvá-lo. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Insira seu Disco de Emergência VeraCrypt no drive de CD/DVD e clique em OK para verificá-lo. - O Disco de Emergência VeraCrypt foi verificado com sucesso. - Não foi possível verificar se o Disco de Emergência foi gravado corretamente.\n\nSe você ja gravou o Disco de Emergência, remova o CD/DVD, coloque-o novamente e tente novamente. Se isto não andiantar, tente utilisar outro programa para gravar o CD/DVD ou outro CD/DVD.\n\nSe você tentou verificar um Disco de Emergência VeraCrypt criado para uma chave mestra, senha, salt, etc. diferente, lembre que esse Disco de Emergência will vai sempre causar erro nesta verificação. Para criar um novo Disco de Emergência compatível com esta configuração, clique em 'Sistema' > 'Criar Disco de Emergência'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Erro ao criar o Disco de Emergência VeraCrypt. - O Disco de Emergência VeraCrypt não pode ser criado quando um sistema operacional oculto está sendo executado.\n\nPara criar um Disco de Emergência VeraCrypt, inicialize o sistema operacional isca e então selecione 'Sistema' > 'Criar Disco de Emergência'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Favor desmontar o disco antes de prosseguir. - Erro: Não foi possível ajustar o timer. - Verificar o Sistema de Arquivos - Recuperar o Sistema de Arquivos - Add to Favorites... - Add to System Favorites... - P&roperties... - Volume Oculto Protegido - N/A - Sim - Não - Disabled - 1 - 2 ou mais - Modo de Operação - Etiqueta: - Tamanho: - Caminho: - Letra da Unidade: - Erro: A senha deve conter apenas caracteres ASCII.\n\nCaracteres diferentes podem impossibilitar a montagem dos disco quando as configurações do seus sistema forem alteradas.\n\nOs seguinte caracteres são permitidos:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - AVISO: A senha contém caracteres não-ASCII. Isto pode impossibilitar a montagem do volume quando as configurações do seus sistema mudarem.\n\nVoce deveria substituir todos os caracteres não-ASCII na senha por caracteres ASCII. Para faze-lo, clique em 'Discos' -> 'Alterar a Senha do Disco'.\n\nOs caracteres ASCII são:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - AVISO: Recomendamos que você evite extensões usadas para arquivos executáveis (como .exe, .sys ou .dll) ou outra extensão igualmente problemática. É muito provável que usar essa extensão faça o Windows e programas antivírus interferirem nesse recipiente, o que pode afetar o desempenho do volume além de causar outros problemas sérios.\n\nRecomendamos que você remova ou mude a extensão do recipiente (por exemplo, para .hc).\n\nVocê tem certeza de que deseja usar essa extensão problemática? - AVISO: Este recipiente tem uma extensão usada para arquivos executáveis (como .exe, .sys ou .dll) ou outra extensão igualmente problemática. É muito provável que usar essa extensão faça o Windows e programas antivírus interferirem nesse recipiente, o que pode afetar o desempenho do volume além de causar outros problemas sérios.\n\nRecomendamos que você remova ou mude a extensão do recipiente (por exemplo, para .hc) após desmontar o volume. - Site na Internet - AVISO: Parece que voce não aplicou os Service Packs no Windows. Voce não deve gravar em discos IDE maiores que 128 GB em um Windows XP sem o Service Pack 1 ou superior! Se você o fizer, os dados no disco podem ser corrompidos. Lembre que esta é uma limitação do Windows, não um bug no VeraCrypt. - AVISO: Parece que voce não aplicou o Service Pack 3 ou superior no seu Windows. Voce não deve grevar em discos IDE maiores que 128 GB em um Windows 2000 sem o Service Pack 3 ou superior! Se você o fizer, os dados no disco podem ser corrompidos. Lembre que esta é uma limitação do windows, não um bug no VeraCrypt.\n\nObs: Voce pode ter de habilitar o LBA de 48 bits no regsitro do Windows; para mais informações, veja http://support.microsoft.com/kb/305098/EN-US - AVISO: O suporte a ATAPI LBA de 48 bits está desativado no seu sistema. Por isso, voce não deve grevar em discos IDE maiores que 128 GB! Se você o fizer, os dados no disco podem ser corrompidos. Lembre que esta é uma limitação do Windows, não um bug no VeraCrypt.\n\nPara habilitar o suporte a LBA de 48 bits, adicione o valor de registro 'EnableBigLba' na chave HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters e configuere-o para 1.\n\npara mais informações, veja http://support.microsoft.com/kb/305098 - Erro: Arquivos com mais de 4 GB não podem ser armazenados em um sistema de arquivos FAT32. Portanto, volumes VeraCrypt hospedados em arquivos (recipientes) armazenados em um sistema de arquivos FAT32 não podem ser maiores que 4 GB.\n\nSe você precisar de um volume maior, crie-o em um sistema de arquivos NTFS (ou num sistema de arquivos exFAT, se você usa o Windows Vista SP1 ou posterior) ou, em vez de criar um volume hospedado em arquivo, criptografe toda uma partição ou dispositivo. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - AVISO: Se voce necessitar adicionar mais arquivos no volume externo, voce deve considerar a possibilidade de escolher um tamanho menor para o volume oculto.\n\nTem certeza que deseja continuar com o tamanho especificado? - Nenhum disco selecionado.\n\nClique em 'Selecionar Dispositivo' ou 'Selecionar arquivo' para selecionar um volume VeraCrypt. - Nenhuma partição selecionada.\n\nClique em 'Selecionar Dispositivo' para selecionar uma partição desmontada que normalmente exige autenticação pré-inicialização (por exemplo, uma partição localizada em um disco de sistema ou de outro sistema operacional, que não está em execução, ou a partição criptografada de outro sistema operacional).\n\nDica: A partição selecionada será montada como um volume VeraCrypt normal, sem autenticação pré-inicialização. Isto é útil, por exemplo, para operações de backup ou reparo. - AVISO: Se os arquivos-chave padrão estiverem configurados e ativados, não será possível montar volumes que não estiverem usandos esses arquivos. Por isso, depois de ativar os arquivos-chave padrão, lembre de desmarcar a opção 'Usar arquivos-chave' (abaixo do campo da senha) sempre que for montar esses volumes.\n\nVocê tem certeza de que deseja salvar os arquivos-chave/caminhos selecionados como padrão? - Auto-Montar Dispositivos - Desmontar Todos - Limpar Cache - Desmontar Todos & Limpar Cache - Forçar Desmontar Todos & Limpar Cache - Forçar Desmontar Todos, Limpar Cache & Sair - Montar Disco Favoritos - Mostrar/Esconder a janela do VeraCrypt - (Clique aqui e pressione qualquer tecla) - Ação - Atalho - Erro: Este atalho está reservado. Favor escolher um atalho diferente. - Erro: Atalho em uso. - AVISO: Um ou mais dos atalhos de sistema do VeraCrypt não estão funcionando!\n\nFavor certificar-se de que o sistema operacional ou outro programa não está utilizando o(s) mesmo(s) atalho(s) . - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - Um erro ou incompatibilidade impede o VeraCrypt de criptografar o arquivo de hibernação. Portanto, a hibernação foi impedida.\n\nNota: Quando um computador hiberna (ou entra em um modo de economia de energia), o conteúdo do seu sistema de memória é garvado num arquivo de armazenamento de hibernação na unidade do sistema. O VeraCrypt não poderia impedir que as chaves de criptografia e o conteúdo de arquivos sensíveis abertos na RAM sejam salvos não-criptografados no arquivo de armazenamento de hibernação. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - AVISO: Se esta opção for desabilitada, discos contendo arquivos ou diretórios abertos não poderão ser auto-desmontados.\n\nTem certeza de que quer desabilitar esta opção? - AVISO: Discos contendo arquivos ou diretórios abertos NÃO serão auto-desmontados.\n\nPara evitar isto, habilite a seguinte opção nesta janela: 'Forçar auto-demontar mesmo que o disco contenha arquivos ou diretórios abertos' - AVISO: Quando a carga da bateria do notebook estiver baixa, o Windows pode omitir o envio de mensagens apropriadas aos aplicativos em execução quando o computador estiver entrando no modo de economia de energia. Assim sendo, o VeraCrypt pode falhar em auto-desmontar os volumes nesses casos. - Você agendou o processo de criptografia de uma partição/volume. O processo não foi concluído ainda.\n\nVocê gostaria de retomar o processo agora? - Você agendou o processo de criptografia ou descriptografia do dispositivo/partição de sistema. O processo ainda não foi concluído.\n\nVocê deseja reiniciar (continuar) o processo agora? - Deseja ser lembrado sobre se você quer continuar os processos agendados atualmente de criptografia de partições/volumes sem sistema? - Sim, continue me lembrando - Não, não me lembre - IMPORTANTE: Tenha em mente que você pode continuar o processo de criptografia de qualquer partição/volume sem sistema selecionando 'Volumes' > 'Continuar Processo Interrompido' no menu da janela principal do VeraCrypt. - Você agendou o processo de criptografia ou de descriptografia do dispositivo/partição de sistema. Mas a autenticação pré-inicialização falhou (ou foi cancelada).\n\nLembre: Se você descriptografou o dispositivo/partição de sistema no ambiente pré-inicialização, pode ser necessário finalizar o processo selecionando 'Sistema' > 'Descriptografar Definitivamente o Disco/Partição de Sistema' na barra de menu da janela principal do VeraCrypt. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Encerrar o VeraCrypt? - O VeraCrypt não possui informações suficientes para determinar se criptografa ou descriptografa. - O VeraCrypt não possui informação suficiente para determinar se deve criptografar ou descriptografar.\n\nNote: Se você descriptografou o dispositivo/partição de sistema no ambiente pré-inicialização, poderá ser necessário concluir o processo clicando em Descriptografar. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Você deseja interromper e adiar o processo de criptografia da partição/volume?\n\nNota: Tenha em mente que o volume não pode ser montado até que ele tenha sido totalmente criptografado. Você poderá retomar o processo de criptografia e ele irá continuar a partir do ponto que foi parado. Você pode fazê-lo, por exemplo, escolhendo 'Volumes' > ' Continuar Processo Interrompido' a partir da barra de menu da janela principal do VeraCrypt. - Você deseja interromper e adiar o processo de criptografia do dispositivo/partição de sistema?\n\nLembre: Você poderá continuar o processo do ponto em que ele foi interrompido. Para isso, você pode, por exemplo, clicar em 'Sistema' > 'Continuar Processo interrompido' na barra de menu da janela principal do VeraCrypt. Se você deseja reverter o processo de criptografia (e começar a descriptografar), Clique em 'Sistema' > 'Descriptografar o Dispositivo/Partição de Sistema'. - Você deseja interromper e adiar o processo de descriptografia do dispositivo/partição de sistema?\n\nLembre: Você poderá continuar o processo do ponto em que ele foi interrompido. Para isso, você pode, por exemplo, clicar em 'Sistema' > 'Continuar Processo interrompido' na barra de menu da janela principal do VeraCrypt. Se você deseja reverter o processo de descriptografia (e começar a criptografar), Clique em 'Sistema' > 'Criptografar o Dispositivo/Partição de Sistema'. - Erro: Não foi possível interromper o processo de criptografia/descriptografia do dispositivo/partição de sistema. - Erro: Falha ao interromper o processo de limpeza. - Erro: Não foi possível continuar o processo de criptografia/descriptografia do dispositivo/partição de sistema. - Erro: Falha ao iniciar o processo de limpeza. - Inconsistência resolvida.\n\n\n(Se você relatar um bug devido a isso, favor incluir a seguinte informação técnica no relatório: %hs) - Erro: Estado inesperado.\n\n\n(Se você relatar um bug relacionado a isto, por favor inclua as seguintes informações técnicas no relatório de erros: %hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - AVISO: A tarefa em Background do VeraCrypt está desabilitada. Depois de sair do VeraCrypt, voce não será notificado se algum dano a um arquivo escondido for evitado.\n\nObs: Voce pode parar a tarefa em Background a qualquer momento clicando com o botão direito no ícone do VeraCrypt na bandeja do sistema e selecionando 'Sair'.\n\nHabilitar a execução do VeraCrypt em Segundo Plano? - Versão da Tradução: %s - Verificando o sistema de arquivos do volume VeraCrypt montado como %s... - Tentando reparar o sistema de arquivos do volume VeraCrypt montado como %s... - AVISO: este volume está criptografado com um algoritmo legacy.\n\nTodos os algoritmos de blocos de 64 bits (como Blowfish, CAST-128 e Triple DES) estão obsoletos. Ainda será possível montar este volume usando futuras versões do VeraCrypt. Mas não haverá mais melhoramentos na implementação desses algoritmos legacy. Recomendamos que você crie um novo volume VeraCrypt criptografado com um algoritmo de bloco de 128 bits (como AES, Serpent, Twofish, etc.)e mova todos os arquivos deste volume para o novo. - Seu sistema não está configurado para auto-montar novos volumes. Pode não ser possível montar um volume VeraCrypt baseado em dispositivo. A opção de auto-montar pode ser habilitada com a execução do seguinte comando e uma reinicialização do sistema.\n\nmountvol.exe /E - Favor atribuir uma letra de unidade ao dispositivo/partição antes de continuar ('Painel de Controle' > 'Sistema e Manutenção' > 'Ferramentas Administrativas' - 'Criar e formatar partitições').\n\nIsto é uma exigência do sistema operacional. - Montar Volume VeraCrypt - Desmontar todos os volumes VeraCrypt - O VeraCrypt não conseguiu obter privilégios de Administrador. - Acesso negado pelo sistema operacional.\n\nPossível causa: O sistema operacional exige que você tenha permissão para ler/gravar (ou privilégios de Administrador) para certos dispositivos, arquivos e pastas, para poder ler/gravar dados neles/deles. Normalmente, um usuário sem privilégios de Administrador é autorizado a criar, ler e modificar arquivos em sua pasta de Documentos. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - O VeraCrypt Boot Loader requer pelo menos 32 KBytes de espaço livre no início do dispositivo de sistema. - Este recurso não é suportado na versão do sistema operacional que você está usando. - O VeraCrypt não pode criptografar um dispositivo/partição de sistema na versão de sistema operacional que você está usando. - Antes de criptografar a partição/unidade de sistema no Windows Vista, você precisa instalar o Service Pack 1 ou superior (nenhum Service Pack foi instalado neste sistema ainda).\n\nNota: O Service Pack 1 pro Windows Vista solucionou um problema que causa falta de memória principal livre durante o boot do sistema. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Seu sistema possui uma tabela de partição GUID (GPT). No momento, apenas tabelas de partição MBR são suportadas. - CUIDADO: O VeraCrypt Boot Loader ja está instalado no seu disco de sistema!\n\nÉ possível que outro sistema em seu computador ja esteja criptografado.\n\nAVISO: CONTINUAR COM A CRIPTOGRAFIA DESTE SISTEMA PODE TORNAR OUTRO(S) SISTEMA(S) E SEUS DADO(S) INACESSÍVEL(IS).\n\nVocê tem certeza de que deseja continuar? - Não foi possível restaurar o inicializador original do sistema.\n\nPor favor, use o seu Disco de Emergência VeraCrypt ('Opções de Reparação' > 'Restaurar inicializador original do sistema') ou sua mídia de instalação do Windows para substituir o Gerenciador de Boot do VeraCrypt pelo do Windows. - O loader original do sistema não será armazenado no Disco de Emergência (provável causa: arquivo de backup não encontrado). - Não foi possível gravar no setor da MBR.\n\nSua BIOS pode estar configurada para proteger o setor da MBR. Verifique "MBR/antivirus protection" nas configurações da sua BIOS (pressione F2, Delete ou Esc ao ligar o seu computador). - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - A versão requerida do Gerenciador de Boot do VeraCrypt não está instalada no momento. Isto pode evitar que algumas configurações sejam salvas. - Nota: Em algumas situações, você pode querer impedir uma pessoa (adversário) que está observando você iniciar o computador de saber que você usa o VeraCrypt. As opções acima permitem que você faça isso, personalizando a tela de inicialização do VeraCrypt. Se você ativar a primeira opção, nenhum texto será apresentado pelo gestor de inicialização (mesmo se você digitar a senha errada). O computador aparentará estar "congelado" enquanto você puder digitar sua senha. Além disso, uma mensagem personalizada pode ser exibida para enganar seu adversário. Por exemplo, mensagens de erro falsas como 'Sistema operacional ausente' (que normalmente é exibida pelo boot do Windows se ele não encontrar qualquer partição de inicialização do Windows). No entanto, é importante notar que, se o adversário puder analisar o conteúdo do disco rígido, ele ainda pode descobrir que ele contém o gestor de inicialização do VeraCrypt. - ATENÇÃO: Tenha em mente que se você ativar esta opção, o inicializador do VeraCrypt não exibirá quaisquer textos (mesmo se você digitar a senha errada). O computador aparentará estar "congelado" (sem resposta), enquanto você puder digitar sua senha (o cursor NÃO se moverá e nenhum asterisco será exibido quando você pressionar uma tecla).\n\nTem certeza de que deseja ativar essa opção? - Seu dispositivo/partição parece estar completamente criptografado. - O VeraCrypt não criptografa disco de sistema que tenha sido convertido para disco dinâmico. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Você deseja criptografar a partição de sistema em vez de o disco inteiro?\n\nLembre que você pode criar volumes VeraCrypt hospedados em qualquer partição que não seja de sistema (além de criptografar a partição de sistema). - Como o seu disco de sistema contém apenas uma partição que ocupa o disco inteiro, é preferível (mais seguro) criptografar o disco inteiro incluindo o intervalo livre que comumente fica ao redor dessa partição.\n\nVocê deseja criptografar o disco inteiro? - Seu sistema está configurado para armazenar os arquivos temporários em uma partição não- sistema.\n\nArquivos temporários podem ser armazenados apenas na partição do sistema. - Seus arquivos do perfil de usuário não estão armazenados na partição do sistema.\n\nArquivos do perfil de usuário podem ser armazenados somente na partição do sistema. - Existe(m) arquivo(s) de paginação em partições não-sistema.\n\nArquivos de paginação podem estar localizados somente na partição do sistema. - Deseja configurar o Windows para criar arquivos de paginação na partição do Windows agora?\n\nNote que se você selecionar 'Sim', o computador será reiniciado. Depois disso, inicie o VeraCrypt e tente criar o SO oculto novamente. - Caso contrário, a camuflagem de informação do sistema operacional oculto poderia ser adversamente afetada.\n\nNota: Se um adversário analisasse o conteúdo de tais arquivos (residido numa partição não-sistema), ele poderia descobrir que você usou este assistente modo de criação de sistema oculto (que pode indicar a existência de um sistema operacional oculto no seu computador). Observe também que todos esses arquivos armazenados na partição do sistema serão apagados com segurança pelo VeraCrypt durante o processo de criação do sistema operacional oculto. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Aviso: Há espaço não alocado entre a partição de sistema e a primeira partição depois dela. Depois de criar o sistema operacional oculto, você não deve criar novas partições nesse espaço não alocado. Caso contrário, o sistema operacional oculto será impossibilitado de inicializar (até você excluir essas recém-criadas partições). - Este algoritmo não é suportado para criptografia de sistema. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Arquivos-chave atualmente não são suportados para criptografia do sistema. - Aviso: O VeraCrypt não conseguiu restaurar o layout original do teclado. Isto poderá fazê-lo digitar a senha incorretamente. - Erro: Não foi possível configurar o layout do teclado para o VeraCrypt como layout Estados Unidos (Internacional).\n\nLembre que a senha precisa ser digitada em ambiente pré-boot (antes de o Windows iniciar) onde layouts não-Windows Estados Unidos (Internacional) não estão disponíveis. Por isso, a senha deve ser digitada sempre usando o layout Estados Unidos (Internacional). - Como o VeraCrypt mudou temporariamente o layout do seu teclado para o layout Estados Unidos (Internacional), não será possível digitar caracteres pressionando teclas enquanto a tecla Alt Gr estiver pressionada. Mas você ainda pode digitar a maioria desses caracteres usando a tecla apropriada enquanto mantem pressionada a tecla Shift. - O VeraCrypt impediu uma alteração no layout do teclado. - Lembre: A senha precisará ser digitada no ambiente pré-inicialização (antes de iniciar o Windows) onde layouts não-Estados Unidos (Internacional) não estão disponíveis. Por isso, a senha precisa ser digitada sempre usando o layout Estados Unidos (Internacional). Mesmo assim, é importante lembrar que você NÃO precisa de um teclado Estados Unidos (Internacional) real. O VeraCrypt certifica-se automaticamente de que você pode digitar a senha com segurança (tanto agora quanto no ambiente pré-inicialização) mesmo se você NÃO possuir um teclado Estados Unidos (Internacional). - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - ATENÇÃO: Se você já criou um Disco de Emergência VeraCrypt no passado, ele não pode ser reutilizado para esta partição/unidade de sistema, porque ele foi criado para uma chave mestra diferente! Cada vez que criptografar uma partição/unidade de sistema você deve criar um novo Disco de Emergência VeraCrypt para ela, mesmo se usar a mesma senha. - Erro: Não foi possível salvar as configurações de criptografia de sistema. - Não foi possível iniciar o pré-teste da criptografia de sistema. - Não é possível iniciar o processo de criação do sistema operacional oculto. - Modo de Limpar - Em alguns tipos de mídias de armazenamento, quando os dados são sobrescritos com outros dados, pode ser possível recuperar os dados sobrescritos usando técnicas como microscopia de força magnética. Isto também se aplica aos dados que são sobrescritos pela sua forma criptografada (o que acontece quando VeraCrypt inicialmente criptografa uma partição ou unidade não criptografada). De acordo com alguns estudos e publicações governamentais, a recuperação de dados sobrescritos pode ser evitada (ou tornada muito difícil) sobrescrevendo os dados com outros dados pseudo-aleatórios e alguns não-aleatórios um determinado número de vezes. Portanto, se você acredita que um adversário possa ser capaz de usar tais técnicas para recuperar os dados que você pretende criptografar, você pode querer selecionar um dos modos de limpeza (dados existentes NÃO serão perdidos). Note que a limpeza NÃO será realizada depois da partição/unidade ser criptografada. Quando a partição/unidade está totalmente criptografada, nenhum dado não-criptografado é gravado nela. Quaisquer dados que estiverem sendo gravados nela são primeiro criptografados na memória e só então são gravados gravados no disco. - Em alguns tipos de mídias de armazenamento, quando os dados são sobrescritos com outros dados (por exemplo, quando eles são apagados), pode ser possível recuperar os dados sobrescritos usando técnicas como microscopia de força magnética. De acordo com alguns estudos e publicações governamentais, a recuperação de dados sobrescritos pode ser evitada (ou tornada muito difícil) sobrescrevendo os dados com outros dados pseudo-aleatórios e alguns não-aleatórios um determinado número de vezes. Portanto, se você acredita que um adversário possa ser capaz de usar tais técnicas para recuperar os dados que devem ser apagados, você pode querer selecionar um dos modos de limpeza de múltiplas passagens.\n\nNota: Quanto mais passagens de limpeza você usar, mais tempo levará para apagar os dados. - Limpando - \nNota: Você pode interromper o processo de limpeza, desligar o computador, iniciar o sistema oculto novamente e então retomar o processo (o assistente será iniciado automaticamente). No entanto, se você interrompê-lo, todo o processo de limpeza terá que começar desde o início. - \n\nNota: Se você interromper o processo de limpeza e, em seguida, tentar retomá-lo, todo o processo terá que começar desde o início. - Você deseja abortar o processo de limpeza? - Atenção: Todo o conteúdo da partição/dispositivo selecionada(o) será apagado e perdido. - Todo o conteúdo da partição onde o sistema original reside será apagado.\n\nNota: Todo o conteúdo da partição que está para ser apagada foi copiado para esta partição de sistema oculto. - ATENÇÃO: Note que quando você escolhe por exemplo o modo de limpeza de 3 ciclos, o tempo necessário para criptografar a partição/unidade será até 4 vezes maior. Do mesmo modo, se você escolher o modo de limpeza de 35 ciclos, vai ser até 36 vezes mais longo (o que poderia até levar várias semanas).\n\nNo entanto, observe que a limpeza NÃO será realizada após a partição/unidade ser totalmente criptografada. Quando a partição/unidade está totalmente criptografada, nenhum dado não-criptografado é gravado nela. Quaisquer dados que estão sendo gravados nela são primeiro criptografados na memória e só então são gravados no disco (por isso o desempenho NÃO será afetado).\n\nTem certeza que deseja usar o modo de limpeza? - Nenhum (mais rápido) - 1 ciclo (dados aleatórios) - 3 ciclos (US DoD 5220.22-M) - 7 ciclos (US DoD 5220.22-M) - 35 ciclos ('Gutmann') - 256 ciclos - Número de Sistemas Operacionais - AVISO: usuários inexperientes nunca devem tentar criptografar o Windows em configurações de boot múltiplo.\n\nDeseja continuar? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Disco de Inicialização - Este sistema operacional está instalado no disco de inicialização?\n\nLembre: às vezes, o Windows não está instalado no mesmo disco que seu boot loader (partição de inicialização). Se este for o caso clique em 'Não'. - O VeraCrypt não criptografa sistema operacional que não inicia do mesmo disco em que está instalado. - Número de Discos de Sistema - Quantos discos contêm sistema operacional?\n\nLembre: Se, por exemplo, você tem algum sistema operacional (como Windows, Mac OS X, Linux, etc.) instalado em seu disco primário e algum outro sistema operacional instalado em seu disco secundário, selecione '2 ou mais'. - Esta versão do VeraCrypt não suporta criptografar um disco que contém vários sistemas operacionais.\n\nSoluções Possíveis:\n\n- Você ainda pode criptografar um dos sistemas se você voltar e escolher criptografar apenas uma partição de sistema (em vez de escolher criptografar o disco de sistema inteiro).\n\n- Você também pode criptografar o disco inteiro se, primeiro, você mover os outros sistemas operacionais para outros discos, deixando apenas um sistema no disco que você deseja criptografar. - Vários Sistemas em Um único Disco - Existe algum outro sistema operacional instalado no mesmo disco em que este sistema operacional?\n\nLembre: Se este sistema operacional estiver instalado, por exemplo, no disco #0, que contém várias partições, e uma delas contém o Windows e outra contém outro sistema operacional (como Windows, Mac OS X, Linux, etc.), selecione 'Sim'. - Boot Loader Não-Windows - É um gerenciador de boot não-Windows instalado no Master Boot Record (MBR)?\n\nNota: Por exemplo, se a primeira faixa da unidade de boot contém o GRUB, LILO, XOSL, ou algum outro gerenciador de boot não-Windows (ou gestor de inicialização), selecione 'Sim'. - Boot Múltiplo - Esta versão do VeraCrypt não suporta configurações de boots múltiplos com boot loader não-Windows instalado na MBR.\n\nSoluções Possíveis:\n\n- Se você usa um gerenciador de boot para iniciar o Windows e o Linux, mova o gerenciador de boot (geralmente GRUB) da MBR para uma partição. Depois, inicie este assistente novamente e criptografeo dispositivo/partição de sistema. Lembre que o VeraCrypt Boot Loader se tornará o seu gerenciador de inicialização principal e permitirá que você execute seu gerenciador original (como GRUB) como gerenciador secundário (pressionando Esc na tela do VeraCrypt Boot Loader) e, assim, você poderá iniciar o Linux. - Se o sistema operacional atualmente em execução estiver instalado na partição de boot, então, depois que você criptografá-la, você terá que digitar a senha correta mesmo que você queira iniciar qualquer outro sistema Windows não-criptografado (uma vez que irão compartilhar um único gerenciador de boot criptografado do Windows).\n\nEm contrapartida, se o sistema operacional em execução atualmente não estiver instalado na partição de boot (ou se o gerenciador de boot do Windows não é utilizado por nenhum outro sistema), em seguida, depois de criptografar este sistema, você não precisa digitar a senha correta para iniciar o(s) outro(s) sistema(s) não-criptografado(s) – você só precisa pressionar a tecla Esc para iniciar o sistema não-criptografada (se existirem vários sistemas não criptografados, você também precisará escolher qual sistema iniciar no menu do Gerenciador de Boot do VeraCrypt).\n\nNota: Normalmente, o mais antigo sistema do Windows instalado está na partição de inicialização. - Criptografia da Área Protegida do Host - No final de muitas unidades, existe uma área que é normalmente ocultada do sistema operacional (tais áreas são geralmente referidas como Áreas Protegidas do Host). No entanto, alguns programas podem ler e gravar dados de/para essas áreas.\n\nATENÇÃO: Alguns fabricantes de computadores podem utilizar essas áreas para armazenar dados e ferramentas para RAID, recuperação do sistema, configuração do sistema, diagnóstico, ou para outros fins. Se essas ferramentas ou dados devem estar acessíveis antes de inicializar, a área oculta NÃO deve ser criptografada (escolher 'Não' acima).\n\nVocê quer que o VeraCrypt detecte e criptografe uma área oculta assim (se houver), no final da unidade de sistema? - Tipo da Criptografia do Sistema - Selecione esta opção se você quiser apenas criptografar a partição do sistema ou toda a unidade de sistema. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Sistema Operacional Oculto - Nos seguintes passos, você criará dois volumes VeraCrypt (externo e oculto) na primeira partição atrás da partição do sistema. O volume oculto conterá o sistema operacional oculto (SO). O VeraCrypt criará o SO oculto copiando o conteúdo da partição do sistema (em que o SO atualmente em execução está instalado) para o volume oculto. Para o volume externo, você copiará alguns arquivos sensíveis que você realmente NÃO quer esconder. Eles estarão lá para qualquer um que forçar você a revelar a senha para partição do SO oculto. Você pode revelar a senha para o volume externo dentro da partição do SO oculto (a existência do SO oculto permanece em segredo).\n\nPor último, na partição do SO atualmente em execução, você irá instalar um novo SO, o chamado SO isca, e irá criptografá-lo. Ele não deve conter os dados sensíveis e estará lá para qualquer um que force você a revelar sua senha de autenticação pré-boot. No total, haverá três senhas. Duas delas podem ser divulgadas (para o SO isca e o volume externo). Se você usar o terceiro, o SO oculto irá iniciar. - Detectando Setores Ocultos - Por favor, aguarde enquanto o VeraCrypt está detectando possíveis setores ocultos no final da unidade do sistema. Observe que esta operação pode levar um longo tempo para terminar.\n\nNota: Em casos muito raros, em alguns computadores, o sistema pode não responder durante este processo de detecção. Se isso acontecer, reinicie o computador, inicie o VeraCrypt, repita os passos anteriores, mas ignore este processo de detecção. Note que este problema não é causado por um erro no VeraCrypt. - Área a Criptografar - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Coletando Dados Aleatórios - Chaves Geradas - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Gravação do Disco de Emergência - Disco de Emergência Criado - Pré-Teste de Criptografia de Sistema - Disco de Emergência Verificado - \nO Disco de Emergência VeraCrypt foi verificado com sucesso. Remova-o da gaveta e guarde-o em um local seguro.\n\nClique em Avançar para continuar. - AVISO: Durante os próximos passos, o Disco de Emergência do VeraCrypt não deve estar na unidade. Caso contrário, não será possível completar os passos corretamente.\n\nPor favor, remova-o da unidade agora e guarde-o em um local seguro. Em seguida, clique em OK. - Aviso: Devido a limitações técnicas, textos exibidos pelo VeraCrypt no ambiente pré-boot (pré-inicialização, antes de o Windows iniciar) podem não estar localizados. A interface de usuário do VeraCrypt Boot Loader é completamente em Inglês.\n\nDeseja continuar? - Antes de criptografar o seu disco ou partição de sistema, o VeraCrypt precisa verificar se tudo está funcionando corretamente.\n\nDepois que você clicar em Testar, todos os componentes necessários (como o componente de autenticação pré-inicialização - VeraCrypt Boot Loader) serão instalados e o seu computador será reiniciado. Então, você precisará digitar a senha na tela do VeraCrypt Boot Loader que aparecerá antes de o Windows iniciar. Depois que o Windows iniciar, você será automaticamente informado sobre o resultado do pré-teste.\n\nO seguinte dispositivo será modificado: Disco #%d\n\n\nSe você clicar em Cancela agora, nada será instalado e o pré-teste não será realizado. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Pré-Teste Completado - O pré-teste foi concluído com êxito.\n\nATENÇÃO: Observe que, se fonte de energia for subitamente interrompida durante a criptografia dos dados existentes no local, ou quando o sistema operacional falhar devido a um erro de software ou hardware enquanto o VeraCrypt estiver criptografando os dados existentes no local, porções dos dados serão corrompidas ou perdidas. Portanto, antes de começar a codificação, por favor, certifique-se de que tem cópias de segurança dos arquivos que você deseja criptografar. Se não possuir, por favor faça backup dos arquivos agora (você pode clicar em Adiar, fazer backup dos arquivos e, em seguida, executar novamente o VeraCrypt a qualquer momento, e selecione 'Sistema' > 'Continuar Processo Interrompido' para iniciar a criptografia).\n\nQuando estiver pronto, clique em Criptografar para iniciar. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nVocê pode clicar em Pausar ou Adiar a qualquer momento para interromper o processo de criptografia, sair deste assistente, reiniciar ou desligar seu computador e, em seguida, retomar o processo, que continuará a partir do ponto que foi parado. Note que o volume não pode ser montado até que tenha sido totalmente criptografado. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Sistema Oculto Iniciado - Sistema Original - O Windows cria (normalmente, sem o seu conhecimento ou consentimento) vários arquivos de registro, arquivos temporários, etc, na partição do sistema. Ele também salva o conteúdo da memória RAM para hibernação e arquivos de paginação localizados na partição do sistema. Portanto, se um adversário analisasse arquivos armazenados na partição onde reside o sistema original (do qual o sistema oculto é um clone), ele pode descobrir, por exemplo, que você usou o assistente do VeraCrypt no modo de criação de sistemas ocultos (que pode indicar a existência de um sistema operacional oculto no seu computador).\n\nPara evitar tais problemas, o VeraCrypt irá, nos próximos passos, apagar com segurança todo o conteúdo da partição onde o sistema original reside. Posteriormente, a fim de obter camuflagem de informações, será necessário instalar um novo sistema na partição e criptografá-lo. Assim você irá criar o sistema isca e todo o processo de criação do sistema operacional oculto será concluído. - O sistema operacional oculto foi criado com sucesso. No entanto, antes que você possa começar a usá-lo (e obter camuflagem de informação), você precisará apagar com segurança (usando o VeraCrypt) todo o conteúdo da partição onde o sistema operacional atualmente em execução está instalado. Antes que você possa fazer isso, você precisará reiniciar o computador e, na tela do Gerenciador de Boot do VeraCrypt (que aparece antes de iniciar o Windows), digite a senha de autenticação pré-boot para o sistema operacional oculto. Em seguida, após iniciar o sistema oculto, o assistente do VeraCrypt será iniciado automaticamente.\n\nNota: Se você optar por encerrar o processo de criação do sistema operacional oculto agora, você NÃO poderá retomar o processo e o sistema oculto NÃO estará acessível (porque o Gerenciador de Boot do VeraCrypt será removido). - Você tem agendado o processo de criação de um sistema operacional oculto. O processo não foi concluído ainda. Para completá-lo, você precisará reiniciar o computador e, na tela do Gerenciador de Boot do VeraCrypt (que aparece antes do Windows iniciar), digite a senha para o sistema operacional oculto.\n\nNota: Se você optar por encerrar o processo de criação do sistema operacional oculto agora, você NÃO poderá retomar o processo. - Reinicie o computador e prossiga - Encerrar permanentemente o processo de criação do sistema operacional oculto - Não fazer nada agora, e perguntar novamente mais tarde - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Clonagem de Sistema Operacional - Nas próximas etapas, o VeraCrypt irá criar o sistema operacional oculto copiando o conteúdo da partição do sistema para o volume oculto (os dados a serem copiados serão criptografados on-the-fly com uma chave de criptografia diferente daquele que será utilizada para o sistema isca).\n\nPor favor note que o processo será realizado em ambiente pré-boot (antes do Windows iniciar) e pode levar um longo tempo para concluir; várias horas ou até vários dias (dependendo do tamanho da partição do sistema e do desempenho do seu computador).\n\nVocê poderá interromper o processo, desligar o computador, iniciar o sistema operacional e, em seguida, retomar o processo. No entanto, se você interrompê-lo, todo o processo de cópia do sistema terá que começar desde o início (porque o conteúdo da partição do sistema não deve mudar durante a clonagem). - Deseja cancelar todo o processo de criação do sistema operacional oculto?\n\nNota: Você NÃO poderá retomar o processo se cancelá-lo agora. - Você deseja cancelar o pré-teste de criptografia de sistema? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - O dispositivo/partição de sistema não parece estar criptografado (nem parcial nem completamente). - Seu dispositivo/partição de sistema está criptografado (parcial ou completamente).\n\nFavor descriptografar o dispositivo/partição de sistema completamente antes de continuar. Para isso, clique em 'Sistema' > 'Descriptografar Dispositivo/Partição de Sistema Definitivamente' na barra de menu da janela principal do VeraCrypt. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Seu dispositivo/partição de sistema está sendo criptografado, descriptografado ou modificado de outra forma. Favor interromper o processo de criptografia/descriptografia/modificação (ou aguardar até que ele esteja completo) antes de continuar. - Uma instância do Assistente de Criação de Volume VeraCrypt ja está em execução neste sistema ou se preparando para a criptografia/descriptografia do dispositivo/partição de sistema. Antes de continuar, aguarde até que ele seja concluído ou feche-o. Se você não conseuir fechá-lo, reinicie o seu computador antes de continuar. - O processo de criptografia ou descriptografia do dispositivo/partição de sistema não foi concluído. Aguarde até que ele seja concluído antes de continuar. - Erro: O processo de criptografia do disco/partição de sistema não foi concluído. Ele precisa ser concluído primeiro. - Erro: O processo de criptografia da partição/volume não foi concluído. Ele precisa ser concluído primeiro.\n\nNota: Para retomar o processo, selecione 'Volumes' > 'Retomar Processo Interrompido' na barra de menu da janela principal do VeraCrypt. - A senha está correta. O VeraCrypt descriptografou com êxito o cabeçalho do volume e detectou que este é um volume de sistema oculto. No entanto, você não pode modificar o cabeçalho de um volume de sistema oculto desta forma.\n\nPara alterar a senha de um volume de sistema oculto, inicie o sistema operacional residente no volume oculto e depois selecione 'Sistema' > 'Alterar Senha' na barra de menu da janela principal do VeraCrypt.\n\nPara definir o algoritmo de derivação da chave de cabeçalho, inicie o sistema operacional oculto e selecione 'Sistema' > 'Definir Algoritmo de Derivação da Chave de Cabeçalho'. - O VeraCrypt não suporta descriptografia no local de uma partição de sistema oculto.\n\nNota: Se você quiser descriptografar a partição do sistema isca, inicie o sistema isca e selecione 'Sistema' > 'Descriptografar Permanentemente a Partição/Unidade de Sistema' na barra de menu da janela principal do VeraCrypt. - Erro: Parâmetro incorreto/inválido. - Você selecionou um dispositivo ou partição mas o assistente que você escolheu é apenas para arquivos-recipiente.\n\nVocê deseja mudar de assistente? - Você deseja criar um arquivo recipiente VeraCrypt? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Você tem certeza de que deseja descriptografar o dispositivo/partição de sistema definitivamente? - CUIDADO: Se você descriptografar o dispositivo/partição de sistema definitivamente, os dados descriptografados serão gravados nele.\n\nVocê tem certeza de que deseja descriptografar o dispositivo/partição de sistema definitivamente? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Aviso: Se você usar uma cascata de cifras para criptografia do sistema, você pode encontrar os seguintes problemas:\n\n1) O Gerenciador de Boot do VeraCrypt é maior do que o normal e, portanto, não há espaço suficiente na primeira faixa de uma unidade para backup do Gerenciador de Boot do VeraCrypt. Consequentemente, sempre que ele for danificado (o que muitas vezes acontece, por exemplo, durante procedimentos de ativação anti-pirataria concebidos inadequadamente em certos programas), você precisará usar o Disco de Emergência VeraCrypt para iniciar ou reparar o Gerenciador de Boot do VeraCrypt.\n\n2) Alguns computadores demoram mais para retomar da hibernação.\n\nEstes problemas potenciais podem ser evitados pela escolha de um algoritmo de criptografia não-cascata (AES, por exemplo).\n\nTem certeza que pretende utilizar uma cascata de cifras? - Se você tiver algum dos problemas descritos acima, descriptografe o disco/partição (se ele estiver criptografado) e tente criptografá-lo novamente usando um algoritmo não sequencial (como o AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - O número da versão do Gerenciador de Boot do VeraCrypt que inicializou esse sistema operacional é diferente do número da versão do driver do VeraCrypt (e do aplicativo do VeraCrypt) instalados no sistema.\n\nVocê deve executar o instalador do VeraCrypt (cujo número de versão é o mesmo do Gerenciador de Boot) para atualizar o VeraCrypt neste sistema operacional. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - O VeraCrypt Boot Loader foi atualizado.\n\nÉ fortemente recomendável que você crie um novo Disco de Emergência VeraCrypt (que conterá a nova versão do VeraCrypt Boot Loader) selecionando 'Sistema' > 'Criar Disco de Emergência' depois que você reiniciar o seu computador. - O Gerenciador de Boot do VeraCrypt foi atualizado.\n\nÉ altamente recomendado que você inicie o sistema operacional isca e então crie um novo Disco de Emergência VeraCrypt (que incluirá a nova versão do Gerenciador de Boot do VeraCrypt), selecionando 'Sistema' > 'Criar Disco de Emergência'. - Não foi possível atualizar o VeraCrypt Boot Loader. - O VeraCrypt falhou em detectar o tamanho real da unidade de sistema e, portanto, o tamanho reportado pelo sistema operacional (que pode ser menor do que o tamanho real) será utilizado. Observe também que este não é um bug no VeraCrypt. - AVISO: Parece que o VeraCrypt ja tentou detectar setores ocultos neste disco de sistema. Se você encontrou algum problema durante esse processo de detecção, você pode evitá-lo cancelando esta etapa agora. Mas lembre que se você fizer isso, o VeraCrypt irá utilizar o tamanho informado pelo sistema operacional (que poderá ser menor que o tamanho real do disco).\n\nLembre também que este problema não é causado por um bug no VeraCrypt. - Cancelar a detecção de setores ocultos (usar o tamanho informado pelo sistema operacional) - Tentar detectar setores ocultos novamente - Erro: O conteúdo de um ou mais setores do disco não pode ser lido (provavelmente por algum defeito físico).\n\nO processo de criptografia no local só pode continuar quando os setores forem tornados legíveis novamente. O VeraCrypt pode tentar fazer estes setores legíveis gravando zeros nos setores (subseqüentemente todos esses blocos de zero seriam criptografados). No entanto, note que todos os dados armazenados nos setores ilegíveis serão perdidos. Se quiser evitar isso, você pode tentar recuperar parcelas dos dados corrompidos usando software de terceiros.\n\nNota: No caso de setores danificados fisicamente (em vez de mera corrupção de dados e erros de checksum), a maioria dos dispositivos de armazenamento realocam internamente os setores quando se tenta gravar dados neles (por isso, os dados existentes nos setores danificados podem permanecer não-criptografados na unidade).\n\nVocê quer que o VeraCrypt grave zeros nos setores ilegíveis? - Erro: O conteúdo de um ou mais setores do disco não pode(m) ser lido(s) (provavelmente devido a um defeito físico).\n\nPara prosseguir com a descriptografia, o VeraCrypt terá que descartar o conteúdo de tais setores (o conteúdo será substituído por dados pseudo-aleatórios). Por favor note que, antes de continuar, você pode tentar recuperar porções dos dados corrompidos usando software apropriado de terceiros.\n\nDeseja que o VeraCrypt descarte os dados nos setores ilegíveis agora? - Nota: O VeraCrypt substituiu o conteúdo de %I64d setores ilegíveis (%s) com blocos criptografados de texto formatado com zeros. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Digite password/PIN para o token '%s': - \tA fim de permitir que o VeraCrypt acesse um token de segurança ou um smart card, você primeiro precisa instalar uma biblioteca de software PKCS #11 para o token ou smart card. Essa biblioteca pode ser fornecida com o dispositivo ou pode estar disponível para download no site do vendedor ou por terceiros. \tDepois de instalar a biblioteca, você pode selecioná-la manualmente, clicando em 'Selecionar Biblioteca' ou você pode deixar o VeraCrypt encontrá-la e selecioná-la automaticamente clicando em 'Auto-Detectar Biblioteca' (apenas o diretório de sistema do Windows vai ser pesquisado). - Nota: Para o nome do arquivo e a localização da biblioteca PKCS #11 instalada para seu token de segurança ou smart card, por favor consulte a documentação fornecida com o token, card, ou software de terceiros.\n\nClique em 'OK' para selecionar o caminho e o nome do arquivo. - A fim de permitir que o VeraCrypt acesse um token de segurança ou smart card, você precisa primeiro selecionar uma biblioteca de software PKCS #11 para o token/card. Para isso, selecione 'Configurações' > 'Tokens de Segurança'. - Falha ao inicializar a biblioteca PKCS #11 do token de segurança.\n\nPor favor, certifique-se de que o caminho e o nome de arquivo especificados refiram-se a uma biblioteca PKCS #11. Para especificar um caminho e nome do arquivo de uma biblioteca PKCS #11, selecione 'Configurações' > 'Tokens de Segurança'. - Nenhuma biblioteca PKCS #11 foi encontrada no diretório de sistema do Windows.\n\nPor favor, certifique-se de que uma biblioteca PKCS #11 para o seu token de segurança (ou smart card) está instalada (tal biblioteca pode ser fornecida com o token/card ou pode estar disponível para download no site do vendedor ou de terceiros). Se ela estiver instalada em um diretório diferente do diretório de sistema do Windows, clique em 'Selecionar Biblioteca' para localizá-la (por exemplo, na pasta onde o software do token/card está instalado). - Nenhum token de segurança foi encontrado.\n\nPor favor, certifique-se que seu token de segurança está conectado ao computador e o driver de dispositivo correto para o seu token está instalado. - Arquivo-chave do Token de Segurança não encontrado. - Um arquivo-chave de token de segurança com o mesmo nome já existe. - Você quer apagar os arquivos selecionados? - O caminho do arquivo-chave do token de segurança é inválido. - Erro no token de segurança - A senha para o token de segurança está incorreta. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - Todas as sessões abertas de tokens de segurança foram fechadas. - Selecione os Arquivos-Chave do Token de Segurança - Slot - Nome do Token - Nome do arquivo - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Erro ao analisar a linha de comando. - Disco de Emergência - Sel&ecione o Arquivo e Monte-o... - Selecione o &Dispositivo e Monte-o... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Aviso: O sistema de arquivos no volume montado como '%s' não foi limpamente desmontado, assim, pode conter erros. Usar um sistema de arquivos corrompido pode causar perda ou corrupção de dados.\n\nNota: Antes de remover fisicamente ou desligar um dispositivo (como uma unidade flash USB ou um disco rígido externo) onde reside um volume VeraCrypt montado, você deve sempre desmontar o volume no VeraCrypt primeiro.\n\n\nDeseja que o Windows tente detectar e corrigir erros (se houver) no sistema de arquivos? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Aviso: Reparar um sistema de arquivos danificado usando a ferramenta 'chkdsk' da Microsoft pode causar perda de arquivos nas áreas danificadas. Assim sendo, é recomendado que você primeiro faça backup dos arquivos armazenados no volume VeraCrypt para outro, em bom estado.\n\nDeseja reparar o sistema de arquivos agora? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - O volume '%s' foi montado como somente-leitura porque o acesso de gravação foi negado.\n\nCertifique-se de que nenhum outro aplicativo (por exemplo, um software antivírus) está acessando a partição/dispositivo em que o volume está hospedado. - O volume '%s' foi montado como somente-leitura porque o sistema operacional informa que o dispositivo principal está protegido contra gravação.\n\nNote que alguns drivers personalizados de chipset causam o falso reconhecimento de mídias graváveis como protegidas contra gravação. Este problema não é causado pelo VeraCrypt. É possível resolvê-lo atualizando ou desinstalando qualquer driver personalizado de chipset que esteja atualmente instalado em seu sistema. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Você deseja que o VeraCrypt tente desabilitar a proteção contra gravação do(a) dispositivo/partição? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Testar - Arquivo-Chave - Backspace - Tab - Clear - Enter - Pause - Caps Lock - Barra de espaço - Page Up - Page Down - End - Home - Seta para esquerda - Seta para cima - Seta para direita - Seta para baixo - Tecla Select - Tecla Print - Tecla Execute - Print Screen - Insert - Delete - Tecla Aplicações - Sleep - Num Lock - Scroll Lock - Browser Voltar - Browser Avançar - Browser Recarregar - Browser Parar - Browser Pesquisar - Browser Favoritos - Browser Home - Mudo - Volume - - Volume + - Próxima Trilha - Trilha Anterior - Parar - Tocar/Pausa - Tecla Iniciar Email - Tecla Selecionar Mídia - Aplicação 1 - Aplicação 2 - Attn - CrSel - ExSel - Play - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Cancelar + Instalar &para todos os usuários + Pro&curar... + Adicionar ícone à área de &trabalho + Donate now... + Associar a &extensão .hc ao VeraCrypt + &Abrir o local de destino quando concluído + Incluir o Veracrypt no menu &Iniciar + Criar um ponto de &restauração do sistema + &Desinstalar + &Extrair + &Instalar + Assistente de Instalação do VeraCrypt + Desinstalar o VeraCrypt + A&juda + Favor selecionar ou digitar o local onde você deseja que os arquivos sejam extraídos: + Favor selecionar ou digitar o local onde você deseja instalar o VeraCrypt. Se a pasta especificada não existir, ela será criada automaticamente. + Clique em Desinstalar para remover o VeraCrypt do sistema. + Abortar + &Benchmark + &Testar + Criar volume encriptado e formatá-lo + Criptografar partição no local + Exibir (parcialmente) chaves geradas + Mostrar conteúdo do pool + Baixar software de gravação de CD/DVD + Crie um recipiente de arquivo criptografado + & GB + & TB + Mais informações + Volume o&culto VeraCrypt + Mais informações sobre volumes ocultos + Modo direto + Modo normal + &KB + U&sar arquivos-chave + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + &Arquivos-chave... + Informação sobre algoritmos hash + Mais Informações + Information on PIM + &MB + Mais informações + Mais informações sobre criptografia do sistema + Mais informações + Boot múltiplo + Criptografar uma partição/unidade não-sistema + Nunca &salvar histórico + Abrir volume externo + &Pausar + Use P&IM + Use PIM + Formatação rápida + &Mostrar senha + &Mostrar senha + &Display PIM + Boot Único + Volume VeraCrypt padrão + O&culto + Normal + Criptografar a partição ou unidade de sistema inteira + Criptografar a partição de sistema do Windows + Criptografar a unidade inteira + Assistente de Criação de Volume VeraCrypt + Cluster + IMPORTANTE: Mova seu mouse tão aleatoriamente quanto possível nesta janela. Quanto mais você demorar movendo-o, melhor. Isto aumenta significativamente a força de criptografia das chaves. Depois clique em Avançar para continuar. + &Confirmar: + Concl. + Drive letter: + Algoritmo de Criptografia + Sistema de arquivos + Cria um disco virtual criptografado em um arquivo. Recomendado para usuários inexperientes. + Opções + Algoritmo de hash + Chave do cabeçalho: + Faltam + Chave mestra: + Selecione esta opção se houver dois ou mais sistemas operacionais instalados neste computador.\n\nPor exemplo:\n- Windows XP e Windows XP\n- Windows XP e Windows Vista\n- Windows e Mac OS X\n- Windows e Linux\n- Windows, Linux e Mac OS X + Criptografa uma partição não-sistema em qualquer unidade interna ou externa (por exemplo, um pendrive). Opcionalmente, cria um volume oculto. + Conteúdo atual do pool (parcial) + Passar + Senha: + Volume PIM: + Volume PIM: + Progresso: + Pool aleatório: + Selecione esta opção se houver apenas um sistema operacional instalado neste computador(mesmo se ele tiver vários usuários). + Velocid + Status + As chaves, salt e outros dados foram gerados com sucesso. Se você deseja gerar novas chaves, clique em Voltar e depois em Avançar. Caso contrário, clique em Avançar para continuar. + Criptografa a partição/unidade onde o Windows está instalado. Quem quiser ter acesso e utilizar o sistema, ler e escrever arquivos, etc, precisará digitar a senha correta toda vez antes de inicializar o Windows. Opcionalmente, cria um sistema oculto. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Modo de limpeza: + Fechar + Permitir que a autenticação pré-boot seja contornada pressionando a tecla Esc (permite gerenciador de inicialização) + Não executar + Montar &automaticamente um volume VeraCrypt (definido abaixo) + &Iniciar o VeraCrypt + Auto-&Detectar Biblioteca + &Armazenar temporariamente a senha de autenticação pré-boot na memória do driver (para a montagem de volumes sem sistema) + Explorar... + Explorar... + Mant&er senhas e arquivos-chave na memória + Sair quando não existirem volumes montados + Fe&char a sessão do token (deslogar) após um volume ser montado com sucesso + Include VeraCrypt Volume Expander + Incluir assistente de criação de volume VeraCrypt + Criar + &Criar Volume + Não mo&strar quaisquer textos na tela de autenticação pré-boot (exceto a mensagem personalizada abaixo) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Usar arquivos-chave + Usar arquivos-chave + Sai&r + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Atribuir + Remover + Arquivos-chave... + Do not use the following number of processors for encryption/decryption: + More information + More information + Mais Configurações ... + &Auto-montar Dispositivos + Mais &Opções... + Montar v&olume apenas para leitura + Arquivos-chave... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Ativado + Manter as senhas na memória do driver + Desmontar volume automaticamente se nenhum dado for lido/escrito por + Usuário fizer log-off + User session locked + Entrar em modo de economia de energia + Protetor de tela for ativado + Forçar desmonte automático mesmo que o volume tenha arquivos ou diretórios abertos + Montar todos os volumes armazenados no dispositivo + Iniciar VeraCrypt em Segundo Plano + Montar volumes apenas para leitura + Montar volumes como mídia removível + Abrir janela do Explorer para volumes montados com sucesso + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Apagar senhas ao desmontar automaticamente + Apagar senhas ao sair + Preserve modification timestamp of file containers + Resetar + Dis&positivo... + Ar&quivo... + Selecionar Bib&lioteca... + Mostrar senha + Mostrar senha + Abrir janela do &Explorer para os volumes montados + Armazenar as senhas na memória da unidade + TrueCrypt Mode + De&smontar Todos + Propriedades do &Volume + Ferramen&tas do Volume + &Limpar Cache + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - Atalhos + VeraCrypt + Mudar Senha ou Arquivos-Chaves + Digitar a Senha do Volume VeraCrypt + VeraCrypt - Performance and Driver Options + VeraCrypt - Preferências + VeraCrypt - Configurações de Criptografia de Sistema + VeraCrypt - Preferências de Token de Segurança + Configuração do VeraCrypt para Disco Removível + Propriedades do Volume VeraCrypt + Sobre... + Adicionar/Remover Arquivos-chave para/do Volume... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Backup do Cabeçalho do Volume... + Analisar... + Alterar Algoritmo de Derivação da Chave de Cabeçalho... + Mudar Senha do Volume... + Alterar Algoritmo de Derivação de Chave de Cabeçalho... + Mudar Senha... + Limpar Histórico do Volume + Fechar Todas As Sessões de Token de Segurança + Contato... + Criar Sistema Operacional Oculto ... + Criar Disco de Emergência... + Criar Novo Volume... + Permanently Decrypt... + Arquivos-chave padrão... + Default Mount Parameters... + Donate now... + Criptografar Unidade/Partição de Sistema... + Perguntas Frequentes + Guia do Usuário + &Site na Internet + Atalhos... + Gerador de arquivo-chave + Idioma... + Avisos Legais + Gerenciar Arquivos-chave de Token de Segurança... + Montar Automaticamente Todos os Volumes do Dispositivo + Montar Volumes Favoritos + Montar sem &Autenticação Pré-Boot... + Montar Volume + Montar Volume com Opções + Novidades + Ajuda On-line + Tutorial Para Iniciantes + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Descriptografar Unidade/Partição de Sistema Permanentemente + Preferências... + Atualizar Letras de Unidade + Remover todos os arquivos-chave do volume... + Restaurar Cabeçalho do Volume... + Continuar Processo Interrompido + Selecionar Dispositivo... + Selecionar Arquivo... + Continuar Processo Interrompido + Criptografia de Sistema... + Propriedades... + Configurações... + System Favorite Volumes... + Downloads + Vetores de Teste... + Tokens de Segurança... + Configurar Disco Removível... + Desmontar Todos os Volumes Montados + Desmontar Volume + Verificar Disco de Emergência + Verify Rescue Disk ISO Image + Histórico de Versões + Volume Expander + Propriedades do Volume + Assistente de Criação de Volume + Website do VeraCrypt + Apagar Senhas em Memória + OK + Hardware Acceleration + Atalho + Configuração de Execução Automática (autorun.inf) + Desmontar Automaticamente + Desmontar todos quando: + Opções da Tela de Carregamento do Boot + Confirmar Senha: + Atual + Mostrar esta mensagem personalizada na tela de autenticação pré-boot (24 caracteres no máximo): + Opções Padrão de Montagem + Opções de Atalhos + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Configurações de Arquivo + Chave a atribuir: + Processor (CPU) in this computer supports hardware acceleration for AES: + Ações a executar ao logar no Windows + minutos + Montar disco como drive: + Configurações de montagem + Novo + Senha: + Thread-Based Parallelization + Caminho da Biblioteca PKCS #11 + PKCS-5 PRF: + PKCS-5 PRF: + Cache de senhas + Opções de Segurança + Execução em Segundo Plano + Volume VeraCrypt a montar (em relação à raiz do disco removível): + Ao inserir o disco removível: + Criar arquivos de disco removível em (diretório raiz do disco removível): + Disco + Windows + Incluir &Caminho... + &Auto-Testar Todos + Con&tinuar + &Descriptografar + &Excluir + &Criptografar + &Exportar... + Gerar e Salvar Arquivo-Chave... + &Gerar Arquivo-Chave Aleatório... + Download de pacote de idioma + Hardware-accelerated AES: + &Importar Arquivo-Chave para Token... + Mais &Arquivos... + &Usar Arquivos-chave + Ar&quivos-chave... + &Remover + Remover &Todos + O que é a proteção de volume oculto? + Sobre Arquivos-chave + Montar &volume como mídia removível + Montar par&tição usando criptografia de sistema sem autenticação pré-boot + Parallelization: + Analisar + Im&primir + &Proteger disco oculto contra danos por gravações no volume externo + &Resetar + &Mostrar senha + Arquivos de To&ken + Usar &cabeçalho de backup embutido no volume se disponível + Modo XTS + Sobre o VeraCrypt + VeraCrypt - Analisar Algoritmo de Criptografia + VeraCrypt - Vetores de Teste + Ajuda de Linha de Comando + VeraCrypt - Arquivos-chave + VeraCrypt - Gerador de Arquivos-chave + VeraCrypt - Idioma + VeraCrypt - Opções de montagem + Propriedades de Novo Arquivo-Chave de Token de Segurança + VeraCrypt - Melhoramento do Pool Aleatório + Selecione uma partição ou dispositivo + VeraCrypt + Arquivos-Chave de Token de Segurança + Senha/PIN do Token de Segurança Exigida + Pacote de Idioma Ativo + A velocidade é afetada pela carga da CPU e pelas características dos dispositivos de armazenamento.\n\nEste teste é feito em RAM. + Tam. do Buffer: + Cifra: + Sen&ha para o volume oculto:\n(cache usado se vazio) + Proteção de Volume Oculto + Tam. da chave: + IMPORTANTE: Mova seu mouse tão aleatoriamente quanto possível nesta janela. Quanto mais você demorar movendo-o, melhor. Isto aumenta significativamente a força de criptografia do arquivo-chave. + ALERTA: Se você perder um arquivo-chave ou algum bit dos seus primeiros 1024 kilobytes for alterado, será impossível montar os volumes que usam esse arquivo-chave! + bits + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Traduzido por: + Tamanho do Texto em Claro: + bits + Conteúdo Atual do Pool + PRF de mistura: + IMPORTANTE: Mova seu mouse o mais aleatoriamente possível dentro desta janela. Quanto mais você movê-lo, melhor. Isto aumentará significativamente a segurança. Quando terminar, clique em 'Continuar'. + Chave secundária (hexadecimal) + Token de Segurança: + Ordenar por: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Número do Bloco: + Texto cifrado (hexadecimal) + Número de unidade de dados (hexadecimal de 64 bits, tamanho da unidade de dados: 512 bytes) + Chave (hexadecimal) + Texto em claro (hexadecimal) + Nome do Arquivo-Chave: + Modo XTS + S&istema + &Volumes + Favor&ites + &Ferramentas + Confi&gurações + A&juda + Site na Internet + + &Sobre... + O atributo de somente-leitura de seu disco antigo não pôde ser alterado. Por favor verifique as permissões de acesso ao arquivo. + Erro: Acesso negado.\n\nA partição que você está tentando acessar tem 0 setores ou é o dispositivo de sistema. + Administrator + Para carregar o driver do VeraCrypt, você deve estar logado em uma conta com privilégio de administrador. + Para criptografar/Descriptografar/formatar uma partição/dispositivo você deve estar logado em uma conta com privilégios de administrador.\n\nIsto não se aplica a volumes armazenados em arquivos. + Para criar um disco oculto, você deve estar logado em uma conta com privilégios de administrador.\n\nDeseja continuar? + Para formatar o disco como NTFS você precisa estar logado em uma conta com privilégios de administrador.\n\nSem estes privilégios, você pode formatar o disco como FAT. + Cifra aprovada pela FIPS (Rijndael, publicada em 1998) para ser usada pelos departamentos e agências do governo dos EUA para proteger as informações mais confidenciais. Chave de 256 bits, bloco de 128 bits, 14 ciclos (AES-256). Modo de operação XTS. + O volume já está montado. + ATENÇÃO: Pelo menos um algoritmo de criptografia ou hash falhou no teste automático.\n\nA instalação do VeraCrypt pode estar corrompida. + ATENÇÃO: Não há dados suficientes no pool do Gerador de Números Aleatórios para prover a quantidade necessária.\n\nVocê não deve continuar. Selecione 'Relatar erro' no menu Ajuda e relate este erro. + A unidade está danificada (há um defeito físico) ou um cabo está danificado, ou a memória está com problemas .\n\nPor favor note que este é um problema com seu hardware, e não com VeraCrypt. Portanto, por favor, NÃO reporte isto como um erro/problema no VeraCrypt e NÃO peça ajuda sobre isto nos Fóruns do VeraCrypt. Entre em contato com o suporte técnico do fornecedor do computador para assistência. Obrigado.\n\nNota: Se o erro ocorrer repetidamente no mesmo local, muito provavelmente é causado por um bloco defeituoso do disco, o que deve ser possível corrigir usando softwares de terceiros (note que, em muitos casos, o comando 'cchkdsk /r' não o corrige, porque ele só funciona no nível de sistema de arquivos; em alguns casos, o 'chkdsk' nem mesmo pode detectá-lo). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + O seu sistema parece usar drivers personalizados de chipset que contêm um erro que impede a criptografia de toda a unidade de sistema.\n\nTente atualizar ou desinstalar qualquer driver personalizado de chipset antes de prosseguir. Se isso não ajudar, tente criptografar somente a partição do sistema. + Letra de drive inválida. + Caminho inválido. + &Cancelar + Acesso ao dispositivo negado. Favor garantir que o dispositivo selecionado existe e não é usado pelo sistema. + AVISO: A tecla 'Caps Lock' está ligada. Isto pode causar erros na digitação da senha. + Tipo de Volume + Pode acontecer de você ser forçado por alguém a revelar a senha de um volume criptografado. Há muitas situações em que não é possível recusar-se a revelar a senha (por exemplo, extorsão). Usar o volume oculto permite resolver essas situações sem revelar a senha do volume. + Selecione esta opção se você deseja criar um volume VeraCrypt normal. + Observe que, se você quiser instalar um sistema operacional em um volume de uma partição oculta, então não será possível criptografar toda a unidade de sistema usando uma única chave. + Opções de Criptografia para o Volume Externo + Opções de Criptografia para o Volume Oculto + Opções de Criptografia + AVISO: Falha ao limpar o caminho do último disco/arquivo-chave selecionado (mantido via 'seletor de arquivos')! + Erro: O recipiente foi compactado a nível de sistema de arquivo. O VeraCrypt não suporta recipientes compactados (observe que compressão de dados criptografados é ineficiente e redundante).\n\nPor favor, desative a compressão do recipiente através dos seguintes passos: 1) Clique com o botão direito no arquivo recipiente no Windows Explorer (não no VeraCrypt). 2) Selecione 'Propriedades'. 3) Na caixa de diálogo 'Propriedades', clique 'Avançado'. 4) Em 'Atributos Avançados', desative a opção 'Compactar conteúdo para economizar espaço em disco' e clique 'OK'. 5) Na caixa de diálogo 'Propriedades', clique 'OK'. + Falha ao criar volumes %s + Tamanho de %s é %.2f bytes + Tamanho de %s é %.2f KB + Tamanho de %s é %.2f MB + Tamanho de %s é %.2f GB + Tamanho de %s é %.2f TB + Tamanho de %s é %.2f PB + AVISO: O dispositivo/partição está em uso pelo sistema operacional ou por programas. Formatar o dispositivo/partição pode causar corrupção de dados e instabilidade do sistema.\n\nDeseja continuar? + Aviso: A partição está em uso pelo sistema operacional ou aplicações. Você deve fechar todas as aplicações que possam estar utilizando a partição (incluindo software antivírus) .\n\nContinuar? + Erro: O dispositivo/partição contém um sistema de arquivo que não pôde ser desmontado. O sistema de arquivo pode estar em uso pelo sistema operacional. Formatar o dispositivo/partição provavelmente causaria corrupção de dados e instabilidade do sistema.\n\nPara resolver esse problema, recomendamos que você primeiro exclua a partição e depois a recrie sem formatar. Para isso, siga os seguintes passos: 1) Clique com o botão direito no ícone 'Meu Computador' no 'Menu Iniciar' e selecione 'Gerenciar'. A janela 'Gerenciamento do Computador' deverá aparecer. 2) Na janela 'Gerenciamento do Computador', selecione 'Armazenamento' e 'Gerenciamento de Disco'. 3) Clique na partição que você deseja criptografar e selecione 'Excluir Partição', 'Excluir Volume', ou 'Excluir Unidade Lógica'. 4) Clique 'Sim'. Se o Windows solicitar, reinicie o computador. Depois, repita os passos 1 e 2 e continue a partir do 5. 5) Clique no espaço não-alocado/livre e selecione 'Nova Partição', 'Novo Volume Simples', ou 'Nova Unidade Logica'. 6) O 'Assistente para Novas Partições' ou 'Assistente para Novo Volume' deverá aparecer agora; siga as instruções. Na página 'Formatar Partição', selecione 'Não formatar esta partição' ou 'Não formatar este volume'. No mesmo assistente, clique em 'Avançar' e em 'Concluir'. 7) Observe que o caminho de dispositivo que você selecionou no VeraCrypt pode estar errado agora. Por isso, saia do Assistente de Criação de Volume do VeraCrypt (se ainda estiver aberto) e abra novamente. 8) Tente criptografar o dispositivo/partição novamente.\n\nSe o VeraCrypt nao conseguir criptografar o dispositivo/partição novamente, você pode tentar criar um arquivo recipiente. + Erro: O sistema de arquivos não pôde ser bloqueado e/ou desmontado. Ele pode estar em uso pelo sistema operacional ou aplicativos (por exemplo, um software antivírus). Criptografar a partição pode causar corrupção de dados e instabilidade do sistema.\n\nPor favor, feche todos os programas que estejam usando o sistema de arquivos (incluindo antivírus) e tente novamente. Se isso não funcionar, siga os passos abaixo. + AVISO: Algumas das partições/dispositivos montados já estavam em uso!\n\nIgnorar este fato pode causar resultados indesejáveis, incluindo instabilidade do sistema.\n\nRecomendamos que você feche qualquer aplicativo que possa estar usando os dispositivos/partições. + O dispositivo selecionado contém partições.\n\nFormatar este dispositivo pode causar corrupção de dados e instabilidade do sistema. Por favor, selecione uma partição no dispositivo ou remova todas as partições e use o VeraCrypt para formatá-lo com segurança. + O dispositivo não-sistema selecionado contém partições.\n\nVolumes VeraCrypt em dispositivos criptografados podem ser criados dentro de dispositivos que não contenham partições (incluindo discos rígidos e drives de estado sólido). Um dispositivo que contém partições pode ser totalmente criptografado num local (utilizando uma única chave mestra), apenas se ele for a unidade onde o Windows está instalado e de onde ele inicializa .\n\nSe você quiser criptografar o dispositivo não-sistema selecionado usando uma única chave-mestra, será necessário remover todas as partições no dispositivo primeiro a fim de permitir que o VeraCrypt possa formatá-lo com segurança (formatar um dispositivo que contém partições poderia causar instabilidade no sistema e/ou corrupção de dados). Alternativamente, você pode criptografar cada partição na unidade individualmente (cada partição será criptografada usando uma chave mestra diferente).\n\nNota: Se você quiser remover todas as partições de um disco GPT, pode ser necessário convertê-lo para um disco MBR (por exemplo, usando a ferramenta Gerenciamento do computador), a fim de remover partições ocultas. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + A criptografia in-place de volumes sem sistema não é suportada na versão do sistema operacional que você está usando (suportada apenas no Windows Vista e versões posteriores).\n\nO motivo é que esta versão do Windows não suporta compactação do sistema de arquivos (ele precisa ser compactado para criar espaço para o cabeçalho do volume e para o cabeçalho de backup). + A partição selecionada não parece conter um sistema de arquivo NTFS. Apenas as partições que contém um sistema de arquivos NTFS podem ser criptografadas no local.\n\nNota: A razão é que o Windows não suporta compactação de outros tipos de sistemas de arquivos (o sistema de arquivos tem de ser compactado para criar espaço para o cabeçalho de volume e o cabeçalho de backup). + A partição selecionada não parece conter um sistema de arquivo NTFS. Apenas as partições que contém um sistema de arquivos NTFS podem ser criptografadas no local.\n\nSe você deseja criar um volume criptografado VeraCrypt dentro desta partição, escolha a opção 'Criar volume criptografado e formatá-lo' (em vez da opção 'Criptografar partição no local'). + Erro: A partição é muito pequena. O VeraCrypt não pode criptografá-la no local. + Para criptografar os dados nesta partição, siga estas etapas:\n\n1) Crie um volume VeraCrypt em uma partição/dispositivo vazia e depois monte-a.\n\n2) Copie todos os arquivos da partição que você pretendia criptografar inicialmente para o volume VeraCrypt montado (criado e montado no passo 1). Dessa forma, você vai criar um backup criptografado VeraCrypt dos dados.\n\n3) Crie um volume VeraCrypt na partição que você pretendia inicialmente criptografar e certifique-se de (no assistente do VeraCrypt) escolher a opção 'Criar volume criptografado e formatá-lo' (em vez da opção 'Criptografar partição no local'). Note que todos os dados armazenados na partição serão apagados. Após o volume ser criado, monte-o.\n\n4) Copie todos os arquivos do volume de backup VeraCrypt montado (criado e montado no passo 1 para o volume VeraCrypt montado que foi criado (e montado) no passo 3.\n\nDepois de concluir essas etapas, os dados serão criptografados e, além disso, haverá um backup criptografado dos dados. + O VeraCrypt pode criptografar no local apenas uma partição, um volume dinâmico, ou toda uma unidade de sistema.\n\nCaso deseje criar um volume VeraCrypt criptografado dentro do dispositivo não-sistema selecionado, escolha a opção 'Criar volume criptografado e formatá-lo' (em vez da opção 'Criptografar partição no local'). + Erro: O VeraCrypt pode criptografar no local apenas uma partição, um volume dinâmico, ou toda uma unidade de sistema. Verifique se o caminho especificado é válido. + Erro: Não é possível compactar o sistema de arquivos (o sistema de arquivos precisa ser compactado para criar espaço para o cabeçalho de volume e o cabeçalho de backup).\n\nPossíveis causas e soluções:\n\n- Espaço livre insuficiente no volume. Certifique-se que nenhuma outra aplicação está gravando no sistema de arquivos.\n\n- Sistema de arquivos corrompido. Tente verificar e corrigir eventuais erros (clique com o botão direito na letra do drive correspondente na lista do 'Meu Computador', depois selecione Propriedades > Ferramentas > 'Verificar agora', certifique-se que a opção 'Corrigir automaticamente erros no sistema de arquivos' está ativada e clique em Iniciar).\n\nSe as etapas acima não ajudarem, por favor, siga os passos abaixo. + Erro: Não há espaço livre suficiente no volume e, portanto, o sistema de arquivos não pode ser compactado (o sistema de arquivos precisa ser compactado para criar espaço para o cabeçalho de volume e o cabeçalho de backup).\n\nPor favor, exclua quaisquer arquivos redundantes e esvazie a lixeira a fim de liberar pelo menos 256 KB de espaço e então tente novamente. Note que devido a um problema do Windows, a quantidade de espaço livre indicada pelo Windows Explorer pode estar incorreta até o sistema operacional ser reiniciado. Se reiniciar o sistema não funcionar, o sistema de arquivos pode estar corrompido. Tente checá-lo e corrigir quaisquer erros (clique com o botão direito na letra do drive correspondente na lista do 'Meu Computador', depois selecione Propriedades > Ferramentas > 'Verificar agora', certifique-se que a opção 'Corrigir automaticamente erros no sistema de arquivos' está ativada e clique em Iniciar).\n\nSe as etapas acima não ajudarem, por favor, siga os passos abaixo. + Espaço livre na unidade %s é %.2f bytes + Espaço livre na unidade %s é %.2f KB + Espaço livre na unidade %s é %.2f MB + Espaço livre na unidade %s é %.2f GB + Espaço livre na unidade %s é %.2f TB + Espaço livre na unidade %s é %.2f PB + Não foi possível obter letras de drive disponíveis. + Erro: Driver do VeraCrypt não encontrado.\n\nFavor copiar os arquivos 'veracrypt.sys' e 'veracrypt-x64.sys' para a pasta onde o programa principal do VeraCrypt (VeraCrypt.exe) está localizado. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Erro: Falha ao iniciar a cifra. + Erro: Uma chave fraca ou potencialmente fraca foi detectada. A chave será descartada. Favor tentar novamente. + Um erro crítico ocorreu e o VeraCrypt deve ser encerrado. Se isto for causado por um bug no VeraCrypt, gostaríamos de corrigí-lo. Para nos ajudar, você pode nos enviar um relatório de erro gerado automaticamente contendo os seguintes itens:\n\n- Versão do programa\n- Versão do sistema operacional\n- Tipo de CPU\n- Nome do componente VeraCrypt\n- Checksum do executável do VeraCrypt\n- Nome simbólico da janela\n- Categoria do erro\n- Endereço do erro\n- Chamada de pilha do VeraCrypt\n\nSe você selecionar 'Sim', a seguinte URL (que contém todo o relatório de erro) será aberta no seu navegador de Internet padrão.\n\n%hs\n\nVocê deseja nos enviar o relatório de erro acima? + Um erro crítico ocorreu e o VeraCrypt deve ser encerrado.\n\nNote que este erro não foi causado pelo VeraCrypt (por isso seus desenvolvedores não pode corrigí-lo). Por favor, verifique o seu sistema para possíveis problemas (por exemplo, configuração de sistema, conexões de rede, falha em componentes de hardware). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + Erro Crítico do VeraCrypt + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Criptografar + &Descriptografar + &Descriptografar Definitivamente + Fechar + Favor criar uma unidade lógica para esta partição estendida e tentar novamente. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Volumes VeraCrypt em dispositivos criptografados podem ser criados dentro de partições em discos rígidos, unidades de estado sólido, memory sticks USB, bem como sobre quaisquer outros dispositivos de armazenamento suportados. Partições também podem ser codificadas no local.\n\nAlém disso, volumes VeraCrypt em dispositivos criptografados podem ser criados dentro de dispositivos que não contenham partições (incluindo discos rígidos e unidades de estado sólido).\n\nNota: Um dispositivo com partições pode ser totalmente criptografado no local (usando uma única chave) apenas se ele for a unidade onde o Windows está instalado e de onde ele inicializa. + Um Volumes VeraCrypt hopedado num dispositivo pode ser criado dentro de uma partição do disco rígido, unidade de estado sólido, memory stick USB, e outros dispositivos de armazenamento.\n\nATENÇÃO: Note que a partição/dispositivo será formatada e todos os dados armazenados no momento serão perdidas. + \nSelecione a localização do volume externo a ser criado (dentro deste volume o volume oculto será criado mais tarde sobre).\n\nVolumes externos podem ser criados dentro de partições em discos rígidos, unidades de estado sólido, memory sticks USB e em qualquer outro dispositivo de armazenamento suportado. Volumes externos também podem ser criados dentro de dispositivos que não contenham partições (incluindo discos rígidos e unidades de estado sólido).\n\nATENÇÃO: Note que a partição/dispositivo será formatada e todos os dados armazenados no momento serão perdido. + Selecione a localização do volume VeraCrypt dentro do qual você deseja criar o volume oculto. + AVISO: O arquivo ou dispositivo já está sendo usado!\n\nIgnorar este aviso pode levar a resultados indesejados incluindo instabilidade do sistema. Todos os aplicativos que possam estar usando o arquivo ou dispositivo (por exemplo, anti-vírus ou programas de backup) devem ser fechados antes de montar o volume.\n\nDeseja continuar? + Erro: O disco não pôde ser montado. O arquivo ou dispositivo já está em uso. A tentativa de montar sem acesso exclusivo também falhou. + O arquivo não pode ser aberto. + Localização do Volume + Arquivos Grandes + Você pretende armazenar arquivos maiores que 4 GB neste volume VeraCrypt? + Dependendo de sua escolha acima, o VeraCrypt irá escolher um sistema de arquivos padrão adequado para o VeraCrypt volume (você será capaz de escolher um sistema de arquivo na próxima etapa). + Como você está criando um volume externo, você deve considerar escolher 'Não'. Se você escolher 'Sim', o sistema de arquivos padrão será NTFS, que não é tão apropriado para volumes externo como FAT (por exemplo, o tamanho máximo possível do volume oculto será significativamente maior se o volume externo for formatado como FAT). Normalmente, FAT é o padrão para ambos os volumes oculto e normal (então volumes FAT não são suspeitos). No entanto, se o usuário indicar a intenção de armazenar arquivos maiores que 4 GB (que o sistema de arquivos FAT não permite) então FAT não será o padrão. + Tem certeza de que deseja escolher 'Sim'? + Modo de Criação de Volume + Este é o caminho mais rápido para criar uma volume VeraCrypt armazenado numa partição ou dispositivo (criptografia no local, que é a outra opção, é mais lenta porque o conteúdo de cada setor tem que ser primeiro lido, criptografado e depois, escrito). Os dados atualmente armazenados na partição/dispositivo selecionado(a) serão perdido (os dados NÃO serão criptografados e serão sobrescritos com dados aleatórios). Se você quiser criptografar os dados existentes em uma partição, escolha a outra opção. + Toda a partição selecionada e todos os dados armazenados nela serão criptografados no local. Se a partição estiver vazia, você deve escolher a outra opção (o volume será criado muito mais rápido). + Nota: + Continua&r + &Adiar + &Iniciar + &Continuar + &Formatar + &Limpar + Abortar a formatação? + Mostrar mais informações + Não mostrar novamente + O conteúdo da partição/dispositivo foi apagado com sucesso. + O conteúdo da partição onde o sistema operacional (do qual o sistema oculta é um clone) está instalado foi apagado com sucesso. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + O dispositivo/partição de sistema foi descriptografado com sucesso. + \n\nO volume VeraCrypt foi criado e está pronto para uso. Se você deseja criar outro volume VeraCrypt, clique em Avançar. Caso contrário, clique em Sair. + \n\nO volume VeraCrypt oculto foi criado com sucesso (o sistema operacional oculto residirá dentro deste volume oculto).\n\nClique em Avançar para continuar. + Volume Totalmente Criptografado + Volume Fully Decrypted + IMPORTANTE: PARA MONTAR ESTE RECÉM-CRIADO VOLUME VERACRYPT E ACESSAR OS DADOS ARMAZENADOS NELE, CLIQUE EM 'AUTO-MONTAR DISPOSITIVOS' NO JANELA PRINCIPAL DO VERACRYPT. Depois de digitar a senha correta (e/ou fornecer os arquivos-chave corretos), o volume será montado para a letra de unidade selecionada a partir da lista na janela principal do VeraCrypt (e você poderá acessar os dados criptografados por meio da letra de unidade selecionada).\n\nPOR FAVOR, LEMBRE-SE OU ANOTE OS PASSOS ACIMA. VOCÊ DEVE SEGUÍ-LOS, SEMPRE QUE DESEJAR MONTAR O VOLUME E ACESSAR OS DADOS ARMAZENADOS NELE. Alternativamente, na janela principal do VeraCrypt, clique em 'Selecionar dispositivo', selecione esta partição/volume e clique em 'Montar'.\n\nA partição/volume foi criptografada(o) com sucesso (agora ela contém um volume VeraCrypt totalmente criptografado) e está pronto para uso. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + O volume VeraCrypt foi criado com sucesso. + Disco Criado com Sucesso + IMPORTANTE: Mova seu mouse tão aleatoriamente quanto possível nesta janela. Quanto mais você demorar movendo-o, melhor. Isto aumenta significativamente a força de criptografia das chaves. Depois clique em Formatar para continuar. + Clique em Formatar para criar o volume externo. Para mais informações consulte a documentação. + Formatação do volume externo + Formatação do Volume Oculto + Formatação do Volume + É necessário o Adobe Reader (ou ferramenta compatível) para ver ou imprimir o Manual do Usuário do VeraCrypt. O Adobe Reader (freeware) pode ser baixado a partir de: www.adobe.com\n\nDeseja ver a documentação on-line? + Caso selecione esta opção, o assistente irá ajudá-lo primeiro a criar um volume VeraCrypt normal e em seguida o volume oculto dentro do normal. Usuários inexperientes deve selecionar esta opção. + Caso selecione esta opção, você irá criar um volume oculto dentro de um volume VeraCrypt normal. Presumimos que você já tem um volume VeraCrypt normal que pode conter um volume oculto. + Modo de Criação de Volume + Volume Oculto Criado + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + Você iniciou o sistema operacional oculto. Como você deve ter notado, ele aparenta estar instalado na mesma partição que o sistema operacional original. Entretanto, na realidade, ele está instalado dentro da partição por trás dele (no volume oculto). Todos as operações de leitura e escrita estão sendo transparentemente redirecionadas da partição do sistema original para o volume oculto.\n\nNem o sistema operacional nem os aplicativos saberão que os dados escritos e lidos da partição do sistema estão na verdade sendo escritos e lidos da partição por trás dela (de um volume oculto). Tais dados são criptografados e descriptografados normalmente (com uma chave de criptografia diferente daquela que será usada para o sistema operacional ).\n\n\nPor favor, clique em Avançar para continuar. + O volume externo foi criado e montado como unidade %hc:. Para este volume externo você deve agora copiar alguns arquivos que você realmente NÃO quer esconder. Eles estarão lá caso alguém force você a revelar a senha para a primeira partição atrás da partição do sistema, onde tanto o volume externo quanto o oculto (que contém o sistema operacional oculto) irão residir. Você será capaz de revelar a senha para esse volume externo, e a existência do volume oculto (e do sistema operacional oculto) permanecerá secreta.\n\nIMPORTANTE: Os arquivos que você copiar para o volume externo não devem ocupar mais de %s. Caso contrário, pode não haver espaço livre suficiente no volume externo para volume oculto (e você não poderá continuar). Depois de terminar de copiar, clique em Avançar (não desmonte o volume). + O volume oculto foi criado com sucesso e montado como unidade %hc:. Você deve copiar alguns arquivos que pareçam confidenciais e você não deseja realmente esconder. Os arquivos estarão disponíveis para quem forçá-lo a revelar sua senha. Você irá revelar apenas a senha para esse volume externo, não para o oculto. Os arquivos com que você realmente se importa serão armazenados no volume oculto, que será criado em seguida. Quando você terminar de copiar, clique em avançar. Não desmonte o volume.\n\nObserve: Depois que você clicar em avançar, o bitmap de clusters volume do volume externo será analisado para determinar o tamanho do espaço livre contínuo que termina no fim do volume. Este espaço irá acomodar o volume oculto, seu maior tamanho possível será determinado agora. A análise do bitmap de clusters assegura que nenhum dado no volume externo será sobrescrito. + Conteúdo do volume externo + \n\nNas próximas etapas, você deverá escolher as opções para o volume externo (dentro do qual o volume oculto será criado mais tarde). + \n\nNos próximos passos, você criará um volume VeraCrypt externo dentro da primeira partição atrás da partição do sistema (como foi explicado em uma das etapas anteriores). + Volume Externo + Nos passos a seguir, você definirá as opções e senha para o volume oculto, que conterá o sistema operacional oculto.\n\nObservação: O mapa de clusters do volume externo foi examinado a fim de determinar o tamanho da área ininterrupta de espaço de livre, cujo fim está alinhado com o final do volume externo. Esta área vai acomodar o volume oculto, por isso, ela limita o seu tamanho máximo possível. O tamanho máximo possível do volume oculto foi determinado e confirmado como sendo maior do que o tamanho da partição do sistema (o que é necessário, pois todo o conteúdo da partição do sistema será copiado para o volume oculto). Isto assegura que nenhum dado armazenado atualmente no volume externo será sobrescrito pelos dados escritos na área do volume oculto. + IMPORTANTE: Por favor, lembre-se dos algoritmos que você selecionar nesta etapa. Você terá que selecionar os mesmos algoritmos para o sistema . Caso contrário, o sistema oculto estará inacessível! (O sistema deve ser criptografado com o mesmo algoritmo de criptografia do sistema oculto.)\n\nNota: A razão é que o sistema isca e o oculto irão compartilhar um único gestor de inicialização, que suporta apenas um único algoritmo, selecionado pelo usuário (para cada algoritmo, existe uma versão especial do VeraCrypt Boot Loader). + \n\nO bitmap de clusters foi analisado e o tamanho máximo possível para o volume oculto foi determinado. Nas próximas etapas, você deverá escolher as opções, o tamanho e a senha a serem usados para o volume oculto. + Volume Oculto + Agora o volume oculto está protegido contra danos até que o volume externo seja desmontado.\n\nAVISO: Se houver alguma tentativa de gravação de dados na área do volume oculto, o VeraCrypt irá começar a proteger o volume inteiro contra gravação (tanto a parte externa quanto a oculta) até que ele seja desmontado. Isto pode causar corrupção no sistema de arquivo do volume externo, o que (se repetido) poderá afetar adversamente a camuflagem de informações do volume oculto. Por isso, você deve tomar todas as medidas para evitar gravar na área do volume oculto. Qualquer dado que estiver sendo gravado na área do volume oculto não será salvo e será perdido. O Windows poderá relatar isso como um erro de gravação ("Delayed Write Failed" ou "The parameter is incorrect"). + Todos os volumes ocultos nos volumes montados estão protegidos contra danos até que sejam desmontados.\n\nAVISO: Se houver alguma tentativa de gravação de dados na área de algum desses volumes ocultos, o VeraCrypt irá começar a proteger o volume inteiro contra gravação (tanto a parte externa quanto a oculta) até que ele seja desmontado. Isto pode causar corrupção no sistema de arquivo do volume externo, o que (se repetido) poderá afetar adversamente a camuflagem de informação do volume oculto. Por isso, você deve tomar todas as medidas para evitar gravar na área do volume oculto. Qualquer dado que estiver sendo gravado na área do volume oculto não será salvo e será perdido. O Windows poderá relatar isso como um erro de gravação ("Delayed Write Failed" ou "The parameter is incorrect"). + AVISO: Houve uma tentativa de gravação de dados na área do volume oculto do volume montado como %c:! O VeraCrypt impediu que esses dados fossem gravados para proteger o volume oculto. Isto pode ter causado corrupção no sistema de arquivo do volume externo e o Windows poderá relatar um erro de gravação ("Delayed Write Failed" ou "The parameter is incorrect"). Todo o volume (tanto a parte externa quanto a oculta) será protegido contra gravação até ser desmontado. Se esta não for a primeira vez que isto acontece com esse volume, a camuflagem de informação desse volume oculto pode ter sido afetada (devido a inconsistências não usuais correlacionadas no sistema de arquivo do volume externo). Por isso, você deve pensar em criar novo volume VeraCrypt (com a opção Formatação Rápida desmarcada) e mover seus arquivos deste volume para o novo; este volume deve ser apagado com segurança (tanto a parte externa quanto a oculta). Sugerimos fortemente que você reinicie seu sistema operacional agora. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + Por motivos de segurança, quando um sistema operacional oculto estiver sendo executado, sistemas de arquivo locais não-criptografados e volumes VeraCrypt não-ocultos são montados como somente leitura (dados não podem ser gravados em tais sistemas de arquivo ou volumes VeraCrypt).\n\nÉ autorizada a gravação de dados em qualquer sistema de arquivo que esteja dentro de um volume VeraCrypt oculto (desde que o volume oculto não esteja localizado em um recipiente armazenado em um sistema de arquivo não-criptografado ou em qualquer outro sistema de arquivo somente leitura). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Nota: Caso necessite transferir arquivos com segurança do sistema isca para o sistema oculto, siga estas etapas: 1) Inicie o sistema isca. 2) Salve os arquivos para um volume não-criptografado ou para um volume VeraCrypt externo/normal. 3) Inicie o sistema oculto. 4) Se você salvou os arquivos em um volume VeraCrypt, monte-o (ele será automaticamente montado como somente leitura). 5) Copie os arquivos para a partição do sistema oculto ou para outro volume oculto. + Seu computador precisa ser reiniciado.\n\nVocê deseja reiniciá-lo agora? + Ocorreu um erro ao obter o estado de criptografia do sistema. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Não foi possível iniciar componentes do programa de criptografia do sistema. + Falha ao iniciar o gerador de números aleatórios! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Não foi possível iniciar a aplicação. Falha ao registrar a classe 'Dialog'. + Erro: Falha ao carregar a biblioteca de sistema Rich Edit. + Criação de Volume VeraCrypt + O tamanho máximo de um volume oculto para este disco é %.2f bytes. + O tamanho máximo de um volume oculto para este disco é %.2f KB. + O tamanho máximo de um volume oculto para este disco é %.2f MB. + O tamanho máximo de um volume oculto para este disco é %.2f GB. + O tamanho máximo de um volume oculto para este disco é %.2f TB. + A senha ou arquivo-chave não podem ser alterados enquanto o disco estiver montado. Favor desmontar o disco primeiro. + O algoritmo de derivação da chave não pode ser trocado enquanto o volume está montado. Favor desmontar o disco primeiro. + &Montar + Uma versão mais recente do VeraCrypt é necessária para montar este disco. + Erro: O Assistente de Criação de Disco não foi encontrado.\n\nFavor certifique-se de que o arquivo 'VeraCrypt Format.exe' está na pasta de onde o VeraCrypt foi executado. Caso contrário, reinstale o VeraCrypt ou localize o arquivo 'VeraCrypt Format.exe' no seu sistema e execute-o. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Avançar > + &Concluir + &Instalar + E&xtrair + Não foi possível conectar ao driver de dispositivo do VeraCrypt. O VeraCrypt não pode funcionar sem o seu driver de dispositivo executando.\n\nObserve que, devido a características do Windows, pode ser necessário fazer log off ou reiniciar o sistema operacional antes de executar o driver de dispositivo. + Um erro ocorreu quando da carga/preparação das fontes. + A letra de unidade não foi encontrada ou não foi especificada. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Letra de Unidade não disponível. + Nenhum arquivo foi selecionado! + Nenhuma letra de drive está disponível. + Não há letra de drive livre para o volume externo! A criação do disco não pode continuar. + Não foi possível determinar a versão do seu sistema operacional ou você está usando um sistema operacional não suportado. + Nenhum caminho selecionado! + Não há espaço livre suficiente para o volume oculto! A criação dos disco não pode continuar. + Erro: Os arquivos copiados para o volume externo ocupam muito espaço. Portanto, não há espaço livre suficiente no volume externo para o volume oculto.\n\nNote que o volume oculto deve ser tão grande quanto a partição do sistema (a partição onde o sistema operacional sendo executando agora está instalado). A razão é que o sistema operacional oculto precisa ser criado copiando o conteúdo da partição do sistema para o volume oculto.\n\n\nO processo de criação do sistema operacional oculto não pode continuar. + O driver não conseguiu de desmontar o disco. Algum dos arquivos localizados nele ainda deve estar aberto. + Não foi possível bloquear o disco. Ainda existem arquivos abertos no disco. Desta forma, este não pode ser desmontado. + VeraCrypt não pode bloquear o volume, porque ele está em uso pelo sistema ou aplicativos (pode haver arquivos abertos no volume).\n\nVocê deseja desmontar forçadamente o volume? + Selecione o Volume VeraCrypt + Selecione o Caminho e o Nome do Arquivo + Selecione a biblioteca PKCS #11 + Memória Esgotada + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + AVISO: O arquivo '%s' ja existe!\n\nIMPORTANTE: O VERACRYPT NÃO IRÁ CRIPTOGRAFAR O ARQUIVO, MAS APAGÁ-LO. Você tem certeza de que deseja apagar o arquivo e substituí-lo com um novo recipiente VeraCrypt? + CUIDADO: TODOS OS ARQUIVOS ARMAZENADOS NO %s '%s'%s SELECIONADO SERÃO APAGADOS E PERDIDOS (NÃO CRIPTOGRAFADOS)!\n\nVocê tem certeza de que deseja continuar e formatar? + AVISO: Você não será capaz de montar o volume ou acessar quaisquer arquivos armazenados nele até que ele tenha sido totalmente criptografado.\n\nTem certeza de que deseja iniciar a criptografia do %s '%s'%s selecionado? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + AVISO: Por favor, note que se o fornecimento de energia for interrompido de repente durante a criptografia dos dados existentes no local, ou quando o sistema operacional falhar devido a um erro de software ou hardware defeituoso enquanto o VeraCrypt estiver criptografando os dados existentes no local, porções dos dados serão corrompidos ou perdidos. Portanto, antes de começar a criptografia, certifique-se de possuir cópias de backup dos arquivos que você deseja criptografar.\n\nVocê tem um backup desses? + CUIDADO: OS ARQUIVOS ATUALMENTE ARMAZENADOS NA PARTIÇÃO '%s'%s (OU SEJA, A PRIMEIRA PARTIÇÃO ATRÁS DA PARTIÇÃO DO SISTEMA) SERÃO APAGADOS E PERDIDOS (ELES NÃO SERÃO CRIPTOGRAFADOS)!\n\nTem certeza que deseja prosseguir com o formato? + AVISO: A PARTIÇÃO SELECIONADA CONTÉM UMA GRANDE QUANTIDADE DE DADOS! Todos os arquivos armazenados na partição serão apagados e perdidos (eles não serão criptografados)! + Apague todos os arquivos armazenados na partição, criando um volume VeraCrypt dentro dele + Senha + PIM + Definir Algoritmo de Derivação da Chave de Cabeçalho + Adicionar/Remover Arquivo-chave do disco + Remover Todos os Arquivos-chave do disco + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANTE: Se você não destruir o seu VeraCrypt Rescue Disk, sua partição de sistema / unidade ainda pode ser descriptografado usando a senha antiga (por arrancar o VeraCrypt Rescue Disk e inserir a senha antiga). Você deve criar um novo VeraCrypt Rescue Disk e, em seguida, destruir o velho um .\n\nVocê deseja criar um novo VeraCrypt Rescue Disk? + Lembre que o Disco de Emergência VeraCrypt ainda usa o algoritmo anterior. Se você considera o algoritmo anterior inseguro, você deve criar um novo Disco de Emergência VeraCrypt e destruir o antigo.\n\nVocê deseja criar um novo disco de emergência VeraCrypt? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Arquivo(s)-chave adicionado(s)/removido(s) com sucesso. + Arquivo-chave exportado. + Algoritmo de derivação da chave ajustado com sucesso. + Digite a senha e/ou arquivo(s)-chave para o volume não-sistema em que pretende retomar o processo de criptografia no local.\n\n\nObservação: Após clicar em Avançar, o VeraCrypt tentará encontrar todos os volumes não-sistema onde o processo de criptografia tenha sido interrompido e onde o cabeçalho do volume VeraCrypt pode ser descriptografado usando a senha e/ou arquivo(s)-chave fornecidos. Se mais de um volume assim for encontrado, você terá que escolher um deles na próxima etapa. + Selecione um dos volumes listados. A lista contém todos os volumes não-sistema acessíveis em que o processo de criptografia tenha sido interrompido e cujo cabeçalho poderia ser descriptografado usando a senha e/ou arquivo(s)-chave fornecidos. + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + É muito importante que você escolha uma boa senha. Evite escolher uma que contenha apenas uma única palavra que pode ser encontrada em um dicionário (ou uma combinação de 2, 3 ou 4 palavras assim). A senha não deve conter quaisquer nomes ou datas de nascimento. Não deve ser fácil de adivinhar. Uma boa senha é uma combinação aleatória de letras maiúsculas e minúsculas, números e caracteres especiais, como @ ^ = $ * + etc. Recomendamos escolher uma senha com mais de 20 caracteres (quanto mais longo, melhor). O comprimento máximo é 64 caracteres. + Escolha uma senha para o volume oculto. + Por favor, escolha uma senha para o sistema operacional oculto (ou seja, para o volume oculto). + IMPORTANTE: A senha que você escolher para o sistema operacional oculto nesta etapa deve ser substancialmente diferente das outras duas senhas (ou seja, da senha do volume externo e da senha do sistema operacional isca). + Favor digitar a senha para o disco que você dentro do qual você deseja criar o volume oculto.\n\nDepois de clicar 'Próximo', o VeraCrypt vai tentar montar o disco. Assim que o disco estiver montado, seu bitmap de cluster será varrido para determinar o tamanho da área livre ininterrupta (se houver) cujo final está alinhado com o final do disco. Esta área irá acomodar o volume oculto e irá limitar seu tamanho máximo. A varredura do mapa de clusters é necessária para garantir que nenhum dado do volume externo será sobrescrito pelo volume oculto. + \nPor favor escolha uma senha para o volume externo. Esta será a senha que você poderá revelar a um adversário se lhe for pedido ou forçado a fazê-lo.\n\nIMPORTANTE: A senha deve ser substancialmente diferente da que você vai escolher para o volume oculto.\n\nNota: O comprimento máximo possível da senha é 64 caracteres. + Por favor, escolha uma senha para o volume externo. Esta será a senha que você poderá revelar a alguém forçando-o a expor a senha para a primeira partição atrás da partição do sistema, onde tanto o volume externo quanto o volume oculto (que contém o sistema operacional oculto) irão residir. A existência do volume oculto (e do sistema operacional oculto) permanecerá secreta. Note que esta senha não é para o sistema operacional isca.\n\nIMPORTANTE: A senha deve ser substancialmente diferente da que você vai escolher para o volume oculto (isto é, para o sistema operacional oculto). + Senha do volume externo + Senha do volume oculto + Senha para o Sistema Operacional Oculto + AVISO: Senha curtas são fáceis de quebrar usando técnicas de força bruta!\n\nÉ recomendado que seja escolhida um senha com pelo menos 20 caracteres.\n\nDeseja realmente usar uma senha curta? + Senha do Volume + Senha incorreta ou não se trata de um volume VeraCrypt. + Senha e/ou arquivo-chave incorretos ou não se trata de um volume VeraCrypt. + Modo de montagem, senha ou volume VeraCrypt incorretos. + Modo de montagem, senha, arquivo-chave ou volume VeraCrypt incorretos. + Senha incorreta ou nenhum volume VeraCrypt encontrado. + Senha e/ou arquivo-chave incorretos ou nenhum volume VeraCrypt encontrado. + \n\nAVISO: A função Caps Lock está ligada. Isto pode levar a uma digitação incorreta da senha. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + Se você está tentando proteger um volume oculto contendo um sistema oculto, certifique-se de estar usando uma configuração de teclado padrão US quando digitar a senha do volume oculto. Isto porque tal senha precisará ser digitada no ambiente pré-boot (antes do Windows iniciar) onde configurações diferentes do padrão US de teclado não estão disponíveis. + O VeraCrypt não encontrou nenhum volume onde a criptografia não-sistema tenha sido interrompida e onde o cabeçalho do volume pode ser descriptografado usando a senha e/ou arquivo(s)-chave fornecidos.\n\nPor favor, certifique-se que a senha e/ou arquivo(s)-chave estão corretos e que a partição/volume não está sendo usada pelo sistema ou aplicativos (incluindo software antivírus). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nDica: Se você está tentando montar uma partição localizada em um disco de sistema criptografado sem usar a autenticação pré-inicialização ou uma partição criptografada de um sistema operacional que não está sendo executado, você pode fazê-lo clicando em 'Sistema' > 'Moutar sem Autenticação Pré-Inicialização'. + Neste modo, você não pode montar uma partição localizada em uma unidade cuja porção está dentro do alcance de aplicação da criptografia de sistema ativa.\n\nAntes que você possa montar esta partição neste modo, você precisa inicializar um sistema operacional instalado em uma unidade diferente (criptografado ou não), ou inicializar um sistema operacional não-criptografado. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Voltar + Não foi possível listar os dispositivos instalados em seu sistema! + O disco '%s' já existe e está protegido contra gravação. Tem certeza que deseja substituí-lo? + Selecione o Diretório de Destino + Selecione o Arquivo-chave + Selecione o caminho do arquivo-chave. AVISO: Lembre que apenas o caminho sera lembrado, não os nomes dos arquivos! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Criada por Ross Anderson, Eli Biham e Lars Knudsen. Publicada em 1998. chave de 256 bits, bloco de 128 bits. O modo de operação é o XTS. Serpent foi um dos finalistas no AES. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Tamanho do Volume Externo + Tamanho do Volume Oculto + Verifique se o tamanho do dispositivo/partição selecionado(a) mostrado acima está correto e clique em Avançar. + O volume externo e o volume oculto (que contém o sistema operacional oculto) irão residir dentro da partição acima. Deve ser a primeira partição atrás da partição do sistema.\n\nPor favor, verifique se o tamanho da partição e seu número mostrados acimas estão corretos e, se estiverem, clique em Avançar. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Tamanho do Disco + Dinâmico + CUIDADO: AUTO-TESTE FALHOU! + Todos os algoritmos passaram nos testes + O número de unidades de dados que você forneceu é muito curto ou muito longo. + A chave secundária que você forneceu é muito curta ou muito longa. + O texto cifrado de teste que você escolheu é muito curto ou muito longo. + A chave de teste que você escolheu é muito curta ou muito longa. + O texto em claro de teste que você escolheu é muito curto ou muito longo. + Duas cifras operando em modo XTS em cascata. Cada bloco é criptografado primeiro com %s (chave de %d bits) e depois com %s (chave de %d bits). Cada cifra utiliza sua própria chave. Todas as chaves são independentes das outras. + Três cifras operando em modo XTS em cascata. Cada bloco é criptografado primeiro com %s (chave de %d bits), depois com %s (chave de %d bits) e, finalmente, com %s (chave de %d bits). Cada cifra utiliza sua própria chave. Todas as chaves são independentes das outras. + Note que, dependendo da configuração do sistema operacional, os recursos de auto-executar e auto-montar podem funcionar só quando os arquivos do disco removível estiverem criados em uma mídia de CD/DVD não-regravável. Note também que este não é um bug do VeraCrypt (é uma limitação do Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + Disco Removível VeraCrypt + Criado por Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall e Niels Ferguson. Publicado em 1998. chave de 256 bits, bloco de 128 bits. Modo de operação XTS. O Twofish foi um dos finalistas para o AES. + Mais informações sobre %s + Desconhecido + An unspecified or unknown error occurred (%d). + Alguns discos contem arquivos ou pastas que estão sendo usadas.\n\nDesmontar forçadamente? + &Desmontar + Falha ao desmontar! + Disco contém arquivos ou pastas que estão sendo usadas.\n\nDesmontar forçadamente? + No volume is mounted to the specified drive letter. + O disco que voce está tebntando montar já está montado. + Um erro ocorreu ao tentar montar o disco. + Erro ao procurar a localização dentro do disco. + Erro: Tamanho do disco incorreto. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Recipiente dinâmico é um arquivo NTFS esparso cujo tamanho físico (espaço em disco realmente usado) cresce à medida que novos dados são gravados.\n\nAVISO: O desempenho de volumes hospedados em arquivos esparsos é significativamente pior que o desempenho de volumes normais. Volumes em arquivos esparsos são também menos seguros porque permitem saber quais setores não estão em uso. Além disto, tais volumes não podem prover camuflagem de informação (hospedar um volume oculto). Note que se houver escrita num recipiente esparso quando não houver espaço livre suficiente no sistema de arquivos que o hospeda, o sistema de arquivos criptografado pode ser corrompido.\n\nTem certeza de que quer criar um volume hospedado em arquivo esparso? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + O VeraCrypt não pode mudar a senha de um volume externo. + Favor selecionar uma letra de drive na lista. + Favor selecionar um disco montado na lista de letras de drive. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Erro: Não foi possível criar autorun.inf + Erro enquanto processava o arquivo-chave! + Erro enquanto processava o caminho de arquivos-chave! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt não suporta este sistema operacional. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Erro: Não foi possível de alocar memória. + Erro: Não foi possível recuperar o valor do contador de desempenho. + Erro: Formato [de volume] inválido. + Erro: Você forneceu uma senha para um volume oculto (não para um volume normal). + Por motivos de segurança, um volume oculto não pode ser criado dentro de um volume VeraCrypt contendo um sistema de arquivos que foi criptografado no local (porque o espaço livre no volume não foi preenchido com dados aleatórios). + VeraCrypt - Observações Legais + Todos os Arquivos + Discos VeraCrypt + Módulos de Biblioteca + A formatação em NTFS não pode continuar. + Não foi possível montar o disco. + Não foi possível desmontar o disco. + O Windows não conseguiu formatar o volume como NTFS.\n\nFavor selecionar um tipo de sistema de arquivo diferente (se possível) e tentar novamente. Você também pode deixar o volume sem formato (selecione 'Nenhum' como sistema de arquivo), sair desse assistente, montar o volume, e usar o sistema ou algum ferramenta de terceiros para formatar o volume montado (o volume irá permanecer criptografado). + O Windows não conseguiu formatar o volume como NTFS.\n\nVocê deseja formatar o volume como FAT? + Padrão + partição + PARTIÇÃO + Dispositivo + dispositivo + DISPOSITIVO + Volume + volume + VOLUME + Label + O tamanho de cluster selecionado é muito pequeno para este tamanho de disco. Um tamanho maior será usado. + Erro: Não foi possível determinar o tamanho do disco!\n\nGaranta que o disco selecionado não está sendo usado pelo sistema ou alguma aplicação. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + O Assistente para Criação de Volume VeraCrypt só pode criar um volume oculto dentro de um FAT ou NTFS. + No Windows 2000, o Assistente para Criação de Volume VeraCrypt só pode criar um volume oculto dentro de um FAT. + Nota: O sistema de arquivos FAT é mais adequado para os volumes externos do que o sistema de arquivos NTFS (por exemplo, o tamanho máximo possível do volume oculto muito provavelmente teria sido muito maior se o volume externo tivesse sido formatado como FAT). + Note que o sistema de arquivos FAT é mais adequado para os volumes externos do que o sistema de arquivos NTFS. Por exemplo, o tamanho máximo possível do volume oculto, muito provavelmente, será significativamente maior se o volume externo for formatado como FAT (porque o sistema de arquivos NTFS sempre armazena dados internos exatamente no meio do volume e, portanto, o volume oculto pode residir apenas na segunda metade do volume externo).\n\nTem certeza que deseja formatar o volume externo como NTFS? + Você deseja formatar o volume como FAT ao invés disso? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Erro: A partição para o sistema operacional oculto (ou seja, a primeira partição atrás da partição do sistema) deve ser de pelo menos 5% maior do que a partição do sistema (a partição do sistema é a que o sistema operacional atualmente em execução está instalado). + Erro: A partição para o sistema operacional oculto (ou seja, a primeira partição atrás da partição do sistema) deve ser de pelo menos 110% (2,1 vezes) maior do que a partição do sistema (a partição do sistema é a que o sistema operacional atualmente em execução está instalado). A razão é que o sistema de arquivos NTFS sempre armazena dados internos exatamente no meio do volume e, portanto, o volume oculto (que é para conter um clone da partição do sistema) pode residir apenas na segunda metade da partição. + Erro: Se o volume externo estiver formatado como NTFS, ele deve ser de pelo menos 110% (2,1 vezes) maior do que a partição do sistema. A razão é que o sistema de arquivos NTFS sempre armazena dados internos exatamente no meio do volume e, portanto, o volume oculto (que é para conter um clone da partição do sistema) pode residir apenas na segunda metade do volume externo.\n\nNota: O volume externo deve residir na mesma partição que o sistema operacional oculto (ou seja, a primeira partição atrás da partição do sistema). + Erro: Não há partição atrás da partição do sistema.\n\nObserve que, antes de poder criar um sistema operacional oculto, você precisa criar uma partição para ele na unidade do sistema. Deve ser a primeira partição atrás da partição do sistema e deve ser pelo menos 5% maior do que a partição do sistema (a partição do sistema é a que o sistema operacional atualmente em execução está instalado). No entanto, se o volume externo (que não deve ser confundido com a partição do sistema) estiver formatado como NTFS, a partição para o sistema operacional oculto deve ser, pelo menos, 110% (2,1 vezes) maior do que a partição do sistema (o motivo é que o sistema de arquivos NTFS sempre armazena dados internos exatamente no meio do volume e, portanto, o volume oculto – que é para conter um clone da partição do sistema – pode residir apenas na segunda metade da partição). + Observação: Não é prático (e, portanto, não suportado) instalar sistemas operacionais em dois volumes VeraCrypt que estejam embutidos dentro de uma única partição, pois utilizar o sistema operacional externo muitas vezes exige gravação de dados na área do sistema operacional oculto (e se essas operações de gravação fossem impedidas usando a característica de proteção de volume oculto, isto invariavelmente causaria falhas do sistema, ou seja, erros de "tela azul"). + Para informações sobre como criar e gerir partições, por favor, consulte a documentação fornecida com seu sistema operacional ou entre em contato com o suporte técnico do fornecedor do computador para assistência. + Erro: O sistema operacional atualmente em execução não está instalado na partição de inicialização (primeira partição ativa). Isto não é suportado. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Erro: Não foi possível acessar o volume!\n\nCertifique-se de que o volume selecionado realmente existe, que ele não está montado ou sendo usado pelo sistema ou outro programa, que você tem permissão para ler/gravar nesse volume e que ele não está protegido contra gravação. + Error: Cannot obtain volume properties. + Erro: Não foi possível acessar o volume e/ou obter informações sobre o volume.\n\nCertifique-se que o volume selecionado existe, que não está sendo usado pelo sistema ou aplicativos, que você tem privilégio de leitura/escrita no volume, e que ele não está protegido contra gravação. + Erro: Não foi possível acessar o volume e/ou obter informações sobre o volume.\n\nCertifique-se que o volume selecionado existe, que não está sendo usado pelo sistema ou aplicativos, que você tem privilégio de leitura/escrita no volume, e que ele não está protegido contra gravação.\n\nSe o problema persistir, os passos abaixo podem ajudar. + Um erro impediu o VeraCrypt de criptografar a partição. Tente corrigir quaisquer problemas reportados anteriormente e, em seguida, tente novamente. Se os problemas persistirem, as etapas abaixo pode ajudar. + Um erro impediu o VeraCrypt de retomar o processo de criptografia da partição.\n\nPor favor, tente corrigir quaisquer problemas reportados anteriormente e, em seguida, tentar retomar o processo novamente. Note que o volume não pode ser montado até que tenha sido totalmente criptografado. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Erro: Não foi possível desmontar o volume externo!\n\nUm disco não pode ser desmontado se contiver arquivos ou pastas que estiverem sendo usadas por algum programa ou pelo sistema.\n\nFavor fechar qualquer programa que possa estar usando estes arquivos ou diretórios do disco e clique em "Repetir". + Erro: Não foi possível obter informações sobre o volume externo! a Criação do volume não pode continuar. + Erro: Não foi possível acessar o volume externo! A criação do volume não pode continuar. + Erro: Não foi possível montar o volume externo! A criação dos volumes não pode continuar. + Erro: Não foi possível ler o bitmap de clusters! A criação dos volumes não pode continuar. + Alfabética/Por Categoria + Velocidade Mídia (Decresc.) + Algoritmo + Cifrar + Decifrar + Mídia + Drive + Tamanho + Algoritmo de Criptografia + Algoritmo de Criptografia + Tipo + Valor + Propriedades + Localização + bytes + Oculto + Externo + Normal + Sistema + Oculto (sistema) + Somente Leitura + Disco de sistema + Disco de sistema (criptografando - %.2f%%) + Disco de sistema (descriptografando - %.2f%%) + Disco de sistema (%.2f%% criptografado) + Partição de sistema + Partição do sistema oculto + Partição de sistema (criptografando - %.2f%%) + Partição de sistema (descriptografando - %.2f%%) + Partição de sistema (%.2f%% criptografado) + Sim (protegido contra danos!) + Nenhum + Tamanho da Chave Primária + Tamanho da Chave Secundária (Modo XTS) + Tamanho da chave de ajuste (Modo LRW) + bits + Tamanho do Bloco + PKCS-5 PRF + Contagem de Iterações do PKCS-5 + Disco Criado + Última modificação do cabeçalho + (%I64d dias atrás) + Versão de Formatação do Volume + Cabeçalho de Backup Embutido + VeraCrypt Boot Loader Version + Primeiro disponível + Disco Removível + Disco Rígido + Não alterado + Autodetection + Modo Assistente + Selecione um dos modos. Se não tiver certeza de qual selecionar, use o modo padrão. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Opções de Instalação + Aqui você pode configurar várias opções para controlar o processo de instalação. + Instalando + Aguarde enquanto o VeraCrypt é instalado. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Opções de Extração + Aqui você pode configurar várias opções para controlar o processo de extração. + Aguarde enquanto os arquivos são extraidos. + Files successfully extracted + Todos os arquivos foram extraídos no local de destino. + Se a pasta especificada não existir, ela será criada automaticamente. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Você deseja ler notícias sobre a versão atual (última estável) do VeraCrypt? + Se você nunca usou o VeraCrypt, recomendamos que você leia o capítulo Tutorial para Iniciantes no Guia do Usuário do VeraCrypt. Você deseja ler o tutorial? + Favor escolher uma das seguintes ações: + Reparar/Reinstalar + Upgrade + Desinstalar + Para instalar/desinstalar o VeraCrypt com sucesso, você deve ter privilégios de administrador. Deseja continuar? + O instalador do VeraCrypt está atualmente em execução, realizando ou preparando uma instalação ou atualização do VeraCrypt. Antes de continuar, por favor, aguarde o seu término ou feche-o. Se você não puder fechá-lo, por favor, reinicie o computador antes de prosseguir. + A instalação falhou. + A desinstalação falhou. + Este pacote de distribuição parece estar danificado. Tente baixá-lo novamente (de preferência a partir do nosso site oficial https://veracrypt.codeplex.com). + Não foi possível gravr o arquivoe %s + Extraindo + Não foi possível ler alguns dados do pacote de instalação. + Não foi possível verificar a integridade do pacote de instalação. + A extração falhou. + A instalação foi revertida. + O VeraCrypt foi instalado com sucesso. + O VeraCrypt foi atualizado com sucesso. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + O VeraCrypt foi desinstalado com sucesso.\n\nClique em 'Concluir' para remover o instalador do VeraCrypt e a pasta %s. Observe que a pasta não será removida se ela contiver algum arquivo que não tenha sido criado pelo VeraCrypt ou instalado pelo seu instalador. + Removendo entradas do VeraCrypt do registro + Adicionando entrada no registro + Removendo dados específicos da aplicação + Instalando + Parando + Removendo + Adicionando ícone + Criando ponto de restauração do sistema + Falha ao criar o ponto de restauração do sistema! + Atualizando gerenciador de boot + Não foi possível instalar '%s'. %s Você deseja continuar instalando? + Não foi possível desinstalar '%s'. %s Você deseja continuar desinstalando? + Instalação concluída. + A pasta '%s' não pode ser criada + O driver de dispositivo do VeraCrypt não pôde ser encerrado.\n\nFavor fechar todas as janelas do VeraCrypt primeiro. Se não adiantar, reinicie o Windows e tente novamente. + Todos os volumes VeraCrypt precisam ser fechados antes de instalar ou desinstalar o VeraCrypt. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + A instalação das entradas do registro falharam + A instalação do driver de dispositivo falhou. Favor reiniciar o Windows e tentar instalar o VeraCrypt novamente. + Iniciando o driver de dispositivo do VeraCrypt + Não foi possível desinstalar o driver de dispositivo VeraCrypt. Lembre que, devido a características do Windows, pode ser necessário fazer log off ou reiniciar o sistema antes de desinstalar (ou reinstalar) o driver de dispositivo. + Instalando o driver de dispositivo do VeraCrypt + Parando o driver de dispositivo do VeraCrypt + Desinstalando o driver de dispositivo do VeraCrypt + Erro ao registrar biblioteca de suporte a Controle de Conta de Usuário. + Erro ao remover registro de biblioteca de suporte a Controle de Conta de Usuário. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Aviso: Esta instância do Assistente de Criação de Volume tem privilégios de administrador.\n\nSeu novo volume pode ser criado com permissões que não o deixarão gravar no volume quando ele estiver montado. Caso queira evitar isso, feche esta instância do Assistente e inicie uma nova sem privilégios de administrador.\n\nDeseja fechar essa instância do Assistente de Criação de Volume? + Erro: Não foi possível exibir a licensa. + Externo(!) + dias + horas + minutos + s + Abrir + Desmontar + Mostrar VeraCrypt + Ocultar VeraCrypt + Dados lidos desde a montagem + Dados escritos desde a montagem + Parte Criptografada + 100% (completamente criptografado) + 0% (não criptografado) + %.3f%% + 100% + Aguardando + Preparando + Redimensionando + Criptograf.. + Descriptog.. + Finalizando + Pausado + Concluído + Erro + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Entre senha para %s + Enter password for '%s' + Digite a senha para o volume normal/externo + Digite a senha para o volume oculto + Digite a senha para o cabeçalho armazenado no arquivo de backup + O arquivo-chave foi criado com sucesso. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + AVISO: O cabeçalho deste volume está danificado! O VeraCrypt usou automaticamente o backup do cabeçalho embutido no volume.\n\nVocê deve corrigir o cabeçalho do volume selecionando a opção 'Ferramentas' > 'Restaurar Cabeçalho do Volume'. + O cabeçalho do volume foi copiado com sucesso.\n\nIMPORTANTE: Restaurar o cabeçalho do volume usando essa cópia também irá restaurar a senha do volume. Além disso, se algum(s) arquivo(s)-chave for(em) necessário(s) para montar este volume, o(s) mesmo(s) arquivo(s)-chave será(ão) necessário(s) para montar o volume de novo quando seu cabeçalho for restaurado.\n\nAVISO: Esta cópia so poderá ser usada para restaurar o cabeçalho DESTE volume. Se você utilizar esta cópia para restaurar o cabeçalho de outro volume, ainda será possível montá-lo, mas não descriptografar qualquer dado nele (porque você irá mudar a chave mestra). + O cabeçalho do volume foi restaurado com sucesso.\n\nIMPORTANTE: Lembre que as senhas antigas foram restauras também. Além disto, se eram necessários arquivos-chave para montar o disco, os mesmos arquivos serão necessários novamente. + Por motivos de segurança, você terá que digitar a senha correta (e/ou fornecer o arquivo-chave correto) para o volume.\n\nNota: Se o volume contém um volume oculto, você terá que digitar a senha correta (e/ou fornecer o arquivo-chave correto) para o volume externo primeiro. Depois, se você optar por fazer um backup do cabeçalho do volume oculto, você terá de digitar a senha correta (e/ou fornecer o arquivo-chave correto) para o volume oculto. + Tem certeza de que deseja criar um backup do cabeçalho do volume para %s?\n\nDepois de clicar em Sim, você será perguntado por um nome de arquivo para o backup.\n\nNota: Ambos os cabeçalhos do volume normal e do oculto serão re-criptografados usando um novo salt e armazenados no arquivo de backup. Se não existir um volume oculto dentro deste volume, a área reservada para o cabeçalho do volume oculto no arquivo de backup será preenchida com dados aleatórios (para preservar a camuflagem de informação). Ao restaurar um cabeçalho de volume do arquivo de backup, você precisará digitar a senha correta (e/ou fornecer os arquivos-chave corretos) que era válida quando o backup do cabeçalho foi criado. A senha (e/ou arquivos-chave) também determinará automaticamente o tipo de cabeçalho de volume para restaurar, ou seja, normal ou oculto (note que o VeraCrypt determina o tipo através do processo de tentativa e erro). + Tem certeza que deseja restaurar o cabeçalho do disco %s?\n\nAVISO: Ao restaurar o cabeçalho de um disco, também é restaurada a senha que era válida no momento em que o cabeçalho foi copiado. Além disto, se eram necessários arquivos-chave para montar o disco, os mesmos arquivos serão necessários novamente.\n\nSe voce clicar 'Sim', voce deverá selecionar o arquivo com a cópia do cabeçalho. + O volume contém um volume oculto? + O volume contém um volume oculto + O volume não contém um volume oculto + Por favor, selecione o tipo de backup de cabeçalho do volume que deseja usar: + Restaurar o cabeçalho do volume a partir do backup embutido no volume + Restaurar o cabeçalho do volume a partir de um arquivo de backup externo + O tamanho do arquivo de backup do cabeçalho do volume está incorreto. + Não há cabeçalho de backup embutido neste volume (note que apenas volumes criados pelo VeraCrypt 6.0 ou posterior contém cabeçalhos de backup embutidos). + Você está tentando fazer back up do cabeçalho do dispositivo/partição de sistema. Isto não é permitido. Operações de backup e restauração com o dispositivo/partição de sistema só podem ser realizadas utilizando o Disco de Emergência VeraCrypt.\n\nVocê deseja criar um Disco de Emergência VeraCrypt? + Você está tentando restaurar o cabeçalho do dispositivo/partição de sistema. Isto não é permitido. Operações de backup e restauração com o dispositivo/partição de sistema só podem ser realizadas utilizando o Disco de Emergência VeraCrypt.\n\nVocê deseja criar um Disco de Emergência VeraCrypt? + Depois de clicar em OK, você irá selecionar um nome para o arquivo da imagem ISO do novo Disco de Emergência VeraCrypt e o local onde você deseja salvá-lo. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Insira seu Disco de Emergência VeraCrypt no drive de CD/DVD e clique em OK para verificá-lo. + O Disco de Emergência VeraCrypt foi verificado com sucesso. + Não foi possível verificar se o Disco de Emergência foi gravado corretamente.\n\nSe você ja gravou o Disco de Emergência, remova o CD/DVD, coloque-o novamente e tente novamente. Se isto não andiantar, tente utilisar outro programa para gravar o CD/DVD ou outro CD/DVD.\n\nSe você tentou verificar um Disco de Emergência VeraCrypt criado para uma chave mestra, senha, salt, etc. diferente, lembre que esse Disco de Emergência will vai sempre causar erro nesta verificação. Para criar um novo Disco de Emergência compatível com esta configuração, clique em 'Sistema' > 'Criar Disco de Emergência'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Erro ao criar o Disco de Emergência VeraCrypt. + O Disco de Emergência VeraCrypt não pode ser criado quando um sistema operacional oculto está sendo executado.\n\nPara criar um Disco de Emergência VeraCrypt, inicialize o sistema operacional isca e então selecione 'Sistema' > 'Criar Disco de Emergência'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Favor desmontar o disco antes de prosseguir. + Erro: Não foi possível ajustar o timer. + Verificar o Sistema de Arquivos + Recuperar o Sistema de Arquivos + Add to Favorites... + Add to System Favorites... + P&roperties... + Volume Oculto Protegido + N/A + Sim + Não + Disabled + 1 + 2 ou mais + Modo de Operação + Etiqueta: + Tamanho: + Caminho: + Letra da Unidade: + Erro: A senha deve conter apenas caracteres ASCII.\n\nCaracteres diferentes podem impossibilitar a montagem dos disco quando as configurações do seus sistema forem alteradas.\n\nOs seguinte caracteres são permitidos:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + AVISO: A senha contém caracteres não-ASCII. Isto pode impossibilitar a montagem do volume quando as configurações do seus sistema mudarem.\n\nVoce deveria substituir todos os caracteres não-ASCII na senha por caracteres ASCII. Para faze-lo, clique em 'Discos' -> 'Alterar a Senha do Disco'.\n\nOs caracteres ASCII são:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + AVISO: Recomendamos que você evite extensões usadas para arquivos executáveis (como .exe, .sys ou .dll) ou outra extensão igualmente problemática. É muito provável que usar essa extensão faça o Windows e programas antivírus interferirem nesse recipiente, o que pode afetar o desempenho do volume além de causar outros problemas sérios.\n\nRecomendamos que você remova ou mude a extensão do recipiente (por exemplo, para .hc).\n\nVocê tem certeza de que deseja usar essa extensão problemática? + AVISO: Este recipiente tem uma extensão usada para arquivos executáveis (como .exe, .sys ou .dll) ou outra extensão igualmente problemática. É muito provável que usar essa extensão faça o Windows e programas antivírus interferirem nesse recipiente, o que pode afetar o desempenho do volume além de causar outros problemas sérios.\n\nRecomendamos que você remova ou mude a extensão do recipiente (por exemplo, para .hc) após desmontar o volume. + Site na Internet + AVISO: Parece que voce não aplicou os Service Packs no Windows. Voce não deve gravar em discos IDE maiores que 128 GB em um Windows XP sem o Service Pack 1 ou superior! Se você o fizer, os dados no disco podem ser corrompidos. Lembre que esta é uma limitação do Windows, não um bug no VeraCrypt. + AVISO: Parece que voce não aplicou o Service Pack 3 ou superior no seu Windows. Voce não deve grevar em discos IDE maiores que 128 GB em um Windows 2000 sem o Service Pack 3 ou superior! Se você o fizer, os dados no disco podem ser corrompidos. Lembre que esta é uma limitação do windows, não um bug no VeraCrypt.\n\nObs: Voce pode ter de habilitar o LBA de 48 bits no regsitro do Windows; para mais informações, veja http://support.microsoft.com/kb/305098/EN-US + AVISO: O suporte a ATAPI LBA de 48 bits está desativado no seu sistema. Por isso, voce não deve grevar em discos IDE maiores que 128 GB! Se você o fizer, os dados no disco podem ser corrompidos. Lembre que esta é uma limitação do Windows, não um bug no VeraCrypt.\n\nPara habilitar o suporte a LBA de 48 bits, adicione o valor de registro 'EnableBigLba' na chave HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters e configuere-o para 1.\n\npara mais informações, veja http://support.microsoft.com/kb/305098 + Erro: Arquivos com mais de 4 GB não podem ser armazenados em um sistema de arquivos FAT32. Portanto, volumes VeraCrypt hospedados em arquivos (recipientes) armazenados em um sistema de arquivos FAT32 não podem ser maiores que 4 GB.\n\nSe você precisar de um volume maior, crie-o em um sistema de arquivos NTFS (ou num sistema de arquivos exFAT, se você usa o Windows Vista SP1 ou posterior) ou, em vez de criar um volume hospedado em arquivo, criptografe toda uma partição ou dispositivo. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + AVISO: Se voce necessitar adicionar mais arquivos no volume externo, voce deve considerar a possibilidade de escolher um tamanho menor para o volume oculto.\n\nTem certeza que deseja continuar com o tamanho especificado? + Nenhum disco selecionado.\n\nClique em 'Selecionar Dispositivo' ou 'Selecionar arquivo' para selecionar um volume VeraCrypt. + Nenhuma partição selecionada.\n\nClique em 'Selecionar Dispositivo' para selecionar uma partição desmontada que normalmente exige autenticação pré-inicialização (por exemplo, uma partição localizada em um disco de sistema ou de outro sistema operacional, que não está em execução, ou a partição criptografada de outro sistema operacional).\n\nDica: A partição selecionada será montada como um volume VeraCrypt normal, sem autenticação pré-inicialização. Isto é útil, por exemplo, para operações de backup ou reparo. + AVISO: Se os arquivos-chave padrão estiverem configurados e ativados, não será possível montar volumes que não estiverem usandos esses arquivos. Por isso, depois de ativar os arquivos-chave padrão, lembre de desmarcar a opção 'Usar arquivos-chave' (abaixo do campo da senha) sempre que for montar esses volumes.\n\nVocê tem certeza de que deseja salvar os arquivos-chave/caminhos selecionados como padrão? + Auto-Montar Dispositivos + Desmontar Todos + Limpar Cache + Desmontar Todos & Limpar Cache + Forçar Desmontar Todos & Limpar Cache + Forçar Desmontar Todos, Limpar Cache & Sair + Montar Disco Favoritos + Mostrar/Esconder a janela do VeraCrypt + (Clique aqui e pressione qualquer tecla) + Ação + Atalho + Erro: Este atalho está reservado. Favor escolher um atalho diferente. + Erro: Atalho em uso. + AVISO: Um ou mais dos atalhos de sistema do VeraCrypt não estão funcionando!\n\nFavor certificar-se de que o sistema operacional ou outro programa não está utilizando o(s) mesmo(s) atalho(s) . + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + Um erro ou incompatibilidade impede o VeraCrypt de criptografar o arquivo de hibernação. Portanto, a hibernação foi impedida.\n\nNota: Quando um computador hiberna (ou entra em um modo de economia de energia), o conteúdo do seu sistema de memória é garvado num arquivo de armazenamento de hibernação na unidade do sistema. O VeraCrypt não poderia impedir que as chaves de criptografia e o conteúdo de arquivos sensíveis abertos na RAM sejam salvos não-criptografados no arquivo de armazenamento de hibernação. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + AVISO: Se esta opção for desabilitada, discos contendo arquivos ou diretórios abertos não poderão ser auto-desmontados.\n\nTem certeza de que quer desabilitar esta opção? + AVISO: Discos contendo arquivos ou diretórios abertos NÃO serão auto-desmontados.\n\nPara evitar isto, habilite a seguinte opção nesta janela: 'Forçar auto-demontar mesmo que o disco contenha arquivos ou diretórios abertos' + AVISO: Quando a carga da bateria do notebook estiver baixa, o Windows pode omitir o envio de mensagens apropriadas aos aplicativos em execução quando o computador estiver entrando no modo de economia de energia. Assim sendo, o VeraCrypt pode falhar em auto-desmontar os volumes nesses casos. + Você agendou o processo de criptografia de uma partição/volume. O processo não foi concluído ainda.\n\nVocê gostaria de retomar o processo agora? + Você agendou o processo de criptografia ou descriptografia do dispositivo/partição de sistema. O processo ainda não foi concluído.\n\nVocê deseja reiniciar (continuar) o processo agora? + Deseja ser lembrado sobre se você quer continuar os processos agendados atualmente de criptografia de partições/volumes sem sistema? + Sim, continue me lembrando + Não, não me lembre + IMPORTANTE: Tenha em mente que você pode continuar o processo de criptografia de qualquer partição/volume sem sistema selecionando 'Volumes' > 'Continuar Processo Interrompido' no menu da janela principal do VeraCrypt. + Você agendou o processo de criptografia ou de descriptografia do dispositivo/partição de sistema. Mas a autenticação pré-inicialização falhou (ou foi cancelada).\n\nLembre: Se você descriptografou o dispositivo/partição de sistema no ambiente pré-inicialização, pode ser necessário finalizar o processo selecionando 'Sistema' > 'Descriptografar Definitivamente o Disco/Partição de Sistema' na barra de menu da janela principal do VeraCrypt. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Encerrar o VeraCrypt? + O VeraCrypt não possui informações suficientes para determinar se criptografa ou descriptografa. + O VeraCrypt não possui informação suficiente para determinar se deve criptografar ou descriptografar.\n\nNote: Se você descriptografou o dispositivo/partição de sistema no ambiente pré-inicialização, poderá ser necessário concluir o processo clicando em Descriptografar. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Você deseja interromper e adiar o processo de criptografia da partição/volume?\n\nNota: Tenha em mente que o volume não pode ser montado até que ele tenha sido totalmente criptografado. Você poderá retomar o processo de criptografia e ele irá continuar a partir do ponto que foi parado. Você pode fazê-lo, por exemplo, escolhendo 'Volumes' > ' Continuar Processo Interrompido' a partir da barra de menu da janela principal do VeraCrypt. + Você deseja interromper e adiar o processo de criptografia do dispositivo/partição de sistema?\n\nLembre: Você poderá continuar o processo do ponto em que ele foi interrompido. Para isso, você pode, por exemplo, clicar em 'Sistema' > 'Continuar Processo interrompido' na barra de menu da janela principal do VeraCrypt. Se você deseja reverter o processo de criptografia (e começar a descriptografar), Clique em 'Sistema' > 'Descriptografar o Dispositivo/Partição de Sistema'. + Você deseja interromper e adiar o processo de descriptografia do dispositivo/partição de sistema?\n\nLembre: Você poderá continuar o processo do ponto em que ele foi interrompido. Para isso, você pode, por exemplo, clicar em 'Sistema' > 'Continuar Processo interrompido' na barra de menu da janela principal do VeraCrypt. Se você deseja reverter o processo de descriptografia (e começar a criptografar), Clique em 'Sistema' > 'Criptografar o Dispositivo/Partição de Sistema'. + Erro: Não foi possível interromper o processo de criptografia/descriptografia do dispositivo/partição de sistema. + Erro: Falha ao interromper o processo de limpeza. + Erro: Não foi possível continuar o processo de criptografia/descriptografia do dispositivo/partição de sistema. + Erro: Falha ao iniciar o processo de limpeza. + Inconsistência resolvida.\n\n\n(Se você relatar um bug devido a isso, favor incluir a seguinte informação técnica no relatório: %hs) + Erro: Estado inesperado.\n\n\n(Se você relatar um bug relacionado a isto, por favor inclua as seguintes informações técnicas no relatório de erros: %hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + AVISO: A tarefa em Background do VeraCrypt está desabilitada. Depois de sair do VeraCrypt, voce não será notificado se algum dano a um arquivo escondido for evitado.\n\nObs: Voce pode parar a tarefa em Background a qualquer momento clicando com o botão direito no ícone do VeraCrypt na bandeja do sistema e selecionando 'Sair'.\n\nHabilitar a execução do VeraCrypt em Segundo Plano? + Versão da Tradução: %s + Verificando o sistema de arquivos do volume VeraCrypt montado como %s... + Tentando reparar o sistema de arquivos do volume VeraCrypt montado como %s... + AVISO: este volume está criptografado com um algoritmo legacy.\n\nTodos os algoritmos de blocos de 64 bits (como Blowfish, CAST-128 e Triple DES) estão obsoletos. Ainda será possível montar este volume usando futuras versões do VeraCrypt. Mas não haverá mais melhoramentos na implementação desses algoritmos legacy. Recomendamos que você crie um novo volume VeraCrypt criptografado com um algoritmo de bloco de 128 bits (como AES, Serpent, Twofish, etc.)e mova todos os arquivos deste volume para o novo. + Seu sistema não está configurado para auto-montar novos volumes. Pode não ser possível montar um volume VeraCrypt baseado em dispositivo. A opção de auto-montar pode ser habilitada com a execução do seguinte comando e uma reinicialização do sistema.\n\nmountvol.exe /E + Favor atribuir uma letra de unidade ao dispositivo/partição antes de continuar ('Painel de Controle' > 'Sistema e Manutenção' > 'Ferramentas Administrativas' - 'Criar e formatar partitições').\n\nIsto é uma exigência do sistema operacional. + Montar Volume VeraCrypt + Desmontar todos os volumes VeraCrypt + O VeraCrypt não conseguiu obter privilégios de Administrador. + Acesso negado pelo sistema operacional.\n\nPossível causa: O sistema operacional exige que você tenha permissão para ler/gravar (ou privilégios de Administrador) para certos dispositivos, arquivos e pastas, para poder ler/gravar dados neles/deles. Normalmente, um usuário sem privilégios de Administrador é autorizado a criar, ler e modificar arquivos em sua pasta de Documentos. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + O VeraCrypt Boot Loader requer pelo menos 32 KBytes de espaço livre no início do dispositivo de sistema. + Este recurso não é suportado na versão do sistema operacional que você está usando. + O VeraCrypt não pode criptografar um dispositivo/partição de sistema na versão de sistema operacional que você está usando. + Antes de criptografar a partição/unidade de sistema no Windows Vista, você precisa instalar o Service Pack 1 ou superior (nenhum Service Pack foi instalado neste sistema ainda).\n\nNota: O Service Pack 1 pro Windows Vista solucionou um problema que causa falta de memória principal livre durante o boot do sistema. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Seu sistema possui uma tabela de partição GUID (GPT). No momento, apenas tabelas de partição MBR são suportadas. + CUIDADO: O VeraCrypt Boot Loader ja está instalado no seu disco de sistema!\n\nÉ possível que outro sistema em seu computador ja esteja criptografado.\n\nAVISO: CONTINUAR COM A CRIPTOGRAFIA DESTE SISTEMA PODE TORNAR OUTRO(S) SISTEMA(S) E SEUS DADO(S) INACESSÍVEL(IS).\n\nVocê tem certeza de que deseja continuar? + Não foi possível restaurar o inicializador original do sistema.\n\nPor favor, use o seu Disco de Emergência VeraCrypt ('Opções de Reparação' > 'Restaurar inicializador original do sistema') ou sua mídia de instalação do Windows para substituir o Gerenciador de Boot do VeraCrypt pelo do Windows. + O loader original do sistema não será armazenado no Disco de Emergência (provável causa: arquivo de backup não encontrado). + Não foi possível gravar no setor da MBR.\n\nSua BIOS pode estar configurada para proteger o setor da MBR. Verifique "MBR/antivirus protection" nas configurações da sua BIOS (pressione F2, Delete ou Esc ao ligar o seu computador). + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + A versão requerida do Gerenciador de Boot do VeraCrypt não está instalada no momento. Isto pode evitar que algumas configurações sejam salvas. + Nota: Em algumas situações, você pode querer impedir uma pessoa (adversário) que está observando você iniciar o computador de saber que você usa o VeraCrypt. As opções acima permitem que você faça isso, personalizando a tela de inicialização do VeraCrypt. Se você ativar a primeira opção, nenhum texto será apresentado pelo gestor de inicialização (mesmo se você digitar a senha errada). O computador aparentará estar "congelado" enquanto você puder digitar sua senha. Além disso, uma mensagem personalizada pode ser exibida para enganar seu adversário. Por exemplo, mensagens de erro falsas como 'Sistema operacional ausente' (que normalmente é exibida pelo boot do Windows se ele não encontrar qualquer partição de inicialização do Windows). No entanto, é importante notar que, se o adversário puder analisar o conteúdo do disco rígido, ele ainda pode descobrir que ele contém o gestor de inicialização do VeraCrypt. + ATENÇÃO: Tenha em mente que se você ativar esta opção, o inicializador do VeraCrypt não exibirá quaisquer textos (mesmo se você digitar a senha errada). O computador aparentará estar "congelado" (sem resposta), enquanto você puder digitar sua senha (o cursor NÃO se moverá e nenhum asterisco será exibido quando você pressionar uma tecla).\n\nTem certeza de que deseja ativar essa opção? + Seu dispositivo/partição parece estar completamente criptografado. + O VeraCrypt não criptografa disco de sistema que tenha sido convertido para disco dinâmico. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Você deseja criptografar a partição de sistema em vez de o disco inteiro?\n\nLembre que você pode criar volumes VeraCrypt hospedados em qualquer partição que não seja de sistema (além de criptografar a partição de sistema). + Como o seu disco de sistema contém apenas uma partição que ocupa o disco inteiro, é preferível (mais seguro) criptografar o disco inteiro incluindo o intervalo livre que comumente fica ao redor dessa partição.\n\nVocê deseja criptografar o disco inteiro? + Seu sistema está configurado para armazenar os arquivos temporários em uma partição não- sistema.\n\nArquivos temporários podem ser armazenados apenas na partição do sistema. + Seus arquivos do perfil de usuário não estão armazenados na partição do sistema.\n\nArquivos do perfil de usuário podem ser armazenados somente na partição do sistema. + Existe(m) arquivo(s) de paginação em partições não-sistema.\n\nArquivos de paginação podem estar localizados somente na partição do sistema. + Deseja configurar o Windows para criar arquivos de paginação na partição do Windows agora?\n\nNote que se você selecionar 'Sim', o computador será reiniciado. Depois disso, inicie o VeraCrypt e tente criar o SO oculto novamente. + Caso contrário, a camuflagem de informação do sistema operacional oculto poderia ser adversamente afetada.\n\nNota: Se um adversário analisasse o conteúdo de tais arquivos (residido numa partição não-sistema), ele poderia descobrir que você usou este assistente modo de criação de sistema oculto (que pode indicar a existência de um sistema operacional oculto no seu computador). Observe também que todos esses arquivos armazenados na partição do sistema serão apagados com segurança pelo VeraCrypt durante o processo de criação do sistema operacional oculto. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Aviso: Há espaço não alocado entre a partição de sistema e a primeira partição depois dela. Depois de criar o sistema operacional oculto, você não deve criar novas partições nesse espaço não alocado. Caso contrário, o sistema operacional oculto será impossibilitado de inicializar (até você excluir essas recém-criadas partições). + Este algoritmo não é suportado para criptografia de sistema. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Arquivos-chave atualmente não são suportados para criptografia do sistema. + Aviso: O VeraCrypt não conseguiu restaurar o layout original do teclado. Isto poderá fazê-lo digitar a senha incorretamente. + Erro: Não foi possível configurar o layout do teclado para o VeraCrypt como layout Estados Unidos (Internacional).\n\nLembre que a senha precisa ser digitada em ambiente pré-boot (antes de o Windows iniciar) onde layouts não-Windows Estados Unidos (Internacional) não estão disponíveis. Por isso, a senha deve ser digitada sempre usando o layout Estados Unidos (Internacional). + Como o VeraCrypt mudou temporariamente o layout do seu teclado para o layout Estados Unidos (Internacional), não será possível digitar caracteres pressionando teclas enquanto a tecla Alt Gr estiver pressionada. Mas você ainda pode digitar a maioria desses caracteres usando a tecla apropriada enquanto mantem pressionada a tecla Shift. + O VeraCrypt impediu uma alteração no layout do teclado. + Lembre: A senha precisará ser digitada no ambiente pré-inicialização (antes de iniciar o Windows) onde layouts não-Estados Unidos (Internacional) não estão disponíveis. Por isso, a senha precisa ser digitada sempre usando o layout Estados Unidos (Internacional). Mesmo assim, é importante lembrar que você NÃO precisa de um teclado Estados Unidos (Internacional) real. O VeraCrypt certifica-se automaticamente de que você pode digitar a senha com segurança (tanto agora quanto no ambiente pré-inicialização) mesmo se você NÃO possuir um teclado Estados Unidos (Internacional). + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + ATENÇÃO: Se você já criou um Disco de Emergência VeraCrypt no passado, ele não pode ser reutilizado para esta partição/unidade de sistema, porque ele foi criado para uma chave mestra diferente! Cada vez que criptografar uma partição/unidade de sistema você deve criar um novo Disco de Emergência VeraCrypt para ela, mesmo se usar a mesma senha. + Erro: Não foi possível salvar as configurações de criptografia de sistema. + Não foi possível iniciar o pré-teste da criptografia de sistema. + Não é possível iniciar o processo de criação do sistema operacional oculto. + Modo de Limpar + Em alguns tipos de mídias de armazenamento, quando os dados são sobrescritos com outros dados, pode ser possível recuperar os dados sobrescritos usando técnicas como microscopia de força magnética. Isto também se aplica aos dados que são sobrescritos pela sua forma criptografada (o que acontece quando VeraCrypt inicialmente criptografa uma partição ou unidade não criptografada). De acordo com alguns estudos e publicações governamentais, a recuperação de dados sobrescritos pode ser evitada (ou tornada muito difícil) sobrescrevendo os dados com outros dados pseudo-aleatórios e alguns não-aleatórios um determinado número de vezes. Portanto, se você acredita que um adversário possa ser capaz de usar tais técnicas para recuperar os dados que você pretende criptografar, você pode querer selecionar um dos modos de limpeza (dados existentes NÃO serão perdidos). Note que a limpeza NÃO será realizada depois da partição/unidade ser criptografada. Quando a partição/unidade está totalmente criptografada, nenhum dado não-criptografado é gravado nela. Quaisquer dados que estiverem sendo gravados nela são primeiro criptografados na memória e só então são gravados gravados no disco. + Em alguns tipos de mídias de armazenamento, quando os dados são sobrescritos com outros dados (por exemplo, quando eles são apagados), pode ser possível recuperar os dados sobrescritos usando técnicas como microscopia de força magnética. De acordo com alguns estudos e publicações governamentais, a recuperação de dados sobrescritos pode ser evitada (ou tornada muito difícil) sobrescrevendo os dados com outros dados pseudo-aleatórios e alguns não-aleatórios um determinado número de vezes. Portanto, se você acredita que um adversário possa ser capaz de usar tais técnicas para recuperar os dados que devem ser apagados, você pode querer selecionar um dos modos de limpeza de múltiplas passagens.\n\nNota: Quanto mais passagens de limpeza você usar, mais tempo levará para apagar os dados. + Limpando + \nNota: Você pode interromper o processo de limpeza, desligar o computador, iniciar o sistema oculto novamente e então retomar o processo (o assistente será iniciado automaticamente). No entanto, se você interrompê-lo, todo o processo de limpeza terá que começar desde o início. + \n\nNota: Se você interromper o processo de limpeza e, em seguida, tentar retomá-lo, todo o processo terá que começar desde o início. + Você deseja abortar o processo de limpeza? + Atenção: Todo o conteúdo da partição/dispositivo selecionada(o) será apagado e perdido. + Todo o conteúdo da partição onde o sistema original reside será apagado.\n\nNota: Todo o conteúdo da partição que está para ser apagada foi copiado para esta partição de sistema oculto. + ATENÇÃO: Note que quando você escolhe por exemplo o modo de limpeza de 3 ciclos, o tempo necessário para criptografar a partição/unidade será até 4 vezes maior. Do mesmo modo, se você escolher o modo de limpeza de 35 ciclos, vai ser até 36 vezes mais longo (o que poderia até levar várias semanas).\n\nNo entanto, observe que a limpeza NÃO será realizada após a partição/unidade ser totalmente criptografada. Quando a partição/unidade está totalmente criptografada, nenhum dado não-criptografado é gravado nela. Quaisquer dados que estão sendo gravados nela são primeiro criptografados na memória e só então são gravados no disco (por isso o desempenho NÃO será afetado).\n\nTem certeza que deseja usar o modo de limpeza? + Nenhum (mais rápido) + 1 ciclo (dados aleatórios) + 3 ciclos (US DoD 5220.22-M) + 7 ciclos (US DoD 5220.22-M) + 35 ciclos ('Gutmann') + 256 ciclos + Número de Sistemas Operacionais + AVISO: usuários inexperientes nunca devem tentar criptografar o Windows em configurações de boot múltiplo.\n\nDeseja continuar? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Disco de Inicialização + Este sistema operacional está instalado no disco de inicialização?\n\nLembre: às vezes, o Windows não está instalado no mesmo disco que seu boot loader (partição de inicialização). Se este for o caso clique em 'Não'. + O VeraCrypt não criptografa sistema operacional que não inicia do mesmo disco em que está instalado. + Número de Discos de Sistema + Quantos discos contêm sistema operacional?\n\nLembre: Se, por exemplo, você tem algum sistema operacional (como Windows, Mac OS X, Linux, etc.) instalado em seu disco primário e algum outro sistema operacional instalado em seu disco secundário, selecione '2 ou mais'. + Esta versão do VeraCrypt não suporta criptografar um disco que contém vários sistemas operacionais.\n\nSoluções Possíveis:\n\n- Você ainda pode criptografar um dos sistemas se você voltar e escolher criptografar apenas uma partição de sistema (em vez de escolher criptografar o disco de sistema inteiro).\n\n- Você também pode criptografar o disco inteiro se, primeiro, você mover os outros sistemas operacionais para outros discos, deixando apenas um sistema no disco que você deseja criptografar. + Vários Sistemas em Um único Disco + Existe algum outro sistema operacional instalado no mesmo disco em que este sistema operacional?\n\nLembre: Se este sistema operacional estiver instalado, por exemplo, no disco #0, que contém várias partições, e uma delas contém o Windows e outra contém outro sistema operacional (como Windows, Mac OS X, Linux, etc.), selecione 'Sim'. + Boot Loader Não-Windows + É um gerenciador de boot não-Windows instalado no Master Boot Record (MBR)?\n\nNota: Por exemplo, se a primeira faixa da unidade de boot contém o GRUB, LILO, XOSL, ou algum outro gerenciador de boot não-Windows (ou gestor de inicialização), selecione 'Sim'. + Boot Múltiplo + Esta versão do VeraCrypt não suporta configurações de boots múltiplos com boot loader não-Windows instalado na MBR.\n\nSoluções Possíveis:\n\n- Se você usa um gerenciador de boot para iniciar o Windows e o Linux, mova o gerenciador de boot (geralmente GRUB) da MBR para uma partição. Depois, inicie este assistente novamente e criptografeo dispositivo/partição de sistema. Lembre que o VeraCrypt Boot Loader se tornará o seu gerenciador de inicialização principal e permitirá que você execute seu gerenciador original (como GRUB) como gerenciador secundário (pressionando Esc na tela do VeraCrypt Boot Loader) e, assim, você poderá iniciar o Linux. + Se o sistema operacional atualmente em execução estiver instalado na partição de boot, então, depois que você criptografá-la, você terá que digitar a senha correta mesmo que você queira iniciar qualquer outro sistema Windows não-criptografado (uma vez que irão compartilhar um único gerenciador de boot criptografado do Windows).\n\nEm contrapartida, se o sistema operacional em execução atualmente não estiver instalado na partição de boot (ou se o gerenciador de boot do Windows não é utilizado por nenhum outro sistema), em seguida, depois de criptografar este sistema, você não precisa digitar a senha correta para iniciar o(s) outro(s) sistema(s) não-criptografado(s) – você só precisa pressionar a tecla Esc para iniciar o sistema não-criptografada (se existirem vários sistemas não criptografados, você também precisará escolher qual sistema iniciar no menu do Gerenciador de Boot do VeraCrypt).\n\nNota: Normalmente, o mais antigo sistema do Windows instalado está na partição de inicialização. + Criptografia da Área Protegida do Host + No final de muitas unidades, existe uma área que é normalmente ocultada do sistema operacional (tais áreas são geralmente referidas como Áreas Protegidas do Host). No entanto, alguns programas podem ler e gravar dados de/para essas áreas.\n\nATENÇÃO: Alguns fabricantes de computadores podem utilizar essas áreas para armazenar dados e ferramentas para RAID, recuperação do sistema, configuração do sistema, diagnóstico, ou para outros fins. Se essas ferramentas ou dados devem estar acessíveis antes de inicializar, a área oculta NÃO deve ser criptografada (escolher 'Não' acima).\n\nVocê quer que o VeraCrypt detecte e criptografe uma área oculta assim (se houver), no final da unidade de sistema? + Tipo da Criptografia do Sistema + Selecione esta opção se você quiser apenas criptografar a partição do sistema ou toda a unidade de sistema. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Sistema Operacional Oculto + Nos seguintes passos, você criará dois volumes VeraCrypt (externo e oculto) na primeira partição atrás da partição do sistema. O volume oculto conterá o sistema operacional oculto (SO). O VeraCrypt criará o SO oculto copiando o conteúdo da partição do sistema (em que o SO atualmente em execução está instalado) para o volume oculto. Para o volume externo, você copiará alguns arquivos sensíveis que você realmente NÃO quer esconder. Eles estarão lá para qualquer um que forçar você a revelar a senha para partição do SO oculto. Você pode revelar a senha para o volume externo dentro da partição do SO oculto (a existência do SO oculto permanece em segredo).\n\nPor último, na partição do SO atualmente em execução, você irá instalar um novo SO, o chamado SO isca, e irá criptografá-lo. Ele não deve conter os dados sensíveis e estará lá para qualquer um que force você a revelar sua senha de autenticação pré-boot. No total, haverá três senhas. Duas delas podem ser divulgadas (para o SO isca e o volume externo). Se você usar o terceiro, o SO oculto irá iniciar. + Detectando Setores Ocultos + Por favor, aguarde enquanto o VeraCrypt está detectando possíveis setores ocultos no final da unidade do sistema. Observe que esta operação pode levar um longo tempo para terminar.\n\nNota: Em casos muito raros, em alguns computadores, o sistema pode não responder durante este processo de detecção. Se isso acontecer, reinicie o computador, inicie o VeraCrypt, repita os passos anteriores, mas ignore este processo de detecção. Note que este problema não é causado por um erro no VeraCrypt. + Área a Criptografar + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Coletando Dados Aleatórios + Chaves Geradas + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Gravação do Disco de Emergência + Disco de Emergência Criado + Pré-Teste de Criptografia de Sistema + Disco de Emergência Verificado + \nO Disco de Emergência VeraCrypt foi verificado com sucesso. Remova-o da gaveta e guarde-o em um local seguro.\n\nClique em Avançar para continuar. + AVISO: Durante os próximos passos, o Disco de Emergência do VeraCrypt não deve estar na unidade. Caso contrário, não será possível completar os passos corretamente.\n\nPor favor, remova-o da unidade agora e guarde-o em um local seguro. Em seguida, clique em OK. + Aviso: Devido a limitações técnicas, textos exibidos pelo VeraCrypt no ambiente pré-boot (pré-inicialização, antes de o Windows iniciar) podem não estar localizados. A interface de usuário do VeraCrypt Boot Loader é completamente em Inglês.\n\nDeseja continuar? + Antes de criptografar o seu disco ou partição de sistema, o VeraCrypt precisa verificar se tudo está funcionando corretamente.\n\nDepois que você clicar em Testar, todos os componentes necessários (como o componente de autenticação pré-inicialização - VeraCrypt Boot Loader) serão instalados e o seu computador será reiniciado. Então, você precisará digitar a senha na tela do VeraCrypt Boot Loader que aparecerá antes de o Windows iniciar. Depois que o Windows iniciar, você será automaticamente informado sobre o resultado do pré-teste.\n\nO seguinte dispositivo será modificado: Disco #%d\n\n\nSe você clicar em Cancela agora, nada será instalado e o pré-teste não será realizado. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Pré-Teste Completado + O pré-teste foi concluído com êxito.\n\nATENÇÃO: Observe que, se fonte de energia for subitamente interrompida durante a criptografia dos dados existentes no local, ou quando o sistema operacional falhar devido a um erro de software ou hardware enquanto o VeraCrypt estiver criptografando os dados existentes no local, porções dos dados serão corrompidas ou perdidas. Portanto, antes de começar a codificação, por favor, certifique-se de que tem cópias de segurança dos arquivos que você deseja criptografar. Se não possuir, por favor faça backup dos arquivos agora (você pode clicar em Adiar, fazer backup dos arquivos e, em seguida, executar novamente o VeraCrypt a qualquer momento, e selecione 'Sistema' > 'Continuar Processo Interrompido' para iniciar a criptografia).\n\nQuando estiver pronto, clique em Criptografar para iniciar. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nVocê pode clicar em Pausar ou Adiar a qualquer momento para interromper o processo de criptografia, sair deste assistente, reiniciar ou desligar seu computador e, em seguida, retomar o processo, que continuará a partir do ponto que foi parado. Note que o volume não pode ser montado até que tenha sido totalmente criptografado. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Sistema Oculto Iniciado + Sistema Original + O Windows cria (normalmente, sem o seu conhecimento ou consentimento) vários arquivos de registro, arquivos temporários, etc, na partição do sistema. Ele também salva o conteúdo da memória RAM para hibernação e arquivos de paginação localizados na partição do sistema. Portanto, se um adversário analisasse arquivos armazenados na partição onde reside o sistema original (do qual o sistema oculto é um clone), ele pode descobrir, por exemplo, que você usou o assistente do VeraCrypt no modo de criação de sistemas ocultos (que pode indicar a existência de um sistema operacional oculto no seu computador).\n\nPara evitar tais problemas, o VeraCrypt irá, nos próximos passos, apagar com segurança todo o conteúdo da partição onde o sistema original reside. Posteriormente, a fim de obter camuflagem de informações, será necessário instalar um novo sistema na partição e criptografá-lo. Assim você irá criar o sistema isca e todo o processo de criação do sistema operacional oculto será concluído. + O sistema operacional oculto foi criado com sucesso. No entanto, antes que você possa começar a usá-lo (e obter camuflagem de informação), você precisará apagar com segurança (usando o VeraCrypt) todo o conteúdo da partição onde o sistema operacional atualmente em execução está instalado. Antes que você possa fazer isso, você precisará reiniciar o computador e, na tela do Gerenciador de Boot do VeraCrypt (que aparece antes de iniciar o Windows), digite a senha de autenticação pré-boot para o sistema operacional oculto. Em seguida, após iniciar o sistema oculto, o assistente do VeraCrypt será iniciado automaticamente.\n\nNota: Se você optar por encerrar o processo de criação do sistema operacional oculto agora, você NÃO poderá retomar o processo e o sistema oculto NÃO estará acessível (porque o Gerenciador de Boot do VeraCrypt será removido). + Você tem agendado o processo de criação de um sistema operacional oculto. O processo não foi concluído ainda. Para completá-lo, você precisará reiniciar o computador e, na tela do Gerenciador de Boot do VeraCrypt (que aparece antes do Windows iniciar), digite a senha para o sistema operacional oculto.\n\nNota: Se você optar por encerrar o processo de criação do sistema operacional oculto agora, você NÃO poderá retomar o processo. + Reinicie o computador e prossiga + Encerrar permanentemente o processo de criação do sistema operacional oculto + Não fazer nada agora, e perguntar novamente mais tarde + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Clonagem de Sistema Operacional + Nas próximas etapas, o VeraCrypt irá criar o sistema operacional oculto copiando o conteúdo da partição do sistema para o volume oculto (os dados a serem copiados serão criptografados on-the-fly com uma chave de criptografia diferente daquele que será utilizada para o sistema isca).\n\nPor favor note que o processo será realizado em ambiente pré-boot (antes do Windows iniciar) e pode levar um longo tempo para concluir; várias horas ou até vários dias (dependendo do tamanho da partição do sistema e do desempenho do seu computador).\n\nVocê poderá interromper o processo, desligar o computador, iniciar o sistema operacional e, em seguida, retomar o processo. No entanto, se você interrompê-lo, todo o processo de cópia do sistema terá que começar desde o início (porque o conteúdo da partição do sistema não deve mudar durante a clonagem). + Deseja cancelar todo o processo de criação do sistema operacional oculto?\n\nNota: Você NÃO poderá retomar o processo se cancelá-lo agora. + Você deseja cancelar o pré-teste de criptografia de sistema? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + O dispositivo/partição de sistema não parece estar criptografado (nem parcial nem completamente). + Seu dispositivo/partição de sistema está criptografado (parcial ou completamente).\n\nFavor descriptografar o dispositivo/partição de sistema completamente antes de continuar. Para isso, clique em 'Sistema' > 'Descriptografar Dispositivo/Partição de Sistema Definitivamente' na barra de menu da janela principal do VeraCrypt. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Seu dispositivo/partição de sistema está sendo criptografado, descriptografado ou modificado de outra forma. Favor interromper o processo de criptografia/descriptografia/modificação (ou aguardar até que ele esteja completo) antes de continuar. + Uma instância do Assistente de Criação de Volume VeraCrypt ja está em execução neste sistema ou se preparando para a criptografia/descriptografia do dispositivo/partição de sistema. Antes de continuar, aguarde até que ele seja concluído ou feche-o. Se você não conseuir fechá-lo, reinicie o seu computador antes de continuar. + O processo de criptografia ou descriptografia do dispositivo/partição de sistema não foi concluído. Aguarde até que ele seja concluído antes de continuar. + Erro: O processo de criptografia do disco/partição de sistema não foi concluído. Ele precisa ser concluído primeiro. + Erro: O processo de criptografia da partição/volume não foi concluído. Ele precisa ser concluído primeiro.\n\nNota: Para retomar o processo, selecione 'Volumes' > 'Retomar Processo Interrompido' na barra de menu da janela principal do VeraCrypt. + A senha está correta. O VeraCrypt descriptografou com êxito o cabeçalho do volume e detectou que este é um volume de sistema oculto. No entanto, você não pode modificar o cabeçalho de um volume de sistema oculto desta forma.\n\nPara alterar a senha de um volume de sistema oculto, inicie o sistema operacional residente no volume oculto e depois selecione 'Sistema' > 'Alterar Senha' na barra de menu da janela principal do VeraCrypt.\n\nPara definir o algoritmo de derivação da chave de cabeçalho, inicie o sistema operacional oculto e selecione 'Sistema' > 'Definir Algoritmo de Derivação da Chave de Cabeçalho'. + O VeraCrypt não suporta descriptografia no local de uma partição de sistema oculto.\n\nNota: Se você quiser descriptografar a partição do sistema isca, inicie o sistema isca e selecione 'Sistema' > 'Descriptografar Permanentemente a Partição/Unidade de Sistema' na barra de menu da janela principal do VeraCrypt. + Erro: Parâmetro incorreto/inválido. + Você selecionou um dispositivo ou partição mas o assistente que você escolheu é apenas para arquivos-recipiente.\n\nVocê deseja mudar de assistente? + Você deseja criar um arquivo recipiente VeraCrypt? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Você tem certeza de que deseja descriptografar o dispositivo/partição de sistema definitivamente? + CUIDADO: Se você descriptografar o dispositivo/partição de sistema definitivamente, os dados descriptografados serão gravados nele.\n\nVocê tem certeza de que deseja descriptografar o dispositivo/partição de sistema definitivamente? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Aviso: Se você usar uma cascata de cifras para criptografia do sistema, você pode encontrar os seguintes problemas:\n\n1) O Gerenciador de Boot do VeraCrypt é maior do que o normal e, portanto, não há espaço suficiente na primeira faixa de uma unidade para backup do Gerenciador de Boot do VeraCrypt. Consequentemente, sempre que ele for danificado (o que muitas vezes acontece, por exemplo, durante procedimentos de ativação anti-pirataria concebidos inadequadamente em certos programas), você precisará usar o Disco de Emergência VeraCrypt para iniciar ou reparar o Gerenciador de Boot do VeraCrypt.\n\n2) Alguns computadores demoram mais para retomar da hibernação.\n\nEstes problemas potenciais podem ser evitados pela escolha de um algoritmo de criptografia não-cascata (AES, por exemplo).\n\nTem certeza que pretende utilizar uma cascata de cifras? + Se você tiver algum dos problemas descritos acima, descriptografe o disco/partição (se ele estiver criptografado) e tente criptografá-lo novamente usando um algoritmo não sequencial (como o AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + O número da versão do Gerenciador de Boot do VeraCrypt que inicializou esse sistema operacional é diferente do número da versão do driver do VeraCrypt (e do aplicativo do VeraCrypt) instalados no sistema.\n\nVocê deve executar o instalador do VeraCrypt (cujo número de versão é o mesmo do Gerenciador de Boot) para atualizar o VeraCrypt neste sistema operacional. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + O VeraCrypt Boot Loader foi atualizado.\n\nÉ fortemente recomendável que você crie um novo Disco de Emergência VeraCrypt (que conterá a nova versão do VeraCrypt Boot Loader) selecionando 'Sistema' > 'Criar Disco de Emergência' depois que você reiniciar o seu computador. + O Gerenciador de Boot do VeraCrypt foi atualizado.\n\nÉ altamente recomendado que você inicie o sistema operacional isca e então crie um novo Disco de Emergência VeraCrypt (que incluirá a nova versão do Gerenciador de Boot do VeraCrypt), selecionando 'Sistema' > 'Criar Disco de Emergência'. + Não foi possível atualizar o VeraCrypt Boot Loader. + O VeraCrypt falhou em detectar o tamanho real da unidade de sistema e, portanto, o tamanho reportado pelo sistema operacional (que pode ser menor do que o tamanho real) será utilizado. Observe também que este não é um bug no VeraCrypt. + AVISO: Parece que o VeraCrypt ja tentou detectar setores ocultos neste disco de sistema. Se você encontrou algum problema durante esse processo de detecção, você pode evitá-lo cancelando esta etapa agora. Mas lembre que se você fizer isso, o VeraCrypt irá utilizar o tamanho informado pelo sistema operacional (que poderá ser menor que o tamanho real do disco).\n\nLembre também que este problema não é causado por um bug no VeraCrypt. + Cancelar a detecção de setores ocultos (usar o tamanho informado pelo sistema operacional) + Tentar detectar setores ocultos novamente + Erro: O conteúdo de um ou mais setores do disco não pode ser lido (provavelmente por algum defeito físico).\n\nO processo de criptografia no local só pode continuar quando os setores forem tornados legíveis novamente. O VeraCrypt pode tentar fazer estes setores legíveis gravando zeros nos setores (subseqüentemente todos esses blocos de zero seriam criptografados). No entanto, note que todos os dados armazenados nos setores ilegíveis serão perdidos. Se quiser evitar isso, você pode tentar recuperar parcelas dos dados corrompidos usando software de terceiros.\n\nNota: No caso de setores danificados fisicamente (em vez de mera corrupção de dados e erros de checksum), a maioria dos dispositivos de armazenamento realocam internamente os setores quando se tenta gravar dados neles (por isso, os dados existentes nos setores danificados podem permanecer não-criptografados na unidade).\n\nVocê quer que o VeraCrypt grave zeros nos setores ilegíveis? + Erro: O conteúdo de um ou mais setores do disco não pode(m) ser lido(s) (provavelmente devido a um defeito físico).\n\nPara prosseguir com a descriptografia, o VeraCrypt terá que descartar o conteúdo de tais setores (o conteúdo será substituído por dados pseudo-aleatórios). Por favor note que, antes de continuar, você pode tentar recuperar porções dos dados corrompidos usando software apropriado de terceiros.\n\nDeseja que o VeraCrypt descarte os dados nos setores ilegíveis agora? + Nota: O VeraCrypt substituiu o conteúdo de %I64d setores ilegíveis (%s) com blocos criptografados de texto formatado com zeros. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Digite password/PIN para o token '%s': + \tA fim de permitir que o VeraCrypt acesse um token de segurança ou um smart card, você primeiro precisa instalar uma biblioteca de software PKCS #11 para o token ou smart card. Essa biblioteca pode ser fornecida com o dispositivo ou pode estar disponível para download no site do vendedor ou por terceiros. \tDepois de instalar a biblioteca, você pode selecioná-la manualmente, clicando em 'Selecionar Biblioteca' ou você pode deixar o VeraCrypt encontrá-la e selecioná-la automaticamente clicando em 'Auto-Detectar Biblioteca' (apenas o diretório de sistema do Windows vai ser pesquisado). + Nota: Para o nome do arquivo e a localização da biblioteca PKCS #11 instalada para seu token de segurança ou smart card, por favor consulte a documentação fornecida com o token, card, ou software de terceiros.\n\nClique em 'OK' para selecionar o caminho e o nome do arquivo. + A fim de permitir que o VeraCrypt acesse um token de segurança ou smart card, você precisa primeiro selecionar uma biblioteca de software PKCS #11 para o token/card. Para isso, selecione 'Configurações' > 'Tokens de Segurança'. + Falha ao inicializar a biblioteca PKCS #11 do token de segurança.\n\nPor favor, certifique-se de que o caminho e o nome de arquivo especificados refiram-se a uma biblioteca PKCS #11. Para especificar um caminho e nome do arquivo de uma biblioteca PKCS #11, selecione 'Configurações' > 'Tokens de Segurança'. + Nenhuma biblioteca PKCS #11 foi encontrada no diretório de sistema do Windows.\n\nPor favor, certifique-se de que uma biblioteca PKCS #11 para o seu token de segurança (ou smart card) está instalada (tal biblioteca pode ser fornecida com o token/card ou pode estar disponível para download no site do vendedor ou de terceiros). Se ela estiver instalada em um diretório diferente do diretório de sistema do Windows, clique em 'Selecionar Biblioteca' para localizá-la (por exemplo, na pasta onde o software do token/card está instalado). + Nenhum token de segurança foi encontrado.\n\nPor favor, certifique-se que seu token de segurança está conectado ao computador e o driver de dispositivo correto para o seu token está instalado. + Arquivo-chave do Token de Segurança não encontrado. + Um arquivo-chave de token de segurança com o mesmo nome já existe. + Você quer apagar os arquivos selecionados? + O caminho do arquivo-chave do token de segurança é inválido. + Erro no token de segurança + A senha para o token de segurança está incorreta. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + Todas as sessões abertas de tokens de segurança foram fechadas. + Selecione os Arquivos-Chave do Token de Segurança + Slot + Nome do Token + Nome do arquivo + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Erro ao analisar a linha de comando. + Disco de Emergência + Sel&ecione o Arquivo e Monte-o... + Selecione o &Dispositivo e Monte-o... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Aviso: O sistema de arquivos no volume montado como '%s' não foi limpamente desmontado, assim, pode conter erros. Usar um sistema de arquivos corrompido pode causar perda ou corrupção de dados.\n\nNota: Antes de remover fisicamente ou desligar um dispositivo (como uma unidade flash USB ou um disco rígido externo) onde reside um volume VeraCrypt montado, você deve sempre desmontar o volume no VeraCrypt primeiro.\n\n\nDeseja que o Windows tente detectar e corrigir erros (se houver) no sistema de arquivos? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Aviso: Reparar um sistema de arquivos danificado usando a ferramenta 'chkdsk' da Microsoft pode causar perda de arquivos nas áreas danificadas. Assim sendo, é recomendado que você primeiro faça backup dos arquivos armazenados no volume VeraCrypt para outro, em bom estado.\n\nDeseja reparar o sistema de arquivos agora? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + O volume '%s' foi montado como somente-leitura porque o acesso de gravação foi negado.\n\nCertifique-se de que nenhum outro aplicativo (por exemplo, um software antivírus) está acessando a partição/dispositivo em que o volume está hospedado. + O volume '%s' foi montado como somente-leitura porque o sistema operacional informa que o dispositivo principal está protegido contra gravação.\n\nNote que alguns drivers personalizados de chipset causam o falso reconhecimento de mídias graváveis como protegidas contra gravação. Este problema não é causado pelo VeraCrypt. É possível resolvê-lo atualizando ou desinstalando qualquer driver personalizado de chipset que esteja atualmente instalado em seu sistema. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Você deseja que o VeraCrypt tente desabilitar a proteção contra gravação do(a) dispositivo/partição? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Testar + Arquivo-Chave + Backspace + Tab + Clear + Enter + Pause + Caps Lock + Barra de espaço + Page Up + Page Down + End + Home + Seta para esquerda + Seta para cima + Seta para direita + Seta para baixo + Tecla Select + Tecla Print + Tecla Execute + Print Screen + Insert + Delete + Tecla Aplicações + Sleep + Num Lock + Scroll Lock + Browser Voltar + Browser Avançar + Browser Recarregar + Browser Parar + Browser Pesquisar + Browser Favoritos + Browser Home + Mudo + Volume - + Volume + + Próxima Trilha + Trilha Anterior + Parar + Tocar/Pausa + Tecla Iniciar Email + Tecla Selecionar Mídia + Aplicação 1 + Aplicação 2 + Attn + CrSel + ExSel + Play + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.ru.xml b/Translations/Language.ru.xml index 3f4aca68..51a0af76 100644 --- a/Translations/Language.ru.xml +++ b/Translations/Language.ru.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Отмена - Установить для &всех пользователей - О&бзор... - &Значок VeraCrypt на рабочем столе - Помочь... - Ассоциировать рас&ширение .hc с VeraCrypt - По окончании откр&ыть место назначения - &Добавить VeraCrypt в меню 'Пуск' - Создать то&чку восстановления системы - Уда&ление - &Извлечь - &Установить - Мастер установки VeraCrypt - Удаление VeraCrypt - &Справка - Укажите место назначения для извлекаемых файлов: - Выберите место, куда вы хотите установить программные файлы VeraCrypt.\nЕсли указанной папки не существует, она будет создана автоматически. - Нажмите 'Удаление', чтобы удалить VeraCrypt из этой системы. - Стоп - &Тест - &Проверить - Создать и отформатировать зашифрованный том - Зашифровать раздел на месте - Показ созданных ключей (их частей) - Показывать пул - Загрузить ПО для записи CD/DVD - Создать зашифрованный файловый контейнер - &ГБ - &ТБ - Подробнее - &Скрытый том VeraCrypt - Что такое 'скрытый том'? - Прямой режим - Обычный режим - &КБ - Кл&юч. файлы - Сначала пытаться смонтировать без пароля - Случайный размер ( 64 <-> 1048576 ) - Клю&ч. файлы... - О хеш-алгоритмах - Подробнее - Сведения о PIM - &МБ - Подробнее - Подробнее о шифровании системы - Подробнее - Мультизагрузка - Зашифровать несистемный раздел/диск - &Не сохранять историю - Открыть внешний том - &Пауза - Использовать P&IM - Использовать PIM - Быстрое форматир. - &Показ пароля - &Показ пароля - По&каз PIM - Одиночная загрузка - Обычный том VeraCrypt - Скр&ытый - Обычный - Зашифровать раздел или весь диск с системой - Зашифровать системный раздел Windows - Зашифровать весь диск - Мастер создания томов VeraCrypt - Кластер - ВАЖНО: Хаотично перемещайте мышь внутри этого окна (чем дольше, тем лучше) - это значительно увеличит криптостойкость ключей шифрования. Затем нажмите 'Далее' для продолжения. - &Подтвердите: - Уже - Буква диска: - Алгоритм шифрования - Файл.сист. - Создать виртуальный зашифрованный диск внутри файла. Рекомендуется неопытным пользователям. - Опции - Алгоритм хеширования - Ключ заг-ка: - Ещё - Мастер-ключ: - Выберите эту опцию, если в ПК установлено две или более ОС.\n\nНапример:\n- Windows XP и Windows XP\n- Windows XP и Windows Vista\n- Windows и Mac OS X\n- Windows и Linux\n- Windows, Linux и Mac OS X - Зашифровать раздел без ОС на внутреннем/внешнем диске (на флэшке и др.). Дополнительно - создать скрытый том. - Текущее содержимое пула (часть) - Пароль - Пароль: - PIM тома: - PIM тома: - Ход операции: - Случайн. пул: - Выберите эту опцию, если в ПК установлена только одна ОС (даже если она с несколькими пользователями). - Скорость - Статус - Ключи, соль и другие данные успешно созданы. Если вы хотите сгенерировать новые ключи, нажмите 'Назад', а затем 'Далее'. Если же нет, то нажмите 'Далее' для продолжения. - Зашифровать раздел/диск, где установлена Windows. Перед каждой загрузкой Windows нужно будет вводить пароль для доступа к ОС, считывания и записи файлов и т.д. Дополнительно - создать скрытую ОС. - Выберите эту опцию, чтобы зашифровать раздел, где установлена работающая сейчас Windows. - Метка тома в Windows: - Режим очистки: - Закрыть - Об&ход дозагрузочной аутентификации по Esc (разрешает диспетчер загрузки) - Нет действий - &Автомонтирование тома VeraCrypt (указанного) - &Запуск VeraCrypt - Автоопределение &библиотеки - К&эшировать пароль дозагрузочной аутентификации (для монтирования несистемных томов) - Обзор... - Обзор... - К&эшировать пароли и ключевые файлы - Выход, если нет смонтированных томов - Закр&ыть токен-сессию (выйти) после успешного монтирования тома - С расширителем томов VeraCrypt - С мастером создания томов VeraCrypt - Создать - С&оздать том - Пусто&й экран аутентификации (только указанный ниже текст) - Не обнаруживать атаку "Evil Maid" - Ускорять (де)шифрование AES с помощью AES-инструкций процессора (если возможно) - Ключ. файлы - Ключ. файлы - В&ыход - Об избранных томах - Н&е монтировать выбранный том, если нажата клавиша монтирования выбранных томов - Монт&ировать выбранный том при подключении устройства, на котором он расположен - Монтировать выбранный том при в&ходе в систему - Монтировать выбранный том как предназначенный &только для чтения - Монтировать выбранный том как &сменный носитель - &Ниже - &Выше - Открыть том в Пр&оводнике при успешном монтировании - &Убрать - Метка избранного как метка диска в Проводнике - Глобальные установки - Оповещение после успешного размонтирования по горячей клавише - Звук после успешного размонтирования по горячей клавише - Alt - Ctrl - Shift - Win - Назначить - Убрать - Ключ.файлы... - Не использовать это число процессоров при (де)шифровании: - Подробнее - Подробнее - Ещё настройки... - &Автомонтирование - Параметр&ы... - Монтировать как том только для &чтения - Ключ.файлы... - (пусто или 0 для итераций по умолчанию) - (пусто или 0 для итераций по умолчанию) - Включено - Кэшировать пароли в памяти драйвера - Автоматически размонтировать тома при неактивности в течение - завершении сеансов - блокировке сеанса пользователя - входе в энергосбережение - старте экранной заставки - Автоматически размонтировать тома даже при открытых файлах/папках - Монтировать все тома на устройствах - Запуск VeraCrypt в фоне - Монтировать как тома\nтолько для чтения - Монтировать тома как сменные носители - Открывать Проводник для успешно смонтированного тома - Временно кэшировать пароль при монтировании избранных томов - Другой значок в системном лотке, если есть смонтированные тома - Очищать кэш паролей при авторазмонтировании - Очищать кэш паролей при выходе - Сохранять дату изменения у файл-контейнеров - Сброс - &Устройство... - &Файл... - &Библиотека... - Показ пароля - Показ пароля - &Открыть смонтированный том в Проводнике - &Кэшировать пароль в памяти драйвера - Режим TrueCrypt - &Размонтировать все - Сво&йства тома... - О&перации с томами - О&чистить кэш - Параметры монтирования - Избранные тома VeraCrypt - Общесистемные горячие клавиши VeraCrypt - VeraCrypt - Изменение пароля или ключевых файлов - Введите пароль тома VeraCrypt - Настройки производительности VeraCrypt - Параметры VeraCrypt - Настройки шифрования системы - Настройки токена безопасности - Настройка переносного диска VeraCrypt - Свойства тома VeraCrypt - О программе... - Добавить/удалить ключевые файлы в/из том(а)... - Добавить смонтированный том в список избранных томов... - Добавить смонтированный том в список избранных системных томов... - Проанализировать сбой системы... - Создать резервную копию заголовка тома... - Тест скорости... - Установить алгоритм деривации ключа заголовка... - Изменить пароль тома... - Установить алгоритм деривации ключа заголовка... - Изменить пароль... - Очистить историю томов - Закрыть все токен-сессии - Связь с авторами... - Создать скрытую ОС... - Создать диск восстановления... - Создать новый том... - Перманентно расшифровать... - Ключевые файлы по умолчанию... - Параметры монтирования по умолчанию... - Помочь... - Зашифровать системный раздел/диск... - Часто задаваемые вопросы - Руководство пользователя - &Домашняя страница - Горячие клавиши... - Генератор ключевых файлов - Язык (language)... - Юридическая информация - Ключевые файлы токена безопасности... - Автомонтирование всех томов на основе устройств - Смонтировать избранные тома - Смонтировать &без дозагрузочной аутентификации... - Смонтировать том - Смонтировать том с параметрами - Новости - Справка в Интернете - Руководство для начинающих - Упорядочить избранные тома... - Упорядочить системные избранные тома... - Быстродействие... - Перманентно расшифровать системный раздел/диск - Параметры... - Обновить буквы дисков - Удалить из тома все ключевые файлы... - Восстановить заголовок тома... - Продолжить прерванный процесс - Выбрать устройство... - Выбрать файл... - Возобновить прерванный процесс - Шифрование системы... - Свойства... - Установки... - Системные избранные тома... - Загрузка ПО - Тест алгоритмов генерирования векторов... - Токены безопасности... - Настройка переносного диска... - Размонтировать все смонтированные тома - Размонтировать том - Проверить диск восстановления - Проверить ISO-образ диска восстановления - История версий - Расширитель томов - Свойства тома - Мастер создания томов - Сайт VeraCrypt - Очистить кэш паролей - OK - Аппаратное ускорение - Клавиша быстрого вызова - Настройка автозапуска (файл autorun.inf) - Автоматическое размонтирование - Размонтировать\nвсе тома при: - Параметры экрана загрузчика - Подтвердите: - Текущий - Показывать этот текст на экране дозагрузочной аутентификации (до 24 символов): - Параметры монтирования томов по умолчанию - Дополнительные параметры - Конфигурация драйвера - Поддержка расширенного управления дисками - Метка выбранного избранного тома: - Файловые параметры - Клавиша: - Процессор в этом ПК поддерживает аппаратное ускорение AES-операций: - Действия при входе в Windows - мин - Буква диска: - Параметры монтирования тома VeraCrypt - Новый - Пароль: - Потоковое распараллеливание - Путь к библиотеке PKCS #11 - PKCS-5 PRF: - PKCS-5 PRF: - Кэширование (запоминание) паролей - Параметры безопасности - Работа VeraCrypt в фоновом режиме - Том для монтирования (относительно корня переносного диска): - При вставке переносного диска: - Создать файлы переносного диска (корневая папка переносного диска) в: - Том - Окна - &Путь... - &Автотест всех - Да&лее - &Дешифрация - &Удалить - &Шифрация - &Экспорт... - Создать и сохранить файл... - Случа&йный ключевой файл... - Загрузить языковые модули с сайта - Аппаратное ускорение AES: - &Импорт кл.файла в токен... - &Файлы... - Клю&чевые файлы - К&люч.файлы... - &Удалить - Удалить &все - Что такое 'Защита скрытых томов'? - Что такое 'ключевой файл'? - Монтировать том как &сменный носитель - Монтировать раздел с шифрованием ОС &без дозагр. аутентификации - Потоки: - Тест - Пе&чать - З&ащитить скрытый том от повреждения при записи во внешний том - &Сброс - Пока&з пароля - &Токен-файлы... - По возможности применять копию заголовка, встроенну&ю в том - XTS-режим - О программе VeraCrypt - Тест скорости алгоритмов шифрования VeraCrypt - Тест генерирования векторов VeraCrypt - Справка по командной строке - Ключевые файлы VeraCrypt - Генератор ключевых файлов VeraCrypt - Язык интерфейса VeraCrypt - Параметры монтирования VeraCrypt - Свойства ключевого файла нового токена безопасности - Обогащение случайного пула VeraCrypt - Выберите раздел или устройство - VeraCrypt - Ключевые файлы токена безопасности - Токен безопасности: требуется пароль/PIN - Сведения о выбранном языковом модуле - На скорость влияют загрузка ЦП и характеристики устройств хранения данных.\n\nЭти тесты выполняются в ОЗУ. - Буфер: - Шифр: - Пароль с&крытого тома:\n(если пусто, то из кэша) - Защита скрытого тома - Длина ключа: - ВАЖНО: Хаотично перемещайте мышь внутри этого окна (чем дольше, тем лучше) - это значительно увеличит криптостойкость ключевого файла. - !!! При утере ключевого файла или повреждении его первых 1024 килобайт монтирование использующих этот файл томов невозможно! - бит - Число ключевых файлов: - Размер ключевых файлов (в Байтах): - Имя ключевых файлов: - Автор перевода: - Размер: - бит - Текущее содержимое пула - Микшер повтора: - ВАЖНО: Хаотично перемещайте мышь внутри этого окна (чем дольше, тем лучше) - это значительно увеличит криптостойкость. Затем нажмите 'Далее'. - Вторичный ключ (16-ричное) - Токен: - Сортировка: - Этот процесс может быть долгим, подождите... - Подождите...\nПроцесс может оказаться длительным,\nпри этом VeraCrypt перестанет реагировать на запросы. - Число блоков: - Зашифрованный текст (16-ричное) - Число единиц с данными (64-бит 16-ричное, размер единицы с данными - 512 байт) - Ключ (16-ричное) - Незашифрованный текст (16-ричное) - Ключевой файл: - XTS-режим - &Система - &Тома - И&збранное - Серв&ис - Настрой&ки - Спра&вка - Ве&б-страница - - &О программе... - Невозможно снять атрибут 'только чтение' со старого тома. Проверьте, разрешён ли доступ к файлу. - Ошибка! Нет доступа.\n\nРаздел, к которому вы пытаетесь получить доступ, имеет длину 0 секторов, либо это загрузочное устройство. - Администратор - Для загрузки драйвера VeraCrypt нужно войти в систему с правами администратора. - Для шифрования/дешифрования/форматирования раздела/устройства нужно войти в систему с правами администратора.\n\nК томам на основе файлов это не относится. - Чтобы создать скрытый том, нужно войти в систему с правами администратора.\n\nПродолжить? - Чтобы форматировать тома как NTFS, нужно войти в систему с правами администратора.\n\nБез привилегий администратора можно форматировать тома только как FAT. - Утверждённый FIPS (США) алгоритм шифрования (Rijndael, опубликован в 1998 г.), разрешён к применению в федеральных структурах США для защиты важнейшей информации. 256-бит ключ, 128-бит блок, 14 раундов (AES-256). Режим работы: XTS. - Том уже смонтирован. - ОСТОРОЖНО: По крайней мере один алгоритм шифрования или хеширования не прошёл автоматическое самотестирование.\n\nВозможно, повреждена установка VeraCrypt. - ОСТОРОЖНО: В пуле генератора случайных чисел недостаточно данных для предоставления нужного объёма случайной информации.\n\nПродолжать дальше не следует. Выберите в меню 'Справка' пункт 'Сообщить об ошибке' и известите авторов. - Повреждён диск (на нём физический дефект) или кабель, либо сбоит память компьютера.\n\nЭто проблема аппаратной части вашего ПК, а не VeraCrypt. Пожалуйста, НЕ сообщайте нам о ней как об ошибке/проблеме в работе VeraCrypt и НЕ просите о помощи в форумах VeraCrypt. Обратитесь за консультацией к изготовителю своего компьютера. Спасибо.\n\nПримечание: если ошибка происходит регулярно в одном и том же месте, наиболее вероятная причина - в повреждённом блоке на диске, который можно попытаться исправить с помощью стороннего ПО (учтите, что во многих случаях команда 'chkdsk /r' бесполезна, так как она работает лишь на уровне файловой системы; иногда chkdsk не может даже обнаружить наличие ошибки). - Если вы обращаетесь к накопителю на сменных носителях, удостоверьтесь, что в накопителе есть носитель. Также возможно повреждение накопителя/носителя (физический дефект) или повреждение/отключение кабеля. - Драйверы аппаратуры в вашей системе содержат ошибку, препятствующую шифрованию всего системного диска.\n\nПопробуйте обновить или удалить сторонние драйверы чипсета (НМС). Если это не поможет, попробуйте зашифровать только системный раздел. - Неверная буква диска. - Неверный путь. - Отмена - Нет доступа к устройству. Проверьте, имеется ли выбранное устройство и не занято ли оно. - Внимание! Нажата клавиша Caps Lock. Это может привести к неправильному вводу пароля. - Тип тома - Может так случиться, что кто-то вынудит вас сообщить пароль от зашифрованного тома. В ряде ситуаций вы просто не сможете отказаться выдать пароль (например при вымогательстве). В подобных случаях поможет так называемый 'скрытый том', позволяющий не выдавать пароля к действительно ценным данным. - Выберите эту опцию, чтобы создать обычный том VeraCrypt. - Внимание! Если вы хотите, чтобы операционная система была установлена на скрытом томе на основе раздела, то весь системный диск нельзя зашифровать с помощью лишь одного ключа. - Шифрование внешнего тома - Шифрование скрытого тома - Настройки шифрования - ВНИМАНИЕ: Ошибка очистки пути к последнему выбранному тому/ключевому файлу (запомненному селектором файлов). - ОШИБКА: Контейнер был сжат на уровне файловой системы. VeraCrypt не поддерживает сжатые контейнеры (сжатие зашифрованных данных неэффективно и избыточно).\n\nОтключите сжатие контейнера, выполнив следующие шаги: 1) Щёлкните правой кнопкой мыши в Проводнике Windows (не в VeraCrypt). 2) Выберите пункт 'Свойства'. 3) В окне 'Свойства' нажмите кнопку 'Дополнительно'. 4) В окне 'Дополнительные атрибуты' выключите параметр 'Сжимать содержимое для экономии места на диске' и нажмите OK. 5) Нажмите OK в окне 'Свойства'. - Ошибка создания тома %s - Размер %s - %.2f байт - Размер %s - %.2f КБ - Размер %s - %.2f МБ - Размер %s - %.2f ГБ - Размер %s - %.2f ТБ - Размер %s - %.2f ПБ - ВНИМАНИЕ: Устройство/раздел используется операционной системой или приложениями. Форматирование устройства/раздела может привести к потере данных или нестабильности системы.\n\nПродолжить? - ВНИМАНИЕ: Устройство/раздел используется операционной системой или приложениями. Следует закрыть все программы, которые могут использовать раздел (включая антивирусное ПО).\n\nПродолжить? - ОШИБКА: Устройство/раздел содержит файловую систему, которая не может быть размонтирована. Эта файловая система может использоваться операционной системой. Форматирование устройства/раздела вероятнее всего приведёт к повреждению данных и нестабильности системы.\n\nДля решения этой проблемы мы рекомендуем сначала удалить этот раздел, после чего вновь создать его без форматирования. Вот как это сделать: 1) Щёлкните правой кнопкой мыши по значку 'Компьютер' (или 'Мой компьютер') в меню 'Пуск' и выберите пункт 'Управление'. Должно появиться окно 'Управление компьютером'. 2) В окне 'Управление компьютером' выберите 'Запоминающие устройства' > 'Управление дисками'. 3) Щёлкните правой кнопкой мыши по разделу, который вы хотите зашифровать, и выберите либо 'Удалить раздел', либо 'Удалить том', либо 'Удалить логический диск'. 4) Нажмите 'Да'. Если Windows попросит перезагрузить компьютер, сделайте это. Затем повторите шаги 1 и 2 и перейдите к шагу 5. 5) Щёлкните правой кнопкой на участке с пустым местом (оно должно содержать надпись 'Не распределено') и выберите 'Основной раздел', 'Дополнительный раздел' или 'Логический диск'. 6) Должно появиться окно мастера создания разделов или томов; следуйте его инструкциям. В окне мастера на странице 'Форматирование раздела' выберите либо 'Не форматировать этот раздел', либо 'Не форматировать этот том'. В том же окне мастера нажмите кнопку 'Далее' и затем 'Готово'. 7) Учтите, что выбранный вами в VeraCrypt путь к устройству может быть теперь неверным. Поэтому завершите работу мастера создания томов VeraCrypt (если он всё ещё выполняется) и запустите его снова. 8) Попробуйте снова зашифровать устройство/раздел в VeraCrypt.\n\nЕсли VeraCrypt по-прежнему откажется шифровать устройство/раздел, скорректируйте свои планы и создайте вместо этого файловый контейнер. - ОШИБКА: Не удалось заблокировать и/или размонтировать файловую систему. Вероятно, она используется ОС или приложениями (например антивирусным ПО). Шифрование этого раздела может повлечь повреждение данных и нестабильность системы.\n\nЗакройте все приложения, которые могут обращаться к файловой системе (включая антивирусное ПО) и повторите попытку. Если это не поможет, следуйте указанным ниже инструкциям. - ВНИМАНИЕ: Некоторые смонтированные устройства/разделы уже используются.\n\nИгнорирование этого может привести к нежелательным последствиям, включая нестабильность системы.\n\nНастоятельно рекомендуется закрыть все программы, использующие эти устройства/разделы. - Выбранное устройство содержит разделы.\n\nФорматирование этого устройства может привести к нестабильности системы и/или повреждению данных. Либо выберите раздел на этом устройстве, либо удалите все разделы на нём, чтобы дать возможность VeraCrypt безопасно его отформатировать. - Выбранное несистемное устройство содержит разделы.\n\nЗашифрованные тома VeraCrypt на основе устройств можно создавать только на дисках, не содержащих разделов (включая жёсткие и твердотельные диски). Устройство с разделами можно зашифровать целиком на месте (с помощью одного мастер-ключа), только если это диск, где установлена Windows и с которого она загружается.\n\nЕсли вы хотите зашифровать выбранное несистемное устройство с помощью одного мастер-ключа, сначала потребуется удалить все разделы на этом устройстве, чтобы VeraCrypt смог его безопасно отформатировать (форматирование устройства с разделами может повлечь нестабильность системы и/или повреждение данных). Другой вариант - зашифровать отдельно каждый раздел на диске (используя индивидуальные мастер-ключи).\n\nПримечание: чтобы удалить все разделы с диска GPT, его нужно преобразовать в диск MBR (например с помощью инструмента 'Управление дисками') для удаления скрытых разделов. - ВНИМАНИЕ: При шифровании всего устройства (а не только одного раздела на нём) ОС будет считать его новым, пустым и неформатированным (не содержащим таблицы разделов) и может самопроизвольно инициализировать это устройство (или спрашивать у вас на то разрешение), что способно повредить том. Более того, будет невозможно ни монтировать этот том как избранный (например при изменениях числа дисков), ни присваивать ему метку избранного тома.\n\nЧтобы этого избежать, вы можете создать раздел на устройстве и зашифровать только этот раздел.\n\nВы действительно хотите зашифровать всё устройство? - ВАЖНО: Учтите, что этот том НЕЛЬЗЯ смонтировать и получить к нему доступ по букве диска %c:, которая сейчас ему назначена!\n\nЧтобы смонтировать этот том, нажмите 'Автомонтирование' в главном окне VeraCrypt (или нажмите кнопку 'Устройство', выберите этот раздел/диск и нажмите 'Смонтировать'). Том будет смонтирован на другую букву диска, выбираемую из списка в главном окне VeraCrypt.\n\nИсходную букву диска %c: следует применять только когда нужно удалить шифрование с раздела/устройства (например если шифрование больше не требуется). В этом случае щёлкните правой кнопкой мыши по диску %c: в окне 'Компьютер' (или 'Мой компьютер') и выберите пункт 'Форматировать'. Во всех иных ситуациях букву диска %c: использовать не следует (если только вы не удалили её, как это описано, например, в FAQ VeraCrypt, и не присвоили затем другому разделу/устройству). - В используемой вами ОС шифрование несистемных томов 'на месте' не поддерживается (для этого требуется Windows Vista или более новая версия Windows).\n\nПричина: эта версия Windows не допускает сжатие файловой системы (что требуется для высвобождения места под заголовок тома и его резервную копию). - Выбранный раздел не содержит файловой системы NTFS. Для шифрования 'на месте' подходят только разделы с NTFS.\n\nПричина: Windows не поддерживает сжатие файловых систем других типов (что требуется для высвобождения места под заголовок тома и его резервную копию). - Выбранный раздел не содержит файловой системы NTFS. Для шифрования 'на месте' подходят только разделы с NTFS.\n\nЕсли вы хотите создать зашифрованный том VeraCrypt внутри этого раздела, выберите "Создать и отформатировать зашифрованный том" (а не "Зашифровать раздел на месте"). - ОШИБКА: Раздел слишком мал. VeraCrypt не может зашифровать его 'на месте'. - Чтобы зашифровать данные на этом разделе, сделайте следующее:\n\n1) Создайте том VeraCrypt на пустом разделе/устройстве и смонтируйте его.\n\n2) Скопируйте все файлы с раздела, который вы хотите зашифровать, на смонтированный том VeraCrypt (созданный на этапе 1). Так вы создадите зашифрованную резервную копию данных.\n\n3) Создайте том VeraCrypt на разделе, который хотите зашифровать, и убедитесь (в мастере VeraCrypt), что выбрали опцию "Создать зашифрованный том и отформатировать его" (а не опцию "Зашифровать раздел на месте"). Учтите, что все данные на этом разделе будут удалены. Создав том, смонтируйте его.\n\n4) Скопируйте все файлы со смонтированного тома VeraCrypt с копией данных (созданного на этапе 1) на смонтированный том VeraCrypt, созданный на этапе 3.\n\nПо окончании этих операций данные будут зашифрованы, плюс с них будет сделана зашифрованная резервная копия. - Шифрование 'на месте' возможно только для раздела, динамического тома или всего системного диска.\n\nЕсли вы хотите создать зашифрованный том VeraCrypt на выбранном несистемном устройстве, выберите опцию "Создать зашифрованный том и отформатировать его" (а не опцию "Зашифровать раздел на месте"). - ОШИБКА: Шифрование 'на месте' возможно только для раздела, динамического тома или всего системного диска. Убедитесь в правильности указанного пути. - ОШИБКА: Невозможно уменьшить файловую систему (это необходимо для высвобождения места под заголовок тома и резервную копию заголовка).\n\nВозможные причины и решения:\n\n- Недостаточно свободного места на томе. Проверьте, чтобы никакие другие программы не выполняли запись в файловую систему.\n\n- Повреждена файловая система. Попробуйте исправить её (щёлкните ПКМ на букве соответствующего диска в окне '(Мой) Компьютер', выберите 'Свойства' > 'Сервис' > 'Выполнить проверку', включите опцию 'Автоматически исправлять системные ошибки' и нажмите 'Запуск').\n\nЕсли ничего не помогает, следуйте рекомендациям ниже. - ОШИБКА: Недостаточно свободного места на томе, невозможно уменьшить файловую систему (это необходимо для высвобождения места под заголовок тома и резервную копию заголовка).\n\nУдалите ненужные файлы и очистите Корзину, высвободив хотя бы 256 КБ, после чего повторите попытку. Из-за особенностей Windows, объём сообщаемого Проводником свободного места может быть неверным до перезагрузки ОС. Если перезагрузка не помогает, возможно, повреждена файловая система. Попробуйте исправить её (щёлкните ПКМ на букве соответствующего диска в окне '(Мой) Компьютер', выберите 'Свойства' > 'Сервис' > 'Выполнить проверку', включите опцию 'Автоматически исправлять системные ошибки' и нажмите 'Запуск').\n\nЕсли ничего не помогает, следуйте рекомендациям ниже. - На диске %s свободно %.2f байт - На диске %s свободно %.2f КБ - На диске %s свободно %.2f МБ - На диске %s свободно %.2f ГБ - На диске %s свободно %.2f ТБ - На диске %s свободно %.2f ПБ - Невозможно получить доступные буквы дисков. - ОШИБКА: Не найден драйвер VeraCrypt.\n\nСкопируйте файлы 'veracrypt.sys' и 'veracrypt-x64.sys' в папку, где находится программа VeraCrypt (файл VeraCrypt.exe). - ОШИБКА: Запущен драйвер VeraCrypt несовместимой версии.\n\nЕсли вы пытаетесь запустить VeraCrypt в переносном режиме (т.е. без установки в систему), и в это время работает другая версия VeraCrypt, сначала удалите её (или обновите с помощью установщика VeraCrypt). Чтобы удалить VeraCrypt, проделайте следующее: в Windows Vista и новее выберите меню 'Пуск' > 'Компьютер' > 'Удалить или изменить программу' > VeraCrypt > Удалить; в Windows XP выберите меню 'Пуск' > 'Настройка' > 'Панель управления' > 'Установка и удаление программ' > VeraCrypt > Удалить.\n\nАналогично, если вы пытаетесь запустить VeraCrypt в переносном режиме (т.е. без установки в систему), и в это время в переносном режиме уже выполняется другая версия VeraCrypt, сначала нужно перезагрузить систему, и лишь затем запустить эту новую версию. - Ошибка инициализации шифра. - Ошибка: слабый или потенциально слабый ключ! Этот ключ не принят. Повторите попытку. - Произошла критическая ошибка, работа VeraCrypt прервана. Если это следствие ошибки в VeraCrypt, мы бы хотели её исправить. Чтобы помочь нам в этом, отправьте автоматически созданный отчёт об ошибках со следующими данными:\n\n- Версия программы\n- Версия операционной системы\n- Тип ЦП\n- Имя компонента VeraCrypt\n- Контрольная сумма исполняемого файла VeraCrypt\n- Символическое имя диалогового окна\n- Категория ошибки\n- Адрес ошибки\n- Стековый вызов VeraCrypt\n\nПри выборе 'Да' в вашем браузере будет открыт следующий URL-адрес с полным отчётом об ошибке.\n\n%hs\n\nОтправить отчёт об ошибке? - Критическая ошибка в системе, работа VeraCrypt будет прервана.\n\nЭта ошибка произошла не по вине VeraCrypt (поэтому разработчики VeraCrypt не могут её исправить). Проверьте свою систему на предмет возможных проблем (например системную конфигурацию, подключение к сети, сбои аппаратуры). - Критическая ошибка в системе, работа VeraCrypt будет прервана.\n\nЕсли эта проблема возникает регулярно, попробуйте отключить или удалить приложения, которые могут быть как-то с ней связаны, например антивирусное ПО, системные "улучшатели", "оптимизаторы", "твикеры" и т.п. Если это не поможет, попробуйте переустановить ОС (данная проблема также может быть вызвана вредительским ПО). - Критическая ошибка VeraCrypt - По сведениям VeraCrypt, операционная система недавно потерпела сбой. Потенциальных причин этому множество (например отказ аппаратуры, ошибка в драйвере устройства и т.д.)\n\nХотите проверить, был ли вызван системный сбой ошибкой в VeraCrypt? - Хотите, чтобы VeraCrypt и дальше отслеживал системные сбои? - VeraCrypt не удалось обнаружить файл с мини-дампом системных сбоев. - Вы хотите удалить дамп-файл Windows с данными о сбое, чтобы высвободить место на диске? - Чтобы проанализировать системный сбой, VeraCrypt сначала нужно\nустановить Microsoft Debugging Tools для Windows.\n\nПосле нажатия OK начнётся загрузка и установка пакета\nMicrosoft Debugging Tools (16 МБ) с сервера Microsoft\n(программа установки Windows перенаправит вас на сервер\nMicrosoft с сервера veracrypt.org, тем самым гарантируя успех операции,\nдаже если Microsoft изменит местоположение пакета установки). - После нажатия OK начнётся анализ системного сбоя. Эта операция может занять несколько минут. - Убедитесь, что в переменной окружения 'PATH' указан путь к файлу отладчика ядра 'kd.exe' (Kernel Debugger). - Судя по всему, причина системного сбоя НЕ в VeraCrypt. Потенциальных причин сбоя системы множество (например отказ аппаратуры, ошибка в драйвере устройства и т.д.) - Как показал анализ, данную проблему может решить обновление следующего драйвера: - Чтобы помочь определить, имеется ли ошибка в VeraCrypt, отправьте нам автоматически созданный отчёт об ошибках, содержащий следующие данные:\n- Версия программы\n- Версия операционной системы\n- Тип ЦП\n- Категория ошибки\n- Название и версия драйвера\n- Стек системных вызовов\n\nПри выборе 'Да' в вашем интернет-браузере будет открыт следующий URL-адрес (с полным отчётом об ошибках). - Хотите отправить нам этот отчёт об ошибках? - &Шифрация - &Дешифрация - Расшифровать п&ерманентно - Выход - Создайте логический диск для этого расширенного раздела и повторите попытку. - Том VeraCrypt может находиться в файле (в 'контейнере' VeraCrypt) на жёстком диске, флэш-накопителе USB и т.п. Контейнер VeraCrypt ничем не отличается от любого другого обычного файла (например, его можно перемещать или удалять как и прочие файлы). Нажмите кнопку 'Файл', чтобы указать имя и путь к создаваемому файлу-контейнеру для хранения нового тома.\n\nВНИМАНИЕ: Если вы выберете уже имеющийся файл, VeraCrypt НЕ зашифрует его; этот файл будет удалён и заменён вновь созданным контейнером VeraCrypt. Вы сможете зашифровать имеющиеся файлы (впоследствии), переместив их в создаваемый сейчас контейнер VeraCrypt. - Выберите размещение для создаваемого внешнего тома (внутри этого тома затем будет создан скрытый том).\n\nТом VeraCrypt может находиться в файле ('контейнере' VeraCrypt) на жёстком диске, флэш-накопителе USB и т.п. Контейнер VeraCrypt можно перемещать или удалять как любой обычный файл. Нажмите кнопку 'Файл', чтобы указать имя и путь к создаваемому файлу-контейнеру для хранения нового тома. Если вы выберете уже имеющийся файл, VeraCrypt НЕ зашифрует его; этот файл будет удалён и заменён вновь созданным контейнером VeraCrypt. Вы сможете зашифровать имеющиеся файлы (впоследствии), переместив их в создаваемый сейчас контейнер VeraCrypt. - Зашифрованный том VeraCrypt на основе устройства можно создавать внутри раздела жёсткого диска, на твердотельном диске, флэш-накопителе USB и других устройствах хранения данных. Разделы также можно шифровать на месте.\n\nКроме того, зашифрованные тома VeraCrypt на основе устройств можно создавать внутри устройств, не содержащих разделов (включая жёсткие диски и твердотельные накопители).\n\nПримечание: устройство, содержащее разделы, можно зашифровать целиком на месте (используя один ключ), только если с него загружается Windows. - Том VeraCrypt на основе устройства можно создавать внутри раздела жёсткого диска, на твердотельном диске, флэш-накопителе USB и других устройствах хранения данных.\n\nВНИМАНИЕ: Раздел/диск будет отформатирован, а все имеющиеся на нём данные - уничтожены. - \nВыберите размещение для создаваемого внешнего тома (внутри этого тома затем будет создан скрытый том).\n\nВнешние тома можно создавать внутри разделов жёстких дисков, на твердотельных дисках, флэш-накопителях USB и других устройствах хранения данных. Внешние тома также можно создавать внутри устройств, не содержащих разделов (включая жёсткие диски и твердотельные накопители).\n\nВНИМАНИЕ: Раздел/диск будет отформатирован, а все имеющиеся на нём данные - уничтожены. - Выберите размещение тома VeraCrypt, внутри которого вы хотите создать скрытый том. - ВНИМАНИЕ: Хост-файл/устройство уже используется.\n\nИгнорирование этого может привести к нежелательным последствиям, включая нестабильность системы. Перед монтированием тома следует закрыть все программы, обращающиеся к этому хост-файлу/устройству (например антивирусные или backup-приложения).\n\nПродолжить монтирование? - Ошибка! Невозможно смонтировать том. Хост-файл/устройство уже используется. Попытка монтирования без исключительного доступа также потерпела неудачу. - Невозможно открыть файл. - Размещение тома - Большие файлы - Собираетесь ли вы хранить в этом томе VeraCrypt файлы размером более 4 ГБ? - В зависимости от вашего ответа VeraCrypt выберет для тома подходящую файловую систему (выбор файловой системы будет вам предложен на следующем этапе). - Так как вы создаёте внешний том, следует ответить 'Нет'. Иначе ФС по умолчанию будет NTFS, что для внешних томов хуже, чем FAT (так, максимально возможный размер скрытого тома будет существенно больше, если внешний том - FAT). Обычно FAT это ФС по умолчанию как для скрытых, так и для обычных томов (тома FAT не вызывают подозрений). Однако если нужно хранить файлы размером более 4 ГБ (что в FAT недопустимо), то FAT не будет ФС по умолчанию. - Вы действительно хотите ответить 'Да'? - Режим создания тома - Это самый быстрый способ создания тома VeraCrypt на основе раздела или устройства (шифрование на месте медленнее, так как содержимое каждого сектора сначала считывается, шифруется и затем записывается). Все данные на выбранном разделе/устройстве будут уничтожены (эти данные НЕ шифруются; они перезаписываются случайными данными). Если вам нужно зашифровать данные, имеющиеся в разделе, выберите другой вариант. - Весь выбранный раздел со всеми имеющимися в нём данными будет зашифрован на месте. Если раздел пуст, вам следует выбрать другой вариант (создание тома протекает гораздо быстрее). - Примечание: - Возо&бновить - О&тложить - &Старт - Продол&жить - &Разметить - &Затереть - Прервать форматирование? - Подробнее - Больше не показывать - Содержимое раздела/устройства успешно удалено (затёрто). - Содержимое раздела с исходной системой (клоном которой является скрытая система) успешно удалено (затёрто). - Удостоверьтесь, что Windows, которую вы хотите установить (на очищенный раздел) имеет ту же версию, что и выполняемая сейчас Windows. Это необходимо потому, что обе ОС будут использовать общий загрузочный раздел. - Системный раздел/диск успешно зашифрован.\n\nПримечание: если у вас есть несистемные тома VeraCrypt, которые должны автоматически монтироваться при каждой загрузке Windows, монтирование каждого из них можно настроить, выбрав 'Избранное' > 'Добавить смонтированный том в список избранных системных томов'). - Системный раздел/диск успешно дешифрован. - \n\nТом VeraCrypt создан и готов к использованию.\n\nЕсли вы хотите создать ещё один том VeraCrypt, нажмите кнопку 'Далее'. Иначе нажмите 'Выход'. - \n\nСкрытый том VeraCrypt успешно создан (внутри него будет находиться скрытая операционная система).\n\nНажмите 'Далее' для продолжения. - Том полностью зашифрован - Том полностью расшифрован - ВАЖНО: ДЛЯ МОНТИРОВАНИЯ ЭТОГО ТОМА VERACRYPT И ДОСТУПА К СОДЕРЖАЩИМСЯ В НЁМ ДАННЫМ НАЖМИТЕ 'Автомонтирование' В ГЛАВНОМ ОКНЕ VERACRYPT. После ввода правильного пароля (и/или ключевых файлов) том будет смонтирован на букву диска, выбранную вами в главном окне VeraCrypt (доступ к зашифрованным данным будет по этой букве диска).\n\nЗАПОМНИТЕ ИЛИ ЗАПИШИТЕ ЭТАПЫ ВЫШЕ. ВЫ ДОЛЖНЫ ИМ СЛЕДОВАТЬ ДЛЯ МОНТИРОВАНИЯ ТОМА И ДОСТУПА К ЕГО ДАННЫМ. Другой способ: нажмите кнопку 'Устройство' в главном окне VeraCrypt, выберите этот раздел/том и нажмите 'Смонтировать'.\n\nРаздел/том успешно зашифрован (сейчас он содержит полностью зашифрованный том VeraCrypt) и готов к использованию. - Том VeraCrypt успешно расшифрован. - Том VeraCrypt успешно расшифрован.\n\nВыберите букву диска, которая будет присвоена расшифрованному тому, и нажмите 'Готово'.\n\nВАЖНО: Пока тому не будет присвоена буква, у вас не будет доступа к хранящимся в нём данным. - ВНИМАНИЕ: Чтобы получить доступ к данным, расшифрованному тому нужно присвоить букву диска. Однако сейчас незанятых букв нет.\n\nОсвободите какую-либо букву диска (например отсоедините USB-накопитель или внешний жёсткий диск и т.п.) и нажмите OK. - Том VeraCrypt успешно создан. - Том создан - ВАЖНО: Хаотично перемещайте мышь внутри этого окна (чем дольше, тем лучше) - это значительно увеличит криптостойкость ключей шифрования.\nЗатем нажмите 'Разметить', чтобы создать том. - Нажмите 'Разметить', чтобы создать внешний том. Подробности см. в документации. - Форматирование внешнего тома - Форматирование скрытого тома - Форматирование тома - Для просмотра или печати Руководства пользователя требуется программа Adobe Reader (или совместимая с ней). Adobe Reader можно загрузить (бесплатно) с сайта www.adobe.com\n\nХотите вместо этого просмотреть онлайн-документацию? - Если выбрать эту опцию, мастер сначала поможет вам создать обычный том VeraCrypt, а затем внутри него - скрытый том. Этот вариант предназначен для пользователей-новичков. - Выберите эту опцию, чтобы создать скрытый том внутри уже имеющегося тома VeraCrypt (т.е. у вас уже должен быть ранее созданный том VeraCrypt, пригодный для хранения скрытого тома). - Режим создания тома - Скрытый том создан - Скрытый том VeraCrypt создан и готов к использованию. Если были соблюдены все инструкции и предприняты меры предосторожности, перечисленные в разделе "Требования и меры предосторожности, касающиеся скрытых томов" в Руководстве пользователя VeraCrypt, узнать наверняка, имеется ли скрытый том, станет вряд ли возможно даже при смонтированном внешнем томе.\n\nВНИМАНИЕ: ЕСЛИ ВЫ НЕ ЗАЩИТИЛИ СКРЫТЫЙ ТОМ (О ТОМ, КАК ЭТО СДЕЛАТЬ, СМ. РАЗДЕЛ "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" ("ЗАЩИТА СКРЫТЫХ ТОМОВ ОТ ПОВРЕЖДЕНИЙ") В РУКОВОДСТВЕ ПОЛЬЗОВАТЕЛЯ VERACRYPT), НИЧЕГО НЕ ЗАПИСЫВАЙТЕ ВО ВНЕШНИЙ ТОМ, ИНАЧЕ ВЫ МОЖЕТЕ ПЕРЕЗАПИСАТЬ И ПОВРЕДИТЬ СКРЫТЫЙ ТОМ! - Вы запустили скрытую операционную систему. Скрытая ОС выглядит так, как будто она установлена на том же разделе, что и исходная ОС. Однако на самом деле эта ОС установлена в разделе, следующем за ним (в скрытом томе). Все операции чтения и записи прозрачно перенаправляются из системного раздела в скрытый том.\n\nНи ОС, ни приложения не будут знать, что данные, записываемые и считываемые в системном разделе, в действительности записываются и считываются в разделе позади него (в скрытом томе). Любые такие данные шифруются и расшифровываются на лету как обычно (с ключом шифрования, отличным от ключа для обманной ОС).\n\n\nНажмите 'Далее' для продолжения. - Внешний том создан и смонтирован как диск %hc:. Скопируйте в этот том какие-нибудь осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ нужно. Они понадобятся для демонстрации, если вас вынудят сообщить пароль от раздела, следующего за системным, где будут расположены внешний том и скрытый том (со скрытой ОС). Вы сможете открыть пароль от этого внешнего тома, а существование скрытого тома (и скрытой ОС) останется в тайне.\n\nВАЖНО: Файлы, копируемые во внешний том, не должны занимать больше, чем %s. В противном случае на внешнем томе может оказаться недостаточно свободного места для скрытого тома (и вы не сможете продолжить). Когда закончите копирование, нажмите 'Далее' (не размонтируйте том). - Внешний том успешно создан и смонтирован как диск %hc:. В этот том сейчас следует скопировать какие-нибудь осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ нужно, чтобы ввести в заблуждение неприятеля, если он вынудит вас сообщить пароль. В этом случае вы скажете только пароль для этого внешнего тома, но не для скрытого. Действительно ценные для вас файлы будут храниться в скрытом томе, создаваемом позже. Когда закончите копировать файлы, нажмите 'Далее'. Не размонтируйте этот том. ПРИМЕЧАНИЕ: Нажатие 'Далее' запустит сканирование карты кластеров внешнего тома для выяснения размера непрерывной свободной области, конец которой станет концом тома. Этот участок будет приспособлен под скрытый том, т.е. именно им определяется его максимально возможный размер. Сканирование карты кластеров гарантирует, что никакие данные во внешнем томе не будут перезаписаны скрытым томом. - Содержимое внешнего тома - \n\nНа следующих экранах мастера установите параметры для внешнего тома (внутри которого затем будет создан скрытый том). - \n\nНа следующих этапах вы создадите так называемый внешний том VeraCrypt внутри первого раздела за системным разделом (как это было объяснено на одном из предыдущих этапов). - Внешний том - На следующих этапах потребуется установить параметры и пароль для скрытого тома, который будет содержать скрытую ОС. Примечание: для определения размера непрерывной незанятой области, окончание которой будет выровнено по концу внешнего тома, выполняется сканирование его карты кластеров. Эта область будет подогнана для скрытого тома, чтобы его границы не превышали максимально возможный размер. Максимально возможный размер скрытого тома определён и он гарантированно больше, чем у системного раздела (это необходимо, поскольку всё содержимое системного раздела должно быть скопировано в скрытый том). Т.е. никакие данные, находящиеся в данный момент во внешнем томе, не будут перезаписаны данными, записанными в область скрытого тома. - ВАЖНО: Запомните алгоритмы, которые вы сейчас выбираете. Вам потребуется выбрать те же алгоритмы для обманной ОС. В противном случае скрытая система будет недоступна! (Обманная система должна быть зашифрована тем же алгоритмом, что и скрытая.)\n\nПримечание: причина в том, что обманная и скрытая системы используют один и тот же загрузчик, поддерживающий лишь алгоритм, выбранный пользователем (для каждого алгоритма имеется своя версия загрузчика VeraCrypt). - \n\nКарта кластеров тома просмотрена, максимально возможный размер скрытого тома определён. На следующих экранах мастера вам нужно будет выбрать параметры, размер и пароль для скрытого тома. - Скрытый том - Теперь скрытый том защищён от повреждений до размонтирования внешнего тома.\n\nВНИМАНИЕ: При попытке записи данных в область скрытого тома, VeraCrypt запретит запись на весь том (внешний и скрытый) до его размонтирования, так как это может повредить файловую систему внешнего тома, что, в свою очередь, негативно отразится на правдоподобности отрицания наличия скрытого тома. Поэтому вам следует всячески препятствовать записи в область, где находится скрытый том. Любые данные, записываемые в область, занимаемую скрытым томом, будут ПОТЕРЯНЫ. Windows может сообщать об этом как об ошибке отложенной записи или неверном параметре. - Все скрытые тома в заново смонтированных томах защищены от повреждений до размонтирования.\n\nВНИМАНИЕ: При попытке записи данных в область скрытого тома, VeraCrypt запретит запись на весь том (внешний и скрытый) до его размонтирования, так как это может повредить файловую систему внешнего тома, что, в свою очередь, негативно отразится на правдоподобности отрицания наличия скрытого тома. Поэтому вам следует всячески препятствовать записи в область, где находится скрытый том. Любые данные, записываемые в область, занимаемую скрытым томом, будут ПОТЕРЯНЫ. Windows может сообщать об этом как об ошибке отложенной записи или неверном параметре. - ВНИМАНИЕ: Попытка записи данных в область скрытого тома в томе, смонтированном как %c:! Для защиты скрытого тома запись этих данных была запрещена. Это могло бы повредить файловую систему внешнего тома, Windows может сообщать об ошибке отложенной записи или неверном параметре. Запись на весь том (внешнюю и скрытую части) запрещена до его размонтирования. Если VeraCrypt не в первый раз препятствует записи в область скрытого тома в данном томе, это может неблагоприятно сказаться на правдоподобности отрицания наличия скрытого тома (из-за возможных странных несоответствий в файловой системе внешнего тома). Поэтому имеет смысл создать новый том VeraCrypt (с выключенным быстрым форматированием) и перенести файлы из этого тома во вновь созданный; этот том следует затем надёжно затереть (его внешнюю и внутреннюю части). Сейчас настоятельно рекомендуется перезагрузить операционную систему. - Вы намерены хранить в томе файлы размером более 4 ГБ. Такой том должен быть отформатирован в NTFS, что, однако, невозможно. - Примите к сведению, что когда выполняется скрытая операционная система, не скрытые тома VeraCrypt форматировать в NTFS невозможно. Это объясняется тем, что том требуется временно смонтировать без защиты от записи, чтобы позволить операционной системе отформатировать его в NTFS (тогда как форматирование в FAT выполняется средствами VeraCrypt, а не операционной системы, и без монтирования ома). Технические подробности приведены ниже. Не скрытый том NTFS можно создать из обманной операционной системы. - В целях безопасности, когда запущена скрытая ОС, скрытые тома можно создавать только в 'прямом' режиме (поскольку внешние тома должны всегда монтироваться как 'только для чтения'). Чтобы безопасно создать скрытый том, выполните следующие шаги:\n\n1) Загрузите обманную систему.\n\n2) Создайте обычный том VeraCrypt и скопируйте в этот том какие-нибудь осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ нужно (этот том станет внешним томом).\n\n3) Загрузите скрытую систему и запустите мастер создания томов VeraCrypt. Если том - на основе файла, переместите его в системный раздел или в другой скрытый том (иначе вновь созданный скрытый том был бы смонтирован как 'только для чтения' без возможности форматирования). Следуйте инструкциям мастера так, как при выборе 'прямого' режима создания скрытого тома.\n\n4) На экране мастера выберите том, созданный на этапе 2, и следуйте инструкциям для создания скрытого тома внутри него. - В целях безопасности, когда запущена скрытая ОС, локальные незашифрованные файловые системы и не скрытые тома VeraCrypt монтируются как 'только для чтения' (т.е. в такие файловые системы или тома VeraCrypt не может быть записано никаких данных).\n\nДанные разрешается записывать лишь в файловые системы внутри скрытого тома VeraCrypt (при условии, что скрытый том расположен не в контейнере, находящемся на незашифрованной файловой системе или на любой другой файловой системе только для чтения). - Эти меры противодействия были реализованы по трём основным причинам:\n\n- Возможность создания безопасной платформы для монтирования скрытых томов VeraCrypt. Обратите внимание, что мы официально рекомендуем монтировать скрытые тома, только когда запущена скрытая операционная система. (Подробности см. в документации, параграф 'Требования безопасности и меры предосторожности касательно скрытых томов'.)\n\n- В ряде случаев имеется возможность определить, что в определённое время конкретная файловая система не была смонтирована (или конкретный файл в файловой системе не был сохранён либо к нему не было обращения из неё) под конкретной копией ОС (например путём анализа и сравнения журналов файловых систем, времён файлов, отчётов приложений и/или ошибок и т.д.). Всё это может навести на мысль о существовании в компьютере скрытой ОС. Данные меры противодействия этому препятствуют.\n\n- Предотвращение повреждения данных и безопасная гибернация. При выходе из гибернации Windows подразумевает, что все смонтированные файловые системы находятся в том же состоянии, что и до гибернации. VeraCrypt обеспечивает это запретом записи любой файловой системы, доступной как из обманной, так и из скрытой системы. Без такой защиты файловая система может повредиться при монтировании одной системой, когда другая система находится в состоянии гибернации. - Примечание: если нужно безопасно перенести файлы из обманной системы в скрытую, выполните следующее: 1) Загрузите обманную систему. 2) Сохраните нужные вам файлы на незашифрованном томе или на внешнем/обычном томе VeraCrypt. 3) Загрузите скрытую систему. 4) Если вы сохранили файлы на томе VeraCrypt, смонтируйте его (он будет автоматически смонтирован как 'только для чтения'). 5) Скопируйте файлы в скрытый системный раздел или в другой скрытый том. - Требуется перезагрузка компьютера.\n\nВыполнить перезагрузку сейчас? - Ошибка получения состояния системного шифрования. - Не указан пароль в командной строке. Том создать невозможно. - Не указан размер тома в командной строке. Том создать невозможно. - Указанный в командной строке размер файла тома несовместим с выбранной файловой системой NTFS. - Указанный в командной строке размер файла тома несовместим с выбранной файловой системой FAT32. - Файловая система на целевом диске не поддерживает создание разрежённых файлов, что необходимо для динамических томов. - Из командной строки можно создавать только файлы-контейнеры. - Указанный в командной строке размер файла-контейнера больше, чем объём свободного места на диске. Том создать невозможно. - Указанный в командной строке размер тома слишком мал. Том создать невозможно. - Указанный в командной строке размер тома слишком велик. Том создать невозможно. - Невозможно инициализировать компоненты приложения для системного шифрования. - Ошибка инициализации генератора случайных чисел. - Сбой интерфейса CryptoAPI Windows!\n\n\n(Если вы хотите сообщить о связанной с этим ошибке, включите в отчёт следующую техническую информацию:\n%s, Последняя ошибка = 0x%.8X) - Ошибка инициализации приложения. Невозможно зарегистрировать класс Dialog. - Ошибка загрузки системной библиотеки Rich Edit. - Мастер создания томов VeraCrypt - Максимальный размер скрытого тома для этого тома: %.2f байт - Максимальный размер скрытого тома для этого тома: %.2f КБ - Максимальный размер скрытого тома для этого тома: %.2f МБ - Максимальный размер скрытого тома для этого тома: %.2f ГБ. - Максимальный размер скрытого тома для этого тома: %.2f TБ. - Пока том смонтирован, изменять пароль/ключевые файлы этого тома невозможно. Сначала необходимо размонтировать том. - Пока том смонтирован, изменять алгоритм деривации ключа заголовка этого тома невозможно. Сначала необходимо размонтировать том. - С&монтировать - Для монтирования этого тома требуется более новая версия VeraCrypt. - Ошибка! Не найден мастер создания томов.\n\nПроверьте, имеется ли в папке, откуда был запущен файл 'VeraCrypt.exe', файл 'VeraCrypt Format.exe'. Если его там нет, переустановите VeraCrypt или найдите на жёстком диске файл 'VeraCrypt Format.exe' и запустите его. - Ошибка! Расширитель томов не найден.\n\nУбедитесь в наличии файла 'VeraCryptExpander.exe' в папке, откуда был запущен 'VeraCrypt.exe'. Если его там нет, переустановите VeraCrypt или найдите 'VeraCryptExpander.exe' у себя на диске и запустите его. - &Далее > - &Готово - &Установить - &Извлечь - Не удалось подключиться к драйверу устройств VeraCrypt. Если драйвер не запущен, работа VeraCrypt невозможна.\n\nИз-за особенностей Windows, для загрузки драйвера сначала может потребоваться завершение сеанса или перезагрузка системы. - Ошибка загрузки/подготовки шрифтов. - Буква диска не найдена, либо она не была указана. - Ошибка! Невозможно присвоить букву диска.\n\nПока зашифрованному тому не присвоена буква диска, хранящиеся в нём данные будут недоступны.\n\nПовторить? - Буква диска недоступна. - Не выбран файл. - Нет доступных букв дисков. - Нет незанятой буквы диска для внешнего тома. Создание тома не может быть продолжено. - Не удалось определить версию ОС, либо вы используете неподдерживаемую ОС. - Не указан путь. - Недостаточно свободного места для скрытого тома. Продолжить создание тома невозможно. - ОШИБКА: Скопированные во внешний том файлы занимают слишком много места. Из-за этого во внешнем томе недостаточно свободного места под скрытый том.\n\nОбратите внимание, что скрытый том должен быть не меньше системного раздела (т.е. раздела, где установлена работающая сейчас операционная система). Причина в том, что при создании скрытой ОС выполняется копирование в скрытый том содержимого системного раздела.\n\n\nПродолжение создания скрытой операционной системы невозможно. - Драйвер не может размонтировать том. Вероятно, на этом томе имеются открытые файлы. - Невозможно заблокировать том. На этом томе имеются открытые файлы, поэтому его нельзя размонтировать. - VeraCrypt не может заблокировать том, так как он используется системой или приложениями (возможно, открыты находящиеся на этом томе файлы).\n\nВы настаиваете на принудительном размонтировании этого тома? - Выберите том VeraCrypt - Укажите путь и имя файла - Выберите библиотеку PKCS #11 - Мало памяти - ВАЖНО: Неопытным пользователям настоятельно рекомендуется вместо шифрования\nвсего раздела/устройства создать на выбранном разделе/устройстве файловый контейнер VeraCrypt.\n\nПри создании файлового контейнера VeraCrypt (в отличие от шифрования устройства или раздела),\nнапример, нет риска уничтожения большого числа файлов.\nОбратите внимание: файловый контейнер VeraCrypt (хотя он и содержит виртуальный зашифрованный диск)\nв действительности представляет собой обычный файл.\nСм. подробности в Руководстве пользователя VeraCrypt (глава 'Руководство для новичков').\n\nВы действительно хотите зашифровать целиком устройство/раздел? - ВНИМАНИЕ: Файл '%s' уже существует!\n\nВАЖНО: VERACRYPT НЕ БУДЕТ ШИФРОВАТЬ ЭТОТ ФАЙЛ, ОН ЕГО УДАЛИТ.\n\nВы действительно хотите удалить этот файл, заменив его новым контейнером VeraCrypt? - ОСТОРОЖНО: ВСЕ ДАННЫЕ, КОТОРЫЕ СОДЕРЖИТ %s '%s'%s, БУДУТ УНИЧТОЖЕНЫ (А НЕ ЗАШИФРОВАНЫ)!\n\nВы настаиваете на форматировании? - ВНИМАНИЕ: Монтирование тома и доступ к хранящимся в нём файлам невозможны, пока том не будет полностью зашифрован.\n\nВы действительно хотите приступить к шифрованию %s '%s'%s? - ВНИМАНИЕ: Монтирование тома и доступ к хранящимся в нём файлам невозможны, пока том не будет полностью расшифрован.\n\nВы действительно хотите приступить к дешифрованию %s '%s'%s? - ВНИМАНИЕ: Неожиданное пропадание электропитания во время шифрования имеющихся данных 'на месте' или сбой операционной системы из-за программной/аппаратной ошибки может привести к частичному повреждению или потере данных. Поэтому прежде чем приступить к шифрованию, сделайте резервную копию файлов, которые вы хотите зашифровать.\n\nВы сделали такую резервную копию? - ОСТОРОЖНО: ВСЕ ФАЙЛЫ НА РАЗДЕЛЕ '%s'%s (Т.Е. НА ПЕРВОМ РАЗДЕЛЕ ЗА СИСТЕМНЫМ) БУДУТ УНИЧТОЖЕНЫ (А НЕ ЗАШИФРОВАНЫ)!\n\nВы действительно настаиваете на форматировании? - ВНИМАНИЕ: ВЫБРАННЫЙ РАЗДЕЛ СОДЕРЖИТ БОЛЬШОЙ ОБЪЁМ ДАННЫХ! Все файлы на этом разделе будут удалены (они НЕ будут зашифрованы)! - Стереть файлы в разделе при создании внутри него тома VeraCrypt - Пароль - PIM - Алгоритм деривации ключа заголовка - Добавление/удаление ключевых файлов в/из том(а) - Удаление всех ключевых файлов из тома - Пароль и/или ключевые файлы успешно изменен(ы).\n\nВАЖНО: Обязательно прочтите раздел 'Изменение паролей и ключевых файлов'\nв главе 'Требования безопасности и меры предосторожности'\nв Руководстве пользователя VeraCrypt. - Этот том зарегистрирован как системный избранный, и его PIM изменился.\nХотите автоматически обновить конфигурацию системных избранных томов (требуются права администратора)?\n\nПри ответе "Нет" вам будет нужно обновить системное избранное самостоятельно. - ВАЖНО: Если вы не уничтожили свой диск восстановления VeraCrypt (Rescue Disk), ваш системный раздел/диск по-прежнему можно расшифровать с помощью старого пароля (загрузившись с диска восстановления VeraCrypt и введя старый пароль). Вам следует создать новый диск восстановления VeraCrypt, после чего уничтожить старый.\n\nХотите создать новый диск восстановления VeraCrypt? - Обратите внимание, что ваш диск восстановления VeraCrypt (Rescue Disk) всё ещё использует прежний алгоритм. Если вы считаете этот алгоритм недостаточно надёжным, создайте новый диск восстановления VeraCrypt, после чего уничтожьте старый.\n\nХотите создать новый диск восстановления VeraCrypt? - В качестве ключевого можно использовать файл любого типа (например .mp3, .jpg, .zip, .avi). Содержимое ключевого файла при этом не изменяется. Можно выбирать несколько ключевых файлов (порядок неважен). Если добавить папку, то ключевыми будут все не скрытые файлы внутри неё. Нажмите 'Токен-файлы', чтобы выбрать ключевые файлы на токенах безопасности или смарт-картах (или для импорта ключевых файлов с токена/смарт-карты). - Ключевые файлы успешно добавлены/удалены. - Ключевой файл экспортирован. - Алгоритм деривации ключа заголовка успешно установлен. - Введите пароль и/или ключевые файлы для несистемного тома, где вы хотите возобновить шифрование 'на месте'.\n\n\nПримечание: после нажатия 'Далее' VeraCrypt попытается найти все несистемные тома, на которых был прерван процесс шифрования, и где можно расшифровать заголовок тома VeraCrypt с помощью указанного пароля и/или ключевых файлов. Если таких томов окажется несколько, на следующем этапе вам будет нужно выбрать один из них. - Выберите один из перечисленных томов. Это несистемные тома с прерванным процессом шифрования, заголовок которых удалось расшифровать с помощью указанного пароля и/или ключевых файлов. - Введите пароль и/или ключевые файлы для несистемного тома VeraCrypt, который вы хотите расшифровать. - Очень важно выбрать хороший пароль. Избегайте указывать пароли из одного или нескольких слов, которые можно найти в словаре (или комбинаций из 2, 3 или 4 таких слов). Пароль не должен содержать имён или дат рождения. Он должен быть труден для угадывания. Хороший пароль - случайная комбинация прописных и строчных букв, цифр и особых символов (@ ^ = $ * + и т.д.).\n\nРекомендуем выбирать пароли длиннее 20 символов (чем больше, тем лучше). Макс. длина: 64 символа. - Выберите пароль для скрытого тома. - Выберите пароль для скрытой операционной системы (т.е. для скрытого тома). - ВАЖНО: Выбираемый на этом этапе пароль для скрытой операционной системы должен существенно отличаться от двух других паролей (т.е. от паролей для внешнего тома и для обманной операционной системы). - Введите пароль для тома, внутри которого вы хотите создать скрытый том.\n\nПосле нажатия 'Далее' VeraCrypt попытается смонтировать том, после чего просмотреть карту кластеров смонтированного тома в поиске непрерывной свободной области, в конце которой окажется конец тома. В этой области размещается скрытый том, т.е. она определяет его предельный размер. Просмотр карты нужен для гарантии того, что данные во внешнем томе не будут перезаписаны внутренним томом. - \nВыберите пароль для внешнего тома. Это пароль, который вы сможете выдать противнику, если он вынудит вас это сделать.\n\nВАЖНО: Пароль должен существенно отличаться от того, который вы выберете для скрытого тома.\n\nПримечание: максимальная длина пароля - 64 символа. - Выберите пароль для внешнего тома. Это пароль, который вы сможете выдать каждому, кто вынудит вас сообщить пароль для первого раздела за системным, где будут располагаться внешний том и скрытый том (содержащий скрытую операционную систему). Существование скрытого тома (и скрытой ОС) останется в тайне. Учтите, что это пароль НЕ для обманной операционной системы.\n\nВАЖНО: Пароль должен существенно отличаться от того, который вы выберете для скрытого тома (т.е. для скрытой операционной системы). - Пароль внешнего тома - Пароль скрытого тома - Пароль для скрытой ОС - ВНИМАНИЕ: Короткие пароли легко взломать с помощью техник перебора.\n\nРекомендуется применять пароли из более чем 20 символов.\n\nВы действительно хотите использовать короткий пароль? - Пароль тома - Неверный пароль, либо это не том VeraCrypt. - Неверные ключевые файлы и/или пароль, либо это не том VeraCrypt. - Неверный режим монтирования, неправильный пароль, либо это не том VeraCrypt. - Неверный режим монтирования, неправильные ключевые файлы и/или пароль, либо это не том VeraCrypt. - Неверный пароль или не найден том VeraCrypt. - Неверные ключевые файлы/пароль, либо не найден том VeraCrypt. - \n\nВнимание! Нажата клавиша Caps Lock. Это может привести к неправильному вводу пароля. - Запомнить номер монтирования тома - PIM внешнего тома - PIM скрытого тома - PIM скрытой ОС - PIM (персональный умножитель итераций) - это значение, управляющее количеством итераций для деривации ключа заголовка.\n Итерации = 15000 + (PIM x 1000).\n\nЕсли пусто или равно нулю, VeraCrypt будет использовать стандартное значение (485), обеспечивающее высокую надёжность.\n\nЕсли пароль короче 20 символов, PIM не может быть меньше 485, чтобы гарантировать минимальный уровень защиты.\nЕсли пароль состоит из 20 и более символов, PIM может быть любым.\n\nPIM более 485 ведёт к замедлению монтирования. При меньшем значении PIM (до 485) монтирование ускоряется, но снижается надёжность, если пароль недостаточно сложный. - PIM (персональный умножитель итераций) - это значение, управляющее количеством итераций для деривации ключа заголовка.\n Итерации = PIM x 2048.\n\nЕсли пусто или равно нулю, VeraCrypt будет использовать стандартное значение, обеспечивающее высокую надёжность.\n\nЕсли пароль короче 20 символов, PIM не может быть меньше 98, чтобы гарантировать минимальный уровень защиты.\nЕсли пароль состоит из 20 и более символов, PIM может быть любым.\n\nPIM более 98 ведёт к замедлению загрузки. При меньшем значении PIM (до 98) загрузка ускоряется, но снижается надёжность, если пароль недостаточно сложный. - Запомните число для загрузки системы - Выбранное значение PIM больше, чем стандартное в VeraCrypt.\nУчтите, что это приведёт к значительному замедлению монтирования/загрузки. - Выбранное значение PIM (персонального умножителя итераций) меньше, чем стандартное в VeraCrypt. Учтите, что если ваш пароль недостаточно надёжен, это может привести к ослаблению защиты.\n\nПодтверждаете, что вы используете надёжный пароль? - Максимальное значение PIM (персонального умножителя итераций) для шифрования системы составляет 65535. - PIM тома - \n\nВнимание! В пути поиска ключевых файлов обнаружены скрытые файлы. Скрытые файлы не могут быть ключевыми. Если вы хотите использовать их как ключевые, снимите у них атрибут 'Скрытый' (на каждом из них щёлкните правой кнопкой мыши, выберите 'Свойства', снимите флажок 'Скрытый' и нажмите OK). Учтите, что скрытые файлы видны только при соответствующей системной настройке (Компьютер > Сервис > Параметры папок (Свойства папки) > Вид). - Если вы пытаетесь защитить скрытый том, содержащий скрытую систему, проверьте, чтобы при вводе пароля для скрытого тома была включена стандартная американская раскладка клавиатуры. Это необходимо, так как данный пароль запрашивается на этапе дозагрузочной аутентификации (до запуска Windows), когда иные раскладки клавиатуры недоступны. - Не найдено ни одного несистемного тома с прерванной операцией шифрования и заголовком, для которого подходит указанный пароль и/или ключевые файлы.\n\nПроверьте, правильно ли указан пароль и/или ключевые файлы, и не используется ли раздел/том системой или приложениями (включая антивирусное ПО). - Раздел/устройство уже полностью зашифрован(о).\nФлаги заголовка = 0x%.8X - Раздел/устройство не использует шифрование 'на месте'.\nФлаги заголовка = 0x%.8X - \n\nПримечание: если вы пытаетесь смонтировать раздел, расположенный на зашифрованном системном диске без дозагрузочной аутентификации, или смонтировать зашифрованный системный раздел операционной системы, не выполняемой в данный момент, выберите 'Система' > 'Смонтировать без дозагрузочной аутентификации'. - В этом режиме нельзя монтировать раздел, расположенный на диске, часть которого находится в области шифрования активной системы.\n\nПрежде чем можно будет смонтировать этот раздел в данном режиме, нужно либо загрузить операционную систему, установленную на другом диске (зашифрованном или нет), либо загрузить незашифрованную ОС. - VeraCrypt не может расшифровать отдельный раздел на полностью зашифрованном системном диске (можно расшифровать только весь системный диск). - Внимание! Так как диск содержит загрузчик VeraCrypt, он может быть полностью зашифрованным системным диском. Если это так, учтите, что VeraCrypt не может расшифровывать отдельный раздел на полностью зашифрованном системном диске (допускается расшифровка только всего системного диска). Вы можете сейчас продолжить, но потом получите сообщение 'Неверный пароль'. - < &Назад - Невозможно показать список установленных в системе raw-устройств. - Том '%s' существует и предназначен только для чтения. Вы действительно хотите его заменить? - Выберите папку назначения - Выберите ключевой файл - Выберите путь поиска ключевых файлов. ВНИМАНИЕ: Запоминается только путь, но не имена файлов. - Выбрать папку хранения ключевых файлов. - В качестве ключевого файла выбран текущий файл-контейнер. Он будет пропущен. - Авторы: Ross Anderson, Eli Biham и Lars Knudsen. Опубликован в 1998 г. 256-бит ключ, 128-бит блок. Режим работы: XTS. Алгоритм Serpent - один из финалистов AES. - Укажите размер создаваемого контейнера.\n\nПри создании динамического ('растягивающегося' по мере заполнения) контейнера, этот параметр определяет его максимальный размер.\n\nМинимальный объём для тома FAT: 292 КБ, для тома NTFS: 3792 КБ. - Укажите размер нового внешнего тома (сначала создаётся внешний том, а затем внутри него - скрытый). Минимально возможный размер тома, предназначенного для создания скрытого тома, составляет 340 КБ. - Укажите размер создаваемого скрытого тома. Минимальный объём скрытого тома равен 40 КБ (или 3664 КБ, если он отформатирован как NTFS). Максимально возможный для выбора размер скрытого тома показан выше. - Размер внешнего тома - Размер скрытого тома - Проверьте правильность размера выбранного устройства или раздела и нажмите 'Далее'. - Внешний том и скрытый том (содержащий скрытую ОС) будут расположены внутри этого раздела. Это должен быть первый раздел за системным.\n\nПроверьте правильность показанных выше размера и номера раздела, и если всё верно, то нажмите 'Далее'. - \n\nУчтите, что том, внутри которого будет создаваться скрытый том, не может быть меньше 340 КБ. - Размер тома - Динами- ческий - Внимание! ОШИБКА теста. - Тест всех алгоритмов пройден - Указанное вами число единиц данных слишком длинное или короткое. - Указанный вами вторичный ключ слишком длинный или короткий. - Неверная длина тестового зашифрованного текста. - Неверная длина тестового ключа. - Неверная длина тестового незашифрованного текста. - Два шифра, последовательно оперирующие в режиме XTS. Каждый блок сначала шифруется %s (%d-бит ключ), а затем %s (%d-бит ключ). Каждый шифр применяет свой собственный ключ. Все ключи взаимно независимы. - Три шифра, последовательно оперирующие в режиме XTS. Каждый блок сначала шифруется %s (%d-бит ключ), затем %s (%d-бит ключ), и, наконец, %s (%d-бит ключ). Каждый шифр применяет свой собственный ключ. Все ключи взаимно независимы. - Обратите внимание, что в зависимости от конфигурации ОС, функции автозапуска и автомонтирования могут работать, только если файлы переносного диска находятся на недоступном для записи CD/DVD-носителе. Это не ошибка VeraCrypt, а ограничение Windows. - Переносной диск VeraCrypt успешно создан.\n\nПомните, что для запуска VeraCrypt в переносном режиме необходимы права администратора ПК. Также учтите, что путём исследования файла реестра можно будет узнать, что в системе Windows запускался VeraCrypt, даже если он работал только в переносном режиме. - Переносной диск VeraCrypt - Авторы: Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall и Niels Ferguson. Опубликован в 1998 г. 256-бит ключ, 128-бит блок. Режим работы: XTS. Twofish - один из финалистов AES. - Подробнее о %s - Неизвестно - Неопределённая или неизвестная ошибка (%d). - Некоторые тома содержат файлы или папки, используемые приложениями или системой.\n\nНастаиваете на размонтировании? - Раз&монтировать - Ошибка размонтирования. - Том содержит файлы или папки, используемые приложениями или системой.\n\nНастаиваете на размонтировании? - На указанную букву диска том не смонтирован. - Этот том уже смонтирован. - Ошибка при попытке монтирования тома. - Ошибка поиска местоположения внутри тома. - Ошибка: неверный размер тома. - Внимание! Быстрое форматирование следует использовать, только если:\n\n1) На устройстве нет конфиденциальных данных и вам не требуется правдоподобное отрицание\n2) Устройство уже полностью и надёжно зашифровано\n\nВы действительно хотите использовать быстрое форматирование? - Динамический контейнер это предраспределённый разрежённый файл NTFS, физический размер которого (место, занимаемое им на диске) увеличивается по мере добавления в него новых данных.\n\nВНИМАНИЕ: Производительность у томов на основе разрежённых файлов значительно ниже, чем у обычных томов. Также учтите, что тома на основе разрежённых файлов менее надёжны, поскольку можно определить, какие из секторов тома не используются. Более того, тома на основе разрежённых файлов не дают возможности правдоподобного отрицания наличия скрытого тома. Также учтите, что если данные записываются в контейнер на основе разрежённого файла при недостатке свободного места на файловой хост-системе, зашифрованная файловая система может оказаться повреждённой.\n\nВы действительно хотите создать том на основе разрежённого файла? - Учтите, что размер динамического контейнера, сообщаемый Windows и VeraCrypt, будет всегда равен его максимальному размеру. Чтобы выяснить текущий физический размер контейнера (действительно занимаемое им место на диске), щёлкните правой кнопкой мыши на файле-контейнере (в окне Проводника, не в VeraCrypt!), выберите пункт 'Свойства' и см. значение 'На диске'.\n\nТакже учтите, что при перемещении динамического контейнера на другой том или диск, физический размер контейнера будет увеличен до максимума. (Этого можно избежать, создав новый динамический контейнер в месте назначения, смонтировав его и затем перенеся в него файлы из старого контейнера.) - Кэш паролей очищен - Пароли (и/или обработанное содержимое ключевых файлов), хранящиеся в кэше драйвера VeraCrypt, удалены. - VeraCrypt не может изменить пароль для чуждого ему тома. - Выберите из списка незанятую букву диска. - Выберите в списке букв дисков смонтированный том. - Выбраны два разных смонтированных тома (один в списке букв дисков, другой в поле ввода ниже списка).\n\nУкажите том, который вы хотели выбрать: - Ошибка! Невозможно создать autorun.inf - Ошибка обработки ключевого файла. - Ошибка обработки пути ключевого файла. - В пути к ключевым файлам нет файлов.\n\nОбратите внимание, что папки (и содержащиеся в них файлы), найденные в путях поиска ключевых файлов, игнорируются. - VeraCrypt не работает в этой операционной системе. - Ошибка! VeraCrypt поддерживает только стабильные (не бета) версии этой операционной системы (версии beta/RC не поддерживаются). - Ошибка! Невозможно распределить память. - Ошибка! Невозможно восстановить значение счётчика производительности. - Ошибка! Плохой формат тома. - Ошибка! Вы указали пароль для скрытого тома (а не для обычного тома). - В целях безопасности, скрытый том нельзя создать внутри тома VeraCrypt, содержащего файловую систему, зашифрованную 'на месте' (поскольку свободное место такого тома не было заполнено случайными данными). - VeraCrypt: юридические примечания - Все файлы - Тома VeraCrypt - Библиотечные модули - Продолжение NTFS-форматирования невозможно. - Невозможно смонтировать том. - Невозможно размонтировать том. - Windows не может отформатировать этот том как NTFS.\n\nВыберите другой тип файловой системы (если возможно) и повторите попытку. Либо вы можете оставить этот том неформатированным (в поле выбора файловой системы укажите 'Нет'), закрыть окно мастера, смонтировать том, а затем с помощью системной или сторонней утилиты отформатировать смонтированный том (том при этом останется зашифрованным). - Windows не может отформатировать этот том как NTFS.\n\nХотите вместо этого отформатировать том как FAT? - По умолчанию - раздел - РАЗДЕЛ - Устройство - устройство - УСТРОЙСТВО - Том - том - ТОМ - Метка - Для этого тома выбран слишком маленький размер кластеров. Будут использованы кластеры большего размера. - Ошибка! Невозможно получить размер тома.\n\nПроверьте, не используется ли выбранный том системой или какой-либо программой. - Скрытые тома нельзя создавать внутри динамических контейнеров (разрежённых файлов). Чтобы можно было правдоподобно отрицать наличие секретной информации, скрытый том нужно создавать внутри нединамического контейнера. - Мастер создания томов VeraCrypt способен создавать скрытый том только внутри тома FAT или NTFS. - В среде Windows 2000 мастер создания томов VeraCrypt способен создавать скрытый том только внутри тома FAT. - Примечание: для внешних томов больше подходит система FAT, нежели NTFS (например, максимальный размер скрытого тома почти наверняка будет существенно больше, если внешний том отформатирован как FAT). - Обратите внимание, что для внешних томов больше подходит система FAT, нежели NTFS. Например, максимальный размер скрытого тома почти наверняка будет существенно больше, если внешний том отформатирован как FAT (поскольку NTFS всегда хранит внутренние данные точно в центре тома и потому скрытый том может располагаться только во второй половине внешнего тома).\n\nВы действительно хотите отформатировать внешний том как NTFS? - Хотите вместо этого отформатировать том как FAT? - Примечание: этот том нельзя отформатировать в FAT, так как его размер больше, чем допускает файловая система FAT32 для соответствующего размера секторов (2 ТБ для секторов по 512 байт, и 16 ТБ для секторов по 4096 байт). - Ошибка! Раздел для скрытой операционной системы (т.е. для первого раздела за системным) должен быть по крайней мере на 5% больше системного раздела (системный раздел - тот, где установлена выполняющаяся сейчас ОС). - Ошибка! Раздел для скрытой операционной системы (т.е. для первого раздела за системным) должен быть по крайней мере на 110% (в 2,1 раза) больше системного раздела (системный раздел - тот, где установлена выполняющаяся сейчас ОС). Причина в том, что файловая система NTFS всегда хранит внутренние данные точно в центре тома, и потому скрытый том (в котором должен содержаться клон системного раздела) может располагаться только во второй половине внешнего тома. - Ошибка! Если внешний том отформатирован как NTFS, он должен быть по крайней мере на 110% (в 2,1 раза) больше системного раздела. Причина в том, что файловая система NTFS всегда хранит внутренние данные точно в центре тома, и потому скрытый том (в котором должен содержаться клон системного раздела) может располагаться только во второй половине внешнего тома.\n\nПримечание: внешний том должен находиться в том же разделе, что и скрытая операционная система (т.е. в первом разделе за системным). - Ошибка! Нет разделов за системным разделом.\n\nПрежде чем можно будет создать скрытую операционную систему, нужно создать для неё раздел на системном диске. Этот раздел должен быть первым за системным, и он должен быть по крайней мере на 5% больше системного раздела (т.е. того, где установлена запущенная сейчас ОС). Однако если внешний том (не путайте с системным разделом) отформатирован как NTFS, раздел для скрытой операционной системы должен быть не менее, чем на 110% (в 2,1 раза) больше системного (причина в том, что файловая система NTFS всегда хранит внутренние данные точно в центре тома, поэтому скрытый том, который должен содержать клон системного раздела, может располагаться только во второй половине раздела). - Замечание: непрактично (и потому это не поддерживается) устанавливать операционные системы в два тома VeraCrypt, встроенных в один раздел, поскольку при использовании внешней ОС часто требуется записывать данные в область внутренней ОС (а если такие операции записи предотвращать с помощью функции защиты скрытых томов, то это может привести к краху системы, т.е. к 'синему экрану смерти'). - Информацию о создании и управлении разделами см. в документации к вашей операционной системе, либо проконсультируйтесь в службе техподдержки поставщика своего компьютера. - Ошибка! Выполняющаяся в данный момент операционная система установлена не в загрузочном разделе (первом разделе с пометкой 'Активный'). Это не поддерживается. - Вы указали, что собираетесь хранить в этом томе VeraCrypt файлы размером более 4 ГБ, но выбрали при этом файловую систему FAT, в которой сохранение файлов объёмом свыше 4 ГБ не поддерживается.\n\nВы действительно хотите отформатировать том как FAT? - Ошибка! VeraCrypt не поддерживает дешифрование 'на месте' несистемных томов, созданных VeraCrypt устаревших версий (1.0b и ранее).\n\nЧтобы расшифровать файлы, хранящиеся в этом томе, просто скопируйте или переместите их на любой незашифрованный том. - Ошибка! VeraCrypt не может 'на месте' дешифровать скрытый том VeraCrypt.\n\nЧтобы расшифровать файлы, хранящиеся в этом томе, просто скопируйте или переместите их на любой незашифрованный том. - Внимание! VeraCrypt не может 'на месте' расшифровать том, в котором содержится скрытый том VeraCrypt (скрытый том перезапишется псевдослучайными данными).\n\nПодтвердите, что в томе, который вы собираетесь дешифровать, нет скрытого тома.\n\n* Если в томе есть скрытый том, но вы не против его потери, то можете продолжить (внешний том будет безопасно дешифрован). - В этом томе нет скрытого тома. Продолжаем. - В этом томе находится скрытый том. Отмена. - Ошибка! Нет доступа к тому.\n\nПроверьте, существует ли этот том, не смонтирован ли он, не используется ли системой или какой-либо программой, которой вы дали права чтения/записи этого тома, и не защищён ли он от записи. - Ошибка! Невозможно получить свойства тома. - Ошибка! Нет доступа к тому и/или невозможно получить сведения о томе.\n\nПроверьте, существует ли выбранный том, не используется ли он системой или приложениями, есть ли у вас права для чтения/записи этого тома, и не защищён ли том от записи. - Ошибка! Нет доступа к тому и/или невозможно получить сведения о томе. Проверьте, существует ли выбранный том, не используется ли он системой или приложениями, есть ли у вас права для чтения/записи этого тома, и не защищён ли том от записи.\n\nЕсли проблема не решается, попробуйте предпринять шаги, указанные ниже. - Зашифровать раздел не удалось из-за ошибки. Попробуйте устранить все ранее указанные проблемы и повторить попытку. Если проблемы не решаются, попробуйте предпринять шаги, указанные ниже. - Продолжить процесс шифровния раздела не удалось из-за ошибки.\n\nПопробуйте устранить все ранее указанные проблемы и снова возобновить процесс шифрования. Учтите, что том нельзя смонтировать до тех пор, пока он не будет полностью зашифрован. - VeraCrypt не удалось дешифровать том из-за ошибки. Попробуйте устранить все возникшие ранее проблемы и затем по возможности повторите. - Ошибка! Невозможно размонтировать внешний том.\n\nТом нельзя размонтировать, если он содержит файлы или папки, используемые какой-либо программой или системой.\n\nЗакройте все программы, которые могут использовать файлы и папки на этом томе, и нажмите 'Повтор'. - Ошибка! Невозможно получить информацию о внешнем томе. Создание тома прекращено. - Ошибка! Нет доступа к внешнему тому. Продолжение создания тома невозможно. - Ошибка! Невозможно смонтировать внешний том. Создание тома не может быть продолжено. - Ошибка! Невозможно получить карту кластеров тома. Создание тома не может быть продолжено. - По алфавиту/категориям - Средняя скорость (убывание) - Алгоритм - Шифрование - Дешифрование - Среднее - Диск - Размер - Алгоритм шифрования - Алгоритм шифрования - Тип - Значение - Свойство - Размещение - байт - Скрытый - Внешний - Обычный - Системный - Скрытый (системный) - Только для чтения - Системный диск - Системный диск (шифрование - %.2f%% готово) - Системный диск (дешифрование - %.2f%% готово) - Системный диск (%.2f%% зашифровано) - Системный раздел - Скрытый системный раздел - Системный раздел (шифрование - %.2f%% готово) - Системный раздел (дешифрование - %.2f%% готово) - Системный раздел (%.2f%% зашифровано) - Да (защита от повреждений!) - Нет - Длина первичного ключа - Длина вторичного ключа (XTS-режим) - Длина Tweak-ключа (LRW-режим) - бит - Размер блока - PKCS-5 PRF - Число итераций PKCS-5 - Том создан - Последнее изменение заголовка - (прошло дней: %I64d) - Версия формата тома - Встроенная копия заголовка - Загрузчик VeraCrypt - версия - 1-ая доступная - Сменный диск - Жёсткий диск - Не изменять - Автоопределение - Режим мастера - Выберите режим. Если не знаете, какой выбрать, используйте предложенный. - Выберите эту опцию, чтобы установить VeraCrypt в данной системе. - Примечание: обновление можно выполнить без расшифровки данных, даже если зашифрован системный раздел/диск или используется скрытая операционная система. - При выборе этой опции все файлы будут извлечены из дистрибутива, но не установлены в систему. Не выбирайте этот вариант, если вы намерены шифровать системный раздел или системный диск. Этот вариант может пригодиться, например, если вы собираетесь запускать VeraCrypt в так называемом 'переносном' (portable) режиме. VeraCrypt не обязательно должен быть установлен в ОС, в которой он работает. После извлечения всех файлов вы можете просто запустить файл 'VeraCrypt.exe' (программа будет работать в 'переносном' режиме). - Параметры установки - Здесь можно выбрать различные параметры, влияющие на установку программы. - Установка - Подождите, идёт установка VeraCrypt. - Установка VeraCrypt успешно выполнена - Обновление VeraCrypt успешно выполнено - Помогите материально развитию программы. Кнопка 'Готово' - закрыть установщик. - Параметры извлечения - Здесь можно выбрать различные параметры, влияющие на извлечение файлов. - Подождите, идёт извлечение файлов. - Файлы успешно извлечены - Все файлы успешно извлечены в указанное место назначения. - Если указанной папки не существует, она будет создана автоматически. - Программные файлы VeraCrypt будут обновлены в папке установки VeraCrypt. Если вы хотите выбрать другое местоположение, сначала нужно удалить VeraCrypt. - Показать примечания к текущей (последней стабильной) версии VeraCrypt? - Если вы никогда ранее не работали с VeraCrypt, рекомендуется ознакомиться с разделом для новичков в Руководстве пользователя VeraCrypt. Хотите прочитать документацию? - Выберите желаемое действие: - Восстановить/переустановить - Обновить - Удалить - Для установки/удаления VeraCrypt необходимо иметь права администратора. Хотите продолжить? - В системе сейчас запущен установщик VeraCrypt. Он выполняет/готовит установку или обновление VeraCrypt. Дождитесь завершения его работы или закройте его. Если закрыть установщик не получается, перезагрузите компьютер и лишь потом продолжите. - Установка не выполнена. - Удаление не выполнено. - Этот дистрибутивный пакет повреждён. Загрузите его снова (желательно с официального сайта VeraCrypt - https://veracrypt.codeplex.com). - Невозможно записать файл %s - Извлечение - Невозможно прочитать данные из дистрибутива. - Невозможно проверить целостность этого дистрибутивного пакета. - Извлечение не выполнено. - Установка возвращена назад. - Программа VeraCrypt успешно установлена. - Программа VeraCrypt успешно обновлена. - Версия VeraCrypt успешно обновлена. Однако прежде чем её использовать, нужно перезагрузить компьютер.\n\nВыполнить перезагрузку сейчас? - Ошибка обновления VeraCrypt!\n\nВАЖНО: Настоятельно рекомендуется до завершения работы или перезагрузки ОС воспользоваться функцией восстановления системы ('Пуск > Программы > Стандартные > Служебные > Восстановление системы') и вернуть систему в точку 'VeraCrypt installation'. Если функция 'Восстановление системы' недоступна, попробуйте снова установить исходную или новую версию версию VeraCrypt до завершения или перезагрузки системы. - Программа VeraCrypt успешно удалена.\n\nНажмите 'Готово', чтобы удалить установщик VeraCrypt и папку %s. Папка не будет удалена, если в ней содержатся какие-либо файлы, созданные не установщиком и не самой программой VeraCrypt. - Удаление записей VeraCrypt в реестре - Добавление элемента в реестр - Удаление относящихся к программе данных - Установка - Остановка - Удаление - Добавление значка - Создание точки восстановления системы - Ошибка создания точки восстановления системы. - Обновление загрузчика - Установка '%s' не выполнена. %s Продолжить установку? - Удаление '%s' не выполнено. %s Продолжить удаление? - Установка завершена. - Не удалось создать папку '%s' - Невозможно выгрузить драйвер VeraCrypt.\n\nСначала закройте все открытые окна VeraCrypt. Если это не поможет, перезагрузите Windows и попробуйте ещё раз. - Прежде чем продолжить установку или удаление VeraCrypt, нужно размонтировать все VeraCrypt-тома. - В этой системе уже установлена устаревшая версия VeraCrypt. Её необходимо удалить, прежде чем можно будет установить новую версию VeraCrypt.\n\nПри закрытии этого окна будет запущена программа удаления старой версии. Никакие тома при удалении VeraCrypt не расшифровываются. После удаления старой версии VeraCrypt запустите установщик новой версии VeraCrypt снова. - Ошибка установки элементов в реестре - Ошибка установки драйвера устройства. Перезагрузите Windows и попробуйте установить VeraCrypt ещё раз. - Запуск драйвера VeraCrypt - Ошибка удаления драйвера устройств. Обратите внимание, что из-за особенностей Windows для удаления (или переустановки) драйвера может потребоваться завершить сеанс работы или перезагрузить систему. - Установка драйвера VeraCrypt - Остановка драйвера VeraCrypt - Удаление драйвера VeraCrypt - Ошибка регистрации библиотеки поддержки управления учётными записями пользователей (User Account Control). - Ошибка отмены регистрации библиотеки поддержки управления учётными записями пользователей (User Account Control). - О портативном режиме\n\nУчтите, что прежде чем драйверы смогут быть запущены, они должны быть зарегистрированы операционной системой. Поэтому драйвер VeraCrypt не полностью портативный (и не может таковым быть) (тогда как приложения VeraCrypt полностью портативные, т.е. не требуют установки или регистрации в ОС). Также примите к сведению, что для шифрования/дешифрования 'на лету' VeraCrypt требуется драйвер. - !!! Если вы решили запустить VeraCrypt в переносном режиме (а не как нормально установленную в ПК программу), система будет спрашивать вашего разрешения на выполнение (функция контроля учётных записей, UAC) при каждом запуске VeraCrypt.\n\nПричина в том, что при запуске VeraCrypt в переносном режиме требуется загружать и выполнять драйвер VeraCrypt. Этот драйвер нужен VeraCrypt для прозрачного, выполняемого 'на лету' шифрования/дешифрования, а пользователи без прав администратора запускать драйверы в Windows не могут. Поэтому система будет спрашивать у вас разрешения на запуск VeraCrypt с привилегиями администратора (UAC).\n\nОбратите внимание, что при установке (инсталляции) VeraCrypt в систему (в отличие от запуска VeraCrypt в переносном режиме), система НЕ будет запрашивать вашего разрешения при каждом запуске VeraCrypt.\n\nВы действительно хотите только извлечь файлы? - ВНИМАНИЕ: Эта копия мастера создания томов имеет административные привилегии.\n\nНовый том может быть создан с правами, которые не позволят вам записывать в него данные, когда он будет смонтирован. Если вы хотите этого избежать, закройте эту копию мастера создания томов и запустите другую, без административных привилегий.\n\nХотите закрыть эту копию мастера создания томов? - Ошибка вывода лицензии. - Внешний(!) - дн. - час - мин - c - Открыть - Размонтировать - Показать VeraCrypt - Скрыть VeraCrypt - Считано данных после монтирования - Записано данных после монтирования - Зашифрованная часть - 100% (полностью зашифровано) - 0% (не зашифровано) - %.3f%% - 100% - Ожидание - Подготовка - Изменение размера - Шифрация - Дешифрация - Завершение - Пауза - Завершено - Ошибка - Устройство отключено - Системные избранные тома сохранены.\n\nЧтобы разрешить монтирование этих томов при старте системы, выберите 'Настройки' > 'Системные избранные тома' > 'Монтировать системные избранные тома при старте Windows'. - Добавляемый в избранное том не является ни разделом, ни динамическим томом. Поэтому VeraCrypt не сможет смонтировать этот избранный том, если изменится число устройств. - Добавляемый в избранное том это раздел, не распознанный Windows.\n\nVeraCrypt не сможет смонтировать этот избранный том, если изменится число устройств. Задайте тип раздела, распознаваемый Windows (используйте команду SETID в Windows-утилите 'DiskPart'), и затем снова добавьте раздел в список избранного. - Фоновая работа VeraCrypt отключена или настроена на прекращение при отсутствии смонтированных томов (либо VeraCrypt запущен в переносном режиме). Это может помешать автомонтированию избранных томов при подключении устройств, на которых они расположены.\n\n!!! Чтобы включить фоновое выполнение VeraCrypt, вызовите окно настроек программы и отметьте параметр 'Включено' в поле 'Работа VeraCrypt в фоновом режиме'. - Автомонтирование контейнера, расположенного в сетевой файловой системе, при подключении его хост-устройства невозможно. - Указанное ниже устройство - не раздел и не динамический том. Поэтому при подключении этого устройства автомонтирование расположенного на нём тома невозможно. - Присвойте показанному ниже разделу тип, распознаваемый Windows (используйте команду SETID в Windows-утилите 'DiskPart'). Затем удалите раздел из списка избранного и добавьте его снова. Этим вы разрешите тому на основе устройства автоматически монтироваться при подключении устройства. - Указанное ниже устройство - не раздел и не динамический том. Поэтому присвоить ему метку невозможно. - Присвойте показанному ниже разделу тип, распознаваемый Windows (используйте команду SETID в Windows-утилите 'DiskPart'). Затем удалите раздел из списка избранного и добавьте его снова. Это позволит VeraCrypt присвоить разделу метку. - Из-за системных ограничений Windows контейнер, находящийся в удалённой сетевой файловой системе, нельзя монтировать как избранный системный том (но его можно смонтировать как несистемный избранный том при входе пользователя в свою учётную запись). - Введите пароль для %s - Введите пароль для '%s' - Введите пароль для обычного/внешнего тома - Введите пароль для скрытого тома - Введите пароль для заголовка в файле резервной копии - Ключевой файл успешно создан. - Недопустимое количество ключевых файлов. - Размер ключевого файла должен быть между 64 и 1048576 байтами. - Введите имя создаваемого ключевого файла - Недопустимое базовое имя ключевых файлов - Ключевой файл '%s' уже существует.\nперезаписать его? При ответе 'Нет' процесс генерирования будет остановлен. - ВНИМАНИЕ: Заголовок этого тома повреждён! VeraCrypt автоматически задействовал резервную копию заголовка, встроенную в том.\n\nВам следует исправить заголовок, выбрав 'Сервис' > 'Восстановить заголовок тома'. - Резервная копия заголовка тома успешно создана.\n\nВАЖНО: При восстановлении заголовка из этой резервной копии также будет восстановлен и текущий пароль тома. Более того, если для монтирования тома требуются ключевые файлы, после восстановления заголовка из копии для монтирования тома понадобятся те же ключевые файлы.\n\nВНИМАНИЕ: Эту копию заголовка тома можно использовать для восстановления заголовка ТОЛЬКО этого конкретного тома. Если применить эту копию для восстановления заголовка другого тома, смонтировать том вы сможете, но вам НЕ удастся расшифровать никаких данных, хранящихся в этом томе (так как это изменит его мастер-ключ). - Заголовок тома успешно восстановлен.\n\nВАЖНО: Имейте в виду, что вместе с заголовком также был восстановлен и прежний пароль.\nБолее того, если на момент создания резервной копии для монтирования тома\nтакже требовались ключевые файлы, эти же ключевые файлы понадобятся\nдля монтирования данного тома сейчас. - В целях безопасности, для этого тома потребуется ввести правильный пароль\n(и/или предоставить корректные ключевые файлы).\n\nПримечание: если в этом томе содержится скрытый том, сначала нужно ввести правильный пароль\n(и/или предоставить корректные ключевые файлы) для внешнего тома.\nЗатем, если вы выбрали резервное копирование заголовка скрытого тома, нужно будет\nуказать правильный пароль (и/или предоставить корректные ключевые файлы) для скрытого тома. - Вы действительно хотите создать резервную копию заголовка тома для %s?\n\nПри выборе 'Да' вам потребуется указать имя файла для резервной копии заголовка.\n\nПримечание: оба заголовка - для обычного и скрытого томов - будут повторно зашифрованы с использованием новой соли и сохранены в файле резервной копии. Если внутри этого тома нет скрытого тома, область, зарезервированная в резервной копии под заголовок скрытого тома, будет заполнена случайными данными (для сохранения возможности правдоподобного отрицания причастности). При восстановлении заголовка тома из файла резервной копии вам потребуется ввести правильный пароль и/или предоставить корректные ключевые файлы, действительные на момент создания резервной копии заголовка тома. По паролю (и/или ключевым файлам) также будет автоматически определяться тип заголовка тома для восстановления - обычный или скрытый (учтите, что VeraCrypt определяет тип методом проб и ошибок). - Вы действительно хотите восстановить заголовок тома %s?\n\nВНИМАНИЕ: При восстановлении заголовка также будет восстановлен пароль тома, который действовал на момент изготовления резервной копии. Более того, если на момент создания резервной копии для монтирования тома также требовались ключевые файлы, после восстановления заголовка для монтирования данного тома понадобятся эти же ключевые файлы.\n\nНажмите 'Да', чтобы выбрать файл с резервной копией заголовка. - Имеется ли в томе скрытый том? - В томе имеется скрытый том - В томе нет скрытого тома - Выберите тип резервной копии заголовка тома: - Восстановить заголовок тома из копии, встроенной в том - Восстановить заголовок тома из внешнего файла с резервной копией - Неверный размер файла с резервной копией заголовка тома. - В этом томе нет встроенной копии заголовка (учтите, что встроенные копии заголовков содержат только тома, созданные VeraCrypt 6.0 или новее). - Вы пытаетесь создать резервную копию заголовка системного раздела/диска. Это не разрешено. Операции резервного копирования/восстановления, относящиеся к системному разделу/диску, можно выполнять только с помощью диска восстановления VeraCrypt (Rescue Disk).\n\nСоздать диск восстановления VeraCrypt? - Вы пытаетесь восстановить из резервной копии заголовок виртуального тома VeraCrypt, но выбрали системный раздел/диск. Это не разрешено. Операции резервного копирования/восстановления, относящиеся к системному разделу/диску, можно выполнять только с помощью диска восстановления VeraCrypt (Rescue Disk).\n\nСоздать диск восстановления VeraCrypt? - После нажатия OK выберите имя файла для ISO-образа нового диска восстановления VeraCrypt (Rescue Disk) и место, где его нужно сохранить. - Образ диска восстановления создан и сохранён в файле: %s\n\nСейчас вам нужно записать этот образ на CD или DVD.\n\nВАЖНО: Этот файл-образ должен быть записан на CD/DVD как ISO-образ диска (а не как отдельный файл). Сведения об этом вы можете найти в документации к своему ПО для записи CD/DVD.\n\nЗаписав диск восстановления на CD/DVD, выберите 'Система' > 'Проверить диск восстановления', чтобы убедиться в корректности записи созданного диска. - Образ диска восстановления создан и сохранён в файле: %s\n\nСейчас вам нужно записать этот образ на CD или DVD.\n\nЗапустить программу записи оптических дисков Windows?\n\nЗаписав диск восстановления на CD/DVD, выберите 'Система' > 'Проверить диск восстановления', чтобы убедиться в корректности записи созданного диска. - Чтобы проверить диск восстановления VeraCrypt, вставьте его в CD/DVD-накопитель и нажмите OK. - Диск восстановления VeraCrypt проверен. Всё в порядке. - Невозможно проверить правильность записи диска восстановления.\n\nЕсли вы записали диск восстановления, выньте CD/DVD из накопителя и вставьте снова; затем нажмите 'Далее', чтобы повторить попытку. Если это не поможет, попробуйте воспользоваться другим ПО для записи CD/DVD и/или другим CD/DVD.\n\nЕсли вы пытались проверить диск восстановления VeraCrypt, созданный с другим мастер-ключом, паролем, солью и т.д., знайте, что такой диск восстановления не пройдёт эту проверку никогда. Чтобы создать новый диск восстановления, полностью совместимый с текущей конфигурацией, выберите меню 'Система' > 'Создать диск восстановления'. - ISO-образ диска восстановления VeraCrypt прошёл проверку успешно. - ISO-образ диска восстановления VeraCrypt не прошёл проверку.\n\nЕсли вы пытались проверить ISO-образ, созданный для других мастер-ключа, пароля, соли и т.д., то учтите, что проверка такого ISO-образа будет всегда давать ошибку. Чтобы создать новый ISO-образ диска восстановления, полностью совместимый с текущей конфигурацией, выберите 'Система' > 'Создать диск восстановления'. - Ошибка создания диска аварийного восстановления VeraCrypt. - Диск восстановления VeraCrypt нельзя создавать при запущенной скрытой операционной системе.\n\nЧтобы создать диск восстановления, загрузите обманную операционную систему, а затем выберите 'Система' > 'Создать диск восстановления'. - Невозможно проверить правильность записи диска восстановления.\n\nЕсли вы записали диск восстановления, выньте CD/DVD из накопителя и вставьте снова; затем нажмите 'Далее', чтобы повторить попытку. Если это не поможет, попробуйте воспользоваться другим носителем%s.\n\nЕсли вы пока ещё не записали диск восстановления, сделайте это, после чего нажмите 'Далее'.\n\nЕсли вы пытались проверить диск восстановления VeraCrypt, созданный ДО запуска этого мастера, знайте, что такой диск восстановления использовать нельзя, поскольку он был создан с другим мастер-ключом. Вам нужно записать на CD/DVD заново созданный диск восстановления. - и/или другим ПО для записи CD/DVD - Системные избранные тома VeraCrypt - Что такое 'системные избранные тома'? - Системный раздел/диск не зашифрован.\n\nСистемные избранные тома можно монтировать только с помощью пароля дозагрузочной аутентификации.\nПоэтому если вы хотите использовать системные избранные тома, сначала зашифруйте системный раздел/диск. - Прежде чем продолжить, размонтируйте том. - ОШИБКА: Невозможно установить таймер. - Проверить файловую систему - Исправить файловую систему - Добавить в избранные... - Добавить в системные избранные... - Сво&йства... - Скрытый том защищён - Н/П - Да - Нет - Отключено - 1 - 2 и более - Режим операции - Метка: - Размер: - Путь: - Буква диска: - Ошибка! Пароль должен содержать только символы стандартного набора ASCII.\n\nСимволы не из набора ASCII могут привести к невозможности монтирования тома при смене настроек в конфигурации системы.\n\nРазрешается использовать следующие символы:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Внимание! Пароль содержит символы не из набора ASCII. Это может привести к невозможности монтирования тома при смене конфигурации системы.\n\nВам следует заменить все не относящиеся к ASCII символы в пароле на символы ASCII. Для этого в меню 'Тома' выберите 'Изменить пароль тома'.\n\nК символам ASCII относятся:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - ВНИМАНИЕ: Настоятельно рекомендуется избегать расширений, используемых для исполняемых файлов (таких, как .exe, .sys или .dll) или других, которые могут быть источником потенциальных проблем. Использование таких файловых расширений часто приводит к влиянию на контейнер со стороны Windows и антивирусных программ, что снижает производительность тома и также может привести к другим серьёзным проблемам.\n\nНастоятельно рекомендуем вам удалить это расширение или изменить его (например на '.hc').\n\nВы настаиваете на использовании этого проблематичного расширения файла? - ВНИМАНИЕ: Этот контейнер имеет расширение, используемое для исполняемых файлов (таких, как .exe, .sys или .dll) или других, которые могут быть источником потенциальных проблем. Вероятнее всего это приведёт к влиянию на данный контейнер со стороны Windows и антивирусного ПО, что снизит производительность тома и может вызвать другие серьёзные проблемы.\n\nНастоятельно рекомендуем вам удалить это расширение у файла-контейнера или изменить его (например на '.hc') после размонтирования тома. - Домашняя страница - ВНИМАНИЕ: В системе не установлено ни одного пакета обновлений (Service Pack) Windows. Если в Windows XP не установлен Service Pack 1 (или новее), не следует выполнять запись на диски IDE объёмом более 128 ГБ, иначе возможно повреждение данных (неважно, относятся они к тому VeraCrypt или нет). Это ограничение Windows, а не ошибка в VeraCrypt. - ВНИМАНИЕ: В системе не установлен пакет обновлений Windows Service Pack 3 (или новее). Если в Windows 2000 не установлен Service Pack 3 (или новее), не следует выполнять запись на диски IDE объёмом более 128 ГБ, иначе возможно повреждение данных (неважно, относятся они к тому VeraCrypt или нет). Это ограничение Windows, а не ошибка в VeraCrypt. Кроме того, может потребоваться включить в реестре поддержку 48-бит адресации LBA; подробности см. на http://support.microsoft.com/kb/305098/EN-US - ВНИМАНИЕ: В системе отключена поддержка 48-бит LBA ATAPI. Поэтому не следует выполнять запись на IDE-диски объёмом более 128 ГБ! В противном случае это может привести к повреждению данных на диске (будь это том VeraCrypt или обычный раздел). Это ограничение Windows, никакого отношения к VeraCrypt не имеющее.\n\nЧтобы включить поддержку 48-бит режима LBA, добавьте в реестр в ключ HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters значение 'EnableBigLba' и установите его значение в 1.\n\nСм. подробности тут: http://support.microsoft.com/kb/305098 - ОШИБКА: Файлы объёмом более 4 ГБ нельзя сохранять в файловой системе FAT32. Поэтому тома VeraCrypt на основе файлов (контейнеры), хранящиеся в файловой системе FAT32, не могут быть больше 4 ГБ.\n\nЕсли вам нужен том большего объёма, создайте его в системе NTFS (либо, если вы пользуетесь Windows Vista SP1 или новее, в файловой системе exFAT), либо вместо создания тома на основе файла зашифруйте весь раздел диска. - ВНИМАНИЕ: Windows XP не поддерживает файлы больше 2048 ГБ (сообщая о недостатке свободного места). Поэтому тома VeraCrypt на основе файлов (контейнеры) объёмом свыше 2048 ГБ в Windows XP создавать нельзя.\n\nТем не менее, в Windows XP можно зашифровать диск целиком или создать том VeraCrypt на основе раздела размером более 2048 ГБ. - ВНИМАНИЕ: Если вам нужно впоследствии добавлять во внешний том ещё данные/файлы, следует позаботиться об уменьшении размера скрытого тома.\n\nВы хотите продолжить и использовать указанный вами размер? - Не выбран том.\n\nНажмите кнопку 'Устройство' или 'Файл' и выберите том VeraCrypt. - Не выбран раздел.\n\nНажмите кнопку 'Устройство' и выберите несмонтированный раздел, который требует дозагрузочной аутентификации (например раздел на зашифрованном системном диске с другой, не выполняемой сейчас ОС, или зашифрованный системный раздел другой ОС).\n\nПримечание: выбранный раздел будет смонтирован как обычный том VeraCrypt без дозагрузочной аутентификации. Это может понадобиться, например, для резервного копирования или починки. - ВНИМАНИЕ: Если установлены и активированы ключевые файлы по умолчанию, монтировать НЕ использующие их тома будет невозможно. При монтировании таких томов не забывайте выключать опцию 'Ключевые файлы' (ниже поля ввода пароля).\n\nВы действительно хотите сохранить выбранные ключевые файлы/пути как используемые по умолчанию? - Автомонтирование устройств - Размонтировать все - Очистка кэша - Размонтировать все и очистить кэш - Сразу размонтировать все и очистить кэш - Сразу размонтировать все, очистить кэш и выйти - Смонтировать избранные тома - Показать/скрыть главное окно VeraCrypt - (щёлкните здесь и нажмите клавишу) - Действие - Быстрый вызов - Ошибка! Эта горячая клавиша зарезервирована. Выберите другую. - Ошибка! Эта горячая клавиша уже используется. - ВНИМАНИЕ: Некоторые общесистемные горячие клавиши VeraCrypt не будут работать!\n\nПроверьте, не используются ли те же клавиши другими приложениями или операционной системой. - Создание файла подкачки предотвращено.\n\nОбратите внимание, что из-за свойств Windows файлы подкачки не могут располагаться на несистемных томах VeraCrypt (включая избранные системные тома). VeraCrypt поддерживает создание файлов подкачки только на зашифрованном системном разделе/диске. - Из-за ошибки или несовместимости VeraCrypt не может зашифровать файл спящего режима (hibernation). Поэтому спящий режим отключён.\n\nПримечание: когда компьютер переходит в режим сна (или в энергосберегающий ждущий режим), содержимое его системной памяти записывается на жёсткий диск в файл с данными спящего режима. VeraCrypt не может предотвратить сохранение открытых в ОЗУ ключей шифрования и содержимого важных файлов в незашифрованном виде в файле с данными спящего режима. - Гибернация отменена.\n\nVeraCrypt не поддерживает гибернацию скрытых операционных систем, использующих дополнительный загрузочный раздел. Учтите, что загрузочный раздел используется как обманной, так и скрытой системами. Поэтому для предотвращения утечки данных и проблем при выходе из гибернации VeraCrypt запретил скрытой системе запись в общий загрузочный раздел и гибернацию. - Том VeraCrypt, смонтированный как %c:, размонтирован. - Тома VeraCrypt размонтированы. - Смонтированные тома VeraCrypt размонтированы, кэш паролей очищен. - Успешно размонтировано - ВНИМАНИЕ: Если запретить работу VeraCrypt в фоновом режиме, то будут отключены следующие функции:\n\n1) Горячие клавиши\n2) Автоматическое размонтирование (например при завершении сеанса, случайном удалении хост-устройства, истечении времени ожидания и т.д.)\n3) Автомонтирование избранных томов\n4) Оповещения (например о предотвращении повреждения скрытого тома)\n5) Значок в системном лотке\n\nПримечание: фоновый процесс можно завершить в любой момент, щёлкнув правой кнопкой мыши на значке VeraCrypt в системном лотке и выбрав пункт 'Выход'.\n\nВы действительно хотите преманентно запретить работу VeraCrypt в фоновом режиме? - ВНИМАНИЕ: Если выключить этот параметр, станет невозможно автоматически размонтировать тома, содержащие открытые файлы/папки.\n\nВы действительно хотите выключить этот параметр? - ВНИМАНИЕ: Тома с открытыми файлами/папками НЕ будут автоматически размонтироваться.\n\nЧтобы избежать такого эффекта, включите в этом окне следующий параметр: 'Авторазмонтировать тома даже при открытых файлах/папках' - ВНИМАНИЕ: Если уровень заряда батареи в ноутбуке мал, Windows может пренебрегать отправкой соответствующих сообщений в выполняющиеся приложения при входе компьютера в энергосберегающий режим. Поэтому в таких случаях авторазмонтирование томов в VeraCrypt может не сработать. - Вы запланировали шифрование раздела/тома. Этот процесс пока ещё не завершён.\n\nХотите возобновить процесс сейчас? - Вы запланировали шифрование или дешифрование системного раздела/диска. Этот процесс пока ещё не завершён.\n\nХотите начать (продолжить) процесс сейчас? - Выдавать запрос о том, хотите ли вы продолжить запланированные в данный момент операции шифрования несистемных разделов/томов? - Да, спросить - Нет, не спрашивать - ВАЖНО: Не забывайте, что вы можете продолжить шифрование любого несистемного раздела/тома, выбрав в меню главного окна VeraCrypt пункт 'Тома' > 'Продолжить прерванный процесс'. - Вы запланировали шифрование или дешифрование системного раздела/диска, но не пройдена (или была пропущена) дозагрузочная аутентификация.\n\nПримечание: при дешифровании системного раздела/диска в дозагрузочном окружении может потребоваться финализация процесса путём выбора команды 'Система' > 'Перманентно расшифровать системный раздел/диск' в меню главного окна VeraCrypt. - ВНИМАНИЕ: Если закрыть VeraCrypt сейчас, будут отключены следующие функции:\n\n1) Горячие клавиши\n2) Автоматическое размонтирование (например при завершении сеанса, случайном удалении хост-устройства, истечении времени ожидания и т.д.)\n3) Автомонтирование избранных томов\n4) Оповещения (например о предотвращении повреждения скрытого тома)\n\nПримечание: если вы не хотите, чтобы после закрытия окна VeraCrypt программа продолжала работать в фоновом режиме, выключите соответствующий параметр в её настройках (а также, если это необходимо, автозапуск VeraCrypt).\n\nВы действительно хотите закрыть VeraCrypt? - Выход? - VeraCrypt не обладает достаточной информацией, чтобы определить, какую операцию выполнить - шифрование или дешифрование. - VeraCrypt не обладает достаточной информацией, чтобы определить, какую операцию выполнить - шифрование или дешифрование.\n\nПримечание: при дешифровании системного раздела/диска в дозагрузочном окружении может потребоваться финализировать процесс, нажав Decrypt. - Примечание: если вы шифруете несистемный раздел/диск 'на месте' и не можете завершить процесс из-за какой-либо постоянно повторяющейся ошибки, вы не сможете смонтировать этот том (и получить доступ к хранящимся в нём данным), пока полностью не РАСШИФРУЕТЕ этот том (т.е. выполните обратный процесс).\n\nЭто можно сделать так:\n1) Выйдите из этого мастера.\n2) В главном окне VeraCrypt выберите 'Тома' > 'Продолжить прерванный процесс'.\n3) Выберите 'Дешифрация'. - Вы хотите прервать процесс шифрования раздела/тома, отложив его на будущее?\n\nПримечание: помните, что пока том не будет полностью зашифрован, его нельзя смонтировать. Позже процесс шифрования можно будет возобновить с той точки, где он был остановлен. Это можно сделать, например, выбрав команду 'Тома' > 'Продолжить прерванный процесс' в меню главного окна VeraCrypt. - Хотите прервать и отложить процесс шифрования системного раздела/диска?\n\nПримечание: позже процесс можно будет возобновить с той точки, где он был остановлен. Это можно сделать, например, выбрав в главном окне VeraCrypt меню 'Система' > 'Продолжить прерванный процесс'. Если вы хотите окончательно прервать процесс или совсем отказаться от шифрования, выберите 'Система' > 'Перманентно расшифровать системный раздел/диск'. - Хотите прервать и отложить процесс дешифрования системного раздела/диска?\n\nПримечание: позже процесс можно будет возобновить с той точки, где он был остановлен. Это можно сделать, например, выбрав в главном окне VeraCrypt меню 'Система' > 'Продолжить прерванный процесс'. Если вы хотите отказаться от дешифрования (и начать шифрование), выберите 'Система' > 'Зашифровать системный раздел/диск'. - Ошибка! Не удалось прервать шифрование/дешифрование системного раздела/диска. - Ошибка! Невозможно прервать процесс очистки (затирания данных). - Ошибка! Не удалось возобновить прерванное шифрование/дешифрование системного раздела/диска. - Ошибка! Невозможно начать процесс очистки (затирания данных). - Несоответствие устранено.\n\n\n(Если вы сообщаете нам о связанной с этим ошибке, включите в свой отчёт следующую техническую информацию: %hs) - Ошибка! Неизвестное состояние.\n\n\n(Если вы сообщаете нам о связанной с этим ошибке, включите в свой отчёт следующую техническую информацию: %hs) - Нет прерванных процессов шифрования/дешифрования системного раздела/диска, которые можно продолжить.\n\nПримечание: чтобы возобновить прерванный процесс шифрования/дешифрования несистемного раздела/диска, выберите 'Тома' > 'Возобновить прерванный процесс'. - ВНИМАНИЕ: Фоновый процесс VeraCrypt отключён. При выходе из VeraCrypt вы не будете извещены о предотвращении повреждения скрытого тома.\n\nПримечание: фоновый процесс можно закрыть в любой момент, щёлкнув правой кнопкой мыши на значке VeraCrypt в системном лотке и выбрав 'Выход'.\n\nВключить фоновый процесс VeraCrypt? - Версия языкового модуля: %s - Проверка файловой системы тома VeraCrypt, смонтированного как %s... - Попытка исправить файловую систему тома VeraCrypt, смонтированного как %s... - ВНИМАНИЕ: Этот том зашифрован с использованием устаревшего алгоритма.\n\nВсе алгоритмы шифрования с 64-бит блоками (например Blowfish, CAST-128, Triple DES) вышли из употребления. В последующих версиях VeraCrypt монтирование этого тома будет возможно, однако никаких улучшений в реализации этих устаревших алгоритмов шифрования не предвидится. Рекомендуем вам создать новый том VeraCrypt с шифрованием по алгоритму со 128-бит блоками (например AES, Serpent, Twofish и др.) и перенести все файлы из этого тома в новый. - Ваша система не настроена на автомонтирование новых томов. Монтирование томов VeraCrypt на основе устройств может оказаться невозможным. Чтобы включить автомонтирование, выполните следующую команду и перезагрузите систему:\n\nmountvol.exe /E - Прежде чем продолжить, присвойте разделу/устройству букву диска ('Панель управления' > 'Администрирование' > 'Управление компьютером' - 'Управление дисками').\n\nПримечание: это требование операционной системы. - Смонтировать том VeraCrypt - Размонтировать все тома VeraCrypt - VeraCrypt не может получить права администратора. - Доступ запрещён операционной системой.\n\nВозможная причина: для чтения/записи данных в некоторых папках, файлах и устройствах операционная система требует у вас наличия прав чтения/записи system (привилегий администратора). По умолчанию пользователю без прав администратора разрешается создавать читать и изменять файлы лишь в папке с его документами ('Мои документы'). - Ошибка! Выбранное устройство использует сектора неподдерживаемого размера.\n\nВ настоящий момент невозможно создавать разделы/тома на основе устройств на дисках с секторами размером более 4096 байт. Однако на таких дисках можно создать тома (контейнеры) на основе файлов. - В настоящий момент невозможно зашифровать систему, установленную на диске с секторами размером отличным от 512 байт. - Для загрузчика VeraCrypt необходимо не менее 32 КБ свободного места в начале системного диска (загрузчик VeraCrypt должен располагаться в этой области). Ваш диск этому условию не удовлетворяет.\n\nПожалуйста, НЕ сообщайте нам об этом как об ошибке/проблеме в работе VeraCrypt. Чтобы решить эту проблему, вам нужно переразметить свой диск, оставив свободными первые 32 КБ (в большинстве случаев достаточно удалить и вновь создать первый раздел). Рекомендуем использовать для этого диспетчер разделов Microsoft, устанавливаемый вместе с Windows. - Эта функция не поддерживается операционной системой той версии, которую вы сейчас используете. - В этой версии операционной системы VeraCrypt не поддерживает шифрование системного раздела/диска. - Чтобы зашифровать системный раздел/диск в Windows Vista, сначала нужно установить пакет обновления Service Pack 1 для Windows Vista или более новый (в вашей системе он пока не установлен).\n\nПримечание: Service Pack 1 для Windows Vista устраняет проблему с нехваткой основной памяти при загрузке системы. - VeraCrypt больше не поддерживает шифрование системного раздела/диска в Windows Vista без установленного пакета обновления (Service Pack). Прежде чем обновить VeraCrypt, установите Service Pack 1 (или новее) для Windows Vista. - Ошибка! Чтобы воспользоваться этой функцией, нужно, чтобы VeraCrypt был УСТАНОВЛЕН в компьютере (сейчас VeraCrypt работает в 'переносном' режиме).\n\nУстановите (инсталлируйте) VeraCrypt и повторите попытку. - ВНИМАНИЕ: Похоже, Windows не установлена на диске, с которого она загружается. Это не поддерживается.\n\nВам следует продолжить, только если вы уверены, что Windows установлена на том же диске, с которого она загружается.\n\nПродолжить? - Ваш системный диск имеет таблицу разделов GUID (GPT). В настоящий момент поддерживаются только диски с таблицей разделов MBR. - ОСТОРОЖНО: На системном диске уже установлен загрузчик VeraCrypt!\n\nВозможно, в вашем компьютере имеется другая уже зашифрованная система.\n\nВНИМАНИЕ: В СЛУЧАЕ ПРОДОЛЖЕНИЯ ШИФРОВАНИЯ ТЕКУЩЕЙ СИСТЕМЫ ЕСТЬ ВЕРОЯТНОСТЬ, ЧТО ДРУГИЕ СИСТЕМЫ НЕ СМОГУТ ЗАГРУЖАТЬСЯ, А ОТНОСЯЩИЕСЯ К НИМ ДАННЫЕ СТАНУТ НЕДОСТУПНЫМИ.\n\nВы действительно хотите продолжить? - Ошибка восстановления исходного загрузчика системы.\n\nИспользуйте диск восстановления VeraCrypt ('Repair Options' > 'Restore original system loader') или установочный диск Windows, чтобы заменить загрузчик VeraCrypt системным загрузчиком Windows. - Исходный системный загрузчик не будет сохранён на диске восстановления (возможная причина: нет файла с резервной копией). - Ошибка записи сектора MBR.\n\nBIOS в вашем ПК может быть настроена на защиту сектора MBR. Проверьте в настройках BIOS (нажмите клавишу F2, Delete или Esc сразу после включения компьютера), не включена ли антивирусная/MBR защита. - ВНИМАНИЕ: Ошибка контрольной суммы загрузчика VeraCrypt!\nВозможно, была попытка подделки информации на диске (атака "Evil Maid").\n\nЭто предупреждение также может появиться, если вы восстановили загрузчик VeraCrypt с помощью диска восстановления, созданного другой версией VeraCrypt.\n\nРекомендуем немедленно изменить пароль, что одновременно восстановит нормальный загрузчик VeraCrypt. Также стоит переустановить VeraCrypt и принять меры по ограничению доступа к этому ПК нежелательных лиц. - Загрузчик VeraCrypt (Boot Loader) нужной версии сейчас не установлен. Это может препятствовать сохранению ряда установок. - Примечание: иногда бывает нужно, чтобы посторонний (неприятель), наблюдающий за стартом ПК, не знал, что вы пользуетесь VeraCrypt. Эти параметры позволяют изменить экран загрузки VeraCrypt. Если включить первую опцию, экран загрузчика будет пустым (даже при вводе неправильного пароля). При вводе пароля ПК будет выглядеть "зависшим". Кроме того, чтобы ввести неприятеля в заблуждение, можно включить вывод своего сообщения. Например, отображать ложные сообщения об ошибках вроде "Missing operating system" (обычно это выводит загрузчик Windows, когда не может найти загрузочный раздел Windows). Важно, однако, помнить, что если неприятель сможет проанализировать содержимое жёсткого диска, то он сумеет найти на нём загрузчик VeraCrypt. - ВНИМАНИЕ: Если вы включите эту опцию, загрузчик VeraCrypt не будет выводить на экран никаких сообщений (даже если вы укажете неправильный пароль). При вводе пароля компьютер будет выглядеть "зависшим" (не реагирующим), курсор НЕ будет перемещаться, а нажатия клавиш НЕ будут сопровождаться показом звёздочек.\n\nВы действительно хотите включить эту опцию? - Судя по всему, системный раздел/диск уже полностью зашифрован. - VeraCrypt не поддерживает шифрование системного диска, который был преобразован в динамический диск. - Системный диск содержит расширенные (логические) разделы.\n\nВы можете зашифровать весь системный диск, содержащий расширенные (логические) разделы, только в Windows Vista и более новых версиях Windows. В Windows XP зашифровать весь системный диск можно при условии, что он содержит только первичные разделы.\n\n!!! Тем не менее, вместо всего системного диска вы можете зашифровать системный раздел (а также создавать тома VeraCrypt на основе разделов внутри любых несистемных разделов на диске). - ВНИМАНИЕ: Так как вы работаете в Windows XP/2003, после запуска шифрования диска на нём НЕЛЬЗЯ создавать расширенные (логические) разделы (разрешается создавать только первичные разделы). Любой расширенный (логический) раздел на диске после начала шифрования станет недоступным (сейчас на диске нет таких разделов).\n\nПримечание: если это ограничение для вас неприемлемо, вернитесь и выберите шифрование только системного раздела, а не всего диска (также вы можете создать тома VeraCrypt на основе разделов внутри любых не-системных разделов на диске).\n\nЕсли данное ограничение вам не подходит, вы можете перейти на Windows Vista или более новую версию Windows (шифрование всего системного диска, содержащего расширенные/логические разделы, доступно только в Windows Vista или более новых версиях). - Системный диск содержит нестандартный раздел.\n\nЕсли вы используете ноутбук, на системном диске, вероятно, находится особый раздел для восстановления. После шифрования всего системного диска (включая любой раздел для восстановления) вы можете лишиться возможности загрузить ОС, если в вашем ПК - не вполне корректная BIOS. Также, пока не будет дешифрован системный диск, может оказаться невозможным использовать раздел для восстановления. Поэтому рекомендуем вам шифровать только системный раздел. - Хотите зашифровать вместо всего диска только системный раздел?\n\nОбратите внимание, что вы можете создавать тома VeraCrypt на основе разделов внутри любых не-системных разделов на диске (в добавок к шифрованию системного раздела). - Поскольку системный диск содержит только один раздел, занимающий весь диск, предпочтительнее (более безопасно) зашифровать весь диск, включая свободное "резервное" место, которое обычно окружает такой раздел.\n\nХотите зашифровать весь системный диск? - Ваша система настроена так, что временные файлы хранятся на несистемном разделе.\n\nВременные файлы должны храниться только на системном разделе. - Файлы вашего профиля пользователя не хранятся на системном разделе.\n\nЭти файлы должны храниться только на системном разделе. - На несистемных разделах имеются файлы подкачки.\n\nФайлы подкачки должны находиться только на системном разделе. - Настроить Windows так, чтобы файлы подкачки создавались только на разделе с Windows?\n\nПри нажатии 'Да' компьютер будет перезагружен. После этого запустите VeraCrypt и снова попробуйте создать скрытую ОС. - В противном случае это неблагоприятно скажется на правдоподобности отрицания наличия скрытой ОС.\n\nПримечание: если неприятель проанализирует содержимое таких файлов (находящихся на несистемном разделе), то сможет узнать, что вы пользовались этим мастером в режиме создания скрытой системы (что натолкнёт его на мысль о наличии скрытой ОС в вашем ПК). Также учтите, что такие файлы, хранящиеся на системном разделе, будут надёжно удалены VeraCrypt при создании скрытой ОС. - ВНИМАНИЕ: Во время создания скрытой ОС вам потребуется полностью переустановить текущую ОС (чтобы безопасно создать обманную систему).\n\nПримечание: запущенная в данный момент ОС и всё содержимое системного раздела будут скопированы в скрытый том (чтобы создать скрытую систему).\n\n\nВы уверены, что сможете установить Windows с помощью установочного носителя (или со служебного раздела)? - В целях безопасности, если запущенная в данный момент ОС требует активации, она должна быть активирована перед тем, как вы продолжите. Скрытая ОС будет создана путём копирования содержимого системного раздела в скрытый том (поэтому если эта ОС не активирована, то не будет активирована и скрытая). Подробности см. в разделе "Требования безопасности и меры предосторожности касательно скрытых томов" в документации VeraCrypt.\n\nВажно: перед продолжением обязательно ознакомьтесь с главой "Требования безопасности и меры предосторожности касательно скрытых томов" в Руководстве пользователя VeraCrypt.\n\n\nУдовлетворяет ли выполняемая в данный момент ОС указанному выше условию? - Ваша система использует дополнительный загрузочный раздел. VeraCrypt не поддерживает гибернацию скрытых операционных систем, использующих дополнительный загрузочный раздел (гибернация обманных систем никаких проблем не составляет).\n\nУчтите, что загрузочный раздел используется как обманной, так и скрытой системами. Поэтому для предотвращения утечки данных и проблем с выходом из гибернации VeraCrypt запретил скрытой системе запись в общий загрузочный раздел и гибернацию.\n\n\nХотите продолжить? При ответе 'Нет' вам будут даны инструкции, как удалить дополнительный загрузочный раздел. - \nДополнительный загрузочный раздел можно удалить до установки Windows. Для этого выполните следующие действия:\n\n1) Загрузите Windows с установочного компакт-диска.\n\n2) На экране установки Windows нажмите 'Install now' > 'Custom (advanced)'.\n\n3) Нажмите 'Drive Options'.\n\n4) Выберите основной системный раздел и удалите его, нажав 'Delete' и OK.\n\n5) Выберите раздел 'System Reserved', нажмите 'Extend' и увеличьте его размер в соответствии с устанавливаемой ОС.\n\n6) Нажмите 'Apply' и OK.\n\n7) Установите Windows в раздел 'System Reserved'.\n\n\nЕсли неприятель спросит вас, зачем вы удалили дополнительный загрузочный раздел, вы можете ответить, что хотели предотвратить возможность утечки данных в незашифрованный загрузочный раздел.\n\n!!! Чтобы распечатать этот текст, нажмите кнопку 'Печать' ниже. Если вы сохраните или распечатаете копию этого текста (это настоятельно рекомендуется сделать, если только ваш принтер не хранит копии заданий на своём внутреннем накопителе), то после удаления дополнительного загрузочного раздела все копии данного текста следует уничтожить (иначе если такую копию обнаружат, это может навести на мысль о наличии в ПК скрытой ОС). - Внимание! Между системным разделом и первым разделом за ним имеется нераспределённое место. После создания скрытой операционной системы вы не должны создавать в этой нераспределённой области никаких новых разделов. В противном случае скрытая ОС не сможет загрузиться (до тех пор, пока не будут удалены такие вновь созданные разделы). - В данный момент этот алгоритм для шифрования системы не поддерживается. - Этот алгоритм не поддерживается в режиме TrueCrypt. - PIM (персональный умножитель итераций) не поддерживается в режиме TrueCrypt. - Для использования указанного PIM пароль должен быть не короче 20 символов.\nБолее короткие пароли можно применять только с PIM, равным 485 или более. - Для использования с выбранным PIM пароль дозагрузочной аутентификации должен содержать 20 и более символов.\nБолее короткие пароли можно использовать только с PIM, равным 98 или более. - В настоящий момент ключевые файлы для шифрования системы не поддерживаются. - Внимание! VeraCrypt не может восстановить первоначальную раскладку клавиатуры. Это может привести к неправильному вводу пароля. - Ошибка! Невозможно установить раскладку клавиатуры для VeraCrypt в стандартную американскую (US).\n\nОбратите внимание, что пароль вводится ДО загрузки Windows, когда любые раскладки клавиатуры, отличающиеся от американской, ещё недоступны. Поэтому пароль всегда должен вводиться при стандартной американской раскладке. - Поскольку VeraCrypt временно изменил раскладку клавиатуры на стандартную американскую, ввод символов при нажатой правой клавише Alt невозможен. Тем не менее, большинство таких символов можно ввести соответствующими клавишами при нажатой клавише Shift. - Изменение раскладки клавиатуры заблокировано VeraCrypt. - Примечание: пароль вводится ДО загрузки Windows, когда любые раскладки клавиатуры, отличающиеся от американской, ещё недоступны. Поэтому пароль всегда должен вводиться при стандартной американской раскладке. Важно учитывать, что вам НЕ нужно иметь настоящую американскую клавиатуру. VeraCrypt автоматически обеспечивает вам безопасный ввод пароля (прямо сейчас и на стадии перед загрузкой ОС), даже если у вас НЕ настоящая американская клавиатура. - Прежде чем приступить к шифрованию раздела/диска, нужно создать диск восстановления VeraCrypt Rescue Disk (VRD), обеспечивающий следующее:\n\n- В случае повреждения загрузчика VeraCrypt, мастер-ключа или других критических данных, VRD позволяет их восстановить (при этом всё равно надо будет ввести правильный пароль).\n- При повреждении и невозможности загрузки Windows, VRD позволяет перманентно расшифровать раздел/диск перед стартом Windows.\n- VRD содержит резервную копию текущего содержимого первого цилиндра диска (в котором обычно находится системный загрузчик или менеджер загрузки) и позволяет восстановить его.\n\nISO-образ диска восстановления VeraCrypt будет создан тут: - После нажатия OK будет запущено средство записи образов дисков Windows. Запишите с её помощью ISO-образ диска восстановления VeraCrypt на CD или DVD.\n\nЗатем вернитесь в окно мастера создания томов VeraCrypt и следуйте инструкциям. - Образ диска восстановления создан и сохранён в файле: %s\n\nСейчас вам нужно записать этот образ на CD или DVD.\n\n%lsПосле записи диска восстановления нажмите 'Далее', чтобы проверить, корректно ли он был записан. - Образ диска восстановления создан и сохранён в этом файле: %s\n\nСейчас вам следует либо записать (прожечь) диск восстановления на CD/DVD, либо переместить его ISO-образ в безопасное место для использования в дальнейшем.\n\n%lsНажмите 'Далее' для продолжения. - ВАЖНО: Файл-образ должен быть записан на CD/DVD как ISO-образ диска (а не как отдельный файл). О том, как это сделать, см. документацию на ваше ПО для записи CD/DVD. Если у вас нет программы, способной записать ISO-образ на CD/DVD, щёлкните по ссылке ниже, чтобы загрузить такое бесплатное ПО.\n\n - Запустить средство записи образов дисков Windows - ВНИМАНИЕ: Если ранее вы уже создавали диск восстановления VeraCrypt, вы не сможете им воспользоваться снова для этого системного раздела/диска, так как он был создан для другого мастер-ключа! При каждом шифровании системного раздела/диска нужно создавать новый диск восстановления VeraCrypt, даже если вы используете тот же самый пароль. - Ошибка! Невозможно сохранить установки системного шифрования. - Невозможно инициировать пре-тест системного шифрования. - Невозможно начать процесс создания скрытой операционной системы. - Режим очистки - На ряде перезаписываемых носителей перезаписанные данные можно восстановить с помощью спецтехник (магнитно-силовая микроскопия). Это относится и к данным, перезаписанным в зашифрованном виде (когда VeraCrypt шифрует незашифрованный системный раздел/диск). Восстановление перезаписанных данных можно предотвратить (или сильно осложнить) перезаписью псевдослучайными или определёнными неслучайными данными некоторое число раз. Если ваши неприятели могут применить подобные методы для восстановления данных, которые вы собираетесь зашифровать, выберите один из режимов очистки (имеющиеся данные НЕ будут уничтожены). После шифрования раздела/диска очистка НЕ выполняется. Когда раздел/диск полностью зашифрован, никакие незашифрованные данные на него не записываются. Любые данные сначала шифруются на лету в памяти, и лишь затем сохраняются (зашифрованными) на диске. - На ряде перезаписываемых носителей перезаписанные данные (например когда данные удалены) можно восстановить с помощью спецтехник (магнитно-силовая микроскопия). Восстановление перезаписанных данных можно предотвратить (или сильно осложнить) перезаписью псевдослучайными или определёнными неслучайными данными некоторое число раз. Если ваши неприятели могут применить подобные техники для восстановления данных, которые должны быть удалены, выберите один из многопроходных режимов очистки.\n\nПримечание: чем больше проходов, тем дольше длится стирание данных. - Очистка - \nПримечание: вы можете прервать процесс очистки, выключить компьютер, снова запустить скрытую систему и затем продолжить очистку (этот мастер запустится автоматически). Однако в случае прерывания весь процесс очистки придётся начать сначала. - \n\nПримечание: если прервать очистку, а затем попытаться возобновить этот процесс, то его придётся выполнить с самого начала. - Вы хотите отменить очистку (затирание данных)? - Внимание! Содержимое всего выбранного раздела/устройства будет уничтожено. - Всё содержимое раздела, где находится исходная система, будет уничтожено.\n\nПримечание: всё содержимое раздела, подлежащего стиранию, было скопировано в этот скрытый системный раздел. - ВНИМАНИЕ: Если выбрать, например, трёхпроходную очистку, время шифрования диска/раздела увеличится в четыре раза. Аналогично, при выборе 35-проходного режима время увеличится в 36 раз (и может составить несколько недель).\n\nУчтите, однако, что очистка НЕ выполняется после того, как раздел/диск зашифрован. Когда раздел/диск полностью зашифрован, никаких незашифрованных данных на него не записывается. Любые записываемые на него данные сначала шифруются на лету в памяти, и только затем сохраняются (в зашифрованном виде) на диске (т.е. на производительности это НЕ отражается).\n\nВы действительно хотите использовать режим очистки? - Нет (самый быстрый) - 1 проход (случайные данные) - 3 прохода (US DoD 5220.22-M) - 7 проходов (US DoD 5220.22-M) - 35 проходов ("Gutmann") - 256 проходов - Число операционных систем - ВНИМАНИЕ: Неопытным пользователям не следует пытаться шифровать Windows в мультизагрузочных конфигурациях.\n\nПродолжить? - При создании/использовании скрытой операционной системы VeraCrypt поддерживает мультизагрузочные конфигурации только при соблюдении следующих условий:\n\n- работающая сейчас операционная система должна быть установлена на загрузочном диске, на котором не может быть других операционных систем;\n\n- операционные системы, установленные на других дисках, не должны использовать загрузчик, находящийся на диске, на котором установлена текущая операционная система.\n\nЭти условия соблюдены? - VeraCrypt не поддерживает эту мультизагрузочную конфигурацию при создании/использовании скрытой операционной системы. - Загрузочный диск - Работающая в данный момент операционная система установлена на загрузочном диске?\n\nПримечание: иногда Windows бывает установлена не на том диске, с которого она грузится (где находится загрузочный раздел). Если это ваш случай, то выберите 'Нет'. - В данный момент VeraCrypt не поддерживает шифрование операционной системы, которая загружается не с того же диска, на котором она установлена. - Число системных дисков - Сколько дисков содержит операционная система?\n\nПримечание: например, если одна операционная система (скажем, Windows, Mac OS X, Linux и т.д.) установлена у вас на первичном диске, а другая на вторичном, выберите '2 или более'. - В данный момент VeraCrypt не поддерживает шифрование всего диска, который содержит несколько операционных систем.\n\nВозможные варианты:\n\n- Вы можете зашифровать одну из систем, если вернётесь назад и выберите шифрование только одного системного раздела (а не всего системного диска).\n\n- Вы сможете зашифровать весь диск, если переместите некоторые системы на другие диски, оставив только одну ОС на диске, который хотите зашифровать. - Несколько систем на одном диске - На диске, где установлена текущая ОС, есть другие операционные системы?\n\nПримечание: например, если текущая ОС установлена на диске #0, содержащем несколько разделов, и если на одном из разделов находится Windows, а на другом - ещё одна ОС (скажем, Windows, Mac OS X, Linux и т.д.), то выберите 'Да'. - Не-Windows загрузчик - Установлен ли в главной загрузочной записи (MBR) не относящийся к Windows загрузчик (или загрузочный менеджер)?\n\nПримечание: например, если в первом цилиндре загрузочного диска содержится GRUB, LILO, XOSL или какой-то другой не относящийся к Windows загрузочный менеджер, выберите 'Да'. - Мультизагрузка - В настоящее время VeraCrypt не поддерживает мультизагрузочные конфигурации, где в главной загрузочной записи (MBR) установлен не относящийся к Windows загрузчик.\n\nВозможные варианты:\n\n- Если вы используете загрузочный менеджер для загрузки Windows и Linux, перенесите его (обычно это GRUB) из MBR в раздел. Затем запустите снова этот мастер и зашифруйте системный раздел/диск. Обратите внимание, что загрузчик VeraCrypt станет основным загрузочным менеджером и позволит вам запускать исходный загрузочный менеджер (скажем, GRUB) как вторичный (нажатием Esc при выводе экрана загрузчика VeraCrypt) и, таким образом, запускать Linux. - Если текущая ОС установлена на загрузочном разделе, то после его шифрования вам потребуется ввести правильный пароль, даже для запуска незашифрованных Windows-систем (так как они будут совместно использовать один и тот же зашифрованный загрузчик Windows).\n\nНапротив, если текущая ОС не установлена на загрузочном разделе (или загрузчик Windows не используется никакими иными системами), тогда после шифрования этой системы вам не надо вводить пароль для запуска других незашифрованных систем, достаточно будет просто нажать Esc (в случае нескольких незашифрованных систем также потребуется выбрать нужную в меню загрузчика VeraCrypt).\n\nПримечание: как правило, в загрузочном разделе бывает установлена наиболее ранняя версия Windows. - Шифрование защищённой области пользователя (HPA) - В конце многих дисков имеется область, в обычных условиях скрытая от операционной системы (эту область обычно называют Host Protected Area - защищённая область пользователя). Однако некоторые программы способны читать и записывать данные в таких областях.\n\nВНИМАНИЕ: Производители компьютеров (в частности, ноутбуков) могут использовать области HPA для хранения в них утилит и данных для RAID, восстановления системы, её настройки, диагностики и прочих нужд. Если такие утилиты или данные должны быть доступны перед загрузкой системы, скрытую область НЕ следует шифровать (выберите 'Нет').\n\nХотите, чтобы VeraCrypt обнаружил и зашифровал скрытую область (если таковая имеется) в конце системного диска? - Тип шифрования системы - Выберите эту опцию, если вы просто хотите зашифровать системный раздел или весь системный диск. - Может так случиться, что вас вынудят дешифровать ОС. Порой вы просто не сможете от этого отказаться (например при вымогательстве). Эта опция позволяет создать скрытую ОС, наличие которой должно быть невозможно определить (при условии соблюдения указанных ниже рекомендаций). Таким образом, дешифровать скрытую ОС или выдавать от неё пароль вам не придётся. Чтобы узнать подробности, щёлкните по ссылке ниже. - Может так случиться, что вас вынудят дешифровать ОС. Порой вы просто не сможете от этого отказаться (например при вымогательстве).\n\nC помощью этого мастера вы можете создать скрытую операционную систему, наличие которой должно быть невозможно определить (при условии соблюдения указанных ниже рекомендаций). Таким образом, дешифровать скрытую ОС или выдавать от неё пароль вам не придётся. - Скрытая операционная система - Сейчас вы создадите два тома (внешний и скрытый) в разделе, следующим за системным. Скрытый том будет содержать скрытую ОС, создаваемую копированием в него содержимого системного раздела (где установлена работающая сейчас ОС). Во внешний том нужно скопировать осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ требуется, чтобы обмануть того, кто вынудит вас сообщить пароль от скрытого системного раздела (можно будет выдать пароль для внешнего тома внутри скрытого системного раздела, наличие же скрытой ОС останется в тайне).\n\nА на системный раздел с работающей сейчас ОС вы установите новую, так называемую "обманную" ОС и зашифруете её. В ней не должно быть конфиденциальных файлов, она нужна, если вас вынудят сообщить дозагрузочный пароль. В итоге будет три пароля. Два из них (для обманной ОС и внешнего тома) можно сообщать неприятелю. Третий пароль - запуск скрытой ОС. - Поиск скрытых секторов - Подождите, VeraCrypt ищет скрытые сектора, которые могут присутствовать в конце системного диска. Это может занять продолжительное время.\n\nПримечание: в очень редких случаях на некоторых компьютерах во время этой операции система может перестать реагировать. В этом случае перезагрузите компьютер, запустите VeraCrypt, повторите предыдущие этапы, но пропустите этот этап поиска. Просим учесть, что данная проблема вызвана не ошибкой в VeraCrypt. - Область шифрования - Выберите эту опцию, если вы хотите зашифровать весь диск, где установлена ныне работающая Windows. Будет зашифрован весь диск, включая все его разделы, кроме первой дорожки, где находится загрузчик VeraCrypt. Для доступа к установленной на этом диске ОС или файлам на нём потребуется вводить пароль перед каждой загрузкой системы. Эту опцию нельзя применять для шифрования второго или внешнего диска, если Windows на нём не установлена или загружается не с него. - Сбор случайных данных - Сгенерированные ключи - VeraCrypt не удалось найти в компьютере записывающий CD/DVD-накопитель. Такой накопитель требуется VeraCrypt для записи загрузочного диска восстановления (VeraCrypt Rescue Disk) с копией ключей шифрования, загрузчика VeraCrypt, исходного системного загрузчика и др.\n\nМы настоятельно рекомендуем вам записать диск восстановления VeraCrypt. - Пишущего CD/DVD-накопителя нет, но я сохраню ISO-образ диска восстановления на сменном носителе (например на флэшке). - Я подключу пишущий CD/DVD-накопитель позже. Сейчас я хочу прервать процесс. - Пишущий CD/DVD-накопитель сейчас подключён к ПК. Продолжить и записать диск восстановления. - Сделайте следующее:\n\n1) Подключите к ПК сменный накопитель (например флэшку).\n\n2) Скопируйте на сменный накопитель файл-образ (%s) диска восстановления VeraCrypt.\n\nЕсли в будущем вам понадобится диск восстановления VeraCrypt, вы просто подключите сменный накопитель (с образом диска восстановления VeraCrypt) к ПК с пишущим CD/DVD-накопителем и запишете этот образ на CD или DVD. ВАЖНО: Учтите, что файл-образ диска восстановления VeraCrypt нужно записать на CD/DVD как ISO-образ диска (а не как обычный файл). - Запись диска восстановления - Диск восстановления создан - Пре-тест шифрования системы - Диск восстановления проверен - \nДиск восстановления VeraCrypt (Rescue Disk) прошёл проверку успешно. Выньте его из накопителя и уберите в надёжное место.\n\nНажмите 'Далее' для продолжения. - ВНИМАНИЕ: Во время следующих этапов в накопителе НЕ должно быть диска восстановления VeraCrypt, иначе эти этапы не удастся корректно завершить.\n\nВыньте диск восстановления из накопителя и поместите в надёжное место. Затем нажмите OK. - Внимание! Вследствие технических ограничений среды до загрузки ОС, сообщения, выводимые VeraCrypt на этом этапе (т.е. до старта Windows), не подлежат локализации. Пользовательский интерфейс загрузчика VeraCrypt - полностью на английском языке.\n\nПродолжить? - Прежде чем зашифровать системный раздел или диск, VeraCrypt должен проверить, что всё работает должным образом.\n\nПосле нажатия 'Тест' будут установлены все необходимые компоненты (например дозагрузочный аутентификатор, т.е. загрузчик VeraCrypt), и компьютер перезагрузится. Затем на экране загрузчика (VeraCrypt Boot Loader), который появится до старта Windows, вам потребуется ввести свой пароль. После запуска Windows вам автоматически сообщат о результатах этого предварительного теста.\n\nБудет изменено следующее устройство: Диск #%d\n\n\nЕсли сейчас нажать 'Отмена', то ничего установлено не будет, и пре-тест не станет выполняться. - ВАЖНЫЕ ЗАМЕЧАНИЯ -- ПРОЧИТАЙТЕ ИЛИ РАСПЕЧАТАЙТЕ (нажмите 'Печать'):\n\nНикакие файлы не будут зашифрованы, пока вы не перезагрузите успешно свой ПК и не запустите Windows. Поэтому если произойдёт какой-то сбой, с вашими данными ничего не случится. Однако в случае, если что-то пойдёт не так, возможны сложности с запуском Windows. Поэтому прочитайте (и, по возможности, распечатайте) следующие рекомендации о том, что делать, если Windows отказывается запускаться после перезагрузки ПК.\n\n - Что делать, если Windows не загружается ------------------------------------------------\n\nПРИМЕЧАНИЕ: Эти инструкции действительны, только если вы не начинали шифрование.\n\n- Если вы вводите правильный пароль, а Windows не загружается (или если при вводе правильного пароля VeraCrypt раз за разом сообщает, что пароль неверный), не паникуйте. Перезагрузите (выключите и вновь включите) компьютер и при появлении экрана загрузчика VeraCrypt нажмите клавишу Esc на клавиатуре (а если у вас несколько ОС, выберите нужную для запуска). После этого Windows должна запуститься (при условии, что она не зашифрована), а VeraCrypt автоматически спросит, хотите ли вы удалить компонент дозагрузочной аутентификации. Обратите внимание, что предыдущие шаги НЕ работают, если системный раздел/диск зашифрован (запустить Windows или получить доступ к зашифрованным данным без правильного пароля не может никто, даже если он(а) выполнит предыдущие этапы).\n\n - - Если вышесказанное не помогает или если экран загрузчика VeraCrypt не появляется (перед стартом Windows), вставьте в CD/DVD-накопитель диск восстановления VeraCrypt (Rescue Disk) и перезагрузите ПК. Если экран загрузчика VeraCrypt не появляется (или если вы не видите пункта 'Repair Options' в группе 'Keyboard Controls' на экране загрузчика VeraCrypt), возможно, в BIOS вашего ПК настроена загрузка сначала с жёсткого диска, и лишь затем с CD/DVD. Если это так, перезагрузите ПК, нажмите F2 или Delete (как только увидите начальный экран BIOS) и дождитесь появления экрана с настройками BIOS. Если этот экран не появился, снова перезагрузите ПК (нажмите кнопку Reset), сразу же начав часто нажимать клавиши F2 или Delete. В появившемся экране настроек BIOS сконфигурируйте ПК так, чтобы он сначала загружался с CD/DVD (о том, как это сделать, см. в документации на вашу системную плату/BIOS). Снова перезагрузите компьютер. Сейчас должен появиться экран диска восстановления VeraCrypt. На этом экране выберите 'Repair Options', нажав F8 на клавиатуре. В меню 'Repair Options' выберите 'Restore original system loader'. После этого выньте диск восстановления из CD/DVD-накопителя и перезагрузите ПК. Сейчас Windows должна запуститься нормально (при условии, что она не зашифрована).\n\n - Обратите внимание, что предыдущие шаги НЕ работают, если системный раздел/диск зашифрован (запустить Windows или получить доступ к зашифрованным данным без ввода правильного пароля не может никто, даже если он(а) выполнит предыдущие этапы).\n\n\nТакже имейте в виду, что если вы потеряете свой диск восстановления VeraCrypt, а ваш неприятель его найдёт, он НЕ сможет с помощью этого диска расшифровать системный раздел или диск, если не знает правильного пароля. - Пре-тест выполнен - Пре-тест успешно завершён.\n\nВНИМАНИЕ: Если во время шифрования произойдёт сбой питания или из-за программной/аппаратной ошибки зависнет операционная система, в то время, как VeraCrypt шифрует имеющиеся данные 'на месте', некоторые данные почти наверняка окажутся повреждёнными или утерянными. Поэтому прежде чем начать шифрование, убедитесь, что сделали резервную копию файлов, которые собираетесь зашифровать. Если нет, то сделайте это сейчас (нажмите 'Отложить', скопируйте файлы, затем в любое время снова запустите VeraCrypt, выберите 'Система' > 'Возобновить прерванный процесс', чтобы начать шифрование).\n\nКогда будете готовы, нажмите 'Шифрация', чтобы приступить к шифрованию. - Вы можете в любой момент нажать 'Пауза' или 'Отложить', прервав (де)шифрование, выйти из этого мастера, перезагрузить или выключить ПК, а затем продолжить процесс (он возобновится с той точки, где был приостановлен). Для предотвращения замедления, когда система или приложения выполняют чтение или запись на системном диске, VeraCrypt ждёт, пока данные будут записаны или прочтены (см. Статус выше), а затем продолжает (де)шифрование. - \n\nВы можете в любой момент нажать 'Пауза' или 'Отложить', прервав шифрование, выйти из этого мастера, перезагрузить или выключить ПК, а затем продолжить процесс (он возобновится с той точки, где был приостановлен). Учтите, что том не может быть смонтирован, пока не будет полностью зашифрован. - \n\nВы можете в любой момент нажать 'Пауза' или 'Отложить', прервав дешифрование, выйти из этого мастера, перезагрузить или выключить ПК, а затем продолжить процесс (он возобновится с той точки, где был приостановлен). Учтите, что том не может быть смонтирован, пока не будет полностью расшифрован. - Скрытая система запущена - Исходная система - Windows создаёт (обычно без вашего ведома или согласия) различные файлы отчётов, временные файлы и т.п. на системном разделе. Кроме того, там же она сохраняет содержимое ОЗУ для сна/гибернации и файлы подкачки. Поэтому если неприятель проанализирует файлы на разделе с исходной системой (клоном которой является скрытая ОС), он может узнать, например, что вы пользовались мастером VeraCrypt в режиме создания скрытой системы (и заподозрить наличие скрытой ОС в вашем ПК).\n\nЧтобы это предотвратить, на следующих этапах VeraCrypt надёжно сотрёт всё содержимое раздела, где находится исходная система. Затем для правдоподобности отрицания причастности вам потребуется установить в раздел новую систему и зашифровать её. Таким образом, вы создадите обманную ОС, и на этом процесс создания скрытой ОС будет завершён. - Скрытая ОС успешно создана. Но прежде чем её можно будет использовать (и иметь возможность правдоподобного отрицания причастности), требуется надёжно удалить (с помощью VeraCrypt) всё содержимое раздела, в котором сейчас установлена текущая ОС. Прежде чем это сделать, перезагрузите ПК и на экране загрузчика VeraCrypt (выводимого до старта Windows) введите пароль дозагрузочной аутентификации для скрытой ОС. Затем после старта скрытой системы автоматически запустится мастер VeraCrypt.\n\nПримечание: если сейчас прервать создание скрытой ОС, то возобновить этот процесс НЕ удастся, и скрытая ОС окажется недоступна (так как будет удалён загрузчик VeraCrypt). - Вы запланировали создание скрытой операционной системы. Этот процесс ещё не закончен. Чтобы его завершить, нужно перезагрузить компьютер и на экране загрузчика VeraCrypt (он появляется перед запуском Windows) ввести пароль для скрытой операционной системы.\n\nПримечание: если вы решите прервать сейчас процесс создания скрытой ОС, вы уже НЕ сможете его возобновить. - Перезагрузить ПК и продолжить - Окончательно прервать создание скрытой ОС - Ничего не делать сейчас, спросить позже - \nПО ВОЗМОЖНОСТИ РАСПЕЧАТАЙТЕ ЭТОТ ТЕКСТ (нажмите 'Печать' ниже).\n\n\nКак и когда использовать диск восстановления VeraCrypt (после шифрования) -----------------------------------------------------------------------------------\n\n - I. Как загрузиться с диска восстановления VeraCrypt\n\nЧтобы воспользоваться диском восстановления VeraCrypt (Rescue Disk), вставьте его в CD/DVD-накопитель и перезагрузите ПК. Если экран загрузочного диска VeraCrypt не появляется (или если на экране нет пункта 'Repair Options' в группе 'Keyboard Controls'), вероятно, BIOS в вашем ПК настроен на загрузку сначала с жёстких дисков, и лишь затем с CD/DVD-накопителей. Если это так, перезагрузите компьютер, нажмите F2 или Delete (как только увидите начальный экран BIOS) и дождитесь появления экрана настроек BIOS. Если он не появился, снова перезагрузите ПК (нажмите кнопку Reset) и сразу же начинайте постоянно нажимать F2 или Delete. Когда появится экран настроек BIOS, сконфигурируйте ПК так, чтобы он сначала загружался с CD/DVD-накопителя (о том, как это сделать, см. в документации на вашу системную плату или BIOS). Затем перезагрузите компьютер. Теперь экран диска восстановления VeraCrypt должен появиться. Примечание: на экране диска восстановления VeraCrypt можно выбрать 'Repair Options', нажав F8 на клавиатуре.\n\n\n - II. Когда и как использовать диск восстановления VeraCrypt (после шифрования)\n\n - 1) Если после старта ПК экран загрузчика VeraCrypt не появляется (или не загружается Windows), возможно, повреждён загрузчик VeraCrypt. Диск восстановления VeraCrypt позволяет восстановить его и, таким образом, вновь получить доступ к зашифрованной системе и данным (учтите, однако, что вам всё равно будет нужно ввести правильный пароль). На экране Rescue Disk выберите 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Затем нажмите 'Y', чтобы подтвердить действие, выньте диск восстановления из CD/DVD-накопителя и перезагрузите компьютер.\n\n - 2) Если вы вводите правильный пароль, а VeraCrypt говорит, что пароль неверный, возможно, повреждены мастер-ключ или другие критические данные. Диск восстановления VeraCrypt позволяет восстановить их и, таким образом, вновь получить доступ к зашифрованной системе и данным (однако вам всё равно будет нужно ввести правильный пароль). На экране Rescue Disk выберите 'Repair Options' > 'Restore key data'. Затем введите свой пароль, нажмите 'Y' для подтверждения действия, выньте диск восстановления из CD/DVD-накопителя и перезагрузите компьютер.\n\n - 3) Если загрузчик VeraCrypt повреждён или инфицирован вирусом, вы можете избежать его выполнения, загрузившись непосредственно с диска восстановления VeraCrypt. Вставьте диск восстановления в CD/DVD-накопитель и затем введите свой пароль на экране Rescue Disk.\n\n - 4) Если Windows повреждена и отказывается запускаться, диск восстановления VeraCrypt позволяет перманентно расшифровать раздел/диск до запуска Windows. На экране Rescue Disk выберите 'Repair Options' > 'Permanently decrypt system partition/drive'. Затем введите правильный пароль и дождитесь завершения дешифрования. После этого вы можете, например, загрузиться с установочного CD/DVD-диска Windows и восстановить Windows.\n\n - Альтернативный вариант: если Windows повреждена (не запускается), и вам нужно её восстановить (или получить доступ к её файлам), дешифрования системного раздела/диска можно избежать, если выполнить следующие шаги. Если в вашем компьютере установлено несколько операционных систем, загрузите ту из них, которая не требует дозагрузочной аутентификации. Если в ПК нет нескольких установленных ОС, можно загрузиться с CD/DVD с WinPE или BartPE, либо подключить системный диск как вторичный или внешний накопитель к другому компьютеру и загрузить установленную на этом ПК операционную систему. После того как система загрузится, запустите VeraCrypt, нажмите кнопку 'Устройство', выберите неисправный системный раздел, нажмите OK, выберите 'Система' > 'Смонтировать без дозагрузочной аутентификации', введите свой пароль для дозагрузочной аутентификации и нажмите OK. Раздел будет смонтирован как обычный том VeraCrypt (данные будут как обычно расшифровываться/шифроваться 'на лету' в ОЗУ при доступе к ним).\n\n\n - Обратите внимание, что если вы потеряете свой диск восстановления VeraCrypt, а ваш неприятель его найдёт, он НЕ сможет с помощью этого диска расшифровать системный раздел или диск, если не знает правильного пароля. - \n\nВ А Ж Н О -- ПО ВОЗМОЖНОСТИ РАСПЕЧАТАЙТЕ ЭТОТ ТЕКСТ (нажмите 'Печать').\n\n\nПримечание: этот текст отображается автоматически при каждом запуске скрытой системы, пока не будет создана обманная ОС.\n\n\n - Как надёжно и безопасно создать обманную систему ----------------------------------------------------------------------------\n\nЧтобы добиться правдоподобного отрицания причастности, вам нужно создать сейчас обманную операционную систему. Для этого выполните следующее:\n\n - 1) В целях безопасности выключите компьютер и не включайте его хотя бы несколько минут (чем дольше, тем лучше). Это нужно для очистки памяти, содержащей конфиденциальные данные. Затем включите ПК, но не загружайте скрытую систему.\n\n - 2) Установите Windows в раздел, содержимое которого было удалено (т.е. в раздел, где была исходная ОС, клоном которой стала скрытая система).\n\nВАЖНО: КОГДА ВЫ НАЧНЁТЕ УСТАНАВЛИВАТЬ ОБМАННУЮ ОС, ЗАГРУЗКА СКРЫТОЙ СИСТЕМЫ СТАНЕТ *НЕВОЗМОЖНОЙ* (так как загрузчик VeraCrypt будет стёрт установщиком Windows). ЭТО НОРМАЛЬНАЯ СИТУАЦИЯ, ТАК И ДОЛЖНО БЫТЬ. НЕ ПАНИКУЙТЕ. ВЫ СМОЖЕТЕ СНОВА ЗАГРУЖАТЬ СКРЫТУЮ ОС, КАК ТОЛЬКО ПРИСТУПИТЕ К ШИФРОВАНИЮ ОБМАННОЙ СИСТЕМЫ (поскольку VeraCrypt затем автоматически установит свой загрузчик на системный диск).\n\nВАЖНО: Размер раздела с обманной ОС должен оставаться таким же, как и размер скрытого тома (это условие сейчас соблюдено). Более того, нельзя создавать никаких разделов между разделами с обманной и скрытой системами.\n\n - 3) Загрузите обманную ОС (установленную на этапе 2) и установите в ней VeraCrypt.\n\nПомните, что обманная ОС не должна содержать никаких конфиденциальных данных.\n\n - 4) В обманной ОС запустите VeraCrypt и выберите 'Система' > 'Зашифровать системный раздел/диск'. Должно появиться окно мастера создания томов VeraCrypt.\n\nСледующие шаги относятся к этому мастеру.\n\n - 5) В окне мастера создания томов НЕ выбирайте опцию 'Скрытый'. Оставьте опцию 'Обычный' и нажмите 'Далее'.\n\n - 6) Выберите опцию 'Зашифровать системный раздел Windows' и нажмите 'Далее'.\n\n - 7) Если в ПК установлены только скрытая и обманная системы, выберите опцию 'Одиночная загрузка' (если в ПК больше ОС, чем эти две системы, выберите 'Мультизагрузка'). Нажмите 'Далее'.\n\n - 8) ВАЖНО: На этом этапе, ДЛЯ ОБМАННОЙ ОС, ВЫ ДОЛЖНЫ ВЫБРАТЬ ТЕ ЖЕ АЛГОРИТМЫ ШИФРОВАНИЯ И ХЕШИРОВАНИЯ, ЧТО И ДЛЯ СКРЫТОЙ СИСТЕМЫ! ИНАЧЕ СКРЫТАЯ СИСТЕМА БУДЕТ НЕДОСТУПНА! Иными словами, обманная ОС должна быть зашифрована тем же алгоритмом, что и скрытая ОС. Примечание: причина этого требования в том, что обманная и скрытая системы используют один и тот же загрузчик, поддерживающий только один алгоритм, выбранный пользователем (для каждого алгоритма есть свой загрузчик VeraCrypt).\n\n - 9) Выберите пароль для обманной ОС. Это пароль, который вы можете выдать неприятелю, если вас вынудят сообщить пароль дозагрузочной аутентификации (ещё один пароль, который мы можете сообщить - для внешнего тома). Существование третьего пароля (т.е. пароля дозагрузочной аутентификации для скрытой ОС) останется тайной.\n\nВАЖНО: Пароль для обманной ОС должен существенно отличаться от пароля для скрытого тома (т.е. для скрытой ОС).\n\n - 10) Следуйте инструкциям мастера для шифрования обманной ОС.\n\n\n\n - После создания обманной системы ------------------------------------------------\n\nПо окончании шифрования обманной ОС процесс создания скрытой ОС будет завершён, и вы сможете пользоваться тремя паролями:\n\n1) Пароль дозагрузочной аутентификации для скрытой ОС.\n\n2) Пароль дозагрузочной аутентификации для обманной ОС.\n\n3) Пароль для внешнего тома.\n\n - Если вы хотите запустить скрытую ОС, нужно просто ввести пароль для скрытой ОС на экране загрузчика VeraCrypt (который появляется при включении или перезагрузке ПК).\n\nЕсли вам нужно загрузить обманную ОС, введите пароль для обманной ОС на экране загрузчика VeraCrypt.\n\nПароль для обманной ОС можно сообщать всякому, кто потребует выдать пароль дозагрузочной аутентификации. Наличие скрытого тома (и скрытой ОС) останется в секрете.\n\n - Третий пароль (для внешнего тома) можно сообщать всякому, кто потребует выдать пароль для первого раздела, следующего за системным, где находятся внешний и скрытый тома (со скрытой ОС). Существование скрытого тома (и скрытой ОС) останется секретом.\n\n\n - Если вы сообщите неприятелю пароль от обманной ОС, и он спросит, почему свободное место на (обманном) системном разделе содержит случайные данные, вы сможете, например, ответить: "Этот раздел раньше содержал систему, зашифрованную VeraCrypt, но я забыл(а) пароль дозагрузочной аутентификации (или система повредилась и перестала загружаться), поэтому мне пришлось переустановить Windows и снова зашифровать раздел".\n\n\n - Если выполнены все инструкции и учтены меры предосторожности, описанные в главе "Требования безопасности и меры предосторожности касательно скрытых томов" в Руководстве пользователя VeraCrypt, определить наличие скрытого тома и скрытой ОС должно быть невозможно, даже если смонтирован внешний том или расшифрована/запущена обманная ОС.\n\nЕсли вы сохраните или распечатаете копию этого текста (это настоятельно рекомендуется сделать, если только ваш принтер не хранит копии заданий на своём внутреннем накопителе), то, создав обманную систему и убедившись, что вы поняли всё, что тут написано, все копии данного текста следует уничтожить (иначе если такую копию обнаружат, это может навести на мысль о наличии в ПК скрытой ОС).\n\n - ВНИМАНИЕ: ЕСЛИ ВЫ НЕ ЗАЩИТИЛИ СКРЫТЫЙ ТОМ (о том, как это сделать, см. главу "Защита скрытых томов от повреждений" в Руководстве пользователя VeraCrypt), НЕ ВЫПОЛНЯЙТЕ ЗАПИСЬ ВО ВНЕШНИЙ ТОМ (обратите внимание, что обманная ОС установлена НЕ во внешнем томе). ИНАЧЕ ВЫ МОЖЕТЕ ПЕРЕЗАПИСАТЬ И ПОВРЕДИТЬ СКРЫТЫЙ ТОМ (И СКРЫТУЮ ОС ВНУТРИ НЕГО)! - Клонирование ОС - На следующих этапах VeraCrypt создаст скрытую ОС, скопировав содержимое системного раздела в скрытый том (копируемые данные шифруются 'на лету' с ключом, отличным от используемого для обманной ОС).\n\nУчтите, что процесс выполняется на дозагрузочной стадии (до запуска Windows) и может занять много времени (несколько часов или даже дней, в зависимости от размера системного раздела и быстродействия ПК).\n\nВы сможете прервать этот процесс, выключить ПК, запустить ОС и затем возобновить его. Однако в случае прерывания, копирование системы придётся начать сначала (так как при клонировании содержимое системного раздела не должно изменяться). - Вы хотите отменить весь процесс создания скрытой операционной системы?\n\nПримечание: в случае отмены вы НЕ сможете возобновить процесс. - Вы хотите отменить пре-тест шифрования системы? - Пре-тест шифрования системы не пройден. Хотите повторить попытку?\n\nПри выборе 'Нет' компонент дозагрузочной аутентификации будет удалён.\n\nПримечания:\n\n- Если загрузчик VeraCrypt не просил вас ввести пароль перед стартом Windows, возможно, ваша ОС загружается не с того диска, на котором она установлена. Такая конфигурация не поддерживается.\n\n- Если вы используете отличный от AES алгоритм шифрования, и пре-тест выдаёт ошибку (и вы ввели пароль), это может быть вызвано некорректным драйвером. Выберите 'Нет' и попробуйте снова зашифровать системный раздел/диск, но с использованием алгоритма AES (он предъявляет наименьшие требования к памяти).\n\n- С другими причинами и решениями вы можете ознакомиться здесь: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - Судя по всему, системный раздел/диск не зашифрован (ни частично, ни полностью). - Системный раздел/диск зашифрован (частично или полностью).\n\nПрежде чем продолжить, полностью дешифруйте системный раздел/диск. Чтобы это сделать, выберите в главном окне VeraCrypt меню 'Система' > 'Перманентно расшифровать системный раздел/диск'. - Если системный раздел/диск зашифрован (частично или полностью), устанавливать VeraCrypt более старой версии нельзя (но можно устанавливать более новую или ту же версию). - В данный момент идёт шифрование, дешифрование или иная модификация системного раздела/диска. Прежде чем продолжить, прервите процесс шифрования/дешифрования/модификации (или дождитесь его окончания). - В системе уже запущена копия мастера создания томов VeraCrypt, она выполняет или подготавливает шифрование/дешифрование системного раздела/диска. Прежде чем продолжить, дождитесь завершения работы мастера или закройте его. Если закрыть окно мастера не удаётся, перезагрузите ПК и продолжите. - Шифрование или дешифрование системного раздела/диска не завершено. Прежде чем продолжить, дождитесь завершения этого процесса. - ОШИБКА: Шифрование раздела/диска не было завершено. Сначала его нужно завершить. - ОШИБКА: Шифрование раздела/тома не было завершено. Сначала его нужно завершить.\n\nПримечание: чтобы возобновить процесс, выберите команду 'Тома' > 'Продолжить прерванный процесс' в меню главного окна VeraCrypt. - Пароль правильный. VeraCrypt успешно расшифровал заголовок тома и обнаружил, что этот том является скрытым системным томом. Однако изменить заголовок скрытого системного тома таким способом нельзя.\n\nЧтобы изменить пароль скрытого системного тома, загрузите ОС, расположенную в скрытом томе, после чего в главном окне VeraCrypt выберите в меню 'Система' > 'Изменить пароль'.\n\nЧтобы установить алгоритм деривации ключа заголовка, загрузите скрытую ОС и выберите 'Система' > 'Установить алгоритм деривации ключа заголовка'. - VeraCrypt не поддерживает дешифрование скрытого системного раздела на месте.\n\nПримечание: если вы хотите дешифровать обманный системный раздел, загрузите обманную ОС, после чего выберите в главном окне VeraCrypt меню 'Система' > 'Перманентно расшифровать системный раздел/диск'. - ОШИБКА: Неверный/недопустимый параметр. - Вы выбрали раздел или устройство, но выбранный режим мастера подходит только для файловых контейнеров.\n\nХотите изменить режим мастера? - Хотите вместо этого создать файловый контейнер VeraCrypt? - Вы указали системный раздел/диск (или загрузочный раздел), но выбранный режим мастера подходит только для несистемных разделов/дисков.\n\nХотите установить дозагрузочную аутентификацию (т.е. нужно будет вводить пароль перед каждым запуском Windows) и зашифровать систему/раздел? - Вы действительно хотите перманентно расшифровать системный раздел/диск? - ОСТОРОЖНО: Если вы перманентно расшифруете системный раздел/диск, данные на него будут записываться в незашифрованном виде.\n\nВы действительно хотите перманентно расшифровать системный раздел/диск? - Вы действительно хотите перманентно расшифровать этот том? - ОСТОРОЖНО: Если вы перманентно расшифруете том VeraCrypt, данные на диск будут записываться в незашифрованном виде.\n\nВы действительно хотите перманентно расшифровать выбранный том? - ВНИМАНИЕ: В случае использования каскада шифров при шифровании системы возможны следующие затруднения:\n\n1) Так как загрузчик VeraCrypt больше стандартного, на первой дорожке диска недостаточно места для резервирования его копии. Поэтому если загрузчик VeraCrypt окажется повреждён (что часто случается, например, при активации некоторых некорректно написанных программ), потребуется диск восстановления (VeraCrypt Rescue Disk), чтобы загрузиться с него или исправить загрузчик VeraCrypt.\n\n2) На некоторых компьютерах восстановление из состояния сна/гибернации происходит дольше обычного.\n\nЭтих потенциальных проблем можно избежать, если выбрать некаскадный алгоритм шифрования (например AES).\n\nВы настаиваете на использовании каскадного шифрования? - Если вы столкнулись с любой из ранее описанных проблем, дешифруйте раздел/диск (если он зашифрован), после чего попробуйте зашифровать его снова, используя не-каскадный алгоритм шифрования (например AES). - ВНИМАНИЕ: В целях безопасности и надёжности следует обновить VeraCrypt в обманной операционной системе, прежде чем вы обновите его в скрытой ОС.\n\nЧтобы это сделать, загрузите обманную ОС и запустите в ней установщик VeraCrypt. Затем загрузите скрытую систему и также запустите установщик ещё и оттуда.\n\nПримечание: обманная и скрытая системы используют один и тот же загрузчик. Если вы обновите VeraCrypt только на скрытой системе (но не на обманной), в обманной системе могут остаться драйвер и приложения VeraCrypt, чьи версии будут отличаться от версии загрузчика VeraCrypt. Такое различие может свидетельствовать о присутствии в данном ПК скрытой операционной системы.\n\n\nХотите продолжить? - Номер версии загрузчика VeraCrypt, с помощью которого была загружена эта ОС, отличается от номера версии драйвера и приложений VeraCrypt, установленных в этой системе.\n\nВам следует запустить установщик VeraCrypt (той же версии, что и у загрузчика VeraCrypt), чтобы обновить VeraCrypt в этой операционной системе. - Номер версии загрузчика VeraCrypt, с помощью которого загружена эта ОС, отличается от номера версии драйвера VeraCrypt (и приложений VeraCrypt) в этой системе. Более старые версии могут содержать ошибки, которых в новых версиях уже нет.\n\nЕсли вы не загружались с диска восстановления VeraCrypt, следует переустановить VeraCrypt или обновить до новейшей стабильной версии (при этом загрузчик также будет обновлён).\n\nЕсли вы загружались с диска восстановления VeraCrypt, следует обновить его ('Система' > 'Создать диск восстановления'). - Загрузчик VeraCrypt обновлён.\n\nНастоятельно рекомендуется создать новый диск восстановления VeraCrypt (Rescue Disk), который будет содержать новую версию загрузчика VeraCrypt. Для этого после перезагрузки компьютера выберите меню 'Система' > 'Создать диск восстановления'. - Загрузчик VeraCrypt обновлён.\n\nНастоятельно рекомендуется загрузить обманную операционную систему и затем создать новый диск восстановления VeraCrypt (который будет содержать новую версию загрузчика VeraCrypt). Для этого выберите меню 'Система' > 'Создать диск восстановления'. - Ошибка обновления загрузчика VeraCrypt. - VeraCrypt не может определить настоящий размер системного диска, поэтому будет использовать размер, сообщённый операционной системой (который может быть меньше реального размера). Примечание: это не ошибка в VeraCrypt. - ВНИМАНИЕ: Похоже, VeraCrypt уже пытался обнаружить скрытые сектора на этом системном диске. Если во время предыдущей попытки обнаружения вы столкнулись с какими-то проблемами, то можете сейчас их избежать, пропустив операцию поиска скрытых секторов. Обратите внимание, что в этом случае VeraCrypt будет использовать размер, сообщаемый операционной системой (который может быть меньше действительного размера диска).\n\nЭто происходит не из-за какой-либо ошибки в VeraCrypt. - Не выполнять поиск скрытых секторов (использовать размер, сообщённый ОС) - Попробовать найти скрытые сектора ещё раз - ОШИБКА: Не удаётся прочитать один или несколько секторов на диске (вероятно, из-за физического дефекта).\n\nШифрование 'на месте' может быть продолжено, только когда секторы снова будут доступны для чтения. VeraCrypt может попытаться сделать эти сектора читабельными путём записи в них нулей (впоследствии такие содержащие одни нули блоки будут зашифрованы). Данные в нечитаемых секторах при этом будут утеряны. Если вы хотите этого избежать, попробуйте хотя бы частично восстановить повреждённые данные с помощью соответствующих программ сторонних фирм.\n\nПримечание: если секторы повреждены физически (в отличие от простой порчи данных и ошибок контрольных сумм), большинство устройств хранения информации внутренне перераспределяют секторы при попытке записать в них данные (поэтому имеющиеся данные в повреждённых секторах могут оставаться на диске незашифрованными).\n\nХотите, чтобы VeraCrypt заполнил нулями нечитаемые секторы? - ОШИБКА: Невозможно прочитать содержимое одного или нескольких секторов диска (вероятно, из-за физического дефекта).\n\nЧтобы продолжить шифрование, VeraCrypt отбросит содержимое нечитаемых секторов (оно будет заменено псевдослучайными данными). Прежде чем продолжить, вы можете попытаться хотя бы частично восстановить повреждённые данные с помощью соответствующих программ сторонних фирм.\n\nХотите, чтобы VeraCrypt отверг сейчас данные в нечитаемых секторах? - Примечание: содержимое %I64d нечитаемых секторов (%s) заменено зашифрованными блоками с обычным нулевым текстом. - Примечание: содержимое %I64d нечитаемых секторов (%s) заменено псевдослучайными данными. - Введите пароль/PIN для токена '%s': - Чтобы обеспечить VeraCrypt доступ к токену безопасности или смарт-карте,\nсначала нужно установить программную библиотеку PKCS #11 для токена\nили смарт-карты. Эта библиотека может поставляться вместе с устройством,\nлибо она имеется на сайте поставщика или сторонней фирмы.\nУстановив библиотеку, вы можете выбрать её вручную, нажав 'Библиотека',\nлибо позволить VeraCrypt найти её автоматически, нажав 'Автоопределение библиотеки' (поиск выполняется только в системной папке Windows). - ПРИМЕЧАНИЕ: Имя и расположение файла библиотеки PKCS #11\nдля токена или смарт-карты см. в документации к токену,\nсмарт-карте или ПО сторонних фирм.\n\nНажмите OK, чтобы выбрать путь и имя файла. - Чтобы обеспечить VeraCrypt доступ к токену безопасности или\nсмарт-карте, сначала нужно выбрать программную библиотеку\nPKCS #11 для токена/карты.\nДля этого выберите в меню 'Настройки' > 'Токены безопасности'. - Ошибка инициализации библиотеки PKCS #11 для токена безопасности.\n\nУбедитесь, что указанные путь и имя файла действительно ссылаются на библиотеку PKCS #11. Чтобы указать путь и имя библиотеки PKCS #11, выберите в меню 'Настройки' > 'Токены безопасности'. - В системной папке Windows библиотека PKCS #11 не обнаружена.\n\nПроверьте, установлена ли библиотека PKCS #11 для вашего токена безопасности (или смарт-карты).\nЭта библиотека может поставляться вместе с токеном/картой или же доступна на сайте производителя/сторонней фирмы.\nЕсли библиотека установлена в папке, отличной от системной папки Windows, нажмите кнопку 'Библиотека' и выберите её\n(например, это может быть папка, где установлено ПО для токена/карты). - Токен безопасности не обнаружен.\n\nУбедитесь, что токен подключён к ПК, и для него установлен корректный драйвер. - Ключевой файл токена безопасности не обнаружен. - Ключевой файл токена безопасности с таким именем уже существует. - Вы хотите удалить выбранные файлы? - Путь к ключевому файлу токена безопасности неверен. - Ошибка токена безопасности - Неверный пароль для токена безопасности. - В токене безопасности недостаточно памяти для выполнения запрошенной операции.\n\nЕсли вы пытаетесь импортировать ключевой файл, выберите файл меньшего объёма или используйте ключевой файл, сгенерированный VeraCrypt (выберите 'Сервис' > 'Генератор ключевых файлов'). - Все открытые токен-сессии были закрыты. - Выберите ключевые файлы токена безопасности - Слот - Токен - Имя файла - ВАЖНО: Учтите, что пароли дозагрузочной аутентификации всегда вводятся при стандартной раскладке американской клавиатуры. Поэтому том, пароль которого набран в любой другой раскладке, может оказаться невозможно смонтировать с помощью кэшированного пароля дозагрузочной аутентификации (это не ошибка VeraCrypt). Чтобы смонтировать такой том с паролем дозагрузочной аутентификации, выполните следующее:\n\n1) Нажмите кнопку 'Файл' или 'Устройство' и выберите том.\n2) В меню 'Тома' выберите 'Изменить пароль тома'.\n3) Введите текущий пароль для этого тома.\n4) Измените раскладку клавиатуры на английскую (США), щёлкнув по значку языка в панели задач Windows.\n5) В окне VeraCrypt в поле для нового пароля введите пароль для дозагрузочной аутентификации.\n6) Введите этот же пароль ещё раз в поле для проверки и нажмите OK.\nВНИМАНИЕ: Помните, что в результате этих действий пароль тома нужно будет всегда вводить в американской раскладке клавиатуры (которая гарантированно включена только на этапе дозагрузочной аутентификации). - Системные избранные тома будут монтироваться с использованием пароля дозагрузочной аутентификации. Если у какого-то из таких томов другой пароль, этот том смонтирован не будет. - Если вы хотите запретить функции VeraCrypt с обычными томами ('Размонтировать все', авторазмонтирование и др.) для избранных системных томов, нужно включить параметр 'Просматривать/размонтировать системные избранные тома могут лишь администраторы'. Кроме того, если VeraCrypt запущен без прав администратора (что стандартно для Vista и более новых версий Windows), избранные системные тома не будут отображаться в списке букв дисков в главном окне VeraCrypt. - ВАЖНО: Если выбрана эта опция, а VeraCrypt не имеет административных привилегий, то смонтированные системные избранные тома НЕ отображаются в окне VeraCrypt и их нельзя размонтировать. Поэтому если, например, нужно размонтировать системный избранный том, сначала щёлкните ПКМ по значку VeraCrypt (в меню 'Пуск') и выберите запуск от имени администратора. То же самое относится к функции 'Размонтировать все', функциям авторазмонтирования, горячим клавишам 'Размонтировать все' и т.д. - ВНИМАНИЕ: Эта установка вступит в силу после перезагрузки операционной системы. - Ошибка обработки командной строки. - Диск восстановления - Выбрать &файл и смонтировать... - Выбрать &устройство и смонтировать... - Просматривать/размонтировать системные избранные тома могут лишь администраторы - Монтировать системные избранные тома при старте Windows (в начальной фазе загрузки) - ВНИМАНИЕ: Файловая система тома, смонтированного как '%s', не была аккуратно размонтирована, и потому может содержать ошибки. Использование повреждённой файловой системы может привести к потере или порче данных.\n\nПримечание: прежде чем физически удалять или выключать устройство (например флэш-накопитель USB или внешний жёсткий диск), на котором находится смонтированный том VeraCrypt, сначала всегда следует размонтировать этот том.\n\n\nХотите, чтобы Windows попыталась найти и исправить ошибки (если они есть) файловой системы? - ВНИМАНИЕ: Один или несколько системных избранных томов не были чисто размонтированы и потому могут содержать ошибки файловой системы. См. подробности в системном отчёте о событиях.\n\nИспользование повреждённой файловой системы может привести к потере или повреждению данных. Проверьте такие тома на ошибки (щёлкните правой кнопкой мыши на томе и выберите команду починки файловой системы). - ВНИМАНИЕ: Исправление повреждённой файловой системы с помощью утилиты\nMicrosoft 'chkdsk' может привести к потере файлов в повреждённых участках.\nПоэтому рекомендуется сначала скопировать файлы с тома VeraCrypt на другой,\nнеповреждённый том VeraCrypt.\n\nВы хотите исправить файловую систему сейчас? - Том '%s' смонтирован как 'только для чтения', так как была отвергнута попытка записи.\n\nПроверьте, достаточно ли у вас прав для записи в файловый контейнер (щёлкните ПКМ на контейнере и выберите 'Свойства' > 'Безопасность').\n\nОбратите внимание, что из-за ошибки в Windows это предупреждение может появляться даже при правильной установке прав доступа. Это не ошибка VeraCrypt. Возможное решение - перенос контейнера, например, в вашу папку 'Документы'.\n\nЕсли вы намереваетесь сохранить у этого тома доступ только для чтения, установите на контейнер атрибут 'Только чтение' (щёлкните по контейнеру ПКМ и выберите 'Свойства' > 'Только чтение'), чтобы избежать вывода данного предупреждения. - Том '%s' смонтирован как 'только для чтения', так как была отвергнута попытка записи.\n\nПроверьте, не обращаются ли к разделу/устройству, на котором расположен том, другие приложения (например антивирусное ПО). - Том '%s' смонтирован как 'только для чтения' - ОС запретила запись на хост-устройство.\n\nОбратите внимание, что некоторые драйверы чипсета (НМС) ошибочно представляют доступные для записи носители как устройства только для чтения. Эта проблема не по вине VeraCrypt. Её можно решить обновлением или удалением имеющихся в системе драйверов чипсета сторонних производителей (не Microsoft). - Hyper-Threading - это несколько логических ядер на одном физическом ядре. Если Hyper-Threading включена, число выше показывает количество логических процессоров/ядер. - %d шт. - Аппаратное ускорение AES отключено, что скажется на результатах теста (ухудшит производительность).\n\nЧтобы включить аппаратное ускорение, в меню 'Настройки' выберите пункт 'Быстродействие' и включите соответствующий параметр. - Число потоков сейчас ограничено, что скажется на результатах теста (ухудшит производительность).\n\nЧтобы задействовать весь потенциал ЦП, в меню 'Настройки' выберите пункт 'Быстродействие' и отключите соответствующий параметр. - Хотите, чтобы VeraCrypt попробовал отключить защиту от записи у раздела/диска? - ВНИМАНИЕ: Этот параметр может ухудшить производительность.\n\nВы действительно хотите его включить? - ВНИМАНИЕ: Том VeraCrypt автоматически размонтирован - Прежде чем физически удалить или отключить устройство, содержащее смонтированный том, сначала следует всегда размонтировать этот том в VeraCrypt.\n\nНеожиданное самопроизвольное размонтирование бывает обычно вызвано периодическими сбоями в кабеле, диске (корпусе) и т.д. - Этот том создан с помощью TrueCrypt %x.%x. VeraCrypt поддерживает только тома TrueCrypt, созданные с помощью TrueCrypt версий 6.x/7.x. - Тест - Ключевой файл - Backspace - Tab - Очистить - Enter - Pause - Caps Lock - Пробел - Page Up - Page Down - End - Home - Стрелка влево - Стрелка вверх - Стрелка вправо - Стрелка вниз - Клавиша выбора - Клавиша печати - Клавиша выполнения - Print Screen - Insert - Delete - Клавиша приложений - Сон - Num Lock - Scroll Lock - Браузер - назад - Браузер - вперёд - Браузер - обновить - Браузер - стоп - Браузер - поиск - Браузер - избранное - Браузер - начальная страница - Без звука - Уменьшить громкость - Увеличить громкость - Следующий трек - Предыдущий трек - Стоп - Пуск/пауза - Клавиша запуска почты - Клавиша выбора носителя - Приложение 1 - Приложение 2 - Attn - СозВыд - РасВыд - Пуск - Зум - NumPad - Shift - Control - Alt - Win - Б - КБ - МБ - ГБ - ТБ - ПБ - б/с - КБ/с - МБ/с - ГБ/с - ТБ/с - ПБ/с - - С &PIM при кэшировании пароля дозагрузочной аутентификации - Включать PIM при кэшировании пароля - Отключённые сетевые диски доступны для монтирования - Слишком длинный пароль: в UTF-8 он превышает 64 байта. - Введённый пароль содержит символы Юникода, которые не удалось преобразовать в UTF-8. - ОШИБКА: Не удалось загрузить системную библиотеку. - Указанный в командной строке размер файла тома несовместим с выбранной файловой системой exFAT. - Хаотично из перемещений мыши - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Отмена + Установить для &всех пользователей + О&бзор... + &Значок VeraCrypt на рабочем столе + Помочь... + Ассоциировать рас&ширение .hc с VeraCrypt + По окончании откр&ыть место назначения + &Добавить VeraCrypt в меню 'Пуск' + Создать то&чку восстановления системы + Уда&ление + &Извлечь + &Установить + Мастер установки VeraCrypt + Удаление VeraCrypt + &Справка + Укажите место назначения для извлекаемых файлов: + Выберите место, куда вы хотите установить программные файлы VeraCrypt.\nЕсли указанной папки не существует, она будет создана автоматически. + Нажмите 'Удаление', чтобы удалить VeraCrypt из этой системы. + Стоп + &Тест + &Проверить + Создать и отформатировать зашифрованный том + Зашифровать раздел на месте + Показ созданных ключей (их частей) + Показывать пул + Загрузить ПО для записи CD/DVD + Создать зашифрованный файловый контейнер + &ГБ + &ТБ + Подробнее + &Скрытый том VeraCrypt + Что такое 'скрытый том'? + Прямой режим + Обычный режим + &КБ + Кл&юч. файлы + Сначала пытаться смонтировать без пароля + Случайный размер ( 64 <-> 1048576 ) + Клю&ч. файлы... + О хеш-алгоритмах + Подробнее + Сведения о PIM + &МБ + Подробнее + Подробнее о шифровании системы + Подробнее + Мультизагрузка + Зашифровать несистемный раздел/диск + &Не сохранять историю + Открыть внешний том + &Пауза + Использовать P&IM + Использовать PIM + Быстрое форматир. + &Показ пароля + &Показ пароля + По&каз PIM + Одиночная загрузка + Обычный том VeraCrypt + Скр&ытый + Обычный + Зашифровать раздел или весь диск с системой + Зашифровать системный раздел Windows + Зашифровать весь диск + Мастер создания томов VeraCrypt + Кластер + ВАЖНО: Хаотично перемещайте мышь внутри этого окна (чем дольше, тем лучше) - это значительно увеличит криптостойкость ключей шифрования. Затем нажмите 'Далее' для продолжения. + &Подтвердите: + Уже + Буква диска: + Алгоритм шифрования + Файл.сист. + Создать виртуальный зашифрованный диск внутри файла. Рекомендуется неопытным пользователям. + Опции + Алгоритм хеширования + Ключ заг-ка: + Ещё + Мастер-ключ: + Выберите эту опцию, если в ПК установлено две или более ОС.\n\nНапример:\n- Windows XP и Windows XP\n- Windows XP и Windows Vista\n- Windows и Mac OS X\n- Windows и Linux\n- Windows, Linux и Mac OS X + Зашифровать раздел без ОС на внутреннем/внешнем диске (на флэшке и др.). Дополнительно - создать скрытый том. + Текущее содержимое пула (часть) + Пароль + Пароль: + PIM тома: + PIM тома: + Ход операции: + Случайн. пул: + Выберите эту опцию, если в ПК установлена только одна ОС (даже если она с несколькими пользователями). + Скорость + Статус + Ключи, соль и другие данные успешно созданы. Если вы хотите сгенерировать новые ключи, нажмите 'Назад', а затем 'Далее'. Если же нет, то нажмите 'Далее' для продолжения. + Зашифровать раздел/диск, где установлена Windows. Перед каждой загрузкой Windows нужно будет вводить пароль для доступа к ОС, считывания и записи файлов и т.д. Дополнительно - создать скрытую ОС. + Выберите эту опцию, чтобы зашифровать раздел, где установлена работающая сейчас Windows. + Метка тома в Windows: + Режим очистки: + Закрыть + Об&ход дозагрузочной аутентификации по Esc (разрешает диспетчер загрузки) + Нет действий + &Автомонтирование тома VeraCrypt (указанного) + &Запуск VeraCrypt + Автоопределение &библиотеки + К&эшировать пароль дозагрузочной аутентификации (для монтирования несистемных томов) + Обзор... + Обзор... + К&эшировать пароли и ключевые файлы + Выход, если нет смонтированных томов + Закр&ыть токен-сессию (выйти) после успешного монтирования тома + С расширителем томов VeraCrypt + С мастером создания томов VeraCrypt + Создать + С&оздать том + Пусто&й экран аутентификации (только указанный ниже текст) + Не обнаруживать атаку "Evil Maid" + Ускорять (де)шифрование AES с помощью AES-инструкций процессора (если возможно) + Ключ. файлы + Ключ. файлы + В&ыход + Об избранных томах + Н&е монтировать выбранный том, если нажата клавиша монтирования выбранных томов + Монт&ировать выбранный том при подключении устройства, на котором он расположен + Монтировать выбранный том при в&ходе в систему + Монтировать выбранный том как предназначенный &только для чтения + Монтировать выбранный том как &сменный носитель + &Ниже + &Выше + Открыть том в Пр&оводнике при успешном монтировании + &Убрать + Метка избранного как метка диска в Проводнике + Глобальные установки + Оповещение после успешного размонтирования по горячей клавише + Звук после успешного размонтирования по горячей клавише + Alt + Ctrl + Shift + Win + Назначить + Убрать + Ключ.файлы... + Не использовать это число процессоров при (де)шифровании: + Подробнее + Подробнее + Ещё настройки... + &Автомонтирование + Параметр&ы... + Монтировать как том только для &чтения + Ключ.файлы... + (пусто или 0 для итераций по умолчанию) + (пусто или 0 для итераций по умолчанию) + Включено + Кэшировать пароли в памяти драйвера + Автоматически размонтировать тома при неактивности в течение + завершении сеансов + блокировке сеанса пользователя + входе в энергосбережение + старте экранной заставки + Автоматически размонтировать тома даже при открытых файлах/папках + Монтировать все тома на устройствах + Запуск VeraCrypt в фоне + Монтировать как тома\nтолько для чтения + Монтировать тома как сменные носители + Открывать Проводник для успешно смонтированного тома + Временно кэшировать пароль при монтировании избранных томов + Другой значок в системном лотке, если есть смонтированные тома + Очищать кэш паролей при авторазмонтировании + Очищать кэш паролей при выходе + Сохранять дату изменения у файл-контейнеров + Сброс + &Устройство... + &Файл... + &Библиотека... + Показ пароля + Показ пароля + &Открыть смонтированный том в Проводнике + &Кэшировать пароль в памяти драйвера + Режим TrueCrypt + &Размонтировать все + Сво&йства тома... + О&перации с томами + О&чистить кэш + Параметры монтирования + Избранные тома VeraCrypt + Общесистемные горячие клавиши VeraCrypt + VeraCrypt + Изменение пароля или ключевых файлов + Введите пароль тома VeraCrypt + Настройки производительности VeraCrypt + Параметры VeraCrypt + Настройки шифрования системы + Настройки токена безопасности + Настройка переносного диска VeraCrypt + Свойства тома VeraCrypt + О программе... + Добавить/удалить ключевые файлы в/из том(а)... + Добавить смонтированный том в список избранных томов... + Добавить смонтированный том в список избранных системных томов... + Проанализировать сбой системы... + Создать резервную копию заголовка тома... + Тест скорости... + Установить алгоритм деривации ключа заголовка... + Изменить пароль тома... + Установить алгоритм деривации ключа заголовка... + Изменить пароль... + Очистить историю томов + Закрыть все токен-сессии + Связь с авторами... + Создать скрытую ОС... + Создать диск восстановления... + Создать новый том... + Перманентно расшифровать... + Ключевые файлы по умолчанию... + Параметры монтирования по умолчанию... + Помочь... + Зашифровать системный раздел/диск... + Часто задаваемые вопросы + Руководство пользователя + &Домашняя страница + Горячие клавиши... + Генератор ключевых файлов + Язык (language)... + Юридическая информация + Ключевые файлы токена безопасности... + Автомонтирование всех томов на основе устройств + Смонтировать избранные тома + Смонтировать &без дозагрузочной аутентификации... + Смонтировать том + Смонтировать том с параметрами + Новости + Справка в Интернете + Руководство для начинающих + Упорядочить избранные тома... + Упорядочить системные избранные тома... + Быстродействие... + Перманентно расшифровать системный раздел/диск + Параметры... + Обновить буквы дисков + Удалить из тома все ключевые файлы... + Восстановить заголовок тома... + Продолжить прерванный процесс + Выбрать устройство... + Выбрать файл... + Возобновить прерванный процесс + Шифрование системы... + Свойства... + Установки... + Системные избранные тома... + Загрузка ПО + Тест алгоритмов генерирования векторов... + Токены безопасности... + Настройка переносного диска... + Размонтировать все смонтированные тома + Размонтировать том + Проверить диск восстановления + Проверить ISO-образ диска восстановления + История версий + Расширитель томов + Свойства тома + Мастер создания томов + Сайт VeraCrypt + Очистить кэш паролей + OK + Аппаратное ускорение + Клавиша быстрого вызова + Настройка автозапуска (файл autorun.inf) + Автоматическое размонтирование + Размонтировать\nвсе тома при: + Параметры экрана загрузчика + Подтвердите: + Текущий + Показывать этот текст на экране дозагрузочной аутентификации (до 24 символов): + Параметры монтирования томов по умолчанию + Дополнительные параметры + Конфигурация драйвера + Поддержка расширенного управления дисками + Метка выбранного избранного тома: + Файловые параметры + Клавиша: + Процессор в этом ПК поддерживает аппаратное ускорение AES-операций: + Действия при входе в Windows + мин + Буква диска: + Параметры монтирования тома VeraCrypt + Новый + Пароль: + Потоковое распараллеливание + Путь к библиотеке PKCS #11 + PKCS-5 PRF: + PKCS-5 PRF: + Кэширование (запоминание) паролей + Параметры безопасности + Работа VeraCrypt в фоновом режиме + Том для монтирования (относительно корня переносного диска): + При вставке переносного диска: + Создать файлы переносного диска (корневая папка переносного диска) в: + Том + Окна + &Путь... + &Автотест всех + Да&лее + &Дешифрация + &Удалить + &Шифрация + &Экспорт... + Создать и сохранить файл... + Случа&йный ключевой файл... + Загрузить языковые модули с сайта + Аппаратное ускорение AES: + &Импорт кл.файла в токен... + &Файлы... + Клю&чевые файлы + К&люч.файлы... + &Удалить + Удалить &все + Что такое 'Защита скрытых томов'? + Что такое 'ключевой файл'? + Монтировать том как &сменный носитель + Монтировать раздел с шифрованием ОС &без дозагр. аутентификации + Потоки: + Тест + Пе&чать + З&ащитить скрытый том от повреждения при записи во внешний том + &Сброс + Пока&з пароля + &Токен-файлы... + По возможности применять копию заголовка, встроенну&ю в том + XTS-режим + О программе VeraCrypt + Тест скорости алгоритмов шифрования VeraCrypt + Тест генерирования векторов VeraCrypt + Справка по командной строке + Ключевые файлы VeraCrypt + Генератор ключевых файлов VeraCrypt + Язык интерфейса VeraCrypt + Параметры монтирования VeraCrypt + Свойства ключевого файла нового токена безопасности + Обогащение случайного пула VeraCrypt + Выберите раздел или устройство + VeraCrypt + Ключевые файлы токена безопасности + Токен безопасности: требуется пароль/PIN + Сведения о выбранном языковом модуле + На скорость влияют загрузка ЦП и характеристики устройств хранения данных.\n\nЭти тесты выполняются в ОЗУ. + Буфер: + Шифр: + Пароль с&крытого тома:\n(если пусто, то из кэша) + Защита скрытого тома + Длина ключа: + ВАЖНО: Хаотично перемещайте мышь внутри этого окна (чем дольше, тем лучше) - это значительно увеличит криптостойкость ключевого файла. + !!! При утере ключевого файла или повреждении его первых 1024 килобайт монтирование использующих этот файл томов невозможно! + бит + Число ключевых файлов: + Размер ключевых файлов (в Байтах): + Имя ключевых файлов: + Автор перевода: + Размер: + бит + Текущее содержимое пула + Микшер повтора: + ВАЖНО: Хаотично перемещайте мышь внутри этого окна (чем дольше, тем лучше) - это значительно увеличит криптостойкость. Затем нажмите 'Далее'. + Вторичный ключ (16-ричное) + Токен: + Сортировка: + Этот процесс может быть долгим, подождите... + Подождите...\nПроцесс может оказаться длительным,\nпри этом VeraCrypt перестанет реагировать на запросы. + Число блоков: + Зашифрованный текст (16-ричное) + Число единиц с данными (64-бит 16-ричное, размер единицы с данными - 512 байт) + Ключ (16-ричное) + Незашифрованный текст (16-ричное) + Ключевой файл: + XTS-режим + &Система + &Тома + И&збранное + Серв&ис + Настрой&ки + Спра&вка + Ве&б-страница + + &О программе... + Невозможно снять атрибут 'только чтение' со старого тома. Проверьте, разрешён ли доступ к файлу. + Ошибка! Нет доступа.\n\nРаздел, к которому вы пытаетесь получить доступ, имеет длину 0 секторов, либо это загрузочное устройство. + Администратор + Для загрузки драйвера VeraCrypt нужно войти в систему с правами администратора. + Для шифрования/дешифрования/форматирования раздела/устройства нужно войти в систему с правами администратора.\n\nК томам на основе файлов это не относится. + Чтобы создать скрытый том, нужно войти в систему с правами администратора.\n\nПродолжить? + Чтобы форматировать тома как NTFS, нужно войти в систему с правами администратора.\n\nБез привилегий администратора можно форматировать тома только как FAT. + Утверждённый FIPS (США) алгоритм шифрования (Rijndael, опубликован в 1998 г.), разрешён к применению в федеральных структурах США для защиты важнейшей информации. 256-бит ключ, 128-бит блок, 14 раундов (AES-256). Режим работы: XTS. + Том уже смонтирован. + ОСТОРОЖНО: По крайней мере один алгоритм шифрования или хеширования не прошёл автоматическое самотестирование.\n\nВозможно, повреждена установка VeraCrypt. + ОСТОРОЖНО: В пуле генератора случайных чисел недостаточно данных для предоставления нужного объёма случайной информации.\n\nПродолжать дальше не следует. Выберите в меню 'Справка' пункт 'Сообщить об ошибке' и известите авторов. + Повреждён диск (на нём физический дефект) или кабель, либо сбоит память компьютера.\n\nЭто проблема аппаратной части вашего ПК, а не VeraCrypt. Пожалуйста, НЕ сообщайте нам о ней как об ошибке/проблеме в работе VeraCrypt и НЕ просите о помощи в форумах VeraCrypt. Обратитесь за консультацией к изготовителю своего компьютера. Спасибо.\n\nПримечание: если ошибка происходит регулярно в одном и том же месте, наиболее вероятная причина - в повреждённом блоке на диске, который можно попытаться исправить с помощью стороннего ПО (учтите, что во многих случаях команда 'chkdsk /r' бесполезна, так как она работает лишь на уровне файловой системы; иногда chkdsk не может даже обнаружить наличие ошибки). + Если вы обращаетесь к накопителю на сменных носителях, удостоверьтесь, что в накопителе есть носитель. Также возможно повреждение накопителя/носителя (физический дефект) или повреждение/отключение кабеля. + Драйверы аппаратуры в вашей системе содержат ошибку, препятствующую шифрованию всего системного диска.\n\nПопробуйте обновить или удалить сторонние драйверы чипсета (НМС). Если это не поможет, попробуйте зашифровать только системный раздел. + Неверная буква диска. + Неверный путь. + Отмена + Нет доступа к устройству. Проверьте, имеется ли выбранное устройство и не занято ли оно. + Внимание! Нажата клавиша Caps Lock. Это может привести к неправильному вводу пароля. + Тип тома + Может так случиться, что кто-то вынудит вас сообщить пароль от зашифрованного тома. В ряде ситуаций вы просто не сможете отказаться выдать пароль (например при вымогательстве). В подобных случаях поможет так называемый 'скрытый том', позволяющий не выдавать пароля к действительно ценным данным. + Выберите эту опцию, чтобы создать обычный том VeraCrypt. + Внимание! Если вы хотите, чтобы операционная система была установлена на скрытом томе на основе раздела, то весь системный диск нельзя зашифровать с помощью лишь одного ключа. + Шифрование внешнего тома + Шифрование скрытого тома + Настройки шифрования + ВНИМАНИЕ: Ошибка очистки пути к последнему выбранному тому/ключевому файлу (запомненному селектором файлов). + ОШИБКА: Контейнер был сжат на уровне файловой системы. VeraCrypt не поддерживает сжатые контейнеры (сжатие зашифрованных данных неэффективно и избыточно).\n\nОтключите сжатие контейнера, выполнив следующие шаги: 1) Щёлкните правой кнопкой мыши в Проводнике Windows (не в VeraCrypt). 2) Выберите пункт 'Свойства'. 3) В окне 'Свойства' нажмите кнопку 'Дополнительно'. 4) В окне 'Дополнительные атрибуты' выключите параметр 'Сжимать содержимое для экономии места на диске' и нажмите OK. 5) Нажмите OK в окне 'Свойства'. + Ошибка создания тома %s + Размер %s - %.2f байт + Размер %s - %.2f КБ + Размер %s - %.2f МБ + Размер %s - %.2f ГБ + Размер %s - %.2f ТБ + Размер %s - %.2f ПБ + ВНИМАНИЕ: Устройство/раздел используется операционной системой или приложениями. Форматирование устройства/раздела может привести к потере данных или нестабильности системы.\n\nПродолжить? + ВНИМАНИЕ: Устройство/раздел используется операционной системой или приложениями. Следует закрыть все программы, которые могут использовать раздел (включая антивирусное ПО).\n\nПродолжить? + ОШИБКА: Устройство/раздел содержит файловую систему, которая не может быть размонтирована. Эта файловая система может использоваться операционной системой. Форматирование устройства/раздела вероятнее всего приведёт к повреждению данных и нестабильности системы.\n\nДля решения этой проблемы мы рекомендуем сначала удалить этот раздел, после чего вновь создать его без форматирования. Вот как это сделать: 1) Щёлкните правой кнопкой мыши по значку 'Компьютер' (или 'Мой компьютер') в меню 'Пуск' и выберите пункт 'Управление'. Должно появиться окно 'Управление компьютером'. 2) В окне 'Управление компьютером' выберите 'Запоминающие устройства' > 'Управление дисками'. 3) Щёлкните правой кнопкой мыши по разделу, который вы хотите зашифровать, и выберите либо 'Удалить раздел', либо 'Удалить том', либо 'Удалить логический диск'. 4) Нажмите 'Да'. Если Windows попросит перезагрузить компьютер, сделайте это. Затем повторите шаги 1 и 2 и перейдите к шагу 5. 5) Щёлкните правой кнопкой на участке с пустым местом (оно должно содержать надпись 'Не распределено') и выберите 'Основной раздел', 'Дополнительный раздел' или 'Логический диск'. 6) Должно появиться окно мастера создания разделов или томов; следуйте его инструкциям. В окне мастера на странице 'Форматирование раздела' выберите либо 'Не форматировать этот раздел', либо 'Не форматировать этот том'. В том же окне мастера нажмите кнопку 'Далее' и затем 'Готово'. 7) Учтите, что выбранный вами в VeraCrypt путь к устройству может быть теперь неверным. Поэтому завершите работу мастера создания томов VeraCrypt (если он всё ещё выполняется) и запустите его снова. 8) Попробуйте снова зашифровать устройство/раздел в VeraCrypt.\n\nЕсли VeraCrypt по-прежнему откажется шифровать устройство/раздел, скорректируйте свои планы и создайте вместо этого файловый контейнер. + ОШИБКА: Не удалось заблокировать и/или размонтировать файловую систему. Вероятно, она используется ОС или приложениями (например антивирусным ПО). Шифрование этого раздела может повлечь повреждение данных и нестабильность системы.\n\nЗакройте все приложения, которые могут обращаться к файловой системе (включая антивирусное ПО) и повторите попытку. Если это не поможет, следуйте указанным ниже инструкциям. + ВНИМАНИЕ: Некоторые смонтированные устройства/разделы уже используются.\n\nИгнорирование этого может привести к нежелательным последствиям, включая нестабильность системы.\n\nНастоятельно рекомендуется закрыть все программы, использующие эти устройства/разделы. + Выбранное устройство содержит разделы.\n\nФорматирование этого устройства может привести к нестабильности системы и/или повреждению данных. Либо выберите раздел на этом устройстве, либо удалите все разделы на нём, чтобы дать возможность VeraCrypt безопасно его отформатировать. + Выбранное несистемное устройство содержит разделы.\n\nЗашифрованные тома VeraCrypt на основе устройств можно создавать только на дисках, не содержащих разделов (включая жёсткие и твердотельные диски). Устройство с разделами можно зашифровать целиком на месте (с помощью одного мастер-ключа), только если это диск, где установлена Windows и с которого она загружается.\n\nЕсли вы хотите зашифровать выбранное несистемное устройство с помощью одного мастер-ключа, сначала потребуется удалить все разделы на этом устройстве, чтобы VeraCrypt смог его безопасно отформатировать (форматирование устройства с разделами может повлечь нестабильность системы и/или повреждение данных). Другой вариант - зашифровать отдельно каждый раздел на диске (используя индивидуальные мастер-ключи).\n\nПримечание: чтобы удалить все разделы с диска GPT, его нужно преобразовать в диск MBR (например с помощью инструмента 'Управление дисками') для удаления скрытых разделов. + ВНИМАНИЕ: При шифровании всего устройства (а не только одного раздела на нём) ОС будет считать его новым, пустым и неформатированным (не содержащим таблицы разделов) и может самопроизвольно инициализировать это устройство (или спрашивать у вас на то разрешение), что способно повредить том. Более того, будет невозможно ни монтировать этот том как избранный (например при изменениях числа дисков), ни присваивать ему метку избранного тома.\n\nЧтобы этого избежать, вы можете создать раздел на устройстве и зашифровать только этот раздел.\n\nВы действительно хотите зашифровать всё устройство? + ВАЖНО: Учтите, что этот том НЕЛЬЗЯ смонтировать и получить к нему доступ по букве диска %c:, которая сейчас ему назначена!\n\nЧтобы смонтировать этот том, нажмите 'Автомонтирование' в главном окне VeraCrypt (или нажмите кнопку 'Устройство', выберите этот раздел/диск и нажмите 'Смонтировать'). Том будет смонтирован на другую букву диска, выбираемую из списка в главном окне VeraCrypt.\n\nИсходную букву диска %c: следует применять только когда нужно удалить шифрование с раздела/устройства (например если шифрование больше не требуется). В этом случае щёлкните правой кнопкой мыши по диску %c: в окне 'Компьютер' (или 'Мой компьютер') и выберите пункт 'Форматировать'. Во всех иных ситуациях букву диска %c: использовать не следует (если только вы не удалили её, как это описано, например, в FAQ VeraCrypt, и не присвоили затем другому разделу/устройству). + В используемой вами ОС шифрование несистемных томов 'на месте' не поддерживается (для этого требуется Windows Vista или более новая версия Windows).\n\nПричина: эта версия Windows не допускает сжатие файловой системы (что требуется для высвобождения места под заголовок тома и его резервную копию). + Выбранный раздел не содержит файловой системы NTFS. Для шифрования 'на месте' подходят только разделы с NTFS.\n\nПричина: Windows не поддерживает сжатие файловых систем других типов (что требуется для высвобождения места под заголовок тома и его резервную копию). + Выбранный раздел не содержит файловой системы NTFS. Для шифрования 'на месте' подходят только разделы с NTFS.\n\nЕсли вы хотите создать зашифрованный том VeraCrypt внутри этого раздела, выберите "Создать и отформатировать зашифрованный том" (а не "Зашифровать раздел на месте"). + ОШИБКА: Раздел слишком мал. VeraCrypt не может зашифровать его 'на месте'. + Чтобы зашифровать данные на этом разделе, сделайте следующее:\n\n1) Создайте том VeraCrypt на пустом разделе/устройстве и смонтируйте его.\n\n2) Скопируйте все файлы с раздела, который вы хотите зашифровать, на смонтированный том VeraCrypt (созданный на этапе 1). Так вы создадите зашифрованную резервную копию данных.\n\n3) Создайте том VeraCrypt на разделе, который хотите зашифровать, и убедитесь (в мастере VeraCrypt), что выбрали опцию "Создать зашифрованный том и отформатировать его" (а не опцию "Зашифровать раздел на месте"). Учтите, что все данные на этом разделе будут удалены. Создав том, смонтируйте его.\n\n4) Скопируйте все файлы со смонтированного тома VeraCrypt с копией данных (созданного на этапе 1) на смонтированный том VeraCrypt, созданный на этапе 3.\n\nПо окончании этих операций данные будут зашифрованы, плюс с них будет сделана зашифрованная резервная копия. + Шифрование 'на месте' возможно только для раздела, динамического тома или всего системного диска.\n\nЕсли вы хотите создать зашифрованный том VeraCrypt на выбранном несистемном устройстве, выберите опцию "Создать зашифрованный том и отформатировать его" (а не опцию "Зашифровать раздел на месте"). + ОШИБКА: Шифрование 'на месте' возможно только для раздела, динамического тома или всего системного диска. Убедитесь в правильности указанного пути. + ОШИБКА: Невозможно уменьшить файловую систему (это необходимо для высвобождения места под заголовок тома и резервную копию заголовка).\n\nВозможные причины и решения:\n\n- Недостаточно свободного места на томе. Проверьте, чтобы никакие другие программы не выполняли запись в файловую систему.\n\n- Повреждена файловая система. Попробуйте исправить её (щёлкните ПКМ на букве соответствующего диска в окне '(Мой) Компьютер', выберите 'Свойства' > 'Сервис' > 'Выполнить проверку', включите опцию 'Автоматически исправлять системные ошибки' и нажмите 'Запуск').\n\nЕсли ничего не помогает, следуйте рекомендациям ниже. + ОШИБКА: Недостаточно свободного места на томе, невозможно уменьшить файловую систему (это необходимо для высвобождения места под заголовок тома и резервную копию заголовка).\n\nУдалите ненужные файлы и очистите Корзину, высвободив хотя бы 256 КБ, после чего повторите попытку. Из-за особенностей Windows, объём сообщаемого Проводником свободного места может быть неверным до перезагрузки ОС. Если перезагрузка не помогает, возможно, повреждена файловая система. Попробуйте исправить её (щёлкните ПКМ на букве соответствующего диска в окне '(Мой) Компьютер', выберите 'Свойства' > 'Сервис' > 'Выполнить проверку', включите опцию 'Автоматически исправлять системные ошибки' и нажмите 'Запуск').\n\nЕсли ничего не помогает, следуйте рекомендациям ниже. + На диске %s свободно %.2f байт + На диске %s свободно %.2f КБ + На диске %s свободно %.2f МБ + На диске %s свободно %.2f ГБ + На диске %s свободно %.2f ТБ + На диске %s свободно %.2f ПБ + Невозможно получить доступные буквы дисков. + ОШИБКА: Не найден драйвер VeraCrypt.\n\nСкопируйте файлы 'veracrypt.sys' и 'veracrypt-x64.sys' в папку, где находится программа VeraCrypt (файл VeraCrypt.exe). + ОШИБКА: Запущен драйвер VeraCrypt несовместимой версии.\n\nЕсли вы пытаетесь запустить VeraCrypt в переносном режиме (т.е. без установки в систему), и в это время работает другая версия VeraCrypt, сначала удалите её (или обновите с помощью установщика VeraCrypt). Чтобы удалить VeraCrypt, проделайте следующее: в Windows Vista и новее выберите меню 'Пуск' > 'Компьютер' > 'Удалить или изменить программу' > VeraCrypt > Удалить; в Windows XP выберите меню 'Пуск' > 'Настройка' > 'Панель управления' > 'Установка и удаление программ' > VeraCrypt > Удалить.\n\nАналогично, если вы пытаетесь запустить VeraCrypt в переносном режиме (т.е. без установки в систему), и в это время в переносном режиме уже выполняется другая версия VeraCrypt, сначала нужно перезагрузить систему, и лишь затем запустить эту новую версию. + Ошибка инициализации шифра. + Ошибка: слабый или потенциально слабый ключ! Этот ключ не принят. Повторите попытку. + Произошла критическая ошибка, работа VeraCrypt прервана. Если это следствие ошибки в VeraCrypt, мы бы хотели её исправить. Чтобы помочь нам в этом, отправьте автоматически созданный отчёт об ошибках со следующими данными:\n\n- Версия программы\n- Версия операционной системы\n- Тип ЦП\n- Имя компонента VeraCrypt\n- Контрольная сумма исполняемого файла VeraCrypt\n- Символическое имя диалогового окна\n- Категория ошибки\n- Адрес ошибки\n- Стековый вызов VeraCrypt\n\nПри выборе 'Да' в вашем браузере будет открыт следующий URL-адрес с полным отчётом об ошибке.\n\n%hs\n\nОтправить отчёт об ошибке? + Критическая ошибка в системе, работа VeraCrypt будет прервана.\n\nЭта ошибка произошла не по вине VeraCrypt (поэтому разработчики VeraCrypt не могут её исправить). Проверьте свою систему на предмет возможных проблем (например системную конфигурацию, подключение к сети, сбои аппаратуры). + Критическая ошибка в системе, работа VeraCrypt будет прервана.\n\nЕсли эта проблема возникает регулярно, попробуйте отключить или удалить приложения, которые могут быть как-то с ней связаны, например антивирусное ПО, системные "улучшатели", "оптимизаторы", "твикеры" и т.п. Если это не поможет, попробуйте переустановить ОС (данная проблема также может быть вызвана вредительским ПО). + Критическая ошибка VeraCrypt + По сведениям VeraCrypt, операционная система недавно потерпела сбой. Потенциальных причин этому множество (например отказ аппаратуры, ошибка в драйвере устройства и т.д.)\n\nХотите проверить, был ли вызван системный сбой ошибкой в VeraCrypt? + Хотите, чтобы VeraCrypt и дальше отслеживал системные сбои? + VeraCrypt не удалось обнаружить файл с мини-дампом системных сбоев. + Вы хотите удалить дамп-файл Windows с данными о сбое, чтобы высвободить место на диске? + Чтобы проанализировать системный сбой, VeraCrypt сначала нужно\nустановить Microsoft Debugging Tools для Windows.\n\nПосле нажатия OK начнётся загрузка и установка пакета\nMicrosoft Debugging Tools (16 МБ) с сервера Microsoft\n(программа установки Windows перенаправит вас на сервер\nMicrosoft с сервера veracrypt.org, тем самым гарантируя успех операции,\nдаже если Microsoft изменит местоположение пакета установки). + После нажатия OK начнётся анализ системного сбоя. Эта операция может занять несколько минут. + Убедитесь, что в переменной окружения 'PATH' указан путь к файлу отладчика ядра 'kd.exe' (Kernel Debugger). + Судя по всему, причина системного сбоя НЕ в VeraCrypt. Потенциальных причин сбоя системы множество (например отказ аппаратуры, ошибка в драйвере устройства и т.д.) + Как показал анализ, данную проблему может решить обновление следующего драйвера: + Чтобы помочь определить, имеется ли ошибка в VeraCrypt, отправьте нам автоматически созданный отчёт об ошибках, содержащий следующие данные:\n- Версия программы\n- Версия операционной системы\n- Тип ЦП\n- Категория ошибки\n- Название и версия драйвера\n- Стек системных вызовов\n\nПри выборе 'Да' в вашем интернет-браузере будет открыт следующий URL-адрес (с полным отчётом об ошибках). + Хотите отправить нам этот отчёт об ошибках? + &Шифрация + &Дешифрация + Расшифровать п&ерманентно + Выход + Создайте логический диск для этого расширенного раздела и повторите попытку. + Том VeraCrypt может находиться в файле (в 'контейнере' VeraCrypt) на жёстком диске, флэш-накопителе USB и т.п. Контейнер VeraCrypt ничем не отличается от любого другого обычного файла (например, его можно перемещать или удалять как и прочие файлы). Нажмите кнопку 'Файл', чтобы указать имя и путь к создаваемому файлу-контейнеру для хранения нового тома.\n\nВНИМАНИЕ: Если вы выберете уже имеющийся файл, VeraCrypt НЕ зашифрует его; этот файл будет удалён и заменён вновь созданным контейнером VeraCrypt. Вы сможете зашифровать имеющиеся файлы (впоследствии), переместив их в создаваемый сейчас контейнер VeraCrypt. + Выберите размещение для создаваемого внешнего тома (внутри этого тома затем будет создан скрытый том).\n\nТом VeraCrypt может находиться в файле ('контейнере' VeraCrypt) на жёстком диске, флэш-накопителе USB и т.п. Контейнер VeraCrypt можно перемещать или удалять как любой обычный файл. Нажмите кнопку 'Файл', чтобы указать имя и путь к создаваемому файлу-контейнеру для хранения нового тома. Если вы выберете уже имеющийся файл, VeraCrypt НЕ зашифрует его; этот файл будет удалён и заменён вновь созданным контейнером VeraCrypt. Вы сможете зашифровать имеющиеся файлы (впоследствии), переместив их в создаваемый сейчас контейнер VeraCrypt. + Зашифрованный том VeraCrypt на основе устройства можно создавать внутри раздела жёсткого диска, на твердотельном диске, флэш-накопителе USB и других устройствах хранения данных. Разделы также можно шифровать на месте.\n\nКроме того, зашифрованные тома VeraCrypt на основе устройств можно создавать внутри устройств, не содержащих разделов (включая жёсткие диски и твердотельные накопители).\n\nПримечание: устройство, содержащее разделы, можно зашифровать целиком на месте (используя один ключ), только если с него загружается Windows. + Том VeraCrypt на основе устройства можно создавать внутри раздела жёсткого диска, на твердотельном диске, флэш-накопителе USB и других устройствах хранения данных.\n\nВНИМАНИЕ: Раздел/диск будет отформатирован, а все имеющиеся на нём данные - уничтожены. + \nВыберите размещение для создаваемого внешнего тома (внутри этого тома затем будет создан скрытый том).\n\nВнешние тома можно создавать внутри разделов жёстких дисков, на твердотельных дисках, флэш-накопителях USB и других устройствах хранения данных. Внешние тома также можно создавать внутри устройств, не содержащих разделов (включая жёсткие диски и твердотельные накопители).\n\nВНИМАНИЕ: Раздел/диск будет отформатирован, а все имеющиеся на нём данные - уничтожены. + Выберите размещение тома VeraCrypt, внутри которого вы хотите создать скрытый том. + ВНИМАНИЕ: Хост-файл/устройство уже используется.\n\nИгнорирование этого может привести к нежелательным последствиям, включая нестабильность системы. Перед монтированием тома следует закрыть все программы, обращающиеся к этому хост-файлу/устройству (например антивирусные или backup-приложения).\n\nПродолжить монтирование? + Ошибка! Невозможно смонтировать том. Хост-файл/устройство уже используется. Попытка монтирования без исключительного доступа также потерпела неудачу. + Невозможно открыть файл. + Размещение тома + Большие файлы + Собираетесь ли вы хранить в этом томе VeraCrypt файлы размером более 4 ГБ? + В зависимости от вашего ответа VeraCrypt выберет для тома подходящую файловую систему (выбор файловой системы будет вам предложен на следующем этапе). + Так как вы создаёте внешний том, следует ответить 'Нет'. Иначе ФС по умолчанию будет NTFS, что для внешних томов хуже, чем FAT (так, максимально возможный размер скрытого тома будет существенно больше, если внешний том - FAT). Обычно FAT это ФС по умолчанию как для скрытых, так и для обычных томов (тома FAT не вызывают подозрений). Однако если нужно хранить файлы размером более 4 ГБ (что в FAT недопустимо), то FAT не будет ФС по умолчанию. + Вы действительно хотите ответить 'Да'? + Режим создания тома + Это самый быстрый способ создания тома VeraCrypt на основе раздела или устройства (шифрование на месте медленнее, так как содержимое каждого сектора сначала считывается, шифруется и затем записывается). Все данные на выбранном разделе/устройстве будут уничтожены (эти данные НЕ шифруются; они перезаписываются случайными данными). Если вам нужно зашифровать данные, имеющиеся в разделе, выберите другой вариант. + Весь выбранный раздел со всеми имеющимися в нём данными будет зашифрован на месте. Если раздел пуст, вам следует выбрать другой вариант (создание тома протекает гораздо быстрее). + Примечание: + Возо&бновить + О&тложить + &Старт + Продол&жить + &Разметить + &Затереть + Прервать форматирование? + Подробнее + Больше не показывать + Содержимое раздела/устройства успешно удалено (затёрто). + Содержимое раздела с исходной системой (клоном которой является скрытая система) успешно удалено (затёрто). + Удостоверьтесь, что Windows, которую вы хотите установить (на очищенный раздел) имеет ту же версию, что и выполняемая сейчас Windows. Это необходимо потому, что обе ОС будут использовать общий загрузочный раздел. + Системный раздел/диск успешно зашифрован.\n\nПримечание: если у вас есть несистемные тома VeraCrypt, которые должны автоматически монтироваться при каждой загрузке Windows, монтирование каждого из них можно настроить, выбрав 'Избранное' > 'Добавить смонтированный том в список избранных системных томов'). + Системный раздел/диск успешно дешифрован. + \n\nТом VeraCrypt создан и готов к использованию.\n\nЕсли вы хотите создать ещё один том VeraCrypt, нажмите кнопку 'Далее'. Иначе нажмите 'Выход'. + \n\nСкрытый том VeraCrypt успешно создан (внутри него будет находиться скрытая операционная система).\n\nНажмите 'Далее' для продолжения. + Том полностью зашифрован + Том полностью расшифрован + ВАЖНО: ДЛЯ МОНТИРОВАНИЯ ЭТОГО ТОМА VERACRYPT И ДОСТУПА К СОДЕРЖАЩИМСЯ В НЁМ ДАННЫМ НАЖМИТЕ 'Автомонтирование' В ГЛАВНОМ ОКНЕ VERACRYPT. После ввода правильного пароля (и/или ключевых файлов) том будет смонтирован на букву диска, выбранную вами в главном окне VeraCrypt (доступ к зашифрованным данным будет по этой букве диска).\n\nЗАПОМНИТЕ ИЛИ ЗАПИШИТЕ ЭТАПЫ ВЫШЕ. ВЫ ДОЛЖНЫ ИМ СЛЕДОВАТЬ ДЛЯ МОНТИРОВАНИЯ ТОМА И ДОСТУПА К ЕГО ДАННЫМ. Другой способ: нажмите кнопку 'Устройство' в главном окне VeraCrypt, выберите этот раздел/том и нажмите 'Смонтировать'.\n\nРаздел/том успешно зашифрован (сейчас он содержит полностью зашифрованный том VeraCrypt) и готов к использованию. + Том VeraCrypt успешно расшифрован. + Том VeraCrypt успешно расшифрован.\n\nВыберите букву диска, которая будет присвоена расшифрованному тому, и нажмите 'Готово'.\n\nВАЖНО: Пока тому не будет присвоена буква, у вас не будет доступа к хранящимся в нём данным. + ВНИМАНИЕ: Чтобы получить доступ к данным, расшифрованному тому нужно присвоить букву диска. Однако сейчас незанятых букв нет.\n\nОсвободите какую-либо букву диска (например отсоедините USB-накопитель или внешний жёсткий диск и т.п.) и нажмите OK. + Том VeraCrypt успешно создан. + Том создан + ВАЖНО: Хаотично перемещайте мышь внутри этого окна (чем дольше, тем лучше) - это значительно увеличит криптостойкость ключей шифрования.\nЗатем нажмите 'Разметить', чтобы создать том. + Нажмите 'Разметить', чтобы создать внешний том. Подробности см. в документации. + Форматирование внешнего тома + Форматирование скрытого тома + Форматирование тома + Для просмотра или печати Руководства пользователя требуется программа Adobe Reader (или совместимая с ней). Adobe Reader можно загрузить (бесплатно) с сайта www.adobe.com\n\nХотите вместо этого просмотреть онлайн-документацию? + Если выбрать эту опцию, мастер сначала поможет вам создать обычный том VeraCrypt, а затем внутри него - скрытый том. Этот вариант предназначен для пользователей-новичков. + Выберите эту опцию, чтобы создать скрытый том внутри уже имеющегося тома VeraCrypt (т.е. у вас уже должен быть ранее созданный том VeraCrypt, пригодный для хранения скрытого тома). + Режим создания тома + Скрытый том создан + Скрытый том VeraCrypt создан и готов к использованию. Если были соблюдены все инструкции и предприняты меры предосторожности, перечисленные в разделе "Требования и меры предосторожности, касающиеся скрытых томов" в Руководстве пользователя VeraCrypt, узнать наверняка, имеется ли скрытый том, станет вряд ли возможно даже при смонтированном внешнем томе.\n\nВНИМАНИЕ: ЕСЛИ ВЫ НЕ ЗАЩИТИЛИ СКРЫТЫЙ ТОМ (О ТОМ, КАК ЭТО СДЕЛАТЬ, СМ. РАЗДЕЛ "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" ("ЗАЩИТА СКРЫТЫХ ТОМОВ ОТ ПОВРЕЖДЕНИЙ") В РУКОВОДСТВЕ ПОЛЬЗОВАТЕЛЯ VERACRYPT), НИЧЕГО НЕ ЗАПИСЫВАЙТЕ ВО ВНЕШНИЙ ТОМ, ИНАЧЕ ВЫ МОЖЕТЕ ПЕРЕЗАПИСАТЬ И ПОВРЕДИТЬ СКРЫТЫЙ ТОМ! + Вы запустили скрытую операционную систему. Скрытая ОС выглядит так, как будто она установлена на том же разделе, что и исходная ОС. Однако на самом деле эта ОС установлена в разделе, следующем за ним (в скрытом томе). Все операции чтения и записи прозрачно перенаправляются из системного раздела в скрытый том.\n\nНи ОС, ни приложения не будут знать, что данные, записываемые и считываемые в системном разделе, в действительности записываются и считываются в разделе позади него (в скрытом томе). Любые такие данные шифруются и расшифровываются на лету как обычно (с ключом шифрования, отличным от ключа для обманной ОС).\n\n\nНажмите 'Далее' для продолжения. + Внешний том создан и смонтирован как диск %hc:. Скопируйте в этот том какие-нибудь осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ нужно. Они понадобятся для демонстрации, если вас вынудят сообщить пароль от раздела, следующего за системным, где будут расположены внешний том и скрытый том (со скрытой ОС). Вы сможете открыть пароль от этого внешнего тома, а существование скрытого тома (и скрытой ОС) останется в тайне.\n\nВАЖНО: Файлы, копируемые во внешний том, не должны занимать больше, чем %s. В противном случае на внешнем томе может оказаться недостаточно свободного места для скрытого тома (и вы не сможете продолжить). Когда закончите копирование, нажмите 'Далее' (не размонтируйте том). + Внешний том успешно создан и смонтирован как диск %hc:. В этот том сейчас следует скопировать какие-нибудь осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ нужно, чтобы ввести в заблуждение неприятеля, если он вынудит вас сообщить пароль. В этом случае вы скажете только пароль для этого внешнего тома, но не для скрытого. Действительно ценные для вас файлы будут храниться в скрытом томе, создаваемом позже. Когда закончите копировать файлы, нажмите 'Далее'. Не размонтируйте этот том. ПРИМЕЧАНИЕ: Нажатие 'Далее' запустит сканирование карты кластеров внешнего тома для выяснения размера непрерывной свободной области, конец которой станет концом тома. Этот участок будет приспособлен под скрытый том, т.е. именно им определяется его максимально возможный размер. Сканирование карты кластеров гарантирует, что никакие данные во внешнем томе не будут перезаписаны скрытым томом. + Содержимое внешнего тома + \n\nНа следующих экранах мастера установите параметры для внешнего тома (внутри которого затем будет создан скрытый том). + \n\nНа следующих этапах вы создадите так называемый внешний том VeraCrypt внутри первого раздела за системным разделом (как это было объяснено на одном из предыдущих этапов). + Внешний том + На следующих этапах потребуется установить параметры и пароль для скрытого тома, который будет содержать скрытую ОС. Примечание: для определения размера непрерывной незанятой области, окончание которой будет выровнено по концу внешнего тома, выполняется сканирование его карты кластеров. Эта область будет подогнана для скрытого тома, чтобы его границы не превышали максимально возможный размер. Максимально возможный размер скрытого тома определён и он гарантированно больше, чем у системного раздела (это необходимо, поскольку всё содержимое системного раздела должно быть скопировано в скрытый том). Т.е. никакие данные, находящиеся в данный момент во внешнем томе, не будут перезаписаны данными, записанными в область скрытого тома. + ВАЖНО: Запомните алгоритмы, которые вы сейчас выбираете. Вам потребуется выбрать те же алгоритмы для обманной ОС. В противном случае скрытая система будет недоступна! (Обманная система должна быть зашифрована тем же алгоритмом, что и скрытая.)\n\nПримечание: причина в том, что обманная и скрытая системы используют один и тот же загрузчик, поддерживающий лишь алгоритм, выбранный пользователем (для каждого алгоритма имеется своя версия загрузчика VeraCrypt). + \n\nКарта кластеров тома просмотрена, максимально возможный размер скрытого тома определён. На следующих экранах мастера вам нужно будет выбрать параметры, размер и пароль для скрытого тома. + Скрытый том + Теперь скрытый том защищён от повреждений до размонтирования внешнего тома.\n\nВНИМАНИЕ: При попытке записи данных в область скрытого тома, VeraCrypt запретит запись на весь том (внешний и скрытый) до его размонтирования, так как это может повредить файловую систему внешнего тома, что, в свою очередь, негативно отразится на правдоподобности отрицания наличия скрытого тома. Поэтому вам следует всячески препятствовать записи в область, где находится скрытый том. Любые данные, записываемые в область, занимаемую скрытым томом, будут ПОТЕРЯНЫ. Windows может сообщать об этом как об ошибке отложенной записи или неверном параметре. + Все скрытые тома в заново смонтированных томах защищены от повреждений до размонтирования.\n\nВНИМАНИЕ: При попытке записи данных в область скрытого тома, VeraCrypt запретит запись на весь том (внешний и скрытый) до его размонтирования, так как это может повредить файловую систему внешнего тома, что, в свою очередь, негативно отразится на правдоподобности отрицания наличия скрытого тома. Поэтому вам следует всячески препятствовать записи в область, где находится скрытый том. Любые данные, записываемые в область, занимаемую скрытым томом, будут ПОТЕРЯНЫ. Windows может сообщать об этом как об ошибке отложенной записи или неверном параметре. + ВНИМАНИЕ: Попытка записи данных в область скрытого тома в томе, смонтированном как %c:! Для защиты скрытого тома запись этих данных была запрещена. Это могло бы повредить файловую систему внешнего тома, Windows может сообщать об ошибке отложенной записи или неверном параметре. Запись на весь том (внешнюю и скрытую части) запрещена до его размонтирования. Если VeraCrypt не в первый раз препятствует записи в область скрытого тома в данном томе, это может неблагоприятно сказаться на правдоподобности отрицания наличия скрытого тома (из-за возможных странных несоответствий в файловой системе внешнего тома). Поэтому имеет смысл создать новый том VeraCrypt (с выключенным быстрым форматированием) и перенести файлы из этого тома во вновь созданный; этот том следует затем надёжно затереть (его внешнюю и внутреннюю части). Сейчас настоятельно рекомендуется перезагрузить операционную систему. + Вы намерены хранить в томе файлы размером более 4 ГБ. Такой том должен быть отформатирован в NTFS, что, однако, невозможно. + Примите к сведению, что когда выполняется скрытая операционная система, не скрытые тома VeraCrypt форматировать в NTFS невозможно. Это объясняется тем, что том требуется временно смонтировать без защиты от записи, чтобы позволить операционной системе отформатировать его в NTFS (тогда как форматирование в FAT выполняется средствами VeraCrypt, а не операционной системы, и без монтирования ома). Технические подробности приведены ниже. Не скрытый том NTFS можно создать из обманной операционной системы. + В целях безопасности, когда запущена скрытая ОС, скрытые тома можно создавать только в 'прямом' режиме (поскольку внешние тома должны всегда монтироваться как 'только для чтения'). Чтобы безопасно создать скрытый том, выполните следующие шаги:\n\n1) Загрузите обманную систему.\n\n2) Создайте обычный том VeraCrypt и скопируйте в этот том какие-нибудь осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ нужно (этот том станет внешним томом).\n\n3) Загрузите скрытую систему и запустите мастер создания томов VeraCrypt. Если том - на основе файла, переместите его в системный раздел или в другой скрытый том (иначе вновь созданный скрытый том был бы смонтирован как 'только для чтения' без возможности форматирования). Следуйте инструкциям мастера так, как при выборе 'прямого' режима создания скрытого тома.\n\n4) На экране мастера выберите том, созданный на этапе 2, и следуйте инструкциям для создания скрытого тома внутри него. + В целях безопасности, когда запущена скрытая ОС, локальные незашифрованные файловые системы и не скрытые тома VeraCrypt монтируются как 'только для чтения' (т.е. в такие файловые системы или тома VeraCrypt не может быть записано никаких данных).\n\nДанные разрешается записывать лишь в файловые системы внутри скрытого тома VeraCrypt (при условии, что скрытый том расположен не в контейнере, находящемся на незашифрованной файловой системе или на любой другой файловой системе только для чтения). + Эти меры противодействия были реализованы по трём основным причинам:\n\n- Возможность создания безопасной платформы для монтирования скрытых томов VeraCrypt. Обратите внимание, что мы официально рекомендуем монтировать скрытые тома, только когда запущена скрытая операционная система. (Подробности см. в документации, параграф 'Требования безопасности и меры предосторожности касательно скрытых томов'.)\n\n- В ряде случаев имеется возможность определить, что в определённое время конкретная файловая система не была смонтирована (или конкретный файл в файловой системе не был сохранён либо к нему не было обращения из неё) под конкретной копией ОС (например путём анализа и сравнения журналов файловых систем, времён файлов, отчётов приложений и/или ошибок и т.д.). Всё это может навести на мысль о существовании в компьютере скрытой ОС. Данные меры противодействия этому препятствуют.\n\n- Предотвращение повреждения данных и безопасная гибернация. При выходе из гибернации Windows подразумевает, что все смонтированные файловые системы находятся в том же состоянии, что и до гибернации. VeraCrypt обеспечивает это запретом записи любой файловой системы, доступной как из обманной, так и из скрытой системы. Без такой защиты файловая система может повредиться при монтировании одной системой, когда другая система находится в состоянии гибернации. + Примечание: если нужно безопасно перенести файлы из обманной системы в скрытую, выполните следующее: 1) Загрузите обманную систему. 2) Сохраните нужные вам файлы на незашифрованном томе или на внешнем/обычном томе VeraCrypt. 3) Загрузите скрытую систему. 4) Если вы сохранили файлы на томе VeraCrypt, смонтируйте его (он будет автоматически смонтирован как 'только для чтения'). 5) Скопируйте файлы в скрытый системный раздел или в другой скрытый том. + Требуется перезагрузка компьютера.\n\nВыполнить перезагрузку сейчас? + Ошибка получения состояния системного шифрования. + Не указан пароль в командной строке. Том создать невозможно. + Не указан размер тома в командной строке. Том создать невозможно. + Указанный в командной строке размер файла тома несовместим с выбранной файловой системой NTFS. + Указанный в командной строке размер файла тома несовместим с выбранной файловой системой FAT32. + Файловая система на целевом диске не поддерживает создание разрежённых файлов, что необходимо для динамических томов. + Из командной строки можно создавать только файлы-контейнеры. + Указанный в командной строке размер файла-контейнера больше, чем объём свободного места на диске. Том создать невозможно. + Указанный в командной строке размер тома слишком мал. Том создать невозможно. + Указанный в командной строке размер тома слишком велик. Том создать невозможно. + Невозможно инициализировать компоненты приложения для системного шифрования. + Ошибка инициализации генератора случайных чисел. + Сбой интерфейса CryptoAPI Windows!\n\n\n(Если вы хотите сообщить о связанной с этим ошибке, включите в отчёт следующую техническую информацию:\n%s, Последняя ошибка = 0x%.8X) + Ошибка инициализации приложения. Невозможно зарегистрировать класс Dialog. + Ошибка загрузки системной библиотеки Rich Edit. + Мастер создания томов VeraCrypt + Максимальный размер скрытого тома для этого тома: %.2f байт + Максимальный размер скрытого тома для этого тома: %.2f КБ + Максимальный размер скрытого тома для этого тома: %.2f МБ + Максимальный размер скрытого тома для этого тома: %.2f ГБ. + Максимальный размер скрытого тома для этого тома: %.2f TБ. + Пока том смонтирован, изменять пароль/ключевые файлы этого тома невозможно. Сначала необходимо размонтировать том. + Пока том смонтирован, изменять алгоритм деривации ключа заголовка этого тома невозможно. Сначала необходимо размонтировать том. + С&монтировать + Для монтирования этого тома требуется более новая версия VeraCrypt. + Ошибка! Не найден мастер создания томов.\n\nПроверьте, имеется ли в папке, откуда был запущен файл 'VeraCrypt.exe', файл 'VeraCrypt Format.exe'. Если его там нет, переустановите VeraCrypt или найдите на жёстком диске файл 'VeraCrypt Format.exe' и запустите его. + Ошибка! Расширитель томов не найден.\n\nУбедитесь в наличии файла 'VeraCryptExpander.exe' в папке, откуда был запущен 'VeraCrypt.exe'. Если его там нет, переустановите VeraCrypt или найдите 'VeraCryptExpander.exe' у себя на диске и запустите его. + &Далее > + &Готово + &Установить + &Извлечь + Не удалось подключиться к драйверу устройств VeraCrypt. Если драйвер не запущен, работа VeraCrypt невозможна.\n\nИз-за особенностей Windows, для загрузки драйвера сначала может потребоваться завершение сеанса или перезагрузка системы. + Ошибка загрузки/подготовки шрифтов. + Буква диска не найдена, либо она не была указана. + Ошибка! Невозможно присвоить букву диска.\n\nПока зашифрованному тому не присвоена буква диска, хранящиеся в нём данные будут недоступны.\n\nПовторить? + Буква диска недоступна. + Не выбран файл. + Нет доступных букв дисков. + Нет незанятой буквы диска для внешнего тома. Создание тома не может быть продолжено. + Не удалось определить версию ОС, либо вы используете неподдерживаемую ОС. + Не указан путь. + Недостаточно свободного места для скрытого тома. Продолжить создание тома невозможно. + ОШИБКА: Скопированные во внешний том файлы занимают слишком много места. Из-за этого во внешнем томе недостаточно свободного места под скрытый том.\n\nОбратите внимание, что скрытый том должен быть не меньше системного раздела (т.е. раздела, где установлена работающая сейчас операционная система). Причина в том, что при создании скрытой ОС выполняется копирование в скрытый том содержимого системного раздела.\n\n\nПродолжение создания скрытой операционной системы невозможно. + Драйвер не может размонтировать том. Вероятно, на этом томе имеются открытые файлы. + Невозможно заблокировать том. На этом томе имеются открытые файлы, поэтому его нельзя размонтировать. + VeraCrypt не может заблокировать том, так как он используется системой или приложениями (возможно, открыты находящиеся на этом томе файлы).\n\nВы настаиваете на принудительном размонтировании этого тома? + Выберите том VeraCrypt + Укажите путь и имя файла + Выберите библиотеку PKCS #11 + Мало памяти + ВАЖНО: Неопытным пользователям настоятельно рекомендуется вместо шифрования\nвсего раздела/устройства создать на выбранном разделе/устройстве файловый контейнер VeraCrypt.\n\nПри создании файлового контейнера VeraCrypt (в отличие от шифрования устройства или раздела),\nнапример, нет риска уничтожения большого числа файлов.\nОбратите внимание: файловый контейнер VeraCrypt (хотя он и содержит виртуальный зашифрованный диск)\nв действительности представляет собой обычный файл.\nСм. подробности в Руководстве пользователя VeraCrypt (глава 'Руководство для новичков').\n\nВы действительно хотите зашифровать целиком устройство/раздел? + ВНИМАНИЕ: Файл '%s' уже существует!\n\nВАЖНО: VERACRYPT НЕ БУДЕТ ШИФРОВАТЬ ЭТОТ ФАЙЛ, ОН ЕГО УДАЛИТ.\n\nВы действительно хотите удалить этот файл, заменив его новым контейнером VeraCrypt? + ОСТОРОЖНО: ВСЕ ДАННЫЕ, КОТОРЫЕ СОДЕРЖИТ %s '%s'%s, БУДУТ УНИЧТОЖЕНЫ (А НЕ ЗАШИФРОВАНЫ)!\n\nВы настаиваете на форматировании? + ВНИМАНИЕ: Монтирование тома и доступ к хранящимся в нём файлам невозможны, пока том не будет полностью зашифрован.\n\nВы действительно хотите приступить к шифрованию %s '%s'%s? + ВНИМАНИЕ: Монтирование тома и доступ к хранящимся в нём файлам невозможны, пока том не будет полностью расшифрован.\n\nВы действительно хотите приступить к дешифрованию %s '%s'%s? + ВНИМАНИЕ: Неожиданное пропадание электропитания во время шифрования имеющихся данных 'на месте' или сбой операционной системы из-за программной/аппаратной ошибки может привести к частичному повреждению или потере данных. Поэтому прежде чем приступить к шифрованию, сделайте резервную копию файлов, которые вы хотите зашифровать.\n\nВы сделали такую резервную копию? + ОСТОРОЖНО: ВСЕ ФАЙЛЫ НА РАЗДЕЛЕ '%s'%s (Т.Е. НА ПЕРВОМ РАЗДЕЛЕ ЗА СИСТЕМНЫМ) БУДУТ УНИЧТОЖЕНЫ (А НЕ ЗАШИФРОВАНЫ)!\n\nВы действительно настаиваете на форматировании? + ВНИМАНИЕ: ВЫБРАННЫЙ РАЗДЕЛ СОДЕРЖИТ БОЛЬШОЙ ОБЪЁМ ДАННЫХ! Все файлы на этом разделе будут удалены (они НЕ будут зашифрованы)! + Стереть файлы в разделе при создании внутри него тома VeraCrypt + Пароль + PIM + Алгоритм деривации ключа заголовка + Добавление/удаление ключевых файлов в/из том(а) + Удаление всех ключевых файлов из тома + Пароль и/или ключевые файлы успешно изменен(ы).\n\nВАЖНО: Обязательно прочтите раздел 'Изменение паролей и ключевых файлов'\nв главе 'Требования безопасности и меры предосторожности'\nв Руководстве пользователя VeraCrypt. + Этот том зарегистрирован как системный избранный, и его PIM изменился.\nХотите автоматически обновить конфигурацию системных избранных томов (требуются права администратора)?\n\nПри ответе "Нет" вам будет нужно обновить системное избранное самостоятельно. + ВАЖНО: Если вы не уничтожили свой диск восстановления VeraCrypt (Rescue Disk), ваш системный раздел/диск по-прежнему можно расшифровать с помощью старого пароля (загрузившись с диска восстановления VeraCrypt и введя старый пароль). Вам следует создать новый диск восстановления VeraCrypt, после чего уничтожить старый.\n\nХотите создать новый диск восстановления VeraCrypt? + Обратите внимание, что ваш диск восстановления VeraCrypt (Rescue Disk) всё ещё использует прежний алгоритм. Если вы считаете этот алгоритм недостаточно надёжным, создайте новый диск восстановления VeraCrypt, после чего уничтожьте старый.\n\nХотите создать новый диск восстановления VeraCrypt? + В качестве ключевого можно использовать файл любого типа (например .mp3, .jpg, .zip, .avi). Содержимое ключевого файла при этом не изменяется. Можно выбирать несколько ключевых файлов (порядок неважен). Если добавить папку, то ключевыми будут все не скрытые файлы внутри неё. Нажмите 'Токен-файлы', чтобы выбрать ключевые файлы на токенах безопасности или смарт-картах (или для импорта ключевых файлов с токена/смарт-карты). + Ключевые файлы успешно добавлены/удалены. + Ключевой файл экспортирован. + Алгоритм деривации ключа заголовка успешно установлен. + Введите пароль и/или ключевые файлы для несистемного тома, где вы хотите возобновить шифрование 'на месте'.\n\n\nПримечание: после нажатия 'Далее' VeraCrypt попытается найти все несистемные тома, на которых был прерван процесс шифрования, и где можно расшифровать заголовок тома VeraCrypt с помощью указанного пароля и/или ключевых файлов. Если таких томов окажется несколько, на следующем этапе вам будет нужно выбрать один из них. + Выберите один из перечисленных томов. Это несистемные тома с прерванным процессом шифрования, заголовок которых удалось расшифровать с помощью указанного пароля и/или ключевых файлов. + Введите пароль и/или ключевые файлы для несистемного тома VeraCrypt, который вы хотите расшифровать. + Очень важно выбрать хороший пароль. Избегайте указывать пароли из одного или нескольких слов, которые можно найти в словаре (или комбинаций из 2, 3 или 4 таких слов). Пароль не должен содержать имён или дат рождения. Он должен быть труден для угадывания. Хороший пароль - случайная комбинация прописных и строчных букв, цифр и особых символов (@ ^ = $ * + и т.д.).\n\nРекомендуем выбирать пароли длиннее 20 символов (чем больше, тем лучше). Макс. длина: 64 символа. + Выберите пароль для скрытого тома. + Выберите пароль для скрытой операционной системы (т.е. для скрытого тома). + ВАЖНО: Выбираемый на этом этапе пароль для скрытой операционной системы должен существенно отличаться от двух других паролей (т.е. от паролей для внешнего тома и для обманной операционной системы). + Введите пароль для тома, внутри которого вы хотите создать скрытый том.\n\nПосле нажатия 'Далее' VeraCrypt попытается смонтировать том, после чего просмотреть карту кластеров смонтированного тома в поиске непрерывной свободной области, в конце которой окажется конец тома. В этой области размещается скрытый том, т.е. она определяет его предельный размер. Просмотр карты нужен для гарантии того, что данные во внешнем томе не будут перезаписаны внутренним томом. + \nВыберите пароль для внешнего тома. Это пароль, который вы сможете выдать противнику, если он вынудит вас это сделать.\n\nВАЖНО: Пароль должен существенно отличаться от того, который вы выберете для скрытого тома.\n\nПримечание: максимальная длина пароля - 64 символа. + Выберите пароль для внешнего тома. Это пароль, который вы сможете выдать каждому, кто вынудит вас сообщить пароль для первого раздела за системным, где будут располагаться внешний том и скрытый том (содержащий скрытую операционную систему). Существование скрытого тома (и скрытой ОС) останется в тайне. Учтите, что это пароль НЕ для обманной операционной системы.\n\nВАЖНО: Пароль должен существенно отличаться от того, который вы выберете для скрытого тома (т.е. для скрытой операционной системы). + Пароль внешнего тома + Пароль скрытого тома + Пароль для скрытой ОС + ВНИМАНИЕ: Короткие пароли легко взломать с помощью техник перебора.\n\nРекомендуется применять пароли из более чем 20 символов.\n\nВы действительно хотите использовать короткий пароль? + Пароль тома + Неверный пароль, либо это не том VeraCrypt. + Неверные ключевые файлы и/или пароль, либо это не том VeraCrypt. + Неверный режим монтирования, неправильный пароль, либо это не том VeraCrypt. + Неверный режим монтирования, неправильные ключевые файлы и/или пароль, либо это не том VeraCrypt. + Неверный пароль или не найден том VeraCrypt. + Неверные ключевые файлы/пароль, либо не найден том VeraCrypt. + \n\nВнимание! Нажата клавиша Caps Lock. Это может привести к неправильному вводу пароля. + Запомнить номер монтирования тома + PIM внешнего тома + PIM скрытого тома + PIM скрытой ОС + PIM (персональный умножитель итераций) - это значение, управляющее количеством итераций для деривации ключа заголовка.\n Итерации = 15000 + (PIM x 1000).\n\nЕсли пусто или равно нулю, VeraCrypt будет использовать стандартное значение (485), обеспечивающее высокую надёжность.\n\nЕсли пароль короче 20 символов, PIM не может быть меньше 485, чтобы гарантировать минимальный уровень защиты.\nЕсли пароль состоит из 20 и более символов, PIM может быть любым.\n\nPIM более 485 ведёт к замедлению монтирования. При меньшем значении PIM (до 485) монтирование ускоряется, но снижается надёжность, если пароль недостаточно сложный. + PIM (персональный умножитель итераций) - это значение, управляющее количеством итераций для деривации ключа заголовка.\n Итерации = PIM x 2048.\n\nЕсли пусто или равно нулю, VeraCrypt будет использовать стандартное значение, обеспечивающее высокую надёжность.\n\nЕсли пароль короче 20 символов, PIM не может быть меньше 98, чтобы гарантировать минимальный уровень защиты.\nЕсли пароль состоит из 20 и более символов, PIM может быть любым.\n\nPIM более 98 ведёт к замедлению загрузки. При меньшем значении PIM (до 98) загрузка ускоряется, но снижается надёжность, если пароль недостаточно сложный. + Запомните число для загрузки системы + Выбранное значение PIM больше, чем стандартное в VeraCrypt.\nУчтите, что это приведёт к значительному замедлению монтирования/загрузки. + Выбранное значение PIM (персонального умножителя итераций) меньше, чем стандартное в VeraCrypt. Учтите, что если ваш пароль недостаточно надёжен, это может привести к ослаблению защиты.\n\nПодтверждаете, что вы используете надёжный пароль? + Максимальное значение PIM (персонального умножителя итераций) для шифрования системы составляет 65535. + PIM тома + \n\nВнимание! В пути поиска ключевых файлов обнаружены скрытые файлы. Скрытые файлы не могут быть ключевыми. Если вы хотите использовать их как ключевые, снимите у них атрибут 'Скрытый' (на каждом из них щёлкните правой кнопкой мыши, выберите 'Свойства', снимите флажок 'Скрытый' и нажмите OK). Учтите, что скрытые файлы видны только при соответствующей системной настройке (Компьютер > Сервис > Параметры папок (Свойства папки) > Вид). + Если вы пытаетесь защитить скрытый том, содержащий скрытую систему, проверьте, чтобы при вводе пароля для скрытого тома была включена стандартная американская раскладка клавиатуры. Это необходимо, так как данный пароль запрашивается на этапе дозагрузочной аутентификации (до запуска Windows), когда иные раскладки клавиатуры недоступны. + Не найдено ни одного несистемного тома с прерванной операцией шифрования и заголовком, для которого подходит указанный пароль и/или ключевые файлы.\n\nПроверьте, правильно ли указан пароль и/или ключевые файлы, и не используется ли раздел/том системой или приложениями (включая антивирусное ПО). + Раздел/устройство уже полностью зашифрован(о).\nФлаги заголовка = 0x%.8X + Раздел/устройство не использует шифрование 'на месте'.\nФлаги заголовка = 0x%.8X + \n\nПримечание: если вы пытаетесь смонтировать раздел, расположенный на зашифрованном системном диске без дозагрузочной аутентификации, или смонтировать зашифрованный системный раздел операционной системы, не выполняемой в данный момент, выберите 'Система' > 'Смонтировать без дозагрузочной аутентификации'. + В этом режиме нельзя монтировать раздел, расположенный на диске, часть которого находится в области шифрования активной системы.\n\nПрежде чем можно будет смонтировать этот раздел в данном режиме, нужно либо загрузить операционную систему, установленную на другом диске (зашифрованном или нет), либо загрузить незашифрованную ОС. + VeraCrypt не может расшифровать отдельный раздел на полностью зашифрованном системном диске (можно расшифровать только весь системный диск). + Внимание! Так как диск содержит загрузчик VeraCrypt, он может быть полностью зашифрованным системным диском. Если это так, учтите, что VeraCrypt не может расшифровывать отдельный раздел на полностью зашифрованном системном диске (допускается расшифровка только всего системного диска). Вы можете сейчас продолжить, но потом получите сообщение 'Неверный пароль'. + < &Назад + Невозможно показать список установленных в системе raw-устройств. + Том '%s' существует и предназначен только для чтения. Вы действительно хотите его заменить? + Выберите папку назначения + Выберите ключевой файл + Выберите путь поиска ключевых файлов. ВНИМАНИЕ: Запоминается только путь, но не имена файлов. + Выбрать папку хранения ключевых файлов. + В качестве ключевого файла выбран текущий файл-контейнер. Он будет пропущен. + Авторы: Ross Anderson, Eli Biham и Lars Knudsen. Опубликован в 1998 г. 256-бит ключ, 128-бит блок. Режим работы: XTS. Алгоритм Serpent - один из финалистов AES. + Укажите размер создаваемого контейнера.\n\nПри создании динамического ('растягивающегося' по мере заполнения) контейнера, этот параметр определяет его максимальный размер.\n\nМинимальный объём для тома FAT: 292 КБ, для тома NTFS: 3792 КБ. + Укажите размер нового внешнего тома (сначала создаётся внешний том, а затем внутри него - скрытый). Минимально возможный размер тома, предназначенного для создания скрытого тома, составляет 340 КБ. + Укажите размер создаваемого скрытого тома. Минимальный объём скрытого тома равен 40 КБ (или 3664 КБ, если он отформатирован как NTFS). Максимально возможный для выбора размер скрытого тома показан выше. + Размер внешнего тома + Размер скрытого тома + Проверьте правильность размера выбранного устройства или раздела и нажмите 'Далее'. + Внешний том и скрытый том (содержащий скрытую ОС) будут расположены внутри этого раздела. Это должен быть первый раздел за системным.\n\nПроверьте правильность показанных выше размера и номера раздела, и если всё верно, то нажмите 'Далее'. + \n\nУчтите, что том, внутри которого будет создаваться скрытый том, не может быть меньше 340 КБ. + Размер тома + Динами- ческий + Внимание! ОШИБКА теста. + Тест всех алгоритмов пройден + Указанное вами число единиц данных слишком длинное или короткое. + Указанный вами вторичный ключ слишком длинный или короткий. + Неверная длина тестового зашифрованного текста. + Неверная длина тестового ключа. + Неверная длина тестового незашифрованного текста. + Два шифра, последовательно оперирующие в режиме XTS. Каждый блок сначала шифруется %s (%d-бит ключ), а затем %s (%d-бит ключ). Каждый шифр применяет свой собственный ключ. Все ключи взаимно независимы. + Три шифра, последовательно оперирующие в режиме XTS. Каждый блок сначала шифруется %s (%d-бит ключ), затем %s (%d-бит ключ), и, наконец, %s (%d-бит ключ). Каждый шифр применяет свой собственный ключ. Все ключи взаимно независимы. + Обратите внимание, что в зависимости от конфигурации ОС, функции автозапуска и автомонтирования могут работать, только если файлы переносного диска находятся на недоступном для записи CD/DVD-носителе. Это не ошибка VeraCrypt, а ограничение Windows. + Переносной диск VeraCrypt успешно создан.\n\nПомните, что для запуска VeraCrypt в переносном режиме необходимы права администратора ПК. Также учтите, что путём исследования файла реестра можно будет узнать, что в системе Windows запускался VeraCrypt, даже если он работал только в переносном режиме. + Переносной диск VeraCrypt + Авторы: Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall и Niels Ferguson. Опубликован в 1998 г. 256-бит ключ, 128-бит блок. Режим работы: XTS. Twofish - один из финалистов AES. + Подробнее о %s + Неизвестно + Неопределённая или неизвестная ошибка (%d). + Некоторые тома содержат файлы или папки, используемые приложениями или системой.\n\nНастаиваете на размонтировании? + Раз&монтировать + Ошибка размонтирования. + Том содержит файлы или папки, используемые приложениями или системой.\n\nНастаиваете на размонтировании? + На указанную букву диска том не смонтирован. + Этот том уже смонтирован. + Ошибка при попытке монтирования тома. + Ошибка поиска местоположения внутри тома. + Ошибка: неверный размер тома. + Внимание! Быстрое форматирование следует использовать, только если:\n\n1) На устройстве нет конфиденциальных данных и вам не требуется правдоподобное отрицание\n2) Устройство уже полностью и надёжно зашифровано\n\nВы действительно хотите использовать быстрое форматирование? + Динамический контейнер это предраспределённый разрежённый файл NTFS, физический размер которого (место, занимаемое им на диске) увеличивается по мере добавления в него новых данных.\n\nВНИМАНИЕ: Производительность у томов на основе разрежённых файлов значительно ниже, чем у обычных томов. Также учтите, что тома на основе разрежённых файлов менее надёжны, поскольку можно определить, какие из секторов тома не используются. Более того, тома на основе разрежённых файлов не дают возможности правдоподобного отрицания наличия скрытого тома. Также учтите, что если данные записываются в контейнер на основе разрежённого файла при недостатке свободного места на файловой хост-системе, зашифрованная файловая система может оказаться повреждённой.\n\nВы действительно хотите создать том на основе разрежённого файла? + Учтите, что размер динамического контейнера, сообщаемый Windows и VeraCrypt, будет всегда равен его максимальному размеру. Чтобы выяснить текущий физический размер контейнера (действительно занимаемое им место на диске), щёлкните правой кнопкой мыши на файле-контейнере (в окне Проводника, не в VeraCrypt!), выберите пункт 'Свойства' и см. значение 'На диске'.\n\nТакже учтите, что при перемещении динамического контейнера на другой том или диск, физический размер контейнера будет увеличен до максимума. (Этого можно избежать, создав новый динамический контейнер в месте назначения, смонтировав его и затем перенеся в него файлы из старого контейнера.) + Кэш паролей очищен + Пароли (и/или обработанное содержимое ключевых файлов), хранящиеся в кэше драйвера VeraCrypt, удалены. + VeraCrypt не может изменить пароль для чуждого ему тома. + Выберите из списка незанятую букву диска. + Выберите в списке букв дисков смонтированный том. + Выбраны два разных смонтированных тома (один в списке букв дисков, другой в поле ввода ниже списка).\n\nУкажите том, который вы хотели выбрать: + Ошибка! Невозможно создать autorun.inf + Ошибка обработки ключевого файла. + Ошибка обработки пути ключевого файла. + В пути к ключевым файлам нет файлов.\n\nОбратите внимание, что папки (и содержащиеся в них файлы), найденные в путях поиска ключевых файлов, игнорируются. + VeraCrypt не работает в этой операционной системе. + Ошибка! VeraCrypt поддерживает только стабильные (не бета) версии этой операционной системы (версии beta/RC не поддерживаются). + Ошибка! Невозможно распределить память. + Ошибка! Невозможно восстановить значение счётчика производительности. + Ошибка! Плохой формат тома. + Ошибка! Вы указали пароль для скрытого тома (а не для обычного тома). + В целях безопасности, скрытый том нельзя создать внутри тома VeraCrypt, содержащего файловую систему, зашифрованную 'на месте' (поскольку свободное место такого тома не было заполнено случайными данными). + VeraCrypt: юридические примечания + Все файлы + Тома VeraCrypt + Библиотечные модули + Продолжение NTFS-форматирования невозможно. + Невозможно смонтировать том. + Невозможно размонтировать том. + Windows не может отформатировать этот том как NTFS.\n\nВыберите другой тип файловой системы (если возможно) и повторите попытку. Либо вы можете оставить этот том неформатированным (в поле выбора файловой системы укажите 'Нет'), закрыть окно мастера, смонтировать том, а затем с помощью системной или сторонней утилиты отформатировать смонтированный том (том при этом останется зашифрованным). + Windows не может отформатировать этот том как NTFS.\n\nХотите вместо этого отформатировать том как FAT? + По умолчанию + раздел + РАЗДЕЛ + Устройство + устройство + УСТРОЙСТВО + Том + том + ТОМ + Метка + Для этого тома выбран слишком маленький размер кластеров. Будут использованы кластеры большего размера. + Ошибка! Невозможно получить размер тома.\n\nПроверьте, не используется ли выбранный том системой или какой-либо программой. + Скрытые тома нельзя создавать внутри динамических контейнеров (разрежённых файлов). Чтобы можно было правдоподобно отрицать наличие секретной информации, скрытый том нужно создавать внутри нединамического контейнера. + Мастер создания томов VeraCrypt способен создавать скрытый том только внутри тома FAT или NTFS. + В среде Windows 2000 мастер создания томов VeraCrypt способен создавать скрытый том только внутри тома FAT. + Примечание: для внешних томов больше подходит система FAT, нежели NTFS (например, максимальный размер скрытого тома почти наверняка будет существенно больше, если внешний том отформатирован как FAT). + Обратите внимание, что для внешних томов больше подходит система FAT, нежели NTFS. Например, максимальный размер скрытого тома почти наверняка будет существенно больше, если внешний том отформатирован как FAT (поскольку NTFS всегда хранит внутренние данные точно в центре тома и потому скрытый том может располагаться только во второй половине внешнего тома).\n\nВы действительно хотите отформатировать внешний том как NTFS? + Хотите вместо этого отформатировать том как FAT? + Примечание: этот том нельзя отформатировать в FAT, так как его размер больше, чем допускает файловая система FAT32 для соответствующего размера секторов (2 ТБ для секторов по 512 байт, и 16 ТБ для секторов по 4096 байт). + Ошибка! Раздел для скрытой операционной системы (т.е. для первого раздела за системным) должен быть по крайней мере на 5% больше системного раздела (системный раздел - тот, где установлена выполняющаяся сейчас ОС). + Ошибка! Раздел для скрытой операционной системы (т.е. для первого раздела за системным) должен быть по крайней мере на 110% (в 2,1 раза) больше системного раздела (системный раздел - тот, где установлена выполняющаяся сейчас ОС). Причина в том, что файловая система NTFS всегда хранит внутренние данные точно в центре тома, и потому скрытый том (в котором должен содержаться клон системного раздела) может располагаться только во второй половине внешнего тома. + Ошибка! Если внешний том отформатирован как NTFS, он должен быть по крайней мере на 110% (в 2,1 раза) больше системного раздела. Причина в том, что файловая система NTFS всегда хранит внутренние данные точно в центре тома, и потому скрытый том (в котором должен содержаться клон системного раздела) может располагаться только во второй половине внешнего тома.\n\nПримечание: внешний том должен находиться в том же разделе, что и скрытая операционная система (т.е. в первом разделе за системным). + Ошибка! Нет разделов за системным разделом.\n\nПрежде чем можно будет создать скрытую операционную систему, нужно создать для неё раздел на системном диске. Этот раздел должен быть первым за системным, и он должен быть по крайней мере на 5% больше системного раздела (т.е. того, где установлена запущенная сейчас ОС). Однако если внешний том (не путайте с системным разделом) отформатирован как NTFS, раздел для скрытой операционной системы должен быть не менее, чем на 110% (в 2,1 раза) больше системного (причина в том, что файловая система NTFS всегда хранит внутренние данные точно в центре тома, поэтому скрытый том, который должен содержать клон системного раздела, может располагаться только во второй половине раздела). + Замечание: непрактично (и потому это не поддерживается) устанавливать операционные системы в два тома VeraCrypt, встроенных в один раздел, поскольку при использовании внешней ОС часто требуется записывать данные в область внутренней ОС (а если такие операции записи предотвращать с помощью функции защиты скрытых томов, то это может привести к краху системы, т.е. к 'синему экрану смерти'). + Информацию о создании и управлении разделами см. в документации к вашей операционной системе, либо проконсультируйтесь в службе техподдержки поставщика своего компьютера. + Ошибка! Выполняющаяся в данный момент операционная система установлена не в загрузочном разделе (первом разделе с пометкой 'Активный'). Это не поддерживается. + Вы указали, что собираетесь хранить в этом томе VeraCrypt файлы размером более 4 ГБ, но выбрали при этом файловую систему FAT, в которой сохранение файлов объёмом свыше 4 ГБ не поддерживается.\n\nВы действительно хотите отформатировать том как FAT? + Ошибка! VeraCrypt не поддерживает дешифрование 'на месте' несистемных томов, созданных VeraCrypt устаревших версий (1.0b и ранее).\n\nЧтобы расшифровать файлы, хранящиеся в этом томе, просто скопируйте или переместите их на любой незашифрованный том. + Ошибка! VeraCrypt не может 'на месте' дешифровать скрытый том VeraCrypt.\n\nЧтобы расшифровать файлы, хранящиеся в этом томе, просто скопируйте или переместите их на любой незашифрованный том. + Внимание! VeraCrypt не может 'на месте' расшифровать том, в котором содержится скрытый том VeraCrypt (скрытый том перезапишется псевдослучайными данными).\n\nПодтвердите, что в томе, который вы собираетесь дешифровать, нет скрытого тома.\n\n* Если в томе есть скрытый том, но вы не против его потери, то можете продолжить (внешний том будет безопасно дешифрован). + В этом томе нет скрытого тома. Продолжаем. + В этом томе находится скрытый том. Отмена. + Ошибка! Нет доступа к тому.\n\nПроверьте, существует ли этот том, не смонтирован ли он, не используется ли системой или какой-либо программой, которой вы дали права чтения/записи этого тома, и не защищён ли он от записи. + Ошибка! Невозможно получить свойства тома. + Ошибка! Нет доступа к тому и/или невозможно получить сведения о томе.\n\nПроверьте, существует ли выбранный том, не используется ли он системой или приложениями, есть ли у вас права для чтения/записи этого тома, и не защищён ли том от записи. + Ошибка! Нет доступа к тому и/или невозможно получить сведения о томе. Проверьте, существует ли выбранный том, не используется ли он системой или приложениями, есть ли у вас права для чтения/записи этого тома, и не защищён ли том от записи.\n\nЕсли проблема не решается, попробуйте предпринять шаги, указанные ниже. + Зашифровать раздел не удалось из-за ошибки. Попробуйте устранить все ранее указанные проблемы и повторить попытку. Если проблемы не решаются, попробуйте предпринять шаги, указанные ниже. + Продолжить процесс шифровния раздела не удалось из-за ошибки.\n\nПопробуйте устранить все ранее указанные проблемы и снова возобновить процесс шифрования. Учтите, что том нельзя смонтировать до тех пор, пока он не будет полностью зашифрован. + VeraCrypt не удалось дешифровать том из-за ошибки. Попробуйте устранить все возникшие ранее проблемы и затем по возможности повторите. + Ошибка! Невозможно размонтировать внешний том.\n\nТом нельзя размонтировать, если он содержит файлы или папки, используемые какой-либо программой или системой.\n\nЗакройте все программы, которые могут использовать файлы и папки на этом томе, и нажмите 'Повтор'. + Ошибка! Невозможно получить информацию о внешнем томе. Создание тома прекращено. + Ошибка! Нет доступа к внешнему тому. Продолжение создания тома невозможно. + Ошибка! Невозможно смонтировать внешний том. Создание тома не может быть продолжено. + Ошибка! Невозможно получить карту кластеров тома. Создание тома не может быть продолжено. + По алфавиту/категориям + Средняя скорость (убывание) + Алгоритм + Шифрование + Дешифрование + Среднее + Диск + Размер + Алгоритм шифрования + Алгоритм шифрования + Тип + Значение + Свойство + Размещение + байт + Скрытый + Внешний + Обычный + Системный + Скрытый (системный) + Только для чтения + Системный диск + Системный диск (шифрование - %.2f%% готово) + Системный диск (дешифрование - %.2f%% готово) + Системный диск (%.2f%% зашифровано) + Системный раздел + Скрытый системный раздел + Системный раздел (шифрование - %.2f%% готово) + Системный раздел (дешифрование - %.2f%% готово) + Системный раздел (%.2f%% зашифровано) + Да (защита от повреждений!) + Нет + Длина первичного ключа + Длина вторичного ключа (XTS-режим) + Длина Tweak-ключа (LRW-режим) + бит + Размер блока + PKCS-5 PRF + Число итераций PKCS-5 + Том создан + Последнее изменение заголовка + (прошло дней: %I64d) + Версия формата тома + Встроенная копия заголовка + Загрузчик VeraCrypt - версия + 1-ая доступная + Сменный диск + Жёсткий диск + Не изменять + Автоопределение + Режим мастера + Выберите режим. Если не знаете, какой выбрать, используйте предложенный. + Выберите эту опцию, чтобы установить VeraCrypt в данной системе. + Примечание: обновление можно выполнить без расшифровки данных, даже если зашифрован системный раздел/диск или используется скрытая операционная система. + При выборе этой опции все файлы будут извлечены из дистрибутива, но не установлены в систему. Не выбирайте этот вариант, если вы намерены шифровать системный раздел или системный диск. Этот вариант может пригодиться, например, если вы собираетесь запускать VeraCrypt в так называемом 'переносном' (portable) режиме. VeraCrypt не обязательно должен быть установлен в ОС, в которой он работает. После извлечения всех файлов вы можете просто запустить файл 'VeraCrypt.exe' (программа будет работать в 'переносном' режиме). + Параметры установки + Здесь можно выбрать различные параметры, влияющие на установку программы. + Установка + Подождите, идёт установка VeraCrypt. + Установка VeraCrypt успешно выполнена + Обновление VeraCrypt успешно выполнено + Помогите материально развитию программы. Кнопка 'Готово' - закрыть установщик. + Параметры извлечения + Здесь можно выбрать различные параметры, влияющие на извлечение файлов. + Подождите, идёт извлечение файлов. + Файлы успешно извлечены + Все файлы успешно извлечены в указанное место назначения. + Если указанной папки не существует, она будет создана автоматически. + Программные файлы VeraCrypt будут обновлены в папке установки VeraCrypt. Если вы хотите выбрать другое местоположение, сначала нужно удалить VeraCrypt. + Показать примечания к текущей (последней стабильной) версии VeraCrypt? + Если вы никогда ранее не работали с VeraCrypt, рекомендуется ознакомиться с разделом для новичков в Руководстве пользователя VeraCrypt. Хотите прочитать документацию? + Выберите желаемое действие: + Восстановить/переустановить + Обновить + Удалить + Для установки/удаления VeraCrypt необходимо иметь права администратора. Хотите продолжить? + В системе сейчас запущен установщик VeraCrypt. Он выполняет/готовит установку или обновление VeraCrypt. Дождитесь завершения его работы или закройте его. Если закрыть установщик не получается, перезагрузите компьютер и лишь потом продолжите. + Установка не выполнена. + Удаление не выполнено. + Этот дистрибутивный пакет повреждён. Загрузите его снова (желательно с официального сайта VeraCrypt - https://veracrypt.codeplex.com). + Невозможно записать файл %s + Извлечение + Невозможно прочитать данные из дистрибутива. + Невозможно проверить целостность этого дистрибутивного пакета. + Извлечение не выполнено. + Установка возвращена назад. + Программа VeraCrypt успешно установлена. + Программа VeraCrypt успешно обновлена. + Версия VeraCrypt успешно обновлена. Однако прежде чем её использовать, нужно перезагрузить компьютер.\n\nВыполнить перезагрузку сейчас? + Ошибка обновления VeraCrypt!\n\nВАЖНО: Настоятельно рекомендуется до завершения работы или перезагрузки ОС воспользоваться функцией восстановления системы ('Пуск > Программы > Стандартные > Служебные > Восстановление системы') и вернуть систему в точку 'VeraCrypt installation'. Если функция 'Восстановление системы' недоступна, попробуйте снова установить исходную или новую версию версию VeraCrypt до завершения или перезагрузки системы. + Программа VeraCrypt успешно удалена.\n\nНажмите 'Готово', чтобы удалить установщик VeraCrypt и папку %s. Папка не будет удалена, если в ней содержатся какие-либо файлы, созданные не установщиком и не самой программой VeraCrypt. + Удаление записей VeraCrypt в реестре + Добавление элемента в реестр + Удаление относящихся к программе данных + Установка + Остановка + Удаление + Добавление значка + Создание точки восстановления системы + Ошибка создания точки восстановления системы. + Обновление загрузчика + Установка '%s' не выполнена. %s Продолжить установку? + Удаление '%s' не выполнено. %s Продолжить удаление? + Установка завершена. + Не удалось создать папку '%s' + Невозможно выгрузить драйвер VeraCrypt.\n\nСначала закройте все открытые окна VeraCrypt. Если это не поможет, перезагрузите Windows и попробуйте ещё раз. + Прежде чем продолжить установку или удаление VeraCrypt, нужно размонтировать все VeraCrypt-тома. + В этой системе уже установлена устаревшая версия VeraCrypt. Её необходимо удалить, прежде чем можно будет установить новую версию VeraCrypt.\n\nПри закрытии этого окна будет запущена программа удаления старой версии. Никакие тома при удалении VeraCrypt не расшифровываются. После удаления старой версии VeraCrypt запустите установщик новой версии VeraCrypt снова. + Ошибка установки элементов в реестре + Ошибка установки драйвера устройства. Перезагрузите Windows и попробуйте установить VeraCrypt ещё раз. + Запуск драйвера VeraCrypt + Ошибка удаления драйвера устройств. Обратите внимание, что из-за особенностей Windows для удаления (или переустановки) драйвера может потребоваться завершить сеанс работы или перезагрузить систему. + Установка драйвера VeraCrypt + Остановка драйвера VeraCrypt + Удаление драйвера VeraCrypt + Ошибка регистрации библиотеки поддержки управления учётными записями пользователей (User Account Control). + Ошибка отмены регистрации библиотеки поддержки управления учётными записями пользователей (User Account Control). + О портативном режиме\n\nУчтите, что прежде чем драйверы смогут быть запущены, они должны быть зарегистрированы операционной системой. Поэтому драйвер VeraCrypt не полностью портативный (и не может таковым быть) (тогда как приложения VeraCrypt полностью портативные, т.е. не требуют установки или регистрации в ОС). Также примите к сведению, что для шифрования/дешифрования 'на лету' VeraCrypt требуется драйвер. + !!! Если вы решили запустить VeraCrypt в переносном режиме (а не как нормально установленную в ПК программу), система будет спрашивать вашего разрешения на выполнение (функция контроля учётных записей, UAC) при каждом запуске VeraCrypt.\n\nПричина в том, что при запуске VeraCrypt в переносном режиме требуется загружать и выполнять драйвер VeraCrypt. Этот драйвер нужен VeraCrypt для прозрачного, выполняемого 'на лету' шифрования/дешифрования, а пользователи без прав администратора запускать драйверы в Windows не могут. Поэтому система будет спрашивать у вас разрешения на запуск VeraCrypt с привилегиями администратора (UAC).\n\nОбратите внимание, что при установке (инсталляции) VeraCrypt в систему (в отличие от запуска VeraCrypt в переносном режиме), система НЕ будет запрашивать вашего разрешения при каждом запуске VeraCrypt.\n\nВы действительно хотите только извлечь файлы? + ВНИМАНИЕ: Эта копия мастера создания томов имеет административные привилегии.\n\nНовый том может быть создан с правами, которые не позволят вам записывать в него данные, когда он будет смонтирован. Если вы хотите этого избежать, закройте эту копию мастера создания томов и запустите другую, без административных привилегий.\n\nХотите закрыть эту копию мастера создания томов? + Ошибка вывода лицензии. + Внешний(!) + дн. + час + мин + c + Открыть + Размонтировать + Показать VeraCrypt + Скрыть VeraCrypt + Считано данных после монтирования + Записано данных после монтирования + Зашифрованная часть + 100% (полностью зашифровано) + 0% (не зашифровано) + %.3f%% + 100% + Ожидание + Подготовка + Изменение размера + Шифрация + Дешифрация + Завершение + Пауза + Завершено + Ошибка + Устройство отключено + Системные избранные тома сохранены.\n\nЧтобы разрешить монтирование этих томов при старте системы, выберите 'Настройки' > 'Системные избранные тома' > 'Монтировать системные избранные тома при старте Windows'. + Добавляемый в избранное том не является ни разделом, ни динамическим томом. Поэтому VeraCrypt не сможет смонтировать этот избранный том, если изменится число устройств. + Добавляемый в избранное том это раздел, не распознанный Windows.\n\nVeraCrypt не сможет смонтировать этот избранный том, если изменится число устройств. Задайте тип раздела, распознаваемый Windows (используйте команду SETID в Windows-утилите 'DiskPart'), и затем снова добавьте раздел в список избранного. + Фоновая работа VeraCrypt отключена или настроена на прекращение при отсутствии смонтированных томов (либо VeraCrypt запущен в переносном режиме). Это может помешать автомонтированию избранных томов при подключении устройств, на которых они расположены.\n\n!!! Чтобы включить фоновое выполнение VeraCrypt, вызовите окно настроек программы и отметьте параметр 'Включено' в поле 'Работа VeraCrypt в фоновом режиме'. + Автомонтирование контейнера, расположенного в сетевой файловой системе, при подключении его хост-устройства невозможно. + Указанное ниже устройство - не раздел и не динамический том. Поэтому при подключении этого устройства автомонтирование расположенного на нём тома невозможно. + Присвойте показанному ниже разделу тип, распознаваемый Windows (используйте команду SETID в Windows-утилите 'DiskPart'). Затем удалите раздел из списка избранного и добавьте его снова. Этим вы разрешите тому на основе устройства автоматически монтироваться при подключении устройства. + Указанное ниже устройство - не раздел и не динамический том. Поэтому присвоить ему метку невозможно. + Присвойте показанному ниже разделу тип, распознаваемый Windows (используйте команду SETID в Windows-утилите 'DiskPart'). Затем удалите раздел из списка избранного и добавьте его снова. Это позволит VeraCrypt присвоить разделу метку. + Из-за системных ограничений Windows контейнер, находящийся в удалённой сетевой файловой системе, нельзя монтировать как избранный системный том (но его можно смонтировать как несистемный избранный том при входе пользователя в свою учётную запись). + Введите пароль для %s + Введите пароль для '%s' + Введите пароль для обычного/внешнего тома + Введите пароль для скрытого тома + Введите пароль для заголовка в файле резервной копии + Ключевой файл успешно создан. + Недопустимое количество ключевых файлов. + Размер ключевого файла должен быть между 64 и 1048576 байтами. + Введите имя создаваемого ключевого файла + Недопустимое базовое имя ключевых файлов + Ключевой файл '%s' уже существует.\nперезаписать его? При ответе 'Нет' процесс генерирования будет остановлен. + ВНИМАНИЕ: Заголовок этого тома повреждён! VeraCrypt автоматически задействовал резервную копию заголовка, встроенную в том.\n\nВам следует исправить заголовок, выбрав 'Сервис' > 'Восстановить заголовок тома'. + Резервная копия заголовка тома успешно создана.\n\nВАЖНО: При восстановлении заголовка из этой резервной копии также будет восстановлен и текущий пароль тома. Более того, если для монтирования тома требуются ключевые файлы, после восстановления заголовка из копии для монтирования тома понадобятся те же ключевые файлы.\n\nВНИМАНИЕ: Эту копию заголовка тома можно использовать для восстановления заголовка ТОЛЬКО этого конкретного тома. Если применить эту копию для восстановления заголовка другого тома, смонтировать том вы сможете, но вам НЕ удастся расшифровать никаких данных, хранящихся в этом томе (так как это изменит его мастер-ключ). + Заголовок тома успешно восстановлен.\n\nВАЖНО: Имейте в виду, что вместе с заголовком также был восстановлен и прежний пароль.\nБолее того, если на момент создания резервной копии для монтирования тома\nтакже требовались ключевые файлы, эти же ключевые файлы понадобятся\nдля монтирования данного тома сейчас. + В целях безопасности, для этого тома потребуется ввести правильный пароль\n(и/или предоставить корректные ключевые файлы).\n\nПримечание: если в этом томе содержится скрытый том, сначала нужно ввести правильный пароль\n(и/или предоставить корректные ключевые файлы) для внешнего тома.\nЗатем, если вы выбрали резервное копирование заголовка скрытого тома, нужно будет\nуказать правильный пароль (и/или предоставить корректные ключевые файлы) для скрытого тома. + Вы действительно хотите создать резервную копию заголовка тома для %s?\n\nПри выборе 'Да' вам потребуется указать имя файла для резервной копии заголовка.\n\nПримечание: оба заголовка - для обычного и скрытого томов - будут повторно зашифрованы с использованием новой соли и сохранены в файле резервной копии. Если внутри этого тома нет скрытого тома, область, зарезервированная в резервной копии под заголовок скрытого тома, будет заполнена случайными данными (для сохранения возможности правдоподобного отрицания причастности). При восстановлении заголовка тома из файла резервной копии вам потребуется ввести правильный пароль и/или предоставить корректные ключевые файлы, действительные на момент создания резервной копии заголовка тома. По паролю (и/или ключевым файлам) также будет автоматически определяться тип заголовка тома для восстановления - обычный или скрытый (учтите, что VeraCrypt определяет тип методом проб и ошибок). + Вы действительно хотите восстановить заголовок тома %s?\n\nВНИМАНИЕ: При восстановлении заголовка также будет восстановлен пароль тома, который действовал на момент изготовления резервной копии. Более того, если на момент создания резервной копии для монтирования тома также требовались ключевые файлы, после восстановления заголовка для монтирования данного тома понадобятся эти же ключевые файлы.\n\nНажмите 'Да', чтобы выбрать файл с резервной копией заголовка. + Имеется ли в томе скрытый том? + В томе имеется скрытый том + В томе нет скрытого тома + Выберите тип резервной копии заголовка тома: + Восстановить заголовок тома из копии, встроенной в том + Восстановить заголовок тома из внешнего файла с резервной копией + Неверный размер файла с резервной копией заголовка тома. + В этом томе нет встроенной копии заголовка (учтите, что встроенные копии заголовков содержат только тома, созданные VeraCrypt 6.0 или новее). + Вы пытаетесь создать резервную копию заголовка системного раздела/диска. Это не разрешено. Операции резервного копирования/восстановления, относящиеся к системному разделу/диску, можно выполнять только с помощью диска восстановления VeraCrypt (Rescue Disk).\n\nСоздать диск восстановления VeraCrypt? + Вы пытаетесь восстановить из резервной копии заголовок виртуального тома VeraCrypt, но выбрали системный раздел/диск. Это не разрешено. Операции резервного копирования/восстановления, относящиеся к системному разделу/диску, можно выполнять только с помощью диска восстановления VeraCrypt (Rescue Disk).\n\nСоздать диск восстановления VeraCrypt? + После нажатия OK выберите имя файла для ISO-образа нового диска восстановления VeraCrypt (Rescue Disk) и место, где его нужно сохранить. + Образ диска восстановления создан и сохранён в файле: %s\n\nСейчас вам нужно записать этот образ на CD или DVD.\n\nВАЖНО: Этот файл-образ должен быть записан на CD/DVD как ISO-образ диска (а не как отдельный файл). Сведения об этом вы можете найти в документации к своему ПО для записи CD/DVD.\n\nЗаписав диск восстановления на CD/DVD, выберите 'Система' > 'Проверить диск восстановления', чтобы убедиться в корректности записи созданного диска. + Образ диска восстановления создан и сохранён в файле: %s\n\nСейчас вам нужно записать этот образ на CD или DVD.\n\nЗапустить программу записи оптических дисков Windows?\n\nЗаписав диск восстановления на CD/DVD, выберите 'Система' > 'Проверить диск восстановления', чтобы убедиться в корректности записи созданного диска. + Чтобы проверить диск восстановления VeraCrypt, вставьте его в CD/DVD-накопитель и нажмите OK. + Диск восстановления VeraCrypt проверен. Всё в порядке. + Невозможно проверить правильность записи диска восстановления.\n\nЕсли вы записали диск восстановления, выньте CD/DVD из накопителя и вставьте снова; затем нажмите 'Далее', чтобы повторить попытку. Если это не поможет, попробуйте воспользоваться другим ПО для записи CD/DVD и/или другим CD/DVD.\n\nЕсли вы пытались проверить диск восстановления VeraCrypt, созданный с другим мастер-ключом, паролем, солью и т.д., знайте, что такой диск восстановления не пройдёт эту проверку никогда. Чтобы создать новый диск восстановления, полностью совместимый с текущей конфигурацией, выберите меню 'Система' > 'Создать диск восстановления'. + ISO-образ диска восстановления VeraCrypt прошёл проверку успешно. + ISO-образ диска восстановления VeraCrypt не прошёл проверку.\n\nЕсли вы пытались проверить ISO-образ, созданный для других мастер-ключа, пароля, соли и т.д., то учтите, что проверка такого ISO-образа будет всегда давать ошибку. Чтобы создать новый ISO-образ диска восстановления, полностью совместимый с текущей конфигурацией, выберите 'Система' > 'Создать диск восстановления'. + Ошибка создания диска аварийного восстановления VeraCrypt. + Диск восстановления VeraCrypt нельзя создавать при запущенной скрытой операционной системе.\n\nЧтобы создать диск восстановления, загрузите обманную операционную систему, а затем выберите 'Система' > 'Создать диск восстановления'. + Невозможно проверить правильность записи диска восстановления.\n\nЕсли вы записали диск восстановления, выньте CD/DVD из накопителя и вставьте снова; затем нажмите 'Далее', чтобы повторить попытку. Если это не поможет, попробуйте воспользоваться другим носителем%s.\n\nЕсли вы пока ещё не записали диск восстановления, сделайте это, после чего нажмите 'Далее'.\n\nЕсли вы пытались проверить диск восстановления VeraCrypt, созданный ДО запуска этого мастера, знайте, что такой диск восстановления использовать нельзя, поскольку он был создан с другим мастер-ключом. Вам нужно записать на CD/DVD заново созданный диск восстановления. + и/или другим ПО для записи CD/DVD + Системные избранные тома VeraCrypt + Что такое 'системные избранные тома'? + Системный раздел/диск не зашифрован.\n\nСистемные избранные тома можно монтировать только с помощью пароля дозагрузочной аутентификации.\nПоэтому если вы хотите использовать системные избранные тома, сначала зашифруйте системный раздел/диск. + Прежде чем продолжить, размонтируйте том. + ОШИБКА: Невозможно установить таймер. + Проверить файловую систему + Исправить файловую систему + Добавить в избранные... + Добавить в системные избранные... + Сво&йства... + Скрытый том защищён + Н/П + Да + Нет + Отключено + 1 + 2 и более + Режим операции + Метка: + Размер: + Путь: + Буква диска: + Ошибка! Пароль должен содержать только символы стандартного набора ASCII.\n\nСимволы не из набора ASCII могут привести к невозможности монтирования тома при смене настроек в конфигурации системы.\n\nРазрешается использовать следующие символы:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Внимание! Пароль содержит символы не из набора ASCII. Это может привести к невозможности монтирования тома при смене конфигурации системы.\n\nВам следует заменить все не относящиеся к ASCII символы в пароле на символы ASCII. Для этого в меню 'Тома' выберите 'Изменить пароль тома'.\n\nК символам ASCII относятся:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + ВНИМАНИЕ: Настоятельно рекомендуется избегать расширений, используемых для исполняемых файлов (таких, как .exe, .sys или .dll) или других, которые могут быть источником потенциальных проблем. Использование таких файловых расширений часто приводит к влиянию на контейнер со стороны Windows и антивирусных программ, что снижает производительность тома и также может привести к другим серьёзным проблемам.\n\nНастоятельно рекомендуем вам удалить это расширение или изменить его (например на '.hc').\n\nВы настаиваете на использовании этого проблематичного расширения файла? + ВНИМАНИЕ: Этот контейнер имеет расширение, используемое для исполняемых файлов (таких, как .exe, .sys или .dll) или других, которые могут быть источником потенциальных проблем. Вероятнее всего это приведёт к влиянию на данный контейнер со стороны Windows и антивирусного ПО, что снизит производительность тома и может вызвать другие серьёзные проблемы.\n\nНастоятельно рекомендуем вам удалить это расширение у файла-контейнера или изменить его (например на '.hc') после размонтирования тома. + Домашняя страница + ВНИМАНИЕ: В системе не установлено ни одного пакета обновлений (Service Pack) Windows. Если в Windows XP не установлен Service Pack 1 (или новее), не следует выполнять запись на диски IDE объёмом более 128 ГБ, иначе возможно повреждение данных (неважно, относятся они к тому VeraCrypt или нет). Это ограничение Windows, а не ошибка в VeraCrypt. + ВНИМАНИЕ: В системе не установлен пакет обновлений Windows Service Pack 3 (или новее). Если в Windows 2000 не установлен Service Pack 3 (или новее), не следует выполнять запись на диски IDE объёмом более 128 ГБ, иначе возможно повреждение данных (неважно, относятся они к тому VeraCrypt или нет). Это ограничение Windows, а не ошибка в VeraCrypt. Кроме того, может потребоваться включить в реестре поддержку 48-бит адресации LBA; подробности см. на http://support.microsoft.com/kb/305098/EN-US + ВНИМАНИЕ: В системе отключена поддержка 48-бит LBA ATAPI. Поэтому не следует выполнять запись на IDE-диски объёмом более 128 ГБ! В противном случае это может привести к повреждению данных на диске (будь это том VeraCrypt или обычный раздел). Это ограничение Windows, никакого отношения к VeraCrypt не имеющее.\n\nЧтобы включить поддержку 48-бит режима LBA, добавьте в реестр в ключ HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters значение 'EnableBigLba' и установите его значение в 1.\n\nСм. подробности тут: http://support.microsoft.com/kb/305098 + ОШИБКА: Файлы объёмом более 4 ГБ нельзя сохранять в файловой системе FAT32. Поэтому тома VeraCrypt на основе файлов (контейнеры), хранящиеся в файловой системе FAT32, не могут быть больше 4 ГБ.\n\nЕсли вам нужен том большего объёма, создайте его в системе NTFS (либо, если вы пользуетесь Windows Vista SP1 или новее, в файловой системе exFAT), либо вместо создания тома на основе файла зашифруйте весь раздел диска. + ВНИМАНИЕ: Windows XP не поддерживает файлы больше 2048 ГБ (сообщая о недостатке свободного места). Поэтому тома VeraCrypt на основе файлов (контейнеры) объёмом свыше 2048 ГБ в Windows XP создавать нельзя.\n\nТем не менее, в Windows XP можно зашифровать диск целиком или создать том VeraCrypt на основе раздела размером более 2048 ГБ. + ВНИМАНИЕ: Если вам нужно впоследствии добавлять во внешний том ещё данные/файлы, следует позаботиться об уменьшении размера скрытого тома.\n\nВы хотите продолжить и использовать указанный вами размер? + Не выбран том.\n\nНажмите кнопку 'Устройство' или 'Файл' и выберите том VeraCrypt. + Не выбран раздел.\n\nНажмите кнопку 'Устройство' и выберите несмонтированный раздел, который требует дозагрузочной аутентификации (например раздел на зашифрованном системном диске с другой, не выполняемой сейчас ОС, или зашифрованный системный раздел другой ОС).\n\nПримечание: выбранный раздел будет смонтирован как обычный том VeraCrypt без дозагрузочной аутентификации. Это может понадобиться, например, для резервного копирования или починки. + ВНИМАНИЕ: Если установлены и активированы ключевые файлы по умолчанию, монтировать НЕ использующие их тома будет невозможно. При монтировании таких томов не забывайте выключать опцию 'Ключевые файлы' (ниже поля ввода пароля).\n\nВы действительно хотите сохранить выбранные ключевые файлы/пути как используемые по умолчанию? + Автомонтирование устройств + Размонтировать все + Очистка кэша + Размонтировать все и очистить кэш + Сразу размонтировать все и очистить кэш + Сразу размонтировать все, очистить кэш и выйти + Смонтировать избранные тома + Показать/скрыть главное окно VeraCrypt + (щёлкните здесь и нажмите клавишу) + Действие + Быстрый вызов + Ошибка! Эта горячая клавиша зарезервирована. Выберите другую. + Ошибка! Эта горячая клавиша уже используется. + ВНИМАНИЕ: Некоторые общесистемные горячие клавиши VeraCrypt не будут работать!\n\nПроверьте, не используются ли те же клавиши другими приложениями или операционной системой. + Создание файла подкачки предотвращено.\n\nОбратите внимание, что из-за свойств Windows файлы подкачки не могут располагаться на несистемных томах VeraCrypt (включая избранные системные тома). VeraCrypt поддерживает создание файлов подкачки только на зашифрованном системном разделе/диске. + Из-за ошибки или несовместимости VeraCrypt не может зашифровать файл спящего режима (hibernation). Поэтому спящий режим отключён.\n\nПримечание: когда компьютер переходит в режим сна (или в энергосберегающий ждущий режим), содержимое его системной памяти записывается на жёсткий диск в файл с данными спящего режима. VeraCrypt не может предотвратить сохранение открытых в ОЗУ ключей шифрования и содержимого важных файлов в незашифрованном виде в файле с данными спящего режима. + Гибернация отменена.\n\nVeraCrypt не поддерживает гибернацию скрытых операционных систем, использующих дополнительный загрузочный раздел. Учтите, что загрузочный раздел используется как обманной, так и скрытой системами. Поэтому для предотвращения утечки данных и проблем при выходе из гибернации VeraCrypt запретил скрытой системе запись в общий загрузочный раздел и гибернацию. + Том VeraCrypt, смонтированный как %c:, размонтирован. + Тома VeraCrypt размонтированы. + Смонтированные тома VeraCrypt размонтированы, кэш паролей очищен. + Успешно размонтировано + ВНИМАНИЕ: Если запретить работу VeraCrypt в фоновом режиме, то будут отключены следующие функции:\n\n1) Горячие клавиши\n2) Автоматическое размонтирование (например при завершении сеанса, случайном удалении хост-устройства, истечении времени ожидания и т.д.)\n3) Автомонтирование избранных томов\n4) Оповещения (например о предотвращении повреждения скрытого тома)\n5) Значок в системном лотке\n\nПримечание: фоновый процесс можно завершить в любой момент, щёлкнув правой кнопкой мыши на значке VeraCrypt в системном лотке и выбрав пункт 'Выход'.\n\nВы действительно хотите преманентно запретить работу VeraCrypt в фоновом режиме? + ВНИМАНИЕ: Если выключить этот параметр, станет невозможно автоматически размонтировать тома, содержащие открытые файлы/папки.\n\nВы действительно хотите выключить этот параметр? + ВНИМАНИЕ: Тома с открытыми файлами/папками НЕ будут автоматически размонтироваться.\n\nЧтобы избежать такого эффекта, включите в этом окне следующий параметр: 'Авторазмонтировать тома даже при открытых файлах/папках' + ВНИМАНИЕ: Если уровень заряда батареи в ноутбуке мал, Windows может пренебрегать отправкой соответствующих сообщений в выполняющиеся приложения при входе компьютера в энергосберегающий режим. Поэтому в таких случаях авторазмонтирование томов в VeraCrypt может не сработать. + Вы запланировали шифрование раздела/тома. Этот процесс пока ещё не завершён.\n\nХотите возобновить процесс сейчас? + Вы запланировали шифрование или дешифрование системного раздела/диска. Этот процесс пока ещё не завершён.\n\nХотите начать (продолжить) процесс сейчас? + Выдавать запрос о том, хотите ли вы продолжить запланированные в данный момент операции шифрования несистемных разделов/томов? + Да, спросить + Нет, не спрашивать + ВАЖНО: Не забывайте, что вы можете продолжить шифрование любого несистемного раздела/тома, выбрав в меню главного окна VeraCrypt пункт 'Тома' > 'Продолжить прерванный процесс'. + Вы запланировали шифрование или дешифрование системного раздела/диска, но не пройдена (или была пропущена) дозагрузочная аутентификация.\n\nПримечание: при дешифровании системного раздела/диска в дозагрузочном окружении может потребоваться финализация процесса путём выбора команды 'Система' > 'Перманентно расшифровать системный раздел/диск' в меню главного окна VeraCrypt. + ВНИМАНИЕ: Если закрыть VeraCrypt сейчас, будут отключены следующие функции:\n\n1) Горячие клавиши\n2) Автоматическое размонтирование (например при завершении сеанса, случайном удалении хост-устройства, истечении времени ожидания и т.д.)\n3) Автомонтирование избранных томов\n4) Оповещения (например о предотвращении повреждения скрытого тома)\n\nПримечание: если вы не хотите, чтобы после закрытия окна VeraCrypt программа продолжала работать в фоновом режиме, выключите соответствующий параметр в её настройках (а также, если это необходимо, автозапуск VeraCrypt).\n\nВы действительно хотите закрыть VeraCrypt? + Выход? + VeraCrypt не обладает достаточной информацией, чтобы определить, какую операцию выполнить - шифрование или дешифрование. + VeraCrypt не обладает достаточной информацией, чтобы определить, какую операцию выполнить - шифрование или дешифрование.\n\nПримечание: при дешифровании системного раздела/диска в дозагрузочном окружении может потребоваться финализировать процесс, нажав Decrypt. + Примечание: если вы шифруете несистемный раздел/диск 'на месте' и не можете завершить процесс из-за какой-либо постоянно повторяющейся ошибки, вы не сможете смонтировать этот том (и получить доступ к хранящимся в нём данным), пока полностью не РАСШИФРУЕТЕ этот том (т.е. выполните обратный процесс).\n\nЭто можно сделать так:\n1) Выйдите из этого мастера.\n2) В главном окне VeraCrypt выберите 'Тома' > 'Продолжить прерванный процесс'.\n3) Выберите 'Дешифрация'. + Вы хотите прервать процесс шифрования раздела/тома, отложив его на будущее?\n\nПримечание: помните, что пока том не будет полностью зашифрован, его нельзя смонтировать. Позже процесс шифрования можно будет возобновить с той точки, где он был остановлен. Это можно сделать, например, выбрав команду 'Тома' > 'Продолжить прерванный процесс' в меню главного окна VeraCrypt. + Хотите прервать и отложить процесс шифрования системного раздела/диска?\n\nПримечание: позже процесс можно будет возобновить с той точки, где он был остановлен. Это можно сделать, например, выбрав в главном окне VeraCrypt меню 'Система' > 'Продолжить прерванный процесс'. Если вы хотите окончательно прервать процесс или совсем отказаться от шифрования, выберите 'Система' > 'Перманентно расшифровать системный раздел/диск'. + Хотите прервать и отложить процесс дешифрования системного раздела/диска?\n\nПримечание: позже процесс можно будет возобновить с той точки, где он был остановлен. Это можно сделать, например, выбрав в главном окне VeraCrypt меню 'Система' > 'Продолжить прерванный процесс'. Если вы хотите отказаться от дешифрования (и начать шифрование), выберите 'Система' > 'Зашифровать системный раздел/диск'. + Ошибка! Не удалось прервать шифрование/дешифрование системного раздела/диска. + Ошибка! Невозможно прервать процесс очистки (затирания данных). + Ошибка! Не удалось возобновить прерванное шифрование/дешифрование системного раздела/диска. + Ошибка! Невозможно начать процесс очистки (затирания данных). + Несоответствие устранено.\n\n\n(Если вы сообщаете нам о связанной с этим ошибке, включите в свой отчёт следующую техническую информацию: %hs) + Ошибка! Неизвестное состояние.\n\n\n(Если вы сообщаете нам о связанной с этим ошибке, включите в свой отчёт следующую техническую информацию: %hs) + Нет прерванных процессов шифрования/дешифрования системного раздела/диска, которые можно продолжить.\n\nПримечание: чтобы возобновить прерванный процесс шифрования/дешифрования несистемного раздела/диска, выберите 'Тома' > 'Возобновить прерванный процесс'. + ВНИМАНИЕ: Фоновый процесс VeraCrypt отключён. При выходе из VeraCrypt вы не будете извещены о предотвращении повреждения скрытого тома.\n\nПримечание: фоновый процесс можно закрыть в любой момент, щёлкнув правой кнопкой мыши на значке VeraCrypt в системном лотке и выбрав 'Выход'.\n\nВключить фоновый процесс VeraCrypt? + Версия языкового модуля: %s + Проверка файловой системы тома VeraCrypt, смонтированного как %s... + Попытка исправить файловую систему тома VeraCrypt, смонтированного как %s... + ВНИМАНИЕ: Этот том зашифрован с использованием устаревшего алгоритма.\n\nВсе алгоритмы шифрования с 64-бит блоками (например Blowfish, CAST-128, Triple DES) вышли из употребления. В последующих версиях VeraCrypt монтирование этого тома будет возможно, однако никаких улучшений в реализации этих устаревших алгоритмов шифрования не предвидится. Рекомендуем вам создать новый том VeraCrypt с шифрованием по алгоритму со 128-бит блоками (например AES, Serpent, Twofish и др.) и перенести все файлы из этого тома в новый. + Ваша система не настроена на автомонтирование новых томов. Монтирование томов VeraCrypt на основе устройств может оказаться невозможным. Чтобы включить автомонтирование, выполните следующую команду и перезагрузите систему:\n\nmountvol.exe /E + Прежде чем продолжить, присвойте разделу/устройству букву диска ('Панель управления' > 'Администрирование' > 'Управление компьютером' - 'Управление дисками').\n\nПримечание: это требование операционной системы. + Смонтировать том VeraCrypt + Размонтировать все тома VeraCrypt + VeraCrypt не может получить права администратора. + Доступ запрещён операционной системой.\n\nВозможная причина: для чтения/записи данных в некоторых папках, файлах и устройствах операционная система требует у вас наличия прав чтения/записи system (привилегий администратора). По умолчанию пользователю без прав администратора разрешается создавать читать и изменять файлы лишь в папке с его документами ('Мои документы'). + Ошибка! Выбранное устройство использует сектора неподдерживаемого размера.\n\nВ настоящий момент невозможно создавать разделы/тома на основе устройств на дисках с секторами размером более 4096 байт. Однако на таких дисках можно создать тома (контейнеры) на основе файлов. + В настоящий момент невозможно зашифровать систему, установленную на диске с секторами размером отличным от 512 байт. + Для загрузчика VeraCrypt необходимо не менее 32 КБ свободного места в начале системного диска (загрузчик VeraCrypt должен располагаться в этой области). Ваш диск этому условию не удовлетворяет.\n\nПожалуйста, НЕ сообщайте нам об этом как об ошибке/проблеме в работе VeraCrypt. Чтобы решить эту проблему, вам нужно переразметить свой диск, оставив свободными первые 32 КБ (в большинстве случаев достаточно удалить и вновь создать первый раздел). Рекомендуем использовать для этого диспетчер разделов Microsoft, устанавливаемый вместе с Windows. + Эта функция не поддерживается операционной системой той версии, которую вы сейчас используете. + В этой версии операционной системы VeraCrypt не поддерживает шифрование системного раздела/диска. + Чтобы зашифровать системный раздел/диск в Windows Vista, сначала нужно установить пакет обновления Service Pack 1 для Windows Vista или более новый (в вашей системе он пока не установлен).\n\nПримечание: Service Pack 1 для Windows Vista устраняет проблему с нехваткой основной памяти при загрузке системы. + VeraCrypt больше не поддерживает шифрование системного раздела/диска в Windows Vista без установленного пакета обновления (Service Pack). Прежде чем обновить VeraCrypt, установите Service Pack 1 (или новее) для Windows Vista. + Ошибка! Чтобы воспользоваться этой функцией, нужно, чтобы VeraCrypt был УСТАНОВЛЕН в компьютере (сейчас VeraCrypt работает в 'переносном' режиме).\n\nУстановите (инсталлируйте) VeraCrypt и повторите попытку. + ВНИМАНИЕ: Похоже, Windows не установлена на диске, с которого она загружается. Это не поддерживается.\n\nВам следует продолжить, только если вы уверены, что Windows установлена на том же диске, с которого она загружается.\n\nПродолжить? + Ваш системный диск имеет таблицу разделов GUID (GPT). В настоящий момент поддерживаются только диски с таблицей разделов MBR. + ОСТОРОЖНО: На системном диске уже установлен загрузчик VeraCrypt!\n\nВозможно, в вашем компьютере имеется другая уже зашифрованная система.\n\nВНИМАНИЕ: В СЛУЧАЕ ПРОДОЛЖЕНИЯ ШИФРОВАНИЯ ТЕКУЩЕЙ СИСТЕМЫ ЕСТЬ ВЕРОЯТНОСТЬ, ЧТО ДРУГИЕ СИСТЕМЫ НЕ СМОГУТ ЗАГРУЖАТЬСЯ, А ОТНОСЯЩИЕСЯ К НИМ ДАННЫЕ СТАНУТ НЕДОСТУПНЫМИ.\n\nВы действительно хотите продолжить? + Ошибка восстановления исходного загрузчика системы.\n\nИспользуйте диск восстановления VeraCrypt ('Repair Options' > 'Restore original system loader') или установочный диск Windows, чтобы заменить загрузчик VeraCrypt системным загрузчиком Windows. + Исходный системный загрузчик не будет сохранён на диске восстановления (возможная причина: нет файла с резервной копией). + Ошибка записи сектора MBR.\n\nBIOS в вашем ПК может быть настроена на защиту сектора MBR. Проверьте в настройках BIOS (нажмите клавишу F2, Delete или Esc сразу после включения компьютера), не включена ли антивирусная/MBR защита. + ВНИМАНИЕ: Ошибка контрольной суммы загрузчика VeraCrypt!\nВозможно, была попытка подделки информации на диске (атака "Evil Maid").\n\nЭто предупреждение также может появиться, если вы восстановили загрузчик VeraCrypt с помощью диска восстановления, созданного другой версией VeraCrypt.\n\nРекомендуем немедленно изменить пароль, что одновременно восстановит нормальный загрузчик VeraCrypt. Также стоит переустановить VeraCrypt и принять меры по ограничению доступа к этому ПК нежелательных лиц. + Загрузчик VeraCrypt (Boot Loader) нужной версии сейчас не установлен. Это может препятствовать сохранению ряда установок. + Примечание: иногда бывает нужно, чтобы посторонний (неприятель), наблюдающий за стартом ПК, не знал, что вы пользуетесь VeraCrypt. Эти параметры позволяют изменить экран загрузки VeraCrypt. Если включить первую опцию, экран загрузчика будет пустым (даже при вводе неправильного пароля). При вводе пароля ПК будет выглядеть "зависшим". Кроме того, чтобы ввести неприятеля в заблуждение, можно включить вывод своего сообщения. Например, отображать ложные сообщения об ошибках вроде "Missing operating system" (обычно это выводит загрузчик Windows, когда не может найти загрузочный раздел Windows). Важно, однако, помнить, что если неприятель сможет проанализировать содержимое жёсткого диска, то он сумеет найти на нём загрузчик VeraCrypt. + ВНИМАНИЕ: Если вы включите эту опцию, загрузчик VeraCrypt не будет выводить на экран никаких сообщений (даже если вы укажете неправильный пароль). При вводе пароля компьютер будет выглядеть "зависшим" (не реагирующим), курсор НЕ будет перемещаться, а нажатия клавиш НЕ будут сопровождаться показом звёздочек.\n\nВы действительно хотите включить эту опцию? + Судя по всему, системный раздел/диск уже полностью зашифрован. + VeraCrypt не поддерживает шифрование системного диска, который был преобразован в динамический диск. + Системный диск содержит расширенные (логические) разделы.\n\nВы можете зашифровать весь системный диск, содержащий расширенные (логические) разделы, только в Windows Vista и более новых версиях Windows. В Windows XP зашифровать весь системный диск можно при условии, что он содержит только первичные разделы.\n\n!!! Тем не менее, вместо всего системного диска вы можете зашифровать системный раздел (а также создавать тома VeraCrypt на основе разделов внутри любых несистемных разделов на диске). + ВНИМАНИЕ: Так как вы работаете в Windows XP/2003, после запуска шифрования диска на нём НЕЛЬЗЯ создавать расширенные (логические) разделы (разрешается создавать только первичные разделы). Любой расширенный (логический) раздел на диске после начала шифрования станет недоступным (сейчас на диске нет таких разделов).\n\nПримечание: если это ограничение для вас неприемлемо, вернитесь и выберите шифрование только системного раздела, а не всего диска (также вы можете создать тома VeraCrypt на основе разделов внутри любых не-системных разделов на диске).\n\nЕсли данное ограничение вам не подходит, вы можете перейти на Windows Vista или более новую версию Windows (шифрование всего системного диска, содержащего расширенные/логические разделы, доступно только в Windows Vista или более новых версиях). + Системный диск содержит нестандартный раздел.\n\nЕсли вы используете ноутбук, на системном диске, вероятно, находится особый раздел для восстановления. После шифрования всего системного диска (включая любой раздел для восстановления) вы можете лишиться возможности загрузить ОС, если в вашем ПК - не вполне корректная BIOS. Также, пока не будет дешифрован системный диск, может оказаться невозможным использовать раздел для восстановления. Поэтому рекомендуем вам шифровать только системный раздел. + Хотите зашифровать вместо всего диска только системный раздел?\n\nОбратите внимание, что вы можете создавать тома VeraCrypt на основе разделов внутри любых не-системных разделов на диске (в добавок к шифрованию системного раздела). + Поскольку системный диск содержит только один раздел, занимающий весь диск, предпочтительнее (более безопасно) зашифровать весь диск, включая свободное "резервное" место, которое обычно окружает такой раздел.\n\nХотите зашифровать весь системный диск? + Ваша система настроена так, что временные файлы хранятся на несистемном разделе.\n\nВременные файлы должны храниться только на системном разделе. + Файлы вашего профиля пользователя не хранятся на системном разделе.\n\nЭти файлы должны храниться только на системном разделе. + На несистемных разделах имеются файлы подкачки.\n\nФайлы подкачки должны находиться только на системном разделе. + Настроить Windows так, чтобы файлы подкачки создавались только на разделе с Windows?\n\nПри нажатии 'Да' компьютер будет перезагружен. После этого запустите VeraCrypt и снова попробуйте создать скрытую ОС. + В противном случае это неблагоприятно скажется на правдоподобности отрицания наличия скрытой ОС.\n\nПримечание: если неприятель проанализирует содержимое таких файлов (находящихся на несистемном разделе), то сможет узнать, что вы пользовались этим мастером в режиме создания скрытой системы (что натолкнёт его на мысль о наличии скрытой ОС в вашем ПК). Также учтите, что такие файлы, хранящиеся на системном разделе, будут надёжно удалены VeraCrypt при создании скрытой ОС. + ВНИМАНИЕ: Во время создания скрытой ОС вам потребуется полностью переустановить текущую ОС (чтобы безопасно создать обманную систему).\n\nПримечание: запущенная в данный момент ОС и всё содержимое системного раздела будут скопированы в скрытый том (чтобы создать скрытую систему).\n\n\nВы уверены, что сможете установить Windows с помощью установочного носителя (или со служебного раздела)? + В целях безопасности, если запущенная в данный момент ОС требует активации, она должна быть активирована перед тем, как вы продолжите. Скрытая ОС будет создана путём копирования содержимого системного раздела в скрытый том (поэтому если эта ОС не активирована, то не будет активирована и скрытая). Подробности см. в разделе "Требования безопасности и меры предосторожности касательно скрытых томов" в документации VeraCrypt.\n\nВажно: перед продолжением обязательно ознакомьтесь с главой "Требования безопасности и меры предосторожности касательно скрытых томов" в Руководстве пользователя VeraCrypt.\n\n\nУдовлетворяет ли выполняемая в данный момент ОС указанному выше условию? + Ваша система использует дополнительный загрузочный раздел. VeraCrypt не поддерживает гибернацию скрытых операционных систем, использующих дополнительный загрузочный раздел (гибернация обманных систем никаких проблем не составляет).\n\nУчтите, что загрузочный раздел используется как обманной, так и скрытой системами. Поэтому для предотвращения утечки данных и проблем с выходом из гибернации VeraCrypt запретил скрытой системе запись в общий загрузочный раздел и гибернацию.\n\n\nХотите продолжить? При ответе 'Нет' вам будут даны инструкции, как удалить дополнительный загрузочный раздел. + \nДополнительный загрузочный раздел можно удалить до установки Windows. Для этого выполните следующие действия:\n\n1) Загрузите Windows с установочного компакт-диска.\n\n2) На экране установки Windows нажмите 'Install now' > 'Custom (advanced)'.\n\n3) Нажмите 'Drive Options'.\n\n4) Выберите основной системный раздел и удалите его, нажав 'Delete' и OK.\n\n5) Выберите раздел 'System Reserved', нажмите 'Extend' и увеличьте его размер в соответствии с устанавливаемой ОС.\n\n6) Нажмите 'Apply' и OK.\n\n7) Установите Windows в раздел 'System Reserved'.\n\n\nЕсли неприятель спросит вас, зачем вы удалили дополнительный загрузочный раздел, вы можете ответить, что хотели предотвратить возможность утечки данных в незашифрованный загрузочный раздел.\n\n!!! Чтобы распечатать этот текст, нажмите кнопку 'Печать' ниже. Если вы сохраните или распечатаете копию этого текста (это настоятельно рекомендуется сделать, если только ваш принтер не хранит копии заданий на своём внутреннем накопителе), то после удаления дополнительного загрузочного раздела все копии данного текста следует уничтожить (иначе если такую копию обнаружат, это может навести на мысль о наличии в ПК скрытой ОС). + Внимание! Между системным разделом и первым разделом за ним имеется нераспределённое место. После создания скрытой операционной системы вы не должны создавать в этой нераспределённой области никаких новых разделов. В противном случае скрытая ОС не сможет загрузиться (до тех пор, пока не будут удалены такие вновь созданные разделы). + В данный момент этот алгоритм для шифрования системы не поддерживается. + Этот алгоритм не поддерживается в режиме TrueCrypt. + PIM (персональный умножитель итераций) не поддерживается в режиме TrueCrypt. + Для использования указанного PIM пароль должен быть не короче 20 символов.\nБолее короткие пароли можно применять только с PIM, равным 485 или более. + Для использования с выбранным PIM пароль дозагрузочной аутентификации должен содержать 20 и более символов.\nБолее короткие пароли можно использовать только с PIM, равным 98 или более. + В настоящий момент ключевые файлы для шифрования системы не поддерживаются. + Внимание! VeraCrypt не может восстановить первоначальную раскладку клавиатуры. Это может привести к неправильному вводу пароля. + Ошибка! Невозможно установить раскладку клавиатуры для VeraCrypt в стандартную американскую (US).\n\nОбратите внимание, что пароль вводится ДО загрузки Windows, когда любые раскладки клавиатуры, отличающиеся от американской, ещё недоступны. Поэтому пароль всегда должен вводиться при стандартной американской раскладке. + Поскольку VeraCrypt временно изменил раскладку клавиатуры на стандартную американскую, ввод символов при нажатой правой клавише Alt невозможен. Тем не менее, большинство таких символов можно ввести соответствующими клавишами при нажатой клавише Shift. + Изменение раскладки клавиатуры заблокировано VeraCrypt. + Примечание: пароль вводится ДО загрузки Windows, когда любые раскладки клавиатуры, отличающиеся от американской, ещё недоступны. Поэтому пароль всегда должен вводиться при стандартной американской раскладке. Важно учитывать, что вам НЕ нужно иметь настоящую американскую клавиатуру. VeraCrypt автоматически обеспечивает вам безопасный ввод пароля (прямо сейчас и на стадии перед загрузкой ОС), даже если у вас НЕ настоящая американская клавиатура. + Прежде чем приступить к шифрованию раздела/диска, нужно создать диск восстановления VeraCrypt Rescue Disk (VRD), обеспечивающий следующее:\n\n- В случае повреждения загрузчика VeraCrypt, мастер-ключа или других критических данных, VRD позволяет их восстановить (при этом всё равно надо будет ввести правильный пароль).\n- При повреждении и невозможности загрузки Windows, VRD позволяет перманентно расшифровать раздел/диск перед стартом Windows.\n- VRD содержит резервную копию текущего содержимого первого цилиндра диска (в котором обычно находится системный загрузчик или менеджер загрузки) и позволяет восстановить его.\n\nISO-образ диска восстановления VeraCrypt будет создан тут: + После нажатия OK будет запущено средство записи образов дисков Windows. Запишите с её помощью ISO-образ диска восстановления VeraCrypt на CD или DVD.\n\nЗатем вернитесь в окно мастера создания томов VeraCrypt и следуйте инструкциям. + Образ диска восстановления создан и сохранён в файле: %s\n\nСейчас вам нужно записать этот образ на CD или DVD.\n\n%lsПосле записи диска восстановления нажмите 'Далее', чтобы проверить, корректно ли он был записан. + Образ диска восстановления создан и сохранён в этом файле: %s\n\nСейчас вам следует либо записать (прожечь) диск восстановления на CD/DVD, либо переместить его ISO-образ в безопасное место для использования в дальнейшем.\n\n%lsНажмите 'Далее' для продолжения. + ВАЖНО: Файл-образ должен быть записан на CD/DVD как ISO-образ диска (а не как отдельный файл). О том, как это сделать, см. документацию на ваше ПО для записи CD/DVD. Если у вас нет программы, способной записать ISO-образ на CD/DVD, щёлкните по ссылке ниже, чтобы загрузить такое бесплатное ПО.\n\n + Запустить средство записи образов дисков Windows + ВНИМАНИЕ: Если ранее вы уже создавали диск восстановления VeraCrypt, вы не сможете им воспользоваться снова для этого системного раздела/диска, так как он был создан для другого мастер-ключа! При каждом шифровании системного раздела/диска нужно создавать новый диск восстановления VeraCrypt, даже если вы используете тот же самый пароль. + Ошибка! Невозможно сохранить установки системного шифрования. + Невозможно инициировать пре-тест системного шифрования. + Невозможно начать процесс создания скрытой операционной системы. + Режим очистки + На ряде перезаписываемых носителей перезаписанные данные можно восстановить с помощью спецтехник (магнитно-силовая микроскопия). Это относится и к данным, перезаписанным в зашифрованном виде (когда VeraCrypt шифрует незашифрованный системный раздел/диск). Восстановление перезаписанных данных можно предотвратить (или сильно осложнить) перезаписью псевдослучайными или определёнными неслучайными данными некоторое число раз. Если ваши неприятели могут применить подобные методы для восстановления данных, которые вы собираетесь зашифровать, выберите один из режимов очистки (имеющиеся данные НЕ будут уничтожены). После шифрования раздела/диска очистка НЕ выполняется. Когда раздел/диск полностью зашифрован, никакие незашифрованные данные на него не записываются. Любые данные сначала шифруются на лету в памяти, и лишь затем сохраняются (зашифрованными) на диске. + На ряде перезаписываемых носителей перезаписанные данные (например когда данные удалены) можно восстановить с помощью спецтехник (магнитно-силовая микроскопия). Восстановление перезаписанных данных можно предотвратить (или сильно осложнить) перезаписью псевдослучайными или определёнными неслучайными данными некоторое число раз. Если ваши неприятели могут применить подобные техники для восстановления данных, которые должны быть удалены, выберите один из многопроходных режимов очистки.\n\nПримечание: чем больше проходов, тем дольше длится стирание данных. + Очистка + \nПримечание: вы можете прервать процесс очистки, выключить компьютер, снова запустить скрытую систему и затем продолжить очистку (этот мастер запустится автоматически). Однако в случае прерывания весь процесс очистки придётся начать сначала. + \n\nПримечание: если прервать очистку, а затем попытаться возобновить этот процесс, то его придётся выполнить с самого начала. + Вы хотите отменить очистку (затирание данных)? + Внимание! Содержимое всего выбранного раздела/устройства будет уничтожено. + Всё содержимое раздела, где находится исходная система, будет уничтожено.\n\nПримечание: всё содержимое раздела, подлежащего стиранию, было скопировано в этот скрытый системный раздел. + ВНИМАНИЕ: Если выбрать, например, трёхпроходную очистку, время шифрования диска/раздела увеличится в четыре раза. Аналогично, при выборе 35-проходного режима время увеличится в 36 раз (и может составить несколько недель).\n\nУчтите, однако, что очистка НЕ выполняется после того, как раздел/диск зашифрован. Когда раздел/диск полностью зашифрован, никаких незашифрованных данных на него не записывается. Любые записываемые на него данные сначала шифруются на лету в памяти, и только затем сохраняются (в зашифрованном виде) на диске (т.е. на производительности это НЕ отражается).\n\nВы действительно хотите использовать режим очистки? + Нет (самый быстрый) + 1 проход (случайные данные) + 3 прохода (US DoD 5220.22-M) + 7 проходов (US DoD 5220.22-M) + 35 проходов ("Gutmann") + 256 проходов + Число операционных систем + ВНИМАНИЕ: Неопытным пользователям не следует пытаться шифровать Windows в мультизагрузочных конфигурациях.\n\nПродолжить? + При создании/использовании скрытой операционной системы VeraCrypt поддерживает мультизагрузочные конфигурации только при соблюдении следующих условий:\n\n- работающая сейчас операционная система должна быть установлена на загрузочном диске, на котором не может быть других операционных систем;\n\n- операционные системы, установленные на других дисках, не должны использовать загрузчик, находящийся на диске, на котором установлена текущая операционная система.\n\nЭти условия соблюдены? + VeraCrypt не поддерживает эту мультизагрузочную конфигурацию при создании/использовании скрытой операционной системы. + Загрузочный диск + Работающая в данный момент операционная система установлена на загрузочном диске?\n\nПримечание: иногда Windows бывает установлена не на том диске, с которого она грузится (где находится загрузочный раздел). Если это ваш случай, то выберите 'Нет'. + В данный момент VeraCrypt не поддерживает шифрование операционной системы, которая загружается не с того же диска, на котором она установлена. + Число системных дисков + Сколько дисков содержит операционная система?\n\nПримечание: например, если одна операционная система (скажем, Windows, Mac OS X, Linux и т.д.) установлена у вас на первичном диске, а другая на вторичном, выберите '2 или более'. + В данный момент VeraCrypt не поддерживает шифрование всего диска, который содержит несколько операционных систем.\n\nВозможные варианты:\n\n- Вы можете зашифровать одну из систем, если вернётесь назад и выберите шифрование только одного системного раздела (а не всего системного диска).\n\n- Вы сможете зашифровать весь диск, если переместите некоторые системы на другие диски, оставив только одну ОС на диске, который хотите зашифровать. + Несколько систем на одном диске + На диске, где установлена текущая ОС, есть другие операционные системы?\n\nПримечание: например, если текущая ОС установлена на диске #0, содержащем несколько разделов, и если на одном из разделов находится Windows, а на другом - ещё одна ОС (скажем, Windows, Mac OS X, Linux и т.д.), то выберите 'Да'. + Не-Windows загрузчик + Установлен ли в главной загрузочной записи (MBR) не относящийся к Windows загрузчик (или загрузочный менеджер)?\n\nПримечание: например, если в первом цилиндре загрузочного диска содержится GRUB, LILO, XOSL или какой-то другой не относящийся к Windows загрузочный менеджер, выберите 'Да'. + Мультизагрузка + В настоящее время VeraCrypt не поддерживает мультизагрузочные конфигурации, где в главной загрузочной записи (MBR) установлен не относящийся к Windows загрузчик.\n\nВозможные варианты:\n\n- Если вы используете загрузочный менеджер для загрузки Windows и Linux, перенесите его (обычно это GRUB) из MBR в раздел. Затем запустите снова этот мастер и зашифруйте системный раздел/диск. Обратите внимание, что загрузчик VeraCrypt станет основным загрузочным менеджером и позволит вам запускать исходный загрузочный менеджер (скажем, GRUB) как вторичный (нажатием Esc при выводе экрана загрузчика VeraCrypt) и, таким образом, запускать Linux. + Если текущая ОС установлена на загрузочном разделе, то после его шифрования вам потребуется ввести правильный пароль, даже для запуска незашифрованных Windows-систем (так как они будут совместно использовать один и тот же зашифрованный загрузчик Windows).\n\nНапротив, если текущая ОС не установлена на загрузочном разделе (или загрузчик Windows не используется никакими иными системами), тогда после шифрования этой системы вам не надо вводить пароль для запуска других незашифрованных систем, достаточно будет просто нажать Esc (в случае нескольких незашифрованных систем также потребуется выбрать нужную в меню загрузчика VeraCrypt).\n\nПримечание: как правило, в загрузочном разделе бывает установлена наиболее ранняя версия Windows. + Шифрование защищённой области пользователя (HPA) + В конце многих дисков имеется область, в обычных условиях скрытая от операционной системы (эту область обычно называют Host Protected Area - защищённая область пользователя). Однако некоторые программы способны читать и записывать данные в таких областях.\n\nВНИМАНИЕ: Производители компьютеров (в частности, ноутбуков) могут использовать области HPA для хранения в них утилит и данных для RAID, восстановления системы, её настройки, диагностики и прочих нужд. Если такие утилиты или данные должны быть доступны перед загрузкой системы, скрытую область НЕ следует шифровать (выберите 'Нет').\n\nХотите, чтобы VeraCrypt обнаружил и зашифровал скрытую область (если таковая имеется) в конце системного диска? + Тип шифрования системы + Выберите эту опцию, если вы просто хотите зашифровать системный раздел или весь системный диск. + Может так случиться, что вас вынудят дешифровать ОС. Порой вы просто не сможете от этого отказаться (например при вымогательстве). Эта опция позволяет создать скрытую ОС, наличие которой должно быть невозможно определить (при условии соблюдения указанных ниже рекомендаций). Таким образом, дешифровать скрытую ОС или выдавать от неё пароль вам не придётся. Чтобы узнать подробности, щёлкните по ссылке ниже. + Может так случиться, что вас вынудят дешифровать ОС. Порой вы просто не сможете от этого отказаться (например при вымогательстве).\n\nC помощью этого мастера вы можете создать скрытую операционную систему, наличие которой должно быть невозможно определить (при условии соблюдения указанных ниже рекомендаций). Таким образом, дешифровать скрытую ОС или выдавать от неё пароль вам не придётся. + Скрытая операционная система + Сейчас вы создадите два тома (внешний и скрытый) в разделе, следующим за системным. Скрытый том будет содержать скрытую ОС, создаваемую копированием в него содержимого системного раздела (где установлена работающая сейчас ОС). Во внешний том нужно скопировать осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ требуется, чтобы обмануть того, кто вынудит вас сообщить пароль от скрытого системного раздела (можно будет выдать пароль для внешнего тома внутри скрытого системного раздела, наличие же скрытой ОС останется в тайне).\n\nА на системный раздел с работающей сейчас ОС вы установите новую, так называемую "обманную" ОС и зашифруете её. В ней не должно быть конфиденциальных файлов, она нужна, если вас вынудят сообщить дозагрузочный пароль. В итоге будет три пароля. Два из них (для обманной ОС и внешнего тома) можно сообщать неприятелю. Третий пароль - запуск скрытой ОС. + Поиск скрытых секторов + Подождите, VeraCrypt ищет скрытые сектора, которые могут присутствовать в конце системного диска. Это может занять продолжительное время.\n\nПримечание: в очень редких случаях на некоторых компьютерах во время этой операции система может перестать реагировать. В этом случае перезагрузите компьютер, запустите VeraCrypt, повторите предыдущие этапы, но пропустите этот этап поиска. Просим учесть, что данная проблема вызвана не ошибкой в VeraCrypt. + Область шифрования + Выберите эту опцию, если вы хотите зашифровать весь диск, где установлена ныне работающая Windows. Будет зашифрован весь диск, включая все его разделы, кроме первой дорожки, где находится загрузчик VeraCrypt. Для доступа к установленной на этом диске ОС или файлам на нём потребуется вводить пароль перед каждой загрузкой системы. Эту опцию нельзя применять для шифрования второго или внешнего диска, если Windows на нём не установлена или загружается не с него. + Сбор случайных данных + Сгенерированные ключи + VeraCrypt не удалось найти в компьютере записывающий CD/DVD-накопитель. Такой накопитель требуется VeraCrypt для записи загрузочного диска восстановления (VeraCrypt Rescue Disk) с копией ключей шифрования, загрузчика VeraCrypt, исходного системного загрузчика и др.\n\nМы настоятельно рекомендуем вам записать диск восстановления VeraCrypt. + Пишущего CD/DVD-накопителя нет, но я сохраню ISO-образ диска восстановления на сменном носителе (например на флэшке). + Я подключу пишущий CD/DVD-накопитель позже. Сейчас я хочу прервать процесс. + Пишущий CD/DVD-накопитель сейчас подключён к ПК. Продолжить и записать диск восстановления. + Сделайте следующее:\n\n1) Подключите к ПК сменный накопитель (например флэшку).\n\n2) Скопируйте на сменный накопитель файл-образ (%s) диска восстановления VeraCrypt.\n\nЕсли в будущем вам понадобится диск восстановления VeraCrypt, вы просто подключите сменный накопитель (с образом диска восстановления VeraCrypt) к ПК с пишущим CD/DVD-накопителем и запишете этот образ на CD или DVD. ВАЖНО: Учтите, что файл-образ диска восстановления VeraCrypt нужно записать на CD/DVD как ISO-образ диска (а не как обычный файл). + Запись диска восстановления + Диск восстановления создан + Пре-тест шифрования системы + Диск восстановления проверен + \nДиск восстановления VeraCrypt (Rescue Disk) прошёл проверку успешно. Выньте его из накопителя и уберите в надёжное место.\n\nНажмите 'Далее' для продолжения. + ВНИМАНИЕ: Во время следующих этапов в накопителе НЕ должно быть диска восстановления VeraCrypt, иначе эти этапы не удастся корректно завершить.\n\nВыньте диск восстановления из накопителя и поместите в надёжное место. Затем нажмите OK. + Внимание! Вследствие технических ограничений среды до загрузки ОС, сообщения, выводимые VeraCrypt на этом этапе (т.е. до старта Windows), не подлежат локализации. Пользовательский интерфейс загрузчика VeraCrypt - полностью на английском языке.\n\nПродолжить? + Прежде чем зашифровать системный раздел или диск, VeraCrypt должен проверить, что всё работает должным образом.\n\nПосле нажатия 'Тест' будут установлены все необходимые компоненты (например дозагрузочный аутентификатор, т.е. загрузчик VeraCrypt), и компьютер перезагрузится. Затем на экране загрузчика (VeraCrypt Boot Loader), который появится до старта Windows, вам потребуется ввести свой пароль. После запуска Windows вам автоматически сообщат о результатах этого предварительного теста.\n\nБудет изменено следующее устройство: Диск #%d\n\n\nЕсли сейчас нажать 'Отмена', то ничего установлено не будет, и пре-тест не станет выполняться. + ВАЖНЫЕ ЗАМЕЧАНИЯ -- ПРОЧИТАЙТЕ ИЛИ РАСПЕЧАТАЙТЕ (нажмите 'Печать'):\n\nНикакие файлы не будут зашифрованы, пока вы не перезагрузите успешно свой ПК и не запустите Windows. Поэтому если произойдёт какой-то сбой, с вашими данными ничего не случится. Однако в случае, если что-то пойдёт не так, возможны сложности с запуском Windows. Поэтому прочитайте (и, по возможности, распечатайте) следующие рекомендации о том, что делать, если Windows отказывается запускаться после перезагрузки ПК.\n\n + Что делать, если Windows не загружается ------------------------------------------------\n\nПРИМЕЧАНИЕ: Эти инструкции действительны, только если вы не начинали шифрование.\n\n- Если вы вводите правильный пароль, а Windows не загружается (или если при вводе правильного пароля VeraCrypt раз за разом сообщает, что пароль неверный), не паникуйте. Перезагрузите (выключите и вновь включите) компьютер и при появлении экрана загрузчика VeraCrypt нажмите клавишу Esc на клавиатуре (а если у вас несколько ОС, выберите нужную для запуска). После этого Windows должна запуститься (при условии, что она не зашифрована), а VeraCrypt автоматически спросит, хотите ли вы удалить компонент дозагрузочной аутентификации. Обратите внимание, что предыдущие шаги НЕ работают, если системный раздел/диск зашифрован (запустить Windows или получить доступ к зашифрованным данным без правильного пароля не может никто, даже если он(а) выполнит предыдущие этапы).\n\n + - Если вышесказанное не помогает или если экран загрузчика VeraCrypt не появляется (перед стартом Windows), вставьте в CD/DVD-накопитель диск восстановления VeraCrypt (Rescue Disk) и перезагрузите ПК. Если экран загрузчика VeraCrypt не появляется (или если вы не видите пункта 'Repair Options' в группе 'Keyboard Controls' на экране загрузчика VeraCrypt), возможно, в BIOS вашего ПК настроена загрузка сначала с жёсткого диска, и лишь затем с CD/DVD. Если это так, перезагрузите ПК, нажмите F2 или Delete (как только увидите начальный экран BIOS) и дождитесь появления экрана с настройками BIOS. Если этот экран не появился, снова перезагрузите ПК (нажмите кнопку Reset), сразу же начав часто нажимать клавиши F2 или Delete. В появившемся экране настроек BIOS сконфигурируйте ПК так, чтобы он сначала загружался с CD/DVD (о том, как это сделать, см. в документации на вашу системную плату/BIOS). Снова перезагрузите компьютер. Сейчас должен появиться экран диска восстановления VeraCrypt. На этом экране выберите 'Repair Options', нажав F8 на клавиатуре. В меню 'Repair Options' выберите 'Restore original system loader'. После этого выньте диск восстановления из CD/DVD-накопителя и перезагрузите ПК. Сейчас Windows должна запуститься нормально (при условии, что она не зашифрована).\n\n + Обратите внимание, что предыдущие шаги НЕ работают, если системный раздел/диск зашифрован (запустить Windows или получить доступ к зашифрованным данным без ввода правильного пароля не может никто, даже если он(а) выполнит предыдущие этапы).\n\n\nТакже имейте в виду, что если вы потеряете свой диск восстановления VeraCrypt, а ваш неприятель его найдёт, он НЕ сможет с помощью этого диска расшифровать системный раздел или диск, если не знает правильного пароля. + Пре-тест выполнен + Пре-тест успешно завершён.\n\nВНИМАНИЕ: Если во время шифрования произойдёт сбой питания или из-за программной/аппаратной ошибки зависнет операционная система, в то время, как VeraCrypt шифрует имеющиеся данные 'на месте', некоторые данные почти наверняка окажутся повреждёнными или утерянными. Поэтому прежде чем начать шифрование, убедитесь, что сделали резервную копию файлов, которые собираетесь зашифровать. Если нет, то сделайте это сейчас (нажмите 'Отложить', скопируйте файлы, затем в любое время снова запустите VeraCrypt, выберите 'Система' > 'Возобновить прерванный процесс', чтобы начать шифрование).\n\nКогда будете готовы, нажмите 'Шифрация', чтобы приступить к шифрованию. + Вы можете в любой момент нажать 'Пауза' или 'Отложить', прервав (де)шифрование, выйти из этого мастера, перезагрузить или выключить ПК, а затем продолжить процесс (он возобновится с той точки, где был приостановлен). Для предотвращения замедления, когда система или приложения выполняют чтение или запись на системном диске, VeraCrypt ждёт, пока данные будут записаны или прочтены (см. Статус выше), а затем продолжает (де)шифрование. + \n\nВы можете в любой момент нажать 'Пауза' или 'Отложить', прервав шифрование, выйти из этого мастера, перезагрузить или выключить ПК, а затем продолжить процесс (он возобновится с той точки, где был приостановлен). Учтите, что том не может быть смонтирован, пока не будет полностью зашифрован. + \n\nВы можете в любой момент нажать 'Пауза' или 'Отложить', прервав дешифрование, выйти из этого мастера, перезагрузить или выключить ПК, а затем продолжить процесс (он возобновится с той точки, где был приостановлен). Учтите, что том не может быть смонтирован, пока не будет полностью расшифрован. + Скрытая система запущена + Исходная система + Windows создаёт (обычно без вашего ведома или согласия) различные файлы отчётов, временные файлы и т.п. на системном разделе. Кроме того, там же она сохраняет содержимое ОЗУ для сна/гибернации и файлы подкачки. Поэтому если неприятель проанализирует файлы на разделе с исходной системой (клоном которой является скрытая ОС), он может узнать, например, что вы пользовались мастером VeraCrypt в режиме создания скрытой системы (и заподозрить наличие скрытой ОС в вашем ПК).\n\nЧтобы это предотвратить, на следующих этапах VeraCrypt надёжно сотрёт всё содержимое раздела, где находится исходная система. Затем для правдоподобности отрицания причастности вам потребуется установить в раздел новую систему и зашифровать её. Таким образом, вы создадите обманную ОС, и на этом процесс создания скрытой ОС будет завершён. + Скрытая ОС успешно создана. Но прежде чем её можно будет использовать (и иметь возможность правдоподобного отрицания причастности), требуется надёжно удалить (с помощью VeraCrypt) всё содержимое раздела, в котором сейчас установлена текущая ОС. Прежде чем это сделать, перезагрузите ПК и на экране загрузчика VeraCrypt (выводимого до старта Windows) введите пароль дозагрузочной аутентификации для скрытой ОС. Затем после старта скрытой системы автоматически запустится мастер VeraCrypt.\n\nПримечание: если сейчас прервать создание скрытой ОС, то возобновить этот процесс НЕ удастся, и скрытая ОС окажется недоступна (так как будет удалён загрузчик VeraCrypt). + Вы запланировали создание скрытой операционной системы. Этот процесс ещё не закончен. Чтобы его завершить, нужно перезагрузить компьютер и на экране загрузчика VeraCrypt (он появляется перед запуском Windows) ввести пароль для скрытой операционной системы.\n\nПримечание: если вы решите прервать сейчас процесс создания скрытой ОС, вы уже НЕ сможете его возобновить. + Перезагрузить ПК и продолжить + Окончательно прервать создание скрытой ОС + Ничего не делать сейчас, спросить позже + \nПО ВОЗМОЖНОСТИ РАСПЕЧАТАЙТЕ ЭТОТ ТЕКСТ (нажмите 'Печать' ниже).\n\n\nКак и когда использовать диск восстановления VeraCrypt (после шифрования) -----------------------------------------------------------------------------------\n\n + I. Как загрузиться с диска восстановления VeraCrypt\n\nЧтобы воспользоваться диском восстановления VeraCrypt (Rescue Disk), вставьте его в CD/DVD-накопитель и перезагрузите ПК. Если экран загрузочного диска VeraCrypt не появляется (или если на экране нет пункта 'Repair Options' в группе 'Keyboard Controls'), вероятно, BIOS в вашем ПК настроен на загрузку сначала с жёстких дисков, и лишь затем с CD/DVD-накопителей. Если это так, перезагрузите компьютер, нажмите F2 или Delete (как только увидите начальный экран BIOS) и дождитесь появления экрана настроек BIOS. Если он не появился, снова перезагрузите ПК (нажмите кнопку Reset) и сразу же начинайте постоянно нажимать F2 или Delete. Когда появится экран настроек BIOS, сконфигурируйте ПК так, чтобы он сначала загружался с CD/DVD-накопителя (о том, как это сделать, см. в документации на вашу системную плату или BIOS). Затем перезагрузите компьютер. Теперь экран диска восстановления VeraCrypt должен появиться. Примечание: на экране диска восстановления VeraCrypt можно выбрать 'Repair Options', нажав F8 на клавиатуре.\n\n\n + II. Когда и как использовать диск восстановления VeraCrypt (после шифрования)\n\n + 1) Если после старта ПК экран загрузчика VeraCrypt не появляется (или не загружается Windows), возможно, повреждён загрузчик VeraCrypt. Диск восстановления VeraCrypt позволяет восстановить его и, таким образом, вновь получить доступ к зашифрованной системе и данным (учтите, однако, что вам всё равно будет нужно ввести правильный пароль). На экране Rescue Disk выберите 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Затем нажмите 'Y', чтобы подтвердить действие, выньте диск восстановления из CD/DVD-накопителя и перезагрузите компьютер.\n\n + 2) Если вы вводите правильный пароль, а VeraCrypt говорит, что пароль неверный, возможно, повреждены мастер-ключ или другие критические данные. Диск восстановления VeraCrypt позволяет восстановить их и, таким образом, вновь получить доступ к зашифрованной системе и данным (однако вам всё равно будет нужно ввести правильный пароль). На экране Rescue Disk выберите 'Repair Options' > 'Restore key data'. Затем введите свой пароль, нажмите 'Y' для подтверждения действия, выньте диск восстановления из CD/DVD-накопителя и перезагрузите компьютер.\n\n + 3) Если загрузчик VeraCrypt повреждён или инфицирован вирусом, вы можете избежать его выполнения, загрузившись непосредственно с диска восстановления VeraCrypt. Вставьте диск восстановления в CD/DVD-накопитель и затем введите свой пароль на экране Rescue Disk.\n\n + 4) Если Windows повреждена и отказывается запускаться, диск восстановления VeraCrypt позволяет перманентно расшифровать раздел/диск до запуска Windows. На экране Rescue Disk выберите 'Repair Options' > 'Permanently decrypt system partition/drive'. Затем введите правильный пароль и дождитесь завершения дешифрования. После этого вы можете, например, загрузиться с установочного CD/DVD-диска Windows и восстановить Windows.\n\n + Альтернативный вариант: если Windows повреждена (не запускается), и вам нужно её восстановить (или получить доступ к её файлам), дешифрования системного раздела/диска можно избежать, если выполнить следующие шаги. Если в вашем компьютере установлено несколько операционных систем, загрузите ту из них, которая не требует дозагрузочной аутентификации. Если в ПК нет нескольких установленных ОС, можно загрузиться с CD/DVD с WinPE или BartPE, либо подключить системный диск как вторичный или внешний накопитель к другому компьютеру и загрузить установленную на этом ПК операционную систему. После того как система загрузится, запустите VeraCrypt, нажмите кнопку 'Устройство', выберите неисправный системный раздел, нажмите OK, выберите 'Система' > 'Смонтировать без дозагрузочной аутентификации', введите свой пароль для дозагрузочной аутентификации и нажмите OK. Раздел будет смонтирован как обычный том VeraCrypt (данные будут как обычно расшифровываться/шифроваться 'на лету' в ОЗУ при доступе к ним).\n\n\n + Обратите внимание, что если вы потеряете свой диск восстановления VeraCrypt, а ваш неприятель его найдёт, он НЕ сможет с помощью этого диска расшифровать системный раздел или диск, если не знает правильного пароля. + \n\nВ А Ж Н О -- ПО ВОЗМОЖНОСТИ РАСПЕЧАТАЙТЕ ЭТОТ ТЕКСТ (нажмите 'Печать').\n\n\nПримечание: этот текст отображается автоматически при каждом запуске скрытой системы, пока не будет создана обманная ОС.\n\n\n + Как надёжно и безопасно создать обманную систему ----------------------------------------------------------------------------\n\nЧтобы добиться правдоподобного отрицания причастности, вам нужно создать сейчас обманную операционную систему. Для этого выполните следующее:\n\n + 1) В целях безопасности выключите компьютер и не включайте его хотя бы несколько минут (чем дольше, тем лучше). Это нужно для очистки памяти, содержащей конфиденциальные данные. Затем включите ПК, но не загружайте скрытую систему.\n\n + 2) Установите Windows в раздел, содержимое которого было удалено (т.е. в раздел, где была исходная ОС, клоном которой стала скрытая система).\n\nВАЖНО: КОГДА ВЫ НАЧНЁТЕ УСТАНАВЛИВАТЬ ОБМАННУЮ ОС, ЗАГРУЗКА СКРЫТОЙ СИСТЕМЫ СТАНЕТ *НЕВОЗМОЖНОЙ* (так как загрузчик VeraCrypt будет стёрт установщиком Windows). ЭТО НОРМАЛЬНАЯ СИТУАЦИЯ, ТАК И ДОЛЖНО БЫТЬ. НЕ ПАНИКУЙТЕ. ВЫ СМОЖЕТЕ СНОВА ЗАГРУЖАТЬ СКРЫТУЮ ОС, КАК ТОЛЬКО ПРИСТУПИТЕ К ШИФРОВАНИЮ ОБМАННОЙ СИСТЕМЫ (поскольку VeraCrypt затем автоматически установит свой загрузчик на системный диск).\n\nВАЖНО: Размер раздела с обманной ОС должен оставаться таким же, как и размер скрытого тома (это условие сейчас соблюдено). Более того, нельзя создавать никаких разделов между разделами с обманной и скрытой системами.\n\n + 3) Загрузите обманную ОС (установленную на этапе 2) и установите в ней VeraCrypt.\n\nПомните, что обманная ОС не должна содержать никаких конфиденциальных данных.\n\n + 4) В обманной ОС запустите VeraCrypt и выберите 'Система' > 'Зашифровать системный раздел/диск'. Должно появиться окно мастера создания томов VeraCrypt.\n\nСледующие шаги относятся к этому мастеру.\n\n + 5) В окне мастера создания томов НЕ выбирайте опцию 'Скрытый'. Оставьте опцию 'Обычный' и нажмите 'Далее'.\n\n + 6) Выберите опцию 'Зашифровать системный раздел Windows' и нажмите 'Далее'.\n\n + 7) Если в ПК установлены только скрытая и обманная системы, выберите опцию 'Одиночная загрузка' (если в ПК больше ОС, чем эти две системы, выберите 'Мультизагрузка'). Нажмите 'Далее'.\n\n + 8) ВАЖНО: На этом этапе, ДЛЯ ОБМАННОЙ ОС, ВЫ ДОЛЖНЫ ВЫБРАТЬ ТЕ ЖЕ АЛГОРИТМЫ ШИФРОВАНИЯ И ХЕШИРОВАНИЯ, ЧТО И ДЛЯ СКРЫТОЙ СИСТЕМЫ! ИНАЧЕ СКРЫТАЯ СИСТЕМА БУДЕТ НЕДОСТУПНА! Иными словами, обманная ОС должна быть зашифрована тем же алгоритмом, что и скрытая ОС. Примечание: причина этого требования в том, что обманная и скрытая системы используют один и тот же загрузчик, поддерживающий только один алгоритм, выбранный пользователем (для каждого алгоритма есть свой загрузчик VeraCrypt).\n\n + 9) Выберите пароль для обманной ОС. Это пароль, который вы можете выдать неприятелю, если вас вынудят сообщить пароль дозагрузочной аутентификации (ещё один пароль, который мы можете сообщить - для внешнего тома). Существование третьего пароля (т.е. пароля дозагрузочной аутентификации для скрытой ОС) останется тайной.\n\nВАЖНО: Пароль для обманной ОС должен существенно отличаться от пароля для скрытого тома (т.е. для скрытой ОС).\n\n + 10) Следуйте инструкциям мастера для шифрования обманной ОС.\n\n\n\n + После создания обманной системы ------------------------------------------------\n\nПо окончании шифрования обманной ОС процесс создания скрытой ОС будет завершён, и вы сможете пользоваться тремя паролями:\n\n1) Пароль дозагрузочной аутентификации для скрытой ОС.\n\n2) Пароль дозагрузочной аутентификации для обманной ОС.\n\n3) Пароль для внешнего тома.\n\n + Если вы хотите запустить скрытую ОС, нужно просто ввести пароль для скрытой ОС на экране загрузчика VeraCrypt (который появляется при включении или перезагрузке ПК).\n\nЕсли вам нужно загрузить обманную ОС, введите пароль для обманной ОС на экране загрузчика VeraCrypt.\n\nПароль для обманной ОС можно сообщать всякому, кто потребует выдать пароль дозагрузочной аутентификации. Наличие скрытого тома (и скрытой ОС) останется в секрете.\n\n + Третий пароль (для внешнего тома) можно сообщать всякому, кто потребует выдать пароль для первого раздела, следующего за системным, где находятся внешний и скрытый тома (со скрытой ОС). Существование скрытого тома (и скрытой ОС) останется секретом.\n\n\n + Если вы сообщите неприятелю пароль от обманной ОС, и он спросит, почему свободное место на (обманном) системном разделе содержит случайные данные, вы сможете, например, ответить: "Этот раздел раньше содержал систему, зашифрованную VeraCrypt, но я забыл(а) пароль дозагрузочной аутентификации (или система повредилась и перестала загружаться), поэтому мне пришлось переустановить Windows и снова зашифровать раздел".\n\n\n + Если выполнены все инструкции и учтены меры предосторожности, описанные в главе "Требования безопасности и меры предосторожности касательно скрытых томов" в Руководстве пользователя VeraCrypt, определить наличие скрытого тома и скрытой ОС должно быть невозможно, даже если смонтирован внешний том или расшифрована/запущена обманная ОС.\n\nЕсли вы сохраните или распечатаете копию этого текста (это настоятельно рекомендуется сделать, если только ваш принтер не хранит копии заданий на своём внутреннем накопителе), то, создав обманную систему и убедившись, что вы поняли всё, что тут написано, все копии данного текста следует уничтожить (иначе если такую копию обнаружат, это может навести на мысль о наличии в ПК скрытой ОС).\n\n + ВНИМАНИЕ: ЕСЛИ ВЫ НЕ ЗАЩИТИЛИ СКРЫТЫЙ ТОМ (о том, как это сделать, см. главу "Защита скрытых томов от повреждений" в Руководстве пользователя VeraCrypt), НЕ ВЫПОЛНЯЙТЕ ЗАПИСЬ ВО ВНЕШНИЙ ТОМ (обратите внимание, что обманная ОС установлена НЕ во внешнем томе). ИНАЧЕ ВЫ МОЖЕТЕ ПЕРЕЗАПИСАТЬ И ПОВРЕДИТЬ СКРЫТЫЙ ТОМ (И СКРЫТУЮ ОС ВНУТРИ НЕГО)! + Клонирование ОС + На следующих этапах VeraCrypt создаст скрытую ОС, скопировав содержимое системного раздела в скрытый том (копируемые данные шифруются 'на лету' с ключом, отличным от используемого для обманной ОС).\n\nУчтите, что процесс выполняется на дозагрузочной стадии (до запуска Windows) и может занять много времени (несколько часов или даже дней, в зависимости от размера системного раздела и быстродействия ПК).\n\nВы сможете прервать этот процесс, выключить ПК, запустить ОС и затем возобновить его. Однако в случае прерывания, копирование системы придётся начать сначала (так как при клонировании содержимое системного раздела не должно изменяться). + Вы хотите отменить весь процесс создания скрытой операционной системы?\n\nПримечание: в случае отмены вы НЕ сможете возобновить процесс. + Вы хотите отменить пре-тест шифрования системы? + Пре-тест шифрования системы не пройден. Хотите повторить попытку?\n\nПри выборе 'Нет' компонент дозагрузочной аутентификации будет удалён.\n\nПримечания:\n\n- Если загрузчик VeraCrypt не просил вас ввести пароль перед стартом Windows, возможно, ваша ОС загружается не с того диска, на котором она установлена. Такая конфигурация не поддерживается.\n\n- Если вы используете отличный от AES алгоритм шифрования, и пре-тест выдаёт ошибку (и вы ввели пароль), это может быть вызвано некорректным драйвером. Выберите 'Нет' и попробуйте снова зашифровать системный раздел/диск, но с использованием алгоритма AES (он предъявляет наименьшие требования к памяти).\n\n- С другими причинами и решениями вы можете ознакомиться здесь: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + Судя по всему, системный раздел/диск не зашифрован (ни частично, ни полностью). + Системный раздел/диск зашифрован (частично или полностью).\n\nПрежде чем продолжить, полностью дешифруйте системный раздел/диск. Чтобы это сделать, выберите в главном окне VeraCrypt меню 'Система' > 'Перманентно расшифровать системный раздел/диск'. + Если системный раздел/диск зашифрован (частично или полностью), устанавливать VeraCrypt более старой версии нельзя (но можно устанавливать более новую или ту же версию). + В данный момент идёт шифрование, дешифрование или иная модификация системного раздела/диска. Прежде чем продолжить, прервите процесс шифрования/дешифрования/модификации (или дождитесь его окончания). + В системе уже запущена копия мастера создания томов VeraCrypt, она выполняет или подготавливает шифрование/дешифрование системного раздела/диска. Прежде чем продолжить, дождитесь завершения работы мастера или закройте его. Если закрыть окно мастера не удаётся, перезагрузите ПК и продолжите. + Шифрование или дешифрование системного раздела/диска не завершено. Прежде чем продолжить, дождитесь завершения этого процесса. + ОШИБКА: Шифрование раздела/диска не было завершено. Сначала его нужно завершить. + ОШИБКА: Шифрование раздела/тома не было завершено. Сначала его нужно завершить.\n\nПримечание: чтобы возобновить процесс, выберите команду 'Тома' > 'Продолжить прерванный процесс' в меню главного окна VeraCrypt. + Пароль правильный. VeraCrypt успешно расшифровал заголовок тома и обнаружил, что этот том является скрытым системным томом. Однако изменить заголовок скрытого системного тома таким способом нельзя.\n\nЧтобы изменить пароль скрытого системного тома, загрузите ОС, расположенную в скрытом томе, после чего в главном окне VeraCrypt выберите в меню 'Система' > 'Изменить пароль'.\n\nЧтобы установить алгоритм деривации ключа заголовка, загрузите скрытую ОС и выберите 'Система' > 'Установить алгоритм деривации ключа заголовка'. + VeraCrypt не поддерживает дешифрование скрытого системного раздела на месте.\n\nПримечание: если вы хотите дешифровать обманный системный раздел, загрузите обманную ОС, после чего выберите в главном окне VeraCrypt меню 'Система' > 'Перманентно расшифровать системный раздел/диск'. + ОШИБКА: Неверный/недопустимый параметр. + Вы выбрали раздел или устройство, но выбранный режим мастера подходит только для файловых контейнеров.\n\nХотите изменить режим мастера? + Хотите вместо этого создать файловый контейнер VeraCrypt? + Вы указали системный раздел/диск (или загрузочный раздел), но выбранный режим мастера подходит только для несистемных разделов/дисков.\n\nХотите установить дозагрузочную аутентификацию (т.е. нужно будет вводить пароль перед каждым запуском Windows) и зашифровать систему/раздел? + Вы действительно хотите перманентно расшифровать системный раздел/диск? + ОСТОРОЖНО: Если вы перманентно расшифруете системный раздел/диск, данные на него будут записываться в незашифрованном виде.\n\nВы действительно хотите перманентно расшифровать системный раздел/диск? + Вы действительно хотите перманентно расшифровать этот том? + ОСТОРОЖНО: Если вы перманентно расшифруете том VeraCrypt, данные на диск будут записываться в незашифрованном виде.\n\nВы действительно хотите перманентно расшифровать выбранный том? + ВНИМАНИЕ: В случае использования каскада шифров при шифровании системы возможны следующие затруднения:\n\n1) Так как загрузчик VeraCrypt больше стандартного, на первой дорожке диска недостаточно места для резервирования его копии. Поэтому если загрузчик VeraCrypt окажется повреждён (что часто случается, например, при активации некоторых некорректно написанных программ), потребуется диск восстановления (VeraCrypt Rescue Disk), чтобы загрузиться с него или исправить загрузчик VeraCrypt.\n\n2) На некоторых компьютерах восстановление из состояния сна/гибернации происходит дольше обычного.\n\nЭтих потенциальных проблем можно избежать, если выбрать некаскадный алгоритм шифрования (например AES).\n\nВы настаиваете на использовании каскадного шифрования? + Если вы столкнулись с любой из ранее описанных проблем, дешифруйте раздел/диск (если он зашифрован), после чего попробуйте зашифровать его снова, используя не-каскадный алгоритм шифрования (например AES). + ВНИМАНИЕ: В целях безопасности и надёжности следует обновить VeraCrypt в обманной операционной системе, прежде чем вы обновите его в скрытой ОС.\n\nЧтобы это сделать, загрузите обманную ОС и запустите в ней установщик VeraCrypt. Затем загрузите скрытую систему и также запустите установщик ещё и оттуда.\n\nПримечание: обманная и скрытая системы используют один и тот же загрузчик. Если вы обновите VeraCrypt только на скрытой системе (но не на обманной), в обманной системе могут остаться драйвер и приложения VeraCrypt, чьи версии будут отличаться от версии загрузчика VeraCrypt. Такое различие может свидетельствовать о присутствии в данном ПК скрытой операционной системы.\n\n\nХотите продолжить? + Номер версии загрузчика VeraCrypt, с помощью которого была загружена эта ОС, отличается от номера версии драйвера и приложений VeraCrypt, установленных в этой системе.\n\nВам следует запустить установщик VeraCrypt (той же версии, что и у загрузчика VeraCrypt), чтобы обновить VeraCrypt в этой операционной системе. + Номер версии загрузчика VeraCrypt, с помощью которого загружена эта ОС, отличается от номера версии драйвера VeraCrypt (и приложений VeraCrypt) в этой системе. Более старые версии могут содержать ошибки, которых в новых версиях уже нет.\n\nЕсли вы не загружались с диска восстановления VeraCrypt, следует переустановить VeraCrypt или обновить до новейшей стабильной версии (при этом загрузчик также будет обновлён).\n\nЕсли вы загружались с диска восстановления VeraCrypt, следует обновить его ('Система' > 'Создать диск восстановления'). + Загрузчик VeraCrypt обновлён.\n\nНастоятельно рекомендуется создать новый диск восстановления VeraCrypt (Rescue Disk), который будет содержать новую версию загрузчика VeraCrypt. Для этого после перезагрузки компьютера выберите меню 'Система' > 'Создать диск восстановления'. + Загрузчик VeraCrypt обновлён.\n\nНастоятельно рекомендуется загрузить обманную операционную систему и затем создать новый диск восстановления VeraCrypt (который будет содержать новую версию загрузчика VeraCrypt). Для этого выберите меню 'Система' > 'Создать диск восстановления'. + Ошибка обновления загрузчика VeraCrypt. + VeraCrypt не может определить настоящий размер системного диска, поэтому будет использовать размер, сообщённый операционной системой (который может быть меньше реального размера). Примечание: это не ошибка в VeraCrypt. + ВНИМАНИЕ: Похоже, VeraCrypt уже пытался обнаружить скрытые сектора на этом системном диске. Если во время предыдущей попытки обнаружения вы столкнулись с какими-то проблемами, то можете сейчас их избежать, пропустив операцию поиска скрытых секторов. Обратите внимание, что в этом случае VeraCrypt будет использовать размер, сообщаемый операционной системой (который может быть меньше действительного размера диска).\n\nЭто происходит не из-за какой-либо ошибки в VeraCrypt. + Не выполнять поиск скрытых секторов (использовать размер, сообщённый ОС) + Попробовать найти скрытые сектора ещё раз + ОШИБКА: Не удаётся прочитать один или несколько секторов на диске (вероятно, из-за физического дефекта).\n\nШифрование 'на месте' может быть продолжено, только когда секторы снова будут доступны для чтения. VeraCrypt может попытаться сделать эти сектора читабельными путём записи в них нулей (впоследствии такие содержащие одни нули блоки будут зашифрованы). Данные в нечитаемых секторах при этом будут утеряны. Если вы хотите этого избежать, попробуйте хотя бы частично восстановить повреждённые данные с помощью соответствующих программ сторонних фирм.\n\nПримечание: если секторы повреждены физически (в отличие от простой порчи данных и ошибок контрольных сумм), большинство устройств хранения информации внутренне перераспределяют секторы при попытке записать в них данные (поэтому имеющиеся данные в повреждённых секторах могут оставаться на диске незашифрованными).\n\nХотите, чтобы VeraCrypt заполнил нулями нечитаемые секторы? + ОШИБКА: Невозможно прочитать содержимое одного или нескольких секторов диска (вероятно, из-за физического дефекта).\n\nЧтобы продолжить шифрование, VeraCrypt отбросит содержимое нечитаемых секторов (оно будет заменено псевдослучайными данными). Прежде чем продолжить, вы можете попытаться хотя бы частично восстановить повреждённые данные с помощью соответствующих программ сторонних фирм.\n\nХотите, чтобы VeraCrypt отверг сейчас данные в нечитаемых секторах? + Примечание: содержимое %I64d нечитаемых секторов (%s) заменено зашифрованными блоками с обычным нулевым текстом. + Примечание: содержимое %I64d нечитаемых секторов (%s) заменено псевдослучайными данными. + Введите пароль/PIN для токена '%s': + Чтобы обеспечить VeraCrypt доступ к токену безопасности или смарт-карте,\nсначала нужно установить программную библиотеку PKCS #11 для токена\nили смарт-карты. Эта библиотека может поставляться вместе с устройством,\nлибо она имеется на сайте поставщика или сторонней фирмы.\nУстановив библиотеку, вы можете выбрать её вручную, нажав 'Библиотека',\nлибо позволить VeraCrypt найти её автоматически, нажав 'Автоопределение библиотеки' (поиск выполняется только в системной папке Windows). + ПРИМЕЧАНИЕ: Имя и расположение файла библиотеки PKCS #11\nдля токена или смарт-карты см. в документации к токену,\nсмарт-карте или ПО сторонних фирм.\n\nНажмите OK, чтобы выбрать путь и имя файла. + Чтобы обеспечить VeraCrypt доступ к токену безопасности или\nсмарт-карте, сначала нужно выбрать программную библиотеку\nPKCS #11 для токена/карты.\nДля этого выберите в меню 'Настройки' > 'Токены безопасности'. + Ошибка инициализации библиотеки PKCS #11 для токена безопасности.\n\nУбедитесь, что указанные путь и имя файла действительно ссылаются на библиотеку PKCS #11. Чтобы указать путь и имя библиотеки PKCS #11, выберите в меню 'Настройки' > 'Токены безопасности'. + В системной папке Windows библиотека PKCS #11 не обнаружена.\n\nПроверьте, установлена ли библиотека PKCS #11 для вашего токена безопасности (или смарт-карты).\nЭта библиотека может поставляться вместе с токеном/картой или же доступна на сайте производителя/сторонней фирмы.\nЕсли библиотека установлена в папке, отличной от системной папки Windows, нажмите кнопку 'Библиотека' и выберите её\n(например, это может быть папка, где установлено ПО для токена/карты). + Токен безопасности не обнаружен.\n\nУбедитесь, что токен подключён к ПК, и для него установлен корректный драйвер. + Ключевой файл токена безопасности не обнаружен. + Ключевой файл токена безопасности с таким именем уже существует. + Вы хотите удалить выбранные файлы? + Путь к ключевому файлу токена безопасности неверен. + Ошибка токена безопасности + Неверный пароль для токена безопасности. + В токене безопасности недостаточно памяти для выполнения запрошенной операции.\n\nЕсли вы пытаетесь импортировать ключевой файл, выберите файл меньшего объёма или используйте ключевой файл, сгенерированный VeraCrypt (выберите 'Сервис' > 'Генератор ключевых файлов'). + Все открытые токен-сессии были закрыты. + Выберите ключевые файлы токена безопасности + Слот + Токен + Имя файла + ВАЖНО: Учтите, что пароли дозагрузочной аутентификации всегда вводятся при стандартной раскладке американской клавиатуры. Поэтому том, пароль которого набран в любой другой раскладке, может оказаться невозможно смонтировать с помощью кэшированного пароля дозагрузочной аутентификации (это не ошибка VeraCrypt). Чтобы смонтировать такой том с паролем дозагрузочной аутентификации, выполните следующее:\n\n1) Нажмите кнопку 'Файл' или 'Устройство' и выберите том.\n2) В меню 'Тома' выберите 'Изменить пароль тома'.\n3) Введите текущий пароль для этого тома.\n4) Измените раскладку клавиатуры на английскую (США), щёлкнув по значку языка в панели задач Windows.\n5) В окне VeraCrypt в поле для нового пароля введите пароль для дозагрузочной аутентификации.\n6) Введите этот же пароль ещё раз в поле для проверки и нажмите OK.\nВНИМАНИЕ: Помните, что в результате этих действий пароль тома нужно будет всегда вводить в американской раскладке клавиатуры (которая гарантированно включена только на этапе дозагрузочной аутентификации). + Системные избранные тома будут монтироваться с использованием пароля дозагрузочной аутентификации. Если у какого-то из таких томов другой пароль, этот том смонтирован не будет. + Если вы хотите запретить функции VeraCrypt с обычными томами ('Размонтировать все', авторазмонтирование и др.) для избранных системных томов, нужно включить параметр 'Просматривать/размонтировать системные избранные тома могут лишь администраторы'. Кроме того, если VeraCrypt запущен без прав администратора (что стандартно для Vista и более новых версий Windows), избранные системные тома не будут отображаться в списке букв дисков в главном окне VeraCrypt. + ВАЖНО: Если выбрана эта опция, а VeraCrypt не имеет административных привилегий, то смонтированные системные избранные тома НЕ отображаются в окне VeraCrypt и их нельзя размонтировать. Поэтому если, например, нужно размонтировать системный избранный том, сначала щёлкните ПКМ по значку VeraCrypt (в меню 'Пуск') и выберите запуск от имени администратора. То же самое относится к функции 'Размонтировать все', функциям авторазмонтирования, горячим клавишам 'Размонтировать все' и т.д. + ВНИМАНИЕ: Эта установка вступит в силу после перезагрузки операционной системы. + Ошибка обработки командной строки. + Диск восстановления + Выбрать &файл и смонтировать... + Выбрать &устройство и смонтировать... + Просматривать/размонтировать системные избранные тома могут лишь администраторы + Монтировать системные избранные тома при старте Windows (в начальной фазе загрузки) + ВНИМАНИЕ: Файловая система тома, смонтированного как '%s', не была аккуратно размонтирована, и потому может содержать ошибки. Использование повреждённой файловой системы может привести к потере или порче данных.\n\nПримечание: прежде чем физически удалять или выключать устройство (например флэш-накопитель USB или внешний жёсткий диск), на котором находится смонтированный том VeraCrypt, сначала всегда следует размонтировать этот том.\n\n\nХотите, чтобы Windows попыталась найти и исправить ошибки (если они есть) файловой системы? + ВНИМАНИЕ: Один или несколько системных избранных томов не были чисто размонтированы и потому могут содержать ошибки файловой системы. См. подробности в системном отчёте о событиях.\n\nИспользование повреждённой файловой системы может привести к потере или повреждению данных. Проверьте такие тома на ошибки (щёлкните правой кнопкой мыши на томе и выберите команду починки файловой системы). + ВНИМАНИЕ: Исправление повреждённой файловой системы с помощью утилиты\nMicrosoft 'chkdsk' может привести к потере файлов в повреждённых участках.\nПоэтому рекомендуется сначала скопировать файлы с тома VeraCrypt на другой,\nнеповреждённый том VeraCrypt.\n\nВы хотите исправить файловую систему сейчас? + Том '%s' смонтирован как 'только для чтения', так как была отвергнута попытка записи.\n\nПроверьте, достаточно ли у вас прав для записи в файловый контейнер (щёлкните ПКМ на контейнере и выберите 'Свойства' > 'Безопасность').\n\nОбратите внимание, что из-за ошибки в Windows это предупреждение может появляться даже при правильной установке прав доступа. Это не ошибка VeraCrypt. Возможное решение - перенос контейнера, например, в вашу папку 'Документы'.\n\nЕсли вы намереваетесь сохранить у этого тома доступ только для чтения, установите на контейнер атрибут 'Только чтение' (щёлкните по контейнеру ПКМ и выберите 'Свойства' > 'Только чтение'), чтобы избежать вывода данного предупреждения. + Том '%s' смонтирован как 'только для чтения', так как была отвергнута попытка записи.\n\nПроверьте, не обращаются ли к разделу/устройству, на котором расположен том, другие приложения (например антивирусное ПО). + Том '%s' смонтирован как 'только для чтения' - ОС запретила запись на хост-устройство.\n\nОбратите внимание, что некоторые драйверы чипсета (НМС) ошибочно представляют доступные для записи носители как устройства только для чтения. Эта проблема не по вине VeraCrypt. Её можно решить обновлением или удалением имеющихся в системе драйверов чипсета сторонних производителей (не Microsoft). + Hyper-Threading - это несколько логических ядер на одном физическом ядре. Если Hyper-Threading включена, число выше показывает количество логических процессоров/ядер. + %d шт. + Аппаратное ускорение AES отключено, что скажется на результатах теста (ухудшит производительность).\n\nЧтобы включить аппаратное ускорение, в меню 'Настройки' выберите пункт 'Быстродействие' и включите соответствующий параметр. + Число потоков сейчас ограничено, что скажется на результатах теста (ухудшит производительность).\n\nЧтобы задействовать весь потенциал ЦП, в меню 'Настройки' выберите пункт 'Быстродействие' и отключите соответствующий параметр. + Хотите, чтобы VeraCrypt попробовал отключить защиту от записи у раздела/диска? + ВНИМАНИЕ: Этот параметр может ухудшить производительность.\n\nВы действительно хотите его включить? + ВНИМАНИЕ: Том VeraCrypt автоматически размонтирован + Прежде чем физически удалить или отключить устройство, содержащее смонтированный том, сначала следует всегда размонтировать этот том в VeraCrypt.\n\nНеожиданное самопроизвольное размонтирование бывает обычно вызвано периодическими сбоями в кабеле, диске (корпусе) и т.д. + Этот том создан с помощью TrueCrypt %x.%x. VeraCrypt поддерживает только тома TrueCrypt, созданные с помощью TrueCrypt версий 6.x/7.x. + Тест + Ключевой файл + Backspace + Tab + Очистить + Enter + Pause + Caps Lock + Пробел + Page Up + Page Down + End + Home + Стрелка влево + Стрелка вверх + Стрелка вправо + Стрелка вниз + Клавиша выбора + Клавиша печати + Клавиша выполнения + Print Screen + Insert + Delete + Клавиша приложений + Сон + Num Lock + Scroll Lock + Браузер - назад + Браузер - вперёд + Браузер - обновить + Браузер - стоп + Браузер - поиск + Браузер - избранное + Браузер - начальная страница + Без звука + Уменьшить громкость + Увеличить громкость + Следующий трек + Предыдущий трек + Стоп + Пуск/пауза + Клавиша запуска почты + Клавиша выбора носителя + Приложение 1 + Приложение 2 + Attn + СозВыд + РасВыд + Пуск + Зум + NumPad + Shift + Control + Alt + Win + Б + КБ + МБ + ГБ + ТБ + ПБ + б/с + КБ/с + МБ/с + ГБ/с + ТБ/с + ПБ/с + + С &PIM при кэшировании пароля дозагрузочной аутентификации + Включать PIM при кэшировании пароля + Отключённые сетевые диски доступны для монтирования + Слишком длинный пароль: в UTF-8 он превышает 64 байта. + Введённый пароль содержит символы Юникода, которые не удалось преобразовать в UTF-8. + ОШИБКА: Не удалось загрузить системную библиотеку. + Указанный в командной строке размер файла тома несовместим с выбранной файловой системой exFAT. + Хаотично из перемещений мыши + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.sk.xml b/Translations/Language.sk.xml index b7e698c2..89a6b617 100644 --- a/Translations/Language.sk.xml +++ b/Translations/Language.sk.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Zrušiť - Install &for all users - Bro&wse... - Pridať ikonu VeraCrypt na p&lochu - Donate now... - Associate the .hc file &extension with VeraCrypt - &Open the destination location when finished - Pridať VeraCrypt do &Štart menu - Vytvoriť bod &obnovenia - &Odinštalovať - &Extract - &Install - VeraCrypt Setup Wizard - Odinštalovať VeraCrypt - &Nápoveda - Please select or type the location where you want to place the extracted files: - Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. - Click Uninstall to remove VeraCrypt from this system. - Prerušiť - &Benchmark - &Otestovať - Create encrypted volume and format it - Encrypt partition in place - Display generated keys (their portions) - Zobraziť generovaný obsah - Download CD/DVD recording software - Create an encrypted file container - &GB - &TB - More information - Hi&dden VeraCrypt volume - More information about hidden volumes - Direct mode - Normal mode - &KB - &Použiť súborové kľúče - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - Súborové &kľúče... - Informácie o hash. algoritmoch - Viac informácií - Information on PIM - &MB - More information - More information about system encryption - More information - Multi-boot - Encrypt a non-system partition/drive - Neukladať &históriu - Otvoriť externý zväzok - &Pause - Use P&IM - Use PIM - Rýchlo sformátovať - &Ukázať heslo - &Display password - &Display PIM - Single-boot - Standard VeraCrypt volume - Hi&dden - Normal - Encrypt the system partition or entire system drive - Encrypt the Windows system partition - Encrypt the whole drive - VeraCrypt Volume Creation Wizard - Cluster - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. - &Potvrdiť: - Hotovo - Drive letter: - Šifrovací algoritmus - Systém súborov - Creates a virtual encrypted disk within a file. Recommended for inexperienced users. - Predvoľby - Hashovací algoritmus - Kľúč hlavičky: - Zostáva - Hlavný kľúč: - Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - Current pool content (partial) - Pass - Heslo: - Volume PIM: - Volume PIM: - Progress: - Náhodný výber: - Select this option if there is only one operating system installed on this computer (even if it has multiple users). - Rýchlosť - Status - The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. - Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Wipe mode: - Zatvoriť - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - Nerobiť nič - &Automaticky pripojiť zväzok VeraCrypt (uvedené nižšie) - &Spustiť VeraCrypt - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - Prechádzať... - Prechádzať... - Ukladať &hesla a súborové kľúče do medzipamäte - Skončiť pokiaľ neexistuje žiaden pripojený zväzok - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - Zahrnúť Sprievodca vytvorením zväzku VeraCrypt - Vytvoriť - V&ytvoriť zväzok - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Použiť súbor. kľúče - Použiť súbor. kľúče - &Koniec - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Priradiť - Odstrániť - Súbor. kľúče... - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - &Autom. pripojiť zariadenie - Možnosti pripojenia - Pripojiť zväzok len &na čítanie - Súbor. kľúče... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Povolené - Ukladať hesla do pamäti ovládača - Autom. odpojiť zväzok pokiaľ z/do neho nebolo čítané/zapisované - Užívateľ sa odhlasuje - User session locked - Prechádzam do úsporného režimu - Je spustený šetrič obrazovky - Vynútiť automatické odpojenie aj keď zväzok obsahuje otvorené súbory alebo adresáre - Príp. všetky zväzky umiestnené na zariadeniach - Start VeraCrypt Background Task - Pripojiť zväzky len na čítanie - Pripojiť zväzky ako vymeniteľné média - Otvoriť okno Prieskumníka pre úspešne pripojený zväzok - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Odstrániť hesla z medzipamäte a automaticky odpojiť - Odstrániť hesla z medzipamäte pri skončenie - Preserve modification timestamp of file containers - Vymazať - Vybrať &zariadenie... - Vybrať &súbor... - Select &Library... - Zobraziť heslo - Zobraziť heslo - Otvoriť okno &Prieskumníka pre pripojený zväzok - &Ukladať hesla do medzipamäte - TrueCrypt Mode - O&dpojiť všetko - Vlastnos&ti zväzku... - &Nástroje zväzku... - Vyčistiť &medzipamäť - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - Systémové klávesové skratky - VeraCrypt - Change Password or Keyfiles - Zadajte heslo zväzku VeraCrypt - VeraCrypt - Performance and Driver Options - VeraCrypt - predvoľby - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - VeraCrypt Traveler Disk Setup - Vlastnosti zväzku VeraCrypt - O programe... - Pridať/Odobrať súborové kľúče do/z zväzku... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Zálohovať hlavičku zväzku... - Test rýchlosti... - Zadajte derivačný algoritmus pre kľúč hlavičky... - Zmeniť heslo zväzku... - Set Header Key Derivation Algorithm... - Change Password... - Vymazať históriu zväzku - Close All Security Token Sessions - Kontakt... - Create Hidden Operating System... - Create Rescue Disk... - Vytvoriť nový zväzok... - Permanently Decrypt... - Pôvodné (default) súborové kľúče... - Default Mount Parameters... - Donate now... - Encrypt System Partition/Drive... - Často kladené otázky - Užívateľská príručka - &Domovská stránka - Klávesové skratky... - Generátor súborového kľúča - Jazyk... - Licencia - Manage Security Token Keyfiles... - Automaticky pripojiť všetky zväzky na zariadenie - Pripojiť obľúbené zväzky - Mount Without Pre-Boot &Authentication... - Pripojiť zväzok - Pripojiť zväzky s predvoľbami - Novinky - On-line nápoveda - Návod pre začiatočníkov - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Permanently Decrypt System Partition/Drive - Predvoľby... - Obnoviť písmena diskov - Odstrániť všetky súborové kľúče zo zväzku... - Obnoviť hlavičku zväzku... - Resume Interrupted Process - Vybrať zariadenie... - Vybrať súbor... - Resume Interrupted Process - System Encryption... - Properties... - Settings... - System Favorite Volumes... - Na stiahnutie - Testovacie vektory... - Security Tokens... - Traveler Disk Setup... - Odpojiť všetky pripojené zväzky - Odpojiť zväzok - Verify Rescue Disk - Verify Rescue Disk ISO Image - História verzií - Volume Expander - Vlastnosti zväzku - Sprievodca vytvorením zväzku - Domovská stránka VeraCrypt - Odstrániť hesla z medzipamäte - OK - Hardware Acceleration - Klávesová skratka - Konfigurácia automatického spúšťania (autorun.inf) - Automatické odpojenie - Odpojiť vše keď: - Boot Loader Screen Options - Potvrdiť heslo: - Aktuálny - Display this custom message in the pre-boot authentication screen (24 characters maximum): - Pôvodné (default) predvoľby pripojenia - Predvoľby klávesových skratiek - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Nastavanie súboru - Kláves k priradeniu: - Processor (CPU) in this computer supports hardware acceleration for AES: - Akcia na vykonanie po prihlásení do Windows - minút - Pripojiť zväzok s písm. disku: - Predvoľby pripájania - Nové - Heslo: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - Medzipamäť pre hesla - Security Options - VeraCrypt úloha na pozadí - VeraCrypt volume to mount (relative to traveler disk root): - Upon insertion of traveler disk: - Create traveler disk files at (traveler disk root directory): - Zväzok - Windows - Pridať &cestu... - &Auto-test všetkých - &Continue - &Dešifrovať - &Delete - &Šifrovať - &Export... - Generovať a uložiť súborový kľúč... - &Generovať náhodný súborový kľúč... - Stiahnuť jazykový balíček - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - &Použiť súborové kľúče - Súbor. k&ľúče... - &Odstrániť - Odstrániť &všetky - Čo je ochrana skrytého zväzku? - More information on keyfiles - Pripojiť zväzok ako vymeniteľné &médium - Mount partition &using system encryption without pre-boot authentication - Parallelization: - Test rýchlosti - &Print - &Chrániť skrytý zväzok proti poškodeniu spôsobeného zápisom do vonkajšieho zväzku - &Vynulovať - &Zobraziť heslo - Add &Token Files... - Use backup header embedded in &volume if available - XTS mode - O programe VeraCrypt - VeraCrypt - test rýchlosti šifrovacích algoritmov - VeraCrypt - test vektorov - Nápoveda príkazového riadka - VeraCrypt - súborové kľúče - VeraCrypt - generátor súborových kľúčov - VeraCrypt - jazyk - VeraCrypt - možnosti pripojenia - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Vyberte oddiel alebo zariadenie - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Aktívny jazykový balíček - Rýchlosť je ovplyvnená zaťažením procesora a vlastnosťami úložného zariadenia.\n\nTieto testy prebiehajú v pamäti RAM. - Veľkosť bufferu: - Algoritmus: - H&eslo pre skrytý zväzok:\n(medzipam., keď je prázdné) - Ochrana skrytého zväzku - Veľkosť kľúča: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. - VÝSTRAHA: Ak stratíte súborový kľúč alebo sa zmení jediný bit z prvých 1024 kilobytov, nebude viac možné pripojiť zväzok používajúci súbor. kľúč! - bitov - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Preložil: - Veľkosť obyč. textu: - bitov - Aktuálny generovaný obsah - Mixovací PRF: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Secondary key (hexadecimal) - Security token: - Metóda triedenia: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Block number: - Šifrovaný text (hexadecimálne) - Data unit number (64-bit hexadecimal, data unit size is 512 bytes) - Kľúč (hexadecimálne) - Obyčajný text (hexadecimálne) - Keyfile name: - XTS mode - S&ystem - &Zväzky - Favor&ites - &Nástroje - Settin&gs - Náp&oveda - &Domovská stránka - - &O programe... - Atribút na čítanie na vašom starom zväzku nemohol byť zmenený. Skontrolujte prosím prístupové práva k súboru. - Chyba: Prístup zamietnutý.\n\nOddiel, na ktorý sa snažíte pristúpiť má buď 0 sektorov alebo je to zavádzacie zariadenie. - Administrator - Pre nahratie ovládača VeraCrypt musíte byť prihlásený ako administrátor. - Pre šifrovanie/Dešifrovanie/formátovanie oddielu/zariadenia musíte byť prihlásený s administrátorskými právami.\n\nToto sa netýka zväzkov, ktoré sú vytvorené zo súborov. - Pre vytvorenie skrytého zväzku musíte byť prihlásený s administrátorskými právami.\n\nPokračovať? - Pre sformátovanie zväzku systémom NTFS musíte byť prihlásený s administrátorskými právami.\n\nBez administrátorských práv môžete zväzok sformátovať systémom súborov FAT. - FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. - Zväzok je už pripojený. - UPOZORNENIE: Aspoň jeden šifrovací alebo hashovací algoritmus zlyhal pri internom automatickom testovaní!\n\nVeraCrypt inštalácia môže byť poškodená. - UPOZORNENIE: V zhromažďovači náhodných čísel nie je dosť informácií k poskytnutiu požadovaného množstva náhodných dát.\n\nĎalej by ste nemali pokračovať. Vyberte 'Ohlásiť chybu' z menu Nápovedy a oznámte túto chybu. - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Neplatné písmeno disku. - Invalid path. - Zrušiť - Zariadenie nie je prístupné. Ubezpečte sa, že vybraté zariadenie existuje a nie je používané systémom. - UPOZORNENIE: Caps Lock je zapnutý. Toto by mohlo spôsobiť zadanie nesprávneho hesla. - Volume Type - It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. - Select this option if you want to create a normal VeraCrypt volume. - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - Šifrovacie predvoľby externého zväzku - Šifrovacie predvoľby skrytého zväzku - Predvoľby šifrovania - UPOZORNENIE: Nepodarilo sa vyčistiť cestu naposledy vybraného zväzku/súborového kľúča (zapamätané pri výbere súboru)! - Chyba: súborový zväzok bol skomprimovaný na úrovni systému súborov. VeraCrypt nepodporuje skomprimované súborové zväzky (pozn.: kompresia zašifrovaných dát je neefektívna a zbytočná).\n\nVypnite, prosím, kompresiu pre súborový zväzok podľa nasledujúcich krokov: 1) kliknite pravým tlačidlom myši na súborový zväzok v Prieskumníkovi Windows (nie v programe VeraCrypt). 2) Vyberte 'Vlastnosti'. 3) V dialógovom okne 'Vlastnosti' kliknite 'Upresniť'. 4) V dialógovom okne 'Upresniť atribúty', zrušte voľbu 'Komprimovať obsah a šetriť tak miesto na disku' a kliknite 'OK'. 5) V dialógovom okne 'Vlastnosti' kliknite 'OK'. - Vytvorenie zväzku %s zlyhalo - Veľkosť %s je %.2f bajtov - Veľkosť %s je %.2f KB - Veľkosť %s je %.2f MB - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - VÝSTRAHA: zariadenie/oddiel sa používa operačným systémom alebo aplikáciami. Formátovanie zariadenia/oddielu môže spôsobiť poškodenie dát alebo systémovou nestabilitu.\n\nPokračovať? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - Chyba: zariadenie/oddiel obsahuje systém súborov, ktorý nie je možné pripojiť. Systém súborov môže byť používaný operačným systémom. Formátovanie zariadenia/oddielu by pravdepodobne spôsobilo poškodenie dát a systémovou nestabilitu.\n\nPre vyriešenie tohto problému doporučujeme najskôr zmazať oddiel a potom ho znova vytvoriť bez formátovania. Postupujte nasledovne: 1) Pravý-klik myšou na ikonu 'Tento počítač' alebo v menu 'Štart' vyberte 'Spravovať'. Zobrazí sa okno 'Správa počítača'. 2) V okne 'Správa počítača' vyberte 'ukladací priestor' > 'Správa diskov'. 3) Pravý-klik myšou na oddiel, ktorý chcete zašifrovať a vyberte buď 'zmazať oddiel' alebo 'zmazať zväzok' alebo 'zmazať logický disk'. 4) kliknite 'Áno'. pokiaľ sa Windows opýta na reštart počítača, vykonajte tak. Potom zopakujte kroky 1 a 2 a pokračujte od kroku 5. 5) Pravý-klik na nealokované/Voľné miesto a vyberte buď 'Nový oddiel' alebo 'Nový obyčajný zväzok' alebo 'Nový logický disk'. 6) Zobrazí sa okno 'Sprievodca vytvorením nového oddielu' alebo 'Sprievodca nového jednoduchého zväzku'; nasledujte ich inštrukcie. Na stránke Sprievodca nazvanej 'sformátovať oddiel' vyberte buď 'Naformátovať tento oddiel' alebo 'Naformátovať tento zväzok'. V rovnakom sprievodcovi kliknite 'Ďalší' a potom 'Dokončiť'. 7) Cesta k zariadeniu, ktorú ste vybrali v programe VeraCrypt môže byť teraz nesprávne. Ukončite preto Sprievodcu vytvorením oddielu VeraCrypt (Pokiaľ stále beží) a spustite ho znova. 8) skúste zašifrovať zariadenie/oddiel znova.\n\nPokiaľ VeraCrypt opakovane zlyháva pri šifrovaní zariadenia/oddielu, skúste miesto toho vytvorenie súborového zväzku. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - UPOZORNENIE: Niektoré z pripojených zariadení/oddielov boli už používané!\n\nIgnorovanie môže spôsobiť nežiaduce následky vrátane nestability systému.\n\nDôrazne doporučujeme zatvoriť všetky aplikácie, ktoré by mohli zariadenie/oddiely používať. - Vybrané zariadenie obsahuje oddiely.\n\nSformátovanie zariadenia by mohlo spôsobiť systémovou nestabilitu a/alebo poškodenie údajov. Vyberte prosím oddiel na zariadenie alebo odstráňte všetky oddiely na zariadení, aby ho mohol VeraCrypt bezpečne sformátovať. - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Voľné miesto na disku %s je %.2f bytov. - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - Nie je možné získať voľné písmena diskov. - Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Chyba: zlyhala inicializácia šifry. - Chyba: bol detekovaný slabý alebo potenciálne slabý kľúč. kľúč bude zahodený. skúste to prosím znova. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - Kritická chyba programu VeraCrypt - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Encrypt - &Decrypt - &Permanently Decrypt - &Koniec - Vytvorte prosím logický disk pre tento rozšírený oddiel a potom to skúste znova. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - Zvoľte umiestnenie zväzku VeraCrypt, vo vnútri ktorého chcete vytvoriť skrytý zväzok. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - Chyba: Zväzok nie je možné pripojiť. Hostiteľský súbor/zariadenie je už používané. Pokus o pripojenie bez výhradných práv tiež zlyhal. - Tento súbor nemohol byť otvorený. - Umiestnenie zväzku - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Note: - &Resume - &Defer - &Start - &Continue - &Formátovať - &Wipe - Prerušiť formátovanie? - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - The system partition/drive has been successfully decrypted. - \n\nVeraCrypt zväzok bol vytvorený a je pripravený k použitiu. Pokiaľ chcete vytvoriť ďalší zväzok VeraCrypt, kliknite Ďalší. Inak kliknite Koniec. - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - Zväzok VeraCrypt bol úspešne vytvorený. - Zväzok bol vytvorený - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. - Click Format to create the outer volume. For more information, please refer to the documentation. - Formát externého zväzku - Formát skrytého zväzku - Formát zväzku - Na čítanie alebo tlač Užívateľskej príručky VeraCrypt je nutný prehliadač Adobe Reader (alebo iný kompatibilný nástroj). Adobe Reader (freeware) možno stiahnuť na adrese: www.adobe.com\n\nChcete si radšej pozrieť on-line dokumentáciu? - If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. - If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. - Volume Creation Mode - Skrytý zväzok bol vytvorený - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - Externý zväzok bol úspešne vytvorený a pripojený ako jednotka %hc:. Do tohto zväzku by ste teraz mali nakopírovať nejaké citlivo vyzerajúce súbory, ktoré v skutočnosti NECHCETE skryť. Súbory tam budú uložené pre kohokoľvek, kto by Vás nútil odhaliť heslo. Odhalíte len heslo pre tento externý zväzok, nie pre skrytý. Súbory, na ktorých Vám v skutočnosti záleží, budú uložené v skrytom zväzku, ktorý sa vytvorí neskôr. Po nakopírovaní údajov kliknite Ďalší. Zväzok neodpájajte.\n\nPozn.: Keď kliknete Ďalší, clusterová bitmapa externého zväzku bude naskenovaná pre určenie veľkosti neprerušenej oblasti voľného miesta, ktorého Koniec sa nachádza na konci zväzku. Táto oblasť bude obsahovať skrytý zväzok, takže tým obmedzí svoju maximálnu možnú veľkosť. Skenovanie clusterovej bitmapy zaistí, že žiadne údaje na externom zväzku nebudú prepísané externým zväzkom. - Obsah externého zväzku - \n\nV ďalšom kroku zadáte možnosti pre externý zväzok (vo vnútri ktorého bude neskôr vytvorený skrytý zväzok). - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - Externý zväzok - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nBitmapový cluster zväzku bol naskenovaný a maximálna možná veľkosť skrytého zväzku bola určená. V ďalšom kroku zadáte voľby, veľkosť a heslo pre skrytý zväzok. - Skrytý zväzok - The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - Your computer must be restarted.\n\nDo you want to restart it now? - An error occurred when obtaining the system encryption status. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Cannot initialize application components for system encryption. - Zlyhala inicializácia generátora náhodných čísel! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Aplikácia nemohla byť inicializovaná. Zlyhala registrácia dialógovej triedy. - Error: Failed to load the Rich Edit system library. - Sprievodca vytvorením zväzku VeraCrypt - Maximálna možná veľkosť skrytého zväzku pre tento zväzok je %.2f bytov. - Maximálna možná veľkosť skrytého zväzku pre tento zväzok je %.2f KB. - Maximálna možná veľkosť skrytého zväzku pre tento zväzok je %.2f MB. - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - Heslo/súborový kľúč zväzku nemôže byť zmenený počas jeho pripájania. Zväzok najskôr odpojte. - Derivačný algoritmus pre kľúč hlavičky nemôže byť zmenený počas pripájania zväzku. Zväzok najskôr odpojte. - &Pripojiť - Pre pripojenia tohto oddielu je potrebné novšia verzia programu VeraCrypt. - Chyba: Sprievodca vytvorením zväzku nebol nájdený.\n\nUbezpečte sa prosím, že súbor 'VeraCrypt Format.exe' je v zložke, z ktorého bol 'VeraCrypt.exe' spustený. Pokiaľ nie je, preinštalujte prosím VeraCrypt alebo nájdite 'VeraCrypt Format.exe' na Vašom disku a spustite ho. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Ďalší > - &Dokončiť - &Install - E&xtract - Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. - Nastala chyba pri nahrávaní/príprave fontov. - The drive letter was not found or no drive letter was specified. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Písmeno jednotky nie je k dispozícií. - Nebol vybratý žiaden súbor! - Žiadne písmeno disku nie je k dispozícií. - Nie je k dispozícií žiadne voľné písmeno disku pre externý zväzok! vytvorenie zväzku nie je možné dokončiť. - Verzia Vášho operačného systému nebola rozpoznaná alebo používate nepodporovaný operačný systém. - Nebola vybratá cesta! - Pre skrytý zväzok nie je dostatok voľného miesta! Vytvorenie zväzku nie je možné dokončiť. - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - Ovládač nemôže odpojiť zväzok. Niektoré súbory umiestnené na zväzku sú pravdepodobne ešte otvorené. - Zväzok nemohol byť uzamknutý. Na zväzku sú stále otvorené súbory. Preto nemôže byť odpojený. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - Vyberte zväzok VeraCrypt - Zadajte cestu a meno súboru - Select PKCS #11 Library - Nedostatok pamäti - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? - CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - Heslo - PIM - Zadajte derivačný algoritmus pre kľúč hlavičky - Pridať/Odobrať súborové kľúče do/zo zväzku - Odstrániť všetky súborové kľúče zo zväzku - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Súborový kľúč(e) bol úspešne pridaný/odstránený. - Keyfile exported. - Kľúč hlavičky derivačného algoritmu bol úspešne zadaný. - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. - Zadajte heslo pre skrytý zväzok. - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - Zadajte prosím heslo pre zväzok, v ktorom si prajete vytvoriť skrytý zväzok.\n\nPo kliknutí Ďalší sa VeraCrypt pokúsi zväzok pripojiť. Po pripojení zväzku bude jeho clusterová bitmapa naskenovaná pre zistenie veľkostí neprerušenej oblasti voľného miesta (pokiaľ také vôbec je) ktorého koniec tvorí zároveň koniec zväzku. Táto oblasť bude obsahovať skrytý zväzok, a preto bude jeho maximálnu veľkosť obmedzená. Skenovanie clusterovej mapy je nutné, aby bolo zaistené, že žiadne údaje na externým disku nebudú prepísané skrytým zväzkom. - \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - Heslo externého zväzku - Heslo skrytého zväzku - Password for Hidden Operating System - UPOZORNENIE: Krátke hesla sa dajú jednoducho prelomiť použitím metódy hrubej sily!\n\nDoporučujeme vybrať heslo skladajúce sa z viac ako 20 znakov.\n\nSte si istí, že chcete použiť kratšie heslo? - Heslo zväzku - Nesprávne heslo alebo sa nejedná o zväzok VeraCrypt. - Nesprávny súborový kľúč(y) a/alebo heslo alebo sa nejedná o zväzok VeraCrypt. - Wrong mount mode, incorrect password, or not a VeraCrypt volume. - Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. - Nesprávne heslo alebo nebol nájdený žiaden zväzok VeraCrypt. - Nesprávny súborový kľúč/heslo alebo nebol nájdený žiaden zväzok VeraCrypt. - \n\nUpozornenie: Caps Lock je zapnutý. Tým môžete nesprávne zadať heslo. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Back - Zoznam základných zariadení inštalovaných vo Vašom systéme nemohol byť vytvorený! - Zväzok '%s' už existuje a je len na čítanie. Ste si istý, že ho chcete nahradiť? - Vyberte cieľový adresár - Vyberte súborový kľúč - Zvoľte cestu pre hľadanie súborového kľúča. UPOZORNENIE: Zapamätaná bude len cesta, nie názov súboru! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Veľkosť externého zväzku - Veľkosť skrytého zväzku - Please verify that the size of the selected device/partition shown above is correct and click Next. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Veľkosť zväzku - Dynamický - VÝSTRAHA: AUTOTEST zlyhal! - Autotesty všetkých šifier prebehli v poriadku - The data unit number that you supplied is too long or short. - The secondary key that you supplied is too long or short. - Testovací šifrovaný text, ktorý ste zadali, je príliš dlhý alebo krátky. - Testovací kľúč, ktorý ste zadali, je príliš dlhý alebo krátky. - Testovací čistý text, ktorý ste zadali, je príliš dlhý alebo krátky. - Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt Traveler Disk - Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. - Viac informácií o %s - Neznámy - An unspecified or unknown error occurred (%d). - Niektoré zväzky obsahujú súbory alebo adresáre používané aplikáciami alebo systémom.\n\nVynútiť odpojenie? - &Odpojiť - Odpojenie zlyhalo! - Zväzok obsahuje súbory alebo zložky používané aplikáciami alebo systémom.\n\nVynútiť odpojenie? - No volume is mounted to the specified drive letter. - Zväzok, ktorý sa snažíte pripojiť, je už pripojený. - Došlo k chybe pri pokuse o pripojenie zväzku. - Chyba pri hľadaní umiestnenia vo vnútri zväzku. - Chyba: Nesprávna veľkosť zväzku. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt nemôže zmeniť heslo pre cudzí zväzok. - Vyberte prosím voľné písmeno disku zo zoznamu. - Vyberte prosím najskôr pripojený zväzok zo zoznamu písmen jednotiek. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Chyba: nie je možné vytvoriť autorun.inf - Chyba pri spracovaní súborového kľúča! - Chyba pri spracovaní cesty k súborovému kľúču! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt nepodporuje tento operačný systém. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Chyba: nie je možné prideliť pamäť. - Chyba: Hodnota výkonnostného čítača nemohla byť zistená. - Error: Bad volume format. - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - Legal Notices - Všetky súbory - Zväzky VeraCrypt - Library Modules - NTFS formátovanie nemôže pokračovať. - Zväzok nie je možné pripojiť. - Zväzok nie je možné odpojiť. - Windows nemohol sformátovať zväzok ako NTFS.\n\nVyberte prosím iný systému súborov (ak je to možné) a skúste to znova. Poprípade môžete nechať zväzok nenaformátovaný (vyberte 'Žiaden' systém súborov), Ukončite tohto sprievodcu, pripojte zväzok a potom použite buď systémový nástroj alebo nástroj tretej strany k sformátovaniu pripojeného zväzku (zväzok zostane zašifrovaný). - Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? - Predvolený - partition - ODDIEL - zariadenie - device - ZARIADENIE - Oddiel - volume - VOLUME - Label - Vybraná veľkosť clustra je pre tento zväzok príliš malá. Použije sa väčšia veľkosť clustra. - Chyba: nie je možné zistiť veľkosť zväzku!\n\nUbezpečte sa, že vybraný zväzok nie je používaný systémom alebo aplikáciou. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. - Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. - Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). - Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Chyba: Ku zväzku nie je možné pristúpiť!\n\nUbezpečte sa, že vybraný zväzok existuje, že nie je pripojený používaný systémom alebo aplikáciou, že máte práva na čítanie/zápis zväzku a že zväzok nie je chránený proti zápisu. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Chyba: externý zväzok nie je možné odpojiť!\n\nZväzok nemôže byť odpojený pokiaľ obsahuje súbory alebo zložky používané programom alebo systémom.\n\nZatvorte prosím akýkoľvek program, ktorý by mohol súbory alebo adresáre na zväzku používať a kliknite znova. - Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. - Chyba: nie je možné pristúpiť na externý zväzok! Vytvorenie zväzku nie je možné dokončiť. - Chyba: Nemôžem pripojiť externý zväzok! Vytvorenie zväzku nie je možné dokončiť. - Chyba: nie je možné získať bitmapu clusteru zväzku! Vytvorenie zväzku nie je možné dokončiť. - Abecedne/podľa kategórií - Priemerná rýchlosť (zostupne) - Algoritmus - Šifrovanie - Dešifrovanie - Priemer - Disk - Veľkosť - Šifrovací algoritmus - Šifrovací algoritmus - Typ - Hodnota - Vlastnosť - Oblasť - bytov - Skrytý - Externý - Normálny - System - Hidden (system) - Len na čítanie - System drive - System drive (encrypting - %.2f%% done) - System drive (decrypting - %.2f%% done) - System drive (%.2f%% encrypted) - System partition - Hidden system partition - System partition (encrypting - %.2f%% done) - System partition (decrypting - %.2f%% done) - System partition (%.2f%% encrypted) - Áno (poškodenie zabránené!) - Žiaden - Primary Key Size - Secondary Key Size (XTS Mode) - Tweak Key Size (LRW Mode) - bitov - Veľkosť bloku - PKCS-5 PRF - PKCS-5 počet iterácií - Oddiel bol vytvorený - Hlavička bola naposledy zmenená - (pred %I64d dňami) - Volume Format Version - Embedded Backup Header - VeraCrypt Boot Loader Version - Prvé možné - Removable Disk - Hard disk - Nezmenený - Autodetection - Wizard Mode - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Setup Options - Here you can set various options to control the installation process. - Installing - Please wait while VeraCrypt is being installed. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Extraction Options - Here you can set various options to control the extraction process. - Please wait while files are being extracted. - Files successfully extracted - All files have been successfully extracted to the destination location. - If the specified folder does not exist, it will be automatically created. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Chcete Zobraziť poznámky k vydaniu aktuálnej (poslednej stabilnej) verzii programu VeraCrypt? - Pokiaľ ste ešte nikdy nepoužívali VeraCrypt, doporučujeme Vám prečítať si kapitolu príručka pre nových užívateľov v Užívateľskej príručke. Chcete si prečítať Sprievodcu ? - Please select an action to perform from the following: - Repair/Reinstall - Upgrade - Uninstall - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - Installation failed. - Uninstallation failed. - This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). - Cannot write file %s - Extracting - Cannot read data from the package. - Cannot verify the integrity of this distribution package. - Extraction failed. - Inštalácia bola vrátená späť. - VeraCrypt bol úspešne nainštalovaný. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt bol úspešne odinštalovaný.\n\nKliknite 'Dokončiť' pre odstránenie inštalátora VeraCrypt a zložky %s. Zložka nebude odstránená, pokiaľ obsahuje akékoľvek súbory, ktoré neboli nainštalované inštalátorom alebo programom VeraCrypt. - Odstraňujem záznamy v registroch O programe VeraCrypt - Pridávam záznamy do registrov - Odstraňuje, špecifické údaje aplikácie - Inštalujem - Pozastavujem - Odstraňujem - Pridávam ikonu - Vytváram bod obnovenia - Bod obnovenia sa nepodarilo vytvoriť! - Updating boot loader - Failed to install '%s'. %s\nDo you want to continue installing? - Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? - Inštalácia dokončená. - Zložka '%s' nemohla byť vytvorená - Ovládač zariadenia VeraCrypt nemôže byť odstránený.\n\nZatvorte prosím najskôr všetky okná VeraCrypt. Pokiaľ to nepomôže, reštartujte prosím Windows a skúste to znova. - Všetky zväzky VeraCrypt musí byť odpojené pred inštaláciou alebo odinštaláciou programu VeraCrypt. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - Inštalácia záznamov do registrov zlyhala - Inštalácie ovládača zariadenia zlyhala. Reštartujte prosím Windows a skúste potom nainštalovať VeraCrypt znova. - Štartujem ovládač VeraCrypt zariadenia - Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). - Inštalujem ovládač VeraCrypt zariadenia - Zastavujem ovládač VeraCrypt zariadenia - Odinštalovanie ovládača VeraCrypt zariadenia - Registrácia podpornej knižnice pre kontrolu užívateľského účtu zlyhala. - Odregistrácia podpornej knižnice pre kontrolu užívateľského účtu zlyhala. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - Error: Cannot display license. - externý(!) - dní - hodín - minút - s - Otvoriť - Odpojiť - Zobraziť VeraCrypt - Skryť VeraCrypt - Prečítané dáta od pripojenia - Zapísané dáta od pripojenia - Encrypted Portion - 100% (fully encrypted) - 0% (not encrypted) - %.3f%% - 100% - Waiting - Preparing - Resizing - Encrypting - Decrypting - Finalizing - Paused - Finished - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Zadajte heslo pre %s - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - Súborový kľúč bol úspešne vytvorený. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - Záloha hlavičky zväzku bola úspešne vytvorená.\n\nDÔLEŽITÉ: obnovením hlavičky zväzku s použitím tejto zálohy sa tiež obnoví aktuálne heslo pre zväzok. Pokiaľ je/sú potrebný súborový kľúč(e) pre pripojenia zväzku, ten istý súborový kľúč/e bude potrebný pre pripojenia zväzku znova až bude hlavička opäť vytvorená.\n\nVAROVANIE: Táto záloha hlavičky zväzku môže byť použitá k obnoveniu len tohto zväzku. Pokiaľ použijete túto zálohu hlavičky k obnoveniu hlavičky iného zväzku, budete môcť zväzok pripojiť, ale NEBUDETE schopný dešifrovať akékoľvek údaje uložené na zväzku (pretože zmeníte jeho Hlavný kľúč). - Hlavička zväzku bola úspešne obnovená.\n\nDÔLEŽITÉ: Staré heslo mohlo byť tiež obnovené. Pokiaľ bol v čase zálohy potrebný k pripojeniu zväzku súborový kľúč(e), rovnaký súborový kľúč(e) bude teraz potrebný opätovnému pripojeniu zväzku. - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - Naozaj chcete Obnoviť hlavičku zväzku pre %s?\n\nUPOZORNENIE: obnovením hlavičky zväzku obnovíte tiež jeho heslo, ktoré bolo platné v čase vytvorenia zálohy. Pokiaľ bol potrebný súborový kľúč(e) k pripojenia zväzku v čase vytvorenia zálohy, rovnaký súborový kľúč(e) bude potrebný k opätovnému pripojeniu zväzku po obnovení hlavičky zväzku.\n\nPo kliknutí na Áno, zvoľte záložný súbor hlavičky. - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. - The VeraCrypt Rescue Disk has been successfully verified. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Error creating VeraCrypt Rescue Disk. - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Pred pokračovaním odpojte prosím zväzok. - Error: Cannot set timer. - Skontrolovať systém súborov - Opraviť systém súborov - Add to Favorites... - Add to System Favorites... - P&roperties... - Skrytý zväzok je chránený - N/A - Áno - Nie - Disabled - 1 - 2 or more - Operačný mód - Label: - Size: - Path: - Drive Letter: - Chyba: Heslo musí obsahovať len ASCII znaky.\n\nNe-ASCII znaky v hesle môžu spôsobiť nemožnosť pripojenia zväzku pri zmene Vašej systémovej konfigurácie.\n\nPovolené sú nasledujúce znaky:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Upozornenie: Heslo obsahuje ne-ASCII znaky. Toto môže spôsobiť nemožnosť pripojenia zväzku pri zmene Vašej systémovej konfigurácie.\n\nMali by ste zameniť všetky ne-ASCII znaky v hesle za ASCII znaky. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nToto sú ASCII znaky:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Domovská stránka - UPOZORNENIE: Zdá sa, že ste nenainštalovali žiaden Service Pack vo Vašej používa Windows. Nemali by ste zapisovať na IDE disky väčšie ako 128 GB v systéme Windows XP, v ktorom ste nenainštalovali Service Pack 1 alebo novší! Pokiaľ tak učiníte, údaje na disku (bez ohľadu na to, či ide o zväzok VeraCrypt alebo ne) sa môžu poškodiť. Toto je obmedzenie Windows, nie chyba programu VeraCrypt. - UPOZORNENIE: Zdá sa, že ste nenainštalovali Service Pack 3 alebo novší vo Vašej inštalácii Windows. Nemali by ste zapisovať na disky väčšie ako 128 GB v systéme Windows 2000, v ktorom ste nenainštalovali Service Pack 3 alebo novší! Pokiaľ tak učiníte, údaje na disku (bez ohľadu na to, či ide o zväzok VeraCrypt alebo nie) sa môžu poškodiť. Toto je obmedzenie Windows, nie chyba programu VeraCrypt.\n\nPozn.: Možno tiež bude potrebné zapnúť podporu 48-bit LBA v registroch; pre viac informácií viď http://support.microsoft.com/kb/305098/EN-US - VAROVANIE: Podpora 48-bit LBA ATAPI je vo Vašom systéme zakázaná. Preto by ste nemali zapisovať na IDE disky väčšie ako 128 GB! Pokiaľ tak učiníte, údaje na disku (či už je to VeraCrypt zväzok alebo nie) sa môžu poškodiť. Toto je obmedzenie Windows, nie programu VeraCrypt.\n\nPre povolenie podpory 48-bit LBA, pridajte hodnotu 'EnableBigLba' do registrov v reg. kľúči HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and zadajte mu hodnotu 1.\n\nPre viac informácií viď http://support.microsoft.com/kb/305098 - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - UPOZORNENIE: pokiaľ budete chcieť v budúcností prídávať viac dát/súborov/files na externý zväzok, mali by ste zvážiť či nevybrať menšiu veľkosť skrytého zväzku.\n\nSte si istí, že chcete pokračovať so zadanou veľkosťou? - Nie je vybratý žiaden zväzok.\n\nKliknite 'Vybrať zariadenie' alebo 'Vybrať súbor' pre výber zväzku VeraCrypt. - No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. - WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? - Autom. pripojiť zariadenie - Odpojiť všetko - Vyčistiť Cache - Dismount All & Wipe Cache - Vynútiť odpojenie všetkých & Vyčistiť medzipamäť - Vynútiť odpojenie všetkých, Vyčistiť medzipamäť & Koniec - Pripojiť obľúbené oddiely - Zobraziť/skryť Hlavné okno programe VeraCrypt - (Kliknite sem a stlačte klávesu) - Akcia - Klávesová skratka - Chyba: Táto klávesová skratka je rezervovaná. Vyberte prosím inú klávesovú skratku. - Chyba: Klávesová skratka sa už používa. - VÝSTRAHA: Jedna alebo viac VeraCrypt systémových klávesových skratiek nebude fungovať!\n\nUbezpečte sa, že ďalšie aplikácie a operačný systém nepoužívajú rovnaké klávesové skratky ako VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - UPOZORNENIE: pokiaľ je táto voľba vypnutá, zväzky obsahujúce otvorené súbory/adresáre nebude možné automaticky odpojiť.\n\nSte si istí, že chcete túto voľbu vypnúť? - UPOZORNENIE: zväzky obsahujúce otvorené súbory/adresáre nebudú automaticky odpojené.\n\nAby ste tomu zabránili, povoľte nasledujúcu voľbu v tomto dialógovom okne: 'Vynútiť automatické odpojenie, aj keď zväzok obsahuje otvorené súbory alebo adresáre' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Exit? - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. - Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. - Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. - Error: Failed to interrupt the process of wiping. - Error: Failed to resume the process of encryption/decryption of the system partition/drive. - Error: Failed to start the process of wiping. - Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - UPOZORNENIE: VeraCrypt možnosť úloha na pozadí je vypnutá. Po skončení programu VeraCrypt, či je zabránené poškodenie skrytého zväzku.\n\nPozn.: úlohu na pozadí môžete kedykoľvek zatvoriť kliknutím pravého tlačidla myši na ikonu programu VeraCrypt v pravom dolnom rohu a vyberte 'Koniec'.\n\nPovoliť VeraCrypt úlohu na pozadí? - Verzia jazykového balíčka: %s - Kontrolujem systém súborov na zväzku VeraCrypt pripojeného ako %s... - Pokúšam sa opraviť súborový systém na zväzku VeraCrypt pripojenom ako %s... - Varovanie: Tento zväzok je zašifrovaný odkazovaným šifrovacím algoritmom.\n\nVšetky 64-bit-blokové šifrovacie algoritmy (napr. Blowfish, CAST-128 alebo Triple DES) sú neschválené. Tento zväzok bude možné pripojiť použitím budúcej verzia programu VeraCrypt. Treba si tiež uvedomiť, že žiadne ďalšie vylepšenia týchto odkazovaných šifrovacích algoritmov nebudú. Doporučujeme Vám vytvoriť nový VeraCrypt zväzok zašifrovaný 128-bit-blokovým šifrovacím algoritmem (napr. AES, Serpent, Twofish, apod.) a presuňte všetky súboru z tohto zväzku do nového. - Váš systém nie je nakonfigurovaný k autom. pripojeniu nových zväzkov. Môže sa stať, že zväzky VeraCrypt umiestnené na zariadeniach nebude možné pripojiť. Autom. pripojenia môže byť povolené spustením nasledujúceho príkazu a reštartovaním systému.\n\nmountvol.exe /E - Priraďte prosím písmeno jednotke oddielu/zariadeniu, ako budete pokračovať ('Ovládacie panely' > 'Systém a údržba' > 'Administr. nástroje' - 'Vytvoriť a formátovať oddiely pevného disku').\n\nToto je požiadavka operačného systému. - Pripojiť zväzok VeraCrypt - Odpojiť všetky zväzky VeraCrypt - VeraCrypt nemohol získať Administrátorské práva. - Prístup bol odoprený operačným systémom.\n\nMožná príčina: operačný systém vyžaduje, aby ste mali práva na čítanie/zápis (alebo administrátorské oprávnenia) pre určité zložky, súbory a zariadenia, aby ste mohli čítať a zapisovať údaje do/z nich. Užívateľ bez administrátorských práv môže normálne vytvárať, čítať a meniť súbory vo svojej zložke s dokumentmi. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. - The feature is not supported on the version of the operating system you are currently using. - VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. - CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). - Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - Your system partition/drive appears to be fully encrypted. - VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). - As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - This algorithm is currently not supported for system encryption. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. - Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. - As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. - VeraCrypt prevented change of keyboard layout. - Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - Error: Cannot save system encryption settings. - Cannot initiate the system encryption pretest. - Cannot initiate the process of creation of the hidden operating system. - Wipe Mode - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - None (fastest) - 1-pass (random data) - 3-pass (US DoD 5220.22-M) - 7-pass (US DoD 5220.22-M) - 35-pass ("Gutmann") - 256-pass - Number of Operating Systems - WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Boot Drive - Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. - VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. - Number of System Drives - How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. - VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. - Multiple Systems on Single Drive - Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. - Non-Windows Boot Loader - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - Multi-Boot - VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - Detecting Hidden Sectors - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - Area to Encrypt - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Collecting Random Data - Keys Generated - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Rescue Disk Recording - Rescue Disk Created - System Encryption Pretest - Rescue Disk Verified - \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? - Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Pretest Completed - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - Do you want to cancel the system encryption pretest? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - The system partition/drive does not appear to be encrypted (neither partially nor fully). - Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. - An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. - Error: The process of encryption of the partition/drive has not been completed. It must be completed first. - Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - Error: Incorrect/invalid parameter. - You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? - Do you want to create a VeraCrypt file container instead? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Are you sure you want to permanently decrypt the system partition/drive? - CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Failed to upgrade the VeraCrypt Boot Loader. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. - Skip detection of hidden sectors (use the size reported by the operating system) - Try to detect hidden sectors again - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Rescue Disk - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Test - Súborový kľúč - Backspace - Tab - Clear - Enter - Pauza - Caps Lock - Medzerník - Page Up - Page Down - End - Home - Šípka vľavo - Šípka nahor - Šípka doprava - Šípka nadol - Vybrať - Klávesa pre tlač - Klávesa Spustiť - Print Screen - Insert - Delete - Aplikačná klávesa - Uspať počítač - Num Lock - Scroll Lock - Prehliadač - späť - Prehliadač - vpred - Prehliadač - obnoviť - Prehliadač - stop - Prehliadač - hlľadať - Prehliadač - obľúbené - Domovská stránka prehliadača - Vypnúť zvuk - Znížiť hlasitosť - Zvýšiť hlasitosť - Ďalšia stopa - Predošlá stopa - Stop - Hrať/Pauza - Emailový prehliadač - Klávesa pre výber média - Aplikácia 1 - Aplikácia 2 - Attn - CrSel - ExSel - Prehrať - Zväčšiť - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Zrušiť + Install &for all users + Bro&wse... + Pridať ikonu VeraCrypt na p&lochu + Donate now... + Associate the .hc file &extension with VeraCrypt + &Open the destination location when finished + Pridať VeraCrypt do &Štart menu + Vytvoriť bod &obnovenia + &Odinštalovať + &Extract + &Install + VeraCrypt Setup Wizard + Odinštalovať VeraCrypt + &Nápoveda + Please select or type the location where you want to place the extracted files: + Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. + Click Uninstall to remove VeraCrypt from this system. + Prerušiť + &Benchmark + &Otestovať + Create encrypted volume and format it + Encrypt partition in place + Display generated keys (their portions) + Zobraziť generovaný obsah + Download CD/DVD recording software + Create an encrypted file container + &GB + &TB + More information + Hi&dden VeraCrypt volume + More information about hidden volumes + Direct mode + Normal mode + &KB + &Použiť súborové kľúče + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + Súborové &kľúče... + Informácie o hash. algoritmoch + Viac informácií + Information on PIM + &MB + More information + More information about system encryption + More information + Multi-boot + Encrypt a non-system partition/drive + Neukladať &históriu + Otvoriť externý zväzok + &Pause + Use P&IM + Use PIM + Rýchlo sformátovať + &Ukázať heslo + &Display password + &Display PIM + Single-boot + Standard VeraCrypt volume + Hi&dden + Normal + Encrypt the system partition or entire system drive + Encrypt the Windows system partition + Encrypt the whole drive + VeraCrypt Volume Creation Wizard + Cluster + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. + &Potvrdiť: + Hotovo + Drive letter: + Šifrovací algoritmus + Systém súborov + Creates a virtual encrypted disk within a file. Recommended for inexperienced users. + Predvoľby + Hashovací algoritmus + Kľúč hlavičky: + Zostáva + Hlavný kľúč: + Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + Current pool content (partial) + Pass + Heslo: + Volume PIM: + Volume PIM: + Progress: + Náhodný výber: + Select this option if there is only one operating system installed on this computer (even if it has multiple users). + Rýchlosť + Status + The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. + Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Wipe mode: + Zatvoriť + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + Nerobiť nič + &Automaticky pripojiť zväzok VeraCrypt (uvedené nižšie) + &Spustiť VeraCrypt + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + Prechádzať... + Prechádzať... + Ukladať &hesla a súborové kľúče do medzipamäte + Skončiť pokiaľ neexistuje žiaden pripojený zväzok + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + Zahrnúť Sprievodca vytvorením zväzku VeraCrypt + Vytvoriť + V&ytvoriť zväzok + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Použiť súbor. kľúče + Použiť súbor. kľúče + &Koniec + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Priradiť + Odstrániť + Súbor. kľúče... + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + &Autom. pripojiť zariadenie + Možnosti pripojenia + Pripojiť zväzok len &na čítanie + Súbor. kľúče... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Povolené + Ukladať hesla do pamäti ovládača + Autom. odpojiť zväzok pokiaľ z/do neho nebolo čítané/zapisované + Užívateľ sa odhlasuje + User session locked + Prechádzam do úsporného režimu + Je spustený šetrič obrazovky + Vynútiť automatické odpojenie aj keď zväzok obsahuje otvorené súbory alebo adresáre + Príp. všetky zväzky umiestnené na zariadeniach + Start VeraCrypt Background Task + Pripojiť zväzky len na čítanie + Pripojiť zväzky ako vymeniteľné média + Otvoriť okno Prieskumníka pre úspešne pripojený zväzok + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Odstrániť hesla z medzipamäte a automaticky odpojiť + Odstrániť hesla z medzipamäte pri skončenie + Preserve modification timestamp of file containers + Vymazať + Vybrať &zariadenie... + Vybrať &súbor... + Select &Library... + Zobraziť heslo + Zobraziť heslo + Otvoriť okno &Prieskumníka pre pripojený zväzok + &Ukladať hesla do medzipamäte + TrueCrypt Mode + O&dpojiť všetko + Vlastnos&ti zväzku... + &Nástroje zväzku... + Vyčistiť &medzipamäť + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - Systémové klávesové skratky + VeraCrypt + Change Password or Keyfiles + Zadajte heslo zväzku VeraCrypt + VeraCrypt - Performance and Driver Options + VeraCrypt - predvoľby + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + VeraCrypt Traveler Disk Setup + Vlastnosti zväzku VeraCrypt + O programe... + Pridať/Odobrať súborové kľúče do/z zväzku... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Zálohovať hlavičku zväzku... + Test rýchlosti... + Zadajte derivačný algoritmus pre kľúč hlavičky... + Zmeniť heslo zväzku... + Set Header Key Derivation Algorithm... + Change Password... + Vymazať históriu zväzku + Close All Security Token Sessions + Kontakt... + Create Hidden Operating System... + Create Rescue Disk... + Vytvoriť nový zväzok... + Permanently Decrypt... + Pôvodné (default) súborové kľúče... + Default Mount Parameters... + Donate now... + Encrypt System Partition/Drive... + Často kladené otázky + Užívateľská príručka + &Domovská stránka + Klávesové skratky... + Generátor súborového kľúča + Jazyk... + Licencia + Manage Security Token Keyfiles... + Automaticky pripojiť všetky zväzky na zariadenie + Pripojiť obľúbené zväzky + Mount Without Pre-Boot &Authentication... + Pripojiť zväzok + Pripojiť zväzky s predvoľbami + Novinky + On-line nápoveda + Návod pre začiatočníkov + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Permanently Decrypt System Partition/Drive + Predvoľby... + Obnoviť písmena diskov + Odstrániť všetky súborové kľúče zo zväzku... + Obnoviť hlavičku zväzku... + Resume Interrupted Process + Vybrať zariadenie... + Vybrať súbor... + Resume Interrupted Process + System Encryption... + Properties... + Settings... + System Favorite Volumes... + Na stiahnutie + Testovacie vektory... + Security Tokens... + Traveler Disk Setup... + Odpojiť všetky pripojené zväzky + Odpojiť zväzok + Verify Rescue Disk + Verify Rescue Disk ISO Image + História verzií + Volume Expander + Vlastnosti zväzku + Sprievodca vytvorením zväzku + Domovská stránka VeraCrypt + Odstrániť hesla z medzipamäte + OK + Hardware Acceleration + Klávesová skratka + Konfigurácia automatického spúšťania (autorun.inf) + Automatické odpojenie + Odpojiť vše keď: + Boot Loader Screen Options + Potvrdiť heslo: + Aktuálny + Display this custom message in the pre-boot authentication screen (24 characters maximum): + Pôvodné (default) predvoľby pripojenia + Predvoľby klávesových skratiek + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Nastavanie súboru + Kláves k priradeniu: + Processor (CPU) in this computer supports hardware acceleration for AES: + Akcia na vykonanie po prihlásení do Windows + minút + Pripojiť zväzok s písm. disku: + Predvoľby pripájania + Nové + Heslo: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + Medzipamäť pre hesla + Security Options + VeraCrypt úloha na pozadí + VeraCrypt volume to mount (relative to traveler disk root): + Upon insertion of traveler disk: + Create traveler disk files at (traveler disk root directory): + Zväzok + Windows + Pridať &cestu... + &Auto-test všetkých + &Continue + &Dešifrovať + &Delete + &Šifrovať + &Export... + Generovať a uložiť súborový kľúč... + &Generovať náhodný súborový kľúč... + Stiahnuť jazykový balíček + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + &Použiť súborové kľúče + Súbor. k&ľúče... + &Odstrániť + Odstrániť &všetky + Čo je ochrana skrytého zväzku? + More information on keyfiles + Pripojiť zväzok ako vymeniteľné &médium + Mount partition &using system encryption without pre-boot authentication + Parallelization: + Test rýchlosti + &Print + &Chrániť skrytý zväzok proti poškodeniu spôsobeného zápisom do vonkajšieho zväzku + &Vynulovať + &Zobraziť heslo + Add &Token Files... + Use backup header embedded in &volume if available + XTS mode + O programe VeraCrypt + VeraCrypt - test rýchlosti šifrovacích algoritmov + VeraCrypt - test vektorov + Nápoveda príkazového riadka + VeraCrypt - súborové kľúče + VeraCrypt - generátor súborových kľúčov + VeraCrypt - jazyk + VeraCrypt - možnosti pripojenia + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Vyberte oddiel alebo zariadenie + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Aktívny jazykový balíček + Rýchlosť je ovplyvnená zaťažením procesora a vlastnosťami úložného zariadenia.\n\nTieto testy prebiehajú v pamäti RAM. + Veľkosť bufferu: + Algoritmus: + H&eslo pre skrytý zväzok:\n(medzipam., keď je prázdné) + Ochrana skrytého zväzku + Veľkosť kľúča: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. + VÝSTRAHA: Ak stratíte súborový kľúč alebo sa zmení jediný bit z prvých 1024 kilobytov, nebude viac možné pripojiť zväzok používajúci súbor. kľúč! + bitov + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Preložil: + Veľkosť obyč. textu: + bitov + Aktuálny generovaný obsah + Mixovací PRF: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Secondary key (hexadecimal) + Security token: + Metóda triedenia: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Block number: + Šifrovaný text (hexadecimálne) + Data unit number (64-bit hexadecimal, data unit size is 512 bytes) + Kľúč (hexadecimálne) + Obyčajný text (hexadecimálne) + Keyfile name: + XTS mode + S&ystem + &Zväzky + Favor&ites + &Nástroje + Settin&gs + Náp&oveda + &Domovská stránka + + &O programe... + Atribút na čítanie na vašom starom zväzku nemohol byť zmenený. Skontrolujte prosím prístupové práva k súboru. + Chyba: Prístup zamietnutý.\n\nOddiel, na ktorý sa snažíte pristúpiť má buď 0 sektorov alebo je to zavádzacie zariadenie. + Administrator + Pre nahratie ovládača VeraCrypt musíte byť prihlásený ako administrátor. + Pre šifrovanie/Dešifrovanie/formátovanie oddielu/zariadenia musíte byť prihlásený s administrátorskými právami.\n\nToto sa netýka zväzkov, ktoré sú vytvorené zo súborov. + Pre vytvorenie skrytého zväzku musíte byť prihlásený s administrátorskými právami.\n\nPokračovať? + Pre sformátovanie zväzku systémom NTFS musíte byť prihlásený s administrátorskými právami.\n\nBez administrátorských práv môžete zväzok sformátovať systémom súborov FAT. + FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. + Zväzok je už pripojený. + UPOZORNENIE: Aspoň jeden šifrovací alebo hashovací algoritmus zlyhal pri internom automatickom testovaní!\n\nVeraCrypt inštalácia môže byť poškodená. + UPOZORNENIE: V zhromažďovači náhodných čísel nie je dosť informácií k poskytnutiu požadovaného množstva náhodných dát.\n\nĎalej by ste nemali pokračovať. Vyberte 'Ohlásiť chybu' z menu Nápovedy a oznámte túto chybu. + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Neplatné písmeno disku. + Invalid path. + Zrušiť + Zariadenie nie je prístupné. Ubezpečte sa, že vybraté zariadenie existuje a nie je používané systémom. + UPOZORNENIE: Caps Lock je zapnutý. Toto by mohlo spôsobiť zadanie nesprávneho hesla. + Volume Type + It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. + Select this option if you want to create a normal VeraCrypt volume. + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + Šifrovacie predvoľby externého zväzku + Šifrovacie predvoľby skrytého zväzku + Predvoľby šifrovania + UPOZORNENIE: Nepodarilo sa vyčistiť cestu naposledy vybraného zväzku/súborového kľúča (zapamätané pri výbere súboru)! + Chyba: súborový zväzok bol skomprimovaný na úrovni systému súborov. VeraCrypt nepodporuje skomprimované súborové zväzky (pozn.: kompresia zašifrovaných dát je neefektívna a zbytočná).\n\nVypnite, prosím, kompresiu pre súborový zväzok podľa nasledujúcich krokov: 1) kliknite pravým tlačidlom myši na súborový zväzok v Prieskumníkovi Windows (nie v programe VeraCrypt). 2) Vyberte 'Vlastnosti'. 3) V dialógovom okne 'Vlastnosti' kliknite 'Upresniť'. 4) V dialógovom okne 'Upresniť atribúty', zrušte voľbu 'Komprimovať obsah a šetriť tak miesto na disku' a kliknite 'OK'. 5) V dialógovom okne 'Vlastnosti' kliknite 'OK'. + Vytvorenie zväzku %s zlyhalo + Veľkosť %s je %.2f bajtov + Veľkosť %s je %.2f KB + Veľkosť %s je %.2f MB + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + VÝSTRAHA: zariadenie/oddiel sa používa operačným systémom alebo aplikáciami. Formátovanie zariadenia/oddielu môže spôsobiť poškodenie dát alebo systémovou nestabilitu.\n\nPokračovať? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + Chyba: zariadenie/oddiel obsahuje systém súborov, ktorý nie je možné pripojiť. Systém súborov môže byť používaný operačným systémom. Formátovanie zariadenia/oddielu by pravdepodobne spôsobilo poškodenie dát a systémovou nestabilitu.\n\nPre vyriešenie tohto problému doporučujeme najskôr zmazať oddiel a potom ho znova vytvoriť bez formátovania. Postupujte nasledovne: 1) Pravý-klik myšou na ikonu 'Tento počítač' alebo v menu 'Štart' vyberte 'Spravovať'. Zobrazí sa okno 'Správa počítača'. 2) V okne 'Správa počítača' vyberte 'ukladací priestor' > 'Správa diskov'. 3) Pravý-klik myšou na oddiel, ktorý chcete zašifrovať a vyberte buď 'zmazať oddiel' alebo 'zmazať zväzok' alebo 'zmazať logický disk'. 4) kliknite 'Áno'. pokiaľ sa Windows opýta na reštart počítača, vykonajte tak. Potom zopakujte kroky 1 a 2 a pokračujte od kroku 5. 5) Pravý-klik na nealokované/Voľné miesto a vyberte buď 'Nový oddiel' alebo 'Nový obyčajný zväzok' alebo 'Nový logický disk'. 6) Zobrazí sa okno 'Sprievodca vytvorením nového oddielu' alebo 'Sprievodca nového jednoduchého zväzku'; nasledujte ich inštrukcie. Na stránke Sprievodca nazvanej 'sformátovať oddiel' vyberte buď 'Naformátovať tento oddiel' alebo 'Naformátovať tento zväzok'. V rovnakom sprievodcovi kliknite 'Ďalší' a potom 'Dokončiť'. 7) Cesta k zariadeniu, ktorú ste vybrali v programe VeraCrypt môže byť teraz nesprávne. Ukončite preto Sprievodcu vytvorením oddielu VeraCrypt (Pokiaľ stále beží) a spustite ho znova. 8) skúste zašifrovať zariadenie/oddiel znova.\n\nPokiaľ VeraCrypt opakovane zlyháva pri šifrovaní zariadenia/oddielu, skúste miesto toho vytvorenie súborového zväzku. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + UPOZORNENIE: Niektoré z pripojených zariadení/oddielov boli už používané!\n\nIgnorovanie môže spôsobiť nežiaduce následky vrátane nestability systému.\n\nDôrazne doporučujeme zatvoriť všetky aplikácie, ktoré by mohli zariadenie/oddiely používať. + Vybrané zariadenie obsahuje oddiely.\n\nSformátovanie zariadenia by mohlo spôsobiť systémovou nestabilitu a/alebo poškodenie údajov. Vyberte prosím oddiel na zariadenie alebo odstráňte všetky oddiely na zariadení, aby ho mohol VeraCrypt bezpečne sformátovať. + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Voľné miesto na disku %s je %.2f bytov. + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + Nie je možné získať voľné písmena diskov. + Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Chyba: zlyhala inicializácia šifry. + Chyba: bol detekovaný slabý alebo potenciálne slabý kľúč. kľúč bude zahodený. skúste to prosím znova. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + Kritická chyba programu VeraCrypt + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Encrypt + &Decrypt + &Permanently Decrypt + &Koniec + Vytvorte prosím logický disk pre tento rozšírený oddiel a potom to skúste znova. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + Zvoľte umiestnenie zväzku VeraCrypt, vo vnútri ktorého chcete vytvoriť skrytý zväzok. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + Chyba: Zväzok nie je možné pripojiť. Hostiteľský súbor/zariadenie je už používané. Pokus o pripojenie bez výhradných práv tiež zlyhal. + Tento súbor nemohol byť otvorený. + Umiestnenie zväzku + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Note: + &Resume + &Defer + &Start + &Continue + &Formátovať + &Wipe + Prerušiť formátovanie? + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + The system partition/drive has been successfully decrypted. + \n\nVeraCrypt zväzok bol vytvorený a je pripravený k použitiu. Pokiaľ chcete vytvoriť ďalší zväzok VeraCrypt, kliknite Ďalší. Inak kliknite Koniec. + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + Zväzok VeraCrypt bol úspešne vytvorený. + Zväzok bol vytvorený + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. + Click Format to create the outer volume. For more information, please refer to the documentation. + Formát externého zväzku + Formát skrytého zväzku + Formát zväzku + Na čítanie alebo tlač Užívateľskej príručky VeraCrypt je nutný prehliadač Adobe Reader (alebo iný kompatibilný nástroj). Adobe Reader (freeware) možno stiahnuť na adrese: www.adobe.com\n\nChcete si radšej pozrieť on-line dokumentáciu? + If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. + If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. + Volume Creation Mode + Skrytý zväzok bol vytvorený + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + Externý zväzok bol úspešne vytvorený a pripojený ako jednotka %hc:. Do tohto zväzku by ste teraz mali nakopírovať nejaké citlivo vyzerajúce súbory, ktoré v skutočnosti NECHCETE skryť. Súbory tam budú uložené pre kohokoľvek, kto by Vás nútil odhaliť heslo. Odhalíte len heslo pre tento externý zväzok, nie pre skrytý. Súbory, na ktorých Vám v skutočnosti záleží, budú uložené v skrytom zväzku, ktorý sa vytvorí neskôr. Po nakopírovaní údajov kliknite Ďalší. Zväzok neodpájajte.\n\nPozn.: Keď kliknete Ďalší, clusterová bitmapa externého zväzku bude naskenovaná pre určenie veľkosti neprerušenej oblasti voľného miesta, ktorého Koniec sa nachádza na konci zväzku. Táto oblasť bude obsahovať skrytý zväzok, takže tým obmedzí svoju maximálnu možnú veľkosť. Skenovanie clusterovej bitmapy zaistí, že žiadne údaje na externom zväzku nebudú prepísané externým zväzkom. + Obsah externého zväzku + \n\nV ďalšom kroku zadáte možnosti pre externý zväzok (vo vnútri ktorého bude neskôr vytvorený skrytý zväzok). + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + Externý zväzok + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nBitmapový cluster zväzku bol naskenovaný a maximálna možná veľkosť skrytého zväzku bola určená. V ďalšom kroku zadáte voľby, veľkosť a heslo pre skrytý zväzok. + Skrytý zväzok + The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + Your computer must be restarted.\n\nDo you want to restart it now? + An error occurred when obtaining the system encryption status. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Cannot initialize application components for system encryption. + Zlyhala inicializácia generátora náhodných čísel! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Aplikácia nemohla byť inicializovaná. Zlyhala registrácia dialógovej triedy. + Error: Failed to load the Rich Edit system library. + Sprievodca vytvorením zväzku VeraCrypt + Maximálna možná veľkosť skrytého zväzku pre tento zväzok je %.2f bytov. + Maximálna možná veľkosť skrytého zväzku pre tento zväzok je %.2f KB. + Maximálna možná veľkosť skrytého zväzku pre tento zväzok je %.2f MB. + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + Heslo/súborový kľúč zväzku nemôže byť zmenený počas jeho pripájania. Zväzok najskôr odpojte. + Derivačný algoritmus pre kľúč hlavičky nemôže byť zmenený počas pripájania zväzku. Zväzok najskôr odpojte. + &Pripojiť + Pre pripojenia tohto oddielu je potrebné novšia verzia programu VeraCrypt. + Chyba: Sprievodca vytvorením zväzku nebol nájdený.\n\nUbezpečte sa prosím, že súbor 'VeraCrypt Format.exe' je v zložke, z ktorého bol 'VeraCrypt.exe' spustený. Pokiaľ nie je, preinštalujte prosím VeraCrypt alebo nájdite 'VeraCrypt Format.exe' na Vašom disku a spustite ho. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Ďalší > + &Dokončiť + &Install + E&xtract + Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. + Nastala chyba pri nahrávaní/príprave fontov. + The drive letter was not found or no drive letter was specified. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Písmeno jednotky nie je k dispozícií. + Nebol vybratý žiaden súbor! + Žiadne písmeno disku nie je k dispozícií. + Nie je k dispozícií žiadne voľné písmeno disku pre externý zväzok! vytvorenie zväzku nie je možné dokončiť. + Verzia Vášho operačného systému nebola rozpoznaná alebo používate nepodporovaný operačný systém. + Nebola vybratá cesta! + Pre skrytý zväzok nie je dostatok voľného miesta! Vytvorenie zväzku nie je možné dokončiť. + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + Ovládač nemôže odpojiť zväzok. Niektoré súbory umiestnené na zväzku sú pravdepodobne ešte otvorené. + Zväzok nemohol byť uzamknutý. Na zväzku sú stále otvorené súbory. Preto nemôže byť odpojený. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + Vyberte zväzok VeraCrypt + Zadajte cestu a meno súboru + Select PKCS #11 Library + Nedostatok pamäti + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? + CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + Heslo + PIM + Zadajte derivačný algoritmus pre kľúč hlavičky + Pridať/Odobrať súborové kľúče do/zo zväzku + Odstrániť všetky súborové kľúče zo zväzku + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Súborový kľúč(e) bol úspešne pridaný/odstránený. + Keyfile exported. + Kľúč hlavičky derivačného algoritmu bol úspešne zadaný. + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. + Zadajte heslo pre skrytý zväzok. + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + Zadajte prosím heslo pre zväzok, v ktorom si prajete vytvoriť skrytý zväzok.\n\nPo kliknutí Ďalší sa VeraCrypt pokúsi zväzok pripojiť. Po pripojení zväzku bude jeho clusterová bitmapa naskenovaná pre zistenie veľkostí neprerušenej oblasti voľného miesta (pokiaľ také vôbec je) ktorého koniec tvorí zároveň koniec zväzku. Táto oblasť bude obsahovať skrytý zväzok, a preto bude jeho maximálnu veľkosť obmedzená. Skenovanie clusterovej mapy je nutné, aby bolo zaistené, že žiadne údaje na externým disku nebudú prepísané skrytým zväzkom. + \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + Heslo externého zväzku + Heslo skrytého zväzku + Password for Hidden Operating System + UPOZORNENIE: Krátke hesla sa dajú jednoducho prelomiť použitím metódy hrubej sily!\n\nDoporučujeme vybrať heslo skladajúce sa z viac ako 20 znakov.\n\nSte si istí, že chcete použiť kratšie heslo? + Heslo zväzku + Nesprávne heslo alebo sa nejedná o zväzok VeraCrypt. + Nesprávny súborový kľúč(y) a/alebo heslo alebo sa nejedná o zväzok VeraCrypt. + Wrong mount mode, incorrect password, or not a VeraCrypt volume. + Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. + Nesprávne heslo alebo nebol nájdený žiaden zväzok VeraCrypt. + Nesprávny súborový kľúč/heslo alebo nebol nájdený žiaden zväzok VeraCrypt. + \n\nUpozornenie: Caps Lock je zapnutý. Tým môžete nesprávne zadať heslo. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Back + Zoznam základných zariadení inštalovaných vo Vašom systéme nemohol byť vytvorený! + Zväzok '%s' už existuje a je len na čítanie. Ste si istý, že ho chcete nahradiť? + Vyberte cieľový adresár + Vyberte súborový kľúč + Zvoľte cestu pre hľadanie súborového kľúča. UPOZORNENIE: Zapamätaná bude len cesta, nie názov súboru! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Veľkosť externého zväzku + Veľkosť skrytého zväzku + Please verify that the size of the selected device/partition shown above is correct and click Next. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Veľkosť zväzku + Dynamický + VÝSTRAHA: AUTOTEST zlyhal! + Autotesty všetkých šifier prebehli v poriadku + The data unit number that you supplied is too long or short. + The secondary key that you supplied is too long or short. + Testovací šifrovaný text, ktorý ste zadali, je príliš dlhý alebo krátky. + Testovací kľúč, ktorý ste zadali, je príliš dlhý alebo krátky. + Testovací čistý text, ktorý ste zadali, je príliš dlhý alebo krátky. + Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt Traveler Disk + Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. + Viac informácií o %s + Neznámy + An unspecified or unknown error occurred (%d). + Niektoré zväzky obsahujú súbory alebo adresáre používané aplikáciami alebo systémom.\n\nVynútiť odpojenie? + &Odpojiť + Odpojenie zlyhalo! + Zväzok obsahuje súbory alebo zložky používané aplikáciami alebo systémom.\n\nVynútiť odpojenie? + No volume is mounted to the specified drive letter. + Zväzok, ktorý sa snažíte pripojiť, je už pripojený. + Došlo k chybe pri pokuse o pripojenie zväzku. + Chyba pri hľadaní umiestnenia vo vnútri zväzku. + Chyba: Nesprávna veľkosť zväzku. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt nemôže zmeniť heslo pre cudzí zväzok. + Vyberte prosím voľné písmeno disku zo zoznamu. + Vyberte prosím najskôr pripojený zväzok zo zoznamu písmen jednotiek. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Chyba: nie je možné vytvoriť autorun.inf + Chyba pri spracovaní súborového kľúča! + Chyba pri spracovaní cesty k súborovému kľúču! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt nepodporuje tento operačný systém. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Chyba: nie je možné prideliť pamäť. + Chyba: Hodnota výkonnostného čítača nemohla byť zistená. + Error: Bad volume format. + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - Legal Notices + Všetky súbory + Zväzky VeraCrypt + Library Modules + NTFS formátovanie nemôže pokračovať. + Zväzok nie je možné pripojiť. + Zväzok nie je možné odpojiť. + Windows nemohol sformátovať zväzok ako NTFS.\n\nVyberte prosím iný systému súborov (ak je to možné) a skúste to znova. Poprípade môžete nechať zväzok nenaformátovaný (vyberte 'Žiaden' systém súborov), Ukončite tohto sprievodcu, pripojte zväzok a potom použite buď systémový nástroj alebo nástroj tretej strany k sformátovaniu pripojeného zväzku (zväzok zostane zašifrovaný). + Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? + Predvolený + partition + ODDIEL + zariadenie + device + ZARIADENIE + Oddiel + volume + VOLUME + Label + Vybraná veľkosť clustra je pre tento zväzok príliš malá. Použije sa väčšia veľkosť clustra. + Chyba: nie je možné zistiť veľkosť zväzku!\n\nUbezpečte sa, že vybraný zväzok nie je používaný systémom alebo aplikáciou. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. + Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. + Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). + Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Chyba: Ku zväzku nie je možné pristúpiť!\n\nUbezpečte sa, že vybraný zväzok existuje, že nie je pripojený používaný systémom alebo aplikáciou, že máte práva na čítanie/zápis zväzku a že zväzok nie je chránený proti zápisu. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Chyba: externý zväzok nie je možné odpojiť!\n\nZväzok nemôže byť odpojený pokiaľ obsahuje súbory alebo zložky používané programom alebo systémom.\n\nZatvorte prosím akýkoľvek program, ktorý by mohol súbory alebo adresáre na zväzku používať a kliknite znova. + Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. + Chyba: nie je možné pristúpiť na externý zväzok! Vytvorenie zväzku nie je možné dokončiť. + Chyba: Nemôžem pripojiť externý zväzok! Vytvorenie zväzku nie je možné dokončiť. + Chyba: nie je možné získať bitmapu clusteru zväzku! Vytvorenie zväzku nie je možné dokončiť. + Abecedne/podľa kategórií + Priemerná rýchlosť (zostupne) + Algoritmus + Šifrovanie + Dešifrovanie + Priemer + Disk + Veľkosť + Šifrovací algoritmus + Šifrovací algoritmus + Typ + Hodnota + Vlastnosť + Oblasť + bytov + Skrytý + Externý + Normálny + System + Hidden (system) + Len na čítanie + System drive + System drive (encrypting - %.2f%% done) + System drive (decrypting - %.2f%% done) + System drive (%.2f%% encrypted) + System partition + Hidden system partition + System partition (encrypting - %.2f%% done) + System partition (decrypting - %.2f%% done) + System partition (%.2f%% encrypted) + Áno (poškodenie zabránené!) + Žiaden + Primary Key Size + Secondary Key Size (XTS Mode) + Tweak Key Size (LRW Mode) + bitov + Veľkosť bloku + PKCS-5 PRF + PKCS-5 počet iterácií + Oddiel bol vytvorený + Hlavička bola naposledy zmenená + (pred %I64d dňami) + Volume Format Version + Embedded Backup Header + VeraCrypt Boot Loader Version + Prvé možné + Removable Disk + Hard disk + Nezmenený + Autodetection + Wizard Mode + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Setup Options + Here you can set various options to control the installation process. + Installing + Please wait while VeraCrypt is being installed. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Extraction Options + Here you can set various options to control the extraction process. + Please wait while files are being extracted. + Files successfully extracted + All files have been successfully extracted to the destination location. + If the specified folder does not exist, it will be automatically created. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Chcete Zobraziť poznámky k vydaniu aktuálnej (poslednej stabilnej) verzii programu VeraCrypt? + Pokiaľ ste ešte nikdy nepoužívali VeraCrypt, doporučujeme Vám prečítať si kapitolu príručka pre nových užívateľov v Užívateľskej príručke. Chcete si prečítať Sprievodcu ? + Please select an action to perform from the following: + Repair/Reinstall + Upgrade + Uninstall + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + Installation failed. + Uninstallation failed. + This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). + Cannot write file %s + Extracting + Cannot read data from the package. + Cannot verify the integrity of this distribution package. + Extraction failed. + Inštalácia bola vrátená späť. + VeraCrypt bol úspešne nainštalovaný. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt bol úspešne odinštalovaný.\n\nKliknite 'Dokončiť' pre odstránenie inštalátora VeraCrypt a zložky %s. Zložka nebude odstránená, pokiaľ obsahuje akékoľvek súbory, ktoré neboli nainštalované inštalátorom alebo programom VeraCrypt. + Odstraňujem záznamy v registroch O programe VeraCrypt + Pridávam záznamy do registrov + Odstraňuje, špecifické údaje aplikácie + Inštalujem + Pozastavujem + Odstraňujem + Pridávam ikonu + Vytváram bod obnovenia + Bod obnovenia sa nepodarilo vytvoriť! + Updating boot loader + Failed to install '%s'. %s\nDo you want to continue installing? + Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? + Inštalácia dokončená. + Zložka '%s' nemohla byť vytvorená + Ovládač zariadenia VeraCrypt nemôže byť odstránený.\n\nZatvorte prosím najskôr všetky okná VeraCrypt. Pokiaľ to nepomôže, reštartujte prosím Windows a skúste to znova. + Všetky zväzky VeraCrypt musí byť odpojené pred inštaláciou alebo odinštaláciou programu VeraCrypt. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + Inštalácia záznamov do registrov zlyhala + Inštalácie ovládača zariadenia zlyhala. Reštartujte prosím Windows a skúste potom nainštalovať VeraCrypt znova. + Štartujem ovládač VeraCrypt zariadenia + Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). + Inštalujem ovládač VeraCrypt zariadenia + Zastavujem ovládač VeraCrypt zariadenia + Odinštalovanie ovládača VeraCrypt zariadenia + Registrácia podpornej knižnice pre kontrolu užívateľského účtu zlyhala. + Odregistrácia podpornej knižnice pre kontrolu užívateľského účtu zlyhala. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + Error: Cannot display license. + externý(!) + dní + hodín + minút + s + Otvoriť + Odpojiť + Zobraziť VeraCrypt + Skryť VeraCrypt + Prečítané dáta od pripojenia + Zapísané dáta od pripojenia + Encrypted Portion + 100% (fully encrypted) + 0% (not encrypted) + %.3f%% + 100% + Waiting + Preparing + Resizing + Encrypting + Decrypting + Finalizing + Paused + Finished + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Zadajte heslo pre %s + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + Súborový kľúč bol úspešne vytvorený. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + Záloha hlavičky zväzku bola úspešne vytvorená.\n\nDÔLEŽITÉ: obnovením hlavičky zväzku s použitím tejto zálohy sa tiež obnoví aktuálne heslo pre zväzok. Pokiaľ je/sú potrebný súborový kľúč(e) pre pripojenia zväzku, ten istý súborový kľúč/e bude potrebný pre pripojenia zväzku znova až bude hlavička opäť vytvorená.\n\nVAROVANIE: Táto záloha hlavičky zväzku môže byť použitá k obnoveniu len tohto zväzku. Pokiaľ použijete túto zálohu hlavičky k obnoveniu hlavičky iného zväzku, budete môcť zväzok pripojiť, ale NEBUDETE schopný dešifrovať akékoľvek údaje uložené na zväzku (pretože zmeníte jeho Hlavný kľúč). + Hlavička zväzku bola úspešne obnovená.\n\nDÔLEŽITÉ: Staré heslo mohlo byť tiež obnovené. Pokiaľ bol v čase zálohy potrebný k pripojeniu zväzku súborový kľúč(e), rovnaký súborový kľúč(e) bude teraz potrebný opätovnému pripojeniu zväzku. + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + Naozaj chcete Obnoviť hlavičku zväzku pre %s?\n\nUPOZORNENIE: obnovením hlavičky zväzku obnovíte tiež jeho heslo, ktoré bolo platné v čase vytvorenia zálohy. Pokiaľ bol potrebný súborový kľúč(e) k pripojenia zväzku v čase vytvorenia zálohy, rovnaký súborový kľúč(e) bude potrebný k opätovnému pripojeniu zväzku po obnovení hlavičky zväzku.\n\nPo kliknutí na Áno, zvoľte záložný súbor hlavičky. + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. + The VeraCrypt Rescue Disk has been successfully verified. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Error creating VeraCrypt Rescue Disk. + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Pred pokračovaním odpojte prosím zväzok. + Error: Cannot set timer. + Skontrolovať systém súborov + Opraviť systém súborov + Add to Favorites... + Add to System Favorites... + P&roperties... + Skrytý zväzok je chránený + N/A + Áno + Nie + Disabled + 1 + 2 or more + Operačný mód + Label: + Size: + Path: + Drive Letter: + Chyba: Heslo musí obsahovať len ASCII znaky.\n\nNe-ASCII znaky v hesle môžu spôsobiť nemožnosť pripojenia zväzku pri zmene Vašej systémovej konfigurácie.\n\nPovolené sú nasledujúce znaky:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Upozornenie: Heslo obsahuje ne-ASCII znaky. Toto môže spôsobiť nemožnosť pripojenia zväzku pri zmene Vašej systémovej konfigurácie.\n\nMali by ste zameniť všetky ne-ASCII znaky v hesle za ASCII znaky. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nToto sú ASCII znaky:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Domovská stránka + UPOZORNENIE: Zdá sa, že ste nenainštalovali žiaden Service Pack vo Vašej používa Windows. Nemali by ste zapisovať na IDE disky väčšie ako 128 GB v systéme Windows XP, v ktorom ste nenainštalovali Service Pack 1 alebo novší! Pokiaľ tak učiníte, údaje na disku (bez ohľadu na to, či ide o zväzok VeraCrypt alebo ne) sa môžu poškodiť. Toto je obmedzenie Windows, nie chyba programu VeraCrypt. + UPOZORNENIE: Zdá sa, že ste nenainštalovali Service Pack 3 alebo novší vo Vašej inštalácii Windows. Nemali by ste zapisovať na disky väčšie ako 128 GB v systéme Windows 2000, v ktorom ste nenainštalovali Service Pack 3 alebo novší! Pokiaľ tak učiníte, údaje na disku (bez ohľadu na to, či ide o zväzok VeraCrypt alebo nie) sa môžu poškodiť. Toto je obmedzenie Windows, nie chyba programu VeraCrypt.\n\nPozn.: Možno tiež bude potrebné zapnúť podporu 48-bit LBA v registroch; pre viac informácií viď http://support.microsoft.com/kb/305098/EN-US + VAROVANIE: Podpora 48-bit LBA ATAPI je vo Vašom systéme zakázaná. Preto by ste nemali zapisovať na IDE disky väčšie ako 128 GB! Pokiaľ tak učiníte, údaje na disku (či už je to VeraCrypt zväzok alebo nie) sa môžu poškodiť. Toto je obmedzenie Windows, nie programu VeraCrypt.\n\nPre povolenie podpory 48-bit LBA, pridajte hodnotu 'EnableBigLba' do registrov v reg. kľúči HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and zadajte mu hodnotu 1.\n\nPre viac informácií viď http://support.microsoft.com/kb/305098 + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + UPOZORNENIE: pokiaľ budete chcieť v budúcností prídávať viac dát/súborov/files na externý zväzok, mali by ste zvážiť či nevybrať menšiu veľkosť skrytého zväzku.\n\nSte si istí, že chcete pokračovať so zadanou veľkosťou? + Nie je vybratý žiaden zväzok.\n\nKliknite 'Vybrať zariadenie' alebo 'Vybrať súbor' pre výber zväzku VeraCrypt. + No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. + WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? + Autom. pripojiť zariadenie + Odpojiť všetko + Vyčistiť Cache + Dismount All & Wipe Cache + Vynútiť odpojenie všetkých & Vyčistiť medzipamäť + Vynútiť odpojenie všetkých, Vyčistiť medzipamäť & Koniec + Pripojiť obľúbené oddiely + Zobraziť/skryť Hlavné okno programe VeraCrypt + (Kliknite sem a stlačte klávesu) + Akcia + Klávesová skratka + Chyba: Táto klávesová skratka je rezervovaná. Vyberte prosím inú klávesovú skratku. + Chyba: Klávesová skratka sa už používa. + VÝSTRAHA: Jedna alebo viac VeraCrypt systémových klávesových skratiek nebude fungovať!\n\nUbezpečte sa, že ďalšie aplikácie a operačný systém nepoužívajú rovnaké klávesové skratky ako VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + UPOZORNENIE: pokiaľ je táto voľba vypnutá, zväzky obsahujúce otvorené súbory/adresáre nebude možné automaticky odpojiť.\n\nSte si istí, že chcete túto voľbu vypnúť? + UPOZORNENIE: zväzky obsahujúce otvorené súbory/adresáre nebudú automaticky odpojené.\n\nAby ste tomu zabránili, povoľte nasledujúcu voľbu v tomto dialógovom okne: 'Vynútiť automatické odpojenie, aj keď zväzok obsahuje otvorené súbory alebo adresáre' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Exit? + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. + Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. + Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. + Error: Failed to interrupt the process of wiping. + Error: Failed to resume the process of encryption/decryption of the system partition/drive. + Error: Failed to start the process of wiping. + Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + UPOZORNENIE: VeraCrypt možnosť úloha na pozadí je vypnutá. Po skončení programu VeraCrypt, či je zabránené poškodenie skrytého zväzku.\n\nPozn.: úlohu na pozadí môžete kedykoľvek zatvoriť kliknutím pravého tlačidla myši na ikonu programu VeraCrypt v pravom dolnom rohu a vyberte 'Koniec'.\n\nPovoliť VeraCrypt úlohu na pozadí? + Verzia jazykového balíčka: %s + Kontrolujem systém súborov na zväzku VeraCrypt pripojeného ako %s... + Pokúšam sa opraviť súborový systém na zväzku VeraCrypt pripojenom ako %s... + Varovanie: Tento zväzok je zašifrovaný odkazovaným šifrovacím algoritmom.\n\nVšetky 64-bit-blokové šifrovacie algoritmy (napr. Blowfish, CAST-128 alebo Triple DES) sú neschválené. Tento zväzok bude možné pripojiť použitím budúcej verzia programu VeraCrypt. Treba si tiež uvedomiť, že žiadne ďalšie vylepšenia týchto odkazovaných šifrovacích algoritmov nebudú. Doporučujeme Vám vytvoriť nový VeraCrypt zväzok zašifrovaný 128-bit-blokovým šifrovacím algoritmem (napr. AES, Serpent, Twofish, apod.) a presuňte všetky súboru z tohto zväzku do nového. + Váš systém nie je nakonfigurovaný k autom. pripojeniu nových zväzkov. Môže sa stať, že zväzky VeraCrypt umiestnené na zariadeniach nebude možné pripojiť. Autom. pripojenia môže byť povolené spustením nasledujúceho príkazu a reštartovaním systému.\n\nmountvol.exe /E + Priraďte prosím písmeno jednotke oddielu/zariadeniu, ako budete pokračovať ('Ovládacie panely' > 'Systém a údržba' > 'Administr. nástroje' - 'Vytvoriť a formátovať oddiely pevného disku').\n\nToto je požiadavka operačného systému. + Pripojiť zväzok VeraCrypt + Odpojiť všetky zväzky VeraCrypt + VeraCrypt nemohol získať Administrátorské práva. + Prístup bol odoprený operačným systémom.\n\nMožná príčina: operačný systém vyžaduje, aby ste mali práva na čítanie/zápis (alebo administrátorské oprávnenia) pre určité zložky, súbory a zariadenia, aby ste mohli čítať a zapisovať údaje do/z nich. Užívateľ bez administrátorských práv môže normálne vytvárať, čítať a meniť súbory vo svojej zložke s dokumentmi. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. + The feature is not supported on the version of the operating system you are currently using. + VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. + CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). + Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + Your system partition/drive appears to be fully encrypted. + VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). + As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + This algorithm is currently not supported for system encryption. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. + Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. + As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. + VeraCrypt prevented change of keyboard layout. + Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + Error: Cannot save system encryption settings. + Cannot initiate the system encryption pretest. + Cannot initiate the process of creation of the hidden operating system. + Wipe Mode + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + None (fastest) + 1-pass (random data) + 3-pass (US DoD 5220.22-M) + 7-pass (US DoD 5220.22-M) + 35-pass ("Gutmann") + 256-pass + Number of Operating Systems + WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Boot Drive + Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. + VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. + Number of System Drives + How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. + VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. + Multiple Systems on Single Drive + Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. + Non-Windows Boot Loader + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + Multi-Boot + VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + Detecting Hidden Sectors + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + Area to Encrypt + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Collecting Random Data + Keys Generated + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Rescue Disk Recording + Rescue Disk Created + System Encryption Pretest + Rescue Disk Verified + \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? + Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Pretest Completed + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + Do you want to cancel the system encryption pretest? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + The system partition/drive does not appear to be encrypted (neither partially nor fully). + Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. + An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. + Error: The process of encryption of the partition/drive has not been completed. It must be completed first. + Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + Error: Incorrect/invalid parameter. + You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? + Do you want to create a VeraCrypt file container instead? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Are you sure you want to permanently decrypt the system partition/drive? + CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Failed to upgrade the VeraCrypt Boot Loader. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. + Skip detection of hidden sectors (use the size reported by the operating system) + Try to detect hidden sectors again + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Rescue Disk + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Test + Súborový kľúč + Backspace + Tab + Clear + Enter + Pauza + Caps Lock + Medzerník + Page Up + Page Down + End + Home + Šípka vľavo + Šípka nahor + Šípka doprava + Šípka nadol + Vybrať + Klávesa pre tlač + Klávesa Spustiť + Print Screen + Insert + Delete + Aplikačná klávesa + Uspať počítač + Num Lock + Scroll Lock + Prehliadač - späť + Prehliadač - vpred + Prehliadač - obnoviť + Prehliadač - stop + Prehliadač - hlľadať + Prehliadač - obľúbené + Domovská stránka prehliadača + Vypnúť zvuk + Znížiť hlasitosť + Zvýšiť hlasitosť + Ďalšia stopa + Predošlá stopa + Stop + Hrať/Pauza + Emailový prehliadač + Klávesa pre výber média + Aplikácia 1 + Aplikácia 2 + Attn + CrSel + ExSel + Prehrať + Zväčšiť + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.sl.xml b/Translations/Language.sl.xml index 3999bede..a08350bf 100644 --- a/Translations/Language.sl.xml +++ b/Translations/Language.sl.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Prekliči - Install &for all users - &Prebrskaj... - Add VeraCrypt icon to &desktop - Donate now... - Associate the .hc file &extension with VeraCrypt - &Open the destination location when finished - Add VeraCrypt to &Start menu - Create System &Restore point - &Uninstall - &Extract - &Install - VeraCrypt Setup Wizard - Uninstall VeraCrypt - &Pomoč - Please select or type the location where you want to place the extracted files: - Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. - Click Uninstall to remove VeraCrypt from this system. - Prekliči - &Benchmark - &Testiraj - Ustvari šifrirani zbirnik in ga formatiraj - Na mestu šifriraj razdelek - Prikaži proizvedene ključe (njihove dele) - Prikaži vsebino bazena - Prenesite si CD/DVD zapisovalno programsko opremo - Ustvari šifrirni datotečni kontejner - &GB - &TB - Več informacij - &Skriti VeraCrypt-ov zbirnik - Več informacij o skritih zbirnikih - Neposreden način - Običajen način - &KB - &Uporabi ključne dat. - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - &Ključne dat. ... - Informacije o razpršil. algor. - Več informacij - Information on PIM - &MB - Več informacij - Več informacij o šifriranju sistema - Več informacij - Poljubni zagon - Šifriraj nesistemski razdelek/pogon - &Nikoli ne beleži zgodovine - Odpri zunanji zbirnik - &Pause - Use P&IM - Use PIM - Hitro format. - &Prikaži geslo + + + + + + + + + + + + Prekliči + Install &for all users + &Prebrskaj... + Add VeraCrypt icon to &desktop + Donate now... + Associate the .hc file &extension with VeraCrypt + &Open the destination location when finished + Add VeraCrypt to &Start menu + Create System &Restore point + &Uninstall + &Extract + &Install + VeraCrypt Setup Wizard + Uninstall VeraCrypt + &Pomoč + Please select or type the location where you want to place the extracted files: + Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. + Click Uninstall to remove VeraCrypt from this system. + Prekliči + &Benchmark + &Testiraj + Ustvari šifrirani zbirnik in ga formatiraj + Na mestu šifriraj razdelek + Prikaži proizvedene ključe (njihove dele) + Prikaži vsebino bazena + Prenesite si CD/DVD zapisovalno programsko opremo + Ustvari šifrirni datotečni kontejner + &GB + &TB + Več informacij + &Skriti VeraCrypt-ov zbirnik + Več informacij o skritih zbirnikih + Neposreden način + Običajen način + &KB + &Uporabi ključne dat. + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + &Ključne dat. ... + Informacije o razpršil. algor. + Več informacij + Information on PIM + &MB + Več informacij + Več informacij o šifriranju sistema + Več informacij + Poljubni zagon + Šifriraj nesistemski razdelek/pogon + &Nikoli ne beleži zgodovine + Odpri zunanji zbirnik + &Pause + Use P&IM + Use PIM + Hitro format. + &Prikaži geslo &Prikaži geslo - &Display PIM - Enojni zagon - Običajen VeraCrypt-ov zbirnik - &Skrito - Običajno - Šifriraj sistemski razdelek ali celoten trdi disk - Šifriraj sistemski razdelek Oken - Šifriraj celotni trdi disk - VeraCrypt-ov čarovnik za ustvarjanje zbirnika - Grozd - POMEMBNO: Premikajte Vašo miško kolikor se da naključno znotraj tega okna. Dalj časa ko jo boste premikali, bolje bo. Slednje namreč znatno povečuje kriptografsko moč šifrirnih ključev. Nato kliknite 'Naprej' za nadaljevanje. - &Potrdi: - Opravl. - Drive letter: - Šifrirni algoritem - Dat. sistem - Ustvari navidezen šifriran disk znotraj datoteke. Priporočeno za neizkušene uporabnike. - Možnosti - Razpršilni algoritem - Ključ glave: - Ostaja - Glavni ključ: - Izberite to možnost, če sta dva ali več operacijskih sistemov naloženih na tem računalniku.\n\nNa primer:\n- Okna XP in Okna XP\n- Okna XP in Okna Vista\n- Okna in Mac OS X\n- Okna in Linux\n- Okna, Linux in Mac OS X - Šifrira nesistemski razdelek na kateremkoli notranjim ali zunanjim pogonom (recimo spominski pogon). Izbirno ustvari skrivni zbirnik. - Trenutna vsebina bazena (delno) - Pass - Geslo: - Volume PIM: - Volume PIM: - Napredek: - Naklj. bazen: - Izberite to možnost če je na tem računalniku naložen samo eden operacijski sistem (četudi ima mnogo uporabnikov). - Hitrost - Stanje - Ključi, naključne vrednosti in drugi podatki so bili uspešno proizvedeni. Če želite proizvesti nove ključe, kliknite Nazaj in nato Naprej. V nasprotnem primeru kliknite Naprej za nadaljevanje. - Šifrira razdelek/pogon kjer so naložena Okna. Kdorkoli želi pridobiti dostop ali uporabiti sistem, torej branje in pisanje datotek ipd., bo moral vsakič vnesti pravilno geslo preden se bodo Okna zagnala. Izbirno ustvari še skriti sistem. + &Display PIM + Enojni zagon + Običajen VeraCrypt-ov zbirnik + &Skrito + Običajno + Šifriraj sistemski razdelek ali celoten trdi disk + Šifriraj sistemski razdelek Oken + Šifriraj celotni trdi disk + VeraCrypt-ov čarovnik za ustvarjanje zbirnika + Grozd + POMEMBNO: Premikajte Vašo miško kolikor se da naključno znotraj tega okna. Dalj časa ko jo boste premikali, bolje bo. Slednje namreč znatno povečuje kriptografsko moč šifrirnih ključev. Nato kliknite 'Naprej' za nadaljevanje. + &Potrdi: + Opravl. + Drive letter: + Šifrirni algoritem + Dat. sistem + Ustvari navidezen šifriran disk znotraj datoteke. Priporočeno za neizkušene uporabnike. + Možnosti + Razpršilni algoritem + Ključ glave: + Ostaja + Glavni ključ: + Izberite to možnost, če sta dva ali več operacijskih sistemov naloženih na tem računalniku.\n\nNa primer:\n- Okna XP in Okna XP\n- Okna XP in Okna Vista\n- Okna in Mac OS X\n- Okna in Linux\n- Okna, Linux in Mac OS X + Šifrira nesistemski razdelek na kateremkoli notranjim ali zunanjim pogonom (recimo spominski pogon). Izbirno ustvari skrivni zbirnik. + Trenutna vsebina bazena (delno) + Pass + Geslo: + Volume PIM: + Volume PIM: + Napredek: + Naklj. bazen: + Izberite to možnost če je na tem računalniku naložen samo eden operacijski sistem (četudi ima mnogo uporabnikov). + Hitrost + Stanje + Ključi, naključne vrednosti in drugi podatki so bili uspešno proizvedeni. Če želite proizvesti nove ključe, kliknite Nazaj in nato Naprej. V nasprotnem primeru kliknite Naprej za nadaljevanje. + Šifrira razdelek/pogon kjer so naložena Okna. Kdorkoli želi pridobiti dostop ali uporabiti sistem, torej branje in pisanje datotek ipd., bo moral vsakič vnesti pravilno geslo preden se bodo Okna zagnala. Izbirno ustvari še skriti sistem. Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Wipe mode: - Zapri - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - Ne naredi ničesar - &Samodejno priklopi VeraCrypt-ov zbirnik (določeno spodaj) - &Zaženi VeraCrypt - &Samodejno zaznaj knjižico - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - Prebrskaj... - Prebrskaj... - &Shrani gesla in ključne dat. v predpom. - Pojdi ven iz programa, ko ni priklopljenih zbirnikov - &Zapri žetonsko sejo (odlogiranje) potem, ko je zbirnik uspešno priklopljen - Include VeraCrypt Volume Expander - Vključi VeraCrypt-ov čarovnik za ustvarjanje zbirnikov - Ustvari - &Ustvari zbirnik - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Uporabi ključne dat. - Uporabi ključne dat. - &Izhod - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Zadolži - Odstrani - Ključne dat. ... - Do not use the following number of processors for encryption/decryption: - More information - More information - Več nastavitev... - &Samopriklopi naprave - &Možnosti prikl. ... - &Priklopi zbirnik samo za branje - Ključne dat. ... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Omogočeno - Shranjuj gesla v pomnilnik gonilnika - Samoizkl. zbirnik, ko iz njega ni bilo prebr./zapis. nobenih podat. že - Uporabnik odjavi - User session locked - Vstopi v način varčev. z energijo - Zažene ohranjevalnik zaslona - Prisili samodejni izklop četudi zbirnik vsebuje odprte datoteke ali direktorije - Priklopi vse gost. VeraCrypt-ove zbirnike na napravi - Zaženi VeraCrypt-a v ozadju - Priklopi zbirnike samo za branje - Priklopi zbirnike kot zamenljiv medij - Odpri okno Raziskovalca za uspešno priklopljeni zbirnik - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Pobriši gesla shranjena v predpomnilniku ob samodejnem odklopu - Pobriši gesla v predpomnilniku ob izhodu - Preserve modification timestamp of file containers - Ponastavi - &Izberi napravo... - &Izberi datoteko... - &Izberi knjižico... - Prikaži geslo - Prikaži geslo - &Odpri okno Raziskovalca za priklopljeni zbirnik - &Shrani geslo v pomnilnik gonilnika - TrueCrypt Mode - &Odklopi vse - &Lastnosti zbirnika... - &Orodja za zbirnik... - &Izbriši predpomnilnik - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - Širše sistemske vroče tipke - VeraCrypt - Change Password or Keyfiles - Enter VeraCrypt Volume Password - VeraCrypt - Performance and Driver Options - VeraCrypt - Preferences - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - VeraCrypt-ova priprava potovalnega (prenosnega) medija - Lastnosti VeraCrypt zbirnika - O programu... - Dodaj/Odstrani ključne datoteke k/iz zbirniku/a... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Ustvari rezervno glavo zbirnika... - Izmeri zmogljivost delovanja... - Nastavi izpeljani algoritem iz ključa glave... - Spremeni geslo zbirnika... - Nastavi izpeljani algoritem iz ključa glave... - Spremeni geslo... - Izbriši zgodovino zbirnika - Zapri vse seje varnostnih žetonov - Stopi v stik... - Ustvari skrivni operacijski sistem... - Ustvari rešilni disk... - Ustvari nov zbirnik... - Permanently Decrypt... - Privzete ključne datoteke... - Default Mount Parameters... - Donate now... - Šifriraj sistemski razdelek/pogon... - Pogosto zastavljena vprašanja - Uporabniški priročnik - &Domača spletna stran - Vroče tipke... - Proizvajalec ključne datoteke - Jezik... - Pravna obvestila - Upravljaj z varnostnimi žetoni ključnih datotek... - Samodejno priklopi vse gostiteljske-naprave zbirnike - Priklopi priljubljene zbirnike - &Priklopi brez predzagonske overitve... - Priklopi zbirnik - Priklopi zbirnik z možnostmi - Novice - Spletna pomoč - Začetniški vodič - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Dokončno dešifriraj sistemski razdelek/pogon - Možnosti... - Osveži pogonske črke - Odstrani vse ključne datoteke iz zbirnika - Obnovi glavo zbirnika... - Nadaljuj prekinjen proces - Izberi napravo... - Izberi datoteko... - Nadaljuj prekinjen proces - Sistemsko šifriranje... - Lastnosti... - Nastavitve... - System Favorite Volumes... - Prenosi - Testiraj vektorje... - Varnostni žetoni... - Priprava potovalnega (prenosnega) medija... - Odklopi vse priklopljene zbirnike - Odklopi zbirnik - Preveri rešilni disk - Verify Rescue Disk ISO Image - Zgodovina različic - Volume Expander - Lastnosti zbirnika - Čarovnik za ustvarjanje zbirnikov - VeraCrypt-ova spletna stran - Pobriši gesla, shranjena v predpomnilniku - V redu - Hardware Acceleration - Bližnjica - Nastavitev samodejnega zagona (autorun.inf) - Samodejni/o izklop/i/ljanje - Izklopi vse ko: - Boot Loader Screen Options - Potrdi geslo: - Trenutno - Display this custom message in the pre-boot authentication screen (24 characters maximum): - Privzete možnosti priklopa - Možnosti vročih tipk - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Datotečne nastavitve - Zadolži tipko: - Processor (CPU) in this computer supports hardware acceleration for AES: - Dejavnosti za izvesti ob prijavi v Okna - minut - Priklopi zbirnik kot pogon: - Nastavitve priklopa - Novo - Geslo: - Thread-Based Parallelization - PKCS #11 mesto knjižice - PKCS-5 PRF: - PKCS-5 PRF: - Predpomnilniška gesla - Varnostne možnosti - VeraCrypt-ova opravila v ozadju - Priklop VeraCrypt-ovega zbirnika (relativno do korena prenosnega medija): - Po vstavitvi potovalnega (prenosnega) medija: - Ustvari prenosne datoteke medija pri (koren mesta potovalnega medija): - Zbirnik - Okna - &Dodaj mesto... - &Samotestiraj vse - &Nadaljuj - &Dešifriraj - &Delete - &Šifriraj - &Izvozi... - Proizvedi in shrani ključno datoteko... - &Proizvedi naključno ključno dat. ... - Prenesite si jezikovni paket - Hardware-accelerated AES: - &Import Keyfile to Token... - &Dodaj datoteke... - &Uporabi ključne dat. - &Ključne dat. ... - &Odstrani - &Odstrani vse - Kaj je zaščita skritega zbirnika? - Več informacij o ključnih dat. - &Priklopi zbirnik kot odstranljiv pogon - &Priklopi razdelek z uporabo sistem. šifriranja brez predzagon. overitve - Parallelization: - Izmeri zmog. del. - &Tiskaj - &Zaščiti skrivni zbirnik proti poškodbam, povzročenim s pisanjem na zunanji zbirnik - &Ponastavi - &Prikaži geslo - &Dodaj žeton. dat. ... - &Uporabi pomožno vgnezdeno glavo v zbirniku, če je možno - XTS način - O VeraCrypt-u - VeraCrypt - Merjenje zmogljivost delovanja šifrirnih algoritmov - VeraCrypt - Testiraj vektorje - Command Line Help - VeraCrypt - Ključne datoteke - VeraCrypt - Proizvajalec ključne datoteke - VeraCrypt - Jezik - VeraCrypt - Možnosti priklopa - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Izberi razdelek ali napravo - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Aktivni jezikovni paket - Hitrost je odvisna od obremenitve centralne procesne enote in značilnosti naprav, ki hranijo podatke.\n\nTi testi potekajo v delovnem spominu. - Velik. spomina: - Šifra: - &Geslo za skrivni zbirnik: - Zaščita skritega zbirnika - Velikost ključa: - POMEMBNO: Premikajte Vašo miško kolikor se da naključno znotraj tega okna. Dalj časa ko jo boste premikali, bolje bo. Slednje namreč znatno povečuje kriptografsko moč ključne datoteke. - POZOR: Če izgubite ključno datoteko ali če se ji spremeni katerikoli bit njenih prvih 1024 kilobajtov, bo nemogoče priključiti zbirnike, ki uporabljajo to ključno datoteko! - bitov - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Prevedel: - Velik. gol. sporoč.: - bitov - Trenutna vsebina bazena - Mešamo PRF: - POMEMBNO: Premikajte Vašo miško kolikor se da naključno znotraj tega okna. Dalj časa ko jo boste premikali, bolje bo. Slednje namreč znatno povečuje kriptografsko moč ključne datoteke. Ko končate, kliknite 'Nadaljuj'. - Sekundarni ključ (šestnajstiški) - Security token: - Metod. razvrščanja: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Številka bloka: - Šifriran tekst (šestnajstiški) - Številka podatkovne enote (64-bitni šestnajstiški, podatkovna enota je 512 bajtov) - Ključ (šestnajstiški) - Šifriran tekst (šestnajstiški) - Keyfile name: - XTS način - &Sistem - &Zbirniki - Favor&ites - &Orodja - &Nastavitve - &Pomoč - &Domača spletna stran - - &O programu... - The read-only attribute on your old volume could not be changed. Please check the file access permissions. - Error: Access denied.\n\nThe partition you are trying to access is either 0 sectors long, or it is the boot device. - Administrator - In order to load the VeraCrypt driver, you need to be logged into an account with administrator privileges. - Please note that in order to encrypt, decrypt or format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes. - In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue? - Please note that in order to format the volume as NTFS you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT. - Šifra, ki je bila oddobrena s strani FIPS (Rijndael, objavljen leta 1998) in se lahko uporablja v ameriških vladnih oddelkih ter agencij, z namenom zaščite zaupnih informacij do nivoja Najbolj zaupno. V uporabi je 256-bitni ključ, 128-bitni blok, 14 rund (AES-256). Način delovanja je XTS. - Volume is already mounted. - CAUTION: At least one encryption or hash algorithm failed the built-in automatic self-tests!\n\nVeraCrypt installation may be corrupted. - CAUTION: There is not enough data in the Random Number Generator pool to provide the requested amount of random data.\n\nYou should not proceed any further. Please select 'Report a Bug' from the Help menu, and report this error. - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Invalid drive letter. - Invalid path. - Prekliči - Cannot access device. Make sure the selected device exists and is not used by system. - Warning: Caps Lock is on. This may cause you to enter your password incorrectly. - Tip zbirnika - Lahko se Vam zgodi, da morate pod prisilo nekoga razkriti geslo do Vašega šifriranega zbirnika. Obstaja veliko okoliščin, ko ne želite razkriti Vašega gesla (na primer zaradi izsiljevanja). Uporaba tako imenovanega skritega zbirnika Vam omogoča rešitev tovrstnih okoliščin, ne da bi Vam bilo potrebno razkriti geslo do Vašega zbirnika. - Izberite to možnost, če želite ustvariti običajen VeraCrypt-ov zbirnik. - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - Šifrirne možnosti zunanjega zbirnika - Možnosti šifriranja skritega zbirnika - Možnosti šifriranja - WARNING: Failed to clear the path of the last selected volume/keyfile (remembered by file selector)! - Error: The container has been compressed at the filesystem level. VeraCrypt does not support compressed containers (note that compression of encrypted data is ineffective and redundant).\n\nPlease disable compression for the container by following these steps:\n1) Right-click the container in Windows Explorer (not in VeraCrypt).\n2) Select 'Properties'.\n3) In the 'Properties' dialog box, click 'Advanced'.\n4) In the 'Advanced Attributes' dialog box, disable the option 'Compress contents to save disk space' and click 'OK'.\n5) In the 'Properties' dialog box, click 'OK'. - Failed to create volume %s - Velikost %s je %.2f bajtov - Velikost %s je %.2f KB - Velikost %s je %.2f MB - Velikost %s je %.2f GB - Velikost %s je %.2f TB - Velikost %s je %.2f PB - WARNING: The device/partition is in use by the operating system or applications. Formatting the device/partition might cause data corruption and system instability.\n\nContinue? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - Error: The device/partition contains a file system that could not be dismounted. The file system may be in use by the operating system. Formatting the device/partition would very likely cause data corruption and system instability.\n\nTo solve this issue, we recommend that you first delete the partition and then recreate it without formatting. To do so, follow these steps:\n1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear.\n2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'.\n3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'.\n4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5.\n5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'.\n6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'.\n7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again.\n8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - WARNING: Some of the mounted devices/partitions were already in use!\n\nIgnoring this can cause undesired results including system instability.\n\nWe strongly recommend that you close any application that might be using the devices/partitions. - The selected device contains partitions.\n\nFormatting the device might cause system instability and/or data corruption. Please either select a partition on the device, or remove all partitions on the device to enable VeraCrypt to format it safely. - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - Šifriranje na mestu nesistemskih zbirnikov ni omogočeno (možno) na različici operacijskega sistema katerega trenutno uporabljate (ta možnost je podprta samo na Oknih Vista in poznejših različicah Oken).\n\nRazlog za to je, da ta različica Oken ne podpira možnosti zmanjšanja velikosti datotečnega sistema (slednji se mora skrčiti zato da se ustvari prostor za glavo zbirnika in pomožno glavo le-tega). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - Da lahko šifrirate podatke na tem razdelku, prosim da sledite naslednjim korakom:\n\n1) Ustvarite VeraCrypt-ov zbirnik na praznem razdelku/napravi in ga priklopite.\n\n2) Prekopirajte vse datoteke iz razdelka, katerega ste prvotno želeli šifirati, v priklopljeni VeraCrypt-ov zbirnik (kateri je bil ustvarjen in priklopljen v koraku 1).\n\n3) Ustvarite VeraCrypt-ov zbirnik na razdelku katerega ste prvotno želeli šifirati in se prepričajte, da (v VeraCrypt-ovem čarovniku namreč) izberete možnost "Ustvari šifrirani zbirnik in ga formatiraj" (namesto možnosti "Na mestu šifriraj razdelek"). Zabeležite si, da bodo vsi podatki na razdelku izbrisani. Potem ko je zbirnik ustvarjen, ga priklopite.\n\n4) Prekopirajte vse datoteke iz priklopljenega pomožnega VeraCrypt-ovega zbirnika (ustvarjen in priklopljen v koraku 1) v priklopljeni VeraCrypt-ov zbirnik, kateri je bil ustvarjen (in priklopljen) v koraku 3.\n\nPotem ko dokončate vse te korake bodo podatki šifrirani in v nadaljevanju boste imeli tudi šifrirano pomožno kopijo podatkov. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Nezasedenega prostora na pogonu %s je %.2f bajtov. - Nezasedenega prostora na pogonu %s je %.2f KB - Nezasedenega prostora na pogonu %s je %.2f MB - Nezasedenega prostora na pogonu %s je %.2f GB - Nezasedenega prostora na pogonu %s je %.2f TB - Nezasedenega prostora na pogonu %s je %.2f PB - Could not get available drive letters. - Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Error: Cipher initialization failure. - Error: A weak or a potentially weak key has been detected. The key will be discarded. Please try again. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt Critical Error - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Encrypt - &Decrypt - &Permanently Decrypt - Izhod - Please create a logical drive for this extended partition, and then try again. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Šifrirani VeraCrypt-ovi zbirniki, ki gostujejo na napravah, se lahko ustvarjajo znotraj razdelkov na trdih diskih, SSD pogonih, USB spominskih ključev in na drugih pomnilnih napravah, ki to podpirajo. Razdelke se lahko tudi na mestu šifrira.\n\nV nadaljevanju se lahko šifrirani VeraCrypt-ovi zbirniki, ki gostujejo na napravah, ustvarijo znotraj naprav, ki ne vsebujejo nobenih razdelkov (vključno s trdimi diski in SSD pogoni).\n\nOpomba: Naprava, ki vsebuje razdelke je lahko v celoti šifrirana (z uporabo samo enega ključa), vendar samo če so na njej naložena Okna in če se iz nje zaganja. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nIzberite mesto zunanjega zbirnika za ustvaritev (znotraj tega zbirnika bo ustvarjen skriti zbirnik v nadaljevanju).\n\nZunanji zbirniki se lahko ustvarjajo znotraj razdelkov na trdih diskih, SSD pogonih, USB spominskih ključev in na drugih pomnilnih napravah, ki to podpirajo. Zunanji zbirniki se lahko tudi ustvarijo znotraj naprav, ki ne vsebujejo nobenih razdelkov (vključno s trdimi diski in SSD pogoni).\n\nOPOZORILO: Zabeležite si, da bo razdelek/naprava formatiran-a in vsi podatki, ki so trenutno shranjeni na njej-m, bodo izgubljeni. - \nIzberite mesto že obstoječega VeraCrypt-ovega zbirnika, v katerem si želite ustvariti skriti zbirnik. - OPOZORILO: Gostujoča datoteka/naprava je trenutno v uporabi !\n\nNeupoštevanje omenjenega lahko povzroči nezaželjene posledice, vključno z nestabilnim delovanjem sistema. Vsi programi, ki morebiti dostopajo ali uporabljajo gostujočo datoteko/napravo (npr., protivirusni program ali ali program za ustvarjanje rezervnih kopij) bi morali biti zaprti preden se priklopi zbirnik.\n\nNadaljujem s priklopom ? - Error: Cannot mount volume. The host file/device is already in use. Attempt to mount without exclusive access failed as well. - The file could not be opened. - Mesto zbirnika - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Način ustvarjanja zbirnika - To je najhitrejši način, da ustvarite gostujoči razdelek ali gostujoči VeraCrypt-ov razdelek na napravi (za razliko šifriranja na mestu, kar je druga možnost, vendar je slednja počasnejša zaradi tega, ker se mora vsebina v vsakem sektorju prvo prebrati, nato šifrirati in na koncu zapisati). Katerikoli podatki, ki so trenutno shranjeni na izbranem razdelku/napravi, bodo izgubljeni (podatki NE BODO šifrirani; prepisani bodo z naključnimi podatki). Če želite šifrirati obstoječe podatke na razdelku, potem izberite spodnjo možnost. - V celoti izbran razdelek in vsi podatki shranjeni na njem bodo na mestu šifirani. Če je razdelek prazen, potem bi morali izbrati zgornjo možnost (zbirnik bo ustvarjen mnogo hitreje). - Note: - &Resume - &Defer - &Start - &Continue - &Formatiraj - &Wipe - Abort format? - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - The system partition/drive has been successfully decrypted. - \n\nVeraCrypt-ov zbirnik je bil ustvarjen in je pripravljen za uporabo. Če želite ustvariti še kakšen VeraCrypt-ov zbirnik, kliknite Naprej. V nasprotnem primeru pa kliknite Izhod. - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCrypt-ov zbirnik je bil uspešno ustvarjen. - Zbirnik ustvarjen - POMEMBNO: Premikajte Vašo miško kolikor se da naključno znotraj tega okna. Dalj časa ko jo boste premikali, bolje bo. Slednje namreč znatno povečuje kriptografsko moč šifrirnih ključev. Nato kliknite Formatiraj, da ustvarite zbirnik. - Kliknite Formatiraj, da ustvarite zunanji zbirnik. Za več informacij si poglejte dokumentacijo. - Formatiranje zunanjega zbirnika - Formatiranje skritega zbirnika - Formatiranje zbirnika - Adobe Reader (or a compatible tool) is necessary to view or print the VeraCrypt User's Guide. Adobe Reader (freeware) can be downloaded at: www.adobe.com\n\nDo you want to view the online documentation instead? - Če izberete to možnost, Vam bo čarovnik prvo pomagal ustvariti običajen VeraCrypt-ov zbirnik, nato pa še skritega znotraj njega. Neizkušeni uporabniki bi morali zmeraj uporabiti to možnost. - Če izberete to možnost, boste ustvarili skriti zbirnik znotraj obstoječega VeraCrypt-ovega zbirnika. Predvideva se, da ste si že ustvarili TruCrypt-ov zbirnik, ki je primeren za gostovanje skritega. - Način ustvarjanja zbirnika - Skriti zbirnik je ustvarjen - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - Zunanji zbirnik je bil uspešno ustvarjen in priklopljen kot pogon %hc:. Na ta zbirnik lahko sedaj prekopirate nekaj na videz občutljivih datotek, ki jih pravzaprav NE želite skriti. Datoteke se bodo nahajale tam za na ogled vsakomur, ki Vas bo prisilil v razkritje Vašega gesla. Razkrili boste geslo samo za ta zunanji zbirnik, ne pa za skritega. Datoteke, za katere Vam je pa res mar, bodo pa shranjene v skritem zbirniku, ki ga boste ustvarili v nadaljevanju. Ko končate s kopiranjem kliknite Naprej. Ne odklopite zbirnika.\n\nNote: Potem ko kliknete Naprej bodo grozdi o prostih informacijah od zunanjega zbirnika pregledani, da se ugotovi velikost neprekinjenega dela nezasedenega prostora, čigar konec je poravnan s koncem zbirnika. Ta prostor bo gostil skriti zbirnik tako da bo omejil njegovo najvišjo možno velikost. Pregledovanje grozdov o prostih informacijah zagotavlja, da se ne bodo prepisovali podatki iz skritega zbirnika na zunanjega. - Vsebina zunanjega zbirnika - \n\nV naslednjih korakih boste nastavili možnosti za zunanji zbirnik (znotraj katerega bo ustvarjen skriti zbirnik v nadaljevanju). - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - Zunanji zbirnik - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nGrozdi o prostih informacijah od zbirnika so bili pregledani in najvišja možna velikost skritega zbirnika je bila ugotovljena. V naslednjih korakih boste nastavili možnosti, velikost in geslo za skriti zbirnik. - Skriti zbirnik - The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - Your computer must be restarted.\n\nDo you want to restart it now? - An error occurred when obtaining the system encryption status. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Cannot initialize application components for system encryption. - Failed to initialize the random number generator!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Unable to initialize the application. Failed to register the Dialog class. - Error: Failed to load the Rich Edit system library. - VeraCrypt-ov čarovnik za ustvar. zbirnika - Najvišja možna velikost skritega zbirnika za ta zbirnik je %.2f bajtov. - Najvišja možna velikost skritega zbirnika za ta zbirnik je %.2f KB. - Najvišja možna velikost skritega zbirnika za ta zbirnik je %.2f MB. - Najvišja možna velikost skritega zbirnika za ta zbirnik je %.2f GB. - Najvišja možna velikost skritega zbirnika za ta zbirnik je %.2f TB. - Geslo ali ključne datoteke zbirnika ni moč spreminjati medtem ko je zbirnik priklopljen. Prosim, da slednjega prvo odklopite. - Izpeljani algoritem iz ključa glave ni možno spreminjati medtem ko je zbirnik prikljopljen. Prosim, da slednjega prvo odklopite. - &Priklopi - Novejša različica programa VeraCrypt je potrebna, da lahko priklopite ta zbirnik. - Error: Volume Creation Wizard not found.\n\nPlease make sure that the file 'VeraCrypt Format.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCrypt Format.exe' on your disk and run it. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Naprej > - &Finish - &Install - E&xtract - Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. - Error occurred when loading/preparing fonts. - The drive letter was not found or no drive letter was specified. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Drive letter not available. - No file selected! - No drive letters available. - No free drive letter for the outer volume! Volume creation cannot continue. - Could not determine your operating system version or you are using an unsupported operating system. - No path selected! - Not enough free space for the hidden volume! Volume creation cannot continue. - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - The driver is unable to dismount the volume. Some files located on the volume are probably still open. - Unable to lock the volume. There are still open files on the volume. Therefore, it cannot be dismounted. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - Izberi VeraCrypt-ov zbirnik - Specify Path and File Name - Select PKCS #11 Library - Out of Memory - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? - PREVIDNO: VSE DATOTEKE, KI SO TRENUTNO SHRANJENE NA IZBRANEM RAZDELKU %s '%s'%s BODO POBRISANE IN IZGUBLJENE (NE BODO ŠIFRIRANE) !\n\nAli ste prepričani, da želite nadaljevati s formatiranjem ? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - Geslo - PIM - Nastavi izpeljani algoritem iz ključa glave - Add/Remove Keyfiles to/from Volume - Remove All Keyfiles from Volume - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Keyfile(s) successfully added/removed. - Keyfile exported. - Header key derivation algorithm successfully set. - Prosim, da vnesete geslo in/ali ključno datoteko(e) za nesistemski zbirnik kjer želite nadaljevati proces šifriranja na mestu.\n\n\nOpomba: Potem ko kliknete Naprej bo VeraCrypt poizkusil najti vse nesistemske zbirnike kjer je bil proces šifriranja prekinjen in kjer je lahko glava VeraCrypt-ovega zbirnika dešifrirana z uporabo priloženega gesla in/ali ključne(ih) datotek(e). Če je najden več kot eden tovrsten zbirnik, potem boste morali izbrati enega izmed teh v naslednjem koraku. - Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - Zelo pomembno je, da si izberete dobro geslo. Izogibajte se izbire gesla, ki vsebuje samo eno besedo in slednjo se da najti v slovarju (ali kombinacijo dveh, treh ali štirih tovrstnih besed). Naj tudi ne vsebuje kakršnihkoli imen ali datumov rojstva. Geslo naj ne bo lahko za uganjevanje. Dobro geslo je naključna kombinacija črk z veliko in malo začetnico, številk in posebnih znakov, kot @ ^ = $ * + itn. Pri izbiri gesla priporočamo sestavo le-tega iz več kot 20 znakov (daljše kot je, bolje je). Najvišja možna dolžina je 64 znakov. - Prosim, da si izberete geslo za skriti zbirnik. - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - Prosim, da vnesete geslo za zbirnik znotraj katerega želite ustvariti skritega.\n\nPotem ko kliknete Naprej bo VeraCrypt poizkusil priklopiti zbirnik. Čim ko bo slednji priklopljen, bodo njegovi grozdi o prostih informacijah pregledani zato, da se ugotovi velikost neprekinjenega nezasedenega prostora (če ga je kje), čigar konec je poravnan s koncem zbirnika. Ta prostor bo gostil skriti zbirnik in tako torej omejil njegovo najvišjo možno velikost. Pregledovanje zemljevida grozdov je potrebno zato, da podatki iz skritega zbirnika ne bodo prepisali zunanjega. - \nProsim, da si izberete geslo za zunanji zbirnik. Slednjega boste lahko razkrili nasprotniku, če boste povprašani po njem ali prisiljeni v to.\n\nPOMEMBNO: Geslo mora biti bistveno drugačno od tistega, ki si ga boste izbrali za skriti zbirnik.\n\nOpomba: Najvišja možna dolžina gesla znaša 64 znakov. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - Geslo zunanjega zbirnika - Geslo za skriti zbirnik - Password for Hidden Operating System - OPOZORILO: Kratka gesla je lahko razbiti z tehniko pretentanja kriptografske sheme z uporabo več možnosti dešifriranja vsebine !\n\nPriporočamo izbiro gesla, ki ga sestavlja več kot 20 znakov. Ste prepričani, da želite uporabiti krajše geslo ? - Geslo za zbirnik - Napačno geslo ali pa se ne gre za VeraCrypt-ov zbirnik. - Incorrect keyfile(s) and/or password or not a VeraCrypt volume. - Wrong mount mode, incorrect password, or not a VeraCrypt volume. - Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. - Incorrect password or no VeraCrypt volume found. - Incorrect keyfile(s)/password or no VeraCrypt volume found. - \n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Nazaj - Unable to list raw devices installed on your system! - The volume '%s' exists, and is read-only. Are you sure you want to replace it? - Select destination directory - Select Keyfile - Select a keyfile search path. WARNING: Note that only the path will be remembered, not the filenames! + Volume Label in Windows: + Wipe mode: + Zapri + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + Ne naredi ničesar + &Samodejno priklopi VeraCrypt-ov zbirnik (določeno spodaj) + &Zaženi VeraCrypt + &Samodejno zaznaj knjižico + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + Prebrskaj... + Prebrskaj... + &Shrani gesla in ključne dat. v predpom. + Pojdi ven iz programa, ko ni priklopljenih zbirnikov + &Zapri žetonsko sejo (odlogiranje) potem, ko je zbirnik uspešno priklopljen + Include VeraCrypt Volume Expander + Vključi VeraCrypt-ov čarovnik za ustvarjanje zbirnikov + Ustvari + &Ustvari zbirnik + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Uporabi ključne dat. + Uporabi ključne dat. + &Izhod + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Zadolži + Odstrani + Ključne dat. ... + Do not use the following number of processors for encryption/decryption: + More information + More information + Več nastavitev... + &Samopriklopi naprave + &Možnosti prikl. ... + &Priklopi zbirnik samo za branje + Ključne dat. ... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Omogočeno + Shranjuj gesla v pomnilnik gonilnika + Samoizkl. zbirnik, ko iz njega ni bilo prebr./zapis. nobenih podat. že + Uporabnik odjavi + User session locked + Vstopi v način varčev. z energijo + Zažene ohranjevalnik zaslona + Prisili samodejni izklop četudi zbirnik vsebuje odprte datoteke ali direktorije + Priklopi vse gost. VeraCrypt-ove zbirnike na napravi + Zaženi VeraCrypt-a v ozadju + Priklopi zbirnike samo za branje + Priklopi zbirnike kot zamenljiv medij + Odpri okno Raziskovalca za uspešno priklopljeni zbirnik + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Pobriši gesla shranjena v predpomnilniku ob samodejnem odklopu + Pobriši gesla v predpomnilniku ob izhodu + Preserve modification timestamp of file containers + Ponastavi + &Izberi napravo... + &Izberi datoteko... + &Izberi knjižico... + Prikaži geslo + Prikaži geslo + &Odpri okno Raziskovalca za priklopljeni zbirnik + &Shrani geslo v pomnilnik gonilnika + TrueCrypt Mode + &Odklopi vse + &Lastnosti zbirnika... + &Orodja za zbirnik... + &Izbriši predpomnilnik + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - Širše sistemske vroče tipke + VeraCrypt + Change Password or Keyfiles + Enter VeraCrypt Volume Password + VeraCrypt - Performance and Driver Options + VeraCrypt - Preferences + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + VeraCrypt-ova priprava potovalnega (prenosnega) medija + Lastnosti VeraCrypt zbirnika + O programu... + Dodaj/Odstrani ključne datoteke k/iz zbirniku/a... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Ustvari rezervno glavo zbirnika... + Izmeri zmogljivost delovanja... + Nastavi izpeljani algoritem iz ključa glave... + Spremeni geslo zbirnika... + Nastavi izpeljani algoritem iz ključa glave... + Spremeni geslo... + Izbriši zgodovino zbirnika + Zapri vse seje varnostnih žetonov + Stopi v stik... + Ustvari skrivni operacijski sistem... + Ustvari rešilni disk... + Ustvari nov zbirnik... + Permanently Decrypt... + Privzete ključne datoteke... + Default Mount Parameters... + Donate now... + Šifriraj sistemski razdelek/pogon... + Pogosto zastavljena vprašanja + Uporabniški priročnik + &Domača spletna stran + Vroče tipke... + Proizvajalec ključne datoteke + Jezik... + Pravna obvestila + Upravljaj z varnostnimi žetoni ključnih datotek... + Samodejno priklopi vse gostiteljske-naprave zbirnike + Priklopi priljubljene zbirnike + &Priklopi brez predzagonske overitve... + Priklopi zbirnik + Priklopi zbirnik z možnostmi + Novice + Spletna pomoč + Začetniški vodič + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Dokončno dešifriraj sistemski razdelek/pogon + Možnosti... + Osveži pogonske črke + Odstrani vse ključne datoteke iz zbirnika + Obnovi glavo zbirnika... + Nadaljuj prekinjen proces + Izberi napravo... + Izberi datoteko... + Nadaljuj prekinjen proces + Sistemsko šifriranje... + Lastnosti... + Nastavitve... + System Favorite Volumes... + Prenosi + Testiraj vektorje... + Varnostni žetoni... + Priprava potovalnega (prenosnega) medija... + Odklopi vse priklopljene zbirnike + Odklopi zbirnik + Preveri rešilni disk + Verify Rescue Disk ISO Image + Zgodovina različic + Volume Expander + Lastnosti zbirnika + Čarovnik za ustvarjanje zbirnikov + VeraCrypt-ova spletna stran + Pobriši gesla, shranjena v predpomnilniku + V redu + Hardware Acceleration + Bližnjica + Nastavitev samodejnega zagona (autorun.inf) + Samodejni/o izklop/i/ljanje + Izklopi vse ko: + Boot Loader Screen Options + Potrdi geslo: + Trenutno + Display this custom message in the pre-boot authentication screen (24 characters maximum): + Privzete možnosti priklopa + Možnosti vročih tipk + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Datotečne nastavitve + Zadolži tipko: + Processor (CPU) in this computer supports hardware acceleration for AES: + Dejavnosti za izvesti ob prijavi v Okna + minut + Priklopi zbirnik kot pogon: + Nastavitve priklopa + Novo + Geslo: + Thread-Based Parallelization + PKCS #11 mesto knjižice + PKCS-5 PRF: + PKCS-5 PRF: + Predpomnilniška gesla + Varnostne možnosti + VeraCrypt-ova opravila v ozadju + Priklop VeraCrypt-ovega zbirnika (relativno do korena prenosnega medija): + Po vstavitvi potovalnega (prenosnega) medija: + Ustvari prenosne datoteke medija pri (koren mesta potovalnega medija): + Zbirnik + Okna + &Dodaj mesto... + &Samotestiraj vse + &Nadaljuj + &Dešifriraj + &Delete + &Šifriraj + &Izvozi... + Proizvedi in shrani ključno datoteko... + &Proizvedi naključno ključno dat. ... + Prenesite si jezikovni paket + Hardware-accelerated AES: + &Import Keyfile to Token... + &Dodaj datoteke... + &Uporabi ključne dat. + &Ključne dat. ... + &Odstrani + &Odstrani vse + Kaj je zaščita skritega zbirnika? + Več informacij o ključnih dat. + &Priklopi zbirnik kot odstranljiv pogon + &Priklopi razdelek z uporabo sistem. šifriranja brez predzagon. overitve + Parallelization: + Izmeri zmog. del. + &Tiskaj + &Zaščiti skrivni zbirnik proti poškodbam, povzročenim s pisanjem na zunanji zbirnik + &Ponastavi + &Prikaži geslo + &Dodaj žeton. dat. ... + &Uporabi pomožno vgnezdeno glavo v zbirniku, če je možno + XTS način + O VeraCrypt-u + VeraCrypt - Merjenje zmogljivost delovanja šifrirnih algoritmov + VeraCrypt - Testiraj vektorje + Command Line Help + VeraCrypt - Ključne datoteke + VeraCrypt - Proizvajalec ključne datoteke + VeraCrypt - Jezik + VeraCrypt - Možnosti priklopa + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Izberi razdelek ali napravo + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Aktivni jezikovni paket + Hitrost je odvisna od obremenitve centralne procesne enote in značilnosti naprav, ki hranijo podatke.\n\nTi testi potekajo v delovnem spominu. + Velik. spomina: + Šifra: + &Geslo za skrivni zbirnik: + Zaščita skritega zbirnika + Velikost ključa: + POMEMBNO: Premikajte Vašo miško kolikor se da naključno znotraj tega okna. Dalj časa ko jo boste premikali, bolje bo. Slednje namreč znatno povečuje kriptografsko moč ključne datoteke. + POZOR: Če izgubite ključno datoteko ali če se ji spremeni katerikoli bit njenih prvih 1024 kilobajtov, bo nemogoče priključiti zbirnike, ki uporabljajo to ključno datoteko! + bitov + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Prevedel: + Velik. gol. sporoč.: + bitov + Trenutna vsebina bazena + Mešamo PRF: + POMEMBNO: Premikajte Vašo miško kolikor se da naključno znotraj tega okna. Dalj časa ko jo boste premikali, bolje bo. Slednje namreč znatno povečuje kriptografsko moč ključne datoteke. Ko končate, kliknite 'Nadaljuj'. + Sekundarni ključ (šestnajstiški) + Security token: + Metod. razvrščanja: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Številka bloka: + Šifriran tekst (šestnajstiški) + Številka podatkovne enote (64-bitni šestnajstiški, podatkovna enota je 512 bajtov) + Ključ (šestnajstiški) + Šifriran tekst (šestnajstiški) + Keyfile name: + XTS način + &Sistem + &Zbirniki + Favor&ites + &Orodja + &Nastavitve + &Pomoč + &Domača spletna stran + + &O programu... + The read-only attribute on your old volume could not be changed. Please check the file access permissions. + Error: Access denied.\n\nThe partition you are trying to access is either 0 sectors long, or it is the boot device. + Administrator + In order to load the VeraCrypt driver, you need to be logged into an account with administrator privileges. + Please note that in order to encrypt, decrypt or format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes. + In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue? + Please note that in order to format the volume as NTFS you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT. + Šifra, ki je bila oddobrena s strani FIPS (Rijndael, objavljen leta 1998) in se lahko uporablja v ameriških vladnih oddelkih ter agencij, z namenom zaščite zaupnih informacij do nivoja Najbolj zaupno. V uporabi je 256-bitni ključ, 128-bitni blok, 14 rund (AES-256). Način delovanja je XTS. + Volume is already mounted. + CAUTION: At least one encryption or hash algorithm failed the built-in automatic self-tests!\n\nVeraCrypt installation may be corrupted. + CAUTION: There is not enough data in the Random Number Generator pool to provide the requested amount of random data.\n\nYou should not proceed any further. Please select 'Report a Bug' from the Help menu, and report this error. + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Invalid drive letter. + Invalid path. + Prekliči + Cannot access device. Make sure the selected device exists and is not used by system. + Warning: Caps Lock is on. This may cause you to enter your password incorrectly. + Tip zbirnika + Lahko se Vam zgodi, da morate pod prisilo nekoga razkriti geslo do Vašega šifriranega zbirnika. Obstaja veliko okoliščin, ko ne želite razkriti Vašega gesla (na primer zaradi izsiljevanja). Uporaba tako imenovanega skritega zbirnika Vam omogoča rešitev tovrstnih okoliščin, ne da bi Vam bilo potrebno razkriti geslo do Vašega zbirnika. + Izberite to možnost, če želite ustvariti običajen VeraCrypt-ov zbirnik. + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + Šifrirne možnosti zunanjega zbirnika + Možnosti šifriranja skritega zbirnika + Možnosti šifriranja + WARNING: Failed to clear the path of the last selected volume/keyfile (remembered by file selector)! + Error: The container has been compressed at the filesystem level. VeraCrypt does not support compressed containers (note that compression of encrypted data is ineffective and redundant).\n\nPlease disable compression for the container by following these steps:\n1) Right-click the container in Windows Explorer (not in VeraCrypt).\n2) Select 'Properties'.\n3) In the 'Properties' dialog box, click 'Advanced'.\n4) In the 'Advanced Attributes' dialog box, disable the option 'Compress contents to save disk space' and click 'OK'.\n5) In the 'Properties' dialog box, click 'OK'. + Failed to create volume %s + Velikost %s je %.2f bajtov + Velikost %s je %.2f KB + Velikost %s je %.2f MB + Velikost %s je %.2f GB + Velikost %s je %.2f TB + Velikost %s je %.2f PB + WARNING: The device/partition is in use by the operating system or applications. Formatting the device/partition might cause data corruption and system instability.\n\nContinue? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + Error: The device/partition contains a file system that could not be dismounted. The file system may be in use by the operating system. Formatting the device/partition would very likely cause data corruption and system instability.\n\nTo solve this issue, we recommend that you first delete the partition and then recreate it without formatting. To do so, follow these steps:\n1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear.\n2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'.\n3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'.\n4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5.\n5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'.\n6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'.\n7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again.\n8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + WARNING: Some of the mounted devices/partitions were already in use!\n\nIgnoring this can cause undesired results including system instability.\n\nWe strongly recommend that you close any application that might be using the devices/partitions. + The selected device contains partitions.\n\nFormatting the device might cause system instability and/or data corruption. Please either select a partition on the device, or remove all partitions on the device to enable VeraCrypt to format it safely. + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + Šifriranje na mestu nesistemskih zbirnikov ni omogočeno (možno) na različici operacijskega sistema katerega trenutno uporabljate (ta možnost je podprta samo na Oknih Vista in poznejših različicah Oken).\n\nRazlog za to je, da ta različica Oken ne podpira možnosti zmanjšanja velikosti datotečnega sistema (slednji se mora skrčiti zato da se ustvari prostor za glavo zbirnika in pomožno glavo le-tega). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + Da lahko šifrirate podatke na tem razdelku, prosim da sledite naslednjim korakom:\n\n1) Ustvarite VeraCrypt-ov zbirnik na praznem razdelku/napravi in ga priklopite.\n\n2) Prekopirajte vse datoteke iz razdelka, katerega ste prvotno želeli šifirati, v priklopljeni VeraCrypt-ov zbirnik (kateri je bil ustvarjen in priklopljen v koraku 1).\n\n3) Ustvarite VeraCrypt-ov zbirnik na razdelku katerega ste prvotno želeli šifirati in se prepričajte, da (v VeraCrypt-ovem čarovniku namreč) izberete možnost "Ustvari šifrirani zbirnik in ga formatiraj" (namesto možnosti "Na mestu šifriraj razdelek"). Zabeležite si, da bodo vsi podatki na razdelku izbrisani. Potem ko je zbirnik ustvarjen, ga priklopite.\n\n4) Prekopirajte vse datoteke iz priklopljenega pomožnega VeraCrypt-ovega zbirnika (ustvarjen in priklopljen v koraku 1) v priklopljeni VeraCrypt-ov zbirnik, kateri je bil ustvarjen (in priklopljen) v koraku 3.\n\nPotem ko dokončate vse te korake bodo podatki šifrirani in v nadaljevanju boste imeli tudi šifrirano pomožno kopijo podatkov. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Nezasedenega prostora na pogonu %s je %.2f bajtov. + Nezasedenega prostora na pogonu %s je %.2f KB + Nezasedenega prostora na pogonu %s je %.2f MB + Nezasedenega prostora na pogonu %s je %.2f GB + Nezasedenega prostora na pogonu %s je %.2f TB + Nezasedenega prostora na pogonu %s je %.2f PB + Could not get available drive letters. + Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Error: Cipher initialization failure. + Error: A weak or a potentially weak key has been detected. The key will be discarded. Please try again. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt Critical Error + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Encrypt + &Decrypt + &Permanently Decrypt + Izhod + Please create a logical drive for this extended partition, and then try again. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Šifrirani VeraCrypt-ovi zbirniki, ki gostujejo na napravah, se lahko ustvarjajo znotraj razdelkov na trdih diskih, SSD pogonih, USB spominskih ključev in na drugih pomnilnih napravah, ki to podpirajo. Razdelke se lahko tudi na mestu šifrira.\n\nV nadaljevanju se lahko šifrirani VeraCrypt-ovi zbirniki, ki gostujejo na napravah, ustvarijo znotraj naprav, ki ne vsebujejo nobenih razdelkov (vključno s trdimi diski in SSD pogoni).\n\nOpomba: Naprava, ki vsebuje razdelke je lahko v celoti šifrirana (z uporabo samo enega ključa), vendar samo če so na njej naložena Okna in če se iz nje zaganja. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nIzberite mesto zunanjega zbirnika za ustvaritev (znotraj tega zbirnika bo ustvarjen skriti zbirnik v nadaljevanju).\n\nZunanji zbirniki se lahko ustvarjajo znotraj razdelkov na trdih diskih, SSD pogonih, USB spominskih ključev in na drugih pomnilnih napravah, ki to podpirajo. Zunanji zbirniki se lahko tudi ustvarijo znotraj naprav, ki ne vsebujejo nobenih razdelkov (vključno s trdimi diski in SSD pogoni).\n\nOPOZORILO: Zabeležite si, da bo razdelek/naprava formatiran-a in vsi podatki, ki so trenutno shranjeni na njej-m, bodo izgubljeni. + \nIzberite mesto že obstoječega VeraCrypt-ovega zbirnika, v katerem si želite ustvariti skriti zbirnik. + OPOZORILO: Gostujoča datoteka/naprava je trenutno v uporabi !\n\nNeupoštevanje omenjenega lahko povzroči nezaželjene posledice, vključno z nestabilnim delovanjem sistema. Vsi programi, ki morebiti dostopajo ali uporabljajo gostujočo datoteko/napravo (npr., protivirusni program ali ali program za ustvarjanje rezervnih kopij) bi morali biti zaprti preden se priklopi zbirnik.\n\nNadaljujem s priklopom ? + Error: Cannot mount volume. The host file/device is already in use. Attempt to mount without exclusive access failed as well. + The file could not be opened. + Mesto zbirnika + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Način ustvarjanja zbirnika + To je najhitrejši način, da ustvarite gostujoči razdelek ali gostujoči VeraCrypt-ov razdelek na napravi (za razliko šifriranja na mestu, kar je druga možnost, vendar je slednja počasnejša zaradi tega, ker se mora vsebina v vsakem sektorju prvo prebrati, nato šifrirati in na koncu zapisati). Katerikoli podatki, ki so trenutno shranjeni na izbranem razdelku/napravi, bodo izgubljeni (podatki NE BODO šifrirani; prepisani bodo z naključnimi podatki). Če želite šifrirati obstoječe podatke na razdelku, potem izberite spodnjo možnost. + V celoti izbran razdelek in vsi podatki shranjeni na njem bodo na mestu šifirani. Če je razdelek prazen, potem bi morali izbrati zgornjo možnost (zbirnik bo ustvarjen mnogo hitreje). + Note: + &Resume + &Defer + &Start + &Continue + &Formatiraj + &Wipe + Abort format? + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + The system partition/drive has been successfully decrypted. + \n\nVeraCrypt-ov zbirnik je bil ustvarjen in je pripravljen za uporabo. Če želite ustvariti še kakšen VeraCrypt-ov zbirnik, kliknite Naprej. V nasprotnem primeru pa kliknite Izhod. + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCrypt-ov zbirnik je bil uspešno ustvarjen. + Zbirnik ustvarjen + POMEMBNO: Premikajte Vašo miško kolikor se da naključno znotraj tega okna. Dalj časa ko jo boste premikali, bolje bo. Slednje namreč znatno povečuje kriptografsko moč šifrirnih ključev. Nato kliknite Formatiraj, da ustvarite zbirnik. + Kliknite Formatiraj, da ustvarite zunanji zbirnik. Za več informacij si poglejte dokumentacijo. + Formatiranje zunanjega zbirnika + Formatiranje skritega zbirnika + Formatiranje zbirnika + Adobe Reader (or a compatible tool) is necessary to view or print the VeraCrypt User's Guide. Adobe Reader (freeware) can be downloaded at: www.adobe.com\n\nDo you want to view the online documentation instead? + Če izberete to možnost, Vam bo čarovnik prvo pomagal ustvariti običajen VeraCrypt-ov zbirnik, nato pa še skritega znotraj njega. Neizkušeni uporabniki bi morali zmeraj uporabiti to možnost. + Če izberete to možnost, boste ustvarili skriti zbirnik znotraj obstoječega VeraCrypt-ovega zbirnika. Predvideva se, da ste si že ustvarili TruCrypt-ov zbirnik, ki je primeren za gostovanje skritega. + Način ustvarjanja zbirnika + Skriti zbirnik je ustvarjen + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + Zunanji zbirnik je bil uspešno ustvarjen in priklopljen kot pogon %hc:. Na ta zbirnik lahko sedaj prekopirate nekaj na videz občutljivih datotek, ki jih pravzaprav NE želite skriti. Datoteke se bodo nahajale tam za na ogled vsakomur, ki Vas bo prisilil v razkritje Vašega gesla. Razkrili boste geslo samo za ta zunanji zbirnik, ne pa za skritega. Datoteke, za katere Vam je pa res mar, bodo pa shranjene v skritem zbirniku, ki ga boste ustvarili v nadaljevanju. Ko končate s kopiranjem kliknite Naprej. Ne odklopite zbirnika.\n\nNote: Potem ko kliknete Naprej bodo grozdi o prostih informacijah od zunanjega zbirnika pregledani, da se ugotovi velikost neprekinjenega dela nezasedenega prostora, čigar konec je poravnan s koncem zbirnika. Ta prostor bo gostil skriti zbirnik tako da bo omejil njegovo najvišjo možno velikost. Pregledovanje grozdov o prostih informacijah zagotavlja, da se ne bodo prepisovali podatki iz skritega zbirnika na zunanjega. + Vsebina zunanjega zbirnika + \n\nV naslednjih korakih boste nastavili možnosti za zunanji zbirnik (znotraj katerega bo ustvarjen skriti zbirnik v nadaljevanju). + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + Zunanji zbirnik + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nGrozdi o prostih informacijah od zbirnika so bili pregledani in najvišja možna velikost skritega zbirnika je bila ugotovljena. V naslednjih korakih boste nastavili možnosti, velikost in geslo za skriti zbirnik. + Skriti zbirnik + The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + Your computer must be restarted.\n\nDo you want to restart it now? + An error occurred when obtaining the system encryption status. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Cannot initialize application components for system encryption. + Failed to initialize the random number generator!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Unable to initialize the application. Failed to register the Dialog class. + Error: Failed to load the Rich Edit system library. + VeraCrypt-ov čarovnik za ustvar. zbirnika + Najvišja možna velikost skritega zbirnika za ta zbirnik je %.2f bajtov. + Najvišja možna velikost skritega zbirnika za ta zbirnik je %.2f KB. + Najvišja možna velikost skritega zbirnika za ta zbirnik je %.2f MB. + Najvišja možna velikost skritega zbirnika za ta zbirnik je %.2f GB. + Najvišja možna velikost skritega zbirnika za ta zbirnik je %.2f TB. + Geslo ali ključne datoteke zbirnika ni moč spreminjati medtem ko je zbirnik priklopljen. Prosim, da slednjega prvo odklopite. + Izpeljani algoritem iz ključa glave ni možno spreminjati medtem ko je zbirnik prikljopljen. Prosim, da slednjega prvo odklopite. + &Priklopi + Novejša različica programa VeraCrypt je potrebna, da lahko priklopite ta zbirnik. + Error: Volume Creation Wizard not found.\n\nPlease make sure that the file 'VeraCrypt Format.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCrypt Format.exe' on your disk and run it. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Naprej > + &Finish + &Install + E&xtract + Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. + Error occurred when loading/preparing fonts. + The drive letter was not found or no drive letter was specified. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Drive letter not available. + No file selected! + No drive letters available. + No free drive letter for the outer volume! Volume creation cannot continue. + Could not determine your operating system version or you are using an unsupported operating system. + No path selected! + Not enough free space for the hidden volume! Volume creation cannot continue. + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + The driver is unable to dismount the volume. Some files located on the volume are probably still open. + Unable to lock the volume. There are still open files on the volume. Therefore, it cannot be dismounted. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + Izberi VeraCrypt-ov zbirnik + Specify Path and File Name + Select PKCS #11 Library + Out of Memory + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? + PREVIDNO: VSE DATOTEKE, KI SO TRENUTNO SHRANJENE NA IZBRANEM RAZDELKU %s '%s'%s BODO POBRISANE IN IZGUBLJENE (NE BODO ŠIFRIRANE) !\n\nAli ste prepričani, da želite nadaljevati s formatiranjem ? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + Geslo + PIM + Nastavi izpeljani algoritem iz ključa glave + Add/Remove Keyfiles to/from Volume + Remove All Keyfiles from Volume + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Keyfile(s) successfully added/removed. + Keyfile exported. + Header key derivation algorithm successfully set. + Prosim, da vnesete geslo in/ali ključno datoteko(e) za nesistemski zbirnik kjer želite nadaljevati proces šifriranja na mestu.\n\n\nOpomba: Potem ko kliknete Naprej bo VeraCrypt poizkusil najti vse nesistemske zbirnike kjer je bil proces šifriranja prekinjen in kjer je lahko glava VeraCrypt-ovega zbirnika dešifrirana z uporabo priloženega gesla in/ali ključne(ih) datotek(e). Če je najden več kot eden tovrsten zbirnik, potem boste morali izbrati enega izmed teh v naslednjem koraku. + Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + Zelo pomembno je, da si izberete dobro geslo. Izogibajte se izbire gesla, ki vsebuje samo eno besedo in slednjo se da najti v slovarju (ali kombinacijo dveh, treh ali štirih tovrstnih besed). Naj tudi ne vsebuje kakršnihkoli imen ali datumov rojstva. Geslo naj ne bo lahko za uganjevanje. Dobro geslo je naključna kombinacija črk z veliko in malo začetnico, številk in posebnih znakov, kot @ ^ = $ * + itn. Pri izbiri gesla priporočamo sestavo le-tega iz več kot 20 znakov (daljše kot je, bolje je). Najvišja možna dolžina je 64 znakov. + Prosim, da si izberete geslo za skriti zbirnik. + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + Prosim, da vnesete geslo za zbirnik znotraj katerega želite ustvariti skritega.\n\nPotem ko kliknete Naprej bo VeraCrypt poizkusil priklopiti zbirnik. Čim ko bo slednji priklopljen, bodo njegovi grozdi o prostih informacijah pregledani zato, da se ugotovi velikost neprekinjenega nezasedenega prostora (če ga je kje), čigar konec je poravnan s koncem zbirnika. Ta prostor bo gostil skriti zbirnik in tako torej omejil njegovo najvišjo možno velikost. Pregledovanje zemljevida grozdov je potrebno zato, da podatki iz skritega zbirnika ne bodo prepisali zunanjega. + \nProsim, da si izberete geslo za zunanji zbirnik. Slednjega boste lahko razkrili nasprotniku, če boste povprašani po njem ali prisiljeni v to.\n\nPOMEMBNO: Geslo mora biti bistveno drugačno od tistega, ki si ga boste izbrali za skriti zbirnik.\n\nOpomba: Najvišja možna dolžina gesla znaša 64 znakov. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + Geslo zunanjega zbirnika + Geslo za skriti zbirnik + Password for Hidden Operating System + OPOZORILO: Kratka gesla je lahko razbiti z tehniko pretentanja kriptografske sheme z uporabo več možnosti dešifriranja vsebine !\n\nPriporočamo izbiro gesla, ki ga sestavlja več kot 20 znakov. Ste prepričani, da želite uporabiti krajše geslo ? + Geslo za zbirnik + Napačno geslo ali pa se ne gre za VeraCrypt-ov zbirnik. + Incorrect keyfile(s) and/or password or not a VeraCrypt volume. + Wrong mount mode, incorrect password, or not a VeraCrypt volume. + Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. + Incorrect password or no VeraCrypt volume found. + Incorrect keyfile(s)/password or no VeraCrypt volume found. + \n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Nazaj + Unable to list raw devices installed on your system! + The volume '%s' exists, and is read-only. Are you sure you want to replace it? + Select destination directory + Select Keyfile + Select a keyfile search path. WARNING: Note that only the path will be remembered, not the filenames! Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Zasnoval ga je Ross Anderson, Eli Biham in Lars Knudsen. Objavljen je bil leta 1998. Uporablja 256-bitni ključ in 128-bitni blok. Način delovanja je XTS. Serpent je bil eden izmed AES-ovih finalistov. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Velikost zunanjega zbirnika - Velikost skritega zbirnika - Prosim, da potrdite da je velikost izbrane naprave/razdelka, navedene-ga zgoraj, pravilna in nato kliknite Naprej. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Velikost zbirnika - Dinamično - CAUTION: SELF-TEST FAILED! - Self-tests of all algorithms passed - The data unit number that you supplied is too long or short. - The secondary key that you supplied is too long or short. - The test ciphertext you have supplied is too long or short. - The test key you have supplied is too long or short. - The test plaintext you have supplied is too long or short. - Dve šifri, ki se izvajata kaskadno v XTS načinu. Vsak blok je prvo šifriran z %s (%d-bitni ključ) in nato z %s (%d-bitni ključ). Vsaka šifra uporablja svoj ključ. Vsi ključi so si med seboj neodvisni. - Tri šifre, ki se izvajajo kaskadno v XTS načinu. Vsak blok je prvo šifriran z %s (%d-bitni ključ), zatem z %s (%d-bitni ključ) in končno z %s (%d-bitni ključ). Vsaka šifra uporablja svoj ključ. Vsi ključi so si med seboj neodvisni. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt Traveler Disk - Zasnoval ga je Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall in Niels Ferguson. Objavljen je bil leta 1998. Uporablja 256-bitni ključ in 128-bitni blok. Način delovanja je XTS. Twofish je bil eden izmed AES-ovih finalistov. - Več informacij o %s - Unknown - An unspecified or unknown error occurred (%d). - Some volumes contain files or folders being used by applications or system.\n\nForce dismount? - &Odklopi - Dismount failed! - Zbirnik vsebuje datoteke ali mape, ki so trenutno v uporabi drugega programa ali sistema.\n\nNaj odklopim na silo ? - No volume is mounted to the specified drive letter. - The volume you are trying to mount is already mounted. - An error occurred when attempting to mount volume. - Error seeking location within volume. - Error: Incorrect volume size. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt cannot change the password for a foreign volume. - Prosim, da izberete prost pogon iz seznama. - Please select a mounted volume in the drive letter list. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Error: Cannot create autorun.inf - Error while processing keyfile! - Error processing keyfile path! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt does not support this operating system. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Error: Cannot allocate memory. - Error: Could not retrieve value of performance counter. - Error: Bad volume format. - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - Legal Notices - All Files - VeraCrypt Volumes - Library Modules - NTFS formatting cannot continue. - Cannot mount volume. - Cannot dismount volume. - Windows failed to format the volume as NTFS.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). - Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? - Privzeto - partition - PARTITION - Naprava - device - DEVICE - Zbirnik - Zbirnik - ZBIRNIK - Label - The selected cluster size is too small for this volume size. A greater cluster size will be used instead. - Error: Cannot get volume size!\n\nMake sure the selected volume is not being used by the system or an application. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. - Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. - Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). - Zabeležite si, da je FAT datotečni sistem bolj primeren za zunanje zbirnike kot NTFS datotečni sistem. Kot primer, največja možna velikost zunanjega zbirnika bo zelo verjetno znatno večja, če bo zunanji zbirnik formatiran kot FAT (razlog za to je, da NTFS datotečni sistem vedno shranjuje notranje podatke točno na sredini zbirnika, torej skriti zbirnik se lahko nahaja samo v drugi polovici zunanjega zbirnika).\n\nSte prepričani, da želite zunanji zbirnik formatirati kot NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. - Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. - Error: Cannot access the outer volume! Volume creation cannot continue. - Error: Cannot mount the outer volume! Volume creation cannot continue. - Error: Cannot get volume cluster bitmap! Volume creation cannot continue. - Abecedno/Kategorizirano - Povprečna hitrost (Padajoče) - Algoritem - Šifriranje - Dešifriranje - Povprečje - Pogon - Velikost - Šifrirni algoritem - Šifrirni algoritem - Tip - Vrednost - Lastnost - Mesto - bajtov - Skriti - Outer - Običajen - System - Hidden (system) - Samo za branje - System drive - System drive (encrypting - %.2f%% done) - System drive (decrypting - %.2f%% done) - System drive (%.2f%% encrypted) - System partition - Hidden system partition - System partition (encrypting - %.2f%% done) - System partition (decrypting - %.2f%% done) - System partition (%.2f%% encrypted) - Yes (damage prevented!) - Nič - Velikost primarnega ključa - Velikost sekundarnega ključa (XTS način) - Tweak Key Size (LRW Mode) - bitov - Velikost bloka - PKCS-5 PRF - PKCS-5 Iteration Count - Volume Created - Header Last Modified - (%I64d days ago) - Različica formata zbirnika - Vgrajena pomožna glava - VeraCrypt Boot Loader Version - prvi možni - Removable Disk - Harddisk - Nespremenjeno - Autodetection - Wizard Mode - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Setup Options - Here you can set various options to control the installation process. - Installing - Please wait while VeraCrypt is being installed. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Extraction Options - Here you can set various options to control the extraction process. - Please wait while files are being extracted. - Files successfully extracted - All files have been successfully extracted to the destination location. - If the specified folder does not exist, it will be automatically created. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Do you want to view release notes for the current (latest stable) version of VeraCrypt? - If you have never used VeraCrypt before, we recommend that you read the chapter Beginner's Tutorial in the VeraCrypt User Guide. Do you want to view the tutorial? - Please select an action to perform from the following: - Repair/Reinstall - Upgrade - Uninstall - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - Installation failed. - Uninstallation failed. - This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). - Cannot write file %s - Extracting - Cannot read data from the package. - Cannot verify the integrity of this distribution package. - Extraction failed. - The installation has been rolled back. - VeraCrypt has been successfully installed. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt has been successfully uninstalled.\n\nClick 'Finish' to remove the VeraCrypt installer and the folder %s. Note that the folder will not be removed if it contains any files that were not installed by the VeraCrypt installer or created by VeraCrypt. - Removing VeraCrypt registry entries - Adding registry entry - Removing application-specific data - Installing - Stopping - Removing - Adding icon - Creating System Restore point - Failed to create System Restore point! - Updating boot loader - Failed to install '%s'. %s\nDo you want to continue installing? - Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? - Installation completed. - The folder '%s' could not be created - The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. - All VeraCrypt volumes must be dismounted before installing or uninstalling VeraCrypt. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - The installation of the registry entries has failed - The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. - Starting VeraCrypt device driver - Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). - Installing VeraCrypt device driver - Stopping VeraCrypt device driver - Uninstalling VeraCrypt device driver - Registration of the User Account Control support library failed. - Unregistration of the User Account Control support library failed. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - Error: Cannot display license. - Outer(!) - dan-i - ur-o-i-e - min. - sek. - Odpri - Odklopi - Show VeraCrypt - Hide VeraCrypt - Prebrani podatki odkar je bil izveden priklop - Zapisani podatki odkar je bil izveden priklop - Encrypted Portion - 100% (fully encrypted) - 0% (not encrypted) - %.3f%% - 100% - Waiting - Preparing - Resizing - Encrypting - Decrypting - Finalizing - Paused - Finished - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Vnesite geslo za %s - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - Keyfile has been successfully created. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). - The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. - The VeraCrypt Rescue Disk has been successfully verified. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Error creating VeraCrypt Rescue Disk. - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Prosim, da prvo odklopite zbirnik preden nadaljujete. - Error: Cannot set timer. - Preglej datotečni sistem - Popravi datotečni sistem - Add to Favorites... - Add to System Favorites... - P&roperties... - Zaščiten, skriti zbirnik - Ni omogočeno/na voljo - Da - Ne - Disabled - Eden - Dva ali več - Način delovanja - Label: - Size: - Path: - Drive Letter: - Napaka: Geslo mora vsebovati samo ASCII znake.\n\nZnaki, ki niso ASCII narave in so vsebovani v geslu lahko povzročijo, da bo zbirnik nemogoče priklopiti, ko se bodo spremenile Vaše sistemske nastavitve.\n\nSledeči znaki so dovoljeni:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Warning: Password contains non-ASCII characters. This may cause the volume to be impossible to mount when your system configuration changes.\n\nYou should replace all non-ASCII characters in the password with ASCII characters. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nThe following are ASCII characters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Homepage - WARNING: It appears that you have not applied any Service Pack to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows XP to which you did not apply Service Pack 1 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt. - WARNING: It appears that you have not applied Service Pack 3 or later to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows 2000 to which you did not apply Service Pack 3 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt.\n\nNote: You may also need to enable the 48-bit LBA support in the registry; for more information, see http://support.microsoft.com/kb/305098/EN-US - WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - OPOZORILO: Če hočete, da bi lahko v prihodnosti dodali več podatkov/datotek v zunanji zbirnik, potem bi morali razmisliti o izbiri manjše velikosti za skriti zbirnik.\n\nAli ste prepričani, da želite nadaljevati z izbrano velikostjo ? - Nobeden zbirnik ni izbran.\n\nKliknite 'Izberi napravo' ali 'Izberi datoteko', da lahko izberete VeraCrypt zbirnik. - Nobeden razdelek ni izbran.\n\nKliknite 'Izberi napravo', da lahko izberete nepriklopljen razdelek, ki običajno zahteva predzagonsko overitev (npr. razdelek, ki se nahaja na šifriranem sistemskem disku drugega operacijskega sistema, ki se ne zaganja ali šifrirani sistemski razdelek drugega operacijskega sistema).\n\nOpomba: Izbrani razdelek bo priklopljen kot običajen VeraCrypt zbirnik brez predzagonske overitve. To je uporabno za, npr. rezervne ali popravljalne postopke. - WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? - Samopriklopi naprave - Odklopi vse - Pobriši vsebino v predpomnilniku - Odklopi vse in pobriši vsebino v predpomnilniku - Prisilno odklopi vse in pobriši vsebino v predpomnilniku - Prisilno odklopi vse, pobriši vsebino v predpomnilniku in izhod iz programa - Priklopi priljubljene zbirnike - Pokaži/Skrij glavno okno VeraCrypt-a - (Click here and press a key) - Ukrep - Bližnjica - Error: This shortcut is reserved. Please choose a different shortcut. - Error: Shortcut already in use. - WARNING: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - WARNING: If this option is disabled, volumes containing open files/directories will not be possible to auto-dismount.\n\nAre you sure you want to disable this option? - WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Exit? - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. - Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. - Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. - Error: Failed to interrupt the process of wiping. - Error: Failed to resume the process of encryption/decryption of the system partition/drive. - Error: Failed to start the process of wiping. - Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - WARNING: VeraCrypt Background Task is disabled. After you exit VeraCrypt, you will not be notified if damage to hidden volume is prevented.\n\nNote: You may shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nEnable VeraCrypt Background Task? - Različica jezikovnega paketa: %s - Checking the file system on the VeraCrypt volume mounted as %s... - Attempting to repair the file system on the VeraCrypt volume mounted as %s... - Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. - Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E - Please assign a drive letter to the partition/device before proceeding ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nNote that this is a requirement of the operating system. - Mount VeraCrypt volume - Dismount all VeraCrypt volumes - VeraCrypt failed to obtain Administrator privileges. - Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. - The feature is not supported on the version of the operating system you are currently using. - VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. - CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). - Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - Your system partition/drive appears to be fully encrypted. - VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Ali želite šifrirati sistemski razdelek namesto celotnega trdega diska ?\n\nZabeležite si, da lahko ustvarite gostujoče VeraCrypt-ove zbirnike na razdelku znotraj kateregakoli nesistemskega razdelka na trdem disku (poleg šifriranja sistemskega razdelka). - As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - This algorithm is currently not supported for system encryption. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. - Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. - As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. - VeraCrypt je preprečil spremembo postavitve tipkovnice. - Opomba: Geslo se bo moralo vtipkati v predzagonskem okolju (preden se Okna zaženejo), kjer ni možna postavitev neameriških Okenskih tipkovnic. Tako torej se mora geslo vedno vtipkati z uporabo standardne postavitve ameriške tipkovnice. Čeprav je pa pomembno, da si zabeležite, da dejansko NE potrebujete ameriške tipkovnice. VeraCrypt samodejno zagotavlja, da lahko varno vtipkate geslo (takoj in v predzagonskem okolju) četudi NIMATE prave ameriške tipkovnice. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - Error: Cannot save system encryption settings. - Cannot initiate the system encryption pretest. - Cannot initiate the process of creation of the hidden operating system. - Wipe Mode - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - None (fastest) - 1-pass (random data) - 3-pass (US DoD 5220.22-M) - 7-pass (US DoD 5220.22-M) - 35-pass ("Gutmann") - 256-pass - Število operacijskih sistemov - OPOZORILO: Neizkušeni uporabniki naj ne bi nikoli poizkušali šifrirati Okna v nastavitvi poljubnega zagona.\n\nNadaljujem? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Zagonski pogon - Je trenutno zaganjajoči operacijski sistem naložen na zagonskem pogonu?\n\nOpomba: Včasih Okna niso naložena na istem pogonu kot zagonski program Oken (zagonski razdelek). Če so to tovrstne okoliščine (kot navedeno), potem izberite možnost 'Ne'. - VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. - Število sistemskih pogonov - Koliko pogonov vsebuje operacijski sistem?\n\nOpomba: Na primer, če imate katerikoli operacijski sistem (npr., Okna Mac OS X, Linux, itn.) naložen na Vašem primarnem pogonu in če imate še kateri dodatni operacijski sistem naložen na Vašem sekundarnem pogonu, izberite možnost 'Dva ali več'. - VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. - Multiple Systems on Single Drive - Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. - Non-Windows Boot Loader - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - Multi-Boot - VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Tip sistemskega šifriranja - Izberite to možnost če želite samo šifrirati sistemski razdelek ali celoten trdi disk. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Skriti operacijski sistem - V nadaljnih korakih boste ustvarili dva VeraCrypt-ova zbirnika (zunanji in skriti) znotraj prvega razdelka zadaj, za sistemskim razdelkom. Skriti zbirnik bo vseboval skriti operacijski sistem (OS). VeraCrypt bo ustvaril skriti OS s kopiranjem vsebine sistemskega razdelka (kjer je naložen trenutno zaganjajoči-se OS) v skriti zbirnik. Na zunanji zbirnik boste pa prekopirali na videz nekaj občutljivih datotek, katerih dejansko NE želite skriti. Datoteke bodo tam na ogled vsakomur, ki bo Vas silil v razkritje gesla do Vašega skritega razdelka z OS. Lahko razkrijete geslo za zunanji zbirnik znotraj skritega OS razdelka (obstoj skritega OS ostaja skrivnost).\n\nV zaključku boste na razdelek trenutno zaganjajočega-se OS naložili nov OS, ki bo imel vlogo vabe in ga boste tudi šifrirali. Slednji ne sme vsebovati občutljivih podatkov in bo tako tam za vsakogar na ogled, ki bo od Vas zahteval-a razkritje Vašega predzagonskega overitvenega gesla. V celoti nastavite tri gesla. Dva od njih lahko razkrijete (za OS vloge vabe in za zunanji zbirnik). Če uporabite tretjega, se bo skriti OS zagnal. - Detecting Hidden Sectors - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - Mesto za šifrirati - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Zbiranje naključnih podatkov - Ključi proizvedeni - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Zapisovanje Rešilnega Diska - Rescue Disk Created - System Encryption Pretest - Rescue Disk Verified - \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? - Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Pretest Completed - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - Do you want to cancel the system encryption pretest? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - Sistemski razdelek/pogon očitno ni šifriran (ne deloma ali v celoti). - Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. - Eden primer VeraCrypt-ovega čarovnika za ustvarjanje zbirnikov je trenutno na tem sistemu zagnan in izvaja ali pripravlja šifriranje/dešifriranje sistemskega razdelka/pogona. Preden nadaljujete prosim, da počakate da le-ta zaključi in ga nato zaprite. Če ga pa ne morete zapreti, potem pa prosim, da ponovno zaženete računalnik preden nadaljujete. - The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. - Error: The process of encryption of the partition/drive has not been completed. It must be completed first. - Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - Error: Incorrect/invalid parameter. - You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? - Ali želite ustvariti rajši VeraCrypt-ov kontejner ? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Are you sure you want to permanently decrypt the system partition/drive? - CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Failed to upgrade the VeraCrypt Boot Loader. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. - Skip detection of hidden sectors (use the size reported by the operating system) - Try to detect hidden sectors again - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - Zato da lahko VeraCrypt-u omogočite dostop do varnostega žetona ali pametne kartice, morate prvo izbrati programsko knjižico PKCS#11 za varnostni žeton ali pametno kartico. Tovrstna knjižica je lahko priložena z napravo ali pa si jo je možno shraniti iz spletne strani proizvajalca ali drugih tretjih strani.\n\nPotem ko si naložite knjižico, jo lahko ali ročno izberete preko 'Izberi knjižico' ali pa dovolite VeraCrypt-u, da jo sam najde in samodejno izbere z klikom na 'Samodejno zaznaj knjižico' (samo sistemski direktorij Oken bo preiskan). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - Zato da lahko VeraCryptu omogočite dostop do varnostnega žetona ali pametne kartice, morate prvo izbrati programsko knjižico PKCS#11 za varnostni žeton ali pametno kartico. To lahko storite tako, da izberete 'Nastavitve' > 'Varnostni žetoni'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - Vse odprte varnostne žetonske seje so bile zaprte. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Rešilni Disk - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted + The current container file was selected as a keyfile. It will be skipped. + Zasnoval ga je Ross Anderson, Eli Biham in Lars Knudsen. Objavljen je bil leta 1998. Uporablja 256-bitni ključ in 128-bitni blok. Način delovanja je XTS. Serpent je bil eden izmed AES-ovih finalistov. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Velikost zunanjega zbirnika + Velikost skritega zbirnika + Prosim, da potrdite da je velikost izbrane naprave/razdelka, navedene-ga zgoraj, pravilna in nato kliknite Naprej. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Velikost zbirnika + Dinamično + CAUTION: SELF-TEST FAILED! + Self-tests of all algorithms passed + The data unit number that you supplied is too long or short. + The secondary key that you supplied is too long or short. + The test ciphertext you have supplied is too long or short. + The test key you have supplied is too long or short. + The test plaintext you have supplied is too long or short. + Dve šifri, ki se izvajata kaskadno v XTS načinu. Vsak blok je prvo šifriran z %s (%d-bitni ključ) in nato z %s (%d-bitni ključ). Vsaka šifra uporablja svoj ključ. Vsi ključi so si med seboj neodvisni. + Tri šifre, ki se izvajajo kaskadno v XTS načinu. Vsak blok je prvo šifriran z %s (%d-bitni ključ), zatem z %s (%d-bitni ključ) in končno z %s (%d-bitni ključ). Vsaka šifra uporablja svoj ključ. Vsi ključi so si med seboj neodvisni. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt Traveler Disk + Zasnoval ga je Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall in Niels Ferguson. Objavljen je bil leta 1998. Uporablja 256-bitni ključ in 128-bitni blok. Način delovanja je XTS. Twofish je bil eden izmed AES-ovih finalistov. + Več informacij o %s + Unknown + An unspecified or unknown error occurred (%d). + Some volumes contain files or folders being used by applications or system.\n\nForce dismount? + &Odklopi + Dismount failed! + Zbirnik vsebuje datoteke ali mape, ki so trenutno v uporabi drugega programa ali sistema.\n\nNaj odklopim na silo ? + No volume is mounted to the specified drive letter. + The volume you are trying to mount is already mounted. + An error occurred when attempting to mount volume. + Error seeking location within volume. + Error: Incorrect volume size. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt cannot change the password for a foreign volume. + Prosim, da izberete prost pogon iz seznama. + Please select a mounted volume in the drive letter list. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Error: Cannot create autorun.inf + Error while processing keyfile! + Error processing keyfile path! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt does not support this operating system. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Error: Cannot allocate memory. + Error: Could not retrieve value of performance counter. + Error: Bad volume format. + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - Legal Notices + All Files + VeraCrypt Volumes + Library Modules + NTFS formatting cannot continue. + Cannot mount volume. + Cannot dismount volume. + Windows failed to format the volume as NTFS.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). + Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? + Privzeto + partition + PARTITION + Naprava + device + DEVICE + Zbirnik + Zbirnik + ZBIRNIK + Label + The selected cluster size is too small for this volume size. A greater cluster size will be used instead. + Error: Cannot get volume size!\n\nMake sure the selected volume is not being used by the system or an application. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. + Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. + Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). + Zabeležite si, da je FAT datotečni sistem bolj primeren za zunanje zbirnike kot NTFS datotečni sistem. Kot primer, največja možna velikost zunanjega zbirnika bo zelo verjetno znatno večja, če bo zunanji zbirnik formatiran kot FAT (razlog za to je, da NTFS datotečni sistem vedno shranjuje notranje podatke točno na sredini zbirnika, torej skriti zbirnik se lahko nahaja samo v drugi polovici zunanjega zbirnika).\n\nSte prepričani, da želite zunanji zbirnik formatirati kot NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. + Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. + Error: Cannot access the outer volume! Volume creation cannot continue. + Error: Cannot mount the outer volume! Volume creation cannot continue. + Error: Cannot get volume cluster bitmap! Volume creation cannot continue. + Abecedno/Kategorizirano + Povprečna hitrost (Padajoče) + Algoritem + Šifriranje + Dešifriranje + Povprečje + Pogon + Velikost + Šifrirni algoritem + Šifrirni algoritem + Tip + Vrednost + Lastnost + Mesto + bajtov + Skriti + Outer + Običajen + System + Hidden (system) + Samo za branje + System drive + System drive (encrypting - %.2f%% done) + System drive (decrypting - %.2f%% done) + System drive (%.2f%% encrypted) + System partition + Hidden system partition + System partition (encrypting - %.2f%% done) + System partition (decrypting - %.2f%% done) + System partition (%.2f%% encrypted) + Yes (damage prevented!) + Nič + Velikost primarnega ključa + Velikost sekundarnega ključa (XTS način) + Tweak Key Size (LRW Mode) + bitov + Velikost bloka + PKCS-5 PRF + PKCS-5 Iteration Count + Volume Created + Header Last Modified + (%I64d days ago) + Različica formata zbirnika + Vgrajena pomožna glava + VeraCrypt Boot Loader Version + prvi možni + Removable Disk + Harddisk + Nespremenjeno + Autodetection + Wizard Mode + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Setup Options + Here you can set various options to control the installation process. + Installing + Please wait while VeraCrypt is being installed. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Extraction Options + Here you can set various options to control the extraction process. + Please wait while files are being extracted. + Files successfully extracted + All files have been successfully extracted to the destination location. + If the specified folder does not exist, it will be automatically created. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Do you want to view release notes for the current (latest stable) version of VeraCrypt? + If you have never used VeraCrypt before, we recommend that you read the chapter Beginner's Tutorial in the VeraCrypt User Guide. Do you want to view the tutorial? + Please select an action to perform from the following: + Repair/Reinstall + Upgrade + Uninstall + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + Installation failed. + Uninstallation failed. + This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). + Cannot write file %s + Extracting + Cannot read data from the package. + Cannot verify the integrity of this distribution package. + Extraction failed. + The installation has been rolled back. + VeraCrypt has been successfully installed. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt has been successfully uninstalled.\n\nClick 'Finish' to remove the VeraCrypt installer and the folder %s. Note that the folder will not be removed if it contains any files that were not installed by the VeraCrypt installer or created by VeraCrypt. + Removing VeraCrypt registry entries + Adding registry entry + Removing application-specific data + Installing + Stopping + Removing + Adding icon + Creating System Restore point + Failed to create System Restore point! + Updating boot loader + Failed to install '%s'. %s\nDo you want to continue installing? + Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? + Installation completed. + The folder '%s' could not be created + The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. + All VeraCrypt volumes must be dismounted before installing or uninstalling VeraCrypt. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + The installation of the registry entries has failed + The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. + Starting VeraCrypt device driver + Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). + Installing VeraCrypt device driver + Stopping VeraCrypt device driver + Uninstalling VeraCrypt device driver + Registration of the User Account Control support library failed. + Unregistration of the User Account Control support library failed. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + Error: Cannot display license. + Outer(!) + dan-i + ur-o-i-e + min. + sek. + Odpri + Odklopi + Show VeraCrypt + Hide VeraCrypt + Prebrani podatki odkar je bil izveden priklop + Zapisani podatki odkar je bil izveden priklop + Encrypted Portion + 100% (fully encrypted) + 0% (not encrypted) + %.3f%% + 100% + Waiting + Preparing + Resizing + Encrypting + Decrypting + Finalizing + Paused + Finished + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Vnesite geslo za %s + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + Keyfile has been successfully created. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). + The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. + The VeraCrypt Rescue Disk has been successfully verified. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Error creating VeraCrypt Rescue Disk. + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Prosim, da prvo odklopite zbirnik preden nadaljujete. + Error: Cannot set timer. + Preglej datotečni sistem + Popravi datotečni sistem + Add to Favorites... + Add to System Favorites... + P&roperties... + Zaščiten, skriti zbirnik + Ni omogočeno/na voljo + Da + Ne + Disabled + Eden + Dva ali več + Način delovanja + Label: + Size: + Path: + Drive Letter: + Napaka: Geslo mora vsebovati samo ASCII znake.\n\nZnaki, ki niso ASCII narave in so vsebovani v geslu lahko povzročijo, da bo zbirnik nemogoče priklopiti, ko se bodo spremenile Vaše sistemske nastavitve.\n\nSledeči znaki so dovoljeni:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Warning: Password contains non-ASCII characters. This may cause the volume to be impossible to mount when your system configuration changes.\n\nYou should replace all non-ASCII characters in the password with ASCII characters. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nThe following are ASCII characters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Homepage + WARNING: It appears that you have not applied any Service Pack to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows XP to which you did not apply Service Pack 1 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt. + WARNING: It appears that you have not applied Service Pack 3 or later to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows 2000 to which you did not apply Service Pack 3 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt.\n\nNote: You may also need to enable the 48-bit LBA support in the registry; for more information, see http://support.microsoft.com/kb/305098/EN-US + WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + OPOZORILO: Če hočete, da bi lahko v prihodnosti dodali več podatkov/datotek v zunanji zbirnik, potem bi morali razmisliti o izbiri manjše velikosti za skriti zbirnik.\n\nAli ste prepričani, da želite nadaljevati z izbrano velikostjo ? + Nobeden zbirnik ni izbran.\n\nKliknite 'Izberi napravo' ali 'Izberi datoteko', da lahko izberete VeraCrypt zbirnik. + Nobeden razdelek ni izbran.\n\nKliknite 'Izberi napravo', da lahko izberete nepriklopljen razdelek, ki običajno zahteva predzagonsko overitev (npr. razdelek, ki se nahaja na šifriranem sistemskem disku drugega operacijskega sistema, ki se ne zaganja ali šifrirani sistemski razdelek drugega operacijskega sistema).\n\nOpomba: Izbrani razdelek bo priklopljen kot običajen VeraCrypt zbirnik brez predzagonske overitve. To je uporabno za, npr. rezervne ali popravljalne postopke. + WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? + Samopriklopi naprave + Odklopi vse + Pobriši vsebino v predpomnilniku + Odklopi vse in pobriši vsebino v predpomnilniku + Prisilno odklopi vse in pobriši vsebino v predpomnilniku + Prisilno odklopi vse, pobriši vsebino v predpomnilniku in izhod iz programa + Priklopi priljubljene zbirnike + Pokaži/Skrij glavno okno VeraCrypt-a + (Click here and press a key) + Ukrep + Bližnjica + Error: This shortcut is reserved. Please choose a different shortcut. + Error: Shortcut already in use. + WARNING: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + WARNING: If this option is disabled, volumes containing open files/directories will not be possible to auto-dismount.\n\nAre you sure you want to disable this option? + WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Exit? + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. + Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. + Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. + Error: Failed to interrupt the process of wiping. + Error: Failed to resume the process of encryption/decryption of the system partition/drive. + Error: Failed to start the process of wiping. + Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + WARNING: VeraCrypt Background Task is disabled. After you exit VeraCrypt, you will not be notified if damage to hidden volume is prevented.\n\nNote: You may shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nEnable VeraCrypt Background Task? + Različica jezikovnega paketa: %s + Checking the file system on the VeraCrypt volume mounted as %s... + Attempting to repair the file system on the VeraCrypt volume mounted as %s... + Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. + Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E + Please assign a drive letter to the partition/device before proceeding ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nNote that this is a requirement of the operating system. + Mount VeraCrypt volume + Dismount all VeraCrypt volumes + VeraCrypt failed to obtain Administrator privileges. + Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. + The feature is not supported on the version of the operating system you are currently using. + VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. + CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). + Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + Your system partition/drive appears to be fully encrypted. + VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Ali želite šifrirati sistemski razdelek namesto celotnega trdega diska ?\n\nZabeležite si, da lahko ustvarite gostujoče VeraCrypt-ove zbirnike na razdelku znotraj kateregakoli nesistemskega razdelka na trdem disku (poleg šifriranja sistemskega razdelka). + As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + This algorithm is currently not supported for system encryption. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. + Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. + As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. + VeraCrypt je preprečil spremembo postavitve tipkovnice. + Opomba: Geslo se bo moralo vtipkati v predzagonskem okolju (preden se Okna zaženejo), kjer ni možna postavitev neameriških Okenskih tipkovnic. Tako torej se mora geslo vedno vtipkati z uporabo standardne postavitve ameriške tipkovnice. Čeprav je pa pomembno, da si zabeležite, da dejansko NE potrebujete ameriške tipkovnice. VeraCrypt samodejno zagotavlja, da lahko varno vtipkate geslo (takoj in v predzagonskem okolju) četudi NIMATE prave ameriške tipkovnice. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + Error: Cannot save system encryption settings. + Cannot initiate the system encryption pretest. + Cannot initiate the process of creation of the hidden operating system. + Wipe Mode + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + None (fastest) + 1-pass (random data) + 3-pass (US DoD 5220.22-M) + 7-pass (US DoD 5220.22-M) + 35-pass ("Gutmann") + 256-pass + Število operacijskih sistemov + OPOZORILO: Neizkušeni uporabniki naj ne bi nikoli poizkušali šifrirati Okna v nastavitvi poljubnega zagona.\n\nNadaljujem? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Zagonski pogon + Je trenutno zaganjajoči operacijski sistem naložen na zagonskem pogonu?\n\nOpomba: Včasih Okna niso naložena na istem pogonu kot zagonski program Oken (zagonski razdelek). Če so to tovrstne okoliščine (kot navedeno), potem izberite možnost 'Ne'. + VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. + Število sistemskih pogonov + Koliko pogonov vsebuje operacijski sistem?\n\nOpomba: Na primer, če imate katerikoli operacijski sistem (npr., Okna Mac OS X, Linux, itn.) naložen na Vašem primarnem pogonu in če imate še kateri dodatni operacijski sistem naložen na Vašem sekundarnem pogonu, izberite možnost 'Dva ali več'. + VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. + Multiple Systems on Single Drive + Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. + Non-Windows Boot Loader + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + Multi-Boot + VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Tip sistemskega šifriranja + Izberite to možnost če želite samo šifrirati sistemski razdelek ali celoten trdi disk. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Skriti operacijski sistem + V nadaljnih korakih boste ustvarili dva VeraCrypt-ova zbirnika (zunanji in skriti) znotraj prvega razdelka zadaj, za sistemskim razdelkom. Skriti zbirnik bo vseboval skriti operacijski sistem (OS). VeraCrypt bo ustvaril skriti OS s kopiranjem vsebine sistemskega razdelka (kjer je naložen trenutno zaganjajoči-se OS) v skriti zbirnik. Na zunanji zbirnik boste pa prekopirali na videz nekaj občutljivih datotek, katerih dejansko NE želite skriti. Datoteke bodo tam na ogled vsakomur, ki bo Vas silil v razkritje gesla do Vašega skritega razdelka z OS. Lahko razkrijete geslo za zunanji zbirnik znotraj skritega OS razdelka (obstoj skritega OS ostaja skrivnost).\n\nV zaključku boste na razdelek trenutno zaganjajočega-se OS naložili nov OS, ki bo imel vlogo vabe in ga boste tudi šifrirali. Slednji ne sme vsebovati občutljivih podatkov in bo tako tam za vsakogar na ogled, ki bo od Vas zahteval-a razkritje Vašega predzagonskega overitvenega gesla. V celoti nastavite tri gesla. Dva od njih lahko razkrijete (za OS vloge vabe in za zunanji zbirnik). Če uporabite tretjega, se bo skriti OS zagnal. + Detecting Hidden Sectors + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + Mesto za šifrirati + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Zbiranje naključnih podatkov + Ključi proizvedeni + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Zapisovanje Rešilnega Diska + Rescue Disk Created + System Encryption Pretest + Rescue Disk Verified + \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? + Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Pretest Completed + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + Do you want to cancel the system encryption pretest? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + Sistemski razdelek/pogon očitno ni šifriran (ne deloma ali v celoti). + Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. + Eden primer VeraCrypt-ovega čarovnika za ustvarjanje zbirnikov je trenutno na tem sistemu zagnan in izvaja ali pripravlja šifriranje/dešifriranje sistemskega razdelka/pogona. Preden nadaljujete prosim, da počakate da le-ta zaključi in ga nato zaprite. Če ga pa ne morete zapreti, potem pa prosim, da ponovno zaženete računalnik preden nadaljujete. + The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. + Error: The process of encryption of the partition/drive has not been completed. It must be completed first. + Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + Error: Incorrect/invalid parameter. + You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? + Ali želite ustvariti rajši VeraCrypt-ov kontejner ? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Are you sure you want to permanently decrypt the system partition/drive? + CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Failed to upgrade the VeraCrypt Boot Loader. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. + Skip detection of hidden sectors (use the size reported by the operating system) + Try to detect hidden sectors again + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + Zato da lahko VeraCrypt-u omogočite dostop do varnostega žetona ali pametne kartice, morate prvo izbrati programsko knjižico PKCS#11 za varnostni žeton ali pametno kartico. Tovrstna knjižica je lahko priložena z napravo ali pa si jo je možno shraniti iz spletne strani proizvajalca ali drugih tretjih strani.\n\nPotem ko si naložite knjižico, jo lahko ali ročno izberete preko 'Izberi knjižico' ali pa dovolite VeraCrypt-u, da jo sam najde in samodejno izbere z klikom na 'Samodejno zaznaj knjižico' (samo sistemski direktorij Oken bo preiskan). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + Zato da lahko VeraCryptu omogočite dostop do varnostnega žetona ali pametne kartice, morate prvo izbrati programsko knjižico PKCS#11 za varnostni žeton ali pametno kartico. To lahko storite tako, da izberete 'Nastavitve' > 'Varnostni žetoni'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + Vse odprte varnostne žetonske seje so bile zaprte. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Rešilni Disk + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Test - Ključna datoteka - Backspace - Tab - Clear - Enter - Pause - Caps Lock - Spacebar - Page Up - Page Down - End - Home - Left Arrow - Up Arrow - Right Arrow - Down Arrow - Select Key - Print Key - Execute Key - Print Screen - Insert - Delete - Applications Key - Sleep - Num Lock - Scroll Lock - Browser Back - Browser Forward - Browser Refresh - Browser Stop - Browser Search - Browser Favorites - Browser Home - Mute - Volume Down - Volume Up - Next Track - Previous Track - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Application 1 - Application 2 - Attn - CrSel - ExSel - Play - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Test + Ključna datoteka + Backspace + Tab + Clear + Enter + Pause + Caps Lock + Spacebar + Page Up + Page Down + End + Home + Left Arrow + Up Arrow + Right Arrow + Down Arrow + Select Key + Print Key + Execute Key + Print Screen + Insert + Delete + Applications Key + Sleep + Num Lock + Scroll Lock + Browser Back + Browser Forward + Browser Refresh + Browser Stop + Browser Search + Browser Favorites + Browser Home + Mute + Volume Down + Volume Up + Next Track + Previous Track + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Application 1 + Application 2 + Attn + CrSel + ExSel + Play + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.sv.xml b/Translations/Language.sv.xml index ade599d5..8e61c067 100644 --- a/Translations/Language.sv.xml +++ b/Translations/Language.sv.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Avbryt - Installera för &alla användare - &Bläddra … - Skapa en genväg till VeraCrypt på skri&vbordet - Donera nu … - Associera filnamns&tillägget .hc med VeraCrypt - &Öppna målmappen efter slutförd uppackning - Lägg till VeraCrypt till &Start-menyn - Skapa en system&återställningspunkt - &Avinstallera - &Packa upp - &Installera - VeraCrypts installationsguide - Avinstallera VeraCrypt - H&jälp - Välj eller ange den mapp där du vill placera de uppackade filerna: - Välj eller ange den mapp där du vill installera VeraCrypts programfiler. Om den angivna mappen inte finns, kommer den att skapas automatiskt. - Klicka på ”Avinstallera” för att ta bort VeraCrypt från datorn. - Avbryt - Mät &prestanda - &Testa - Skapa en krypterad volym och formatera den - På plats-kryptera partition - Visa genererade nycklar (delar av dem) - Visa &poolinnehåll - Ladda ned programvara för CD/DVD-bränning - Skapa en krypterad volym&behållare - &GB - &TB - Ytterligare information - &Dold VeraCrypt-volym - Ytterligare information om dolda volymer - &Direktläge - N&ormalläge - &kB - &Använd nyckelfiler - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - N&yckelfiler … - Information om hashalgoritmer - Ytterligare information - Information on PIM - &MB - Ytterligare information - Ytterligare information om systemkryptering - Ytterligare information - Fle&rvalsstart - Kryptera en &icke-systempartition eller -enhet - Spara inte &historik - Öppna yttre volym - &Pausa - Use P&IM - Use PIM - Snabb- formatering - &Visa lösenord - &Visa lösenord - &Display PIM - &Envalsstart - &Synlig VeraCrypt-volym - &Dold - No&rmal - Kryptera &systempartitionen eller hela systemenheten - Kryptera Windows &systempartition - Kryptera hela &enheten - Guiden Skapa VeraCrypt-volym - Kluster - VIKTIGT: Flytta muspekaren så slumpmässigt som möjligt innanför detta fönsters gränser. Ju längre du flyttar den desto bättre. Detta förfarande ökar nyckelfilens kryptografiska styrka avsevärt. Klicka sedan på Nästa för att fortsätta. - &Bekräfta: - Klart - Drive letter: - Krypteringsalgoritm - Filsystem - Skapar en virtuell krypterad disk inuti en fil. Rekommenderas för nybörjare. - Alternativ - Hashalgoritm - Volymh.nyckel: - Kvar - Primär nyckel: - Välj detta alternativ om det finns två eller fler operativsystem installerade i denna dator.\n\nExempelvis:\n· Windows XP och Windows XP\n· Windows XP och Windows Vista\n· Windows och Mac OS X\n· Windows och Linux\n· Windows, Linux och Mac OS X - Skapar en synlig eller dold krypterad volym av en icke-system- partition eller en intern eller extern enhet (t.ex. ett USB-minne). - Aktuellt poolinnehåll (ofullständigt) - Steg - &Lösenord: - Volume PIM: - Volume PIM: - Förlopp: - Slumpdatapool: - Välj detta alternativ om det endast finns ett operativsystem installerat i datorn (även om den har flera användare). - Hastighet - Status - Nycklarna, saltet och andra data har genererats utan fel. Klicka på Föregående och sedan Nästa för att generera nya nycklar eller klicka på Nästa för att fortsätta. - Krypterar hela partitionen eller enheten där Windows är installerat. Alla som vill använda systemet, t.ex. läsa och skriva filer, kommer att behöva ange ett lösenord varje gång Windows startas. Systemet kan göras synligt eller dolt. - Välj detta alternativ för att kryptera den partition där aktuellt operativsystem (Windows) är installerat. - Volume Label in Windows: - Överskrivning: - Stäng - Tillåt att förstarts&autentiseringen förbigås genom att trycka på Esc (aktiverar starthanteraren) - Gör &ingenting - Montera vald VeraCrypt-volym &automatiskt - Starta &VeraCrypt - &Identifiera bibliotek automatiskt - Lagra lösenordet till förstartsautentiseringen i &cacheminnet (för montering av icke-systemvolymer) - &Bläddra … - Bl&äddra … - Lagra lösenord och nyckelfiler i &cacheminnet - A&vsluta när inga volymer är monterade - &Stäng tokensession (logga ut) efter att en volym monterats utan fel - Include VeraCrypt Volume Expander - Inkludera &guiden Skapa VeraCrypt-volym - Skapa - S&kapa volym - &Visa inte någon text vid förstartsautentiseringen (förutom det anpassade meddelandet) - Disable "Evil Maid" attack detection - &Snabba upp AES-kryptering och -dekryptering genom att använda processorns AES-instruktioner - &Använd nyckelfiler - A&nvänd nyckelfiler - Avsl&uta - Hjälp om volymfavoriter - &Montera inte markerad volym när snabbtangenten ”Montera volymfavoriter” trycks ned - Montera markerad volym när dess &värdenhet ansluts - Montera markerad volym vid &inloggning - Montera markerad volym som &skrivskyddad - Montera markerad volym som &flyttbart medium - Flytta &ned - Flytta &upp - &Öppna Utforskaren efter att markerad volym monterats - &Ta bort - Use favorite label as Explorer drive label - Globala inställningar - Visa ett systemmeddelande i Meddelandefältet efter att en snabbknappsdemontering genomförts - Spela upp ett ljud efter att en snabbknappsdemontering genomförts - &Alt - Ctrl - &Skift - &Win - Till&dela - &Ta bort - N&yckelfiler … - &Använd inte följande antal processorer för kryptering och dekryptering: - Ytterligare information - Ytterligare information - Fler &inställningar … - A&utomontera enheter - Al&ternativ … - Montera volym som &skrivskyddad - Ny&ckelfiler … - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - &Aktiverad - La&gra lösenord i drivrutinens minnescache - &Demontera automatiskt volymer där inga data har skrivits eller lästs på - Användaren &loggar ut - User session locked - &Energisparläge aktiveras - S&kärmsläckaren aktiveras - Fram&tvinga automatisk demontering även om volymen innehåller öppna filer eller mappar - &Montera alla enhetsbaserade VeraCrypt-volymer - Starta &bakgrundsaktivitet - Montera volymer som &skrivskyddade - Montera volymer som &flyttbara medier - &Öppna Utforskaren vid montering av volymer - Temporary Cache password during "Mount Favorite Volumes" operations - Visa en alternativ ikon i Meddelandefältet när det finns volymer monterade - Töm lösenords&cache vid automatisk demontering - Töm lösenordscac&he vid avslut - Bevara tidsst&ämpeln på volymbehållare - &Återställ - Välj enhe&t … - Välj fi&l … - Välj &bibliotek … - V&isa lösenord - &Visa lösenord - Öppna &Utforskaren efter montering - Lagra lösenord i drivrutinens minnes&cache - TrueCrypt Mode - Demontera &allt - Volym&egenskaper … - Volymverkty&g … - Töm lösenords&cache - VeraCrypt - Mount Parameters - VeraCrypt – Volymfavoriter - VeraCrypt – Snabbtangenter - VeraCrypt - Ändra lösenord eller nyckelfiler - Ange lösenord för VeraCrypt-volym - VeraCrypt – Prestandaalternativ - VeraCrypt – Inställningar - VeraCrypt – Inställningar för systemkryptering - VeraCrypt – Inställningar för säkerhetstoken - Konfiguration av VeraCrypt Traveler-skiva - Egenskaper för VeraCrypt-volym - Om … - Lägg till/ta bort nyckelfiler från volymen … - Lägg till monterad volym som favorit … - Lägg till monterad systemvolym som favorit … - Analysera en systemkrasch … - Säkerhetskopiera volymhuvud … - Prestandamätning … - Ändra härledningsalgoritm för volymhuvudets nyckel … - Ändra volymlösenord … - Ändra härledningsalgoritm för volymhuvudets nyckel … - Ändra lösenord … - Rensa volymhistorik - Stäng alla säkerhetstokensessioner - Kontakt … - Skapa dolt operativsystem … - Skapa återställningsskiva … - Skapa ny volym … - Permanently Decrypt... - Standardnyckelfiler … - Default Mount Parameters... - Donera nu … - Kryptera systempartition eller -enhet … - Vanliga frågor och svar (FAQ) - Användarhandbok - &Webbplats - Snabbtangenter … - Nyckelfilsgenerering - Språk … - Juridiska villkor - Hantera nyckelfiler för säkerhetstoken … - Automontera alla enhetsbaserade VeraCrypt-volymer - Montera volymfavoriter - Montera utan förstarts&autentisering … - Montera volym - Montera volym med alternativ - Nyheter - Internetbaserad hjälp - Självstudier för nybörjare - Hantera volymfavoriter … - Hantera systemvolymfavoriter … - Prestanda … - Permanent dekryptering av systempartition eller -enhet - Inställningar … - Uppdatera enheter - Ta bort alla nyckelfiler från volymen … - Återställ volymhuvud … - Återuppta avbruten process - Välj enhet … - Välj fil … - Återuppta avbruten process - Systemkryptering … - Egenskaper … - Inställningar … - Systemvolymfavoriter … - Nedladdningar - Testvektorer … - Säkerhetstoken … - Skapa en Traveler-skiva … - Demontera alla monterade volymer - Demontera volym - Verifiera återställningsskiva - Verify Rescue Disk ISO Image - Versionshistorik - Volume Expander - Volymegenskaper - Guiden Skapa VeraCrypt-volym - VeraCrypts webbplats - Töm lösenordscache - OK - Maskinvaruacceleration - Kortkommandon - Konfiguration av automatisk körning (autorun.inf) - Automatisk demontering - Demontera allt när: - Skärmalternativ för startinläsaren - &Bekräfta lösenord: - Nuvarande - Visa detta anpassade meddelande vid förstartsautentiseringen (maximalt antal tecken är 24): - Standardmonteringsalternativ - Snabbtangentsalternativ - Driver Configuration - Enable extended disk control codes support - Eget namn på volymfavoriten: - Filinställningar - Tangent: - Processorn (CPU:n) stöder maskinvaruaccelererad AES-kryptering: - Åtgärder som ska utföras vid inloggning - minut(er) - Använd enhetsbeteckning: - Monteringsinställningar - Nytt - L&ösenord: - Trådbaserad parallellism - Sökväg till PKCS #11-bibliotek - PKCS-5 PRF: - PKCS-5 PRF: - Lösenordscache - Säkerhetsalternativ - VeraCrypts bakgrundsaktivitet - VeraCrypt-volym som ska monteras (relativt Traveler-skivans rotmapp): - Vid insättning av en Traveler-skiva: - Skapa Traveler-skivans filer i (Traveler-skivans rotmapp): - Volym - Windows - Lägg till &mapp … - &Självtesta allt - &Fortsätt - &Dekryptera - &Ta bort - &Kryptera - &Exportera … - &Generera och spara nyckelfil … - &Generera nyckelfil … - Ladda ned språkpaket - Maskinvaruaccelererad AES: - &Importera nyckelfil till token … - Lägg till &filer … - &Använd nyckelfiler - N&yckelfiler … - &Ta bort - Ta &bort allt - Vad är skydd av dolda volymer? - Mer information om nyckelfiler - Montera volym som &flyttbart medium - Montera systemkrypterad partition utan förstartsa&utentisering - Parallellism: - Mät &prestanda - &Skriv ut - Skydda &dolda volymer mot skador orsakade av skrivning till yttre volymer - &Återställ - &Visa lösenord - Lägg till to&ken … - Använd om möjligt volymens &inbäddade säkerhetskopia av volymhuvudet - &XTS-läge - Om VeraCrypt - VeraCrypt – Prestandamätning av krypteringsalgoritmer - VeraCrypt – Testvektorer - Kommandoradshjälp - VeraCrypt – Nyckelfiler - VeraCrypt – Nyckelfilsgenerering - VeraCrypt – Språk - VeraCrypt – Monteringsalternativ - Egenskaper för ny nyckelfil för säkerhetstoken - VeraCrypt – Berikning av slumptalspool - Välj en partition eller enhet - VeraCrypt - Nyckelfiler för säkerhetstoken - Lösenord eller PIN för säkerhetstoken krävs - Aktuellt språkpaket - Prestanda påverkas av processorns belastning och lagringsenhetens egenskaper.\n\nDessa mätningar genomförs i primärminnet. - Buffertstorlek: - Kryptering: - &Lösenord för dold volym:\n(om tomt används cache) - Skydd av dolda volymer - Nyckelstorlek: - Flytta muspekaren så slumpmässigt som möjligt innanför detta fönsters gränser. Ju längre du flyttar den desto bättre. Detta förfarande ökar nyckelfilens kryptografiska styrka avsevärt. - VARNING: Om du tappar bort en nyckelfil eller om någon bit av de första 1 024 kB ändras, blir det omöjligt att montera volymer som använder den nyckelfilen! - bitar - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Översatt av: - Storlek på klartext: - bitar - Aktuellt poolinnehåll - Blandningsalgoritm: - VIKTIGT: Flytta muspekaren så slumpmässigt som möjligt innanför detta fönsters gränser. Ju längre du flyttar den desto bättre. Detta förfarande ökar nyckelfilens kryptografiska styrka avsevärt. Klicka sedan på Fortsätt. - Sekundär nyckel (hexadecimalt) - Säkerhetstoken: - Sortering: - Vänta. Denna process kan ta lång tid … - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Blocknummer: - Krypterad text (hexadecimalt) - Dataenhetsnummer (64 bitar hexadecimalt, dataenhetsstorleken är 512 byte) - Nyckel (hexadecimalt) - Klartext (hexadecimalt) - Namn på nyckelfil: - XTS-läge - &System - &Volymer - &Favoriter - Verkt&yg - &Inställningar - H&jälp - &Webbplats - - &Om … - Det gick inte att ta bort skrivskyddsattributet på din gamla volym. Kontrollera filbehörigheterna. - Fel: Åtkomst nekad.\n\nPartitionen du försöker få åtkomst till är antingen 0 sektorer i storlek, eller så är det systemstartenheten. - Administratör - För att kunna ladda VeraCrypts drivrutin måste du vara inloggad med ett konto med administratörsbehörigheter. - Observera att du måste vara inloggad med ett konto med administratörsbehörigheter för att kunna kryptera/dekryptera eller formatera en partition eller enhet.\n\nDetta gäller inte volymer i volymbehållare. - Du måste vara inloggad med ett konto med administratörsbehörigheter för att kunna skapa en dold volym.\n\n Vill du fortsätta? - Observera att du måste vara inloggad med ett konto med administratörsbehörigheter för att kunna formatera volymen med NTFS.\n\nUtan administratörsbehörighet kan du formatera volymen med FAT. - FIPS-godkänt krypteringsalgoritm (Rijndael, publicerad 1998) som får användas av amerikanska regeringens departement och myndigheter för att skydda hemligstämplad information upp till topphemlig nivå. 256-bitars nyckel, 128-bitars block, 14 steg (AES-256). Arbetsläget är XTS. - Volymen är redan monterad. - VARNING: Minst ett av de inbyggda självtesterna för krypterings- och hashalgoritmer misslyckades!\n\nVeraCrypt-installationen kan vara skadad. - VARNING: Det finns inte tillräckligt med data i slumpdatapoolen för att den begärda mängden slumpmässiga data ska kunna tillhandahållas.\n\nDu bör inte fortsätta. Välj ”Rapportera fel” i Hjälp-menyn för att rapportera detta fel. - Enheten eller en kabel är skadad (har ett fysiskt fel), eller också fungerar inte minnet som det ska.\n\nObservera att detta är ett fel på din maskinvara, inte på VeraCrypt. Rapportera därför INTE detta som ett fel i eller ett problem med VeraCrypt och be inte om hjälp med detta i VeraCrypts forum. Kontakta din datorleverantörs tekniska support för hjälp. Tack.\n\nObservera: Om felet uppstår upprepade gånger på samma ställe, orsakas det troligen av felaktig allokeringsenhet. Detta borde gå att åtgärda med hjälp av programvaror från tredje part. (I många fall kan ”chkdsk /r”-kommandot inte rätta till felet, eftersom det endast arbetar på filsystemsnivå; i vissa fall kan ”chkdsk”-verktyget inte ens upptäcka det.) - Om du försöker komma åt en enhet med flyttbart lagringsmedium, kontrollera att mediet är ordentligt inmatat i enheten. Enheten eller mediet kan vara skadat (det kan finnas en fysisk defekt på det), eller så kan en kabel vara trasig eller urkopplad. - Ditt system verkar använda sig av anpassade kretsuppsättningsdrivrutiner som innehåller ett fel som förhindrar kryptering av hela systemenheten.\n\nFörsök att uppgradera eller avinstallera alla anpassade kretsuppsättningsdrivrutiner (ej utvecklade av Microsoft), innan du fortsätter. Om detta inte hjälper, försök att endast kryptera systempartitionen. - Ogiltig enhetsbeteckning. - Ogiltig sökväg. - Avbryt - Det går inte att komma åt enheten. Kontrollera att den valda enheten finns och inte används av operativsystemet. - Varning: Caps Lock är aktiverat. Detta kan orsaka att det angivna lösenordet blir fel. - Typ av volym - Det kan hända att någon försöker tvinga dig att avslöja lösenordet till en krypterad volym. Det finns många situationer där det kan vara svårt att vägra avslöja lösenordet (exempelvis vid utpressning). Genom att använda en så kallad dold volym går det att lösa sådana situationer utan att behöva avslöja lösenordet till din volym. - Välj detta alternativ om du vill skapa en normal VeraCrypt-volym. - Om du vill installera ett operativsystem på en dold partitionsbaserad volym, kan inte hela systemenheten krypteras med hjälp av en enda nyckel. - Krypteringsalternativ för yttre volym - Krypteringsalternativ för dold volym - Krypteringsalternativ - VARNING: Det gick inte att rensa sökvägen till den senast valda volymen eller nyckelfilen! - Fel: Volymbehållaren har komprimerats på filsystemsnivå. VeraCrypt stöder inte komprimerade volymbehållare. (Observera att komprimering av krypterade data är ineffektivt och överflödigt.)\n\nInaktivera komprimeringen av volymbehållaren med hjälp av följande steg:\n1) Högerklicka på volymbehållaren i Utforskaren (inte i VeraCrypt).\n2) Välj ”Egenskaper”.\n3) Klicka på ”Avancerat”.\n4) Inaktivera kryssrutan ”Komprimera innehåll för att spara diskutrymme” och klicka på ”OK”.\n5) Klicka på ”OK”. - Misslyckades med att skapa volymen %s - Storleken på %s är %.2f byte - Storleken på %s är %.2f kB - Storleken på %s är %.2f MB - Storleken på %s är %.2f GB - Storleken på %s är %.2f TB - Storleken på %s är %.2f PB - VARNING: Enheten eller partitionen används av operativsystemet eller en applikation. En formatering av enheten eller partitionen kan skada dina data och orsaka att systemet blir instabilt.\n\nVill du fortsätta? - Varning: Partitionen används av operativsystemet eller en applikation. Du bör stänga alla applikationer som kan tänkas använda partitionen (inklusive antivirusprogramvaror).\n\nVill du fortsätta? - Fel: Enheten eller partitionen innehåller ett filsystem som inte gick att demontera. Filsystemet används eventuellt av operativsystemet. En formatering av enheten eller partitionen kan skada dina data och orsaka att systemet blir instabilt.\n\nFör att lösa detta problem bör du först ta bort partitionen och sedan återskapa den utan att formatera den. Följ nedanstående steg för att göra det:\n1) Högerklicka på ”Dator” i Start-menyn och välj ”Hantera”. Fönstret ”Datorhantering” bör då öppnas.\n2) Välj ”Lagring” och ”Diskhantering” i fönstret ”Datorhantering”.\n3) Högerklicka på partitionen du vill kryptera och välj antingen ”Ta bort partition”, ”Ta bort volym” eller ”Ta bort logisk enhet”.\n4) Klicka på ”Ja”. Starta om datorn, om Windows ber dig om det. Repetera sedan steg 1 och 2 och fortsätt från steg 5.\n5) Högerklicka på det oallokerade eller lediga utrymmet och välj antingen ”Ny partition”, ”Ny enkel volym” eller ”Ny logisk enhet”.\n6) Någon av guiderna ”Ny partition” eller ”Ny enkel volym” bör startas. Följ instruktionerna, och på sidan med titeln ”Formatera partition” väljer du antingen ”Formatera inte den här partitionen” eller ”Formatera inte den här volymen”. Klicka sedan på ”Nästa” följt av ”Slutför”.\n7) Observera att enhetssökvägen du valt i VeraCrypt nu kan vara fel. Avsluta därför guiden Skapa VeraCrypt-volym (om den fortfarande körs) och starta den igen.\n8) Försöka att kryptera enheten eller partitionen igen.\n\nOm VeraCrypt upprepade gånger misslyckas att kryptera enheten eller partitionen, bör du överväga att skapa en volymbehållare i stället. - Fel: Det gick inte att låsa och/eller demontera filsystemet. Eventuellt används det av operativsystemet eller en applikation (som t.ex. antivirusprogramvara). En kryptering av partitionen kan skada dina data och orsaka att systemet blir instabilt.\n\nStäng alla applikationer som kan tänkas använda filsystemet (inklusive antivirusprogramvaror) och försök igen. Följ nedanstående steg, om detta inte hjälper. - VARNING: Vissa av de monterade enheterna eller partitionerna användes redan!\n\nAtt ignorera detta kan medföra oönskade resultat och orsaka instabilitet i systemet.\n\nDu bör stänga alla de applikationer som eventuellt använder enheterna eller partitionerna. - Den valda enheten innehåller partitioner.\n\nEn formatering av enheten kan orsaka att systemet blir instabilt och/eller att data skadas. Välj antingen en partition på enheten eller ta bort alla partitioner från den så att VeraCrypt kan formatera den på ett säkert sätt. - Den valda icke-systemenheten innehåller partitioner.\n\nKrypterade enhetsbaserade VeraCrypt-volymer kan skapas på enheter som inte innehåller några partitioner (inklusive hårddiskar och halvledardiskar). En enhet som innehåller partitioner kan endast på plats-krypteras fullständigt med en gemensam primär nyckel om det är den enhet som Windows är installerat på och startar från.\n\nOm du vill kryptera den valda icke-systemenheten med hjälp av en gemensam primär nyckel, måste du först ta bort alla partitioner från enheten så att VeraCrypt kan formatera den på ett säkert sätt. (Att formatera en enhet som innehåller partitioner kan orsaka att systemet blir instabilt och/eller att data skadas.) Alternativt kan du kryptera varje partition på enheten var för sig. (Varje partition kommer då att krypteras med hjälp av olika primära nycklar).\n\nObservera: Om du vill ta bort alla partitioner från en GPT-disk (GUID Partition Table), kan det hända att du först måste konvertera den till en MBR-disk (Master Boot Record) för att kunna ta bort dolda partitioner. Detta kan du göra med hjälp av t.ex. verktygen under ”Diskhantering” och ”Lagring” i programmet ”Datorhantering”. - Varning: Om du väljer att kryptera hela enheten – och inte endast en partition på den – kommer operativsystem att betrakta enheten som ny, tom och oformaterad, eftersom den inte innehåller någon partitionstabell. Eventuellt kan ett operativsystem då vilja initiera enheten (eller fråga dig om du vill göra det), vilket kan skada volymen. Vidare kommer det inte alltid att vara möjligt att montera volymen som en favorit (t.ex. när enhetsnumret ändras) eller att tilldela den ett eget namn.\n\nFör att undvika detta bör du överväga att skapa en partition på enheten och kryptera den i stället.\n\nÄr du säker på att du vill kryptera hela enheten? - VIKTIGT: Kom ihåg att denna volym INTE kan monteras eller kommas åt via enhetsbeteckningen %c:, som den närvarande tilldelats!\n\nKlicka på ”Automontera enheter” i VeraCrypts huvudfönster för att montera den. Alternativt kan du klicka på ”Välj enhet” i VeraCrypts huvudfönster, välja denna partition eller volym och sedan klicka på ”Montera”. Volymen kommer att monteras med en annan enhetsbeteckning, som du väljer från listan i VeraCrypts huvudfönster.\n\nDen ursprungliga enhetsbeteckningen %c: ska endast användas om du vill ta bort krypteringen från partitionen eller enheten (t.ex. om du inte längre har behov av kryptering). Högerklicka i så fall på enhetsbeteckningen %c: under ”Dator” (eller ”Min dator”) i Utforskaren och välj ”Formatera”. Enhetsbeteckningen %c: ska annars aldrig användas, såvida du inte tar bort den och tilldelar den till en annan partition eller enhet (enligt beskrivningen i VeraCrypts ”Vanliga frågor och svar”). - På plats-kryptering av icke-systemvolymer stöds inte av versionen på det aktuella operativsystemet (det stöds endast i Windows Vista och nyare versioner av Windows).\n\nAnledningen till detta är att denna version av Windows inte kan krympa ett filsystem. (Filsystemet måste krympas för att lämna plats för volymhuvudet och dess säkerhetskopia.) - Den valda partitionen verkar inte innehålla ett NTFS-filsystem. Endast partitioner som innehåller ett NTFS-filsystem kan på plats-krypteras.\n\nObservera: Anledningen till detta är att Windows inte kan krympa någon annan typ av filsystem än NTFS. (Filsystemet måste krympas för att lämna plats för volymhuvudet och dess säkerhetskopia.) - Den valda partitionen verkar inte innehålla ett NTFS-filsystem. Endast partitioner som innehåller ett NTFS-filsystem kan på plats-krypteras.\n\nOm du vill skapa en krypterad VeraCrypt-volym inuti denna partition, välj alternativet ”Skapa en krypterad volym och formatera den” och inte alternativet ”På plats-kryptera partition”. - Fel: Partitionen är för liten. VeraCrypt kan inte på plats-kryptera den. - Följ nedanstående steg för att kryptera data på denna partition:\n\n1) Skapa en VeraCrypt-volym på en tom partition eller enhet och montera den.\n\n2) Kopiera alla filer från den partition du ursprungligen ville kryptera till den monterade VeraCrypt-volymen (som skapades och monterades i steg 1). På detta sätt skapar du en krypterad säkerhetskopia av dina data.\n\n3) Skapa en VeraCrypt-volym på den partition du ursprungligen ville kryptera och kontrollera att du i guiden Skapa VeraCrypt-volym väljer alternativet ”Skapa en krypterad volym och formatera den” och inte alternativet ”På plats-kryptera partition”. Observera att alla data lagrade på partitionen kommer att tas bort. Montera volymen efter att den skapats.\n\n4) Kopiera alla filerna från den monterade VeraCrypt-volymen med säkerhetskopiorna (som skapades och monterades i steg 1) till den monterade VeraCrypt-volymen som skapades och monterades i steg 3.\n\nEfter att du fullföljt dessa steg kommer alla data att vara krypterade, och det kommer dessutom att finnas en krypterad säkerhetskopia av alla data. - VeraCrypt kan endast på plats-kryptera partitioner, dynamiska volymer och hela systemenheter.\n\nOm du vill skapa en krypterad VeraCrypt-volym inuti den valda icke-systemenheten, välj alternativet ”Skapa en krypterad volym och formatera den” och inte alternativet ”På plats-kryptera partition”. - Fel: VeraCrypt kan endast på plats-kryptera partitioner, dynamiska volymen och hela systemenheter. Kontrollera att den angivna sökvägen är giltig. - Fel: Det går inte att krympa filsystemet. (Filsystemet måste krympas för att lämna plats för volymhuvudet och dess säkerhetskopia.)\n\nMöjliga orsaker och lösningar:\n\n· Det saknas utrymme på volymen. Kontrollera att inga andra applikationer skriver till filsystemet.\n\n· Filsystemet är skadat. Kontrollera det och reparera eventuella fel genom att högerklicka på motsvarande enhetsbeteckning i Utforskaren och välja alternativet ”Egenskaper”. Klicka på ”Kontrollera nu” under fliken ”Verktyg” och sedan på ”Starta”. Se till att alternativet ”Reparera fel automatiskt” är aktiverat.\n\nFölj stegen nedan, om dessa steg inte hjälper. - Fel: Det finns inte tillräckligt med utrymme på volymen för att filsystemet ska kunna krympas. (Filsystemet måste krympas för att lämna plats för volymhuvudet och dess säkerhetskopia.)\n\nTa bort överflödiga filer och töm Papperskorgen för att frigöra åtminstone 256 kB utrymme och försök därefter igen. Observera att den mängd utrymme som Utforskaren rapporterar som ledigt kan vara felaktigt innan operativsystemets startats om. Om en omstart av operativsystemet inte hjälper kan det hända att filsystemet är skadat. Kontrollera det och reparera eventuella fel genom att högerklicka på motsvarande enhetsbeteckning i Utforskaren och välja alternativet ”Egenskaper”. Klicka på ”Kontrollera nu” under fliken ”Verktyg” och sedan på ”Starta”. Se till att alternativet ”Reparera fel i filsystemet automatiskt” är aktiverat.\n\nFölj stegen nedan, om dessa steg inte hjälper. - Ledigt utrymme på enhet %s är %.2f byte. - Ledigt utrymme på enhet %s är %.2f kB - Ledigt utrymme på enhet %s är %.2f MB - Ledigt utrymme på enhet %s är %.2f GB - Ledigt utrymme på enhet %s är %.2f TB - Ledigt utrymme på enhet %s är %.2f PB - Kunde inte läsa in tillgängliga enhetsbeteckningar. - Fel: VeraCrypts drivrutin kunde inte hittas.\n\nKopiera filerna ”veracrypt.sys” och ”veracrypt-x64.sys” till mappen där VeraCrypts huvudapplikation (VeraCrypt.exe) är belägen. - Fel: En inkompatibel version av VeraCrypts drivrutin körs redan.\n\nOm du försöker köra VeraCrypt i portabelt läge (d.v.s. utan att installera programmet) och en annan version av VeraCrypt redan är installerad, måste denna först avinstalleras eller uppgraderas med hjälp av VeraCrypts installationsprogram.\n\nFölj dessa steg för att avinstallera VeraCrypt i Windows Vista eller senare: Välj ”Dator” i Start-menyn och klicka på ”Avinstallera eller ändra ett program”. Markera VeraCrypt och klicka på ”Avinstallera”. I Windows XP startar man Kontrollpanelen i Start-menyn och klickar på ”Lägg till eller ta bort program”. Markera VeraCrypt och klicka på ”Avinstallera”.\n\nPå liknande sätt måste du, om du försöker köra VeraCrypt i portabelt läge och en annan version av VeraCrypt redan körs i portabelt läge, först starta om datorn och därefter köra enbart den nya versionen. - Fel: Initieringen av krypteringsalgoritmerna misslyckades. - Fel: En svag eller möjligt svag nyckel har identifierats och förkastats. Försök igen. - Ett allvarligt fel har inträffat, och VeraCrypt måste avslutas. Om detta fel orsakats av ett fel i VeraCrypt, vill vi rätta till det. Genom att skicka en automatiskt genererad felrapport kan du hjälpa oss att avgöra om det finns ett fel i VeraCrypt. Felrapporten innehåller följande information:\n· Programversion\n· Operativsystemets version\n· Typ av processor\n· VeraCrypt-komponentens namn\n· Den körbara filens checksumma\n· Dialogrutans symboliska namn\n· Felkategori\n· Adressen för felet\n· VeraCrypts anropsstack\n\nOm du klickar på ”Ja” kommer följande URL, som innehåller hela felrapporten, att öppnas i din standardwebbläsare.\n\n%hs\n\nVill du skicka ovanstående felrapport till oss? - Ett allvarligt fel, som kräver att VeraCrypt avslutas, har inträffat.\n\nObservera att detta fel inte har orsakats av VeraCrypt, så VeraCrypt-utvecklarna kan inte rätta till det. Sök igenom systemet efter möjliga problem med t.ex. systemkonfigurationen, nätverksanslutningen eller fallerande maskinvarukomponenter. - Ett allvarligt fel, som kräver att VeraCrypt avslutas, har inträffat.\n\nOm problemet kvarstår, prova att inaktivera eller avinstallera applikationer som kan orsaka felet, t.ex. antivirusprogramvaror, systemförbättrande eller systemoptimerande programvaror etc. Om detta inte hjälper, kan en sista utväg vara att installera om operativsystemet. (Problemet kan även orsakas av skadlig kod.) - VeraCrypt – Allvarligt fel - VeraCrypt har upptäckt att operativsystemet nyligen kraschade. Det finns många möjliga orsaker till varför systemet kraschade, som t.ex. en fallerande maskinvarukomponent eller ett fel i en drivrutin.\n\nVill du att VeraCrypt ska kontrollera om ett fel i VeraCrypt kan ha orsakat systemkraschen? - Vill du att VeraCrypt ska fortsätta att upptäcka systemkrascher? - VeraCrypt hittade ingen minidumpfil. - Vill du ta bort Windows kraschdumpfil för att frigöra diskutrymme? - För att kunna analysera en systemkrasch måste VeraCrypt först installera Microsoft Debugging Tools for Windows.\n\nEfter att du klickat på OK, kommer Windows Installer att ladda ned installationspaketet för Microsoft Debugging Tools (16 MB) från en Microsoft-server och installera det. (Windows Installer kommer att hänvisas till Microsoft-servern via en server hos veracrypt.org, vilket säkerställer att nedladdningen kommer att fungera även om Microsoft ändrar URL:en till installationspaketet.) - Efter att du klickat på OK kommer VeraCrypt att analysera systemkraschen. Detta kan ta flera minuter. - Kontrollera att miljövariabeln ”PATH” innehåller sökvägen till ”kd.exe” (kernelfelsökaren). - Det förefaller som att VeraCrypt högst troligen inte orsakade systemkraschen. Det finns många möjliga orsaker till varför systemet kraschade, som t.ex. en fallerande maskinvarukomponent eller ett fel i en drivrutin. - Analysresultatet visar att en uppdatering av följande drivrutin eventuellt kan lösa problemet: - Genom att skicka en automatiskt genererad felrapport kan du hjälpa oss att avgöra om det finns ett fel i VeraCrypt. Felrapporten innehåller följande information:\n· Programversion\n· Operativsystemets version\n· Typ av processor\n· Felkategori\n· Drivrutinsnamn och -version\n· Systemets anropsstack\n\nOm du klickar på ”Ja” kommer följande URL, som innehåller hela felrapporten, att öppnas i din standardwebbläsare. - Vill du skicka ovanstående felrapport till oss? - &Kryptera - &Dekryptera - &Permanent dekryptering - &Avsluta - Skapa en logisk enhet för denna utökade partition och försök sedan igen. - En VeraCrypt-volym kan placeras i en fil som kallas volymbehållare. Den kan i sin tur lagras på en hårddisk, ett USB-minne eller liknande. En volymbehållare fungerar precis som en vanlig fil och kan t.ex. flyttas eller raderas som vilken annan fil som helst. Klicka på ”Välj fil” för att välja ett filnamn för volymbehållaren och för att välja var volymbehållaren ska skapas.\n\nVARNING: Om du väljer en befintlig fil kommer VeraCrypt INTE att kryptera den; filen kommer i stället att tas bort och bli ersatt av den volymbehållare som skapas. Du kommer att kunna kryptera befintliga filer senare genom att flytta dem till volymbehållaren du håller på att skapa nu. - Välj den plats där den yttre volymen ska skapas. (Den dolda volymen kommer att skapas inuti denna volym senare.)\n\nEn VeraCrypt-volym kan placeras i en fil som kallas volym- behållare. Den kan i sin tur lagras på en hårddisk, ett USB-minne eller liknande. En volymbehållare fungerar precis som en vanlig fil och kan t.ex. flyttas eller raderas som vilken annan fil som helst. Klicka på ”Välj fil” för att välja ett filnamn för volymbehållaren och för att välja var volymbehållaren ska skapas. Om du väljer en befintlig fil kommer VeraCrypt INTE att kryptera den; filen kommer i stället att tas bort och bli ersatt av den volymbehållare som skapas. Du kommer att kunna kryptera befintliga filer senare genom att flytta dem till volymbehållaren du håller på att skapa nu. - Krypterade enhetsbaserade VeraCrypt-volymer kan skapas i partitioner på hårddiskar, halvledardiskar (SSD), USB-minnen eller andra understödda lagringsenheter. Partitioner kan även på plats-krypteras.\n\nKrypterade enhetsbaserade VeraCrypt-volymer kan dessutom skapas på enheter som inte innehåller några partitioner (inklusive hårddiskar och halvledardiskar).\n\nObservera: En enhet som innehåller partitioner kan endast på plats-krypteras fullständigt med en gemensam primär nyckel om det är den enhet som Windows är installerat på och startar från. - En enhetsbaserad VeraCrypt-volym kan skapas i partitioner på hårddiskar, halvledardiskar (SSD), USB-minnen eller andra understödda lagringsenheter.\n\nVARNING: Observera att partitionen eller enheten kommer att formateras och alla data lagrade på den kommer att gå förlorade. - \nVälj den plats där den yttre volymen ska skapas, inuti vilken den dolda volymen kommer att skapas senare.\n\nYttre volymer kan skapas i partitioner på hårddiskar, halvledardiskar (SSD), USB-minnen eller andra understödda lagringsenheter. Yttre volymer kan också skapas på enheter som saknar partitioner (inklusive hårddiskar och halvledardiskar).\n\nVARNING: Observera att partitionen eller enheten kommer att formateras, och alla befintliga data kommer att gå förlorade. - \nVälj den volymbehållare inuti vilken du vill skapa en dold volym. - VARNING: Värdfilen eller enheten används redan!\n\nAtt ignorera detta kan orsaka oönskade effekter som exempelvis att systemet blir instabilt. Alla program som kan tänkas använda värdfilen eller enheten, t.ex. säkerhetskopieringsapplikationer eller antivirusprogramvaror, måste stängas innan volymen monteras.\n\nVill du fortsätta med monteringen? - Fel: Det går inte att montera volymen. Värdfilen eller enheten används redan. Att montera volymen utan exklusiv åtkomst fungerar inte heller. - Det gick inte att öppna filen. - Plats för volymen - Stora filer - Kommer du att lagra filer som är större än 4 GB på denna VeraCrypt-volym? - Beroende på ditt val ovan kommer VeraCrypt att föreslå det bäst lämpade filsystemet för VeraCrypt-volymen. (Du kommer att kunna välja filsystem i nästa steg.) - Du bör överväga att välja ”Nej”, eftersom du håller på att skapa en yttre volym. Om du väljer ”Ja”, kommer standardfilsystemet att vara NTFS, vilket inte är lika lämpat för yttre volymer som FAT. (Exempelvis kommer den maximala storleken för den dolda volymen att vara avsevärt mycket större om den yttre volymen formateras som FAT.) Vanligtvis är FAT standard för både dolda och normala volymer, men om användaren verkar ha för avsikt att lagra filer större än 4 GB – vilket FAT-filsystemet inte tillåter – kommer dock FAT inte att vara standard. - Är du säker på att du vill välja ”Ja”? - Metod för skapande av volym - Detta är det snabbaste sättet att skapa en partitions- eller enhetsbaserad VeraCrypt-volym. Det andra alternativet, på plats-kryptering, är långsammare beroende på att innehållet på varje sektor först måste läsas, krypteras och sedan skrivas. Befintliga data på den valda partitionen eller enheten kommer att förloras. (Data kommer INTE att krypteras utan bli överskrivna med slumpmässiga data.) Välj det andra alternativet, om du vill kryptera existerande data på en partition. - Hela den valda partitionen och alla data lagrade på den kommer att på plats-krypteras. Du bör välja det första alternativet om partitionen är tom, eftersom volymen då kommer att skapas mycket snabbare. - Observera: - &Återuppta - &Skjut upp - &Starta - &Fortsätt - F&ormatera - &Skriv över - Vill du avbryta formateringen? - Visa ytterligare information - Visa inte detta igen - Innehållet på partitionen eller enheten har skrivits över utan fel. - Innehållet på partitionen, där det ursprungliga operativsystemet (av vilket det dolda operativsystemet är en kloning) fanns, har skrivits över utan fel. - Kontrollera att den version av Windows du tänker installera på den överskrivna partitionen är samma som den du för närvarande kör, eftersom båda systemen kommer att dela en gemensam startpartition. - Systempartitionen eller -enheten har krypterats utan fel.\n\nObservera: Om det finns icke-systemvolymer du vill ska monteras automatiskt varje gång Windows startas, kan du ställa det genom att montera var och en av dem och välja ”Lägg till monterad volym som favorit” under ”Favoriter” i VeraCrypts rullgardinsmeny. - Systempartitionen eller -enheten har dekrypterats utan fel. - \n\nVeraCrypt-volymen har skapats och är klar att använda. Klicka på ”Nästa” om du vill skapa ytterligare en VeraCrypt-volym. Annars klickar du på ”Avsluta”. - \n\nDen dolda VeraCrypt-volymen har skapats utan fel. (Det dolda operativsystemet kommer att placeras inuti denna dolda volym.)\n\nKlicka på Nästa för att fortsätta. - Volymen är fullständigt krypterad - Volume Fully Decrypted - VIKTIGT: KLICKA PÅ ”Automontera enheter” I VERACRYPTS HUVUDFÖNSTER FÖR ATT MONTERA DENNA NYLIGEN SKAPADE VERACRYPT-VOLYM OCH FÖR ATT KOMMA ÅT DATA LAGRADE PÅ DEN. Efter att du angett rätt lösenord (och/eller rätt nyckelfiler), kommer volymen att monteras med den enhetsbeteckning du valt i listan i VeraCrypts huvudfönster, och du kan komma åt dina krypterade data via den valda enhetsbeteckningen.\n\nLÄGG OVANSTÅENDE STEG PÅ MINNET ELLER SKRIV NED DEM. DU MÅSTE FÖLJA DEM VARJE GÅNG DU VILL MONTERA VOLYMEN OCH KOMMA ÅT DATA LAGRADE PÅ DEN. Alternativt kan du klicka på ”Välj enhet” i VeraCrypts huvudfönster, välja denna partition eller volym och sedan klicka på ”Montera”.\n\nPartitionen eller enheten har krypterats utan fel och är klar för användning. (Den innehåller nu en färdigkrypterad VeraCrypt-volym.) - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCrypt-volymen har skapats utan fel. - Volym skapad - VIKTIGT: Flytta muspekaren så slumpmässigt som möjligt innanför detta fönsters gränser. Ju längre du flyttar den desto bättre. Detta förfarande ökar krypteringsnycklarnas kryptografiska styrka avsevärt. Klicka sedan på ”Formatera” för att skapa volymen. - Klicka på ”Formatera” för att skapa den yttre volymen. Ytterligare information finns att läsa i dokumentationen. - Formatering av yttre volym - Formatering av yttre volym - Formatering av volymen - Adobe Reader (eller ett motsvarande program) är nödvändigt för att läsa eller skriva ut VeraCrypts användarhandbok. Adobe Reader är gratis och kan laddas ner från http://get.adobe.com/reader\n\nVill du läsa den Internetbaserade dokumentationen i stället? - Om du väljer detta alternativ kommer guiden först att hjälpa dig att skapa en normal VeraCrypt-volym och sedan en dold VeraCrypt-volym inuti den. Oerfarna användare bör alltid välja detta alternativ. - Om du väljer detta alternativ kommer du att få skapa en dold volym inuti en existerande VeraCrypt-volym. Det förutsätts att du redan har skapat en VeraCrypt-volym som kan hysa den dolda volymen. - Metod för skapande av volym - Dold volym skapad - Den dolda VeraCrypt-volymen har skapats utan fel och är klar för användning. Om alla instruktioner samt de försiktighetsåtgärder och krav som beskrivs i avsnittet ”Security Requirements and Precautions Pertaining to Hidden Volumes” i VeraCrypts användarhandbok har följts, bör det vara omöjligt att upptäcka att den dolda volymen existerar, även om den yttre volymen monteras.\n\nVARNING: SKRIV INTE TILL DEN YTTRE VOLYMEN OM DU INTE SKYDDAT DEN DOLDA VOLYMEN. (LÄS AVSNITTET ”PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE” I VERACRYPTS ANVÄNDARHANDBOK FÖR MER INFORMATION OM DETTA.) ANNARS KAN DU SKRIVA ÖVER OCH SKADA DEN DOLDA VOLYMEN! - Du har startat det dolda operativsystemet. Som du kanske har märkt, ser det dolda operativsystemet ut att vara installerat på samma partition som det ursprungliga operativsystemet. I verkligheten är det dock installerat på partitionen efter den (i den dolda volymen). Alla läs- och skrivåtgärder blir transparent omdirigerade från den ursprungliga systempartitionen till den dolda volymen.\n\nVarken operativsystemet eller applikationerna kommer att veta att data som skrivs till och läses från systempartitionen skrivs till och läses från partitionen efter den (till/från en dold volym). Alla dessa data krypteras och dekrypteras som vanligt i realtid med en krypteringsnyckel skild från den som används för skenoperativsystemet.\n\n\nKlicka på Nästa för att fortsätta. - Den yttre volymen har nu skapats och monterats som enhet %hc:. Till denna yttre volym bör du nu kopiera några skenbart känsliga filer som du egentligen INTE vill dölja. De ska finnas där om någon tvingar dig att avslöja lösenordet till den första partitionen efter systempartitionen, där både den yttre volymen och den dolda volymen (innehållande det dolda operativsystemet) kommer att finnas. Även om du avslöjar lösenordet för den yttre volymen, kommer den dolda volymens (och det dolda operativsystemets) existens att förbli hemlig.\n\nVIKTIGT: Filerna du kopierar till den yttre volymen bör inte uppta mer än %s. Annars kan det hända att det inte finns tillräckligt med ledigt utrymme för den dolda volymen i den yttre volymen, och du kommer inte att kunna fortsätta. Klicka på Nästa när du har kopierat klart. (Demontera inte volymen.) - Den yttre volymen har skapats utan fel och monterats som enhet %hc:. Till denna volym bör du nu kopiera några skenbart känsliga filer som du egentligen INTE vill dölja. Meningen med dessa filer är att de ska kunna hittas av någon som tvingar dig att avslöja ditt lösenord. Dock avslöjar du endast lösenordet till den yttre volymen, inte den dolda. De filer du verkligen bryr dig om ska lagras i den dolda volymen, som kommer att skapas i ett senare skede. Klicka på ”Nästa” när du har kopierat klart. Demontera inte volymen.\n\nObservera: Efter att du klickat på ”Nästa” kommer den yttre volymens klusterbitmapp att läsas av för att bestämma storleken på det sammanhängande lediga utrymmet i slutet av volymen. Detta utrymme kommer att hysa den dolda volymen och därmed även begränsa dess storlek. Avläsningen av klusterbitmappen säkerställer att inga data i den yttre volymen skrivs över av den dolda volymen. - Innehåll på yttre volym - \n\nI de följande stegen kommer du att få välja olika alternativ för den yttre volymen, inuti vilken den dolda volymen kommer att skapas senare. - \n\nI följande steg kommer du att skapa en så kallad yttre volym inuti den första partitionen efter systempartitionen (vilket förklarades i ett av de tidigare stegen). - Yttre volym - I de följande stegen kommer du att välja olika alternativ och ange lösenordet för den dolda volymen, som kommer att innehålla det dolda operativsystemet.\n\nAnmärkning: Den yttre volymens klusterbitmapp har lästs av för att avgöra storleken på det sammanhängande lediga utrymmet i slutet av volymen. Detta utrymme kommer att hysa den dolda volymen och därmed även begränsa dess storlek. Den dolda volymens maximala storlek har beräknats och bekräftats vara större än storleken på systempartitionen, vilket krävs eftersom hela innehållet på systempartitionen ska kopieras till den dolda volymen. Detta säkerställer att inga data som för närvarande lagras i den yttre volymen kommer att skrivas över av data som skrivs till den dolda volymen. - VIKTIGT: Lägg de krypteringsalgoritmer du väljer i detta steg på minnet. Du måste nämligen välja samma krypteringsalgoritmer för skenoperativsystemet senare, annars kommer det dolda operativsystemet inte att vara åtkomligt! (Skenoperativsystemet måste krypteras med samma krypteringsalgoritm som det dolda operativsystemet.)\n\nObservera: Anledningen till detta är att skenoperativsystemet och det dolda operativsystemet måste dela en gemensam startinläsare, vilken endast stöder en enskild krypteringsalgoritm som väljs av användaren. (Varje krypteringsalgoritm använder en särskild version av VeraCrypts startinläsare.) - \n\nVolymens klusterbitmapp har lästs av, och den maximala storleken för den dolda volymen har beräknats. I de följande stegen kommer du att få ange ett antal alternativ samt storleken och lösenordet för den dolda volymen. - Dold volym - Den dolda volymen är nu skyddad mot skador tills den yttre volymen demonterats.\n\nVARNING: Om det görs försök att skriva data till den dolda volymens utrymme, kommer VeraCrypt att skrivskydda hela volymen – både den yttre och den dolda delen – tills den demonterats. Detta kan orsaka fel i filsystemet på den yttre volymen, som vid upprepning kan påverka trovärdigheten i ett förnekande av den dolda volymens existens negativt. Därför bör du – så långt det är möjligt – undvika att skriva till den dolda volymens utrymme. Data som skrivs till den dolda volymens utrymme kommer inte att sparas utan gå förlorade. Windows rapporterar eventuellt detta som ett skrivfel (”En fördröjd skrivning misslyckades” eller ”Felaktig parameter”). - Var och en av de dolda volymerna inuti de nyligen monterade volymerna är nu skyddade mot skador tills de demontrerats.\n\nVARNING: Om försök görs att skriva data till något av dessa dolda volymers utrymmen, kommer VeraCrypt att skrivskydda hela volymen – både den yttre och den dolda delen – tills den demonterats. Detta kan orsaka fel i filsystemet på den yttre volymen, som vid upprepning kan påverka trovärdigheten i ett förnekande av den dolda volymens existens negativt. Därför bör du – så långt det är möjligt – undvika att skriva till den dolda volymens utrymme. Data som skrivs till de dolda volymernas utrymmen kommer inte att sparas utan gå förlorade. Windows rapporterar eventuellt detta som ett skrivfel (”En fördröjd skrivning misslyckades” eller ”Felaktig parameter”). - VARNING: Ett försök att skriva data till utrymmet för den dolda volymen monterad som %c: har gjorts! För att skydda den dolda volymen hindrade VeraCrypt dessa data från att sparas. Detta kan ha orsakat fel på den yttre volymens filsystem, och Windows kan eventuellt ha rapporterat detta som ett skrivfel (”En fördröjd skrivning misslyckades” eller ”Felaktig parameter”). Hela volymen (både den yttre och den dolda delen) kommer att skrivskyddas tills den demonterats. Om det inte är första gången VeraCrypt har förhindrat data från att sparas på den dolda volymens utrymme, kan trovärdigheten i ett förnekande av den dolda volymens existens påverkas negativt (beroende på eventuella motsvarande motsägelser i den yttre volymens filsystem). Därför bör du överväga att skapa en ny VeraCrypt-volym (med snabbformatering inaktiverat) och flytta filer från den gamla volymen till den nya. Den gamla volymen bör sedan skrivas över, både den yttre och den dolda delen. Du rekommenderas att starta om operativsystemet nu. - Du verkar ha för avsikt att lagra filer större än 4 GB på volymen. Detta kräver att dock att volymen formateras med filsystemet NTFS, vilket dessvärre inte är möjligt. - Observera att icke-dolda VeraCrypt-volymer inte kan formateras med filsystemet NTFS, när ett dolt operativsystem körs. Orsaken till detta är att volymen temporärt måste monteras utan skrivskydd för att tillåta operativsystemet att formatera den med filsystemet NTFS. (En formatering med filsystemet FAT utförs av VeraCrypt utan montering av volymen, och inte av operativsystemet.) Se nedan för utförligare tekniska detaljer. Du kan skapa en icke-dold NFTS-volym inifrån skenoperativsystemet. - Av säkerhetsskäl kan dolda volymer endast skapas i ”direktläge”, när ett dolt operativsystem körs (eftersom yttre volymer alltid måste monteras som skrivskyddade). Följ dessa steg för att skapa en dold volym på ett säkert sätt:\n\n1) Starta skenoperativsystemet.\n\n2) Skapa en normal VeraCrypt-volym och kopiera några skenbart känsliga filer som du egentligen INTE vill dölja till den. (Volymen kommer att bli den yttre volymen.)\n\n3) Starta det dolda operativsystemet och stata guiden Skapa VeraCrypt-volym. Om volymen är hyst av en volymbehållare, flytta den till systempartitionen eller till en annan dold volym. (Annars blir den nyligen skapade dolda volymen monterad som skrivskyddad och kan inte formateras.) Följ instruktionerna i guiden och se till att välja ”Direktläge” vid skapandet av en dold volym.\n\n4) Välj i guidens nästa steg den volym du skapade i steg 2 och följ sedan instruktionerna för att skapa en dold volym inuti den. - Av säkerhetsskäl monteras lokala okrypterade filsystem och icke-dolda volymer som skrivskyddade, när ett dolt operativsystem körs. (Inga data kan skrivas till sådana filsystem eller VeraCrypt-volymer.)\n\nData kan skrivas till alla filsystem som är belägna inuti en dold VeraCrypt-volym, förutsatt att den dolda volymen inte är belägen inuti en volymbehållare som lagras i ett okrypterat filsystem eller i ett annat skrivskyddat filsystem. - Det finns tre huvudsakliga skäl till varför dessa motåtgärder har implementerats:\n\n· Det möjliggör skapandet av en säker plattform för montering av dolda VeraCrypt-volymer. Observera att vi officiellt rekommenderar att dolda volymer endast monteras i samband med att ett dolt operativsystem körs. (För ytterligare information, läs avsnittet ”Security Requirements and Precautions Pertaining to Hidden Volumes” i VeraCrypts användarhandbok.)\n\n· I vissa fall är det möjligt att, vid en viss tidpunkt, avgöra att ett visst filsystem inte monterades under – eller att en viss fil i filsystemet inte sparades eller användes inifrån – en viss instans av ett operativsystem (t.ex. genom att analysera och jämföra filsystemjournaler, filers tidsstämplar, programloggar eller felloggar). Detta kan indikera att ett dolt operativsystem finns installerat i datorn. Motåtgärderna förhindrar dessa problem.\n\n· Det förhindrar att data skadas och tillåter en säker återgång från viloläge. När Windows återgår från viloläge förutsätts det att alla monterade filsystem är i samma tillstånd som när systemet övergick till viloläge. VeraCrypt säkerställer detta genom att skrivskydda alla filsystem som är åtkomliga både inifrån ett skenoperativsystem och ett dolt operativsystem. Utan ett sådant skydd kan filsystemet skadas, om det monteras av ett operativsystem medan det andra är i viloläge. - Observera: Följ dessa steg om du vill överföra filer från skenoperativsystemet till det dolda operativsystemet på ett säkert sätt:\n1) Starta skenoperativsystemet.\n2) Spara filerna på en okrypterad volym eller på en yttre eller normal VeraCrypt-volym.\n3) Starta det dolda operativsystemet.\n4) Montera VeraCrypt-volymen, om du sparade filerna på en sådan. (Den kommer automatiskt att monteras som skrivskyddad.)\n5) Kopiera filerna till den dolda systempartitionen eller till en annan dold volym. - Din dator måste startas om.\n\nVill du starta om den nu? - Ett fel inträffade när systemets krypteringsstatus skulle inhämtas. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Det går inte att initiera applikationskomponenter för systemkryptering. - Initieringen av slumptalsgeneratorn misslyckades! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Det gick inte att initiera applikationen. Registreringen av dialogruteklassen misslyckades. - Fel: Det gick inte att ladda systembiblioteket för ”Rich Edit”. - Guiden Skapa VeraCrypt-volym - Maximalt möjliga utrymme för den dolda volymen är %.2f byte. - Maximalt möjliga utrymme för den dolda volymen är %.2f kB. - Maximalt möjliga utrymme för den dolda volymen är %.2f MB. - Maximalt möjliga utrymme för den dolda volymen är %.2f GB. - Maximalt möjliga utrymme för den dolda volymen är %.2f TB. - Volymlösenord eller -nyckelfiler kan inte ändras medan volymen är monterad. Volymen måste demonteras först. - Härledningsalgoritmen för volymhuvudets nyckel kan inte ändras medan volymen är monterad. Demontera volymen först. - &Montera - En nyare version av VeraCrypt krävs för att montera denna volym. - Fel: Det går inte att hitta guiden Skapa VeraCrypt-volym.\n\nKontrollera att filen ”VeraCrypt Format.exe” finns i den mapp från vilken ”VeraCrypt.exe” startades. Om filen inte finns där, ominstallera VeraCrypt eller leta upp filen ”VeraCrypt Format.exe” på din disk och kör den därifrån. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Nästa > - &Slutför - &Installera - &Packa upp - Det gick inte att ansluta till VeraCrypts drivrutin. VeraCrypt fungerar inte om drivrutinen inte körs.\n\nObservera att det, beroende på Windows, kan vara nödvändigt att logga ut eller starta om datorn innan drivrutinen kan laddas. - Ett fel inträffade när typsnitten laddades. - Enhetsbeteckningen kunde inte hittas, eller så angavs ingen enhetsbeteckning. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Enhetsbeteckningen är inte tillgänglig. - Ingen fil vald! - Det finns inga tillgängliga enhetsbeteckningar. - Det finns ingen enhetsbeteckning tillgänglig för den yttre volymen! Det går inte att fortsätta med skapandet av volymen. - Det gick inte att avgöra versionen på operativsystemet, eller så använder du ett operativsystem som inte stöds. - Ingen sökväg vald! - Det finns inte tillräckligt med utrymme för den dolda volymen! Det går inte att fortsätta med skapandet av volymen. - Fel: Filerna du kopierade till den yttre volymen tar upp för mycket utrymme. Därför finns det inte tillräckligt mycket ledigt utrymme på den yttre volymen för den dolda volymen.\n\nObservera att den dolda volymen måste vara lika stor som systempartitionen (partitionen där det aktuella operativsystemet är installerat). Anledningen till detta är att det dolda operativsystemet måste skapas genom en kopiering av systempartitionens innehåll till den dolda volymen.\n\n\nProcessen för att skapa ett dolt operativsystem kan inte fortsätta. - Drivrutinen kan inte demontera volymen. Vissa filer på volymen används förmodligen. - Det går inte att låsa volymen. Det finns fortfarande filer på den som är öppna, varför det inte går att demontera den. - VeraCrypt kan inte låsa volymen, eftersom den används av operativsystemet eller andra applikationer. (Det kan finnas filer på den som är öppna.)\n\nVill du tvinga fram en demontering av volymen? - Välj en VeraCrypt-volym - Ange sökväg och filnamn - Välj PKCS #11-bibliotek - Slut på ledigt minne - VIKTIGT: Oerfarna användare rekommenderas att skapa en volymbehållare i stället för att försöka kryptera en hel enhet eller partition.\n\nNär du skapar en volymbehållare (till skillnad från när du krypterar en enhet eller partition) finns det exempelvis ingen risk att ett stort antal filer går förlorade. Observera att en volymbehållare – även om den innehåller en virtuell krypterad disk – är som vilken annan fil som helst. För mer information, läs kapitlet ”Beginner’s Tutorial” i VeraCrypts användarhandbok.\n\nÄr du säker på att du vill kryptera hela enheten eller partitionen? - VARNING: Filen ”%s” finns redan!\n\nVIKTIGT: VERACRYPT KOMMER ATT TA BORT FILEN OCH INTE KRYPTERA DEN. Är du säker på att du vill ta bort filen och ersätta den med en ny volymbehållare? - VARNING: ALLA FILER SOM FINNS LAGRADE PÅ DEN %s DU VALT, ”%s”%s, KOMMER ATT TAS BORT OCH GÅ FÖRLORADE! (DE KOMMER INTE ATT KRYPTERAS.)\n\nÄr du säker på att du vill gå vidare med formateringen? - VARNING: Du kommer inte att kunna montera volymen eller ha tillgång till några filer lagrade på den förrän krypteringen har slutförts.\n\nÄr du säker på att du vill påbörja krypteringen av %s ”%s”%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - VARNING: Delar av dina data kan bli skadade eller gå förlorade, om strömförsörjningen plötsligt bryts eller om operativsystemet kraschar beroende på program- eller maskinvarufel medan existerande data på plats-krypteras. Därför bör du, innan krypteringsprocessen startar, kontrollera att du har säkerhetskopior av de filer du vill kryptera.\n\nHar du sådana säkerhetskopior? - VARNING: ALLA FILER SOM FINNS LAGRADE PÅ PARTITIONEN ”%s”%s, D.V.S. PÅ DEN FÖRSTA PARTITIONEN EFTER SYSTEMPARTITIONEN, KOMMER ATT TAS BORT OCH GÅ FÖRLORADE! (DE KOMMER INTE ATT KRYPTERAS.)\n\nÄr du säker på att du vill gå vidare med formateringen? - VARNING: DEN VALDA PARTITIONEN INNEHÅLLER EN STOR MÄNGD DATA! Alla filer som finns lagrade på partitionen kommer att tas bort och gå förlorade (de kommer INTE att krypteras)! - Ta bort alla filer lagrade på partitionen genom att skapa en VeraCrypt-volym inuti den - Lösenord - PIM - Härledningsalgoritm för volymhuvudets nyckel - Lägg till eller ta bort nyckelfiler från volymen - Ta bort alla nyckelfiler från volymen - Lösenord, PIM och/eller nyckelfil(er) ändrades utan fel.\n\nVIKTIGT: Försäkra dig om att du har läst avsnittet ”Changing Passwords and Keyfiles” i kapitlet ”Security Requirements and Precautions” i VeraCrypts användarhandbok. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - VIKTIGT: Om du inte förstörde din återställningsskiva, kan din systempartition eller -enhet fortfarande dekrypteras med det gamla lösenordet genom att starta datorn med återställningsskivan och ange det gamla lösenordet. Du bör skapa en ny återställningsskiva och förstöra den gamla.\n\nVill du skapa en ny återställningsskiva? - Observera att din återställningsdisk fortfarande använder den gamla algoritmen. Om du anser att den gamla algoritmen är osäker, bör du skapa en ny återställningsdisk och sedan förstöra den gamla.\n\nVill du skapa en ny återställningsskiva? - VeraCrypt kan använda vilken typ av fil som helst som nyckelfil (t.ex. .mp3, .jpg, .zip eller .avi). Observera att VeraCrypt aldrig ändrar en nyckelfils innehåll. Du kan fritt välja en eller flera nyckelfiler; deras inbördes ordning är oväsentlig. Om du lägger till en mapp, kommer alla synliga filer i den mappen att användas som nyckelfiler. Klicka på ”Lägg till token” för att lägga till nyckelfiler lagrade på säkerhetstoken eller smartkort eller för att importera nyckelfiler till dem. - Nyckelfiler tillagda eller borttagna utan fel. - Nyckelfilen exporterades. - Härledningsalgoritmen för volymhuvudets nyckel ändrades utan fel. - Ange lösenord och/eller nyckelfil(er) till den icke-systemvolym du vill återuppta på plats-krypteringsprocessen för.\n\n\nAnmärkning: Efter att du klickat på Nästa kommer VeraCrypt att försöka hitta alla icke-systemvolymer för vilka krypteringsprocessen har avbrutits och vars volymhuvuden kan dekrypteras med det lösenord och/eller de nyckelfiler du angett. Om fler än en sådan volym hittas, kommer du i nästa steg att få välja en av dem. - Välj en av följande volymer. Denna lista innehåller samtliga icke-systemvolymer vars krypteringsprocesser har avbrutits och vars volymhuvud inte kunde dekrypteras med det lösenord och/eller de nyckelfiler du angett. - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - Det är mycket viktigt att du väljer ett bra lösenord. Du bör undvika att välja ett som endast innehåller ett ord som kan finnas i en ordbok (eller en kombination av två, tre eller fyra sådana). Det bör inte innehålla några namn eller födelsedata. Det bör heller inte vara enkelt att gissa. Ett bra lösenord innehåller en kombination av versaler och gemener, siffror och specialtecken som exempelvis @ ^ = $ * + och liknande. Vi rekommenderar att du väljer ett lösenord som består av minst 20 tecken (ju längre desto bättre). Den största tillåtna längden är 64 tecken. - Ange ett lösenord för den dolda volymen. - Ange ett lösenord för det dolda operativsystemet, d.v.s. för den dolda volymen. - VIKTIGT: Lösenordet du väljer för det dolda operativsystemet i detta steg måste vara påtagligt annorlunda än de två andra lösenord du kommer att välja för den yttre volymen och skenoperativsystemet. - Ange lösenordet för den volym inuti vilken du vill skapa en dold volym.\n\nVeraCrypt kommer att försöka montera volymen när du klickar på ”Nästa”. När volymen har monterats, kommer dess klusterbitmapp att läsas av för att avgöra storleken på det sammanhängande lediga utrymmet i slutet av volymen. Detta utrymme kommer att hysa den dolda volymen och därmed även begränsa dess storlek. Avläsningen av klusterbitmappen säkerställer att inga data i den yttre volymen skrivs över av den dolda volymen. - \nAnge ett lösenord för den yttre volymen. Detta är det lösenord du kommer att kunna avslöja om du blir tillfrågad om det eller tvingad till det.\n\nVIKTIGT: Detta lösenord måste vara påtagligt annorlunda än det du kommer att välja för den dolda volymen.\n\nObservera: Maximal längd på lösenord är 64 tecken. - Ange ett lösenord för den yttre volymen. Detta är det lösenord du kommer att kunna avslöja om du blir tvingad att röja lösenordet för den första partitionen efter systempartitionen, där både den yttre och den dolda volymen (innehållande det dolda operativsystemet) är belägna. Den dolda volymens och det dolda operativsystemets existens kommer dock att förbli hemlig. Observera att detta lösenord inte gäller för skenoperativsystemet.\n\nVIKTIGT: Detta lösenord måste vara påtagligt annorlunda än det du kommer att välja för den dolda volymen, d.v.s. för det dolda operativsystemet. - Lösenord för yttre volym - Lösenord för dold volym - Lösenord för dolt operativsystem - VARNING: Korta lösenord är enkla att knäcka med hjälp av uttömmande attacktekniker (brute force)!\n\nVi rekommenderar att du väljer ett lösenord som består av minst 20 tecken. Är du säker på att du vill använda ett kort lösenord? - Volymlösenord - Antingen är det angivna lösenordet fel, eller så är den valda filen inte en VeraCrypt-volym. - Antingen har fel nyckelfil(er) och/eller fel lösenord angetts, eller så är den valda filen inte en VeraCrypt-volym. - Antingen är monteringsläget eller det angivna lösenordet fel, eller så är den valda filen inte en VeraCrypt-volym. - Antingen har fel nyckelfil(er) och/eller fel lösenord angetts, eller så är den valda filen inte en VeraCrypt-volym. Alternativt är monteringsläget fel. - Antingen är det angivna lösenordet fel, eller så hittades inte någon VeraCrypt-volym. - Antingen har fel nyckelfil(er) och/eller fel lösenord angetts, eller så hittades inte någon VeraCrypt-volym. - \n\nVarning: Caps Lock är på. Detta kan orsaka att ditt lösenod blir felaktigt angett. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nVARNING: Det finns dolda filer i nyckelfilernas sökväg. Om du vill använda dessa filer som nyckelfiler, måste de först göras synliga för operativsystemet. Högerklicka på var och en av dem och välj ”Egenskaper” i snabbmenyn, inaktivera kryssrutan ”Dold” och klicka på ”OK”). Observera: Dolda filer är endast synliga om alternativet ”Visa dolda filer, mappar och enheter” under fliken ”Visning”, som nås via ”Ordna” och menyalternativet ”Mapp- och sökalternativ” i Utforskaren, är aktiverat. - Om du försöker skydda en dold volym som innehåller ett dolt operativsystem, måste du se till att du använder amerikansk tangentbordslayout när du anger lösenordet för den dolda volymen. Detta beror på att lösenordet måste anges i förstartsmiljön (innan Windows startas), där inga andra tangentbordslayouter än den amerikanska finns tillgängliga. - VeraCrypt har inte hittat någon icke-systemvolym för vilken krypteringsprocessen har avbrutits och vars volymhuvud kan dekrypteras med hjälp av det lösenord och/eller de nyckelfiler du angett.\n\nKontrollera att lösenordet och/eller nyckelfilerna är korrekta och att partitionen eller volymen inte används av operativsystemet eller ett annat program (inklusive antivirusprogramvaror). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nObservera: Om du försöker montera en partition belägen på en krypterad systemenhet utan förstartsautentisering eller en krypterad systempartition tillhörande ett operativsystem som inte körs, kan du göra det genom att välja ”Montera utan förstartsautentisering” under ”System” i VeraCrypts rullgardinsmeny. - Det går inte att montera en partition belägen på en aktiv krypterad systemenhet.\n\nInnan du kan montera denna partition, måste du antingen starta ett okrypterat operativsystem eller ett operativsystem som är installerat på en annan enhet (krypterad eller okrypterad). - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Föregående - Det gick inte att sammanställa en lista över raw-enheter installerade i ditt system! - Volymen ”%s” finns redan och är skrivskyddad. Är du säker på att du vill ersätta den? - Välj målmapp - Välj nyckelfil - Välj en nyckelfilssökväg. VARNING: Observera att endast sökvägen lagras, inte filnamnen! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Utvecklad av Ross Anderson, Eli Biham och Lars Knudsen. Publicerad 1998. 256-bitars nyckel, 128-bitars block. Arbetsläget är XTS. Serpent var en av AES-finalisterna. - Ange storleken på den volymbehållare du vill skapa.\n\nOm du skapar en dynamisk volymbehållare (sparse-fil), kommer volymbehållarens maximala storlek att vara värdet du anger.\n\nObservera att den minsta möjliga storleken på en FAT-volym är 292 kB. Den minsta möjliga storleken på en NTFS-volym är 3 792 kB. - Ange storleken på den yttre volym som ska skapas. (Du kommer först att skapa den yttre volymen och sedan en dold volym inuti den.) Den minsta möjliga storleken på en volym inuti vilken en dold volym ska skapas är 340 kB. - Ange storleken på den dolda volym som ska skapas. Den minsta möjliga storleken på en dold volym är 40 kB (eller 3 664 kB om den formateras med filsystemet NTFS). Den största möjliga storleken på den dolda volymen visas ovan. - Storlek på yttre volym - Storlek på dold volym - Kontrollera att storleken på den valda enheten eller partitionen som visas ovan är korrekt och klicka på ”Nästa”. - Den yttre och den dolda volymen (innehållande det dolda operativsystemet) kommer att hysas inuti ovanstående partition. Det ska vara den första partitionen efter systempartitionen.\n\nKontrollera att partitionens storlek och nummer som visas ovan stämmer och klicka på Nästa. - \n\nObservera att den minsta möjliga storleken på en volym inuti vilken en dold volym är tänkt att skapas är 340 kB. - Volymstorlek - &Dynamisk - VARNING: SJÄLVTESTET MISSLYCKADES! - Självtesten av alla algoritmer slutfördes utan fel - Dataenhetsnumret du angav är för kort eller för långt. - Den sekundära nyckeln du angett är antingen för lång eller för kort. - Den krypterade texten du angett är antingen för lång eller för kort. - Testnyckeln du angett är antingen för lång eller för kort. - Klartexten du angett är antingen för lång eller för kort. - Två nästade krypteringsmetoder som arbetar i XTS-läge. Varje block krypteras först med %s (%d-bitars nyckel) och sedan med %s (%d-bitars nyckel). Varje krypteringsmetod använder sig av sin egen nyckel, som är oberoende den andra. - Tre nästade krypteringsmetoder som arbetar i XTS-läge. Varje block krypteras först med %s (%d-bitars nyckel), sedan med %s (%d-bitars nyckel) och slutligen med %s (%d-bitars nyckel). Varje krypteringsmetod använder sig av sin egen nyckel, som är oberoende av de övriga två. - Observera att det, beroende på operativsystemets konfiguration, kan hända att funktionerna för automatisk körning och montering endast fungerar när Traveler-skivans filer installerats på ett skrivskyddat CD- eller DVD-liknande medium. Detta är inte ett fel på VeraCrypt utan en begränsning i Windows. - VeraCrypt Traveler-skivan har skapats utan fel.\n\nObservera att du behöver administratörsbehörighet för att köra VeraCrypt Traveler. Observera också att det genom att undersöka registret kan vara möjligt att se att VeraCrypt har körts i ett Windows-system, även om VeraCrypt körts utan att installeras. - VeraCrypt Traveler-skiva - Utvecklad av Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall och Niels Ferguson. Publicerad 1998. 256-bitars nyckel, 128-bitars block. Arbetsläget är XTS. Twofish var en av AES-finalisterna. - Ytterligare information om %s - Okänt - Ett odefinierat eller okänt fel inträffade (%d). - Några volymer innehåller filer som används av operativsystemet eller andra applikationer.\n\nSka en demontering tvingas fram? - &Demontera - Demonteringen misslyckades! - Volymen innehåller filer eller mappar som används av ett annat program.\n\nVill du tvinga fram en demontering av volymen? - Ingen volym är monterad med angiven enhetsbeteckning. - Volymen du försöker montera är redan monterad. - Det uppstod ett fel vid monteringen av enheten. - Det uppstod ett fel vid sökning efter en plats inuti volymen. - Fel: Felaktig volymstorlek. - VARNING: Du bör endast använda snabbformatering i följande fall:\n\n1) Enheten innehåller inga känsliga data, och trovärdigheten i ett förnekande av volymens existens är inte viktig.\n2) Enheten har redan blivit säkert och fullständigt krypterad.\n\nÄr du säker på att du vill använda snabbformatering? - En dynamisk volymbehållare är en förallokerad NTFS-sparse-fil, vars fysiska storlek (faktiskt diskutrymme som används) växer när nya data läggs till.\n\nVARNING: Sparse-fil-baserade volymers prestanda är betydligt sämre än normala volymers. Sparse-fil-baserade volymer är även mindre säkra, eftersom det är möjligt att se vilka av volymernas sektorer som inte används. Dessutom kan sparse-fil-baserade volymer inte erbjuda en rimlig trovärdighet vid ett förnekande av en dold volyms existens. Observera även att det krypterade filsystemet kan skadas om data skrivs till en dynamisk volymbehållare när det inte finns tillräckligt med utrymme i värdfilsystemet.\n\nÄr du säker på att du vill skapa en sparse-fil-baserad volym? - Observera att storleken på den dynamiska volymbehållaren som rapporteras av Windows och VeraCrypt alltid kommer att vara samma som den maximala storleken. Volymbehållarens aktuella fysiska storlek (det faktiska diskutrymme den använder) visas i fältet ”Storlek på disk”, som man når genom att högerklicka på volymbehållarens fil (i Utforskaren, inte i VeraCrypt) och i snabbmenyn välja ”Egenskaper”.\n\nObservera även att en dynamisk volymbehållares fysiska storlek kommer att utökas till den maximala, om du flyttar den till en annan volym eller enhet. (Du kan förhindra detta genom att skapa en ny dynamisk volymbehållare på målenheten, montera den och sedan flytta filerna från den gamla behållaren till den nya.) - Lösenordscachen tömdes - Drivrutinens minnescache har tömts på lösenord (och/eller behandlat innehåll i nyckelfiler). - VeraCrypt kan inte ändra lösenordet på en främmande volym. - Vald enhetsbeteckning används redan. - Välj en monterad volym i listan med enhetsbeteckningar. - Två olika volymer är för närvarande valda (den ena i enhetsbeteckningslistan och den andra i inmatningsfältet under listan).\n\nVälj den volym du ville välja: - Fel: Kan inte skapa autorun.inf - Fel vid bearbetning av nyckelfil! - Fel vid bearbetning av nyckelfilssökväg! - Nyckelfilssökvägen innehåller inga filer.\n\nObservera att undermappar (och de filer de innehåller) som hittas i nyckelfilssökvägen ignoreras. - VeraCrypt stöder inte detta operativsystem. - Fel: VeraCrypt stöder endast slutgiltiga versioner av detta operativsystem (beta- eller lanseringskandidatsversioner stöds inte). - Fel: Det går inte att allokera minne. - Fel: Det gick inte att hämta värdet på prestandaräknaren. - Fel: Felaktigt volymformat. - Fel: Du angav ett lösenord för en dold volym och inte för en normal. - Av säkerhetsskäl kan en dold volym inte skapas inuti en VeraCrypt-volym innehållande ett filsystem som på plats-krypterats, eftersom volymens lediga utrymme inte har fyllts med slumpmässiga data. - VeraCrypt – Juridiska villkor - Alla filer - VeraCrypt-volymer - Biblioteksmoduler - NTFS-formateringen kan inte fortsätta. - Det går inte att montera volymen. - Det går inte att demontera volymen. - Windows misslyckades med att formatera volymen som NTFS.\n\nVälj om möjligt ett annat filsystem i stället och försök igen. Alternativt kan du lämna volymen oformaterad genom att välja ”Inget” som filsystem, avsluta denna guide, montera volymen och sedan använda antingen ett systemvertyg eller ett tredjepartsverktyg för att formatera den monterade volymen. (Volymen kommer att förbli krypterad.) - Windows misslyckades med att formatera volymen som NTFS.\n\nVill du formatera volymen som FAT i stället? - Standard - partition - PARTITION - Enhet - enhet - ENHET - Volym - volym - VOLYM - Eget namn - Den valda klusterstoleken är för liten för denna volymstorlek. En större klusterstorlek kommer att användas i stället. - Fel: Det går inte att avgöra storleken på volymen!\n\nKontrollera att den valda volymen inte används av operativsystemet eller en applikation. - Dolda volymer får inte skapas inuti en dynamisk volymbehållare (sparse-fil). För att ett förnekande av en dold volyms existens ska vara trovärdigt, måste den skapas inuti en icke-dynamisk volymbehållare. - Guiden Skapa VeraCrypt-volym kan endast skapa en dold volym inuti en FAT- eller NTFS-volym. - Under Windows 2000 kan guiden Skapa VeraCrypt-volym endast skapa en dold volym inuti en FAT-volym. - Observera: FAT är ett lämpligare filsystem för yttre volymer än NTFS. Exempelvis kommer sannolikt den dolda volymens maximala storlek att vara betydligt större om den yttre volymen formateras med filsystemet FAT. - Observera att FAT är ett lämpligare filsystem för yttre volymer än NTFS. Exempelvis kommer sannolikt den dolda volymens maximala storlek att vara betydligt större om den yttre volymen formateras med filsystemet FAT. Anledningen till detta är att interna data alltid lagras exakt i mitten av en volym med filsystemet NTFS, och därför kan en dold volym endast hysas i den yttre volymens andra halva.\n\nÄr du säker på att du vill formatera den yttre volymen med filsystemet NTFS? - Vill du formatera volymen med filsystemet FAT i stället? - Observera: Denna volym kan inte formateras med filsystemet FAT, eftersom den överstiger den maximala volymstorleken som stöds av filsystemet FAT32 för den tillämpbara sektorstorleken (2 TB för sektorer på 512 byte och 16 TB för på 4096 byte). - Fel: Partitionen för det dolda operativsystemet, d.v.s. den första partitionen efter systempartitionen, måste vara minst 5 % större än systempartitionen. (Systempartitionen är den partition där det aktuella operativsystemet är installerat.) - Fel: Partitionen för det dolda operativsystemet, d.v.s. den första partitionen efter systempartitionen, måste vara minst 110 % (2,1 gånger) större än systempartitionen. (Systempartitionen är den partition där det aktuella operativsystemet är installerat.) Anledningen till detta är att interna data alltid lagras exakt i mitten av en volym med filsystemet NTFS, och därför kan den dolda volymen – som ska innehålla en kloning av systempartitionen – endast hysas i den partitionens andra halva. - Fel: Om den yttre volymen är formaterad som NTFS, måste den vara minst 110 % (2,1 gånger) större än systempartitionen. Anledningen till detta är att interna data alltid lagras exakt i mitten av en volym med filsystemet NTFS, och därför kan den dolda volymen – som ska innehålla en kloning av system- partitionen – endast hysas i den partitionens andra halva.\n\nObservera: Den yttre volymen måste vara belägen på samma partition som det dolda operativsystemet, d.v.s. inuti den första partitionen efter systempartitionen). - Fel: Det finns ingen partition efter systempartitionen.\n\nObservera att du, innan du kan skapa ett dolt operativsystem, måste skapa en partition för det på systemenheten. Den måste vara den första partitionen efter systempartitionen och måste vara minst 5 % större än systempartitionen. (Systempartitionen är den partition där det aktuella operativsystemet är installerat.) Om den yttre volymen – som inte ska förväxlas med systempartitionen – är formaterad som NTFS, måste partitionen för det dolda operativsystemet vara minst 110 % (2,1 gånger) större än systempartitionen. Anledningen till detta är att interna data alltid lagras exakt i mitten av en volym med filsystemet NTFS, och därför kan den dolda volymen – som ska innehålla en kloning av system- partitionen – endast hysas i den partitionens andra halva. - Anmärkning: Det är inte praktiskt – och stöds därför inte heller – att installera operativsystem på två VeraCrypt-volymer belägna inuti samma partition, eftersom det vid användning av det yttre operativsystemet ofta krävs att data skrivs till området med det dolda operativsystemet. Om sådana skrivåtgärder hindras av skyddet av dolda volymer, kommer systemet att krascha (visa ”blåskärm”). - Läs dokumentationen som följde med ditt operativsystem eller kontakta din datorleverantörs tekniska support för information om hur man skapar och hanterar partitioner. - Fel: Det aktuella operativsystemet är inte installerat på startpartitionen (den första aktiva partitionen), vilket inte stöds av VeraCrypt. - Du antydde att du avser lagra filer större än 4 GB i denna VeraCrypt-volym. Dock valde du att använda ett FAT-filsystem, i vilket filer större än 4 GB inte kan lagras.\n\nÄr du säker på att du vill formatera volymen med ett FAT-filsystem? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Fel: Det går inte att komma åt volymen!\n\nKontrollera att den valda volymen existerar, att den inte är monterad eller används av operativsystemet eller en applikation, att du har skriv- och läsrättigheter på den och att den inte är skrivskyddad. - Error: Cannot obtain volume properties. - Fel: Det går inte att komma åt volymen och/eller inhämta information om den.\n\nKontrollera att den valda volymen existerar, att den inte är monterad eller används av operativsystemet eller en applikation, att du har skriv- och läsrättigheter på den och att den inte är skrivskyddad. - Fel: Det går inte att komma åt volymen och/eller inhämta information om den. Kontrollera att den valda volymen existerar, att den inte är monterad eller används av operativsystemet eller en applikation, att du har skriv- och läsrättigheter på den och att den inte är skrivskyddad.\n\nOm problemet kvarstår, kan det hjälpa att följa stegen nedan. - Ett fel hindrade VeraCrypt från att kryptera partitionen. Försök rätta till eventuella tidigare rapporterade problem och försök sedan igen. Om problemen kvarstår, kan det hjälpa att följa stegen nedan. - Ett fel hindrade VeraCrypt från att återuppta krypteringsprocessen för partitionen.\n\nFörsök rätta till eventuella tidigare rapporterade problem och försök sedan återuppta processen igen. Observera att volymen inte kan monteras förrän den har blivit fullständigt krypterad. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Fel: Det går inte att demontera den yttre volymen!\n\nVolymen kan inte demonteras om den innehåller filer eller mappar som används av operativsystemet eller ett program.\n\nStäng alla program som kan tänkas använda filer eller mappar på volymen och klicka på ”Försök igen”. - Fel: Det går inte att läsa in information om den yttre volymen!\nSkapandet av volymen kan inte fortsätta. - Fel: Det går inte att komma åt den yttre volymen! Skapandet av volymen kan inte fortsätta. - Fel: Det går inte att montera den yttre volymen! Skapandet av volymen kan inte fortsätta. - Fel: Det går inte att läsa klusterbitmappen! Skapandet av volymen kan inte fortsätta. - Alfabetiskt/grupperat - Medelvärde (fallande) - Algoritm - Kryptering - Dekryptering - Medelvärde - Enhetsbeteckning - Storlek - Krypteringsalgoritm - Krypteringsalgoritm - Typ - Värde - Egenskap - Placering - byte - Dold - Yttre - Normal - System - Dold (system) - Skrivskyddad - Systemenhet - Systemenhet (krypterar – %.2f %% klart) - Systemenhet (dekrypterar – %.2f %% klart) - Systemenhet (%.2f %% krypterat) - Systempartition - Dold systempartition - Systempartition (krypterar – %.2f %% klart) - Systempartition (dekrypterar – %.2f %% klart) - Systempartition (%.2f %% krypterat) - Ja (skada förhindrad!) - Inget - Storlek på primär nyckel - Storlek på sekundär nyckel (XTS-läge) - Storlek på justeringsnyckel (LRW-läge) - bitar - Blockstorlek - PKCS-5 PRF - PKCS-5, antal upprepningar - Volymen skapad - Volymhuvudet senast ändrat - (%I64d dagar sedan) - Version på volymformatet - Inbäddad säkerhetskopia av volymhuvudet - Version på VeraCrypts startinläsare - Första tillgängliga - Flyttbar disk - Hårddisk - Oförändrat - Autodetection - Installationsguide - Välj ett av nedanstående alternativ. Använd det förvalda alternativet om du är osäker. - Välj detta alternativ om du vill installera VeraCrypt i denna dator. - Observera: Du kan uppgradera VeraCrypt utan att dekryptera även om systempartitionen eller -enheten är krypterad eller om du använder ett dolt operativsystem. - Om du väljer detta alternativ kommer alla filer i installationspaketet att packas upp, men ingenting kommer att installeras i datorn. Välj inte detta alternativ om du tänker kryptera systempartitionen eller -enheten. Detta alternativ kan vara användbart om du t.ex. vill köra VeraCrypt i så kallat portabelt läge. VeraCrypt måste inte installeras i det operativsystem under vilket det ska köras; när alla filer har blivit uppackade kan du i stället köra filen ”VeraCrypt.exe” direkt från uppackningsmappen (vilket resulterar i att VeraCrypt körs i portabelt läge). - Installationsalternativ - Här kan du ange olika alternativ för att anpassa installationen. - Installerar - Vänta medan VeraCrypt installeras. - Installationen slutförd - Uppgraderingen slutförd - Överväg gärna att donera pengar. Du kan när som helst klicka på ”Slutför” för att stänga installationsprogrammet. - Uppackningsalternativ - Här kan du ange olika alternativ för att anpassa uppackningsförloppet. - Vänta medan filerna packas upp. - Uppackningen slutförd - Alla filer har packats upp till målmappen utan fel. - Om den angivna mappen inte finns, kommer den att skapas automatiskt. - VeraCrypts programfiler kommer att uppgraderas i den mapp där VeraCrypt är installerat. Om du vill välja en annan mapp måste du avinstallera VeraCrypt först. - Vill du läsa viktig information om den aktuella (senaste stabila) versionen av VeraCrypt? - Om du aldrig har använt VeraCrypt tidigare, rekommenderar vi att du läser kapitlet ”Beginner’s Tutorial” i VeraCrypts användarhandbok. Vill du läsa kapitlet nu? - Välj ett av nedanstående alternativ: - Reparera eller installera om - Uppgradera - Avinstallera - För att kunna installera eller avinstallera VeraCrypt måste du ha administratörsbehörighet. Vill du fortsätta? - VeraCrypts installationsprogram körs för närvarande och genomför eller förbereder en installation av VeraCrypt. Vänta på att installationsprogrammet slutförts eller stäng det innan du fortsätter. Starta om datorn, om programmet inte går att avsluta. - Installationen misslyckades. - Avinstallationen misslyckades. - Installationspaketet är skadat. Försök att ladda ned det igen (företrädelsevis från VeraCrypts officiella webbplats, https://veracrypt.codeplex.com). - Kan inte skapa filen %s - Packar upp - Det går inte att läsa från installationspaketet. - Det går inte att verifiera installationspaketets integritet. - Uppackningen misslyckades. - Installationen har återställts. - VeraCrypt har installerats utan fel. - VeraCrypt har uppdaterats utan fel. - VeraCrypt har uppgraderats utan fel, men innan du kan börja använda programmet måste datorn startas om.\n\nVill du starta om datorn nu? - Det gick inte att uppgradera VeraCrypt!\n\nVIKTIGT: Innan du stänger av eller startar om datorn, rekommenderar vi att du kör programmet Systemåterställning (under ”Tillbehör” och ”Systemverktyg” i Start-menyn) och återställer datorn till återställningspunkten ”VeraCrypt installation”. Om Systemåterställning inte är tillgängligt, bör du försöka installera den ursprungliga eller nya versionen av VeraCrypt igen innan du stänger av eller startar om datorn. - VeraCrypt har avinstallerats utan fel.\n\nKlicka på ”Slutför” för att ta bort VeraCrypts installationspaket och mappen %s. Observera att mappen inte kommer att tas bort om den innehåller filer som inte installerats av VeraCrypts installationspaket eller skapats av VeraCrypt. - Tar bort VeraCrypts registerposter - Lägger till registerposten - Tar bort applikationsspecifika data - Installerar - Stoppar - Tar bort - Lägger till ikonen - En systemåterställningspunkt skapas - Skapande av en systemåterställningspunkt misslyckades! - Uppdaterar startinläsaren - Installationen av ”%s” misslyckades. %s\nVill du fortsätta med installationen? - Avinstallationen av ”%s” misslyckades. %s\nVill du fortsätta med avinstallationen? - Installationen slutförd. - Mappen ”%s” kunde inte skapas - VeraCrypts drivrutin kan inte stängas.\n\nStäng först alla öppna VeraCrypt-fönster. Om detta inte hjälper, starta om Windows och försök sedan igen. - Alla VeraCrypt-volymer måste demonteras innan VeraCrypt kan installeras eller avinstalleras. - Det finns redan en gammal version av VeraCrypt installerad. Innan en ny version av VeraCrypt kan installeras, måste den gamla versionen avinstalleras.\n\nDen gamla versionen kommer att avinstalleras så snart detta meddelande stängts. Observera att ingen volym kommer att dekrypteras under avinstallationen. Kör installationspaketet för den nya versionen av VeraCrypt igen, efter att den gamla versionen avinstallerats. - Skapandet av registerposter misslyckades - Installationen av drivrutinen misslyckades. Starta om Windows och försök sedan installera VeraCrypt igen. - Startar VeraCrypts drivrutin - Avinstallationen av drivrutinen misslyckades. P.g.a. viss problematik i Windows kan det vara nödvändigt att logga ut eller starta om datorn innan drivrutinen kan avinstalleras (eller ominstalleras). - Installerar VeraCrypts drivrutin - Stoppar VeraCrypts drivrutin - Avinstallerar VeraCrypts drivrutin - Det gick inte att registrera stödbiblioteket för Kontroll av användarkonto (UAC). - Det gick inte att avregistrera stödbiblioteket för Kontroll av användarkonto (UAC). - Observera att operativsystemet kräver att drivrutiner har registrerats innan de kan köras. Därför är VeraCrypts drivrutin inte fullständigt portabel (och kan heller inte bli det). Däremot är själva VeraCrypt-applikationen fullständigt protabel, d.v.s. den måste varken installeras eller registreras i operativsystemet. Observera också att VeraCrypt är beroende av en drivrutin för transparent direktkryptering och -dekryptering. - Observera att om du bestämmer dig för att köra VeraCrypt i portabelt läge – i motsats till att köra en installerad kopia av VeraCrypt – kommer systemet att be dig om behörighet att köra VeraCrypt (Kontroll av användarkonto, UAC) varje gång du försöker starta programmet.\n\nAnledningen till detta är att VeraCrypt måste ladda och starta en drivrutin när programmet körs i portabelt läge. VeraCrypt är beroende av en drivrutin för transparent direktkryptering och -dekryptering, och användare utan administratörsbehörighet kan inte ladda drivrutiner i Windows. Därför kommer systemet att be dig om lov att köra VeraCrypt med administratörsbehörighet.\n\nObservera att systemet INTE kommer att be dig om lov varje gång du startar VeraCrypt, om du i stället gör en installation av VeraCrypt – i motsats till att köra VeraCrypt i portabelt läge.\n\nÄr du säker på att du vill packa upp filerna? - Varning: Denna instans av guiden Skapa VeraCrypt-volym har administrativa behörigheter. \n\nDen nya volymen kan komma att bli skapad med rättigheter som inte tillåter dig att skriva till volymen medan den är monterad. För att undvika detta, måste du stänga denna instans av guiden Skapa VeraCrypt-volym och starta en ny utan administrativa behörigheter.\n\nVill du stänga denna instans av guiden Skapa VeraCrypt-volym? - Fel: Kan inte visa licensen. - Yttre(!) - dagar - timmar - minuter - s - Öppna - Demontera - Visa VeraCrypt - Dölj VeraCrypt - Data lästa sedan montering - Data skrivna sedan montering - Krypterad andel - 100 % (fullständigt krypterad) - 0 % (ej krypterad) - %.3f %% - 100 % - Avvaktar - Förbereder - Ändrar storlek - Krypterar - Dekrypterar - Slutför - Pausat - Slutfört - Fel - Enheten frånkopplad - Systemvolymfavoriter sparade.\n\nAktivera alternativet ”Montera systemvolymfavoriter när Windows startas” i dialogrutan ”Systemvolymfavoriter” som du når via ”Inställningar” i rullgardinsmenyn för att aktivera montering av systemvolymfavoriter vid start av Windows. - Volymen du försöker lägga till som favorit är varken en partition eller en dynamisk volym. VeraCrypt kommer därför inte att kunna montera denna volymfavorit om enhetsnumret ändras. - Volymen du försöker lägga till som en favorit av en partitionstyp Windows inte känner till.\n\nVeraCrypt kommer därför inte att kunna montera denna volymfavorit om enhetsnumret ändras. Ändra partitionstypen till en som Windows känner till med hjälp av SETID-kommandot i Windows DiskPart-verktyg. Lägg sedan till partitionen som favorit igen. - VeraCrypts bakgrundsaktivitet är inaktiverad eller inställd att stängas av när det inte lägre finns några öppna volymer (eller så körs VeraCrypt i portabelt läge). Detta kan orsaka att dina volymfavoriter inte monteras automatiskt när enheter som hyser dem ansluts.\n\nObservera: Aktivera kryssrutan ”Aktiverad” i sektionen ”VeraCrypts bakgrundsaktivitet” under ”Inställningar” i rullgardinsmenyn för att aktivera VeraCrypts bakgrundsaktivitet. - En volymbehållare som lagras i ett fjärrfilsystem som delas över nätverket kan inte monteras automatiskt när dess värdenhet ansluts. - Enheten som visas nedan är varken en partition eller en dynamisk volym. Därför kan volymen som hyses av enheten inte monteras automatiskt när enheten ansluts. - Ändra typen för den partition som visas nedan till en typ som av Windows känner igen. (Använd SETID-kommandot i Windows-verktyget ”diskpart”.) Ta sedan bort partitionen från listan med favoriter och lägg till den igen. Detta gör det möjligt för den enhetsbaserade volymen att bli automatiskt monterad när enheten ansluts. - Enheten som visas nedan är varken en partition eller en dynamisk volym. Därför kan den inte ges något eget namn. - Ändra typen för den partition som visas nedan till en typ som av Windows känner igen. (Använd SETID-kommandot i Windows-verktyget ”diskpart”.) Ta sedan bort partitionen från listan med favoriter och lägg till den igen. Detta gör det möjligt för VeraCrypt att ge partitionen ett eget namn. - Beroende på en begränsning i Windows kan en volymbehållare som lagras i ett fjärrfilsystem som delas över nätverket inte monteras som en systemvolymfavorit. (Emellertid kan den monteras som en icke-systemvolymfavorit när en användare loggar in.) - Ange lösenordet för %s - Ange lösenordet för ”%s” - Ange lösenordet för den normala eller yttre volymen - Ange lösenordet för den dolda volymen - Ange lösenordet för volymhuvudet lagrat i säkerhetskopian - Nyckelfilen har skapats utan fel. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - VARNING: Volymhuvudet är skadat! VeraCrypt använde automatiskt den inbäddade säkerhetskopian av volymhuvudet.\n\nDu bör reparera volymhuvudet genom att välja ”Återställ volymhuvud” under ”Verktyg” i rullgardinsmenyn. - En säkerhetskopia av volymhuvudet har skapats utan fel.\n\nVIKTIGT: En återställning av volymhuvudet återställer även det aktuella lösenordet för volymen. Om nyckelfiler används för att montera volymen, kommer dessutom samma nyckelfiler att behövas för att montera volymen igen när volymhuvudet återställts.\n\nVARNING: Denna säkerhetskopia kan endast användas för att återställa detta specifika volymhuvud. Om du använder denna säkerhetskopia för att återställa ett annat volymhuvud kommer du visserligen att kunna montera volymen, men du kommer INTE att kunna dekryptera några data lagrade på den (eftersom du ändrar dess primära nyckel). - Volymhuvudet har återställts utan fel.\n\nVIKTIGT: Observera att även ett gammalt lösenord kan ha återställts. Om nyckelfiler användes för att montera volymen när säkerhetskopian skapades, kommer dessutom samma nyckelfiler att behövas för att montera volymen igen. - Av säkerhetsskäl måste du ange rätt lösenord och/eller nyckelfiler för volymen.\n\nObservera: Om volymen innehåller en dold volym, måste du först ange rätt lösenord och/eller nyckelfiler för den yttre volymen. Efter det måste du, om du väljer att säkerhetskopiera det dolda volymhuvudet, ange rätt lösenord och/eller nyckelfiler för den dolda volymen. - Är du säker på att du vill skapa en säkerhetskopia av volymhuvudet för %s?\n\nEfter att du klickat på Ja, kommer du att få ange ett filnamn för säkerhetskopian.\n\nObservera: Både det normala och det dolda volymhuvudet kommer att omkrypteras med nytt salt och lagras i säkerhetskopian. Om det inte finns någon dold volym inuti denna volym, kommer det område som reserverats i säkerhetskopian för det dolda volymhuvudet att fyllas med slumpmässiga data (för att bevara trovärdigheten i ett förnekande). Vid en återställning av volymhuvudet från säkerhetskopian måste du ange det lösenord och/eller de nyckelfiler som gällde när säkerhetskopian av volymhuvudet skapades. Lösenordet och/eller nyckelfilerna bestämmer automatiskt vilken typ av volymhuvud (normalt eller dolt) som kommer att återställas. (Observera att VeraCrypt avgör typen genom att prova sig fram.) - Är du säker på att du vill återställa volymhuvudet för %s?\n\nVARNING: En återställning av volymhuvudet återställer även lösenordet till det som gällde när säkerhetskopian skapades. Om nyckelfiler användes för att montera volymen, kommer dessutom samma nyckelfiler att behövas för att montera volymen igen när volymhuvudet återställts.\n\nEfter att du klickat på Ja, kommer du att få ange ett filnamn för säkerhetskopian. - Innehåller volymen en dold volym? - Volymen innehåller en dold volym - Volymen innehåller inte en dold volym - Välj den typ av säkerhetskopia du vill använda för återställning: - Återställ volymhuvudet från volymens inbäddade säkerhetskopia - Återställ volymhuvudet från en extern säkerhetskopia - Storleken på volymhuvudets säkerhetskopia är felaktig. - Det finns ingen inbäddad säkerhetskopia av volymhuvudet i denna volym. (Observera att endast volymer skapade av VeraCrypt 6.0 eller nyare innehåller inbäddade säkerhetskopior av volymhuvuden.) - Du försöker säkerhetskopiera systempartitionens eller -enhetens volymhuvud. Detta är inte tillåtet. Säkerhetskopierings- och återställningsåtgärder på systempartitionen eller -enheten kan endast utföras med hjälp av VeraCrypts återställningsskiva.\n\nVill du skapa en återställningsskiva? - Du försöker återställa ett virtuellt volymhuvud men du valde systempartitionen eller -enheten som mål. Detta är inte tillåtet. Säkerhetskopierings- och återställningsåtgärder på systempartitionen eller -enheten kan endast utföras med hjälp av VeraCrypts återställningsskiva.\n\nVill du skapa en återställningsskiva? - Efter att du klickat på OK kommer du att få välja ett filnamn för ISO-avbildningen av den nya återställningsskivan och den mapp du vill placera den i. - Avbildningen av återställningsskivan har skapats och lagrats i denna fil:\n%s\n\nNu måste du bränna avbildningen av återställningsskivan till en CD eller DVD.\n\nVIKTIGT: Observera att filen måste skrivas till CD:n eller DVD:n som en ISO-avbildning och inte som en individuell fil. Läs mer i din CD/DVD-brännarprogramvaras dokumentation för information om hur detta går till.\n\nVerifiera att återställningsskivan fungerar som den ska efter att du bränt den genom att välja ”Verifiera återställningsskiva” under ”System” i VeraCrypts rullgardinsmeny. - Återställningsskivans ISO-avbildning har skapats och sparats i följande fil:\n%s\n\nNu måste du bränna ISO-avbildningen till en CD eller DVD.\n\nVill du starta programmet Bränn skivavbildning i Windows nu?\n\nObservera: Välj ”Verifiera återställningsskiva” under ”System” i rullgardinsmenyn, efter att återställningsskivan är bränd, för att säkerställa att bränningen utförts utan fel. - Sätt in återställningsskivan i din CD- eller DVD-enhet och klicka på OK för att verifiera den. - Återställningsskivan har verifierats utan att några fel hittades. - Det går inte att säkerställa att bränningen av återställningsskivan utförts utan fel.\n\nOm du har bränt återställningsskivan, mata ut och sätt in CD:n eller DVD:n igen och försök en gång till. Använd sedan en annan bränningsprogramvara och/eller andra medier.\n\nVerifiering av en återställningsskiva skapad för en annan primär nyckel, annat lösenord eller annat salt kommer alltid att misslyckas. Välj ”Skapa återställningsskiva” under ”System” i rullgardinsmenyn för att skapa en ny återställningsskiva som är helt kompatibel med din aktuella konfiguration. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Fel vid skapandet av en återställningsskiva. - Det går inte att skapa en återställningsskiva medan ett dolt operativsystem körs.\n\nFör att skapa en återställningsskiva, starta skenoperativsystemet och välj sedan ”Skapa återställningsskiva” under ”System” i rullgardinsmenyn. - Det går inte att säkerställa att bränningen av återställningsskivan utförts utan fel.\n\nOm du har bränt återställningsskivan, mata ut och sätt in CD:n eller DVD:n igen och klicka på Nästa för att försöka en gång till. Använd andra medier om detta inte hjälper%s.\n\nBränn återställningsskivan, om du inte gjort det än, och klicka på Nästa.\n\nAtt verifiera en återställningsskiva som skapats innan du körde denna guide fungerar inte, eftersom den skapades för en annan primär nyckel. Du måste bränna den nyligen genererade återställningsskivan. - och/eller annan programvara för CD/DVD-bränning - VeraCrypt – Systemvolymfavoriter - Vad är systemvolymfavoriter? - Systempartitionen eller -volymen verkar inte vara krypterad.\n\nSystemvolymfavoriter kan endast monteras med hjälp av ett förstartslösenord. Systempartitionen eller -enheten måste därför krypteras innan systemvolymfavoriter kan användas. - Volymen måste demonteras innan det är möjligt att fortsätta. - Fel: Det går inte att ställa tiduret. - Felkontrollera filsystemet - Reparera filsystemet - Lägg till som volymfavorit … - Lägg till som systemvolymfavorit … - &Egenskaper … - Skydd av dold volym - Ej tillämpligt eller ej tillgängligt - Ja - Nej - Inaktiverat - Ett - Två eller fler - Arbetsläge - Eget namn: - Storlek: - Sökväg: - Enhetsbeteckning: - Fel: Lösenord får endast innehålla ASCII-tecken.\n\nIcke-ASCII-tecken i lösenord kan orsaka att volymen blir omöjlig att montera när din systemkonfiguration ändras.\n\nFöljande tecken är tillåtna:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Varning: Lösenordet innehåller icke-ASCII-tecken. Detta kan orsaka att volymen blir omöjlig att montera när din systemkonfiguration ändras.\n\nDu bör ersätta alla icke-ASCII-tecken i lösenordet med ASCII-tecken. För att göra det, välj ”Ändra volymlösenord” under ”Volymer” i rullgardinsmenyn.\n\nFöljande tecken är ASCII-tecken:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - VARNING: Du rekommenderas att undvika filnamnstillägg som används av körbara filer (som exempelvis .exe, .sys och .dll) och andra liknande problematiska filnamnstillägg. Användning av sådana filnamnstillägg kan medföra att Windows och antivirusprogramvaror stör volymbehållaren, vilket har en avsevärd påverkan på volymens prestanda och även kan orsaka andra allvarliga problem.\n\nDu rekommenderas att ta bort filnamnstillägget eller ändra det (till exempelvis ”.hc”).\n\nÄr du säker på att du vill använda det problematiska filnamnstillägget? - VARNING: Denna volymbehållare har ett filnamnstillägg som används av körbara filer (som exempelvis .exe, .sys och .dll) eller ett annat problematiskt filnamnstillägg. Det är mycket troligt att det kommer att medföra att Windows och antivirusprogramvaror stör volymbehållaren, vilket har en avsevärd påverkan på volymens prestanda och även kan orsaka andra allvarliga problem.\n\nDu rekommenderas att ta bort filnamnstillägget eller ändra det (till exempelvis ”.hc”) efter att du har demonterat volymen. - Webbplats - VARNING: Det verkar som att du inte har installerat något servicepaket för Windows. Du bör inte skriva till IDE-diskar större än 128 GB i ett Windows XP som inte har uppdaterats med servicepaket 1 eller nyare! Om du gör det, kan data bli skadade (vare sig det handlar om en VeraCrypt-volym eller ej). Observera att detta beror på en begränsning i Windows, inte ett fel på VeraCrypt. - VARNING: Det verkar som att du inte har installerat servicepaket 3 eller nyare för Windows. Du bör inte skriva till IDE-diskar större än 128 GB i ett Windows 2000 som inte har uppdaterats med servicepaket 3 eller nyare! Om du gör det, kan data bli skadade (vare sig det handlar om en VeraCrypt-volym eller ej). Observera att detta beror på en begränsning i Windows, inte ett fel på VeraCrypt.\n\nObservera: Du kan komma att behöva aktivera 48-bitars LBA-stöd i registret; läs mer om detta på sidan http://support.microsoft.com/kb/305098/EN-US - VARNING: 48-bitars LBA ATAPI-stöd är inaktiverat i din dator. Därför bör du inte skriva till IDE-diskar större än 128GB! Om du gör det, kan data bli skadade (vare sig det handlar om en VeraCrypt-volym eller ej). Observera att detta beror på en begränsning i Windows, inte ett fel på VeraCrypt.\n\nLägg till registervärdet ”EnableBigLba” under registernyckeln HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters och tilldela det värdet 1 för att aktivera 48-bitars LBA-stöd.\n\nLäs mer om detta på sidan http://support.microsoft.com/kb/305098/EN-US - Fel: Filsystemet FAT32 stöder inte filer större än 4 GB. Därför kan inte VeraCrypt-volymer hysta av en volymbehållare lagrad på ett FAT32-filsystem vara större än 4 GB.\n\nOm du har behov av en större volym, måste du skapa den i ett NTFS-filsystem eller – om du använder Windows Vista SP1 eller nyare – i ett exFAT-filsystem. Alternativt kan du – i stället för att använda en volym hyst av en volymbehållare – kryptera en hel partition eller enhet. - Varning: Windows XP stöder inte filer större än 2 048 GB. (Systemet rapportera att inte ”finns tillräckligt med diskutrymme”.) Därför kan du inte skapa en volymbehållare större än 2 048 GB i Windows XP.\n\nObservera att det fortfarande är möjligt att kryptera hela enheten eller att skapa en partitionsbaserad VeraCrypt-volym som är större än 2 048 GB i Windows XP. - VARNING: Om du vill kunna lägga till mer data eller filer till den yttre volymen vid ett senare tillfälle, bör du överväga att välja en mindre storlek på den dolda volymen.\n\nÄr du säker på att du vill använda den storlek du angav? - Ingen volym vald.\n\nKlicka på ”Välj enhet” eller ”Välj fil” för att välja en VeraCrypt-volym. - Ingen partition vald.\n\nKlicka på ”Välj enhet” för att välja en demonterad partition som normalt sett kräver förstartsautentisering, exempelvis en partition belägen på ett annat operativsystems krypterade systemenhet eller -partition.\n\nObservera: Den valda partitionen kommer att monteras som en normal VeraCrypt-volym utan förstartsautentisering. Detta är användbart vid t.ex. en säkerhetskopiering eller reparationsåtgärd. - VARNING: Om standardnyckelfiler anges och aktiveras, kommer volymer som inte använder dessa nyckelfiler att bli omöjliga att montera. Därför måste du, efter att du aktiverat standardnyckelfiler, alltid inaktivera alternativet ”Använd nyckelfiler” vid montering av sådana volymer.\n\nÄr du säker på att du vill använda valda nyckelfiler/sökvägar som standard? - Automontera enheter - Demontera allt - Töm lösenordscachen - Demontera allt och töm lösenordscachen - Tvingande demontering av allt och töm lösenordscachen - Tvingande demontering av allt, töm lösenordscachen och avsluta - Montera volymfavoriter - Visa/dölj VeraCrypts huvudfönster - (Klicka här och tryck ned en tangent) - Åtgärd - Kortkommando - Fel: Detta kortkommando är reserverat. Välj ett annat kortkommando. - Fel: Kortkommandot används redan. - VARNING: Ett eller flera av VeraCrypts systemglobala snabbtangenter fungerar inte!\n\nKontrollera att inte andra applikationer eller operativsystemet använder samma kortkommando(n) som VeraCrypt. - Skapandet av en växlingsfil har förhindrats.\n\nObservera att växlingsfiler, beroende på Windows, inte kan placeras på icke-systemvolymer (inklusive systemvolymfavoriter). VeraCrypt stöder endast att växlingsfiler skapas på en krypterad systempartition eller -enhet. - Ett fel eller en inkompatibilitet hindrar VeraCrypt från att kryptera vilolägesfilen. På grund av detta har en övergång till viloläge förhindrats.\n\nObservera: När en dator övergår till viloläge, skrivs innehållet i primärminnet till en vilolägesfil på systemenheten. VeraCrypt skulle inte ha kunnat förhindra att krypteringsnycklar och innehållet i känsliga filer öppnade i primärminnet sparades okrypterade till vilolägesfilen. - Övergång till viloläge har förhindrats.\n\nVeraCrypt stöder inte viloläge för dolda operativsystem som använder en extra startpartition. Observera att statpartitionen delas av skenoperativsystemet och det dolda operativsystemet. För att förhindra dataläckage och problem vid återgång från viloläge, har VeraCrypt hindrat det dolda operativsystemet från att skriva till den delade startpartitionen och från att övergå till viloläge. - VeraCrypt-volymen monterad som %c: har demonterats. - VeraCrypt-volymerna har demonterats. - VeraCrypt-volymerna har demonterats, och lösenordscachen har tömts. - Demontering genomförd utan fel - VARNING: Om VeraCrypts bakgrundsaktivitet inaktiveras kommer följande funktioner att stängas av:\n\n1) Snabbtangenter\n2) Automatisk demontering (t.ex. vid utloggning, oavsiktligt avlägsnande av värdenhet eller överskriden tidsgräns)\n3) Automatisk montering av volymfavoriter\n4) Meddelanden (t.ex. när en skada på en dold volym förhindrats)\n5) Ikonen i Meddelandefältet\n\nObservera: Du kan stänga av bakgrundsaktiviteten när som helst genom att högerklicka på VeraCrypts ikon i Meddelandefältet och välja ”Avsluta” i snabbmenyn.\n\nÄr du säker på att du vill inaktivera VeraCrypts bakgrundsaktivitet permanent? - VARNING: Om detta alternativ är inaktiverat kommer volymer som innehåller öppna filer eller mappar inte att vara möjliga att demontera automatiskt.\n\nÄr du säker på att du vill inaktivera detta alternativ? - VARNING: Volymer som innehåller öppna filer eller mappar kommer INTE att demonteras automatiskt.\n\nAktivera följande alternativ i denna dialogruta för att förhindra detta: ”Framtvinga automatisk demontering även om volymen innehåller öppna filer eller mappar” - VARNING: När en bärbar dators batterinivå är låg, inträffar det ibland att Windows undlåter att skicka meddelanden till aktiva program om att datorn övergår till viloläge. I sådana fall kan det hända att VeraCrypt misslyckas med att demontera volymer automatiskt. - Du har schemalagt en process för kryptering av en partition eller volym som ännu inte slutförts.\n\nVill du återuppta processen nu? - Du har schemalagt en krypterings- eller dekrypteringsprocess av systempartitionen eller -enheten. Denna process har inte slutförts än.\n\nVill du starta (återuppta) den processen nu? - Vill du bli tillfrågad om att återuppta schemalagda processer för kryptering av icke-systempartitioner och -volymer även i fortsättningen? - Ja, fortsätt fråga mig - Nej, fråga mig aldrig mer - VIKTIGT: Kom ihåg att du kan återuppta krypteringsprocessen för en icke-systempartition eller -volym genom att välja ”Återuppta avbruten process” under ”Volymer” i rullgardinsmenyn. - Du har schemalagt en kryptering eller dekryptering av systempartitionen eller -enheten, men förstartsautentiseringen misslyckades (eller kringgicks).\n\nObservera: Om du dekrypterade systempartitionen eller -enheten i förstartsmiljön, kan du eventuellt behöva slutföra processen genom att välja alternativet ”Permanent dekryptering av systempartition eller -enhet” under ”System” i VeraCrypts huvudfönster. - VARNING: Om VeraCrypt avslutas nu kommer följande funktioner att stängas av:\n\n1) Snabbtangenter\n2) Automatisk demontering (t.ex. vid utloggning, oavsiktligt avlägsnande av värdenhet eller överskriden tidsgräns)\n3) Automatisk montering av volymfavoriter\n4) Meddelanden (t.ex. när en skada på en dold volym förhindrats)\n\nObservera: Inaktivera VeraCrypts bakgrundsaktivitet i inställningarna om du inte vill att VeraCrypt ska köra i bakgrunden. (Eventuellt kan det vara nödvändigt att även inaktivera den automatiska starten av VeraCrypt i inställningarna.)\n\nÄr du säker på att du vill avsluta VeraCrypt? - Vill du avsluta? - VeraCrypt har inte tillräckligt med information för att avgöra om en kryptering eller dekryptering ska genomföras. - VeraCrypt har inte tillräckligt med information för att avgöra om en kryptering eller dekryptering ska genomföras.\n\nObservera: Om du dekrypterade systempartitionen eller -enheten i förstartsmiljön, kan du eventuellt behöva slutföra processen genom att klicka på Dekryptera. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Vill du avbryta och skjuta upp krypteringen av partitionen eller enheten?\n\nObservera: Kom ihåg att volymen inte kan monteras förrän krypteringen slutförts. Du kommer att kunna återuppta krypteringsprocessen, som då kommer att fortsätta från den punkt där den avbröts. Detta gör du exempelvis genom att välja alternativet ”Återuppta avbruten process” under ”Volymer” i VeraCrypts rullgardinsmeny. - Vill du avbryta och skjuta upp krypteringen av systempartitionen eller -enheten?\n\nObservera: Du kommer att kunna återuppta krypteringsprocessen, som då kommer att fortsätta från den punkt där den avbröts. Detta gör du exempelvis genom att välja alternativet ”Återuppta avbruten process” under ”System” i VeraCrypts rullgardinsmeny. Välj ”Permanent dekryptering av systempartition eller -enhet” under ”System” i rullgardinsmenyn om du vill avbryta eller ångra krypteringsprocessen. - Vill du avbryta och skjuta upp dekrypteringen av systempartitionen eller -enheten?\n\nObservera: Du kommer att kunna återuppta dekrypteringsprocessen, som då kommer att fortsätta från den punkt där den avbröts. Detta gör du exempelvis genom att välja alternativet ”Återuppta avbruten process” under ”System” i VeraCrypts rullgardinsmeny. Välj ”Kryptera systempartition eller -enhet” under ”System” i rullgardinsmenyn om du vill ångra dekrypteringsprocessen och börja kryptera igen. - Fel: Det gick inte att avbryta krypterings- eller dekrypteringsprocessen av systempartitionen eller -enheten. - Fel: Det gick inte att avbryta överskrivningsprocessen. - Fel: Återupptagningen av den avbrutna krypterings- eller dekrypteringsprocessen av systempartitionen eller -enheten misslyckades. - Fel: Det gick inte att starta överskrivningsprocessen. - En inkonsekvens har lösts.\n\n\n(Om du i samband med detta rapporterar ett fel, se till att felrapporten innehåller följande tekniska information:\n%hs) - Fel: Oväntat tillstånd.\n\n\n(Om du i samband med detta skickar en felrapport, inkludera då följande tekniska information i rapporten:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - VARNING: VeraCrypts bakgrundsaktivitet är inaktiverad. Efter att du avslutat VeraCrypt kommer du inte att bli meddelad om en skada av en dold volym förhindrats.\n\nObservera: Du kan stänga av bakgrundsaktiviteten när som helst genom att högerklicka på VeraCrypts meddelandefältsikon och välja ”Avsluta”.\n\nVill du aktivera VeraCrypts bakgrundsaktivitet? - Språkpaketsversion: %s - Kontrollerar filsystemet på VeraCrypt-volymen monterad som %s … - Försöker reparera filsystemet på VeraCrypt-volymen monterad som %s … - Varning: Denna volym är krypterad med en föråldrad krypteringsalgoritm.\n\nKrypteringsalgoritmer med 64-bitars block (som t.ex. Blowfish, CAST-128 och Triple DES) stöds inte längre. Det kommer visserligen att vara möjligt att montera denna volym även med framtida versioner av VeraCrypt, men någon utveckling kring dessa föråldrade krypteringsalgoritmer kommer inte att ske. Du rekommenderas att skapa en ny VeraCrypt-volym med en krypteringsalgoritm som använder sig av 128-bitars block (som t.ex. AES, Serpent, Twofish etc.) och att flytta alla filer från den gamla volymen till den nya. - Ditt system är inte konfigurerat för automatisk montering av volymer, och det kan vara omöjligt att montera enhetsbaserade VeraCrypt-volymer. Automatisk montering kan aktiveras genom att köra nedanstående kommando följt av en omstart av datorn.\n\nmountvol.exe /E - Tilldela en enhetsbeteckning till partitionen eller enheten innan du fortsätter. (Högerklicka på ”Dator” i Start-menyn och välj ”Hantera”. Gå sedan till ”Diskhantering” i konsolträdet.)\n\nObservera att detta är ett krav från operativsystemets sida. - Montera VeraCrypt-volym - Demontera alla VeraCrypt-volymer - VeraCrypt lyckades inte erhålla administratörsbehörighet. - Åtkomst nekades av operativsystemet.\n\nTrolig orsak: Operativsystemet kräver att du har läs- och skrivrättigheter (eller administratörsbehörigheter) för vissa mappar, filer och enheter för att du ska tillåtas läsa och skriva data från och till dem. Normalt tillåts en användare utan administratörsbehörigheter att skapa, läsa och ändra filer i hans eller hennes användarprofil. - Fel: Enheten använder en sektorstorlek som inte stöds.\n\nDet är för närvarande inte möjligt att skapa partitions- eller enhetsbaserade volymer på enheter som använder sektorer större än 4 096 byte. Däremot kan du skapa filbaserade volymer (volymbehållare) på sådana enheter. - Det är för närvarande inte möjligt att kryptera ett operativsystem som är installerat på en disk som använder en annan sektorstorlek än 512 byte. - VeraCrypts startinläsare kräver minst 32 kB ledigt utrymme i början av systemenheten, men tyvärr uppfyller inte din enhet detta villkor.\n\nRapportera INTE detta som ett fel eller problem i VeraCrypt. För att lösa detta problem behöver du ompartitionera din disk och lämna de första 32 kB på disken tomma. (I de flesta fall måste du ta bort och skapa om den första partitionen.) Vi rekommenderar att du använder dig av Microsofts partitionshanterare som finns tillgänglig på t.ex. Windows installationsskiva. - Denna funktion stöds inte av den version på operativsystemet du för närvarande använder. - VeraCrypt stöder inte kryptering av systempartitionen eller -enheten i den version av operativsystemet du för närvarande använder. - Innan du kan kryptera systempartitionen eller -enheten i Windows Vista måste du installera servicepaket 1 eller nyare för Windows Vista. (Något sådant servicepaket har ännu inte blivit installerat.)\n\nObservera: Servicepaket 1 för Windows Vista rättade till ett fel som orsakade minnesbrist under systemstarten. - VeraCrypt stöder inte längre kryptering av systempartitionen eller -enheten i Windows Vista utan något servicepaket installerat. Installera servicepaket 1 eller nyare för Windows Vista innan du uppgraderar VeraCrypt. - Fel: Denna funktion kräver att VeraCrypt installeras. (Du kör VeraCrypt i portabelt läge.)\n\nInstallera VeraCrypt och försök igen. - VARNING: Windows verkar inte vara installerat på samma enhet som det startar från, vilket inte stöds.\n\nDu bör endast fortsätta om du är säker på att Windows är installerat på samma enhet som det startar från.\n\nVill du fortsätta? - Din systemenhet har en GUID-partitionstabell (GPT). För närvarande stöds endast enheter med en MBR-partitionstabell. - VARNING: VeraCrypts startinläsare är redan installerad på din systemenhet!\n\nDet är möjligt att ett annat operativsystem i din dator redan är krypterat.\n\nVARNING: OM DU FORTSÄTTER MED KRYPTERINGEN AV DET AKTUELLA OPERATIVSYSTEMET KAN DET ORSAKA ATT ANDRA SYSTEM BLIR OMÖJLIGA ATT STARTA OCH ATT RELATERADE DATA INTE GÅR ATT KOMMA ÅT.\n\nÄr du säker på att du vill fortsätta? - Det gick inte att återställa den ursprungliga systeminläsaren.\n\nAnvänd din återställningsskiva (välj ”Restore original system loader” under ”Repair Options”) eller Windows installationsskiva för att ersätta VeraCrypt startinläsare med Windows startinläsare. - Den ursprungliga startinläsaren kommer inte att lagras på återställningsskivan. En trolig orsak är att en säkerhetskopia saknas. - Det gick inte att skriva till MBR-sektorn.\n\nDatorns BIOS kan vara konfigurerat att skydda MBR-sektorn. Sök igenom dina BIOS-inställningar (tryck på F2, F10, Delete eller Esc efter att du startat din dator) efter MBR- eller antivirusskydd. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - Den version av VeraCrypt som krävs är för närvarande inte installerad. Detta kan förhindra att vissa inställningar sparas. - Observera: I vissa situationer kan du vilja förhindra att någon som ser dig starta datorn får reda på att du använder VeraCrypt. Ovanstående alternativ gör detta möjligt genom en anpassning av startinläsarens skärm. Om du aktiverar det första alternativet kommer ingen text att visas av startinläsaren (inte ens om du anger fel lösenord). Datorn ger intrycket av att ha hängt sig medan du anger ditt lösenord. Dessutom kan obehöriga vilseledas av ett anpassat meddelande, exempelvis ett falskt felmeddelande som ”Operativsystem saknas” (vilket normalt visas av Windows startinläsare om ingen startpartition hittas). Det är emellertid viktigt att observera att någon fortfarande kan lista ut att hårddisken innehåller VeraCrypts startinläsare, om han eller hon får möjlighet att analysera hårddiskens innehåll. - VARNING: Kom ihåg att ingen text kommer att visas av VeraCrypts startinläsare (inte ens om du anger fel lösenord). Datorn ger intrycket av att ha hängt sig medan du anger ditt lösenord. (Markören kommer inte att flytta på sig, och ingen asterisk kommer att visas när du trycker på en tangent.)\n\nÄr du säker på att du vill aktivera detta alternativ? - Din systempartition eller -enhet verkar vara fullständigt krypterad. - VeraCrypt kan inte kryptera en systemenhet som konverterats till en dynamisk disk. - Systemenheten innehåller utökade (logiska) partitioner.\n\nDu kan endast kryptera hela systemenheten när den innehåller utökade (logiska) partitioner i Windows Vista och nyare versioner av Windows. I Windows XP kan du endast kryptera hela systemenheten om den inte innehåller något annat än primära partitioner.\n\nObservera: Du kan fortfarande kryptera systempartitionen i stället för hela systemenheten, och du kan dessutom skapa partitionsbaserade VeraCrypt-volymer inuti vilka icke-systempartitioner som helst på enheten. - VARNING: Eftersom du använder Windows XP eller 2003 får du INTE skapa några utökade (logiska) partitioner på enheten efter att du börjat kryptera den. (Du får endast skapa primära partitioner.) Alla utökade (logiska) partitioner blir oåtkomliga efter att du påbörjat krypteringen. (Enheten innehåller för närvarande inte några sådana partitioner.).\n\nObservera: Om denna begränsning inte är acceptabel, kan du backa och välja att endast kryptera systempartitionen i stället för hela systemenheten. Du kan dessutom skapa partitionsbaserade VeraCrypt-volymer inuti vilka icke-systempartitioner som helst på enheten.\n\nAlternativt, om denna begränsning inte är acceptabel, kan du överväga att uppgradera till Windows Vista eller en nyare version av Windows. (Du kan endast kryptera en hel systemenhet som innehåller utökade/logiska partitioner i Windows Vista eller nyare). - Din systemenhet innehåller en icke-standard-partition.\n\nOm du använder en bärbar dator, innehåller din systemenhet förmodligen en särskild återställningspartition. Efter att hela systemenheten – inklusive en eventuell återställningspartition – har krypterats, kan din dator få problem att starta om den använder sig av ett oändamålsenligt programmerat BIOS. Det är dessutom omöjligt att använda sig av en återställningspartition innan systemenheten är dekrypterad. Av denna anledning bör du endast kryptera systempartitionen. - Vill du kryptera systempartitionen i stället för hela enheten?\n\nObservera att du kan skapa partitionsbaserade VeraCrypt-volymer inuti vilken av enhetens icke-systempartitioner som helst (förutom att kryptera systempartitionen). - Eftersom din systemenhet endast innehåller en enda partition som upptar hela enheten, är kryptering av hela enheten inklusive det ”glapp” som normalt omger en sådan partition att föredra (säkrare).\n\nVill du kryptera hela systemenheten? - Ditt system är konfigurerat så att tillfälliga filer lagras på en icke-systempartition.\n\nTillfälliga filer får endast lagras på systempartitionen. - Din användarprofil lagras inte på systempartitionen.\n\nAnvändarprofiler får endast lagras på systempartitionen. - Det finns en eller flera växlingsfiler på icke-systempartitioner.\n\nVäxlingsfiler får endast placeras på systempartitionen. - Vill du konfigurera Windows att endast använda växlingsfiler på Windows-partitionen?\n\nObservera att datorn kommer att startas om, om du klickar på ”Ja”. Starta sedan VeraCrypt och försök skapa det dolda operativsystemet igen. - I annat fall kan trovärdigheten i ett förnekande påverkas negativt.\n\nObservera: Om någon analyserar innehållet i sådana filer (belägna på en icke-systempartition), skulle han eller hon kunna lista ut att du körde VeraCrypts guide för att skapa ett dolt operativsystem (vilket i sin tur kan indikera att ett dolt operativsystem existerar i datorn). Observera också att alla sådana filer lagrade på systempartitionen kommer att skrivas över av VeraCrypt vid skapandet av det dolda operativsystemet. - VARNING: Under skapandet av det dolda operativsystemet, kommer du att vara tvungen att ominstallera det aktuella operativsystemet (för att på ett säkert sätt skapa ett skenoperativsystem).\n\nObservera: Det aktuella operativsystemet och systempartitionens innehåll kommer att kopieras till den dolda volymen (för att skapa det dolda operativsystemet).\n\n\nÄr du säker på att du kommer att kunna installera Windows från en installationsskiva (eller från en servicepartition)? - Om det aktuella operativsystemet kräver aktivering, måste det av säkerhetsskäl aktiveras innan du fortsätter. Observera att det dolda operativsystemet kommer att skapas genom att systempartitionens innehåll kopieras till en dold volym (så om detta operativsystem inte är aktiverat, kommer det dolda operativsystem inte heller att vara det). För mer information, läs avsnittet ”Security Requirements and Precautions Pertaining to Hidden Volumes” i VeraCrypts användarhandbok.\n\nViktigt: Se till att du har läst avsnittet ”Security Requirements and Precautions Pertaining to Hidden Volumes” i VeraCrypts användarhandbok.\n\n\nUppfyller det aktuella operativsystemet ovanstående krav? - Ditt operativsystem använder en extra startpartition. VeraCrypt stöder inte viloläge för dolda operativsystem som använder en extra startpartition. (Skenoperativsystem kan dock övergå till viloläge utan några problem.)\n\nObservera att statpartitionen delas av skenoperativsystemet och det dolda operativsystemet. För att förhindra dataläckage och problem vid återgång från viloläge, har VeraCrypt hindrat det dolda operativsystemet från att skriva till den delade startpartitionen och från att övergå till viloläge.\n\n\nVill du fortsätta? Om du väljer ”Nej”, kommer instruktioner för hur du tar bort den extra startpartitionen att visas. - \nDen extra startpartitionen kan tas bort innan Windows installeras. Följ nedanstående steg för att göra det:\n\n1) Starta Windows installationsskiva.\n\n2) I Windows installationsprogram väljer du alternativen ”Installera nu” följt av ”Anpassad (avancerat)”.\n\n3) Klicka på ”Enhetsalternativ (avancerat)”.\n\n4) Markera systempartitionen och ta bort den genom att klicka på ”Ta bort” och bekräfta med ”OK”.\n\n5) Välj partitionen markerad ”Reserverad av systemet”, klicka på ”Utöka” och öka dess storlek så att operativsystemet kan installeras på den.\n\n6) Klicka på ”Verkställ” och ”OK”.\n\n7) Installera Windows på partitionen markerad ”Reserverad av systemet”.\n\n\nOm någon frågar dig varför du tagit bort den extra startpartitionen, kan du svara att du ville förhindra dataläckage till den okrypterade startpartitionen.\n\nObservera: Du kan skriva ut denna text genom att klicka på knappen ”Skriv ut” nedan. Om du sparar en kopia av denna text eller skriver ut den (vilket rekommenderas, såvida inte skrivaren lagrar kopior av dokument den skriver ut på en intern enhet), bör du förstöra alla kopior av den efter att du tagit bort den extra startpartitionen. (Annars riskerar en sådan kopia avslöja existensen av ett dolt operativsystem i datorn.) - Varning: Det finns oallokerat utrymme mellan systempartitionen och den första partitionen efter den. Efter att du skapat det dolda operativsystemet, får du inte skapa några nya partitioner i det oallokerade utrymmet. I så fall kommer det dolda operativsystemet att vara omöjligt att starta (tills du tar bort de nyskapade partitionerna). - Denna algoritm stöds för närvarande inte vid systemkryptering. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Nyckelfiler stöds för närvarande inte vid systemkryptering. - Varning: VeraCrypt kunde inte återställa den ursprungliga tangentbordslayouten. Detta kan orsaka att du anger ett felaktigt lösenord. - Fel: Det går inte att ange amerikansk tangentbordslayout som tangentbordslayout för VeraCrypt.\n\nObservera att lösenordet måste anges i förstartsmiljön (innan Windows startas), där inga andra tangentbordslayouter än den amerikanska finns tillgängliga. Därför måste amerikansk tangentbordslayout alltid användas när du anger lösenordet. - Då VeraCrypt tillfälligt har ändrat tangentbordslayouten till den amerikanska, är det inte möjligt att skriva tecken genom att trycka på tangenter i kombination med den högra Alt-tangenten. Du kan emellertid skriva de flesta sådana tecken genom att trycka på lämpliga tangenter i kombination med Skift-tangenten. - VeraCrypt förhindrade att tangentbordslayouten ändrades. - Observera: Lösenordet måste anges i förstartsmiljön (innan Windows startas), där inga andra tangentbordslayouter än den amerikanska finns tillgängliga. Därför måste amerikansk tangentbordslayout alltid användas när du anger lösenordet. Det är emellertid viktigt att notera att du INTE behöver använda ett riktigt amerikanskt tangentbord. VeraCrypt säkerställer automatiskt att du på ett säkert sätt kan ange lösenordet (nu och i förstartsmiljön), även om du INTE har tillgång till ett riktigt amerikanskt tangentbord. - Innan du kan kryptera partitionen eller enheten måste du skapa en återställningsskiva, som kan användas i följande situationer:\n\n· Om VeraCrypts startinläsare, primära nyckel eller andra kritiska data skadas, kan återställningsskivan användas för att rekonstruera dessa. (Rätt lösenord måste fortfarande anges.)\n\n· Om Windows skadats och inte går att starta, kan återställnings- skivan användas för att utföra en permanent dekryptering av partitionen eller enheten innan Windows startas.\n\n· Återställningsskivan innehåller en säkerhetskopia av den första diskens startspår (vilket normalt innehåller en systemstartinläsare eller starthanterare) och kan användas för att återställa det.\n\nAnge nedan var återställningsskivans ISO-avbildning ska skapas. - Efter att du klickat på OK kommer programmet Bränn skivavbildning i Windows att startas. Använd det för att bränna återställningsskivans ISO-avbildning till en CD eller DVD.\n\nÅtergå därefter till guiden Skapa VeraCrypt-volym och följ instruktionerna för att fortsätta. - Återställningsskivans ISO-avbildning har skapats och sparats som följande fil:\n%s\n\nNu måste du bränna ISO-avbildningen till en CD eller DVD.\n\n%lsKlicka på Nästa, efter att återställningsskivan är bränd, för att säkerställa att bränningen utförts utan fel. - Återställningsskivan har skapats och lagrats i denna fil:\n%s\n\nNu bör du antingen bränna avbildningen av återställningsskivan till en CD eller DVD eller flytta den till en säker plats och bränna den vid ett senare tillfälle.\n\n%lsKlicka på Nästa för att fortsätta. - VIKTIGT: Observera att filen måste brännas till en CD eller DVD som en ISO-avbildning (och inte som en enskild fil). Läs i CD/DVD-bränningsprogramvarans dokumentation för information hur det går till. Klicka på länken nedan för att ladda ned programvara för CD/DVD-bränning, om du inte har någon CD/DVD-bränningsprogramvara som kan bränna ISO-avbildningar till en CD eller DVD.\n\n - Kör programmet Bränn skivavbildning i Windows - VARNING: En återställningsskiva som skapats vid ett tidigare tillfälle kan inte användas för denna systempartition eller -enhet, eftersom den skapades för en annan primär nyckel! Varje gång du krypterar en systempartition eller -enhet måste du även skapa en ny återställningsskiva för den, även om du använder samma lösenord. - Fel: Det går inte att spara systemkrypteringsinställningarna. - Det går inte att initiera det förberedande testet inför systemkrypteringen. - Det går inte att initiera processen för att skapa det dolda operativsystemet. - Överskrivningsmetod - På vissa typer av lagringsmedier kan det, trots att data skrivits över av andra data, vara möjligt att återskapa överskrivna data med hjälp av tekniker som t.ex. magnetkraftsmikroskopi (MFM). Detta gäller även data som skrivits över av sina krypterade motsvarigheter (vilket sker när VeraCrypt krypterar en okrypterad partition eller enhet). Enligt vissa undersökningar kan ett återskapande av över- skrivna data hindras (eller avsevärt försvåras) genom att skriva över data med pseudoslumpmässiga och vissa icke slumpmässiga data ett visst antal gånger. Därför kan du, om du tror att någon obehörig har tillgång till sådana tekniker för att återskapa de data du tänker kryptera, välja en av överskrivningsmetoderna ovan. (Existerande data kommer INTE att gå förlorade.) Observera att någon över- skrivning INTE kommer att utföras efter det att partitionen eller enheten krypterats. När partitionen eller enheten är färdigkrypterad, kommer inga okrypterade data att skrivas till den. Data krypteras direkt i minnet innan de skrivs (krypterade) till disken. - På vissa typer av lagringsmedier kan det, trots att data skrivits över av andra data, vara möjligt att återskapa överskrivna data med hjälp av tekniker som t.ex. magnetkraftsmikroskopi (MFM). Enligt vissa undersökningar kan ett återskapande av överskrivna data hindras (eller avsevärt försvåras) genom att skriva över data med pseudoslumpmässiga och vissa icke slumpmässiga data ett visst antal gånger. Därför kan du, om du tror att någon obehörig har tillgång till sådana tekniker för att återskapa de data du tänker kryptera, välja en av flerstegsmetoderna för överskrivning ovan.\n\nObservera: Ju fler steg du använder, desto längre tid tar det att skriva över dina data. - Överskrivning - \nObservera: Du kan avbryta överskrivningsprocessen, stänga av din dator, starta det dolda operativsystemet igen och sedan återuppta processen. (Denna guide kommer att startas automatiskt.) Hela överskrivningsprocessen kommer, om du avbryter den, emellertid att behöva börja om från början. - \n\nObservera: Om du avbryter överskrivningsprocessen och sedan försöker återuppta den, kommer hela processen att behöva börja om från början. - Vill du avbryta överskrivningsprocessen? - Varning: Hela innehållet på den valda partitionen eller enheten kommer att skrivas över och gå förlorat. - Hela innehållet på partitionen med det ursprungliga operativsystemet kommer att skrivas över.\n\nObservera: Hela innehållet på partitionen som kommer att skrivas över har kopierats till denna dolda systempartition. - VARNING: Observera att en överskrivningsmetod i t.ex. tre steg kan medföra att en kryptering av en enhet eller partition tar upp till fyra gånger så lång tid att genomföra. På samma sätt kan en överskrivningsmetod med 35 steg ta upp till 36 gånger så lång tid att genomföra (vilket i praktiken kan innebära flera veckor).\n\nObservera att någon överskrivning INTE kommer att utföras efter det att partitionen eller enheten krypterats. När partitionen eller enheten är färdigkrypterad, kommer inga okrypterade data att skrivas till den. Data krypteras direkt i minnet innan de skrivs (krypterade) till disken (och påverkar INTE prestandan).\n\nÄr du säker på att du vill använda överskrivning? - Ingen (snabbast) - Ett steg (slumpmässiga data) - Tre steg (US DoD 5220.22-M) - Sju steg (US DoD 5220.22-M) - 35 steg (”Gutmann”) - 256 steg - Antal operativsystem - VARNING: Oerfarna användare bör aldrig försöka kryptera Windows i flervalsstartkonfigurationer.\n\nVill du fortsätta? - Endast när följande villkor är uppfyllda stöder VeraCrypt flervalsstartkonfigurationer vid skapandet eller användandet av ett dolt operativsystem:\n\n- Det aktuella operativsystemet måste vara installerat på startenheten, som inte får innehålla några andra operativsystem.\n\n- Operativsystem installerade på övriga enheter får inte använda sig av någon startinläsare belägen på enheten där det aktuella operativsystemet är installerat.\n\nÄr ovanstående villkor uppfyllda? - VeraCrypt stöder inte denna flervalsstartkonfiguration vid skapandet eller användandet av ett dolt operativsystem. - Startenhet - Är det aktuella operativsystemet installerat på startenheten?\n\nObservera: Ibland är inte Windows installerat på samma enhet som Windows startinläsare (startpartitionen). Välj ”Nej” om så är fallet. - VeraCrypt stöder för närvarande inte kryptering av ett operativsystem som inte startar från den enhet det är installerat på. - Antal systemenheter - Hur många enheter innehåller ett operativsystem?\n\nObservera: Välj ”Två eller fler” om du exempelvis har ett operativsystem (som t.ex. Windows, Mac OS X eller Linux) installerat på din primära enhet och ytterligare ett operativsystem installerat på din sekundära enhet. - VeraCrypt stöder för närvarande inte kryptering av en hel enhet som innehåller flera operativsystem.\n\nMöjliga lösningar:\n\n· Du kan fortfarande kryptera ett av systemen om du går tillbaka och väljer att endast kryptera en systempartition (i motsats till att kryptera hela systemenheten).\n\n· Alternativt kan du kryptera hela enheten om du först flyttar alla system utom ett till andra enheter. - Flera operativsystem på en enskild enhet - Finns det några andra operativsystem installerade samma enhet som det aktuella operativsystemet?\n\nObservera: Klicka på ”Ja” om det aktuella operativsystemet t.ex. är installerat på enhet 0, som innehåller flera partitioner, och om en av partitionerna innehåller Windows och en annan partition ett ytterligare operativsystem (t.ex. Windows, Mac OS X, Linux etc.). - Annan startinläsare än Windows - Är en annan startinläsare (eller -hanterare) än Windows installerad i enhetens Master Boot Record (MBR)?\n\nObservera: Klicka på ”Ja” om exempelvis det första spåret på startenheten innehåller GRUB, LILO, XOSL eller någon annan starthanterare (eller -laddare) än Windows. - Flervalsstart - VeraCrypt stöder för närvarande inte flervalsstartkonfigurationer där en annan startinläsare än Windows är installerad i enhetens Master Boot Record.\n\nMöjliga lösningar:\n\n· Om du använder en starthanterare för att starta Windows och Linux (normalt sett GRUB), flytta den från enhetens Master Boot Record till en partition. Kör sedan denna guide igen och kryptera systempartitionen eller -enheten. Observera att VeraCrypts startinläsare kommer att bli din primära starthanterare. Din ursprungliga starthanterare (t.ex. GRUB) kommer i stället att bli din sekundära starthanterare. Den startas genom att du trycker på Esc i VeraCrypts startinläsare, varefter det blir möjligt för dig att starta Linux. - Om det aktuella operativsystemet är installerat på startpartitionen måste du, efter att du krypterat det, ange rätt lösenord även om du vill starta ett annat okrypterat Windows-system (eftersom de kommer att dela en gemensam krypterad startinläsare eller -hanterare).\n\nOm det aktuella operativsystemet inte är installerat på startpartitionen – eller om Windows startinläsare eller -hanterare inte används av något annat operativsystem – behöver du inte ange rätt lösenord för att starta övriga okrypterade operativsystem; det är tillräckligt att trycka på Esc för att starta ett okrypterat operativsystem. (Om det finns flera okrypterade operativsystem installerade, kommer du även att vara tvungen att välja vilket operativsystem som ska startas i VeraCrypts starthanterares meny.)\n\nObservera: Normalt sett är den Windows-installation som gjordes först installerad på startpartitionen. - Kryptering av Host Protected Area - I slutet av många enheter finns ett område som normalt sett är dolt för operativsystemet (ofta kallat Host Protected Area). Vissa program kan dock läsa och skriva data till och från sådana områden.\n\nVARNING: Vissa datorleverantörer kan använda sådana områden för att lagra verktyg och data för RAID, systemåterställning, systeminställningar, diagnostik eller liknande. Om sådana verktyg eller data måste vara tillgängliga före uppstart, ska det dolda området INTE krypteras (välj ”Nej” ovan).\n\nVill du att VeraCrypt ska identifiera och i så fall kryptera ett sådant område i slutet av systemenheten? - Typ av systemkryptering - Välj detta alternativ om du bara vill kryptera systempartitionen eller hela systemenheten. - Det kan hända att någon försöker tvinga dig att dekryptera ditt operativsystem. Det finns många situationer där det kan vara svårt att vägra avslöja lösenordet (exempelvis vid utpressning). Om du väljer detta alternativ kommer ett dolt operativsystem, vars existens är omöjlig att bevisa, skapas (förutsatt att vissa riktlinjer följs). På så sätt kommer du inte att behöva dekryp- tera eller avslöja lösenordet till det dolda operativsystemet. Klicka på länken nedan för ytterligare information. - Det kan hända att någon försöker tvinga dig att dekryptera ditt operativsystem. Det finns många situationer där det kan vara svårt att vägra göra det (exempelvis vid utpressning).\n\nMed hjälp av denna guide kan du skapa ett dolt operativsystem, vars existens är omöjlig att bevisa (förutsatt att vissa riktlinjer följs). På så sätt kommer du inte att behöva dekryptera eller avslöja lösenordet till det dolda operativsystemet. - Dolt operativsystem - I följande steg kommer du att skapa två VeraCrypt-volymer (en yttre och en dold) inuti den första partitionen efter systempartitionen. Den dolda volymen kommer att innehålla det dolda operativsystemet (OS:et), som skapas genom att innehållet från systempartitionen (där det nuvarande OS:et är installerat) kopieras till den dolda volymen. Till denna yttre volym bör du sen kopiera några skenbart känsliga filer som du egentligen INTE vill dölja. De ska finnas där om någon tvingar dig att avslöja lösenordet till den dolda OS-partitionen. Du kan avslöja lösenordet för den yttre volymen belägen inuti den dolda OS-partitionen, men det dolda OS:ets existens förblir hemlig.\n\nSlutligen ska du, på det nuvarande OS:ets systempartition, installera ett nytt s.k. skenoperativsystem och kryptera det. Det ska inte inne- hålla känsliga data utan finnas där om någon tvingar dig att avslöja lösenordet till förstartsautentiseringen. Totalt kommer det att finnas tre lösenord. Två av dem kan avslöjas (sken-OS:ets och den yttre vo- lymens). Om du anger det tredje, kommer det dolda OS:et att startas. - Identifierar dolda sektorer - Vänta medan VeraCrypt identifierar eventuella dolda sektorer i slutet av systemenheten. Observera att detta kan ta lång tid att slutföra.\n\nObservera: På vissa datorer kan systemet i sällsynta fall sluta svara. Starta i så fall om datorn, kör VeraCrypt och upprepa föregående steg men hoppa över identifieringen. Observera att detta problem inte orsakas av ett fel i VeraCrypt. - Område att kryptera - Välj detta alternativ om du vill kryptera hela den enhet på vilken det för närvarande aktiva Windows är installerat. Hela enheten, inklusive alla dess partitioner, kommer att krypteras förutom det startspåret, där VeraCrypts startinläsare kommer att installeras. Alla som vill få tillgång ett system installerat på enheten, eller filer lagrade på den, måste ange rätt lösenord varje gång systemet startar. Detta alternativ kan inte användas för att kryptera en sekundär eller extern enhet, såvida Windows inte är installerat på den och inte startar från den. - Insamling av slumpmässiga data - Nycklar genererade - VeraCrypt har inte identifierat någon CD- eller DVD-brännare kopplad till din dator. VeraCrypt behöver en CD- eller DVD-brännare för att skapa en startbar återställningsskiva med en säkerhetskopia av krypteringsnycklarna, VeraCrypts startinläsare, det ursprungliga systemets startinläsare etc.\n\nDu rekommenderas att skapa en återställningsskiva. - Jag har ingen CD- eller DVD-brännare, men jag kommer att spara återställningsskivans ISO-avbildning på en flyttbar enhet (t.ex. ett USB-minne). - Jag kommer att ansluta en CD- eller DVD-brännare till min dator senare. Avbryt processen nu. - En CD- eller DVD-brännare är nu ansluten till min dator. Fortsätt att skriva återställningsskivan. - Följ dessa steg:\n\n1) Anslut en flyttbar enhet, som exempelvis ett USB-minne, till din dator nu.\n\n2) Kopiera återställningsskivans avbildning (%s) till den flyttbara enheten.\n\nOm du någon gång i framtiden behöver återställningsskivan, kommer du att kunna ansluta din flyttbara enhet (innehållande återställningsskivans avbildning) till en dator med en CD- eller DVD-brännare och skapa en startbar återställningsskiva genom att bränna avbildningen till en CD eller DVD. VIKTIGT: Observera att filen måste skrivas till CD:n eller DVD:n som en ISO-avbildning och inte som en individuell fil. - Bränning av återställningsskiva - Återställningsskiva skapad - Förberedande test inför systemkryptering - Återställningsskivan verifierad - \nÅterställningsskivan har verifierats. Mata ut den från enheten och förvara den på ett säkert ställe.\n\nKlicka på Nästa för att fortsätta. - VARNING: Under följande steg får återställningsskivan inte vara insatt i enheten. Annars kommer det inte att vara möjligt att fullfölja stegen korrekt.\n\nMata ut den från enheten och förvara den på ett säkert ställe. Klicka sedan på OK. - Varning: På grund av tekniska begränsningar i förstartsmiljön kommer text som visas vid uppstart inte att vara språkanpassad. Användargränssnittet för VeraCrypts startinläsare är helt och hållet på engelska.\n\nVill du fortsätta? - Innan din systempartition eller -enhet krypteras måste VeraCrypt säkerställa att allt fungerar som förväntat.\n\nEfter att du klickat på Testa kommer alla nödvändiga komponenter (exempelvis VeraCrypts starthanterare) att installeras, och din dator kommer att startas om. Därefter måste du ange ditt lösenord i VeraCrypts starthanterare som laddas innan Windows startas. Efter att Windows har startats, kommer information om hur testet gick att visas på skärmen.\n\nFöljande enhet kommer att ändras: Enhet #%d\n\n\nOm du klickar på Avbryt nu kommer inget att installeras, och det förberedande testet kommer inte att genomföras. - VIKTIGA KOMMENTARER – LÄS ELLER SKRIV UT (Klicka på ”Skriv ut”):\n\nObservera att inga filer kommer att krypteras innan datorn har startats om och Windows har startats. Dina data kommer därför INTE att vara förlorade, om någonting går fel. Dock kan det då bli problem att starta Windows. Läs därför igenom (och, om möjligt, skriv ut) följande instruktioner för vad man kan göra om Windows inte startas efter att datorn startats om.\n\n - Vad man kan göra om Windows inte startas\n----------------------------------------------------\n\nObservera: Dessa instruktioner är endast tillämpliga om krypteringen inte har påbörjats.\n\n· Grips inte av panik om Windows inte startas efter att du angett rätt lösenord, eller om VeraCrypt hävdar att lösenordet är fel trots att du upprepade gånger angett rätt lösenord. Starta om datorn (stäng av och sätt på den) och tryck på Esc i VeraCrypts startinläsare. Om du har flera operativsystem installerade, välj vilket av dem som ska startas. Windows bör då – förutsatt att det inte är krypterat – startas, och VeraCrypt kommer automatiskt att fråga dig om du vill avinstallera komponenten för förstartsautentiseringen. Observera att dessa instruktioner INTE fungerar om systempartitionen eller -enheten är krypterad. (Ingen kan starta Windows eller komma åt krypterade data på enheten utan rätt lösenord även om han eller hon följer dessa instruktioner.)\n\n - · Om föregående instruktioner inte hjälper, eller om VeraCrypts startinläsare inte visas innan Windows startas, mata in återställningsskivan i din CD- eller DVD-enhet och stata om datorn. Om återställningsskivan inte startas, eller om alternativet ”Repair Options” inte visas i återställningsskivans meny, är det möjligt att ditt BIOS är konfigurerat att i första hand starta från hårddisken. Om så är fallet, starta om din dator och tryck på F2, F10, Delete eller Esc direkt du ser BIOS:ets startskärm och vänta tills BIOS:ets konfigurationsskärm visas. Om BIOS:ets konfigurationsskärm inte visas, stata om datorn igen och tryck upprepade gånger på F2, F10, Delete eller Esc så snart datorn startats om. När BIOS:ets konfigurationsskärm visas, konfigurera ditt BIOS så att datorn i första hand startar från CD- eller DVD-enheten. (För information om hur detta går till, läs dokumentationen för ditt BIOS/moderkort eller kontakta din datorleverantörs tekniska support för hjälp.) Starta sedan om datorn. Återställningsskivans meny bör nu visas. Välj alternativet ”Repair Options” genom att trycka på F8. Välj sedan ”Restore original system loader” och mata ut återställningsskivan från CD- eller DVD-enheten och starta om datorn. Windows bör nu startas normalt, förutsatt att det inte är krypterat.\n\n - Observera att dessa instruktioner INTE fungerar om systempartitionen eller -enheten är krypterad. (Ingen kan starta Windows eller komma åt krypterade data på enheten utan rätt lösenord även om han eller hon följer dessa instruktioner.)\n\n\nObservera att även om du tappar bort din återställningsskiva och någon annan hittar den, kommer han eller hon INTE att kunna dekryptera systempartitionen eller -enheten utan rätt lösenord.\n - Förberedande test slutfört - Det förberedande testet har slutförts utan fel.\n\nVARNING: Delar av dina data kan bli skadade eller gå förlorade, om strömförsörjningen plötsligt bryts eller om operativsystemet kraschar beroende på program- eller maskinvarufel medan existerande data på plats-krypteras. Därför bör du, innan krypteringsprocessen startar, kontrollera att du har säkerhetskopior av de filer du vill kryptera. Säkerhetskopiera annars filerna nu (genom att klicka på Skjut upp, säkerhetskopiera filerna, sedan köra VeraCrypt igen när som helst och välja ”Återuppta avbruten process” under ”System” i rullgardinsmenyn).\n\nKlicka på Kryptera för att börja kryptera. - Du kan när som helst klicka på Pausa eller Skjut upp för att avbryta krypterings- eller dekrypteringsprocessen, avsluta denna guide, starta om eller stänga av din dator och sedan återuppta processen, som kommer att fortsätta från den punkt där den avbröts. För att prestandan inte ska bli lidande när andra applikationer skriver till eller läser data från systemenheten, väntar VeraCrypt tills data skrivits eller lästs och fortsätter sedan krypteringen eller dekrypteringen. - \n\nDu kan när som helst klicka på Pausa eller Skjut upp för att avbryta krypteringsprocessen, avsluta denna guide, starta om eller stänga av din dator och sedan återuppta processen, som kommer att fortsätta från den punkt där den avbröts. Observera att volymen inte kan monteras förrän krypteringen slutförts. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Dolt operativsystem startat - Ursprungligt operativsystem - Windows skapar (normalt sett utan vare sig din vetskap eller ditt medgivande) olika loggfiler, tillfälliga filer och liknande på systempartitionen. Windows sparar också primärminnets innehåll i viloläges- och växlingsfiler på systempartitionen. Därför skulle obehöriga, om de analyserade filer lagrade på partitionen som innehåller det ursprungliga operativsystemet (av vilket det dolda operativsystemet är en kloning), kunna lista ut att du t.ex. körde VeraCrypts guide för att skapa ett dolt operativsystem (vilket i sin tur kan indikera att ett dolt operativsystem existerar i datorn).\n\nFör att förhindra detta kommer VeraCrypt att skriva över hela innehållet på partitionen där det ursprungliga operativsystemet finns. Efteråt, för att få ett förnekande att verka trovärdigt, kommer du att behöva installera ett nytt operativsystem på partitionen och kryptera det. På så sätt skapar du ett skenoperativsystem, och hela processen för att skapa ett dolt operativsystem kommer att slutföras. - Det dolda operativsystemet har skapats utan fel. Innan du kan börja använda det (och få ett förnekande att verka trovärdigt), måste du dock skriva över hela innehållet på partitionen där det aktuella operativsystemet är installerat. Innan du kan göra det, måste du starta om datorn och ange det dolda operativsystemets lösenord till förstartsautentiseringen i VeraCrypts startinläsare (som visas innan Windows startas). Efter att det dolda operativsystemet startats, kommer guiden Skapa VeraCrypt-volym att köras automatiskt.\n\nObservera: Om du väljer att avbryta processen för att skapa ett dolt operativsystem nu, kommer du INTE att kunna återuppta den, och det dolda operativsystemet kommer INTE att vara åtkomligt (eftersom VeraCrypts startinläsare kommer att tas bort). - Du har schemalagt en process för att skapa ett dolt operativsystem. För att slutföra processen måste du starta om datorn och ange lösenordet för det dolda operativsystemet i VeraCrypts startinläsare (som visas innan Windows startas).\n\nObservera: Om du väljer att avbryta processen för att skapa ett dolt operativsystem nu, kommer du INTE att kunna återuppta den. - Starta om datorn och fortsätt - Avbryt processen för att skapa ett dolt operativsystem - Gör ingenting nu, utan fråga igen senare - \nSKRIV GÄRNA UT DENNA TEXT (klicka på ”Skriv ut” nedan).\n\n\nNär och hur en återställningsskiva ska användas (efter kryptering)\n-----------------------------------------------------------------------------------\n\n - I. Hur man startar en återställningsskiva\n\nFör att starta en återställningsskiva, matar du in den i din CD- eller DVD-enhet och statar om datorn. Om återställningsskivan inte startas, eller om alternativet ”Repair Options” inte visas i återställningsskivans meny, är det möjligt att ditt BIOS är konfigurerat att i första hand starta från hårddisken. Om så är fallet, starta om din dator och tryck på F2, F10, Delete eller Esc direkt du ser BIOS:ets startskärm och vänta tills BIOS:ets konfigurationsskärm visas. Om BIOS:ets konfigurationsskärm inte visas, stata om datorn igen och tryck upprepade gånger på F2, F10, Delete eller Esc så snart datorn startats om. När BIOS:ets konfigurationsskärm visas, konfigurera ditt BIOS så att datorn i första hand startar från CD- eller DVD-enheten. (För information om hur detta går till, läs dokumentationen för ditt BIOS/moderkort eller kontakta din datorleverantörs tekniska support för hjälp.) Starta sedan om datorn. Återställningsskivans meny bör nu visas. Observera: I återställningsskivans meny kan du välja alternativet ”Repair Options” genom att trycka på F8.\n\n\n - II. När och hur en återställningsskiva ska användas (efter kryptering)\n\n - 1) Om VeraCrypts startinläsare inte visas efter att du startat datorn (eller om Windows inte startas), kan VeraCrypts startinläsare vara skadad. Återställningsskivan möjliggör en återställning av startinläsaren, och du kan på så sätt återfå tillgång till ditt krypterade operativsystem och dina krypterade data. (Observera att du fortfarande måste ange rätt lösenord.) Välj ”Repair Options” följt av ”Restore VeraCrypt Boot Loader” i återställningsskivans meny. Tryck sedan på ”Y” för att bekräfta åtgärden, mata ut återställningsskivan från CD- eller DVD-enheten och starta om datorn.\n\n - 2) Om VeraCrypt hävdar att lösenordet är fel trots att du upprepade gånger angett rätt lösenord, kan den primära nyckeln eller andra kritiska data vara skadade. Återställningsskivan möjliggör en återställning dem, och du kan på så sätt återfå tillgång till ditt krypterade operativsystem och dina krypterade data. (Observera att du fortfarande måste ange rätt lösenord.) Välj ”Repair Options” följt av ”Restore key data”. Ange ditt lösenord och tryck sedan på ”Y” för att bekräfta åtgärden. Mata ut återställningsskivan från CD- eller DVD-enheten och starta om datorn.\n\n - 3) Om VeraCrypts startinläsare är skadad, kan du undvika att köra den genom att starta från återställningsskivan. Mata in återställningsskivan i din CD- eller DVD-enhet och ange ditt lösenord i återställningsskivans meny.\n\n - 4) Om Windows är skadat och inte kan startas, kan du med hjälp av återställningsskivan utföra en permanent dekryptering av partitionen eller enheten innan Windows startas. Välj ”Repair Options” följt av ”Permanently decrypt system partition/drive” i återställningsskivans meny. Ange rätt lösenord och vänta tills dekrypteringen har slutförts. Därefter kan du starta med Windows installationsskiva och med hjälp av den reparera Windows.\n\n - Observera: Om Windows är skadat och inte kan startas, går det också att undvika en dekryptering av systempartitionen eller -enheten genom att följa dessa steg: Om du har flera operativsystem installerade i din dator, starta ett som inte kräver förstartsautentisering. Om du inte har flera operativsystem installerade, kan du starta en CD eller DVD med WinPE- eller BartPE på. Alternativt kan du ansluta din systemenhet som en sekundär eller extern enhet till en annan dator och starta dess operativsystem. Kör därefter VeraCrypt, klicka på ”Välj enhet”, välj den aktuella systempartitionen och klicka på ”OK”. Välj ”Montera utan förstartsautentisering” under ”System” i rullgardinsmenyn, ange lösenordet till förstartsautentiseringen och klicka på ”OK”. Partitionen kommer då att monteras som en normal VeraCrypt-volym. (Data kommer som vanligt att realtidskrypteras och -dekrypteras i primärminnet vid åtkomst.)\n\n\n - Observera att även om du tappar bort din återställningsskiva och någon annan hittar den, kommer han eller hon INTE att kunna dekryptera systempartitionen eller -enheten utan rätt lösenord. - \n\nV I K T I G T – SKRIV GÄRNA UT DENNA TEXT (klicka på ”Skriv ut” nedan).\n\n\nObservera: Denna text kommer att visas varje gång du startat det dolda operativsystemet tills du skapat ett skenoperativsystem.\n\n\n - Hur man på ett säkert sätt skapar ett skenoperativsystem\n----------------------------------------------------------------------\n\nFör att ett förnekande av ett dolt operativsystems existens ska vara trovärdigt, måste du skapa ett skenoperativsystem nu. Följ nedanstående steg för att göra det:\n\n - 1) Stäng av säkerhetsskäl av din dator och lämna den avslagen i åtminstone några minuter (ju längre desto bättre). Detta är ett krav för att minnet, som innehåller känsliga data, ska tömmas. Starta sedan datorn utan att starta det dolda operativsystemet.\n\n - 2) Installera Windows på partitionen vars innehåll har rensats (d.v.s. partitionen där det ursprungliga operativsystemet, av vilket det dolda operativsystemet är en kloning, var installerat).\n\nVIKTIGT: NÄR DU BÖRJAT INSTALLERA SKENOPERATIVSYSTEMET, KOMMER DET DOLDA OPERATIVSYSTEMET *INTE* ATT KUNNA STARTA (eftersom VeraCrypts startinläsare kommer att tas bort av Windows installationsprogram). DETTA ÄR HELT NORMALT. FÅ INTE PANIK. DU KOMMER ATT KUNNA STARTA DET DOLDA OPERATIVSYSTEMET IGEN SÅ SNART DU BÖRJAT KRYPTERA SKENOPERATIVSYSTEMET (eftersom VeraCrypts startinläsare då kommer att installeras på systemenheten).\n\nViktigt: Storleken på skenoperativsystemets partition måste förbli samma som storleken på den dolda volymen. (Detta villkor uppfylls nu.) Dessutom får du inte skapa någon partition mellan de partitioner där skenoperativsystemet och det dolda operativsystemet är belägna.\n\n - 3) Starta skenoperativsystemet du installerade i steg 2 och installera VeraCrypt i det.\n\nKom ihåg att skenoperativsystemet aldrig får innehålla några känsliga data.\n\n - 4) Kör VeraCrypt i skenoperativsystemet och välj ”Kryptera systempartition eller -enhet” under ”System” i rullgardinsmenyn. Guiden Skapa VeraCrypt-volym bör då starta.\n\nFöljande steg gäller för guiden Skapa VeraCrypt-volym:\n\n - 5) Välj INTE alternativet ”Dold” i guiden Skapa VeraCrypt-volym. Låt alternativet ”Normal” vara aktiverat och klicka på ”Nästa”.\n\n - 6) Välj alternativet ”Kryptera Windows systempartition” och klicka på ”Nästa”.\n\n - 7) Om det dolda operativsystemet och skenoperativsystemet är de enda operativsystem som är installerade i datorn, ska du välja alternativet ”Envalsstart”. (Välj ”Flervalsstart” om fler än dessa två operativsystem är installerade i datorn.) Klicka sedan på ”Nästa”.\n\n - 8) VIKTIGT: I detta steg MÅSTE DU VÄLJA SAMMA KRYPTERINGS- OCH HASHALGORITM FÖR SKENOPERATIVSYSTEMET SOM DU VALDE FÖR DET DOLDA OPERATVISYSTEMET! ANNARS KOMMER DET DOLDA OPERATIVSYSTEMET INTE ATT VARA ÅTKOMLIGT! Med andra ord måste skenoperativsystemet krypteras med samma krypteringsalgoritm som det dolda operativsystemet. Observera: Anledningen till detta är att skenoperativsystemet och det dolda operativsystemet måste dela en gemensam startinläsare, vilken endast stöder en enskild krypteringsalgoritm som väljs av användaren. (Varje krypteringsalgoritm använder en särskild version av VeraCrypts startinläsare.)\n\n - 9) I detta steg ska du välja ett lösenord för skenoperativsystemet. Detta är det lösenord till förstartsautentiseringen du kommer att kunna avslöja om du blir tillfrågad om det eller tvingad till det. (Det anda lösenordet du kan avslöja är det till den yttre volymen.) Existensen av det tredje lösenordet (d.v.s. det till det dolda operativsystemets förstartsautentisering) förblir hemlig.\n\nViktigt: Lösenordet du väljer för skenoperativsystemet måste vara påtagligt annorlunda än det du väljer för den dolda volymen (d.v.s. för det dolda operativsystemet).\n\n - 10) Följ de återstående instruktionerna i guiden för att kryptera skenoperativsystemet.\n\n\n\n - Efter att skenoperativsystemet är skapat\n--------------------------------------------------\n\nEfter att du krypterat skenoperativsystemet är hela processen för att skapa ett dolt operativsystem slutförd, och du kommer att kunna använda dessa tre lösenord:\n\n1) Ett lösenord till förstartsautentiseringen för det dolda operativsystemet.\n\n2) Ett lösenord till förstartsautentiseringen för skenoperativsystemet.\n\n3) Ett lösenord för den yttre volymen.\n\n - Om du vill starta det dolda operativsystemet anger du lösenordet för det dolda operativsystemet i VeraCrypts startinläsare (som visas efter att du startar eller startar om datorn).\n\nOm du vill starta skenoperativsystemet anger du lösenordet för skenoperativsystemet i VeraCrypts startinläsare.\n\nLösenordet för skenoperativsystemet kan avslöjas för någon som tvingar dig att röja lösenordet till förstartsautentiseringen. Den dolda volymens (och det dolda operativsystemets) existens förblir hemlig.\n\n - Det tredje lösenordet (för den yttre volymen) kan avslöjas för någon som tvingar dig att röja lösenordet för den första partitionen efter systempartitionen, där både den yttre volymen och den dolda volymen (innehållande det dolda operativsystemet) finns. Den dolda volymens (och det dolda operativsystemets) existens förblir hemlig.\n\n\n - Om du avslöjade det dolda operativsystemets lösenord, och du blir tillfrågad varför det lediga utrymmet på skenoperativsystemets partition innehåller slumpmässiga data, kan du exempelvis svara följande: ”Partitionen innehöll tidigare ett system som krypterats av VeraCrypt, men jag glömde bort lösenordet till förstartsautentiseringen (eller operativsystemet skadades och gick inte längre att starta), så jag var tvungen att ominstallera Windows och kryptera partitionen igen.”\n\n\n - Om alla instruktioner samt de försiktighetsåtgärder och krav som beskrivs i avsnittet ”Security Requirements and Precautions Pertaining to Hidden Volumes” i VeraCrypts användarhandbok har följts, bör det vara omöjligt att bevisa att den dolda volymen och det dolda operativsystemet existerar, även om den yttre volymen monteras eller skenoperativsystemet dekrypteras eller startas.\n\nOm du sparar en kopia av denna text eller skriver ut den (vilket rekommenderas, såvida inte skrivaren lagrar kopior av dokument den skriver ut på en intern enhet), bör du förstöra alla kopior av den efter att du skapat skenoperativsystemet och efter att du har läst och förstått all information i den. (Annars riskerar en sådan kopia avslöja existensen av ett dolt operativsystem i datorn.)\n\n - VARNING: SKRIV INTE TILL DEN YTTRE VOLYMEN (observera att skenoperativsystemet INTE är installerat på den yttre volymen) OM DU INTE SKYDDAT DEN DOLDA VOLYMEN. (Läs avsnittet ”Protection of Hidden Volumes Against Damage” i VeraCrypts användarhandbok för mer information om detta.) ANNARS KAN DET HÄNDA ATT DU SKRIVER ÖVER OCH SKADAR DEN DOLDA VOLYMEN (OCH DET DOLDA OPERATIVSYSTEMET INUTI DEN)! - Kloning av operativsystemet - I följande steg kommer VeraCrypt att skapa det dolda operativsystemet genom att kopiera systempartitionens innehåll till den dolda volymen. (Data som kopieras krypteras i realtid med en krypteringsnyckel skild från den som används för skenoperativsystemet.)\n\nObservera att kopieringen kommer att genomföras i förstartsmiljön (innan Windows startas) och kan ta lång tid att slutföra, allt från flera timmar till flera dagar (beroende på systempartitionens storlek och din dators prestanda).\n\nDu kan avbryta kloningsprocessen, stänga av din dator, starta operativsystemet igen och sedan återuppta processen. Hela kloningsprocessen kommer, om du avbryter den, emellertid att behöva börja om från början, eftersom systempartitionens innehåll inte får ändras under processens gång. - Vill du avbryta hela processen för att skapa ett dolt operativsystem?\n\nObservera: Du kommer INTE att kunna återuppta processen om du avbryter den nu. - Vill du avbryta det förberedande testet inför systemkrypteringen? - VeraCrypts förberedande test inför systemkrypteringen misslyckades. Vill du försöka igen?\n\nOm du väljer ”Nej”, kommer komponenten för förstartsautentiseringen att avinstalleras.\n\nObservera:\n\n· Om VeraCrypts startinläsare inte bad dig att ange lösenordet innan Windows startades, är det möjligt att ditt operativsystem inte startade från den enhet på vilket det är installerat. Detta förfarande stöds inte.\n\n· Om du använde en annan krypteringsalgoritm än AES och det förberedande testet misslyckades (och du dessutom angav rätt lösenord), kan det ha orsakats av en dåligt anpassad drivrutin. Välj ”Nej” och försök att kryptera systempartitionen eller -enheten igen, men använd AES som krypteringsalgoritm, då den är minst minneskrävande.\n\n· För fler möjliga orsaker och lösningar, gå till sidan https://veracrypt.codeplex.com/wikipage?title=Troubleshooting. - Systempartitionen eller -enheten verkar inte vara krypterad (varken helt eller delvis). - Din systempartition eller -enhet är krypterad (delvis eller fullständigt).\n\nDu måste dekryptera din systempartition eller -volym innan du fortsätter. Välj ”Permanent dekryptering av systempartition eller -enhet” under ”System” i rullgardinsmenyn. - Du kan inte nedgradera VeraCrypt när systempartitionen eller -enheten är krypterad (helt eller delvis). Du kan däremot uppgradera eller ominstallera samma version. - Din systempartition eller -enhet håller för närvarande på att krypteras, dekrypteras eller på något annat sätt modifieras. Avbryt krypterings-, dekrypterings- eller modifieringsprocessen (eller vänta tills den slutförts) innan du fortsätter. - En instans av guiden Skapa VeraCrypt-volym körs redan och förbereder eller utför en kryptering eller dekryptering av systempartitionen eller -enheten. Innan du kan fortsätta, måste du avsluta guiden eller vänta på att den slutförs. Stäng av datorn, om det inte går att avsluta guiden. - Krypteringen eller dekrypteringen av systempartitionen eller -enheten har inte slutförts. Vänta tills den slutförts innan du fortsätter. - Fel: Krypteringen av partitionen eller enheten har inte slutförts. Den måste slutföras först. - Fel: Krypteringen av partitionen eller enheten har inte slutförts. Den måste slutföras först.\n\nObservera: Välj ”Återuppta avbruten process” under ”Volymer” i VeraCrypts rullgardinsmeny för att återuppta krypteringsprocessen. - Lösenordet är rätt, och VeraCrypt har dekrypterat volymhuvudet och upptäckt att volymen är en dold systemvolym. Emellertid kan du inte ändra volymhuvudet på en dold systemvolym på detta sätt.\n\nFör att ändra ett lösenord för en dold systemvolym startar du operativsystemet på den dolda volymen och väljer sedan ”Ändra lösenord” under ”System” i VeraCrypts rullgardinsmeny.\n\nFör att ändra härledningsalgoritm för volymhuvudets nyckel startar du det dolda operativsystemet och väljer ”Ändra härledningsalgoritmen för volymhuvudets nyckel” under ”System” i VeraCrypts rullgardinsmeny. - VeraCrypt stöder inte på plats-dekryptering av en dold systempartition.\n\nObservera: Om du vill dekryptera skenoperativsystemet startar du det och väljer ”Permanent dekryptering av systempartition eller -enhet” under ”System” i VeraCrypts rullgardinsmeny. - Fel: Felaktig eller ogiltig parameter. - Du har valt en partition eller enhet, men det guideläge du valde är endast giltigt för volymbehållare.\n\nVill du byta guideläge? - Vill du skapa en volymbehållare i stället? - Du har valt systempartitionen eller -enheten (eller startpartitionen), men det guideläge du valde är endast giltigt för icke-systempartitioner eller -enheter.\n\nVill du konfigurera förstartsautentisering (vilket innebär att du måste ange ditt lösenord varje gång innan Windows startas) och kryptera systempartitionen eller -enheten? - Är du säker på att du vill utföra en permanent dekryptering av systempartitionen eller -enheten? - VARNING: Om du väljer att utföra en permanent dekryptering av systempartitionen eller -enheten kommer okrypterade data att skrivas till den.\n\nÄr du verkligen säker på att du vill utföra en permanent dekryptering av systempartitionen eller -enheten? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Varning: Om du använder nästade krypteringsalgoritmer vid systemkryptering kan du drabbas av följande problem:\n\n1) VeraCrypts startinläsare blir så stort att utrymmet på enhetens startspår inte räcker till för att rymma en säkerhetskopia av startinläsaren. När det skadas (vilket ofta händer, exempelvis vid dåligt konstruerade produktaktiveringsprocesser som ska förhindra piratkopiering), måste du använda återställningsskivan för att starta eller reparera VeraCrypts startinläsare.\n\n2) På vissa datorer kan det ta längre tid att aktivera datorn från viloläge.\n\nDessa potentiella problem kan förhindras genom att välja en icke-nästad krypteringsalgoritm (t.ex. AES).\n\nÄr du säker på att du vill använda nästade krypteringsalgoritmer? - Om du upplever något av tidigare beskrivna problem, dekryptera partitionen eller enheten (om den är krypterad) och försök sedan kryptera den igen med hjälp av en krypteringsalgoritm som inte är nästad (t.ex. AES). - VARNING: Av säkerhetsskäl bör du uppdatera VeraCrypt i skenoperativsystemet innan du uppdaterar VeraCrypt i det dolda operativsystemet.\n\nStarta skenoperativsystemet och kör VeraCrypts installationsprogram därifrån. Starta sedan det dolda operativsystemet och kör VeraCrypts installationsprogram även därifrån.\n\nObservera: Skenoperativsystemet och det dolda operativsystemet delar en gemensam startinläsare. Om du endast uppgraderar VeraCrypt i det dolda operativsystemet, kommer skenoperativsystemet att innehålla en VeraCrypt-drivrutin och VeraCrypt-applikationer vars versionsnummer skiljer sig från versionsnumret på VeraCrypts startinläsare. En sådan avvikelse kan indikera att ett dolt operativsystem finns installerat i datorn.\n\n\nVill du fortsätta? - Versionen på startinläsaren som startade detta operativsystem skiljer sig från versionen på de VeraCrypt-drivrutiner och -applikationer som är installerade i datorn.\n\nDu bör köra VeraCrypts installationsprogram (med samma versionsnummer som VeraCrypts startinläsare) för att uppdatera VeraCrypt i detta operativsystem. - Versionen på startinläsaren som startade detta operativsystem skiljer sig från versionen på de VeraCrypt-drivrutiner och -applikationer som är installerade i datorn. Observera att äldre versioner kan innehålla fel som rättats till i nyare versioner.\n\nOm du inte startade från en återställningsskiva bör du ominstallera eller uppgradera VeraCrypt till den senaste stabila versionen (även startinläsaren kommer att uppgraderas).\n\nOm du startade från en återställningsskiva bör du uppgradera den genom att välja ”Skapa återställningsskiva” under ”System” i rullgardinsmenyn. - VeraCrypts startinläsare har uppdaterats.\n\nDu bör skapa en ny återställningsskiva (som kommer att innehålla den nya versionen av VeraCrypts startinläsare) genom att välja ”Skapa återställningsskiva” under ”System” i rullgardinsmenyn efter att du startat om datorn. - VeraCrypts startinläsare har uppdaterats.\n\nDu bör starta skenoperativsystemet och skapa en ny återställningsskiva (som kommer att innehålla den nya versionen av VeraCrypts startinläsare) genom att välja ”Skapa återställningsskiva” under ”System” i VeraCrypts rullgardinsmeny. - Det gick inte att uppdatera VeraCrypts startinläsare. - VeraCrypt kunde inte avgöra systemenhetens verkliga storlek och kommer därför att använda den storlek som rapporteras av operativsystemet. Observera även att detta är inte är ett fel i VeraCrypt. - VARNING: Det verkar som att VeraCrypt redan har försökt identifiera dolda sektorer på denna systemenhet. Om fel uppstod under den föregående identifieringsprocessen kan du undvika dem genom att denna gång hoppa över identifieringen av dolda sektorer. Observera att VeraCrypt då kommer att använda sig av den storlek som rapporteras av operativsystemet, vilken kan vara mindre än enhetens verkliga storlek.\n\nObservera att detta inte orsakas av ett fel i VeraCrypt. - Hoppa över identifieringen av dolda sektorer (använd storleken som rapporteras av operativsystemet) - Försök identifiera dolda sektorer igen - Fel: Innehållet i en eller flera sektorer på disken kan inte läsas (troligen beroende på ett fysiskt fel).\n\nPå plats-krypteringsprocessen kan endast fortsätta efter att sektorerna har gjorts läsbara igen. VeraCrypt kan försöka att göra dessa sektorer läsbara genom att skriva nollor i dem. (Därefter kommer alla sådana nollfyllda block att krypteras.) Observera emellertid att alla data lagrade i de oläsbara sektorerna kommer att gå förlorade. Om du vill undvika detta, kan du försöka återskapa delar av informationen i de skadade sektorerna med hjälp av lämpliga programvaror från tredje part.\n\nObservera: Vid fysiska skador på sektorer – i motsats till rena datafel och kontrollsummefel – allokerar de flesta typer av lagringsenheter om sektorerna internt, när försök att skriva data till dem görs. Existerande data i de skadade sektorerna kan därför finnas kvar på enheten okrypterade.\n\nVill du att VeraCrypt ska skriva nollor i oläsbara sektorer? - Fel: Innehållet i en eller flera sektorer på disken kan inte läsas (troligen beroende på ett fysiskt fel).\n\nFör att kunna gå vidare med dekrypteringen måste VeraCrypt hoppa över innehållet i de oläsbara sektorerna. (Innehåller kommer att ersättas med pseudoslumpmässiga data.) Observera att du, innan du fortsätter, kan försöka återställa delar av innehållet i de skadade sektorerna med hjälp av lämpliga programvaror från tredje part.\n\nVill du att VeraCrypt hoppar över innehållet i de oläsbara sektorerna och går vidare nu? - Observera: VeraCrypt har ersatt innehållet i %I64d oläsbara sektorer (%s) med krypterade klartextblock fyllda med nollor. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Ange lösenord eller PIN för tokenet ”%s”: - För att ge VeraCrypt åtkomst till ett säkerhetstoken eller ett smartkort, måste du först installera ett PKCS #11-programvarubibliotek för tokenet eller smartkortet. Ett sådant bibliotek kan följa med enheten eller vara tillgängligt för nedladdning från tillverkarens webbplats eller tredje part.\n\nEfter att du installerat biblioteket, kan du antingen välja det manuellt genom att klicka på ”Välj bibliotek” eller så kan du låta VeraCrypt hitta och välja det automatiskt genom att klicka på ”Identifiera bibliotek automatiskt” (endast Windows systemmapp genomsöks). - Observera: PKCS #11-bibliotekets filnamn och sökväg bör vara angivna i dokumentationen som följde med säkerhetstokenet, smartkortet eller programvaran från tredje part.\n\nKlicka på ”OK” för att välja sökväg och filnamn. - För att ge VeraCrypt åtkomst till ett säkerhetstoken eller ett smartkort, måste du först installera ett PKCS #11-programvarubibliotek för tokenet eller smartkortet. För att göra det, välj ”Säkerhetstoken” under ”Inställningar” i rullgardinsmenyn. - Initieringen av PKCS #11-biblioteket för säkerhetstokenet misslyckades.\n\nKontrollera att sökväg och filnamn som angetts hänvisar till ett giltigt PKCS #11-bibliotek. Välj ”Säkerhetstoken” under ”Inställningar” i rullgardinsmenyn för att ange sökväg och filnamn till ett PKCS #11-bibliotek. - Inget PKCS #11-bibliotek hittades i Windows systemmapp.\n\nKontrollera att ett PKCS #11-bibliotek för ditt säkerhetstoken eller smartkort är installerat. (Ett sådant bibliotek kan följa med enheten eller vara tillgängligt för nedladdning från tillverkarens webbplats eller tredje part.) Om det är installerat någon annanstans än i Windows systemmapp, klicka på ”Välj bibliotek” för att hitta biblioteket (t.ex. i den mapp där programvaran för tokenet eller kortet är installerad). - Inget säkerhetstoken hittades.\n\nKontrollera att säkerhetstokenet är anslutet till datorn och att rätt drivrutin för ditt token är installerad. - Hittade inte nyckelfilen för säkerhetstokenet. - En nyckelfil för säkerhetstoken med samma namn finns redan. - Vill du ta bort de valda filerna? - Sökvägen till nyckelfilen för säkerhetstokenet är felaktig. - Säkerhetstokenfel - Lösenordet för säkerhetstokenet är fel. - Det finns inte tillräckligt mycket minne för säkerhetstokenet att utföra den begärda åtgärden.\n\nOm du försöker importera en nyckelfil, bör du välja en mindre fil eller använda en nyckelfil genererad av VeraCrypt (välj ”Nyckelfilsgenerering” under ”Verktyg” i rullgardinsmenyn). - Alla öppna säkerhetstokensessioner har stängts. - Välj nyckelfiler för säkerhetstoken - Fack - Namn på token - Filnamn - VIKTIGT: Observera att lösenord till förstartsautentisering alltid anges med amerikansk tangentbordslayout. Därför kan en volym som använder ett lösenord som angetts med en annan tangentbordslayout vara omöjlig att montera med hjälp av förstartsautentisering. (Observera att detta inte är ett fel i VeraCrypt.) Följ nedanstående steg för att möjliggöra montering av en sådan volym med hjälp av ett lösenord till förstartsautentisering:\n\n1) Klicka på ”Välj fil” eller ”Välj enhet” och bläddra fram till volymen.\n2) Välj ”Ändra volymlösenord” under ”Volymer” i rullgardinsmenyn.\n3) Ange volymens nuvarande lösenord.\n4) Ändra tangentbordslayouten till ”English (United States)” genom att klicka på Språkfältets ikon i Aktivitetsfältet och välja ”EN English (United States)”.\n5) Ange lösenordet till förstartsautentiseringen i fältet för det nya lösenordet.\n6) Bekräfta det nya lösenordet genom att upprepa det och klicka på ”OK”.\n\nVARNING: Kom ihåg att volymlösenordet alltid måste anges med amerikansk tangentbordslayout (vilket endast sker automatiskt i förstartsmiljön). - Lösenordet till förstartsautentiseringen kommer att användas vid montering av systemvolymfavoriterna. Om någon systemvolymfavorit använder ett annat lösenord, kommer den inte att monteras. - Observera att du – om du vill förhindra normala volymåtgärder (som exempelvis ”Demontera allt” och automatisk demontering) från att påverka systemvolymfavoriterna – bör aktivera alternativet ”Tillåt endast administratörer att se och demontera systemvolymfavoriter i VeraCrypt”. Dessutom kommer systemvolymfavoriterna inte att visas i enhetsbeteckningslistan i VeraCrypts huvudfönster, när VeraCrypt körs utan administratörsbehörigheter (standardinställningen i Windows Vista och nyare). - VIKTIGT: Kom ihåg att monterade systemvolymfavoriter INTE visas i VeraCrypts programfönster och att de inte kan demonteras, om detta alternativ är aktiverat och VeraCrypt inte har administratörsbehörig- heter. Högerklicka därför först på VeraCrypt-genvägen i Start-menyn och välj ”Kör som administratör”, om du exempelvis måste demontera en systemvolymfavorit. Samma begränsning gäller även för alternativet ”Demontera allt”, automatiska demonterings-funktioner, snabbtangenter för demontering etc. - Observera att denna inställning börjar gälla först efter att operativsystemet startats om. - Fel vid tolkning av kommandoraden. - Återställningsskiva - Välj fi&l att montera … - Välj enhe&t att montera … - Tillåt endast &administratörer att se och demontera systemvolymfavoriter i VeraCrypt - &Montera systemvolymfavoriter när Windows startas (i den inledande startfasen) - Varning: Volymen monterad som ”%s” demonterades på ett felaktigt sätt, och filsystemet kan därför innehålla fel. Att använda ett skadat filsystem kan orsaka att data går förlorade eller blir felaktiga.\n\nObservera: Innan du fysiskt tar bort eller stänger av en enhet (som exempelvis ett USB-minne eller en extern hårddisk) som innehåller en VeraCrypt-volym, bör du alltid demontera den i VeraCrypt.\n\n\nVill du att Windows ska försöka identifiera och reparera eventuella fel i filsystemet? - Varning: En eller flera systemvolymfavoriter demonterades på ett felaktigt sätt och kan därför innehålla fel i filsystemet. I Windows loggbok går det att hitta fler detaljer.\n\nAtt använda ett skadat filsystem kan orsaka att data går förlorade eller blir felaktiga. Du bör söka igenom påverkade systemvolymfavoriter efter fel genom att högerklicka på var och en av dem i VeraCrypt och välja ”Reparera filsystemet”. - Varning: Reparation av ett skadat filsystem med hjälp av Microsofts ”chkdsk” kan i värsta fall orsaka förlust av filer i skadade områden. Därför rekommenderas du att först säkerhetskopiera filerna som lagras på denna VeraCrypt-volym till en annan, oskadad, VeraCrypt-volym.\n\nVill du reparera filsystemet nu? - Volymen ”%s” har monterats som skrivskyddad, eftersom du saknar skrivrättigheter på volymbehållaren.\n\nKontrollera att behörigheterna för volymbehållaren tillåter dig att skriva till den. (Högerklicka på volymbehållaren och välj Egenskaper. Behörigheter hanteras under fliken Säkerhet.)\n\nPå grund av ett problem i Windows kan denna varning uppträda även efter att lämpliga inställningar för behörigheterna har gjorts. Detta beror inte på ett fel i VeraCrypt. En möjlig lösning är att flytta din volymbehållare till exempelvis mappen ”Mina dokument”.\n\nOm det är din avsikt att volymen ska vara skrivskyddad, kan du förhindra att varningen visas genom att aktivera volymbehållarens skrivskyddsattribut. (Högerklicka på volymbehållaren i Utforskaren och välj Egenskaper. Aktivera kryssrutan Skrivskydd under fliken Allmänt.) - Volymen ”%s” var tvungen att monteras som skrivskyddad, eftersom du nekades skrivrättigheter.\n\nKontrollera att ingen annan applikation (t.ex. antivirusprogramvara) använder partitionen eller enheten på vilken volymen är belägen. - Volymen ”%s” har monterats som skrivskyddad, eftersom operativsystemet rapporterade värdenheten som skrivskyddad.\n\nObservera att vissa anpassade kretsuppsättningsdrivrutiner har visat sig orsaka att skrivbara medier felaktigt framstår som skrivskyddade. Detta problem orsakas inte av VeraCrypt och kan eventuellt lösas genom att uppgradera eller avinstallera alla anpassade kretsuppsättningsdrivrutiner (ej utvecklade av Microsoft) som är installerade. - Observera att flertrådsteknik får varje fysisk processorkärna att fungera som flera logiska kärnor.\nMed flertrådsteknik aktiverad representerar antalet kärnor som valts ovan antalet logiska processorer/kärnor. - %d tråd(ar) - Observera att maskinvaruaccelererad AES är inaktiverad, vilket kommer att påverka prestandamätningsresultatet negativt.\n\nMaskinvaruacceleration konfigureras via ”Prestanda” under ”Inställningar” i rullgardinsmenyn. - Observera att antalet trådar som används är begränsat, vilket kommer att påverka prestandamätningsresultatet negativt.\n\nTrådbaserad parallellbearbetning konfigureras via ”Prestanda” under ”Inställningar” i rullgardinsmenyn. - Vill du att VeraCrypt ska försöka inaktivera skrivskyddet på partitionen eller enheten? - VARNING: Denna inställning kan ge försämrade prestanda.\n\nÄr du säker på att du vill använda denna inställning? - Varning: VeraCrypt-volym automatiskt demonterad - Innan du fysiskt tar bort eller stänger av en enhet som innehåller en VeraCrypt-volym, bör du alltid demontera den i VeraCrypt.\n\nOväntade demonteringar orsakas oftast av en trasig kabel eller enhet (diskkabinett) etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Testa - Nyckelfil - Backsteg - Tabb - Rensa - Retur - Paus - Caps lock - Blanksteg - Page up - Page down - End - Home - Vänsterpil - Uppåtpil - Högerpil - Nedåtpil - Välj - Skriv ut - Kör - Print screen - Insert - Delete - Program - Viloläge - Num lock - Scroll lock - Webbläsare – bakåt - Webbläsare – framåt - Webbläsare – uppdatera - Webbläsare – stopp - Webbläsare – sök - Webbläsare – favoriter - Webbläsare – startsida - Stäng av ljud - Sänk volym - Höj volym - Nästa spår - Föregående spår - Stoppa media - Spela eller pausa media - Starta e-post - Välj media - Program 1 - Program 2 - Attn - CrSel - ExSel - Spela upp - Zooma - NUM - Skift - Ctrl - Alt - Win - B - kB - MB - GB - TB - PB - B/s - kB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Avbryt + Installera för &alla användare + &Bläddra … + Skapa en genväg till VeraCrypt på skri&vbordet + Donera nu … + Associera filnamns&tillägget .hc med VeraCrypt + &Öppna målmappen efter slutförd uppackning + Lägg till VeraCrypt till &Start-menyn + Skapa en system&återställningspunkt + &Avinstallera + &Packa upp + &Installera + VeraCrypts installationsguide + Avinstallera VeraCrypt + H&jälp + Välj eller ange den mapp där du vill placera de uppackade filerna: + Välj eller ange den mapp där du vill installera VeraCrypts programfiler. Om den angivna mappen inte finns, kommer den att skapas automatiskt. + Klicka på ”Avinstallera” för att ta bort VeraCrypt från datorn. + Avbryt + Mät &prestanda + &Testa + Skapa en krypterad volym och formatera den + På plats-kryptera partition + Visa genererade nycklar (delar av dem) + Visa &poolinnehåll + Ladda ned programvara för CD/DVD-bränning + Skapa en krypterad volym&behållare + &GB + &TB + Ytterligare information + &Dold VeraCrypt-volym + Ytterligare information om dolda volymer + &Direktläge + N&ormalläge + &kB + &Använd nyckelfiler + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + N&yckelfiler … + Information om hashalgoritmer + Ytterligare information + Information on PIM + &MB + Ytterligare information + Ytterligare information om systemkryptering + Ytterligare information + Fle&rvalsstart + Kryptera en &icke-systempartition eller -enhet + Spara inte &historik + Öppna yttre volym + &Pausa + Use P&IM + Use PIM + Snabb- formatering + &Visa lösenord + &Visa lösenord + &Display PIM + &Envalsstart + &Synlig VeraCrypt-volym + &Dold + No&rmal + Kryptera &systempartitionen eller hela systemenheten + Kryptera Windows &systempartition + Kryptera hela &enheten + Guiden Skapa VeraCrypt-volym + Kluster + VIKTIGT: Flytta muspekaren så slumpmässigt som möjligt innanför detta fönsters gränser. Ju längre du flyttar den desto bättre. Detta förfarande ökar nyckelfilens kryptografiska styrka avsevärt. Klicka sedan på Nästa för att fortsätta. + &Bekräfta: + Klart + Drive letter: + Krypteringsalgoritm + Filsystem + Skapar en virtuell krypterad disk inuti en fil. Rekommenderas för nybörjare. + Alternativ + Hashalgoritm + Volymh.nyckel: + Kvar + Primär nyckel: + Välj detta alternativ om det finns två eller fler operativsystem installerade i denna dator.\n\nExempelvis:\n· Windows XP och Windows XP\n· Windows XP och Windows Vista\n· Windows och Mac OS X\n· Windows och Linux\n· Windows, Linux och Mac OS X + Skapar en synlig eller dold krypterad volym av en icke-system- partition eller en intern eller extern enhet (t.ex. ett USB-minne). + Aktuellt poolinnehåll (ofullständigt) + Steg + &Lösenord: + Volume PIM: + Volume PIM: + Förlopp: + Slumpdatapool: + Välj detta alternativ om det endast finns ett operativsystem installerat i datorn (även om den har flera användare). + Hastighet + Status + Nycklarna, saltet och andra data har genererats utan fel. Klicka på Föregående och sedan Nästa för att generera nya nycklar eller klicka på Nästa för att fortsätta. + Krypterar hela partitionen eller enheten där Windows är installerat. Alla som vill använda systemet, t.ex. läsa och skriva filer, kommer att behöva ange ett lösenord varje gång Windows startas. Systemet kan göras synligt eller dolt. + Välj detta alternativ för att kryptera den partition där aktuellt operativsystem (Windows) är installerat. + Volume Label in Windows: + Överskrivning: + Stäng + Tillåt att förstarts&autentiseringen förbigås genom att trycka på Esc (aktiverar starthanteraren) + Gör &ingenting + Montera vald VeraCrypt-volym &automatiskt + Starta &VeraCrypt + &Identifiera bibliotek automatiskt + Lagra lösenordet till förstartsautentiseringen i &cacheminnet (för montering av icke-systemvolymer) + &Bläddra … + Bl&äddra … + Lagra lösenord och nyckelfiler i &cacheminnet + A&vsluta när inga volymer är monterade + &Stäng tokensession (logga ut) efter att en volym monterats utan fel + Include VeraCrypt Volume Expander + Inkludera &guiden Skapa VeraCrypt-volym + Skapa + S&kapa volym + &Visa inte någon text vid förstartsautentiseringen (förutom det anpassade meddelandet) + Disable "Evil Maid" attack detection + &Snabba upp AES-kryptering och -dekryptering genom att använda processorns AES-instruktioner + &Använd nyckelfiler + A&nvänd nyckelfiler + Avsl&uta + Hjälp om volymfavoriter + &Montera inte markerad volym när snabbtangenten ”Montera volymfavoriter” trycks ned + Montera markerad volym när dess &värdenhet ansluts + Montera markerad volym vid &inloggning + Montera markerad volym som &skrivskyddad + Montera markerad volym som &flyttbart medium + Flytta &ned + Flytta &upp + &Öppna Utforskaren efter att markerad volym monterats + &Ta bort + Use favorite label as Explorer drive label + Globala inställningar + Visa ett systemmeddelande i Meddelandefältet efter att en snabbknappsdemontering genomförts + Spela upp ett ljud efter att en snabbknappsdemontering genomförts + &Alt + Ctrl + &Skift + &Win + Till&dela + &Ta bort + N&yckelfiler … + &Använd inte följande antal processorer för kryptering och dekryptering: + Ytterligare information + Ytterligare information + Fler &inställningar … + A&utomontera enheter + Al&ternativ … + Montera volym som &skrivskyddad + Ny&ckelfiler … + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + &Aktiverad + La&gra lösenord i drivrutinens minnescache + &Demontera automatiskt volymer där inga data har skrivits eller lästs på + Användaren &loggar ut + User session locked + &Energisparläge aktiveras + S&kärmsläckaren aktiveras + Fram&tvinga automatisk demontering även om volymen innehåller öppna filer eller mappar + &Montera alla enhetsbaserade VeraCrypt-volymer + Starta &bakgrundsaktivitet + Montera volymer som &skrivskyddade + Montera volymer som &flyttbara medier + &Öppna Utforskaren vid montering av volymer + Temporary Cache password during "Mount Favorite Volumes" operations + Visa en alternativ ikon i Meddelandefältet när det finns volymer monterade + Töm lösenords&cache vid automatisk demontering + Töm lösenordscac&he vid avslut + Bevara tidsst&ämpeln på volymbehållare + &Återställ + Välj enhe&t … + Välj fi&l … + Välj &bibliotek … + V&isa lösenord + &Visa lösenord + Öppna &Utforskaren efter montering + Lagra lösenord i drivrutinens minnes&cache + TrueCrypt Mode + Demontera &allt + Volym&egenskaper … + Volymverkty&g … + Töm lösenords&cache + VeraCrypt - Mount Parameters + VeraCrypt – Volymfavoriter + VeraCrypt – Snabbtangenter + VeraCrypt + Ändra lösenord eller nyckelfiler + Ange lösenord för VeraCrypt-volym + VeraCrypt – Prestandaalternativ + VeraCrypt – Inställningar + VeraCrypt – Inställningar för systemkryptering + VeraCrypt – Inställningar för säkerhetstoken + Konfiguration av VeraCrypt Traveler-skiva + Egenskaper för VeraCrypt-volym + Om … + Lägg till/ta bort nyckelfiler från volymen … + Lägg till monterad volym som favorit … + Lägg till monterad systemvolym som favorit … + Analysera en systemkrasch … + Säkerhetskopiera volymhuvud … + Prestandamätning … + Ändra härledningsalgoritm för volymhuvudets nyckel … + Ändra volymlösenord … + Ändra härledningsalgoritm för volymhuvudets nyckel … + Ändra lösenord … + Rensa volymhistorik + Stäng alla säkerhetstokensessioner + Kontakt … + Skapa dolt operativsystem … + Skapa återställningsskiva … + Skapa ny volym … + Permanently Decrypt... + Standardnyckelfiler … + Default Mount Parameters... + Donera nu … + Kryptera systempartition eller -enhet … + Vanliga frågor och svar (FAQ) + Användarhandbok + &Webbplats + Snabbtangenter … + Nyckelfilsgenerering + Språk … + Juridiska villkor + Hantera nyckelfiler för säkerhetstoken … + Automontera alla enhetsbaserade VeraCrypt-volymer + Montera volymfavoriter + Montera utan förstarts&autentisering … + Montera volym + Montera volym med alternativ + Nyheter + Internetbaserad hjälp + Självstudier för nybörjare + Hantera volymfavoriter … + Hantera systemvolymfavoriter … + Prestanda … + Permanent dekryptering av systempartition eller -enhet + Inställningar … + Uppdatera enheter + Ta bort alla nyckelfiler från volymen … + Återställ volymhuvud … + Återuppta avbruten process + Välj enhet … + Välj fil … + Återuppta avbruten process + Systemkryptering … + Egenskaper … + Inställningar … + Systemvolymfavoriter … + Nedladdningar + Testvektorer … + Säkerhetstoken … + Skapa en Traveler-skiva … + Demontera alla monterade volymer + Demontera volym + Verifiera återställningsskiva + Verify Rescue Disk ISO Image + Versionshistorik + Volume Expander + Volymegenskaper + Guiden Skapa VeraCrypt-volym + VeraCrypts webbplats + Töm lösenordscache + OK + Maskinvaruacceleration + Kortkommandon + Konfiguration av automatisk körning (autorun.inf) + Automatisk demontering + Demontera allt när: + Skärmalternativ för startinläsaren + &Bekräfta lösenord: + Nuvarande + Visa detta anpassade meddelande vid förstartsautentiseringen (maximalt antal tecken är 24): + Standardmonteringsalternativ + Snabbtangentsalternativ + Driver Configuration + Enable extended disk control codes support + Eget namn på volymfavoriten: + Filinställningar + Tangent: + Processorn (CPU:n) stöder maskinvaruaccelererad AES-kryptering: + Åtgärder som ska utföras vid inloggning + minut(er) + Använd enhetsbeteckning: + Monteringsinställningar + Nytt + L&ösenord: + Trådbaserad parallellism + Sökväg till PKCS #11-bibliotek + PKCS-5 PRF: + PKCS-5 PRF: + Lösenordscache + Säkerhetsalternativ + VeraCrypts bakgrundsaktivitet + VeraCrypt-volym som ska monteras (relativt Traveler-skivans rotmapp): + Vid insättning av en Traveler-skiva: + Skapa Traveler-skivans filer i (Traveler-skivans rotmapp): + Volym + Windows + Lägg till &mapp … + &Självtesta allt + &Fortsätt + &Dekryptera + &Ta bort + &Kryptera + &Exportera … + &Generera och spara nyckelfil … + &Generera nyckelfil … + Ladda ned språkpaket + Maskinvaruaccelererad AES: + &Importera nyckelfil till token … + Lägg till &filer … + &Använd nyckelfiler + N&yckelfiler … + &Ta bort + Ta &bort allt + Vad är skydd av dolda volymer? + Mer information om nyckelfiler + Montera volym som &flyttbart medium + Montera systemkrypterad partition utan förstartsa&utentisering + Parallellism: + Mät &prestanda + &Skriv ut + Skydda &dolda volymer mot skador orsakade av skrivning till yttre volymer + &Återställ + &Visa lösenord + Lägg till to&ken … + Använd om möjligt volymens &inbäddade säkerhetskopia av volymhuvudet + &XTS-läge + Om VeraCrypt + VeraCrypt – Prestandamätning av krypteringsalgoritmer + VeraCrypt – Testvektorer + Kommandoradshjälp + VeraCrypt – Nyckelfiler + VeraCrypt – Nyckelfilsgenerering + VeraCrypt – Språk + VeraCrypt – Monteringsalternativ + Egenskaper för ny nyckelfil för säkerhetstoken + VeraCrypt – Berikning av slumptalspool + Välj en partition eller enhet + VeraCrypt + Nyckelfiler för säkerhetstoken + Lösenord eller PIN för säkerhetstoken krävs + Aktuellt språkpaket + Prestanda påverkas av processorns belastning och lagringsenhetens egenskaper.\n\nDessa mätningar genomförs i primärminnet. + Buffertstorlek: + Kryptering: + &Lösenord för dold volym:\n(om tomt används cache) + Skydd av dolda volymer + Nyckelstorlek: + Flytta muspekaren så slumpmässigt som möjligt innanför detta fönsters gränser. Ju längre du flyttar den desto bättre. Detta förfarande ökar nyckelfilens kryptografiska styrka avsevärt. + VARNING: Om du tappar bort en nyckelfil eller om någon bit av de första 1 024 kB ändras, blir det omöjligt att montera volymer som använder den nyckelfilen! + bitar + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Översatt av: + Storlek på klartext: + bitar + Aktuellt poolinnehåll + Blandningsalgoritm: + VIKTIGT: Flytta muspekaren så slumpmässigt som möjligt innanför detta fönsters gränser. Ju längre du flyttar den desto bättre. Detta förfarande ökar nyckelfilens kryptografiska styrka avsevärt. Klicka sedan på Fortsätt. + Sekundär nyckel (hexadecimalt) + Säkerhetstoken: + Sortering: + Vänta. Denna process kan ta lång tid … + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Blocknummer: + Krypterad text (hexadecimalt) + Dataenhetsnummer (64 bitar hexadecimalt, dataenhetsstorleken är 512 byte) + Nyckel (hexadecimalt) + Klartext (hexadecimalt) + Namn på nyckelfil: + XTS-läge + &System + &Volymer + &Favoriter + Verkt&yg + &Inställningar + H&jälp + &Webbplats + + &Om … + Det gick inte att ta bort skrivskyddsattributet på din gamla volym. Kontrollera filbehörigheterna. + Fel: Åtkomst nekad.\n\nPartitionen du försöker få åtkomst till är antingen 0 sektorer i storlek, eller så är det systemstartenheten. + Administratör + För att kunna ladda VeraCrypts drivrutin måste du vara inloggad med ett konto med administratörsbehörigheter. + Observera att du måste vara inloggad med ett konto med administratörsbehörigheter för att kunna kryptera/dekryptera eller formatera en partition eller enhet.\n\nDetta gäller inte volymer i volymbehållare. + Du måste vara inloggad med ett konto med administratörsbehörigheter för att kunna skapa en dold volym.\n\n Vill du fortsätta? + Observera att du måste vara inloggad med ett konto med administratörsbehörigheter för att kunna formatera volymen med NTFS.\n\nUtan administratörsbehörighet kan du formatera volymen med FAT. + FIPS-godkänt krypteringsalgoritm (Rijndael, publicerad 1998) som får användas av amerikanska regeringens departement och myndigheter för att skydda hemligstämplad information upp till topphemlig nivå. 256-bitars nyckel, 128-bitars block, 14 steg (AES-256). Arbetsläget är XTS. + Volymen är redan monterad. + VARNING: Minst ett av de inbyggda självtesterna för krypterings- och hashalgoritmer misslyckades!\n\nVeraCrypt-installationen kan vara skadad. + VARNING: Det finns inte tillräckligt med data i slumpdatapoolen för att den begärda mängden slumpmässiga data ska kunna tillhandahållas.\n\nDu bör inte fortsätta. Välj ”Rapportera fel” i Hjälp-menyn för att rapportera detta fel. + Enheten eller en kabel är skadad (har ett fysiskt fel), eller också fungerar inte minnet som det ska.\n\nObservera att detta är ett fel på din maskinvara, inte på VeraCrypt. Rapportera därför INTE detta som ett fel i eller ett problem med VeraCrypt och be inte om hjälp med detta i VeraCrypts forum. Kontakta din datorleverantörs tekniska support för hjälp. Tack.\n\nObservera: Om felet uppstår upprepade gånger på samma ställe, orsakas det troligen av felaktig allokeringsenhet. Detta borde gå att åtgärda med hjälp av programvaror från tredje part. (I många fall kan ”chkdsk /r”-kommandot inte rätta till felet, eftersom det endast arbetar på filsystemsnivå; i vissa fall kan ”chkdsk”-verktyget inte ens upptäcka det.) + Om du försöker komma åt en enhet med flyttbart lagringsmedium, kontrollera att mediet är ordentligt inmatat i enheten. Enheten eller mediet kan vara skadat (det kan finnas en fysisk defekt på det), eller så kan en kabel vara trasig eller urkopplad. + Ditt system verkar använda sig av anpassade kretsuppsättningsdrivrutiner som innehåller ett fel som förhindrar kryptering av hela systemenheten.\n\nFörsök att uppgradera eller avinstallera alla anpassade kretsuppsättningsdrivrutiner (ej utvecklade av Microsoft), innan du fortsätter. Om detta inte hjälper, försök att endast kryptera systempartitionen. + Ogiltig enhetsbeteckning. + Ogiltig sökväg. + Avbryt + Det går inte att komma åt enheten. Kontrollera att den valda enheten finns och inte används av operativsystemet. + Varning: Caps Lock är aktiverat. Detta kan orsaka att det angivna lösenordet blir fel. + Typ av volym + Det kan hända att någon försöker tvinga dig att avslöja lösenordet till en krypterad volym. Det finns många situationer där det kan vara svårt att vägra avslöja lösenordet (exempelvis vid utpressning). Genom att använda en så kallad dold volym går det att lösa sådana situationer utan att behöva avslöja lösenordet till din volym. + Välj detta alternativ om du vill skapa en normal VeraCrypt-volym. + Om du vill installera ett operativsystem på en dold partitionsbaserad volym, kan inte hela systemenheten krypteras med hjälp av en enda nyckel. + Krypteringsalternativ för yttre volym + Krypteringsalternativ för dold volym + Krypteringsalternativ + VARNING: Det gick inte att rensa sökvägen till den senast valda volymen eller nyckelfilen! + Fel: Volymbehållaren har komprimerats på filsystemsnivå. VeraCrypt stöder inte komprimerade volymbehållare. (Observera att komprimering av krypterade data är ineffektivt och överflödigt.)\n\nInaktivera komprimeringen av volymbehållaren med hjälp av följande steg:\n1) Högerklicka på volymbehållaren i Utforskaren (inte i VeraCrypt).\n2) Välj ”Egenskaper”.\n3) Klicka på ”Avancerat”.\n4) Inaktivera kryssrutan ”Komprimera innehåll för att spara diskutrymme” och klicka på ”OK”.\n5) Klicka på ”OK”. + Misslyckades med att skapa volymen %s + Storleken på %s är %.2f byte + Storleken på %s är %.2f kB + Storleken på %s är %.2f MB + Storleken på %s är %.2f GB + Storleken på %s är %.2f TB + Storleken på %s är %.2f PB + VARNING: Enheten eller partitionen används av operativsystemet eller en applikation. En formatering av enheten eller partitionen kan skada dina data och orsaka att systemet blir instabilt.\n\nVill du fortsätta? + Varning: Partitionen används av operativsystemet eller en applikation. Du bör stänga alla applikationer som kan tänkas använda partitionen (inklusive antivirusprogramvaror).\n\nVill du fortsätta? + Fel: Enheten eller partitionen innehåller ett filsystem som inte gick att demontera. Filsystemet används eventuellt av operativsystemet. En formatering av enheten eller partitionen kan skada dina data och orsaka att systemet blir instabilt.\n\nFör att lösa detta problem bör du först ta bort partitionen och sedan återskapa den utan att formatera den. Följ nedanstående steg för att göra det:\n1) Högerklicka på ”Dator” i Start-menyn och välj ”Hantera”. Fönstret ”Datorhantering” bör då öppnas.\n2) Välj ”Lagring” och ”Diskhantering” i fönstret ”Datorhantering”.\n3) Högerklicka på partitionen du vill kryptera och välj antingen ”Ta bort partition”, ”Ta bort volym” eller ”Ta bort logisk enhet”.\n4) Klicka på ”Ja”. Starta om datorn, om Windows ber dig om det. Repetera sedan steg 1 och 2 och fortsätt från steg 5.\n5) Högerklicka på det oallokerade eller lediga utrymmet och välj antingen ”Ny partition”, ”Ny enkel volym” eller ”Ny logisk enhet”.\n6) Någon av guiderna ”Ny partition” eller ”Ny enkel volym” bör startas. Följ instruktionerna, och på sidan med titeln ”Formatera partition” väljer du antingen ”Formatera inte den här partitionen” eller ”Formatera inte den här volymen”. Klicka sedan på ”Nästa” följt av ”Slutför”.\n7) Observera att enhetssökvägen du valt i VeraCrypt nu kan vara fel. Avsluta därför guiden Skapa VeraCrypt-volym (om den fortfarande körs) och starta den igen.\n8) Försöka att kryptera enheten eller partitionen igen.\n\nOm VeraCrypt upprepade gånger misslyckas att kryptera enheten eller partitionen, bör du överväga att skapa en volymbehållare i stället. + Fel: Det gick inte att låsa och/eller demontera filsystemet. Eventuellt används det av operativsystemet eller en applikation (som t.ex. antivirusprogramvara). En kryptering av partitionen kan skada dina data och orsaka att systemet blir instabilt.\n\nStäng alla applikationer som kan tänkas använda filsystemet (inklusive antivirusprogramvaror) och försök igen. Följ nedanstående steg, om detta inte hjälper. + VARNING: Vissa av de monterade enheterna eller partitionerna användes redan!\n\nAtt ignorera detta kan medföra oönskade resultat och orsaka instabilitet i systemet.\n\nDu bör stänga alla de applikationer som eventuellt använder enheterna eller partitionerna. + Den valda enheten innehåller partitioner.\n\nEn formatering av enheten kan orsaka att systemet blir instabilt och/eller att data skadas. Välj antingen en partition på enheten eller ta bort alla partitioner från den så att VeraCrypt kan formatera den på ett säkert sätt. + Den valda icke-systemenheten innehåller partitioner.\n\nKrypterade enhetsbaserade VeraCrypt-volymer kan skapas på enheter som inte innehåller några partitioner (inklusive hårddiskar och halvledardiskar). En enhet som innehåller partitioner kan endast på plats-krypteras fullständigt med en gemensam primär nyckel om det är den enhet som Windows är installerat på och startar från.\n\nOm du vill kryptera den valda icke-systemenheten med hjälp av en gemensam primär nyckel, måste du först ta bort alla partitioner från enheten så att VeraCrypt kan formatera den på ett säkert sätt. (Att formatera en enhet som innehåller partitioner kan orsaka att systemet blir instabilt och/eller att data skadas.) Alternativt kan du kryptera varje partition på enheten var för sig. (Varje partition kommer då att krypteras med hjälp av olika primära nycklar).\n\nObservera: Om du vill ta bort alla partitioner från en GPT-disk (GUID Partition Table), kan det hända att du först måste konvertera den till en MBR-disk (Master Boot Record) för att kunna ta bort dolda partitioner. Detta kan du göra med hjälp av t.ex. verktygen under ”Diskhantering” och ”Lagring” i programmet ”Datorhantering”. + Varning: Om du väljer att kryptera hela enheten – och inte endast en partition på den – kommer operativsystem att betrakta enheten som ny, tom och oformaterad, eftersom den inte innehåller någon partitionstabell. Eventuellt kan ett operativsystem då vilja initiera enheten (eller fråga dig om du vill göra det), vilket kan skada volymen. Vidare kommer det inte alltid att vara möjligt att montera volymen som en favorit (t.ex. när enhetsnumret ändras) eller att tilldela den ett eget namn.\n\nFör att undvika detta bör du överväga att skapa en partition på enheten och kryptera den i stället.\n\nÄr du säker på att du vill kryptera hela enheten? + VIKTIGT: Kom ihåg att denna volym INTE kan monteras eller kommas åt via enhetsbeteckningen %c:, som den närvarande tilldelats!\n\nKlicka på ”Automontera enheter” i VeraCrypts huvudfönster för att montera den. Alternativt kan du klicka på ”Välj enhet” i VeraCrypts huvudfönster, välja denna partition eller volym och sedan klicka på ”Montera”. Volymen kommer att monteras med en annan enhetsbeteckning, som du väljer från listan i VeraCrypts huvudfönster.\n\nDen ursprungliga enhetsbeteckningen %c: ska endast användas om du vill ta bort krypteringen från partitionen eller enheten (t.ex. om du inte längre har behov av kryptering). Högerklicka i så fall på enhetsbeteckningen %c: under ”Dator” (eller ”Min dator”) i Utforskaren och välj ”Formatera”. Enhetsbeteckningen %c: ska annars aldrig användas, såvida du inte tar bort den och tilldelar den till en annan partition eller enhet (enligt beskrivningen i VeraCrypts ”Vanliga frågor och svar”). + På plats-kryptering av icke-systemvolymer stöds inte av versionen på det aktuella operativsystemet (det stöds endast i Windows Vista och nyare versioner av Windows).\n\nAnledningen till detta är att denna version av Windows inte kan krympa ett filsystem. (Filsystemet måste krympas för att lämna plats för volymhuvudet och dess säkerhetskopia.) + Den valda partitionen verkar inte innehålla ett NTFS-filsystem. Endast partitioner som innehåller ett NTFS-filsystem kan på plats-krypteras.\n\nObservera: Anledningen till detta är att Windows inte kan krympa någon annan typ av filsystem än NTFS. (Filsystemet måste krympas för att lämna plats för volymhuvudet och dess säkerhetskopia.) + Den valda partitionen verkar inte innehålla ett NTFS-filsystem. Endast partitioner som innehåller ett NTFS-filsystem kan på plats-krypteras.\n\nOm du vill skapa en krypterad VeraCrypt-volym inuti denna partition, välj alternativet ”Skapa en krypterad volym och formatera den” och inte alternativet ”På plats-kryptera partition”. + Fel: Partitionen är för liten. VeraCrypt kan inte på plats-kryptera den. + Följ nedanstående steg för att kryptera data på denna partition:\n\n1) Skapa en VeraCrypt-volym på en tom partition eller enhet och montera den.\n\n2) Kopiera alla filer från den partition du ursprungligen ville kryptera till den monterade VeraCrypt-volymen (som skapades och monterades i steg 1). På detta sätt skapar du en krypterad säkerhetskopia av dina data.\n\n3) Skapa en VeraCrypt-volym på den partition du ursprungligen ville kryptera och kontrollera att du i guiden Skapa VeraCrypt-volym väljer alternativet ”Skapa en krypterad volym och formatera den” och inte alternativet ”På plats-kryptera partition”. Observera att alla data lagrade på partitionen kommer att tas bort. Montera volymen efter att den skapats.\n\n4) Kopiera alla filerna från den monterade VeraCrypt-volymen med säkerhetskopiorna (som skapades och monterades i steg 1) till den monterade VeraCrypt-volymen som skapades och monterades i steg 3.\n\nEfter att du fullföljt dessa steg kommer alla data att vara krypterade, och det kommer dessutom att finnas en krypterad säkerhetskopia av alla data. + VeraCrypt kan endast på plats-kryptera partitioner, dynamiska volymer och hela systemenheter.\n\nOm du vill skapa en krypterad VeraCrypt-volym inuti den valda icke-systemenheten, välj alternativet ”Skapa en krypterad volym och formatera den” och inte alternativet ”På plats-kryptera partition”. + Fel: VeraCrypt kan endast på plats-kryptera partitioner, dynamiska volymen och hela systemenheter. Kontrollera att den angivna sökvägen är giltig. + Fel: Det går inte att krympa filsystemet. (Filsystemet måste krympas för att lämna plats för volymhuvudet och dess säkerhetskopia.)\n\nMöjliga orsaker och lösningar:\n\n· Det saknas utrymme på volymen. Kontrollera att inga andra applikationer skriver till filsystemet.\n\n· Filsystemet är skadat. Kontrollera det och reparera eventuella fel genom att högerklicka på motsvarande enhetsbeteckning i Utforskaren och välja alternativet ”Egenskaper”. Klicka på ”Kontrollera nu” under fliken ”Verktyg” och sedan på ”Starta”. Se till att alternativet ”Reparera fel automatiskt” är aktiverat.\n\nFölj stegen nedan, om dessa steg inte hjälper. + Fel: Det finns inte tillräckligt med utrymme på volymen för att filsystemet ska kunna krympas. (Filsystemet måste krympas för att lämna plats för volymhuvudet och dess säkerhetskopia.)\n\nTa bort överflödiga filer och töm Papperskorgen för att frigöra åtminstone 256 kB utrymme och försök därefter igen. Observera att den mängd utrymme som Utforskaren rapporterar som ledigt kan vara felaktigt innan operativsystemets startats om. Om en omstart av operativsystemet inte hjälper kan det hända att filsystemet är skadat. Kontrollera det och reparera eventuella fel genom att högerklicka på motsvarande enhetsbeteckning i Utforskaren och välja alternativet ”Egenskaper”. Klicka på ”Kontrollera nu” under fliken ”Verktyg” och sedan på ”Starta”. Se till att alternativet ”Reparera fel i filsystemet automatiskt” är aktiverat.\n\nFölj stegen nedan, om dessa steg inte hjälper. + Ledigt utrymme på enhet %s är %.2f byte. + Ledigt utrymme på enhet %s är %.2f kB + Ledigt utrymme på enhet %s är %.2f MB + Ledigt utrymme på enhet %s är %.2f GB + Ledigt utrymme på enhet %s är %.2f TB + Ledigt utrymme på enhet %s är %.2f PB + Kunde inte läsa in tillgängliga enhetsbeteckningar. + Fel: VeraCrypts drivrutin kunde inte hittas.\n\nKopiera filerna ”veracrypt.sys” och ”veracrypt-x64.sys” till mappen där VeraCrypts huvudapplikation (VeraCrypt.exe) är belägen. + Fel: En inkompatibel version av VeraCrypts drivrutin körs redan.\n\nOm du försöker köra VeraCrypt i portabelt läge (d.v.s. utan att installera programmet) och en annan version av VeraCrypt redan är installerad, måste denna först avinstalleras eller uppgraderas med hjälp av VeraCrypts installationsprogram.\n\nFölj dessa steg för att avinstallera VeraCrypt i Windows Vista eller senare: Välj ”Dator” i Start-menyn och klicka på ”Avinstallera eller ändra ett program”. Markera VeraCrypt och klicka på ”Avinstallera”. I Windows XP startar man Kontrollpanelen i Start-menyn och klickar på ”Lägg till eller ta bort program”. Markera VeraCrypt och klicka på ”Avinstallera”.\n\nPå liknande sätt måste du, om du försöker köra VeraCrypt i portabelt läge och en annan version av VeraCrypt redan körs i portabelt läge, först starta om datorn och därefter köra enbart den nya versionen. + Fel: Initieringen av krypteringsalgoritmerna misslyckades. + Fel: En svag eller möjligt svag nyckel har identifierats och förkastats. Försök igen. + Ett allvarligt fel har inträffat, och VeraCrypt måste avslutas. Om detta fel orsakats av ett fel i VeraCrypt, vill vi rätta till det. Genom att skicka en automatiskt genererad felrapport kan du hjälpa oss att avgöra om det finns ett fel i VeraCrypt. Felrapporten innehåller följande information:\n· Programversion\n· Operativsystemets version\n· Typ av processor\n· VeraCrypt-komponentens namn\n· Den körbara filens checksumma\n· Dialogrutans symboliska namn\n· Felkategori\n· Adressen för felet\n· VeraCrypts anropsstack\n\nOm du klickar på ”Ja” kommer följande URL, som innehåller hela felrapporten, att öppnas i din standardwebbläsare.\n\n%hs\n\nVill du skicka ovanstående felrapport till oss? + Ett allvarligt fel, som kräver att VeraCrypt avslutas, har inträffat.\n\nObservera att detta fel inte har orsakats av VeraCrypt, så VeraCrypt-utvecklarna kan inte rätta till det. Sök igenom systemet efter möjliga problem med t.ex. systemkonfigurationen, nätverksanslutningen eller fallerande maskinvarukomponenter. + Ett allvarligt fel, som kräver att VeraCrypt avslutas, har inträffat.\n\nOm problemet kvarstår, prova att inaktivera eller avinstallera applikationer som kan orsaka felet, t.ex. antivirusprogramvaror, systemförbättrande eller systemoptimerande programvaror etc. Om detta inte hjälper, kan en sista utväg vara att installera om operativsystemet. (Problemet kan även orsakas av skadlig kod.) + VeraCrypt – Allvarligt fel + VeraCrypt har upptäckt att operativsystemet nyligen kraschade. Det finns många möjliga orsaker till varför systemet kraschade, som t.ex. en fallerande maskinvarukomponent eller ett fel i en drivrutin.\n\nVill du att VeraCrypt ska kontrollera om ett fel i VeraCrypt kan ha orsakat systemkraschen? + Vill du att VeraCrypt ska fortsätta att upptäcka systemkrascher? + VeraCrypt hittade ingen minidumpfil. + Vill du ta bort Windows kraschdumpfil för att frigöra diskutrymme? + För att kunna analysera en systemkrasch måste VeraCrypt först installera Microsoft Debugging Tools for Windows.\n\nEfter att du klickat på OK, kommer Windows Installer att ladda ned installationspaketet för Microsoft Debugging Tools (16 MB) från en Microsoft-server och installera det. (Windows Installer kommer att hänvisas till Microsoft-servern via en server hos veracrypt.org, vilket säkerställer att nedladdningen kommer att fungera även om Microsoft ändrar URL:en till installationspaketet.) + Efter att du klickat på OK kommer VeraCrypt att analysera systemkraschen. Detta kan ta flera minuter. + Kontrollera att miljövariabeln ”PATH” innehåller sökvägen till ”kd.exe” (kernelfelsökaren). + Det förefaller som att VeraCrypt högst troligen inte orsakade systemkraschen. Det finns många möjliga orsaker till varför systemet kraschade, som t.ex. en fallerande maskinvarukomponent eller ett fel i en drivrutin. + Analysresultatet visar att en uppdatering av följande drivrutin eventuellt kan lösa problemet: + Genom att skicka en automatiskt genererad felrapport kan du hjälpa oss att avgöra om det finns ett fel i VeraCrypt. Felrapporten innehåller följande information:\n· Programversion\n· Operativsystemets version\n· Typ av processor\n· Felkategori\n· Drivrutinsnamn och -version\n· Systemets anropsstack\n\nOm du klickar på ”Ja” kommer följande URL, som innehåller hela felrapporten, att öppnas i din standardwebbläsare. + Vill du skicka ovanstående felrapport till oss? + &Kryptera + &Dekryptera + &Permanent dekryptering + &Avsluta + Skapa en logisk enhet för denna utökade partition och försök sedan igen. + En VeraCrypt-volym kan placeras i en fil som kallas volymbehållare. Den kan i sin tur lagras på en hårddisk, ett USB-minne eller liknande. En volymbehållare fungerar precis som en vanlig fil och kan t.ex. flyttas eller raderas som vilken annan fil som helst. Klicka på ”Välj fil” för att välja ett filnamn för volymbehållaren och för att välja var volymbehållaren ska skapas.\n\nVARNING: Om du väljer en befintlig fil kommer VeraCrypt INTE att kryptera den; filen kommer i stället att tas bort och bli ersatt av den volymbehållare som skapas. Du kommer att kunna kryptera befintliga filer senare genom att flytta dem till volymbehållaren du håller på att skapa nu. + Välj den plats där den yttre volymen ska skapas. (Den dolda volymen kommer att skapas inuti denna volym senare.)\n\nEn VeraCrypt-volym kan placeras i en fil som kallas volym- behållare. Den kan i sin tur lagras på en hårddisk, ett USB-minne eller liknande. En volymbehållare fungerar precis som en vanlig fil och kan t.ex. flyttas eller raderas som vilken annan fil som helst. Klicka på ”Välj fil” för att välja ett filnamn för volymbehållaren och för att välja var volymbehållaren ska skapas. Om du väljer en befintlig fil kommer VeraCrypt INTE att kryptera den; filen kommer i stället att tas bort och bli ersatt av den volymbehållare som skapas. Du kommer att kunna kryptera befintliga filer senare genom att flytta dem till volymbehållaren du håller på att skapa nu. + Krypterade enhetsbaserade VeraCrypt-volymer kan skapas i partitioner på hårddiskar, halvledardiskar (SSD), USB-minnen eller andra understödda lagringsenheter. Partitioner kan även på plats-krypteras.\n\nKrypterade enhetsbaserade VeraCrypt-volymer kan dessutom skapas på enheter som inte innehåller några partitioner (inklusive hårddiskar och halvledardiskar).\n\nObservera: En enhet som innehåller partitioner kan endast på plats-krypteras fullständigt med en gemensam primär nyckel om det är den enhet som Windows är installerat på och startar från. + En enhetsbaserad VeraCrypt-volym kan skapas i partitioner på hårddiskar, halvledardiskar (SSD), USB-minnen eller andra understödda lagringsenheter.\n\nVARNING: Observera att partitionen eller enheten kommer att formateras och alla data lagrade på den kommer att gå förlorade. + \nVälj den plats där den yttre volymen ska skapas, inuti vilken den dolda volymen kommer att skapas senare.\n\nYttre volymer kan skapas i partitioner på hårddiskar, halvledardiskar (SSD), USB-minnen eller andra understödda lagringsenheter. Yttre volymer kan också skapas på enheter som saknar partitioner (inklusive hårddiskar och halvledardiskar).\n\nVARNING: Observera att partitionen eller enheten kommer att formateras, och alla befintliga data kommer att gå förlorade. + \nVälj den volymbehållare inuti vilken du vill skapa en dold volym. + VARNING: Värdfilen eller enheten används redan!\n\nAtt ignorera detta kan orsaka oönskade effekter som exempelvis att systemet blir instabilt. Alla program som kan tänkas använda värdfilen eller enheten, t.ex. säkerhetskopieringsapplikationer eller antivirusprogramvaror, måste stängas innan volymen monteras.\n\nVill du fortsätta med monteringen? + Fel: Det går inte att montera volymen. Värdfilen eller enheten används redan. Att montera volymen utan exklusiv åtkomst fungerar inte heller. + Det gick inte att öppna filen. + Plats för volymen + Stora filer + Kommer du att lagra filer som är större än 4 GB på denna VeraCrypt-volym? + Beroende på ditt val ovan kommer VeraCrypt att föreslå det bäst lämpade filsystemet för VeraCrypt-volymen. (Du kommer att kunna välja filsystem i nästa steg.) + Du bör överväga att välja ”Nej”, eftersom du håller på att skapa en yttre volym. Om du väljer ”Ja”, kommer standardfilsystemet att vara NTFS, vilket inte är lika lämpat för yttre volymer som FAT. (Exempelvis kommer den maximala storleken för den dolda volymen att vara avsevärt mycket större om den yttre volymen formateras som FAT.) Vanligtvis är FAT standard för både dolda och normala volymer, men om användaren verkar ha för avsikt att lagra filer större än 4 GB – vilket FAT-filsystemet inte tillåter – kommer dock FAT inte att vara standard. + Är du säker på att du vill välja ”Ja”? + Metod för skapande av volym + Detta är det snabbaste sättet att skapa en partitions- eller enhetsbaserad VeraCrypt-volym. Det andra alternativet, på plats-kryptering, är långsammare beroende på att innehållet på varje sektor först måste läsas, krypteras och sedan skrivas. Befintliga data på den valda partitionen eller enheten kommer att förloras. (Data kommer INTE att krypteras utan bli överskrivna med slumpmässiga data.) Välj det andra alternativet, om du vill kryptera existerande data på en partition. + Hela den valda partitionen och alla data lagrade på den kommer att på plats-krypteras. Du bör välja det första alternativet om partitionen är tom, eftersom volymen då kommer att skapas mycket snabbare. + Observera: + &Återuppta + &Skjut upp + &Starta + &Fortsätt + F&ormatera + &Skriv över + Vill du avbryta formateringen? + Visa ytterligare information + Visa inte detta igen + Innehållet på partitionen eller enheten har skrivits över utan fel. + Innehållet på partitionen, där det ursprungliga operativsystemet (av vilket det dolda operativsystemet är en kloning) fanns, har skrivits över utan fel. + Kontrollera att den version av Windows du tänker installera på den överskrivna partitionen är samma som den du för närvarande kör, eftersom båda systemen kommer att dela en gemensam startpartition. + Systempartitionen eller -enheten har krypterats utan fel.\n\nObservera: Om det finns icke-systemvolymer du vill ska monteras automatiskt varje gång Windows startas, kan du ställa det genom att montera var och en av dem och välja ”Lägg till monterad volym som favorit” under ”Favoriter” i VeraCrypts rullgardinsmeny. + Systempartitionen eller -enheten har dekrypterats utan fel. + \n\nVeraCrypt-volymen har skapats och är klar att använda. Klicka på ”Nästa” om du vill skapa ytterligare en VeraCrypt-volym. Annars klickar du på ”Avsluta”. + \n\nDen dolda VeraCrypt-volymen har skapats utan fel. (Det dolda operativsystemet kommer att placeras inuti denna dolda volym.)\n\nKlicka på Nästa för att fortsätta. + Volymen är fullständigt krypterad + Volume Fully Decrypted + VIKTIGT: KLICKA PÅ ”Automontera enheter” I VERACRYPTS HUVUDFÖNSTER FÖR ATT MONTERA DENNA NYLIGEN SKAPADE VERACRYPT-VOLYM OCH FÖR ATT KOMMA ÅT DATA LAGRADE PÅ DEN. Efter att du angett rätt lösenord (och/eller rätt nyckelfiler), kommer volymen att monteras med den enhetsbeteckning du valt i listan i VeraCrypts huvudfönster, och du kan komma åt dina krypterade data via den valda enhetsbeteckningen.\n\nLÄGG OVANSTÅENDE STEG PÅ MINNET ELLER SKRIV NED DEM. DU MÅSTE FÖLJA DEM VARJE GÅNG DU VILL MONTERA VOLYMEN OCH KOMMA ÅT DATA LAGRADE PÅ DEN. Alternativt kan du klicka på ”Välj enhet” i VeraCrypts huvudfönster, välja denna partition eller volym och sedan klicka på ”Montera”.\n\nPartitionen eller enheten har krypterats utan fel och är klar för användning. (Den innehåller nu en färdigkrypterad VeraCrypt-volym.) + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCrypt-volymen har skapats utan fel. + Volym skapad + VIKTIGT: Flytta muspekaren så slumpmässigt som möjligt innanför detta fönsters gränser. Ju längre du flyttar den desto bättre. Detta förfarande ökar krypteringsnycklarnas kryptografiska styrka avsevärt. Klicka sedan på ”Formatera” för att skapa volymen. + Klicka på ”Formatera” för att skapa den yttre volymen. Ytterligare information finns att läsa i dokumentationen. + Formatering av yttre volym + Formatering av yttre volym + Formatering av volymen + Adobe Reader (eller ett motsvarande program) är nödvändigt för att läsa eller skriva ut VeraCrypts användarhandbok. Adobe Reader är gratis och kan laddas ner från http://get.adobe.com/reader\n\nVill du läsa den Internetbaserade dokumentationen i stället? + Om du väljer detta alternativ kommer guiden först att hjälpa dig att skapa en normal VeraCrypt-volym och sedan en dold VeraCrypt-volym inuti den. Oerfarna användare bör alltid välja detta alternativ. + Om du väljer detta alternativ kommer du att få skapa en dold volym inuti en existerande VeraCrypt-volym. Det förutsätts att du redan har skapat en VeraCrypt-volym som kan hysa den dolda volymen. + Metod för skapande av volym + Dold volym skapad + Den dolda VeraCrypt-volymen har skapats utan fel och är klar för användning. Om alla instruktioner samt de försiktighetsåtgärder och krav som beskrivs i avsnittet ”Security Requirements and Precautions Pertaining to Hidden Volumes” i VeraCrypts användarhandbok har följts, bör det vara omöjligt att upptäcka att den dolda volymen existerar, även om den yttre volymen monteras.\n\nVARNING: SKRIV INTE TILL DEN YTTRE VOLYMEN OM DU INTE SKYDDAT DEN DOLDA VOLYMEN. (LÄS AVSNITTET ”PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE” I VERACRYPTS ANVÄNDARHANDBOK FÖR MER INFORMATION OM DETTA.) ANNARS KAN DU SKRIVA ÖVER OCH SKADA DEN DOLDA VOLYMEN! + Du har startat det dolda operativsystemet. Som du kanske har märkt, ser det dolda operativsystemet ut att vara installerat på samma partition som det ursprungliga operativsystemet. I verkligheten är det dock installerat på partitionen efter den (i den dolda volymen). Alla läs- och skrivåtgärder blir transparent omdirigerade från den ursprungliga systempartitionen till den dolda volymen.\n\nVarken operativsystemet eller applikationerna kommer att veta att data som skrivs till och läses från systempartitionen skrivs till och läses från partitionen efter den (till/från en dold volym). Alla dessa data krypteras och dekrypteras som vanligt i realtid med en krypteringsnyckel skild från den som används för skenoperativsystemet.\n\n\nKlicka på Nästa för att fortsätta. + Den yttre volymen har nu skapats och monterats som enhet %hc:. Till denna yttre volym bör du nu kopiera några skenbart känsliga filer som du egentligen INTE vill dölja. De ska finnas där om någon tvingar dig att avslöja lösenordet till den första partitionen efter systempartitionen, där både den yttre volymen och den dolda volymen (innehållande det dolda operativsystemet) kommer att finnas. Även om du avslöjar lösenordet för den yttre volymen, kommer den dolda volymens (och det dolda operativsystemets) existens att förbli hemlig.\n\nVIKTIGT: Filerna du kopierar till den yttre volymen bör inte uppta mer än %s. Annars kan det hända att det inte finns tillräckligt med ledigt utrymme för den dolda volymen i den yttre volymen, och du kommer inte att kunna fortsätta. Klicka på Nästa när du har kopierat klart. (Demontera inte volymen.) + Den yttre volymen har skapats utan fel och monterats som enhet %hc:. Till denna volym bör du nu kopiera några skenbart känsliga filer som du egentligen INTE vill dölja. Meningen med dessa filer är att de ska kunna hittas av någon som tvingar dig att avslöja ditt lösenord. Dock avslöjar du endast lösenordet till den yttre volymen, inte den dolda. De filer du verkligen bryr dig om ska lagras i den dolda volymen, som kommer att skapas i ett senare skede. Klicka på ”Nästa” när du har kopierat klart. Demontera inte volymen.\n\nObservera: Efter att du klickat på ”Nästa” kommer den yttre volymens klusterbitmapp att läsas av för att bestämma storleken på det sammanhängande lediga utrymmet i slutet av volymen. Detta utrymme kommer att hysa den dolda volymen och därmed även begränsa dess storlek. Avläsningen av klusterbitmappen säkerställer att inga data i den yttre volymen skrivs över av den dolda volymen. + Innehåll på yttre volym + \n\nI de följande stegen kommer du att få välja olika alternativ för den yttre volymen, inuti vilken den dolda volymen kommer att skapas senare. + \n\nI följande steg kommer du att skapa en så kallad yttre volym inuti den första partitionen efter systempartitionen (vilket förklarades i ett av de tidigare stegen). + Yttre volym + I de följande stegen kommer du att välja olika alternativ och ange lösenordet för den dolda volymen, som kommer att innehålla det dolda operativsystemet.\n\nAnmärkning: Den yttre volymens klusterbitmapp har lästs av för att avgöra storleken på det sammanhängande lediga utrymmet i slutet av volymen. Detta utrymme kommer att hysa den dolda volymen och därmed även begränsa dess storlek. Den dolda volymens maximala storlek har beräknats och bekräftats vara större än storleken på systempartitionen, vilket krävs eftersom hela innehållet på systempartitionen ska kopieras till den dolda volymen. Detta säkerställer att inga data som för närvarande lagras i den yttre volymen kommer att skrivas över av data som skrivs till den dolda volymen. + VIKTIGT: Lägg de krypteringsalgoritmer du väljer i detta steg på minnet. Du måste nämligen välja samma krypteringsalgoritmer för skenoperativsystemet senare, annars kommer det dolda operativsystemet inte att vara åtkomligt! (Skenoperativsystemet måste krypteras med samma krypteringsalgoritm som det dolda operativsystemet.)\n\nObservera: Anledningen till detta är att skenoperativsystemet och det dolda operativsystemet måste dela en gemensam startinläsare, vilken endast stöder en enskild krypteringsalgoritm som väljs av användaren. (Varje krypteringsalgoritm använder en särskild version av VeraCrypts startinläsare.) + \n\nVolymens klusterbitmapp har lästs av, och den maximala storleken för den dolda volymen har beräknats. I de följande stegen kommer du att få ange ett antal alternativ samt storleken och lösenordet för den dolda volymen. + Dold volym + Den dolda volymen är nu skyddad mot skador tills den yttre volymen demonterats.\n\nVARNING: Om det görs försök att skriva data till den dolda volymens utrymme, kommer VeraCrypt att skrivskydda hela volymen – både den yttre och den dolda delen – tills den demonterats. Detta kan orsaka fel i filsystemet på den yttre volymen, som vid upprepning kan påverka trovärdigheten i ett förnekande av den dolda volymens existens negativt. Därför bör du – så långt det är möjligt – undvika att skriva till den dolda volymens utrymme. Data som skrivs till den dolda volymens utrymme kommer inte att sparas utan gå förlorade. Windows rapporterar eventuellt detta som ett skrivfel (”En fördröjd skrivning misslyckades” eller ”Felaktig parameter”). + Var och en av de dolda volymerna inuti de nyligen monterade volymerna är nu skyddade mot skador tills de demontrerats.\n\nVARNING: Om försök görs att skriva data till något av dessa dolda volymers utrymmen, kommer VeraCrypt att skrivskydda hela volymen – både den yttre och den dolda delen – tills den demonterats. Detta kan orsaka fel i filsystemet på den yttre volymen, som vid upprepning kan påverka trovärdigheten i ett förnekande av den dolda volymens existens negativt. Därför bör du – så långt det är möjligt – undvika att skriva till den dolda volymens utrymme. Data som skrivs till de dolda volymernas utrymmen kommer inte att sparas utan gå förlorade. Windows rapporterar eventuellt detta som ett skrivfel (”En fördröjd skrivning misslyckades” eller ”Felaktig parameter”). + VARNING: Ett försök att skriva data till utrymmet för den dolda volymen monterad som %c: har gjorts! För att skydda den dolda volymen hindrade VeraCrypt dessa data från att sparas. Detta kan ha orsakat fel på den yttre volymens filsystem, och Windows kan eventuellt ha rapporterat detta som ett skrivfel (”En fördröjd skrivning misslyckades” eller ”Felaktig parameter”). Hela volymen (både den yttre och den dolda delen) kommer att skrivskyddas tills den demonterats. Om det inte är första gången VeraCrypt har förhindrat data från att sparas på den dolda volymens utrymme, kan trovärdigheten i ett förnekande av den dolda volymens existens påverkas negativt (beroende på eventuella motsvarande motsägelser i den yttre volymens filsystem). Därför bör du överväga att skapa en ny VeraCrypt-volym (med snabbformatering inaktiverat) och flytta filer från den gamla volymen till den nya. Den gamla volymen bör sedan skrivas över, både den yttre och den dolda delen. Du rekommenderas att starta om operativsystemet nu. + Du verkar ha för avsikt att lagra filer större än 4 GB på volymen. Detta kräver att dock att volymen formateras med filsystemet NTFS, vilket dessvärre inte är möjligt. + Observera att icke-dolda VeraCrypt-volymer inte kan formateras med filsystemet NTFS, när ett dolt operativsystem körs. Orsaken till detta är att volymen temporärt måste monteras utan skrivskydd för att tillåta operativsystemet att formatera den med filsystemet NTFS. (En formatering med filsystemet FAT utförs av VeraCrypt utan montering av volymen, och inte av operativsystemet.) Se nedan för utförligare tekniska detaljer. Du kan skapa en icke-dold NFTS-volym inifrån skenoperativsystemet. + Av säkerhetsskäl kan dolda volymer endast skapas i ”direktläge”, när ett dolt operativsystem körs (eftersom yttre volymer alltid måste monteras som skrivskyddade). Följ dessa steg för att skapa en dold volym på ett säkert sätt:\n\n1) Starta skenoperativsystemet.\n\n2) Skapa en normal VeraCrypt-volym och kopiera några skenbart känsliga filer som du egentligen INTE vill dölja till den. (Volymen kommer att bli den yttre volymen.)\n\n3) Starta det dolda operativsystemet och stata guiden Skapa VeraCrypt-volym. Om volymen är hyst av en volymbehållare, flytta den till systempartitionen eller till en annan dold volym. (Annars blir den nyligen skapade dolda volymen monterad som skrivskyddad och kan inte formateras.) Följ instruktionerna i guiden och se till att välja ”Direktläge” vid skapandet av en dold volym.\n\n4) Välj i guidens nästa steg den volym du skapade i steg 2 och följ sedan instruktionerna för att skapa en dold volym inuti den. + Av säkerhetsskäl monteras lokala okrypterade filsystem och icke-dolda volymer som skrivskyddade, när ett dolt operativsystem körs. (Inga data kan skrivas till sådana filsystem eller VeraCrypt-volymer.)\n\nData kan skrivas till alla filsystem som är belägna inuti en dold VeraCrypt-volym, förutsatt att den dolda volymen inte är belägen inuti en volymbehållare som lagras i ett okrypterat filsystem eller i ett annat skrivskyddat filsystem. + Det finns tre huvudsakliga skäl till varför dessa motåtgärder har implementerats:\n\n· Det möjliggör skapandet av en säker plattform för montering av dolda VeraCrypt-volymer. Observera att vi officiellt rekommenderar att dolda volymer endast monteras i samband med att ett dolt operativsystem körs. (För ytterligare information, läs avsnittet ”Security Requirements and Precautions Pertaining to Hidden Volumes” i VeraCrypts användarhandbok.)\n\n· I vissa fall är det möjligt att, vid en viss tidpunkt, avgöra att ett visst filsystem inte monterades under – eller att en viss fil i filsystemet inte sparades eller användes inifrån – en viss instans av ett operativsystem (t.ex. genom att analysera och jämföra filsystemjournaler, filers tidsstämplar, programloggar eller felloggar). Detta kan indikera att ett dolt operativsystem finns installerat i datorn. Motåtgärderna förhindrar dessa problem.\n\n· Det förhindrar att data skadas och tillåter en säker återgång från viloläge. När Windows återgår från viloläge förutsätts det att alla monterade filsystem är i samma tillstånd som när systemet övergick till viloläge. VeraCrypt säkerställer detta genom att skrivskydda alla filsystem som är åtkomliga både inifrån ett skenoperativsystem och ett dolt operativsystem. Utan ett sådant skydd kan filsystemet skadas, om det monteras av ett operativsystem medan det andra är i viloläge. + Observera: Följ dessa steg om du vill överföra filer från skenoperativsystemet till det dolda operativsystemet på ett säkert sätt:\n1) Starta skenoperativsystemet.\n2) Spara filerna på en okrypterad volym eller på en yttre eller normal VeraCrypt-volym.\n3) Starta det dolda operativsystemet.\n4) Montera VeraCrypt-volymen, om du sparade filerna på en sådan. (Den kommer automatiskt att monteras som skrivskyddad.)\n5) Kopiera filerna till den dolda systempartitionen eller till en annan dold volym. + Din dator måste startas om.\n\nVill du starta om den nu? + Ett fel inträffade när systemets krypteringsstatus skulle inhämtas. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Det går inte att initiera applikationskomponenter för systemkryptering. + Initieringen av slumptalsgeneratorn misslyckades! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Det gick inte att initiera applikationen. Registreringen av dialogruteklassen misslyckades. + Fel: Det gick inte att ladda systembiblioteket för ”Rich Edit”. + Guiden Skapa VeraCrypt-volym + Maximalt möjliga utrymme för den dolda volymen är %.2f byte. + Maximalt möjliga utrymme för den dolda volymen är %.2f kB. + Maximalt möjliga utrymme för den dolda volymen är %.2f MB. + Maximalt möjliga utrymme för den dolda volymen är %.2f GB. + Maximalt möjliga utrymme för den dolda volymen är %.2f TB. + Volymlösenord eller -nyckelfiler kan inte ändras medan volymen är monterad. Volymen måste demonteras först. + Härledningsalgoritmen för volymhuvudets nyckel kan inte ändras medan volymen är monterad. Demontera volymen först. + &Montera + En nyare version av VeraCrypt krävs för att montera denna volym. + Fel: Det går inte att hitta guiden Skapa VeraCrypt-volym.\n\nKontrollera att filen ”VeraCrypt Format.exe” finns i den mapp från vilken ”VeraCrypt.exe” startades. Om filen inte finns där, ominstallera VeraCrypt eller leta upp filen ”VeraCrypt Format.exe” på din disk och kör den därifrån. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Nästa > + &Slutför + &Installera + &Packa upp + Det gick inte att ansluta till VeraCrypts drivrutin. VeraCrypt fungerar inte om drivrutinen inte körs.\n\nObservera att det, beroende på Windows, kan vara nödvändigt att logga ut eller starta om datorn innan drivrutinen kan laddas. + Ett fel inträffade när typsnitten laddades. + Enhetsbeteckningen kunde inte hittas, eller så angavs ingen enhetsbeteckning. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Enhetsbeteckningen är inte tillgänglig. + Ingen fil vald! + Det finns inga tillgängliga enhetsbeteckningar. + Det finns ingen enhetsbeteckning tillgänglig för den yttre volymen! Det går inte att fortsätta med skapandet av volymen. + Det gick inte att avgöra versionen på operativsystemet, eller så använder du ett operativsystem som inte stöds. + Ingen sökväg vald! + Det finns inte tillräckligt med utrymme för den dolda volymen! Det går inte att fortsätta med skapandet av volymen. + Fel: Filerna du kopierade till den yttre volymen tar upp för mycket utrymme. Därför finns det inte tillräckligt mycket ledigt utrymme på den yttre volymen för den dolda volymen.\n\nObservera att den dolda volymen måste vara lika stor som systempartitionen (partitionen där det aktuella operativsystemet är installerat). Anledningen till detta är att det dolda operativsystemet måste skapas genom en kopiering av systempartitionens innehåll till den dolda volymen.\n\n\nProcessen för att skapa ett dolt operativsystem kan inte fortsätta. + Drivrutinen kan inte demontera volymen. Vissa filer på volymen används förmodligen. + Det går inte att låsa volymen. Det finns fortfarande filer på den som är öppna, varför det inte går att demontera den. + VeraCrypt kan inte låsa volymen, eftersom den används av operativsystemet eller andra applikationer. (Det kan finnas filer på den som är öppna.)\n\nVill du tvinga fram en demontering av volymen? + Välj en VeraCrypt-volym + Ange sökväg och filnamn + Välj PKCS #11-bibliotek + Slut på ledigt minne + VIKTIGT: Oerfarna användare rekommenderas att skapa en volymbehållare i stället för att försöka kryptera en hel enhet eller partition.\n\nNär du skapar en volymbehållare (till skillnad från när du krypterar en enhet eller partition) finns det exempelvis ingen risk att ett stort antal filer går förlorade. Observera att en volymbehållare – även om den innehåller en virtuell krypterad disk – är som vilken annan fil som helst. För mer information, läs kapitlet ”Beginner’s Tutorial” i VeraCrypts användarhandbok.\n\nÄr du säker på att du vill kryptera hela enheten eller partitionen? + VARNING: Filen ”%s” finns redan!\n\nVIKTIGT: VERACRYPT KOMMER ATT TA BORT FILEN OCH INTE KRYPTERA DEN. Är du säker på att du vill ta bort filen och ersätta den med en ny volymbehållare? + VARNING: ALLA FILER SOM FINNS LAGRADE PÅ DEN %s DU VALT, ”%s”%s, KOMMER ATT TAS BORT OCH GÅ FÖRLORADE! (DE KOMMER INTE ATT KRYPTERAS.)\n\nÄr du säker på att du vill gå vidare med formateringen? + VARNING: Du kommer inte att kunna montera volymen eller ha tillgång till några filer lagrade på den förrän krypteringen har slutförts.\n\nÄr du säker på att du vill påbörja krypteringen av %s ”%s”%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + VARNING: Delar av dina data kan bli skadade eller gå förlorade, om strömförsörjningen plötsligt bryts eller om operativsystemet kraschar beroende på program- eller maskinvarufel medan existerande data på plats-krypteras. Därför bör du, innan krypteringsprocessen startar, kontrollera att du har säkerhetskopior av de filer du vill kryptera.\n\nHar du sådana säkerhetskopior? + VARNING: ALLA FILER SOM FINNS LAGRADE PÅ PARTITIONEN ”%s”%s, D.V.S. PÅ DEN FÖRSTA PARTITIONEN EFTER SYSTEMPARTITIONEN, KOMMER ATT TAS BORT OCH GÅ FÖRLORADE! (DE KOMMER INTE ATT KRYPTERAS.)\n\nÄr du säker på att du vill gå vidare med formateringen? + VARNING: DEN VALDA PARTITIONEN INNEHÅLLER EN STOR MÄNGD DATA! Alla filer som finns lagrade på partitionen kommer att tas bort och gå förlorade (de kommer INTE att krypteras)! + Ta bort alla filer lagrade på partitionen genom att skapa en VeraCrypt-volym inuti den + Lösenord + PIM + Härledningsalgoritm för volymhuvudets nyckel + Lägg till eller ta bort nyckelfiler från volymen + Ta bort alla nyckelfiler från volymen + Lösenord, PIM och/eller nyckelfil(er) ändrades utan fel.\n\nVIKTIGT: Försäkra dig om att du har läst avsnittet ”Changing Passwords and Keyfiles” i kapitlet ”Security Requirements and Precautions” i VeraCrypts användarhandbok. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + VIKTIGT: Om du inte förstörde din återställningsskiva, kan din systempartition eller -enhet fortfarande dekrypteras med det gamla lösenordet genom att starta datorn med återställningsskivan och ange det gamla lösenordet. Du bör skapa en ny återställningsskiva och förstöra den gamla.\n\nVill du skapa en ny återställningsskiva? + Observera att din återställningsdisk fortfarande använder den gamla algoritmen. Om du anser att den gamla algoritmen är osäker, bör du skapa en ny återställningsdisk och sedan förstöra den gamla.\n\nVill du skapa en ny återställningsskiva? + VeraCrypt kan använda vilken typ av fil som helst som nyckelfil (t.ex. .mp3, .jpg, .zip eller .avi). Observera att VeraCrypt aldrig ändrar en nyckelfils innehåll. Du kan fritt välja en eller flera nyckelfiler; deras inbördes ordning är oväsentlig. Om du lägger till en mapp, kommer alla synliga filer i den mappen att användas som nyckelfiler. Klicka på ”Lägg till token” för att lägga till nyckelfiler lagrade på säkerhetstoken eller smartkort eller för att importera nyckelfiler till dem. + Nyckelfiler tillagda eller borttagna utan fel. + Nyckelfilen exporterades. + Härledningsalgoritmen för volymhuvudets nyckel ändrades utan fel. + Ange lösenord och/eller nyckelfil(er) till den icke-systemvolym du vill återuppta på plats-krypteringsprocessen för.\n\n\nAnmärkning: Efter att du klickat på Nästa kommer VeraCrypt att försöka hitta alla icke-systemvolymer för vilka krypteringsprocessen har avbrutits och vars volymhuvuden kan dekrypteras med det lösenord och/eller de nyckelfiler du angett. Om fler än en sådan volym hittas, kommer du i nästa steg att få välja en av dem. + Välj en av följande volymer. Denna lista innehåller samtliga icke-systemvolymer vars krypteringsprocesser har avbrutits och vars volymhuvud inte kunde dekrypteras med det lösenord och/eller de nyckelfiler du angett. + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + Det är mycket viktigt att du väljer ett bra lösenord. Du bör undvika att välja ett som endast innehåller ett ord som kan finnas i en ordbok (eller en kombination av två, tre eller fyra sådana). Det bör inte innehålla några namn eller födelsedata. Det bör heller inte vara enkelt att gissa. Ett bra lösenord innehåller en kombination av versaler och gemener, siffror och specialtecken som exempelvis @ ^ = $ * + och liknande. Vi rekommenderar att du väljer ett lösenord som består av minst 20 tecken (ju längre desto bättre). Den största tillåtna längden är 64 tecken. + Ange ett lösenord för den dolda volymen. + Ange ett lösenord för det dolda operativsystemet, d.v.s. för den dolda volymen. + VIKTIGT: Lösenordet du väljer för det dolda operativsystemet i detta steg måste vara påtagligt annorlunda än de två andra lösenord du kommer att välja för den yttre volymen och skenoperativsystemet. + Ange lösenordet för den volym inuti vilken du vill skapa en dold volym.\n\nVeraCrypt kommer att försöka montera volymen när du klickar på ”Nästa”. När volymen har monterats, kommer dess klusterbitmapp att läsas av för att avgöra storleken på det sammanhängande lediga utrymmet i slutet av volymen. Detta utrymme kommer att hysa den dolda volymen och därmed även begränsa dess storlek. Avläsningen av klusterbitmappen säkerställer att inga data i den yttre volymen skrivs över av den dolda volymen. + \nAnge ett lösenord för den yttre volymen. Detta är det lösenord du kommer att kunna avslöja om du blir tillfrågad om det eller tvingad till det.\n\nVIKTIGT: Detta lösenord måste vara påtagligt annorlunda än det du kommer att välja för den dolda volymen.\n\nObservera: Maximal längd på lösenord är 64 tecken. + Ange ett lösenord för den yttre volymen. Detta är det lösenord du kommer att kunna avslöja om du blir tvingad att röja lösenordet för den första partitionen efter systempartitionen, där både den yttre och den dolda volymen (innehållande det dolda operativsystemet) är belägna. Den dolda volymens och det dolda operativsystemets existens kommer dock att förbli hemlig. Observera att detta lösenord inte gäller för skenoperativsystemet.\n\nVIKTIGT: Detta lösenord måste vara påtagligt annorlunda än det du kommer att välja för den dolda volymen, d.v.s. för det dolda operativsystemet. + Lösenord för yttre volym + Lösenord för dold volym + Lösenord för dolt operativsystem + VARNING: Korta lösenord är enkla att knäcka med hjälp av uttömmande attacktekniker (brute force)!\n\nVi rekommenderar att du väljer ett lösenord som består av minst 20 tecken. Är du säker på att du vill använda ett kort lösenord? + Volymlösenord + Antingen är det angivna lösenordet fel, eller så är den valda filen inte en VeraCrypt-volym. + Antingen har fel nyckelfil(er) och/eller fel lösenord angetts, eller så är den valda filen inte en VeraCrypt-volym. + Antingen är monteringsläget eller det angivna lösenordet fel, eller så är den valda filen inte en VeraCrypt-volym. + Antingen har fel nyckelfil(er) och/eller fel lösenord angetts, eller så är den valda filen inte en VeraCrypt-volym. Alternativt är monteringsläget fel. + Antingen är det angivna lösenordet fel, eller så hittades inte någon VeraCrypt-volym. + Antingen har fel nyckelfil(er) och/eller fel lösenord angetts, eller så hittades inte någon VeraCrypt-volym. + \n\nVarning: Caps Lock är på. Detta kan orsaka att ditt lösenod blir felaktigt angett. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nVARNING: Det finns dolda filer i nyckelfilernas sökväg. Om du vill använda dessa filer som nyckelfiler, måste de först göras synliga för operativsystemet. Högerklicka på var och en av dem och välj ”Egenskaper” i snabbmenyn, inaktivera kryssrutan ”Dold” och klicka på ”OK”). Observera: Dolda filer är endast synliga om alternativet ”Visa dolda filer, mappar och enheter” under fliken ”Visning”, som nås via ”Ordna” och menyalternativet ”Mapp- och sökalternativ” i Utforskaren, är aktiverat. + Om du försöker skydda en dold volym som innehåller ett dolt operativsystem, måste du se till att du använder amerikansk tangentbordslayout när du anger lösenordet för den dolda volymen. Detta beror på att lösenordet måste anges i förstartsmiljön (innan Windows startas), där inga andra tangentbordslayouter än den amerikanska finns tillgängliga. + VeraCrypt har inte hittat någon icke-systemvolym för vilken krypteringsprocessen har avbrutits och vars volymhuvud kan dekrypteras med hjälp av det lösenord och/eller de nyckelfiler du angett.\n\nKontrollera att lösenordet och/eller nyckelfilerna är korrekta och att partitionen eller volymen inte används av operativsystemet eller ett annat program (inklusive antivirusprogramvaror). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nObservera: Om du försöker montera en partition belägen på en krypterad systemenhet utan förstartsautentisering eller en krypterad systempartition tillhörande ett operativsystem som inte körs, kan du göra det genom att välja ”Montera utan förstartsautentisering” under ”System” i VeraCrypts rullgardinsmeny. + Det går inte att montera en partition belägen på en aktiv krypterad systemenhet.\n\nInnan du kan montera denna partition, måste du antingen starta ett okrypterat operativsystem eller ett operativsystem som är installerat på en annan enhet (krypterad eller okrypterad). + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Föregående + Det gick inte att sammanställa en lista över raw-enheter installerade i ditt system! + Volymen ”%s” finns redan och är skrivskyddad. Är du säker på att du vill ersätta den? + Välj målmapp + Välj nyckelfil + Välj en nyckelfilssökväg. VARNING: Observera att endast sökvägen lagras, inte filnamnen! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Utvecklad av Ross Anderson, Eli Biham och Lars Knudsen. Publicerad 1998. 256-bitars nyckel, 128-bitars block. Arbetsläget är XTS. Serpent var en av AES-finalisterna. + Ange storleken på den volymbehållare du vill skapa.\n\nOm du skapar en dynamisk volymbehållare (sparse-fil), kommer volymbehållarens maximala storlek att vara värdet du anger.\n\nObservera att den minsta möjliga storleken på en FAT-volym är 292 kB. Den minsta möjliga storleken på en NTFS-volym är 3 792 kB. + Ange storleken på den yttre volym som ska skapas. (Du kommer först att skapa den yttre volymen och sedan en dold volym inuti den.) Den minsta möjliga storleken på en volym inuti vilken en dold volym ska skapas är 340 kB. + Ange storleken på den dolda volym som ska skapas. Den minsta möjliga storleken på en dold volym är 40 kB (eller 3 664 kB om den formateras med filsystemet NTFS). Den största möjliga storleken på den dolda volymen visas ovan. + Storlek på yttre volym + Storlek på dold volym + Kontrollera att storleken på den valda enheten eller partitionen som visas ovan är korrekt och klicka på ”Nästa”. + Den yttre och den dolda volymen (innehållande det dolda operativsystemet) kommer att hysas inuti ovanstående partition. Det ska vara den första partitionen efter systempartitionen.\n\nKontrollera att partitionens storlek och nummer som visas ovan stämmer och klicka på Nästa. + \n\nObservera att den minsta möjliga storleken på en volym inuti vilken en dold volym är tänkt att skapas är 340 kB. + Volymstorlek + &Dynamisk + VARNING: SJÄLVTESTET MISSLYCKADES! + Självtesten av alla algoritmer slutfördes utan fel + Dataenhetsnumret du angav är för kort eller för långt. + Den sekundära nyckeln du angett är antingen för lång eller för kort. + Den krypterade texten du angett är antingen för lång eller för kort. + Testnyckeln du angett är antingen för lång eller för kort. + Klartexten du angett är antingen för lång eller för kort. + Två nästade krypteringsmetoder som arbetar i XTS-läge. Varje block krypteras först med %s (%d-bitars nyckel) och sedan med %s (%d-bitars nyckel). Varje krypteringsmetod använder sig av sin egen nyckel, som är oberoende den andra. + Tre nästade krypteringsmetoder som arbetar i XTS-läge. Varje block krypteras först med %s (%d-bitars nyckel), sedan med %s (%d-bitars nyckel) och slutligen med %s (%d-bitars nyckel). Varje krypteringsmetod använder sig av sin egen nyckel, som är oberoende av de övriga två. + Observera att det, beroende på operativsystemets konfiguration, kan hända att funktionerna för automatisk körning och montering endast fungerar när Traveler-skivans filer installerats på ett skrivskyddat CD- eller DVD-liknande medium. Detta är inte ett fel på VeraCrypt utan en begränsning i Windows. + VeraCrypt Traveler-skivan har skapats utan fel.\n\nObservera att du behöver administratörsbehörighet för att köra VeraCrypt Traveler. Observera också att det genom att undersöka registret kan vara möjligt att se att VeraCrypt har körts i ett Windows-system, även om VeraCrypt körts utan att installeras. + VeraCrypt Traveler-skiva + Utvecklad av Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall och Niels Ferguson. Publicerad 1998. 256-bitars nyckel, 128-bitars block. Arbetsläget är XTS. Twofish var en av AES-finalisterna. + Ytterligare information om %s + Okänt + Ett odefinierat eller okänt fel inträffade (%d). + Några volymer innehåller filer som används av operativsystemet eller andra applikationer.\n\nSka en demontering tvingas fram? + &Demontera + Demonteringen misslyckades! + Volymen innehåller filer eller mappar som används av ett annat program.\n\nVill du tvinga fram en demontering av volymen? + Ingen volym är monterad med angiven enhetsbeteckning. + Volymen du försöker montera är redan monterad. + Det uppstod ett fel vid monteringen av enheten. + Det uppstod ett fel vid sökning efter en plats inuti volymen. + Fel: Felaktig volymstorlek. + VARNING: Du bör endast använda snabbformatering i följande fall:\n\n1) Enheten innehåller inga känsliga data, och trovärdigheten i ett förnekande av volymens existens är inte viktig.\n2) Enheten har redan blivit säkert och fullständigt krypterad.\n\nÄr du säker på att du vill använda snabbformatering? + En dynamisk volymbehållare är en förallokerad NTFS-sparse-fil, vars fysiska storlek (faktiskt diskutrymme som används) växer när nya data läggs till.\n\nVARNING: Sparse-fil-baserade volymers prestanda är betydligt sämre än normala volymers. Sparse-fil-baserade volymer är även mindre säkra, eftersom det är möjligt att se vilka av volymernas sektorer som inte används. Dessutom kan sparse-fil-baserade volymer inte erbjuda en rimlig trovärdighet vid ett förnekande av en dold volyms existens. Observera även att det krypterade filsystemet kan skadas om data skrivs till en dynamisk volymbehållare när det inte finns tillräckligt med utrymme i värdfilsystemet.\n\nÄr du säker på att du vill skapa en sparse-fil-baserad volym? + Observera att storleken på den dynamiska volymbehållaren som rapporteras av Windows och VeraCrypt alltid kommer att vara samma som den maximala storleken. Volymbehållarens aktuella fysiska storlek (det faktiska diskutrymme den använder) visas i fältet ”Storlek på disk”, som man når genom att högerklicka på volymbehållarens fil (i Utforskaren, inte i VeraCrypt) och i snabbmenyn välja ”Egenskaper”.\n\nObservera även att en dynamisk volymbehållares fysiska storlek kommer att utökas till den maximala, om du flyttar den till en annan volym eller enhet. (Du kan förhindra detta genom att skapa en ny dynamisk volymbehållare på målenheten, montera den och sedan flytta filerna från den gamla behållaren till den nya.) + Lösenordscachen tömdes + Drivrutinens minnescache har tömts på lösenord (och/eller behandlat innehåll i nyckelfiler). + VeraCrypt kan inte ändra lösenordet på en främmande volym. + Vald enhetsbeteckning används redan. + Välj en monterad volym i listan med enhetsbeteckningar. + Två olika volymer är för närvarande valda (den ena i enhetsbeteckningslistan och den andra i inmatningsfältet under listan).\n\nVälj den volym du ville välja: + Fel: Kan inte skapa autorun.inf + Fel vid bearbetning av nyckelfil! + Fel vid bearbetning av nyckelfilssökväg! + Nyckelfilssökvägen innehåller inga filer.\n\nObservera att undermappar (och de filer de innehåller) som hittas i nyckelfilssökvägen ignoreras. + VeraCrypt stöder inte detta operativsystem. + Fel: VeraCrypt stöder endast slutgiltiga versioner av detta operativsystem (beta- eller lanseringskandidatsversioner stöds inte). + Fel: Det går inte att allokera minne. + Fel: Det gick inte att hämta värdet på prestandaräknaren. + Fel: Felaktigt volymformat. + Fel: Du angav ett lösenord för en dold volym och inte för en normal. + Av säkerhetsskäl kan en dold volym inte skapas inuti en VeraCrypt-volym innehållande ett filsystem som på plats-krypterats, eftersom volymens lediga utrymme inte har fyllts med slumpmässiga data. + VeraCrypt – Juridiska villkor + Alla filer + VeraCrypt-volymer + Biblioteksmoduler + NTFS-formateringen kan inte fortsätta. + Det går inte att montera volymen. + Det går inte att demontera volymen. + Windows misslyckades med att formatera volymen som NTFS.\n\nVälj om möjligt ett annat filsystem i stället och försök igen. Alternativt kan du lämna volymen oformaterad genom att välja ”Inget” som filsystem, avsluta denna guide, montera volymen och sedan använda antingen ett systemvertyg eller ett tredjepartsverktyg för att formatera den monterade volymen. (Volymen kommer att förbli krypterad.) + Windows misslyckades med att formatera volymen som NTFS.\n\nVill du formatera volymen som FAT i stället? + Standard + partition + PARTITION + Enhet + enhet + ENHET + Volym + volym + VOLYM + Eget namn + Den valda klusterstoleken är för liten för denna volymstorlek. En större klusterstorlek kommer att användas i stället. + Fel: Det går inte att avgöra storleken på volymen!\n\nKontrollera att den valda volymen inte används av operativsystemet eller en applikation. + Dolda volymer får inte skapas inuti en dynamisk volymbehållare (sparse-fil). För att ett förnekande av en dold volyms existens ska vara trovärdigt, måste den skapas inuti en icke-dynamisk volymbehållare. + Guiden Skapa VeraCrypt-volym kan endast skapa en dold volym inuti en FAT- eller NTFS-volym. + Under Windows 2000 kan guiden Skapa VeraCrypt-volym endast skapa en dold volym inuti en FAT-volym. + Observera: FAT är ett lämpligare filsystem för yttre volymer än NTFS. Exempelvis kommer sannolikt den dolda volymens maximala storlek att vara betydligt större om den yttre volymen formateras med filsystemet FAT. + Observera att FAT är ett lämpligare filsystem för yttre volymer än NTFS. Exempelvis kommer sannolikt den dolda volymens maximala storlek att vara betydligt större om den yttre volymen formateras med filsystemet FAT. Anledningen till detta är att interna data alltid lagras exakt i mitten av en volym med filsystemet NTFS, och därför kan en dold volym endast hysas i den yttre volymens andra halva.\n\nÄr du säker på att du vill formatera den yttre volymen med filsystemet NTFS? + Vill du formatera volymen med filsystemet FAT i stället? + Observera: Denna volym kan inte formateras med filsystemet FAT, eftersom den överstiger den maximala volymstorleken som stöds av filsystemet FAT32 för den tillämpbara sektorstorleken (2 TB för sektorer på 512 byte och 16 TB för på 4096 byte). + Fel: Partitionen för det dolda operativsystemet, d.v.s. den första partitionen efter systempartitionen, måste vara minst 5 % större än systempartitionen. (Systempartitionen är den partition där det aktuella operativsystemet är installerat.) + Fel: Partitionen för det dolda operativsystemet, d.v.s. den första partitionen efter systempartitionen, måste vara minst 110 % (2,1 gånger) större än systempartitionen. (Systempartitionen är den partition där det aktuella operativsystemet är installerat.) Anledningen till detta är att interna data alltid lagras exakt i mitten av en volym med filsystemet NTFS, och därför kan den dolda volymen – som ska innehålla en kloning av systempartitionen – endast hysas i den partitionens andra halva. + Fel: Om den yttre volymen är formaterad som NTFS, måste den vara minst 110 % (2,1 gånger) större än systempartitionen. Anledningen till detta är att interna data alltid lagras exakt i mitten av en volym med filsystemet NTFS, och därför kan den dolda volymen – som ska innehålla en kloning av system- partitionen – endast hysas i den partitionens andra halva.\n\nObservera: Den yttre volymen måste vara belägen på samma partition som det dolda operativsystemet, d.v.s. inuti den första partitionen efter systempartitionen). + Fel: Det finns ingen partition efter systempartitionen.\n\nObservera att du, innan du kan skapa ett dolt operativsystem, måste skapa en partition för det på systemenheten. Den måste vara den första partitionen efter systempartitionen och måste vara minst 5 % större än systempartitionen. (Systempartitionen är den partition där det aktuella operativsystemet är installerat.) Om den yttre volymen – som inte ska förväxlas med systempartitionen – är formaterad som NTFS, måste partitionen för det dolda operativsystemet vara minst 110 % (2,1 gånger) större än systempartitionen. Anledningen till detta är att interna data alltid lagras exakt i mitten av en volym med filsystemet NTFS, och därför kan den dolda volymen – som ska innehålla en kloning av system- partitionen – endast hysas i den partitionens andra halva. + Anmärkning: Det är inte praktiskt – och stöds därför inte heller – att installera operativsystem på två VeraCrypt-volymer belägna inuti samma partition, eftersom det vid användning av det yttre operativsystemet ofta krävs att data skrivs till området med det dolda operativsystemet. Om sådana skrivåtgärder hindras av skyddet av dolda volymer, kommer systemet att krascha (visa ”blåskärm”). + Läs dokumentationen som följde med ditt operativsystem eller kontakta din datorleverantörs tekniska support för information om hur man skapar och hanterar partitioner. + Fel: Det aktuella operativsystemet är inte installerat på startpartitionen (den första aktiva partitionen), vilket inte stöds av VeraCrypt. + Du antydde att du avser lagra filer större än 4 GB i denna VeraCrypt-volym. Dock valde du att använda ett FAT-filsystem, i vilket filer större än 4 GB inte kan lagras.\n\nÄr du säker på att du vill formatera volymen med ett FAT-filsystem? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Fel: Det går inte att komma åt volymen!\n\nKontrollera att den valda volymen existerar, att den inte är monterad eller används av operativsystemet eller en applikation, att du har skriv- och läsrättigheter på den och att den inte är skrivskyddad. + Error: Cannot obtain volume properties. + Fel: Det går inte att komma åt volymen och/eller inhämta information om den.\n\nKontrollera att den valda volymen existerar, att den inte är monterad eller används av operativsystemet eller en applikation, att du har skriv- och läsrättigheter på den och att den inte är skrivskyddad. + Fel: Det går inte att komma åt volymen och/eller inhämta information om den. Kontrollera att den valda volymen existerar, att den inte är monterad eller används av operativsystemet eller en applikation, att du har skriv- och läsrättigheter på den och att den inte är skrivskyddad.\n\nOm problemet kvarstår, kan det hjälpa att följa stegen nedan. + Ett fel hindrade VeraCrypt från att kryptera partitionen. Försök rätta till eventuella tidigare rapporterade problem och försök sedan igen. Om problemen kvarstår, kan det hjälpa att följa stegen nedan. + Ett fel hindrade VeraCrypt från att återuppta krypteringsprocessen för partitionen.\n\nFörsök rätta till eventuella tidigare rapporterade problem och försök sedan återuppta processen igen. Observera att volymen inte kan monteras förrän den har blivit fullständigt krypterad. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Fel: Det går inte att demontera den yttre volymen!\n\nVolymen kan inte demonteras om den innehåller filer eller mappar som används av operativsystemet eller ett program.\n\nStäng alla program som kan tänkas använda filer eller mappar på volymen och klicka på ”Försök igen”. + Fel: Det går inte att läsa in information om den yttre volymen!\nSkapandet av volymen kan inte fortsätta. + Fel: Det går inte att komma åt den yttre volymen! Skapandet av volymen kan inte fortsätta. + Fel: Det går inte att montera den yttre volymen! Skapandet av volymen kan inte fortsätta. + Fel: Det går inte att läsa klusterbitmappen! Skapandet av volymen kan inte fortsätta. + Alfabetiskt/grupperat + Medelvärde (fallande) + Algoritm + Kryptering + Dekryptering + Medelvärde + Enhetsbeteckning + Storlek + Krypteringsalgoritm + Krypteringsalgoritm + Typ + Värde + Egenskap + Placering + byte + Dold + Yttre + Normal + System + Dold (system) + Skrivskyddad + Systemenhet + Systemenhet (krypterar – %.2f %% klart) + Systemenhet (dekrypterar – %.2f %% klart) + Systemenhet (%.2f %% krypterat) + Systempartition + Dold systempartition + Systempartition (krypterar – %.2f %% klart) + Systempartition (dekrypterar – %.2f %% klart) + Systempartition (%.2f %% krypterat) + Ja (skada förhindrad!) + Inget + Storlek på primär nyckel + Storlek på sekundär nyckel (XTS-läge) + Storlek på justeringsnyckel (LRW-läge) + bitar + Blockstorlek + PKCS-5 PRF + PKCS-5, antal upprepningar + Volymen skapad + Volymhuvudet senast ändrat + (%I64d dagar sedan) + Version på volymformatet + Inbäddad säkerhetskopia av volymhuvudet + Version på VeraCrypts startinläsare + Första tillgängliga + Flyttbar disk + Hårddisk + Oförändrat + Autodetection + Installationsguide + Välj ett av nedanstående alternativ. Använd det förvalda alternativet om du är osäker. + Välj detta alternativ om du vill installera VeraCrypt i denna dator. + Observera: Du kan uppgradera VeraCrypt utan att dekryptera även om systempartitionen eller -enheten är krypterad eller om du använder ett dolt operativsystem. + Om du väljer detta alternativ kommer alla filer i installationspaketet att packas upp, men ingenting kommer att installeras i datorn. Välj inte detta alternativ om du tänker kryptera systempartitionen eller -enheten. Detta alternativ kan vara användbart om du t.ex. vill köra VeraCrypt i så kallat portabelt läge. VeraCrypt måste inte installeras i det operativsystem under vilket det ska köras; när alla filer har blivit uppackade kan du i stället köra filen ”VeraCrypt.exe” direkt från uppackningsmappen (vilket resulterar i att VeraCrypt körs i portabelt läge). + Installationsalternativ + Här kan du ange olika alternativ för att anpassa installationen. + Installerar + Vänta medan VeraCrypt installeras. + Installationen slutförd + Uppgraderingen slutförd + Överväg gärna att donera pengar. Du kan när som helst klicka på ”Slutför” för att stänga installationsprogrammet. + Uppackningsalternativ + Här kan du ange olika alternativ för att anpassa uppackningsförloppet. + Vänta medan filerna packas upp. + Uppackningen slutförd + Alla filer har packats upp till målmappen utan fel. + Om den angivna mappen inte finns, kommer den att skapas automatiskt. + VeraCrypts programfiler kommer att uppgraderas i den mapp där VeraCrypt är installerat. Om du vill välja en annan mapp måste du avinstallera VeraCrypt först. + Vill du läsa viktig information om den aktuella (senaste stabila) versionen av VeraCrypt? + Om du aldrig har använt VeraCrypt tidigare, rekommenderar vi att du läser kapitlet ”Beginner’s Tutorial” i VeraCrypts användarhandbok. Vill du läsa kapitlet nu? + Välj ett av nedanstående alternativ: + Reparera eller installera om + Uppgradera + Avinstallera + För att kunna installera eller avinstallera VeraCrypt måste du ha administratörsbehörighet. Vill du fortsätta? + VeraCrypts installationsprogram körs för närvarande och genomför eller förbereder en installation av VeraCrypt. Vänta på att installationsprogrammet slutförts eller stäng det innan du fortsätter. Starta om datorn, om programmet inte går att avsluta. + Installationen misslyckades. + Avinstallationen misslyckades. + Installationspaketet är skadat. Försök att ladda ned det igen (företrädelsevis från VeraCrypts officiella webbplats, https://veracrypt.codeplex.com). + Kan inte skapa filen %s + Packar upp + Det går inte att läsa från installationspaketet. + Det går inte att verifiera installationspaketets integritet. + Uppackningen misslyckades. + Installationen har återställts. + VeraCrypt har installerats utan fel. + VeraCrypt har uppdaterats utan fel. + VeraCrypt har uppgraderats utan fel, men innan du kan börja använda programmet måste datorn startas om.\n\nVill du starta om datorn nu? + Det gick inte att uppgradera VeraCrypt!\n\nVIKTIGT: Innan du stänger av eller startar om datorn, rekommenderar vi att du kör programmet Systemåterställning (under ”Tillbehör” och ”Systemverktyg” i Start-menyn) och återställer datorn till återställningspunkten ”VeraCrypt installation”. Om Systemåterställning inte är tillgängligt, bör du försöka installera den ursprungliga eller nya versionen av VeraCrypt igen innan du stänger av eller startar om datorn. + VeraCrypt har avinstallerats utan fel.\n\nKlicka på ”Slutför” för att ta bort VeraCrypts installationspaket och mappen %s. Observera att mappen inte kommer att tas bort om den innehåller filer som inte installerats av VeraCrypts installationspaket eller skapats av VeraCrypt. + Tar bort VeraCrypts registerposter + Lägger till registerposten + Tar bort applikationsspecifika data + Installerar + Stoppar + Tar bort + Lägger till ikonen + En systemåterställningspunkt skapas + Skapande av en systemåterställningspunkt misslyckades! + Uppdaterar startinläsaren + Installationen av ”%s” misslyckades. %s\nVill du fortsätta med installationen? + Avinstallationen av ”%s” misslyckades. %s\nVill du fortsätta med avinstallationen? + Installationen slutförd. + Mappen ”%s” kunde inte skapas + VeraCrypts drivrutin kan inte stängas.\n\nStäng först alla öppna VeraCrypt-fönster. Om detta inte hjälper, starta om Windows och försök sedan igen. + Alla VeraCrypt-volymer måste demonteras innan VeraCrypt kan installeras eller avinstalleras. + Det finns redan en gammal version av VeraCrypt installerad. Innan en ny version av VeraCrypt kan installeras, måste den gamla versionen avinstalleras.\n\nDen gamla versionen kommer att avinstalleras så snart detta meddelande stängts. Observera att ingen volym kommer att dekrypteras under avinstallationen. Kör installationspaketet för den nya versionen av VeraCrypt igen, efter att den gamla versionen avinstallerats. + Skapandet av registerposter misslyckades + Installationen av drivrutinen misslyckades. Starta om Windows och försök sedan installera VeraCrypt igen. + Startar VeraCrypts drivrutin + Avinstallationen av drivrutinen misslyckades. P.g.a. viss problematik i Windows kan det vara nödvändigt att logga ut eller starta om datorn innan drivrutinen kan avinstalleras (eller ominstalleras). + Installerar VeraCrypts drivrutin + Stoppar VeraCrypts drivrutin + Avinstallerar VeraCrypts drivrutin + Det gick inte att registrera stödbiblioteket för Kontroll av användarkonto (UAC). + Det gick inte att avregistrera stödbiblioteket för Kontroll av användarkonto (UAC). + Observera att operativsystemet kräver att drivrutiner har registrerats innan de kan köras. Därför är VeraCrypts drivrutin inte fullständigt portabel (och kan heller inte bli det). Däremot är själva VeraCrypt-applikationen fullständigt protabel, d.v.s. den måste varken installeras eller registreras i operativsystemet. Observera också att VeraCrypt är beroende av en drivrutin för transparent direktkryptering och -dekryptering. + Observera att om du bestämmer dig för att köra VeraCrypt i portabelt läge – i motsats till att köra en installerad kopia av VeraCrypt – kommer systemet att be dig om behörighet att köra VeraCrypt (Kontroll av användarkonto, UAC) varje gång du försöker starta programmet.\n\nAnledningen till detta är att VeraCrypt måste ladda och starta en drivrutin när programmet körs i portabelt läge. VeraCrypt är beroende av en drivrutin för transparent direktkryptering och -dekryptering, och användare utan administratörsbehörighet kan inte ladda drivrutiner i Windows. Därför kommer systemet att be dig om lov att köra VeraCrypt med administratörsbehörighet.\n\nObservera att systemet INTE kommer att be dig om lov varje gång du startar VeraCrypt, om du i stället gör en installation av VeraCrypt – i motsats till att köra VeraCrypt i portabelt läge.\n\nÄr du säker på att du vill packa upp filerna? + Varning: Denna instans av guiden Skapa VeraCrypt-volym har administrativa behörigheter. \n\nDen nya volymen kan komma att bli skapad med rättigheter som inte tillåter dig att skriva till volymen medan den är monterad. För att undvika detta, måste du stänga denna instans av guiden Skapa VeraCrypt-volym och starta en ny utan administrativa behörigheter.\n\nVill du stänga denna instans av guiden Skapa VeraCrypt-volym? + Fel: Kan inte visa licensen. + Yttre(!) + dagar + timmar + minuter + s + Öppna + Demontera + Visa VeraCrypt + Dölj VeraCrypt + Data lästa sedan montering + Data skrivna sedan montering + Krypterad andel + 100 % (fullständigt krypterad) + 0 % (ej krypterad) + %.3f %% + 100 % + Avvaktar + Förbereder + Ändrar storlek + Krypterar + Dekrypterar + Slutför + Pausat + Slutfört + Fel + Enheten frånkopplad + Systemvolymfavoriter sparade.\n\nAktivera alternativet ”Montera systemvolymfavoriter när Windows startas” i dialogrutan ”Systemvolymfavoriter” som du når via ”Inställningar” i rullgardinsmenyn för att aktivera montering av systemvolymfavoriter vid start av Windows. + Volymen du försöker lägga till som favorit är varken en partition eller en dynamisk volym. VeraCrypt kommer därför inte att kunna montera denna volymfavorit om enhetsnumret ändras. + Volymen du försöker lägga till som en favorit av en partitionstyp Windows inte känner till.\n\nVeraCrypt kommer därför inte att kunna montera denna volymfavorit om enhetsnumret ändras. Ändra partitionstypen till en som Windows känner till med hjälp av SETID-kommandot i Windows DiskPart-verktyg. Lägg sedan till partitionen som favorit igen. + VeraCrypts bakgrundsaktivitet är inaktiverad eller inställd att stängas av när det inte lägre finns några öppna volymer (eller så körs VeraCrypt i portabelt läge). Detta kan orsaka att dina volymfavoriter inte monteras automatiskt när enheter som hyser dem ansluts.\n\nObservera: Aktivera kryssrutan ”Aktiverad” i sektionen ”VeraCrypts bakgrundsaktivitet” under ”Inställningar” i rullgardinsmenyn för att aktivera VeraCrypts bakgrundsaktivitet. + En volymbehållare som lagras i ett fjärrfilsystem som delas över nätverket kan inte monteras automatiskt när dess värdenhet ansluts. + Enheten som visas nedan är varken en partition eller en dynamisk volym. Därför kan volymen som hyses av enheten inte monteras automatiskt när enheten ansluts. + Ändra typen för den partition som visas nedan till en typ som av Windows känner igen. (Använd SETID-kommandot i Windows-verktyget ”diskpart”.) Ta sedan bort partitionen från listan med favoriter och lägg till den igen. Detta gör det möjligt för den enhetsbaserade volymen att bli automatiskt monterad när enheten ansluts. + Enheten som visas nedan är varken en partition eller en dynamisk volym. Därför kan den inte ges något eget namn. + Ändra typen för den partition som visas nedan till en typ som av Windows känner igen. (Använd SETID-kommandot i Windows-verktyget ”diskpart”.) Ta sedan bort partitionen från listan med favoriter och lägg till den igen. Detta gör det möjligt för VeraCrypt att ge partitionen ett eget namn. + Beroende på en begränsning i Windows kan en volymbehållare som lagras i ett fjärrfilsystem som delas över nätverket inte monteras som en systemvolymfavorit. (Emellertid kan den monteras som en icke-systemvolymfavorit när en användare loggar in.) + Ange lösenordet för %s + Ange lösenordet för ”%s” + Ange lösenordet för den normala eller yttre volymen + Ange lösenordet för den dolda volymen + Ange lösenordet för volymhuvudet lagrat i säkerhetskopian + Nyckelfilen har skapats utan fel. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + VARNING: Volymhuvudet är skadat! VeraCrypt använde automatiskt den inbäddade säkerhetskopian av volymhuvudet.\n\nDu bör reparera volymhuvudet genom att välja ”Återställ volymhuvud” under ”Verktyg” i rullgardinsmenyn. + En säkerhetskopia av volymhuvudet har skapats utan fel.\n\nVIKTIGT: En återställning av volymhuvudet återställer även det aktuella lösenordet för volymen. Om nyckelfiler används för att montera volymen, kommer dessutom samma nyckelfiler att behövas för att montera volymen igen när volymhuvudet återställts.\n\nVARNING: Denna säkerhetskopia kan endast användas för att återställa detta specifika volymhuvud. Om du använder denna säkerhetskopia för att återställa ett annat volymhuvud kommer du visserligen att kunna montera volymen, men du kommer INTE att kunna dekryptera några data lagrade på den (eftersom du ändrar dess primära nyckel). + Volymhuvudet har återställts utan fel.\n\nVIKTIGT: Observera att även ett gammalt lösenord kan ha återställts. Om nyckelfiler användes för att montera volymen när säkerhetskopian skapades, kommer dessutom samma nyckelfiler att behövas för att montera volymen igen. + Av säkerhetsskäl måste du ange rätt lösenord och/eller nyckelfiler för volymen.\n\nObservera: Om volymen innehåller en dold volym, måste du först ange rätt lösenord och/eller nyckelfiler för den yttre volymen. Efter det måste du, om du väljer att säkerhetskopiera det dolda volymhuvudet, ange rätt lösenord och/eller nyckelfiler för den dolda volymen. + Är du säker på att du vill skapa en säkerhetskopia av volymhuvudet för %s?\n\nEfter att du klickat på Ja, kommer du att få ange ett filnamn för säkerhetskopian.\n\nObservera: Både det normala och det dolda volymhuvudet kommer att omkrypteras med nytt salt och lagras i säkerhetskopian. Om det inte finns någon dold volym inuti denna volym, kommer det område som reserverats i säkerhetskopian för det dolda volymhuvudet att fyllas med slumpmässiga data (för att bevara trovärdigheten i ett förnekande). Vid en återställning av volymhuvudet från säkerhetskopian måste du ange det lösenord och/eller de nyckelfiler som gällde när säkerhetskopian av volymhuvudet skapades. Lösenordet och/eller nyckelfilerna bestämmer automatiskt vilken typ av volymhuvud (normalt eller dolt) som kommer att återställas. (Observera att VeraCrypt avgör typen genom att prova sig fram.) + Är du säker på att du vill återställa volymhuvudet för %s?\n\nVARNING: En återställning av volymhuvudet återställer även lösenordet till det som gällde när säkerhetskopian skapades. Om nyckelfiler användes för att montera volymen, kommer dessutom samma nyckelfiler att behövas för att montera volymen igen när volymhuvudet återställts.\n\nEfter att du klickat på Ja, kommer du att få ange ett filnamn för säkerhetskopian. + Innehåller volymen en dold volym? + Volymen innehåller en dold volym + Volymen innehåller inte en dold volym + Välj den typ av säkerhetskopia du vill använda för återställning: + Återställ volymhuvudet från volymens inbäddade säkerhetskopia + Återställ volymhuvudet från en extern säkerhetskopia + Storleken på volymhuvudets säkerhetskopia är felaktig. + Det finns ingen inbäddad säkerhetskopia av volymhuvudet i denna volym. (Observera att endast volymer skapade av VeraCrypt 6.0 eller nyare innehåller inbäddade säkerhetskopior av volymhuvuden.) + Du försöker säkerhetskopiera systempartitionens eller -enhetens volymhuvud. Detta är inte tillåtet. Säkerhetskopierings- och återställningsåtgärder på systempartitionen eller -enheten kan endast utföras med hjälp av VeraCrypts återställningsskiva.\n\nVill du skapa en återställningsskiva? + Du försöker återställa ett virtuellt volymhuvud men du valde systempartitionen eller -enheten som mål. Detta är inte tillåtet. Säkerhetskopierings- och återställningsåtgärder på systempartitionen eller -enheten kan endast utföras med hjälp av VeraCrypts återställningsskiva.\n\nVill du skapa en återställningsskiva? + Efter att du klickat på OK kommer du att få välja ett filnamn för ISO-avbildningen av den nya återställningsskivan och den mapp du vill placera den i. + Avbildningen av återställningsskivan har skapats och lagrats i denna fil:\n%s\n\nNu måste du bränna avbildningen av återställningsskivan till en CD eller DVD.\n\nVIKTIGT: Observera att filen måste skrivas till CD:n eller DVD:n som en ISO-avbildning och inte som en individuell fil. Läs mer i din CD/DVD-brännarprogramvaras dokumentation för information om hur detta går till.\n\nVerifiera att återställningsskivan fungerar som den ska efter att du bränt den genom att välja ”Verifiera återställningsskiva” under ”System” i VeraCrypts rullgardinsmeny. + Återställningsskivans ISO-avbildning har skapats och sparats i följande fil:\n%s\n\nNu måste du bränna ISO-avbildningen till en CD eller DVD.\n\nVill du starta programmet Bränn skivavbildning i Windows nu?\n\nObservera: Välj ”Verifiera återställningsskiva” under ”System” i rullgardinsmenyn, efter att återställningsskivan är bränd, för att säkerställa att bränningen utförts utan fel. + Sätt in återställningsskivan i din CD- eller DVD-enhet och klicka på OK för att verifiera den. + Återställningsskivan har verifierats utan att några fel hittades. + Det går inte att säkerställa att bränningen av återställningsskivan utförts utan fel.\n\nOm du har bränt återställningsskivan, mata ut och sätt in CD:n eller DVD:n igen och försök en gång till. Använd sedan en annan bränningsprogramvara och/eller andra medier.\n\nVerifiering av en återställningsskiva skapad för en annan primär nyckel, annat lösenord eller annat salt kommer alltid att misslyckas. Välj ”Skapa återställningsskiva” under ”System” i rullgardinsmenyn för att skapa en ny återställningsskiva som är helt kompatibel med din aktuella konfiguration. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Fel vid skapandet av en återställningsskiva. + Det går inte att skapa en återställningsskiva medan ett dolt operativsystem körs.\n\nFör att skapa en återställningsskiva, starta skenoperativsystemet och välj sedan ”Skapa återställningsskiva” under ”System” i rullgardinsmenyn. + Det går inte att säkerställa att bränningen av återställningsskivan utförts utan fel.\n\nOm du har bränt återställningsskivan, mata ut och sätt in CD:n eller DVD:n igen och klicka på Nästa för att försöka en gång till. Använd andra medier om detta inte hjälper%s.\n\nBränn återställningsskivan, om du inte gjort det än, och klicka på Nästa.\n\nAtt verifiera en återställningsskiva som skapats innan du körde denna guide fungerar inte, eftersom den skapades för en annan primär nyckel. Du måste bränna den nyligen genererade återställningsskivan. + och/eller annan programvara för CD/DVD-bränning + VeraCrypt – Systemvolymfavoriter + Vad är systemvolymfavoriter? + Systempartitionen eller -volymen verkar inte vara krypterad.\n\nSystemvolymfavoriter kan endast monteras med hjälp av ett förstartslösenord. Systempartitionen eller -enheten måste därför krypteras innan systemvolymfavoriter kan användas. + Volymen måste demonteras innan det är möjligt att fortsätta. + Fel: Det går inte att ställa tiduret. + Felkontrollera filsystemet + Reparera filsystemet + Lägg till som volymfavorit … + Lägg till som systemvolymfavorit … + &Egenskaper … + Skydd av dold volym + Ej tillämpligt eller ej tillgängligt + Ja + Nej + Inaktiverat + Ett + Två eller fler + Arbetsläge + Eget namn: + Storlek: + Sökväg: + Enhetsbeteckning: + Fel: Lösenord får endast innehålla ASCII-tecken.\n\nIcke-ASCII-tecken i lösenord kan orsaka att volymen blir omöjlig att montera när din systemkonfiguration ändras.\n\nFöljande tecken är tillåtna:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Varning: Lösenordet innehåller icke-ASCII-tecken. Detta kan orsaka att volymen blir omöjlig att montera när din systemkonfiguration ändras.\n\nDu bör ersätta alla icke-ASCII-tecken i lösenordet med ASCII-tecken. För att göra det, välj ”Ändra volymlösenord” under ”Volymer” i rullgardinsmenyn.\n\nFöljande tecken är ASCII-tecken:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + VARNING: Du rekommenderas att undvika filnamnstillägg som används av körbara filer (som exempelvis .exe, .sys och .dll) och andra liknande problematiska filnamnstillägg. Användning av sådana filnamnstillägg kan medföra att Windows och antivirusprogramvaror stör volymbehållaren, vilket har en avsevärd påverkan på volymens prestanda och även kan orsaka andra allvarliga problem.\n\nDu rekommenderas att ta bort filnamnstillägget eller ändra det (till exempelvis ”.hc”).\n\nÄr du säker på att du vill använda det problematiska filnamnstillägget? + VARNING: Denna volymbehållare har ett filnamnstillägg som används av körbara filer (som exempelvis .exe, .sys och .dll) eller ett annat problematiskt filnamnstillägg. Det är mycket troligt att det kommer att medföra att Windows och antivirusprogramvaror stör volymbehållaren, vilket har en avsevärd påverkan på volymens prestanda och även kan orsaka andra allvarliga problem.\n\nDu rekommenderas att ta bort filnamnstillägget eller ändra det (till exempelvis ”.hc”) efter att du har demonterat volymen. + Webbplats + VARNING: Det verkar som att du inte har installerat något servicepaket för Windows. Du bör inte skriva till IDE-diskar större än 128 GB i ett Windows XP som inte har uppdaterats med servicepaket 1 eller nyare! Om du gör det, kan data bli skadade (vare sig det handlar om en VeraCrypt-volym eller ej). Observera att detta beror på en begränsning i Windows, inte ett fel på VeraCrypt. + VARNING: Det verkar som att du inte har installerat servicepaket 3 eller nyare för Windows. Du bör inte skriva till IDE-diskar större än 128 GB i ett Windows 2000 som inte har uppdaterats med servicepaket 3 eller nyare! Om du gör det, kan data bli skadade (vare sig det handlar om en VeraCrypt-volym eller ej). Observera att detta beror på en begränsning i Windows, inte ett fel på VeraCrypt.\n\nObservera: Du kan komma att behöva aktivera 48-bitars LBA-stöd i registret; läs mer om detta på sidan http://support.microsoft.com/kb/305098/EN-US + VARNING: 48-bitars LBA ATAPI-stöd är inaktiverat i din dator. Därför bör du inte skriva till IDE-diskar större än 128GB! Om du gör det, kan data bli skadade (vare sig det handlar om en VeraCrypt-volym eller ej). Observera att detta beror på en begränsning i Windows, inte ett fel på VeraCrypt.\n\nLägg till registervärdet ”EnableBigLba” under registernyckeln HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters och tilldela det värdet 1 för att aktivera 48-bitars LBA-stöd.\n\nLäs mer om detta på sidan http://support.microsoft.com/kb/305098/EN-US + Fel: Filsystemet FAT32 stöder inte filer större än 4 GB. Därför kan inte VeraCrypt-volymer hysta av en volymbehållare lagrad på ett FAT32-filsystem vara större än 4 GB.\n\nOm du har behov av en större volym, måste du skapa den i ett NTFS-filsystem eller – om du använder Windows Vista SP1 eller nyare – i ett exFAT-filsystem. Alternativt kan du – i stället för att använda en volym hyst av en volymbehållare – kryptera en hel partition eller enhet. + Varning: Windows XP stöder inte filer större än 2 048 GB. (Systemet rapportera att inte ”finns tillräckligt med diskutrymme”.) Därför kan du inte skapa en volymbehållare större än 2 048 GB i Windows XP.\n\nObservera att det fortfarande är möjligt att kryptera hela enheten eller att skapa en partitionsbaserad VeraCrypt-volym som är större än 2 048 GB i Windows XP. + VARNING: Om du vill kunna lägga till mer data eller filer till den yttre volymen vid ett senare tillfälle, bör du överväga att välja en mindre storlek på den dolda volymen.\n\nÄr du säker på att du vill använda den storlek du angav? + Ingen volym vald.\n\nKlicka på ”Välj enhet” eller ”Välj fil” för att välja en VeraCrypt-volym. + Ingen partition vald.\n\nKlicka på ”Välj enhet” för att välja en demonterad partition som normalt sett kräver förstartsautentisering, exempelvis en partition belägen på ett annat operativsystems krypterade systemenhet eller -partition.\n\nObservera: Den valda partitionen kommer att monteras som en normal VeraCrypt-volym utan förstartsautentisering. Detta är användbart vid t.ex. en säkerhetskopiering eller reparationsåtgärd. + VARNING: Om standardnyckelfiler anges och aktiveras, kommer volymer som inte använder dessa nyckelfiler att bli omöjliga att montera. Därför måste du, efter att du aktiverat standardnyckelfiler, alltid inaktivera alternativet ”Använd nyckelfiler” vid montering av sådana volymer.\n\nÄr du säker på att du vill använda valda nyckelfiler/sökvägar som standard? + Automontera enheter + Demontera allt + Töm lösenordscachen + Demontera allt och töm lösenordscachen + Tvingande demontering av allt och töm lösenordscachen + Tvingande demontering av allt, töm lösenordscachen och avsluta + Montera volymfavoriter + Visa/dölj VeraCrypts huvudfönster + (Klicka här och tryck ned en tangent) + Åtgärd + Kortkommando + Fel: Detta kortkommando är reserverat. Välj ett annat kortkommando. + Fel: Kortkommandot används redan. + VARNING: Ett eller flera av VeraCrypts systemglobala snabbtangenter fungerar inte!\n\nKontrollera att inte andra applikationer eller operativsystemet använder samma kortkommando(n) som VeraCrypt. + Skapandet av en växlingsfil har förhindrats.\n\nObservera att växlingsfiler, beroende på Windows, inte kan placeras på icke-systemvolymer (inklusive systemvolymfavoriter). VeraCrypt stöder endast att växlingsfiler skapas på en krypterad systempartition eller -enhet. + Ett fel eller en inkompatibilitet hindrar VeraCrypt från att kryptera vilolägesfilen. På grund av detta har en övergång till viloläge förhindrats.\n\nObservera: När en dator övergår till viloläge, skrivs innehållet i primärminnet till en vilolägesfil på systemenheten. VeraCrypt skulle inte ha kunnat förhindra att krypteringsnycklar och innehållet i känsliga filer öppnade i primärminnet sparades okrypterade till vilolägesfilen. + Övergång till viloläge har förhindrats.\n\nVeraCrypt stöder inte viloläge för dolda operativsystem som använder en extra startpartition. Observera att statpartitionen delas av skenoperativsystemet och det dolda operativsystemet. För att förhindra dataläckage och problem vid återgång från viloläge, har VeraCrypt hindrat det dolda operativsystemet från att skriva till den delade startpartitionen och från att övergå till viloläge. + VeraCrypt-volymen monterad som %c: har demonterats. + VeraCrypt-volymerna har demonterats. + VeraCrypt-volymerna har demonterats, och lösenordscachen har tömts. + Demontering genomförd utan fel + VARNING: Om VeraCrypts bakgrundsaktivitet inaktiveras kommer följande funktioner att stängas av:\n\n1) Snabbtangenter\n2) Automatisk demontering (t.ex. vid utloggning, oavsiktligt avlägsnande av värdenhet eller överskriden tidsgräns)\n3) Automatisk montering av volymfavoriter\n4) Meddelanden (t.ex. när en skada på en dold volym förhindrats)\n5) Ikonen i Meddelandefältet\n\nObservera: Du kan stänga av bakgrundsaktiviteten när som helst genom att högerklicka på VeraCrypts ikon i Meddelandefältet och välja ”Avsluta” i snabbmenyn.\n\nÄr du säker på att du vill inaktivera VeraCrypts bakgrundsaktivitet permanent? + VARNING: Om detta alternativ är inaktiverat kommer volymer som innehåller öppna filer eller mappar inte att vara möjliga att demontera automatiskt.\n\nÄr du säker på att du vill inaktivera detta alternativ? + VARNING: Volymer som innehåller öppna filer eller mappar kommer INTE att demonteras automatiskt.\n\nAktivera följande alternativ i denna dialogruta för att förhindra detta: ”Framtvinga automatisk demontering även om volymen innehåller öppna filer eller mappar” + VARNING: När en bärbar dators batterinivå är låg, inträffar det ibland att Windows undlåter att skicka meddelanden till aktiva program om att datorn övergår till viloläge. I sådana fall kan det hända att VeraCrypt misslyckas med att demontera volymer automatiskt. + Du har schemalagt en process för kryptering av en partition eller volym som ännu inte slutförts.\n\nVill du återuppta processen nu? + Du har schemalagt en krypterings- eller dekrypteringsprocess av systempartitionen eller -enheten. Denna process har inte slutförts än.\n\nVill du starta (återuppta) den processen nu? + Vill du bli tillfrågad om att återuppta schemalagda processer för kryptering av icke-systempartitioner och -volymer även i fortsättningen? + Ja, fortsätt fråga mig + Nej, fråga mig aldrig mer + VIKTIGT: Kom ihåg att du kan återuppta krypteringsprocessen för en icke-systempartition eller -volym genom att välja ”Återuppta avbruten process” under ”Volymer” i rullgardinsmenyn. + Du har schemalagt en kryptering eller dekryptering av systempartitionen eller -enheten, men förstartsautentiseringen misslyckades (eller kringgicks).\n\nObservera: Om du dekrypterade systempartitionen eller -enheten i förstartsmiljön, kan du eventuellt behöva slutföra processen genom att välja alternativet ”Permanent dekryptering av systempartition eller -enhet” under ”System” i VeraCrypts huvudfönster. + VARNING: Om VeraCrypt avslutas nu kommer följande funktioner att stängas av:\n\n1) Snabbtangenter\n2) Automatisk demontering (t.ex. vid utloggning, oavsiktligt avlägsnande av värdenhet eller överskriden tidsgräns)\n3) Automatisk montering av volymfavoriter\n4) Meddelanden (t.ex. när en skada på en dold volym förhindrats)\n\nObservera: Inaktivera VeraCrypts bakgrundsaktivitet i inställningarna om du inte vill att VeraCrypt ska köra i bakgrunden. (Eventuellt kan det vara nödvändigt att även inaktivera den automatiska starten av VeraCrypt i inställningarna.)\n\nÄr du säker på att du vill avsluta VeraCrypt? + Vill du avsluta? + VeraCrypt har inte tillräckligt med information för att avgöra om en kryptering eller dekryptering ska genomföras. + VeraCrypt har inte tillräckligt med information för att avgöra om en kryptering eller dekryptering ska genomföras.\n\nObservera: Om du dekrypterade systempartitionen eller -enheten i förstartsmiljön, kan du eventuellt behöva slutföra processen genom att klicka på Dekryptera. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Vill du avbryta och skjuta upp krypteringen av partitionen eller enheten?\n\nObservera: Kom ihåg att volymen inte kan monteras förrän krypteringen slutförts. Du kommer att kunna återuppta krypteringsprocessen, som då kommer att fortsätta från den punkt där den avbröts. Detta gör du exempelvis genom att välja alternativet ”Återuppta avbruten process” under ”Volymer” i VeraCrypts rullgardinsmeny. + Vill du avbryta och skjuta upp krypteringen av systempartitionen eller -enheten?\n\nObservera: Du kommer att kunna återuppta krypteringsprocessen, som då kommer att fortsätta från den punkt där den avbröts. Detta gör du exempelvis genom att välja alternativet ”Återuppta avbruten process” under ”System” i VeraCrypts rullgardinsmeny. Välj ”Permanent dekryptering av systempartition eller -enhet” under ”System” i rullgardinsmenyn om du vill avbryta eller ångra krypteringsprocessen. + Vill du avbryta och skjuta upp dekrypteringen av systempartitionen eller -enheten?\n\nObservera: Du kommer att kunna återuppta dekrypteringsprocessen, som då kommer att fortsätta från den punkt där den avbröts. Detta gör du exempelvis genom att välja alternativet ”Återuppta avbruten process” under ”System” i VeraCrypts rullgardinsmeny. Välj ”Kryptera systempartition eller -enhet” under ”System” i rullgardinsmenyn om du vill ångra dekrypteringsprocessen och börja kryptera igen. + Fel: Det gick inte att avbryta krypterings- eller dekrypteringsprocessen av systempartitionen eller -enheten. + Fel: Det gick inte att avbryta överskrivningsprocessen. + Fel: Återupptagningen av den avbrutna krypterings- eller dekrypteringsprocessen av systempartitionen eller -enheten misslyckades. + Fel: Det gick inte att starta överskrivningsprocessen. + En inkonsekvens har lösts.\n\n\n(Om du i samband med detta rapporterar ett fel, se till att felrapporten innehåller följande tekniska information:\n%hs) + Fel: Oväntat tillstånd.\n\n\n(Om du i samband med detta skickar en felrapport, inkludera då följande tekniska information i rapporten:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + VARNING: VeraCrypts bakgrundsaktivitet är inaktiverad. Efter att du avslutat VeraCrypt kommer du inte att bli meddelad om en skada av en dold volym förhindrats.\n\nObservera: Du kan stänga av bakgrundsaktiviteten när som helst genom att högerklicka på VeraCrypts meddelandefältsikon och välja ”Avsluta”.\n\nVill du aktivera VeraCrypts bakgrundsaktivitet? + Språkpaketsversion: %s + Kontrollerar filsystemet på VeraCrypt-volymen monterad som %s … + Försöker reparera filsystemet på VeraCrypt-volymen monterad som %s … + Varning: Denna volym är krypterad med en föråldrad krypteringsalgoritm.\n\nKrypteringsalgoritmer med 64-bitars block (som t.ex. Blowfish, CAST-128 och Triple DES) stöds inte längre. Det kommer visserligen att vara möjligt att montera denna volym även med framtida versioner av VeraCrypt, men någon utveckling kring dessa föråldrade krypteringsalgoritmer kommer inte att ske. Du rekommenderas att skapa en ny VeraCrypt-volym med en krypteringsalgoritm som använder sig av 128-bitars block (som t.ex. AES, Serpent, Twofish etc.) och att flytta alla filer från den gamla volymen till den nya. + Ditt system är inte konfigurerat för automatisk montering av volymer, och det kan vara omöjligt att montera enhetsbaserade VeraCrypt-volymer. Automatisk montering kan aktiveras genom att köra nedanstående kommando följt av en omstart av datorn.\n\nmountvol.exe /E + Tilldela en enhetsbeteckning till partitionen eller enheten innan du fortsätter. (Högerklicka på ”Dator” i Start-menyn och välj ”Hantera”. Gå sedan till ”Diskhantering” i konsolträdet.)\n\nObservera att detta är ett krav från operativsystemets sida. + Montera VeraCrypt-volym + Demontera alla VeraCrypt-volymer + VeraCrypt lyckades inte erhålla administratörsbehörighet. + Åtkomst nekades av operativsystemet.\n\nTrolig orsak: Operativsystemet kräver att du har läs- och skrivrättigheter (eller administratörsbehörigheter) för vissa mappar, filer och enheter för att du ska tillåtas läsa och skriva data från och till dem. Normalt tillåts en användare utan administratörsbehörigheter att skapa, läsa och ändra filer i hans eller hennes användarprofil. + Fel: Enheten använder en sektorstorlek som inte stöds.\n\nDet är för närvarande inte möjligt att skapa partitions- eller enhetsbaserade volymer på enheter som använder sektorer större än 4 096 byte. Däremot kan du skapa filbaserade volymer (volymbehållare) på sådana enheter. + Det är för närvarande inte möjligt att kryptera ett operativsystem som är installerat på en disk som använder en annan sektorstorlek än 512 byte. + VeraCrypts startinläsare kräver minst 32 kB ledigt utrymme i början av systemenheten, men tyvärr uppfyller inte din enhet detta villkor.\n\nRapportera INTE detta som ett fel eller problem i VeraCrypt. För att lösa detta problem behöver du ompartitionera din disk och lämna de första 32 kB på disken tomma. (I de flesta fall måste du ta bort och skapa om den första partitionen.) Vi rekommenderar att du använder dig av Microsofts partitionshanterare som finns tillgänglig på t.ex. Windows installationsskiva. + Denna funktion stöds inte av den version på operativsystemet du för närvarande använder. + VeraCrypt stöder inte kryptering av systempartitionen eller -enheten i den version av operativsystemet du för närvarande använder. + Innan du kan kryptera systempartitionen eller -enheten i Windows Vista måste du installera servicepaket 1 eller nyare för Windows Vista. (Något sådant servicepaket har ännu inte blivit installerat.)\n\nObservera: Servicepaket 1 för Windows Vista rättade till ett fel som orsakade minnesbrist under systemstarten. + VeraCrypt stöder inte längre kryptering av systempartitionen eller -enheten i Windows Vista utan något servicepaket installerat. Installera servicepaket 1 eller nyare för Windows Vista innan du uppgraderar VeraCrypt. + Fel: Denna funktion kräver att VeraCrypt installeras. (Du kör VeraCrypt i portabelt läge.)\n\nInstallera VeraCrypt och försök igen. + VARNING: Windows verkar inte vara installerat på samma enhet som det startar från, vilket inte stöds.\n\nDu bör endast fortsätta om du är säker på att Windows är installerat på samma enhet som det startar från.\n\nVill du fortsätta? + Din systemenhet har en GUID-partitionstabell (GPT). För närvarande stöds endast enheter med en MBR-partitionstabell. + VARNING: VeraCrypts startinläsare är redan installerad på din systemenhet!\n\nDet är möjligt att ett annat operativsystem i din dator redan är krypterat.\n\nVARNING: OM DU FORTSÄTTER MED KRYPTERINGEN AV DET AKTUELLA OPERATIVSYSTEMET KAN DET ORSAKA ATT ANDRA SYSTEM BLIR OMÖJLIGA ATT STARTA OCH ATT RELATERADE DATA INTE GÅR ATT KOMMA ÅT.\n\nÄr du säker på att du vill fortsätta? + Det gick inte att återställa den ursprungliga systeminläsaren.\n\nAnvänd din återställningsskiva (välj ”Restore original system loader” under ”Repair Options”) eller Windows installationsskiva för att ersätta VeraCrypt startinläsare med Windows startinläsare. + Den ursprungliga startinläsaren kommer inte att lagras på återställningsskivan. En trolig orsak är att en säkerhetskopia saknas. + Det gick inte att skriva till MBR-sektorn.\n\nDatorns BIOS kan vara konfigurerat att skydda MBR-sektorn. Sök igenom dina BIOS-inställningar (tryck på F2, F10, Delete eller Esc efter att du startat din dator) efter MBR- eller antivirusskydd. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + Den version av VeraCrypt som krävs är för närvarande inte installerad. Detta kan förhindra att vissa inställningar sparas. + Observera: I vissa situationer kan du vilja förhindra att någon som ser dig starta datorn får reda på att du använder VeraCrypt. Ovanstående alternativ gör detta möjligt genom en anpassning av startinläsarens skärm. Om du aktiverar det första alternativet kommer ingen text att visas av startinläsaren (inte ens om du anger fel lösenord). Datorn ger intrycket av att ha hängt sig medan du anger ditt lösenord. Dessutom kan obehöriga vilseledas av ett anpassat meddelande, exempelvis ett falskt felmeddelande som ”Operativsystem saknas” (vilket normalt visas av Windows startinläsare om ingen startpartition hittas). Det är emellertid viktigt att observera att någon fortfarande kan lista ut att hårddisken innehåller VeraCrypts startinläsare, om han eller hon får möjlighet att analysera hårddiskens innehåll. + VARNING: Kom ihåg att ingen text kommer att visas av VeraCrypts startinläsare (inte ens om du anger fel lösenord). Datorn ger intrycket av att ha hängt sig medan du anger ditt lösenord. (Markören kommer inte att flytta på sig, och ingen asterisk kommer att visas när du trycker på en tangent.)\n\nÄr du säker på att du vill aktivera detta alternativ? + Din systempartition eller -enhet verkar vara fullständigt krypterad. + VeraCrypt kan inte kryptera en systemenhet som konverterats till en dynamisk disk. + Systemenheten innehåller utökade (logiska) partitioner.\n\nDu kan endast kryptera hela systemenheten när den innehåller utökade (logiska) partitioner i Windows Vista och nyare versioner av Windows. I Windows XP kan du endast kryptera hela systemenheten om den inte innehåller något annat än primära partitioner.\n\nObservera: Du kan fortfarande kryptera systempartitionen i stället för hela systemenheten, och du kan dessutom skapa partitionsbaserade VeraCrypt-volymer inuti vilka icke-systempartitioner som helst på enheten. + VARNING: Eftersom du använder Windows XP eller 2003 får du INTE skapa några utökade (logiska) partitioner på enheten efter att du börjat kryptera den. (Du får endast skapa primära partitioner.) Alla utökade (logiska) partitioner blir oåtkomliga efter att du påbörjat krypteringen. (Enheten innehåller för närvarande inte några sådana partitioner.).\n\nObservera: Om denna begränsning inte är acceptabel, kan du backa och välja att endast kryptera systempartitionen i stället för hela systemenheten. Du kan dessutom skapa partitionsbaserade VeraCrypt-volymer inuti vilka icke-systempartitioner som helst på enheten.\n\nAlternativt, om denna begränsning inte är acceptabel, kan du överväga att uppgradera till Windows Vista eller en nyare version av Windows. (Du kan endast kryptera en hel systemenhet som innehåller utökade/logiska partitioner i Windows Vista eller nyare). + Din systemenhet innehåller en icke-standard-partition.\n\nOm du använder en bärbar dator, innehåller din systemenhet förmodligen en särskild återställningspartition. Efter att hela systemenheten – inklusive en eventuell återställningspartition – har krypterats, kan din dator få problem att starta om den använder sig av ett oändamålsenligt programmerat BIOS. Det är dessutom omöjligt att använda sig av en återställningspartition innan systemenheten är dekrypterad. Av denna anledning bör du endast kryptera systempartitionen. + Vill du kryptera systempartitionen i stället för hela enheten?\n\nObservera att du kan skapa partitionsbaserade VeraCrypt-volymer inuti vilken av enhetens icke-systempartitioner som helst (förutom att kryptera systempartitionen). + Eftersom din systemenhet endast innehåller en enda partition som upptar hela enheten, är kryptering av hela enheten inklusive det ”glapp” som normalt omger en sådan partition att föredra (säkrare).\n\nVill du kryptera hela systemenheten? + Ditt system är konfigurerat så att tillfälliga filer lagras på en icke-systempartition.\n\nTillfälliga filer får endast lagras på systempartitionen. + Din användarprofil lagras inte på systempartitionen.\n\nAnvändarprofiler får endast lagras på systempartitionen. + Det finns en eller flera växlingsfiler på icke-systempartitioner.\n\nVäxlingsfiler får endast placeras på systempartitionen. + Vill du konfigurera Windows att endast använda växlingsfiler på Windows-partitionen?\n\nObservera att datorn kommer att startas om, om du klickar på ”Ja”. Starta sedan VeraCrypt och försök skapa det dolda operativsystemet igen. + I annat fall kan trovärdigheten i ett förnekande påverkas negativt.\n\nObservera: Om någon analyserar innehållet i sådana filer (belägna på en icke-systempartition), skulle han eller hon kunna lista ut att du körde VeraCrypts guide för att skapa ett dolt operativsystem (vilket i sin tur kan indikera att ett dolt operativsystem existerar i datorn). Observera också att alla sådana filer lagrade på systempartitionen kommer att skrivas över av VeraCrypt vid skapandet av det dolda operativsystemet. + VARNING: Under skapandet av det dolda operativsystemet, kommer du att vara tvungen att ominstallera det aktuella operativsystemet (för att på ett säkert sätt skapa ett skenoperativsystem).\n\nObservera: Det aktuella operativsystemet och systempartitionens innehåll kommer att kopieras till den dolda volymen (för att skapa det dolda operativsystemet).\n\n\nÄr du säker på att du kommer att kunna installera Windows från en installationsskiva (eller från en servicepartition)? + Om det aktuella operativsystemet kräver aktivering, måste det av säkerhetsskäl aktiveras innan du fortsätter. Observera att det dolda operativsystemet kommer att skapas genom att systempartitionens innehåll kopieras till en dold volym (så om detta operativsystem inte är aktiverat, kommer det dolda operativsystem inte heller att vara det). För mer information, läs avsnittet ”Security Requirements and Precautions Pertaining to Hidden Volumes” i VeraCrypts användarhandbok.\n\nViktigt: Se till att du har läst avsnittet ”Security Requirements and Precautions Pertaining to Hidden Volumes” i VeraCrypts användarhandbok.\n\n\nUppfyller det aktuella operativsystemet ovanstående krav? + Ditt operativsystem använder en extra startpartition. VeraCrypt stöder inte viloläge för dolda operativsystem som använder en extra startpartition. (Skenoperativsystem kan dock övergå till viloläge utan några problem.)\n\nObservera att statpartitionen delas av skenoperativsystemet och det dolda operativsystemet. För att förhindra dataläckage och problem vid återgång från viloläge, har VeraCrypt hindrat det dolda operativsystemet från att skriva till den delade startpartitionen och från att övergå till viloläge.\n\n\nVill du fortsätta? Om du väljer ”Nej”, kommer instruktioner för hur du tar bort den extra startpartitionen att visas. + \nDen extra startpartitionen kan tas bort innan Windows installeras. Följ nedanstående steg för att göra det:\n\n1) Starta Windows installationsskiva.\n\n2) I Windows installationsprogram väljer du alternativen ”Installera nu” följt av ”Anpassad (avancerat)”.\n\n3) Klicka på ”Enhetsalternativ (avancerat)”.\n\n4) Markera systempartitionen och ta bort den genom att klicka på ”Ta bort” och bekräfta med ”OK”.\n\n5) Välj partitionen markerad ”Reserverad av systemet”, klicka på ”Utöka” och öka dess storlek så att operativsystemet kan installeras på den.\n\n6) Klicka på ”Verkställ” och ”OK”.\n\n7) Installera Windows på partitionen markerad ”Reserverad av systemet”.\n\n\nOm någon frågar dig varför du tagit bort den extra startpartitionen, kan du svara att du ville förhindra dataläckage till den okrypterade startpartitionen.\n\nObservera: Du kan skriva ut denna text genom att klicka på knappen ”Skriv ut” nedan. Om du sparar en kopia av denna text eller skriver ut den (vilket rekommenderas, såvida inte skrivaren lagrar kopior av dokument den skriver ut på en intern enhet), bör du förstöra alla kopior av den efter att du tagit bort den extra startpartitionen. (Annars riskerar en sådan kopia avslöja existensen av ett dolt operativsystem i datorn.) + Varning: Det finns oallokerat utrymme mellan systempartitionen och den första partitionen efter den. Efter att du skapat det dolda operativsystemet, får du inte skapa några nya partitioner i det oallokerade utrymmet. I så fall kommer det dolda operativsystemet att vara omöjligt att starta (tills du tar bort de nyskapade partitionerna). + Denna algoritm stöds för närvarande inte vid systemkryptering. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Nyckelfiler stöds för närvarande inte vid systemkryptering. + Varning: VeraCrypt kunde inte återställa den ursprungliga tangentbordslayouten. Detta kan orsaka att du anger ett felaktigt lösenord. + Fel: Det går inte att ange amerikansk tangentbordslayout som tangentbordslayout för VeraCrypt.\n\nObservera att lösenordet måste anges i förstartsmiljön (innan Windows startas), där inga andra tangentbordslayouter än den amerikanska finns tillgängliga. Därför måste amerikansk tangentbordslayout alltid användas när du anger lösenordet. + Då VeraCrypt tillfälligt har ändrat tangentbordslayouten till den amerikanska, är det inte möjligt att skriva tecken genom att trycka på tangenter i kombination med den högra Alt-tangenten. Du kan emellertid skriva de flesta sådana tecken genom att trycka på lämpliga tangenter i kombination med Skift-tangenten. + VeraCrypt förhindrade att tangentbordslayouten ändrades. + Observera: Lösenordet måste anges i förstartsmiljön (innan Windows startas), där inga andra tangentbordslayouter än den amerikanska finns tillgängliga. Därför måste amerikansk tangentbordslayout alltid användas när du anger lösenordet. Det är emellertid viktigt att notera att du INTE behöver använda ett riktigt amerikanskt tangentbord. VeraCrypt säkerställer automatiskt att du på ett säkert sätt kan ange lösenordet (nu och i förstartsmiljön), även om du INTE har tillgång till ett riktigt amerikanskt tangentbord. + Innan du kan kryptera partitionen eller enheten måste du skapa en återställningsskiva, som kan användas i följande situationer:\n\n· Om VeraCrypts startinläsare, primära nyckel eller andra kritiska data skadas, kan återställningsskivan användas för att rekonstruera dessa. (Rätt lösenord måste fortfarande anges.)\n\n· Om Windows skadats och inte går att starta, kan återställnings- skivan användas för att utföra en permanent dekryptering av partitionen eller enheten innan Windows startas.\n\n· Återställningsskivan innehåller en säkerhetskopia av den första diskens startspår (vilket normalt innehåller en systemstartinläsare eller starthanterare) och kan användas för att återställa det.\n\nAnge nedan var återställningsskivans ISO-avbildning ska skapas. + Efter att du klickat på OK kommer programmet Bränn skivavbildning i Windows att startas. Använd det för att bränna återställningsskivans ISO-avbildning till en CD eller DVD.\n\nÅtergå därefter till guiden Skapa VeraCrypt-volym och följ instruktionerna för att fortsätta. + Återställningsskivans ISO-avbildning har skapats och sparats som följande fil:\n%s\n\nNu måste du bränna ISO-avbildningen till en CD eller DVD.\n\n%lsKlicka på Nästa, efter att återställningsskivan är bränd, för att säkerställa att bränningen utförts utan fel. + Återställningsskivan har skapats och lagrats i denna fil:\n%s\n\nNu bör du antingen bränna avbildningen av återställningsskivan till en CD eller DVD eller flytta den till en säker plats och bränna den vid ett senare tillfälle.\n\n%lsKlicka på Nästa för att fortsätta. + VIKTIGT: Observera att filen måste brännas till en CD eller DVD som en ISO-avbildning (och inte som en enskild fil). Läs i CD/DVD-bränningsprogramvarans dokumentation för information hur det går till. Klicka på länken nedan för att ladda ned programvara för CD/DVD-bränning, om du inte har någon CD/DVD-bränningsprogramvara som kan bränna ISO-avbildningar till en CD eller DVD.\n\n + Kör programmet Bränn skivavbildning i Windows + VARNING: En återställningsskiva som skapats vid ett tidigare tillfälle kan inte användas för denna systempartition eller -enhet, eftersom den skapades för en annan primär nyckel! Varje gång du krypterar en systempartition eller -enhet måste du även skapa en ny återställningsskiva för den, även om du använder samma lösenord. + Fel: Det går inte att spara systemkrypteringsinställningarna. + Det går inte att initiera det förberedande testet inför systemkrypteringen. + Det går inte att initiera processen för att skapa det dolda operativsystemet. + Överskrivningsmetod + På vissa typer av lagringsmedier kan det, trots att data skrivits över av andra data, vara möjligt att återskapa överskrivna data med hjälp av tekniker som t.ex. magnetkraftsmikroskopi (MFM). Detta gäller även data som skrivits över av sina krypterade motsvarigheter (vilket sker när VeraCrypt krypterar en okrypterad partition eller enhet). Enligt vissa undersökningar kan ett återskapande av över- skrivna data hindras (eller avsevärt försvåras) genom att skriva över data med pseudoslumpmässiga och vissa icke slumpmässiga data ett visst antal gånger. Därför kan du, om du tror att någon obehörig har tillgång till sådana tekniker för att återskapa de data du tänker kryptera, välja en av överskrivningsmetoderna ovan. (Existerande data kommer INTE att gå förlorade.) Observera att någon över- skrivning INTE kommer att utföras efter det att partitionen eller enheten krypterats. När partitionen eller enheten är färdigkrypterad, kommer inga okrypterade data att skrivas till den. Data krypteras direkt i minnet innan de skrivs (krypterade) till disken. + På vissa typer av lagringsmedier kan det, trots att data skrivits över av andra data, vara möjligt att återskapa överskrivna data med hjälp av tekniker som t.ex. magnetkraftsmikroskopi (MFM). Enligt vissa undersökningar kan ett återskapande av överskrivna data hindras (eller avsevärt försvåras) genom att skriva över data med pseudoslumpmässiga och vissa icke slumpmässiga data ett visst antal gånger. Därför kan du, om du tror att någon obehörig har tillgång till sådana tekniker för att återskapa de data du tänker kryptera, välja en av flerstegsmetoderna för överskrivning ovan.\n\nObservera: Ju fler steg du använder, desto längre tid tar det att skriva över dina data. + Överskrivning + \nObservera: Du kan avbryta överskrivningsprocessen, stänga av din dator, starta det dolda operativsystemet igen och sedan återuppta processen. (Denna guide kommer att startas automatiskt.) Hela överskrivningsprocessen kommer, om du avbryter den, emellertid att behöva börja om från början. + \n\nObservera: Om du avbryter överskrivningsprocessen och sedan försöker återuppta den, kommer hela processen att behöva börja om från början. + Vill du avbryta överskrivningsprocessen? + Varning: Hela innehållet på den valda partitionen eller enheten kommer att skrivas över och gå förlorat. + Hela innehållet på partitionen med det ursprungliga operativsystemet kommer att skrivas över.\n\nObservera: Hela innehållet på partitionen som kommer att skrivas över har kopierats till denna dolda systempartition. + VARNING: Observera att en överskrivningsmetod i t.ex. tre steg kan medföra att en kryptering av en enhet eller partition tar upp till fyra gånger så lång tid att genomföra. På samma sätt kan en överskrivningsmetod med 35 steg ta upp till 36 gånger så lång tid att genomföra (vilket i praktiken kan innebära flera veckor).\n\nObservera att någon överskrivning INTE kommer att utföras efter det att partitionen eller enheten krypterats. När partitionen eller enheten är färdigkrypterad, kommer inga okrypterade data att skrivas till den. Data krypteras direkt i minnet innan de skrivs (krypterade) till disken (och påverkar INTE prestandan).\n\nÄr du säker på att du vill använda överskrivning? + Ingen (snabbast) + Ett steg (slumpmässiga data) + Tre steg (US DoD 5220.22-M) + Sju steg (US DoD 5220.22-M) + 35 steg (”Gutmann”) + 256 steg + Antal operativsystem + VARNING: Oerfarna användare bör aldrig försöka kryptera Windows i flervalsstartkonfigurationer.\n\nVill du fortsätta? + Endast när följande villkor är uppfyllda stöder VeraCrypt flervalsstartkonfigurationer vid skapandet eller användandet av ett dolt operativsystem:\n\n- Det aktuella operativsystemet måste vara installerat på startenheten, som inte får innehålla några andra operativsystem.\n\n- Operativsystem installerade på övriga enheter får inte använda sig av någon startinläsare belägen på enheten där det aktuella operativsystemet är installerat.\n\nÄr ovanstående villkor uppfyllda? + VeraCrypt stöder inte denna flervalsstartkonfiguration vid skapandet eller användandet av ett dolt operativsystem. + Startenhet + Är det aktuella operativsystemet installerat på startenheten?\n\nObservera: Ibland är inte Windows installerat på samma enhet som Windows startinläsare (startpartitionen). Välj ”Nej” om så är fallet. + VeraCrypt stöder för närvarande inte kryptering av ett operativsystem som inte startar från den enhet det är installerat på. + Antal systemenheter + Hur många enheter innehåller ett operativsystem?\n\nObservera: Välj ”Två eller fler” om du exempelvis har ett operativsystem (som t.ex. Windows, Mac OS X eller Linux) installerat på din primära enhet och ytterligare ett operativsystem installerat på din sekundära enhet. + VeraCrypt stöder för närvarande inte kryptering av en hel enhet som innehåller flera operativsystem.\n\nMöjliga lösningar:\n\n· Du kan fortfarande kryptera ett av systemen om du går tillbaka och väljer att endast kryptera en systempartition (i motsats till att kryptera hela systemenheten).\n\n· Alternativt kan du kryptera hela enheten om du först flyttar alla system utom ett till andra enheter. + Flera operativsystem på en enskild enhet + Finns det några andra operativsystem installerade samma enhet som det aktuella operativsystemet?\n\nObservera: Klicka på ”Ja” om det aktuella operativsystemet t.ex. är installerat på enhet 0, som innehåller flera partitioner, och om en av partitionerna innehåller Windows och en annan partition ett ytterligare operativsystem (t.ex. Windows, Mac OS X, Linux etc.). + Annan startinläsare än Windows + Är en annan startinläsare (eller -hanterare) än Windows installerad i enhetens Master Boot Record (MBR)?\n\nObservera: Klicka på ”Ja” om exempelvis det första spåret på startenheten innehåller GRUB, LILO, XOSL eller någon annan starthanterare (eller -laddare) än Windows. + Flervalsstart + VeraCrypt stöder för närvarande inte flervalsstartkonfigurationer där en annan startinläsare än Windows är installerad i enhetens Master Boot Record.\n\nMöjliga lösningar:\n\n· Om du använder en starthanterare för att starta Windows och Linux (normalt sett GRUB), flytta den från enhetens Master Boot Record till en partition. Kör sedan denna guide igen och kryptera systempartitionen eller -enheten. Observera att VeraCrypts startinläsare kommer att bli din primära starthanterare. Din ursprungliga starthanterare (t.ex. GRUB) kommer i stället att bli din sekundära starthanterare. Den startas genom att du trycker på Esc i VeraCrypts startinläsare, varefter det blir möjligt för dig att starta Linux. + Om det aktuella operativsystemet är installerat på startpartitionen måste du, efter att du krypterat det, ange rätt lösenord även om du vill starta ett annat okrypterat Windows-system (eftersom de kommer att dela en gemensam krypterad startinläsare eller -hanterare).\n\nOm det aktuella operativsystemet inte är installerat på startpartitionen – eller om Windows startinläsare eller -hanterare inte används av något annat operativsystem – behöver du inte ange rätt lösenord för att starta övriga okrypterade operativsystem; det är tillräckligt att trycka på Esc för att starta ett okrypterat operativsystem. (Om det finns flera okrypterade operativsystem installerade, kommer du även att vara tvungen att välja vilket operativsystem som ska startas i VeraCrypts starthanterares meny.)\n\nObservera: Normalt sett är den Windows-installation som gjordes först installerad på startpartitionen. + Kryptering av Host Protected Area + I slutet av många enheter finns ett område som normalt sett är dolt för operativsystemet (ofta kallat Host Protected Area). Vissa program kan dock läsa och skriva data till och från sådana områden.\n\nVARNING: Vissa datorleverantörer kan använda sådana områden för att lagra verktyg och data för RAID, systemåterställning, systeminställningar, diagnostik eller liknande. Om sådana verktyg eller data måste vara tillgängliga före uppstart, ska det dolda området INTE krypteras (välj ”Nej” ovan).\n\nVill du att VeraCrypt ska identifiera och i så fall kryptera ett sådant område i slutet av systemenheten? + Typ av systemkryptering + Välj detta alternativ om du bara vill kryptera systempartitionen eller hela systemenheten. + Det kan hända att någon försöker tvinga dig att dekryptera ditt operativsystem. Det finns många situationer där det kan vara svårt att vägra avslöja lösenordet (exempelvis vid utpressning). Om du väljer detta alternativ kommer ett dolt operativsystem, vars existens är omöjlig att bevisa, skapas (förutsatt att vissa riktlinjer följs). På så sätt kommer du inte att behöva dekryp- tera eller avslöja lösenordet till det dolda operativsystemet. Klicka på länken nedan för ytterligare information. + Det kan hända att någon försöker tvinga dig att dekryptera ditt operativsystem. Det finns många situationer där det kan vara svårt att vägra göra det (exempelvis vid utpressning).\n\nMed hjälp av denna guide kan du skapa ett dolt operativsystem, vars existens är omöjlig att bevisa (förutsatt att vissa riktlinjer följs). På så sätt kommer du inte att behöva dekryptera eller avslöja lösenordet till det dolda operativsystemet. + Dolt operativsystem + I följande steg kommer du att skapa två VeraCrypt-volymer (en yttre och en dold) inuti den första partitionen efter systempartitionen. Den dolda volymen kommer att innehålla det dolda operativsystemet (OS:et), som skapas genom att innehållet från systempartitionen (där det nuvarande OS:et är installerat) kopieras till den dolda volymen. Till denna yttre volym bör du sen kopiera några skenbart känsliga filer som du egentligen INTE vill dölja. De ska finnas där om någon tvingar dig att avslöja lösenordet till den dolda OS-partitionen. Du kan avslöja lösenordet för den yttre volymen belägen inuti den dolda OS-partitionen, men det dolda OS:ets existens förblir hemlig.\n\nSlutligen ska du, på det nuvarande OS:ets systempartition, installera ett nytt s.k. skenoperativsystem och kryptera det. Det ska inte inne- hålla känsliga data utan finnas där om någon tvingar dig att avslöja lösenordet till förstartsautentiseringen. Totalt kommer det att finnas tre lösenord. Två av dem kan avslöjas (sken-OS:ets och den yttre vo- lymens). Om du anger det tredje, kommer det dolda OS:et att startas. + Identifierar dolda sektorer + Vänta medan VeraCrypt identifierar eventuella dolda sektorer i slutet av systemenheten. Observera att detta kan ta lång tid att slutföra.\n\nObservera: På vissa datorer kan systemet i sällsynta fall sluta svara. Starta i så fall om datorn, kör VeraCrypt och upprepa föregående steg men hoppa över identifieringen. Observera att detta problem inte orsakas av ett fel i VeraCrypt. + Område att kryptera + Välj detta alternativ om du vill kryptera hela den enhet på vilken det för närvarande aktiva Windows är installerat. Hela enheten, inklusive alla dess partitioner, kommer att krypteras förutom det startspåret, där VeraCrypts startinläsare kommer att installeras. Alla som vill få tillgång ett system installerat på enheten, eller filer lagrade på den, måste ange rätt lösenord varje gång systemet startar. Detta alternativ kan inte användas för att kryptera en sekundär eller extern enhet, såvida Windows inte är installerat på den och inte startar från den. + Insamling av slumpmässiga data + Nycklar genererade + VeraCrypt har inte identifierat någon CD- eller DVD-brännare kopplad till din dator. VeraCrypt behöver en CD- eller DVD-brännare för att skapa en startbar återställningsskiva med en säkerhetskopia av krypteringsnycklarna, VeraCrypts startinläsare, det ursprungliga systemets startinläsare etc.\n\nDu rekommenderas att skapa en återställningsskiva. + Jag har ingen CD- eller DVD-brännare, men jag kommer att spara återställningsskivans ISO-avbildning på en flyttbar enhet (t.ex. ett USB-minne). + Jag kommer att ansluta en CD- eller DVD-brännare till min dator senare. Avbryt processen nu. + En CD- eller DVD-brännare är nu ansluten till min dator. Fortsätt att skriva återställningsskivan. + Följ dessa steg:\n\n1) Anslut en flyttbar enhet, som exempelvis ett USB-minne, till din dator nu.\n\n2) Kopiera återställningsskivans avbildning (%s) till den flyttbara enheten.\n\nOm du någon gång i framtiden behöver återställningsskivan, kommer du att kunna ansluta din flyttbara enhet (innehållande återställningsskivans avbildning) till en dator med en CD- eller DVD-brännare och skapa en startbar återställningsskiva genom att bränna avbildningen till en CD eller DVD. VIKTIGT: Observera att filen måste skrivas till CD:n eller DVD:n som en ISO-avbildning och inte som en individuell fil. + Bränning av återställningsskiva + Återställningsskiva skapad + Förberedande test inför systemkryptering + Återställningsskivan verifierad + \nÅterställningsskivan har verifierats. Mata ut den från enheten och förvara den på ett säkert ställe.\n\nKlicka på Nästa för att fortsätta. + VARNING: Under följande steg får återställningsskivan inte vara insatt i enheten. Annars kommer det inte att vara möjligt att fullfölja stegen korrekt.\n\nMata ut den från enheten och förvara den på ett säkert ställe. Klicka sedan på OK. + Varning: På grund av tekniska begränsningar i förstartsmiljön kommer text som visas vid uppstart inte att vara språkanpassad. Användargränssnittet för VeraCrypts startinläsare är helt och hållet på engelska.\n\nVill du fortsätta? + Innan din systempartition eller -enhet krypteras måste VeraCrypt säkerställa att allt fungerar som förväntat.\n\nEfter att du klickat på Testa kommer alla nödvändiga komponenter (exempelvis VeraCrypts starthanterare) att installeras, och din dator kommer att startas om. Därefter måste du ange ditt lösenord i VeraCrypts starthanterare som laddas innan Windows startas. Efter att Windows har startats, kommer information om hur testet gick att visas på skärmen.\n\nFöljande enhet kommer att ändras: Enhet #%d\n\n\nOm du klickar på Avbryt nu kommer inget att installeras, och det förberedande testet kommer inte att genomföras. + VIKTIGA KOMMENTARER – LÄS ELLER SKRIV UT (Klicka på ”Skriv ut”):\n\nObservera att inga filer kommer att krypteras innan datorn har startats om och Windows har startats. Dina data kommer därför INTE att vara förlorade, om någonting går fel. Dock kan det då bli problem att starta Windows. Läs därför igenom (och, om möjligt, skriv ut) följande instruktioner för vad man kan göra om Windows inte startas efter att datorn startats om.\n\n + Vad man kan göra om Windows inte startas\n----------------------------------------------------\n\nObservera: Dessa instruktioner är endast tillämpliga om krypteringen inte har påbörjats.\n\n· Grips inte av panik om Windows inte startas efter att du angett rätt lösenord, eller om VeraCrypt hävdar att lösenordet är fel trots att du upprepade gånger angett rätt lösenord. Starta om datorn (stäng av och sätt på den) och tryck på Esc i VeraCrypts startinläsare. Om du har flera operativsystem installerade, välj vilket av dem som ska startas. Windows bör då – förutsatt att det inte är krypterat – startas, och VeraCrypt kommer automatiskt att fråga dig om du vill avinstallera komponenten för förstartsautentiseringen. Observera att dessa instruktioner INTE fungerar om systempartitionen eller -enheten är krypterad. (Ingen kan starta Windows eller komma åt krypterade data på enheten utan rätt lösenord även om han eller hon följer dessa instruktioner.)\n\n + · Om föregående instruktioner inte hjälper, eller om VeraCrypts startinläsare inte visas innan Windows startas, mata in återställningsskivan i din CD- eller DVD-enhet och stata om datorn. Om återställningsskivan inte startas, eller om alternativet ”Repair Options” inte visas i återställningsskivans meny, är det möjligt att ditt BIOS är konfigurerat att i första hand starta från hårddisken. Om så är fallet, starta om din dator och tryck på F2, F10, Delete eller Esc direkt du ser BIOS:ets startskärm och vänta tills BIOS:ets konfigurationsskärm visas. Om BIOS:ets konfigurationsskärm inte visas, stata om datorn igen och tryck upprepade gånger på F2, F10, Delete eller Esc så snart datorn startats om. När BIOS:ets konfigurationsskärm visas, konfigurera ditt BIOS så att datorn i första hand startar från CD- eller DVD-enheten. (För information om hur detta går till, läs dokumentationen för ditt BIOS/moderkort eller kontakta din datorleverantörs tekniska support för hjälp.) Starta sedan om datorn. Återställningsskivans meny bör nu visas. Välj alternativet ”Repair Options” genom att trycka på F8. Välj sedan ”Restore original system loader” och mata ut återställningsskivan från CD- eller DVD-enheten och starta om datorn. Windows bör nu startas normalt, förutsatt att det inte är krypterat.\n\n + Observera att dessa instruktioner INTE fungerar om systempartitionen eller -enheten är krypterad. (Ingen kan starta Windows eller komma åt krypterade data på enheten utan rätt lösenord även om han eller hon följer dessa instruktioner.)\n\n\nObservera att även om du tappar bort din återställningsskiva och någon annan hittar den, kommer han eller hon INTE att kunna dekryptera systempartitionen eller -enheten utan rätt lösenord.\n + Förberedande test slutfört + Det förberedande testet har slutförts utan fel.\n\nVARNING: Delar av dina data kan bli skadade eller gå förlorade, om strömförsörjningen plötsligt bryts eller om operativsystemet kraschar beroende på program- eller maskinvarufel medan existerande data på plats-krypteras. Därför bör du, innan krypteringsprocessen startar, kontrollera att du har säkerhetskopior av de filer du vill kryptera. Säkerhetskopiera annars filerna nu (genom att klicka på Skjut upp, säkerhetskopiera filerna, sedan köra VeraCrypt igen när som helst och välja ”Återuppta avbruten process” under ”System” i rullgardinsmenyn).\n\nKlicka på Kryptera för att börja kryptera. + Du kan när som helst klicka på Pausa eller Skjut upp för att avbryta krypterings- eller dekrypteringsprocessen, avsluta denna guide, starta om eller stänga av din dator och sedan återuppta processen, som kommer att fortsätta från den punkt där den avbröts. För att prestandan inte ska bli lidande när andra applikationer skriver till eller läser data från systemenheten, väntar VeraCrypt tills data skrivits eller lästs och fortsätter sedan krypteringen eller dekrypteringen. + \n\nDu kan när som helst klicka på Pausa eller Skjut upp för att avbryta krypteringsprocessen, avsluta denna guide, starta om eller stänga av din dator och sedan återuppta processen, som kommer att fortsätta från den punkt där den avbröts. Observera att volymen inte kan monteras förrän krypteringen slutförts. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Dolt operativsystem startat + Ursprungligt operativsystem + Windows skapar (normalt sett utan vare sig din vetskap eller ditt medgivande) olika loggfiler, tillfälliga filer och liknande på systempartitionen. Windows sparar också primärminnets innehåll i viloläges- och växlingsfiler på systempartitionen. Därför skulle obehöriga, om de analyserade filer lagrade på partitionen som innehåller det ursprungliga operativsystemet (av vilket det dolda operativsystemet är en kloning), kunna lista ut att du t.ex. körde VeraCrypts guide för att skapa ett dolt operativsystem (vilket i sin tur kan indikera att ett dolt operativsystem existerar i datorn).\n\nFör att förhindra detta kommer VeraCrypt att skriva över hela innehållet på partitionen där det ursprungliga operativsystemet finns. Efteråt, för att få ett förnekande att verka trovärdigt, kommer du att behöva installera ett nytt operativsystem på partitionen och kryptera det. På så sätt skapar du ett skenoperativsystem, och hela processen för att skapa ett dolt operativsystem kommer att slutföras. + Det dolda operativsystemet har skapats utan fel. Innan du kan börja använda det (och få ett förnekande att verka trovärdigt), måste du dock skriva över hela innehållet på partitionen där det aktuella operativsystemet är installerat. Innan du kan göra det, måste du starta om datorn och ange det dolda operativsystemets lösenord till förstartsautentiseringen i VeraCrypts startinläsare (som visas innan Windows startas). Efter att det dolda operativsystemet startats, kommer guiden Skapa VeraCrypt-volym att köras automatiskt.\n\nObservera: Om du väljer att avbryta processen för att skapa ett dolt operativsystem nu, kommer du INTE att kunna återuppta den, och det dolda operativsystemet kommer INTE att vara åtkomligt (eftersom VeraCrypts startinläsare kommer att tas bort). + Du har schemalagt en process för att skapa ett dolt operativsystem. För att slutföra processen måste du starta om datorn och ange lösenordet för det dolda operativsystemet i VeraCrypts startinläsare (som visas innan Windows startas).\n\nObservera: Om du väljer att avbryta processen för att skapa ett dolt operativsystem nu, kommer du INTE att kunna återuppta den. + Starta om datorn och fortsätt + Avbryt processen för att skapa ett dolt operativsystem + Gör ingenting nu, utan fråga igen senare + \nSKRIV GÄRNA UT DENNA TEXT (klicka på ”Skriv ut” nedan).\n\n\nNär och hur en återställningsskiva ska användas (efter kryptering)\n-----------------------------------------------------------------------------------\n\n + I. Hur man startar en återställningsskiva\n\nFör att starta en återställningsskiva, matar du in den i din CD- eller DVD-enhet och statar om datorn. Om återställningsskivan inte startas, eller om alternativet ”Repair Options” inte visas i återställningsskivans meny, är det möjligt att ditt BIOS är konfigurerat att i första hand starta från hårddisken. Om så är fallet, starta om din dator och tryck på F2, F10, Delete eller Esc direkt du ser BIOS:ets startskärm och vänta tills BIOS:ets konfigurationsskärm visas. Om BIOS:ets konfigurationsskärm inte visas, stata om datorn igen och tryck upprepade gånger på F2, F10, Delete eller Esc så snart datorn startats om. När BIOS:ets konfigurationsskärm visas, konfigurera ditt BIOS så att datorn i första hand startar från CD- eller DVD-enheten. (För information om hur detta går till, läs dokumentationen för ditt BIOS/moderkort eller kontakta din datorleverantörs tekniska support för hjälp.) Starta sedan om datorn. Återställningsskivans meny bör nu visas. Observera: I återställningsskivans meny kan du välja alternativet ”Repair Options” genom att trycka på F8.\n\n\n + II. När och hur en återställningsskiva ska användas (efter kryptering)\n\n + 1) Om VeraCrypts startinläsare inte visas efter att du startat datorn (eller om Windows inte startas), kan VeraCrypts startinläsare vara skadad. Återställningsskivan möjliggör en återställning av startinläsaren, och du kan på så sätt återfå tillgång till ditt krypterade operativsystem och dina krypterade data. (Observera att du fortfarande måste ange rätt lösenord.) Välj ”Repair Options” följt av ”Restore VeraCrypt Boot Loader” i återställningsskivans meny. Tryck sedan på ”Y” för att bekräfta åtgärden, mata ut återställningsskivan från CD- eller DVD-enheten och starta om datorn.\n\n + 2) Om VeraCrypt hävdar att lösenordet är fel trots att du upprepade gånger angett rätt lösenord, kan den primära nyckeln eller andra kritiska data vara skadade. Återställningsskivan möjliggör en återställning dem, och du kan på så sätt återfå tillgång till ditt krypterade operativsystem och dina krypterade data. (Observera att du fortfarande måste ange rätt lösenord.) Välj ”Repair Options” följt av ”Restore key data”. Ange ditt lösenord och tryck sedan på ”Y” för att bekräfta åtgärden. Mata ut återställningsskivan från CD- eller DVD-enheten och starta om datorn.\n\n + 3) Om VeraCrypts startinläsare är skadad, kan du undvika att köra den genom att starta från återställningsskivan. Mata in återställningsskivan i din CD- eller DVD-enhet och ange ditt lösenord i återställningsskivans meny.\n\n + 4) Om Windows är skadat och inte kan startas, kan du med hjälp av återställningsskivan utföra en permanent dekryptering av partitionen eller enheten innan Windows startas. Välj ”Repair Options” följt av ”Permanently decrypt system partition/drive” i återställningsskivans meny. Ange rätt lösenord och vänta tills dekrypteringen har slutförts. Därefter kan du starta med Windows installationsskiva och med hjälp av den reparera Windows.\n\n + Observera: Om Windows är skadat och inte kan startas, går det också att undvika en dekryptering av systempartitionen eller -enheten genom att följa dessa steg: Om du har flera operativsystem installerade i din dator, starta ett som inte kräver förstartsautentisering. Om du inte har flera operativsystem installerade, kan du starta en CD eller DVD med WinPE- eller BartPE på. Alternativt kan du ansluta din systemenhet som en sekundär eller extern enhet till en annan dator och starta dess operativsystem. Kör därefter VeraCrypt, klicka på ”Välj enhet”, välj den aktuella systempartitionen och klicka på ”OK”. Välj ”Montera utan förstartsautentisering” under ”System” i rullgardinsmenyn, ange lösenordet till förstartsautentiseringen och klicka på ”OK”. Partitionen kommer då att monteras som en normal VeraCrypt-volym. (Data kommer som vanligt att realtidskrypteras och -dekrypteras i primärminnet vid åtkomst.)\n\n\n + Observera att även om du tappar bort din återställningsskiva och någon annan hittar den, kommer han eller hon INTE att kunna dekryptera systempartitionen eller -enheten utan rätt lösenord. + \n\nV I K T I G T – SKRIV GÄRNA UT DENNA TEXT (klicka på ”Skriv ut” nedan).\n\n\nObservera: Denna text kommer att visas varje gång du startat det dolda operativsystemet tills du skapat ett skenoperativsystem.\n\n\n + Hur man på ett säkert sätt skapar ett skenoperativsystem\n----------------------------------------------------------------------\n\nFör att ett förnekande av ett dolt operativsystems existens ska vara trovärdigt, måste du skapa ett skenoperativsystem nu. Följ nedanstående steg för att göra det:\n\n + 1) Stäng av säkerhetsskäl av din dator och lämna den avslagen i åtminstone några minuter (ju längre desto bättre). Detta är ett krav för att minnet, som innehåller känsliga data, ska tömmas. Starta sedan datorn utan att starta det dolda operativsystemet.\n\n + 2) Installera Windows på partitionen vars innehåll har rensats (d.v.s. partitionen där det ursprungliga operativsystemet, av vilket det dolda operativsystemet är en kloning, var installerat).\n\nVIKTIGT: NÄR DU BÖRJAT INSTALLERA SKENOPERATIVSYSTEMET, KOMMER DET DOLDA OPERATIVSYSTEMET *INTE* ATT KUNNA STARTA (eftersom VeraCrypts startinläsare kommer att tas bort av Windows installationsprogram). DETTA ÄR HELT NORMALT. FÅ INTE PANIK. DU KOMMER ATT KUNNA STARTA DET DOLDA OPERATIVSYSTEMET IGEN SÅ SNART DU BÖRJAT KRYPTERA SKENOPERATIVSYSTEMET (eftersom VeraCrypts startinläsare då kommer att installeras på systemenheten).\n\nViktigt: Storleken på skenoperativsystemets partition måste förbli samma som storleken på den dolda volymen. (Detta villkor uppfylls nu.) Dessutom får du inte skapa någon partition mellan de partitioner där skenoperativsystemet och det dolda operativsystemet är belägna.\n\n + 3) Starta skenoperativsystemet du installerade i steg 2 och installera VeraCrypt i det.\n\nKom ihåg att skenoperativsystemet aldrig får innehålla några känsliga data.\n\n + 4) Kör VeraCrypt i skenoperativsystemet och välj ”Kryptera systempartition eller -enhet” under ”System” i rullgardinsmenyn. Guiden Skapa VeraCrypt-volym bör då starta.\n\nFöljande steg gäller för guiden Skapa VeraCrypt-volym:\n\n + 5) Välj INTE alternativet ”Dold” i guiden Skapa VeraCrypt-volym. Låt alternativet ”Normal” vara aktiverat och klicka på ”Nästa”.\n\n + 6) Välj alternativet ”Kryptera Windows systempartition” och klicka på ”Nästa”.\n\n + 7) Om det dolda operativsystemet och skenoperativsystemet är de enda operativsystem som är installerade i datorn, ska du välja alternativet ”Envalsstart”. (Välj ”Flervalsstart” om fler än dessa två operativsystem är installerade i datorn.) Klicka sedan på ”Nästa”.\n\n + 8) VIKTIGT: I detta steg MÅSTE DU VÄLJA SAMMA KRYPTERINGS- OCH HASHALGORITM FÖR SKENOPERATIVSYSTEMET SOM DU VALDE FÖR DET DOLDA OPERATVISYSTEMET! ANNARS KOMMER DET DOLDA OPERATIVSYSTEMET INTE ATT VARA ÅTKOMLIGT! Med andra ord måste skenoperativsystemet krypteras med samma krypteringsalgoritm som det dolda operativsystemet. Observera: Anledningen till detta är att skenoperativsystemet och det dolda operativsystemet måste dela en gemensam startinläsare, vilken endast stöder en enskild krypteringsalgoritm som väljs av användaren. (Varje krypteringsalgoritm använder en särskild version av VeraCrypts startinläsare.)\n\n + 9) I detta steg ska du välja ett lösenord för skenoperativsystemet. Detta är det lösenord till förstartsautentiseringen du kommer att kunna avslöja om du blir tillfrågad om det eller tvingad till det. (Det anda lösenordet du kan avslöja är det till den yttre volymen.) Existensen av det tredje lösenordet (d.v.s. det till det dolda operativsystemets förstartsautentisering) förblir hemlig.\n\nViktigt: Lösenordet du väljer för skenoperativsystemet måste vara påtagligt annorlunda än det du väljer för den dolda volymen (d.v.s. för det dolda operativsystemet).\n\n + 10) Följ de återstående instruktionerna i guiden för att kryptera skenoperativsystemet.\n\n\n\n + Efter att skenoperativsystemet är skapat\n--------------------------------------------------\n\nEfter att du krypterat skenoperativsystemet är hela processen för att skapa ett dolt operativsystem slutförd, och du kommer att kunna använda dessa tre lösenord:\n\n1) Ett lösenord till förstartsautentiseringen för det dolda operativsystemet.\n\n2) Ett lösenord till förstartsautentiseringen för skenoperativsystemet.\n\n3) Ett lösenord för den yttre volymen.\n\n + Om du vill starta det dolda operativsystemet anger du lösenordet för det dolda operativsystemet i VeraCrypts startinläsare (som visas efter att du startar eller startar om datorn).\n\nOm du vill starta skenoperativsystemet anger du lösenordet för skenoperativsystemet i VeraCrypts startinläsare.\n\nLösenordet för skenoperativsystemet kan avslöjas för någon som tvingar dig att röja lösenordet till förstartsautentiseringen. Den dolda volymens (och det dolda operativsystemets) existens förblir hemlig.\n\n + Det tredje lösenordet (för den yttre volymen) kan avslöjas för någon som tvingar dig att röja lösenordet för den första partitionen efter systempartitionen, där både den yttre volymen och den dolda volymen (innehållande det dolda operativsystemet) finns. Den dolda volymens (och det dolda operativsystemets) existens förblir hemlig.\n\n\n + Om du avslöjade det dolda operativsystemets lösenord, och du blir tillfrågad varför det lediga utrymmet på skenoperativsystemets partition innehåller slumpmässiga data, kan du exempelvis svara följande: ”Partitionen innehöll tidigare ett system som krypterats av VeraCrypt, men jag glömde bort lösenordet till förstartsautentiseringen (eller operativsystemet skadades och gick inte längre att starta), så jag var tvungen att ominstallera Windows och kryptera partitionen igen.”\n\n\n + Om alla instruktioner samt de försiktighetsåtgärder och krav som beskrivs i avsnittet ”Security Requirements and Precautions Pertaining to Hidden Volumes” i VeraCrypts användarhandbok har följts, bör det vara omöjligt att bevisa att den dolda volymen och det dolda operativsystemet existerar, även om den yttre volymen monteras eller skenoperativsystemet dekrypteras eller startas.\n\nOm du sparar en kopia av denna text eller skriver ut den (vilket rekommenderas, såvida inte skrivaren lagrar kopior av dokument den skriver ut på en intern enhet), bör du förstöra alla kopior av den efter att du skapat skenoperativsystemet och efter att du har läst och förstått all information i den. (Annars riskerar en sådan kopia avslöja existensen av ett dolt operativsystem i datorn.)\n\n + VARNING: SKRIV INTE TILL DEN YTTRE VOLYMEN (observera att skenoperativsystemet INTE är installerat på den yttre volymen) OM DU INTE SKYDDAT DEN DOLDA VOLYMEN. (Läs avsnittet ”Protection of Hidden Volumes Against Damage” i VeraCrypts användarhandbok för mer information om detta.) ANNARS KAN DET HÄNDA ATT DU SKRIVER ÖVER OCH SKADAR DEN DOLDA VOLYMEN (OCH DET DOLDA OPERATIVSYSTEMET INUTI DEN)! + Kloning av operativsystemet + I följande steg kommer VeraCrypt att skapa det dolda operativsystemet genom att kopiera systempartitionens innehåll till den dolda volymen. (Data som kopieras krypteras i realtid med en krypteringsnyckel skild från den som används för skenoperativsystemet.)\n\nObservera att kopieringen kommer att genomföras i förstartsmiljön (innan Windows startas) och kan ta lång tid att slutföra, allt från flera timmar till flera dagar (beroende på systempartitionens storlek och din dators prestanda).\n\nDu kan avbryta kloningsprocessen, stänga av din dator, starta operativsystemet igen och sedan återuppta processen. Hela kloningsprocessen kommer, om du avbryter den, emellertid att behöva börja om från början, eftersom systempartitionens innehåll inte får ändras under processens gång. + Vill du avbryta hela processen för att skapa ett dolt operativsystem?\n\nObservera: Du kommer INTE att kunna återuppta processen om du avbryter den nu. + Vill du avbryta det förberedande testet inför systemkrypteringen? + VeraCrypts förberedande test inför systemkrypteringen misslyckades. Vill du försöka igen?\n\nOm du väljer ”Nej”, kommer komponenten för förstartsautentiseringen att avinstalleras.\n\nObservera:\n\n· Om VeraCrypts startinläsare inte bad dig att ange lösenordet innan Windows startades, är det möjligt att ditt operativsystem inte startade från den enhet på vilket det är installerat. Detta förfarande stöds inte.\n\n· Om du använde en annan krypteringsalgoritm än AES och det förberedande testet misslyckades (och du dessutom angav rätt lösenord), kan det ha orsakats av en dåligt anpassad drivrutin. Välj ”Nej” och försök att kryptera systempartitionen eller -enheten igen, men använd AES som krypteringsalgoritm, då den är minst minneskrävande.\n\n· För fler möjliga orsaker och lösningar, gå till sidan https://veracrypt.codeplex.com/wikipage?title=Troubleshooting. + Systempartitionen eller -enheten verkar inte vara krypterad (varken helt eller delvis). + Din systempartition eller -enhet är krypterad (delvis eller fullständigt).\n\nDu måste dekryptera din systempartition eller -volym innan du fortsätter. Välj ”Permanent dekryptering av systempartition eller -enhet” under ”System” i rullgardinsmenyn. + Du kan inte nedgradera VeraCrypt när systempartitionen eller -enheten är krypterad (helt eller delvis). Du kan däremot uppgradera eller ominstallera samma version. + Din systempartition eller -enhet håller för närvarande på att krypteras, dekrypteras eller på något annat sätt modifieras. Avbryt krypterings-, dekrypterings- eller modifieringsprocessen (eller vänta tills den slutförts) innan du fortsätter. + En instans av guiden Skapa VeraCrypt-volym körs redan och förbereder eller utför en kryptering eller dekryptering av systempartitionen eller -enheten. Innan du kan fortsätta, måste du avsluta guiden eller vänta på att den slutförs. Stäng av datorn, om det inte går att avsluta guiden. + Krypteringen eller dekrypteringen av systempartitionen eller -enheten har inte slutförts. Vänta tills den slutförts innan du fortsätter. + Fel: Krypteringen av partitionen eller enheten har inte slutförts. Den måste slutföras först. + Fel: Krypteringen av partitionen eller enheten har inte slutförts. Den måste slutföras först.\n\nObservera: Välj ”Återuppta avbruten process” under ”Volymer” i VeraCrypts rullgardinsmeny för att återuppta krypteringsprocessen. + Lösenordet är rätt, och VeraCrypt har dekrypterat volymhuvudet och upptäckt att volymen är en dold systemvolym. Emellertid kan du inte ändra volymhuvudet på en dold systemvolym på detta sätt.\n\nFör att ändra ett lösenord för en dold systemvolym startar du operativsystemet på den dolda volymen och väljer sedan ”Ändra lösenord” under ”System” i VeraCrypts rullgardinsmeny.\n\nFör att ändra härledningsalgoritm för volymhuvudets nyckel startar du det dolda operativsystemet och väljer ”Ändra härledningsalgoritmen för volymhuvudets nyckel” under ”System” i VeraCrypts rullgardinsmeny. + VeraCrypt stöder inte på plats-dekryptering av en dold systempartition.\n\nObservera: Om du vill dekryptera skenoperativsystemet startar du det och väljer ”Permanent dekryptering av systempartition eller -enhet” under ”System” i VeraCrypts rullgardinsmeny. + Fel: Felaktig eller ogiltig parameter. + Du har valt en partition eller enhet, men det guideläge du valde är endast giltigt för volymbehållare.\n\nVill du byta guideläge? + Vill du skapa en volymbehållare i stället? + Du har valt systempartitionen eller -enheten (eller startpartitionen), men det guideläge du valde är endast giltigt för icke-systempartitioner eller -enheter.\n\nVill du konfigurera förstartsautentisering (vilket innebär att du måste ange ditt lösenord varje gång innan Windows startas) och kryptera systempartitionen eller -enheten? + Är du säker på att du vill utföra en permanent dekryptering av systempartitionen eller -enheten? + VARNING: Om du väljer att utföra en permanent dekryptering av systempartitionen eller -enheten kommer okrypterade data att skrivas till den.\n\nÄr du verkligen säker på att du vill utföra en permanent dekryptering av systempartitionen eller -enheten? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Varning: Om du använder nästade krypteringsalgoritmer vid systemkryptering kan du drabbas av följande problem:\n\n1) VeraCrypts startinläsare blir så stort att utrymmet på enhetens startspår inte räcker till för att rymma en säkerhetskopia av startinläsaren. När det skadas (vilket ofta händer, exempelvis vid dåligt konstruerade produktaktiveringsprocesser som ska förhindra piratkopiering), måste du använda återställningsskivan för att starta eller reparera VeraCrypts startinläsare.\n\n2) På vissa datorer kan det ta längre tid att aktivera datorn från viloläge.\n\nDessa potentiella problem kan förhindras genom att välja en icke-nästad krypteringsalgoritm (t.ex. AES).\n\nÄr du säker på att du vill använda nästade krypteringsalgoritmer? + Om du upplever något av tidigare beskrivna problem, dekryptera partitionen eller enheten (om den är krypterad) och försök sedan kryptera den igen med hjälp av en krypteringsalgoritm som inte är nästad (t.ex. AES). + VARNING: Av säkerhetsskäl bör du uppdatera VeraCrypt i skenoperativsystemet innan du uppdaterar VeraCrypt i det dolda operativsystemet.\n\nStarta skenoperativsystemet och kör VeraCrypts installationsprogram därifrån. Starta sedan det dolda operativsystemet och kör VeraCrypts installationsprogram även därifrån.\n\nObservera: Skenoperativsystemet och det dolda operativsystemet delar en gemensam startinläsare. Om du endast uppgraderar VeraCrypt i det dolda operativsystemet, kommer skenoperativsystemet att innehålla en VeraCrypt-drivrutin och VeraCrypt-applikationer vars versionsnummer skiljer sig från versionsnumret på VeraCrypts startinläsare. En sådan avvikelse kan indikera att ett dolt operativsystem finns installerat i datorn.\n\n\nVill du fortsätta? + Versionen på startinläsaren som startade detta operativsystem skiljer sig från versionen på de VeraCrypt-drivrutiner och -applikationer som är installerade i datorn.\n\nDu bör köra VeraCrypts installationsprogram (med samma versionsnummer som VeraCrypts startinläsare) för att uppdatera VeraCrypt i detta operativsystem. + Versionen på startinläsaren som startade detta operativsystem skiljer sig från versionen på de VeraCrypt-drivrutiner och -applikationer som är installerade i datorn. Observera att äldre versioner kan innehålla fel som rättats till i nyare versioner.\n\nOm du inte startade från en återställningsskiva bör du ominstallera eller uppgradera VeraCrypt till den senaste stabila versionen (även startinläsaren kommer att uppgraderas).\n\nOm du startade från en återställningsskiva bör du uppgradera den genom att välja ”Skapa återställningsskiva” under ”System” i rullgardinsmenyn. + VeraCrypts startinläsare har uppdaterats.\n\nDu bör skapa en ny återställningsskiva (som kommer att innehålla den nya versionen av VeraCrypts startinläsare) genom att välja ”Skapa återställningsskiva” under ”System” i rullgardinsmenyn efter att du startat om datorn. + VeraCrypts startinläsare har uppdaterats.\n\nDu bör starta skenoperativsystemet och skapa en ny återställningsskiva (som kommer att innehålla den nya versionen av VeraCrypts startinläsare) genom att välja ”Skapa återställningsskiva” under ”System” i VeraCrypts rullgardinsmeny. + Det gick inte att uppdatera VeraCrypts startinläsare. + VeraCrypt kunde inte avgöra systemenhetens verkliga storlek och kommer därför att använda den storlek som rapporteras av operativsystemet. Observera även att detta är inte är ett fel i VeraCrypt. + VARNING: Det verkar som att VeraCrypt redan har försökt identifiera dolda sektorer på denna systemenhet. Om fel uppstod under den föregående identifieringsprocessen kan du undvika dem genom att denna gång hoppa över identifieringen av dolda sektorer. Observera att VeraCrypt då kommer att använda sig av den storlek som rapporteras av operativsystemet, vilken kan vara mindre än enhetens verkliga storlek.\n\nObservera att detta inte orsakas av ett fel i VeraCrypt. + Hoppa över identifieringen av dolda sektorer (använd storleken som rapporteras av operativsystemet) + Försök identifiera dolda sektorer igen + Fel: Innehållet i en eller flera sektorer på disken kan inte läsas (troligen beroende på ett fysiskt fel).\n\nPå plats-krypteringsprocessen kan endast fortsätta efter att sektorerna har gjorts läsbara igen. VeraCrypt kan försöka att göra dessa sektorer läsbara genom att skriva nollor i dem. (Därefter kommer alla sådana nollfyllda block att krypteras.) Observera emellertid att alla data lagrade i de oläsbara sektorerna kommer att gå förlorade. Om du vill undvika detta, kan du försöka återskapa delar av informationen i de skadade sektorerna med hjälp av lämpliga programvaror från tredje part.\n\nObservera: Vid fysiska skador på sektorer – i motsats till rena datafel och kontrollsummefel – allokerar de flesta typer av lagringsenheter om sektorerna internt, när försök att skriva data till dem görs. Existerande data i de skadade sektorerna kan därför finnas kvar på enheten okrypterade.\n\nVill du att VeraCrypt ska skriva nollor i oläsbara sektorer? + Fel: Innehållet i en eller flera sektorer på disken kan inte läsas (troligen beroende på ett fysiskt fel).\n\nFör att kunna gå vidare med dekrypteringen måste VeraCrypt hoppa över innehållet i de oläsbara sektorerna. (Innehåller kommer att ersättas med pseudoslumpmässiga data.) Observera att du, innan du fortsätter, kan försöka återställa delar av innehållet i de skadade sektorerna med hjälp av lämpliga programvaror från tredje part.\n\nVill du att VeraCrypt hoppar över innehållet i de oläsbara sektorerna och går vidare nu? + Observera: VeraCrypt har ersatt innehållet i %I64d oläsbara sektorer (%s) med krypterade klartextblock fyllda med nollor. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Ange lösenord eller PIN för tokenet ”%s”: + För att ge VeraCrypt åtkomst till ett säkerhetstoken eller ett smartkort, måste du först installera ett PKCS #11-programvarubibliotek för tokenet eller smartkortet. Ett sådant bibliotek kan följa med enheten eller vara tillgängligt för nedladdning från tillverkarens webbplats eller tredje part.\n\nEfter att du installerat biblioteket, kan du antingen välja det manuellt genom att klicka på ”Välj bibliotek” eller så kan du låta VeraCrypt hitta och välja det automatiskt genom att klicka på ”Identifiera bibliotek automatiskt” (endast Windows systemmapp genomsöks). + Observera: PKCS #11-bibliotekets filnamn och sökväg bör vara angivna i dokumentationen som följde med säkerhetstokenet, smartkortet eller programvaran från tredje part.\n\nKlicka på ”OK” för att välja sökväg och filnamn. + För att ge VeraCrypt åtkomst till ett säkerhetstoken eller ett smartkort, måste du först installera ett PKCS #11-programvarubibliotek för tokenet eller smartkortet. För att göra det, välj ”Säkerhetstoken” under ”Inställningar” i rullgardinsmenyn. + Initieringen av PKCS #11-biblioteket för säkerhetstokenet misslyckades.\n\nKontrollera att sökväg och filnamn som angetts hänvisar till ett giltigt PKCS #11-bibliotek. Välj ”Säkerhetstoken” under ”Inställningar” i rullgardinsmenyn för att ange sökväg och filnamn till ett PKCS #11-bibliotek. + Inget PKCS #11-bibliotek hittades i Windows systemmapp.\n\nKontrollera att ett PKCS #11-bibliotek för ditt säkerhetstoken eller smartkort är installerat. (Ett sådant bibliotek kan följa med enheten eller vara tillgängligt för nedladdning från tillverkarens webbplats eller tredje part.) Om det är installerat någon annanstans än i Windows systemmapp, klicka på ”Välj bibliotek” för att hitta biblioteket (t.ex. i den mapp där programvaran för tokenet eller kortet är installerad). + Inget säkerhetstoken hittades.\n\nKontrollera att säkerhetstokenet är anslutet till datorn och att rätt drivrutin för ditt token är installerad. + Hittade inte nyckelfilen för säkerhetstokenet. + En nyckelfil för säkerhetstoken med samma namn finns redan. + Vill du ta bort de valda filerna? + Sökvägen till nyckelfilen för säkerhetstokenet är felaktig. + Säkerhetstokenfel + Lösenordet för säkerhetstokenet är fel. + Det finns inte tillräckligt mycket minne för säkerhetstokenet att utföra den begärda åtgärden.\n\nOm du försöker importera en nyckelfil, bör du välja en mindre fil eller använda en nyckelfil genererad av VeraCrypt (välj ”Nyckelfilsgenerering” under ”Verktyg” i rullgardinsmenyn). + Alla öppna säkerhetstokensessioner har stängts. + Välj nyckelfiler för säkerhetstoken + Fack + Namn på token + Filnamn + VIKTIGT: Observera att lösenord till förstartsautentisering alltid anges med amerikansk tangentbordslayout. Därför kan en volym som använder ett lösenord som angetts med en annan tangentbordslayout vara omöjlig att montera med hjälp av förstartsautentisering. (Observera att detta inte är ett fel i VeraCrypt.) Följ nedanstående steg för att möjliggöra montering av en sådan volym med hjälp av ett lösenord till förstartsautentisering:\n\n1) Klicka på ”Välj fil” eller ”Välj enhet” och bläddra fram till volymen.\n2) Välj ”Ändra volymlösenord” under ”Volymer” i rullgardinsmenyn.\n3) Ange volymens nuvarande lösenord.\n4) Ändra tangentbordslayouten till ”English (United States)” genom att klicka på Språkfältets ikon i Aktivitetsfältet och välja ”EN English (United States)”.\n5) Ange lösenordet till förstartsautentiseringen i fältet för det nya lösenordet.\n6) Bekräfta det nya lösenordet genom att upprepa det och klicka på ”OK”.\n\nVARNING: Kom ihåg att volymlösenordet alltid måste anges med amerikansk tangentbordslayout (vilket endast sker automatiskt i förstartsmiljön). + Lösenordet till förstartsautentiseringen kommer att användas vid montering av systemvolymfavoriterna. Om någon systemvolymfavorit använder ett annat lösenord, kommer den inte att monteras. + Observera att du – om du vill förhindra normala volymåtgärder (som exempelvis ”Demontera allt” och automatisk demontering) från att påverka systemvolymfavoriterna – bör aktivera alternativet ”Tillåt endast administratörer att se och demontera systemvolymfavoriter i VeraCrypt”. Dessutom kommer systemvolymfavoriterna inte att visas i enhetsbeteckningslistan i VeraCrypts huvudfönster, när VeraCrypt körs utan administratörsbehörigheter (standardinställningen i Windows Vista och nyare). + VIKTIGT: Kom ihåg att monterade systemvolymfavoriter INTE visas i VeraCrypts programfönster och att de inte kan demonteras, om detta alternativ är aktiverat och VeraCrypt inte har administratörsbehörig- heter. Högerklicka därför först på VeraCrypt-genvägen i Start-menyn och välj ”Kör som administratör”, om du exempelvis måste demontera en systemvolymfavorit. Samma begränsning gäller även för alternativet ”Demontera allt”, automatiska demonterings-funktioner, snabbtangenter för demontering etc. + Observera att denna inställning börjar gälla först efter att operativsystemet startats om. + Fel vid tolkning av kommandoraden. + Återställningsskiva + Välj fi&l att montera … + Välj enhe&t att montera … + Tillåt endast &administratörer att se och demontera systemvolymfavoriter i VeraCrypt + &Montera systemvolymfavoriter när Windows startas (i den inledande startfasen) + Varning: Volymen monterad som ”%s” demonterades på ett felaktigt sätt, och filsystemet kan därför innehålla fel. Att använda ett skadat filsystem kan orsaka att data går förlorade eller blir felaktiga.\n\nObservera: Innan du fysiskt tar bort eller stänger av en enhet (som exempelvis ett USB-minne eller en extern hårddisk) som innehåller en VeraCrypt-volym, bör du alltid demontera den i VeraCrypt.\n\n\nVill du att Windows ska försöka identifiera och reparera eventuella fel i filsystemet? + Varning: En eller flera systemvolymfavoriter demonterades på ett felaktigt sätt och kan därför innehålla fel i filsystemet. I Windows loggbok går det att hitta fler detaljer.\n\nAtt använda ett skadat filsystem kan orsaka att data går förlorade eller blir felaktiga. Du bör söka igenom påverkade systemvolymfavoriter efter fel genom att högerklicka på var och en av dem i VeraCrypt och välja ”Reparera filsystemet”. + Varning: Reparation av ett skadat filsystem med hjälp av Microsofts ”chkdsk” kan i värsta fall orsaka förlust av filer i skadade områden. Därför rekommenderas du att först säkerhetskopiera filerna som lagras på denna VeraCrypt-volym till en annan, oskadad, VeraCrypt-volym.\n\nVill du reparera filsystemet nu? + Volymen ”%s” har monterats som skrivskyddad, eftersom du saknar skrivrättigheter på volymbehållaren.\n\nKontrollera att behörigheterna för volymbehållaren tillåter dig att skriva till den. (Högerklicka på volymbehållaren och välj Egenskaper. Behörigheter hanteras under fliken Säkerhet.)\n\nPå grund av ett problem i Windows kan denna varning uppträda även efter att lämpliga inställningar för behörigheterna har gjorts. Detta beror inte på ett fel i VeraCrypt. En möjlig lösning är att flytta din volymbehållare till exempelvis mappen ”Mina dokument”.\n\nOm det är din avsikt att volymen ska vara skrivskyddad, kan du förhindra att varningen visas genom att aktivera volymbehållarens skrivskyddsattribut. (Högerklicka på volymbehållaren i Utforskaren och välj Egenskaper. Aktivera kryssrutan Skrivskydd under fliken Allmänt.) + Volymen ”%s” var tvungen att monteras som skrivskyddad, eftersom du nekades skrivrättigheter.\n\nKontrollera att ingen annan applikation (t.ex. antivirusprogramvara) använder partitionen eller enheten på vilken volymen är belägen. + Volymen ”%s” har monterats som skrivskyddad, eftersom operativsystemet rapporterade värdenheten som skrivskyddad.\n\nObservera att vissa anpassade kretsuppsättningsdrivrutiner har visat sig orsaka att skrivbara medier felaktigt framstår som skrivskyddade. Detta problem orsakas inte av VeraCrypt och kan eventuellt lösas genom att uppgradera eller avinstallera alla anpassade kretsuppsättningsdrivrutiner (ej utvecklade av Microsoft) som är installerade. + Observera att flertrådsteknik får varje fysisk processorkärna att fungera som flera logiska kärnor.\nMed flertrådsteknik aktiverad representerar antalet kärnor som valts ovan antalet logiska processorer/kärnor. + %d tråd(ar) + Observera att maskinvaruaccelererad AES är inaktiverad, vilket kommer att påverka prestandamätningsresultatet negativt.\n\nMaskinvaruacceleration konfigureras via ”Prestanda” under ”Inställningar” i rullgardinsmenyn. + Observera att antalet trådar som används är begränsat, vilket kommer att påverka prestandamätningsresultatet negativt.\n\nTrådbaserad parallellbearbetning konfigureras via ”Prestanda” under ”Inställningar” i rullgardinsmenyn. + Vill du att VeraCrypt ska försöka inaktivera skrivskyddet på partitionen eller enheten? + VARNING: Denna inställning kan ge försämrade prestanda.\n\nÄr du säker på att du vill använda denna inställning? + Varning: VeraCrypt-volym automatiskt demonterad + Innan du fysiskt tar bort eller stänger av en enhet som innehåller en VeraCrypt-volym, bör du alltid demontera den i VeraCrypt.\n\nOväntade demonteringar orsakas oftast av en trasig kabel eller enhet (diskkabinett) etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Testa + Nyckelfil + Backsteg + Tabb + Rensa + Retur + Paus + Caps lock + Blanksteg + Page up + Page down + End + Home + Vänsterpil + Uppåtpil + Högerpil + Nedåtpil + Välj + Skriv ut + Kör + Print screen + Insert + Delete + Program + Viloläge + Num lock + Scroll lock + Webbläsare – bakåt + Webbläsare – framåt + Webbläsare – uppdatera + Webbläsare – stopp + Webbläsare – sök + Webbläsare – favoriter + Webbläsare – startsida + Stäng av ljud + Sänk volym + Höj volym + Nästa spår + Föregående spår + Stoppa media + Spela eller pausa media + Starta e-post + Välj media + Program 1 + Program 2 + Attn + CrSel + ExSel + Spela upp + Zooma + NUM + Skift + Ctrl + Alt + Win + B + kB + MB + GB + TB + PB + B/s + kB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.tr.xml b/Translations/Language.tr.xml index e2806dbb..6491d6b6 100644 --- a/Translations/Language.tr.xml +++ b/Translations/Language.tr.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - İptal - Install &for all users - Bro&wse... - VeraCrypt simgesini &masaüstüne ekle - Donate now... - Associate the .hc file &extension with VeraCrypt - &Open the destination location when finished - VeraCrypt'i &Başlat menüsüne ekle - Sistem Geri Yükleme &noktası oluştur - &Kaldır - &Extract - &Install - VeraCrypt Setup Wizard - VeraCrypt'i Kaldır - &Yardım - Please select or type the location where you want to place the extracted files: - Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. - Click Uninstall to remove VeraCrypt from this system. - İptal - &Benchmark - &Test - Create encrypted volume and format it - Encrypt partition in place - Display generated keys (their portions) - Havuz içeriğini göster - Download CD/DVD recording software - Create an encrypted file container - &GB - &TB - More information - Hi&dden VeraCrypt volume - More information about hidden volumes - Direct mode - Normal mode - &KB - Anah&tar dosya kullan - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - &Anahtar Dosyalar - Karma algoritmaları hakkında bilgi - Daha fazla bilgi - Information on PIM - &MB - More information - More information about system encryption - More information - Multi-boot - Encrypt a non-system partition/drive - Geçmi&şi asla kaydetme - Dış Birimi Aç - &Pause - Use P&IM - Use PIM - Hızlı Biçimlendirme - &Parolayı göster - &Display password - &Display PIM - Single-boot - Standard VeraCrypt volume - Hi&dden - Normal - Encrypt the system partition or entire system drive - Encrypt the Windows system partition - Encrypt the whole drive - VeraCrypt Volume Creation Wizard - Küme - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. - &Onayla: - Bitti - Drive letter: - Şifreleme Algoritması - Dosya Sis. - Creates a virtual encrypted disk within a file. Recommended for inexperienced users. - Seçenekler - Karma Algoritması - Üstb. Anahtarı: - Sol - Ana Anahtar: - Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - Current pool content (partial) - Pass - Parola: - Volume PIM: - Volume PIM: - Progress: - Rasgele Havuz: - Select this option if there is only one operating system installed on this computer (even if it has multiple users). - Hız - Status - The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. - Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Wipe mode: - Kapat - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - Bir şey yapma - VeraCrypt birimini &otomatik bağla (Aşağıda belirtilen) - &VeraCrypt'i başlat - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - Araştır... - Araştır... - Parolaları ve anahtar dos&yaları önbelleğe al - Bağlı birim olmadığında çık - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - VeraCrypt Birim Oluşturma Sihirbazını dahil et - Oluştur - Birim Oluş&tur - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Anahtar dosya kullan - Anahtar dosya kullan - Çı&kış - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Tuşu Ata - Tuşu Sil - Anahtar dosyalar - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - Aygıtları &otomatik bağla - Bağlama A&yarları.. - Birimi &salt okunur olarak bağla - Anahtar Dosyalar - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Etkin - Parolaları sürücü belleğinde önbelleğe al - Birimden bu sürede veri okunmaz/yazılmazsa bağlantısını otomatik kes: - Kullanıcı oturumu kapattığında - User session locked - Güç koruma moduna geçerken - Ekran koruyucu açılınca - Birim, açık dosyalar veya dizinler içerse bile otomatik bağlantı kesmeye zorla - Aygıt üzerinden sunulan VeraCrypt birimlerini bağla - Start VeraCrypt Background Task - Birimleri salt okunur olarak bağla - Birimleri çıkartılabilir ortam olarak bağla + + + + + + + + + + + + İptal + Install &for all users + Bro&wse... + VeraCrypt simgesini &masaüstüne ekle + Donate now... + Associate the .hc file &extension with VeraCrypt + &Open the destination location when finished + VeraCrypt'i &Başlat menüsüne ekle + Sistem Geri Yükleme &noktası oluştur + &Kaldır + &Extract + &Install + VeraCrypt Setup Wizard + VeraCrypt'i Kaldır + &Yardım + Please select or type the location where you want to place the extracted files: + Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. + Click Uninstall to remove VeraCrypt from this system. + İptal + &Benchmark + &Test + Create encrypted volume and format it + Encrypt partition in place + Display generated keys (their portions) + Havuz içeriğini göster + Download CD/DVD recording software + Create an encrypted file container + &GB + &TB + More information + Hi&dden VeraCrypt volume + More information about hidden volumes + Direct mode + Normal mode + &KB + Anah&tar dosya kullan + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + &Anahtar Dosyalar + Karma algoritmaları hakkında bilgi + Daha fazla bilgi + Information on PIM + &MB + More information + More information about system encryption + More information + Multi-boot + Encrypt a non-system partition/drive + Geçmi&şi asla kaydetme + Dış Birimi Aç + &Pause + Use P&IM + Use PIM + Hızlı Biçimlendirme + &Parolayı göster + &Display password + &Display PIM + Single-boot + Standard VeraCrypt volume + Hi&dden + Normal + Encrypt the system partition or entire system drive + Encrypt the Windows system partition + Encrypt the whole drive + VeraCrypt Volume Creation Wizard + Küme + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. + &Onayla: + Bitti + Drive letter: + Şifreleme Algoritması + Dosya Sis. + Creates a virtual encrypted disk within a file. Recommended for inexperienced users. + Seçenekler + Karma Algoritması + Üstb. Anahtarı: + Sol + Ana Anahtar: + Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + Current pool content (partial) + Pass + Parola: + Volume PIM: + Volume PIM: + Progress: + Rasgele Havuz: + Select this option if there is only one operating system installed on this computer (even if it has multiple users). + Hız + Status + The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. + Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Wipe mode: + Kapat + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + Bir şey yapma + VeraCrypt birimini &otomatik bağla (Aşağıda belirtilen) + &VeraCrypt'i başlat + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + Araştır... + Araştır... + Parolaları ve anahtar dos&yaları önbelleğe al + Bağlı birim olmadığında çık + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + VeraCrypt Birim Oluşturma Sihirbazını dahil et + Oluştur + Birim Oluş&tur + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Anahtar dosya kullan + Anahtar dosya kullan + Çı&kış + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Tuşu Ata + Tuşu Sil + Anahtar dosyalar + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + Aygıtları &otomatik bağla + Bağlama A&yarları.. + Birimi &salt okunur olarak bağla + Anahtar Dosyalar + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Etkin + Parolaları sürücü belleğinde önbelleğe al + Birimden bu sürede veri okunmaz/yazılmazsa bağlantısını otomatik kes: + Kullanıcı oturumu kapattığında + User session locked + Güç koruma moduna geçerken + Ekran koruyucu açılınca + Birim, açık dosyalar veya dizinler içerse bile otomatik bağlantı kesmeye zorla + Aygıt üzerinden sunulan VeraCrypt birimlerini bağla + Start VeraCrypt Background Task + Birimleri salt okunur olarak bağla + Birimleri çıkartılabilir ortam olarak bağla Başarıyla bağlanan birim için Gezgin penceresini aç - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Önbellekteki parolaları otomatik bağlantı keserken temizle - Önbellekteki parolaları çıkışta temizle - Preserve modification timestamp of file containers - Sıfırla - Ay&gıt seç... - Dosya &seç... - Select &Library... - Parolayı göster - Parolayı göster - Bağlanan &birim için Gezgin penceresini aç - &Parolayı aygıt belleğinde önbelleğe al - TrueCrypt Mode - H&epsinin Bağlantısını Kes - Birim Ö&zellikleri... - Biri&m Araçları... - Ö&nbelleği Temizle - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - Sistem çapında kısayol tuşları - VeraCrypt - Change Password or Keyfiles - VeraCrypt Birimi Parolasını Girin - VeraCrypt - Performance and Driver Options - VeraCrypt - Seçenekler - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - VeraCrypt Traveler Disk Setup - VeraCrypt Birim Özellikleri - Hakkında... - Birime/Birimden Anahtar Dosyaları Ekle/Kaldır... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Birim Üstbilgisini Yedekle... - Hız Testi... - Üstbilgi Anahtarı Türetme Algoritmasını Ayarla... - Birim Parolasını Değiştir... - Set Header Key Derivation Algorithm... - Change Password... - Birim Geçmişini Temizle - Close All Security Token Sessions - İletişim... - Create Hidden Operating System... - Create Rescue Disk... - Yeni Birim Oluştur... - Permanently Decrypt... - Varsayılan Anahtar Dosyaları... - Default Mount Parameters... - Donate now... - Encrypt System Partition/Drive... - Sık Sorulan Sorular - Kullanıcı Rehberi - &Giriş Sayfası - Kısayol Tuşları... - Anahtar Dosya Üreteci - Dil... - Yasal Uyarılar - Manage Security Token Keyfiles... - Aygıtta Barınan Tüm Ciltleri Otomatik Bağla - Sık Kullanılan Birimleri Bağla - Mount Without Pre-Boot &Authentication... - Birim Bağla - Birimi Seçeneklerle Bağla - Haberler - Çevrimiçi Yardım - Yeni Başlayanlar İçin Eğitim - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Permanently Decrypt System Partition/Drive - Seçenekler... - Sürücü Harflerini Yenile - Birimden Tüm Anahtar Dosyalarını Kaldır... - Birim Üstbilgisini Geri Yükle... - Resume Interrupted Process - Aygıt Seç... - Dosya Seç... - Resume Interrupted Process - System Encryption... - Properties... - Settings... - System Favorite Volumes... - İndirmeler - Vektörleri Sına... - Security Tokens... - Traveler Disk Setup... - Bağlı Olan Birimlerin Bağlantısını Kes - Birimin Bağlantısını Kes - Verify Rescue Disk - Verify Rescue Disk ISO Image - Sürüm Geçmişi - Volume Expander - Birim Özellikleri - Birim Oluşturma Sihirbazı - VeraCrypt Web Sayfası - Önbellekteki Parolaları Temizle - Tamam - Hardware Acceleration - Kısayol - Otomatik Çalışma Yapılandırması (autorun.inf) - Otomatik Bağlantı Kesme - Hepsini Ayır: - Boot Loader Screen Options - Parolayı Tekrar Yazın: - Şu anki - Display this custom message in the pre-boot authentication screen (24 characters maximum): - Ön tanımlı Bağlama Özellikleri - Kısayol Özellikleri - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Dosya Ayarları - Atanacak tuş: - Processor (CPU) in this computer supports hardware acceleration for AES: - Windows'a oturum açtıktan sonra gerçekleştirilecek eylemler - dakika - Birimi sürücü harfi olarak bağla: - Bağlama Seçenekleri - Yeni - Parola: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - Parola Önbelleği - Security Options - VeraCrypt Arka Plan Görevi - VeraCrypt volume to mount (relative to traveler disk root): - Upon insertion of traveler disk: - Create traveler disk files at (traveler disk root directory): - Birim - Windows - Yol &Ekle... - &Hepsini Test Et - &Continue - &Şifreyi Çöz - &Delete - &Şifrele - &Export... - Anahtar Dosyası Üret ve Kaydet... - &Rasgele Anahtar Dosyası Üret... - Dil paketi yükle - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - A&nahtar dosyaları kullan - &Anahtar dosyalar - &Kaldır - Hepsini &Kaldır - Gizli birim koruması nedir? - More information on keyfiles - Birimi ayrılabilir aygı&t olarak bağla - Mount partition &using system encryption without pre-boot authentication - Parallelization: - Hız Testi - &Print - Dış birime yazarken gizli birime gelecek hasara karşı &koru - &Sıfırla - &Parolayı göster - Add &Token Files... - Use backup header embedded in &volume if available - XTS mode - VeraCrypt Hakkında - VeraCrypt - Şifreleme Algoritması Hız Testi - VeraCrypt - Vektörleri Sına - Komut Satırı Yardımı - VeraCrypt - Anahtar Dosyaları - VeraCrypt - Anahtar Dosya Oluşturucusu - VeraCrypt - Dil - VeraCrypt - Bağlama Özellikleri - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Bir Birim veya Aygıt Seç - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Etkin dil paketi - Hız; işlemci yüklenmesi ve depolama aygıtı karakteristiğinden etkilenir.\n\nBu testler RAM içerisinde yapılır. - Ara Bellek Boyutu: - Şifreleme: - &Gizli birimin parolası:\n(boşsa, önbellek kullanılır) - Gizli Birim Koruması - Anahtar Boyutu: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. - UYARI: Anahtar dosyasını kaybederseniz veya ilk 1024 kilobayt'ının bir bit'i değişirse, bu anahtar dosyasını kullanan birimleri bağlamak imkansız hale gelecektir! - bit - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Çeviren: - Plaintext boyutu: - bit - Şimdiki Havuz İçeriği - Karıştırma PRF: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Secondary key (hexadecimal) - Security token: - Sıralama Yöntemi: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Block number: - Ciphertext (onaltılık) - Data unit number (64-bit hexadecimal, data unit size is 512 bytes) - Anahtar (onaltılık) - Plaintext (onaltılık) - Keyfile name: - XTS mode - S&ystem - &Birimler - Favor&ites - Ara&çlar - Settin&gs - &Yardım - &Web sayfası - - &Hakkında... - Eski biriminizdeki salt okunur özelliği değiştirilemedi. Lütfen dosya erişim izinlerini kontrol edin. - Hata: Erişim engellendi.\n\nErişmeye çalıştığınız aygıt ya 0 bayt uzunluğunda ya da önyükleme aygıtı. - Administrator - VeraCrypt sürücüsünü yüklemek için, yönetici haklarına sahip bir hesaba oturum açmış olmalısınız. - Bir bölümü/aygıtı şifrelemek/Şifre Çözmek/biçimlendirmek için yönetici haklarına sahip bir hesaba oturum açmanız gerektiğine lütfen dikkat edin.\n\nBu koşul dosyada barındırılan birimler için geçerli değildir. - Gizli bir birim oluşturmak için yönetici haklarına sahip bir hesaba oturum açmanız gereklidir.\n\nDevam edilsin mi? - Birimi NTFS olarak biçimlendirebilmek için yönetim haklarına sahip bir hesaba oturum açmanız gerektiğine dikkat edin.\n\nBirimi yönetim hakları olmadan FAT olarak biçimlendirebilirsiniz. - FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. - Bölüm zaten bağlanmış. - DİKKAT: En az bir şifreleme veya karma algoritması otomatik yerleşik sınamayı geçemedi!\n\nVeraCrypt yüklemesi bozulmuş olabilir. - DİKKAT: Rasgele Sayı Oluşturucu havuzunda istenen miktarda rasgele veriyi sunacak yeterli veri yok.\n\nBuradan sonra devam etmemelisiniz. Lütfen Yardım menüsünden 'Hata Rapor Et' seçeneğini seçin ve bu hatayı bildirin. - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Geçersiz sürücü harfi. - Invalid path. - İptal - Aygıta erişilemiyor. Seçili aygıtın var olduğundan ve sistem tarafından kullanılmadığından emin olun. - Uyarı: Caps Lock açık. Bu parolanızı yanlış girmenize neden olabilir. - Volume Type - It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. - Select this option if you want to create a normal VeraCrypt volume. - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - Dış Birim Şifreleme Seçenekleri - Gizli Birim Şifreleme Özellikleri - Şifreleme Özellikleri - UYARI: Son seçilen birim/anahtar dosyasının konumunu temizleme başarısız (dosya seçicisi tarafından hatırlanan konum)! - Hata: Konteyner, dosya sistemi seviyesinde sıkıştırılmış. VeraCrypt sıkıştırılmış konteynerleri desteklemez (şifrelenmiş veriyi sıkıştırmanın etkisiz ve gereksiz olduğuna dikkat edin).\n\nLütfen bu adımları takip ederek konteyner için sıkıştırmayı kapatın: 1) Windows Gezgininde konteynere sağ tıklayın (VeraCrypt'te değil). 2) 'Özellikler'i seçin. 3) 'Özellikler' iletişim kutusunda 'Gelişmiş'e tıklayın. 4) 'Gelişmiş öznitelikler' iletişim kutusunda 'Disk alanını korumak için içeriği sıkıştır' seçeneğini devre dışı bırakın ve 'Tamam'a tıklayın. 5) 'Özellikler' iletişim kutusunda 'Tamam'a tıklayın. - Birim oluşturulamadı %s - %s bölümünde %.2f bayt boş yer var - %s bölümünde %.2f KB boş yer var - %s bölümünde %.2f MB boş yer var - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - UYARI: Aygıt/bölüm işletim sistemi veya uygulamalar tarafından kullanımda. Bu aygıtı/bölümü biçimlendirmek veri bozukluğuna ve sistemin kararsız hale gelmesine neden olabilir.\n\nDevam etmek istiyor musunuz? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - Hata: aygıt/bölüm bağlantısı kesilemeyen bir dosya sistemi içeriyor. Bu dosya sistemi işletim sistemi tarafından kullanımda olabilir. Aygıtı/bölümü biçimlendirmek büyük ihtimalle veri bozulmasına ve sistemin kararsız haline gelmesine neden olacaktır.\n\nBu sorunu gidermek için, önce bölümü silmenizi ve biçimlendirmeden yeniden oluşturmanızı tavsiye ediyoruz. Bunu yapmak için şu adımları takip edin: 1) 'Başlat Menüsü'ndeki 'Bilgisayar' (veya 'Bilgisayarım') simgesine sağ tıklayın ve 'Yönet'i seçin. 'Bilgisayar Yönetimi' penceresi ekrana gelecektir. 2) 'Bilgisayar Yönetimi' penceresinde, 'Depolama' > 'Disk Yönetimi'ni seçin. 3) Şifrelemek istediğiniz bölüme sağ tıklayın ve bunlardan birini seçin: 'Bölümü Sil' veya 'Birimi Sil' veya 'Mantıksal Sürücüyü Sil'. 4) 'Evet'e tıklayın. Windows sizden bilgisayarı yeniden başlatmanızı isterse bunu yapın. Bundan sonra 1. ve 2. adımları tekrarlayıp 5. adımdan devam edin. 5) Ayrılmamış/boş alana sağ tıklayın ve bunlardan birini seçin: 'Yeni Bölüm' veya 'Yeni Basit Birim' veya 'Yeni Mantıksal Sürücü'. 6) 'Yeni Bölüm Sihirbazı' veya 'Yeni Basit Birim Sihirbazı' penceresi belirecektir, bu sihirbazın yönergelerini takip edin. 'Bölümü Biçimlendir' başlıklı sihirbaz sayfasında 'Bu bölümü biçimlendirme' veya 'Bu birimi biçimlendirme' seçeneklerinden birini seçin. Aynı sihirbazda 'İleri' düğmesine basın ve 'Son' düğmesine basın. 7) VeraCrypt'te seçtiğiniz aygıt yolunun şimdi hatalı olabileceğine dikkat edin. Bu nedenle VeraCrypt Birim Oluşturma Sihirbazı'ndan çıkın (halen çalışıyorsa) ve bunu tekrar başlatın. 8) Aygıtı/bölümü şifrelemeyi tekrar deneyin.\n\nEğer VeraCrypt aygıtı/bölümü şifrelemekte tekrar tekrar başarısız oluyorsa, bunun yerine dosya konteyneri oluşturmayı düşünebilirsiniz. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - UYARI: Bağlı aygıtlardan/bölümlerden bazıları şu an kullanımda!\n\nBunu yok saymak sistem kararsızlığı dahil olmak üzere istenmeyen sonuçlar doğurabilir.\n\nBu aygıtları/bölümleri kullanabilecek uygulamaları kapamanızı şiddetle öneriririz. - Seçili aygıt bölümler içeriyor.\n\nAygıtı biçimlendirmek sistemin kararsız haline gelmesine ve/veya veri bozukluğuna yol açabilir. Lütfen aygıt üzeride bir bölüm seçin veya VeraCrypt'in bu aygıtı güvenli bir şekilde biçimlendirebilmesi için üzerindeki tüm bölümleri kaldırın. - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - %s bölümünde %.2f bayt boş yer var. - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - Uygun sürücü harfleri alınamadı. - Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Hata: Şifreleyici başlatma başarısız. - Hata: Zayıf veya potansiyel olarak zayıf bir anahtar algılandı. Anahtar atılacak. Lütfen tekrar deneyin. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt Kritik Hata - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Encrypt - &Decrypt - &Permanently Decrypt - Çıkış - Dosyada barındırılan birimler oluşturabilir veya sabit disk bölümlerini tamamen şifreleyebir, disketleri, USB bellek çubuklarını ve diğer depolama aygıtlarını şifreleyebilirsiniz. Yeni birimin barındırlacağı dosya adını ve yolunu belirtmek için 'Dosya Seç...'e tıklayın veya şifrelenecek bir bölüm veya aygıt seçmek için 'Aygıt Seç...'e tıklayın.\n\nUyarı: Bir bölümü veya aygıtı şifrelerseniz, şu an bölüm veya aygıt üzerinde bulunan tüm veriler silinecektir. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - İçerisinde gizli bir birim oluşturmak istediğiniz VeraCrypt biriminin konumunu seçin. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - Hata: Birim bağlanamıyor. Sunucu dosya/aygıt şu an kullanımda. Özel erişim olmadan bağlama girişimi de başarısız. - Dosya açılamadı. - Birim Konumu - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Note: - &Resume - &Defer - &Start - &Continue - &Biçimlendir - &Wipe - Biçimlendirme iptal edilsin mi? - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - The system partition/drive has been successfully decrypted. - \n\nVeraCrypt birimi oluşturuldu ve birim şu an kullanıma hazır. Başka bir VeraCrypt birimi oluşturmak istiyorsanız Sonraki'ye tıklayın. Aksi halde Çıkış'a tıklayın. - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCrypt birimi başarıyla oluşturuldu. - Birim Oluşturuldu - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. - Click Format to create the outer volume. For more information, please refer to the documentation. - Dış Birim Biçimi - Gizli Birim Biçimi - Birim Biçimi - VeraCrypt Kullanıcı Kılavuzu'nu görüntüleyebilmek veya yazdırabilmek için Adobe Reader (veya uyumlu bir araç) gereklidir. Adobe Reader (ücretsiz) buradan indirilebilir: www.adobe.com\n\nBunun yerine çevrimiçi dökümantasyonu görüntülemek ister misiniz? - If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. - If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. - Volume Creation Mode - Gizli Birim Oluşturuldu - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - Dış birim başarıyla oluşturuldu ve %hc: sürücüsü olarak bağlandı. Bu birime şimdi bazı önemli görünen fakat gerçekten saklamak İSTEMEDİĞİNİZ dosyalar kopyalamalısınız. Dosyalar, parolanızı söylemeye zorlandığınızda burada olacaktır. Gizli olan birimin parolasını değil, sadece bu dış birime ait parolayı açığa çıkaraksınız. Gerçekten önem verdiğiniz dosyalar, sonradan oluşturulacak olan gizli birim içerisinde depolanacak. Kopyalamayı bitirdiğinizde Sonraki'ye basın. Birimin bağlantısını kesmeyin.\n\nUyarı: Sonraki'ye bastıktan sonra, sonu birimin sonu ile aynı hizada bulunan boş alanın kesintiye uğramamış alanının boyutunu belirlemek için dış birimin küme bit-eşlemi tarancaktır. Küme bit eşlemi taraması gizli birim tarafından dış birimde bulunan verinin üzerine yazılmamasını garantiler. - Dış Birim İçeriği - \n\nSonraki adımlarda dış birim için seçenekleri ayarlayacaksınız (sonradan içinde gizli birimin oluşturulacağı birim). - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - Dış Birim - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nBirim küme bit eşlemi tarandı ve oluşturulabilecek en büyük gizli birim boyutu belirlendi. Sonraki adımlarda gizli birim için seçenekleri, boyutu ve parolayı ayarlayacaksınız. - Gizli Bölüm - The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - Your computer must be restarted.\n\nDo you want to restart it now? - An error occurred when obtaining the system encryption status. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Cannot initialize application components for system encryption. - Rasgele sayı oluşturucusunu başlatma başarısız! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Uygulamayı başlatma başarısız. Dialog sınıfını kayıt etme başarısız. - Error: Failed to load the Rich Edit system library. - VeraCrypt Birim Oluşturma Sihirbazı - Bu birim için en fazla gizli birim boyutu %.2f bayt. - Bu birim için en fazla gizli birim boyutu %.2f KB. - Bu birim için en fazla gizli birim boyutu %.2f MB. - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - Birim bağlıyken birim parolaları/anahtar dosyaları değiştirilemez. Lütfen önce birimin bağlantısını kesin. - Üstbilgi anahtarı türetme algoritması birim bağlıyken değiştirilemez. Lütfen önce birimin bağlantısını kesin. - Bağ&la - Bu birimi bağlamak için VeraCrypt'in daha yeni bir sürümü gerekiyor. - Hata: Birim Oluşturma Sihirbazı bulunamadı.\n\nLütfen 'VeraCrypt Format.exe' dosyasının 'VeraCrypt.exe' uygulamasının başlatıldığı konumda olduğundan emin olun. Eğer burada yoksa, lütfen VeraCrypt'i yeniden yükleyin veya diskiniz üzerinde 'VeraCrypt Format.exe' dosyasını bulun ve çalıştırın. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - S&onraki > - &Bitir - &Install - E&xtract - Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. - Yazı tiplerini yüklerken/hazırlarken hata oluştu. - The drive letter was not found or no drive letter was specified. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Sürücü harfi kullanılabilir değil. - Dosya seçilmedi! - Hiçbir sürücü harfi mevcut değil. - Dış birim için hiçbir boş sürücü harfi yok! Birim oluşturma devam edemiyor. - İşletim sisteminizin sürümü belirlenemiyor veya desteklenmeyen bir işletim sistemi kullanıyorsunuz. - Yol seçilmedi! - Gizli birim için boş alan bulunmuyor! Birim oluşturma devam edemiyor. - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - Sürücü, birimin bağlantısını kesemedi. Birim üzerindeki bazı dosyalar muhtemelen açık. - Birim kilitlenemedi. Birim üzerinde hala açık olan dosyalar var. Bu nedenle birimin bağlantısı kesilemiyor. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - Bir VeraCrypt Birimi Seçin - Yol ve Dosya Adını Belirtin - Select PKCS #11 Library - Yetersiz Bellek - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? - CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - Parola - PIM - Üstbilgi Anahtarı Türetme Algoritmasını Ayarla - Birime/Birimden Anahtar Dosyası Ekle/Kaldır - Birimden Tüm Anahtar Dosyalarını Kaldır - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Anahtar dosyaları başarıyla eklendi/kaldırıldı. - Keyfile exported. - Üstbilgi anahtarı türetme algoritması başarıyla ayarlandı. - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. - Lütfen gizli birim için bir parola seçin. - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - Lütfen içinde gizli bir birim oluşturmak istediğiniz birim için parolayı girin.\n\nSonraki düğmesine tıkladıktan sonra VeraCrypt birimi bağlamayı deneyecektir. Birim bağlandığı anda birimin küme bit eşlemi, birimin sonuyla hizalı kesintiye uğramamış boş alanın (eğer varsa) boyutunu belirlemek için taranacaktır. Bu alan gizli birimi barındıracak, dolayısıyla birimin olası en büyük alanını sınırlandıracaktır. Küme eşlem taraması, gizli birim tarafından dış birimdeki üzerine hiçbir veri yazılmamasından emin olmak için gereklidir. - \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - Dış Birim Parolası - Gizli Birim Parolası - Password for Hidden Operating System - UYARI: Kısa parolalar, brute force (işlemci gücüne dayanan bir teknik) teknikleriyle kolayca kırılabilir!\n\n20 karakterden daha uzun bir parola seçmenizi öneriyoruz. Kısa bir parola kullanmak istediğinizden emin misiniz? - Birim Parolası - Parola yanlış ya da bu bir VeraCrypt bölümü değil. - Yanlış anahtar dosyaları ve/veya yanlış parola veya bu bir VeraCrypt birimi değil. - Wrong mount mode, incorrect password, or not a VeraCrypt volume. - Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. - Yanlış parola veya hiçbir VeraCrypt birimi bulunamadı. - Yanlış anahtar dosyaları/parola veya hiçbir VeraCrypt birimi bulunamadı. - \n\nUyarı: Caps Lock açık. Bu, parolanızı hatalı girmenize neden olabilir. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Back - Sisteminizde yüklü ham sürücüler listelenemiyor! - Birim '%s' bulunuyor ve salt okunur. Değiştirmek istediğinizden emin misiniz? - Hedef dizini seçin - Anahtar Dosyayı Seçin - Anahtar dosyası arama konumunu seçin. UYARI: Sadece konum hatırlanacaktır, dosya adları hatırlanmayacaktır! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Dış Birimin Boyutu - Gizli Birimin Boyutu - Please verify that the size of the selected device/partition shown above is correct and click Next. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Birim Boyutu - Dinamik - DİKKAT: KENDİ KENDİNİ SINAMA BAŞARISIZ! - Tüm algoritmalar kendini sınamayı geçti - The data unit number that you supplied is too long or short. - The secondary key that you supplied is too long or short. - Verdiğiniz sınama ciphertext'i çok uzun veya kısa. - Verdiğiniz sınama anahtarı çok uzun veya kısa. - Verdiğiniz sınama plaintext'i çok uzun veya kısa. - Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt Traveler Disk - Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. - %s hakkında daha fazla bilgi - Bilinmeyen - An unspecified or unknown error occurred (%d). - Bazı birimler, uygulamalar veya sistem tarafından kullanımda olan dosyalar veya klasörler içeriyor.\n\nBağlantı kesilmeye zorlansın mı? - Bağlant&ıyı Kes - Bağlantıyı kesme başarısız! - Birim, uygulamalar veya sistem tarafından kullanımda olan dosyalar veya klasörler içeriyor.\n\nBağlantı kesilmeye zorlansın mı? - No volume is mounted to the specified drive letter. - Bağlamaya çalıştığınız birim zaten bağlı. - Birimi bağlamaya çalışırken hata oluştu. - Birim içinde konum arama hatası. - Hata: Birim boyutu yanlış. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt yabancı bir birim için parolayı değiştiremiyor. - Lütfen listeden bir boş sürücü harfi seçin. - Lütfen sürücü harfi listesinden bir bağlı birim seçin. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Hata: autorun.inf oluşturulamıyor. - Anahtar dosyayı işlerken hata oluştu! - Anahtar dosya konumunu işlerken hata oluştu! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt bu işletim sistemini desteklememektedir. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Hata: Bellek ayrılamıyor. - Hata: Performans sayacının değeri alınamıyor. - Error: Bad volume format. - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - Legal Notices - Tüm Dosyalar - VeraCrypt Bölümleri - Library Modules - NTFS biçimlendirme devam edemiyor. - Birim bağlanamadı. - Birim bağlantısı kesilemiyor. - Windows, birimi NTFS olarak biçimlendiremedi.\n\nLütfen farklı bir dosya sistemi seçin (mümkünse) ve tekrar deneyin. Alternatif olarak, birimi biçimlendirilmemiş halde bırakabilir (dosya sistemi olarak 'Yok'u seçin), bu sihirbazdan çıkabilir, birimi bağlayabilir ve bağlı birimi biçimlendirmek için sistemi veya üçüncü taraf bir aracı kullanabilirsiniz (birim şifreli kalacaktır). - Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? - Varsayılan - partition - BÖLÜM - Aygıt - device - AYGIT - Birim - volume - VOLUME - Label - Seçili küme boyutu bu birim boyutu için çok küçük. Daha büyük bir küme boyutu kullanılacak. - Hata: Birim boyutu alınamıyor!\n\nSeçili birimin sistem veya bir uygulama tarafından kullanılmadığından emin olun. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. - Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. - Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). - Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Hata: Birime erişilemiyor!\n\nSeçili birimin var olduğundan, bağlı olmadığından veya sistem veya bir uygulama tarafından kullanımda olmadığından, birim için okuma/yazma izinlerine sahip olduğunuzdan ve bunun yazma korumalı olmadığından emin olun. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Hata: Dış birimin bağlantısı kesilemiyor!\n\nBirim bağlantısı, birim bir program veya sistem tarafından kullanılan dosya veya klasörler içerdiğinde kesilemez.\n\nLütfen birim üzerindeki dosyaları veya dizinleri kullanabilecek tüm programları kapatın ve Yeniden Dene'ye tıklayın. - Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. - Hata: Dış birime erişilemiyor! Birim oluşturma devam edemiyor. - Hata: Dış birim bağlanamıyor! Birim oluşturma devam edemiyor. - Hata: Küme bit eşlemi alınamıyor! Birim oluşturma devam edemiyor. - Alfabetik/Sınıflandırılmış - Ortalama Hız (Azalan) - Algoritma - Şifreleme - Şifre Çözme - Ortalama - Sürücü - Boyut - Şifreleme Algoritması - Şifreleme algoritması - Tür - Değer - Özellik - Konum - bayt - Gizli - Dış - Normal - System - Hidden (system) - Salt Okunur - System drive - System drive (encrypting - %.2f%% done) - System drive (decrypting - %.2f%% done) - System drive (%.2f%% encrypted) - System partition - Hidden system partition - System partition (encrypting - %.2f%% done) - System partition (decrypting - %.2f%% done) - System partition (%.2f%% encrypted) - Evet (hasar engellendi!) - Yok - Primary Key Size - Secondary Key Size (XTS Mode) - Tweak Key Size (LRW Mode) - bit - Blok Boyutu - PKCS-5 PRF - PKCS-5 Öğe Sayısı - Birim Oluşturulma - Üstbilgi Son Değiştirilme - (%I64d gün önce) - Volume Format Version - Embedded Backup Header - VeraCrypt Boot Loader Version - İlk kullanılabilir - Removable Disk - Sabit disk - Değişiklik yok - Autodetection - Wizard Mode - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Setup Options - Here you can set various options to control the installation process. - Installing - Please wait while VeraCrypt is being installed. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Extraction Options - Here you can set various options to control the extraction process. - Please wait while files are being extracted. - Files successfully extracted - All files have been successfully extracted to the destination location. - If the specified folder does not exist, it will be automatically created. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - VeraCrypt'in şu anki (son kararlı) sürümünün sürüm notlarını görüntülemek istiyor musunuz? - VeraCrypt'i daha önce hiç kullanmadıysanız, VeraCrypt Kullanıcı Kılavuzundaki Beginner's Tutorial (Yeni Başlayanlar İçin Eğitim) bölümünü okumanızı tavsiye ediyoruz. Eğitimi görüntülemek istiyor musunuz? - Please select an action to perform from the following: - Repair/Reinstall - Upgrade - Uninstall - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - Installation failed. - Uninstallation failed. - This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). - Cannot write file %s - Extracting - Cannot read data from the package. - Cannot verify the integrity of this distribution package. - Extraction failed. - Yükleme geri alındı. - VeraCrypt başarıyla yüklendi. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt başarıyla kaldırıldı.\n\nVeraCrypt yükleyicisini ve %s klasörünü silmek için 'Bitir'e tıklayın. Buna dikkat edin: Klasör, VeraCrypt yükleyicisi tarafından yüklenmeyen veya VeraCrypt tarafından oluşturulan dosyalar içeriyorsa silinmeyecektir. - VeraCrypt kayıt defteri girdileri kaldırılıyor - Kayıt defteri girişi ekleniyor - Uygulamaya özel veri kaldırılıyor - Yükleniyor - Durduruluyor - Kaldırılıyor - Simge eklendi - Sistem Geri Yükleme noktası oluşturuluyor - Sistem Geri Yükleme noktası oluşturma başarısız! - Updating boot loader - Failed to install '%s'. %s\nDo you want to continue installing? - Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? - Yükleme tamamlandı. - Klasör '%s' oluşturulamadı - VeraCrypt aygıt sürücüsü bellekten kaldırılamadı.\n\nLütfen önce açık tüm VeraCrypt pencerelerini kapatın. Bu işe yaramazsa lütfen Windows'u yeniden başlatın ve tekrar deneyin. - VeraCrypt'i yüklemeden veya kaldırmadan önce tüm VeraCrypt birimlerinin bağlantısı kesilmelidir. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - Kayıt defteri girdilerinin yüklenmesi başarısız - Aygıt sürücüsünün yüklenmesi başarısız. Lütfen Windows'u yeniden başlatın ve VeraCrypt'i yüklemeyi tekrar deneyin. - VeraCrypt aygıt sürücüsü başlatılıyor - Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). - VeraCrypt aygıt sürücüsü yükleniyor - VeraCrypt aygıt sürücüsü durduruluyor - VeraCrypt aygıt sürücüsü kaldırılıyor - Kullanıcı Hesabı Kontrolü desteği kitaplığı kaydı başarısız. - Kullanıcı Hesabı Kontrolü desteği kitaplığı kaydının kaldırılması başarısız. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - Error: Cannot display license. - Dış(!) - gün - saat - dakika - s - - Bağantıyı Kes - VeraCrypt'i Göster - VeraCrypt'i Gizle - Bağlandığından itibaren okunan Veri - Bağlandığından itibaren yazılan Veri - Encrypted Portion - 100% (fully encrypted) - 0% (not encrypted) - %.3f%% - 100% - Waiting - Preparing - Resizing - Encrypting - Decrypting - Finalizing - Paused - Finished - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - %s için parolayı girin - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - Anahtar dosyası başarıyla oluşturuldu. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - Birim üstbilgi yedeği başarıyla oluşturuldu.\n\nÖNEMLİ: Bu yedeği kullanarak birim üstbilgisini geri yüklemek, şu anki birim parolasını da geri yükleyecektir. Ayrıca, birimi bağlamak için anahtar dosya(lar) gerekli ise, birim üstbilgisi geri yüklendiğinde aynı anahtar dosyalar gerekli olacaktır.\n\nUYARI: Bu birim üstbilgi yedeği, sadece bu birime özgüdür ve SADECE bu birimin üstbilgisini geri yüklemek için kullanılabilir. Bu üstbilgi yedeğini farklı bir birimin üstbilgisini geri yüklemek için kullanırsanız, birimi bağlayabilirsiniz fakat birimde depolanmış olan hiçbir verinin ŞİFRESİNİ ÇÖZEMEZSİNİZ (onun ana anahtarını değiştirdiğinizden). - Birim üstbilgisi başarıyla geri yüklendi.\n\nÖNEMLİ: Lütfen eski bir parolanın da geri yüklenmiş olabileceğine dikkat edin. Ayrıca, yedek oluşturulduğu zaman birimi bağlamak için anahtar dosyalara ihtiyaç duyulduysa, birimi bağlamak için aynı anahtar dosyaları gerekli olacaktır. - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - %s birimine ait birim üstbilgisini geri yüklemek istediğinizden emin misiniz?\n\nUYARI: Bir birim üstbilgisini geri yüklemek, yedek oluşturulduğunda geçerli olan birim parolasını da geri yükler. Ayrıca, yedek oluşturulduğunda anahtar dosyalar kullanımdaysa, birim üstbilgisi geri yüklendikten sonra birimi tekrar bağlamak için aynı anahtar dosyaları gerekli olacaktır.\n\nEvet'e tıkladıktan sonra, üstbilgi yedek dosyasını seçeceksiniz. - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. - The VeraCrypt Rescue Disk has been successfully verified. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Error creating VeraCrypt Rescue Disk. - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Lütfen devam etmeden önce birimin bağlantısını kesin. - Error: Cannot set timer. - Dosya Sistemini Kontrol Et - Dosya Sistemini Tamir Et - Add to Favorites... - Add to System Favorites... - P&roperties... - Gizli Birim Korumada - N/A - Evet - Hayır - Disabled - 1 - 2 or more - İşleme Modu - Label: - Size: - Path: - Drive Letter: - Hata: Parola sadece ASCII karakterleri içermelidir.\n\nParoladaki ASCII olmayan karakterler, sistem yapılandırması değiştiğinde birimin bağlanmasını imkansız hale getirebilir.\n\nAşağıdaki karakterlere izin verilmektedir:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Uyarı: Parola ASCII olmayan karakterler içeriyor. Bu, sistem yapılandırmanız değiştiğinde birimi bağlamayı imkansız hale getirebilir.\n\nParoladaki tüm ASCII olmayan karakterleri ASCII karakterlerle değiştirmelisiniz. Bunu yapmak için 'Birimler'e tıkayın -> 'Birim Parolasını Değiştir' düğmesine basın.\n\nBunlar ASCII karakterleridir:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Giriş Sayfası - UYARI: Windows yüklemenize hiçbir Hizmet Paketi (Service Pack) yüklememişsiniz. Hizmet Paketi 1 veya daha sonrasını uygulamadığınız bir Windows XP'de 128 GB'tan büyük IDE disklere yazmamalısınız! Yazarsanız, disk üzerindeki veri (VeraCrypt birimi olsun veya olmasın) bozulabilir. Bunun Windows'un bir kısıtlaması olduğuna ve VeraCrypt içindeki bir hata olmadığına dikkat edin. - UYARI: Windows yüklemenize Hizmet Paketi 3 (Service Pack 3) veya daha sonrasını uygulamamışsınız. Hizmet Paketi 3 veya daha sonrasını uygulamadığınız bir Windows 2000'de 128 GB'tan büyük IDE disklerine yazmamalısınız! Yazarsanız, disk üzerindeki veri (VeraCrypt birimi olsun veya olmasın) bozulabilir. Bunun Windows'un bir kısıtlaması olduğuna ve VeraCrypt içindeki bir hata olmadığına dikkat edin.\n\nUyarı: Kayıt defterinde 48-bit LBA desteğini etkinleştirmeniz de gerekebilir. Daha fazla bilgi için http://support.microsoft.com/kb/305098/EN-US adresine bakın. - UYARI: 48-bit LBA ATAPI desteği sisteminizde devre dışı. Bu nedenle 128 GB'tan daha büyük IDE disklere yazmamalısınız! Yazarsanız, disk üzerindeki veri (VeraCrypt birimi olsun veya olmasın) bozulabilir. Bunun Windows'un bir kısıtlaması olduğuna ve VeraCrypt içindeki bir hata olmadığına dikkat edin.\n\n48-bit LBA desteğini etkinleştirmek için, HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters kayıt defteri anahtarında 'EnableBigLba' kayıt defteri değerini ekleyin ve bunu 1 olarak ayarlayın.\n\nDaha fazla bilgi için, http://support.microsoft.com/kb/305098 adresine bakın. - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - UYARI: İleride dış birime daha fazla veri/dosya eklemenin mümkün olmasını istiyorsanız, gizli birim için daha küçük bir boyut seçmeyi düşünmelisiniz.\n\nBelirttiğiniz boyut ile devam etmek istediğinizden emin misiniz? - Hiçbir birim seçilmedi.\n\nBir VeraCrypt birimi seçmek için 'Aygıt Seç' veya 'Dosya Seç'e tıklayın. - No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. - WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? - Aygıtları Otomatik Bağla - Hepsinin Bağlantısını Kes - Önbelleği Temizle - Dismount All & Wipe Cache - Hepsinin Bağlantısını Kesmeye Zorla & Önbelleği Temizle - Hepsinin Bağlantısını Kesmeye Zorla, Önbelleği Temizle & Çık - Sık Kullanılan Birimleri Bağla - VeraCrypt Penceresini Göster/Gizle - (Buraya tıklayın ve bir tuşa basın) - Eylem - Kısayol - Hata: Bu kısayol ayrılmış. Lütfen farklı bir kısayol seçin. - Hata: Kısayol zaten kullanımda. - UYARI: Bir veya daha fazla VeraCrypt sistem çapında kısayol tuşu çalışmayacak!\n\nLütfen diğer uygulamaların ve işletim sisteminin VeraCrypt ile aynı kısayolları kullanmadığından emin olun. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - UYARI: Bu seçenek devre dışı ise, açık dosya/dizinler içeren birimlerin bağlantısı otomatik olarak kesilemez.\n\nBu seçeneği devre dışı bırakmak istediğinizden emin misiniz? - UYARI: açık dosyalar/dizinler içeren birimlerin bağlantısı otomatik olarak KESİLMEYECEKTİR.\n\nBunu engellemek için, bu pencerede belirtilen seçeneği etkinleştirin: 'Birim açık dosyalar veya dizinler içerse bile otomatik bağlantı kesmeye zorla' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Exit? - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. - Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. - Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. - Error: Failed to interrupt the process of wiping. - Error: Failed to resume the process of encryption/decryption of the system partition/drive. - Error: Failed to start the process of wiping. - Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - UYARI: VeraCrypt Arkaplan Görevi devre dışı. VeraCrypt'ten çıktıktan sonra, gizli birimin hasardan korunduğuna dair uyarılmayacaksınız.\n\nUyarı: Arkaplan Görevini istediğiniz zaman sistem uyarı alanındaki VeraCrypt simgesine sağ tıklayıp, 'Çıkış'ı seçerek kapatabilirsiniz.\n\nVeraCrypt Arkaplan Görevi etkinleştirilsin mi? - Dil paketi versiyonu: %s - %s olarak bağlanan VeraCrypt biriminin dosya sistemi kontrol ediliyor... - %s olarak bağlanan VeraCrypt biriminin dosya sistemi onarılmaya çalışılıyor... - Uyarı: Bu birim eski bir şifreleme algoritmasıyla şifrelenmiş.\n\nHiçbir 64-bit-blok şifreleme algoritması (örn. Blowfish, CAST-128, veya Triple DES) onaylanmamıştır. Bu birimi VeraCrypt'in ileriki sürümlerini kullanarak bağlamak mümkün olacaktır. Bununla birlikte, bu eski şifreleme algoritmalarının yürütülmesi için geliştirmeler olmayacaktır. 128-bit-blok şifreleme algoritmasıyla (örn. AES, Serpent, Twofish, vs.) şifreli yeni bir VeraCrypt birimi oluşturmanızı ve bu birimdeki tüm dosyaları yeni birime taşımanızı tavsiye ediyoruz. - Sisteminiz yeni birimleri otomatik olarak bağlamak üzere yapılandırılmamış. Aygıt sunumlu VeraCrypt birimlerini bağlamak imkansız olabilir. Otomatik bağlama, aşağıdaki komutu çalıştırıp sistemi yeniden başlatarak etkinleştirilebilir.n\n\nmountvol.exe /E - Lütfen devam etmeden önce bölüme/aygıta bir sürücü harfi atayın ('Denetim Masası' > 'Sistem ve Bakım' > 'Yönetimsel Araçlar' - 'Sabit disk bölümleri oluştur ve biçimlendir').\n\nBunun işletim sisteminin bir gereksinimi olduğuna dikkat edin. - VeraCrypt birimi bağla - Tüm VeraCrypt birimlerininin bağlantısını kes - VeraCrypt Yönetici haklarını alamadı. - Erişim işletim sistemi tarafından engellendi.\n\nMuhtemel neden: İşletim sistemi, bazı klasörler, dosyalar ve aygıtlardan/aygıtlara veri okuyup/yazmanıza izin vermek için okuma/yazma izniniz (veya yönetici hakları) olmasını gerektirir. Normalde, yönetici haklarına sahip olmayan bir kullanıcı, kendi Belgelerim klasörü içinde dosyalar oluşturabilir, okuyabilir, değiştirebilir. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. - The feature is not supported on the version of the operating system you are currently using. - VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. - CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). - Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - Your system partition/drive appears to be fully encrypted. - VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). - As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - This algorithm is currently not supported for system encryption. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. - Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. - As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. - VeraCrypt prevented change of keyboard layout. - Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - Error: Cannot save system encryption settings. - Cannot initiate the system encryption pretest. - Cannot initiate the process of creation of the hidden operating system. - Wipe Mode - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - None (fastest) - 1-pass (random data) - 3-pass (US DoD 5220.22-M) - 7-pass (US DoD 5220.22-M) - 35-pass ("Gutmann") - 256-pass - Number of Operating Systems - WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Boot Drive - Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. - VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. - Number of System Drives - How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. - VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. - Multiple Systems on Single Drive - Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. - Non-Windows Boot Loader - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - Multi-Boot - VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - Detecting Hidden Sectors - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - Area to Encrypt - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Collecting Random Data - Keys Generated - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Rescue Disk Recording - Rescue Disk Created - System Encryption Pretest - Rescue Disk Verified - \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? - Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Pretest Completed - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - Do you want to cancel the system encryption pretest? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - The system partition/drive does not appear to be encrypted (neither partially nor fully). - Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. - An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. - Error: The process of encryption of the partition/drive has not been completed. It must be completed first. - Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - Error: Incorrect/invalid parameter. - You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? - Do you want to create a VeraCrypt file container instead? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Are you sure you want to permanently decrypt the system partition/drive? - CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Failed to upgrade the VeraCrypt Boot Loader. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. - Skip detection of hidden sectors (use the size reported by the operating system) - Try to detect hidden sectors again - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Rescue Disk - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Test - Anahtar Dosya - Geri Al Tuşu - Tab - Sil - Enter - Pause - Caps Lock - Spacebar - Page Up - Page Down - End - Home - Sol - Yukarı - Sağ - Aşağı - Select Tuşu - Print Tuşu - Execute Tuşu - Print Screen - Insert - Delete - Applications Tuşu - Sleep - Num Lock - Scroll Lock - Tarayıcı Geri - Tarayıcı İleri - Tarayıcı Yenile - Tarayıcı Dur - Tarayıcı Ara - Tarayıcı Sık Kullanılanlar - Tarayıcı Giriş Sayfası - Sessiz - Sesi Kıs - Sesi Aç - Sonraki Parça - Önceki Parça - Ortamı Durdur - Ortamı Yürüt/Duraklat - Postayı Başlat Tuşu - Ortamı Seç Tuşu - Uygulama 1 - Uygulama 2 - Attn - CrSel - ExSel - Yürüt - Yakınlaş - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Önbellekteki parolaları otomatik bağlantı keserken temizle + Önbellekteki parolaları çıkışta temizle + Preserve modification timestamp of file containers + Sıfırla + Ay&gıt seç... + Dosya &seç... + Select &Library... + Parolayı göster + Parolayı göster + Bağlanan &birim için Gezgin penceresini aç + &Parolayı aygıt belleğinde önbelleğe al + TrueCrypt Mode + H&epsinin Bağlantısını Kes + Birim Ö&zellikleri... + Biri&m Araçları... + Ö&nbelleği Temizle + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - Sistem çapında kısayol tuşları + VeraCrypt + Change Password or Keyfiles + VeraCrypt Birimi Parolasını Girin + VeraCrypt - Performance and Driver Options + VeraCrypt - Seçenekler + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + VeraCrypt Traveler Disk Setup + VeraCrypt Birim Özellikleri + Hakkında... + Birime/Birimden Anahtar Dosyaları Ekle/Kaldır... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Birim Üstbilgisini Yedekle... + Hız Testi... + Üstbilgi Anahtarı Türetme Algoritmasını Ayarla... + Birim Parolasını Değiştir... + Set Header Key Derivation Algorithm... + Change Password... + Birim Geçmişini Temizle + Close All Security Token Sessions + İletişim... + Create Hidden Operating System... + Create Rescue Disk... + Yeni Birim Oluştur... + Permanently Decrypt... + Varsayılan Anahtar Dosyaları... + Default Mount Parameters... + Donate now... + Encrypt System Partition/Drive... + Sık Sorulan Sorular + Kullanıcı Rehberi + &Giriş Sayfası + Kısayol Tuşları... + Anahtar Dosya Üreteci + Dil... + Yasal Uyarılar + Manage Security Token Keyfiles... + Aygıtta Barınan Tüm Ciltleri Otomatik Bağla + Sık Kullanılan Birimleri Bağla + Mount Without Pre-Boot &Authentication... + Birim Bağla + Birimi Seçeneklerle Bağla + Haberler + Çevrimiçi Yardım + Yeni Başlayanlar İçin Eğitim + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Permanently Decrypt System Partition/Drive + Seçenekler... + Sürücü Harflerini Yenile + Birimden Tüm Anahtar Dosyalarını Kaldır... + Birim Üstbilgisini Geri Yükle... + Resume Interrupted Process + Aygıt Seç... + Dosya Seç... + Resume Interrupted Process + System Encryption... + Properties... + Settings... + System Favorite Volumes... + İndirmeler + Vektörleri Sına... + Security Tokens... + Traveler Disk Setup... + Bağlı Olan Birimlerin Bağlantısını Kes + Birimin Bağlantısını Kes + Verify Rescue Disk + Verify Rescue Disk ISO Image + Sürüm Geçmişi + Volume Expander + Birim Özellikleri + Birim Oluşturma Sihirbazı + VeraCrypt Web Sayfası + Önbellekteki Parolaları Temizle + Tamam + Hardware Acceleration + Kısayol + Otomatik Çalışma Yapılandırması (autorun.inf) + Otomatik Bağlantı Kesme + Hepsini Ayır: + Boot Loader Screen Options + Parolayı Tekrar Yazın: + Şu anki + Display this custom message in the pre-boot authentication screen (24 characters maximum): + Ön tanımlı Bağlama Özellikleri + Kısayol Özellikleri + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Dosya Ayarları + Atanacak tuş: + Processor (CPU) in this computer supports hardware acceleration for AES: + Windows'a oturum açtıktan sonra gerçekleştirilecek eylemler + dakika + Birimi sürücü harfi olarak bağla: + Bağlama Seçenekleri + Yeni + Parola: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + Parola Önbelleği + Security Options + VeraCrypt Arka Plan Görevi + VeraCrypt volume to mount (relative to traveler disk root): + Upon insertion of traveler disk: + Create traveler disk files at (traveler disk root directory): + Birim + Windows + Yol &Ekle... + &Hepsini Test Et + &Continue + &Şifreyi Çöz + &Delete + &Şifrele + &Export... + Anahtar Dosyası Üret ve Kaydet... + &Rasgele Anahtar Dosyası Üret... + Dil paketi yükle + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + A&nahtar dosyaları kullan + &Anahtar dosyalar + &Kaldır + Hepsini &Kaldır + Gizli birim koruması nedir? + More information on keyfiles + Birimi ayrılabilir aygı&t olarak bağla + Mount partition &using system encryption without pre-boot authentication + Parallelization: + Hız Testi + &Print + Dış birime yazarken gizli birime gelecek hasara karşı &koru + &Sıfırla + &Parolayı göster + Add &Token Files... + Use backup header embedded in &volume if available + XTS mode + VeraCrypt Hakkında + VeraCrypt - Şifreleme Algoritması Hız Testi + VeraCrypt - Vektörleri Sına + Komut Satırı Yardımı + VeraCrypt - Anahtar Dosyaları + VeraCrypt - Anahtar Dosya Oluşturucusu + VeraCrypt - Dil + VeraCrypt - Bağlama Özellikleri + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Bir Birim veya Aygıt Seç + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Etkin dil paketi + Hız; işlemci yüklenmesi ve depolama aygıtı karakteristiğinden etkilenir.\n\nBu testler RAM içerisinde yapılır. + Ara Bellek Boyutu: + Şifreleme: + &Gizli birimin parolası:\n(boşsa, önbellek kullanılır) + Gizli Birim Koruması + Anahtar Boyutu: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. + UYARI: Anahtar dosyasını kaybederseniz veya ilk 1024 kilobayt'ının bir bit'i değişirse, bu anahtar dosyasını kullanan birimleri bağlamak imkansız hale gelecektir! + bit + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Çeviren: + Plaintext boyutu: + bit + Şimdiki Havuz İçeriği + Karıştırma PRF: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Secondary key (hexadecimal) + Security token: + Sıralama Yöntemi: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Block number: + Ciphertext (onaltılık) + Data unit number (64-bit hexadecimal, data unit size is 512 bytes) + Anahtar (onaltılık) + Plaintext (onaltılık) + Keyfile name: + XTS mode + S&ystem + &Birimler + Favor&ites + Ara&çlar + Settin&gs + &Yardım + &Web sayfası + + &Hakkında... + Eski biriminizdeki salt okunur özelliği değiştirilemedi. Lütfen dosya erişim izinlerini kontrol edin. + Hata: Erişim engellendi.\n\nErişmeye çalıştığınız aygıt ya 0 bayt uzunluğunda ya da önyükleme aygıtı. + Administrator + VeraCrypt sürücüsünü yüklemek için, yönetici haklarına sahip bir hesaba oturum açmış olmalısınız. + Bir bölümü/aygıtı şifrelemek/Şifre Çözmek/biçimlendirmek için yönetici haklarına sahip bir hesaba oturum açmanız gerektiğine lütfen dikkat edin.\n\nBu koşul dosyada barındırılan birimler için geçerli değildir. + Gizli bir birim oluşturmak için yönetici haklarına sahip bir hesaba oturum açmanız gereklidir.\n\nDevam edilsin mi? + Birimi NTFS olarak biçimlendirebilmek için yönetim haklarına sahip bir hesaba oturum açmanız gerektiğine dikkat edin.\n\nBirimi yönetim hakları olmadan FAT olarak biçimlendirebilirsiniz. + FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. + Bölüm zaten bağlanmış. + DİKKAT: En az bir şifreleme veya karma algoritması otomatik yerleşik sınamayı geçemedi!\n\nVeraCrypt yüklemesi bozulmuş olabilir. + DİKKAT: Rasgele Sayı Oluşturucu havuzunda istenen miktarda rasgele veriyi sunacak yeterli veri yok.\n\nBuradan sonra devam etmemelisiniz. Lütfen Yardım menüsünden 'Hata Rapor Et' seçeneğini seçin ve bu hatayı bildirin. + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Geçersiz sürücü harfi. + Invalid path. + İptal + Aygıta erişilemiyor. Seçili aygıtın var olduğundan ve sistem tarafından kullanılmadığından emin olun. + Uyarı: Caps Lock açık. Bu parolanızı yanlış girmenize neden olabilir. + Volume Type + It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. + Select this option if you want to create a normal VeraCrypt volume. + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + Dış Birim Şifreleme Seçenekleri + Gizli Birim Şifreleme Özellikleri + Şifreleme Özellikleri + UYARI: Son seçilen birim/anahtar dosyasının konumunu temizleme başarısız (dosya seçicisi tarafından hatırlanan konum)! + Hata: Konteyner, dosya sistemi seviyesinde sıkıştırılmış. VeraCrypt sıkıştırılmış konteynerleri desteklemez (şifrelenmiş veriyi sıkıştırmanın etkisiz ve gereksiz olduğuna dikkat edin).\n\nLütfen bu adımları takip ederek konteyner için sıkıştırmayı kapatın: 1) Windows Gezgininde konteynere sağ tıklayın (VeraCrypt'te değil). 2) 'Özellikler'i seçin. 3) 'Özellikler' iletişim kutusunda 'Gelişmiş'e tıklayın. 4) 'Gelişmiş öznitelikler' iletişim kutusunda 'Disk alanını korumak için içeriği sıkıştır' seçeneğini devre dışı bırakın ve 'Tamam'a tıklayın. 5) 'Özellikler' iletişim kutusunda 'Tamam'a tıklayın. + Birim oluşturulamadı %s + %s bölümünde %.2f bayt boş yer var + %s bölümünde %.2f KB boş yer var + %s bölümünde %.2f MB boş yer var + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + UYARI: Aygıt/bölüm işletim sistemi veya uygulamalar tarafından kullanımda. Bu aygıtı/bölümü biçimlendirmek veri bozukluğuna ve sistemin kararsız hale gelmesine neden olabilir.\n\nDevam etmek istiyor musunuz? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + Hata: aygıt/bölüm bağlantısı kesilemeyen bir dosya sistemi içeriyor. Bu dosya sistemi işletim sistemi tarafından kullanımda olabilir. Aygıtı/bölümü biçimlendirmek büyük ihtimalle veri bozulmasına ve sistemin kararsız haline gelmesine neden olacaktır.\n\nBu sorunu gidermek için, önce bölümü silmenizi ve biçimlendirmeden yeniden oluşturmanızı tavsiye ediyoruz. Bunu yapmak için şu adımları takip edin: 1) 'Başlat Menüsü'ndeki 'Bilgisayar' (veya 'Bilgisayarım') simgesine sağ tıklayın ve 'Yönet'i seçin. 'Bilgisayar Yönetimi' penceresi ekrana gelecektir. 2) 'Bilgisayar Yönetimi' penceresinde, 'Depolama' > 'Disk Yönetimi'ni seçin. 3) Şifrelemek istediğiniz bölüme sağ tıklayın ve bunlardan birini seçin: 'Bölümü Sil' veya 'Birimi Sil' veya 'Mantıksal Sürücüyü Sil'. 4) 'Evet'e tıklayın. Windows sizden bilgisayarı yeniden başlatmanızı isterse bunu yapın. Bundan sonra 1. ve 2. adımları tekrarlayıp 5. adımdan devam edin. 5) Ayrılmamış/boş alana sağ tıklayın ve bunlardan birini seçin: 'Yeni Bölüm' veya 'Yeni Basit Birim' veya 'Yeni Mantıksal Sürücü'. 6) 'Yeni Bölüm Sihirbazı' veya 'Yeni Basit Birim Sihirbazı' penceresi belirecektir, bu sihirbazın yönergelerini takip edin. 'Bölümü Biçimlendir' başlıklı sihirbaz sayfasında 'Bu bölümü biçimlendirme' veya 'Bu birimi biçimlendirme' seçeneklerinden birini seçin. Aynı sihirbazda 'İleri' düğmesine basın ve 'Son' düğmesine basın. 7) VeraCrypt'te seçtiğiniz aygıt yolunun şimdi hatalı olabileceğine dikkat edin. Bu nedenle VeraCrypt Birim Oluşturma Sihirbazı'ndan çıkın (halen çalışıyorsa) ve bunu tekrar başlatın. 8) Aygıtı/bölümü şifrelemeyi tekrar deneyin.\n\nEğer VeraCrypt aygıtı/bölümü şifrelemekte tekrar tekrar başarısız oluyorsa, bunun yerine dosya konteyneri oluşturmayı düşünebilirsiniz. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + UYARI: Bağlı aygıtlardan/bölümlerden bazıları şu an kullanımda!\n\nBunu yok saymak sistem kararsızlığı dahil olmak üzere istenmeyen sonuçlar doğurabilir.\n\nBu aygıtları/bölümleri kullanabilecek uygulamaları kapamanızı şiddetle öneriririz. + Seçili aygıt bölümler içeriyor.\n\nAygıtı biçimlendirmek sistemin kararsız haline gelmesine ve/veya veri bozukluğuna yol açabilir. Lütfen aygıt üzeride bir bölüm seçin veya VeraCrypt'in bu aygıtı güvenli bir şekilde biçimlendirebilmesi için üzerindeki tüm bölümleri kaldırın. + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + %s bölümünde %.2f bayt boş yer var. + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + Uygun sürücü harfleri alınamadı. + Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Hata: Şifreleyici başlatma başarısız. + Hata: Zayıf veya potansiyel olarak zayıf bir anahtar algılandı. Anahtar atılacak. Lütfen tekrar deneyin. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt Kritik Hata + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Encrypt + &Decrypt + &Permanently Decrypt + Çıkış + Dosyada barındırılan birimler oluşturabilir veya sabit disk bölümlerini tamamen şifreleyebir, disketleri, USB bellek çubuklarını ve diğer depolama aygıtlarını şifreleyebilirsiniz. Yeni birimin barındırlacağı dosya adını ve yolunu belirtmek için 'Dosya Seç...'e tıklayın veya şifrelenecek bir bölüm veya aygıt seçmek için 'Aygıt Seç...'e tıklayın.\n\nUyarı: Bir bölümü veya aygıtı şifrelerseniz, şu an bölüm veya aygıt üzerinde bulunan tüm veriler silinecektir. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + İçerisinde gizli bir birim oluşturmak istediğiniz VeraCrypt biriminin konumunu seçin. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + Hata: Birim bağlanamıyor. Sunucu dosya/aygıt şu an kullanımda. Özel erişim olmadan bağlama girişimi de başarısız. + Dosya açılamadı. + Birim Konumu + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Note: + &Resume + &Defer + &Start + &Continue + &Biçimlendir + &Wipe + Biçimlendirme iptal edilsin mi? + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + The system partition/drive has been successfully decrypted. + \n\nVeraCrypt birimi oluşturuldu ve birim şu an kullanıma hazır. Başka bir VeraCrypt birimi oluşturmak istiyorsanız Sonraki'ye tıklayın. Aksi halde Çıkış'a tıklayın. + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCrypt birimi başarıyla oluşturuldu. + Birim Oluşturuldu + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. + Click Format to create the outer volume. For more information, please refer to the documentation. + Dış Birim Biçimi + Gizli Birim Biçimi + Birim Biçimi + VeraCrypt Kullanıcı Kılavuzu'nu görüntüleyebilmek veya yazdırabilmek için Adobe Reader (veya uyumlu bir araç) gereklidir. Adobe Reader (ücretsiz) buradan indirilebilir: www.adobe.com\n\nBunun yerine çevrimiçi dökümantasyonu görüntülemek ister misiniz? + If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. + If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. + Volume Creation Mode + Gizli Birim Oluşturuldu + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + Dış birim başarıyla oluşturuldu ve %hc: sürücüsü olarak bağlandı. Bu birime şimdi bazı önemli görünen fakat gerçekten saklamak İSTEMEDİĞİNİZ dosyalar kopyalamalısınız. Dosyalar, parolanızı söylemeye zorlandığınızda burada olacaktır. Gizli olan birimin parolasını değil, sadece bu dış birime ait parolayı açığa çıkaraksınız. Gerçekten önem verdiğiniz dosyalar, sonradan oluşturulacak olan gizli birim içerisinde depolanacak. Kopyalamayı bitirdiğinizde Sonraki'ye basın. Birimin bağlantısını kesmeyin.\n\nUyarı: Sonraki'ye bastıktan sonra, sonu birimin sonu ile aynı hizada bulunan boş alanın kesintiye uğramamış alanının boyutunu belirlemek için dış birimin küme bit-eşlemi tarancaktır. Küme bit eşlemi taraması gizli birim tarafından dış birimde bulunan verinin üzerine yazılmamasını garantiler. + Dış Birim İçeriği + \n\nSonraki adımlarda dış birim için seçenekleri ayarlayacaksınız (sonradan içinde gizli birimin oluşturulacağı birim). + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + Dış Birim + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nBirim küme bit eşlemi tarandı ve oluşturulabilecek en büyük gizli birim boyutu belirlendi. Sonraki adımlarda gizli birim için seçenekleri, boyutu ve parolayı ayarlayacaksınız. + Gizli Bölüm + The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + Your computer must be restarted.\n\nDo you want to restart it now? + An error occurred when obtaining the system encryption status. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Cannot initialize application components for system encryption. + Rasgele sayı oluşturucusunu başlatma başarısız! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Uygulamayı başlatma başarısız. Dialog sınıfını kayıt etme başarısız. + Error: Failed to load the Rich Edit system library. + VeraCrypt Birim Oluşturma Sihirbazı + Bu birim için en fazla gizli birim boyutu %.2f bayt. + Bu birim için en fazla gizli birim boyutu %.2f KB. + Bu birim için en fazla gizli birim boyutu %.2f MB. + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + Birim bağlıyken birim parolaları/anahtar dosyaları değiştirilemez. Lütfen önce birimin bağlantısını kesin. + Üstbilgi anahtarı türetme algoritması birim bağlıyken değiştirilemez. Lütfen önce birimin bağlantısını kesin. + Bağ&la + Bu birimi bağlamak için VeraCrypt'in daha yeni bir sürümü gerekiyor. + Hata: Birim Oluşturma Sihirbazı bulunamadı.\n\nLütfen 'VeraCrypt Format.exe' dosyasının 'VeraCrypt.exe' uygulamasının başlatıldığı konumda olduğundan emin olun. Eğer burada yoksa, lütfen VeraCrypt'i yeniden yükleyin veya diskiniz üzerinde 'VeraCrypt Format.exe' dosyasını bulun ve çalıştırın. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + S&onraki > + &Bitir + &Install + E&xtract + Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. + Yazı tiplerini yüklerken/hazırlarken hata oluştu. + The drive letter was not found or no drive letter was specified. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Sürücü harfi kullanılabilir değil. + Dosya seçilmedi! + Hiçbir sürücü harfi mevcut değil. + Dış birim için hiçbir boş sürücü harfi yok! Birim oluşturma devam edemiyor. + İşletim sisteminizin sürümü belirlenemiyor veya desteklenmeyen bir işletim sistemi kullanıyorsunuz. + Yol seçilmedi! + Gizli birim için boş alan bulunmuyor! Birim oluşturma devam edemiyor. + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + Sürücü, birimin bağlantısını kesemedi. Birim üzerindeki bazı dosyalar muhtemelen açık. + Birim kilitlenemedi. Birim üzerinde hala açık olan dosyalar var. Bu nedenle birimin bağlantısı kesilemiyor. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + Bir VeraCrypt Birimi Seçin + Yol ve Dosya Adını Belirtin + Select PKCS #11 Library + Yetersiz Bellek + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? + CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + Parola + PIM + Üstbilgi Anahtarı Türetme Algoritmasını Ayarla + Birime/Birimden Anahtar Dosyası Ekle/Kaldır + Birimden Tüm Anahtar Dosyalarını Kaldır + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Anahtar dosyaları başarıyla eklendi/kaldırıldı. + Keyfile exported. + Üstbilgi anahtarı türetme algoritması başarıyla ayarlandı. + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. + Lütfen gizli birim için bir parola seçin. + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + Lütfen içinde gizli bir birim oluşturmak istediğiniz birim için parolayı girin.\n\nSonraki düğmesine tıkladıktan sonra VeraCrypt birimi bağlamayı deneyecektir. Birim bağlandığı anda birimin küme bit eşlemi, birimin sonuyla hizalı kesintiye uğramamış boş alanın (eğer varsa) boyutunu belirlemek için taranacaktır. Bu alan gizli birimi barındıracak, dolayısıyla birimin olası en büyük alanını sınırlandıracaktır. Küme eşlem taraması, gizli birim tarafından dış birimdeki üzerine hiçbir veri yazılmamasından emin olmak için gereklidir. + \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + Dış Birim Parolası + Gizli Birim Parolası + Password for Hidden Operating System + UYARI: Kısa parolalar, brute force (işlemci gücüne dayanan bir teknik) teknikleriyle kolayca kırılabilir!\n\n20 karakterden daha uzun bir parola seçmenizi öneriyoruz. Kısa bir parola kullanmak istediğinizden emin misiniz? + Birim Parolası + Parola yanlış ya da bu bir VeraCrypt bölümü değil. + Yanlış anahtar dosyaları ve/veya yanlış parola veya bu bir VeraCrypt birimi değil. + Wrong mount mode, incorrect password, or not a VeraCrypt volume. + Wrong mount mode, incorrect keyfile(s) and/or password, or not a VeraCrypt volume. + Yanlış parola veya hiçbir VeraCrypt birimi bulunamadı. + Yanlış anahtar dosyaları/parola veya hiçbir VeraCrypt birimi bulunamadı. + \n\nUyarı: Caps Lock açık. Bu, parolanızı hatalı girmenize neden olabilir. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Back + Sisteminizde yüklü ham sürücüler listelenemiyor! + Birim '%s' bulunuyor ve salt okunur. Değiştirmek istediğinizden emin misiniz? + Hedef dizini seçin + Anahtar Dosyayı Seçin + Anahtar dosyası arama konumunu seçin. UYARI: Sadece konum hatırlanacaktır, dosya adları hatırlanmayacaktır! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Dış Birimin Boyutu + Gizli Birimin Boyutu + Please verify that the size of the selected device/partition shown above is correct and click Next. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Birim Boyutu + Dinamik + DİKKAT: KENDİ KENDİNİ SINAMA BAŞARISIZ! + Tüm algoritmalar kendini sınamayı geçti + The data unit number that you supplied is too long or short. + The secondary key that you supplied is too long or short. + Verdiğiniz sınama ciphertext'i çok uzun veya kısa. + Verdiğiniz sınama anahtarı çok uzun veya kısa. + Verdiğiniz sınama plaintext'i çok uzun veya kısa. + Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt Traveler Disk + Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. + %s hakkında daha fazla bilgi + Bilinmeyen + An unspecified or unknown error occurred (%d). + Bazı birimler, uygulamalar veya sistem tarafından kullanımda olan dosyalar veya klasörler içeriyor.\n\nBağlantı kesilmeye zorlansın mı? + Bağlant&ıyı Kes + Bağlantıyı kesme başarısız! + Birim, uygulamalar veya sistem tarafından kullanımda olan dosyalar veya klasörler içeriyor.\n\nBağlantı kesilmeye zorlansın mı? + No volume is mounted to the specified drive letter. + Bağlamaya çalıştığınız birim zaten bağlı. + Birimi bağlamaya çalışırken hata oluştu. + Birim içinde konum arama hatası. + Hata: Birim boyutu yanlış. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt yabancı bir birim için parolayı değiştiremiyor. + Lütfen listeden bir boş sürücü harfi seçin. + Lütfen sürücü harfi listesinden bir bağlı birim seçin. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Hata: autorun.inf oluşturulamıyor. + Anahtar dosyayı işlerken hata oluştu! + Anahtar dosya konumunu işlerken hata oluştu! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt bu işletim sistemini desteklememektedir. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Hata: Bellek ayrılamıyor. + Hata: Performans sayacının değeri alınamıyor. + Error: Bad volume format. + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - Legal Notices + Tüm Dosyalar + VeraCrypt Bölümleri + Library Modules + NTFS biçimlendirme devam edemiyor. + Birim bağlanamadı. + Birim bağlantısı kesilemiyor. + Windows, birimi NTFS olarak biçimlendiremedi.\n\nLütfen farklı bir dosya sistemi seçin (mümkünse) ve tekrar deneyin. Alternatif olarak, birimi biçimlendirilmemiş halde bırakabilir (dosya sistemi olarak 'Yok'u seçin), bu sihirbazdan çıkabilir, birimi bağlayabilir ve bağlı birimi biçimlendirmek için sistemi veya üçüncü taraf bir aracı kullanabilirsiniz (birim şifreli kalacaktır). + Windows failed to format the volume as NTFS.\n\nDo you want to format the volume as FAT instead? + Varsayılan + partition + BÖLÜM + Aygıt + device + AYGIT + Birim + volume + VOLUME + Label + Seçili küme boyutu bu birim boyutu için çok küçük. Daha büyük bir küme boyutu kullanılacak. + Hata: Birim boyutu alınamıyor!\n\nSeçili birimin sistem veya bir uygulama tarafından kullanılmadığından emin olun. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT or NTFS volume. + Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. + Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). + Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Hata: Birime erişilemiyor!\n\nSeçili birimin var olduğundan, bağlı olmadığından veya sistem veya bir uygulama tarafından kullanımda olmadığından, birim için okuma/yazma izinlerine sahip olduğunuzdan ve bunun yazma korumalı olmadığından emin olun. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Hata: Dış birimin bağlantısı kesilemiyor!\n\nBirim bağlantısı, birim bir program veya sistem tarafından kullanılan dosya veya klasörler içerdiğinde kesilemez.\n\nLütfen birim üzerindeki dosyaları veya dizinleri kullanabilecek tüm programları kapatın ve Yeniden Dene'ye tıklayın. + Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. + Hata: Dış birime erişilemiyor! Birim oluşturma devam edemiyor. + Hata: Dış birim bağlanamıyor! Birim oluşturma devam edemiyor. + Hata: Küme bit eşlemi alınamıyor! Birim oluşturma devam edemiyor. + Alfabetik/Sınıflandırılmış + Ortalama Hız (Azalan) + Algoritma + Şifreleme + Şifre Çözme + Ortalama + Sürücü + Boyut + Şifreleme Algoritması + Şifreleme algoritması + Tür + Değer + Özellik + Konum + bayt + Gizli + Dış + Normal + System + Hidden (system) + Salt Okunur + System drive + System drive (encrypting - %.2f%% done) + System drive (decrypting - %.2f%% done) + System drive (%.2f%% encrypted) + System partition + Hidden system partition + System partition (encrypting - %.2f%% done) + System partition (decrypting - %.2f%% done) + System partition (%.2f%% encrypted) + Evet (hasar engellendi!) + Yok + Primary Key Size + Secondary Key Size (XTS Mode) + Tweak Key Size (LRW Mode) + bit + Blok Boyutu + PKCS-5 PRF + PKCS-5 Öğe Sayısı + Birim Oluşturulma + Üstbilgi Son Değiştirilme + (%I64d gün önce) + Volume Format Version + Embedded Backup Header + VeraCrypt Boot Loader Version + İlk kullanılabilir + Removable Disk + Sabit disk + Değişiklik yok + Autodetection + Wizard Mode + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Setup Options + Here you can set various options to control the installation process. + Installing + Please wait while VeraCrypt is being installed. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Extraction Options + Here you can set various options to control the extraction process. + Please wait while files are being extracted. + Files successfully extracted + All files have been successfully extracted to the destination location. + If the specified folder does not exist, it will be automatically created. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + VeraCrypt'in şu anki (son kararlı) sürümünün sürüm notlarını görüntülemek istiyor musunuz? + VeraCrypt'i daha önce hiç kullanmadıysanız, VeraCrypt Kullanıcı Kılavuzundaki Beginner's Tutorial (Yeni Başlayanlar İçin Eğitim) bölümünü okumanızı tavsiye ediyoruz. Eğitimi görüntülemek istiyor musunuz? + Please select an action to perform from the following: + Repair/Reinstall + Upgrade + Uninstall + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + Installation failed. + Uninstallation failed. + This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). + Cannot write file %s + Extracting + Cannot read data from the package. + Cannot verify the integrity of this distribution package. + Extraction failed. + Yükleme geri alındı. + VeraCrypt başarıyla yüklendi. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt başarıyla kaldırıldı.\n\nVeraCrypt yükleyicisini ve %s klasörünü silmek için 'Bitir'e tıklayın. Buna dikkat edin: Klasör, VeraCrypt yükleyicisi tarafından yüklenmeyen veya VeraCrypt tarafından oluşturulan dosyalar içeriyorsa silinmeyecektir. + VeraCrypt kayıt defteri girdileri kaldırılıyor + Kayıt defteri girişi ekleniyor + Uygulamaya özel veri kaldırılıyor + Yükleniyor + Durduruluyor + Kaldırılıyor + Simge eklendi + Sistem Geri Yükleme noktası oluşturuluyor + Sistem Geri Yükleme noktası oluşturma başarısız! + Updating boot loader + Failed to install '%s'. %s\nDo you want to continue installing? + Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? + Yükleme tamamlandı. + Klasör '%s' oluşturulamadı + VeraCrypt aygıt sürücüsü bellekten kaldırılamadı.\n\nLütfen önce açık tüm VeraCrypt pencerelerini kapatın. Bu işe yaramazsa lütfen Windows'u yeniden başlatın ve tekrar deneyin. + VeraCrypt'i yüklemeden veya kaldırmadan önce tüm VeraCrypt birimlerinin bağlantısı kesilmelidir. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + Kayıt defteri girdilerinin yüklenmesi başarısız + Aygıt sürücüsünün yüklenmesi başarısız. Lütfen Windows'u yeniden başlatın ve VeraCrypt'i yüklemeyi tekrar deneyin. + VeraCrypt aygıt sürücüsü başlatılıyor + Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). + VeraCrypt aygıt sürücüsü yükleniyor + VeraCrypt aygıt sürücüsü durduruluyor + VeraCrypt aygıt sürücüsü kaldırılıyor + Kullanıcı Hesabı Kontrolü desteği kitaplığı kaydı başarısız. + Kullanıcı Hesabı Kontrolü desteği kitaplığı kaydının kaldırılması başarısız. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + Error: Cannot display license. + Dış(!) + gün + saat + dakika + s + + Bağantıyı Kes + VeraCrypt'i Göster + VeraCrypt'i Gizle + Bağlandığından itibaren okunan Veri + Bağlandığından itibaren yazılan Veri + Encrypted Portion + 100% (fully encrypted) + 0% (not encrypted) + %.3f%% + 100% + Waiting + Preparing + Resizing + Encrypting + Decrypting + Finalizing + Paused + Finished + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + %s için parolayı girin + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + Anahtar dosyası başarıyla oluşturuldu. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + Birim üstbilgi yedeği başarıyla oluşturuldu.\n\nÖNEMLİ: Bu yedeği kullanarak birim üstbilgisini geri yüklemek, şu anki birim parolasını da geri yükleyecektir. Ayrıca, birimi bağlamak için anahtar dosya(lar) gerekli ise, birim üstbilgisi geri yüklendiğinde aynı anahtar dosyalar gerekli olacaktır.\n\nUYARI: Bu birim üstbilgi yedeği, sadece bu birime özgüdür ve SADECE bu birimin üstbilgisini geri yüklemek için kullanılabilir. Bu üstbilgi yedeğini farklı bir birimin üstbilgisini geri yüklemek için kullanırsanız, birimi bağlayabilirsiniz fakat birimde depolanmış olan hiçbir verinin ŞİFRESİNİ ÇÖZEMEZSİNİZ (onun ana anahtarını değiştirdiğinizden). + Birim üstbilgisi başarıyla geri yüklendi.\n\nÖNEMLİ: Lütfen eski bir parolanın da geri yüklenmiş olabileceğine dikkat edin. Ayrıca, yedek oluşturulduğu zaman birimi bağlamak için anahtar dosyalara ihtiyaç duyulduysa, birimi bağlamak için aynı anahtar dosyaları gerekli olacaktır. + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + %s birimine ait birim üstbilgisini geri yüklemek istediğinizden emin misiniz?\n\nUYARI: Bir birim üstbilgisini geri yüklemek, yedek oluşturulduğunda geçerli olan birim parolasını da geri yükler. Ayrıca, yedek oluşturulduğunda anahtar dosyalar kullanımdaysa, birim üstbilgisi geri yüklendikten sonra birimi tekrar bağlamak için aynı anahtar dosyaları gerekli olacaktır.\n\nEvet'e tıkladıktan sonra, üstbilgi yedek dosyasını seçeceksiniz. + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. + The VeraCrypt Rescue Disk has been successfully verified. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Error creating VeraCrypt Rescue Disk. + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Lütfen devam etmeden önce birimin bağlantısını kesin. + Error: Cannot set timer. + Dosya Sistemini Kontrol Et + Dosya Sistemini Tamir Et + Add to Favorites... + Add to System Favorites... + P&roperties... + Gizli Birim Korumada + N/A + Evet + Hayır + Disabled + 1 + 2 or more + İşleme Modu + Label: + Size: + Path: + Drive Letter: + Hata: Parola sadece ASCII karakterleri içermelidir.\n\nParoladaki ASCII olmayan karakterler, sistem yapılandırması değiştiğinde birimin bağlanmasını imkansız hale getirebilir.\n\nAşağıdaki karakterlere izin verilmektedir:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Uyarı: Parola ASCII olmayan karakterler içeriyor. Bu, sistem yapılandırmanız değiştiğinde birimi bağlamayı imkansız hale getirebilir.\n\nParoladaki tüm ASCII olmayan karakterleri ASCII karakterlerle değiştirmelisiniz. Bunu yapmak için 'Birimler'e tıkayın -> 'Birim Parolasını Değiştir' düğmesine basın.\n\nBunlar ASCII karakterleridir:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Giriş Sayfası + UYARI: Windows yüklemenize hiçbir Hizmet Paketi (Service Pack) yüklememişsiniz. Hizmet Paketi 1 veya daha sonrasını uygulamadığınız bir Windows XP'de 128 GB'tan büyük IDE disklere yazmamalısınız! Yazarsanız, disk üzerindeki veri (VeraCrypt birimi olsun veya olmasın) bozulabilir. Bunun Windows'un bir kısıtlaması olduğuna ve VeraCrypt içindeki bir hata olmadığına dikkat edin. + UYARI: Windows yüklemenize Hizmet Paketi 3 (Service Pack 3) veya daha sonrasını uygulamamışsınız. Hizmet Paketi 3 veya daha sonrasını uygulamadığınız bir Windows 2000'de 128 GB'tan büyük IDE disklerine yazmamalısınız! Yazarsanız, disk üzerindeki veri (VeraCrypt birimi olsun veya olmasın) bozulabilir. Bunun Windows'un bir kısıtlaması olduğuna ve VeraCrypt içindeki bir hata olmadığına dikkat edin.\n\nUyarı: Kayıt defterinde 48-bit LBA desteğini etkinleştirmeniz de gerekebilir. Daha fazla bilgi için http://support.microsoft.com/kb/305098/EN-US adresine bakın. + UYARI: 48-bit LBA ATAPI desteği sisteminizde devre dışı. Bu nedenle 128 GB'tan daha büyük IDE disklere yazmamalısınız! Yazarsanız, disk üzerindeki veri (VeraCrypt birimi olsun veya olmasın) bozulabilir. Bunun Windows'un bir kısıtlaması olduğuna ve VeraCrypt içindeki bir hata olmadığına dikkat edin.\n\n48-bit LBA desteğini etkinleştirmek için, HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters kayıt defteri anahtarında 'EnableBigLba' kayıt defteri değerini ekleyin ve bunu 1 olarak ayarlayın.\n\nDaha fazla bilgi için, http://support.microsoft.com/kb/305098 adresine bakın. + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + UYARI: İleride dış birime daha fazla veri/dosya eklemenin mümkün olmasını istiyorsanız, gizli birim için daha küçük bir boyut seçmeyi düşünmelisiniz.\n\nBelirttiğiniz boyut ile devam etmek istediğinizden emin misiniz? + Hiçbir birim seçilmedi.\n\nBir VeraCrypt birimi seçmek için 'Aygıt Seç' veya 'Dosya Seç'e tıklayın. + No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. + WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? + Aygıtları Otomatik Bağla + Hepsinin Bağlantısını Kes + Önbelleği Temizle + Dismount All & Wipe Cache + Hepsinin Bağlantısını Kesmeye Zorla & Önbelleği Temizle + Hepsinin Bağlantısını Kesmeye Zorla, Önbelleği Temizle & Çık + Sık Kullanılan Birimleri Bağla + VeraCrypt Penceresini Göster/Gizle + (Buraya tıklayın ve bir tuşa basın) + Eylem + Kısayol + Hata: Bu kısayol ayrılmış. Lütfen farklı bir kısayol seçin. + Hata: Kısayol zaten kullanımda. + UYARI: Bir veya daha fazla VeraCrypt sistem çapında kısayol tuşu çalışmayacak!\n\nLütfen diğer uygulamaların ve işletim sisteminin VeraCrypt ile aynı kısayolları kullanmadığından emin olun. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + UYARI: Bu seçenek devre dışı ise, açık dosya/dizinler içeren birimlerin bağlantısı otomatik olarak kesilemez.\n\nBu seçeneği devre dışı bırakmak istediğinizden emin misiniz? + UYARI: açık dosyalar/dizinler içeren birimlerin bağlantısı otomatik olarak KESİLMEYECEKTİR.\n\nBunu engellemek için, bu pencerede belirtilen seçeneği etkinleştirin: 'Birim açık dosyalar veya dizinler içerse bile otomatik bağlantı kesmeye zorla' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Exit? + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. + Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. + Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. + Error: Failed to interrupt the process of wiping. + Error: Failed to resume the process of encryption/decryption of the system partition/drive. + Error: Failed to start the process of wiping. + Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + UYARI: VeraCrypt Arkaplan Görevi devre dışı. VeraCrypt'ten çıktıktan sonra, gizli birimin hasardan korunduğuna dair uyarılmayacaksınız.\n\nUyarı: Arkaplan Görevini istediğiniz zaman sistem uyarı alanındaki VeraCrypt simgesine sağ tıklayıp, 'Çıkış'ı seçerek kapatabilirsiniz.\n\nVeraCrypt Arkaplan Görevi etkinleştirilsin mi? + Dil paketi versiyonu: %s + %s olarak bağlanan VeraCrypt biriminin dosya sistemi kontrol ediliyor... + %s olarak bağlanan VeraCrypt biriminin dosya sistemi onarılmaya çalışılıyor... + Uyarı: Bu birim eski bir şifreleme algoritmasıyla şifrelenmiş.\n\nHiçbir 64-bit-blok şifreleme algoritması (örn. Blowfish, CAST-128, veya Triple DES) onaylanmamıştır. Bu birimi VeraCrypt'in ileriki sürümlerini kullanarak bağlamak mümkün olacaktır. Bununla birlikte, bu eski şifreleme algoritmalarının yürütülmesi için geliştirmeler olmayacaktır. 128-bit-blok şifreleme algoritmasıyla (örn. AES, Serpent, Twofish, vs.) şifreli yeni bir VeraCrypt birimi oluşturmanızı ve bu birimdeki tüm dosyaları yeni birime taşımanızı tavsiye ediyoruz. + Sisteminiz yeni birimleri otomatik olarak bağlamak üzere yapılandırılmamış. Aygıt sunumlu VeraCrypt birimlerini bağlamak imkansız olabilir. Otomatik bağlama, aşağıdaki komutu çalıştırıp sistemi yeniden başlatarak etkinleştirilebilir.n\n\nmountvol.exe /E + Lütfen devam etmeden önce bölüme/aygıta bir sürücü harfi atayın ('Denetim Masası' > 'Sistem ve Bakım' > 'Yönetimsel Araçlar' - 'Sabit disk bölümleri oluştur ve biçimlendir').\n\nBunun işletim sisteminin bir gereksinimi olduğuna dikkat edin. + VeraCrypt birimi bağla + Tüm VeraCrypt birimlerininin bağlantısını kes + VeraCrypt Yönetici haklarını alamadı. + Erişim işletim sistemi tarafından engellendi.\n\nMuhtemel neden: İşletim sistemi, bazı klasörler, dosyalar ve aygıtlardan/aygıtlara veri okuyup/yazmanıza izin vermek için okuma/yazma izniniz (veya yönetici hakları) olmasını gerektirir. Normalde, yönetici haklarına sahip olmayan bir kullanıcı, kendi Belgelerim klasörü içinde dosyalar oluşturabilir, okuyabilir, değiştirebilir. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. + The feature is not supported on the version of the operating system you are currently using. + VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. + CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). + Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + Your system partition/drive appears to be fully encrypted. + VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). + As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + This algorithm is currently not supported for system encryption. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. + Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. + As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. + VeraCrypt prevented change of keyboard layout. + Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + Error: Cannot save system encryption settings. + Cannot initiate the system encryption pretest. + Cannot initiate the process of creation of the hidden operating system. + Wipe Mode + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + None (fastest) + 1-pass (random data) + 3-pass (US DoD 5220.22-M) + 7-pass (US DoD 5220.22-M) + 35-pass ("Gutmann") + 256-pass + Number of Operating Systems + WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Boot Drive + Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. + VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. + Number of System Drives + How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. + VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. + Multiple Systems on Single Drive + Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. + Non-Windows Boot Loader + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + Multi-Boot + VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + Detecting Hidden Sectors + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + Area to Encrypt + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Collecting Random Data + Keys Generated + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Rescue Disk Recording + Rescue Disk Created + System Encryption Pretest + Rescue Disk Verified + \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? + Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Pretest Completed + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + Do you want to cancel the system encryption pretest? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + The system partition/drive does not appear to be encrypted (neither partially nor fully). + Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. + An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. + Error: The process of encryption of the partition/drive has not been completed. It must be completed first. + Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + Error: Incorrect/invalid parameter. + You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? + Do you want to create a VeraCrypt file container instead? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Are you sure you want to permanently decrypt the system partition/drive? + CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Failed to upgrade the VeraCrypt Boot Loader. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. + Skip detection of hidden sectors (use the size reported by the operating system) + Try to detect hidden sectors again + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Rescue Disk + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Test + Anahtar Dosya + Geri Al Tuşu + Tab + Sil + Enter + Pause + Caps Lock + Spacebar + Page Up + Page Down + End + Home + Sol + Yukarı + Sağ + Aşağı + Select Tuşu + Print Tuşu + Execute Tuşu + Print Screen + Insert + Delete + Applications Tuşu + Sleep + Num Lock + Scroll Lock + Tarayıcı Geri + Tarayıcı İleri + Tarayıcı Yenile + Tarayıcı Dur + Tarayıcı Ara + Tarayıcı Sık Kullanılanlar + Tarayıcı Giriş Sayfası + Sessiz + Sesi Kıs + Sesi Aç + Sonraki Parça + Önceki Parça + Ortamı Durdur + Ortamı Yürüt/Duraklat + Postayı Başlat Tuşu + Ortamı Seç Tuşu + Uygulama 1 + Uygulama 2 + Attn + CrSel + ExSel + Yürüt + Yakınlaş + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.uk.xml b/Translations/Language.uk.xml index fe353885..7510db51 100644 --- a/Translations/Language.uk.xml +++ b/Translations/Language.uk.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Скасувати - Встановити для &всіх користувачів - О&гляд... - &Значок VeraCrypt на Рабочому столі - допомога проекту... - Ассоціювати роз&ширення '.hc' с VeraCrypt - По закінченні відкр&ити місце призначення - &Додати VeraCrypt в меню 'Пуск' - Створити то&чку воідновлення системи - Вида&лення - &Витягнути - &Встановити - Майстер встановлення VeraCrypt - Видалення VeraCrypt - &Довідка - Вкажіть місце призначення для витягнених файлів: - Виберіть місце, куда ви хочете встановити програмні файли VeraCrypt.\nЯкщо вказаної теки не існує, вона буде створена автоматично. - Щолкніть 'Видалення', щоб видалити VeraCrypt з цієї системи. - Стоп - &Випробувати - &Тест - Створити зашифрований том і відформатувати його - Зашифрувати розділ на йго місці - Показ створених ключів (їх частин) - Показувати пул - Завантажити ПЗ для запису CD/DVD - Створити зашифрований файловий контейнер - &Гб - &ТБ - Детальніше - &Прихований том VeraCrypt - Що таке 'прихований том'? - Прямий режим - Звичайний режим - &Кб - Кл&юч. файли - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - Клю&ч. файли... - Свідчення про хеш-алгоритмах - Детальніше - Information on PIM - &Мб - Детальніше - Детальніше про шифрування системи - Детальніше - Мультизагрузка - Зашифрувати несистемний розділ/диск - &Не зберігати історію - Відкрити зовнішній том - &Павза - Use P&IM - Use PIM - Швидке форматування. - &Показ пароля - &Показ пароля - &Display PIM - Одиночна загрузка - Звичайний том VeraCrypt - Пр&ихований - Звичайний - Зашифрувати розділ або весь диск з системою - Зашифрувати системний розділ Windows - Зашифрувати весь диск - Майстер створення томів VeraCrypt - Кластер - ВАЖНО: Хаотично переміщуйте миш всередині цього вікна. Чим довше тим ліпше. Це значно збільшить криптостійкість ключів шифрування. Потім натисніть 'Далі' для продовження. - &Підтвердіть: - Готово - Drive letter: - Алгоритм шифрування - Файл.сист. - Створити віртуальний зашифрованний диск всередині файла. Рекомендується недосвідченим користувачам. - Опції - Хеш-алгоритм - Ключ заг-ка: - Ще - Майстер-ключ: - Виберіть цю опцію, якщо в ПК встановлено дві чи більше ОС.\n\nНапример:\n- Windows XP і Windows XP\n- Windows XP і Windows Vista\n- Windows і Mac OS X\n- Windows і Linux\n- Windows, Linux і Mac OS X - Шифрує несистемний розділ на диск (наприклад, флеш-диск). За бажанням, створює прихований вміст. - Поточний вміст пула (часть) - Пароль - Пароль: - Volume PIM: - Volume PIM: - Хід операції: - Випадково: - Выберіть цю опцію, якщо в ПК встановлена тілько одна ОС (навіть якщо вона з кількома користувачами). - Швидкість - Статус - Ключі, 'соль' і інші дані успішно згенеровані. Якщо ви хчете згенерувати новіе ключі, натисніть 'Назад', а потім 'Далі'. Якщо ж ні, то натисніть 'Далі' для продовження. - Зашифрувати розділ/диск, де встановлена Windows. Перед кожним завантаженням Windows потрібно буде вводити пароль для доступа до ОС, зчтитування і записи файлів і т.д. Додатково - створення прихоапної ОС. - Виберіть цю опцію, щоб зашифрувати розділ, де встановлена Windows і з якого вона завантажується. - Volume Label in Windows: - Режим очищення: - Закрити - Доз&волити відміну предзагрузочної аутентифікації по Esc (включити диспетчер завантаженння) - Немає дій - &Автомонтування тома VeraCrypt (вказанного) - &Запуск VeraCrypt - Автовизначення &бібліотеки - К&ешувати пароль предзагрузочної аутентифікації в памяті драйвера (для монтування несистемных томів) - Огляд... - Огляд... - К&ешувати паролі і ключеві файли - Вхід, якщо нема змонтованих томів - Закр&ити токен-сесію (вийти) після успішного монтування тома - Include VeraCrypt Volume Expander - З майстром створення томів VeraCrypt - Створити - &Створити том - Не відображати текст на &екрані футентифікації (за винятком нижче вказаного тексту) - Disable "Evil Maid" attack detection - Пришвидшення AES шифрування/дешифрування з використанням AES інструкцій процесора (якщо є) - Використовувати файл-ключі - Використовувати файл-ключі - В&ихід - Про обрані томи - Не монтувати вибраний розділ якщо натиснута клавіша 'Монтування обраних розділів' - Монт&увати обраний том при підключенні пристрою, на якому він знаходиться - Монтувати обраний том при вході до систем&и - Монтувати обраний том лиш для читан&ня - Монтувати обраний том як змінний нос&ій - Вни&з - Вгор&у - Відкрити том у &вікні Провідника яшо змонтовано - &Вилучити - Use favorite label as Explorer drive label - Глобальні налаштування - Повідомири після розмонтування за допомогою гарячої клавіші - Звуковий сигнал після розмонтування за допомогою гарячої клавіші - Alt - Control - Shift - Win - Призначити - Забрати - Ключ.файли... - Не використовувати вказане число процесорів для шифрування/дешифрування: - Докладна інформація - Докладна інформація - Більше налаштувань... - &Автомонтування - Параметр&и... - Монтувати том тільки для &читання - Ключ.файли... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Включено - Кешувати пароль в памяті - Автоматично розмонтувати томи при неактивності протягом - завершення сеансів - User session locked - вхід в енергозбереження - запуску екранної заставки - Автоматично розмонтувати томи навіть при відкритих файлах/теках - Монтувати всі тома на пристроях - Запуск VeraCrypt в фоні - Монтувати як том тільки для читання - Монтувати як змінні носії - Відкривати вікно Провідника для успішно змонтованного тома - Temporary Cache password during "Mount Favorite Volumes" operations - Використовувати інший значок панелі завдань, коли є підключені томи - Очищати кеш паролів при авторозмонтуванні - Очищати кеш паролів при виході - Зберігати дату у файл-контейнерів - Скинути - Пристр&ій... - &Файл... - &Бібліотека... - Показати пароль - Показати пароль - &Відкрити змонтований том в вікні Провідника - &Кешувати пароль в памяті драйвера - TrueCrypt Mode - &Розмонтувати всі - Власт&ивості тома... - О&перації... - О&чистити кеш - VeraCrypt - Mount Parameters - VeraCrypt - Обрані томи - VeraCrypt - Загальноистемні гарячі клавіші - VeraCrypt - Зміна пароля або ключевих файлів - Введіть пароль тома VeraCrypt - VeraCrypt - Параметри швидкодії - VeraCrypt - Налаштування - VeraCrypt - Налаштування шифрування системи - VeraCrypt - Налаштування токена безпеки - Налаштування переносного диска VeraCrypt - Властивості тома VeraCrypt - Про програму... - Додати/видалити ключові файли в/із том(а)... - Долучити змонтований том до Обраних... - Додати змонтований тому до системних обраних томів... - Аналіз збою системи... - Зробити резервну копію заголовку тому... - Тест швидкості... - Встановити алгоритм деривації ключа заголовка... - Змінити пароль тома... - Встановити алгоритм деривації ключа заголовка... - Змінити пароль... - Очистити історію томів - Закрити всі токен-сессії - Звязок з авторами... - Створити приховану ОС... - Створити диск відновлення... - Створити новий том... - Permanently Decrypt... - Типові ключові файли... - Default Mount Parameters... - допомога проекту... - Зашифрувати системний розділ/диск... - Часто задавані питання - Посібник користувача - &Домашня сторінка - Гарячі клавіші... - Генератор ключових файлів - Мова (language)... - Юридична інформація - Ключовіе файли токена безпеки... - Автомонтування всіх томів на основі пристрою - Монтувати обрані томи - Монтувати &без предзагрузочної аутентифікаії... - Монтувати том - Монтувати том з параметрами - Новини - Довідка в Інтернеті - Помічник для початківців - Організувати обрані томи... - Організувати Системні Обрані Томи... - Продуктивність... - Перманентно розшифровувати системний розділ/пристрій - Налаштування... - Оновити літери дисків - Видалити із тома всі ключові файли... - Відновити заголовок тома... - Продвжити прерваний процес - Вибрати пристрій... - Обрати файл... - Продовжити припинений процес - Шифрування системи... - Властивості... - Налаштування... - Системні обрані томи... - Завантаження ПЗ - Тест алгоритмів генерування векторів... - Токени безпеки... - Налаштування переносного диска... - Розмонтувати всі змонтовані томи - Розмонтувати том - Провірити диск відновленння - Verify Rescue Disk ISO Image - Історія версії - Volume Expander - Властивості тома - Майстер створення томів - Сайт VeraCrypt - Очистити кеш паролів - Гаразд - Апаратне Прискорення - Клавіша швидкого виклику - Конфігурація автозапуску (файл autorun.inf) - Автоматичне розмонтування - Розмонтувати всі томи при: - Параметри екрана завантажувача - Підтвердіть: - Поточний - Показувати цей текст на екрані предзавантажувальної аутентифікації (не більше 24 символів): - Опції типове монтування томів - Додаткові параметри - Driver Configuration - Enable extended disk control codes support - Мітка обраного тому: - Файлові параметри - Клавіша: - Процесор (CPU) в цьому комп'ютер підтримує апаратне прискорення AES: - Дії при вході у Windows - хв - Буква диска: - Параметри монтування тома VeraCrypt - Новий - Пароль: - Потокове Розпаралелювання - Шлях до бібліотеки PKCS #11 - PKCS-5 PRF: - PKCS-5 PRF: - Кешування (запамятовування) паролів - Параметри безпеки - Робота VeraCrypt в фоновому режимі - Том для монтування (відносно кореня переносного диска): - При вставці переносного диска: - Створити файли переносного диска (корінна тека переносного диска) в: - Том - Вікна - Пап&ка... - &Автотест всіх - &Продовжити - &Дешифрувати - &Видалити - &Шифрування - &Експорт... - Створити і зберегти файл... - Випа&дковий Файл-ключ... - Завантажити мовні модулі з сайта - Апаратне пришвидшення AES: - &Імпорт кл.файла в маркер доступу... - &Файли... - Клю&чові файли - К&люч.файли... - &Видалити - Видалити &всі - Що таке 'Захист прихованих томів'? - Шо таке 'Файл-ключ'? - Монтувати том як &змінний носій - Монтувати розділ з шифруванням ОС &без передзагр. аутентифікації - Розпаралелювання: - Тест - Др&ук - З&хистити прихований том від пошкодження при запису в зовнішній том - &Скинути - Перегл&яд пароля - Додати &токен-файли... - Застосовувати копію заголовку, вмонтован&у в том, якщо можливо - XTS-режим - Про програму VeraCrypt - VeraCrypt - Тест швидкості алгоритмів шифрування - VeraCrypt - Тест генерування векторів - Довідка по командному рядку - VeraCrypt - Ключевые файлы - VeraCrypt - Генератор ключових файлів - VeraCrypt - Мова інтерфейсу - VeraCrypt - Параметри монтування - Властивості ключового файлу нового токену бкзпеки - VeraCrypt - Збагачення випадкового пулу - Оберіть розділ або пристрій - VeraCrypt - Ключові файли токена безпеки - Токен безпеки: потрібен пароль/PIN - Свідчення по вибраному мовному модулі - На швидкість впливають загрузка ЦП і характеристики пристрою зберігання данних.\n\nЦі тести виконуються в ОЗП. - Буфер: - Шифр: - Пароль п&рихованого тома:\n(якщо порожньо, то із кешу) - Захист прихованого тому - Довжина ключа: - ВАЖНО: Хаотично переміщуйте мишку всередині цього вікна. Чим довше, тим ліпше. Це значно збільшить криптостійкість ключового файлу. - УВАГА: При втраті ключового файлу або пошкодженні його перших 1024 кілобайт монтувати використовуючи цей файл томів неможливо! - біт - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Автор перкладу: - Розмір тексту: - біт - Поточний вміст пулу - Мікшер повтору: - ВАЖЛИВО: Хаотично переміщайте курсор всередині вікна. Чим довше ви будете рухатися, тим краще. Це значно підвищує рівень криптографії. Коли закінчите, натисніть "Продовжити". - Вторинний ключ (16-кове) - Токен безпеки: - Сортування: - Будь ласка, зачекайте. Цей процес може зайняти тривалий час... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Число блоків: - Зашифрованний текст (16-кове) - Число одиниць з данними (64-біт 16-кове, розмір одиниці з данними - 512 байт) - Ключ (16-кове) - Незашифрованний текст (16-кове) - Файл-ключ: - XTS-режим - &Система - &Томи - О&бране - С&ервіс - Налаштува&ння - До&відка - Ве&б-сторінка - - &Про програму... - Неможливо зняти атрибут 'тільки читання' з старого тому. Перевірте, чи дозволений доступ до файла. - Помилка! Немає доступу.\n\nРозділ, до якого ви намагаєтесь дістати доступ, має довжину 0 секторів, або це заавнтажувальлний пристрій. - Адміністратор - Щоб завантажити драйвер VeraCrypt, ви повинні ввійти в систему з правами Адміністратора. - Щоб можна було шифрувати/Розшифрувати/форматувати розділ/пристрій, ви повинні ввійти в систему з правами Адміністратора.\n\nДо томів на основі файлів це не відноситься. - Щоб створити прихований том, ви повинні ввійти в систему з правами Адміністратора.\n\nПродовжити? - Щоб форматувати томи як NTFS, ви повинні увійти в систему з правами Адміністратора.\n\nБез привілегій Адміністратора можна форматувати томи тільки як FAT. - Затверджений FIPS (США) алгоритм шифрування (Rijndael, опублікований в 1998 р.), дозволений до застосування в федеральних структурах США для захисту важливої інформації. 256-біт ключ, 128-біт блок, 14 циклів (AES-256). Режим роботи -- XTS. - Том вже змонтований. - ОБЕРЕЖНО: В крайньому випадку один алгоритм шифрування або хешування не проїшов автоматичного самотестування.\n\nМожливо, пошкоджена встановлення VeraCrypt. - ОБЕРЕЖНО: В пулі генератора випадкоаих чисел недостатньо данних для представлення потрібного обєма випадкової інформації інформації.\n\nПровжувати дальше не варто. Виберіть в меню 'Довідка' пункт 'Повідомити про помилку' і повідомити авторів. - Пошкоджений диск (на ньому фізичений дефект) або кабель, або збій памяті комп’ютера.\n\nЦя проблема аппаратної частини вашого ПК, а не VeraCrypt. Будьласка, НЕ повідомляйте нам про неї як про помилку/проблему в роботі VeraCrypt і НЕ просіть про допомогу в форумах VeraCrypt. Зверніться за консультацією до виробника свого обладнання. Дякую.\n\nПримітка: якщо помилка стається регулярно в одному і тому ж місці, найбільш вірогідна причина - в пошкодженому блоці на диску, який можна попробувати виправити за допомогою стороннього ПЗ ( в багатьох випадках команда 'chkdsk /r' безкорисна, так як вона працює лише на рівні файлової системи; іноді 'chkdsk' не може навіть визначити помилку). - Якщо ви звертаєтеся до накопичувача на змінних носіях, упевніться, що у накопичувачі є носій. Також можливе пошкодження накопичувача/носія (фізичний дефект) або пошкодження/відключення кабелю. - Ваша система використовує апаратні драйвери, які містять помилку, що не дозволяє шифрувати весь системний диск.\n\nБудь ласка, спробуйте оновити або видалити будь-який власний набір мікросхем водії, перш ніж продовжити. Якщо це не допоможе, спробуйте тільки шифрування системного розділу. - Невірна літера диску. - Хибний шлях. - Скасувати - Немає доступу до пристрою. Перевірте, чи підключений вибраний пристрій і чи не зайнятий він. - УВАГА! Натиснене клавіша Caps Lock. Це може призвести до неправильного вводу пароля. - Тип тома - Може так статися, що хтось примусить вас повідомити пароль від зашифрованного тому. В деяких ситуаціях ви просто не зможете відказатися видати пароль (наприклад, при вимаганні). В подібних випадках поможе 'прихований том', дозволяючий не выдавати пароль до дійсно цінних данних. - Виберіть цю опцію, щоб створити звичайний том VeraCrypt. - Увага! Якщо ви хчете, щоб операційна система була встановлена в приховуваному томі на основі розділу, то весь системний диск неможливо зашифрувати з допомогою лише одного ключа. - Шифрування зовнішнього тому - Шифрування прихованого тому - Налаштування шифрування - УВАГА: Помилка очищення шляху до останнього вибраного тома/ключового файлу (записаному в памяті селектором файлів). - ПОМИЛКА: Контейнер був зжатий на рівні файлової системи. VeraCrypt не підтримує зжаті контейнери (зжаття зашифрованних данних неефективне).\n\nВідключіть зжаття контейнера, виконавши наступні кроки: 1) Щолкніть правою кнопкою миші в Провіднику Windows (не в VeraCrypt). 2) Виберіть пункт 'Властивості'. 3) В діалоговім вікні 'Властивості' нажміть кнопку 'Додатково'. 4) В діплоговому вікні 'Додаткові атрибути' виключіть параметер 'Зжимати вміст для економії місця на диску' і натисніть 'Гаразд'. 5) Натисніть 'Гаразд' в діалоговім вікні 'Властивості'. - Помилка створення тома %s - Розмір %s - %.2f байт - Розмір %s - %.2f Кб - Розмір %s - %.2f Мб - Размір %s - %.2f Гб - Розмір %s - %.2f Тб - Розмір %s - %.2f Пб - УВАГА: Пристрій/розділ використовується операційною системою або пошкоджений. Форматування пристрою/розділу може призвести до втрати данних або нестабільності системи.\n\nПродовжити? - УВАГА: Пристрій/розділ використовується операційною системою або додатком. Потрібно закрити всі программи, які можуть використовувати розділ (включаючи антивірусне ПЗ).\n\nПродовжити? - ПОМИЛКА: Пристрій/розділ містить файлову систему, яка не може бути розмонтована. Ця файлова система може використовуватись операційною системою. Форматування пристрою/розділу ймовірніше за все призведе до пошкодження данних і нестабільності системи.\n\nДля вирішення цієї проблеми ми рекомендуємо зпочатку видалити цей розділ, після чого знову створити його без форматування. Ось як це зробити: 1) Клацніть правою кнопкою миші по значку 'Комп'ютер' (або 'Мій комп’ютер') в меню 'Пуск' і виберіть пункт 'Керування'. Повинно появитися вікно 'Керування комп’ютером'. 2) В вікні 'Управління комп'ютером' виберіть 'Запамятовуючі пристрої' > 'Керування дисками'. 3) Клайніть правою кнопкою миші по розділу, який ви хочете зашифрувати, і виберіть або 'Видалити розділ', або 'Видалити том', або 'Видалити логічний диск'. 4) Натисніть 'Так'. Якщо Windows попросить перезагрузити комп'ютер, виконайте це. Потім повторіть кроки 1 і 2 і перейдіть до кроку 5. 5) Клацніть правою кнопкою по пустому участку (воно повинно містити надпис 'Не розподілено') і виберіть 'Основний розділ', 'Додатковий розділ' або 'Логічний диск'. 6) Повинно появитися вікно майстра створення розділів або томів; дотримуйтесь його інструкціям. В вікні майстра на сторінці 'Форматування розділу' виберіть або 'Не форматувати цей розділ', або 'Не форматувати цей том'. В тому ж вікні майстра натисніть кнопку 'Далі' і потім 'Готово'. 7) Майте на увазі, що вибраний вами в VeraCrypt шлях до пристрою може бути тепер невірним. Тому завершіть роботу майстра створення томів VeraCrypt (якщо він все ще виконкється) і запустіть йго знову. 8) Спробуйте знову зашифрувати пристрій/розділ в VeraCrypt.\n\nЯкщо VeraCrypt знову відмовиться шифрувати пристрій/розділ, зкоректуйте свої плани і створіть замість цього файловий контейнер. - ПОМИЛКА: Не вдалося заблокувати і/або розмонтувати файлову систему. Вірогідно, вона використовується ОС або додатками (наприклад, антивірусним ПЗ). Шифрування цього розділу може призвести до пошкодження даних і нестабільність системи.\n\nЗакрийте всі додатки, які можуть звертатися до файлової системи (включаючи антивірусне ПЗ) і повторіть спробу. Якщо це не допоможе, дотримуйтесь нижче вказаних інструкцій. - УВАГА: деякі змонтовані пристрої/розділи вже використовуються.\n\nІгнорування цього може призвести до небажаних наслідків, включаючи нестабільність системи.\n\nСлід закрити всі застосунки, що можуть використовувати ці пристрої/розділи. - Обраний пристрій містить розділи.\n\nФорматування такого пристрою може призвести до втрати даних та/або нестабільності системи. Будь ласка, оберіть розділ на пристрої, або видаліть всі розділи на ньому, щоб VeraCrypt зміг його форматувати. - Вибраний несистемний пристрій містить розділи.\n\nЗашифровані томи VeraCrypt на основі пристроїв можна створювати лише на дисках, що не містять розділів (включаючи жорсткі і твердотілі вінчестири). Пристрій з розділами можна зашифрувати повністю на місці (з допомогою одного майстер-ключа), тільки якщо цей диск, де встановлена Windows і з якого вона завантажується.\n\nЯкщо ви бажаєте зашифрувати вибраний не системний пристрій з допомогою одного майстер-ключа, спочатку потрібно видалити всі розділи на цьому пристрої, щоб VeraCrypt зміг його безпечно відформатувати (форматування пристрою з розділами може призвести до нестабільності системи і/або пошкодження даних). Другий варіант -- зашифрувати окремо кожний розділ на диску (використовуючи індивідуальні майстер-ключі).\n\nПримітка: щоб видалити всі розділи з диска GPT, його потрібно перетворити в диск MBR (наприклад, за допомогою інструменту Computer Management) для видалення прихованих розділів. - УВАГА: Якщо шифрувати весь пристрій (а не тільки один розділ на ньому) ОС буде вважати його новим, порожнім і неформатованим (який немістить таблиць розділів) і може відформатувати цей пристрій (або питати у вас дозволу на це), що може пошкодити том.\n\nЩоб цього уникнути, ви можете створити розділ на пристрої і зашифрувати лише цей розділ.\n\nВи дійсно хочете зашифрувати весь пристрій? - ВАЖЛИВО: Майте на увазі, що цей том НЕМОЖЛИВО монтувати і получити до нього доступ по букві диска %c:, яка зараз йому назначена!\n\nЩоб монтувати цей том, натисніть 'Автомонтування' в головному вікні VeraCrypt (або натисніть кнопку 'Пристрій', виберіть цей розділ/диск і натисніть 'монтувати'). Том буде змонтований на іншу букву диска, вибрану із списку в головному вікні VeraCrypt.\n\nЦю букву диска %c: потрібно застосовувати тільки коли потрібно видалити шифрування з розділу/пристрою (наприклад, якщо шифрування більше не потрібне). В такому випадку щолкніть правою кнопкою миші по диску %c: в вікні 'Комп'ютер' (або 'Мій комп’ютер') і вибкріть пункт 'Форматувати'. У всіх інших випадках букву %c: використовувати неварто (якщо тільки ви не видалили її і не присвоїли її іншому розділу/пристрою). - В даній ОС шифрування 'на місці' не підтримується (для цього потрібна Windows Vista чи новіша версія Windows).\n\nПричина: ця версія Windows не допускає зжаття файлової системи (що потребує для звільнення місця під заголовок тому і його резервну копію). - Вибраний розділ не містить файлової системи NTFS. Для шифрування 'на місці' придатні розділи з NTFS.\n\nПричина: Windows не підтримує зжаття файлових систем інших типів (що потребує для звільнення місця під заголовок тому і його резервну копію). - Даний розділ не містить файлової системи NTFS. Для шифрування 'на місці' придатні розділи з NTFS.\n\nЯкщо ви хочете створити зашифрований том VeraCrypt всередині цього розділу, виберіть "Створити і відформатувати вибраний том" (а не "Зашифрувати розділи на місці"). - ПОМИЛКА: розділ надто малий. VeraCrypt не взмозі зашифрувати його 'на місці'. - Для зашифрувати даних на цьому розділі:\n\n1) Створіть том VeraCrypt на чистому розділі/пристрої і змонтуйте його.\n\n2) Скопіюйте все файлы з розділу, який ви хочете зашифрувати, на змонтований том VeraCrypt (створений на етапі 1). Так буде створена зашифрована резервна копія даних.\n\n3) Створіть том VeraCrypt на розділі, який бажаєте зашифрувати, переконайтеся (в майстрі VeraCrypt), що вибрали опцію "Створити зашифрованний том і відформатувати його" (а не опцію "Зашифрувати розділ на місці"). Майте на увазі, що всі дані на цьому розділі будуть видалені. Створивши том, змонтуйте його.\n\n4) Скопіюйте всі файли з змонтованого тому VeraCrypt з копією даних (створену на етапі 1) на змонтований том VeraCrypt, створений на етапі 3.\n\nПісля закінчення цих операцій дані будуть зашифровані, плюс з нихбуде зроблена зашифрована резервна копія. - Шифрування 'на місці' можливе тільки для розділу, динамічного тому або всього системного диску.\n\nЯкщо ви хочете створити зашифрований том VeraCrypt на вибраному несистемному пристрої, виберіть опцію "Створити зашифрований том і відформатуйте його" (а не опцію "Зашифрувати розділи на місці"). - ПОМИЛКА: Шифрування 'на місці' можливе тільки для розділу, динамічного тому або всього системного диску. Впевніться в правильності вказаного шляху. - ПОМИЛКА: Неможливо зменшити файлову систему (це необхідно для звільнення місця під заголовок тому і резервну копію заголовка).\n\nМожлимі причини і рішення:\n\n- Недостатньо вільного місця на томі. Спробуйте дефрагментувати файлову систему (щолкніть ПКМ на букві відповідного диска у вікні '(Мій) Комп'ютер', виберіть 'Властивості' > 'Сервіс' > 'Виконати' дефрагментацію > 'Дефрагментація'). Якщо це не допоможе, видаліть непотрібні файли і очистіть Кошик.\n\n- Пошкоджена файлова система. Спробуйте використовувти її (щолкніть ПКМ на букві відповідного диска у вікні '(Мій) Комп'ютер', ввиберіть 'Властивості' > 'Сервіс' > 'Виконати перевірку', включіть опцію 'Автоматично виправляти системні помилки' і натисніть 'Запуск').\n\nЯкщо нічого не допомагає, виконуйте рекомендації подані нижче. - ПОМИЛКА: Недостатньо вільного місця на томі, неможливо зменшити файлову систему (це необхідно для звільнення місця під заголовок тому і резервну копію заголовку).\n\nВидаліть непотрідні файли і очистіть кошик, звільнивши декілька мегабайт, повторіть спробу. Якщо це прийнятно, виконуйте рекомендаії наведені нижче. - На диску %s вільно %.2f байт - На диску %s вільно %.2f Кб - На диску %s вільно %.2f Мб - На диску %s вільно %.2f Гб - На диску %s вільно %.2f Тб - На диску %s вільно %.2f Пб - Неможливо отримати доступні літери дисків. - Помилка: не знайдено драйвер VeraCrypt.\n\nБудь ласка, скопіюйте файли 'veracrypt.sys' та 'veracrypt-x64.sys' до теки, де розташовується основний застосунок VeraCrypt (VeraCrypt.exe). - Запущено драйвер VeraCrypt несумісної версії.\n\nВерсія що потрібна: VeraCrypt - Помилка ініціалізації шифру. - Помилка: слабкий або потенційно слабкий ключ! Цей ключ не принято. Повторіть спробу. - Виникла критична помилка, робота VeraCrypt перервана. Якщо це наслідок помилки в VeraCrypt, ми б хотіли її виправити. Відправте автоматично створений звіт про помилку з наступними даними:\n\n- Версія програми\n- Версія операційної системи\n- Ім'я компонента VeraCrypt\n- Контрольна сума виконуючого файлу VeraCrypt\n- Символьне ім'я діалогового вікна\n- Категорія помилки\n- Адрес помилки\n- Тип ЦП\n- Мережевий виклик VeraCrypt\n\nПри виборі 'Так' в вашому браузері буде відкрита наступна URL-адреса з повним звітом про помилку (в окремих випадках це може зайняти до 30 секунд).\n\n%hs\n\nВідправити звіт про помилку? - Критична помилка в системі, робота VeraCrypt буде перервана.\n\nЦя помилка виникла не по вині VeraCrypt (тому розробники VeraCrypt не можуть її виправити). Перевірте свою систему на можливі проблеми (наприклад, системну конфігурацію, Підключення до мережі, збій апаратури). - Критична помилка в системі, яка потребує VeraCrypt повинна бути припинена.\n\nЯкщо проблема не усувається, ви можете спробувати відключити або видалити додатки, які потенційно можуть бути причиною проблеми, такі як антивіруси і забезпечення безпеки в Інтернеті, система "підсилювачів", "оптимізаторів" або "твікера" і т.д. Якщо це не допоможе , ви можете спробувати перевстановити операційну систему (ця проблема може бути викликана шкідливих програм). - Критична помилка VeraCrypt - За даними VeraCrypt, операційна система недавно зазнала збій. Потенційних причин цьому безліч (наприклад, відмова апаратури, помилка в драйвері пристрою, і т.д.)\n\nБажаєте перевірити, чи був викликаний системний збій помилкою в VeraCrypt? - Волієте, щоб VeraCrypt і далі відстежував системні збої? - VeraCrypt не вдалося знайти файл з міні-дампом системних збоїв. - Бажаєте видалити дамп-файл Windows з даними про збій, щоб вивільнити місце на диску? - Щоб проаналізувати системний збій, VeraCrypt спочатку необхідно\nВстановити Microsoft Debugging Tools для Windows.\n\nПісля натиснення Гаразд почнеться завантаження та встановлення пакета\nMicrosoft Debugging Tools (16 Мбайт) з сервера Microsoft\n(програма встановлення Windows перенаправить вас на сервер\nMicrosoft з сервера veracrypt.org, тим самим гарантуючи успіх операції,\nнавіть якщо Microsoft змінить місце розташування пакета встановлення). - Після натискання Гаразд почнеться аналіз системного збою. Ця операція може зайняти декілька хвилин. - Переконайтеся, що у змінній оточення 'PATH' вказано шлях до файлу відновлення ядра 'kd.exe' (Kernel Debugger). - Швидше за все, причина системного збою НЕ в VeraCrypt. Потенційних причин збою системи безліч (наприклад, відмова апаратури, помилка в драйвері пристрою, і т.д.) - Як показав аналіз, дану проблему може вирішити оновлення наступного драйвера: - Щоб допомогти визначити, чи є помилка в VeraCrypt, відправте нам автоматично створений звіт про помилки, що містить такі дані:\n-Версія програми\n-Версія операційної системи\n-Тип ЦП\n-Категорія помилки\n-Назва і версія драйвера\n-Стек системних викликів\n\nПри виборі 'Так' у вашому інтернет-браузері буде відкрито наступну URL-адресу (з повним звітом про помилки). - Бажаєте відправити нам цей звіт про помилки? - &Зашифрувати - &Розшифрувати - &Постійне розшифровування - Вихід - Будь ласка, створіть логічний диск для цього розширеного розділу та спробуйте ще. - Том VeraCrypt може знаходитися в файлі ('контейнері' VeraCrypt) на твердому диску, флеш-накопичувачі USB і т.п. Контейнер VeraCrypt нічим не відрізняйться від звичайного файлу (наприклад, його можна переміщати, копіювати і видаляти). Натисніть кнопку 'Файл...', щоб вказати ім'я і шлях до створюваного файлу-контейнера для зберігання нового тому.\n\nУВАГА: Якщо ви виберете вже існуючі файли, VeraCrypt НЕ зашифрує його; цей файл буде видалено і замінений створеним контейнером VeraCrypt. Ви можете зашифрувати існуючі файли (внаслідок), перемістивши їх в створений зараз контейнер VeraCrypt. - Виберіть розміщення для створення зовнішнього тому (всередині цього тому потім буде створений прихований том).\n\nТом VeraCrypt може знаходитися в файлі ('контейнері' VeraCrypt) на жорсткому диску, флеш-накопичувач USB і т.п. Контейнер VeraCrypt можна переміщувати, копіювати і видаляти як звичайний файл. Натисніть кнопку 'Файл...', щоб вказати ім'я і шлях до створюваного файлу-контейнеру для зберігання нового тому. Якщо ви виберете уже існуючий файл, VeraCrypt НЕ зашифрує його; цей файл буде видалено і замінений створеним контейнером VeraCrypt. Ви зможете зашифрувати існуючі файли, перемістивши їх в створюваний зараз контейнер VeraCrypt. - Зашифрованний том VeraCrypt на основі пристрою можна створювати всередині розділу жорсткого диску, на твердотілому носії, флеш-накопичувачі USB і інших пристроях зберігання інформації. Розділи також можна шфрувати на місці.\n\nКрім того, зашифровані томи VeraCrypt на основі пристроїв можна створювати всередині пристрою, який не містить розділів (включаючи жорсткі диски и твердотілі накопичувачі).\n\nПримітка: пристрій, містить розділи, можна зашифрувати цілком на місці (використовуючи один ключ), тільки якщо з нього завантажується Windows. - Том VeraCrypt на основі пристрою можна створювати всередині розділу вінчестера, на твердотілому носії, флеш-накопичувачі USB і інших пристроях зберігання інформації.\n\nУВАГА: Розділ/диск буде відформатований, а всі дані на ньому - знищені. - \nВиберіть розміщення для створення зовнішнього тому (всередині цього тому потім буде створений прихований том).\n\nЗовнішні томи можна створювати всередині розділів жорстких дисків, на твердотілому носії, флеш-накопичувачі USB і інших пристроях зберігання інформації. Зовнішні томи також можна створювати всередині пристрою, не містячих розділів (включаючи жорсткі диски і твердотілі накопичувачі).\n\nУВАГА: Розділ/диск буде відформатований, а всі дані на ньому - знищені. - Оберіть розміщення тому VeraCrypt, всередені якого ви бажаєте створити прихований том. - УВАГА: файл/пристрій вже використовується!\n\nІгнорування цього може призвести до небажаних наслідків, включаючи нестабільність системи. Перед монтуванням тому слід закрити всі програми, що використовують цей файл/пристрій.\n\nПродовжити монтування? - Помилка: неможливо монтувати том. Файл/пристрій вже використовується. Спроба монтування без виключного доступу також зазнала невдачі. - Неможливо відкрити файл. - Розміщення тому - Великі файли - Чи збираєтеся ви збирігати в цьому томі VeraCrypt Файли розміром більше 4 Гбайт? - В залежності від вашої відповіді VeraCrypt вибере для тому підходящу файлову систему (вибір файлової системи вам буде запропоновано в наступному етапі). - Так як ви створюєте зовнішній том, рекомендовано відповісти 'Ні'. Інакше Файлова Система типово буде NTFS, для зовнішніх томів це гірше, чим FAT (максисально можливий розділ приховуваного тому буде значно більший, якщо зовнішній том -- FAT). Стандартно FAT це ФС типово як для прихованих, так і для звичайних томів (томи FAT не викликають підозр). Але якщо потрібно зберігати файли розміром більше 4 Гбайт (що в FAT недопустимо), то FAT не буде ФС типово. - Ви дійсно бажаєте відповісти 'Так'? - Режим створення тому - Це найшвидший спосіб створення тому VeraCrypt на основі розділу або пристрою (шифруваня на місці повільніше, так як вміст кожного сектору спочатку зчитуються, шифрується а потім записується). всі дані на вибраному розділі/пристрої будуть знищені (ці дані НЕ шифруються; вони перезаписуються випадковими даними). Якщо вам потрібно зашифрувати дані, які є на розділі, виберіть інший варіант. - Весь вибраний розділ зі всіма даними буде зашифрований на місці. Якщо розділ порожній, вам потрібно вибрати інший варіант (створення тому відбувається набагато швидше). - Примітка: - &Продовжити - &Відкласти - &Старт - Продов&жити - &Форматувати - &Затерти - Перервати форматування? - Детальніше - Більше не показувувати - Вміст розділу/пристрою успішно видалено (затерто). - Вміст розділу з вихідною системою (клоном якої є прихована система) успішно видалено (затерто). - Переконайтеся, що Windows, який ви бажаєте встановити (на очищений розділ) має ту ж версію, що і поточний Windows. Це необхідно тому, що обидві ОС будуть використовувати загальний завантажувальний розділ. - Системний розділ/пристрій успішно зашифровано. - Системний розділ/пристрій успішно розшифровано. - \n\nТом VeraCrypt створений та готовий до використання. Якщо ви бажаєте створити ще один том VeraCrypt, натисніть 'Далі'. В іншому пипадку, натисніть 'Вихід'. - \n\nПрихований том VeraCrypt успішно створений (всередині нього буде знаходитися прихована ОС).\n\nНатисніть 'Далі' для продовження. - Том повністю зашифрований - Volume Fully Decrypted - ВАЖЛИВО: ДЛЯ МОНТУВАННЯ ЦЬОГО ТОМУ VERACRYPT І ДОСТУПУ ДО ДАНИХ, ЩО МІСТЯТЬСЯ В НЬОМУ НАТИСНІТЬ 'Автомонтування' В ГОЛОВНОМУ ВІКНІ VERACRYPT. Після вводу правильного паролю (і/або ключових файлів) том буде змонтовано на букву диска, вибрану вами в головному вікні VeraCrypt (доступ до зашифрованих даних буде поцій букві диску).\n\nЗАПАМЯТАЙТЕ АБО ЗАПИШІТЬ НАСТУПНІ ЕТАПИ.ВИ ПОВИННІ ВИКОНУВАТИ ЇХ ДЛЯ МОНТУВАННЯ ТОМУ І ДОСТУПУ ДО ЙОГО ДАНИХ. Інший спосіб: натисніть кнопку 'Пристрій' в головному вікні VeraCrypt, виберіть цей розділ/том і натисніть 'Монтувати'.\n\nРозділ/том успішно зашифрований (зараз він містить повністю зашифрований том VeraCrypt) і готовий до використання. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - Том VeraCrypt успішно створено. - Том створено - ВАЖЛИВО: як можна довільніше рухайте мишою всередині цього вікна. Чим довше - тим краще. Це значно збільшить криптографічну стійкість ключів шифрування. Потім натискайте 'Форматувати', щоб створити том. - Натисніть 'Форматувати', щоб створити зовнішній том. Для отримання докладної інформації зверніться до документації. - Форматування зовнішнього тому - Форматування прихованого тому - Форматування тому - Для перегляду або друку Посібника Користувача потрібна програма Adobe Reader (або сумісна з нею). Adobe Reader можна завантажити (безплатно) з сайту: www.adobe.com\n\nБажаєте замість цього переглянути онлайн-документацію? - Якщо ви оберете цю опцію, Майстер допоможе вам спочатку створити звичайний том VeraCrypt, а потім прихований всередині першого. Недосвіченим користувачам слід завжди обрати цю опцию. - Якщо ви оберете цю опцію, ви створите прихований том всередині існуючого тому VeraCrypt. Це передбачає, що ви вже створили том VeraCrypt, який придатний до розміщення у собі прихованого тому. - Режим створення тому - Прихований том створено - Прихований том VeraCrypt успішно створений та готовий до використання. Якщо ви дотримувались усіх інструкцій та порад глави "Security Precautions Pertaining to Hidden Volumes" Посібника Користувача VeraCrypt, то навіть при змонтованому зовнішньому томі виявити прихований том буде неможливо.\n\nУВАГА: ЯКЩО ВИ НЕ ЗАХИСТИТЕ ПРИХОВАНИЙ ТОМ (ДОКЛАДНІШЕ ДИВІТЬСЯ ГЛАВУ "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" ПОСІБНИКА КОРИСТУВАЧА VERACRYPT), НІЧОГО НЕ ЗАПИСУЙТЕ ДО ЗОВНІШНЬОГО ТОМУ. В ІНШОМУ ВИПАДКУ ВИ МОЖЕТЕ ПЕРЕЗАПИСАТИ І ПОШКОДИТИ ПРИХОВАНИЙ ТОМ! - Ви запустили приховану операційну систему. Як ви могли помітити, прихована ОС виглядає так, ніби вона встановлена на тому ж розділі, що і вихідна ОС. Насправді ОС встановлена всередині розділу ззаді неї (в приховуваному томі). Всі операції читання і запису прозоро перенаправляються із системногорозділу в прихований том.\n\nНі операційна система, ні додатки не будуть знати, що дані, записуючі і читаючі в системному розділі, в дійсності записуються і читаються в розділі з заді нього (в прихованому томі). Любі такі дані шифруються і розшифровуються негайно (з ключом шифрування, відмінним від використовуваного для підставної ОС).\n\n\nНатисніть 'Далі' для продовження. - Зовнішній том створений і змонтований як диск %hc:. Скопіюйте в цей зовнішній том які небуть файли. Вони знадобляться для демонстрації, якщо вас змусять повідомити пароль від першого розділу ззаду системного, де будуть розположені зовнішній том і прихований том (з прихованою ОС). Ви зможете відкрити пароль від цього зовнішнього тому, а існування прихованого тому (і прихованої ОС) залишеться засикречиним.\n\nВАЖЛИВО: Файли, копіюючі в зовнішній том, не повинні займати більше %s. В іншому випадку на зовнішньому томі може виявитися недостатньо вільного місця для прихованого тому (і ви не зможете продовжити). Коли закінчете копіювання, натисніть 'Далі' (не розмонтуйте том). - Зовнішній том успішно створений і змонтований як диск %hc:. До цього тому зараз слід скопіювати будь-які файли що мають осмислений вигляд, які насправді вам НЕ потрібно ховати. Ці файли потрібні для того, щоб показати їх тим, хто змусить вас повідомити пароль. У цьому випадку ви скажете лише пароль для цього зовнішнього тому, але не для прихованого. Дійсно цінні для вас файли будуть зберігатись у прихованому томі, що буде створено пізніше. Натисніть 'Далі', коли скопіюєте файли. Не розмонтовуйте цей том.\n\nПам'ятайте: після натискання 'Далі' буде просканована карта кластерів зовнішнього тому в пошуку неперервної вільної ділянки, кінець якої стане кінцем тому. Цей блок буде підігнаний під прихований том, тому від нього залежить максимально можливий розмір. Сканування карти необхідне, щоб прихований том не затер дані у зовнішньому томі. - Вміст зовнішнього тому - \n\nНаступними кроками Майстра буде встановлення опцій для зовнішнього тому (всередині якого пізніше буде створено прихований том). - \n\nНа наступних етапах ви створете так званий зовнішній том VeraCrypt всередині першого розділу за системним розділом (це було пояснено на попередньому етапі). - Зовнішній том - На наступних етапах потрібно встановити параметри і пароль для прихованого тому, який буде містити приховану ОС. Примітка: для визначення розміру неперерваної незанятої області, закінчення якої буде вирівняно по кінці зовнішнього тому, виконується сканування його карти кластирів. Ця область буде підігнана для прихованого тому, щоб його границі не перевищували максимально можливий розмір. Максимально можливий розмір прихованого тому визначено і він гарантовано більший, чим у системного розділу (це необхідно, оскільки весь вміст системного розділу має бути скопійовано в прихований том). Тобто ніякі дані, що знеаходяться в даний момент в зовнішньому томі, не будуть перезаписані данними, записаними в область прихованого тому. - ВАЖЛИВО: Запамятайте алгоритми, які ви зараз виберете. Вам потрібно вибрати ті ж алгоритми для підставної ОС. В іншому випадку прихована система буде недоступна! (Підставна система повинна бути зашифрована тимже алгоритмом, що і прихована.)\n\nПримітка: причина в тому, що підставна і скрита системи використовують одинаковий завантажувач, підтримуючий лише алгоритм, вибраний користувачом (для кожного алгоритму є своя версія завантажувача VeraCrypt). - \n\nКарту кластерів тому переглянуто, визначено максимально можливий розмір прихованого тому. Наступними кроками Майстра буде встановлення опцій, розміру та паролю для прихованого тому. - Прихований том - Тепер прихований том захищений від пошкоджень до розмонтовання зовнішнього тому.\n\nУВАГА: при спробі запису даних до області прихованого тому, VeraCrypt заборонить запис до всього тому (зовнішнього та прихованого) до його розмонтування. Це може викликати пошкодження файлової системи зовнішнього тому, що (якщо це повторюватиметься) може зашкодити запереченню існування прихованого тому. Тому вам слід уникати запису до області прихованого тому. Будь-які дані, що записуватимуться до області прихованого тому, не будуть збережені та будуть втрачені. Windows може повідомити про це як помилку запису ("Delayed Write Failed" або "The parameter is incorrect"). - Кожен прихований том у щойно змонтованих томах захищені від пошкоджень до розмонтування.\n\nУВАГА: при спробі запису даних до області прихованого тому, VeraCrypt заборонить запис до всього тому (зовнішнього та прихованого) до його розмонтування. Це може викликати пошкодження файлової системи зовнішнього тому, що (якщо це повторюватиметься) може зашкодити запереченню існування прихованого тому. Тому вам слід уникати запису до області прихованого тому. Будь-які дані, що записуватимуться до області прихованого тому, не будуть збережені та будуть втрачені. Windows може повідомити про це як помилку запису ("Delayed Write Failed" або "The parameter is incorrect"). - УВАГА: спроба запису даних до області прихованого тому в томі, змонтованому як %c:!\n\nДля захисту прихованого тому запис цих даних було заборонено VeraCrypt. Це може викликати пошкодження файлової системи зовнішнього тому та Windows може повідомити про це як помилку запису ("Delayed Write Failed" або "The parameter is incorrect"). Запис на весь том (зовнішню та приховану частини) заборонений до розмонтування тому. Якщо це відбувається вже не вперше, заперечення існування прихованого тому може бути під загрозою (через можливу несумісність файлової системи у зовнішньому томі). Тому вам слід створити новий том VeraCrypt (з вимкненим Швидким форматуванням) та перемістити файли з цього тому у новий; цей том слід непомітно видалити (як зовнішню так і приховану частину). рекомендовано зараз перезавантажити операційну систему. - Ви маєте намір зберігати в томі файли розміром більше 4 Гбайт. Такий розділ повинен бути відформатований в NTFS, що, однак, неможливо. - Візьміть до відома, що коли виконується прихована операційна система, не приховані томи VeraCrypt форматувати в NTFS неможливо. Це пояснюється тим, що це потрібно тимчасово змонтувати без захисту від запису, щоб дозволити операційній системі відформатувати його в NTFS (тоді як форматування в FAT виконується засобами VeraCrypt, а не операційної системи, і без монтування). Технічні деталі приведені нижче. Не прихований том NTFS можна створити з оманної операційної системи. - В цілях безпеки, коли запущина прихована ОС, приховані томи можна створювати тільки в 'прямому' режимі (оскільки зовнішні томи повинні завжди монтуватися як 'тільки для читання').\n\nЩоб безпечно створити прихований том, виконайте наступні кроки:\n\n1) Завантажте підставну систему.\n\n2) Створіть звичайний том VeraCrypt і скопіюйте в цей том які небуть файли (цей том стане зовнішнім томом).\n\n3) Завантажте приховану систему і запустіть майстра стврення томів VeraCrypt.\n\n4) Якщо том -- на основі файла, перемістіть його в системний розділ або в інший прихований том (інакше знов створений прихований том був би змонтований як 'тільки для читання' без можливості форматування).\n\n5) Проходьте інструкмії майстра так, як при виборі 'прямого' режиму створення прихованого тому.\n\n6) На екрані майстра виберіть том, створений на етапі 2, і проходьте інструкції для створення прихованого тому всередині нього. - З міркувань безпеки, коли прихованої операційної системи, місцевого незашифрованного файлових і не прихована VeraCrypt обсяги встановлені тільки для читання (немає даних, можуть бути написані на таких файлових систем або томів VeraCrypt).\n\nData дозволено бути написано на будь-яку файлову систему, яка знаходиться в прихованому VeraCrypt гучності (за умови, що обсяг прихованої знаходиться не в контейнері зберігається в незашифрованному вигляді файлової системи або на будь-який інший тільки для читання файлової системи). - Ці міри протидії були реалізовані по трьох основних причинах:\n\n- Можливість створення безпечної платформи для монтування прихованих томів VeraCrypt. Зверніть увагу, що ми офіційно рекомендуємо монтувати приховані томи, тільки коли запущена прихована операційна система. (Детальніше дв. в параграфі 'Security Precautions Pertaining to Hidden Volumes' в документації.)\n\n- В деяких випадках є можливість визначити, що у визначений час конкретна файлова система не була змонтована (або конкретний файл в файловій системі не був збережений або до нього не було звернення з неї) під конкретною копією ОС (наприклад, шляхом аналізу і порівняння журналів файлових систем, тимчасових файлів, звітів додатків і/або помилок, і т.д.). Це докази про існування в комп'ютері прихованої ОС. Дані міри протидії цьому.\n\n- Захист цілісності файлової системи, змонтованої під обєми ОС -- підставної і прихованої, коли одна або дві із них знаходяться в стані сну/гібернації. - Примітка: якщо потрібно безпечно перенести файли із підставної системи в приховану, виконайте наступне: 1) Загрузіть підставну систему. 2) Збережіть потрібні вам файли на незашифрованому томі або на зовнішньому/звичайному томі VeraCrypt. 3) Завантажте приховану систему. 4) Якщо ви зберегли файли на томі VeraCrypt, змонтуйте його (вон буде автоматично змонтована як 'тільки для читання'). 5) Скопіюйте файли в прихований системний розділ або в інший прихований том. - Комп'ютер потрібно перезавантажити.\n\nПерезавантажити зараз? - При отриманні статусу системного шифрування виникла помилка. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Неможливо ініціалізувати компонент застосунку для системного шифрування. - Невдала ініціалізація генератора випадкових чисел! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Неможливо ініціалізувати застосунок. Невдала реєстрація класу Dialog. - Помилка завантаження системної бібліотеки Rich Edit. - Майстер створення тому VeraCrypt - Максимальний розмір прихованого тому для цього тому дорівнює %.2f байт - Максимальний розмір прихованого тому для цього тому дорівнює %.2f Кб - Максимальний розмір прихованого тому для цього тому дорівнює %.2f Мб - Максимальний розмір прихованого тому для цього тому дорівнює %.2f Гб. - Максимальний розмір прихованого тому для цього тому дорівнює %.2f Tб. - Поки том змонтований, змінити пароль/файл-ключі цього тому неможливо. Будь ласка, перш розмонтуйте том. - Поки том змонтований, змінити алгоритм деривації ключа заголовку цього тому неможливо. Будь ласка, перш розмонтуйте том. - &Монтувати - Для монтування цього тому потрібна більш нова версія VeraCrypt. - Помилка: не знайдено Майстра створення тому.\n\nПеревірте наявність файлу 'VeraCrypt Format.exe' у теці запущеного файлу 'VeraCrypt.exe'. Якщо його немає, будь ласка перевстановіть VeraCrypt або знайдіть файл 'VeraCrypt Format.exe' та запустіть його. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Далі > - &Завершити - &Встановити - Ви&добути - Неможливо з'єднатись із драйвером пристрою VeraCrypt. VeraCrypt не може працювати, якщо не запущено драйвер пристрою.\n\nБудь ласка, пам'ятайте, в залежності від настроювань Windows, можливо прийдеться завершити сеанс або перезавантажити систему, щоб запустити драйвер пристрою. - Помилка завантаження/підготовки шрифтів. - Таку літеру диску не знайдено, або не обрано жодної літери диску. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Літера диску не доступна. - Не обрано файл! - Немає доступних літер дисків. - Немає вільної літери диску для зовнішнього тому! Створення тому не може бути продовжено. - Не вдалося визначити версію операційної системи, або вона не підтримується. - Не вказано шлях! - Недостатньо вільного місця для прихованого тому! Продовження створення тому неможливе. - ПОМИЛКА: Скопійовані у зовнішній том файли займають надто багато місця. Через це у зовнішньому томі недостатньо вільного місця під прихований том.\n\nЗверніть увагу, що прихований том повинен бути не менше системного розділу (т.б. розділа, де встановлена працююча зараз операційна система). Причина в тому, що при створенні прихованої ОС виконується копіювання в прихований том містячого системного розділу.\n\n\nПродовження створення прихованої операційної системи неможливе. - Драйвер не може розмонтувати том. Можливо, деякі файли, розміщені на цьому томі, ще відкриті. - Неможливо заблокувати том. Цей том містить відкриті файли, тому його неможна розмонтувати. - VeraCrypt не може заблокувати том, так як він використовується системою або додатками (можливо, відкриті файли на цьому томі).\n\nВи наполягаєте на примусовому розмонтуванні цього тому? - Оберіть том VeraCrypt - Вкажіть шлях та ім'я файлу - Виберіть бібліотеку PKCS #11 - Брак пам'яті - ВАЖЛИВО: рекомендовано, щоб недосвічені користувачі створювали файл-контейнери на обраних пристроях/розділах замість шифрування усього пристрою/розділу.\n\nКоли ви створите файл-контейнер (як заміна шифрування пристрою або розділу), це, наприклад, не викличе ризик пошкодження великої кількості файлів. Пам'ятайте, що файл-контейнери VeraCrypt (навіть якщо вони містять віртуальні шифровані диски) - це фактично звичайні файли. Відповідно, їх можна, наприклад, легко перейменувати, перемістити або скопіювати як будь-який звичайний файл. Докладніше можна дізнатись у главі для початківців Посібника Користувача VeraCrypt.\n\nВи дійсно бажаєте зашифрувати весь пристрій/розділ? - УВАГА: файл '%s' вже існує!\n\nВАЖЛИВО: VERACRYPT НЕ БУДЕ ШИФРУВАТИ ЦЕЙ ФАЙЛ, А ЗНИЩИТЬ ЙОГО. Ви дійсно бажаєте видалити цей файл та замінити його новим контейнером VeraCrypt? - ОБЕРЕЖНО: ВСІ ФАЙЛИ, ЩО МІСТЯТЬСЯ У %s '%s'%s, БУДЕ ВИДАЛЕНО ТА ВТРАЧЕНО (ЇХ НЕ БУДЕ ЗАШИФРОВАНО)!\n\nВи наполягаєте на форматуванні? - УВАГА: Монтування тома і доступ до файлів , що в ньому зберігаються неможливе, поки том не буде повністю зашифрований.\n\nВи дійсно бажаєте розпочати шифрування %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - УВАГА: Неочікуване зникнення електро живлення під час шифрування даних 'на місці' або збій операційної системи через програмну/апаратну помилку може призвести до часткового пошкодження або втраті даних. Тому перш ніж приступити до шифрування, зробіть резервну копію файлів, які ви бажаєте зашифрувати.\n\nВи зробили резервну копію? - ОБЕРЕЖНО: ВСІ ФАЙЛИ НА РОЗДІЛІ '%s'%s (Т.Т. НА ПЕРШОМУ РОЗДІЛІ ЗА СИСТЕМНИМ) БУДУТЬ ЗНИЩЕНІ (ВОНИ НЕ БУДУТЬ ЗАШИФРОВАНІ)!\n\nВи наполягаєте на форматуванні? - УВАГА: ВИБРАНИЙ РОЗДІЛ МІСТИТЬ ВЕЛИКИЙ ОБЄМ ДАНИХ! Всі файли на цьому розділі будуть видалені (вони НЕ будуть зашифровані)! - Стерти файли на розділі при створені тому VeraCrypt всередині нього - Пароль - PIM - Встановити алгоритм походження ключа заголовка - Додати/видалити файл-ключі до/з тому - Видалити всі файл-ключі з тому - Пароль, PIM та/або файл-ключ успішно змінено.\n\nВАЖЛИВО: обов'язково прочитайте розділ 'Changing Passwords and Keyfiles' у главі 'Security Precautions' Посібника Користувача VeraCrypt. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - ВФЖЛІВО: Якщо ви не знищили свій диск відновлення VeraCrypt (Rescue Disk), ваш системний розділ/диск можна розшифрувати з допомогою старого пароля (завантажившись з диска відновлення VeraCrypt і ввівши старий пароль). Вам потрібно створити новий диск відновлення VeraCrypt, після чого знищити прихований.\n\nБажаєте створити новий диск відновлення VeraCrypt? - Пам'ятайте, ваш Диск Відновлення VeraCrypt ще використовує попередній алгоритм. Якщо стійкість попереднього алгоритму вас не задовільняє, вам слід створити новий Диск Відновлення VeraCrypt, а потім знищити старий.\n\nБажаєте створити новий диск відновлення VeraCrypt? - В якості ключового файлу VeraCrypt можна використовувати файл любого типу (наприклад, .mp3, .jpg, .zip, .avi). Зверніть увагу, що VeraCrypt не змінює вміст ключового файлу. Допускається вибрати більше одного ключового файлу (порядок вибору немає значення). Якщо додати теку, то всі файли всередині неї будуть використовуватися як ключові. Натисніть 'Добавити токен-файл', щоб вибрати ключові файли, що знаходяться на токенах безпеки або смарт-картах (або для імпортування кдючових файлів на токени/смарт-карти). - Файл-ключі успішно додано/видалено. - Файл-ключ експортовано. - Алгоритм деривації ключа заголовку успішно встановлено. - Введіть пароль і/або ключові файли для несистемного тому, де ви хочете відновити шифрування 'на місці'.\n\n\nПримітка: після нетиснення 'Далі' VeraCrypt спробує знайти всі несистемні томи, на яких був перерваний процес шифрування, і де можна розшифрувати заголовок тома VeraCrypt з допомогою вказаного проля і/або ключових файлів. Якщо таких томів виявиться декілька, на наступному етапі вам буде потрібно вибрати один із них. - Виберіть один із перечислених томів. Це не системні томи з перерваним процесом шифрування, заголовок яких вдалося розшифрувати з допомогою вказаного пароля і/або ключових файлів. - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - Дуже важливо вибрати хороший пароль. Уникайте вказувати паролі з одного або декількох слів, які можна знайти в словнику (або комбінацій з 2, 3 або 4 таких слів). Пароль не повинен містити імен або дат народження. Він має бути важкий для вгадування. Хороший пароль -- випадкова комбінація прописних і рядкових букв, цифр і особливих символів (@ ^ = $ * + і так далі).\n\nРекомендуємо вибирати паролі, що складаються більш ніж з 20 знаків (чим довше, тим краще). Макс. довжина -- 64 символи. - Будь ласка, оберіть пароль для прихованого тому. - Выберіть пароль для прихованої операційної системи (т.т. для прихованого тому). - ВАЖЛИВО: Пароль, що ви вибираєте на цьому етапі для для прихованої операційної системи повинен максимально відрізнятися від двох інших паролів (т.б. від паролів для зовнішнього тому і для підставної операційної системи). - Будь ласка, введіть пароль для тому, всередині якого ви бажаєте створити прихований том.\n\nПісля натиснення 'Далі', VeraCrypt спробує монтувати том, потім перегляне карту кластерів змонтованого тому з метою пошуку безперервної вільної ділянки, в кінці якої виявиться кінець тому. В цій області буде міститись прихований том, тобто вона визначає його максимальний розмір. Перегляд карти потрібен для гарантування, що дані у зовнішньому томі не буде перезаписано внутрішнім томом. - \nВиберіть пароль для зовнішнього тому. Це пароль, який ви зможете видати противнику, якщо він змусить вас це зробити.\n\nВАЖЛИВО: Пароль повинен максимально відрізнятися від того, який ви виберете для прихованого тому.\n\nПримітка: максимально довжина пароля - 64 символів. - Виберіть пароль для зовнішнього тому. Це пароль, який ви зможете видати кожному, хто змусить вас повідомити пароль для першого розділу за системним, де будуть знаходитися зовнішній том і прихований том (мвстячий приховану операційну систему). Існування прихованого тому (і прихованої ОС) залишиться в таємниці. Майте на увазі, що цей пароль НЕ для підставної операційної системи.\n\nВАЖЛИВО: Пароль повинен максимально відрізнятися від того, який ви виберете для прихованого тому (т.б. для прихованої операційної системи). - Пароль зовнішнього тому - Пароль прихованого тому - Пароль для прихованої ОС - УВАГА: короткі паролі легко зламати за допомогою технік перебирання!\n\nрекомендовано використовувати паролі з більш ніж 20 знаками.\n\nВи дійсно бажаєте використовувати короткий пароль? - Пароль тому - Невірний пароль, або це не том VeraCrypt. - Невірні файл-ключі та/або пароль, чи це не том VeraCrypt. - Хибний режим монтування, невірний пароль, чи це не том VeraCrypt. - Хибний режим монтування, невірні файл-ключі та/або пароль, чи це не том VeraCrypt. - Невірний пароль, або не знайдено том VeraCrypt. - Невірні файл-ключі/пароль, або не знайдено том VeraCrypt. - \n\nУвага: ввімкнено режим Caps Lock. Зверніть увагу на правильність введення паролю. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nУвага! У шляху пошуку ключових файлів виявлені приховані файли. Приховані файли не можуть бути ключовими. Якщо ви бажаєте використовувати їх як ключові, зніміть у них атрибут 'Прихований' (на кожному з них правою кнопкою миші, виберіть 'Властивості', зніміть прапорець 'Прихований' і натисніть ГАРАЗД). Врахуйте, що приховані файли видно тільки при відповідному системному налаштуванні (Комп'ютер > Сервіс > Параметри тек (Властивості теки) > Вигляд). - Якщо ви намагаєтеся захистити прихований том, що містить приховану систему, перевірте, щоб при введенні пароля для прихованого тому була увімкнена стандартна американська розкладка клавіатури. Це необхідно, тому що даний пароль запитується на етапі дозавантажувальної аутентифікації (до запуску Windows), коли інші розкладки клавіатури недоступні. - Не знайдено ні одного несистемного тому з перерваною операцією шифрування і заголовком, для якого підходить вказаний пароль і/або ключові файли.\n\nПеревірте, чи правильно вказаний пароль і/або ключові файли, і чи не використовується розділ/том системою або додатками (включаючи антивірусне ПЗ). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nПам'ятайте: якщо ви намагаєтесь монтувати розділ, що розміщено на зашифрованому системному пристрої, без початкової аутентифікації або монтувати зашифрований системний розділ операційної системи, яка не запущена, ви можете зробити це обравши 'Система' > 'Монтувати без початкової аутентифікації'. - В цьому режимі ви не можете монтувати розділ, розміщений на диску, частина якого знаходиться в ключових межах шифрування активної системи.\n\nСпочатку ніж ви зможете монтувати цей розділ в данному режимі, потрібно або завантажити операційну систему, встановлену на іншому диску (зашифрованому або ні), або завантажити незашифровану ОС. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Назад - Неможливо показати перелік установлених у системі raw-пристроїв. - Том '%s' існує й призначений лише для читання. Ви дійсно бажаєте його замінити? - Оберіть теку призначення - Оберіть файл-ключ - Оберіть шлях пошуку файл-ключів. УВАГА: запам'ятовується лише шлях, але не імена файлів! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Автори: Ross Anderson, Eli Biham та Lars Knudsen. Опублікований у 1998 р. 256-біт ключ, 128-біт блок. Режим роботи - XTS. Алгоритм Serpent - один з фіналістів AES. - Вкажіть розмір контейнера.\n\nПри створені динамічного ('розтягуючого' по мірі заповнення) контейнера, цей приклад визначає його максимальний розмір.\n\nМнімальний обєм для тома FAT рівний 275 Кб, для тому NTFS -- 2829 Кб. - Вкажіть розмір нового зовнішнього тому (спочатку створюється зовнішній том, а потім всередині нього -- прихований). Мінімально можливий розмір тому, призначеного для створення прихованого тому, складає 305 Кб. - Вкажіть розмір нового зовнішнього тому. Мінімальний розмір прихованого тому дорівнює 23 Кб (або 2701 Кб, якщо якщо він відформатований як NTFS). максимально можливи розмір для вибору розміру прихованого тому показаний вище. - Розмір зовнішнього тому - Розмір прихованого тому - Перевірте правильність розміру вибраного пристрою або розміру і натисніть 'Далі'. - Зовнішній том і прихований том (містячий приховану ОС) будуть розміщені всередині цього розділу. Це повинен бути перший розділ за системним.\n\nПровірте правильність показаних вище розміру і номер розділу,і якщо все рівно, от натисніть 'Далі'. - \n\nТом, всередині якого буде створюватися прихований том, не може бути менше 305 Кб. - Розмір тому - Динамічний - ОБЕРЕЖНО: ПОМИЛКА САМОТЕСТУВАННЯ! - Самотестування усіх алгоритмів виконано - Номер блоку даних, що ви пропонуєте, надто довгий або короткий. - Довжина вторинного ключа, що ви пропонуєте, надто довга або коротка. - Довжина тестового зашифрованого тексту, що ви пропонуєте, надто довга або коротка. - Довжина тестового ключа, що ви пропонуєте, надто довга або коротка. - Довжина тестового тексту, що ви пропонуєте, надто довга або коротка. - Два шифри, що послідовно оперують у режимі XTS. Спочатку кожний блок шифрується %s (%d-біт ключ), а потім %s (%d-біт ключ). Кожний шифр застосовує свій власний ключ. Усі ключі взаємно незалежні. - Три шифри, що послідовно оперують у режимі XTS. Кожний блок спочатку шифрується %s (%d-біт ключ), потім %s (%d-біт ключ), і, нарешті, %s (%d-біт ключ). Кожний шифр застосовує свій власний ключ. Усі ключі взаємно незалежні. - Зверніть увагу, що залежно від конфігурації ОС, функції автозавантаження і автомонтування можуть працювати, тільки якщо файли портативного диску знаходяться на недоступному для запису CD/DVD-носії. Це не помилка VeraCrypt, а обмеження Windows. - Переносний диск VeraCrypt успішно створено.\n\nПам'ятайте, що для завантаження VeraCrypt у портативному режимі необхідно мати права адміністратора. Також врахуйте, що при дослідженні файлу реєстру можна дізнатись, що в системі Windows був завантажений VeraCrypt, навіть якщо він працював у портативному режимі. - Переносний диск VeraCrypt - Автори: Bruce Schneier, David Wagner, John Kelsey, Niels Ferguson, Doug Whiting та Chris Hall. Опублікований у 1998 р. 256-біт ключ, 128-біт блок. Режим роботи - XTS. Twofish - один з фіналістів AES. - Докладніше про %s - Невідомо - Невідома помилка (%d). - Деякі томи містять файли або теки, що використовуються застосунками або системою.\n\nНаполягаєте на розмонтуванні? - Роз&монтувати - Помилка розмонтування! - Том містить файли або теки, що використовуються застосунками або системою.\n\nНаполягаєте на розмонтуванні? - На вказану літеру диску том не змонтовано. - Цей том вже змонтовано. - Помилка при спробі монтування тому. - Помилка пошуку місцезнаходження всередині тому. - Помилка: невірний розмір тому. - УВАГА: Швидке форматування слід використовувати лише, якщо:\n\n1) Пристрій містить випадкові дані (наприклад, вже був непомітно цілком зашифрований)\n2) Ви збираєтесь використовувати одразу все доступне місце\n3) Ви не переймаєтесь безпекою (перевіркою).\n\nВи дійсно бажаєте використовувати Швидке форматування? - Динамічний контейнер - це передрозподілений розкиданий файл NTFS, фізичний розмір якого (місце, що він займає на диску) збільшується в залежності від додавання до нього нових даних.\n\nУВАГА: Продуктивність динамічних контейнерів значно нижче, ніж звичайних. Також врахуйте, що динамічні томи менш надійні, оскільки можна визначити, які з секторів тому не використовуються. Більш того, якщо дані записуются до динамічного контейнеру з недостатнім вільним місцем на файловій хост-системі, зашифрований файл може виявитись пошкодженим.\n\nВи дійсно бажаєте створити динамічний том? - Зважте, що розмір динамічного контейнера, що визначає Windows та VeraCrypt, буде завжди дорівнювати його максимальному розміру. Щоб виявити поточний фізичний розмір контейнера (місце на диску, що він займає), клацніть правою кнопкою миші на файлі-контейнері (у вікні Провідника, а не у VeraCrypt!), оберіть пункт 'Властивості' та знайдіть значення 'На диску'. - Кеш паролів очищено - Паролі (та/або оброблений вміст ключовий файл), що зберігаються в кеші драйвера VeraCrypt було знищено. - VeraCrypt не може змінити пароль для стороннього тому. - Оберіть із переліку вільну літеру диску. - Оберіть у переліку літер дисків змонтований том. - Обрано два різних змонтованих томи (один в списку літер дисків, інший в полі введення нижче списку).\n\nВкажіть том, який ви хотіли б вибрати: - Помилка: неможливо створити autorun.inf - Помилка обробки файл-ключа. - Помилка обробки шляху файл-ключа. - На шляху до ключових файлів немає файлів.\n\nЗверніть увагу, що теки (і файли у них), знайдені в шляхах пошуку ключових файлів, ігноруються. - VeraCrypt не працює в цій операційній системі. - Помилка: VeraCrypt підтримує лише стабільні (не бета) версії цієї операційної системи. - Помилка: неможливо розподілити пам'ять. - Помилка: неможливо відновити значення лічильника продуктивності. - Помилка: формат тому не визначено. - Помилка! Ви вказали пароль для прихованого тому (а не для звичайного тому). - Вцілях безпеки, прихований том неможна створити всередині тома VeraCrypt, містячого файлову систему, зашифровану 'на місці' (оскільки вільне місце такого тому не було заповнено випадковими даними). - VeraCrypt - Правова інформація - Всі файли - Томи VeraCrypt - Бібліотечні модулі - Продовження NTFS-форматування неможливе. - Неможливо монтувати том. - Неможливо розмонтувати том. - Помилка NTFS-форматування.\n\nБудь ласка, оберіть іншу файлову систему (якщо можливо) та спробуйте ще. В іншому випадку, можна залишити том неформатованим (оберіть 'None' за файлову систему), вийдіть з цього Майстра, змонтуйте том та використайте системну або сторонню програму для форматування цього тому (том залишиться зашифрованим). - Windows не вдалось форматувати том як NTFS.\n\nЧи бажаєте замість цього форматувати том як FAT? - За умовчанням - розділ - РОЗДІЛ - Пристрій - пристрій - ПРИСТРІЙ - Том - том - ТОМ - Ярлик - Для цього тому обрано занадто малий розмір кластерів. Будуть використані кластери більшого розміру. - Помилка: неможливо отримати розмір тому.\n\nПеревірте, чи не використовується обраний том системою або будь-якою програмою. - Прихований том не слід створювати всередині динамічного контейнеру. Для досягнення правдоподібності, прихований том слід створювати всередині звичайного тому. - Майстер створення тому VeraCrypt може створити прихований том лише всередині FAT чи NTFS тому. - В Windows 2000 Майстер створення тому VeraCrypt може створити прихований том лише всередині FAT тому. - Примітка: для зовнішніх томів більше підходить система FAT, ніж NTFS (наприклад, максимальний розмір прихованого тому майже завжди буде значно більшим, якщо зовнішній том відформатований як FAT). - Зверніть увагу, що для зовнішніх томів більше підходить система FAT, ніж NTFS. Наприклад, максимальний розмір прихованого тому майже завжди буде значно більшим, якщо зовнішній том відформатований як FAT (оскільки NTFS завжди зберігає внутрішні дані точно в центрі тому і оскільки прихований том може знаходитися тільки в другій половині зовнішнього тому).\n\nВи впевнені, що хочете відформатувати зовнішній том як NTFS? - Хочете замість цього відформатувати том як FAT? - Примітка: цей том не можна відформатувати в FAT, тому, що його розмір більше, ніж допускає файлова система FAT32 для відповідного розміру секторів (2 Тбайт для 512-байт секторів і 16 Тбайт для 4096-байт секторів). - Помилка! Розділ для прихованої операційної системи (т.б. для першого розділу за системним) в крайньому випадку повинен бути на 5% більше системного розділу (системний розділ -- той, де встановлена виконуюча зараз ОС). - Помилка! Розділ для прихованої операційної системи (тобто для першого розділу за системним) повинен бути принаймні на 110% (в 2,1 рази) більше системного розділу (системний розділ - той, де встановлена виконує зараз ОС). Причина в тому, що файлова система NTFS завжди зберігає внутрішні дані точно в центрі томи, і тому прихований том (в якому має міститися клон системного розділу) може розташовуватися тільки в другій половині зовнішнього томи. - Помилка! Якщо зовнішній том відформатований як NTFS, він повинен бути принаймні на 110% (в 2,1 рази) більше системного розділу. Причина в тому, що файлова система NTFS завжди зберігає внутрішні дані точно в центрі тому, і тому прихований том (в якому повинен знаходитися клон системного розділу) може знаходитися тільки в другій половині зовнішнього тому.\n\nПримітка: зовнішній том повинен знаходитися в тому ж розділі, що і прихована операційна система (т.б. в першому розділі за системним). - Помилка! Немає розділів за системним розділом.\n\nПерш ніж можна буде створити приховану операційну систему, потрібно створити для неї розділ на системному диску. Цей розділ повинен бути першим за системним, і він повинен бути принаймні на 5% більший системного роділу (т.б. того, де встановлена запущена зараз ОС). Однак якщо зовнішній том (не путайте з системним розділом) відформатований як NTFS, розділ для прихованої ОС повинен бути неменше, ніж на 110% (в 2,1 раза) більший системного (причина в тому, що файлова система NTFS завжди зберігає внутрішні данні точно в центрі тому, тому прихований том, який повинен містити клон системного розділу, може знаходитися тільки в другій половині розділу). - Замітка: непрактично (тому це не підтримується) встановлювати операційні системи в два томи VeraCrypt, вмонтованих в один розділ, оскільки при використанні зовнішньої ОС часто потрібно записувати дані в область внутрішньої ОС (а якщо таким операціям запису запобігати з допомогою функції захисту прихованих томів, то це може призвести до краху системи, т.б. до 'синього екрану смерті'). - Інформацію про створення і управління розділами дв. в документації до вашої операційної системи, або проконсольтуйтеся в службі техпідтримки постачальника вашого обладнання. - Помилка! Виконуюча в данний момент операційна система встановлена не в загрузочному розділі (першому розділі з поміткою 'Активний'). Це не підтримується. - Ви вказали, що збираєтеся зберігати в цьому томі VeraCrypt файли розміром більше 4 Гбайт, але при цьому вибрали файлову систему FAT, в якій збереження файлів обємом 4 Гбайт не підтримується.\n\nВи дійсно хочете відформатувати зовнішній том як FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Помилка! Немає доступу до тому.\n\nПеревірте, чи існує цей том, чи не змонтований він, не використовіється системою або якоюсь програмою, якій ви дали права читання/запису цього тому, і чи не захищений він від запису. - Error: Cannot obtain volume properties. - Помилка! Немає доступу до тому і/або неможливо получити відомості про том.\n\nПеревірте, чи існує вибраний том, чи не використовується він системою або додатками, чи є увас права для читання/запису цього тому, і чи не захищений том від запису. - Помилка! Немає доступу до тому і/або неможливо отримати відомості про том. Перевірте, чи існує вибраний том, чи не використовується він системою або додатками, чи є увас права для читання/запису цього тому, і чи не захищений том від запису.\n\nЯкщо проблема не вирішується, попробуйте виконати кроки, вказані нижче. - Зашифрувати розділ не вдалося через помилку. Спробуйте вирішити всі вказані проблеми і повторіть спробу. Якщо проблеми не вирішуються, спробуйте виконати дії, вказані нижче. - Продовжити процес шифрувння розділу не вдалося через помилку.\n\nСпробуйте усунути всі раніше вказані прблми і знову продовжити процес шифрування. Том неможливо монтувати до тих пір, поки він не буде повністю зашифрований. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Помилка: неможливо розмонтувати зовнішній том.\n\nТом неможна розмонтувати, якщо він містить файли або теки, що використовуються будь-яким застосунком або системою.\n\nЗакрийте всі такі застосунки й натисніть 'Повторити'. - Помилка: неможливо отримати інформацю про зовнішній том! Створення тому не може бути продовжено. - Помилка: немає доступу до зовнішнього тому. Продовження створення тому неможливе. - Помилка: неможливо монтувати зовнішній том. Створення тому не може бути продовжено. - Помилка: неможливо отримати карту кластерів тому. Створення тому не може бути продовжено. - За абеткою/категоріями - Середня швидкість (спадання) - Алгоритм - Шифрування - Дешифрування - Середня - Диск - Розмір - Алгоритм шифрування - Алгоритм шифрування - Тип - Значення - Властивість - Розміщення - байт(і,ів) - Прихований - Зовнішній - Звичайний - Системний - Прихований (системный) - Лише для читання - Системний пристрій - Системний пристрій (шифрування - виконано %.2f%%) - Системний пристрій (розшифрування - виконано %.2f%%) - Системний пристрій (%.2f%% зашифровано) - Системний розділ - Прихований системний розділ - Системний розділ (шифрування - виконано %.2f%%) - Системний розділ (розшифрування - виконано %.2f%%) - Системний розділ (%.2f%% зашифровано) - Так (захист від пошкоджень!) - Ні - Довжина першого ключа - Довжина другого ключа (XTS-режим) - довжина Tweak-ключа (LRW-режим) - біт(и,ів) - Розмір блоку - PKCS-5 PRF - Кількість ітерацій PKCS-5 - Том створено - Остання зміна заголовку - (%I64d днів потому) - Версія формату тому - Вмонтована копія заголовку - VeraCrypt Завантажувач версії - Перший доступний - Змінний диск - Жорсткий диск - Не змінювати - Autodetection - Режим Майстра встановлення - Виберіть режим. Якщо не знаєте, який вибрати, використовуйте запропонований. - Оберіть цю опцію, якщо бажаєте встановити або поновити VeraCrypt на цій системі. - Примітка: оновлення можна виконати без розшифровки даних, навіть якщо зашифрований системний розділ/диск або використовується прихована операційна система. - Якщо ви оберете цю опцію, усі файли буде видобуто, але нічого не буде встановлено в цій системі. Не обирайте цієї опції, якщо ви збираєтесь зашифрувати системний розділ/пристрій. Обрання цієї опції може буде корисним, якщо ви бажаєте, наприклад, запустити VeraCrypt у так званому портативному (портативному) режимі. VeraCrypt не буде встановлено в операційній системі, в який його запущено. Після видобування усіх файлів, ви можете просто запустити отриманий файл 'VeraCrypt.exe' (тоді VeraCrypt буде запущено у портативному режимі). Також ви можете перемістити видобуті файли на інший комп'ютер. - Опції встановлення - Тут можна змінити різні опції, які контролюють процес встановлення. - Встановлення - Будь ласка, зачекайте, поки VeraCrypt не буде встановлено. - VeraCrypt успішно встановлено - VeraCrypt успішно оновлено - Будь ласка, зверніть увагу, зробивши внесок. Ви можете в будь-який час натисніть кнопку Готово, щоб закрити програму установки. - Опції видобування - Тут можна змінити різні опції, які контролюють процес видобування. - Будь ласка, зачекайте, поки файли не буде видобуто. - Видобування завершено - Усі файли успішно видобуто до теки призначення. - Якщо зазначена тека відсутня, вона буде автоматично створена. - Файли програми VeraCrypt будуть модернізовані в місці, де встановлений VeraCrypt. Якщо вам потрібно вибрати інше місце, перш за все видаліть VeraCrypt. - Чи бажаєте переглянути інформацію про поточну (останню стабільну) версію VeraCrypt? - Якщо ви ще не користувались VeraCrypt, рекомендовано прочитати главу для початківців Посібника Користувача VeraCrypt. Відкрити Посібник? - Будь ласка, оберіть подальшу дію з наступного: - Ремонтувати/Перевстановити - Оновити - Видалити - Для встановлення/видалення VeraCrypt необхідні права Адміністратора. Бажаєте продовжити? - В этой системе сейчас запущен инсталлятор VeraCrypt. Он выполняет/готовит установку или обновление VeraCrypt. Дождитесь завершения его работы или закройте его. Если закрыть инсталлятор не получается, перезагрузите комп'ютер и лишь потом продолжите. - Невдале встановлювання. - Невдале видалення. - Цей файл встановлення пошкоджено. Будь ласка, спробуйте завантажити його знову (рекомендовано з офіційної сторінки VeraCrypt на https://veracrypt.codeplex.com). - Неможливо записати файл %s - Видобування - Неможливо прочитати дані з файлу встановлювання. - Неможливо перевірити цілісність цього файлу встановлювання. - Невдале видобування. - Встановлення має повернутись назад. - Програму VeraCrypt успішно встановлено. - Программа VeraCrypt успешно обновлена. - VeraCrypt було відновлено до нової версії. Перед початком її використання, комп'ютер потрібно перезавантажити.\n\nБажаєте перезавантажити зараз? - Помилка оновлення VeraCrypt!\n\nВАЖЛИВО: Наполегливо рекомендується до завершення роботи або перезавантаження ОС скористатися функцією відновлення системи ('Пуск > Програми > Стандартні > Службові > Відновлення системи') і повернути систему в точку 'VeraCrypt installation'. Якщо функція 'Відновлення системи' недоступна, спробуйте знову встановити вихідну або нову версію версію VeraCrypt до завершення або перезавантаження системи. - Програму VeraCrypt успішно видалено.\n\nНатисніть 'Завершити' для видалення встановлювача VeraCrypt та теки %s. Пам'ятайте, що тека не буде видалена, якщо вона містить будь-які файли не встановлені встановлювачем VeraCrypt або самим VeraCrypt. - Видалення з реєстру ключів VeraCrypt - Додавання запису до реєстру - Видалення даних, що відносяться до VeraCrypt - Встановлення - Припинення - Видалення - Додавання значка - Створення точки відновлення системи - Помилка створення точки відновлення системи. - Оновлення завантажувача - Не вдалося встановити '%s'. %s Бажаєте продовжити встановлення? - Не вдалося видалити '%s'. %s Бажаєте продовжити видалення? - Встановлення завершено. - Не вдалося створити теку '%s' - Драйвер пристроїв VeraCrypt не можливо вимкнути.\n\n Будь ласка, закрийте всі відкриті вікна VeraCrypt. Якщо це не допоможе, перезавантажте Windows та спробуйте ще. - Перед встановленням або перевстановленням VeraCrypt, всі томи мають бути розмонтовані. - В цій системі встановлено застарілу версію VeraCrypt. Перед встановленням нової версії потрібно видалити стару.\n\nОдразу, як ви закриєте це вікно, буде запущено програму видалення старої версії. Після видалення старої версії VeraCrypt, знову запустіть встановлювач нової версії. - Помилка запису до реєстру - Помилка встановлення драйвера пристроїв. Будь ласка, перезавантажте Windows та спробуйте ще раз встановити VeraCrypt. - Завантаження драйвера VeraCrypt - Невдале видалення драйвера пристроїв. Будь ласка пам'ятайте, в залежності від версії Windows, можливо знадобиться завершити сеанс або перезавантажити систему для того, щоб можна було видалити або еревстановити драйвер пристроїв. - Встановлення драйвера VeraCrypt - Припинення драйвера VeraCrypt - Видалення драйвера VeraCrypt - Невдала реєстрація бібліотек підтримки User Account Control. - Невдале зняття реєстрації бібліотек підтримки User Account Control. - Зауваження щодо портативного режиму:\n\nБудь ласка, зверніть увагу, що операційна система вимагає, драйвери реєструються, перш ніж вони можуть бути запущені. Таким чином, драйвер VeraCrypt не є (і не може бути), повністю мобільним (у той час як VeraCrypt програми повністю портативний, тобто вони не повинні бути встановлені і зареєстровані в операційній системі). Також відзначимо, що VeraCrypt потрібен драйвер, щоб забезпечити прозоре на льоту шифрування/дешифрування. - !!! Если вы решили запустить VeraCrypt в переносном режиме (а не как нормально установленную в ПК программу), система будет спрашивать вашего разрешения на выполнение (функция контроля учётных записей, UAC) при каждом запуске VeraCrypt.\n\nПричина в том, что при запуске VeraCrypt в переносном режиме требуется загружать и выполнять драйвер VeraCrypt. Этот драйвер нужен VeraCrypt для прозрачного, выполняемого 'на лету' шифрования/дешифрования, а пользователи без прав администратора запускать драйверы в Windows не могут. Поэтому система будет спрашивать у вас разрешения на запуск VeraCrypt с привилегиями администратора (UAC).\n\nОбратите внимание, что при установке (инсталляции) VeraCrypt в систему (в отличие от запуска VeraCrypt в переносном режиме), система НЕ будет запрашивать вашего разрешения при каждом запуске VeraCrypt.\n\nВы действительно хотите только извлечь файлы? - Попередження: Цей розділ тому Створений майстром має права адміністратора.\n\nВаші нові томи можуть бути створені з дозволами, які не дозволять вам звернутися до обсягу, коли воно встановлено. Якщо ви хочете уникнути цього, закрийте цей екземпляр тому Майстер створення та запуску нового без привілеїв адміністратора.\n\nВи хочете, закрити цей екземпляр тому Створений майстром? - Помилка: неможливо відобразити ліцензію. - Зовнішній(!) - дн. - рік - хв - c - Відкрити - Розмонтувати - Показати VeraCrypt - Приховати VeraCrypt - Зчитано дані після монтування - Записано дані після монтування - Зашифровано - 100% (повністю зашифровано) - 0% (не зашифровано) - %.3f%% - 100% - Очікування - Підготовка - Зміна розміру - Шифрація - Дишифрація - Завершення - Павза - Завершено - Помилка - Пристрій вимкнено - Системні обрані томи збережені.\n\nДозволити монтування цих томів при старті системи, виберіть 'Опції' > 'Системні обрані томи' > 'Монтувати системні обрані томи при старті Windows'. - Доданий в обране том не є ні розділом, ні динамічним томом. Тому VeraCrypt не зможе змонтувати цей обраний том, якщо зміниться число пристроїв. - Доданий в обране том це розділ, не розпізнаний Windows.\n\nVeraCrypt не зможе змонтувати цей обраний том, якщо зміниться число пристроїв. Задайте тип розділу, розпізнається Windows (використовуйте команду SETID в Windows-утиліті 'DiskPart'), потім знову додайте розділ в список обраного. - Фонова робота VeraCrypt вимкнена або налаштована на припинення при відсутності змонтованих томів (або VeraCrypt запущений в портативному режимі). Це може перешкодити автомонтуванню обраних томів при підключенні пристроїв, на яких вони розташовані.\n\n!!Щоб увімкнути фонове виконання VeraCrypt, увімкніть вікно налаштувань програми і відзначте параметр 'Увімкнено' в полі 'Робота VeraCrypt у фоновому режимі'. - Автомонтування контейнера, розташованого в мережевій файловоій системі, при підключенні його хост-пристрій неможливий. - Зазначений пристрій - не розділ і не динамічний том. Тому при підключенні цього пристрою автомонування розташованого на ньому тома неможливе. - Привласніть показаному нижче розділу тип, розпізнається Windows (використовуйте команду SETID в Windows-утиліті 'DiskPart'). Потім видаліть розділ зі списку обраних і додайте його знову. Цим ви дозволите тому на основі пристрою автоматично монтуватися при підключенні пристрою. - Зазначений пристрій - не розділ і не динамічний том. Тому присвоїти йому мітку неможливо. - Привласніть показаному розділу тип, розпізнається Windows (використовуйте команду SETID в Windows-утиліті 'DiskPart'). Потім видаліть розділ зі списку обраних і додайте його знову. Це дозволить VeraCrypt присвоїти розділу позначку. - Через системні обмеження Windows контейнер, що знаходиться у віддаленій мережевій файловій системі, не можна монтувати як обраний системний том (але його можна змонтувати як несистемний обраний том при вході користувача в свій обліковий запис). - Введіть пароль для %s - Уведіть пароль для '%s' - Введіть пароль для звичайного/зовнішнього тому - Введіть пароль для прихованого тому - Введіть пароль для заголовку в файлі резервної копії - Файл-ключ успішно створено. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - УВАГА: Заголовок цього тому пошкоджений! VeraCrypt автоматично задіяв резервну копію заголовку, вмонтовану в том.\n\nВам потрібно виправити заголовок, вибравши 'Сервіс' > 'Відновити заголовок тому'. - Резервну копію заголовку тому успішно створено.\n\nВАЖЛИВО: при відновленні заголовку з цієї резерної копії також буде відновлено і поточний пароль тому. Більш того, якщо для монтування тому потрібні файл-ключі, після відновлення заголовку з копії для монтування тому будуть потрібні ті ж файл-ключі.\n\nУВАГА: ця резервна копія заголовку тому може бути використована для відновлення заголовку ЛИШЕ цього конкретного тому. Якщо ви використаєте цю резервну копію для відновлення заголовку інших томів, ви зможете монтувати такі томи, але НЕ зможете розшифрувати будь-яку інформацію з нього (тому що зміниться головний ключ). - Заголовок тому успішно відновлений.\n\nВАЖЛИВО: майте на увазі, що разом із заголовком також міг бути відновлений і колишній пароль. Більш того, якщо на момент створення резервної копії для монтування тому були потрібні файл-ключі, ці ж файл-ключі знадобляться для монтування цього тому й зараз. - В цілях безпеки вам буде потрібно ввести для цього тому правильний пароль (та/або надати коректні ключові файли).\n\nПримітка: якщо в цьому томі міститься прихований тому, спочатку потрібно ввести правильний пароль (та/або надати коректні ключові файли) для зовнішнього томи. Потім, якщо ви вибрали резервне копіювання заголовка прихованого томи, потрібно буде вказати правильний пароль (та/або надати коректні ключові файли) для прихованого томи. - Ви дійсно хочете створити резервну копію заголовка томи для %s?\n\nЯкщо виборі 'Так' вам буде потрібно вказати ім'я файлу для резервної копії заголовка.\n\nПрімечаніе: обидва заголовка - для звичайного і прихованого томів - будуть повторно зашифровані з використанням нової 'солі' і збережені у файлі резервної копії. Якщо всередині цього тому немає прихованого томи, область, зарезервований в резервної копії під заголовок прихованого томи, буде заповнена випадковими даними (для збереження можливості правдоподібного заперечення). При відновленні заголовка томи з файлу резервної копії вам буде потрібно ввести правильний пароль та/або надати коректні ключові файли, дійсні на момент створення резервної копії заголовка томи. За паролем (та/або ключовим файлів) також буде автоматично визначатися тип заголовка том для відновлення - звичайний або прихований (врахуйте, що VeraCrypt визначає тип методом проб і помилок). - Ви дійсно бажаєте відновити заголовок тому %s?\n\nУВАГА: при відновленні заголовку також буде відновлений пароль тому, що діяв на момент створення резервної копії. Більш того, якщо на момент створення резервної копії для монтування тому були потрібні файл-ключі, після відновлення заголовку для монтування цього тому знадобляться ці ж файл-ключі.\n\nНатисніть 'Так', щоб обрати файл з резервною копією заголовку. - Чи є в томі прихований том? - В томі є прихований том - В томі немає прихованого тому - Оберіть потрібний вам тип резервної копії заголовка тому: - Відновити заголовок тому із копії, вмонтованої в том - Відновити заголовок тому із зовнішнього файлу резервної копії - Невірний розмір файлу з резервною копією заголовка тому. - В цьому томі немає вмонтованої копії заголовку (вмонтовані копії заголовків містять тільки томи, створені VeraCrypt 6.0 або новіша). - Ви намагаєтесь зробити резервну копію заголовку системного розділу/пристрою. Це не дозволено. Резервні/відновлювальні операції з системним розділом/пристроєм можуть бути здійснені лише за допомогою Диску Відновлення VeraCrypt.\n\nВи бажаєте створити Диск Відновлення VeraCrypt? - Ви намагаєтесь відновити заголовок віртуального тому VeraCrypt, але ви обрали системний розділ/пристрій. Це не дозволено. Резервні/відновлювальні операції з системним розділом/пристроєм можуть бути здійснені лише за допомогою Диску Відновлення VeraCrypt.\n\nВи бажаєте створити Диск Відновлення VeraCrypt? - Після натискання 'Добре', вам потрібно обрати ім'я файлу для ISO-образу нового Диску Відновлення VeraCrypt та шляху його розміщення. - Образ Диску Відновлення створено та збережено у файлі: %s\n\nЗараз вам потрібно записати Диск Відновлення на CD або DVD.\n\nВАЖЛИВО: пам'ятайте, що файл потрібно записати на CD/DVD як ISO-образ (а не як окремий файл). Більш докладніше про те, як це зробити, наведено у документації вашого CD/DVD-записувального програмного забезпечення.\n\nПісля запису Диску Відновлення, оберіть 'Система' > 'Перевірити Диск Відновлення', щоб перевірити чи коректно записано Диск Відновлення. - Образ диска відновлення створений і збережений у файлі:%s\n\nЗараз вам потрібно записати цей образ на CD або DVD.\n\nБажаєте запустити програму запису оптичних дисків Windows?\n\nЗаписавши диск відновлення на CD/DVD, виберіть 'Система' > 'Перевірити диск відновлення', щоб переконатися в коректності запису створеного диска. - Будь ласка, вставте Диск Відновлення VeraCrypt у CD/DVD-пристрій та натисніть 'Добре' для перевірки. - Диск Відновлення VeraCrypt успішно перевірено. - Неможливо перевірити чи коректно записано Диск Відновлення.\n\nЯкщо у вас є записаний Диск Відновлення, будь ласка, дістаньте, вставте CD/DVD; потім спробуйте ще. Якщо це не допоможе, будь ласка спробуйте іншу CD/DVD-записувальну програму та/або носій.\n\nЯкщо ви захочете перевірити Диск Відновлення VeraCrypt, створений з іншим головний ключем, паролем, "сіллю" тощо, будь ласка пам'ятайте, що перевірка такого Диску Відновлення завжди буде невдалою. Щоб створити новий Диск Відновлення повністю сумісний з вашою поточною конфігурацією, оберіть 'Система' > 'Створити Диск Відновлення'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Помилка створення Диску Відновлення VeraCrypt. - Диск відновлення VeraCrypt неможна створити при запущеній прихованій операційній системі.\n\nЩоб створити диск відновлення, завантажте підставну операційну систему, а потім виберіть 'Система' > 'Створити диск відновлення'. - Неможливо перевірити чи коректно записано Диск Відновлення.\n\nЯкщо у вас є записаний Диск Відновлення, будь ласка, вставте в CD/DVD; потім натисніть 'Далі' для наступної спроби. Якщо це не допоможе, будь ласка спробуйте іншу CD/DVD-записувальну програму та/або носій.%s\n\nЯкщо у вас ще немає записаного Диску Відновлення, будь ласка, запишіть його та потім натисніть 'Далі'.\n\nЯкщо ви захочете перевірити Диск Відновлення VeraCrypt, створений перед запуском цього майстра, будь ласка памятайте, що такий Диск Відновлення не можна використовувати, тому що він створений з іншим головним ключем. Вам потрібно записати заново створений Диск Відновлення. - та/або інше програмне забезпечення для запису CD/DVD - VeraCrypt - Системні обрані томи - Що таке системні обрані томи? - Системний розділ/диск не зашифрований.\n\nСмстемні обрані томи можна монтувати тільки за допомогою пароля дозавантажоючої аутентифікації.\nТому якщо ви бажаєте використовувати системні обрані томи, спочатку зашифруйте системний розділ/диск. - Перед продовженням, розмонтуйте том. - Помилка: неможливо встановити таймер. - Перевірка файлової системи - Ремонт файлової системи - Додати до обраного... - Додати до Обраного системи... - Вла&стивості - Прихований том захищено - Н/П - Так - Ні - Вимкнено - 1 - 2 або більше - Режим операції - Мітка: - Розмір: - Шлях: - Буква диска: - Помилка: Пароль повинен містити лише символи стандартного набору ASCII.\n\nСимволи не з набору ASCII можуть призвести до неможливости монтування тому після зміни настроювань у конфигурації системи.\n\nДозволяється використовувати наступні символи:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Увага: пароль містить не ASCII символи. Це може призвести до неможливості монтування тому після зміни конфигурації системи.\n\nВам слід замінити всі не ASCII символи у паролі на символи ASCII. Для цього оберіть меню 'Томи' -> 'Змінити пароль тому'.\n\nСимволами ASCII є:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - УВАГА: рекомендовано уникати розширень файлів, що використовуються як виконавчі (такі як .exe, .sys, або .dll) або інші подібні проблемні розширення. Використання таких розширень часто провокує Windows та антивірусні програми до втручання до контейнеру, що негативно впливає на продуктивність тому та може викликати інші серьйозні проблеми.\n\nрекомендовано прибрати такі розширення або змінити їх (наприклад, на .raw, .iso, .img, .dat, або .rnd).\n\nВи дійсно бажаєте використовувати проблемні файлові розширення? - УВАГА: цей контейнер має розширення, що використовується як виконавче (таке як .exe, .sys, або .dll) або інше подібне проблемне розширення. Цілком ймовірно, що це зпровокує Windows та антивірусні програми до втручання до контейнеру, що негативно вплине на продуктивність тому та може викликати інші серьйозні проблеми.\n\nрекомендовано прибрати розширення цього контейнеру або змінити його (наприклад, на .raw, .iso, .img, .dat, або .rnd) після розмонтування тому. - Домашня сторінка - УВАГА: в системі не встановлено жодного пакету оновлень (Service Pack) Windows. Якщо в Windows XP не встановлений Service Pack 1, не слід здійснювати запис на диски IDE об'ємом більше 128 Гб, інакше можливе пошкодження даних (неважливо, чи відносяться вони до тому VeraCrypt чи ні). Це - обмеження Windows, а не помилка у VeraCrypt. - УВАГА: в системі не встановлено пакет оновлень Windows Service Pack 3. Якщо у Windows 2000 не встановлений Service Pack 3, не слід здійснювати запис на диски IDE об'ємом більше 128 Гб, інакше можливе пошкодження даних (неважливо, чи відносяться вони до тому VeraCrypt чи ні). Це - обмеження Windows, а не помилка у VeraCrypt. Крім того, потрібно включити в реєстрі підтримку 48-біт адресації LBA; детальніше див. на http://support.microsoft.com/kb/305098/EN-US - УВАГА: в системі не ввімкнено підтримку 48-біт LBA ATAPI. Тому ви не зможете записати на IDE диск більше ніж 128 ГБ! Якщо продовжити, дані на диску (не має значення чи це том VeraCrypt, чи ні) можуть пошкодитись. Це - обмеження Windows, а не VeraCrypt.\n\nЩоб ввімкнути підтримку 48-біт LBA, додайте параметр реєстру 'EnableBigLba' до ключа реєстру HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters та встановіть його значення рівним 1.\n\nБільш детальніше дивіться http://support.microsoft.com/kb/305098 - ПОМИЛКА: Файли обсягом більше 4 Гб не можна зберігати у файловій системі FAT32. Тому томи VeraCrypt на основі файлів (контейнери), що зберігаються у файловій системі FAT32, не можуть бути більше 4 Гб.\n\nЯкщо вам потрібен тому більшого обсягу, створіть його в системі NTFS (або, якщо ви користуєтеся Windows Vista SP1 або новіше, у файловій системі exFAT), або замість створення томи на основі файлу зашифруйте весь розділ диска. - УВАГА: Windows XP не підтримує файли більше 2048 Гб (повідомляючи про нестачу вільного місця). Тому томи VeraCrypt на основі файлів (контейнери) обсягом понад 2048 Гб в середовищі Windows XP створювати не можна.\n\nАле, в Windows XP можна зашифрувати диск цілком або створити том VeraCrypt на основі розділу розміром більш 2048 Гб. - УВАГА: якщо вам потрібно згодом додавати до зовнішнього тому ще дані/файли, слід подбати про зменшення розміру прихованого тому.\n\nВи бажаєте продовжити й використовувати зазначений вами розмір? - Не обрано том.\n\nНатисніть кнопку 'Пристрій...' або 'Файл...' та оберіть том VeraCrypt. - Не обрано розділ.\n\nНатисніть 'Пристрій...' та оберіть розмонтований розділ, що зазвичай вимагає початкової аутентифікації (наприклад, розділ на зашифрованому системному пристрої іншої операційної системи, що не запущено, або зашифрований системний розділ іншої операційної системи).\n\nПам'ятайте: обраний розділ буде змонтовано як звичайний том VeraCrypt без початкової аутентифікації. Це може знадобитись, наприклад, для створення резервної копії або ремонту. - УВАГА: якщо встановлено й активовано файл-ключі за умовчанням, монтувати томи, що не використовують їх, буде неможливо. Тому після активації файл-ключів за умовчанням не забувайте знімати прапор 'Файл-ключі' (під полем введення паролю) щоразу при монтуванні таких томів.\n\nВи дійсно бажаєте зберегти обрані файл-ключі/шляхи як такі, що використовуються за умовчанням? - Автомонтування пристроїв - Розмонтувати все - Очистити кеш - Розмонтувати все & Очистіть кеш - Розмонтувати все й очистити кеш - Розмонтувати все, очистити кеш і вийти - Монтувати вибрані томи - Показати/приховати головне вікно VeraCrypt - (клацніть тут і натисніть клавішу) - Дія - Швидкий виклик - Помилка: ця гаряча клавіша зарезервована. Оберіть іншу. - Помилка: ця гаряча клавіша вже використовується. - Увага: одна або більше гарячих клавіш не працює!\n\nБудь ласка, переконайтесь, що інший застосунок або операційна система не використовують їх. - Створення файлу довантаження попереджено.\n\nЗверніть увагу, що через властивості Windows файли довантаження не можуть розташовуватися на несистемних томах VeraCrypt (включаючи обрані системні томи). VeraCrypt підтримує створення файлів довантаження тільки на зашифрованому системному розділі/диску. - Через помилку або несумістність VeraCrypt не може зашифрувати файл сплячого режиму (hibernation). Тому сплячий режим відключений.\n\nПримітка: коли комп’ютер переходити в режим сну (або в режим очікування), місткість його системної памяті записується на жорсткий диск в файл з даними сплячого режиму. VeraCrypt не може припинити збереження відкритих в ОЗП ключів шифрування і місткості важливих файлів в незашифрованому вигляді в файлі з даними сплячого режиму. - Гібернація скасована.\n\nVeraCrypt не підтримує гібернацію прихованих операційних систем, що використовують додатковий завантажувальний розділ. Врахуйте, що завантажувальний розділ використовується як підставною, так і прихованою системами. Тому для запобігання витоку даних і проблем при виході з глибокого сну VeraCrypt заборонив прихованоій системі запис до загального завантажувального розділу і гібернацію. - Том VeraCrypt, змонтований як%c:, розмонтовано. - Усі змонтовані томи VeraCrypt розмонтовано. - Всі томи VeraCrypt розмонтовані, кеш паролів очищено. - Успішно розмонтовано - УВАГА: якщо вимкнути роботу VeraCrypt у фоновому режимі, то при кожному виході з програми будуть вимкнені наступні функції:\n\n1) Гарячі клавіши\n2) Автоматичне розмонтування (наприклад, при виході з системи, випадковому вимкненню зв'язку з пристроєм, таймауті тощо)\n3) Попередження (наприклад, про запобігання пошкодження прихованого тому)\n4) Значок у системному треї\n\nПримітка: фоновий режим можна завершити у будь який момент, клацнувши\nправою кнопкою миші на значку VeraCrypt у системному треї й обравши пункт 'Вихід'.\n\n\nВи дійсно бажаєте заборонити роботу VeraCrypt у фоновому режимі? - УВАГА: якщо вимкнути цей параметр, буде неможливо автоматично розмонтовувати томи, що містять відкриті файли/теки.\n\nВи дійсно бажаєте вимкнути цей параметр? - УВАГА: томи з відкритими файлами/теками НЕ будуть автоматично розмонтовуватись.\n\nЩоб уникнути цього, ввімкніть у цьому вікні наступний параметр: 'Авторозмонтовувати томи навіть при відкритих файлах/теках' - УВАГА: Якщо рівень заряду батареї в ноутбуці малий, Windows може нехтувати відправкою відповідних повідомлень в виконувану програму при вході комп'ютера в енергозберігаючий режим. Тому в таких випадках авторозмонтування томів у VeraCrypt може не спрацювати. - Ви запланували шифрування розділу/тому. Цей процес покищо не завершений.\n\nБажаєте поновити процес зараз? - Ви запланували шифрування або дешифрування системного розділу/диску. Цей процес покищо не завершений.\n\nБажаєте почати (продовжити) процес зараз? - Видавати запит про те, чи бажаєте ви продовжити заплановані в даний момент операції шифрування несистемних розділів/томів? - Так, запитати - Ні, не запитувати - ВАЖЛИВО: Не забувайте, що ви можете продовжити шифрування будь-якого несистемного розділу/тому, вибравши в меню головного вікна VeraCrypt пункт 'Том' > 'Продовжити перерваний процес'. - Ви запланували шифрування або розшифрування системного розділу/пристрою. Проте, відбулась невдала початкова аутентифікація (або її було проігноровано).\n\nПам'ятайте: якщо ви розшифровували системний розділ/пристрій у передзавантажувальному оточенні, можливо вам потрібно завершити цей процес, обравши 'Система' > 'Назавжди розшифрувати системний розділ/пристрій' у меню головного вікна VeraCrypt. - УВАГА: якщо закрити VeraCrypt зараз, будуть відключені наступні функції:\n\n1) Гарячі клавіши\n2) Автоматичне розмонтування (наприклад, при завершенні сеансу, випадковому вимкненню зв'язку з пристроєм, таймауті тощо)\n3) Попередження (наприклад, про запобігання пошкодження прихованих томів)\n\nПам'ятайте: якщо ви не бажаєте, щоб після закриття вікна VeraCrypt програма продовжувала працювати на задньому плані, вимкніть фоновий режим у настроюваннях (і, якщо необхідно, вимкніть у настроюваннях запуск VeraCrypt при входженні до системи).\n\nВи дійсно бажаєте закрити VeraCrypt? - Завершити роботу? - VeraCrypt не має достатньої інформації, щоб визначитись, чи зашифровувати, чи розшифровувати. - VeraCrypt не має достатньої інформації, щоб визначитись, чи зашифровувати, чи розшифровувати.\n\nПам'ятайте: якщо ви розшифровували системний розділ/пристрій у передзавантажувальному оточенні, можливо вам потрібно завершити цей процес, натиснувши 'Розшифрувати'. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Ви хочете перерватиь процес шифрування розділу/тому, відклавши його на майбутє?\n\nПримітка: памятайте, що поки том не буде повністю зашифрований, його неможливо монтувати. пізніше процес шифрування можна буде поновити з того місця де він був зупинений. Це можна зробити, наприклад, вибравши команду 'Томи' > 'Продщовжити перерваний процес' в меню головного вікна VeraCrypt. - Ви бажаєте припинити та відкласти шифрування системного розділу/пристрою?\n\nПам'ятайте: ви можете припинити процес та продовжити з моменту зупинки. Зробити це можна, наприклад, обравши 'Система' > 'Продовжити припинений процес' зі строки меню головного вікна VeraCrypt. Якщо ви бажаєте повністю зупинити або повернути процес шифрування, оберіть 'Система' > 'Назавжди розшифрувати системний розділ/пристрій'. - Ви бажаєте припинити та відкласти розшифрування системного розділу/пристрою?\n\nПам'ятайте: ви можете припинити процес та продовжити з моменту зупинки. Зробити це можна, наприклад, обравши 'Система' > 'Продовжити припинений процес' зі строки меню головного вікна VeraCrypt. Якщо ви бажаєте повністю зупинити або повернути процес розшифрування, оберіть 'Система' > 'Зашифрувати системний розділ/пристрій...'. - Помилка: Неможливо припинити процес шифрування/розшифрування системного розділу/пристрою. - Помилка!Неможливо перервати процес очищення (видалення даних). - Помилка: Неможливо продовжити процес шифрування/розшифрування системного розділу/пристрою. - Помилка! Неможливо почати процес очищення (видалення даних). - Несумісність рішення.\n\n\n(якщо ви повідомляєте про помилку, будь ласка, додайте наступну технічну інформацію до повідомлення про помилку: %hs) - Помилка! Невідомий стан.\n\n\n(Якщо ви повідомите про помилку, будь ласка, додайте наступну технічну інформацію до повідомлення про помилку: %hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - УВАГА: фоновий процес VeraCrypt вимкнений. При виході з VeraCrypt ви не будете попереджені про запобігання пошкодження прихованого тому.\n\nПам'ятайте: фоновий процес можна завершити у будь-який момент, натиснувши правою кнопкою миші на значок VeraCrypt у системному треї й обравши пункт 'Вихід'.\n\nВвімкнути фоновий процес VeraCrypt? - Версія мовного модулю: %s - Перевірка файлової системи тому VeraCrypt, змонтованого як %s... - Спроба налагодити файлову систему тому VeraCrypt, змонтованого як %s... - Увага: цей том зашифрований застарілим алгоритмом шифрування.\n\nУсі алгоритми 64-біт-блокового шифрування (наприклад, Blowfish, CAST-128, або Triple DES) є небажані до використання. Такі томи можна буде монтувати у майбутніх версіях VeraCrypt. Проте, подальший розвиток та покращення таких алгоритмів не буде відбуватись. рекомендовано створити новий том VeraCrypt із застосуванням 128-біт-блокового алгоритму шифрування (наприклад, AES, Serpent, Twofish тощо) та перемістити усі файли з цього тому у новий. - Вашу систему не настроєно на автомонтування нових томів. Монтування томів VeraCrypt на основі пристроїв може виявитися неможливим. Щоб включити автомонтування, виконайте наступну команду й перезавантажте систему:\n\nmountvol.exe /E - Будь ласка, призначте літеру розділу/пристрою перед продовженням ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nПам'ятайте, це вимога операційної системи. - монтувати том VeraCrypt - Розмонтувати всі томи VeraCrypt - VeraCrypt не зміг отримати права адміністратора. - Доступ відхилено операційною системою.\n\nМожливі причини: операційна система вимагає дозволу на читання/запис (або права адміністратора) певних тек, файлів та пристроїв, щоб мати змогу читати та записувати дані. Звичайно, користувач без прав адміністратора може створювати, читати та модифікувати файли у власній теці 'Документи'. - Помилка: обраний пристрій використовує інший розмір сектору за 4096 байт.\n\nНаразі не можливо створити пристрій-контейнери на пристроях, що використовують інший розмір сектору ніж 4096 байт. Проте пам'ятайте, що ви можете створити файл-контейнер на цьому пристрої. - Помилка! Розмір секторів не підтримується крім 512 байт сектор. - Початковий Завантажувач VeraCrypt вимагає не менше як 32 КБ вільного місця на початку системного пристрою (Початковий Завантажувач VeraCrypt має бути розміщений на цій області). Нажаль, не відповідає таким вимогам.\n\nБудь ласка, НЕ повідомляйте про це як помилку/проблему VeraCrypt. Щоб вирішити цю проблему, вам потрібно переформатувати ваш диск та залишити перші 32 кілобайт вільними (у більшості випадків потрібно видалити та знову створити перший розділ). рекомендовано для цього використовувати програму керування розділами Microsoft, наприклад, коли ви встановлюєте Windows. - Ця функція не підтримується у версії операційної системи, яку ви зараз використовуєте. - VeraCrypt не підтримує шифрування системного розділу/пристрою у версії операційної системи, яку ви зараз використовуєте. - Щоб зашифрувати системний розділ/диск в Windows Vista, зпершу потрібно встановити пакет оновлень Service Pack 1 для Windows Vista або новіший (у вашій системі він поки не встановлено).\n\nПримітка: Service Pack 1 для Windows Vista усуває проблему з браком основної пам'яті при завантаженні системи. - VeraCrypt більше не підтримує шифрування системного розділу/диску в Windows Vista без встановленого пакета оновлення (Service Pack). Перш ніж оновити VeraCrypt, встановіть Service Pack 1 (або новіший) для Windows Vista. - Помилка! Щоб скористатися даною функцією, потрібно щоб VeraCrypt був встановлений на цьому комп’ютері (зараз ви використовуєте VeraCrypt в 'портативному' режимі).\n\nВстановіть (інсталюйте) VeraCrypt і повторіть спробу. - Помилка! Windows не встановлений на диску, з якого він завантажується. Це не підтримується. - Ваш системний диск має таблицю розділів GUID (GPT). На даний момент підтримуються тільки диски з таблицею розділів MBR. - ОБЕРЕЖНО: На системному диску вже встановлено завантажувач VeraCrypt!\n\nМожливо, у вашому комп'ютер є інша вже Зашифрована система.\n\nУВАГА: У разі продовження Шифрування поточна система є вірогідність, що ІНШІ СИСТЕМИ НЕ зможуть завантажувати, А СТОСУЮТЬСЯ НИМ ДАНІ стануть недоступними.\n\nВи дійсно бажаєте продовжити? - Помилка відновлення початкового завантажувача системи.\n\nВикористовується інсталяційний диск Windows, щоб замінити завантажувач VeraCrypt системний завантажувач Windows. - Вихідний системний завантажувач не буде збережений на диску відновлення (можлива причина: немає файлу з резервної копією). - Помилка записи сектора MBR.\n\nBIOS в вашем ПК может быть настроена на защиту сектора MBR. Проверьте в настройках BIOS (нажмите клавишу F2, Delete или Esc сразу после включения комп'ютера), не включена ли антивирусная/MBR защита. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - Завантажувач VeraCrypt (Boot Loader) потрібної версії зараз не встановлений. Це може перешкодити збереженню ряду налаштувань - Примітка: в певних ситуаціях може знадобитися, щоб сторонній (ворог), спостерігали за стартом ПК, не знав, що ви користуєтесь VeraCrypt. Параметри вище дозволяють модифіковані екран завантаження VeraCrypt. Якщо Ви включите першу опцію, то на екрані завантажувача не буде відображатися ніякої текст (навіть якщо ви введете неправильний пароль). При введенні пароля комп'ютер буде виглядати "завислих". Крім того, щоб ввести супротивника в оману, можна включити висновок свого повідомлення. Наприклад, відображати помилкові повідомлення про помилки на кшталт "Missing operating system" (ця напис зазвичай виводиться завантажників Windows, якщо він не може знайти завантажувальний розділ Windows). Однак при цьому важливо пам'ятати, що якщо ворог зможе проаналізувати вміст жорсткого диска, то він зуміє знайти на ньому завантажувач VeraCrypt. - УВАГА: Будь ласка, майте на увазі, що якщо Ви включите цю опцію, VeraCrypt Завантажувач не буде відображати будь-які тексти (навіть коли ви вводите неправильний пароль). Комп'ютер виявиться "замороженим" (не працює), тоді як ви можете ввести свій пароль (курсор не буде рухатися і зірочки не буде відображатися при натисканні клавіш).\n\nВи дійсно хочете включити цю опцію? - Системний розділ / диск виглядає як повністю зашифрований. - VeraCrypt не підтримує шифрування системного пристрою, який був перетворений на динамічний диск. - Системний диск містить розширені (логічні) розділи.\n\nВи можете зашифрувати весь системний диск, що містить розширені (логічні) розділи, тільки в Windows Vista (або більше нових версіях Windows). У Windows XP зашифрувати весь системний диск можна за умови, що він містить тільки первинні розділи. - ВАГА: Якщо ви працюєте в Windows XP/2003, після запуску шифрування диска на ньому не можна створювати розширені (логічні) розділи (дозволяється створювати лише первинні розділи). Будь-який додатковий розділ на диску після початку шифрування стане недоступним.\n\nПрімітка: якщо це обмеження для вас неприйнятна, поверніться назад і виберіть шифрування тільки системного розділу, а не всього диску (також ви можете створити тому VeraCrypt на основі розділів всередині будь-яких не-системних розділів на диску).\n\nЯкщо дане обмеження вам не підходить, ви можете перейти на Windows Vista або більш нову версію Windows (шифрування всього системного диска, що містить розширені/логічні розділи, доступні лише в Windows Vista або більше нових версіях). - Системний диск містить нестандартний розділ.\n\nЯкщо ви використовуєте ноутбук, на системному диску, ймовірно, знаходиться особливий розділ для відновлення. Після шифрування всього системного диска (включаючи будь-який розділ для відновлення) ви можете втратити можливість завантажити ОС, якщо у вашому ПК - не цілком коректний BIOS. Також, поки не буде дешифрований системний диск, може виявитися неможливим використовувати розділ для відновлення. Тому рекомендуємо вам шифрувати лиш системний розділ. - Ви бажаєте зашифрувати системний розділ замість цілого пристрою?\n\nПам'ятайте, що ви можете створити розділ-контейнер VeraCrypt всередині будь-якого несистемного розділу на пристрої (до того ж можна зашифрувати системний розділ). - Оскільки ваш системний пристрій містить лише один розділ, який займає цілий пристрій, краще (з міркувань секретності) зашифрувати цілий пристрій, разом із вільним неактивним місцем, яке зазвичай оточує такий розділ.\n\nВи бажаєте зашифрувати весь системний пристрій? - Ваша система настроєна так, що тимчасові файли зберігаються на несистемно розділі.\n\nВременние файли повинні зберігатися тільки на системному розділі. - Файли вашого профілю користувача не зберігаються на системному розділі.\n\nЕті файли повинні зберігатися тільки на системному розділі. - На несистемних розділах є один або кілька файлів підкачки.\n\nФайли підкачки повинні знаходитися тільки на системному розділі. - Налаштувати Windows так, щоб файли довантаження створювалися тільки на розділі з Windows?\n\nПри натисканні "Так" комп'ютер буде перезавантажений. Після цього запустіть VeraCrypt і знову спробуйте створити приховану ОС. - В іншому випадку це несприятливо позначиться на правдоподобно заперечення наявності прихованої ОС.\n\nПримітка: якщо ворог проаналізує вміст таких файлів (що знаходяться на несистемно розділі), то зможе дізнатися, що ви користувалися цим майстром у режимі створення прихованої системи (що наштовхне його на думка про наявність прихованої ОС у вашому ПК). Також майте на увазі, що такі файли, що зберігаються на системному розділі, будуть надійно видалені VeraCrypt при створенні прихованої ОС. - УВАГА: Під час створення прихованої ОС вам потрібно повністю змінити поточну ОС (щоб безпечно створити підставну систему).\n\nПримітка: запущена в даний момент ОС і весь вміст системного розділу будуть скопійовані в прихований тому (щоб створити приховану систему).\n\n\nВи впевнені, що зможете встановити Windows за допомогою інсталяційного CD/DVD (або зі службового розділу)? - В цілях безпеки, якщо запущена в даний момент ОС вимагає активації, вона повинна бути активована перед тим, як ви продовжите. Прихована ОС буде створена шляхом копіювання вмісту системного розділу в прихований том (тому якщо ця ОС не активована, то не буде активовано та прихована). Подробиці див в розділі "Security Precautions Pertaining to Hidden Volumes" в документації VeraCrypt.\n\nВажно: перед продовженням обов'язково ознайомтеся з головою "Security Precautions Pertaining to Hidden Volumes" у Посібнику користувача VeraCrypt.\n\n\nЧи задовільняє виконувана в даний момент ОС вказаною вище умовою? - Ваша система використовує додатковий завантажувальний розділ. VeraCrypt не підтримує гібернацію прихованих операційних систем, що використовують додатковий завантажувальний розділ (гібернація підставних систем ніяких проблем не спричиняє).\n\nВізьміть до уваги, що завантажувальний розділ використовується як підставною, так і прихованою системами. Тому для запобігання витоку даних і проблем з виходом з глибокого сну VeraCrypt заборонив прихованоі системі запис до загального завантажувального розділу і гібернацію.\n\n\nБажаєте продовжити? При відповіді "Ні" вам будуть надані інструкції, як видалити додатковий завантажувальний розділ. - \nДодатковий завантажувальний розділ можна видалити до встановлення Windows. Для цього виконайте наступні дії:\n\n1) Завантажте Windows з інсталяційного компакт-диска.\n\n2) На екрані встановлення Windows натисніть 'Install now' > 'Custom (advanced)'.\n\n3) Натисніть 'Drive Options'.\n\n4) Виберіть основний системний розділ і видаліть його, натиснувши 'Delete' та 'OK'.\n\n5) Виберіть розділ 'System Reserved', натисніть 'Extend' і збільшіть його розмір відповідно до встановлюваної ОС.\n\n6) Натисніть 'Apply' і 'OK'.\n\n7) Встановіть Windows у розділ 'System Reserved'.\n\n\nЯкщо ворог запитає вас, навіщо ви видалили додатковий завантажувальний розділ, ви можете відповісти, що хотіли запобігти можливості витоку даних у незашифрований завантажувальний розділ.\n\n!! Щоб роздрукувати цей текст, натисніть кнопку 'Друк' нижче. Якщо ви збережете або роздрукуєте копію цього тексту (це рекомендується зробити, якщо тільки ваш принтер не зберігає копії завдань на своєму внутрішньому накопичувачі), то після видалення додаткового завантажувального розділу всі копії цього тексту слід знищити (інакше якщо таку копію виявлять, це може навести на думку про наявність в ПК прихованої ОС). - Увага! Між системним розділом і першим розділом за ним є нерозподілене місце. Після створення прихованої операційної системи ви не повинні створювати в цій нерозподіленій області жодних нових розділів. В іншому випадку прихована ОС не зможе завантажитися (до тих пір, поки не будуть вилучені такі знову створені розділи). - У даний момент цей алгоритм для шифрування системи не підтримується. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - В даний момент ключові файли для шифрування системи не підтримуються. - Увага! VeraCrypt не може відновити первісну розкладку клавіатури. Це може призвести до неправильного введення пароля. - Помилка! Неможливо встановити розкладку клавіатури для VeraCrypt в стандартну американську (US).\n\nЗверніть увагу, що пароль вводиться ДО завантаження Windows, коли будь-які розкладки клавіатури, що відрізняються від американської, ще недоступні. Тому пароль завжди повинен вводиться при стандартній американської розкладці. - Оскільки VeraCrypt тимчасово змінив розкладку клавіатури на стандартну американську, введення символів при натиснутій правій клавіші Alt неможливий. Тим не менше, більшість таких символів можна ввести відповідними клавішами при натиснутій клавіші Shift. - Зміна розкладки клавіатури заблоковано VeraCrypt. - Примітка: пароль вводиться ДО завантаження Windows, коли будь-які розкладки клавіатури, що відрізняються від американської, ще недоступні. Тому пароль завжди повинен вводиться при стандартній американської розкладці. Важливо, однак, мати на увазі, що вам не потрібно мати справжню американську клавіатуру. VeraCrypt автоматично забезпечує вам безпечний введення пароля (прямо зараз і на стадії перед завантаженням ОС), навіть якщо у вас НЕ справжня американська клавіатура. - Перш ніж приступити до шифруванню розділу / диска, ви повинні створити диск відновлення VeraCrypt Rescue Disk (VRD), що забезпечує наступне:\n\n-У випадку пошкодження завантажувача VeraCrypt, майстер-ключа або інших критичних даних, VRD дозволяє їх відновити (майте на увазі, що вам все одно буде потрібно ввести правильний пароль).\n\n-Если завантажувач VeraCrypt виявиться пошкодженим або інфікованим вірусом, ви зможете уникнути його запуску, завантажившись прямо з VRD.\n\n-У випадку пошкодження Windows і неможливості її завантаження, VRD дозволяє перманентно розшифрувати розділ/диск перед стартом Windows.\n\n-VRD буде містити резервну копію поточного вмісту першого циліндра диска (в якому зазвичай знаходиться системний завантажувач або менеджер завантаження), і у разі необхідності дозволить відновити його. - Після натискання ГАРАЗД буде запущено засіб запису образів дисків Windows. Запишіть з його допомогою ISO-образ диска відновлення VeraCrypt на CD або DVD.\n\nПотім поверніться у вікно майстра створення томів VeraCrypt і дотримуйтесь інструкцій. - Образ диска відновлення створений та збережений у файлі:%s\n\nЗараз вам потрібно записати цей образ на CD або DVD.\n\nВАЖНО: Файл-образ має бути записаний на CD/DVD як ISO-образ диска (а не як окремий файл). Про те, як це зробити, див документацію на ваше ПЗ для запису CD/DVD. Якщо у вас немає програми, здатної записати ISO-образ на CD/DVD, клацніть за посиланням нижче, щоб отримати таке безкоштовне ПЗ.\n\nПісля запису диска відновлення натисніть 'Далі', щоб перевірити, чи коректно він був записаний. - Диск відновлення створено та збережено в цьому файлі:%s\n\nЗараз вам слід або записати (пропалити) диск відновлення на CD/DVD, або перемістити його ISO-образ в безпечне місце для використання в подальшому.\n\nЯкщо у вас немає програми, здатної записати ISO-образ на CD/DVD, клацніть на посилання нижче, щоб отримати таке безкоштовне ПЗ.\n\nНатисніть кнопку 'Далі' для продовження. - ВАЖЛИВО: Файл-образ повинен бути записаний на CD/DVD як ISO-образ диска (а не як окремий файл). Про те, як це зробити, див. документацію на ПЗ для запису CD/DVD. Якщо у вас немає програми, здатної записати ISO-образ на CD/DVD, клацніть за посиланням нижче, щоб завантажити таке безкоштовне ПЗ.\n\n - Запустити засіб запису образів дисків Windows - УВАГА: Якщо раніше ви вже створювали диск відновлення VeraCrypt, ви не зможете ним скористатися знову для цього системного розділу/диска, так як він був створений для іншого майстер-ключа! При кожному шифруванні системного розділу/диска потрібно створювати новий диск відновлення VeraCrypt, навіть якщо ви використовуєте той самий пароль. - Помилка! Неможливо зберегти установки системного шифрування. - Неможливо ініціювати попередній тест системного шифрування. - Неможливо почати процес створення прихованої операційної системи. - Режим очищення - На низці перезаписувати носіїв перезаписані дані можна відновити за допомогою спецтехніки (мікроскопія магнітної сили). Це відноситься і до даних, перезаписані в зашифрованому вигляді (коли VeraCrypt шифрує незашіфрованний системний розділ/диск). Відновлення перезаписані даних можна запобігти (або сильно ускладнити) перезаписом псевдослучайнимі або певними невипадкова даними деяке число разів. Якщо ваші супротивника можуть застосувати подібні методи для відновлення даних, які ви збираєтеся зашифрувати, виберіть один з режимів очищення (наявні дані НЕ будуть знищені). Після шифрування розділу/диска білінгові НЕ виконується. Коли розділ/диск повністю зашифровано, ніякі незашіфрованние дані на нього не записуються. Будь-які дані спочатку шифруються на льоту в пам'яті, і лише потім зберігаються (зашифрованими) на диску. - На низці перезаписуючих носіїв перезаписані дані (наприклад, коли дані видалені) можна відновити за допомогою спецтехніки (мікроскопія магнітної сили). Відновленню перезаписуючих даних можна запобігти (або сильно ускладнити) перезаписом псевдовипадковим або певними невипадкова даними деяку кількість разів. Якщо ваші супротивника можуть застосувати подібну техніку для відновлення даних, які повинні бути видалені, виберіть один з багатопрохідних режимів очистки.\n\nПрімечаніе: чим більше проходів, тим довше триває стирання даних. - Очищення - \nримітка: ви можете перервати процес очищення, вимкнути комп'ютер, знову запустити приховану систему і потім продовжити очищення (цей майстер запускається автоматично). Однак у випадку переривання весь процес очищення доведеться почати спочатку. - \n\nПримітка: якщо перервати очистку, а потім спробувати відновити цей процес, то його доведеться виконати з самого початку. - Ви хочете скасувати очищення (затирання даних)? - Увага! Вміст всього обраного розділу/пристрою буде знищено. - Весь вміст розділу, де знаходиться вихідна система, буде знищено.\n\nПримітка: весь вміст розділу, що підлягає стиранню, було скопійовано в цей прихований системний розділ. - УВАГА: Якщо вибрати, наприклад, 3-прохідний режим очищення, час шифрування диска/розділу збільшиться в 4 рази. Аналогічно, при виборі 35-прохідного режиму часом збільшиться в 36 разів (і може навіть скласти кілька тижнів).\n\nМайте на увазі,що очищення НЕ виконується після того, як розділ/диск зашифровано. Коли розділ/диск повністю зашифровано, ніяких незашифрованних даних на нього не записується. Будь-які записуючі на нього дані спочатку шифруються на льоту в пам'яті, і тільки потім зберігаються (у зашифрованому вигляді) на диску (тобто на продуктивності це НЕ відображається).\n\nВи дійсно хочете використовувати режим очищення? - Ні (найшвидший) - 1 прохід (случайные данные) - 3 проходи (US DoD 5220.22-M) - 7 проходів (US DoD 5220.22-M) - 35 проходів ("Gutmann") - 256 проходів - Число операційних систем - УВАГА: недосвідченим користувачам не слід намагатися шифрувати Windows в мультизагрузочних конфігураціях.\n\nПродовжити? - При створенні/використанні прихованої операційної системи VeraCrypt підтримує Мультизавантажуючі конфігурації тільки при дотриманні наступних умов: \n\n-працююча зараз операційна система повинна бути встановлена ​​на завантажувальному диску, на якому не може бути інших операційних систем;\n\n-операційні системи, встановлені на інших дисках, не повинні використовувати завантажувач, що знаходиться на диску, на якому встановлена ​​поточна операційна система.\n\nЦі умови дотримані? - VeraCrypt не підтримує цю Мультизавантажуючу конфігурацію при створенні/використанні прихованої операційної системи. - Завантажувальний диск - Операційна система, що працює в даний момент встановлена на завантажувальному диску?\n\nПримітка: іноді буває Windows встановлений не на тому диску, з якого він грузится (де знаходиться завантажувальний розділ). Якщо це ваш випадок, то виберіть 'Ні'. - В даний момент VeraCrypt не підтримує шифрування операційної системи, яка завантажується не з того ж диску, на якому вона встановлена. - Число системних дисків - Скільки дисків містить операційна система?\n\nПримітка: наприклад, якщо у вас одна операційна система (наприклад, Windows, Mac OS X, Linux і т.д.) встановлена на первинному диску, а інша - на вторинному, виберіть '2 або більше'. - В даний момент VeraCrypt не підтримує шифрування всього диску, який містить декілька операційних систем.\n\nМожливі варіанти:\n\n-Ви можете зашифрувати одну із систем, якщо повернетеся назад і виберіть шифрування тільки одного системного розділу (а не всього системного диску).\n\n-Ви зможете зашифрувати весь диск, якщо перемістете деякі системи на інші диски, залишивши тільки одну ОС на диску який хочете зашифрувати. - Кілька систем на одному диску - На диску, на якому встановлена поточна ОС, є інші операційні системи?\n\nПримітка: наприклад, якщо поточна ОС встановлена на диску #0, що містить кілька розділів, і якщо на одному з розділів знаходиться Windows, а на іншому - ще одна ОС (скажімо, Windows, Mac OS X, Linux і т.д.), то виберіть 'Так'. - Не-Windows завантажувач - Чи встановлений у головній завантажувального запису (MBR) не належить до Windows завантажувач (або завантажувальний менеджер)\n\nПримітка: наприклад, якщо в першому циліндрі завантажувального диска міститься GRUB, LILO, XOSL або якийсь інший не належить до Windows завантажувальний менеджер , виберіть 'Так'. - Мультизавантаження - В даний час VeraCrypt не підтримує мультизавантажуючі конфігурації, де у головній завантажувального запису (MBR) встановлений не належить до Windows завантажувач.\n\nМожливі варіанти:\n\n-Якщо ви використовуєте завантажувальний менеджер для завантаження Windows і Linux, перенесіть його (звичайно це GRUB) з MBR у розділ. Потім запустіть знову цей майстер і зашифруйте системний розділ/диск. Зверніть увагу, що завантажувач VeraCrypt стане основним завантажувальним менеджером і дозволить вам запускати вихідний завантажувальний менеджер (скажімо, GRUB) як вторинний (натисканням Esc при виведенні екрану завантажувача VeraCrypt) і, таким чином, запускати Linux. - Якщо поточна ОС встановлена на завантажувальному розділі, то після його шифрування вам буде потрібно ввести правильний пароль, навіть для запуску незашіфрованних Windows-систем (так як вони будуть спільно використовувати один і той же зашифрований завантажувач Windows).\n\nНавпаки, якщо поточна ОС не встановлена на завантажувальному розділі (або завантажувач Windows не використовується ніякими іншими системами), тоді після шифрування цієї системи вам не треба вводити пароль для запуску інших незашіфрованних систем - достатньо буде просто натиснути Esc (в разі кількох незашіфрованних систем також потрібно вибрати потрібну в меню завантажувача VeraCrypt).\n\nПримітка: як правило, в завантажувальному розділі буває встановлена найбільш рання версія Windows. - Шифрування захищеної області користувача (HPA) - В кінці багатьох дисків є область, у звичайних умовах прихована від операційної системи (цю область зазвичай називають Host Protected Area - захищена область користувача). Однак деякі програми здатні читати і записувати дані в таких областях.\n\nУВАГА: Виробники комп'ютерів (зокрема, ноутбуків) можуть використовувати області HPA для зберігання в них утиліт і даних для RAID, відновлення системи, її налаштування, діагностики та інших потреб. Якщо такі утиліти або дані повинні бути доступні перед завантаженням системи, приховану область НЕ слід шифрувати (виберіть 'Ні').\n\nБажаєте, щоб VeraCrypt виявив і зашифрували приховану область (якщо така є) в кінці системного диска? - Тип шифрування системи - Виберіть цю опцію, якщо ви просто хочете зашифрувати системний розділ або весь системний диск. - Може так статися, що вас змусить дешифрувати ОС. Часом ви просто не зможете від цього відмовитися (наприклад, при вимаганні). Ця опція дозволяє створити приховану ОС, наявність якої буде неможливо визначити (за умови дотримання зазначених нижче рекомендацій). Таким чином, дешифрувати приховану ОС або видавати від неї пароль вам не доведеться. Щоб дізнатися подробиці, клацніть по посиланню нижче. - Може так статися, що вас змусить дешифрувати ОС. Часом ви просто не зможете від цього відмовитися (наприклад, при вимаганні).\n\nЗ допомогою цього майстра ви можете створити приховану операційну систему, наявність якої буде неможливо визначити (за умови дотримання зазначених нижче рекомендацій). Таким чином, дешифрувати приховану ОС або видавати від неї пароль вам не доведеться. - Прихована операційна система - На наступних етапах ви створите два томи VeraCrypt (зовнішній і прихований) в першому розділі за системним розділом. Прихований тому буде містити приховану ОС. VeraCrypt створить приховану ОС копіюванням у прихований тому вмісту системного розділу (де встановлена працює зараз ОС). В зовнішній тому вам потрібно скопіювати осмислено виглядають файли, які насправді вам ховати НЕ потрібно. Їх мета - ввести в оману того, хто змусить вас повідомити пароль від прихованого системного розділу. Ви зможете відкрити пароль для зовнішнього томи всередині прихованого системного розділу (наявність прихованої ОС залишиться в таємниці).\n\nІ, нарешті, на системний розділ з працює в даний момент ОС ви встановите нову, так звану "підставну" ОС і зашіфруете її. У ній не повинно бути конфіденційних файлів, вона потрібна на випадок, якщо вас змусить повідомити предзагрузочний пароль. У підсумку у вас буде три пароля. Два з них (для обману ОС і для зовнішнього томи) можна повідомляти ворога. Третій пароль - запуск прихованої ОС. - Пошук прихованих секторів - Зачекайте, VeraCrypt шукає приховані сектора, які можуть бути присутніми в кінці системного диска. Це може зайняти тривалий час.\n\nПрімечаніе: в дуже рідкісних випадках на деяких комп'ютерах під час цієї операції система може перестати реагувати. У цьому випадку перезавантажте комп'ютер, запустіть VeraCrypt, повторіть попередні етапи, але пропустіть цей етап пошуку. Просимо врахувати, що дана проблема викликана не помилка в VeraCrypt. - Область шифрування - Виберіть цю опцію, якщо ви хочете зашифрувати весь диск, де встановлена Windows і з якого вона завантажується. Буде зашифровано весь диск, включаючи всі його розділи, крім першої доріжки, де знаходиться завантажувач VeraCrypt. Для доступу до встановленої на цьому диску ОС або файлів на ньому буде потрібно вводити пароль перед кожним завантаженням системи. Цю опцію не можна застосовувати для шифрування другого або зовнішнього диска, якщо Windows на ньому не встановлена або завантажується не з нього. - Збір випадкових даних - Згенеровані ключі - VeraCrypt не вдалося знайти в комп'ютері записуючий CD/DVD-пристрій. Такий накопичувач потрібен VeraCrypt для запису завантажувального диску відновлення (VeraCrypt Rescue Disk) з копією ключів шифрування, завантажувача VeraCrypt, вихідного системного завантажувача й ін.\n\nМи рекомендуємо вам записати диск відновлення VeraCrypt. - Записуючого CD/DVD-накопичувача немає, але я збережу ISO-образ диска відновлення на змінному носії (наприклад, на 'флешці'). - Я підключу пишучий CD/DVD-накопичувач пізніше. Зараз я хочу перервати процес. - Пишучий CD/DVD-накопичувач зараз підключений до ПК. Продовжити і записати диск відновлення. - Зробіть наступне:\n\n1) Підключіть до ПК змінний накопичувач (наприклад, 'флешку').\n\n2) Скопіюйте на змінний накопичувач файл-образ (%s) диска відновлення VeraCrypt.\n\nЯкщо в майбутньому вам знадобиться диск відновлення VeraCrypt, ви просто підключіть змінний накопичувач (з образом диска відновлення VeraCrypt) до ПК з пишучим CD/DVD-накопичувачем і запишете цей образ на CD або DVD. ВАЖЛИВО: Врахуйте, що файл-образ диска відновлення VeraCrypt потрібно записати на CD/DVD як ISO-образ диска (а не як звичайний файл). - Запис диска відновлення - Диск відновлення створений - Пре-тест шифрування системи - Диск відновлення перевірений - \nДиск відновлення VeraCrypt (Rescue Disk) успішно пройшов перевірку. Вийміть його з накопичувача і приберіть в надійне місце.\n\nНатисніть кнопку 'Далі' для продовження. - УВАГА: Під час наступних етапів у накопичувача НЕ повинно бути диска відновлення VeraCrypt. В іншому випадку ці етапи не вдасться коректно завершити.\n\nВитягніть диск відновлення з накопичувача і помістіть в надійне місце. Потім натисніть OK. - Увага! Внаслідок технічних обмежень середовища до завантаження ОС, повідомлення, що виводяться VeraCrypt на цьому етапі (тобто до старту Windows), не підлягають локалізації. Користувальницький інтерфейс завантажувача VeraCrypt повністю англійською мовою.\n\nПродовжити? - Перш ніж зашифрувати системний розділ або диск, VeraCrypt повинен перевірити, що все працює як треба.\n\nПосле натискання 'Тест' будуть встановлені всі необхідні компоненти (наприклад, предзагрузочний аутентіфікатор, тобто завантажувач VeraCrypt), і комп'ютер перезавантажиться. Потім на екрані завантажувача (VeraCrypt Boot Loader), який з'явиться до старту Windows, вам буде потрібно ввести свій пароль. Після запуску Windows вам автоматично повідомлять про результати цього попереднього тесту.\n\nБуде змінено наступне пристрій: Диск #%d\n\n\nЯкщо ви зараз натиснете 'Скасувати', то нічого встановлено не буде, і попередній тест не стане виконуватися. - ВАЖЛИВІ ЗАУВАЖЕННЯ - ПРОЧИТАЙТЕ або роздрукувати (натисніть 'Друк'):\n\nЖодні файли не будуть зашифровані, поки ви не перезавантажте успішно свій ПК і не запустите Windows. Тому якщо станеться якийсь збій, з вашими даними нічого не трапиться. Однак у випадку, якщо щось піде не так, можливі складнощі з запуском Windows. Тому прочитайте (і, по можливості, роздрукуйте) такі рекомендації про те, що робити, якщо Windows відмовляється запускатися після перезавантаження ПК.\n\n - Що робити, якщо Windows не завантажується ------------------------------ ------------------\n\nПРИМІТКА: Ці інструкції дійсні, тільки якщо ви не починали шифрування.\n\n-Якщо ви вводите правильний пароль, а Windows не завантажується (або якщо при введенні правильного пароля VeraCrypt постійно повідомляє, що пароль невірний), не панікуйте. Перезавантажте (вимкнути і знову увімкніть) комп'ютер і при появі екрану завантажувача VeraCrypt натисніть клавішу Esc на клавіатурі (а якщо у вас кілька ОС, виберіть потрібну для запуску). Після цього Windows повиннен запуститися (за умови, що він не зашифрований), а VeraCrypt автоматично запитає, чи бажаєте ви видалити компонент дозавантажуючої аутентифікації. Зверніть увагу, що попередні кроки НЕ працюють, якщо системний розділ/диск зашифрований (запустити Windows або отримати доступ до зашифрованих даних без правильного пароля не може ніхто, навіть якщо він (вона) виконає попередні етапи).\n\n - -Якщо вищесказане не допомагає або якщо екран завантажувача VeraCrypt не з'являється (перед стартом Windows), вставте в CD/DVD-привід диск відновлення VeraCrypt (Rescue Disk) і перезавантажте ПК. Якщо екран завантажувача VeraCrypt не з'являється (або якщо ви не бачите пункту 'Repair Options' у групі 'Keyboard Controls' на екрані завантажувача VeraCrypt), можливо, в BIOS вашого ПК налаштована завантаження спочатку з жорсткого диска, і лише потім з CD/DVD. Якщо це так, перезавантажте ПК, натисніть F2 або Delete (як тільки побачите початковий екран BIOS) і дочекайтеся появи екрану з настройками BIOS. Якщо цей екран не з'явився, знову перезавантажте ПК (натисніть кнопку Reset), відразу ж почавши часто натискати клавіші F2 або Delete. У який з'явився вікні установок BIOS Налаштуйте ПК так, щоб він спочатку завантажувався з CD/DVD (про те, як це зробити, зверніться до документації на вашу системну плату/BIOS). Знову перезавантажте комп'ютер. Зараз повинен з'явитися екран диска відновлення VeraCrypt. На цьому екрані виберіть 'Repair Options', натиснувши F8 на клавіатурі. У меню 'Repair Options' виберіть 'Restore original system loader'. Після цього вийміть диск відновлення з CD/DVD-накопичувача і перезавантажте ПК. Зараз Windows повинна запуститися нормально (за умови, що він не зашифрований).\n\n - Зверніть увагу, що попередні кроки НЕ працюють, якщо системний розділ/диск зашифрований (запустити Windows або отримати доступ до зашифрованих даних без введення правильного пароля не може ніхто, навіть якщо він (вона) виконає попередні етапи).\n\n\nТакож майте на увазі, що якщо ви втратите свій диск відновлення VeraCrypt, а ваш ворог його знайде, він НЕ зможе за допомогою цього диска розшифрувати системний розділ або диск, якщо не знає правильного пароля. - Попередній тест завершено - Попередній тест успішно завершено.\n\nУВАГА: Якщо під час шифрування станеться збій живлення або з-за програмної/апаратної помилки зависне операційна система, в той час, як VeraCrypt шифрує наявні дані 'на місці', деякі дані майже напевно виявляться пошкодженими або загубленими. Тому, перш ніж почати шифрування, переконайтеся, що зробили резервну копію файлів, які збираєтеся зашифрувати. Якщо ні, то зробіть це зараз (натисніть 'Відкласти', скопіюйте файли, а потім у будь-який час знову запустіть VeraCrypt, виберіть 'Система' > 'Відновити перерваний процес', щоб розпочати шифрування).\n\nКогда будете готові, натисніть 'шифрація', щоб приступити до шифрування. - Ви можете в будь-який момент натиснути 'Пауза' або 'Відкласти', перервавши (де) шифрування, вийти з цього майстра, перезавантажити або вимкнути ПК, а потім продовжити процес (він відновиться з тієї точки, де був призупинений). Для запобігання уповільнення, коли система або програми виконують читання або запис на системному диску, VeraCrypt чекає, поки дані будуть записані або прочитано (див. Статус вище), а потім продовжує (де) шифрування. - \n\nВи можете в будь-який момент натиснути 'Пауза' або 'Відкласти', перервавши шифрування, вийти з цього майстра, перезавантажити або вимкнути ПК, а потім продовжити процес (він відновиться з тієї точки, де був призупинений). Врахуйте, що тому не може бути змонтований, поки не буде повністю зашифровано. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Прихована система запущена - Вихідна система - Windows створює (зазвичай без вашого відома або згоди) різні файли звітів, тимчасові файли і т.п. на системному розділі. Крім того, там же вона зберігає вміст ОЗП для сну/гібернаціі та файли підкачки. Тому якщо ворог проаналізує файли на розділі з вихідною системою (клоном якої є прихована ОС), він може дізнатися, наприклад, що ви користувалися майстром VeraCrypt в режимі створення прихованої системи (і запідозрити наявність прихованої ОС у вашому ПК).\n\nЩоб це запобігти, на наступних етапах VeraCrypt надійно знищить всі вміст розділу, де знаходиться вихідна система. Потім для правдоподобно заперечення вам буде потрібно встановити в розділ нову систему і зашифрувати її. Таким чином ви створите обманним ОС, і на цьому процес створення прихованої ОС буде завершено. - Прихована ОС успішно створена. Але перш ніж її можна буде використовувати (і мати можливість правдоподобно заперечення), потрібно надійно знищити (за допомогою VeraCrypt) весь вміст розділу, в якому зараз встановлена поточна ОС. Перш ніж це зробити, перезавантажте ПК і на екрані завантажувача VeraCrypt (виведеного до старту Windows) введіть пароль предзагрузочной автентифікації для прихованої ОС. Потім після старту прихованої системи автоматично запуститься майстер VeraCrypt.\n\nПримітка: якщо зараз перервати створення прихованої ОС, то відновити цей процес не вдасться, і прихована ОС виявиться недоступна (так як буде видалено завантажувач VeraCrypt). - Ви запланували створення прихованої операційної систми. Цей процес ще не закінчений. Щоб його завершити, потрібно перезавантажити комп'ютер і на екрані завантажувача VeraCrypt (він появляєтся перед запуском Windows) ввести пароль для прихованої операційної системи.\n\nПримітка: якщо ви вирішите перервати зараз процес створення прихованої ОС, ви вже НЕ зможете його відновити. - Перезавантажити ПК і продовжити - Остаточно перервати створення прихованої ОС - Зараз нічого неробити, спитати пізніше - \nРекомендується роздрукувати ЦЕЙ ТЕКСТ (натисніть 'Друк' нижче).\n\n\nЯк і коли використовувати диск відновлення VeraCrypt (після шифрування) ------- -----------------------------------------------------------------------------\n\n - I. Як завантажитеся з диска відновлення VeraCrypt\n\nCкориставшись диском відновлення VeraCrypt (Rescue Disk), вставте його в CD/DVD накопичувач і перезавантажте ПК. Якщо екран завантажувального диска VeraCrypt не з'являється (або якщо на екрані немає пункту 'Repair Options' у групі 'Keyboard Controls'), ймовірно, BIOS у вашому ПК налаштований на завантаження спочатку з жорстких дисків, і лише потім з CD/DVD-накопичувачів. Якщо це так, перезавантажте комп'ютер, натисніть F2 або Delete (як тільки побачите початковий екран BIOS) і дочекайтеся появи екрану налаштувань BIOS. Якщо він не з'явився, знову перезавантажте ПК (натисніть кнопку скидання - Reset) і відразу ж починайте постійно натискати F2 або Delete. Коли з'явиться екран налаштування BIOS, налаштуйте ПК так, щоб він спочатку завантажувався з CD/DVD-накопичувача (про те, як це зробити, зверніться до документації на вашу системну плату або BIOS). Потім перезавантажте комп'ютер. Тепер екран диска відновлення VeraCrypt має з'явитися. Примітка: на екрані диска відновлення VeraCrypt можна вибрати 'Repair Options', натиснувши F8 на клавіатурі.\n\n\n - II. Коли і як використовувати диск відновлення VeraCrypt (після шифрування)\n\n - 1) Якщо після старту ПК екран завантажувача VeraCrypt не з'являється (або не завантажується Windows), можливо, пошкоджений завантажувач VeraCrypt. Диск відновлення VeraCrypt дозволяє відновити його і, таким чином, знову отримати доступ до зашифрованої системі і даних (врахуйте, що вам все одно буде потрібно ввести правильний пароль). На екрані Rescue Disk виберіть 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Потім натисніть 'Y', щоб підтвердити дію, вийміть диск відновлення з CD/DVD-накопичувача і перезавантажте комп'ютер.\n\n - 2) Якщо ви вводите правильний пароль, а VeraCrypt каже, що пароль невірний, можливо, пошкоджено майстер-ключ або інші критичні дані. Диск відновлення VeraCrypt дозволяє відновити їх і, таким чином, знову отримати доступ до зашифрованої системі і даних (проте вам все одно буде потрібно ввести правильний пароль). На екрані Rescue Disk виберіть 'Repair Options' > 'Restore key data'. Потім введіть свій пароль, натисніть 'Y' для підтвердження дії, вийміть диск відновлення з CD/DVD-накопичувача і перезавантажте комп'ютер.\n\n - 3) Якщо завантажувач VeraCrypt ушкоджений або інфікований вірусом, ви можете уникнути його використання, завантажившись безпосередньо з диска відновлення VeraCrypt. Вставте диск відновлення в CD/DVD-накопичувач і введіть свій пароль на екрані Rescue Disk.\n\n - 4) Якщо Windows пошкоджений і відмовляється запускатися, диск відновлення VeraCrypt дозволяє перманентно розшифрувати розділ/диск до запуску Windows. На екрані Rescue Disk виберіть 'Repair Options' > 'Permanently decrypt system partition/drive'. Потім введіть правильний пароль і дочекайтеся завершення дешифрування. Після цього ви можете, наприклад, завантажитися з встановлюючого CD/DVD-диска Windows і відновити Windows.\n\n - Альтернативний варіант: якщо Windows пошкоджено (не запускається), і вам треба його відновити (або отримати доступ до його файлів), дешифрування системного розділу/диска можна уникнути, якщо виконати наступні кроки . Якщо у вашому комп'ютері встановлено декілька операційних систем, завантажте ту з них, яка не вимагає дозавантажуючої аутентифікації. Якщо в ПК немає кількох встановлених ОС, можна завантажитися з CD/DVD з WinPE або BartPE, або підключити системний диск як вторинний або зовнішній накопичувач до іншого комп'ютера і завантажити встановлену на цьому ПК операційну систему. Після того як система завантажиться, запустіть VeraCrypt, натисніть кнопку 'Пристрій', виберіть несправний системний розділ, натисніть 'OK', виберіть 'Система' > 'Змонтувати без дозавантажувальної аутентифікації', введіть свій пароль для дозавантажувальної аутентифікації і натисніть 'OK'. Розділ буде змонтований як звичайний том VeraCrypt (дані будуть як завжди розшифровуватися/шифруватися 'на льоту' в ОЗП при доступі до них).\n\n\n - Зверніть увагу, що якщо ви втратите свій диск відновлення VeraCrypt, а ваш ворог його знайде, він НЕ зможе за допомогою цього диска розшифрувати системний розділ або диск, якщо не знає правильного пароля. - \n\nВ А Ж Л И В О - РЕКОМЕНДОВАНО Роздрукувати цей ТЕКСТ (натисніть 'Друк').\n\n\nПримітка: цей текст відображається автоматично при кожному запуску прихованої системи, поки не буде створена підставна ОС.\n\n\n - Як надійно і безпечно створити підставну систему ------------------------------ ----------------------------------------------\n\nдомогтися правдоподібного заперечення причетності, вам потрібно створити зараз підставну операційну систему. Для цього виконайте наступне:\n\n - 1) В цілях безпеки вимкніть комп'ютер і не вмикфйте його хоча б кілька хвилин (чим довше, тим краще). Це потрібно для очищення пам'яті, яка містить конфіденційні дані. Потім увімкніть ПК, але не завантажуйте приховану систему.\n\n - 2) Встановлення Windows до розділу, вміст якого було видалено (тобто до розділу, де була вихідна ОС, клоном якої стала прихована система).\n\nВАЖЛИВО: КОЛИ ВИ почне встановлювати ПІДСТАВНУ ОС, ЗАВАНТАЖЕННЯ Прихованої система стане *НЕМОЖЛИВЕ* (так як завантажувач VeraCrypt буде стертий інсталятором Windows). Це нормальна ситуація, ТАК І МАЄ БУТИ. Не панікуйте. ВИ ЗМОЖЕТЕ ЗНОВУ ЗАВАНТАЖУВАТИ ПРИХОВАТИ ОС, як тільки приступете до шифрування ПІДСТАВНОЇ СИСТЕМИ (оскільки VeraCrypt потім автоматично встановить свій завантажувач на системний диск).\n\nВАЖЛИВО: Розмір розділу з підставної ОС повинен залишатися таким же, як і розмір прихованого тому (цю умова зараз дотримано). Більш того, не можна створювати ніяких розділів між розділами з підставної та прихованої системами.\n\n - 3) Завантажте підставну ОС (встановлену на етапі 2) і встановіть у ній VeraCrypt.\n\nПамятайте, що підставна ОС не повинна містити ніяких конфіденційних даних.\n\n - 4) У підставній ОС запустіть VeraCrypt і виберіть 'Система' > 'Зашифрувати системний розділ/диск'. Повинно з'явитися вікно майстра створення томів VeraCrypt.\n\nНаступні кроки відносяться до цього майстра.\n\n - 5) У вікні майстра створення томів НЕ обирайте опцію 'Прихований'. Залиште опцію 'Звичайний' і натисніть 'Далі'.\n\n - 6) Виберіть опцію 'Зашифрувати системний розділ Windows' та натисніть 'Далі'.\n\n - 7) Якщо в ПК встановлені тільки прихована і підставна системи, виберіть опцію 'Одиночне завантаження' (якщо в ПК більше ОС, ніж ці дві, виберіть 'мультизавантаження'). Натисніть 'Далі'.\n\n - 8) ВАЖЛИВО: На цьому етапі, для підставної ОС, ВИ ПОВИННІ ОБРАТИ ТІ Ж алгоритми шифрування і хешування, що і для Прихованої системи! ІНАКШЕ Прихована система буде недоступна! Іншими словами, підставна ОС повинна бути зашифрована тим же алгоритмом, що і прихована ОС. Примітка: причина цієї вимоги в тому, що підставна і прихована системи використовують один і той же завантажувач, що підтримує тільки один алгоритм, вибраний користувачем (для кожного алгоритму є свій завантажувач VeraCrypt).\n\n - 9) Оберіть пароль для підставної ОС. Це пароль, який ви можете видати ворогові, якщо вас змусять повідомити пароль дозавантажувальної аутентифікації (ще один пароль, який ми можете повідомити - для зовнішнього тому). Існування третього пароля (тобто пароля дозавантажувальної аутентифікації для прихованої ОС) залишиться таємницею.\n\nВАЖЛИВО: Пароль для підставної ОС повинен істотно відрізнятися від пароля для прихованого тому (тобто для прихованої ОС).\n\n - 10) Дотримуйтесь інструкцій майстра для шифрування підставної ОС.\n\n\n\n - Після створення підставної системи --------------------------------- ---------------\n\nПо закінчені шифрування підставної ОС процес створення прихованої ОС буде завершений, і ви зможете користуватися трьома паролями:\n\n1) Пароль дозавантажувальної аутентифікації для прихованої ОС.\n\n2) Пароль дозавантажувальної аутентифікації для підставної ОС.\n\n3) Пароль для зовнішнього томи.\n\n - Якщо ви бажаєте запустити приховану ОС, потрібно просто ввести пароль для прихованої ОС на екрані завантажувача VeraCrypt (який з'являється при увімкненні або перезавантаженні ПК).\n\nЯкщо вам потрібно завантажити підставну ОС, введіть пароль для підставної ОС на екрані завантажувача VeraCrypt.\n\nПароль для підставної ОС можна повідомляти будь-кому, хто зажадає дізнатися пароль дозавантажувальної аутентифікації. Наявність прихованого тому (і прихованої ОС) залишиться в секреті.\n\n - Третій пароль (для зовнішнього тому) можна повідомляти будь-кому, хто забажає дізнатися пароль для першого розділу, наступного за системним, де знаходяться зовнішній і прихований томи (з прихованою ОС). Існування прихованого томи (і прихованої ОС) залишиться секретом.\n\n\n - Якщо ви повідомете ворогові пароль від підставної ОС, і він запитає, чому вільне місце на (підставному) системному розділі містить випадкові дані, ви зможете, наприклад, відповісти: "Цей розділ раніше містив систему, зашифровану VeraCrypt, але я забув (ла) пароль дозавантажуючої аутентифікації (або система ушкодилася і перестала завантажуватися), тому мені довелося перевстановити Windows і знову зашифрувати розділ".\n\n\n - Якщо виконані всі інструкції і враховані запобіжні заходи, описані в главі "Вимоги безпеки та заходи безпеки щодо прихованих томів" в Керівництві користувача VeraCrypt, визначити наявність прихованого тому і прихованої ОС повинно бути неможливо, навіть якщо змонтований зовнішній том чи розшифрована/запущена підставна ОС.\n\nЯкщо ви збережете або роздрукуєте копію цього тексту (це рекомендується зробити, якщо тільки ваш принтер не зберігає копії завдань на своєму внутрішньому накопичувачі), то, створивши підставну систему і переконавшись, що ви зрозуміли все, що тут написано, всі копії цього тексту слід знищити (інакше якщо таку копію виявлять, це може навести на думку про наявність в ПК прихованої ОС).\n\n - УВАГА: ЯКЩО ВИ НЕ ЗАХИСТИТИ ПРИХОВАНИЙ ТОМ (про те, як це зробити, див главу "Захист прихованих томів від пошкоджень" в Керівництві користувача VeraCrypt), НЕ ВИКОНУЙТЕ ЗАПИС В ЗОВНІШНІЙ ТОМ (зверніть увагу, що підставна ОС встановлена ​​НЕ в зовнішньому томі). ІНАКШЕ ВИ МОЖЕТЕ ПЕРЕЗАПИСАТИ і ПОШКОДИТИ ПРИХОВАНИЙ ТОМ (І ПРИХОВАНУ ОС ВСЕРЕДИНІ НЬОГО)! - Клонувати операційну систему - На наступних етапах VeraCrypt створить приховану ОС, скопіювавши вміст системного розділу в приховуваному томі (копіюючі дані шифруються 'негайно' з ключем, відмінним від використовуваного для підставної ОС).\n\nМайте на увазі, що процес виконується на предзавантажувальній стадії (до запуску Windows) і може зайняти багато часу (декілька годин і навіть днів, в залежності від розміру системного розділу і швидкості ПК).\n\nВи зможете перервати цей процес, виключити ПК, запустити ОС а потім відновити його. Однак в випадку переривання, копіювання системи прийдеться почати зпочатку (так як при клонуванні вміст системного розділу не повинно змінюватися). - Ви бажаєте скасувати весь прцес створення прихованої операційної системи?\n\nПримітка: в випадку відміни ви НЕ зможете відновити процес. - Ви бажаєте завершити попередній тест системного шифрування? - Попередній тест системного шифрування VeraCrypt зазнав невдачі. Бажаєте спробувати ще раз?\n\nЯкщо оберете 'Ні', компонент попередньої аутентифікації буде видалено.\n\nПам'ятайте: якщо Початковий Завантажувач VeraCrypt не запитав про введення паролю перед запуском Windows, цілком можливо, що операційна система не завантажується з пристрою, на якому її встановлено. Такий варіант не підтримується. - Системний розділ/пристрій не виглядає зашифрованим (ні частково, ні повністю). - Ваш системний розділ/пристрій є зашифрованим (частково або повністю).\n\nБудь ласка, розшифруйте його назавжди перед продовженням. Щоб це зробити, оберіть 'Система' > 'Назавжди розшифрувати системний розділ/пристрій' зі строки меню головного вікна VeraCrypt. - Якщо системний розділ / диск зашифровано (частково або повністю), ви не можете встановити стару вкрсію VeraCrypt (але ви можете оновити його або перевстановити ту ж версію). - На даний момент ваш системний розділ/пристрій шифрується, розшифровується або іншим чином змінюється. Будь ласка, перервіть процес шифрування/розшифрування/модифікації (або дочекайтесь його завершення) перед продовженням. - На даний момент одна копія Майстра Створення Томів VeraCrypt вже запущено на цій системі та виконує або готується до шифрування/розшифрування системного розділу/пристрою. Перед продовженням, будь ласка, дочекайтесь завершення або закрийте його. Якщо ви не можете закрити його, будь ласка, перезавантажте комп'ютер. - Процес шифрування або розшифрування системного розділу/пристрою не завершено. Будь ласка, дочекайтесь завершення перед продовженням. - ПОМИЛКА: процес шифрування розділу/пристрою не завершено. Його необхідно завершити. - ПОМИЛКА: Шифрування розділу/тому не було завершено. Спосатку його портібно завершити.\n\nПримітка: щоб відновити процес, виберіть команду 'Томи' > 'Продовжити перерваний процес' в меню головного вікна VeraCrypt. - Пароль вірний. VeraCrypt успішно розшифрувала заголовок тому і виявила, що цей том є прихованим системним томом. Однак змінити заголовок прихованого системного тому таким чином неможливо.\n\nЩоб змінити пароль прихованого системного тому, завантажте ОС, розміщену в приховуваному томі, після чого в головному вікні VeraCrypt виберіть в меню 'Система' > 'Змінити пароль'.\n\nЩоб встановити алгоритм деривації ключа заголовку, завантажте приховану ОС і виберіть 'Система' > 'Встановити алгоритм деривації ключа заголовку'. - VeraCrypt не підтримує дешифрування прихованого системного розділу на місці.\n\nПримітка: якщо ви хочете дишифтувати підставний системний розділ, завантажте підставну ОС, після чого виберіть в головному вікні VeraCrypt меню 'Система' > 'Перманентно розшифрувати системний розділ/диск'. - Помилка: невірний/недійсний параметр. - Ви обрали розділ чи пристрій, але обраний режим Майстра застосовується лише для файл-контейнерів.\n\nБажаєте змінити режим Майстра? - Бажаєте замість цього створити файл-контейнер VeraCrypt? - Ви обрали системний розділ/пристрій, але обраний режим Майстра застосовується лише для несистемних пристроїв.\n\nВи бажаєте встановити початкову аутентифікацію (що означає необхідність введення паролю щоразу перед запуском Windows) та зашифрувати цей системний розділ/пристрій? - Ви дійсно бажаєте назавжди розшифрувати системний розділ/пристрій? - ОБЕРЕЖНО: якщо ви назавжди розшифруєте системний розділ/пристрій, на ньому буде записано незашифровані дані.\n\nВи дійсно бажаєте назавжди розшифрувати системний розділ/пристрій? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - УВАГА! При використанні каскадних шифрів для шифрування системи ви можете зіткнутися з наступними проблемами:\n\n1) Завантажувач VeraCrypt більше, ніж стандартний, тому в першому циліндрі диска недостатньо місця для резервного копіювання завантажувача. Відповідно, якщо він буде пошкоджений (що часто трапляється, наприклад, при неякісно реалізованих анти-піратських процедурах активації деяких програм), для завантаження або ремонту завантажувача VeraCrypt вам знадобиться диск відновлення (VeraCrypt Rescue Disk).\n\n2) При підвищиних вимогах до памяті, на деяких комп'ютерах системний розділ/диск зашифрувати неможливо.\n\n3) Вихід із стану сну на деяких комп'ютерах триває довше ніж звичайно.\n\nЦих потенційних проблем можливо уникнути, якщо выбрати не-каскадний алгоритм шифрування (наприклад, AES).\n\nВи дійсно хочете використовувати каскадне шифрування? - Якщо вам трапилась якась проблема з попередньо згаданих, розшифруйте розділ/пристрій (якщо він зашифрований) та спробуйте зашифрувати його знову, використовуючи не-каскадний алгоритм шифрування (наприклад AES). - УВАГА: В цілях безпеки і надійності, вам потрібно оновити VeraCrypt в підставній операційній системі, перед тимяк як ви оновите його в прихованій ОС.\n\nЩоб це зробити, заавнтажте підставну ОС і запустіть в ній інсталятор VeraCrypt. Потім завантажте приховану систему і знову запустіть інсталятор.\n\nПримітка: підставна і прихована системи використовують один і той самий завантажувач. Якщо ви оновите VeraCrypt тільки на прихованій системі (но не на підставній), в підставній системі можуть залишитися драйвер і додаток VeraCrypt, чиї версії будуть відрізнятися від версії завантажувача VeraCrypt. Така різниця може свідчити про присутність в даному ПК прихованої операційної системи.\n\n\nХочете продовжити? (Не рекомендується.) - Номер версії завантажувача VeraCrypt, за допомогою якого була завантажена ця ОС, відрізняється від номера версії драйвера і додатків VeraCrypt, встановлених у цій системі.\n\nВам треба запустити інсталятор VeraCrypt (тієї ж версії, що й у завантажувача VeraCrypt), щоб оновити VeraCrypt у цій операційній системі. - Номер версії завантажувача VeraCrypt, за допомогою якого завантажена ця ОС, відрізняється від номера версії драйвера VeraCrypt (і додатків VeraCrypt) у цій системі. Більш старі версії можуть містити помилки, яких в нових версіях вже немає.\n\nЯкщо ви не завантажувалися з диска відновлення VeraCrypt, вам слід перевстановити VeraCrypt або оновити до новішої стабільної версії (при цьому завантажувач також буде оновлено).\n\nЯкщо ви завантажувалися з диска відновлення VeraCrypt, вам слід оновити його ('Система' > 'Створити диск відновлення'). - Початковий Завантажувач VeraCrypt оновлено.\n\nрекомендовано створити новий Диск Відновлення VeraCrypt (який буде містити нову версію Початкового Завантажувача VeraCrypt), обравши 'Система' > 'Створити Диск Відновлення' після перезавантаження комп'ютера. - Завантажувач VeraCrypt оновлений.\n\nНастоятельно рекомендуется загрузить обманную операционную систему и затем создать новый диск восстановления VeraCrypt (который будет содержать новую версию загрузчика VeraCrypt). Для этого выберите меню 'Система' > 'Создать диск восстановления'. - Не вдалось відновити Початковий Завантажувач VeraCrypt до нової версії. - VeraCrypt не може визначити справжній розмір системного диска, тому буде використовуватися розмір, повідомлений операційною системою (який може бути менший за реальний розмір). Примітка: це не помилка в VeraCrypt. - УВАГА: VeraCrypt вже робив спробу пошуку прихованих секторів на системному пристрої. Якщо впродовж попереднього процесу пошуку виникали будь-які проблеми, ви можете попередити їх, пропустивши цього разу пошук прихованих секторів. Пам'ятайте, якщо ви це зробите, VeraCrypt буде використовувати розмір, про який повідомлено операційною системою (який може бути менше за реальний).\n\nПам'ятайте, це не помилка VeraCrypt. - Пропустити пошук прихованих секторів (використати розмір, про який повідомлено операційною системою) - Ще раз зробити пошук прихованих секторів - Помилка: Не вдається прочитати один чи декілька секторів на диску.\n\nШифрування 'на місці' може бути продовжено, тільки коли сектори знову будуть доступні для чтитання. VeraCrypt може спробувати зробити ці сектори читаючими шляхом запису в них нулів (всі нулі блоки будуть зашифровані). При цьому, однак, дані в нечитаючих секторах будуть втрачені. Якщо ви хочете цього уникнути, попробуйте відновити пошкоджені данні (ігноруючи помилки контрольних сум) з допомогою відповідних програм сторонніх фірм.\n\nПримітка: якщо сектори пошкоджені фізично (в відмінності від простого порчення данних і помилок контрольних сум), більшість пристрої зберігання інформації внутрішньо перерозприділяють сектори при спробі записати в них дані (тому поточні дані в пошкоджених секторах можуть залишатися на диску незашифрованими).\n\nХочете, щоб VeraCrypt запвнив нулями нечитаючі сектори? - ПОМИЛКА: Неможливо прочитати вміст одного або декількох секторів диску (ймовірно, через фізичний дефект).\n\nПродовжити шифрування, VeraCrypt відкине вміст нечитаних секторів (воно буде замінено псевдовипадковими даними). Перш ніж продовжити, ви можете спробувати хоча б частково відновити пошкоджені дані за допомогою відповідних програм сторонніх розробників.\n\nБажаєте, щоб VeraCrypt відкинув зараз дані в нечитаних секторах? - Примітка: VeraCrypt замінив вміст %I64d нечитаючих секторів (%s) зашифрованими блоками із звичайним нулювим текстом. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Введіть пароль/PIN для токену '%s': - Щоб забезпечити VeraCrypt доступ до токена безпеки чи смарт-карті, зпочатку потрібно встановитв програмну бібліотеку PKCS #11 для токену або смарт-карти. Ця бібліотека може поставлятися разом з пристроєм або знаходиться на сайті постачальника або сторонньої фірми.\n\nВстановивше бібліотеку, ви можете або выбрати її вручну, нажавши 'Бібліотека', або дозволити VeraCrypt найти її автоматично, натиснувши 'Автовизначення бібліотеки' (пошук виконується тільки в системній теці Windows). - Примітка: ім'я і розташування файлу бібліотеки PKCS #11 для токена або смарт-карти див. в документації до токена, смарт-карти чи ПЗ сторонніх фірм.\n\nНатисніть 'OK', щоб вибрати шлях і ім'я файла. - Щоб забезпечити VeraCrypt доступ до токену безпеки або смарт-карте, зпочатку потрібно вибрати програмну бібліотеку PKCS #11 для токена/карти. Для цього виберіть в меню 'Настройки' > 'Токени безпеки'. - Помилка ініціалізації бібліотеки PKCS #11 для токена безпеки.\n\nВпевніться, що вказаний шлях і ім'я файла дійсно посилається на бібліотеку PKCS #11. Щоб вказати шлях і ім'я бібліотеки PKCS #11, виберіть в меню 'Настройки' > 'Токени безпеки'. - В системній теці Windows бібліотека PKCS #11 не виявлена.\n\nПеревірте, чи встановлена бібліотека PKCS #11 для вашого токена безпеки (або смарт-карти). Ця бібліотека може поставлятися зазом з токеном/картою або ж доступна на сайті виробника/стотронньої фірми. Якщо бібліотека встановлена в теці, відмінної от системной теки Windows, натисніть кнопку 'Бібліотека' і виберіть її (наприклад, це може бути тека, де встановлено ПЗ для токена/карти). - Токен безпеки не виявлений.\n\nпереконайтесь, що токен підключений до ПК, і для нього встановлений коректний драйвер. - Файл-ключ токена безпеки не виявлено. - Файл-ключ токена безпеки з таким ім'ям уже існує. - Ви хочете видалити вибрані файли? - Шлях до ключового файлу токена безпеки невірний. - Помилка токена безпеки - Невірний пароль для токена безпеки. - В токені безпеки недостньо памяті для виконання запитаної операції.\n\nЯкщо ви намагаєтесь імпортувати Файл-ключ, виберіть файл меншого обєму або використовуйте Файл-ключ, згенерованний VeraCrypt (виберіть 'Ключові файли' > 'Створити випадковий Файл-ключ'). - Всі відкриті токен-сесії були закриті. - Виберіть ключові файли токена безпеки - Слот - Токен - Ім'я файла - Майте на увазі, шо паролі передзагрузочної аутентифікації завжди вводяться з використанням стандартної розкладки американскької клавіатури. Тому том, пароль якого набраний у відмінності від US-клавіатури, може виявитися неможливо монтувати з допомогою кешованого пароля предзагрузочної аутентифікації. Це не помилка VeraCrypt. - Системні обрані томи будуть монтуватися з використанням пароля дозавантажувальної аутентифікації. Якщо у якогось із таких томів інший пароль, цей том змонтований не буде. - Якщо ви бажаєте заборонити функції VeraCrypt зі звичайними томами ('Розмонтувати все', авторозмонтування та ін) для обраних системних томів, потрібно увімкнути параметер 'Переглядати/размонтувати системні обрані томи можуть лише адміністратори'. Крім того, якщо VeraCrypt запущено без прав адміністратора (що стандартно для Vista і новіших версій Windows), обрані системні томи не будуть відображатися в списку літер дисків в головному вікні VeraCrypt. - ВАЖЛИВО: Пам'ятайте, що якщо вибрана ця опція, а VeraCrypt не має адміністративних привілеїв, змонтовані системні обрані томи НЕ відображаються у вікні VeraCrypt і їх не можна демонтувати. Тому якщо, наприклад, потрібно демонтувати системний обраний том, спочатку клацніть правою кнопкою миші по значку VeraCrypt (в меню 'Пуск') і виберіть запуск від імені адміністратора. Те ж саме відноситься до функції 'Розмонтувати все', функціям авторозмонтування, гарячим клавішам 'Розмонтувати все' і т.д. - Зауважимо, що цей параметр набуває чинності тільки після перезавантаження системи. - Помилка обробки командним рядком. - Диск відновлення - Вибрати &файл і монтувати... - Вибрати &пристрій і монтувати... - Дозволити лише адміністраторам переглядати і розмонтовувати системні обрані томи у VeraCrypt - Монтувати системні обрані томи при старті Windows (у початковій фазі завантаження) - УВАГА: Файлова система тому, змонтованого як '%s', не була правильно демонтована, і тому може містити помилки. Використання пошкодженої файлової системи може призвести до втрати або псування даних.\n\nПримітка: перш ніж фізично видаляти або вимикати пристрій (наприклад, флеш-накопичувач USB або зовнішній жорсткий диск), на якому знаходиться змонтований тому VeraCrypt, зпершу завжди слід демонтувати цей том .\n\n\nБажаєте, щоб Windows спробувала знайти і виправити помилки (якщо вони є) файлової системи? - УВАГА: Один або декілька системних обраних томів не були чисто демонтувати і тому можуть містити помилки файлової системи. Щоб дізнатись більше e системному звіті про події.\n\nВикористання пошкодженої файлової системи може призвести до втрати або пошкодження даних. Перевірте такі томи на помилки (клацніть правою кнопкою миші на томі і виберіть команду полагодити файловоу систему). - УВАГА: Виправлення пошкодженої файлової системи за допомогою утиліти\nMicrosoft 'chkdsk' може викликати втрату файлів в пошкоджених ділянках.\nТому рекомендується зпершу скопіювати файли з тому VeraCrypt на інший,\nнепошкоджений том VeraCrypt.\n\nБажаєте виправити файлову систему зараз? - Обсяг '%s' був встановлений, тільки для читання, оскільки запис булв відхилений.\n\nБудь ласка, переконайтеся в тому, що дозволений запис до файлу контейнера (клацніть правою кнопкою миші контейнер і виберіть Властивості > Безпека).\n\nЯкщо ви маєте намір зберегти ваш обсягу тільки для читання, встановіть атрибут "Тільки читання" з контейнера (правою кнопкою миші контейнер і виберіть "Властивості" > "Тільки читання"), який буде придушувати це попередження. - Обсяг '%s' був встановлений, тільки для читання, оскільки запис булв відхилений.\n\nБудь ласка, переконайтеся в тому, що дозволений запис до файлу контейнера (клацніть правою кнопкою миші контейнер і виберіть Властивості > Безпека).\n\nЯкщо ви маєте намір зберегти ваш обсягу тільки для читання, встановіть атрибут "Тільки читання" з контейнера (правою кнопкою миші контейнер і виберіть "Властивості" > "Тільки читання"), який буде придушувати це попередження. - Том '%s' було підключено тільки для читання, оскільки операційна система заборонила запис на хост-пристрій.\n\nЗверніть увагу, що деякі спеціальні драйвери чіпсета, помилково повідомляють, доступні для запису носії інформації як пристрої тільки для читання. Ця проблема не пов'язана з VeraCrypt. Вона може бути вирішена шляхом поновлення або видалення драйвері чіпсету сторонніх виробників (не Microsoft). - Зверніть увагу, що технологія Hyper-Threading забезпечує декілька логічних ядер на одному фізичному ядрі. Коли Hyper Threading увімкнено, число показує кількість логічних процесорів/ядер. - %d шт. - Зазначимо, що апаратне пришвидшення AES вимкнено це буде впливати на результати тестів (погіршить продуктивність).\n\n увімкнути апаратне прискорення, виберіть "Налаштування" > 'Швидкодія' й увімкніть відповідну опцію. - Зверніть увагу, що кількість потоків в даний час обмежується, які будуть впливати на результати тестів (гірша продуктивність).\n\n Щоб використовувати весь потенціал процесора (ів), "Налаштування", виберіть > "Швидкодія" і вимкніть відповідну функцію. - Бажаєте, щоб VeraCrypt спробувати відключити захист від запису на розділ/диск? - УВАГА: Цей параметр може знизити продуктивність.\n\nвикористовувати цей параметр? - Увага: VeraCrypt авто-розмонтував пристрої - Перед тим, як фізично видалити або відключити пристрій, що містить встановлений обсяг, ви повинні демонтувати спершу том VeraCrypt.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Тест - Файл-ключ - Backspace - Tab - Очистити - Enter - Pause - Caps Lock - Пробіл - Page Up - Page Down - End - Home - Стрілка вліво - Стрілка вгору - Стрілка вправо - Стрілка вниз - Клавіша вибору - Клавіша друку - Клавіша виконання - Print Screen - Insert - Delete - Клавіша пропозицій - Спати - Num Lock - Scroll Lock - Бравзер - назад - Бравзер - вперед - Браузер - оновити - Браузер - стоп - Браузер - пошук - Браузер - Вибране - Браузер - Початкова сторінка - Без звуку - Зменшити гучність - Збільшити гучність - Наступний трек - Попередній трек - Стоп - Пуск/пауза - Клавіша запуску пошти - Клавіша вибору носія - Застосунок 1 - Застосунок 2 - Attn - СтвВид - РасВид - Пуск - Зум - NumPad - Shift - Control - Alt - Win - б - Кб - Мб - Гб - Тб - Пб - б/с - Кб/с - Мб/с - Гб/с - Тб/с - Пб/с - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Скасувати + Встановити для &всіх користувачів + О&гляд... + &Значок VeraCrypt на Рабочому столі + допомога проекту... + Ассоціювати роз&ширення '.hc' с VeraCrypt + По закінченні відкр&ити місце призначення + &Додати VeraCrypt в меню 'Пуск' + Створити то&чку воідновлення системи + Вида&лення + &Витягнути + &Встановити + Майстер встановлення VeraCrypt + Видалення VeraCrypt + &Довідка + Вкажіть місце призначення для витягнених файлів: + Виберіть місце, куда ви хочете встановити програмні файли VeraCrypt.\nЯкщо вказаної теки не існує, вона буде створена автоматично. + Щолкніть 'Видалення', щоб видалити VeraCrypt з цієї системи. + Стоп + &Випробувати + &Тест + Створити зашифрований том і відформатувати його + Зашифрувати розділ на йго місці + Показ створених ключів (їх частин) + Показувати пул + Завантажити ПЗ для запису CD/DVD + Створити зашифрований файловий контейнер + &Гб + &ТБ + Детальніше + &Прихований том VeraCrypt + Що таке 'прихований том'? + Прямий режим + Звичайний режим + &Кб + Кл&юч. файли + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + Клю&ч. файли... + Свідчення про хеш-алгоритмах + Детальніше + Information on PIM + &Мб + Детальніше + Детальніше про шифрування системи + Детальніше + Мультизагрузка + Зашифрувати несистемний розділ/диск + &Не зберігати історію + Відкрити зовнішній том + &Павза + Use P&IM + Use PIM + Швидке форматування. + &Показ пароля + &Показ пароля + &Display PIM + Одиночна загрузка + Звичайний том VeraCrypt + Пр&ихований + Звичайний + Зашифрувати розділ або весь диск з системою + Зашифрувати системний розділ Windows + Зашифрувати весь диск + Майстер створення томів VeraCrypt + Кластер + ВАЖНО: Хаотично переміщуйте миш всередині цього вікна. Чим довше тим ліпше. Це значно збільшить криптостійкість ключів шифрування. Потім натисніть 'Далі' для продовження. + &Підтвердіть: + Готово + Drive letter: + Алгоритм шифрування + Файл.сист. + Створити віртуальний зашифрованний диск всередині файла. Рекомендується недосвідченим користувачам. + Опції + Хеш-алгоритм + Ключ заг-ка: + Ще + Майстер-ключ: + Виберіть цю опцію, якщо в ПК встановлено дві чи більше ОС.\n\nНапример:\n- Windows XP і Windows XP\n- Windows XP і Windows Vista\n- Windows і Mac OS X\n- Windows і Linux\n- Windows, Linux і Mac OS X + Шифрує несистемний розділ на диск (наприклад, флеш-диск). За бажанням, створює прихований вміст. + Поточний вміст пула (часть) + Пароль + Пароль: + Volume PIM: + Volume PIM: + Хід операції: + Випадково: + Выберіть цю опцію, якщо в ПК встановлена тілько одна ОС (навіть якщо вона з кількома користувачами). + Швидкість + Статус + Ключі, 'соль' і інші дані успішно згенеровані. Якщо ви хчете згенерувати новіе ключі, натисніть 'Назад', а потім 'Далі'. Якщо ж ні, то натисніть 'Далі' для продовження. + Зашифрувати розділ/диск, де встановлена Windows. Перед кожним завантаженням Windows потрібно буде вводити пароль для доступа до ОС, зчтитування і записи файлів і т.д. Додатково - створення прихоапної ОС. + Виберіть цю опцію, щоб зашифрувати розділ, де встановлена Windows і з якого вона завантажується. + Volume Label in Windows: + Режим очищення: + Закрити + Доз&волити відміну предзагрузочної аутентифікації по Esc (включити диспетчер завантаженння) + Немає дій + &Автомонтування тома VeraCrypt (вказанного) + &Запуск VeraCrypt + Автовизначення &бібліотеки + К&ешувати пароль предзагрузочної аутентифікації в памяті драйвера (для монтування несистемных томів) + Огляд... + Огляд... + К&ешувати паролі і ключеві файли + Вхід, якщо нема змонтованих томів + Закр&ити токен-сесію (вийти) після успішного монтування тома + Include VeraCrypt Volume Expander + З майстром створення томів VeraCrypt + Створити + &Створити том + Не відображати текст на &екрані футентифікації (за винятком нижче вказаного тексту) + Disable "Evil Maid" attack detection + Пришвидшення AES шифрування/дешифрування з використанням AES інструкцій процесора (якщо є) + Використовувати файл-ключі + Використовувати файл-ключі + В&ихід + Про обрані томи + Не монтувати вибраний розділ якщо натиснута клавіша 'Монтування обраних розділів' + Монт&увати обраний том при підключенні пристрою, на якому він знаходиться + Монтувати обраний том при вході до систем&и + Монтувати обраний том лиш для читан&ня + Монтувати обраний том як змінний нос&ій + Вни&з + Вгор&у + Відкрити том у &вікні Провідника яшо змонтовано + &Вилучити + Use favorite label as Explorer drive label + Глобальні налаштування + Повідомири після розмонтування за допомогою гарячої клавіші + Звуковий сигнал після розмонтування за допомогою гарячої клавіші + Alt + Control + Shift + Win + Призначити + Забрати + Ключ.файли... + Не використовувати вказане число процесорів для шифрування/дешифрування: + Докладна інформація + Докладна інформація + Більше налаштувань... + &Автомонтування + Параметр&и... + Монтувати том тільки для &читання + Ключ.файли... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Включено + Кешувати пароль в памяті + Автоматично розмонтувати томи при неактивності протягом + завершення сеансів + User session locked + вхід в енергозбереження + запуску екранної заставки + Автоматично розмонтувати томи навіть при відкритих файлах/теках + Монтувати всі тома на пристроях + Запуск VeraCrypt в фоні + Монтувати як том тільки для читання + Монтувати як змінні носії + Відкривати вікно Провідника для успішно змонтованного тома + Temporary Cache password during "Mount Favorite Volumes" operations + Використовувати інший значок панелі завдань, коли є підключені томи + Очищати кеш паролів при авторозмонтуванні + Очищати кеш паролів при виході + Зберігати дату у файл-контейнерів + Скинути + Пристр&ій... + &Файл... + &Бібліотека... + Показати пароль + Показати пароль + &Відкрити змонтований том в вікні Провідника + &Кешувати пароль в памяті драйвера + TrueCrypt Mode + &Розмонтувати всі + Власт&ивості тома... + О&перації... + О&чистити кеш + VeraCrypt - Mount Parameters + VeraCrypt - Обрані томи + VeraCrypt - Загальноистемні гарячі клавіші + VeraCrypt + Зміна пароля або ключевих файлів + Введіть пароль тома VeraCrypt + VeraCrypt - Параметри швидкодії + VeraCrypt - Налаштування + VeraCrypt - Налаштування шифрування системи + VeraCrypt - Налаштування токена безпеки + Налаштування переносного диска VeraCrypt + Властивості тома VeraCrypt + Про програму... + Додати/видалити ключові файли в/із том(а)... + Долучити змонтований том до Обраних... + Додати змонтований тому до системних обраних томів... + Аналіз збою системи... + Зробити резервну копію заголовку тому... + Тест швидкості... + Встановити алгоритм деривації ключа заголовка... + Змінити пароль тома... + Встановити алгоритм деривації ключа заголовка... + Змінити пароль... + Очистити історію томів + Закрити всі токен-сессії + Звязок з авторами... + Створити приховану ОС... + Створити диск відновлення... + Створити новий том... + Permanently Decrypt... + Типові ключові файли... + Default Mount Parameters... + допомога проекту... + Зашифрувати системний розділ/диск... + Часто задавані питання + Посібник користувача + &Домашня сторінка + Гарячі клавіші... + Генератор ключових файлів + Мова (language)... + Юридична інформація + Ключовіе файли токена безпеки... + Автомонтування всіх томів на основі пристрою + Монтувати обрані томи + Монтувати &без предзагрузочної аутентифікаії... + Монтувати том + Монтувати том з параметрами + Новини + Довідка в Інтернеті + Помічник для початківців + Організувати обрані томи... + Організувати Системні Обрані Томи... + Продуктивність... + Перманентно розшифровувати системний розділ/пристрій + Налаштування... + Оновити літери дисків + Видалити із тома всі ключові файли... + Відновити заголовок тома... + Продвжити прерваний процес + Вибрати пристрій... + Обрати файл... + Продовжити припинений процес + Шифрування системи... + Властивості... + Налаштування... + Системні обрані томи... + Завантаження ПЗ + Тест алгоритмів генерування векторів... + Токени безпеки... + Налаштування переносного диска... + Розмонтувати всі змонтовані томи + Розмонтувати том + Провірити диск відновленння + Verify Rescue Disk ISO Image + Історія версії + Volume Expander + Властивості тома + Майстер створення томів + Сайт VeraCrypt + Очистити кеш паролів + Гаразд + Апаратне Прискорення + Клавіша швидкого виклику + Конфігурація автозапуску (файл autorun.inf) + Автоматичне розмонтування + Розмонтувати всі томи при: + Параметри екрана завантажувача + Підтвердіть: + Поточний + Показувати цей текст на екрані предзавантажувальної аутентифікації (не більше 24 символів): + Опції типове монтування томів + Додаткові параметри + Driver Configuration + Enable extended disk control codes support + Мітка обраного тому: + Файлові параметри + Клавіша: + Процесор (CPU) в цьому комп'ютер підтримує апаратне прискорення AES: + Дії при вході у Windows + хв + Буква диска: + Параметри монтування тома VeraCrypt + Новий + Пароль: + Потокове Розпаралелювання + Шлях до бібліотеки PKCS #11 + PKCS-5 PRF: + PKCS-5 PRF: + Кешування (запамятовування) паролів + Параметри безпеки + Робота VeraCrypt в фоновому режимі + Том для монтування (відносно кореня переносного диска): + При вставці переносного диска: + Створити файли переносного диска (корінна тека переносного диска) в: + Том + Вікна + Пап&ка... + &Автотест всіх + &Продовжити + &Дешифрувати + &Видалити + &Шифрування + &Експорт... + Створити і зберегти файл... + Випа&дковий Файл-ключ... + Завантажити мовні модулі з сайта + Апаратне пришвидшення AES: + &Імпорт кл.файла в маркер доступу... + &Файли... + Клю&чові файли + К&люч.файли... + &Видалити + Видалити &всі + Що таке 'Захист прихованих томів'? + Шо таке 'Файл-ключ'? + Монтувати том як &змінний носій + Монтувати розділ з шифруванням ОС &без передзагр. аутентифікації + Розпаралелювання: + Тест + Др&ук + З&хистити прихований том від пошкодження при запису в зовнішній том + &Скинути + Перегл&яд пароля + Додати &токен-файли... + Застосовувати копію заголовку, вмонтован&у в том, якщо можливо + XTS-режим + Про програму VeraCrypt + VeraCrypt - Тест швидкості алгоритмів шифрування + VeraCrypt - Тест генерування векторів + Довідка по командному рядку + VeraCrypt - Ключевые файлы + VeraCrypt - Генератор ключових файлів + VeraCrypt - Мова інтерфейсу + VeraCrypt - Параметри монтування + Властивості ключового файлу нового токену бкзпеки + VeraCrypt - Збагачення випадкового пулу + Оберіть розділ або пристрій + VeraCrypt + Ключові файли токена безпеки + Токен безпеки: потрібен пароль/PIN + Свідчення по вибраному мовному модулі + На швидкість впливають загрузка ЦП і характеристики пристрою зберігання данних.\n\nЦі тести виконуються в ОЗП. + Буфер: + Шифр: + Пароль п&рихованого тома:\n(якщо порожньо, то із кешу) + Захист прихованого тому + Довжина ключа: + ВАЖНО: Хаотично переміщуйте мишку всередині цього вікна. Чим довше, тим ліпше. Це значно збільшить криптостійкість ключового файлу. + УВАГА: При втраті ключового файлу або пошкодженні його перших 1024 кілобайт монтувати використовуючи цей файл томів неможливо! + біт + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Автор перкладу: + Розмір тексту: + біт + Поточний вміст пулу + Мікшер повтору: + ВАЖЛИВО: Хаотично переміщайте курсор всередині вікна. Чим довше ви будете рухатися, тим краще. Це значно підвищує рівень криптографії. Коли закінчите, натисніть "Продовжити". + Вторинний ключ (16-кове) + Токен безпеки: + Сортування: + Будь ласка, зачекайте. Цей процес може зайняти тривалий час... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Число блоків: + Зашифрованний текст (16-кове) + Число одиниць з данними (64-біт 16-кове, розмір одиниці з данними - 512 байт) + Ключ (16-кове) + Незашифрованний текст (16-кове) + Файл-ключ: + XTS-режим + &Система + &Томи + О&бране + С&ервіс + Налаштува&ння + До&відка + Ве&б-сторінка + + &Про програму... + Неможливо зняти атрибут 'тільки читання' з старого тому. Перевірте, чи дозволений доступ до файла. + Помилка! Немає доступу.\n\nРозділ, до якого ви намагаєтесь дістати доступ, має довжину 0 секторів, або це заавнтажувальлний пристрій. + Адміністратор + Щоб завантажити драйвер VeraCrypt, ви повинні ввійти в систему з правами Адміністратора. + Щоб можна було шифрувати/Розшифрувати/форматувати розділ/пристрій, ви повинні ввійти в систему з правами Адміністратора.\n\nДо томів на основі файлів це не відноситься. + Щоб створити прихований том, ви повинні ввійти в систему з правами Адміністратора.\n\nПродовжити? + Щоб форматувати томи як NTFS, ви повинні увійти в систему з правами Адміністратора.\n\nБез привілегій Адміністратора можна форматувати томи тільки як FAT. + Затверджений FIPS (США) алгоритм шифрування (Rijndael, опублікований в 1998 р.), дозволений до застосування в федеральних структурах США для захисту важливої інформації. 256-біт ключ, 128-біт блок, 14 циклів (AES-256). Режим роботи -- XTS. + Том вже змонтований. + ОБЕРЕЖНО: В крайньому випадку один алгоритм шифрування або хешування не проїшов автоматичного самотестування.\n\nМожливо, пошкоджена встановлення VeraCrypt. + ОБЕРЕЖНО: В пулі генератора випадкоаих чисел недостатньо данних для представлення потрібного обєма випадкової інформації інформації.\n\nПровжувати дальше не варто. Виберіть в меню 'Довідка' пункт 'Повідомити про помилку' і повідомити авторів. + Пошкоджений диск (на ньому фізичений дефект) або кабель, або збій памяті комп’ютера.\n\nЦя проблема аппаратної частини вашого ПК, а не VeraCrypt. Будьласка, НЕ повідомляйте нам про неї як про помилку/проблему в роботі VeraCrypt і НЕ просіть про допомогу в форумах VeraCrypt. Зверніться за консультацією до виробника свого обладнання. Дякую.\n\nПримітка: якщо помилка стається регулярно в одному і тому ж місці, найбільш вірогідна причина - в пошкодженому блоці на диску, який можна попробувати виправити за допомогою стороннього ПЗ ( в багатьох випадках команда 'chkdsk /r' безкорисна, так як вона працює лише на рівні файлової системи; іноді 'chkdsk' не може навіть визначити помилку). + Якщо ви звертаєтеся до накопичувача на змінних носіях, упевніться, що у накопичувачі є носій. Також можливе пошкодження накопичувача/носія (фізичний дефект) або пошкодження/відключення кабелю. + Ваша система використовує апаратні драйвери, які містять помилку, що не дозволяє шифрувати весь системний диск.\n\nБудь ласка, спробуйте оновити або видалити будь-який власний набір мікросхем водії, перш ніж продовжити. Якщо це не допоможе, спробуйте тільки шифрування системного розділу. + Невірна літера диску. + Хибний шлях. + Скасувати + Немає доступу до пристрою. Перевірте, чи підключений вибраний пристрій і чи не зайнятий він. + УВАГА! Натиснене клавіша Caps Lock. Це може призвести до неправильного вводу пароля. + Тип тома + Може так статися, що хтось примусить вас повідомити пароль від зашифрованного тому. В деяких ситуаціях ви просто не зможете відказатися видати пароль (наприклад, при вимаганні). В подібних випадках поможе 'прихований том', дозволяючий не выдавати пароль до дійсно цінних данних. + Виберіть цю опцію, щоб створити звичайний том VeraCrypt. + Увага! Якщо ви хчете, щоб операційна система була встановлена в приховуваному томі на основі розділу, то весь системний диск неможливо зашифрувати з допомогою лише одного ключа. + Шифрування зовнішнього тому + Шифрування прихованого тому + Налаштування шифрування + УВАГА: Помилка очищення шляху до останнього вибраного тома/ключового файлу (записаному в памяті селектором файлів). + ПОМИЛКА: Контейнер був зжатий на рівні файлової системи. VeraCrypt не підтримує зжаті контейнери (зжаття зашифрованних данних неефективне).\n\nВідключіть зжаття контейнера, виконавши наступні кроки: 1) Щолкніть правою кнопкою миші в Провіднику Windows (не в VeraCrypt). 2) Виберіть пункт 'Властивості'. 3) В діалоговім вікні 'Властивості' нажміть кнопку 'Додатково'. 4) В діплоговому вікні 'Додаткові атрибути' виключіть параметер 'Зжимати вміст для економії місця на диску' і натисніть 'Гаразд'. 5) Натисніть 'Гаразд' в діалоговім вікні 'Властивості'. + Помилка створення тома %s + Розмір %s - %.2f байт + Розмір %s - %.2f Кб + Розмір %s - %.2f Мб + Размір %s - %.2f Гб + Розмір %s - %.2f Тб + Розмір %s - %.2f Пб + УВАГА: Пристрій/розділ використовується операційною системою або пошкоджений. Форматування пристрою/розділу може призвести до втрати данних або нестабільності системи.\n\nПродовжити? + УВАГА: Пристрій/розділ використовується операційною системою або додатком. Потрібно закрити всі программи, які можуть використовувати розділ (включаючи антивірусне ПЗ).\n\nПродовжити? + ПОМИЛКА: Пристрій/розділ містить файлову систему, яка не може бути розмонтована. Ця файлова система може використовуватись операційною системою. Форматування пристрою/розділу ймовірніше за все призведе до пошкодження данних і нестабільності системи.\n\nДля вирішення цієї проблеми ми рекомендуємо зпочатку видалити цей розділ, після чого знову створити його без форматування. Ось як це зробити: 1) Клацніть правою кнопкою миші по значку 'Комп'ютер' (або 'Мій комп’ютер') в меню 'Пуск' і виберіть пункт 'Керування'. Повинно появитися вікно 'Керування комп’ютером'. 2) В вікні 'Управління комп'ютером' виберіть 'Запамятовуючі пристрої' > 'Керування дисками'. 3) Клайніть правою кнопкою миші по розділу, який ви хочете зашифрувати, і виберіть або 'Видалити розділ', або 'Видалити том', або 'Видалити логічний диск'. 4) Натисніть 'Так'. Якщо Windows попросить перезагрузити комп'ютер, виконайте це. Потім повторіть кроки 1 і 2 і перейдіть до кроку 5. 5) Клацніть правою кнопкою по пустому участку (воно повинно містити надпис 'Не розподілено') і виберіть 'Основний розділ', 'Додатковий розділ' або 'Логічний диск'. 6) Повинно появитися вікно майстра створення розділів або томів; дотримуйтесь його інструкціям. В вікні майстра на сторінці 'Форматування розділу' виберіть або 'Не форматувати цей розділ', або 'Не форматувати цей том'. В тому ж вікні майстра натисніть кнопку 'Далі' і потім 'Готово'. 7) Майте на увазі, що вибраний вами в VeraCrypt шлях до пристрою може бути тепер невірним. Тому завершіть роботу майстра створення томів VeraCrypt (якщо він все ще виконкється) і запустіть йго знову. 8) Спробуйте знову зашифрувати пристрій/розділ в VeraCrypt.\n\nЯкщо VeraCrypt знову відмовиться шифрувати пристрій/розділ, зкоректуйте свої плани і створіть замість цього файловий контейнер. + ПОМИЛКА: Не вдалося заблокувати і/або розмонтувати файлову систему. Вірогідно, вона використовується ОС або додатками (наприклад, антивірусним ПЗ). Шифрування цього розділу може призвести до пошкодження даних і нестабільність системи.\n\nЗакрийте всі додатки, які можуть звертатися до файлової системи (включаючи антивірусне ПЗ) і повторіть спробу. Якщо це не допоможе, дотримуйтесь нижче вказаних інструкцій. + УВАГА: деякі змонтовані пристрої/розділи вже використовуються.\n\nІгнорування цього може призвести до небажаних наслідків, включаючи нестабільність системи.\n\nСлід закрити всі застосунки, що можуть використовувати ці пристрої/розділи. + Обраний пристрій містить розділи.\n\nФорматування такого пристрою може призвести до втрати даних та/або нестабільності системи. Будь ласка, оберіть розділ на пристрої, або видаліть всі розділи на ньому, щоб VeraCrypt зміг його форматувати. + Вибраний несистемний пристрій містить розділи.\n\nЗашифровані томи VeraCrypt на основі пристроїв можна створювати лише на дисках, що не містять розділів (включаючи жорсткі і твердотілі вінчестири). Пристрій з розділами можна зашифрувати повністю на місці (з допомогою одного майстер-ключа), тільки якщо цей диск, де встановлена Windows і з якого вона завантажується.\n\nЯкщо ви бажаєте зашифрувати вибраний не системний пристрій з допомогою одного майстер-ключа, спочатку потрібно видалити всі розділи на цьому пристрої, щоб VeraCrypt зміг його безпечно відформатувати (форматування пристрою з розділами може призвести до нестабільності системи і/або пошкодження даних). Другий варіант -- зашифрувати окремо кожний розділ на диску (використовуючи індивідуальні майстер-ключі).\n\nПримітка: щоб видалити всі розділи з диска GPT, його потрібно перетворити в диск MBR (наприклад, за допомогою інструменту Computer Management) для видалення прихованих розділів. + УВАГА: Якщо шифрувати весь пристрій (а не тільки один розділ на ньому) ОС буде вважати його новим, порожнім і неформатованим (який немістить таблиць розділів) і може відформатувати цей пристрій (або питати у вас дозволу на це), що може пошкодити том.\n\nЩоб цього уникнути, ви можете створити розділ на пристрої і зашифрувати лише цей розділ.\n\nВи дійсно хочете зашифрувати весь пристрій? + ВАЖЛИВО: Майте на увазі, що цей том НЕМОЖЛИВО монтувати і получити до нього доступ по букві диска %c:, яка зараз йому назначена!\n\nЩоб монтувати цей том, натисніть 'Автомонтування' в головному вікні VeraCrypt (або натисніть кнопку 'Пристрій', виберіть цей розділ/диск і натисніть 'монтувати'). Том буде змонтований на іншу букву диска, вибрану із списку в головному вікні VeraCrypt.\n\nЦю букву диска %c: потрібно застосовувати тільки коли потрібно видалити шифрування з розділу/пристрою (наприклад, якщо шифрування більше не потрібне). В такому випадку щолкніть правою кнопкою миші по диску %c: в вікні 'Комп'ютер' (або 'Мій комп’ютер') і вибкріть пункт 'Форматувати'. У всіх інших випадках букву %c: використовувати неварто (якщо тільки ви не видалили її і не присвоїли її іншому розділу/пристрою). + В даній ОС шифрування 'на місці' не підтримується (для цього потрібна Windows Vista чи новіша версія Windows).\n\nПричина: ця версія Windows не допускає зжаття файлової системи (що потребує для звільнення місця під заголовок тому і його резервну копію). + Вибраний розділ не містить файлової системи NTFS. Для шифрування 'на місці' придатні розділи з NTFS.\n\nПричина: Windows не підтримує зжаття файлових систем інших типів (що потребує для звільнення місця під заголовок тому і його резервну копію). + Даний розділ не містить файлової системи NTFS. Для шифрування 'на місці' придатні розділи з NTFS.\n\nЯкщо ви хочете створити зашифрований том VeraCrypt всередині цього розділу, виберіть "Створити і відформатувати вибраний том" (а не "Зашифрувати розділи на місці"). + ПОМИЛКА: розділ надто малий. VeraCrypt не взмозі зашифрувати його 'на місці'. + Для зашифрувати даних на цьому розділі:\n\n1) Створіть том VeraCrypt на чистому розділі/пристрої і змонтуйте його.\n\n2) Скопіюйте все файлы з розділу, який ви хочете зашифрувати, на змонтований том VeraCrypt (створений на етапі 1). Так буде створена зашифрована резервна копія даних.\n\n3) Створіть том VeraCrypt на розділі, який бажаєте зашифрувати, переконайтеся (в майстрі VeraCrypt), що вибрали опцію "Створити зашифрованний том і відформатувати його" (а не опцію "Зашифрувати розділ на місці"). Майте на увазі, що всі дані на цьому розділі будуть видалені. Створивши том, змонтуйте його.\n\n4) Скопіюйте всі файли з змонтованого тому VeraCrypt з копією даних (створену на етапі 1) на змонтований том VeraCrypt, створений на етапі 3.\n\nПісля закінчення цих операцій дані будуть зашифровані, плюс з нихбуде зроблена зашифрована резервна копія. + Шифрування 'на місці' можливе тільки для розділу, динамічного тому або всього системного диску.\n\nЯкщо ви хочете створити зашифрований том VeraCrypt на вибраному несистемному пристрої, виберіть опцію "Створити зашифрований том і відформатуйте його" (а не опцію "Зашифрувати розділи на місці"). + ПОМИЛКА: Шифрування 'на місці' можливе тільки для розділу, динамічного тому або всього системного диску. Впевніться в правильності вказаного шляху. + ПОМИЛКА: Неможливо зменшити файлову систему (це необхідно для звільнення місця під заголовок тому і резервну копію заголовка).\n\nМожлимі причини і рішення:\n\n- Недостатньо вільного місця на томі. Спробуйте дефрагментувати файлову систему (щолкніть ПКМ на букві відповідного диска у вікні '(Мій) Комп'ютер', виберіть 'Властивості' > 'Сервіс' > 'Виконати' дефрагментацію > 'Дефрагментація'). Якщо це не допоможе, видаліть непотрібні файли і очистіть Кошик.\n\n- Пошкоджена файлова система. Спробуйте використовувти її (щолкніть ПКМ на букві відповідного диска у вікні '(Мій) Комп'ютер', ввиберіть 'Властивості' > 'Сервіс' > 'Виконати перевірку', включіть опцію 'Автоматично виправляти системні помилки' і натисніть 'Запуск').\n\nЯкщо нічого не допомагає, виконуйте рекомендації подані нижче. + ПОМИЛКА: Недостатньо вільного місця на томі, неможливо зменшити файлову систему (це необхідно для звільнення місця під заголовок тому і резервну копію заголовку).\n\nВидаліть непотрідні файли і очистіть кошик, звільнивши декілька мегабайт, повторіть спробу. Якщо це прийнятно, виконуйте рекомендаії наведені нижче. + На диску %s вільно %.2f байт + На диску %s вільно %.2f Кб + На диску %s вільно %.2f Мб + На диску %s вільно %.2f Гб + На диску %s вільно %.2f Тб + На диску %s вільно %.2f Пб + Неможливо отримати доступні літери дисків. + Помилка: не знайдено драйвер VeraCrypt.\n\nБудь ласка, скопіюйте файли 'veracrypt.sys' та 'veracrypt-x64.sys' до теки, де розташовується основний застосунок VeraCrypt (VeraCrypt.exe). + Запущено драйвер VeraCrypt несумісної версії.\n\nВерсія що потрібна: VeraCrypt + Помилка ініціалізації шифру. + Помилка: слабкий або потенційно слабкий ключ! Цей ключ не принято. Повторіть спробу. + Виникла критична помилка, робота VeraCrypt перервана. Якщо це наслідок помилки в VeraCrypt, ми б хотіли її виправити. Відправте автоматично створений звіт про помилку з наступними даними:\n\n- Версія програми\n- Версія операційної системи\n- Ім'я компонента VeraCrypt\n- Контрольна сума виконуючого файлу VeraCrypt\n- Символьне ім'я діалогового вікна\n- Категорія помилки\n- Адрес помилки\n- Тип ЦП\n- Мережевий виклик VeraCrypt\n\nПри виборі 'Так' в вашому браузері буде відкрита наступна URL-адреса з повним звітом про помилку (в окремих випадках це може зайняти до 30 секунд).\n\n%hs\n\nВідправити звіт про помилку? + Критична помилка в системі, робота VeraCrypt буде перервана.\n\nЦя помилка виникла не по вині VeraCrypt (тому розробники VeraCrypt не можуть її виправити). Перевірте свою систему на можливі проблеми (наприклад, системну конфігурацію, Підключення до мережі, збій апаратури). + Критична помилка в системі, яка потребує VeraCrypt повинна бути припинена.\n\nЯкщо проблема не усувається, ви можете спробувати відключити або видалити додатки, які потенційно можуть бути причиною проблеми, такі як антивіруси і забезпечення безпеки в Інтернеті, система "підсилювачів", "оптимізаторів" або "твікера" і т.д. Якщо це не допоможе , ви можете спробувати перевстановити операційну систему (ця проблема може бути викликана шкідливих програм). + Критична помилка VeraCrypt + За даними VeraCrypt, операційна система недавно зазнала збій. Потенційних причин цьому безліч (наприклад, відмова апаратури, помилка в драйвері пристрою, і т.д.)\n\nБажаєте перевірити, чи був викликаний системний збій помилкою в VeraCrypt? + Волієте, щоб VeraCrypt і далі відстежував системні збої? + VeraCrypt не вдалося знайти файл з міні-дампом системних збоїв. + Бажаєте видалити дамп-файл Windows з даними про збій, щоб вивільнити місце на диску? + Щоб проаналізувати системний збій, VeraCrypt спочатку необхідно\nВстановити Microsoft Debugging Tools для Windows.\n\nПісля натиснення Гаразд почнеться завантаження та встановлення пакета\nMicrosoft Debugging Tools (16 Мбайт) з сервера Microsoft\n(програма встановлення Windows перенаправить вас на сервер\nMicrosoft з сервера veracrypt.org, тим самим гарантуючи успіх операції,\nнавіть якщо Microsoft змінить місце розташування пакета встановлення). + Після натискання Гаразд почнеться аналіз системного збою. Ця операція може зайняти декілька хвилин. + Переконайтеся, що у змінній оточення 'PATH' вказано шлях до файлу відновлення ядра 'kd.exe' (Kernel Debugger). + Швидше за все, причина системного збою НЕ в VeraCrypt. Потенційних причин збою системи безліч (наприклад, відмова апаратури, помилка в драйвері пристрою, і т.д.) + Як показав аналіз, дану проблему може вирішити оновлення наступного драйвера: + Щоб допомогти визначити, чи є помилка в VeraCrypt, відправте нам автоматично створений звіт про помилки, що містить такі дані:\n-Версія програми\n-Версія операційної системи\n-Тип ЦП\n-Категорія помилки\n-Назва і версія драйвера\n-Стек системних викликів\n\nПри виборі 'Так' у вашому інтернет-браузері буде відкрито наступну URL-адресу (з повним звітом про помилки). + Бажаєте відправити нам цей звіт про помилки? + &Зашифрувати + &Розшифрувати + &Постійне розшифровування + Вихід + Будь ласка, створіть логічний диск для цього розширеного розділу та спробуйте ще. + Том VeraCrypt може знаходитися в файлі ('контейнері' VeraCrypt) на твердому диску, флеш-накопичувачі USB і т.п. Контейнер VeraCrypt нічим не відрізняйться від звичайного файлу (наприклад, його можна переміщати, копіювати і видаляти). Натисніть кнопку 'Файл...', щоб вказати ім'я і шлях до створюваного файлу-контейнера для зберігання нового тому.\n\nУВАГА: Якщо ви виберете вже існуючі файли, VeraCrypt НЕ зашифрує його; цей файл буде видалено і замінений створеним контейнером VeraCrypt. Ви можете зашифрувати існуючі файли (внаслідок), перемістивши їх в створений зараз контейнер VeraCrypt. + Виберіть розміщення для створення зовнішнього тому (всередині цього тому потім буде створений прихований том).\n\nТом VeraCrypt може знаходитися в файлі ('контейнері' VeraCrypt) на жорсткому диску, флеш-накопичувач USB і т.п. Контейнер VeraCrypt можна переміщувати, копіювати і видаляти як звичайний файл. Натисніть кнопку 'Файл...', щоб вказати ім'я і шлях до створюваного файлу-контейнеру для зберігання нового тому. Якщо ви виберете уже існуючий файл, VeraCrypt НЕ зашифрує його; цей файл буде видалено і замінений створеним контейнером VeraCrypt. Ви зможете зашифрувати існуючі файли, перемістивши їх в створюваний зараз контейнер VeraCrypt. + Зашифрованний том VeraCrypt на основі пристрою можна створювати всередині розділу жорсткого диску, на твердотілому носії, флеш-накопичувачі USB і інших пристроях зберігання інформації. Розділи також можна шфрувати на місці.\n\nКрім того, зашифровані томи VeraCrypt на основі пристроїв можна створювати всередині пристрою, який не містить розділів (включаючи жорсткі диски и твердотілі накопичувачі).\n\nПримітка: пристрій, містить розділи, можна зашифрувати цілком на місці (використовуючи один ключ), тільки якщо з нього завантажується Windows. + Том VeraCrypt на основі пристрою можна створювати всередині розділу вінчестера, на твердотілому носії, флеш-накопичувачі USB і інших пристроях зберігання інформації.\n\nУВАГА: Розділ/диск буде відформатований, а всі дані на ньому - знищені. + \nВиберіть розміщення для створення зовнішнього тому (всередині цього тому потім буде створений прихований том).\n\nЗовнішні томи можна створювати всередині розділів жорстких дисків, на твердотілому носії, флеш-накопичувачі USB і інших пристроях зберігання інформації. Зовнішні томи також можна створювати всередині пристрою, не містячих розділів (включаючи жорсткі диски і твердотілі накопичувачі).\n\nУВАГА: Розділ/диск буде відформатований, а всі дані на ньому - знищені. + Оберіть розміщення тому VeraCrypt, всередені якого ви бажаєте створити прихований том. + УВАГА: файл/пристрій вже використовується!\n\nІгнорування цього може призвести до небажаних наслідків, включаючи нестабільність системи. Перед монтуванням тому слід закрити всі програми, що використовують цей файл/пристрій.\n\nПродовжити монтування? + Помилка: неможливо монтувати том. Файл/пристрій вже використовується. Спроба монтування без виключного доступу також зазнала невдачі. + Неможливо відкрити файл. + Розміщення тому + Великі файли + Чи збираєтеся ви збирігати в цьому томі VeraCrypt Файли розміром більше 4 Гбайт? + В залежності від вашої відповіді VeraCrypt вибере для тому підходящу файлову систему (вибір файлової системи вам буде запропоновано в наступному етапі). + Так як ви створюєте зовнішній том, рекомендовано відповісти 'Ні'. Інакше Файлова Система типово буде NTFS, для зовнішніх томів це гірше, чим FAT (максисально можливий розділ приховуваного тому буде значно більший, якщо зовнішній том -- FAT). Стандартно FAT це ФС типово як для прихованих, так і для звичайних томів (томи FAT не викликають підозр). Але якщо потрібно зберігати файли розміром більше 4 Гбайт (що в FAT недопустимо), то FAT не буде ФС типово. + Ви дійсно бажаєте відповісти 'Так'? + Режим створення тому + Це найшвидший спосіб створення тому VeraCrypt на основі розділу або пристрою (шифруваня на місці повільніше, так як вміст кожного сектору спочатку зчитуються, шифрується а потім записується). всі дані на вибраному розділі/пристрої будуть знищені (ці дані НЕ шифруються; вони перезаписуються випадковими даними). Якщо вам потрібно зашифрувати дані, які є на розділі, виберіть інший варіант. + Весь вибраний розділ зі всіма даними буде зашифрований на місці. Якщо розділ порожній, вам потрібно вибрати інший варіант (створення тому відбувається набагато швидше). + Примітка: + &Продовжити + &Відкласти + &Старт + Продов&жити + &Форматувати + &Затерти + Перервати форматування? + Детальніше + Більше не показувувати + Вміст розділу/пристрою успішно видалено (затерто). + Вміст розділу з вихідною системою (клоном якої є прихована система) успішно видалено (затерто). + Переконайтеся, що Windows, який ви бажаєте встановити (на очищений розділ) має ту ж версію, що і поточний Windows. Це необхідно тому, що обидві ОС будуть використовувати загальний завантажувальний розділ. + Системний розділ/пристрій успішно зашифровано. + Системний розділ/пристрій успішно розшифровано. + \n\nТом VeraCrypt створений та готовий до використання. Якщо ви бажаєте створити ще один том VeraCrypt, натисніть 'Далі'. В іншому пипадку, натисніть 'Вихід'. + \n\nПрихований том VeraCrypt успішно створений (всередині нього буде знаходитися прихована ОС).\n\nНатисніть 'Далі' для продовження. + Том повністю зашифрований + Volume Fully Decrypted + ВАЖЛИВО: ДЛЯ МОНТУВАННЯ ЦЬОГО ТОМУ VERACRYPT І ДОСТУПУ ДО ДАНИХ, ЩО МІСТЯТЬСЯ В НЬОМУ НАТИСНІТЬ 'Автомонтування' В ГОЛОВНОМУ ВІКНІ VERACRYPT. Після вводу правильного паролю (і/або ключових файлів) том буде змонтовано на букву диска, вибрану вами в головному вікні VeraCrypt (доступ до зашифрованих даних буде поцій букві диску).\n\nЗАПАМЯТАЙТЕ АБО ЗАПИШІТЬ НАСТУПНІ ЕТАПИ.ВИ ПОВИННІ ВИКОНУВАТИ ЇХ ДЛЯ МОНТУВАННЯ ТОМУ І ДОСТУПУ ДО ЙОГО ДАНИХ. Інший спосіб: натисніть кнопку 'Пристрій' в головному вікні VeraCrypt, виберіть цей розділ/том і натисніть 'Монтувати'.\n\nРозділ/том успішно зашифрований (зараз він містить повністю зашифрований том VeraCrypt) і готовий до використання. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + Том VeraCrypt успішно створено. + Том створено + ВАЖЛИВО: як можна довільніше рухайте мишою всередині цього вікна. Чим довше - тим краще. Це значно збільшить криптографічну стійкість ключів шифрування. Потім натискайте 'Форматувати', щоб створити том. + Натисніть 'Форматувати', щоб створити зовнішній том. Для отримання докладної інформації зверніться до документації. + Форматування зовнішнього тому + Форматування прихованого тому + Форматування тому + Для перегляду або друку Посібника Користувача потрібна програма Adobe Reader (або сумісна з нею). Adobe Reader можна завантажити (безплатно) з сайту: www.adobe.com\n\nБажаєте замість цього переглянути онлайн-документацію? + Якщо ви оберете цю опцію, Майстер допоможе вам спочатку створити звичайний том VeraCrypt, а потім прихований всередині першого. Недосвіченим користувачам слід завжди обрати цю опцию. + Якщо ви оберете цю опцію, ви створите прихований том всередині існуючого тому VeraCrypt. Це передбачає, що ви вже створили том VeraCrypt, який придатний до розміщення у собі прихованого тому. + Режим створення тому + Прихований том створено + Прихований том VeraCrypt успішно створений та готовий до використання. Якщо ви дотримувались усіх інструкцій та порад глави "Security Precautions Pertaining to Hidden Volumes" Посібника Користувача VeraCrypt, то навіть при змонтованому зовнішньому томі виявити прихований том буде неможливо.\n\nУВАГА: ЯКЩО ВИ НЕ ЗАХИСТИТЕ ПРИХОВАНИЙ ТОМ (ДОКЛАДНІШЕ ДИВІТЬСЯ ГЛАВУ "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" ПОСІБНИКА КОРИСТУВАЧА VERACRYPT), НІЧОГО НЕ ЗАПИСУЙТЕ ДО ЗОВНІШНЬОГО ТОМУ. В ІНШОМУ ВИПАДКУ ВИ МОЖЕТЕ ПЕРЕЗАПИСАТИ І ПОШКОДИТИ ПРИХОВАНИЙ ТОМ! + Ви запустили приховану операційну систему. Як ви могли помітити, прихована ОС виглядає так, ніби вона встановлена на тому ж розділі, що і вихідна ОС. Насправді ОС встановлена всередині розділу ззаді неї (в приховуваному томі). Всі операції читання і запису прозоро перенаправляються із системногорозділу в прихований том.\n\nНі операційна система, ні додатки не будуть знати, що дані, записуючі і читаючі в системному розділі, в дійсності записуються і читаються в розділі з заді нього (в прихованому томі). Любі такі дані шифруються і розшифровуються негайно (з ключом шифрування, відмінним від використовуваного для підставної ОС).\n\n\nНатисніть 'Далі' для продовження. + Зовнішній том створений і змонтований як диск %hc:. Скопіюйте в цей зовнішній том які небуть файли. Вони знадобляться для демонстрації, якщо вас змусять повідомити пароль від першого розділу ззаду системного, де будуть розположені зовнішній том і прихований том (з прихованою ОС). Ви зможете відкрити пароль від цього зовнішнього тому, а існування прихованого тому (і прихованої ОС) залишеться засикречиним.\n\nВАЖЛИВО: Файли, копіюючі в зовнішній том, не повинні займати більше %s. В іншому випадку на зовнішньому томі може виявитися недостатньо вільного місця для прихованого тому (і ви не зможете продовжити). Коли закінчете копіювання, натисніть 'Далі' (не розмонтуйте том). + Зовнішній том успішно створений і змонтований як диск %hc:. До цього тому зараз слід скопіювати будь-які файли що мають осмислений вигляд, які насправді вам НЕ потрібно ховати. Ці файли потрібні для того, щоб показати їх тим, хто змусить вас повідомити пароль. У цьому випадку ви скажете лише пароль для цього зовнішнього тому, але не для прихованого. Дійсно цінні для вас файли будуть зберігатись у прихованому томі, що буде створено пізніше. Натисніть 'Далі', коли скопіюєте файли. Не розмонтовуйте цей том.\n\nПам'ятайте: після натискання 'Далі' буде просканована карта кластерів зовнішнього тому в пошуку неперервної вільної ділянки, кінець якої стане кінцем тому. Цей блок буде підігнаний під прихований том, тому від нього залежить максимально можливий розмір. Сканування карти необхідне, щоб прихований том не затер дані у зовнішньому томі. + Вміст зовнішнього тому + \n\nНаступними кроками Майстра буде встановлення опцій для зовнішнього тому (всередині якого пізніше буде створено прихований том). + \n\nНа наступних етапах ви створете так званий зовнішній том VeraCrypt всередині першого розділу за системним розділом (це було пояснено на попередньому етапі). + Зовнішній том + На наступних етапах потрібно встановити параметри і пароль для прихованого тому, який буде містити приховану ОС. Примітка: для визначення розміру неперерваної незанятої області, закінчення якої буде вирівняно по кінці зовнішнього тому, виконується сканування його карти кластирів. Ця область буде підігнана для прихованого тому, щоб його границі не перевищували максимально можливий розмір. Максимально можливий розмір прихованого тому визначено і він гарантовано більший, чим у системного розділу (це необхідно, оскільки весь вміст системного розділу має бути скопійовано в прихований том). Тобто ніякі дані, що знеаходяться в даний момент в зовнішньому томі, не будуть перезаписані данними, записаними в область прихованого тому. + ВАЖЛИВО: Запамятайте алгоритми, які ви зараз виберете. Вам потрібно вибрати ті ж алгоритми для підставної ОС. В іншому випадку прихована система буде недоступна! (Підставна система повинна бути зашифрована тимже алгоритмом, що і прихована.)\n\nПримітка: причина в тому, що підставна і скрита системи використовують одинаковий завантажувач, підтримуючий лише алгоритм, вибраний користувачом (для кожного алгоритму є своя версія завантажувача VeraCrypt). + \n\nКарту кластерів тому переглянуто, визначено максимально можливий розмір прихованого тому. Наступними кроками Майстра буде встановлення опцій, розміру та паролю для прихованого тому. + Прихований том + Тепер прихований том захищений від пошкоджень до розмонтовання зовнішнього тому.\n\nУВАГА: при спробі запису даних до області прихованого тому, VeraCrypt заборонить запис до всього тому (зовнішнього та прихованого) до його розмонтування. Це може викликати пошкодження файлової системи зовнішнього тому, що (якщо це повторюватиметься) може зашкодити запереченню існування прихованого тому. Тому вам слід уникати запису до області прихованого тому. Будь-які дані, що записуватимуться до області прихованого тому, не будуть збережені та будуть втрачені. Windows може повідомити про це як помилку запису ("Delayed Write Failed" або "The parameter is incorrect"). + Кожен прихований том у щойно змонтованих томах захищені від пошкоджень до розмонтування.\n\nУВАГА: при спробі запису даних до області прихованого тому, VeraCrypt заборонить запис до всього тому (зовнішнього та прихованого) до його розмонтування. Це може викликати пошкодження файлової системи зовнішнього тому, що (якщо це повторюватиметься) може зашкодити запереченню існування прихованого тому. Тому вам слід уникати запису до області прихованого тому. Будь-які дані, що записуватимуться до області прихованого тому, не будуть збережені та будуть втрачені. Windows може повідомити про це як помилку запису ("Delayed Write Failed" або "The parameter is incorrect"). + УВАГА: спроба запису даних до області прихованого тому в томі, змонтованому як %c:!\n\nДля захисту прихованого тому запис цих даних було заборонено VeraCrypt. Це може викликати пошкодження файлової системи зовнішнього тому та Windows може повідомити про це як помилку запису ("Delayed Write Failed" або "The parameter is incorrect"). Запис на весь том (зовнішню та приховану частини) заборонений до розмонтування тому. Якщо це відбувається вже не вперше, заперечення існування прихованого тому може бути під загрозою (через можливу несумісність файлової системи у зовнішньому томі). Тому вам слід створити новий том VeraCrypt (з вимкненим Швидким форматуванням) та перемістити файли з цього тому у новий; цей том слід непомітно видалити (як зовнішню так і приховану частину). рекомендовано зараз перезавантажити операційну систему. + Ви маєте намір зберігати в томі файли розміром більше 4 Гбайт. Такий розділ повинен бути відформатований в NTFS, що, однак, неможливо. + Візьміть до відома, що коли виконується прихована операційна система, не приховані томи VeraCrypt форматувати в NTFS неможливо. Це пояснюється тим, що це потрібно тимчасово змонтувати без захисту від запису, щоб дозволити операційній системі відформатувати його в NTFS (тоді як форматування в FAT виконується засобами VeraCrypt, а не операційної системи, і без монтування). Технічні деталі приведені нижче. Не прихований том NTFS можна створити з оманної операційної системи. + В цілях безпеки, коли запущина прихована ОС, приховані томи можна створювати тільки в 'прямому' режимі (оскільки зовнішні томи повинні завжди монтуватися як 'тільки для читання').\n\nЩоб безпечно створити прихований том, виконайте наступні кроки:\n\n1) Завантажте підставну систему.\n\n2) Створіть звичайний том VeraCrypt і скопіюйте в цей том які небуть файли (цей том стане зовнішнім томом).\n\n3) Завантажте приховану систему і запустіть майстра стврення томів VeraCrypt.\n\n4) Якщо том -- на основі файла, перемістіть його в системний розділ або в інший прихований том (інакше знов створений прихований том був би змонтований як 'тільки для читання' без можливості форматування).\n\n5) Проходьте інструкмії майстра так, як при виборі 'прямого' режиму створення прихованого тому.\n\n6) На екрані майстра виберіть том, створений на етапі 2, і проходьте інструкції для створення прихованого тому всередині нього. + З міркувань безпеки, коли прихованої операційної системи, місцевого незашифрованного файлових і не прихована VeraCrypt обсяги встановлені тільки для читання (немає даних, можуть бути написані на таких файлових систем або томів VeraCrypt).\n\nData дозволено бути написано на будь-яку файлову систему, яка знаходиться в прихованому VeraCrypt гучності (за умови, що обсяг прихованої знаходиться не в контейнері зберігається в незашифрованному вигляді файлової системи або на будь-який інший тільки для читання файлової системи). + Ці міри протидії були реалізовані по трьох основних причинах:\n\n- Можливість створення безпечної платформи для монтування прихованих томів VeraCrypt. Зверніть увагу, що ми офіційно рекомендуємо монтувати приховані томи, тільки коли запущена прихована операційна система. (Детальніше дв. в параграфі 'Security Precautions Pertaining to Hidden Volumes' в документації.)\n\n- В деяких випадках є можливість визначити, що у визначений час конкретна файлова система не була змонтована (або конкретний файл в файловій системі не був збережений або до нього не було звернення з неї) під конкретною копією ОС (наприклад, шляхом аналізу і порівняння журналів файлових систем, тимчасових файлів, звітів додатків і/або помилок, і т.д.). Це докази про існування в комп'ютері прихованої ОС. Дані міри протидії цьому.\n\n- Захист цілісності файлової системи, змонтованої під обєми ОС -- підставної і прихованої, коли одна або дві із них знаходяться в стані сну/гібернації. + Примітка: якщо потрібно безпечно перенести файли із підставної системи в приховану, виконайте наступне: 1) Загрузіть підставну систему. 2) Збережіть потрібні вам файли на незашифрованому томі або на зовнішньому/звичайному томі VeraCrypt. 3) Завантажте приховану систему. 4) Якщо ви зберегли файли на томі VeraCrypt, змонтуйте його (вон буде автоматично змонтована як 'тільки для читання'). 5) Скопіюйте файли в прихований системний розділ або в інший прихований том. + Комп'ютер потрібно перезавантажити.\n\nПерезавантажити зараз? + При отриманні статусу системного шифрування виникла помилка. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Неможливо ініціалізувати компонент застосунку для системного шифрування. + Невдала ініціалізація генератора випадкових чисел! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Неможливо ініціалізувати застосунок. Невдала реєстрація класу Dialog. + Помилка завантаження системної бібліотеки Rich Edit. + Майстер створення тому VeraCrypt + Максимальний розмір прихованого тому для цього тому дорівнює %.2f байт + Максимальний розмір прихованого тому для цього тому дорівнює %.2f Кб + Максимальний розмір прихованого тому для цього тому дорівнює %.2f Мб + Максимальний розмір прихованого тому для цього тому дорівнює %.2f Гб. + Максимальний розмір прихованого тому для цього тому дорівнює %.2f Tб. + Поки том змонтований, змінити пароль/файл-ключі цього тому неможливо. Будь ласка, перш розмонтуйте том. + Поки том змонтований, змінити алгоритм деривації ключа заголовку цього тому неможливо. Будь ласка, перш розмонтуйте том. + &Монтувати + Для монтування цього тому потрібна більш нова версія VeraCrypt. + Помилка: не знайдено Майстра створення тому.\n\nПеревірте наявність файлу 'VeraCrypt Format.exe' у теці запущеного файлу 'VeraCrypt.exe'. Якщо його немає, будь ласка перевстановіть VeraCrypt або знайдіть файл 'VeraCrypt Format.exe' та запустіть його. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Далі > + &Завершити + &Встановити + Ви&добути + Неможливо з'єднатись із драйвером пристрою VeraCrypt. VeraCrypt не може працювати, якщо не запущено драйвер пристрою.\n\nБудь ласка, пам'ятайте, в залежності від настроювань Windows, можливо прийдеться завершити сеанс або перезавантажити систему, щоб запустити драйвер пристрою. + Помилка завантаження/підготовки шрифтів. + Таку літеру диску не знайдено, або не обрано жодної літери диску. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Літера диску не доступна. + Не обрано файл! + Немає доступних літер дисків. + Немає вільної літери диску для зовнішнього тому! Створення тому не може бути продовжено. + Не вдалося визначити версію операційної системи, або вона не підтримується. + Не вказано шлях! + Недостатньо вільного місця для прихованого тому! Продовження створення тому неможливе. + ПОМИЛКА: Скопійовані у зовнішній том файли займають надто багато місця. Через це у зовнішньому томі недостатньо вільного місця під прихований том.\n\nЗверніть увагу, що прихований том повинен бути не менше системного розділу (т.б. розділа, де встановлена працююча зараз операційна система). Причина в тому, що при створенні прихованої ОС виконується копіювання в прихований том містячого системного розділу.\n\n\nПродовження створення прихованої операційної системи неможливе. + Драйвер не може розмонтувати том. Можливо, деякі файли, розміщені на цьому томі, ще відкриті. + Неможливо заблокувати том. Цей том містить відкриті файли, тому його неможна розмонтувати. + VeraCrypt не може заблокувати том, так як він використовується системою або додатками (можливо, відкриті файли на цьому томі).\n\nВи наполягаєте на примусовому розмонтуванні цього тому? + Оберіть том VeraCrypt + Вкажіть шлях та ім'я файлу + Виберіть бібліотеку PKCS #11 + Брак пам'яті + ВАЖЛИВО: рекомендовано, щоб недосвічені користувачі створювали файл-контейнери на обраних пристроях/розділах замість шифрування усього пристрою/розділу.\n\nКоли ви створите файл-контейнер (як заміна шифрування пристрою або розділу), це, наприклад, не викличе ризик пошкодження великої кількості файлів. Пам'ятайте, що файл-контейнери VeraCrypt (навіть якщо вони містять віртуальні шифровані диски) - це фактично звичайні файли. Відповідно, їх можна, наприклад, легко перейменувати, перемістити або скопіювати як будь-який звичайний файл. Докладніше можна дізнатись у главі для початківців Посібника Користувача VeraCrypt.\n\nВи дійсно бажаєте зашифрувати весь пристрій/розділ? + УВАГА: файл '%s' вже існує!\n\nВАЖЛИВО: VERACRYPT НЕ БУДЕ ШИФРУВАТИ ЦЕЙ ФАЙЛ, А ЗНИЩИТЬ ЙОГО. Ви дійсно бажаєте видалити цей файл та замінити його новим контейнером VeraCrypt? + ОБЕРЕЖНО: ВСІ ФАЙЛИ, ЩО МІСТЯТЬСЯ У %s '%s'%s, БУДЕ ВИДАЛЕНО ТА ВТРАЧЕНО (ЇХ НЕ БУДЕ ЗАШИФРОВАНО)!\n\nВи наполягаєте на форматуванні? + УВАГА: Монтування тома і доступ до файлів , що в ньому зберігаються неможливе, поки том не буде повністю зашифрований.\n\nВи дійсно бажаєте розпочати шифрування %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + УВАГА: Неочікуване зникнення електро живлення під час шифрування даних 'на місці' або збій операційної системи через програмну/апаратну помилку може призвести до часткового пошкодження або втраті даних. Тому перш ніж приступити до шифрування, зробіть резервну копію файлів, які ви бажаєте зашифрувати.\n\nВи зробили резервну копію? + ОБЕРЕЖНО: ВСІ ФАЙЛИ НА РОЗДІЛІ '%s'%s (Т.Т. НА ПЕРШОМУ РОЗДІЛІ ЗА СИСТЕМНИМ) БУДУТЬ ЗНИЩЕНІ (ВОНИ НЕ БУДУТЬ ЗАШИФРОВАНІ)!\n\nВи наполягаєте на форматуванні? + УВАГА: ВИБРАНИЙ РОЗДІЛ МІСТИТЬ ВЕЛИКИЙ ОБЄМ ДАНИХ! Всі файли на цьому розділі будуть видалені (вони НЕ будуть зашифровані)! + Стерти файли на розділі при створені тому VeraCrypt всередині нього + Пароль + PIM + Встановити алгоритм походження ключа заголовка + Додати/видалити файл-ключі до/з тому + Видалити всі файл-ключі з тому + Пароль, PIM та/або файл-ключ успішно змінено.\n\nВАЖЛИВО: обов'язково прочитайте розділ 'Changing Passwords and Keyfiles' у главі 'Security Precautions' Посібника Користувача VeraCrypt. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + ВФЖЛІВО: Якщо ви не знищили свій диск відновлення VeraCrypt (Rescue Disk), ваш системний розділ/диск можна розшифрувати з допомогою старого пароля (завантажившись з диска відновлення VeraCrypt і ввівши старий пароль). Вам потрібно створити новий диск відновлення VeraCrypt, після чого знищити прихований.\n\nБажаєте створити новий диск відновлення VeraCrypt? + Пам'ятайте, ваш Диск Відновлення VeraCrypt ще використовує попередній алгоритм. Якщо стійкість попереднього алгоритму вас не задовільняє, вам слід створити новий Диск Відновлення VeraCrypt, а потім знищити старий.\n\nБажаєте створити новий диск відновлення VeraCrypt? + В якості ключового файлу VeraCrypt можна використовувати файл любого типу (наприклад, .mp3, .jpg, .zip, .avi). Зверніть увагу, що VeraCrypt не змінює вміст ключового файлу. Допускається вибрати більше одного ключового файлу (порядок вибору немає значення). Якщо додати теку, то всі файли всередині неї будуть використовуватися як ключові. Натисніть 'Добавити токен-файл', щоб вибрати ключові файли, що знаходяться на токенах безпеки або смарт-картах (або для імпортування кдючових файлів на токени/смарт-карти). + Файл-ключі успішно додано/видалено. + Файл-ключ експортовано. + Алгоритм деривації ключа заголовку успішно встановлено. + Введіть пароль і/або ключові файли для несистемного тому, де ви хочете відновити шифрування 'на місці'.\n\n\nПримітка: після нетиснення 'Далі' VeraCrypt спробує знайти всі несистемні томи, на яких був перерваний процес шифрування, і де можна розшифрувати заголовок тома VeraCrypt з допомогою вказаного проля і/або ключових файлів. Якщо таких томів виявиться декілька, на наступному етапі вам буде потрібно вибрати один із них. + Виберіть один із перечислених томів. Це не системні томи з перерваним процесом шифрування, заголовок яких вдалося розшифрувати з допомогою вказаного пароля і/або ключових файлів. + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + Дуже важливо вибрати хороший пароль. Уникайте вказувати паролі з одного або декількох слів, які можна знайти в словнику (або комбінацій з 2, 3 або 4 таких слів). Пароль не повинен містити імен або дат народження. Він має бути важкий для вгадування. Хороший пароль -- випадкова комбінація прописних і рядкових букв, цифр і особливих символів (@ ^ = $ * + і так далі).\n\nРекомендуємо вибирати паролі, що складаються більш ніж з 20 знаків (чим довше, тим краще). Макс. довжина -- 64 символи. + Будь ласка, оберіть пароль для прихованого тому. + Выберіть пароль для прихованої операційної системи (т.т. для прихованого тому). + ВАЖЛИВО: Пароль, що ви вибираєте на цьому етапі для для прихованої операційної системи повинен максимально відрізнятися від двох інших паролів (т.б. від паролів для зовнішнього тому і для підставної операційної системи). + Будь ласка, введіть пароль для тому, всередині якого ви бажаєте створити прихований том.\n\nПісля натиснення 'Далі', VeraCrypt спробує монтувати том, потім перегляне карту кластерів змонтованого тому з метою пошуку безперервної вільної ділянки, в кінці якої виявиться кінець тому. В цій області буде міститись прихований том, тобто вона визначає його максимальний розмір. Перегляд карти потрібен для гарантування, що дані у зовнішньому томі не буде перезаписано внутрішнім томом. + \nВиберіть пароль для зовнішнього тому. Це пароль, який ви зможете видати противнику, якщо він змусить вас це зробити.\n\nВАЖЛИВО: Пароль повинен максимально відрізнятися від того, який ви виберете для прихованого тому.\n\nПримітка: максимально довжина пароля - 64 символів. + Виберіть пароль для зовнішнього тому. Це пароль, який ви зможете видати кожному, хто змусить вас повідомити пароль для першого розділу за системним, де будуть знаходитися зовнішній том і прихований том (мвстячий приховану операційну систему). Існування прихованого тому (і прихованої ОС) залишиться в таємниці. Майте на увазі, що цей пароль НЕ для підставної операційної системи.\n\nВАЖЛИВО: Пароль повинен максимально відрізнятися від того, який ви виберете для прихованого тому (т.б. для прихованої операційної системи). + Пароль зовнішнього тому + Пароль прихованого тому + Пароль для прихованої ОС + УВАГА: короткі паролі легко зламати за допомогою технік перебирання!\n\nрекомендовано використовувати паролі з більш ніж 20 знаками.\n\nВи дійсно бажаєте використовувати короткий пароль? + Пароль тому + Невірний пароль, або це не том VeraCrypt. + Невірні файл-ключі та/або пароль, чи це не том VeraCrypt. + Хибний режим монтування, невірний пароль, чи це не том VeraCrypt. + Хибний режим монтування, невірні файл-ключі та/або пароль, чи це не том VeraCrypt. + Невірний пароль, або не знайдено том VeraCrypt. + Невірні файл-ключі/пароль, або не знайдено том VeraCrypt. + \n\nУвага: ввімкнено режим Caps Lock. Зверніть увагу на правильність введення паролю. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nУвага! У шляху пошуку ключових файлів виявлені приховані файли. Приховані файли не можуть бути ключовими. Якщо ви бажаєте використовувати їх як ключові, зніміть у них атрибут 'Прихований' (на кожному з них правою кнопкою миші, виберіть 'Властивості', зніміть прапорець 'Прихований' і натисніть ГАРАЗД). Врахуйте, що приховані файли видно тільки при відповідному системному налаштуванні (Комп'ютер > Сервіс > Параметри тек (Властивості теки) > Вигляд). + Якщо ви намагаєтеся захистити прихований том, що містить приховану систему, перевірте, щоб при введенні пароля для прихованого тому була увімкнена стандартна американська розкладка клавіатури. Це необхідно, тому що даний пароль запитується на етапі дозавантажувальної аутентифікації (до запуску Windows), коли інші розкладки клавіатури недоступні. + Не знайдено ні одного несистемного тому з перерваною операцією шифрування і заголовком, для якого підходить вказаний пароль і/або ключові файли.\n\nПеревірте, чи правильно вказаний пароль і/або ключові файли, і чи не використовується розділ/том системою або додатками (включаючи антивірусне ПЗ). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nПам'ятайте: якщо ви намагаєтесь монтувати розділ, що розміщено на зашифрованому системному пристрої, без початкової аутентифікації або монтувати зашифрований системний розділ операційної системи, яка не запущена, ви можете зробити це обравши 'Система' > 'Монтувати без початкової аутентифікації'. + В цьому режимі ви не можете монтувати розділ, розміщений на диску, частина якого знаходиться в ключових межах шифрування активної системи.\n\nСпочатку ніж ви зможете монтувати цей розділ в данному режимі, потрібно або завантажити операційну систему, встановлену на іншому диску (зашифрованому або ні), або завантажити незашифровану ОС. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Назад + Неможливо показати перелік установлених у системі raw-пристроїв. + Том '%s' існує й призначений лише для читання. Ви дійсно бажаєте його замінити? + Оберіть теку призначення + Оберіть файл-ключ + Оберіть шлях пошуку файл-ключів. УВАГА: запам'ятовується лише шлях, але не імена файлів! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Автори: Ross Anderson, Eli Biham та Lars Knudsen. Опублікований у 1998 р. 256-біт ключ, 128-біт блок. Режим роботи - XTS. Алгоритм Serpent - один з фіналістів AES. + Вкажіть розмір контейнера.\n\nПри створені динамічного ('розтягуючого' по мірі заповнення) контейнера, цей приклад визначає його максимальний розмір.\n\nМнімальний обєм для тома FAT рівний 275 Кб, для тому NTFS -- 2829 Кб. + Вкажіть розмір нового зовнішнього тому (спочатку створюється зовнішній том, а потім всередині нього -- прихований). Мінімально можливий розмір тому, призначеного для створення прихованого тому, складає 305 Кб. + Вкажіть розмір нового зовнішнього тому. Мінімальний розмір прихованого тому дорівнює 23 Кб (або 2701 Кб, якщо якщо він відформатований як NTFS). максимально можливи розмір для вибору розміру прихованого тому показаний вище. + Розмір зовнішнього тому + Розмір прихованого тому + Перевірте правильність розміру вибраного пристрою або розміру і натисніть 'Далі'. + Зовнішній том і прихований том (містячий приховану ОС) будуть розміщені всередині цього розділу. Це повинен бути перший розділ за системним.\n\nПровірте правильність показаних вище розміру і номер розділу,і якщо все рівно, от натисніть 'Далі'. + \n\nТом, всередині якого буде створюватися прихований том, не може бути менше 305 Кб. + Розмір тому + Динамічний + ОБЕРЕЖНО: ПОМИЛКА САМОТЕСТУВАННЯ! + Самотестування усіх алгоритмів виконано + Номер блоку даних, що ви пропонуєте, надто довгий або короткий. + Довжина вторинного ключа, що ви пропонуєте, надто довга або коротка. + Довжина тестового зашифрованого тексту, що ви пропонуєте, надто довга або коротка. + Довжина тестового ключа, що ви пропонуєте, надто довга або коротка. + Довжина тестового тексту, що ви пропонуєте, надто довга або коротка. + Два шифри, що послідовно оперують у режимі XTS. Спочатку кожний блок шифрується %s (%d-біт ключ), а потім %s (%d-біт ключ). Кожний шифр застосовує свій власний ключ. Усі ключі взаємно незалежні. + Три шифри, що послідовно оперують у режимі XTS. Кожний блок спочатку шифрується %s (%d-біт ключ), потім %s (%d-біт ключ), і, нарешті, %s (%d-біт ключ). Кожний шифр застосовує свій власний ключ. Усі ключі взаємно незалежні. + Зверніть увагу, що залежно від конфігурації ОС, функції автозавантаження і автомонтування можуть працювати, тільки якщо файли портативного диску знаходяться на недоступному для запису CD/DVD-носії. Це не помилка VeraCrypt, а обмеження Windows. + Переносний диск VeraCrypt успішно створено.\n\nПам'ятайте, що для завантаження VeraCrypt у портативному режимі необхідно мати права адміністратора. Також врахуйте, що при дослідженні файлу реєстру можна дізнатись, що в системі Windows був завантажений VeraCrypt, навіть якщо він працював у портативному режимі. + Переносний диск VeraCrypt + Автори: Bruce Schneier, David Wagner, John Kelsey, Niels Ferguson, Doug Whiting та Chris Hall. Опублікований у 1998 р. 256-біт ключ, 128-біт блок. Режим роботи - XTS. Twofish - один з фіналістів AES. + Докладніше про %s + Невідомо + Невідома помилка (%d). + Деякі томи містять файли або теки, що використовуються застосунками або системою.\n\nНаполягаєте на розмонтуванні? + Роз&монтувати + Помилка розмонтування! + Том містить файли або теки, що використовуються застосунками або системою.\n\nНаполягаєте на розмонтуванні? + На вказану літеру диску том не змонтовано. + Цей том вже змонтовано. + Помилка при спробі монтування тому. + Помилка пошуку місцезнаходження всередині тому. + Помилка: невірний розмір тому. + УВАГА: Швидке форматування слід використовувати лише, якщо:\n\n1) Пристрій містить випадкові дані (наприклад, вже був непомітно цілком зашифрований)\n2) Ви збираєтесь використовувати одразу все доступне місце\n3) Ви не переймаєтесь безпекою (перевіркою).\n\nВи дійсно бажаєте використовувати Швидке форматування? + Динамічний контейнер - це передрозподілений розкиданий файл NTFS, фізичний розмір якого (місце, що він займає на диску) збільшується в залежності від додавання до нього нових даних.\n\nУВАГА: Продуктивність динамічних контейнерів значно нижче, ніж звичайних. Також врахуйте, що динамічні томи менш надійні, оскільки можна визначити, які з секторів тому не використовуються. Більш того, якщо дані записуются до динамічного контейнеру з недостатнім вільним місцем на файловій хост-системі, зашифрований файл може виявитись пошкодженим.\n\nВи дійсно бажаєте створити динамічний том? + Зважте, що розмір динамічного контейнера, що визначає Windows та VeraCrypt, буде завжди дорівнювати його максимальному розміру. Щоб виявити поточний фізичний розмір контейнера (місце на диску, що він займає), клацніть правою кнопкою миші на файлі-контейнері (у вікні Провідника, а не у VeraCrypt!), оберіть пункт 'Властивості' та знайдіть значення 'На диску'. + Кеш паролів очищено + Паролі (та/або оброблений вміст ключовий файл), що зберігаються в кеші драйвера VeraCrypt було знищено. + VeraCrypt не може змінити пароль для стороннього тому. + Оберіть із переліку вільну літеру диску. + Оберіть у переліку літер дисків змонтований том. + Обрано два різних змонтованих томи (один в списку літер дисків, інший в полі введення нижче списку).\n\nВкажіть том, який ви хотіли б вибрати: + Помилка: неможливо створити autorun.inf + Помилка обробки файл-ключа. + Помилка обробки шляху файл-ключа. + На шляху до ключових файлів немає файлів.\n\nЗверніть увагу, що теки (і файли у них), знайдені в шляхах пошуку ключових файлів, ігноруються. + VeraCrypt не працює в цій операційній системі. + Помилка: VeraCrypt підтримує лише стабільні (не бета) версії цієї операційної системи. + Помилка: неможливо розподілити пам'ять. + Помилка: неможливо відновити значення лічильника продуктивності. + Помилка: формат тому не визначено. + Помилка! Ви вказали пароль для прихованого тому (а не для звичайного тому). + Вцілях безпеки, прихований том неможна створити всередині тома VeraCrypt, містячого файлову систему, зашифровану 'на місці' (оскільки вільне місце такого тому не було заповнено випадковими даними). + VeraCrypt - Правова інформація + Всі файли + Томи VeraCrypt + Бібліотечні модулі + Продовження NTFS-форматування неможливе. + Неможливо монтувати том. + Неможливо розмонтувати том. + Помилка NTFS-форматування.\n\nБудь ласка, оберіть іншу файлову систему (якщо можливо) та спробуйте ще. В іншому випадку, можна залишити том неформатованим (оберіть 'None' за файлову систему), вийдіть з цього Майстра, змонтуйте том та використайте системну або сторонню програму для форматування цього тому (том залишиться зашифрованим). + Windows не вдалось форматувати том як NTFS.\n\nЧи бажаєте замість цього форматувати том як FAT? + За умовчанням + розділ + РОЗДІЛ + Пристрій + пристрій + ПРИСТРІЙ + Том + том + ТОМ + Ярлик + Для цього тому обрано занадто малий розмір кластерів. Будуть використані кластери більшого розміру. + Помилка: неможливо отримати розмір тому.\n\nПеревірте, чи не використовується обраний том системою або будь-якою програмою. + Прихований том не слід створювати всередині динамічного контейнеру. Для досягнення правдоподібності, прихований том слід створювати всередині звичайного тому. + Майстер створення тому VeraCrypt може створити прихований том лише всередині FAT чи NTFS тому. + В Windows 2000 Майстер створення тому VeraCrypt може створити прихований том лише всередині FAT тому. + Примітка: для зовнішніх томів більше підходить система FAT, ніж NTFS (наприклад, максимальний розмір прихованого тому майже завжди буде значно більшим, якщо зовнішній том відформатований як FAT). + Зверніть увагу, що для зовнішніх томів більше підходить система FAT, ніж NTFS. Наприклад, максимальний розмір прихованого тому майже завжди буде значно більшим, якщо зовнішній том відформатований як FAT (оскільки NTFS завжди зберігає внутрішні дані точно в центрі тому і оскільки прихований том може знаходитися тільки в другій половині зовнішнього тому).\n\nВи впевнені, що хочете відформатувати зовнішній том як NTFS? + Хочете замість цього відформатувати том як FAT? + Примітка: цей том не можна відформатувати в FAT, тому, що його розмір більше, ніж допускає файлова система FAT32 для відповідного розміру секторів (2 Тбайт для 512-байт секторів і 16 Тбайт для 4096-байт секторів). + Помилка! Розділ для прихованої операційної системи (т.б. для першого розділу за системним) в крайньому випадку повинен бути на 5% більше системного розділу (системний розділ -- той, де встановлена виконуюча зараз ОС). + Помилка! Розділ для прихованої операційної системи (тобто для першого розділу за системним) повинен бути принаймні на 110% (в 2,1 рази) більше системного розділу (системний розділ - той, де встановлена виконує зараз ОС). Причина в тому, що файлова система NTFS завжди зберігає внутрішні дані точно в центрі томи, і тому прихований том (в якому має міститися клон системного розділу) може розташовуватися тільки в другій половині зовнішнього томи. + Помилка! Якщо зовнішній том відформатований як NTFS, він повинен бути принаймні на 110% (в 2,1 рази) більше системного розділу. Причина в тому, що файлова система NTFS завжди зберігає внутрішні дані точно в центрі тому, і тому прихований том (в якому повинен знаходитися клон системного розділу) може знаходитися тільки в другій половині зовнішнього тому.\n\nПримітка: зовнішній том повинен знаходитися в тому ж розділі, що і прихована операційна система (т.б. в першому розділі за системним). + Помилка! Немає розділів за системним розділом.\n\nПерш ніж можна буде створити приховану операційну систему, потрібно створити для неї розділ на системному диску. Цей розділ повинен бути першим за системним, і він повинен бути принаймні на 5% більший системного роділу (т.б. того, де встановлена запущена зараз ОС). Однак якщо зовнішній том (не путайте з системним розділом) відформатований як NTFS, розділ для прихованої ОС повинен бути неменше, ніж на 110% (в 2,1 раза) більший системного (причина в тому, що файлова система NTFS завжди зберігає внутрішні данні точно в центрі тому, тому прихований том, який повинен містити клон системного розділу, може знаходитися тільки в другій половині розділу). + Замітка: непрактично (тому це не підтримується) встановлювати операційні системи в два томи VeraCrypt, вмонтованих в один розділ, оскільки при використанні зовнішньої ОС часто потрібно записувати дані в область внутрішньої ОС (а якщо таким операціям запису запобігати з допомогою функції захисту прихованих томів, то це може призвести до краху системи, т.б. до 'синього екрану смерті'). + Інформацію про створення і управління розділами дв. в документації до вашої операційної системи, або проконсольтуйтеся в службі техпідтримки постачальника вашого обладнання. + Помилка! Виконуюча в данний момент операційна система встановлена не в загрузочному розділі (першому розділі з поміткою 'Активний'). Це не підтримується. + Ви вказали, що збираєтеся зберігати в цьому томі VeraCrypt файли розміром більше 4 Гбайт, але при цьому вибрали файлову систему FAT, в якій збереження файлів обємом 4 Гбайт не підтримується.\n\nВи дійсно хочете відформатувати зовнішній том як FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Помилка! Немає доступу до тому.\n\nПеревірте, чи існує цей том, чи не змонтований він, не використовіється системою або якоюсь програмою, якій ви дали права читання/запису цього тому, і чи не захищений він від запису. + Error: Cannot obtain volume properties. + Помилка! Немає доступу до тому і/або неможливо получити відомості про том.\n\nПеревірте, чи існує вибраний том, чи не використовується він системою або додатками, чи є увас права для читання/запису цього тому, і чи не захищений том від запису. + Помилка! Немає доступу до тому і/або неможливо отримати відомості про том. Перевірте, чи існує вибраний том, чи не використовується він системою або додатками, чи є увас права для читання/запису цього тому, і чи не захищений том від запису.\n\nЯкщо проблема не вирішується, попробуйте виконати кроки, вказані нижче. + Зашифрувати розділ не вдалося через помилку. Спробуйте вирішити всі вказані проблеми і повторіть спробу. Якщо проблеми не вирішуються, спробуйте виконати дії, вказані нижче. + Продовжити процес шифрувння розділу не вдалося через помилку.\n\nСпробуйте усунути всі раніше вказані прблми і знову продовжити процес шифрування. Том неможливо монтувати до тих пір, поки він не буде повністю зашифрований. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Помилка: неможливо розмонтувати зовнішній том.\n\nТом неможна розмонтувати, якщо він містить файли або теки, що використовуються будь-яким застосунком або системою.\n\nЗакрийте всі такі застосунки й натисніть 'Повторити'. + Помилка: неможливо отримати інформацю про зовнішній том! Створення тому не може бути продовжено. + Помилка: немає доступу до зовнішнього тому. Продовження створення тому неможливе. + Помилка: неможливо монтувати зовнішній том. Створення тому не може бути продовжено. + Помилка: неможливо отримати карту кластерів тому. Створення тому не може бути продовжено. + За абеткою/категоріями + Середня швидкість (спадання) + Алгоритм + Шифрування + Дешифрування + Середня + Диск + Розмір + Алгоритм шифрування + Алгоритм шифрування + Тип + Значення + Властивість + Розміщення + байт(і,ів) + Прихований + Зовнішній + Звичайний + Системний + Прихований (системный) + Лише для читання + Системний пристрій + Системний пристрій (шифрування - виконано %.2f%%) + Системний пристрій (розшифрування - виконано %.2f%%) + Системний пристрій (%.2f%% зашифровано) + Системний розділ + Прихований системний розділ + Системний розділ (шифрування - виконано %.2f%%) + Системний розділ (розшифрування - виконано %.2f%%) + Системний розділ (%.2f%% зашифровано) + Так (захист від пошкоджень!) + Ні + Довжина першого ключа + Довжина другого ключа (XTS-режим) + довжина Tweak-ключа (LRW-режим) + біт(и,ів) + Розмір блоку + PKCS-5 PRF + Кількість ітерацій PKCS-5 + Том створено + Остання зміна заголовку + (%I64d днів потому) + Версія формату тому + Вмонтована копія заголовку + VeraCrypt Завантажувач версії + Перший доступний + Змінний диск + Жорсткий диск + Не змінювати + Autodetection + Режим Майстра встановлення + Виберіть режим. Якщо не знаєте, який вибрати, використовуйте запропонований. + Оберіть цю опцію, якщо бажаєте встановити або поновити VeraCrypt на цій системі. + Примітка: оновлення можна виконати без розшифровки даних, навіть якщо зашифрований системний розділ/диск або використовується прихована операційна система. + Якщо ви оберете цю опцію, усі файли буде видобуто, але нічого не буде встановлено в цій системі. Не обирайте цієї опції, якщо ви збираєтесь зашифрувати системний розділ/пристрій. Обрання цієї опції може буде корисним, якщо ви бажаєте, наприклад, запустити VeraCrypt у так званому портативному (портативному) режимі. VeraCrypt не буде встановлено в операційній системі, в який його запущено. Після видобування усіх файлів, ви можете просто запустити отриманий файл 'VeraCrypt.exe' (тоді VeraCrypt буде запущено у портативному режимі). Також ви можете перемістити видобуті файли на інший комп'ютер. + Опції встановлення + Тут можна змінити різні опції, які контролюють процес встановлення. + Встановлення + Будь ласка, зачекайте, поки VeraCrypt не буде встановлено. + VeraCrypt успішно встановлено + VeraCrypt успішно оновлено + Будь ласка, зверніть увагу, зробивши внесок. Ви можете в будь-який час натисніть кнопку Готово, щоб закрити програму установки. + Опції видобування + Тут можна змінити різні опції, які контролюють процес видобування. + Будь ласка, зачекайте, поки файли не буде видобуто. + Видобування завершено + Усі файли успішно видобуто до теки призначення. + Якщо зазначена тека відсутня, вона буде автоматично створена. + Файли програми VeraCrypt будуть модернізовані в місці, де встановлений VeraCrypt. Якщо вам потрібно вибрати інше місце, перш за все видаліть VeraCrypt. + Чи бажаєте переглянути інформацію про поточну (останню стабільну) версію VeraCrypt? + Якщо ви ще не користувались VeraCrypt, рекомендовано прочитати главу для початківців Посібника Користувача VeraCrypt. Відкрити Посібник? + Будь ласка, оберіть подальшу дію з наступного: + Ремонтувати/Перевстановити + Оновити + Видалити + Для встановлення/видалення VeraCrypt необхідні права Адміністратора. Бажаєте продовжити? + В этой системе сейчас запущен инсталлятор VeraCrypt. Он выполняет/готовит установку или обновление VeraCrypt. Дождитесь завершения его работы или закройте его. Если закрыть инсталлятор не получается, перезагрузите комп'ютер и лишь потом продолжите. + Невдале встановлювання. + Невдале видалення. + Цей файл встановлення пошкоджено. Будь ласка, спробуйте завантажити його знову (рекомендовано з офіційної сторінки VeraCrypt на https://veracrypt.codeplex.com). + Неможливо записати файл %s + Видобування + Неможливо прочитати дані з файлу встановлювання. + Неможливо перевірити цілісність цього файлу встановлювання. + Невдале видобування. + Встановлення має повернутись назад. + Програму VeraCrypt успішно встановлено. + Программа VeraCrypt успешно обновлена. + VeraCrypt було відновлено до нової версії. Перед початком її використання, комп'ютер потрібно перезавантажити.\n\nБажаєте перезавантажити зараз? + Помилка оновлення VeraCrypt!\n\nВАЖЛИВО: Наполегливо рекомендується до завершення роботи або перезавантаження ОС скористатися функцією відновлення системи ('Пуск > Програми > Стандартні > Службові > Відновлення системи') і повернути систему в точку 'VeraCrypt installation'. Якщо функція 'Відновлення системи' недоступна, спробуйте знову встановити вихідну або нову версію версію VeraCrypt до завершення або перезавантаження системи. + Програму VeraCrypt успішно видалено.\n\nНатисніть 'Завершити' для видалення встановлювача VeraCrypt та теки %s. Пам'ятайте, що тека не буде видалена, якщо вона містить будь-які файли не встановлені встановлювачем VeraCrypt або самим VeraCrypt. + Видалення з реєстру ключів VeraCrypt + Додавання запису до реєстру + Видалення даних, що відносяться до VeraCrypt + Встановлення + Припинення + Видалення + Додавання значка + Створення точки відновлення системи + Помилка створення точки відновлення системи. + Оновлення завантажувача + Не вдалося встановити '%s'. %s Бажаєте продовжити встановлення? + Не вдалося видалити '%s'. %s Бажаєте продовжити видалення? + Встановлення завершено. + Не вдалося створити теку '%s' + Драйвер пристроїв VeraCrypt не можливо вимкнути.\n\n Будь ласка, закрийте всі відкриті вікна VeraCrypt. Якщо це не допоможе, перезавантажте Windows та спробуйте ще. + Перед встановленням або перевстановленням VeraCrypt, всі томи мають бути розмонтовані. + В цій системі встановлено застарілу версію VeraCrypt. Перед встановленням нової версії потрібно видалити стару.\n\nОдразу, як ви закриєте це вікно, буде запущено програму видалення старої версії. Після видалення старої версії VeraCrypt, знову запустіть встановлювач нової версії. + Помилка запису до реєстру + Помилка встановлення драйвера пристроїв. Будь ласка, перезавантажте Windows та спробуйте ще раз встановити VeraCrypt. + Завантаження драйвера VeraCrypt + Невдале видалення драйвера пристроїв. Будь ласка пам'ятайте, в залежності від версії Windows, можливо знадобиться завершити сеанс або перезавантажити систему для того, щоб можна було видалити або еревстановити драйвер пристроїв. + Встановлення драйвера VeraCrypt + Припинення драйвера VeraCrypt + Видалення драйвера VeraCrypt + Невдала реєстрація бібліотек підтримки User Account Control. + Невдале зняття реєстрації бібліотек підтримки User Account Control. + Зауваження щодо портативного режиму:\n\nБудь ласка, зверніть увагу, що операційна система вимагає, драйвери реєструються, перш ніж вони можуть бути запущені. Таким чином, драйвер VeraCrypt не є (і не може бути), повністю мобільним (у той час як VeraCrypt програми повністю портативний, тобто вони не повинні бути встановлені і зареєстровані в операційній системі). Також відзначимо, що VeraCrypt потрібен драйвер, щоб забезпечити прозоре на льоту шифрування/дешифрування. + !!! Если вы решили запустить VeraCrypt в переносном режиме (а не как нормально установленную в ПК программу), система будет спрашивать вашего разрешения на выполнение (функция контроля учётных записей, UAC) при каждом запуске VeraCrypt.\n\nПричина в том, что при запуске VeraCrypt в переносном режиме требуется загружать и выполнять драйвер VeraCrypt. Этот драйвер нужен VeraCrypt для прозрачного, выполняемого 'на лету' шифрования/дешифрования, а пользователи без прав администратора запускать драйверы в Windows не могут. Поэтому система будет спрашивать у вас разрешения на запуск VeraCrypt с привилегиями администратора (UAC).\n\nОбратите внимание, что при установке (инсталляции) VeraCrypt в систему (в отличие от запуска VeraCrypt в переносном режиме), система НЕ будет запрашивать вашего разрешения при каждом запуске VeraCrypt.\n\nВы действительно хотите только извлечь файлы? + Попередження: Цей розділ тому Створений майстром має права адміністратора.\n\nВаші нові томи можуть бути створені з дозволами, які не дозволять вам звернутися до обсягу, коли воно встановлено. Якщо ви хочете уникнути цього, закрийте цей екземпляр тому Майстер створення та запуску нового без привілеїв адміністратора.\n\nВи хочете, закрити цей екземпляр тому Створений майстром? + Помилка: неможливо відобразити ліцензію. + Зовнішній(!) + дн. + рік + хв + c + Відкрити + Розмонтувати + Показати VeraCrypt + Приховати VeraCrypt + Зчитано дані після монтування + Записано дані після монтування + Зашифровано + 100% (повністю зашифровано) + 0% (не зашифровано) + %.3f%% + 100% + Очікування + Підготовка + Зміна розміру + Шифрація + Дишифрація + Завершення + Павза + Завершено + Помилка + Пристрій вимкнено + Системні обрані томи збережені.\n\nДозволити монтування цих томів при старті системи, виберіть 'Опції' > 'Системні обрані томи' > 'Монтувати системні обрані томи при старті Windows'. + Доданий в обране том не є ні розділом, ні динамічним томом. Тому VeraCrypt не зможе змонтувати цей обраний том, якщо зміниться число пристроїв. + Доданий в обране том це розділ, не розпізнаний Windows.\n\nVeraCrypt не зможе змонтувати цей обраний том, якщо зміниться число пристроїв. Задайте тип розділу, розпізнається Windows (використовуйте команду SETID в Windows-утиліті 'DiskPart'), потім знову додайте розділ в список обраного. + Фонова робота VeraCrypt вимкнена або налаштована на припинення при відсутності змонтованих томів (або VeraCrypt запущений в портативному режимі). Це може перешкодити автомонтуванню обраних томів при підключенні пристроїв, на яких вони розташовані.\n\n!!Щоб увімкнути фонове виконання VeraCrypt, увімкніть вікно налаштувань програми і відзначте параметр 'Увімкнено' в полі 'Робота VeraCrypt у фоновому режимі'. + Автомонтування контейнера, розташованого в мережевій файловоій системі, при підключенні його хост-пристрій неможливий. + Зазначений пристрій - не розділ і не динамічний том. Тому при підключенні цього пристрою автомонування розташованого на ньому тома неможливе. + Привласніть показаному нижче розділу тип, розпізнається Windows (використовуйте команду SETID в Windows-утиліті 'DiskPart'). Потім видаліть розділ зі списку обраних і додайте його знову. Цим ви дозволите тому на основі пристрою автоматично монтуватися при підключенні пристрою. + Зазначений пристрій - не розділ і не динамічний том. Тому присвоїти йому мітку неможливо. + Привласніть показаному розділу тип, розпізнається Windows (використовуйте команду SETID в Windows-утиліті 'DiskPart'). Потім видаліть розділ зі списку обраних і додайте його знову. Це дозволить VeraCrypt присвоїти розділу позначку. + Через системні обмеження Windows контейнер, що знаходиться у віддаленій мережевій файловій системі, не можна монтувати як обраний системний том (але його можна змонтувати як несистемний обраний том при вході користувача в свій обліковий запис). + Введіть пароль для %s + Уведіть пароль для '%s' + Введіть пароль для звичайного/зовнішнього тому + Введіть пароль для прихованого тому + Введіть пароль для заголовку в файлі резервної копії + Файл-ключ успішно створено. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + УВАГА: Заголовок цього тому пошкоджений! VeraCrypt автоматично задіяв резервну копію заголовку, вмонтовану в том.\n\nВам потрібно виправити заголовок, вибравши 'Сервіс' > 'Відновити заголовок тому'. + Резервну копію заголовку тому успішно створено.\n\nВАЖЛИВО: при відновленні заголовку з цієї резерної копії також буде відновлено і поточний пароль тому. Більш того, якщо для монтування тому потрібні файл-ключі, після відновлення заголовку з копії для монтування тому будуть потрібні ті ж файл-ключі.\n\nУВАГА: ця резервна копія заголовку тому може бути використована для відновлення заголовку ЛИШЕ цього конкретного тому. Якщо ви використаєте цю резервну копію для відновлення заголовку інших томів, ви зможете монтувати такі томи, але НЕ зможете розшифрувати будь-яку інформацію з нього (тому що зміниться головний ключ). + Заголовок тому успішно відновлений.\n\nВАЖЛИВО: майте на увазі, що разом із заголовком також міг бути відновлений і колишній пароль. Більш того, якщо на момент створення резервної копії для монтування тому були потрібні файл-ключі, ці ж файл-ключі знадобляться для монтування цього тому й зараз. + В цілях безпеки вам буде потрібно ввести для цього тому правильний пароль (та/або надати коректні ключові файли).\n\nПримітка: якщо в цьому томі міститься прихований тому, спочатку потрібно ввести правильний пароль (та/або надати коректні ключові файли) для зовнішнього томи. Потім, якщо ви вибрали резервне копіювання заголовка прихованого томи, потрібно буде вказати правильний пароль (та/або надати коректні ключові файли) для прихованого томи. + Ви дійсно хочете створити резервну копію заголовка томи для %s?\n\nЯкщо виборі 'Так' вам буде потрібно вказати ім'я файлу для резервної копії заголовка.\n\nПрімечаніе: обидва заголовка - для звичайного і прихованого томів - будуть повторно зашифровані з використанням нової 'солі' і збережені у файлі резервної копії. Якщо всередині цього тому немає прихованого томи, область, зарезервований в резервної копії під заголовок прихованого томи, буде заповнена випадковими даними (для збереження можливості правдоподібного заперечення). При відновленні заголовка томи з файлу резервної копії вам буде потрібно ввести правильний пароль та/або надати коректні ключові файли, дійсні на момент створення резервної копії заголовка томи. За паролем (та/або ключовим файлів) також буде автоматично визначатися тип заголовка том для відновлення - звичайний або прихований (врахуйте, що VeraCrypt визначає тип методом проб і помилок). + Ви дійсно бажаєте відновити заголовок тому %s?\n\nУВАГА: при відновленні заголовку також буде відновлений пароль тому, що діяв на момент створення резервної копії. Більш того, якщо на момент створення резервної копії для монтування тому були потрібні файл-ключі, після відновлення заголовку для монтування цього тому знадобляться ці ж файл-ключі.\n\nНатисніть 'Так', щоб обрати файл з резервною копією заголовку. + Чи є в томі прихований том? + В томі є прихований том + В томі немає прихованого тому + Оберіть потрібний вам тип резервної копії заголовка тому: + Відновити заголовок тому із копії, вмонтованої в том + Відновити заголовок тому із зовнішнього файлу резервної копії + Невірний розмір файлу з резервною копією заголовка тому. + В цьому томі немає вмонтованої копії заголовку (вмонтовані копії заголовків містять тільки томи, створені VeraCrypt 6.0 або новіша). + Ви намагаєтесь зробити резервну копію заголовку системного розділу/пристрою. Це не дозволено. Резервні/відновлювальні операції з системним розділом/пристроєм можуть бути здійснені лише за допомогою Диску Відновлення VeraCrypt.\n\nВи бажаєте створити Диск Відновлення VeraCrypt? + Ви намагаєтесь відновити заголовок віртуального тому VeraCrypt, але ви обрали системний розділ/пристрій. Це не дозволено. Резервні/відновлювальні операції з системним розділом/пристроєм можуть бути здійснені лише за допомогою Диску Відновлення VeraCrypt.\n\nВи бажаєте створити Диск Відновлення VeraCrypt? + Після натискання 'Добре', вам потрібно обрати ім'я файлу для ISO-образу нового Диску Відновлення VeraCrypt та шляху його розміщення. + Образ Диску Відновлення створено та збережено у файлі: %s\n\nЗараз вам потрібно записати Диск Відновлення на CD або DVD.\n\nВАЖЛИВО: пам'ятайте, що файл потрібно записати на CD/DVD як ISO-образ (а не як окремий файл). Більш докладніше про те, як це зробити, наведено у документації вашого CD/DVD-записувального програмного забезпечення.\n\nПісля запису Диску Відновлення, оберіть 'Система' > 'Перевірити Диск Відновлення', щоб перевірити чи коректно записано Диск Відновлення. + Образ диска відновлення створений і збережений у файлі:%s\n\nЗараз вам потрібно записати цей образ на CD або DVD.\n\nБажаєте запустити програму запису оптичних дисків Windows?\n\nЗаписавши диск відновлення на CD/DVD, виберіть 'Система' > 'Перевірити диск відновлення', щоб переконатися в коректності запису створеного диска. + Будь ласка, вставте Диск Відновлення VeraCrypt у CD/DVD-пристрій та натисніть 'Добре' для перевірки. + Диск Відновлення VeraCrypt успішно перевірено. + Неможливо перевірити чи коректно записано Диск Відновлення.\n\nЯкщо у вас є записаний Диск Відновлення, будь ласка, дістаньте, вставте CD/DVD; потім спробуйте ще. Якщо це не допоможе, будь ласка спробуйте іншу CD/DVD-записувальну програму та/або носій.\n\nЯкщо ви захочете перевірити Диск Відновлення VeraCrypt, створений з іншим головний ключем, паролем, "сіллю" тощо, будь ласка пам'ятайте, що перевірка такого Диску Відновлення завжди буде невдалою. Щоб створити новий Диск Відновлення повністю сумісний з вашою поточною конфігурацією, оберіть 'Система' > 'Створити Диск Відновлення'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Помилка створення Диску Відновлення VeraCrypt. + Диск відновлення VeraCrypt неможна створити при запущеній прихованій операційній системі.\n\nЩоб створити диск відновлення, завантажте підставну операційну систему, а потім виберіть 'Система' > 'Створити диск відновлення'. + Неможливо перевірити чи коректно записано Диск Відновлення.\n\nЯкщо у вас є записаний Диск Відновлення, будь ласка, вставте в CD/DVD; потім натисніть 'Далі' для наступної спроби. Якщо це не допоможе, будь ласка спробуйте іншу CD/DVD-записувальну програму та/або носій.%s\n\nЯкщо у вас ще немає записаного Диску Відновлення, будь ласка, запишіть його та потім натисніть 'Далі'.\n\nЯкщо ви захочете перевірити Диск Відновлення VeraCrypt, створений перед запуском цього майстра, будь ласка памятайте, що такий Диск Відновлення не можна використовувати, тому що він створений з іншим головним ключем. Вам потрібно записати заново створений Диск Відновлення. + та/або інше програмне забезпечення для запису CD/DVD + VeraCrypt - Системні обрані томи + Що таке системні обрані томи? + Системний розділ/диск не зашифрований.\n\nСмстемні обрані томи можна монтувати тільки за допомогою пароля дозавантажоючої аутентифікації.\nТому якщо ви бажаєте використовувати системні обрані томи, спочатку зашифруйте системний розділ/диск. + Перед продовженням, розмонтуйте том. + Помилка: неможливо встановити таймер. + Перевірка файлової системи + Ремонт файлової системи + Додати до обраного... + Додати до Обраного системи... + Вла&стивості + Прихований том захищено + Н/П + Так + Ні + Вимкнено + 1 + 2 або більше + Режим операції + Мітка: + Розмір: + Шлях: + Буква диска: + Помилка: Пароль повинен містити лише символи стандартного набору ASCII.\n\nСимволи не з набору ASCII можуть призвести до неможливости монтування тому після зміни настроювань у конфигурації системи.\n\nДозволяється використовувати наступні символи:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Увага: пароль містить не ASCII символи. Це може призвести до неможливості монтування тому після зміни конфигурації системи.\n\nВам слід замінити всі не ASCII символи у паролі на символи ASCII. Для цього оберіть меню 'Томи' -> 'Змінити пароль тому'.\n\nСимволами ASCII є:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + УВАГА: рекомендовано уникати розширень файлів, що використовуються як виконавчі (такі як .exe, .sys, або .dll) або інші подібні проблемні розширення. Використання таких розширень часто провокує Windows та антивірусні програми до втручання до контейнеру, що негативно впливає на продуктивність тому та може викликати інші серьйозні проблеми.\n\nрекомендовано прибрати такі розширення або змінити їх (наприклад, на .raw, .iso, .img, .dat, або .rnd).\n\nВи дійсно бажаєте використовувати проблемні файлові розширення? + УВАГА: цей контейнер має розширення, що використовується як виконавче (таке як .exe, .sys, або .dll) або інше подібне проблемне розширення. Цілком ймовірно, що це зпровокує Windows та антивірусні програми до втручання до контейнеру, що негативно вплине на продуктивність тому та може викликати інші серьйозні проблеми.\n\nрекомендовано прибрати розширення цього контейнеру або змінити його (наприклад, на .raw, .iso, .img, .dat, або .rnd) після розмонтування тому. + Домашня сторінка + УВАГА: в системі не встановлено жодного пакету оновлень (Service Pack) Windows. Якщо в Windows XP не встановлений Service Pack 1, не слід здійснювати запис на диски IDE об'ємом більше 128 Гб, інакше можливе пошкодження даних (неважливо, чи відносяться вони до тому VeraCrypt чи ні). Це - обмеження Windows, а не помилка у VeraCrypt. + УВАГА: в системі не встановлено пакет оновлень Windows Service Pack 3. Якщо у Windows 2000 не встановлений Service Pack 3, не слід здійснювати запис на диски IDE об'ємом більше 128 Гб, інакше можливе пошкодження даних (неважливо, чи відносяться вони до тому VeraCrypt чи ні). Це - обмеження Windows, а не помилка у VeraCrypt. Крім того, потрібно включити в реєстрі підтримку 48-біт адресації LBA; детальніше див. на http://support.microsoft.com/kb/305098/EN-US + УВАГА: в системі не ввімкнено підтримку 48-біт LBA ATAPI. Тому ви не зможете записати на IDE диск більше ніж 128 ГБ! Якщо продовжити, дані на диску (не має значення чи це том VeraCrypt, чи ні) можуть пошкодитись. Це - обмеження Windows, а не VeraCrypt.\n\nЩоб ввімкнути підтримку 48-біт LBA, додайте параметр реєстру 'EnableBigLba' до ключа реєстру HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters та встановіть його значення рівним 1.\n\nБільш детальніше дивіться http://support.microsoft.com/kb/305098 + ПОМИЛКА: Файли обсягом більше 4 Гб не можна зберігати у файловій системі FAT32. Тому томи VeraCrypt на основі файлів (контейнери), що зберігаються у файловій системі FAT32, не можуть бути більше 4 Гб.\n\nЯкщо вам потрібен тому більшого обсягу, створіть його в системі NTFS (або, якщо ви користуєтеся Windows Vista SP1 або новіше, у файловій системі exFAT), або замість створення томи на основі файлу зашифруйте весь розділ диска. + УВАГА: Windows XP не підтримує файли більше 2048 Гб (повідомляючи про нестачу вільного місця). Тому томи VeraCrypt на основі файлів (контейнери) обсягом понад 2048 Гб в середовищі Windows XP створювати не можна.\n\nАле, в Windows XP можна зашифрувати диск цілком або створити том VeraCrypt на основі розділу розміром більш 2048 Гб. + УВАГА: якщо вам потрібно згодом додавати до зовнішнього тому ще дані/файли, слід подбати про зменшення розміру прихованого тому.\n\nВи бажаєте продовжити й використовувати зазначений вами розмір? + Не обрано том.\n\nНатисніть кнопку 'Пристрій...' або 'Файл...' та оберіть том VeraCrypt. + Не обрано розділ.\n\nНатисніть 'Пристрій...' та оберіть розмонтований розділ, що зазвичай вимагає початкової аутентифікації (наприклад, розділ на зашифрованому системному пристрої іншої операційної системи, що не запущено, або зашифрований системний розділ іншої операційної системи).\n\nПам'ятайте: обраний розділ буде змонтовано як звичайний том VeraCrypt без початкової аутентифікації. Це може знадобитись, наприклад, для створення резервної копії або ремонту. + УВАГА: якщо встановлено й активовано файл-ключі за умовчанням, монтувати томи, що не використовують їх, буде неможливо. Тому після активації файл-ключів за умовчанням не забувайте знімати прапор 'Файл-ключі' (під полем введення паролю) щоразу при монтуванні таких томів.\n\nВи дійсно бажаєте зберегти обрані файл-ключі/шляхи як такі, що використовуються за умовчанням? + Автомонтування пристроїв + Розмонтувати все + Очистити кеш + Розмонтувати все & Очистіть кеш + Розмонтувати все й очистити кеш + Розмонтувати все, очистити кеш і вийти + Монтувати вибрані томи + Показати/приховати головне вікно VeraCrypt + (клацніть тут і натисніть клавішу) + Дія + Швидкий виклик + Помилка: ця гаряча клавіша зарезервована. Оберіть іншу. + Помилка: ця гаряча клавіша вже використовується. + Увага: одна або більше гарячих клавіш не працює!\n\nБудь ласка, переконайтесь, що інший застосунок або операційна система не використовують їх. + Створення файлу довантаження попереджено.\n\nЗверніть увагу, що через властивості Windows файли довантаження не можуть розташовуватися на несистемних томах VeraCrypt (включаючи обрані системні томи). VeraCrypt підтримує створення файлів довантаження тільки на зашифрованому системному розділі/диску. + Через помилку або несумістність VeraCrypt не може зашифрувати файл сплячого режиму (hibernation). Тому сплячий режим відключений.\n\nПримітка: коли комп’ютер переходити в режим сну (або в режим очікування), місткість його системної памяті записується на жорсткий диск в файл з даними сплячого режиму. VeraCrypt не може припинити збереження відкритих в ОЗП ключів шифрування і місткості важливих файлів в незашифрованому вигляді в файлі з даними сплячого режиму. + Гібернація скасована.\n\nVeraCrypt не підтримує гібернацію прихованих операційних систем, що використовують додатковий завантажувальний розділ. Врахуйте, що завантажувальний розділ використовується як підставною, так і прихованою системами. Тому для запобігання витоку даних і проблем при виході з глибокого сну VeraCrypt заборонив прихованоій системі запис до загального завантажувального розділу і гібернацію. + Том VeraCrypt, змонтований як%c:, розмонтовано. + Усі змонтовані томи VeraCrypt розмонтовано. + Всі томи VeraCrypt розмонтовані, кеш паролів очищено. + Успішно розмонтовано + УВАГА: якщо вимкнути роботу VeraCrypt у фоновому режимі, то при кожному виході з програми будуть вимкнені наступні функції:\n\n1) Гарячі клавіши\n2) Автоматичне розмонтування (наприклад, при виході з системи, випадковому вимкненню зв'язку з пристроєм, таймауті тощо)\n3) Попередження (наприклад, про запобігання пошкодження прихованого тому)\n4) Значок у системному треї\n\nПримітка: фоновий режим можна завершити у будь який момент, клацнувши\nправою кнопкою миші на значку VeraCrypt у системному треї й обравши пункт 'Вихід'.\n\n\nВи дійсно бажаєте заборонити роботу VeraCrypt у фоновому режимі? + УВАГА: якщо вимкнути цей параметр, буде неможливо автоматично розмонтовувати томи, що містять відкриті файли/теки.\n\nВи дійсно бажаєте вимкнути цей параметр? + УВАГА: томи з відкритими файлами/теками НЕ будуть автоматично розмонтовуватись.\n\nЩоб уникнути цього, ввімкніть у цьому вікні наступний параметр: 'Авторозмонтовувати томи навіть при відкритих файлах/теках' + УВАГА: Якщо рівень заряду батареї в ноутбуці малий, Windows може нехтувати відправкою відповідних повідомлень в виконувану програму при вході комп'ютера в енергозберігаючий режим. Тому в таких випадках авторозмонтування томів у VeraCrypt може не спрацювати. + Ви запланували шифрування розділу/тому. Цей процес покищо не завершений.\n\nБажаєте поновити процес зараз? + Ви запланували шифрування або дешифрування системного розділу/диску. Цей процес покищо не завершений.\n\nБажаєте почати (продовжити) процес зараз? + Видавати запит про те, чи бажаєте ви продовжити заплановані в даний момент операції шифрування несистемних розділів/томів? + Так, запитати + Ні, не запитувати + ВАЖЛИВО: Не забувайте, що ви можете продовжити шифрування будь-якого несистемного розділу/тому, вибравши в меню головного вікна VeraCrypt пункт 'Том' > 'Продовжити перерваний процес'. + Ви запланували шифрування або розшифрування системного розділу/пристрою. Проте, відбулась невдала початкова аутентифікація (або її було проігноровано).\n\nПам'ятайте: якщо ви розшифровували системний розділ/пристрій у передзавантажувальному оточенні, можливо вам потрібно завершити цей процес, обравши 'Система' > 'Назавжди розшифрувати системний розділ/пристрій' у меню головного вікна VeraCrypt. + УВАГА: якщо закрити VeraCrypt зараз, будуть відключені наступні функції:\n\n1) Гарячі клавіши\n2) Автоматичне розмонтування (наприклад, при завершенні сеансу, випадковому вимкненню зв'язку з пристроєм, таймауті тощо)\n3) Попередження (наприклад, про запобігання пошкодження прихованих томів)\n\nПам'ятайте: якщо ви не бажаєте, щоб після закриття вікна VeraCrypt програма продовжувала працювати на задньому плані, вимкніть фоновий режим у настроюваннях (і, якщо необхідно, вимкніть у настроюваннях запуск VeraCrypt при входженні до системи).\n\nВи дійсно бажаєте закрити VeraCrypt? + Завершити роботу? + VeraCrypt не має достатньої інформації, щоб визначитись, чи зашифровувати, чи розшифровувати. + VeraCrypt не має достатньої інформації, щоб визначитись, чи зашифровувати, чи розшифровувати.\n\nПам'ятайте: якщо ви розшифровували системний розділ/пристрій у передзавантажувальному оточенні, можливо вам потрібно завершити цей процес, натиснувши 'Розшифрувати'. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Ви хочете перерватиь процес шифрування розділу/тому, відклавши його на майбутє?\n\nПримітка: памятайте, що поки том не буде повністю зашифрований, його неможливо монтувати. пізніше процес шифрування можна буде поновити з того місця де він був зупинений. Це можна зробити, наприклад, вибравши команду 'Томи' > 'Продщовжити перерваний процес' в меню головного вікна VeraCrypt. + Ви бажаєте припинити та відкласти шифрування системного розділу/пристрою?\n\nПам'ятайте: ви можете припинити процес та продовжити з моменту зупинки. Зробити це можна, наприклад, обравши 'Система' > 'Продовжити припинений процес' зі строки меню головного вікна VeraCrypt. Якщо ви бажаєте повністю зупинити або повернути процес шифрування, оберіть 'Система' > 'Назавжди розшифрувати системний розділ/пристрій'. + Ви бажаєте припинити та відкласти розшифрування системного розділу/пристрою?\n\nПам'ятайте: ви можете припинити процес та продовжити з моменту зупинки. Зробити це можна, наприклад, обравши 'Система' > 'Продовжити припинений процес' зі строки меню головного вікна VeraCrypt. Якщо ви бажаєте повністю зупинити або повернути процес розшифрування, оберіть 'Система' > 'Зашифрувати системний розділ/пристрій...'. + Помилка: Неможливо припинити процес шифрування/розшифрування системного розділу/пристрою. + Помилка!Неможливо перервати процес очищення (видалення даних). + Помилка: Неможливо продовжити процес шифрування/розшифрування системного розділу/пристрою. + Помилка! Неможливо почати процес очищення (видалення даних). + Несумісність рішення.\n\n\n(якщо ви повідомляєте про помилку, будь ласка, додайте наступну технічну інформацію до повідомлення про помилку: %hs) + Помилка! Невідомий стан.\n\n\n(Якщо ви повідомите про помилку, будь ласка, додайте наступну технічну інформацію до повідомлення про помилку: %hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + УВАГА: фоновий процес VeraCrypt вимкнений. При виході з VeraCrypt ви не будете попереджені про запобігання пошкодження прихованого тому.\n\nПам'ятайте: фоновий процес можна завершити у будь-який момент, натиснувши правою кнопкою миші на значок VeraCrypt у системному треї й обравши пункт 'Вихід'.\n\nВвімкнути фоновий процес VeraCrypt? + Версія мовного модулю: %s + Перевірка файлової системи тому VeraCrypt, змонтованого як %s... + Спроба налагодити файлову систему тому VeraCrypt, змонтованого як %s... + Увага: цей том зашифрований застарілим алгоритмом шифрування.\n\nУсі алгоритми 64-біт-блокового шифрування (наприклад, Blowfish, CAST-128, або Triple DES) є небажані до використання. Такі томи можна буде монтувати у майбутніх версіях VeraCrypt. Проте, подальший розвиток та покращення таких алгоритмів не буде відбуватись. рекомендовано створити новий том VeraCrypt із застосуванням 128-біт-блокового алгоритму шифрування (наприклад, AES, Serpent, Twofish тощо) та перемістити усі файли з цього тому у новий. + Вашу систему не настроєно на автомонтування нових томів. Монтування томів VeraCrypt на основі пристроїв може виявитися неможливим. Щоб включити автомонтування, виконайте наступну команду й перезавантажте систему:\n\nmountvol.exe /E + Будь ласка, призначте літеру розділу/пристрою перед продовженням ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nПам'ятайте, це вимога операційної системи. + монтувати том VeraCrypt + Розмонтувати всі томи VeraCrypt + VeraCrypt не зміг отримати права адміністратора. + Доступ відхилено операційною системою.\n\nМожливі причини: операційна система вимагає дозволу на читання/запис (або права адміністратора) певних тек, файлів та пристроїв, щоб мати змогу читати та записувати дані. Звичайно, користувач без прав адміністратора може створювати, читати та модифікувати файли у власній теці 'Документи'. + Помилка: обраний пристрій використовує інший розмір сектору за 4096 байт.\n\nНаразі не можливо створити пристрій-контейнери на пристроях, що використовують інший розмір сектору ніж 4096 байт. Проте пам'ятайте, що ви можете створити файл-контейнер на цьому пристрої. + Помилка! Розмір секторів не підтримується крім 512 байт сектор. + Початковий Завантажувач VeraCrypt вимагає не менше як 32 КБ вільного місця на початку системного пристрою (Початковий Завантажувач VeraCrypt має бути розміщений на цій області). Нажаль, не відповідає таким вимогам.\n\nБудь ласка, НЕ повідомляйте про це як помилку/проблему VeraCrypt. Щоб вирішити цю проблему, вам потрібно переформатувати ваш диск та залишити перші 32 кілобайт вільними (у більшості випадків потрібно видалити та знову створити перший розділ). рекомендовано для цього використовувати програму керування розділами Microsoft, наприклад, коли ви встановлюєте Windows. + Ця функція не підтримується у версії операційної системи, яку ви зараз використовуєте. + VeraCrypt не підтримує шифрування системного розділу/пристрою у версії операційної системи, яку ви зараз використовуєте. + Щоб зашифрувати системний розділ/диск в Windows Vista, зпершу потрібно встановити пакет оновлень Service Pack 1 для Windows Vista або новіший (у вашій системі він поки не встановлено).\n\nПримітка: Service Pack 1 для Windows Vista усуває проблему з браком основної пам'яті при завантаженні системи. + VeraCrypt більше не підтримує шифрування системного розділу/диску в Windows Vista без встановленого пакета оновлення (Service Pack). Перш ніж оновити VeraCrypt, встановіть Service Pack 1 (або новіший) для Windows Vista. + Помилка! Щоб скористатися даною функцією, потрібно щоб VeraCrypt був встановлений на цьому комп’ютері (зараз ви використовуєте VeraCrypt в 'портативному' режимі).\n\nВстановіть (інсталюйте) VeraCrypt і повторіть спробу. + Помилка! Windows не встановлений на диску, з якого він завантажується. Це не підтримується. + Ваш системний диск має таблицю розділів GUID (GPT). На даний момент підтримуються тільки диски з таблицею розділів MBR. + ОБЕРЕЖНО: На системному диску вже встановлено завантажувач VeraCrypt!\n\nМожливо, у вашому комп'ютер є інша вже Зашифрована система.\n\nУВАГА: У разі продовження Шифрування поточна система є вірогідність, що ІНШІ СИСТЕМИ НЕ зможуть завантажувати, А СТОСУЮТЬСЯ НИМ ДАНІ стануть недоступними.\n\nВи дійсно бажаєте продовжити? + Помилка відновлення початкового завантажувача системи.\n\nВикористовується інсталяційний диск Windows, щоб замінити завантажувач VeraCrypt системний завантажувач Windows. + Вихідний системний завантажувач не буде збережений на диску відновлення (можлива причина: немає файлу з резервної копією). + Помилка записи сектора MBR.\n\nBIOS в вашем ПК может быть настроена на защиту сектора MBR. Проверьте в настройках BIOS (нажмите клавишу F2, Delete или Esc сразу после включения комп'ютера), не включена ли антивирусная/MBR защита. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + Завантажувач VeraCrypt (Boot Loader) потрібної версії зараз не встановлений. Це може перешкодити збереженню ряду налаштувань + Примітка: в певних ситуаціях може знадобитися, щоб сторонній (ворог), спостерігали за стартом ПК, не знав, що ви користуєтесь VeraCrypt. Параметри вище дозволяють модифіковані екран завантаження VeraCrypt. Якщо Ви включите першу опцію, то на екрані завантажувача не буде відображатися ніякої текст (навіть якщо ви введете неправильний пароль). При введенні пароля комп'ютер буде виглядати "завислих". Крім того, щоб ввести супротивника в оману, можна включити висновок свого повідомлення. Наприклад, відображати помилкові повідомлення про помилки на кшталт "Missing operating system" (ця напис зазвичай виводиться завантажників Windows, якщо він не може знайти завантажувальний розділ Windows). Однак при цьому важливо пам'ятати, що якщо ворог зможе проаналізувати вміст жорсткого диска, то він зуміє знайти на ньому завантажувач VeraCrypt. + УВАГА: Будь ласка, майте на увазі, що якщо Ви включите цю опцію, VeraCrypt Завантажувач не буде відображати будь-які тексти (навіть коли ви вводите неправильний пароль). Комп'ютер виявиться "замороженим" (не працює), тоді як ви можете ввести свій пароль (курсор не буде рухатися і зірочки не буде відображатися при натисканні клавіш).\n\nВи дійсно хочете включити цю опцію? + Системний розділ / диск виглядає як повністю зашифрований. + VeraCrypt не підтримує шифрування системного пристрою, який був перетворений на динамічний диск. + Системний диск містить розширені (логічні) розділи.\n\nВи можете зашифрувати весь системний диск, що містить розширені (логічні) розділи, тільки в Windows Vista (або більше нових версіях Windows). У Windows XP зашифрувати весь системний диск можна за умови, що він містить тільки первинні розділи. + ВАГА: Якщо ви працюєте в Windows XP/2003, після запуску шифрування диска на ньому не можна створювати розширені (логічні) розділи (дозволяється створювати лише первинні розділи). Будь-який додатковий розділ на диску після початку шифрування стане недоступним.\n\nПрімітка: якщо це обмеження для вас неприйнятна, поверніться назад і виберіть шифрування тільки системного розділу, а не всього диску (також ви можете створити тому VeraCrypt на основі розділів всередині будь-яких не-системних розділів на диску).\n\nЯкщо дане обмеження вам не підходить, ви можете перейти на Windows Vista або більш нову версію Windows (шифрування всього системного диска, що містить розширені/логічні розділи, доступні лише в Windows Vista або більше нових версіях). + Системний диск містить нестандартний розділ.\n\nЯкщо ви використовуєте ноутбук, на системному диску, ймовірно, знаходиться особливий розділ для відновлення. Після шифрування всього системного диска (включаючи будь-який розділ для відновлення) ви можете втратити можливість завантажити ОС, якщо у вашому ПК - не цілком коректний BIOS. Також, поки не буде дешифрований системний диск, може виявитися неможливим використовувати розділ для відновлення. Тому рекомендуємо вам шифрувати лиш системний розділ. + Ви бажаєте зашифрувати системний розділ замість цілого пристрою?\n\nПам'ятайте, що ви можете створити розділ-контейнер VeraCrypt всередині будь-якого несистемного розділу на пристрої (до того ж можна зашифрувати системний розділ). + Оскільки ваш системний пристрій містить лише один розділ, який займає цілий пристрій, краще (з міркувань секретності) зашифрувати цілий пристрій, разом із вільним неактивним місцем, яке зазвичай оточує такий розділ.\n\nВи бажаєте зашифрувати весь системний пристрій? + Ваша система настроєна так, що тимчасові файли зберігаються на несистемно розділі.\n\nВременние файли повинні зберігатися тільки на системному розділі. + Файли вашого профілю користувача не зберігаються на системному розділі.\n\nЕті файли повинні зберігатися тільки на системному розділі. + На несистемних розділах є один або кілька файлів підкачки.\n\nФайли підкачки повинні знаходитися тільки на системному розділі. + Налаштувати Windows так, щоб файли довантаження створювалися тільки на розділі з Windows?\n\nПри натисканні "Так" комп'ютер буде перезавантажений. Після цього запустіть VeraCrypt і знову спробуйте створити приховану ОС. + В іншому випадку це несприятливо позначиться на правдоподобно заперечення наявності прихованої ОС.\n\nПримітка: якщо ворог проаналізує вміст таких файлів (що знаходяться на несистемно розділі), то зможе дізнатися, що ви користувалися цим майстром у режимі створення прихованої системи (що наштовхне його на думка про наявність прихованої ОС у вашому ПК). Також майте на увазі, що такі файли, що зберігаються на системному розділі, будуть надійно видалені VeraCrypt при створенні прихованої ОС. + УВАГА: Під час створення прихованої ОС вам потрібно повністю змінити поточну ОС (щоб безпечно створити підставну систему).\n\nПримітка: запущена в даний момент ОС і весь вміст системного розділу будуть скопійовані в прихований тому (щоб створити приховану систему).\n\n\nВи впевнені, що зможете встановити Windows за допомогою інсталяційного CD/DVD (або зі службового розділу)? + В цілях безпеки, якщо запущена в даний момент ОС вимагає активації, вона повинна бути активована перед тим, як ви продовжите. Прихована ОС буде створена шляхом копіювання вмісту системного розділу в прихований том (тому якщо ця ОС не активована, то не буде активовано та прихована). Подробиці див в розділі "Security Precautions Pertaining to Hidden Volumes" в документації VeraCrypt.\n\nВажно: перед продовженням обов'язково ознайомтеся з головою "Security Precautions Pertaining to Hidden Volumes" у Посібнику користувача VeraCrypt.\n\n\nЧи задовільняє виконувана в даний момент ОС вказаною вище умовою? + Ваша система використовує додатковий завантажувальний розділ. VeraCrypt не підтримує гібернацію прихованих операційних систем, що використовують додатковий завантажувальний розділ (гібернація підставних систем ніяких проблем не спричиняє).\n\nВізьміть до уваги, що завантажувальний розділ використовується як підставною, так і прихованою системами. Тому для запобігання витоку даних і проблем з виходом з глибокого сну VeraCrypt заборонив прихованоі системі запис до загального завантажувального розділу і гібернацію.\n\n\nБажаєте продовжити? При відповіді "Ні" вам будуть надані інструкції, як видалити додатковий завантажувальний розділ. + \nДодатковий завантажувальний розділ можна видалити до встановлення Windows. Для цього виконайте наступні дії:\n\n1) Завантажте Windows з інсталяційного компакт-диска.\n\n2) На екрані встановлення Windows натисніть 'Install now' > 'Custom (advanced)'.\n\n3) Натисніть 'Drive Options'.\n\n4) Виберіть основний системний розділ і видаліть його, натиснувши 'Delete' та 'OK'.\n\n5) Виберіть розділ 'System Reserved', натисніть 'Extend' і збільшіть його розмір відповідно до встановлюваної ОС.\n\n6) Натисніть 'Apply' і 'OK'.\n\n7) Встановіть Windows у розділ 'System Reserved'.\n\n\nЯкщо ворог запитає вас, навіщо ви видалили додатковий завантажувальний розділ, ви можете відповісти, що хотіли запобігти можливості витоку даних у незашифрований завантажувальний розділ.\n\n!! Щоб роздрукувати цей текст, натисніть кнопку 'Друк' нижче. Якщо ви збережете або роздрукуєте копію цього тексту (це рекомендується зробити, якщо тільки ваш принтер не зберігає копії завдань на своєму внутрішньому накопичувачі), то після видалення додаткового завантажувального розділу всі копії цього тексту слід знищити (інакше якщо таку копію виявлять, це може навести на думку про наявність в ПК прихованої ОС). + Увага! Між системним розділом і першим розділом за ним є нерозподілене місце. Після створення прихованої операційної системи ви не повинні створювати в цій нерозподіленій області жодних нових розділів. В іншому випадку прихована ОС не зможе завантажитися (до тих пір, поки не будуть вилучені такі знову створені розділи). + У даний момент цей алгоритм для шифрування системи не підтримується. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + В даний момент ключові файли для шифрування системи не підтримуються. + Увага! VeraCrypt не може відновити первісну розкладку клавіатури. Це може призвести до неправильного введення пароля. + Помилка! Неможливо встановити розкладку клавіатури для VeraCrypt в стандартну американську (US).\n\nЗверніть увагу, що пароль вводиться ДО завантаження Windows, коли будь-які розкладки клавіатури, що відрізняються від американської, ще недоступні. Тому пароль завжди повинен вводиться при стандартній американської розкладці. + Оскільки VeraCrypt тимчасово змінив розкладку клавіатури на стандартну американську, введення символів при натиснутій правій клавіші Alt неможливий. Тим не менше, більшість таких символів можна ввести відповідними клавішами при натиснутій клавіші Shift. + Зміна розкладки клавіатури заблоковано VeraCrypt. + Примітка: пароль вводиться ДО завантаження Windows, коли будь-які розкладки клавіатури, що відрізняються від американської, ще недоступні. Тому пароль завжди повинен вводиться при стандартній американської розкладці. Важливо, однак, мати на увазі, що вам не потрібно мати справжню американську клавіатуру. VeraCrypt автоматично забезпечує вам безпечний введення пароля (прямо зараз і на стадії перед завантаженням ОС), навіть якщо у вас НЕ справжня американська клавіатура. + Перш ніж приступити до шифруванню розділу / диска, ви повинні створити диск відновлення VeraCrypt Rescue Disk (VRD), що забезпечує наступне:\n\n-У випадку пошкодження завантажувача VeraCrypt, майстер-ключа або інших критичних даних, VRD дозволяє їх відновити (майте на увазі, що вам все одно буде потрібно ввести правильний пароль).\n\n-Если завантажувач VeraCrypt виявиться пошкодженим або інфікованим вірусом, ви зможете уникнути його запуску, завантажившись прямо з VRD.\n\n-У випадку пошкодження Windows і неможливості її завантаження, VRD дозволяє перманентно розшифрувати розділ/диск перед стартом Windows.\n\n-VRD буде містити резервну копію поточного вмісту першого циліндра диска (в якому зазвичай знаходиться системний завантажувач або менеджер завантаження), і у разі необхідності дозволить відновити його. + Після натискання ГАРАЗД буде запущено засіб запису образів дисків Windows. Запишіть з його допомогою ISO-образ диска відновлення VeraCrypt на CD або DVD.\n\nПотім поверніться у вікно майстра створення томів VeraCrypt і дотримуйтесь інструкцій. + Образ диска відновлення створений та збережений у файлі:%s\n\nЗараз вам потрібно записати цей образ на CD або DVD.\n\nВАЖНО: Файл-образ має бути записаний на CD/DVD як ISO-образ диска (а не як окремий файл). Про те, як це зробити, див документацію на ваше ПЗ для запису CD/DVD. Якщо у вас немає програми, здатної записати ISO-образ на CD/DVD, клацніть за посиланням нижче, щоб отримати таке безкоштовне ПЗ.\n\nПісля запису диска відновлення натисніть 'Далі', щоб перевірити, чи коректно він був записаний. + Диск відновлення створено та збережено в цьому файлі:%s\n\nЗараз вам слід або записати (пропалити) диск відновлення на CD/DVD, або перемістити його ISO-образ в безпечне місце для використання в подальшому.\n\nЯкщо у вас немає програми, здатної записати ISO-образ на CD/DVD, клацніть на посилання нижче, щоб отримати таке безкоштовне ПЗ.\n\nНатисніть кнопку 'Далі' для продовження. + ВАЖЛИВО: Файл-образ повинен бути записаний на CD/DVD як ISO-образ диска (а не як окремий файл). Про те, як це зробити, див. документацію на ПЗ для запису CD/DVD. Якщо у вас немає програми, здатної записати ISO-образ на CD/DVD, клацніть за посиланням нижче, щоб завантажити таке безкоштовне ПЗ.\n\n + Запустити засіб запису образів дисків Windows + УВАГА: Якщо раніше ви вже створювали диск відновлення VeraCrypt, ви не зможете ним скористатися знову для цього системного розділу/диска, так як він був створений для іншого майстер-ключа! При кожному шифруванні системного розділу/диска потрібно створювати новий диск відновлення VeraCrypt, навіть якщо ви використовуєте той самий пароль. + Помилка! Неможливо зберегти установки системного шифрування. + Неможливо ініціювати попередній тест системного шифрування. + Неможливо почати процес створення прихованої операційної системи. + Режим очищення + На низці перезаписувати носіїв перезаписані дані можна відновити за допомогою спецтехніки (мікроскопія магнітної сили). Це відноситься і до даних, перезаписані в зашифрованому вигляді (коли VeraCrypt шифрує незашіфрованний системний розділ/диск). Відновлення перезаписані даних можна запобігти (або сильно ускладнити) перезаписом псевдослучайнимі або певними невипадкова даними деяке число разів. Якщо ваші супротивника можуть застосувати подібні методи для відновлення даних, які ви збираєтеся зашифрувати, виберіть один з режимів очищення (наявні дані НЕ будуть знищені). Після шифрування розділу/диска білінгові НЕ виконується. Коли розділ/диск повністю зашифровано, ніякі незашіфрованние дані на нього не записуються. Будь-які дані спочатку шифруються на льоту в пам'яті, і лише потім зберігаються (зашифрованими) на диску. + На низці перезаписуючих носіїв перезаписані дані (наприклад, коли дані видалені) можна відновити за допомогою спецтехніки (мікроскопія магнітної сили). Відновленню перезаписуючих даних можна запобігти (або сильно ускладнити) перезаписом псевдовипадковим або певними невипадкова даними деяку кількість разів. Якщо ваші супротивника можуть застосувати подібну техніку для відновлення даних, які повинні бути видалені, виберіть один з багатопрохідних режимів очистки.\n\nПрімечаніе: чим більше проходів, тим довше триває стирання даних. + Очищення + \nримітка: ви можете перервати процес очищення, вимкнути комп'ютер, знову запустити приховану систему і потім продовжити очищення (цей майстер запускається автоматично). Однак у випадку переривання весь процес очищення доведеться почати спочатку. + \n\nПримітка: якщо перервати очистку, а потім спробувати відновити цей процес, то його доведеться виконати з самого початку. + Ви хочете скасувати очищення (затирання даних)? + Увага! Вміст всього обраного розділу/пристрою буде знищено. + Весь вміст розділу, де знаходиться вихідна система, буде знищено.\n\nПримітка: весь вміст розділу, що підлягає стиранню, було скопійовано в цей прихований системний розділ. + УВАГА: Якщо вибрати, наприклад, 3-прохідний режим очищення, час шифрування диска/розділу збільшиться в 4 рази. Аналогічно, при виборі 35-прохідного режиму часом збільшиться в 36 разів (і може навіть скласти кілька тижнів).\n\nМайте на увазі,що очищення НЕ виконується після того, як розділ/диск зашифровано. Коли розділ/диск повністю зашифровано, ніяких незашифрованних даних на нього не записується. Будь-які записуючі на нього дані спочатку шифруються на льоту в пам'яті, і тільки потім зберігаються (у зашифрованому вигляді) на диску (тобто на продуктивності це НЕ відображається).\n\nВи дійсно хочете використовувати режим очищення? + Ні (найшвидший) + 1 прохід (случайные данные) + 3 проходи (US DoD 5220.22-M) + 7 проходів (US DoD 5220.22-M) + 35 проходів ("Gutmann") + 256 проходів + Число операційних систем + УВАГА: недосвідченим користувачам не слід намагатися шифрувати Windows в мультизагрузочних конфігураціях.\n\nПродовжити? + При створенні/використанні прихованої операційної системи VeraCrypt підтримує Мультизавантажуючі конфігурації тільки при дотриманні наступних умов: \n\n-працююча зараз операційна система повинна бути встановлена ​​на завантажувальному диску, на якому не може бути інших операційних систем;\n\n-операційні системи, встановлені на інших дисках, не повинні використовувати завантажувач, що знаходиться на диску, на якому встановлена ​​поточна операційна система.\n\nЦі умови дотримані? + VeraCrypt не підтримує цю Мультизавантажуючу конфігурацію при створенні/використанні прихованої операційної системи. + Завантажувальний диск + Операційна система, що працює в даний момент встановлена на завантажувальному диску?\n\nПримітка: іноді буває Windows встановлений не на тому диску, з якого він грузится (де знаходиться завантажувальний розділ). Якщо це ваш випадок, то виберіть 'Ні'. + В даний момент VeraCrypt не підтримує шифрування операційної системи, яка завантажується не з того ж диску, на якому вона встановлена. + Число системних дисків + Скільки дисків містить операційна система?\n\nПримітка: наприклад, якщо у вас одна операційна система (наприклад, Windows, Mac OS X, Linux і т.д.) встановлена на первинному диску, а інша - на вторинному, виберіть '2 або більше'. + В даний момент VeraCrypt не підтримує шифрування всього диску, який містить декілька операційних систем.\n\nМожливі варіанти:\n\n-Ви можете зашифрувати одну із систем, якщо повернетеся назад і виберіть шифрування тільки одного системного розділу (а не всього системного диску).\n\n-Ви зможете зашифрувати весь диск, якщо перемістете деякі системи на інші диски, залишивши тільки одну ОС на диску який хочете зашифрувати. + Кілька систем на одному диску + На диску, на якому встановлена поточна ОС, є інші операційні системи?\n\nПримітка: наприклад, якщо поточна ОС встановлена на диску #0, що містить кілька розділів, і якщо на одному з розділів знаходиться Windows, а на іншому - ще одна ОС (скажімо, Windows, Mac OS X, Linux і т.д.), то виберіть 'Так'. + Не-Windows завантажувач + Чи встановлений у головній завантажувального запису (MBR) не належить до Windows завантажувач (або завантажувальний менеджер)\n\nПримітка: наприклад, якщо в першому циліндрі завантажувального диска міститься GRUB, LILO, XOSL або якийсь інший не належить до Windows завантажувальний менеджер , виберіть 'Так'. + Мультизавантаження + В даний час VeraCrypt не підтримує мультизавантажуючі конфігурації, де у головній завантажувального запису (MBR) встановлений не належить до Windows завантажувач.\n\nМожливі варіанти:\n\n-Якщо ви використовуєте завантажувальний менеджер для завантаження Windows і Linux, перенесіть його (звичайно це GRUB) з MBR у розділ. Потім запустіть знову цей майстер і зашифруйте системний розділ/диск. Зверніть увагу, що завантажувач VeraCrypt стане основним завантажувальним менеджером і дозволить вам запускати вихідний завантажувальний менеджер (скажімо, GRUB) як вторинний (натисканням Esc при виведенні екрану завантажувача VeraCrypt) і, таким чином, запускати Linux. + Якщо поточна ОС встановлена на завантажувальному розділі, то після його шифрування вам буде потрібно ввести правильний пароль, навіть для запуску незашіфрованних Windows-систем (так як вони будуть спільно використовувати один і той же зашифрований завантажувач Windows).\n\nНавпаки, якщо поточна ОС не встановлена на завантажувальному розділі (або завантажувач Windows не використовується ніякими іншими системами), тоді після шифрування цієї системи вам не треба вводити пароль для запуску інших незашіфрованних систем - достатньо буде просто натиснути Esc (в разі кількох незашіфрованних систем також потрібно вибрати потрібну в меню завантажувача VeraCrypt).\n\nПримітка: як правило, в завантажувальному розділі буває встановлена найбільш рання версія Windows. + Шифрування захищеної області користувача (HPA) + В кінці багатьох дисків є область, у звичайних умовах прихована від операційної системи (цю область зазвичай називають Host Protected Area - захищена область користувача). Однак деякі програми здатні читати і записувати дані в таких областях.\n\nУВАГА: Виробники комп'ютерів (зокрема, ноутбуків) можуть використовувати області HPA для зберігання в них утиліт і даних для RAID, відновлення системи, її налаштування, діагностики та інших потреб. Якщо такі утиліти або дані повинні бути доступні перед завантаженням системи, приховану область НЕ слід шифрувати (виберіть 'Ні').\n\nБажаєте, щоб VeraCrypt виявив і зашифрували приховану область (якщо така є) в кінці системного диска? + Тип шифрування системи + Виберіть цю опцію, якщо ви просто хочете зашифрувати системний розділ або весь системний диск. + Може так статися, що вас змусить дешифрувати ОС. Часом ви просто не зможете від цього відмовитися (наприклад, при вимаганні). Ця опція дозволяє створити приховану ОС, наявність якої буде неможливо визначити (за умови дотримання зазначених нижче рекомендацій). Таким чином, дешифрувати приховану ОС або видавати від неї пароль вам не доведеться. Щоб дізнатися подробиці, клацніть по посиланню нижче. + Може так статися, що вас змусить дешифрувати ОС. Часом ви просто не зможете від цього відмовитися (наприклад, при вимаганні).\n\nЗ допомогою цього майстра ви можете створити приховану операційну систему, наявність якої буде неможливо визначити (за умови дотримання зазначених нижче рекомендацій). Таким чином, дешифрувати приховану ОС або видавати від неї пароль вам не доведеться. + Прихована операційна система + На наступних етапах ви створите два томи VeraCrypt (зовнішній і прихований) в першому розділі за системним розділом. Прихований тому буде містити приховану ОС. VeraCrypt створить приховану ОС копіюванням у прихований тому вмісту системного розділу (де встановлена працює зараз ОС). В зовнішній тому вам потрібно скопіювати осмислено виглядають файли, які насправді вам ховати НЕ потрібно. Їх мета - ввести в оману того, хто змусить вас повідомити пароль від прихованого системного розділу. Ви зможете відкрити пароль для зовнішнього томи всередині прихованого системного розділу (наявність прихованої ОС залишиться в таємниці).\n\nІ, нарешті, на системний розділ з працює в даний момент ОС ви встановите нову, так звану "підставну" ОС і зашіфруете її. У ній не повинно бути конфіденційних файлів, вона потрібна на випадок, якщо вас змусить повідомити предзагрузочний пароль. У підсумку у вас буде три пароля. Два з них (для обману ОС і для зовнішнього томи) можна повідомляти ворога. Третій пароль - запуск прихованої ОС. + Пошук прихованих секторів + Зачекайте, VeraCrypt шукає приховані сектора, які можуть бути присутніми в кінці системного диска. Це може зайняти тривалий час.\n\nПрімечаніе: в дуже рідкісних випадках на деяких комп'ютерах під час цієї операції система може перестати реагувати. У цьому випадку перезавантажте комп'ютер, запустіть VeraCrypt, повторіть попередні етапи, але пропустіть цей етап пошуку. Просимо врахувати, що дана проблема викликана не помилка в VeraCrypt. + Область шифрування + Виберіть цю опцію, якщо ви хочете зашифрувати весь диск, де встановлена Windows і з якого вона завантажується. Буде зашифровано весь диск, включаючи всі його розділи, крім першої доріжки, де знаходиться завантажувач VeraCrypt. Для доступу до встановленої на цьому диску ОС або файлів на ньому буде потрібно вводити пароль перед кожним завантаженням системи. Цю опцію не можна застосовувати для шифрування другого або зовнішнього диска, якщо Windows на ньому не встановлена або завантажується не з нього. + Збір випадкових даних + Згенеровані ключі + VeraCrypt не вдалося знайти в комп'ютері записуючий CD/DVD-пристрій. Такий накопичувач потрібен VeraCrypt для запису завантажувального диску відновлення (VeraCrypt Rescue Disk) з копією ключів шифрування, завантажувача VeraCrypt, вихідного системного завантажувача й ін.\n\nМи рекомендуємо вам записати диск відновлення VeraCrypt. + Записуючого CD/DVD-накопичувача немає, але я збережу ISO-образ диска відновлення на змінному носії (наприклад, на 'флешці'). + Я підключу пишучий CD/DVD-накопичувач пізніше. Зараз я хочу перервати процес. + Пишучий CD/DVD-накопичувач зараз підключений до ПК. Продовжити і записати диск відновлення. + Зробіть наступне:\n\n1) Підключіть до ПК змінний накопичувач (наприклад, 'флешку').\n\n2) Скопіюйте на змінний накопичувач файл-образ (%s) диска відновлення VeraCrypt.\n\nЯкщо в майбутньому вам знадобиться диск відновлення VeraCrypt, ви просто підключіть змінний накопичувач (з образом диска відновлення VeraCrypt) до ПК з пишучим CD/DVD-накопичувачем і запишете цей образ на CD або DVD. ВАЖЛИВО: Врахуйте, що файл-образ диска відновлення VeraCrypt потрібно записати на CD/DVD як ISO-образ диска (а не як звичайний файл). + Запис диска відновлення + Диск відновлення створений + Пре-тест шифрування системи + Диск відновлення перевірений + \nДиск відновлення VeraCrypt (Rescue Disk) успішно пройшов перевірку. Вийміть його з накопичувача і приберіть в надійне місце.\n\nНатисніть кнопку 'Далі' для продовження. + УВАГА: Під час наступних етапів у накопичувача НЕ повинно бути диска відновлення VeraCrypt. В іншому випадку ці етапи не вдасться коректно завершити.\n\nВитягніть диск відновлення з накопичувача і помістіть в надійне місце. Потім натисніть OK. + Увага! Внаслідок технічних обмежень середовища до завантаження ОС, повідомлення, що виводяться VeraCrypt на цьому етапі (тобто до старту Windows), не підлягають локалізації. Користувальницький інтерфейс завантажувача VeraCrypt повністю англійською мовою.\n\nПродовжити? + Перш ніж зашифрувати системний розділ або диск, VeraCrypt повинен перевірити, що все працює як треба.\n\nПосле натискання 'Тест' будуть встановлені всі необхідні компоненти (наприклад, предзагрузочний аутентіфікатор, тобто завантажувач VeraCrypt), і комп'ютер перезавантажиться. Потім на екрані завантажувача (VeraCrypt Boot Loader), який з'явиться до старту Windows, вам буде потрібно ввести свій пароль. Після запуску Windows вам автоматично повідомлять про результати цього попереднього тесту.\n\nБуде змінено наступне пристрій: Диск #%d\n\n\nЯкщо ви зараз натиснете 'Скасувати', то нічого встановлено не буде, і попередній тест не стане виконуватися. + ВАЖЛИВІ ЗАУВАЖЕННЯ - ПРОЧИТАЙТЕ або роздрукувати (натисніть 'Друк'):\n\nЖодні файли не будуть зашифровані, поки ви не перезавантажте успішно свій ПК і не запустите Windows. Тому якщо станеться якийсь збій, з вашими даними нічого не трапиться. Однак у випадку, якщо щось піде не так, можливі складнощі з запуском Windows. Тому прочитайте (і, по можливості, роздрукуйте) такі рекомендації про те, що робити, якщо Windows відмовляється запускатися після перезавантаження ПК.\n\n + Що робити, якщо Windows не завантажується ------------------------------ ------------------\n\nПРИМІТКА: Ці інструкції дійсні, тільки якщо ви не починали шифрування.\n\n-Якщо ви вводите правильний пароль, а Windows не завантажується (або якщо при введенні правильного пароля VeraCrypt постійно повідомляє, що пароль невірний), не панікуйте. Перезавантажте (вимкнути і знову увімкніть) комп'ютер і при появі екрану завантажувача VeraCrypt натисніть клавішу Esc на клавіатурі (а якщо у вас кілька ОС, виберіть потрібну для запуску). Після цього Windows повиннен запуститися (за умови, що він не зашифрований), а VeraCrypt автоматично запитає, чи бажаєте ви видалити компонент дозавантажуючої аутентифікації. Зверніть увагу, що попередні кроки НЕ працюють, якщо системний розділ/диск зашифрований (запустити Windows або отримати доступ до зашифрованих даних без правильного пароля не може ніхто, навіть якщо він (вона) виконає попередні етапи).\n\n + -Якщо вищесказане не допомагає або якщо екран завантажувача VeraCrypt не з'являється (перед стартом Windows), вставте в CD/DVD-привід диск відновлення VeraCrypt (Rescue Disk) і перезавантажте ПК. Якщо екран завантажувача VeraCrypt не з'являється (або якщо ви не бачите пункту 'Repair Options' у групі 'Keyboard Controls' на екрані завантажувача VeraCrypt), можливо, в BIOS вашого ПК налаштована завантаження спочатку з жорсткого диска, і лише потім з CD/DVD. Якщо це так, перезавантажте ПК, натисніть F2 або Delete (як тільки побачите початковий екран BIOS) і дочекайтеся появи екрану з настройками BIOS. Якщо цей екран не з'явився, знову перезавантажте ПК (натисніть кнопку Reset), відразу ж почавши часто натискати клавіші F2 або Delete. У який з'явився вікні установок BIOS Налаштуйте ПК так, щоб він спочатку завантажувався з CD/DVD (про те, як це зробити, зверніться до документації на вашу системну плату/BIOS). Знову перезавантажте комп'ютер. Зараз повинен з'явитися екран диска відновлення VeraCrypt. На цьому екрані виберіть 'Repair Options', натиснувши F8 на клавіатурі. У меню 'Repair Options' виберіть 'Restore original system loader'. Після цього вийміть диск відновлення з CD/DVD-накопичувача і перезавантажте ПК. Зараз Windows повинна запуститися нормально (за умови, що він не зашифрований).\n\n + Зверніть увагу, що попередні кроки НЕ працюють, якщо системний розділ/диск зашифрований (запустити Windows або отримати доступ до зашифрованих даних без введення правильного пароля не може ніхто, навіть якщо він (вона) виконає попередні етапи).\n\n\nТакож майте на увазі, що якщо ви втратите свій диск відновлення VeraCrypt, а ваш ворог його знайде, він НЕ зможе за допомогою цього диска розшифрувати системний розділ або диск, якщо не знає правильного пароля. + Попередній тест завершено + Попередній тест успішно завершено.\n\nУВАГА: Якщо під час шифрування станеться збій живлення або з-за програмної/апаратної помилки зависне операційна система, в той час, як VeraCrypt шифрує наявні дані 'на місці', деякі дані майже напевно виявляться пошкодженими або загубленими. Тому, перш ніж почати шифрування, переконайтеся, що зробили резервну копію файлів, які збираєтеся зашифрувати. Якщо ні, то зробіть це зараз (натисніть 'Відкласти', скопіюйте файли, а потім у будь-який час знову запустіть VeraCrypt, виберіть 'Система' > 'Відновити перерваний процес', щоб розпочати шифрування).\n\nКогда будете готові, натисніть 'шифрація', щоб приступити до шифрування. + Ви можете в будь-який момент натиснути 'Пауза' або 'Відкласти', перервавши (де) шифрування, вийти з цього майстра, перезавантажити або вимкнути ПК, а потім продовжити процес (він відновиться з тієї точки, де був призупинений). Для запобігання уповільнення, коли система або програми виконують читання або запис на системному диску, VeraCrypt чекає, поки дані будуть записані або прочитано (див. Статус вище), а потім продовжує (де) шифрування. + \n\nВи можете в будь-який момент натиснути 'Пауза' або 'Відкласти', перервавши шифрування, вийти з цього майстра, перезавантажити або вимкнути ПК, а потім продовжити процес (він відновиться з тієї точки, де був призупинений). Врахуйте, що тому не може бути змонтований, поки не буде повністю зашифровано. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Прихована система запущена + Вихідна система + Windows створює (зазвичай без вашого відома або згоди) різні файли звітів, тимчасові файли і т.п. на системному розділі. Крім того, там же вона зберігає вміст ОЗП для сну/гібернаціі та файли підкачки. Тому якщо ворог проаналізує файли на розділі з вихідною системою (клоном якої є прихована ОС), він може дізнатися, наприклад, що ви користувалися майстром VeraCrypt в режимі створення прихованої системи (і запідозрити наявність прихованої ОС у вашому ПК).\n\nЩоб це запобігти, на наступних етапах VeraCrypt надійно знищить всі вміст розділу, де знаходиться вихідна система. Потім для правдоподобно заперечення вам буде потрібно встановити в розділ нову систему і зашифрувати її. Таким чином ви створите обманним ОС, і на цьому процес створення прихованої ОС буде завершено. + Прихована ОС успішно створена. Але перш ніж її можна буде використовувати (і мати можливість правдоподобно заперечення), потрібно надійно знищити (за допомогою VeraCrypt) весь вміст розділу, в якому зараз встановлена поточна ОС. Перш ніж це зробити, перезавантажте ПК і на екрані завантажувача VeraCrypt (виведеного до старту Windows) введіть пароль предзагрузочной автентифікації для прихованої ОС. Потім після старту прихованої системи автоматично запуститься майстер VeraCrypt.\n\nПримітка: якщо зараз перервати створення прихованої ОС, то відновити цей процес не вдасться, і прихована ОС виявиться недоступна (так як буде видалено завантажувач VeraCrypt). + Ви запланували створення прихованої операційної систми. Цей процес ще не закінчений. Щоб його завершити, потрібно перезавантажити комп'ютер і на екрані завантажувача VeraCrypt (він появляєтся перед запуском Windows) ввести пароль для прихованої операційної системи.\n\nПримітка: якщо ви вирішите перервати зараз процес створення прихованої ОС, ви вже НЕ зможете його відновити. + Перезавантажити ПК і продовжити + Остаточно перервати створення прихованої ОС + Зараз нічого неробити, спитати пізніше + \nРекомендується роздрукувати ЦЕЙ ТЕКСТ (натисніть 'Друк' нижче).\n\n\nЯк і коли використовувати диск відновлення VeraCrypt (після шифрування) ------- -----------------------------------------------------------------------------\n\n + I. Як завантажитеся з диска відновлення VeraCrypt\n\nCкориставшись диском відновлення VeraCrypt (Rescue Disk), вставте його в CD/DVD накопичувач і перезавантажте ПК. Якщо екран завантажувального диска VeraCrypt не з'являється (або якщо на екрані немає пункту 'Repair Options' у групі 'Keyboard Controls'), ймовірно, BIOS у вашому ПК налаштований на завантаження спочатку з жорстких дисків, і лише потім з CD/DVD-накопичувачів. Якщо це так, перезавантажте комп'ютер, натисніть F2 або Delete (як тільки побачите початковий екран BIOS) і дочекайтеся появи екрану налаштувань BIOS. Якщо він не з'явився, знову перезавантажте ПК (натисніть кнопку скидання - Reset) і відразу ж починайте постійно натискати F2 або Delete. Коли з'явиться екран налаштування BIOS, налаштуйте ПК так, щоб він спочатку завантажувався з CD/DVD-накопичувача (про те, як це зробити, зверніться до документації на вашу системну плату або BIOS). Потім перезавантажте комп'ютер. Тепер екран диска відновлення VeraCrypt має з'явитися. Примітка: на екрані диска відновлення VeraCrypt можна вибрати 'Repair Options', натиснувши F8 на клавіатурі.\n\n\n + II. Коли і як використовувати диск відновлення VeraCrypt (після шифрування)\n\n + 1) Якщо після старту ПК екран завантажувача VeraCrypt не з'являється (або не завантажується Windows), можливо, пошкоджений завантажувач VeraCrypt. Диск відновлення VeraCrypt дозволяє відновити його і, таким чином, знову отримати доступ до зашифрованої системі і даних (врахуйте, що вам все одно буде потрібно ввести правильний пароль). На екрані Rescue Disk виберіть 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Потім натисніть 'Y', щоб підтвердити дію, вийміть диск відновлення з CD/DVD-накопичувача і перезавантажте комп'ютер.\n\n + 2) Якщо ви вводите правильний пароль, а VeraCrypt каже, що пароль невірний, можливо, пошкоджено майстер-ключ або інші критичні дані. Диск відновлення VeraCrypt дозволяє відновити їх і, таким чином, знову отримати доступ до зашифрованої системі і даних (проте вам все одно буде потрібно ввести правильний пароль). На екрані Rescue Disk виберіть 'Repair Options' > 'Restore key data'. Потім введіть свій пароль, натисніть 'Y' для підтвердження дії, вийміть диск відновлення з CD/DVD-накопичувача і перезавантажте комп'ютер.\n\n + 3) Якщо завантажувач VeraCrypt ушкоджений або інфікований вірусом, ви можете уникнути його використання, завантажившись безпосередньо з диска відновлення VeraCrypt. Вставте диск відновлення в CD/DVD-накопичувач і введіть свій пароль на екрані Rescue Disk.\n\n + 4) Якщо Windows пошкоджений і відмовляється запускатися, диск відновлення VeraCrypt дозволяє перманентно розшифрувати розділ/диск до запуску Windows. На екрані Rescue Disk виберіть 'Repair Options' > 'Permanently decrypt system partition/drive'. Потім введіть правильний пароль і дочекайтеся завершення дешифрування. Після цього ви можете, наприклад, завантажитися з встановлюючого CD/DVD-диска Windows і відновити Windows.\n\n + Альтернативний варіант: якщо Windows пошкоджено (не запускається), і вам треба його відновити (або отримати доступ до його файлів), дешифрування системного розділу/диска можна уникнути, якщо виконати наступні кроки . Якщо у вашому комп'ютері встановлено декілька операційних систем, завантажте ту з них, яка не вимагає дозавантажуючої аутентифікації. Якщо в ПК немає кількох встановлених ОС, можна завантажитися з CD/DVD з WinPE або BartPE, або підключити системний диск як вторинний або зовнішній накопичувач до іншого комп'ютера і завантажити встановлену на цьому ПК операційну систему. Після того як система завантажиться, запустіть VeraCrypt, натисніть кнопку 'Пристрій', виберіть несправний системний розділ, натисніть 'OK', виберіть 'Система' > 'Змонтувати без дозавантажувальної аутентифікації', введіть свій пароль для дозавантажувальної аутентифікації і натисніть 'OK'. Розділ буде змонтований як звичайний том VeraCrypt (дані будуть як завжди розшифровуватися/шифруватися 'на льоту' в ОЗП при доступі до них).\n\n\n + Зверніть увагу, що якщо ви втратите свій диск відновлення VeraCrypt, а ваш ворог його знайде, він НЕ зможе за допомогою цього диска розшифрувати системний розділ або диск, якщо не знає правильного пароля. + \n\nВ А Ж Л И В О - РЕКОМЕНДОВАНО Роздрукувати цей ТЕКСТ (натисніть 'Друк').\n\n\nПримітка: цей текст відображається автоматично при кожному запуску прихованої системи, поки не буде створена підставна ОС.\n\n\n + Як надійно і безпечно створити підставну систему ------------------------------ ----------------------------------------------\n\nдомогтися правдоподібного заперечення причетності, вам потрібно створити зараз підставну операційну систему. Для цього виконайте наступне:\n\n + 1) В цілях безпеки вимкніть комп'ютер і не вмикфйте його хоча б кілька хвилин (чим довше, тим краще). Це потрібно для очищення пам'яті, яка містить конфіденційні дані. Потім увімкніть ПК, але не завантажуйте приховану систему.\n\n + 2) Встановлення Windows до розділу, вміст якого було видалено (тобто до розділу, де була вихідна ОС, клоном якої стала прихована система).\n\nВАЖЛИВО: КОЛИ ВИ почне встановлювати ПІДСТАВНУ ОС, ЗАВАНТАЖЕННЯ Прихованої система стане *НЕМОЖЛИВЕ* (так як завантажувач VeraCrypt буде стертий інсталятором Windows). Це нормальна ситуація, ТАК І МАЄ БУТИ. Не панікуйте. ВИ ЗМОЖЕТЕ ЗНОВУ ЗАВАНТАЖУВАТИ ПРИХОВАТИ ОС, як тільки приступете до шифрування ПІДСТАВНОЇ СИСТЕМИ (оскільки VeraCrypt потім автоматично встановить свій завантажувач на системний диск).\n\nВАЖЛИВО: Розмір розділу з підставної ОС повинен залишатися таким же, як і розмір прихованого тому (цю умова зараз дотримано). Більш того, не можна створювати ніяких розділів між розділами з підставної та прихованої системами.\n\n + 3) Завантажте підставну ОС (встановлену на етапі 2) і встановіть у ній VeraCrypt.\n\nПамятайте, що підставна ОС не повинна містити ніяких конфіденційних даних.\n\n + 4) У підставній ОС запустіть VeraCrypt і виберіть 'Система' > 'Зашифрувати системний розділ/диск'. Повинно з'явитися вікно майстра створення томів VeraCrypt.\n\nНаступні кроки відносяться до цього майстра.\n\n + 5) У вікні майстра створення томів НЕ обирайте опцію 'Прихований'. Залиште опцію 'Звичайний' і натисніть 'Далі'.\n\n + 6) Виберіть опцію 'Зашифрувати системний розділ Windows' та натисніть 'Далі'.\n\n + 7) Якщо в ПК встановлені тільки прихована і підставна системи, виберіть опцію 'Одиночне завантаження' (якщо в ПК більше ОС, ніж ці дві, виберіть 'мультизавантаження'). Натисніть 'Далі'.\n\n + 8) ВАЖЛИВО: На цьому етапі, для підставної ОС, ВИ ПОВИННІ ОБРАТИ ТІ Ж алгоритми шифрування і хешування, що і для Прихованої системи! ІНАКШЕ Прихована система буде недоступна! Іншими словами, підставна ОС повинна бути зашифрована тим же алгоритмом, що і прихована ОС. Примітка: причина цієї вимоги в тому, що підставна і прихована системи використовують один і той же завантажувач, що підтримує тільки один алгоритм, вибраний користувачем (для кожного алгоритму є свій завантажувач VeraCrypt).\n\n + 9) Оберіть пароль для підставної ОС. Це пароль, який ви можете видати ворогові, якщо вас змусять повідомити пароль дозавантажувальної аутентифікації (ще один пароль, який ми можете повідомити - для зовнішнього тому). Існування третього пароля (тобто пароля дозавантажувальної аутентифікації для прихованої ОС) залишиться таємницею.\n\nВАЖЛИВО: Пароль для підставної ОС повинен істотно відрізнятися від пароля для прихованого тому (тобто для прихованої ОС).\n\n + 10) Дотримуйтесь інструкцій майстра для шифрування підставної ОС.\n\n\n\n + Після створення підставної системи --------------------------------- ---------------\n\nПо закінчені шифрування підставної ОС процес створення прихованої ОС буде завершений, і ви зможете користуватися трьома паролями:\n\n1) Пароль дозавантажувальної аутентифікації для прихованої ОС.\n\n2) Пароль дозавантажувальної аутентифікації для підставної ОС.\n\n3) Пароль для зовнішнього томи.\n\n + Якщо ви бажаєте запустити приховану ОС, потрібно просто ввести пароль для прихованої ОС на екрані завантажувача VeraCrypt (який з'являється при увімкненні або перезавантаженні ПК).\n\nЯкщо вам потрібно завантажити підставну ОС, введіть пароль для підставної ОС на екрані завантажувача VeraCrypt.\n\nПароль для підставної ОС можна повідомляти будь-кому, хто зажадає дізнатися пароль дозавантажувальної аутентифікації. Наявність прихованого тому (і прихованої ОС) залишиться в секреті.\n\n + Третій пароль (для зовнішнього тому) можна повідомляти будь-кому, хто забажає дізнатися пароль для першого розділу, наступного за системним, де знаходяться зовнішній і прихований томи (з прихованою ОС). Існування прихованого томи (і прихованої ОС) залишиться секретом.\n\n\n + Якщо ви повідомете ворогові пароль від підставної ОС, і він запитає, чому вільне місце на (підставному) системному розділі містить випадкові дані, ви зможете, наприклад, відповісти: "Цей розділ раніше містив систему, зашифровану VeraCrypt, але я забув (ла) пароль дозавантажуючої аутентифікації (або система ушкодилася і перестала завантажуватися), тому мені довелося перевстановити Windows і знову зашифрувати розділ".\n\n\n + Якщо виконані всі інструкції і враховані запобіжні заходи, описані в главі "Вимоги безпеки та заходи безпеки щодо прихованих томів" в Керівництві користувача VeraCrypt, визначити наявність прихованого тому і прихованої ОС повинно бути неможливо, навіть якщо змонтований зовнішній том чи розшифрована/запущена підставна ОС.\n\nЯкщо ви збережете або роздрукуєте копію цього тексту (це рекомендується зробити, якщо тільки ваш принтер не зберігає копії завдань на своєму внутрішньому накопичувачі), то, створивши підставну систему і переконавшись, що ви зрозуміли все, що тут написано, всі копії цього тексту слід знищити (інакше якщо таку копію виявлять, це може навести на думку про наявність в ПК прихованої ОС).\n\n + УВАГА: ЯКЩО ВИ НЕ ЗАХИСТИТИ ПРИХОВАНИЙ ТОМ (про те, як це зробити, див главу "Захист прихованих томів від пошкоджень" в Керівництві користувача VeraCrypt), НЕ ВИКОНУЙТЕ ЗАПИС В ЗОВНІШНІЙ ТОМ (зверніть увагу, що підставна ОС встановлена ​​НЕ в зовнішньому томі). ІНАКШЕ ВИ МОЖЕТЕ ПЕРЕЗАПИСАТИ і ПОШКОДИТИ ПРИХОВАНИЙ ТОМ (І ПРИХОВАНУ ОС ВСЕРЕДИНІ НЬОГО)! + Клонувати операційну систему + На наступних етапах VeraCrypt створить приховану ОС, скопіювавши вміст системного розділу в приховуваному томі (копіюючі дані шифруються 'негайно' з ключем, відмінним від використовуваного для підставної ОС).\n\nМайте на увазі, що процес виконується на предзавантажувальній стадії (до запуску Windows) і може зайняти багато часу (декілька годин і навіть днів, в залежності від розміру системного розділу і швидкості ПК).\n\nВи зможете перервати цей процес, виключити ПК, запустити ОС а потім відновити його. Однак в випадку переривання, копіювання системи прийдеться почати зпочатку (так як при клонуванні вміст системного розділу не повинно змінюватися). + Ви бажаєте скасувати весь прцес створення прихованої операційної системи?\n\nПримітка: в випадку відміни ви НЕ зможете відновити процес. + Ви бажаєте завершити попередній тест системного шифрування? + Попередній тест системного шифрування VeraCrypt зазнав невдачі. Бажаєте спробувати ще раз?\n\nЯкщо оберете 'Ні', компонент попередньої аутентифікації буде видалено.\n\nПам'ятайте: якщо Початковий Завантажувач VeraCrypt не запитав про введення паролю перед запуском Windows, цілком можливо, що операційна система не завантажується з пристрою, на якому її встановлено. Такий варіант не підтримується. + Системний розділ/пристрій не виглядає зашифрованим (ні частково, ні повністю). + Ваш системний розділ/пристрій є зашифрованим (частково або повністю).\n\nБудь ласка, розшифруйте його назавжди перед продовженням. Щоб це зробити, оберіть 'Система' > 'Назавжди розшифрувати системний розділ/пристрій' зі строки меню головного вікна VeraCrypt. + Якщо системний розділ / диск зашифровано (частково або повністю), ви не можете встановити стару вкрсію VeraCrypt (але ви можете оновити його або перевстановити ту ж версію). + На даний момент ваш системний розділ/пристрій шифрується, розшифровується або іншим чином змінюється. Будь ласка, перервіть процес шифрування/розшифрування/модифікації (або дочекайтесь його завершення) перед продовженням. + На даний момент одна копія Майстра Створення Томів VeraCrypt вже запущено на цій системі та виконує або готується до шифрування/розшифрування системного розділу/пристрою. Перед продовженням, будь ласка, дочекайтесь завершення або закрийте його. Якщо ви не можете закрити його, будь ласка, перезавантажте комп'ютер. + Процес шифрування або розшифрування системного розділу/пристрою не завершено. Будь ласка, дочекайтесь завершення перед продовженням. + ПОМИЛКА: процес шифрування розділу/пристрою не завершено. Його необхідно завершити. + ПОМИЛКА: Шифрування розділу/тому не було завершено. Спосатку його портібно завершити.\n\nПримітка: щоб відновити процес, виберіть команду 'Томи' > 'Продовжити перерваний процес' в меню головного вікна VeraCrypt. + Пароль вірний. VeraCrypt успішно розшифрувала заголовок тому і виявила, що цей том є прихованим системним томом. Однак змінити заголовок прихованого системного тому таким чином неможливо.\n\nЩоб змінити пароль прихованого системного тому, завантажте ОС, розміщену в приховуваному томі, після чого в головному вікні VeraCrypt виберіть в меню 'Система' > 'Змінити пароль'.\n\nЩоб встановити алгоритм деривації ключа заголовку, завантажте приховану ОС і виберіть 'Система' > 'Встановити алгоритм деривації ключа заголовку'. + VeraCrypt не підтримує дешифрування прихованого системного розділу на місці.\n\nПримітка: якщо ви хочете дишифтувати підставний системний розділ, завантажте підставну ОС, після чого виберіть в головному вікні VeraCrypt меню 'Система' > 'Перманентно розшифрувати системний розділ/диск'. + Помилка: невірний/недійсний параметр. + Ви обрали розділ чи пристрій, але обраний режим Майстра застосовується лише для файл-контейнерів.\n\nБажаєте змінити режим Майстра? + Бажаєте замість цього створити файл-контейнер VeraCrypt? + Ви обрали системний розділ/пристрій, але обраний режим Майстра застосовується лише для несистемних пристроїв.\n\nВи бажаєте встановити початкову аутентифікацію (що означає необхідність введення паролю щоразу перед запуском Windows) та зашифрувати цей системний розділ/пристрій? + Ви дійсно бажаєте назавжди розшифрувати системний розділ/пристрій? + ОБЕРЕЖНО: якщо ви назавжди розшифруєте системний розділ/пристрій, на ньому буде записано незашифровані дані.\n\nВи дійсно бажаєте назавжди розшифрувати системний розділ/пристрій? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + УВАГА! При використанні каскадних шифрів для шифрування системи ви можете зіткнутися з наступними проблемами:\n\n1) Завантажувач VeraCrypt більше, ніж стандартний, тому в першому циліндрі диска недостатньо місця для резервного копіювання завантажувача. Відповідно, якщо він буде пошкоджений (що часто трапляється, наприклад, при неякісно реалізованих анти-піратських процедурах активації деяких програм), для завантаження або ремонту завантажувача VeraCrypt вам знадобиться диск відновлення (VeraCrypt Rescue Disk).\n\n2) При підвищиних вимогах до памяті, на деяких комп'ютерах системний розділ/диск зашифрувати неможливо.\n\n3) Вихід із стану сну на деяких комп'ютерах триває довше ніж звичайно.\n\nЦих потенційних проблем можливо уникнути, якщо выбрати не-каскадний алгоритм шифрування (наприклад, AES).\n\nВи дійсно хочете використовувати каскадне шифрування? + Якщо вам трапилась якась проблема з попередньо згаданих, розшифруйте розділ/пристрій (якщо він зашифрований) та спробуйте зашифрувати його знову, використовуючи не-каскадний алгоритм шифрування (наприклад AES). + УВАГА: В цілях безпеки і надійності, вам потрібно оновити VeraCrypt в підставній операційній системі, перед тимяк як ви оновите його в прихованій ОС.\n\nЩоб це зробити, заавнтажте підставну ОС і запустіть в ній інсталятор VeraCrypt. Потім завантажте приховану систему і знову запустіть інсталятор.\n\nПримітка: підставна і прихована системи використовують один і той самий завантажувач. Якщо ви оновите VeraCrypt тільки на прихованій системі (но не на підставній), в підставній системі можуть залишитися драйвер і додаток VeraCrypt, чиї версії будуть відрізнятися від версії завантажувача VeraCrypt. Така різниця може свідчити про присутність в даному ПК прихованої операційної системи.\n\n\nХочете продовжити? (Не рекомендується.) + Номер версії завантажувача VeraCrypt, за допомогою якого була завантажена ця ОС, відрізняється від номера версії драйвера і додатків VeraCrypt, встановлених у цій системі.\n\nВам треба запустити інсталятор VeraCrypt (тієї ж версії, що й у завантажувача VeraCrypt), щоб оновити VeraCrypt у цій операційній системі. + Номер версії завантажувача VeraCrypt, за допомогою якого завантажена ця ОС, відрізняється від номера версії драйвера VeraCrypt (і додатків VeraCrypt) у цій системі. Більш старі версії можуть містити помилки, яких в нових версіях вже немає.\n\nЯкщо ви не завантажувалися з диска відновлення VeraCrypt, вам слід перевстановити VeraCrypt або оновити до новішої стабільної версії (при цьому завантажувач також буде оновлено).\n\nЯкщо ви завантажувалися з диска відновлення VeraCrypt, вам слід оновити його ('Система' > 'Створити диск відновлення'). + Початковий Завантажувач VeraCrypt оновлено.\n\nрекомендовано створити новий Диск Відновлення VeraCrypt (який буде містити нову версію Початкового Завантажувача VeraCrypt), обравши 'Система' > 'Створити Диск Відновлення' після перезавантаження комп'ютера. + Завантажувач VeraCrypt оновлений.\n\nНастоятельно рекомендуется загрузить обманную операционную систему и затем создать новый диск восстановления VeraCrypt (который будет содержать новую версию загрузчика VeraCrypt). Для этого выберите меню 'Система' > 'Создать диск восстановления'. + Не вдалось відновити Початковий Завантажувач VeraCrypt до нової версії. + VeraCrypt не може визначити справжній розмір системного диска, тому буде використовуватися розмір, повідомлений операційною системою (який може бути менший за реальний розмір). Примітка: це не помилка в VeraCrypt. + УВАГА: VeraCrypt вже робив спробу пошуку прихованих секторів на системному пристрої. Якщо впродовж попереднього процесу пошуку виникали будь-які проблеми, ви можете попередити їх, пропустивши цього разу пошук прихованих секторів. Пам'ятайте, якщо ви це зробите, VeraCrypt буде використовувати розмір, про який повідомлено операційною системою (який може бути менше за реальний).\n\nПам'ятайте, це не помилка VeraCrypt. + Пропустити пошук прихованих секторів (використати розмір, про який повідомлено операційною системою) + Ще раз зробити пошук прихованих секторів + Помилка: Не вдається прочитати один чи декілька секторів на диску.\n\nШифрування 'на місці' може бути продовжено, тільки коли сектори знову будуть доступні для чтитання. VeraCrypt може спробувати зробити ці сектори читаючими шляхом запису в них нулів (всі нулі блоки будуть зашифровані). При цьому, однак, дані в нечитаючих секторах будуть втрачені. Якщо ви хочете цього уникнути, попробуйте відновити пошкоджені данні (ігноруючи помилки контрольних сум) з допомогою відповідних програм сторонніх фірм.\n\nПримітка: якщо сектори пошкоджені фізично (в відмінності від простого порчення данних і помилок контрольних сум), більшість пристрої зберігання інформації внутрішньо перерозприділяють сектори при спробі записати в них дані (тому поточні дані в пошкоджених секторах можуть залишатися на диску незашифрованими).\n\nХочете, щоб VeraCrypt запвнив нулями нечитаючі сектори? + ПОМИЛКА: Неможливо прочитати вміст одного або декількох секторів диску (ймовірно, через фізичний дефект).\n\nПродовжити шифрування, VeraCrypt відкине вміст нечитаних секторів (воно буде замінено псевдовипадковими даними). Перш ніж продовжити, ви можете спробувати хоча б частково відновити пошкоджені дані за допомогою відповідних програм сторонніх розробників.\n\nБажаєте, щоб VeraCrypt відкинув зараз дані в нечитаних секторах? + Примітка: VeraCrypt замінив вміст %I64d нечитаючих секторів (%s) зашифрованими блоками із звичайним нулювим текстом. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Введіть пароль/PIN для токену '%s': + Щоб забезпечити VeraCrypt доступ до токена безпеки чи смарт-карті, зпочатку потрібно встановитв програмну бібліотеку PKCS #11 для токену або смарт-карти. Ця бібліотека може поставлятися разом з пристроєм або знаходиться на сайті постачальника або сторонньої фірми.\n\nВстановивше бібліотеку, ви можете або выбрати її вручну, нажавши 'Бібліотека', або дозволити VeraCrypt найти її автоматично, натиснувши 'Автовизначення бібліотеки' (пошук виконується тільки в системній теці Windows). + Примітка: ім'я і розташування файлу бібліотеки PKCS #11 для токена або смарт-карти див. в документації до токена, смарт-карти чи ПЗ сторонніх фірм.\n\nНатисніть 'OK', щоб вибрати шлях і ім'я файла. + Щоб забезпечити VeraCrypt доступ до токену безпеки або смарт-карте, зпочатку потрібно вибрати програмну бібліотеку PKCS #11 для токена/карти. Для цього виберіть в меню 'Настройки' > 'Токени безпеки'. + Помилка ініціалізації бібліотеки PKCS #11 для токена безпеки.\n\nВпевніться, що вказаний шлях і ім'я файла дійсно посилається на бібліотеку PKCS #11. Щоб вказати шлях і ім'я бібліотеки PKCS #11, виберіть в меню 'Настройки' > 'Токени безпеки'. + В системній теці Windows бібліотека PKCS #11 не виявлена.\n\nПеревірте, чи встановлена бібліотека PKCS #11 для вашого токена безпеки (або смарт-карти). Ця бібліотека може поставлятися зазом з токеном/картою або ж доступна на сайті виробника/стотронньої фірми. Якщо бібліотека встановлена в теці, відмінної от системной теки Windows, натисніть кнопку 'Бібліотека' і виберіть її (наприклад, це може бути тека, де встановлено ПЗ для токена/карти). + Токен безпеки не виявлений.\n\nпереконайтесь, що токен підключений до ПК, і для нього встановлений коректний драйвер. + Файл-ключ токена безпеки не виявлено. + Файл-ключ токена безпеки з таким ім'ям уже існує. + Ви хочете видалити вибрані файли? + Шлях до ключового файлу токена безпеки невірний. + Помилка токена безпеки + Невірний пароль для токена безпеки. + В токені безпеки недостньо памяті для виконання запитаної операції.\n\nЯкщо ви намагаєтесь імпортувати Файл-ключ, виберіть файл меншого обєму або використовуйте Файл-ключ, згенерованний VeraCrypt (виберіть 'Ключові файли' > 'Створити випадковий Файл-ключ'). + Всі відкриті токен-сесії були закриті. + Виберіть ключові файли токена безпеки + Слот + Токен + Ім'я файла + Майте на увазі, шо паролі передзагрузочної аутентифікації завжди вводяться з використанням стандартної розкладки американскької клавіатури. Тому том, пароль якого набраний у відмінності від US-клавіатури, може виявитися неможливо монтувати з допомогою кешованого пароля предзагрузочної аутентифікації. Це не помилка VeraCrypt. + Системні обрані томи будуть монтуватися з використанням пароля дозавантажувальної аутентифікації. Якщо у якогось із таких томів інший пароль, цей том змонтований не буде. + Якщо ви бажаєте заборонити функції VeraCrypt зі звичайними томами ('Розмонтувати все', авторозмонтування та ін) для обраних системних томів, потрібно увімкнути параметер 'Переглядати/размонтувати системні обрані томи можуть лише адміністратори'. Крім того, якщо VeraCrypt запущено без прав адміністратора (що стандартно для Vista і новіших версій Windows), обрані системні томи не будуть відображатися в списку літер дисків в головному вікні VeraCrypt. + ВАЖЛИВО: Пам'ятайте, що якщо вибрана ця опція, а VeraCrypt не має адміністративних привілеїв, змонтовані системні обрані томи НЕ відображаються у вікні VeraCrypt і їх не можна демонтувати. Тому якщо, наприклад, потрібно демонтувати системний обраний том, спочатку клацніть правою кнопкою миші по значку VeraCrypt (в меню 'Пуск') і виберіть запуск від імені адміністратора. Те ж саме відноситься до функції 'Розмонтувати все', функціям авторозмонтування, гарячим клавішам 'Розмонтувати все' і т.д. + Зауважимо, що цей параметр набуває чинності тільки після перезавантаження системи. + Помилка обробки командним рядком. + Диск відновлення + Вибрати &файл і монтувати... + Вибрати &пристрій і монтувати... + Дозволити лише адміністраторам переглядати і розмонтовувати системні обрані томи у VeraCrypt + Монтувати системні обрані томи при старті Windows (у початковій фазі завантаження) + УВАГА: Файлова система тому, змонтованого як '%s', не була правильно демонтована, і тому може містити помилки. Використання пошкодженої файлової системи може призвести до втрати або псування даних.\n\nПримітка: перш ніж фізично видаляти або вимикати пристрій (наприклад, флеш-накопичувач USB або зовнішній жорсткий диск), на якому знаходиться змонтований тому VeraCrypt, зпершу завжди слід демонтувати цей том .\n\n\nБажаєте, щоб Windows спробувала знайти і виправити помилки (якщо вони є) файлової системи? + УВАГА: Один або декілька системних обраних томів не були чисто демонтувати і тому можуть містити помилки файлової системи. Щоб дізнатись більше e системному звіті про події.\n\nВикористання пошкодженої файлової системи може призвести до втрати або пошкодження даних. Перевірте такі томи на помилки (клацніть правою кнопкою миші на томі і виберіть команду полагодити файловоу систему). + УВАГА: Виправлення пошкодженої файлової системи за допомогою утиліти\nMicrosoft 'chkdsk' може викликати втрату файлів в пошкоджених ділянках.\nТому рекомендується зпершу скопіювати файли з тому VeraCrypt на інший,\nнепошкоджений том VeraCrypt.\n\nБажаєте виправити файлову систему зараз? + Обсяг '%s' був встановлений, тільки для читання, оскільки запис булв відхилений.\n\nБудь ласка, переконайтеся в тому, що дозволений запис до файлу контейнера (клацніть правою кнопкою миші контейнер і виберіть Властивості > Безпека).\n\nЯкщо ви маєте намір зберегти ваш обсягу тільки для читання, встановіть атрибут "Тільки читання" з контейнера (правою кнопкою миші контейнер і виберіть "Властивості" > "Тільки читання"), який буде придушувати це попередження. + Обсяг '%s' був встановлений, тільки для читання, оскільки запис булв відхилений.\n\nБудь ласка, переконайтеся в тому, що дозволений запис до файлу контейнера (клацніть правою кнопкою миші контейнер і виберіть Властивості > Безпека).\n\nЯкщо ви маєте намір зберегти ваш обсягу тільки для читання, встановіть атрибут "Тільки читання" з контейнера (правою кнопкою миші контейнер і виберіть "Властивості" > "Тільки читання"), який буде придушувати це попередження. + Том '%s' було підключено тільки для читання, оскільки операційна система заборонила запис на хост-пристрій.\n\nЗверніть увагу, що деякі спеціальні драйвери чіпсета, помилково повідомляють, доступні для запису носії інформації як пристрої тільки для читання. Ця проблема не пов'язана з VeraCrypt. Вона може бути вирішена шляхом поновлення або видалення драйвері чіпсету сторонніх виробників (не Microsoft). + Зверніть увагу, що технологія Hyper-Threading забезпечує декілька логічних ядер на одному фізичному ядрі. Коли Hyper Threading увімкнено, число показує кількість логічних процесорів/ядер. + %d шт. + Зазначимо, що апаратне пришвидшення AES вимкнено це буде впливати на результати тестів (погіршить продуктивність).\n\n увімкнути апаратне прискорення, виберіть "Налаштування" > 'Швидкодія' й увімкніть відповідну опцію. + Зверніть увагу, що кількість потоків в даний час обмежується, які будуть впливати на результати тестів (гірша продуктивність).\n\n Щоб використовувати весь потенціал процесора (ів), "Налаштування", виберіть > "Швидкодія" і вимкніть відповідну функцію. + Бажаєте, щоб VeraCrypt спробувати відключити захист від запису на розділ/диск? + УВАГА: Цей параметр може знизити продуктивність.\n\nвикористовувати цей параметр? + Увага: VeraCrypt авто-розмонтував пристрої + Перед тим, як фізично видалити або відключити пристрій, що містить встановлений обсяг, ви повинні демонтувати спершу том VeraCrypt.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Тест + Файл-ключ + Backspace + Tab + Очистити + Enter + Pause + Caps Lock + Пробіл + Page Up + Page Down + End + Home + Стрілка вліво + Стрілка вгору + Стрілка вправо + Стрілка вниз + Клавіша вибору + Клавіша друку + Клавіша виконання + Print Screen + Insert + Delete + Клавіша пропозицій + Спати + Num Lock + Scroll Lock + Бравзер - назад + Бравзер - вперед + Браузер - оновити + Браузер - стоп + Браузер - пошук + Браузер - Вибране + Браузер - Початкова сторінка + Без звуку + Зменшити гучність + Збільшити гучність + Наступний трек + Попередній трек + Стоп + Пуск/пауза + Клавіша запуску пошти + Клавіша вибору носія + Застосунок 1 + Застосунок 2 + Attn + СтвВид + РасВид + Пуск + Зум + NumPad + Shift + Control + Alt + Win + б + Кб + Мб + Гб + Тб + Пб + б/с + Кб/с + Мб/с + Гб/с + Тб/с + Пб/с + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.uz.xml b/Translations/Language.uz.xml index 93a356f4..381e9c2f 100644 --- a/Translations/Language.uz.xml +++ b/Translations/Language.uz.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Бекор кил - Барча фойдаланувчилар учун ўрнатиш - О&чиш... - & VeraCrypt Рабочий столда - Donate now... - '.hc' кенгайтмасини VeraCrypt билан келиштириш - Иш охирида белгиланган жойни очиш - & VeraCrypt ни 'Пуск' га кўшиш - Кайта тиклаш ну&қтасини яратиш - Учи&риш - &Ичидан олиш - &ўрнатиш - VeraCrypt ўрнатувчи уста - VeraCrypt учириш - &Маълумот - Ичидан олинадиган файлларни жойлатириш марказини кўрсатинг: - VeraCrypt дастур файлларини қаерга ўрнатишни кўрсатинг.\nАгар бундай папка булмаса, у холда у автомат яратилади. - Системадан VeraCrypt учириш учун 'Учириш' тугмасини босинг. - Тўхта - &Benchmark - &Тест - Шифрланган томни яратиш ва уни форматлаш - Бўлимни тугран жойида шифрлаш - Яратилган калитларни кўрсатиш (уларнинг кисмларини) - Пул() кўрсатиш - CD/DVD ёзиш учун Дастурни ишга тушириш - Шифрланган файл контейнерини яратиш - &Гб - &ТБ - Тўлиқрок - &Яширилган VeraCrypt томи - 'Яширилган том' узи нима? - Тугри режим - Оддий режим - &Кб - Ка&лит. файллар - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - Ка&лит. файллар... - Хэш-алгоритмлар буйича маълумотлар - Тўлиқрок - Information on PIM - &Мб - Тўлиқрок - Шифрлаш системаси буйича Тўлиқрок маълумот - Тўлиқрок - Мультиюклаш - Система Бўлими/диски булмаганни шифрлаш - &Тарихни сакламаслик - Ташқи томни очиш - &Пауза - Use P&IM - Use PIM - Тезда форматлаш. - &Паролни кўрсатишлик - &Паролни кўрсатишлик - &Display PIM - Биттадан юклаш - VeraCrypt оддий томи - Яши&рин - Оддий - Дискнинг Тўлиқ кисмини ёки Бўлимини шифрлаш - Windows система Бўлимини шифрлаш - Дискнинг барча кисмини шифрлаш - VeraCrypt томларини яратиш устаси - Кластер - ЗАРУР: Сискончани ушбу ойнада хар хил харакатлантиринг, канчалик куп сичконча жойи узгарса, шунчалик шифрлаш кучи ошади. Кейин 'Кейингисига' тугмасини босинг. - &Тасдиклаш: - Тайёр - Drive letter: - Шифрлаш алгоритми - Файл.сист. - Файл ичида виртуал шифрланган диск яратиш. Тажрибасиз фойдаланувчиларга маслахат берилади. - Опцииялар - Хэш-алгоритм - Калит топ-мок: - Яна - Уста-калит: - Агар компьютерингизда бир неча ОС лар булса ушби опцияни танланг.\n\nМасалан:\n- Windows XP ва Windows XP\n- Windows XP ва Windows Vista\n- Windows ва Mac OS X\n- Windows и Linux\n- Windows, Linux ва Mac OS X - Cистемасиз бўлган ички ёки ташқи бўлимни шифрлаш (масалан, флешкада). Яширинин том яратиш имкони билан бирга. - Пуулнинг(бўлим) ҳозирги ҳолати - Пароль - Пароль: - Volume PIM: - Volume PIM: - Операция ҳолати: - Тасодифий: - Агар компьютерингизда битта ОС ўрнатилган бўлса шу опцияни танланг, гарчи фойдаланувчилар сони кўп бўлса ҳам. - Тезлик - Ҳолати(статус) - Калитлар ва бошқа берилган маълумотлар генерация қилинди. Агарда сиз янги калитларни генерация қилмоқчи бўлсангиз 'Орқага' тугмасини босиб кейин 'Давоми' тугмасини босасиз. Бўлмасам 'Давоми' тугмасини бўсинг. - Зашифровать раздел/диск, где установлена Windows. Перед каждой загрузкой Windows нужно будет вводить пароль для доступа к ОС, считывания и записи файлов и т.д. Дополнительно - создание скрытой ОС. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Режим очистки: - Закрыть - Разре&шить отмену предзагрузочной авторизации по Esc (включить диспетчер загрузки) - Нет действий - &Автомонтирование тома VeraCrypt (указанного) - &Запуск VeraCrypt - Автоопределение &библиотеки - К&эшировать пароль предзагрузочной авторизации в памяти драйвера (для монтирования несистемных томов) - Обзор... - Обзор... - К&эшировать пароли и ключевые файлы - Выход, если нет смонтированных томов - Закр&ыть токен-сессию (выйти) после успешного монтирования тома - Include VeraCrypt Volume Expander - С мастером создания томов VeraCrypt - Создать - &Том(файл) яратиш - Ни&чего не показывать на экране авторизации (кроме указанного ниже текста) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Ключ. файлы - Ключ. файлы - Ч&иқиш - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Назначить - Убрать - Ключ.файлы... - Do not use the following number of processors for encryption/decryption: - More information - More information - Ещё настройки... - &Автомат уламоқ - Параметр&ы... - Монтировать как том только для &чтения - Ключ.файлы... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Включено - Кэшировать пароли в памяти - Авторазмонтировать тома при неактивности в течение - завершении сеансов - User session locked - входе в энергосбережение - старте экранной заставки - Авторазмонтировать тома даже при открытых файлах/папках - Монтировать все тома на устройствах - Запуск VeraCrypt в фоне - Монтировать как тома только для чтения - Монтировать как сменные носители - Открывать окно Проводника для успешно смонтированного тома - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Очищать кэш паролей при авторазмонтировании - Очищать кэш паролей при выходе - Preserve modification timestamp of file containers - Сброс - &Қурилма... - &Файл... - &Библиотека... - Показ пароля - Показ пароля - &Открыть смонтированный том в окне Проводника - &Кэшировать пароль в памяти драйвера - TrueCrypt Mode - &Уланишларни узиш - Сво&йства тома... - О&перациялар... - О&чистить кэш - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - Общесистемные горячие клавиши - VeraCrypt - Изменение пароля или ключевых файлов - Введите пароль тома VeraCrypt - VeraCrypt - Performance and Driver Options - VeraCrypt - Настройки - VeraCrypt - Настройки шифрования системы - VeraCrypt - Настройки токена безопасности - Настройка переносного диска VeraCrypt - Свойства тома VeraCrypt - О программе... - Добавить/удалить ключевые файлы в/из том(а)... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Сделать резервную копию заголовка тома... - Тест скорости... - Установить алгоритм деривации ключа заголовка... - Изменить пароль тома... - Установить алгоритм деривации ключа заголовка... - Изменить пароль... - Очистить историю томов - Закрыть все токен-сессии - Связь с авторами... - Создать скрытую ОС... - Создать диск восстановления... - Создать новый том... - Permanently Decrypt... - Ключевые файлы по умолчанию... - Default Mount Parameters... - Donate now... - Зашифровать системный раздел/диск... - Часто задаваемые вопросы - Руководство пользователя - &Домашняя страница - Горячие клавиши... - Генератор ключевых файлов - Язык (language)... - Юридическая информация - Ключевые файлы токена безопасности... - Автомонтирование всех томов на базе устройств - Смонтировать избранные тома - Смонтировать &без предзагрузочной авторизации... - Смонтировать том - Смонтировать том с параметрами - Новости - Справка в Интернете - Руководство для начинающих - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Перманентно расшифровать системный раздел/диск - Настройки... - Обновить буквы дисков - Удалить из тома все ключевые файлы... - Восстановить заголовок тома... - Продолжить прерванный процесс - Выбрать устройство... - Выбрать файл... - Возобновить прерванный процесс - Шифрование системы... - Свойства... - Установки... - System Favorite Volumes... - Загрузка ПО - Тест алгоритмов генерирования векторов... - Токены безопасности... - Настройка переносного диска... - Размонтировать все смонтированные тома - Размонтировать том - Проверить диск восстановления - Verify Rescue Disk ISO Image - История версий - Volume Expander - Свойства тома - Мастер создания томов - Сайт VeraCrypt - Очистить кэш паролей - OK - Hardware Acceleration - Клавиша быстрого вызова - Настройка автозапуска (файл autorun.inf) - Автоматическое размонтирование - Размонтировать все тома при: - Параметры экрана загрузчика - Подтвердите: - Текущий - Показывать этот текст на экране предзагрузочной авторизации (не более 24 символов): - Параметры монтирования томов по умолчанию - Дополнительные параметры - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Файловые параметры - Клавиша: - Processor (CPU) in this computer supports hardware acceleration for AES: - Действия при входе в Windows - мин - Диск харфи: - Параметры монтирования тома VeraCrypt - Янги - Пароль: - Thread-Based Parallelization - Путь к библиотеке PKCS #11 - PKCS-5 PRF: - PKCS-5 PRF: - Кэширование (запоминание) паролей - Параметры безопасности - Работа VeraCrypt в фоновом режиме - Том для монтирования (относительно корня переносного диска): - При вставке переносного диска: - Создать файлы переносного диска (корневая папка переносного диска) в: - Том - Окна - Пап&ка... - &Автотест всех - &Continue - &Дешифрация - &Удалить - &Шифрация - &Экспорт... - Создать и сохранить файл... - Случа&йный ключевой файл... - Загрузить языковые модули с сайта - Hardware-accelerated AES: - &Импорт кл.файла в маркер доступа... - &Файлы... - Клю&чевые файлы - К&люч.файлы... - &Удалить - Удалить &все - Что такое 'Защита скрытых томов'? - Что такое 'ключевой файл'? - Монтировать том как &сменный носитель - Монтировать раздел с шифрованием ОС &без предзагр. авторизации - Parallelization: - Тест - Пе&чать - З&ащитить скрытый том от повреждения при записи во внешний том - &Сброс - Пока&з пароля - Добавить &токен-файлы... - Применять копию заголовка, встроенну&ю в том, если возможно - XTS-режим - О программе VeraCrypt - VeraCrypt - Тест скорости алгоритмов шифрования - VeraCrypt - Тест генерирования векторов - Справка по командной строке - VeraCrypt - Ключевые файлы - VeraCrypt - Генератор ключевых файлов - VeraCrypt - Язык интерфейса - VeraCrypt - Параметры монтирования - Свойства ключевого файла нового токена безопасности - VeraCrypt - Random Pool Enrichment - Выберите раздел или устройство - VeraCrypt - Ключевые файлы токена безопасности - Токен безопасности: требуется пароль/PIN - Сведения о выбранном языковом модуле - На скорость влияют загрузка ЦП и характеристики устройств хранения данных.\n\nЭти тесты выполняются в ОЗУ. - Буфер: - Шифр: - Пароль с&крытого тома:\n(если пусто, то из кэша) - Защита скрытого тома - Длина ключа: - ВАЖНО: Хаотично перемещайте мышь внутри этого окна. Чем дольше, тем лучше. Это значительно увеличит криптостойкость ключевого файла. - !!! При утере ключевого файла или повреждении его первых 1024 килобайт монтирование использующих этот файл томов невозможно! - бит - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Автор перевода: - Размер: - бит - Текущее содержимое пула - Микшер повтора: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Вторичный ключ (16-ричное) - Токен: - Сортировка: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Число блоков: - Зашифрованный текст (16-ричное) - Число единиц с данными (64-бит 16-ричное, размер единицы с данными - 512 байт) - Ключ (16-ричное) - Незашифрованный текст (16-ричное) - Ключевой файл: - XTS-режим - &Система - &Тома - Favor&ites - Серв&ис - Настрой&ки - Спра&вка - &Веб-страница - - &О программе... - Невозможно снять атрибут 'только чтение' со старого тома. Проверьте, разрешён ли доступ к файлу. - Ошибка! Нет доступа.\n\nРаздел, к которому вы пытаетесь получить доступ, имеет длину 0 секторов, либо это загрузочное устройство. - Administrator - Чтобы можно было загрузить драйвер VeraCrypt, вы должны войти в систему с правами Администратора. - Чтобы можно было шифровать/Дешифрация/форматировать раздел/устройство, вы должны войти в систему с правами Администратора.\n\nК томам на основе файлов это не относится. - Чтобы можно было создать скрытый том, вы должны войти в систему с правами Администратора.\n\nПродолжить? - Чтобы можно было форматировать тома как NTFS, вы должны войти в систему с правами Администратора.\n\nБез привилегий Администратора можно форматировать тома только как FAT. - Утверждённый FIPS (США) Шифрлаш алгоритми (Rijndael, опубликован в 1998 г.), разрешён к применению в федеральных структурах США для защиты важнейшей информации. 256-бит ключ, 128-бит блок, 14 циклов (AES-256). Режим работы -- XTS. - Том уже смонтирован. - ОСТОРОЖНО: По крайней мере один Шифрлаш алгоритми или хэширования не прошёл автоматического самотестирования.\n\nВозможно, повреждена установка VeraCrypt. - ОСТОРОЖНО: В пуле генератора случайных чисел недостаточно данных для предоставления нужного объёма случайной информации.\n\nПродолжать дальше не следует. Выберите в меню 'Справка' пункт 'Сообщить об ошибке' и известите авторов. - Повреждён диск (на нём физический дефект) или кабель, либо сбоит память компьютера.\n\nЭто проблема аппаратной части вашего ПК, а не VeraCrypt. Пожалуйста, НЕ сообщайте нам о ней как об ошибке/проблеме в работе VeraCrypt и НЕ просите о помощи в форумах VeraCrypt. Обратитесь за консультацией к изготовителю своего компьютера. Спасибо.\n\nПримечание: если ошибка происходит регулярно в одном и том же месте, наиболее вероятная причина - в повреждённом блоке на диске, который можно попытаться исправить с помощью стороннего ПО (учтите, что во многих случаях команда 'chkdsk /r' бесполезна, так как она работает лишь на уровне файловой системы; иногда 'chkdsk' не может даже детектировать ошибку). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Неверная буква диска. - Неверный путь. - Отмена - Нет доступа к устройству. Проверьте, имеется ли выбранное устройство и не занято ли оно. - Внимание! Нажата клавиша Caps Lock. Это может привести к неправильному вводу пароля. - Том тури - Может так случиться, что кто-то вынудит вас сообщить пароль от зашифрованного тома. В ряде ситуаций вы просто не сможете отказаться выдать пароль (например, при вымогательстве). В подобных случаях поможет так называемый 'скрытый том', позволяющий не выдавать пароля к действительно ценным данным. - Выберите эту опцию, чтобы создать обычный том VeraCrypt. - Внимание! Если вы хотите, чтобы операционная система была установлена на скрытом томе на основе раздела, то весь системный диск нельзя зашифровать с помощью лишь одного ключа. - Шифрование внешнего тома - Шифрование скрытого тома - Настройки шифрования - ВНИМАНИЕ: Ошибка очистки пути к последнему выбранному тому/ключевому файлу (запомненному селектором файлов). - ОШИБКА: Контейнер был сжат на уровне файловой системы. VeraCrypt не поддерживает сжатые контейнеры (сжатие зашифрованных данных неэффективно и избыточно).\n\nОтключите сжатие контейнера, выполнив следующие шаги: 1) Щёлкните правой кнопкой мыши в Проводнике Windows (не в VeraCrypt). 2) Выберите пункт 'Свойства'. 3) В диалоговом окне 'Свойства' нажмите кнопку 'Дополнительно'. 4) В диалоговом окне 'Дополнительные атрибуты' выключите параметр 'Сжимать содержимое для экономии места на диске' и нажмите 'OK'. 5) Нажмите 'OK' в диалоговом окне 'Свойства'. - Ошибка создания тома %s - Хажми %s - %.2f байт - Хажми %s - %.2f Кб - Хажми %s - %.2f Мб - Хажми %s - %.2f Гб - Хажми %s - %.2f Тб - Хажми %s - %.2f Пб - ВНИМАНИЕ: Устройство/раздел используется операционной системой или приложениями. Форматирование устройства/раздела может привести к потере данных или нестабильности системы.\n\nПродолжить? - ВНИМАНИЕ: Устройство/раздел используется операционной системой или приложениями. Следует закрыть все программы, которые могут использовать раздел (включая антивирусное ПО).\n\nПродолжить? - ОШИБКА: Устройство/раздел содержит файловую систему, которая не может быть размонтирована. Эта файловая система может использоваться операционной системой. Форматирование устройства/раздела вероятнее всего приведёт к повреждению данных и нестабильности системы.\n\nДля решения этой проблемы мы рекомендуем сначала удалить этот раздел, после чего вновь создать его без форматирования. Вот как это сделать: 1) Щёлкните правой кнопкой мыши по значку 'Компьютер' (или 'Мой компьютер') в меню 'Пуск' и выберите пункт 'Управление'. Должно появиться окно 'Управление компьютером'. 2) В окне 'Управление компьютером' выберите 'Запоминающие устройства' > 'Управление дисками'. 3) Щёлкните правой кнопкой мыши по разделу, который вы хотите зашифровать, и выберите либо 'Удалить раздел', либо 'Удалить том', либо 'Удалить логический диск'. 4) Нажмите 'Да'. Если Windows попросит перезагрузить компьютер, сделайте это. Затем повторите шаги 1 и 2 и перейдите к шагу 5. 5) Щёлкните правой кнопкой на участке с пустым местом (оно должно содержать надпись 'Не распределено') и выберите 'Основной раздел', 'Дополнительный раздел' или 'Логический диск'. 6) Должно появиться окно мастера создания разделов или томов; следуйте его инструкциям. В окне мастера на странице 'Форматирование раздела' выберите либо 'Не форматировать этот раздел', либо 'Не форматировать этот том'. В том же окне мастера нажмите кнопку 'Далее' и затем 'Готово'. 7) Учтите, что выбранный вами в VeraCrypt путь к устройству может быть теперь неверным. Поэтому завершите работу мастера создания томов VeraCrypt (если он всё ещё выполняется) и запустите его снова. 8) Попробуйте снова зашифровать устройство/раздел в VeraCrypt.\n\nЕсли VeraCrypt по-прежнему откажется шифровать устройство/раздел, скорректируйте свои планы и создайте вместо этого файловый контейнер. - ОШИБКА: Не удалось заблокировать и/или размонтировать файловую систему. Вероятно, она используется ОС или приложениями (например, антивирусным ПО). Шифрование этого раздела может повлечь повреждение данных и нестабильность системы.\n\nЗакройте все приложения, которые могут обращаться к файловой системе (включая антивирусное ПО) и повторите попытку. Если это не поможет, следуйте указанным ниже инструкциям. - ВНИМАНИЕ: Некоторые смонтированные устройства/разделы уже используются.\n\nИгнорирование этого может привести к нежелательным последствиям, включая нестабильность системы.\n\nНастоятельно рекомендуется закрыть все программы, использующие эти устройства/разделы. - Выбранное устройство содержит разделы.\n\nФорматирование этого устройства может привести к нестабильности системы и/или повреждению данных. Либо выберите раздел на этом устройстве, либо удалите все разделы на нём, чтобы дать возможность VeraCrypt безопасно его отформатировать. - Выбранное несистемное устройство содержит разделы.\n\nЗашифрованные тома VeraCrypt на основе устройств можно создавать только на дисках, не содержащих разделов (включая жёсткие и твердотельные диски). Устройство с разделами можно зашифровать целиком на месте (с помощью одного мастер-ключа), только если это диск, где установлена Windows и с которого она загружается.\n\nЕсли вы хотите зашифровать выбранное несисемное устройство с помощью одного мастер-ключа, сначала потребуется удалить все разделы на этом устройстве, чтобы VeraCrypt смог его безопасно отформатировать (форматирование устройства с разделами может повлечь нестабильность системы и/или повреждение данных). Другой вариант -- зашифровать отдельно каждый раздел на диске (используя индивидуальные мастер-ключи).\n\nПримечание: чтобы удалить все разделы с диска GPT, его нужно преобразовать в диск MBR (например, с помощью инструмента Computer Management) для удаления скрытых разделов. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - Выбранный раздел не содержит файловой системы NTFS. Для шифрования 'на месте' подходят только разделы с NTFS.\n\nПричина: Windows не поддерживает сжатие файловых систем других типов (что требуется для высвобождения места под заголовок тома и его резервную копию). - Выбранный раздел не содержит файловой системы NTFS. Для шифрования 'на месте' подходят только разделы с NTFS.\n\nЕсли вы хотите создать зашифрованный том VeraCrypt внутри этого раздела, выберите "Создать и отформатировать зашифрованный том" (а не "Зашифровать раздел на месте"). - ОШИБКА: Раздел слишком мал. VeraCrypt не может зашифровать его 'на месте'. - Чтобы зашифровать данные на этом разделе, сделайте следующее:\n\n1) Создайте том VeraCrypt на пустом разделе/устройстве и смонтируйте его.\n\n2) Скопируйте все файлы с раздела, который вы хотите зашифровать, на смонтированный том VeraCrypt (созданный на этапе 1). Так вы создадите зашифрованную резервную копию данных.\n\n3) Создайте том VeraCrypt на разделе, который хотите зашифровать, и убедитесь (в мастере VeraCrypt), что выбрали опцию "Создать зашифрованный том и отформатировать его" (а не опцию "Зашифровать раздел на месте"). Учтите, что все данные на этом разделе будут удалены. Создав том, смонтируйте его.\n\n4) Скопируйте все файлы со смонтированного тома VeraCrypt с копией данных (созданного на этапе 1) на смонтированный том VeraCrypt, созданный на этапе 3.\n\nПо окончании этих операций данные будут зашифрованы, плюс с них будет сделана зашифрованная резервная копия. - Шифрование 'на месте' возможно только для раздела, динамического тома или всего системного диска.\n\nЕсли вы хотите создать зашифрованный том VeraCrypt на выбранном несистемном устройстве, выберите опцию "Создать зашифрованный том и отформатировать его" (а не опцию "Зашифровать раздел на месте"). - ОШИБКА: Шифрование 'на месте' возможно только для раздела, динамического тома или всего системного диска. Убедитесь в правильности указанного пути. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - На диске %s свободно %.2f байт - На диске %s свободно %.2f Кб - На диске %s свободно %.2f Мб - На диске %s свободно %.2f Гб - На диске %s свободно %.2f Тб - На диске %s свободно %.2f Пб - Невозможно получить доступные буквы дисков. - ОШИБКА: Не найден драйвер VeraCrypt.\n\nСкопируйте файлы 'veracrypt.sys' и 'veracrypt-x64.sys' в папку, где находится программа VeraCrypt (файл VeraCrypt.exe). - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Ошибка инициализации шифра. - Ошибка: слабый или потенциально слабый ключ! Этот ключ не принят. Повторите попытку. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - Критическая ошибка в системе, работа VeraCrypt будет прервана.\n\nЭта ошибка произошла не по вине VeraCrypt (поэтому разработчики VeraCrypt не могут её исправить). Проверьте свою систему на предмет возможных проблем (например, системную конфигурацию, подключение к сети, сбои аппаратуры). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - Критическая ошибка VeraCrypt - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Шифрация - &Дешифрация - Д&ешифровать перманентно - Выход - Создайте логический диск для этого расширенного раздела и повторите попытку. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Зашифрованный том VeraCrypt на основе устройства можно создавать внутри раздела жёсткого диска, на твердотельном диске, флэш-накопителе USB и других устройствах хранения данных. Разделы также можно шифровать на месте.\n\nКроме того, зашифрованные тома VeraCrypt на основе устройств можно создавать внутри устройств, не содержащих разделов (включая жёсткие диски и твердотельные накопители).\n\nПримечание: устройство, содержащее разделы, можно зашифровать целиком на месте (используя один ключ), только если с него загружается Windows. - Том VeraCrypt на основе устройства можно создавать внутри раздела жёсткого диска, на твердотельном диске, флэш-накопителе USB и других устройствах хранения данных.\n\nВНИМАНИЕ: Раздел/диск будет отформатирован, а все имеющиеся на нём данные - уничтожены. - \nВыберите размещение для создаваемого внешнего тома (внутри этого тома затем будет создан скрытый том).\n\nВнешние тома можно создавать внутри разделов жёстких дисков, на твердотельных дисках, флэш-накопителях USB и других устройствах хранения данных. Внешние тома также можно создавать внутри устройств, не содержащих разделов (включая жёсткие диски и твердотельные накопители).\n\nВНИМАНИЕ: Раздел/диск будет отформатирован, а все имеющиеся на нём данные - уничтожены. - Выберите размещение тома VeraCrypt, внутри которого вы хотите создать скрытый том. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - Ошибка! Невозможно смонтировать том. Хост-файл/устройство уже используется. Попытка монтирования без исключительного доступа также потерпела неудачу. - Невозможно открыть файл. - Размещение тома - Большие файлы - Собираетесь ли вы хранить в этом томе VeraCrypt файлы размером более 4 Гбайт? - В зависимости от вашего ответа VeraCrypt выберет для тома подходящую файловую систему (выбор файловой системы будет вам предложен на следующем этапе). - Так как вы создаёте внешний том, следует ответить 'Нет'. Иначе ФС по умолчанию будет NTFS, что для внешних томов хуже, чем FAT (так, максимально возможный размер скрытого тома будет существенно больше, если внешний том -- FAT). Обычно FAT это ФС по умолчанию как для скрытых, так и для обычных томов (тома FAT не вызывают подозрений). Однако если нужно хранить файлы размером более 4 Гбайт (что в FAT недопустимо), то FAT не будет ФС по умолчанию. - Вы действительно хотите ответить 'Да'? - Режим создания тома - Это самый быстрый способ создания тома VeraCrypt на основе раздела или устройства (шифрование на месте медленнее, так как содержимое каждого сектора сначала считывается, шифруется и затем записывается). Все данные на выбранном разделе/устройстве будут уничтожены (эти данные НЕ шифруются; они перезаписываются случайными данными). Если вам нужно зашифровать данные, имеющиеся в разделе, выберите другой вариант. - Весь выбранный раздел со всеми имеющимися в нём данными будет зашифрован на месте. Если раздел пуст, вам следует выбрать другой вариант (создание тома протекает гораздо быстрее). - Примечание: - Возо&бновить - О&тложить - &Старт - Продол&жить - &Разметить - &Затереть - Прервать форматирование? - Тўлиқрок - Больше не показывать - Содержимое раздела/устройства успешно удалено (затёрто). - Содержимое раздела с исходной системой (клоном которой является скрытая система) успешно удалено (затёрто). - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - Системный раздел/диск успешно дешифрован. - \n\nТом VeraCrypt создан и готов к использованию.\n\nЕсли вы хотите создать ещё один том VeraCrypt, нажмите кнопку 'Далее'. Иначе нажмите 'Выход'. - \n\nСкрытый том VeraCrypt успешно создан (внутри него будет находиться скрытая операционная система).\n\nНажмите 'Далее' для продолжения. - Том полностью зашифрован - Volume Fully Decrypted - ВАЖНО: ДЛЯ МОНТИРОВАНИЯ ЭТОГО ТОМА VERACRYPT И ДОСТУПА К СОДЕРЖАЩИМСЯ В НЁМ ДАННЫМ НАЖМИТЕ 'Автомонтирование' В ГЛАВНОМ ОКНЕ VERACRYPT. После ввода правильного пароля (и/или ключевых файлов) том будет смонтирован на букву диска, выбранную вами в главном окне VeraCrypt (доступ к зашифрованным данным будет по этой букве диска).\n\nЗАПОМНИТЕ ИЛИ ЗАПИШИТЕ ЭТАПЫ ВЫШЕ. ВЫ ДОЛЖНЫ ИМ СЛЕДОВАТЬ ДЛЯ МОНТИРОВАНИЯ ТОМА И ДОСТУПА К ЕГО ДАННЫМ. Другой способ: нажмите кнопку 'Устройство' в главном окне VeraCrypt, выберите этот раздел/том и нажмите 'Смонтировать'.\n\nРаздел/том успешно зашифрован (сейчас он содержит полностью зашифрованный том VeraCrypt) и готов к использованию. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - Том VeraCrypt успешно создан. - Том создан - ВАЖНО: Хаотично перемещайте мышь внутри этого окна. Чем дольше, тем лучше. Это значительно увеличит криптостойкость ключей шифрования. Затем нажмите 'Разметить', чтобы создать том. - Нажмите 'Разметить', чтобы создать внешний том. Подробности см. в документации. - Форматирование внешнего тома - Форматирование скрытого тома - Форматирование тома - Для просмотра или печати Руководства пользователя требуется программа Adobe Reader (или совместимая с ней). Adobe Reader можно загрузить (бесплатно) с сайта www.adobe.com\n\nХотите вместо этого просмотреть онлайн-документацию? - Если выбрать эту опцию, мастер сначала поможет вам создать обычный том VeraCrypt, а затем внутри него - скрытый том. Этот вариант предназначен для пользователей-новичков. - Выберите эту опцию, чтобы создать скрытый том внутри уже имеющегося тома VeraCrypt (т.е. у вас уже должен быть ранее созданный том VeraCrypt, пригодный для хранения скрытого тома). - Режим создания тома - Скрытый том создан - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - Вы запустили скрытую операционную систему. Как вы могли заметить, скрытая ОС выглядит так, как будто она установлена на том же разделе, что и исходная ОС. Однако на самом деле эта ОС установлена внутри раздела позади неё (в скрытом томе). Все операции чтения и записи прозрачно перенаправляются из системного раздела в скрытый том.\n\nНи операционная система, ни приложения не будут знать, что данные, записываемые и читаемые в системном разделе, в действительности записываются и читаются в разделе позади него (в скрытом томе). Любые такие данные шифруются и расшифровываются на лету как обычно (с ключом шифрования, отличным от используемого для обманной ОС).\n\n\nНажмите 'Далее' для продолжения. - Внешний том создан и смонтирован как диск %hc:. Скопируйте в этот внешний том какие-нибудь осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ нужно. Они понадобятся для демонстрации, если вас вынудят сообщить пароль от первого раздела позади системного, где будут расположены внешний том и скрытый том (со скрытой ОС). Вы сможете открыть пароль от этого внешнего тома, а существование скрытого тома (и скрытой ОС) останется в тайне.\n\nВАЖНО: Файлы, копируемые во внешний том, не должны занимать больше, чем %s. В противном случае на внешнем томе может оказаться недостаточно свободного места для скрытого тома (и вы не сможете продолжить). Когда закончите копирование, нажмите 'Далее' (не размонтируйте том). - Внешний том успешно создан и смонтирован как диск %hc:. В этот том сейчас следует скопировать какие-нибудь осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ нужно, чтобы ввести в заблуждение неприятеля, если он вынудит вас сообщить пароль. В этом случае вы скажете только пароль для этого внешнего тома, но не для скрытого. Действительно ценные для вас файлы будут храниться в скрытом томе, создаваемом позже. Когда закончите копировать файлы, нажмите 'Далее'. Не размонтируйте этот том. ПРИМЕЧАНИЕ: Нажатие 'Далее' запустит сканирование карты кластеров внешнего тома для выяснения размера непрерывной свободной области, конец которой станет концом тома. Этот участок будет приспособлен под скрытый том, т.е. именно им определяется его максимально возможный размер. Сканирование карты кластеров гарантирует, что никакие данные во внешнем томе не будут перезаписаны скрытым томом. - Содержимое внешнего тома - \n\nНа следующих экранах мастера установите параметры для внешнего тома (внутри которого затем будет создан скрытый том). - \n\nНа следующих этапах вы создадите так называемый внешний том VeraCrypt внутри первого раздела за системным разделом (как это было объяснено на одном из предыдущих этапов). - Внешний том - На следующих этапах потребуется установить параметры и пароль для скрытого тома, который будет содержать скрытую ОС. Примечание: для определения размера непрерывной незанятой области, окончание которой будет выровнено по концу внешнего тома, выполняется сканирование его карты кластеров. Эта область будет подогнана для скрытого тома, чтобы его границы не превышали максимально возможный размер. Максимально возможный размер скрытого тома определён и он гарантированно больше, чем у системного раздела (это необходимо, поскольку всё содержимое системного раздела должно быть скопировано в скрытый том). Т.е. никакие данные, находящиеся в данный момент во внешнем томе, не будут перезаписаны данными, записанными в область скрытого тома. - ВАЖНО: Запомните алгоритмы, которые вы сейчас выбираете. Вам потребуется выбрать те же алгоритмы для обманной ОС. В противном случае скрытая система будет недоступна! (Обманная система должна быть зашифрована тем же алгоритмом, что и скрытая.)\n\nПримечание: причина в том, что обманная и скрытая системы используют один и тот же загрузчик, поддерживающий лишь алгоритм, выбранный пользователем (для каждого алгоритма имеется своя версия загрузчика VeraCrypt). - \n\nКарта кластеров тома просмотрена, максимально возможный размер скрытого тома определён. На следующих экранах мастера вам нужно будет выбрать параметры, размер и пароль для скрытого тома. - Скрытый том - Теперь скрытый том защищён от повреждений до размонтирования внешнего тома.\n\nВНИМАНИЕ: При попытке записи данных в область скрытого тома, VeraCrypt запретит запись на весь том (внешний и скрытый) до его размонтирования, так как это может повредить файловую систему внешнего тома, что, в свою очередь, негативно отразится на правдоподобности отрицания наличия скрытого тома. Поэтому вам следует всячески препятствовать записи в область, где находится скрытый том. Любые данные, записываемые в область, занимаемую скрытым томом, будут ПОТЕРЯНЫ. Windows может сообщать об этом как об ошибке отложенной записи или неверном параметре. - Все скрытые тома в заново смонтированных томах защищены от повреждений до размонтирования.\n\nВНИМАНИЕ: При попытке записи данных в область скрытого тома, VeraCrypt запретит запись на весь том (внешний и скрытый) до его размонтирования, так как это может повредить файловую систему внешнего тома, что, в свою очередь, негативно отразится на правдоподобности отрицания наличия скрытого тома. Поэтому вам следует всячески препятствовать записи в область, где находится скрытый том. Любые данные, записываемые в область, занимаемую скрытым томом, будут ПОТЕРЯНЫ. Windows может сообщать об этом как об ошибке отложенной записи или неверном параметре. - ВНИМАНИЕ: Попытка записи данных в область скрытого тома в томе, смонтированном как %c:! Для защиты скрытого тома запись этих данных была запрещена. Это могло бы повредить файловую систему внешнего тома, Windows может сообщать об ошибке отложенной записи или неверном параметре. Запись на весь том (внешнюю и скрытую части) запрещена до его размонтирования. Если VeraCrypt не в первый раз препятствует записи в область скрытого тома в данном томе, это может неблагоприятно сказаться на правдоподобности отрицания наличия скрытого тома (из-за возможных странных несоответствий в файловой системе внешнего тома). Поэтому имеет смысл создать новый том VeraCrypt (с выключенным быстрым форматированием) и перенести файлы из этого тома во вновь созданный; этот том следует затем надёжно затереть (его внешнюю и внутреннюю части). Сейчас настоятельно рекомендуется перезагрузить операционную систему. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - В целях безопасности, когда запущена скрытая ОС, локальные незашифрованные файловые системы и не скрытые тома VeraCrypt монтируются как 'только для чтения' (т.е. в такие файловые системы или тома VeraCrypt не может быть записано никаких данных).\n\nДанные разрешается записывать лишь в файловые системы внутри скрытого тома VeraCrypt (при условии, что скрытый том расположен не в контейнере, находящемся на незашифрованной файловой системе или на любой другой файловой системе только для чтения). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Примечание: если нужно безопасно перенести файлы из обманной системы в скрытую, выполните следующее: 1) Загрузите обманную систему. 2) Сохраните нужные вам файлы на незашифрованном томе или на внешнем/обычном томе VeraCrypt. 3) Загрузите скрытую систему. 4) Если вы сохранили файлы на томе VeraCrypt, смонтируйте его (он будет автоматически смонтирован как 'только для чтения'). 5) Скопируйте файлы в скрытый системный раздел или в другой скрытый том. - Требуется перезагрузить компьютер.\n\nХотите перезагрузить его сейчас? - Ошибка получения состояния системного шифрования. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Невозможно инициализировать компоненты приложения для системного шифрования. - Ошибка инициализации генератора случайных чисел. - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Ошибка инициализации приложения. Невозможно зарегистрировать класс Dialog. - Ошибка загрузки системной библиотеки Rich Edit. - Мастер создания томов VeraCrypt - Максимальный размер скрытого тома для этого тома: %.2f байт - Максимальный размер скрытого тома для этого тома: %.2f Кб - Максимальный размер скрытого тома для этого тома: %.2f Мб - Максимальный размер скрытого тома для этого тома: %.2f Гб. - Максимальный размер скрытого тома для этого тома: %.2f Tб. - Пока том смонтирован, изменять пароль/ключевые файлы этого тома невозможно. Сначала необходимо размонтировать том. - Пока том смонтирован, изменять алгоритм деривации ключа заголовка этого тома невозможно. Сначала необходимо размонтировать том. - У&ламоқ - Для монтирования этого тома требуется более новая версия VeraCrypt. - Ошибка! Не найден мастер создания томов.\n\nПроверьте, имеется ли в папке, откуда был запущен файл 'VeraCrypt.exe', файл 'VeraCrypt Format.exe'. Если его там нет, переустановите VeraCrypt или найдите на жёстком диске файл 'VeraCrypt Format.exe' и запустите его. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Далее > - &Готово - &Установить - &Извлечь - Не удалось подключиться к драйверу устройств VeraCrypt. Если драйвер не запущен, работа VeraCrypt невозможна.\n\nИз-за особенностей Windows, для загрузки драйвера сначала может потребоваться завершение сеанса или перезагрузка системы. - Ошибка загрузки/подготовки шрифтов. - Буква диска не найдена, либо она не была указана. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Буква диска недоступна. - Не выбран файл. - Нет доступных букв дисков. - Нет незанятой буквы диска для внешнего тома. Создание тома не может быть продолжено. - Не удалось определить версию ОС, либо вы используете неподдерживаемую ОС. - Не указан путь. - Недостаточно свободного места для скрытого тома. Продолжить создание тома невозможно. - ОШИБКА: Скопированные во внешний том файлы занимают слишком много места. Из-за этого во внешнем томе недостаточно свободного места под скрытый том.\n\nОбратите внимание, что скрытый том должен быть не меньше системного раздела (т.е. раздела, где установлена работающая сейчас операционная система). Причина в том, что при создании скрытой ОС выполняется копирование в скрытый том содержимого системного раздела.\n\n\nПродолжение создания скрытой операционной системы невозможно. - Драйвер не может размонтировать том. Вероятно, на этом томе имеются открытые файлы. - Невозможно заблокировать том. На этом томе имеются открытые файлы, поэтому его нельзя размонтировать. - VeraCrypt не может заблокировать том, так как он используется системой или приложениями (возможно, открыты находящиеся на этом томе файлы).\n\nВы настаиваете на принудительном размонтировании этого тома? - Выберите том VeraCrypt - Укажите путь и имя файла - Выберите библиотеку PKCS #11 - Мало памяти - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - ВНИМАНИЕ: Файл '%s' уже существует!\n\nВАЖНО: VERACRYPT НЕ БУДЕТ ШИФРОВАТЬ ЭТОТ ФАЙЛ, ОН ЕГО УДАЛИТ.\n\nВы действительно хотите удалить этот файл и заменить его новым контейнером VeraCrypt? - ОСТОРОЖНО: ВСЕ ДАННЫЕ, КОТОРЫЕ СОДЕРЖИТ %s '%s'%s, БУДУТ УНИЧТОЖЕНЫ (А НЕ ЗАШИФРОВАНЫ)!\n\nВы настаиваете на форматировании? - ВНИМАНИЕ: Монтирование тома и доступ к хранящимся на нём файлам невозможны, пока том не будет полностью зашифрован.\n\nВы действительно хотите приступить к шифрованию %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - ВНИМАНИЕ: Учтите, что неожиданное пропадание электропитания во время шифрования имеющихся данных 'на месте' или сбой операционной системы из-за программной/аппаратной ошибки может привести к частичному повреждению или потере данных. Поэтому прежде чем приступить к шифрованию, сделайте резервную копию файлов, которые вы хотите зашифровать.\n\nВы сделали такую резервную копию? - ОСТОРОЖНО: ВСЕ ФАЙЛЫ НА РАЗДЕЛЕ '%s'%s (Т.Е. НА ПЕРВОМ РАЗДЕЛЕ ЗА СИСТЕМНЫМ) БУДУТ УНИЧТОЖЕНЫ (ОНИ НЕ БУДУТ ЗАШИФРОВАНЫ)!\n\nВы действительно настаиваете на форматировании? - ВНИМАНИЕ: ВЫБРАННЫЙ РАЗДЕЛ СОДЕРЖИТ БОЛЬШОЙ ОБЪЁМ ДАННЫХ! Все файлы на этом разделе будут удалены (они НЕ будут зашифрованы)! - Стереть файлы на разделе при создании тома VeraCrypt внутри него - Пароль - PIM - Алгоритм деривации ключа заголовка - Добавление/удаление ключевых файлов в/из том(а) - Удаление всех ключевых файлов из тома - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - ВАЖНО: Если вы не уничтожили свой диск восстановления VeraCrypt (Rescue Disk), ваш системный раздел/диск по-прежнему можно расшифровать с помощью старого пароля (загрузившись с диска восстановления VeraCrypt и введя старый пароль). Вам следует создать новый диск восстановления VeraCrypt, после чего уничтожить старый.\n\nХотите создать новый диск восстановления VeraCrypt? - Обратите внимание, что ваш диск восстановления VeraCrypt (Rescue Disk) всё ещё использует прежний алгоритм. Если вы считаете этот алгоритм недостаточно надёжным, создайте новый диск восстановления VeraCrypt, после чего уничтожьте старый.\n\nХотите создать новый диск восстановления VeraCrypt? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Ключевые файлы успешно добавлены/удалены. - Ключевой файл экспортирован. - Алгоритм деривации ключа заголовка успешно установлен. - Введите пароль и/или ключевые файлы для несистемного тома, где вы хотите возобновить шифрование 'на месте'.\n\n\nПримечание: после нажатия 'Далее' VeraCrypt попытается найти все несистемные тома, на которых был прерван процесс шифрования, и где можно расшифровать заголовок тома VeraCrypt с помощью указанного пароля и/или ключевых файлов. Если таких томов окажется несколько, на следующем этапе вам будет нужно выбрать один из них. - Выберите один из перечисленных томов. Это несистемные тома с прерванным процессом шифрования, заголовок которых удалось расшифровать с помощью указанного пароля и/или ключевых файлов. - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - Очень важно выбрать хороший пароль. Избегайте указывать пароли из одного или нескольких слов, которые можно найти в словаре (или комбинаций из 2, 3 или 4 таких слов). Пароль не должен содержать имён или дат рождения. Он должен быть труден для угадывания. Хороший пароль -- случайная комбинация прописных и строчных букв, цифр и особых символов (@ ^ = $ * + и т.д.).\n\nРекомендуем выбирать пароли, состоящие более чем из 20 знаков (чем длиннее, тем лучше). Макс. длина -- 64 символа. - Выберите пароль для скрытого тома. - Выберите пароль для скрытой операционной системы (т.е. для скрытого тома). - ВАЖНО: Выбираемый на этом этапе пароль для скрытой операционной системы должен существенно отличаться от двух других паролей (т.е. от паролей для внешнего тома и для обманной операционной системы). - Введите пароль для тома, внутри которого вы хотите создать скрытый том.\n\nПосле нажатия 'Далее' VeraCrypt попытается смонтировать том, после чего просмотреть карту кластеров смонтированного тома в поиске непрерывной свободной области, в конце которой окажется конец тома. В этой области размещается скрытый том, т.е. она определяет его предельный размер. Просмотр карты нужен для гарантии того, что данные во внешнем томе не будут перезаписаны внутренним томом. - \nВыберите пароль для внешнего тома. Это пароль, который вы сможете выдать противнику, если он вынудит вас это сделать.\n\nВАЖНО: Пароль должен существенно отличаться от того, который вы выберете для скрытого тома.\n\nПримечание: максимальная длина пароля - 64 символа. - Выберите пароль для внешнего тома. Это пароль, который вы сможете выдать каждому, кто вынудит вас сообщить пароль для первого раздела за системным, где будут располагаться внешний том и скрытый том (содержащий скрытую операционную систему). Существование скрытого тома (и скрытой ОС) останется в тайне. Учтите, что это пароль НЕ для обманной операционной системы.\n\nВАЖНО: Пароль должен существенно отличаться от того, который вы выберете для скрытого тома (т.е. для скрытой операционной системы). - Пароль внешнего тома - Пароль скрытого тома - Пароль для скрытой ОС - ВНИМАНИЕ: Короткие пароли легко взломать с помощью техник перебора.\n\nРекомендуется применять пароли из более чем 20 знаков.\n\nВы действительно хотите использовать короткий пароль? - Пароль тома - Неверный пароль, либо это не том VeraCrypt. - Неверные ключевые файлы и/или пароль, либо это не том VeraCrypt. - Неверный режим монтирования, неправильный пароль, либо это не том VeraCrypt. - Неверный режим монтирования, неправильные ключевые файлы и/или пароль, либо это не том VeraCrypt. - Неверный пароль, либо не найден том VeraCrypt. - Неверные ключевые файлы/пароль, либо не найден том VeraCrypt. - \n\nВнимание! Нажата клавиша Caps Lock. Это может привести к неправильному вводу пароля. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - Не найдено ни одного несистемного тома с прерванной операцией шифрования и заголовком, для которого подходит указанный пароль и/или ключевые файлы.\n\nПроверьте, правильно ли указан пароль и/или ключевые файлы, и не используется ли раздел/том системой или приложениями (включая антивирусное ПО). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nПримечание: если вы пытаетесь смонтировать раздел, расположенный на зашифрованном системном диске без предзагрузочной авторизации, или смонтировать зашифрованный системный раздел операционной системы, не выполняемой в данный момент, выберите 'Система' > 'Смонтировать без предзагрузочной авторизации'. - В этом режиме вы не можете монтировать раздел, расположенный на диске, часть которого находится в ключевых пределах шифрования активной системы.\n\nПрежде чем вы сможете смонтировать этот раздел в данном режиме, нужно либо загрузить операционную систему, установленную на другом диске (зашифрованном или нет), либо загрузить незашифрованную ОС. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Назад - Невозможно показать список установленных в системе raw-устройств. - Том '%s' существует и предназначен только для чтения. Вы действительно хотите его заменить? - Выберите папку назначения - Выберите ключевой файл - Выберите путь поиска ключевых файлов. ВНИМАНИЕ: Запоминается только путь, но не имена файлов. - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Авторы: Ross Anderson, Eli Biham и Lars Knudsen. Опубликован в 1998 г. 256-бит ключ, 128-бит блок. Режим работы -- XTS. Алгоритм Serpent -- один из финалистов AES. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Размер внешнего тома - Размер скрытого тома - Проверьте правильность размера выбранного устройства или раздела и нажмите 'Далее'. - Внешний том и скрытый том (содержащий скрытую ОС) будут расположены внутри этого раздела. Это должен быть первый раздел за системным.\n\nПроверьте правильность показанных выше размера и номера раздела, и если всё верно, то нажмите 'Далее'. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Размер тома - Динами- ческий - Внимание! ОШИБКА теста. - Тест всех алгоритмов пройден - Указанное вами число единиц данных слишком длинное или короткое. - Указанный вами вторичный ключ слишком длинный или короткий. - Неверная длина тестового зашифрованного текста. - Неверная длина тестового ключа. - Неверная длина тестового незашифрованного текста. - Два шифра, последовательно оперирующие в режиме XTS. Каждый блок сначала шифруется %s (%d-бит ключ), а затем %s (%d-бит ключ). Каждый шифр применяет свой собственный ключ. Все ключи взаимно независимы. - Три шифра, последовательно оперирующие в режиме XTS. Каждый блок сначала шифруется %s (%d-бит ключ), затем %s (%d-бит ключ), и, наконец, %s (%d-бит ключ). Каждый шифр применяет свой собственный ключ. Все ключи взаимно независимы. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - Переносной диск VeraCrypt - Авторы: Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall и Niels Ferguson. Опубликован в 1998 г. 256-бит ключ, 128-бит блок. Режим работы -- XTS. Twofish -- один из финалистов AES. - Тўлиқрок о %s - Неизвестно - An unspecified or unknown error occurred (%d). - Некоторые тома содержат файлы или папки, используемые приложениями или системой.\n\nНастаиваете на размонтировании? - Раз&монтировать - Ошибка размонтирования. - Том содержит файлы или папки, используемые приложениями или системой.\n\nНастаиваете на размонтировании? - No volume is mounted to the specified drive letter. - Этот том уже смонтирован. - Ошибка при попытке монтирования тома. - Ошибка поиска местоположения внутри тома. - Ошибка: неверный размер тома. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt не может изменить пароль для чуждого ему тома. - Выберите из списка незанятую букву диска. - Выберите в списке букв дисков смонтированный том. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Ошибка! Невозможно создать autorun.inf - Ошибка обработки ключевого файла. - Ошибка обработки пути ключевого файла. - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt не работает в этой операционной системе. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Ошибка! Невозможно распределить память. - Ошибка! Невозможно восстановить значение счётчика производительности. - Ошибка! Плохой формат тома. - Ошибка! Вы указали пароль для скрытого тома (а не для обычного тома). - В целях безопасности, скрытый том нельзя создать внутри тома VeraCrypt, содержащего файловую систему, зашифрованную 'на месте' (поскольку свободное место такого тома не было заполнено случайными данными). - VeraCrypt - Юридические примечания - Все файлы - Тома VeraCrypt - Библиотечные модули - Продолжение NTFS-форматирования невозможно. - Невозможно смонтировать том. - Невозможно размонтировать том. - Windows не может отформатировать этот том как NTFS.\n\nВыберите другой тип файловой системы (если возможно) и повторите попытку. Либо вы можете оставить этот том неформатированным (в поле выбора файловой системы укажите 'Нет'), закрыть окно мастера, смонтировать том, а затем с помощью системной или сторонней утилиты отформатировать смонтированный том (том при этом останется зашифрованным). - Windows не может отформатировать этот том как NTFS.\n\nХотите вместо этого отформатировать том как FAT? - По умолчанию - раздел - РАЗДЕЛ - Устройство - устройство - УСТРОЙСТВО - Том - том - ТОМ - Label - Для этого тома выбран слишком маленький размер кластеров. Будут использованы кластеры большего размера. - Ошибка! Невозможно получить размер тома.\n\nПроверьте, не используется ли выбранный том системой или какой-либо программой. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - Мастер создания томов VeraCrypt способен создавать скрытый том только внутри тома FAT или NTFS. - В среде Windows 2000 мастер создания томов VeraCrypt способен создавать скрытый том только внутри тома FAT. - Примечание: для внешних томов больше подходит система FAT, нежели NTFS (например, максимальный размер скрытого тома почти наверняка будет существенно больше, если внешний том отформатирован как FAT). - Обратите внимание, что для внешних томов больше подходит система FAT, нежели NTFS. Например, максимальный размер скрытого тома почти наверняка будет существенно больше, если внешний том отформатирован как FAT (поскольку NTFS всегда хранит внутренние данные точно в центре тома и потому скрытый том может располагаться только во второй половине внешнего тома).\n\nВы действительно хотите отформатировать внешний том как NTFS? - Хотите вместо этого отформатировать том как FAT? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Ошибка! Раздел для скрытой операционной системы (т.е. для первого раздела за системным) должен быть по крайней мере на 5% больше системного раздела (системный раздел -- тот, где установлена выполняющаяся сейчас ОС). - Ошибка! Раздел для скрытой операционной системы (т.е. для первого раздела за системным) должен быть по крайней мере на 110% (в 2,1 раза) больше системного раздела (системный раздел -- тот, где установлена выполняющаяся сейчас ОС). Причина в том, что файловая система NTFS всегда хранит внутренние данные точно в центре тома, и потому скрытый том (в котором должен содержаться клон системного раздела) может располагаться только во второй половине внешнего тома. - Ошибка! Если внешний том отформатирован как NTFS, он должен быть по крайней мере на 110% (в 2,1 раза) больше системного раздела. Причина в том, что файловая система NTFS всегда хранит внутренние данные точно в центре тома, и потому скрытый том (в котором должен содержаться клон системного раздела) может располагаться только во второй половине внешнего тома.\n\nПримечание: внешний том должен находиться в том же разделе, что и скрытая операционная система (т.е. в первом разделе за системным). - Ошибка! Нет разделов за системным разделом.\n\nПрежде чем можно будет создать скрытую операционную систему, нужно создать для неё раздел на системном диске. Этот раздел должен быть первым за системным, и он должен быть по крайней мере на 5% больше системного раздела (т.е. того, где установлена запущенная сейчас ОС). Однако если внешний том (не путайте с системным разделом) отформатирован как NTFS, раздел для скрытой операционной системы должен быть не менее, чем на 110% (в 2,1 раза) больше системного (причина в том, что файловая система NTFS всегда хранит внутренние данные точно в центре тома, поэтому скрытый том, который должен содержать клон системного раздела, может располагаться только во второй половине раздела). - Замечание: непрактично (и потому это не поддерживается) устанавливать операционные системы в два тома VeraCrypt, встроенных в один раздел, поскольку при использовании внешней ОС часто требуется записывать данные в область внутренней ОС (а если такие операции записи предотвращать с помощью функции защиты скрытых томов, то это может привести к краху системы, т.е. к 'синему экрану смерти'). - Информацию о создании и управлении разделами см. в документации к вашей операционной системе, либо проконсультируйтесь в службе техподдержки поставщика своего компьютера. - Ошибка! Выполняющаяся в данный момент операционная система установлена не в загрузочном разделе (первом разделе с пометкой 'Активный'). Это не поддерживается. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Ошибка! Нет доступа к тому.\n\nПроверьте, существует ли этот том, не смонтирован ли он, не используется ли системой или какой-либо программой, которой вы дали права чтения/записи этого тома, и не защищён ли он от записи. - Error: Cannot obtain volume properties. - Ошибка! Нет доступа к тому и/или невозможно получить сведения о томе.\n\nПроверьте, существует ли выбранный том, не используется ли он системой или приложениями, есть ли у вас права для чтения/записи этого тома, и не защищён ли том от записи. - Ошибка! Нет доступа к тому и/или невозможно получить сведения о томе. Проверьте, существует ли выбранный том, не используется ли он системой или приложениями, есть ли у вас права для чтения/записи этого тома, и не защищён ли том от записи.\n\nЕсли проблема не решается, попробуйте предпринять шаги, указанные ниже. - Зашифровать раздел не удалось из-за ошибки. Попробуйте устранить все ранее указанные проблемы и повторить попытку. Если проблемы не решаются, попробуйте предпринять шаги, указанные ниже. - Продолжить процесс шифровния раздела не удалось из-за ошибки.\n\nПопробуйте устранить все ранее указанные проблемы и снова возобновить процесс шифрования. Учтите, что том нельзя смонтировать до тех пор, пока он не будет полностью зашифрован. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Ошибка! Невозможно размонтировать внешний том.\n\nТом нельзя размонтировать, если он содержит файлы или папки, используемые какой-либо программой или системой.\n\nЗакройте все программы, которые могут использовать файлы и папки на этом томе, и нажмите 'Повтор'. - Ошибка! Невозможно получить информацию о внешнем томе. Создание тома прекращено. - Ошибка! Нет доступа к внешнему тому. Продолжение создания тома невозможно. - Ошибка! Невозможно смонтировать внешний том. Создание тома не может быть продолжено. - Ошибка! Невозможно получить карту кластеров тома. Создание тома не может быть продолжено. - По алфавиту/категориям - Средняя скорость (убывание) - Алгоритм - Шифрование - Дешифрование - Среднее - Диск - Размер - Шифрлаш алгоритми - Шифрлаш алгоритми - Тури - Значение - Свойство - Размещение - байт - Скрытый - Внешний - Обычный - Системный - Скрытый (системный) - Только для чтения - Системный диск - Системный диск (шифрование - %.2f%% готово) - Системный диск (дешифрование - %.2f%% готово) - Системный диск (%.2f%% зашифровано) - Системный раздел - Скрытый системный раздел - Системный раздел (шифрование - %.2f%% готово) - Системный раздел (дешифрование - %.2f%% готово) - Системный раздел (%.2f%% зашифровано) - Да (защита от повреждений!) - Нет - Длина первичного ключа - Длина вторичного ключа (XTS-режим) - Длина Tweak-ключа (LRW-режим) - бит - Размер блока - PKCS-5 PRF - Число итераций PKCS-5 - Том создан - Последнее изменение заголовка - (прошло дней: %I64d) - Версия формата тома - Встроенная копия заголовка - VeraCrypt Boot Loader Version - 1-ая доступная - Сменный диск - Жёсткий диск - Не изменять - Autodetection - Режим мастера - Выберите режим. Если не знаете, какой выбрать, используйте предложенный. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Параметры установки - Здесь можно выбрать различные параметры, влияющие на установку программы. - Установка - Подождите, идёт установка VeraCrypt. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Параметры извлечения - Здесь можно выбрать различные параметры, влияющие на извлечение файлов. - Подождите, идёт извлечение файлов. - Files successfully extracted - Все файлы успешно извлечены в указанное место назначения. - Если указанной папки не существует, она будет создана автоматически. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Показать примечания к текущей (последней стабильной) версии VeraCrypt? - Если вы никогда ранее не работали с VeraCrypt, рекомендуется ознакомиться с разделом для новичков в Руководстве пользователя VeraCrypt. Хотите прочитать документацию? - Выберите желаемое действие: - Восстановить/переустановить - Upgrade - Удалить - Для установки/удаления VeraCrypt необходимо иметь права Администратора. Хотите продолжить? - В этой системе сейчас запущен инсталлятор VeraCrypt. Он выполняет/готовит установку или обновление VeraCrypt. Дождитесь завершения его работы или закройте его. Если закрыть инсталлятор не получается, перезагрузите компьютер и лишь потом продолжите. - Установка не выполнена. - Удаление не выполнено. - Этот дистрибутивный пакет повреждён. Загрузите его снова (желательно с официального сайта VeraCrypt - https://veracrypt.codeplex.com). - Невозможно записать файл %s - Извлечение - Невозможно прочитать данные из дистрибутива. - Невозможно проверить целостность этого дистрибутивного пакета. - Извлечение не выполнено. - Установка возвращена назад. - Программа VeraCrypt успешно установлена. - Программа VeraCrypt успешно обновлена. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - Программа VeraCrypt успешно удалена.\n\nНажмите 'Готово', чтобы удалить инсталлятор VeraCrypt и папку %s. Папка не будет удалена, если в ней содержатся какие-либо файлы, созданные не инсталлятором и не самой программой VeraCrypt. - Удаление записей VeraCrypt в реестре - Добавление элемента в реестр - Удаление относящихся к программе данных - Установка - Остановка - Удаление - Добавление значка - Создание точки восстановления системы - Ошибка создания точки восстановления системы. - Обновление загрузчика - Установка '%s' не выполнена. %s Продолжить установку? - Удаление '%s' не выполнено. %s Продолжить удаление? - Установка завершена. - Не удалось создать папку '%s' - Невозможно выгрузить драйвер VeraCrypt.\n\nСначала закройте все открытые окна VeraCrypt. Если это не поможет, перезагрузите Windows и попробуйте ещё раз. - Прежде чем продолжить установку или удаление VeraCrypt, нужно размонтировать все VeraCrypt-тома. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - Ошибка установки элементов в реестре - Ошибка установки драйвера устройства. Перезагрузите Windows и попробуйте установить VeraCrypt ещё раз. - Запуск драйвера VeraCrypt - Ошибка удаления драйвера устройств. Обратите внимание, что из-за особенностей Windows для удаления (или переустановки) драйвера может потребоваться завершить сеанс работы или перезагрузить систему. - Установка драйвера VeraCrypt - Остановка драйвера VeraCrypt - Удаление драйвера VeraCrypt - Ошибка регистрации библиотеки поддержки управления учётными записями пользователей (User Account Control). - Ошибка отмены регистрации библиотеки поддержки управления учётными записями пользователей (User Account Control). - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - ВНИМАНИЕ: Эта копия мастера создания томов имеет административные привилегии.\n\nНовый том может быть создан с правами, которые не позволят вам записывать в него данные, когда он будет смонтирован. Если вы хотите этого избежать, закройте эту копию мастера создания томов и запустите другую, без административных привилегий.\n\nХотите закрыть эту копию мастера создания томов? - Ошибка вывода лицензии. - Внешний(!) - дн. - час - мин - c - Открыть - Размонтировать - Показать VeraCrypt - Скрыть VeraCrypt - Считано данных после монтирования - Записано данных после монтирования - Зашифрованная часть - 100% (полностью зашифровано) - 0% (не зашифровано) - %.3f%% - 100% - Ожидание - Подготовка - Изменение размера - Шифрация - Дешифрация - Завершение - Пауза - Завершено - Ошибка - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Введите пароль для %s - Enter password for '%s' - Введите пароль для обычного/внешнего тома - Введите пароль для скрытого тома - Введите пароль для заголовка в файле резервной копии - Ключевой файл успешно создан. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - ВНИМАНИЕ: Заголовок этого тома повреждён! VeraCrypt автоматически задействовал резервную копию заголовка, встроенную в том.\n\nВам следует исправить заголовок, выбрав 'Сервис' > 'Восстановить заголовок тома'. - Резервная копия заголовка тома успешно создана.\n\nВАЖНО: При восстановлении заголовка из этой резервной копии также будет восстановлен и текущий пароль тома. Более того, если для монтирования тома требуются ключевые файлы, после восстановления заголовка из копии для монтирования тома понадобятся те же ключевые файлы.\n\nВНИМАНИЕ: Эту копию заголовка тома можно использовать для восстановления заголовка ТОЛЬКО этого конкретного тома. Если применить эту копию для восстановления заголовка другого тома, смонтировать том вы сможете, но вам НЕ удастся расшифровать никаких данных, хранящихся в этом томе (так как это изменит его мастер-ключ). - Заголовок тома успешно восстановлен.\n\nВАЖНО: Имейте в виду, что вместе с заголовком также был восстановлен и прежний пароль. Более того, если на момент создания резервной копии для монтирования тома также требовались ключевые файлы, эти же ключевые файлы понадобятся для монтирования данного тома сейчас. - В целях безопасности вам будет нужно ввести для этого тома правильный пароль (и/или предоставить корректные ключевые файлы).\n\nПримечание: если в этом томе содержится скрытый том, сначала нужно ввести правильный пароль (и/или предоставить корректные ключевые файлы) для внешнего тома. Затем, если вы выбрали резервное копирование заголовка скрытого тома, нужно будет указать правильный пароль (и/или предоставить корректные ключевые файлы) для скрытого тома. - Вы действительно хотите создать резервную копию заголовка тома для %s?\n\nПри выборе 'Да' вам потребуется указать имя файла для резервной копии заголовка.\n\nПримечание: оба заголовка -- для обычного и скрытого томов -- будут повторно зашифрованы с использованием новой 'соли' и сохранены в файле резервной копии. Если внутри этого тома нет скрытого тома, область, зарезервированная в резервной копии под заголовок скрытого тома, будет заполнена случайными данными (для сохранения возможности правдоподобного отрицания). При восстановлении заголовка тома из файла резервной копии вам потребуется ввести правильный пароль и/или предоставить корректные ключевые файлы, действительные на момент создания резервной копии заголовка тома. По паролю (и/или ключевым файлам) также будет автоматически определяться тип заголовка тома для восстановления -- обычный или скрытый (учтите, что VeraCrypt определяет тип методом проб и ошибок). - Вы действительно хотите восстановить заголовок тома %s?\n\nВНИМАНИЕ: При восстановлении заголовка также будет восстановлен пароль тома, который действовал на момент изготовления резервной копии. Более того, если на момент создания резервной копии для монтирования тома также требовались ключевые файлы, после восстановления заголовка для монтирования данного тома понадобятся эти же ключевые файлы.\n\nНажмите 'Да', чтобы выбрать файл с резервной копией заголовка. - Имеется ли в томе скрытый том? - В томе имеется скрытый том - В томе нет скрытого тома - Выберите нужный вам тип резервной копии заголовка тома: - Восстановить заголовок тома из копии, встроенной в том - Восстановить заголовок тома из внешнего файла резервной копии - Неверный размер файла с резервной копией заголовка тома. - В этом томе нет встроенной копии заголовка (учтите, что встроенные копии заголовков содержат только тома, созданные VeraCrypt 6.0 или новее). - Вы пытаетесь сделать резервную копию заголовка системного раздела/диска. Это не разрешено. Операции резервного копирования/восстановления, относящиеся к системному разделу/диску, можно выполнять только с помощью диска восстановления VeraCrypt (Rescue Disk).\n\nСоздать диск восстановления VeraCrypt? - Вы пытаетесь восстановить из резервной копии заголовок виртуального тома VeraCrypt, но выбрали системный раздел/диск. Это не разрешено. Операции резервного копирования/восстановления, относящиеся к системному разделу/диску, можно выполнять только с помощью диска восстановления VeraCrypt (Rescue Disk).\n\nСоздать диск восстановления VeraCrypt? - После нажатия OK выберите имя файла для ISO-образа нового диска восстановления VeraCrypt (Rescue Disk) и место, где его нужно сохранить. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Чтобы проверить диск восстановления VeraCrypt, вставьте его в CD/DVD-накопитель и нажмите OK. - Диск восстановления VeraCrypt успешно прошёл проверку. - Невозможно проверить правильность записи диска восстановления.\n\nЕсли вы записали диск восстановления, выньте CD/DVD из накопителя и вставьте снова; затем нажмите 'Далее', чтобы повторить попытку. Если это не поможет, попробуйте воспользоваться другим ПО для записи CD/DVD и/или другим CD/DVD.\n\nЕсли вы пытались проверить диск восстановления VeraCrypt, созданный с другим мастер-ключом, паролем, 'солью' и т.д., знайте, что такой диск восстановления не пройдёт эту проверку никогда. Чтобы создать новый диск восстановления, полностью совместимый с текущей конфигурацией, выберите меню 'Система' > 'Создать диск восстановления'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Ошибка создания диска аварийного восстановления VeraCrypt. - Диск восстановления VeraCrypt нельзя создавать при запущенной скрытой операционной системе.\n\nЧтобы создать диск восстановления, загрузите обманную операционную систему, а затем выберите 'Система' > 'Создать диск восстановления'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Прежде чем продолжить, размонтируйте том. - ОШИБКА: Невозможно установить таймер. - Проверка файловой системы - Ремонт файловой системы - Add to Favorites... - Add to System Favorites... - P&roperties... - Скрытый том защищён - Н/П - Да - Нет - Disabled - 1 - 2 и более - Режим операции - Метка: - Размер: - Путь: - Буква диска: - Ошибка! Пароль должен содержать только символы стандартного набора ASCII.\n\nСимволы не из набора ASCII могут привести к невозможности монтирования тома при смене настроек в конфигурации системы.\n\nРазрешается использовать следующие символы:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Внимание! Пароль содержит не-ASCII символы. Это может привести к невозможности монтирования тома при смене конфигурации системы.\n\nВам следует заменить все не-ASCII символы в пароле на символы ASCII. Для этого щёлкните на меню 'Тома' -> 'Изменить пароль тома'.\n\nК символам ASCII относятся:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Домашняя страница - ВНИМАНИЕ: В системе не установлено ни одного пакета обновлений (Service Pack) Windows. Если в Windows XP не установлен Service Pack 1 (или новее), не следует выполнять запись на диски IDE объёмом более 128 Гб, иначе возможно повреждение данных (неважно, относятся они к тому VeraCrypt или нет). Это ограничение Windows, а не ошибка в VeraCrypt. - ВНИМАНИЕ: В системе не установлен пакет обновлений Windows Service Pack 3 (или новее). Если в Windows 2000 не установлен Service Pack 3 (или новее), не следует выполнять запись на диски IDE объёмом более 128 Гб, иначе возможно повреждение данных (неважно, относятся они к тому VeraCrypt или нет). Это ограничение Windows, а не ошибка в VeraCrypt. Кроме того, может потребоваться включить в реестре поддержку 48-бит адресации LBA; подробности см. на http://support.microsoft.com/kb/305098/EN-US - ВНИМАНИЕ: В вашей системе отключена поддержка 48-бит LBA ATAPI. Поэтому вам не следует выполнять запись на IDE-диски объёмом более 128 Гбайт! В противном случае это может привести к повреждению данных на диске (будь это том VeraCrypt или обычный раздел). Это ограничение Windows, никакого отношения к VeraCrypt не имеющее.\n\nЧтобы включить поддержку 48-бит режима LBA, добавьте в реестр в ключ HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters значение 'EnableBigLba' и установите его значение в 1.\n\nСм. подробности тут: http://support.microsoft.com/kb/305098 - ОШИБКА: Файлы объёмом более 4 Гб нельзя сохранять в файловой системе FAT32. Поэтому тома VeraCrypt на основе файлов (контейнеры), хранящиеся в файловой системе FAT32, не могут быть больше 4 Гб.\n\nЕсли вам нужен том большего объёма, создайте его в системе NTFS (либо, если вы пользуетесь Windows Vista SP1 или новее, в файловой системе exFAT), либо вместо создания тома на основе файла зашифруйте весь раздел диска. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - ВНИМАНИЕ: Если вам нужно впоследствии добавлять во внешний том ещё данные/файлы, следует позаботиться об уменьшении размера скрытого тома.\n\nВы хотите продолжить и использовать указанный вами размер? - Не выбран том.\n\nНажмите кнопку 'Устройство' или 'Файл' и выберите том VeraCrypt. - Не выбран раздел.\n\nНажмите кнопку 'Устройство' и выберите не смонтированный раздел, который требует предзагрузочную авторизацию (например, раздел на зашифрованном системном диске с другой, не выполняемой сейчас ОС, или зашифрованный системный раздел другой ОС).\n\nПримечание: выбранный раздел будет смонтирован как обычный том VeraCrypt без предзагрузочной авторизации. Это может пригодиться, например, для операций резервного копирования или починки. - ВНИМАНИЕ: Если установлены и активированы ключевые файлы по умолчанию, монтировать НЕ использующие их тома будет невозможно. При монтировании таких томов не забывайте выключать опцию 'Ключевые файлы' (ниже поля ввода пароля).\n\nВы действительно хотите сохранить выбранные ключевые файлы/пути как используемые по умолчанию? - Автомонтирование устройств - Размонтировать все - Очистка кэша - Dismount All & Wipe Cache - Размонтировать все и очистить кэш - Размонтировать все, очистить кэш и выйти - Смонтировать избранные тома - Показать/скрыть главное окно VeraCrypt - (щёлкните здесь и нажмите клавишу) - Действие - Быстрый вызов - Ошибка! Эта горячая клавиша зарезервирована. Выберите другую. - Ошибка! Эта горячая клавиша уже используется. - ВНИМАНИЕ: Некоторые общесистемные горячие клавиши VeraCrypt не будут работать!\n\nПроверьте, не используются ли те же клавиши другими приложениями или операционной системой. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - Из-за ошибки или несовместимости VeraCrypt не может зашифровать файл спящего режима (hibernation). Поэтому спящий режим отключён.\n\nПримечание: когда компьютер переходит в режим сна (или в энергосберегающий ждущий режим), содержимое его системной памяти записывается на жёсткий диск в файл с данными спящего режима. VeraCrypt не может предотвратить сохранение открытых в ОЗУ ключей шифрования и содержимого важных файлов в незашифрованном виде в файле с данными спящего режима. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - ВНИМАНИЕ: Если выключить этот параметр, станет невозможно автоматически размонтировать тома, содержащие открытые файлы/папки.\n\nВы действительно хотите выключить этот параметр? - ВНИМАНИЕ: Тома с открытыми файлами/папками НЕ будут автоматически размонтироваться.\n\nЧтобы избежать такого эффекта, включите в этом окне следующий параметр: 'Авторазмонтировать тома даже при открытых файлах/папках' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - Вы запланировали шифрование раздела/тома. Этот процесс пока ещё не завершён.\n\nХотите возобновить процесс сейчас? - Вы запланировали шифрование или дешифрование системного раздела/диска. Этот процесс пока ещё не завершён.\n\nХотите начать (продолжить) процесс сейчас? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Вы запланировали шифрование или дешифрование системного раздела/диска. Однако не пройдена (или была пропущена) предзагрузочная авторизация.\n\nПримечание: при дешифровании системного раздела/диска в предзагрузочном окружении может потребоваться финализация процесса путём выбора команды 'Система' > 'Перманентно расшифровать системный раздел/диск' в меню главного окна VeraCrypt. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Выход? - VeraCrypt не обладает достаточной информацией, чтобы определить, шифрование выполнять или дешифрование. - VeraCrypt не обладает достаточной информацией, чтобы определить, шифрование выполнять или дешифрование.\n\nПримечание: при дешифровании системного раздела/диска в предзагрузочном окружении может потребоваться финализировать процесс, нажав Decrypt. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Вы хотите прервать процесс шифрования раздела/тома, отложив его на будущее?\n\nПримечание: помните, что пока том не будет полностью зашифрован, его нельзя смонтировать. Позже процесс шифрования можно будет возобновить с той точки, где он был остановлен. Это можно сделать, например, выбрав команду 'Тома' > 'Продолжить прерванный процесс' в меню главного окна VeraCrypt. - Хотите прервать и отложить процесс шифрования системного раздела/диска?\n\nПримечание: позже процесс можно будет возобновить с той точки, где он был остановлен. Это можно сделать, например, выбрав в главном окне VeraCrypt меню 'Система' > 'Продолжить прерванный процесс'. Если вы хотите окончательно прервать процесс или совсем отказаться от шифрования, выберите 'Система' > 'Перманентно дешифровать системный раздел/диск'. - Хотите прервать и отложить процесс дешифрования системного раздела/диска?\n\nПримечание: позже процесс можно будет возобновить с той точки, где он был остановлен. Это можно сделать, например, выбрав в главном окне VeraCrypt меню 'Система' > 'Продолжить прерванный процесс'. Если вы хотите отказаться от дешифрования (и начать шифрование), выберите 'Система' > 'Зашифровать системный раздел/диск'. - Ошибка! Не удалось прервать шифрование/дешифрование системного раздела/диска. - Ошибка! Невозможно прервать процесс очистки (затирания данных). - Ошибка! Не удалось возобновить прерванное шифрование/дешифрование системного раздела/диска. - Ошибка! Невозможно начать процесс очистки (затирания данных). - Несоответствие устранено.\n\n\n(Если вы сообщаете нам о связанной с этим ошибке, включите в свой отчёт следующую техническую информацию: %hs) - Ошибка! Неизвестное состояние.\n\n\n(Если вы сообщаете нам о связанной с этим ошибке, включите в свой отчёт следующую техническую информацию: %hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - ВНИМАНИЕ: Фоновый процесс VeraCrypt отключён. При выходе из VeraCrypt вы не будете извещены о предотвращении повреждения скрытого тома.\n\nПримечание: фоновый процесс можно закрыть в любой момент, щёлкнув правой кнопкой мыши на значке VeraCrypt в системном лотке и выбрав 'Выход'.\n\nВключить фоновый процесс VeraCrypt? - Версия языкового модуля: %s - Проверка файловой системы тома VeraCrypt, смонтированного как %s... - Попытка починить файловую систему тома VeraCrypt, смонтированного как %s... - ВНИМАНИЕ: Этот том зашифрован с использованием устаревшего алгоритма.\n\nВсе алгоритмы шифрования с 64-бит блоками (например, Blowfish, CAST-128, Triple DES) вышли из употребления. В последующих версиях VeraCrypt монтирование этого тома будет возможно, однако никаких улучшений в реализации этих устаревших алгоритмов шифрования не предвидится. Рекомендуем вам создать новый том VeraCrypt с шифрованием по алгоритму со 128-бит блоками (например, AES, Serpent, Twofish и др.) и перенести все файлы из этого тома в новый. - Ваша система не настроена на автомонтирование новых томов. Монтирование томов VeraCrypt на основе устройств может оказаться невозможным. Чтобы включить автомонтирование, выполните следующую команду и перезагрузите систему:\n\nmountvol.exe /E - Прежде чем продолжить, присвойте разделу/устройству букву диска ('Панель управления' > 'Администрирование' > 'Управление компьютером' - 'Управление дисками').\n\nПримечание: это требование операционной системы. - Смонтировать том VeraCrypt - Размонтировать все тома VeraCrypt - VeraCrypt не может получить права администратора. - Доступ запрещён операционной системой.\n\nВозможная причина: для чтения/записи данных в некоторых папках, файлах и устройствах операционная система требует у вас наличия прав чтения/записи system (привилегий администратора). По умолчанию пользователю без прав администратора разрешается создавать читать и изменять файлы лишь в папке с его документами ('Мои документы'). - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - Для загрузчика VeraCrypt необходимо не менее 32 Кбайт свободного места в начале системного диска (загрузчик VeraCrypt должен располагаться в этой области). Ваш диск этому условию не удовлетворяет.\n\nПожалуйста, НЕ сообщайте нам об этом как об ошибке/проблеме в работе VeraCrypt. Чтобы решить эту проблему, вам нужно переразметить свой диск, оставив свободными первые 32 Кбайт (в большинстве случаев достаточно удалить и вновь создать первый раздел). Рекомендуем использовать для этого диспетчер разделов Microsoft, устанавливаемый вместе с Windows. - Эта функция не поддерживается операционной системой той версии, которую вы сейчас используете. - В этой версии операционной системы VeraCrypt не поддерживает шифрование системного раздела/диска. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Ваш системный диск имеет таблицу разделов GUID (GPT). В настоящий момент поддерживаются только диски с таблицей разделов MBR. - ОСТОРОЖНО: На системном диске уже установлен загрузчик VeraCrypt!\n\nВозможно, в вашем компьютере имеется другая уже зашифрованная система.\n\nВНИМАНИЕ: В СЛУЧАЕ ПРОДОЛЖЕНИЯ ШИФРОВАНИЯ ТЕКУЩЕЙ СИСТЕМЫ ЕСТЬ ВЕРОЯТНОСТЬ, ЧТО ДРУГИЕ СИСТЕМЫ НЕ СМОГУТ ЗАГРУЖАТЬСЯ, А ОТНОСЯЩИЕСЯ К НИМ ДАННЫЕ СТАНУТ НЕДОСТУПНЫМИ.\n\nВы действительно хотите продолжить? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - Исходный системный загрузчик не будет сохранён на диске восстановления (возможная причина: нет файла с резервной копией). - Ошибка записи сектора MBR.\n\nBIOS в вашем ПК может быть настроена на защиту сектора MBR. Проверьте в настройках BIOS (нажмите клавишу F2, Delete или Esc сразу после включения компьютера), не включена ли антивирусная/MBR защита. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Примечание: в определённых ситуациях может потребоваться, чтобы посторонний (неприятель), наблюдающий за стартом ПК, не знал, что вы пользуетесь VeraCrypt. Параметры выше позволяют модифицировать экран загрузки VeraCrypt. Если вы включите первую опцию, то на экране загрузчика не будет отображаться никакой текст (даже если вы введёте неправильный пароль). При вводе пароля компьютер будет выглядеть "зависшим". Кроме того, чтобы ввести противника в заблуждение, можно включить вывод своего сообщения. Например, отображать ложные сообщения об ошибках вроде "Missing operating system" (эта надпись обычно выводится загрузчиком Windows, если он не может найти загрузочный раздел Windows). Однако при этом важно помнить, что если неприятель сможет проанализировать содержимое жёсткого диска, то он сумеет найти на нём загрузчик VeraCrypt. - ВНИМАНИЕ: Если вы включите эту опцию, загрузчик VeraCrypt не будет выводить на экран никаких сообщений (даже если вы укажете неправильный пароль). При вводе пароля компьютер будет выглядеть "зависшим" (не реагирующим), курсор НЕ будет перемещаться, а нажатия клавиш НЕ будут сопровождаться показом звёздочек.\n\nВы действительно хотите включить эту опцию? - Системный раздел/диск выглядит как полностью зашифрованный. - VeraCrypt не поддерживает шифрование системного диска, который был преобразован в динамический диск. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Хотите зашифровать вместо всего диска только системный раздел?\n\nОбратите внимание, что вы можете создавать тома VeraCrypt на основе разделов внутри любых не-системных разделов на диске (в добавок к шифрованию системного раздела). - Поскольку системный диск содержит только один раздел, занимающий весь диск, предпочтительнее (более безопасно) зашифровать весь диск, включая свободное "резервное" место, которое обычно окружает такой раздел.\n\nХотите зашифровать весь системный диск? - Ваша система настроена так, что временные файлы хранятся на несистемном разделе.\n\nВременные файлы должны храниться только на системном разделе. - Файлы вашего профиля пользователя не хранятся на системном разделе.\n\nЭти файлы должны храниться только на системном разделе. - На несистемных разделах имеются один или несколько файлов подкачки.\n\nФайлы подкачки должны находиться только на системном разделе. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - В противном случае это неблагоприятно скажется на правдоподобности отрицания наличия скрытой ОС.\n\nПримечание: если неприятель проанализирует содержимое таких файлов (находящихся на несистемном разделе), то сможет узнать, что вы пользовались этим мастером в режиме создания скрытой системы (что натолкнёт его на мысль о наличии скрытой ОС в вашем ПК). Также учтите, что такие файлы, хранящиеся на системном разделе, будут надёжно удалены VeraCrypt при создании скрытой ОС. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Внимание! Между системным разделом и первым разделом за ним имеется нераспределённое место. После создания скрытой операционной системы вы не должны создавать в этой нераспределённой области никаких новых разделов. В противном случае скрытая ОС не сможет загрузиться (до тех пор, пока не будут удалены такие вновь созданные разделы). - В данный момент этот алгоритм для шифрования системы не поддерживается. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - В настоящий момент ключевые файлы для шифрования системы не поддерживаются. - Внимание! VeraCrypt не может восстановить первоначальную раскладку клавиатуры. Это может привести к неправильному вводу пароля. - Ошибка! Невозможно установить раскладку клавиатуры для VeraCrypt в стандартную американскую (US).\n\nОбратите внимание, что пароль вводится ДО загрузки Windows, когда любые раскладки клавиатуры, отличающиеся от американской, ещё недоступны. Поэтому пароль всегда должен вводиться при стандартной американской раскладке. - Поскольку VeraCrypt временно изменил раскладку клавиатуры на стандартную американскую, ввод символов при нажатой правой клавише Alt невозможен. Тем не менее, большинство таких символов можно ввести соответствующими клавишами при нажатой клавише Shift. - Изменение раскладки клавиатуры заблокировано VeraCrypt. - Примечание: пароль вводится ДО загрузки Windows, когда любые раскладки клавиатуры, отличающиеся от американской, ещё недоступны. Поэтому пароль всегда должен вводиться при стандартной американской раскладке. Важно, однако, иметь в виду, что вам НЕ нужно иметь настоящую американскую клавиатуру. VeraCrypt автоматически обеспечивает вам безопасный ввод пароля (прямо сейчас и на стадии перед загрузкой ОС), даже если у вас НЕ настоящая американская клавиатура. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - ВНИМАНИЕ: Если ранее вы уже создавали диск восстановления VeraCrypt, вы не сможете им воспользоваться снова для этого системного раздела/диска, так как он был создан для другого мастер-ключа! При каждом шифровании системного раздела/диска нужно создавать новый диск восстановления VeraCrypt, даже если вы используете тот же самый пароль. - Ошибка! Невозможно сохранить установки системного шифрования. - Невозможно инициировать пре-тест системного шифрования. - Невозможно начать процесс создания скрытой операционной системы. - Режим очистки - На ряде перезаписываемых носителей перезаписанные данные можно восстановить с помощью спецтехник (микроскопия магнитной силы). Это относится и к данным, перезаписанным в зашифрованном виде (когда VeraCrypt шифрует незашифрованный системный раздел/диск). Восстановление перезаписанных данных можно предотвратить (или сильно осложнить) перезаписью псевдослучайными или определёнными неслучайными данными некоторое число раз. Если ваши неприятели могут применить подобные методы для восстановления данных, которые вы собираетесь зашифровать, выберите один из режимов очистки (имеющиеся данные НЕ будут уничтожены). После шифрования раздела/диска очистка НЕ выполняется. Когда раздел/диск полностью зашифрован, никакие незашифрованные данные на него не записываются. Любые данные сначала шифруются на лету в памяти, и лишь затем сохраняются (зашифрованными) на диске. - На ряде перезаписываемых носителей перезаписанные данные (например, когда данные удалены) можно восстановить с помощью спецтехник (микроскопия магнитной силы). Восстановление перезаписанных данных можно предотвратить (или сильно осложнить) перезаписью псевдослучайными или определёнными неслучайными данными некоторое число раз. Если ваши неприятели могут применить подобные техники для восстановления данных, которые должны быть удалены, выберите один из многопроходных режимов очистки.\n\nПримечание: чем больше проходов, тем дольше длится стирание данных. - Очистка - \nПримечание: вы можете прервать процесс очистки, выключить компьютер, снова запустить скрытую систему и затем продолжить очистку (этот мастер запустится автоматически). Однако в случае прерывания весь процесс очистки придётся начать сначала. - \n\nПримечание: если прервать очистку, а затем попытаться возобновить этот процесс, то его придётся выполнить с самого начала. - Вы хотите отменить очистку (затирание данных)? - Внимание! Содержимое всего выбранного раздела/устройства будет уничтожено. - Всё содержимое раздела, где находится исходная система, будет уничтожено.\n\nПримечание: всё содержимое раздела, подлежащего стиранию, было скопировано в этот скрытый системный раздел. - ВНИМАНИЕ: Если выбрать, например, 3-проходный режим очистки, время шифрования диска/раздела увеличится в 4 раза. Аналогично, при выборе 35-проходного режима время увеличится в 36 раз (и может даже составить несколько недель).\n\nУчтите, однако, что очистка НЕ выполняется после того, как раздел/диск зашифрован. Когда раздел/диск полностью зашифрован, никаких незашифрованных данных на него не записывается. Любые записываемые на него данные сначала шифруются на лету в памяти, и только затем сохраняются (в зашифрованном виде) на диске (т.е. на производительности это НЕ отражается).\n\nВы действительно хотите использовать режим очистки? - Нет (самый быстрый) - 1 проход (случайные данные) - 3 прохода (US DoD 5220.22-M) - 7 проходов (US DoD 5220.22-M) - 35 проходов ("Gutmann") - 256 проходов - Число операционных систем - ВНИМАНИЕ: Неопытным пользователям не следует пытаться шифровать Windows в мультизагрузочных конфигурациях.\n\nПродолжить? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Загрузочный диск - Работающая в данный момент операционная система установлена на загрузочном диске?\n\nПримечание: иногда Windows бывает установлена не на том диске, с которого она грузится (где находится загрузочный раздел). Если это ваш случай, то выберите 'Нет'. - В данный момент VeraCrypt не поддерживает шифрование операционной системы, которая загружается не с того же диска, на котором она установлена. - Число системных дисков - Сколько дисков содержит операционная система?\n\nПримечание: например, если у вас одна операционная система (скажем, Windows, Mac OS X, Linux и т.д.) установлена на первичном диске, а другая -- на вторичном, выберите '2 или более'. - В данный момент VeraCrypt не поддерживает шифрование всего диска, который содержит несколько операционных систем.\n\nВозможные варианты:\n\n- Вы можете зашифровать одну из систем, если вернётесь назад и выберите шифрование только одного системного раздела (а не всего системного диска).\n\n- Вы сможете зашифровать весь диск, если переместите некоторые системы на другие диски, оставив только одну ОС на диске, который хотите зашифровать. - Несколько систем на одном диске - На диске, где установлена текущая ОС, есть другие операционные системы?\n\nПримечание: например, если текущая ОС установлена на диске #0, содержащем несколько разделов, и если на одном из разделов находится Windows, а на другом -- ещё одна ОС (скажем, Windows, Mac OS X, Linux и т.д.), то выберите 'Да'. - Не-Windows загрузчик - Установлен ли в главной загрузочной записи (MBR) не относящийся к Windows загрузчик (или загрузочный менеджер)?\n\nПримечание: например, если в первом цилиндре загрузочного диска содержится GRUB, LILO, XOSL или какой-то другой не относящийся к Windows загрузочный менеджер, выберите 'Да'. - Мультизагрузка - В настоящее время VeraCrypt не поддерживает мультизагрузочные конфигурации, где в главной загрузочной записи (MBR) установлен не относящийся к Windows загрузчик.\n\nВозможные варианты:\n\n- Если вы используете загрузочный менеджер для загрузки Windows и Linux, перенесите его (обычно это GRUB) из MBR в раздел. Затем запустите снова этот мастер и зашифруйте системный раздел/диск. Обратите внимание, что загрузчик VeraCrypt станет основным загрузочным менеджером и позволит вам запускать исходный загрузочный менеджер (скажем, GRUB) как вторичный (нажатием Esc при выводе экрана загрузчика VeraCrypt) и, таким образом, запускать Linux. - Если текущая ОС установлена на загрузочном разделе, то после его шифрования вам потребуется ввести правильный пароль, даже для запуска незашифрованных Windows-систем (так как они будут совместно использовать один и тот же зашифрованный загрузчик Windows).\n\nНапротив, если текущая ОС не установлена на загрузочном разделе (или загрузчик Windows не используется никакими иными системами), тогда после шифрования этой системы вам не надо вводить пароль для запуска других незашифрованных систем -- достаточно будет просто нажать Esc (в случае нескольких незашифрованных систем также потребуется выбрать нужную в меню загрузчика VeraCrypt).\n\nПримечание: как правило, в загрузочном разделе бывает установлена наиболее ранняя версия Windows. - Шифрование защищённой области пользователя (HPA) - В конце многих дисков имеется область, в обычных условиях скрытая от операционной системы (эту область обычно называют Host Protected Area -- защищённая область пользователя). Однако некоторые программы способны читать и записывать данные в таких областях.\n\nВНИМАНИЕ: Производители компьютеров (в частности, ноутбуков) могут использовать области HPA для хранения в них утилит и данных для RAID, восстановления системы, её настройки, диагностики и прочих нужд. Если такие утилиты или данные должны быть доступны перед загрузкой системы, скрытую область НЕ следует шифровать (выберите 'Нет').\n\nХотите, чтобы VeraCrypt обнаружил и зашифровал скрытую область (если таковая имеется) в конце системного диска? - Системанинг шифрлаш тури - Выберите эту опцию, если вы просто хотите зашифровать системный раздел или весь системный диск. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Скрытая операционная система - На следующих этапах вы создадите два тома VeraCrypt (внешний и скрытый) в первом разделе за системным разделом. Скрытый том будет содержать скрытую ОС. VeraCrypt создаст скрытую ОС копированием в скрытый том содержимого системного раздела (где установлена работающая сейчас ОС). Во внешний том вам нужно скопировать осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ требуется. Их цель -- ввести в заблуждение того, кто вынудит вас сообщить пароль от скрытого системного раздела. Вы сможете открыть пароль для внешнего тома внутри скрытого системного раздела (наличие скрытой ОС останется в тайне).\n\nИ, наконец, на системный раздел с работающей в данный момент ОС вы установите новую, так называемую "обманную" ОС и зашифруете её. В ней не должно быть конфиденциальных файлов, она нужна на случай, если вас вынудят сообщить предзагрузочный пароль. В итоге у вас будет три пароля. Два из них (для обманной ОС и для внешнего тома) можно сообщать неприятелю. Третий пароль -- запуск скрытой ОС. - Поиск скрытых секторов - Подождите, VeraCrypt ищет скрытые сектора, которые могут присутствовать в конце системного диска. Это может занять продолжительное время.\n\nПримечание: в очень редких случаях на некоторых компьютерах во время этой операции система может перестать реагировать. В этом случае перезагрузите компьютер, запустите VeraCrypt, повторите предыдущие этапы, но пропустите этот этап поиска. Просим учесть, что данная проблема вызвана не ошибкой в VeraCrypt. - Область шифрования - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Сбор случайных данных - Сгенерированные ключи - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Запись диска восстановления - Диск восстановления создан - Пре-тест шифрования системы - Диск восстановления проверен - \nДиск восстановления VeraCrypt (Rescue Disk) успешно прошёл проверку. Выньте его из накопителя и уберите в надёжное место.\n\nНажмите 'Далее' для продолжения. - ВНИМАНИЕ: Во время следующих этапов в накопителе НЕ должно быть диска восстановления VeraCrypt. В противном случае эти этапы не удастся корректно завершить.\n\nВыньте диск восстановления из накопителя и поместите в надёжное место. Затем нажмите OK. - Внимание! Вследствие технических ограничений среды до загрузки ОС, сообщения, выводимые VeraCrypt на этом этапе (т.е. до старта Windows), не подлежат локализации. Пользовательский интерфейс загрузчика VeraCrypt полностью на английском языке.\n\nПродолжить? - Прежде чем зашифровать системный раздел или диск, VeraCrypt должен проверить, что всё работает как надо.\n\nПосле нажатия 'Тест' будут установлены все необходимые компоненты (например, предзагрузочный авторизатор, т.е. загрузчик VeraCrypt), и компьютер перезагрузится. Затем на экране загрузчика (VeraCrypt Boot Loader), который появится до старта Windows, вам потребуется ввести свой пароль. После запуска Windows вам автоматически сообщат о результатах этого предварительного теста.\n\nБудет изменено следующее устройство: Диск #%d\n\n\nЕсли вы сейчас нажмёте 'Отмена', то ничего установлено не будет, и пре-тест не станет выполняться. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Пре-тест выполнен - Пре-тест успешно завершён.\n\nВНИМАНИЕ: Если во время шифрования произойдёт сбой питания или из-за программной/аппаратной ошибки зависнет операционная система, в то время, как VeraCrypt шифрует имеющиеся данные 'на месте', некоторые данные почти наверняка окажутся повреждёнными или утерянными. Поэтому прежде чем начать шифрование, убедитесь, что сделали резервную копию файлов, которые собираетесь зашифровать. Если нет, то сделайте это сейчас (нажмите 'Отложить', скопируйте файлы, затем в любое время снова запустите VeraCrypt, выберите 'Система' > 'Возобновить прерванный процесс', чтобы начать шифрование).\n\nКогда будете готовы, нажмите 'Шифрация', чтобы приступить к шифрованию. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nВы можете в любой момент нажать 'Пауза' или 'Отложить', прервав шифрование, выйти из этого мастера, перезагрузить или выключить ПК, а затем продолжить процесс (он возобновится с той точки, где был приостановлен). Учтите, что том не может быть смонтирован, пока не будет полностью зашифрован. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Скрытая система запущена - Исходная система - Windows создаёт (обычно без вашего ведома или согласия) различные файлы отчётов, временные файлы и т.п. на системном разделе. Кроме того, там же она сохраняет содержимое ОЗУ для сна/гибернации и файлы подкачки. Поэтому если неприятель проанализирует файлы на разделе с исходной системой (клоном которой является скрытая ОС), он может узнать, например, что вы пользовались мастером VeraCrypt в режиме создания скрытой системы (и заподозрить наличие скрытой ОС в вашем ПК).\n\nЧтобы это предотвратить, на следующих этапах VeraCrypt надёжно сотрёт всё содержимое раздела, где находится исходная система. Затем для правдоподобности отрицания вам потребуется установить в раздел новую систему и зашифровать её. Таким образом вы создадите обманную ОС, и на этом процесс создания скрытой ОС будет завершён. - Скрытая ОС успешно создана. Но прежде чем её можно будет использовать (и иметь возможность правдоподобного отрицания), требуется надёжно удалить (с помощью VeraCrypt) всё содержимое раздела, в котором сейчас установлена текущая ОС. Прежде чем это сделать, перезагрузите ПК и на экране загрузчика VeraCrypt (выводимого до старта Windows) введите пароль предзагрузочной авторизации для скрытой ОС. Затем после старта скрытой системы автоматически запустится мастер VeraCrypt.\n\nПримечание: если сейчас прервать создание скрытой ОС, то возобновить этот процесс НЕ удастся, и скрытая ОС окажется недоступна (так как будет удалён загрузчик VeraCrypt). - Вы запланировали создание скрытой операционной системы. Этот процесс ещё не закончен. Чтобы его завершить, нужно перезагрузить компьютер и на экране загрузчика VeraCrypt (он появляется перед запуском Windows) ввести пароль для скрытой операционной системы.\n\nПримечание: если вы решите прервать сейчас процесс создания скрытой ОС, вы уже НЕ сможете его возобновить. - Перезагрузить ПК и продолжить - Окончательно прервать создание скрытой ОС - Ничего не делать сейчас, спросить позже - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Клонирование ОС - Yf следующих этапах VeraCrypt создаст скрытую ОС, скопировав содержимое системного раздела в скрытый том (копируемые данные шифруются 'на лету' с ключом, отличным от используемого для обманной ОС).\n\nУчтите, что процесс выполняется на предзагрузочной стадии (до запуска Windows) и может занять много времени (несколько часов или даже дней, в зависимости от размера системного раздела и быстродействия ПК).\n\nВы сможете прервать этот процесс, выключить ПК, запустить ОС и затем возобновить его. Однако в случае прерывания, копирование системы придётся начать сначала (так как при клонировании содержимое системного раздела не должно изменяться). - Вы хотите отменить весь процесс создания скрытой операционной системы?\n\nПримечание: в случае отмены вы НЕ сможете возобновить процесс. - Вы хотите отменить пре-тест шифрования системы? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - Судя по всему, системный раздел/диск не зашифрован (ни частично, ни полностью). - Системный раздел/диск зашифрован (частично или полностью).\n\nПрежде чем продолжить, полностью дешифруйте системный раздел/диск. Чтобы это сделать, выберите в главном окне VeraCrypt меню 'Система' > 'Permanently Decrypt System Partition/Drive'. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - В данный момент идёт шифрование, дешифрование или иная модификация системного раздела/диска. Прежде чем продолжить, прервите процесс шифрования/дешифрования/модификации (или дождитесь его окончания). - В системе уже запущена копия мастера создания томов VeraCrypt, она выполняет или подготавливает шифрование/дешифрование системного раздела/диска. Прежде чем продолжить, дождитесь завершения работы мастера или закройте его. Если закрыть окно мастера не удаётся, перезагрузите ПК и продолжите. - Шифрование или дешифрование системного раздела/диска не завершено. Прежде чем продолжить, дождитесь завершения этого процесса. - ОШИБКА: Шифрование раздела/диска не было завершено. Сначала его нужно завершить. - ОШИБКА: Шифрование раздела/тома не было завершено. Сначала его нужно завершить.\n\nПримечание: чтобы возобновить процесс, выберите команду 'Тома' > 'Продолжить прерванный процесс' в меню главного окна VeraCrypt. - Пароль правильный. VeraCrypt успешно расшифровал заголовок тома и обнаружил, что этот том является скрытым системным томом. Однако изменить заголовок скрытого системного тома таким способом нельзя.\n\nЧтобы изменить пароль скрытого системного тома, загрузите ОС, расположенную в скрытом томе, после чего в главном окне VeraCrypt выберите в меню 'Система' > 'Изменить пароль'.\n\nЧтобы установить алгоритм деривации ключа заголовка, загрузите скрытую ОС и выберите 'Система' > 'Установить алгоритм деривации ключа заголовка'. - VeraCrypt не поддерживает дешифрование скрытого системного раздела на месте.\n\nПримечание: если вы хотите дешифровать обманный системный раздел, загрузите обманную ОС, после чего выберите в главном окне VeraCrypt меню 'Система' > 'Перманентно расшифровать системный раздел/диск'. - ОШИБКА: Неверный/недопустимый параметр. - Вы выбрали раздел или устройство, но выбранный режим мастера подходит только для файловых контейнеров.\n\nХотите изменить режим мастера? - Хотите вместо этого создать файловый контейнер VeraCrypt? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Вы действительно хотите перманентно дешифровать системный раздел/диск? - ОСТОРОЖНО: Если вы перманентно дешифруете системный раздел/диск, данные на него будут записываться в незашифрованном виде.\n\nВы действительно хотите перманентно дешифровать системный раздел/диск? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - Если вы столкнулись с любой из ранее описанных проблем, дешифруйте раздел/диск (если он зашифрован), после чего попробуйте зашифровать его снова, используя не-каскадный Шифрлаш алгоритми (например, AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - Номер версии загрузчика VeraCrypt, с помощью которого была загружена эта ОС, отличается от номера версии драйвера и приложений VeraCrypt, установленных в этой системе.\n\nВам следует запустить инсталлятор VeraCrypt (той же версии, что и у загрузчика VeraCrypt), чтобы обновить VeraCrypt в этой операционной системе. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - Загрузчик VeraCrypt обновлён.\n\nНастоятельно рекомендуется создать новый диск восстановления VeraCrypt (Rescue Disk), который будет содержать новую версию загрузчика VeraCrypt. Для этого после перезагрузки компьютера выберите меню 'Система' > 'Создать диск восстановления'. - Загрузчик VeraCrypt обновлён.\n\nНастоятельно рекомендуется загрузить обманную операционную систему и затем создать новый диск восстановления VeraCrypt (который будет содержать новую версию загрузчика VeraCrypt). Для этого выберите меню 'Система' > 'Создать диск восстановления'. - Ошибка обновления загрузчика VeraCrypt. - VeraCrypt не может определить настоящий размер системного диска, поэтому будет использовать размер, сообщённый операционной системой (который может быть меньше реального размера). Примечание: это не ошибка в VeraCrypt. - ВНИМАНИЕ: Похоже, VeraCrypt уже пытался обнаружить скрытые сектора на этом системном диске. Если во время предыдущей попытки обнаружения вы столкнулись с какими-то проблемами, то можете сейчас их избежать, пропустив операцию поиска скрытых секторов. Обратите внимание, что в этом случае VeraCrypt будет использовать размер, сообщаемый операционной системой (который может быть меньше действительного размера диска).\n\nЭто происходит не из-за какой-либо ошибки в VeraCrypt. - Не выполнять поиск скрытых секторов (использовать размер, сообщённый ОС) - Попробовать найти скрытые сектора ещё раз - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Примечание: VeraCrypt заменил содержимое %I64d нечитаемых секторов (%s) зашифрованными блоками с обычным нулевым текстом. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Введите пароль/PIN для токена '%s': - Чтобы обеспечить VeraCrypt доступ к токену безопасности или смарт-карте, сначала нужно установить программную библиотеку PKCS #11 для токена или смарт-карты. Эта библиотека может поставляться вместе с устройством либо имеется на сайте поставщика или сторонней фирмы.\n\nУстановив библиотеку, вы можете либо выбрать её вручную, нажав 'Библиотека', либо позволить VeraCrypt найти её автоматически, нажав 'Автоопределение библиотеки' (поиск выполняется только в системной папке Windows). - Примечание: имя и расположение файла библиотеки PKCS #11 для токена или смарт-карты см. в документации к токену, смарт-карте или ПО сторонних фирм.\n\nНажмите 'OK', чтобы выбрать путь и имя файла. - Чтобы обеспечить VeraCrypt доступ к токену безопасности или смарт-карте, сначала нужно выбрать программную библиотеку PKCS #11 для токена/карты. Для этого выберите в меню 'Настройки' > 'Токены безопасности'. - Ошибка инициализации библиотеки PKCS #11 для токена безопасности.\n\nУбедитесь, что указанные путь и имя файла действительно ссылаются на библиотеку PKCS #11. Чтобы указать путь и имя библиотеки PKCS #11, выберите в меню 'Настройки' > 'Токены безопасности'. - В системной папке Windows библиотека PKCS #11 не обнаружена.\n\nПроверьте, установлена ли библиотека PKCS #11 для вашего токена безопасности (или смарт-карты). Эта библиотека может поставляться вместе с токеном/картой или же доступна на сайте производителя/сторонней фирмы. Если библиотека установлена в папке, отличной от системной папки Windows, нажмите кнопку 'Библиотека' и выберите её (например, это может быть папка, где установлено ПО для токена/карты). - Токен безопасности не обнаружен.\n\nУбедитесь, что токен подключён к ПК, и для него установлен корректный драйвер. - Ключевой файл токена безопасности не обнаружен. - Ключевой файл токена безопасности с таким именем уже существует. - Вы хотите удалить выбранные файлы? - Путь к ключевому файлу токена безопасности неверен. - Ошибка токена безопасности - Неверный пароль для токена безопасности. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - Все открытые токен-сессии были закрыты. - Выберите ключевые файлы токена безопасности - Слот - Токен - Имя файла - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Ошибка обработки командной строки. - Диск восстановления - Выбрать &файл и смонтировать... - Выбрать &устройство и смонтировать... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - ВНИМАНИЕ: Файловая система тома, смонтированного как '%s', не была аккуратно размонтирована, и потому может содержать ошибки. Использование повреждённой файловой системы может привести к потере или порче данных.\n\nПримечание: прежде чем физически удалять или выключать устройство (например, флэш-накопитель USB или внешний жёсткий диск), на котором находится смонтированный том VeraCrypt, сначала всегда следует размонтировать этот том.\n\n\nХотите, чтобы Windows попыталась найти и исправить ошибки (если они есть) файловой системы? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Том '%s' смонтирован как 'только для чтения', так как была отвергнута попытка записи.\n\nПроверьте, не обращаются ли к разделу/устройству, на котором расположен том, другие приложения (например, антивирусное ПО). - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Тест - Ключевой файл - Backspace - Tab - Очистить - Enter - Pause - Caps Lock - Пробел - Page Up - Page Down - End - Home - Стрелка влево - Стрелка вверх - Стрелка вправо - Стрелка вниз - Клавиша выбора - Клавиша печати - Клавиша выполнения - Print Screen - Insert - Delete - Клавиша приложений - Сон - Num Lock - Scroll Lock - Браузер - назад - Браузер - вперёд - Браузер - обновить - Браузер - стоп - Браузер - поиск - Браузер - Избранное - Браузер - Начальная страница - Без звука - Уменьшить громкость - Увеличить громкость - Следующий трек - Предыдущий трек - Стоп - Пуск/пауза - Клавиша запуска почты - Клавиша выбора носителя - Приложение 1 - Приложение 2 - Attn - СозВыд - РасВыд - Пуск - Зум - NumPad - Shift - Control - Alt - Win - б - Кб - Мб - Гб - Тб - Пб - б/с - Кб/с - Мб/с - Гб/с - Тб/с - Пб/с - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Бекор кил + Барча фойдаланувчилар учун ўрнатиш + О&чиш... + & VeraCrypt Рабочий столда + Donate now... + '.hc' кенгайтмасини VeraCrypt билан келиштириш + Иш охирида белгиланган жойни очиш + & VeraCrypt ни 'Пуск' га кўшиш + Кайта тиклаш ну&қтасини яратиш + Учи&риш + &Ичидан олиш + &ўрнатиш + VeraCrypt ўрнатувчи уста + VeraCrypt учириш + &Маълумот + Ичидан олинадиган файлларни жойлатириш марказини кўрсатинг: + VeraCrypt дастур файлларини қаерга ўрнатишни кўрсатинг.\nАгар бундай папка булмаса, у холда у автомат яратилади. + Системадан VeraCrypt учириш учун 'Учириш' тугмасини босинг. + Тўхта + &Benchmark + &Тест + Шифрланган томни яратиш ва уни форматлаш + Бўлимни тугран жойида шифрлаш + Яратилган калитларни кўрсатиш (уларнинг кисмларини) + Пул() кўрсатиш + CD/DVD ёзиш учун Дастурни ишга тушириш + Шифрланган файл контейнерини яратиш + &Гб + &ТБ + Тўлиқрок + &Яширилган VeraCrypt томи + 'Яширилган том' узи нима? + Тугри режим + Оддий режим + &Кб + Ка&лит. файллар + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + Ка&лит. файллар... + Хэш-алгоритмлар буйича маълумотлар + Тўлиқрок + Information on PIM + &Мб + Тўлиқрок + Шифрлаш системаси буйича Тўлиқрок маълумот + Тўлиқрок + Мультиюклаш + Система Бўлими/диски булмаганни шифрлаш + &Тарихни сакламаслик + Ташқи томни очиш + &Пауза + Use P&IM + Use PIM + Тезда форматлаш. + &Паролни кўрсатишлик + &Паролни кўрсатишлик + &Display PIM + Биттадан юклаш + VeraCrypt оддий томи + Яши&рин + Оддий + Дискнинг Тўлиқ кисмини ёки Бўлимини шифрлаш + Windows система Бўлимини шифрлаш + Дискнинг барча кисмини шифрлаш + VeraCrypt томларини яратиш устаси + Кластер + ЗАРУР: Сискончани ушбу ойнада хар хил харакатлантиринг, канчалик куп сичконча жойи узгарса, шунчалик шифрлаш кучи ошади. Кейин 'Кейингисига' тугмасини босинг. + &Тасдиклаш: + Тайёр + Drive letter: + Шифрлаш алгоритми + Файл.сист. + Файл ичида виртуал шифрланган диск яратиш. Тажрибасиз фойдаланувчиларга маслахат берилади. + Опцииялар + Хэш-алгоритм + Калит топ-мок: + Яна + Уста-калит: + Агар компьютерингизда бир неча ОС лар булса ушби опцияни танланг.\n\nМасалан:\n- Windows XP ва Windows XP\n- Windows XP ва Windows Vista\n- Windows ва Mac OS X\n- Windows и Linux\n- Windows, Linux ва Mac OS X + Cистемасиз бўлган ички ёки ташқи бўлимни шифрлаш (масалан, флешкада). Яширинин том яратиш имкони билан бирга. + Пуулнинг(бўлим) ҳозирги ҳолати + Пароль + Пароль: + Volume PIM: + Volume PIM: + Операция ҳолати: + Тасодифий: + Агар компьютерингизда битта ОС ўрнатилган бўлса шу опцияни танланг, гарчи фойдаланувчилар сони кўп бўлса ҳам. + Тезлик + Ҳолати(статус) + Калитлар ва бошқа берилган маълумотлар генерация қилинди. Агарда сиз янги калитларни генерация қилмоқчи бўлсангиз 'Орқага' тугмасини босиб кейин 'Давоми' тугмасини босасиз. Бўлмасам 'Давоми' тугмасини бўсинг. + Зашифровать раздел/диск, где установлена Windows. Перед каждой загрузкой Windows нужно будет вводить пароль для доступа к ОС, считывания и записи файлов и т.д. Дополнительно - создание скрытой ОС. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Режим очистки: + Закрыть + Разре&шить отмену предзагрузочной авторизации по Esc (включить диспетчер загрузки) + Нет действий + &Автомонтирование тома VeraCrypt (указанного) + &Запуск VeraCrypt + Автоопределение &библиотеки + К&эшировать пароль предзагрузочной авторизации в памяти драйвера (для монтирования несистемных томов) + Обзор... + Обзор... + К&эшировать пароли и ключевые файлы + Выход, если нет смонтированных томов + Закр&ыть токен-сессию (выйти) после успешного монтирования тома + Include VeraCrypt Volume Expander + С мастером создания томов VeraCrypt + Создать + &Том(файл) яратиш + Ни&чего не показывать на экране авторизации (кроме указанного ниже текста) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Ключ. файлы + Ключ. файлы + Ч&иқиш + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Назначить + Убрать + Ключ.файлы... + Do not use the following number of processors for encryption/decryption: + More information + More information + Ещё настройки... + &Автомат уламоқ + Параметр&ы... + Монтировать как том только для &чтения + Ключ.файлы... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Включено + Кэшировать пароли в памяти + Авторазмонтировать тома при неактивности в течение + завершении сеансов + User session locked + входе в энергосбережение + старте экранной заставки + Авторазмонтировать тома даже при открытых файлах/папках + Монтировать все тома на устройствах + Запуск VeraCrypt в фоне + Монтировать как тома только для чтения + Монтировать как сменные носители + Открывать окно Проводника для успешно смонтированного тома + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Очищать кэш паролей при авторазмонтировании + Очищать кэш паролей при выходе + Preserve modification timestamp of file containers + Сброс + &Қурилма... + &Файл... + &Библиотека... + Показ пароля + Показ пароля + &Открыть смонтированный том в окне Проводника + &Кэшировать пароль в памяти драйвера + TrueCrypt Mode + &Уланишларни узиш + Сво&йства тома... + О&перациялар... + О&чистить кэш + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - Общесистемные горячие клавиши + VeraCrypt + Изменение пароля или ключевых файлов + Введите пароль тома VeraCrypt + VeraCrypt - Performance and Driver Options + VeraCrypt - Настройки + VeraCrypt - Настройки шифрования системы + VeraCrypt - Настройки токена безопасности + Настройка переносного диска VeraCrypt + Свойства тома VeraCrypt + О программе... + Добавить/удалить ключевые файлы в/из том(а)... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Сделать резервную копию заголовка тома... + Тест скорости... + Установить алгоритм деривации ключа заголовка... + Изменить пароль тома... + Установить алгоритм деривации ключа заголовка... + Изменить пароль... + Очистить историю томов + Закрыть все токен-сессии + Связь с авторами... + Создать скрытую ОС... + Создать диск восстановления... + Создать новый том... + Permanently Decrypt... + Ключевые файлы по умолчанию... + Default Mount Parameters... + Donate now... + Зашифровать системный раздел/диск... + Часто задаваемые вопросы + Руководство пользователя + &Домашняя страница + Горячие клавиши... + Генератор ключевых файлов + Язык (language)... + Юридическая информация + Ключевые файлы токена безопасности... + Автомонтирование всех томов на базе устройств + Смонтировать избранные тома + Смонтировать &без предзагрузочной авторизации... + Смонтировать том + Смонтировать том с параметрами + Новости + Справка в Интернете + Руководство для начинающих + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Перманентно расшифровать системный раздел/диск + Настройки... + Обновить буквы дисков + Удалить из тома все ключевые файлы... + Восстановить заголовок тома... + Продолжить прерванный процесс + Выбрать устройство... + Выбрать файл... + Возобновить прерванный процесс + Шифрование системы... + Свойства... + Установки... + System Favorite Volumes... + Загрузка ПО + Тест алгоритмов генерирования векторов... + Токены безопасности... + Настройка переносного диска... + Размонтировать все смонтированные тома + Размонтировать том + Проверить диск восстановления + Verify Rescue Disk ISO Image + История версий + Volume Expander + Свойства тома + Мастер создания томов + Сайт VeraCrypt + Очистить кэш паролей + OK + Hardware Acceleration + Клавиша быстрого вызова + Настройка автозапуска (файл autorun.inf) + Автоматическое размонтирование + Размонтировать все тома при: + Параметры экрана загрузчика + Подтвердите: + Текущий + Показывать этот текст на экране предзагрузочной авторизации (не более 24 символов): + Параметры монтирования томов по умолчанию + Дополнительные параметры + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Файловые параметры + Клавиша: + Processor (CPU) in this computer supports hardware acceleration for AES: + Действия при входе в Windows + мин + Диск харфи: + Параметры монтирования тома VeraCrypt + Янги + Пароль: + Thread-Based Parallelization + Путь к библиотеке PKCS #11 + PKCS-5 PRF: + PKCS-5 PRF: + Кэширование (запоминание) паролей + Параметры безопасности + Работа VeraCrypt в фоновом режиме + Том для монтирования (относительно корня переносного диска): + При вставке переносного диска: + Создать файлы переносного диска (корневая папка переносного диска) в: + Том + Окна + Пап&ка... + &Автотест всех + &Continue + &Дешифрация + &Удалить + &Шифрация + &Экспорт... + Создать и сохранить файл... + Случа&йный ключевой файл... + Загрузить языковые модули с сайта + Hardware-accelerated AES: + &Импорт кл.файла в маркер доступа... + &Файлы... + Клю&чевые файлы + К&люч.файлы... + &Удалить + Удалить &все + Что такое 'Защита скрытых томов'? + Что такое 'ключевой файл'? + Монтировать том как &сменный носитель + Монтировать раздел с шифрованием ОС &без предзагр. авторизации + Parallelization: + Тест + Пе&чать + З&ащитить скрытый том от повреждения при записи во внешний том + &Сброс + Пока&з пароля + Добавить &токен-файлы... + Применять копию заголовка, встроенну&ю в том, если возможно + XTS-режим + О программе VeraCrypt + VeraCrypt - Тест скорости алгоритмов шифрования + VeraCrypt - Тест генерирования векторов + Справка по командной строке + VeraCrypt - Ключевые файлы + VeraCrypt - Генератор ключевых файлов + VeraCrypt - Язык интерфейса + VeraCrypt - Параметры монтирования + Свойства ключевого файла нового токена безопасности + VeraCrypt - Random Pool Enrichment + Выберите раздел или устройство + VeraCrypt + Ключевые файлы токена безопасности + Токен безопасности: требуется пароль/PIN + Сведения о выбранном языковом модуле + На скорость влияют загрузка ЦП и характеристики устройств хранения данных.\n\nЭти тесты выполняются в ОЗУ. + Буфер: + Шифр: + Пароль с&крытого тома:\n(если пусто, то из кэша) + Защита скрытого тома + Длина ключа: + ВАЖНО: Хаотично перемещайте мышь внутри этого окна. Чем дольше, тем лучше. Это значительно увеличит криптостойкость ключевого файла. + !!! При утере ключевого файла или повреждении его первых 1024 килобайт монтирование использующих этот файл томов невозможно! + бит + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Автор перевода: + Размер: + бит + Текущее содержимое пула + Микшер повтора: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Вторичный ключ (16-ричное) + Токен: + Сортировка: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Число блоков: + Зашифрованный текст (16-ричное) + Число единиц с данными (64-бит 16-ричное, размер единицы с данными - 512 байт) + Ключ (16-ричное) + Незашифрованный текст (16-ричное) + Ключевой файл: + XTS-режим + &Система + &Тома + Favor&ites + Серв&ис + Настрой&ки + Спра&вка + &Веб-страница + + &О программе... + Невозможно снять атрибут 'только чтение' со старого тома. Проверьте, разрешён ли доступ к файлу. + Ошибка! Нет доступа.\n\nРаздел, к которому вы пытаетесь получить доступ, имеет длину 0 секторов, либо это загрузочное устройство. + Administrator + Чтобы можно было загрузить драйвер VeraCrypt, вы должны войти в систему с правами Администратора. + Чтобы можно было шифровать/Дешифрация/форматировать раздел/устройство, вы должны войти в систему с правами Администратора.\n\nК томам на основе файлов это не относится. + Чтобы можно было создать скрытый том, вы должны войти в систему с правами Администратора.\n\nПродолжить? + Чтобы можно было форматировать тома как NTFS, вы должны войти в систему с правами Администратора.\n\nБез привилегий Администратора можно форматировать тома только как FAT. + Утверждённый FIPS (США) Шифрлаш алгоритми (Rijndael, опубликован в 1998 г.), разрешён к применению в федеральных структурах США для защиты важнейшей информации. 256-бит ключ, 128-бит блок, 14 циклов (AES-256). Режим работы -- XTS. + Том уже смонтирован. + ОСТОРОЖНО: По крайней мере один Шифрлаш алгоритми или хэширования не прошёл автоматического самотестирования.\n\nВозможно, повреждена установка VeraCrypt. + ОСТОРОЖНО: В пуле генератора случайных чисел недостаточно данных для предоставления нужного объёма случайной информации.\n\nПродолжать дальше не следует. Выберите в меню 'Справка' пункт 'Сообщить об ошибке' и известите авторов. + Повреждён диск (на нём физический дефект) или кабель, либо сбоит память компьютера.\n\nЭто проблема аппаратной части вашего ПК, а не VeraCrypt. Пожалуйста, НЕ сообщайте нам о ней как об ошибке/проблеме в работе VeraCrypt и НЕ просите о помощи в форумах VeraCrypt. Обратитесь за консультацией к изготовителю своего компьютера. Спасибо.\n\nПримечание: если ошибка происходит регулярно в одном и том же месте, наиболее вероятная причина - в повреждённом блоке на диске, который можно попытаться исправить с помощью стороннего ПО (учтите, что во многих случаях команда 'chkdsk /r' бесполезна, так как она работает лишь на уровне файловой системы; иногда 'chkdsk' не может даже детектировать ошибку). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Неверная буква диска. + Неверный путь. + Отмена + Нет доступа к устройству. Проверьте, имеется ли выбранное устройство и не занято ли оно. + Внимание! Нажата клавиша Caps Lock. Это может привести к неправильному вводу пароля. + Том тури + Может так случиться, что кто-то вынудит вас сообщить пароль от зашифрованного тома. В ряде ситуаций вы просто не сможете отказаться выдать пароль (например, при вымогательстве). В подобных случаях поможет так называемый 'скрытый том', позволяющий не выдавать пароля к действительно ценным данным. + Выберите эту опцию, чтобы создать обычный том VeraCrypt. + Внимание! Если вы хотите, чтобы операционная система была установлена на скрытом томе на основе раздела, то весь системный диск нельзя зашифровать с помощью лишь одного ключа. + Шифрование внешнего тома + Шифрование скрытого тома + Настройки шифрования + ВНИМАНИЕ: Ошибка очистки пути к последнему выбранному тому/ключевому файлу (запомненному селектором файлов). + ОШИБКА: Контейнер был сжат на уровне файловой системы. VeraCrypt не поддерживает сжатые контейнеры (сжатие зашифрованных данных неэффективно и избыточно).\n\nОтключите сжатие контейнера, выполнив следующие шаги: 1) Щёлкните правой кнопкой мыши в Проводнике Windows (не в VeraCrypt). 2) Выберите пункт 'Свойства'. 3) В диалоговом окне 'Свойства' нажмите кнопку 'Дополнительно'. 4) В диалоговом окне 'Дополнительные атрибуты' выключите параметр 'Сжимать содержимое для экономии места на диске' и нажмите 'OK'. 5) Нажмите 'OK' в диалоговом окне 'Свойства'. + Ошибка создания тома %s + Хажми %s - %.2f байт + Хажми %s - %.2f Кб + Хажми %s - %.2f Мб + Хажми %s - %.2f Гб + Хажми %s - %.2f Тб + Хажми %s - %.2f Пб + ВНИМАНИЕ: Устройство/раздел используется операционной системой или приложениями. Форматирование устройства/раздела может привести к потере данных или нестабильности системы.\n\nПродолжить? + ВНИМАНИЕ: Устройство/раздел используется операционной системой или приложениями. Следует закрыть все программы, которые могут использовать раздел (включая антивирусное ПО).\n\nПродолжить? + ОШИБКА: Устройство/раздел содержит файловую систему, которая не может быть размонтирована. Эта файловая система может использоваться операционной системой. Форматирование устройства/раздела вероятнее всего приведёт к повреждению данных и нестабильности системы.\n\nДля решения этой проблемы мы рекомендуем сначала удалить этот раздел, после чего вновь создать его без форматирования. Вот как это сделать: 1) Щёлкните правой кнопкой мыши по значку 'Компьютер' (или 'Мой компьютер') в меню 'Пуск' и выберите пункт 'Управление'. Должно появиться окно 'Управление компьютером'. 2) В окне 'Управление компьютером' выберите 'Запоминающие устройства' > 'Управление дисками'. 3) Щёлкните правой кнопкой мыши по разделу, который вы хотите зашифровать, и выберите либо 'Удалить раздел', либо 'Удалить том', либо 'Удалить логический диск'. 4) Нажмите 'Да'. Если Windows попросит перезагрузить компьютер, сделайте это. Затем повторите шаги 1 и 2 и перейдите к шагу 5. 5) Щёлкните правой кнопкой на участке с пустым местом (оно должно содержать надпись 'Не распределено') и выберите 'Основной раздел', 'Дополнительный раздел' или 'Логический диск'. 6) Должно появиться окно мастера создания разделов или томов; следуйте его инструкциям. В окне мастера на странице 'Форматирование раздела' выберите либо 'Не форматировать этот раздел', либо 'Не форматировать этот том'. В том же окне мастера нажмите кнопку 'Далее' и затем 'Готово'. 7) Учтите, что выбранный вами в VeraCrypt путь к устройству может быть теперь неверным. Поэтому завершите работу мастера создания томов VeraCrypt (если он всё ещё выполняется) и запустите его снова. 8) Попробуйте снова зашифровать устройство/раздел в VeraCrypt.\n\nЕсли VeraCrypt по-прежнему откажется шифровать устройство/раздел, скорректируйте свои планы и создайте вместо этого файловый контейнер. + ОШИБКА: Не удалось заблокировать и/или размонтировать файловую систему. Вероятно, она используется ОС или приложениями (например, антивирусным ПО). Шифрование этого раздела может повлечь повреждение данных и нестабильность системы.\n\nЗакройте все приложения, которые могут обращаться к файловой системе (включая антивирусное ПО) и повторите попытку. Если это не поможет, следуйте указанным ниже инструкциям. + ВНИМАНИЕ: Некоторые смонтированные устройства/разделы уже используются.\n\nИгнорирование этого может привести к нежелательным последствиям, включая нестабильность системы.\n\nНастоятельно рекомендуется закрыть все программы, использующие эти устройства/разделы. + Выбранное устройство содержит разделы.\n\nФорматирование этого устройства может привести к нестабильности системы и/или повреждению данных. Либо выберите раздел на этом устройстве, либо удалите все разделы на нём, чтобы дать возможность VeraCrypt безопасно его отформатировать. + Выбранное несистемное устройство содержит разделы.\n\nЗашифрованные тома VeraCrypt на основе устройств можно создавать только на дисках, не содержащих разделов (включая жёсткие и твердотельные диски). Устройство с разделами можно зашифровать целиком на месте (с помощью одного мастер-ключа), только если это диск, где установлена Windows и с которого она загружается.\n\nЕсли вы хотите зашифровать выбранное несисемное устройство с помощью одного мастер-ключа, сначала потребуется удалить все разделы на этом устройстве, чтобы VeraCrypt смог его безопасно отформатировать (форматирование устройства с разделами может повлечь нестабильность системы и/или повреждение данных). Другой вариант -- зашифровать отдельно каждый раздел на диске (используя индивидуальные мастер-ключи).\n\nПримечание: чтобы удалить все разделы с диска GPT, его нужно преобразовать в диск MBR (например, с помощью инструмента Computer Management) для удаления скрытых разделов. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + Выбранный раздел не содержит файловой системы NTFS. Для шифрования 'на месте' подходят только разделы с NTFS.\n\nПричина: Windows не поддерживает сжатие файловых систем других типов (что требуется для высвобождения места под заголовок тома и его резервную копию). + Выбранный раздел не содержит файловой системы NTFS. Для шифрования 'на месте' подходят только разделы с NTFS.\n\nЕсли вы хотите создать зашифрованный том VeraCrypt внутри этого раздела, выберите "Создать и отформатировать зашифрованный том" (а не "Зашифровать раздел на месте"). + ОШИБКА: Раздел слишком мал. VeraCrypt не может зашифровать его 'на месте'. + Чтобы зашифровать данные на этом разделе, сделайте следующее:\n\n1) Создайте том VeraCrypt на пустом разделе/устройстве и смонтируйте его.\n\n2) Скопируйте все файлы с раздела, который вы хотите зашифровать, на смонтированный том VeraCrypt (созданный на этапе 1). Так вы создадите зашифрованную резервную копию данных.\n\n3) Создайте том VeraCrypt на разделе, который хотите зашифровать, и убедитесь (в мастере VeraCrypt), что выбрали опцию "Создать зашифрованный том и отформатировать его" (а не опцию "Зашифровать раздел на месте"). Учтите, что все данные на этом разделе будут удалены. Создав том, смонтируйте его.\n\n4) Скопируйте все файлы со смонтированного тома VeraCrypt с копией данных (созданного на этапе 1) на смонтированный том VeraCrypt, созданный на этапе 3.\n\nПо окончании этих операций данные будут зашифрованы, плюс с них будет сделана зашифрованная резервная копия. + Шифрование 'на месте' возможно только для раздела, динамического тома или всего системного диска.\n\nЕсли вы хотите создать зашифрованный том VeraCrypt на выбранном несистемном устройстве, выберите опцию "Создать зашифрованный том и отформатировать его" (а не опцию "Зашифровать раздел на месте"). + ОШИБКА: Шифрование 'на месте' возможно только для раздела, динамического тома или всего системного диска. Убедитесь в правильности указанного пути. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + На диске %s свободно %.2f байт + На диске %s свободно %.2f Кб + На диске %s свободно %.2f Мб + На диске %s свободно %.2f Гб + На диске %s свободно %.2f Тб + На диске %s свободно %.2f Пб + Невозможно получить доступные буквы дисков. + ОШИБКА: Не найден драйвер VeraCrypt.\n\nСкопируйте файлы 'veracrypt.sys' и 'veracrypt-x64.sys' в папку, где находится программа VeraCrypt (файл VeraCrypt.exe). + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Ошибка инициализации шифра. + Ошибка: слабый или потенциально слабый ключ! Этот ключ не принят. Повторите попытку. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + Критическая ошибка в системе, работа VeraCrypt будет прервана.\n\nЭта ошибка произошла не по вине VeraCrypt (поэтому разработчики VeraCrypt не могут её исправить). Проверьте свою систему на предмет возможных проблем (например, системную конфигурацию, подключение к сети, сбои аппаратуры). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + Критическая ошибка VeraCrypt + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Шифрация + &Дешифрация + Д&ешифровать перманентно + Выход + Создайте логический диск для этого расширенного раздела и повторите попытку. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Зашифрованный том VeraCrypt на основе устройства можно создавать внутри раздела жёсткого диска, на твердотельном диске, флэш-накопителе USB и других устройствах хранения данных. Разделы также можно шифровать на месте.\n\nКроме того, зашифрованные тома VeraCrypt на основе устройств можно создавать внутри устройств, не содержащих разделов (включая жёсткие диски и твердотельные накопители).\n\nПримечание: устройство, содержащее разделы, можно зашифровать целиком на месте (используя один ключ), только если с него загружается Windows. + Том VeraCrypt на основе устройства можно создавать внутри раздела жёсткого диска, на твердотельном диске, флэш-накопителе USB и других устройствах хранения данных.\n\nВНИМАНИЕ: Раздел/диск будет отформатирован, а все имеющиеся на нём данные - уничтожены. + \nВыберите размещение для создаваемого внешнего тома (внутри этого тома затем будет создан скрытый том).\n\nВнешние тома можно создавать внутри разделов жёстких дисков, на твердотельных дисках, флэш-накопителях USB и других устройствах хранения данных. Внешние тома также можно создавать внутри устройств, не содержащих разделов (включая жёсткие диски и твердотельные накопители).\n\nВНИМАНИЕ: Раздел/диск будет отформатирован, а все имеющиеся на нём данные - уничтожены. + Выберите размещение тома VeraCrypt, внутри которого вы хотите создать скрытый том. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + Ошибка! Невозможно смонтировать том. Хост-файл/устройство уже используется. Попытка монтирования без исключительного доступа также потерпела неудачу. + Невозможно открыть файл. + Размещение тома + Большие файлы + Собираетесь ли вы хранить в этом томе VeraCrypt файлы размером более 4 Гбайт? + В зависимости от вашего ответа VeraCrypt выберет для тома подходящую файловую систему (выбор файловой системы будет вам предложен на следующем этапе). + Так как вы создаёте внешний том, следует ответить 'Нет'. Иначе ФС по умолчанию будет NTFS, что для внешних томов хуже, чем FAT (так, максимально возможный размер скрытого тома будет существенно больше, если внешний том -- FAT). Обычно FAT это ФС по умолчанию как для скрытых, так и для обычных томов (тома FAT не вызывают подозрений). Однако если нужно хранить файлы размером более 4 Гбайт (что в FAT недопустимо), то FAT не будет ФС по умолчанию. + Вы действительно хотите ответить 'Да'? + Режим создания тома + Это самый быстрый способ создания тома VeraCrypt на основе раздела или устройства (шифрование на месте медленнее, так как содержимое каждого сектора сначала считывается, шифруется и затем записывается). Все данные на выбранном разделе/устройстве будут уничтожены (эти данные НЕ шифруются; они перезаписываются случайными данными). Если вам нужно зашифровать данные, имеющиеся в разделе, выберите другой вариант. + Весь выбранный раздел со всеми имеющимися в нём данными будет зашифрован на месте. Если раздел пуст, вам следует выбрать другой вариант (создание тома протекает гораздо быстрее). + Примечание: + Возо&бновить + О&тложить + &Старт + Продол&жить + &Разметить + &Затереть + Прервать форматирование? + Тўлиқрок + Больше не показывать + Содержимое раздела/устройства успешно удалено (затёрто). + Содержимое раздела с исходной системой (клоном которой является скрытая система) успешно удалено (затёрто). + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + Системный раздел/диск успешно дешифрован. + \n\nТом VeraCrypt создан и готов к использованию.\n\nЕсли вы хотите создать ещё один том VeraCrypt, нажмите кнопку 'Далее'. Иначе нажмите 'Выход'. + \n\nСкрытый том VeraCrypt успешно создан (внутри него будет находиться скрытая операционная система).\n\nНажмите 'Далее' для продолжения. + Том полностью зашифрован + Volume Fully Decrypted + ВАЖНО: ДЛЯ МОНТИРОВАНИЯ ЭТОГО ТОМА VERACRYPT И ДОСТУПА К СОДЕРЖАЩИМСЯ В НЁМ ДАННЫМ НАЖМИТЕ 'Автомонтирование' В ГЛАВНОМ ОКНЕ VERACRYPT. После ввода правильного пароля (и/или ключевых файлов) том будет смонтирован на букву диска, выбранную вами в главном окне VeraCrypt (доступ к зашифрованным данным будет по этой букве диска).\n\nЗАПОМНИТЕ ИЛИ ЗАПИШИТЕ ЭТАПЫ ВЫШЕ. ВЫ ДОЛЖНЫ ИМ СЛЕДОВАТЬ ДЛЯ МОНТИРОВАНИЯ ТОМА И ДОСТУПА К ЕГО ДАННЫМ. Другой способ: нажмите кнопку 'Устройство' в главном окне VeraCrypt, выберите этот раздел/том и нажмите 'Смонтировать'.\n\nРаздел/том успешно зашифрован (сейчас он содержит полностью зашифрованный том VeraCrypt) и готов к использованию. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + Том VeraCrypt успешно создан. + Том создан + ВАЖНО: Хаотично перемещайте мышь внутри этого окна. Чем дольше, тем лучше. Это значительно увеличит криптостойкость ключей шифрования. Затем нажмите 'Разметить', чтобы создать том. + Нажмите 'Разметить', чтобы создать внешний том. Подробности см. в документации. + Форматирование внешнего тома + Форматирование скрытого тома + Форматирование тома + Для просмотра или печати Руководства пользователя требуется программа Adobe Reader (или совместимая с ней). Adobe Reader можно загрузить (бесплатно) с сайта www.adobe.com\n\nХотите вместо этого просмотреть онлайн-документацию? + Если выбрать эту опцию, мастер сначала поможет вам создать обычный том VeraCrypt, а затем внутри него - скрытый том. Этот вариант предназначен для пользователей-новичков. + Выберите эту опцию, чтобы создать скрытый том внутри уже имеющегося тома VeraCrypt (т.е. у вас уже должен быть ранее созданный том VeraCrypt, пригодный для хранения скрытого тома). + Режим создания тома + Скрытый том создан + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + Вы запустили скрытую операционную систему. Как вы могли заметить, скрытая ОС выглядит так, как будто она установлена на том же разделе, что и исходная ОС. Однако на самом деле эта ОС установлена внутри раздела позади неё (в скрытом томе). Все операции чтения и записи прозрачно перенаправляются из системного раздела в скрытый том.\n\nНи операционная система, ни приложения не будут знать, что данные, записываемые и читаемые в системном разделе, в действительности записываются и читаются в разделе позади него (в скрытом томе). Любые такие данные шифруются и расшифровываются на лету как обычно (с ключом шифрования, отличным от используемого для обманной ОС).\n\n\nНажмите 'Далее' для продолжения. + Внешний том создан и смонтирован как диск %hc:. Скопируйте в этот внешний том какие-нибудь осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ нужно. Они понадобятся для демонстрации, если вас вынудят сообщить пароль от первого раздела позади системного, где будут расположены внешний том и скрытый том (со скрытой ОС). Вы сможете открыть пароль от этого внешнего тома, а существование скрытого тома (и скрытой ОС) останется в тайне.\n\nВАЖНО: Файлы, копируемые во внешний том, не должны занимать больше, чем %s. В противном случае на внешнем томе может оказаться недостаточно свободного места для скрытого тома (и вы не сможете продолжить). Когда закончите копирование, нажмите 'Далее' (не размонтируйте том). + Внешний том успешно создан и смонтирован как диск %hc:. В этот том сейчас следует скопировать какие-нибудь осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ нужно, чтобы ввести в заблуждение неприятеля, если он вынудит вас сообщить пароль. В этом случае вы скажете только пароль для этого внешнего тома, но не для скрытого. Действительно ценные для вас файлы будут храниться в скрытом томе, создаваемом позже. Когда закончите копировать файлы, нажмите 'Далее'. Не размонтируйте этот том. ПРИМЕЧАНИЕ: Нажатие 'Далее' запустит сканирование карты кластеров внешнего тома для выяснения размера непрерывной свободной области, конец которой станет концом тома. Этот участок будет приспособлен под скрытый том, т.е. именно им определяется его максимально возможный размер. Сканирование карты кластеров гарантирует, что никакие данные во внешнем томе не будут перезаписаны скрытым томом. + Содержимое внешнего тома + \n\nНа следующих экранах мастера установите параметры для внешнего тома (внутри которого затем будет создан скрытый том). + \n\nНа следующих этапах вы создадите так называемый внешний том VeraCrypt внутри первого раздела за системным разделом (как это было объяснено на одном из предыдущих этапов). + Внешний том + На следующих этапах потребуется установить параметры и пароль для скрытого тома, который будет содержать скрытую ОС. Примечание: для определения размера непрерывной незанятой области, окончание которой будет выровнено по концу внешнего тома, выполняется сканирование его карты кластеров. Эта область будет подогнана для скрытого тома, чтобы его границы не превышали максимально возможный размер. Максимально возможный размер скрытого тома определён и он гарантированно больше, чем у системного раздела (это необходимо, поскольку всё содержимое системного раздела должно быть скопировано в скрытый том). Т.е. никакие данные, находящиеся в данный момент во внешнем томе, не будут перезаписаны данными, записанными в область скрытого тома. + ВАЖНО: Запомните алгоритмы, которые вы сейчас выбираете. Вам потребуется выбрать те же алгоритмы для обманной ОС. В противном случае скрытая система будет недоступна! (Обманная система должна быть зашифрована тем же алгоритмом, что и скрытая.)\n\nПримечание: причина в том, что обманная и скрытая системы используют один и тот же загрузчик, поддерживающий лишь алгоритм, выбранный пользователем (для каждого алгоритма имеется своя версия загрузчика VeraCrypt). + \n\nКарта кластеров тома просмотрена, максимально возможный размер скрытого тома определён. На следующих экранах мастера вам нужно будет выбрать параметры, размер и пароль для скрытого тома. + Скрытый том + Теперь скрытый том защищён от повреждений до размонтирования внешнего тома.\n\nВНИМАНИЕ: При попытке записи данных в область скрытого тома, VeraCrypt запретит запись на весь том (внешний и скрытый) до его размонтирования, так как это может повредить файловую систему внешнего тома, что, в свою очередь, негативно отразится на правдоподобности отрицания наличия скрытого тома. Поэтому вам следует всячески препятствовать записи в область, где находится скрытый том. Любые данные, записываемые в область, занимаемую скрытым томом, будут ПОТЕРЯНЫ. Windows может сообщать об этом как об ошибке отложенной записи или неверном параметре. + Все скрытые тома в заново смонтированных томах защищены от повреждений до размонтирования.\n\nВНИМАНИЕ: При попытке записи данных в область скрытого тома, VeraCrypt запретит запись на весь том (внешний и скрытый) до его размонтирования, так как это может повредить файловую систему внешнего тома, что, в свою очередь, негативно отразится на правдоподобности отрицания наличия скрытого тома. Поэтому вам следует всячески препятствовать записи в область, где находится скрытый том. Любые данные, записываемые в область, занимаемую скрытым томом, будут ПОТЕРЯНЫ. Windows может сообщать об этом как об ошибке отложенной записи или неверном параметре. + ВНИМАНИЕ: Попытка записи данных в область скрытого тома в томе, смонтированном как %c:! Для защиты скрытого тома запись этих данных была запрещена. Это могло бы повредить файловую систему внешнего тома, Windows может сообщать об ошибке отложенной записи или неверном параметре. Запись на весь том (внешнюю и скрытую части) запрещена до его размонтирования. Если VeraCrypt не в первый раз препятствует записи в область скрытого тома в данном томе, это может неблагоприятно сказаться на правдоподобности отрицания наличия скрытого тома (из-за возможных странных несоответствий в файловой системе внешнего тома). Поэтому имеет смысл создать новый том VeraCrypt (с выключенным быстрым форматированием) и перенести файлы из этого тома во вновь созданный; этот том следует затем надёжно затереть (его внешнюю и внутреннюю части). Сейчас настоятельно рекомендуется перезагрузить операционную систему. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + В целях безопасности, когда запущена скрытая ОС, локальные незашифрованные файловые системы и не скрытые тома VeraCrypt монтируются как 'только для чтения' (т.е. в такие файловые системы или тома VeraCrypt не может быть записано никаких данных).\n\nДанные разрешается записывать лишь в файловые системы внутри скрытого тома VeraCrypt (при условии, что скрытый том расположен не в контейнере, находящемся на незашифрованной файловой системе или на любой другой файловой системе только для чтения). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Примечание: если нужно безопасно перенести файлы из обманной системы в скрытую, выполните следующее: 1) Загрузите обманную систему. 2) Сохраните нужные вам файлы на незашифрованном томе или на внешнем/обычном томе VeraCrypt. 3) Загрузите скрытую систему. 4) Если вы сохранили файлы на томе VeraCrypt, смонтируйте его (он будет автоматически смонтирован как 'только для чтения'). 5) Скопируйте файлы в скрытый системный раздел или в другой скрытый том. + Требуется перезагрузить компьютер.\n\nХотите перезагрузить его сейчас? + Ошибка получения состояния системного шифрования. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Невозможно инициализировать компоненты приложения для системного шифрования. + Ошибка инициализации генератора случайных чисел. + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Ошибка инициализации приложения. Невозможно зарегистрировать класс Dialog. + Ошибка загрузки системной библиотеки Rich Edit. + Мастер создания томов VeraCrypt + Максимальный размер скрытого тома для этого тома: %.2f байт + Максимальный размер скрытого тома для этого тома: %.2f Кб + Максимальный размер скрытого тома для этого тома: %.2f Мб + Максимальный размер скрытого тома для этого тома: %.2f Гб. + Максимальный размер скрытого тома для этого тома: %.2f Tб. + Пока том смонтирован, изменять пароль/ключевые файлы этого тома невозможно. Сначала необходимо размонтировать том. + Пока том смонтирован, изменять алгоритм деривации ключа заголовка этого тома невозможно. Сначала необходимо размонтировать том. + У&ламоқ + Для монтирования этого тома требуется более новая версия VeraCrypt. + Ошибка! Не найден мастер создания томов.\n\nПроверьте, имеется ли в папке, откуда был запущен файл 'VeraCrypt.exe', файл 'VeraCrypt Format.exe'. Если его там нет, переустановите VeraCrypt или найдите на жёстком диске файл 'VeraCrypt Format.exe' и запустите его. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Далее > + &Готово + &Установить + &Извлечь + Не удалось подключиться к драйверу устройств VeraCrypt. Если драйвер не запущен, работа VeraCrypt невозможна.\n\nИз-за особенностей Windows, для загрузки драйвера сначала может потребоваться завершение сеанса или перезагрузка системы. + Ошибка загрузки/подготовки шрифтов. + Буква диска не найдена, либо она не была указана. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Буква диска недоступна. + Не выбран файл. + Нет доступных букв дисков. + Нет незанятой буквы диска для внешнего тома. Создание тома не может быть продолжено. + Не удалось определить версию ОС, либо вы используете неподдерживаемую ОС. + Не указан путь. + Недостаточно свободного места для скрытого тома. Продолжить создание тома невозможно. + ОШИБКА: Скопированные во внешний том файлы занимают слишком много места. Из-за этого во внешнем томе недостаточно свободного места под скрытый том.\n\nОбратите внимание, что скрытый том должен быть не меньше системного раздела (т.е. раздела, где установлена работающая сейчас операционная система). Причина в том, что при создании скрытой ОС выполняется копирование в скрытый том содержимого системного раздела.\n\n\nПродолжение создания скрытой операционной системы невозможно. + Драйвер не может размонтировать том. Вероятно, на этом томе имеются открытые файлы. + Невозможно заблокировать том. На этом томе имеются открытые файлы, поэтому его нельзя размонтировать. + VeraCrypt не может заблокировать том, так как он используется системой или приложениями (возможно, открыты находящиеся на этом томе файлы).\n\nВы настаиваете на принудительном размонтировании этого тома? + Выберите том VeraCrypt + Укажите путь и имя файла + Выберите библиотеку PKCS #11 + Мало памяти + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + ВНИМАНИЕ: Файл '%s' уже существует!\n\nВАЖНО: VERACRYPT НЕ БУДЕТ ШИФРОВАТЬ ЭТОТ ФАЙЛ, ОН ЕГО УДАЛИТ.\n\nВы действительно хотите удалить этот файл и заменить его новым контейнером VeraCrypt? + ОСТОРОЖНО: ВСЕ ДАННЫЕ, КОТОРЫЕ СОДЕРЖИТ %s '%s'%s, БУДУТ УНИЧТОЖЕНЫ (А НЕ ЗАШИФРОВАНЫ)!\n\nВы настаиваете на форматировании? + ВНИМАНИЕ: Монтирование тома и доступ к хранящимся на нём файлам невозможны, пока том не будет полностью зашифрован.\n\nВы действительно хотите приступить к шифрованию %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + ВНИМАНИЕ: Учтите, что неожиданное пропадание электропитания во время шифрования имеющихся данных 'на месте' или сбой операционной системы из-за программной/аппаратной ошибки может привести к частичному повреждению или потере данных. Поэтому прежде чем приступить к шифрованию, сделайте резервную копию файлов, которые вы хотите зашифровать.\n\nВы сделали такую резервную копию? + ОСТОРОЖНО: ВСЕ ФАЙЛЫ НА РАЗДЕЛЕ '%s'%s (Т.Е. НА ПЕРВОМ РАЗДЕЛЕ ЗА СИСТЕМНЫМ) БУДУТ УНИЧТОЖЕНЫ (ОНИ НЕ БУДУТ ЗАШИФРОВАНЫ)!\n\nВы действительно настаиваете на форматировании? + ВНИМАНИЕ: ВЫБРАННЫЙ РАЗДЕЛ СОДЕРЖИТ БОЛЬШОЙ ОБЪЁМ ДАННЫХ! Все файлы на этом разделе будут удалены (они НЕ будут зашифрованы)! + Стереть файлы на разделе при создании тома VeraCrypt внутри него + Пароль + PIM + Алгоритм деривации ключа заголовка + Добавление/удаление ключевых файлов в/из том(а) + Удаление всех ключевых файлов из тома + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + ВАЖНО: Если вы не уничтожили свой диск восстановления VeraCrypt (Rescue Disk), ваш системный раздел/диск по-прежнему можно расшифровать с помощью старого пароля (загрузившись с диска восстановления VeraCrypt и введя старый пароль). Вам следует создать новый диск восстановления VeraCrypt, после чего уничтожить старый.\n\nХотите создать новый диск восстановления VeraCrypt? + Обратите внимание, что ваш диск восстановления VeraCrypt (Rescue Disk) всё ещё использует прежний алгоритм. Если вы считаете этот алгоритм недостаточно надёжным, создайте новый диск восстановления VeraCrypt, после чего уничтожьте старый.\n\nХотите создать новый диск восстановления VeraCrypt? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Ключевые файлы успешно добавлены/удалены. + Ключевой файл экспортирован. + Алгоритм деривации ключа заголовка успешно установлен. + Введите пароль и/или ключевые файлы для несистемного тома, где вы хотите возобновить шифрование 'на месте'.\n\n\nПримечание: после нажатия 'Далее' VeraCrypt попытается найти все несистемные тома, на которых был прерван процесс шифрования, и где можно расшифровать заголовок тома VeraCrypt с помощью указанного пароля и/или ключевых файлов. Если таких томов окажется несколько, на следующем этапе вам будет нужно выбрать один из них. + Выберите один из перечисленных томов. Это несистемные тома с прерванным процессом шифрования, заголовок которых удалось расшифровать с помощью указанного пароля и/или ключевых файлов. + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + Очень важно выбрать хороший пароль. Избегайте указывать пароли из одного или нескольких слов, которые можно найти в словаре (или комбинаций из 2, 3 или 4 таких слов). Пароль не должен содержать имён или дат рождения. Он должен быть труден для угадывания. Хороший пароль -- случайная комбинация прописных и строчных букв, цифр и особых символов (@ ^ = $ * + и т.д.).\n\nРекомендуем выбирать пароли, состоящие более чем из 20 знаков (чем длиннее, тем лучше). Макс. длина -- 64 символа. + Выберите пароль для скрытого тома. + Выберите пароль для скрытой операционной системы (т.е. для скрытого тома). + ВАЖНО: Выбираемый на этом этапе пароль для скрытой операционной системы должен существенно отличаться от двух других паролей (т.е. от паролей для внешнего тома и для обманной операционной системы). + Введите пароль для тома, внутри которого вы хотите создать скрытый том.\n\nПосле нажатия 'Далее' VeraCrypt попытается смонтировать том, после чего просмотреть карту кластеров смонтированного тома в поиске непрерывной свободной области, в конце которой окажется конец тома. В этой области размещается скрытый том, т.е. она определяет его предельный размер. Просмотр карты нужен для гарантии того, что данные во внешнем томе не будут перезаписаны внутренним томом. + \nВыберите пароль для внешнего тома. Это пароль, который вы сможете выдать противнику, если он вынудит вас это сделать.\n\nВАЖНО: Пароль должен существенно отличаться от того, который вы выберете для скрытого тома.\n\nПримечание: максимальная длина пароля - 64 символа. + Выберите пароль для внешнего тома. Это пароль, который вы сможете выдать каждому, кто вынудит вас сообщить пароль для первого раздела за системным, где будут располагаться внешний том и скрытый том (содержащий скрытую операционную систему). Существование скрытого тома (и скрытой ОС) останется в тайне. Учтите, что это пароль НЕ для обманной операционной системы.\n\nВАЖНО: Пароль должен существенно отличаться от того, который вы выберете для скрытого тома (т.е. для скрытой операционной системы). + Пароль внешнего тома + Пароль скрытого тома + Пароль для скрытой ОС + ВНИМАНИЕ: Короткие пароли легко взломать с помощью техник перебора.\n\nРекомендуется применять пароли из более чем 20 знаков.\n\nВы действительно хотите использовать короткий пароль? + Пароль тома + Неверный пароль, либо это не том VeraCrypt. + Неверные ключевые файлы и/или пароль, либо это не том VeraCrypt. + Неверный режим монтирования, неправильный пароль, либо это не том VeraCrypt. + Неверный режим монтирования, неправильные ключевые файлы и/или пароль, либо это не том VeraCrypt. + Неверный пароль, либо не найден том VeraCrypt. + Неверные ключевые файлы/пароль, либо не найден том VeraCrypt. + \n\nВнимание! Нажата клавиша Caps Lock. Это может привести к неправильному вводу пароля. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + Не найдено ни одного несистемного тома с прерванной операцией шифрования и заголовком, для которого подходит указанный пароль и/или ключевые файлы.\n\nПроверьте, правильно ли указан пароль и/или ключевые файлы, и не используется ли раздел/том системой или приложениями (включая антивирусное ПО). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nПримечание: если вы пытаетесь смонтировать раздел, расположенный на зашифрованном системном диске без предзагрузочной авторизации, или смонтировать зашифрованный системный раздел операционной системы, не выполняемой в данный момент, выберите 'Система' > 'Смонтировать без предзагрузочной авторизации'. + В этом режиме вы не можете монтировать раздел, расположенный на диске, часть которого находится в ключевых пределах шифрования активной системы.\n\nПрежде чем вы сможете смонтировать этот раздел в данном режиме, нужно либо загрузить операционную систему, установленную на другом диске (зашифрованном или нет), либо загрузить незашифрованную ОС. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Назад + Невозможно показать список установленных в системе raw-устройств. + Том '%s' существует и предназначен только для чтения. Вы действительно хотите его заменить? + Выберите папку назначения + Выберите ключевой файл + Выберите путь поиска ключевых файлов. ВНИМАНИЕ: Запоминается только путь, но не имена файлов. + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Авторы: Ross Anderson, Eli Biham и Lars Knudsen. Опубликован в 1998 г. 256-бит ключ, 128-бит блок. Режим работы -- XTS. Алгоритм Serpent -- один из финалистов AES. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Размер внешнего тома + Размер скрытого тома + Проверьте правильность размера выбранного устройства или раздела и нажмите 'Далее'. + Внешний том и скрытый том (содержащий скрытую ОС) будут расположены внутри этого раздела. Это должен быть первый раздел за системным.\n\nПроверьте правильность показанных выше размера и номера раздела, и если всё верно, то нажмите 'Далее'. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Размер тома + Динами- ческий + Внимание! ОШИБКА теста. + Тест всех алгоритмов пройден + Указанное вами число единиц данных слишком длинное или короткое. + Указанный вами вторичный ключ слишком длинный или короткий. + Неверная длина тестового зашифрованного текста. + Неверная длина тестового ключа. + Неверная длина тестового незашифрованного текста. + Два шифра, последовательно оперирующие в режиме XTS. Каждый блок сначала шифруется %s (%d-бит ключ), а затем %s (%d-бит ключ). Каждый шифр применяет свой собственный ключ. Все ключи взаимно независимы. + Три шифра, последовательно оперирующие в режиме XTS. Каждый блок сначала шифруется %s (%d-бит ключ), затем %s (%d-бит ключ), и, наконец, %s (%d-бит ключ). Каждый шифр применяет свой собственный ключ. Все ключи взаимно независимы. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + Переносной диск VeraCrypt + Авторы: Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall и Niels Ferguson. Опубликован в 1998 г. 256-бит ключ, 128-бит блок. Режим работы -- XTS. Twofish -- один из финалистов AES. + Тўлиқрок о %s + Неизвестно + An unspecified or unknown error occurred (%d). + Некоторые тома содержат файлы или папки, используемые приложениями или системой.\n\nНастаиваете на размонтировании? + Раз&монтировать + Ошибка размонтирования. + Том содержит файлы или папки, используемые приложениями или системой.\n\nНастаиваете на размонтировании? + No volume is mounted to the specified drive letter. + Этот том уже смонтирован. + Ошибка при попытке монтирования тома. + Ошибка поиска местоположения внутри тома. + Ошибка: неверный размер тома. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt не может изменить пароль для чуждого ему тома. + Выберите из списка незанятую букву диска. + Выберите в списке букв дисков смонтированный том. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Ошибка! Невозможно создать autorun.inf + Ошибка обработки ключевого файла. + Ошибка обработки пути ключевого файла. + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt не работает в этой операционной системе. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Ошибка! Невозможно распределить память. + Ошибка! Невозможно восстановить значение счётчика производительности. + Ошибка! Плохой формат тома. + Ошибка! Вы указали пароль для скрытого тома (а не для обычного тома). + В целях безопасности, скрытый том нельзя создать внутри тома VeraCrypt, содержащего файловую систему, зашифрованную 'на месте' (поскольку свободное место такого тома не было заполнено случайными данными). + VeraCrypt - Юридические примечания + Все файлы + Тома VeraCrypt + Библиотечные модули + Продолжение NTFS-форматирования невозможно. + Невозможно смонтировать том. + Невозможно размонтировать том. + Windows не может отформатировать этот том как NTFS.\n\nВыберите другой тип файловой системы (если возможно) и повторите попытку. Либо вы можете оставить этот том неформатированным (в поле выбора файловой системы укажите 'Нет'), закрыть окно мастера, смонтировать том, а затем с помощью системной или сторонней утилиты отформатировать смонтированный том (том при этом останется зашифрованным). + Windows не может отформатировать этот том как NTFS.\n\nХотите вместо этого отформатировать том как FAT? + По умолчанию + раздел + РАЗДЕЛ + Устройство + устройство + УСТРОЙСТВО + Том + том + ТОМ + Label + Для этого тома выбран слишком маленький размер кластеров. Будут использованы кластеры большего размера. + Ошибка! Невозможно получить размер тома.\n\nПроверьте, не используется ли выбранный том системой или какой-либо программой. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + Мастер создания томов VeraCrypt способен создавать скрытый том только внутри тома FAT или NTFS. + В среде Windows 2000 мастер создания томов VeraCrypt способен создавать скрытый том только внутри тома FAT. + Примечание: для внешних томов больше подходит система FAT, нежели NTFS (например, максимальный размер скрытого тома почти наверняка будет существенно больше, если внешний том отформатирован как FAT). + Обратите внимание, что для внешних томов больше подходит система FAT, нежели NTFS. Например, максимальный размер скрытого тома почти наверняка будет существенно больше, если внешний том отформатирован как FAT (поскольку NTFS всегда хранит внутренние данные точно в центре тома и потому скрытый том может располагаться только во второй половине внешнего тома).\n\nВы действительно хотите отформатировать внешний том как NTFS? + Хотите вместо этого отформатировать том как FAT? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Ошибка! Раздел для скрытой операционной системы (т.е. для первого раздела за системным) должен быть по крайней мере на 5% больше системного раздела (системный раздел -- тот, где установлена выполняющаяся сейчас ОС). + Ошибка! Раздел для скрытой операционной системы (т.е. для первого раздела за системным) должен быть по крайней мере на 110% (в 2,1 раза) больше системного раздела (системный раздел -- тот, где установлена выполняющаяся сейчас ОС). Причина в том, что файловая система NTFS всегда хранит внутренние данные точно в центре тома, и потому скрытый том (в котором должен содержаться клон системного раздела) может располагаться только во второй половине внешнего тома. + Ошибка! Если внешний том отформатирован как NTFS, он должен быть по крайней мере на 110% (в 2,1 раза) больше системного раздела. Причина в том, что файловая система NTFS всегда хранит внутренние данные точно в центре тома, и потому скрытый том (в котором должен содержаться клон системного раздела) может располагаться только во второй половине внешнего тома.\n\nПримечание: внешний том должен находиться в том же разделе, что и скрытая операционная система (т.е. в первом разделе за системным). + Ошибка! Нет разделов за системным разделом.\n\nПрежде чем можно будет создать скрытую операционную систему, нужно создать для неё раздел на системном диске. Этот раздел должен быть первым за системным, и он должен быть по крайней мере на 5% больше системного раздела (т.е. того, где установлена запущенная сейчас ОС). Однако если внешний том (не путайте с системным разделом) отформатирован как NTFS, раздел для скрытой операционной системы должен быть не менее, чем на 110% (в 2,1 раза) больше системного (причина в том, что файловая система NTFS всегда хранит внутренние данные точно в центре тома, поэтому скрытый том, который должен содержать клон системного раздела, может располагаться только во второй половине раздела). + Замечание: непрактично (и потому это не поддерживается) устанавливать операционные системы в два тома VeraCrypt, встроенных в один раздел, поскольку при использовании внешней ОС часто требуется записывать данные в область внутренней ОС (а если такие операции записи предотвращать с помощью функции защиты скрытых томов, то это может привести к краху системы, т.е. к 'синему экрану смерти'). + Информацию о создании и управлении разделами см. в документации к вашей операционной системе, либо проконсультируйтесь в службе техподдержки поставщика своего компьютера. + Ошибка! Выполняющаяся в данный момент операционная система установлена не в загрузочном разделе (первом разделе с пометкой 'Активный'). Это не поддерживается. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Ошибка! Нет доступа к тому.\n\nПроверьте, существует ли этот том, не смонтирован ли он, не используется ли системой или какой-либо программой, которой вы дали права чтения/записи этого тома, и не защищён ли он от записи. + Error: Cannot obtain volume properties. + Ошибка! Нет доступа к тому и/или невозможно получить сведения о томе.\n\nПроверьте, существует ли выбранный том, не используется ли он системой или приложениями, есть ли у вас права для чтения/записи этого тома, и не защищён ли том от записи. + Ошибка! Нет доступа к тому и/или невозможно получить сведения о томе. Проверьте, существует ли выбранный том, не используется ли он системой или приложениями, есть ли у вас права для чтения/записи этого тома, и не защищён ли том от записи.\n\nЕсли проблема не решается, попробуйте предпринять шаги, указанные ниже. + Зашифровать раздел не удалось из-за ошибки. Попробуйте устранить все ранее указанные проблемы и повторить попытку. Если проблемы не решаются, попробуйте предпринять шаги, указанные ниже. + Продолжить процесс шифровния раздела не удалось из-за ошибки.\n\nПопробуйте устранить все ранее указанные проблемы и снова возобновить процесс шифрования. Учтите, что том нельзя смонтировать до тех пор, пока он не будет полностью зашифрован. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Ошибка! Невозможно размонтировать внешний том.\n\nТом нельзя размонтировать, если он содержит файлы или папки, используемые какой-либо программой или системой.\n\nЗакройте все программы, которые могут использовать файлы и папки на этом томе, и нажмите 'Повтор'. + Ошибка! Невозможно получить информацию о внешнем томе. Создание тома прекращено. + Ошибка! Нет доступа к внешнему тому. Продолжение создания тома невозможно. + Ошибка! Невозможно смонтировать внешний том. Создание тома не может быть продолжено. + Ошибка! Невозможно получить карту кластеров тома. Создание тома не может быть продолжено. + По алфавиту/категориям + Средняя скорость (убывание) + Алгоритм + Шифрование + Дешифрование + Среднее + Диск + Размер + Шифрлаш алгоритми + Шифрлаш алгоритми + Тури + Значение + Свойство + Размещение + байт + Скрытый + Внешний + Обычный + Системный + Скрытый (системный) + Только для чтения + Системный диск + Системный диск (шифрование - %.2f%% готово) + Системный диск (дешифрование - %.2f%% готово) + Системный диск (%.2f%% зашифровано) + Системный раздел + Скрытый системный раздел + Системный раздел (шифрование - %.2f%% готово) + Системный раздел (дешифрование - %.2f%% готово) + Системный раздел (%.2f%% зашифровано) + Да (защита от повреждений!) + Нет + Длина первичного ключа + Длина вторичного ключа (XTS-режим) + Длина Tweak-ключа (LRW-режим) + бит + Размер блока + PKCS-5 PRF + Число итераций PKCS-5 + Том создан + Последнее изменение заголовка + (прошло дней: %I64d) + Версия формата тома + Встроенная копия заголовка + VeraCrypt Boot Loader Version + 1-ая доступная + Сменный диск + Жёсткий диск + Не изменять + Autodetection + Режим мастера + Выберите режим. Если не знаете, какой выбрать, используйте предложенный. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Параметры установки + Здесь можно выбрать различные параметры, влияющие на установку программы. + Установка + Подождите, идёт установка VeraCrypt. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Параметры извлечения + Здесь можно выбрать различные параметры, влияющие на извлечение файлов. + Подождите, идёт извлечение файлов. + Files successfully extracted + Все файлы успешно извлечены в указанное место назначения. + Если указанной папки не существует, она будет создана автоматически. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Показать примечания к текущей (последней стабильной) версии VeraCrypt? + Если вы никогда ранее не работали с VeraCrypt, рекомендуется ознакомиться с разделом для новичков в Руководстве пользователя VeraCrypt. Хотите прочитать документацию? + Выберите желаемое действие: + Восстановить/переустановить + Upgrade + Удалить + Для установки/удаления VeraCrypt необходимо иметь права Администратора. Хотите продолжить? + В этой системе сейчас запущен инсталлятор VeraCrypt. Он выполняет/готовит установку или обновление VeraCrypt. Дождитесь завершения его работы или закройте его. Если закрыть инсталлятор не получается, перезагрузите компьютер и лишь потом продолжите. + Установка не выполнена. + Удаление не выполнено. + Этот дистрибутивный пакет повреждён. Загрузите его снова (желательно с официального сайта VeraCrypt - https://veracrypt.codeplex.com). + Невозможно записать файл %s + Извлечение + Невозможно прочитать данные из дистрибутива. + Невозможно проверить целостность этого дистрибутивного пакета. + Извлечение не выполнено. + Установка возвращена назад. + Программа VeraCrypt успешно установлена. + Программа VeraCrypt успешно обновлена. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + Программа VeraCrypt успешно удалена.\n\nНажмите 'Готово', чтобы удалить инсталлятор VeraCrypt и папку %s. Папка не будет удалена, если в ней содержатся какие-либо файлы, созданные не инсталлятором и не самой программой VeraCrypt. + Удаление записей VeraCrypt в реестре + Добавление элемента в реестр + Удаление относящихся к программе данных + Установка + Остановка + Удаление + Добавление значка + Создание точки восстановления системы + Ошибка создания точки восстановления системы. + Обновление загрузчика + Установка '%s' не выполнена. %s Продолжить установку? + Удаление '%s' не выполнено. %s Продолжить удаление? + Установка завершена. + Не удалось создать папку '%s' + Невозможно выгрузить драйвер VeraCrypt.\n\nСначала закройте все открытые окна VeraCrypt. Если это не поможет, перезагрузите Windows и попробуйте ещё раз. + Прежде чем продолжить установку или удаление VeraCrypt, нужно размонтировать все VeraCrypt-тома. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + Ошибка установки элементов в реестре + Ошибка установки драйвера устройства. Перезагрузите Windows и попробуйте установить VeraCrypt ещё раз. + Запуск драйвера VeraCrypt + Ошибка удаления драйвера устройств. Обратите внимание, что из-за особенностей Windows для удаления (или переустановки) драйвера может потребоваться завершить сеанс работы или перезагрузить систему. + Установка драйвера VeraCrypt + Остановка драйвера VeraCrypt + Удаление драйвера VeraCrypt + Ошибка регистрации библиотеки поддержки управления учётными записями пользователей (User Account Control). + Ошибка отмены регистрации библиотеки поддержки управления учётными записями пользователей (User Account Control). + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + ВНИМАНИЕ: Эта копия мастера создания томов имеет административные привилегии.\n\nНовый том может быть создан с правами, которые не позволят вам записывать в него данные, когда он будет смонтирован. Если вы хотите этого избежать, закройте эту копию мастера создания томов и запустите другую, без административных привилегий.\n\nХотите закрыть эту копию мастера создания томов? + Ошибка вывода лицензии. + Внешний(!) + дн. + час + мин + c + Открыть + Размонтировать + Показать VeraCrypt + Скрыть VeraCrypt + Считано данных после монтирования + Записано данных после монтирования + Зашифрованная часть + 100% (полностью зашифровано) + 0% (не зашифровано) + %.3f%% + 100% + Ожидание + Подготовка + Изменение размера + Шифрация + Дешифрация + Завершение + Пауза + Завершено + Ошибка + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Введите пароль для %s + Enter password for '%s' + Введите пароль для обычного/внешнего тома + Введите пароль для скрытого тома + Введите пароль для заголовка в файле резервной копии + Ключевой файл успешно создан. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + ВНИМАНИЕ: Заголовок этого тома повреждён! VeraCrypt автоматически задействовал резервную копию заголовка, встроенную в том.\n\nВам следует исправить заголовок, выбрав 'Сервис' > 'Восстановить заголовок тома'. + Резервная копия заголовка тома успешно создана.\n\nВАЖНО: При восстановлении заголовка из этой резервной копии также будет восстановлен и текущий пароль тома. Более того, если для монтирования тома требуются ключевые файлы, после восстановления заголовка из копии для монтирования тома понадобятся те же ключевые файлы.\n\nВНИМАНИЕ: Эту копию заголовка тома можно использовать для восстановления заголовка ТОЛЬКО этого конкретного тома. Если применить эту копию для восстановления заголовка другого тома, смонтировать том вы сможете, но вам НЕ удастся расшифровать никаких данных, хранящихся в этом томе (так как это изменит его мастер-ключ). + Заголовок тома успешно восстановлен.\n\nВАЖНО: Имейте в виду, что вместе с заголовком также был восстановлен и прежний пароль. Более того, если на момент создания резервной копии для монтирования тома также требовались ключевые файлы, эти же ключевые файлы понадобятся для монтирования данного тома сейчас. + В целях безопасности вам будет нужно ввести для этого тома правильный пароль (и/или предоставить корректные ключевые файлы).\n\nПримечание: если в этом томе содержится скрытый том, сначала нужно ввести правильный пароль (и/или предоставить корректные ключевые файлы) для внешнего тома. Затем, если вы выбрали резервное копирование заголовка скрытого тома, нужно будет указать правильный пароль (и/или предоставить корректные ключевые файлы) для скрытого тома. + Вы действительно хотите создать резервную копию заголовка тома для %s?\n\nПри выборе 'Да' вам потребуется указать имя файла для резервной копии заголовка.\n\nПримечание: оба заголовка -- для обычного и скрытого томов -- будут повторно зашифрованы с использованием новой 'соли' и сохранены в файле резервной копии. Если внутри этого тома нет скрытого тома, область, зарезервированная в резервной копии под заголовок скрытого тома, будет заполнена случайными данными (для сохранения возможности правдоподобного отрицания). При восстановлении заголовка тома из файла резервной копии вам потребуется ввести правильный пароль и/или предоставить корректные ключевые файлы, действительные на момент создания резервной копии заголовка тома. По паролю (и/или ключевым файлам) также будет автоматически определяться тип заголовка тома для восстановления -- обычный или скрытый (учтите, что VeraCrypt определяет тип методом проб и ошибок). + Вы действительно хотите восстановить заголовок тома %s?\n\nВНИМАНИЕ: При восстановлении заголовка также будет восстановлен пароль тома, который действовал на момент изготовления резервной копии. Более того, если на момент создания резервной копии для монтирования тома также требовались ключевые файлы, после восстановления заголовка для монтирования данного тома понадобятся эти же ключевые файлы.\n\nНажмите 'Да', чтобы выбрать файл с резервной копией заголовка. + Имеется ли в томе скрытый том? + В томе имеется скрытый том + В томе нет скрытого тома + Выберите нужный вам тип резервной копии заголовка тома: + Восстановить заголовок тома из копии, встроенной в том + Восстановить заголовок тома из внешнего файла резервной копии + Неверный размер файла с резервной копией заголовка тома. + В этом томе нет встроенной копии заголовка (учтите, что встроенные копии заголовков содержат только тома, созданные VeraCrypt 6.0 или новее). + Вы пытаетесь сделать резервную копию заголовка системного раздела/диска. Это не разрешено. Операции резервного копирования/восстановления, относящиеся к системному разделу/диску, можно выполнять только с помощью диска восстановления VeraCrypt (Rescue Disk).\n\nСоздать диск восстановления VeraCrypt? + Вы пытаетесь восстановить из резервной копии заголовок виртуального тома VeraCrypt, но выбрали системный раздел/диск. Это не разрешено. Операции резервного копирования/восстановления, относящиеся к системному разделу/диску, можно выполнять только с помощью диска восстановления VeraCrypt (Rescue Disk).\n\nСоздать диск восстановления VeraCrypt? + После нажатия OK выберите имя файла для ISO-образа нового диска восстановления VeraCrypt (Rescue Disk) и место, где его нужно сохранить. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Чтобы проверить диск восстановления VeraCrypt, вставьте его в CD/DVD-накопитель и нажмите OK. + Диск восстановления VeraCrypt успешно прошёл проверку. + Невозможно проверить правильность записи диска восстановления.\n\nЕсли вы записали диск восстановления, выньте CD/DVD из накопителя и вставьте снова; затем нажмите 'Далее', чтобы повторить попытку. Если это не поможет, попробуйте воспользоваться другим ПО для записи CD/DVD и/или другим CD/DVD.\n\nЕсли вы пытались проверить диск восстановления VeraCrypt, созданный с другим мастер-ключом, паролем, 'солью' и т.д., знайте, что такой диск восстановления не пройдёт эту проверку никогда. Чтобы создать новый диск восстановления, полностью совместимый с текущей конфигурацией, выберите меню 'Система' > 'Создать диск восстановления'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Ошибка создания диска аварийного восстановления VeraCrypt. + Диск восстановления VeraCrypt нельзя создавать при запущенной скрытой операционной системе.\n\nЧтобы создать диск восстановления, загрузите обманную операционную систему, а затем выберите 'Система' > 'Создать диск восстановления'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Прежде чем продолжить, размонтируйте том. + ОШИБКА: Невозможно установить таймер. + Проверка файловой системы + Ремонт файловой системы + Add to Favorites... + Add to System Favorites... + P&roperties... + Скрытый том защищён + Н/П + Да + Нет + Disabled + 1 + 2 и более + Режим операции + Метка: + Размер: + Путь: + Буква диска: + Ошибка! Пароль должен содержать только символы стандартного набора ASCII.\n\nСимволы не из набора ASCII могут привести к невозможности монтирования тома при смене настроек в конфигурации системы.\n\nРазрешается использовать следующие символы:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Внимание! Пароль содержит не-ASCII символы. Это может привести к невозможности монтирования тома при смене конфигурации системы.\n\nВам следует заменить все не-ASCII символы в пароле на символы ASCII. Для этого щёлкните на меню 'Тома' -> 'Изменить пароль тома'.\n\nК символам ASCII относятся:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Домашняя страница + ВНИМАНИЕ: В системе не установлено ни одного пакета обновлений (Service Pack) Windows. Если в Windows XP не установлен Service Pack 1 (или новее), не следует выполнять запись на диски IDE объёмом более 128 Гб, иначе возможно повреждение данных (неважно, относятся они к тому VeraCrypt или нет). Это ограничение Windows, а не ошибка в VeraCrypt. + ВНИМАНИЕ: В системе не установлен пакет обновлений Windows Service Pack 3 (или новее). Если в Windows 2000 не установлен Service Pack 3 (или новее), не следует выполнять запись на диски IDE объёмом более 128 Гб, иначе возможно повреждение данных (неважно, относятся они к тому VeraCrypt или нет). Это ограничение Windows, а не ошибка в VeraCrypt. Кроме того, может потребоваться включить в реестре поддержку 48-бит адресации LBA; подробности см. на http://support.microsoft.com/kb/305098/EN-US + ВНИМАНИЕ: В вашей системе отключена поддержка 48-бит LBA ATAPI. Поэтому вам не следует выполнять запись на IDE-диски объёмом более 128 Гбайт! В противном случае это может привести к повреждению данных на диске (будь это том VeraCrypt или обычный раздел). Это ограничение Windows, никакого отношения к VeraCrypt не имеющее.\n\nЧтобы включить поддержку 48-бит режима LBA, добавьте в реестр в ключ HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters значение 'EnableBigLba' и установите его значение в 1.\n\nСм. подробности тут: http://support.microsoft.com/kb/305098 + ОШИБКА: Файлы объёмом более 4 Гб нельзя сохранять в файловой системе FAT32. Поэтому тома VeraCrypt на основе файлов (контейнеры), хранящиеся в файловой системе FAT32, не могут быть больше 4 Гб.\n\nЕсли вам нужен том большего объёма, создайте его в системе NTFS (либо, если вы пользуетесь Windows Vista SP1 или новее, в файловой системе exFAT), либо вместо создания тома на основе файла зашифруйте весь раздел диска. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + ВНИМАНИЕ: Если вам нужно впоследствии добавлять во внешний том ещё данные/файлы, следует позаботиться об уменьшении размера скрытого тома.\n\nВы хотите продолжить и использовать указанный вами размер? + Не выбран том.\n\nНажмите кнопку 'Устройство' или 'Файл' и выберите том VeraCrypt. + Не выбран раздел.\n\nНажмите кнопку 'Устройство' и выберите не смонтированный раздел, который требует предзагрузочную авторизацию (например, раздел на зашифрованном системном диске с другой, не выполняемой сейчас ОС, или зашифрованный системный раздел другой ОС).\n\nПримечание: выбранный раздел будет смонтирован как обычный том VeraCrypt без предзагрузочной авторизации. Это может пригодиться, например, для операций резервного копирования или починки. + ВНИМАНИЕ: Если установлены и активированы ключевые файлы по умолчанию, монтировать НЕ использующие их тома будет невозможно. При монтировании таких томов не забывайте выключать опцию 'Ключевые файлы' (ниже поля ввода пароля).\n\nВы действительно хотите сохранить выбранные ключевые файлы/пути как используемые по умолчанию? + Автомонтирование устройств + Размонтировать все + Очистка кэша + Dismount All & Wipe Cache + Размонтировать все и очистить кэш + Размонтировать все, очистить кэш и выйти + Смонтировать избранные тома + Показать/скрыть главное окно VeraCrypt + (щёлкните здесь и нажмите клавишу) + Действие + Быстрый вызов + Ошибка! Эта горячая клавиша зарезервирована. Выберите другую. + Ошибка! Эта горячая клавиша уже используется. + ВНИМАНИЕ: Некоторые общесистемные горячие клавиши VeraCrypt не будут работать!\n\nПроверьте, не используются ли те же клавиши другими приложениями или операционной системой. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + Из-за ошибки или несовместимости VeraCrypt не может зашифровать файл спящего режима (hibernation). Поэтому спящий режим отключён.\n\nПримечание: когда компьютер переходит в режим сна (или в энергосберегающий ждущий режим), содержимое его системной памяти записывается на жёсткий диск в файл с данными спящего режима. VeraCrypt не может предотвратить сохранение открытых в ОЗУ ключей шифрования и содержимого важных файлов в незашифрованном виде в файле с данными спящего режима. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + ВНИМАНИЕ: Если выключить этот параметр, станет невозможно автоматически размонтировать тома, содержащие открытые файлы/папки.\n\nВы действительно хотите выключить этот параметр? + ВНИМАНИЕ: Тома с открытыми файлами/папками НЕ будут автоматически размонтироваться.\n\nЧтобы избежать такого эффекта, включите в этом окне следующий параметр: 'Авторазмонтировать тома даже при открытых файлах/папках' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + Вы запланировали шифрование раздела/тома. Этот процесс пока ещё не завершён.\n\nХотите возобновить процесс сейчас? + Вы запланировали шифрование или дешифрование системного раздела/диска. Этот процесс пока ещё не завершён.\n\nХотите начать (продолжить) процесс сейчас? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Вы запланировали шифрование или дешифрование системного раздела/диска. Однако не пройдена (или была пропущена) предзагрузочная авторизация.\n\nПримечание: при дешифровании системного раздела/диска в предзагрузочном окружении может потребоваться финализация процесса путём выбора команды 'Система' > 'Перманентно расшифровать системный раздел/диск' в меню главного окна VeraCrypt. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Выход? + VeraCrypt не обладает достаточной информацией, чтобы определить, шифрование выполнять или дешифрование. + VeraCrypt не обладает достаточной информацией, чтобы определить, шифрование выполнять или дешифрование.\n\nПримечание: при дешифровании системного раздела/диска в предзагрузочном окружении может потребоваться финализировать процесс, нажав Decrypt. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Вы хотите прервать процесс шифрования раздела/тома, отложив его на будущее?\n\nПримечание: помните, что пока том не будет полностью зашифрован, его нельзя смонтировать. Позже процесс шифрования можно будет возобновить с той точки, где он был остановлен. Это можно сделать, например, выбрав команду 'Тома' > 'Продолжить прерванный процесс' в меню главного окна VeraCrypt. + Хотите прервать и отложить процесс шифрования системного раздела/диска?\n\nПримечание: позже процесс можно будет возобновить с той точки, где он был остановлен. Это можно сделать, например, выбрав в главном окне VeraCrypt меню 'Система' > 'Продолжить прерванный процесс'. Если вы хотите окончательно прервать процесс или совсем отказаться от шифрования, выберите 'Система' > 'Перманентно дешифровать системный раздел/диск'. + Хотите прервать и отложить процесс дешифрования системного раздела/диска?\n\nПримечание: позже процесс можно будет возобновить с той точки, где он был остановлен. Это можно сделать, например, выбрав в главном окне VeraCrypt меню 'Система' > 'Продолжить прерванный процесс'. Если вы хотите отказаться от дешифрования (и начать шифрование), выберите 'Система' > 'Зашифровать системный раздел/диск'. + Ошибка! Не удалось прервать шифрование/дешифрование системного раздела/диска. + Ошибка! Невозможно прервать процесс очистки (затирания данных). + Ошибка! Не удалось возобновить прерванное шифрование/дешифрование системного раздела/диска. + Ошибка! Невозможно начать процесс очистки (затирания данных). + Несоответствие устранено.\n\n\n(Если вы сообщаете нам о связанной с этим ошибке, включите в свой отчёт следующую техническую информацию: %hs) + Ошибка! Неизвестное состояние.\n\n\n(Если вы сообщаете нам о связанной с этим ошибке, включите в свой отчёт следующую техническую информацию: %hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + ВНИМАНИЕ: Фоновый процесс VeraCrypt отключён. При выходе из VeraCrypt вы не будете извещены о предотвращении повреждения скрытого тома.\n\nПримечание: фоновый процесс можно закрыть в любой момент, щёлкнув правой кнопкой мыши на значке VeraCrypt в системном лотке и выбрав 'Выход'.\n\nВключить фоновый процесс VeraCrypt? + Версия языкового модуля: %s + Проверка файловой системы тома VeraCrypt, смонтированного как %s... + Попытка починить файловую систему тома VeraCrypt, смонтированного как %s... + ВНИМАНИЕ: Этот том зашифрован с использованием устаревшего алгоритма.\n\nВсе алгоритмы шифрования с 64-бит блоками (например, Blowfish, CAST-128, Triple DES) вышли из употребления. В последующих версиях VeraCrypt монтирование этого тома будет возможно, однако никаких улучшений в реализации этих устаревших алгоритмов шифрования не предвидится. Рекомендуем вам создать новый том VeraCrypt с шифрованием по алгоритму со 128-бит блоками (например, AES, Serpent, Twofish и др.) и перенести все файлы из этого тома в новый. + Ваша система не настроена на автомонтирование новых томов. Монтирование томов VeraCrypt на основе устройств может оказаться невозможным. Чтобы включить автомонтирование, выполните следующую команду и перезагрузите систему:\n\nmountvol.exe /E + Прежде чем продолжить, присвойте разделу/устройству букву диска ('Панель управления' > 'Администрирование' > 'Управление компьютером' - 'Управление дисками').\n\nПримечание: это требование операционной системы. + Смонтировать том VeraCrypt + Размонтировать все тома VeraCrypt + VeraCrypt не может получить права администратора. + Доступ запрещён операционной системой.\n\nВозможная причина: для чтения/записи данных в некоторых папках, файлах и устройствах операционная система требует у вас наличия прав чтения/записи system (привилегий администратора). По умолчанию пользователю без прав администратора разрешается создавать читать и изменять файлы лишь в папке с его документами ('Мои документы'). + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + Для загрузчика VeraCrypt необходимо не менее 32 Кбайт свободного места в начале системного диска (загрузчик VeraCrypt должен располагаться в этой области). Ваш диск этому условию не удовлетворяет.\n\nПожалуйста, НЕ сообщайте нам об этом как об ошибке/проблеме в работе VeraCrypt. Чтобы решить эту проблему, вам нужно переразметить свой диск, оставив свободными первые 32 Кбайт (в большинстве случаев достаточно удалить и вновь создать первый раздел). Рекомендуем использовать для этого диспетчер разделов Microsoft, устанавливаемый вместе с Windows. + Эта функция не поддерживается операционной системой той версии, которую вы сейчас используете. + В этой версии операционной системы VeraCrypt не поддерживает шифрование системного раздела/диска. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Ваш системный диск имеет таблицу разделов GUID (GPT). В настоящий момент поддерживаются только диски с таблицей разделов MBR. + ОСТОРОЖНО: На системном диске уже установлен загрузчик VeraCrypt!\n\nВозможно, в вашем компьютере имеется другая уже зашифрованная система.\n\nВНИМАНИЕ: В СЛУЧАЕ ПРОДОЛЖЕНИЯ ШИФРОВАНИЯ ТЕКУЩЕЙ СИСТЕМЫ ЕСТЬ ВЕРОЯТНОСТЬ, ЧТО ДРУГИЕ СИСТЕМЫ НЕ СМОГУТ ЗАГРУЖАТЬСЯ, А ОТНОСЯЩИЕСЯ К НИМ ДАННЫЕ СТАНУТ НЕДОСТУПНЫМИ.\n\nВы действительно хотите продолжить? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + Исходный системный загрузчик не будет сохранён на диске восстановления (возможная причина: нет файла с резервной копией). + Ошибка записи сектора MBR.\n\nBIOS в вашем ПК может быть настроена на защиту сектора MBR. Проверьте в настройках BIOS (нажмите клавишу F2, Delete или Esc сразу после включения компьютера), не включена ли антивирусная/MBR защита. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Примечание: в определённых ситуациях может потребоваться, чтобы посторонний (неприятель), наблюдающий за стартом ПК, не знал, что вы пользуетесь VeraCrypt. Параметры выше позволяют модифицировать экран загрузки VeraCrypt. Если вы включите первую опцию, то на экране загрузчика не будет отображаться никакой текст (даже если вы введёте неправильный пароль). При вводе пароля компьютер будет выглядеть "зависшим". Кроме того, чтобы ввести противника в заблуждение, можно включить вывод своего сообщения. Например, отображать ложные сообщения об ошибках вроде "Missing operating system" (эта надпись обычно выводится загрузчиком Windows, если он не может найти загрузочный раздел Windows). Однако при этом важно помнить, что если неприятель сможет проанализировать содержимое жёсткого диска, то он сумеет найти на нём загрузчик VeraCrypt. + ВНИМАНИЕ: Если вы включите эту опцию, загрузчик VeraCrypt не будет выводить на экран никаких сообщений (даже если вы укажете неправильный пароль). При вводе пароля компьютер будет выглядеть "зависшим" (не реагирующим), курсор НЕ будет перемещаться, а нажатия клавиш НЕ будут сопровождаться показом звёздочек.\n\nВы действительно хотите включить эту опцию? + Системный раздел/диск выглядит как полностью зашифрованный. + VeraCrypt не поддерживает шифрование системного диска, который был преобразован в динамический диск. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Хотите зашифровать вместо всего диска только системный раздел?\n\nОбратите внимание, что вы можете создавать тома VeraCrypt на основе разделов внутри любых не-системных разделов на диске (в добавок к шифрованию системного раздела). + Поскольку системный диск содержит только один раздел, занимающий весь диск, предпочтительнее (более безопасно) зашифровать весь диск, включая свободное "резервное" место, которое обычно окружает такой раздел.\n\nХотите зашифровать весь системный диск? + Ваша система настроена так, что временные файлы хранятся на несистемном разделе.\n\nВременные файлы должны храниться только на системном разделе. + Файлы вашего профиля пользователя не хранятся на системном разделе.\n\nЭти файлы должны храниться только на системном разделе. + На несистемных разделах имеются один или несколько файлов подкачки.\n\nФайлы подкачки должны находиться только на системном разделе. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + В противном случае это неблагоприятно скажется на правдоподобности отрицания наличия скрытой ОС.\n\nПримечание: если неприятель проанализирует содержимое таких файлов (находящихся на несистемном разделе), то сможет узнать, что вы пользовались этим мастером в режиме создания скрытой системы (что натолкнёт его на мысль о наличии скрытой ОС в вашем ПК). Также учтите, что такие файлы, хранящиеся на системном разделе, будут надёжно удалены VeraCrypt при создании скрытой ОС. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Внимание! Между системным разделом и первым разделом за ним имеется нераспределённое место. После создания скрытой операционной системы вы не должны создавать в этой нераспределённой области никаких новых разделов. В противном случае скрытая ОС не сможет загрузиться (до тех пор, пока не будут удалены такие вновь созданные разделы). + В данный момент этот алгоритм для шифрования системы не поддерживается. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + В настоящий момент ключевые файлы для шифрования системы не поддерживаются. + Внимание! VeraCrypt не может восстановить первоначальную раскладку клавиатуры. Это может привести к неправильному вводу пароля. + Ошибка! Невозможно установить раскладку клавиатуры для VeraCrypt в стандартную американскую (US).\n\nОбратите внимание, что пароль вводится ДО загрузки Windows, когда любые раскладки клавиатуры, отличающиеся от американской, ещё недоступны. Поэтому пароль всегда должен вводиться при стандартной американской раскладке. + Поскольку VeraCrypt временно изменил раскладку клавиатуры на стандартную американскую, ввод символов при нажатой правой клавише Alt невозможен. Тем не менее, большинство таких символов можно ввести соответствующими клавишами при нажатой клавише Shift. + Изменение раскладки клавиатуры заблокировано VeraCrypt. + Примечание: пароль вводится ДО загрузки Windows, когда любые раскладки клавиатуры, отличающиеся от американской, ещё недоступны. Поэтому пароль всегда должен вводиться при стандартной американской раскладке. Важно, однако, иметь в виду, что вам НЕ нужно иметь настоящую американскую клавиатуру. VeraCrypt автоматически обеспечивает вам безопасный ввод пароля (прямо сейчас и на стадии перед загрузкой ОС), даже если у вас НЕ настоящая американская клавиатура. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + ВНИМАНИЕ: Если ранее вы уже создавали диск восстановления VeraCrypt, вы не сможете им воспользоваться снова для этого системного раздела/диска, так как он был создан для другого мастер-ключа! При каждом шифровании системного раздела/диска нужно создавать новый диск восстановления VeraCrypt, даже если вы используете тот же самый пароль. + Ошибка! Невозможно сохранить установки системного шифрования. + Невозможно инициировать пре-тест системного шифрования. + Невозможно начать процесс создания скрытой операционной системы. + Режим очистки + На ряде перезаписываемых носителей перезаписанные данные можно восстановить с помощью спецтехник (микроскопия магнитной силы). Это относится и к данным, перезаписанным в зашифрованном виде (когда VeraCrypt шифрует незашифрованный системный раздел/диск). Восстановление перезаписанных данных можно предотвратить (или сильно осложнить) перезаписью псевдослучайными или определёнными неслучайными данными некоторое число раз. Если ваши неприятели могут применить подобные методы для восстановления данных, которые вы собираетесь зашифровать, выберите один из режимов очистки (имеющиеся данные НЕ будут уничтожены). После шифрования раздела/диска очистка НЕ выполняется. Когда раздел/диск полностью зашифрован, никакие незашифрованные данные на него не записываются. Любые данные сначала шифруются на лету в памяти, и лишь затем сохраняются (зашифрованными) на диске. + На ряде перезаписываемых носителей перезаписанные данные (например, когда данные удалены) можно восстановить с помощью спецтехник (микроскопия магнитной силы). Восстановление перезаписанных данных можно предотвратить (или сильно осложнить) перезаписью псевдослучайными или определёнными неслучайными данными некоторое число раз. Если ваши неприятели могут применить подобные техники для восстановления данных, которые должны быть удалены, выберите один из многопроходных режимов очистки.\n\nПримечание: чем больше проходов, тем дольше длится стирание данных. + Очистка + \nПримечание: вы можете прервать процесс очистки, выключить компьютер, снова запустить скрытую систему и затем продолжить очистку (этот мастер запустится автоматически). Однако в случае прерывания весь процесс очистки придётся начать сначала. + \n\nПримечание: если прервать очистку, а затем попытаться возобновить этот процесс, то его придётся выполнить с самого начала. + Вы хотите отменить очистку (затирание данных)? + Внимание! Содержимое всего выбранного раздела/устройства будет уничтожено. + Всё содержимое раздела, где находится исходная система, будет уничтожено.\n\nПримечание: всё содержимое раздела, подлежащего стиранию, было скопировано в этот скрытый системный раздел. + ВНИМАНИЕ: Если выбрать, например, 3-проходный режим очистки, время шифрования диска/раздела увеличится в 4 раза. Аналогично, при выборе 35-проходного режима время увеличится в 36 раз (и может даже составить несколько недель).\n\nУчтите, однако, что очистка НЕ выполняется после того, как раздел/диск зашифрован. Когда раздел/диск полностью зашифрован, никаких незашифрованных данных на него не записывается. Любые записываемые на него данные сначала шифруются на лету в памяти, и только затем сохраняются (в зашифрованном виде) на диске (т.е. на производительности это НЕ отражается).\n\nВы действительно хотите использовать режим очистки? + Нет (самый быстрый) + 1 проход (случайные данные) + 3 прохода (US DoD 5220.22-M) + 7 проходов (US DoD 5220.22-M) + 35 проходов ("Gutmann") + 256 проходов + Число операционных систем + ВНИМАНИЕ: Неопытным пользователям не следует пытаться шифровать Windows в мультизагрузочных конфигурациях.\n\nПродолжить? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Загрузочный диск + Работающая в данный момент операционная система установлена на загрузочном диске?\n\nПримечание: иногда Windows бывает установлена не на том диске, с которого она грузится (где находится загрузочный раздел). Если это ваш случай, то выберите 'Нет'. + В данный момент VeraCrypt не поддерживает шифрование операционной системы, которая загружается не с того же диска, на котором она установлена. + Число системных дисков + Сколько дисков содержит операционная система?\n\nПримечание: например, если у вас одна операционная система (скажем, Windows, Mac OS X, Linux и т.д.) установлена на первичном диске, а другая -- на вторичном, выберите '2 или более'. + В данный момент VeraCrypt не поддерживает шифрование всего диска, который содержит несколько операционных систем.\n\nВозможные варианты:\n\n- Вы можете зашифровать одну из систем, если вернётесь назад и выберите шифрование только одного системного раздела (а не всего системного диска).\n\n- Вы сможете зашифровать весь диск, если переместите некоторые системы на другие диски, оставив только одну ОС на диске, который хотите зашифровать. + Несколько систем на одном диске + На диске, где установлена текущая ОС, есть другие операционные системы?\n\nПримечание: например, если текущая ОС установлена на диске #0, содержащем несколько разделов, и если на одном из разделов находится Windows, а на другом -- ещё одна ОС (скажем, Windows, Mac OS X, Linux и т.д.), то выберите 'Да'. + Не-Windows загрузчик + Установлен ли в главной загрузочной записи (MBR) не относящийся к Windows загрузчик (или загрузочный менеджер)?\n\nПримечание: например, если в первом цилиндре загрузочного диска содержится GRUB, LILO, XOSL или какой-то другой не относящийся к Windows загрузочный менеджер, выберите 'Да'. + Мультизагрузка + В настоящее время VeraCrypt не поддерживает мультизагрузочные конфигурации, где в главной загрузочной записи (MBR) установлен не относящийся к Windows загрузчик.\n\nВозможные варианты:\n\n- Если вы используете загрузочный менеджер для загрузки Windows и Linux, перенесите его (обычно это GRUB) из MBR в раздел. Затем запустите снова этот мастер и зашифруйте системный раздел/диск. Обратите внимание, что загрузчик VeraCrypt станет основным загрузочным менеджером и позволит вам запускать исходный загрузочный менеджер (скажем, GRUB) как вторичный (нажатием Esc при выводе экрана загрузчика VeraCrypt) и, таким образом, запускать Linux. + Если текущая ОС установлена на загрузочном разделе, то после его шифрования вам потребуется ввести правильный пароль, даже для запуска незашифрованных Windows-систем (так как они будут совместно использовать один и тот же зашифрованный загрузчик Windows).\n\nНапротив, если текущая ОС не установлена на загрузочном разделе (или загрузчик Windows не используется никакими иными системами), тогда после шифрования этой системы вам не надо вводить пароль для запуска других незашифрованных систем -- достаточно будет просто нажать Esc (в случае нескольких незашифрованных систем также потребуется выбрать нужную в меню загрузчика VeraCrypt).\n\nПримечание: как правило, в загрузочном разделе бывает установлена наиболее ранняя версия Windows. + Шифрование защищённой области пользователя (HPA) + В конце многих дисков имеется область, в обычных условиях скрытая от операционной системы (эту область обычно называют Host Protected Area -- защищённая область пользователя). Однако некоторые программы способны читать и записывать данные в таких областях.\n\nВНИМАНИЕ: Производители компьютеров (в частности, ноутбуков) могут использовать области HPA для хранения в них утилит и данных для RAID, восстановления системы, её настройки, диагностики и прочих нужд. Если такие утилиты или данные должны быть доступны перед загрузкой системы, скрытую область НЕ следует шифровать (выберите 'Нет').\n\nХотите, чтобы VeraCrypt обнаружил и зашифровал скрытую область (если таковая имеется) в конце системного диска? + Системанинг шифрлаш тури + Выберите эту опцию, если вы просто хотите зашифровать системный раздел или весь системный диск. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Скрытая операционная система + На следующих этапах вы создадите два тома VeraCrypt (внешний и скрытый) в первом разделе за системным разделом. Скрытый том будет содержать скрытую ОС. VeraCrypt создаст скрытую ОС копированием в скрытый том содержимого системного раздела (где установлена работающая сейчас ОС). Во внешний том вам нужно скопировать осмысленно выглядящие файлы, которые на самом деле вам прятать НЕ требуется. Их цель -- ввести в заблуждение того, кто вынудит вас сообщить пароль от скрытого системного раздела. Вы сможете открыть пароль для внешнего тома внутри скрытого системного раздела (наличие скрытой ОС останется в тайне).\n\nИ, наконец, на системный раздел с работающей в данный момент ОС вы установите новую, так называемую "обманную" ОС и зашифруете её. В ней не должно быть конфиденциальных файлов, она нужна на случай, если вас вынудят сообщить предзагрузочный пароль. В итоге у вас будет три пароля. Два из них (для обманной ОС и для внешнего тома) можно сообщать неприятелю. Третий пароль -- запуск скрытой ОС. + Поиск скрытых секторов + Подождите, VeraCrypt ищет скрытые сектора, которые могут присутствовать в конце системного диска. Это может занять продолжительное время.\n\nПримечание: в очень редких случаях на некоторых компьютерах во время этой операции система может перестать реагировать. В этом случае перезагрузите компьютер, запустите VeraCrypt, повторите предыдущие этапы, но пропустите этот этап поиска. Просим учесть, что данная проблема вызвана не ошибкой в VeraCrypt. + Область шифрования + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Сбор случайных данных + Сгенерированные ключи + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Запись диска восстановления + Диск восстановления создан + Пре-тест шифрования системы + Диск восстановления проверен + \nДиск восстановления VeraCrypt (Rescue Disk) успешно прошёл проверку. Выньте его из накопителя и уберите в надёжное место.\n\nНажмите 'Далее' для продолжения. + ВНИМАНИЕ: Во время следующих этапов в накопителе НЕ должно быть диска восстановления VeraCrypt. В противном случае эти этапы не удастся корректно завершить.\n\nВыньте диск восстановления из накопителя и поместите в надёжное место. Затем нажмите OK. + Внимание! Вследствие технических ограничений среды до загрузки ОС, сообщения, выводимые VeraCrypt на этом этапе (т.е. до старта Windows), не подлежат локализации. Пользовательский интерфейс загрузчика VeraCrypt полностью на английском языке.\n\nПродолжить? + Прежде чем зашифровать системный раздел или диск, VeraCrypt должен проверить, что всё работает как надо.\n\nПосле нажатия 'Тест' будут установлены все необходимые компоненты (например, предзагрузочный авторизатор, т.е. загрузчик VeraCrypt), и компьютер перезагрузится. Затем на экране загрузчика (VeraCrypt Boot Loader), который появится до старта Windows, вам потребуется ввести свой пароль. После запуска Windows вам автоматически сообщат о результатах этого предварительного теста.\n\nБудет изменено следующее устройство: Диск #%d\n\n\nЕсли вы сейчас нажмёте 'Отмена', то ничего установлено не будет, и пре-тест не станет выполняться. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Пре-тест выполнен + Пре-тест успешно завершён.\n\nВНИМАНИЕ: Если во время шифрования произойдёт сбой питания или из-за программной/аппаратной ошибки зависнет операционная система, в то время, как VeraCrypt шифрует имеющиеся данные 'на месте', некоторые данные почти наверняка окажутся повреждёнными или утерянными. Поэтому прежде чем начать шифрование, убедитесь, что сделали резервную копию файлов, которые собираетесь зашифровать. Если нет, то сделайте это сейчас (нажмите 'Отложить', скопируйте файлы, затем в любое время снова запустите VeraCrypt, выберите 'Система' > 'Возобновить прерванный процесс', чтобы начать шифрование).\n\nКогда будете готовы, нажмите 'Шифрация', чтобы приступить к шифрованию. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nВы можете в любой момент нажать 'Пауза' или 'Отложить', прервав шифрование, выйти из этого мастера, перезагрузить или выключить ПК, а затем продолжить процесс (он возобновится с той точки, где был приостановлен). Учтите, что том не может быть смонтирован, пока не будет полностью зашифрован. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Скрытая система запущена + Исходная система + Windows создаёт (обычно без вашего ведома или согласия) различные файлы отчётов, временные файлы и т.п. на системном разделе. Кроме того, там же она сохраняет содержимое ОЗУ для сна/гибернации и файлы подкачки. Поэтому если неприятель проанализирует файлы на разделе с исходной системой (клоном которой является скрытая ОС), он может узнать, например, что вы пользовались мастером VeraCrypt в режиме создания скрытой системы (и заподозрить наличие скрытой ОС в вашем ПК).\n\nЧтобы это предотвратить, на следующих этапах VeraCrypt надёжно сотрёт всё содержимое раздела, где находится исходная система. Затем для правдоподобности отрицания вам потребуется установить в раздел новую систему и зашифровать её. Таким образом вы создадите обманную ОС, и на этом процесс создания скрытой ОС будет завершён. + Скрытая ОС успешно создана. Но прежде чем её можно будет использовать (и иметь возможность правдоподобного отрицания), требуется надёжно удалить (с помощью VeraCrypt) всё содержимое раздела, в котором сейчас установлена текущая ОС. Прежде чем это сделать, перезагрузите ПК и на экране загрузчика VeraCrypt (выводимого до старта Windows) введите пароль предзагрузочной авторизации для скрытой ОС. Затем после старта скрытой системы автоматически запустится мастер VeraCrypt.\n\nПримечание: если сейчас прервать создание скрытой ОС, то возобновить этот процесс НЕ удастся, и скрытая ОС окажется недоступна (так как будет удалён загрузчик VeraCrypt). + Вы запланировали создание скрытой операционной системы. Этот процесс ещё не закончен. Чтобы его завершить, нужно перезагрузить компьютер и на экране загрузчика VeraCrypt (он появляется перед запуском Windows) ввести пароль для скрытой операционной системы.\n\nПримечание: если вы решите прервать сейчас процесс создания скрытой ОС, вы уже НЕ сможете его возобновить. + Перезагрузить ПК и продолжить + Окончательно прервать создание скрытой ОС + Ничего не делать сейчас, спросить позже + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Клонирование ОС + Yf следующих этапах VeraCrypt создаст скрытую ОС, скопировав содержимое системного раздела в скрытый том (копируемые данные шифруются 'на лету' с ключом, отличным от используемого для обманной ОС).\n\nУчтите, что процесс выполняется на предзагрузочной стадии (до запуска Windows) и может занять много времени (несколько часов или даже дней, в зависимости от размера системного раздела и быстродействия ПК).\n\nВы сможете прервать этот процесс, выключить ПК, запустить ОС и затем возобновить его. Однако в случае прерывания, копирование системы придётся начать сначала (так как при клонировании содержимое системного раздела не должно изменяться). + Вы хотите отменить весь процесс создания скрытой операционной системы?\n\nПримечание: в случае отмены вы НЕ сможете возобновить процесс. + Вы хотите отменить пре-тест шифрования системы? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + Судя по всему, системный раздел/диск не зашифрован (ни частично, ни полностью). + Системный раздел/диск зашифрован (частично или полностью).\n\nПрежде чем продолжить, полностью дешифруйте системный раздел/диск. Чтобы это сделать, выберите в главном окне VeraCrypt меню 'Система' > 'Permanently Decrypt System Partition/Drive'. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + В данный момент идёт шифрование, дешифрование или иная модификация системного раздела/диска. Прежде чем продолжить, прервите процесс шифрования/дешифрования/модификации (или дождитесь его окончания). + В системе уже запущена копия мастера создания томов VeraCrypt, она выполняет или подготавливает шифрование/дешифрование системного раздела/диска. Прежде чем продолжить, дождитесь завершения работы мастера или закройте его. Если закрыть окно мастера не удаётся, перезагрузите ПК и продолжите. + Шифрование или дешифрование системного раздела/диска не завершено. Прежде чем продолжить, дождитесь завершения этого процесса. + ОШИБКА: Шифрование раздела/диска не было завершено. Сначала его нужно завершить. + ОШИБКА: Шифрование раздела/тома не было завершено. Сначала его нужно завершить.\n\nПримечание: чтобы возобновить процесс, выберите команду 'Тома' > 'Продолжить прерванный процесс' в меню главного окна VeraCrypt. + Пароль правильный. VeraCrypt успешно расшифровал заголовок тома и обнаружил, что этот том является скрытым системным томом. Однако изменить заголовок скрытого системного тома таким способом нельзя.\n\nЧтобы изменить пароль скрытого системного тома, загрузите ОС, расположенную в скрытом томе, после чего в главном окне VeraCrypt выберите в меню 'Система' > 'Изменить пароль'.\n\nЧтобы установить алгоритм деривации ключа заголовка, загрузите скрытую ОС и выберите 'Система' > 'Установить алгоритм деривации ключа заголовка'. + VeraCrypt не поддерживает дешифрование скрытого системного раздела на месте.\n\nПримечание: если вы хотите дешифровать обманный системный раздел, загрузите обманную ОС, после чего выберите в главном окне VeraCrypt меню 'Система' > 'Перманентно расшифровать системный раздел/диск'. + ОШИБКА: Неверный/недопустимый параметр. + Вы выбрали раздел или устройство, но выбранный режим мастера подходит только для файловых контейнеров.\n\nХотите изменить режим мастера? + Хотите вместо этого создать файловый контейнер VeraCrypt? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Вы действительно хотите перманентно дешифровать системный раздел/диск? + ОСТОРОЖНО: Если вы перманентно дешифруете системный раздел/диск, данные на него будут записываться в незашифрованном виде.\n\nВы действительно хотите перманентно дешифровать системный раздел/диск? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + Если вы столкнулись с любой из ранее описанных проблем, дешифруйте раздел/диск (если он зашифрован), после чего попробуйте зашифровать его снова, используя не-каскадный Шифрлаш алгоритми (например, AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + Номер версии загрузчика VeraCrypt, с помощью которого была загружена эта ОС, отличается от номера версии драйвера и приложений VeraCrypt, установленных в этой системе.\n\nВам следует запустить инсталлятор VeraCrypt (той же версии, что и у загрузчика VeraCrypt), чтобы обновить VeraCrypt в этой операционной системе. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + Загрузчик VeraCrypt обновлён.\n\nНастоятельно рекомендуется создать новый диск восстановления VeraCrypt (Rescue Disk), который будет содержать новую версию загрузчика VeraCrypt. Для этого после перезагрузки компьютера выберите меню 'Система' > 'Создать диск восстановления'. + Загрузчик VeraCrypt обновлён.\n\nНастоятельно рекомендуется загрузить обманную операционную систему и затем создать новый диск восстановления VeraCrypt (который будет содержать новую версию загрузчика VeraCrypt). Для этого выберите меню 'Система' > 'Создать диск восстановления'. + Ошибка обновления загрузчика VeraCrypt. + VeraCrypt не может определить настоящий размер системного диска, поэтому будет использовать размер, сообщённый операционной системой (который может быть меньше реального размера). Примечание: это не ошибка в VeraCrypt. + ВНИМАНИЕ: Похоже, VeraCrypt уже пытался обнаружить скрытые сектора на этом системном диске. Если во время предыдущей попытки обнаружения вы столкнулись с какими-то проблемами, то можете сейчас их избежать, пропустив операцию поиска скрытых секторов. Обратите внимание, что в этом случае VeraCrypt будет использовать размер, сообщаемый операционной системой (который может быть меньше действительного размера диска).\n\nЭто происходит не из-за какой-либо ошибки в VeraCrypt. + Не выполнять поиск скрытых секторов (использовать размер, сообщённый ОС) + Попробовать найти скрытые сектора ещё раз + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Примечание: VeraCrypt заменил содержимое %I64d нечитаемых секторов (%s) зашифрованными блоками с обычным нулевым текстом. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Введите пароль/PIN для токена '%s': + Чтобы обеспечить VeraCrypt доступ к токену безопасности или смарт-карте, сначала нужно установить программную библиотеку PKCS #11 для токена или смарт-карты. Эта библиотека может поставляться вместе с устройством либо имеется на сайте поставщика или сторонней фирмы.\n\nУстановив библиотеку, вы можете либо выбрать её вручную, нажав 'Библиотека', либо позволить VeraCrypt найти её автоматически, нажав 'Автоопределение библиотеки' (поиск выполняется только в системной папке Windows). + Примечание: имя и расположение файла библиотеки PKCS #11 для токена или смарт-карты см. в документации к токену, смарт-карте или ПО сторонних фирм.\n\nНажмите 'OK', чтобы выбрать путь и имя файла. + Чтобы обеспечить VeraCrypt доступ к токену безопасности или смарт-карте, сначала нужно выбрать программную библиотеку PKCS #11 для токена/карты. Для этого выберите в меню 'Настройки' > 'Токены безопасности'. + Ошибка инициализации библиотеки PKCS #11 для токена безопасности.\n\nУбедитесь, что указанные путь и имя файла действительно ссылаются на библиотеку PKCS #11. Чтобы указать путь и имя библиотеки PKCS #11, выберите в меню 'Настройки' > 'Токены безопасности'. + В системной папке Windows библиотека PKCS #11 не обнаружена.\n\nПроверьте, установлена ли библиотека PKCS #11 для вашего токена безопасности (или смарт-карты). Эта библиотека может поставляться вместе с токеном/картой или же доступна на сайте производителя/сторонней фирмы. Если библиотека установлена в папке, отличной от системной папки Windows, нажмите кнопку 'Библиотека' и выберите её (например, это может быть папка, где установлено ПО для токена/карты). + Токен безопасности не обнаружен.\n\nУбедитесь, что токен подключён к ПК, и для него установлен корректный драйвер. + Ключевой файл токена безопасности не обнаружен. + Ключевой файл токена безопасности с таким именем уже существует. + Вы хотите удалить выбранные файлы? + Путь к ключевому файлу токена безопасности неверен. + Ошибка токена безопасности + Неверный пароль для токена безопасности. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + Все открытые токен-сессии были закрыты. + Выберите ключевые файлы токена безопасности + Слот + Токен + Имя файла + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Ошибка обработки командной строки. + Диск восстановления + Выбрать &файл и смонтировать... + Выбрать &устройство и смонтировать... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + ВНИМАНИЕ: Файловая система тома, смонтированного как '%s', не была аккуратно размонтирована, и потому может содержать ошибки. Использование повреждённой файловой системы может привести к потере или порче данных.\n\nПримечание: прежде чем физически удалять или выключать устройство (например, флэш-накопитель USB или внешний жёсткий диск), на котором находится смонтированный том VeraCrypt, сначала всегда следует размонтировать этот том.\n\n\nХотите, чтобы Windows попыталась найти и исправить ошибки (если они есть) файловой системы? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Том '%s' смонтирован как 'только для чтения', так как была отвергнута попытка записи.\n\nПроверьте, не обращаются ли к разделу/устройству, на котором расположен том, другие приложения (например, антивирусное ПО). + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Тест + Ключевой файл + Backspace + Tab + Очистить + Enter + Pause + Caps Lock + Пробел + Page Up + Page Down + End + Home + Стрелка влево + Стрелка вверх + Стрелка вправо + Стрелка вниз + Клавиша выбора + Клавиша печати + Клавиша выполнения + Print Screen + Insert + Delete + Клавиша приложений + Сон + Num Lock + Scroll Lock + Браузер - назад + Браузер - вперёд + Браузер - обновить + Браузер - стоп + Браузер - поиск + Браузер - Избранное + Браузер - Начальная страница + Без звука + Уменьшить громкость + Увеличить громкость + Следующий трек + Предыдущий трек + Стоп + Пуск/пауза + Клавиша запуска почты + Клавиша выбора носителя + Приложение 1 + Приложение 2 + Attn + СозВыд + РасВыд + Пуск + Зум + NumPad + Shift + Control + Alt + Win + б + Кб + Мб + Гб + Тб + Пб + б/с + Кб/с + Мб/с + Гб/с + Тб/с + Пб/с + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.vi.xml b/Translations/Language.vi.xml index 53eb26e3..5035166b 100644 --- a/Translations/Language.vi.xml +++ b/Translations/Language.vi.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Hủy - Cài đặt &cho tất cả người dùng - X&em... - Thêm biểu tượng VeraCrypt vào &màn hình - Donate now... - Liên hệ tập tin có &đuôi .hc với VeraCrypt - &Mở vị trí đích khi chấm dứt - Thêm VeraCrypt vào trình đơn &Start - Cấu tạo điểm &Phục hồi Hệ thống - &Hủy cài đặt - &Trích - &Cài đặt - Trợ lý Thiết lập VeraCrypt - Hủy cài đặt VeraCrypt - &Trợ giúp - Xin chọn hoặc gõ vị trí nơi bạn muốn đặt các tập tin được trích: - Xin chọn hoặc gõ vị trí nơi bạn muốn cài đặt các tập tin chương trình của VeraCrypt. Nếu thư mục được điền vào không có thì nó sẽ được tự động cấu tạo. - Nhấn Hủy cài đặt để gỡ bỏ VeraCrypt ra khỏi hệ thống này. - Thoát ra - &Benchmark - &Thử - Cấu tạo tập đĩa được mã hóa và định dạng nó - Mã hóa phân vùng tại chỗ - Hiển thị các khóa được tạo ra(phần của chúng) - Hiển thị nội dung của công chung - Tải nhu liệu thâu CD/DVD xuống - Cấu tạo một bộ chứa tập tin được mã hóa - &GB - &TB - Thêm thông tin - Tập đĩa VeraCrypt được &ẩn - Thêm thông tin về tập đĩa được ẩn - Phương thức trực tiếp - Phương thức thông thường - &KB - X&ử dụng tập tin khóa - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - &Tập tin khóa.. - Thông tin về các thuật toán ước tính - Thêm thông tin về mật mã - Information on PIM - &MB - Thêm thông tin về bộ chứa - Thêm thông tin về hệ thống mã hóa - Thêm thông tin - Khởi động đa hệ - Mã hóa một phân vùng/ổ đĩa vô hệ - Đừng bao giờ &lưu lược sử - Mở tập đĩa bên ngoài - &Tạm dừng - Use P&IM - Use PIM - Định dạng nhanh - &Hiển thị mật mã - &Hiển thị mật mã - &Display PIM - Khởi động đơn hệ - Tập đĩa VeraCrypt chuẩn - Ẩ&n - Thông thường - Mã hóa phân vùng hệ thống hoặc nguyên cả ổ đĩa hệ thống - Mã hóa phân vùng hệ thống của Windows - Mã hóa nguyên cả ổ đĩa - Trợ lý Cấu tạo Tập đĩa VeraCrypt - Cụm - QUAN TRỌNG: Di chuyển con chuột của bạn càng ngẫu nhiên càng tốt trong cửa sổ này. Bạn di chuyển nó càng lâu càng tốt. Việc này gia tăng cường độ mật mã của các khóa mã hóa. Sau đó nhấn Kế tiếp để tiếp tục. - &Xác nhận: - Hoàn tất - Drive letter: - Giải thuật mã hóa - Hệ thống tập tin - Cấu tạo một đĩa được mã hóa ảo bên trong một tập tin. Thích hợp cho người dùng không kinh nghiệm. - Tùy chọn - Thuật toán Ước tính - Khóa Đầu: - Trái - Khóa Chính: - Chọn tùy chọn này nếu có hai hệ điều hành hay nhiều hơn được cài đặt trong máy điện toán này.\n\nVí dụ:\n- Windows XP và Windows XP\n- Windows XP và Windows Vista\n- Windows và Mac OS X\n- Windows và Linux\n- Windows, Linux và Mac OS X - Mã hóa một phân vùng vô hệ trên bất cứ ổ đĩa bên trong hay bên ngoài (ví dụ như một ổ đĩa flash). Cũng có thể cấu tạo một tập đĩa dấu được. - Nội dung gộp chung hiện tại (một phần) - Mật - Mật mã: - Volume PIM: - Volume PIM: - Tiến triển: - Gộp chung Ngẫu nhiên: - Chọn tùy chọn này nếu chỉ có một hệ điều hành được cài đặt trong máy điện toán này (ngay cả nếu nó được dùng bởi nhiều người). - Tốc độ - Trạng thái - Các khóa, muối, và những dữ liệu khác đã được tạo ra. Nếu bạn muốn tạo ra khóa mới thì nhấn Ngược lại và sau đó nhấn Kế tiếp. Không thôi thì nhấn Kế tiếp để tiếp tục. - Mã hóa phân vùng/ổ đĩa nơi mà Windows được cài đặt. Bất cứ ai muốn đưọc truy cập và sử dụng hệ thống, đọc và viết tập tin, v.v. sẽ cần nhập đúng mật mã mỗi lần trước khi Windows khởi động. Cũng có thể cấu tạo một hệ thống dấu được. - Chọn tùy chọn này để mã hóa phân vùng nơi mà hệ điều hành Windows đang chạy hiện tại được cài đặt. - Volume Label in Windows: - Phương thức tẩy: - Đóng - Cho phép bỏ qua &chứng thực tiền khởi động bằng cách bấm phím Esc (bật quản lý khởi động lên) - Không làm gì cả - &Tự-nạp tập đĩa VeraCrypt lên (ghi rõ bên dưới) - &Bắt đầu VeraCrypt - Tự-&Phát hiện Thư viện - &Tạm trữ mật mã chứng thực tiền khởi động trong bộ nhớ của trình điều khiển (để nạp các tập đĩa vô hệ lên) - Duyệt... - Duyệt... - Tạm trữ các mật mã và tập &tin khóa trong bộ nhớ - Thoát ra khi không có tập đĩa nào được nạp lên - &Đóng phiên chạy của hiệu bài (đăng xuất) sau khi một tập đĩa được nạp lên thành công - Include VeraCrypt Volume Expander - Thêm Trợ lý Cấu tạo Tập đĩa VeraCrypt vào - Cấu tạo - Cấu tạo Tập đĩa - Đừng cho thấy bất cứ văn bản nào trong màn ảnh chứng thực tiền khởi động (ngoại trừ thông điệp riêng bên dưới) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Xử dụng tập tin khóa - Xử dụng tập tin khóa - Thoát ra - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Gán - Gỡ bỏ - Tập tin khóa... - Do not use the following number of processors for encryption/decryption: - More information - More information - Thêm Thiết lập... - Các Thiết bị &Tự-Nạp lên - Nạp Tùy &chọn lên... - Nạp tập đĩa kiểu chỉ-đọc lên - Tập tin khóa... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Được bật lên - Tạm trữ mật mã trong bộ nhớ của trình điều khiển - Tự-tháo tập đĩa xuống sau khi không có dữ liệu nào được đọc/viết vào nó trong - Người dùng đăng xuất - User session locked - Đang vào phương thức tiết kiệm năng lượng - Bảo vệ màn hình được khởi chạy - Bắt buộc tự-tháo xuống ngay cả nếu tập đĩa có chứa tập tin hay thư mục còn mở - Nạp tất cả các tập đĩa VeraCrypt có thiết bị làm chủ lên - Bắt đầu Tác vụ Phụ của VeraCrypt - Nạp các tập đĩa kiểu chỉ-đọc lên - Nạp các tập đĩa kiểu môi trường chứa rời được lên - Mở cửa sổ Explorer của tập đĩa được nạp lên thành công - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Xóa mật mã được tạm trữ khi tự-tháo xuống - Xóa mật mã được tạm trữ khi ra khỏi - Duy trì dấu giờ của các bộ chứa tập tin - Đặt lại - Chọn Thiết bị... - Chọn Tập tin... - Chọn &Thư viện... - Hiển thị mật mã - Hiển thị mật mã - Mở cửa sổ &Explorer cho tập đĩa được nạp lên - &Tạm trữ mật mã trong bộ nhớ của trình điều khiển - TrueCrypt Mode - Th&áo Tất cả xuống - Đặc tính của Tập đĩa... - Công cụ của Tập đĩa... - &Tẩy Bộ tạm trữ - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - Các khóa kích hoạt cho Nguyên cả Hệ thống - VeraCrypt - Thay đổi Mật mã hoặc Tập tin khóa - Nhập vào Mật mã của Tập đĩa VeraCrypt - VeraCrypt - Performance and Driver Options - VeraCrypt - Tùy thích - VeraCrypt - Thiết lập Mã hóa Hệ thống - VeraCrypt - Các tùy thích của Hiệu bài Bảo mật - Thiết kế Đĩa Di chuyển của VeraCrypt - Đặc tính của Tập đĩa VeraCrypt - Về... - Thêm/Bỏ Tập tin khóa vào/từ Tập đĩa... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Sao lưu Phần đầu của Tập đĩa... - Tiêu chuẩn... - Đặt Khóa Đầu của Thuật toán Chuyển hóa... - Đổi mật mã của Tập đĩa... - Đặt Khóa Đầu của Thuật toán Chuyển hóa... - Đổi mật mã... - Xóa lược sử của Tập đĩa - Đóng Tất cả các Phiên chạy của Hiệu bài Bảo mật - Liên hệ... - Cấu tạo Hệ điều hành Ẩn... - Cấu tạo Đĩa Cứu hộ... - Cấu tạo Tập đĩa mới... - Permanently Decrypt... - Tập tin khóa Mặc định... - Default Mount Parameters... - Donate now... - Mã hóa Phân vùng Hệ thống/Ổ đĩa... - Câu hỏi thông dụng - Hướng dẫn - Trang chủ - Phím nóng... - Cấu tạo Tập tin khóa - Ngôn ngữ... - Các Lưu ý Pháp lý - Quản lý Các tập tin khóa của Hiệu bài Bảo mật... - Tự-Nạp lên Tất cả các Tập đĩa có Thiết bị làm chủ - Nạp các Tập đĩa được Chuộng lên - Nạp lên mà Không cần &Chứng thực Tiền Khởi động... - Nạp Tập đĩa lên - Nạp Tập đĩa với các Tùy chọn lên - Tin tức - Trợ giúp trực tuyến - Bài học cho người bắt đầu - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Giải mã vĩnh viễn Phân vùng Hệ thống/Ổ đĩa - Sở thích... - Cập nhật các Chữ hiệu Ổ đĩa - Bỏ Tất cả Tập tin khóa ra khỏi Tập đĩa... - Khôi phục Phần đầu của Tập đĩa... - Tiếp tục lại các quá trình bị gián đoạn - Chọn thiết bị... - Chọn tập tin... - Tiếp tục lại các quá trình bị gián đoạn - Mã hóa hệ thống... - Đặc tính... - Thiết lập... - Các Tập đĩa Hệ thống được Chuộng... - Tải xuống - Vectơ Thử nghiệm... - Các Hiệu bài Bảo mật... - Thiết kế Đĩa Di chuyển... - Tháo Tất cả các Tập đĩa xuống - Tháo Tập đĩa xuống - Kiểm tra Đĩa Cứu hộ - Verify Rescue Disk ISO Image - Lịch sử phiên bản - Volume Expander - Đặc tính của Tập đĩa - Trợ giúp Cấu tạo Tập đĩa - Trang Web của VeraCrypt - Tẩy Mật mã được Tạm trữ - Đồng ý - Hardware Acceleration - Phím tắt - Cấu hình Tự chạy (autorun.inf) - Tự-Tháo xuống - Tháo tất cả xuống khi: - Các Tùy chọn của Màn hình Bộ tải Khởi nạp - Xác nhận mật mã: - Hiện tại - Hiển thị thông điệp riêng này trong màn hình chứng thực tiền khởi động (tối đa 24 ký tự): - Tùy chọn của Nạp mặc định - Tùy chọn phím nóng - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - Thiếp lập tập tin - Khóa để giao cho: - Processor (CPU) in this computer supports hardware acceleration for AES: - Hành động cần làm ngay khi đăng nhập vào Windows - phút - Nạp tập đĩa lên thành chữ hiệu ổ đĩa: - Thiết lập Tập đĩa - Mới - Mật mã: - Thread-Based Parallelization - Đường dẫn Thư viện của PKCS #11 - PKCS-5 PRF: - PKCS-5 PRF: - Tạm trữ Mật mã - Tùy chọn bảo mật - Tác vụ Phụ của VeraCrypt - Tập đĩa VeraCrypt để nạp lên (tương quan với gốc của đĩa di chuyển): - Khi chèn đĩa di chuyển vào: - Cấu tạo các tập tin cho đĩa di chuyển tại (thư mục gốc của đĩa di chuyển): - Tập đĩa - Cửa sổ - Thêm đường dẫn... - &Tự-Kiểm Tất cả - Tiếp tục - Giải mã - Xóa - &Mã hóa - &Xuất... - Tạo ra và Lưu lại Tập tin khóa... - &Tạo ra Tập tin khóa Ngẫu nhiên... - Tải về bộ ngôn ngữ - Hardware-accelerated AES: - &Nhập Tập tin khóa vào Hiệu bài... - Thêm tập tin... - X&ử dụng các tập tin khóa - &Các tập tin khóa... - Gỡ bỏ - Gỡ bỏ toàn bộ - Bảo vệ tập đĩa ẩn là gì? - Thêm tin tức về tập tin khóa - Nạp tập đĩa kiểu &môi trường chứa rời được lên - Nạp phân vùng lên bằng cách sử dụng mã hóa hệ thống mà không cần chứng thực tiền khởi động - Parallelization: - Tiêu chuẩn - Trong - &Bảo vệ tập đĩa ẩn khỏi bị tổn hại gây ra bởi viết vào tập đĩa bên ngoài - &Đặt lại - &Hiển thị mật mã - Chèn các Tập tin &Hiệu bài... - Xử dụng sao lưu của phần đầu được gắn vào trong &tập đĩa nếu có sẵn - Phương thức XTS - Về VeraCrypt - VeraCrypt - Tiêu chuẩn Thuật toán Mã hóa - VeraCrypt - Vectơ Thử nghiệm - Trợ giúp dòng lệnh - VeraCrypt - Các tập tin khóa - VeraCrypt - Hàm tạo Tập tin khóa - VeraCrypt - Ngôn ngữ - VeraCrypt - Các tùy chọn để Nạp lên - Các Đặc tính của Tập tin khóa của Hiệu bài Bảo mật Mới - VeraCrypt - Phong phú Công chung Ngẫu nhiên - Chọn lựa Phân vùng hoặc Thiết bị - VeraCrypt - Các tập tin khóa của Hiệu bài Bảo mật - Cần mật mã/PIN của hiệu bài bảo mật - Bộ ngôn ngữ - Tốc độ bị ảnh hưởng bởi độ tải của CPU và các đặc tính của thiết bị chứa.\n\nNhững thử nghiệm này xảy ra ở trong RAM. - Kích cỡ Tăng đệm: - Mật mã: - M&ật khẩu cho tập đĩa ẩn:\n(nếu trống, bộ tạm trữ được dùng) - Bảo vệ Tập đĩa Ẩn - Kích cỡ khóa: - QUAN TRỌNG: Di chuyển con chuột của bạn càng nhiều trong cửa sổ này càng tốt. Bạn làm càng lâu càng tốt. Chuyện này gia tăng rất nhiều sức mã hóa của tập tin khóa. - CẢNH BÁO: Nếu bạn mất một tập tin khóa hoặc nếu bất cứ phần nào trong 1024 kilobytes đầu của nó thay đổi thì sẽ không thể nào nạp lên các tập đĩa nào dùng tập tin khóa được! - bits - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Dịch bởi: - Kích cỡ chữ thường: - bits - Nội dung của công chung hiện tại - Đang pha trộn PRF: - QUAN TRỌNG: Di chuyển con chuột của bạn càng nhiều trong cửa sổ này càng tốt. Bạn làm càng lâu càng tốt. Chuyện này gia tăng sự bảo mật. Khi xong thì nhấn 'Tiếp tục'. - Khóa phụ (hexadecimal) - Hiệu bài bảo mật: - Phương pháp sắp xếp: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Số khối: - Chữ mã hóa (hexadecimal) - Số đơn vị dữ liệu (64-bit hexadecimal, kích cỡ đơn vị dữ liệu là 512 bytes) - Khóa (hexadecimal) - Chữ thô (hexadecimal) - Tên của Tập tin khóa: - Phương thức XTS - Hệ thống - &Tập đĩa - Favor&ites - Công cụ - Thiết lập - Giúp đỡ - Trang chủ - - &Về... - Thuộc tính chỉ-đọc của tập đĩa cũ của bạn không thể thay được. Xin kiểm soát lại các quyền truy cập tập tin. - Lỗi: Truy cập bị từ khước.\n\nPhân vùng mà bạn đang truy cập có chiều dài 0 khu vực, hoặc nó là thiết bị khởi động. - Quản lý - Để nạp trình điều khiển của VeraCrypt lên, bạn cần đăng nhập vào một trương mục có quyền quản lý. - Xin lưu ý là để mã hóa/Giải/định dạng một phân vùng/thiết bị thì bạn cần đăng nhập vào một trương mục có quyền quản lý.\n\nChuyện này không áp dụng với các tập đĩa có tập tin làm chủ. - Để cấu tạo một tập đĩa ẩn bạn cần đăng nhập vào một trương mục có quyền quản lý.\n\nTiếp tục không? - Xin lưu ý là để định dạng tập đĩa theo dạng NTFS bạn cần đăng nhập vào một trương mục có quyền quản lý.\n\nKhông thôi có quyền quản lý, bạn có thể định dạng tập đĩa theo dạng FAT. - Mã hóa được chấp thuận bởi FIPS (Rijndael, phát hành năm 1998) có thể được sử dụng bởi các bộ và cơ quan Hoa Kỳ để bảo vệ những tin tức mật cho đến mức tối mật. 256-bit key, 128-bit block, 14 rounds (AES-256). Phương thức của thao tác là XTS. - Tập đĩa đã được nạp lên rồi. - LƯU Ý: Ít nhất một sự mã hóa hoặc thuật toán ước tính đã không qua được những kiểm tra tự động được đặt!\n\nCài đặt VeraCrypt có thể bị hỏng. - LƯU Ý: Không đủ dữ liệu trong công chung Hàm tạo Số Ngẫu nhiên để cung cấp số lượng dữ liệu ngẫu nhiên được yêu cầu.\n\nBạn không nên tiếp tục thêm nữa. Xin chọn 'Report một Bug' từ trình đơn Help, và báo cáo lỗi này. - Ổ đĩa bị tổn hại (có một phần bị hỏng trong đó) hoặc một đường dây bị tổn hại, hoặc bộ nhớ bị trục trặc.\n\nXin lưu ý đây là một vấn đề với cương liệu của bạn, không phải với VeraCrypt. Vì vậy, xin ĐỪNG báo cáo đây là một lỗi/vấn đề trong VeraCrypt và xin ĐỪNG xin giúp đỡ với chuyện này trong các Diễn đàn của VeraCrypt. Xin liên lạc với ban hỗ trợ kỹ thuật từ nhà cung cấp máy điện toán của bạn để xin giúp đỡ. Cám ơn bạn.\n\nLưu ý: Nếu lỗi xảy ra nhiều lần tại cùng một chỗ thì điều đó rất có thể gây ra bởi một khối đĩa xấu, mà có thể dùng nhu liệu của hãng khác để sửa được (lưu ý là trong nhiều trường hợp, lệnh 'chkdsk /r' không thể sửa nó được vì nó chỉ làm được ở cấp hệ thống tập tin; trong một vài trường hợp, ngay cả công cụ 'chkdsk' cũng không tìm được nó). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Hệ thống của bạn dường như đang dùng các trình điều khiển chipset riêng có chứa một lỗi ngăn cản việc mã hóa toàn bộ ổ đĩa hệ thống.\n\nXin cập nhật hoặc hủy cài đặt bất cứ trình điều khiển chipset riêng (không phải của Microsoft) trước khi tiến hành. Nếu chuyện này không giúp ích được thì thử chỉ mã hóa phân vùng hệ thống thôi. - Ký tự Ổ đĩa không hợp lệ. - Đường dẫn không hợp lệ. - Hủy bỏ - Không thể truy cập thiết bị được. Đảm bảo thiết bị được chọn đã có và không đang được dùng bởi hệ thống. - Cảnh báo: Caps Lock đang bật. Việc này có thể làm cho bạn nhập mật mã không đúng. - Loại Tập đĩa - Chuyện bạn bị người khác buộc nói ra mật mã của một tập đĩa được mã hóa có thể xảy ra. Có nhiều trường hợp bạn không thể từ chối nói ra mật mã (ví dụ như tra tấn). Sử dụng một tập đĩa được gọi là ẩn cho phép bạn giải quyết những trường hợp như thế mà không phải nói ra mật mã cho tập đĩa của bạn. - Chọn tùy chọn này nếu bạn muốn cấu tạo một tập đĩa VeraCrypt thông thường. - Xin lưu ý là nếu bạn muốn một hệ điều hành được cài đặt trong một tập đĩa ẩn có phân vùng-làm chủ thì toàn cả ổ đĩa hệ thống không thể được mã hóa chỉ bằng một khóa đơn độc. - Các Tùy chọn Mã hóa Tập đĩa Bên ngoài - Các Tùy chọn Mã hóa Tập đĩa Ẩn - Tùy chọn mã hóa - CẢNH BÁO: Không dọn sạch được đường dẫn của tập đĩa/tập tin khóa được chọn (được nhớ bởi bộ chọn tập tin)! - Lỗi: Bộ chứa đã bị ép lại ở cấp hệ thống tập tin. VeraCrypt không hỗ trợ các bộ chứa bị ép lại (lưu ý là việc ép những dữ liệu được mã hóa lại là vô ích và dư thừa).\n\nXin tắt việc ép bộ chứa lại bằng cách theo những bước sau đây:\n1) Nhấn phải vào bộ chứa trong Windows Explorer (không phải trong VeraCrypt).\n2) Chọn 'Đặc tính'.\n3) Trong hộp thoại 'Đặc tính', nhấn 'Cấp cao'.\n4) Trong hộp thoại 'Thuộc tính Cấp cao', tắt tùy chọn 'Ép nội dung lại để tiết kiệm chỗ trống trong đĩa' và nhấn 'OK'.\n5) Trong hộp thoại 'Đặc tính', nhấn 'OK'. - Không cấu tạo tập đĩa %s được - Kích cỡ của %s là %.2f bytes - Kích cỡ của %s là %.2f KB - Kích cỡ của %s là %.2f MB - Kích cỡ của %s là %.2f GB - Kích cỡ của %s là %.2f TB - Kích cỡ của %s là %.2f PB - CẢNH BÁO: Thiết bị/phân vùng đang được dùng bởi hệ điều hành hoặc các ứng dụng. Định dạng thiết bị/phân vùng có thể làm cho dữ liệu bị hỏng và hệ thống không ổn định.\n\nTiếp tục không? - Cảnh báo: Phân vùng đang được dùng bởi hệ điều hành hoặc các ứng dụng. Bạn nên đóng bất cứ ứng dụng nào có thể đang sử dụng phân vùng này (kể luôn nhu liệu chống vi-rút).\n\nTiếp tục không? - Lỗi: Thiết bị/phân vùng có chứa một hệ thống tập tin mà không thể tháo xuống được. Hệ thống tập tin có thể đang được dùng bởi hệ điều hành. Định dạng thiết bị/phân vùng sẽ rất có thể làm cho dữ liệu bị hỏng và hệ thống bị bất ổn.\n\nĐể giải quyết vấn đề này, chúng tôi đề nghị trước tiên bạn xóa bỏ phân vùng và sau đó cấu tạo nó lại mà không có định dạng. Để làm thế, theo những bước sau đây:\n1) Nhấn phải vào biểu tượng 'Computer' (hoặc 'My Computer') trong 'Trình đơn Start' và chọn 'Quản lý'. Cửa sổ 'Computer Management' sẽ hiện ra.\n2) Trong cửa sổ 'Computer Management', chọn 'Lưu trữ' > 'Disk Management'.\n3) Nhấn phải vào phân vùng mà bạn muốn mã hóa và chọn 'Xóa Phân vùng', hay 'Xóa Tập đĩa', hay 'Xóa Ổ đĩa theo Lôgic'.\n4) Nhấn 'Có'. Nếu Windows yêu cầu bạn bắt đầu máy lại thì làm vậy. Sau đó, lập lại các bước 1 và 2 và tiếp tục từ bước 5.\n5) Nhấn phải vào khu vực chỗ chưa được phân phối/trống và chọn 'Phân vùng Mới', hay 'Tập đĩa Đơn giản Mới', hay 'Ổ đĩa Lôgic Mới'.\n6) Cửa sổ 'Trợ lý Phân vùng Mới' hay 'Trợ lý Tập đĩa Đơn giản Mới' sẽ hiện ra bây giờ; theo những chỉ dẫn của nó. Trên trang trợ lý mang tựa đề 'Định dạng Phân vùng', chọn 'Đừng định dạng phân vùng này' hay 'Đừng định dạng tập đĩa này'. Trên cùng trợ lý, nhấn 'Kế tiếp' và sau đó 'Kết thúc'.\n7) Lưu ý là đường dẫn thiết bị mà bạn đã chọn trong VeraCrypt bây giờ có thể sai. Vì vậy, ra khỏi Trợ lý Cấu tạo Tập đĩa VeraCrypt (nếu nó vẫn còn chạy) và sau đó bắt đầu lại.\n8) Thử mã hóa thiết bị/phân vùng lại.\n\nNếu VeraCrypt nhiều lần không mã hóa thiết bị/phân vùng được thì thay vào đó, bạn có thể tính đến chuyện cấu tạo một bộ chứa tập tin. - Lỗi: Hệ thống tập tin không thể được khóa và/hay tháo xuống. Nó có thể đang được dùng bởi hệ thống hoặc các ứng dụng (ví dụ như nhu liệu chống vi rút). Mã hóa phân vùng có thể làm cho dữ liệu bị hỏng và hệ thống không ổn định.\n\nXin đóng bất cứ ứng dụng nào có thể đang dùng hệ thống tập tin (kể luôn nhu liệu chống vi rút) và thử lại. Nếu nó không giúp được thì xin theo những bước bên dưới. - CẢNH BÁO: Một vài thiết bị/phân vùng được nạp lên đã được đang sử dụng!\n\nBỏ mặc chuyện này có thể gây ra những kết quả không mong muốn luôn cả hệ thống không ổn định.\n\nChúng tôi cực lực khuyên bạn nên đóng bất cứ ứng dụng nào có thể dùng những thiết bị/phân vùng này. - Thiết bi được chọn có chứa các phân vùng.\n\nĐịnh dạng thiết bị có thể làm cho hệ thống bất ổn và/hay dữ liệu bị hỏng. Xin chọn một phân vùng trong thiết bị hoặc bỏ hết các phân vùng trong thiết bị để VeraCrypt có thể định dạng nó một cách an toàn. - Thiết bị vô hệ được chọn có chứa các phân vùng.\n\nCác tập đĩa VeraCrypt được mã hóa có thiết bị làm chủ có thể được cấu tạo bên trong các thiết bị không có chứa bất cứ phân vùng nào (kể luôn các đĩa cứng và ổ đĩa thể rắn). Một thiết bị có chứa các phân vùng chỉ có thể được mã hóa toàn bộ tại chỗ (dùng một khóa chính đơn độc) nếu nó là ổ đĩa nơi mà Windows được cài đặt và nơi mà nó khởi động.\n\nNếu bạn muốn mã hóa thiết bị vô hệ được chọn bằng cách dùng một khóa chính đơn độc thì bạn sẽ cần phải gỡ bỏ tất cả các phân vùng trong thiết bị trước để cho VeraCrypt định dạng nó một cách an toàn (định dạng một thiết bị có chứa các phân vùng có thể làm cho hệ thống bất ổn và/hay dữ liệu bị hỏng). Một cách khác, bạn có thể mã hóa mỗi phân vùng trong ổ đĩa riêng biệt nhau (mỗi phân vùng sẽ được mã hóa bằng cách dùng một khóa chính khác nhau).\n\nLưu ý: Nếu bạn muốn gỡ bỏ tất cả các phân vùng khỏi một đĩa GPT, bạn có thể cần phải hoán chuyển nó thành một đĩa MBR (ví dụ như dùng công cụ trong Computer Management) để gỡ bỏ các phân vùng ẩn. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - QUAN TRỌNG: Xin nhớ là tập đĩa này KHÔNG thể nạp lên/truy cập được khi dùng chữ hiệu ổ đĩa %c:, cái mà đang được gán cho nó!\n\nĐể nạp tập đĩa này lên, nhấn 'Auto-Mount Devices' trong cửa sổ chính của VeraCrypt (một cách khác, trong cửa sổ chính của VeraCrypt, nhấn 'Select Device', sau đó chọn phân vùng/thiết bị này, và nhấn 'Mount'). Tập đĩa sẽ được nạp lên một chữ hiệu ổ đĩa khác mà bạn chọn từ danh sách trong cửa sổ chính của VeraCrypt.\n\nChữ hiệu ổ đĩa gốc %c: chỉ nên được dùng trong trường hợp bạn cần bỏ mã hóa ra khỏi phân vùng/thiết bị (ví dụ như nếu bạn không còn cần mã hóa nữa). Trong trường hợp như thế, nhấn phải chữ hiệu ổ đĩa %c: trong danh sách của 'Computer' (hay 'My Computer') và chọn 'Format'. Ngoài ra, chữ hiệu ổ đĩa %c: không nên bao giờ được sử dụng (trừ khi bạn gỡ bỏ nó, như được miêu tả ví dụ như trong FAQ của VeraCrypt, và gán nó vào một phân vùng/thiết bị khác). - Mã hóa tại chỗ các tập đĩa vô hệ không được hỗ trợ trong phiên bản của hệ điều hành mà bạn hiện đang sử dụng (nó chỉ được hỗ trợ trong Windows Vista và các phiên bản sau của Windows).\n\nLý do là phiên bản này của Windows không hỗ trợ việc thu nhỏ một hệ thống tập tin (hệ thống tập tin cần được thu nhỏ để dành chỗ cho phần đầu và bản sao phần đầu của tập đĩa). - Phân vùng được chọn dường như không có chứa một hệ thống tập tin NTFS. Chỉ có những phân vùng có chứa một hệ thống tập tin NTFS mới có thể được mã hóa tại chỗ.\n\nLưu ý: Lý do là Windows không hỗ trợ việc thu nhỏ những loại hệ thống tập tin khác (hệ thống tập tin cần được thu nhỏ để dành chỗ cho phần đầu và bản sao phần đầu của tập đĩa). - Phân vùng được chọn dường như không có chứa một hệ thống tập tin NTFS. Chỉ có những phân vùng có chứa một hệ thống tập tin NTFS mới có thể được mã hóa tại chỗ.\n\nNếu bạn muốn cấu tạo một tập đĩa VeraCrypt được mã hóa bên trong phân vùng này thì chọn tùy chọn "Cấu tạo tập đĩa được mã hóa và định dạng nó" (thay vì tùy chọn "Mã hóa phân vùng tại chỗ"). - Lỗi: Phân vùng quá nhỏ. VeraCrypt không thể mã hóa nó tại chỗ được. - Để mã hóa dữ liệu trong phân vùng này, xin theo những bước sau đây:\n\n1) Cấu tạo một tập đĩa VeraCrypt trong một phân vùng/thiết bị trống và sau đó nạp nó lên.\n\n2) Chép tất cả tập tin mà ban đầu bạn muốn mã hóa từ phân vùng vào tập đĩa VeraCrypt đã được nạp (được cấu tạo và nạp trong bước 1). Cách đó, bạn sẽ cấu tạo một bản sao của dữ liệu được VeraCrypt mã hóa.\n\n3) Cấu tạo một tập đĩa VeraCrypt trong phân vùng mà ban đầu bạn muốn mã hóa và đảm bảo rằng (trong trợ lý của VeraCrypt) bạn chọn tùy chọn " Cấu tạo tập đĩa được mã hóa và định dạng nó" (thay vì tùy chọn "Mã hóa phân vùng tại chỗ"). Lưu ý là tất cả dữ liệu trong phân vùng sẽ bị xóa bỏ. Sau khi tập đĩa được cấu tạo, nạp nó lên.\n\n4) Chép tất cả tập tin từ tập đĩa sao VeraCrypt đã được nạp (được cấu tạo và nạp trong bước 1) vào tập đĩa VeraCrypt được nạp mà đã được cấu tạo (và nạp lên) trong bước 3.\n\nSau khi bạn làm xong những bước này, dữ liệu sẽ được mã hóa và, thêm vào đó, sẽ có một bản sao của dữ liệu được mã hóa. - VeraCrypt chỉ có thể mã hóa tại chỗ một phân vùng, một tập đĩa động, hoặc toàn bộ một ổ đĩa hệ thống.\n\nNếu bạn muốn cấu tạo một tập đĩa VeraCrypt được mã hóa bên trong thiết bị vô hệ được chọn thì chọn tùy chọn "Cấu tạo tập đĩa được mã hóa và định dạng nó" (thay vì tùy chọn "Mã hóa phân vùng tại chỗ "). - Lỗi: VeraCrypt chỉ có thể mã hóa tại chỗ một phân vùng, một tập đĩa động, hoặc toàn bộ một ổ đĩa hệ thống. Xin đảm bảo là đường dẫn được điền rõ có hợp lệ. - Lỗi: Không thể thu nhỏ hệ thống tập tin (hệ thống tập tin cần được thu nhỏ để dành chỗ cho phần đầu và bản sao phần đầu của tập đĩa).\n\nNhững nguyên nhân và giải pháp có thể xảy ra:\n\n- Không đủ chỗ trống trong tập đĩa. Xin đảm bảo là không có ứng dụng nào khác đang viết vào hệ thống tập tin.\n\n- Hệ thống tập tin bị tổn hại. Thử kiểm soát nó và sửa bất cứ lỗi nào (nhấn phải chữ hiệu ổ đĩa tương ứng trong danh sách 'Computer', sau đó chọn Đặc tính > Tools > 'Check Now', đảm bảo là tùy chọn 'Automatically fix tập tin hệ thống errors' được bật lên và nhấn Start).\n\nNếu những bước trên không giúp được gì, xin theo những bước bên dưới. - Lỗi: Không đủ chỗ trống trong tập đĩa và vì thế hệ thống tập đĩa không thể được thu nhỏ (hệ thống tập tin cần được thu nhỏ để dành chỗ cho phần đầu và bản sao phần đầu của tập đĩa).\n\nXin xóa bỏ bất cứ tập tin nào dư thừa và trút bỏ Recycle Bin để có được ít nhất 256 KB chỗ trống và sau đó thử lại. Lưu ý là vì một vấn đề của Windows, số lượng chỗ trống báo bởi Windows Explorer có thể không đúng cho đến khi hệ điều hành được bắt đầu lại. Nếu bắt đầu hệ thống lại không giúp được thì hệ thống tập tin có thể bị tổn hại. Thử kiểm soát nó và sửa bất cứ lỗi nào (nhấn phải chữ hiệu ổ đĩa tương ứng trong danh sách 'Computer', sau đó chọn Đặc tính > Tools > 'Check Now', đảm bảo là tùy chọn 'Automatically fix tập tin hệ thống errors' được bật lên và nhấn Start).\n\nNếu những bước trên không giúp được gì, xin theo những bước bên dưới. - Chỗ trống trên ổ đĩa %s là %.2f bytes. - Chỗ trống trên ổ đĩa %s là %.2f KB - Chỗ trống trên ổ đĩa %s là %.2f MB - Chỗ trống trên ổ đĩa %s là %.2f GB - Chỗ trống trên ổ đĩa %s là %.2f TB - Chỗ trống trên ổ đĩa %s là %.2f PB - Không thể lấy chữ hiệu ổ đĩa có sẵn. - Lỗi: Không tìm được trình điều khiển VeraCrypt.\n\nXin chép các tập tin 'veracrypt.sys' và 'veracrypt-x64.sys' vào thư mục nơi mà ứng dụng chính của VeraCrypt (VeraCrypt.exe) đang nằm. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Lỗi: Sơ khởi mã hóa thất bại. - Lỗi: Một khóa yếu hoặc có thể yếu đã được phát hiện. Khóa này sẽ được bỏ. Xin thử lại lần nữa. - Một lỗi nghiêm trọng đã xảy ra và VeraCrypt phải được chấm dứt. Nếu chuyện này gây ra bởi một lỗi trong VeraCrypt thì chúng tôi muốn sửa nó. Để giúp chúng tôi, bạn có thể gởi cho chúng tôi một báo cáo lỗi được làm tự động có chứa những khoản sau đây:\n\n- Phiên bản của chương trình\n- Phiên bản của hệ điều hành\n- Loại CPU\n- Tên bộ phận của VeraCrypt\n- Tổng kiểm của tập tin thực hiện của VeraCrypt\n- Tên tượng trưng của cửa sổ hộp thoại\n- Loại lỗi\n- Địa chỉ lỗi \n- Cụm gọi của VeraCrypt\n\nNếu bạn chọn 'Có', URL sau đây (which có chứas the toàn bộ error report) sẽ được mở ra trong Internet browser mặc định của bạn.\n\n%hs\n\nBạn có muốn gởi cho chúng tôi báo cáo lỗi bên trên không? - Một lỗi nghiêm trọng đã xảy ra trong hệ thống của bạn nên VeraCrypt cần phải được chấm dứt.\n\nLưu ý là lỗi này không phải do VeraCrypt gây ra (vì vậy những nhà phát triển VeraCrypt không thể sửa nó được). Xin kiểm soát hệ thống của bạn coi có vấn đề không (ví dụ như cấu hình hệ thống, kết nối mạng, các bộ phận phần cứng bị hư). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - Lỗi Nghiêm trọng của VeraCrypt - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - Mã hóa - Giải mã - Giải mã vĩnh viễn - Thoát ra - Xin cấu tạo một ổ đĩa theo lôgic cho phân vùng nới rộng này, và sau đó thử lại. - Một tập đĩa VeraCrypt có thể nằm trong một tập tin (gọi là bộ chứa VeraCrypt), mà có thể nằm trong một đĩa cứng, trong một ổ đĩa nhớ USB, v.v. Một bộ chứa VeraCrypt thì giống như bất cứ tập tin thông thường nào (ví dụ như nó có thể được di chuyển hoặc xóa bỏ như bất cứ tập tin nào). Nhấn 'Chọn Tập tin' để chọn một tập tin cho bộ nhớ và để chọn vị trí nơi mà bạn muốn bộ nhớ được cấu tạo.\n\nCẢNH BÁO: Nếu bạn chọn một tập tin có sẵn, VeraCrypt sẽ KHÔNG mã hóa nó; tập tin sẽ được xóa bỏ và thay thế với bộ chứa VeraCrypt mới được cấu tạo. Bạn sẽ có thể mã hóa những tập tin có sẵn (sau này) bằng cách di chuyển chúng vào bộ chứa VeraCrypt mà bạn sắp cấu tạo bây giờ. - Chọn vị trí của tập đĩa bên ngoài để được cấu tạo (bên trong tập đĩa này, tập đĩa ẩn sẽ được cấu tạo sau này).\n\nMột tập đĩa VeraCrypt có thể nằm trong một tập tin (gọi là bộ chứa VeraCrypt), mà có thể nằm trong một đĩa cứng, trong một ổ đĩa nhớ một USB, v.v. Một bộ chứa VeraCrypt có thể được di chuyển hoặc xóa bỏ như bất cứ tập tin thông thường nào. Nhấn 'Chon Tập tin' để chọn một tập tin cho bộ nhớ và để chọn vị trí nơi mà bạn muốn bộ nhớ được cấu tạo. Nếu bạn chọn một tập tin có sẵn, VeraCrypt sẽ KHÔNG mã hóa nó; nó sẽ được xóa bỏ và thay thế với bộ chứa mới được cấu tạo. Bạn sẽ có thể mã hóa những tập tin có sẵn (sau này) bằng cách di chuyển chúng vào bộ chứa VeraCrypt mà bạn sắp cấu tạo bây giờ. - Các tập đĩa VeraCrypt được mã hóa có thiết bị làm chủ có thể được cấu tạo bên trong các phân vùng của các đĩa cứng, các ổ đĩa thể rắn, các thỏi nhớ USB, và trong các thiết bị chứa được hỗ trợ khác. Các phân vùng cũng có thể được mã hóa tại chỗ.\n\nThêm vào đó, các tập đĩa VeraCrypt được mã hóa có thiết bị làm chủ có thể được cấu tạo bên trong các thiết bị không có chứa bất cứ phân vùng nào (kể luôn các đĩa cứng và ổ đĩa thể rắn).\n\nLưu ý: Một thiết bị có chứa các phân vùng có thể được mã hóa toàn bộ tại chỗ (dùng một khóa đơn độc) nếu nó là ổ đĩa nơi mà Windows được cài đặt và nơi mà nó khởi động. - Một tập đĩa VeraCrypt có thiết bị làm chủ có thể được cấu tạo bên trong một phân vùng của đĩa cứng, ổ đĩa thể rắn, thỏi USB, và các thiết bị chứa khác.\n\nCẢNH BÁO: Lưu ý là phân vùng/thiết bị sẽ được định dạng và tất cả dữ liệu đang được lưu trữ trong đó sẽ bị mất. - \nChọn vị trí của tập đĩa bên ngoài để được cấu tạo (bên trong tập đĩa này, tập đĩa ẩn sẽ được cấu tạo sau này).\n\nCác tập đĩa bên ngoài có thể được cấu tạo bên trong những phân vùng của các đĩa cứng, các ổ đĩa thể rắn, các thỏi nhớ USB, và trong các thiết bị chứa được hỗ trợ khác. Các tập đĩa bên ngoài cũng có thể được cấu tạo bên trong các thiết bị không có chứa bất cứ phân vùng nào (kể luôn các đĩa cứng và ổ đĩa thể rắn).\n\nCẢNH BÁO: Lưu ý là phân vùng/thiết bị sẽ được định dạng và tất cả dữ liệu đang được lưu trữ trong đó sẽ bị mất. - \nChọn vị trí của tập đĩa nơi mà bạn muốn cấu tạo một tập đĩa ẩn trong đó. - CẢNH BÁO: Tập tin chủ/thiết bị đã đang được sử dụng!\n\nPhớt lờ chuyện này có thể gây ra những kết quả không muốn kể luôn sự bất ổn của hệ thống. Tất cả các ứng dụng có thể đang dùng tập tin chủ/thiết bị (ví dụ như các ứng dụng chống vi rút hoặc sao lưu) nên được đóng lại trước khi nạp tập đĩa lên.\n\nTiếp tục nạp lên không? - Lỗi: Không thể nạp tập đĩa lên được. Tập tin chủ/thiết bị đã đang được sử dụng. Thử nạp lên mà không cần truy cập dành riêng cũng thất bại luôn. - Không thể mở tập tin. - Vị trí Tập đĩa - Các Tập tin lớn - Bạn có tính lưu giữ những tập tin lớn hơn 4 GB trong tập đĩa VeraCrypt này không? - Tùy vào sự chọn lựa của bạn bên trên, VeraCrypt sẽ chọn một hệ thống tập tin mặc định thích hợp cho tập đĩa VeraCrypt (bạn sẽ có thể chọn một hệ thống tập tin trong bước kế tiếp). - Vì bạn đang cấu tạo một tập đĩa bên ngoài, bạn nên tính đến chuyện chọn 'Không'. Nếu bạn chọn 'Có', hệ thống tập tin mặc định sẽ là NTFS, mà cái này không thích hợp cho các tập đĩa bên ngoài dùng theo FAT (ví dụ như kích cỡ tối đa có thể được cho tập đĩa ẩn sẽ lớn hơn nhiều nếu tập đĩa bên ngoài được định dạng theo FAT). Thông thường, FAT là mặc định cho cả tập đĩa ẩn và thông thường (vì vậy các tập đĩa FAT không bị nghi ngờ gì). Tuy nhiên, nếu người dùng cho thấy ý định lưu giữ các tập tin lớn hơn 4 GB (mà hệ thống tập tin FAT không cho phép), thì FAT không phải là mặc định. - Bạn có chắc là bạn muốn chọn 'Có' không? - Phương thức cấu tạo Tập đĩa - Đây là cách nhanh nhất để cấu tạo một tập đĩa VeraCrypt có phân vùng làm chủ hoặc có thiết bị làm chủ (mã hóa tại chỗ, một tùy chọn khác, bị chậm hơn vì nội dung của mỗi khu vực phải được đọc trước, mã hóa, và sau đó viết). Bất cứ dữ liệu nào đã được lưu trữ trong phân vùng/thiết bị được chọn sẽ bị mất (dữ liệu sẽ KHÔNG được mã hóa; nó sẽ được viết chòng lên với dữ liệu ngẫu nhiên). Nếu bạn muốn mã hóa dữ liệu có sẵn trong một phân vùng thì chọn tùy chọn khác. - Nguyên cả phân vùng được chọn và tất cả dữ liệu giữ trong đó sẽ được mã hóa tại chỗ. Nếu phân vùng trống thì bạn nên chọn tùy chọn khác (tập đĩa sẽ được cấu tạo nhanh hơn nhiều). - Ghi chú: - Làm tiếp - &Hoãn lại - Bắt đầu - Tiếp tục - Định dạng - &Tẩy - Hủy bỏ định dạng không? - Cho thấy thêm tin tức - Đừng cho thấy cái này nữa - Nội dung của phân vùng/ổ đĩa đã được xóa bỏ thành công. - Nội dung của phân vùng nơi hệ thống gốc (mà hệ ẩn là một bản sao) ở đã được xóa bỏ thành công. - Xin đảm bảo là phiên bản Windows bạn sắp cài đặt (on the tẩyd phân vùng) giống như phiên bản Windows bạn đang cho chạy hiện tại. Chuyện này cần thiết vì cả hai hệ thống sẽ cùng dùng một phân vùng khởi động giống nhau. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - Phân vùng/ổ đĩa hệ thống đã được giải mã thành công. - \n\nTập đĩa VeraCrypt đã được cấu tạo và sẵn sàng để dùng. Nếu bạn muốn cấu tạo một tập đĩa VeraCrypt khác thì nhấn Kế tiếp. Không thôi thì nhấn Thoát ra. - \n\nTập đĩa ẩn VeraCrypt đã được cấu tạo thành công (hệ điều hành ẩn sẽ nằm bên trong tập đĩa ẩn này).\n\nNhấn Kế tiếp để tiếp tục. - Tập đĩa được Hoàn toàn Mã hóa - Volume Fully Decrypted - QUAN TRỌNG: ĐỂ NẠP TẬP ĐĨA VERACRYPT MỚI ĐƯỢC CẤU TẠO NÀY LÊN VÀ ĐỂ TRUY CẬP DỮ LIỆU LƯU TRỮ TRONG NÓ, NHẤN 'Auto-Mount Devices' TRONF CỬA SỔ CHÍNH CỦA VERACRYPT. Sau khi bạn nhập đúng mật mã vào (và/hay cung cấp đúng các tập tin khóa), tập đĩa sẽ được nạp lên chữ hiệu ổ đĩa mà bạn chọn từ danh sách trong cửa sổ chính của VeraCrypt (và bạn sẽ có thể truy cập dữ liệu được mã hóa data qua chữ hiệu ổ đĩa được chọn).\n\nXIN NHỚ HOẶC GHI XUỐNG NHỮNG BƯỚC TRÊN. BẠN PHẢI THEO CHÚNG BẤT CỨ KHI NÀO BẠN MUỐN NẠP TẬP ĐĨA LÊN VÀ TRUY CẬP DỮ LIỆU LƯU GIỮ TRONG NÓ. Một cách khác, trong cửa sổ chính của VeraCrypt, nhấn 'Chọn Thiết bị', sau đó chọn phân vùng/tập đĩa này, và nhấn 'Mount'.\n\nPhân vùng/tập đĩa đã được mã hóa thành công (nó có chứa một tập đĩa VeraCrypt đã được mã hóa toàn bộ bây giờ) và sẵn sàng để dùng. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - Tập đĩa VeraCrypt đã được cấu tạo thành công. - Tập đĩa được Cấu tạo - QUAN TRỌNG: Di chuyển con chuột của bạn càng nhiều trong cửa sổ này càng tốt. Bạn làm càng lâu càng tốt. Chuyện này sẽ gia tăng sức mạnh mã hóa của các khóa mã hóa. Sau đó nhấn Định dạng để cấu tạo tập đĩa. - Nhấn Định dạng để cấu tạo tập đĩa bên ngoài. Để có thêm hướng dẫn, xin tham khảo tài liệu. - Định dạng Tập đĩa Bên ngoài - Định dạng Tập đĩa Ẩn - Định dạng Tập đĩa - Cần có Adobe Reader (hoặc một công cụ tương đương) để xem hoặc in VeraCrypt User's Guide. Adobe Reader (freeware) có thể được tải xuống tại: www.adobe.com\n\nThay vì vậy, bạn có muốn xem tài liệu trên mạng không? - Nếu bạn chọn tùy chọn này, trước tiên trợ lý sẽ giúp bạn cấu tạo một tập đĩa VeraCrypt thông thường và sau đó một tập đĩa VeraCrypt ẩn bên trong nó. Người dùng không kinh nghiệm nên luôn luôn chọn tùy chọn này. - Nếu bạn chọn tùy chọn này, bạn sẽ cấu tạo một tập đĩa ẩn bên trong một tập đĩa VeraCrypt có sẵn. Sẽ cho rằng bạn đã cấu tạo một tập đĩa VeraCrypt thích hợp để chứa tập đĩa ẩn rồi. - Phương thức Cấu tạo Tập đĩa - Tập đĩa Ẩn đã được Cấu tạo - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - Bạn đã bắt đầu hệ điều hành ẩn. Như bạn có thể để ý, hệ điều hành ẩn hình như được cài đặt trong cùng phân vùng với hệ điều hành ban đầu. Tuy nhiên, trên thực tế, nó được cài đặt bên trong phân vùng đằng sau nó (trong tập đĩa ẩn). Tất cả các thao tác đọc và viết đang được vô hình chuyển từ phân vùng hệ thống ban đầu đến tập đĩa ẩn.\n\nCả hệ điều hành lẫn các ứng dụng sẽ không biết là dữ liệu viết vào và đọc từ phân vùng hệ thống thực ra được viết vào và đọc từ phân vùng đằng sau nó (từ/vào một tập đĩa ẩn). Bất cứ dữ liệu nào như thế được mã hóa và giải mã ngay khi cần như thông thường (với một khóa mã hóa khác với cái sẽ được dùng cho hệ điều hành nghi trang).\n\n\nXin nhấn Kế tiếp để tiếp tục. - Tập đĩa bên ngoài đã được cấu tạo và nạp vào ổ đĩa %hc:. Bây giờ bạn nên chép một vài tập tin nhìn có vẻ nhạy cảm mà thật ra bạn KHÔNG muốn dấu vào tập đĩa bên ngoài này. Chúng nó sẽ nằm ở đó cho bất cứ ai buộc bạn phải tiết lộ mật mã của phân vùng đầu tiên sau phân vùng hệ thống, nơi mà cả hai tập đĩa bên ngoài và tập đĩa ẩn (có chứa hệ điều hành ẩn) sẽ nằm đó. Bạn sẽ có thể tiết lộ mật mã của tập đĩa bên ngoài này, và sự hiện diện của tập đĩa ẩn (và của hệ điều hành ẩn) sẽ vẫn được giữ bí mật .\n\nQUAN TRỌNG: Những tập tin bạn chép vào tập đĩa bên ngoài không nên chiếm hơn %s. Không thôi, có thể không đủ chỗ trống trong tập đĩa bên ngoài cho tập đĩa ẩn (và bạn sẽ không thể tiếp tục được). Sau khi bạn chép xong, nhấn Kế tiếp (đừng tháo tập đĩa xuống). - Tập đĩa bên ngoài đã được cấu tạo và nạp vào ổ đĩa %hc:. Bây giờ bạn nên chép một vài tập tin nhìn có vẻ nhạy cảm mà thật ra bạn KHÔNG muốn dấu. Những tập tin sẽ nằm ở đó cho bất cứ ai buộc bạn phải tiết lộ mật mã. Bạn sẽ chỉ tiết lộ mật mã của tập đĩa bên ngoài này thôi, không phải của cái ẩn. Những tập tin mà bạn thật sự lo cho sẽ được lưu trữ trong tập đĩa ẩn, mà sẽ được cấu tạo sau này. Khi bạn chép xong, nhấn Kế tiếp. Đừng tháo tập đĩa xuống.\n\nLưu ý: Sau khi nhấn Kế tiếp, cụm ảnh mảng của tập đĩa bên ngoài sẽ được quét để xác định kích cỡ của khu vực chỗ trống không gián đoạn mà phần cuối của nó trùng với phần cuối của tập đĩa. Khu vực này sẽ chứa tập đĩa ẩn, vì thế nó sẽ giới hạn kích cỡ tối đa có thể được của nó. Quét cụm ảnh mảng đảm bảo là không có dữ liệu nào trong tập đĩa bên ngoài bị viết chòng lên bởi tập đĩa ẩn. - Nội dung Tập đĩa Bên ngoài - \n\nTrong những bước kế tiếp, bạn sẽ thiết lập các tùy chọn cho tập đĩa bên ngoài (nơi mà bên trong đó tập đĩa ẩn sẽ được cấu tạo sau đó). - \n\nTrong những bước kế tiếp, bạn sẽ cấu tạo một tập đĩa VeraCrypt được gọi là bên ngoài bên tromg phân vùng thứ nhất đằng sau phân vùng hệ thống (như đã được giải thích trong một trong các bước trước). - Tập đĩa bên ngoài - Trong những bước sau đây, bạn sẽ đặt những tùy chọn và mật mã cho tập đĩa ẩn, cái mà sẽ chứa hệ điều hành ẩn.\n\nGhi chú: Cụm ảnh mảng của tập đĩa bên ngoài đã được quét để xác định kích cỡ của khu vực chỗ trống không gián đoạn mà phần cuối của nó trùng với phần cuối của tập đĩa bên ngoài. Khu vực này sẽ chứa tập đĩa ẩn, vì thế nó giới hạn kích cỡ tối đa có thể được của nó. Kích cỡ tối đa có thể được của tập đĩa ẩn đã được xác định và xác nhận là lớn hơn kích cỡ của phân vùng hệ thống (cần phải có vì nguyên cả nội dung của hệ thống sẽ cần được chép vào tập đĩa ẩn). Chuyện này đảm bảo là không có dữ liệu nào đang được lưu trữ trong tập đĩa bên ngoài sẽ bị viết chòng lên bởi dữ liệu được viết vào khu vực của tập đĩa ẩn. - QUAN TRỌNG: Xin ghi nhớ những thuật toán mà bạn chọn trong bước này. Bạn sẽ phải chọn những thuật toán giống vậy cho hệ thống nghi trang. Không thôi hệ ẩn sẽ không truy cập được! (Hệ thống nghi trang phải được mã hóa với thuật toán mã hóa giống với hệ ẩn.)\n\nLưu ý: Lý do là hệ thống nghi trang và hệ ẩn sẽ xài chung một bộ tải khởi nạp đơn độc, cái mà chỉ hỗ trợ một thuật toán đơn độc được chọn bởi người sử dụng (cho mỗi thuật toán, có một phiên bản đặc biệt của Bộ tải Khởi nạp của VeraCrypt). - \n\nCụm ảnh mảng của tập đĩa đã được quét và kích cỡ tối đa có thể được của tập đĩa ẩn đã được xác định. Trong những bước kế tiếp bạn sẽ đặt những tùy chọn, kích cỡ, và mật mã cho tập đĩa ẩn. - Tập đĩa Ẩn - Tập đĩa ẩn bây giờ được bảo vệ khỏi bị tổn hại cho đến khi tập đĩa bên ngoài được tháo xuống.\n\nCẢNH BÁO: Nếu bất cứ dữ liệu nào được thử lưu vào khu vực của tập đĩa ẩn, VeraCrypt sẽ bắt đầu bảo vệ chống ghi toàn bộ tập đĩa (cả phần bên ngoài lẫn phần ẩn) cho đến khi nó được tháo xuống. Chuyện này có thể làm cho hệ thống tập tin bị tổn hại trong tập đĩa bên ngoài, mà (nếu tái diễn) sẽ có thể ảnh hưởng bất lợi cho việc phủ nhận có vẻ hợp lý về tập đĩa ẩn. Vì vậy, bạn nên dùng mọi nổ lực tránh viết vào khu vực tập đĩa ẩn. Bất cứ dữ liệu nào đang được lưu vào khu vực tập đĩa ẩn sẽ không được lưu trữ và sẽ bị mất. Windows có thể báo đây là một lỗi viết ("Viết Hoãn lại bị Thất bại" hoặc "Tham số không đúng"). - Mỗi một tập đĩa ẩn bên trong các tập đĩa mới được nạp lên bây giờ được bảo vệ khỏi bị tổn hại cho đến khi được tháo xuống.\n\nCẢNH BÁO: Nếu bất cứ dữ liệu nào được thử lưu vào khu vực của tập đĩa ẩn được bảo vệ của các tập đĩa này, VeraCrypt sẽ bắt đầu bảo vệ chống ghi toàn bộ tập đĩa (cả phần bên ngoài lẫn phần ẩn) cho đến khi nó được tháo xuống. Chuyện này có thể làm cho hệ thống tập tin bị hỏng trong tập đĩa bên ngoài, mà (nếu tái diễn) sẽ có thể ảnh hưởng bất lợi cho việc phủ nhận có vẻ hợp lý về tập đĩa ẩn. Vì vậy, bạn nên dùng mọi nổ lực tránh viết vào khu vực tập đĩa ẩn. Bất cứ dữ liệu nào đang được lưu vào khu vực tập đĩa ẩn được bảo vệ sẽ không được lưu trữ và sẽ bị mất. Windows có thể báo đây là một lỗi viết ("Viết Hoãn lại bị Thất bại" hoặc "Tham số không đúng"). - CẢNH BÁO: Dữ liệu đã được thử lưu vào khu vực của tập đĩa ẩn của tập đĩa được nạp vào %c:! VeraCrypt đã ngăn cản những dữ liệu này được lưu trữ để bảo vệ tập đĩa ẩn. Chuyện này có thể làm hệ thống tập tin bị hỏng trong tập đĩa bên ngoài và Windows có thể báo một lỗi viết ("Viết Hoãn lại bị Thất bại" hoặc "Tham số không đúng"). Toàn bộ tập đĩa (cả phần bên ngoài lẫn phần ẩn) sẽ được bảo vệ chống ghi cho đến khi nó được tháo xuống. Nếu đây không phải là lần đầu tiên VeraCrypt ngăn cản dữ liệu được lưu vào khu vực của tập đĩa ẩn của tập đĩa này, việc phủ nhận có vẻ hợp lý về tập đĩa ẩn có thể bị ảnh hưởng bất lợi (vì có thể có sự mâu thuẩn bất thường bên trong hệ thống tập tin của tập đĩa bên ngoài). Vì vậy, bạn nên tính đến chuyện cấu tạo một tập đĩa VeraCrypt mới (với Quick Format được tắt) và dời các tập tin từ tập đĩa này sang tập đĩa mới; tập đĩa này nên được xóa tẩy một cách an toàn (cả phần bên ngoài lẫn phần ẩn). Chúng tôi cực lực khuyên bạn bắt đầu hệ điều hành lại bây giờ. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - Vì những lý do bảo mật, khi một hệ điều hành ẩn đang chạy, các tập đĩa ẩn chỉ có thể được cấu tạo bằng phương thức 'trực tiếp' (vì các tập đĩa bên ngoài phải luôn được nạp kiểu chỉ-đọc lên). Để cấu tạo một tập đĩa ẩn một cách an toàn, theo những bước sau đây:\n\n1) Khởi động hệ thống nghi trang.\n\n2) Cấu tạo một tập đĩa VeraCrypt thông thường và chép vào tập đĩa này một vài tập tin nhìn có vẻ nhạy cảm mà thật ra bạn KHÔNG muốn dấu, (tập đĩa sẽ trở thành tập đĩa bên ngoài).\n\n3) Khởi động hệ ẩn và bắt đầu Trợ lý Cấu tạo Tập đĩa VeraCrypt. Nếu tập đĩa được tập tin làm chủ thì dời nó qua phân vùng hệ thống hoặc qua một tập đĩa ẩn khác (không thôi, tập đĩa ẩn mới được cấu tạo sẽ được nạp kiểu chỉ-đọc và không thể được định dạng). Theo những chỉ dẫn trong trợ lý để chọn phương thức cấu tạo tập đĩa ẩn 'trực tiếp'.\n\n4) Trong trợ lý, chọn tập đĩa bạn đã cấu tạo trong bưóc 2 và sau đó theo những chỉ dẫn để cấu tạo một tập đĩa ẩn bên trong nó. - Vì những lý do bảo mật, khi một hệ điều hành ẩn đang chạy, những hệ thống tập tin được giải mã và các tập đĩa VeraCrypt vô ẩn cục bộ được nạp kiểu chỉ-đọc lên (dữ liệu không thể được viết vào những hệ thống tập tin hoặc các tập đĩa VeraCrypt như thế).\n\nDữ liệu được phép viết vào bất cứ hệ thống tập tin nào nằm bên trong một tập đĩa VeraCrypt ẩn (miễn là tập đĩa ẩn không được đặt trong một bộ chứa lưu trữ trong một hệ thống tập tin được giải mã hoặc bất cứ hệ thống tập tin chỉ-đọc nào khác). - Có ba lý do chính tại sao những biện pháp phòng chống như thế đã được thực hiện:\n\n- Nó cho phép sự cấu tạo của một nền tảng an toàn để nạp các tập đĩa ẩn VeraCrypt lên. Lưu ý là chúng tôi chính thức khuyên rằng các tập đĩa ẩn chỉ được nạp lên khi một hệ điều hành ẩn đang chạy. (Để có thêm tin tức, xem phần phụ 'Những Yêu cầu và Đề phòng Bảo mật Liên quan đến những Tập đĩa Ẩn' trong tài liệu.)\n\n- Trong một vài trường hợp, có thể xác định rằng, ở một thời điểm nào đó, một hệ thống tập tin cá biệt đã không được nạp dưới (hoăc một tập tin cá biệt trong hệ thống tập tin đã không được lưu hay truy cập từ bên trong) một thể hiện cá biệt của một hệ điều hành (ví dụ như bằng cách phân tích và so sánh những ký sự của hệ thống tập tin, những dấu giờ của tập tin, những ghi bản của các ứng dụng, những ghi bản các lỗi, v.v.). Chuyện này có thể cho thấy một hệ điều hành ẩn được cài đặt trong máy. Những biện pháp phòng chống ngăn cản những vấn đề này.\n\n- Nó ngăn cản việc làm hư dữ liệu và cho phép sự vô động an toàn. Khi Windows tiếp tục lại từ sự vô động, nó cho rằng tất cả các hệ thống tập tin đã được nạp lên nằm trong tình trạng giống như khi hệ thống vào trạng thái vô động. VeraCrypt đảm bảo việc này bằng cách bảo vệ viết bất cứ hệ thống tập tin nào có thể truy cập được từ bên trong cả hệ nghi trang lẫn hệ ẩn. Không sự bảo vệ như thế, hệ thống tập tin có thể trở nên bị hỏng khi được nạp lên bởi một hệ thống trong lúc hệ thống kia đang vô động. - Lưu ý: Nếu bạn cần chuyển các tập tin một cách an toàn từ hệ thống nghi trang sang hệ thống ẩn, theo những bước sau đây:\n1) Bắt đầu hệ thống nghi trang.\n2) Lưu những tập tin vào một tập đĩa được giải mã hoặc vào một tập đĩa VeraCrypt bên ngoài/thông thường.\n3) Bắt đầu hệ ẩn.\n4) Nếu bạn đã lưu những tập tin vào một tập đĩa VeraCrypt, nạp nó lên (nó sẽ được tự động nạp lên kiểu chỉ-đọc).\n5) Chép những tập tin vào phân vùng hệ thống ẩn phân vùng hoặc vào một tập đĩa ẩn khác. - Máy của bạn phải được bắt đầu lại.\n\nBạn có muốn bắt đầu nó lại bây giờ không? - Có lỗi xảy ra khi đang lấy tình trạng mã hóa hệ thống. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Không thể sơ khởi các bộ phận của ứng dụng cho việc mã hóa hệ thống. - Không sơ khởi hàm tạo ra các số ngẫu nhiên được! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Không thể sơ khởi ứng dụng được. Không đăng ký hạng Hộp thoại được. - Lỗi: Không nạp thư viện hệ thống Rich Edit được. - Trợ lý Cấu tạo Tập đĩa VeraCrypt - Kích cỡ tối đa có thể xài được cho tập đĩa ẩn trong tập đĩa này là %.2f bytes. - Kích cỡ tối đa có thể xài được cho tập đĩa ẩn trong tập đĩa này là %.2f KB. - Kích cỡ tối đa có thể xài được cho tập đĩa ẩn trong tập đĩa này là %.2f MB. - Kích cỡ tối đa có thể xài được cho tập đĩa ẩn trong tập đĩa này là %.2f GB. - Kích cỡ tối đa có thể xài được cho tập đĩa ẩn trong tập đĩa này là %.2f TB. - Mật mã/tập tin khóa không thể được thay đổi trong lúc tập đĩa đang được nạp lên. Xin tháo tập đĩa xuống trước. - Khóa đầu của thuật toán chuyển hóa không thể được thay đổi trong lúc tập đĩa đang được nạp lên. Xin tháo tập đĩa xuống trước. - &Nạp lên - Cần có một phiên bản mới của VeraCrypt để nạp tập đĩa này lên. - Lỗi: Không tìm được Trợ lý Cấu tạo Tập đĩa.\n\nXin đảm bảo là tập tin 'VeraCrypt Format.exe' có trong thư mục nơi mà 'VeraCrypt.exe' được khởi chạy. Không thôi có thì xin cài đặt VeraCrypt lại, hoặc tìm 'VeraCrypt Format.exe' trong đĩa của bạn và cho nó chạy. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Kế tiếp > - &Kết thúc - &Cài đặt - R&út ra - Không thể nối vào trình điều khiển thiết bị của VeraCrypt. VeraCrypt không thể làm việc được nếu trình điều khiển thiết bị không đang chạy.\n\nXin lưu ý là vì một vấn đề của Windows, có thể cần phải đăng xuất hoặc bắt đầu hệ thống lại trước khi trình điều khiển cí thể được nạp lên. - Có lỗi xảy ra khi đang nạp/chuẩn bị các kiểu chữ. - Không tìm được chữ hiệu ổ đĩa hoặc không có chữ hiệu ổ đĩa nào được xác định. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Chữ hiệu ổ đĩa không có sẵn. - Không có tập tin nào được chọn! - Không có chữ hiệu ổ đĩa nào có sẵn. - Không có chữ hiệu ổ đĩa nào trống cho tập đĩa bên ngoài! Cấu tạo tập đĩa không thể tiếp tục. - Không thể định được phiên bản hệ điều hành của bạn hoặc bạn đang sử dụng một hệ điều hành không được hỗ trợ. - Không có đường dẫn nào được chọn! - Không có đủ chỗ trống cho tập đĩa ẩn! Cấu tạo tập đĩa không thể tiếp tục. - Lỗi: Những tập tin bạn đã chép vào tập đĩa bên ngoài chiếm quá nhiều chỗ. Vì vậy, không còn đủ chỗ trống trong tập đĩa bên ngoài cho tập đĩa ẩn.\n\nLưu ý là tập đĩa ẩn phải lớn bằng phân vùng hệ thống (phân vùng nơi mà hệ điều hành hiện đang chạy được cài đặt). Lý do là hệ điều hành ẩn cần được cấu tạo bằng cách chép nội dung của phân vùng hệ thống phân vùng vào tập đĩa ẩn.\n\n\nQuá trình cấu tạo hệ điều hành ẩn không thể tiếp tục. - Trình điều khiển không thể tháo tập đĩa xuống được. Một vài tập tin nằm trong tập tin có thể vẫn còn đang được mở. - Không thể khóa tập đĩa được. Vẫn còn có các tập tin đang được mở trong tập đĩa. Vì thế nó không thể được tháo xuống. - VeraCrypt không thể khóa tập đĩa được vì nó đang được sử dụng bởi hệ thống hoặc các ứng dụng (có thể có các tập tin đang được mở trong tập đĩa).\n\nBạn có muốn buộc tháo tập đĩa xuống không? - Chọn một Tập đĩa VeraCrypt - Xác định Đường dẫn và Tên Tập tin - Chọn Thư viện PKCS #11 - Hết bộ nhớ - QUAN TRỌNG: Chúng tôi cực lực khuyên rằng những người sử dụng ít kinh nghiệm nên cấu tạo một bộ chứa tập tin VeraCrypt trong thiết bị/phân vùng được chọn, thay vì thử mã hóa toàn bộ thiết bị/phân vùng.\n\nKhi bạn cấu tạo một bộ chứa tập tin VeraCrypt (thay vì mã hóa một thiết bị hoặc phân vùng) thì sẽ không có rủi ro hủy bỏ một số lượng lớn tập tin. Lưu ý là một bộ nhớ tập tin VeraCrypt (ngay cả khi nó có chứa một đĩa mã hóa ảo) thật ra giống như bất cứ tập tin thông thường khác. Để có thêm tin tức, xem chương Bài tập cho Người bắt đầu trong Hướng dẫn cho Người dùng của VeraCrypt.\n\nBạn có chắc là bạn muốn mã hóa toàn bộ thiết bị/phân vùng không? - CẢNH BÁO: Tập tin '%s' đã có sẵn!\n\nQUAN TRỌNG: VERACRYPT SẼ KHÔNG MÃ HÓA TẬP TIN, NHƯNG NÓ SẼ XÓA BỎ NÓ. Bạn có chắc là bạn muốn xóa bỏ tập tin và thay thế nó với một bộ nhớ VeraCrypt mới không? - CHÚ Ý: TẤT CẢ CÁC TẬP TIN ĐANG ĐƯỢC GIỮ TRONG %s '%s'%s ĐƯỢC CHỌN SẼ BỊ XÓA BỎ VÀ MẤT ĐI (CHÚNG SẼ KHÔNG ĐƯỢC MÃ HÓA)!\n\nBạn có chắc là bạn muốn tiến hành với định dạng không? - CẢNH BÁO: Bạn sẽ không thể nạp tập đĩa lên hoặc truy cập bất cứ tập tin nào được giữ trong nó cho đến khi nó được hoàn toàn mã hóa.\n\nBạn có chắc là bạn muốn bắt đầu mã hóa %s '%s'%s được chọn không? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - CẢNH BÁO: Xin lưu ý là nếu nguồn điện bị gián đoạn đột ngột trong lúc mã hóa dữ liệu tại chỗ, hoặc khi hệ điều hành sụp đổ vì một lỗi của nhu liệu hoặc cương liệu bị trục trặc trong lúc VeraCrypt đang mã hóa dữ liệu tại chỗ, vài phần của dữ liệu sẽ bị hỏng hay mất. Vì vậy, trước khi bạn bắt đầu mã hóa, xin đảm bảo là bạn có bản sao của các tập tin bạn muốn mã hóa.\n\nBạn có một bản sao như thế không? - CHÚ Ý: BẤT CỨ TẬP TIN NÀO ĐANG ĐƯỢC GIỮ TRONG PHÂN VÙNG '%s'%s (NGHĨA LÀ TRONG PHÂN VÙNG ĐẦU TIÊN ĐẰNG SAU PHÂN VÙNG HỆ THỐNG) SẼ BỊ XÓA BỎ VÀ MẤT ĐI (CHÚNG SẼ KHÔNG ĐƯỢC MÃ HÓA)!\n\nBạn có chắc là bạn muốn tiến hành với định dạng không? - CẢNH BÁO: PHÂN VÙNG ĐƯỢC CHỌN CÓ CHỨA MỘT SỐ LƯỢNG DỮ LIỆU LỚN! Bất cứ tập tin nào được giữ trong phân vùng sẽ bị xóa bỏ và mất đi (chúng sẽ KHÔNG được mã hóa)! - Xóa bỏ bất cứ tập tin nào được giữ trong phân vùng bằng cách cấu tạo một tập đĩa VeraCrypt bên trong nó - Mật mã - PIM - Đặt Khóa Đầu của Thuật toán Chuyển hóa - Thêm/Bỏ các Tập tin khóa vào/ra khỏi Tập đĩa - Bỏ Tất cả các Tập tin khóa ra khỏi Tập đĩa - Mật mã và/hay tập tin khóa được thay đổi thành công.\n\nQUAN TRỌNG: Xin đảm bảo bạn có đọc phần 'Thay đổi Mật mã và Tập tin khóa' trong chương 'Yêu cầu và Đề phòng Bảo mật' trong Hướng dẫn cho Người dùng của VeraCrypt. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - QUAN TRỌNG: Nếu bạn đã không hủy bỏ Đĩa Cứu hộ VeraCrypt của bạn, hệ thống phân vùng/ổ đĩa của bạn vẫn có thể được giải mã khi dùng mật mã cũ (bằng cách khởi động Đĩa Cứu hộ VeraCrypt và nhập vào mật mã cũ). Bạn nên cấu tạo một Đĩa Cứu hộ VeraCrypt mới và sau đó hủy bỏ cái cũ.\n\nBạn có muốn cấu tạo một Đĩa Cứu hộ VeraCrypt mới không? - Lưu ý là Đĩa Cứu hộ VeraCrypt của bạn vẫn còn dùng thuật toán trước đó. Nếu bạn cho là thuật toán trước đó không an toàn thì bạn nên cấu tạo một Đĩa Cứu hộ VeraCrypt mới và sau đó hủy bỏ cái cũ.\n\nBạn có muốn cấu tạo một Đĩa Cứu hộ VeraCrypt mới không? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - (Các) tập tin khóa được thêm vào/bỏ ra thành công. - Tập tin khóa được xuất. - Khóa đầu của thuật toán chuyển hóa được đặt thành công. - Xin nhập mật mã và/hay (các) tập tin khóa vào cho tập đĩa vô hệ nơi mà bạn muốn tiếp tục lại quá trình mã hóa tại chỗ.\n\n\nGhi chú: Sau khi bạn nhấn Kế tiếp, VeraCrypt sẽ thử tìm tất cả các tập đĩa vô hệ nơi mà quá trình mã hóa đã bị gián đoạn và nơi mà phần đầu tập đĩa VeraCrypt có thể được giải mã khi dùng mật mã và/hay (các) tập tin khóa được cung cấp. Nếu nhiều hơn một tập đĩa như thế được tìm, bạn sẽ cần chọn một trong những cái đó trong bước kế tiếp. - Xin chọn một trong các tập đĩa được liệt kê. Danh sách có chứa mọi tập đĩa vô hệ có thể truy cập được nơi mà quá trình mã hóa đã bị gián đoạn và phần đầu của chúng có thể được giải mã khi dùng mật mã và/hay (các) tập tin khóa được cung cấp. - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - Chọn một mật mã tốt là điều rất quan trọng. Bạn nên tránh chọn cái mà chỉ có chứa một chữ đơn độc mà có thể tìm trong tự điển (hoặc là một kết hợp của 2, 3, or 4 chữ như thế). Nó không nên chứa bất cứ tên hoặc ngày sinh nào cả. Nó không dễ đoán được. Một mật mã tốt là một kết hợp ngẫu nhiên của chữ hoa và chữ thường, số, và những ký tự đặc biệt như @ ^ = $ * + v.v. Chúng tôi khuyên nên chọn một mật mã có chứa nhiều hơn 20 ký tự (càng dài càng tốt). Chiều dài tối đa có thể được là 64 ký tự. - Xin chọn một mật mã cho tập đĩa ẩn. - Xin chọn một mật mã cho hệ điều hành ẩn (nghĩa là cho tập đĩa ẩn). - QUAN TRỌNG: Mật mã mà bạn chọn cho hệ điều hành ẩn trong bước này phải khác thật nhiều so với hai mật mã khác (nghĩa là, so với mật mã cho tập đĩa bên ngoài và so với mật mã cho hệ điều hành nghi trang). - Xin chọn mật mã cho tập đĩa mà bên trong đó bạn muốn cấu tạo một tập đĩa ẩn.\n\nSau khi bạn nhấn Kế tiếp, VeraCrypt sẽ thử nạp tập đĩa lên. Ngay khi tập đĩa được nạp lên, cụm ảnh mảng của nó sẽ được quét để xác định kích cỡ của khu vực chỗ trống không gián đoạn (nếu có bất cứ cái nào) mà phần cuối của nó trùng với phần cuối của tập đĩa. Khu vực này sẽ chứa tập đĩa ẩn và vì thế sẽ giới hạn kích cỡ tối đa có thể được của nó. Quét cụm ảnh mảng là cần thiết để đảm bảo là không có dữ liệu nào trong tập đĩa bên ngoài sẽ bị viết chòng lên bởi tập đĩa ẩn. - \nXin chọn một mật mã cho tập đĩa bên ngoài. Đây sẽ là mật mã mà bạn sẽ có thể tiết lộ cho một đối phương nếu bạn bị hỏi hoặc bị buộc phải làm thế.\n\nQUAN TRỌNG: Mật mã phải khác thật nhiều so với cái mà bạn sẽ chọn cho tập đĩa ẩn.\n\nLưu ý: Chiều dài tối đa có thể được là 64 ký tự. - Xin chọn một mật mã cho tập đĩa bên ngoài. Đây sẽ là mật mã mà bạn sẽ có thể tiết lộ cho bất cứ ai buộc bạn để lộ ra mật mã cho phân vùng đầu tiên đằng sau phân vùng hệ thống, nơi mà cả hai tập đĩa bên ngoài và tập đĩa ẩn (có chứa hệ điều hành ẩn) sẽ nằm đó. Sự hiện có của tập đĩa ẩn (và của hệ điều hành ẩn) sẽ vẫn bí mật. Lưu ý là mật mã này không phải cho hệ điều hành nghi trang.\n\nQUAN TRỌNG: Mật mã phải khác thật nhiều so với cái mà bạn sẽ chọn cho tập đĩa ẩn (nghĩa là cho hệ điều hành ẩn). - Mật mã cho Tập đĩa Bên ngoài - Mật mã cho Tập đĩa Ẩn - Mật mã cho Hệ Điều hành Ẩn - CẢNH BÁO: Những mật mã ngắn thì dễ bị phá vỡ khi dùng những kỹ thuật lực mạnh!\n\nChúng tôi khuyên nên chọn một mật mã có chứa nhiều hơn 20 ký tự. Bạn có chắc là bạn muốn dùng một mật mã ngắn không? - Mật mã cho Tập đĩa - Mật mã không đúng hoặc không phải là một tập đĩa VeraCrypt. - Tập tin khóa và/hay mật mã không đúng hoặc không phải là một tập đĩa VeraCrypt. - Phương thức nạp sai, mật mã không đúng, hoặc không phải là một tập đĩa VeraCrypt. - Phương thức nạp sai, tập tin khóa và/hay mật mã không đúng, hoặc không phải là một tập đĩa VeraCrypt. - Mật mã không đúng hoặc không tìm được tập đĩa VeraCrypt nào cả. - Tập tin khóa/mật mã không đúng hoặc không tìm được tập đĩa VeraCrypt nào cả. - \n\nCảnh báo: Caps Lock đang bật. Chuyện này có thể làm cho bạn nhập mật mã của bạn không đúng. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - Nếu bạn thử bảo vệ một tập đĩa ẩn có chứa một hệ ẩn thì xin đảm bảo là bạn đang dùng bố trí bàn phím căn bản của Mỹ khi nhập mật mã vào cho tập đĩa ẩn. Việc này cần thiết vì trên thực tế mật mã cần được đánh vào trong môi trường tiền khởi động (trước khi Windows bắt đầu) lúc mà bố trí bàn phím Windows không phải của Mỹ không có sẵn. - VeraCrypt không tìm được bất cứ tập đĩa nào mà sự mã hóa vô hệ đã bị gián đoạn và nơi mà phần đầu tập đĩa có thể được giải mã khi dùng mật mã và/hay (các) tập tin khóa được cung cấp.\n\nXin đảm bảo là mật mã và/hay (các) tập tin đúng và phân vùng/tập đĩa không đang được dùng bởi hệ thống hoặc các ứng dụng (kể luôn cả nhu liệu chống vi rút). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nLưu ý: Nếu bạn thử nạp một phân vùng nằm trong một ổ đĩa hệ thống được mã hóa mà không có chứng thực tiền khởi động hoặc nạp một phân vùng hệ thống được mã hóa của hệ điều hành không đang chạy, bạn có thể làm vậy bằng cách chọn 'Hệ thống' > 'Nạp lên mà Không có Chứng thực Tiền Khởi động'. - Trong phương thức này, bạn không thể nạp lên một phân vùng nằm trong một ổ đĩa mà một phần của nó nằm trong phạm vi chính của việc mã hóa hệ thống hoạt động.\n\nTrước khi bạn có thể nạp phân vùng này trong phương thức này lên, bạn cần khởi động một hệ điều hành được cài đặt trong một ổ đĩa khác (được mã hóa hay không) hoặc khởi động một hệ điều hành không được mã hóa. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - <&Trở lại - Không thể liệt kê những thiết bị thô được cài đặt trong hệ thống của bạn! - Tập đĩa '%s' hiện có, và chỉ-đọc được. Bạn có chắc là bạn muốn thay thế nó không? - Chọn thư mục đích - Chọn Tập tin khóa - Chọn một đường dẫn kiếm của tập tin. CẢNH BÁO: Lưu ý là chỉ có đường dẫn sẽ được nhớ chứ tên tập tin thì không! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Thiết kế bởi Ross Anderson, Eli Biham, và Lars Knudsen. Phát hành năm 1998. 256-bit key, 128-bit block. Phương thức của thao tác là XTS. Serpent đã vào các vòng kết của AES. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Kích cỡ của Tập đĩa Bên ngoài - Kích cỡ của Tập đĩa Ẩn - Xin phối kiểm là kích cỡ của thiết bị/phân vùng được chọn bên trên là đúng và nhấn Kế tiếp. - Tập đĩa bên ngoài và tập đĩa ẩn (có chứa hệ điều hành ẩn) sẽ nằm bên trong phân vùng trên. Nó sẽ là phân vùng đầu tiên đằng sau phân vùng hệ thống.\n\nXin kiểm chứng kích cỡ của phân vùng và số của nó cho thấy bên trên là đúng, và nếu đúng thì nhấn Kế tiếp. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Kích cỡ của Tập đĩa - Động - CẢNH CÁO: TỰ-KIỂM BỊ THẤT BẠI! - Những tự-kiểm của tất cả các thuật toán đều qua được - Số đơn vị dữ liệu mà bạn cung cấp quá dài hoặc quá ngắn. - Khóa phụ mà bạn cung cấp quá dài hoặc quá ngắn. - Văn bản mật mã mà bạn cung cấp quá dài hoặc quá ngắn. - Khóa kiểm tra mà bạn cung cấp quá dài hoặc quá ngắn. - Văn bản thô mà bạn cung cấp quá dài hoặc quá ngắn. - Hai thuật toán mã hóa trong một thác hoạt động trong phương thức XTS. Mỗi khối trước tiên được mã hóa với %s (%d-bit key) và sau đó với %s (%d-bit key). Mỗi thuật toán mã hóa dùng khóa riêng của nó. Tất cả các khóa đều độc lập với nhau. - Ba thuật toán mã hóa tromg một thác hoạt động trong phương thức XTS. Mỗi khối trước tiên được mã hóa với %s (%d-bit key), và sau đó với %s (%d-bit key), và sau cùng với %s (%d-bit key). Mỗi thuật toán mã hóa dùng khóa riêng của nó. Tất cả các khóa đều độc lập với nhau. - Lưu ý là tùy vào cấu hình của hệ điều hành, những tính năng tự-chạy và tự-nạp chỉ có thể làm việc được khi những tập tin trong đĩa của người lữ hành được cấu tạo trong một môi trường như CD/DVD không viết. Cũng lưu ý là đây không phải một lỗi trong VeraCrypt (nó là một giới hạn của Windows). - Đĩa di chuyển VeraCrypt đã được cấu tạo thành công.\n\nLưu ý là bạn cần quyền quản lý để cho VeraCrypt chạy trong phương thức lưu động. Đồng thời cũng lưu ý là, sau khi khám nghiệm tập tin thanh ghi, có thể biết được là VeraCrypt được chạy trong hệ thống Windows ngay cả nếu nó chạy trong phương thức lưu động. - Đĩa Di chuyển của VeraCrypt - Thiết kế bởi Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, và Niels Ferguson. Phát hành năm 1998. 256-bit key, 128-bit block. Phương thức của thao tác là XTS. Twcủaish đã vào các vòng kết của AES. - Thêm tin tức về %s - Không rõ - An unspecified or unknown error occurred (%d). - Một vài tập đĩa có chứa tập tin hoặc thư mục đang được dung bởi các ứng dụng hoặc hệ thống.\n\nBuộc tháo xuống không? - &Tháo xuống - Không tháo xuống được! - Tập đĩa có chứa tập tin hoặc thư mục đang được dùng bởi các ứng dụng hoặc hệ thống.\n\nBuộc tháo xuống không? - No volume is mounted to the specified drive letter. - Tập đĩa bạn đang cố gắng nạp lên đã được nạp lên rồi. - Có lỗi xảy ra khi thử nạp tập đĩa lên. - Lỗi kiếm vị trí bên trong tập đĩa. - Lỗi: Kích cỡ của tập đĩa sai. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Bộ chứa động là một tập tin NTFS thưa tiền phân phối mà kích cỡ nó (actual disk space used) gia tăng khi dữ liệu mới được bỏ thêm vào nó.\n\nCẢNH BÁO: Hiệu suất của các tập đĩa có tập tin thưa-làm chủ tệ hơn hiệu suất của các tập đĩa thông thường rất nhiều. Các tập đĩa có tập tin thưa-làm chủ cũng không an toàn bằng vì có thể biết được những khu vực nào của tập đĩa không được sử dụng. Ngoài ra, các tập đĩa có tập tin thưa-làm chủ không thể cung cấp sự phủ nhận có vẻ hợp lý được (chứa một tập đĩa ẩn). Cũng lưu ý là nếu dữ liệu được viết vào một bộ chứa tập tin thưa khi không có đủ chỗ trống trong hệ thống tập tin chủ, hệ thống tập tin được mã hóa có thể bị hỏng.\n\nBạn có chắc là bạn muốn cấu tạo một tập đĩa có tập tin thưa-làm chủ không? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt không thể thay đổi mật mã cho một tập đĩa lạ được. - Xin chọn một chữ hiệu ổ đĩa trống từ danh sách. - Xin chọn một tập đĩa được nạp lên trong danh sách chữ hiệu ổ đĩa. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Lỗi: Không thể cấu tạo autorun.inf - Lỗi trong lúc xử lý tập tin khóa! - Lỗi xử lý đường dẫn của tập tin khóa! - Đường dẫn của tập tin khóa không có chứa tập tin nào cả.\n\nXin lưu ý các thư mục (và các tập tin mà chúng chứa) tìm được trong những đường dẫn kiếm của tập tin khóa bị bỏ mặc. - VeraCrypt không hỗ trợ hệ điều hành này. - Lỗi: VeraCrypt chỉ hỗ trợ những phiên bản ổn định của hệ điều hành này (những phiên bản beta/RC không được hỗ trợ). - Lỗi: Không thể phân phối bộ nhớ. - Lỗi: Không thể lấy giá trị của bộ đếm hiệu suất. - Lỗi: Định dạng tập đĩa xấu. - Lỗi: Bạn cung cấp một mật mã cho một tập đĩa ẩn (không phải cho một tập đĩa thông thường). - Vì những lý do bảo mật, một tập đĩa ẩn không thể được cấu tạo bên trong một tập đĩa VeraCrypt có chứa một hệ thống tập tin mà đã đuợc mã hóa tại chỗ (tại vì chỗ trống trong the tập đĩa đã không được làm đầy với dữ liệu ngẫu nhiên). - VeraCrypt - Lưu ý Pháp lý - Tất cả các Tập tin - Những Tập đĩa VeraCrypt - Những Mô-đun Thư viện - Định dạng theo NTFS không thể tiếp tục được. - Không thể nạp tập đĩa lên được. - Không thể tháo tập đĩa xuống được. - Windows không định dạng tập đĩa theo kiểu NTFS được.\n\nXin chọn một loại hệ thống tập tin khác (nếu có thể) và thử lại. Một cách khác, bạn có thể để tập đĩa không được định dạng (chọn 'None' làm hệ thống tập tin), ra khỏi trợ lý này, nạp tập đĩa lên, và sau đó dùng một hệ thống hay một công cụ của hãng khác để định dạng tập đĩa được nạp (tập đĩa vẫn sẽ được mã hóa). - Windows không định dạng tập đĩa theo kiểu NTFS được.\n\nThay vì vậy, bạn có muốn định dạng tập đĩa theo dạng FAT không? - Mặc định - Phân vùng - PHÂN VÙNG - Thiết bị - thiết bị - THIẾT BỊ - Tập đĩa - tập đĩa - TẬP ĐĨA - Label - Kích cỡ của cụm đưọc chọn quá nhỏ cho kích cỡ của tập đĩa này. Một kích cỡ lớn hơn của cụm sẽ được dùng thay. - Lỗi: Không thể lấy kích cỡ của tập đĩa được!\n\nXin đảm bảo là tập đĩa được chọn không đang được dung bởi hệ thống hoặc một ứng dụng. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - Trợ lý Cấu tạo Tập đĩa VeraCrypt chỉ có thể cấu tạo một tập đĩa ẩn bên trong một tập FAT hay NTFS. - Trong Windows 2000, Trợ lý Cấu tạo Tập đĩa VeraCrypt chỉ có thể cấu tạo một tập đĩa ẩn bên trong một tập đĩa FAT. - Lưu ý: Hệ thống tập tin FAT thích hợp cho các tập đĩa bên ngoài hơn là hệ thống tập tin NTFS (ví dụ như kích cỡ tối đa có thể được cho tập đĩa ẩn sẽ rất có thể lớn hơn nhiều nếu như tập đĩa bên ngoài đã được định dạng theo kiểu FAT). - Lưu ý là hệ thống tập tin FAT thích hợp cho các tập đĩa bên ngoài hơn là hệ thống tập tin NTFS. Ví dụ như kích cỡ tối đa có thể được cho tập đĩa ẩn sẽ có thể lớn hơn nhiều nếu như tập đĩa bên ngoài được định dạng theo kiểu FAT (lý do là hệ thống tập tin NTFS luôn luôn lưu dữ liệu bên trong ở ngay chính giữa tập đĩa và, vì vậy, tập đĩa ẩn chỉ có thể nằm trong phần thứ hai của tập đĩa bên ngoài).\n\nBạn có chắc là bạn muốn định dạng tập đĩa bên ngoài theo kiểu NTFS không? - Thay vì vậy, bạn có muốn định dạng tập tin theo kiểu FAT không? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Lỗi: Phân vùng cho hệ điều hành ẩn (nghĩa là phân vùng đầu tiên đằng sau phân vùng hệ thống) phải ít nhất lớn hơn 5% phân vùng hệ thống (phân vùng hệ thống là nơi mà hệ điều hành đang chạy được cài đặt). - Lỗi: Phân vùng cho hệ điều hành ẩn (nghĩa là phân vùng đầu tiên đằng sau phân vùng hệ thống) phải ít nhất lớn hơn 110% (2.1 lần) phân vùng hệ thống (phân vùng hệ thống là nơi mà hệ điều hành đang chạy được cài đặt). Lý do là hệ thống tập tin NTFS luôn luôn lưu dữ liệu bên trong ở ngay chính giữa tập đĩa và, vì vậy, tập đĩa ẩn (cái mà có chứa một bản sao của phân vùng hệ thống) chỉ có thể nằm trong phần thứ hai của phân vùng. - Lỗi: Nếu tập đĩa bên ngoài được định dạng theo kiểu NTFS thì nó ít nhất phải lớn hơn 110% (2.1 lần) phân vùng hệ thống. Lý do là hệ thống tập tin NTFS luôn luôn lưu dữ liệu bên trong ở ngay chính giữa tập đĩa và, vì vậy, tập đĩa ẩn (cái mà có chứa một bản sao của phân vùng hệ thống) chỉ có thể nằm trong phần thứ hai của tập đĩa bên ngoài.\n\n Lưu ý: Tập đĩa bên ngoài cần nằm bên trong phân vùng giống như của hệ điều hành ẩn (nghĩa là bên trong phân vùng đầu tiên đằng sau phân vùng hệ thống). - Lỗi: Không có phân vùng nào đằng sau phân vùng hệ thống cả.\n\nLưu ý là trước khi bạn có thể cấu tạo một hệ điều hành ẩn, bạn cần cấu tạo một phân vùng cho nó trong ổ đĩa hệ thống. Nó phải là phân vùng đầu tiên đằng sau phân vùng hệ thống và phải ít nhất lớn hơn 5% phân vùng hệ thống (phân vùng hệ thống là nơi mà hệ điều hành đang chạy được cài đặt). Tuy nhiên, nếu tập đĩa bên ngoài (đừng lẫn lộn với phân vùng hệ thống) được định dạng theo kiểu NTFS, thì phân vùng cho hệ điều hành ẩn phải ít nhất lớn hơn 110% (2.1 lần) phân vùng hệ thống (lý do là hệ thống tập tin NTFS luôn luôn lưu dữ liệu bên trong ở ngay chính giữa tập đĩa và, vì vậy, tập đĩa ẩn, cái mà có chứa một bản sao của phân vùng hệ thống, chỉ có thể nằm trong phần thứ hai của phân vùng). - Ghi chú: Cài đặt các hệ điều hành trong hai tập đĩa VeraCrypt mà đã được gắn vào bên trong một phân vùng đơn độc không phải là điều thiết thực (và vì vậy không được hỗ trợ), bởi vì sử dụng hệ điều hành bên ngoài sẽ thường cần dữ liệu được viết vào khu vực của hệ điều hành ẩn (và nếu những thao tác viết như thế bị ngăn cản sử dụng tính năng bảo vệ của tập đĩa ẩn, nó sẽ đương nhiên làm cho hệ thống bị sụp đỗ, nghĩa là những lỗi 'Màn ảnh Xanh'). - Để có thêm hướng dẫn làm sao cấu tạo và quản lý các phân vùng, xin tham khảo tài liệu được cung cấp với hệ điều hành của bạn hoặc liên lạc ban hỗ trợ kỹ thuật từ nhà cung cấp máy điện toán của bạn để xin giúp đỡ. - Lỗi: Hệ điều hành đang chạy không được cài đặt trong phân vùng khởi động (phân vùng hoạt động đầu tiên). Chuyện này không được hỗ trợ. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Lỗi: Không thể truy cập tập đĩa được!\n\nĐảm bảo là tập đĩa được chọn đã có, và nó không được nạp hoặc đang được dùng bởi hệ thống hoặc một ứng dụng, và bạn có quyền đọc/viết cho tập đĩa, và nó không được bảo vệ viết. - Error: Cannot obtain volume properties. - Lỗi: Không thể truy cập tập đĩa và/hay thu thập tin tức về tập đĩa được.\n\nĐảm bảo là tập đĩa được chọn đã có, và nó không đang được dùng bởi hệ thống hoặc các ứng dụng, và bạn có quyền đọc/viết cho tập đĩa, và nó không được bảo vệ viết. - Lỗi: Không thể truy cập tập đĩa và/hay thu thập tin tức về tập đĩa được. Đảm bảo là tập đĩa được chọn đã có, và nó không đang được dùng bởi hệ thống hoặc các ứng dụng, và bạn có quyền đọc/viết cho tập đĩa, và nó không được bảo vệ viết.\n\nNếu vấn đề vẫn còn, theo những bước bên dưới có thể giúp được. - Một lỗi đã ngăn cản VeraCrypt mã hóa phân vùng. Xin giải quyết bất cứ vấn đề nào đã được báo trước và sau đó thử lại. Nếu vấn đề vẫn còn, theo những bước bên dưới có thể giúp được. - Một lỗi đã ngăn cản VeraCrypt bắt đầu lại quá trình mã hóa phân vùng.\n\nXin giải quyết bất cứ vấn đề nào đã được báo trước và sau đó thử bắt đầu quá trình lại lần nữa. Lưu ý là tập đĩa không thể được nạp cho đến khi nó mã hóa hoàn toàn. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Lỗi: Không thể tháo tập đĩa bên ngoài xuống được!\n\nTập đĩa không thể được tháo xuống nếu nó có chứa những tập tin hoặc thư mục đang được dùng bởi một chương trình hay hệ thống.\n\nXin chọn bất cứ chương trình nào có thể đang dùng những tập tin hoặc thư mục trong tập đĩa và nhấn Thử lại. - Lỗi: Không thể thu thập tin tức về tập đĩa bên ngoài được!\nCấu tạo tập đĩa không thể tiếp tục. - Lỗi: Không thể truy cập tập đĩa bên ngoài được! Cấu tạo tập đĩa không thể tiếp tục. - Lỗi: Không thể nạp tập đĩa bên ngoài được! Cấu tạo tập đĩa không thể tiếp tục. - Lỗi: Không thể lấy cụm ảnh mảng của tập đĩa được! Cấu tạo tập đĩa không thể tiếp tục. - Theo thứ tự/Được phân loại - Tốc độ Trung bình (Đang đi xuống) - Thuật toán - Mã hóa - Giải mã - Trung bình - Ổ đĩa - Kích cỡ - Thuật toán Mã hóa - Thuật toán Mã hóa - Loại - Giá trị - Đặc tính - Vị trí - bytes - Ẩn - Bên ngoài - Thông thường - Hệ thống - Ẩn (hệ thống) - Chỉ-đọc - Ổ đĩa Hệ thống - Ổ đĩa Hệ thống (đang mã hóa - %.2f%% xong) - Ổ đĩa Hệ thống (đang giải mã - %.2f%% xong) - Ổ đĩa Hệ thống (%.2f%% đã mã hóa) - Phân vùng Hệ thống - Phân vùng ẩn Hệ thống - Phân vùng Hệ thống (đang mã hóa - %.2f%% xong) - Phân vùng Hệ thống (đang giải mã - %.2f%% xong) - Phân vùng Hệ thống (%.2f%% đã mã hóa) - Có (tổn hại được ngăn cản!) - Không có - Kích cỡ Khóa Chính - Kích cỡ Khóa Phụ (Phương thức XTS) - Kích cỡ Khóa Vặn (Phương thức LRW) - bits - Kích cỡ Khối - PKCS-5 PRF - Đếm Lần lặp lại của PKCS-5 - Tập đĩa đã được Cấu tạo - Phần đầu được Sửa đổi lần Cuối - (cách đây %I64d ngày) - Ấn bản Định dạng của Tập đĩa - Sao lưu Phần đầu được Gắn vào - VeraCrypt Boot Loader Version - Đầu tiên có sẵn - Ổ đĩa Rời được - Ổ đĩa cứng - Không thay đổi - Autodetection - Phương thức Trợ lý - Chọn một trong các phương thức. Nếu bạn không chắc nên chọn cái nào thì sử dụng phương thức mặc định. - Chọn tùy chọn này nếu bạn muốn cài đặt VeraCrypt vào hệ thống này. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - Nếu bạn chọn tùy chọn này, tất cả các tập tin sẽ được rút ra từ kiện đồ này nhưng sẽ không có cái gì được cài đặt trong hệ thống. Đừng chọn nó nếu bạn tính mã hóa phân vùng hệ thống hoặc ổ đĩa hệ thống. Chọn tùy chọn này có thể hữu ích, ví dụ như nếu bạn muốn chạy VeraCrypt trong phương thức đuợc gọi là lưu động. VeraCrypt không cần phải được cài đặt trong hệ điều hành nơi mà nó chạy. Sau khi tất cả các tập tin được rút ra, bạn có thể cho chạy tập 'VeraCrypt.exe' trực tiếp (sau đó VeraCrypt sẽ chạy trong phương thức lưu động). - Các tùy chọn Thiết lập - Ở đây bạn có thể đặt nhiều loại tùy chọn khác nhau để điều khiển quá trình cài đặt. - Đang cài đặt - Xin chờ trong lúc VeraCrypt đang được cài đặt. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Các tùy chọn Rút ra - Ở đây bạn có thể đặt nhiều loại tùy chọn khác nhau để điều khiển quá trình rút ra. - Xin chờ trong lúc các tập tin đang được rút ra. - Files successfully extracted - Tất cả các tập tin đã được rút vào vị trí đích. - Nếu thư mục được xác định không có thì nó sẽ được tự động cấu tạo. - Các tập tin chương trình của VeraCrypt sẽ được nâng cấp ở vị trí nơi mà VeraCrypt được cài đặt. Nếu bạn cần chọn một vị trí khác thì trước tiên xin hủy cài đặt VeraCrypt. - Bạn có muốn xem ghi chú phát hành cho phiên bản hiện tại (ổn định mới nhất) của VeraCrypt không? - Nếu bạn chưa bao giờ dùng VeraCrypt trước đây, chúng tôi khuyên bạn nên đọc chương Dạy kèm cho Người mới bắt đầu trong Hướng dẫn cho Người dùng của VeraCrypt. Bạn có muốn xem dạy kèm không? - Xin chọn một động tác để thi hành từ những cái sau đây: - Sửa chữa/Cài đặt lại - Nâng cấp - Hủy cài đặt - Để cài đặt/hủy cài đặt VeraCrypt thành công, bạn phải có quyền quản lý. Bạn có muốn tiếp tục không? - Bộ cài đặt của VeraCrypt hiện đang chạy trong hệ thống này và đang thi hành hay chuẩn bị việc cài đặt hay cập nhật VeraCrypt. Trước khi bạn tiến hành, xin chờ cho nó chấm dứt hoặc đóng nó lại. Nếu bạn không đóng nó được thì xin bắt đầu máy điện toán của bạn lại trước khi tiến hành. - Không cài đặt được. - Không hủy cài đặt được. - Kiện đồ phân phối này bị tổn hại. Xin tải nó xuống lại (tốt hơn là từ trang web chính thức của VeraCrypt tại https://veracrypt.codeplex.com). - Không thể viết vào tập tin %s - Đang rút ra - Không thể đọc dữ liệu từ kiện đồ được. - Không thể kiểm chứng tính toàn vẹn của kiện đồ phân phối này đuợc. - Rút ra bị thất bại. - Việc cài đặt đã được quay ngược lại. - VeraCrypt đã được cài đặt thành công. - VeraCrypt đã được cập nhật thành công. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt đã được gỡ bỏ thành công.\n\nNhấn 'Kết thúc' để bỏ bộ cài đặt của VeraCrypt và thư mục %s. Lưu ý là thư mục sẽ không được bỏ nếu nó có chứa bất cứ tập tin nào không được cài đặt bởi bộ cài đặt của VeraCrypt hoặc được cấu tạo bởi VeraCrypt. - Đang bỏ các mục nhập thanh ghi của VeraCrypt - Đang thêm mục nhập thanh ghi - Đang bỏ dữ liệu ứng dụng riêng - Đang cài đặt - Đang ngưng lại - Đang bỏ - Đang thêm biểu tượng - Đang cấu tạo điểm Phục hồi Hệ thống - Không cấu tạo điểm Phục hồi Hệ thống được! - Đang cập nhật Bộ tải Khởi nạp - Không cài đặt '%s'.%s được\nBạn có muốn tiếp tục cài đặt không? - Không hủu cài đặt '%s' được. %s\nBạn có muốn tiếp tục hủy cài đặt không? - Việc cài đặt được hoàn thành. - Thư mục '%s' không thể được cấu tạo - Trình điều khiển thiết bị của VeraCrypt không thể được hủy nạp.\n\nXin đóng tất cả cửa sổ đang mở của VeraCrypt trước. Nếu nó không giúp được, xin vui long bắt đầu Windows lại và sau đó thử lần nữa. - Tất cả các tập đĩa của VeraCrypt phải được tháo xuống trước khi cài đặt hay gỡ bỏ VeraCrypt. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - Việc cài đặt các mục nhập ghi thanh đã thất bại - Việc cài đặt trình điều khiển thiết bị đã thất bại. Xin vui long bắt đầu Windows lại và sau đó thử cài VeraCrypt lại lần nữa. - Đang bắt đầu trình điều khiển thiết bị của VeraCrypt - Việc hủy cài đặt trình điều khiển thiết bị đã thất bại. Xin lưu ý là vì một vấn đề của Windows, có thể cần phải đăng xuất hoặc bắt đầu hệ thống lại trước khi trình điều khiển thiết bị có thể được hủy cài đặt (hoặc cài đặt lại). - Đang cài đặt trình điều khiển thiết bị của VeraCrypt - Đang ngưng trình điều khiển thiết bị của VeraCrypt - Đang hủy cài đặt trình điều khiển thiết bị của VeraCrypt - Đăng ký thư viện hỗ trợ Điều khiển Trương mục Người dùng bị thất bại. - Hủy đăng ký thư viện hỗ trợ Điều khiển Trương mục Người dùng bị thất bại. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Lưu ý là nếu bạn quyết định cho VeraCrypt chạy trong phương thức lưu động (thay vì cho chạy một bản VeraCrypt được cài đặt), hệ thống sẽ hỏi bạn có cho phép chạy VeraCrypt (nhắc UAC) mỗi khi bạn thử chạy nó không.\n\nLý do là khi bạn cho VeraCrypt chạy trong phương thức lưu động, VeraCrypt cần nạp và bắt đầu trình điều khiển thiết bị của VeraCrypt. VeraCrypt cần một trình điều khiển thiết bị để cung cấp sự mã hóa/giải mã vô hình on-the-fly, và những người dùng không có quyền quản lý không thể bắt đầu các trình điều khiển thiết bị trong Windows. Vì vậy, hệ thống sẽ hỏi bạn có cho phép chạy VeraCrypt với quyền quản lý không (nhắc UAC).\n\nLưu ý là bạn cài đặt VeraCrypt vào hệ thống (thay vì cho chạy VeraCrypt phương thức lưu động), hệ thống sẽ KHÔNG hỏi bạn có cho phép chạy VeraCrypt (nhắc UAC) mỗi khi bạn thử chạy nó.\n\nBạn có chắc là bạn muốn rút các tập tin ra không? - Cảnh báo: Thể hiện này của Trợ lý Cấu tạo Tập đĩa có quyền quản lý.\n\nTập đĩa mới của bạn có thể được cấu tạo với các quyền mà sẽ không cho phép bạn viết vào tập đĩa khi nó được nạp lên. Nếu bạn muốn tránh chuyện đó, đóng thể hiện này của Trợ lý Cấu tạo Tập đĩa và khởi chạy một cái mới mà không có quyền quản lý.\n\nBạn có muốn đóng thể hiện này của Trợ lý Cấu tạo Tập đĩa không? - Lỗi: Không thể hiển thị giấy phép. - Bên ngoài(!) - ngày - giờ - phút - s - Mở - Tháo xuống - Cho thấy VeraCrypt - Giấu VeraCrypt - Dữ liệu được Đọc từ khi Nạp lên - Dữ liệu được Viết từ khi Nạp lên - Phần được Mã hóa - 100% (hoàn toàn mã hóa) - 0% (không được mã hóa) - %.3f%% - 100% - Đang chờ - Đang chuẩn bị - Đang định kích cỡ - Đang mã hóa - Đang giải mã - Đang chấm đứt - Ngưng - Xong - Lỗi - Device disconnected - Các tập đĩa hệ thống được chuộng đã được bảo lưu.\n\nĐể bật việc nạp các tập đĩa hệ thống được chuộng lên khi hệ thống bắt đầu, xin 'Settings' > 'Các Tập đĩa Hệ thống được Chuộng' > 'Nạp các tập đĩa hệ thống được chuộng lên khi Windows bắt đầu'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Nhập mật mã cho %s - Enter password for '%s' - Nhập mật mã cho tập đĩa thông thường/bên ngoài - Nhập mật mã cho tập đĩa ẩn - Nhập khẩu cho phần đầu giữ trong tập tin sao lưu - Keytập tin has been successfully cấu tạod. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - CẢNH BÁO: Phần đầu của tập đĩa này bị tổn hại! VeraCrypt tự động xử dụng sao lưu của phần đầu tập đĩa được gắn vào trong tập đĩa.\n\nBạn nên sửa phần đầu tập đĩa bằng cách chọn 'Tools' > 'Phục hồi Phần đầu Tập đĩa'. - Bản sao phần đầu tập đĩa phần đầu đã được cấu tạo thành công.\n\nQUAN TRỌNG: Hồi phục phần đầu tập đĩa bằng cách dùng bản sao này cũng sẽ hồi phục mật mã hiện tại của tập đĩa. Hơn nữa, nếu (những) tập tin khóa cần có để nạp tập đĩa lên thì (những) tập tin khóa đó sẽ cần lại để nạp tập đĩa khi phần đầu tập đĩa được hồi phục.\n\nCẢNH BÁO: Bản sao phần đầu tập đĩa này có thể được dùng để hồi phục phần đầu của RIÊNG tập đĩa này thôi. Nếu bạn dùng bản sao phần đầu này để hồi phục một phần đầu của một tập đĩa khác thì bạn sẽ có thể nạp tập đĩa lên, nhưng bạn sẽ KHÔNG thể giải mã bất cứ dữ liệu nào được lưu trữ trong tập đĩa (bởi vì bạn sẽ thay đổi khóa chính của nó). - Phần đầu tập đĩa đã được hồi phục thành công.\n\nQUAN TRỌNG: Xin lưu ý là một mật mã cũ cũng có thể được hồi phục luôn. Hơn nữ, nếu (những) tập tin khóa cần có để nạp tập đĩa lên khi bản sao được cấu tạo thì (những) tập tin khóa đó bây giờ cần có để nạp tập đĩa lần nữa. - Vì lý do bảo mật, bạn sẽ phải nhập đúng mật mã vào (và/hay cung cấp đúng các tập tin khóa) cho tập đĩa.\n\nLưu ý: Nếu tập đĩa có chứa một tập đĩa ẩn, bạn sẽ phải nhập đúng mật mã vào (và/hay cung cấp đúng các tập tin khóa) cho tập đĩa bên ngoài trước. Sau đó, nếu bạn chọn sao lưu phần đầu của tập đĩa ẩn, bạn sẽ phải nhập đúng mật mã vào (và/hay cung cấp đúng các tập tin khóa) cho tập đĩa ẩn. - Bạn có chắc là bạn muốn cấu tạo bản sao phần đầu tập đĩa cho %s không?\n\nSau khi bạn nhấn Có, bạn sẽ được hỏi tên cho một tập tin cho bản sao phần đầu.\n\nLưu ý: Phần đầu của cả hai tập đĩa thông thường và ẩn sẽ được mã hóa lại bằng cách dùng một muối mới và lưu trữ trong bản sao của tập tin. Không thôi có tập đĩa ẩn bên trong tập đĩa này thì khu vực dành riêng cho phần đầu của tập đĩa ẩn trong bản sao của tập tin sẽ được làm đầy với dữ liệu ngẫu nhiên (để duy trì sự phủ nhận có vẻ hợp lý). Khi hồi phục một phần đầu tập đĩa từ bản sao của tập tin, bạn sẽ cần nhập vào đúng mật mã (và/hay cung cấp đúng các tập tin khóa) mà đã có hiệu lực khi bản sao phần đầu tập đĩa được cấu tạo. Mật mã (và/hay các tập tin khóa) cũng sẽ tự động xác định loại phần đầu tập đĩa nào để hồi phục, nghĩa là thông thường hay ẩn (lưu ý là VeraCrypt xác định loại nào qua quá trình thử và lỗi). - Bạn có chắc là bạn muốn hồi phục phần đầu tập đĩa của %s không?\n\nCẢNH BÁO: Hồi phục phần đầu một tập đĩa cũng hồi phục mật mã của tập đĩa mà đã có hiệu lực khi bản sao được cấu tạo. Hơn nữa, nếu (những) tập tin khóa cần có để nạp tập đĩa lên khi bản sao được cấu tạo thì (những) tập tin khóa đó sẽ cần lại để để nạp tập đĩa sau khi phần đầu tập đĩa được hồi phục.\n\nSau khi bạn nhấn Có, bạn sẽ chọn phần đầu bản sao tập tin. - Tập đĩa có chứa một tập đĩa ẩn không? - Tập đĩa có chứa một tập đĩa ẩn - Tập đĩa không có chứa một tập đĩa ẩn - Xin chọn loại bản sao phần đầu tập đĩa mà bạn muốn sử dụng: - Hồi phục phần đầu tập đĩa từ bản sao được gắn trong tập đĩa - Hồi phục phần đầu tập đĩa từ một bản sao tập tin bên ngoài - Kích cỡ của bản sao phần đầu tập đĩa không đúng. - Không có bản sao phần đầu được gắn trong tập đĩa này (lưu ý là chỉ có các tập đĩa được cấu tạo bởi VeraCrypt 6.0 hay sau này có chứa những bản sao phần đầu được gắn vào). - Bạn đang thử sao lại phần đầu của phân vùng/ổ đĩa hệ thống. Chuyện này không được cho phép. Sao lại/hồi phục những thao tác liên quan đến phân vùng/ổ đĩa hệ thống chỉ có thể thực hiện bằng cách dùng Đĩa Cứu hộ VeraCrypt.\n\nBạn có muốn cấu tạo một Đĩa Cứu hộ VeraCrypt không? - Bạn đang thử hồi phục phần đầu của một tập đĩa VeraCrypt ảo nhưng bạn đã chọn phân vùng/ổ đĩa hệ thống. Chuyện này không được cho phép. Sao lại/hồi phục những thao tác liên quan đến phân vùng/ổ đĩa hệ thống chỉ có thể thực hiện bằng cách dùng Đĩa Cứu hộ VeraCrypt.\n\nBạn có muốn cấu tạo một Đĩa Cứu hộ VeraCrypt không? - Sau khi bạn nhấn OK, bạn sẽ chọn tên một tập tin cho bản ảnh ISO của Đĩa Cứu hộ VeraCrypt và vị trí bạn muốn để nó. - Bản ảnh của Đĩa Cứu hộ đã được cấu tạo và lưu trữ trong tập tin này:\n%s\n\nBây giờ bạn cần sang bản ảnh của Đĩa Cứu hộ qua một CD hay DVD.\n\nQUAN TRỌNG: Lưu ý là tập tin phải được viết vào CD/DVD như là một bản ảnh ISO của đĩa (chứ không phải như là một tập tin cá nhân). Để có hướng dẫn làm như thế nào, xin tham khảo tài liệu của nhu liệu thâu CD/DVD của bạn.\n\nSau khi bạn sang Đĩa Cứu hộ, chọn 'Hệ thống' > 'Xác nhận Đĩa Cứu hộ' để xác nhận là nó đã được sang đúng cách. - Bản ảnh của Đĩa Cứu hộ đã được cấu tạo và lưu trữ trong tập tin này:\n%s\n\nBây giờ bạn cần sang bản ảnh của Đĩa Cứu hộ qua một CD hay DVD.\n\nBạn có muốn khởi chạy Microsoft Windows Disc Image Burner bây giờ không?\n\nLưu ý: Sau khi bạn sang Đĩa Cứu hộ, chọn 'Hệ thống' > 'Xác nhận Đĩa Cứu hộ' để xác nhận là nó đã được sang đúng cách. - Xin chèn Đĩa Cứu hộ VeraCrypt của bạn vào ổ đĩa CD/DVD của bạn và nhấn OK để xác nhận nó. - Đĩa Cứu hộ VeraCrypt đã được xác nhận thành công. - Không thể xác nhận là Đĩa Cứu hộ đã được sang đúng cách.\n\nNếu bạn đã sang Đĩa Cứu hộ, xin đẩy CD/DVD ra và chèn vào lại; sau đó thử lại. Nếu việc này không giúp được, xin thử nhu liệu thâu CD/DVD và/hay môi trường khác.\n\nNếu bạn thử xác nhận một Đĩa Cứu hộ VeraCrypt được cấu tạo cho một khóa chính, mật mã, salt, v.v. khác, xin lưu ý là Đĩa Cứu hộ như thế sẽ luôn luôn thất bại sự xác nhận này. Để cấu tạo một Đĩa Cứu hộ mới hoàn toàn tương đương với cấu hình hiện tại của bạn, chọn 'Hệ thống' > 'Cấu tạo Đĩa Cứu hộ'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Lỗi cấu tạo Đĩa Cứu hộ VeraCrypt. - Đĩa Cứu hộ VeraCrypt không thể được cấu tạo khi một hệ điều hành ẩn đang chạy.\n\nĐể cấu tạo một Đĩa Cứu hộ VeraCrypt, khởi động hệ điều hành nghi trang và sau đó chọn 'Hệ thống' > 'Cấu tạo Đĩa Cứu hộ'. - Không thể xác nhận là Đĩa Cứu hộ đã được sang đúng cách.\n\nNếu bạn đã sang Đĩa Cứu hộ, xin đẩy CD/DVD ra và chèn vào lại; sau đó nhấn Kế tiếp để thử lại. Nếu việc này không giúp được, xin thử môi trường khác%s.\n\nNếu bạn chưa sang Đĩa Cứu hộ, xin làm thế, và sau đó nhấn Kế tiếp.\n\nNếu bạn thử xác nhận một Đĩa Cứu hộ VeraCrypt được cấu tạo trước khi bạn bắt đầu trợ lý này thì xin lưu ý là Đĩa Cứu hộ như thế không thể dùng được bởi vì nó được cấu tạo cho một khóa chính khác. Bạn cần sang Đĩa Cứu hộ mới được tạo ra. - và/hay nhu liệu thâu CD/DVD khác - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - Phân vùng/ổ đĩa hệ thống dường như không được mã hóa.\n\nCác tập đĩa hệ thống được chuộng có thể được nạp bằng cách chỉ dùng một mật mã chứng thực tiền khởi động. Vì vậy, để có thể dùng các tập đĩa hệ thống được chuộng, bạn cần mã hóa phân vùng/ổ đĩa hệ thống trước. - Xin tháo tập đĩa xuống trước khi tiến hành. - Lỗi: Không thể thiết lập bộ đếm thời gian. - Kiểm soát Hệ thống tập tin - Sửa chữa Hệ thống Tập tin - Add to Favorites... - Add to System Favorites... - P&roperties... - Tập đĩa Ẩn được Bảo vệ - N/A - - Không - Disabled - 1 - 2 hoặc hơn - Phương thức của Thao tác - Nhãn: - Kích cỡ: - Đường dẫn: - Chữ của Ổ đĩa: - Lỗi: Mật mã phải chỉ chứa ký tự ASCII.\n\nKý tự không phải ASCII trong mật mã có thể làm cho tập đĩa không thể nào nạp được khi cấu hình hệ thống của bạn thay đổi.\n\nNhững ký tự sau đây được phép dùng:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Cảnh báo: Mật mã có chứa những ký tự không phải ASCII. Việc này có thể làm cho tập đĩa không thể nào nạp được khi cấu hình hệ thống của bạn thay đổi.\n\nBạn nên thay thế tất cả những ký tự không phải ASCII trong mật mã với những ký tự ASCII. Để làm thế, nhấn 'Tập đĩa' -> 'Thay đổi Mật mã của Tập đĩa'.\n\nSau đây là những ký tự ASCII:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - CẢNH BÁO: Chúng tôi cực lực khuyên bạn nên tránh những tập tin có đuôi được dùng cho những tập tin thực hiện (như .exe, .sys, hay .dll) và những tập tin có đuôi với những vấn đề tương tự. Dùng những tập tin có đuôi như thế làm cho Windows và nhu liệu chống vi-rút gây trở ngại cho bộ nhớ, mà có ảnh hưởng bất lợi đến hiệu suất của tập đĩa và có thể gây ra những vấn đề nghiêm trọng khác.\n\nChúng tôi cực lực khuyên bạn gỡ bỏ tập tin có đuôi hoặc thay đổi nó (ví dụ thành '.hc').\n\nBạn có chắc là bạn muốn sử dụng tập tin có đuôi có vấn đề không? - CẢNH BÁO: Bộ nhớ này có một tập tin có đuôi mà được dùng cho những tập tin thực hiện (such as .exe, .sys, or .dll) hoặc những tập tin có đuôi khác với những vấn đề tương tự. Nó sẽ rất có thể làm cho Windows và nhu liệu chống vi-rút gây trở ngại cho bộ nhớ, mà có ảnh hưởng bất lợi đến hiệu suất của tập đĩa và có thể gây ra những vấn đề nghiêm trọng khác.\n\nChúng tôi cực lực khuyên bạn gỡ bỏ tập tin có đuôi của bộ nhớ hoặc thay đổi nó (ví dụ thành '.hc') sau khi bạn tháo tập đĩa xuống. - Trang chủ - CẢNH BÁO: Dường như là bạn chưa áp dụng bất cứ Service Pack nào vào việc cài đặt Windows của bạn. Bạn không nên viết vào các đĩa IDE lớn hơn 128 GB trong Windows XP mà bạn đã không áp dụng Service Pack 1 hay mới hơn! Nếu bạn có làm, dữ liệu trong đĩa (không cần biết nếu nó là một tập đĩa VeraCrypt hay không) có thể bị hỏng. Lưu ý đây là một giới hạn của Windows chứ không phải là một lỗi trong VeraCrypt. - CẢNH BÁO: Dường như là bạn chưa áp dụng Service Pack 3 hay mới hơn vào việc cài đặt Windows của bạn. Bạn không nên viết vào các đĩa IDE lớn hơn 128 GB trong Windows 2000 mà bạn chưa áp dụng Service Pack 3 hay mới hơn! Nếu bạn có làm, dữ liệu trong đĩa (không cần biết nếu nó là một tập đĩa VeraCrypt hay không) có thể bị hỏng. Lưu ý đây là một giới hạn của Windows chứ không phải một lỗi trong VeraCrypt.\n\nLưu ý: Bạn có thể cần phải bật hỗ trợ cho 48-bit LBA trong thanh ghi lên; để có thêm tin tức, xem http://support.microsoft.com/kb/305098/EN-US - CẢNH BÁO: Hỗ trợ cho 48-bit LBA ATAPI bị tắt trong hệ thống của bạn. Vì vậy, bạn không nên viết vào các đĩa IDE lớn hơn 128 GB! Nếu bạn có làm, dữ liệu trong đĩa (không cần biết nếu nó là một tập đĩa VeraCrypt hay không) có thể bị hỏng. Lưu ý đây là một giới hạn của Windows chứ không phải là một giới hạn của VeraCrypt.\n\nĐể bật hỗ trợ cho 48-bit LBA lên, thêm giá trị thanh ghi 'EnableBigLba' vào trong khóa thanh ghi HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters và cho nó giá trị 1.\n\nĐể có thêm tin tức, xem http://support.microsoft.com/kb/305098 - Lỗi: Những tập tin lớn hơn 4 GB không thể được lưu trữ trong một hệ thống tập tin FAT32. Vì vậy, các tập đĩa (bộ nhớ) VeraCrypt có tập tin-làm chủ được lưu trữ trong một hệ thống tập tin FAT32 không thể lớn hơn 4 GB được.\n\nNếu bạn cần một tập đĩa lớn hơn, cấu tạo nó trong một hệ thống tập tin NTFS (hoặc, nếu bạn sử dụng Windows Vista SP1 hay mới hơn, trong một hệ thống tập tin exFAT) hoặc, thay vì cấu tạo một tập đĩa có tập tin-làm chủ, mã hóa toàn bộ một phân vùng hay thiết bị. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - CẢNH BÁO: Nếu bạn muốn có thể thêm dữ liệu/tập tin vào tập đĩa bên ngoài trong tương lai, bạn nên tính đến chuyện chọn một kích cỡ nhỏ hơn cho tập đĩa ẩn.\n\nBạn có chắc là bạn muốn tiếp tục với kích cỡ bạn đã xác định không? - Không có tập đĩa nào được chọn.\n\nNhấn 'Chọn Thiết bị' hoặc 'Chọn Tập tin' để chọn một tập đĩa của VeraCrypt. - Không phân vùng nào được chọn.\n\nNhấn 'Chọn Thiết bị' để chọn một phân vùng được tháo xuống mà thông thường cần chứng thực tiền khởi động (ví dụ như một phân vùng nằm trong ổ đĩa hệ thống được mã hóa của một hệ điều hành khác, mà không có đang chạy, hoặc phân vùng hệ thống được mã hóa của một hệ điều hành khác).\n\nLưu ý: Phân vùng được chọn sẽ được nạp lên như một tập đĩa VeraCrypt thông thường không có chứng thực tiền khởi động. Việc này hữu dụng vi dú như cho những thao tác sao chép hoặc sửa chữa. - CẢNH BÁO: Nếu những tập tin khóa mặc định được thiết lập và bật lên thì các tập đĩa mà không dùng những tập tin khóa này sẽ không thể nào nạp lên được. Vì vậy, sau khi bạn bật những tập tin khóa mặc định lên thì nhớ bỏ đánh dấu hộp chọn 'Sử dụng tập tin khóa' (bên dưới một trường nhập mật mã) bất cứ khi nào nạp các tập đĩa như thế.\n\nBạn có chắc là bạn muốn bảo lưu những tập tin khóa/đưòng dẫn được chọn thành mặc định không? - Những Thiết bị Tự-Nạp - Tháo xuống Tất cả - Tẩy Bộ tạm trữ - Tháo xuống Tất cả & Tẩy Bộ tạm trữ - Buộc Tháo xuống Tất cả & Tẩy Bộ tạm trữ - Buộc Tháo xuống Tất cả, Tẩy Bộ tạm trữ & Thoát ra - Nạp các Tập đĩa được Chuộng lên - Cho thấy/Dấu Cửa sổ Chính của VeraCrypt - (Nhấn vào đây và bấm một phím) - Hành động - Lối tắt - Lỗi: Lối tắt này được dành riêng. Xin chọn một lối tắt khác. - Lỗi: Lối tắt đã được sử dụng. - CẢNH BÁO: Một hoặc nhiều khóa kích hoạt cho nguyên cả hệ thống của VeraCrypt sẽ không làm việc được!\n\nXin đảm bảo là các ứng dụng khác và hệ điều hành không sử dụng cùng lối tắt với VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - Một lỗi hoặc một sự không tương thích ngăn cản VeraCrypt mã hóa tập tin vô động. Vì vậy, sự vô động đã bị ngăn cản.\n\nLưu ý: Khi một máy điện toán vào trạng thái vô động (hoặc bước vào một phương thức tiết kiệm điện năng), nội dung của bộ nhớ hệ thống của nó được viết vào một tập tin lưu trữ vô động nằm trong ỗ đĩa hệ thống. VeraCrypt sẽ không thể ngăn cản những khóa mã hóa và nội dung của những tập tin nhạy cảm được mở trong RAM được bảo lưu mà không có mã hóa vào tập tin lưu trữ vô động. - Sự vô động đã bị ngăn cản.\n\nVeraCrypt không hỗ trợ sự vô động trong các hệ điều hành ẩn mà sử dụng thêm một phân vùng khởi động. Xin lưu ý là phân vùng khởi động được xài chung bởi cả hệ nghi trang lẫn hệ ẩn. Vì vậy, để ngăn cản những thất thoát và vấn đề của dữ liệu trong lúc bắt đầu lại từ sự vô động, VeraCrypt phải ngăn cản hệ ẩn viết vào phân vùng khởi động xài chung và vào trạng thái vô động. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - CẢNH BÁO: Nếu tùy chọn này bị tắt thì các tập đĩa có chứa các tập tin/thư mục đang mở sẽ không thể tự-tháo xuống được.\n\nBạn có chắc là bạn muốn tắt tùy chọn này không? - CẢNH BÁO: Những tập đĩa có chứa các tập tin/thư mục đang mở sẽ KHÔNG được tự-tháo xuống.\n\nĐể tránh chuyện này, bật tùy chọn sau đây lên trong cửa sổ hộp thoại này: 'Buộc tự-tháo xuống ngay cả nếu tập đĩa có chứa các tập tin hay thư mục đang mở' - CẢNH BÁO: Khi điện năng pin của máy notebook xuống thấp, Windows có thể bỏ sót chuyện gửi những thông điệp thích đáng đến những ứng dụng đang chạy khi máy điện toán đang vào phương thức tiết kiệm điện năng. Vì vậy, VeraCrypt có thể không tự-tháo các tập đĩa xuống trong những trường hợp như thế. - Bạn đã sắp đặt quá trình mã hóa của một phân vùng/tập đĩa. Quá trình chưa được chấm dứt.\n\nBạn có muốn tiếp tục lại quá trình bây giờ không? - Bạn đã sắp đặt quá trình mã hóa hoặc giải mã của phân vùng/ổ đĩa hệ thống. Quá trình chưa được chấm dứt.\n\nBạn có muốn bắt đầu (tiếp tục lại) quá trình bây giờ không? - Bạn có muốn được nhắc chuyện bạn có muốn tiếp tục lại những quá trình mã hóa đang được sắp đặt của những phân vùng/tập đĩa vô hệ? - Có, cứ nhắc tôi - Không, đừng nhắc tôi - QUAN TRỌNG: Nhớ là bạn có thể tiếp tục lại quá trình mã hóa của bất cứ phân vùng/tập đĩa vô hệ nào bằng cách chọn 'Tập đĩa' > 'Tiếp tục lại Quá trình bị Gián đoạn' từ thanh trình đơn của cửa sổ chính của VeraCrypt. - Bạn đã sắp đặt quá trình mã hóa hoặc giải mã của phân vùng/ổ đĩa hệ thống. Tuy nhiên, chứng thực tiền-khởi động bị thất bại (hoặc bị bỏ qua).\n\nLưu ý: Nếu bạn giải mã phân vùng/ổ đĩa hệ thống trong môi trường tiền-khởi động thì bạn có thể cần phải kết thúc quá trình bằng cách chọn 'Hệ thống' > 'Vĩnh viễn Giải mã Phân vùng/Ổ đĩa Hệ thống' từ thanh trình đơn của cửa sổ chính của VeraCrypt. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Thoát ra không? - VeraCrypt không có đủ tin tức để xác định là nên mã hóa hay giải mã. - VeraCrypt không có đủ tin tức để xác định là nên mã hóa hay giải mã.\n\nLưu ý: Nếu bạn giải mã phân vùng/ổ đĩa hệ thống trong môi trường tiền-khởi động thì bạn có thể cần phải kết thúc quá trình bằng cách nhấn Giải mã. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Bạn có muốn gián đoạn và dời lại quá trình mã hóa của phân vùng/tập đĩa không?\n\nLưu ý: Nhớ là tập đĩa không thể được nạp lên cho đến khi nó được mã hóa hoàn toàn. Bạn sẽ có thể tiếp tục lại quá trình mã hóa và nó sẽ tiếp tục từ điểm mà nó bị ngừng. Bạn có thể làm thế, ví dụ như bằng cách chọn 'Tập đĩa' > 'Tiếp tục lại Quá trình bị Gián đoạn' từ thanh trình đơn của cửa sổ chính của VeraCrypt. - Bạn có muốn gián đoạn và dời lại quá trình mã hóa của phân vùng/tập đĩa không?\n\nLưu ý: Bạn sẽ có thể tiếp tục lại quá trình mã hóa và nó sẽ tiếp tục từ điểm mà nó bị ngừng. Bạn có thể làm thế, ví dụ như bằng cách chọn 'Tập đĩa' > 'Tiếp tục lại Quá trình bị Gián đoạn' từ thanh trình đơn của cửa sổ chính của VeraCrypt. Nếu bạn muốn vĩnh viễn chấm dứt hoặc đảo ngược quá trình mã hóa, chọn 'Hệ thống' > 'Vĩnh viễn Giải mã Phân vùng/Ổ đĩa Hệ thống'. - Bạn có muốn gián đoạn và dời lại quá trình giải mã của phân vùng/ổ đĩa hệ thống không?\n\nLưu ý: Bạn sẽ có thể tiếp tục lại quá trình và nó sẽ tiếp tục từ điểm mà nó bị ngừng. Bạn có thể làm thế, ví dụ như bằng cách chọn 'Hệ thống' > 'Tiếp tục lại Quá trình bị Gián đoạn' từ thanh trình đơn của cửa sổ chính của VeraCrypt. Nếu bạn muốn đảo ngược quá trình giải mã (và bắt đầu mã hóa), chọn 'Hệ thống' > ' Mã hóa Phân vùng/Ổ đĩa Hệ thống'. - Lỗi: Không gián đoạn quá trình mã hóa/giải mã của phân vùng/ổ đĩa hệ thống được. - Lỗi: Không gián đoạn quá trình tẩy được. - Lỗi: Không tiếp tục lại quá trình mã hóa/giải mã của phân vùng/ổ đĩa hệ thống được. - Lỗi: Không bắt đầu quá trình tẩy được. - Mâu thuẫn đã được giải quyết.\n\n\n(Nếu bạn báo một lỗi liên quan đến chuyện này, xin bao gồm tin tức kỹ thuật sau đây trong phần báo lỗi:\n%hs) - Lỗi: Trạng thái bất thường.\n\n\n(Nếu bạn báo một lỗi liên quan đến chuyện này, xin bao gồm tin tức kỹ thuật sau đây trong phần báo lỗi:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - CẢNH BÁO: Tác vụ Phụ của VeraCrypt bị tắt. Sau khi bạn ra khỏi VeraCrypt, bạn sẽ không được thông báo nếu tổn hại cho tập đĩa ẩn được ngăn cản.\n\nLưu ý: Bạn có thể tắt Tác vụ Phụ bất cứ lúc nào bằng cách nhấn phải biểu tượng khay và chọn 'Thoát ra'.\n\nBật Tác vụ Phụ của VeraCrypt lên không? - Phiên bản của bộ ngôn ngữ: %s - Đang kiểm soát hệ thống tập tin trong tập đĩa VeraCrypt được nạp như %s... - Đang thử sửa hệ thống tập tin trong tập đĩa VeraCrypt được nạp như %s... - Cảnh báo: Tập đĩa này được mã hóa với một thuật toán mã hóa thừa tự.\n\nTất cả các thuật toán mã hóa 64-bit-block (ví dụ như Blowfish, CAST-128, hay Triple DES) bị bãi bỏ. Sẽ không thể nào nạp tập đĩa này khi dùng những phiên bản tương lai của VeraCrypt. Tuy nhiên, sẽ không còn những tiến triển cho việc thực hiện những thuật toán mã hóa thừa tự này nữa. Chúng tôi khuyên bạn cấu tạo một tập đĩa VeraCrypt mới được mã hóa với một thuật toán mã hóa 128-bit-block (ví dụ như AES, Serpent, Twcủaish, v.v.) và dời tất cả các tập tin từ tập đĩa này sang tập đĩa mới. - Hệ thống của bạn không được cấu hình để tự-nạp các tập đĩa mới. Có thể nạp các tập đĩa VeraCrypt có thiết bị làm chủ được. Tự-nạp có thể được bật lên bằng cách thực thi lệnh sau đây và bắt đầu hệ thống lại.\n\nmountvol.exe /E - Xin gán một chữ hiệu ổ đĩa cho phân vùng/thiết bị trước khi tiến hành ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Cấu tạo và định dạng phân vùng đĩa cứng').\n\nLưu ý rằng đây là một yêu cầu của hệ điều hành. - Nạp tập đĩa VeraCrypt lên - Tháo tất cả các tập đĩa VeraCrypt xuống - VeraCrypt không lấy được những quyền Quản lý. - Quyền truy cập bị từ chối bởi hệ điều hành.\n\nNguyên nhân khả dĩ: Hệ điều hành yêu cầu bạn có quyền đọc/viết (hoặc quyền quản lý) cho một số thư mục, tập tin, và thiết bị, để bạn được quyền đọc và viết dữ liệu vào/từ chúng. Thông thường, một người dùng không có những quyền quản lý chỉ được được quyền cấu tạo, đọc và thay đổi những tập tin trong thư mục Documents của họ. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - Bộ tải Khởi nạp VeraCrypt cần ít nhất 32 KBytes phần trống ở khúc đầu của ổ đĩa hệ thống (Bộ tải Khởi nạp VeraCrypt cần được giữ trong khu vực đó). Không may, ổ đĩa của bạn không đạt được điều kiện này.\n\nXin ĐỪNG báo chuyện này là lỗi/vấn đề trong VeraCrypt. Để giải quyết vấn đề này, bạn sẽ cần phải phân vùng đĩa của bạn lại và chừa trống 32 KBytes đầu tiên của đĩa (trong đa số các trường hợp, bạn sẽ cần phải xóa và cấu tạo lại phân vùng đầu tiên). Chúng tôi đề nghị bạn sử dụng Microsoft phân vùng manager đang có sẵn ví dụ như khi bạn đang cài đặt Windows. - Tính năng không được hỗ trợ trong phiên bản của hệ điều hành mà bạn đang sử dụng. - VeraCrypt không hỗ trợ việc mã hóa một phân vùng/ổ đĩa hệ thống trong phiên bản của hệ điều hành mà bạn đang sử dụng. - Trước khi bạn có thể mã hóa phân vùng/ổ đĩa hệ thống trong Windows Vista, bạn cần cài đặt Service Pack 1 hoặc cao hơn cho Windows Vista (chưa có Service Pack nào như thế đã được cài đặt trong hệ thống này).\n\nLưu ý: Service Pack 1 cho Windows Vista giải quyết một vấn đề gây nên sự thiếu hụt bộ nhớ trống trong khi khởi nạp hệ thống. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Lỗi: Tính năng này cần VeraCrypt được cài đặt trong hệ thống của bạn (bạn đang cho VeraCrypt chạy trong dạng lưu động).\n\nXin cài đặt VeraCrypt và sau đó thử lại. - CẢNH BÁO: Dường như Windows không được cài đặt trong ổ đĩa nơi mà nó khởi nạp. Việc này không được hỗ trợ.\n\nBạn chỉ nên tiếp tục nếu bạn chắc là Windows được cài đặt trong ổ đĩa nơi mà nó khởi nạp.\n\nBạn có muốn tiếp tục không? - Ổ đĩa hệ thống của bạn có một bảng phân vùng GUID (GPT). Hiện tại, chỉ có những ổ đĩa với bảng phân vùng MBR được hỗ trợ. - CHÚ Ý: Bộ tải Khởi nạp VeraCrypt đã được cài đặt trong ổ đĩa hệ thống của bạn!\n\nCó thể một hệ thống khác trong máy của bạn đã được mã hóa.\n\nCẢNH BÁO: TIẾN HÀNH VIỆC MÃ HÓA HỆ THỐNG ĐANG ĐƯỢC CHẠY CÓ THỂ LÀM CHO (CÁC) HỆ THỐNG KHÁC KHÔNG TÀI NÀO BẮT ĐẦU ĐƯỢC VÀ DỮ LIỆU LIÊN HỆ KHÔNG TRUY CẬP ĐƯỢC.\n\nBạn có chắc là bạn muốn tiếp tục không? - Không thể phục hồi bộ tải hệ thống nguyên thủy.\n\nXin sử dụng Đĩa Cứu hộ VeraCrypt ('Tùy chọn Sửa chửa' > 'Phục hồi bộ tải hệ thống nguyên thủy') hoặc môi trường cài đặt Windows để thay thế Bộ tải Khởi nạp VeraCrypt với bộ tải hệ thống Windows. - Bộ tải hệ thống nguyên thủy sẽ không được giữ trong Đĩa Cứu hộ (lý do có thể là tập tin sao lưu bị mất). - Không viết vào khu vực MBR được.\n\nBIOS của bạn có thể được cấu hình để bảo vệ khu vực MBR. Kiểm soát những thiết đặt BIOS của bạn (bấm F2, Xóa, hay Esc, sau khi bật máy của bạn lên) xem coi có bảo vệ MBR/chống vi-rút. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - Phiên bản cần có của Bộ tải Khởi nạp VeraCrypt hiện không đang được cài đặt. Việc này có thể ngăn cản sự lưu trữ một số thiết lập. - Lưu ý: Trong một vài trường hợp, bạn có thể muốn ngăn cản một người (đối phương) đang nhìn xem bạn bắt đầu máy điện toán không cho biết là bạn sử dụng VeraCrypt. Những tùy chọn bên trên cho phép bạn làm như thế bằng cách đặc chế màn ảnh bộ tải khởi nạp của VeraCrypt. Nếu bạn bật tùy chọn thứ nhất lên, không có chữ nào sẽ được hiển thị bởi bộ tải khởi nạp (ngay cả khi bạn đánh mật mã sai vào). Máy điện toán sẽ nhìn giống như đang bị "ngưng đọng" trong lúc bạn có thể đánh mật mã của bạn vào. Thêm vào đó, một thông điệp riêng có thể được hiển thị để đánh lạc đối phương. Ví dụ như những thông điệp lỗi giả như "Mất hệ điều hành" (thường được hiển thị bởi bộ tải khởi nạp của Windows nếu nó không tìm được phân vùng khởi động Windows). Tuy nhiên, điều quan trọng cần lưu ý là nếu đối phương có thể phân tích nội dung của đĩa cứng thì họ vẫn có thể tìm được là nó có chứa bộ tải khởi nạp của VeraCrypt. - CẢNH BÁO: Xin nhớ là bạn bật tùy chọn này lên, bộ tải khởi nạp của VeraCrypt sẽ không hiển thị bất cứ chữ nào (ngay cả khi bạn đánh mật mã sai vào). Máy điện toán sẽ nhìn giống như đang bị "ngưng đọng" (không đáp lại) trong lúc bạn có thể đánh mật mã của bạn vào (con trỏ sẽ KHÔNG di chuyển và sẽ không có dấu sao nào được hiển thị khi bạn bấm một phím).\n\nBạn có chắc là bạn muốn bật tùy chọn này lên không? - Dường như phân vùng/ổ đĩa hệ thống của bạn đã được hoàn toàn mã hóa. - VeraCrypt không hỗ trợ việc mã hóa một ổ đĩa hệ thống đã được biến thành một đĩa động. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Bạn có muốn mã hóa phân vùng hệ thống thay vì toàn bộ ổ đĩa không?\n\nLưu ý là bạn có thể cấu tạo các tập đĩa VeraCrypt có phân vùng-làm chủ bên trong bất cứ phân vùng vô hệ nào trong ổ đĩa (thêm vào chuyện mã hóa phân vùng hệ thống). - Vì ổ đĩa hệ thống của bạn chỉ có chứa một phân vùng đơn độc mà chiếm cả ổ đĩa, tốt hơn (an toàn hơn) là mã hóa toàn bộ ổ đĩa kể cả khoảng trống "slack" mà thường bao quanh một phân vùng như thế.\n\nBạn có muốn mã hóa toàn bộ ổ đĩa hệ thống không? - Hệ thống của bạn đưọc cấu hình để lưu giữ những tập tin tạm thời trong một phân vùng vô hệ.\n\nNhững tập tin tạm thời chỉ có thể được lưu giữ trong phân vùng hệ thống. - Những tập tin cho hồ sơ người dùng của bạn không được lưu giữ trong phân vùng hệ thống.\n\nCác tập tin cho hồ sơ người dùng chỉ có thể được lưu giữ trong phân vùng hệ thống. - Có (những) tập tin phân trang trong những phân vùng vô hệ.\n\nCác tập tin phân trang chỉ có thể tìm thấy trong phân vùng hệ thống. - Bạn có muốn cấu hình Windows để cấu tạo những tập tin phân trang chỉ trong phân vùng của Windows bây giờ không?\n\nLưu ý là nếu bạn nhấn 'Có', máy điện toán sẽ được bắt đầu lại. Sau đó bắt đầu VeraCrypt và thử cấu tạo OS ẩn lần nữa. - Không thôi, sự phủ nhận hợp lý của hệ điều hành ẩn có thể bị ảnh hưởng bất lợi.\n\nLưu ý: Nếu một đối phương phân tích nội dung những của tập tin như thế (nằm trong một phân vùng vô hệ), họ có thể tìm ra được là bạn đã dùng trợ lý này trong phương thức cấu tạo-hệ thống-ẩn (điều này có thể cho thấy có sự xuất hiện của một hệ điều hành ẩn trong máy điện toán của bạn). Đồng thời cũng lưu ý là bất cứ tập tin nào như thế được lưu giữ trong phân vùng hệ thống sẽ được xóa tẩy một cách an toàn bởi VeraCrypt trong quá trình cấu tạo của hệ điều hành ẩn. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - Vì những lý do bảo mật, nếu hệ điều hành hiện đang chạy cần kích hoạt thì nó phải được kích hoạt trước khi tiến hành. Lưu ý là hệ điều hành ẩn sẽ được cấu tạo bằng cách chép nội dung của phân vùng hệ thống vào một tập đĩa ẩn (vì thế nếu hệ điều hành này không được kích hoạt thì hệ điều hành ẩn cũng sẽ không được kích hoạt luôn). Để có thêm tin tức, xem phần "Những Yêu cầu và Đề phòng Bảo mật Liên quan đến những Tập đĩa ẩn" trong Hướng dẫn cho Người dùng của VeraCrypt.\n\nQuan trọng: Trước khi tiến hành, xin đảm bảo là bạn đã đọc phần "Những Yêu cầu và Đề phòng Bảo mật Liên quan đến những Tập đĩa ẩn" trong Hướng dẫn cho Người dùng.\n\n\nHệ điều hành hiện đang chạy có đạt được điều kiện bên trên không? - Hệ thống của bạn dùng thêm một phân vùng khởi động. VeraCrypt không hỗ trợ vô động trong những hệ điều hành ẩn mà sử dụng thêm một phân vùng khởi động (hệ thốngs nghi trang có thể được vô động mà không gặp vấn đề gì cả).\n\nXin lưu ý là phân vùng khởi động sẽ được xài chung bởi cả hệ nghi trang lẫn hệ ẩn. Vì vậy, để ngăn cản những thất thoát và vấn đề của dữ liệu trong lúc bắt đầu lại từ sự vô động, VeraCrypt phải ngăn cản hệ ẩn viết vào phân vùng khởi động xài chung và vào trạng thái vô động.\n\n\nBạn có muốn tiếp tục không? Nếu bạn chọn 'Không', những chỉ dẫn để tháo bỏ phân vùng khởi động thêm sẽ được hiển thị. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Cảnh báo: Có chỗ trống chưa phân phát giữa phân vùng hệ thống và phân vùng đầu tiên phía sau nó. Sau khi bạn cấu tạo hệ điều hành ẩn, bạn không được cấu tạo bất cứ phân vùng mới nào trong chỗ trống chưa phân phát đó. Không thôi, hệ điều hành ẩn sẽ không thể nào khởi động được (cho đến khi bạn xóa bỏ những phân vùng được cấu tạo như thế). - Thuật toán này hiện không được hỗ trợ cho việc mã hóa hệ thống. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Các tập tin khóa hiện không được hỗ trợ cho việc mã hóa hệ thống. - Cảnh báo: VeraCrypt không thể hồi phục bố trí bàn phím gốc được. Chuyện này có thể làm cho bạn đánh mật mã không đúng vào. - Lỗi: Không thể thiết đặt bố trí bàn phím cho VeraCrypt thành bố trí bàn phím căn bản của Mỹ được.\n\nLưu ý là mật mã cần được đánh vào trong môi trường tiền khởi động (trước khi Windows bắt đầu) lúc mà bố trí bàn phím Windows không phải của Mỹ không có sẵn. Vì vậy, mật mã phải luôn luôn được đánh vào dùng bố trí bàn phím căn bản của Mỹ. - Vì VeraCrypt đã tạm thời thay đổi bố trí bàn phím thành bố trí bàn phím căn bản của Mỹ, nên không thể đánh các ký tự bằng cách nhấn bấm các phím trong lúc phím Alt bên phải đang được giữ xuống. Tuy nhiên, bạn có thể đánh đa số những ký tự như thế bằng cách bấm các phím thích hợp trong lúc phím Shift đang được giữ xuống. - VeraCrypt ngăn cản sự thay đổi của bố trí bàn phím . - Lưu ý: Mật mã sẽ cần được đánh vào trong môi trường tiền khởi động (trước khi Windows bắt đầu) lúc mà bố trí bàn phím Windows không phải của Mỹ không có sẵn. Vì vậy, mật mã phải luôn luôn được đánh vào dùng bố trí bàn phím căn bản của Mỹ. Tuy nhiên, chuyện quan trọng cần lưu ý là bạn KHÔNG cần một bàn phím thật của Mỹ. VeraCrypt tự động đảm bảo là bạn có thể đánh mật mã một cách an toàn (ngay bây giờ và trong môi trường tiền khởi động) ngay cả nếu bạn KHÔNG có một bàn phím thật của Mỹ. - Trước khi bạn có thể mã hóa phân vùng/ổ đĩa, bạn phải cấu tạo một Đĩa Cứu hộ VeraCrypt (VRD) để dùng cho những mục đích sau đây:\n\n- Nếu Bộ tải Khởi nạp của VeraCrypt, khóa chính, hoặc những dữ liệu trọng yếu bị tổn hại thì VRD để cho bạn hồi phục nó (tuy nhiên lưu ý là bạn sẽ vẫn phải nhập mật mã đúng vào).\n\n- Nếu Windows bị tổn hại và không thể bắt đầu, VRD để cho bạn giải mã phân vùng/ổ đĩa vĩnh viễn trước khi Windows bắt đầu.\n\n- VRD sẽ có chứa một bản sao của nội dung hiện tại của phần đường đầu tiên của ổ đĩa (cái mà thường có chứa một hệ thống khởi nạp hoặc hàm quản lý khởi động) và sẽ để cho bạn hồi phục nếu cần thiết.\n\nBản ảnh ISO của Đĩa Cứu hộ VeraCrypt sẽ được cấu tạo ở vị trí xác định bên dưới. - Sau khi bạn nhấn OK, Microsoft Windows Disc Image Burner sẽ được khởi chạy. Xin sử dụng nó để sang bản ảnh ISO của Đĩa Cứu hộ VeraCrypt qua một CD hay DVD.\n\nSau khi bạn làm thế, trở lại Trợ lý Cấu tạo Tập đĩa VeraCrypt và theo những hướng dẫn của nó. - Bản ảnh của Đĩa Cứu hộ đã được cấu tạo và lưu trữ trong tập tin này:\n%s\n\nBây giờ bạn cần sang nó qua một CD hay DVD.\n\n%lsSau khi bạn sang Đĩa Cứu hộ rồi, nhấn Kế tiếp để xác nhận là nó đã đuợc sang đúng cách. - Bản ảnh của Đĩa Cứu hộ đã được cấu tạo và lưu trữ trong tập tin này:\n%s\n\nBây giờ bạn nên sang bản ảnh qua một CD/DVD hoặc or di chuyển nó qua một vị trí an toàn để sử dụng sau này.\n\n%lsNhấn Kế tiếp để tiếp tục. - QUAN TRỌNG: Lưu ý là tập tin phải được viết vào CD/DVD như là một bản ảnh ISO của đĩa (chứ không phải như là một tập tin cá nhân). Để có hướng dẫn làm như thế nào, xin tham khảo tài liệu của nhu liệu thâu CD/DVD của bạn. Nếu bạn không có nhu liệu thâu CD/DVD nào có thể viết bản ảnh ISO của đĩa vào một CD/DVD, nhấn liên kết bên dưới để tải nhu liệu miễn phí như thế xuống.\n\n - Khởi chạy Microsoft Windows Disc Image Burner - CẢNH BÁO: Nếu bạn đã cấu tạo một Đĩa Cứu hộ VeraCrypt trong quá khứ, nó không thể đuợc dùng lại cho phân vùng/ổ đĩa hệ thống này vì nó được cấu tạo cho một khóa chính khác! Mỗi khi bạn mã hóa một phân vùng/ổ đĩa hệ thống, bạn phải cấu tạo một Đĩa Cứu hộ VeraCrypt mới cho nó ngay cả nếu bạn sử dụng cùng một mật mã. - Lỗi: Không thể lưu trữ những thiết lập mã hóa hệ thống. - Không thể khởi đầu tiền thử nghiệm của mã hóa hệ thống. - Không thể khởi đầu quá trình cấu tạo hệ điều hành ẩn. - Phương thức Tẩy - Trong một vài loại môi trường chứa, khi các dữ liệu bị viết chòng lên với những dữ liệu khác, các dữ liệu bị viết chòng lên có thể được khôi phục lại bằng cách dùng những kỹ thuật như microscopy lực từ trường. This also applies to data that are overwritten with their mã hóa form (which happens when VeraCrypt initially encrypts một unmã hóa phân vùng or ổ đĩa). Dựa theo một vài nghiên cứu và công bố của chính phủ, sự khôi phục của các dữ liệu bị viết chòng lên có thể được cản trở (hoặc làm cho rất khó khăn) bằng cách viết chòng các dữ liệu với dữ liệu pseudorandom và non-random một số lần nhất định. Vì vậy, nếu bạn tin là một đối phương có thể dùng những kỹ thuật như thế để khôi phục lại các dữ liệu bạn intend mã hóa, bạn có thể chọn một trong những phương thức tẩy (existing data will NOT be lost). Lưu ý là sự tẩy will NOT be performed after the phân vùng/ổ đĩa is mã hóa. When the phân vùng/ổ đĩa is fully mã hóa, no unmã hóa data is written to it. Any data being written to it is first mã hóa ngay khi cần in memory and only then is the (mã hóa) data written to the disk. - Trong một vài loại môi trường chứa, khi các dữ liệu bị viết chòng lên với những dữ liệu khác (ví dụ như khi dữ liệu bị xóa mất), các dữ liệu bị viết chòng lên có thể được khôi phục lại bằng cách dùng những kỹ thuật như microscopy lực từ trường. Dựa theo một vài nghiên cứu và công bố của chính phủ, sự khôi phục của các dữ liệu bị viết chòng lên có thể được cản trở (hoặc làm cho rất khó khăn) bằng cách viết chòng các dữ liệu với dữ liệu pseudorandom và non-random một số lần nhất định. Vì vậy, nếu bạn tin là một đối phương có thể dùng những kỹ thuật như thế để khôi phục lại các dữ liệu đáng được xóa mất, bạn có thể chọn một trong những phương thức tẩy nhiều-pass.\n\nLưu ý: Bạn càng sử dụng nhiều pass tẩy chừng nào thì sẽ nó sẽ mất lâu hơn để xóa mất các dữ liệu. - Đang tẩy - \nLưu ý: Bạn có thể gián đoạn quá trình của việc tẩy, tắt máy điện toán của bạn, bắt đầu hệ ẩn lại và sau đó tiếp tục lại quá trình (trợ lý này sẽ được tự động khởi chạy). Tuy nhiên, nếu bạn gián đoạn nó, toàn bộ quá trình của việc tẩy sẽ phải bắt đầu lại từ đầu. - \n\nLưu ý: Nếu bạn gián đoạn quá trình tẩy và thử tiếp tục lại thì cả quá trình sẽ phải bắt đầu lại từ đầu. - Bạn có muốn hủy bỏ quá trình tẩy không? - Cảnh báo: Toàn bộ nội dung của phân vùng/thiết bị được chọn sẽ bị xóa và mất đi. - Toàn bộ nội dung của phân vùng nơi mà hệ thống gốc nằm sẽ bị xóa đi.\n\nLưu ý: Toàn bộ nội dung của phân vùng mà bị xóa đi đã được sao chép vào phân vùng của hệ ẩn này. - CẢNH BÁO: Lưu ý là khi bạn chọn ví dụ như phương thức tẩy 3-bước, thời gian cần thiết để mã hóa phân vùng/ổ đĩa sẽ lâu hơn gấp 4 lần. Tương tự, nếu bạn chọn phương thức tẩy 35-bước, nó sẽ lâu hơn gấp 36 lần (nó có thể mất một vài tuần).\n\nTuy nhiên, xin lưu ý là việc tẩy sẽ KHÔNG được thực hiện sau khi phân vùng/ổ đĩa được hoàn toàn mã hóa. Khi phân vùng/ổ đĩa được hoàn toàn mã hóa, dữ liệu không được mã hóa sẽ không được viết vào nó. Bâ;t cứ dữ liệu nào được viết vào nó trước tiên được mã hóa ngay khi cần trong bộ nhớ và chỉ sau đó dữ liệu (mã hóa) mới được viết vào đĩa (vì thế hiệu suất sẽ KHÔNG bị ảnh hưởng).\n\nBạn có chắc là bạn muốn sử dụng phương thức tẩy không? - Không có (fastest) - 1-pass (random data) - 3-pass (US DoD 5220.22-M) - 7-pass (US DoD 5220.22-M) - 35-pass ("Gutmann") - 256-pass - Số Hệ Điều hành - CẢNH BÁO: Người dùng không kinh nghiệm không bao giờ nên thử mã hóa Windows theo cấu hình khởi động đa hệ.\n\nTiếp tục không? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Ổ đĩa Khởi động - Hệ điều hành đang chạy hiện thời có được cài đặt trong ổ đĩa khởi động không?\n\nLưu ý: Đôi khi Windows không được cài đặt trong cùng ổ đĩa chung với bộ nạp khởi động của Windows bộ tải khởi nạp (phân vùng khởi động). Trong trường hợp như thế, chọn 'Không'. - VeraCrypt hiện tại không hỗ trợ việc mã hóa một hệ điều hành mà không khởi động từ ổ đĩa nơi nó được cài đặt. - Số Ổ đĩa Hệ thống - Có bao nhiêu ổ đĩa có chứa một hệ điều hành?\n\nLưu ý: Ví dụ nếu như bạn có bất cứ hệ điều hành nào(như Windows, Mac OS X, Linux, v.v.) được cài đặt trong ổ đĩa chính của bạn và một hệ điều hành khác được cài đặt trong ổ đĩa phụ của bạn thì chọn '2 hay hơn'. - VeraCrypt hiện tại không hỗ trợ việc mã hóa cả một ổ đĩa có chứa nhiều hệ điều hành.\n\nNhững Giải pháp Có thể:\n\n- Bạn vẫn có thể mã hóa một trong các hệ thống nếu bạn đi ngược lại và chọn chỉ mã hóa một hệ thống phân vùng đơn độc (thay vì chọn mã hóa toàn bộ ổ đĩa hệ thống).\n\n- Ngoài ra, bạn sẽ có thể mã hóa toàn bộ ổ đĩa nếu bạn dời một vài hệ thống qua những ổ đĩa khác và chỉ để một hệ thống trong ổ đĩa mà bạn muốn mã hóa. - Đa Hệ trong Ổ đĩa Đơn - Có hệ điều hành nào khác được cài đặt trong ổ đĩa hệ điều hành đang chạy được cài đặt không?\n\nLưu ý: Ví dụ như nếu hệ điều hành đang chạy được cài đặt trong ổ đĩa #0, nơi mà có chứa một số phân vùng, và nếu một trong các phân vùng có chứa Windows và một phân vùng khác có chứa bất cứ hệ điều hành khác (ví dụ như Windows, Mac OS X, Linux, v.v.), chọn 'Có'. - Bộ tải Khởi nạp Không phải của Windows - Có một bộ tải khởi nạp nào không phải của Windows (hoặc hàm quản lý khởi động) được cài đặt trong hồ sơ khởi động chính (MBR) không?\n\nLưu ý: Ví dụ như nếu phần đường đầu tiên của ổ đĩa khởi động có chứa GRUB, LILO, XOSL, hoặc vài hàm quản lý khởi động không phải của Windows (hoặc bộ tải khởi nạp), chọn 'Có'. - Khởi động Đa hệ - VeraCrypt hiện tại không hỗ trợ cấu hình đa-khởi động nơi một bộ tải khởi nạp không phải của Windows được cài đặt trong Hồ sơ Khởi động Chính.\n\nNhững Giải pháp Có thể:\n\n- Nếu bạn sử dụng một hàm quản lý khởi động để khởi động Windows và Linux, dời hàm quản lý khởi động (thông thường là GRUB) từ Hồ sơ Khởi động Chính đến một phân vùng. Sau đó bắt đầu trợ lý này lại và mã hóa phân vùng/ổ đĩa hệ thống. Lưu ý là Bộ tải Khởi nạp của VeraCrypt sẽ trở thành hàm quản lý khởi động chủ yếu của bạn và nó sẽ cho phép bạn khởi chạy hàm quản lý khởi động gốc (ví dụ như GRUB) như là hàm quản lý khởi động phụ của bạn (bằng cách bấm Esc trong màn ảnh Bộ tải Khởi nạp của VeraCrypt) và vì vậy bạn sẽ có thể khởi động Linux. - Nếu hệ điều hành hiện đang chạy được cài đặt trong phân vùng khởi động thì sau khi bạn mã hóa nó, bạn sẽ cần phải nhập mật mã đúng vào ngay cả nếu bạn muốn bắt đầu bất cứ hệ thống Windows chưa mã hóa nào khác (vì chúng sẽ xài chung một bộ tải khởi nạp/hàm quản lý đơn độc của Windows được mã hóa).\n\nNgược lại, nếu hệ điều hành đang chạy không được cài đặt trong phân vùng khởi động (hoặc nếu bộ tải khởi nạp/hàm quản lý của Windows không được dùng bởi bất cứ hệ thống nào khác) thì sau khi bạn mã hóa hệ thống này, bạn sẽ không cần phải nhập mật mã đúng vào để khởi động (các) hệ thống chưa được mã hóa khác -- bạn sẽ chỉ cần bấm phím Esc để bắt đầu giải mã hệ thống (nếu có nhiều hệ thống chưa được mã hóa thì bạn sẽ cũng cần phải chọn hệ thống nào để bắt đầu trong trình đơn của Hàm quản lý Khởi động của VeraCrypt).\n\nLưu ý: Thông thường thì hệ thống Windows được cài đặt trước nhất thì được cài đặt trong phân vùng khởi động. - Mã hóa Vùng được Chủ Bảo vệ - Ở phía cuối của nhiều ổ đĩa, có một vùng thường được ẩn khỏi hệ điều hành (những vùng như thế thường được nhắc đến như là những Vùng được Chủ Bảo vệ). Tuy nhiên, một vài chương trình có thể đọc và viết dữ liệu từ/vào những vùng như thế.\n\nCẢNH BÁO: Một vài nhà sản xuất máy điện toán có thể dùng những vùng như thế để lưu trữ các công cụ và dữ liệu cho RAID, hệ thống phục hồi, hệ thống thiết lập, chẩn đoán, hay những mục đích khác. Nếu such các công cụ và dữ liệu như thế phải được truy cập trước khi khởi động, vùng ẩn KHÔNG nên được mã hóa (chọn 'No' bên trên).\n\nBạn có muốn VeraCrypt truy kiếm và mã hóa một vùng ẩn như thế (nếu có) ở phía cuối của ổ đĩa hệ thống không? - Loại Giải Mã Hệ Thống - Chọn tùy chọn này nếu bạn muốn giải mã phân vùng hệ thống hoặc toàn bộ đĩa hệ thống. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hệ Điều Hành Ẩn - Trong các bước sau đây, bạn sẽ cấu tạo hai tập đĩa VeraCrypt (bên ngoài và ẩn) trong phân vùng đầu tiên phía sau phân vùng hệ thống. Tập đĩa ẩn có chứa hệ điều hành tiềm ẩn (OS). VeraCrypt sẽ cấu tạo hệ điều hành ẩn bằng cách sao chép nội dung của phân vùng hệ thống (nơi hệ điều hành hiện đang chạy được cài đặt) tới tập đĩa ẩn. Cho tập đĩa bên ngoài, bạn sẽ sao chép một số tập tin nhìn như nhạy cảm mà bạn thực sự không muốn để ẩn. Chúng sẽ ở đó cho bất cứ ai buộc bạn phải tiết lộ mật mã cho phân vùng hệ điều hành ẩn. Bạn có thể tiết lộ mật mã cho các tập đĩa bên ngoài trong hệ điều hành phân vùng ẩn (sự hiện hữu của hệ điều hành ẩn vẫn là bí mật).\n\nCuối cùng, trên phân vùng hệ thống của hệ điều hành đang chạy, bạn sẽ cài đặt một hệ điều hành mới, gọi là hệ điều hành nghi trang , và mã hóa nó. Nó không được chứa dữ liệu nhạy cảm và sẽ ở đó cho bất cứ ai ép buộc bạn để lộ mật mã chứng thực tiền khởi động. Tổng số, sẽ có ba mật mã. Hai trong số đó có thể được công bố (cho hệ điều hành nghi trang và tập đĩa bên ngoài). Nếu bạn sử dụng mật mã thứ ba, hệ điều hành ẩn sẽ khởi động. - Phát hiện các Khu vực Ẩn - Xin chờ trong khi VeraCrypt đang phát hiện những khu vực có thể ẩn ở phần cuối của ổ đĩa hệ thống. Ghi chú rằng có thể mất một thời gian dài để hoàn thành.\n\nLưu ý: Trong vài trường hợp rất hiếm, trên một số máy điện toán, hệ thống có thể trở thành không phản hồi trong quá trình phát hiện này. Nếu điều đó xảy ra, khởi động lại máy điện toán, bắt đầu VeraCrypt, lặp lại các bước trên nhưng bỏ qua quá trình này phát hiện. Lưu ý là vấn đề này không phải là do một lỗi trong VeraCrypt. - Khu vực để Mã hóa - Chọn tùy chọn này nếu bạn muốn mã hóa toàn bộ ổ đĩa mà hệ thống Windows đang chạy được cài đặt. Toàn bộ ổ đĩa, bao gồm tất cả các phân vùng của nó, sẽ được mã hóa, ngoại trừ phần đường đầu tiên mà các Bộ tải Khởi nạp VeraCrypt sẽ cư trú. Những người muốn truy cập một hệ thống được cài đặt trên ổ đĩa, hoặc các tập tin được lưu trữ trên ổ đĩa, sẽ cần phải nhập đúng mật mã mỗi lần trước khi hệ thống bắt đầu. Tùy chọn này không thể được sử dụng để mã hóa một ổ đĩa thứ cấp hoặc bên ngoài nếu Windows không được cài đặt trên nó và không khởi động từ nó. - Thu thập Dữ liệu Ngẫu nhiên - Các Khóa đã được Tạo ra - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Ghi Đĩa Cứu hộ - Đĩa Cứu hộ đã được cấu tạo - Dự bị thử nghiệm Hệ thống mã hóa - Đĩa Cứu hộ đã được xác nhận - \n\nĐĩa Cứu hộ VeraCrypt đã được xác nhận thành công. Xin gỡ bỏ nó từ ổ đĩa hiện nay và lưu trữ nó trong một nơi an toàn.\n\nNhấn Kế tiếp để tiếp tục - CẢNH BÁO: Trong các bước kế tiếp, Đĩa Cứu hộ VeraCrypt không được ở trong ổ đĩa. Không thôi, nó sẽ không thể hoàn tất các bước chính xác.\n\nXin lấy nó ra khỏi ổ đĩa bây giờ và lưu trữ nó trong một nơi an toàn. Sau đó bấm OK. - Cảnh báo: Do hạn chế kỹ thuật của môi trường trước khi khởi động, văn bản được hiển thị bởi VeraCrypt trong môi trường trước khi khởi động (tức là trước khi bắt đầu Windows) không thể được bản địa hóa. Các giao diện người dùng Bộ tải Khởi nạp VeraCrypt hoàn toàn bằng tiếng Anh.\n\nTiếp tục không? - Trước khi mã hóa các phân vùng hệ thống hoặc ổ đĩa của bạn, VeraCrypt cần xác minh rằng tất cả mọi chuyện hoạt động chính xác. \n\nSau khi bạn nhấn vào Thử, tất cả các thành phần cần thiết (ví dụ như thành phần chứng thực tiền khởi động, tức là Bộ tải Khởi nạp VeraCrypt) sẽ được cài đặt và máy điện toán của bạn sẽ được khởi động lại. Sau đó, bạn sẽ phải nhập mật mã của bạn trong màn hình Bộ tải Khởi nạp VeraCrypt mà nó sẽ xuất hiện trước khi Windows khởi động. Sau khi Windows khởi động, bạn sẽ được tự động thông báo về kết quả của cuộc tiền thử nghiệm này.\n\n Thiết bị sau đây sẽ được sửa đổi: Ổ đĩa #%d\n\n\nNếu bạn nhấn vào Hủy bây giờ, không có gì sẽ được cài đặt và tiền thử nghiệm sẽ không được thực hiện. - LƯU Ý QUAN TRỌNG -- XIN ĐỌC HOẶC IN (nhấn vào 'In'):\n\nLưu ý là không có tập tin nào của bạn sẽ được mã hóa trước khi bạn khởi động lại máy điện toán của bạn thành công và bắt đầu Windows. Vì thế, nếu bất cứ điều gì thất bại, dữ liệu của bạn sẽ KHÔNG bị mất. Tuy nhiên, nếu một cái gì đó đi sai, bạn có thể gặp khó khăn khi khởi động Windows. Vì vậy, hãy đọc (và nếu có thể, in) các hướng dẫn sau đây về những gì cần làm nếu Windows không thể bắt đầu sau khi bạn khởi động lại máy điện toán.\n\n - Cần Làm Gì Nếu Windows Không thể Khởi động\n----------------------------------------------------\n\nLưu ý: Những chỉ dẫn có giá trị chỉ khi bạn chưa bắt đầu mã hóa.\n\n-Nếu Windows không khởi động sau khi bạn nhập đúng mật mã (hoặc nếu bạn liên tục nhập đúng mật mã nhưng VeraCrypt cho biết mật mã là không chính xác), đừng lo. Khởi động lại (tắt nguồn và trên) máy điện toán, và trong màn hình Bộ tải Khởi nạp VeraCrypt, bấm phím Esc trên bàn phím của bạn (và nếu bạn có nhiều hệ thống, chọn để bắt đầu). Sau đó Windows sẽ bắt đầu (miễn là nó không phải là mật mã) và VeraCrypt sẽ tự động hỏi bạn có muốn bỏ cài đặt các thành phần chứng thực tiền khởi động. Lưu ý là các bước trước đó KHÔNG làm việc nếu hệ thống phân vùng / ổ đĩa được mã hóa (không ai có thể bắt đầu Windows hoặc truy cập mã hóa dữ liệu trên ổ đĩa mà không có mật mã chính xác ngay cả khi người đó đi theo các bước trước đó).\n\n - - Nếu các bước trước đó không giúp đỡ hoặc nếu màn hình Bộ tải Khởi nạp VeraCrypt không xuất hiện (trước khi bắt đầu Windows), bỏ Đĩa Cứu hộ VeraCrypt vào đĩa CD/DVD ổ đĩa và khởi động lại máy điện toán của bạn. Nếu Đĩa Cứu hộ VeraCrypt màn hình không xuất hiện (hoặc nếu bạn không nhìn thấy mục "Tùy chọn Sửa chữa 'trong phần' Bàn phím điều khiển 'của màn hình VeraCrypt Đĩa Cứu hộ), có thể là BIOS của bạn được cấu hình để thử khởi động từ ổ đĩa cứng trước khi chạy CD/DVD. Nếu đó là trường hợp, khởi động lại máy điện toán của bạn, nhấn F2 hoặc Xóa (ngay sau khi bạn thấy màn hình BIOS bắt đầu-lên), và đợi cho đến khi một màn hình cấu hình BIOS xuất hiện. Không thôi có màn hình cấu hình BIOS xuất hiện, khởi động lại (đạt lại) lại máy điện toán và bắt đầu nhấn F2 hoặc Xóa liên tục ngay sau khi bạn khởi động lại (reset) máy điện toán. Khi một màn hình cấu hình BIOS xuất hiện, cấu hình BIOS để khởi động từ CD/DVD ổ đĩa đầu tiên (để có hướng dẫn làm như thế nào, xin tham khảo tài liệu cho BIOS của bạn / bo mạch chủ hoặc liên hệ với ban hỗ trợ kỹ thuật từ nhà cung cấp máy điện toán của bạn của để được hỗ trợ). Sau đó khởi động lại máy điện toán của bạn. Các Đĩa Cứu hộ VeraCrypt màn hình sẽ xuất hiện ngay bây giờ. Trong màn hình Đĩa Cứu hộ VeraCrypt, chọn "Tùy chọn Sửa chữa 'bằng cách nhấn F8 trên bàn phím. Từ trình đơn 'Tùy chọn Sửa chữa', chọn 'Khôi phục hệ thống bộ nạp bản gốc. Sau đó, loại bỏ các Đĩa Cứu hộ từ ổ CD/DVD ổ đĩa và khởi động lại máy điện toán của bạn. Windows sẽ bắt đầu thông thường (với điều kiện là nó không phải là mật mã).\n\n - Lưu ý là các bước trước đó KHÔNG làm việc nếu hệ thống phân vùng / ổ đĩa được mã hóa (không ai có thể bắt đầu Windows hoặc truy cập mã hóa dữ liệu trên ổ đĩa mà không có mật mã chính xác ngay cả khi người đó làm theo các bước trước đó). \n\n\nLưu ý là ngay cả khi bạn bị mất Đĩa Cứu hộ VeraCrypt của bạn và kẻ tấn công tìm thấy nó, họ sẽ không thể giải mã các phân vùng hệ thống hoặc ổ đĩa mà không có mật mã chính xác. - Dự bị thử nghiệm đã hoàn thành - Dự bị thử nghiệm đã được hoàn tất thành công.\n\nCẢNH BÁO: Xin lưu ý là nếu cung cấp điện bị gián đoạn đột ngột trong khi mã hóa dữ liệu hiện có tại chỗ, hoặc khi hệ điều hành bị hỏng do lỗi phần mềm hoặc trục trặc phần cứng trong khi VeraCrypt đang mã hóa dữ liệu hiện có tại chỗ, các phần của dữ liệu sẽ bị hỏng hoặc bị mất. Vì vậy, trước khi bắt đầu mã hóa, hãy chắc chắn rằng bạn đã sao lưu dự phòng dữ liệu mà bạn muốn mã hóa. Không thôi, xin sao lưu các tập tin ngay bây giờ (bạn có thể nhấn Hoãn, Sao lưu các tập tin, sau đó chạy VeraCrypt lại bất cứ lúc nào, và chọn 'Hệ thống'> 'Tiếp tục lại quá trình bị gián đoạn' để bắt đầu mã hóa). \n\nKhi đã sẵn sàng, nhấn Mã hóa để bắt đầu mã hóa. - Bạn có thể nhấn vào Tạm dừng hoặc Trì hoãn bất cứ lúc nào để gây ngăn cản quá trình mã hóa hay giải mã, đi ra thuật này, khởi động lại hoặc tắt máy điện toán của bạn, và sau đó tiếp tục lại quá trình, mà sẽ tiếp tục từ chổ nó đã được ngừng lại. Để ngăn cản suy giảm khi hệ thống hoặc các ứng dụng viết hoặc đọc dữ liệu từ hệ thống ổ đĩa, tự động VeraCrypt đợi cho đến khi dữ liệu được viết hoặc đọc (xem Status trên) và sau đó tiếp tục tự động mã hóa hoặc giải mã. - \n\nBạn có thể nhấn vào Tạm dừng hoặc Trì hoãn bất cứ lúc nào để gây cắt đứt quá trình mã hóa, xuất khỏi thuật này, khởi động lại hoặc tắt máy điện toán của bạn, và sau đó tiếp tục lại quá trình, mà sẽ tiếp tục từ chổ nó đã ngừng lại. Lưu ý là tập đĩa không thể được gắn kết cho đến khi nó đã được mã hóa hoàn toàn. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hệ Thống Ẩn đã bắt đầu - Hệ thống gốc - Windows cấu tạo (thường, không cần sự hiểu biết hoặc sự đồng ý của bạn) các loại tập tin ghi bản, các tập tin tạm thời, v.v., trên phân vùng hệ thống. Nó cũng giúp để cho phần RAM được yên nghỉ và các tập tin phân trang nằm trên phân vùng hệ thống. Do đó, nếu một đối phương đã phân tích các tập tin được lưu trữ trên phân vùng mà hệ thống ban đầu (trong đó hệ thống ẩn là một bản sao) cư trú, họ có thể tìm hiểu, ví dụ như rằng bạn đã sử dụng thuật VeraCrypt ở trạng thái cấu tạo hệ thống ẩn, (mà có thể cho biết sự tồn tại của một hệ điều hành ẩn trên máy điện toán của bạn).\n\nĐể ngăn ngừa các vấn đề như vậy, VeraCrypt sẽ, trong các bước kế tiếp, an toàn xóa toàn bộ nội dung của phân vùng mà hệ thống ban đầu cư trú. Sau đó, để đạt được từ chối được chính đáng, bạn sẽ cần phải cài đặt một hệ thống mới trên phân vùng đó và mã hóa nó. Vì vậy bạn sẽ cấu tạo các hệ thống nghi trang và toàn bộ quá trình cấu tạo của hệ điều hành ẩn sẽ được hoàn thành. - Hệ điều hành ẩn đã được cấu tạo thành công. Tuy nhiên, trước khi bạn có thể bắt đầu sử dụng nó (và được sự từ chối được chính đáng), bạn cần phải xóa một cách an toàn (sử dụng VeraCrypt) toàn bộ nội dung của phân vùng nơi hệ điều hành đang chạy được cài đặt. Trước khi có thể làm điều đó, bạn cần phải khởi động lại máy điện toán, và trong màn hình Bộ tải Khởi nạp VeraCrypt (xuất hiện trước khi bắt đầu Windows), nhập mật mã chứng thực tiền khởi động cho hệ điều hành ẩn. Sau đó, sau khi hệ thống ẩn bắt đầu, thuật VeraCrypt sẽ được đưa ra tự động.\n\nLưu ý: Nếu bạn chọn để chấm dứt quá trình cấu tạo hệ điều hành ẩn bây giờ, bạn sẽ không thể tiếp tục lại quá trình và hệ thống ẩn sẽ không thể truy cập được (bởi vì các Bộ tải Khởi nạp VeraCrypt sẽ được gỡ bỏ). - Bạn có dự kiến quá trình cấu tạo của một hệ điều hành ẩn. Quá trình này đã chưa được hoàn thành. Để hoàn thành nó, bạn cần phải khởi động lại máy điện toán, và trong màn hình Bộ tải Khởi nạp VeraCrypt (xuất hiện trước khi bắt đầu Windows), nhập mật mã cho hệ điều hành ẩn.\n\nLưu ý: Nếu bạn chọn để chấm dứt quá trình cấu tạo hệ điều hành ẩn bây giờ, bạn sẽ không thể tiếp tục lại quá trình. - Khởi động lại máy điện toán và tiến hành - Vĩnh viễn chấm dứt quá trình cấu tạo hệ điều hành ẩn - Không làm gì cả bây giờ và hỏi lại sau - \nNẾU ĐƯỢC, XIN IN VĂN BẢN NÀY (nhấn vào 'In' dưới đây).\n\n\nSử dụng Đĩa Cứu hộ VeraCrypt Khi nào và Như thế nào (Sau khi Mã hóa)\n----------------------------------------------------------------------\n\n - I. Làm thế nào để khởi động Đĩa Cứu hộ VeraCrypt\n\nĐể khởi động một Đĩa Cứu hộ VeraCrypt, hãy bỏ nó vào ổ đĩa CD/DVD và khởi động lại máy điện toán của bạn. Nếu màn hình Đĩa Cứu hộ VeraCrypt không xuất hiện (hoặc nếu bạn không nhìn thấy mục "Tùy chọn Sửa chữa 'trong phần' Điều khiển Bàn phím' của màn hình), có thể là BIOS của bạn được cấu hình để thử khởi động từ đĩa cứng trước khi CD/DVD chạy. Nếu đó là một trường hợp, khởi động lại máy điện toán của bạn, nhấn F2 hoặc Xóa (ngay sau khi bạn thấy màn hình BIOS bắt đầu-lên), và đợi cho đến khi một màn hình cấu hình BIOS xuất hiện. Không thôi có màn hình cấu hình BIOS xuất hiện, khởi động lại (đặt lại) lại máy điện toán và bắt đầu nhấn F2 hoặc Xóa liên tục ngay sau khi bạn khởi động lại (reset) máy điện toán. Khi một màn hình cấu hình BIOS xuất hiện, cấu hình BIOS để khởi động từ CD/DVD ổ đĩa trước (để có hướng dẫn làm như thế nào, xin tham khảo tài liệu cho BIOS của bạn / bo mạch chủ hoặc liên hệ với ban hỗ trợ kỹ thuật từ nhà cung cấp máy điện toán của bạn để được trợ giúp). Sau đó khởi động lại máy điện toán của bạn. Các màn hình Đĩa Cứu hộ VeraCrypt sẽ xuất hiện ngay bây giờ. Lưu ý: Trong màn hình Đĩa Cứu hộ VeraCrypt, bạn có thể chọn 'Tùy chọn Sửa chữa' bằng cách nhấn F8 trên bàn phím.\n\n\n - II. Sử dụng Đĩa Cứu hộ VeraCrypt khi nào và như thế nào(Sau khi Mã Hóa)\n\n - 1) Nếu màn hình Bộ tải Khởi nạp VeraCrypt không xuất hiện sau khi bạn khởi động máy điện toán (hoặc nếu Windows không khởi động), Bộ tải Khởi nạp VeraCrypt có thể bị tổn hại. Đĩa Cứu hộ VeraCrypt cho phép bạn khôi phục lại nó và do đó để lấy lại quyền truy cập vào hệ thống mã hóa và dữ liệu của bạn (tuy nhiên, lưu ý là bạn vẫn sẽ phải nhập đúng mật mã sau đó). Trong màn hình trên Đĩa Cứu hộ, chọn "Tùy chọn Sửa chữa '>' Khôi phục Bộ tải Khởi nạp VeraCrypt’. Sau đó nhấn 'Y' để xác nhận động tác, loại bỏ Đĩa Cứu hộ từ đĩa CD/DVD và khởi động lại máy điện toán của bạn.\n\n - 2) Nếu bạn liên tục nhập đúng mật mã nhưng VeraCrypt cho biết mật mã là không đúng, khóa chính hoặc các dữ liệu quan trọng khác có thể bị tổn hại. Đĩa Cứu hộ VeraCrypt cho phép bạn khôi phục lại chúng và do đó để lấy lại quyền truy cập vào hệ thống mã hóa và dữ liệu của bạn (tuy nhiên, lưu ý là bạn vẫn sẽ phải nhập đúng mật mã sau đó). Trong màn hình trên Đĩa Cứu hộ chọn "Sửa chửa tùy chọn '>' Khôi phục dữ liệu quan trọng’. Sau đó nhập mật mã của bạn, nhấn 'Y' để xác nhận, loại bỏ các đĩa giải từ đĩa CD/DVD của bạn, và khởi động lại máy điện toán của bạn.\n\n - 3) Nếu Bộ tải Khởi nạp VeraCrypt bị tổn hại, bạn có thể tránh chạy nó bằng cách khởi nạp trực tiếp từ Đĩa Cứu hộ VeraCrypt. Bỏ Đĩa Cứu hộ của bạn vào đĩa CD/DVD ổ đĩa và sau đó nhập mật mã của bạn trong màn hình trên Đĩa Cứu hộ.\n\n - 4) Nếu Windows bị tổn hại và không thể bắt đầu, Đĩa Cứu hộ VeraCrypt cho phép bạn vĩnh viễn giải mã phân vùng / đĩa trước khi Windows khởi động. Trong màn hình trên Đĩa Cứu hộ chọn ‘Tùy chọn Sửa chữa’>’ Vĩnh Viễn giải mã phân vùng/ổ đĩa hệ thống‘. Xin nhập đúng mật mã và chờ cho đến khi giải mã được hoàn tất. Sau đó, bạn có thể ví như, khởi động thiết lập đĩa CD/DVD của MS Windows để sửa chữa cài đặt Windows của bạn.\n\n - Lưu ý: Ngoài ra, nếu Windows bị hư tổn hại (không thể bắt đầu) và bạn cần phải sửa chữa nó (hoặc truy cập các tập tin vào đó), bạn có thể tránh được giải mã hệ thống phân vùng / ổ đĩa bằng cách làm theo các bước sau: Nếu bạn có nhiều hệ điều hành được cài đặt trên máy điện toán của bạn, khởi động một máy mà không cần chứng thực tiền khởi động. Nếu bạn không có nhiều hệ điều hành được cài đặt trên máy điện toán của bạn, bạn có thể khởi động một WinPE hoặc BartPE CD/DVD hoặc bạn có thể kết nối ổ đĩa hệ thống của bạn như một ổ đĩa thứ cấp hay bên ngoài tới một máy điện toán khác và sau đó khởi động hệ điều hành được cài đặt trên máy điện toán. Sau khi bạn khởi động một hệ thống, chạy VeraCrypt, nhấn vào ‘Chọn Thiết bị', chọn phân vùng hệ thống bị ảnh hưởng, nhấn vào 'OK', chọn 'Hệ thống'> 'Mount không cần Pre-Boot Authentication’, nhập mật mã chứng thực tiền khởi động của bạn và bấm vào' OK '. Phân vùng sẽ được gắn kết như là một tập đĩa thường xuyên VeraCrypt (dữ liệu sẽ được on-the-fly giải mã / mã hóa trong RAM ngày truy cập, như thường lệ). n\n\n - Lưu ý là ngay cả khi bạn bị mất Đĩa Cứu hộ VeraCrypt của bạn và một kẻ tấn công tìm thấy nó, họ sẽ không thể giải mã các phân vùng hệ thống hoặc ổ đĩa mà không có mật mã chính xác - \n\nQUAN TRỌNG – XIN IN văn bản NÀY NẾU CÓ THỂ (nhấn vào 'In' dưới đây).\n\n\nLưu ý: văn bản này sẽ được tự động hiển thị mỗi khi bạn khởi động hệ thống ẩn cho đến khi bạn bắt đầu cấu tạo hệ thống nghi trang.\n\n\n\n - Làm thế nào để cấu tạo hệ thống Nghi trang một cách an toàn và baỏ mật \n ----------------------------------------------------------------------------\n\n Để đạt được sự từ chối chính đáng, bạn cần phải cấu tạo hệ điều hành nghi trang bây giờ. Để làm như vậy, hãy làm theo các bước sau:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Cài đặt Windows trên phân vùng mà nội dung đã được xoá hoàn toàn (tức là trên phân vùng mà hệ thống ban đầu, trong đó hệ thống ẩn là một bản sao, đã được cài đặt).\n\nQUAN TRỌNG: Khi bạn bắt đầu cài đặt nghi trang SYSTEM, HỆ THỐNG ẨN SẼ *KHÔNG* có khả năng khởi động (bởi vì Bộ tải Khởi nạp VeraCrypt sẽ được xoá bỏ bởi cài đặt hệ thống Windows). Điều này là thông thường và dự kiến. Xin đừng lo lắng. Bạn sẽ có thể khởi động Hệ ẩn trở lại ngay khi BẠN START mã hoá nghi trang SYSTEM (vì VeraCrypt sau đó sẽ tự động cài đặt Bộ tải Khởi nạp VeraCrypt trên ổ đĩa hệ thống)\n\nQuan Trọng: Kích cỡ của phân vùng hệ thống nghi trang phải vẫn giữ giống như như kích thước của tập đĩa ẩn (tình trạng này nay đã gặp). Hơn nữa, bạn không phải cấu tạo bất kỳ phân vùng nào giữa các phân vùng hệ thống nghi trang và phân vùng mà hệ thống ẩn ở đó.\n\n - 3) Khởi động hệ thống nghi trang (mà bạn đã caì đặt trọng bước 2 và cai đặt VeraCrypt ở đó).\n\n Hảy nhớ rằng hệ thống nghi trang không bao giờ được chứa bất kỳ dữ liệu nhay cảm.\n\n - 4) Trên hệ thống nghi trang, chạy VeraCrypt và chọn 'Hệ thống'> 'Mã hóa hệ thống phân vùng / ổ’. Các cửa sổ VeraCrypt Tập đĩa Creation Wizard sẽ xuất hiện.\n\nNhững bước sau đây áp dụng cho Thuật Cấu tạo Tập đĩa VeraCrypt.\n\n - 5) Trong Thuật Cấu tạo Tập Đĩa VeraCrypt, ĐỪNG chọn tùy chọn ‘Ẩn’. Chọn tùy chọn 'Thông thường' và nhấn vào 'Kế tiếp'.\n\n - 6) Chọn tùy chọn 'Mã Hóa phân vùng hệ thống Windows' và sau đó nhấn vào 'Kế tiếp'.\n\n - 7) Nếu chỉ có hệ thống ẩn và hệ thống nghi trang cài đặt trên máy điện toán, chọn tùy chọn 'Single-khởi động (nếu có nhiều hơn hai hệ thống được cài đặt trên máy điện toán, chọn 'Đa-khởi động '). Sau đó nhấn vào 'Kế tiếp'.\n\n - 8) QUAN TRỌNG: Trong bước này, CHO HỆ THỐNG nghi trang, bạn phải chọn CÙNG thuật toán mã hóa VÀ thuật toán HASH mà bạn chọn CHO HỆ THỐNG ẨN! Không thôi, HỆ THỐNG ẨN SẼ không thể được truy cập! Nói cách khác, hệ thống nghi trang phải được mã hóa với thuật toán mã hóa như hệ thống ẩn. Lưu ý: Lý do là hệ thống nghi trang và hệ thống ẩn sẽ chia xẻ một Bộ tải Khởi nạp đơn độc, mà nó chỉ hỗ trợ một thuật toán đơn độc, được lựa chọn bởi người sử dụng (đối với mỗi thuật toán, có một phiên bản đặc biệt của Bộ tải Khởi nạp VeraCrypt).\n\n - 9) Trong bước này, chọn một mật mã cho hệ điều hành nghi trang. Đây sẽ là mật mã mà bạn sẽ có thể tiết lộ cho người đối phương một khi bạn được yêu cầu hoặc bị buộc phải tiết lộ mật mã chứng thực tiền khởi động (mật mã khác mà bạn có thể tiết lộ là một trong những tập đĩa bên ngoài). Sự tồn tại của mật mã thứ ba (tức là mật mã chứng thực tiền khởi động cho hệ điều hành ẩn) sẽ vẫn bí mật.\n\nQuan trọng: Mật mã mà bạn chọn cho hệ thống nghi trang phải khác nhiều từ một trong những mà bạn đã chọn cho các tập đĩa ẩn (ví dụ cho hệ điều hành ẩn).\n\n - 10) Theo các hướng dẫn còn lại trong trình thuật để mã hóa các hệ điều hành nghi trang.\n\n\n\n - Sau khi Hệ thống Nghi trang được cấu tạo\n ------------------------------------------------\n\nSau khi bạn mã hóa hệ thống nghi trang, toàn bộ quá trình cấu tạo hệ điều hành ẩn sẽ được hoàn thành và bạn sẽ có thể sử dụng ba mật mã này:\n\n1) Mật mã chứng thực tiền khởi động cho hệ điều hành ẩn.\n\n2) Mật mã chứng thực tiền khởi động cho hệ điều hành nghi trang.\n\n3) Mật mã cho tập đĩa bên ngoài. - Nếu bạn muốn bắt đầu hệ điều hành ẩn, bạn chỉ cần nhập mật mã cho hệ điều hành ẩn trong màn hình Bộ tải Khởi nạp VeraCrypt (xuất hiện sau khi bạn bật hoặc khởi động lại máy điện toán của bạn).\n\nNếu bạn muốn bắt đầu hệ điều hành nghi trang, bạn chỉ cần nhập mật mã cho hệ điều hành nghi trang trong màn hình Bộ tải Khởi nạp VeraCrypt.\n\n Mật mã cho hệ thống nghi trang. có thể được tiết lộ cho bất cứ ai ép buộc bạn để lộ mật mã chứng thực tiền khởi động. Sự tồn tại của tập đĩa ẩn (và của hệ điều hành ẩn) sẽ vẫn là bí mật.\n\n - Mật mã thứ ba (cho tập đĩa bên ngoài) có thể được tiết lộ cho bất cứ ai ép buộc bạn để lộ mật mã cho phân vùng đầu tiên phía sau phân vùng hệ thống, nơi mà cả hai tập đĩa bên ngoài và tập đĩa ẩn (có chứa hệ điều hành ẩn) cư trú. Sự tồn tại của khối lượng ẩn (và của hệ điều hành ẩn) sẽ vẫn được giữ bí mật.\n\n\n - Nếu bạn tiết lộ mật mã cho hệ thống nghi trang với đối phương một và anh ta hỏi bạn tại sao phần tự do của hệ thống phân vùng nghi trang chứa dữ liệu ngẫu nhiên, bạn có thể trả lời, ví dụ: "Các phân vùng trước đây có một hệ thống mã hóa của VeraCrypt, nhưng tôi quên mật mã chứng thực tiền khởi động (hoặc hệ thống bị tổn hại và ngừng khởi động), do đó, tôi đã phải cài đặt lại Windows và mã hóa các phân vùng một lần nữa."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - Cảnh báo: NẾU BẠN KHÔNG BẢO VỆ TẬP ĐĨA ẨN (để có hướng dẫn làm như thế nào, tham khảo phần "Bảo vệ của những Tập đĩa ẩn chống thiệt hại" trong Hướng dẫn cho Người dùng của VeraCrypt), ĐỪNG VIẾT VÀO TẬP ĐĨA bên ngoài (lưu ý là hệ điều hành nghi trang không được cài đặt trong tập đĩa bên ngoài). Không thôi, bạn CÓ THỂ ghi đè lên và làm hư hỏng TẬP ĐĨA ẨN (VÀ HỆ THỐNG HOẠT ĐỘNG ẩn trong nó)! - Hệ điều hành Sao y - Trong các bước kế tiếp, VeraCrypt sẽ cấu tạo hệ điều hành ẩn bằng cách sao chép nội dung của phân vùng hệ thống thành tập đĩa ẩn (dữ liệu đã được sao chép sẽ được mã hóa ở bộ phận fly với một khoá mật mã khác với hệ sẽ được sử dụng cho các hệ thống hoạt động nghi trang).\n\nXin lưu ý là quá trình này sẽ được thực hiện trong môi trường tiền khởi động (trước khi bắt đầu Windows) và nó có thể mất một thời gian dài để hoàn thành; vài giờ hoặc thậm chí vài ngày (tùy thuộc vào kích cỡ của hệ thống phân vùng và về hiệu suất của máy điện toán của bạn).\n\n Bạn sẽ có thể làm gián đoạn quá trình,. tắt máy, khởi động hệ điều hành và sau đó tiếp tục lại quá trình. Tuy nhiên, nếu bạn làm gián đoạn nó, toàn bộ quá trình sao chép hệ thống sẽ phải bắt đầu từ đầu (vì nội dung của phân vùng hệ thống không phải thay đổi trong quá trình sao y). - Bạn có muốn hủy bỏ toàn bộ quá trình sáng tạo của hệ điều hành ẩn?\n\nLưu ý: Bạn sẽ không thể tiếp tục lại quá trình nếu bạn hủy bỏ nó ngay bây giờ. - Bạn có muốn hủy bỏ hệ thống mã hóa thử trước? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - Các phân vùng/ổ đĩa hệ thống dường như không được mã hóa (một phần hoặc hoàn toàn). - Phân vùng/ổ đĩa hệ thống của bạn được mã hóa (một phần hoặc hoàn toàn). \n\nXin giải mã phân vùng/ổ đĩa hệ thống của bạn hoàn toàn trước khi tiến hành. Để làm như vậy, hãy chọn 'Hệ thống'> 'Vĩnh viễn Giải mã Phân vùng/Ổ đĩa Hệ thống' từ thanh trình đơn của cửa sổ VeraCrypt chính. - Khi phân vùng/ổ đĩa hệ thống được mã hóa (một phần hoặc hoàn toàn), bạn không thể hạ cấp VeraCrypt xuống (nhưng bạn có thể nâng cấp hoặc cài đặt một phiên bản giống vậy lại). - Phân vùng/ổ đĩa hệ thống của bạn đang được mã hóa, giải mã, hoặc bằng không sửa đổi. Xin gián đoạn quá trình mã hóa/giải mã/sửa đổi (hoặc chờ cho đến khi nó được hoàn tất) trước khi tiến hành. - Một thực thể của Trợ lý Cấu tạo Tập đĩa VeraCrypt hiện đang chạy trên hệ thống này và đang thực hiện hoặc chuẩn bị mã hóa/giải mã phân vùng/ổ đĩa hệ thống. Trước khi bạn tiếp hành, xin chờ cho nó chấm dứt hoặc đóng nó lại. Nếu bạn không thể đóng nó lại, hãy khởi động lại máy vi tính của bạn trước khi tiếp tục. - Quá trình mã hóa hay giải mã phân vùng/ổ đĩa hệ thống chưa được hoàn tất. Xin chờ cho đến khi nó được hoàn tất trước khi tiếp tục. - Lỗi: Quá trình mã hóa của phân vùng/ổ đĩa chưa được hoàn tất. Nó phải được hoàn tất trước tiên. - Lỗi: Quá trình mã hóa của phân vùng/tập đĩa chưa được hoàn tất. Nó phải được hoàn tất trưóc tiên.\n\nLưu ý: Để tiếp tục lại quá trình, hãy chọn 'Tập đĩa'> 'Tiếp tục lại Quá trình bị Gián đoạn’ từ thanh trình đơn của cửa sổ chính của VeraCrypt. - Mật mã là đúng, VeraCrypt đã giải mã thành công tiêu đề tập đĩa và phát hiện ra rằng tập đĩa này là một tập đĩa hệ thống ẩn. Tuy nhiên, bạn không thể sửa đổi tiêu đề của một tập đĩa hệ thống ẩn theo cách này.\n\nĐể thay đổi mật mã cho một tập đĩa hệ thống ẩn, khởi động hệ điều hành đang ở tại tập đĩa ẩn, và sau đó chọn 'Hệ thống'> 'Thay đổi mật mã’ từ thanh trình đơn của cửa sổ chính của VeraCrypt.\n\nĐể thiết lập thuật toán dẫn xuất tiêu đề chính, khởi động hệ điều hành ẩn và sau đó chọn 'Hệ thống'> 'Thiết lập thuật toán dẫn xuất khóa tiêu đề. - VeraCrypt không hỗ trợ giải mã tại chỗ của một phân vùng hệ thống ẩn.\n\nLưu ý: Nếu bạn muốn giải mã các phân vùng hệ thống nghi trang, khởi động hệ thống nghi trang, và sau đó chọn 'Hệ thống'> 'Vĩnh viễn Giải mã Phân vùng/Ổ đĩa Hệ thống' từ thanh trình đơn của cửa sổ chính của VeraCrypt. - Lỗi: Tham số sai/không hợp lệ. - Bạn đã lựa chọn một phân vùng hoặc một thiết bị nhưng phương thức trợ lý bạn lựa chọn chỉ phù hợp cho các chổ chứa tập tin.\n\nBạn có muốn thay đổi phương thức trợ lý không? - Thay vì vậy, bạn có muốn cấu tạo một bộ chứa tập tin của VeraCrypt không? - Bạn đã lựa chọn các phân vùng/ổ đĩa hệ thống (hoặc phân vùng khởi động), nhưng phương thức trợ lý bạn lựa chọn chỉ thích hợp cho phân vùng/ổ đĩa vô hệ.\n\nBạn có muốn thiết lập chứng thực tiền khởi động (có nghĩa là bạn sẽ cần phải bỏ vào mật mã của bạn mỗi lần trước khi - Bạn có chắc bạn muốn vĩnh viễn giải mã phân vùng/ổ đĩa hệ thống? - LƯU Ý: Nếu bạn thường giải mã phân vùng/ổ đĩa hệ thống, dữ liệu không được mã hóa sẽ được ghi vào nó. \n\nBạn có thực sự chắc chắn muốn vĩnh viễn giải mã hệ thống phân vùng/ổ đĩa? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Cảnh báo: Nếu bạn sử dụng một thác của thuật toán mã hóa cho hệ thống mã hóa, bạn có thể gặp phải các vấn đề sau:\n\n1) Bộ tải Khởi nạp VeraCrypt lớn hơn thông thường và, do đó, không có đủ chổ trong phần đường đầu tiên của ổ đĩa cho sự sao lưu Bộ tải Khởi nạp VeraCrypt. Vì vậy, bất cứ khi nào nó bị tổn hại (mà thường xảy ra, ví dụ như, trong những qúa trình kích hoạt chống sao chép lậu được thiết kế một cách không thích hợp của những chương trình nhất định), bạn sẽ cần phải sử dụng Đĩa Cứu hộ VeraCrypt để khởi nạp hoặc để sửa chữa Bộ tải Khởi nạp VeraCrypt.\n\n2) Trên một số máy vi tính, sẽ cần thời gian lâu hơn để tiếp tục lại sự ngưng hoạt động.\n\nNhững vấn đề tiềm năng này có thể được phòng ngừa bằng cách chọn một thuật toán mã hóa phi-thác (ví dụ như AES).\n\n Bạn có chắc bạn muốn sử dụng một thác của thuật toán mã hóa? - Nếu bạn gặp bất kỳ vấn đề nào được mô tả trước đây, giải mã phân vùng/ổ đĩa (nếu nó được mã hóa) và sau đó thử mã hóa nó một lần nữa bằng cách dùng một thuật toán mã hóa phi-thác (ví dụ như AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - Số phiên bản của Bộ nạp Khởi động của VeraCrypt mà đã khởi động hệ điều hành này khác với số phiên bản của trình điều khiển VeraCrypt (và các ứng dụng của VeraCrypt) được cài đặt trên hệ thống này.\n\n Bạn nên cho chạy trình cài đặt VeraCrypt (mà số phiên bản giống như cái của Bộ nạp Khởi động của VeraCrypt) để cập nhật VeraCrypt trên hệ điều hành này. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - Bộ nạp Khởi động của VeraCrypt đã được nâng cấp.\n\nCực lực khuyên bạn nên cấu tạo một Đĩa Cứu hộ VeraCrypt mới (mà sẽ có chứa phiên bản mới của Bộ nạp Khởi động của VeraCrypt) bằng cách chọn 'Hệ thống' > 'Cấu tạo Đĩa Cứu hộ' sau khi bạn khởi động máy điện toán của bạn lại. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Không nâng cấp Bộ nạp Khởi động của VeraCrypt được. - VeraCrypt không phát hiện được kích cỡ thật sự của ổ đĩa hệ thống và vì vậy, kích cỡ được báo cáo bởi hệ điều hành (có thể nhỏ hơn kích cỡ thật sự) sẽ được dùng. Cũng lưu ý là đây không phải là lỗi trong VeraCrypt. - CẢNH BÁO: Dường như là VeraCrypt đã thử phát hiện các khu bị dấu trong ổ đĩa hệ thống này. Nếu bạn gặp phải bất cứ vấn đề nào trong quá trình phát hiện trước đây thì bạn có thể tránh những vấn đề này bằng cách bỏ qua việc phát hiện các khu bị dấu bây giờ. Lưu ý là nếu bạn làm thế thì VeraCrypt sẽ sử dụng kích cỡ được báo cáo bởi hệ điều hành (có thể nhỏ hơn kích cỡ thật sự của ổ đĩa).\n\nLưu ý là vấn đề này không phải do lỗi trong VeraCrypt gây ra. - Bỏ qua việc phát hiện các khu bị dấu (sử dụng kích cỡ được báo cáo bởi hệ điều hành) - Thử phát hiện các khu bị dấu lần nữa - Lỗi: Nội dung của một hoặc nhiều khu trên đĩa không đọc được (có lẽ vì đĩa hư).\n\nQuá trình mã hóa tại chỗ chỉ có thể tiếp tục khi các khu được làm cho đọc được lại. VeraCrypt có thể thử làm cho các khu này đọc được bằng cách viết những số không vào các khu này (sau đó các khối toàn bằng số không này sẽ được mã hóa). Tuy nhiên, lưu ý là bất cứ dữ liệu nào được cất giữ trong các khu không đọc được sẽ bị mất đi. Nếu bạn muốn tránh chuyện đó thì bạn có thể thử phục hồi một phần của dữ liệu bị hư bằng các công cụ thích hợp của những hãng khác.\n\nLưu ý: Trong trường hợp các khu bị tổn hại (thay vì chỉ là dữ liệu bị hư và tổng kiểm có lỗi) đa số các loại thiết bị cất giữ tự phân phối lại các khu khi dữ liệu được viết vào chúng (thế thì dữ liệu đã có trong các khu bị tổn hại có thể vẫn không được mã hóa trong ổ đĩa).\n\nBạn có muốn VeraCrypt viết các số không vào những khu không đọc được không? - Lỗi: Nội dung của một hoặc nhiều khu trên đĩa không đọc được (có lẽ vì đĩa hư).\n\nĐể có thể tiến hành việc giải mã, VeraCrypt sẽ phải bỏ nội dung của các khu không đọc được (nội dung sẽ được thay thế với dữ liệu ngẫu nhiên giả). Xin lưu ý là trước khi tiến hành, bạn có thể thử phục hồi một phần của bất cứ dữ liệu bị hư nào bằng các công cụ thích hợp của những hãng khác.\n\nBạn có muốn VeraCrypt bỏ những dữ liệu trong các khu không đọc được bây giờ không? - Lưu ý: VeraCrypt đã thay thế nội dung của %I64d khu không đọc được (%s) với các khối chữ thường toàn bằng số không được mã hóa. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Nhập vào mật mã/PIN cho hiệu bài '%s': - Để cho phép VeraCrypt truy cập một hiệu bài bảo mật hoặc thẻ smart, bạn cần cài đặt một thư viện nhu liệu của PKCS #11 cho hiệu bài hoặc thẻ smart trước. Một thư viện như thế có thể được cung cấp với thiết bị hoặc nó có sẵn để tải xuống từ trang web của nhà sản xuất hoặc những hãng khác.\n\nSau khi bạn cài đặt thư viện, bạn có thể tự chọn nó bằng cách nhấn 'Chọn Thư viện' hoặc bạn có thể để VeraCrypt tự động tìm và chọn nó bằng cách nhấn 'Tự động-Phát hiện Thư viện' (chỉ có thư mục hệ thống của Windows sẽ được kiếm). - Lưu ý: Để biết tên tập tin và vị trí của thư viện của PKCS #11 được cài đặt cho hiệu bài bảo mật hoặc thẻ smart của bạn, xin tham khảo tài liệu hướng dẫn được cung cấp với hiệu bài, thẻ, hoặc nhu liệu của hãng khác.\n\nNhấn 'OK' để chọn đường dẫn và tên tập tin. - Để cho phép VeraCrypt truy cập một hiệu bài bảo mật hoặc thẻ smart, bạn cần chọn một thư viện nhu liệu của PKCS #11 cho hiệu bài/thẻ trước. Để làm thế, chọn 'Các thiết lập' > 'Các Hiệu bài Bảo mật'. - Không khởi động thư viện của hiệu bài bảo mật cho PKCS #11 được.\n\nXin đảm bảo đường dẫn và tên tập tin được ghi rõ ám chỉ một thư viện hợp lệ của PKCS #11. Để ghi rõ đường dẫn và tên tập tin cho một thư viện của PKCS #11, chọn 'Các thiết lập' > 'Các Hiệu bài Bảo mật'. - Không tìm được thư viện của PKCS #11 nào trong thư mục hệ thống của Windows.\n\nXin đảm bảo một thư viện của PKCS #11 cho hiệu bài bảo mật của bạn (hoặc cho thẻ smart của bạn) được cài đặt (một thư viện như thế có thể được cung cấp với hiệu bài/thẻ hoặc nó có sẵn để tải xuống từ trang web của nhà sản xuất hoặc những hãng khác). Nếu nó được cài đặt trong một thư mục khác hơn là thư mục hệ thống của Windows, nhấn 'Chọn Thư viện' để kiếm thư viện (ví dụ trong thư mục nơi mà nhu liệu cho hiệu bài/thẻ được cài đặt). - Không tìm được hiệu bài bảo mật.\n\nXin đảm bảo hiệu bài bảo mật của bạn được nối vào máy điện toán của bạn và trình điều khiển thiết bị đúng cho hiệu bài của bạn được cài đặt. - Không tìm được tập tin khóa của hiệu bài bảo mật. - Một tập tin khóa của hiệu bài bảo mật cùng tên đã có rồi. - Bạn có muốn xóa các tập tin được chọn không? - Đường dẫn đến tập tin khóa của hiệu bài bảo mật không hợp lệ. - Lỗi của hiệu bài bảo mật - Mật mã cho hiệu bài bảo mật không đúng. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - Tất cả các phiên chạy của hiệu bài bảo mật đã được đóng. - Chọn các Tập tin khóa của Hiệu bài Bảo mật - Rãnh - Tên hiệu bài - Tên tập tin - QUAN TRỌNG: Xin lưu ý là những mật mã chứng thực tiền khởi động luôn luôn được gõ bằng bố trí bàn phím tiêu chuẩn Hoa Kỳ. Vì vậy, một tập đĩa sử dụng một mật mã gõ bằng bất cứ bố trí bàn phím nào khác có thể không thể nào được nạp lên bằng một mật mã chứng thực tiền khởi động (lưu ý là đây không phải là lỗi trong VeraCrypt). Để cho phép một tập đĩa được nạp lên bằng một mật mã chứng thực tiền khởi động, làm theo các bước sau:\n\n1) Nhấn 'Chọn Tập tin' hoặc 'Chọn Thiết bị' và chọn tập đĩa.\n2) Chọn 'Các tập đĩa' > 'Thay đổi Mật mã của Tập đĩa'.\n3) Nhập vào mật mã hiện tại của tập đĩa.\n 4) Thay đổi bố trí bàn phím thành Anh văn (Hoa Kỳ) bằng cách nhấn vào biểu tượng của thanh Ngôn ngữ trong thanh tác vụ của Windows và chọn 'EN Anh văn (Hoa Kỳ).\n5) Trong VeraCrypt, trong trường cho mật mã mới, gõ mật mã chứng thực tiền khởi động.\n6) Xác nhận mật mã mới bằng cách gõ nó lại trong trường xác nhận và nhấn 'OK'.\nCẢNH BÁO: Hãy ghi nhớ rằng nếu bạn làm theo các bước này, mật mã của tập đĩa sẽ luôn luôn phải được gõ bằng bố trí bàn phím Hoa Kỳ (chỉ được tự động đảm bảo trong môi trường tiền khởi động). - Tập đĩa hệ thống được chuộng sẽ được nạp lên bằng cách dùng mật mã chứng thực tiền khởi động. Nếu bất cứ tập đĩa hệ thống được chuộng sử dụng một mật mã khác, nó sẽ không được nạp lên. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - QUAN TRỌNG: Hãy ghi nhớ rằng nếu tùy chọn này được bật lên và VeraCrypt không có quyền quản lý, tập đĩa hệ thống được chuộng đã nạp lên KHÔNG được hiển thị trong cửa sổ ứng dụng VeraCrypt và chúng không thể được tháo xuống. Vì vậy, ví dụ nếu bạn cần tháo một tập đĩa hệ thống được chuộng xuống, xin nhấn phải vào biểu tượng VeraCrypt (trong trình đơn Start) và chọn 'Chạy kiểu Quản lý' trước. Giới hạn giống vậy cũng áp dụng cho chức năng 'Tháo xuống Tất cả', những chức năng 'Tự động-Tháo xuống', các khóa kích hoạt 'Tháo xuống Tất cả', v.v. - Note that this setting takes effect only after the operating system is restarted. - Có lỗi trong khi phân tích cú pháp dòng lệnh. - Đĩa Cứu hộ - Lựa chọn &Tập tin và Nạp lên... - Lựa chọn &Thiết bị và Nạp lên... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Cảnh báo: hệ thống tập tin trên tập đĩa đã nạp lên thành '%s' đã không được tháo xuống sạch sẽ và do đó có thể có lỗi. Sử dụng một hệ thống tập tin bị hỏng có thể làm mất hoặc làm hỏng dữ liệu.\n\nLưu ý: Trước khi bạn có thể gỡ bỏ hoặc tắt đi một thiết bị (như một ổ đĩa USB flash hay một ổ đĩa cứng bên ngoài) nơi một tập đĩa VeraCrypt được nạp lên đang nằm, bạn nên luôn luôn tháo tập đĩa VeraCrypt trong VeraCrypt xuống trước.\n\n\nBạn có muốn Windows thử phát hiện và sửa các lỗi (nếu có) trên hệ thống tập tin không? - Cảnh báo: Một hoặc nhiều tập đĩa hệ thống được chuộng không được tháo xuống sạch sẽ và do đó có thể có lỗi của hệ thống tập tin. Xin xem các ghi bản sự kiện hệ thống để biết thêm chi tiết.\n\nSử dụng một hệ thống tập tin bị hỏng có thể làm mất hoặc làm hỏng dữ liệu. Bạn nên kiểm tra những tập đĩa hệ thống được chuộng bị ảnh hưởng xem có lỗi không (nhấn phải vào từng lỗi trong VeraCrypt và chọn 'Sửa chữa Hệ thống tập tin'). - Cảnh báo: Sửa chữa một hệ thống tập tin bị tổn hại bằng cách dùng công cụ 'chkdsk' của Microsoft có thể làm mất các tập tin ở những vùng bị tổn hại. Vì vậy, trước tiên bạn nên sao lưu các tập tin được cất giữ trong tập đĩa VeraCrypt vào một tập đĩa VeraCrypt tốt khác.\n\nBạn có muốn sửa chữa hệ thống tập tin bây giờ không? - Tập đĩa '%s' đã được nạp kiểu chỉ-đọc lên vì quyền ghi bị từ chối.\n\nXin đảm bảo các quyền bảo mật của bộ chứa tập tin cho phép bạn viết vào nó (nhấn phải vào bộ chứa và chọn Đặc tính > Bảo mật).\n\nLưu ý là do một vấn đề của Windows, bạn có thể thấy cảnh báo này ngay cả sau khi thiết lập các quyền bảo mật thích hợp. Chuyện này không phải do lỗi của VeraCrypt gây ra. Một giải pháp là di chuyển bộ chứa của bạn đến, ví dụ như thư mục 'Documents 'của bạn.\n\nNếu bạn có ý định giữ cho tập đĩa của bạn kiểu chỉ-đọc, đặt các thuộc tính chỉ-đọc của bộ chứa (nhấn phải vào bộ chứa và chọn Đặc tính > Chỉ-đọc), sẽ tắt cảnh báo này. - Tập đĩa '%s' phải được nạp kiểu chỉ-đọc lên vì quyền ghi bị từ chối.\n\nXin đảm bảo rằng không có ứng dụng nào khác (ví dụ như nhu liệu chống vi rút) đang truy cập vào phân vùng/thiết bị nơi mà tập đĩa được tiếp. - Tập đĩa '%s' đã được nạp kiểu chỉ-đọc lên vì hệ điều hành báo cáo thiết bị làm chủ được bảo vệ chống ghi.\n\nXin lưu ý là một số trình điều khiển chipset riêng đã được báo cáo là làm cho các môi trường chứa ghi được nhìn giả giống như được bảo vệ chống ghi. Vấn đề này không phải do VeraCrypt gây ra. Nó có thể được giải quyết bằng cách cập nhật hoặc hủy cài đặt bất cứ trình điều khiển chipset riêng (không phải của Microsoft) hiện đang được cài đặt trên hệ thống này. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Bạn có muốn VeraCrypt thử tắt bảo vệ chống ghi của phân vùng/ổ đĩa không? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Thử nghiệm - Tập tin Khóa - Backspace - Tab - Clear - Enter - Pause - Caps Lock - Spacebar - Page up - Page Down - End - Home - Mũi tên Trái - Mũi tên Lên - Mũi tên Phải - Mũi tên Xuống - Select Key - Print Key - Execute Key - Print Screen - Insert - Xóa - Applications Key - Sleep - Num Lock - Scroll Lock - Browser Back - Browser Forward - Browser Refresh - Browser Stop - Browser Search - Browser Favorites - Browser Home - Mute - Tập đĩa Down - Tập đĩa Up - Phần đường Kế tiếp - Phần đường Previous - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Ứng dụng 1 - Ứng dụng 2 - Attn - CrSel - ExSel - Play - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Hủy + Cài đặt &cho tất cả người dùng + X&em... + Thêm biểu tượng VeraCrypt vào &màn hình + Donate now... + Liên hệ tập tin có &đuôi .hc với VeraCrypt + &Mở vị trí đích khi chấm dứt + Thêm VeraCrypt vào trình đơn &Start + Cấu tạo điểm &Phục hồi Hệ thống + &Hủy cài đặt + &Trích + &Cài đặt + Trợ lý Thiết lập VeraCrypt + Hủy cài đặt VeraCrypt + &Trợ giúp + Xin chọn hoặc gõ vị trí nơi bạn muốn đặt các tập tin được trích: + Xin chọn hoặc gõ vị trí nơi bạn muốn cài đặt các tập tin chương trình của VeraCrypt. Nếu thư mục được điền vào không có thì nó sẽ được tự động cấu tạo. + Nhấn Hủy cài đặt để gỡ bỏ VeraCrypt ra khỏi hệ thống này. + Thoát ra + &Benchmark + &Thử + Cấu tạo tập đĩa được mã hóa và định dạng nó + Mã hóa phân vùng tại chỗ + Hiển thị các khóa được tạo ra(phần của chúng) + Hiển thị nội dung của công chung + Tải nhu liệu thâu CD/DVD xuống + Cấu tạo một bộ chứa tập tin được mã hóa + &GB + &TB + Thêm thông tin + Tập đĩa VeraCrypt được &ẩn + Thêm thông tin về tập đĩa được ẩn + Phương thức trực tiếp + Phương thức thông thường + &KB + X&ử dụng tập tin khóa + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + &Tập tin khóa.. + Thông tin về các thuật toán ước tính + Thêm thông tin về mật mã + Information on PIM + &MB + Thêm thông tin về bộ chứa + Thêm thông tin về hệ thống mã hóa + Thêm thông tin + Khởi động đa hệ + Mã hóa một phân vùng/ổ đĩa vô hệ + Đừng bao giờ &lưu lược sử + Mở tập đĩa bên ngoài + &Tạm dừng + Use P&IM + Use PIM + Định dạng nhanh + &Hiển thị mật mã + &Hiển thị mật mã + &Display PIM + Khởi động đơn hệ + Tập đĩa VeraCrypt chuẩn + Ẩ&n + Thông thường + Mã hóa phân vùng hệ thống hoặc nguyên cả ổ đĩa hệ thống + Mã hóa phân vùng hệ thống của Windows + Mã hóa nguyên cả ổ đĩa + Trợ lý Cấu tạo Tập đĩa VeraCrypt + Cụm + QUAN TRỌNG: Di chuyển con chuột của bạn càng ngẫu nhiên càng tốt trong cửa sổ này. Bạn di chuyển nó càng lâu càng tốt. Việc này gia tăng cường độ mật mã của các khóa mã hóa. Sau đó nhấn Kế tiếp để tiếp tục. + &Xác nhận: + Hoàn tất + Drive letter: + Giải thuật mã hóa + Hệ thống tập tin + Cấu tạo một đĩa được mã hóa ảo bên trong một tập tin. Thích hợp cho người dùng không kinh nghiệm. + Tùy chọn + Thuật toán Ước tính + Khóa Đầu: + Trái + Khóa Chính: + Chọn tùy chọn này nếu có hai hệ điều hành hay nhiều hơn được cài đặt trong máy điện toán này.\n\nVí dụ:\n- Windows XP và Windows XP\n- Windows XP và Windows Vista\n- Windows và Mac OS X\n- Windows và Linux\n- Windows, Linux và Mac OS X + Mã hóa một phân vùng vô hệ trên bất cứ ổ đĩa bên trong hay bên ngoài (ví dụ như một ổ đĩa flash). Cũng có thể cấu tạo một tập đĩa dấu được. + Nội dung gộp chung hiện tại (một phần) + Mật + Mật mã: + Volume PIM: + Volume PIM: + Tiến triển: + Gộp chung Ngẫu nhiên: + Chọn tùy chọn này nếu chỉ có một hệ điều hành được cài đặt trong máy điện toán này (ngay cả nếu nó được dùng bởi nhiều người). + Tốc độ + Trạng thái + Các khóa, muối, và những dữ liệu khác đã được tạo ra. Nếu bạn muốn tạo ra khóa mới thì nhấn Ngược lại và sau đó nhấn Kế tiếp. Không thôi thì nhấn Kế tiếp để tiếp tục. + Mã hóa phân vùng/ổ đĩa nơi mà Windows được cài đặt. Bất cứ ai muốn đưọc truy cập và sử dụng hệ thống, đọc và viết tập tin, v.v. sẽ cần nhập đúng mật mã mỗi lần trước khi Windows khởi động. Cũng có thể cấu tạo một hệ thống dấu được. + Chọn tùy chọn này để mã hóa phân vùng nơi mà hệ điều hành Windows đang chạy hiện tại được cài đặt. + Volume Label in Windows: + Phương thức tẩy: + Đóng + Cho phép bỏ qua &chứng thực tiền khởi động bằng cách bấm phím Esc (bật quản lý khởi động lên) + Không làm gì cả + &Tự-nạp tập đĩa VeraCrypt lên (ghi rõ bên dưới) + &Bắt đầu VeraCrypt + Tự-&Phát hiện Thư viện + &Tạm trữ mật mã chứng thực tiền khởi động trong bộ nhớ của trình điều khiển (để nạp các tập đĩa vô hệ lên) + Duyệt... + Duyệt... + Tạm trữ các mật mã và tập &tin khóa trong bộ nhớ + Thoát ra khi không có tập đĩa nào được nạp lên + &Đóng phiên chạy của hiệu bài (đăng xuất) sau khi một tập đĩa được nạp lên thành công + Include VeraCrypt Volume Expander + Thêm Trợ lý Cấu tạo Tập đĩa VeraCrypt vào + Cấu tạo + Cấu tạo Tập đĩa + Đừng cho thấy bất cứ văn bản nào trong màn ảnh chứng thực tiền khởi động (ngoại trừ thông điệp riêng bên dưới) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Xử dụng tập tin khóa + Xử dụng tập tin khóa + Thoát ra + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Gán + Gỡ bỏ + Tập tin khóa... + Do not use the following number of processors for encryption/decryption: + More information + More information + Thêm Thiết lập... + Các Thiết bị &Tự-Nạp lên + Nạp Tùy &chọn lên... + Nạp tập đĩa kiểu chỉ-đọc lên + Tập tin khóa... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Được bật lên + Tạm trữ mật mã trong bộ nhớ của trình điều khiển + Tự-tháo tập đĩa xuống sau khi không có dữ liệu nào được đọc/viết vào nó trong + Người dùng đăng xuất + User session locked + Đang vào phương thức tiết kiệm năng lượng + Bảo vệ màn hình được khởi chạy + Bắt buộc tự-tháo xuống ngay cả nếu tập đĩa có chứa tập tin hay thư mục còn mở + Nạp tất cả các tập đĩa VeraCrypt có thiết bị làm chủ lên + Bắt đầu Tác vụ Phụ của VeraCrypt + Nạp các tập đĩa kiểu chỉ-đọc lên + Nạp các tập đĩa kiểu môi trường chứa rời được lên + Mở cửa sổ Explorer của tập đĩa được nạp lên thành công + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Xóa mật mã được tạm trữ khi tự-tháo xuống + Xóa mật mã được tạm trữ khi ra khỏi + Duy trì dấu giờ của các bộ chứa tập tin + Đặt lại + Chọn Thiết bị... + Chọn Tập tin... + Chọn &Thư viện... + Hiển thị mật mã + Hiển thị mật mã + Mở cửa sổ &Explorer cho tập đĩa được nạp lên + &Tạm trữ mật mã trong bộ nhớ của trình điều khiển + TrueCrypt Mode + Th&áo Tất cả xuống + Đặc tính của Tập đĩa... + Công cụ của Tập đĩa... + &Tẩy Bộ tạm trữ + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - Các khóa kích hoạt cho Nguyên cả Hệ thống + VeraCrypt + Thay đổi Mật mã hoặc Tập tin khóa + Nhập vào Mật mã của Tập đĩa VeraCrypt + VeraCrypt - Performance and Driver Options + VeraCrypt - Tùy thích + VeraCrypt - Thiết lập Mã hóa Hệ thống + VeraCrypt - Các tùy thích của Hiệu bài Bảo mật + Thiết kế Đĩa Di chuyển của VeraCrypt + Đặc tính của Tập đĩa VeraCrypt + Về... + Thêm/Bỏ Tập tin khóa vào/từ Tập đĩa... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Sao lưu Phần đầu của Tập đĩa... + Tiêu chuẩn... + Đặt Khóa Đầu của Thuật toán Chuyển hóa... + Đổi mật mã của Tập đĩa... + Đặt Khóa Đầu của Thuật toán Chuyển hóa... + Đổi mật mã... + Xóa lược sử của Tập đĩa + Đóng Tất cả các Phiên chạy của Hiệu bài Bảo mật + Liên hệ... + Cấu tạo Hệ điều hành Ẩn... + Cấu tạo Đĩa Cứu hộ... + Cấu tạo Tập đĩa mới... + Permanently Decrypt... + Tập tin khóa Mặc định... + Default Mount Parameters... + Donate now... + Mã hóa Phân vùng Hệ thống/Ổ đĩa... + Câu hỏi thông dụng + Hướng dẫn + Trang chủ + Phím nóng... + Cấu tạo Tập tin khóa + Ngôn ngữ... + Các Lưu ý Pháp lý + Quản lý Các tập tin khóa của Hiệu bài Bảo mật... + Tự-Nạp lên Tất cả các Tập đĩa có Thiết bị làm chủ + Nạp các Tập đĩa được Chuộng lên + Nạp lên mà Không cần &Chứng thực Tiền Khởi động... + Nạp Tập đĩa lên + Nạp Tập đĩa với các Tùy chọn lên + Tin tức + Trợ giúp trực tuyến + Bài học cho người bắt đầu + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Giải mã vĩnh viễn Phân vùng Hệ thống/Ổ đĩa + Sở thích... + Cập nhật các Chữ hiệu Ổ đĩa + Bỏ Tất cả Tập tin khóa ra khỏi Tập đĩa... + Khôi phục Phần đầu của Tập đĩa... + Tiếp tục lại các quá trình bị gián đoạn + Chọn thiết bị... + Chọn tập tin... + Tiếp tục lại các quá trình bị gián đoạn + Mã hóa hệ thống... + Đặc tính... + Thiết lập... + Các Tập đĩa Hệ thống được Chuộng... + Tải xuống + Vectơ Thử nghiệm... + Các Hiệu bài Bảo mật... + Thiết kế Đĩa Di chuyển... + Tháo Tất cả các Tập đĩa xuống + Tháo Tập đĩa xuống + Kiểm tra Đĩa Cứu hộ + Verify Rescue Disk ISO Image + Lịch sử phiên bản + Volume Expander + Đặc tính của Tập đĩa + Trợ giúp Cấu tạo Tập đĩa + Trang Web của VeraCrypt + Tẩy Mật mã được Tạm trữ + Đồng ý + Hardware Acceleration + Phím tắt + Cấu hình Tự chạy (autorun.inf) + Tự-Tháo xuống + Tháo tất cả xuống khi: + Các Tùy chọn của Màn hình Bộ tải Khởi nạp + Xác nhận mật mã: + Hiện tại + Hiển thị thông điệp riêng này trong màn hình chứng thực tiền khởi động (tối đa 24 ký tự): + Tùy chọn của Nạp mặc định + Tùy chọn phím nóng + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + Thiếp lập tập tin + Khóa để giao cho: + Processor (CPU) in this computer supports hardware acceleration for AES: + Hành động cần làm ngay khi đăng nhập vào Windows + phút + Nạp tập đĩa lên thành chữ hiệu ổ đĩa: + Thiết lập Tập đĩa + Mới + Mật mã: + Thread-Based Parallelization + Đường dẫn Thư viện của PKCS #11 + PKCS-5 PRF: + PKCS-5 PRF: + Tạm trữ Mật mã + Tùy chọn bảo mật + Tác vụ Phụ của VeraCrypt + Tập đĩa VeraCrypt để nạp lên (tương quan với gốc của đĩa di chuyển): + Khi chèn đĩa di chuyển vào: + Cấu tạo các tập tin cho đĩa di chuyển tại (thư mục gốc của đĩa di chuyển): + Tập đĩa + Cửa sổ + Thêm đường dẫn... + &Tự-Kiểm Tất cả + Tiếp tục + Giải mã + Xóa + &Mã hóa + &Xuất... + Tạo ra và Lưu lại Tập tin khóa... + &Tạo ra Tập tin khóa Ngẫu nhiên... + Tải về bộ ngôn ngữ + Hardware-accelerated AES: + &Nhập Tập tin khóa vào Hiệu bài... + Thêm tập tin... + X&ử dụng các tập tin khóa + &Các tập tin khóa... + Gỡ bỏ + Gỡ bỏ toàn bộ + Bảo vệ tập đĩa ẩn là gì? + Thêm tin tức về tập tin khóa + Nạp tập đĩa kiểu &môi trường chứa rời được lên + Nạp phân vùng lên bằng cách sử dụng mã hóa hệ thống mà không cần chứng thực tiền khởi động + Parallelization: + Tiêu chuẩn + Trong + &Bảo vệ tập đĩa ẩn khỏi bị tổn hại gây ra bởi viết vào tập đĩa bên ngoài + &Đặt lại + &Hiển thị mật mã + Chèn các Tập tin &Hiệu bài... + Xử dụng sao lưu của phần đầu được gắn vào trong &tập đĩa nếu có sẵn + Phương thức XTS + Về VeraCrypt + VeraCrypt - Tiêu chuẩn Thuật toán Mã hóa + VeraCrypt - Vectơ Thử nghiệm + Trợ giúp dòng lệnh + VeraCrypt - Các tập tin khóa + VeraCrypt - Hàm tạo Tập tin khóa + VeraCrypt - Ngôn ngữ + VeraCrypt - Các tùy chọn để Nạp lên + Các Đặc tính của Tập tin khóa của Hiệu bài Bảo mật Mới + VeraCrypt - Phong phú Công chung Ngẫu nhiên + Chọn lựa Phân vùng hoặc Thiết bị + VeraCrypt + Các tập tin khóa của Hiệu bài Bảo mật + Cần mật mã/PIN của hiệu bài bảo mật + Bộ ngôn ngữ + Tốc độ bị ảnh hưởng bởi độ tải của CPU và các đặc tính của thiết bị chứa.\n\nNhững thử nghiệm này xảy ra ở trong RAM. + Kích cỡ Tăng đệm: + Mật mã: + M&ật khẩu cho tập đĩa ẩn:\n(nếu trống, bộ tạm trữ được dùng) + Bảo vệ Tập đĩa Ẩn + Kích cỡ khóa: + QUAN TRỌNG: Di chuyển con chuột của bạn càng nhiều trong cửa sổ này càng tốt. Bạn làm càng lâu càng tốt. Chuyện này gia tăng rất nhiều sức mã hóa của tập tin khóa. + CẢNH BÁO: Nếu bạn mất một tập tin khóa hoặc nếu bất cứ phần nào trong 1024 kilobytes đầu của nó thay đổi thì sẽ không thể nào nạp lên các tập đĩa nào dùng tập tin khóa được! + bits + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Dịch bởi: + Kích cỡ chữ thường: + bits + Nội dung của công chung hiện tại + Đang pha trộn PRF: + QUAN TRỌNG: Di chuyển con chuột của bạn càng nhiều trong cửa sổ này càng tốt. Bạn làm càng lâu càng tốt. Chuyện này gia tăng sự bảo mật. Khi xong thì nhấn 'Tiếp tục'. + Khóa phụ (hexadecimal) + Hiệu bài bảo mật: + Phương pháp sắp xếp: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Số khối: + Chữ mã hóa (hexadecimal) + Số đơn vị dữ liệu (64-bit hexadecimal, kích cỡ đơn vị dữ liệu là 512 bytes) + Khóa (hexadecimal) + Chữ thô (hexadecimal) + Tên của Tập tin khóa: + Phương thức XTS + Hệ thống + &Tập đĩa + Favor&ites + Công cụ + Thiết lập + Giúp đỡ + Trang chủ + + &Về... + Thuộc tính chỉ-đọc của tập đĩa cũ của bạn không thể thay được. Xin kiểm soát lại các quyền truy cập tập tin. + Lỗi: Truy cập bị từ khước.\n\nPhân vùng mà bạn đang truy cập có chiều dài 0 khu vực, hoặc nó là thiết bị khởi động. + Quản lý + Để nạp trình điều khiển của VeraCrypt lên, bạn cần đăng nhập vào một trương mục có quyền quản lý. + Xin lưu ý là để mã hóa/Giải/định dạng một phân vùng/thiết bị thì bạn cần đăng nhập vào một trương mục có quyền quản lý.\n\nChuyện này không áp dụng với các tập đĩa có tập tin làm chủ. + Để cấu tạo một tập đĩa ẩn bạn cần đăng nhập vào một trương mục có quyền quản lý.\n\nTiếp tục không? + Xin lưu ý là để định dạng tập đĩa theo dạng NTFS bạn cần đăng nhập vào một trương mục có quyền quản lý.\n\nKhông thôi có quyền quản lý, bạn có thể định dạng tập đĩa theo dạng FAT. + Mã hóa được chấp thuận bởi FIPS (Rijndael, phát hành năm 1998) có thể được sử dụng bởi các bộ và cơ quan Hoa Kỳ để bảo vệ những tin tức mật cho đến mức tối mật. 256-bit key, 128-bit block, 14 rounds (AES-256). Phương thức của thao tác là XTS. + Tập đĩa đã được nạp lên rồi. + LƯU Ý: Ít nhất một sự mã hóa hoặc thuật toán ước tính đã không qua được những kiểm tra tự động được đặt!\n\nCài đặt VeraCrypt có thể bị hỏng. + LƯU Ý: Không đủ dữ liệu trong công chung Hàm tạo Số Ngẫu nhiên để cung cấp số lượng dữ liệu ngẫu nhiên được yêu cầu.\n\nBạn không nên tiếp tục thêm nữa. Xin chọn 'Report một Bug' từ trình đơn Help, và báo cáo lỗi này. + Ổ đĩa bị tổn hại (có một phần bị hỏng trong đó) hoặc một đường dây bị tổn hại, hoặc bộ nhớ bị trục trặc.\n\nXin lưu ý đây là một vấn đề với cương liệu của bạn, không phải với VeraCrypt. Vì vậy, xin ĐỪNG báo cáo đây là một lỗi/vấn đề trong VeraCrypt và xin ĐỪNG xin giúp đỡ với chuyện này trong các Diễn đàn của VeraCrypt. Xin liên lạc với ban hỗ trợ kỹ thuật từ nhà cung cấp máy điện toán của bạn để xin giúp đỡ. Cám ơn bạn.\n\nLưu ý: Nếu lỗi xảy ra nhiều lần tại cùng một chỗ thì điều đó rất có thể gây ra bởi một khối đĩa xấu, mà có thể dùng nhu liệu của hãng khác để sửa được (lưu ý là trong nhiều trường hợp, lệnh 'chkdsk /r' không thể sửa nó được vì nó chỉ làm được ở cấp hệ thống tập tin; trong một vài trường hợp, ngay cả công cụ 'chkdsk' cũng không tìm được nó). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Hệ thống của bạn dường như đang dùng các trình điều khiển chipset riêng có chứa một lỗi ngăn cản việc mã hóa toàn bộ ổ đĩa hệ thống.\n\nXin cập nhật hoặc hủy cài đặt bất cứ trình điều khiển chipset riêng (không phải của Microsoft) trước khi tiến hành. Nếu chuyện này không giúp ích được thì thử chỉ mã hóa phân vùng hệ thống thôi. + Ký tự Ổ đĩa không hợp lệ. + Đường dẫn không hợp lệ. + Hủy bỏ + Không thể truy cập thiết bị được. Đảm bảo thiết bị được chọn đã có và không đang được dùng bởi hệ thống. + Cảnh báo: Caps Lock đang bật. Việc này có thể làm cho bạn nhập mật mã không đúng. + Loại Tập đĩa + Chuyện bạn bị người khác buộc nói ra mật mã của một tập đĩa được mã hóa có thể xảy ra. Có nhiều trường hợp bạn không thể từ chối nói ra mật mã (ví dụ như tra tấn). Sử dụng một tập đĩa được gọi là ẩn cho phép bạn giải quyết những trường hợp như thế mà không phải nói ra mật mã cho tập đĩa của bạn. + Chọn tùy chọn này nếu bạn muốn cấu tạo một tập đĩa VeraCrypt thông thường. + Xin lưu ý là nếu bạn muốn một hệ điều hành được cài đặt trong một tập đĩa ẩn có phân vùng-làm chủ thì toàn cả ổ đĩa hệ thống không thể được mã hóa chỉ bằng một khóa đơn độc. + Các Tùy chọn Mã hóa Tập đĩa Bên ngoài + Các Tùy chọn Mã hóa Tập đĩa Ẩn + Tùy chọn mã hóa + CẢNH BÁO: Không dọn sạch được đường dẫn của tập đĩa/tập tin khóa được chọn (được nhớ bởi bộ chọn tập tin)! + Lỗi: Bộ chứa đã bị ép lại ở cấp hệ thống tập tin. VeraCrypt không hỗ trợ các bộ chứa bị ép lại (lưu ý là việc ép những dữ liệu được mã hóa lại là vô ích và dư thừa).\n\nXin tắt việc ép bộ chứa lại bằng cách theo những bước sau đây:\n1) Nhấn phải vào bộ chứa trong Windows Explorer (không phải trong VeraCrypt).\n2) Chọn 'Đặc tính'.\n3) Trong hộp thoại 'Đặc tính', nhấn 'Cấp cao'.\n4) Trong hộp thoại 'Thuộc tính Cấp cao', tắt tùy chọn 'Ép nội dung lại để tiết kiệm chỗ trống trong đĩa' và nhấn 'OK'.\n5) Trong hộp thoại 'Đặc tính', nhấn 'OK'. + Không cấu tạo tập đĩa %s được + Kích cỡ của %s là %.2f bytes + Kích cỡ của %s là %.2f KB + Kích cỡ của %s là %.2f MB + Kích cỡ của %s là %.2f GB + Kích cỡ của %s là %.2f TB + Kích cỡ của %s là %.2f PB + CẢNH BÁO: Thiết bị/phân vùng đang được dùng bởi hệ điều hành hoặc các ứng dụng. Định dạng thiết bị/phân vùng có thể làm cho dữ liệu bị hỏng và hệ thống không ổn định.\n\nTiếp tục không? + Cảnh báo: Phân vùng đang được dùng bởi hệ điều hành hoặc các ứng dụng. Bạn nên đóng bất cứ ứng dụng nào có thể đang sử dụng phân vùng này (kể luôn nhu liệu chống vi-rút).\n\nTiếp tục không? + Lỗi: Thiết bị/phân vùng có chứa một hệ thống tập tin mà không thể tháo xuống được. Hệ thống tập tin có thể đang được dùng bởi hệ điều hành. Định dạng thiết bị/phân vùng sẽ rất có thể làm cho dữ liệu bị hỏng và hệ thống bị bất ổn.\n\nĐể giải quyết vấn đề này, chúng tôi đề nghị trước tiên bạn xóa bỏ phân vùng và sau đó cấu tạo nó lại mà không có định dạng. Để làm thế, theo những bước sau đây:\n1) Nhấn phải vào biểu tượng 'Computer' (hoặc 'My Computer') trong 'Trình đơn Start' và chọn 'Quản lý'. Cửa sổ 'Computer Management' sẽ hiện ra.\n2) Trong cửa sổ 'Computer Management', chọn 'Lưu trữ' > 'Disk Management'.\n3) Nhấn phải vào phân vùng mà bạn muốn mã hóa và chọn 'Xóa Phân vùng', hay 'Xóa Tập đĩa', hay 'Xóa Ổ đĩa theo Lôgic'.\n4) Nhấn 'Có'. Nếu Windows yêu cầu bạn bắt đầu máy lại thì làm vậy. Sau đó, lập lại các bước 1 và 2 và tiếp tục từ bước 5.\n5) Nhấn phải vào khu vực chỗ chưa được phân phối/trống và chọn 'Phân vùng Mới', hay 'Tập đĩa Đơn giản Mới', hay 'Ổ đĩa Lôgic Mới'.\n6) Cửa sổ 'Trợ lý Phân vùng Mới' hay 'Trợ lý Tập đĩa Đơn giản Mới' sẽ hiện ra bây giờ; theo những chỉ dẫn của nó. Trên trang trợ lý mang tựa đề 'Định dạng Phân vùng', chọn 'Đừng định dạng phân vùng này' hay 'Đừng định dạng tập đĩa này'. Trên cùng trợ lý, nhấn 'Kế tiếp' và sau đó 'Kết thúc'.\n7) Lưu ý là đường dẫn thiết bị mà bạn đã chọn trong VeraCrypt bây giờ có thể sai. Vì vậy, ra khỏi Trợ lý Cấu tạo Tập đĩa VeraCrypt (nếu nó vẫn còn chạy) và sau đó bắt đầu lại.\n8) Thử mã hóa thiết bị/phân vùng lại.\n\nNếu VeraCrypt nhiều lần không mã hóa thiết bị/phân vùng được thì thay vào đó, bạn có thể tính đến chuyện cấu tạo một bộ chứa tập tin. + Lỗi: Hệ thống tập tin không thể được khóa và/hay tháo xuống. Nó có thể đang được dùng bởi hệ thống hoặc các ứng dụng (ví dụ như nhu liệu chống vi rút). Mã hóa phân vùng có thể làm cho dữ liệu bị hỏng và hệ thống không ổn định.\n\nXin đóng bất cứ ứng dụng nào có thể đang dùng hệ thống tập tin (kể luôn nhu liệu chống vi rút) và thử lại. Nếu nó không giúp được thì xin theo những bước bên dưới. + CẢNH BÁO: Một vài thiết bị/phân vùng được nạp lên đã được đang sử dụng!\n\nBỏ mặc chuyện này có thể gây ra những kết quả không mong muốn luôn cả hệ thống không ổn định.\n\nChúng tôi cực lực khuyên bạn nên đóng bất cứ ứng dụng nào có thể dùng những thiết bị/phân vùng này. + Thiết bi được chọn có chứa các phân vùng.\n\nĐịnh dạng thiết bị có thể làm cho hệ thống bất ổn và/hay dữ liệu bị hỏng. Xin chọn một phân vùng trong thiết bị hoặc bỏ hết các phân vùng trong thiết bị để VeraCrypt có thể định dạng nó một cách an toàn. + Thiết bị vô hệ được chọn có chứa các phân vùng.\n\nCác tập đĩa VeraCrypt được mã hóa có thiết bị làm chủ có thể được cấu tạo bên trong các thiết bị không có chứa bất cứ phân vùng nào (kể luôn các đĩa cứng và ổ đĩa thể rắn). Một thiết bị có chứa các phân vùng chỉ có thể được mã hóa toàn bộ tại chỗ (dùng một khóa chính đơn độc) nếu nó là ổ đĩa nơi mà Windows được cài đặt và nơi mà nó khởi động.\n\nNếu bạn muốn mã hóa thiết bị vô hệ được chọn bằng cách dùng một khóa chính đơn độc thì bạn sẽ cần phải gỡ bỏ tất cả các phân vùng trong thiết bị trước để cho VeraCrypt định dạng nó một cách an toàn (định dạng một thiết bị có chứa các phân vùng có thể làm cho hệ thống bất ổn và/hay dữ liệu bị hỏng). Một cách khác, bạn có thể mã hóa mỗi phân vùng trong ổ đĩa riêng biệt nhau (mỗi phân vùng sẽ được mã hóa bằng cách dùng một khóa chính khác nhau).\n\nLưu ý: Nếu bạn muốn gỡ bỏ tất cả các phân vùng khỏi một đĩa GPT, bạn có thể cần phải hoán chuyển nó thành một đĩa MBR (ví dụ như dùng công cụ trong Computer Management) để gỡ bỏ các phân vùng ẩn. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + QUAN TRỌNG: Xin nhớ là tập đĩa này KHÔNG thể nạp lên/truy cập được khi dùng chữ hiệu ổ đĩa %c:, cái mà đang được gán cho nó!\n\nĐể nạp tập đĩa này lên, nhấn 'Auto-Mount Devices' trong cửa sổ chính của VeraCrypt (một cách khác, trong cửa sổ chính của VeraCrypt, nhấn 'Select Device', sau đó chọn phân vùng/thiết bị này, và nhấn 'Mount'). Tập đĩa sẽ được nạp lên một chữ hiệu ổ đĩa khác mà bạn chọn từ danh sách trong cửa sổ chính của VeraCrypt.\n\nChữ hiệu ổ đĩa gốc %c: chỉ nên được dùng trong trường hợp bạn cần bỏ mã hóa ra khỏi phân vùng/thiết bị (ví dụ như nếu bạn không còn cần mã hóa nữa). Trong trường hợp như thế, nhấn phải chữ hiệu ổ đĩa %c: trong danh sách của 'Computer' (hay 'My Computer') và chọn 'Format'. Ngoài ra, chữ hiệu ổ đĩa %c: không nên bao giờ được sử dụng (trừ khi bạn gỡ bỏ nó, như được miêu tả ví dụ như trong FAQ của VeraCrypt, và gán nó vào một phân vùng/thiết bị khác). + Mã hóa tại chỗ các tập đĩa vô hệ không được hỗ trợ trong phiên bản của hệ điều hành mà bạn hiện đang sử dụng (nó chỉ được hỗ trợ trong Windows Vista và các phiên bản sau của Windows).\n\nLý do là phiên bản này của Windows không hỗ trợ việc thu nhỏ một hệ thống tập tin (hệ thống tập tin cần được thu nhỏ để dành chỗ cho phần đầu và bản sao phần đầu của tập đĩa). + Phân vùng được chọn dường như không có chứa một hệ thống tập tin NTFS. Chỉ có những phân vùng có chứa một hệ thống tập tin NTFS mới có thể được mã hóa tại chỗ.\n\nLưu ý: Lý do là Windows không hỗ trợ việc thu nhỏ những loại hệ thống tập tin khác (hệ thống tập tin cần được thu nhỏ để dành chỗ cho phần đầu và bản sao phần đầu của tập đĩa). + Phân vùng được chọn dường như không có chứa một hệ thống tập tin NTFS. Chỉ có những phân vùng có chứa một hệ thống tập tin NTFS mới có thể được mã hóa tại chỗ.\n\nNếu bạn muốn cấu tạo một tập đĩa VeraCrypt được mã hóa bên trong phân vùng này thì chọn tùy chọn "Cấu tạo tập đĩa được mã hóa và định dạng nó" (thay vì tùy chọn "Mã hóa phân vùng tại chỗ"). + Lỗi: Phân vùng quá nhỏ. VeraCrypt không thể mã hóa nó tại chỗ được. + Để mã hóa dữ liệu trong phân vùng này, xin theo những bước sau đây:\n\n1) Cấu tạo một tập đĩa VeraCrypt trong một phân vùng/thiết bị trống và sau đó nạp nó lên.\n\n2) Chép tất cả tập tin mà ban đầu bạn muốn mã hóa từ phân vùng vào tập đĩa VeraCrypt đã được nạp (được cấu tạo và nạp trong bước 1). Cách đó, bạn sẽ cấu tạo một bản sao của dữ liệu được VeraCrypt mã hóa.\n\n3) Cấu tạo một tập đĩa VeraCrypt trong phân vùng mà ban đầu bạn muốn mã hóa và đảm bảo rằng (trong trợ lý của VeraCrypt) bạn chọn tùy chọn " Cấu tạo tập đĩa được mã hóa và định dạng nó" (thay vì tùy chọn "Mã hóa phân vùng tại chỗ"). Lưu ý là tất cả dữ liệu trong phân vùng sẽ bị xóa bỏ. Sau khi tập đĩa được cấu tạo, nạp nó lên.\n\n4) Chép tất cả tập tin từ tập đĩa sao VeraCrypt đã được nạp (được cấu tạo và nạp trong bước 1) vào tập đĩa VeraCrypt được nạp mà đã được cấu tạo (và nạp lên) trong bước 3.\n\nSau khi bạn làm xong những bước này, dữ liệu sẽ được mã hóa và, thêm vào đó, sẽ có một bản sao của dữ liệu được mã hóa. + VeraCrypt chỉ có thể mã hóa tại chỗ một phân vùng, một tập đĩa động, hoặc toàn bộ một ổ đĩa hệ thống.\n\nNếu bạn muốn cấu tạo một tập đĩa VeraCrypt được mã hóa bên trong thiết bị vô hệ được chọn thì chọn tùy chọn "Cấu tạo tập đĩa được mã hóa và định dạng nó" (thay vì tùy chọn "Mã hóa phân vùng tại chỗ "). + Lỗi: VeraCrypt chỉ có thể mã hóa tại chỗ một phân vùng, một tập đĩa động, hoặc toàn bộ một ổ đĩa hệ thống. Xin đảm bảo là đường dẫn được điền rõ có hợp lệ. + Lỗi: Không thể thu nhỏ hệ thống tập tin (hệ thống tập tin cần được thu nhỏ để dành chỗ cho phần đầu và bản sao phần đầu của tập đĩa).\n\nNhững nguyên nhân và giải pháp có thể xảy ra:\n\n- Không đủ chỗ trống trong tập đĩa. Xin đảm bảo là không có ứng dụng nào khác đang viết vào hệ thống tập tin.\n\n- Hệ thống tập tin bị tổn hại. Thử kiểm soát nó và sửa bất cứ lỗi nào (nhấn phải chữ hiệu ổ đĩa tương ứng trong danh sách 'Computer', sau đó chọn Đặc tính > Tools > 'Check Now', đảm bảo là tùy chọn 'Automatically fix tập tin hệ thống errors' được bật lên và nhấn Start).\n\nNếu những bước trên không giúp được gì, xin theo những bước bên dưới. + Lỗi: Không đủ chỗ trống trong tập đĩa và vì thế hệ thống tập đĩa không thể được thu nhỏ (hệ thống tập tin cần được thu nhỏ để dành chỗ cho phần đầu và bản sao phần đầu của tập đĩa).\n\nXin xóa bỏ bất cứ tập tin nào dư thừa và trút bỏ Recycle Bin để có được ít nhất 256 KB chỗ trống và sau đó thử lại. Lưu ý là vì một vấn đề của Windows, số lượng chỗ trống báo bởi Windows Explorer có thể không đúng cho đến khi hệ điều hành được bắt đầu lại. Nếu bắt đầu hệ thống lại không giúp được thì hệ thống tập tin có thể bị tổn hại. Thử kiểm soát nó và sửa bất cứ lỗi nào (nhấn phải chữ hiệu ổ đĩa tương ứng trong danh sách 'Computer', sau đó chọn Đặc tính > Tools > 'Check Now', đảm bảo là tùy chọn 'Automatically fix tập tin hệ thống errors' được bật lên và nhấn Start).\n\nNếu những bước trên không giúp được gì, xin theo những bước bên dưới. + Chỗ trống trên ổ đĩa %s là %.2f bytes. + Chỗ trống trên ổ đĩa %s là %.2f KB + Chỗ trống trên ổ đĩa %s là %.2f MB + Chỗ trống trên ổ đĩa %s là %.2f GB + Chỗ trống trên ổ đĩa %s là %.2f TB + Chỗ trống trên ổ đĩa %s là %.2f PB + Không thể lấy chữ hiệu ổ đĩa có sẵn. + Lỗi: Không tìm được trình điều khiển VeraCrypt.\n\nXin chép các tập tin 'veracrypt.sys' và 'veracrypt-x64.sys' vào thư mục nơi mà ứng dụng chính của VeraCrypt (VeraCrypt.exe) đang nằm. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Lỗi: Sơ khởi mã hóa thất bại. + Lỗi: Một khóa yếu hoặc có thể yếu đã được phát hiện. Khóa này sẽ được bỏ. Xin thử lại lần nữa. + Một lỗi nghiêm trọng đã xảy ra và VeraCrypt phải được chấm dứt. Nếu chuyện này gây ra bởi một lỗi trong VeraCrypt thì chúng tôi muốn sửa nó. Để giúp chúng tôi, bạn có thể gởi cho chúng tôi một báo cáo lỗi được làm tự động có chứa những khoản sau đây:\n\n- Phiên bản của chương trình\n- Phiên bản của hệ điều hành\n- Loại CPU\n- Tên bộ phận của VeraCrypt\n- Tổng kiểm của tập tin thực hiện của VeraCrypt\n- Tên tượng trưng của cửa sổ hộp thoại\n- Loại lỗi\n- Địa chỉ lỗi \n- Cụm gọi của VeraCrypt\n\nNếu bạn chọn 'Có', URL sau đây (which có chứas the toàn bộ error report) sẽ được mở ra trong Internet browser mặc định của bạn.\n\n%hs\n\nBạn có muốn gởi cho chúng tôi báo cáo lỗi bên trên không? + Một lỗi nghiêm trọng đã xảy ra trong hệ thống của bạn nên VeraCrypt cần phải được chấm dứt.\n\nLưu ý là lỗi này không phải do VeraCrypt gây ra (vì vậy những nhà phát triển VeraCrypt không thể sửa nó được). Xin kiểm soát hệ thống của bạn coi có vấn đề không (ví dụ như cấu hình hệ thống, kết nối mạng, các bộ phận phần cứng bị hư). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + Lỗi Nghiêm trọng của VeraCrypt + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + Mã hóa + Giải mã + Giải mã vĩnh viễn + Thoát ra + Xin cấu tạo một ổ đĩa theo lôgic cho phân vùng nới rộng này, và sau đó thử lại. + Một tập đĩa VeraCrypt có thể nằm trong một tập tin (gọi là bộ chứa VeraCrypt), mà có thể nằm trong một đĩa cứng, trong một ổ đĩa nhớ USB, v.v. Một bộ chứa VeraCrypt thì giống như bất cứ tập tin thông thường nào (ví dụ như nó có thể được di chuyển hoặc xóa bỏ như bất cứ tập tin nào). Nhấn 'Chọn Tập tin' để chọn một tập tin cho bộ nhớ và để chọn vị trí nơi mà bạn muốn bộ nhớ được cấu tạo.\n\nCẢNH BÁO: Nếu bạn chọn một tập tin có sẵn, VeraCrypt sẽ KHÔNG mã hóa nó; tập tin sẽ được xóa bỏ và thay thế với bộ chứa VeraCrypt mới được cấu tạo. Bạn sẽ có thể mã hóa những tập tin có sẵn (sau này) bằng cách di chuyển chúng vào bộ chứa VeraCrypt mà bạn sắp cấu tạo bây giờ. + Chọn vị trí của tập đĩa bên ngoài để được cấu tạo (bên trong tập đĩa này, tập đĩa ẩn sẽ được cấu tạo sau này).\n\nMột tập đĩa VeraCrypt có thể nằm trong một tập tin (gọi là bộ chứa VeraCrypt), mà có thể nằm trong một đĩa cứng, trong một ổ đĩa nhớ một USB, v.v. Một bộ chứa VeraCrypt có thể được di chuyển hoặc xóa bỏ như bất cứ tập tin thông thường nào. Nhấn 'Chon Tập tin' để chọn một tập tin cho bộ nhớ và để chọn vị trí nơi mà bạn muốn bộ nhớ được cấu tạo. Nếu bạn chọn một tập tin có sẵn, VeraCrypt sẽ KHÔNG mã hóa nó; nó sẽ được xóa bỏ và thay thế với bộ chứa mới được cấu tạo. Bạn sẽ có thể mã hóa những tập tin có sẵn (sau này) bằng cách di chuyển chúng vào bộ chứa VeraCrypt mà bạn sắp cấu tạo bây giờ. + Các tập đĩa VeraCrypt được mã hóa có thiết bị làm chủ có thể được cấu tạo bên trong các phân vùng của các đĩa cứng, các ổ đĩa thể rắn, các thỏi nhớ USB, và trong các thiết bị chứa được hỗ trợ khác. Các phân vùng cũng có thể được mã hóa tại chỗ.\n\nThêm vào đó, các tập đĩa VeraCrypt được mã hóa có thiết bị làm chủ có thể được cấu tạo bên trong các thiết bị không có chứa bất cứ phân vùng nào (kể luôn các đĩa cứng và ổ đĩa thể rắn).\n\nLưu ý: Một thiết bị có chứa các phân vùng có thể được mã hóa toàn bộ tại chỗ (dùng một khóa đơn độc) nếu nó là ổ đĩa nơi mà Windows được cài đặt và nơi mà nó khởi động. + Một tập đĩa VeraCrypt có thiết bị làm chủ có thể được cấu tạo bên trong một phân vùng của đĩa cứng, ổ đĩa thể rắn, thỏi USB, và các thiết bị chứa khác.\n\nCẢNH BÁO: Lưu ý là phân vùng/thiết bị sẽ được định dạng và tất cả dữ liệu đang được lưu trữ trong đó sẽ bị mất. + \nChọn vị trí của tập đĩa bên ngoài để được cấu tạo (bên trong tập đĩa này, tập đĩa ẩn sẽ được cấu tạo sau này).\n\nCác tập đĩa bên ngoài có thể được cấu tạo bên trong những phân vùng của các đĩa cứng, các ổ đĩa thể rắn, các thỏi nhớ USB, và trong các thiết bị chứa được hỗ trợ khác. Các tập đĩa bên ngoài cũng có thể được cấu tạo bên trong các thiết bị không có chứa bất cứ phân vùng nào (kể luôn các đĩa cứng và ổ đĩa thể rắn).\n\nCẢNH BÁO: Lưu ý là phân vùng/thiết bị sẽ được định dạng và tất cả dữ liệu đang được lưu trữ trong đó sẽ bị mất. + \nChọn vị trí của tập đĩa nơi mà bạn muốn cấu tạo một tập đĩa ẩn trong đó. + CẢNH BÁO: Tập tin chủ/thiết bị đã đang được sử dụng!\n\nPhớt lờ chuyện này có thể gây ra những kết quả không muốn kể luôn sự bất ổn của hệ thống. Tất cả các ứng dụng có thể đang dùng tập tin chủ/thiết bị (ví dụ như các ứng dụng chống vi rút hoặc sao lưu) nên được đóng lại trước khi nạp tập đĩa lên.\n\nTiếp tục nạp lên không? + Lỗi: Không thể nạp tập đĩa lên được. Tập tin chủ/thiết bị đã đang được sử dụng. Thử nạp lên mà không cần truy cập dành riêng cũng thất bại luôn. + Không thể mở tập tin. + Vị trí Tập đĩa + Các Tập tin lớn + Bạn có tính lưu giữ những tập tin lớn hơn 4 GB trong tập đĩa VeraCrypt này không? + Tùy vào sự chọn lựa của bạn bên trên, VeraCrypt sẽ chọn một hệ thống tập tin mặc định thích hợp cho tập đĩa VeraCrypt (bạn sẽ có thể chọn một hệ thống tập tin trong bước kế tiếp). + Vì bạn đang cấu tạo một tập đĩa bên ngoài, bạn nên tính đến chuyện chọn 'Không'. Nếu bạn chọn 'Có', hệ thống tập tin mặc định sẽ là NTFS, mà cái này không thích hợp cho các tập đĩa bên ngoài dùng theo FAT (ví dụ như kích cỡ tối đa có thể được cho tập đĩa ẩn sẽ lớn hơn nhiều nếu tập đĩa bên ngoài được định dạng theo FAT). Thông thường, FAT là mặc định cho cả tập đĩa ẩn và thông thường (vì vậy các tập đĩa FAT không bị nghi ngờ gì). Tuy nhiên, nếu người dùng cho thấy ý định lưu giữ các tập tin lớn hơn 4 GB (mà hệ thống tập tin FAT không cho phép), thì FAT không phải là mặc định. + Bạn có chắc là bạn muốn chọn 'Có' không? + Phương thức cấu tạo Tập đĩa + Đây là cách nhanh nhất để cấu tạo một tập đĩa VeraCrypt có phân vùng làm chủ hoặc có thiết bị làm chủ (mã hóa tại chỗ, một tùy chọn khác, bị chậm hơn vì nội dung của mỗi khu vực phải được đọc trước, mã hóa, và sau đó viết). Bất cứ dữ liệu nào đã được lưu trữ trong phân vùng/thiết bị được chọn sẽ bị mất (dữ liệu sẽ KHÔNG được mã hóa; nó sẽ được viết chòng lên với dữ liệu ngẫu nhiên). Nếu bạn muốn mã hóa dữ liệu có sẵn trong một phân vùng thì chọn tùy chọn khác. + Nguyên cả phân vùng được chọn và tất cả dữ liệu giữ trong đó sẽ được mã hóa tại chỗ. Nếu phân vùng trống thì bạn nên chọn tùy chọn khác (tập đĩa sẽ được cấu tạo nhanh hơn nhiều). + Ghi chú: + Làm tiếp + &Hoãn lại + Bắt đầu + Tiếp tục + Định dạng + &Tẩy + Hủy bỏ định dạng không? + Cho thấy thêm tin tức + Đừng cho thấy cái này nữa + Nội dung của phân vùng/ổ đĩa đã được xóa bỏ thành công. + Nội dung của phân vùng nơi hệ thống gốc (mà hệ ẩn là một bản sao) ở đã được xóa bỏ thành công. + Xin đảm bảo là phiên bản Windows bạn sắp cài đặt (on the tẩyd phân vùng) giống như phiên bản Windows bạn đang cho chạy hiện tại. Chuyện này cần thiết vì cả hai hệ thống sẽ cùng dùng một phân vùng khởi động giống nhau. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + Phân vùng/ổ đĩa hệ thống đã được giải mã thành công. + \n\nTập đĩa VeraCrypt đã được cấu tạo và sẵn sàng để dùng. Nếu bạn muốn cấu tạo một tập đĩa VeraCrypt khác thì nhấn Kế tiếp. Không thôi thì nhấn Thoát ra. + \n\nTập đĩa ẩn VeraCrypt đã được cấu tạo thành công (hệ điều hành ẩn sẽ nằm bên trong tập đĩa ẩn này).\n\nNhấn Kế tiếp để tiếp tục. + Tập đĩa được Hoàn toàn Mã hóa + Volume Fully Decrypted + QUAN TRỌNG: ĐỂ NẠP TẬP ĐĨA VERACRYPT MỚI ĐƯỢC CẤU TẠO NÀY LÊN VÀ ĐỂ TRUY CẬP DỮ LIỆU LƯU TRỮ TRONG NÓ, NHẤN 'Auto-Mount Devices' TRONF CỬA SỔ CHÍNH CỦA VERACRYPT. Sau khi bạn nhập đúng mật mã vào (và/hay cung cấp đúng các tập tin khóa), tập đĩa sẽ được nạp lên chữ hiệu ổ đĩa mà bạn chọn từ danh sách trong cửa sổ chính của VeraCrypt (và bạn sẽ có thể truy cập dữ liệu được mã hóa data qua chữ hiệu ổ đĩa được chọn).\n\nXIN NHỚ HOẶC GHI XUỐNG NHỮNG BƯỚC TRÊN. BẠN PHẢI THEO CHÚNG BẤT CỨ KHI NÀO BẠN MUỐN NẠP TẬP ĐĨA LÊN VÀ TRUY CẬP DỮ LIỆU LƯU GIỮ TRONG NÓ. Một cách khác, trong cửa sổ chính của VeraCrypt, nhấn 'Chọn Thiết bị', sau đó chọn phân vùng/tập đĩa này, và nhấn 'Mount'.\n\nPhân vùng/tập đĩa đã được mã hóa thành công (nó có chứa một tập đĩa VeraCrypt đã được mã hóa toàn bộ bây giờ) và sẵn sàng để dùng. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + Tập đĩa VeraCrypt đã được cấu tạo thành công. + Tập đĩa được Cấu tạo + QUAN TRỌNG: Di chuyển con chuột của bạn càng nhiều trong cửa sổ này càng tốt. Bạn làm càng lâu càng tốt. Chuyện này sẽ gia tăng sức mạnh mã hóa của các khóa mã hóa. Sau đó nhấn Định dạng để cấu tạo tập đĩa. + Nhấn Định dạng để cấu tạo tập đĩa bên ngoài. Để có thêm hướng dẫn, xin tham khảo tài liệu. + Định dạng Tập đĩa Bên ngoài + Định dạng Tập đĩa Ẩn + Định dạng Tập đĩa + Cần có Adobe Reader (hoặc một công cụ tương đương) để xem hoặc in VeraCrypt User's Guide. Adobe Reader (freeware) có thể được tải xuống tại: www.adobe.com\n\nThay vì vậy, bạn có muốn xem tài liệu trên mạng không? + Nếu bạn chọn tùy chọn này, trước tiên trợ lý sẽ giúp bạn cấu tạo một tập đĩa VeraCrypt thông thường và sau đó một tập đĩa VeraCrypt ẩn bên trong nó. Người dùng không kinh nghiệm nên luôn luôn chọn tùy chọn này. + Nếu bạn chọn tùy chọn này, bạn sẽ cấu tạo một tập đĩa ẩn bên trong một tập đĩa VeraCrypt có sẵn. Sẽ cho rằng bạn đã cấu tạo một tập đĩa VeraCrypt thích hợp để chứa tập đĩa ẩn rồi. + Phương thức Cấu tạo Tập đĩa + Tập đĩa Ẩn đã được Cấu tạo + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + Bạn đã bắt đầu hệ điều hành ẩn. Như bạn có thể để ý, hệ điều hành ẩn hình như được cài đặt trong cùng phân vùng với hệ điều hành ban đầu. Tuy nhiên, trên thực tế, nó được cài đặt bên trong phân vùng đằng sau nó (trong tập đĩa ẩn). Tất cả các thao tác đọc và viết đang được vô hình chuyển từ phân vùng hệ thống ban đầu đến tập đĩa ẩn.\n\nCả hệ điều hành lẫn các ứng dụng sẽ không biết là dữ liệu viết vào và đọc từ phân vùng hệ thống thực ra được viết vào và đọc từ phân vùng đằng sau nó (từ/vào một tập đĩa ẩn). Bất cứ dữ liệu nào như thế được mã hóa và giải mã ngay khi cần như thông thường (với một khóa mã hóa khác với cái sẽ được dùng cho hệ điều hành nghi trang).\n\n\nXin nhấn Kế tiếp để tiếp tục. + Tập đĩa bên ngoài đã được cấu tạo và nạp vào ổ đĩa %hc:. Bây giờ bạn nên chép một vài tập tin nhìn có vẻ nhạy cảm mà thật ra bạn KHÔNG muốn dấu vào tập đĩa bên ngoài này. Chúng nó sẽ nằm ở đó cho bất cứ ai buộc bạn phải tiết lộ mật mã của phân vùng đầu tiên sau phân vùng hệ thống, nơi mà cả hai tập đĩa bên ngoài và tập đĩa ẩn (có chứa hệ điều hành ẩn) sẽ nằm đó. Bạn sẽ có thể tiết lộ mật mã của tập đĩa bên ngoài này, và sự hiện diện của tập đĩa ẩn (và của hệ điều hành ẩn) sẽ vẫn được giữ bí mật .\n\nQUAN TRỌNG: Những tập tin bạn chép vào tập đĩa bên ngoài không nên chiếm hơn %s. Không thôi, có thể không đủ chỗ trống trong tập đĩa bên ngoài cho tập đĩa ẩn (và bạn sẽ không thể tiếp tục được). Sau khi bạn chép xong, nhấn Kế tiếp (đừng tháo tập đĩa xuống). + Tập đĩa bên ngoài đã được cấu tạo và nạp vào ổ đĩa %hc:. Bây giờ bạn nên chép một vài tập tin nhìn có vẻ nhạy cảm mà thật ra bạn KHÔNG muốn dấu. Những tập tin sẽ nằm ở đó cho bất cứ ai buộc bạn phải tiết lộ mật mã. Bạn sẽ chỉ tiết lộ mật mã của tập đĩa bên ngoài này thôi, không phải của cái ẩn. Những tập tin mà bạn thật sự lo cho sẽ được lưu trữ trong tập đĩa ẩn, mà sẽ được cấu tạo sau này. Khi bạn chép xong, nhấn Kế tiếp. Đừng tháo tập đĩa xuống.\n\nLưu ý: Sau khi nhấn Kế tiếp, cụm ảnh mảng của tập đĩa bên ngoài sẽ được quét để xác định kích cỡ của khu vực chỗ trống không gián đoạn mà phần cuối của nó trùng với phần cuối của tập đĩa. Khu vực này sẽ chứa tập đĩa ẩn, vì thế nó sẽ giới hạn kích cỡ tối đa có thể được của nó. Quét cụm ảnh mảng đảm bảo là không có dữ liệu nào trong tập đĩa bên ngoài bị viết chòng lên bởi tập đĩa ẩn. + Nội dung Tập đĩa Bên ngoài + \n\nTrong những bước kế tiếp, bạn sẽ thiết lập các tùy chọn cho tập đĩa bên ngoài (nơi mà bên trong đó tập đĩa ẩn sẽ được cấu tạo sau đó). + \n\nTrong những bước kế tiếp, bạn sẽ cấu tạo một tập đĩa VeraCrypt được gọi là bên ngoài bên tromg phân vùng thứ nhất đằng sau phân vùng hệ thống (như đã được giải thích trong một trong các bước trước). + Tập đĩa bên ngoài + Trong những bước sau đây, bạn sẽ đặt những tùy chọn và mật mã cho tập đĩa ẩn, cái mà sẽ chứa hệ điều hành ẩn.\n\nGhi chú: Cụm ảnh mảng của tập đĩa bên ngoài đã được quét để xác định kích cỡ của khu vực chỗ trống không gián đoạn mà phần cuối của nó trùng với phần cuối của tập đĩa bên ngoài. Khu vực này sẽ chứa tập đĩa ẩn, vì thế nó giới hạn kích cỡ tối đa có thể được của nó. Kích cỡ tối đa có thể được của tập đĩa ẩn đã được xác định và xác nhận là lớn hơn kích cỡ của phân vùng hệ thống (cần phải có vì nguyên cả nội dung của hệ thống sẽ cần được chép vào tập đĩa ẩn). Chuyện này đảm bảo là không có dữ liệu nào đang được lưu trữ trong tập đĩa bên ngoài sẽ bị viết chòng lên bởi dữ liệu được viết vào khu vực của tập đĩa ẩn. + QUAN TRỌNG: Xin ghi nhớ những thuật toán mà bạn chọn trong bước này. Bạn sẽ phải chọn những thuật toán giống vậy cho hệ thống nghi trang. Không thôi hệ ẩn sẽ không truy cập được! (Hệ thống nghi trang phải được mã hóa với thuật toán mã hóa giống với hệ ẩn.)\n\nLưu ý: Lý do là hệ thống nghi trang và hệ ẩn sẽ xài chung một bộ tải khởi nạp đơn độc, cái mà chỉ hỗ trợ một thuật toán đơn độc được chọn bởi người sử dụng (cho mỗi thuật toán, có một phiên bản đặc biệt của Bộ tải Khởi nạp của VeraCrypt). + \n\nCụm ảnh mảng của tập đĩa đã được quét và kích cỡ tối đa có thể được của tập đĩa ẩn đã được xác định. Trong những bước kế tiếp bạn sẽ đặt những tùy chọn, kích cỡ, và mật mã cho tập đĩa ẩn. + Tập đĩa Ẩn + Tập đĩa ẩn bây giờ được bảo vệ khỏi bị tổn hại cho đến khi tập đĩa bên ngoài được tháo xuống.\n\nCẢNH BÁO: Nếu bất cứ dữ liệu nào được thử lưu vào khu vực của tập đĩa ẩn, VeraCrypt sẽ bắt đầu bảo vệ chống ghi toàn bộ tập đĩa (cả phần bên ngoài lẫn phần ẩn) cho đến khi nó được tháo xuống. Chuyện này có thể làm cho hệ thống tập tin bị tổn hại trong tập đĩa bên ngoài, mà (nếu tái diễn) sẽ có thể ảnh hưởng bất lợi cho việc phủ nhận có vẻ hợp lý về tập đĩa ẩn. Vì vậy, bạn nên dùng mọi nổ lực tránh viết vào khu vực tập đĩa ẩn. Bất cứ dữ liệu nào đang được lưu vào khu vực tập đĩa ẩn sẽ không được lưu trữ và sẽ bị mất. Windows có thể báo đây là một lỗi viết ("Viết Hoãn lại bị Thất bại" hoặc "Tham số không đúng"). + Mỗi một tập đĩa ẩn bên trong các tập đĩa mới được nạp lên bây giờ được bảo vệ khỏi bị tổn hại cho đến khi được tháo xuống.\n\nCẢNH BÁO: Nếu bất cứ dữ liệu nào được thử lưu vào khu vực của tập đĩa ẩn được bảo vệ của các tập đĩa này, VeraCrypt sẽ bắt đầu bảo vệ chống ghi toàn bộ tập đĩa (cả phần bên ngoài lẫn phần ẩn) cho đến khi nó được tháo xuống. Chuyện này có thể làm cho hệ thống tập tin bị hỏng trong tập đĩa bên ngoài, mà (nếu tái diễn) sẽ có thể ảnh hưởng bất lợi cho việc phủ nhận có vẻ hợp lý về tập đĩa ẩn. Vì vậy, bạn nên dùng mọi nổ lực tránh viết vào khu vực tập đĩa ẩn. Bất cứ dữ liệu nào đang được lưu vào khu vực tập đĩa ẩn được bảo vệ sẽ không được lưu trữ và sẽ bị mất. Windows có thể báo đây là một lỗi viết ("Viết Hoãn lại bị Thất bại" hoặc "Tham số không đúng"). + CẢNH BÁO: Dữ liệu đã được thử lưu vào khu vực của tập đĩa ẩn của tập đĩa được nạp vào %c:! VeraCrypt đã ngăn cản những dữ liệu này được lưu trữ để bảo vệ tập đĩa ẩn. Chuyện này có thể làm hệ thống tập tin bị hỏng trong tập đĩa bên ngoài và Windows có thể báo một lỗi viết ("Viết Hoãn lại bị Thất bại" hoặc "Tham số không đúng"). Toàn bộ tập đĩa (cả phần bên ngoài lẫn phần ẩn) sẽ được bảo vệ chống ghi cho đến khi nó được tháo xuống. Nếu đây không phải là lần đầu tiên VeraCrypt ngăn cản dữ liệu được lưu vào khu vực của tập đĩa ẩn của tập đĩa này, việc phủ nhận có vẻ hợp lý về tập đĩa ẩn có thể bị ảnh hưởng bất lợi (vì có thể có sự mâu thuẩn bất thường bên trong hệ thống tập tin của tập đĩa bên ngoài). Vì vậy, bạn nên tính đến chuyện cấu tạo một tập đĩa VeraCrypt mới (với Quick Format được tắt) và dời các tập tin từ tập đĩa này sang tập đĩa mới; tập đĩa này nên được xóa tẩy một cách an toàn (cả phần bên ngoài lẫn phần ẩn). Chúng tôi cực lực khuyên bạn bắt đầu hệ điều hành lại bây giờ. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + Vì những lý do bảo mật, khi một hệ điều hành ẩn đang chạy, các tập đĩa ẩn chỉ có thể được cấu tạo bằng phương thức 'trực tiếp' (vì các tập đĩa bên ngoài phải luôn được nạp kiểu chỉ-đọc lên). Để cấu tạo một tập đĩa ẩn một cách an toàn, theo những bước sau đây:\n\n1) Khởi động hệ thống nghi trang.\n\n2) Cấu tạo một tập đĩa VeraCrypt thông thường và chép vào tập đĩa này một vài tập tin nhìn có vẻ nhạy cảm mà thật ra bạn KHÔNG muốn dấu, (tập đĩa sẽ trở thành tập đĩa bên ngoài).\n\n3) Khởi động hệ ẩn và bắt đầu Trợ lý Cấu tạo Tập đĩa VeraCrypt. Nếu tập đĩa được tập tin làm chủ thì dời nó qua phân vùng hệ thống hoặc qua một tập đĩa ẩn khác (không thôi, tập đĩa ẩn mới được cấu tạo sẽ được nạp kiểu chỉ-đọc và không thể được định dạng). Theo những chỉ dẫn trong trợ lý để chọn phương thức cấu tạo tập đĩa ẩn 'trực tiếp'.\n\n4) Trong trợ lý, chọn tập đĩa bạn đã cấu tạo trong bưóc 2 và sau đó theo những chỉ dẫn để cấu tạo một tập đĩa ẩn bên trong nó. + Vì những lý do bảo mật, khi một hệ điều hành ẩn đang chạy, những hệ thống tập tin được giải mã và các tập đĩa VeraCrypt vô ẩn cục bộ được nạp kiểu chỉ-đọc lên (dữ liệu không thể được viết vào những hệ thống tập tin hoặc các tập đĩa VeraCrypt như thế).\n\nDữ liệu được phép viết vào bất cứ hệ thống tập tin nào nằm bên trong một tập đĩa VeraCrypt ẩn (miễn là tập đĩa ẩn không được đặt trong một bộ chứa lưu trữ trong một hệ thống tập tin được giải mã hoặc bất cứ hệ thống tập tin chỉ-đọc nào khác). + Có ba lý do chính tại sao những biện pháp phòng chống như thế đã được thực hiện:\n\n- Nó cho phép sự cấu tạo của một nền tảng an toàn để nạp các tập đĩa ẩn VeraCrypt lên. Lưu ý là chúng tôi chính thức khuyên rằng các tập đĩa ẩn chỉ được nạp lên khi một hệ điều hành ẩn đang chạy. (Để có thêm tin tức, xem phần phụ 'Những Yêu cầu và Đề phòng Bảo mật Liên quan đến những Tập đĩa Ẩn' trong tài liệu.)\n\n- Trong một vài trường hợp, có thể xác định rằng, ở một thời điểm nào đó, một hệ thống tập tin cá biệt đã không được nạp dưới (hoăc một tập tin cá biệt trong hệ thống tập tin đã không được lưu hay truy cập từ bên trong) một thể hiện cá biệt của một hệ điều hành (ví dụ như bằng cách phân tích và so sánh những ký sự của hệ thống tập tin, những dấu giờ của tập tin, những ghi bản của các ứng dụng, những ghi bản các lỗi, v.v.). Chuyện này có thể cho thấy một hệ điều hành ẩn được cài đặt trong máy. Những biện pháp phòng chống ngăn cản những vấn đề này.\n\n- Nó ngăn cản việc làm hư dữ liệu và cho phép sự vô động an toàn. Khi Windows tiếp tục lại từ sự vô động, nó cho rằng tất cả các hệ thống tập tin đã được nạp lên nằm trong tình trạng giống như khi hệ thống vào trạng thái vô động. VeraCrypt đảm bảo việc này bằng cách bảo vệ viết bất cứ hệ thống tập tin nào có thể truy cập được từ bên trong cả hệ nghi trang lẫn hệ ẩn. Không sự bảo vệ như thế, hệ thống tập tin có thể trở nên bị hỏng khi được nạp lên bởi một hệ thống trong lúc hệ thống kia đang vô động. + Lưu ý: Nếu bạn cần chuyển các tập tin một cách an toàn từ hệ thống nghi trang sang hệ thống ẩn, theo những bước sau đây:\n1) Bắt đầu hệ thống nghi trang.\n2) Lưu những tập tin vào một tập đĩa được giải mã hoặc vào một tập đĩa VeraCrypt bên ngoài/thông thường.\n3) Bắt đầu hệ ẩn.\n4) Nếu bạn đã lưu những tập tin vào một tập đĩa VeraCrypt, nạp nó lên (nó sẽ được tự động nạp lên kiểu chỉ-đọc).\n5) Chép những tập tin vào phân vùng hệ thống ẩn phân vùng hoặc vào một tập đĩa ẩn khác. + Máy của bạn phải được bắt đầu lại.\n\nBạn có muốn bắt đầu nó lại bây giờ không? + Có lỗi xảy ra khi đang lấy tình trạng mã hóa hệ thống. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Không thể sơ khởi các bộ phận của ứng dụng cho việc mã hóa hệ thống. + Không sơ khởi hàm tạo ra các số ngẫu nhiên được! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Không thể sơ khởi ứng dụng được. Không đăng ký hạng Hộp thoại được. + Lỗi: Không nạp thư viện hệ thống Rich Edit được. + Trợ lý Cấu tạo Tập đĩa VeraCrypt + Kích cỡ tối đa có thể xài được cho tập đĩa ẩn trong tập đĩa này là %.2f bytes. + Kích cỡ tối đa có thể xài được cho tập đĩa ẩn trong tập đĩa này là %.2f KB. + Kích cỡ tối đa có thể xài được cho tập đĩa ẩn trong tập đĩa này là %.2f MB. + Kích cỡ tối đa có thể xài được cho tập đĩa ẩn trong tập đĩa này là %.2f GB. + Kích cỡ tối đa có thể xài được cho tập đĩa ẩn trong tập đĩa này là %.2f TB. + Mật mã/tập tin khóa không thể được thay đổi trong lúc tập đĩa đang được nạp lên. Xin tháo tập đĩa xuống trước. + Khóa đầu của thuật toán chuyển hóa không thể được thay đổi trong lúc tập đĩa đang được nạp lên. Xin tháo tập đĩa xuống trước. + &Nạp lên + Cần có một phiên bản mới của VeraCrypt để nạp tập đĩa này lên. + Lỗi: Không tìm được Trợ lý Cấu tạo Tập đĩa.\n\nXin đảm bảo là tập tin 'VeraCrypt Format.exe' có trong thư mục nơi mà 'VeraCrypt.exe' được khởi chạy. Không thôi có thì xin cài đặt VeraCrypt lại, hoặc tìm 'VeraCrypt Format.exe' trong đĩa của bạn và cho nó chạy. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Kế tiếp > + &Kết thúc + &Cài đặt + R&út ra + Không thể nối vào trình điều khiển thiết bị của VeraCrypt. VeraCrypt không thể làm việc được nếu trình điều khiển thiết bị không đang chạy.\n\nXin lưu ý là vì một vấn đề của Windows, có thể cần phải đăng xuất hoặc bắt đầu hệ thống lại trước khi trình điều khiển cí thể được nạp lên. + Có lỗi xảy ra khi đang nạp/chuẩn bị các kiểu chữ. + Không tìm được chữ hiệu ổ đĩa hoặc không có chữ hiệu ổ đĩa nào được xác định. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Chữ hiệu ổ đĩa không có sẵn. + Không có tập tin nào được chọn! + Không có chữ hiệu ổ đĩa nào có sẵn. + Không có chữ hiệu ổ đĩa nào trống cho tập đĩa bên ngoài! Cấu tạo tập đĩa không thể tiếp tục. + Không thể định được phiên bản hệ điều hành của bạn hoặc bạn đang sử dụng một hệ điều hành không được hỗ trợ. + Không có đường dẫn nào được chọn! + Không có đủ chỗ trống cho tập đĩa ẩn! Cấu tạo tập đĩa không thể tiếp tục. + Lỗi: Những tập tin bạn đã chép vào tập đĩa bên ngoài chiếm quá nhiều chỗ. Vì vậy, không còn đủ chỗ trống trong tập đĩa bên ngoài cho tập đĩa ẩn.\n\nLưu ý là tập đĩa ẩn phải lớn bằng phân vùng hệ thống (phân vùng nơi mà hệ điều hành hiện đang chạy được cài đặt). Lý do là hệ điều hành ẩn cần được cấu tạo bằng cách chép nội dung của phân vùng hệ thống phân vùng vào tập đĩa ẩn.\n\n\nQuá trình cấu tạo hệ điều hành ẩn không thể tiếp tục. + Trình điều khiển không thể tháo tập đĩa xuống được. Một vài tập tin nằm trong tập tin có thể vẫn còn đang được mở. + Không thể khóa tập đĩa được. Vẫn còn có các tập tin đang được mở trong tập đĩa. Vì thế nó không thể được tháo xuống. + VeraCrypt không thể khóa tập đĩa được vì nó đang được sử dụng bởi hệ thống hoặc các ứng dụng (có thể có các tập tin đang được mở trong tập đĩa).\n\nBạn có muốn buộc tháo tập đĩa xuống không? + Chọn một Tập đĩa VeraCrypt + Xác định Đường dẫn và Tên Tập tin + Chọn Thư viện PKCS #11 + Hết bộ nhớ + QUAN TRỌNG: Chúng tôi cực lực khuyên rằng những người sử dụng ít kinh nghiệm nên cấu tạo một bộ chứa tập tin VeraCrypt trong thiết bị/phân vùng được chọn, thay vì thử mã hóa toàn bộ thiết bị/phân vùng.\n\nKhi bạn cấu tạo một bộ chứa tập tin VeraCrypt (thay vì mã hóa một thiết bị hoặc phân vùng) thì sẽ không có rủi ro hủy bỏ một số lượng lớn tập tin. Lưu ý là một bộ nhớ tập tin VeraCrypt (ngay cả khi nó có chứa một đĩa mã hóa ảo) thật ra giống như bất cứ tập tin thông thường khác. Để có thêm tin tức, xem chương Bài tập cho Người bắt đầu trong Hướng dẫn cho Người dùng của VeraCrypt.\n\nBạn có chắc là bạn muốn mã hóa toàn bộ thiết bị/phân vùng không? + CẢNH BÁO: Tập tin '%s' đã có sẵn!\n\nQUAN TRỌNG: VERACRYPT SẼ KHÔNG MÃ HÓA TẬP TIN, NHƯNG NÓ SẼ XÓA BỎ NÓ. Bạn có chắc là bạn muốn xóa bỏ tập tin và thay thế nó với một bộ nhớ VeraCrypt mới không? + CHÚ Ý: TẤT CẢ CÁC TẬP TIN ĐANG ĐƯỢC GIỮ TRONG %s '%s'%s ĐƯỢC CHỌN SẼ BỊ XÓA BỎ VÀ MẤT ĐI (CHÚNG SẼ KHÔNG ĐƯỢC MÃ HÓA)!\n\nBạn có chắc là bạn muốn tiến hành với định dạng không? + CẢNH BÁO: Bạn sẽ không thể nạp tập đĩa lên hoặc truy cập bất cứ tập tin nào được giữ trong nó cho đến khi nó được hoàn toàn mã hóa.\n\nBạn có chắc là bạn muốn bắt đầu mã hóa %s '%s'%s được chọn không? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + CẢNH BÁO: Xin lưu ý là nếu nguồn điện bị gián đoạn đột ngột trong lúc mã hóa dữ liệu tại chỗ, hoặc khi hệ điều hành sụp đổ vì một lỗi của nhu liệu hoặc cương liệu bị trục trặc trong lúc VeraCrypt đang mã hóa dữ liệu tại chỗ, vài phần của dữ liệu sẽ bị hỏng hay mất. Vì vậy, trước khi bạn bắt đầu mã hóa, xin đảm bảo là bạn có bản sao của các tập tin bạn muốn mã hóa.\n\nBạn có một bản sao như thế không? + CHÚ Ý: BẤT CỨ TẬP TIN NÀO ĐANG ĐƯỢC GIỮ TRONG PHÂN VÙNG '%s'%s (NGHĨA LÀ TRONG PHÂN VÙNG ĐẦU TIÊN ĐẰNG SAU PHÂN VÙNG HỆ THỐNG) SẼ BỊ XÓA BỎ VÀ MẤT ĐI (CHÚNG SẼ KHÔNG ĐƯỢC MÃ HÓA)!\n\nBạn có chắc là bạn muốn tiến hành với định dạng không? + CẢNH BÁO: PHÂN VÙNG ĐƯỢC CHỌN CÓ CHỨA MỘT SỐ LƯỢNG DỮ LIỆU LỚN! Bất cứ tập tin nào được giữ trong phân vùng sẽ bị xóa bỏ và mất đi (chúng sẽ KHÔNG được mã hóa)! + Xóa bỏ bất cứ tập tin nào được giữ trong phân vùng bằng cách cấu tạo một tập đĩa VeraCrypt bên trong nó + Mật mã + PIM + Đặt Khóa Đầu của Thuật toán Chuyển hóa + Thêm/Bỏ các Tập tin khóa vào/ra khỏi Tập đĩa + Bỏ Tất cả các Tập tin khóa ra khỏi Tập đĩa + Mật mã và/hay tập tin khóa được thay đổi thành công.\n\nQUAN TRỌNG: Xin đảm bảo bạn có đọc phần 'Thay đổi Mật mã và Tập tin khóa' trong chương 'Yêu cầu và Đề phòng Bảo mật' trong Hướng dẫn cho Người dùng của VeraCrypt. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + QUAN TRỌNG: Nếu bạn đã không hủy bỏ Đĩa Cứu hộ VeraCrypt của bạn, hệ thống phân vùng/ổ đĩa của bạn vẫn có thể được giải mã khi dùng mật mã cũ (bằng cách khởi động Đĩa Cứu hộ VeraCrypt và nhập vào mật mã cũ). Bạn nên cấu tạo một Đĩa Cứu hộ VeraCrypt mới và sau đó hủy bỏ cái cũ.\n\nBạn có muốn cấu tạo một Đĩa Cứu hộ VeraCrypt mới không? + Lưu ý là Đĩa Cứu hộ VeraCrypt của bạn vẫn còn dùng thuật toán trước đó. Nếu bạn cho là thuật toán trước đó không an toàn thì bạn nên cấu tạo một Đĩa Cứu hộ VeraCrypt mới và sau đó hủy bỏ cái cũ.\n\nBạn có muốn cấu tạo một Đĩa Cứu hộ VeraCrypt mới không? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + (Các) tập tin khóa được thêm vào/bỏ ra thành công. + Tập tin khóa được xuất. + Khóa đầu của thuật toán chuyển hóa được đặt thành công. + Xin nhập mật mã và/hay (các) tập tin khóa vào cho tập đĩa vô hệ nơi mà bạn muốn tiếp tục lại quá trình mã hóa tại chỗ.\n\n\nGhi chú: Sau khi bạn nhấn Kế tiếp, VeraCrypt sẽ thử tìm tất cả các tập đĩa vô hệ nơi mà quá trình mã hóa đã bị gián đoạn và nơi mà phần đầu tập đĩa VeraCrypt có thể được giải mã khi dùng mật mã và/hay (các) tập tin khóa được cung cấp. Nếu nhiều hơn một tập đĩa như thế được tìm, bạn sẽ cần chọn một trong những cái đó trong bước kế tiếp. + Xin chọn một trong các tập đĩa được liệt kê. Danh sách có chứa mọi tập đĩa vô hệ có thể truy cập được nơi mà quá trình mã hóa đã bị gián đoạn và phần đầu của chúng có thể được giải mã khi dùng mật mã và/hay (các) tập tin khóa được cung cấp. + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + Chọn một mật mã tốt là điều rất quan trọng. Bạn nên tránh chọn cái mà chỉ có chứa một chữ đơn độc mà có thể tìm trong tự điển (hoặc là một kết hợp của 2, 3, or 4 chữ như thế). Nó không nên chứa bất cứ tên hoặc ngày sinh nào cả. Nó không dễ đoán được. Một mật mã tốt là một kết hợp ngẫu nhiên của chữ hoa và chữ thường, số, và những ký tự đặc biệt như @ ^ = $ * + v.v. Chúng tôi khuyên nên chọn một mật mã có chứa nhiều hơn 20 ký tự (càng dài càng tốt). Chiều dài tối đa có thể được là 64 ký tự. + Xin chọn một mật mã cho tập đĩa ẩn. + Xin chọn một mật mã cho hệ điều hành ẩn (nghĩa là cho tập đĩa ẩn). + QUAN TRỌNG: Mật mã mà bạn chọn cho hệ điều hành ẩn trong bước này phải khác thật nhiều so với hai mật mã khác (nghĩa là, so với mật mã cho tập đĩa bên ngoài và so với mật mã cho hệ điều hành nghi trang). + Xin chọn mật mã cho tập đĩa mà bên trong đó bạn muốn cấu tạo một tập đĩa ẩn.\n\nSau khi bạn nhấn Kế tiếp, VeraCrypt sẽ thử nạp tập đĩa lên. Ngay khi tập đĩa được nạp lên, cụm ảnh mảng của nó sẽ được quét để xác định kích cỡ của khu vực chỗ trống không gián đoạn (nếu có bất cứ cái nào) mà phần cuối của nó trùng với phần cuối của tập đĩa. Khu vực này sẽ chứa tập đĩa ẩn và vì thế sẽ giới hạn kích cỡ tối đa có thể được của nó. Quét cụm ảnh mảng là cần thiết để đảm bảo là không có dữ liệu nào trong tập đĩa bên ngoài sẽ bị viết chòng lên bởi tập đĩa ẩn. + \nXin chọn một mật mã cho tập đĩa bên ngoài. Đây sẽ là mật mã mà bạn sẽ có thể tiết lộ cho một đối phương nếu bạn bị hỏi hoặc bị buộc phải làm thế.\n\nQUAN TRỌNG: Mật mã phải khác thật nhiều so với cái mà bạn sẽ chọn cho tập đĩa ẩn.\n\nLưu ý: Chiều dài tối đa có thể được là 64 ký tự. + Xin chọn một mật mã cho tập đĩa bên ngoài. Đây sẽ là mật mã mà bạn sẽ có thể tiết lộ cho bất cứ ai buộc bạn để lộ ra mật mã cho phân vùng đầu tiên đằng sau phân vùng hệ thống, nơi mà cả hai tập đĩa bên ngoài và tập đĩa ẩn (có chứa hệ điều hành ẩn) sẽ nằm đó. Sự hiện có của tập đĩa ẩn (và của hệ điều hành ẩn) sẽ vẫn bí mật. Lưu ý là mật mã này không phải cho hệ điều hành nghi trang.\n\nQUAN TRỌNG: Mật mã phải khác thật nhiều so với cái mà bạn sẽ chọn cho tập đĩa ẩn (nghĩa là cho hệ điều hành ẩn). + Mật mã cho Tập đĩa Bên ngoài + Mật mã cho Tập đĩa Ẩn + Mật mã cho Hệ Điều hành Ẩn + CẢNH BÁO: Những mật mã ngắn thì dễ bị phá vỡ khi dùng những kỹ thuật lực mạnh!\n\nChúng tôi khuyên nên chọn một mật mã có chứa nhiều hơn 20 ký tự. Bạn có chắc là bạn muốn dùng một mật mã ngắn không? + Mật mã cho Tập đĩa + Mật mã không đúng hoặc không phải là một tập đĩa VeraCrypt. + Tập tin khóa và/hay mật mã không đúng hoặc không phải là một tập đĩa VeraCrypt. + Phương thức nạp sai, mật mã không đúng, hoặc không phải là một tập đĩa VeraCrypt. + Phương thức nạp sai, tập tin khóa và/hay mật mã không đúng, hoặc không phải là một tập đĩa VeraCrypt. + Mật mã không đúng hoặc không tìm được tập đĩa VeraCrypt nào cả. + Tập tin khóa/mật mã không đúng hoặc không tìm được tập đĩa VeraCrypt nào cả. + \n\nCảnh báo: Caps Lock đang bật. Chuyện này có thể làm cho bạn nhập mật mã của bạn không đúng. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + Nếu bạn thử bảo vệ một tập đĩa ẩn có chứa một hệ ẩn thì xin đảm bảo là bạn đang dùng bố trí bàn phím căn bản của Mỹ khi nhập mật mã vào cho tập đĩa ẩn. Việc này cần thiết vì trên thực tế mật mã cần được đánh vào trong môi trường tiền khởi động (trước khi Windows bắt đầu) lúc mà bố trí bàn phím Windows không phải của Mỹ không có sẵn. + VeraCrypt không tìm được bất cứ tập đĩa nào mà sự mã hóa vô hệ đã bị gián đoạn và nơi mà phần đầu tập đĩa có thể được giải mã khi dùng mật mã và/hay (các) tập tin khóa được cung cấp.\n\nXin đảm bảo là mật mã và/hay (các) tập tin đúng và phân vùng/tập đĩa không đang được dùng bởi hệ thống hoặc các ứng dụng (kể luôn cả nhu liệu chống vi rút). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nLưu ý: Nếu bạn thử nạp một phân vùng nằm trong một ổ đĩa hệ thống được mã hóa mà không có chứng thực tiền khởi động hoặc nạp một phân vùng hệ thống được mã hóa của hệ điều hành không đang chạy, bạn có thể làm vậy bằng cách chọn 'Hệ thống' > 'Nạp lên mà Không có Chứng thực Tiền Khởi động'. + Trong phương thức này, bạn không thể nạp lên một phân vùng nằm trong một ổ đĩa mà một phần của nó nằm trong phạm vi chính của việc mã hóa hệ thống hoạt động.\n\nTrước khi bạn có thể nạp phân vùng này trong phương thức này lên, bạn cần khởi động một hệ điều hành được cài đặt trong một ổ đĩa khác (được mã hóa hay không) hoặc khởi động một hệ điều hành không được mã hóa. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + <&Trở lại + Không thể liệt kê những thiết bị thô được cài đặt trong hệ thống của bạn! + Tập đĩa '%s' hiện có, và chỉ-đọc được. Bạn có chắc là bạn muốn thay thế nó không? + Chọn thư mục đích + Chọn Tập tin khóa + Chọn một đường dẫn kiếm của tập tin. CẢNH BÁO: Lưu ý là chỉ có đường dẫn sẽ được nhớ chứ tên tập tin thì không! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Thiết kế bởi Ross Anderson, Eli Biham, và Lars Knudsen. Phát hành năm 1998. 256-bit key, 128-bit block. Phương thức của thao tác là XTS. Serpent đã vào các vòng kết của AES. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Kích cỡ của Tập đĩa Bên ngoài + Kích cỡ của Tập đĩa Ẩn + Xin phối kiểm là kích cỡ của thiết bị/phân vùng được chọn bên trên là đúng và nhấn Kế tiếp. + Tập đĩa bên ngoài và tập đĩa ẩn (có chứa hệ điều hành ẩn) sẽ nằm bên trong phân vùng trên. Nó sẽ là phân vùng đầu tiên đằng sau phân vùng hệ thống.\n\nXin kiểm chứng kích cỡ của phân vùng và số của nó cho thấy bên trên là đúng, và nếu đúng thì nhấn Kế tiếp. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Kích cỡ của Tập đĩa + Động + CẢNH CÁO: TỰ-KIỂM BỊ THẤT BẠI! + Những tự-kiểm của tất cả các thuật toán đều qua được + Số đơn vị dữ liệu mà bạn cung cấp quá dài hoặc quá ngắn. + Khóa phụ mà bạn cung cấp quá dài hoặc quá ngắn. + Văn bản mật mã mà bạn cung cấp quá dài hoặc quá ngắn. + Khóa kiểm tra mà bạn cung cấp quá dài hoặc quá ngắn. + Văn bản thô mà bạn cung cấp quá dài hoặc quá ngắn. + Hai thuật toán mã hóa trong một thác hoạt động trong phương thức XTS. Mỗi khối trước tiên được mã hóa với %s (%d-bit key) và sau đó với %s (%d-bit key). Mỗi thuật toán mã hóa dùng khóa riêng của nó. Tất cả các khóa đều độc lập với nhau. + Ba thuật toán mã hóa tromg một thác hoạt động trong phương thức XTS. Mỗi khối trước tiên được mã hóa với %s (%d-bit key), và sau đó với %s (%d-bit key), và sau cùng với %s (%d-bit key). Mỗi thuật toán mã hóa dùng khóa riêng của nó. Tất cả các khóa đều độc lập với nhau. + Lưu ý là tùy vào cấu hình của hệ điều hành, những tính năng tự-chạy và tự-nạp chỉ có thể làm việc được khi những tập tin trong đĩa của người lữ hành được cấu tạo trong một môi trường như CD/DVD không viết. Cũng lưu ý là đây không phải một lỗi trong VeraCrypt (nó là một giới hạn của Windows). + Đĩa di chuyển VeraCrypt đã được cấu tạo thành công.\n\nLưu ý là bạn cần quyền quản lý để cho VeraCrypt chạy trong phương thức lưu động. Đồng thời cũng lưu ý là, sau khi khám nghiệm tập tin thanh ghi, có thể biết được là VeraCrypt được chạy trong hệ thống Windows ngay cả nếu nó chạy trong phương thức lưu động. + Đĩa Di chuyển của VeraCrypt + Thiết kế bởi Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, và Niels Ferguson. Phát hành năm 1998. 256-bit key, 128-bit block. Phương thức của thao tác là XTS. Twcủaish đã vào các vòng kết của AES. + Thêm tin tức về %s + Không rõ + An unspecified or unknown error occurred (%d). + Một vài tập đĩa có chứa tập tin hoặc thư mục đang được dung bởi các ứng dụng hoặc hệ thống.\n\nBuộc tháo xuống không? + &Tháo xuống + Không tháo xuống được! + Tập đĩa có chứa tập tin hoặc thư mục đang được dùng bởi các ứng dụng hoặc hệ thống.\n\nBuộc tháo xuống không? + No volume is mounted to the specified drive letter. + Tập đĩa bạn đang cố gắng nạp lên đã được nạp lên rồi. + Có lỗi xảy ra khi thử nạp tập đĩa lên. + Lỗi kiếm vị trí bên trong tập đĩa. + Lỗi: Kích cỡ của tập đĩa sai. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Bộ chứa động là một tập tin NTFS thưa tiền phân phối mà kích cỡ nó (actual disk space used) gia tăng khi dữ liệu mới được bỏ thêm vào nó.\n\nCẢNH BÁO: Hiệu suất của các tập đĩa có tập tin thưa-làm chủ tệ hơn hiệu suất của các tập đĩa thông thường rất nhiều. Các tập đĩa có tập tin thưa-làm chủ cũng không an toàn bằng vì có thể biết được những khu vực nào của tập đĩa không được sử dụng. Ngoài ra, các tập đĩa có tập tin thưa-làm chủ không thể cung cấp sự phủ nhận có vẻ hợp lý được (chứa một tập đĩa ẩn). Cũng lưu ý là nếu dữ liệu được viết vào một bộ chứa tập tin thưa khi không có đủ chỗ trống trong hệ thống tập tin chủ, hệ thống tập tin được mã hóa có thể bị hỏng.\n\nBạn có chắc là bạn muốn cấu tạo một tập đĩa có tập tin thưa-làm chủ không? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt không thể thay đổi mật mã cho một tập đĩa lạ được. + Xin chọn một chữ hiệu ổ đĩa trống từ danh sách. + Xin chọn một tập đĩa được nạp lên trong danh sách chữ hiệu ổ đĩa. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Lỗi: Không thể cấu tạo autorun.inf + Lỗi trong lúc xử lý tập tin khóa! + Lỗi xử lý đường dẫn của tập tin khóa! + Đường dẫn của tập tin khóa không có chứa tập tin nào cả.\n\nXin lưu ý các thư mục (và các tập tin mà chúng chứa) tìm được trong những đường dẫn kiếm của tập tin khóa bị bỏ mặc. + VeraCrypt không hỗ trợ hệ điều hành này. + Lỗi: VeraCrypt chỉ hỗ trợ những phiên bản ổn định của hệ điều hành này (những phiên bản beta/RC không được hỗ trợ). + Lỗi: Không thể phân phối bộ nhớ. + Lỗi: Không thể lấy giá trị của bộ đếm hiệu suất. + Lỗi: Định dạng tập đĩa xấu. + Lỗi: Bạn cung cấp một mật mã cho một tập đĩa ẩn (không phải cho một tập đĩa thông thường). + Vì những lý do bảo mật, một tập đĩa ẩn không thể được cấu tạo bên trong một tập đĩa VeraCrypt có chứa một hệ thống tập tin mà đã đuợc mã hóa tại chỗ (tại vì chỗ trống trong the tập đĩa đã không được làm đầy với dữ liệu ngẫu nhiên). + VeraCrypt - Lưu ý Pháp lý + Tất cả các Tập tin + Những Tập đĩa VeraCrypt + Những Mô-đun Thư viện + Định dạng theo NTFS không thể tiếp tục được. + Không thể nạp tập đĩa lên được. + Không thể tháo tập đĩa xuống được. + Windows không định dạng tập đĩa theo kiểu NTFS được.\n\nXin chọn một loại hệ thống tập tin khác (nếu có thể) và thử lại. Một cách khác, bạn có thể để tập đĩa không được định dạng (chọn 'None' làm hệ thống tập tin), ra khỏi trợ lý này, nạp tập đĩa lên, và sau đó dùng một hệ thống hay một công cụ của hãng khác để định dạng tập đĩa được nạp (tập đĩa vẫn sẽ được mã hóa). + Windows không định dạng tập đĩa theo kiểu NTFS được.\n\nThay vì vậy, bạn có muốn định dạng tập đĩa theo dạng FAT không? + Mặc định + Phân vùng + PHÂN VÙNG + Thiết bị + thiết bị + THIẾT BỊ + Tập đĩa + tập đĩa + TẬP ĐĨA + Label + Kích cỡ của cụm đưọc chọn quá nhỏ cho kích cỡ của tập đĩa này. Một kích cỡ lớn hơn của cụm sẽ được dùng thay. + Lỗi: Không thể lấy kích cỡ của tập đĩa được!\n\nXin đảm bảo là tập đĩa được chọn không đang được dung bởi hệ thống hoặc một ứng dụng. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + Trợ lý Cấu tạo Tập đĩa VeraCrypt chỉ có thể cấu tạo một tập đĩa ẩn bên trong một tập FAT hay NTFS. + Trong Windows 2000, Trợ lý Cấu tạo Tập đĩa VeraCrypt chỉ có thể cấu tạo một tập đĩa ẩn bên trong một tập đĩa FAT. + Lưu ý: Hệ thống tập tin FAT thích hợp cho các tập đĩa bên ngoài hơn là hệ thống tập tin NTFS (ví dụ như kích cỡ tối đa có thể được cho tập đĩa ẩn sẽ rất có thể lớn hơn nhiều nếu như tập đĩa bên ngoài đã được định dạng theo kiểu FAT). + Lưu ý là hệ thống tập tin FAT thích hợp cho các tập đĩa bên ngoài hơn là hệ thống tập tin NTFS. Ví dụ như kích cỡ tối đa có thể được cho tập đĩa ẩn sẽ có thể lớn hơn nhiều nếu như tập đĩa bên ngoài được định dạng theo kiểu FAT (lý do là hệ thống tập tin NTFS luôn luôn lưu dữ liệu bên trong ở ngay chính giữa tập đĩa và, vì vậy, tập đĩa ẩn chỉ có thể nằm trong phần thứ hai của tập đĩa bên ngoài).\n\nBạn có chắc là bạn muốn định dạng tập đĩa bên ngoài theo kiểu NTFS không? + Thay vì vậy, bạn có muốn định dạng tập tin theo kiểu FAT không? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Lỗi: Phân vùng cho hệ điều hành ẩn (nghĩa là phân vùng đầu tiên đằng sau phân vùng hệ thống) phải ít nhất lớn hơn 5% phân vùng hệ thống (phân vùng hệ thống là nơi mà hệ điều hành đang chạy được cài đặt). + Lỗi: Phân vùng cho hệ điều hành ẩn (nghĩa là phân vùng đầu tiên đằng sau phân vùng hệ thống) phải ít nhất lớn hơn 110% (2.1 lần) phân vùng hệ thống (phân vùng hệ thống là nơi mà hệ điều hành đang chạy được cài đặt). Lý do là hệ thống tập tin NTFS luôn luôn lưu dữ liệu bên trong ở ngay chính giữa tập đĩa và, vì vậy, tập đĩa ẩn (cái mà có chứa một bản sao của phân vùng hệ thống) chỉ có thể nằm trong phần thứ hai của phân vùng. + Lỗi: Nếu tập đĩa bên ngoài được định dạng theo kiểu NTFS thì nó ít nhất phải lớn hơn 110% (2.1 lần) phân vùng hệ thống. Lý do là hệ thống tập tin NTFS luôn luôn lưu dữ liệu bên trong ở ngay chính giữa tập đĩa và, vì vậy, tập đĩa ẩn (cái mà có chứa một bản sao của phân vùng hệ thống) chỉ có thể nằm trong phần thứ hai của tập đĩa bên ngoài.\n\n Lưu ý: Tập đĩa bên ngoài cần nằm bên trong phân vùng giống như của hệ điều hành ẩn (nghĩa là bên trong phân vùng đầu tiên đằng sau phân vùng hệ thống). + Lỗi: Không có phân vùng nào đằng sau phân vùng hệ thống cả.\n\nLưu ý là trước khi bạn có thể cấu tạo một hệ điều hành ẩn, bạn cần cấu tạo một phân vùng cho nó trong ổ đĩa hệ thống. Nó phải là phân vùng đầu tiên đằng sau phân vùng hệ thống và phải ít nhất lớn hơn 5% phân vùng hệ thống (phân vùng hệ thống là nơi mà hệ điều hành đang chạy được cài đặt). Tuy nhiên, nếu tập đĩa bên ngoài (đừng lẫn lộn với phân vùng hệ thống) được định dạng theo kiểu NTFS, thì phân vùng cho hệ điều hành ẩn phải ít nhất lớn hơn 110% (2.1 lần) phân vùng hệ thống (lý do là hệ thống tập tin NTFS luôn luôn lưu dữ liệu bên trong ở ngay chính giữa tập đĩa và, vì vậy, tập đĩa ẩn, cái mà có chứa một bản sao của phân vùng hệ thống, chỉ có thể nằm trong phần thứ hai của phân vùng). + Ghi chú: Cài đặt các hệ điều hành trong hai tập đĩa VeraCrypt mà đã được gắn vào bên trong một phân vùng đơn độc không phải là điều thiết thực (và vì vậy không được hỗ trợ), bởi vì sử dụng hệ điều hành bên ngoài sẽ thường cần dữ liệu được viết vào khu vực của hệ điều hành ẩn (và nếu những thao tác viết như thế bị ngăn cản sử dụng tính năng bảo vệ của tập đĩa ẩn, nó sẽ đương nhiên làm cho hệ thống bị sụp đỗ, nghĩa là những lỗi 'Màn ảnh Xanh'). + Để có thêm hướng dẫn làm sao cấu tạo và quản lý các phân vùng, xin tham khảo tài liệu được cung cấp với hệ điều hành của bạn hoặc liên lạc ban hỗ trợ kỹ thuật từ nhà cung cấp máy điện toán của bạn để xin giúp đỡ. + Lỗi: Hệ điều hành đang chạy không được cài đặt trong phân vùng khởi động (phân vùng hoạt động đầu tiên). Chuyện này không được hỗ trợ. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Lỗi: Không thể truy cập tập đĩa được!\n\nĐảm bảo là tập đĩa được chọn đã có, và nó không được nạp hoặc đang được dùng bởi hệ thống hoặc một ứng dụng, và bạn có quyền đọc/viết cho tập đĩa, và nó không được bảo vệ viết. + Error: Cannot obtain volume properties. + Lỗi: Không thể truy cập tập đĩa và/hay thu thập tin tức về tập đĩa được.\n\nĐảm bảo là tập đĩa được chọn đã có, và nó không đang được dùng bởi hệ thống hoặc các ứng dụng, và bạn có quyền đọc/viết cho tập đĩa, và nó không được bảo vệ viết. + Lỗi: Không thể truy cập tập đĩa và/hay thu thập tin tức về tập đĩa được. Đảm bảo là tập đĩa được chọn đã có, và nó không đang được dùng bởi hệ thống hoặc các ứng dụng, và bạn có quyền đọc/viết cho tập đĩa, và nó không được bảo vệ viết.\n\nNếu vấn đề vẫn còn, theo những bước bên dưới có thể giúp được. + Một lỗi đã ngăn cản VeraCrypt mã hóa phân vùng. Xin giải quyết bất cứ vấn đề nào đã được báo trước và sau đó thử lại. Nếu vấn đề vẫn còn, theo những bước bên dưới có thể giúp được. + Một lỗi đã ngăn cản VeraCrypt bắt đầu lại quá trình mã hóa phân vùng.\n\nXin giải quyết bất cứ vấn đề nào đã được báo trước và sau đó thử bắt đầu quá trình lại lần nữa. Lưu ý là tập đĩa không thể được nạp cho đến khi nó mã hóa hoàn toàn. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Lỗi: Không thể tháo tập đĩa bên ngoài xuống được!\n\nTập đĩa không thể được tháo xuống nếu nó có chứa những tập tin hoặc thư mục đang được dùng bởi một chương trình hay hệ thống.\n\nXin chọn bất cứ chương trình nào có thể đang dùng những tập tin hoặc thư mục trong tập đĩa và nhấn Thử lại. + Lỗi: Không thể thu thập tin tức về tập đĩa bên ngoài được!\nCấu tạo tập đĩa không thể tiếp tục. + Lỗi: Không thể truy cập tập đĩa bên ngoài được! Cấu tạo tập đĩa không thể tiếp tục. + Lỗi: Không thể nạp tập đĩa bên ngoài được! Cấu tạo tập đĩa không thể tiếp tục. + Lỗi: Không thể lấy cụm ảnh mảng của tập đĩa được! Cấu tạo tập đĩa không thể tiếp tục. + Theo thứ tự/Được phân loại + Tốc độ Trung bình (Đang đi xuống) + Thuật toán + Mã hóa + Giải mã + Trung bình + Ổ đĩa + Kích cỡ + Thuật toán Mã hóa + Thuật toán Mã hóa + Loại + Giá trị + Đặc tính + Vị trí + bytes + Ẩn + Bên ngoài + Thông thường + Hệ thống + Ẩn (hệ thống) + Chỉ-đọc + Ổ đĩa Hệ thống + Ổ đĩa Hệ thống (đang mã hóa - %.2f%% xong) + Ổ đĩa Hệ thống (đang giải mã - %.2f%% xong) + Ổ đĩa Hệ thống (%.2f%% đã mã hóa) + Phân vùng Hệ thống + Phân vùng ẩn Hệ thống + Phân vùng Hệ thống (đang mã hóa - %.2f%% xong) + Phân vùng Hệ thống (đang giải mã - %.2f%% xong) + Phân vùng Hệ thống (%.2f%% đã mã hóa) + Có (tổn hại được ngăn cản!) + Không có + Kích cỡ Khóa Chính + Kích cỡ Khóa Phụ (Phương thức XTS) + Kích cỡ Khóa Vặn (Phương thức LRW) + bits + Kích cỡ Khối + PKCS-5 PRF + Đếm Lần lặp lại của PKCS-5 + Tập đĩa đã được Cấu tạo + Phần đầu được Sửa đổi lần Cuối + (cách đây %I64d ngày) + Ấn bản Định dạng của Tập đĩa + Sao lưu Phần đầu được Gắn vào + VeraCrypt Boot Loader Version + Đầu tiên có sẵn + Ổ đĩa Rời được + Ổ đĩa cứng + Không thay đổi + Autodetection + Phương thức Trợ lý + Chọn một trong các phương thức. Nếu bạn không chắc nên chọn cái nào thì sử dụng phương thức mặc định. + Chọn tùy chọn này nếu bạn muốn cài đặt VeraCrypt vào hệ thống này. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + Nếu bạn chọn tùy chọn này, tất cả các tập tin sẽ được rút ra từ kiện đồ này nhưng sẽ không có cái gì được cài đặt trong hệ thống. Đừng chọn nó nếu bạn tính mã hóa phân vùng hệ thống hoặc ổ đĩa hệ thống. Chọn tùy chọn này có thể hữu ích, ví dụ như nếu bạn muốn chạy VeraCrypt trong phương thức đuợc gọi là lưu động. VeraCrypt không cần phải được cài đặt trong hệ điều hành nơi mà nó chạy. Sau khi tất cả các tập tin được rút ra, bạn có thể cho chạy tập 'VeraCrypt.exe' trực tiếp (sau đó VeraCrypt sẽ chạy trong phương thức lưu động). + Các tùy chọn Thiết lập + Ở đây bạn có thể đặt nhiều loại tùy chọn khác nhau để điều khiển quá trình cài đặt. + Đang cài đặt + Xin chờ trong lúc VeraCrypt đang được cài đặt. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Các tùy chọn Rút ra + Ở đây bạn có thể đặt nhiều loại tùy chọn khác nhau để điều khiển quá trình rút ra. + Xin chờ trong lúc các tập tin đang được rút ra. + Files successfully extracted + Tất cả các tập tin đã được rút vào vị trí đích. + Nếu thư mục được xác định không có thì nó sẽ được tự động cấu tạo. + Các tập tin chương trình của VeraCrypt sẽ được nâng cấp ở vị trí nơi mà VeraCrypt được cài đặt. Nếu bạn cần chọn một vị trí khác thì trước tiên xin hủy cài đặt VeraCrypt. + Bạn có muốn xem ghi chú phát hành cho phiên bản hiện tại (ổn định mới nhất) của VeraCrypt không? + Nếu bạn chưa bao giờ dùng VeraCrypt trước đây, chúng tôi khuyên bạn nên đọc chương Dạy kèm cho Người mới bắt đầu trong Hướng dẫn cho Người dùng của VeraCrypt. Bạn có muốn xem dạy kèm không? + Xin chọn một động tác để thi hành từ những cái sau đây: + Sửa chữa/Cài đặt lại + Nâng cấp + Hủy cài đặt + Để cài đặt/hủy cài đặt VeraCrypt thành công, bạn phải có quyền quản lý. Bạn có muốn tiếp tục không? + Bộ cài đặt của VeraCrypt hiện đang chạy trong hệ thống này và đang thi hành hay chuẩn bị việc cài đặt hay cập nhật VeraCrypt. Trước khi bạn tiến hành, xin chờ cho nó chấm dứt hoặc đóng nó lại. Nếu bạn không đóng nó được thì xin bắt đầu máy điện toán của bạn lại trước khi tiến hành. + Không cài đặt được. + Không hủy cài đặt được. + Kiện đồ phân phối này bị tổn hại. Xin tải nó xuống lại (tốt hơn là từ trang web chính thức của VeraCrypt tại https://veracrypt.codeplex.com). + Không thể viết vào tập tin %s + Đang rút ra + Không thể đọc dữ liệu từ kiện đồ được. + Không thể kiểm chứng tính toàn vẹn của kiện đồ phân phối này đuợc. + Rút ra bị thất bại. + Việc cài đặt đã được quay ngược lại. + VeraCrypt đã được cài đặt thành công. + VeraCrypt đã được cập nhật thành công. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt đã được gỡ bỏ thành công.\n\nNhấn 'Kết thúc' để bỏ bộ cài đặt của VeraCrypt và thư mục %s. Lưu ý là thư mục sẽ không được bỏ nếu nó có chứa bất cứ tập tin nào không được cài đặt bởi bộ cài đặt của VeraCrypt hoặc được cấu tạo bởi VeraCrypt. + Đang bỏ các mục nhập thanh ghi của VeraCrypt + Đang thêm mục nhập thanh ghi + Đang bỏ dữ liệu ứng dụng riêng + Đang cài đặt + Đang ngưng lại + Đang bỏ + Đang thêm biểu tượng + Đang cấu tạo điểm Phục hồi Hệ thống + Không cấu tạo điểm Phục hồi Hệ thống được! + Đang cập nhật Bộ tải Khởi nạp + Không cài đặt '%s'.%s được\nBạn có muốn tiếp tục cài đặt không? + Không hủu cài đặt '%s' được. %s\nBạn có muốn tiếp tục hủy cài đặt không? + Việc cài đặt được hoàn thành. + Thư mục '%s' không thể được cấu tạo + Trình điều khiển thiết bị của VeraCrypt không thể được hủy nạp.\n\nXin đóng tất cả cửa sổ đang mở của VeraCrypt trước. Nếu nó không giúp được, xin vui long bắt đầu Windows lại và sau đó thử lần nữa. + Tất cả các tập đĩa của VeraCrypt phải được tháo xuống trước khi cài đặt hay gỡ bỏ VeraCrypt. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + Việc cài đặt các mục nhập ghi thanh đã thất bại + Việc cài đặt trình điều khiển thiết bị đã thất bại. Xin vui long bắt đầu Windows lại và sau đó thử cài VeraCrypt lại lần nữa. + Đang bắt đầu trình điều khiển thiết bị của VeraCrypt + Việc hủy cài đặt trình điều khiển thiết bị đã thất bại. Xin lưu ý là vì một vấn đề của Windows, có thể cần phải đăng xuất hoặc bắt đầu hệ thống lại trước khi trình điều khiển thiết bị có thể được hủy cài đặt (hoặc cài đặt lại). + Đang cài đặt trình điều khiển thiết bị của VeraCrypt + Đang ngưng trình điều khiển thiết bị của VeraCrypt + Đang hủy cài đặt trình điều khiển thiết bị của VeraCrypt + Đăng ký thư viện hỗ trợ Điều khiển Trương mục Người dùng bị thất bại. + Hủy đăng ký thư viện hỗ trợ Điều khiển Trương mục Người dùng bị thất bại. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Lưu ý là nếu bạn quyết định cho VeraCrypt chạy trong phương thức lưu động (thay vì cho chạy một bản VeraCrypt được cài đặt), hệ thống sẽ hỏi bạn có cho phép chạy VeraCrypt (nhắc UAC) mỗi khi bạn thử chạy nó không.\n\nLý do là khi bạn cho VeraCrypt chạy trong phương thức lưu động, VeraCrypt cần nạp và bắt đầu trình điều khiển thiết bị của VeraCrypt. VeraCrypt cần một trình điều khiển thiết bị để cung cấp sự mã hóa/giải mã vô hình on-the-fly, và những người dùng không có quyền quản lý không thể bắt đầu các trình điều khiển thiết bị trong Windows. Vì vậy, hệ thống sẽ hỏi bạn có cho phép chạy VeraCrypt với quyền quản lý không (nhắc UAC).\n\nLưu ý là bạn cài đặt VeraCrypt vào hệ thống (thay vì cho chạy VeraCrypt phương thức lưu động), hệ thống sẽ KHÔNG hỏi bạn có cho phép chạy VeraCrypt (nhắc UAC) mỗi khi bạn thử chạy nó.\n\nBạn có chắc là bạn muốn rút các tập tin ra không? + Cảnh báo: Thể hiện này của Trợ lý Cấu tạo Tập đĩa có quyền quản lý.\n\nTập đĩa mới của bạn có thể được cấu tạo với các quyền mà sẽ không cho phép bạn viết vào tập đĩa khi nó được nạp lên. Nếu bạn muốn tránh chuyện đó, đóng thể hiện này của Trợ lý Cấu tạo Tập đĩa và khởi chạy một cái mới mà không có quyền quản lý.\n\nBạn có muốn đóng thể hiện này của Trợ lý Cấu tạo Tập đĩa không? + Lỗi: Không thể hiển thị giấy phép. + Bên ngoài(!) + ngày + giờ + phút + s + Mở + Tháo xuống + Cho thấy VeraCrypt + Giấu VeraCrypt + Dữ liệu được Đọc từ khi Nạp lên + Dữ liệu được Viết từ khi Nạp lên + Phần được Mã hóa + 100% (hoàn toàn mã hóa) + 0% (không được mã hóa) + %.3f%% + 100% + Đang chờ + Đang chuẩn bị + Đang định kích cỡ + Đang mã hóa + Đang giải mã + Đang chấm đứt + Ngưng + Xong + Lỗi + Device disconnected + Các tập đĩa hệ thống được chuộng đã được bảo lưu.\n\nĐể bật việc nạp các tập đĩa hệ thống được chuộng lên khi hệ thống bắt đầu, xin 'Settings' > 'Các Tập đĩa Hệ thống được Chuộng' > 'Nạp các tập đĩa hệ thống được chuộng lên khi Windows bắt đầu'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Nhập mật mã cho %s + Enter password for '%s' + Nhập mật mã cho tập đĩa thông thường/bên ngoài + Nhập mật mã cho tập đĩa ẩn + Nhập khẩu cho phần đầu giữ trong tập tin sao lưu + Keytập tin has been successfully cấu tạod. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + CẢNH BÁO: Phần đầu của tập đĩa này bị tổn hại! VeraCrypt tự động xử dụng sao lưu của phần đầu tập đĩa được gắn vào trong tập đĩa.\n\nBạn nên sửa phần đầu tập đĩa bằng cách chọn 'Tools' > 'Phục hồi Phần đầu Tập đĩa'. + Bản sao phần đầu tập đĩa phần đầu đã được cấu tạo thành công.\n\nQUAN TRỌNG: Hồi phục phần đầu tập đĩa bằng cách dùng bản sao này cũng sẽ hồi phục mật mã hiện tại của tập đĩa. Hơn nữa, nếu (những) tập tin khóa cần có để nạp tập đĩa lên thì (những) tập tin khóa đó sẽ cần lại để nạp tập đĩa khi phần đầu tập đĩa được hồi phục.\n\nCẢNH BÁO: Bản sao phần đầu tập đĩa này có thể được dùng để hồi phục phần đầu của RIÊNG tập đĩa này thôi. Nếu bạn dùng bản sao phần đầu này để hồi phục một phần đầu của một tập đĩa khác thì bạn sẽ có thể nạp tập đĩa lên, nhưng bạn sẽ KHÔNG thể giải mã bất cứ dữ liệu nào được lưu trữ trong tập đĩa (bởi vì bạn sẽ thay đổi khóa chính của nó). + Phần đầu tập đĩa đã được hồi phục thành công.\n\nQUAN TRỌNG: Xin lưu ý là một mật mã cũ cũng có thể được hồi phục luôn. Hơn nữ, nếu (những) tập tin khóa cần có để nạp tập đĩa lên khi bản sao được cấu tạo thì (những) tập tin khóa đó bây giờ cần có để nạp tập đĩa lần nữa. + Vì lý do bảo mật, bạn sẽ phải nhập đúng mật mã vào (và/hay cung cấp đúng các tập tin khóa) cho tập đĩa.\n\nLưu ý: Nếu tập đĩa có chứa một tập đĩa ẩn, bạn sẽ phải nhập đúng mật mã vào (và/hay cung cấp đúng các tập tin khóa) cho tập đĩa bên ngoài trước. Sau đó, nếu bạn chọn sao lưu phần đầu của tập đĩa ẩn, bạn sẽ phải nhập đúng mật mã vào (và/hay cung cấp đúng các tập tin khóa) cho tập đĩa ẩn. + Bạn có chắc là bạn muốn cấu tạo bản sao phần đầu tập đĩa cho %s không?\n\nSau khi bạn nhấn Có, bạn sẽ được hỏi tên cho một tập tin cho bản sao phần đầu.\n\nLưu ý: Phần đầu của cả hai tập đĩa thông thường và ẩn sẽ được mã hóa lại bằng cách dùng một muối mới và lưu trữ trong bản sao của tập tin. Không thôi có tập đĩa ẩn bên trong tập đĩa này thì khu vực dành riêng cho phần đầu của tập đĩa ẩn trong bản sao của tập tin sẽ được làm đầy với dữ liệu ngẫu nhiên (để duy trì sự phủ nhận có vẻ hợp lý). Khi hồi phục một phần đầu tập đĩa từ bản sao của tập tin, bạn sẽ cần nhập vào đúng mật mã (và/hay cung cấp đúng các tập tin khóa) mà đã có hiệu lực khi bản sao phần đầu tập đĩa được cấu tạo. Mật mã (và/hay các tập tin khóa) cũng sẽ tự động xác định loại phần đầu tập đĩa nào để hồi phục, nghĩa là thông thường hay ẩn (lưu ý là VeraCrypt xác định loại nào qua quá trình thử và lỗi). + Bạn có chắc là bạn muốn hồi phục phần đầu tập đĩa của %s không?\n\nCẢNH BÁO: Hồi phục phần đầu một tập đĩa cũng hồi phục mật mã của tập đĩa mà đã có hiệu lực khi bản sao được cấu tạo. Hơn nữa, nếu (những) tập tin khóa cần có để nạp tập đĩa lên khi bản sao được cấu tạo thì (những) tập tin khóa đó sẽ cần lại để để nạp tập đĩa sau khi phần đầu tập đĩa được hồi phục.\n\nSau khi bạn nhấn Có, bạn sẽ chọn phần đầu bản sao tập tin. + Tập đĩa có chứa một tập đĩa ẩn không? + Tập đĩa có chứa một tập đĩa ẩn + Tập đĩa không có chứa một tập đĩa ẩn + Xin chọn loại bản sao phần đầu tập đĩa mà bạn muốn sử dụng: + Hồi phục phần đầu tập đĩa từ bản sao được gắn trong tập đĩa + Hồi phục phần đầu tập đĩa từ một bản sao tập tin bên ngoài + Kích cỡ của bản sao phần đầu tập đĩa không đúng. + Không có bản sao phần đầu được gắn trong tập đĩa này (lưu ý là chỉ có các tập đĩa được cấu tạo bởi VeraCrypt 6.0 hay sau này có chứa những bản sao phần đầu được gắn vào). + Bạn đang thử sao lại phần đầu của phân vùng/ổ đĩa hệ thống. Chuyện này không được cho phép. Sao lại/hồi phục những thao tác liên quan đến phân vùng/ổ đĩa hệ thống chỉ có thể thực hiện bằng cách dùng Đĩa Cứu hộ VeraCrypt.\n\nBạn có muốn cấu tạo một Đĩa Cứu hộ VeraCrypt không? + Bạn đang thử hồi phục phần đầu của một tập đĩa VeraCrypt ảo nhưng bạn đã chọn phân vùng/ổ đĩa hệ thống. Chuyện này không được cho phép. Sao lại/hồi phục những thao tác liên quan đến phân vùng/ổ đĩa hệ thống chỉ có thể thực hiện bằng cách dùng Đĩa Cứu hộ VeraCrypt.\n\nBạn có muốn cấu tạo một Đĩa Cứu hộ VeraCrypt không? + Sau khi bạn nhấn OK, bạn sẽ chọn tên một tập tin cho bản ảnh ISO của Đĩa Cứu hộ VeraCrypt và vị trí bạn muốn để nó. + Bản ảnh của Đĩa Cứu hộ đã được cấu tạo và lưu trữ trong tập tin này:\n%s\n\nBây giờ bạn cần sang bản ảnh của Đĩa Cứu hộ qua một CD hay DVD.\n\nQUAN TRỌNG: Lưu ý là tập tin phải được viết vào CD/DVD như là một bản ảnh ISO của đĩa (chứ không phải như là một tập tin cá nhân). Để có hướng dẫn làm như thế nào, xin tham khảo tài liệu của nhu liệu thâu CD/DVD của bạn.\n\nSau khi bạn sang Đĩa Cứu hộ, chọn 'Hệ thống' > 'Xác nhận Đĩa Cứu hộ' để xác nhận là nó đã được sang đúng cách. + Bản ảnh của Đĩa Cứu hộ đã được cấu tạo và lưu trữ trong tập tin này:\n%s\n\nBây giờ bạn cần sang bản ảnh của Đĩa Cứu hộ qua một CD hay DVD.\n\nBạn có muốn khởi chạy Microsoft Windows Disc Image Burner bây giờ không?\n\nLưu ý: Sau khi bạn sang Đĩa Cứu hộ, chọn 'Hệ thống' > 'Xác nhận Đĩa Cứu hộ' để xác nhận là nó đã được sang đúng cách. + Xin chèn Đĩa Cứu hộ VeraCrypt của bạn vào ổ đĩa CD/DVD của bạn và nhấn OK để xác nhận nó. + Đĩa Cứu hộ VeraCrypt đã được xác nhận thành công. + Không thể xác nhận là Đĩa Cứu hộ đã được sang đúng cách.\n\nNếu bạn đã sang Đĩa Cứu hộ, xin đẩy CD/DVD ra và chèn vào lại; sau đó thử lại. Nếu việc này không giúp được, xin thử nhu liệu thâu CD/DVD và/hay môi trường khác.\n\nNếu bạn thử xác nhận một Đĩa Cứu hộ VeraCrypt được cấu tạo cho một khóa chính, mật mã, salt, v.v. khác, xin lưu ý là Đĩa Cứu hộ như thế sẽ luôn luôn thất bại sự xác nhận này. Để cấu tạo một Đĩa Cứu hộ mới hoàn toàn tương đương với cấu hình hiện tại của bạn, chọn 'Hệ thống' > 'Cấu tạo Đĩa Cứu hộ'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Lỗi cấu tạo Đĩa Cứu hộ VeraCrypt. + Đĩa Cứu hộ VeraCrypt không thể được cấu tạo khi một hệ điều hành ẩn đang chạy.\n\nĐể cấu tạo một Đĩa Cứu hộ VeraCrypt, khởi động hệ điều hành nghi trang và sau đó chọn 'Hệ thống' > 'Cấu tạo Đĩa Cứu hộ'. + Không thể xác nhận là Đĩa Cứu hộ đã được sang đúng cách.\n\nNếu bạn đã sang Đĩa Cứu hộ, xin đẩy CD/DVD ra và chèn vào lại; sau đó nhấn Kế tiếp để thử lại. Nếu việc này không giúp được, xin thử môi trường khác%s.\n\nNếu bạn chưa sang Đĩa Cứu hộ, xin làm thế, và sau đó nhấn Kế tiếp.\n\nNếu bạn thử xác nhận một Đĩa Cứu hộ VeraCrypt được cấu tạo trước khi bạn bắt đầu trợ lý này thì xin lưu ý là Đĩa Cứu hộ như thế không thể dùng được bởi vì nó được cấu tạo cho một khóa chính khác. Bạn cần sang Đĩa Cứu hộ mới được tạo ra. + và/hay nhu liệu thâu CD/DVD khác + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + Phân vùng/ổ đĩa hệ thống dường như không được mã hóa.\n\nCác tập đĩa hệ thống được chuộng có thể được nạp bằng cách chỉ dùng một mật mã chứng thực tiền khởi động. Vì vậy, để có thể dùng các tập đĩa hệ thống được chuộng, bạn cần mã hóa phân vùng/ổ đĩa hệ thống trước. + Xin tháo tập đĩa xuống trước khi tiến hành. + Lỗi: Không thể thiết lập bộ đếm thời gian. + Kiểm soát Hệ thống tập tin + Sửa chữa Hệ thống Tập tin + Add to Favorites... + Add to System Favorites... + P&roperties... + Tập đĩa Ẩn được Bảo vệ + N/A + + Không + Disabled + 1 + 2 hoặc hơn + Phương thức của Thao tác + Nhãn: + Kích cỡ: + Đường dẫn: + Chữ của Ổ đĩa: + Lỗi: Mật mã phải chỉ chứa ký tự ASCII.\n\nKý tự không phải ASCII trong mật mã có thể làm cho tập đĩa không thể nào nạp được khi cấu hình hệ thống của bạn thay đổi.\n\nNhững ký tự sau đây được phép dùng:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Cảnh báo: Mật mã có chứa những ký tự không phải ASCII. Việc này có thể làm cho tập đĩa không thể nào nạp được khi cấu hình hệ thống của bạn thay đổi.\n\nBạn nên thay thế tất cả những ký tự không phải ASCII trong mật mã với những ký tự ASCII. Để làm thế, nhấn 'Tập đĩa' -> 'Thay đổi Mật mã của Tập đĩa'.\n\nSau đây là những ký tự ASCII:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + CẢNH BÁO: Chúng tôi cực lực khuyên bạn nên tránh những tập tin có đuôi được dùng cho những tập tin thực hiện (như .exe, .sys, hay .dll) và những tập tin có đuôi với những vấn đề tương tự. Dùng những tập tin có đuôi như thế làm cho Windows và nhu liệu chống vi-rút gây trở ngại cho bộ nhớ, mà có ảnh hưởng bất lợi đến hiệu suất của tập đĩa và có thể gây ra những vấn đề nghiêm trọng khác.\n\nChúng tôi cực lực khuyên bạn gỡ bỏ tập tin có đuôi hoặc thay đổi nó (ví dụ thành '.hc').\n\nBạn có chắc là bạn muốn sử dụng tập tin có đuôi có vấn đề không? + CẢNH BÁO: Bộ nhớ này có một tập tin có đuôi mà được dùng cho những tập tin thực hiện (such as .exe, .sys, or .dll) hoặc những tập tin có đuôi khác với những vấn đề tương tự. Nó sẽ rất có thể làm cho Windows và nhu liệu chống vi-rút gây trở ngại cho bộ nhớ, mà có ảnh hưởng bất lợi đến hiệu suất của tập đĩa và có thể gây ra những vấn đề nghiêm trọng khác.\n\nChúng tôi cực lực khuyên bạn gỡ bỏ tập tin có đuôi của bộ nhớ hoặc thay đổi nó (ví dụ thành '.hc') sau khi bạn tháo tập đĩa xuống. + Trang chủ + CẢNH BÁO: Dường như là bạn chưa áp dụng bất cứ Service Pack nào vào việc cài đặt Windows của bạn. Bạn không nên viết vào các đĩa IDE lớn hơn 128 GB trong Windows XP mà bạn đã không áp dụng Service Pack 1 hay mới hơn! Nếu bạn có làm, dữ liệu trong đĩa (không cần biết nếu nó là một tập đĩa VeraCrypt hay không) có thể bị hỏng. Lưu ý đây là một giới hạn của Windows chứ không phải là một lỗi trong VeraCrypt. + CẢNH BÁO: Dường như là bạn chưa áp dụng Service Pack 3 hay mới hơn vào việc cài đặt Windows của bạn. Bạn không nên viết vào các đĩa IDE lớn hơn 128 GB trong Windows 2000 mà bạn chưa áp dụng Service Pack 3 hay mới hơn! Nếu bạn có làm, dữ liệu trong đĩa (không cần biết nếu nó là một tập đĩa VeraCrypt hay không) có thể bị hỏng. Lưu ý đây là một giới hạn của Windows chứ không phải một lỗi trong VeraCrypt.\n\nLưu ý: Bạn có thể cần phải bật hỗ trợ cho 48-bit LBA trong thanh ghi lên; để có thêm tin tức, xem http://support.microsoft.com/kb/305098/EN-US + CẢNH BÁO: Hỗ trợ cho 48-bit LBA ATAPI bị tắt trong hệ thống của bạn. Vì vậy, bạn không nên viết vào các đĩa IDE lớn hơn 128 GB! Nếu bạn có làm, dữ liệu trong đĩa (không cần biết nếu nó là một tập đĩa VeraCrypt hay không) có thể bị hỏng. Lưu ý đây là một giới hạn của Windows chứ không phải là một giới hạn của VeraCrypt.\n\nĐể bật hỗ trợ cho 48-bit LBA lên, thêm giá trị thanh ghi 'EnableBigLba' vào trong khóa thanh ghi HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters và cho nó giá trị 1.\n\nĐể có thêm tin tức, xem http://support.microsoft.com/kb/305098 + Lỗi: Những tập tin lớn hơn 4 GB không thể được lưu trữ trong một hệ thống tập tin FAT32. Vì vậy, các tập đĩa (bộ nhớ) VeraCrypt có tập tin-làm chủ được lưu trữ trong một hệ thống tập tin FAT32 không thể lớn hơn 4 GB được.\n\nNếu bạn cần một tập đĩa lớn hơn, cấu tạo nó trong một hệ thống tập tin NTFS (hoặc, nếu bạn sử dụng Windows Vista SP1 hay mới hơn, trong một hệ thống tập tin exFAT) hoặc, thay vì cấu tạo một tập đĩa có tập tin-làm chủ, mã hóa toàn bộ một phân vùng hay thiết bị. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + CẢNH BÁO: Nếu bạn muốn có thể thêm dữ liệu/tập tin vào tập đĩa bên ngoài trong tương lai, bạn nên tính đến chuyện chọn một kích cỡ nhỏ hơn cho tập đĩa ẩn.\n\nBạn có chắc là bạn muốn tiếp tục với kích cỡ bạn đã xác định không? + Không có tập đĩa nào được chọn.\n\nNhấn 'Chọn Thiết bị' hoặc 'Chọn Tập tin' để chọn một tập đĩa của VeraCrypt. + Không phân vùng nào được chọn.\n\nNhấn 'Chọn Thiết bị' để chọn một phân vùng được tháo xuống mà thông thường cần chứng thực tiền khởi động (ví dụ như một phân vùng nằm trong ổ đĩa hệ thống được mã hóa của một hệ điều hành khác, mà không có đang chạy, hoặc phân vùng hệ thống được mã hóa của một hệ điều hành khác).\n\nLưu ý: Phân vùng được chọn sẽ được nạp lên như một tập đĩa VeraCrypt thông thường không có chứng thực tiền khởi động. Việc này hữu dụng vi dú như cho những thao tác sao chép hoặc sửa chữa. + CẢNH BÁO: Nếu những tập tin khóa mặc định được thiết lập và bật lên thì các tập đĩa mà không dùng những tập tin khóa này sẽ không thể nào nạp lên được. Vì vậy, sau khi bạn bật những tập tin khóa mặc định lên thì nhớ bỏ đánh dấu hộp chọn 'Sử dụng tập tin khóa' (bên dưới một trường nhập mật mã) bất cứ khi nào nạp các tập đĩa như thế.\n\nBạn có chắc là bạn muốn bảo lưu những tập tin khóa/đưòng dẫn được chọn thành mặc định không? + Những Thiết bị Tự-Nạp + Tháo xuống Tất cả + Tẩy Bộ tạm trữ + Tháo xuống Tất cả & Tẩy Bộ tạm trữ + Buộc Tháo xuống Tất cả & Tẩy Bộ tạm trữ + Buộc Tháo xuống Tất cả, Tẩy Bộ tạm trữ & Thoát ra + Nạp các Tập đĩa được Chuộng lên + Cho thấy/Dấu Cửa sổ Chính của VeraCrypt + (Nhấn vào đây và bấm một phím) + Hành động + Lối tắt + Lỗi: Lối tắt này được dành riêng. Xin chọn một lối tắt khác. + Lỗi: Lối tắt đã được sử dụng. + CẢNH BÁO: Một hoặc nhiều khóa kích hoạt cho nguyên cả hệ thống của VeraCrypt sẽ không làm việc được!\n\nXin đảm bảo là các ứng dụng khác và hệ điều hành không sử dụng cùng lối tắt với VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + Một lỗi hoặc một sự không tương thích ngăn cản VeraCrypt mã hóa tập tin vô động. Vì vậy, sự vô động đã bị ngăn cản.\n\nLưu ý: Khi một máy điện toán vào trạng thái vô động (hoặc bước vào một phương thức tiết kiệm điện năng), nội dung của bộ nhớ hệ thống của nó được viết vào một tập tin lưu trữ vô động nằm trong ỗ đĩa hệ thống. VeraCrypt sẽ không thể ngăn cản những khóa mã hóa và nội dung của những tập tin nhạy cảm được mở trong RAM được bảo lưu mà không có mã hóa vào tập tin lưu trữ vô động. + Sự vô động đã bị ngăn cản.\n\nVeraCrypt không hỗ trợ sự vô động trong các hệ điều hành ẩn mà sử dụng thêm một phân vùng khởi động. Xin lưu ý là phân vùng khởi động được xài chung bởi cả hệ nghi trang lẫn hệ ẩn. Vì vậy, để ngăn cản những thất thoát và vấn đề của dữ liệu trong lúc bắt đầu lại từ sự vô động, VeraCrypt phải ngăn cản hệ ẩn viết vào phân vùng khởi động xài chung và vào trạng thái vô động. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + CẢNH BÁO: Nếu tùy chọn này bị tắt thì các tập đĩa có chứa các tập tin/thư mục đang mở sẽ không thể tự-tháo xuống được.\n\nBạn có chắc là bạn muốn tắt tùy chọn này không? + CẢNH BÁO: Những tập đĩa có chứa các tập tin/thư mục đang mở sẽ KHÔNG được tự-tháo xuống.\n\nĐể tránh chuyện này, bật tùy chọn sau đây lên trong cửa sổ hộp thoại này: 'Buộc tự-tháo xuống ngay cả nếu tập đĩa có chứa các tập tin hay thư mục đang mở' + CẢNH BÁO: Khi điện năng pin của máy notebook xuống thấp, Windows có thể bỏ sót chuyện gửi những thông điệp thích đáng đến những ứng dụng đang chạy khi máy điện toán đang vào phương thức tiết kiệm điện năng. Vì vậy, VeraCrypt có thể không tự-tháo các tập đĩa xuống trong những trường hợp như thế. + Bạn đã sắp đặt quá trình mã hóa của một phân vùng/tập đĩa. Quá trình chưa được chấm dứt.\n\nBạn có muốn tiếp tục lại quá trình bây giờ không? + Bạn đã sắp đặt quá trình mã hóa hoặc giải mã của phân vùng/ổ đĩa hệ thống. Quá trình chưa được chấm dứt.\n\nBạn có muốn bắt đầu (tiếp tục lại) quá trình bây giờ không? + Bạn có muốn được nhắc chuyện bạn có muốn tiếp tục lại những quá trình mã hóa đang được sắp đặt của những phân vùng/tập đĩa vô hệ? + Có, cứ nhắc tôi + Không, đừng nhắc tôi + QUAN TRỌNG: Nhớ là bạn có thể tiếp tục lại quá trình mã hóa của bất cứ phân vùng/tập đĩa vô hệ nào bằng cách chọn 'Tập đĩa' > 'Tiếp tục lại Quá trình bị Gián đoạn' từ thanh trình đơn của cửa sổ chính của VeraCrypt. + Bạn đã sắp đặt quá trình mã hóa hoặc giải mã của phân vùng/ổ đĩa hệ thống. Tuy nhiên, chứng thực tiền-khởi động bị thất bại (hoặc bị bỏ qua).\n\nLưu ý: Nếu bạn giải mã phân vùng/ổ đĩa hệ thống trong môi trường tiền-khởi động thì bạn có thể cần phải kết thúc quá trình bằng cách chọn 'Hệ thống' > 'Vĩnh viễn Giải mã Phân vùng/Ổ đĩa Hệ thống' từ thanh trình đơn của cửa sổ chính của VeraCrypt. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Thoát ra không? + VeraCrypt không có đủ tin tức để xác định là nên mã hóa hay giải mã. + VeraCrypt không có đủ tin tức để xác định là nên mã hóa hay giải mã.\n\nLưu ý: Nếu bạn giải mã phân vùng/ổ đĩa hệ thống trong môi trường tiền-khởi động thì bạn có thể cần phải kết thúc quá trình bằng cách nhấn Giải mã. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Bạn có muốn gián đoạn và dời lại quá trình mã hóa của phân vùng/tập đĩa không?\n\nLưu ý: Nhớ là tập đĩa không thể được nạp lên cho đến khi nó được mã hóa hoàn toàn. Bạn sẽ có thể tiếp tục lại quá trình mã hóa và nó sẽ tiếp tục từ điểm mà nó bị ngừng. Bạn có thể làm thế, ví dụ như bằng cách chọn 'Tập đĩa' > 'Tiếp tục lại Quá trình bị Gián đoạn' từ thanh trình đơn của cửa sổ chính của VeraCrypt. + Bạn có muốn gián đoạn và dời lại quá trình mã hóa của phân vùng/tập đĩa không?\n\nLưu ý: Bạn sẽ có thể tiếp tục lại quá trình mã hóa và nó sẽ tiếp tục từ điểm mà nó bị ngừng. Bạn có thể làm thế, ví dụ như bằng cách chọn 'Tập đĩa' > 'Tiếp tục lại Quá trình bị Gián đoạn' từ thanh trình đơn của cửa sổ chính của VeraCrypt. Nếu bạn muốn vĩnh viễn chấm dứt hoặc đảo ngược quá trình mã hóa, chọn 'Hệ thống' > 'Vĩnh viễn Giải mã Phân vùng/Ổ đĩa Hệ thống'. + Bạn có muốn gián đoạn và dời lại quá trình giải mã của phân vùng/ổ đĩa hệ thống không?\n\nLưu ý: Bạn sẽ có thể tiếp tục lại quá trình và nó sẽ tiếp tục từ điểm mà nó bị ngừng. Bạn có thể làm thế, ví dụ như bằng cách chọn 'Hệ thống' > 'Tiếp tục lại Quá trình bị Gián đoạn' từ thanh trình đơn của cửa sổ chính của VeraCrypt. Nếu bạn muốn đảo ngược quá trình giải mã (và bắt đầu mã hóa), chọn 'Hệ thống' > ' Mã hóa Phân vùng/Ổ đĩa Hệ thống'. + Lỗi: Không gián đoạn quá trình mã hóa/giải mã của phân vùng/ổ đĩa hệ thống được. + Lỗi: Không gián đoạn quá trình tẩy được. + Lỗi: Không tiếp tục lại quá trình mã hóa/giải mã của phân vùng/ổ đĩa hệ thống được. + Lỗi: Không bắt đầu quá trình tẩy được. + Mâu thuẫn đã được giải quyết.\n\n\n(Nếu bạn báo một lỗi liên quan đến chuyện này, xin bao gồm tin tức kỹ thuật sau đây trong phần báo lỗi:\n%hs) + Lỗi: Trạng thái bất thường.\n\n\n(Nếu bạn báo một lỗi liên quan đến chuyện này, xin bao gồm tin tức kỹ thuật sau đây trong phần báo lỗi:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + CẢNH BÁO: Tác vụ Phụ của VeraCrypt bị tắt. Sau khi bạn ra khỏi VeraCrypt, bạn sẽ không được thông báo nếu tổn hại cho tập đĩa ẩn được ngăn cản.\n\nLưu ý: Bạn có thể tắt Tác vụ Phụ bất cứ lúc nào bằng cách nhấn phải biểu tượng khay và chọn 'Thoát ra'.\n\nBật Tác vụ Phụ của VeraCrypt lên không? + Phiên bản của bộ ngôn ngữ: %s + Đang kiểm soát hệ thống tập tin trong tập đĩa VeraCrypt được nạp như %s... + Đang thử sửa hệ thống tập tin trong tập đĩa VeraCrypt được nạp như %s... + Cảnh báo: Tập đĩa này được mã hóa với một thuật toán mã hóa thừa tự.\n\nTất cả các thuật toán mã hóa 64-bit-block (ví dụ như Blowfish, CAST-128, hay Triple DES) bị bãi bỏ. Sẽ không thể nào nạp tập đĩa này khi dùng những phiên bản tương lai của VeraCrypt. Tuy nhiên, sẽ không còn những tiến triển cho việc thực hiện những thuật toán mã hóa thừa tự này nữa. Chúng tôi khuyên bạn cấu tạo một tập đĩa VeraCrypt mới được mã hóa với một thuật toán mã hóa 128-bit-block (ví dụ như AES, Serpent, Twcủaish, v.v.) và dời tất cả các tập tin từ tập đĩa này sang tập đĩa mới. + Hệ thống của bạn không được cấu hình để tự-nạp các tập đĩa mới. Có thể nạp các tập đĩa VeraCrypt có thiết bị làm chủ được. Tự-nạp có thể được bật lên bằng cách thực thi lệnh sau đây và bắt đầu hệ thống lại.\n\nmountvol.exe /E + Xin gán một chữ hiệu ổ đĩa cho phân vùng/thiết bị trước khi tiến hành ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Cấu tạo và định dạng phân vùng đĩa cứng').\n\nLưu ý rằng đây là một yêu cầu của hệ điều hành. + Nạp tập đĩa VeraCrypt lên + Tháo tất cả các tập đĩa VeraCrypt xuống + VeraCrypt không lấy được những quyền Quản lý. + Quyền truy cập bị từ chối bởi hệ điều hành.\n\nNguyên nhân khả dĩ: Hệ điều hành yêu cầu bạn có quyền đọc/viết (hoặc quyền quản lý) cho một số thư mục, tập tin, và thiết bị, để bạn được quyền đọc và viết dữ liệu vào/từ chúng. Thông thường, một người dùng không có những quyền quản lý chỉ được được quyền cấu tạo, đọc và thay đổi những tập tin trong thư mục Documents của họ. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + Bộ tải Khởi nạp VeraCrypt cần ít nhất 32 KBytes phần trống ở khúc đầu của ổ đĩa hệ thống (Bộ tải Khởi nạp VeraCrypt cần được giữ trong khu vực đó). Không may, ổ đĩa của bạn không đạt được điều kiện này.\n\nXin ĐỪNG báo chuyện này là lỗi/vấn đề trong VeraCrypt. Để giải quyết vấn đề này, bạn sẽ cần phải phân vùng đĩa của bạn lại và chừa trống 32 KBytes đầu tiên của đĩa (trong đa số các trường hợp, bạn sẽ cần phải xóa và cấu tạo lại phân vùng đầu tiên). Chúng tôi đề nghị bạn sử dụng Microsoft phân vùng manager đang có sẵn ví dụ như khi bạn đang cài đặt Windows. + Tính năng không được hỗ trợ trong phiên bản của hệ điều hành mà bạn đang sử dụng. + VeraCrypt không hỗ trợ việc mã hóa một phân vùng/ổ đĩa hệ thống trong phiên bản của hệ điều hành mà bạn đang sử dụng. + Trước khi bạn có thể mã hóa phân vùng/ổ đĩa hệ thống trong Windows Vista, bạn cần cài đặt Service Pack 1 hoặc cao hơn cho Windows Vista (chưa có Service Pack nào như thế đã được cài đặt trong hệ thống này).\n\nLưu ý: Service Pack 1 cho Windows Vista giải quyết một vấn đề gây nên sự thiếu hụt bộ nhớ trống trong khi khởi nạp hệ thống. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Lỗi: Tính năng này cần VeraCrypt được cài đặt trong hệ thống của bạn (bạn đang cho VeraCrypt chạy trong dạng lưu động).\n\nXin cài đặt VeraCrypt và sau đó thử lại. + CẢNH BÁO: Dường như Windows không được cài đặt trong ổ đĩa nơi mà nó khởi nạp. Việc này không được hỗ trợ.\n\nBạn chỉ nên tiếp tục nếu bạn chắc là Windows được cài đặt trong ổ đĩa nơi mà nó khởi nạp.\n\nBạn có muốn tiếp tục không? + Ổ đĩa hệ thống của bạn có một bảng phân vùng GUID (GPT). Hiện tại, chỉ có những ổ đĩa với bảng phân vùng MBR được hỗ trợ. + CHÚ Ý: Bộ tải Khởi nạp VeraCrypt đã được cài đặt trong ổ đĩa hệ thống của bạn!\n\nCó thể một hệ thống khác trong máy của bạn đã được mã hóa.\n\nCẢNH BÁO: TIẾN HÀNH VIỆC MÃ HÓA HỆ THỐNG ĐANG ĐƯỢC CHẠY CÓ THỂ LÀM CHO (CÁC) HỆ THỐNG KHÁC KHÔNG TÀI NÀO BẮT ĐẦU ĐƯỢC VÀ DỮ LIỆU LIÊN HỆ KHÔNG TRUY CẬP ĐƯỢC.\n\nBạn có chắc là bạn muốn tiếp tục không? + Không thể phục hồi bộ tải hệ thống nguyên thủy.\n\nXin sử dụng Đĩa Cứu hộ VeraCrypt ('Tùy chọn Sửa chửa' > 'Phục hồi bộ tải hệ thống nguyên thủy') hoặc môi trường cài đặt Windows để thay thế Bộ tải Khởi nạp VeraCrypt với bộ tải hệ thống Windows. + Bộ tải hệ thống nguyên thủy sẽ không được giữ trong Đĩa Cứu hộ (lý do có thể là tập tin sao lưu bị mất). + Không viết vào khu vực MBR được.\n\nBIOS của bạn có thể được cấu hình để bảo vệ khu vực MBR. Kiểm soát những thiết đặt BIOS của bạn (bấm F2, Xóa, hay Esc, sau khi bật máy của bạn lên) xem coi có bảo vệ MBR/chống vi-rút. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + Phiên bản cần có của Bộ tải Khởi nạp VeraCrypt hiện không đang được cài đặt. Việc này có thể ngăn cản sự lưu trữ một số thiết lập. + Lưu ý: Trong một vài trường hợp, bạn có thể muốn ngăn cản một người (đối phương) đang nhìn xem bạn bắt đầu máy điện toán không cho biết là bạn sử dụng VeraCrypt. Những tùy chọn bên trên cho phép bạn làm như thế bằng cách đặc chế màn ảnh bộ tải khởi nạp của VeraCrypt. Nếu bạn bật tùy chọn thứ nhất lên, không có chữ nào sẽ được hiển thị bởi bộ tải khởi nạp (ngay cả khi bạn đánh mật mã sai vào). Máy điện toán sẽ nhìn giống như đang bị "ngưng đọng" trong lúc bạn có thể đánh mật mã của bạn vào. Thêm vào đó, một thông điệp riêng có thể được hiển thị để đánh lạc đối phương. Ví dụ như những thông điệp lỗi giả như "Mất hệ điều hành" (thường được hiển thị bởi bộ tải khởi nạp của Windows nếu nó không tìm được phân vùng khởi động Windows). Tuy nhiên, điều quan trọng cần lưu ý là nếu đối phương có thể phân tích nội dung của đĩa cứng thì họ vẫn có thể tìm được là nó có chứa bộ tải khởi nạp của VeraCrypt. + CẢNH BÁO: Xin nhớ là bạn bật tùy chọn này lên, bộ tải khởi nạp của VeraCrypt sẽ không hiển thị bất cứ chữ nào (ngay cả khi bạn đánh mật mã sai vào). Máy điện toán sẽ nhìn giống như đang bị "ngưng đọng" (không đáp lại) trong lúc bạn có thể đánh mật mã của bạn vào (con trỏ sẽ KHÔNG di chuyển và sẽ không có dấu sao nào được hiển thị khi bạn bấm một phím).\n\nBạn có chắc là bạn muốn bật tùy chọn này lên không? + Dường như phân vùng/ổ đĩa hệ thống của bạn đã được hoàn toàn mã hóa. + VeraCrypt không hỗ trợ việc mã hóa một ổ đĩa hệ thống đã được biến thành một đĩa động. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Bạn có muốn mã hóa phân vùng hệ thống thay vì toàn bộ ổ đĩa không?\n\nLưu ý là bạn có thể cấu tạo các tập đĩa VeraCrypt có phân vùng-làm chủ bên trong bất cứ phân vùng vô hệ nào trong ổ đĩa (thêm vào chuyện mã hóa phân vùng hệ thống). + Vì ổ đĩa hệ thống của bạn chỉ có chứa một phân vùng đơn độc mà chiếm cả ổ đĩa, tốt hơn (an toàn hơn) là mã hóa toàn bộ ổ đĩa kể cả khoảng trống "slack" mà thường bao quanh một phân vùng như thế.\n\nBạn có muốn mã hóa toàn bộ ổ đĩa hệ thống không? + Hệ thống của bạn đưọc cấu hình để lưu giữ những tập tin tạm thời trong một phân vùng vô hệ.\n\nNhững tập tin tạm thời chỉ có thể được lưu giữ trong phân vùng hệ thống. + Những tập tin cho hồ sơ người dùng của bạn không được lưu giữ trong phân vùng hệ thống.\n\nCác tập tin cho hồ sơ người dùng chỉ có thể được lưu giữ trong phân vùng hệ thống. + Có (những) tập tin phân trang trong những phân vùng vô hệ.\n\nCác tập tin phân trang chỉ có thể tìm thấy trong phân vùng hệ thống. + Bạn có muốn cấu hình Windows để cấu tạo những tập tin phân trang chỉ trong phân vùng của Windows bây giờ không?\n\nLưu ý là nếu bạn nhấn 'Có', máy điện toán sẽ được bắt đầu lại. Sau đó bắt đầu VeraCrypt và thử cấu tạo OS ẩn lần nữa. + Không thôi, sự phủ nhận hợp lý của hệ điều hành ẩn có thể bị ảnh hưởng bất lợi.\n\nLưu ý: Nếu một đối phương phân tích nội dung những của tập tin như thế (nằm trong một phân vùng vô hệ), họ có thể tìm ra được là bạn đã dùng trợ lý này trong phương thức cấu tạo-hệ thống-ẩn (điều này có thể cho thấy có sự xuất hiện của một hệ điều hành ẩn trong máy điện toán của bạn). Đồng thời cũng lưu ý là bất cứ tập tin nào như thế được lưu giữ trong phân vùng hệ thống sẽ được xóa tẩy một cách an toàn bởi VeraCrypt trong quá trình cấu tạo của hệ điều hành ẩn. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + Vì những lý do bảo mật, nếu hệ điều hành hiện đang chạy cần kích hoạt thì nó phải được kích hoạt trước khi tiến hành. Lưu ý là hệ điều hành ẩn sẽ được cấu tạo bằng cách chép nội dung của phân vùng hệ thống vào một tập đĩa ẩn (vì thế nếu hệ điều hành này không được kích hoạt thì hệ điều hành ẩn cũng sẽ không được kích hoạt luôn). Để có thêm tin tức, xem phần "Những Yêu cầu và Đề phòng Bảo mật Liên quan đến những Tập đĩa ẩn" trong Hướng dẫn cho Người dùng của VeraCrypt.\n\nQuan trọng: Trước khi tiến hành, xin đảm bảo là bạn đã đọc phần "Những Yêu cầu và Đề phòng Bảo mật Liên quan đến những Tập đĩa ẩn" trong Hướng dẫn cho Người dùng.\n\n\nHệ điều hành hiện đang chạy có đạt được điều kiện bên trên không? + Hệ thống của bạn dùng thêm một phân vùng khởi động. VeraCrypt không hỗ trợ vô động trong những hệ điều hành ẩn mà sử dụng thêm một phân vùng khởi động (hệ thốngs nghi trang có thể được vô động mà không gặp vấn đề gì cả).\n\nXin lưu ý là phân vùng khởi động sẽ được xài chung bởi cả hệ nghi trang lẫn hệ ẩn. Vì vậy, để ngăn cản những thất thoát và vấn đề của dữ liệu trong lúc bắt đầu lại từ sự vô động, VeraCrypt phải ngăn cản hệ ẩn viết vào phân vùng khởi động xài chung và vào trạng thái vô động.\n\n\nBạn có muốn tiếp tục không? Nếu bạn chọn 'Không', những chỉ dẫn để tháo bỏ phân vùng khởi động thêm sẽ được hiển thị. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Cảnh báo: Có chỗ trống chưa phân phát giữa phân vùng hệ thống và phân vùng đầu tiên phía sau nó. Sau khi bạn cấu tạo hệ điều hành ẩn, bạn không được cấu tạo bất cứ phân vùng mới nào trong chỗ trống chưa phân phát đó. Không thôi, hệ điều hành ẩn sẽ không thể nào khởi động được (cho đến khi bạn xóa bỏ những phân vùng được cấu tạo như thế). + Thuật toán này hiện không được hỗ trợ cho việc mã hóa hệ thống. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Các tập tin khóa hiện không được hỗ trợ cho việc mã hóa hệ thống. + Cảnh báo: VeraCrypt không thể hồi phục bố trí bàn phím gốc được. Chuyện này có thể làm cho bạn đánh mật mã không đúng vào. + Lỗi: Không thể thiết đặt bố trí bàn phím cho VeraCrypt thành bố trí bàn phím căn bản của Mỹ được.\n\nLưu ý là mật mã cần được đánh vào trong môi trường tiền khởi động (trước khi Windows bắt đầu) lúc mà bố trí bàn phím Windows không phải của Mỹ không có sẵn. Vì vậy, mật mã phải luôn luôn được đánh vào dùng bố trí bàn phím căn bản của Mỹ. + Vì VeraCrypt đã tạm thời thay đổi bố trí bàn phím thành bố trí bàn phím căn bản của Mỹ, nên không thể đánh các ký tự bằng cách nhấn bấm các phím trong lúc phím Alt bên phải đang được giữ xuống. Tuy nhiên, bạn có thể đánh đa số những ký tự như thế bằng cách bấm các phím thích hợp trong lúc phím Shift đang được giữ xuống. + VeraCrypt ngăn cản sự thay đổi của bố trí bàn phím . + Lưu ý: Mật mã sẽ cần được đánh vào trong môi trường tiền khởi động (trước khi Windows bắt đầu) lúc mà bố trí bàn phím Windows không phải của Mỹ không có sẵn. Vì vậy, mật mã phải luôn luôn được đánh vào dùng bố trí bàn phím căn bản của Mỹ. Tuy nhiên, chuyện quan trọng cần lưu ý là bạn KHÔNG cần một bàn phím thật của Mỹ. VeraCrypt tự động đảm bảo là bạn có thể đánh mật mã một cách an toàn (ngay bây giờ và trong môi trường tiền khởi động) ngay cả nếu bạn KHÔNG có một bàn phím thật của Mỹ. + Trước khi bạn có thể mã hóa phân vùng/ổ đĩa, bạn phải cấu tạo một Đĩa Cứu hộ VeraCrypt (VRD) để dùng cho những mục đích sau đây:\n\n- Nếu Bộ tải Khởi nạp của VeraCrypt, khóa chính, hoặc những dữ liệu trọng yếu bị tổn hại thì VRD để cho bạn hồi phục nó (tuy nhiên lưu ý là bạn sẽ vẫn phải nhập mật mã đúng vào).\n\n- Nếu Windows bị tổn hại và không thể bắt đầu, VRD để cho bạn giải mã phân vùng/ổ đĩa vĩnh viễn trước khi Windows bắt đầu.\n\n- VRD sẽ có chứa một bản sao của nội dung hiện tại của phần đường đầu tiên của ổ đĩa (cái mà thường có chứa một hệ thống khởi nạp hoặc hàm quản lý khởi động) và sẽ để cho bạn hồi phục nếu cần thiết.\n\nBản ảnh ISO của Đĩa Cứu hộ VeraCrypt sẽ được cấu tạo ở vị trí xác định bên dưới. + Sau khi bạn nhấn OK, Microsoft Windows Disc Image Burner sẽ được khởi chạy. Xin sử dụng nó để sang bản ảnh ISO của Đĩa Cứu hộ VeraCrypt qua một CD hay DVD.\n\nSau khi bạn làm thế, trở lại Trợ lý Cấu tạo Tập đĩa VeraCrypt và theo những hướng dẫn của nó. + Bản ảnh của Đĩa Cứu hộ đã được cấu tạo và lưu trữ trong tập tin này:\n%s\n\nBây giờ bạn cần sang nó qua một CD hay DVD.\n\n%lsSau khi bạn sang Đĩa Cứu hộ rồi, nhấn Kế tiếp để xác nhận là nó đã đuợc sang đúng cách. + Bản ảnh của Đĩa Cứu hộ đã được cấu tạo và lưu trữ trong tập tin này:\n%s\n\nBây giờ bạn nên sang bản ảnh qua một CD/DVD hoặc or di chuyển nó qua một vị trí an toàn để sử dụng sau này.\n\n%lsNhấn Kế tiếp để tiếp tục. + QUAN TRỌNG: Lưu ý là tập tin phải được viết vào CD/DVD như là một bản ảnh ISO của đĩa (chứ không phải như là một tập tin cá nhân). Để có hướng dẫn làm như thế nào, xin tham khảo tài liệu của nhu liệu thâu CD/DVD của bạn. Nếu bạn không có nhu liệu thâu CD/DVD nào có thể viết bản ảnh ISO của đĩa vào một CD/DVD, nhấn liên kết bên dưới để tải nhu liệu miễn phí như thế xuống.\n\n + Khởi chạy Microsoft Windows Disc Image Burner + CẢNH BÁO: Nếu bạn đã cấu tạo một Đĩa Cứu hộ VeraCrypt trong quá khứ, nó không thể đuợc dùng lại cho phân vùng/ổ đĩa hệ thống này vì nó được cấu tạo cho một khóa chính khác! Mỗi khi bạn mã hóa một phân vùng/ổ đĩa hệ thống, bạn phải cấu tạo một Đĩa Cứu hộ VeraCrypt mới cho nó ngay cả nếu bạn sử dụng cùng một mật mã. + Lỗi: Không thể lưu trữ những thiết lập mã hóa hệ thống. + Không thể khởi đầu tiền thử nghiệm của mã hóa hệ thống. + Không thể khởi đầu quá trình cấu tạo hệ điều hành ẩn. + Phương thức Tẩy + Trong một vài loại môi trường chứa, khi các dữ liệu bị viết chòng lên với những dữ liệu khác, các dữ liệu bị viết chòng lên có thể được khôi phục lại bằng cách dùng những kỹ thuật như microscopy lực từ trường. This also applies to data that are overwritten with their mã hóa form (which happens when VeraCrypt initially encrypts một unmã hóa phân vùng or ổ đĩa). Dựa theo một vài nghiên cứu và công bố của chính phủ, sự khôi phục của các dữ liệu bị viết chòng lên có thể được cản trở (hoặc làm cho rất khó khăn) bằng cách viết chòng các dữ liệu với dữ liệu pseudorandom và non-random một số lần nhất định. Vì vậy, nếu bạn tin là một đối phương có thể dùng những kỹ thuật như thế để khôi phục lại các dữ liệu bạn intend mã hóa, bạn có thể chọn một trong những phương thức tẩy (existing data will NOT be lost). Lưu ý là sự tẩy will NOT be performed after the phân vùng/ổ đĩa is mã hóa. When the phân vùng/ổ đĩa is fully mã hóa, no unmã hóa data is written to it. Any data being written to it is first mã hóa ngay khi cần in memory and only then is the (mã hóa) data written to the disk. + Trong một vài loại môi trường chứa, khi các dữ liệu bị viết chòng lên với những dữ liệu khác (ví dụ như khi dữ liệu bị xóa mất), các dữ liệu bị viết chòng lên có thể được khôi phục lại bằng cách dùng những kỹ thuật như microscopy lực từ trường. Dựa theo một vài nghiên cứu và công bố của chính phủ, sự khôi phục của các dữ liệu bị viết chòng lên có thể được cản trở (hoặc làm cho rất khó khăn) bằng cách viết chòng các dữ liệu với dữ liệu pseudorandom và non-random một số lần nhất định. Vì vậy, nếu bạn tin là một đối phương có thể dùng những kỹ thuật như thế để khôi phục lại các dữ liệu đáng được xóa mất, bạn có thể chọn một trong những phương thức tẩy nhiều-pass.\n\nLưu ý: Bạn càng sử dụng nhiều pass tẩy chừng nào thì sẽ nó sẽ mất lâu hơn để xóa mất các dữ liệu. + Đang tẩy + \nLưu ý: Bạn có thể gián đoạn quá trình của việc tẩy, tắt máy điện toán của bạn, bắt đầu hệ ẩn lại và sau đó tiếp tục lại quá trình (trợ lý này sẽ được tự động khởi chạy). Tuy nhiên, nếu bạn gián đoạn nó, toàn bộ quá trình của việc tẩy sẽ phải bắt đầu lại từ đầu. + \n\nLưu ý: Nếu bạn gián đoạn quá trình tẩy và thử tiếp tục lại thì cả quá trình sẽ phải bắt đầu lại từ đầu. + Bạn có muốn hủy bỏ quá trình tẩy không? + Cảnh báo: Toàn bộ nội dung của phân vùng/thiết bị được chọn sẽ bị xóa và mất đi. + Toàn bộ nội dung của phân vùng nơi mà hệ thống gốc nằm sẽ bị xóa đi.\n\nLưu ý: Toàn bộ nội dung của phân vùng mà bị xóa đi đã được sao chép vào phân vùng của hệ ẩn này. + CẢNH BÁO: Lưu ý là khi bạn chọn ví dụ như phương thức tẩy 3-bước, thời gian cần thiết để mã hóa phân vùng/ổ đĩa sẽ lâu hơn gấp 4 lần. Tương tự, nếu bạn chọn phương thức tẩy 35-bước, nó sẽ lâu hơn gấp 36 lần (nó có thể mất một vài tuần).\n\nTuy nhiên, xin lưu ý là việc tẩy sẽ KHÔNG được thực hiện sau khi phân vùng/ổ đĩa được hoàn toàn mã hóa. Khi phân vùng/ổ đĩa được hoàn toàn mã hóa, dữ liệu không được mã hóa sẽ không được viết vào nó. Bâ;t cứ dữ liệu nào được viết vào nó trước tiên được mã hóa ngay khi cần trong bộ nhớ và chỉ sau đó dữ liệu (mã hóa) mới được viết vào đĩa (vì thế hiệu suất sẽ KHÔNG bị ảnh hưởng).\n\nBạn có chắc là bạn muốn sử dụng phương thức tẩy không? + Không có (fastest) + 1-pass (random data) + 3-pass (US DoD 5220.22-M) + 7-pass (US DoD 5220.22-M) + 35-pass ("Gutmann") + 256-pass + Số Hệ Điều hành + CẢNH BÁO: Người dùng không kinh nghiệm không bao giờ nên thử mã hóa Windows theo cấu hình khởi động đa hệ.\n\nTiếp tục không? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Ổ đĩa Khởi động + Hệ điều hành đang chạy hiện thời có được cài đặt trong ổ đĩa khởi động không?\n\nLưu ý: Đôi khi Windows không được cài đặt trong cùng ổ đĩa chung với bộ nạp khởi động của Windows bộ tải khởi nạp (phân vùng khởi động). Trong trường hợp như thế, chọn 'Không'. + VeraCrypt hiện tại không hỗ trợ việc mã hóa một hệ điều hành mà không khởi động từ ổ đĩa nơi nó được cài đặt. + Số Ổ đĩa Hệ thống + Có bao nhiêu ổ đĩa có chứa một hệ điều hành?\n\nLưu ý: Ví dụ nếu như bạn có bất cứ hệ điều hành nào(như Windows, Mac OS X, Linux, v.v.) được cài đặt trong ổ đĩa chính của bạn và một hệ điều hành khác được cài đặt trong ổ đĩa phụ của bạn thì chọn '2 hay hơn'. + VeraCrypt hiện tại không hỗ trợ việc mã hóa cả một ổ đĩa có chứa nhiều hệ điều hành.\n\nNhững Giải pháp Có thể:\n\n- Bạn vẫn có thể mã hóa một trong các hệ thống nếu bạn đi ngược lại và chọn chỉ mã hóa một hệ thống phân vùng đơn độc (thay vì chọn mã hóa toàn bộ ổ đĩa hệ thống).\n\n- Ngoài ra, bạn sẽ có thể mã hóa toàn bộ ổ đĩa nếu bạn dời một vài hệ thống qua những ổ đĩa khác và chỉ để một hệ thống trong ổ đĩa mà bạn muốn mã hóa. + Đa Hệ trong Ổ đĩa Đơn + Có hệ điều hành nào khác được cài đặt trong ổ đĩa hệ điều hành đang chạy được cài đặt không?\n\nLưu ý: Ví dụ như nếu hệ điều hành đang chạy được cài đặt trong ổ đĩa #0, nơi mà có chứa một số phân vùng, và nếu một trong các phân vùng có chứa Windows và một phân vùng khác có chứa bất cứ hệ điều hành khác (ví dụ như Windows, Mac OS X, Linux, v.v.), chọn 'Có'. + Bộ tải Khởi nạp Không phải của Windows + Có một bộ tải khởi nạp nào không phải của Windows (hoặc hàm quản lý khởi động) được cài đặt trong hồ sơ khởi động chính (MBR) không?\n\nLưu ý: Ví dụ như nếu phần đường đầu tiên của ổ đĩa khởi động có chứa GRUB, LILO, XOSL, hoặc vài hàm quản lý khởi động không phải của Windows (hoặc bộ tải khởi nạp), chọn 'Có'. + Khởi động Đa hệ + VeraCrypt hiện tại không hỗ trợ cấu hình đa-khởi động nơi một bộ tải khởi nạp không phải của Windows được cài đặt trong Hồ sơ Khởi động Chính.\n\nNhững Giải pháp Có thể:\n\n- Nếu bạn sử dụng một hàm quản lý khởi động để khởi động Windows và Linux, dời hàm quản lý khởi động (thông thường là GRUB) từ Hồ sơ Khởi động Chính đến một phân vùng. Sau đó bắt đầu trợ lý này lại và mã hóa phân vùng/ổ đĩa hệ thống. Lưu ý là Bộ tải Khởi nạp của VeraCrypt sẽ trở thành hàm quản lý khởi động chủ yếu của bạn và nó sẽ cho phép bạn khởi chạy hàm quản lý khởi động gốc (ví dụ như GRUB) như là hàm quản lý khởi động phụ của bạn (bằng cách bấm Esc trong màn ảnh Bộ tải Khởi nạp của VeraCrypt) và vì vậy bạn sẽ có thể khởi động Linux. + Nếu hệ điều hành hiện đang chạy được cài đặt trong phân vùng khởi động thì sau khi bạn mã hóa nó, bạn sẽ cần phải nhập mật mã đúng vào ngay cả nếu bạn muốn bắt đầu bất cứ hệ thống Windows chưa mã hóa nào khác (vì chúng sẽ xài chung một bộ tải khởi nạp/hàm quản lý đơn độc của Windows được mã hóa).\n\nNgược lại, nếu hệ điều hành đang chạy không được cài đặt trong phân vùng khởi động (hoặc nếu bộ tải khởi nạp/hàm quản lý của Windows không được dùng bởi bất cứ hệ thống nào khác) thì sau khi bạn mã hóa hệ thống này, bạn sẽ không cần phải nhập mật mã đúng vào để khởi động (các) hệ thống chưa được mã hóa khác -- bạn sẽ chỉ cần bấm phím Esc để bắt đầu giải mã hệ thống (nếu có nhiều hệ thống chưa được mã hóa thì bạn sẽ cũng cần phải chọn hệ thống nào để bắt đầu trong trình đơn của Hàm quản lý Khởi động của VeraCrypt).\n\nLưu ý: Thông thường thì hệ thống Windows được cài đặt trước nhất thì được cài đặt trong phân vùng khởi động. + Mã hóa Vùng được Chủ Bảo vệ + Ở phía cuối của nhiều ổ đĩa, có một vùng thường được ẩn khỏi hệ điều hành (những vùng như thế thường được nhắc đến như là những Vùng được Chủ Bảo vệ). Tuy nhiên, một vài chương trình có thể đọc và viết dữ liệu từ/vào những vùng như thế.\n\nCẢNH BÁO: Một vài nhà sản xuất máy điện toán có thể dùng những vùng như thế để lưu trữ các công cụ và dữ liệu cho RAID, hệ thống phục hồi, hệ thống thiết lập, chẩn đoán, hay những mục đích khác. Nếu such các công cụ và dữ liệu như thế phải được truy cập trước khi khởi động, vùng ẩn KHÔNG nên được mã hóa (chọn 'No' bên trên).\n\nBạn có muốn VeraCrypt truy kiếm và mã hóa một vùng ẩn như thế (nếu có) ở phía cuối của ổ đĩa hệ thống không? + Loại Giải Mã Hệ Thống + Chọn tùy chọn này nếu bạn muốn giải mã phân vùng hệ thống hoặc toàn bộ đĩa hệ thống. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hệ Điều Hành Ẩn + Trong các bước sau đây, bạn sẽ cấu tạo hai tập đĩa VeraCrypt (bên ngoài và ẩn) trong phân vùng đầu tiên phía sau phân vùng hệ thống. Tập đĩa ẩn có chứa hệ điều hành tiềm ẩn (OS). VeraCrypt sẽ cấu tạo hệ điều hành ẩn bằng cách sao chép nội dung của phân vùng hệ thống (nơi hệ điều hành hiện đang chạy được cài đặt) tới tập đĩa ẩn. Cho tập đĩa bên ngoài, bạn sẽ sao chép một số tập tin nhìn như nhạy cảm mà bạn thực sự không muốn để ẩn. Chúng sẽ ở đó cho bất cứ ai buộc bạn phải tiết lộ mật mã cho phân vùng hệ điều hành ẩn. Bạn có thể tiết lộ mật mã cho các tập đĩa bên ngoài trong hệ điều hành phân vùng ẩn (sự hiện hữu của hệ điều hành ẩn vẫn là bí mật).\n\nCuối cùng, trên phân vùng hệ thống của hệ điều hành đang chạy, bạn sẽ cài đặt một hệ điều hành mới, gọi là hệ điều hành nghi trang , và mã hóa nó. Nó không được chứa dữ liệu nhạy cảm và sẽ ở đó cho bất cứ ai ép buộc bạn để lộ mật mã chứng thực tiền khởi động. Tổng số, sẽ có ba mật mã. Hai trong số đó có thể được công bố (cho hệ điều hành nghi trang và tập đĩa bên ngoài). Nếu bạn sử dụng mật mã thứ ba, hệ điều hành ẩn sẽ khởi động. + Phát hiện các Khu vực Ẩn + Xin chờ trong khi VeraCrypt đang phát hiện những khu vực có thể ẩn ở phần cuối của ổ đĩa hệ thống. Ghi chú rằng có thể mất một thời gian dài để hoàn thành.\n\nLưu ý: Trong vài trường hợp rất hiếm, trên một số máy điện toán, hệ thống có thể trở thành không phản hồi trong quá trình phát hiện này. Nếu điều đó xảy ra, khởi động lại máy điện toán, bắt đầu VeraCrypt, lặp lại các bước trên nhưng bỏ qua quá trình này phát hiện. Lưu ý là vấn đề này không phải là do một lỗi trong VeraCrypt. + Khu vực để Mã hóa + Chọn tùy chọn này nếu bạn muốn mã hóa toàn bộ ổ đĩa mà hệ thống Windows đang chạy được cài đặt. Toàn bộ ổ đĩa, bao gồm tất cả các phân vùng của nó, sẽ được mã hóa, ngoại trừ phần đường đầu tiên mà các Bộ tải Khởi nạp VeraCrypt sẽ cư trú. Những người muốn truy cập một hệ thống được cài đặt trên ổ đĩa, hoặc các tập tin được lưu trữ trên ổ đĩa, sẽ cần phải nhập đúng mật mã mỗi lần trước khi hệ thống bắt đầu. Tùy chọn này không thể được sử dụng để mã hóa một ổ đĩa thứ cấp hoặc bên ngoài nếu Windows không được cài đặt trên nó và không khởi động từ nó. + Thu thập Dữ liệu Ngẫu nhiên + Các Khóa đã được Tạo ra + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Ghi Đĩa Cứu hộ + Đĩa Cứu hộ đã được cấu tạo + Dự bị thử nghiệm Hệ thống mã hóa + Đĩa Cứu hộ đã được xác nhận + \n\nĐĩa Cứu hộ VeraCrypt đã được xác nhận thành công. Xin gỡ bỏ nó từ ổ đĩa hiện nay và lưu trữ nó trong một nơi an toàn.\n\nNhấn Kế tiếp để tiếp tục + CẢNH BÁO: Trong các bước kế tiếp, Đĩa Cứu hộ VeraCrypt không được ở trong ổ đĩa. Không thôi, nó sẽ không thể hoàn tất các bước chính xác.\n\nXin lấy nó ra khỏi ổ đĩa bây giờ và lưu trữ nó trong một nơi an toàn. Sau đó bấm OK. + Cảnh báo: Do hạn chế kỹ thuật của môi trường trước khi khởi động, văn bản được hiển thị bởi VeraCrypt trong môi trường trước khi khởi động (tức là trước khi bắt đầu Windows) không thể được bản địa hóa. Các giao diện người dùng Bộ tải Khởi nạp VeraCrypt hoàn toàn bằng tiếng Anh.\n\nTiếp tục không? + Trước khi mã hóa các phân vùng hệ thống hoặc ổ đĩa của bạn, VeraCrypt cần xác minh rằng tất cả mọi chuyện hoạt động chính xác. \n\nSau khi bạn nhấn vào Thử, tất cả các thành phần cần thiết (ví dụ như thành phần chứng thực tiền khởi động, tức là Bộ tải Khởi nạp VeraCrypt) sẽ được cài đặt và máy điện toán của bạn sẽ được khởi động lại. Sau đó, bạn sẽ phải nhập mật mã của bạn trong màn hình Bộ tải Khởi nạp VeraCrypt mà nó sẽ xuất hiện trước khi Windows khởi động. Sau khi Windows khởi động, bạn sẽ được tự động thông báo về kết quả của cuộc tiền thử nghiệm này.\n\n Thiết bị sau đây sẽ được sửa đổi: Ổ đĩa #%d\n\n\nNếu bạn nhấn vào Hủy bây giờ, không có gì sẽ được cài đặt và tiền thử nghiệm sẽ không được thực hiện. + LƯU Ý QUAN TRỌNG -- XIN ĐỌC HOẶC IN (nhấn vào 'In'):\n\nLưu ý là không có tập tin nào của bạn sẽ được mã hóa trước khi bạn khởi động lại máy điện toán của bạn thành công và bắt đầu Windows. Vì thế, nếu bất cứ điều gì thất bại, dữ liệu của bạn sẽ KHÔNG bị mất. Tuy nhiên, nếu một cái gì đó đi sai, bạn có thể gặp khó khăn khi khởi động Windows. Vì vậy, hãy đọc (và nếu có thể, in) các hướng dẫn sau đây về những gì cần làm nếu Windows không thể bắt đầu sau khi bạn khởi động lại máy điện toán.\n\n + Cần Làm Gì Nếu Windows Không thể Khởi động\n----------------------------------------------------\n\nLưu ý: Những chỉ dẫn có giá trị chỉ khi bạn chưa bắt đầu mã hóa.\n\n-Nếu Windows không khởi động sau khi bạn nhập đúng mật mã (hoặc nếu bạn liên tục nhập đúng mật mã nhưng VeraCrypt cho biết mật mã là không chính xác), đừng lo. Khởi động lại (tắt nguồn và trên) máy điện toán, và trong màn hình Bộ tải Khởi nạp VeraCrypt, bấm phím Esc trên bàn phím của bạn (và nếu bạn có nhiều hệ thống, chọn để bắt đầu). Sau đó Windows sẽ bắt đầu (miễn là nó không phải là mật mã) và VeraCrypt sẽ tự động hỏi bạn có muốn bỏ cài đặt các thành phần chứng thực tiền khởi động. Lưu ý là các bước trước đó KHÔNG làm việc nếu hệ thống phân vùng / ổ đĩa được mã hóa (không ai có thể bắt đầu Windows hoặc truy cập mã hóa dữ liệu trên ổ đĩa mà không có mật mã chính xác ngay cả khi người đó đi theo các bước trước đó).\n\n + - Nếu các bước trước đó không giúp đỡ hoặc nếu màn hình Bộ tải Khởi nạp VeraCrypt không xuất hiện (trước khi bắt đầu Windows), bỏ Đĩa Cứu hộ VeraCrypt vào đĩa CD/DVD ổ đĩa và khởi động lại máy điện toán của bạn. Nếu Đĩa Cứu hộ VeraCrypt màn hình không xuất hiện (hoặc nếu bạn không nhìn thấy mục "Tùy chọn Sửa chữa 'trong phần' Bàn phím điều khiển 'của màn hình VeraCrypt Đĩa Cứu hộ), có thể là BIOS của bạn được cấu hình để thử khởi động từ ổ đĩa cứng trước khi chạy CD/DVD. Nếu đó là trường hợp, khởi động lại máy điện toán của bạn, nhấn F2 hoặc Xóa (ngay sau khi bạn thấy màn hình BIOS bắt đầu-lên), và đợi cho đến khi một màn hình cấu hình BIOS xuất hiện. Không thôi có màn hình cấu hình BIOS xuất hiện, khởi động lại (đạt lại) lại máy điện toán và bắt đầu nhấn F2 hoặc Xóa liên tục ngay sau khi bạn khởi động lại (reset) máy điện toán. Khi một màn hình cấu hình BIOS xuất hiện, cấu hình BIOS để khởi động từ CD/DVD ổ đĩa đầu tiên (để có hướng dẫn làm như thế nào, xin tham khảo tài liệu cho BIOS của bạn / bo mạch chủ hoặc liên hệ với ban hỗ trợ kỹ thuật từ nhà cung cấp máy điện toán của bạn của để được hỗ trợ). Sau đó khởi động lại máy điện toán của bạn. Các Đĩa Cứu hộ VeraCrypt màn hình sẽ xuất hiện ngay bây giờ. Trong màn hình Đĩa Cứu hộ VeraCrypt, chọn "Tùy chọn Sửa chữa 'bằng cách nhấn F8 trên bàn phím. Từ trình đơn 'Tùy chọn Sửa chữa', chọn 'Khôi phục hệ thống bộ nạp bản gốc. Sau đó, loại bỏ các Đĩa Cứu hộ từ ổ CD/DVD ổ đĩa và khởi động lại máy điện toán của bạn. Windows sẽ bắt đầu thông thường (với điều kiện là nó không phải là mật mã).\n\n + Lưu ý là các bước trước đó KHÔNG làm việc nếu hệ thống phân vùng / ổ đĩa được mã hóa (không ai có thể bắt đầu Windows hoặc truy cập mã hóa dữ liệu trên ổ đĩa mà không có mật mã chính xác ngay cả khi người đó làm theo các bước trước đó). \n\n\nLưu ý là ngay cả khi bạn bị mất Đĩa Cứu hộ VeraCrypt của bạn và kẻ tấn công tìm thấy nó, họ sẽ không thể giải mã các phân vùng hệ thống hoặc ổ đĩa mà không có mật mã chính xác. + Dự bị thử nghiệm đã hoàn thành + Dự bị thử nghiệm đã được hoàn tất thành công.\n\nCẢNH BÁO: Xin lưu ý là nếu cung cấp điện bị gián đoạn đột ngột trong khi mã hóa dữ liệu hiện có tại chỗ, hoặc khi hệ điều hành bị hỏng do lỗi phần mềm hoặc trục trặc phần cứng trong khi VeraCrypt đang mã hóa dữ liệu hiện có tại chỗ, các phần của dữ liệu sẽ bị hỏng hoặc bị mất. Vì vậy, trước khi bắt đầu mã hóa, hãy chắc chắn rằng bạn đã sao lưu dự phòng dữ liệu mà bạn muốn mã hóa. Không thôi, xin sao lưu các tập tin ngay bây giờ (bạn có thể nhấn Hoãn, Sao lưu các tập tin, sau đó chạy VeraCrypt lại bất cứ lúc nào, và chọn 'Hệ thống'> 'Tiếp tục lại quá trình bị gián đoạn' để bắt đầu mã hóa). \n\nKhi đã sẵn sàng, nhấn Mã hóa để bắt đầu mã hóa. + Bạn có thể nhấn vào Tạm dừng hoặc Trì hoãn bất cứ lúc nào để gây ngăn cản quá trình mã hóa hay giải mã, đi ra thuật này, khởi động lại hoặc tắt máy điện toán của bạn, và sau đó tiếp tục lại quá trình, mà sẽ tiếp tục từ chổ nó đã được ngừng lại. Để ngăn cản suy giảm khi hệ thống hoặc các ứng dụng viết hoặc đọc dữ liệu từ hệ thống ổ đĩa, tự động VeraCrypt đợi cho đến khi dữ liệu được viết hoặc đọc (xem Status trên) và sau đó tiếp tục tự động mã hóa hoặc giải mã. + \n\nBạn có thể nhấn vào Tạm dừng hoặc Trì hoãn bất cứ lúc nào để gây cắt đứt quá trình mã hóa, xuất khỏi thuật này, khởi động lại hoặc tắt máy điện toán của bạn, và sau đó tiếp tục lại quá trình, mà sẽ tiếp tục từ chổ nó đã ngừng lại. Lưu ý là tập đĩa không thể được gắn kết cho đến khi nó đã được mã hóa hoàn toàn. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hệ Thống Ẩn đã bắt đầu + Hệ thống gốc + Windows cấu tạo (thường, không cần sự hiểu biết hoặc sự đồng ý của bạn) các loại tập tin ghi bản, các tập tin tạm thời, v.v., trên phân vùng hệ thống. Nó cũng giúp để cho phần RAM được yên nghỉ và các tập tin phân trang nằm trên phân vùng hệ thống. Do đó, nếu một đối phương đã phân tích các tập tin được lưu trữ trên phân vùng mà hệ thống ban đầu (trong đó hệ thống ẩn là một bản sao) cư trú, họ có thể tìm hiểu, ví dụ như rằng bạn đã sử dụng thuật VeraCrypt ở trạng thái cấu tạo hệ thống ẩn, (mà có thể cho biết sự tồn tại của một hệ điều hành ẩn trên máy điện toán của bạn).\n\nĐể ngăn ngừa các vấn đề như vậy, VeraCrypt sẽ, trong các bước kế tiếp, an toàn xóa toàn bộ nội dung của phân vùng mà hệ thống ban đầu cư trú. Sau đó, để đạt được từ chối được chính đáng, bạn sẽ cần phải cài đặt một hệ thống mới trên phân vùng đó và mã hóa nó. Vì vậy bạn sẽ cấu tạo các hệ thống nghi trang và toàn bộ quá trình cấu tạo của hệ điều hành ẩn sẽ được hoàn thành. + Hệ điều hành ẩn đã được cấu tạo thành công. Tuy nhiên, trước khi bạn có thể bắt đầu sử dụng nó (và được sự từ chối được chính đáng), bạn cần phải xóa một cách an toàn (sử dụng VeraCrypt) toàn bộ nội dung của phân vùng nơi hệ điều hành đang chạy được cài đặt. Trước khi có thể làm điều đó, bạn cần phải khởi động lại máy điện toán, và trong màn hình Bộ tải Khởi nạp VeraCrypt (xuất hiện trước khi bắt đầu Windows), nhập mật mã chứng thực tiền khởi động cho hệ điều hành ẩn. Sau đó, sau khi hệ thống ẩn bắt đầu, thuật VeraCrypt sẽ được đưa ra tự động.\n\nLưu ý: Nếu bạn chọn để chấm dứt quá trình cấu tạo hệ điều hành ẩn bây giờ, bạn sẽ không thể tiếp tục lại quá trình và hệ thống ẩn sẽ không thể truy cập được (bởi vì các Bộ tải Khởi nạp VeraCrypt sẽ được gỡ bỏ). + Bạn có dự kiến quá trình cấu tạo của một hệ điều hành ẩn. Quá trình này đã chưa được hoàn thành. Để hoàn thành nó, bạn cần phải khởi động lại máy điện toán, và trong màn hình Bộ tải Khởi nạp VeraCrypt (xuất hiện trước khi bắt đầu Windows), nhập mật mã cho hệ điều hành ẩn.\n\nLưu ý: Nếu bạn chọn để chấm dứt quá trình cấu tạo hệ điều hành ẩn bây giờ, bạn sẽ không thể tiếp tục lại quá trình. + Khởi động lại máy điện toán và tiến hành + Vĩnh viễn chấm dứt quá trình cấu tạo hệ điều hành ẩn + Không làm gì cả bây giờ và hỏi lại sau + \nNẾU ĐƯỢC, XIN IN VĂN BẢN NÀY (nhấn vào 'In' dưới đây).\n\n\nSử dụng Đĩa Cứu hộ VeraCrypt Khi nào và Như thế nào (Sau khi Mã hóa)\n----------------------------------------------------------------------\n\n + I. Làm thế nào để khởi động Đĩa Cứu hộ VeraCrypt\n\nĐể khởi động một Đĩa Cứu hộ VeraCrypt, hãy bỏ nó vào ổ đĩa CD/DVD và khởi động lại máy điện toán của bạn. Nếu màn hình Đĩa Cứu hộ VeraCrypt không xuất hiện (hoặc nếu bạn không nhìn thấy mục "Tùy chọn Sửa chữa 'trong phần' Điều khiển Bàn phím' của màn hình), có thể là BIOS của bạn được cấu hình để thử khởi động từ đĩa cứng trước khi CD/DVD chạy. Nếu đó là một trường hợp, khởi động lại máy điện toán của bạn, nhấn F2 hoặc Xóa (ngay sau khi bạn thấy màn hình BIOS bắt đầu-lên), và đợi cho đến khi một màn hình cấu hình BIOS xuất hiện. Không thôi có màn hình cấu hình BIOS xuất hiện, khởi động lại (đặt lại) lại máy điện toán và bắt đầu nhấn F2 hoặc Xóa liên tục ngay sau khi bạn khởi động lại (reset) máy điện toán. Khi một màn hình cấu hình BIOS xuất hiện, cấu hình BIOS để khởi động từ CD/DVD ổ đĩa trước (để có hướng dẫn làm như thế nào, xin tham khảo tài liệu cho BIOS của bạn / bo mạch chủ hoặc liên hệ với ban hỗ trợ kỹ thuật từ nhà cung cấp máy điện toán của bạn để được trợ giúp). Sau đó khởi động lại máy điện toán của bạn. Các màn hình Đĩa Cứu hộ VeraCrypt sẽ xuất hiện ngay bây giờ. Lưu ý: Trong màn hình Đĩa Cứu hộ VeraCrypt, bạn có thể chọn 'Tùy chọn Sửa chữa' bằng cách nhấn F8 trên bàn phím.\n\n\n + II. Sử dụng Đĩa Cứu hộ VeraCrypt khi nào và như thế nào(Sau khi Mã Hóa)\n\n + 1) Nếu màn hình Bộ tải Khởi nạp VeraCrypt không xuất hiện sau khi bạn khởi động máy điện toán (hoặc nếu Windows không khởi động), Bộ tải Khởi nạp VeraCrypt có thể bị tổn hại. Đĩa Cứu hộ VeraCrypt cho phép bạn khôi phục lại nó và do đó để lấy lại quyền truy cập vào hệ thống mã hóa và dữ liệu của bạn (tuy nhiên, lưu ý là bạn vẫn sẽ phải nhập đúng mật mã sau đó). Trong màn hình trên Đĩa Cứu hộ, chọn "Tùy chọn Sửa chữa '>' Khôi phục Bộ tải Khởi nạp VeraCrypt’. Sau đó nhấn 'Y' để xác nhận động tác, loại bỏ Đĩa Cứu hộ từ đĩa CD/DVD và khởi động lại máy điện toán của bạn.\n\n + 2) Nếu bạn liên tục nhập đúng mật mã nhưng VeraCrypt cho biết mật mã là không đúng, khóa chính hoặc các dữ liệu quan trọng khác có thể bị tổn hại. Đĩa Cứu hộ VeraCrypt cho phép bạn khôi phục lại chúng và do đó để lấy lại quyền truy cập vào hệ thống mã hóa và dữ liệu của bạn (tuy nhiên, lưu ý là bạn vẫn sẽ phải nhập đúng mật mã sau đó). Trong màn hình trên Đĩa Cứu hộ chọn "Sửa chửa tùy chọn '>' Khôi phục dữ liệu quan trọng’. Sau đó nhập mật mã của bạn, nhấn 'Y' để xác nhận, loại bỏ các đĩa giải từ đĩa CD/DVD của bạn, và khởi động lại máy điện toán của bạn.\n\n + 3) Nếu Bộ tải Khởi nạp VeraCrypt bị tổn hại, bạn có thể tránh chạy nó bằng cách khởi nạp trực tiếp từ Đĩa Cứu hộ VeraCrypt. Bỏ Đĩa Cứu hộ của bạn vào đĩa CD/DVD ổ đĩa và sau đó nhập mật mã của bạn trong màn hình trên Đĩa Cứu hộ.\n\n + 4) Nếu Windows bị tổn hại và không thể bắt đầu, Đĩa Cứu hộ VeraCrypt cho phép bạn vĩnh viễn giải mã phân vùng / đĩa trước khi Windows khởi động. Trong màn hình trên Đĩa Cứu hộ chọn ‘Tùy chọn Sửa chữa’>’ Vĩnh Viễn giải mã phân vùng/ổ đĩa hệ thống‘. Xin nhập đúng mật mã và chờ cho đến khi giải mã được hoàn tất. Sau đó, bạn có thể ví như, khởi động thiết lập đĩa CD/DVD của MS Windows để sửa chữa cài đặt Windows của bạn.\n\n + Lưu ý: Ngoài ra, nếu Windows bị hư tổn hại (không thể bắt đầu) và bạn cần phải sửa chữa nó (hoặc truy cập các tập tin vào đó), bạn có thể tránh được giải mã hệ thống phân vùng / ổ đĩa bằng cách làm theo các bước sau: Nếu bạn có nhiều hệ điều hành được cài đặt trên máy điện toán của bạn, khởi động một máy mà không cần chứng thực tiền khởi động. Nếu bạn không có nhiều hệ điều hành được cài đặt trên máy điện toán của bạn, bạn có thể khởi động một WinPE hoặc BartPE CD/DVD hoặc bạn có thể kết nối ổ đĩa hệ thống của bạn như một ổ đĩa thứ cấp hay bên ngoài tới một máy điện toán khác và sau đó khởi động hệ điều hành được cài đặt trên máy điện toán. Sau khi bạn khởi động một hệ thống, chạy VeraCrypt, nhấn vào ‘Chọn Thiết bị', chọn phân vùng hệ thống bị ảnh hưởng, nhấn vào 'OK', chọn 'Hệ thống'> 'Mount không cần Pre-Boot Authentication’, nhập mật mã chứng thực tiền khởi động của bạn và bấm vào' OK '. Phân vùng sẽ được gắn kết như là một tập đĩa thường xuyên VeraCrypt (dữ liệu sẽ được on-the-fly giải mã / mã hóa trong RAM ngày truy cập, như thường lệ). n\n\n + Lưu ý là ngay cả khi bạn bị mất Đĩa Cứu hộ VeraCrypt của bạn và một kẻ tấn công tìm thấy nó, họ sẽ không thể giải mã các phân vùng hệ thống hoặc ổ đĩa mà không có mật mã chính xác + \n\nQUAN TRỌNG – XIN IN văn bản NÀY NẾU CÓ THỂ (nhấn vào 'In' dưới đây).\n\n\nLưu ý: văn bản này sẽ được tự động hiển thị mỗi khi bạn khởi động hệ thống ẩn cho đến khi bạn bắt đầu cấu tạo hệ thống nghi trang.\n\n\n\n + Làm thế nào để cấu tạo hệ thống Nghi trang một cách an toàn và baỏ mật \n ----------------------------------------------------------------------------\n\n Để đạt được sự từ chối chính đáng, bạn cần phải cấu tạo hệ điều hành nghi trang bây giờ. Để làm như vậy, hãy làm theo các bước sau:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Cài đặt Windows trên phân vùng mà nội dung đã được xoá hoàn toàn (tức là trên phân vùng mà hệ thống ban đầu, trong đó hệ thống ẩn là một bản sao, đã được cài đặt).\n\nQUAN TRỌNG: Khi bạn bắt đầu cài đặt nghi trang SYSTEM, HỆ THỐNG ẨN SẼ *KHÔNG* có khả năng khởi động (bởi vì Bộ tải Khởi nạp VeraCrypt sẽ được xoá bỏ bởi cài đặt hệ thống Windows). Điều này là thông thường và dự kiến. Xin đừng lo lắng. Bạn sẽ có thể khởi động Hệ ẩn trở lại ngay khi BẠN START mã hoá nghi trang SYSTEM (vì VeraCrypt sau đó sẽ tự động cài đặt Bộ tải Khởi nạp VeraCrypt trên ổ đĩa hệ thống)\n\nQuan Trọng: Kích cỡ của phân vùng hệ thống nghi trang phải vẫn giữ giống như như kích thước của tập đĩa ẩn (tình trạng này nay đã gặp). Hơn nữa, bạn không phải cấu tạo bất kỳ phân vùng nào giữa các phân vùng hệ thống nghi trang và phân vùng mà hệ thống ẩn ở đó.\n\n + 3) Khởi động hệ thống nghi trang (mà bạn đã caì đặt trọng bước 2 và cai đặt VeraCrypt ở đó).\n\n Hảy nhớ rằng hệ thống nghi trang không bao giờ được chứa bất kỳ dữ liệu nhay cảm.\n\n + 4) Trên hệ thống nghi trang, chạy VeraCrypt và chọn 'Hệ thống'> 'Mã hóa hệ thống phân vùng / ổ’. Các cửa sổ VeraCrypt Tập đĩa Creation Wizard sẽ xuất hiện.\n\nNhững bước sau đây áp dụng cho Thuật Cấu tạo Tập đĩa VeraCrypt.\n\n + 5) Trong Thuật Cấu tạo Tập Đĩa VeraCrypt, ĐỪNG chọn tùy chọn ‘Ẩn’. Chọn tùy chọn 'Thông thường' và nhấn vào 'Kế tiếp'.\n\n + 6) Chọn tùy chọn 'Mã Hóa phân vùng hệ thống Windows' và sau đó nhấn vào 'Kế tiếp'.\n\n + 7) Nếu chỉ có hệ thống ẩn và hệ thống nghi trang cài đặt trên máy điện toán, chọn tùy chọn 'Single-khởi động (nếu có nhiều hơn hai hệ thống được cài đặt trên máy điện toán, chọn 'Đa-khởi động '). Sau đó nhấn vào 'Kế tiếp'.\n\n + 8) QUAN TRỌNG: Trong bước này, CHO HỆ THỐNG nghi trang, bạn phải chọn CÙNG thuật toán mã hóa VÀ thuật toán HASH mà bạn chọn CHO HỆ THỐNG ẨN! Không thôi, HỆ THỐNG ẨN SẼ không thể được truy cập! Nói cách khác, hệ thống nghi trang phải được mã hóa với thuật toán mã hóa như hệ thống ẩn. Lưu ý: Lý do là hệ thống nghi trang và hệ thống ẩn sẽ chia xẻ một Bộ tải Khởi nạp đơn độc, mà nó chỉ hỗ trợ một thuật toán đơn độc, được lựa chọn bởi người sử dụng (đối với mỗi thuật toán, có một phiên bản đặc biệt của Bộ tải Khởi nạp VeraCrypt).\n\n + 9) Trong bước này, chọn một mật mã cho hệ điều hành nghi trang. Đây sẽ là mật mã mà bạn sẽ có thể tiết lộ cho người đối phương một khi bạn được yêu cầu hoặc bị buộc phải tiết lộ mật mã chứng thực tiền khởi động (mật mã khác mà bạn có thể tiết lộ là một trong những tập đĩa bên ngoài). Sự tồn tại của mật mã thứ ba (tức là mật mã chứng thực tiền khởi động cho hệ điều hành ẩn) sẽ vẫn bí mật.\n\nQuan trọng: Mật mã mà bạn chọn cho hệ thống nghi trang phải khác nhiều từ một trong những mà bạn đã chọn cho các tập đĩa ẩn (ví dụ cho hệ điều hành ẩn).\n\n + 10) Theo các hướng dẫn còn lại trong trình thuật để mã hóa các hệ điều hành nghi trang.\n\n\n\n + Sau khi Hệ thống Nghi trang được cấu tạo\n ------------------------------------------------\n\nSau khi bạn mã hóa hệ thống nghi trang, toàn bộ quá trình cấu tạo hệ điều hành ẩn sẽ được hoàn thành và bạn sẽ có thể sử dụng ba mật mã này:\n\n1) Mật mã chứng thực tiền khởi động cho hệ điều hành ẩn.\n\n2) Mật mã chứng thực tiền khởi động cho hệ điều hành nghi trang.\n\n3) Mật mã cho tập đĩa bên ngoài. + Nếu bạn muốn bắt đầu hệ điều hành ẩn, bạn chỉ cần nhập mật mã cho hệ điều hành ẩn trong màn hình Bộ tải Khởi nạp VeraCrypt (xuất hiện sau khi bạn bật hoặc khởi động lại máy điện toán của bạn).\n\nNếu bạn muốn bắt đầu hệ điều hành nghi trang, bạn chỉ cần nhập mật mã cho hệ điều hành nghi trang trong màn hình Bộ tải Khởi nạp VeraCrypt.\n\n Mật mã cho hệ thống nghi trang. có thể được tiết lộ cho bất cứ ai ép buộc bạn để lộ mật mã chứng thực tiền khởi động. Sự tồn tại của tập đĩa ẩn (và của hệ điều hành ẩn) sẽ vẫn là bí mật.\n\n + Mật mã thứ ba (cho tập đĩa bên ngoài) có thể được tiết lộ cho bất cứ ai ép buộc bạn để lộ mật mã cho phân vùng đầu tiên phía sau phân vùng hệ thống, nơi mà cả hai tập đĩa bên ngoài và tập đĩa ẩn (có chứa hệ điều hành ẩn) cư trú. Sự tồn tại của khối lượng ẩn (và của hệ điều hành ẩn) sẽ vẫn được giữ bí mật.\n\n\n + Nếu bạn tiết lộ mật mã cho hệ thống nghi trang với đối phương một và anh ta hỏi bạn tại sao phần tự do của hệ thống phân vùng nghi trang chứa dữ liệu ngẫu nhiên, bạn có thể trả lời, ví dụ: "Các phân vùng trước đây có một hệ thống mã hóa của VeraCrypt, nhưng tôi quên mật mã chứng thực tiền khởi động (hoặc hệ thống bị tổn hại và ngừng khởi động), do đó, tôi đã phải cài đặt lại Windows và mã hóa các phân vùng một lần nữa."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + Cảnh báo: NẾU BẠN KHÔNG BẢO VỆ TẬP ĐĨA ẨN (để có hướng dẫn làm như thế nào, tham khảo phần "Bảo vệ của những Tập đĩa ẩn chống thiệt hại" trong Hướng dẫn cho Người dùng của VeraCrypt), ĐỪNG VIẾT VÀO TẬP ĐĨA bên ngoài (lưu ý là hệ điều hành nghi trang không được cài đặt trong tập đĩa bên ngoài). Không thôi, bạn CÓ THỂ ghi đè lên và làm hư hỏng TẬP ĐĨA ẨN (VÀ HỆ THỐNG HOẠT ĐỘNG ẩn trong nó)! + Hệ điều hành Sao y + Trong các bước kế tiếp, VeraCrypt sẽ cấu tạo hệ điều hành ẩn bằng cách sao chép nội dung của phân vùng hệ thống thành tập đĩa ẩn (dữ liệu đã được sao chép sẽ được mã hóa ở bộ phận fly với một khoá mật mã khác với hệ sẽ được sử dụng cho các hệ thống hoạt động nghi trang).\n\nXin lưu ý là quá trình này sẽ được thực hiện trong môi trường tiền khởi động (trước khi bắt đầu Windows) và nó có thể mất một thời gian dài để hoàn thành; vài giờ hoặc thậm chí vài ngày (tùy thuộc vào kích cỡ của hệ thống phân vùng và về hiệu suất của máy điện toán của bạn).\n\n Bạn sẽ có thể làm gián đoạn quá trình,. tắt máy, khởi động hệ điều hành và sau đó tiếp tục lại quá trình. Tuy nhiên, nếu bạn làm gián đoạn nó, toàn bộ quá trình sao chép hệ thống sẽ phải bắt đầu từ đầu (vì nội dung của phân vùng hệ thống không phải thay đổi trong quá trình sao y). + Bạn có muốn hủy bỏ toàn bộ quá trình sáng tạo của hệ điều hành ẩn?\n\nLưu ý: Bạn sẽ không thể tiếp tục lại quá trình nếu bạn hủy bỏ nó ngay bây giờ. + Bạn có muốn hủy bỏ hệ thống mã hóa thử trước? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + Các phân vùng/ổ đĩa hệ thống dường như không được mã hóa (một phần hoặc hoàn toàn). + Phân vùng/ổ đĩa hệ thống của bạn được mã hóa (một phần hoặc hoàn toàn). \n\nXin giải mã phân vùng/ổ đĩa hệ thống của bạn hoàn toàn trước khi tiến hành. Để làm như vậy, hãy chọn 'Hệ thống'> 'Vĩnh viễn Giải mã Phân vùng/Ổ đĩa Hệ thống' từ thanh trình đơn của cửa sổ VeraCrypt chính. + Khi phân vùng/ổ đĩa hệ thống được mã hóa (một phần hoặc hoàn toàn), bạn không thể hạ cấp VeraCrypt xuống (nhưng bạn có thể nâng cấp hoặc cài đặt một phiên bản giống vậy lại). + Phân vùng/ổ đĩa hệ thống của bạn đang được mã hóa, giải mã, hoặc bằng không sửa đổi. Xin gián đoạn quá trình mã hóa/giải mã/sửa đổi (hoặc chờ cho đến khi nó được hoàn tất) trước khi tiến hành. + Một thực thể của Trợ lý Cấu tạo Tập đĩa VeraCrypt hiện đang chạy trên hệ thống này và đang thực hiện hoặc chuẩn bị mã hóa/giải mã phân vùng/ổ đĩa hệ thống. Trước khi bạn tiếp hành, xin chờ cho nó chấm dứt hoặc đóng nó lại. Nếu bạn không thể đóng nó lại, hãy khởi động lại máy vi tính của bạn trước khi tiếp tục. + Quá trình mã hóa hay giải mã phân vùng/ổ đĩa hệ thống chưa được hoàn tất. Xin chờ cho đến khi nó được hoàn tất trước khi tiếp tục. + Lỗi: Quá trình mã hóa của phân vùng/ổ đĩa chưa được hoàn tất. Nó phải được hoàn tất trước tiên. + Lỗi: Quá trình mã hóa của phân vùng/tập đĩa chưa được hoàn tất. Nó phải được hoàn tất trưóc tiên.\n\nLưu ý: Để tiếp tục lại quá trình, hãy chọn 'Tập đĩa'> 'Tiếp tục lại Quá trình bị Gián đoạn’ từ thanh trình đơn của cửa sổ chính của VeraCrypt. + Mật mã là đúng, VeraCrypt đã giải mã thành công tiêu đề tập đĩa và phát hiện ra rằng tập đĩa này là một tập đĩa hệ thống ẩn. Tuy nhiên, bạn không thể sửa đổi tiêu đề của một tập đĩa hệ thống ẩn theo cách này.\n\nĐể thay đổi mật mã cho một tập đĩa hệ thống ẩn, khởi động hệ điều hành đang ở tại tập đĩa ẩn, và sau đó chọn 'Hệ thống'> 'Thay đổi mật mã’ từ thanh trình đơn của cửa sổ chính của VeraCrypt.\n\nĐể thiết lập thuật toán dẫn xuất tiêu đề chính, khởi động hệ điều hành ẩn và sau đó chọn 'Hệ thống'> 'Thiết lập thuật toán dẫn xuất khóa tiêu đề. + VeraCrypt không hỗ trợ giải mã tại chỗ của một phân vùng hệ thống ẩn.\n\nLưu ý: Nếu bạn muốn giải mã các phân vùng hệ thống nghi trang, khởi động hệ thống nghi trang, và sau đó chọn 'Hệ thống'> 'Vĩnh viễn Giải mã Phân vùng/Ổ đĩa Hệ thống' từ thanh trình đơn của cửa sổ chính của VeraCrypt. + Lỗi: Tham số sai/không hợp lệ. + Bạn đã lựa chọn một phân vùng hoặc một thiết bị nhưng phương thức trợ lý bạn lựa chọn chỉ phù hợp cho các chổ chứa tập tin.\n\nBạn có muốn thay đổi phương thức trợ lý không? + Thay vì vậy, bạn có muốn cấu tạo một bộ chứa tập tin của VeraCrypt không? + Bạn đã lựa chọn các phân vùng/ổ đĩa hệ thống (hoặc phân vùng khởi động), nhưng phương thức trợ lý bạn lựa chọn chỉ thích hợp cho phân vùng/ổ đĩa vô hệ.\n\nBạn có muốn thiết lập chứng thực tiền khởi động (có nghĩa là bạn sẽ cần phải bỏ vào mật mã của bạn mỗi lần trước khi + Bạn có chắc bạn muốn vĩnh viễn giải mã phân vùng/ổ đĩa hệ thống? + LƯU Ý: Nếu bạn thường giải mã phân vùng/ổ đĩa hệ thống, dữ liệu không được mã hóa sẽ được ghi vào nó. \n\nBạn có thực sự chắc chắn muốn vĩnh viễn giải mã hệ thống phân vùng/ổ đĩa? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Cảnh báo: Nếu bạn sử dụng một thác của thuật toán mã hóa cho hệ thống mã hóa, bạn có thể gặp phải các vấn đề sau:\n\n1) Bộ tải Khởi nạp VeraCrypt lớn hơn thông thường và, do đó, không có đủ chổ trong phần đường đầu tiên của ổ đĩa cho sự sao lưu Bộ tải Khởi nạp VeraCrypt. Vì vậy, bất cứ khi nào nó bị tổn hại (mà thường xảy ra, ví dụ như, trong những qúa trình kích hoạt chống sao chép lậu được thiết kế một cách không thích hợp của những chương trình nhất định), bạn sẽ cần phải sử dụng Đĩa Cứu hộ VeraCrypt để khởi nạp hoặc để sửa chữa Bộ tải Khởi nạp VeraCrypt.\n\n2) Trên một số máy vi tính, sẽ cần thời gian lâu hơn để tiếp tục lại sự ngưng hoạt động.\n\nNhững vấn đề tiềm năng này có thể được phòng ngừa bằng cách chọn một thuật toán mã hóa phi-thác (ví dụ như AES).\n\n Bạn có chắc bạn muốn sử dụng một thác của thuật toán mã hóa? + Nếu bạn gặp bất kỳ vấn đề nào được mô tả trước đây, giải mã phân vùng/ổ đĩa (nếu nó được mã hóa) và sau đó thử mã hóa nó một lần nữa bằng cách dùng một thuật toán mã hóa phi-thác (ví dụ như AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + Số phiên bản của Bộ nạp Khởi động của VeraCrypt mà đã khởi động hệ điều hành này khác với số phiên bản của trình điều khiển VeraCrypt (và các ứng dụng của VeraCrypt) được cài đặt trên hệ thống này.\n\n Bạn nên cho chạy trình cài đặt VeraCrypt (mà số phiên bản giống như cái của Bộ nạp Khởi động của VeraCrypt) để cập nhật VeraCrypt trên hệ điều hành này. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + Bộ nạp Khởi động của VeraCrypt đã được nâng cấp.\n\nCực lực khuyên bạn nên cấu tạo một Đĩa Cứu hộ VeraCrypt mới (mà sẽ có chứa phiên bản mới của Bộ nạp Khởi động của VeraCrypt) bằng cách chọn 'Hệ thống' > 'Cấu tạo Đĩa Cứu hộ' sau khi bạn khởi động máy điện toán của bạn lại. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Không nâng cấp Bộ nạp Khởi động của VeraCrypt được. + VeraCrypt không phát hiện được kích cỡ thật sự của ổ đĩa hệ thống và vì vậy, kích cỡ được báo cáo bởi hệ điều hành (có thể nhỏ hơn kích cỡ thật sự) sẽ được dùng. Cũng lưu ý là đây không phải là lỗi trong VeraCrypt. + CẢNH BÁO: Dường như là VeraCrypt đã thử phát hiện các khu bị dấu trong ổ đĩa hệ thống này. Nếu bạn gặp phải bất cứ vấn đề nào trong quá trình phát hiện trước đây thì bạn có thể tránh những vấn đề này bằng cách bỏ qua việc phát hiện các khu bị dấu bây giờ. Lưu ý là nếu bạn làm thế thì VeraCrypt sẽ sử dụng kích cỡ được báo cáo bởi hệ điều hành (có thể nhỏ hơn kích cỡ thật sự của ổ đĩa).\n\nLưu ý là vấn đề này không phải do lỗi trong VeraCrypt gây ra. + Bỏ qua việc phát hiện các khu bị dấu (sử dụng kích cỡ được báo cáo bởi hệ điều hành) + Thử phát hiện các khu bị dấu lần nữa + Lỗi: Nội dung của một hoặc nhiều khu trên đĩa không đọc được (có lẽ vì đĩa hư).\n\nQuá trình mã hóa tại chỗ chỉ có thể tiếp tục khi các khu được làm cho đọc được lại. VeraCrypt có thể thử làm cho các khu này đọc được bằng cách viết những số không vào các khu này (sau đó các khối toàn bằng số không này sẽ được mã hóa). Tuy nhiên, lưu ý là bất cứ dữ liệu nào được cất giữ trong các khu không đọc được sẽ bị mất đi. Nếu bạn muốn tránh chuyện đó thì bạn có thể thử phục hồi một phần của dữ liệu bị hư bằng các công cụ thích hợp của những hãng khác.\n\nLưu ý: Trong trường hợp các khu bị tổn hại (thay vì chỉ là dữ liệu bị hư và tổng kiểm có lỗi) đa số các loại thiết bị cất giữ tự phân phối lại các khu khi dữ liệu được viết vào chúng (thế thì dữ liệu đã có trong các khu bị tổn hại có thể vẫn không được mã hóa trong ổ đĩa).\n\nBạn có muốn VeraCrypt viết các số không vào những khu không đọc được không? + Lỗi: Nội dung của một hoặc nhiều khu trên đĩa không đọc được (có lẽ vì đĩa hư).\n\nĐể có thể tiến hành việc giải mã, VeraCrypt sẽ phải bỏ nội dung của các khu không đọc được (nội dung sẽ được thay thế với dữ liệu ngẫu nhiên giả). Xin lưu ý là trước khi tiến hành, bạn có thể thử phục hồi một phần của bất cứ dữ liệu bị hư nào bằng các công cụ thích hợp của những hãng khác.\n\nBạn có muốn VeraCrypt bỏ những dữ liệu trong các khu không đọc được bây giờ không? + Lưu ý: VeraCrypt đã thay thế nội dung của %I64d khu không đọc được (%s) với các khối chữ thường toàn bằng số không được mã hóa. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Nhập vào mật mã/PIN cho hiệu bài '%s': + Để cho phép VeraCrypt truy cập một hiệu bài bảo mật hoặc thẻ smart, bạn cần cài đặt một thư viện nhu liệu của PKCS #11 cho hiệu bài hoặc thẻ smart trước. Một thư viện như thế có thể được cung cấp với thiết bị hoặc nó có sẵn để tải xuống từ trang web của nhà sản xuất hoặc những hãng khác.\n\nSau khi bạn cài đặt thư viện, bạn có thể tự chọn nó bằng cách nhấn 'Chọn Thư viện' hoặc bạn có thể để VeraCrypt tự động tìm và chọn nó bằng cách nhấn 'Tự động-Phát hiện Thư viện' (chỉ có thư mục hệ thống của Windows sẽ được kiếm). + Lưu ý: Để biết tên tập tin và vị trí của thư viện của PKCS #11 được cài đặt cho hiệu bài bảo mật hoặc thẻ smart của bạn, xin tham khảo tài liệu hướng dẫn được cung cấp với hiệu bài, thẻ, hoặc nhu liệu của hãng khác.\n\nNhấn 'OK' để chọn đường dẫn và tên tập tin. + Để cho phép VeraCrypt truy cập một hiệu bài bảo mật hoặc thẻ smart, bạn cần chọn một thư viện nhu liệu của PKCS #11 cho hiệu bài/thẻ trước. Để làm thế, chọn 'Các thiết lập' > 'Các Hiệu bài Bảo mật'. + Không khởi động thư viện của hiệu bài bảo mật cho PKCS #11 được.\n\nXin đảm bảo đường dẫn và tên tập tin được ghi rõ ám chỉ một thư viện hợp lệ của PKCS #11. Để ghi rõ đường dẫn và tên tập tin cho một thư viện của PKCS #11, chọn 'Các thiết lập' > 'Các Hiệu bài Bảo mật'. + Không tìm được thư viện của PKCS #11 nào trong thư mục hệ thống của Windows.\n\nXin đảm bảo một thư viện của PKCS #11 cho hiệu bài bảo mật của bạn (hoặc cho thẻ smart của bạn) được cài đặt (một thư viện như thế có thể được cung cấp với hiệu bài/thẻ hoặc nó có sẵn để tải xuống từ trang web của nhà sản xuất hoặc những hãng khác). Nếu nó được cài đặt trong một thư mục khác hơn là thư mục hệ thống của Windows, nhấn 'Chọn Thư viện' để kiếm thư viện (ví dụ trong thư mục nơi mà nhu liệu cho hiệu bài/thẻ được cài đặt). + Không tìm được hiệu bài bảo mật.\n\nXin đảm bảo hiệu bài bảo mật của bạn được nối vào máy điện toán của bạn và trình điều khiển thiết bị đúng cho hiệu bài của bạn được cài đặt. + Không tìm được tập tin khóa của hiệu bài bảo mật. + Một tập tin khóa của hiệu bài bảo mật cùng tên đã có rồi. + Bạn có muốn xóa các tập tin được chọn không? + Đường dẫn đến tập tin khóa của hiệu bài bảo mật không hợp lệ. + Lỗi của hiệu bài bảo mật + Mật mã cho hiệu bài bảo mật không đúng. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + Tất cả các phiên chạy của hiệu bài bảo mật đã được đóng. + Chọn các Tập tin khóa của Hiệu bài Bảo mật + Rãnh + Tên hiệu bài + Tên tập tin + QUAN TRỌNG: Xin lưu ý là những mật mã chứng thực tiền khởi động luôn luôn được gõ bằng bố trí bàn phím tiêu chuẩn Hoa Kỳ. Vì vậy, một tập đĩa sử dụng một mật mã gõ bằng bất cứ bố trí bàn phím nào khác có thể không thể nào được nạp lên bằng một mật mã chứng thực tiền khởi động (lưu ý là đây không phải là lỗi trong VeraCrypt). Để cho phép một tập đĩa được nạp lên bằng một mật mã chứng thực tiền khởi động, làm theo các bước sau:\n\n1) Nhấn 'Chọn Tập tin' hoặc 'Chọn Thiết bị' và chọn tập đĩa.\n2) Chọn 'Các tập đĩa' > 'Thay đổi Mật mã của Tập đĩa'.\n3) Nhập vào mật mã hiện tại của tập đĩa.\n 4) Thay đổi bố trí bàn phím thành Anh văn (Hoa Kỳ) bằng cách nhấn vào biểu tượng của thanh Ngôn ngữ trong thanh tác vụ của Windows và chọn 'EN Anh văn (Hoa Kỳ).\n5) Trong VeraCrypt, trong trường cho mật mã mới, gõ mật mã chứng thực tiền khởi động.\n6) Xác nhận mật mã mới bằng cách gõ nó lại trong trường xác nhận và nhấn 'OK'.\nCẢNH BÁO: Hãy ghi nhớ rằng nếu bạn làm theo các bước này, mật mã của tập đĩa sẽ luôn luôn phải được gõ bằng bố trí bàn phím Hoa Kỳ (chỉ được tự động đảm bảo trong môi trường tiền khởi động). + Tập đĩa hệ thống được chuộng sẽ được nạp lên bằng cách dùng mật mã chứng thực tiền khởi động. Nếu bất cứ tập đĩa hệ thống được chuộng sử dụng một mật mã khác, nó sẽ không được nạp lên. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + QUAN TRỌNG: Hãy ghi nhớ rằng nếu tùy chọn này được bật lên và VeraCrypt không có quyền quản lý, tập đĩa hệ thống được chuộng đã nạp lên KHÔNG được hiển thị trong cửa sổ ứng dụng VeraCrypt và chúng không thể được tháo xuống. Vì vậy, ví dụ nếu bạn cần tháo một tập đĩa hệ thống được chuộng xuống, xin nhấn phải vào biểu tượng VeraCrypt (trong trình đơn Start) và chọn 'Chạy kiểu Quản lý' trước. Giới hạn giống vậy cũng áp dụng cho chức năng 'Tháo xuống Tất cả', những chức năng 'Tự động-Tháo xuống', các khóa kích hoạt 'Tháo xuống Tất cả', v.v. + Note that this setting takes effect only after the operating system is restarted. + Có lỗi trong khi phân tích cú pháp dòng lệnh. + Đĩa Cứu hộ + Lựa chọn &Tập tin và Nạp lên... + Lựa chọn &Thiết bị và Nạp lên... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Cảnh báo: hệ thống tập tin trên tập đĩa đã nạp lên thành '%s' đã không được tháo xuống sạch sẽ và do đó có thể có lỗi. Sử dụng một hệ thống tập tin bị hỏng có thể làm mất hoặc làm hỏng dữ liệu.\n\nLưu ý: Trước khi bạn có thể gỡ bỏ hoặc tắt đi một thiết bị (như một ổ đĩa USB flash hay một ổ đĩa cứng bên ngoài) nơi một tập đĩa VeraCrypt được nạp lên đang nằm, bạn nên luôn luôn tháo tập đĩa VeraCrypt trong VeraCrypt xuống trước.\n\n\nBạn có muốn Windows thử phát hiện và sửa các lỗi (nếu có) trên hệ thống tập tin không? + Cảnh báo: Một hoặc nhiều tập đĩa hệ thống được chuộng không được tháo xuống sạch sẽ và do đó có thể có lỗi của hệ thống tập tin. Xin xem các ghi bản sự kiện hệ thống để biết thêm chi tiết.\n\nSử dụng một hệ thống tập tin bị hỏng có thể làm mất hoặc làm hỏng dữ liệu. Bạn nên kiểm tra những tập đĩa hệ thống được chuộng bị ảnh hưởng xem có lỗi không (nhấn phải vào từng lỗi trong VeraCrypt và chọn 'Sửa chữa Hệ thống tập tin'). + Cảnh báo: Sửa chữa một hệ thống tập tin bị tổn hại bằng cách dùng công cụ 'chkdsk' của Microsoft có thể làm mất các tập tin ở những vùng bị tổn hại. Vì vậy, trước tiên bạn nên sao lưu các tập tin được cất giữ trong tập đĩa VeraCrypt vào một tập đĩa VeraCrypt tốt khác.\n\nBạn có muốn sửa chữa hệ thống tập tin bây giờ không? + Tập đĩa '%s' đã được nạp kiểu chỉ-đọc lên vì quyền ghi bị từ chối.\n\nXin đảm bảo các quyền bảo mật của bộ chứa tập tin cho phép bạn viết vào nó (nhấn phải vào bộ chứa và chọn Đặc tính > Bảo mật).\n\nLưu ý là do một vấn đề của Windows, bạn có thể thấy cảnh báo này ngay cả sau khi thiết lập các quyền bảo mật thích hợp. Chuyện này không phải do lỗi của VeraCrypt gây ra. Một giải pháp là di chuyển bộ chứa của bạn đến, ví dụ như thư mục 'Documents 'của bạn.\n\nNếu bạn có ý định giữ cho tập đĩa của bạn kiểu chỉ-đọc, đặt các thuộc tính chỉ-đọc của bộ chứa (nhấn phải vào bộ chứa và chọn Đặc tính > Chỉ-đọc), sẽ tắt cảnh báo này. + Tập đĩa '%s' phải được nạp kiểu chỉ-đọc lên vì quyền ghi bị từ chối.\n\nXin đảm bảo rằng không có ứng dụng nào khác (ví dụ như nhu liệu chống vi rút) đang truy cập vào phân vùng/thiết bị nơi mà tập đĩa được tiếp. + Tập đĩa '%s' đã được nạp kiểu chỉ-đọc lên vì hệ điều hành báo cáo thiết bị làm chủ được bảo vệ chống ghi.\n\nXin lưu ý là một số trình điều khiển chipset riêng đã được báo cáo là làm cho các môi trường chứa ghi được nhìn giả giống như được bảo vệ chống ghi. Vấn đề này không phải do VeraCrypt gây ra. Nó có thể được giải quyết bằng cách cập nhật hoặc hủy cài đặt bất cứ trình điều khiển chipset riêng (không phải của Microsoft) hiện đang được cài đặt trên hệ thống này. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Bạn có muốn VeraCrypt thử tắt bảo vệ chống ghi của phân vùng/ổ đĩa không? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Thử nghiệm + Tập tin Khóa + Backspace + Tab + Clear + Enter + Pause + Caps Lock + Spacebar + Page up + Page Down + End + Home + Mũi tên Trái + Mũi tên Lên + Mũi tên Phải + Mũi tên Xuống + Select Key + Print Key + Execute Key + Print Screen + Insert + Xóa + Applications Key + Sleep + Num Lock + Scroll Lock + Browser Back + Browser Forward + Browser Refresh + Browser Stop + Browser Search + Browser Favorites + Browser Home + Mute + Tập đĩa Down + Tập đĩa Up + Phần đường Kế tiếp + Phần đường Previous + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Ứng dụng 1 + Ứng dụng 2 + Attn + CrSel + ExSel + Play + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.zh-cn.xml b/Translations/Language.zh-cn.xml index 53e7c6d7..757d4c03 100644 --- a/Translations/Language.zh-cn.xml +++ b/Translations/Language.zh-cn.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - 取消 - 为所有用户安装(&F) - 浏览(&W)... - 在桌面添加 VeraCrypt 图标(&D) - 现在捐助... - 关联 .hc 文件到 VeraCrypt(&E) - 完成后打开目标位置(&O) - 创建 VeraCrypt 开始菜单项目(&S) - 创建系统还原点(&R) - 卸载(&U) - 释放(&E) - 安装(&I) - VeraCrypt 安装向导 - 卸载 VeraCrypt - 帮助(&H) - 请选择或者输入您希望释放到的位置: - 请选择或输入您希望 VeraCrypt 程序文件释放到的位置。如果指定文件夹不存在,文件夹将会被自动创建。 - 点击〖卸载〗按钮从系统中卸载 VeraCrypt。 - 放弃 - 测试(&B) - 测试(&T) - 创建加密卷并格式化 - 就地加密分区 - 显示生成的密钥(及其部分) - 显示缓冲内容 - 下载 CD/DVD 刻录软件(联网) - 创建文件型加密卷 - GB(&G) - TB(&T) - 更多信息(联网) - 隐藏的 VeraCrypt 加密卷(&D) - 关于隐藏加密卷的更多信息(联网) - 直接模式 - 常规模式 - KB(&K) - 使用密钥文件(&S) - 首先尝试以空密码挂载 - 随机大小 ( 64 <-> 1048576 ) - 密钥文件(&K)... - 混杂算法的更多信息(联网) - 更多信息(联网) - 关于PIM的更多信息(联网) - MB(&M) - 更多信息(联网) - 关于系统盘加密的更多信息(联网) - 更多信息(联网) - 多重启动 - 加密非系统分区/设备 - 从不保留历史记录(&R) - 打开外层加密卷 - 暂停(&P) - 使用 P&IM - 使用 PIM - 快速格式化 - 显示密码(&D) - 显示密码(&D) - &显示 PIM - 单系统 - 标准 VeraCrypt 加密卷 - 隐藏(&D) - 常规 - 加密系统分区或者整个系统所在硬盘 - 加密 Windows 系统分区 - 加密整个硬盘驱动器 - VeraCrypt 加密卷创建向导 - - 重要:在窗口范围内尽量任意移动鼠标。移动时间越长越好。这将会极大的增强密钥的加密强度。之后点击〖下一步〗按钮继续。 - 确认(&C): - 完成 - 卷标: - 加密算法 - 文件系统 - 创建一个文件类型的加密盘,推荐入门用户使用。 - 选项 - 哈希算法 - 首密钥: - 剩余 - 主密钥: - 如果此计算机上安装了两个或多个操作系统请选择此项。\n\n例如:\n- Windows XP 和 Windows XP\n- Windows XP 和 Windows Vista\n- Windows 和 Mac OS X\n- Windows 和 Linux\n- Windows,Linux 和 Mac OS X - 加密一个内部或者外部驱动器上的非系统分区(例如:优盘)。也可以创建一个隐藏的加密卷。 - 当前缓存内容(部分) - 密码 - 密码: - 新的卷 PIM: - 旧的卷 PIM: - 进程: - 随机缓冲: - 如果计算机上只安装了一个操作系统请选择此项(尽管该操作系统下可能有多个用户)。 - 速度 - 状态 - 已成功生成密钥、要素、以及其它数据。如果您希望生成新的密钥,请点击〖后退〗然后点击〖下一步〗按钮。否则点击〖下一步〗按钮继续。 - 加密 Windows 系统所在的 分区/驱动器。加密后,任何人想要访问和使用此加密系统、读写此系统盘下的文件等,都需每次在 Windows 启动前输入正确的密码。也可以选择创建一个隐形的操作系统。 - 选择此选项,以加密您当前 Windows 操作系统所安装的分区。 - Windows中的卷标: - 擦除模式: - 关闭 - 允许按下 Esc 按键跳过启动验证(启用启动管理器)(&A) - 什么也不做 - 自动加载 VeraCrypt 加密卷(下面指定的)(&A) - 运行 VeraCrypt(&S) - 自动检测运行库(&D) - 缓存启动验证密码到驱动内存(用来加载非系统加密卷)(&C) - 浏览... - 浏览... - 在内存中缓存密码和密钥文件(&A) - 没有加密卷被加载时退出 - 在有加密卷成功加载后关闭口令牌会话(登出)(&C) - 包含 VeraCrypt 加密卷扩展向导 - 包含 VeraCrypt 加密卷创建向导 - 创建 - 创建加密卷(&C) - 在启动验证屏幕不显示任何文本(仅显示下面自定义的信息)(&S) - 停用"Evil Maid"攻击检测 - 使用处理器指令加速 AES 加解密(如果功能可用) - 使用密钥文件 - 使用密钥文件 - 退出(&X) - 收藏加密卷的帮助(联网) - 当“加载收藏加密卷”热键按下时不加载选定的加密卷(&H) - 当主设备被连接时加载选定加密卷(&C) - 登录时加载选定加密卷(&O) - 以只读方式加载选定加密卷(&N) - 以可移动介质方式加载选定加密卷(&V) - 下移(&D) - 上移(&U) - 成功加载选定加密卷后,为其打开资源管理器窗口(&E) - 移除(&R) - 使用收藏卷的标签作为资源管理器中卷的名称 - 全局设置 - 热键卸载后显示气球提示 - 热键卸载后播放系统提示音 - Alt - Ctrl - Shift - Win - 分配 - 移除 - 密钥文件... - 不使用下面数目的处理器加密/解密: - 更多信息(联网) - 更多信息(联网) - 更多设置... - 自动加载设备(&A) - 加载选项(&A)... - 以只读模式加载加密卷(&O) - 密钥文件... - (留空或输入0以使用默认迭代参数) - (留空或输入0以使用默认迭代参数) - 启用 - 在驱动内存中缓存密码 - 自动卸载加密卷,在无数据读写动作下面时间后 - 用户注销时 - 用户锁定会话时 - 进入待机状态时 - 屏幕保护加载时 - 强制自动卸载,无论加密卷是否有被打开的文件或目录 - 加载所有设备类 VeraCrypt 加密卷 - 启动 VeraCrypt 后台任务 - 以只读模式加载加密卷 - 以可移动介质模式加载加密卷 - 为成功加载的加密卷打开资源管理器窗口 - 在加载收藏加密卷时临时保存密码 - 有加密卷加载时启用不同颜色的任务栏图标 - 自动卸载时擦除缓存的密码 - 退出时擦除缓存的密码 - 保留文件类型加密卷的修改时间戳 - 重置 - 选择设备(&E)... - 选择文件(&F)... - 选择运行库(&L)... - 显示密码 - 显示密码 - 为加载的加密卷打开资源管理器窗口(&E) - 在驱动内存中缓存密码(&C) - TrueCrypt 模式 - 全部卸载(&S) - 加密卷属性(&X)... - 加密卷工具(&T)... - 擦除缓存(&W) - VeraCrypt - 挂载参数 - VeraCrypt - 收藏加密卷 - VeraCrypt - 系统热键 - VeraCrypt - 修改密码或密钥文件 - 输入 VeraCrypt 加密卷密码 - VeraCrypt - 性能选项 - VeraCrypt - 参数选择 - VeraCrypt - 系统加密设置选项 - VeraCrypt - 安全口令牌参数 - VeraCrypt 便携磁盘安装 - VeraCrypt 加密卷属性 - 关于 VeraCrypt... - 添加或移除密钥文件... - 添加已加载的加密卷为收藏加密卷... - 添加已加载的加密卷为系统收藏加密卷... - 分析系统崩溃原因... - 备份加密卷头信息... - 基准测试... - 设置首密钥衍生算法... - 修改加密卷密码... - 设置首密钥离散算法... - 修改密码... - 清除加密卷历史记录 - 关闭所有安全口令牌会话 - 联系作者(联网)... - 创建隐形操作系统... - 创建应急盘... - 创建加密卷... - 永久解密... - 默认密钥文件... - 默认挂载参数... - 现在捐助... - 加密系统分区/驱动器... - 常见问题(联网) - 用户指南 - 主页(联网)(&H) - 系统热键... - 密钥文件生成器 - 语言选择... - 法律声明(联网) - 管理安全口令牌密钥文件... - 自动加载全部设备类加密卷 - 加载收藏加密卷 - 以非启动验证方式加载(&A)... - 加载所选加密卷 - 根据选项加载加密卷 - 软件新闻(联网) - 在线帮助(联网) - 用户向导(联网) - 管理收藏加密卷... - 管理系统收藏加密卷... - 性能... - 永久解密系统分区/驱动器 - 参数选择... - 刷新盘符列表 - 从加密卷中移除所有密钥... - 恢复加密卷头信息... - 继续被中断的过程 - 选择设备... - 选择文件... - 继续被中断的过程 - 系统加密... - 属性... - 设置... - 系统收藏加密卷... - 下载页面(联网) - 测试向量... - 安全口令牌... - 便携磁盘安装... - 卸载全部加载的加密卷 - 卸载所选加密卷 - 验证应急盘 - 验证应急盘ISO镜像 - 版本历史(联网) - 加密卷扩展向导 - 加密卷属性 - 加密卷创建向导 - 官方网站(联网) - 擦除缓存的密码 - 确定 - 硬件加速 - 热键 - 自动运行配置(autorun.inf) - 自动卸载 - 全部卸载,当: - 启动管理器屏幕选项 - 确认密码: - 当前密码 - 在启动验证屏幕显示下面自定义信息(最多 24 个字符): - 默认加载选项 - 热键设置 - 设置驱动程序... - 启用扩展的磁盘控制器支持 - 所选收藏加密卷的卷标: - 文件选项 - 要分配的热键: - 此电脑中可为 AES 提供硬件加速的处理器: - Windows 登陆时执行的操作 - 分钟 - 以该驱动器盘符加载: - 加载设置 - 新密码 - 密码: - 基于线程的并行计算 - PKCS #11 运行库路径 - PKCS-5 PRF: - PKCS-5 PRF: - 密码缓存 - 安全选项 - VeraCrypt 后台任务 - 要加载的 VeraCrypt 加密卷(相对于便携磁盘的根目录): - 在插入便携磁盘时: - 创建便携磁盘文件于(便携磁盘根目录): - 加密卷 - Windows - 添加路径(&P)... - 全部自动测试(&A) - 继续(&C) - 解密(&D) - 删除(&D) - 加密(&E) - 导出(&E)... - 生成并保存密钥文件... - 生成随机密钥文件(&G)... - 下载语言包(联网) - 硬件加速 AES(联网): - 导入密钥文件到口令牌(&I)... - 添加文件(&F)... - 使用密钥文件(&A) - 密钥文件(&K)... - 移除(&R) - 全部移除(&A) - 什么是保护隐藏加密卷?(联网) - 密钥文件的更多信息(联网) - 加载加密卷为可移动介质(&M) - 以非预启动验证方式加载使用系统加密处理的分区(&U) - 并行计算(联网): - 基准测试 - 打印(&P) - 向外层加密卷写入数据时保护隐藏加密卷(&P) - 重置(&R) - 显示密码(&A) - 添加口令牌(&T)... - 使用嵌入在卷中的备份头信息(如果有可用的)(&V) - XTS 模式 - 关于 VeraCrypt - VeraCrypt - 加密算法基准测试 - VeraCrypt - 测试向量 - 命令行帮助 - VeraCrypt - 密钥文件 - VeraCrypt - 密钥文件生成器 - VeraCrypt - 语言 - VeraCrypt - 加载选项 - 新的安全口令牌密钥文件属性 - VeraCrypt - 随机缓冲增强 - 选择一个分区或设备 - VeraCrypt - 安全口令牌密钥文件 - 需要安全口令牌密码PIN - 当前语言包 - 速度由 CPU 和存储设备性能决定。\n\n这些测试在内存中进行。 - 缓冲大小: - 密码: - 隐藏加密卷的密码(&A):\n(如果为空则使用缓存) - 保护隐藏加密卷 - 密钥长度: - 重要:请在此窗口内随机移动鼠标,移动时间越长越好。这将会显著增加密钥的加密强度。 - 警告:如果您丢失了密钥文件或者密钥文件的前 1024 KB 字节已改变,将不可能再加载使用该密钥的加密卷! - - 密钥文件数量: - 密钥文件大小(以字节计算): - 密钥文件名: - 翻译人员: - 明文密码长度: - - 当前缓冲内容 - 混合 PRF: - 重要:在窗口内尽可能自由的移动鼠标。移动时间越长效果越好。这将会显著增加安全性。当操作完成时,点击〖继续〗按钮。 - 次密钥(十六进制) - 安全口令牌: - 排序方式: - 请耐心等待,此过程可能需要较长时间... - 请耐心等待...\n此过程可能需要较长时间并且VeraCrypt可能失去响应. - 块数值: - 加密文本(十六进制) - 数据单元数值(64-位十六进制,数据单元大小为 512 字节) - 密钥(十六进制) - 明文密码(十六进制) - 密钥文件名: - XTS 模式 - 系统(&Y) - 加密卷(&V) - 收藏(&I) - 工具(&O) - 设置(&G) - 帮助(&H) - 主页(联网)(&P) - - 关于(&A)... - 无法修改旧版本加密卷的只读属性。请检查文件访问权限。 - 错误:访问被拒绝。\n\n您试图要访问的分区要么长度为 0 的扇区,要么是启动设备。 - 系统管理员 - 要加载 VeraCrypt 驱动,您必需以一个具有管理员权限的帐号登陆。 - 请注意:如果要加密或格式化某分区和设备您必需以一个 具有管理员权限的帐号登陆。\n\n文件类型加密卷不受这个限制。 - 如果要创建隐藏的加密卷,您必须以一个 具有管理员权限的帐号登陆。\n\n需要继续吗? - 请注意:如果要把加密卷格式化为 NTFS 文件系统,您必需以具有管理员权限的帐号登陆。\n\n若无管理员权限,您可以格式化加密卷为 FAT 文件系统。 - FIPS-认可的加密算法(Rijndael,发表于 1998)可能被美国联邦部门和机构用来对特定信息进行顶级保护。256 位密钥、128-位块、14 次离散循环(AES-256,发表于 2001 年)。操作模式为 XTS。 - 加密卷已加载。 - 注意:在内置自动检测时,至少一个 加密或哈希算法已失败!\n\n此 VeraCrypt 安装文件可能已损坏。 - 注意:在随机数生成器缓冲中的数据不足,无法提供要求数量的随机数据。\n\n您不应当继续进行。请从帮助菜单选择〖报告错误〗来报告此软件错误。 - 该设备已经损坏(这是物理损坏)或者线缆损坏,或者是内存出现故障。\n\n请注意这是您的硬件问题,并不是 VeraCrypt 的问题。因此,请不要把这个报告为 VeraCrypt 的错误,并且也不要在 VeraCrypt 论坛对此问题寻求帮助。请联系您的计算机供应商获取技术支持,谢谢您!\n\n注意:如果该提示反复出现在同一位置,那就很可能是磁盘坏块导致的,应该通过使用第三方软件来修复(请注意,在很多情况下,'chkdsk /r' 命令由于工作在系统层因此不能修复此问题;在某些情况中,'chkdsk' 工具甚至不能检测到此类错误。 - 如果您正在访问驱动器上的可移动介质,请确认可移动介质已经插入驱动器。也可能是驱动器/介质已损坏(物理原因),或者连接线已经损坏或断开。 - 您的系统好象使用了带有不支持创建全盘加密缺陷的第三方的芯片驱动。\n\n请在继续之前尝试更新或者卸载任何第三方芯片驱动(非微软认证的驱动)。 如果仍然不起作用,请尝试只加密系统分区。 - 无效驱动器盘符。 - 无效路径。 - 取消 - 无法访问设备。请确保选中的设备存在并且未被系统占用。 - 警告:Caps Lock(大小写锁定)已开启。这可能导致您输入密码错误。 - 加密卷类型 - 可能在某些情况,有些人会迫使您告诉它们加密卷密码。很多情况您可能无法拒绝这种要求(例如,存在暴力因素)。使用这种隐藏加密卷可以解决此类问题,而无须泄漏隐藏加密卷密码。 - 选择您希望创建常规 VeraCrypt 加密卷的选项。 - 请注意,如果您希望把操作系统安装在隐藏加密分区之中,那么整个系统驱动器不能使用独立的密钥文件加密。 - 外层加密卷加密选项 - 隐藏加密卷加密选项 - 加密选项 - 警告:清除上次选择的加密卷或密钥文件路径失败(由文件选择器记忆)! - 错误:此加密卷在 NTFS 格式分区上压缩过。VeraCrypt 不支持压缩过的加密卷(这是因为压缩过的加密数据会低效和存在数据冗余)。\n\n请使用以下步骤取消压缩: 1)在Windows资源管理器中右键单击加密卷(不是在 VeraCrypt 窗口中)。 2)选择“属性”。 3)在“属性”对话框,单击〖高级〗。 4)在“高级属性”对话框,禁用“压缩内容以节省磁盘空间”并点击〖确定〗。 5)返回到“属性”对话框,点〖确定〗。 - 创建加密卷 %s 失败 - %s 的大小为 %.2f 字节 - %s 的大小为 %.2f KB - %s 的大小为 %.2f MB - %s 的大小为 %.2f GB - %s 的大小为 %.2f TB - %s 的大小为 %.2f PB - 警告:设备/分区正在被系统或应用程序占用。格式化该设备/分区它可能导致数据丢失或系统不稳定。\n\n继续进行格式化吗? - 警告:该分区正在被操作系统或应用程序使用。您应当关闭任何可能占用此分区的程序(包括反病毒软件)。\n\n确认继续吗? - 错误:该设备/分区包含不能被卸载的文件系统。此文件系统可能被操作系统使用。格式化此设备/分区很可能会导致数据损坏或者是系统不稳定。\n\n要解决此问题,我们推荐您首先删除该分区之后在不格式化的情况下重新创建这个分区。要达成此目的,请遵照下面步骤: 1)在“开始”菜单右键单击“计算机”(或者“我的电脑”)图标,之后选择“管理”,显示“计算机管理”窗口。 2)在“计算机管理”窗口,选择“磁盘管理”。 3)右键单击要加密的分区,您可以选择“删除分区”或者是“删除卷”,或者是“删除逻辑驱动器”。 4)如果 Windows 提示重启计算机,点〖是〗重启。之后在第 5 个步骤中重复第 1 和第 2 步。 5)右键单击未分配/自由空间并选择“新建分区”,或者“新的卷”,或者“新逻辑驱动器”。 6)在“新分区向导”或者“新建卷向导”窗口中,在带有“格式化分区”标题的对话框中,选择“不格式化此分区”或者是“不格式化此卷”。在同样的向导里面,点〖下一步〗之后点〖完成〗按钮。 7)注意:您现在在 Veracrypt 中选择的设备路径可能是错误的,因此,退出并重新启动 VeraCrypt 加密卷创建向导(如果正在运行)。 8)尝试重新加密该设备/分区。\n\n如果 VeraCrypt 仍然会加密失败,您可以考虑创建文件类型的加密卷。 - 错误:此文件系统不能被锁定 和/或 卸载。可能正在被操作系统或应用程序占用(例如反病毒软件)。加密此分区可能会导致数据损坏或者系统不稳定。\n\n请关闭任何可能占用此分区的程序(包括反病毒软件)并再试一次。如果仍然无效请参考下面步骤。 - 警告:一些加载的设备/分区正在使用中!\n\n若忽略这些则可能导致非期望的结果,包括系统不稳定。\n\n我们强烈建议您关闭所有可能正在使用 此设备/分区的应用程序。 - 选定的设备包含分区。\n\n格式化该设备可能会导致系统不稳定或数据丢失。您可以选择该设备的某个分区,或者删除该设备的所有分区,以保证 VeraCrypt 对其安全格式化。 - 选择的非系统设备包含多个分区。\n\n设备类加密卷也可以在不包含任何分区的设备中创建(包括硬盘以及固态硬盘设备)。对于包含多个分区的设备,只有在此驱动器作为 Windows 安装和启动分区时,才可以就地整盘加密(使用单一主密钥)。\n\n如果您想使用单一主密钥加密选择的非系统设备,您需要首先移除所有分区以便 VeraCrypt 对其安全格式化(格式化包含多个分区的设备可能会导致系统不稳定 和/或 数据损坏。作为替代方法,您也可以单独加密驱动器上的每个分区(每个分区将使用不同的主密钥)。\n\n注意:如果您想从 GPT 磁盘中移除所有分区,您可能需要把它转换为 MBR 磁盘(使用诸如计算机管理工具)以便移除隐藏分区。 - 警告:如果您加密了整个设备(而不只是该设备上的一个分区),操作系统将会认为这个设备是全新未格式化的(因为它没有分区表),因此可能随后会初始化这个设备(或者询问您是否初始化),这可能会损坏加密卷。另外,也不能一如既往的将此加密卷加载为收藏加密卷(例如,当驱动器数目变化时),也不能为其赋予收藏加密卷卷标。\n\n要避免此类情况出现,您可以考虑在此设备上创建一个分区并加密此分区。\n\n您确认要加密整个设备吗? - 重要:请牢记,此加密卷不能使用当前赋给它的驱动器盘符 %c: 加载/访问,这个盘符已经赋给了该加密卷所在分区!\n\n要加载此加密卷,点击 VeraCrypt 主窗口的〖自动加载设备〗(也可以这样,在 VeraCrypt 主窗口,点击〖选择设备〗,之后选择该分区/驱动器,然后点〖加载〗按钮)。这个加密卷便会以其它盘符加载(此盘符可在 VeraCrypt 主窗口的盘符列表中选择)。\n\n原始的驱动盘符 %c: 仅应当在您需要移除对该分区/驱动器的加密时使用(例如:如果您不再需要加密)。在这种情况下,右键单击“我的电脑”(或者“资源管理器”)中的驱动器盘符 %c: 并选择〖格式化〗。否则该驱动器盘符 %c: 应当一直都不要使用(除非您移除它并把它指定给其它分区/驱动器)。 - 您的操作系统不支持就地加密非系统卷(仅在 Windows Vista 和以后版本中支持)。\n\n原因是当前操作系统不支持文件系统压缩(需要压缩文件系统以便为加密卷头信息以及备份头信息获取空间)。 - 所选的分区看起来不包含 NTFS 文件系统。仅在 NTFS 文件系统下才支持就地加密。\n\n说明:当前操作系统不支持文件系统压缩(需要压缩文件系统以便为加密卷头信息以及备份头信息获取空间)。 - 选择的分区看起来不包含 NTFS 文件系统。仅在 NTFS 文件系统下才支持就地加密。\n\n如果您想在此分区内创建 VeraCrypt 加密卷,请选择“创建加密卷并格式化”(而不是选择“就地加密分区”)。 - 错误:分区太小,VeraCrypt 不能实现就地加密。 - 要加密此分区的数据,请遵循以下步骤:\n\n1)在一个空的 分区/设备 上创建一个 VeraCrypt 加密卷之后加载此加密卷。\n\n2)复制待加密分区中的所有数据到这个已经加载的 VeraCrypt 加密卷(该加密卷已经在步骤 1) 中创建)。这种方式下,您就创建了一个被 VeraCrypt 加密了的数据备份。\n\n3)在要加密的分区上创建一个 VeraCrypt 加密卷并确认您在向导中选择了“创建加密卷并格式化”(而不是选择“就地加密分区”)。注意,所有存储于该分区的数据都会被擦除。加密卷创建之后,加载这个加密卷。\n\n4)复制备份加密卷(在步骤 1) 中创建的)中的所有文件到这个新创建的加密卷中(在步骤 3) 中创建和加载的)。\n\n完成以上步骤之后,数据将会被加密,并且也会额外的备份了数据的加密副本。 - VeraCrypt 只能就地加密分区、动态卷,或者整个系统启动器。\n\n如果您想在选择的非系统设备中创建加密卷,请选择选项“创建加密卷并格式化”(而不是选择选项“就地加密分区”)。 - 错误:VeraCrypt 只能就地加密分区、动态卷,或者整个系统启动器。请确认指定的路径有效。 - 错误:不能压缩文件系统(需要压缩文件系统以便为加密卷头信息以及备份头信息获取空间)。\n\n可能原因及解决:\n\n- 该卷上无足够的剩余空间。请确认没有其它程序正在写入此文件系统。\n\n- 损坏的文件系统。尝试检查和修复错误(在“我的电脑”里右键单击相应的驱动器盘符,之后选择 属性 -> 工具 ->“开始检查”,确认已经选择了选项“自动修复文件系统错误”,之后单击〖开始〗按钮)。\n\n如果以上方法都不起作用,请遵循以下步骤。 - 错误:剩余空间不足,因此文件系统不能被压缩(需要压缩文件系统以便为加密卷头信息以及备份头信息获取空间)。\n\n请删除任何多余文件并清空回收站以便释放 256KB 的空间之后再尝试。注意由于 Windows 的问题,Windows 资源管理器报告的自由空间数量在操作系统重新启动前可能是不正确的。如果重启系统后并无帮助,文件系统可能已经损坏了。尝试检查和修复错误(在“我的电脑”里右键单击相应的驱动器盘符,之后选择 属性 -> 工具 -> “开始检查”,确认已经选择了选项“自动修复文件系统错误”,之后单击〖开始〗按钮)。\n\n如果以上方法都不起作用,请遵循以下步骤。 - 驱动器 %s 上的自由空间为 %.2f 字节。 - 驱动器 %s 的自由空间大小为 %.2f KB - 驱动器 %s 的自由空间大小为 %.2f MB - 驱动器 %s 的自由空间大小为 %.2f GB - 驱动器 %s 的自由空间大小为 %.2f TB - 驱动器 %s 的自由空间大小为 %.2f PB - 无法得到可用的驱动器盘符。 - 错误:未发现 VeraCrypt 驱动程序!\n\n请复制“veracrypt.sys”和“veracrypt-x64.sys”文件到 VeraCrypt.exe 程序所在的目录。 - 错误:正在运行不兼容版本的 VeraCrypt 设备驱动。\n\n如果您想在便携模式下运行 VeraCrypt(即不安装它)但是却安装了不同版本的 VeraCrypt,您必须先卸载已安装版本(或使用 VeraCrypt 安装程序升级)。要卸载 VeraCrypt,请按如下步骤进行:在 Windows Vista 或其后版本中,选择〖开始〗菜单 -> 计算机 ->〖卸载或更改程序〗-> VeraCrypt -> 卸载;在 Windows XP 中,选择〖开始〗菜单 -> 〖设置〗 -> 〖控制面板〗 -> 〖添加或删除程序〗 -> VeraCrypt -> 删除\n\n与此相似,如果您尝试以便携版运行 VeraCrypt 但是却已经运行了其它版本的便携 VeraCrypt,您必须重启电脑之后再运行新的版本。 - 错误:密码初始化失败。 - 错误:检测到弱强度密钥! 密钥将被废弃。请重试。 - 发生了关键性错误,VeraCrypt 必须被终止。如果该错误是 VeraCrypt 的缺陷导致的,我们可能会修正它。要协助我们完善软件,您可以把 Veracrypt 自动生成的错误报告发送给我们,报告包括下面内容:\n\n- 程序版本\n- 操作系统版本\n- CPU类型\n- VeraCrypt 组件名称\n- VeraCrypt 执行程序的校验值\n- 对话框窗口的符号标记\n- 错误分类\n- 错误地址信息\n- VeraCrypt 调用堆栈\n\n如果选择〖是〗,下面的 URL 网址(包含错误报告)将会在默认浏览器中打开。\n\n%hs\n\n您希望发送给我们上述错误报告吗? - 您的系统发生了关键性错误,该错误会终止 VeraCrypt。\n\n需要注意的是此错误并非由 VeraCrypt 导致(因此 VeraCrypt 开发者并不会修复这个错误)。请检查您的系统查找可能的原因(例如:系统配置、网络连接、失效的硬件组件等)。 - 系统遇到关键性错误,需要终止 VeraCrypt。\n\n如果此错误仍然存在,您可能需要尝试禁用或卸载可能导致此问题的应用程序,例如防病毒或防火墙软件,系统性能提升、优化或系统设置软件等等。如果仍然无法解决问题,您可能需要尝试从新安装您的操作系统(此问题也可能由恶意软件导致)。 - VeraCrypt 关键性错误 - VeraCrypt 检测到操作系统最近曾经崩溃过。有多种原因可能导致系统崩溃(例如,硬件故障、设备驱动存在BUG等等)\n\n您想要 VeraCrypt 检查此次系统崩溃是否为 VeraCrypt 自身导致的吗? - 您想要 VeraCrypt 继续检查此次系统崩溃吗? - VeraCrypt 未发现系统崩溃转储文件。 - 您想要删除系统崩溃转储文件以便释放磁盘空间吗? - 为了分析系统崩溃原因,VeraCrypt 需要先安装微软调试工具。\n\n在您点击〖确定〗按钮之后,TrueCrpyt 将会从微软服务器下载微软调试工具安装程序(16MB)并随后安装它(先访问 VeraCrypt 网站再访问微软),这样即使微软改变了安装包的地址,此功能依然有效)。 - 点击〖确定〗按钮之后,VeraCrypt 将会分析系统崩溃原因,这可能需要几分钟时间。 - 请确认环境变量“PATH”包含“kd.exe”(内核调试器)的路径。 - 看起来VeraCrypt并未导致系统崩溃。系统崩溃是其它原因导致的(例如,硬件故障,设备驱动BUG等等) - 分析结果表明更新以下驱动可能会解决问题: - 要协助我们确认这是否为 Veracrypt 的错误,您可以向我们提交软件自动生成的错误报告,错误报告包括下面内容:\n- 程序版本\n- 操作系统版本\n- CPU类型\n- 错误类型\n- 驱动名称和版本\n- 系统调用堆栈\n\n如果选择〖是〗,下面的 URL 网址(包含错误报告)将会在您的默认浏览器中打开。 - 您希望向我们提交此错误报告吗? - 加密(&E) - 解密(&D) - &永久解密 - 退出 - 请为该扩展分区创建一个逻辑分区,然后重试。 - VeraCrypt 加密卷可以存在于一个文件之中(叫作 VeraCrypt 容器),这个容器文件可以存在于硬盘上,或位于 USB 闪存上,等等。VeraCrypt 加密盘就象一个普通文件(例如,可以象任何普通文件一样被移动、复制、删除)。点击〖选择文件〗按钮为容器文件选择一个文件名和它的保存位置。\n\n警告:如果选择了一个已经存在的文件,VeraCrypt 并不会加密它,该文件将会被删除并会被新创建的 VeraCrypt 容器文件所覆盖。您可以通过把文件复制到即将创建的 VeraCrypt 加密容器里面去,来实现对相应文件的加密。 - 选择要创建的外层加密卷的位置(稍后将在此加密卷里面创建隐藏加密卷)。\n\n一个 VeraCrypt 加密卷可以存在于一个文件之中(也可叫作 VeraCrypt 容器),这个加密盘文件可以存放在硬盘上,或位于 USB 闪存上,等等。VeraCrypt 容器可以象任何普通文件一样被移动、复制、和删除。点击〖选择文件〗按钮为容器文件选择一个文件名和它的保存位置。如果您择了一个已经存在的文件,VeraCrypt 并不会加密它,该文件将会被删除并会被新创建的 VeraCrypt 加密容器所覆盖。您可以通过把文件复制到即将创建的 VeraCrypt 加密容器里面去,来实现对相应文件的加密。 - 设备类 VeraCrypt 加密卷可以创建于硬盘分区、固态硬盘、USB 闪存、以及其它存储设备上。分区也可以就地加密。\n\n除此之外,设备类加密卷也可以在不包含任何分区的设备中创建(包括硬盘以及固态设备)。\n\n注意:包含多个分区的设备,只有在此分区为 Windows 安装和启动分区时,才可以就地整盘加密(使用单一密钥)。\n\n警告:如果您加密整个分区或设备,所有当前存储于这个分区或设备上的数据将会被彻底擦除(仅在加密系统启动分区/驱动器时该分区上的数据才不会被破坏)。 - 设备类的 VeraCrypt 加密卷可以在硬盘分区、固态驱动器、USB 闪存,以及其它存储设备中创建。\n\n警告:分区/设备 将会被格式化并且存储在其上的所有数据都将会丢失。 - \n选择 VeraCrypt 外层加密卷的位置(您想要在这个加密卷里创建隐藏加密卷)。\n\n外层加密卷可以创建于硬盘分区、固态硬盘、USB 闪存、以及其它存储设备上。外层加密卷也可以在不包含任何分区的设备中创建(包括硬盘以及固态设备)。\n\n警告:该分区/设备将被格式化,所有当前存储于这个分区或设备上的数据将会丢失。 - 选择 VeraCrypt 外层加密卷的位置(您想要在这个加密卷里创建隐藏加密卷)。 - 警告:外层加密卷或设备正在使用中!\n\n忽略这些可能会导致非期望的错误,包括系统不稳定。 您在加载加密卷前应当关闭所有可能使用该外层加密卷或设备的应用程序(例如杀毒软件或备份程序)。\n\n继续加载吗? - 错误:无法加载加密卷。外层加密卷或设备正在使用中。不使用独占权限的加载尝试也同样会失败。 - 文件不能被打开。 - 加密卷位置 - 大文件 - 您想要在此 VeraCrypt 加密卷中存储大于 4 GB 的文件吗? - 根据您在前面的选择,VeraCrypt 将为加密卷选择一个合适的文件系统格式(您可以在下一步选择文件系统类型)。 - 当您创建外层加密卷的时候,您应当考虑选择〖否〗。如果选择〖是〗,默认的文件系统将会是 NTFS,NTFS 不如 FAT 文件系统那样适合于创建外层加密卷(例如,如果外层加密卷为 FAT 格式,可以创建的隐藏加密卷的最大容量比NTFS外层加密卷那个创建的隐藏加密卷要大很多)。通常情况下,FAT 格式为隐藏加密卷和常规加密卷的默认格式(因此创建 FAT 加密卷并无太多疑虑)。然而,如果用户计划在加密卷中存储大于 4 GB 的文件(FAT文件系统不支持),那么 FAT 系统则不是默认的格式。 - 您确认要选择〖是〗吗? - 加密卷创建模式 - 这是创建分区类型或设备类型加密卷的最快方式(就地加密,是另外一种选项,速度比此种方式要慢,这是因为就地加密时每个扇区的内容都需要预先读取、加密,之后再写入)。任何当前存储在所选分区/设备上的数据都会丢失(这些数据并不会被加密,它们将会被随机数据覆盖)。如果您想加密一个分区中的现有数据,请选择其它选项。 - 整个选定的分区以及位于该分区上的数据将会被就地加密。如果分区里面没有内容,您应当选择其它选项(以使加密卷创建速度更快)。 - 注意: - 继续(&R) - 推迟(&D) - 开始(&S) - 继续(&C) - 格式化(&F) - 擦除(&W) - 放弃格式化吗? - 显示更多信息 - 不再显示 - 已成功擦除 设备/分区 的内容。 - 已经成功擦除原始操作系统(隐形操作系统克隆时的系统来源)分区的内容。 - 请确认您将要安装的 Windows 版本(位于已擦除分区)与您正在运行的 Windows 版本相同。这是必须的,这是因为两个系统会使用同一公用启动分区。 - 该系统分区/驱动器已成功加密。\n\n注意:如果您需要在 VeraCrypt 加密系统启动时自动加载非系统加密卷,您可以加载它们并随后设置其为系统收藏加密卷,步骤:选择〖收藏〗 -> 〖添加已加载的加密卷为系统收藏加密卷〗。 - 该系统分区/驱动器已经被成功解密。 - \n\n已成功创建 VeraCrypt 加密卷并准备就绪。要创建另外的 VeraCrypt 加密卷,请单击〖下一步〗,否则请单击〖退出〗按钮。 - \n\n隐藏的 VeraCrypt 加密卷已成功创建(隐形操作系统将包含在这个隐藏加密卷之内)。\n\n单击〖下一步〗按钮继续。 - 已成功加密该卷 - 已解密加密卷 - 重要:要加载这个新建的 VERACRYPT 加密卷和访问存储于其中的数据,在 VERACRYPT 窗口中点击〖自动加载设备〗。在您输入正确密码之后(和/或 提供正确的密钥文件),加密卷将会以您在 VERACRYPT 列表中选择的盘符加载(您也将能够以该盘符访问加密数据)。\n\n【请记住或写下上述步骤】。您在希望加载这个加密卷和访问其中的数据时必须遵循上述步骤。另外一种方式是在 VeraCrypt 主窗口,点击〖选择设备〗,之后选择此 分区/设备,之后点〖加载〗。\n\n此分区/设备 已成功加密(选择包含完全加密的 VeraCrypt 加密卷)并为使用准备就绪。 - 已成功解密VeraCrypt加密卷。 - 对此VeraCrypt加密卷的解密已经完成。\n\n请选择一个盘符来挂载解密后的卷。\n\n重要: 你必须将解密后的卷挂载到一个盘符上来读取卷中的数据。 - 警告: 你必须将解密后的卷挂载到一个盘符上来读取卷中的数据,但没有可用的盘符。\n\n请释放一个盘符 (例如移除一个USB存储设备或外置硬盘) 然后点击 OK 。 - VeraCrypt 加密卷已成功创建。 - 加密卷已创建 - 重要:请在此窗口内随机移动鼠标,移动时间越长越好。这将会显著增加密钥的加密强度。之后点击〖格式化〗按钮创建加密卷。 - 点击〖格式化〗按钮创建外层的加密卷。如若获得更多信息,请参考软件文档。 - 外层加密卷格式化 - 隐藏加密卷格式化 - 加密卷格式化 - 如要显示或打印 VeraCrypt 用户指南需要使用 Adobe Acrobat Reader(或与其兼容的工具)。\n\nAdobe Reader(免费软件)下载地址: www.adobe.com\n\n您要在线查看这个文档吗(联网)? - 如果选择此选项,向导将会首先帮助您创建一个普通的 VeraCrypt 加密卷,随后会继续在这个普通的加密卷里面创建一个隐藏的 VeraCrypt 加密卷。非熟练用户应当选择这个选项来创建隐藏加密卷。 - 如果选择此选项,您将会在已有的 VeraCrypt 加密卷内创建一个隐藏的 VeraCrypt 加密卷。这里假设您已经创建好了适合于创建隐藏 VeraCrypt 加密卷的 VeraCrypt 外层加密卷。 - 加密卷创建模式 - 隐藏加密卷已创建 - 该隐藏的 VeraCrypt 加密卷已成功创建并可以立即使用。如果“VeraCrypt User's Guide”(Veracrypt 用户指南)的"Security Precautions Pertaining to Hidden Volumes"章节中的措施都被遵循,即使当外层加密卷被加载,也不可能证明存在隐藏加密卷。\n\n警告:如果您没有保护隐藏加密卷(保护的做法参考 VeraCrypt 用户指南的"PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE"章节),请不要向外层加密卷写入数据。否则您可能会覆盖或损坏隐藏隐藏加密卷! - 您已经启动了一个隐形操作系统。可能您已经注意到了,隐形操作系统看起来是安装到原始操作系统所在的分区。然而,实际上,隐形系统是安装到系统分区后面的分区上的(安装在隐藏加密卷中)。所有的读写操作将会从系统分区中透明的重定向到隐藏加密卷里面。\n\n操作系统本身和系统中的程序均不知道从系统分区中读写的数据实际上是从系统分区后面的分区中读写的(读/写到隐藏加密卷)。任何这样的数据都是同样即时加解密的(使用与即将创建的迷惑操作系统不同的加密钥)。\n\n\n请单击〖下一步〗按钮继续。 - 外层加密卷已成功创建并作为 %hc:驱动器加载。对这个外层加密卷,现在您应复制一些您不是真正要隐藏的貌似敏感的文件。这是为了对付那些强迫您给出系统分区后面那个分区密码的人的,这个分区可能包含外层加密卷和隐藏加密卷(以及其中的隐形操作系统)。您可以泄漏这个外层加密卷的密码,而此时没有任何迹象可以识别存在隐藏加密卷(以及隐形操作系统)。\n\n重要:您复制到外层加密卷中的文件占用的空间不应当超过 %s。否则,可能没有足够的自由空间来创建隐藏加密卷(此时您将无法继续后续操作)。在您复制完成之后,请点击〖下一步〗(不要卸载加密卷)。 - 外层加密卷已成功创建并作为 %hc:驱动器加载。对这个加密卷,现在您应复制一些您不是真正要隐藏的貌似敏感的文件。这是让那些强迫您泄漏密码的人能看到的文件。您将仅对这个外层加密卷泄漏密码,而不要泄漏给他们隐藏加密卷的密码。您真正要保护的文件将被存储在稍候创建的隐藏加密卷里。当您完成复制后,请单击〖下一步〗,并且不要卸载此加密卷。\n\n注意:单击〖下一步〗后,将进行簇状图扫描来确定连续的自由空间大小,此自由空间的尾部与加密卷尾部一致。该空间将提供用来创建隐藏加密卷同时也是隐藏加密卷的最大容量。簇状图扫描能够保证外层加密中卷的数据不会被隐藏卷覆盖。 - 外层加密卷内容 - \n\n在下一步您将要为外层加密卷(在其内将创建隐藏加密卷)调整其选项。 - \n\n在下一步,您将在系统分区后面的那个分区创建一个所谓的 VeraCrypt 外层加密卷(这在前面步骤已经有具体说明)。 - 外层加密卷 - 在下面步骤里,您将设置隐藏加密卷的选项和密码,这个隐藏加密卷里面将会包含隐形系统。\n\n注解:外层加密卷簇状图扫描已完成,以确定外层加密卷尾部开始的未受干扰的自由空间。该区域将容纳隐藏加密卷,因此这将限制隐藏加密卷的最大尺寸。隐藏加密卷最大可能容量已确定,已经确认大于系统分区的容量(这是必须的,因为整个系统分区的内容将被复制到隐藏加密卷中)。这也确保写入隐藏加密卷的数据不会覆盖储存在外层加密卷的数据。 - 重要:请记住您在这个步骤所选择的算法。您在加密迷惑系统的时候也必须选择这个算法。否则将无法访问隐形系统!(即迷惑系统和隐形系统必须使用同样的加密算法加密)。\n\n说明:原因是迷惑系统和隐形系统共用一个单一的启动管理器,这个引导器目前只支持用户选择的单一算法(对于每种算法,都会对应一个特定的 VeraCrypt 启动管理器版本)。 - \n\n外层加密卷簇状图扫描已完成,隐藏加密卷最大可能大小已确定。在下一步里您可以调整隐藏加密卷的选项、大小、和密码。 - 隐藏加密卷 - 在外层加密卷卸载前隐藏加密卷将处于保护之中。\n\n警告:如果有数据试图保存到隐藏加密卷区域,VeraCrypt 将会对整个加密卷(外层加密卷和隐藏加密卷)进行保护直到卸载。这会导致外层加密卷文件系统出错,如若重复出现也会影响隐藏加密卷的隐蔽性。因此,您应当尽量避免写入任何数据到隐藏加密卷区域。 任何保存到隐藏加密卷区域的数据将不被保存并且会丢失!Windows 可能会报告为写入错误(“延迟写入失败”或者是“参数不正确”)。 - 在外层加密卷卸载前每一个隐藏加密卷将处于保护之中。\n\n警告:如果有数据试图保存到任何隐藏加密卷区域,VeraCrypt 将会对整个加密卷(外层加密卷和隐藏加密卷)进行保护直到卸载。这会导致外层加密卷文件系统出错,如果反复出现也会影响隐藏加密卷的隐蔽性。因此,您应当尽量避免写入任何数据到隐藏加密卷区域。 任何保存到隐藏加密卷区域的数据将不被保存并且丢失! Windows 可能会报告为写入错误(“延迟写入失败”或者是“参数不正确)。 - 警告:数据试图保存到加载为 %c: 的加密卷的隐藏加密卷区域!VeraCrypt 已阻止这些数据的保存来保护隐藏加密卷。这会导致外层加密卷文件系统出错。Windows 可能会报告为写入错误(“延迟写入失败”或者是“参数不正确)。整个加密卷(外层加密卷和隐藏加密卷)将会被写保护到加密卷卸载为止。如果这不是 VeraCrypt 第一次阻止数据写入到隐藏加密卷区域,这样也会影响隐藏加密卷的隐蔽性(这是因为在外层加密卷文件系统可能存在反常的关联错乱)。因此,您应当考虑创建一个新的 VeraCrypt 加密卷(禁用快速格式化)并把此加密卷的数据移动到新加密卷里面去;此加密卷应当被安全擦除(外层卷和隐藏卷)。我们强烈建议您现在重启计算机。 - 您已表明要在此加密卷中存放大于 4GB 的文件。这种情况下加密卷就必须格式化为 NTFS。 - 当隐形操作系统运行时,非隐藏的加密卷无法被格式化为 NTFS 格式。原因是如需让操作系统格式化为 NTFS,就得以非写保护状态临时加载(反之如以格式化为 FAT,则由 VeraCrypt 而非操作系统来完成,无需加载加密卷)。如需获取更多技术细节,请参阅以下链接。您可以在迷惑操作系统中创建非隐藏的 NTFS 加密卷。 - 安全起见,当隐形操作系统正在运行时,隐藏加密卷只能以“直接”模式创建(这是因为外层加密卷必须总是以只读方式加载)。\n\n要安全的创建隐藏加密卷,请遵循如下步骤:\n\n1)启动到迷惑操作系统。\n\n2)创建一个常规 VeraCrypt 加密卷并复制一些您实际上并不想隐藏的貌似敏感的文件(该加密卷会作为外层加密卷)。\n\n3)启动隐形操作系统并启动 VeraCrypt 加密卷创建向导。如果此加密卷是文件类型的,移动该加密卷到系统分区或者其它隐藏加密卷中(否则新创建的隐藏加密卷将会以只读方式加载并且无法格式化)。按照向导的步骤进行并选择“直接”模式创建隐藏加密卷。\n\n4)在向导中,选择您在步骤 2 中创建的加密卷并遵循向导后面的步骤在这个加密卷之内创建隐藏加密卷。 - 安全起见,当隐形操作系统正在运行时,本地的非加密的文件系统和非隐藏 VeraCrypt 加密卷会以只读方式加载(没有任何数据可以写入这些文件系统或 VeraCrypt 加密卷)。\n\n而数据可以写入到 VeraCrypt 隐藏加密卷中(假设隐藏加密卷的存储容器并非位于非加密文件系统上或并非位于其它任何只读文件系统上)。 - 采取这样的限制措施有三种主要原因:\n\n- 可以为加载隐藏加密卷提供更安全的平台。因此我们官方推荐仅在隐形操作系统运行的情况下加载隐藏加密卷。(更多信息请参考文档的 'Security Precautions Pertaining to Hidden Volumes' 部份)\n\n- 在某些情况下,有可能确定在某一时间,某一特定的文件系统(或者文件系统中特定的文件并未保存或访问)并未在特定的操作系统的实例中加载(例如,通过分析和比较文件系统日志、时间戳记、应用程序日志、错误日志等等)。这可能暗示计算机上安装了隐形操作系统(译者注:恢复系统备份、重新安装系统也会造成这种迹象,作者考虑的因素并不全面)。而这里的措施则可以避免此类情况发生。\n\n- 能够防止数据损坏和保证安全的使用系统休眠功能,这里假设所有加载的文件系统在系统休眠的时候均为同一状态。VeraCrypt 通过对任何迷惑系统和隐形系统里面可以访问的系统执行写保护来保证这点。如果没有这样的保护,当在一个系统中加载一个文件系统,而此文件系统在另外操作系统中为休眠状态时,文件系统可能会被损坏。 - 注意:如果您要安全的从迷惑操作系统向隐形操作系统中传送文件,请遵循以下步骤: 1)启动迷惑操作系统。 2)保存这些文件到未加密的卷或者是 VeraCrypt 外层/常规加密卷。 3)启动隐形操作系统。 4)如果是把文件保存到 VeraCrypt 加密卷,则加载这个加密卷(该加密卷会自动以只读模式加载)。 5)复制这些文件到隐形操作系统的分区或者是其它隐藏加密卷。 - 您的计算机必须重启。\n\n您希望现在重启计算机吗? - 获取系统加密状态时出错。 - 不能创建加密卷,因为没有提供密码。 - 不能创建加密卷,因为没有提供加密卷的大小。 - 输入的加密卷的大小不兼容所选择的NTFS文件系统。 - 输入的加密卷的大小不兼容所选择的FAT文件系统。 - 因为需要动态卷支持,目标文件系统上不支持建立稀疏文件。 - 只能使用命令行建立容器文件。 - 不能创建加密卷,因为所输入的加密卷的大小大于加密卷所在磁盘的剩余空间。 - 不能创建加密卷,因为所输入的加密卷的大小太小。 - 不能创建加密卷,因为所输入的加密卷的大小太大。 - 不能初始化用于系统加密的程序组件。 - 初始化随机数据生成器失败! - Windows Crypto API 调用失败!\n\n\n(如果你要提交一个关于此的错误报告,请附上下面的技术信息: bug report:\n%hs, Last Error = 0x%.8X) - 无法初始化应用程序。注册对话框类失败。 - 错误:加载富文本编辑系统运行库失败。 - VeraCrypt 加密卷创建向导 - 该加密卷能创建的最大隐藏加密卷大小为 %.2f 字节。 - 该加密卷能创建的最大隐藏加密卷大小为 %.2f KB。 - 该加密卷能创建的最大隐藏加密卷大小为 %.2f MB。 - 该加密卷能创建的最大隐藏加密卷大小为 %.2f GB. - 该加密卷能创建的最大隐藏加密卷大小为 %.2f TB. - 当此加密卷被加载时,无法修改加密卷密码/密钥文件。 请首先卸载此加密卷。 - 当加密卷被加载时不能修改首密钥衍生算法。 请首先卸载加密卷。 - 加载(&M) - 需要新版本的 VeraCrypt 来加载此加密卷。 - 错误:未发现加密卷创建向导。\n\n请确认文件“VeraCrypt Format.exe”位于“VeraCrypt.exe”的目录之中。如果不是 这样,请重新安装 VeraCrypt,或在磁盘中定位“VeraCrypt Format.exe”并运行它。 - 错误:未发现加密卷扩展向导。\n\n请确认文件“VeraCryptExpander.exe”位于“VeraCrypt.exe”的目录之中。如果不是 这样,请重新安装 VeraCrypt,或在磁盘中定位“VeraCryptExpander.exe”并运行它。 - 下一步(&N) > - 完成(&F) - 安装(&I) - 释放(&X) - 不能连接到 VeraCrypt 设备驱动。如果设备驱动不能运行则 VeraCrypt 也无法正常工作。\n\n请注意,由于 Windows 系统问题,在能够正常加载设备驱动前可能需要注销或者重启计算机。 - 加载/准备字体时出错。 - 驱动器盘符未发现或没有指定驱动器盘符。 - 错误:无法制定一个盘符。\n\n你必须将解密后的卷挂载到一个盘符上来读取卷中的数据.\n\n再次尝试? - 驱动器盘符不可用。 - 未选定文件! - 无可用驱动器盘符。 - 外层加密卷无可用盘符! 加密卷创建不能进行。 - 无法检测操作系统版本号,或您正在使用不被支持的操作系统。 - 未选定路径! - 创建隐藏加密卷的自由空间不足! 加密卷创建不能继续。 - 错误:您复制到外层加密卷的文件占用的空间过多。因此,没有足够的空间创建隐藏加密卷。\n\n注意,隐藏加密卷的容量至少要大于系统分区(当前运行的系统所在的分区)的容量。原因是隐形操作系统需要把系统分区的内容完全复制到隐藏加密卷来创建。\n\n\n创建隐形操作系统的过程无法再继续。 - 此驱动无法卸载这个加密卷。位于此加密卷上某些文件可能仍被打开。 - 无法锁定此加密卷。此加密卷上仍有些文件被打开。因而也无法卸载。 - VeraCrypt 不能锁定该加密卷,这是因为此加密卷正在被操作系统或者其它程序占用(例如加密卷中有文件被打开)。\n\n您确认要强制卸载加密卷吗? - 请选择一个 VeraCrypt 加密卷 - 指定路径和文件名 - 选择 PKCS #11 运行库 - 内存不足 - 重要:我们强烈建议非熟练用户在选定的分区/设备里面建立文件类型的加密卷,而不是尝试加密整个分区/驱动器。\n\n例如,当您创建一个 VeraCrypt 文件类型加密卷时(相对于加密整个分区/驱动器),则不存在毁坏大量的文件的风险。请注意,一个 VeraCrypt 文件类型加密卷(尽管其包含虚拟的加密磁盘)事实上就象任意一个普通的文件一样。如若获取更多信息,请参考VeraCrypt User Guide中的 Beginner's Tutorial 章节。\n\n您确认要加密整个设备/分区吗? - 警告:加密卷 '%s' 已存在!\n\n重要:VeraCrypt 并不会加密这个文件,而是会删除这个文件。 您确定要删除这个文件并用一个新的 VeraCrypt 加密卷来替换它吗? - 务必小心:当前存储在选择的 %s '%s'%s 上的所有数据将会丢失(它们并不会被加密)!\n\n您一定要继续格式化吗? - 警告:您在加密卷完全加密前不能加载此加密卷或者访问存储于该卷上的任何文件。\n\n您确认要开始加密选择的 %s '%s'%s 吗? - 警告:您在加密卷完全解密前不能加载此加密卷或者访问存储于该卷上的任何文件。\n\n您确认要开始解密选择的 %s '%s'%s 吗? - 警告:请注意如果在就地加密现有数据时突然断电,或者在 VeraCrypt 就地加密现有数据时由于软硬件故障而导致电脑死机,可能会损坏或丢失一些数据。因此,在您开始加密前,请确认您已经备份了要加密的数据。\n\n您确认已经有这样的备份了吗? - 警告:任何存在于分区 '%s'%s(即位于系统分区后面的第一个分区)的文件将会因被擦除而丢失。(这些文件并不会被加密)!\n\n您确认要继续格式化吗? - 警告:选定的分区包含大量的数据!!!任何存储于此分区上的文件将会被擦除(他们并不会被加密)! - 通过在分区内创建 VeraCrypt 加密卷擦除该分区上的任何文件 - 密码 - PIM - 设置首密钥衍生算法 - 添加/移除 密钥文件... - 从加密卷中移除所有密钥文件 - 密码 和/或 密钥文件已成功修改。\n\n重要:请确认您已经阅读了用户指南的'Security Requirements and Precautions'章节中的'Changing Passwords and Keyfiles'部分。 - 此加密卷已经修改PIM并标记成"系统收藏加密卷"。\n您希望VeryCrypt自动更新系统收藏加密卷设置么(需要管理员权限)。\n\n如果您不希望的话,请稍后手动更新设置。 - 重要:如果您不销毁 VeraCrypt 应急盘,您的系统分区/驱动器仍然可以通过使用旧密码解密(通过启动 VeraCrypt 应急盘和输入旧密码)。您应当创建一个新的 VeraCrypt 应急盘,之后并销毁原来的应急盘。\n\n您希望创建一个新的 VeraCrypt 应急盘吗? - 请注意,VeraCrypt 应急盘仍然使用着早期的加密算法。如果您觉的先前的加密算法不安全,您应当创建一个新的 VeraCrypt 应急盘,之后并销毁原来的应急盘。\n\n您希望创建一个新的 VeraCrypt 应急盘吗? - 任何类型的文件(例如:.mp3、.jpg、.zip、.avi)都可以作为 VeraCrypt 的密钥文件。VeraCrypt 并不会修改密钥文件的内容。 您可以选择一个以上的密钥文件(与次序无关)。如果您添加了一个文件夹,里面的所有非隐藏文件都将作为密钥文件。点击〖添加口令牌〗来选择存储于安全口令牌或智能卡中的密钥文件(或者导入密钥文件到安全口令牌或智能卡)。 - 密钥文件已成功添加/移除。 - 密钥文件已导出。 - 首密钥衍生算法已成功设置。 - 请为您想要继续就地加密的非系统分区输入密码 和/或 密钥文件。\n\n\n注解:在您点击〖下一步〗之后,VeraCrypt 将尝试查找所有加密过程被中断的非系统分区(这些中断加密的分区的 VeraCrypt 头信息可以使用提供的密码 和/或 密钥文件解密)。如果发现了多个此类的分区,您需要在下个步骤里面选择他们其中的一个。 - 请选择下面列表中的一个加密卷。此列表包含所有加密被中断的非系统加密卷,它们的头信息可以使用提供的密码 和/或 密钥文件解密。 - 请输入用于解密非系统加密卷的密码和(或)提供密钥文件。 - 选择一个安全的密码非常重要。您应该避免选取能够在字典中查到的简单词汇(或是2、3、4 这类字符组合)作为密码,也不应包含任何名字或生日,同时也不应该容易被猜到。安全的密码应当包含随机的大小写字母、数字、以及类似 @ ^ = $ * + 这样的特殊字符。我们推荐使用大于 20 个字符的密码(越长越好)。最大的密码长度为 64 个字符。 - 请为隐藏加密卷选择一个密码。 - 请为隐形操作系统设置一个密码(即隐藏加密卷的密码)。 - 重要:您在本步骤中为隐形操作系统设置的密码必须绝对不同于其它的两个密码(也就是要不同于外层加密卷的密码和迷惑操作系统的密码)。 - 请输入外层加密卷的密码(您将在该加密卷中创建隐藏加密卷)。\n\n在单击〖下一步〗后,VeraCrypt 会尝试加载此加密卷。一旦加密卷被加载,将进行簇状图扫描来确定连续的自由空间大小(如果有的话),此空间的尾部与加密卷尾部一致。该区域将提供给隐藏加密卷并因此会限制它的最大可能大小。簇状图扫描是必要的,这可以确保外层加密卷的数据不会被隐藏加密卷覆盖。 - \n请选择外层加密卷的密码。在您被攻击者强迫说出启动验证密码的情况下,这个密码可以告诉攻击者。\n\n重要:您为外层加密卷选择的密码必须不同于隐藏加密卷的密码。\n\n说明:密码的最大长度为 64 个字符。 - 请选择外层加密卷的密码。在您被攻击者强迫说出系统分区后面的第一个分区(外层加密卷和包含隐形操作系统的隐藏加密卷均位于这个分区)密码的情况下,这个密码可以告诉这些攻击者。而隐藏加密卷和隐形操作系统仍然是安全的。需要注意的是,外层加密卷的密码并不是迷惑操作系统的密码。\n\n重要:您为迷惑操作系统选择的密码必须不同于隐藏加密卷的密码(也就是隐形操作系统的密码)。 - 外层加密卷密码 - 隐藏加密卷密码 - 隐形操作系统的密码 - 警告:简短密码容易被暴力破解技术破解!\n\n我们建议选择一个超过 20 个字符的密码。\n\n您确定要使用简短密码吗? - 加密卷密码 - 密码不正确或不是 VeraCrypt 加密卷。 - 密钥 和/或 密码不正确或不是 VeraCrypt 加密卷。 - 错误的加载模式/密码或不是 VeraCrypt 加密卷。 - 错误的加载模式,无效的密钥文件 和/或 密码,或者不是 VeraCrypt 加密卷。 - 密码不正确或不是 VeraCrypt 加密卷。 - 密钥 和/或 密码不正确或不是 VeraCrypt 加密卷 - \n\n警告:Caps Lock 已经开启。 这可能导致您密码输入错误。 - 记住所挂载的卷的PIM - 外层卷 PIM - 隐藏卷 PIM - 隐形操作系统 PIM - PIM (自定迭代次数) 是一个控制头部密钥迭代次数的值,当导出头部密钥时会向这样使用:\n 迭代次数 = 15000 + (PIM x 1000) \n\n当这个值留空或设为0时,VeraCrypt会使用默认值(485)来确保安全性。\n\n当使用20位以下的密码时,为了保证维持最小的安全性,PIM的值不能小于485。\n当使用20位以上的密码时,PIM的值可以任意自定。\n\nPIM大于485可能导致加密卷的挂载速度下降。PIM小于485可能会提高挂载速度,但是如果你的密码强度不足,这会降低安全性。 - PIM (自定迭代次数) 是一个控制头部密钥迭代次数的值,当导出头部密钥时会向这样使用:\n 迭代次数 = (PIM x 2048) \n\n当这个值留空或设为0时,VeraCrypt会使用默认值(98)来确保安全性。\n\n当使用20位以下的密码时,为了保证维持最小的安全性,PIM的值不能小于98。\n当使用20位以上的密码时,PIM的值可以任意自定。\n\nPIM大于98可能导致启动速度下降。PIM小于485可能会提高启动速度,但是如果你的密码强度不足,这会降低安全性。 - 记住所启动的系统的PIM - 你选择了一个大于VeraCrypt默认值的PIM。\n注意这可能使挂载/启动速度下降。 - 你选择了一个小于VeraCrypt默认值的PIM。注意如果你的密码强度不够强,这回事一个安全隐患。\n\n你确定你在使用一个强密码? - 对于系统加密,自定迭代倍数 (PIM) 的最大值是65535。 - 卷 PIM - \n\n警告:在密钥文件搜索路径中存在隐藏文件。此类隐藏文件无法被用作密钥文件。如果您需要将它们当作密钥文件使用,请去除它们的“隐藏”属性(使用鼠标右键点击文件,选择〖属性〗,去除勾选“隐藏”标志再点击〖确定〗按钮)。注意:隐藏文件仅在启用相关选项后才可见(我的电脑 -> 工具 -> 文件夹选项 -> 查看)。 - 如果您试图保护包含隐形系统的隐藏加密卷,请确认输入隐藏加密卷密码时您正在使用标准的美国键盘布局。这是因为这些密码实在启动验证环境中输入的,而此时非美国键盘布局将无法使用。 - VeraCrypt 未发现加密过程被中断的,同时头信息可以使用提供的密码 和/或 密钥文件解密的非系统分区。\n\n请确认密码 和/或 密钥文件是正确的,并且确认此 分区/卷 并未被操作系统或其它程序(也包含杀毒软件)占用。 - 所选择的设备/分区看起来已经完全加密。\n头标志 = 0x%.8X - 所选择的设备/分区看起来没使用就地加密。\n头标志 = 0x%.8X - \n\n注意:如果您试图加载不带有启动验证的加密系统驱动器中的分区,或者是加载没有运行的加密系统分区,您可以通过选择〖系统〗 ->〖以非启动验证方式加载〗。 - 在此模式下,您不能加载此驱动器上的分区(该驱动器的部分内容处于当前活动加密系统的关键范围)。\n\n要想以此模式加载此分区,您需要先启动到安装在不同驱动器上的操作系统(与该系统是否加密无关),或者是先启动一个未加密的操作系统。 - 在整个系统所在的磁盘被加密的情况下,VeraCrypt不能单独解密某个分区(你只能解密整个系统磁盘)。 - 警告:这个磁盘看起来包含VeraCrypt启动加载器,它有可能是已经加密的整个系统磁盘。如果是的话,VeraCrypt不能单独解密某个分区(你只能解密整个系统磁盘)。你可以继续,但你稍后会收到"密码错误"的消息。 - < 后退(&B) - 不能列表安装在系统上的 raw 设备! - 加密卷 '%s' 存在,并且是只读的。您确定要替换它吗? - 选择目标目录 - 选择密钥文件 - 选择密钥文件的搜索路径。警告:注意,记忆的只是路径,而不会记忆文件名! - 选择一个存储密钥文件的目录。 - 当前的容器文件被选择为密钥文件,但不会使用它作为密钥文件。 - Serpent 为与 AES 竞争算法中的一种。设计者为 Ross Anderson、Eli Biham、和 Lars Knudsen。发表于 1998 年。256 位密钥,128 位数据块,操作模式为 XTS。 - 请指定要创建的加密卷的大小。\n\n如果您打算创建一个动态的(稀疏文件)容器,该参数对应于该容器的最大尺寸。\n\n注意:最小的 FAT 加密卷大小为 292 KB。最小的 NTFS 加密卷大小为 3792 KB。 - 请指定要创建的外层加密卷的大小(随后将在其内创建隐藏加密卷)。包含隐藏卷的外层加密卷最小可能大小为 340 KB。 - 请指定要创建的隐藏加密卷的大小。隐藏加密卷的最小可能大小为 40 KB(格式化为NTFS时为 3664 KB)。最小可能的 NTFS 加密卷大小为 2829 KB。您可以指定加密卷的最大容量如上面所示。 - 外层加密卷大小 - 隐藏加密卷大小 - 请在确认选定的 分区/设备 的容量正确无误后单击〖下一步〗。 - 外层加密卷和隐藏加密卷(包含隐形操作系统)将存在于上面分区。\n\n请确认上面显示的分区大小和数值是正确的,如果正确,请点击〖下一步〗。 - \n\n注意:如若在其内创建隐藏加密卷,则外层加密卷最小可能大小为 340 KB。 - 加密卷大小 - 动态加密卷 - 警告:自检失败! - 全部算法自检通过 - 您提供的数据单元数值太长或太短。 - 您提供的次密钥太长或太短。 - 您提供的测试加密文本太长或太短。 - 您提供的测试密钥太长或太短。 - 您提供的测试明码文本太长或太短。 - 在 XTS 模式的层叠操作中需要两个密码。每个块首先使用 %s(%d 位密钥),之后使用 %s(%d 位密钥)加密。每个密码使用其各自的密钥。所有的密钥均各自独立。 - 在 XTS 模式的层叠操作中需要 3 个密码。每个块首先以 %s(%d 位密钥)加密,然后以 %s(%d 位密钥)加密,最后以 %s(%d 位密钥)加密。每个密码均使用各自的密钥。所有的密钥均彼此独立。 - 需要注意的是,依赖于操作系统配置,这些自动运行和自动加载功能可能仅当便携磁盘文件创建在非可擦写 CD/DVD 类介质时才能使用。同样也要注意这并不是 VeraCrypt 程序设计缺陷(而是 Windows 系统的限制)。 - VeraCrypt 便携磁盘已成功创建。\n\n注意:您必须具有系统管理员身份才能以便携模式运行 VeraCrypt。同时也要注意尽管以便携模式运行 VeraCrypt,也可能能够从注册表中被检测到曾经运行过 VeraCrypt。 - VeraCrypt 便携磁盘 - 设计者:Bruce Schneie、John Kelsey、Doug Whiting、David Wagner、Chris Hall、Niels Ferguson。发表于 1998 年。256 位密钥,128 位块,操作模式为 XTS。Twofish 为 AES 竞争算法中的一种。 - 关于 %s 的更多信息(联网) - 未知 - 发生未预期的或未知错误(%d)。 - 一些加密卷包含的文件或文件夹 正被应用程序或系统使用。\n\n强行卸载吗? - 卸载(&D) - 卸载失败! - 加密卷包含的文件或文件夹 被应用程序或系统使用。\n\n强行卸载吗? - 没有加密卷被加载到您所指定的盘符。 - 您试图要加载的加密卷早已加载。 - 试图加载加密卷时出错。 - 在加密卷里寻址时出错。 - 错误:错误的加密卷大小。 - 警告:您应当只能在下面的情况下使用快速格式化:\n\n1) 设备不包含敏感数据,且您不需要隐蔽性。\n2) 设备或分区已经被完全加密过。\n\n您确认要使用快速格式化吗? - 动态的容器是一个预先分配的 NTFS 稀疏文件,它的物理大小(实际磁盘空间占用)在有新数据添加到里面的时候才会增加。\n\n警告: 稀疏文件基础的加密卷性能比常规加密卷的性能有较大降低。稀疏文件基础的加密卷的安全性也要弱些-因为它有可能泄漏哪些加密卷扇区未被使用的情况。另外,稀疏文件基础的加密卷无法实现隐蔽性(容纳一个隐藏加密卷)。同时需要注意到是如果数据被写入到稀疏文件基础的加密卷,而此时主机文件系统剩余空间不足,加密的文件系统可能会损坏。\n\n您确认要创建稀疏文件基础的加密卷吗? - 注意,Windows 系统和 VeraCrypt 报告的动态加密卷的大小会等于它的最大尺寸。要查看当前容器的物理大小(占用的实际磁盘空间),在 Windows 资源管理器窗口右键单击容器文件,之后选择“属性”并查看“占用空间”的数值。\n\n同时也要注意,如果您把动态加密卷移动到另外容器或驱动器,容器的物理大小会变为它的最大大小。 (为避免此类情况发生,您可以在目标位置创建一个新的动态加密卷,然后把文件从老的加密卷中复制过来) - 密码缓存已擦除 - 存储在 VeraCrypt 驱动缓存中的密码(和/或 已处理的密钥文件内容)已经被擦除。 - VeraCrypt 不能修改外层加密卷的密码。 - 请从列表中选择一个未被占用的驱动器盘符。 - 请在驱动器列表中选择一个已加载的加密卷。 - 当前选择了两个已加载的加密卷(一个位于盘符列表中,另外一个位于列表下面的文本输入框中)。\n\n请确认您要选择的加密卷: - 错误:不能创建 autorun.inf - 处理密钥文件时出错! - 处理密钥文件路径时出错! - 密钥文件路径不包含文件。\n\n请注意,在密钥文件搜索路径中发现的该文件夹(以及其中包含的文件)已忽略。 - VeraCrypt 不支持此操作系统。 - 错误:VeraCrypt 仅支持稳定的操作系统版本(不支持 beta 版和 RC 版)。 - 错误:不能分配内存。 - 错误:不能恢复性能计数器的值。 - 错误:错误的加密卷格式。 - 错误:您提供了一个隐藏加密卷的密码(而不是常规加密卷的密码)。 - 安全起见,隐藏加密卷不能在带有就地加密文件系统的 VeraCrypt 加密卷中创建(这是因为该加密卷上的自由空间没有填充随机数据) - VeraCrypt - 法律提示 - 所有文件 - VeraCrypt 加密卷 - 运行库模块 - NTFS 格式化不能继续。 - 不能加载加密卷。 - 不能卸载加密卷。 - 格式化成 NTFS 磁盘格式时失败。\n\n请选择不同的文件系统格式(如果可能的话)再尝试一次。此外,您可以保留该加密卷为未格式化加密卷(文件系统选择为“无”),退出向导,加载这个加密卷,然后再使用系统或第三方工具格式化这个已经加载的加密卷(该加载的加密卷仍然为加密状态)。 - Windows 格式化加密卷为 NTFS 时失败。\n\n您希望格式化为 FAT 文件系统吗? - 默认 - 分区 - 分区 - 设备 - 设备 - 设备 - 加密卷 - 加密卷 - 加密卷 - 卷标 - 相对加密卷大小而言,选择的簇大小太小。 将替代使用大一些的簇大小。 - 错误:不能获取加密卷大小信息!\n\n请确认选择的加密卷未被系统或 其它程序使用。 - 隐藏加密卷不能创建于动态(稀疏文件)的外层加密卷中。要达到足够的隐蔽性,隐藏加密卷应当在非动态加密卷中创建。 - VeraCrypt 加密卷创建向导只能在 FAT 或 NTFS 加密卷内创建隐藏加密卷。 - 在 Windows 2000 系统里,VeraCrypt 加密卷创建向导只能在 FAT 加密卷里面创建隐藏加密卷。 - 注意:FAT 文件系统比 NTFS 文件系统更适合作为外层加密卷(例如,如果外层加密卷被格式化为 FAT 格式,能够创建的隐藏加密卷的大小可能会更大一些)。 - 注意:FAT 文件系统比 NTFS 文件系统更适合作为外层加密卷(例如,如果外层加密卷被格式化为 FAT 格式,能够创建的隐藏加密卷的大小可能会更大一些)(原因是 NTFS 文件系统总是在卷的中部存储内部数据,因此,隐藏加密卷只能创建在外层加密卷的后半部分)。\n\n您确认要继续格式化外层为 NTFS 格式吗? - 您想要把加密卷格式化为 FAT 格式吗? - 注意:此加密卷无法以 FAT 文件系统格式化,因为其大小超过 FAT32 文件系统所支持的最大值(512 字节扇区最大 2TB,4096 字节扇区最大 16TB)。 - 错误:隐形操作系统的分区(也就是系统分区后面的第一个分区)必须至少比系统分区大 5%(系统分区就是当前运行的操作系统所在的分区)。 - 错误:隐形操作系统的分区(也就是系统分区后面的第一个分区)必须至少比系统分区大 110%(2.1 倍)(系统分区就是当前运行的操作系统所在的分区)。原因是 NTFS 文件系统总是在卷的中部存储内部数据,因此,隐藏加密卷只能创建在外层加密卷的后半部分。 - 错误:如果外层加密卷被格式化为 NTFS,则它必须至少比系统分区大 110%(2.1 倍)。原因是 NTFS 文件系统总是在卷的中部存储内部数据,因此,隐藏加密卷只能创建在外层加密卷的后半部分。\n\n说明:外层加密卷需和隐形操作系统位于同一分区(即位于系统分区后面的第一个分区)。 - 错误:在系统分区后面没有其它分区。\n\n注意,在您创建隐形操作系统之前,您需要在此系统驱动器上创建一个分区。该分区必须是系统分区后的第一个分区,并且必须至少比系统分区大 5%(系统分区就是当前运行的操作系统所在的分区)。然而,如果外层加密卷(不要与系统分区混淆)被格式化为 NTFS 格式,则该分区必须至少比系统分区大 110%(2.1 倍)(原因是 NTFS 文件系统总是在卷的中部存储内部数据,因此,包含系统克隆的隐藏加密卷只能创建在外层加密卷的后半部分)。 - 注释:同时在单一分区的 VeraCrypt 外层和隐藏加密卷里面创建两个系统并不可行(因此也不被支持)。因为使用外层操作系统会经常要求写入数据到隐形操作系统所在区域(如果使用隐藏加密卷保护机制,也会因此而带来系统崩溃,即蓝屏错误)。 - 关于创建和管理分区的更多信息,请参考您的操作系统所提供的文档,或者联系您的计算机提供商以获取技术支持。 - 错误:当前运行的操作系统并未安装到启动分区(第一个作用/激活的分区)。目前不支持此情况。 - 您已经表明了要在加密卷里面存放大于 4GB 的文件。然而,您选择了 FAT 文件系统,此系统无法存储大于 4 GB 的文件。\n\n您确认要格式化该卷为 FAT 格式吗? - 错误:不能就地解密那些用1.0b或更旧的VeraCrypt创建的非系统加密卷。\n\n提示: 但你还是可以通过把其中的文件复制(或移动)到那些没有加密的卷中来解密它们。 - 错误:不能就地解密隐藏非系统加密卷。\n\n提示: 但你还是可以通过把其中的文件复制(或移动)到那些没有加密的卷中来解密它们。 - 警告:VeraCrypt不能就地解密隐藏卷(隐藏卷会被随机数据覆盖)。\n\n请确定将要解密的卷中不含隐藏卷\n\n提示: 如果要解密的卷中有隐藏卷但你不介意失去隐藏卷中的文件,你可以继续(外层卷会安全的被解密)。 - 此卷中不含隐藏卷,继续操作。 - 此卷中含隐藏卷,取消操作。 - 错误:不能访问加密卷!\n\n请确认选择的加密卷存在,并且该加密卷并未由系统或其它程序使用,同时该加密卷未被写保护,并且您具有对该加密卷的读写权限,并且确认该加密卷未被写保护。 - 错误: 不能获得卷的属性。 - 错误:不能访问该加密卷 和/或 获取该加密卷的信息。\n\n请确认该加密卷存在,并且未被操作系统或其它程序占用,以及您具有对该加密卷的读写权限,同时还要保证该加密卷未被写保护。 - 错误:不能访问该加密卷 和/或 获取该加密卷的信息。请确认选择的加密卷存在,并且未被操作系统或其它程序占用,以及您具有对该加密卷的读写权限,同时还要保证该加密卷未被写保护。\n\n如果此问题仍然存在,遵循以下步骤可能有所帮助。 - 发生了一个错误,VeraCrypt 无法加密分区。请尝试修复任何前面报告的问题之后再次尝试。如果此问题依然存在,遵循以下步骤可能有所帮助。 - 发生了一个错误,VeraCrypt 无法继续加密分区的过程。\n\n请尝试修复任何前面报告的问题之后再次尝试加密过程。注意:该加密卷在完全加密前将无法加载。 - 发生了一个错误,VeraCrypt 无法继续解密分区的过程。\n\n请尝试修复任何前面报告的问题之后再次尝试解密过程。 - 错误:不能卸载外层加密卷!\n\n如果加密卷中的文件或文件夹被程序或被 系统使用,则该加密卷不能被锁定。\n\n请关闭任何可能使用加密卷上文件或目录 的程序,然后再点击〖重试〗。 - 错误:不能获取外层加密卷的信息! 加密卷创建不能继续。 - 错误:不能访问外层加密卷! 加密卷创建不能继续。 - 错误:不能加载外层加密卷! 加密卷创建不能继续。 - 错误:不能获取加密卷簇状图! 加密卷创建不能继续。 - 按字母顺序 - 按平均速度(递减) - 算法 - 加密 - 解密 - 平均 - 盘符 - 大小 - 加密算法 - 加密算法 - 类型 - - 属性 - 位置 - 字节 - 隐藏 - 外层 - 常规 - 系统 - 隐藏(系统) - 只读 - 系统驱动器 - 系统驱动器(正在加密 - %.2f%% 已完成) - 系统驱动器(正在解密 - %.2f%% 已完成) - 系统驱动器(%.2f%% 已加密) - 系统分区 - 隐形操作系统 - 系统分区(正在加密 - %.2f%% 已完成) - 系统分区(正在解密 - %.2f%% 已完成) - 系统分区(%.2f%% 已加密) - 是(防止损坏!) - - 主密钥大小 - 次密钥大小(XTS 模式) - 调整密钥大小(LRW 模式) - - 块大小 - PKCS-5 PRF - PKCS-5 迭代次数 - 加密卷创建时间 - 头信息上次修改时间 - (%I64d 天前) - 加密卷格式版本 - 内嵌的备份头信息 - VeraCrypt 启动管理器版本 - 首个可用的 - 移动硬盘 - 硬盘 - 不改变 - 自动检测 - 向导模式 - 请选择一种安装模式,如果不确认,请使用默认模式。 - 如果您想安装 VeraCrypt 到当前系统,请选择此选项。 - 注意:即使在系统分区/设备已加密的情况下,或者您正在使用隐形系统的情况下,您也可以执行更新而无需解密。 - 如果选择该选项,所有文件都会被从安装包中释放出来,但是不会向系统中安装任何文件。如果您计划加密 Windows 系统分区或系统驱动器,请不要选择此选项。选择此选项有时会比较有用,例如,您希望以便携模式运行 VeraCrypt。VeraCrypt 不一定要必须安装到系统中。在所有文件释放后,您可以直接运行释放后的 'VeraCrypt.exe' 文件(这时 VeraCrypt 会以便携模式运行)。您也可以把释放后的文件复制到其它计算机。 - 安装选项 - 这里您可以设置控制安装过程的不同选项。 - 正在安装 - VeraCrypt 正在安装,请稍候。 - VeraCrypt 已经成功安装 - VeraCrypt 已经成功更新 - 请考虑给予捐助。您可在任何时间点击〖完成〗按钮关闭安装程序。 - 释放选项 - 您可以在这里设置控制释放过程的不同选项。 - 正在释放文件,请稍候。 - 文件已经成功释放 - 所有文件已经被成功释放到目标文件夹。 - 如果指定文件夹,将会自动创建该文件夹。 - VeraCrypt 程序文件将会更新到 VeraCrypt 的安装位置。如果您需要选择一个不同的位置,请先卸载当前安装的 VeraCrypt 。 - 您想联网查看当前版本的 VeraCrypt 的发行说明吗? - 如果您以前从未没有使用过 VeraCrypt,我们推荐您先阅读“VeraCrypt User Guide”文档中的“Beginner's Tutorial”章节。您想要查看用户指南吗(联网)? - 请从下面选项中选择要执行的操作: - 修复/重新安装 - 更新 - 卸载 - 要成功安装或卸载 VeraCrypt,您必须具有系统管理员权限。您确认要继续吗? - VeraCrypt 安装程序正在执行 VeraCrypt 的安装或更新。在您继续进行前,请等待其完成或者关闭它。如果您无法关闭它,请在继续之前重启计算机。 - 安装失败。 - 卸载失败。 - 该安装包已经损坏。请尝试重新下载安装包(优先建议从 VeraCrypt 官方网站 https://veracrypt.codeplex.com 下载)。 - 不能写入文件 %s - 正在释放 - 不能从安装包中读取数据 - 不能验证安装包的完整性。 - 释放失败。 - 安装已经回滚。 - VeraCrypt 已成功安装。 - VeraCrypt 已经成功更新。 - VeraCrypt 已经更新到新版本。在您开始使用新版本前,您必须重启计算机。\n\n您希望现在就重启计算机吗? - 警告:VeraCrypt 更新失败!\n\n重要:在您关机或重新启动系统前 ,我们强烈建议您使用系统还原(〖开始〗菜单 -> 所有程序 -> 附件 -> 系统工具 -> 系统还原),以恢复系统到名为“VeraCrypt 安装”的还原点。如果系统还原不可用,您应该在关机前尝试再从新安装原始版本的 VeraCrypt。 - VeraCrypt 已成功卸载。\n\n单击〖完成〗按钮来移除 VeraCrypt 安装程序和文件夹 %s。注意:如果该文件夹中含有非安装程序创建的文件,则该文件夹不会被移除。 - 正在移除 VeraCrypt 注册表项目。 - 正在添加注册表项目 - 正在删除程序相关数据 - 正在安装 - 正在停止 - 正在删除 - 添加图标 - 创建系统还原点 - 创建系统还原点失败! - 正在更新启动管理器 - 安装 '%s' 失败。 %s 您想要继续安装吗? - 卸载 '%s' 失败。 %s 您想要继续卸载吗? - 安装完毕。 - 无法创建文件夹 '%s' - 不能卸载 VeraCrypt 设备驱动。\n\n请首先关闭所有打开的 VeraCrypt 窗口。如果这样仍然不起作用,请重启计算机然后再试一次。 - 在安装或者卸载 VeraCrypt 之前必须先要卸载所有的 VeraCrypt 加密卷。 - 当前系统已经安装了老版本的 VeraCrypt。在安装新版本前需要卸载旧版本的 VeraCrypt。\n\n在您关闭此对话框之后,将会加载旧版本的卸载程序。在卸载的过程中将不会执行任何加密分区的解密操作。在卸载旧版本的 VeraCrypt 之后,请再次运行新版 VeraCrypt 安装程序。 - 安装注册表项目失败 - 安装设备驱动失败。请重启计算机后再尝试安装 VeraCrypt。 - 正在启动 VeraCrypt 设备驱动 - 卸载设备驱动失败。请注意,由于 Windows 系统问题,在设置驱动能够继续卸载或重新安装前可能需要注销或者重启系统。 - 正在安装 VeraCrypt 设备驱动 - 正在停止 VeraCrypt 设备驱动 - 正在卸载 VeraCrypt 设备驱动 - 注册用户账户控制支持运行库失败。 - 取消用户账户支持运行库失败。 - 便携模式注意事项:\n\n操作系统要求驱动程序在启动前已注册,因此,VeraCrypt 的驱动程序不是完全便携的(但 VeraCrypt 程序本身是完全便携的,也就是说,它们无需安装也不用在操作系统中注册)。此外,也须注意VeraCrypt 需要提供透明的实时加密/解密的驱动。 - 注意:如果您决定以便携方式运行 VeraCrypt(不同于安装后运行 VeraCrypt),系统会在您每次尝试运行 VeraCrypt 的时候询问您运行 VeraCrypt 的权限(UAC 提示)。\n\n原因是您以便携模式运行 VeraCrypt 时,VeraCrypt需要加载和运行 VeraCrypt 设备驱动。VeraCrypt 需要此设备驱提供透明实时加解密,并且不具有管理员权限的用户在 Windows 中将不能启动设备驱动。因此,系统将会要求您使用管理器特权运行 VeraCrypt 的权限(UAC 提示)。\n\n说明:如果您在系统中安装了 VeraCrypt,系统在每次启动 VeraCrypt 时将不会询问运行权限(无 UAC 提示)。\n\n您确认要释放这些文件吗? - 警告:这个加密卷创建向导的实例具有管理员权限。\n\n您新建的加密卷可能许可为加载时不允许向该加密卷写入数据。如果要避免这种情况发生,请关闭加密卷向导的实例并在非管理员权限下加载新的向导。\n\n您要关闭这个加密卷创建向导的实例吗? a - 错误:不能显示授权许可。 - 外层(!) - - 小时 - 分钟 - - 打开 - 卸载 - 显示 VeraCrypt - 隐藏 VeraCrypt - 加载后读取的数据 - 加载后写入的数据 - 加密部分 - 100%(完全加密) - 0%(未加密) - %.3f%% - 100% - 正在等待 - 正在准备 - 正在改变大小 - 正在加密 - 正在解密 - 正在完成 - 已暂停 - 已完成 - 错误 - 设备已断开 - 系统收藏加密卷已保存。\n\n要想在系统启动时加载系统收藏加密卷,请选择〖设置〗 -> 〖系统收藏加密卷〗 -> 〖在 Windows 启动时加载系统收藏加密卷〗。 - 您添加到收藏的既不是加密分区也不是动态加密卷。因此,如果设备号发生改变,VeraCrypt 将不能载入此收藏加密卷。 - 您添加到收藏的加密卷不是 Windows 能够识别的分区。\n\n因此,如果设备号发生改变,VeraCrypt 将不能载入此收藏加密卷。请设置分区的类型为 Windows 系统所能够识别的类型(使用Windows 'diskpart' 工具的 SETID 命令)。之后再添加此分区到收藏。 - VeraCrypt 后台任务已禁用,或被设置为在没有加密卷加载时退出(或者 VeraCrypt 正在以便携模式运行)。当含有这些加密卷的设备连接到电脑的时候,后台服务被禁用可能会阻止收藏加密卷自动加载。\n\n说明:要启用 VeraCrypt 后台任务,选择〖设置〗 -> 〖参数选择〗之后勾选“VeraCrypt 后台任务”部份的“启用”复选框。 - 当含有这些加密卷的设备连接到电脑的时候,存储于共享网络上的远程文件系统的加密容器不能被自动加载。 - 下面显示的设备既不是分区也不是动态加密卷。因此,当设备连接到电脑的时候,存储于这些设备中的加密卷将不能自动加载。 - 请设置下面显示的分区的类型为 Windows 系统所能够识别的类型(使用Windows 'diskpart' 工具的 SETID 命令)。之后从收藏中移除该分区并随后再次添加它。这可以使设备连接时,包含于其中的加密卷可以被 VeraCrypt 自动加载。 - 下面显示的设备既不是分区也不是动态加密卷。因此,不会赋予它们磁盘盘符。 - 请设置下面显示的分区的类型为 Windows 系统所能够识别的类型(使用 Windows 'diskpart' 工具的 SETID 命令)。之后从收藏中移除该分区并随后再次添加它。这可以使 VeraCrypt 能够赋予盘符给这个分区。 - 由于 Windows 系统的限制,在网络上共享的远程文件系统上的加密容器不能被加载为系统收藏加密卷(然而,它可以在用户登录时被加载为普通的收藏加密卷)。 - 为 %s 输入密码 - 为 '%s' 输入密码 - 输入常规外层加密卷的密码 - 输入隐藏加密卷的密码 - 输入存储在备份文件中的加密卷头的密码 - 密钥文件已成功创建。 - 你提供的密钥文件数量无效。 - 密钥文件的大小必须介于64字节至1048576字节之间。 - 输入要生成的密钥文件的文件名 - 输入的密钥文件基底文件名无效 - 密钥文件 '%s' 已存在。\n你希望覆盖它吗?选择"不"会停止生成过程... - 警告:加密卷头信息已经损坏!VeraCrypt 将自动使用内嵌在加密卷中的头信息备份。\n\n您应当通过选择〖工具〗->〖恢复加密卷头信息〗来修复头信息。 - 加密卷头信息备份已经成功创建。\n\n重要:使用恢复功能恢复时也会恢复当前加密卷的密码。另外,如果创建加密卷的时候使用了密钥文件,恢复后也需要同样的密钥文件来打开加密卷。\n\n警告:该加密卷头信息备份只能用在这个提供备份的加密卷上。如果您把该头信息备份恢复到其它加密卷,您可能能够打开加密卷,但是您将不能解密存储于加密卷的任何数据(这是因为您已经改变了加密卷的主密钥)。 - 加密卷头信息备份已经成功恢复。\n\n重要:请注意旧密码也同样被恢复了。另外,备份时如果需要密钥文件来加载加密卷,恢复后也需要同样的密钥文件。 - 安全起见,您需要输入正确的加密卷密码(和/或 提供正确的密钥文件)。\n\n注意:如果该加密卷中包含隐藏加密卷,您需要先输入正确的外层加密卷的密码(和/或 正确的密钥文件)。之后,如果选择老备份隐藏加密卷的头信息,您需要输入正确的隐藏加密卷密码(和/或 提供正确的密钥文件)。 - 您确认要创建加密卷 %s 的头信息的备份吗?\n\n在您点击〖是〗后,将会弹出备份的头信息文件的文件名提示对话框。\n\n注意:常规加密卷和隐藏加密卷头信息均将使用新的元素加密并存储到备份文件中。如果加密卷中没有隐藏加密卷,在备份文件中为隐藏加密卷保留的区域将会使用随机数据填充(以保持隐蔽性)。您需要输入创建头信息备份时的正确的密码(和/或 提供正确的密钥文件)。密码或密钥文件会自动确定要恢复的加密卷头信息类型,即常规的或是隐藏的(VeraCrypt 通过尝试和错误来侦测类型),尽管有时在加密卷里面并没有隐藏加密卷(为保留隐蔽性)。当从备份文件中恢复一个加密卷的头信息时,可以选择恢复哪个头信息(例如,隐藏解密卷或是标准加密卷) - 您确认要恢复加密卷 %s 的头信息吗?\n\n警告:恢复加密卷头信息也会恢复在创建备份时 有效的密码。另外,如果在备份时需要使用密钥文件加载加密卷,那么在头信息恢复后,仍然需要同样的密钥文件。\n\n在您点击〖是〗后,您将选择头信息备份文件。 - 此加密卷包含隐藏加密卷吗? - 此加密卷包含隐藏加密卷 - 此加密卷不包含隐藏加密卷 - 请选择您想要使用的加密卷头信息备份类型: - 从加密卷内嵌的备份中恢复加密卷头信息 - 从外部备份文件中恢复加密卷头信息 - 加密卷头信息备份文件的尺寸不对。 - 加密卷中没有内嵌的备份头信息(注意,仅在 VeraCrypt 6.0 和以后的版本才包含内嵌的头信息)。 - 您正在尝试备份系统分区/设备的头信息,该功能不被允许。对于系统分区/设备头信息的备份/恢复 只能通过使用 VeraCrypt 应急盘来进行。\n\n您希望创建 VeraCrypt 应急盘吗? - 您正在尝试恢复系统分区/设备的头信息,但是您选择的是系统分区/设备。该功能不被允许。 对于系统分区/设备头信息的备份/恢复 只能通过使用 VeraCrypt 应急盘来进行。\n\n您希望创建 VeraCrypt 应急盘吗? - 在点击〖确定〗按钮后,您将会设置新的 VeraCrypt 应急盘 ISO 镜像文件的名称和存放位置。 - 应急盘 ISO 镜像文件已经创建并存储为文件: %s\n\n现在您需要把应急盘刻录到 CD 或 DVD。\n\n重要:文件必须以 ISO 镜像文件方式刻录到 CD/DVD(不要刻录为单个的数据文件)。要获取更多的关于如何刻录 ISO 文件的信息,请参考您的 CD/DVD 刻录软件的说明书。\n\n请您在刻录应急盘之后,选择〖系统〗 -> 〖验证应急盘〗来验证应急盘是否已经成功刻录。 - 应急盘 ISO 镜像文件已经创建并存储为文件: %s\n\n现在您需要把应急盘刻录到 CD 或 DVD。\n\n您想要启动 Windows 自带的磁盘镜像刻录功能吗?\n\n注意,请您在刻录应急盘之后,选择〖系统〗 -> 〖验证应急盘〗来验证应急盘是否已经成功刻录。 - 请插入 VeraCrypt 应急盘到 CD/DVD 光驱并点〖确定〗按钮开始验证。 - VeraCrypt 应急盘已经被成功验证。 - 应急盘验证失败。\n\n如果您已经刻录了应急盘,请弹出后重新插入应急盘到 CD/DVD,之后再试一次。如果仍然无效,请尝试使用其它 CD/DVD 刻录软件或刻录盘。\n\n如果您尝试验证一个为不同的主密钥、密码、元素等创建的 VeraCrypt 应急盘,请注意这样的应急盘会无法通过验证。要创建一个新的和当前配置完全兼容的应急盘,请选择〖系统〗 -> 〖创建应急盘〗。 - VeraCrypt 应急盘ISO镜像已经被成功验证。 - 应急盘ISO镜像文件验证失败。\n\n请注意,如果你尝试验证一个与当前系统盘主密钥、密码或盐值等不同的情况下创建的应急盘,此操作将提示失败。要创建一个与当前配置相符的应急盘ISO镜像,请选择 "系统" > "创建应急盘" 。 - 创建 VeraCrypt 应急盘时失败。 - VeraCrypt 应急盘在隐形操作系统运行时无法创建。\n\n要创建 VeraCrypt 应急盘,请启动到迷惑操作系统之后选择〖系统〗 -> 〖创建应急盘〗。 - 不能确定应急盘是否刻录成功。\n\n如果您已经刻录了应急盘,请弹出后重新插入应急盘到 CD/DVD,之后再尝试验证一次。如果仍然无效,请尝试使用其它 %s 。\n\n如果您还没有创建应急盘,请首先创建一个,然后再点〖下一步〗按钮。\n\n如果您尝试验证一个运行加密盘创建向导以前创建的应急盘,则这样的应急盘是无法用于当前系统的,这是因为它是使用了不同的主密钥创建的。您需要刻录和创建一个新的应急盘。 - 和/或 其它 CD/DVD 刻录软件 - VeraCrypt - 系统收藏加密卷 - 什么是系统收藏加密卷?(联网) - 系统分区/驱动器看起来没有加密。\n\n系统收藏加密卷只能使用启动验证中的密码加载。因此,要启用系统收藏加密卷功能,您需要先加密系统分区/驱动器。 - 在操作前请卸载加密卷。 - 错误:不能设置计时器。 - 检查文件系统 - 修复文件系统 - 添加到收藏... - 添加为系统收藏加密卷... - 属性(&R)... - 隐藏加密卷被保护 - N/A - - - 禁用 - 1 个 - 2 个或多个 - 操作模式 - 卷标: - 大小: - 路径: - 驱动器盘符: - 错误:密码必须仅包含 ASCII 字符。\n\n密码中的非-ASCII 字符可能会导致在 操作系统配置改变时加密卷不能加载。\n\n允许使用下面字符:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - 警告:密码中包含非-ASCII 字符。可能会导致在操作系统配置改变时加密卷不能加载。\n\n您应当使用 ASCII 字符替换密码中的非 ASCII 字符。 如要这样做,点击〖加密卷〗 -> 〖修改加密卷密码〗\n\n下面字符为 ASCII 字符:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - 警告:我们强烈建议您避免使用可执行文件名(例如 .exe,.sys,或 .dll)以及其它可能有问题的类似扩展名作为加密卷的名称。使用这些扩展名通常会导致 Windows 或反病毒软件干预加密卷,这很可能会严重影响加密卷的性能,也可能会导致其它严重的问题。\n\n我们强烈建议您移除此扩展名或更换其扩展名(例如,改变为 .iso,.img,.dat)。\n\n您确认继续使用可能有潜在问题的扩展名吗? - 警告:该加密卷带有可执行文件的扩展名(例如 .exe,.sys,或 .dll)或其它可能有问题的类似扩展名作为加密卷的名称。 这很可能导致 Windows 或反病毒软件干预加密卷,会严重影响加密卷的性能,也可能会导致其它严重的问题。\n\n我们强烈建议您在卸载加密卷后移除此扩展名或更换为其它扩展名(例如,改变为 .iso,.img,.dat)。 - 主页(联网) - 警告:看起来您还没有安装任何 Windows 操作系统的补丁包。您不应当向未 安装 SP1 或以后补丁包的 Windows XP 系统中的大于128 GB 的 IDE 硬盘写 入数据!如果这样做,磁盘上的数据(不论是否为 VeraCrypt 加密卷)可能 会损坏。注意:这是 Windows 操作系统的限制,而不是 VeraCrypt 错误。 - 警告:看起来您的 Windows 2000 系统还未安装 SP3 或以后补丁包。 您不应当向这个系统中大于 128 GB 的 IDE 硬盘写入数据!如果这样 做了,磁盘上的数据(不论是否为 VeraCrypt 加密卷)可能会损坏。 注意:这是 Windows 操作系统的限制,而不是 VeraCrypt 的错误。\n\n注意:您也需在注册表里面启用 48-位 LBA 支持;更多信息,请参考 http://support.microsoft.com/kb/305098/EN-US - 警告:您的系统不支持 48-位 LBA ATAPI。因此,您将不能写入到超过 128GB 容量的 IDE 磁盘!如果您仍然坚持这样做,磁盘上的数据(不论其是否为 VeraCrypt 加密卷)将会损坏。请注意,这是 Windows 系统的限制,不是 VeraCrypt 软件的限制。\n\n要启用 48-位 LBA 支持,请在注册表的HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters下添加一个 'EnableBigLba' 键值并设置其值为 1。\n\n更多信息请参考 http://support.microsoft.com/kb/305098 - 错误:大于 4 GB 的文件不能存储于 FAT32 文件系统。因此,存储于 FAT32 文件系统上的文件类型的加密卷(或外层加密卷)不能大于 4 GB。\n\n如果您需要大容量的加密卷,请在 NTFS 文件系统(或者,如果您使用 Windows Vista SP1 或以后版本的系统,在扩展的 exFAT 文件系统)中创建,除此之外,您也可以使用创建加密分区来代替创建文件型加密盘。 - 警告:Windows XP 不支持大于 2048GB 的文件(将会被报告为“无足够存储空间”)。因此,在 Windows XP 中您不能创建大于 2048GB 的文件类型加密盘。\n\n请注意,在 Windows XP 中仍然是可以加密整个设备或者创建大于 2048GB 的分区类型 VeraCrypt 加密卷的。 - 警告:如果您想以后向外层加密卷中添加更多的数据或文件,您应当考虑为隐藏加密卷选择一个小一点的尺寸。\n\n您确认要以指定的尺寸继续吗? - 未选择加密卷。\n\n点击〖选择设备...〗或〖选择文件...〗来选择 VeraCrypt 加密卷。 - 没有选择分区。\n\n点击〖选择设备〗来选择一个通常需要启动验证的已卸载的分区(例如,一个位于另外加密系统驱动器上的另外一个没有运行的系统的分区,或者是另外一个操作系统的加密系统分区)。\n\n注意:选择的分区将被以常规 VeraCrypt 加密卷的方式加载而无需启动验证。这在执行备份和修复等操作时比较有用。 - 警告:如果默认的密钥文件被设定和启用后,则不能加载不使用该密钥文件的加密卷。因此,如果默认的密钥文件被设定和启用后,在打开非密钥文件加密的加密卷时,请记住取消对〖使用密钥文件〗选项的选择(在密码输入框的下面)。\n\n您确认保存选定的密钥文件/路径作为默认值吗? - 自动加载设备 - 全部卸载 - 擦除缓存 - 卸载全部 & 擦除缓存 - 强制全部卸载并擦除缓存 - 强制全部卸载擦除缓存并退出程序 - 加载收藏加密卷 - 显示/隐藏 VeraCrypt 主窗口 - (单击这里并按下某个键盘按键) - 操作 - 热键 - 错误:该热键为系统保留热键,请选择一个其它热键。 - 错误:热键被占用。 - 警告:一个或多个 VeraCrypt 作用于系统范围的热键不能使用!\n\n请确认 VeraCrypt 的这些热键没有被其它程序或操作系统占用。 - 已阻止创建虚拟内存页面文件。\n\n请注意,由于 Windows 自身的问题,页面文件不能位于非系统类 VeraCrypt 加密卷(包括系统收藏加密卷)。VeraCrypt 仅支持在加密的系统分区/设备上创建页面文件。 - VeraCrypt 加密休眠文件时发生了错误或者非兼容问题。因此系统的休眠已经被阻止。\n\n注意:当计算机处于休眠模式(或进入节电模式),系统内存的信息会被写入位于驱动器上的休眠文件。VeraCrypt 不能阻止在内存中打开的加密密钥和敏感文件的内容以未加密的形式存放于休眠文件。 - 休眠功能已经被阻止。\n\nVeraCrypt 不支持使用额外启动分区的隐形系统中的休眠功能。请注意启动分区是由迷惑系统和隐形系统共用的。因此,要防止数据泄露和休眠可能会带来的问题,VeraCrypt 不得不阻止隐形系统向共用的启动分区写入数据,以及阻止隐形系统休眠。 - 加载为 %c: 的 VeraCrypt 加密卷已卸载。 - VeraCrypt 加密卷已卸载。 - VeraCrypt 加密卷已经卸载,密码缓存已擦除。 - 已成功卸载 - 警告:如果 VeraCrypt 后台任务被禁用,下面的功能将会失效:\n\n1)系统热键\n2)自动卸载加密卷(例如注销时,意外的主设备移除,超时,等等)\n3)自动加载收藏加密卷\n4)提示(例如:对隐藏加密卷的损坏被阻止时)\n5)通知栏图标\n\n注意:您可以随时在通过右键单击 VeraCrypt 的通知栏图标并选择〖退出〗来停止后台任务。\n\n您确认要停止 VeraCrypt 的后台任务吗? - 警告:如果此选项被禁用,包含打开的文件/目录 的加密卷将不能自动卸载。\n\n您确认要禁用这个选项吗? - 警告:包含打开的文件/目录的加密卷将不能自动卸载。\n\n要防止这种情况,在对话框窗口中启用下面选项: 〖强行自动卸载,不论加密卷是否包含打开的文件或目录〗 - 警告:当笔记本电力不足时,Windows 可能会在计算机进入待机模式时,系统会向正在运行中的程序发送相应的信息。因此,这种情况下 VeraCrypt 可能会无法自动卸载加密卷。 - 您已经安排了加密 分区/设备 的计划。该计划尚未完成。\n\n您希望现在继续这个加密过程吗? - 您已经计划了加密或解密系统分区/驱动器的操作。但该操作尚未完成。\n\n您希望开始(或继续)该操作吗? - 您想要软件提示您是否要继续当前计划的加密非系统分区/卷的加密过程吗? - 是,一直提示我 - 否,不要再提示我 - 重要:请一定记住,任何时候,您都可以通过从 VeraCrypt 窗口的主菜单中选择〖加密卷〗 -> 〖继续被中断的过程〗,来继续任何非系统服务/卷的加密过程。 - 您已经设置了加密解密系统分区或驱动器的计划任务。然而,启动验证已失败(或被绕过)。\n\n注意:如果您在启动验证环境中解密了系统分区/驱动器,您可能需要从 VeraCrypt 窗口的〖系统〗 菜单 -> 〖永久解密系统分区/驱动器〗完成最后的设置步骤。 - 警告:如果 VeraCrypt 现在退出,以下功能将被禁用:\n\n1)系统热键\n2)自动卸载加密卷(例如注销时,意外的主设备移除,超时,等等)\n3)自动加载收藏加密卷 \n4)提示(例如,当阻止损害隐藏加密卷时)\n\n注意:如果您不希望 VeraCrypt 在关闭程序窗口后以后台方式运行,请在程序参数选择里面禁用后台任务选项。(并且,如有必要,在程序参数里面禁用 VeraCrypt 的自动运行)。\n\n您确定要退出 VeraCrypt 吗? - 退出吗? - VeraCrypt 没有足够信息确定是否要加密还是解密。 - VeraCrypt 无足够的信息来确定加解密状态。\n\n注意:如果您在启动验证环境解密系统分区/驱动器,您可能需要点击 Decrypt(解密)来最后完成解密过程。 - 注意:当你在就地加密非系统卷时持续遇到错误时,直到你完全解密此卷(例如执行"继续被中断的过程")前都无法挂载这个卷(也不能访问卷中的数据)。n\n如果要这样做:\n1)退出这个向导。\n2) 从 VeraCrypt 主窗口的菜单中选择"加密卷" -> "继续被中断的过程"。\n3) 选择 '解密'。 - 您想要中断和推迟对分区/驱动器的加密吗?\n\n注意:要记住这个加密卷在完全加密前是不能被加载的。您可以继续加密过程,加密则会在中断的地方继续。要达到这点,例如,可以从 VeraCrypt 主窗口的菜单中选择〖加密卷〗 -> 〖继续被中断的过程〗。 - 您想要中断和推迟对系统分区/驱动器的加密吗?\n\n注意:您以后也可以从中断位置恢复加密进程。操作如下:在 VeraCrypt 界面中选择〖系统〗 -> 〖继续被中断的过程〗。如果您想永久中止或回滚加密进程,请选择〖系统〗 -> 〖永久解密系统分区/驱动器〗。 - 您想要中断和推迟对系统分区/驱动器的加密吗?\n\n注意:您以后也可以从中断位置恢复加密进程。操作如下:在 VeraCrypt 界面中选择〖系统〗 -> 〖继续被中断的过程〗。如果您想回滚解密进程(和开始加密),选择〖系统〗 -> 〖加密系统分区/驱动器〗。 - 错误:中断加密/解密系统分区或驱动器的操作失败。 - 错误:中断擦除过程时失败。 - 错误:继续加密/解密系统分区或驱动器的操作失败。 - 错误:启动擦除过程时失败。 - 发现不一致性。\n\n\n(如果您使用此链接报告这个错误,请在报告中包含下面信息: %hs) - 错误:未知状态。\n\n\n(如果您报告与之相关的 BUG,请在错误报告里面包含下面的技术信息: %hs) - 没有要恢复的系统分区加密/解密进程。\n\n提示: 要恢复非系统分区加密/解密进程,选择"加密卷" -> "继续被中断的过程"。 - 警告: VeraCrypt 后台任务已禁用。在您退出 VeraCrypt 后,如果设置了阻止损坏隐藏加密卷,您也将无法得到提示。\n\n注意:您可以随时在通过右键单击 VeraCrypt 通知栏图标并 选择〖退出〗来停止后台任务。\n\n\n您要启用 VeraCrypt 后台任务吗? - 语言包版本: %s - 正在检测加载为 %s 的 VeraCrypt 加密卷的文件系统... - 正在试图修复加载为 %s 的 VeraCrypt 加密卷的文件系统... - 警告:该加密卷使用了已废弃的加密算法。\n\n所有 64-位块加密算法(Blowfish,CAST-128,和 Triple DES)已经逐渐不再被使用了。该加密卷在以后版本的 VeraCrypt 可能会被打开。然而以后则不会针对这些废弃算法采取一些改善措施。我们推荐您创建一个使用 128-位块加密算法的 Veracrypt 加密卷(如:AES,Serpent,Twofish,等等)并把使用旧算法的加密卷里面的文件移动到新的加密卷里面去。 - 您的系统未被配置为自动加载新加密卷。 因此也不可能加载设备类的加密卷。自动卸载 可以在执行下列命令后重启系统来启用。\n\n\nmountvol.exe /E - 请在继续前为该设备/分区分配一个盘符(〖控制面板〗 -> 〖系统和维护〗 -> 〖管理工具〗 - 〖创建和格式化分区〗)。\n\n这些是操作系统所要求的。 - 加载 VeraCrypt 加密卷 - 卸载所有 VeraCrypt 加密卷 - VeraCrypt 获取系统管理员权限失败。 - 访问被操作系统拒绝。\n\n可能原因:操作系统要求您对某些文件夹、文件、和设备具有读写权限(或管理员权限),以便您能够从其中读写数据。通常情况下,非系统管理员仅允许在他自己的文档文件夹中创建、读取和修改文件。 - 错误:该驱动器使用了不被支持的扇区尺寸。\n\n如果设备的扇区大于 4096 字节,目前不可能在其上创建 分区/设备 类的加密卷。然而,您可以在此类驱动器上创建文件类型的加密卷。 - 目前情况下,如果安装系统的磁盘扇区尺寸不是 512 字节,则无法在此基础上创建加密系统。 - VeraCrypt 启动管理器要求系统驱动器最前端至少有 32 KB 的未分配空间(VeraCrypt 启动管理器需要安装到该区域)。很不幸,您的驱动器无法满足这个条件。\n\n请不要把这个问题报告为 VeraCrypt 的程序缺陷。要解决这个问题,您需要对硬盘重新分区并保留硬盘的前 32 KB 为空闲状态(大多数情况下,需要您删除和重建第一个分区)。我们推荐您使用微软的分区管理来完成这个操作,例如,当您安装 Windows 时的分区管理程序。 - 此功能不支持当前您正在使用的操作系统版本。 - VeraCrypt 不支持在您当前使用的操作系统版本内加密系统分区/驱动器。 - 在您加密 Windows Vista 的系统分区/设备 前,您需要为 Vista 安装 Service Pack 1 或更高版本的补丁。\n\n提示:Vista Service Pack 1解决了启动系统时的自由基础内存缺陷。 - VeraCrypt 不再支持对未安装 SP 补丁的 Windows Vista 系统的系统分区/设备的加密。在升级 VeraCrypt 之前,请安装 Vista 的 Service Pack 1 或更高补丁版本。 - 错误:此功能要求 VeraCrypt 必须安装于当前系统(您正在以便携模式运行 VeraCrypt)。\n\n请安装 VeraCrypt 之后再试一次。 - 警告:Windows 看起来并未安装在它所启动的驱动器上。此功能目前尚不支持。\n\n尽在您确认 Windows 的确安装在它所启动的驱动器上时,您才应当继续。\n\n您确认要继续吗? - 您的系统驱动器具有 GUID 分区表(GPT)。当前只支持具有 MBR 的分区表。 - 警告:VeraCrypt 启动管理器已经安装到了您的系统驱动器上了!\n\n这可能在您的计算机上已经加密了另外一个系统。\n\n警告:继续加密当前运行的系统可能会导致其它系统无法启动或导致数据无法访问。\n\n您确定要继续吗? - 恢复原来的系统启动管理器时失败。\n\n请使用您的 VeraCrypt 应急盘('Repair Options' > 'Restore original system loader')或者 Windows 安装盘来清除 VeraCrypt 启动管理器。 - 原来的系统引导器没有保存到应急盘上(可能原因:备份文件丢失)。 - 写入 MBR 扇区时失败。\n\n您的 BIOS 可能设置为保护了 MBR 扇区或一些还原软件也会保护 MBR。请确认没有安装保护 MBR 的还原软件和检查您的 BIOS 设置(启动计算机后按 F2,Delete,或 Esc)中的 MBR/反病毒保护。 - 警告: 验证VeraCrypt 启动管理器的指纹失败!\n你的磁盘可能已被攻击者篡改("Evil Maid" 攻击)。\n\n如果你使用急救盘恢复了VeraCrypt 启动管理器或者使用了一个不同版本的VeraCrypt,也可能出现此错误消息。\n\n建议你立即更新密码并还原成原来的VeraCrypt 启动管理器。推荐重新安装VeraCrypt并采取措施阻止非信任的用户访问设备。 - 所要求版本的 VeraCrypt 启动管理器当前没有安装。这可能导致某些设置无法保存。 - 提示:在某些环境,您可能希望避免外人(攻击者)在您启动计算机时看到您使用 VeraCrypt 加密了系统。上面的选项允许您自定义 VeraCrypt 启动管理器屏幕比避免此类事情发生。如果您启用了第一个选项,在启动验证屏幕不会显示任何文本(即时输入错误密码也不会提示)。在输入密码的时候计算机看起来就像被冻结的一样。此外,也可以显示自定义的信息来误导攻击者。例如,例如“Missing operating system”之类的英文信息(这个信息在 Windows 启动管理器未发现启动分区的时候显示)。然而,必须要提醒的是,如果攻击者分析硬盘的内容,他仍然可以发现硬盘上存在 VeraCrypt 启动管理器。 - 警告:请记住,如果您启用此选项,VeraCrypt 启动管理器不会显示任何文本(即便是输错密码也不会显示任何文本)。计算机在够输入密码的时候计算机看起来就像被冻结(没有响应)一样(光标不会移动并且在按下按键的时候也不会显示掩码)。\n\n您确认要启用此选项吗? - 您的系统分区/驱动器看起来已经完全加密了。 - VeraCrypt 不支持加密已经转换为动态磁盘的系统驱动器。 - 该系统驱动器包含扩展(逻辑)分区。\n\n 您只能在 Windows Vista 或以后版本中加密包含扩展(逻辑)分区的整个系统驱动器。而在 Windows XP 系统中,您只可以加密仅含有一个主分区的整个系统驱动器。\n\n请注意:您仍然可以加密系统分区,来取代加密整个驱动器(并且,有别于加密整个驱动器,您可以在驱动器上的任何非系统分区创建分区类型的 VeraCrypt 加密卷)。 - 警告: 由于您运行的系统为 Windows XP/2003,在您开始加密驱动器之后,您一定不要在其上面再创建建扩展(逻辑)分区(您只可以创建主分区)。当您开始加密以后,任何的扩展分区均将无法再继续访问。\n\n说明:如果您无法接受这个条件,您可以返回和选择只加密系统所在分区而不是选择加密系统所在硬盘驱动器(另外,您可以在驱动器上的任何非系统分区创建分区类型的加密卷)。\n\n作为替代方案,如果您无法接受这个条件,您也可以考虑升级到 Windows Vista 或以后版本(您只可以在 Windows Vista 或以后版本中加密包含扩展/逻辑分区的整个驱动器)。 - 您的系统驱动器包含非标准分区。\n\n如果您正使用笔记本电脑,您的系统驱动器可能包含特别的恢复分区。当整个系统驱动器被加密后(包括任何恢复分区),如果计算机使用设计不当的BIOS系统可能无法启动。在系统盘解密前,也将无法使用任何恢复分区。因此,我们建议您只加密系统分区。 - 您确认要加密系统所在分区,而不是加密整个硬盘吗?\n\n说明:除了加密系统所在分区之外,您可以在该硬盘驱动器上的非系统分区创建分区类型的 VeraCrypt 加密卷。 - 由于您的系统驱动器仅包含一个占据了整个驱动器的分区,更适合(更安全)加密整个包含松散空间(通常位于这样分区的周围)的驱动器。\n\n您希望加密整个系统驱动器吗? - 您的系统已配置为在非系统分区存储临时文件。\n\n临时文件应该只位于系统分区(出于安全考虑)。 - 您的用户配置文件并非设置在系统分区。\n\n用户配置文件应该只存储于系统分区(出于安全考虑)。 - 非系统分区存在页面文件。\n\n页面文件应该只存储于系统分区(出于安全考虑) - 您想要设置 Windows 仅在 Windows 分区生成页面文件吗?\n\n请注意,如果您点击〖是〗,计算机将会重新启动。之后请启动 VeraCrypt 和尝试再次创建隐形系统。 - 否则,隐形系统的隐蔽性将会受到严重影响。\n\n说明:如果攻击者分析这些文件的内容(存在于非系统分区中),他可能会发现您在隐形系统创建模式里面使用了此向导(这可能暗示计算机上存在隐形系统)。还需说明的是,存储于系统分区的此类文件,在隐形系统创建过程中将会被安全擦除。 - 警告:在隐形系统创建过程中,您将会被要求全新安装当前运行的操作系统(以便安全创建迷惑系统)。\n\n说明:当前运行的操作系统和该系统分区的全部内容将会被复制到隐藏加密卷(以便创建隐形系统)。\n\n\n您确认您将使用 Windows 安装介质安装此系统吗(或使用服务分区)? - 安全起见,如果当前运行的操作系统需要激活,则必须在继续进行克隆前激活。注意到隐形操作系统将通过复制当前操作系统的内容到隐藏加密卷来得以创建(因此如果当前操作系统未激活,则隐形操作系统也处于未激活状态)。更多信息,请参考《VeraCrypt User's Guide》的 "Security Precautions Pertaining to Hidden Volumes" 章节。\n\n重要:在继续进行前,确认您已经阅读了《VeraCrypt User's Guide》的 "Security Precautions Pertaining to Hidden Volumes" 章节。\n\n\n当前运行的操作系统满足上面的条件吗? - 您的系统使用了一个额外的启动分区。VeraCrypt 不支持使用额外启动分区的隐形系统的休眠(迷惑系统完全可以休眠)。\n\n请注意,启动分区应当被迷惑系统和隐形系统所共同使用。因此,为了防止数据泄露和由于休眠所导致的问题,VeraCrypt 只能阻止隐形系统写入数据到共用的启动分区和阻止隐形系统使用休眠。\n\n\n您确认要继续吗?如果选择〖否〗,则会显示移除额外启动分区的提示信息。 - \n在安装 Windows 之前可以移除额外的启动分区。想要如此,请遵循以下步骤(译者注:这些步骤没有在XP安装光盘看到,请读者自悟吧,抱歉):\n\n1)启动您的 Windows 安装光盘。\n\n2)在 Windows 安装屏幕,选择 '现在安装' -> '自定义(高级)'。\n\n3)点击 '驱动器 选项'。\n\n4)选择主系统分区并选择删除这个分区,之后再确认删除(安装盘删除分区的时候会多次确认)。\n\n5)选择 '系统保留' 分区,选择 '扩展',并增加它的大小直到可以安装系统为止。\n\n6)选择 '应用' 和确认。\n\n7)安装 Windows 到 '系统保留' 分区。\n\n\n如果攻击者询问您移除额外启动分区的原因,您可以回答是因为您不希望数据泄露到未加密的启动分区。\n\n注意:您可以通过点击下面的“打印”按钮打印这些文本。如果您打印了这些文本,强烈建议您在移除额外启动分区后销毁这些纸张(否则,如果这些纸张被发现,可能暗示着存在隐形系统)。 - 警告:在系统分区和其后的第一个分区之间存在未分配空间。在您创建隐形操作系统之后,您必须不能在此未分配空间上创建任何新的分区,否则,隐形操作系统将无法启动(直到删除了这个新创建的分区)。 - 此算法当前不支持系统加密。 - 当使用TrueCrypt模式时不能使用这个算法。 - 当使用TrueCrypt模式时不能使用PIM 。 - 要使用这个PIM数值,你的密码必须大于20个字符。\n如果密码小于20个字符,只能使用485以上的PIM。 - 要使用这个PIM数值,你的启动验证密码必须大于20个字符。\n如果密码小于20个字符,只能使用98以上的PIM。 - 密钥文件当前不支持用在系统加密中。 - 警告:VeraCrypt 不能存储原始键盘布局。这可能导致您无法正确输入密码。 - 错误:不能设置 VeraCrypt 键盘布局为标准的美国键盘布局。\n\n说明:在 Windows 启动前的启动验证里需要输入密码,此时非美国标准键盘布局不可用。因此,密码必须使用标准的美国键盘布局输入。 - 由于 VeraCrypt 临时改变键盘布局为标准的美国键盘,目前在按下 ALT 按键的情况下无法通过键盘输入字符。然而您可以按下 Shift 键的时候输入大多数此类字符。 - VeraCrypt 会阻止对键盘布局的修改。 - 说明:在 Windows 启动前的启动验证里需要输入密码,此时非美国标准键盘布局不可用。因此,密码必须使用标准的美国键盘布局输入。然而,这不需要您必须使用真实的美国键盘。VeraCrypt 在您没有美国键盘的情况下也能够自动的保证您能够安全的输入密码(现在和启动验证环境)。 - 在您加密系统分区/驱动器前,您必须创建一个 VeraCrypt 应急盘,用途如下:\n\n- 如果 VeraCrypt 启动管理器、主密钥、或其它关键数据损坏了,可以使用应急盘修复它们(当然您必须输入正确的密码)。\n\n- 如果 Windows 系统损坏了并且无法启动,您可以在 Windows 启动前使用应急盘永久解密这个分区/驱动器。\n\n- 应急盘包含第一个柱面当前内容的备份(通常包含系统引导器或者启动管理器),在必要的时候您可以恢复它们。\n\nVeraCrypt 应急盘 ISO 映像文件将会在下面指定位置创建。 - 在您点击确定后,微软的 Windows 磁盘映像刻录器将会被启动。请使用它刻录 VeraCrypt 应急盘映像文件到 CD 或 DVD 中。\n\n在操作完这些之后,请返回到 VeraCrypt 加密卷创建向导并遵循向导的指令。 - 应急盘 ISO 镜像文件已经创建并存储为文件: %s\n\n现在您需要把应急盘刻录到 CD 或 DVD。\n\n在刻录应急盘后,点击〖下一步〗按钮验证应急盘已经成功刻录。\n\n%ls在刻录完应急盘之后,请点击〖下一步〗按钮验证应急盘是否被成功刻录。 - 应急盘映像文件已经被创建并且存储为文件: %s\n\n现在您应当刻录该应急盘到 CD/DVD 中去或者移动该 ISO 文件到一个安全的位置以备以后使用。\n\n%ls点击〖下一步〗继续。 - 重要:请注意,映像文件必须以 ISO 磁盘映像文件的方式刻录到 CD/DVD 中去(不能刻录为单个的数据文件)。要获取更多的关于如何刻录 ISO 文件的信息,请参考您的 CD/DVD 刻录软件的说明书。如果您还没有刻录 ISO 镜像文件的光盘刻录软件,请点下面链接下载这样的免费刻录软件。\n\n - 启动微软 Windows 磁盘映像刻录器 - 警告:如果您已经创建了 VeraCrypt 应急盘,它将不能再用于系统分区/驱动器,这是因为您每次加密系统分区/驱动器时都会使用不同的主密钥,尽管您使用的是同样的密码,您也必须创建一个新的 VeraCrypt 应急盘。 - 错误:不能保存系统加密设置。 - 不能初始化系统加密预测试。 - 不能初始化创建隐形操作系统的过程。 - 擦除模式 - 在某些存储介质上,当数据被其他数据覆盖后,也仍有可能通过磁力显微技术恢复出来被覆盖的数据。这也包括一些被加密方式覆盖的数据(这在 VeraCrypt 加密那些原来没有加密的系统分区或系统驱动器时可能会发生)。根据一些研究机构和政府机构发布的文献,通过使用伪随机或非随机数据覆盖一定次数可以阻止数据恢复或使数据恢复变的异常困难。因此,如果您确认攻击者可能会使用类似磁力显微技术恢复您的加密数据,您可以选择下拉列表中几种擦除算法中的一种(已经存在的数据不会丢失)。需要说明的是在分区/驱动器加密后不需要再执行擦除操作。当分区/驱动器被完全加密后,不会再有非加密数据向其写入。写入加密卷中的任何数据都是在内存中实时加密,然后这些已加密数据才会被写入到磁盘。 - 在某些存储介质上,当数据被其他数据覆盖后,也仍有可能通过磁力显微技术恢复出来被覆盖的数据。根据一些研究机构和政府机构发布的文献,通过使用伪随机或非随机数据覆盖一定次数可以阻止数据恢复或使数据恢复变的异常困难。因此,如果您确认攻击者可能会使用类似磁力显微技术恢复您的加密数据,您可以选择下拉列表中几种擦除算法中的一种(已经存在的数据不会丢失)。\n\n说明:擦除次数越多,花费的时间越长。 - 正在擦除 - \n说明:您可以中断擦除的过程,关闭您的计算机,重新启动隐形系统并在此后继续这个过程(该向导将会被自动运行)。然而,如果您中断此过程,整个擦除将会从头开始执行。 - \n\n说明:如果您中断了擦除的过程并想在以后继续擦除,整个的过程将不得不从头开始。 - 您确认要放弃擦除过程吗? - 警告:所选 分区/设备 的全部内容将会被擦除并因此而丢失。 - 原始操作系统所在的分区将会被擦除。\n\n说明:该分区的全部内容已经复制到了隐形系统分区。 - 警告:请注意如果使用 3-次擦除模式,加密驱动器/分区需要时间将会增加为原来的4倍。同样,如果选择35-次擦除模式,所消耗的时间会为原来的36倍(如果分区容量很大,很可能花费几周的时间)。\n\n然而,请注意在分区/驱动器完全加密后【无须】再对其执行擦除操作。在分区/驱动器被完全加密后,将不会再有非加密的数据向该分区/驱动器写入。所有写入的数据首先都会在内存中即时加密,之后才会向分区/驱动器写入加密的数据(因此并不会影响性能)。\n\n您确认要使用这种擦除模式吗? - 无(最快) - 1-次擦除(随机数据) - 3-次擦除(US DoD 5220.22-M) - 7-次擦除(US DoD 5220.22-M) - 35-次擦除("Gutmann") - 256-次擦除 - 操作系统数目 - 警告:入门用户请勿尝试加密多重启动方式的 Windows 。\n\n希望继续吗? - 当创建或使用隐形操作系统时,只有满足如下条件时,VeraCrypt 才支持多重启动配置:\n\n- 当前运行操作系统必须安装在启动驱动器,并且该驱动器中不能包含其它操作系统。\n\n- 安装在其它驱动器的操作系统不能使用任何位于当前运行操作系统所在驱动器中的启动管理器。\n\n确认满足以上条件吗? - 在创建或使用隐形操作系统时,VeraCrypt 不支持此多重启动配置。 - 引导驱动器 - 当前运行的操作系统安装到了引导驱动器上了吗?\n\n说明:有时 Windows 可能并未安装到 Windows 启动管理器(活动分区)分区上。如果属于这种情况,请选择〖否〗。 - VeraCrypt 当前不支持加密安装到非活动分区上的系统。 - 系统驱动器数目 - 有多少个驱动器含有操作系统?\n\n说明:例如,您在主驱动器上安装了任意系统(例如:Windows,Mac OS X,Linux,等等),在第二个驱动器上安装了其它的操作系统,这时就选择“2 个或多个”。 - VeraCrypt 目前不支持对包含多个操作系统的整个硬盘驱动器的加密。\n\n可能的解决方法:\n\n- 您可以后退并选择只加密单系统分区加密其中的一个系统(与选择加密整个系统驱动器相反)。\n\n- 或者,您也可以把要加密的驱动器中的其它系统迁移到其它的驱动器,而只在其中保留一个系统。 - 单驱动器中包含多个系统 - 在当前运行的系统所安装的驱动器中,是否包含其它任何操作系统?\n\n说明:例如当前运行的操作系统安装在驱动器 #0,该驱动器包含几个分区,其中一个分区安装了 Windows 系统,而另一个分区安装了其它任何操作系统(例如:Windows,Mac OS X,Linux,等等),请选择〖是〗。 - 非 Windows 启动管理器 - 是否安装了一个非 Windows 启动管理器(或启动管理器)到 MBR 中了吗?\n\n说明:例如,可启动的驱动器的第一个柱面包含 GRUB、LILO、XOSL,或其它非 Windows 启动管理器(或启动管理器),则选择“是”。 - 多重启动 - VeraCrypt 目前不支持在 MBR 中安装的非 Windows 多重启动管理器。\n\n可能的解决办法:\n\n- 如果您使用了一个启动管理器来启动 Windows 或 Linux,把启动管理器(典型的,例如 GRUB)从 MBR 中迁移到分区上。之后再次启动向导和加密系统分区/设备。说明:VeraCrypt 启动管理器将会成为主启动管理器,并且会允许您把原来的启动管理器(例如 GRUB)作为第二启动管理器(通过在 VeraCrypt 启动管理器屏幕按下 ESC 按键),因此您仍然可以启动 Linux。 - 如果当前运行的系统安装在活动分区上,随后,在您加密了该分区后,尽管您想要启动其它未加密的系统,您仍然要输入正确的密码(因为它们都会共享同一个加密的 Windows 启动管理器)。\n\n相反的,如果当前运行的系统并没有安装到 Windows 的启动分区(或者如果其它系统并未使用 Windows 启动管理器),随后,在您加密了该分区后,您在启动其它未加密的系统时不需要输入正确的密码 -- 您只需按 ESC 按键来启动未加密的系统(如果存在多个未加密的系统,您也同样需要在 VeraCrypt 的启动管理器中选择要启动的系统)。\n\n说明:通常情况下,最早安装的那个系统一般都会安装到启动分区。 - 加密主机保护区域(Host Protected Area) - 在很多硬盘的尾部,存在一个相对于操作系统隐藏的区域(这些区域通常被称作主机保护区域)。然而,某些程序可以从这些区域中读写数据。\n\n警告:某些计算机供应商可能使用这些区域存储用于 RAID、系统恢复、系统设置、诊断的工具和数据,或用于其它目地。如果此类工具和数据必须在启动前访问,那么这些隐藏区域不应当被加密(在上面选择〖否〗)。\n\n您希望 VeraCrypt 检测和解密系统驱动器尾部这些隐藏区域吗? - 系统加密类型 - 如果您只想加密系统分区或整个系统驱动器,请选择此项。 - 可能存在某些人强迫您解密操作系统的情况。在很多情况下您可能无法拒绝泄漏密码(例如,被勒索)。如果选择此选项,您将会创建一个没有任何手段可以识别的隐形操作系统(当然这得需要您遵循一定的步骤创建)。因此,您一定不要解密或者泄漏隐形操作系统的密码(译者注:这是因为隐形操作系统的存在只有您才知道,您不说的情况下没有任何手段可以检测到),如若获取更多信息,请单击下面链接。 - 可能存在某些人强迫您解密操作系统的情况。在很多情况下您可能无法拒绝泄漏密码(例如,被勒索)。\n\n使用本向导,您将能够创建一个没有任何手段可以识别的隐形操作系统(当然这得需要您遵循一定的步骤创建)。因此,您一定不要解密隐形系统或者泄漏隐形操作系统的密码(译者注:这是因为隐形操作系统的存在只有您才知道,您不说的情况下没有任何手段可以检测到)。 - 隐形操作系统 - 在后面步骤中,您将在系统分区之后的分区中创建两个 VeraCrypt 加密卷(外层的和隐藏的)。隐藏加密卷将包含隐形操作系统。VeraCrypt 将通过复制系统分区(即当前系统所在分区)的内容到隐藏加密卷来创建隐形操作系统。对于外层加密卷而言,您可以复制一些您实际上并不想隐藏的貌似敏感的文件。它们将用来对付那些强迫您说出隐藏系统分区密码的人。您可以把含隐形操作系统的外层加密卷的密码告诉它们(此时仍然无法发现是否存在隐形操作系统)。\n\n最后,在当前当前运行的系统的分区,您将会安装一个新的系统并加密以后作为迷惑系统来使用。这个迷惑系统不要含有任何敏感文件并且用来对付那些强迫您说出启动验证密码的人。总而言之,一共有三个密码,两个密码用于对付那些攻击者(分别对应迷惑操作系统和外层加密卷。如果您使用第三个密码,则将会启动隐形操作系统。 - 正在检测隐藏扇区 - 当 VeraCrypt 正在检测系统驱动器尾部可能存在的隐藏扇区时,请稍候。注意该操作可能花费较长时间才能完成。\n\n注意:在极少数情况下,某些计算机环境中,系统可能在检测过程中失去响应。如果发生此情况,重启计算机,运行 VeraCrypt,重复前面步骤并跳过此检测过程。此问题并不是 VeraCrypt 程序错误。 - 要加密的区域 - 如果您想加密操作系统安装和启动的分区,请选择此项。除了 VeraCrypt 启动管理器存放的第一个柱面之外,包括所有分区的整个硬盘驱动器将会被加密。任何要访问该驱动器上系统或文件的人都需要每次在系统启动前输入正确的密码。如果 Windows 并未安装到第二块或外部驱动器上并且没有从这些驱动器上启动,此选项不能用于加密第二块或外部驱动器。 - 正在搜集随机数据 - 密钥已生成 - VeraCrypt 未在系统上发现刻录机。VeraCrypt 需要 CD/DVD 刻录机来刻录一张可启动的 VeraCrypt 应急盘,应急盘包含密钥、VeraCrypt 启动管理器、原始启动管理器等信息的备份。\n\n我们强烈建议您刻录一张 VeraCrypt 应急盘。 - 我没有 CD/DVD 刻录机,但是我想在可移动驱动器上存放应急盘 ISO 映像文件(例如,USB 闪存)。 - 我将会在以后添加 CD/DVD 刻录机到电脑上。现在终止创建过程。 - 现在 CD/DVD 刻录机已经连接到电脑上了。继续并且刻录应急盘。 - 请遵循下面步骤:\n\n1)现在连接可移动驱动器到电脑上,例如 USB 闪存。\n\n2)复制 VeraCrypt 应急盘映像文件(%s)到可移动驱动器上。\n\n考虑到您以后有使用 VeraCrypt 应急盘的可能,建议您把这个可移动驱动器连接到其它有刻录机的电脑上,使用这个映像文件刻录一张应急盘。重要:请注意,VeraCrypt 应急盘映像文件必须以映像文件方式刻录,不能刻录为数据光盘。 - 正在刻录应急盘 - 应急盘已创建 - 系统加密预测试 - 应急盘已验证 - \nVeraCrypt 应急盘已成功验证。请从光驱中取出应急盘并把它存放到安全的地方。\n\n点击〖下一步〗继续。 - 警告:在下面步骤中,VeraCrypt 应急盘必须不能放在光驱中。否则就不可能正确完成此步骤。\n\n请从光驱中取出应急盘并把他放在一个安全的地方,之后点〖确定〗按钮。 - 警告:由于启动验证环境(即在 Windows 系统启动前)的技术局限,VeraCrypt 在启动验证环境显示的文本不能汉化。VeraCrypt 启动管理器的界面完全为英文模式。\n\n确认继续吗? - 在加密系统分区或启动前,VeraCrypt 需要验证每个环节都正确无误。\n\n在点击〖测试〗按钮以后,所有的组件(例如,启动验证组件,即 VeraCrypt 启动管理器)将会被安装并且您的计算机将会重启。之后您需要在 Windows 启动前的 VeraCrypt 启动管理器界面输入您的密码。在 Windows 启动后,程序将会自动通知您测试的结果。\n\n以下设备将会被修改: 驱动器 #%d\n\n\n如果您点击〖取消〗,将不会安装任何内容并且预测试将不会被执行。 - 重要提示 -- 请仔细阅读或打印(点击〖打印〗):\n\n注意:在您成功重启计算机和启动 Windows 前,您的文件并没有被加密。因此,如果出现任何失败,您的数据不会丢失。然而,如果过程中发生某些错误,您可能在启动 Windows 时会遇到麻烦。因此,请阅读(如果可能,请打印)下面的操作指南,以了解在重启计算机后不能启动 Windows 时如何操作。\n\n - 不能启动 Windows 时如何操作 ------------------------------------------------\n\n注意:这些指令仅在您还没有开始加密时有效。\n\n- 如果在输入正确的密码后 Windows 未能启动(或者您持续的输入正确的密码但 VeraCrypt 始终提示密码错误),请不要惊慌。重启计算机(或关机后再开机),在 TrueCrpyt 启动管理器屏幕,按下键盘的 ESC 按键(并且如果您有多个系统,就选择启动哪个系统)。之后 Windows 应当会启动(此时尚未加密系统)并且 VeraCrypt 会自动询问您是否要卸载启动验证组件。如果由于系统分区/驱动器已经加密而导致前面步骤无效(没有正确的密码,没有人可以启动加密系统或者访问该驱动器上的加密数据,即使他遵循前面步骤)。\n\n - - 如果前面步骤无效或者 VeraCrypt 启动管理器屏幕并没有出现(在 Windows 启动前),请在光驱中插入 VeraCrypt 应急盘并重启计算机。如果 VeraCrypt 启动管理器屏幕没有出现 或者如果您在启动管理器屏幕的 'Keyboard Controls' 部份没有看到 'Repair Options' 项目,很可能您的 BIOS 设置了硬盘优先于光驱启动。如果是这种情况,重启计算机,当您一看到 BIOS 启动屏幕的时候按下 F2 或 DEL 按键,直到 BISO 设置界面出现。如果 BIOS 设置界面没有出现,再次重启计算机,在您按下重启键的时候就按住 F2 或 DEL 按键。当 BIOS 设置界面出现时,配置您的 BIOS 优先从光驱启动(相关信息可以参考您的主板说明书或者资讯您的计算机供应商寻求技术协助)。之后重启计算机。VeraCrypt 启动管理器应该就会从应急盘中启动了。在VeraCrypt 启动管理器屏幕,按下键盘的 F8 按键选择修复选项(Repair Options)。在修复选项 'Repair Options' 菜单,选择 'Restore VeraCrypt Boot Loader'(恢复启动管理器)。之后从光驱中取出应急盘并重启计算机。之后 Windows 应当会启动(此时尚未加密系统)。\n\n - 注意,如果由于系统分区/驱动器已经加密而导致前面步骤无效(没有正确的密码,没有人可以启动加密系统或者访问该驱动器上的加密数据,即使他遵循前面步骤)。\n\n\n即使您丢失了您的 VeraCrypt 应急盘并且被攻击者发现了,他们没有正确的密码也无法解密已经加密了的系统分区或驱动器。 - 预测试已经完成 - 预测试已经成功完成。\n\n警告:请注意,加密时如果遇到突然断电、或者加密时由于软硬件故障而导致的电脑死机,可能会损坏或丢失一些数据。因此,在您开始加密前,请确认您已经备份了要加密的数据。如果您还没有备份,请现在就备份这些数据(您可以点击〖推迟〗,备份文件,之后在以后的任何时候再运行 VeraCrypt,并选择〖系统〗->〖继续被中断的进程〗来启动加密)。\n\n当一切准备就绪时,点击〖加密〗开始执行加密过程。 - 您可以在任何时候点击〖暂停〗或者〖推迟〗以中断加解密进程、退出向导、重启或关闭计算机,并在以后继续中断的进程,继续时将会从中断位置开始。为防止系统或程序读写系统盘盘造成性能变差,VeraCrypt 会自动等待数据读写完毕后(参考上面的状态)自动继续加解密。 - \n\n您可以在加密过程的任何时候点击〖暂停〗或者〖推迟〗,来中断加密的过程,退出向导,重启计算机,并在此后继续该过程,继续的时候将会从上次中断之处开始。注意:此加密卷在完全加密之前无法被加载。 - \n\n您可以在解密过程的任何时候点击〖暂停〗或者〖推迟〗,来中断解密的过程,退出向导,重启计算机,并在此后继续该过程,继续的时候将会从上次中断之处开始。注意:此加密卷在完全解密之前无法被挂载。 - 隐形系统已启动 - 原始系统 - Windows 会在系统分区创建(通常情况下,您并不知道或者同意)不同的日志文件、临时文件等等。同时也会在系统分区存储内存中的内容到休眠文件或虚拟内存页面文件。因此,如果攻击者分析原始系统(即隐形系统所克隆的系统来源)所在分区的文件,他可能会发现,例如,您使用过 VeraCrypt 向导的隐形系统创建模式(因此可能暗示计算机中存在隐形系统。\n\n要预防此类问题,在后面步骤中,VeraCrypt 将会安全擦除原始系统所在分区的所有内容。在此之后,为了达到隐蔽性,您需要在此分区上安装新的操作系统并使用 VeraCrypt 加密它(即成为所谓的迷惑系统)。因此您将会创建完成这个迷惑系统并且整个隐形系统的创建过程也会相应的完成。 - 隐形系统已经成功创建。然而,在您使用隐形系统(以及达到隐蔽性)之前,您需要安全擦除当前运行的系统所在分区的全部内容(使用 VeraCrypt)。在您这样做之前,您需要重启计算机,并在之后的VeraCrypt 启动管理器屏幕(在 Windows 启动前出现),输入隐形系统的密码。之后,在隐形系统启动后,VeraCrypt 向导将会自动加载。\n\n说明:如果您现在选择终止隐形系统的创建过程,您将【无法再】继续该过程并且隐形系统将【不能再】被访问(这是因为 VeraCrypt 启动管理器将会被移除)。 - 您已经设置了创建隐形系统的计划任务。该计划尚未完成。要完成该计划,您需要重启计算机,并在 VeraCrypt 启动管理器屏幕(在 Windows 启动前出现),输入隐形系统的密码。\n\n注意:如果您现在选择终止隐形系统的创建过程,您将【无法】再继续该过程。 - 重启计算机并继续 - 永久终止隐形系统的创建过程 - 什么也不做并在以后询问 - \n如果可能,请打印此段文本(单击下面的〖打印〗按钮)。\n\n\nVeraCrypt 应急盘使用时机和使用方法(加密后)-----------------------------------------------------------------------------------\n\n - I. 如何启动 VeraCrypt 应急盘\n\n要使用 VeraCrypt 应急盘,把应急盘插入光驱并重启计算机。如果 VeraCrypt 应急盘屏幕并没有出现(或者如果您在启动管理器屏幕的 'Keyboard Controls〗 部份没有看到 'Repair Options' 项目),很可能您的 BIOS 设置了硬盘优先于光驱启动。如果是这种情况,重启计算机,当您一看到 BIOS 启动屏幕的时候按下 F2 或 DEL 按键,直到 BISO 设置界面出现。如果 BIOS 设置界面没有出现,再次重启计算机,在您按下重启键的时候就按住 F2 或 DEL 按键。当 BIOS 设置界面出现时,配置您的 BIOS 优先从光驱启动(相关信息可以参考您的主板说明书或者资讯您的计算机供应商寻求技术协助)。之后重启计算机。VeraCrypt 启动管理器应该就会从应急盘中启动了。提示:在VeraCrypt 启动管理器屏幕,您可以按下键盘的 F8 按键选择修复选项(Repair Options)。\n\n\n - II. VeraCrypt 应急盘使用时机和使用方法(加密后)\n\n - 1)如果在您启动计算机前没有出现 VeraCrypt 启动管理器屏幕(或者 Windows 没有能够启动),那么 VeraCrypt 启动管理器可能已经损坏。VeraCrypt 应急盘允许您恢复启动管理器并重新获取对加密系统和数据的访问(当然您仍然需要输入正确的密码)。在应急盘屏幕选择修复选项 'Repair Options' > 'Restore VeraCrypt Boot Loader'(恢复启动管理器)。之后按下 'Y' 按键确认操作,从光驱中取出应急盘并重启计算机。\n\n - 2)如果您持续输入正确密码而 VeraCrypt 仍然提示密码错误(password is incorrect),很可能是主密钥或其它关键数据已经毁坏。VeraCrypt 应急盘允许您恢复这些数据因此就可以重新访问这些加密的系统和数据了(当然您仍然需要输入正确的密码)。在应急盘屏幕,选择修复选项 'Repair Options' > 'Restore key data'(恢复密钥数据)。之后输入您的密码,按下键盘的 'Y' 确认操作,从光驱中取出应急盘并重启计算机。\n\n - 3)如果 VeraCrypt 启动管理器被恶意程序损坏了或感染了,您可以通过运行应急盘来避免运行恶意程序。在光驱中插入应急盘之后在应急盘屏幕输入您的密码。\n\n - 4)如果 Windows 已经损坏并且不能启动,VeraCrypt 应急盘也可以允许您在启动 Windows 前永久解密分区/驱动器,在应急盘屏幕,选择修复选项 'Repair Options' > 'Permanently decrypt system partition/drive'(永久解密系统分区/驱动器)。之后输入正确的密码直到解密完成。接下来,您就可以启动 Windows 的安装光盘来修复 Windows 了。\n\n - 提示:另外一种方式,如果 Windows 已经损坏不能启动,您需要修复它(或者访问其上的文件),您可以通过以下步骤避免解密系统分区/驱动器:如果您在计算机上安装了多个操作系统,启动其中的某个不需要启动验证的系统。如果您的计算机没有安装多个操作系统,您可以启动一个 WinPE 或者 BartPE CD/DVD 系统,或者是把硬盘驱动器连接到其它计算机上作为从盘并启动其它计算机上的系统。在启动到此类系统环境之后,运行 VeraCrypt,点击〖选择设备〗,选择该受影响的系统分区,点击〖确定〗,选择〖系统〗->〖以非启动验证方式加载〗,输入您的启动验证密码并点击〖确定〗按钮。该分区将会以常规 VeraCrypt 加密分区的方式加载(数据也会象常规加密卷数据一样在内存中即时加解密)。\n\n\n - 注意:即使您丢失了您的 VeraCrypt 应急盘并且被攻击者发现了,他们没有正确的密码也无法解密已经加密了的系统分区或驱动器。 - \n\n重要 -- 如有可能请打印出来(点击〖打印〗)。\n\n\n注意:这些文本在您每次启动隐形系统时会自动显示,直到您开始创建迷惑系统。\n\n\n - 如何成功和安全的创建迷惑系统 ----------------------------------------------------------------------------\n\n为了达到隐蔽性的目地,您现在应当创建迷惑系统。要达到这个目地,请遵循如下步骤:\n\n - 1)安全考虑,关闭您的计算机并保持关机状态几分钟(时间越长越好)。这是出于清除内存中敏感数据的需要。之后打开计算机但不要启动隐形系统。\n\n - 2)在已擦除内容的原系统分区上安装 Windows(也就是之前隐形系统克隆的系统源分区)。\n\n重要:在您开始安装迷惑操作系统时,隐形系统将无法启动(这是因为 VeraCrypt 启动管理器将会被 Windows 系统安装程序所清除)。这种情况是很正常的,遇到了请不必惊慌。一旦您开始加密迷惑系统,您就能够启动隐形系统了(这是因为 VeraCrypt 之后会自动在系统启动器上安装 VeraCrypt 启动管理器)。\n\n重要:迷惑系统分区的大小必须等于隐藏加密卷的大小(此条件已达到)。并且,您必须不能在迷惑系统分区和隐形系统所在分区之间创建任何分区。\n\n - 3)启动迷惑系统(即您在前面的第 2) 步中安装的并把 VeraCrypt 安装到其中的那个系统)。\n\n必须牢记迷惑系统中从来都不要包含任何敏感数据。\n\n - 4)在迷惑系统中,运行 VeraCrypt 并选择〖系统〗->〖加密系统分区/驱动器〗。将会出现 VeraCrypt 加密卷创建向导。\n\n VeraCrypt 加密卷创建向导中执行以下步骤。\n\n - 5)在 VeraCrypt 加密卷创建向导中,不要选择“隐藏” 选项。保持“常规”选项为选中状态并点击〖下一步〗。\n\n - 6)选择选项“加密 Windows 系统分区”并点击〖下一步〗。\n\n - 7)如果计算机中只安装了一个隐形系统和迷惑系统,请选择“单系统”(如果在这两个系统之外还有其它系统,请选择“多系统”)。之后点击〖下一步〗。\n\n - 8)重要:在本步中,对于迷惑系统,您必须选择与加密隐形系统相同的加密算法和哈希算法!否则将无法访问隐形系统。换句话说,迷惑系统和隐形系统的加密算法必须系统。说明:原因是迷惑系统和隐形系统共用一个单启动管理器,这个管理器只支持用户选择的某个单一算法(对于每种算法,都会对应一个特定的 VeraCrypt 启动管理器版本)。\n\n - 9)在这个步骤中,为迷惑系统选择一个密码。当您被要求或者强迫提供启动验证密码时您可以泄漏这个迷惑系统的密码(另外一个可以泄漏的密码是外层加密卷密码)。而第三个密码(也就是启动验证里面用于启动隐形系统的密码)仍然是保密的。\n\n重要:迷惑系统的密码必须完全不同于隐藏加密卷的密码(隐藏加密卷的密码也就是隐形操作系统的密码)。\n\n - 10)遵循向导的其余指令以加密迷惑操作系统。\n\n\n\n - 在迷惑操作系统创建之后 ------------------------------------------------\n\n在您加密了迷惑操作系统之后,这个隐形系统的创建就完成了,这时您可以使用三个密码:\n\n1)启动验证中用于启动隐形系统的密码。\n\n2)启动验证中用于启动迷惑操作系统的密码。\n\n3)用于外层加密卷的密码。\n\n - 如果您想启动隐形操作系统,只需要在 VeraCrypt 启动管理器屏幕(该屏幕出现于您开机或者重启系统的时候)输入隐形操作系统的密码。\n\n如果您想启动迷惑操作系统,只需要在 VeraCrypt 启动管理器屏幕输入迷惑操作系统的密码即可。\n\n迷惑操作系统的密码可以泄漏给强迫您说出密码的人,而此时隐藏加密卷(以及隐形操作系统)的存在仍然是保密的。\n\n - 第三个密码(外层加密卷的密码),可以泄漏给强迫您说出系统分区之后那个分区密码的人(这个分区包含外层加密卷和隐藏加密卷,隐藏加密卷中即为隐形系统)。而此时隐藏加密卷(以及隐形操作系统)的存在仍然是保密的。\n\n\n - 如果您把迷惑系统的密码泄漏给强迫您说出密码的人,如果他询问为什么(迷惑)系统分区的自由空间包含随机数据,您可以回答,例如:"这个分区以前包含 VeraCrypt 加密的系统但是我忘记了密码(或者说这个系统已经损坏和无法启动了),因此我不得不安装了 Windows 和重新加密了这个分区"。\n\n\n - 如果您遵循了前面的指令并且遵循了《VeraCrypt User Guide》中的 "Security Precautions Pertaining to Hidden Volumes" 章节所提到的防护措施,则外人无法证明隐藏加密卷和隐形系统的存在,哪怕是外层加密卷已加载或迷惑操作系统已解密/启动。\n\n如果您打印了此文本,在您创建迷惑操作系统之后并理解了文本中所述内容之后,强烈建议您销毁这个文本(否则,如果该文本纸张被发现,可能会暗示计算机上有存在隐形系统的可能)。 - 警告:如果您没有保护隐藏加密卷(保护的做法参考 VeraCrypt 用户指南的"Protection of Hidden Volumes Against Damage"章节),请不要向外层加密卷写入数据。否则您可能会覆盖或损坏隐藏隐藏加密卷!请不要想外层加密卷写入数据(注意,迷惑操作系统并未安装在外层加密卷)。否则,您可能会覆盖和损坏隐藏加密卷(以及在其内的隐形系统)! - 正在克隆操作系统 - 在下一步中,VeraCrypt 将会通过复制当前运行系统的内容到隐藏加密卷来创建隐形系统(被复制的数据将会使用与迷惑系统不同的密钥实时加密))。\n\n请注意该过程将会在启动验证环境中执行(在 Windows 启动前),并可能花费较长的时间;可能需要花费几个小时或者几天(依据系统分区容量和计算机性能而定,例如PM1.6GHz加密时大概的速度是0.5GB/分钟左右)。\n\n您可以中断该过程,关机,启动操作系统并在此之后继续该过程。然而,如果您中断该过程,整个复制系统的过程将会不得不从头开始(因为系统分区的内容在克隆期间必须不能被改变)。 - 您想要取消整个隐形操作系统的创建过程吗?\n\n注意:如果现在取消,您将无法继续该进程。 - 您要取消系统加密预测试吗? - VeraCrypt 系统加密预测试失败。您希望再试一次吗?\n\n如果选择〖否〗,则启动验证组件将会被卸载。\n\n说明:如果 VeraCrypt 启动管理器在 Windows 启动前不要求您输入密码,这很可能是您的操作系统并没有从该系统所安装的驱动器引导的。目前并不支持这种方式。\n\n- 如果您使用了AES 之外的加密算法并且预测试失败了(并且您也输入了密码),这可能由有设计缺陷的驱动导致的。选择〖否〗,尝试再次加密系统分区/设备,但是要使用 AES 加密算法(该算法所需内存最低)。\n\n- 更多可能导致该错误的原因,请参考: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - 该系统分区/驱动器看起来没有被加密(或者是没有被完全加密)。 - 您的系统分区/驱动器已加密(部分或完全加密)。\n\n请在继续进行前解密该系统分区/驱动器。操作步骤:在 VeraCrypt 主窗口的菜单中,选择〖系统〗->〖永久解密系统分区/驱动器〗。 - 当系统分区/驱动器已部份或完全加密时,您不能降级 VeraCrypt 的版本(但是可以更新到新版本或者从新安装同一版本)。 - 您的系统分区/驱动器正在被加密/解密,或正在被修改。请在继续操作前中断这个加密/解密/修改进程(或者等待直到其完成)。 - 已经有 VeraCrypt 加密卷创建向导的实例在运行,并且正在执行对系统分区/驱动器的加密或解密操作。在您继续前,请等候其完成或者关闭该实例。如果您无法关闭这个实例,请在继续操作前重启计算机。 - 加密或解密系统分区/驱动器的进程尚未完成。在进程完成前请稍候。 - 错误:加密分区/驱动器的过程已经未完成,该过程必须首先完成。 - 错误:加密 分区/卷 的过程尚未完成。您必须首先完成此过程。\n\n说明:要继续该过程,在 TrueCrype 主界面的菜单中,选择〖加密卷〗->〖继续被中断的过程〗。 - 密码正确,VeraCrypt 已经成功解密加密卷头信息并检测到了该加密卷存在一个隐形的操作系统。然而,您不能以此种方式修改隐形系统卷的头信息。\n\n要修改隐形系统卷的密码,请启动隐形操作系统,之后在 VeraCrypt 主界面选择〖系统〗->〖修改密码〗。\n\n要设置首密钥的生成算法,启动隐形操作系统并在程序窗口选择〖系统〗->〖设置首密钥生成算法〗。 - VeraCrypt 不支持就地(在隐形系统内)解密隐形操作系统分区。\n\n说明:如果您要解密迷惑操作系统,可以启动到迷惑操作系统,在 VeraCrypt 程序中选择〖系统〗->〖永久解密系统分区/驱动器〗。 - 错误:错误/无效的参数。 - 您已经选择了一个分区或者设备,但是在向导模式您只能选择文件型加密卷。\n\n您希望改变向导模式吗? - 您想取代创建为 VeraCrypt 文件型加密卷吗? - 您已经选择了系统分区/驱动器(或启动分区),但是您选择的向导模式只适用于非系统驱动器。\n\n您希望设置启动验证(意味着每次启动 Windows 前,都需要您输入密码)和加密系统分区或驱动器吗? - 您确认要永久解密系统分区/驱动器吗? - 警告:如果您永久解密系统分区或驱动器,数据将会恢复为未加密状态。\n\n您确认要永久解密系统分区或驱动器吗? - 你确定要永久解密这个加密卷吗? - 注意: 如果你永久解密一个卷,未加密的数据会写入到磁盘上。\n\n你确定要永久解密这个加密卷吗? - 警告:如果您使用一种级联算法加密操作系统,您可能会遇到以下问题:\n\n1)VeraCrypt 启动管理器体积偏大,因此驱动器的第一个柱面可能无法容纳 VeraCrypt 启动管理器的备份。因此,当其损坏的时候(这个可能会经常发生,例如,在某些程序的有设计缺陷的反隐私操作情况下),您将需要使用 VeraCrypt 应急盘启动和修复 VeraCrypt 启动管理器。\n\n2)在一些计算机上,导致休眠时间过长。\n\n这些潜在的问题可以通过选择一种非级联算法(例如 AES)来预防。\n\n您真的要坚持继续使用级联算法吗? - 如果您遇到任何前面描述的问题,请解密该分区/驱动器(如果已加密)并使用一种非级联算法加密(例如 AES)。 - 警告:安全考虑,在更新隐形系统中的 VeraCrypt 之前,您应当先更新迷惑系统中的 VeraCrypt。\n\n可以这样实现:启动到迷惑系统,运行 VeraCrypt 安装程序。之后启动到隐形系统和运行 VeraCrypt 安装程序。\n\n注意:迷惑系统和隐形系统共用一个启动管理器。如果你仅在隐形系统升级 VeraCrypt,迷惑系统的 VeraCrypt 驱动版本则与 VeraCrypt 启动管理器的版本不同,亦可能暗示在电脑上存在隐形系统。\n\n\n您确认要继续吗? - VeraCrypt 启动管理器的版本与系统中安装的 VeraCrypt 驱动和程序版本不一致。\n\n您应当运行 VeraCrypt 安装程序(版本号与 VeraCrypt 启动管理器相同)来更新操作系统中的 VeraCrypt。 - 启动该系统的 VeraCrypt 启动管理器版本号不同于安装在系统上的 VeraCrypt 设备驱动或 VeraCrypt 应用程序的版本号。请注意,早期版本可能存在一些新版已经修复的 BUG。\n\n如果您并未从应急盘启动,您应当重新安装 VeraCrypt 或者更新到最新的稳定版本(启动管理器也会随之更新)。\n\n如果您从应急盘启动,您应当更新应急盘(〖系统〗->〖创建应急盘〗)。 - VeraCrypt 启动管理器已经成功更新。\n\n强烈建议您重启计算机后选择〖系统〗->〖创建应急盘〗来创建一个新的 VeraCrypt 应急盘(将会包含新版的 VeraCrypt 启动管理器)。 - VeraCrypt 启动管理器已经更新。\n\n强烈建议您启动迷惑操作系统并通过选择菜单〖系统〗 ->〖创建应急盘〗创建一个新的 VeraCrypt应急盘(将会包含新版本的 VeraCrypt 启动管理器)。 - 更新 VeraCrypt 启动管理器时失败。 - VeraCrypt 检测系统驱动器真实大小失败,因此,操作系统所报告的大小(将会比实际小)将会被使用。另外需要指明的是,这并不是 VeraCrypt 的程序问题(BUG)。 - 警告:看起来 VeraCrypt 曾经检测过此系统驱动器上的隐藏扇区。如果您在上次检测过程中遇到任何问题,您可以通过跳过隐藏扇区检测来避免这个问题。注意,如果跳过检测,VeraCrypt 将会使用操作系统报告的容量(要小于真实驱动器的容量)。\n\n此问题并不是 VeraCrypt 的程序 Bug。 - 跳过隐藏扇区的检测(使用操作系统报告的容量) - 尝试再次检测隐藏扇区 - 错误:磁盘上一个或多个扇区的内容无法读取(可能由于物理因素影响)。\n\n这些扇区能够重新读取之前,就地加密的过程将无法继续。VeraCrypt 能够尝试向其中写入 0 来使这些扇区可读(之后这些 0 填充的区块将会被加密)。然而,请注意存储于这些不可读扇区的数据将会丢失。如果您想要避免数据丢失,您可以使用适当的第三方软件恢复这些损坏数据的某些部分。\n\n注意:在有物理损坏扇区的情况下(不同于简单的数据损坏和校验错误),当有数据试图向这些损坏扇区写入数据时,大多数存储设备都会在内部为这些要写入的数据重新分配扇区(因此当前损坏扇区上的现有数据可能在启动器上仍然保持未加密状态)。\n\n您希望 VeraCrypt 为这些不可读扇区填充 0 吗? - 错误:磁盘上一个或多个扇区的内容无法读取(可能由于物理因素影响)。\n\n为了能够继续加密,VeraCrypt 不得不放弃这些不可读扇区(扇区内容会被伪随机数据填充)。请注意,在继续进行之前,您可以尝试使用适当的第三方软件恢复任何损坏数据的一部分。\n\n您希望 VeraCrypt 废弃不可读扇区中的数据吗? - 说明:VeraCrypt 已经把 %I64d 的不可读扇区(%s)的当前内容全部替换为加密的全部为 0 的纯文本块。 - 说明:VeraCrypt 已经把 %I64d 的不可读扇区(%s)的当前内容全部替换为随机数据纯文本块。 - 输入口令牌 '%s' 的密码/PIN: - 为允许 VeraCrypt 访问安全口令牌或智能卡,您首先需要为口令牌或智能卡安装一种 PKCS #11 运行库,这些运行库可能已经随设备提供,或者可以从供应商网站或其它第三方网站上下载。\n\n在您安装了运行库后,您可以通过单击〖选择运行库〗手动选择,或者通过单击〖自动检测运行库〗来让 VeraCrypt 发现和选择(仅会搜索 Windows 系统目录,比较耗费时间)。 - 说明:对于安装到您计算机上的 PKCS #11 运行库以及安全口令牌或智能卡的文件名和位置,请参考口令牌、智能卡的文档,或者参考第三方软件。\n\n单击〖确定〗按钮选择路径和文件名。 - 为允许 VeraCrypt 访问安全口令牌或智能卡,您需要为口令牌或智能卡选择一种 PKCS #11 运行库。要做到这点,请选择〖设置〗->〖安全口令牌〗。 - 初始化 PKCS #11 安全口令牌运行库失败。\n\n请确认指定路径和文件名对应有效的 PKCS #11 运行库。要指定 PKCS #11 运行库路径和文件名,选择〖设置〗 ->〖安全口令牌〗。 - 在 Windows 系统目录未发现 PKCS #11 运行库。\n\n请确认您的安全口令牌或智能卡已经安装了 PKCS #11 运行库(这些运行库可能已经随设备提供,或者可以从供应商网站或其它第三方网站上下载)。如果是被安装到 Windows 系统目录之外的地方,请点击〖选择运行库〗来定位运行库位置(例如:口令牌/智能卡 的安装文件夹。 - 未发现安全口令牌。\n\n请确认您的安全口令牌已经连接到您的计算机上并且已经安装好了正确的设备驱动程序。 - 安全口令牌密钥文件未发现。 - 已经存在同名的安全口令牌密钥文件。 - 您想要删除指定文件吗? - 安全口令牌密钥文件路径无效。 - 安全口令牌错误 - 安全口令牌密码不正确。 - 安全口令牌无足够的 内存/空间 执行请求的操作。\n\n如果您试图导入一个密钥文件,您应当选择一个小一些的文件或者使用由 VeraCrypt 生成的密钥文件(选择〖工具〗->〖密钥文件生成器〗)。 - 所有打开的口令牌会话均已关闭。 - 选择安全口令牌密钥文件 - 插槽 - 口令牌名称 - 文件名 - 重要:请注意,启动验证的密码总是以美国键盘布局输入的。因此,对于使用非美国键盘布局输入密码的加密卷,是不可能使用缓存密码加载的(注意这不是 VeraCrypt 的程序缺陷)。要允许这样的加密卷使用启动验证密码加载,请遵循以下步骤:\n\n1)点击〖选择文件〗或〖选择设备〗并选择加密卷。 2)选择〖加密卷〗->〖修改加密卷密码〗。 3)输入当前加密卷的密码。 4)修改键盘布局为 English (US),通过点击 Windows 通知栏上的语言栏和选择“英语(美国)”。 5)在 VeraCrypt 新密码位置,输入启动验证密码。 6)在确认密码位置重复输入密码,之后点〖确定〗。警告:如果您采用这些步骤,请牢记,加密卷密码总是只能以美国键盘布局输入(这样才能在启动验证环境中自动匹配)。 - 系统收藏加密卷将会以启动验证密码加载。如果任何系统收藏加密卷使用了不同的密码,它将不会被加载。 - 请注意,如果您希望系统收藏加密卷不会受到常规 VeraCrypt 加密卷操作的影响(例如〖全部卸载〗),您应当启用选项〖在 VeraCrypt 中,只允许系统管理员查看和卸载系统收藏加密卷〗。另外,如果 VeraCrypt 以非管理员身份运行(在 Windows Vista 和以后版本的系统中默认为非管理员身份),系统收藏加密卷将不会出现在 VeraCrypt 程序窗口的驱动盘符列表中。 - 重要:请必须记住,此选项已经启用并且 VeraCrypt 不具有系统管理员权限,已加载的系统收藏加密卷不会显示在 VeraCrypt 程序窗口并且它们也不能被卸载。因此,如果您需要卸载系统收藏加密卷,请右键单击 VeraCrypt 图标(在开始菜单中),并选择“运行方式”和选择管理员帐户运行。“全部卸载”、“自动卸载”热键等功能也存在上面所说的限制。 - 请注意,此设置在系统重启后才会生效。 - 解析命令行时出错。 - 应急盘 - 选择和加载文件(&F)... - 选择和加载设备(&D)... - 在 VeraCrypt 中,只允许系统管理员查看和卸载系统收藏加密卷 - 在 Windows 启动时加载系统收藏加密卷(在启动过程的初始阶段) - 警告:加载为 '%s' 的加密卷上的文件系统并未彻底卸载因此而存在错误。继续使用损坏的文件系统可能会导致数据丢失或者损坏。\n\n注意:在您物理移除或卸载包含已加载的 VeraCrypt 加密卷的设备(例如U盘或移动硬盘)之前,您应当先在 VeraCrypt 中卸载加密卷。\n\n\n您希望 Windows 系统尝试检测和修复可能的文件系统错误吗? - 警告:一个或者多个系统收藏加密卷并没有完全卸载,因此可能包含文件系统错误。请查看系统事件日志获取更多信息。\n\n使用损坏的文件系统可以导致数据丢失或者数据损坏。您应当检查受影响的收藏加密卷的磁盘错误(在 VeraCrypt 中右键单击每个打开的收藏加密卷,之后选择〖修复文件系统〗)。 - 警告:使用微软的 'chkdsk' 工具修复受损的文件系统时可能会导致受损区域的数据丢失。因此,建议您首先备份存储在 VeraCrypt 加密卷中的文件到另外完好的加密卷。\n\n您确认现在就修复文件系统吗? - 由于写入权限被拒绝,加密卷 '%s' 不得不以只读模式加载。\n\n请确认文件类型加密卷的安全许可允许您对其执行写入操作(右键单击此容器并选择 属性 -> 安全)。\n\n注意,由于 Windows 的原因,您可能在设置成合适的安全属性后还会看到这个警告,这并非是 VeraCrypt 的程序故障。一个可能的解决方法是移动您的加密卷文件,例如移动到文档文件夹。\n\n如果您确实要保持加密卷的只读模式,请设置加密卷的属性为只读(右键单击加密盘文件并选择属性 -> 只读),这样就可以禁止显示警告了。 - 由于写入权限被拒绝,加密卷 '%s' 不得不以只读模式加载。\n\n请确认没有其它程序(例如,防病毒程序)正在访问加密卷所在的分区/设备。 - 加密卷 '%s' 加载为只读模式,这是因为操作系统报告主设备为写保护状态。\n\n请注意,在一些第三方的芯片驱动中,已有错误报告指出可能会造成可写入介质错误的被系统报告为写保护。这个问题并不是由 VeraCrypt 造成。这可以通过更新或卸载当前系统中的任何第三方芯片组驱动(非微软认证)。 - 请注意,超线程技术为每个物理核心提供了多个逻辑核心。当启用了超线程,上面选中的数字表示逻辑处理器数(核心数)。 - %d 线程 - 请注意,硬件加速 AES 已禁用,这将会影响测试结果(使性能变差)。\n\n要启用硬件加速,请选择〖设置〗->〖性能〗并禁用相应选项。 - 请注意,线程的数目当前受限,这将会影响测试结果(使性能变差)。\n\n要利用处理器的潜能,请选择〖设置〗->〖性能〗并禁用相应选项。 - 您想要 VeraCrypt 尝试禁用此分区/设备 的写保护吗? - 警告:此设置可能会降低性能。\n\n您确认要使用该设置吗? - 警告:VeraCrypt 加密卷已自动卸载 - 在您物理卸载或关闭连接到已加载的加密卷前,您应当总是先在 VeraCrypt 中卸载它。\n\n意外发生的卸载通常是由于线缆、驱动器(附件)等导致的。 - 不能在VeraCrypt使用这个用TrueCrypt%x.%x创建的加密卷,VeraCrypt只支持TrueCrypt6.x/7.x创建的加密卷。 - 测试 - 密钥文件 - Backspace - Tab - Clear - Enter - Pause - Caps Lock - 空格键 - Page Up - Page Down - End - Home - 左箭头 - 上箭头 - 右箭头 - 下箭头 - 选择键 - 打印键 - Execute Key - Print Screen - Insert - Delete - Applications Key - 睡眠 - Num Lock - Scroll Lock - 浏览器 后退 - 浏览器 前进 - 浏览器 刷新 - 浏览器 停止 - 浏览器 搜索 - 浏览器 收藏 - 浏览器 主页 - 静音 - 音量加 - 音量减 - Next Track - Previous Track - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Application 1 - Application 2 - Attn - CrSel - ExSel - 播放 - 缩放 - 数字键盘 - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - 键入的密码过长:在UTF-8下已超过64字节。 - 键入的密码中包含无法转换为UTF-8编码的Unicode字符。 - Error: Failed to load a system library. - 输入的加密卷的大小不兼容所选择的exFAT文件系统。 - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + 取消 + 为所有用户安装(&F) + 浏览(&W)... + 在桌面添加 VeraCrypt 图标(&D) + 现在捐助... + 关联 .hc 文件到 VeraCrypt(&E) + 完成后打开目标位置(&O) + 创建 VeraCrypt 开始菜单项目(&S) + 创建系统还原点(&R) + 卸载(&U) + 释放(&E) + 安装(&I) + VeraCrypt 安装向导 + 卸载 VeraCrypt + 帮助(&H) + 请选择或者输入您希望释放到的位置: + 请选择或输入您希望 VeraCrypt 程序文件释放到的位置。如果指定文件夹不存在,文件夹将会被自动创建。 + 点击〖卸载〗按钮从系统中卸载 VeraCrypt。 + 放弃 + 测试(&B) + 测试(&T) + 创建加密卷并格式化 + 就地加密分区 + 显示生成的密钥(及其部分) + 显示缓冲内容 + 下载 CD/DVD 刻录软件(联网) + 创建文件型加密卷 + GB(&G) + TB(&T) + 更多信息(联网) + 隐藏的 VeraCrypt 加密卷(&D) + 关于隐藏加密卷的更多信息(联网) + 直接模式 + 常规模式 + KB(&K) + 使用密钥文件(&S) + 首先尝试以空密码挂载 + 随机大小 ( 64 <-> 1048576 ) + 密钥文件(&K)... + 混杂算法的更多信息(联网) + 更多信息(联网) + 关于PIM的更多信息(联网) + MB(&M) + 更多信息(联网) + 关于系统盘加密的更多信息(联网) + 更多信息(联网) + 多重启动 + 加密非系统分区/设备 + 从不保留历史记录(&R) + 打开外层加密卷 + 暂停(&P) + 使用 P&IM + 使用 PIM + 快速格式化 + 显示密码(&D) + 显示密码(&D) + &显示 PIM + 单系统 + 标准 VeraCrypt 加密卷 + 隐藏(&D) + 常规 + 加密系统分区或者整个系统所在硬盘 + 加密 Windows 系统分区 + 加密整个硬盘驱动器 + VeraCrypt 加密卷创建向导 + + 重要:在窗口范围内尽量任意移动鼠标。移动时间越长越好。这将会极大的增强密钥的加密强度。之后点击〖下一步〗按钮继续。 + 确认(&C): + 完成 + 卷标: + 加密算法 + 文件系统 + 创建一个文件类型的加密盘,推荐入门用户使用。 + 选项 + 哈希算法 + 首密钥: + 剩余 + 主密钥: + 如果此计算机上安装了两个或多个操作系统请选择此项。\n\n例如:\n- Windows XP 和 Windows XP\n- Windows XP 和 Windows Vista\n- Windows 和 Mac OS X\n- Windows 和 Linux\n- Windows,Linux 和 Mac OS X + 加密一个内部或者外部驱动器上的非系统分区(例如:优盘)。也可以创建一个隐藏的加密卷。 + 当前缓存内容(部分) + 密码 + 密码: + 新的卷 PIM: + 旧的卷 PIM: + 进程: + 随机缓冲: + 如果计算机上只安装了一个操作系统请选择此项(尽管该操作系统下可能有多个用户)。 + 速度 + 状态 + 已成功生成密钥、要素、以及其它数据。如果您希望生成新的密钥,请点击〖后退〗然后点击〖下一步〗按钮。否则点击〖下一步〗按钮继续。 + 加密 Windows 系统所在的 分区/驱动器。加密后,任何人想要访问和使用此加密系统、读写此系统盘下的文件等,都需每次在 Windows 启动前输入正确的密码。也可以选择创建一个隐形的操作系统。 + 选择此选项,以加密您当前 Windows 操作系统所安装的分区。 + Windows中的卷标: + 擦除模式: + 关闭 + 允许按下 Esc 按键跳过启动验证(启用启动管理器)(&A) + 什么也不做 + 自动加载 VeraCrypt 加密卷(下面指定的)(&A) + 运行 VeraCrypt(&S) + 自动检测运行库(&D) + 缓存启动验证密码到驱动内存(用来加载非系统加密卷)(&C) + 浏览... + 浏览... + 在内存中缓存密码和密钥文件(&A) + 没有加密卷被加载时退出 + 在有加密卷成功加载后关闭口令牌会话(登出)(&C) + 包含 VeraCrypt 加密卷扩展向导 + 包含 VeraCrypt 加密卷创建向导 + 创建 + 创建加密卷(&C) + 在启动验证屏幕不显示任何文本(仅显示下面自定义的信息)(&S) + 停用"Evil Maid"攻击检测 + 使用处理器指令加速 AES 加解密(如果功能可用) + 使用密钥文件 + 使用密钥文件 + 退出(&X) + 收藏加密卷的帮助(联网) + 当“加载收藏加密卷”热键按下时不加载选定的加密卷(&H) + 当主设备被连接时加载选定加密卷(&C) + 登录时加载选定加密卷(&O) + 以只读方式加载选定加密卷(&N) + 以可移动介质方式加载选定加密卷(&V) + 下移(&D) + 上移(&U) + 成功加载选定加密卷后,为其打开资源管理器窗口(&E) + 移除(&R) + 使用收藏卷的标签作为资源管理器中卷的名称 + 全局设置 + 热键卸载后显示气球提示 + 热键卸载后播放系统提示音 + Alt + Ctrl + Shift + Win + 分配 + 移除 + 密钥文件... + 不使用下面数目的处理器加密/解密: + 更多信息(联网) + 更多信息(联网) + 更多设置... + 自动加载设备(&A) + 加载选项(&A)... + 以只读模式加载加密卷(&O) + 密钥文件... + (留空或输入0以使用默认迭代参数) + (留空或输入0以使用默认迭代参数) + 启用 + 在驱动内存中缓存密码 + 自动卸载加密卷,在无数据读写动作下面时间后 + 用户注销时 + 用户锁定会话时 + 进入待机状态时 + 屏幕保护加载时 + 强制自动卸载,无论加密卷是否有被打开的文件或目录 + 加载所有设备类 VeraCrypt 加密卷 + 启动 VeraCrypt 后台任务 + 以只读模式加载加密卷 + 以可移动介质模式加载加密卷 + 为成功加载的加密卷打开资源管理器窗口 + 在加载收藏加密卷时临时保存密码 + 有加密卷加载时启用不同颜色的任务栏图标 + 自动卸载时擦除缓存的密码 + 退出时擦除缓存的密码 + 保留文件类型加密卷的修改时间戳 + 重置 + 选择设备(&E)... + 选择文件(&F)... + 选择运行库(&L)... + 显示密码 + 显示密码 + 为加载的加密卷打开资源管理器窗口(&E) + 在驱动内存中缓存密码(&C) + TrueCrypt 模式 + 全部卸载(&S) + 加密卷属性(&X)... + 加密卷工具(&T)... + 擦除缓存(&W) + VeraCrypt - 挂载参数 + VeraCrypt - 收藏加密卷 + VeraCrypt - 系统热键 + VeraCrypt + 修改密码或密钥文件 + 输入 VeraCrypt 加密卷密码 + VeraCrypt - 性能选项 + VeraCrypt - 参数选择 + VeraCrypt - 系统加密设置选项 + VeraCrypt - 安全口令牌参数 + VeraCrypt 便携磁盘安装 + VeraCrypt 加密卷属性 + 关于 VeraCrypt... + 添加或移除密钥文件... + 添加已加载的加密卷为收藏加密卷... + 添加已加载的加密卷为系统收藏加密卷... + 分析系统崩溃原因... + 备份加密卷头信息... + 基准测试... + 设置首密钥衍生算法... + 修改加密卷密码... + 设置首密钥离散算法... + 修改密码... + 清除加密卷历史记录 + 关闭所有安全口令牌会话 + 联系作者(联网)... + 创建隐形操作系统... + 创建应急盘... + 创建加密卷... + 永久解密... + 默认密钥文件... + 默认挂载参数... + 现在捐助... + 加密系统分区/驱动器... + 常见问题(联网) + 用户指南 + 主页(联网)(&H) + 系统热键... + 密钥文件生成器 + 语言选择... + 法律声明(联网) + 管理安全口令牌密钥文件... + 自动加载全部设备类加密卷 + 加载收藏加密卷 + 以非启动验证方式加载(&A)... + 加载所选加密卷 + 根据选项加载加密卷 + 软件新闻(联网) + 在线帮助(联网) + 用户向导(联网) + 管理收藏加密卷... + 管理系统收藏加密卷... + 性能... + 永久解密系统分区/驱动器 + 参数选择... + 刷新盘符列表 + 从加密卷中移除所有密钥... + 恢复加密卷头信息... + 继续被中断的过程 + 选择设备... + 选择文件... + 继续被中断的过程 + 系统加密... + 属性... + 设置... + 系统收藏加密卷... + 下载页面(联网) + 测试向量... + 安全口令牌... + 便携磁盘安装... + 卸载全部加载的加密卷 + 卸载所选加密卷 + 验证应急盘 + 验证应急盘ISO镜像 + 版本历史(联网) + 加密卷扩展向导 + 加密卷属性 + 加密卷创建向导 + 官方网站(联网) + 擦除缓存的密码 + 确定 + 硬件加速 + 热键 + 自动运行配置(autorun.inf) + 自动卸载 + 全部卸载,当: + 启动管理器屏幕选项 + 确认密码: + 当前密码 + 在启动验证屏幕显示下面自定义信息(最多 24 个字符): + 默认加载选项 + 热键设置 + 设置驱动程序... + 启用扩展的磁盘控制器支持 + 所选收藏加密卷的卷标: + 文件选项 + 要分配的热键: + 此电脑中可为 AES 提供硬件加速的处理器: + Windows 登陆时执行的操作 + 分钟 + 以该驱动器盘符加载: + 加载设置 + 新密码 + 密码: + 基于线程的并行计算 + PKCS #11 运行库路径 + PKCS-5 PRF: + PKCS-5 PRF: + 密码缓存 + 安全选项 + VeraCrypt 后台任务 + 要加载的 VeraCrypt 加密卷(相对于便携磁盘的根目录): + 在插入便携磁盘时: + 创建便携磁盘文件于(便携磁盘根目录): + 加密卷 + Windows + 添加路径(&P)... + 全部自动测试(&A) + 继续(&C) + 解密(&D) + 删除(&D) + 加密(&E) + 导出(&E)... + 生成并保存密钥文件... + 生成随机密钥文件(&G)... + 下载语言包(联网) + 硬件加速 AES(联网): + 导入密钥文件到口令牌(&I)... + 添加文件(&F)... + 使用密钥文件(&A) + 密钥文件(&K)... + 移除(&R) + 全部移除(&A) + 什么是保护隐藏加密卷?(联网) + 密钥文件的更多信息(联网) + 加载加密卷为可移动介质(&M) + 以非预启动验证方式加载使用系统加密处理的分区(&U) + 并行计算(联网): + 基准测试 + 打印(&P) + 向外层加密卷写入数据时保护隐藏加密卷(&P) + 重置(&R) + 显示密码(&A) + 添加口令牌(&T)... + 使用嵌入在卷中的备份头信息(如果有可用的)(&V) + XTS 模式 + 关于 VeraCrypt + VeraCrypt - 加密算法基准测试 + VeraCrypt - 测试向量 + 命令行帮助 + VeraCrypt - 密钥文件 + VeraCrypt - 密钥文件生成器 + VeraCrypt - 语言 + VeraCrypt - 加载选项 + 新的安全口令牌密钥文件属性 + VeraCrypt - 随机缓冲增强 + 选择一个分区或设备 + VeraCrypt + 安全口令牌密钥文件 + 需要安全口令牌密码PIN + 当前语言包 + 速度由 CPU 和存储设备性能决定。\n\n这些测试在内存中进行。 + 缓冲大小: + 密码: + 隐藏加密卷的密码(&A):\n(如果为空则使用缓存) + 保护隐藏加密卷 + 密钥长度: + 重要:请在此窗口内随机移动鼠标,移动时间越长越好。这将会显著增加密钥的加密强度。 + 警告:如果您丢失了密钥文件或者密钥文件的前 1024 KB 字节已改变,将不可能再加载使用该密钥的加密卷! + + 密钥文件数量: + 密钥文件大小(以字节计算): + 密钥文件名: + 翻译人员: + 明文密码长度: + + 当前缓冲内容 + 混合 PRF: + 重要:在窗口内尽可能自由的移动鼠标。移动时间越长效果越好。这将会显著增加安全性。当操作完成时,点击〖继续〗按钮。 + 次密钥(十六进制) + 安全口令牌: + 排序方式: + 请耐心等待,此过程可能需要较长时间... + 请耐心等待...\n此过程可能需要较长时间并且VeraCrypt可能失去响应. + 块数值: + 加密文本(十六进制) + 数据单元数值(64-位十六进制,数据单元大小为 512 字节) + 密钥(十六进制) + 明文密码(十六进制) + 密钥文件名: + XTS 模式 + 系统(&Y) + 加密卷(&V) + 收藏(&I) + 工具(&O) + 设置(&G) + 帮助(&H) + 主页(联网)(&P) + + 关于(&A)... + 无法修改旧版本加密卷的只读属性。请检查文件访问权限。 + 错误:访问被拒绝。\n\n您试图要访问的分区要么长度为 0 的扇区,要么是启动设备。 + 系统管理员 + 要加载 VeraCrypt 驱动,您必需以一个具有管理员权限的帐号登陆。 + 请注意:如果要加密或格式化某分区和设备您必需以一个 具有管理员权限的帐号登陆。\n\n文件类型加密卷不受这个限制。 + 如果要创建隐藏的加密卷,您必须以一个 具有管理员权限的帐号登陆。\n\n需要继续吗? + 请注意:如果要把加密卷格式化为 NTFS 文件系统,您必需以具有管理员权限的帐号登陆。\n\n若无管理员权限,您可以格式化加密卷为 FAT 文件系统。 + FIPS-认可的加密算法(Rijndael,发表于 1998)可能被美国联邦部门和机构用来对特定信息进行顶级保护。256 位密钥、128-位块、14 次离散循环(AES-256,发表于 2001 年)。操作模式为 XTS。 + 加密卷已加载。 + 注意:在内置自动检测时,至少一个 加密或哈希算法已失败!\n\n此 VeraCrypt 安装文件可能已损坏。 + 注意:在随机数生成器缓冲中的数据不足,无法提供要求数量的随机数据。\n\n您不应当继续进行。请从帮助菜单选择〖报告错误〗来报告此软件错误。 + 该设备已经损坏(这是物理损坏)或者线缆损坏,或者是内存出现故障。\n\n请注意这是您的硬件问题,并不是 VeraCrypt 的问题。因此,请不要把这个报告为 VeraCrypt 的错误,并且也不要在 VeraCrypt 论坛对此问题寻求帮助。请联系您的计算机供应商获取技术支持,谢谢您!\n\n注意:如果该提示反复出现在同一位置,那就很可能是磁盘坏块导致的,应该通过使用第三方软件来修复(请注意,在很多情况下,'chkdsk /r' 命令由于工作在系统层因此不能修复此问题;在某些情况中,'chkdsk' 工具甚至不能检测到此类错误。 + 如果您正在访问驱动器上的可移动介质,请确认可移动介质已经插入驱动器。也可能是驱动器/介质已损坏(物理原因),或者连接线已经损坏或断开。 + 您的系统好象使用了带有不支持创建全盘加密缺陷的第三方的芯片驱动。\n\n请在继续之前尝试更新或者卸载任何第三方芯片驱动(非微软认证的驱动)。 如果仍然不起作用,请尝试只加密系统分区。 + 无效驱动器盘符。 + 无效路径。 + 取消 + 无法访问设备。请确保选中的设备存在并且未被系统占用。 + 警告:Caps Lock(大小写锁定)已开启。这可能导致您输入密码错误。 + 加密卷类型 + 可能在某些情况,有些人会迫使您告诉它们加密卷密码。很多情况您可能无法拒绝这种要求(例如,存在暴力因素)。使用这种隐藏加密卷可以解决此类问题,而无须泄漏隐藏加密卷密码。 + 选择您希望创建常规 VeraCrypt 加密卷的选项。 + 请注意,如果您希望把操作系统安装在隐藏加密分区之中,那么整个系统驱动器不能使用独立的密钥文件加密。 + 外层加密卷加密选项 + 隐藏加密卷加密选项 + 加密选项 + 警告:清除上次选择的加密卷或密钥文件路径失败(由文件选择器记忆)! + 错误:此加密卷在 NTFS 格式分区上压缩过。VeraCrypt 不支持压缩过的加密卷(这是因为压缩过的加密数据会低效和存在数据冗余)。\n\n请使用以下步骤取消压缩: 1)在Windows资源管理器中右键单击加密卷(不是在 VeraCrypt 窗口中)。 2)选择“属性”。 3)在“属性”对话框,单击〖高级〗。 4)在“高级属性”对话框,禁用“压缩内容以节省磁盘空间”并点击〖确定〗。 5)返回到“属性”对话框,点〖确定〗。 + 创建加密卷 %s 失败 + %s 的大小为 %.2f 字节 + %s 的大小为 %.2f KB + %s 的大小为 %.2f MB + %s 的大小为 %.2f GB + %s 的大小为 %.2f TB + %s 的大小为 %.2f PB + 警告:设备/分区正在被系统或应用程序占用。格式化该设备/分区它可能导致数据丢失或系统不稳定。\n\n继续进行格式化吗? + 警告:该分区正在被操作系统或应用程序使用。您应当关闭任何可能占用此分区的程序(包括反病毒软件)。\n\n确认继续吗? + 错误:该设备/分区包含不能被卸载的文件系统。此文件系统可能被操作系统使用。格式化此设备/分区很可能会导致数据损坏或者是系统不稳定。\n\n要解决此问题,我们推荐您首先删除该分区之后在不格式化的情况下重新创建这个分区。要达成此目的,请遵照下面步骤: 1)在“开始”菜单右键单击“计算机”(或者“我的电脑”)图标,之后选择“管理”,显示“计算机管理”窗口。 2)在“计算机管理”窗口,选择“磁盘管理”。 3)右键单击要加密的分区,您可以选择“删除分区”或者是“删除卷”,或者是“删除逻辑驱动器”。 4)如果 Windows 提示重启计算机,点〖是〗重启。之后在第 5 个步骤中重复第 1 和第 2 步。 5)右键单击未分配/自由空间并选择“新建分区”,或者“新的卷”,或者“新逻辑驱动器”。 6)在“新分区向导”或者“新建卷向导”窗口中,在带有“格式化分区”标题的对话框中,选择“不格式化此分区”或者是“不格式化此卷”。在同样的向导里面,点〖下一步〗之后点〖完成〗按钮。 7)注意:您现在在 Veracrypt 中选择的设备路径可能是错误的,因此,退出并重新启动 VeraCrypt 加密卷创建向导(如果正在运行)。 8)尝试重新加密该设备/分区。\n\n如果 VeraCrypt 仍然会加密失败,您可以考虑创建文件类型的加密卷。 + 错误:此文件系统不能被锁定 和/或 卸载。可能正在被操作系统或应用程序占用(例如反病毒软件)。加密此分区可能会导致数据损坏或者系统不稳定。\n\n请关闭任何可能占用此分区的程序(包括反病毒软件)并再试一次。如果仍然无效请参考下面步骤。 + 警告:一些加载的设备/分区正在使用中!\n\n若忽略这些则可能导致非期望的结果,包括系统不稳定。\n\n我们强烈建议您关闭所有可能正在使用 此设备/分区的应用程序。 + 选定的设备包含分区。\n\n格式化该设备可能会导致系统不稳定或数据丢失。您可以选择该设备的某个分区,或者删除该设备的所有分区,以保证 VeraCrypt 对其安全格式化。 + 选择的非系统设备包含多个分区。\n\n设备类加密卷也可以在不包含任何分区的设备中创建(包括硬盘以及固态硬盘设备)。对于包含多个分区的设备,只有在此驱动器作为 Windows 安装和启动分区时,才可以就地整盘加密(使用单一主密钥)。\n\n如果您想使用单一主密钥加密选择的非系统设备,您需要首先移除所有分区以便 VeraCrypt 对其安全格式化(格式化包含多个分区的设备可能会导致系统不稳定 和/或 数据损坏。作为替代方法,您也可以单独加密驱动器上的每个分区(每个分区将使用不同的主密钥)。\n\n注意:如果您想从 GPT 磁盘中移除所有分区,您可能需要把它转换为 MBR 磁盘(使用诸如计算机管理工具)以便移除隐藏分区。 + 警告:如果您加密了整个设备(而不只是该设备上的一个分区),操作系统将会认为这个设备是全新未格式化的(因为它没有分区表),因此可能随后会初始化这个设备(或者询问您是否初始化),这可能会损坏加密卷。另外,也不能一如既往的将此加密卷加载为收藏加密卷(例如,当驱动器数目变化时),也不能为其赋予收藏加密卷卷标。\n\n要避免此类情况出现,您可以考虑在此设备上创建一个分区并加密此分区。\n\n您确认要加密整个设备吗? + 重要:请牢记,此加密卷不能使用当前赋给它的驱动器盘符 %c: 加载/访问,这个盘符已经赋给了该加密卷所在分区!\n\n要加载此加密卷,点击 VeraCrypt 主窗口的〖自动加载设备〗(也可以这样,在 VeraCrypt 主窗口,点击〖选择设备〗,之后选择该分区/驱动器,然后点〖加载〗按钮)。这个加密卷便会以其它盘符加载(此盘符可在 VeraCrypt 主窗口的盘符列表中选择)。\n\n原始的驱动盘符 %c: 仅应当在您需要移除对该分区/驱动器的加密时使用(例如:如果您不再需要加密)。在这种情况下,右键单击“我的电脑”(或者“资源管理器”)中的驱动器盘符 %c: 并选择〖格式化〗。否则该驱动器盘符 %c: 应当一直都不要使用(除非您移除它并把它指定给其它分区/驱动器)。 + 您的操作系统不支持就地加密非系统卷(仅在 Windows Vista 和以后版本中支持)。\n\n原因是当前操作系统不支持文件系统压缩(需要压缩文件系统以便为加密卷头信息以及备份头信息获取空间)。 + 所选的分区看起来不包含 NTFS 文件系统。仅在 NTFS 文件系统下才支持就地加密。\n\n说明:当前操作系统不支持文件系统压缩(需要压缩文件系统以便为加密卷头信息以及备份头信息获取空间)。 + 选择的分区看起来不包含 NTFS 文件系统。仅在 NTFS 文件系统下才支持就地加密。\n\n如果您想在此分区内创建 VeraCrypt 加密卷,请选择“创建加密卷并格式化”(而不是选择“就地加密分区”)。 + 错误:分区太小,VeraCrypt 不能实现就地加密。 + 要加密此分区的数据,请遵循以下步骤:\n\n1)在一个空的 分区/设备 上创建一个 VeraCrypt 加密卷之后加载此加密卷。\n\n2)复制待加密分区中的所有数据到这个已经加载的 VeraCrypt 加密卷(该加密卷已经在步骤 1) 中创建)。这种方式下,您就创建了一个被 VeraCrypt 加密了的数据备份。\n\n3)在要加密的分区上创建一个 VeraCrypt 加密卷并确认您在向导中选择了“创建加密卷并格式化”(而不是选择“就地加密分区”)。注意,所有存储于该分区的数据都会被擦除。加密卷创建之后,加载这个加密卷。\n\n4)复制备份加密卷(在步骤 1) 中创建的)中的所有文件到这个新创建的加密卷中(在步骤 3) 中创建和加载的)。\n\n完成以上步骤之后,数据将会被加密,并且也会额外的备份了数据的加密副本。 + VeraCrypt 只能就地加密分区、动态卷,或者整个系统启动器。\n\n如果您想在选择的非系统设备中创建加密卷,请选择选项“创建加密卷并格式化”(而不是选择选项“就地加密分区”)。 + 错误:VeraCrypt 只能就地加密分区、动态卷,或者整个系统启动器。请确认指定的路径有效。 + 错误:不能压缩文件系统(需要压缩文件系统以便为加密卷头信息以及备份头信息获取空间)。\n\n可能原因及解决:\n\n- 该卷上无足够的剩余空间。请确认没有其它程序正在写入此文件系统。\n\n- 损坏的文件系统。尝试检查和修复错误(在“我的电脑”里右键单击相应的驱动器盘符,之后选择 属性 -> 工具 ->“开始检查”,确认已经选择了选项“自动修复文件系统错误”,之后单击〖开始〗按钮)。\n\n如果以上方法都不起作用,请遵循以下步骤。 + 错误:剩余空间不足,因此文件系统不能被压缩(需要压缩文件系统以便为加密卷头信息以及备份头信息获取空间)。\n\n请删除任何多余文件并清空回收站以便释放 256KB 的空间之后再尝试。注意由于 Windows 的问题,Windows 资源管理器报告的自由空间数量在操作系统重新启动前可能是不正确的。如果重启系统后并无帮助,文件系统可能已经损坏了。尝试检查和修复错误(在“我的电脑”里右键单击相应的驱动器盘符,之后选择 属性 -> 工具 -> “开始检查”,确认已经选择了选项“自动修复文件系统错误”,之后单击〖开始〗按钮)。\n\n如果以上方法都不起作用,请遵循以下步骤。 + 驱动器 %s 上的自由空间为 %.2f 字节。 + 驱动器 %s 的自由空间大小为 %.2f KB + 驱动器 %s 的自由空间大小为 %.2f MB + 驱动器 %s 的自由空间大小为 %.2f GB + 驱动器 %s 的自由空间大小为 %.2f TB + 驱动器 %s 的自由空间大小为 %.2f PB + 无法得到可用的驱动器盘符。 + 错误:未发现 VeraCrypt 驱动程序!\n\n请复制“veracrypt.sys”和“veracrypt-x64.sys”文件到 VeraCrypt.exe 程序所在的目录。 + 错误:正在运行不兼容版本的 VeraCrypt 设备驱动。\n\n如果您想在便携模式下运行 VeraCrypt(即不安装它)但是却安装了不同版本的 VeraCrypt,您必须先卸载已安装版本(或使用 VeraCrypt 安装程序升级)。要卸载 VeraCrypt,请按如下步骤进行:在 Windows Vista 或其后版本中,选择〖开始〗菜单 -> 计算机 ->〖卸载或更改程序〗-> VeraCrypt -> 卸载;在 Windows XP 中,选择〖开始〗菜单 -> 〖设置〗 -> 〖控制面板〗 -> 〖添加或删除程序〗 -> VeraCrypt -> 删除\n\n与此相似,如果您尝试以便携版运行 VeraCrypt 但是却已经运行了其它版本的便携 VeraCrypt,您必须重启电脑之后再运行新的版本。 + 错误:密码初始化失败。 + 错误:检测到弱强度密钥! 密钥将被废弃。请重试。 + 发生了关键性错误,VeraCrypt 必须被终止。如果该错误是 VeraCrypt 的缺陷导致的,我们可能会修正它。要协助我们完善软件,您可以把 Veracrypt 自动生成的错误报告发送给我们,报告包括下面内容:\n\n- 程序版本\n- 操作系统版本\n- CPU类型\n- VeraCrypt 组件名称\n- VeraCrypt 执行程序的校验值\n- 对话框窗口的符号标记\n- 错误分类\n- 错误地址信息\n- VeraCrypt 调用堆栈\n\n如果选择〖是〗,下面的 URL 网址(包含错误报告)将会在默认浏览器中打开。\n\n%hs\n\n您希望发送给我们上述错误报告吗? + 您的系统发生了关键性错误,该错误会终止 VeraCrypt。\n\n需要注意的是此错误并非由 VeraCrypt 导致(因此 VeraCrypt 开发者并不会修复这个错误)。请检查您的系统查找可能的原因(例如:系统配置、网络连接、失效的硬件组件等)。 + 系统遇到关键性错误,需要终止 VeraCrypt。\n\n如果此错误仍然存在,您可能需要尝试禁用或卸载可能导致此问题的应用程序,例如防病毒或防火墙软件,系统性能提升、优化或系统设置软件等等。如果仍然无法解决问题,您可能需要尝试从新安装您的操作系统(此问题也可能由恶意软件导致)。 + VeraCrypt 关键性错误 + VeraCrypt 检测到操作系统最近曾经崩溃过。有多种原因可能导致系统崩溃(例如,硬件故障、设备驱动存在BUG等等)\n\n您想要 VeraCrypt 检查此次系统崩溃是否为 VeraCrypt 自身导致的吗? + 您想要 VeraCrypt 继续检查此次系统崩溃吗? + VeraCrypt 未发现系统崩溃转储文件。 + 您想要删除系统崩溃转储文件以便释放磁盘空间吗? + 为了分析系统崩溃原因,VeraCrypt 需要先安装微软调试工具。\n\n在您点击〖确定〗按钮之后,TrueCrpyt 将会从微软服务器下载微软调试工具安装程序(16MB)并随后安装它(先访问 VeraCrypt 网站再访问微软),这样即使微软改变了安装包的地址,此功能依然有效)。 + 点击〖确定〗按钮之后,VeraCrypt 将会分析系统崩溃原因,这可能需要几分钟时间。 + 请确认环境变量“PATH”包含“kd.exe”(内核调试器)的路径。 + 看起来VeraCrypt并未导致系统崩溃。系统崩溃是其它原因导致的(例如,硬件故障,设备驱动BUG等等) + 分析结果表明更新以下驱动可能会解决问题: + 要协助我们确认这是否为 Veracrypt 的错误,您可以向我们提交软件自动生成的错误报告,错误报告包括下面内容:\n- 程序版本\n- 操作系统版本\n- CPU类型\n- 错误类型\n- 驱动名称和版本\n- 系统调用堆栈\n\n如果选择〖是〗,下面的 URL 网址(包含错误报告)将会在您的默认浏览器中打开。 + 您希望向我们提交此错误报告吗? + 加密(&E) + 解密(&D) + &永久解密 + 退出 + 请为该扩展分区创建一个逻辑分区,然后重试。 + VeraCrypt 加密卷可以存在于一个文件之中(叫作 VeraCrypt 容器),这个容器文件可以存在于硬盘上,或位于 USB 闪存上,等等。VeraCrypt 加密盘就象一个普通文件(例如,可以象任何普通文件一样被移动、复制、删除)。点击〖选择文件〗按钮为容器文件选择一个文件名和它的保存位置。\n\n警告:如果选择了一个已经存在的文件,VeraCrypt 并不会加密它,该文件将会被删除并会被新创建的 VeraCrypt 容器文件所覆盖。您可以通过把文件复制到即将创建的 VeraCrypt 加密容器里面去,来实现对相应文件的加密。 + 选择要创建的外层加密卷的位置(稍后将在此加密卷里面创建隐藏加密卷)。\n\n一个 VeraCrypt 加密卷可以存在于一个文件之中(也可叫作 VeraCrypt 容器),这个加密盘文件可以存放在硬盘上,或位于 USB 闪存上,等等。VeraCrypt 容器可以象任何普通文件一样被移动、复制、和删除。点击〖选择文件〗按钮为容器文件选择一个文件名和它的保存位置。如果您择了一个已经存在的文件,VeraCrypt 并不会加密它,该文件将会被删除并会被新创建的 VeraCrypt 加密容器所覆盖。您可以通过把文件复制到即将创建的 VeraCrypt 加密容器里面去,来实现对相应文件的加密。 + 设备类 VeraCrypt 加密卷可以创建于硬盘分区、固态硬盘、USB 闪存、以及其它存储设备上。分区也可以就地加密。\n\n除此之外,设备类加密卷也可以在不包含任何分区的设备中创建(包括硬盘以及固态设备)。\n\n注意:包含多个分区的设备,只有在此分区为 Windows 安装和启动分区时,才可以就地整盘加密(使用单一密钥)。\n\n警告:如果您加密整个分区或设备,所有当前存储于这个分区或设备上的数据将会被彻底擦除(仅在加密系统启动分区/驱动器时该分区上的数据才不会被破坏)。 + 设备类的 VeraCrypt 加密卷可以在硬盘分区、固态驱动器、USB 闪存,以及其它存储设备中创建。\n\n警告:分区/设备 将会被格式化并且存储在其上的所有数据都将会丢失。 + \n选择 VeraCrypt 外层加密卷的位置(您想要在这个加密卷里创建隐藏加密卷)。\n\n外层加密卷可以创建于硬盘分区、固态硬盘、USB 闪存、以及其它存储设备上。外层加密卷也可以在不包含任何分区的设备中创建(包括硬盘以及固态设备)。\n\n警告:该分区/设备将被格式化,所有当前存储于这个分区或设备上的数据将会丢失。 + 选择 VeraCrypt 外层加密卷的位置(您想要在这个加密卷里创建隐藏加密卷)。 + 警告:外层加密卷或设备正在使用中!\n\n忽略这些可能会导致非期望的错误,包括系统不稳定。 您在加载加密卷前应当关闭所有可能使用该外层加密卷或设备的应用程序(例如杀毒软件或备份程序)。\n\n继续加载吗? + 错误:无法加载加密卷。外层加密卷或设备正在使用中。不使用独占权限的加载尝试也同样会失败。 + 文件不能被打开。 + 加密卷位置 + 大文件 + 您想要在此 VeraCrypt 加密卷中存储大于 4 GB 的文件吗? + 根据您在前面的选择,VeraCrypt 将为加密卷选择一个合适的文件系统格式(您可以在下一步选择文件系统类型)。 + 当您创建外层加密卷的时候,您应当考虑选择〖否〗。如果选择〖是〗,默认的文件系统将会是 NTFS,NTFS 不如 FAT 文件系统那样适合于创建外层加密卷(例如,如果外层加密卷为 FAT 格式,可以创建的隐藏加密卷的最大容量比NTFS外层加密卷那个创建的隐藏加密卷要大很多)。通常情况下,FAT 格式为隐藏加密卷和常规加密卷的默认格式(因此创建 FAT 加密卷并无太多疑虑)。然而,如果用户计划在加密卷中存储大于 4 GB 的文件(FAT文件系统不支持),那么 FAT 系统则不是默认的格式。 + 您确认要选择〖是〗吗? + 加密卷创建模式 + 这是创建分区类型或设备类型加密卷的最快方式(就地加密,是另外一种选项,速度比此种方式要慢,这是因为就地加密时每个扇区的内容都需要预先读取、加密,之后再写入)。任何当前存储在所选分区/设备上的数据都会丢失(这些数据并不会被加密,它们将会被随机数据覆盖)。如果您想加密一个分区中的现有数据,请选择其它选项。 + 整个选定的分区以及位于该分区上的数据将会被就地加密。如果分区里面没有内容,您应当选择其它选项(以使加密卷创建速度更快)。 + 注意: + 继续(&R) + 推迟(&D) + 开始(&S) + 继续(&C) + 格式化(&F) + 擦除(&W) + 放弃格式化吗? + 显示更多信息 + 不再显示 + 已成功擦除 设备/分区 的内容。 + 已经成功擦除原始操作系统(隐形操作系统克隆时的系统来源)分区的内容。 + 请确认您将要安装的 Windows 版本(位于已擦除分区)与您正在运行的 Windows 版本相同。这是必须的,这是因为两个系统会使用同一公用启动分区。 + 该系统分区/驱动器已成功加密。\n\n注意:如果您需要在 VeraCrypt 加密系统启动时自动加载非系统加密卷,您可以加载它们并随后设置其为系统收藏加密卷,步骤:选择〖收藏〗 -> 〖添加已加载的加密卷为系统收藏加密卷〗。 + 该系统分区/驱动器已经被成功解密。 + \n\n已成功创建 VeraCrypt 加密卷并准备就绪。要创建另外的 VeraCrypt 加密卷,请单击〖下一步〗,否则请单击〖退出〗按钮。 + \n\n隐藏的 VeraCrypt 加密卷已成功创建(隐形操作系统将包含在这个隐藏加密卷之内)。\n\n单击〖下一步〗按钮继续。 + 已成功加密该卷 + 已解密加密卷 + 重要:要加载这个新建的 VERACRYPT 加密卷和访问存储于其中的数据,在 VERACRYPT 窗口中点击〖自动加载设备〗。在您输入正确密码之后(和/或 提供正确的密钥文件),加密卷将会以您在 VERACRYPT 列表中选择的盘符加载(您也将能够以该盘符访问加密数据)。\n\n【请记住或写下上述步骤】。您在希望加载这个加密卷和访问其中的数据时必须遵循上述步骤。另外一种方式是在 VeraCrypt 主窗口,点击〖选择设备〗,之后选择此 分区/设备,之后点〖加载〗。\n\n此分区/设备 已成功加密(选择包含完全加密的 VeraCrypt 加密卷)并为使用准备就绪。 + 已成功解密VeraCrypt加密卷。 + 对此VeraCrypt加密卷的解密已经完成。\n\n请选择一个盘符来挂载解密后的卷。\n\n重要: 你必须将解密后的卷挂载到一个盘符上来读取卷中的数据。 + 警告: 你必须将解密后的卷挂载到一个盘符上来读取卷中的数据,但没有可用的盘符。\n\n请释放一个盘符 (例如移除一个USB存储设备或外置硬盘) 然后点击 OK 。 + VeraCrypt 加密卷已成功创建。 + 加密卷已创建 + 重要:请在此窗口内随机移动鼠标,移动时间越长越好。这将会显著增加密钥的加密强度。之后点击〖格式化〗按钮创建加密卷。 + 点击〖格式化〗按钮创建外层的加密卷。如若获得更多信息,请参考软件文档。 + 外层加密卷格式化 + 隐藏加密卷格式化 + 加密卷格式化 + 如要显示或打印 VeraCrypt 用户指南需要使用 Adobe Acrobat Reader(或与其兼容的工具)。\n\nAdobe Reader(免费软件)下载地址: www.adobe.com\n\n您要在线查看这个文档吗(联网)? + 如果选择此选项,向导将会首先帮助您创建一个普通的 VeraCrypt 加密卷,随后会继续在这个普通的加密卷里面创建一个隐藏的 VeraCrypt 加密卷。非熟练用户应当选择这个选项来创建隐藏加密卷。 + 如果选择此选项,您将会在已有的 VeraCrypt 加密卷内创建一个隐藏的 VeraCrypt 加密卷。这里假设您已经创建好了适合于创建隐藏 VeraCrypt 加密卷的 VeraCrypt 外层加密卷。 + 加密卷创建模式 + 隐藏加密卷已创建 + 该隐藏的 VeraCrypt 加密卷已成功创建并可以立即使用。如果“VeraCrypt User's Guide”(Veracrypt 用户指南)的"Security Precautions Pertaining to Hidden Volumes"章节中的措施都被遵循,即使当外层加密卷被加载,也不可能证明存在隐藏加密卷。\n\n警告:如果您没有保护隐藏加密卷(保护的做法参考 VeraCrypt 用户指南的"PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE"章节),请不要向外层加密卷写入数据。否则您可能会覆盖或损坏隐藏隐藏加密卷! + 您已经启动了一个隐形操作系统。可能您已经注意到了,隐形操作系统看起来是安装到原始操作系统所在的分区。然而,实际上,隐形系统是安装到系统分区后面的分区上的(安装在隐藏加密卷中)。所有的读写操作将会从系统分区中透明的重定向到隐藏加密卷里面。\n\n操作系统本身和系统中的程序均不知道从系统分区中读写的数据实际上是从系统分区后面的分区中读写的(读/写到隐藏加密卷)。任何这样的数据都是同样即时加解密的(使用与即将创建的迷惑操作系统不同的加密钥)。\n\n\n请单击〖下一步〗按钮继续。 + 外层加密卷已成功创建并作为 %hc:驱动器加载。对这个外层加密卷,现在您应复制一些您不是真正要隐藏的貌似敏感的文件。这是为了对付那些强迫您给出系统分区后面那个分区密码的人的,这个分区可能包含外层加密卷和隐藏加密卷(以及其中的隐形操作系统)。您可以泄漏这个外层加密卷的密码,而此时没有任何迹象可以识别存在隐藏加密卷(以及隐形操作系统)。\n\n重要:您复制到外层加密卷中的文件占用的空间不应当超过 %s。否则,可能没有足够的自由空间来创建隐藏加密卷(此时您将无法继续后续操作)。在您复制完成之后,请点击〖下一步〗(不要卸载加密卷)。 + 外层加密卷已成功创建并作为 %hc:驱动器加载。对这个加密卷,现在您应复制一些您不是真正要隐藏的貌似敏感的文件。这是让那些强迫您泄漏密码的人能看到的文件。您将仅对这个外层加密卷泄漏密码,而不要泄漏给他们隐藏加密卷的密码。您真正要保护的文件将被存储在稍候创建的隐藏加密卷里。当您完成复制后,请单击〖下一步〗,并且不要卸载此加密卷。\n\n注意:单击〖下一步〗后,将进行簇状图扫描来确定连续的自由空间大小,此自由空间的尾部与加密卷尾部一致。该空间将提供用来创建隐藏加密卷同时也是隐藏加密卷的最大容量。簇状图扫描能够保证外层加密中卷的数据不会被隐藏卷覆盖。 + 外层加密卷内容 + \n\n在下一步您将要为外层加密卷(在其内将创建隐藏加密卷)调整其选项。 + \n\n在下一步,您将在系统分区后面的那个分区创建一个所谓的 VeraCrypt 外层加密卷(这在前面步骤已经有具体说明)。 + 外层加密卷 + 在下面步骤里,您将设置隐藏加密卷的选项和密码,这个隐藏加密卷里面将会包含隐形系统。\n\n注解:外层加密卷簇状图扫描已完成,以确定外层加密卷尾部开始的未受干扰的自由空间。该区域将容纳隐藏加密卷,因此这将限制隐藏加密卷的最大尺寸。隐藏加密卷最大可能容量已确定,已经确认大于系统分区的容量(这是必须的,因为整个系统分区的内容将被复制到隐藏加密卷中)。这也确保写入隐藏加密卷的数据不会覆盖储存在外层加密卷的数据。 + 重要:请记住您在这个步骤所选择的算法。您在加密迷惑系统的时候也必须选择这个算法。否则将无法访问隐形系统!(即迷惑系统和隐形系统必须使用同样的加密算法加密)。\n\n说明:原因是迷惑系统和隐形系统共用一个单一的启动管理器,这个引导器目前只支持用户选择的单一算法(对于每种算法,都会对应一个特定的 VeraCrypt 启动管理器版本)。 + \n\n外层加密卷簇状图扫描已完成,隐藏加密卷最大可能大小已确定。在下一步里您可以调整隐藏加密卷的选项、大小、和密码。 + 隐藏加密卷 + 在外层加密卷卸载前隐藏加密卷将处于保护之中。\n\n警告:如果有数据试图保存到隐藏加密卷区域,VeraCrypt 将会对整个加密卷(外层加密卷和隐藏加密卷)进行保护直到卸载。这会导致外层加密卷文件系统出错,如若重复出现也会影响隐藏加密卷的隐蔽性。因此,您应当尽量避免写入任何数据到隐藏加密卷区域。 任何保存到隐藏加密卷区域的数据将不被保存并且会丢失!Windows 可能会报告为写入错误(“延迟写入失败”或者是“参数不正确”)。 + 在外层加密卷卸载前每一个隐藏加密卷将处于保护之中。\n\n警告:如果有数据试图保存到任何隐藏加密卷区域,VeraCrypt 将会对整个加密卷(外层加密卷和隐藏加密卷)进行保护直到卸载。这会导致外层加密卷文件系统出错,如果反复出现也会影响隐藏加密卷的隐蔽性。因此,您应当尽量避免写入任何数据到隐藏加密卷区域。 任何保存到隐藏加密卷区域的数据将不被保存并且丢失! Windows 可能会报告为写入错误(“延迟写入失败”或者是“参数不正确)。 + 警告:数据试图保存到加载为 %c: 的加密卷的隐藏加密卷区域!VeraCrypt 已阻止这些数据的保存来保护隐藏加密卷。这会导致外层加密卷文件系统出错。Windows 可能会报告为写入错误(“延迟写入失败”或者是“参数不正确)。整个加密卷(外层加密卷和隐藏加密卷)将会被写保护到加密卷卸载为止。如果这不是 VeraCrypt 第一次阻止数据写入到隐藏加密卷区域,这样也会影响隐藏加密卷的隐蔽性(这是因为在外层加密卷文件系统可能存在反常的关联错乱)。因此,您应当考虑创建一个新的 VeraCrypt 加密卷(禁用快速格式化)并把此加密卷的数据移动到新加密卷里面去;此加密卷应当被安全擦除(外层卷和隐藏卷)。我们强烈建议您现在重启计算机。 + 您已表明要在此加密卷中存放大于 4GB 的文件。这种情况下加密卷就必须格式化为 NTFS。 + 当隐形操作系统运行时,非隐藏的加密卷无法被格式化为 NTFS 格式。原因是如需让操作系统格式化为 NTFS,就得以非写保护状态临时加载(反之如以格式化为 FAT,则由 VeraCrypt 而非操作系统来完成,无需加载加密卷)。如需获取更多技术细节,请参阅以下链接。您可以在迷惑操作系统中创建非隐藏的 NTFS 加密卷。 + 安全起见,当隐形操作系统正在运行时,隐藏加密卷只能以“直接”模式创建(这是因为外层加密卷必须总是以只读方式加载)。\n\n要安全的创建隐藏加密卷,请遵循如下步骤:\n\n1)启动到迷惑操作系统。\n\n2)创建一个常规 VeraCrypt 加密卷并复制一些您实际上并不想隐藏的貌似敏感的文件(该加密卷会作为外层加密卷)。\n\n3)启动隐形操作系统并启动 VeraCrypt 加密卷创建向导。如果此加密卷是文件类型的,移动该加密卷到系统分区或者其它隐藏加密卷中(否则新创建的隐藏加密卷将会以只读方式加载并且无法格式化)。按照向导的步骤进行并选择“直接”模式创建隐藏加密卷。\n\n4)在向导中,选择您在步骤 2 中创建的加密卷并遵循向导后面的步骤在这个加密卷之内创建隐藏加密卷。 + 安全起见,当隐形操作系统正在运行时,本地的非加密的文件系统和非隐藏 VeraCrypt 加密卷会以只读方式加载(没有任何数据可以写入这些文件系统或 VeraCrypt 加密卷)。\n\n而数据可以写入到 VeraCrypt 隐藏加密卷中(假设隐藏加密卷的存储容器并非位于非加密文件系统上或并非位于其它任何只读文件系统上)。 + 采取这样的限制措施有三种主要原因:\n\n- 可以为加载隐藏加密卷提供更安全的平台。因此我们官方推荐仅在隐形操作系统运行的情况下加载隐藏加密卷。(更多信息请参考文档的 'Security Precautions Pertaining to Hidden Volumes' 部份)\n\n- 在某些情况下,有可能确定在某一时间,某一特定的文件系统(或者文件系统中特定的文件并未保存或访问)并未在特定的操作系统的实例中加载(例如,通过分析和比较文件系统日志、时间戳记、应用程序日志、错误日志等等)。这可能暗示计算机上安装了隐形操作系统(译者注:恢复系统备份、重新安装系统也会造成这种迹象,作者考虑的因素并不全面)。而这里的措施则可以避免此类情况发生。\n\n- 能够防止数据损坏和保证安全的使用系统休眠功能,这里假设所有加载的文件系统在系统休眠的时候均为同一状态。VeraCrypt 通过对任何迷惑系统和隐形系统里面可以访问的系统执行写保护来保证这点。如果没有这样的保护,当在一个系统中加载一个文件系统,而此文件系统在另外操作系统中为休眠状态时,文件系统可能会被损坏。 + 注意:如果您要安全的从迷惑操作系统向隐形操作系统中传送文件,请遵循以下步骤: 1)启动迷惑操作系统。 2)保存这些文件到未加密的卷或者是 VeraCrypt 外层/常规加密卷。 3)启动隐形操作系统。 4)如果是把文件保存到 VeraCrypt 加密卷,则加载这个加密卷(该加密卷会自动以只读模式加载)。 5)复制这些文件到隐形操作系统的分区或者是其它隐藏加密卷。 + 您的计算机必须重启。\n\n您希望现在重启计算机吗? + 获取系统加密状态时出错。 + 不能创建加密卷,因为没有提供密码。 + 不能创建加密卷,因为没有提供加密卷的大小。 + 输入的加密卷的大小不兼容所选择的NTFS文件系统。 + 输入的加密卷的大小不兼容所选择的FAT文件系统。 + 因为需要动态卷支持,目标文件系统上不支持建立稀疏文件。 + 只能使用命令行建立容器文件。 + 不能创建加密卷,因为所输入的加密卷的大小大于加密卷所在磁盘的剩余空间。 + 不能创建加密卷,因为所输入的加密卷的大小太小。 + 不能创建加密卷,因为所输入的加密卷的大小太大。 + 不能初始化用于系统加密的程序组件。 + 初始化随机数据生成器失败! + Windows Crypto API 调用失败!\n\n\n(如果你要提交一个关于此的错误报告,请附上下面的技术信息: bug report:\n%hs, Last Error = 0x%.8X) + 无法初始化应用程序。注册对话框类失败。 + 错误:加载富文本编辑系统运行库失败。 + VeraCrypt 加密卷创建向导 + 该加密卷能创建的最大隐藏加密卷大小为 %.2f 字节。 + 该加密卷能创建的最大隐藏加密卷大小为 %.2f KB。 + 该加密卷能创建的最大隐藏加密卷大小为 %.2f MB。 + 该加密卷能创建的最大隐藏加密卷大小为 %.2f GB. + 该加密卷能创建的最大隐藏加密卷大小为 %.2f TB. + 当此加密卷被加载时,无法修改加密卷密码/密钥文件。 请首先卸载此加密卷。 + 当加密卷被加载时不能修改首密钥衍生算法。 请首先卸载加密卷。 + 加载(&M) + 需要新版本的 VeraCrypt 来加载此加密卷。 + 错误:未发现加密卷创建向导。\n\n请确认文件“VeraCrypt Format.exe”位于“VeraCrypt.exe”的目录之中。如果不是 这样,请重新安装 VeraCrypt,或在磁盘中定位“VeraCrypt Format.exe”并运行它。 + 错误:未发现加密卷扩展向导。\n\n请确认文件“VeraCryptExpander.exe”位于“VeraCrypt.exe”的目录之中。如果不是 这样,请重新安装 VeraCrypt,或在磁盘中定位“VeraCryptExpander.exe”并运行它。 + 下一步(&N) > + 完成(&F) + 安装(&I) + 释放(&X) + 不能连接到 VeraCrypt 设备驱动。如果设备驱动不能运行则 VeraCrypt 也无法正常工作。\n\n请注意,由于 Windows 系统问题,在能够正常加载设备驱动前可能需要注销或者重启计算机。 + 加载/准备字体时出错。 + 驱动器盘符未发现或没有指定驱动器盘符。 + 错误:无法制定一个盘符。\n\n你必须将解密后的卷挂载到一个盘符上来读取卷中的数据.\n\n再次尝试? + 驱动器盘符不可用。 + 未选定文件! + 无可用驱动器盘符。 + 外层加密卷无可用盘符! 加密卷创建不能进行。 + 无法检测操作系统版本号,或您正在使用不被支持的操作系统。 + 未选定路径! + 创建隐藏加密卷的自由空间不足! 加密卷创建不能继续。 + 错误:您复制到外层加密卷的文件占用的空间过多。因此,没有足够的空间创建隐藏加密卷。\n\n注意,隐藏加密卷的容量至少要大于系统分区(当前运行的系统所在的分区)的容量。原因是隐形操作系统需要把系统分区的内容完全复制到隐藏加密卷来创建。\n\n\n创建隐形操作系统的过程无法再继续。 + 此驱动无法卸载这个加密卷。位于此加密卷上某些文件可能仍被打开。 + 无法锁定此加密卷。此加密卷上仍有些文件被打开。因而也无法卸载。 + VeraCrypt 不能锁定该加密卷,这是因为此加密卷正在被操作系统或者其它程序占用(例如加密卷中有文件被打开)。\n\n您确认要强制卸载加密卷吗? + 请选择一个 VeraCrypt 加密卷 + 指定路径和文件名 + 选择 PKCS #11 运行库 + 内存不足 + 重要:我们强烈建议非熟练用户在选定的分区/设备里面建立文件类型的加密卷,而不是尝试加密整个分区/驱动器。\n\n例如,当您创建一个 VeraCrypt 文件类型加密卷时(相对于加密整个分区/驱动器),则不存在毁坏大量的文件的风险。请注意,一个 VeraCrypt 文件类型加密卷(尽管其包含虚拟的加密磁盘)事实上就象任意一个普通的文件一样。如若获取更多信息,请参考VeraCrypt User Guide中的 Beginner's Tutorial 章节。\n\n您确认要加密整个设备/分区吗? + 警告:加密卷 '%s' 已存在!\n\n重要:VeraCrypt 并不会加密这个文件,而是会删除这个文件。 您确定要删除这个文件并用一个新的 VeraCrypt 加密卷来替换它吗? + 务必小心:当前存储在选择的 %s '%s'%s 上的所有数据将会丢失(它们并不会被加密)!\n\n您一定要继续格式化吗? + 警告:您在加密卷完全加密前不能加载此加密卷或者访问存储于该卷上的任何文件。\n\n您确认要开始加密选择的 %s '%s'%s 吗? + 警告:您在加密卷完全解密前不能加载此加密卷或者访问存储于该卷上的任何文件。\n\n您确认要开始解密选择的 %s '%s'%s 吗? + 警告:请注意如果在就地加密现有数据时突然断电,或者在 VeraCrypt 就地加密现有数据时由于软硬件故障而导致电脑死机,可能会损坏或丢失一些数据。因此,在您开始加密前,请确认您已经备份了要加密的数据。\n\n您确认已经有这样的备份了吗? + 警告:任何存在于分区 '%s'%s(即位于系统分区后面的第一个分区)的文件将会因被擦除而丢失。(这些文件并不会被加密)!\n\n您确认要继续格式化吗? + 警告:选定的分区包含大量的数据!!!任何存储于此分区上的文件将会被擦除(他们并不会被加密)! + 通过在分区内创建 VeraCrypt 加密卷擦除该分区上的任何文件 + 密码 + PIM + 设置首密钥衍生算法 + 添加/移除 密钥文件... + 从加密卷中移除所有密钥文件 + 密码 和/或 密钥文件已成功修改。\n\n重要:请确认您已经阅读了用户指南的'Security Requirements and Precautions'章节中的'Changing Passwords and Keyfiles'部分。 + 此加密卷已经修改PIM并标记成"系统收藏加密卷"。\n您希望VeryCrypt自动更新系统收藏加密卷设置么(需要管理员权限)。\n\n如果您不希望的话,请稍后手动更新设置。 + 重要:如果您不销毁 VeraCrypt 应急盘,您的系统分区/驱动器仍然可以通过使用旧密码解密(通过启动 VeraCrypt 应急盘和输入旧密码)。您应当创建一个新的 VeraCrypt 应急盘,之后并销毁原来的应急盘。\n\n您希望创建一个新的 VeraCrypt 应急盘吗? + 请注意,VeraCrypt 应急盘仍然使用着早期的加密算法。如果您觉的先前的加密算法不安全,您应当创建一个新的 VeraCrypt 应急盘,之后并销毁原来的应急盘。\n\n您希望创建一个新的 VeraCrypt 应急盘吗? + 任何类型的文件(例如:.mp3、.jpg、.zip、.avi)都可以作为 VeraCrypt 的密钥文件。VeraCrypt 并不会修改密钥文件的内容。 您可以选择一个以上的密钥文件(与次序无关)。如果您添加了一个文件夹,里面的所有非隐藏文件都将作为密钥文件。点击〖添加口令牌〗来选择存储于安全口令牌或智能卡中的密钥文件(或者导入密钥文件到安全口令牌或智能卡)。 + 密钥文件已成功添加/移除。 + 密钥文件已导出。 + 首密钥衍生算法已成功设置。 + 请为您想要继续就地加密的非系统分区输入密码 和/或 密钥文件。\n\n\n注解:在您点击〖下一步〗之后,VeraCrypt 将尝试查找所有加密过程被中断的非系统分区(这些中断加密的分区的 VeraCrypt 头信息可以使用提供的密码 和/或 密钥文件解密)。如果发现了多个此类的分区,您需要在下个步骤里面选择他们其中的一个。 + 请选择下面列表中的一个加密卷。此列表包含所有加密被中断的非系统加密卷,它们的头信息可以使用提供的密码 和/或 密钥文件解密。 + 请输入用于解密非系统加密卷的密码和(或)提供密钥文件。 + 选择一个安全的密码非常重要。您应该避免选取能够在字典中查到的简单词汇(或是2、3、4 这类字符组合)作为密码,也不应包含任何名字或生日,同时也不应该容易被猜到。安全的密码应当包含随机的大小写字母、数字、以及类似 @ ^ = $ * + 这样的特殊字符。我们推荐使用大于 20 个字符的密码(越长越好)。最大的密码长度为 64 个字符。 + 请为隐藏加密卷选择一个密码。 + 请为隐形操作系统设置一个密码(即隐藏加密卷的密码)。 + 重要:您在本步骤中为隐形操作系统设置的密码必须绝对不同于其它的两个密码(也就是要不同于外层加密卷的密码和迷惑操作系统的密码)。 + 请输入外层加密卷的密码(您将在该加密卷中创建隐藏加密卷)。\n\n在单击〖下一步〗后,VeraCrypt 会尝试加载此加密卷。一旦加密卷被加载,将进行簇状图扫描来确定连续的自由空间大小(如果有的话),此空间的尾部与加密卷尾部一致。该区域将提供给隐藏加密卷并因此会限制它的最大可能大小。簇状图扫描是必要的,这可以确保外层加密卷的数据不会被隐藏加密卷覆盖。 + \n请选择外层加密卷的密码。在您被攻击者强迫说出启动验证密码的情况下,这个密码可以告诉攻击者。\n\n重要:您为外层加密卷选择的密码必须不同于隐藏加密卷的密码。\n\n说明:密码的最大长度为 64 个字符。 + 请选择外层加密卷的密码。在您被攻击者强迫说出系统分区后面的第一个分区(外层加密卷和包含隐形操作系统的隐藏加密卷均位于这个分区)密码的情况下,这个密码可以告诉这些攻击者。而隐藏加密卷和隐形操作系统仍然是安全的。需要注意的是,外层加密卷的密码并不是迷惑操作系统的密码。\n\n重要:您为迷惑操作系统选择的密码必须不同于隐藏加密卷的密码(也就是隐形操作系统的密码)。 + 外层加密卷密码 + 隐藏加密卷密码 + 隐形操作系统的密码 + 警告:简短密码容易被暴力破解技术破解!\n\n我们建议选择一个超过 20 个字符的密码。\n\n您确定要使用简短密码吗? + 加密卷密码 + 密码不正确或不是 VeraCrypt 加密卷。 + 密钥 和/或 密码不正确或不是 VeraCrypt 加密卷。 + 错误的加载模式/密码或不是 VeraCrypt 加密卷。 + 错误的加载模式,无效的密钥文件 和/或 密码,或者不是 VeraCrypt 加密卷。 + 密码不正确或不是 VeraCrypt 加密卷。 + 密钥 和/或 密码不正确或不是 VeraCrypt 加密卷 + \n\n警告:Caps Lock 已经开启。 这可能导致您密码输入错误。 + 记住所挂载的卷的PIM + 外层卷 PIM + 隐藏卷 PIM + 隐形操作系统 PIM + PIM (自定迭代次数) 是一个控制头部密钥迭代次数的值,当导出头部密钥时会向这样使用:\n 迭代次数 = 15000 + (PIM x 1000) \n\n当这个值留空或设为0时,VeraCrypt会使用默认值(485)来确保安全性。\n\n当使用20位以下的密码时,为了保证维持最小的安全性,PIM的值不能小于485。\n当使用20位以上的密码时,PIM的值可以任意自定。\n\nPIM大于485可能导致加密卷的挂载速度下降。PIM小于485可能会提高挂载速度,但是如果你的密码强度不足,这会降低安全性。 + PIM (自定迭代次数) 是一个控制头部密钥迭代次数的值,当导出头部密钥时会向这样使用:\n 迭代次数 = (PIM x 2048) \n\n当这个值留空或设为0时,VeraCrypt会使用默认值(98)来确保安全性。\n\n当使用20位以下的密码时,为了保证维持最小的安全性,PIM的值不能小于98。\n当使用20位以上的密码时,PIM的值可以任意自定。\n\nPIM大于98可能导致启动速度下降。PIM小于485可能会提高启动速度,但是如果你的密码强度不足,这会降低安全性。 + 记住所启动的系统的PIM + 你选择了一个大于VeraCrypt默认值的PIM。\n注意这可能使挂载/启动速度下降。 + 你选择了一个小于VeraCrypt默认值的PIM。注意如果你的密码强度不够强,这回事一个安全隐患。\n\n你确定你在使用一个强密码? + 对于系统加密,自定迭代倍数 (PIM) 的最大值是65535。 + 卷 PIM + \n\n警告:在密钥文件搜索路径中存在隐藏文件。此类隐藏文件无法被用作密钥文件。如果您需要将它们当作密钥文件使用,请去除它们的“隐藏”属性(使用鼠标右键点击文件,选择〖属性〗,去除勾选“隐藏”标志再点击〖确定〗按钮)。注意:隐藏文件仅在启用相关选项后才可见(我的电脑 -> 工具 -> 文件夹选项 -> 查看)。 + 如果您试图保护包含隐形系统的隐藏加密卷,请确认输入隐藏加密卷密码时您正在使用标准的美国键盘布局。这是因为这些密码实在启动验证环境中输入的,而此时非美国键盘布局将无法使用。 + VeraCrypt 未发现加密过程被中断的,同时头信息可以使用提供的密码 和/或 密钥文件解密的非系统分区。\n\n请确认密码 和/或 密钥文件是正确的,并且确认此 分区/卷 并未被操作系统或其它程序(也包含杀毒软件)占用。 + 所选择的设备/分区看起来已经完全加密。\n头标志 = 0x%.8X + 所选择的设备/分区看起来没使用就地加密。\n头标志 = 0x%.8X + \n\n注意:如果您试图加载不带有启动验证的加密系统驱动器中的分区,或者是加载没有运行的加密系统分区,您可以通过选择〖系统〗 ->〖以非启动验证方式加载〗。 + 在此模式下,您不能加载此驱动器上的分区(该驱动器的部分内容处于当前活动加密系统的关键范围)。\n\n要想以此模式加载此分区,您需要先启动到安装在不同驱动器上的操作系统(与该系统是否加密无关),或者是先启动一个未加密的操作系统。 + 在整个系统所在的磁盘被加密的情况下,VeraCrypt不能单独解密某个分区(你只能解密整个系统磁盘)。 + 警告:这个磁盘看起来包含VeraCrypt启动加载器,它有可能是已经加密的整个系统磁盘。如果是的话,VeraCrypt不能单独解密某个分区(你只能解密整个系统磁盘)。你可以继续,但你稍后会收到"密码错误"的消息。 + < 后退(&B) + 不能列表安装在系统上的 raw 设备! + 加密卷 '%s' 存在,并且是只读的。您确定要替换它吗? + 选择目标目录 + 选择密钥文件 + 选择密钥文件的搜索路径。警告:注意,记忆的只是路径,而不会记忆文件名! + 选择一个存储密钥文件的目录。 + 当前的容器文件被选择为密钥文件,但不会使用它作为密钥文件。 + Serpent 为与 AES 竞争算法中的一种。设计者为 Ross Anderson、Eli Biham、和 Lars Knudsen。发表于 1998 年。256 位密钥,128 位数据块,操作模式为 XTS。 + 请指定要创建的加密卷的大小。\n\n如果您打算创建一个动态的(稀疏文件)容器,该参数对应于该容器的最大尺寸。\n\n注意:最小的 FAT 加密卷大小为 292 KB。最小的 NTFS 加密卷大小为 3792 KB。 + 请指定要创建的外层加密卷的大小(随后将在其内创建隐藏加密卷)。包含隐藏卷的外层加密卷最小可能大小为 340 KB。 + 请指定要创建的隐藏加密卷的大小。隐藏加密卷的最小可能大小为 40 KB(格式化为NTFS时为 3664 KB)。最小可能的 NTFS 加密卷大小为 2829 KB。您可以指定加密卷的最大容量如上面所示。 + 外层加密卷大小 + 隐藏加密卷大小 + 请在确认选定的 分区/设备 的容量正确无误后单击〖下一步〗。 + 外层加密卷和隐藏加密卷(包含隐形操作系统)将存在于上面分区。\n\n请确认上面显示的分区大小和数值是正确的,如果正确,请点击〖下一步〗。 + \n\n注意:如若在其内创建隐藏加密卷,则外层加密卷最小可能大小为 340 KB。 + 加密卷大小 + 动态加密卷 + 警告:自检失败! + 全部算法自检通过 + 您提供的数据单元数值太长或太短。 + 您提供的次密钥太长或太短。 + 您提供的测试加密文本太长或太短。 + 您提供的测试密钥太长或太短。 + 您提供的测试明码文本太长或太短。 + 在 XTS 模式的层叠操作中需要两个密码。每个块首先使用 %s(%d 位密钥),之后使用 %s(%d 位密钥)加密。每个密码使用其各自的密钥。所有的密钥均各自独立。 + 在 XTS 模式的层叠操作中需要 3 个密码。每个块首先以 %s(%d 位密钥)加密,然后以 %s(%d 位密钥)加密,最后以 %s(%d 位密钥)加密。每个密码均使用各自的密钥。所有的密钥均彼此独立。 + 需要注意的是,依赖于操作系统配置,这些自动运行和自动加载功能可能仅当便携磁盘文件创建在非可擦写 CD/DVD 类介质时才能使用。同样也要注意这并不是 VeraCrypt 程序设计缺陷(而是 Windows 系统的限制)。 + VeraCrypt 便携磁盘已成功创建。\n\n注意:您必须具有系统管理员身份才能以便携模式运行 VeraCrypt。同时也要注意尽管以便携模式运行 VeraCrypt,也可能能够从注册表中被检测到曾经运行过 VeraCrypt。 + VeraCrypt 便携磁盘 + 设计者:Bruce Schneie、John Kelsey、Doug Whiting、David Wagner、Chris Hall、Niels Ferguson。发表于 1998 年。256 位密钥,128 位块,操作模式为 XTS。Twofish 为 AES 竞争算法中的一种。 + 关于 %s 的更多信息(联网) + 未知 + 发生未预期的或未知错误(%d)。 + 一些加密卷包含的文件或文件夹 正被应用程序或系统使用。\n\n强行卸载吗? + 卸载(&D) + 卸载失败! + 加密卷包含的文件或文件夹 被应用程序或系统使用。\n\n强行卸载吗? + 没有加密卷被加载到您所指定的盘符。 + 您试图要加载的加密卷早已加载。 + 试图加载加密卷时出错。 + 在加密卷里寻址时出错。 + 错误:错误的加密卷大小。 + 警告:您应当只能在下面的情况下使用快速格式化:\n\n1) 设备不包含敏感数据,且您不需要隐蔽性。\n2) 设备或分区已经被完全加密过。\n\n您确认要使用快速格式化吗? + 动态的容器是一个预先分配的 NTFS 稀疏文件,它的物理大小(实际磁盘空间占用)在有新数据添加到里面的时候才会增加。\n\n警告: 稀疏文件基础的加密卷性能比常规加密卷的性能有较大降低。稀疏文件基础的加密卷的安全性也要弱些-因为它有可能泄漏哪些加密卷扇区未被使用的情况。另外,稀疏文件基础的加密卷无法实现隐蔽性(容纳一个隐藏加密卷)。同时需要注意到是如果数据被写入到稀疏文件基础的加密卷,而此时主机文件系统剩余空间不足,加密的文件系统可能会损坏。\n\n您确认要创建稀疏文件基础的加密卷吗? + 注意,Windows 系统和 VeraCrypt 报告的动态加密卷的大小会等于它的最大尺寸。要查看当前容器的物理大小(占用的实际磁盘空间),在 Windows 资源管理器窗口右键单击容器文件,之后选择“属性”并查看“占用空间”的数值。\n\n同时也要注意,如果您把动态加密卷移动到另外容器或驱动器,容器的物理大小会变为它的最大大小。 (为避免此类情况发生,您可以在目标位置创建一个新的动态加密卷,然后把文件从老的加密卷中复制过来) + 密码缓存已擦除 + 存储在 VeraCrypt 驱动缓存中的密码(和/或 已处理的密钥文件内容)已经被擦除。 + VeraCrypt 不能修改外层加密卷的密码。 + 请从列表中选择一个未被占用的驱动器盘符。 + 请在驱动器列表中选择一个已加载的加密卷。 + 当前选择了两个已加载的加密卷(一个位于盘符列表中,另外一个位于列表下面的文本输入框中)。\n\n请确认您要选择的加密卷: + 错误:不能创建 autorun.inf + 处理密钥文件时出错! + 处理密钥文件路径时出错! + 密钥文件路径不包含文件。\n\n请注意,在密钥文件搜索路径中发现的该文件夹(以及其中包含的文件)已忽略。 + VeraCrypt 不支持此操作系统。 + 错误:VeraCrypt 仅支持稳定的操作系统版本(不支持 beta 版和 RC 版)。 + 错误:不能分配内存。 + 错误:不能恢复性能计数器的值。 + 错误:错误的加密卷格式。 + 错误:您提供了一个隐藏加密卷的密码(而不是常规加密卷的密码)。 + 安全起见,隐藏加密卷不能在带有就地加密文件系统的 VeraCrypt 加密卷中创建(这是因为该加密卷上的自由空间没有填充随机数据) + VeraCrypt - 法律提示 + 所有文件 + VeraCrypt 加密卷 + 运行库模块 + NTFS 格式化不能继续。 + 不能加载加密卷。 + 不能卸载加密卷。 + 格式化成 NTFS 磁盘格式时失败。\n\n请选择不同的文件系统格式(如果可能的话)再尝试一次。此外,您可以保留该加密卷为未格式化加密卷(文件系统选择为“无”),退出向导,加载这个加密卷,然后再使用系统或第三方工具格式化这个已经加载的加密卷(该加载的加密卷仍然为加密状态)。 + Windows 格式化加密卷为 NTFS 时失败。\n\n您希望格式化为 FAT 文件系统吗? + 默认 + 分区 + 分区 + 设备 + 设备 + 设备 + 加密卷 + 加密卷 + 加密卷 + 卷标 + 相对加密卷大小而言,选择的簇大小太小。 将替代使用大一些的簇大小。 + 错误:不能获取加密卷大小信息!\n\n请确认选择的加密卷未被系统或 其它程序使用。 + 隐藏加密卷不能创建于动态(稀疏文件)的外层加密卷中。要达到足够的隐蔽性,隐藏加密卷应当在非动态加密卷中创建。 + VeraCrypt 加密卷创建向导只能在 FAT 或 NTFS 加密卷内创建隐藏加密卷。 + 在 Windows 2000 系统里,VeraCrypt 加密卷创建向导只能在 FAT 加密卷里面创建隐藏加密卷。 + 注意:FAT 文件系统比 NTFS 文件系统更适合作为外层加密卷(例如,如果外层加密卷被格式化为 FAT 格式,能够创建的隐藏加密卷的大小可能会更大一些)。 + 注意:FAT 文件系统比 NTFS 文件系统更适合作为外层加密卷(例如,如果外层加密卷被格式化为 FAT 格式,能够创建的隐藏加密卷的大小可能会更大一些)(原因是 NTFS 文件系统总是在卷的中部存储内部数据,因此,隐藏加密卷只能创建在外层加密卷的后半部分)。\n\n您确认要继续格式化外层为 NTFS 格式吗? + 您想要把加密卷格式化为 FAT 格式吗? + 注意:此加密卷无法以 FAT 文件系统格式化,因为其大小超过 FAT32 文件系统所支持的最大值(512 字节扇区最大 2TB,4096 字节扇区最大 16TB)。 + 错误:隐形操作系统的分区(也就是系统分区后面的第一个分区)必须至少比系统分区大 5%(系统分区就是当前运行的操作系统所在的分区)。 + 错误:隐形操作系统的分区(也就是系统分区后面的第一个分区)必须至少比系统分区大 110%(2.1 倍)(系统分区就是当前运行的操作系统所在的分区)。原因是 NTFS 文件系统总是在卷的中部存储内部数据,因此,隐藏加密卷只能创建在外层加密卷的后半部分。 + 错误:如果外层加密卷被格式化为 NTFS,则它必须至少比系统分区大 110%(2.1 倍)。原因是 NTFS 文件系统总是在卷的中部存储内部数据,因此,隐藏加密卷只能创建在外层加密卷的后半部分。\n\n说明:外层加密卷需和隐形操作系统位于同一分区(即位于系统分区后面的第一个分区)。 + 错误:在系统分区后面没有其它分区。\n\n注意,在您创建隐形操作系统之前,您需要在此系统驱动器上创建一个分区。该分区必须是系统分区后的第一个分区,并且必须至少比系统分区大 5%(系统分区就是当前运行的操作系统所在的分区)。然而,如果外层加密卷(不要与系统分区混淆)被格式化为 NTFS 格式,则该分区必须至少比系统分区大 110%(2.1 倍)(原因是 NTFS 文件系统总是在卷的中部存储内部数据,因此,包含系统克隆的隐藏加密卷只能创建在外层加密卷的后半部分)。 + 注释:同时在单一分区的 VeraCrypt 外层和隐藏加密卷里面创建两个系统并不可行(因此也不被支持)。因为使用外层操作系统会经常要求写入数据到隐形操作系统所在区域(如果使用隐藏加密卷保护机制,也会因此而带来系统崩溃,即蓝屏错误)。 + 关于创建和管理分区的更多信息,请参考您的操作系统所提供的文档,或者联系您的计算机提供商以获取技术支持。 + 错误:当前运行的操作系统并未安装到启动分区(第一个作用/激活的分区)。目前不支持此情况。 + 您已经表明了要在加密卷里面存放大于 4GB 的文件。然而,您选择了 FAT 文件系统,此系统无法存储大于 4 GB 的文件。\n\n您确认要格式化该卷为 FAT 格式吗? + 错误:不能就地解密那些用1.0b或更旧的VeraCrypt创建的非系统加密卷。\n\n提示: 但你还是可以通过把其中的文件复制(或移动)到那些没有加密的卷中来解密它们。 + 错误:不能就地解密隐藏非系统加密卷。\n\n提示: 但你还是可以通过把其中的文件复制(或移动)到那些没有加密的卷中来解密它们。 + 警告:VeraCrypt不能就地解密隐藏卷(隐藏卷会被随机数据覆盖)。\n\n请确定将要解密的卷中不含隐藏卷\n\n提示: 如果要解密的卷中有隐藏卷但你不介意失去隐藏卷中的文件,你可以继续(外层卷会安全的被解密)。 + 此卷中不含隐藏卷,继续操作。 + 此卷中含隐藏卷,取消操作。 + 错误:不能访问加密卷!\n\n请确认选择的加密卷存在,并且该加密卷并未由系统或其它程序使用,同时该加密卷未被写保护,并且您具有对该加密卷的读写权限,并且确认该加密卷未被写保护。 + 错误: 不能获得卷的属性。 + 错误:不能访问该加密卷 和/或 获取该加密卷的信息。\n\n请确认该加密卷存在,并且未被操作系统或其它程序占用,以及您具有对该加密卷的读写权限,同时还要保证该加密卷未被写保护。 + 错误:不能访问该加密卷 和/或 获取该加密卷的信息。请确认选择的加密卷存在,并且未被操作系统或其它程序占用,以及您具有对该加密卷的读写权限,同时还要保证该加密卷未被写保护。\n\n如果此问题仍然存在,遵循以下步骤可能有所帮助。 + 发生了一个错误,VeraCrypt 无法加密分区。请尝试修复任何前面报告的问题之后再次尝试。如果此问题依然存在,遵循以下步骤可能有所帮助。 + 发生了一个错误,VeraCrypt 无法继续加密分区的过程。\n\n请尝试修复任何前面报告的问题之后再次尝试加密过程。注意:该加密卷在完全加密前将无法加载。 + 发生了一个错误,VeraCrypt 无法继续解密分区的过程。\n\n请尝试修复任何前面报告的问题之后再次尝试解密过程。 + 错误:不能卸载外层加密卷!\n\n如果加密卷中的文件或文件夹被程序或被 系统使用,则该加密卷不能被锁定。\n\n请关闭任何可能使用加密卷上文件或目录 的程序,然后再点击〖重试〗。 + 错误:不能获取外层加密卷的信息! 加密卷创建不能继续。 + 错误:不能访问外层加密卷! 加密卷创建不能继续。 + 错误:不能加载外层加密卷! 加密卷创建不能继续。 + 错误:不能获取加密卷簇状图! 加密卷创建不能继续。 + 按字母顺序 + 按平均速度(递减) + 算法 + 加密 + 解密 + 平均 + 盘符 + 大小 + 加密算法 + 加密算法 + 类型 + + 属性 + 位置 + 字节 + 隐藏 + 外层 + 常规 + 系统 + 隐藏(系统) + 只读 + 系统驱动器 + 系统驱动器(正在加密 - %.2f%% 已完成) + 系统驱动器(正在解密 - %.2f%% 已完成) + 系统驱动器(%.2f%% 已加密) + 系统分区 + 隐形操作系统 + 系统分区(正在加密 - %.2f%% 已完成) + 系统分区(正在解密 - %.2f%% 已完成) + 系统分区(%.2f%% 已加密) + 是(防止损坏!) + + 主密钥大小 + 次密钥大小(XTS 模式) + 调整密钥大小(LRW 模式) + + 块大小 + PKCS-5 PRF + PKCS-5 迭代次数 + 加密卷创建时间 + 头信息上次修改时间 + (%I64d 天前) + 加密卷格式版本 + 内嵌的备份头信息 + VeraCrypt 启动管理器版本 + 首个可用的 + 移动硬盘 + 硬盘 + 不改变 + 自动检测 + 向导模式 + 请选择一种安装模式,如果不确认,请使用默认模式。 + 如果您想安装 VeraCrypt 到当前系统,请选择此选项。 + 注意:即使在系统分区/设备已加密的情况下,或者您正在使用隐形系统的情况下,您也可以执行更新而无需解密。 + 如果选择该选项,所有文件都会被从安装包中释放出来,但是不会向系统中安装任何文件。如果您计划加密 Windows 系统分区或系统驱动器,请不要选择此选项。选择此选项有时会比较有用,例如,您希望以便携模式运行 VeraCrypt。VeraCrypt 不一定要必须安装到系统中。在所有文件释放后,您可以直接运行释放后的 'VeraCrypt.exe' 文件(这时 VeraCrypt 会以便携模式运行)。您也可以把释放后的文件复制到其它计算机。 + 安装选项 + 这里您可以设置控制安装过程的不同选项。 + 正在安装 + VeraCrypt 正在安装,请稍候。 + VeraCrypt 已经成功安装 + VeraCrypt 已经成功更新 + 请考虑给予捐助。您可在任何时间点击〖完成〗按钮关闭安装程序。 + 释放选项 + 您可以在这里设置控制释放过程的不同选项。 + 正在释放文件,请稍候。 + 文件已经成功释放 + 所有文件已经被成功释放到目标文件夹。 + 如果指定文件夹,将会自动创建该文件夹。 + VeraCrypt 程序文件将会更新到 VeraCrypt 的安装位置。如果您需要选择一个不同的位置,请先卸载当前安装的 VeraCrypt 。 + 您想联网查看当前版本的 VeraCrypt 的发行说明吗? + 如果您以前从未没有使用过 VeraCrypt,我们推荐您先阅读“VeraCrypt User Guide”文档中的“Beginner's Tutorial”章节。您想要查看用户指南吗(联网)? + 请从下面选项中选择要执行的操作: + 修复/重新安装 + 更新 + 卸载 + 要成功安装或卸载 VeraCrypt,您必须具有系统管理员权限。您确认要继续吗? + VeraCrypt 安装程序正在执行 VeraCrypt 的安装或更新。在您继续进行前,请等待其完成或者关闭它。如果您无法关闭它,请在继续之前重启计算机。 + 安装失败。 + 卸载失败。 + 该安装包已经损坏。请尝试重新下载安装包(优先建议从 VeraCrypt 官方网站 https://veracrypt.codeplex.com 下载)。 + 不能写入文件 %s + 正在释放 + 不能从安装包中读取数据 + 不能验证安装包的完整性。 + 释放失败。 + 安装已经回滚。 + VeraCrypt 已成功安装。 + VeraCrypt 已经成功更新。 + VeraCrypt 已经更新到新版本。在您开始使用新版本前,您必须重启计算机。\n\n您希望现在就重启计算机吗? + 警告:VeraCrypt 更新失败!\n\n重要:在您关机或重新启动系统前 ,我们强烈建议您使用系统还原(〖开始〗菜单 -> 所有程序 -> 附件 -> 系统工具 -> 系统还原),以恢复系统到名为“VeraCrypt 安装”的还原点。如果系统还原不可用,您应该在关机前尝试再从新安装原始版本的 VeraCrypt。 + VeraCrypt 已成功卸载。\n\n单击〖完成〗按钮来移除 VeraCrypt 安装程序和文件夹 %s。注意:如果该文件夹中含有非安装程序创建的文件,则该文件夹不会被移除。 + 正在移除 VeraCrypt 注册表项目。 + 正在添加注册表项目 + 正在删除程序相关数据 + 正在安装 + 正在停止 + 正在删除 + 添加图标 + 创建系统还原点 + 创建系统还原点失败! + 正在更新启动管理器 + 安装 '%s' 失败。 %s 您想要继续安装吗? + 卸载 '%s' 失败。 %s 您想要继续卸载吗? + 安装完毕。 + 无法创建文件夹 '%s' + 不能卸载 VeraCrypt 设备驱动。\n\n请首先关闭所有打开的 VeraCrypt 窗口。如果这样仍然不起作用,请重启计算机然后再试一次。 + 在安装或者卸载 VeraCrypt 之前必须先要卸载所有的 VeraCrypt 加密卷。 + 当前系统已经安装了老版本的 VeraCrypt。在安装新版本前需要卸载旧版本的 VeraCrypt。\n\n在您关闭此对话框之后,将会加载旧版本的卸载程序。在卸载的过程中将不会执行任何加密分区的解密操作。在卸载旧版本的 VeraCrypt 之后,请再次运行新版 VeraCrypt 安装程序。 + 安装注册表项目失败 + 安装设备驱动失败。请重启计算机后再尝试安装 VeraCrypt。 + 正在启动 VeraCrypt 设备驱动 + 卸载设备驱动失败。请注意,由于 Windows 系统问题,在设置驱动能够继续卸载或重新安装前可能需要注销或者重启系统。 + 正在安装 VeraCrypt 设备驱动 + 正在停止 VeraCrypt 设备驱动 + 正在卸载 VeraCrypt 设备驱动 + 注册用户账户控制支持运行库失败。 + 取消用户账户支持运行库失败。 + 便携模式注意事项:\n\n操作系统要求驱动程序在启动前已注册,因此,VeraCrypt 的驱动程序不是完全便携的(但 VeraCrypt 程序本身是完全便携的,也就是说,它们无需安装也不用在操作系统中注册)。此外,也须注意VeraCrypt 需要提供透明的实时加密/解密的驱动。 + 注意:如果您决定以便携方式运行 VeraCrypt(不同于安装后运行 VeraCrypt),系统会在您每次尝试运行 VeraCrypt 的时候询问您运行 VeraCrypt 的权限(UAC 提示)。\n\n原因是您以便携模式运行 VeraCrypt 时,VeraCrypt需要加载和运行 VeraCrypt 设备驱动。VeraCrypt 需要此设备驱提供透明实时加解密,并且不具有管理员权限的用户在 Windows 中将不能启动设备驱动。因此,系统将会要求您使用管理器特权运行 VeraCrypt 的权限(UAC 提示)。\n\n说明:如果您在系统中安装了 VeraCrypt,系统在每次启动 VeraCrypt 时将不会询问运行权限(无 UAC 提示)。\n\n您确认要释放这些文件吗? + 警告:这个加密卷创建向导的实例具有管理员权限。\n\n您新建的加密卷可能许可为加载时不允许向该加密卷写入数据。如果要避免这种情况发生,请关闭加密卷向导的实例并在非管理员权限下加载新的向导。\n\n您要关闭这个加密卷创建向导的实例吗? a + 错误:不能显示授权许可。 + 外层(!) + + 小时 + 分钟 + + 打开 + 卸载 + 显示 VeraCrypt + 隐藏 VeraCrypt + 加载后读取的数据 + 加载后写入的数据 + 加密部分 + 100%(完全加密) + 0%(未加密) + %.3f%% + 100% + 正在等待 + 正在准备 + 正在改变大小 + 正在加密 + 正在解密 + 正在完成 + 已暂停 + 已完成 + 错误 + 设备已断开 + 系统收藏加密卷已保存。\n\n要想在系统启动时加载系统收藏加密卷,请选择〖设置〗 -> 〖系统收藏加密卷〗 -> 〖在 Windows 启动时加载系统收藏加密卷〗。 + 您添加到收藏的既不是加密分区也不是动态加密卷。因此,如果设备号发生改变,VeraCrypt 将不能载入此收藏加密卷。 + 您添加到收藏的加密卷不是 Windows 能够识别的分区。\n\n因此,如果设备号发生改变,VeraCrypt 将不能载入此收藏加密卷。请设置分区的类型为 Windows 系统所能够识别的类型(使用Windows 'diskpart' 工具的 SETID 命令)。之后再添加此分区到收藏。 + VeraCrypt 后台任务已禁用,或被设置为在没有加密卷加载时退出(或者 VeraCrypt 正在以便携模式运行)。当含有这些加密卷的设备连接到电脑的时候,后台服务被禁用可能会阻止收藏加密卷自动加载。\n\n说明:要启用 VeraCrypt 后台任务,选择〖设置〗 -> 〖参数选择〗之后勾选“VeraCrypt 后台任务”部份的“启用”复选框。 + 当含有这些加密卷的设备连接到电脑的时候,存储于共享网络上的远程文件系统的加密容器不能被自动加载。 + 下面显示的设备既不是分区也不是动态加密卷。因此,当设备连接到电脑的时候,存储于这些设备中的加密卷将不能自动加载。 + 请设置下面显示的分区的类型为 Windows 系统所能够识别的类型(使用Windows 'diskpart' 工具的 SETID 命令)。之后从收藏中移除该分区并随后再次添加它。这可以使设备连接时,包含于其中的加密卷可以被 VeraCrypt 自动加载。 + 下面显示的设备既不是分区也不是动态加密卷。因此,不会赋予它们磁盘盘符。 + 请设置下面显示的分区的类型为 Windows 系统所能够识别的类型(使用 Windows 'diskpart' 工具的 SETID 命令)。之后从收藏中移除该分区并随后再次添加它。这可以使 VeraCrypt 能够赋予盘符给这个分区。 + 由于 Windows 系统的限制,在网络上共享的远程文件系统上的加密容器不能被加载为系统收藏加密卷(然而,它可以在用户登录时被加载为普通的收藏加密卷)。 + 为 %s 输入密码 + 为 '%s' 输入密码 + 输入常规外层加密卷的密码 + 输入隐藏加密卷的密码 + 输入存储在备份文件中的加密卷头的密码 + 密钥文件已成功创建。 + 你提供的密钥文件数量无效。 + 密钥文件的大小必须介于64字节至1048576字节之间。 + 输入要生成的密钥文件的文件名 + 输入的密钥文件基底文件名无效 + 密钥文件 '%s' 已存在。\n你希望覆盖它吗?选择"不"会停止生成过程... + 警告:加密卷头信息已经损坏!VeraCrypt 将自动使用内嵌在加密卷中的头信息备份。\n\n您应当通过选择〖工具〗->〖恢复加密卷头信息〗来修复头信息。 + 加密卷头信息备份已经成功创建。\n\n重要:使用恢复功能恢复时也会恢复当前加密卷的密码。另外,如果创建加密卷的时候使用了密钥文件,恢复后也需要同样的密钥文件来打开加密卷。\n\n警告:该加密卷头信息备份只能用在这个提供备份的加密卷上。如果您把该头信息备份恢复到其它加密卷,您可能能够打开加密卷,但是您将不能解密存储于加密卷的任何数据(这是因为您已经改变了加密卷的主密钥)。 + 加密卷头信息备份已经成功恢复。\n\n重要:请注意旧密码也同样被恢复了。另外,备份时如果需要密钥文件来加载加密卷,恢复后也需要同样的密钥文件。 + 安全起见,您需要输入正确的加密卷密码(和/或 提供正确的密钥文件)。\n\n注意:如果该加密卷中包含隐藏加密卷,您需要先输入正确的外层加密卷的密码(和/或 正确的密钥文件)。之后,如果选择老备份隐藏加密卷的头信息,您需要输入正确的隐藏加密卷密码(和/或 提供正确的密钥文件)。 + 您确认要创建加密卷 %s 的头信息的备份吗?\n\n在您点击〖是〗后,将会弹出备份的头信息文件的文件名提示对话框。\n\n注意:常规加密卷和隐藏加密卷头信息均将使用新的元素加密并存储到备份文件中。如果加密卷中没有隐藏加密卷,在备份文件中为隐藏加密卷保留的区域将会使用随机数据填充(以保持隐蔽性)。您需要输入创建头信息备份时的正确的密码(和/或 提供正确的密钥文件)。密码或密钥文件会自动确定要恢复的加密卷头信息类型,即常规的或是隐藏的(VeraCrypt 通过尝试和错误来侦测类型),尽管有时在加密卷里面并没有隐藏加密卷(为保留隐蔽性)。当从备份文件中恢复一个加密卷的头信息时,可以选择恢复哪个头信息(例如,隐藏解密卷或是标准加密卷) + 您确认要恢复加密卷 %s 的头信息吗?\n\n警告:恢复加密卷头信息也会恢复在创建备份时 有效的密码。另外,如果在备份时需要使用密钥文件加载加密卷,那么在头信息恢复后,仍然需要同样的密钥文件。\n\n在您点击〖是〗后,您将选择头信息备份文件。 + 此加密卷包含隐藏加密卷吗? + 此加密卷包含隐藏加密卷 + 此加密卷不包含隐藏加密卷 + 请选择您想要使用的加密卷头信息备份类型: + 从加密卷内嵌的备份中恢复加密卷头信息 + 从外部备份文件中恢复加密卷头信息 + 加密卷头信息备份文件的尺寸不对。 + 加密卷中没有内嵌的备份头信息(注意,仅在 VeraCrypt 6.0 和以后的版本才包含内嵌的头信息)。 + 您正在尝试备份系统分区/设备的头信息,该功能不被允许。对于系统分区/设备头信息的备份/恢复 只能通过使用 VeraCrypt 应急盘来进行。\n\n您希望创建 VeraCrypt 应急盘吗? + 您正在尝试恢复系统分区/设备的头信息,但是您选择的是系统分区/设备。该功能不被允许。 对于系统分区/设备头信息的备份/恢复 只能通过使用 VeraCrypt 应急盘来进行。\n\n您希望创建 VeraCrypt 应急盘吗? + 在点击〖确定〗按钮后,您将会设置新的 VeraCrypt 应急盘 ISO 镜像文件的名称和存放位置。 + 应急盘 ISO 镜像文件已经创建并存储为文件: %s\n\n现在您需要把应急盘刻录到 CD 或 DVD。\n\n重要:文件必须以 ISO 镜像文件方式刻录到 CD/DVD(不要刻录为单个的数据文件)。要获取更多的关于如何刻录 ISO 文件的信息,请参考您的 CD/DVD 刻录软件的说明书。\n\n请您在刻录应急盘之后,选择〖系统〗 -> 〖验证应急盘〗来验证应急盘是否已经成功刻录。 + 应急盘 ISO 镜像文件已经创建并存储为文件: %s\n\n现在您需要把应急盘刻录到 CD 或 DVD。\n\n您想要启动 Windows 自带的磁盘镜像刻录功能吗?\n\n注意,请您在刻录应急盘之后,选择〖系统〗 -> 〖验证应急盘〗来验证应急盘是否已经成功刻录。 + 请插入 VeraCrypt 应急盘到 CD/DVD 光驱并点〖确定〗按钮开始验证。 + VeraCrypt 应急盘已经被成功验证。 + 应急盘验证失败。\n\n如果您已经刻录了应急盘,请弹出后重新插入应急盘到 CD/DVD,之后再试一次。如果仍然无效,请尝试使用其它 CD/DVD 刻录软件或刻录盘。\n\n如果您尝试验证一个为不同的主密钥、密码、元素等创建的 VeraCrypt 应急盘,请注意这样的应急盘会无法通过验证。要创建一个新的和当前配置完全兼容的应急盘,请选择〖系统〗 -> 〖创建应急盘〗。 + VeraCrypt 应急盘ISO镜像已经被成功验证。 + 应急盘ISO镜像文件验证失败。\n\n请注意,如果你尝试验证一个与当前系统盘主密钥、密码或盐值等不同的情况下创建的应急盘,此操作将提示失败。要创建一个与当前配置相符的应急盘ISO镜像,请选择 "系统" > "创建应急盘" 。 + 创建 VeraCrypt 应急盘时失败。 + VeraCrypt 应急盘在隐形操作系统运行时无法创建。\n\n要创建 VeraCrypt 应急盘,请启动到迷惑操作系统之后选择〖系统〗 -> 〖创建应急盘〗。 + 不能确定应急盘是否刻录成功。\n\n如果您已经刻录了应急盘,请弹出后重新插入应急盘到 CD/DVD,之后再尝试验证一次。如果仍然无效,请尝试使用其它 %s 。\n\n如果您还没有创建应急盘,请首先创建一个,然后再点〖下一步〗按钮。\n\n如果您尝试验证一个运行加密盘创建向导以前创建的应急盘,则这样的应急盘是无法用于当前系统的,这是因为它是使用了不同的主密钥创建的。您需要刻录和创建一个新的应急盘。 + 和/或 其它 CD/DVD 刻录软件 + VeraCrypt - 系统收藏加密卷 + 什么是系统收藏加密卷?(联网) + 系统分区/驱动器看起来没有加密。\n\n系统收藏加密卷只能使用启动验证中的密码加载。因此,要启用系统收藏加密卷功能,您需要先加密系统分区/驱动器。 + 在操作前请卸载加密卷。 + 错误:不能设置计时器。 + 检查文件系统 + 修复文件系统 + 添加到收藏... + 添加为系统收藏加密卷... + 属性(&R)... + 隐藏加密卷被保护 + N/A + + + 禁用 + 1 个 + 2 个或多个 + 操作模式 + 卷标: + 大小: + 路径: + 驱动器盘符: + 错误:密码必须仅包含 ASCII 字符。\n\n密码中的非-ASCII 字符可能会导致在 操作系统配置改变时加密卷不能加载。\n\n允许使用下面字符:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + 警告:密码中包含非-ASCII 字符。可能会导致在操作系统配置改变时加密卷不能加载。\n\n您应当使用 ASCII 字符替换密码中的非 ASCII 字符。 如要这样做,点击〖加密卷〗 -> 〖修改加密卷密码〗\n\n下面字符为 ASCII 字符:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + 警告:我们强烈建议您避免使用可执行文件名(例如 .exe,.sys,或 .dll)以及其它可能有问题的类似扩展名作为加密卷的名称。使用这些扩展名通常会导致 Windows 或反病毒软件干预加密卷,这很可能会严重影响加密卷的性能,也可能会导致其它严重的问题。\n\n我们强烈建议您移除此扩展名或更换其扩展名(例如,改变为 .iso,.img,.dat)。\n\n您确认继续使用可能有潜在问题的扩展名吗? + 警告:该加密卷带有可执行文件的扩展名(例如 .exe,.sys,或 .dll)或其它可能有问题的类似扩展名作为加密卷的名称。 这很可能导致 Windows 或反病毒软件干预加密卷,会严重影响加密卷的性能,也可能会导致其它严重的问题。\n\n我们强烈建议您在卸载加密卷后移除此扩展名或更换为其它扩展名(例如,改变为 .iso,.img,.dat)。 + 主页(联网) + 警告:看起来您还没有安装任何 Windows 操作系统的补丁包。您不应当向未 安装 SP1 或以后补丁包的 Windows XP 系统中的大于128 GB 的 IDE 硬盘写 入数据!如果这样做,磁盘上的数据(不论是否为 VeraCrypt 加密卷)可能 会损坏。注意:这是 Windows 操作系统的限制,而不是 VeraCrypt 错误。 + 警告:看起来您的 Windows 2000 系统还未安装 SP3 或以后补丁包。 您不应当向这个系统中大于 128 GB 的 IDE 硬盘写入数据!如果这样 做了,磁盘上的数据(不论是否为 VeraCrypt 加密卷)可能会损坏。 注意:这是 Windows 操作系统的限制,而不是 VeraCrypt 的错误。\n\n注意:您也需在注册表里面启用 48-位 LBA 支持;更多信息,请参考 http://support.microsoft.com/kb/305098/EN-US + 警告:您的系统不支持 48-位 LBA ATAPI。因此,您将不能写入到超过 128GB 容量的 IDE 磁盘!如果您仍然坚持这样做,磁盘上的数据(不论其是否为 VeraCrypt 加密卷)将会损坏。请注意,这是 Windows 系统的限制,不是 VeraCrypt 软件的限制。\n\n要启用 48-位 LBA 支持,请在注册表的HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters下添加一个 'EnableBigLba' 键值并设置其值为 1。\n\n更多信息请参考 http://support.microsoft.com/kb/305098 + 错误:大于 4 GB 的文件不能存储于 FAT32 文件系统。因此,存储于 FAT32 文件系统上的文件类型的加密卷(或外层加密卷)不能大于 4 GB。\n\n如果您需要大容量的加密卷,请在 NTFS 文件系统(或者,如果您使用 Windows Vista SP1 或以后版本的系统,在扩展的 exFAT 文件系统)中创建,除此之外,您也可以使用创建加密分区来代替创建文件型加密盘。 + 警告:Windows XP 不支持大于 2048GB 的文件(将会被报告为“无足够存储空间”)。因此,在 Windows XP 中您不能创建大于 2048GB 的文件类型加密盘。\n\n请注意,在 Windows XP 中仍然是可以加密整个设备或者创建大于 2048GB 的分区类型 VeraCrypt 加密卷的。 + 警告:如果您想以后向外层加密卷中添加更多的数据或文件,您应当考虑为隐藏加密卷选择一个小一点的尺寸。\n\n您确认要以指定的尺寸继续吗? + 未选择加密卷。\n\n点击〖选择设备...〗或〖选择文件...〗来选择 VeraCrypt 加密卷。 + 没有选择分区。\n\n点击〖选择设备〗来选择一个通常需要启动验证的已卸载的分区(例如,一个位于另外加密系统驱动器上的另外一个没有运行的系统的分区,或者是另外一个操作系统的加密系统分区)。\n\n注意:选择的分区将被以常规 VeraCrypt 加密卷的方式加载而无需启动验证。这在执行备份和修复等操作时比较有用。 + 警告:如果默认的密钥文件被设定和启用后,则不能加载不使用该密钥文件的加密卷。因此,如果默认的密钥文件被设定和启用后,在打开非密钥文件加密的加密卷时,请记住取消对〖使用密钥文件〗选项的选择(在密码输入框的下面)。\n\n您确认保存选定的密钥文件/路径作为默认值吗? + 自动加载设备 + 全部卸载 + 擦除缓存 + 卸载全部 & 擦除缓存 + 强制全部卸载并擦除缓存 + 强制全部卸载擦除缓存并退出程序 + 加载收藏加密卷 + 显示/隐藏 VeraCrypt 主窗口 + (单击这里并按下某个键盘按键) + 操作 + 热键 + 错误:该热键为系统保留热键,请选择一个其它热键。 + 错误:热键被占用。 + 警告:一个或多个 VeraCrypt 作用于系统范围的热键不能使用!\n\n请确认 VeraCrypt 的这些热键没有被其它程序或操作系统占用。 + 已阻止创建虚拟内存页面文件。\n\n请注意,由于 Windows 自身的问题,页面文件不能位于非系统类 VeraCrypt 加密卷(包括系统收藏加密卷)。VeraCrypt 仅支持在加密的系统分区/设备上创建页面文件。 + VeraCrypt 加密休眠文件时发生了错误或者非兼容问题。因此系统的休眠已经被阻止。\n\n注意:当计算机处于休眠模式(或进入节电模式),系统内存的信息会被写入位于驱动器上的休眠文件。VeraCrypt 不能阻止在内存中打开的加密密钥和敏感文件的内容以未加密的形式存放于休眠文件。 + 休眠功能已经被阻止。\n\nVeraCrypt 不支持使用额外启动分区的隐形系统中的休眠功能。请注意启动分区是由迷惑系统和隐形系统共用的。因此,要防止数据泄露和休眠可能会带来的问题,VeraCrypt 不得不阻止隐形系统向共用的启动分区写入数据,以及阻止隐形系统休眠。 + 加载为 %c: 的 VeraCrypt 加密卷已卸载。 + VeraCrypt 加密卷已卸载。 + VeraCrypt 加密卷已经卸载,密码缓存已擦除。 + 已成功卸载 + 警告:如果 VeraCrypt 后台任务被禁用,下面的功能将会失效:\n\n1)系统热键\n2)自动卸载加密卷(例如注销时,意外的主设备移除,超时,等等)\n3)自动加载收藏加密卷\n4)提示(例如:对隐藏加密卷的损坏被阻止时)\n5)通知栏图标\n\n注意:您可以随时在通过右键单击 VeraCrypt 的通知栏图标并选择〖退出〗来停止后台任务。\n\n您确认要停止 VeraCrypt 的后台任务吗? + 警告:如果此选项被禁用,包含打开的文件/目录 的加密卷将不能自动卸载。\n\n您确认要禁用这个选项吗? + 警告:包含打开的文件/目录的加密卷将不能自动卸载。\n\n要防止这种情况,在对话框窗口中启用下面选项: 〖强行自动卸载,不论加密卷是否包含打开的文件或目录〗 + 警告:当笔记本电力不足时,Windows 可能会在计算机进入待机模式时,系统会向正在运行中的程序发送相应的信息。因此,这种情况下 VeraCrypt 可能会无法自动卸载加密卷。 + 您已经安排了加密 分区/设备 的计划。该计划尚未完成。\n\n您希望现在继续这个加密过程吗? + 您已经计划了加密或解密系统分区/驱动器的操作。但该操作尚未完成。\n\n您希望开始(或继续)该操作吗? + 您想要软件提示您是否要继续当前计划的加密非系统分区/卷的加密过程吗? + 是,一直提示我 + 否,不要再提示我 + 重要:请一定记住,任何时候,您都可以通过从 VeraCrypt 窗口的主菜单中选择〖加密卷〗 -> 〖继续被中断的过程〗,来继续任何非系统服务/卷的加密过程。 + 您已经设置了加密解密系统分区或驱动器的计划任务。然而,启动验证已失败(或被绕过)。\n\n注意:如果您在启动验证环境中解密了系统分区/驱动器,您可能需要从 VeraCrypt 窗口的〖系统〗 菜单 -> 〖永久解密系统分区/驱动器〗完成最后的设置步骤。 + 警告:如果 VeraCrypt 现在退出,以下功能将被禁用:\n\n1)系统热键\n2)自动卸载加密卷(例如注销时,意外的主设备移除,超时,等等)\n3)自动加载收藏加密卷 \n4)提示(例如,当阻止损害隐藏加密卷时)\n\n注意:如果您不希望 VeraCrypt 在关闭程序窗口后以后台方式运行,请在程序参数选择里面禁用后台任务选项。(并且,如有必要,在程序参数里面禁用 VeraCrypt 的自动运行)。\n\n您确定要退出 VeraCrypt 吗? + 退出吗? + VeraCrypt 没有足够信息确定是否要加密还是解密。 + VeraCrypt 无足够的信息来确定加解密状态。\n\n注意:如果您在启动验证环境解密系统分区/驱动器,您可能需要点击 Decrypt(解密)来最后完成解密过程。 + 注意:当你在就地加密非系统卷时持续遇到错误时,直到你完全解密此卷(例如执行"继续被中断的过程")前都无法挂载这个卷(也不能访问卷中的数据)。n\n如果要这样做:\n1)退出这个向导。\n2) 从 VeraCrypt 主窗口的菜单中选择"加密卷" -> "继续被中断的过程"。\n3) 选择 '解密'。 + 您想要中断和推迟对分区/驱动器的加密吗?\n\n注意:要记住这个加密卷在完全加密前是不能被加载的。您可以继续加密过程,加密则会在中断的地方继续。要达到这点,例如,可以从 VeraCrypt 主窗口的菜单中选择〖加密卷〗 -> 〖继续被中断的过程〗。 + 您想要中断和推迟对系统分区/驱动器的加密吗?\n\n注意:您以后也可以从中断位置恢复加密进程。操作如下:在 VeraCrypt 界面中选择〖系统〗 -> 〖继续被中断的过程〗。如果您想永久中止或回滚加密进程,请选择〖系统〗 -> 〖永久解密系统分区/驱动器〗。 + 您想要中断和推迟对系统分区/驱动器的加密吗?\n\n注意:您以后也可以从中断位置恢复加密进程。操作如下:在 VeraCrypt 界面中选择〖系统〗 -> 〖继续被中断的过程〗。如果您想回滚解密进程(和开始加密),选择〖系统〗 -> 〖加密系统分区/驱动器〗。 + 错误:中断加密/解密系统分区或驱动器的操作失败。 + 错误:中断擦除过程时失败。 + 错误:继续加密/解密系统分区或驱动器的操作失败。 + 错误:启动擦除过程时失败。 + 发现不一致性。\n\n\n(如果您使用此链接报告这个错误,请在报告中包含下面信息: %hs) + 错误:未知状态。\n\n\n(如果您报告与之相关的 BUG,请在错误报告里面包含下面的技术信息: %hs) + 没有要恢复的系统分区加密/解密进程。\n\n提示: 要恢复非系统分区加密/解密进程,选择"加密卷" -> "继续被中断的过程"。 + 警告: VeraCrypt 后台任务已禁用。在您退出 VeraCrypt 后,如果设置了阻止损坏隐藏加密卷,您也将无法得到提示。\n\n注意:您可以随时在通过右键单击 VeraCrypt 通知栏图标并 选择〖退出〗来停止后台任务。\n\n\n您要启用 VeraCrypt 后台任务吗? + 语言包版本: %s + 正在检测加载为 %s 的 VeraCrypt 加密卷的文件系统... + 正在试图修复加载为 %s 的 VeraCrypt 加密卷的文件系统... + 警告:该加密卷使用了已废弃的加密算法。\n\n所有 64-位块加密算法(Blowfish,CAST-128,和 Triple DES)已经逐渐不再被使用了。该加密卷在以后版本的 VeraCrypt 可能会被打开。然而以后则不会针对这些废弃算法采取一些改善措施。我们推荐您创建一个使用 128-位块加密算法的 Veracrypt 加密卷(如:AES,Serpent,Twofish,等等)并把使用旧算法的加密卷里面的文件移动到新的加密卷里面去。 + 您的系统未被配置为自动加载新加密卷。 因此也不可能加载设备类的加密卷。自动卸载 可以在执行下列命令后重启系统来启用。\n\n\nmountvol.exe /E + 请在继续前为该设备/分区分配一个盘符(〖控制面板〗 -> 〖系统和维护〗 -> 〖管理工具〗 - 〖创建和格式化分区〗)。\n\n这些是操作系统所要求的。 + 加载 VeraCrypt 加密卷 + 卸载所有 VeraCrypt 加密卷 + VeraCrypt 获取系统管理员权限失败。 + 访问被操作系统拒绝。\n\n可能原因:操作系统要求您对某些文件夹、文件、和设备具有读写权限(或管理员权限),以便您能够从其中读写数据。通常情况下,非系统管理员仅允许在他自己的文档文件夹中创建、读取和修改文件。 + 错误:该驱动器使用了不被支持的扇区尺寸。\n\n如果设备的扇区大于 4096 字节,目前不可能在其上创建 分区/设备 类的加密卷。然而,您可以在此类驱动器上创建文件类型的加密卷。 + 目前情况下,如果安装系统的磁盘扇区尺寸不是 512 字节,则无法在此基础上创建加密系统。 + VeraCrypt 启动管理器要求系统驱动器最前端至少有 32 KB 的未分配空间(VeraCrypt 启动管理器需要安装到该区域)。很不幸,您的驱动器无法满足这个条件。\n\n请不要把这个问题报告为 VeraCrypt 的程序缺陷。要解决这个问题,您需要对硬盘重新分区并保留硬盘的前 32 KB 为空闲状态(大多数情况下,需要您删除和重建第一个分区)。我们推荐您使用微软的分区管理来完成这个操作,例如,当您安装 Windows 时的分区管理程序。 + 此功能不支持当前您正在使用的操作系统版本。 + VeraCrypt 不支持在您当前使用的操作系统版本内加密系统分区/驱动器。 + 在您加密 Windows Vista 的系统分区/设备 前,您需要为 Vista 安装 Service Pack 1 或更高版本的补丁。\n\n提示:Vista Service Pack 1解决了启动系统时的自由基础内存缺陷。 + VeraCrypt 不再支持对未安装 SP 补丁的 Windows Vista 系统的系统分区/设备的加密。在升级 VeraCrypt 之前,请安装 Vista 的 Service Pack 1 或更高补丁版本。 + 错误:此功能要求 VeraCrypt 必须安装于当前系统(您正在以便携模式运行 VeraCrypt)。\n\n请安装 VeraCrypt 之后再试一次。 + 警告:Windows 看起来并未安装在它所启动的驱动器上。此功能目前尚不支持。\n\n尽在您确认 Windows 的确安装在它所启动的驱动器上时,您才应当继续。\n\n您确认要继续吗? + 您的系统驱动器具有 GUID 分区表(GPT)。当前只支持具有 MBR 的分区表。 + 警告:VeraCrypt 启动管理器已经安装到了您的系统驱动器上了!\n\n这可能在您的计算机上已经加密了另外一个系统。\n\n警告:继续加密当前运行的系统可能会导致其它系统无法启动或导致数据无法访问。\n\n您确定要继续吗? + 恢复原来的系统启动管理器时失败。\n\n请使用您的 VeraCrypt 应急盘('Repair Options' > 'Restore original system loader')或者 Windows 安装盘来清除 VeraCrypt 启动管理器。 + 原来的系统引导器没有保存到应急盘上(可能原因:备份文件丢失)。 + 写入 MBR 扇区时失败。\n\n您的 BIOS 可能设置为保护了 MBR 扇区或一些还原软件也会保护 MBR。请确认没有安装保护 MBR 的还原软件和检查您的 BIOS 设置(启动计算机后按 F2,Delete,或 Esc)中的 MBR/反病毒保护。 + 警告: 验证VeraCrypt 启动管理器的指纹失败!\n你的磁盘可能已被攻击者篡改("Evil Maid" 攻击)。\n\n如果你使用急救盘恢复了VeraCrypt 启动管理器或者使用了一个不同版本的VeraCrypt,也可能出现此错误消息。\n\n建议你立即更新密码并还原成原来的VeraCrypt 启动管理器。推荐重新安装VeraCrypt并采取措施阻止非信任的用户访问设备。 + 所要求版本的 VeraCrypt 启动管理器当前没有安装。这可能导致某些设置无法保存。 + 提示:在某些环境,您可能希望避免外人(攻击者)在您启动计算机时看到您使用 VeraCrypt 加密了系统。上面的选项允许您自定义 VeraCrypt 启动管理器屏幕比避免此类事情发生。如果您启用了第一个选项,在启动验证屏幕不会显示任何文本(即时输入错误密码也不会提示)。在输入密码的时候计算机看起来就像被冻结的一样。此外,也可以显示自定义的信息来误导攻击者。例如,例如“Missing operating system”之类的英文信息(这个信息在 Windows 启动管理器未发现启动分区的时候显示)。然而,必须要提醒的是,如果攻击者分析硬盘的内容,他仍然可以发现硬盘上存在 VeraCrypt 启动管理器。 + 警告:请记住,如果您启用此选项,VeraCrypt 启动管理器不会显示任何文本(即便是输错密码也不会显示任何文本)。计算机在够输入密码的时候计算机看起来就像被冻结(没有响应)一样(光标不会移动并且在按下按键的时候也不会显示掩码)。\n\n您确认要启用此选项吗? + 您的系统分区/驱动器看起来已经完全加密了。 + VeraCrypt 不支持加密已经转换为动态磁盘的系统驱动器。 + 该系统驱动器包含扩展(逻辑)分区。\n\n 您只能在 Windows Vista 或以后版本中加密包含扩展(逻辑)分区的整个系统驱动器。而在 Windows XP 系统中,您只可以加密仅含有一个主分区的整个系统驱动器。\n\n请注意:您仍然可以加密系统分区,来取代加密整个驱动器(并且,有别于加密整个驱动器,您可以在驱动器上的任何非系统分区创建分区类型的 VeraCrypt 加密卷)。 + 警告: 由于您运行的系统为 Windows XP/2003,在您开始加密驱动器之后,您一定不要在其上面再创建建扩展(逻辑)分区(您只可以创建主分区)。当您开始加密以后,任何的扩展分区均将无法再继续访问。\n\n说明:如果您无法接受这个条件,您可以返回和选择只加密系统所在分区而不是选择加密系统所在硬盘驱动器(另外,您可以在驱动器上的任何非系统分区创建分区类型的加密卷)。\n\n作为替代方案,如果您无法接受这个条件,您也可以考虑升级到 Windows Vista 或以后版本(您只可以在 Windows Vista 或以后版本中加密包含扩展/逻辑分区的整个驱动器)。 + 您的系统驱动器包含非标准分区。\n\n如果您正使用笔记本电脑,您的系统驱动器可能包含特别的恢复分区。当整个系统驱动器被加密后(包括任何恢复分区),如果计算机使用设计不当的BIOS系统可能无法启动。在系统盘解密前,也将无法使用任何恢复分区。因此,我们建议您只加密系统分区。 + 您确认要加密系统所在分区,而不是加密整个硬盘吗?\n\n说明:除了加密系统所在分区之外,您可以在该硬盘驱动器上的非系统分区创建分区类型的 VeraCrypt 加密卷。 + 由于您的系统驱动器仅包含一个占据了整个驱动器的分区,更适合(更安全)加密整个包含松散空间(通常位于这样分区的周围)的驱动器。\n\n您希望加密整个系统驱动器吗? + 您的系统已配置为在非系统分区存储临时文件。\n\n临时文件应该只位于系统分区(出于安全考虑)。 + 您的用户配置文件并非设置在系统分区。\n\n用户配置文件应该只存储于系统分区(出于安全考虑)。 + 非系统分区存在页面文件。\n\n页面文件应该只存储于系统分区(出于安全考虑) + 您想要设置 Windows 仅在 Windows 分区生成页面文件吗?\n\n请注意,如果您点击〖是〗,计算机将会重新启动。之后请启动 VeraCrypt 和尝试再次创建隐形系统。 + 否则,隐形系统的隐蔽性将会受到严重影响。\n\n说明:如果攻击者分析这些文件的内容(存在于非系统分区中),他可能会发现您在隐形系统创建模式里面使用了此向导(这可能暗示计算机上存在隐形系统)。还需说明的是,存储于系统分区的此类文件,在隐形系统创建过程中将会被安全擦除。 + 警告:在隐形系统创建过程中,您将会被要求全新安装当前运行的操作系统(以便安全创建迷惑系统)。\n\n说明:当前运行的操作系统和该系统分区的全部内容将会被复制到隐藏加密卷(以便创建隐形系统)。\n\n\n您确认您将使用 Windows 安装介质安装此系统吗(或使用服务分区)? + 安全起见,如果当前运行的操作系统需要激活,则必须在继续进行克隆前激活。注意到隐形操作系统将通过复制当前操作系统的内容到隐藏加密卷来得以创建(因此如果当前操作系统未激活,则隐形操作系统也处于未激活状态)。更多信息,请参考《VeraCrypt User's Guide》的 "Security Precautions Pertaining to Hidden Volumes" 章节。\n\n重要:在继续进行前,确认您已经阅读了《VeraCrypt User's Guide》的 "Security Precautions Pertaining to Hidden Volumes" 章节。\n\n\n当前运行的操作系统满足上面的条件吗? + 您的系统使用了一个额外的启动分区。VeraCrypt 不支持使用额外启动分区的隐形系统的休眠(迷惑系统完全可以休眠)。\n\n请注意,启动分区应当被迷惑系统和隐形系统所共同使用。因此,为了防止数据泄露和由于休眠所导致的问题,VeraCrypt 只能阻止隐形系统写入数据到共用的启动分区和阻止隐形系统使用休眠。\n\n\n您确认要继续吗?如果选择〖否〗,则会显示移除额外启动分区的提示信息。 + \n在安装 Windows 之前可以移除额外的启动分区。想要如此,请遵循以下步骤(译者注:这些步骤没有在XP安装光盘看到,请读者自悟吧,抱歉):\n\n1)启动您的 Windows 安装光盘。\n\n2)在 Windows 安装屏幕,选择 '现在安装' -> '自定义(高级)'。\n\n3)点击 '驱动器 选项'。\n\n4)选择主系统分区并选择删除这个分区,之后再确认删除(安装盘删除分区的时候会多次确认)。\n\n5)选择 '系统保留' 分区,选择 '扩展',并增加它的大小直到可以安装系统为止。\n\n6)选择 '应用' 和确认。\n\n7)安装 Windows 到 '系统保留' 分区。\n\n\n如果攻击者询问您移除额外启动分区的原因,您可以回答是因为您不希望数据泄露到未加密的启动分区。\n\n注意:您可以通过点击下面的“打印”按钮打印这些文本。如果您打印了这些文本,强烈建议您在移除额外启动分区后销毁这些纸张(否则,如果这些纸张被发现,可能暗示着存在隐形系统)。 + 警告:在系统分区和其后的第一个分区之间存在未分配空间。在您创建隐形操作系统之后,您必须不能在此未分配空间上创建任何新的分区,否则,隐形操作系统将无法启动(直到删除了这个新创建的分区)。 + 此算法当前不支持系统加密。 + 当使用TrueCrypt模式时不能使用这个算法。 + 当使用TrueCrypt模式时不能使用PIM 。 + 要使用这个PIM数值,你的密码必须大于20个字符。\n如果密码小于20个字符,只能使用485以上的PIM。 + 要使用这个PIM数值,你的启动验证密码必须大于20个字符。\n如果密码小于20个字符,只能使用98以上的PIM。 + 密钥文件当前不支持用在系统加密中。 + 警告:VeraCrypt 不能存储原始键盘布局。这可能导致您无法正确输入密码。 + 错误:不能设置 VeraCrypt 键盘布局为标准的美国键盘布局。\n\n说明:在 Windows 启动前的启动验证里需要输入密码,此时非美国标准键盘布局不可用。因此,密码必须使用标准的美国键盘布局输入。 + 由于 VeraCrypt 临时改变键盘布局为标准的美国键盘,目前在按下 ALT 按键的情况下无法通过键盘输入字符。然而您可以按下 Shift 键的时候输入大多数此类字符。 + VeraCrypt 会阻止对键盘布局的修改。 + 说明:在 Windows 启动前的启动验证里需要输入密码,此时非美国标准键盘布局不可用。因此,密码必须使用标准的美国键盘布局输入。然而,这不需要您必须使用真实的美国键盘。VeraCrypt 在您没有美国键盘的情况下也能够自动的保证您能够安全的输入密码(现在和启动验证环境)。 + 在您加密系统分区/驱动器前,您必须创建一个 VeraCrypt 应急盘,用途如下:\n\n- 如果 VeraCrypt 启动管理器、主密钥、或其它关键数据损坏了,可以使用应急盘修复它们(当然您必须输入正确的密码)。\n\n- 如果 Windows 系统损坏了并且无法启动,您可以在 Windows 启动前使用应急盘永久解密这个分区/驱动器。\n\n- 应急盘包含第一个柱面当前内容的备份(通常包含系统引导器或者启动管理器),在必要的时候您可以恢复它们。\n\nVeraCrypt 应急盘 ISO 映像文件将会在下面指定位置创建。 + 在您点击确定后,微软的 Windows 磁盘映像刻录器将会被启动。请使用它刻录 VeraCrypt 应急盘映像文件到 CD 或 DVD 中。\n\n在操作完这些之后,请返回到 VeraCrypt 加密卷创建向导并遵循向导的指令。 + 应急盘 ISO 镜像文件已经创建并存储为文件: %s\n\n现在您需要把应急盘刻录到 CD 或 DVD。\n\n在刻录应急盘后,点击〖下一步〗按钮验证应急盘已经成功刻录。\n\n%ls在刻录完应急盘之后,请点击〖下一步〗按钮验证应急盘是否被成功刻录。 + 应急盘映像文件已经被创建并且存储为文件: %s\n\n现在您应当刻录该应急盘到 CD/DVD 中去或者移动该 ISO 文件到一个安全的位置以备以后使用。\n\n%ls点击〖下一步〗继续。 + 重要:请注意,映像文件必须以 ISO 磁盘映像文件的方式刻录到 CD/DVD 中去(不能刻录为单个的数据文件)。要获取更多的关于如何刻录 ISO 文件的信息,请参考您的 CD/DVD 刻录软件的说明书。如果您还没有刻录 ISO 镜像文件的光盘刻录软件,请点下面链接下载这样的免费刻录软件。\n\n + 启动微软 Windows 磁盘映像刻录器 + 警告:如果您已经创建了 VeraCrypt 应急盘,它将不能再用于系统分区/驱动器,这是因为您每次加密系统分区/驱动器时都会使用不同的主密钥,尽管您使用的是同样的密码,您也必须创建一个新的 VeraCrypt 应急盘。 + 错误:不能保存系统加密设置。 + 不能初始化系统加密预测试。 + 不能初始化创建隐形操作系统的过程。 + 擦除模式 + 在某些存储介质上,当数据被其他数据覆盖后,也仍有可能通过磁力显微技术恢复出来被覆盖的数据。这也包括一些被加密方式覆盖的数据(这在 VeraCrypt 加密那些原来没有加密的系统分区或系统驱动器时可能会发生)。根据一些研究机构和政府机构发布的文献,通过使用伪随机或非随机数据覆盖一定次数可以阻止数据恢复或使数据恢复变的异常困难。因此,如果您确认攻击者可能会使用类似磁力显微技术恢复您的加密数据,您可以选择下拉列表中几种擦除算法中的一种(已经存在的数据不会丢失)。需要说明的是在分区/驱动器加密后不需要再执行擦除操作。当分区/驱动器被完全加密后,不会再有非加密数据向其写入。写入加密卷中的任何数据都是在内存中实时加密,然后这些已加密数据才会被写入到磁盘。 + 在某些存储介质上,当数据被其他数据覆盖后,也仍有可能通过磁力显微技术恢复出来被覆盖的数据。根据一些研究机构和政府机构发布的文献,通过使用伪随机或非随机数据覆盖一定次数可以阻止数据恢复或使数据恢复变的异常困难。因此,如果您确认攻击者可能会使用类似磁力显微技术恢复您的加密数据,您可以选择下拉列表中几种擦除算法中的一种(已经存在的数据不会丢失)。\n\n说明:擦除次数越多,花费的时间越长。 + 正在擦除 + \n说明:您可以中断擦除的过程,关闭您的计算机,重新启动隐形系统并在此后继续这个过程(该向导将会被自动运行)。然而,如果您中断此过程,整个擦除将会从头开始执行。 + \n\n说明:如果您中断了擦除的过程并想在以后继续擦除,整个的过程将不得不从头开始。 + 您确认要放弃擦除过程吗? + 警告:所选 分区/设备 的全部内容将会被擦除并因此而丢失。 + 原始操作系统所在的分区将会被擦除。\n\n说明:该分区的全部内容已经复制到了隐形系统分区。 + 警告:请注意如果使用 3-次擦除模式,加密驱动器/分区需要时间将会增加为原来的4倍。同样,如果选择35-次擦除模式,所消耗的时间会为原来的36倍(如果分区容量很大,很可能花费几周的时间)。\n\n然而,请注意在分区/驱动器完全加密后【无须】再对其执行擦除操作。在分区/驱动器被完全加密后,将不会再有非加密的数据向该分区/驱动器写入。所有写入的数据首先都会在内存中即时加密,之后才会向分区/驱动器写入加密的数据(因此并不会影响性能)。\n\n您确认要使用这种擦除模式吗? + 无(最快) + 1-次擦除(随机数据) + 3-次擦除(US DoD 5220.22-M) + 7-次擦除(US DoD 5220.22-M) + 35-次擦除("Gutmann") + 256-次擦除 + 操作系统数目 + 警告:入门用户请勿尝试加密多重启动方式的 Windows 。\n\n希望继续吗? + 当创建或使用隐形操作系统时,只有满足如下条件时,VeraCrypt 才支持多重启动配置:\n\n- 当前运行操作系统必须安装在启动驱动器,并且该驱动器中不能包含其它操作系统。\n\n- 安装在其它驱动器的操作系统不能使用任何位于当前运行操作系统所在驱动器中的启动管理器。\n\n确认满足以上条件吗? + 在创建或使用隐形操作系统时,VeraCrypt 不支持此多重启动配置。 + 引导驱动器 + 当前运行的操作系统安装到了引导驱动器上了吗?\n\n说明:有时 Windows 可能并未安装到 Windows 启动管理器(活动分区)分区上。如果属于这种情况,请选择〖否〗。 + VeraCrypt 当前不支持加密安装到非活动分区上的系统。 + 系统驱动器数目 + 有多少个驱动器含有操作系统?\n\n说明:例如,您在主驱动器上安装了任意系统(例如:Windows,Mac OS X,Linux,等等),在第二个驱动器上安装了其它的操作系统,这时就选择“2 个或多个”。 + VeraCrypt 目前不支持对包含多个操作系统的整个硬盘驱动器的加密。\n\n可能的解决方法:\n\n- 您可以后退并选择只加密单系统分区加密其中的一个系统(与选择加密整个系统驱动器相反)。\n\n- 或者,您也可以把要加密的驱动器中的其它系统迁移到其它的驱动器,而只在其中保留一个系统。 + 单驱动器中包含多个系统 + 在当前运行的系统所安装的驱动器中,是否包含其它任何操作系统?\n\n说明:例如当前运行的操作系统安装在驱动器 #0,该驱动器包含几个分区,其中一个分区安装了 Windows 系统,而另一个分区安装了其它任何操作系统(例如:Windows,Mac OS X,Linux,等等),请选择〖是〗。 + 非 Windows 启动管理器 + 是否安装了一个非 Windows 启动管理器(或启动管理器)到 MBR 中了吗?\n\n说明:例如,可启动的驱动器的第一个柱面包含 GRUB、LILO、XOSL,或其它非 Windows 启动管理器(或启动管理器),则选择“是”。 + 多重启动 + VeraCrypt 目前不支持在 MBR 中安装的非 Windows 多重启动管理器。\n\n可能的解决办法:\n\n- 如果您使用了一个启动管理器来启动 Windows 或 Linux,把启动管理器(典型的,例如 GRUB)从 MBR 中迁移到分区上。之后再次启动向导和加密系统分区/设备。说明:VeraCrypt 启动管理器将会成为主启动管理器,并且会允许您把原来的启动管理器(例如 GRUB)作为第二启动管理器(通过在 VeraCrypt 启动管理器屏幕按下 ESC 按键),因此您仍然可以启动 Linux。 + 如果当前运行的系统安装在活动分区上,随后,在您加密了该分区后,尽管您想要启动其它未加密的系统,您仍然要输入正确的密码(因为它们都会共享同一个加密的 Windows 启动管理器)。\n\n相反的,如果当前运行的系统并没有安装到 Windows 的启动分区(或者如果其它系统并未使用 Windows 启动管理器),随后,在您加密了该分区后,您在启动其它未加密的系统时不需要输入正确的密码 -- 您只需按 ESC 按键来启动未加密的系统(如果存在多个未加密的系统,您也同样需要在 VeraCrypt 的启动管理器中选择要启动的系统)。\n\n说明:通常情况下,最早安装的那个系统一般都会安装到启动分区。 + 加密主机保护区域(Host Protected Area) + 在很多硬盘的尾部,存在一个相对于操作系统隐藏的区域(这些区域通常被称作主机保护区域)。然而,某些程序可以从这些区域中读写数据。\n\n警告:某些计算机供应商可能使用这些区域存储用于 RAID、系统恢复、系统设置、诊断的工具和数据,或用于其它目地。如果此类工具和数据必须在启动前访问,那么这些隐藏区域不应当被加密(在上面选择〖否〗)。\n\n您希望 VeraCrypt 检测和解密系统驱动器尾部这些隐藏区域吗? + 系统加密类型 + 如果您只想加密系统分区或整个系统驱动器,请选择此项。 + 可能存在某些人强迫您解密操作系统的情况。在很多情况下您可能无法拒绝泄漏密码(例如,被勒索)。如果选择此选项,您将会创建一个没有任何手段可以识别的隐形操作系统(当然这得需要您遵循一定的步骤创建)。因此,您一定不要解密或者泄漏隐形操作系统的密码(译者注:这是因为隐形操作系统的存在只有您才知道,您不说的情况下没有任何手段可以检测到),如若获取更多信息,请单击下面链接。 + 可能存在某些人强迫您解密操作系统的情况。在很多情况下您可能无法拒绝泄漏密码(例如,被勒索)。\n\n使用本向导,您将能够创建一个没有任何手段可以识别的隐形操作系统(当然这得需要您遵循一定的步骤创建)。因此,您一定不要解密隐形系统或者泄漏隐形操作系统的密码(译者注:这是因为隐形操作系统的存在只有您才知道,您不说的情况下没有任何手段可以检测到)。 + 隐形操作系统 + 在后面步骤中,您将在系统分区之后的分区中创建两个 VeraCrypt 加密卷(外层的和隐藏的)。隐藏加密卷将包含隐形操作系统。VeraCrypt 将通过复制系统分区(即当前系统所在分区)的内容到隐藏加密卷来创建隐形操作系统。对于外层加密卷而言,您可以复制一些您实际上并不想隐藏的貌似敏感的文件。它们将用来对付那些强迫您说出隐藏系统分区密码的人。您可以把含隐形操作系统的外层加密卷的密码告诉它们(此时仍然无法发现是否存在隐形操作系统)。\n\n最后,在当前当前运行的系统的分区,您将会安装一个新的系统并加密以后作为迷惑系统来使用。这个迷惑系统不要含有任何敏感文件并且用来对付那些强迫您说出启动验证密码的人。总而言之,一共有三个密码,两个密码用于对付那些攻击者(分别对应迷惑操作系统和外层加密卷。如果您使用第三个密码,则将会启动隐形操作系统。 + 正在检测隐藏扇区 + 当 VeraCrypt 正在检测系统驱动器尾部可能存在的隐藏扇区时,请稍候。注意该操作可能花费较长时间才能完成。\n\n注意:在极少数情况下,某些计算机环境中,系统可能在检测过程中失去响应。如果发生此情况,重启计算机,运行 VeraCrypt,重复前面步骤并跳过此检测过程。此问题并不是 VeraCrypt 程序错误。 + 要加密的区域 + 如果您想加密操作系统安装和启动的分区,请选择此项。除了 VeraCrypt 启动管理器存放的第一个柱面之外,包括所有分区的整个硬盘驱动器将会被加密。任何要访问该驱动器上系统或文件的人都需要每次在系统启动前输入正确的密码。如果 Windows 并未安装到第二块或外部驱动器上并且没有从这些驱动器上启动,此选项不能用于加密第二块或外部驱动器。 + 正在搜集随机数据 + 密钥已生成 + VeraCrypt 未在系统上发现刻录机。VeraCrypt 需要 CD/DVD 刻录机来刻录一张可启动的 VeraCrypt 应急盘,应急盘包含密钥、VeraCrypt 启动管理器、原始启动管理器等信息的备份。\n\n我们强烈建议您刻录一张 VeraCrypt 应急盘。 + 我没有 CD/DVD 刻录机,但是我想在可移动驱动器上存放应急盘 ISO 映像文件(例如,USB 闪存)。 + 我将会在以后添加 CD/DVD 刻录机到电脑上。现在终止创建过程。 + 现在 CD/DVD 刻录机已经连接到电脑上了。继续并且刻录应急盘。 + 请遵循下面步骤:\n\n1)现在连接可移动驱动器到电脑上,例如 USB 闪存。\n\n2)复制 VeraCrypt 应急盘映像文件(%s)到可移动驱动器上。\n\n考虑到您以后有使用 VeraCrypt 应急盘的可能,建议您把这个可移动驱动器连接到其它有刻录机的电脑上,使用这个映像文件刻录一张应急盘。重要:请注意,VeraCrypt 应急盘映像文件必须以映像文件方式刻录,不能刻录为数据光盘。 + 正在刻录应急盘 + 应急盘已创建 + 系统加密预测试 + 应急盘已验证 + \nVeraCrypt 应急盘已成功验证。请从光驱中取出应急盘并把它存放到安全的地方。\n\n点击〖下一步〗继续。 + 警告:在下面步骤中,VeraCrypt 应急盘必须不能放在光驱中。否则就不可能正确完成此步骤。\n\n请从光驱中取出应急盘并把他放在一个安全的地方,之后点〖确定〗按钮。 + 警告:由于启动验证环境(即在 Windows 系统启动前)的技术局限,VeraCrypt 在启动验证环境显示的文本不能汉化。VeraCrypt 启动管理器的界面完全为英文模式。\n\n确认继续吗? + 在加密系统分区或启动前,VeraCrypt 需要验证每个环节都正确无误。\n\n在点击〖测试〗按钮以后,所有的组件(例如,启动验证组件,即 VeraCrypt 启动管理器)将会被安装并且您的计算机将会重启。之后您需要在 Windows 启动前的 VeraCrypt 启动管理器界面输入您的密码。在 Windows 启动后,程序将会自动通知您测试的结果。\n\n以下设备将会被修改: 驱动器 #%d\n\n\n如果您点击〖取消〗,将不会安装任何内容并且预测试将不会被执行。 + 重要提示 -- 请仔细阅读或打印(点击〖打印〗):\n\n注意:在您成功重启计算机和启动 Windows 前,您的文件并没有被加密。因此,如果出现任何失败,您的数据不会丢失。然而,如果过程中发生某些错误,您可能在启动 Windows 时会遇到麻烦。因此,请阅读(如果可能,请打印)下面的操作指南,以了解在重启计算机后不能启动 Windows 时如何操作。\n\n + 不能启动 Windows 时如何操作 ------------------------------------------------\n\n注意:这些指令仅在您还没有开始加密时有效。\n\n- 如果在输入正确的密码后 Windows 未能启动(或者您持续的输入正确的密码但 VeraCrypt 始终提示密码错误),请不要惊慌。重启计算机(或关机后再开机),在 TrueCrpyt 启动管理器屏幕,按下键盘的 ESC 按键(并且如果您有多个系统,就选择启动哪个系统)。之后 Windows 应当会启动(此时尚未加密系统)并且 VeraCrypt 会自动询问您是否要卸载启动验证组件。如果由于系统分区/驱动器已经加密而导致前面步骤无效(没有正确的密码,没有人可以启动加密系统或者访问该驱动器上的加密数据,即使他遵循前面步骤)。\n\n + - 如果前面步骤无效或者 VeraCrypt 启动管理器屏幕并没有出现(在 Windows 启动前),请在光驱中插入 VeraCrypt 应急盘并重启计算机。如果 VeraCrypt 启动管理器屏幕没有出现 或者如果您在启动管理器屏幕的 'Keyboard Controls' 部份没有看到 'Repair Options' 项目,很可能您的 BIOS 设置了硬盘优先于光驱启动。如果是这种情况,重启计算机,当您一看到 BIOS 启动屏幕的时候按下 F2 或 DEL 按键,直到 BISO 设置界面出现。如果 BIOS 设置界面没有出现,再次重启计算机,在您按下重启键的时候就按住 F2 或 DEL 按键。当 BIOS 设置界面出现时,配置您的 BIOS 优先从光驱启动(相关信息可以参考您的主板说明书或者资讯您的计算机供应商寻求技术协助)。之后重启计算机。VeraCrypt 启动管理器应该就会从应急盘中启动了。在VeraCrypt 启动管理器屏幕,按下键盘的 F8 按键选择修复选项(Repair Options)。在修复选项 'Repair Options' 菜单,选择 'Restore VeraCrypt Boot Loader'(恢复启动管理器)。之后从光驱中取出应急盘并重启计算机。之后 Windows 应当会启动(此时尚未加密系统)。\n\n + 注意,如果由于系统分区/驱动器已经加密而导致前面步骤无效(没有正确的密码,没有人可以启动加密系统或者访问该驱动器上的加密数据,即使他遵循前面步骤)。\n\n\n即使您丢失了您的 VeraCrypt 应急盘并且被攻击者发现了,他们没有正确的密码也无法解密已经加密了的系统分区或驱动器。 + 预测试已经完成 + 预测试已经成功完成。\n\n警告:请注意,加密时如果遇到突然断电、或者加密时由于软硬件故障而导致的电脑死机,可能会损坏或丢失一些数据。因此,在您开始加密前,请确认您已经备份了要加密的数据。如果您还没有备份,请现在就备份这些数据(您可以点击〖推迟〗,备份文件,之后在以后的任何时候再运行 VeraCrypt,并选择〖系统〗->〖继续被中断的进程〗来启动加密)。\n\n当一切准备就绪时,点击〖加密〗开始执行加密过程。 + 您可以在任何时候点击〖暂停〗或者〖推迟〗以中断加解密进程、退出向导、重启或关闭计算机,并在以后继续中断的进程,继续时将会从中断位置开始。为防止系统或程序读写系统盘盘造成性能变差,VeraCrypt 会自动等待数据读写完毕后(参考上面的状态)自动继续加解密。 + \n\n您可以在加密过程的任何时候点击〖暂停〗或者〖推迟〗,来中断加密的过程,退出向导,重启计算机,并在此后继续该过程,继续的时候将会从上次中断之处开始。注意:此加密卷在完全加密之前无法被加载。 + \n\n您可以在解密过程的任何时候点击〖暂停〗或者〖推迟〗,来中断解密的过程,退出向导,重启计算机,并在此后继续该过程,继续的时候将会从上次中断之处开始。注意:此加密卷在完全解密之前无法被挂载。 + 隐形系统已启动 + 原始系统 + Windows 会在系统分区创建(通常情况下,您并不知道或者同意)不同的日志文件、临时文件等等。同时也会在系统分区存储内存中的内容到休眠文件或虚拟内存页面文件。因此,如果攻击者分析原始系统(即隐形系统所克隆的系统来源)所在分区的文件,他可能会发现,例如,您使用过 VeraCrypt 向导的隐形系统创建模式(因此可能暗示计算机中存在隐形系统。\n\n要预防此类问题,在后面步骤中,VeraCrypt 将会安全擦除原始系统所在分区的所有内容。在此之后,为了达到隐蔽性,您需要在此分区上安装新的操作系统并使用 VeraCrypt 加密它(即成为所谓的迷惑系统)。因此您将会创建完成这个迷惑系统并且整个隐形系统的创建过程也会相应的完成。 + 隐形系统已经成功创建。然而,在您使用隐形系统(以及达到隐蔽性)之前,您需要安全擦除当前运行的系统所在分区的全部内容(使用 VeraCrypt)。在您这样做之前,您需要重启计算机,并在之后的VeraCrypt 启动管理器屏幕(在 Windows 启动前出现),输入隐形系统的密码。之后,在隐形系统启动后,VeraCrypt 向导将会自动加载。\n\n说明:如果您现在选择终止隐形系统的创建过程,您将【无法再】继续该过程并且隐形系统将【不能再】被访问(这是因为 VeraCrypt 启动管理器将会被移除)。 + 您已经设置了创建隐形系统的计划任务。该计划尚未完成。要完成该计划,您需要重启计算机,并在 VeraCrypt 启动管理器屏幕(在 Windows 启动前出现),输入隐形系统的密码。\n\n注意:如果您现在选择终止隐形系统的创建过程,您将【无法】再继续该过程。 + 重启计算机并继续 + 永久终止隐形系统的创建过程 + 什么也不做并在以后询问 + \n如果可能,请打印此段文本(单击下面的〖打印〗按钮)。\n\n\nVeraCrypt 应急盘使用时机和使用方法(加密后)-----------------------------------------------------------------------------------\n\n + I. 如何启动 VeraCrypt 应急盘\n\n要使用 VeraCrypt 应急盘,把应急盘插入光驱并重启计算机。如果 VeraCrypt 应急盘屏幕并没有出现(或者如果您在启动管理器屏幕的 'Keyboard Controls〗 部份没有看到 'Repair Options' 项目),很可能您的 BIOS 设置了硬盘优先于光驱启动。如果是这种情况,重启计算机,当您一看到 BIOS 启动屏幕的时候按下 F2 或 DEL 按键,直到 BISO 设置界面出现。如果 BIOS 设置界面没有出现,再次重启计算机,在您按下重启键的时候就按住 F2 或 DEL 按键。当 BIOS 设置界面出现时,配置您的 BIOS 优先从光驱启动(相关信息可以参考您的主板说明书或者资讯您的计算机供应商寻求技术协助)。之后重启计算机。VeraCrypt 启动管理器应该就会从应急盘中启动了。提示:在VeraCrypt 启动管理器屏幕,您可以按下键盘的 F8 按键选择修复选项(Repair Options)。\n\n\n + II. VeraCrypt 应急盘使用时机和使用方法(加密后)\n\n + 1)如果在您启动计算机前没有出现 VeraCrypt 启动管理器屏幕(或者 Windows 没有能够启动),那么 VeraCrypt 启动管理器可能已经损坏。VeraCrypt 应急盘允许您恢复启动管理器并重新获取对加密系统和数据的访问(当然您仍然需要输入正确的密码)。在应急盘屏幕选择修复选项 'Repair Options' > 'Restore VeraCrypt Boot Loader'(恢复启动管理器)。之后按下 'Y' 按键确认操作,从光驱中取出应急盘并重启计算机。\n\n + 2)如果您持续输入正确密码而 VeraCrypt 仍然提示密码错误(password is incorrect),很可能是主密钥或其它关键数据已经毁坏。VeraCrypt 应急盘允许您恢复这些数据因此就可以重新访问这些加密的系统和数据了(当然您仍然需要输入正确的密码)。在应急盘屏幕,选择修复选项 'Repair Options' > 'Restore key data'(恢复密钥数据)。之后输入您的密码,按下键盘的 'Y' 确认操作,从光驱中取出应急盘并重启计算机。\n\n + 3)如果 VeraCrypt 启动管理器被恶意程序损坏了或感染了,您可以通过运行应急盘来避免运行恶意程序。在光驱中插入应急盘之后在应急盘屏幕输入您的密码。\n\n + 4)如果 Windows 已经损坏并且不能启动,VeraCrypt 应急盘也可以允许您在启动 Windows 前永久解密分区/驱动器,在应急盘屏幕,选择修复选项 'Repair Options' > 'Permanently decrypt system partition/drive'(永久解密系统分区/驱动器)。之后输入正确的密码直到解密完成。接下来,您就可以启动 Windows 的安装光盘来修复 Windows 了。\n\n + 提示:另外一种方式,如果 Windows 已经损坏不能启动,您需要修复它(或者访问其上的文件),您可以通过以下步骤避免解密系统分区/驱动器:如果您在计算机上安装了多个操作系统,启动其中的某个不需要启动验证的系统。如果您的计算机没有安装多个操作系统,您可以启动一个 WinPE 或者 BartPE CD/DVD 系统,或者是把硬盘驱动器连接到其它计算机上作为从盘并启动其它计算机上的系统。在启动到此类系统环境之后,运行 VeraCrypt,点击〖选择设备〗,选择该受影响的系统分区,点击〖确定〗,选择〖系统〗->〖以非启动验证方式加载〗,输入您的启动验证密码并点击〖确定〗按钮。该分区将会以常规 VeraCrypt 加密分区的方式加载(数据也会象常规加密卷数据一样在内存中即时加解密)。\n\n\n + 注意:即使您丢失了您的 VeraCrypt 应急盘并且被攻击者发现了,他们没有正确的密码也无法解密已经加密了的系统分区或驱动器。 + \n\n重要 -- 如有可能请打印出来(点击〖打印〗)。\n\n\n注意:这些文本在您每次启动隐形系统时会自动显示,直到您开始创建迷惑系统。\n\n\n + 如何成功和安全的创建迷惑系统 ----------------------------------------------------------------------------\n\n为了达到隐蔽性的目地,您现在应当创建迷惑系统。要达到这个目地,请遵循如下步骤:\n\n + 1)安全考虑,关闭您的计算机并保持关机状态几分钟(时间越长越好)。这是出于清除内存中敏感数据的需要。之后打开计算机但不要启动隐形系统。\n\n + 2)在已擦除内容的原系统分区上安装 Windows(也就是之前隐形系统克隆的系统源分区)。\n\n重要:在您开始安装迷惑操作系统时,隐形系统将无法启动(这是因为 VeraCrypt 启动管理器将会被 Windows 系统安装程序所清除)。这种情况是很正常的,遇到了请不必惊慌。一旦您开始加密迷惑系统,您就能够启动隐形系统了(这是因为 VeraCrypt 之后会自动在系统启动器上安装 VeraCrypt 启动管理器)。\n\n重要:迷惑系统分区的大小必须等于隐藏加密卷的大小(此条件已达到)。并且,您必须不能在迷惑系统分区和隐形系统所在分区之间创建任何分区。\n\n + 3)启动迷惑系统(即您在前面的第 2) 步中安装的并把 VeraCrypt 安装到其中的那个系统)。\n\n必须牢记迷惑系统中从来都不要包含任何敏感数据。\n\n + 4)在迷惑系统中,运行 VeraCrypt 并选择〖系统〗->〖加密系统分区/驱动器〗。将会出现 VeraCrypt 加密卷创建向导。\n\n VeraCrypt 加密卷创建向导中执行以下步骤。\n\n + 5)在 VeraCrypt 加密卷创建向导中,不要选择“隐藏” 选项。保持“常规”选项为选中状态并点击〖下一步〗。\n\n + 6)选择选项“加密 Windows 系统分区”并点击〖下一步〗。\n\n + 7)如果计算机中只安装了一个隐形系统和迷惑系统,请选择“单系统”(如果在这两个系统之外还有其它系统,请选择“多系统”)。之后点击〖下一步〗。\n\n + 8)重要:在本步中,对于迷惑系统,您必须选择与加密隐形系统相同的加密算法和哈希算法!否则将无法访问隐形系统。换句话说,迷惑系统和隐形系统的加密算法必须系统。说明:原因是迷惑系统和隐形系统共用一个单启动管理器,这个管理器只支持用户选择的某个单一算法(对于每种算法,都会对应一个特定的 VeraCrypt 启动管理器版本)。\n\n + 9)在这个步骤中,为迷惑系统选择一个密码。当您被要求或者强迫提供启动验证密码时您可以泄漏这个迷惑系统的密码(另外一个可以泄漏的密码是外层加密卷密码)。而第三个密码(也就是启动验证里面用于启动隐形系统的密码)仍然是保密的。\n\n重要:迷惑系统的密码必须完全不同于隐藏加密卷的密码(隐藏加密卷的密码也就是隐形操作系统的密码)。\n\n + 10)遵循向导的其余指令以加密迷惑操作系统。\n\n\n\n + 在迷惑操作系统创建之后 ------------------------------------------------\n\n在您加密了迷惑操作系统之后,这个隐形系统的创建就完成了,这时您可以使用三个密码:\n\n1)启动验证中用于启动隐形系统的密码。\n\n2)启动验证中用于启动迷惑操作系统的密码。\n\n3)用于外层加密卷的密码。\n\n + 如果您想启动隐形操作系统,只需要在 VeraCrypt 启动管理器屏幕(该屏幕出现于您开机或者重启系统的时候)输入隐形操作系统的密码。\n\n如果您想启动迷惑操作系统,只需要在 VeraCrypt 启动管理器屏幕输入迷惑操作系统的密码即可。\n\n迷惑操作系统的密码可以泄漏给强迫您说出密码的人,而此时隐藏加密卷(以及隐形操作系统)的存在仍然是保密的。\n\n + 第三个密码(外层加密卷的密码),可以泄漏给强迫您说出系统分区之后那个分区密码的人(这个分区包含外层加密卷和隐藏加密卷,隐藏加密卷中即为隐形系统)。而此时隐藏加密卷(以及隐形操作系统)的存在仍然是保密的。\n\n\n + 如果您把迷惑系统的密码泄漏给强迫您说出密码的人,如果他询问为什么(迷惑)系统分区的自由空间包含随机数据,您可以回答,例如:"这个分区以前包含 VeraCrypt 加密的系统但是我忘记了密码(或者说这个系统已经损坏和无法启动了),因此我不得不安装了 Windows 和重新加密了这个分区"。\n\n\n + 如果您遵循了前面的指令并且遵循了《VeraCrypt User Guide》中的 "Security Precautions Pertaining to Hidden Volumes" 章节所提到的防护措施,则外人无法证明隐藏加密卷和隐形系统的存在,哪怕是外层加密卷已加载或迷惑操作系统已解密/启动。\n\n如果您打印了此文本,在您创建迷惑操作系统之后并理解了文本中所述内容之后,强烈建议您销毁这个文本(否则,如果该文本纸张被发现,可能会暗示计算机上有存在隐形系统的可能)。 + 警告:如果您没有保护隐藏加密卷(保护的做法参考 VeraCrypt 用户指南的"Protection of Hidden Volumes Against Damage"章节),请不要向外层加密卷写入数据。否则您可能会覆盖或损坏隐藏隐藏加密卷!请不要想外层加密卷写入数据(注意,迷惑操作系统并未安装在外层加密卷)。否则,您可能会覆盖和损坏隐藏加密卷(以及在其内的隐形系统)! + 正在克隆操作系统 + 在下一步中,VeraCrypt 将会通过复制当前运行系统的内容到隐藏加密卷来创建隐形系统(被复制的数据将会使用与迷惑系统不同的密钥实时加密))。\n\n请注意该过程将会在启动验证环境中执行(在 Windows 启动前),并可能花费较长的时间;可能需要花费几个小时或者几天(依据系统分区容量和计算机性能而定,例如PM1.6GHz加密时大概的速度是0.5GB/分钟左右)。\n\n您可以中断该过程,关机,启动操作系统并在此之后继续该过程。然而,如果您中断该过程,整个复制系统的过程将会不得不从头开始(因为系统分区的内容在克隆期间必须不能被改变)。 + 您想要取消整个隐形操作系统的创建过程吗?\n\n注意:如果现在取消,您将无法继续该进程。 + 您要取消系统加密预测试吗? + VeraCrypt 系统加密预测试失败。您希望再试一次吗?\n\n如果选择〖否〗,则启动验证组件将会被卸载。\n\n说明:如果 VeraCrypt 启动管理器在 Windows 启动前不要求您输入密码,这很可能是您的操作系统并没有从该系统所安装的驱动器引导的。目前并不支持这种方式。\n\n- 如果您使用了AES 之外的加密算法并且预测试失败了(并且您也输入了密码),这可能由有设计缺陷的驱动导致的。选择〖否〗,尝试再次加密系统分区/设备,但是要使用 AES 加密算法(该算法所需内存最低)。\n\n- 更多可能导致该错误的原因,请参考: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + 该系统分区/驱动器看起来没有被加密(或者是没有被完全加密)。 + 您的系统分区/驱动器已加密(部分或完全加密)。\n\n请在继续进行前解密该系统分区/驱动器。操作步骤:在 VeraCrypt 主窗口的菜单中,选择〖系统〗->〖永久解密系统分区/驱动器〗。 + 当系统分区/驱动器已部份或完全加密时,您不能降级 VeraCrypt 的版本(但是可以更新到新版本或者从新安装同一版本)。 + 您的系统分区/驱动器正在被加密/解密,或正在被修改。请在继续操作前中断这个加密/解密/修改进程(或者等待直到其完成)。 + 已经有 VeraCrypt 加密卷创建向导的实例在运行,并且正在执行对系统分区/驱动器的加密或解密操作。在您继续前,请等候其完成或者关闭该实例。如果您无法关闭这个实例,请在继续操作前重启计算机。 + 加密或解密系统分区/驱动器的进程尚未完成。在进程完成前请稍候。 + 错误:加密分区/驱动器的过程已经未完成,该过程必须首先完成。 + 错误:加密 分区/卷 的过程尚未完成。您必须首先完成此过程。\n\n说明:要继续该过程,在 TrueCrype 主界面的菜单中,选择〖加密卷〗->〖继续被中断的过程〗。 + 密码正确,VeraCrypt 已经成功解密加密卷头信息并检测到了该加密卷存在一个隐形的操作系统。然而,您不能以此种方式修改隐形系统卷的头信息。\n\n要修改隐形系统卷的密码,请启动隐形操作系统,之后在 VeraCrypt 主界面选择〖系统〗->〖修改密码〗。\n\n要设置首密钥的生成算法,启动隐形操作系统并在程序窗口选择〖系统〗->〖设置首密钥生成算法〗。 + VeraCrypt 不支持就地(在隐形系统内)解密隐形操作系统分区。\n\n说明:如果您要解密迷惑操作系统,可以启动到迷惑操作系统,在 VeraCrypt 程序中选择〖系统〗->〖永久解密系统分区/驱动器〗。 + 错误:错误/无效的参数。 + 您已经选择了一个分区或者设备,但是在向导模式您只能选择文件型加密卷。\n\n您希望改变向导模式吗? + 您想取代创建为 VeraCrypt 文件型加密卷吗? + 您已经选择了系统分区/驱动器(或启动分区),但是您选择的向导模式只适用于非系统驱动器。\n\n您希望设置启动验证(意味着每次启动 Windows 前,都需要您输入密码)和加密系统分区或驱动器吗? + 您确认要永久解密系统分区/驱动器吗? + 警告:如果您永久解密系统分区或驱动器,数据将会恢复为未加密状态。\n\n您确认要永久解密系统分区或驱动器吗? + 你确定要永久解密这个加密卷吗? + 注意: 如果你永久解密一个卷,未加密的数据会写入到磁盘上。\n\n你确定要永久解密这个加密卷吗? + 警告:如果您使用一种级联算法加密操作系统,您可能会遇到以下问题:\n\n1)VeraCrypt 启动管理器体积偏大,因此驱动器的第一个柱面可能无法容纳 VeraCrypt 启动管理器的备份。因此,当其损坏的时候(这个可能会经常发生,例如,在某些程序的有设计缺陷的反隐私操作情况下),您将需要使用 VeraCrypt 应急盘启动和修复 VeraCrypt 启动管理器。\n\n2)在一些计算机上,导致休眠时间过长。\n\n这些潜在的问题可以通过选择一种非级联算法(例如 AES)来预防。\n\n您真的要坚持继续使用级联算法吗? + 如果您遇到任何前面描述的问题,请解密该分区/驱动器(如果已加密)并使用一种非级联算法加密(例如 AES)。 + 警告:安全考虑,在更新隐形系统中的 VeraCrypt 之前,您应当先更新迷惑系统中的 VeraCrypt。\n\n可以这样实现:启动到迷惑系统,运行 VeraCrypt 安装程序。之后启动到隐形系统和运行 VeraCrypt 安装程序。\n\n注意:迷惑系统和隐形系统共用一个启动管理器。如果你仅在隐形系统升级 VeraCrypt,迷惑系统的 VeraCrypt 驱动版本则与 VeraCrypt 启动管理器的版本不同,亦可能暗示在电脑上存在隐形系统。\n\n\n您确认要继续吗? + VeraCrypt 启动管理器的版本与系统中安装的 VeraCrypt 驱动和程序版本不一致。\n\n您应当运行 VeraCrypt 安装程序(版本号与 VeraCrypt 启动管理器相同)来更新操作系统中的 VeraCrypt。 + 启动该系统的 VeraCrypt 启动管理器版本号不同于安装在系统上的 VeraCrypt 设备驱动或 VeraCrypt 应用程序的版本号。请注意,早期版本可能存在一些新版已经修复的 BUG。\n\n如果您并未从应急盘启动,您应当重新安装 VeraCrypt 或者更新到最新的稳定版本(启动管理器也会随之更新)。\n\n如果您从应急盘启动,您应当更新应急盘(〖系统〗->〖创建应急盘〗)。 + VeraCrypt 启动管理器已经成功更新。\n\n强烈建议您重启计算机后选择〖系统〗->〖创建应急盘〗来创建一个新的 VeraCrypt 应急盘(将会包含新版的 VeraCrypt 启动管理器)。 + VeraCrypt 启动管理器已经更新。\n\n强烈建议您启动迷惑操作系统并通过选择菜单〖系统〗 ->〖创建应急盘〗创建一个新的 VeraCrypt应急盘(将会包含新版本的 VeraCrypt 启动管理器)。 + 更新 VeraCrypt 启动管理器时失败。 + VeraCrypt 检测系统驱动器真实大小失败,因此,操作系统所报告的大小(将会比实际小)将会被使用。另外需要指明的是,这并不是 VeraCrypt 的程序问题(BUG)。 + 警告:看起来 VeraCrypt 曾经检测过此系统驱动器上的隐藏扇区。如果您在上次检测过程中遇到任何问题,您可以通过跳过隐藏扇区检测来避免这个问题。注意,如果跳过检测,VeraCrypt 将会使用操作系统报告的容量(要小于真实驱动器的容量)。\n\n此问题并不是 VeraCrypt 的程序 Bug。 + 跳过隐藏扇区的检测(使用操作系统报告的容量) + 尝试再次检测隐藏扇区 + 错误:磁盘上一个或多个扇区的内容无法读取(可能由于物理因素影响)。\n\n这些扇区能够重新读取之前,就地加密的过程将无法继续。VeraCrypt 能够尝试向其中写入 0 来使这些扇区可读(之后这些 0 填充的区块将会被加密)。然而,请注意存储于这些不可读扇区的数据将会丢失。如果您想要避免数据丢失,您可以使用适当的第三方软件恢复这些损坏数据的某些部分。\n\n注意:在有物理损坏扇区的情况下(不同于简单的数据损坏和校验错误),当有数据试图向这些损坏扇区写入数据时,大多数存储设备都会在内部为这些要写入的数据重新分配扇区(因此当前损坏扇区上的现有数据可能在启动器上仍然保持未加密状态)。\n\n您希望 VeraCrypt 为这些不可读扇区填充 0 吗? + 错误:磁盘上一个或多个扇区的内容无法读取(可能由于物理因素影响)。\n\n为了能够继续加密,VeraCrypt 不得不放弃这些不可读扇区(扇区内容会被伪随机数据填充)。请注意,在继续进行之前,您可以尝试使用适当的第三方软件恢复任何损坏数据的一部分。\n\n您希望 VeraCrypt 废弃不可读扇区中的数据吗? + 说明:VeraCrypt 已经把 %I64d 的不可读扇区(%s)的当前内容全部替换为加密的全部为 0 的纯文本块。 + 说明:VeraCrypt 已经把 %I64d 的不可读扇区(%s)的当前内容全部替换为随机数据纯文本块。 + 输入口令牌 '%s' 的密码/PIN: + 为允许 VeraCrypt 访问安全口令牌或智能卡,您首先需要为口令牌或智能卡安装一种 PKCS #11 运行库,这些运行库可能已经随设备提供,或者可以从供应商网站或其它第三方网站上下载。\n\n在您安装了运行库后,您可以通过单击〖选择运行库〗手动选择,或者通过单击〖自动检测运行库〗来让 VeraCrypt 发现和选择(仅会搜索 Windows 系统目录,比较耗费时间)。 + 说明:对于安装到您计算机上的 PKCS #11 运行库以及安全口令牌或智能卡的文件名和位置,请参考口令牌、智能卡的文档,或者参考第三方软件。\n\n单击〖确定〗按钮选择路径和文件名。 + 为允许 VeraCrypt 访问安全口令牌或智能卡,您需要为口令牌或智能卡选择一种 PKCS #11 运行库。要做到这点,请选择〖设置〗->〖安全口令牌〗。 + 初始化 PKCS #11 安全口令牌运行库失败。\n\n请确认指定路径和文件名对应有效的 PKCS #11 运行库。要指定 PKCS #11 运行库路径和文件名,选择〖设置〗 ->〖安全口令牌〗。 + 在 Windows 系统目录未发现 PKCS #11 运行库。\n\n请确认您的安全口令牌或智能卡已经安装了 PKCS #11 运行库(这些运行库可能已经随设备提供,或者可以从供应商网站或其它第三方网站上下载)。如果是被安装到 Windows 系统目录之外的地方,请点击〖选择运行库〗来定位运行库位置(例如:口令牌/智能卡 的安装文件夹。 + 未发现安全口令牌。\n\n请确认您的安全口令牌已经连接到您的计算机上并且已经安装好了正确的设备驱动程序。 + 安全口令牌密钥文件未发现。 + 已经存在同名的安全口令牌密钥文件。 + 您想要删除指定文件吗? + 安全口令牌密钥文件路径无效。 + 安全口令牌错误 + 安全口令牌密码不正确。 + 安全口令牌无足够的 内存/空间 执行请求的操作。\n\n如果您试图导入一个密钥文件,您应当选择一个小一些的文件或者使用由 VeraCrypt 生成的密钥文件(选择〖工具〗->〖密钥文件生成器〗)。 + 所有打开的口令牌会话均已关闭。 + 选择安全口令牌密钥文件 + 插槽 + 口令牌名称 + 文件名 + 重要:请注意,启动验证的密码总是以美国键盘布局输入的。因此,对于使用非美国键盘布局输入密码的加密卷,是不可能使用缓存密码加载的(注意这不是 VeraCrypt 的程序缺陷)。要允许这样的加密卷使用启动验证密码加载,请遵循以下步骤:\n\n1)点击〖选择文件〗或〖选择设备〗并选择加密卷。 2)选择〖加密卷〗->〖修改加密卷密码〗。 3)输入当前加密卷的密码。 4)修改键盘布局为 English (US),通过点击 Windows 通知栏上的语言栏和选择“英语(美国)”。 5)在 VeraCrypt 新密码位置,输入启动验证密码。 6)在确认密码位置重复输入密码,之后点〖确定〗。警告:如果您采用这些步骤,请牢记,加密卷密码总是只能以美国键盘布局输入(这样才能在启动验证环境中自动匹配)。 + 系统收藏加密卷将会以启动验证密码加载。如果任何系统收藏加密卷使用了不同的密码,它将不会被加载。 + 请注意,如果您希望系统收藏加密卷不会受到常规 VeraCrypt 加密卷操作的影响(例如〖全部卸载〗),您应当启用选项〖在 VeraCrypt 中,只允许系统管理员查看和卸载系统收藏加密卷〗。另外,如果 VeraCrypt 以非管理员身份运行(在 Windows Vista 和以后版本的系统中默认为非管理员身份),系统收藏加密卷将不会出现在 VeraCrypt 程序窗口的驱动盘符列表中。 + 重要:请必须记住,此选项已经启用并且 VeraCrypt 不具有系统管理员权限,已加载的系统收藏加密卷不会显示在 VeraCrypt 程序窗口并且它们也不能被卸载。因此,如果您需要卸载系统收藏加密卷,请右键单击 VeraCrypt 图标(在开始菜单中),并选择“运行方式”和选择管理员帐户运行。“全部卸载”、“自动卸载”热键等功能也存在上面所说的限制。 + 请注意,此设置在系统重启后才会生效。 + 解析命令行时出错。 + 应急盘 + 选择和加载文件(&F)... + 选择和加载设备(&D)... + 在 VeraCrypt 中,只允许系统管理员查看和卸载系统收藏加密卷 + 在 Windows 启动时加载系统收藏加密卷(在启动过程的初始阶段) + 警告:加载为 '%s' 的加密卷上的文件系统并未彻底卸载因此而存在错误。继续使用损坏的文件系统可能会导致数据丢失或者损坏。\n\n注意:在您物理移除或卸载包含已加载的 VeraCrypt 加密卷的设备(例如U盘或移动硬盘)之前,您应当先在 VeraCrypt 中卸载加密卷。\n\n\n您希望 Windows 系统尝试检测和修复可能的文件系统错误吗? + 警告:一个或者多个系统收藏加密卷并没有完全卸载,因此可能包含文件系统错误。请查看系统事件日志获取更多信息。\n\n使用损坏的文件系统可以导致数据丢失或者数据损坏。您应当检查受影响的收藏加密卷的磁盘错误(在 VeraCrypt 中右键单击每个打开的收藏加密卷,之后选择〖修复文件系统〗)。 + 警告:使用微软的 'chkdsk' 工具修复受损的文件系统时可能会导致受损区域的数据丢失。因此,建议您首先备份存储在 VeraCrypt 加密卷中的文件到另外完好的加密卷。\n\n您确认现在就修复文件系统吗? + 由于写入权限被拒绝,加密卷 '%s' 不得不以只读模式加载。\n\n请确认文件类型加密卷的安全许可允许您对其执行写入操作(右键单击此容器并选择 属性 -> 安全)。\n\n注意,由于 Windows 的原因,您可能在设置成合适的安全属性后还会看到这个警告,这并非是 VeraCrypt 的程序故障。一个可能的解决方法是移动您的加密卷文件,例如移动到文档文件夹。\n\n如果您确实要保持加密卷的只读模式,请设置加密卷的属性为只读(右键单击加密盘文件并选择属性 -> 只读),这样就可以禁止显示警告了。 + 由于写入权限被拒绝,加密卷 '%s' 不得不以只读模式加载。\n\n请确认没有其它程序(例如,防病毒程序)正在访问加密卷所在的分区/设备。 + 加密卷 '%s' 加载为只读模式,这是因为操作系统报告主设备为写保护状态。\n\n请注意,在一些第三方的芯片驱动中,已有错误报告指出可能会造成可写入介质错误的被系统报告为写保护。这个问题并不是由 VeraCrypt 造成。这可以通过更新或卸载当前系统中的任何第三方芯片组驱动(非微软认证)。 + 请注意,超线程技术为每个物理核心提供了多个逻辑核心。当启用了超线程,上面选中的数字表示逻辑处理器数(核心数)。 + %d 线程 + 请注意,硬件加速 AES 已禁用,这将会影响测试结果(使性能变差)。\n\n要启用硬件加速,请选择〖设置〗->〖性能〗并禁用相应选项。 + 请注意,线程的数目当前受限,这将会影响测试结果(使性能变差)。\n\n要利用处理器的潜能,请选择〖设置〗->〖性能〗并禁用相应选项。 + 您想要 VeraCrypt 尝试禁用此分区/设备 的写保护吗? + 警告:此设置可能会降低性能。\n\n您确认要使用该设置吗? + 警告:VeraCrypt 加密卷已自动卸载 + 在您物理卸载或关闭连接到已加载的加密卷前,您应当总是先在 VeraCrypt 中卸载它。\n\n意外发生的卸载通常是由于线缆、驱动器(附件)等导致的。 + 不能在VeraCrypt使用这个用TrueCrypt%x.%x创建的加密卷,VeraCrypt只支持TrueCrypt6.x/7.x创建的加密卷。 + 测试 + 密钥文件 + Backspace + Tab + Clear + Enter + Pause + Caps Lock + 空格键 + Page Up + Page Down + End + Home + 左箭头 + 上箭头 + 右箭头 + 下箭头 + 选择键 + 打印键 + Execute Key + Print Screen + Insert + Delete + Applications Key + 睡眠 + Num Lock + Scroll Lock + 浏览器 后退 + 浏览器 前进 + 浏览器 刷新 + 浏览器 停止 + 浏览器 搜索 + 浏览器 收藏 + 浏览器 主页 + 静音 + 音量加 + 音量减 + Next Track + Previous Track + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Application 1 + Application 2 + Attn + CrSel + ExSel + 播放 + 缩放 + 数字键盘 + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + 键入的密码过长:在UTF-8下已超过64字节。 + 键入的密码中包含无法转换为UTF-8编码的Unicode字符。 + Error: Failed to load a system library. + 输入的加密卷的大小不兼容所选择的exFAT文件系统。 + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Translations/Language.zh-hk.xml b/Translations/Language.zh-hk.xml index 69eaa126..59fb6da3 100644 --- a/Translations/Language.zh-hk.xml +++ b/Translations/Language.zh-hk.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - 取消 - 為所有用戶安裝(&F) - 流覽(&W)... - 在桌面添加 VeraCrypt 圖示(&D) - Donate now... - 關聯 .hc 文件到 VeraCrypt(&E) - 完成後打開目標位置(&O) - 創建 VeraCrypt 的開始菜單項(&S) - 創建系統還原點(&R) - 卸載(&U) - 釋放(&E) - 安裝(&I) - VeraCrypt 安裝嚮導 - 卸載 VeraCrypt - 説明(&H) - 請選擇或者輸入您希望釋放到的位置: - 請選擇或輸入您希望 VeraCrypt 程式檔釋放到的位置。如果指定檔夾不存在,檔夾將會被自動創建。 - 點擊“卸載”按鈕從系統中卸載 VeraCrypt。 - 放棄 - 測試(&B) - 測試(&T) - 創建加密卷並格式化 - 就地加密分區 - 顯示生成的密鑰(及其部分) - 顯示緩衝內容 - 下載 CD/DVD 刻錄軟體(聯網) - 創建檔型加密卷 - GB(&G) - TB(&T) - 更多資訊(聯網) - 隱藏的 VeraCrypt 加密卷(&D) - 關於隱藏加密卷的更多資訊(聯網) - 直接模式 - 常規模式 - KB(&K) - 使用密鑰檔(&S) - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - 密鑰文件(&K).. - 關於混雜演算法的更多資訊(聯網) - 更多資訊(聯網) - Information on PIM - MB(&M) - 更多資訊(聯網) - 關於系統盤加密的更多資訊(聯網) - 更多資訊(聯網) - 多重啟動 - 加密非系統分區/設備 - 從不保留歷史記錄(&S) - 打開外層加密卷 - 暫停(&P) - Use P&IM - Use PIM - 快速格式化 - 顯示密碼(&D) - 顯示密碼(&D) - &Display PIM - 單系統 - 標準 VeraCrypt 加密卷 - 隱藏(&D) - 常規 - 加密系統分區或者整個系統所在硬碟 - 加密 Windows 系統分區 - 加密整個硬碟驅動器 - VeraCrypt 加密卷創建嚮導 - - 重要:在視窗範圍內儘量任意移動滑鼠。移動時間越長越好。這將會極大的增強密鑰的加密強度。之後點擊 '下一步' 按鈕繼續。 - 確認(&C): - 完成 - Drive letter: - 加密演算法 - 檔系統 - 創建一個檔類型的加密盤,推薦入門用戶使用。 - 選項 - 哈希演算法 - 首密鑰: - 剩餘 - 主密鑰: - 如果此電腦上安裝了兩個或多個作業系統請選擇此項。\n\n例如:\n- Windows XP 和 Windows XP\n- Windows XP 和 Windows Vista\n- Windows 和 Mac OS X\n- Windows 和 Linux\n- Windows,Linux 和 Mac OS X - 加密一個內部或者外部驅動器上的非系統分區(例如. 優盤)。也可以創建一個隱藏的加密卷。 - 當前緩存內容(部分) - 密碼 - 密碼: - Volume PIM: - Volume PIM: - 進程: - 隨機緩衝: - 如果電腦上只安裝了一個作業系統請選擇此項(儘管該作業系統下可能有多個用戶)。 - 速度 - 狀態 - 密鑰、要素、以及其他資料已被成功生成。如果您希望生成新的密鑰,請點擊 '後退' 然後點擊 '下一步' 按鈕。否則點擊 '下一步' 按鈕繼續。 - 加密 Windows 系統所在的 分區/驅動器。加密後,任何人想要訪問和使用這個系統、讀寫檔等,都需每次在 Windows 啟動前輸入正確的密碼。也可以選擇創建一個隱形的作業系統。 - 選擇此選項,以加密您當前 Windows 作業系統所安裝的分區。 - Volume Label in Windows: - 擦除模式: - 關閉 - 允許按下 Esc 按鍵跳過啟動驗證(啟用啟動管理器)(&A) - 什麼也不做 - 自動載入 VeraCrypt 加密卷(下麵指定的)(&A) - 運行 VeraCrypt(&S) - 自動檢測運行庫(&D) - 緩存啟動驗證密碼到驅動記憶體(用來載入非系統加密卷)(&C) - 流覽... - 流覽... - 在記憶體中緩存密碼和密鑰檔(&A) - 沒有加密卷被載入時退出 - 在有加密卷成功載入後關閉口權杖會話(登出)(&C) - Include VeraCrypt Volume Expander - 包含 VeraCrypt 加密卷創建嚮導 - 創建 - 創建加密卷(&C) - 在啟動驗證螢幕不顯示任何文本(僅顯示下面自定義的資訊)(&S) - Disable "Evil Maid" attack detection - 使用處理器指令加速 AES 加解密(如果功能可用) - 使用密鑰檔 - 使用密鑰檔 - 退出(&X) - 收藏加密卷的幫助 - 當 '載入收藏加密卷' 熱鍵按下時不載入選定的加密卷(&H) - 當主設備被連接時載入選定加密卷(&C) - 登錄時載入選定加密卷(&O) - 以唯讀方式載入選定加密卷(&N) - 以可移動介質方式載入選定加密卷(&V) - 下移(&D) - 上移(&U) - 當成功載入選定加密卷後,為其打開資源管理器視窗(&E) - 移除(&R) - Use favorite label as Explorer drive label - 全局設置 - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - 分配 - 移除 - 密鑰文件... - 不使用下面數目的處理器加密/解密: - 更多資訊(聯網) - 更多資訊(聯網) - 更多設置... - 自動載入設備(&A) - 載入選項(&A)... - 以唯讀模式載入加密卷(&O) - 密鑰文件... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - 啟用 - 在驅動記憶體中緩存密碼 - 自動卸載加密卷,在無數據讀寫動作下面時間後 - 用戶註銷時 - User session locked - 進入待機狀態時 - 螢幕保護載入時 - 強制自動卸載,無論加密卷是否有被打開的檔或目錄 - 載入所有設備類 VeraCrypt 加密卷 - 啟動 VeraCrypt 後臺任務 - 以唯讀模式載入加密卷 - 以可移動介質模式載入加密卷 - 為成功載入的加密卷打開資源管理器視窗 - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - 自動卸載時擦除緩存的密碼 - 退出時擦除緩存的密碼 - 保留檔類型加密卷的修改時間戳 - 重置 - 選擇設備(&E)... - 選擇檔(&F)... - 選擇運行庫(&L)... - 顯示密碼 - 顯示密碼 - 為載入的加密卷打開資源管理器視窗(&E) - 在驅動記憶體中緩存密碼(&C) - TrueCrypt Mode - 全部卸載(&S) - 加密卷屬性(&V)... - 加密卷工具(&T)... - 擦除緩存(&W) - VeraCrypt - Mount Parameters - VeraCrypt - 收藏加密卷 - VeraCrypt - 系統熱鍵 - VeraCrypt - 更改密碼或密鑰檔 - 輸入 VeraCrypt 加密卷密碼 - VeraCrypt - 性能選項 - VeraCrypt - 參數選擇 - VeraCrypt - 系統加密設置選項 - VeraCrypt - 安全口權杖參數 - VeraCrypt 便攜磁片安裝 - VeraCrypt 加密卷屬性 - 關於 VeraCrypt... - 添加或移除密鑰文件... - 添加已載入的加密卷為收藏加密卷... - 添加已載入的加密卷為系統收藏加密卷... - 分析系統崩潰原因... - 備份加密卷頭信息... - 基準測試... - 設置首密鑰衍生演算法... - 更改加密卷密碼... - 設置首密鑰離散演算法... - 更改密碼... - 清除加密卷歷史記錄 - 關閉所有安全口權杖會話 - 聯繫作者(聯網)... - 創建隱形作業系統... - 創建應急盤... - 創建加密卷... - Permanently Decrypt... - 默認密鑰文件... - Default Mount Parameters... - Donate now... - 加密系統分區/驅動器... - 常見問題(聯網) - 用戶指南 - 主頁(聯網)(&H) - 系統熱鍵... - 密鑰文件生成器 - 語言選擇... - 法律聲明(聯網) - 管理安全口權杖密鑰文件... - 自動載入全部設備類加密卷 - 載入收藏加密卷 - 以非啟動驗證方式載入(&A)... - 載入所選加密卷 - 根據選項載入加密卷 - 軟體新聞(聯網) - 線上幫助(聯網) - 用戶嚮導(聯網) - 管理收藏加密卷... - 管理系統收藏加密卷... - 性能... - 永久解密系統分區/驅動器 - 參數選擇... - 刷新盤符列表 - 從加密卷中移除所有密鑰... - 恢復加密卷頭資訊... - 繼續被中斷的過程 - 選擇設備... - 選擇檔... - 繼續被中止的進程 - 系統加密... - 屬性... - 設置... - 系統收藏加密卷... - 下載頁面(聯網) - 測試向量... - 安全口權杖... - 便攜磁片安裝... - 卸載全部載入的加密卷 - 卸載所選加密卷 - 驗證應急盤 - Verify Rescue Disk ISO Image - 版本歷史(聯網) - Volume Expander - 加密卷屬性 - 加密卷創建嚮導 - 官方網站(聯網) - 擦除緩存的密碼 - 確定 - 硬體加速 - 熱鍵 - 自動運行配置(autorun.inf) - 自動卸載 - 全部卸載,當: - 啟動管理器螢幕選項 - 確認密碼: - 當前密碼 - 在啟動驗證螢幕顯示下面自定義資訊(最多 24 個字元): - 默認載入選項 - 熱鍵設置 - Driver Configuration - Enable extended disk control codes support - 所選收藏加密卷的標籤: - 檔選項 - 要分配的熱鍵: - Processor (CPU) in this computer supports hardware acceleration for AES: - Windows 登陸時執行的操作 - 分鐘 - 以該驅動器盤符載入: - 載入設置 - 新密碼 - 密碼: - 線程基礎的平行計算 - PKCS #11 運行庫路徑 - PKCS-5 PRF: - PKCS-5 PRF: - 密碼緩存 - 安全選項 - VeraCrypt 後臺任務 - 要載入的 VeraCrypt 加密卷(相對於便攜磁片的根目錄): - 在插入便攜磁片時: - 創建便攜磁片檔於(便攜磁片根目錄): - 加密卷 - Windows - 添加路徑(&P)... - 全部自動測試(&A) - 繼續(&C) - 解密(&D) - 刪除(&D) - 加密(&E) - 導出(&E)... - 生成並保存密鑰檔... - 生成隨機密鑰檔(&G)... - 下載語言包 - 硬體加速 AES: - 導入密鑰文件到口權杖(&I)... - 添加文件(&F)... - 使用密鑰檔(&A) - 密鑰文件(&K)... - 移除(&R) - 全部移除(&A) - 什麼是隱藏加密卷保護? - 密鑰檔的更多資訊(聯網) - 載入加密卷為可移動介質(&M) - 以非預啟動驗證方式載入使用系統加密處理的分區(&U) - 平行計算: - 基準測試 - 列印(&P) - 向外層加密卷寫入資料時保護隱藏加密卷(&P) - 重置(&R) - 顯示密碼(&A) - 添加口權杖(&T)... - 使用嵌入在卷中的備份頭資訊(如果有可用的)(&V) - XTS 模式 - 關於 VeraCrypt - VeraCrypt - 加密演算法基準測試 - VeraCrypt - 測試向量 - 命令行幫助 - VeraCrypt - 密鑰文件 - VeraCrypt - 密鑰文件生成器 - VeraCrypt - 語言 - VeraCrypt - 載入選項 - 新的安全口權杖密鑰檔屬性 - VeraCrypt - 隨機緩衝增強 - 選擇一個分區或設備 - VeraCrypt - 安全口權杖密鑰檔 - 需要安全口權杖密碼PIN - 當前語言包 - 速度由 CPU 和存儲設備性能決定。\n\n這些測試在記憶體中進行。 - 緩衝大小: - 密碼: - 隱藏加密卷的密碼(&A):\n(如果為空,則使用緩存) - 保護隱藏加密卷 - 密鑰長度: - 重要:請在此視窗內隨機移動滑鼠,移動時間越長越好。這將會顯著增加密鑰的加密強度。 - 警告:如果您丟失了密鑰檔或者密鑰檔的前 1024 KB 位元組已改變,將不可能再載入使用該密鑰的加密卷! - - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - 翻譯人員: - 明文密碼長度: - - 當前緩衝內容 - 混合 PRF: - 重要:在視窗內盡可能自由的移動滑鼠。移動時間越長效果越好。這將會顯著增加安全性。當操作完成時,點擊 '繼續' 按鈕。 - 次密鑰(十六進位) - 安全口權杖: - 排序方式: - 請耐心等待,此過程可能需要較長時間... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - 塊數值: - 加密文本(十六進位) - 資料單元數值(64-位元十六進位,資料單元大小為 512 位元組) - 密鑰(十六進位) - 明文密碼(十六進位) - 密鑰檔案名: - XTS 模式 - 系統(&Y) - 加密卷(&V) - 收藏卷(&I) - 工具(&O) - 設置(&G) - 説明(&H) - 主頁(聯網)(&P) - - 關於(&A)... - 不能更改舊版本加密卷的唯讀屬性。請檢查檔訪問許可權。 - 錯誤:訪問被拒絕。\n\n您試圖要訪問的分區要麼長度是 0 磁區,要麼是啟動設備。 - 系統管理員 - 要載入 VeraCrypt 驅動,您必需以一個具有管理員許可權的帳號登陸。 - 請注意:如果要加密或格式化某分區和設備您必需以一個 具有管理員許可權的帳號登陸。\n\n檔類型加密卷不受這個限制。 - 如果要創建隱藏的加密卷,您必須以一個 具有管理員許可權的帳號登陸。\n\n需要繼續嗎? - 請注意:如果要把加密卷格式化為 NTFS 檔系統,您必需以一個 具有管理員許可權的帳號登陸。\n\n若無管理員許可權,您可以格式化加密卷為 FAT 檔系統。 - FIPS-認可的加密演算法(Rijndael,發表於 1998)可能被美國聯邦部門和機構用來對特定資訊進行頂極保護。256 位密鑰、128-位塊、14 次離散迴圈(AES-256,發表於 2001 年)。操作模式為 XTS。 - 加密卷已載入。 - 小心:在內置自動檢測時,至少一個 加密或哈希演算法失敗了!\n\n此 VeraCrypt 安裝可能已損壞。 - 注意:在亂數生成器緩衝中的資料不足,無法提供要求數量的亂數據。\n\n您不應當繼續進行。請從幫助功能表選擇“報告錯誤”來報告此軟體錯誤。 - 該設備已經損壞(這是物理損壞)或者線纜損壞,或者是記憶體出現故障。\n\n請注意這是您的硬體的問題,並不是 VeraCrypt 的問題。因此,請不要把這個報告為 VeraCrypt 的錯誤,並且也不要在 VeraCrypt 論壇對此問題尋求幫助。請聯繫您的電腦供應商獲取技術支援,謝謝您!\n\n注意:如果該提示反復出現在同一位置,那就很可能是磁片壞塊導致的,應該通過使用第三方軟體來修復(請注意,在很多情況下,'chkdsk /r' 命令由於工作在系統層因此不能修復此問題;在某些情況中,'chkdsk' 工具甚至不能檢測到此類錯誤。 - 如果您正在訪問驅動器上的可移動介質,請確認可移動介質已經插入驅動器。驅動器/介質可能已被損壞(可能是物理原因),或者線纜已經損壞或斷開。 - 您的系統好象使用了帶有不支援創建全盤加密缺陷的第三方的晶片驅動。\n\n請在繼續之前嘗試更新或者卸載任何第三方晶片驅動(非微軟認證的驅動)。 如果仍然不起作用,請嘗試只加密系統分區。 - 無效驅動器盤符。 - 無效路徑。 - 取消 - 無法訪問設備。請確保選中的設備存在並且未被系統佔用。 - 警告:Caps Lock(大小寫鎖定)已開啟。這可能導致您輸入密碼錯誤。 - 卷類型 - 可能在某些情況,有些人會迫使您告訴它們加密卷密碼。很多情況您可能無法拒絕這種要求(例如,存在暴力因素)。使用這種隱藏加密卷可以解決此類問題,而不須洩漏隱藏加密卷密碼。 - 選擇您希望創建常規 VeraCrypt 加密卷的選項。 - 請注意,如果您希望把作業系統安裝在隱藏加密分區之中,那麼整個系統驅動器不能使用單獨的密鑰加密(翻譯待驗證)。 - 外層加密卷加密選項 - 隱藏加密卷加密選項 - 加密選項 - 警告:清除上次選擇的加密卷或密鑰檔路徑失敗(由檔選擇器記憶)! - 錯誤:此加密卷在 NTFS 格式分區上壓縮過。VeraCrypt 不支持壓縮過的加密卷(這是因為壓縮過的加密資料會低效和存在資料冗餘)。\n\n請使用以下步驟取消壓縮: 1)在Windows資源管理器中右鍵單擊加密卷(不是在 VeraCrypt 視窗中)。 2)選擇“屬性”。 3)在“屬性”對話方塊,單擊“高級”。 4)在“高級屬性”對話方塊,禁用“壓縮內容以節省磁碟空間”並點擊“確定”。 5)返回到“屬性”對話方塊,點“確定”。 - 創建加密卷 %s 失敗 - %s 的大小為 %.2f 位元組 - %s 的大小為 %.2f KB - %s 的大小為 %.2f MB - %s 的大小為 %.2f GB - %s 的大小為 %.2f TB - %s 的大小為 %.2f PB - 警告:設備/分區正在被系統或應用程式佔用。格式化該設備/分區它可能導致資料丟失或系統不穩定。\n\n繼續進行格式化嗎? - 警告:該分區正在被作業系統或應用程式使用。您應當關閉任何可能佔用此分區的程式(包括反病毒軟體)。\n\n確認繼續嗎? - 錯誤:該設備/分區包含不能被卸載的檔系統。此檔系統可能被作業系統使用。格式化此設備/分區很可能會導致資料損壞或者是系統不穩定。\n\n要解決此問題,我們推薦您首先刪除該分區之後在不格式化的情況下重新創建這個分區。要達成此目的,請遵照下麵步驟: 1)在 '開始' 菜單右鍵單擊 '電腦'(或者 '我的電腦')圖示,之後選擇 '管理',顯示 '電腦管理' 視窗。 2)在 '電腦管理' 視窗,選擇 '磁片管理'。 3)右鍵單擊要加密的分區,你可以選擇 '刪除分區' 或者是 '刪除卷',或者是 '刪除邏輯驅動器'。 4)如果 Windows 提示重啟電腦,點 '是' 重啟。之後在第 5 個步驟中重複第 1 和第 2 步。 5)右鍵單擊未分配/自由空間並選擇 '新建分區',或者 '新的卷',或者 '新邏輯驅動器'。 6)在 '新分區嚮導' 或者 '新建卷嚮導' 視窗中,在帶有 '格式化分區' 標題的對話方塊中,選擇 '不格式化此分區' 或者是 '不格式化此卷'。在同樣的嚮導裏面,點 '下一步' 之後點 '完成' 按鈕。 7)注意:您現在在 Veracrypt 中選擇的設備路徑可能是錯誤的,因此,退出並重新啟動 VeraCrypt 加密卷創建嚮導(如果正在運行)。 8)嘗試重新加密該設備/分區。\n\n如果 VeraCrypt 仍然會加密失敗,您可以考慮創建檔類型的加密卷。 - 錯誤:此檔系統不能被鎖定 和/或 卸載。可能正在被作業系統或應用程式佔用(例如反病毒軟體)。加密此分區可能會導致資料損壞或者系統不穩定。\n\n請關閉任何可能佔用此分區的程式(包括反病毒軟體)並再試一次。如果仍然無效請參考下面步驟。 - 警告:一些載入的設備/分區正在使用中!\n\n若忽略這些則可能導致非期望的結果,包括系統不穩定。\n\n我們強烈建議您關閉所有可能正在使用 此設備/分區的應用程式。 - 選定的設備包含分區。\n\n格式化該設備可能會導致系統不穩定或資料丟失。您可以選擇該設備的某個分區,或者刪除該設備的所有分區,以保證 VeraCrypt 對其安全格式化。 - 選擇的非系統設備包含多個分區。\n\n設備類加密卷也可以在不包含任何分區的設備中創建(包括硬碟以及固態硬碟設備)。一個包含多個分區的設備,只有在此驅動器為 Windows 安裝和啟動分區時,才可以就地整盤加密(使用單一主密鑰)。\n\n如果您想使用單一主密鑰加密選擇的非系統設備,您需要首先移除所有分區以便 VeraCrypt 對其安全格式化(格式化包含多個分區的設備可能會導致系統不穩定 和/或 資料損壞。作為替代方法,您也可以單獨加密驅動器上的每個分區(每個分區將使用不同的主密鑰)。\n\n注意:如果您想從 GPT 磁片中移除所有分區,您可能需要把它轉換為 MBR 磁片(使用諸如電腦管理工具)以便移除隱藏分區。 - 警告:如果您加密了整個設備(而不是只加密設備上的一個分區),作業系統將會認為這個設備是新的、空的,和未格式化的(因為它沒有分區表),因此可能隨後會初始化這個設備(或者詢問您是否初始化),這可能會損壞加密卷。另外,也不能一如既往的將此加密卷載入為收藏卷(例如,當驅動器數目變化時),也不能為其賦予收藏卷標籤。\n\n要避免此類事情發生,您可以考慮在此設備上創建一個分區並加密此分區。\n\n您確認要加密整個設備嗎? - 重要:請牢記,此加密卷不能使用當前賦給它的驅動器盤符 %c: 載入/訪問,這個盤符已經賦給了這個分區!\n\n要載入此加密卷,點擊 VeraCrypt 主視窗的 '自動載入設備'(也可以這樣,在 VeraCrypt 主視窗,點擊 '選擇設備',之後選擇該分區/驅動器,然後點 '載入' 按鈕)。這個加密卷便會以不同的盤符載入(這個盤符可以在 VeraCrypt 主視窗的盤符列表中選擇)。\n\n原始的驅動盤符 %c: 僅應當在您需要移除對該分區/驅動器的加密時使用(例如:如果您不再需要加密)。在這種情況下,右鍵單擊 '我的電腦'(或者是 '資源管理器')中的驅動器盤符 %c: 並選擇 '格式化'。否則該驅動器盤符 %c: 應當一直都不要使用(除非您移除它並把它指定給另外的分區/驅動器)。 - 就地加密非系統卷在您的作業系統裏不被支援(僅在 Windows Vista 和以後版本中支持)。\n\n原因是當前作業系統不支援檔系統壓縮(檔系統需要壓縮來為加密卷頭資訊以及備份頭資訊獲取空間)。 - 選擇的分區看起來不包含 NTFS 檔系統。僅在 NTFS 檔系統下才支援就地加密。\n\n說明:原因是當前作業系統不支援檔系統壓縮(檔系統需要壓縮來為加密卷頭資訊以及備份頭資訊獲取空間)。 - 選擇的分區看起來不包含 NTFS 檔系統。僅在 NTFS 檔系統下才支援就地加密。\n\n如果您想在此分區內創建 VeraCrypt 加密卷,請選擇 "創建加密卷並格式化"(而不是選擇 "就地加密分區"). - 錯誤:分區太小,VeraCrypt 不能實現就地加密。 - 要加密此分區的資料,請遵循以下步驟:\n\n1)在一個空的 分區/設備 上創建一個 VeraCrypt 加密卷之後載入此加密卷。\n\n2)複製待加密分區中的所有資料到這個已經載入的 VeraCrypt 加密卷(該加密卷已經在步驟 1) 中創建)。這種方式下,您就創建了一個被 VeraCrypt 加密了的資料備份。\n\n3)在要加密的分區上創建一個 VeraCrypt 加密卷並確認您選擇了(在 VeraCrypt 嚮導中)選項 "創建加密卷並格式化"(而不是選擇選項 "就地加密分區")。注意,所有存儲於該分區的資料都會被擦除。加密卷創建之後,載入這個加密卷。\n\n4)複製備份加密卷(在步驟 1) 中創建的)中的所有檔到這個新創建和載入的加密卷中(在步驟 3) 中創建和載入的)。\n\n完成以上步驟之後,資料將會被加密,並且,也會額外的備份了資料的加密副本。 - VeraCrypt 只能就地加密分區、動態卷,或者整個系統啟動器。\n\n如果您想在選擇的非系統設備中創建加密卷,請選擇選項 "創建加密卷並格式化"(而不是選擇選項 "就地加密分區")。 - 錯誤:VeraCrypt 只能就地加密分區、動態卷,或者整個系統啟動器。請確認指定的路徑有效。 - 錯誤:不能壓縮檔系統(檔系統需要壓縮來為加密卷頭資訊以及備份頭資訊獲取空間)。\n\n可能原因及解決:\n\n- 該卷上無足夠的剩餘空間。請確認沒有其他程式正在寫入此檔系統。\n\n- 損壞的檔系統。嘗試檢查和修復錯誤(在 '我的電腦' 裏右鍵單擊相應的驅動器盤符,之後選擇 屬性 > 工具 > '開始檢查',確認已經選擇了選項 '自動修復檔系統錯誤',之後單擊 '開始' 按鈕)。\n\n如果以上方法都不起作用,請遵循以下步驟。 - 錯誤:剩餘空間不足,因此檔系統不能被壓縮(檔系統需要壓縮來為加密卷頭資訊以及備份頭資訊獲取空間)。\n\n請刪除任何多餘檔並清空回收站以便釋放 256KB 的空間之後再嘗試。注意由於 Windows 的問題,Windows 資源管理器報告的自由空間數量在作業系統重新啟動前可能是不正確的。如果重啟系統後並無幫助,檔系統可能已經損壞了。嘗試檢查和修復錯誤(在 '我的電腦' 裏右鍵單擊相應的驅動器盤符,之後選擇 屬性 > 工具 > '開始檢查',確認已經選擇了選項 '自動修復檔系統錯誤',之後單擊 '開始' 按鈕)。\n\n如果以上方法都不起作用,請遵循以下步驟。 - 驅動器 %s 上的自由空間為 %.2f 位元組。 - 驅動器 %s 的自由空間大小為 %.2f KB - 驅動器 %s 的自由空間大小為 %.2f MB - 驅動器 %s 的自由空間大小為 %.2f GB - 驅動器 %s 的自由空間大小為 %.2f TB - 驅動器 %s 的自由空間大小為 %.2f PB - 無法得到可用的驅動器盤符。 - 錯誤:未發現 VeraCrypt 驅動程式!\n\n請複製“veracrypt.sys”和“veracrypt-x64.sys”文件到 VeraCrypt.exe 程式所在的目錄。 - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - 錯誤:密碼初始化失敗。 - 錯誤:檢測到弱強度密鑰! 密鑰將被廢棄。請重試。 - 發生了關鍵性錯誤,VeraCrypt 必須被終止。如果該錯誤是 VeraCrypt 的缺陷導致的,我們可能會修正它。要協助我們完善軟體,您可以把 Veracrypt 自動生成的錯誤報告發送給我們,報告包括下面內容:\n\n- 程式版本\n- 作業系統版本\n- CPU類型\n- VeraCrypt 元件名稱\n- VeraCrypt 執行程式的校驗值\n- 對話方塊視窗的符號標記\n- 錯誤分類\n- 錯誤位址資訊\n- VeraCrypt 調用堆疊\n\n如果您選擇“是”,下面的 URL 網址(包含錯誤報告)將會在您的默認流覽器中打開。\n\n%hs\n\n您希望發送給我們上述錯誤報告嗎? - 您的系統發生了關鍵性錯誤,該錯誤會終止 VeraCrypt。\n\n需要注意的是此錯誤並非由 VeraCrypt 導致(因此 VeraCrypt 開發者並不會修復這個錯誤)。請檢查您的系統來查找可能的原因(例如:系統配置、網路連接、失效的硬體元件等)。 - 系統發生了關鍵性錯誤,要求終止 VeraCrypt。\n\n如果此錯誤一直存在,您可能需要嘗試禁用或卸載可能潛在導致此問題的應用程式,例如防病毒或防火牆軟體,系統性能提升軟體、優化軟體或者系統設置軟體,等等。如果仍然無法解決問題,您可能需要嘗試從新安裝您的作業系統(此問題也可能由惡意軟體導致)。 - VeraCrypt 關鍵性錯誤 - VeraCrypt 檢測到作業系統最近曾經崩潰過。系統崩潰存在很多潛在的原因(例如,硬體失敗,設備驅動存在BUG等等)\n\n您想要 VeraCrypt 檢查此次系統崩潰是否為 VeraCrypt 導致的嗎? - 您想要 VeraCrypt 繼續檢查此次系統崩潰嗎? - VeraCrypt 未發現系統崩潰轉儲檔。 - Do you want to delete the Windows crash dump file to free up disk space? - 為了分析系統崩潰原因,VeraCrypt 需要先安裝微軟調試工具。\n\n在您點擊 "確定" 按鈕之後,Windows installer 程式將會從微軟伺服器下載微軟調試工具安裝程式(16MB)並隨後安裝它( Windows installer 程式會從 veracrypt.org 伺服器上提交請求到微軟伺服器〖就是說先訪問 VeraCrypt 網站再訪問微軟〗,這樣即使微軟改變了安裝包的位址,此功能依然有效)。 - 在您點擊 "確定" 按鈕之後,VeraCrypt 將會分析系統崩潰原因,這可能會花費幾分鐘的時間。 - 請確認環境變數 'PATH' 包含 'kd.exe'(內核調試器)的路徑。 - 看起來很可能 VeraCrypt 不是導致系統崩潰的原因。系統崩潰存在很多潛在的原因(例如,硬體失敗,設備驅動存在BUG等等) - 分析結果表明更新下面驅動可能會解決問題: - 要協助我們確認這是否為 Veracrypt 的 BUG,您可以發送給我們一份自動生成的錯誤報告,錯誤報告包括下面內容:\n- 程式版本\n- 作業系統版本\n- CPU類型\n- 錯誤分類\n- 驅動名稱和版本\n- 系統調用堆疊\n\n如果您選擇“是”,下面的 URL 網址(包含錯誤報告)將會在您的默認流覽器中打開。 - 您希望把上述錯誤報告發送給我們嗎? - 加密(&E) - 解密(&D) - &永久解密 - 退出 - 請為該擴展分區創建一個邏輯分區,然後再試。 - VeraCrypt 加密卷可以存在於一個檔之中(叫作 VeraCrypt 容器),這個容器檔可以存在於硬碟上,或位於 USB 快閃記憶體上,等等。VeraCrypt 加密盤就象一個普通檔(例如,可以象任何普通檔一樣被移動、複製、刪除)。點擊 '選擇檔' 按鈕為容器檔選擇一個檔案名和它的保存位置。\n\n警告:如果您選擇了一個已經存在的檔,VeraCrypt 並不會加密它,該檔將會被刪除並會被新創建的 VeraCrypt 容器檔所覆蓋。您可以通過把檔複製到即將創建的 VeraCrypt 加密容器裏面去,來實現對相應檔的加密。 - 選擇要創建的外層加密卷的位置(稍後將在此加密卷裏面創建隱藏加密卷)。\n\n一個 VeraCrypt 加密卷可以存在於一個檔之中(也可叫作 VeraCrypt 容器),這個加密盤檔可以存放在硬碟上,或位於 USB 快閃記憶體上,等等。VeraCrypt 容器可以象任何普通檔一樣被移動、複製、和刪除。點擊 '選擇檔' 按鈕為容器檔選擇一個檔案名和它的保存位置。如果您選擇了一個已經存在的檔,VeraCrypt 並不會加密它,該檔將會被刪除並會被新創建的 VeraCrypt 加密容器所覆蓋。您可以通過把檔複製到即將創建的 VeraCrypt 加密容器裏面去,來實現對相應檔的加密。 - 設備類 VeraCrypt 加密卷可以創建於硬碟分區、固態硬碟、USB 快閃記憶體、以及其他存儲設備上。分區也可以就地加密。\n\n除此之外,設備類加密卷也可以在不包含任何分區的設備中創建(包括硬碟以及固態設備)。\n\n注意:包含多個分區的設備,只有在此分區為 Windows 安裝和啟動分區時,才可以就地整盤加密(使用單一密鑰)。\n\n警告:如果您加密整個分區或設備,所有當前存儲於這個分區或設備上的資料將會被徹底擦除(僅在加密系統啟動分區/驅動器時該分區上的資料才不會被破壞)。 - 設備類的 VeraCrypt 加密卷可以在硬碟分區、固態驅動器、USB 快閃記憶體,以及其他存儲設備中創建。\n\n警告:分區/設備 將會被格式化並且存儲在其上的所有資料都將會丟失。 - \n選擇 VeraCrypt 外層加密卷的位置(您想要在這個加密卷裏創建隱藏加密卷)。\n\n外層加密卷可以創建於硬碟分區、固態硬碟、USB 快閃記憶體、以及其他存儲設備上。外層加密卷也可以在不包含任何分區的設備中創建(包括硬碟以及固態設備)。\n\n警告:該分區/設備將被格式化,所有當前存儲於這個分區或設備上的資料將會丟失。 - 選擇 VeraCrypt 外層加密卷的位置(您想要在這個加密卷裏創建隱藏加密卷)。 - 警告:外層加密卷或設備正在使用中!\n\n忽略這些可能會導致非期望的錯誤,包括系統不穩定。 您在載入加密卷前應當關閉所有可能使用該外層加密卷或設備的應用程式(例如殺毒軟體或備份程式)。\n\n繼續載入嗎? - 錯誤:無法載入加密卷。外層加密卷或設備正在使用中。不使用獨佔許可權的載入嘗試也同樣失敗。 - 檔不能被打開。 - 加密卷位置 - 大文件 - 您想要在此 VeraCrypt 加密卷中存儲大於 4 GB 的檔嗎? - 根據您在前面的選擇,VeraCrypt 將為加密卷選擇一個合適的檔系統格式(您可以在下一步選擇檔系統類型)。 - 當您創建外層加密卷的時候,您應當考慮選擇 '否'。如果您選擇 '是',默認的檔系統將會是 NTFS,NTFS 不如 FAT 檔系統那樣適合於創建外層加密卷(例如,如果外層加密卷為 FAT 格式,可以創建的隱藏加密卷的最大容量比NTFS外層加密卷那個創建的隱藏加密卷要大很多)。通常情況下,FAT 格式為隱藏加密卷和常規加密卷的默認格式(因此創建 FAT 加密卷並無太多疑慮)。然而,如果用戶計畫在加密卷中存儲大於 4 GB 的檔(FAT檔系統不支援),那麼 FAT 系統則不是默認的格式。 - 您確認要選擇 '是' 嗎? - 加密卷創建模式 - 這是創建分區類型或設備類型加密卷的最快方式(就地加密,是另外一種選項,速度比此種方式要慢,這是因為就地加密時每個磁區的內容都需要首先讀取、加密,之後再寫入)。任何當前存儲在選擇的分區/設備上的資料都會丟失(這些資料並不會被加密,它們將會被亂數據覆蓋)。如果您想加密一個分區中的現有資料,請選擇其他的選項。 - 整個選定的分區以及位於該分區上的資料將會被就地加密。如果分區裏面沒有內容,您應當選擇其他的選項(以使加密卷創建速度更快)。 - 注意: - 繼續(&R) - 推遲(&D) - 開始(&S) - 繼續(&C) - 格式化(&F) - 擦除(&W) - 放棄格式化嗎? - 顯示更多資訊 - 不再顯示 - 設備/分區 的內容已被成功擦除。 - 原始作業系統(隱形作業系統克隆時的系統來源)分區的內容已被成功擦除。 - 請確認您將要安裝的 Windows 版本(位於已擦除分區)與您正在運行的 Windows 版本相同。這點是必須的,這是因為兩個系統會共用同一公用啟動分區。 - 該系統分區/驅動器已經被成功加密。\n\n注意:如果存在您需要在 Windows 啟動時自動載入非系統 VeraCrypt 加密卷,您可以載入它們並隨後設置其為系統收藏加密卷,步驟:選擇 '收藏' > 保存已載入的加密卷為系統收藏加密卷')。 - 該系統分區/驅動器已經被成功解密。 - \n\nVeraCrypt 加密卷已被創建並準備就緒。要創建另外的 VeraCrypt 加密卷,請單擊“下一步”,否則請單擊“退出”按鈕。 - \n\n隱藏的 VeraCrypt 加密卷已成功創建(隱形作業系統將包含在這個隱藏加密卷之內)。\n\n單擊 '下一步' 按鈕繼續。 - 該卷已被成功加密 - Volume Fully Decrypted - 重要:要載入這個新建的 VERACRYPT 加密卷和訪問存儲於其中的資料,在 VERACRYPT 視窗中點擊 '自動載入設備'。在您輸入正確密碼之後(和/或 提供正確的密鑰檔),加密卷將會以您在 VERACRYPT 列表中選擇的盤符載入(您也將能夠以該盤符訪問加密資料)。\n\n【請記住或寫下上述步驟】。您在希望載入這個加密卷和訪問其中的資料時必須遵循上述步驟。另外一種方式是在 VeraCrypt 主視窗,點擊 '選擇設備',之後選擇此 分區/設備,之後點 '載入'。\n\n此分區/設備 已被成功加密(選擇包含完全加密的 VeraCrypt 卷)並為使用準備就緒。 - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCrypt 加密卷已成功創建。 - 加密卷已創建 - 重要:請在此視窗內隨機移動滑鼠,移動時間越長越好。這將會顯著增加密鑰的加密強度。之後點擊“格式化”按鈕創建加密卷。 - 點擊“格式化”按鈕創建外層的加密卷。如若獲得更多資訊,請參考軟體文檔。 - 外層加密卷格式化 - 隱藏加密卷格式化 - 加密卷格式化 - 如要顯示或列印 VeraCrypt 用戶指南需要使用 Adobe Acrobat Reader(或與其相容的工具)。\n\nAdobe Reader(免費軟體)下載位址: www.adobe.com\n\n您想要線上查看這個文檔嗎? - 如果您選擇此選項,嚮導將會首先幫助您創建一個普通的 VeraCrypt 加密卷,隨後會繼續在這個普通的加密卷裏面創建一個隱藏的 VeraCrypt 加密卷。非熟練用戶應當選擇這個選項來創建隱藏加密卷。 - 如果您選擇此選項,您將會在已有的 VeraCrypt 加密卷內創建一個隱藏的 VeraCrypt 加密卷。這裏假設您已經創建好了適合於創建隱藏 VeraCrypt 加密卷的 VeraCrypt 外層加密卷。 - 加密卷創建模式 - 隱藏加密卷已創建 - 該隱藏的 VeraCrypt 加密卷已成功創建並可以立即使用。如果“VeraCrypt User's Guide”(Veracrypt 用戶指南)的"Security Precautions Pertaining to Hidden Volumes"章節中的措施都被遵循,即使當外層加密卷被載入,也不可能證明存在隱藏加密卷。\n\n警告:如果您沒有保護隱藏加密卷(保護的做法參考 VeraCrypt 用戶指南的"PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE"章節),請不要向外層加密卷寫入資料。否則您可能會覆蓋或損壞隱藏隱藏加密卷! - 您已經啟動了一個隱形作業系統。可能您已經注意到了,隱形作業系統看起來是安裝到原始作業系統所在的分區。然而,實際上,隱形系統是安裝到系統分區後面的分區上的(安裝在隱藏加密卷中)。所有的讀寫操作將會從系統分區中透明的重定向到隱藏加密卷裏面。\n\n作業系統本身和系統中的程式均不知道從系統分區中讀寫的資料實際上是從系統分區後面的分區中讀寫的(讀/寫到隱藏加密卷)。任何這樣的資料都是同樣即時加解密的(使用與即將創建的迷惑作業系統不同的加密鑰)。\n\n\n請單擊 '下一步' 按鈕繼續。 - 外層加密卷已成功創建並作為 %hc:驅動器載入。對這個外層加密卷,現在您應複製一些您不是真正要隱藏的貌似敏感的文件。這是為了對付那些強迫您給出系統分區後面那個分區密碼的人的,這個分區可能包含外層加密卷和隱藏加密卷(以及其中的隱形作業系統)。您可以洩漏這個外層加密卷的密碼,而此時沒有任何跡象可以識別存在隱藏加密卷(以及隱形作業系統)。\n\n重要:您複製到外層加密卷中的檔佔用的空間不應當超過 %s。否則,可能沒有足夠的自由空間來創建隱藏加密卷(此時您將無法繼續後續操作)。在您複製完成之後,請點擊 '下一步'(不要卸載加密卷)。 - 外層加密卷已成功創建並作為 %hc:驅動器載入。對這個加密卷,現在您應複製一些您不是真正要隱藏的貌似敏感的文件。這是讓那些強迫您洩漏密碼的人能看到的檔。您將僅對這個外層加密卷洩漏密碼,而不要洩漏給他們隱藏加密卷的密碼。您真正要保護的檔將被存儲在稍候創建的隱藏加密卷裏。當您完成複製後,請單擊"下一步",並且不要卸載此加密卷。\n\n注意:單擊“下一步”後,將進行簇狀圖掃描來確定連續的自由空間大小,此自由空間的尾部與加密卷尾部一致。該空間將提供用來創建隱藏加密卷同時也是隱藏加密卷的最大容量。簇狀圖掃描能夠保證外層加密中卷的資料不會被隱藏卷覆蓋。 - 外層加密卷內容 - \n\n在下一步您將要為外層加密卷(在其內將創建隱藏加密卷)調整其選項。 - \n\n在下一步,您將在系統分區後面的那個分區創建一個所謂的 VeraCrypt 外層加密卷(這在前面步驟已經有具體說明)。 - 外層加密卷 - 在下麵步驟裏,您將設置隱藏加密卷的選項和密碼,這個隱藏加密卷裏面將會包含隱形系統。\n\n注解:外層加密卷簇狀圖掃描已完成,以確定外層加密卷尾部開始的未受干擾的自由空間。該區域將容納隱藏加密卷,因此這將限制隱藏加密卷的最大尺寸。隱藏加密卷最大可能容量已被確定,已經確認大於系統分區的容量(這是必須的,因為整個系統分區的內容將被複製到隱藏加密卷中)。這也確保寫入隱藏加密卷的資料不會覆蓋儲存在外層加密卷的資料。 - 重要:請記住您在這個步驟所選擇的演算法。您在加密迷惑系統的時候也必須選擇這個演算法。否則將無法訪問隱形系統!(即迷惑系統和隱形系統必須使用同樣的加密演算法加密)。\n\n說明:原因是迷惑系統和隱形系統共用一個單一的啟動管理器,這個引導器目前只支援用戶選擇的單一演算法(對於每種演算法,都會對應一個特定的 VeraCrypt 啟動管理器版本)。 - \n\n外層加密卷簇狀圖掃描已完成,隱藏加密卷最大可能大小已被確定。在下一步裏您可以調整隱藏加密卷的選項、大小、和密碼。 - 隱藏加密卷 - 在外層加密卷卸載前隱藏加密卷將處於保護之中。\n\n警告:如果有資料試圖保存到隱藏加密卷區域,VeraCrypt 將會對整個加密卷(外層卷和隱藏卷)進行保護直到卸載。這會導致外層加密卷檔系統出錯,如若重複出現也會影響隱藏加密卷的隱蔽性。因此,您應當儘量避免寫入任何資料到隱藏加密卷區域。 任何保存到隱藏加密卷區域的資料將不被保存並且會丟失!Windows 可能會報告為寫入錯誤(“延遲寫入失敗”或者是“參數不正確”)。 - 在外層加密卷卸載前每一個隱藏加密卷將處於保護之中。\n\n警告:如果有資料試圖保存到任何隱藏加密卷區域,VeraCrypt 將會對整個加密卷(外層卷和隱藏卷)進行保護直到卸載。這會導致外層加密卷檔系統出錯,如果反復出現也會影響隱藏加密卷的隱蔽性。因此,您應當儘量避免寫入任何資料到隱藏加密卷區域。 任何保存到隱藏加密卷區域的資料將不被保存並且丟失! Windows 可能會報告為寫入錯誤(“延遲寫入失敗”或者是“參數不正確)。 - 警告:資料試圖保存到載入為 %c: 的加密卷的隱藏加密卷區域!VeraCrypt 已阻止這些資料的保存來保護隱藏加密卷。這會導致外層加密卷檔系統出錯。Windows 可能會報告為寫入錯誤(“延遲寫入失敗”或者是“參數不正確)。整個加密卷(外層卷和隱藏卷)將會被防寫到加密卷卸載為止。如果這不是 VeraCrypt 第一次阻止資料寫入到隱藏加密卷區域,這樣也會影響隱藏加密卷的隱蔽性(這是因為在外層加密卷檔系統可能存在反常的關聯錯亂)。因此,您應當考慮創建一個新的 VeraCrypt 加密卷(禁用快速格式化)並把此加密卷的資料移動到新加密卷裏面去;此加密卷應當被安全擦除(外層卷和隱藏卷)。我們強烈建議您現在重啟電腦。 - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - 安全起見,當隱形作業系統正在運行時,隱藏加密卷只能以 '直接' 模式創建(這是因為外層加密卷必須總是以唯讀方式載入)。\n\n要安全的創建隱藏加密卷,請遵循如下步驟:\n\n1)啟動到迷惑作業系統。\n\n2)創建一個常規 VeraCrypt 加密卷並複製一些你實際上並不想隱藏的貌似敏感的檔(該加密卷會作為外層加密卷)。\n\n3)啟動隱形作業系統並啟動 VeraCrypt 加密卷創建嚮導。如果這個加密卷是檔類型的,移動該加密卷到系統分區或者是其他隱藏加密卷中(否則,這個新創建的隱藏加密卷將會以唯讀方式載入並且不能被格式化)。按照嚮導的步驟進行並選擇 '直接' 模式創建隱藏加密卷。\n\n4)在嚮導中,選擇您在步驟 2 中創建的加密卷並遵循嚮導後面的步驟在這個加密卷之內創建隱藏加密卷。 - 安全起見,當隱形作業系統正在運行時,本地的非加密的檔系統和非隱藏 VeraCrypt 加密卷會以唯讀方式載入(沒有任何資料可以寫入這些檔系統或 VeraCrypt 加密卷)。\n\n而資料可以寫入到 VeraCrypt 隱藏加密卷中(假設隱藏加密卷的存儲容器並非位於非加密檔系統上或並非位於其他任何唯讀檔案系統上)。 - 採取這樣的限制措施有三種主要原因:\n\n- 可以為載入隱藏加密卷提供更安全的平臺。因此我們官方推薦僅在隱形作業系統運行的情況下載入隱藏加密卷。(更多資訊請參考文檔的 'Security Precautions Pertaining to Hidden Volumes' 部份)\n\n- 在某些情況下,有可能確定在某一時間,某一特定的檔系統(或者檔系統中特定的檔並未保存或訪問)並未在特定的作業系統的實例中載入(例如,通過分析和比較檔系統日誌、時間戳記、應用程式日誌、錯誤日誌等等)。這可能暗示電腦上安裝了隱形作業系統(譯者注:恢復備份的系統、或者重新安裝系統也會造成這種跡象,作者考慮的因素並不全面)。而這裏的措施則可以避免此類情況發生。\n\n- 能夠防止資料損壞和保證安全的使用系統休眠功能,這裏假設所有載入的檔系統在系統休眠的時候均為同一狀態。VeraCrypt 通過對任何迷惑系統和隱形系統裏面可以訪問的系統執行防寫來保證這點。如果沒有這樣的保護,當在一個系統中載入一個檔系統,而此檔系統在另外系統中為休眠狀態時,檔系統可能會被損壞。 - 注意:如果您要安全的從迷惑作業系統向隱形作業系統中傳送檔,請遵循以下步驟: 1)啟動迷惑作業系統。 2)保存這些檔到未加密的卷或者是 VeraCrypt 外層/常規加密卷。 3)啟動隱形作業系統。 4)如果是把檔保存到 VeraCrypt 加密卷,則載入這個加密卷(該加密卷會自動以唯讀模式載入)。 5)複製這些檔到隱行作業系統的分區或者是其他隱藏加密卷。 - 您的電腦必須重啟。\n\n您希望現在重啟電腦嗎? - 獲取系統加密狀態時出錯。 - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - 不能初始化用於系統加密的程式元件。 - 初始化亂數據生成器失敗! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - 無法初始化應用程式。註冊對話方塊類失敗。 - 錯誤:載入富文本編輯系統運行庫失敗。 - VeraCrypt 加密卷創建嚮導 - 該卷能創建的最大隱藏加密卷大小為 %.2f 位元組。 - 該卷能創建的最大隱藏加密卷大小為 %.2f KB。 - 該卷能創建的最大隱藏加密卷大小為 %.2f MB。 - 該卷能創建的最大隱藏加密卷大小為 %.2f GB。 - 該卷能創建的最大隱藏加密卷大小為 %.2f TB。 - 當此加密卷被載入時,加密卷密碼/密鑰檔無法被更改。 請首先卸載此加密卷。 - 當加密卷被載入時不能修改首密鑰衍生演算法。 請首先卸載加密卷。 - 載入(&M) - 需要新版本的 VeraCrypt 來載入此加密卷。 - 錯誤:未發現加密卷創建嚮導。\n\n請確認文件“VeraCrypt Format.exe”位於“VeraCrypt.exe”的目錄之中。如果不是 這樣,請重新安裝 VeraCrypt,或在磁片中定位“VeraCrypt Format.exe”並運行它。 - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - 下一步(&N) > - 完成(&F) - 安裝(&I) - 釋放(&X) - 不能連接到 VeraCrypt 設備驅動。如果設備驅動不能運行則 VeraCrypt 也無法正常工作。\n\n請注意,由於 Windows 系統問題,在能夠正常載入設備驅動前可能需要登出或者重啟電腦。 - 載入/準備字體時出錯。 - 驅動器盤符未發現或沒有指定驅動器盤符。 - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - 驅動器盤符不可用。 - 未選定文件! - 無可用驅動器盤符。 - 外層加密卷無可用盤符! 加密卷創建不能進行。 - 不能檢測到作業系統的版本,或您正在使用不被支援的作業系統。 - 未選定路徑! - 創建隱藏加密卷的自由空間不足! 加密卷創建不能繼續。 - 錯誤:您複製到外層加密卷的檔佔用的空間過多。因此,沒有足夠的空間創建隱藏加密卷。\n\n注意,隱藏加密卷的容量至少要大於系統分區(當前運行的系統所在的分區)的容量。原因是隱形作業系統需要把系統分區的內容完全複製到隱藏加密卷來創建。\n\n\n創建隱形作業系統的過程無法再繼續。 - 此驅動無法卸載這個加密卷。位於此加密卷上某些檔可能仍被打開。 - 無法鎖定此加密卷。此加密卷上仍有些檔被打開。因而也無法卸載。 - VeraCrypt 不能鎖定該加密卷,這是因為此加密卷正在被作業系統或者其他程式佔用(例如加密卷中有文件被打開)。\n\n您確認要強制卸載加密卷嗎? - 請選擇一個 VeraCrypt 加密卷 - 指定路徑和檔案名 - 選擇 PKCS #11 運行庫 - 記憶體不足 - 重要:我們強烈建議非熟練用戶在選定的分區/設備裏面建立檔類型的加密卷,而不是嘗試加密整個分區/驅動器。\n\n例如,當您創建一個 VeraCrypt 檔類型加密卷時(相對於加密整個分區/驅動器),則不存在毀壞大量的檔的風險。請注意,一個 VeraCrypt 的檔類型加密卷(儘管其包含虛擬的加密磁片)事實上就象任意一個普通的檔一樣。如若獲取更多資訊,請參考VeraCrypt User Guide中的 Beginner's Tutorial 章節。\n\n您確認要加密整個設備/分區嗎? - 警告:加密卷 '%s' 已存在!\n\n重要:VeraCrypt 並不會加密這個檔,而是會刪除這個檔。 您確定要刪除這個檔並用一個新的 VeraCrypt 加密卷來替換它嗎? - 務必小心:當前存儲在選擇的 %s '%s'%s 上的所有資料將會丟失(它們並不會被加密)!\n\n您一定要繼續格式化嗎? - 警告:您在加密卷完全加密前不能載入此加密卷或者訪問存儲於該卷上的任何檔。\n\n您確認要開始加密選擇的 %s '%s'%s 嗎? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - 警告:請注意如果在就地加密現有資料時突然斷電,或者在 VeraCrypt 就地加密現有資料時由於軟硬體故障而導致系統當機,有些資料可能會損壞或丟失。因此,在您開始加密前,請確認您已經備份了要加密的資料。\n\n您確認已經有這樣的備份了嗎? - 小心:任何存在於分區 '%s'%s(即位於系統分區後面的第一個分區)的檔將會因被擦除而丟失。(這些檔並不會被加密)!\n\n您確認要繼續格式化嗎? - 警告:選定的分區包含大量的資料!!!任何存儲於此分區上的檔將會被擦除(他們並不會被加密)! - 通過在分區內創建 VeraCrypt 加密卷擦除該分區上的任何文件 - 密碼 - PIM - 設置首密鑰衍生演算法 - 添加/移除 密鑰文件.. - 從加密卷中移除所有密鑰檔 - 密碼 和/或 密鑰檔已成功修改。\n\n重要:請確認您已經閱讀了用戶指南的'Security Requirements and Precautions'章節中的'Changing Passwords and Keyfiles'部分。 - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - 重要:如果您不銷毀 VeraCrypt 應急盤,您的系統分區/驅動器仍然可以通過使用舊密碼解密(通過啟動 VeraCrypt 應急盤和輸入舊密碼)。您應當創建一個新的 VeraCrypt 應急盤,之後並銷毀原來的應急盤。\n\n您希望創建一個新的 VeraCrypt 應急盤嗎? - 請注意,VeraCrypt 應急盤仍然使用著早期的加密演算法。如果您覺的先前的加密演算法不安全,您應當創建一個新的 VeraCrypt 應急盤,之後並銷毀原來的應急盤。\n\n您希望創建一個新的 VeraCrypt 應急盤嗎? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - 密鑰檔已成功添加/移除。 - Keyfile exported. - 首密鑰衍生演算法已成功設置。 - 請為您想要繼續就地加密的非系統分區輸入密碼 和/或 密鑰檔。\n\n\n注解:在您點擊 '下一步' 之後,VeraCrypt 將嘗試查找所有加密過程已被中斷的非系統分區(這些中斷加密的分區的 VeraCrypt 頭資訊可以使用提供的密碼 和/或 密鑰檔解密)。如果發現了多個此類的分區,您需要在下個步驟裏面選擇他們其中的一個。 - 請選擇下面列表中的一個加密卷。此列表包含所有加密被中斷非系統加密卷,它們的頭資訊可以使用提供的密碼 和/或 密鑰檔解密。 - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - 選擇一個安全的密碼非常重要。您應該避免選取能夠在字典中查到的簡單辭彙(或是2、3、4 這類字元組合)作為密碼,也不應包含任何名字或生日,同時也不應該容易被猜到。安全的密碼應當包含隨機的大小寫字元、數位、以及類似 @ ^ = $ * + 這樣的特殊字元。我們推薦使用大於 20 個字元的密碼(越長越好)。最大的密碼長度為 64 個字元。 - 請為隱藏加密卷選擇一個密碼。 - 請為隱形作業系統設置一個密碼(即隱藏加密卷的密碼)。 - 重要:您在本步驟中為隱形作業系統設置的密碼必須絕對不同於其他的兩個密碼(也就是要不同於外層加密卷的密碼和迷惑作業系統的密碼)。 - 請輸入外層加密卷的密碼(您將在該加密卷中創建隱藏加密卷)。\n\n在單擊“下一步”後,VeraCrypt 會嘗試載入此加密卷。一旦加密卷被載入,將進行簇狀圖掃描來確定連續的自由空間大小(如果有的話),此空間的尾部與加密卷尾部一致。該區域將提供給隱藏加密卷並因此會限制它的最大可能大小。簇狀圖掃描是必要的,這可以確保外層卷的資料不會被隱藏卷覆蓋。 - \n請選擇外層加密卷的密碼。在您被攻擊者強迫說出啟動驗證密碼的情況下,這個密碼可以告訴攻擊者。\n\n重要:您為外層加密卷選擇的密碼必須不同於隱藏加密卷的密碼。\n\n說明:密碼的最大長度為 64 個字元。 - 請選擇外層加密卷的密碼。在您被攻擊者強迫說出系統分區後面的第一個分區(外層加密卷和包含隱形作業系統的隱藏加密卷均位於這個分區)密碼的情況下,這個密碼可以告訴這些攻擊者。而隱藏加密卷和隱形作業系統仍然是安全的。需要注意的是,外層加密卷的密碼並不是迷惑作業系統的密碼。\n\n重要:您為迷惑作業系統選擇的密碼必須不同於隱藏加密卷的密碼(也就是隱形作業系統的密碼)。 - 外層加密卷密碼 - 隱藏加密卷密碼 - 隱形作業系統的密碼 - 警告:簡短密碼容易被使用 暴力破解技術破解!\n\n我們建議選擇一個超過 20 個字元的密碼。\n\n您確定要使用簡短密碼嗎? - 加密卷密碼 - 密碼不正確或不是 VeraCrypt 加密卷。 - 密鑰 和/或 密碼不正確或不是 VeraCrypt 加密卷。 - 錯誤的載入模式/密碼或不是 VeraCrypt 加密卷。 - 錯誤的載入模式,無效的密鑰檔 和/或 密碼,或者不是 VeraCrypt 加密卷。 - 密碼不正確或不是 VeraCrypt 加密卷。 - 密鑰 和/或 密碼不正確或不是 VeraCrypt 加密卷 - \n\n警告:Caps Lock 已經開啟。 這可能導致您密碼輸入錯誤。 - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - 如果您試圖保護包含隱形系統的隱藏加密卷,請確認輸入隱藏加密卷密碼時您正在使用標準的美國鍵盤佈局。這是因為這些密碼實在啟動驗證環境中輸入的,而此時非美國鍵盤佈局將無法使用。 - VeraCrypt 未發現加密過程被中斷的,同時頭資訊可以使用提供的密碼 和/或 密鑰檔解密的非系統分區。\n\n請確認密碼 和/或 密鑰檔是正確的,並且確認此 分區/卷 並未被作業系統或其他程式(也包含殺毒軟體)佔用。 - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\n注意:如果您試圖載入不帶有啟動驗證的加密系統驅動器中的分區,或者是載入沒有運行的加密系統分區,您可以通過選擇 '系統' > '以非啟動驗證方式載入'。 - 在此模式下,您不能載入此驅動器上的分區(該驅動器的部分內容處於當前活動加密系統的關鍵範圍)。\n\n要想以此模式載入此分區,您需要先啟動到安裝在不同驅動器上的作業系統(與該系統是否加密無關),或者是先啟動一個未加密的作業系統。 - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < 後退(&B) - 不能列表安裝在系統上的 raw 設備! - 加密卷 '%s' 存在,並且是唯讀的。您確定要替換它嗎? - 選擇目標目錄 - 選擇密鑰檔 - 選擇密鑰檔的搜索路徑。警告:注意,記憶的只是路徑,而不會記憶檔案名! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Serpent 為與 AES 競爭演算法中的一種。設計者為 Ross Anderson、Eli Biham、和 Lars Knudsen。發表於 1998 年。256 位密鑰,128 位元資料塊,操作模式為 XTS。 - 請指定要創建的加密卷的大小。\n\n如果您打算創建一個動態的(稀疏檔)容器,該參數對應於該容器的最大容量。\n\n注意:最小的 FAT 加密卷大小為 292 KB。最小的 NTFS 加密卷大小為 3792 KB。 - 請指定要創建的外層加密卷的大小(隨後將在其內創建隱藏加密卷)。包含隱藏卷的外層加密卷最小可能容量為 340 KB。 - 請指定要創建的隱藏加密卷的大小。隱藏加密卷的最小可能大小為 40 KB(格式化為NTFS時為 3664 KB)。最小可能的 NTFS 加密卷大小為 2829 KB。您可以指定加密卷的最大容量如上面所示。 - 外層加密卷大小 - 隱藏加密卷大小 - 請在確認選定的 分區/設備 的容量正確無誤後單擊“下一步”。 - 外層加密卷和隱藏加密卷(包含隱形作業系統)將存在於上面分區。\n\n請確認上面顯示的分區大小和數值是正確的,如果正確,請點擊 '下一步'。 - \n\n注意:如若在其內創建隱藏加密卷,則外層加密卷最小可能大小為 340 KB。 - 加密卷大小 - 動態卷 - 小心:自檢失敗! - 全部演算法自檢通過 - 您提供的資料單元數值太長或太短。 - 您提供的次密鑰太長或太短。 - 您提供的測試加密文本太長或太短。 - 您提供的測試密鑰太長或太短。 - 您提供的測試明碼文本太長或太短。 - 在 XTS 模式的層疊操作中需要兩個密碼。每個塊首先使用 %s(%d 位密鑰),之後使用 %s(%d 位密鑰加密。每個密碼使用其各自的密鑰。所有的密鑰均各自獨立。 - 在 XTS 模式的層疊操作中需要 3 個密碼。每個塊首先以 %s(%d 位密鑰)加密,然後以 %s(%d 位密鑰)加密,最後以 %s(%d 位密鑰)加密。每個密碼均使用各自的密鑰。所有的密鑰均彼此獨立。 - 需要注意的是,依賴於作業系統配置,這些自動運行和自動載入功能可能僅當便攜磁片檔創建在非可讀寫 CD/DVD 類介質時才能使用。同樣也要注意這並不是 VeraCrypt 程式設計缺陷(而是 Windows 系統的限制)。 - VeraCrypt 便攜磁片已被成功創建。\n\n注意:您必須具有系統管理員身份才能以便攜模式運行 VeraCrypt。同時也要注意儘管以便攜模式運行 VeraCrypt,也可能能夠從註冊表中被檢測到曾經運行過 VeraCrypt。 - VeraCrypt 便攜磁片 - 設計者:Bruce Schneie、John Kelsey、Doug Whiting、David Wagner、Chris Hall、Niels Ferguson。發表於 1998 年。256 位密鑰,128 位元塊,操作模式為 XTS。Twofish 為 AES 競爭演算法中的一種。 - 關於 %s 的更多資訊(聯網) - 未知 - 發生未預期的或未知錯誤(%d)。 - 一些加密卷包含的檔或檔夾 正被應用程式或系統使用。\n\n強行卸載嗎? - 卸載(&D) - 卸載失敗! - 加密卷包含的檔或檔夾 被應用程式或系統使用。\n\n強行卸載嗎? - No volume is mounted to the specified drive letter. - 您試圖要載入的加密卷早已被載入。 - 試圖載入加密卷時出錯。 - 在加密卷裏定址時出錯。 - 錯誤:錯誤的加密卷大小. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - 動態的容器是一個預先分配的 NTFS 稀疏檔,它的物理大小(實際磁碟空間佔用)在有新資料添加到裏面的時候才會增加。\n\n警告: 稀疏檔基礎的加密卷性能比常規加密卷的性能有較大降低。稀疏檔基礎的加密卷的安全性也要弱些-因為它有可能洩漏哪些加密卷磁區未被使用的情況。另外,稀疏檔基礎的加密卷無法實現隱蔽性(容納一個隱藏加密卷)。同時需要注意到是如果資料被寫入到稀疏檔基礎的加密卷,而此時主機檔系統剩餘空間不足,加密的檔系統可能會損壞。\n\n您確認要創建稀疏檔基礎的加密卷嗎? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt 不能修改外層加密卷的密碼。 - 請從列表中選擇一個未被佔用的驅動器盤符。 - 請在驅動器列表中選擇一個已載入的加密卷。 - 當前選擇了兩個已載入的加密卷(一個位於盤符列表中,另外一個位於列表下面的文本輸入框中)。\n\n請選擇您要選擇的加密卷: - 錯誤:不能創建 autorun.inf - 處理密鑰文件時出錯! - 處理密鑰檔路徑時出錯! - 密鑰檔路徑不包含檔。\n\n請注意,在密鑰檔搜索路徑中發現的該檔夾(以及其中包含的檔)已被忽略。 - VeraCrypt 不支援此作業系統。 - 錯誤:VeraCrypt 僅支援穩定的作業系統版本(不支援 beta 版和 RC 版)。 - 錯誤:不能分配記憶體。 - 錯誤:不能恢復性能計數器的值。 - 錯誤:錯誤的加密卷格式。 - 錯誤:您提供了一個隱藏加密卷的密碼(而不是常規加密卷的密碼)。 - 安全起見,隱藏加密卷不能在帶有就地加密檔系統的 VeraCrypt 加密卷中創建(這是因為該卷上的自由空間沒有填充亂數據) - VeraCrypt - 法律提示 - 所有檔 - VeraCrypt 加密卷 - 運行庫模組 - NTFS 格式化不能繼續。 - 不能載入加密卷。 - 不能卸載加密卷。 - 格式化成 NTFS 磁片格式時失敗。\n\n請選擇不同的檔系統格式(如果可能的話)再嘗試一次。此外,您可以保留該卷為未格式化卷(檔系統選擇為 '無' ),退出嚮導,載入這個加密卷,然後再使用系統或第三方工具格式化這個已經載入的加密卷(該載入的卷仍然為加密狀態)。 - Windows 格式化加密卷為 NTFS 時失敗。\n\n您希望格式化為 FAT 檔系統嗎? - 默認 - 分區 - 分區 - 設備 - 設備 - 設備 - 加密卷 - 加密卷 - 加密卷 - 標籤 - 相對加密卷大小而言,選擇的簇大小太小。 將替代使用大一些的簇大小。 - 錯誤:不能獲取加密卷大小資訊!\n\n請確認選擇的加密卷未被系統或 其他程式使用。 - 隱藏加密卷不能創建於動態(稀疏檔)的外層卷中。要達到足夠的隱蔽性,隱藏加密卷應當在非動態加密卷中創建。 - VeraCrypt 加密卷創建嚮導只能在 FAT 或 NTFS 加密卷內創建隱藏加密卷。 - 在 Windows 2000 系統裏,VeraCrypt 加密卷創建嚮導只能在 FAT 加密卷裏面創建隱藏加密卷。 - 注意:FAT 檔系統比 NTFS 檔系統更適合作為外層加密卷(例如,如果外層加密卷被格式化為 FAT 格式,能夠創建的隱藏加密卷的大小可能會更大一些)。 - 注意:FAT 檔系統比 NTFS 檔系統更適合作為外層加密卷(例如,如果外層加密卷被格式化為 FAT 格式,能夠創建的隱藏加密卷的大小可能會更大一些)(原因是 NTFS 檔系統總是在卷的中部存儲內部資料,因此,隱藏加密卷只能創建在外層加密卷的後半部分)。\n\n您確認要繼續格式化外層為 NTFS 格式嗎? - 您想要把加密卷格式化為 FAT 格式嗎? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - 錯誤:隱形作業系統的分區(也就是系統分區後面的第一個分區)必須至少比系統分區大 5%(系統分區就是當前運行的作業系統所在的分區)。 - 錯誤:隱形作業系統的分區(也就是系統分區後面的第一個分區)必須至少比系統分區大 110%(2.1 倍)(系統分區就是當前運行的作業系統所在的分區)。原因是 NTFS 檔系統總是在卷的中部存儲內部資料,因此,隱藏加密卷只能創建在外層加密卷的後半部分。 - 錯誤:如果外層加密卷被格式化為 NTFS,則它必須至少比系統分區大 110%(2.1 倍)。原因是 NTFS 檔系統總是在卷的中部存儲內部資料,因此,隱藏加密卷只能創建在外層加密卷的後半部分。\n\n說明:外層加密卷需和隱形作業系統位於同一分區(即位於系統分區後面的第一個分區)。 - 錯誤:在系統分區後面沒有其他分區。\n\n注意,在您創建隱形作業系統之前,您需要在此系統驅動器上創建一個分區。該分區必須是系統分區後的第一個分區,並且必須至少比系統分區大 5%(系統分區就是當前運行的作業系統所在的分區)。然而,如果外層加密卷(不要與系統分區混淆)被格式化為 NTFS 格式,則該分區必須至少比系統分區大 110%(2.1 倍)(原因是 NTFS 檔系統總是在卷的中部存儲內部資料,因此,包含系統克隆的隱藏加密卷只能創建在外層加密卷的後半部分)。 - 注釋:同時在單一分區的 VeraCrypt 外層和隱藏加密卷裏面創建兩個系統並不可行(因此也不被支援)。因為使用外層作業系統會經常要求寫入資料到隱形作業系統所在區域(如果使用隱藏加密卷保護機制,也會因此而帶來系統崩潰,即藍屏錯誤)。 - 關於創建和管理分區的更多資訊,請參考您的作業系統所提供的文檔,或者聯繫您的電腦提供商以獲取技術支援。 - 錯誤:當前運行的作業系統並未安裝到啟動分區(第一個作用/啟動的分區)。目前不支援此情況。 - 您已經表明了要在加密卷裏面存放大於 4GB 的文件。然而,您選擇了 FAT 檔系統,此系統無法存儲大於 4 GB 的檔。\n\n您確認要格式化該卷為 FAT 格式嗎? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - 錯誤:不能訪問加密卷!\n\n請確認選擇的加密卷存在,並且該加密卷並未由系統或其他程式使用,同時該卷未被防寫,並且你具有對該卷的讀寫許可權,並且確認該卷未被防寫。 - Error: Cannot obtain volume properties. - 錯誤:不能訪問該卷 和/或 獲取該卷的資訊。\n\n請確認該卷存在,並且未被作業系統或其他程式佔用,以及您具有對該卷的讀寫許可權,同時還要保證該卷未被防寫。 - 錯誤:不能訪問該卷 和/或 獲取該卷的資訊。請確認選擇的卷存在,並且未被作業系統或其他程式佔用,以及您具有對該卷的讀寫許可權,同時還要保證該卷未被防寫。\n\n如果此問題仍然存在,遵循以下步驟可能有所幫助。 - 發生了一個錯誤,VeraCrypt 無法加密分區。請嘗試修復任何前面報告的問題之後再次嘗試。如果此問題依然存在,遵循以下步驟可能有所幫助。 - 發生了一個錯誤,VeraCrypt 無法繼續加密分區的過程。\n\n請嘗試修復任何前面報告的問題之後再次嘗試加密過程。注意:該卷在完全加密前將無法載入。 - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - 錯誤:不能卸載外層加密卷!\n\n如果加密卷中的檔或檔夾被程式或被 系統使用,則該加密卷不能被鎖定。\n\n請關閉任何可能使用加密卷上檔或目錄 的程式,然後再點擊“重試”。 - 錯誤:不能獲取外層加密卷的資訊! 加密卷創建不能繼續。 - 錯誤:不能訪問外層加密卷! 加密卷創建不能繼續。 - 錯誤:不能載入外層加密卷! 加密卷創建不能繼續。 - 錯誤:不能獲取加密卷簇狀圖! 加密卷創建不能繼續。 - 按字母順序 - 按平均速度(遞減) - 演算法 - 加密 - 解密 - 平均 - 盤符 - 大小 - 加密演算法 - 加密演算法 - 類型 - - 屬性 - 位置 - 位元組 - 隱藏 - 外層 - 常規 - 系統 - 隱藏(系統) - 唯讀 - 系統驅動器 - 系統驅動器(正在加密 - %.2f%% 已完成) - 系統驅動器(正在解密 - %.2f%% 已完成) - 系統驅動器(%.2f%% 已加密) - 系統分區 - 隱形作業系統 - 系統分區(正在加密 - %.2f%% 已完成) - 系統分區(正在解密 - %.2f%% 已完成) - 系統分區(%.2f%% 已加密) - 是(防止損壞!) - - 主密鑰大小 - 次密鑰大小(XTS 模式) - 調整密鑰大小(LRW 模式) - - 塊大小 - PKCS-5 PRF - PKCS-5 迭代次數 - 加密卷創建時間 - 頭資訊上次修改時間 - (%I64d 天前) - 加密卷格式版本 - 內嵌的備份頭信息 - VeraCrypt 啟動管理器版本 - 首個可用的 - 移動硬碟 - 硬碟 - 不改變 - Autodetection - 嚮導模式 - 請選擇一種安裝模式,如果不確認,請使用默認模式。 - 如果您想安裝 VeraCrypt 到當前系統,請選擇此選項。 - 注意:即使在系統分區/設備已加密的情況下,或者您正在使用隱形系統的情況下,您也可以執行更新而無需解密. - 如果您選擇該選項,所有檔都會被從安裝包中釋放出來,但是不會向系統中安裝任何檔。如果您計畫加密 Windows 系統分區或系統驅動器,請不要選擇此選項。選擇此選項有時會比較有用,例如,你希望以便攜模式運行 VeraCrypt。VeraCrypt 不一定要必須安裝到系統中。在所有檔釋放後,你可以直接運行釋放後的 'VeraCrypt.exe' 檔(這時 VeraCrypt 會以便攜模式運行)。您也可以把釋放後的檔複製到其他電腦。 - 安裝選項 - 這裏您可以設置控制安裝過程的不同選項。 - 正在安裝 - VeraCrypt 正在安裝,請稍候。 - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - 釋放選項 - 您可以在這裏設置控制釋放過程的不同選項。 - 正在釋放檔,請稍候。 - Files successfully extracted - 所有檔已經被成功釋放到目標檔夾。 - 如果指定檔夾,將會自動創建該檔夾。 - VeraCrypt 程式檔將會更新到 VeraCrypt 的安裝位置。如果您需要選擇一個不同的位置,請先卸載當前安裝的 VeraCrypt 。 - 您想聯網查看當前版本的 VeraCrypt 的發行說明嗎? - 如果您以前從未沒有使用過 VeraCrypt,我們推薦您先閱讀“VeraCrypt User Guide”文檔中的“Beginner's Tutorial”章節。您想要查看用戶指南嗎(聯網)? - 請從下面選項中選擇要執行的操作: - 修復/重新安裝 - 更新 - 卸載 - 要成功安裝或卸載 VeraCrypt,您必須具有系統管理員許可權。您確認要繼續嗎? - VeraCrypt 安裝程式正在執行 VeraCrypt 的安裝或更新。在您繼續進行前,請等待其完成或者關閉它。如果您無法關閉它,請在繼續之前重啟電腦。 - 安裝失敗。 - 卸載失敗。 - 該安裝包已經損壞。請嘗試重新下載安裝包(優先建議從 VeraCrypt 官方網站 https://veracrypt.codeplex.com 下載)。 - 不能寫入檔 %s - 正在釋放 - 不能從安裝包中讀取資料 - 不能驗證安裝包的完整性。 - 釋放失敗。 - 安裝已經回滾。 - VeraCrypt 已成功安裝。 - VeraCrypt 已經成功更新。 - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt 已成功卸載。\n\n單擊 '完成' 按鈕來移除 VeraCrypt 安裝程式和檔夾 %s。注意:如果該檔夾中含有非安裝程式創建的檔,則該檔夾不會被移除。 - 正在移除 VeraCrypt 註冊表專案。 - 正在添加註冊表專案 - 正在刪除程式相關資料 - 正在安裝 - 正在停止 - 正在刪除 - 添加圖示 - 創建系統還原點 - 創建系統還原點失敗! - 正在更新啟動管理器 - 安裝 '%s' 失敗。 %s 您想要繼續安裝嗎? - 卸載 '%s' 失敗。 %s 您想要繼續卸載嗎? - 安裝完畢。 - 檔夾 '%s' 不能被創建 - 不能卸載 VeraCrypt 設備驅動。\n\n請首先關閉所有打開的 VeraCrypt 視窗。如果這樣仍然不起作用,請重啟電腦然後再試一次。 - 在安裝或者卸載 VeraCrypt 之前必須先要卸載所有的 VeraCrypt 加密卷。 - 當前系統已經安裝了一份不同版本的 VeraCrypt。在安裝新版本前需要卸載舊版本的 VeraCrypt。\n\n在您關閉此對話方塊之後,將會載入舊版本的卸載程式。在卸載的過程中將不會執行任何加密分區的解密操作。在卸載舊版本的 VeraCrypt 之後,請再次運行新版 VeraCrypt 的安裝程式。 - 安裝註冊表項目失敗 - 安裝設備驅動失敗。請重啟電腦後再嘗試安裝 TrueCryp。 - 正在啟動 VeraCrypt 設備驅動 - 卸載設備驅動失敗。請注意,由於 Windows 系統問題,在設置驅動能夠繼續卸載或重新安裝前可能需要登出或者重啟系統。 - 正在安裝 VeraCrypt 設備驅動 - 正在停止 VeraCrypt 設備驅動 - 正在卸載 VeraCrypt 設備驅動 - 註冊用戶帳戶控制支援運行庫失敗。 - 取消用戶帳戶支援運行庫失敗。 - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - 注意:如果您決定以便攜方式運行 VeraCrypt(不同於安裝後運行 VeraCrypt),系統會在您每次嘗試運行 VeraCrypt 的時候詢問您運行 VeraCrypt 的許可權(UAC 提示)。\n\n原因是您以便攜模式運行 VeraCrypt 時,VeraCrypt需要載入和運行 VeraCrypt 設備驅動。VeraCrypt 需要此設備驅提供透明即時加解密,並且不具有管理員許可權的用戶在 Windows 中將不能啟動設備驅動。因此,系統將會要求您使用管理器特權運行 VeraCrypt 的許可權(UAC 提示)。\n\n說明:如果您在系統中安裝了 VeraCrypt,系統在每次啟動 VeraCrypt 時將不會詢問運行許可權(無 UAC 提示)。\n\n您確認要釋放這些檔嗎? - 警告:這個加密卷創建嚮導的實例具有管理員許可權。\n\n您新建的加密卷可能許可為載入時不允許向該卷寫入資料。如果要避免這種情況發生,請關閉加密卷嚮導的實例並在非管理員許可權下載入新的嚮導。\n\n您要關閉這個加密卷創建嚮導的實例嗎? a - 錯誤:不能顯示授權許可。 - 外層(!) - - 小時 - 分鐘 - - 打開 - 卸載 - 顯示 VeraCrypt - 隱藏 VeraCrypt - 載入後讀取的數據 - 載入後寫入的資料 - 加密部分 - 100%(完全加密) - 0%(未加密) - %.3f%% - 100% - 正在等待 - 正在準備 - 正在改變大小 - 正在加密 - 正在解密 - 正在完成 - 已暫停 - 已完成 - 錯誤 - 設備已斷開 - 系統收藏加密卷已保存。\n\n要想在系統啟動時載入系統收藏加密卷,請選擇 '設置' > '系統收藏加密卷' > '當 Windows 啟動時載入系統收藏加密卷'。 - 您添加收藏的既不是分區也不是動態卷。因此,如果設備號發生改變,VeraCrypt 將不能載入此收藏卷。 - 您添加收藏的卷不是 Windows 能夠識別的分區。\n\n因此,如果設備號發生改變,VeraCrypt 將不能載入此收藏卷。請設置分區的類型為 Windows 系統所能夠識別的類型(使用Windows 'diskpart' 工具的 SETID 命令)。之後再添加此分區到收藏。 - VeraCrypt 後臺任務已被禁用,或者它被配置為在沒有加密卷被載入時退出(或者 VeraCrypt 正在以便攜模式運行)。當含有這些加密卷的設備連接到電腦的時候,後臺服務被禁用可能會阻止您的收藏加密卷被自動載入。\n\n說明:要啟用 VeraCrypt 後臺任務,選擇〖 設置 > 參數〗之後勾選 'VeraCrypt 後臺任務' 部份的 '啟用' 核取方塊。 - 當含有這些加密卷的設備連接到電腦的時候,存儲於共用網路上的遠端檔系統的加密容器不能被自動載入。 - 下面顯示的設備既不是分區也不是動態卷。因此,當設備連接到電腦的時候,存儲於這些設備中的加密卷將不能被自動載入。 - 請設置下面顯示的分區的類型為 Windows 系統所能夠識別的類型(使用Windows 'diskpart' 工具的 SETID 命令)。之後從收藏中移除該分區並隨後再次添加它。這可以使設備連接時,包含於其中的加密卷可以被 VeraCrypt 自動載入。 - 下面顯示的設備既不是分區也不是動態卷。因此,不會賦予它們標籤。 - 請設置下面顯示的分區的類型為 Windows 系統所能夠識別的類型(使用Windows 'diskpart' 工具的 SETID 命令)。之後從收藏中移除該分區並隨後再次添加它。這可以使 VeraCrypt 能夠賦予盤符給這個分區。 - 由於 Windows 系統的限制,在網路上共用的遠端檔系統上的加密容器不能被載入為系統收藏加密卷(然而,它可以在用戶登錄時被載入為普通的收藏加密卷)。 - 為 %s 輸入密碼 - 為 '%s' 輸入密碼 - 輸入常規外層加密卷的密碼 - 輸入隱藏加密卷的密碼 - 輸入存儲在備份檔案中的加密卷頭的密碼 - 密鑰檔已成功創建。 - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - 警告:加密卷頭資訊已經損壞!VeraCrypt 將自動使用內嵌在加密卷中的頭資訊備份。\n\n您應當通過選擇 '工具' > '恢復加密卷頭資訊' 來修復頭資訊。 - 加密卷頭資訊備份已經成功創建。\n\n重要:使用恢復功能恢復時也會恢復當前加密卷的密碼。另外,如果創建加密卷的時候使用了密鑰檔,恢復後也需要同樣的密鑰檔來打開加密卷。\n\n警告:該加密卷頭資訊備份只能用在這個提供備份的加密卷上。如果你把該頭資訊備份恢復到其他加密卷,您可能能夠打開加密卷,但是您將不能解密存儲於加密卷的任何資料(這是因為您已經改變了加密卷的主密鑰)。 - 加密卷頭資訊備份已經成功恢復。\n\n重要:請注意舊密碼也同樣被恢復了。另外,備份時如果需要密鑰檔來載入加密卷,恢復後也需要同樣的密鑰檔。 - 安全起見,您需要輸入正確的加密卷密碼(和/或 提供正確的密鑰檔)。\n\n注意:如果該卷中包含隱藏加密卷,您需要先輸入正確的外層加密卷的密碼(和/或 正確的密鑰檔)。之後,如果您選擇老備份隱藏加密卷的頭資訊,您您需要輸入正確的隱藏加密卷密碼(和/或 提供正確的密鑰檔)。 - 您確認要創建加密卷 %s 的頭資訊的備份嗎?\n\n在您點擊“是”後,將會彈出備份的頭資訊檔的檔案名提示對話方塊。\n\n注意:常規加密卷和隱藏加密卷頭資訊均將使用新的元素加密並存儲到備份檔案中。如果卷中沒有隱藏加密卷,在備份檔案中為隱藏加密卷保留的區域將會使用亂數據填充(以保持隱蔽性)。您需要輸入創建頭資訊備份時的正確的密碼(和/或 提供正確的密鑰檔)。密碼或密鑰檔會自動確定要恢復的加密卷頭資訊類型,即常規的或是隱藏的(VeraCrypt 通過嘗試和錯誤來偵測類型),儘管有時在加密卷裏面並沒有隱藏加密卷(為保留隱蔽性)。當從備份檔案中恢復一個加密卷的頭資訊時,可以選擇恢復哪個頭資訊(例如,隱藏卷或是標準卷) - 您確認要恢復加密卷 %s 的頭資訊嗎?\n\n警告:恢復加密卷頭資訊也會恢復在創建備份時 有效的密碼。另外,如果在備份時需要使用密鑰檔載入加密卷,那麼在頭資訊恢復後,仍然需要同樣的密鑰檔。\n\n在您點擊“是”後,您將選擇頭資訊備份檔案。 - 此加密卷包含隱藏加密卷嗎? - 此加密卷包含隱藏加密卷 - 此加密卷不包含隱藏加密卷 - 請選擇您想要使用的加密卷頭資訊備份類型: - 從加密卷內嵌的備份中恢復加密卷頭資訊 - 從外部備份檔案中恢復加密卷頭資訊 - 加密卷頭資訊備份檔案的尺寸不對。 - 加密卷中沒有內嵌的備份頭資訊(注意,僅在 VeraCrypt 6.0 和以後的版本才包含內嵌的頭資訊)。 - 您正在嘗試備份系統分區/設備的頭資訊,該功能不被允許。對於系統分區/設備頭資訊的備份/恢復 只能通過使用 VeraCrypt 應急盤來進行。\n\n您希望創建 VeraCrypt 應急盤嗎? - 您正在嘗試恢復系統分區/設備的頭資訊,但是您選擇的是系統分區/設備。該功能不被允許。 對於系統分區/設備頭資訊的備份/恢復 只能通過使用 VeraCrypt 應急盤來進行。\n\n您希望創建 VeraCrypt 應急盤嗎? - 在點擊“確定”按鈕後,您將會設置新的 VeraCrypt 應急盤 ISO 鏡像檔的名稱和存放位置。 - 應急盤 ISO 鏡像檔已經創建並存儲為檔: %s\n\n現在您需要把應急盤刻錄到 CD 或 DVD。\n\n重要:檔必須以 ISO 鏡像檔方式刻錄到 CD/DVD(不要刻錄為單個的資料檔案)。要獲取更多的關於如何刻錄 ISO 檔的資訊,請參考您的 CD/DVD 刻錄軟體的說明書。\n\n請您在刻錄應急盤之後,選擇 '系統' > '驗證應急盤' 來驗證應急盤是否已經成功刻錄。 - 應急盤 ISO 鏡像檔已經創建並存儲為檔: %s\n\n現在您需要把應急盤刻錄到 CD 或 DVD。\n\n您想要啟動 Windows 自帶的磁片鏡像刻錄功能嗎?\n\n注意,請您在刻錄應急盤之後,選擇 '系統' > '驗證應急盤' 來驗證應急盤是否已經成功刻錄。 - 請插入 VeraCrypt 應急盤到 CD/DVD 光碟機並點“確定”按鈕開始驗證。 - VeraCrypt 應急盤已經被成功驗證。 - 應急盤驗證失敗。\n\n如果您已經刻錄了應急盤,請彈出後重新插入應急盤到 CD/DVD,之後再試一次。如果仍然無效,請嘗試使用其他 CD/DVD 刻錄軟體或刻錄盤。\n\n如果您嘗試驗證一個為不同的主密鑰、密碼、元素等創建的 VeraCrypt 應急盤,請注意這樣的應急盤會無法通過驗證。要創建一個新的和當前配置完全相容的應急盤,請選擇 '系統' > '創建應急盤'。 - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - 創建 VeraCrypt 應急盤時失敗。 - VeraCrypt 應急盤在隱形作業系統運行時無法創建。\n\n要創建 VeraCrypt 應急盤,請啟動到迷惑作業系統之後選擇 '系統' > '創建應急盤'。 - 不能確定應急盤是否刻錄成功。\n\n如果您已經刻錄了應急盤,請彈出後重新插入應急盤到 CD/DVD,之後再嘗試驗證一次。如果仍然無效,請嘗試使用其他 %s 。\n\n如果您還沒有創建應急盤,請首先創建一個,然後再點 '下一步' 按鈕。\n\n如果您嘗試驗證一個運行加密盤創建嚮導以前創建的應急盤,則這樣的應急盤是無法用於當前系統的,這是因為它是使用了不同的主密鑰創建的。您需要刻錄和創建一個新的應急盤。 - 和/或 其他 CD/DVD 刻錄軟體 - VeraCrypt - 系統收藏加密卷 - 什麼是系統收藏加密卷? - 系統分區/驅動器看起來沒有加密。\n\n系統收藏加密卷只能使用啟動驗證中的密碼載入。因此,要啟用系統收藏加密卷功能,您需要先加密系統分區/驅動器。 - 在操作前請卸載加密卷。 - 錯誤:不能設置計時器。 - 檢查檔系統 - 修復檔系統 - 添加到收藏... - 添加為系統收藏加密卷... - 屬性(&R)... - 隱藏加密卷已被保護 - N/A - - - 禁用 - 1 - 2 或更多 - 操作模式 - 標籤: - 大小: - 路徑: - 驅動器盤符: - 錯誤:密碼必須僅包含 ASCII 字元。\n\n密碼中的非-ASCII 字元可能會導致在 作業系統配置改變時加密卷不能載入。\n\n允許使用下面字元:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - 警告:密碼中包含非-ASCII 字元。可能會導致在作業系統配置改變時加密卷不能載入。\n\n您應當使用 ASCII 字元替換密碼中的非 ASCII 字元。 如要這樣做,點擊“加密卷” -> “修改加密卷密碼”\n\n下面字元為 ASCII 字元:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - 警告:我們強烈建議您避免使用可執行檔案名(例如 .exe,.sys,或 .dll)以及其他可能有問題的類似擴展名作為加密卷的名稱。使用這些副檔名通常會導致 Windows 或反病毒軟體干預加密卷,這很可能會嚴重影響加密卷的性能,也可能會導致其他嚴重的問題。\n\n我們強烈建議您移除此副檔名或更換其副檔名(例如,改變為 .iso,.img,.dat)。\n\n您確認繼續使用可能有潛在問題的副檔名嗎? - 警告:該加密卷帶有可執行檔的副檔名(例如 .exe,.sys,或 .dll)或其他可能有問題的類似擴展名作為加密卷的名稱。 這很可能導致 Windows 或反病毒軟體干預加密卷,會嚴重影響加密卷的性能,也可能會導致其他嚴重的問題。\n\n我們強烈建議您在卸載加密卷後移除此副檔名或更換為其他副檔名(例如,改變為 .iso,.img,.dat)。 - 主頁(聯網) - 警告:看起來您還沒有安裝任何 Windows 作業系統的補丁包。您不應當向未 安裝 SP1 或以後補丁包的 Windows XP 系統中的大於128 GB 的 IDE 硬碟寫 入資料!如果這樣做了,磁片上的資料(不論是否為 VeraCrypt 加密卷)可能 會損壞。注意:這是 Windows 作業系統的限制,而不是 VeraCrypt 的錯誤。 - 警告:看起來您的 Windows 2000 系統還未安裝 SP3 或以後補丁包。 您不應當向這個系統中大於 128 GB 的 IDE 硬碟寫入資料!如果這樣 做了,磁片上的資料(不論是否為 VeraCrypt 加密卷)可能會損壞。 注意:這是 Windows 作業系統的限制,而不是 VeraCrypt 的錯誤。\n\n注意:您也需在註冊表裏面啟用 48-位 LBA 支持;更多資訊,請參考 http://support.microsoft.com/kb/305098/EN-US - 警告:您的系統不支援 48-位 LBA ATAPI。因此,您將不能寫入到超過 128GB 容量的 IDE 磁片!如果您仍然堅持這樣做,磁片上的資料(不論其是否為 VeraCrypt 加密卷)將會損壞。請注意,這是 Windows 系統的限制,不是 VeraCrypt 軟體的限制。\n\n要啟用 48-位 LBA 支持,請在註冊表的HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters下添加一個 'EnableBigLba' 鍵值並設置其值為 1。\n\n更多資訊請參考 http://support.microsoft.com/kb/305098 - 錯誤:大於 4 GB 的檔不能存儲於 FAT32 檔系統。因此,存儲於 FAT32 檔系統上的檔類型的加密卷(或外層加密卷)不能大於 4 GB。\n\n如果您需要大容量的加密卷,請在 NTFS 檔系統(或者,如果您使用 Windows Vista SP1 或以後版本的系統,在擴展的 exFAT 檔系統)中創建,除此之外,您也可以使用創建加密分區來代替創建檔型加密盤。 - 警告:Windows XP 不支持大於 2048GB 的檔(將會被報告為 "無足夠存儲空間")。因此,在 Windows XP 中您不能創建大於 2048GB 的檔類型加密盤。\n\n請注意,在 Windows XP 中仍然是可以加密整個設備或者創建大於 2048GB 的分區類型 VeraCrypt 加密卷的。 - 警告:如果您想以後向外層加密卷中添加更多的資料或檔,您應當考慮為隱藏加密卷選擇一個小一點的尺寸。\n\n您確認要以指定的尺寸繼續嗎? - 未選擇加密卷。\n\n點擊“選擇設備...”或“選擇檔...”來選擇 VeraCrypt 加密卷。 - 沒有選擇分區。\n\n點擊 '選擇設備' 來選擇一個通常需要啟動驗證的已卸載的分區(例如,一個位於另外加密系統驅動器上的另外一個沒有運行的系統的分區,或者是另外一個作業系統的加密系統分區)。\n\n注意:選擇的分區將被以常規 VeraCrypt 加密卷的方式載入而無需啟動驗證。這在執行備份和修復等操作時比較有用。 - 警告:如果默認的密鑰檔被設定和啟用後,則不能載入不使用該密鑰檔的加密卷。因此,如果默認的密鑰檔被設定和啟用後,在打開非密鑰檔加密的加密卷時,請記住取消對“使用密鑰檔”選項的選擇(在密碼輸入框的下面)。\n\n您確認保存選定的密鑰檔/路徑作為預設值嗎? - 自動載入設備 - 全部卸載 - 擦除緩存 - 卸載全部 & 擦除緩存 - 強制全部卸載並擦除緩存 - 強制全部卸載擦除緩存並退出程式 - 載入收藏加密卷 - 顯示/隱藏 VeraCrypt 主視窗 - (單擊這裏並按下某個鍵盤按鍵) - 操作 - 熱鍵 - 錯誤:該熱鍵為系統保留熱鍵,請選擇一個其他熱鍵。 - 錯誤:熱鍵已被佔用。 - 警告:一個或多個 VeraCrypt 作用於系統範圍的熱鍵不能使用!\n\n請確認 VeraCrypt 的這些熱鍵沒有被其他程式或作業系統佔用。 - 已阻止創建虛擬記憶體頁面檔。\n\n請注意,由於 Windows 自身的問題,頁面檔不能位於非系統類 VeraCrypt 加密卷(包括系統收藏加密卷)。VeraCrypt 僅支援在加密的系統分區/設備上創建頁面檔。 - VeraCrypt 加密休眠檔時發生了錯誤或者非相容問題。因此系統的休眠已被阻止。\n\n注意:當電腦處於休眠模式(或進入節電模式),系統記憶體的資訊會被寫入位於驅動器上的休眠檔。VeraCrypt 不能阻止在記憶體中打開的加密密鑰和敏感檔的內容以未加密的形式存放於休眠檔。 - 休眠功能已被阻止。\n\nVeraCrypt 不支援使用額外啟動分區的隱形系統中的休眠功能。請注意啟動分區是由迷惑系統和隱形系統共用的。因此,要防止資料洩露和休眠可能會帶來的問題,VeraCrypt 不得不阻止隱形系統向共用的啟動分區寫入資料,以及阻止隱形系統休眠。 - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - 警告:如果 VeraCrypt 後臺任務被禁用,下面的功能將會失效:\n\n1)系統熱鍵\n2)自動卸載加密卷(例如註銷時,意外的主設備移除,超時,等等)\n3)自動載入收藏加密卷\n4)提示(例如:對隱藏加密卷的損壞被阻止時)\n5)通知欄圖示\n\n注意:您可以隨時在通過右鍵單擊 VeraCrypt 的通知欄圖示並選擇“退出”來停止後臺任務。\n\n您確認要停止 VeraCrypt 的後臺任務嗎? - 警告:如果此選項被禁用,包含打開的檔/目錄 的加密卷將不能自動卸載。\n\n您確認要禁用這個選項嗎? - 警告:包含打開的檔/目錄的加密卷將不能自動卸載。\n\n要防止這種情況,在對話方塊視窗中啟用下面選項: “強行自動卸載,不論加密卷是否包含打開的檔或目錄” - 警告:當筆記本電力不足時,Windows 可能會在電腦進入待機模式時,系統會向正在運行中的程式發送相應的資訊。因此,這種情況下 VeraCrypt 可能會無法自動卸載加密卷。 - 您已經安排了加密 分區/設備 的計畫。該計畫尚未完成。\n\n您希望現在繼續這個加密過程嗎? - 您已經計畫了加密或解密系統分區/驅動器的操作。但該操作尚未完成。\n\n您希望開始(或繼續)該操作嗎? - 您想要軟體提示您是否要繼續當前計畫的加密非系統分區/卷的加密過程嗎? - 是,一直提示我 - 否,不要再提示我 - 重要:請一定記住,任何時候,您都可以通過從 VeraCrypt 視窗的主功能表中選擇 '加密卷' > '繼續被中斷的過程',來繼續任何非系統服務/卷的加密過程。 - 您已經設置了加密解密系統分區或驅動器的計畫任務。然而,啟動驗證已失敗(或被繞過)。\n\n注意:如果您在啟動驗證環境中解密了系統分區/驅動器,您可能需要從 VeraCrypt 視窗的 '系統' 功能表 > '永久解密系統分區/驅動器' 完成最後的設置步驟。 - 警告:如果 VeraCrypt 現在退出,以下功能將被禁用:\n\n1)系統熱鍵\n2)自動卸載加密卷(例如註銷時,意外的主設備移除,超時,等等)\n3)自動載入收藏加密卷 \n4)提示(例如,當阻止損害隱藏加密卷時)\n\n注意:如果您不希望 VeraCrypt 在關閉程式視窗後以後臺方式運行,請在程式參數選擇裏面禁用後臺任務選項。(並且,如有必要,在程式參數裏面禁用 VeraCrypt 的自動運行)。\n\n您確定要退出 VeraCrypt 嗎? - 退出嗎? - VeraCrypt 沒有足夠資訊確定是否要加密還是解密。 - VeraCrypt 無足夠的資訊來確定加解密狀態。\n\n注意:如果您在啟動驗證環境解密系統分區/驅動器,您可能需要點擊 Decrypt(解密)來最後完成解密過程。 - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - 您想要打斷和推遲對分區/驅動器的加密嗎?\n\n注意:要記住這個加密卷在完全加密前是不能被載入的。您可以繼續加密過程,加密則會在中斷的地方繼續。要達到這點,例如,可以從 VeraCrypt 主視窗的功能表中選擇 '加密卷' > '繼續被中斷的過程'。 - 您想要打斷和推遲對系統分區/驅動器的加密嗎?\n\n注意:您以後也可以從中斷位置恢復加密進程。操作如下:在 VeraCrypt 介面中選擇 '系統' > '繼續被中斷的進程'。如果您想永久中止或回滾加密進程,請選擇 '系統' > '永久解密系統分區/驅動器'。 - 您想要打斷和推遲對系統分區/驅動器的加密嗎?\n\n注意:您以後也可以從中斷位置恢復加密進程。操作如下:在 VeraCrypt 介面中選擇 '系統' > '繼續被中斷的進程'。如果您想回滾解密進程(和開始加密),選擇 '系統' > '加密系統分區/驅動器'。 - 錯誤:打斷加密/解密系統分區或驅動器的操作失敗。 - 錯誤:中斷擦除過程時失敗。 - 錯誤:繼續加密/解密系統分區或驅動器的操作失敗。 - 錯誤:啟動擦除過程時失敗。 - 發現不一致性。\n\n\n(如果您使用此鏈結報告這個錯誤,請在報告中包含下面資訊: %hs) - 錯誤:未知狀態。\n\n\n(如果您報告與之相關的 BUG,請在錯誤報告裏面包含下面的技術資訊: %hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - 警告: VeraCrypt 後臺任務已禁用。在您退出 VeraCrypt 後,如果對隱藏加密卷的損壞企圖已被保護,您也將無法得到提示。\n\n注意:您可以隨時在通過右鍵單擊 VeraCrypt 的通知欄圖示並 選擇“退出”來停止後臺任務。\n\n\n您要啟用 VeraCrypt 後臺任務嗎? - 語言包版本: %s - 正在檢測載入為 %s 的 VeraCrypt 加密卷的檔系統... - 正在試圖修復載入為 %s 的 VeraCrypt 加密卷的檔系統... - 警告:該加密卷使用了已被廢棄的加密演算法。\n\n所有 64-位元塊加密演算法(Blowfish,CAST-128,和 Triple DES)已經逐漸不再被使用了。該加密卷在以後版本的 VeraCrypt 可能會被打開。然而以後則不會針對這些廢棄演算法採取一些改善措施。我們推薦您創建一個使用 128-位元塊加密演算法的 Veracrypt 加密卷(如:AES,Serpent,Twofish,等等)並把使用舊演算法的加密卷裏面的檔移動到新的加密卷裏面去。 - 您的系統未被配置為自動載入新加密卷。 因此也不可能載入設備類的加密卷。自動卸載 可以在執行下列命令後重啟系統來啟用。\n\n\nmountvol.exe /E - 請在繼續前為該設備/分區分配一個盤符('控制面板' > '系統和維護' > '管理工具' - '創建和格式化分區')。\n\n這些是作業系統所要求的。 - 載入 VeraCrypt 加密卷 - 卸載所有 VeraCrypt 加密卷 - VeraCrypt 獲取系統管理員許可權失敗。 - 訪問已被作業系統拒絕。\n\n可能原因:作業系統要求你對某些檔夾、檔、和設備具有讀寫許可權(或管理員許可權),以便您能夠從其中讀寫資料。通常情況下,非系統管理員僅允許在他自己的文檔檔夾中創建、讀取和修改檔。 - 錯誤:該驅動器使用了不被支援的磁區尺寸。\n\n如果設備的磁區大於 4096 位元組,目前不可能在其上創建 分區/設備 類的加密卷。然而,您可以在此類驅動器上創建檔類型的加密卷。 - 目前情況下,如果安裝系統的磁片磁區尺寸不是 512 位元組,則無法在此基礎上創建加密系統。 - VeraCrypt 啟動管理器要求系統驅動器最前端至少有 32 KB 的未分配空間(VeraCrypt 啟動管理器需要安裝到該區域)。很不幸,您的驅動器無法滿足這個條件。\n\n請不要把這個問題報告為 VeraCrypt 的程式缺陷。要解決這個問題,您需要對硬碟重新分區並保留硬碟的前 32 KB 為空閒狀態(大多數情況下,需要您刪除和重建第一個分區)。我們推薦您使用微軟的分區管理來完成這個操作,例如,當您安裝 Windows 時的分區管理程式。 - 此功能不支援當前您正在使用的作業系統版本。 - VeraCrypt 不支援在您當前使用的作業系統版本內加密系統分區/驅動器。 - 在您加密 Windows Vista 的系統分區/設備 前,您需要為 Vista 安裝 Service Pack 1 或更高版本的補丁。\n\n提示:Vista Service Pack 1解決了啟動系統時的自由基礎記憶體缺陷。 - VeraCrypt 不再支援對未安裝 SP 補丁的 Windows Vista 系統的系統分區/設備的加密。在升級 VeraCrypt 之前,請安裝 Vista 的 Service Pack 1 或更高補丁版本。 - 錯誤:此功能要求 VeraCrypt 必須安裝於當前系統(您正在以便攜模式運行 VeraCrypt)。\n\n請安裝 VeraCrypt 之後再試一次。 - 警告:Windows 看起來並未安裝在它所啟動的驅動器上。此功能目前尚不支援。\n\n盡在您確認 Windows 的確安裝在它所啟動的驅動器上時,您才應當繼續。\n\n您確認要繼續嗎? - 您的系統驅動器具有 GUID 分區表(GPT)。當前只支持具有 MBR 的分區表。 - 小心:VeraCrypt 啟動管理器已經安裝到了您的系統驅動器上了!\n\n這可能在您的電腦上已經加密了另外一個系統。\n\n警告:繼續加密當前運行的系統可能會導致其他系統無法啟動或導致資料無法訪問。\n\n您確定要繼續嗎? - 恢復原來的系統啟動管理器時失敗。\n\n請使用您的 VeraCrypt 應急盤('Repair Options' > 'Restore original system loader')或者 Windows 安裝盤來清除 VeraCrypt 啟動管理器。 - 原來的系統引導器沒有保存到應急盤上(可能原因:備份檔案丟失)。 - 寫入 MBR 磁區時失敗。\n\n您的 BIOS 可能設置為保護了 MBR 磁區或一些還原軟體也會保護 MBR。請確認沒有安裝保護 MBR 的還原軟體和檢查您的 BIOS 設置(啟動電腦後按 F2,Delete,或 Esc)中的 MBR/反病毒保護。 - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - 所要求版本的 VeraCrypt 啟動管理器當前沒有安裝。這可能導致某些設置無法保持。 - 提示:在某些環境,您可能希望避免外人(攻擊者)在您啟動電腦時看到您使用了 VeraCrypt 加密了系統。上面的選項允許您自定義 VeraCrypt 啟動管理器螢幕比避免此類被識別的事情發生。如果您啟用了第一個選項,在啟動管理器螢幕不會顯示任何文本(即時您輸入錯誤的密碼也不會顯示)。在您輸入密碼的時候電腦看起來就像被凍結的一樣。此外,也可以顯示自定義的資訊來誤導攻擊者。例如,諸如 "Missing operating system" 之類的英文資訊(這個資訊在 Windows 啟動管理器未發現啟動分區的時候顯示)。然而,必須要提醒的是,如果攻擊者分析硬碟的內容,他仍然可以發現硬碟上存在 VeraCrypt 啟動管理器(譯注:此乃下策矣)。 - 警告:請記住,如果您啟用此選項,VeraCrypt 啟動管理器不會顯示任何文本(即便是輸錯密碼了也不會顯示任何文本)。電腦在夠輸入密碼的時候電腦看起來就像被凍結(沒有回應)一樣(游標不會移動並且在按下按鍵的時候也不會顯示遮罩)。\n\n您確認要啟用此選項嗎? - 您的系統分區/驅動器看起來已被完全加密了。 - VeraCrypt 不支援加密已經轉換為動態磁片的系統驅動器。 - 該系統驅動器包含擴展(邏輯)分區。\n\n 您只能在 Windows Vista 或以後版本中加密包含擴展(邏輯)分區的整個系統驅動器。而在 Windows XP 系統中,您只可以加密僅含有一個主分區的整個系統驅動器。\n\n請注意:您仍然可以加密系統分區,來取代加密整個驅動器(並且,有別於加密整個驅動器,您可以在驅動器上的任何非系統分區創建分區類型的 VeraCrypt 加密卷)。 - 警告: 由於您運行的系統為 Windows XP/2003,在您開始加密驅動器之後,您一定不要在其上面再創建建擴展(邏輯)分區(您只可以創建主分區)。當您開始加密以後,任何的擴展分區均將無法再繼續訪問。\n\n說明:如果您無法接受這個條件,您可以返回和選擇只加密系統所在分區而不是選擇加密系統所在硬碟驅動器(另外,您可以在驅動器上的任何非系統分區創建分區類型的加密卷)。\n\n作為替代方案,如果您無法接受這個條件,您也可以考慮升級到 Windows Vista 或以後版本(您只可以在 Windows Vista 或以後版本中加密包含擴展/邏輯分區的整個驅動器)。 - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - 您確認要加密系統所在分區,而不是加密整個硬碟嗎?\n\n說明:除了加密系統所在分區之外,您可以在該硬碟驅動器上的非系統分區創建分區類型的 VeraCrypt 加密卷。 - 由於您的系統驅動器僅包含一個佔據了整個驅動器的分區,更適合(更安全)加密整個包含鬆散空間(通常位於這樣分區的周圍)的驅動器。\n\n您希望加密整個系統驅動器嗎? - 您的系統已配置為在非系統分區存儲暫存檔案。\n\n暫存檔案應該只位於系統分區(出於安全考慮)。 - 您的用戶配置檔並非設置在系統分區。\n\n用戶配置檔應該只存儲於系統分區(出於安全考慮)。 - 非系統分區存在頁面檔。\n\n頁面檔應該只存儲於系統分區(出於安全考慮) - 您想要設置 Windows 僅在 Windows 分區生成頁面檔嗎?\n\n請注意,如果您點擊 '是',電腦將會重新啟動。之後請啟動 VeraCrypt 和嘗試再次創建隱形系統。 - 否則,隱形系統的隱蔽性將會受到嚴重影響。\n\n說明:如果攻擊者分析這些檔的內容(存在於非系統分區中),他可能會發現您在隱形系統創建模式裏面使用了此嚮導(這可能暗示電腦上存在隱形系統)。還需說明的是,存儲於系統分區的此類檔,在隱形系統創建過程中將會被安全擦除。 - 警告:在隱形系統創建過程中,您將會被要求全新安裝當前運行的作業系統(以便安全創建迷惑系統)。\n\n說明:當前運行的作業系統和該系統分區的全部內容將會被複製到隱藏加密卷(以便創建隱形系統)。\n\n\n您確認您將使用 Windows 安裝介質安裝此系統嗎(或使用服務分區)? - 安全起見,如果當前運行的作業系統需要啟動,則必須在繼續進行克隆前啟動。注意到隱形作業系統將通過複製當前作業系統的內容到隱藏加密卷來得以創建(因此如果當前作業系統未啟動,則隱形作業系統也處於未啟動狀態)。更多資訊,請參考《VeraCrypt User's Guide》的 "Security Precautions Pertaining to Hidden Volumes" 章節。\n\n重要:在繼續進行前,確認您已經閱讀了《VeraCrypt User's Guide》的 "Security Precautions Pertaining to Hidden Volumes" 章節。\n\n\n當前運行的作業系統滿足上面的條件嗎? - 您的系統使用了一個額外的啟動分區。VeraCrypt 不支援使用額外啟動分區的隱形系統的休眠(迷惑系統完全可以休眠)。\n\n請注意,啟動分區應當被迷惑系統和隱形系統所共同使用。因此,為了防止資料洩露和由於休眠所導致的問題,VeraCrypt 只能阻止隱形系統寫入資料到共用的啟動分區和阻止隱形系統使用休眠。\n\n\n您確認要繼續嗎?如果您選擇 '否',則會顯示移除額外啟動分區的提示資訊。 - \n在安裝 Windows 之前可以移除額外的啟動分區。想要如此,請遵循以下步驟(譯者注:這些步驟沒有在XP安裝光碟看到,請讀者自悟吧,抱歉):\n\n1)啟動您的 Windows 安裝光碟。\n\n2)在 Windows 安裝螢幕,選擇 '現在安裝' > '自定義(高級)'.\n\n3)點擊 '驅動器 選項'。\n\n4)選擇主系統分區並選擇刪除這個分區,之後再確認刪除(安裝盤刪除分區的時候會多次確認)。\n\n5)選擇 '系統保留' 分區,選擇 '擴展',並增加它的大小直到可以安裝系統為止。\n\n6)選擇 '應用' 和確認。\n\n7)安裝 Windows 到 '系統保留' 分區。\n\n\n如果攻擊者詢問您移除額外啟動分區的原因,您可以回答是因為您不希望資料洩露到未加密的啟動分區。\n\n注意:您可以通過點擊下面的 "列印" 按鈕列印這些文本。如果您列印了這些文本,強烈建議您在移除額外啟動分區後銷毀這些紙張(否則,如果這些紙張被發現,可能暗示著存在隱形系統)。 - 警告:在系統分區和其後的第一個分區之間存在未分配空間。在您創建隱形作業系統之後,您必須不能在此未分配空間上創建任何新的分區,否則,隱形作業系統將無法啟動(直到刪除了這個新創建的分區)。 - 此演算法當前不支援系統加密。 - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - 密鑰檔當前不支援用在系統加密中。 - 警告:VeraCrypt 不能存儲原始鍵盤佈局。這可能導致您無法正確輸入密碼。 - 錯誤:不能設置 VeraCrypt 鍵盤佈局為標準的美國鍵盤佈局。\n\n說明:在 Windows 啟動前的啟動驗證裏需要輸入密碼,此時非美國標準鍵盤佈局不可用。因此,密碼必須使用標準的美國鍵盤佈局輸入。 - 由於 VeraCrypt 臨時改變鍵盤佈局為標準的美國鍵盤,目前在按下 ALT 按鍵的情況下無法通過鍵盤輸入字元。然而您可以按下 Shift 鍵的時候輸入大多數此類字元。 - VeraCrypt 會阻止對鍵盤佈局的修改。 - 說明:在 Windows 啟動前的啟動驗證裏需要輸入密碼,此時非美國標準鍵盤佈局不可用。因此,密碼必須使用標準的美國鍵盤佈局輸入。然而,這不需要您必須使用真實的美國鍵盤。VeraCrypt 在您沒有美國鍵盤的情況下也能夠自動的保證您能夠安全的輸入密碼(現在和啟動驗證環境)。 - 在您加密系統分區/驅動器前,您必須創建一個 VeraCrypt 應急盤,用途如下:\n\n- 如果 VeraCrypt 啟動管理器、主密鑰、或其他關鍵資料損壞了,可以使用應急盤修復它們(當然你必須輸入正確的密碼)。\n\n- 如果 Windows 系統損壞了並且無法啟動,你可以在 Windows 啟動前使用應急盤永久解密這個分區/驅動器。\n\n- 應急盤包含第一個柱面當前內容的備份(通常包含系統引導器或者啟動管理器),在必要的時候你可以恢復它們。\n\nVeraCrypt 應急盤 ISO 映射檔將會在下面指定位置創建。 - 在您點擊確定後,微軟的 Windows 磁片映射刻錄器將會被啟動。請使用它刻錄 VeraCrypt 應急盤映射檔到 CD 或 DVD 中。\n\n在操作完這些之後,請返回到 VeraCrypt 加密卷創建嚮導並遵循嚮導的指令。 - 應急盤 ISO 鏡像檔已經創建並存儲為檔: %s\n\n現在您需要把應急盤刻錄到 CD 或 DVD。\n\n在刻錄應急盤後,點擊 '下一步' 按鈕驗證應急盤已經成功刻錄。\n\n%ls在刻錄完應急盤之後,請點擊 "下一步" 按鈕驗證應急盤是否被成功刻錄。 - 應急盤映射檔已經被創建並且存儲為檔: %s\n\n現在您應當刻錄該應急盤到 CD/DVD 中去或者移動該 ISO 檔到一個安全的位置以備以後使用。\n\n%ls點擊 '下一步' 繼續。 - 重要:請注意,映射檔必須以 ISO 磁片映射檔的方式刻錄到 CD/DVD 中去(不能刻錄為單個的資料檔案)。要獲取更多的關於如何刻錄 ISO 檔的資訊,請參考您的 CD/DVD 刻錄軟體的說明書。如果您還沒有刻錄 ISO 鏡像檔的光碟刻錄軟體,請點下面鏈結下載這樣的免費刻錄軟體。\n\n - 啟動微軟 Windows 磁片映射刻錄器 - 警告:如果您已經創建了 VeraCrypt 應急盤,它將不能再用於系統分區/驅動器,這是因為您每次加密系統分區/驅動器時都會使用不同的主密鑰,儘管您使用的是同樣的密碼,您也必須創建一個新的 VeraCrypt 應急盤。 - 錯誤:不能保存系統加密設置。 - 不能初始化系統加密預測試。 - 不能初始化創建隱形作業系統的過程。 - 擦除模式 - 在某些存儲介質上,當資料被其他資料覆蓋後,也仍有可能通過磁力顯微技術恢復出來被覆蓋的資料。這也包括一些被加密方式覆蓋的資料(這在 VeraCrypt 加密那些原來沒有加密的系統分區或系統驅動器時可能會發生)。根據一些研究機構和政府機構發佈的文獻,通過使用偽隨機或非亂數據覆蓋一定次數可以阻止資料恢復或使資料恢復變的異常困難。因此,如果您確認攻擊者可能會使用類似磁力顯微技術恢復您的加密資料,您可以選擇下拉清單中幾種擦除演算法中的一種(已經存在的資料不會丟失)。需要說明的是在分區/驅動器加密後不需要再執行擦除操作。當分區/驅動器被完全加密後,不會再有非加密資料向其寫入。寫入加密卷中的任何資料都是在記憶體中即時加密,然後這些已加密資料才會被寫入到磁片。 - 在某些存儲介質上,當資料被其他資料覆蓋後,也仍有可能通過磁力顯微技術恢復出來被覆蓋的資料。根據一些研究機構和政府機構發佈的文獻,通過使用偽隨機或非亂數據覆蓋一定次數可以阻止資料恢復或使資料恢復變的異常困難。因此,如果您確認攻擊者可能會使用類似磁力顯微技術恢復您的加密資料,您可以選擇下拉清單中幾種擦除演算法中的一種(已經存在的資料不會丟失)。\n\n說明:擦除次數越多,花費的時間越長。 - 正在擦除 - \n說明:您可以中斷擦除的過程,關閉您的電腦,重新啟動隱形系統並在此後繼續這個過程(該嚮導將會被自動運行)。然而,如果您中斷此過程,整個擦除將會從頭開始執行。 - \n\n說明:如果您中斷了擦除的過程並想在以後繼續擦除,整個的過程將不得不從頭開始。 - 您確認要放棄擦除過程嗎? - 警告:選定 分區/設備 的全部內容將會被擦除並因此而丟失。 - 原始作業系統所在的分區將會被擦除。\n\n說明:該分區的全部內容已經複製到了隱形系統分區。 - 警告:請注意如果使用 3-次擦除模式,加密驅動器/分區需要時間將會增加為原來的4倍。同樣,如果你選擇了35-次擦除模式,所消耗的時間會為原來的36倍(如果分區容量很大,很可能花費幾周的時間)。\n\n然而,請注意在分區/驅動器完全加密後〖無須〗再對其執行擦除操作。在分區/驅動器被完全加密後,將不會再有非加密的資料向該分區/驅動器寫入。所有寫入的資料首先都會在記憶體中即時加密,之後才會向分區/驅動器寫入加密的資料(因此並不會影響性能)。\n\n您確認要使用這種擦除模式嗎? - 無(最快) - 1-次擦除(亂數據) - 3-次擦除(US DoD 5220.22-M) - 7-次擦除(US DoD 5220.22-M) - 35-次擦除("Gutmann") - 256-次擦除 - 作業系統數目 - 警告:入門用戶應當從來不嘗試加密多重啟動方式的 Windows 。\n\n希望繼續嗎? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - 引導驅動器 - 當前運行的作業系統安裝到了引導驅動器上了嗎?\n\n說明:有時 Windows 可能並未安裝到 Windows 啟動管理器(活動分區)分區上。如果屬於這種情況,請選擇 '否'。 - VeraCrypt 當前不支持加密安裝到非活動分區上的系統。 - 系統驅動器數目 - 有多少個驅動器含有作業系統?\n\n說明:例如,您在主驅動器上安裝了任意系統(例如. Windows,Mac OS X,Linux,等等),在第二個驅動器上安裝了其他的作業系統,這時就選擇 '2 個或多個'。 - VeraCrypt 目前不支援對包含多個作業系統的整個硬碟驅動器的加密。\n\n可能的解決方法:\n\n- 您可以後退並選擇只加密單系統分區加密其中的一個系統(與選擇加密整個系統驅動器相反)。\n\n- 或者,你也可以把要加密的驅動器中的其他系統遷移到其他的驅動器,而只在其中保留一個系統。 - 單驅動器中包含多個系統 - 在當前運行的系統所安裝的驅動器中,是否包含其他任何作業系統?\n\n說明:例如當前運行的作業系統安裝在驅動器 #0,該驅動器包含幾個分區,其中一個分區安裝了 Windows 系統,而另一個分區安裝了其他任何作業系統(例如. Windows,Mac OS X,Linux,等等.),請選擇 '是'。 - 非 Windows 啟動管理器 - 是否安裝了一個非 Windows 啟動管理器(或啟動管理器)到 MBR 中了嗎?\n\n說明:例如,可啟動的驅動器的第一個柱面包含 GRUB、LILO、XOSL,或其他非 Windows 啟動管理器(或啟動管理器),則選擇 '是'。 - 多重啟動 - VeraCrypt 目前不支持在 MBR 中安裝的非 Windows 多重啟動管理器。\n\n可能的解決辦法:\n\n- 如果您使用了一個啟動管理器來啟動 Windows 或 Linux,把啟動管理器(典型的,例如 GRUB)從 MBR 中遷移到分區上。之後再次啟動嚮導和加密系統分區/設備。說明:VeraCrypt 啟動管理器將會成為主啟動管理器,並且會允許您把原來的啟動管理器(例如 GRUB)作為第二啟動管理器(通過在 VeraCrypt 啟動管理器螢幕按下 ESC 按鍵),因此你仍然可以啟動 Linux。 - 如果當前運行的系統安裝在活動分區上,隨後,在您加密了該分區後,儘管您想要啟動其他未加密的系統,您仍然要輸入正確的密碼(因為它們都會共用同一個加密的 Windows 啟動管理器)。\n\n相反的,如果當前運行的系統並沒有安裝到 Windows 的啟動分區(或者如果其他系統並未使用 Windows 啟動管理器),隨後,在您加密了該分區後,您在啟動其他未加密的系統時不需要輸入正確的密碼 -- 您只需按 ESC 按鍵來啟動未加密的系統(如果存在多個未加密的系統,您也同樣需要在 VeraCrypt 的啟動管理器中選擇要啟動的系統)。\n\n說明:通常情況下,最早安裝的那個系統一般都會安裝到啟動分區。 - 加密主機保護區域(Host Protected Area) - 在很多硬碟的尾部,存在一個相對於作業系統隱藏的區域(這些區域通常被稱作主機保護區域)。然而,某些程式可以從這些區域中讀寫資料。\n\n警告:某些電腦供應商可能使用這些區域存儲用於 RAID、系統恢復、系統設置、診斷的工具和資料,或用於其他目地。如果此類工具和資料必須在啟動前訪問,那麼這些隱藏區域不應當被加密(在上面選擇 '否')。\n\n您希望 VeraCrypt 檢測和解密系統驅動器尾部這些隱藏區域嗎? - 系統加密類型 - 如果您只想加密系統分區或整個系統驅動器,請選擇此項。 - 可能存在某些人強迫您解密作業系統的情況。在很多情況下您可能無法拒絕洩漏密碼(例如,被勒索)。如果您選擇了這個選項,您將會創建一個沒有任何手段可以識別的隱形作業系統(當然這得需要您遵循一定的步驟創建)。因此,您一定不要解密或者洩漏隱形作業系統的密碼(譯者注:這是因為隱形作業系統的存在只有你才知道,你不說沒有任何手段可以檢測到),如若獲取更多資訊,請單擊下面鏈結。 - 可能存在某些人強迫您解密作業系統的情況。在很多情況下您可能無法拒絕洩漏密碼(例如,被勒索)。\n\n使用本嚮導,您將能夠創建一個沒有任何手段可以識別的隱形作業系統(當然這得需要您遵循一定的步驟創建)。因此,您一定不要解密隱形系統或者洩漏隱形作業系統的密碼(譯者注:這是因為隱形作業系統的存在只有你才知道,你不說沒有任何手段可以檢測到)。 - 隱形作業系統 - 在後面步驟中,您將在系統分區之後的分區中創建兩個 VeraCrypt 加密卷(外層的和隱藏的)。隱藏加密卷將包含隱形作業系統。VeraCrypt 將通過複製系統分區(即當前系統所在分區)的內容到隱藏加密卷來創建隱形作業系統。對於外層加密卷而言,您可以複製一些您實際上並不想隱藏的貌似敏感的文件。它們將用來對付那些強迫您說出隱藏系統分區密碼的人。您可以把含隱形作業系統的外層加密卷的密碼告訴它們(此時仍然無法發現是否存在隱形作業系統)。\n\n最後,在當前當前運行的系統的分區,您將會安裝一個新的系統並加密以後作為迷惑系統來使用。這個迷惑系統不要含有任何敏感檔並且用來對付那些強迫您說出啟動驗證密碼的人。總而言之,一共有三個密碼,兩個密碼用於對付那些攻擊者(分別對應迷惑作業系統和外層加密卷。如果您使用第三個密碼,則將會啟動隱形作業系統。 - 正在檢測隱藏磁區 - 當 VeraCrypt 正在檢測系統驅動器尾部可能存在的隱藏磁區時,請稍候。注意該操作可能花費較長時間才能完成。\n\n注意:在極少數情況下,某些電腦環境中,系統可能在檢測過程中失去回應。如果發生此情況,重啟電腦,運行 VeraCrypt,重複前面步驟並跳過此檢測過程。此問題並不是 VeraCrypt 的程式 Bug。 - 要加密的區域 - 如果您想加密作業系統安裝和啟動的分區,請選擇此項。除了 VeraCrypt 啟動管理器存放的第一個柱面之外,包括所有分區的整個硬碟驅動器將會被加密。任何要訪問該驅動器上系統或檔的人都需要每次在系統啟動前輸入正確的密碼。如果 Windows 並未安裝到第二塊或外部驅動器上並且沒有從這些驅動器上啟動,此選項不能用於加密第二塊或外部驅動器。 - 正在搜集亂數據 - 密鑰已生成 - VeraCrypt 未在系統上發現燒錄機。VeraCrypt 需要 CD/DVD 燒錄機來刻錄一張可啟動的 VeraCrypt 應急盤,應急盤包含密鑰、VeraCrypt 啟動管理器、原始啟動管理器等資訊的備份。\n\n我們強烈建議您刻錄一張 VeraCrypt 應急盤。. - 我沒有 CD/DVD 燒錄機,但是我想在可移動驅動器上存放應急盤 ISO 映射檔(例如,USB 快閃記憶體)。 - 我將會在以後添加 CD/DVD 燒錄機到電腦上。現在終止創建過程。 - 現在 CD/DVD 燒錄機已經連接到電腦上了。繼續並且刻錄應急盤。 - 請遵循下麵步驟:\n\n1)現在連接可移動驅動器到電腦上,例如 USB 快閃記憶體。\n\n2)複製 VeraCrypt 應急盤映射檔(%s)到可移動驅動器上。\n\n考慮到您以後有使用 VeraCrypt 應急盤的可能,建議您把這個可移動驅動器連接到其他有燒錄機的電腦上,使用這個映射檔刻錄一張應急盤。重要:請注意,VeraCrypt 應急盤映射檔必須以映射檔方式刻錄,不能刻錄為資料光碟。 - 正在刻錄應急盤 - 應急盤已創建 - 系統加密預測試 - 應急盤已驗證 - \nVeraCrypt 應急盤已被成功驗證。請從光碟機中取出應急盤並把它存放到安全的地方。\n\n點擊 '下一步' 繼續。 - 警告:在下面步驟中,VeraCrypt 應急盤必須不能放在光碟機中。否則就不可能正確完成此步驟。\n\n請從光碟機中取出應急盤並把他放在一個安全的地方,之後點 '確定' 按鈕。 - 警告:由於啟動驗證環境(即在 Windows 系統啟動前)的技術局限,VeraCrypt 在啟動驗證環境顯示的文本不能被本地化。VeraCrypt 引導管理器的介面完全為英文模式。\n\n確認繼續嗎? - 在加密系統分區或啟動前,VeraCrypt 需要驗證每個環節都正確無誤。\n\n在點擊“測試”按鈕以後,所有的元件(例如,啟動驗證元件,即 VeraCrypt 啟動管理器)將會被安裝並且您的電腦將會重啟。之後您需要在 Windows 啟動前的 VeraCrypt 啟動管理器介面輸入您的密碼。在 Windows 啟動後,程式將會自動通知您測試的結果。\n\n以下設備將會被修改: 驅動器 #%d\n\n\n如果您點擊 '取消',將不會安裝任何內容並且預測試將不會被執行。 - 重要提示 -- 請仔細閱讀或列印(點擊 '列印'):\n\n注意:在您成功重啟電腦和啟動 Windows 前,您的檔並沒有被加密。因此,如果出現任何失敗,您的資料不會丟失。然而,如果過程中發生某些錯誤,您可能在啟動 Windows 時會遇到麻煩。因此,請閱讀(如果可能,請列印)下面的操作指南,以瞭解在重啟電腦後不能啟動 Windows 時如何操作。\n\n - 不能啟動 Windows 時如何操作 ------------------------------------------------\n\n注意:這些指令僅在您還沒有開始加密時有效。\n\n- 如果在輸入正確的密碼後 Windows 未能啟動(或者您持續的輸入正確的密碼但 VeraCrypt 始終提示密碼錯誤),請不要驚慌。重啟電腦(或關機後再開機),在 TrueCrpyt 啟動管理器螢幕,按下鍵盤的 ESC 按鍵(並且如果您有多個系統,就選擇啟動哪個系統)。之後 Windows 應當會啟動(此時尚未加密系統)並且 VeraCrypt 會自動詢問你是否要卸載啟動驗證元件。如果由於系統分區/驅動器已經加密而導致前面步驟無效(沒有正確的密碼,沒有人可以啟動加密系統或者訪問該驅動器上的加密資料,即使他遵循前面步驟)。\n\n - - 如果前面步驟無效或者 VeraCrypt 啟動管理器螢幕並沒有出現(在 Windows 啟動前),請在光碟機中插入 VeraCrypt 應急盤並重啟電腦。如果 VeraCrypt 啟動管理器螢幕沒有出現 或者如果您在啟動管理器螢幕的 'Keyboard Controls' 部份沒有看到 'Repair Options' 項目,很可能您的 BIOS 設置了硬碟優先於光碟機啟動。如果是這種情況,重啟電腦,當你一看到 BIOS 啟動螢幕的時候按下 F2 或 DEL 按鍵,直到 BISO 設置介面出現。如果 BIOS 設置介面沒有出現,再次重啟電腦,在你按下重啟鍵的時候就按住 F2 或 DEL 按鍵。當 BIOS 設置介面出現時,配置您的 BIOS 優先從光碟機啟動(相關資訊可以參考您的主板說明書或者資訊您的電腦供應商尋求技術協助)。之後重啟電腦。VeraCrypt 啟動管理器應該就會從應急盤中啟動了。在VeraCrypt 啟動管理器螢幕,按下鍵盤的 F8 按鍵選擇修復選項(Repair Options)。在修復選項 'Repair Options' 功能表,選擇 'Restore VeraCrypt Boot Loader'(恢復啟動管理器)。之後從光碟機中取出應急盤並重啟電腦。之後 Windows 應當會啟動(此時尚未加密系統)。\n\n - 注意,如果由於系統分區/驅動器已經加密而導致前面步驟無效(沒有正確的密碼,沒有人可以啟動加密系統或者訪問該驅動器上的加密資料,即使他遵循前面步驟)。\n\n\n即使你丟失了你的 VeraCrypt 應急盤並且被攻擊者發現了,他們沒有正確的密碼也無法解密已經加密了的系統分區或驅動器。 - 預測試已經完成 - 預測試已經成功完成。\n\n警告:請注意,加密時如果遇到突然斷電、或者加密時由於軟硬體故障而導致的系統當機,有些資料可能會損壞或丟失。因此,在您開始加密前,請確認您已經備份了要加密的資料。如果您還沒有備份,請現在就備份這些資料(您可以點擊 '推遲',備份檔案,之後在以後的任何時候再運行 VeraCrypt,並選擇 '系統' > '繼續中斷的進程' 來啟動加密)。\n\n當一切準備就緒時,點擊 '加密' 開始執行加密過程。 - 您可以在任何時候點擊 '暫停' 或者 '推遲' 以打斷加解密進程、退出嚮導、重啟或關閉電腦,並在以後繼續中斷的進程,繼續時將會從中斷位置開始。為防止對系統或程式讀寫系統驅動器造成的速度降低,VeraCrypt 會自動等待資料讀寫完畢後(參考上面的狀態)自動繼續加解密。 - \n\n您可以在加密過程的任何時候點擊 '暫停' 或者 '推遲',來中斷加密的過程,退出嚮導,重啟電腦,並在此後繼續該過程,繼續的時候將會從上次中斷之處開始。注意:此加密卷在完全加密之前無法被載入。 - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - 隱形系統已啟動 - 原始系統 - Windows 會在系統分區創建(通常情況下,您並不知道或者同意)不同的日誌檔、暫存檔案等等。同時也會在系統分區存儲記憶體中的內容到休眠檔或虛擬記憶體頁面檔。因此,如果攻擊者分析原始系統(即隱形系統所克隆的系統來源)所在分區的檔,他可能會發現,例如,您使用過 VeraCrypt 嚮導的隱形系統創建模式(因此可能暗示電腦中存在隱形系統。\n\n要預防此類問題,在後面步驟中,VeraCrypt 將會安全擦除原始系統所在分區的所有內容。在此之後,為了達到隱蔽性,您需要在此分區上安裝新的作業系統並使用 VeraCrypt 加密它(即成為所謂的迷惑系統)。因此您將會創建完成這個迷惑系統並且整個隱形系統的創建過程也會相應的完成。 - 隱形系統已經成功創建。然而,在您使用隱形系統(以及達到隱蔽性)之前,您需要安全擦除當前運行的系統所在分區的全部內容(使用 VeraCrypt)。在您這樣做之前,您需要重啟電腦,並在之後的VeraCrypt 啟動管理器螢幕(在 Windows 啟動前出現),輸入隱形系統的密碼。之後,在隱形系統啟動後,VeraCrypt 嚮導將會自動載入。\n\n說明:如果您現在選擇終止隱形系統的創建過程,您將〖無法再〗繼續該過程並且隱形系統將〖不能再〗被訪問(這是因為 VeraCrypt 啟動管理器將會被移除)。 - 您已經設置了創建隱形系統的計畫任務。該計畫尚未完成。要完成該計畫,您需要重啟電腦,並在 VeraCrypt 啟動管理器螢幕(在 Windows 啟動前出現),輸入隱形系統的密碼。\n\n注意:如果您現在選擇終止隱形系統的創建過程,您將〖無法〗再繼續該過程。 - 重啟電腦並繼續 - 永久終止隱形系統的創建過程 - 什麼也不做並在以後詢問 - \n如果可能,請列印此段文本(單擊下面的“列印”按鈕)。\n\n\nVeraCrypt 應急盤使用時機和使用方法(加密後)-----------------------------------------------------------------------------------\n\n - I. 如何啟動 VeraCrypt 應急盤\n\n要使用 VeraCrypt 應急盤,把應急盤插入光碟機並重啟電腦。如果 VeraCrypt 應急盤螢幕並沒有出現(或者如果您在啟動管理器螢幕的 'Keyboard Controls' 部份沒有看到 'Repair Options' 項目),很可能您的 BIOS 設置了硬碟優先於光碟機啟動。如果是這種情況,重啟電腦,當你一看到 BIOS 啟動螢幕的時候按下 F2 或 DEL 按鍵,直到 BISO 設置介面出現。如果 BIOS 設置介面沒有出現,再次重啟電腦,在你按下重啟鍵的時候就按住 F2 或 DEL 按鍵。當 BIOS 設置介面出現時,配置您的 BIOS 優先從光碟機啟動(相關資訊可以參考您的主板說明書或者資訊您的電腦供應商尋求技術協助)。之後重啟電腦。VeraCrypt 啟動管理器應該就會從應急盤中啟動了。提示:在VeraCrypt 啟動管理器螢幕,您可以按下鍵盤的 F8 按鍵選擇修復選項(Repair Options)。\n\n\n - II. VeraCrypt 應急盤使用時機和使用方法(加密後)\n\n - 1)如果在你啟動電腦前沒有出現 VeraCrypt 啟動管理器螢幕(或者 Windows 沒有能夠啟動),那麼 VeraCrypt 啟動管理器可能已經損壞。VeraCrypt 應急盤允許您恢復啟動管理器並重新獲取對加密系統和資料的訪問(當然您仍然需要輸入正確的密碼)。在應急盤螢幕選擇修復選項 'Repair Options' > 'Restore VeraCrypt Boot Loader'(恢復啟動管理器)。之後按下 'Y' 按鍵確認操作,從光碟機中取出應急盤並重啟電腦。\n\n - 2)如果您持續輸入正確密碼而 VeraCrypt 仍然提示密碼錯誤(password is incorrect),很可能是主密鑰或其他關鍵資料已經毀壞。VeraCrypt 應急盤允許您恢復這些資料因此就可以重新訪問這些加密的系統和資料了(當然您仍然需要輸入正確的密碼)。在應急盤螢幕,選擇修復選項 'Repair Options' > 'Restore key data'(恢復密鑰資料)。之後輸入您的密碼,按下鍵盤的 'Y' 確認操作,從光碟機中取出應急盤並重啟電腦。\n\n - 3)如果 VeraCrypt 啟動管理器被惡意程式損壞了或感染了,您可以通過運行應急盤來避免運行惡意程式。在光碟機中插入應急盤之後在應急盤螢幕輸入您的密碼。\n\n - 4)如果 Windows 已經損壞並且不能啟動,VeraCrypt 應急盤也可以允許您在啟動 Windows 前永久解密分區/驅動器,在應急盤螢幕,選擇修復選項 'Repair Options' > 'Permanently decrypt system partition/drive'(永久解密系統分區/驅動器)。之後輸入正確的密碼直到解密完成。接下來,您就可以啟動 Windows 的安裝光碟來修復 Windows 了。\n\n - 提示:另外一種方式,如果 Windows 已經損壞不能啟動,您需要修復它(或者訪問其上的檔),您可以通過以下步驟避免解密系統分區/驅動器:如果您在電腦上安裝了多個作業系統,啟動其中的某個不需要啟動驗證的系統。如果您的電腦沒有安裝多個作業系統,您可以啟動一個 WinPE 或者 BartPE CD/DVD 系統,或者是把硬碟驅動器連接到其他電腦上作為從盤並啟動其他電腦上的系統。在啟動到此類系統環境之後,運行 VeraCrypt,點擊 '選擇設備',選擇該受影響的系統分區,點擊 '確定',選擇 '系統' > '以非啟動驗證方式載入',輸入您的啟動驗證密碼並點擊 '確定' 按鈕。該分區將會以常規 VeraCrypt 加密分區的方式載入(資料也會象常規加密卷資料一樣在記憶體中即時加解密)。\n\n\n - 注意:即使你丟失了你的 VeraCrypt 應急盤並且被攻擊者發現了,他們沒有正確的密碼也無法解密已經加密了的系統分區或驅動器。 - \n\n重要 -- 如有可能請列印出來(點擊 '列印')。\n\n\n注意:這些文本在您每次啟動隱形系統時會自動顯示,直到您開始創建迷惑系統。\n\n\n - 如何成功和安全的創建迷惑系統 ----------------------------------------------------------------------------\n\n為了達到隱蔽性的目地,您現在應當創建迷惑系統。要達到這個目地,請遵循如下步驟:\n\n - 1)安全考慮,關閉您的電腦並保持關機狀態幾分鐘(時間越長越好)。這是出於清除記憶體中敏感資料的需要。之後打開電腦但不要啟動隱形系統。\n\n - 2)在已被擦除內容的原系統分區上安裝 Windows(也就是之前隱形系統克隆的系統源分區)。\n\n重要:在您開始安裝迷惑作業系統時,隱形系統將無法啟動(這是因為 VeraCrypt 啟動管理器將會被 Windows 系統安裝程式所清除)。這種情況是很正常的,遇到了請不必驚慌。一旦您開始加密迷惑系統,您就能夠啟動隱形系統了(這是因為 VeraCrypt 之後會自動在系統啟動器上安裝 VeraCrypt 啟動管理器)。\n\n重要:迷惑系統分區的大小必須等於隱藏加密卷的大小(此條件已達到)。並且,您必須不能在迷惑系統分區和隱形系統所在分區之間創建任何分區。\n\n - 3)啟動迷惑系統(即您在前面的第 2) 步中安裝的並把 VeraCrypt 安裝到其中的那個系統)。\n\n必須牢記迷惑系統中從來都不要包含任何敏感資料。\n\n - 4)在迷惑系統中,運行 VeraCrypt 並選擇 '系統' > '加密系統分區/設備'。將會出現 VeraCrypt 加密卷創建嚮導。\n\n VeraCrypt 加密卷創建嚮導中執行以下步驟。\n\n - 5)在 VeraCrypt 加密卷創建嚮導中,不要選擇 '隱藏' 選項。保持 '常規' 選項為選中狀態並點擊 '下一步'。\n\n - 6)選擇選項 '加密 Windows 系統分區' 並點擊 '下一步'。\n\n - 7)如果電腦中只安裝了一個隱形系統和迷惑系統,請選擇 '單系統'(如果在這兩個系統之外還有其他系統,請選擇 '多系統')。之後點擊 '下一步'。\n\n - 8)重要:在本步中,對於迷惑系統,您必須選擇與加密隱形系統相同的加密演算法和哈希演算法!否則將無法訪問隱形系統。換句話說,迷惑系統和隱形系統的加密演算法必須系統。說明:原因是迷惑系統和隱形系統共用一個單啟動管理器,這個管理器只支持用戶選擇的某個單一演算法(對於每種演算法,都會對應一個特定的 VeraCrypt 啟動管理器版本)。\n\n - 9)在這個步驟中,為迷惑系統選擇一個密碼。當您被要求或者強迫提供啟動驗證密碼時您可以洩漏這個迷惑系統的密碼(另外一個可以洩漏的密碼是外層加密卷密碼)。而第三個密碼(也就是啟動驗證裏面用於啟動隱形系統的密碼)仍然是保密的。\n\n重要:迷惑系統的密碼必須完全不同於隱藏加密卷的密碼(隱藏加密卷的密碼也就是隱形作業系統的密碼)。\n\n - 10)遵循嚮導的其餘指令以加密迷惑作業系統。\n\n\n\n - 在迷惑作業系統創建之後 ------------------------------------------------\n\n在您加密了迷惑作業系統之後,這個隱形系統的創建就完成了,這時您可以使用三個密碼:\n\n1)啟動驗證中用於啟動隱形系統的密碼。\n\n2)啟動驗證中用於啟動迷惑作業系統的密碼。\n\n3)用於外層加密卷的密碼。\n\n - 如果您想啟動隱形作業系統,只需要在 VeraCrypt 啟動管理器螢幕(該螢幕出現於您開機或者重啟系統的時候)輸入隱形作業系統的密碼。\n\n如果您想啟動迷惑作業系統,只需要在 VeraCrypt 啟動管理器螢幕輸入迷惑作業系統的密碼即可。\n\n迷惑作業系統的密碼可以洩漏給強迫您說出密碼的人,而此時隱藏加密卷(以及隱形作業系統)的存在仍然是保密的。\n\n - 第三個密碼(外層加密卷的密碼),可以洩漏給強迫您說出系統分區之後那個分區密碼的人(這個分區包含外層加密卷和隱藏加密卷,隱藏加密卷中即為隱形系統)。而此時隱藏加密卷(以及隱形作業系統)的存在仍然是保密的。\n\n\n - 如果您把迷惑系統的密碼洩漏給強迫您說出密碼的人,如果他詢問為什麼(迷惑)系統分區的自由空間包含亂數據,您可以回答,例如:"這個分區以前包含 VeraCrypt 加密的系統但是我忘記了密碼(或者說這個系統已經損壞和無法啟動了),因此我不得不安裝了 Windows 和重新加密了這個分區"。\n\n\n - 如果您遵循了前面的指令並且遵循了《VeraCrypt User Guide》中的 "Security Precautions Pertaining to Hidden Volumes" 章節所提到的防護措施,則外人無法證明隱藏加密卷和隱形系統的存在,哪怕是外層加密卷已被載入或迷惑作業系統已被解密/啟動。\n\n如果您列印了此文本,在您創建迷惑作業系統之後並理解了文本中所述內容之後,強烈建議您銷毀這個文本(否則,如果該文本紙張被發現,可能會暗示電腦上有存在隱形系統的可能)。 - 警告:如果您沒有保護隱藏加密卷(保護的做法參考 VeraCrypt 用戶指南的"Protection of Hidden Volumes Against Damage"章節),請不要向外層加密卷寫入資料。否則您可能會覆蓋或損壞隱藏隱藏加密卷!請不要想外層加密卷寫入資料(注意,迷惑作業系統並未安裝在外層加密卷)。否則,您可能會覆蓋和損壞隱藏加密卷(以及在其內的隱形系統)! - 正在克隆作業系統 - 在下一步中,VeraCrypt 將會通過複製當前運行系統的內容到隱藏加密卷來創建隱形系統(被複製的資料將會使用與迷惑系統不同的密鑰即時加密))。\n\n請注意該過程將會在啟動驗證環境中執行(在 Windows 啟動前),並可能花費較長的時間;可能需要花費幾個小時或者幾天(依據系統分區容量和電腦性能而定,例如PM1.6GHz加密時大概的速度是0.5GB/分鐘左右)。\n\n您可以中斷該過程,關機,啟動作業系統並在此之後繼續該過程。然而,如果您中斷該過程,整個複製系統的過程將會不得不從頭開始(因為系統分區的內容在克隆期間必須不能被改變)。 - 您想要取消整個隱形作業系統的創建過程嗎?\n\n注意:如果現在取消,您將無法繼續該進程。 - 您要取消系統加密預測試嗎? - VeraCrypt 系統加密預測試失敗。您希望再試一次嗎?\n\n如果您選擇 '否',則啟動驗證元件將會被卸載。\n\n說明:如果 VeraCrypt 啟動管理器在 Windows 啟動前不要求您輸入密碼,這很可能是您的作業系統並沒有從該系統所安裝的驅動器引導的。目前並不支援這種方式。\n\n- 如果您使用了AES 之外的加密演算法並且預測試失敗了(並且您也輸入了密碼),這可能由有設計缺陷的驅動導致的。選擇 '否',嘗試再次加密系統分區/設備,但是要使用 AES 加密演算法(該演算法所需記憶體最低)。\n\n- 更多可能導致該錯誤的原因,請參考: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - 該系統分區/驅動器看起來沒有被加密(或者是沒有被完全加密)。 - 您的系統分區/驅動器已加密(部分或完全加密)。\n\n請在繼續進行前解密這個系統分區/驅動器。操作步驟:在 VeraCrypt 主視窗的功能表中,選擇 '系統' > '永久解密系統分區/驅動器'。 - 當系統分區/驅動器已被部份或完全加密時,您不能降級 VeraCrypt 的版本(但是可以更新到新版本或者從新安裝同一版本)。 - 您的系統分區/驅動器正在被加密/解密,或正在被修改。請在繼續操作前中斷這個加密/解密/修改進程(或者等待直到其完成)。 - 已經有 VeraCrypt 加密卷創建嚮導的實例在運行,並且正在執行對系統分區/驅動器的加密或解密操作。在您繼續前,請等候其完成或者關閉該實例。如果您無法關閉這個實例,請在繼續操作前重啟電腦。 - 加密或解密系統分區/驅動器的進程尚未完成。在進程完成前請稍候。 - 錯誤:加密分區/驅動器的過程已經未完成,該過程必須首先完成。 - 錯誤:加密 分區/卷 的過程尚未完成。您必須首先完成此過程。\n\n說明:要繼續該過程,在 TrueCrype 主介面的功能表中,選擇 '加密卷' > '繼續被中斷的過程'。 - 密碼正確,VeraCrypt 已經成功解密加密卷頭資訊並檢測到了該加密卷存在一個隱形的作業系統。然而,您不能以此種方式修改隱形系統卷的頭資訊。\n\n要修改隱形系統卷的密碼,請啟動隱形作業系統,之後在 VeraCrypt 主介面選擇 '系統' > '修改密碼' 。\n\n要設置首密鑰的生成演算法,啟動隱形作業系統並在程式視窗選擇 '系統' > '設置首密鑰生成演算法'。 - VeraCrypt 不支援就地(在隱形系統內)解密隱形作業系統分區。\n\n說明:如果您想要解密迷惑作業系統,可以啟動到迷惑作業系統,在 VeraCrypt 程式中選擇 '系統' > '永久解密系統分區/驅動器'。 - 錯誤:錯誤/無效的參數。 - 您已經選擇了一個分區或者設備,但是在嚮導模式您只能選擇檔型加密卷。\n\n您希望改變嚮導模式嗎? - 您想取代創建為 VeraCrypt 檔型加密卷嗎? - 您已經選擇了系統分區/驅動器(或啟動分區),但是您選擇的嚮導模式只適用於非系統驅動器。\n\n您希望設置啟動驗證(意味著每次啟動 Windows 前,都需要您輸入密碼)和加密系統分區或驅動器嗎? - 您確認要永久解密系統分區/驅動器嗎? - 小心:如果您永久解密系統分區或驅動器,資料將會恢復為未加密狀態。\n\n您確認要永久解密系統分區或驅動器嗎? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - 警告:如果您使用一種級聯演算法加密作業系統,您可能會遇到以下問題:\n\n1)VeraCrypt 啟動管理器體積偏大,因此驅動器的第一個柱面可能無法容納 VeraCrypt 啟動管理器的備份。因此,當其損壞的時候(這個可能會經常發生,例如,在某些程式的有設計缺陷的反隱私操作情況下),您將需要使用 VeraCrypt 應急盤啟動和修復 VeraCrypt 啟動管理器。\n\n2)在一些電腦上,導致休眠時間過長。\n\n這些潛在的問題可以通過選擇一種非級聯演算法(例如 AES)來預防。\n\n您真的要堅持繼續使用級聯演算法嗎? - 如果您遇到任何前面描述的問題,請解密該分區/驅動器(如果已加密)並使用一種非級聯演算法加密(例如 AES)。 - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - VeraCrypt 啟動管理器的版本與系統中安裝的 VeraCrypt 驅動和程式版本不一致。\n\n您應當運行 VeraCrypt 安裝程式(版本號與 VeraCrypt 啟動管理器相同)來更新作業系統中的 VeraCrypt。 - 啟動該系統的 VeraCrypt 啟動管理器版本號不同於安裝在系統上的 VeraCrypt 設備驅動或 VeraCrypt 應用程式的版本號。請注意,早期版本可能存在一些新版已經修復的 BUG。\n\n如果您並未從應急盤啟動,您應當重新安裝 VeraCrypt 或者更新到最新的穩定版本(啟動管理器也會隨之更新)。\n\n如果您從應急盤啟動,您應當更新應急盤('系統' > '創建應急盤')。 - VeraCrypt 啟動管理器已經成功更新。\n\n強烈建議您重啟電腦後選擇 '系統' > '創建應急盤' 來創建一個新的 VeraCrypt 應急盤(將會包含新版的 VeraCrypt 啟動管理器)。 - VeraCrypt 啟動管理器已經更新。\n\n強烈建議您啟動迷惑作業系統並通過選擇功能表 '系統' > '創建應急盤' 創建一個新的 VeraCrypt應急盤(將會包含新版本的 VeraCrypt 啟動管理器)。 - 更新 VeraCrypt 啟動管理器時失敗。 - VeraCrypt 檢測系統驅動器真實大小失敗,因此,作業系統所報告的大小(將會比實際小)將會被使用。另外需要指明的是,這並不是 VeraCrypt 的程式問題(BUG)。 - 警告:看起來 VeraCrypt 曾經檢測過此系統驅動器上的隱藏磁區。如果您在上次檢測過程中遇到任何問題,您可以通過跳過隱藏磁區檢測來避免這個問題。注意,如果跳過檢測,VeraCrypt 將會使用作業系統報告的容量(要小於真實驅動器的容量)。\n\n此問題並不是 VeraCrypt 的程式 Bug。 - 跳過隱藏磁區的檢測(使用作業系統報告的容量) - 嘗試再次檢測隱藏磁區 - 錯誤:磁片上一個或多個磁區的內容無法讀取(可能由於物理因素影響)。\n\n這些磁區能夠重新讀取之前,就地加密的過程將無法繼續。VeraCrypt 能夠嘗試向其中寫入 0 來使這些磁區可讀(之後這些 0 填充的區塊將會被加密)。然而,請注意存儲於這些不可讀磁區的資料將會丟失。如果您想要避免資料丟失,您可以使用適當的第三方軟體恢復這些損壞資料的某些部分。\n\n注意:在有物理損壞磁區的情況下(不同於簡單的資料損壞和校驗錯誤),當有資料試圖向這些損壞磁區寫入資料時,大多數存儲設備都會在內部為這些要寫入的資料重新分配磁區(因此當前損壞磁區上的現有資料可能在啟動器上仍然保持未加密狀態)。\n\n您希望 VeraCrypt 為這些不可讀磁區填充 0 嗎? - 錯誤:磁片上一個或多個磁區的內容無法讀取(可能由於物理因素影響)。\n\n為了能夠繼續加密,VeraCrypt 不得不放棄這些不可讀磁區(磁區內容會被偽亂數據填充)。請注意,在繼續進行之前,您可以嘗試使用適當的第三方軟體恢復任何損壞資料的一部分。\n\n您希望 VeraCrypt 廢棄不可讀磁區中的資料嗎? - 說明:VeraCrypt 已經把 %I64d 的不可讀磁區(%s)的當前內容全部替換為加密的全部為 0 的純文本塊。 - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - 輸入口權杖 '%s' 的密碼/PIN: - 為允許 VeraCrypt 訪問安全口權杖或智慧卡,您首先需要為口權杖或智慧卡安裝一種 PKCS #11 運行庫,這些運行庫可能已經隨設備提供,或者可以從供應商網站或其他第三方網站上下載。\n\n在您安裝了運行庫後,您可以通過單擊 '選擇運行庫' 手動選擇,或者通過單擊 自動檢測運行庫' 來讓 VeraCrypt 發現和選擇(僅會搜索 Windows 系統目錄,比較耗費時間)。 - 說明:對於安裝到您電腦上的 PKCS #11 運行庫以及安全口權杖或智慧卡的檔案名和位置,請參考口權杖、智慧卡的文檔,或者參考第三方軟體。\n\n單擊 '確定' 按鈕選擇路徑和檔案名。 - 為允許 VeraCrypt 訪問安全口權杖或智慧卡,您需要為口權杖或智慧卡選擇一種 PKCS #11 運行庫。要做到這點,請選擇 '設置' > '安全口權杖'。 - 初始化 PKCS #11 安全口權杖運行庫失敗。\n\n請確認指定路徑和檔案名對應有效的 PKCS #11 運行庫。要指定 PKCS #11 運行庫路徑和檔案名,選擇 '設置 > '安全口權杖'。 - 在 Windows 系統目錄未發現 PKCS #11 運行庫。\n\n請確認您的安全口權杖或智慧卡已經安裝了 PKCS #11 運行庫(這些運行庫可能已經隨設備提供,或者可以從供應商網站或其他第三方網站上下載)。如果是被安裝到 Windows 系統目錄之外的地方,請點擊 '選擇運行庫' 來定位運行庫位置(例如:口權杖/智能卡 的安裝檔夾。 - 未發現安全口權杖。\n\n請確認您的安全口權杖已經連接到您的電腦上並且已經安裝好了正確的設備驅動程式。 - 安全口權杖密鑰檔未發現。 - 已經存在同名的安全口權杖密鑰檔。 - 您想要刪除指定檔嗎? - 安全口權杖密鑰檔路徑無效。 - 安全口權杖錯誤 - 安全口權杖密碼不正確。 - 安全口權杖無足夠的 記憶體/空間 執行請求的操作。\n\n如果您試圖導入一個密鑰檔,您應當選擇一個小一些的檔或者使用由 VeraCrypt 生成的密鑰檔(選擇 '工具' > '密鑰文件生成器')。 - 所有打開的口權杖會話均已被關閉。 - 選擇安全口權杖密鑰檔 - 插槽 - 口權杖名稱 - 檔案名 - 重要:請注意,啟動驗證的密碼總是以美國鍵盤佈局輸入的。因此,對於使用非美國鍵盤佈局輸入密碼的加密卷,在使用緩存的密碼載入時是不可能被載入的(注意這不是 VeraCrypt 的程式缺陷)。要允許這樣的加密卷使用啟動驗證密碼載入,請遵循以下步驟:\n\n1)點擊 '選擇檔' 或 '選擇設備' 並選擇加密卷。 2)選擇 '加密卷' > '更改加密卷密碼'。 3)輸入當前加密卷的密碼。 4)更改鍵盤佈局為 English (US),通過點擊 Windows 通知欄上的語言欄和選擇 '英語(美國)'。 5)在 VeraCrypt,在新密碼位置,輸入啟動驗證密碼。 6)在確認密碼位置重複輸入密碼,之後點 '確定'. 警告:如果您採用這些步驟,請牢記,加密卷密碼總是只能以美國鍵盤佈局輸入(這樣才能在啟動驗證環境中自動匹配)。 - 系統收藏加密卷將會以啟動驗證密碼載入。如果任何系統收藏加密卷使用了不同的密碼,它將不會被載入。 - 請注意,如果您希望系統收藏加密卷不會受到常規 VeraCrypt 加密卷操作的影響(例如 "全部卸載"),您應當啟用選項 '在 VeraCrypt 中,只允許系統管理員查看和卸載系統收藏加密卷'。另外,如果 VeraCrypt 以非管理員身份運行(在 Windows Vista 和以後版本的系統中默認為非管理員身份),系統收藏加密卷將不會出現在 VeraCrypt 程式視窗的驅動盤符列表中。 - 重要:請必須記住,此選項已經啟用並且 VeraCrypt 不具有系統管理員許可權,已載入的系統收藏加密卷不會顯示在 VeraCrypt 程式視窗並且它們也不能被卸載。因此,如果您需要卸載系統收藏加密卷,請右鍵單擊 VeraCrypt 圖示(在開始功能表中),並選擇“運行方式”和選擇管理員帳戶運行。"全部卸載"、"自動卸載"、"全部卸載"熱鍵等功能也存在上面所說的限制。 - 請注意,此設置在系統重啟後才會生效。 - 解析命令行時出錯。 - 應急盤 - 選擇和載入檔(&F)... - 選擇和載入設備(&D)... - 在 VeraCrypt 中,只允許系統管理員查看和卸載系統收藏加密卷 - 在 Windows 啟動時載入系統收藏加密卷(在啟動過程的初始階段) - 警告:載入為 '%s' 的加密卷上的檔系統並未徹底卸載因此而存在錯誤。繼續使用損壞的檔系統可能會導致資料丟失或者損壞。\n\n注意:在您物理移除或卸載包含已被載入的 VeraCrypt 加密卷的設備(例如U盤或移動硬碟)之前,您應當先在 VeraCrypt 中卸載加密卷。\n\n\n您希望 Windows 系統嘗試檢測和修復可能的檔系統錯誤嗎? - 警告:一個或者多個系統收藏加密卷並沒有完全卸載,因此可能包含檔系統錯誤。請查看系統事件日誌獲取更多資訊。\n\n使用損壞的檔系統可以導致資料丟失或者資料損壞。您應當檢查受影響的收藏加密卷的磁片錯誤(在 VeraCrypt 中右鍵單擊每個打開的收藏加密卷,之後選擇 '修復檔系統')。 - 警告:使用微軟的 'chkdsk' 工具修復受損的檔系統時可能會導致受損區域的資料丟失。因此,建議您首先備份存儲在 VeraCrypt 加密卷中的檔到另外完好的加密卷。\n\n您確認現在就修復檔系統嗎? - 由於寫入許可權被拒絕,加密卷 '%s' 不得不以唯讀模式載入。\n\n請確認檔類型加密卷的安全許可允許您對其執行寫入操作(右鍵單擊此容器並選擇 屬性 > 安全)。\n\n注意,由於 Windows 的原因,您可能在設置成合適的安全屬性後還會看到這個警告,這並非是 VeraCrypt 的程式故障。一個可能的解決方法是移動您的加密卷檔,例如移動到文檔檔夾。\n\n如果您確實要保持加密卷的唯讀模式,請設置加密卷的屬性為唯讀(右鍵單擊加密盤檔並選擇屬性 > 唯讀),這樣就可以禁止顯示警告了。 - 由於寫入許可權被拒絕,加密卷 '%s' 不得不以唯讀模式載入。\n\n請確認沒有其他程式(例如,防病毒程式)正在訪問加密卷所在的分區/設備。 - 加密卷 '%s' 已被已唯讀模式載入,這是因為作業系統報告主設備為防寫狀態。\n\n請注意,在一些第三方的晶片驅動中,已有錯誤報告指出可能會造成可寫入介質錯誤的被系統報告為防寫。這個問題並不是由 VeraCrypt 造成。這可以通過更新或卸載當前系統中的任何第三方晶片組驅動(非微軟認證)。 - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d 線程 - 請注意,硬體加速 AES 已被禁用,這將會影響測試結果(使性能變差)。\n\n要啟用硬體加速,請選擇 '設置' > '性能' 並禁用相應選項。 - 請注意,線程的數目當前受限,這將會影響測試結果(使性能變差)。\n\n要利用處理器的潛能,請選擇 '設置' > '性能' 並禁用相應選項。 - 您想要 VeraCrypt 嘗試禁用此分區/設備 的防寫嗎? - 警告:此設置可能會降低性能。\n\n您確認要使用該設置嗎? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - 測試 - 密鑰文件 - Backspace - Tab - Clear - Enter - Pause - Caps Lock - Spacebar - Page Up - Page Down - End - Home - 左箭頭 - 上箭頭 - 右箭頭 - 下箭頭 - Select Key - Print Key - Execute Key - Print Screen - Insert - Delete - Applications Key - Sleep - Num Lock - Scroll Lock - Browser Back - Browser Forward - Browser Refresh - Browser Stop - Browser Search - Browser Favorites - Browser Home - Mute - Volume Down - Volume Up - Next Track - Previous Track - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Application 1 - Application 2 - Attn - CrSel - ExSel - Play - Zoom - 數位鍵盤 - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + 取消 + 為所有用戶安裝(&F) + 流覽(&W)... + 在桌面添加 VeraCrypt 圖示(&D) + Donate now... + 關聯 .hc 文件到 VeraCrypt(&E) + 完成後打開目標位置(&O) + 創建 VeraCrypt 的開始菜單項(&S) + 創建系統還原點(&R) + 卸載(&U) + 釋放(&E) + 安裝(&I) + VeraCrypt 安裝嚮導 + 卸載 VeraCrypt + 説明(&H) + 請選擇或者輸入您希望釋放到的位置: + 請選擇或輸入您希望 VeraCrypt 程式檔釋放到的位置。如果指定檔夾不存在,檔夾將會被自動創建。 + 點擊“卸載”按鈕從系統中卸載 VeraCrypt。 + 放棄 + 測試(&B) + 測試(&T) + 創建加密卷並格式化 + 就地加密分區 + 顯示生成的密鑰(及其部分) + 顯示緩衝內容 + 下載 CD/DVD 刻錄軟體(聯網) + 創建檔型加密卷 + GB(&G) + TB(&T) + 更多資訊(聯網) + 隱藏的 VeraCrypt 加密卷(&D) + 關於隱藏加密卷的更多資訊(聯網) + 直接模式 + 常規模式 + KB(&K) + 使用密鑰檔(&S) + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + 密鑰文件(&K).. + 關於混雜演算法的更多資訊(聯網) + 更多資訊(聯網) + Information on PIM + MB(&M) + 更多資訊(聯網) + 關於系統盤加密的更多資訊(聯網) + 更多資訊(聯網) + 多重啟動 + 加密非系統分區/設備 + 從不保留歷史記錄(&S) + 打開外層加密卷 + 暫停(&P) + Use P&IM + Use PIM + 快速格式化 + 顯示密碼(&D) + 顯示密碼(&D) + &Display PIM + 單系統 + 標準 VeraCrypt 加密卷 + 隱藏(&D) + 常規 + 加密系統分區或者整個系統所在硬碟 + 加密 Windows 系統分區 + 加密整個硬碟驅動器 + VeraCrypt 加密卷創建嚮導 + + 重要:在視窗範圍內儘量任意移動滑鼠。移動時間越長越好。這將會極大的增強密鑰的加密強度。之後點擊 '下一步' 按鈕繼續。 + 確認(&C): + 完成 + Drive letter: + 加密演算法 + 檔系統 + 創建一個檔類型的加密盤,推薦入門用戶使用。 + 選項 + 哈希演算法 + 首密鑰: + 剩餘 + 主密鑰: + 如果此電腦上安裝了兩個或多個作業系統請選擇此項。\n\n例如:\n- Windows XP 和 Windows XP\n- Windows XP 和 Windows Vista\n- Windows 和 Mac OS X\n- Windows 和 Linux\n- Windows,Linux 和 Mac OS X + 加密一個內部或者外部驅動器上的非系統分區(例如. 優盤)。也可以創建一個隱藏的加密卷。 + 當前緩存內容(部分) + 密碼 + 密碼: + Volume PIM: + Volume PIM: + 進程: + 隨機緩衝: + 如果電腦上只安裝了一個作業系統請選擇此項(儘管該作業系統下可能有多個用戶)。 + 速度 + 狀態 + 密鑰、要素、以及其他資料已被成功生成。如果您希望生成新的密鑰,請點擊 '後退' 然後點擊 '下一步' 按鈕。否則點擊 '下一步' 按鈕繼續。 + 加密 Windows 系統所在的 分區/驅動器。加密後,任何人想要訪問和使用這個系統、讀寫檔等,都需每次在 Windows 啟動前輸入正確的密碼。也可以選擇創建一個隱形的作業系統。 + 選擇此選項,以加密您當前 Windows 作業系統所安裝的分區。 + Volume Label in Windows: + 擦除模式: + 關閉 + 允許按下 Esc 按鍵跳過啟動驗證(啟用啟動管理器)(&A) + 什麼也不做 + 自動載入 VeraCrypt 加密卷(下麵指定的)(&A) + 運行 VeraCrypt(&S) + 自動檢測運行庫(&D) + 緩存啟動驗證密碼到驅動記憶體(用來載入非系統加密卷)(&C) + 流覽... + 流覽... + 在記憶體中緩存密碼和密鑰檔(&A) + 沒有加密卷被載入時退出 + 在有加密卷成功載入後關閉口權杖會話(登出)(&C) + Include VeraCrypt Volume Expander + 包含 VeraCrypt 加密卷創建嚮導 + 創建 + 創建加密卷(&C) + 在啟動驗證螢幕不顯示任何文本(僅顯示下面自定義的資訊)(&S) + Disable "Evil Maid" attack detection + 使用處理器指令加速 AES 加解密(如果功能可用) + 使用密鑰檔 + 使用密鑰檔 + 退出(&X) + 收藏加密卷的幫助 + 當 '載入收藏加密卷' 熱鍵按下時不載入選定的加密卷(&H) + 當主設備被連接時載入選定加密卷(&C) + 登錄時載入選定加密卷(&O) + 以唯讀方式載入選定加密卷(&N) + 以可移動介質方式載入選定加密卷(&V) + 下移(&D) + 上移(&U) + 當成功載入選定加密卷後,為其打開資源管理器視窗(&E) + 移除(&R) + Use favorite label as Explorer drive label + 全局設置 + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + 分配 + 移除 + 密鑰文件... + 不使用下面數目的處理器加密/解密: + 更多資訊(聯網) + 更多資訊(聯網) + 更多設置... + 自動載入設備(&A) + 載入選項(&A)... + 以唯讀模式載入加密卷(&O) + 密鑰文件... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + 啟用 + 在驅動記憶體中緩存密碼 + 自動卸載加密卷,在無數據讀寫動作下面時間後 + 用戶註銷時 + User session locked + 進入待機狀態時 + 螢幕保護載入時 + 強制自動卸載,無論加密卷是否有被打開的檔或目錄 + 載入所有設備類 VeraCrypt 加密卷 + 啟動 VeraCrypt 後臺任務 + 以唯讀模式載入加密卷 + 以可移動介質模式載入加密卷 + 為成功載入的加密卷打開資源管理器視窗 + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + 自動卸載時擦除緩存的密碼 + 退出時擦除緩存的密碼 + 保留檔類型加密卷的修改時間戳 + 重置 + 選擇設備(&E)... + 選擇檔(&F)... + 選擇運行庫(&L)... + 顯示密碼 + 顯示密碼 + 為載入的加密卷打開資源管理器視窗(&E) + 在驅動記憶體中緩存密碼(&C) + TrueCrypt Mode + 全部卸載(&S) + 加密卷屬性(&V)... + 加密卷工具(&T)... + 擦除緩存(&W) + VeraCrypt - Mount Parameters + VeraCrypt - 收藏加密卷 + VeraCrypt - 系統熱鍵 + VeraCrypt + 更改密碼或密鑰檔 + 輸入 VeraCrypt 加密卷密碼 + VeraCrypt - 性能選項 + VeraCrypt - 參數選擇 + VeraCrypt - 系統加密設置選項 + VeraCrypt - 安全口權杖參數 + VeraCrypt 便攜磁片安裝 + VeraCrypt 加密卷屬性 + 關於 VeraCrypt... + 添加或移除密鑰文件... + 添加已載入的加密卷為收藏加密卷... + 添加已載入的加密卷為系統收藏加密卷... + 分析系統崩潰原因... + 備份加密卷頭信息... + 基準測試... + 設置首密鑰衍生演算法... + 更改加密卷密碼... + 設置首密鑰離散演算法... + 更改密碼... + 清除加密卷歷史記錄 + 關閉所有安全口權杖會話 + 聯繫作者(聯網)... + 創建隱形作業系統... + 創建應急盤... + 創建加密卷... + Permanently Decrypt... + 默認密鑰文件... + Default Mount Parameters... + Donate now... + 加密系統分區/驅動器... + 常見問題(聯網) + 用戶指南 + 主頁(聯網)(&H) + 系統熱鍵... + 密鑰文件生成器 + 語言選擇... + 法律聲明(聯網) + 管理安全口權杖密鑰文件... + 自動載入全部設備類加密卷 + 載入收藏加密卷 + 以非啟動驗證方式載入(&A)... + 載入所選加密卷 + 根據選項載入加密卷 + 軟體新聞(聯網) + 線上幫助(聯網) + 用戶嚮導(聯網) + 管理收藏加密卷... + 管理系統收藏加密卷... + 性能... + 永久解密系統分區/驅動器 + 參數選擇... + 刷新盤符列表 + 從加密卷中移除所有密鑰... + 恢復加密卷頭資訊... + 繼續被中斷的過程 + 選擇設備... + 選擇檔... + 繼續被中止的進程 + 系統加密... + 屬性... + 設置... + 系統收藏加密卷... + 下載頁面(聯網) + 測試向量... + 安全口權杖... + 便攜磁片安裝... + 卸載全部載入的加密卷 + 卸載所選加密卷 + 驗證應急盤 + Verify Rescue Disk ISO Image + 版本歷史(聯網) + Volume Expander + 加密卷屬性 + 加密卷創建嚮導 + 官方網站(聯網) + 擦除緩存的密碼 + 確定 + 硬體加速 + 熱鍵 + 自動運行配置(autorun.inf) + 自動卸載 + 全部卸載,當: + 啟動管理器螢幕選項 + 確認密碼: + 當前密碼 + 在啟動驗證螢幕顯示下面自定義資訊(最多 24 個字元): + 默認載入選項 + 熱鍵設置 + Driver Configuration + Enable extended disk control codes support + 所選收藏加密卷的標籤: + 檔選項 + 要分配的熱鍵: + Processor (CPU) in this computer supports hardware acceleration for AES: + Windows 登陸時執行的操作 + 分鐘 + 以該驅動器盤符載入: + 載入設置 + 新密碼 + 密碼: + 線程基礎的平行計算 + PKCS #11 運行庫路徑 + PKCS-5 PRF: + PKCS-5 PRF: + 密碼緩存 + 安全選項 + VeraCrypt 後臺任務 + 要載入的 VeraCrypt 加密卷(相對於便攜磁片的根目錄): + 在插入便攜磁片時: + 創建便攜磁片檔於(便攜磁片根目錄): + 加密卷 + Windows + 添加路徑(&P)... + 全部自動測試(&A) + 繼續(&C) + 解密(&D) + 刪除(&D) + 加密(&E) + 導出(&E)... + 生成並保存密鑰檔... + 生成隨機密鑰檔(&G)... + 下載語言包 + 硬體加速 AES: + 導入密鑰文件到口權杖(&I)... + 添加文件(&F)... + 使用密鑰檔(&A) + 密鑰文件(&K)... + 移除(&R) + 全部移除(&A) + 什麼是隱藏加密卷保護? + 密鑰檔的更多資訊(聯網) + 載入加密卷為可移動介質(&M) + 以非預啟動驗證方式載入使用系統加密處理的分區(&U) + 平行計算: + 基準測試 + 列印(&P) + 向外層加密卷寫入資料時保護隱藏加密卷(&P) + 重置(&R) + 顯示密碼(&A) + 添加口權杖(&T)... + 使用嵌入在卷中的備份頭資訊(如果有可用的)(&V) + XTS 模式 + 關於 VeraCrypt + VeraCrypt - 加密演算法基準測試 + VeraCrypt - 測試向量 + 命令行幫助 + VeraCrypt - 密鑰文件 + VeraCrypt - 密鑰文件生成器 + VeraCrypt - 語言 + VeraCrypt - 載入選項 + 新的安全口權杖密鑰檔屬性 + VeraCrypt - 隨機緩衝增強 + 選擇一個分區或設備 + VeraCrypt + 安全口權杖密鑰檔 + 需要安全口權杖密碼PIN + 當前語言包 + 速度由 CPU 和存儲設備性能決定。\n\n這些測試在記憶體中進行。 + 緩衝大小: + 密碼: + 隱藏加密卷的密碼(&A):\n(如果為空,則使用緩存) + 保護隱藏加密卷 + 密鑰長度: + 重要:請在此視窗內隨機移動滑鼠,移動時間越長越好。這將會顯著增加密鑰的加密強度。 + 警告:如果您丟失了密鑰檔或者密鑰檔的前 1024 KB 位元組已改變,將不可能再載入使用該密鑰的加密卷! + + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + 翻譯人員: + 明文密碼長度: + + 當前緩衝內容 + 混合 PRF: + 重要:在視窗內盡可能自由的移動滑鼠。移動時間越長效果越好。這將會顯著增加安全性。當操作完成時,點擊 '繼續' 按鈕。 + 次密鑰(十六進位) + 安全口權杖: + 排序方式: + 請耐心等待,此過程可能需要較長時間... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + 塊數值: + 加密文本(十六進位) + 資料單元數值(64-位元十六進位,資料單元大小為 512 位元組) + 密鑰(十六進位) + 明文密碼(十六進位) + 密鑰檔案名: + XTS 模式 + 系統(&Y) + 加密卷(&V) + 收藏卷(&I) + 工具(&O) + 設置(&G) + 説明(&H) + 主頁(聯網)(&P) + + 關於(&A)... + 不能更改舊版本加密卷的唯讀屬性。請檢查檔訪問許可權。 + 錯誤:訪問被拒絕。\n\n您試圖要訪問的分區要麼長度是 0 磁區,要麼是啟動設備。 + 系統管理員 + 要載入 VeraCrypt 驅動,您必需以一個具有管理員許可權的帳號登陸。 + 請注意:如果要加密或格式化某分區和設備您必需以一個 具有管理員許可權的帳號登陸。\n\n檔類型加密卷不受這個限制。 + 如果要創建隱藏的加密卷,您必須以一個 具有管理員許可權的帳號登陸。\n\n需要繼續嗎? + 請注意:如果要把加密卷格式化為 NTFS 檔系統,您必需以一個 具有管理員許可權的帳號登陸。\n\n若無管理員許可權,您可以格式化加密卷為 FAT 檔系統。 + FIPS-認可的加密演算法(Rijndael,發表於 1998)可能被美國聯邦部門和機構用來對特定資訊進行頂極保護。256 位密鑰、128-位塊、14 次離散迴圈(AES-256,發表於 2001 年)。操作模式為 XTS。 + 加密卷已載入。 + 小心:在內置自動檢測時,至少一個 加密或哈希演算法失敗了!\n\n此 VeraCrypt 安裝可能已損壞。 + 注意:在亂數生成器緩衝中的資料不足,無法提供要求數量的亂數據。\n\n您不應當繼續進行。請從幫助功能表選擇“報告錯誤”來報告此軟體錯誤。 + 該設備已經損壞(這是物理損壞)或者線纜損壞,或者是記憶體出現故障。\n\n請注意這是您的硬體的問題,並不是 VeraCrypt 的問題。因此,請不要把這個報告為 VeraCrypt 的錯誤,並且也不要在 VeraCrypt 論壇對此問題尋求幫助。請聯繫您的電腦供應商獲取技術支援,謝謝您!\n\n注意:如果該提示反復出現在同一位置,那就很可能是磁片壞塊導致的,應該通過使用第三方軟體來修復(請注意,在很多情況下,'chkdsk /r' 命令由於工作在系統層因此不能修復此問題;在某些情況中,'chkdsk' 工具甚至不能檢測到此類錯誤。 + 如果您正在訪問驅動器上的可移動介質,請確認可移動介質已經插入驅動器。驅動器/介質可能已被損壞(可能是物理原因),或者線纜已經損壞或斷開。 + 您的系統好象使用了帶有不支援創建全盤加密缺陷的第三方的晶片驅動。\n\n請在繼續之前嘗試更新或者卸載任何第三方晶片驅動(非微軟認證的驅動)。 如果仍然不起作用,請嘗試只加密系統分區。 + 無效驅動器盤符。 + 無效路徑。 + 取消 + 無法訪問設備。請確保選中的設備存在並且未被系統佔用。 + 警告:Caps Lock(大小寫鎖定)已開啟。這可能導致您輸入密碼錯誤。 + 卷類型 + 可能在某些情況,有些人會迫使您告訴它們加密卷密碼。很多情況您可能無法拒絕這種要求(例如,存在暴力因素)。使用這種隱藏加密卷可以解決此類問題,而不須洩漏隱藏加密卷密碼。 + 選擇您希望創建常規 VeraCrypt 加密卷的選項。 + 請注意,如果您希望把作業系統安裝在隱藏加密分區之中,那麼整個系統驅動器不能使用單獨的密鑰加密(翻譯待驗證)。 + 外層加密卷加密選項 + 隱藏加密卷加密選項 + 加密選項 + 警告:清除上次選擇的加密卷或密鑰檔路徑失敗(由檔選擇器記憶)! + 錯誤:此加密卷在 NTFS 格式分區上壓縮過。VeraCrypt 不支持壓縮過的加密卷(這是因為壓縮過的加密資料會低效和存在資料冗餘)。\n\n請使用以下步驟取消壓縮: 1)在Windows資源管理器中右鍵單擊加密卷(不是在 VeraCrypt 視窗中)。 2)選擇“屬性”。 3)在“屬性”對話方塊,單擊“高級”。 4)在“高級屬性”對話方塊,禁用“壓縮內容以節省磁碟空間”並點擊“確定”。 5)返回到“屬性”對話方塊,點“確定”。 + 創建加密卷 %s 失敗 + %s 的大小為 %.2f 位元組 + %s 的大小為 %.2f KB + %s 的大小為 %.2f MB + %s 的大小為 %.2f GB + %s 的大小為 %.2f TB + %s 的大小為 %.2f PB + 警告:設備/分區正在被系統或應用程式佔用。格式化該設備/分區它可能導致資料丟失或系統不穩定。\n\n繼續進行格式化嗎? + 警告:該分區正在被作業系統或應用程式使用。您應當關閉任何可能佔用此分區的程式(包括反病毒軟體)。\n\n確認繼續嗎? + 錯誤:該設備/分區包含不能被卸載的檔系統。此檔系統可能被作業系統使用。格式化此設備/分區很可能會導致資料損壞或者是系統不穩定。\n\n要解決此問題,我們推薦您首先刪除該分區之後在不格式化的情況下重新創建這個分區。要達成此目的,請遵照下麵步驟: 1)在 '開始' 菜單右鍵單擊 '電腦'(或者 '我的電腦')圖示,之後選擇 '管理',顯示 '電腦管理' 視窗。 2)在 '電腦管理' 視窗,選擇 '磁片管理'。 3)右鍵單擊要加密的分區,你可以選擇 '刪除分區' 或者是 '刪除卷',或者是 '刪除邏輯驅動器'。 4)如果 Windows 提示重啟電腦,點 '是' 重啟。之後在第 5 個步驟中重複第 1 和第 2 步。 5)右鍵單擊未分配/自由空間並選擇 '新建分區',或者 '新的卷',或者 '新邏輯驅動器'。 6)在 '新分區嚮導' 或者 '新建卷嚮導' 視窗中,在帶有 '格式化分區' 標題的對話方塊中,選擇 '不格式化此分區' 或者是 '不格式化此卷'。在同樣的嚮導裏面,點 '下一步' 之後點 '完成' 按鈕。 7)注意:您現在在 Veracrypt 中選擇的設備路徑可能是錯誤的,因此,退出並重新啟動 VeraCrypt 加密卷創建嚮導(如果正在運行)。 8)嘗試重新加密該設備/分區。\n\n如果 VeraCrypt 仍然會加密失敗,您可以考慮創建檔類型的加密卷。 + 錯誤:此檔系統不能被鎖定 和/或 卸載。可能正在被作業系統或應用程式佔用(例如反病毒軟體)。加密此分區可能會導致資料損壞或者系統不穩定。\n\n請關閉任何可能佔用此分區的程式(包括反病毒軟體)並再試一次。如果仍然無效請參考下面步驟。 + 警告:一些載入的設備/分區正在使用中!\n\n若忽略這些則可能導致非期望的結果,包括系統不穩定。\n\n我們強烈建議您關閉所有可能正在使用 此設備/分區的應用程式。 + 選定的設備包含分區。\n\n格式化該設備可能會導致系統不穩定或資料丟失。您可以選擇該設備的某個分區,或者刪除該設備的所有分區,以保證 VeraCrypt 對其安全格式化。 + 選擇的非系統設備包含多個分區。\n\n設備類加密卷也可以在不包含任何分區的設備中創建(包括硬碟以及固態硬碟設備)。一個包含多個分區的設備,只有在此驅動器為 Windows 安裝和啟動分區時,才可以就地整盤加密(使用單一主密鑰)。\n\n如果您想使用單一主密鑰加密選擇的非系統設備,您需要首先移除所有分區以便 VeraCrypt 對其安全格式化(格式化包含多個分區的設備可能會導致系統不穩定 和/或 資料損壞。作為替代方法,您也可以單獨加密驅動器上的每個分區(每個分區將使用不同的主密鑰)。\n\n注意:如果您想從 GPT 磁片中移除所有分區,您可能需要把它轉換為 MBR 磁片(使用諸如電腦管理工具)以便移除隱藏分區。 + 警告:如果您加密了整個設備(而不是只加密設備上的一個分區),作業系統將會認為這個設備是新的、空的,和未格式化的(因為它沒有分區表),因此可能隨後會初始化這個設備(或者詢問您是否初始化),這可能會損壞加密卷。另外,也不能一如既往的將此加密卷載入為收藏卷(例如,當驅動器數目變化時),也不能為其賦予收藏卷標籤。\n\n要避免此類事情發生,您可以考慮在此設備上創建一個分區並加密此分區。\n\n您確認要加密整個設備嗎? + 重要:請牢記,此加密卷不能使用當前賦給它的驅動器盤符 %c: 載入/訪問,這個盤符已經賦給了這個分區!\n\n要載入此加密卷,點擊 VeraCrypt 主視窗的 '自動載入設備'(也可以這樣,在 VeraCrypt 主視窗,點擊 '選擇設備',之後選擇該分區/驅動器,然後點 '載入' 按鈕)。這個加密卷便會以不同的盤符載入(這個盤符可以在 VeraCrypt 主視窗的盤符列表中選擇)。\n\n原始的驅動盤符 %c: 僅應當在您需要移除對該分區/驅動器的加密時使用(例如:如果您不再需要加密)。在這種情況下,右鍵單擊 '我的電腦'(或者是 '資源管理器')中的驅動器盤符 %c: 並選擇 '格式化'。否則該驅動器盤符 %c: 應當一直都不要使用(除非您移除它並把它指定給另外的分區/驅動器)。 + 就地加密非系統卷在您的作業系統裏不被支援(僅在 Windows Vista 和以後版本中支持)。\n\n原因是當前作業系統不支援檔系統壓縮(檔系統需要壓縮來為加密卷頭資訊以及備份頭資訊獲取空間)。 + 選擇的分區看起來不包含 NTFS 檔系統。僅在 NTFS 檔系統下才支援就地加密。\n\n說明:原因是當前作業系統不支援檔系統壓縮(檔系統需要壓縮來為加密卷頭資訊以及備份頭資訊獲取空間)。 + 選擇的分區看起來不包含 NTFS 檔系統。僅在 NTFS 檔系統下才支援就地加密。\n\n如果您想在此分區內創建 VeraCrypt 加密卷,請選擇 "創建加密卷並格式化"(而不是選擇 "就地加密分區"). + 錯誤:分區太小,VeraCrypt 不能實現就地加密。 + 要加密此分區的資料,請遵循以下步驟:\n\n1)在一個空的 分區/設備 上創建一個 VeraCrypt 加密卷之後載入此加密卷。\n\n2)複製待加密分區中的所有資料到這個已經載入的 VeraCrypt 加密卷(該加密卷已經在步驟 1) 中創建)。這種方式下,您就創建了一個被 VeraCrypt 加密了的資料備份。\n\n3)在要加密的分區上創建一個 VeraCrypt 加密卷並確認您選擇了(在 VeraCrypt 嚮導中)選項 "創建加密卷並格式化"(而不是選擇選項 "就地加密分區")。注意,所有存儲於該分區的資料都會被擦除。加密卷創建之後,載入這個加密卷。\n\n4)複製備份加密卷(在步驟 1) 中創建的)中的所有檔到這個新創建和載入的加密卷中(在步驟 3) 中創建和載入的)。\n\n完成以上步驟之後,資料將會被加密,並且,也會額外的備份了資料的加密副本。 + VeraCrypt 只能就地加密分區、動態卷,或者整個系統啟動器。\n\n如果您想在選擇的非系統設備中創建加密卷,請選擇選項 "創建加密卷並格式化"(而不是選擇選項 "就地加密分區")。 + 錯誤:VeraCrypt 只能就地加密分區、動態卷,或者整個系統啟動器。請確認指定的路徑有效。 + 錯誤:不能壓縮檔系統(檔系統需要壓縮來為加密卷頭資訊以及備份頭資訊獲取空間)。\n\n可能原因及解決:\n\n- 該卷上無足夠的剩餘空間。請確認沒有其他程式正在寫入此檔系統。\n\n- 損壞的檔系統。嘗試檢查和修復錯誤(在 '我的電腦' 裏右鍵單擊相應的驅動器盤符,之後選擇 屬性 > 工具 > '開始檢查',確認已經選擇了選項 '自動修復檔系統錯誤',之後單擊 '開始' 按鈕)。\n\n如果以上方法都不起作用,請遵循以下步驟。 + 錯誤:剩餘空間不足,因此檔系統不能被壓縮(檔系統需要壓縮來為加密卷頭資訊以及備份頭資訊獲取空間)。\n\n請刪除任何多餘檔並清空回收站以便釋放 256KB 的空間之後再嘗試。注意由於 Windows 的問題,Windows 資源管理器報告的自由空間數量在作業系統重新啟動前可能是不正確的。如果重啟系統後並無幫助,檔系統可能已經損壞了。嘗試檢查和修復錯誤(在 '我的電腦' 裏右鍵單擊相應的驅動器盤符,之後選擇 屬性 > 工具 > '開始檢查',確認已經選擇了選項 '自動修復檔系統錯誤',之後單擊 '開始' 按鈕)。\n\n如果以上方法都不起作用,請遵循以下步驟。 + 驅動器 %s 上的自由空間為 %.2f 位元組。 + 驅動器 %s 的自由空間大小為 %.2f KB + 驅動器 %s 的自由空間大小為 %.2f MB + 驅動器 %s 的自由空間大小為 %.2f GB + 驅動器 %s 的自由空間大小為 %.2f TB + 驅動器 %s 的自由空間大小為 %.2f PB + 無法得到可用的驅動器盤符。 + 錯誤:未發現 VeraCrypt 驅動程式!\n\n請複製“veracrypt.sys”和“veracrypt-x64.sys”文件到 VeraCrypt.exe 程式所在的目錄。 + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + 錯誤:密碼初始化失敗。 + 錯誤:檢測到弱強度密鑰! 密鑰將被廢棄。請重試。 + 發生了關鍵性錯誤,VeraCrypt 必須被終止。如果該錯誤是 VeraCrypt 的缺陷導致的,我們可能會修正它。要協助我們完善軟體,您可以把 Veracrypt 自動生成的錯誤報告發送給我們,報告包括下面內容:\n\n- 程式版本\n- 作業系統版本\n- CPU類型\n- VeraCrypt 元件名稱\n- VeraCrypt 執行程式的校驗值\n- 對話方塊視窗的符號標記\n- 錯誤分類\n- 錯誤位址資訊\n- VeraCrypt 調用堆疊\n\n如果您選擇“是”,下面的 URL 網址(包含錯誤報告)將會在您的默認流覽器中打開。\n\n%hs\n\n您希望發送給我們上述錯誤報告嗎? + 您的系統發生了關鍵性錯誤,該錯誤會終止 VeraCrypt。\n\n需要注意的是此錯誤並非由 VeraCrypt 導致(因此 VeraCrypt 開發者並不會修復這個錯誤)。請檢查您的系統來查找可能的原因(例如:系統配置、網路連接、失效的硬體元件等)。 + 系統發生了關鍵性錯誤,要求終止 VeraCrypt。\n\n如果此錯誤一直存在,您可能需要嘗試禁用或卸載可能潛在導致此問題的應用程式,例如防病毒或防火牆軟體,系統性能提升軟體、優化軟體或者系統設置軟體,等等。如果仍然無法解決問題,您可能需要嘗試從新安裝您的作業系統(此問題也可能由惡意軟體導致)。 + VeraCrypt 關鍵性錯誤 + VeraCrypt 檢測到作業系統最近曾經崩潰過。系統崩潰存在很多潛在的原因(例如,硬體失敗,設備驅動存在BUG等等)\n\n您想要 VeraCrypt 檢查此次系統崩潰是否為 VeraCrypt 導致的嗎? + 您想要 VeraCrypt 繼續檢查此次系統崩潰嗎? + VeraCrypt 未發現系統崩潰轉儲檔。 + Do you want to delete the Windows crash dump file to free up disk space? + 為了分析系統崩潰原因,VeraCrypt 需要先安裝微軟調試工具。\n\n在您點擊 "確定" 按鈕之後,Windows installer 程式將會從微軟伺服器下載微軟調試工具安裝程式(16MB)並隨後安裝它( Windows installer 程式會從 veracrypt.org 伺服器上提交請求到微軟伺服器〖就是說先訪問 VeraCrypt 網站再訪問微軟〗,這樣即使微軟改變了安裝包的位址,此功能依然有效)。 + 在您點擊 "確定" 按鈕之後,VeraCrypt 將會分析系統崩潰原因,這可能會花費幾分鐘的時間。 + 請確認環境變數 'PATH' 包含 'kd.exe'(內核調試器)的路徑。 + 看起來很可能 VeraCrypt 不是導致系統崩潰的原因。系統崩潰存在很多潛在的原因(例如,硬體失敗,設備驅動存在BUG等等) + 分析結果表明更新下面驅動可能會解決問題: + 要協助我們確認這是否為 Veracrypt 的 BUG,您可以發送給我們一份自動生成的錯誤報告,錯誤報告包括下面內容:\n- 程式版本\n- 作業系統版本\n- CPU類型\n- 錯誤分類\n- 驅動名稱和版本\n- 系統調用堆疊\n\n如果您選擇“是”,下面的 URL 網址(包含錯誤報告)將會在您的默認流覽器中打開。 + 您希望把上述錯誤報告發送給我們嗎? + 加密(&E) + 解密(&D) + &永久解密 + 退出 + 請為該擴展分區創建一個邏輯分區,然後再試。 + VeraCrypt 加密卷可以存在於一個檔之中(叫作 VeraCrypt 容器),這個容器檔可以存在於硬碟上,或位於 USB 快閃記憶體上,等等。VeraCrypt 加密盤就象一個普通檔(例如,可以象任何普通檔一樣被移動、複製、刪除)。點擊 '選擇檔' 按鈕為容器檔選擇一個檔案名和它的保存位置。\n\n警告:如果您選擇了一個已經存在的檔,VeraCrypt 並不會加密它,該檔將會被刪除並會被新創建的 VeraCrypt 容器檔所覆蓋。您可以通過把檔複製到即將創建的 VeraCrypt 加密容器裏面去,來實現對相應檔的加密。 + 選擇要創建的外層加密卷的位置(稍後將在此加密卷裏面創建隱藏加密卷)。\n\n一個 VeraCrypt 加密卷可以存在於一個檔之中(也可叫作 VeraCrypt 容器),這個加密盤檔可以存放在硬碟上,或位於 USB 快閃記憶體上,等等。VeraCrypt 容器可以象任何普通檔一樣被移動、複製、和刪除。點擊 '選擇檔' 按鈕為容器檔選擇一個檔案名和它的保存位置。如果您選擇了一個已經存在的檔,VeraCrypt 並不會加密它,該檔將會被刪除並會被新創建的 VeraCrypt 加密容器所覆蓋。您可以通過把檔複製到即將創建的 VeraCrypt 加密容器裏面去,來實現對相應檔的加密。 + 設備類 VeraCrypt 加密卷可以創建於硬碟分區、固態硬碟、USB 快閃記憶體、以及其他存儲設備上。分區也可以就地加密。\n\n除此之外,設備類加密卷也可以在不包含任何分區的設備中創建(包括硬碟以及固態設備)。\n\n注意:包含多個分區的設備,只有在此分區為 Windows 安裝和啟動分區時,才可以就地整盤加密(使用單一密鑰)。\n\n警告:如果您加密整個分區或設備,所有當前存儲於這個分區或設備上的資料將會被徹底擦除(僅在加密系統啟動分區/驅動器時該分區上的資料才不會被破壞)。 + 設備類的 VeraCrypt 加密卷可以在硬碟分區、固態驅動器、USB 快閃記憶體,以及其他存儲設備中創建。\n\n警告:分區/設備 將會被格式化並且存儲在其上的所有資料都將會丟失。 + \n選擇 VeraCrypt 外層加密卷的位置(您想要在這個加密卷裏創建隱藏加密卷)。\n\n外層加密卷可以創建於硬碟分區、固態硬碟、USB 快閃記憶體、以及其他存儲設備上。外層加密卷也可以在不包含任何分區的設備中創建(包括硬碟以及固態設備)。\n\n警告:該分區/設備將被格式化,所有當前存儲於這個分區或設備上的資料將會丟失。 + 選擇 VeraCrypt 外層加密卷的位置(您想要在這個加密卷裏創建隱藏加密卷)。 + 警告:外層加密卷或設備正在使用中!\n\n忽略這些可能會導致非期望的錯誤,包括系統不穩定。 您在載入加密卷前應當關閉所有可能使用該外層加密卷或設備的應用程式(例如殺毒軟體或備份程式)。\n\n繼續載入嗎? + 錯誤:無法載入加密卷。外層加密卷或設備正在使用中。不使用獨佔許可權的載入嘗試也同樣失敗。 + 檔不能被打開。 + 加密卷位置 + 大文件 + 您想要在此 VeraCrypt 加密卷中存儲大於 4 GB 的檔嗎? + 根據您在前面的選擇,VeraCrypt 將為加密卷選擇一個合適的檔系統格式(您可以在下一步選擇檔系統類型)。 + 當您創建外層加密卷的時候,您應當考慮選擇 '否'。如果您選擇 '是',默認的檔系統將會是 NTFS,NTFS 不如 FAT 檔系統那樣適合於創建外層加密卷(例如,如果外層加密卷為 FAT 格式,可以創建的隱藏加密卷的最大容量比NTFS外層加密卷那個創建的隱藏加密卷要大很多)。通常情況下,FAT 格式為隱藏加密卷和常規加密卷的默認格式(因此創建 FAT 加密卷並無太多疑慮)。然而,如果用戶計畫在加密卷中存儲大於 4 GB 的檔(FAT檔系統不支援),那麼 FAT 系統則不是默認的格式。 + 您確認要選擇 '是' 嗎? + 加密卷創建模式 + 這是創建分區類型或設備類型加密卷的最快方式(就地加密,是另外一種選項,速度比此種方式要慢,這是因為就地加密時每個磁區的內容都需要首先讀取、加密,之後再寫入)。任何當前存儲在選擇的分區/設備上的資料都會丟失(這些資料並不會被加密,它們將會被亂數據覆蓋)。如果您想加密一個分區中的現有資料,請選擇其他的選項。 + 整個選定的分區以及位於該分區上的資料將會被就地加密。如果分區裏面沒有內容,您應當選擇其他的選項(以使加密卷創建速度更快)。 + 注意: + 繼續(&R) + 推遲(&D) + 開始(&S) + 繼續(&C) + 格式化(&F) + 擦除(&W) + 放棄格式化嗎? + 顯示更多資訊 + 不再顯示 + 設備/分區 的內容已被成功擦除。 + 原始作業系統(隱形作業系統克隆時的系統來源)分區的內容已被成功擦除。 + 請確認您將要安裝的 Windows 版本(位於已擦除分區)與您正在運行的 Windows 版本相同。這點是必須的,這是因為兩個系統會共用同一公用啟動分區。 + 該系統分區/驅動器已經被成功加密。\n\n注意:如果存在您需要在 Windows 啟動時自動載入非系統 VeraCrypt 加密卷,您可以載入它們並隨後設置其為系統收藏加密卷,步驟:選擇 '收藏' > 保存已載入的加密卷為系統收藏加密卷')。 + 該系統分區/驅動器已經被成功解密。 + \n\nVeraCrypt 加密卷已被創建並準備就緒。要創建另外的 VeraCrypt 加密卷,請單擊“下一步”,否則請單擊“退出”按鈕。 + \n\n隱藏的 VeraCrypt 加密卷已成功創建(隱形作業系統將包含在這個隱藏加密卷之內)。\n\n單擊 '下一步' 按鈕繼續。 + 該卷已被成功加密 + Volume Fully Decrypted + 重要:要載入這個新建的 VERACRYPT 加密卷和訪問存儲於其中的資料,在 VERACRYPT 視窗中點擊 '自動載入設備'。在您輸入正確密碼之後(和/或 提供正確的密鑰檔),加密卷將會以您在 VERACRYPT 列表中選擇的盤符載入(您也將能夠以該盤符訪問加密資料)。\n\n【請記住或寫下上述步驟】。您在希望載入這個加密卷和訪問其中的資料時必須遵循上述步驟。另外一種方式是在 VeraCrypt 主視窗,點擊 '選擇設備',之後選擇此 分區/設備,之後點 '載入'。\n\n此分區/設備 已被成功加密(選擇包含完全加密的 VeraCrypt 卷)並為使用準備就緒。 + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCrypt 加密卷已成功創建。 + 加密卷已創建 + 重要:請在此視窗內隨機移動滑鼠,移動時間越長越好。這將會顯著增加密鑰的加密強度。之後點擊“格式化”按鈕創建加密卷。 + 點擊“格式化”按鈕創建外層的加密卷。如若獲得更多資訊,請參考軟體文檔。 + 外層加密卷格式化 + 隱藏加密卷格式化 + 加密卷格式化 + 如要顯示或列印 VeraCrypt 用戶指南需要使用 Adobe Acrobat Reader(或與其相容的工具)。\n\nAdobe Reader(免費軟體)下載位址: www.adobe.com\n\n您想要線上查看這個文檔嗎? + 如果您選擇此選項,嚮導將會首先幫助您創建一個普通的 VeraCrypt 加密卷,隨後會繼續在這個普通的加密卷裏面創建一個隱藏的 VeraCrypt 加密卷。非熟練用戶應當選擇這個選項來創建隱藏加密卷。 + 如果您選擇此選項,您將會在已有的 VeraCrypt 加密卷內創建一個隱藏的 VeraCrypt 加密卷。這裏假設您已經創建好了適合於創建隱藏 VeraCrypt 加密卷的 VeraCrypt 外層加密卷。 + 加密卷創建模式 + 隱藏加密卷已創建 + 該隱藏的 VeraCrypt 加密卷已成功創建並可以立即使用。如果“VeraCrypt User's Guide”(Veracrypt 用戶指南)的"Security Precautions Pertaining to Hidden Volumes"章節中的措施都被遵循,即使當外層加密卷被載入,也不可能證明存在隱藏加密卷。\n\n警告:如果您沒有保護隱藏加密卷(保護的做法參考 VeraCrypt 用戶指南的"PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE"章節),請不要向外層加密卷寫入資料。否則您可能會覆蓋或損壞隱藏隱藏加密卷! + 您已經啟動了一個隱形作業系統。可能您已經注意到了,隱形作業系統看起來是安裝到原始作業系統所在的分區。然而,實際上,隱形系統是安裝到系統分區後面的分區上的(安裝在隱藏加密卷中)。所有的讀寫操作將會從系統分區中透明的重定向到隱藏加密卷裏面。\n\n作業系統本身和系統中的程式均不知道從系統分區中讀寫的資料實際上是從系統分區後面的分區中讀寫的(讀/寫到隱藏加密卷)。任何這樣的資料都是同樣即時加解密的(使用與即將創建的迷惑作業系統不同的加密鑰)。\n\n\n請單擊 '下一步' 按鈕繼續。 + 外層加密卷已成功創建並作為 %hc:驅動器載入。對這個外層加密卷,現在您應複製一些您不是真正要隱藏的貌似敏感的文件。這是為了對付那些強迫您給出系統分區後面那個分區密碼的人的,這個分區可能包含外層加密卷和隱藏加密卷(以及其中的隱形作業系統)。您可以洩漏這個外層加密卷的密碼,而此時沒有任何跡象可以識別存在隱藏加密卷(以及隱形作業系統)。\n\n重要:您複製到外層加密卷中的檔佔用的空間不應當超過 %s。否則,可能沒有足夠的自由空間來創建隱藏加密卷(此時您將無法繼續後續操作)。在您複製完成之後,請點擊 '下一步'(不要卸載加密卷)。 + 外層加密卷已成功創建並作為 %hc:驅動器載入。對這個加密卷,現在您應複製一些您不是真正要隱藏的貌似敏感的文件。這是讓那些強迫您洩漏密碼的人能看到的檔。您將僅對這個外層加密卷洩漏密碼,而不要洩漏給他們隱藏加密卷的密碼。您真正要保護的檔將被存儲在稍候創建的隱藏加密卷裏。當您完成複製後,請單擊"下一步",並且不要卸載此加密卷。\n\n注意:單擊“下一步”後,將進行簇狀圖掃描來確定連續的自由空間大小,此自由空間的尾部與加密卷尾部一致。該空間將提供用來創建隱藏加密卷同時也是隱藏加密卷的最大容量。簇狀圖掃描能夠保證外層加密中卷的資料不會被隱藏卷覆蓋。 + 外層加密卷內容 + \n\n在下一步您將要為外層加密卷(在其內將創建隱藏加密卷)調整其選項。 + \n\n在下一步,您將在系統分區後面的那個分區創建一個所謂的 VeraCrypt 外層加密卷(這在前面步驟已經有具體說明)。 + 外層加密卷 + 在下麵步驟裏,您將設置隱藏加密卷的選項和密碼,這個隱藏加密卷裏面將會包含隱形系統。\n\n注解:外層加密卷簇狀圖掃描已完成,以確定外層加密卷尾部開始的未受干擾的自由空間。該區域將容納隱藏加密卷,因此這將限制隱藏加密卷的最大尺寸。隱藏加密卷最大可能容量已被確定,已經確認大於系統分區的容量(這是必須的,因為整個系統分區的內容將被複製到隱藏加密卷中)。這也確保寫入隱藏加密卷的資料不會覆蓋儲存在外層加密卷的資料。 + 重要:請記住您在這個步驟所選擇的演算法。您在加密迷惑系統的時候也必須選擇這個演算法。否則將無法訪問隱形系統!(即迷惑系統和隱形系統必須使用同樣的加密演算法加密)。\n\n說明:原因是迷惑系統和隱形系統共用一個單一的啟動管理器,這個引導器目前只支援用戶選擇的單一演算法(對於每種演算法,都會對應一個特定的 VeraCrypt 啟動管理器版本)。 + \n\n外層加密卷簇狀圖掃描已完成,隱藏加密卷最大可能大小已被確定。在下一步裏您可以調整隱藏加密卷的選項、大小、和密碼。 + 隱藏加密卷 + 在外層加密卷卸載前隱藏加密卷將處於保護之中。\n\n警告:如果有資料試圖保存到隱藏加密卷區域,VeraCrypt 將會對整個加密卷(外層卷和隱藏卷)進行保護直到卸載。這會導致外層加密卷檔系統出錯,如若重複出現也會影響隱藏加密卷的隱蔽性。因此,您應當儘量避免寫入任何資料到隱藏加密卷區域。 任何保存到隱藏加密卷區域的資料將不被保存並且會丟失!Windows 可能會報告為寫入錯誤(“延遲寫入失敗”或者是“參數不正確”)。 + 在外層加密卷卸載前每一個隱藏加密卷將處於保護之中。\n\n警告:如果有資料試圖保存到任何隱藏加密卷區域,VeraCrypt 將會對整個加密卷(外層卷和隱藏卷)進行保護直到卸載。這會導致外層加密卷檔系統出錯,如果反復出現也會影響隱藏加密卷的隱蔽性。因此,您應當儘量避免寫入任何資料到隱藏加密卷區域。 任何保存到隱藏加密卷區域的資料將不被保存並且丟失! Windows 可能會報告為寫入錯誤(“延遲寫入失敗”或者是“參數不正確)。 + 警告:資料試圖保存到載入為 %c: 的加密卷的隱藏加密卷區域!VeraCrypt 已阻止這些資料的保存來保護隱藏加密卷。這會導致外層加密卷檔系統出錯。Windows 可能會報告為寫入錯誤(“延遲寫入失敗”或者是“參數不正確)。整個加密卷(外層卷和隱藏卷)將會被防寫到加密卷卸載為止。如果這不是 VeraCrypt 第一次阻止資料寫入到隱藏加密卷區域,這樣也會影響隱藏加密卷的隱蔽性(這是因為在外層加密卷檔系統可能存在反常的關聯錯亂)。因此,您應當考慮創建一個新的 VeraCrypt 加密卷(禁用快速格式化)並把此加密卷的資料移動到新加密卷裏面去;此加密卷應當被安全擦除(外層卷和隱藏卷)。我們強烈建議您現在重啟電腦。 + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + 安全起見,當隱形作業系統正在運行時,隱藏加密卷只能以 '直接' 模式創建(這是因為外層加密卷必須總是以唯讀方式載入)。\n\n要安全的創建隱藏加密卷,請遵循如下步驟:\n\n1)啟動到迷惑作業系統。\n\n2)創建一個常規 VeraCrypt 加密卷並複製一些你實際上並不想隱藏的貌似敏感的檔(該加密卷會作為外層加密卷)。\n\n3)啟動隱形作業系統並啟動 VeraCrypt 加密卷創建嚮導。如果這個加密卷是檔類型的,移動該加密卷到系統分區或者是其他隱藏加密卷中(否則,這個新創建的隱藏加密卷將會以唯讀方式載入並且不能被格式化)。按照嚮導的步驟進行並選擇 '直接' 模式創建隱藏加密卷。\n\n4)在嚮導中,選擇您在步驟 2 中創建的加密卷並遵循嚮導後面的步驟在這個加密卷之內創建隱藏加密卷。 + 安全起見,當隱形作業系統正在運行時,本地的非加密的檔系統和非隱藏 VeraCrypt 加密卷會以唯讀方式載入(沒有任何資料可以寫入這些檔系統或 VeraCrypt 加密卷)。\n\n而資料可以寫入到 VeraCrypt 隱藏加密卷中(假設隱藏加密卷的存儲容器並非位於非加密檔系統上或並非位於其他任何唯讀檔案系統上)。 + 採取這樣的限制措施有三種主要原因:\n\n- 可以為載入隱藏加密卷提供更安全的平臺。因此我們官方推薦僅在隱形作業系統運行的情況下載入隱藏加密卷。(更多資訊請參考文檔的 'Security Precautions Pertaining to Hidden Volumes' 部份)\n\n- 在某些情況下,有可能確定在某一時間,某一特定的檔系統(或者檔系統中特定的檔並未保存或訪問)並未在特定的作業系統的實例中載入(例如,通過分析和比較檔系統日誌、時間戳記、應用程式日誌、錯誤日誌等等)。這可能暗示電腦上安裝了隱形作業系統(譯者注:恢復備份的系統、或者重新安裝系統也會造成這種跡象,作者考慮的因素並不全面)。而這裏的措施則可以避免此類情況發生。\n\n- 能夠防止資料損壞和保證安全的使用系統休眠功能,這裏假設所有載入的檔系統在系統休眠的時候均為同一狀態。VeraCrypt 通過對任何迷惑系統和隱形系統裏面可以訪問的系統執行防寫來保證這點。如果沒有這樣的保護,當在一個系統中載入一個檔系統,而此檔系統在另外系統中為休眠狀態時,檔系統可能會被損壞。 + 注意:如果您要安全的從迷惑作業系統向隱形作業系統中傳送檔,請遵循以下步驟: 1)啟動迷惑作業系統。 2)保存這些檔到未加密的卷或者是 VeraCrypt 外層/常規加密卷。 3)啟動隱形作業系統。 4)如果是把檔保存到 VeraCrypt 加密卷,則載入這個加密卷(該加密卷會自動以唯讀模式載入)。 5)複製這些檔到隱行作業系統的分區或者是其他隱藏加密卷。 + 您的電腦必須重啟。\n\n您希望現在重啟電腦嗎? + 獲取系統加密狀態時出錯。 + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + 不能初始化用於系統加密的程式元件。 + 初始化亂數據生成器失敗! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + 無法初始化應用程式。註冊對話方塊類失敗。 + 錯誤:載入富文本編輯系統運行庫失敗。 + VeraCrypt 加密卷創建嚮導 + 該卷能創建的最大隱藏加密卷大小為 %.2f 位元組。 + 該卷能創建的最大隱藏加密卷大小為 %.2f KB。 + 該卷能創建的最大隱藏加密卷大小為 %.2f MB。 + 該卷能創建的最大隱藏加密卷大小為 %.2f GB。 + 該卷能創建的最大隱藏加密卷大小為 %.2f TB。 + 當此加密卷被載入時,加密卷密碼/密鑰檔無法被更改。 請首先卸載此加密卷。 + 當加密卷被載入時不能修改首密鑰衍生演算法。 請首先卸載加密卷。 + 載入(&M) + 需要新版本的 VeraCrypt 來載入此加密卷。 + 錯誤:未發現加密卷創建嚮導。\n\n請確認文件“VeraCrypt Format.exe”位於“VeraCrypt.exe”的目錄之中。如果不是 這樣,請重新安裝 VeraCrypt,或在磁片中定位“VeraCrypt Format.exe”並運行它。 + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + 下一步(&N) > + 完成(&F) + 安裝(&I) + 釋放(&X) + 不能連接到 VeraCrypt 設備驅動。如果設備驅動不能運行則 VeraCrypt 也無法正常工作。\n\n請注意,由於 Windows 系統問題,在能夠正常載入設備驅動前可能需要登出或者重啟電腦。 + 載入/準備字體時出錯。 + 驅動器盤符未發現或沒有指定驅動器盤符。 + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + 驅動器盤符不可用。 + 未選定文件! + 無可用驅動器盤符。 + 外層加密卷無可用盤符! 加密卷創建不能進行。 + 不能檢測到作業系統的版本,或您正在使用不被支援的作業系統。 + 未選定路徑! + 創建隱藏加密卷的自由空間不足! 加密卷創建不能繼續。 + 錯誤:您複製到外層加密卷的檔佔用的空間過多。因此,沒有足夠的空間創建隱藏加密卷。\n\n注意,隱藏加密卷的容量至少要大於系統分區(當前運行的系統所在的分區)的容量。原因是隱形作業系統需要把系統分區的內容完全複製到隱藏加密卷來創建。\n\n\n創建隱形作業系統的過程無法再繼續。 + 此驅動無法卸載這個加密卷。位於此加密卷上某些檔可能仍被打開。 + 無法鎖定此加密卷。此加密卷上仍有些檔被打開。因而也無法卸載。 + VeraCrypt 不能鎖定該加密卷,這是因為此加密卷正在被作業系統或者其他程式佔用(例如加密卷中有文件被打開)。\n\n您確認要強制卸載加密卷嗎? + 請選擇一個 VeraCrypt 加密卷 + 指定路徑和檔案名 + 選擇 PKCS #11 運行庫 + 記憶體不足 + 重要:我們強烈建議非熟練用戶在選定的分區/設備裏面建立檔類型的加密卷,而不是嘗試加密整個分區/驅動器。\n\n例如,當您創建一個 VeraCrypt 檔類型加密卷時(相對於加密整個分區/驅動器),則不存在毀壞大量的檔的風險。請注意,一個 VeraCrypt 的檔類型加密卷(儘管其包含虛擬的加密磁片)事實上就象任意一個普通的檔一樣。如若獲取更多資訊,請參考VeraCrypt User Guide中的 Beginner's Tutorial 章節。\n\n您確認要加密整個設備/分區嗎? + 警告:加密卷 '%s' 已存在!\n\n重要:VeraCrypt 並不會加密這個檔,而是會刪除這個檔。 您確定要刪除這個檔並用一個新的 VeraCrypt 加密卷來替換它嗎? + 務必小心:當前存儲在選擇的 %s '%s'%s 上的所有資料將會丟失(它們並不會被加密)!\n\n您一定要繼續格式化嗎? + 警告:您在加密卷完全加密前不能載入此加密卷或者訪問存儲於該卷上的任何檔。\n\n您確認要開始加密選擇的 %s '%s'%s 嗎? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + 警告:請注意如果在就地加密現有資料時突然斷電,或者在 VeraCrypt 就地加密現有資料時由於軟硬體故障而導致系統當機,有些資料可能會損壞或丟失。因此,在您開始加密前,請確認您已經備份了要加密的資料。\n\n您確認已經有這樣的備份了嗎? + 小心:任何存在於分區 '%s'%s(即位於系統分區後面的第一個分區)的檔將會因被擦除而丟失。(這些檔並不會被加密)!\n\n您確認要繼續格式化嗎? + 警告:選定的分區包含大量的資料!!!任何存儲於此分區上的檔將會被擦除(他們並不會被加密)! + 通過在分區內創建 VeraCrypt 加密卷擦除該分區上的任何文件 + 密碼 + PIM + 設置首密鑰衍生演算法 + 添加/移除 密鑰文件.. + 從加密卷中移除所有密鑰檔 + 密碼 和/或 密鑰檔已成功修改。\n\n重要:請確認您已經閱讀了用戶指南的'Security Requirements and Precautions'章節中的'Changing Passwords and Keyfiles'部分。 + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + 重要:如果您不銷毀 VeraCrypt 應急盤,您的系統分區/驅動器仍然可以通過使用舊密碼解密(通過啟動 VeraCrypt 應急盤和輸入舊密碼)。您應當創建一個新的 VeraCrypt 應急盤,之後並銷毀原來的應急盤。\n\n您希望創建一個新的 VeraCrypt 應急盤嗎? + 請注意,VeraCrypt 應急盤仍然使用著早期的加密演算法。如果您覺的先前的加密演算法不安全,您應當創建一個新的 VeraCrypt 應急盤,之後並銷毀原來的應急盤。\n\n您希望創建一個新的 VeraCrypt 應急盤嗎? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + 密鑰檔已成功添加/移除。 + Keyfile exported. + 首密鑰衍生演算法已成功設置。 + 請為您想要繼續就地加密的非系統分區輸入密碼 和/或 密鑰檔。\n\n\n注解:在您點擊 '下一步' 之後,VeraCrypt 將嘗試查找所有加密過程已被中斷的非系統分區(這些中斷加密的分區的 VeraCrypt 頭資訊可以使用提供的密碼 和/或 密鑰檔解密)。如果發現了多個此類的分區,您需要在下個步驟裏面選擇他們其中的一個。 + 請選擇下面列表中的一個加密卷。此列表包含所有加密被中斷非系統加密卷,它們的頭資訊可以使用提供的密碼 和/或 密鑰檔解密。 + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + 選擇一個安全的密碼非常重要。您應該避免選取能夠在字典中查到的簡單辭彙(或是2、3、4 這類字元組合)作為密碼,也不應包含任何名字或生日,同時也不應該容易被猜到。安全的密碼應當包含隨機的大小寫字元、數位、以及類似 @ ^ = $ * + 這樣的特殊字元。我們推薦使用大於 20 個字元的密碼(越長越好)。最大的密碼長度為 64 個字元。 + 請為隱藏加密卷選擇一個密碼。 + 請為隱形作業系統設置一個密碼(即隱藏加密卷的密碼)。 + 重要:您在本步驟中為隱形作業系統設置的密碼必須絕對不同於其他的兩個密碼(也就是要不同於外層加密卷的密碼和迷惑作業系統的密碼)。 + 請輸入外層加密卷的密碼(您將在該加密卷中創建隱藏加密卷)。\n\n在單擊“下一步”後,VeraCrypt 會嘗試載入此加密卷。一旦加密卷被載入,將進行簇狀圖掃描來確定連續的自由空間大小(如果有的話),此空間的尾部與加密卷尾部一致。該區域將提供給隱藏加密卷並因此會限制它的最大可能大小。簇狀圖掃描是必要的,這可以確保外層卷的資料不會被隱藏卷覆蓋。 + \n請選擇外層加密卷的密碼。在您被攻擊者強迫說出啟動驗證密碼的情況下,這個密碼可以告訴攻擊者。\n\n重要:您為外層加密卷選擇的密碼必須不同於隱藏加密卷的密碼。\n\n說明:密碼的最大長度為 64 個字元。 + 請選擇外層加密卷的密碼。在您被攻擊者強迫說出系統分區後面的第一個分區(外層加密卷和包含隱形作業系統的隱藏加密卷均位於這個分區)密碼的情況下,這個密碼可以告訴這些攻擊者。而隱藏加密卷和隱形作業系統仍然是安全的。需要注意的是,外層加密卷的密碼並不是迷惑作業系統的密碼。\n\n重要:您為迷惑作業系統選擇的密碼必須不同於隱藏加密卷的密碼(也就是隱形作業系統的密碼)。 + 外層加密卷密碼 + 隱藏加密卷密碼 + 隱形作業系統的密碼 + 警告:簡短密碼容易被使用 暴力破解技術破解!\n\n我們建議選擇一個超過 20 個字元的密碼。\n\n您確定要使用簡短密碼嗎? + 加密卷密碼 + 密碼不正確或不是 VeraCrypt 加密卷。 + 密鑰 和/或 密碼不正確或不是 VeraCrypt 加密卷。 + 錯誤的載入模式/密碼或不是 VeraCrypt 加密卷。 + 錯誤的載入模式,無效的密鑰檔 和/或 密碼,或者不是 VeraCrypt 加密卷。 + 密碼不正確或不是 VeraCrypt 加密卷。 + 密鑰 和/或 密碼不正確或不是 VeraCrypt 加密卷 + \n\n警告:Caps Lock 已經開啟。 這可能導致您密碼輸入錯誤。 + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + 如果您試圖保護包含隱形系統的隱藏加密卷,請確認輸入隱藏加密卷密碼時您正在使用標準的美國鍵盤佈局。這是因為這些密碼實在啟動驗證環境中輸入的,而此時非美國鍵盤佈局將無法使用。 + VeraCrypt 未發現加密過程被中斷的,同時頭資訊可以使用提供的密碼 和/或 密鑰檔解密的非系統分區。\n\n請確認密碼 和/或 密鑰檔是正確的,並且確認此 分區/卷 並未被作業系統或其他程式(也包含殺毒軟體)佔用。 + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\n注意:如果您試圖載入不帶有啟動驗證的加密系統驅動器中的分區,或者是載入沒有運行的加密系統分區,您可以通過選擇 '系統' > '以非啟動驗證方式載入'。 + 在此模式下,您不能載入此驅動器上的分區(該驅動器的部分內容處於當前活動加密系統的關鍵範圍)。\n\n要想以此模式載入此分區,您需要先啟動到安裝在不同驅動器上的作業系統(與該系統是否加密無關),或者是先啟動一個未加密的作業系統。 + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < 後退(&B) + 不能列表安裝在系統上的 raw 設備! + 加密卷 '%s' 存在,並且是唯讀的。您確定要替換它嗎? + 選擇目標目錄 + 選擇密鑰檔 + 選擇密鑰檔的搜索路徑。警告:注意,記憶的只是路徑,而不會記憶檔案名! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Serpent 為與 AES 競爭演算法中的一種。設計者為 Ross Anderson、Eli Biham、和 Lars Knudsen。發表於 1998 年。256 位密鑰,128 位元資料塊,操作模式為 XTS。 + 請指定要創建的加密卷的大小。\n\n如果您打算創建一個動態的(稀疏檔)容器,該參數對應於該容器的最大容量。\n\n注意:最小的 FAT 加密卷大小為 292 KB。最小的 NTFS 加密卷大小為 3792 KB。 + 請指定要創建的外層加密卷的大小(隨後將在其內創建隱藏加密卷)。包含隱藏卷的外層加密卷最小可能容量為 340 KB。 + 請指定要創建的隱藏加密卷的大小。隱藏加密卷的最小可能大小為 40 KB(格式化為NTFS時為 3664 KB)。最小可能的 NTFS 加密卷大小為 2829 KB。您可以指定加密卷的最大容量如上面所示。 + 外層加密卷大小 + 隱藏加密卷大小 + 請在確認選定的 分區/設備 的容量正確無誤後單擊“下一步”。 + 外層加密卷和隱藏加密卷(包含隱形作業系統)將存在於上面分區。\n\n請確認上面顯示的分區大小和數值是正確的,如果正確,請點擊 '下一步'。 + \n\n注意:如若在其內創建隱藏加密卷,則外層加密卷最小可能大小為 340 KB。 + 加密卷大小 + 動態卷 + 小心:自檢失敗! + 全部演算法自檢通過 + 您提供的資料單元數值太長或太短。 + 您提供的次密鑰太長或太短。 + 您提供的測試加密文本太長或太短。 + 您提供的測試密鑰太長或太短。 + 您提供的測試明碼文本太長或太短。 + 在 XTS 模式的層疊操作中需要兩個密碼。每個塊首先使用 %s(%d 位密鑰),之後使用 %s(%d 位密鑰加密。每個密碼使用其各自的密鑰。所有的密鑰均各自獨立。 + 在 XTS 模式的層疊操作中需要 3 個密碼。每個塊首先以 %s(%d 位密鑰)加密,然後以 %s(%d 位密鑰)加密,最後以 %s(%d 位密鑰)加密。每個密碼均使用各自的密鑰。所有的密鑰均彼此獨立。 + 需要注意的是,依賴於作業系統配置,這些自動運行和自動載入功能可能僅當便攜磁片檔創建在非可讀寫 CD/DVD 類介質時才能使用。同樣也要注意這並不是 VeraCrypt 程式設計缺陷(而是 Windows 系統的限制)。 + VeraCrypt 便攜磁片已被成功創建。\n\n注意:您必須具有系統管理員身份才能以便攜模式運行 VeraCrypt。同時也要注意儘管以便攜模式運行 VeraCrypt,也可能能夠從註冊表中被檢測到曾經運行過 VeraCrypt。 + VeraCrypt 便攜磁片 + 設計者:Bruce Schneie、John Kelsey、Doug Whiting、David Wagner、Chris Hall、Niels Ferguson。發表於 1998 年。256 位密鑰,128 位元塊,操作模式為 XTS。Twofish 為 AES 競爭演算法中的一種。 + 關於 %s 的更多資訊(聯網) + 未知 + 發生未預期的或未知錯誤(%d)。 + 一些加密卷包含的檔或檔夾 正被應用程式或系統使用。\n\n強行卸載嗎? + 卸載(&D) + 卸載失敗! + 加密卷包含的檔或檔夾 被應用程式或系統使用。\n\n強行卸載嗎? + No volume is mounted to the specified drive letter. + 您試圖要載入的加密卷早已被載入。 + 試圖載入加密卷時出錯。 + 在加密卷裏定址時出錯。 + 錯誤:錯誤的加密卷大小. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + 動態的容器是一個預先分配的 NTFS 稀疏檔,它的物理大小(實際磁碟空間佔用)在有新資料添加到裏面的時候才會增加。\n\n警告: 稀疏檔基礎的加密卷性能比常規加密卷的性能有較大降低。稀疏檔基礎的加密卷的安全性也要弱些-因為它有可能洩漏哪些加密卷磁區未被使用的情況。另外,稀疏檔基礎的加密卷無法實現隱蔽性(容納一個隱藏加密卷)。同時需要注意到是如果資料被寫入到稀疏檔基礎的加密卷,而此時主機檔系統剩餘空間不足,加密的檔系統可能會損壞。\n\n您確認要創建稀疏檔基礎的加密卷嗎? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt 不能修改外層加密卷的密碼。 + 請從列表中選擇一個未被佔用的驅動器盤符。 + 請在驅動器列表中選擇一個已載入的加密卷。 + 當前選擇了兩個已載入的加密卷(一個位於盤符列表中,另外一個位於列表下面的文本輸入框中)。\n\n請選擇您要選擇的加密卷: + 錯誤:不能創建 autorun.inf + 處理密鑰文件時出錯! + 處理密鑰檔路徑時出錯! + 密鑰檔路徑不包含檔。\n\n請注意,在密鑰檔搜索路徑中發現的該檔夾(以及其中包含的檔)已被忽略。 + VeraCrypt 不支援此作業系統。 + 錯誤:VeraCrypt 僅支援穩定的作業系統版本(不支援 beta 版和 RC 版)。 + 錯誤:不能分配記憶體。 + 錯誤:不能恢復性能計數器的值。 + 錯誤:錯誤的加密卷格式。 + 錯誤:您提供了一個隱藏加密卷的密碼(而不是常規加密卷的密碼)。 + 安全起見,隱藏加密卷不能在帶有就地加密檔系統的 VeraCrypt 加密卷中創建(這是因為該卷上的自由空間沒有填充亂數據) + VeraCrypt - 法律提示 + 所有檔 + VeraCrypt 加密卷 + 運行庫模組 + NTFS 格式化不能繼續。 + 不能載入加密卷。 + 不能卸載加密卷。 + 格式化成 NTFS 磁片格式時失敗。\n\n請選擇不同的檔系統格式(如果可能的話)再嘗試一次。此外,您可以保留該卷為未格式化卷(檔系統選擇為 '無' ),退出嚮導,載入這個加密卷,然後再使用系統或第三方工具格式化這個已經載入的加密卷(該載入的卷仍然為加密狀態)。 + Windows 格式化加密卷為 NTFS 時失敗。\n\n您希望格式化為 FAT 檔系統嗎? + 默認 + 分區 + 分區 + 設備 + 設備 + 設備 + 加密卷 + 加密卷 + 加密卷 + 標籤 + 相對加密卷大小而言,選擇的簇大小太小。 將替代使用大一些的簇大小。 + 錯誤:不能獲取加密卷大小資訊!\n\n請確認選擇的加密卷未被系統或 其他程式使用。 + 隱藏加密卷不能創建於動態(稀疏檔)的外層卷中。要達到足夠的隱蔽性,隱藏加密卷應當在非動態加密卷中創建。 + VeraCrypt 加密卷創建嚮導只能在 FAT 或 NTFS 加密卷內創建隱藏加密卷。 + 在 Windows 2000 系統裏,VeraCrypt 加密卷創建嚮導只能在 FAT 加密卷裏面創建隱藏加密卷。 + 注意:FAT 檔系統比 NTFS 檔系統更適合作為外層加密卷(例如,如果外層加密卷被格式化為 FAT 格式,能夠創建的隱藏加密卷的大小可能會更大一些)。 + 注意:FAT 檔系統比 NTFS 檔系統更適合作為外層加密卷(例如,如果外層加密卷被格式化為 FAT 格式,能夠創建的隱藏加密卷的大小可能會更大一些)(原因是 NTFS 檔系統總是在卷的中部存儲內部資料,因此,隱藏加密卷只能創建在外層加密卷的後半部分)。\n\n您確認要繼續格式化外層為 NTFS 格式嗎? + 您想要把加密卷格式化為 FAT 格式嗎? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + 錯誤:隱形作業系統的分區(也就是系統分區後面的第一個分區)必須至少比系統分區大 5%(系統分區就是當前運行的作業系統所在的分區)。 + 錯誤:隱形作業系統的分區(也就是系統分區後面的第一個分區)必須至少比系統分區大 110%(2.1 倍)(系統分區就是當前運行的作業系統所在的分區)。原因是 NTFS 檔系統總是在卷的中部存儲內部資料,因此,隱藏加密卷只能創建在外層加密卷的後半部分。 + 錯誤:如果外層加密卷被格式化為 NTFS,則它必須至少比系統分區大 110%(2.1 倍)。原因是 NTFS 檔系統總是在卷的中部存儲內部資料,因此,隱藏加密卷只能創建在外層加密卷的後半部分。\n\n說明:外層加密卷需和隱形作業系統位於同一分區(即位於系統分區後面的第一個分區)。 + 錯誤:在系統分區後面沒有其他分區。\n\n注意,在您創建隱形作業系統之前,您需要在此系統驅動器上創建一個分區。該分區必須是系統分區後的第一個分區,並且必須至少比系統分區大 5%(系統分區就是當前運行的作業系統所在的分區)。然而,如果外層加密卷(不要與系統分區混淆)被格式化為 NTFS 格式,則該分區必須至少比系統分區大 110%(2.1 倍)(原因是 NTFS 檔系統總是在卷的中部存儲內部資料,因此,包含系統克隆的隱藏加密卷只能創建在外層加密卷的後半部分)。 + 注釋:同時在單一分區的 VeraCrypt 外層和隱藏加密卷裏面創建兩個系統並不可行(因此也不被支援)。因為使用外層作業系統會經常要求寫入資料到隱形作業系統所在區域(如果使用隱藏加密卷保護機制,也會因此而帶來系統崩潰,即藍屏錯誤)。 + 關於創建和管理分區的更多資訊,請參考您的作業系統所提供的文檔,或者聯繫您的電腦提供商以獲取技術支援。 + 錯誤:當前運行的作業系統並未安裝到啟動分區(第一個作用/啟動的分區)。目前不支援此情況。 + 您已經表明了要在加密卷裏面存放大於 4GB 的文件。然而,您選擇了 FAT 檔系統,此系統無法存儲大於 4 GB 的檔。\n\n您確認要格式化該卷為 FAT 格式嗎? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + 錯誤:不能訪問加密卷!\n\n請確認選擇的加密卷存在,並且該加密卷並未由系統或其他程式使用,同時該卷未被防寫,並且你具有對該卷的讀寫許可權,並且確認該卷未被防寫。 + Error: Cannot obtain volume properties. + 錯誤:不能訪問該卷 和/或 獲取該卷的資訊。\n\n請確認該卷存在,並且未被作業系統或其他程式佔用,以及您具有對該卷的讀寫許可權,同時還要保證該卷未被防寫。 + 錯誤:不能訪問該卷 和/或 獲取該卷的資訊。請確認選擇的卷存在,並且未被作業系統或其他程式佔用,以及您具有對該卷的讀寫許可權,同時還要保證該卷未被防寫。\n\n如果此問題仍然存在,遵循以下步驟可能有所幫助。 + 發生了一個錯誤,VeraCrypt 無法加密分區。請嘗試修復任何前面報告的問題之後再次嘗試。如果此問題依然存在,遵循以下步驟可能有所幫助。 + 發生了一個錯誤,VeraCrypt 無法繼續加密分區的過程。\n\n請嘗試修復任何前面報告的問題之後再次嘗試加密過程。注意:該卷在完全加密前將無法載入。 + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + 錯誤:不能卸載外層加密卷!\n\n如果加密卷中的檔或檔夾被程式或被 系統使用,則該加密卷不能被鎖定。\n\n請關閉任何可能使用加密卷上檔或目錄 的程式,然後再點擊“重試”。 + 錯誤:不能獲取外層加密卷的資訊! 加密卷創建不能繼續。 + 錯誤:不能訪問外層加密卷! 加密卷創建不能繼續。 + 錯誤:不能載入外層加密卷! 加密卷創建不能繼續。 + 錯誤:不能獲取加密卷簇狀圖! 加密卷創建不能繼續。 + 按字母順序 + 按平均速度(遞減) + 演算法 + 加密 + 解密 + 平均 + 盤符 + 大小 + 加密演算法 + 加密演算法 + 類型 + + 屬性 + 位置 + 位元組 + 隱藏 + 外層 + 常規 + 系統 + 隱藏(系統) + 唯讀 + 系統驅動器 + 系統驅動器(正在加密 - %.2f%% 已完成) + 系統驅動器(正在解密 - %.2f%% 已完成) + 系統驅動器(%.2f%% 已加密) + 系統分區 + 隱形作業系統 + 系統分區(正在加密 - %.2f%% 已完成) + 系統分區(正在解密 - %.2f%% 已完成) + 系統分區(%.2f%% 已加密) + 是(防止損壞!) + + 主密鑰大小 + 次密鑰大小(XTS 模式) + 調整密鑰大小(LRW 模式) + + 塊大小 + PKCS-5 PRF + PKCS-5 迭代次數 + 加密卷創建時間 + 頭資訊上次修改時間 + (%I64d 天前) + 加密卷格式版本 + 內嵌的備份頭信息 + VeraCrypt 啟動管理器版本 + 首個可用的 + 移動硬碟 + 硬碟 + 不改變 + Autodetection + 嚮導模式 + 請選擇一種安裝模式,如果不確認,請使用默認模式。 + 如果您想安裝 VeraCrypt 到當前系統,請選擇此選項。 + 注意:即使在系統分區/設備已加密的情況下,或者您正在使用隱形系統的情況下,您也可以執行更新而無需解密. + 如果您選擇該選項,所有檔都會被從安裝包中釋放出來,但是不會向系統中安裝任何檔。如果您計畫加密 Windows 系統分區或系統驅動器,請不要選擇此選項。選擇此選項有時會比較有用,例如,你希望以便攜模式運行 VeraCrypt。VeraCrypt 不一定要必須安裝到系統中。在所有檔釋放後,你可以直接運行釋放後的 'VeraCrypt.exe' 檔(這時 VeraCrypt 會以便攜模式運行)。您也可以把釋放後的檔複製到其他電腦。 + 安裝選項 + 這裏您可以設置控制安裝過程的不同選項。 + 正在安裝 + VeraCrypt 正在安裝,請稍候。 + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + 釋放選項 + 您可以在這裏設置控制釋放過程的不同選項。 + 正在釋放檔,請稍候。 + Files successfully extracted + 所有檔已經被成功釋放到目標檔夾。 + 如果指定檔夾,將會自動創建該檔夾。 + VeraCrypt 程式檔將會更新到 VeraCrypt 的安裝位置。如果您需要選擇一個不同的位置,請先卸載當前安裝的 VeraCrypt 。 + 您想聯網查看當前版本的 VeraCrypt 的發行說明嗎? + 如果您以前從未沒有使用過 VeraCrypt,我們推薦您先閱讀“VeraCrypt User Guide”文檔中的“Beginner's Tutorial”章節。您想要查看用戶指南嗎(聯網)? + 請從下面選項中選擇要執行的操作: + 修復/重新安裝 + 更新 + 卸載 + 要成功安裝或卸載 VeraCrypt,您必須具有系統管理員許可權。您確認要繼續嗎? + VeraCrypt 安裝程式正在執行 VeraCrypt 的安裝或更新。在您繼續進行前,請等待其完成或者關閉它。如果您無法關閉它,請在繼續之前重啟電腦。 + 安裝失敗。 + 卸載失敗。 + 該安裝包已經損壞。請嘗試重新下載安裝包(優先建議從 VeraCrypt 官方網站 https://veracrypt.codeplex.com 下載)。 + 不能寫入檔 %s + 正在釋放 + 不能從安裝包中讀取資料 + 不能驗證安裝包的完整性。 + 釋放失敗。 + 安裝已經回滾。 + VeraCrypt 已成功安裝。 + VeraCrypt 已經成功更新。 + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt 已成功卸載。\n\n單擊 '完成' 按鈕來移除 VeraCrypt 安裝程式和檔夾 %s。注意:如果該檔夾中含有非安裝程式創建的檔,則該檔夾不會被移除。 + 正在移除 VeraCrypt 註冊表專案。 + 正在添加註冊表專案 + 正在刪除程式相關資料 + 正在安裝 + 正在停止 + 正在刪除 + 添加圖示 + 創建系統還原點 + 創建系統還原點失敗! + 正在更新啟動管理器 + 安裝 '%s' 失敗。 %s 您想要繼續安裝嗎? + 卸載 '%s' 失敗。 %s 您想要繼續卸載嗎? + 安裝完畢。 + 檔夾 '%s' 不能被創建 + 不能卸載 VeraCrypt 設備驅動。\n\n請首先關閉所有打開的 VeraCrypt 視窗。如果這樣仍然不起作用,請重啟電腦然後再試一次。 + 在安裝或者卸載 VeraCrypt 之前必須先要卸載所有的 VeraCrypt 加密卷。 + 當前系統已經安裝了一份不同版本的 VeraCrypt。在安裝新版本前需要卸載舊版本的 VeraCrypt。\n\n在您關閉此對話方塊之後,將會載入舊版本的卸載程式。在卸載的過程中將不會執行任何加密分區的解密操作。在卸載舊版本的 VeraCrypt 之後,請再次運行新版 VeraCrypt 的安裝程式。 + 安裝註冊表項目失敗 + 安裝設備驅動失敗。請重啟電腦後再嘗試安裝 TrueCryp。 + 正在啟動 VeraCrypt 設備驅動 + 卸載設備驅動失敗。請注意,由於 Windows 系統問題,在設置驅動能夠繼續卸載或重新安裝前可能需要登出或者重啟系統。 + 正在安裝 VeraCrypt 設備驅動 + 正在停止 VeraCrypt 設備驅動 + 正在卸載 VeraCrypt 設備驅動 + 註冊用戶帳戶控制支援運行庫失敗。 + 取消用戶帳戶支援運行庫失敗。 + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + 注意:如果您決定以便攜方式運行 VeraCrypt(不同於安裝後運行 VeraCrypt),系統會在您每次嘗試運行 VeraCrypt 的時候詢問您運行 VeraCrypt 的許可權(UAC 提示)。\n\n原因是您以便攜模式運行 VeraCrypt 時,VeraCrypt需要載入和運行 VeraCrypt 設備驅動。VeraCrypt 需要此設備驅提供透明即時加解密,並且不具有管理員許可權的用戶在 Windows 中將不能啟動設備驅動。因此,系統將會要求您使用管理器特權運行 VeraCrypt 的許可權(UAC 提示)。\n\n說明:如果您在系統中安裝了 VeraCrypt,系統在每次啟動 VeraCrypt 時將不會詢問運行許可權(無 UAC 提示)。\n\n您確認要釋放這些檔嗎? + 警告:這個加密卷創建嚮導的實例具有管理員許可權。\n\n您新建的加密卷可能許可為載入時不允許向該卷寫入資料。如果要避免這種情況發生,請關閉加密卷嚮導的實例並在非管理員許可權下載入新的嚮導。\n\n您要關閉這個加密卷創建嚮導的實例嗎? a + 錯誤:不能顯示授權許可。 + 外層(!) + + 小時 + 分鐘 + + 打開 + 卸載 + 顯示 VeraCrypt + 隱藏 VeraCrypt + 載入後讀取的數據 + 載入後寫入的資料 + 加密部分 + 100%(完全加密) + 0%(未加密) + %.3f%% + 100% + 正在等待 + 正在準備 + 正在改變大小 + 正在加密 + 正在解密 + 正在完成 + 已暫停 + 已完成 + 錯誤 + 設備已斷開 + 系統收藏加密卷已保存。\n\n要想在系統啟動時載入系統收藏加密卷,請選擇 '設置' > '系統收藏加密卷' > '當 Windows 啟動時載入系統收藏加密卷'。 + 您添加收藏的既不是分區也不是動態卷。因此,如果設備號發生改變,VeraCrypt 將不能載入此收藏卷。 + 您添加收藏的卷不是 Windows 能夠識別的分區。\n\n因此,如果設備號發生改變,VeraCrypt 將不能載入此收藏卷。請設置分區的類型為 Windows 系統所能夠識別的類型(使用Windows 'diskpart' 工具的 SETID 命令)。之後再添加此分區到收藏。 + VeraCrypt 後臺任務已被禁用,或者它被配置為在沒有加密卷被載入時退出(或者 VeraCrypt 正在以便攜模式運行)。當含有這些加密卷的設備連接到電腦的時候,後臺服務被禁用可能會阻止您的收藏加密卷被自動載入。\n\n說明:要啟用 VeraCrypt 後臺任務,選擇〖 設置 > 參數〗之後勾選 'VeraCrypt 後臺任務' 部份的 '啟用' 核取方塊。 + 當含有這些加密卷的設備連接到電腦的時候,存儲於共用網路上的遠端檔系統的加密容器不能被自動載入。 + 下面顯示的設備既不是分區也不是動態卷。因此,當設備連接到電腦的時候,存儲於這些設備中的加密卷將不能被自動載入。 + 請設置下面顯示的分區的類型為 Windows 系統所能夠識別的類型(使用Windows 'diskpart' 工具的 SETID 命令)。之後從收藏中移除該分區並隨後再次添加它。這可以使設備連接時,包含於其中的加密卷可以被 VeraCrypt 自動載入。 + 下面顯示的設備既不是分區也不是動態卷。因此,不會賦予它們標籤。 + 請設置下面顯示的分區的類型為 Windows 系統所能夠識別的類型(使用Windows 'diskpart' 工具的 SETID 命令)。之後從收藏中移除該分區並隨後再次添加它。這可以使 VeraCrypt 能夠賦予盤符給這個分區。 + 由於 Windows 系統的限制,在網路上共用的遠端檔系統上的加密容器不能被載入為系統收藏加密卷(然而,它可以在用戶登錄時被載入為普通的收藏加密卷)。 + 為 %s 輸入密碼 + 為 '%s' 輸入密碼 + 輸入常規外層加密卷的密碼 + 輸入隱藏加密卷的密碼 + 輸入存儲在備份檔案中的加密卷頭的密碼 + 密鑰檔已成功創建。 + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + 警告:加密卷頭資訊已經損壞!VeraCrypt 將自動使用內嵌在加密卷中的頭資訊備份。\n\n您應當通過選擇 '工具' > '恢復加密卷頭資訊' 來修復頭資訊。 + 加密卷頭資訊備份已經成功創建。\n\n重要:使用恢復功能恢復時也會恢復當前加密卷的密碼。另外,如果創建加密卷的時候使用了密鑰檔,恢復後也需要同樣的密鑰檔來打開加密卷。\n\n警告:該加密卷頭資訊備份只能用在這個提供備份的加密卷上。如果你把該頭資訊備份恢復到其他加密卷,您可能能夠打開加密卷,但是您將不能解密存儲於加密卷的任何資料(這是因為您已經改變了加密卷的主密鑰)。 + 加密卷頭資訊備份已經成功恢復。\n\n重要:請注意舊密碼也同樣被恢復了。另外,備份時如果需要密鑰檔來載入加密卷,恢復後也需要同樣的密鑰檔。 + 安全起見,您需要輸入正確的加密卷密碼(和/或 提供正確的密鑰檔)。\n\n注意:如果該卷中包含隱藏加密卷,您需要先輸入正確的外層加密卷的密碼(和/或 正確的密鑰檔)。之後,如果您選擇老備份隱藏加密卷的頭資訊,您您需要輸入正確的隱藏加密卷密碼(和/或 提供正確的密鑰檔)。 + 您確認要創建加密卷 %s 的頭資訊的備份嗎?\n\n在您點擊“是”後,將會彈出備份的頭資訊檔的檔案名提示對話方塊。\n\n注意:常規加密卷和隱藏加密卷頭資訊均將使用新的元素加密並存儲到備份檔案中。如果卷中沒有隱藏加密卷,在備份檔案中為隱藏加密卷保留的區域將會使用亂數據填充(以保持隱蔽性)。您需要輸入創建頭資訊備份時的正確的密碼(和/或 提供正確的密鑰檔)。密碼或密鑰檔會自動確定要恢復的加密卷頭資訊類型,即常規的或是隱藏的(VeraCrypt 通過嘗試和錯誤來偵測類型),儘管有時在加密卷裏面並沒有隱藏加密卷(為保留隱蔽性)。當從備份檔案中恢復一個加密卷的頭資訊時,可以選擇恢復哪個頭資訊(例如,隱藏卷或是標準卷) + 您確認要恢復加密卷 %s 的頭資訊嗎?\n\n警告:恢復加密卷頭資訊也會恢復在創建備份時 有效的密碼。另外,如果在備份時需要使用密鑰檔載入加密卷,那麼在頭資訊恢復後,仍然需要同樣的密鑰檔。\n\n在您點擊“是”後,您將選擇頭資訊備份檔案。 + 此加密卷包含隱藏加密卷嗎? + 此加密卷包含隱藏加密卷 + 此加密卷不包含隱藏加密卷 + 請選擇您想要使用的加密卷頭資訊備份類型: + 從加密卷內嵌的備份中恢復加密卷頭資訊 + 從外部備份檔案中恢復加密卷頭資訊 + 加密卷頭資訊備份檔案的尺寸不對。 + 加密卷中沒有內嵌的備份頭資訊(注意,僅在 VeraCrypt 6.0 和以後的版本才包含內嵌的頭資訊)。 + 您正在嘗試備份系統分區/設備的頭資訊,該功能不被允許。對於系統分區/設備頭資訊的備份/恢復 只能通過使用 VeraCrypt 應急盤來進行。\n\n您希望創建 VeraCrypt 應急盤嗎? + 您正在嘗試恢復系統分區/設備的頭資訊,但是您選擇的是系統分區/設備。該功能不被允許。 對於系統分區/設備頭資訊的備份/恢復 只能通過使用 VeraCrypt 應急盤來進行。\n\n您希望創建 VeraCrypt 應急盤嗎? + 在點擊“確定”按鈕後,您將會設置新的 VeraCrypt 應急盤 ISO 鏡像檔的名稱和存放位置。 + 應急盤 ISO 鏡像檔已經創建並存儲為檔: %s\n\n現在您需要把應急盤刻錄到 CD 或 DVD。\n\n重要:檔必須以 ISO 鏡像檔方式刻錄到 CD/DVD(不要刻錄為單個的資料檔案)。要獲取更多的關於如何刻錄 ISO 檔的資訊,請參考您的 CD/DVD 刻錄軟體的說明書。\n\n請您在刻錄應急盤之後,選擇 '系統' > '驗證應急盤' 來驗證應急盤是否已經成功刻錄。 + 應急盤 ISO 鏡像檔已經創建並存儲為檔: %s\n\n現在您需要把應急盤刻錄到 CD 或 DVD。\n\n您想要啟動 Windows 自帶的磁片鏡像刻錄功能嗎?\n\n注意,請您在刻錄應急盤之後,選擇 '系統' > '驗證應急盤' 來驗證應急盤是否已經成功刻錄。 + 請插入 VeraCrypt 應急盤到 CD/DVD 光碟機並點“確定”按鈕開始驗證。 + VeraCrypt 應急盤已經被成功驗證。 + 應急盤驗證失敗。\n\n如果您已經刻錄了應急盤,請彈出後重新插入應急盤到 CD/DVD,之後再試一次。如果仍然無效,請嘗試使用其他 CD/DVD 刻錄軟體或刻錄盤。\n\n如果您嘗試驗證一個為不同的主密鑰、密碼、元素等創建的 VeraCrypt 應急盤,請注意這樣的應急盤會無法通過驗證。要創建一個新的和當前配置完全相容的應急盤,請選擇 '系統' > '創建應急盤'。 + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + 創建 VeraCrypt 應急盤時失敗。 + VeraCrypt 應急盤在隱形作業系統運行時無法創建。\n\n要創建 VeraCrypt 應急盤,請啟動到迷惑作業系統之後選擇 '系統' > '創建應急盤'。 + 不能確定應急盤是否刻錄成功。\n\n如果您已經刻錄了應急盤,請彈出後重新插入應急盤到 CD/DVD,之後再嘗試驗證一次。如果仍然無效,請嘗試使用其他 %s 。\n\n如果您還沒有創建應急盤,請首先創建一個,然後再點 '下一步' 按鈕。\n\n如果您嘗試驗證一個運行加密盤創建嚮導以前創建的應急盤,則這樣的應急盤是無法用於當前系統的,這是因為它是使用了不同的主密鑰創建的。您需要刻錄和創建一個新的應急盤。 + 和/或 其他 CD/DVD 刻錄軟體 + VeraCrypt - 系統收藏加密卷 + 什麼是系統收藏加密卷? + 系統分區/驅動器看起來沒有加密。\n\n系統收藏加密卷只能使用啟動驗證中的密碼載入。因此,要啟用系統收藏加密卷功能,您需要先加密系統分區/驅動器。 + 在操作前請卸載加密卷。 + 錯誤:不能設置計時器。 + 檢查檔系統 + 修復檔系統 + 添加到收藏... + 添加為系統收藏加密卷... + 屬性(&R)... + 隱藏加密卷已被保護 + N/A + + + 禁用 + 1 + 2 或更多 + 操作模式 + 標籤: + 大小: + 路徑: + 驅動器盤符: + 錯誤:密碼必須僅包含 ASCII 字元。\n\n密碼中的非-ASCII 字元可能會導致在 作業系統配置改變時加密卷不能載入。\n\n允許使用下面字元:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + 警告:密碼中包含非-ASCII 字元。可能會導致在作業系統配置改變時加密卷不能載入。\n\n您應當使用 ASCII 字元替換密碼中的非 ASCII 字元。 如要這樣做,點擊“加密卷” -> “修改加密卷密碼”\n\n下面字元為 ASCII 字元:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + 警告:我們強烈建議您避免使用可執行檔案名(例如 .exe,.sys,或 .dll)以及其他可能有問題的類似擴展名作為加密卷的名稱。使用這些副檔名通常會導致 Windows 或反病毒軟體干預加密卷,這很可能會嚴重影響加密卷的性能,也可能會導致其他嚴重的問題。\n\n我們強烈建議您移除此副檔名或更換其副檔名(例如,改變為 .iso,.img,.dat)。\n\n您確認繼續使用可能有潛在問題的副檔名嗎? + 警告:該加密卷帶有可執行檔的副檔名(例如 .exe,.sys,或 .dll)或其他可能有問題的類似擴展名作為加密卷的名稱。 這很可能導致 Windows 或反病毒軟體干預加密卷,會嚴重影響加密卷的性能,也可能會導致其他嚴重的問題。\n\n我們強烈建議您在卸載加密卷後移除此副檔名或更換為其他副檔名(例如,改變為 .iso,.img,.dat)。 + 主頁(聯網) + 警告:看起來您還沒有安裝任何 Windows 作業系統的補丁包。您不應當向未 安裝 SP1 或以後補丁包的 Windows XP 系統中的大於128 GB 的 IDE 硬碟寫 入資料!如果這樣做了,磁片上的資料(不論是否為 VeraCrypt 加密卷)可能 會損壞。注意:這是 Windows 作業系統的限制,而不是 VeraCrypt 的錯誤。 + 警告:看起來您的 Windows 2000 系統還未安裝 SP3 或以後補丁包。 您不應當向這個系統中大於 128 GB 的 IDE 硬碟寫入資料!如果這樣 做了,磁片上的資料(不論是否為 VeraCrypt 加密卷)可能會損壞。 注意:這是 Windows 作業系統的限制,而不是 VeraCrypt 的錯誤。\n\n注意:您也需在註冊表裏面啟用 48-位 LBA 支持;更多資訊,請參考 http://support.microsoft.com/kb/305098/EN-US + 警告:您的系統不支援 48-位 LBA ATAPI。因此,您將不能寫入到超過 128GB 容量的 IDE 磁片!如果您仍然堅持這樣做,磁片上的資料(不論其是否為 VeraCrypt 加密卷)將會損壞。請注意,這是 Windows 系統的限制,不是 VeraCrypt 軟體的限制。\n\n要啟用 48-位 LBA 支持,請在註冊表的HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters下添加一個 'EnableBigLba' 鍵值並設置其值為 1。\n\n更多資訊請參考 http://support.microsoft.com/kb/305098 + 錯誤:大於 4 GB 的檔不能存儲於 FAT32 檔系統。因此,存儲於 FAT32 檔系統上的檔類型的加密卷(或外層加密卷)不能大於 4 GB。\n\n如果您需要大容量的加密卷,請在 NTFS 檔系統(或者,如果您使用 Windows Vista SP1 或以後版本的系統,在擴展的 exFAT 檔系統)中創建,除此之外,您也可以使用創建加密分區來代替創建檔型加密盤。 + 警告:Windows XP 不支持大於 2048GB 的檔(將會被報告為 "無足夠存儲空間")。因此,在 Windows XP 中您不能創建大於 2048GB 的檔類型加密盤。\n\n請注意,在 Windows XP 中仍然是可以加密整個設備或者創建大於 2048GB 的分區類型 VeraCrypt 加密卷的。 + 警告:如果您想以後向外層加密卷中添加更多的資料或檔,您應當考慮為隱藏加密卷選擇一個小一點的尺寸。\n\n您確認要以指定的尺寸繼續嗎? + 未選擇加密卷。\n\n點擊“選擇設備...”或“選擇檔...”來選擇 VeraCrypt 加密卷。 + 沒有選擇分區。\n\n點擊 '選擇設備' 來選擇一個通常需要啟動驗證的已卸載的分區(例如,一個位於另外加密系統驅動器上的另外一個沒有運行的系統的分區,或者是另外一個作業系統的加密系統分區)。\n\n注意:選擇的分區將被以常規 VeraCrypt 加密卷的方式載入而無需啟動驗證。這在執行備份和修復等操作時比較有用。 + 警告:如果默認的密鑰檔被設定和啟用後,則不能載入不使用該密鑰檔的加密卷。因此,如果默認的密鑰檔被設定和啟用後,在打開非密鑰檔加密的加密卷時,請記住取消對“使用密鑰檔”選項的選擇(在密碼輸入框的下面)。\n\n您確認保存選定的密鑰檔/路徑作為預設值嗎? + 自動載入設備 + 全部卸載 + 擦除緩存 + 卸載全部 & 擦除緩存 + 強制全部卸載並擦除緩存 + 強制全部卸載擦除緩存並退出程式 + 載入收藏加密卷 + 顯示/隱藏 VeraCrypt 主視窗 + (單擊這裏並按下某個鍵盤按鍵) + 操作 + 熱鍵 + 錯誤:該熱鍵為系統保留熱鍵,請選擇一個其他熱鍵。 + 錯誤:熱鍵已被佔用。 + 警告:一個或多個 VeraCrypt 作用於系統範圍的熱鍵不能使用!\n\n請確認 VeraCrypt 的這些熱鍵沒有被其他程式或作業系統佔用。 + 已阻止創建虛擬記憶體頁面檔。\n\n請注意,由於 Windows 自身的問題,頁面檔不能位於非系統類 VeraCrypt 加密卷(包括系統收藏加密卷)。VeraCrypt 僅支援在加密的系統分區/設備上創建頁面檔。 + VeraCrypt 加密休眠檔時發生了錯誤或者非相容問題。因此系統的休眠已被阻止。\n\n注意:當電腦處於休眠模式(或進入節電模式),系統記憶體的資訊會被寫入位於驅動器上的休眠檔。VeraCrypt 不能阻止在記憶體中打開的加密密鑰和敏感檔的內容以未加密的形式存放於休眠檔。 + 休眠功能已被阻止。\n\nVeraCrypt 不支援使用額外啟動分區的隱形系統中的休眠功能。請注意啟動分區是由迷惑系統和隱形系統共用的。因此,要防止資料洩露和休眠可能會帶來的問題,VeraCrypt 不得不阻止隱形系統向共用的啟動分區寫入資料,以及阻止隱形系統休眠。 + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + 警告:如果 VeraCrypt 後臺任務被禁用,下面的功能將會失效:\n\n1)系統熱鍵\n2)自動卸載加密卷(例如註銷時,意外的主設備移除,超時,等等)\n3)自動載入收藏加密卷\n4)提示(例如:對隱藏加密卷的損壞被阻止時)\n5)通知欄圖示\n\n注意:您可以隨時在通過右鍵單擊 VeraCrypt 的通知欄圖示並選擇“退出”來停止後臺任務。\n\n您確認要停止 VeraCrypt 的後臺任務嗎? + 警告:如果此選項被禁用,包含打開的檔/目錄 的加密卷將不能自動卸載。\n\n您確認要禁用這個選項嗎? + 警告:包含打開的檔/目錄的加密卷將不能自動卸載。\n\n要防止這種情況,在對話方塊視窗中啟用下面選項: “強行自動卸載,不論加密卷是否包含打開的檔或目錄” + 警告:當筆記本電力不足時,Windows 可能會在電腦進入待機模式時,系統會向正在運行中的程式發送相應的資訊。因此,這種情況下 VeraCrypt 可能會無法自動卸載加密卷。 + 您已經安排了加密 分區/設備 的計畫。該計畫尚未完成。\n\n您希望現在繼續這個加密過程嗎? + 您已經計畫了加密或解密系統分區/驅動器的操作。但該操作尚未完成。\n\n您希望開始(或繼續)該操作嗎? + 您想要軟體提示您是否要繼續當前計畫的加密非系統分區/卷的加密過程嗎? + 是,一直提示我 + 否,不要再提示我 + 重要:請一定記住,任何時候,您都可以通過從 VeraCrypt 視窗的主功能表中選擇 '加密卷' > '繼續被中斷的過程',來繼續任何非系統服務/卷的加密過程。 + 您已經設置了加密解密系統分區或驅動器的計畫任務。然而,啟動驗證已失敗(或被繞過)。\n\n注意:如果您在啟動驗證環境中解密了系統分區/驅動器,您可能需要從 VeraCrypt 視窗的 '系統' 功能表 > '永久解密系統分區/驅動器' 完成最後的設置步驟。 + 警告:如果 VeraCrypt 現在退出,以下功能將被禁用:\n\n1)系統熱鍵\n2)自動卸載加密卷(例如註銷時,意外的主設備移除,超時,等等)\n3)自動載入收藏加密卷 \n4)提示(例如,當阻止損害隱藏加密卷時)\n\n注意:如果您不希望 VeraCrypt 在關閉程式視窗後以後臺方式運行,請在程式參數選擇裏面禁用後臺任務選項。(並且,如有必要,在程式參數裏面禁用 VeraCrypt 的自動運行)。\n\n您確定要退出 VeraCrypt 嗎? + 退出嗎? + VeraCrypt 沒有足夠資訊確定是否要加密還是解密。 + VeraCrypt 無足夠的資訊來確定加解密狀態。\n\n注意:如果您在啟動驗證環境解密系統分區/驅動器,您可能需要點擊 Decrypt(解密)來最後完成解密過程。 + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + 您想要打斷和推遲對分區/驅動器的加密嗎?\n\n注意:要記住這個加密卷在完全加密前是不能被載入的。您可以繼續加密過程,加密則會在中斷的地方繼續。要達到這點,例如,可以從 VeraCrypt 主視窗的功能表中選擇 '加密卷' > '繼續被中斷的過程'。 + 您想要打斷和推遲對系統分區/驅動器的加密嗎?\n\n注意:您以後也可以從中斷位置恢復加密進程。操作如下:在 VeraCrypt 介面中選擇 '系統' > '繼續被中斷的進程'。如果您想永久中止或回滾加密進程,請選擇 '系統' > '永久解密系統分區/驅動器'。 + 您想要打斷和推遲對系統分區/驅動器的加密嗎?\n\n注意:您以後也可以從中斷位置恢復加密進程。操作如下:在 VeraCrypt 介面中選擇 '系統' > '繼續被中斷的進程'。如果您想回滾解密進程(和開始加密),選擇 '系統' > '加密系統分區/驅動器'。 + 錯誤:打斷加密/解密系統分區或驅動器的操作失敗。 + 錯誤:中斷擦除過程時失敗。 + 錯誤:繼續加密/解密系統分區或驅動器的操作失敗。 + 錯誤:啟動擦除過程時失敗。 + 發現不一致性。\n\n\n(如果您使用此鏈結報告這個錯誤,請在報告中包含下面資訊: %hs) + 錯誤:未知狀態。\n\n\n(如果您報告與之相關的 BUG,請在錯誤報告裏面包含下面的技術資訊: %hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + 警告: VeraCrypt 後臺任務已禁用。在您退出 VeraCrypt 後,如果對隱藏加密卷的損壞企圖已被保護,您也將無法得到提示。\n\n注意:您可以隨時在通過右鍵單擊 VeraCrypt 的通知欄圖示並 選擇“退出”來停止後臺任務。\n\n\n您要啟用 VeraCrypt 後臺任務嗎? + 語言包版本: %s + 正在檢測載入為 %s 的 VeraCrypt 加密卷的檔系統... + 正在試圖修復載入為 %s 的 VeraCrypt 加密卷的檔系統... + 警告:該加密卷使用了已被廢棄的加密演算法。\n\n所有 64-位元塊加密演算法(Blowfish,CAST-128,和 Triple DES)已經逐漸不再被使用了。該加密卷在以後版本的 VeraCrypt 可能會被打開。然而以後則不會針對這些廢棄演算法採取一些改善措施。我們推薦您創建一個使用 128-位元塊加密演算法的 Veracrypt 加密卷(如:AES,Serpent,Twofish,等等)並把使用舊演算法的加密卷裏面的檔移動到新的加密卷裏面去。 + 您的系統未被配置為自動載入新加密卷。 因此也不可能載入設備類的加密卷。自動卸載 可以在執行下列命令後重啟系統來啟用。\n\n\nmountvol.exe /E + 請在繼續前為該設備/分區分配一個盤符('控制面板' > '系統和維護' > '管理工具' - '創建和格式化分區')。\n\n這些是作業系統所要求的。 + 載入 VeraCrypt 加密卷 + 卸載所有 VeraCrypt 加密卷 + VeraCrypt 獲取系統管理員許可權失敗。 + 訪問已被作業系統拒絕。\n\n可能原因:作業系統要求你對某些檔夾、檔、和設備具有讀寫許可權(或管理員許可權),以便您能夠從其中讀寫資料。通常情況下,非系統管理員僅允許在他自己的文檔檔夾中創建、讀取和修改檔。 + 錯誤:該驅動器使用了不被支援的磁區尺寸。\n\n如果設備的磁區大於 4096 位元組,目前不可能在其上創建 分區/設備 類的加密卷。然而,您可以在此類驅動器上創建檔類型的加密卷。 + 目前情況下,如果安裝系統的磁片磁區尺寸不是 512 位元組,則無法在此基礎上創建加密系統。 + VeraCrypt 啟動管理器要求系統驅動器最前端至少有 32 KB 的未分配空間(VeraCrypt 啟動管理器需要安裝到該區域)。很不幸,您的驅動器無法滿足這個條件。\n\n請不要把這個問題報告為 VeraCrypt 的程式缺陷。要解決這個問題,您需要對硬碟重新分區並保留硬碟的前 32 KB 為空閒狀態(大多數情況下,需要您刪除和重建第一個分區)。我們推薦您使用微軟的分區管理來完成這個操作,例如,當您安裝 Windows 時的分區管理程式。 + 此功能不支援當前您正在使用的作業系統版本。 + VeraCrypt 不支援在您當前使用的作業系統版本內加密系統分區/驅動器。 + 在您加密 Windows Vista 的系統分區/設備 前,您需要為 Vista 安裝 Service Pack 1 或更高版本的補丁。\n\n提示:Vista Service Pack 1解決了啟動系統時的自由基礎記憶體缺陷。 + VeraCrypt 不再支援對未安裝 SP 補丁的 Windows Vista 系統的系統分區/設備的加密。在升級 VeraCrypt 之前,請安裝 Vista 的 Service Pack 1 或更高補丁版本。 + 錯誤:此功能要求 VeraCrypt 必須安裝於當前系統(您正在以便攜模式運行 VeraCrypt)。\n\n請安裝 VeraCrypt 之後再試一次。 + 警告:Windows 看起來並未安裝在它所啟動的驅動器上。此功能目前尚不支援。\n\n盡在您確認 Windows 的確安裝在它所啟動的驅動器上時,您才應當繼續。\n\n您確認要繼續嗎? + 您的系統驅動器具有 GUID 分區表(GPT)。當前只支持具有 MBR 的分區表。 + 小心:VeraCrypt 啟動管理器已經安裝到了您的系統驅動器上了!\n\n這可能在您的電腦上已經加密了另外一個系統。\n\n警告:繼續加密當前運行的系統可能會導致其他系統無法啟動或導致資料無法訪問。\n\n您確定要繼續嗎? + 恢復原來的系統啟動管理器時失敗。\n\n請使用您的 VeraCrypt 應急盤('Repair Options' > 'Restore original system loader')或者 Windows 安裝盤來清除 VeraCrypt 啟動管理器。 + 原來的系統引導器沒有保存到應急盤上(可能原因:備份檔案丟失)。 + 寫入 MBR 磁區時失敗。\n\n您的 BIOS 可能設置為保護了 MBR 磁區或一些還原軟體也會保護 MBR。請確認沒有安裝保護 MBR 的還原軟體和檢查您的 BIOS 設置(啟動電腦後按 F2,Delete,或 Esc)中的 MBR/反病毒保護。 + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + 所要求版本的 VeraCrypt 啟動管理器當前沒有安裝。這可能導致某些設置無法保持。 + 提示:在某些環境,您可能希望避免外人(攻擊者)在您啟動電腦時看到您使用了 VeraCrypt 加密了系統。上面的選項允許您自定義 VeraCrypt 啟動管理器螢幕比避免此類被識別的事情發生。如果您啟用了第一個選項,在啟動管理器螢幕不會顯示任何文本(即時您輸入錯誤的密碼也不會顯示)。在您輸入密碼的時候電腦看起來就像被凍結的一樣。此外,也可以顯示自定義的資訊來誤導攻擊者。例如,諸如 "Missing operating system" 之類的英文資訊(這個資訊在 Windows 啟動管理器未發現啟動分區的時候顯示)。然而,必須要提醒的是,如果攻擊者分析硬碟的內容,他仍然可以發現硬碟上存在 VeraCrypt 啟動管理器(譯注:此乃下策矣)。 + 警告:請記住,如果您啟用此選項,VeraCrypt 啟動管理器不會顯示任何文本(即便是輸錯密碼了也不會顯示任何文本)。電腦在夠輸入密碼的時候電腦看起來就像被凍結(沒有回應)一樣(游標不會移動並且在按下按鍵的時候也不會顯示遮罩)。\n\n您確認要啟用此選項嗎? + 您的系統分區/驅動器看起來已被完全加密了。 + VeraCrypt 不支援加密已經轉換為動態磁片的系統驅動器。 + 該系統驅動器包含擴展(邏輯)分區。\n\n 您只能在 Windows Vista 或以後版本中加密包含擴展(邏輯)分區的整個系統驅動器。而在 Windows XP 系統中,您只可以加密僅含有一個主分區的整個系統驅動器。\n\n請注意:您仍然可以加密系統分區,來取代加密整個驅動器(並且,有別於加密整個驅動器,您可以在驅動器上的任何非系統分區創建分區類型的 VeraCrypt 加密卷)。 + 警告: 由於您運行的系統為 Windows XP/2003,在您開始加密驅動器之後,您一定不要在其上面再創建建擴展(邏輯)分區(您只可以創建主分區)。當您開始加密以後,任何的擴展分區均將無法再繼續訪問。\n\n說明:如果您無法接受這個條件,您可以返回和選擇只加密系統所在分區而不是選擇加密系統所在硬碟驅動器(另外,您可以在驅動器上的任何非系統分區創建分區類型的加密卷)。\n\n作為替代方案,如果您無法接受這個條件,您也可以考慮升級到 Windows Vista 或以後版本(您只可以在 Windows Vista 或以後版本中加密包含擴展/邏輯分區的整個驅動器)。 + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + 您確認要加密系統所在分區,而不是加密整個硬碟嗎?\n\n說明:除了加密系統所在分區之外,您可以在該硬碟驅動器上的非系統分區創建分區類型的 VeraCrypt 加密卷。 + 由於您的系統驅動器僅包含一個佔據了整個驅動器的分區,更適合(更安全)加密整個包含鬆散空間(通常位於這樣分區的周圍)的驅動器。\n\n您希望加密整個系統驅動器嗎? + 您的系統已配置為在非系統分區存儲暫存檔案。\n\n暫存檔案應該只位於系統分區(出於安全考慮)。 + 您的用戶配置檔並非設置在系統分區。\n\n用戶配置檔應該只存儲於系統分區(出於安全考慮)。 + 非系統分區存在頁面檔。\n\n頁面檔應該只存儲於系統分區(出於安全考慮) + 您想要設置 Windows 僅在 Windows 分區生成頁面檔嗎?\n\n請注意,如果您點擊 '是',電腦將會重新啟動。之後請啟動 VeraCrypt 和嘗試再次創建隱形系統。 + 否則,隱形系統的隱蔽性將會受到嚴重影響。\n\n說明:如果攻擊者分析這些檔的內容(存在於非系統分區中),他可能會發現您在隱形系統創建模式裏面使用了此嚮導(這可能暗示電腦上存在隱形系統)。還需說明的是,存儲於系統分區的此類檔,在隱形系統創建過程中將會被安全擦除。 + 警告:在隱形系統創建過程中,您將會被要求全新安裝當前運行的作業系統(以便安全創建迷惑系統)。\n\n說明:當前運行的作業系統和該系統分區的全部內容將會被複製到隱藏加密卷(以便創建隱形系統)。\n\n\n您確認您將使用 Windows 安裝介質安裝此系統嗎(或使用服務分區)? + 安全起見,如果當前運行的作業系統需要啟動,則必須在繼續進行克隆前啟動。注意到隱形作業系統將通過複製當前作業系統的內容到隱藏加密卷來得以創建(因此如果當前作業系統未啟動,則隱形作業系統也處於未啟動狀態)。更多資訊,請參考《VeraCrypt User's Guide》的 "Security Precautions Pertaining to Hidden Volumes" 章節。\n\n重要:在繼續進行前,確認您已經閱讀了《VeraCrypt User's Guide》的 "Security Precautions Pertaining to Hidden Volumes" 章節。\n\n\n當前運行的作業系統滿足上面的條件嗎? + 您的系統使用了一個額外的啟動分區。VeraCrypt 不支援使用額外啟動分區的隱形系統的休眠(迷惑系統完全可以休眠)。\n\n請注意,啟動分區應當被迷惑系統和隱形系統所共同使用。因此,為了防止資料洩露和由於休眠所導致的問題,VeraCrypt 只能阻止隱形系統寫入資料到共用的啟動分區和阻止隱形系統使用休眠。\n\n\n您確認要繼續嗎?如果您選擇 '否',則會顯示移除額外啟動分區的提示資訊。 + \n在安裝 Windows 之前可以移除額外的啟動分區。想要如此,請遵循以下步驟(譯者注:這些步驟沒有在XP安裝光碟看到,請讀者自悟吧,抱歉):\n\n1)啟動您的 Windows 安裝光碟。\n\n2)在 Windows 安裝螢幕,選擇 '現在安裝' > '自定義(高級)'.\n\n3)點擊 '驅動器 選項'。\n\n4)選擇主系統分區並選擇刪除這個分區,之後再確認刪除(安裝盤刪除分區的時候會多次確認)。\n\n5)選擇 '系統保留' 分區,選擇 '擴展',並增加它的大小直到可以安裝系統為止。\n\n6)選擇 '應用' 和確認。\n\n7)安裝 Windows 到 '系統保留' 分區。\n\n\n如果攻擊者詢問您移除額外啟動分區的原因,您可以回答是因為您不希望資料洩露到未加密的啟動分區。\n\n注意:您可以通過點擊下面的 "列印" 按鈕列印這些文本。如果您列印了這些文本,強烈建議您在移除額外啟動分區後銷毀這些紙張(否則,如果這些紙張被發現,可能暗示著存在隱形系統)。 + 警告:在系統分區和其後的第一個分區之間存在未分配空間。在您創建隱形作業系統之後,您必須不能在此未分配空間上創建任何新的分區,否則,隱形作業系統將無法啟動(直到刪除了這個新創建的分區)。 + 此演算法當前不支援系統加密。 + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + 密鑰檔當前不支援用在系統加密中。 + 警告:VeraCrypt 不能存儲原始鍵盤佈局。這可能導致您無法正確輸入密碼。 + 錯誤:不能設置 VeraCrypt 鍵盤佈局為標準的美國鍵盤佈局。\n\n說明:在 Windows 啟動前的啟動驗證裏需要輸入密碼,此時非美國標準鍵盤佈局不可用。因此,密碼必須使用標準的美國鍵盤佈局輸入。 + 由於 VeraCrypt 臨時改變鍵盤佈局為標準的美國鍵盤,目前在按下 ALT 按鍵的情況下無法通過鍵盤輸入字元。然而您可以按下 Shift 鍵的時候輸入大多數此類字元。 + VeraCrypt 會阻止對鍵盤佈局的修改。 + 說明:在 Windows 啟動前的啟動驗證裏需要輸入密碼,此時非美國標準鍵盤佈局不可用。因此,密碼必須使用標準的美國鍵盤佈局輸入。然而,這不需要您必須使用真實的美國鍵盤。VeraCrypt 在您沒有美國鍵盤的情況下也能夠自動的保證您能夠安全的輸入密碼(現在和啟動驗證環境)。 + 在您加密系統分區/驅動器前,您必須創建一個 VeraCrypt 應急盤,用途如下:\n\n- 如果 VeraCrypt 啟動管理器、主密鑰、或其他關鍵資料損壞了,可以使用應急盤修復它們(當然你必須輸入正確的密碼)。\n\n- 如果 Windows 系統損壞了並且無法啟動,你可以在 Windows 啟動前使用應急盤永久解密這個分區/驅動器。\n\n- 應急盤包含第一個柱面當前內容的備份(通常包含系統引導器或者啟動管理器),在必要的時候你可以恢復它們。\n\nVeraCrypt 應急盤 ISO 映射檔將會在下面指定位置創建。 + 在您點擊確定後,微軟的 Windows 磁片映射刻錄器將會被啟動。請使用它刻錄 VeraCrypt 應急盤映射檔到 CD 或 DVD 中。\n\n在操作完這些之後,請返回到 VeraCrypt 加密卷創建嚮導並遵循嚮導的指令。 + 應急盤 ISO 鏡像檔已經創建並存儲為檔: %s\n\n現在您需要把應急盤刻錄到 CD 或 DVD。\n\n在刻錄應急盤後,點擊 '下一步' 按鈕驗證應急盤已經成功刻錄。\n\n%ls在刻錄完應急盤之後,請點擊 "下一步" 按鈕驗證應急盤是否被成功刻錄。 + 應急盤映射檔已經被創建並且存儲為檔: %s\n\n現在您應當刻錄該應急盤到 CD/DVD 中去或者移動該 ISO 檔到一個安全的位置以備以後使用。\n\n%ls點擊 '下一步' 繼續。 + 重要:請注意,映射檔必須以 ISO 磁片映射檔的方式刻錄到 CD/DVD 中去(不能刻錄為單個的資料檔案)。要獲取更多的關於如何刻錄 ISO 檔的資訊,請參考您的 CD/DVD 刻錄軟體的說明書。如果您還沒有刻錄 ISO 鏡像檔的光碟刻錄軟體,請點下面鏈結下載這樣的免費刻錄軟體。\n\n + 啟動微軟 Windows 磁片映射刻錄器 + 警告:如果您已經創建了 VeraCrypt 應急盤,它將不能再用於系統分區/驅動器,這是因為您每次加密系統分區/驅動器時都會使用不同的主密鑰,儘管您使用的是同樣的密碼,您也必須創建一個新的 VeraCrypt 應急盤。 + 錯誤:不能保存系統加密設置。 + 不能初始化系統加密預測試。 + 不能初始化創建隱形作業系統的過程。 + 擦除模式 + 在某些存儲介質上,當資料被其他資料覆蓋後,也仍有可能通過磁力顯微技術恢復出來被覆蓋的資料。這也包括一些被加密方式覆蓋的資料(這在 VeraCrypt 加密那些原來沒有加密的系統分區或系統驅動器時可能會發生)。根據一些研究機構和政府機構發佈的文獻,通過使用偽隨機或非亂數據覆蓋一定次數可以阻止資料恢復或使資料恢復變的異常困難。因此,如果您確認攻擊者可能會使用類似磁力顯微技術恢復您的加密資料,您可以選擇下拉清單中幾種擦除演算法中的一種(已經存在的資料不會丟失)。需要說明的是在分區/驅動器加密後不需要再執行擦除操作。當分區/驅動器被完全加密後,不會再有非加密資料向其寫入。寫入加密卷中的任何資料都是在記憶體中即時加密,然後這些已加密資料才會被寫入到磁片。 + 在某些存儲介質上,當資料被其他資料覆蓋後,也仍有可能通過磁力顯微技術恢復出來被覆蓋的資料。根據一些研究機構和政府機構發佈的文獻,通過使用偽隨機或非亂數據覆蓋一定次數可以阻止資料恢復或使資料恢復變的異常困難。因此,如果您確認攻擊者可能會使用類似磁力顯微技術恢復您的加密資料,您可以選擇下拉清單中幾種擦除演算法中的一種(已經存在的資料不會丟失)。\n\n說明:擦除次數越多,花費的時間越長。 + 正在擦除 + \n說明:您可以中斷擦除的過程,關閉您的電腦,重新啟動隱形系統並在此後繼續這個過程(該嚮導將會被自動運行)。然而,如果您中斷此過程,整個擦除將會從頭開始執行。 + \n\n說明:如果您中斷了擦除的過程並想在以後繼續擦除,整個的過程將不得不從頭開始。 + 您確認要放棄擦除過程嗎? + 警告:選定 分區/設備 的全部內容將會被擦除並因此而丟失。 + 原始作業系統所在的分區將會被擦除。\n\n說明:該分區的全部內容已經複製到了隱形系統分區。 + 警告:請注意如果使用 3-次擦除模式,加密驅動器/分區需要時間將會增加為原來的4倍。同樣,如果你選擇了35-次擦除模式,所消耗的時間會為原來的36倍(如果分區容量很大,很可能花費幾周的時間)。\n\n然而,請注意在分區/驅動器完全加密後〖無須〗再對其執行擦除操作。在分區/驅動器被完全加密後,將不會再有非加密的資料向該分區/驅動器寫入。所有寫入的資料首先都會在記憶體中即時加密,之後才會向分區/驅動器寫入加密的資料(因此並不會影響性能)。\n\n您確認要使用這種擦除模式嗎? + 無(最快) + 1-次擦除(亂數據) + 3-次擦除(US DoD 5220.22-M) + 7-次擦除(US DoD 5220.22-M) + 35-次擦除("Gutmann") + 256-次擦除 + 作業系統數目 + 警告:入門用戶應當從來不嘗試加密多重啟動方式的 Windows 。\n\n希望繼續嗎? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + 引導驅動器 + 當前運行的作業系統安裝到了引導驅動器上了嗎?\n\n說明:有時 Windows 可能並未安裝到 Windows 啟動管理器(活動分區)分區上。如果屬於這種情況,請選擇 '否'。 + VeraCrypt 當前不支持加密安裝到非活動分區上的系統。 + 系統驅動器數目 + 有多少個驅動器含有作業系統?\n\n說明:例如,您在主驅動器上安裝了任意系統(例如. Windows,Mac OS X,Linux,等等),在第二個驅動器上安裝了其他的作業系統,這時就選擇 '2 個或多個'。 + VeraCrypt 目前不支援對包含多個作業系統的整個硬碟驅動器的加密。\n\n可能的解決方法:\n\n- 您可以後退並選擇只加密單系統分區加密其中的一個系統(與選擇加密整個系統驅動器相反)。\n\n- 或者,你也可以把要加密的驅動器中的其他系統遷移到其他的驅動器,而只在其中保留一個系統。 + 單驅動器中包含多個系統 + 在當前運行的系統所安裝的驅動器中,是否包含其他任何作業系統?\n\n說明:例如當前運行的作業系統安裝在驅動器 #0,該驅動器包含幾個分區,其中一個分區安裝了 Windows 系統,而另一個分區安裝了其他任何作業系統(例如. Windows,Mac OS X,Linux,等等.),請選擇 '是'。 + 非 Windows 啟動管理器 + 是否安裝了一個非 Windows 啟動管理器(或啟動管理器)到 MBR 中了嗎?\n\n說明:例如,可啟動的驅動器的第一個柱面包含 GRUB、LILO、XOSL,或其他非 Windows 啟動管理器(或啟動管理器),則選擇 '是'。 + 多重啟動 + VeraCrypt 目前不支持在 MBR 中安裝的非 Windows 多重啟動管理器。\n\n可能的解決辦法:\n\n- 如果您使用了一個啟動管理器來啟動 Windows 或 Linux,把啟動管理器(典型的,例如 GRUB)從 MBR 中遷移到分區上。之後再次啟動嚮導和加密系統分區/設備。說明:VeraCrypt 啟動管理器將會成為主啟動管理器,並且會允許您把原來的啟動管理器(例如 GRUB)作為第二啟動管理器(通過在 VeraCrypt 啟動管理器螢幕按下 ESC 按鍵),因此你仍然可以啟動 Linux。 + 如果當前運行的系統安裝在活動分區上,隨後,在您加密了該分區後,儘管您想要啟動其他未加密的系統,您仍然要輸入正確的密碼(因為它們都會共用同一個加密的 Windows 啟動管理器)。\n\n相反的,如果當前運行的系統並沒有安裝到 Windows 的啟動分區(或者如果其他系統並未使用 Windows 啟動管理器),隨後,在您加密了該分區後,您在啟動其他未加密的系統時不需要輸入正確的密碼 -- 您只需按 ESC 按鍵來啟動未加密的系統(如果存在多個未加密的系統,您也同樣需要在 VeraCrypt 的啟動管理器中選擇要啟動的系統)。\n\n說明:通常情況下,最早安裝的那個系統一般都會安裝到啟動分區。 + 加密主機保護區域(Host Protected Area) + 在很多硬碟的尾部,存在一個相對於作業系統隱藏的區域(這些區域通常被稱作主機保護區域)。然而,某些程式可以從這些區域中讀寫資料。\n\n警告:某些電腦供應商可能使用這些區域存儲用於 RAID、系統恢復、系統設置、診斷的工具和資料,或用於其他目地。如果此類工具和資料必須在啟動前訪問,那麼這些隱藏區域不應當被加密(在上面選擇 '否')。\n\n您希望 VeraCrypt 檢測和解密系統驅動器尾部這些隱藏區域嗎? + 系統加密類型 + 如果您只想加密系統分區或整個系統驅動器,請選擇此項。 + 可能存在某些人強迫您解密作業系統的情況。在很多情況下您可能無法拒絕洩漏密碼(例如,被勒索)。如果您選擇了這個選項,您將會創建一個沒有任何手段可以識別的隱形作業系統(當然這得需要您遵循一定的步驟創建)。因此,您一定不要解密或者洩漏隱形作業系統的密碼(譯者注:這是因為隱形作業系統的存在只有你才知道,你不說沒有任何手段可以檢測到),如若獲取更多資訊,請單擊下面鏈結。 + 可能存在某些人強迫您解密作業系統的情況。在很多情況下您可能無法拒絕洩漏密碼(例如,被勒索)。\n\n使用本嚮導,您將能夠創建一個沒有任何手段可以識別的隱形作業系統(當然這得需要您遵循一定的步驟創建)。因此,您一定不要解密隱形系統或者洩漏隱形作業系統的密碼(譯者注:這是因為隱形作業系統的存在只有你才知道,你不說沒有任何手段可以檢測到)。 + 隱形作業系統 + 在後面步驟中,您將在系統分區之後的分區中創建兩個 VeraCrypt 加密卷(外層的和隱藏的)。隱藏加密卷將包含隱形作業系統。VeraCrypt 將通過複製系統分區(即當前系統所在分區)的內容到隱藏加密卷來創建隱形作業系統。對於外層加密卷而言,您可以複製一些您實際上並不想隱藏的貌似敏感的文件。它們將用來對付那些強迫您說出隱藏系統分區密碼的人。您可以把含隱形作業系統的外層加密卷的密碼告訴它們(此時仍然無法發現是否存在隱形作業系統)。\n\n最後,在當前當前運行的系統的分區,您將會安裝一個新的系統並加密以後作為迷惑系統來使用。這個迷惑系統不要含有任何敏感檔並且用來對付那些強迫您說出啟動驗證密碼的人。總而言之,一共有三個密碼,兩個密碼用於對付那些攻擊者(分別對應迷惑作業系統和外層加密卷。如果您使用第三個密碼,則將會啟動隱形作業系統。 + 正在檢測隱藏磁區 + 當 VeraCrypt 正在檢測系統驅動器尾部可能存在的隱藏磁區時,請稍候。注意該操作可能花費較長時間才能完成。\n\n注意:在極少數情況下,某些電腦環境中,系統可能在檢測過程中失去回應。如果發生此情況,重啟電腦,運行 VeraCrypt,重複前面步驟並跳過此檢測過程。此問題並不是 VeraCrypt 的程式 Bug。 + 要加密的區域 + 如果您想加密作業系統安裝和啟動的分區,請選擇此項。除了 VeraCrypt 啟動管理器存放的第一個柱面之外,包括所有分區的整個硬碟驅動器將會被加密。任何要訪問該驅動器上系統或檔的人都需要每次在系統啟動前輸入正確的密碼。如果 Windows 並未安裝到第二塊或外部驅動器上並且沒有從這些驅動器上啟動,此選項不能用於加密第二塊或外部驅動器。 + 正在搜集亂數據 + 密鑰已生成 + VeraCrypt 未在系統上發現燒錄機。VeraCrypt 需要 CD/DVD 燒錄機來刻錄一張可啟動的 VeraCrypt 應急盤,應急盤包含密鑰、VeraCrypt 啟動管理器、原始啟動管理器等資訊的備份。\n\n我們強烈建議您刻錄一張 VeraCrypt 應急盤。. + 我沒有 CD/DVD 燒錄機,但是我想在可移動驅動器上存放應急盤 ISO 映射檔(例如,USB 快閃記憶體)。 + 我將會在以後添加 CD/DVD 燒錄機到電腦上。現在終止創建過程。 + 現在 CD/DVD 燒錄機已經連接到電腦上了。繼續並且刻錄應急盤。 + 請遵循下麵步驟:\n\n1)現在連接可移動驅動器到電腦上,例如 USB 快閃記憶體。\n\n2)複製 VeraCrypt 應急盤映射檔(%s)到可移動驅動器上。\n\n考慮到您以後有使用 VeraCrypt 應急盤的可能,建議您把這個可移動驅動器連接到其他有燒錄機的電腦上,使用這個映射檔刻錄一張應急盤。重要:請注意,VeraCrypt 應急盤映射檔必須以映射檔方式刻錄,不能刻錄為資料光碟。 + 正在刻錄應急盤 + 應急盤已創建 + 系統加密預測試 + 應急盤已驗證 + \nVeraCrypt 應急盤已被成功驗證。請從光碟機中取出應急盤並把它存放到安全的地方。\n\n點擊 '下一步' 繼續。 + 警告:在下面步驟中,VeraCrypt 應急盤必須不能放在光碟機中。否則就不可能正確完成此步驟。\n\n請從光碟機中取出應急盤並把他放在一個安全的地方,之後點 '確定' 按鈕。 + 警告:由於啟動驗證環境(即在 Windows 系統啟動前)的技術局限,VeraCrypt 在啟動驗證環境顯示的文本不能被本地化。VeraCrypt 引導管理器的介面完全為英文模式。\n\n確認繼續嗎? + 在加密系統分區或啟動前,VeraCrypt 需要驗證每個環節都正確無誤。\n\n在點擊“測試”按鈕以後,所有的元件(例如,啟動驗證元件,即 VeraCrypt 啟動管理器)將會被安裝並且您的電腦將會重啟。之後您需要在 Windows 啟動前的 VeraCrypt 啟動管理器介面輸入您的密碼。在 Windows 啟動後,程式將會自動通知您測試的結果。\n\n以下設備將會被修改: 驅動器 #%d\n\n\n如果您點擊 '取消',將不會安裝任何內容並且預測試將不會被執行。 + 重要提示 -- 請仔細閱讀或列印(點擊 '列印'):\n\n注意:在您成功重啟電腦和啟動 Windows 前,您的檔並沒有被加密。因此,如果出現任何失敗,您的資料不會丟失。然而,如果過程中發生某些錯誤,您可能在啟動 Windows 時會遇到麻煩。因此,請閱讀(如果可能,請列印)下面的操作指南,以瞭解在重啟電腦後不能啟動 Windows 時如何操作。\n\n + 不能啟動 Windows 時如何操作 ------------------------------------------------\n\n注意:這些指令僅在您還沒有開始加密時有效。\n\n- 如果在輸入正確的密碼後 Windows 未能啟動(或者您持續的輸入正確的密碼但 VeraCrypt 始終提示密碼錯誤),請不要驚慌。重啟電腦(或關機後再開機),在 TrueCrpyt 啟動管理器螢幕,按下鍵盤的 ESC 按鍵(並且如果您有多個系統,就選擇啟動哪個系統)。之後 Windows 應當會啟動(此時尚未加密系統)並且 VeraCrypt 會自動詢問你是否要卸載啟動驗證元件。如果由於系統分區/驅動器已經加密而導致前面步驟無效(沒有正確的密碼,沒有人可以啟動加密系統或者訪問該驅動器上的加密資料,即使他遵循前面步驟)。\n\n + - 如果前面步驟無效或者 VeraCrypt 啟動管理器螢幕並沒有出現(在 Windows 啟動前),請在光碟機中插入 VeraCrypt 應急盤並重啟電腦。如果 VeraCrypt 啟動管理器螢幕沒有出現 或者如果您在啟動管理器螢幕的 'Keyboard Controls' 部份沒有看到 'Repair Options' 項目,很可能您的 BIOS 設置了硬碟優先於光碟機啟動。如果是這種情況,重啟電腦,當你一看到 BIOS 啟動螢幕的時候按下 F2 或 DEL 按鍵,直到 BISO 設置介面出現。如果 BIOS 設置介面沒有出現,再次重啟電腦,在你按下重啟鍵的時候就按住 F2 或 DEL 按鍵。當 BIOS 設置介面出現時,配置您的 BIOS 優先從光碟機啟動(相關資訊可以參考您的主板說明書或者資訊您的電腦供應商尋求技術協助)。之後重啟電腦。VeraCrypt 啟動管理器應該就會從應急盤中啟動了。在VeraCrypt 啟動管理器螢幕,按下鍵盤的 F8 按鍵選擇修復選項(Repair Options)。在修復選項 'Repair Options' 功能表,選擇 'Restore VeraCrypt Boot Loader'(恢復啟動管理器)。之後從光碟機中取出應急盤並重啟電腦。之後 Windows 應當會啟動(此時尚未加密系統)。\n\n + 注意,如果由於系統分區/驅動器已經加密而導致前面步驟無效(沒有正確的密碼,沒有人可以啟動加密系統或者訪問該驅動器上的加密資料,即使他遵循前面步驟)。\n\n\n即使你丟失了你的 VeraCrypt 應急盤並且被攻擊者發現了,他們沒有正確的密碼也無法解密已經加密了的系統分區或驅動器。 + 預測試已經完成 + 預測試已經成功完成。\n\n警告:請注意,加密時如果遇到突然斷電、或者加密時由於軟硬體故障而導致的系統當機,有些資料可能會損壞或丟失。因此,在您開始加密前,請確認您已經備份了要加密的資料。如果您還沒有備份,請現在就備份這些資料(您可以點擊 '推遲',備份檔案,之後在以後的任何時候再運行 VeraCrypt,並選擇 '系統' > '繼續中斷的進程' 來啟動加密)。\n\n當一切準備就緒時,點擊 '加密' 開始執行加密過程。 + 您可以在任何時候點擊 '暫停' 或者 '推遲' 以打斷加解密進程、退出嚮導、重啟或關閉電腦,並在以後繼續中斷的進程,繼續時將會從中斷位置開始。為防止對系統或程式讀寫系統驅動器造成的速度降低,VeraCrypt 會自動等待資料讀寫完畢後(參考上面的狀態)自動繼續加解密。 + \n\n您可以在加密過程的任何時候點擊 '暫停' 或者 '推遲',來中斷加密的過程,退出嚮導,重啟電腦,並在此後繼續該過程,繼續的時候將會從上次中斷之處開始。注意:此加密卷在完全加密之前無法被載入。 + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + 隱形系統已啟動 + 原始系統 + Windows 會在系統分區創建(通常情況下,您並不知道或者同意)不同的日誌檔、暫存檔案等等。同時也會在系統分區存儲記憶體中的內容到休眠檔或虛擬記憶體頁面檔。因此,如果攻擊者分析原始系統(即隱形系統所克隆的系統來源)所在分區的檔,他可能會發現,例如,您使用過 VeraCrypt 嚮導的隱形系統創建模式(因此可能暗示電腦中存在隱形系統。\n\n要預防此類問題,在後面步驟中,VeraCrypt 將會安全擦除原始系統所在分區的所有內容。在此之後,為了達到隱蔽性,您需要在此分區上安裝新的作業系統並使用 VeraCrypt 加密它(即成為所謂的迷惑系統)。因此您將會創建完成這個迷惑系統並且整個隱形系統的創建過程也會相應的完成。 + 隱形系統已經成功創建。然而,在您使用隱形系統(以及達到隱蔽性)之前,您需要安全擦除當前運行的系統所在分區的全部內容(使用 VeraCrypt)。在您這樣做之前,您需要重啟電腦,並在之後的VeraCrypt 啟動管理器螢幕(在 Windows 啟動前出現),輸入隱形系統的密碼。之後,在隱形系統啟動後,VeraCrypt 嚮導將會自動載入。\n\n說明:如果您現在選擇終止隱形系統的創建過程,您將〖無法再〗繼續該過程並且隱形系統將〖不能再〗被訪問(這是因為 VeraCrypt 啟動管理器將會被移除)。 + 您已經設置了創建隱形系統的計畫任務。該計畫尚未完成。要完成該計畫,您需要重啟電腦,並在 VeraCrypt 啟動管理器螢幕(在 Windows 啟動前出現),輸入隱形系統的密碼。\n\n注意:如果您現在選擇終止隱形系統的創建過程,您將〖無法〗再繼續該過程。 + 重啟電腦並繼續 + 永久終止隱形系統的創建過程 + 什麼也不做並在以後詢問 + \n如果可能,請列印此段文本(單擊下面的“列印”按鈕)。\n\n\nVeraCrypt 應急盤使用時機和使用方法(加密後)-----------------------------------------------------------------------------------\n\n + I. 如何啟動 VeraCrypt 應急盤\n\n要使用 VeraCrypt 應急盤,把應急盤插入光碟機並重啟電腦。如果 VeraCrypt 應急盤螢幕並沒有出現(或者如果您在啟動管理器螢幕的 'Keyboard Controls' 部份沒有看到 'Repair Options' 項目),很可能您的 BIOS 設置了硬碟優先於光碟機啟動。如果是這種情況,重啟電腦,當你一看到 BIOS 啟動螢幕的時候按下 F2 或 DEL 按鍵,直到 BISO 設置介面出現。如果 BIOS 設置介面沒有出現,再次重啟電腦,在你按下重啟鍵的時候就按住 F2 或 DEL 按鍵。當 BIOS 設置介面出現時,配置您的 BIOS 優先從光碟機啟動(相關資訊可以參考您的主板說明書或者資訊您的電腦供應商尋求技術協助)。之後重啟電腦。VeraCrypt 啟動管理器應該就會從應急盤中啟動了。提示:在VeraCrypt 啟動管理器螢幕,您可以按下鍵盤的 F8 按鍵選擇修復選項(Repair Options)。\n\n\n + II. VeraCrypt 應急盤使用時機和使用方法(加密後)\n\n + 1)如果在你啟動電腦前沒有出現 VeraCrypt 啟動管理器螢幕(或者 Windows 沒有能夠啟動),那麼 VeraCrypt 啟動管理器可能已經損壞。VeraCrypt 應急盤允許您恢復啟動管理器並重新獲取對加密系統和資料的訪問(當然您仍然需要輸入正確的密碼)。在應急盤螢幕選擇修復選項 'Repair Options' > 'Restore VeraCrypt Boot Loader'(恢復啟動管理器)。之後按下 'Y' 按鍵確認操作,從光碟機中取出應急盤並重啟電腦。\n\n + 2)如果您持續輸入正確密碼而 VeraCrypt 仍然提示密碼錯誤(password is incorrect),很可能是主密鑰或其他關鍵資料已經毀壞。VeraCrypt 應急盤允許您恢復這些資料因此就可以重新訪問這些加密的系統和資料了(當然您仍然需要輸入正確的密碼)。在應急盤螢幕,選擇修復選項 'Repair Options' > 'Restore key data'(恢復密鑰資料)。之後輸入您的密碼,按下鍵盤的 'Y' 確認操作,從光碟機中取出應急盤並重啟電腦。\n\n + 3)如果 VeraCrypt 啟動管理器被惡意程式損壞了或感染了,您可以通過運行應急盤來避免運行惡意程式。在光碟機中插入應急盤之後在應急盤螢幕輸入您的密碼。\n\n + 4)如果 Windows 已經損壞並且不能啟動,VeraCrypt 應急盤也可以允許您在啟動 Windows 前永久解密分區/驅動器,在應急盤螢幕,選擇修復選項 'Repair Options' > 'Permanently decrypt system partition/drive'(永久解密系統分區/驅動器)。之後輸入正確的密碼直到解密完成。接下來,您就可以啟動 Windows 的安裝光碟來修復 Windows 了。\n\n + 提示:另外一種方式,如果 Windows 已經損壞不能啟動,您需要修復它(或者訪問其上的檔),您可以通過以下步驟避免解密系統分區/驅動器:如果您在電腦上安裝了多個作業系統,啟動其中的某個不需要啟動驗證的系統。如果您的電腦沒有安裝多個作業系統,您可以啟動一個 WinPE 或者 BartPE CD/DVD 系統,或者是把硬碟驅動器連接到其他電腦上作為從盤並啟動其他電腦上的系統。在啟動到此類系統環境之後,運行 VeraCrypt,點擊 '選擇設備',選擇該受影響的系統分區,點擊 '確定',選擇 '系統' > '以非啟動驗證方式載入',輸入您的啟動驗證密碼並點擊 '確定' 按鈕。該分區將會以常規 VeraCrypt 加密分區的方式載入(資料也會象常規加密卷資料一樣在記憶體中即時加解密)。\n\n\n + 注意:即使你丟失了你的 VeraCrypt 應急盤並且被攻擊者發現了,他們沒有正確的密碼也無法解密已經加密了的系統分區或驅動器。 + \n\n重要 -- 如有可能請列印出來(點擊 '列印')。\n\n\n注意:這些文本在您每次啟動隱形系統時會自動顯示,直到您開始創建迷惑系統。\n\n\n + 如何成功和安全的創建迷惑系統 ----------------------------------------------------------------------------\n\n為了達到隱蔽性的目地,您現在應當創建迷惑系統。要達到這個目地,請遵循如下步驟:\n\n + 1)安全考慮,關閉您的電腦並保持關機狀態幾分鐘(時間越長越好)。這是出於清除記憶體中敏感資料的需要。之後打開電腦但不要啟動隱形系統。\n\n + 2)在已被擦除內容的原系統分區上安裝 Windows(也就是之前隱形系統克隆的系統源分區)。\n\n重要:在您開始安裝迷惑作業系統時,隱形系統將無法啟動(這是因為 VeraCrypt 啟動管理器將會被 Windows 系統安裝程式所清除)。這種情況是很正常的,遇到了請不必驚慌。一旦您開始加密迷惑系統,您就能夠啟動隱形系統了(這是因為 VeraCrypt 之後會自動在系統啟動器上安裝 VeraCrypt 啟動管理器)。\n\n重要:迷惑系統分區的大小必須等於隱藏加密卷的大小(此條件已達到)。並且,您必須不能在迷惑系統分區和隱形系統所在分區之間創建任何分區。\n\n + 3)啟動迷惑系統(即您在前面的第 2) 步中安裝的並把 VeraCrypt 安裝到其中的那個系統)。\n\n必須牢記迷惑系統中從來都不要包含任何敏感資料。\n\n + 4)在迷惑系統中,運行 VeraCrypt 並選擇 '系統' > '加密系統分區/設備'。將會出現 VeraCrypt 加密卷創建嚮導。\n\n VeraCrypt 加密卷創建嚮導中執行以下步驟。\n\n + 5)在 VeraCrypt 加密卷創建嚮導中,不要選擇 '隱藏' 選項。保持 '常規' 選項為選中狀態並點擊 '下一步'。\n\n + 6)選擇選項 '加密 Windows 系統分區' 並點擊 '下一步'。\n\n + 7)如果電腦中只安裝了一個隱形系統和迷惑系統,請選擇 '單系統'(如果在這兩個系統之外還有其他系統,請選擇 '多系統')。之後點擊 '下一步'。\n\n + 8)重要:在本步中,對於迷惑系統,您必須選擇與加密隱形系統相同的加密演算法和哈希演算法!否則將無法訪問隱形系統。換句話說,迷惑系統和隱形系統的加密演算法必須系統。說明:原因是迷惑系統和隱形系統共用一個單啟動管理器,這個管理器只支持用戶選擇的某個單一演算法(對於每種演算法,都會對應一個特定的 VeraCrypt 啟動管理器版本)。\n\n + 9)在這個步驟中,為迷惑系統選擇一個密碼。當您被要求或者強迫提供啟動驗證密碼時您可以洩漏這個迷惑系統的密碼(另外一個可以洩漏的密碼是外層加密卷密碼)。而第三個密碼(也就是啟動驗證裏面用於啟動隱形系統的密碼)仍然是保密的。\n\n重要:迷惑系統的密碼必須完全不同於隱藏加密卷的密碼(隱藏加密卷的密碼也就是隱形作業系統的密碼)。\n\n + 10)遵循嚮導的其餘指令以加密迷惑作業系統。\n\n\n\n + 在迷惑作業系統創建之後 ------------------------------------------------\n\n在您加密了迷惑作業系統之後,這個隱形系統的創建就完成了,這時您可以使用三個密碼:\n\n1)啟動驗證中用於啟動隱形系統的密碼。\n\n2)啟動驗證中用於啟動迷惑作業系統的密碼。\n\n3)用於外層加密卷的密碼。\n\n + 如果您想啟動隱形作業系統,只需要在 VeraCrypt 啟動管理器螢幕(該螢幕出現於您開機或者重啟系統的時候)輸入隱形作業系統的密碼。\n\n如果您想啟動迷惑作業系統,只需要在 VeraCrypt 啟動管理器螢幕輸入迷惑作業系統的密碼即可。\n\n迷惑作業系統的密碼可以洩漏給強迫您說出密碼的人,而此時隱藏加密卷(以及隱形作業系統)的存在仍然是保密的。\n\n + 第三個密碼(外層加密卷的密碼),可以洩漏給強迫您說出系統分區之後那個分區密碼的人(這個分區包含外層加密卷和隱藏加密卷,隱藏加密卷中即為隱形系統)。而此時隱藏加密卷(以及隱形作業系統)的存在仍然是保密的。\n\n\n + 如果您把迷惑系統的密碼洩漏給強迫您說出密碼的人,如果他詢問為什麼(迷惑)系統分區的自由空間包含亂數據,您可以回答,例如:"這個分區以前包含 VeraCrypt 加密的系統但是我忘記了密碼(或者說這個系統已經損壞和無法啟動了),因此我不得不安裝了 Windows 和重新加密了這個分區"。\n\n\n + 如果您遵循了前面的指令並且遵循了《VeraCrypt User Guide》中的 "Security Precautions Pertaining to Hidden Volumes" 章節所提到的防護措施,則外人無法證明隱藏加密卷和隱形系統的存在,哪怕是外層加密卷已被載入或迷惑作業系統已被解密/啟動。\n\n如果您列印了此文本,在您創建迷惑作業系統之後並理解了文本中所述內容之後,強烈建議您銷毀這個文本(否則,如果該文本紙張被發現,可能會暗示電腦上有存在隱形系統的可能)。 + 警告:如果您沒有保護隱藏加密卷(保護的做法參考 VeraCrypt 用戶指南的"Protection of Hidden Volumes Against Damage"章節),請不要向外層加密卷寫入資料。否則您可能會覆蓋或損壞隱藏隱藏加密卷!請不要想外層加密卷寫入資料(注意,迷惑作業系統並未安裝在外層加密卷)。否則,您可能會覆蓋和損壞隱藏加密卷(以及在其內的隱形系統)! + 正在克隆作業系統 + 在下一步中,VeraCrypt 將會通過複製當前運行系統的內容到隱藏加密卷來創建隱形系統(被複製的資料將會使用與迷惑系統不同的密鑰即時加密))。\n\n請注意該過程將會在啟動驗證環境中執行(在 Windows 啟動前),並可能花費較長的時間;可能需要花費幾個小時或者幾天(依據系統分區容量和電腦性能而定,例如PM1.6GHz加密時大概的速度是0.5GB/分鐘左右)。\n\n您可以中斷該過程,關機,啟動作業系統並在此之後繼續該過程。然而,如果您中斷該過程,整個複製系統的過程將會不得不從頭開始(因為系統分區的內容在克隆期間必須不能被改變)。 + 您想要取消整個隱形作業系統的創建過程嗎?\n\n注意:如果現在取消,您將無法繼續該進程。 + 您要取消系統加密預測試嗎? + VeraCrypt 系統加密預測試失敗。您希望再試一次嗎?\n\n如果您選擇 '否',則啟動驗證元件將會被卸載。\n\n說明:如果 VeraCrypt 啟動管理器在 Windows 啟動前不要求您輸入密碼,這很可能是您的作業系統並沒有從該系統所安裝的驅動器引導的。目前並不支援這種方式。\n\n- 如果您使用了AES 之外的加密演算法並且預測試失敗了(並且您也輸入了密碼),這可能由有設計缺陷的驅動導致的。選擇 '否',嘗試再次加密系統分區/設備,但是要使用 AES 加密演算法(該演算法所需記憶體最低)。\n\n- 更多可能導致該錯誤的原因,請參考: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + 該系統分區/驅動器看起來沒有被加密(或者是沒有被完全加密)。 + 您的系統分區/驅動器已加密(部分或完全加密)。\n\n請在繼續進行前解密這個系統分區/驅動器。操作步驟:在 VeraCrypt 主視窗的功能表中,選擇 '系統' > '永久解密系統分區/驅動器'。 + 當系統分區/驅動器已被部份或完全加密時,您不能降級 VeraCrypt 的版本(但是可以更新到新版本或者從新安裝同一版本)。 + 您的系統分區/驅動器正在被加密/解密,或正在被修改。請在繼續操作前中斷這個加密/解密/修改進程(或者等待直到其完成)。 + 已經有 VeraCrypt 加密卷創建嚮導的實例在運行,並且正在執行對系統分區/驅動器的加密或解密操作。在您繼續前,請等候其完成或者關閉該實例。如果您無法關閉這個實例,請在繼續操作前重啟電腦。 + 加密或解密系統分區/驅動器的進程尚未完成。在進程完成前請稍候。 + 錯誤:加密分區/驅動器的過程已經未完成,該過程必須首先完成。 + 錯誤:加密 分區/卷 的過程尚未完成。您必須首先完成此過程。\n\n說明:要繼續該過程,在 TrueCrype 主介面的功能表中,選擇 '加密卷' > '繼續被中斷的過程'。 + 密碼正確,VeraCrypt 已經成功解密加密卷頭資訊並檢測到了該加密卷存在一個隱形的作業系統。然而,您不能以此種方式修改隱形系統卷的頭資訊。\n\n要修改隱形系統卷的密碼,請啟動隱形作業系統,之後在 VeraCrypt 主介面選擇 '系統' > '修改密碼' 。\n\n要設置首密鑰的生成演算法,啟動隱形作業系統並在程式視窗選擇 '系統' > '設置首密鑰生成演算法'。 + VeraCrypt 不支援就地(在隱形系統內)解密隱形作業系統分區。\n\n說明:如果您想要解密迷惑作業系統,可以啟動到迷惑作業系統,在 VeraCrypt 程式中選擇 '系統' > '永久解密系統分區/驅動器'。 + 錯誤:錯誤/無效的參數。 + 您已經選擇了一個分區或者設備,但是在嚮導模式您只能選擇檔型加密卷。\n\n您希望改變嚮導模式嗎? + 您想取代創建為 VeraCrypt 檔型加密卷嗎? + 您已經選擇了系統分區/驅動器(或啟動分區),但是您選擇的嚮導模式只適用於非系統驅動器。\n\n您希望設置啟動驗證(意味著每次啟動 Windows 前,都需要您輸入密碼)和加密系統分區或驅動器嗎? + 您確認要永久解密系統分區/驅動器嗎? + 小心:如果您永久解密系統分區或驅動器,資料將會恢復為未加密狀態。\n\n您確認要永久解密系統分區或驅動器嗎? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + 警告:如果您使用一種級聯演算法加密作業系統,您可能會遇到以下問題:\n\n1)VeraCrypt 啟動管理器體積偏大,因此驅動器的第一個柱面可能無法容納 VeraCrypt 啟動管理器的備份。因此,當其損壞的時候(這個可能會經常發生,例如,在某些程式的有設計缺陷的反隱私操作情況下),您將需要使用 VeraCrypt 應急盤啟動和修復 VeraCrypt 啟動管理器。\n\n2)在一些電腦上,導致休眠時間過長。\n\n這些潛在的問題可以通過選擇一種非級聯演算法(例如 AES)來預防。\n\n您真的要堅持繼續使用級聯演算法嗎? + 如果您遇到任何前面描述的問題,請解密該分區/驅動器(如果已加密)並使用一種非級聯演算法加密(例如 AES)。 + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + VeraCrypt 啟動管理器的版本與系統中安裝的 VeraCrypt 驅動和程式版本不一致。\n\n您應當運行 VeraCrypt 安裝程式(版本號與 VeraCrypt 啟動管理器相同)來更新作業系統中的 VeraCrypt。 + 啟動該系統的 VeraCrypt 啟動管理器版本號不同於安裝在系統上的 VeraCrypt 設備驅動或 VeraCrypt 應用程式的版本號。請注意,早期版本可能存在一些新版已經修復的 BUG。\n\n如果您並未從應急盤啟動,您應當重新安裝 VeraCrypt 或者更新到最新的穩定版本(啟動管理器也會隨之更新)。\n\n如果您從應急盤啟動,您應當更新應急盤('系統' > '創建應急盤')。 + VeraCrypt 啟動管理器已經成功更新。\n\n強烈建議您重啟電腦後選擇 '系統' > '創建應急盤' 來創建一個新的 VeraCrypt 應急盤(將會包含新版的 VeraCrypt 啟動管理器)。 + VeraCrypt 啟動管理器已經更新。\n\n強烈建議您啟動迷惑作業系統並通過選擇功能表 '系統' > '創建應急盤' 創建一個新的 VeraCrypt應急盤(將會包含新版本的 VeraCrypt 啟動管理器)。 + 更新 VeraCrypt 啟動管理器時失敗。 + VeraCrypt 檢測系統驅動器真實大小失敗,因此,作業系統所報告的大小(將會比實際小)將會被使用。另外需要指明的是,這並不是 VeraCrypt 的程式問題(BUG)。 + 警告:看起來 VeraCrypt 曾經檢測過此系統驅動器上的隱藏磁區。如果您在上次檢測過程中遇到任何問題,您可以通過跳過隱藏磁區檢測來避免這個問題。注意,如果跳過檢測,VeraCrypt 將會使用作業系統報告的容量(要小於真實驅動器的容量)。\n\n此問題並不是 VeraCrypt 的程式 Bug。 + 跳過隱藏磁區的檢測(使用作業系統報告的容量) + 嘗試再次檢測隱藏磁區 + 錯誤:磁片上一個或多個磁區的內容無法讀取(可能由於物理因素影響)。\n\n這些磁區能夠重新讀取之前,就地加密的過程將無法繼續。VeraCrypt 能夠嘗試向其中寫入 0 來使這些磁區可讀(之後這些 0 填充的區塊將會被加密)。然而,請注意存儲於這些不可讀磁區的資料將會丟失。如果您想要避免資料丟失,您可以使用適當的第三方軟體恢復這些損壞資料的某些部分。\n\n注意:在有物理損壞磁區的情況下(不同於簡單的資料損壞和校驗錯誤),當有資料試圖向這些損壞磁區寫入資料時,大多數存儲設備都會在內部為這些要寫入的資料重新分配磁區(因此當前損壞磁區上的現有資料可能在啟動器上仍然保持未加密狀態)。\n\n您希望 VeraCrypt 為這些不可讀磁區填充 0 嗎? + 錯誤:磁片上一個或多個磁區的內容無法讀取(可能由於物理因素影響)。\n\n為了能夠繼續加密,VeraCrypt 不得不放棄這些不可讀磁區(磁區內容會被偽亂數據填充)。請注意,在繼續進行之前,您可以嘗試使用適當的第三方軟體恢復任何損壞資料的一部分。\n\n您希望 VeraCrypt 廢棄不可讀磁區中的資料嗎? + 說明:VeraCrypt 已經把 %I64d 的不可讀磁區(%s)的當前內容全部替換為加密的全部為 0 的純文本塊。 + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + 輸入口權杖 '%s' 的密碼/PIN: + 為允許 VeraCrypt 訪問安全口權杖或智慧卡,您首先需要為口權杖或智慧卡安裝一種 PKCS #11 運行庫,這些運行庫可能已經隨設備提供,或者可以從供應商網站或其他第三方網站上下載。\n\n在您安裝了運行庫後,您可以通過單擊 '選擇運行庫' 手動選擇,或者通過單擊 自動檢測運行庫' 來讓 VeraCrypt 發現和選擇(僅會搜索 Windows 系統目錄,比較耗費時間)。 + 說明:對於安裝到您電腦上的 PKCS #11 運行庫以及安全口權杖或智慧卡的檔案名和位置,請參考口權杖、智慧卡的文檔,或者參考第三方軟體。\n\n單擊 '確定' 按鈕選擇路徑和檔案名。 + 為允許 VeraCrypt 訪問安全口權杖或智慧卡,您需要為口權杖或智慧卡選擇一種 PKCS #11 運行庫。要做到這點,請選擇 '設置' > '安全口權杖'。 + 初始化 PKCS #11 安全口權杖運行庫失敗。\n\n請確認指定路徑和檔案名對應有效的 PKCS #11 運行庫。要指定 PKCS #11 運行庫路徑和檔案名,選擇 '設置 > '安全口權杖'。 + 在 Windows 系統目錄未發現 PKCS #11 運行庫。\n\n請確認您的安全口權杖或智慧卡已經安裝了 PKCS #11 運行庫(這些運行庫可能已經隨設備提供,或者可以從供應商網站或其他第三方網站上下載)。如果是被安裝到 Windows 系統目錄之外的地方,請點擊 '選擇運行庫' 來定位運行庫位置(例如:口權杖/智能卡 的安裝檔夾。 + 未發現安全口權杖。\n\n請確認您的安全口權杖已經連接到您的電腦上並且已經安裝好了正確的設備驅動程式。 + 安全口權杖密鑰檔未發現。 + 已經存在同名的安全口權杖密鑰檔。 + 您想要刪除指定檔嗎? + 安全口權杖密鑰檔路徑無效。 + 安全口權杖錯誤 + 安全口權杖密碼不正確。 + 安全口權杖無足夠的 記憶體/空間 執行請求的操作。\n\n如果您試圖導入一個密鑰檔,您應當選擇一個小一些的檔或者使用由 VeraCrypt 生成的密鑰檔(選擇 '工具' > '密鑰文件生成器')。 + 所有打開的口權杖會話均已被關閉。 + 選擇安全口權杖密鑰檔 + 插槽 + 口權杖名稱 + 檔案名 + 重要:請注意,啟動驗證的密碼總是以美國鍵盤佈局輸入的。因此,對於使用非美國鍵盤佈局輸入密碼的加密卷,在使用緩存的密碼載入時是不可能被載入的(注意這不是 VeraCrypt 的程式缺陷)。要允許這樣的加密卷使用啟動驗證密碼載入,請遵循以下步驟:\n\n1)點擊 '選擇檔' 或 '選擇設備' 並選擇加密卷。 2)選擇 '加密卷' > '更改加密卷密碼'。 3)輸入當前加密卷的密碼。 4)更改鍵盤佈局為 English (US),通過點擊 Windows 通知欄上的語言欄和選擇 '英語(美國)'。 5)在 VeraCrypt,在新密碼位置,輸入啟動驗證密碼。 6)在確認密碼位置重複輸入密碼,之後點 '確定'. 警告:如果您採用這些步驟,請牢記,加密卷密碼總是只能以美國鍵盤佈局輸入(這樣才能在啟動驗證環境中自動匹配)。 + 系統收藏加密卷將會以啟動驗證密碼載入。如果任何系統收藏加密卷使用了不同的密碼,它將不會被載入。 + 請注意,如果您希望系統收藏加密卷不會受到常規 VeraCrypt 加密卷操作的影響(例如 "全部卸載"),您應當啟用選項 '在 VeraCrypt 中,只允許系統管理員查看和卸載系統收藏加密卷'。另外,如果 VeraCrypt 以非管理員身份運行(在 Windows Vista 和以後版本的系統中默認為非管理員身份),系統收藏加密卷將不會出現在 VeraCrypt 程式視窗的驅動盤符列表中。 + 重要:請必須記住,此選項已經啟用並且 VeraCrypt 不具有系統管理員許可權,已載入的系統收藏加密卷不會顯示在 VeraCrypt 程式視窗並且它們也不能被卸載。因此,如果您需要卸載系統收藏加密卷,請右鍵單擊 VeraCrypt 圖示(在開始功能表中),並選擇“運行方式”和選擇管理員帳戶運行。"全部卸載"、"自動卸載"、"全部卸載"熱鍵等功能也存在上面所說的限制。 + 請注意,此設置在系統重啟後才會生效。 + 解析命令行時出錯。 + 應急盤 + 選擇和載入檔(&F)... + 選擇和載入設備(&D)... + 在 VeraCrypt 中,只允許系統管理員查看和卸載系統收藏加密卷 + 在 Windows 啟動時載入系統收藏加密卷(在啟動過程的初始階段) + 警告:載入為 '%s' 的加密卷上的檔系統並未徹底卸載因此而存在錯誤。繼續使用損壞的檔系統可能會導致資料丟失或者損壞。\n\n注意:在您物理移除或卸載包含已被載入的 VeraCrypt 加密卷的設備(例如U盤或移動硬碟)之前,您應當先在 VeraCrypt 中卸載加密卷。\n\n\n您希望 Windows 系統嘗試檢測和修復可能的檔系統錯誤嗎? + 警告:一個或者多個系統收藏加密卷並沒有完全卸載,因此可能包含檔系統錯誤。請查看系統事件日誌獲取更多資訊。\n\n使用損壞的檔系統可以導致資料丟失或者資料損壞。您應當檢查受影響的收藏加密卷的磁片錯誤(在 VeraCrypt 中右鍵單擊每個打開的收藏加密卷,之後選擇 '修復檔系統')。 + 警告:使用微軟的 'chkdsk' 工具修復受損的檔系統時可能會導致受損區域的資料丟失。因此,建議您首先備份存儲在 VeraCrypt 加密卷中的檔到另外完好的加密卷。\n\n您確認現在就修復檔系統嗎? + 由於寫入許可權被拒絕,加密卷 '%s' 不得不以唯讀模式載入。\n\n請確認檔類型加密卷的安全許可允許您對其執行寫入操作(右鍵單擊此容器並選擇 屬性 > 安全)。\n\n注意,由於 Windows 的原因,您可能在設置成合適的安全屬性後還會看到這個警告,這並非是 VeraCrypt 的程式故障。一個可能的解決方法是移動您的加密卷檔,例如移動到文檔檔夾。\n\n如果您確實要保持加密卷的唯讀模式,請設置加密卷的屬性為唯讀(右鍵單擊加密盤檔並選擇屬性 > 唯讀),這樣就可以禁止顯示警告了。 + 由於寫入許可權被拒絕,加密卷 '%s' 不得不以唯讀模式載入。\n\n請確認沒有其他程式(例如,防病毒程式)正在訪問加密卷所在的分區/設備。 + 加密卷 '%s' 已被已唯讀模式載入,這是因為作業系統報告主設備為防寫狀態。\n\n請注意,在一些第三方的晶片驅動中,已有錯誤報告指出可能會造成可寫入介質錯誤的被系統報告為防寫。這個問題並不是由 VeraCrypt 造成。這可以通過更新或卸載當前系統中的任何第三方晶片組驅動(非微軟認證)。 + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d 線程 + 請注意,硬體加速 AES 已被禁用,這將會影響測試結果(使性能變差)。\n\n要啟用硬體加速,請選擇 '設置' > '性能' 並禁用相應選項。 + 請注意,線程的數目當前受限,這將會影響測試結果(使性能變差)。\n\n要利用處理器的潛能,請選擇 '設置' > '性能' 並禁用相應選項。 + 您想要 VeraCrypt 嘗試禁用此分區/設備 的防寫嗎? + 警告:此設置可能會降低性能。\n\n您確認要使用該設置嗎? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + 測試 + 密鑰文件 + Backspace + Tab + Clear + Enter + Pause + Caps Lock + Spacebar + Page Up + Page Down + End + Home + 左箭頭 + 上箭頭 + 右箭頭 + 下箭頭 + Select Key + Print Key + Execute Key + Print Screen + Insert + Delete + Applications Key + Sleep + Num Lock + Scroll Lock + Browser Back + Browser Forward + Browser Refresh + Browser Stop + Browser Search + Browser Favorites + Browser Home + Mute + Volume Down + Volume Up + Next Track + Previous Track + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Application 1 + Application 2 + Attn + CrSel + ExSel + Play + Zoom + 數位鍵盤 + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Translations/Language.zh-tw.xml b/Translations/Language.zh-tw.xml index 2208034b..606c0410 100644 --- a/Translations/Language.zh-tw.xml +++ b/Translations/Language.zh-tw.xml @@ -1,1454 +1,1454 @@ - - - - - - - - - - - - 取消 - 為所有使用者安裝(&F) - 瀏覽(&B)... - 在桌面新增 VeraCrypt 圖示(&D) - Donate now... - 副檔名 '.hc' 的檔案關聯到 VeraCrypt(&E) - 完成後開啟目標資料夾(&O) - 建立 VeraCrypt 的開始功能表項目(&S) - 建立系統還原點(&R) - 移除(&U) - 解壓縮(&E) - 安裝(&I) - VeraCrypt 安裝精靈 - 移除 VeraCrypt - 說明(&H) - 請選擇或者輸入您希望檔案解壓縮的位置: - 請選擇或者輸入您希望 VeraCrypt 程式安裝的位置。如果指定的資料夾不存在,將會被自動建立。 - 點 '移除' 從系統移除 VeraCrypt。 - 中止 - &Benchmark - 測試(&T) - Create encrypted volume and format it - Encrypt partition in place - 顯示產生的金匙(其成分) - 顯示集區內容 - 下載 CD/DVD 燒錄軟體 - Create an encrypted file container - &GB - &TB - More information - 建立隱藏的 VeraCrypt 加密區(&D) - 更多隱藏加密區的訊息 - 直接模式 - 正常模式 - KB(&K) - 使用金鑰檔(&S) - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - 金鑰檔案(&K)... - 關於雜湊演算法的更多資訊 - 更多訊息 - Information on PIM - MB(&M) - 更多訊息 - 關於系統磁區加密的更多訊息 - 更多訊息 - 多重開機 - Encrypt a non-system partition/drive - 不保留歷史記錄(&S) - 打開外層加密區 - 暫停(&P) - Use P&IM - Use PIM - 快速格式化 - 顯示密碼(&D) - &Display password - &Display PIM - 單一系統開機 - 標準 VeraCrypt 加密區 - Hi&dden - Normal - 加密系統分割區或者整個系統所在磁碟機 - 加密 Windows 系統分割區 - 加密整個磁碟機 - VeraCrypt 加密區建立精靈 - 叢集 - 重要:請在此視窗內僅可能的隨機移動滑鼠。移動時間越長越好。這將極為增強金鑰的加密強度。然後點 '下一步' 繼續。 - 確定(&C): - 完成 - Drive letter: - 加密演算法 - 檔案系統 - 在檔案內建立虛擬加密磁碟。推薦給經驗不足的使用者使用。 - 選項 - 雜湊演算法 - 首金鑰: - 剩餘 - 主金鑰: - 如果在這台電腦上裝了兩個或多個作業系統的請選擇此項。\n\n例如:\n- Windows XP 和 Windows XP\n- Windows XP 和 Windows Vista\n- Windows 和 Mac OS X\n- Windows 和 Linux\n- Windows、Linux 和 Mac OS X - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - 目前集區內容(部分) - Pass - 密碼: - 進度: - 隨機集區: - 如果只在這台電腦上裝了一個作業系統的請選擇此項(即使該系統可能有多個使用者)。 - 速度 - 狀態 - 金鑰、salt 值、以及其他資料已經成功產生。如果您希望產生新的金鑰,請點 '上一步' 然後點 '下一步' 。否則點 '下一步' 繼續。 - Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - 清除模式: - 關閉 - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - 什麼也不做 - 自動掛載 VeraCrypt 加密區(&A)(下面指定的) - 啟動 VeraCrypt(&S) - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - 瀏覽... - 瀏覽... - 在記憶體中快取密碼和金鑰檔(&A) - 無掛載的加密區時結束 - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - 包含 VeraCrypt 加密區建立精靈 - 建立 - 建立加密區(&C) - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - 使用金鑰檔 - 使用金鑰檔 - 結束(&X) - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - 指定 - 移除 - 金鑰檔案... - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - 自動掛載磁碟機(&A) - 掛載選項(&A)... - 以唯讀模式掛載加密區(&O) - 金鑰檔案... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - 啟用 - 在驅動記憶體中快取密碼 - 自動卸載加密區,在無資料讀寫活動以下時間後 - 用戶登出時 - User session locked - 進入省電模式時 - 螢幕保護裝置啟動時 - 強制自動卸載,無論加密區是否有使用中的檔案或目錄 - 掛載所有磁碟機類型 VeraCrypt 加密區 - Start VeraCrypt Background Task - 以唯讀模式掛載加密區 - 以卸除式媒體模式掛載加密區 - 為成功掛載的加密區打開瀏覽器視窗 - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - 自動卸載時清除快取的密碼 - 結束時清除快取的密碼 - Preserve modification timestamp of file containers - 重設 - 選擇磁碟機(&E)... - 選擇檔案(&F)... - Select &Library... - 顯示密碼 - 顯示密碼 - 為掛載的加密區打開檔案總管視窗(&E) - 在動態記憶體中快取密碼(&C) - TrueCrypt Mode - 全部卸載(&S) - 加密區內容(&V)... - 加密區工具(&T)... - 清除快取(&W) - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - 系統快速鍵 - VeraCrypt - 修改密碼和金鑰檔 - 輸入 VeraCrypt 加密區密碼 - VeraCrypt - Performance and Driver Options - VeraCrypt - 偏好設定 - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - VeraCrypt 攜帶版磁碟設定 - VeraCrypt 加密區內容 - 關於 VeraCrypt... - 新增或移除金鑰檔案... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - 備份加密區標頭資訊... - 基準測試... - 設定首金鑰推衍演算法... - 更改加密區密碼... - 設定首金鑰推衍演算法... - 更改密碼... - 清除加密區歷史記錄 - Close All Security Token Sessions - 聯絡作者(線上)... - Create Hidden Operating System... - 建立救援磁碟... - 建立新的加密區... - Permanently Decrypt... - 預設金鑰檔案... - Default Mount Parameters... - Donate now... - 加密系統分割區/磁碟機... - 常見問題(線上) - 使用者指南 - 首頁(線上)(&H) - 系統快速鍵... - 金鑰檔案產生器 - 語言選擇... - 法律聲明 - Manage Security Token Keyfiles... - 自動掛載全部磁碟機類型的加密區 - 掛載我的最愛加密區 - 以沒有啟動前置認證的方式掛載(&A)... - 掛載選擇的加密區 - 根據選項掛載加密區 - VeraCrypt 新聞(線上) - 線上說明(線上) - 新手上路(線上) - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - 永久解密系統分割區/磁碟機... - 偏好設定... - 重新整理磁碟機代號 - 從加密區中移除所有金鑰... - 復原加密區標頭資訊... - Resume Interrupted Process - 選擇磁碟機... - 選擇檔案... - 恢復被中斷的操作 - System Encryption... - Properties... - Settings... - System Favorite Volumes... - 下載(線上) - 向量測試... - Security Tokens... - 攜帶版磁碟設定... - 卸載全部掛載的加密區 - 卸載選擇的加密區 - 驗證救援磁碟 - Verify Rescue Disk ISO Image - 版本歷史(線上) - Volume Expander - 加密區內容 - 加密區建立精靈 - 官方網站(線上) - 清除快取的密碼 - 確定 - Hardware Acceleration - 捷徑 - 自動執行組態(autorun.inf) - 自動卸載 - 全部卸載,當: - Boot Loader Screen Options - 確定密碼: - 目前密碼 - Display this custom message in the pre-boot authentication screen (24 characters maximum): - 預設掛載選項 - 快速鍵設定 - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - 檔案設定 - 要指定的快速鍵: - Processor (CPU) in this computer supports hardware acceleration for AES: - Windows 登錄時執行的操作 - 分鐘 - 以該磁碟機代號掛載: - 掛載設定 - 新密碼 - 密碼: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - 密碼快取 - Security Options - VeraCrypt 背景工作 - 要掛載的 VeraCrypt 加密區(相對於攜帶版磁碟的根目錄): - 在插入攜帶版磁碟時: - 建立攜帶版磁碟檔案於(攜帶版磁碟根目錄): - 加密區 - Windows - 新增路徑(&P)... - 全部自動測試(&A) - &Continue - 解密(&D) - &Delete - 加密(&E) - &Export... - 產生並保存金鑰檔案... - 產生隨機金鑰檔(&G)... - 下載語言檔案 - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - 使用金鑰檔(&A) - 金鑰檔案(&K)... - 移除(&R) - 全部移除(&A) - 什麼是隱藏加密區保護? - More information on keyfiles - 掛載加密區為卸除式媒體(&M) - 在使用系統加密而沒有啟動前置認證的情況下掛載分割區(&U) - Parallelization: - 基準測試 - 列印(&P) - 向外層加密區寫入資料時保護隱藏加密區(&P) - 重設(&R) - 顯示密碼(&A) - Add &Token Files... - Use backup header embedded in &volume if available - XTS 模式 - 關於 VeraCrypt - VeraCrypt - 加密演算法基準測試 - VeraCrypt - 測試向量 - 命令列說明 - VeraCrypt - 金鑰檔案 - VeraCrypt - 金鑰檔案產生器 - VeraCrypt - 語言 - VeraCrypt - 掛載選項 - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - 選擇一個磁碟分割區或磁碟機 - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - 目前語言檔案 - 速度由 CPU 負載和存放磁碟機特性決定。\n\n這些測試在記憶體中進行。 - 緩衝區大小: - 加密: - 隱藏加密區的密碼(&A):\n(如果為空白,則使用快取) - 保護隱藏加密區 - 金鑰長度: - 重要:請在此視窗內僅可能的隨機移動滑鼠,移動時間越長越好。。這將極為增強金鑰的加密強度。 - 警告:如果您遺失了金鑰檔或者金鑰檔的前 1024 KB 位元組已改變,將不可能再掛載使用該金鑰的加密區! - 位元 - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - 翻譯人員: - 純文字密碼長度: - 位元 - 目前集區內容 - 混合 PRF: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - 次金鑰(十六進位) - Security token: - 排序方式: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - 區塊數值: - 密文(十六進位) - 資料單位數值(64 位元十六進位,資料單位大小是 512 位元組) - 金鑰(十六進位) - 明文(十六進位) - Keyfile name: - XTS 模式 - 系統(&Y) - 加密區(&V) - Favor&ites - 工具(&O) - Settin&gs - 說明(&H) - 首頁(線上)(&P) - - 關於(&A)... - 無法更改舊版本加密區的唯讀內容。請檢查檔案存取權限。 - 錯誤:存取被拒絕。\n\n您試圖要存取的磁碟分割區可能是 0 長度磁扇區,或者是啟動磁碟機。 - Administrator - 要掛載 VeraCrypt 磁碟機,您必需以一個具有管理員權限的帳戶登錄。 - 請注意您必需以一個具有管理員權限的帳戶登錄如果要加密或格式化某磁碟分割區和磁碟機。\n\n檔案類型加密區不受這個限制。 - 如果要建立隱藏的加密區,您必須以一個具有管理員權限的帳戶登錄。\n\n要繼續嗎? - 請注意您必需以一個具有管理員權限的帳戶登錄如果要把加密區格式化為 NTFS 檔案系統。\n\n如果沒有管理員權限,您可以格式化加密區為 FAT 檔案系統。 - FIPS 認可的加密演算法(Rijndael,發表於 1998)可能被美國聯邦部門和機構用來對特定資訊進行極機密等級保護。256 位元金鑰,128 位元區塊,14 次離散迴圈(AES-256)。操作模式為 XTS。 - 加密區已掛載。 - 小心:在內置自動檢測時,至少一個加密或雜湊演算法失敗了!\n\n此 VeraCrypt 安裝可能已損壞。 - 小心:在亂數產生器集區中的資料不足,無法提供要求數量的亂數資料。\n\n您不應繼續進行。請從説明功能表選擇 "報告錯誤" 來報告此軟體錯誤。 - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - 無效的磁碟機代號。 - 無效的路徑。 - 取消 - 無法存取磁碟機。請確保選中的磁碟機存在而且未被系統使用。 - 警告:Caps Lock 已開啟。這可能導致您輸入密碼錯誤。 - 加密區類型 - 有可能會發生某些人強迫您洩漏加密區密碼。有很多情況您可能無法拒絕這種要求(例如,因為暴力因素)。使用所謂的隱藏加密區可以在不洩漏隱藏加密區密碼的情況下解決這種問題。 - 選擇您希望建立一般 VeraCrypt 加密區的選項。 - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - 外層加密區加密選項 - 隱藏加密區加密選項 - 加密選項 - 警告:清除上次選擇的加密區或金鑰檔路徑失敗(檔案選擇器記憶)! - 錯誤:此容器已被檔案系統壓縮過的。VeraCrypt 不支援壓縮過的容器(要注意這是因為壓縮過的加密資料是低效能和資料冗長的)。\n\n請使用以下步驟取消壓縮: 1) 在 Windows 檔案總管中的容器上按右鍵(不是在 VeraCrypt 視窗中)。 2) 選擇 "內容"。 3) 在 "內容" 對話方塊,點 "進階"。 4) 在 "進階內容" 對話方塊,停用 "壓縮磁碟機來節省磁碟空間" 並選取 "確定"。 5) 回到 "內容" 對話方塊,點 "確定"。 - 建立加密區 %s 失敗 - %s 的大小為 %.2f 位元組 - %s 的大小為 %.2f KB - %s 的大小為 %.2f MB - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - 警告:磁碟機/磁碟分割區正被系統或應用程式使用。格式化該磁碟機/磁碟分割區可能導致資料遺失或系統不穩定。\n\n繼續進行格式化嗎? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - 錯誤:該磁碟機/磁碟分割區包含不能被卸載的檔案系統。此檔案系統可能被作業系統所使用。格式化此磁碟機/磁碟分割區很可能會導致資料損壞或者是系統不穩定。\n\n要解決此問題,我們建議您先刪除該磁碟分割區之後在不格式化的情況下重新建立這個磁碟分割區。要達成此目的,請遵照下面步驟: 1) 在 "我的電腦" 的圖示上按右鍵,然後選擇 "管理",顯示 "電腦管理" 視窗。 2) 在 "電腦管理" 視窗,選擇 "磁碟管理"。 3) 右鍵單點要加密的磁碟分割區,您可以選擇 "刪除磁碟分割","刪除磁區" 或者是 "刪除邏輯磁碟"。 4) 如果 Windows 提示要重新啟動,點 "是" 重新啟動。然後在第 5 個步驟中重複第 1 和第 2 步。 5) 右鍵單點未分配/可用空間並選擇 "新建磁碟分割","新建磁區" 或者 "新建邏輯磁碟"。 6) 在 "新建磁碟分割精靈" 或者 "新建磁區精靈" 視窗中,在 "格式化磁碟分割區" 標題的對話方塊中,選擇 "不格式化此磁碟分割區" 或者是 "不格式化此磁區"。在此精靈裡面,點 "下一步" 然後點 "完成"。 7) 要注意您現在在 VeraCrypt 中選擇的磁碟機路徑可能是錯誤的,因此,退出並重新啟動 VeraCrypt 加密區建立精靈(如果正在執行)。 8) 嘗試重新加密該設備/磁碟分割區。\n\n如果 VeraCrypt 仍然顯示加密失敗,您可以考慮建立檔案類型的容器。 - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - 警告:一些掛載的磁碟機/磁碟分割區正在使用中!\n\n忽略這些可能導致非期望的結果,包括系統不穩定。\n\n我們強烈建議您關閉所有可能正在使用此磁碟機/磁碟分割區的應用程式。 - 選定的磁碟機包含磁碟分割區。\n\n格式化該磁碟機可能會導致系統不穩定或資料遺失。您可以選擇該磁碟機的某個磁碟分割區,或者刪除該磁碟機的所有磁碟分割區,以確保 VeraCrypt 對其安全格式化。 - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - 磁碟機 %s 上的可用空間為 %.2f 位元組。 - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - 無法得到可用的磁碟機代號。 - 錯誤:找不到 VeraCrypt 磁碟機。\n\n請將檔案 "veracrypt.sys" 和 "veracrypt-x64.sys" 複製到 VeraCrypt 主應用程式(VeraCrypt.exe)所在的目錄。 - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - 錯誤:加密初始化失敗。 - 錯誤:檢測到弱強度金鑰!金鑰將被廢棄。請重試。 - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt 關鍵性錯誤 - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - 加密(&E) - 解密(&D) - 永久解密(&p) - 結束 - 請為該擴展磁碟分割區建立一個邏輯磁碟分割區,然後再試。 - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \n選擇您想要建立隱藏加密區的 VeraCrypt 加密區位置。 - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - 錯誤:無法掛載加密區。外層加密區或磁碟機正在使用中。嘗試不使用獨佔權限的掛載也同樣會失敗。 - 檔案無法被打開。 - 加密區位置 - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Note: - 恢復(&R) - 延緩(&D) - &Start - &Continue - 格式化(&F) - &Wipe - 中止格式化嗎? - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - 該系統割分割區/磁碟機已經被成功解密。 - \n\nVeraCrypt 加密區已建立並準備就緒。要建立另外的 VeraCrypt 加密區,請點 '下一步',否則請點 '結束'。 - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - VeraCrypt 加密區已成功建立。 - 加密區已建立 - 重要:請在此視窗內僅可能的隨機移動滑鼠。移動時間越長越好。這將極為增強金鑰的加密強度。然後點 '格式化' 建立加密區。 - 點 '格式化' 建立外層加密區。要知道更多訊息,請參閱文件。 - 外層加密區格式 - 隱藏加密區格式 - 加密區格式化 - 如要顯示或列印 VeraCrypt 使用者指南需要使用 Adobe Reader (或與其相容的工具)。\n\nAdobe Reader (免費軟體)下載位址: www.adobe.com\n\n您想要查看這個線上文件嗎? - 如果您選擇此選項,精靈將會先幫助您建立一個一般的 VeraCrypt 加密區,接著會繼續在裡面建立一個隱藏的 VeraCrypt 加密區。經驗不足的使用者應該總是選擇這個選項。 - 如果您選擇此選項,您將會在一個現存的 VeraCrypt 加密區內建立一個隱藏的 VeraCrypt 加密區。假設您已建立好了一個適合存放隱藏加密區的 VeraCrypt 加密區。 - 加密區建立模式 - 隱藏加密區已建立 - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - 外層加密區已成功建立並作為 %hc: 磁碟機掛載。對這個加密區,現在您應複製一些您不是真正要隱藏的看似敏感的檔案。這是讓那些強迫您洩漏密碼的人能看到的檔。您將僅對這個外層加密區洩漏密碼,而不要洩漏給他們隱藏加密區的密碼。您真正要保護的檔將被儲存在稍後建立的隱藏加密區裡。當您完成複製後,請點 '下一步',而且不要卸載此加密區。\n\n注意:點 '下一步' 後,將進行叢集圖掃描來確定連續的可用空間大小,此可用空間的結尾與加密區結尾一致。該空間將提供用來建立隱藏加密區同時也是隱藏加密區的最大容量。叢集圖掃描能夠保證外層加密區中的資料不會被隱藏加密區複寫。 - 外層加密區內容 - \n\n在下一步您將要為外層加密區(在其內將建立隱藏加密區)調整其選項。 - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - 外層加密區 - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\n外層加密區叢集圖掃描已完成,隱藏加密區最大可能大小已被確定。在下一步裡您可以調整隱藏加密區的選項、大小、和密碼。 - 隱藏加密區 - 在外層加密區卸載前隱藏加密區將處於保護之中。\n\n警告:如果有資料試圖存到隱藏加密區區域,VeraCrypt 將會開始對整個加密區(外層和隱藏加密區都是)進行寫入保護直到卸載。這也許會導致外層加密區的檔案系統損毀,這樣(如果持續下去)也許會對隱藏加密區的合理隱蔽特性有不利的影響。因此,您應該盡全力避免寫入資料到隱藏加密區區域裡。任何要被儲存到隱藏加密區區域的資料將不被保存而且會遺失!Windows 可能會報告為這是寫入錯誤("延遲寫入失敗" 或者 "參數不正確") - 在新掛載上去的外層加密區卸載前每一個隱藏加密區將處於保護之中。\n\n警告:如果有資料試圖存到任何保護的隱藏加密區區域,VeraCrypt 將會開始對整個加密區(外層和隱藏加密區都是)進行寫入保護直到卸載。這也許會導致外層加密區的檔案系統損毀,這樣(如果持續下去)也許會對隱藏加密區的合理隱蔽特性有不利的影響。因此,您應該盡全力避免寫入資料到隱藏加密區區域裡。任何要被儲存到隱藏加密區區域的資料將不被保存而且會遺失!Windows 可能會報告為這是寫入錯誤("延遲寫入失敗" 或者 "參數不正確") - 警告:資料試圖存到掛載為 %c: 加密區的隱藏加密區區域!\n\nVeraCrypt 為了保護隱藏加密區已經阻止了這些資料的儲存。這也許會導致外層加密區的檔案系統損毀而且 Windows 可能會報告為這是寫入錯誤("延遲寫入失敗" 或者 "參數不正確")。整個加密區(外層和隱藏加密區都是)將進行寫入保護直到加密區卸除為止。如果這不是 VeraCrypt 第一次避免資料寫入到隱藏加密區區域,隱藏加密區的合理隱蔽特性可能會有不利的影響(因為外層加密區的檔案系統裡可能有不正常的不一致相關)。因此,您應該考慮建立一個新的 VeraCrypt 加密區(停用快速格式化的)而且把檔案從這加密區移動到新加密區裡面;這加密區應該被安全的消除(外層和隱藏加密區都是)。我們強烈建議您現在重開作業系統。 - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - 您的電腦必須重新啟動。\n\n您希望現在重新啟動電腦嗎? - 取得系統加密狀態時出錯。 - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - 不能初始化用於系統加密的應用程式元件。 - 初始化亂數資料產生器失敗! - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - 無法初始化應用程式。註冊對話方塊類別失敗。 - Error: Failed to load the Rich Edit system library. - VeraCrypt 加密區建立精靈 - 該區能建立的最大隱藏加密區大小為 %.2f 位元組。 - 該區能建立的最大隱藏加密區大小為 %.2f KB。 - 該區能建立的最大隱藏加密區大小為 %.2f MB。 - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - 當此加密區被掛載時,加密區密碼/金鑰檔無法被更改。請先卸載此加密區。 - 當加密區被掛載時無法修改首金鑰推導演算法。請先卸載加密區。 - 掛載(&M) - 需要新版本的 VeraCrypt 來掛載此加密區。 - 錯誤:未發現加密區建立精靈。\n\n請確定檔案 "VeraCrypt Format.exe" 位於 "VeraCrypt.exe" 的目錄之中。如果不是這樣,請重新安裝 VeraCrypt,或在磁碟中確定 "VeraCrypt Format.exe" 的位置並執行它。 - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - 下一步(&N) > - 完成(&F) - 安裝(&I) - 解壓縮(&X) - 不能連接到 VeraCrypt 裝置驅動程式。如果裝置驅動程式不能執行則 VeraCrypt 也不能執行。\n\n請注意由於 Windows 問題,可能需要登出或者重啟系統才能正常載入裝置驅動程式。 - 當載入/準備字型時出錯。 - 找不到磁碟機代號或是沒有指定磁碟機代號。 - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - 磁碟機代號不可用。 - 未選定檔案! - 無可用磁碟機代號。 - 外層加密區無可用磁碟機代號!無法進行加密區建立。 - 無法檢測到作業系統的版本,或您正在使用不被支援的作業系統。 - 未選定路徑! - 建立隱藏加密區的可用空間不足!無法繼續加密區建立。 - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - 驅動程式無法卸載這個加密區。位於此加密區上某些檔案可能仍被使用中。 - 無法鎖定此加密區。此加密區上仍有些檔案被使用中。因而也無法卸載。 - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - 請選擇一個 VeraCrypt 加密區 - 指定路徑和檔案名稱 - Select PKCS #11 Library - 記憶體不足 - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - 警告:加密區 '%s' 已存在!\n\n重要:VeraCrypt 並不會加密這個檔案,而是會刪除這個檔案。您確定要刪除這個檔案並用一個新的 VeraCrypt 容器來取代它嗎? - 小心:目前儲存在 %s '%s'%s 上的所有資料將會被刪除且遺失(它們將不會被加密)!\n\n您確定要繼續格式化嗎? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - 密碼 - PIM - 設定首金鑰推衍演算法 - 新增/移除 金鑰檔案... - 從加密區中移除所有金鑰檔 - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - 要注意您的 VeraCrypt 救援磁碟仍然使用之前的加密演算法。如果您認為之前的加密演算法不安全,您應該建立一個新的 VeraCrypt 救援磁碟然後並銷毀原來的救援磁碟。\n\n您希望建立一個新的 VeraCrypt 救援磁碟嗎?要注意 VeraCrypt 將會使用之前的演算法。如果您認為之前的演算法不安全,您應該建立一片新的 VeraCrypt 救援磁碟且然後銷毀舊的。\n\n您想要建立一片新的 VeraCrypt 救援磁碟嗎? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - 金鑰檔已成功新增/移除。 - Keyfile exported. - 首金鑰推導演算法已成功設定。 - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. - 請為隱藏加密區選擇一個密碼。 - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - 請輸入外層加密區的密碼(您將在該加密區中建立隱藏加密區)。\n\n在點 '下一步' 後,VeraCrypt 會嘗試掛載此加密區。一旦加密區被掛載,將進行叢集圖掃描來確定連續的可用空間大小(如果有的話),此空間的結尾與加密區結尾一致。該區域將提供給隱藏加密區並因此會限制它的最大可能大小。叢集圖掃描是必要的,這可以確保外層加密區的資料不會被隱藏加密區複寫。 - \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - 外層加密區密碼 - 隱藏加密區密碼 - Password for Hidden Operating System - 警告:簡短密碼容易被使用暴力破解技術破解!\n\n我們建議選擇一個超過 20 個字元的密碼。\n\n您確定要使用簡短密碼嗎? - 加密區密碼 - 密碼不正確或不是 VeraCrypt 加密區。 - 金鑰 和/或 密碼不正確或不是 VeraCrypt 加密區。 - 錯誤的掛載模式,密碼不正確,或不是 VeraCrypt 加密區。 - 錯誤的掛載模式,金鑰 和/或 密碼不正確,或不是 VeraCrypt 加密區。 - 密碼不正確或不是 VeraCrypt 加密區。 - 金鑰 和/或 密碼不正確或不是 VeraCrypt 加密區 - \n\n警告:Caps Lock 已經開啟。這可能導致您密碼輸入錯誤。 - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\n注意:如果您試圖掛載位於加密的系統磁碟機中的分割區而沒有啟動前置認證的話,或者是掛載作業系統沒有執行的加密的系統分割區,您可以經由選擇 "系統" > "以沒有啟動前置認證的方式掛載" 來達到。 - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < 上一步(&B) - 無法列出安裝在系統上的原生裝置! - 加密區 "%s" 存在,而且是唯讀的。您確定要取代它嗎? - 選擇目標目錄 - 選擇金鑰檔 - 選擇金鑰檔的搜索路徑。警告:要注意記憶的只是路徑,而不會記憶檔案名! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - 設計者為 Ross Anderson、Eli Biham、和 Lars Knudsen。發表於 1998 年。256 位金鑰,128 位元資料塊。操作模式為 XTS。Serpent 為與 AES 候選演算法中的一種。 - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - 外層加密區大小 - 隱藏加密區大小 - Please verify that the size of the selected device/partition shown above is correct and click Next. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - 加密區大小 - 動態大小的 - 小心:自我檢測失敗! - 全部演算法自我檢測通過 - 您提供的資料單位數值太長或太短。 - 您提供的次金鑰太長或太短。 - 您提供的測試加密文本太長或太短。 - 您提供的測試金鑰太長或太短。 - 您提供的測試明碼文本太長或太短。 - 在 XTS 模式的串聯操作中需要兩個加密。每個區塊首先使用 %s (%d 位元金鑰)加密然後使用 %s (%d 位元金鑰)加密。每個加密使用其各自的金鑰。所有的金鑰各自獨立。 - 在 XTS 模式的串聯操作中需要三個加密。每個區塊首先以 %s (%d 位元金鑰)加密,然後以 %s (%d 位元金鑰)加密,最後以 %s (%d 位金鑰)加密。每個加密均使用其各自的金鑰。所有的金鑰均各自獨立。 - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt 攜帶版磁碟 - 設計者為 Bruce Schneie、John Kelsey、Doug Whiting、David Wagner、Chris Hall、和 Niels Ferguson。發表於 1998 年。256 位元金鑰,128 位元區塊。操作模式為 XTS。Twofish 為與 AES 候選演算法中的一種。 - 關於 %s 的更多訊息 - 未知 - An unspecified or unknown error occurred (%d). - 一些加密區包含的檔案或資料夾 正被應用程式或系統使用。\n\n強制卸載嗎? - 卸載(&D) - 卸載失敗! - 加密區包含的檔案或資料夾被應用程式或系統使用。\n\n強制卸載嗎? - No volume is mounted to the specified drive letter. - 您試圖要掛載的加密區早已經掛載了。 - 試圖掛載加密區時出錯。 - 在加密區裡定址時出錯。 - 錯誤:錯誤的加密區大小。 - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt 無法修改外層加密區的密碼。 - 請從列表中選擇一個未被使用的磁碟機代號。 - 請在磁碟機列表中選擇一個已掛載的加密區。 - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - 錯誤:無法建立 autorun.inf - 處理金鑰檔時出錯! - 處理金鑰檔路徑時出錯! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt 不支援此作業系統。 - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - 錯誤:無法配置記憶體。 - 錯誤:無法復原效能計數器的值。 - 錯誤:錯誤的加密區格式。 - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - 法律聲明 - 所有檔案 - VeraCrypt 加密區 - Library Modules - NTFS 格式化無法繼續。 - 無法掛載加密區。 - 無法卸載加密區。 - Windows 格式化為 NTFS 檔案系統格式時失敗。\n\n請選擇不同的檔案系統格式(如果可能的話)再嘗試一次。另外,您可以保留該區為未格式化區(檔案系統選擇為 "無"),結束精靈,掛載這個加密區,然後再使用系統或第三方廠商工具格式化這個已經掛載的加密區(該掛載的區仍然為加密狀態)。 - Windows 格式化為 NTFS 檔案系統格式時失敗。\n\n您希望格式化為 FAT 檔案系統格式嗎? - 預設 - partition - 磁碟分割區 - 磁碟機 - device - 磁碟機 - 加密區 - volume - VOLUME - Label - 對加密區大小而言,選擇的叢集大小太小。將使用大一些的叢集大小來取代。 - 錯誤:無法取得加密區大小資訊!\n\n請確定選擇的加密區未被系統或其他程式使用。 - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - VeraCrypt 加密區建立精靈只能在 FAT 或 NTFS 的檔案系統格式加密區內建立隱藏加密區。 - 在 Windows 2000 系統下,VeraCrypt 加密區建立精靈只能在 FAT 的檔案系統格式加密區裡面建立隱藏加密區。 - Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). - Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - 錯誤:無法存取加密區!\n\n請確定選擇的加密區存在,該加密區並未由系統或其他程式使用,同時該區未被防寫,而且具有對該區的讀寫權限。 - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - 錯誤:無法卸載外層加密區!\n\n如果加密區中的檔案或資料夾被程式或系統使用,則該加密區無法被鎖定。\n\n請關閉任何可能使用加密區上檔案或目錄的程式,然後再選取 '重試'。 - 錯誤:不能獲得外層加密區的訊息! 加密區建立不能繼續。 - 錯誤:無法存取外層加密區!加密區建立無法繼續。 - 錯誤:無法掛載外層加密區!加密區建立無法繼續。 - 錯誤:無法取得加密區叢集圖!加密區建立無法繼續。 - 按字母順序 - 按平均速度(遞減) - 演算法 - 加密 - 解密 - 平均 - 代號 - 大小 - 加密演算法 - 加密演算法 - 類型 - - 內容 - 位置 - 位元組 - 隱藏 - 外層 - 一般 - 系統 - Hidden (system) - 唯讀 - 系統磁碟機 - 系統磁碟機(正在加密 - %.2f%% 已完成) - 系統磁碟機(正在解密 - %.2f%% 已完成) - 系統磁碟機(%.2f%% 已加密) - 系統分割區 - Hidden system partition - 系統分割區(正在加密 - %.2f%% 已完成) - 系統分割區(正在解密 - %.2f%% 已完成)) - 系統分割區(%.2f%% 已加密) - 是(防止損壞!) - - Primary Key Size - Secondary Key Size (XTS Mode) - Tweak Key Size (LRW Mode) - 位元 - 區塊大小 - PKCS-5 PRF - PKCS-5 反覆運算次數 - 加密區建立時間 - 標頭資訊上次修改時間 - (%I64d 天前) - Volume Format Version - Embedded Backup Header - VeraCrypt Boot Loader Version - 最初可用的 - Removable Disk - 硬碟 - 不改變 - Autodetection - 精靈模式 - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - 設定選項 - 您可以在在這裡設定不同選項來控制安裝的過程。 - 正在安裝 - VeraCrypt 正在安裝請稍候。 - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - 解壓縮選項 - 您可以在這裡設定不同選項來控制解壓縮的過程。 - 正在解壓縮檔案請稍候。 - Files successfully extracted - 所有檔案已經被成功解壓縮到目標位置。 - 如果指定的資料夾不存在,將會自動建立該資料夾。 - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - 您想查看目前版本的 VeraCrypt 的發行公告嗎? - 如果您以前從未沒有使用過 VeraCrypt,我們建議您先閱讀 VeraCrypt 使用者指南中的 Beginner's Tutorial 章節。您想要查看教學導覽嗎? - 請從下面選擇要執行的操作: - 修復/重新安裝 - Upgrade - 移除 - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - 安裝失敗。 - 移除失敗。 - 這發行包裝檔已經損壞。請試著再下載一次(最好從 VeraCrypt 官方網站 https://veracrypt.codeplex.com 下載)。 - 不能寫入檔案 %s - 正在解壓縮 - 不能從包裝檔中讀取資料 - 不能驗證發行包裝檔的完整性。 - 解壓縮失敗。 - 安裝已經被返回。 - VeraCrypt 已成功安裝。 - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt 已成功移除。\n\n點 "完成" 來移除 VeraCrypt 安裝程式和資料夾 %s。要注意如果該資料夾中含有非安裝程式建立的檔案,則該資料夾不會被移除。 - 正在移除 VeraCrypt 登錄檔項目。 - 正在新增登錄檔項目 - 正在刪除程式相關資料 - 正在安裝 - 正在停止 - 正在刪除 - 新增圖示 - 建立系統還原點 - 建立系統還原點失敗! - Updating boot loader - "%s" 的安裝已失敗。 %s 您想要繼續安裝嗎? - "%s" 的移除已失敗。 %s 您想要繼續移除嗎? - 安裝完成。 - 資料夾 "%s" 無法被建立 - 無法卸載 VeraCrypt 裝置驅動程式。\n\n請先關閉所有使用中的 VeraCrypt 視窗。如果這樣仍然沒有作用,請重新啟動電腦然後再試一次。 - 在安裝或者移除 VeraCrypt 之前必須先要卸載所有的 VeraCrypt 加密區。 - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - 安裝註冊表項目失敗 - 安裝裝置驅動程式失敗。請重新啟動電腦後再嘗試安裝 VeraCrypt。 - 正在啟動 VeraCrypt 裝置驅動程式 - 裝置驅動程式的移除已失敗。請注意,由於 Windows 問題,在設定裝置驅動程式能夠被移除(或重新安裝)前可能需要登出或者重新啟動系統。 - 正在安裝 VeraCrypt 裝置驅動程式 - 正在停止 VeraCrypt 裝置驅動程式 - 正在移除 VeraCrypt 裝置驅動程式 - 註冊使用者帳戶控制項支援函式庫失敗。 - 反註冊使用者帳戶控制項支援函式庫失敗。 - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - 錯誤:不能顯示授權聲明。 - 外層(!) - - 小時 - 分鐘 - - 打開 - 卸載 - 顯示 VeraCrypt - 隱藏 VeraCrypt - 掛載以來讀取的資料 - 掛載以來寫入的資料 - 加密成分 - 100% (完全加密) - 0% (未加密) - %.3f%% - 100% - 正在等待 - Preparing - Resizing - 正在加密 - 正在解密 - Finalizing - 已暫停 - 已完成 - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - 為 %s 輸入密碼 - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - 金鑰檔已成功建立。 - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - 加密區標頭資訊備份已經成功建立。\n\n重要:使用復原功能復原時也會復原目前加密區的密碼。此外,如果建立加密區的時候使用了金鑰檔,復原後也需要同樣的金鑰檔來打開加密區。\n\n警告:該加密區標頭資訊備份只能用在這個提供備份的加密區上。如果您把該標頭資訊備份復原到其他加密區,您可能能夠打開加密區,但是您將無法解密儲存在加密區的任何資料(這是因為您已經改變了加密區的主金鑰)。 - 加密區標頭資訊備份已經成功復原。\n\n重要:請注意舊密碼也同樣被復原了。此外,備份時如果需要金鑰檔來掛載加密區,復原後也需要同樣的金鑰檔。 - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - 您確定要復原加密區 %s 的標頭資訊嗎?\n\n警告:復原加密區標頭資訊也會復原在建立備份時有效的密碼。此外,如果在備份時需要使用金鑰檔掛載加密區,那麼在標頭資訊復原後,仍然需要同樣的金鑰檔。\n\n在您選取 '是' 之後,您將會選擇標頭資訊備份檔案。 - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - 您正在嘗試備份系統分割區/磁碟機的標頭訊息。這是不被允許的。對於系統分割區/磁碟機標頭訊息的備份/恢復操作只能經由使用 VeraCrypt 救援磁碟來進行。\n\n您希望建立 VeraCrypt 救援磁碟嗎? - 您正在嘗試恢復虛擬 VeraCrypt 加密區的標頭訊息但是您選擇的是系統分割區/磁碟機。這是不被允許的。 對於系統分割區/磁碟機標頭訊息的備份/恢復只能經由使用 VeraCrypt 救援磁碟來進行。\n\n您希望建立 VeraCrypt 救援磁碟嗎? - 在點 '確定' 後,您將會選擇新的 VeraCrypt 救援磁碟 ISO 影像檔案的檔案名稱和您要存放位置。 - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - 請插入 VeraCrypt 救援磁碟到 CD/DVD 光碟機並點選 '確定' 開始驗證。 - VeraCrypt 救援磁碟已經被成功驗證。 - 無法驗證救援磁碟已被正確燒錄。\n\n如果您已經燒錄了救援磁碟,請退出後重新插入 CD/DVD;然後再試一次。如果沒有用,請嘗試使用其他 CD/DVD 燒錄軟體或光碟片。\n\n如果您嘗試驗證一個為不同的主金鑰、密碼、salt 值、等建立的 VeraCrypt 救援磁碟,請注意這樣的救援磁碟永遠無法通過驗證。要建立一個新的和目前組態完全相容的救援磁碟,請選擇 "系統" > "建立救援磁碟"。 - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - 建立 VeraCrypt 救援磁碟時失敗。 - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - 在操作前請卸載加密區。 - 錯誤:不能設定計時器。 - 檢查檔案系統 - 修正檔案系統 - Add to Favorites... - Add to System Favorites... - P&roperties... - 隱藏加密區已被保護 - N/A - - - Disabled - 1 - 2 或更多 - 操作模式 - Label: - Size: - Path: - Drive Letter: - 錯誤:密碼必須只包含 ASCII 字元。\n\n密碼中的非 ASCII 字元可能會導致當作業系統組態改變時加密區無法掛載。\n\n允許使用以下字元:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - 警告:密碼中包含非 ASCII 字元。可能會導致當作業系統組態改變時加密區無法掛載。\n\n您應該使用 ASCII 字元取代密碼中的非 ASCII 字元。如要這樣做,請選取 "加密區" -> "修改加密區密碼"\n\n以下字元為 ASCII 字元:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - 首頁(線上) - 警告:看起來您還沒有安裝任何 Windows 作業系統的修正檔案。您不應該向未安裝 SP1 或更新的修正檔案的 Windows XP 系統中大於 128 GB 的 IDE 硬碟寫入資料!如果這樣做了,磁碟上的資料(不論是否為 VeraCrypt 加密區)可能會損壞。要注意這是 Windows 作業系統的限制,而不是 VeraCrypt 的錯誤。 - 警告:看起來您的 Windows 2000 系統還未安裝 SP3 或更新的修正檔案。您不應該向這個系統中大於 128 GB 的 IDE 硬碟寫入資料!如果這樣做了,磁碟上的資料(不論是否為 VeraCrypt 加密區)可能會損壞。要注意這是 Windows 作業系統的限制,而不是 VeraCrypt 的錯誤。\n\n注意:您也需在註冊表裡啟用 48-位元 LBA 支援;更多資訊,請參考 http://support.microsoft.com/kb/305098/EN-US - 警告:您的系統不支援 48-位元 LBA ATAPI。因此,您將不能寫入到超過 128GB 容量的 IDE 磁碟!如果您仍然堅持這樣做,磁碟上的資料(不論其是否為 VeraCrypt 加密區)將會損壞。要注意這是 Windows 系統的限制,不是 VeraCrypt 軟體的限制。\n\n要啟用 48-位元 LBA 支援,請在註冊表的 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters 下增加一個 "EnableBigLba" 鍵值並設定其值為 1。\n\n更多訊息請參考 http://support.microsoft.com/kb/305098 - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - 警告:如果您想以後在外層加密區中新增更多的資料或檔案,您應該考慮為隱藏加密區選擇一個小一點的大小。\n\n您確定要以指定的大小繼續嗎? - 未選擇加密區。\n\n選取 "選擇磁碟機..." 或 "選擇檔案..." 來選擇 VeraCrypt 加密區。 - 沒有選擇分割區。\n\n點 "選擇磁碟機" 來選擇一個通常需要啟動前置認證的卸載的分割區(例如,一個位於其他沒有在執行作業系統的加密的系統磁碟機上的分割區,或是另外一個作業系統的加密的系統分割區)。\n\n注意:選擇的分割區將會以一般 VeraCrypt 加密區的方式掛載而沒有啟動前置認證。這會舉例來說在備份或修復的操作上比較有用。 - 警告:如果預設的金鑰檔被設定和啟用後,就無法掛載不使用該金鑰檔的加密區。因此,在啟用預設的金鑰檔之後,每當掛載加密區時記得不要勾選 "使用金鑰檔" 核取方塊(在輸入密碼欄位下方)。您確定保存選定的金鑰檔/路徑作為預設值嗎? - 自動掛載磁碟機 - 全部卸載 - 清除快取 - Dismount All & Wipe Cache - 強制全部卸載並清除快取 - 強制全部卸載清除快取並結束程式 - 掛載我的最愛加密區 - 顯示/隱藏 VeraCrypt 主視窗 - (點這裡並按下某個鍵盤按鍵) - 操作 - 捷徑 - 錯誤:該快速鍵為系統保留快速鍵,請選擇其他的。 - 錯誤:快速鍵已被使用。 - 警告:一個或多個 VeraCrypt 作用於系統範圍的快速鍵無法使用!\n\n請確定 VeraCrypt 的這些快速鍵沒有被其他程式或作業系統使用。 - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - 警告:如果此選項被停用,包含使用中的檔案/目錄 的加密區將無法自動卸載。\n\n您確定要停用這個選項嗎? - 警告:包含使用中的檔案/目錄的加密區將無法自動卸載。\n\n要防止這種情況,在對話方塊視窗中啟用以下選項:"強制自動卸載,不論加密區是否包含使用中的檔案或目錄" - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - 您已經排定了加密或解密系統分割區/磁碟機的操作。但該項操作尚未完成。\n\n您希望現在開始(恢復)該項操作嗎? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - 您已經排定了加密或解密系統分割區/磁碟機的操作。然而,啟動前置認證已失敗(或被繞過)。\n\n注意:如果您在啟動前置認證環境中解密了系統分割區/磁碟機,您也許需要經由在 VeraCrypt 主視窗選單中選擇 "系統" > "永久解密系統分割區/磁碟機" 來完成最後的操作。 - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - 結束嗎? - VeraCrypt 沒有足夠的訊息確定是否加密還是解密了。 - VeraCrypt 沒有足夠的訊息確定是否加密還是解密了。\n\n注意:如果您在啟動前置認證環境中解密了系統分割區/磁碟機,您也許需要經由點 '解密' 來完成最後的操作。 - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - 您想要中斷和延緩對系統分割區/磁碟機的加密操作嗎?\n\n注意:您以後也可以從中斷點恢復操作。您可以這樣做,舉例來說,經由在 VeraCrypt 主視窗選單中選擇 "系統" > "恢復被中斷的操作"。如果您想永久終止或返回加密操作,選擇 "系統" > "永久解密系統分割區/磁碟機..."。 - 您想要中斷和延緩對系統分割區/磁碟機的解密操作嗎?\n\n注意:您以後也可以從中斷點恢復操作。您可以這樣做,舉例來說,經由在 VeraCrypt 主視窗選單中選擇 "系統" > "恢復被中斷的操作"。如果您想返回解密操作(並開始加密),選擇 "系統" > "加密系統分割區/磁碟機..."。 - 錯誤:中斷加密/解密系統分割區/磁碟機的操作失敗。 - Error: Failed to interrupt the process of wiping. - 錯誤:恢復加密/解密系統分割區/磁碟機的操作失敗。 - Error: Failed to start the process of wiping. - 解決不一致性。\n\n\n(如果您報告錯誤與這個有關,請在報告中包含下面技術訊息: %hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - 警告:VeraCrypt 背景工作已停用。在您結束 VeraCrypt 後,如果對隱藏加密區的損壞被阻止時,您也將無法得到提示。\n\n注意:您可以隨時在 VeraCrypt 的圖示按右鍵並選擇 "結束" 來停止背景工作。\n\n\n您要啟用 VeraCrypt 背景工作嗎? - 語言檔案版本: %s - 正在檢測掛載為 %s 的 VeraCrypt 加密區的檔案系統... - 正在試圖修正掛載為 %s 的 VeraCrypt 加密區的檔案系統... - 警告:該加密區使用了被保留的加密演算法。\n\n所有 64 位元區塊加密演算法(Blowfish,CAST-128 和 Triple DES)已經逐漸不再被使用了。雖然該加密區在以後版本的 VeraCrypt 可能會被掛載。然而以後不會針對這些被保留演算法採取一些改善措施。我們建議您建立一個使用 128 位元區塊加密演算法的 Veracrypt 加密區(如:AES,Serpent,Twofish,等等)並把使用舊演算法的加密區裡面的檔案移動到新的加密區裡面去。 - 您的系統未被設置為自動掛載新加密區。因此也不可能掛載磁碟機類型的加密區。自動卸載可以在執行下列命令後重啟系統來啟用。\n\n\nmountvol.exe /E - 請在繼續前為該磁碟機/磁碟分割區指定一個代號("控制台" > "系統和維護" > "管理工具" - "建立和格式化磁碟分割區")。\n\n要注意這些是作業系統所需要的。 - 掛載 VeraCrypt 加密區 - 卸除所有 VeraCrypt 加密區 - VeraCrypt 取得系統管理員權限失敗。 - 已被作業系統拒絕存取。\n\n可能原因:作業系統要求您對某些資料夾、檔案、和磁碟機具有讀寫權限(或管理權限),以便您能夠從其中讀寫資料。通常情況下,非系統管理員只允許在他自己的檔案資料夾中建立、讀取和修改檔案。 - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - VeraCrypt 開機管理程式需要至少 32 KBytes 的可用空間在系統磁碟機的一開始部分(VeraCrypt 開機管理程式需要被存到那空間)。不幸的,您得磁碟機沒有滿足此條件。\n\n請不要報告這錯誤/問題給 VeraCrypt。要解決這問題,您將需要重新分割您的磁碟機並保留前 32 KBytes 空間可用(在大部分的情況下,您將需要刪除並重新建立第一個分割區),我們建議您可以使用微軟的磁碟分割管理那是舉例來說當您正在安裝 Windows 時可以用的。 - 此功能不支援目前您正在使用的作業系統版本。 - VeraCrypt 不支援在您目前使用的作業系統版本的系統分割區/磁碟機的加密。 - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - 您的系統磁碟機具有 GUID 磁碟分割表(GPT)。目前,只支援有 MBR 的磁碟分割表。 - 小心:VeraCrypt 開機管理程式已經安裝到了您的系統磁碟機上!\n\n這可能在您的電腦上已經加密了另外一個系統。\n\n警告:繼續加密目前執行的系統可能會導致其他系統不可能啟動或導致資料無法存取。\n\n您確定要繼續嗎? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - 原來的系統開機管理程式將不會保存到救援磁碟上(可能原因:備份檔案遺失) - 寫入 MBR 磁扇區時失敗。\n\n您的 BIOS 可能設定為保護 MBR 磁扇區。檢查您的 BIOS 設定(啟動電腦後按 F2,Delete,或 Esc)中的 MBR/防毒保護。 - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - 您的系統分割區/磁碟機似乎已被完全加密了。 - VeraCrypt 並不支援加密一個被轉換成動態大小的磁碟的系統磁碟機。 - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - 您想要用加密系統分割區取代整個磁碟機嗎?\n\n要注意您可以在磁碟機上建立任何非系統分割區的分割區為主的 VeraCrypt 加密區(除了加密系統分割區)。 - 由於您的系統磁碟機僅包含一個佔據整個磁碟機的分割區,適合(更安全)加密整個磁碟機包含通常位於這樣分割區周圍沒用到的閒置空間。\n\n您希望加密整個系統磁碟機嗎? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - 此演算法目前不支援系統加密。 - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - >警告:VeraCrypt 不能回復原始鍵盤配置。這可能導致您輸入不正確的密碼。 - 錯誤:不能設定 VeraCrypt 鍵盤配置為標準美式鍵盤配置。\n\n要注意在啟動前置環境(Windows 啟動前)需要輸入密碼,這時非標準美式鍵盤配置是無法使用的。因此,密碼必須總是使用標準美式鍵盤配置輸入。 - 由於 VeraCrypt 暫時改變鍵盤配置為標準美式鍵盤配置,目前在按下右 ALT 鍵的情況下是不可能經由按鍵盤輸入字元。然而,您可以在按下 Shift 鍵的時候經由按適當鍵輸入大多數的字元。 - VeraCrypt 阻止了對鍵盤配置的修改 - 注意:在啟動前置環境(Windows 啟動前)需要輸入密碼,這時非標準美式鍵盤配置是無法使用的。因此,密碼必須總是使用標準美式鍵盤配置輸入。然而,重要的是要注意您不需要真的使用美式鍵盤。VeraCrypt 在您沒有真的美式鍵盤的情況下也能夠自動的保證您能夠安全的輸入密碼(現在和在啟動前置環境)。 - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - 錯誤:不能儲存系統加密設定。 - 不能初始化系統加密預先測試。 - Cannot initiate the process of creation of the hidden operating system. - 清除模式 - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - 無(最快) - 1-pass (random data) - 3 次複寫(美國國防部 5220.22-M 演算法) - 7 次複寫(美國國防部 5220.22-M 演算法) - 35-pass ("Gutmann") - 256-pass - 作業系統數目 - 警告:經驗不足的使用者從不應該試圖在多重開機的組態設定下加密 Windows。\n\n要繼續嗎? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - 啟動磁碟機 - 目前執行的作業系統安裝到了啟動磁碟機上了嗎?\n\n注意:有時,Windows 可能沒有跟 Windows 開機管理程式(啟動分割區)安裝在同一個磁碟機上。如果是這種情況,選擇 "否"。 - VeraCrypt 目前不支援加密不是從安裝作業系統磁碟機開機的作業系統。 - 系統磁碟機數目 - 有多少個磁碟機含有作業系統?\n\n注意:舉例來說,您在主要的磁碟機上安裝了作業系統(例如 Windows,Mac OS X,Linux,等等)又在第二個磁碟機上安裝了額外的作業系統,就選擇 "2 或更多"。 - VeraCrypt 目前不支援對整個包含多個作業系統磁碟機的加密。\n\n可能的解決方法:\n\n- 您可以回上一步並選只加密單一系統分割區(相對於去選加密整個系統磁碟機)。\n\n- 另外,如果把磁碟機中的其他系統移到其他的磁碟機只保留一個系統的話您將可以加密整個磁碟機。 - 多個系統在單一磁碟機中 - 在目前執行的作業系統所安裝的磁碟機中,是否包含其他任何的作業系統?\n\n注意:例如目前執行的作業系統安裝在磁碟機 #0,該磁碟機包含了幾個分割區,其中一個分割區安裝 Windows 系統,而另一個分割區安裝了額外任何的作業系統(例如 Windows,Mac OS X,Linux,等等),選擇 "是"。 - 非 Windows 的開機管理程式 - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - 多重開機 - VeraCrypt 目前不支援是在主要啟動磁區中安裝非 Windows 的開機管理程式的多重開機組態設定。\n\n可能的解決辦法:\n\n- 如果您使用了一個啟動管理程式來開啟 Windows 和 Linux,把啟動管理程式(一般來說,GRUB)從主要啟動磁區移到一個分割區上。然後再啟動精靈來加密系統分割區/磁碟機。注意:VeraCrypt 開機管理程式將會成為主要的啟動管理程式,而且會允許您把原來的啟動管理程式(例如 GRUB)作為第二啟動管理程式來執行(經由在 VeraCrypt 開機管理程式畫面按下 'ESC' 鍵),因此您仍然可以開啟 Linux。 - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - 正在檢測隱藏磁扇區 - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - 要加密的區域 - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - 正在蒐集隨機資料 - 金鑰已經產生 - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - 正在燒錄救援磁碟 - 救援磁碟已建立 - 系統加密預先測試 - 救援磁碟已驗證 - \nVeraCrypt 救援磁碟已被成功驗證。請現在從光碟機中移除救援磁碟並把它存放到安全的地方。\n\n點 '下一步' 繼續。 - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - 警告:由於啟動前置環境的技術限制,VeraCrypt 在啟動前置環境(例如 Windows 啟動前)顯示的文字不能被本地化。VeraCrypt 開機管理程式的使用者介面完全是英文的。\n\n要繼續嗎? - 在加密系統分割區或磁碟機之前,VeraCrypt 需要驗證每個環節都正確無誤。\n\n在點 '測試' 以後,所有必須的元件(例如,啟動前置認證元件,如 VeraCrypt 開機管理程式)將會被安裝而且您的電腦將會重新開機。然後您需要在 Windows 開啟前的 VeraCrypt 開機管理程式畫面輸入您的密碼。在 Windows 開啟後,您將會被自動通知預先測試的結果。\n\n以下的裝置將會被修改:磁碟機 #%d\n\n\n如果您現在點 '取消',將不會安裝任何東西而且預先測試將不會被執行。 - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - 預先測試已經完成 - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - 您要取消系統加密預先測試嗎? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - 系統分割區/磁碟機看起來並未加密(即沒有部分也沒有完全加密)。 - 您的系統分割區/磁碟機已加密(部分或完全加密)。\n\n請在繼續進行之前解密這個系統分割區/磁碟機。要這樣做,在 VeraCrypt 主視窗的選單中,選擇 "系統" > "永久解密系統分割區/磁碟機"。 - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - 您的系統分割區/磁碟機正在被加密,解密,不然就是被修改。請在繼續操作前中斷這個加密/解密/修改的操作(或一直等到它完成)。 - 已經有 VeraCrypt 加密區建立精靈的執行實例在執行,而且正在執行對系統分割區/磁碟機的加密/解密操作。在您操作前,請等它完成或者將它關閉。如果您無法關閉它,請在繼續操作前重新啟動電腦。 - 加密或解密系統分割區/磁碟機的操作尚未完成。請等到它操作完成。 - 錯誤:加密分割區/磁碟機的操作尚未完成。那必須要先完成。 - Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - 錯誤:不正確/無效的參數。 - 您已經選擇了一個分割區或者磁碟機,但是您選擇的精靈模式只適用檔案型容器。\n\n您希望改變精靈模式嗎? - 您想改為建立 VeraCrypt 檔案型容器嗎? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - 您確認要永久解密系統分割區/磁碟機嗎? - 小心:如果您永久解密系統分割區/磁碟機,所有未加密資料將會寫到它上面。\n\n您真的確定要永久解密系統分割區/磁碟機嗎? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - 如果您遭遇任何前面描述的問題,先解密該分割區/磁碟機(如果它已經加密)並試著使用一種非串聯加密演算法對它再次加密(例如 AES)。 - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - VeraCrypt 開機管理程式已經更新。\n\n強烈建議您建立一片新的 VeraCrypt 救援磁碟(那將包含新版的 VeraCrypt 開機管理程式)經由選擇 "系統" > "建立救援磁碟" 在您重新啟動電腦之後。 - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - 更新 VeraCrypt 開機管理程式失敗。 - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - 警告:看來 VeraCrypt 已經試著檢測過這個系統磁碟機上的隱藏磁扇區。如果您在上次檢測過程中遭遇任何問題,您現在可以經由跳過隱藏磁扇區的檢測來避免這些問題。要注意如果您這樣做,VeraCrypt 將會使用作業系統回報的大小(那也許會小於真實磁碟機的大小)。\n\n要注意這問題並不是 VeraCrypt 的錯誤引起的。 - 跳過隱藏磁扇區的檢測(使用作業系統回報的大小) - 嘗試再次檢測隱藏磁扇區 - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - 救援磁碟 - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - 測試 - 金鑰檔案 - Backspace - Tab - Clear - Enter - Pause - Caps Lock - Spacebar - Page Up - Page Down - End - Home - - - - - Select Key - Print Key - Execute Key - Print Screen - Insert - Delete - Applications Key - Sleep - Num Lock - Scroll Lock - Browser Back - Browser Forward - Browser Refresh - Browser Stop - Browser Search - Browser Favorites - Browser Home - Mute - Volume Down - Volume Up - Next Track - Previous Track - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Application 1 - Application 2 - Attn - CrSel - ExSel - Play - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + 取消 + 為所有使用者安裝(&F) + 瀏覽(&B)... + 在桌面新增 VeraCrypt 圖示(&D) + Donate now... + 副檔名 '.hc' 的檔案關聯到 VeraCrypt(&E) + 完成後開啟目標資料夾(&O) + 建立 VeraCrypt 的開始功能表項目(&S) + 建立系統還原點(&R) + 移除(&U) + 解壓縮(&E) + 安裝(&I) + VeraCrypt 安裝精靈 + 移除 VeraCrypt + 說明(&H) + 請選擇或者輸入您希望檔案解壓縮的位置: + 請選擇或者輸入您希望 VeraCrypt 程式安裝的位置。如果指定的資料夾不存在,將會被自動建立。 + 點 '移除' 從系統移除 VeraCrypt。 + 中止 + &Benchmark + 測試(&T) + Create encrypted volume and format it + Encrypt partition in place + 顯示產生的金匙(其成分) + 顯示集區內容 + 下載 CD/DVD 燒錄軟體 + Create an encrypted file container + &GB + &TB + More information + 建立隱藏的 VeraCrypt 加密區(&D) + 更多隱藏加密區的訊息 + 直接模式 + 正常模式 + KB(&K) + 使用金鑰檔(&S) + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + 金鑰檔案(&K)... + 關於雜湊演算法的更多資訊 + 更多訊息 + Information on PIM + MB(&M) + 更多訊息 + 關於系統磁區加密的更多訊息 + 更多訊息 + 多重開機 + Encrypt a non-system partition/drive + 不保留歷史記錄(&S) + 打開外層加密區 + 暫停(&P) + Use P&IM + Use PIM + 快速格式化 + 顯示密碼(&D) + &Display password + &Display PIM + 單一系統開機 + 標準 VeraCrypt 加密區 + Hi&dden + Normal + 加密系統分割區或者整個系統所在磁碟機 + 加密 Windows 系統分割區 + 加密整個磁碟機 + VeraCrypt 加密區建立精靈 + 叢集 + 重要:請在此視窗內僅可能的隨機移動滑鼠。移動時間越長越好。這將極為增強金鑰的加密強度。然後點 '下一步' 繼續。 + 確定(&C): + 完成 + Drive letter: + 加密演算法 + 檔案系統 + 在檔案內建立虛擬加密磁碟。推薦給經驗不足的使用者使用。 + 選項 + 雜湊演算法 + 首金鑰: + 剩餘 + 主金鑰: + 如果在這台電腦上裝了兩個或多個作業系統的請選擇此項。\n\n例如:\n- Windows XP 和 Windows XP\n- Windows XP 和 Windows Vista\n- Windows 和 Mac OS X\n- Windows 和 Linux\n- Windows、Linux 和 Mac OS X + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + 目前集區內容(部分) + Pass + 密碼: + 進度: + 隨機集區: + 如果只在這台電腦上裝了一個作業系統的請選擇此項(即使該系統可能有多個使用者)。 + 速度 + 狀態 + 金鑰、salt 值、以及其他資料已經成功產生。如果您希望產生新的金鑰,請點 '上一步' 然後點 '下一步' 。否則點 '下一步' 繼續。 + Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + 清除模式: + 關閉 + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + 什麼也不做 + 自動掛載 VeraCrypt 加密區(&A)(下面指定的) + 啟動 VeraCrypt(&S) + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + 瀏覽... + 瀏覽... + 在記憶體中快取密碼和金鑰檔(&A) + 無掛載的加密區時結束 + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + 包含 VeraCrypt 加密區建立精靈 + 建立 + 建立加密區(&C) + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + 使用金鑰檔 + 使用金鑰檔 + 結束(&X) + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + 指定 + 移除 + 金鑰檔案... + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + 自動掛載磁碟機(&A) + 掛載選項(&A)... + 以唯讀模式掛載加密區(&O) + 金鑰檔案... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + 啟用 + 在驅動記憶體中快取密碼 + 自動卸載加密區,在無資料讀寫活動以下時間後 + 用戶登出時 + User session locked + 進入省電模式時 + 螢幕保護裝置啟動時 + 強制自動卸載,無論加密區是否有使用中的檔案或目錄 + 掛載所有磁碟機類型 VeraCrypt 加密區 + Start VeraCrypt Background Task + 以唯讀模式掛載加密區 + 以卸除式媒體模式掛載加密區 + 為成功掛載的加密區打開瀏覽器視窗 + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + 自動卸載時清除快取的密碼 + 結束時清除快取的密碼 + Preserve modification timestamp of file containers + 重設 + 選擇磁碟機(&E)... + 選擇檔案(&F)... + Select &Library... + 顯示密碼 + 顯示密碼 + 為掛載的加密區打開檔案總管視窗(&E) + 在動態記憶體中快取密碼(&C) + TrueCrypt Mode + 全部卸載(&S) + 加密區內容(&V)... + 加密區工具(&T)... + 清除快取(&W) + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - 系統快速鍵 + VeraCrypt + 修改密碼和金鑰檔 + 輸入 VeraCrypt 加密區密碼 + VeraCrypt - Performance and Driver Options + VeraCrypt - 偏好設定 + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + VeraCrypt 攜帶版磁碟設定 + VeraCrypt 加密區內容 + 關於 VeraCrypt... + 新增或移除金鑰檔案... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + 備份加密區標頭資訊... + 基準測試... + 設定首金鑰推衍演算法... + 更改加密區密碼... + 設定首金鑰推衍演算法... + 更改密碼... + 清除加密區歷史記錄 + Close All Security Token Sessions + 聯絡作者(線上)... + Create Hidden Operating System... + 建立救援磁碟... + 建立新的加密區... + Permanently Decrypt... + 預設金鑰檔案... + Default Mount Parameters... + Donate now... + 加密系統分割區/磁碟機... + 常見問題(線上) + 使用者指南 + 首頁(線上)(&H) + 系統快速鍵... + 金鑰檔案產生器 + 語言選擇... + 法律聲明 + Manage Security Token Keyfiles... + 自動掛載全部磁碟機類型的加密區 + 掛載我的最愛加密區 + 以沒有啟動前置認證的方式掛載(&A)... + 掛載選擇的加密區 + 根據選項掛載加密區 + VeraCrypt 新聞(線上) + 線上說明(線上) + 新手上路(線上) + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + 永久解密系統分割區/磁碟機... + 偏好設定... + 重新整理磁碟機代號 + 從加密區中移除所有金鑰... + 復原加密區標頭資訊... + Resume Interrupted Process + 選擇磁碟機... + 選擇檔案... + 恢復被中斷的操作 + System Encryption... + Properties... + Settings... + System Favorite Volumes... + 下載(線上) + 向量測試... + Security Tokens... + 攜帶版磁碟設定... + 卸載全部掛載的加密區 + 卸載選擇的加密區 + 驗證救援磁碟 + Verify Rescue Disk ISO Image + 版本歷史(線上) + Volume Expander + 加密區內容 + 加密區建立精靈 + 官方網站(線上) + 清除快取的密碼 + 確定 + Hardware Acceleration + 捷徑 + 自動執行組態(autorun.inf) + 自動卸載 + 全部卸載,當: + Boot Loader Screen Options + 確定密碼: + 目前密碼 + Display this custom message in the pre-boot authentication screen (24 characters maximum): + 預設掛載選項 + 快速鍵設定 + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + 檔案設定 + 要指定的快速鍵: + Processor (CPU) in this computer supports hardware acceleration for AES: + Windows 登錄時執行的操作 + 分鐘 + 以該磁碟機代號掛載: + 掛載設定 + 新密碼 + 密碼: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + 密碼快取 + Security Options + VeraCrypt 背景工作 + 要掛載的 VeraCrypt 加密區(相對於攜帶版磁碟的根目錄): + 在插入攜帶版磁碟時: + 建立攜帶版磁碟檔案於(攜帶版磁碟根目錄): + 加密區 + Windows + 新增路徑(&P)... + 全部自動測試(&A) + &Continue + 解密(&D) + &Delete + 加密(&E) + &Export... + 產生並保存金鑰檔案... + 產生隨機金鑰檔(&G)... + 下載語言檔案 + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + 使用金鑰檔(&A) + 金鑰檔案(&K)... + 移除(&R) + 全部移除(&A) + 什麼是隱藏加密區保護? + More information on keyfiles + 掛載加密區為卸除式媒體(&M) + 在使用系統加密而沒有啟動前置認證的情況下掛載分割區(&U) + Parallelization: + 基準測試 + 列印(&P) + 向外層加密區寫入資料時保護隱藏加密區(&P) + 重設(&R) + 顯示密碼(&A) + Add &Token Files... + Use backup header embedded in &volume if available + XTS 模式 + 關於 VeraCrypt + VeraCrypt - 加密演算法基準測試 + VeraCrypt - 測試向量 + 命令列說明 + VeraCrypt - 金鑰檔案 + VeraCrypt - 金鑰檔案產生器 + VeraCrypt - 語言 + VeraCrypt - 掛載選項 + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + 選擇一個磁碟分割區或磁碟機 + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + 目前語言檔案 + 速度由 CPU 負載和存放磁碟機特性決定。\n\n這些測試在記憶體中進行。 + 緩衝區大小: + 加密: + 隱藏加密區的密碼(&A):\n(如果為空白,則使用快取) + 保護隱藏加密區 + 金鑰長度: + 重要:請在此視窗內僅可能的隨機移動滑鼠,移動時間越長越好。。這將極為增強金鑰的加密強度。 + 警告:如果您遺失了金鑰檔或者金鑰檔的前 1024 KB 位元組已改變,將不可能再掛載使用該金鑰的加密區! + 位元 + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + 翻譯人員: + 純文字密碼長度: + 位元 + 目前集區內容 + 混合 PRF: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + 次金鑰(十六進位) + Security token: + 排序方式: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + 區塊數值: + 密文(十六進位) + 資料單位數值(64 位元十六進位,資料單位大小是 512 位元組) + 金鑰(十六進位) + 明文(十六進位) + Keyfile name: + XTS 模式 + 系統(&Y) + 加密區(&V) + Favor&ites + 工具(&O) + Settin&gs + 說明(&H) + 首頁(線上)(&P) + + 關於(&A)... + 無法更改舊版本加密區的唯讀內容。請檢查檔案存取權限。 + 錯誤:存取被拒絕。\n\n您試圖要存取的磁碟分割區可能是 0 長度磁扇區,或者是啟動磁碟機。 + Administrator + 要掛載 VeraCrypt 磁碟機,您必需以一個具有管理員權限的帳戶登錄。 + 請注意您必需以一個具有管理員權限的帳戶登錄如果要加密或格式化某磁碟分割區和磁碟機。\n\n檔案類型加密區不受這個限制。 + 如果要建立隱藏的加密區,您必須以一個具有管理員權限的帳戶登錄。\n\n要繼續嗎? + 請注意您必需以一個具有管理員權限的帳戶登錄如果要把加密區格式化為 NTFS 檔案系統。\n\n如果沒有管理員權限,您可以格式化加密區為 FAT 檔案系統。 + FIPS 認可的加密演算法(Rijndael,發表於 1998)可能被美國聯邦部門和機構用來對特定資訊進行極機密等級保護。256 位元金鑰,128 位元區塊,14 次離散迴圈(AES-256)。操作模式為 XTS。 + 加密區已掛載。 + 小心:在內置自動檢測時,至少一個加密或雜湊演算法失敗了!\n\n此 VeraCrypt 安裝可能已損壞。 + 小心:在亂數產生器集區中的資料不足,無法提供要求數量的亂數資料。\n\n您不應繼續進行。請從説明功能表選擇 "報告錯誤" 來報告此軟體錯誤。 + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + 無效的磁碟機代號。 + 無效的路徑。 + 取消 + 無法存取磁碟機。請確保選中的磁碟機存在而且未被系統使用。 + 警告:Caps Lock 已開啟。這可能導致您輸入密碼錯誤。 + 加密區類型 + 有可能會發生某些人強迫您洩漏加密區密碼。有很多情況您可能無法拒絕這種要求(例如,因為暴力因素)。使用所謂的隱藏加密區可以在不洩漏隱藏加密區密碼的情況下解決這種問題。 + 選擇您希望建立一般 VeraCrypt 加密區的選項。 + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + 外層加密區加密選項 + 隱藏加密區加密選項 + 加密選項 + 警告:清除上次選擇的加密區或金鑰檔路徑失敗(檔案選擇器記憶)! + 錯誤:此容器已被檔案系統壓縮過的。VeraCrypt 不支援壓縮過的容器(要注意這是因為壓縮過的加密資料是低效能和資料冗長的)。\n\n請使用以下步驟取消壓縮: 1) 在 Windows 檔案總管中的容器上按右鍵(不是在 VeraCrypt 視窗中)。 2) 選擇 "內容"。 3) 在 "內容" 對話方塊,點 "進階"。 4) 在 "進階內容" 對話方塊,停用 "壓縮磁碟機來節省磁碟空間" 並選取 "確定"。 5) 回到 "內容" 對話方塊,點 "確定"。 + 建立加密區 %s 失敗 + %s 的大小為 %.2f 位元組 + %s 的大小為 %.2f KB + %s 的大小為 %.2f MB + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + 警告:磁碟機/磁碟分割區正被系統或應用程式使用。格式化該磁碟機/磁碟分割區可能導致資料遺失或系統不穩定。\n\n繼續進行格式化嗎? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + 錯誤:該磁碟機/磁碟分割區包含不能被卸載的檔案系統。此檔案系統可能被作業系統所使用。格式化此磁碟機/磁碟分割區很可能會導致資料損壞或者是系統不穩定。\n\n要解決此問題,我們建議您先刪除該磁碟分割區之後在不格式化的情況下重新建立這個磁碟分割區。要達成此目的,請遵照下面步驟: 1) 在 "我的電腦" 的圖示上按右鍵,然後選擇 "管理",顯示 "電腦管理" 視窗。 2) 在 "電腦管理" 視窗,選擇 "磁碟管理"。 3) 右鍵單點要加密的磁碟分割區,您可以選擇 "刪除磁碟分割","刪除磁區" 或者是 "刪除邏輯磁碟"。 4) 如果 Windows 提示要重新啟動,點 "是" 重新啟動。然後在第 5 個步驟中重複第 1 和第 2 步。 5) 右鍵單點未分配/可用空間並選擇 "新建磁碟分割","新建磁區" 或者 "新建邏輯磁碟"。 6) 在 "新建磁碟分割精靈" 或者 "新建磁區精靈" 視窗中,在 "格式化磁碟分割區" 標題的對話方塊中,選擇 "不格式化此磁碟分割區" 或者是 "不格式化此磁區"。在此精靈裡面,點 "下一步" 然後點 "完成"。 7) 要注意您現在在 VeraCrypt 中選擇的磁碟機路徑可能是錯誤的,因此,退出並重新啟動 VeraCrypt 加密區建立精靈(如果正在執行)。 8) 嘗試重新加密該設備/磁碟分割區。\n\n如果 VeraCrypt 仍然顯示加密失敗,您可以考慮建立檔案類型的容器。 + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + 警告:一些掛載的磁碟機/磁碟分割區正在使用中!\n\n忽略這些可能導致非期望的結果,包括系統不穩定。\n\n我們強烈建議您關閉所有可能正在使用此磁碟機/磁碟分割區的應用程式。 + 選定的磁碟機包含磁碟分割區。\n\n格式化該磁碟機可能會導致系統不穩定或資料遺失。您可以選擇該磁碟機的某個磁碟分割區,或者刪除該磁碟機的所有磁碟分割區,以確保 VeraCrypt 對其安全格式化。 + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + 磁碟機 %s 上的可用空間為 %.2f 位元組。 + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + 無法得到可用的磁碟機代號。 + 錯誤:找不到 VeraCrypt 磁碟機。\n\n請將檔案 "veracrypt.sys" 和 "veracrypt-x64.sys" 複製到 VeraCrypt 主應用程式(VeraCrypt.exe)所在的目錄。 + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + 錯誤:加密初始化失敗。 + 錯誤:檢測到弱強度金鑰!金鑰將被廢棄。請重試。 + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt 關鍵性錯誤 + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + 加密(&E) + 解密(&D) + 永久解密(&p) + 結束 + 請為該擴展磁碟分割區建立一個邏輯磁碟分割區,然後再試。 + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \n選擇您想要建立隱藏加密區的 VeraCrypt 加密區位置。 + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + 錯誤:無法掛載加密區。外層加密區或磁碟機正在使用中。嘗試不使用獨佔權限的掛載也同樣會失敗。 + 檔案無法被打開。 + 加密區位置 + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Note: + 恢復(&R) + 延緩(&D) + &Start + &Continue + 格式化(&F) + &Wipe + 中止格式化嗎? + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + 該系統割分割區/磁碟機已經被成功解密。 + \n\nVeraCrypt 加密區已建立並準備就緒。要建立另外的 VeraCrypt 加密區,請點 '下一步',否則請點 '結束'。 + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + VeraCrypt 加密區已成功建立。 + 加密區已建立 + 重要:請在此視窗內僅可能的隨機移動滑鼠。移動時間越長越好。這將極為增強金鑰的加密強度。然後點 '格式化' 建立加密區。 + 點 '格式化' 建立外層加密區。要知道更多訊息,請參閱文件。 + 外層加密區格式 + 隱藏加密區格式 + 加密區格式化 + 如要顯示或列印 VeraCrypt 使用者指南需要使用 Adobe Reader (或與其相容的工具)。\n\nAdobe Reader (免費軟體)下載位址: www.adobe.com\n\n您想要查看這個線上文件嗎? + 如果您選擇此選項,精靈將會先幫助您建立一個一般的 VeraCrypt 加密區,接著會繼續在裡面建立一個隱藏的 VeraCrypt 加密區。經驗不足的使用者應該總是選擇這個選項。 + 如果您選擇此選項,您將會在一個現存的 VeraCrypt 加密區內建立一個隱藏的 VeraCrypt 加密區。假設您已建立好了一個適合存放隱藏加密區的 VeraCrypt 加密區。 + 加密區建立模式 + 隱藏加密區已建立 + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + 外層加密區已成功建立並作為 %hc: 磁碟機掛載。對這個加密區,現在您應複製一些您不是真正要隱藏的看似敏感的檔案。這是讓那些強迫您洩漏密碼的人能看到的檔。您將僅對這個外層加密區洩漏密碼,而不要洩漏給他們隱藏加密區的密碼。您真正要保護的檔將被儲存在稍後建立的隱藏加密區裡。當您完成複製後,請點 '下一步',而且不要卸載此加密區。\n\n注意:點 '下一步' 後,將進行叢集圖掃描來確定連續的可用空間大小,此可用空間的結尾與加密區結尾一致。該空間將提供用來建立隱藏加密區同時也是隱藏加密區的最大容量。叢集圖掃描能夠保證外層加密區中的資料不會被隱藏加密區複寫。 + 外層加密區內容 + \n\n在下一步您將要為外層加密區(在其內將建立隱藏加密區)調整其選項。 + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + 外層加密區 + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\n外層加密區叢集圖掃描已完成,隱藏加密區最大可能大小已被確定。在下一步裡您可以調整隱藏加密區的選項、大小、和密碼。 + 隱藏加密區 + 在外層加密區卸載前隱藏加密區將處於保護之中。\n\n警告:如果有資料試圖存到隱藏加密區區域,VeraCrypt 將會開始對整個加密區(外層和隱藏加密區都是)進行寫入保護直到卸載。這也許會導致外層加密區的檔案系統損毀,這樣(如果持續下去)也許會對隱藏加密區的合理隱蔽特性有不利的影響。因此,您應該盡全力避免寫入資料到隱藏加密區區域裡。任何要被儲存到隱藏加密區區域的資料將不被保存而且會遺失!Windows 可能會報告為這是寫入錯誤("延遲寫入失敗" 或者 "參數不正確") + 在新掛載上去的外層加密區卸載前每一個隱藏加密區將處於保護之中。\n\n警告:如果有資料試圖存到任何保護的隱藏加密區區域,VeraCrypt 將會開始對整個加密區(外層和隱藏加密區都是)進行寫入保護直到卸載。這也許會導致外層加密區的檔案系統損毀,這樣(如果持續下去)也許會對隱藏加密區的合理隱蔽特性有不利的影響。因此,您應該盡全力避免寫入資料到隱藏加密區區域裡。任何要被儲存到隱藏加密區區域的資料將不被保存而且會遺失!Windows 可能會報告為這是寫入錯誤("延遲寫入失敗" 或者 "參數不正確") + 警告:資料試圖存到掛載為 %c: 加密區的隱藏加密區區域!\n\nVeraCrypt 為了保護隱藏加密區已經阻止了這些資料的儲存。這也許會導致外層加密區的檔案系統損毀而且 Windows 可能會報告為這是寫入錯誤("延遲寫入失敗" 或者 "參數不正確")。整個加密區(外層和隱藏加密區都是)將進行寫入保護直到加密區卸除為止。如果這不是 VeraCrypt 第一次避免資料寫入到隱藏加密區區域,隱藏加密區的合理隱蔽特性可能會有不利的影響(因為外層加密區的檔案系統裡可能有不正常的不一致相關)。因此,您應該考慮建立一個新的 VeraCrypt 加密區(停用快速格式化的)而且把檔案從這加密區移動到新加密區裡面;這加密區應該被安全的消除(外層和隱藏加密區都是)。我們強烈建議您現在重開作業系統。 + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + 您的電腦必須重新啟動。\n\n您希望現在重新啟動電腦嗎? + 取得系統加密狀態時出錯。 + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + 不能初始化用於系統加密的應用程式元件。 + 初始化亂數資料產生器失敗! + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + 無法初始化應用程式。註冊對話方塊類別失敗。 + Error: Failed to load the Rich Edit system library. + VeraCrypt 加密區建立精靈 + 該區能建立的最大隱藏加密區大小為 %.2f 位元組。 + 該區能建立的最大隱藏加密區大小為 %.2f KB。 + 該區能建立的最大隱藏加密區大小為 %.2f MB。 + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + 當此加密區被掛載時,加密區密碼/金鑰檔無法被更改。請先卸載此加密區。 + 當加密區被掛載時無法修改首金鑰推導演算法。請先卸載加密區。 + 掛載(&M) + 需要新版本的 VeraCrypt 來掛載此加密區。 + 錯誤:未發現加密區建立精靈。\n\n請確定檔案 "VeraCrypt Format.exe" 位於 "VeraCrypt.exe" 的目錄之中。如果不是這樣,請重新安裝 VeraCrypt,或在磁碟中確定 "VeraCrypt Format.exe" 的位置並執行它。 + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + 下一步(&N) > + 完成(&F) + 安裝(&I) + 解壓縮(&X) + 不能連接到 VeraCrypt 裝置驅動程式。如果裝置驅動程式不能執行則 VeraCrypt 也不能執行。\n\n請注意由於 Windows 問題,可能需要登出或者重啟系統才能正常載入裝置驅動程式。 + 當載入/準備字型時出錯。 + 找不到磁碟機代號或是沒有指定磁碟機代號。 + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + 磁碟機代號不可用。 + 未選定檔案! + 無可用磁碟機代號。 + 外層加密區無可用磁碟機代號!無法進行加密區建立。 + 無法檢測到作業系統的版本,或您正在使用不被支援的作業系統。 + 未選定路徑! + 建立隱藏加密區的可用空間不足!無法繼續加密區建立。 + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + 驅動程式無法卸載這個加密區。位於此加密區上某些檔案可能仍被使用中。 + 無法鎖定此加密區。此加密區上仍有些檔案被使用中。因而也無法卸載。 + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + 請選擇一個 VeraCrypt 加密區 + 指定路徑和檔案名稱 + Select PKCS #11 Library + 記憶體不足 + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + 警告:加密區 '%s' 已存在!\n\n重要:VeraCrypt 並不會加密這個檔案,而是會刪除這個檔案。您確定要刪除這個檔案並用一個新的 VeraCrypt 容器來取代它嗎? + 小心:目前儲存在 %s '%s'%s 上的所有資料將會被刪除且遺失(它們將不會被加密)!\n\n您確定要繼續格式化嗎? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + 密碼 + PIM + 設定首金鑰推衍演算法 + 新增/移除 金鑰檔案... + 從加密區中移除所有金鑰檔 + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + 要注意您的 VeraCrypt 救援磁碟仍然使用之前的加密演算法。如果您認為之前的加密演算法不安全,您應該建立一個新的 VeraCrypt 救援磁碟然後並銷毀原來的救援磁碟。\n\n您希望建立一個新的 VeraCrypt 救援磁碟嗎?要注意 VeraCrypt 將會使用之前的演算法。如果您認為之前的演算法不安全,您應該建立一片新的 VeraCrypt 救援磁碟且然後銷毀舊的。\n\n您想要建立一片新的 VeraCrypt 救援磁碟嗎? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + 金鑰檔已成功新增/移除。 + Keyfile exported. + 首金鑰推導演算法已成功設定。 + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the VeraCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. + 請為隱藏加密區選擇一個密碼。 + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + 請輸入外層加密區的密碼(您將在該加密區中建立隱藏加密區)。\n\n在點 '下一步' 後,VeraCrypt 會嘗試掛載此加密區。一旦加密區被掛載,將進行叢集圖掃描來確定連續的可用空間大小(如果有的話),此空間的結尾與加密區結尾一致。該區域將提供給隱藏加密區並因此會限制它的最大可能大小。叢集圖掃描是必要的,這可以確保外層加密區的資料不會被隱藏加密區複寫。 + \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + 外層加密區密碼 + 隱藏加密區密碼 + Password for Hidden Operating System + 警告:簡短密碼容易被使用暴力破解技術破解!\n\n我們建議選擇一個超過 20 個字元的密碼。\n\n您確定要使用簡短密碼嗎? + 加密區密碼 + 密碼不正確或不是 VeraCrypt 加密區。 + 金鑰 和/或 密碼不正確或不是 VeraCrypt 加密區。 + 錯誤的掛載模式,密碼不正確,或不是 VeraCrypt 加密區。 + 錯誤的掛載模式,金鑰 和/或 密碼不正確,或不是 VeraCrypt 加密區。 + 密碼不正確或不是 VeraCrypt 加密區。 + 金鑰 和/或 密碼不正確或不是 VeraCrypt 加密區 + \n\n警告:Caps Lock 已經開啟。這可能導致您密碼輸入錯誤。 + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\n注意:如果您試圖掛載位於加密的系統磁碟機中的分割區而沒有啟動前置認證的話,或者是掛載作業系統沒有執行的加密的系統分割區,您可以經由選擇 "系統" > "以沒有啟動前置認證的方式掛載" 來達到。 + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < 上一步(&B) + 無法列出安裝在系統上的原生裝置! + 加密區 "%s" 存在,而且是唯讀的。您確定要取代它嗎? + 選擇目標目錄 + 選擇金鑰檔 + 選擇金鑰檔的搜索路徑。警告:要注意記憶的只是路徑,而不會記憶檔案名! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + 設計者為 Ross Anderson、Eli Biham、和 Lars Knudsen。發表於 1998 年。256 位金鑰,128 位元資料塊。操作模式為 XTS。Serpent 為與 AES 候選演算法中的一種。 + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + 外層加密區大小 + 隱藏加密區大小 + Please verify that the size of the selected device/partition shown above is correct and click Next. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + 加密區大小 + 動態大小的 + 小心:自我檢測失敗! + 全部演算法自我檢測通過 + 您提供的資料單位數值太長或太短。 + 您提供的次金鑰太長或太短。 + 您提供的測試加密文本太長或太短。 + 您提供的測試金鑰太長或太短。 + 您提供的測試明碼文本太長或太短。 + 在 XTS 模式的串聯操作中需要兩個加密。每個區塊首先使用 %s (%d 位元金鑰)加密然後使用 %s (%d 位元金鑰)加密。每個加密使用其各自的金鑰。所有的金鑰各自獨立。 + 在 XTS 模式的串聯操作中需要三個加密。每個區塊首先以 %s (%d 位元金鑰)加密,然後以 %s (%d 位元金鑰)加密,最後以 %s (%d 位金鑰)加密。每個加密均使用其各自的金鑰。所有的金鑰均各自獨立。 + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt 攜帶版磁碟 + 設計者為 Bruce Schneie、John Kelsey、Doug Whiting、David Wagner、Chris Hall、和 Niels Ferguson。發表於 1998 年。256 位元金鑰,128 位元區塊。操作模式為 XTS。Twofish 為與 AES 候選演算法中的一種。 + 關於 %s 的更多訊息 + 未知 + An unspecified or unknown error occurred (%d). + 一些加密區包含的檔案或資料夾 正被應用程式或系統使用。\n\n強制卸載嗎? + 卸載(&D) + 卸載失敗! + 加密區包含的檔案或資料夾被應用程式或系統使用。\n\n強制卸載嗎? + No volume is mounted to the specified drive letter. + 您試圖要掛載的加密區早已經掛載了。 + 試圖掛載加密區時出錯。 + 在加密區裡定址時出錯。 + 錯誤:錯誤的加密區大小。 + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt 無法修改外層加密區的密碼。 + 請從列表中選擇一個未被使用的磁碟機代號。 + 請在磁碟機列表中選擇一個已掛載的加密區。 + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + 錯誤:無法建立 autorun.inf + 處理金鑰檔時出錯! + 處理金鑰檔路徑時出錯! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt 不支援此作業系統。 + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + 錯誤:無法配置記憶體。 + 錯誤:無法復原效能計數器的值。 + 錯誤:錯誤的加密區格式。 + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - 法律聲明 + 所有檔案 + VeraCrypt 加密區 + Library Modules + NTFS 格式化無法繼續。 + 無法掛載加密區。 + 無法卸載加密區。 + Windows 格式化為 NTFS 檔案系統格式時失敗。\n\n請選擇不同的檔案系統格式(如果可能的話)再嘗試一次。另外,您可以保留該區為未格式化區(檔案系統選擇為 "無"),結束精靈,掛載這個加密區,然後再使用系統或第三方廠商工具格式化這個已經掛載的加密區(該掛載的區仍然為加密狀態)。 + Windows 格式化為 NTFS 檔案系統格式時失敗。\n\n您希望格式化為 FAT 檔案系統格式嗎? + 預設 + partition + 磁碟分割區 + 磁碟機 + device + 磁碟機 + 加密區 + volume + VOLUME + Label + 對加密區大小而言,選擇的叢集大小太小。將使用大一些的叢集大小來取代。 + 錯誤:無法取得加密區大小資訊!\n\n請確定選擇的加密區未被系統或其他程式使用。 + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + VeraCrypt 加密區建立精靈只能在 FAT 或 NTFS 的檔案系統格式加密區內建立隱藏加密區。 + 在 Windows 2000 系統下,VeraCrypt 加密區建立精靈只能在 FAT 的檔案系統格式加密區裡面建立隱藏加密區。 + Note: The FAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT). + Note that the FAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + 錯誤:無法存取加密區!\n\n請確定選擇的加密區存在,該加密區並未由系統或其他程式使用,同時該區未被防寫,而且具有對該區的讀寫權限。 + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + 錯誤:無法卸載外層加密區!\n\n如果加密區中的檔案或資料夾被程式或系統使用,則該加密區無法被鎖定。\n\n請關閉任何可能使用加密區上檔案或目錄的程式,然後再選取 '重試'。 + 錯誤:不能獲得外層加密區的訊息! 加密區建立不能繼續。 + 錯誤:無法存取外層加密區!加密區建立無法繼續。 + 錯誤:無法掛載外層加密區!加密區建立無法繼續。 + 錯誤:無法取得加密區叢集圖!加密區建立無法繼續。 + 按字母順序 + 按平均速度(遞減) + 演算法 + 加密 + 解密 + 平均 + 代號 + 大小 + 加密演算法 + 加密演算法 + 類型 + + 內容 + 位置 + 位元組 + 隱藏 + 外層 + 一般 + 系統 + Hidden (system) + 唯讀 + 系統磁碟機 + 系統磁碟機(正在加密 - %.2f%% 已完成) + 系統磁碟機(正在解密 - %.2f%% 已完成) + 系統磁碟機(%.2f%% 已加密) + 系統分割區 + Hidden system partition + 系統分割區(正在加密 - %.2f%% 已完成) + 系統分割區(正在解密 - %.2f%% 已完成)) + 系統分割區(%.2f%% 已加密) + 是(防止損壞!) + + Primary Key Size + Secondary Key Size (XTS Mode) + Tweak Key Size (LRW Mode) + 位元 + 區塊大小 + PKCS-5 PRF + PKCS-5 反覆運算次數 + 加密區建立時間 + 標頭資訊上次修改時間 + (%I64d 天前) + Volume Format Version + Embedded Backup Header + VeraCrypt Boot Loader Version + 最初可用的 + Removable Disk + 硬碟 + 不改變 + Autodetection + 精靈模式 + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + 設定選項 + 您可以在在這裡設定不同選項來控制安裝的過程。 + 正在安裝 + VeraCrypt 正在安裝請稍候。 + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + 解壓縮選項 + 您可以在這裡設定不同選項來控制解壓縮的過程。 + 正在解壓縮檔案請稍候。 + Files successfully extracted + 所有檔案已經被成功解壓縮到目標位置。 + 如果指定的資料夾不存在,將會自動建立該資料夾。 + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + 您想查看目前版本的 VeraCrypt 的發行公告嗎? + 如果您以前從未沒有使用過 VeraCrypt,我們建議您先閱讀 VeraCrypt 使用者指南中的 Beginner's Tutorial 章節。您想要查看教學導覽嗎? + 請從下面選擇要執行的操作: + 修復/重新安裝 + Upgrade + 移除 + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + 安裝失敗。 + 移除失敗。 + 這發行包裝檔已經損壞。請試著再下載一次(最好從 VeraCrypt 官方網站 https://veracrypt.codeplex.com 下載)。 + 不能寫入檔案 %s + 正在解壓縮 + 不能從包裝檔中讀取資料 + 不能驗證發行包裝檔的完整性。 + 解壓縮失敗。 + 安裝已經被返回。 + VeraCrypt 已成功安裝。 + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt 已成功移除。\n\n點 "完成" 來移除 VeraCrypt 安裝程式和資料夾 %s。要注意如果該資料夾中含有非安裝程式建立的檔案,則該資料夾不會被移除。 + 正在移除 VeraCrypt 登錄檔項目。 + 正在新增登錄檔項目 + 正在刪除程式相關資料 + 正在安裝 + 正在停止 + 正在刪除 + 新增圖示 + 建立系統還原點 + 建立系統還原點失敗! + Updating boot loader + "%s" 的安裝已失敗。 %s 您想要繼續安裝嗎? + "%s" 的移除已失敗。 %s 您想要繼續移除嗎? + 安裝完成。 + 資料夾 "%s" 無法被建立 + 無法卸載 VeraCrypt 裝置驅動程式。\n\n請先關閉所有使用中的 VeraCrypt 視窗。如果這樣仍然沒有作用,請重新啟動電腦然後再試一次。 + 在安裝或者移除 VeraCrypt 之前必須先要卸載所有的 VeraCrypt 加密區。 + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + 安裝註冊表項目失敗 + 安裝裝置驅動程式失敗。請重新啟動電腦後再嘗試安裝 VeraCrypt。 + 正在啟動 VeraCrypt 裝置驅動程式 + 裝置驅動程式的移除已失敗。請注意,由於 Windows 問題,在設定裝置驅動程式能夠被移除(或重新安裝)前可能需要登出或者重新啟動系統。 + 正在安裝 VeraCrypt 裝置驅動程式 + 正在停止 VeraCrypt 裝置驅動程式 + 正在移除 VeraCrypt 裝置驅動程式 + 註冊使用者帳戶控制項支援函式庫失敗。 + 反註冊使用者帳戶控制項支援函式庫失敗。 + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + 錯誤:不能顯示授權聲明。 + 外層(!) + + 小時 + 分鐘 + + 打開 + 卸載 + 顯示 VeraCrypt + 隱藏 VeraCrypt + 掛載以來讀取的資料 + 掛載以來寫入的資料 + 加密成分 + 100% (完全加密) + 0% (未加密) + %.3f%% + 100% + 正在等待 + Preparing + Resizing + 正在加密 + 正在解密 + Finalizing + 已暫停 + 已完成 + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + 為 %s 輸入密碼 + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + 金鑰檔已成功建立。 + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + 加密區標頭資訊備份已經成功建立。\n\n重要:使用復原功能復原時也會復原目前加密區的密碼。此外,如果建立加密區的時候使用了金鑰檔,復原後也需要同樣的金鑰檔來打開加密區。\n\n警告:該加密區標頭資訊備份只能用在這個提供備份的加密區上。如果您把該標頭資訊備份復原到其他加密區,您可能能夠打開加密區,但是您將無法解密儲存在加密區的任何資料(這是因為您已經改變了加密區的主金鑰)。 + 加密區標頭資訊備份已經成功復原。\n\n重要:請注意舊密碼也同樣被復原了。此外,備份時如果需要金鑰檔來掛載加密區,復原後也需要同樣的金鑰檔。 + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + 您確定要復原加密區 %s 的標頭資訊嗎?\n\n警告:復原加密區標頭資訊也會復原在建立備份時有效的密碼。此外,如果在備份時需要使用金鑰檔掛載加密區,那麼在標頭資訊復原後,仍然需要同樣的金鑰檔。\n\n在您選取 '是' 之後,您將會選擇標頭資訊備份檔案。 + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + 您正在嘗試備份系統分割區/磁碟機的標頭訊息。這是不被允許的。對於系統分割區/磁碟機標頭訊息的備份/恢復操作只能經由使用 VeraCrypt 救援磁碟來進行。\n\n您希望建立 VeraCrypt 救援磁碟嗎? + 您正在嘗試恢復虛擬 VeraCrypt 加密區的標頭訊息但是您選擇的是系統分割區/磁碟機。這是不被允許的。 對於系統分割區/磁碟機標頭訊息的備份/恢復只能經由使用 VeraCrypt 救援磁碟來進行。\n\n您希望建立 VeraCrypt 救援磁碟嗎? + 在點 '確定' 後,您將會選擇新的 VeraCrypt 救援磁碟 ISO 影像檔案的檔案名稱和您要存放位置。 + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + 請插入 VeraCrypt 救援磁碟到 CD/DVD 光碟機並點選 '確定' 開始驗證。 + VeraCrypt 救援磁碟已經被成功驗證。 + 無法驗證救援磁碟已被正確燒錄。\n\n如果您已經燒錄了救援磁碟,請退出後重新插入 CD/DVD;然後再試一次。如果沒有用,請嘗試使用其他 CD/DVD 燒錄軟體或光碟片。\n\n如果您嘗試驗證一個為不同的主金鑰、密碼、salt 值、等建立的 VeraCrypt 救援磁碟,請注意這樣的救援磁碟永遠無法通過驗證。要建立一個新的和目前組態完全相容的救援磁碟,請選擇 "系統" > "建立救援磁碟"。 + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + 建立 VeraCrypt 救援磁碟時失敗。 + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + 在操作前請卸載加密區。 + 錯誤:不能設定計時器。 + 檢查檔案系統 + 修正檔案系統 + Add to Favorites... + Add to System Favorites... + P&roperties... + 隱藏加密區已被保護 + N/A + + + Disabled + 1 + 2 或更多 + 操作模式 + Label: + Size: + Path: + Drive Letter: + 錯誤:密碼必須只包含 ASCII 字元。\n\n密碼中的非 ASCII 字元可能會導致當作業系統組態改變時加密區無法掛載。\n\n允許使用以下字元:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + 警告:密碼中包含非 ASCII 字元。可能會導致當作業系統組態改變時加密區無法掛載。\n\n您應該使用 ASCII 字元取代密碼中的非 ASCII 字元。如要這樣做,請選取 "加密區" -> "修改加密區密碼"\n\n以下字元為 ASCII 字元:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + 首頁(線上) + 警告:看起來您還沒有安裝任何 Windows 作業系統的修正檔案。您不應該向未安裝 SP1 或更新的修正檔案的 Windows XP 系統中大於 128 GB 的 IDE 硬碟寫入資料!如果這樣做了,磁碟上的資料(不論是否為 VeraCrypt 加密區)可能會損壞。要注意這是 Windows 作業系統的限制,而不是 VeraCrypt 的錯誤。 + 警告:看起來您的 Windows 2000 系統還未安裝 SP3 或更新的修正檔案。您不應該向這個系統中大於 128 GB 的 IDE 硬碟寫入資料!如果這樣做了,磁碟上的資料(不論是否為 VeraCrypt 加密區)可能會損壞。要注意這是 Windows 作業系統的限制,而不是 VeraCrypt 的錯誤。\n\n注意:您也需在註冊表裡啟用 48-位元 LBA 支援;更多資訊,請參考 http://support.microsoft.com/kb/305098/EN-US + 警告:您的系統不支援 48-位元 LBA ATAPI。因此,您將不能寫入到超過 128GB 容量的 IDE 磁碟!如果您仍然堅持這樣做,磁碟上的資料(不論其是否為 VeraCrypt 加密區)將會損壞。要注意這是 Windows 系統的限制,不是 VeraCrypt 軟體的限制。\n\n要啟用 48-位元 LBA 支援,請在註冊表的 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters 下增加一個 "EnableBigLba" 鍵值並設定其值為 1。\n\n更多訊息請參考 http://support.microsoft.com/kb/305098 + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + 警告:如果您想以後在外層加密區中新增更多的資料或檔案,您應該考慮為隱藏加密區選擇一個小一點的大小。\n\n您確定要以指定的大小繼續嗎? + 未選擇加密區。\n\n選取 "選擇磁碟機..." 或 "選擇檔案..." 來選擇 VeraCrypt 加密區。 + 沒有選擇分割區。\n\n點 "選擇磁碟機" 來選擇一個通常需要啟動前置認證的卸載的分割區(例如,一個位於其他沒有在執行作業系統的加密的系統磁碟機上的分割區,或是另外一個作業系統的加密的系統分割區)。\n\n注意:選擇的分割區將會以一般 VeraCrypt 加密區的方式掛載而沒有啟動前置認證。這會舉例來說在備份或修復的操作上比較有用。 + 警告:如果預設的金鑰檔被設定和啟用後,就無法掛載不使用該金鑰檔的加密區。因此,在啟用預設的金鑰檔之後,每當掛載加密區時記得不要勾選 "使用金鑰檔" 核取方塊(在輸入密碼欄位下方)。您確定保存選定的金鑰檔/路徑作為預設值嗎? + 自動掛載磁碟機 + 全部卸載 + 清除快取 + Dismount All & Wipe Cache + 強制全部卸載並清除快取 + 強制全部卸載清除快取並結束程式 + 掛載我的最愛加密區 + 顯示/隱藏 VeraCrypt 主視窗 + (點這裡並按下某個鍵盤按鍵) + 操作 + 捷徑 + 錯誤:該快速鍵為系統保留快速鍵,請選擇其他的。 + 錯誤:快速鍵已被使用。 + 警告:一個或多個 VeraCrypt 作用於系統範圍的快速鍵無法使用!\n\n請確定 VeraCrypt 的這些快速鍵沒有被其他程式或作業系統使用。 + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + 警告:如果此選項被停用,包含使用中的檔案/目錄 的加密區將無法自動卸載。\n\n您確定要停用這個選項嗎? + 警告:包含使用中的檔案/目錄的加密區將無法自動卸載。\n\n要防止這種情況,在對話方塊視窗中啟用以下選項:"強制自動卸載,不論加密區是否包含使用中的檔案或目錄" + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + 您已經排定了加密或解密系統分割區/磁碟機的操作。但該項操作尚未完成。\n\n您希望現在開始(恢復)該項操作嗎? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + 您已經排定了加密或解密系統分割區/磁碟機的操作。然而,啟動前置認證已失敗(或被繞過)。\n\n注意:如果您在啟動前置認證環境中解密了系統分割區/磁碟機,您也許需要經由在 VeraCrypt 主視窗選單中選擇 "系統" > "永久解密系統分割區/磁碟機" 來完成最後的操作。 + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + 結束嗎? + VeraCrypt 沒有足夠的訊息確定是否加密還是解密了。 + VeraCrypt 沒有足夠的訊息確定是否加密還是解密了。\n\n注意:如果您在啟動前置認證環境中解密了系統分割區/磁碟機,您也許需要經由點 '解密' 來完成最後的操作。 + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + 您想要中斷和延緩對系統分割區/磁碟機的加密操作嗎?\n\n注意:您以後也可以從中斷點恢復操作。您可以這樣做,舉例來說,經由在 VeraCrypt 主視窗選單中選擇 "系統" > "恢復被中斷的操作"。如果您想永久終止或返回加密操作,選擇 "系統" > "永久解密系統分割區/磁碟機..."。 + 您想要中斷和延緩對系統分割區/磁碟機的解密操作嗎?\n\n注意:您以後也可以從中斷點恢復操作。您可以這樣做,舉例來說,經由在 VeraCrypt 主視窗選單中選擇 "系統" > "恢復被中斷的操作"。如果您想返回解密操作(並開始加密),選擇 "系統" > "加密系統分割區/磁碟機..."。 + 錯誤:中斷加密/解密系統分割區/磁碟機的操作失敗。 + Error: Failed to interrupt the process of wiping. + 錯誤:恢復加密/解密系統分割區/磁碟機的操作失敗。 + Error: Failed to start the process of wiping. + 解決不一致性。\n\n\n(如果您報告錯誤與這個有關,請在報告中包含下面技術訊息: %hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + 警告:VeraCrypt 背景工作已停用。在您結束 VeraCrypt 後,如果對隱藏加密區的損壞被阻止時,您也將無法得到提示。\n\n注意:您可以隨時在 VeraCrypt 的圖示按右鍵並選擇 "結束" 來停止背景工作。\n\n\n您要啟用 VeraCrypt 背景工作嗎? + 語言檔案版本: %s + 正在檢測掛載為 %s 的 VeraCrypt 加密區的檔案系統... + 正在試圖修正掛載為 %s 的 VeraCrypt 加密區的檔案系統... + 警告:該加密區使用了被保留的加密演算法。\n\n所有 64 位元區塊加密演算法(Blowfish,CAST-128 和 Triple DES)已經逐漸不再被使用了。雖然該加密區在以後版本的 VeraCrypt 可能會被掛載。然而以後不會針對這些被保留演算法採取一些改善措施。我們建議您建立一個使用 128 位元區塊加密演算法的 Veracrypt 加密區(如:AES,Serpent,Twofish,等等)並把使用舊演算法的加密區裡面的檔案移動到新的加密區裡面去。 + 您的系統未被設置為自動掛載新加密區。因此也不可能掛載磁碟機類型的加密區。自動卸載可以在執行下列命令後重啟系統來啟用。\n\n\nmountvol.exe /E + 請在繼續前為該磁碟機/磁碟分割區指定一個代號("控制台" > "系統和維護" > "管理工具" - "建立和格式化磁碟分割區")。\n\n要注意這些是作業系統所需要的。 + 掛載 VeraCrypt 加密區 + 卸除所有 VeraCrypt 加密區 + VeraCrypt 取得系統管理員權限失敗。 + 已被作業系統拒絕存取。\n\n可能原因:作業系統要求您對某些資料夾、檔案、和磁碟機具有讀寫權限(或管理權限),以便您能夠從其中讀寫資料。通常情況下,非系統管理員只允許在他自己的檔案資料夾中建立、讀取和修改檔案。 + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + VeraCrypt 開機管理程式需要至少 32 KBytes 的可用空間在系統磁碟機的一開始部分(VeraCrypt 開機管理程式需要被存到那空間)。不幸的,您得磁碟機沒有滿足此條件。\n\n請不要報告這錯誤/問題給 VeraCrypt。要解決這問題,您將需要重新分割您的磁碟機並保留前 32 KBytes 空間可用(在大部分的情況下,您將需要刪除並重新建立第一個分割區),我們建議您可以使用微軟的磁碟分割管理那是舉例來說當您正在安裝 Windows 時可以用的。 + 此功能不支援目前您正在使用的作業系統版本。 + VeraCrypt 不支援在您目前使用的作業系統版本的系統分割區/磁碟機的加密。 + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + 您的系統磁碟機具有 GUID 磁碟分割表(GPT)。目前,只支援有 MBR 的磁碟分割表。 + 小心:VeraCrypt 開機管理程式已經安裝到了您的系統磁碟機上!\n\n這可能在您的電腦上已經加密了另外一個系統。\n\n警告:繼續加密目前執行的系統可能會導致其他系統不可能啟動或導致資料無法存取。\n\n您確定要繼續嗎? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + 原來的系統開機管理程式將不會保存到救援磁碟上(可能原因:備份檔案遺失) + 寫入 MBR 磁扇區時失敗。\n\n您的 BIOS 可能設定為保護 MBR 磁扇區。檢查您的 BIOS 設定(啟動電腦後按 F2,Delete,或 Esc)中的 MBR/防毒保護。 + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + 您的系統分割區/磁碟機似乎已被完全加密了。 + VeraCrypt 並不支援加密一個被轉換成動態大小的磁碟的系統磁碟機。 + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + 您想要用加密系統分割區取代整個磁碟機嗎?\n\n要注意您可以在磁碟機上建立任何非系統分割區的分割區為主的 VeraCrypt 加密區(除了加密系統分割區)。 + 由於您的系統磁碟機僅包含一個佔據整個磁碟機的分割區,適合(更安全)加密整個磁碟機包含通常位於這樣分割區周圍沒用到的閒置空間。\n\n您希望加密整個系統磁碟機嗎? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + 此演算法目前不支援系統加密。 + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + >警告:VeraCrypt 不能回復原始鍵盤配置。這可能導致您輸入不正確的密碼。 + 錯誤:不能設定 VeraCrypt 鍵盤配置為標準美式鍵盤配置。\n\n要注意在啟動前置環境(Windows 啟動前)需要輸入密碼,這時非標準美式鍵盤配置是無法使用的。因此,密碼必須總是使用標準美式鍵盤配置輸入。 + 由於 VeraCrypt 暫時改變鍵盤配置為標準美式鍵盤配置,目前在按下右 ALT 鍵的情況下是不可能經由按鍵盤輸入字元。然而,您可以在按下 Shift 鍵的時候經由按適當鍵輸入大多數的字元。 + VeraCrypt 阻止了對鍵盤配置的修改 + 注意:在啟動前置環境(Windows 啟動前)需要輸入密碼,這時非標準美式鍵盤配置是無法使用的。因此,密碼必須總是使用標準美式鍵盤配置輸入。然而,重要的是要注意您不需要真的使用美式鍵盤。VeraCrypt 在您沒有真的美式鍵盤的情況下也能夠自動的保證您能夠安全的輸入密碼(現在和在啟動前置環境)。 + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + 錯誤:不能儲存系統加密設定。 + 不能初始化系統加密預先測試。 + Cannot initiate the process of creation of the hidden operating system. + 清除模式 + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwritting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + 無(最快) + 1-pass (random data) + 3 次複寫(美國國防部 5220.22-M 演算法) + 7 次複寫(美國國防部 5220.22-M 演算法) + 35-pass ("Gutmann") + 256-pass + 作業系統數目 + 警告:經驗不足的使用者從不應該試圖在多重開機的組態設定下加密 Windows。\n\n要繼續嗎? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + 啟動磁碟機 + 目前執行的作業系統安裝到了啟動磁碟機上了嗎?\n\n注意:有時,Windows 可能沒有跟 Windows 開機管理程式(啟動分割區)安裝在同一個磁碟機上。如果是這種情況,選擇 "否"。 + VeraCrypt 目前不支援加密不是從安裝作業系統磁碟機開機的作業系統。 + 系統磁碟機數目 + 有多少個磁碟機含有作業系統?\n\n注意:舉例來說,您在主要的磁碟機上安裝了作業系統(例如 Windows,Mac OS X,Linux,等等)又在第二個磁碟機上安裝了額外的作業系統,就選擇 "2 或更多"。 + VeraCrypt 目前不支援對整個包含多個作業系統磁碟機的加密。\n\n可能的解決方法:\n\n- 您可以回上一步並選只加密單一系統分割區(相對於去選加密整個系統磁碟機)。\n\n- 另外,如果把磁碟機中的其他系統移到其他的磁碟機只保留一個系統的話您將可以加密整個磁碟機。 + 多個系統在單一磁碟機中 + 在目前執行的作業系統所安裝的磁碟機中,是否包含其他任何的作業系統?\n\n注意:例如目前執行的作業系統安裝在磁碟機 #0,該磁碟機包含了幾個分割區,其中一個分割區安裝 Windows 系統,而另一個分割區安裝了額外任何的作業系統(例如 Windows,Mac OS X,Linux,等等),選擇 "是"。 + 非 Windows 的開機管理程式 + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + 多重開機 + VeraCrypt 目前不支援是在主要啟動磁區中安裝非 Windows 的開機管理程式的多重開機組態設定。\n\n可能的解決辦法:\n\n- 如果您使用了一個啟動管理程式來開啟 Windows 和 Linux,把啟動管理程式(一般來說,GRUB)從主要啟動磁區移到一個分割區上。然後再啟動精靈來加密系統分割區/磁碟機。注意:VeraCrypt 開機管理程式將會成為主要的啟動管理程式,而且會允許您把原來的啟動管理程式(例如 GRUB)作為第二啟動管理程式來執行(經由在 VeraCrypt 開機管理程式畫面按下 'ESC' 鍵),因此您仍然可以開啟 Linux。 + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + 正在檢測隱藏磁扇區 + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + 要加密的區域 + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + 正在蒐集隨機資料 + 金鑰已經產生 + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + 正在燒錄救援磁碟 + 救援磁碟已建立 + 系統加密預先測試 + 救援磁碟已驗證 + \nVeraCrypt 救援磁碟已被成功驗證。請現在從光碟機中移除救援磁碟並把它存放到安全的地方。\n\n點 '下一步' 繼續。 + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + 警告:由於啟動前置環境的技術限制,VeraCrypt 在啟動前置環境(例如 Windows 啟動前)顯示的文字不能被本地化。VeraCrypt 開機管理程式的使用者介面完全是英文的。\n\n要繼續嗎? + 在加密系統分割區或磁碟機之前,VeraCrypt 需要驗證每個環節都正確無誤。\n\n在點 '測試' 以後,所有必須的元件(例如,啟動前置認證元件,如 VeraCrypt 開機管理程式)將會被安裝而且您的電腦將會重新開機。然後您需要在 Windows 開啟前的 VeraCrypt 開機管理程式畫面輸入您的密碼。在 Windows 開啟後,您將會被自動通知預先測試的結果。\n\n以下的裝置將會被修改:磁碟機 #%d\n\n\n如果您現在點 '取消',將不會安裝任何東西而且預先測試將不會被執行。 + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + 預先測試已經完成 + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + 您要取消系統加密預先測試嗎? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + 系統分割區/磁碟機看起來並未加密(即沒有部分也沒有完全加密)。 + 您的系統分割區/磁碟機已加密(部分或完全加密)。\n\n請在繼續進行之前解密這個系統分割區/磁碟機。要這樣做,在 VeraCrypt 主視窗的選單中,選擇 "系統" > "永久解密系統分割區/磁碟機"。 + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + 您的系統分割區/磁碟機正在被加密,解密,不然就是被修改。請在繼續操作前中斷這個加密/解密/修改的操作(或一直等到它完成)。 + 已經有 VeraCrypt 加密區建立精靈的執行實例在執行,而且正在執行對系統分割區/磁碟機的加密/解密操作。在您操作前,請等它完成或者將它關閉。如果您無法關閉它,請在繼續操作前重新啟動電腦。 + 加密或解密系統分割區/磁碟機的操作尚未完成。請等到它操作完成。 + 錯誤:加密分割區/磁碟機的操作尚未完成。那必須要先完成。 + Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + 錯誤:不正確/無效的參數。 + 您已經選擇了一個分割區或者磁碟機,但是您選擇的精靈模式只適用檔案型容器。\n\n您希望改變精靈模式嗎? + 您想改為建立 VeraCrypt 檔案型容器嗎? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + 您確認要永久解密系統分割區/磁碟機嗎? + 小心:如果您永久解密系統分割區/磁碟機,所有未加密資料將會寫到它上面。\n\n您真的確定要永久解密系統分割區/磁碟機嗎? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + 如果您遭遇任何前面描述的問題,先解密該分割區/磁碟機(如果它已經加密)並試著使用一種非串聯加密演算法對它再次加密(例如 AES)。 + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + VeraCrypt 開機管理程式已經更新。\n\n強烈建議您建立一片新的 VeraCrypt 救援磁碟(那將包含新版的 VeraCrypt 開機管理程式)經由選擇 "系統" > "建立救援磁碟" 在您重新啟動電腦之後。 + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + 更新 VeraCrypt 開機管理程式失敗。 + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + 警告:看來 VeraCrypt 已經試著檢測過這個系統磁碟機上的隱藏磁扇區。如果您在上次檢測過程中遭遇任何問題,您現在可以經由跳過隱藏磁扇區的檢測來避免這些問題。要注意如果您這樣做,VeraCrypt 將會使用作業系統回報的大小(那也許會小於真實磁碟機的大小)。\n\n要注意這問題並不是 VeraCrypt 的錯誤引起的。 + 跳過隱藏磁扇區的檢測(使用作業系統回報的大小) + 嘗試再次檢測隱藏磁扇區 + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + 救援磁碟 + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + 測試 + 金鑰檔案 + Backspace + Tab + Clear + Enter + Pause + Caps Lock + Spacebar + Page Up + Page Down + End + Home + + + + + Select Key + Print Key + Execute Key + Print Screen + Insert + Delete + Applications Key + Sleep + Num Lock + Scroll Lock + Browser Back + Browser Forward + Browser Refresh + Browser Stop + Browser Search + Browser Favorites + Browser Home + Mute + Volume Down + Volume Up + Next Track + Previous Track + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Application 1 + Application 2 + Attn + CrSel + ExSel + Play + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/src/Boot/Windows/Bios.h b/src/Boot/Windows/Bios.h index 314b1a62..dd2da6be 100644 --- a/src/Boot/Windows/Bios.h +++ b/src/Boot/Windows/Bios.h @@ -1,32 +1,32 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Boot_Bios -#define TC_HEADER_Boot_Bios - -#include "Platform.h" - -#define TC_LB_SIZE_BIT_SHIFT_DIVISOR 9 - -#define TC_FIRST_BIOS_DRIVE 0x80 -#define TC_LAST_BIOS_DRIVE 0x8f -#define TC_INVALID_BIOS_DRIVE (TC_FIRST_BIOS_DRIVE - 1) - -enum -{ - BiosResultSuccess = 0x00, - BiosResultInvalidFunction = 0x01 -}; - -typedef byte BiosResult; - -#endif // TC_HEADER_Boot_Bios +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Boot_Bios +#define TC_HEADER_Boot_Bios + +#include "Platform.h" + +#define TC_LB_SIZE_BIT_SHIFT_DIVISOR 9 + +#define TC_FIRST_BIOS_DRIVE 0x80 +#define TC_LAST_BIOS_DRIVE 0x8f +#define TC_INVALID_BIOS_DRIVE (TC_FIRST_BIOS_DRIVE - 1) + +enum +{ + BiosResultSuccess = 0x00, + BiosResultInvalidFunction = 0x01 +}; + +typedef byte BiosResult; + +#endif // TC_HEADER_Boot_Bios diff --git a/src/Boot/Windows/Boot.vcproj b/src/Boot/Windows/Boot.vcproj index d0b40f1a..64ad48ec 100644 --- a/src/Boot/Windows/Boot.vcproj +++ b/src/Boot/Windows/Boot.vcproj @@ -1,246 +1,246 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/Boot/Windows/BootCommon.h b/src/Boot/Windows/BootCommon.h index 4d91981b..1dc86560 100644 --- a/src/Boot/Windows/BootCommon.h +++ b/src/Boot/Windows/BootCommon.h @@ -1,82 +1,82 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Boot_BootCommon -#define TC_HEADER_Boot_BootCommon - -#include "Common/Password.h" -#include "BootDefs.h" - -// The user will be advised to upgrade the rescue disk if upgrading from the following or any previous version -#define TC_RESCUE_DISK_UPGRADE_NOTICE_MAX_VERSION 0x0117 - -#define TC_BOOT_LOADER_AREA_SIZE (TC_BOOT_LOADER_AREA_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS) - -#define TC_BOOT_VOLUME_HEADER_SECTOR (TC_BOOT_LOADER_AREA_SECTOR_COUNT - 1) -#define TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET (TC_BOOT_VOLUME_HEADER_SECTOR * TC_SECTOR_SIZE_BIOS) - -#define TC_CD_BOOTSECTOR_OFFSET 0xd000 -#define TC_CD_BOOT_LOADER_SECTOR 26 - -#define TC_ORIG_BOOT_LOADER_BACKUP_SECTOR TC_BOOT_LOADER_AREA_SECTOR_COUNT -#define TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET (TC_ORIG_BOOT_LOADER_BACKUP_SECTOR * TC_SECTOR_SIZE_BIOS) - -#define TC_BOOT_LOADER_BACKUP_RESCUE_DISK_SECTOR (TC_ORIG_BOOT_LOADER_BACKUP_SECTOR + TC_BOOT_LOADER_AREA_SECTOR_COUNT) -#define TC_BOOT_LOADER_BACKUP_RESCUE_DISK_SECTOR_OFFSET (TC_BOOT_LOADER_BACKUP_RESCUE_DISK_SECTOR * TC_SECTOR_SIZE_BIOS) - -#define TC_MBR_SECTOR 0 -#define TC_MAX_MBR_BOOT_CODE_SIZE 440 - -#define TC_MAX_EXTRA_BOOT_PARTITION_SIZE (512UL * 1024UL * 1024UL) - - -#pragma pack (1) - -typedef struct -{ - byte Flags; -} BootSectorConfiguration; - - -// Modifying this value can introduce incompatibility with previous versions -#define TC_BOOT_LOADER_ARGS_OFFSET 0x10 - -typedef struct -{ - // Modifying this structure can introduce incompatibility with previous versions - char Signature[8]; - uint16 BootLoaderVersion; - uint16 CryptoInfoOffset; - uint16 CryptoInfoLength; - uint32 HeaderSaltCrc32; - Password BootPassword; - uint64 HiddenSystemPartitionStart; - uint64 DecoySystemPartitionStart; - uint32 Flags; - uint32 BootDriveSignature; - - uint32 BootArgumentsCrc32; - -} BootArguments; - -// Modifying these values can introduce incompatibility with previous versions -#define TC_BOOT_ARGS_FLAG_EXTRA_BOOT_PARTITION 0x1 - -#pragma pack () - -// Boot arguments signature should not be defined as a static string -// Modifying these values can introduce incompatibility with previous versions -#define TC_SET_BOOT_ARGUMENTS_SIGNATURE(SG) do { SG[0] = 'T'; SG[1] = 'R'; SG[2] = 'U'; SG[3] = 'E'; SG[4] = 0x11; SG[5] = 0x23; SG[6] = 0x45; SG[7] = 0x66; } while (FALSE) -#define TC_IS_BOOT_ARGUMENTS_SIGNATURE(SG) (SG[0] == 'T' && SG[1] == 'R' && SG[2] == 'U' && SG[3] == 'E' && SG[4] == 0x11 && SG[5] == 0x23 && SG[6] == 0x45 && SG[7] == 0x66) - - -#endif // TC_HEADER_Boot_BootCommon +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Boot_BootCommon +#define TC_HEADER_Boot_BootCommon + +#include "Common/Password.h" +#include "BootDefs.h" + +// The user will be advised to upgrade the rescue disk if upgrading from the following or any previous version +#define TC_RESCUE_DISK_UPGRADE_NOTICE_MAX_VERSION 0x0117 + +#define TC_BOOT_LOADER_AREA_SIZE (TC_BOOT_LOADER_AREA_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS) + +#define TC_BOOT_VOLUME_HEADER_SECTOR (TC_BOOT_LOADER_AREA_SECTOR_COUNT - 1) +#define TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET (TC_BOOT_VOLUME_HEADER_SECTOR * TC_SECTOR_SIZE_BIOS) + +#define TC_CD_BOOTSECTOR_OFFSET 0xd000 +#define TC_CD_BOOT_LOADER_SECTOR 26 + +#define TC_ORIG_BOOT_LOADER_BACKUP_SECTOR TC_BOOT_LOADER_AREA_SECTOR_COUNT +#define TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET (TC_ORIG_BOOT_LOADER_BACKUP_SECTOR * TC_SECTOR_SIZE_BIOS) + +#define TC_BOOT_LOADER_BACKUP_RESCUE_DISK_SECTOR (TC_ORIG_BOOT_LOADER_BACKUP_SECTOR + TC_BOOT_LOADER_AREA_SECTOR_COUNT) +#define TC_BOOT_LOADER_BACKUP_RESCUE_DISK_SECTOR_OFFSET (TC_BOOT_LOADER_BACKUP_RESCUE_DISK_SECTOR * TC_SECTOR_SIZE_BIOS) + +#define TC_MBR_SECTOR 0 +#define TC_MAX_MBR_BOOT_CODE_SIZE 440 + +#define TC_MAX_EXTRA_BOOT_PARTITION_SIZE (512UL * 1024UL * 1024UL) + + +#pragma pack (1) + +typedef struct +{ + byte Flags; +} BootSectorConfiguration; + + +// Modifying this value can introduce incompatibility with previous versions +#define TC_BOOT_LOADER_ARGS_OFFSET 0x10 + +typedef struct +{ + // Modifying this structure can introduce incompatibility with previous versions + char Signature[8]; + uint16 BootLoaderVersion; + uint16 CryptoInfoOffset; + uint16 CryptoInfoLength; + uint32 HeaderSaltCrc32; + Password BootPassword; + uint64 HiddenSystemPartitionStart; + uint64 DecoySystemPartitionStart; + uint32 Flags; + uint32 BootDriveSignature; + + uint32 BootArgumentsCrc32; + +} BootArguments; + +// Modifying these values can introduce incompatibility with previous versions +#define TC_BOOT_ARGS_FLAG_EXTRA_BOOT_PARTITION 0x1 + +#pragma pack () + +// Boot arguments signature should not be defined as a static string +// Modifying these values can introduce incompatibility with previous versions +#define TC_SET_BOOT_ARGUMENTS_SIGNATURE(SG) do { SG[0] = 'T'; SG[1] = 'R'; SG[2] = 'U'; SG[3] = 'E'; SG[4] = 0x11; SG[5] = 0x23; SG[6] = 0x45; SG[7] = 0x66; } while (FALSE) +#define TC_IS_BOOT_ARGUMENTS_SIGNATURE(SG) (SG[0] == 'T' && SG[1] == 'R' && SG[2] == 'U' && SG[3] == 'E' && SG[4] == 0x11 && SG[5] == 0x23 && SG[6] == 0x45 && SG[7] == 0x66) + + +#endif // TC_HEADER_Boot_BootCommon diff --git a/src/Boot/Windows/BootConfig.cpp b/src/Boot/Windows/BootConfig.cpp index 63ebaf5e..75baf19e 100644 --- a/src/Boot/Windows/BootConfig.cpp +++ b/src/Boot/Windows/BootConfig.cpp @@ -1,102 +1,102 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "BootConfig.h" - -byte BootSectorFlags; - -byte BootLoaderDrive; -byte BootDrive; -bool BootDriveGeometryValid = false; -bool PreventNormalSystemBoot = false; -bool PreventBootMenu = false; -char CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1]; -uint32 OuterVolumeBackupHeaderCrc; - -bool BootStarted = false; - -DriveGeometry BootDriveGeometry; - -CRYPTO_INFO *BootCryptoInfo; -Partition EncryptedVirtualPartition; - -Partition ActivePartition; -Partition PartitionFollowingActive; -bool ExtraBootPartitionPresent = false; -uint64 PimValueOrHiddenVolumeStartUnitNo; // reuse this variable for stored PIM value to reduce memory usage -uint64 HiddenVolumeStartSector; - -#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE - -void ReadBootSectorUserConfiguration () -{ - byte userConfig; - - AcquireSectorBuffer(); - - if (ReadWriteMBR (false, BootLoaderDrive, true) != BiosResultSuccess) - goto ret; - - userConfig = SectorBuffer[TC_BOOT_SECTOR_USER_CONFIG_OFFSET]; - -#ifdef TC_WINDOWS_BOOT_AES - EnableHwEncryption (!(userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION)); -#endif - - PreventBootMenu = (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_ESC); - - memcpy (CustomUserMessage, SectorBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH); - CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH] = 0; - - if (userConfig & TC_BOOT_USER_CFG_FLAG_SILENT_MODE) - { - if (CustomUserMessage[0]) - { - InitVideoMode(); - Print (CustomUserMessage); - } - - DisableScreenOutput(); - } - - if (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_PIM) - { - PimValueOrHiddenVolumeStartUnitNo.LowPart = 0; - memcpy (&PimValueOrHiddenVolumeStartUnitNo.LowPart, SectorBuffer + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, TC_BOOT_SECTOR_PIM_VALUE_SIZE); - } - else - PimValueOrHiddenVolumeStartUnitNo.LowPart = -1; - - OuterVolumeBackupHeaderCrc = *(uint32 *) (SectorBuffer + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET); - -ret: - ReleaseSectorBuffer(); -} - - -BiosResult UpdateBootSectorConfiguration (byte drive) -{ - AcquireSectorBuffer(); - - BiosResult result = ReadWriteMBR (false, drive); - if (result != BiosResultSuccess) - goto ret; - - SectorBuffer[TC_BOOT_SECTOR_CONFIG_OFFSET] = BootSectorFlags; - result = ReadWriteMBR (true, drive); - -ret: - ReleaseSectorBuffer(); - return result; -} - -#endif // !TC_WINDOWS_BOOT_RESCUE_DISK_MODE +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "BootConfig.h" + +byte BootSectorFlags; + +byte BootLoaderDrive; +byte BootDrive; +bool BootDriveGeometryValid = false; +bool PreventNormalSystemBoot = false; +bool PreventBootMenu = false; +char CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1]; +uint32 OuterVolumeBackupHeaderCrc; + +bool BootStarted = false; + +DriveGeometry BootDriveGeometry; + +CRYPTO_INFO *BootCryptoInfo; +Partition EncryptedVirtualPartition; + +Partition ActivePartition; +Partition PartitionFollowingActive; +bool ExtraBootPartitionPresent = false; +uint64 PimValueOrHiddenVolumeStartUnitNo; // reuse this variable for stored PIM value to reduce memory usage +uint64 HiddenVolumeStartSector; + +#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE + +void ReadBootSectorUserConfiguration () +{ + byte userConfig; + + AcquireSectorBuffer(); + + if (ReadWriteMBR (false, BootLoaderDrive, true) != BiosResultSuccess) + goto ret; + + userConfig = SectorBuffer[TC_BOOT_SECTOR_USER_CONFIG_OFFSET]; + +#ifdef TC_WINDOWS_BOOT_AES + EnableHwEncryption (!(userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION)); +#endif + + PreventBootMenu = (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_ESC); + + memcpy (CustomUserMessage, SectorBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH); + CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH] = 0; + + if (userConfig & TC_BOOT_USER_CFG_FLAG_SILENT_MODE) + { + if (CustomUserMessage[0]) + { + InitVideoMode(); + Print (CustomUserMessage); + } + + DisableScreenOutput(); + } + + if (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_PIM) + { + PimValueOrHiddenVolumeStartUnitNo.LowPart = 0; + memcpy (&PimValueOrHiddenVolumeStartUnitNo.LowPart, SectorBuffer + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, TC_BOOT_SECTOR_PIM_VALUE_SIZE); + } + else + PimValueOrHiddenVolumeStartUnitNo.LowPart = -1; + + OuterVolumeBackupHeaderCrc = *(uint32 *) (SectorBuffer + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET); + +ret: + ReleaseSectorBuffer(); +} + + +BiosResult UpdateBootSectorConfiguration (byte drive) +{ + AcquireSectorBuffer(); + + BiosResult result = ReadWriteMBR (false, drive); + if (result != BiosResultSuccess) + goto ret; + + SectorBuffer[TC_BOOT_SECTOR_CONFIG_OFFSET] = BootSectorFlags; + result = ReadWriteMBR (true, drive); + +ret: + ReleaseSectorBuffer(); + return result; +} + +#endif // !TC_WINDOWS_BOOT_RESCUE_DISK_MODE diff --git a/src/Boot/Windows/BootConfig.h b/src/Boot/Windows/BootConfig.h index 0c5eee74..0a06a987 100644 --- a/src/Boot/Windows/BootConfig.h +++ b/src/Boot/Windows/BootConfig.h @@ -1,46 +1,46 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Boot_BootConfig -#define TC_HEADER_Boot_BootConfig - -#include "Crypto.h" -#include "Platform.h" -#include "BootDiskIo.h" - -extern byte BootSectorFlags; - -extern byte BootLoaderDrive; -extern byte BootDrive; -extern bool BootDriveGeometryValid; -extern DriveGeometry BootDriveGeometry; -extern bool PreventNormalSystemBoot; -extern bool PreventBootMenu; -extern char CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1]; -extern uint32 OuterVolumeBackupHeaderCrc; - -extern bool BootStarted; - -extern CRYPTO_INFO *BootCryptoInfo; -extern Partition EncryptedVirtualPartition; - -extern Partition ActivePartition; -extern Partition PartitionFollowingActive; -extern bool ExtraBootPartitionPresent; -extern uint64 PimValueOrHiddenVolumeStartUnitNo; // reuse this variable for stored PIM value to reduce memory usage -extern uint64 HiddenVolumeStartSector; - - -void ReadBootSectorUserConfiguration (); -BiosResult UpdateBootSectorConfiguration (byte drive); - -#endif // TC_HEADER_Boot_BootConfig +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Boot_BootConfig +#define TC_HEADER_Boot_BootConfig + +#include "Crypto.h" +#include "Platform.h" +#include "BootDiskIo.h" + +extern byte BootSectorFlags; + +extern byte BootLoaderDrive; +extern byte BootDrive; +extern bool BootDriveGeometryValid; +extern DriveGeometry BootDriveGeometry; +extern bool PreventNormalSystemBoot; +extern bool PreventBootMenu; +extern char CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1]; +extern uint32 OuterVolumeBackupHeaderCrc; + +extern bool BootStarted; + +extern CRYPTO_INFO *BootCryptoInfo; +extern Partition EncryptedVirtualPartition; + +extern Partition ActivePartition; +extern Partition PartitionFollowingActive; +extern bool ExtraBootPartitionPresent; +extern uint64 PimValueOrHiddenVolumeStartUnitNo; // reuse this variable for stored PIM value to reduce memory usage +extern uint64 HiddenVolumeStartSector; + + +void ReadBootSectorUserConfiguration (); +BiosResult UpdateBootSectorConfiguration (byte drive); + +#endif // TC_HEADER_Boot_BootConfig diff --git a/src/Boot/Windows/BootConsoleIo.cpp b/src/Boot/Windows/BootConsoleIo.cpp index 31b66673..8b5a1905 100644 --- a/src/Boot/Windows/BootConsoleIo.cpp +++ b/src/Boot/Windows/BootConsoleIo.cpp @@ -1,339 +1,339 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Platform.h" -#include "Bios.h" -#include "BootConsoleIo.h" -#include "BootDebug.h" -#include "BootStrings.h" - - -static int ScreenOutputDisabled = 0; - -void DisableScreenOutput () -{ - ++ScreenOutputDisabled; -} - - -void EnableScreenOutput () -{ - --ScreenOutputDisabled; -} - - -void PrintChar (char c) -{ -#ifdef TC_BOOT_TRACING_ENABLED - WriteDebugPort (c); -#endif - - if (ScreenOutputDisabled) - return; - - __asm - { - mov bx, 7 - mov al, c - mov ah, 0xe - int 0x10 - } -} - - -void PrintCharAtCursor (char c) -{ - if (ScreenOutputDisabled) - return; - - __asm - { - mov bx, 7 - mov al, c - mov cx, 1 - mov ah, 0xa - int 0x10 - } -} - - -void Print (const char *str) -{ - char c; - while (c = *str++) - PrintChar (c); -} - - -void Print (uint32 number) -{ - char str[12]; - int pos = 0; - while (number >= 10) - { - str[pos++] = (char) (number % 10) + '0'; - number /= 10; - } - str[pos] = (char) (number % 10) + '0'; - - while (pos >= 0) - PrintChar (str[pos--]); -} - - -void Print (const uint64 &number) -{ - if (number.HighPart == 0) - Print (number.LowPart); - else - PrintHex (number); -} - - -void PrintHex (byte b) -{ - PrintChar (((b >> 4) >= 0xA ? 'A' - 0xA : '0') + (b >> 4)); - PrintChar (((b & 0xF) >= 0xA ? 'A' - 0xA : '0') + (b & 0xF)); -} - - -void PrintHex (uint16 data) -{ - PrintHex (byte (data >> 8)); - PrintHex (byte (data)); -} - - -void PrintHex (uint32 data) -{ - PrintHex (uint16 (data >> 16)); - PrintHex (uint16 (data)); -} - - -void PrintHex (const uint64 &data) -{ - PrintHex (data.HighPart); - PrintHex (data.LowPart); -} - -void PrintRepeatedChar (char c, int n) -{ - while (n-- > 0) - PrintChar (c); -} - - -void PrintEndl () -{ - Print ("\r\n"); -} - - -void PrintEndl (int cnt) -{ - while (cnt-- > 0) - PrintEndl (); -} - - -void Beep () -{ - PrintChar (7); -} - - -void InitVideoMode () -{ - if (ScreenOutputDisabled) - return; - - __asm - { - // Text mode 80x25 - mov ax, 3 - int 0x10 - - // Page 0 - mov ax, 0x500 - int 0x10 - } -} - - -void ClearScreen () -{ - if (ScreenOutputDisabled) - return; - - __asm - { - // White text on black - mov bh, 7 - xor cx, cx - mov dx, 0x184f - mov ax, 0x600 - int 0x10 - - // Cursor at 0,0 - xor bh, bh - xor dx, dx - mov ah, 2 - int 0x10 - } -} - - -void PrintBackspace () -{ - PrintChar (TC_BIOS_CHAR_BACKSPACE); - PrintCharAtCursor (' '); -} - - -void PrintError (const char *message) -{ - Print (TC_BOOT_STR_ERROR); - Print (message); - PrintEndl(); - Beep(); -} - - -void PrintErrorNoEndl (const char *message) -{ - Print (TC_BOOT_STR_ERROR); - Print (message); - Beep(); -} - - -byte GetShiftFlags () -{ - byte flags; - __asm - { - mov ah, 2 - int 0x16 - mov flags, al - } - - return flags; -} - - -byte GetKeyboardChar () -{ - return GetKeyboardChar (nullptr); -} - - -byte GetKeyboardChar (byte *scanCode) -{ - // Work around potential BIOS bugs (Windows boot manager polls the keystroke buffer) - while (!IsKeyboardCharAvailable()); - - byte asciiCode; - byte scan; - __asm - { - mov ah, 0 - int 0x16 - mov asciiCode, al - mov scan, ah - } - - if (scanCode) - *scanCode = scan; - - return asciiCode; -} - - -bool IsKeyboardCharAvailable () -{ - bool available = false; - __asm - { - mov ah, 1 - int 0x16 - jz not_avail - mov available, true - not_avail: - } - - return available; -} - - -bool EscKeyPressed () -{ - if (IsKeyboardCharAvailable ()) - { - byte keyScanCode; - GetKeyboardChar (&keyScanCode); - return keyScanCode == TC_BIOS_KEY_ESC; - } - - return false; -} - - -void ClearBiosKeystrokeBuffer () -{ - __asm - { - push es - xor ax, ax - mov es, ax - mov di, 0x41e - mov cx, 32 - cld - rep stosb - pop es - } -} - - -bool IsPrintable (char c) -{ - return c >= ' ' && c <= '~'; -} - -bool IsDigit (char c) -{ - return c >= '0' && c <= '9'; -} - - -int GetString (char *buffer, size_t bufferSize) -{ - byte c; - byte scanCode; - size_t pos = 0; - - while (pos < bufferSize) - { - c = GetKeyboardChar (&scanCode); - - if (scanCode == TC_BIOS_KEY_ENTER) - break; - - if (scanCode == TC_BIOS_KEY_ESC) - return 0; - - buffer[pos++] = c; - PrintChar (IsPrintable (c) ? c : ' '); - } - - return pos; -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Platform.h" +#include "Bios.h" +#include "BootConsoleIo.h" +#include "BootDebug.h" +#include "BootStrings.h" + + +static int ScreenOutputDisabled = 0; + +void DisableScreenOutput () +{ + ++ScreenOutputDisabled; +} + + +void EnableScreenOutput () +{ + --ScreenOutputDisabled; +} + + +void PrintChar (char c) +{ +#ifdef TC_BOOT_TRACING_ENABLED + WriteDebugPort (c); +#endif + + if (ScreenOutputDisabled) + return; + + __asm + { + mov bx, 7 + mov al, c + mov ah, 0xe + int 0x10 + } +} + + +void PrintCharAtCursor (char c) +{ + if (ScreenOutputDisabled) + return; + + __asm + { + mov bx, 7 + mov al, c + mov cx, 1 + mov ah, 0xa + int 0x10 + } +} + + +void Print (const char *str) +{ + char c; + while (c = *str++) + PrintChar (c); +} + + +void Print (uint32 number) +{ + char str[12]; + int pos = 0; + while (number >= 10) + { + str[pos++] = (char) (number % 10) + '0'; + number /= 10; + } + str[pos] = (char) (number % 10) + '0'; + + while (pos >= 0) + PrintChar (str[pos--]); +} + + +void Print (const uint64 &number) +{ + if (number.HighPart == 0) + Print (number.LowPart); + else + PrintHex (number); +} + + +void PrintHex (byte b) +{ + PrintChar (((b >> 4) >= 0xA ? 'A' - 0xA : '0') + (b >> 4)); + PrintChar (((b & 0xF) >= 0xA ? 'A' - 0xA : '0') + (b & 0xF)); +} + + +void PrintHex (uint16 data) +{ + PrintHex (byte (data >> 8)); + PrintHex (byte (data)); +} + + +void PrintHex (uint32 data) +{ + PrintHex (uint16 (data >> 16)); + PrintHex (uint16 (data)); +} + + +void PrintHex (const uint64 &data) +{ + PrintHex (data.HighPart); + PrintHex (data.LowPart); +} + +void PrintRepeatedChar (char c, int n) +{ + while (n-- > 0) + PrintChar (c); +} + + +void PrintEndl () +{ + Print ("\r\n"); +} + + +void PrintEndl (int cnt) +{ + while (cnt-- > 0) + PrintEndl (); +} + + +void Beep () +{ + PrintChar (7); +} + + +void InitVideoMode () +{ + if (ScreenOutputDisabled) + return; + + __asm + { + // Text mode 80x25 + mov ax, 3 + int 0x10 + + // Page 0 + mov ax, 0x500 + int 0x10 + } +} + + +void ClearScreen () +{ + if (ScreenOutputDisabled) + return; + + __asm + { + // White text on black + mov bh, 7 + xor cx, cx + mov dx, 0x184f + mov ax, 0x600 + int 0x10 + + // Cursor at 0,0 + xor bh, bh + xor dx, dx + mov ah, 2 + int 0x10 + } +} + + +void PrintBackspace () +{ + PrintChar (TC_BIOS_CHAR_BACKSPACE); + PrintCharAtCursor (' '); +} + + +void PrintError (const char *message) +{ + Print (TC_BOOT_STR_ERROR); + Print (message); + PrintEndl(); + Beep(); +} + + +void PrintErrorNoEndl (const char *message) +{ + Print (TC_BOOT_STR_ERROR); + Print (message); + Beep(); +} + + +byte GetShiftFlags () +{ + byte flags; + __asm + { + mov ah, 2 + int 0x16 + mov flags, al + } + + return flags; +} + + +byte GetKeyboardChar () +{ + return GetKeyboardChar (nullptr); +} + + +byte GetKeyboardChar (byte *scanCode) +{ + // Work around potential BIOS bugs (Windows boot manager polls the keystroke buffer) + while (!IsKeyboardCharAvailable()); + + byte asciiCode; + byte scan; + __asm + { + mov ah, 0 + int 0x16 + mov asciiCode, al + mov scan, ah + } + + if (scanCode) + *scanCode = scan; + + return asciiCode; +} + + +bool IsKeyboardCharAvailable () +{ + bool available = false; + __asm + { + mov ah, 1 + int 0x16 + jz not_avail + mov available, true + not_avail: + } + + return available; +} + + +bool EscKeyPressed () +{ + if (IsKeyboardCharAvailable ()) + { + byte keyScanCode; + GetKeyboardChar (&keyScanCode); + return keyScanCode == TC_BIOS_KEY_ESC; + } + + return false; +} + + +void ClearBiosKeystrokeBuffer () +{ + __asm + { + push es + xor ax, ax + mov es, ax + mov di, 0x41e + mov cx, 32 + cld + rep stosb + pop es + } +} + + +bool IsPrintable (char c) +{ + return c >= ' ' && c <= '~'; +} + +bool IsDigit (char c) +{ + return c >= '0' && c <= '9'; +} + + +int GetString (char *buffer, size_t bufferSize) +{ + byte c; + byte scanCode; + size_t pos = 0; + + while (pos < bufferSize) + { + c = GetKeyboardChar (&scanCode); + + if (scanCode == TC_BIOS_KEY_ENTER) + break; + + if (scanCode == TC_BIOS_KEY_ESC) + return 0; + + buffer[pos++] = c; + PrintChar (IsPrintable (c) ? c : ' '); + } + + return pos; +} diff --git a/src/Boot/Windows/BootConsoleIo.h b/src/Boot/Windows/BootConsoleIo.h index 6af75c05..b95036d5 100644 --- a/src/Boot/Windows/BootConsoleIo.h +++ b/src/Boot/Windows/BootConsoleIo.h @@ -1,72 +1,72 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Boot_BootConsoleIo -#define TC_HEADER_Boot_BootConsoleIo - -#include "Platform.h" - -#define TC_DEBUG_PORT 0 - -#define TC_BIOS_KEY_ESC 1 -#define TC_BIOS_KEY_BACKSPACE 14 -#define TC_BIOS_KEY_ENTER 28 -#define TC_BIOS_KEY_F1 0x3b -#define TC_BIOS_KEY_F2 0x3c -#define TC_BIOS_KEY_F3 0x3d -#define TC_BIOS_KEY_F4 0x3e -#define TC_BIOS_KEY_F5 0x3f -#define TC_BIOS_KEY_F6 0x40 -#define TC_BIOS_KEY_F7 0x41 -#define TC_BIOS_KEY_F8 0x42 -#define TC_BIOS_KEY_F9 0x43 -#define TC_BIOS_KEY_F10 0x44 - -#define TC_BIOS_SHIFTMASK_CAPSLOCK (1 << 6) -#define TC_BIOS_SHIFTMASK_LSHIFT (1 << 1) -#define TC_BIOS_SHIFTMASK_RSHIFT (1 << 0) - -#define TC_BIOS_CHAR_BACKSPACE 8 - -#define TC_BIOS_MAX_CHARS_PER_LINE 80 - -void Beep (); -void ClearBiosKeystrokeBuffer (); -void ClearScreen (); -void DisableScreenOutput (); -void EnableScreenOutput (); -bool EscKeyPressed (); -byte GetKeyboardChar (); -byte GetKeyboardChar (byte *scanCode); -byte GetShiftFlags (); -int GetString (char *buffer, size_t bufferSize); -void InitVideoMode (); -bool IsKeyboardCharAvailable (); -bool IsPrintable (char c); -bool IsDigit (char c); -void Print (const char *str); -void Print (uint32 number); -void Print (const uint64 &number); -void PrintBackspace (); -void PrintChar (char c); -void PrintCharAtCursor (char c); -void PrintEndl (); -void PrintEndl (int cnt); -void PrintRepeatedChar (char c, int n); -void PrintError (const char *message); -void PrintErrorNoEndl (const char *message); -void PrintHex (byte b); -void PrintHex (uint16 data); -void PrintHex (uint32 data); -void PrintHex (const uint64 &data); - -#endif // TC_HEADER_Boot_BootConsoleIo +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Boot_BootConsoleIo +#define TC_HEADER_Boot_BootConsoleIo + +#include "Platform.h" + +#define TC_DEBUG_PORT 0 + +#define TC_BIOS_KEY_ESC 1 +#define TC_BIOS_KEY_BACKSPACE 14 +#define TC_BIOS_KEY_ENTER 28 +#define TC_BIOS_KEY_F1 0x3b +#define TC_BIOS_KEY_F2 0x3c +#define TC_BIOS_KEY_F3 0x3d +#define TC_BIOS_KEY_F4 0x3e +#define TC_BIOS_KEY_F5 0x3f +#define TC_BIOS_KEY_F6 0x40 +#define TC_BIOS_KEY_F7 0x41 +#define TC_BIOS_KEY_F8 0x42 +#define TC_BIOS_KEY_F9 0x43 +#define TC_BIOS_KEY_F10 0x44 + +#define TC_BIOS_SHIFTMASK_CAPSLOCK (1 << 6) +#define TC_BIOS_SHIFTMASK_LSHIFT (1 << 1) +#define TC_BIOS_SHIFTMASK_RSHIFT (1 << 0) + +#define TC_BIOS_CHAR_BACKSPACE 8 + +#define TC_BIOS_MAX_CHARS_PER_LINE 80 + +void Beep (); +void ClearBiosKeystrokeBuffer (); +void ClearScreen (); +void DisableScreenOutput (); +void EnableScreenOutput (); +bool EscKeyPressed (); +byte GetKeyboardChar (); +byte GetKeyboardChar (byte *scanCode); +byte GetShiftFlags (); +int GetString (char *buffer, size_t bufferSize); +void InitVideoMode (); +bool IsKeyboardCharAvailable (); +bool IsPrintable (char c); +bool IsDigit (char c); +void Print (const char *str); +void Print (uint32 number); +void Print (const uint64 &number); +void PrintBackspace (); +void PrintChar (char c); +void PrintCharAtCursor (char c); +void PrintEndl (); +void PrintEndl (int cnt); +void PrintRepeatedChar (char c, int n); +void PrintError (const char *message); +void PrintErrorNoEndl (const char *message); +void PrintHex (byte b); +void PrintHex (uint16 data); +void PrintHex (uint32 data); +void PrintHex (const uint64 &data); + +#endif // TC_HEADER_Boot_BootConsoleIo diff --git a/src/Boot/Windows/BootCrt.asm b/src/Boot/Windows/BootCrt.asm index e309fcb0..fd2c2ef0 100644 --- a/src/Boot/Windows/BootCrt.asm +++ b/src/Boot/Windows/BootCrt.asm @@ -1,27 +1,27 @@ -; -; Derived from source code of TrueCrypt 7.1a, which is -; Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed -; by the TrueCrypt License 3.0. -; -; Modifications and additions to the original source code (contained in this file) -; and all other portions of this file are Copyright (c) 2013-2016 IDRIX -; and are governed by the Apache License 2.0 the full text of which is -; contained in the file License.txt included in VeraCrypt binary and source -; code distribution packages. -; - -.MODEL tiny, C -.386 - -INCLUDE BootDefs.i - -EXTERNDEF main:NEAR - -_TEXT SEGMENT -ORG TC_COM_EXECUTABLE_OFFSET - -start: - jmp main - -_TEXT ENDS -END start +; +; Derived from source code of TrueCrypt 7.1a, which is +; Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed +; by the TrueCrypt License 3.0. +; +; Modifications and additions to the original source code (contained in this file) +; and all other portions of this file are Copyright (c) 2013-2016 IDRIX +; and are governed by the Apache License 2.0 the full text of which is +; contained in the file License.txt included in VeraCrypt binary and source +; code distribution packages. +; + +.MODEL tiny, C +.386 + +INCLUDE BootDefs.i + +EXTERNDEF main:NEAR + +_TEXT SEGMENT +ORG TC_COM_EXECUTABLE_OFFSET + +start: + jmp main + +_TEXT ENDS +END start diff --git a/src/Boot/Windows/BootDebug.cpp b/src/Boot/Windows/BootDebug.cpp index 0f33ed5a..2c796437 100644 --- a/src/Boot/Windows/BootDebug.cpp +++ b/src/Boot/Windows/BootDebug.cpp @@ -1,181 +1,181 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Platform.h" -#include "Bios.h" -#include "BootConsoleIo.h" -#include "BootDefs.h" -#include "BootDiskIo.h" -#include "BootDebug.h" - - -#ifdef TC_BOOT_TRACING_ENABLED - -void InitDebugPort () -{ - __asm - { - mov dx, TC_DEBUG_PORT - mov ah, 1 - int 0x17 - mov dx, TC_DEBUG_PORT - mov ah, 0xe2 - int 0x17 - } -} - - -void WriteDebugPort (byte dataByte) -{ - __asm - { - mov al, dataByte - mov dx, TC_DEBUG_PORT - mov ah, 0 - int 0x17 - } -} - -#endif // TC_BOOT_TRACING_ENABLED - - -#ifdef TC_BOOT_DEBUG_ENABLED - -extern "C" void PrintDebug (uint32 debugVal) -{ - Print (debugVal); - PrintEndl(); -} - - -void PrintVal (const char *message, const uint32 value, bool newLine, bool hex) -{ - Print (message); - Print (": "); - - if (hex) - PrintHex (value); - else - Print (value); - - if (newLine) - PrintEndl(); -} - - -void PrintVal (const char *message, const uint64 &value, bool newLine, bool hex) -{ - Print (message); - Print (": "); - PrintHex (value); - if (newLine) - PrintEndl(); -} - - -void PrintHexDump (byte *mem, size_t size, uint16 *memSegment) -{ - const size_t width = 16; - for (size_t pos = 0; pos < size; ) - { - for (int pass = 1; pass <= 2; ++pass) - { - size_t i; - for (i = 0; i < width && pos < size; ++i) - { - byte dataByte; - if (memSegment) - { - __asm - { - push es - mov si, ss:memSegment - mov es, ss:[si] - mov si, ss:mem - add si, pos - mov al, es:[si] - mov dataByte, al - pop es - } - pos++; - } - else - dataByte = mem[pos++]; - - if (pass == 1) - { - PrintHex (dataByte); - PrintChar (' '); - } - else - PrintChar (IsPrintable (dataByte) ? dataByte : '.'); - } - - if (pass == 1) - { - pos -= i; - PrintChar (' '); - } - } - - PrintEndl (); - } -} - - -void PrintHexDump (uint16 memSegment, uint16 memOffset, size_t size) -{ - PrintHexDump ((byte *) memOffset, size, &memSegment); -} - -#endif // TC_BOOT_DEBUG_ENABLED - - -#ifdef TC_BOOT_STACK_CHECKING_ENABLED - -extern "C" char end[]; - -static void PrintStackInfo () -{ - uint16 spReg; - __asm mov spReg, sp - - Print ("Stack: "); Print (TC_BOOT_LOADER_STACK_TOP - spReg); - Print ("/"); Print (TC_BOOT_LOADER_STACK_TOP - (uint16) end); -} - - -void CheckStack () -{ - uint16 spReg; - __asm mov spReg, sp - - if (*(uint32 *) end != 0x12345678UL || spReg < (uint16) end) - { - __asm cli - __asm mov sp, TC_BOOT_LOADER_STACK_TOP - - PrintError ("Stack overflow"); - TC_THROW_FATAL_EXCEPTION; - } -} - - -void InitStackChecker () -{ - *(uint32 *) end = 0x12345678UL; - - PrintStackInfo(); - PrintEndl(); -} - -#endif // TC_BOOT_STACK_CHECKING_ENABLED +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Platform.h" +#include "Bios.h" +#include "BootConsoleIo.h" +#include "BootDefs.h" +#include "BootDiskIo.h" +#include "BootDebug.h" + + +#ifdef TC_BOOT_TRACING_ENABLED + +void InitDebugPort () +{ + __asm + { + mov dx, TC_DEBUG_PORT + mov ah, 1 + int 0x17 + mov dx, TC_DEBUG_PORT + mov ah, 0xe2 + int 0x17 + } +} + + +void WriteDebugPort (byte dataByte) +{ + __asm + { + mov al, dataByte + mov dx, TC_DEBUG_PORT + mov ah, 0 + int 0x17 + } +} + +#endif // TC_BOOT_TRACING_ENABLED + + +#ifdef TC_BOOT_DEBUG_ENABLED + +extern "C" void PrintDebug (uint32 debugVal) +{ + Print (debugVal); + PrintEndl(); +} + + +void PrintVal (const char *message, const uint32 value, bool newLine, bool hex) +{ + Print (message); + Print (": "); + + if (hex) + PrintHex (value); + else + Print (value); + + if (newLine) + PrintEndl(); +} + + +void PrintVal (const char *message, const uint64 &value, bool newLine, bool hex) +{ + Print (message); + Print (": "); + PrintHex (value); + if (newLine) + PrintEndl(); +} + + +void PrintHexDump (byte *mem, size_t size, uint16 *memSegment) +{ + const size_t width = 16; + for (size_t pos = 0; pos < size; ) + { + for (int pass = 1; pass <= 2; ++pass) + { + size_t i; + for (i = 0; i < width && pos < size; ++i) + { + byte dataByte; + if (memSegment) + { + __asm + { + push es + mov si, ss:memSegment + mov es, ss:[si] + mov si, ss:mem + add si, pos + mov al, es:[si] + mov dataByte, al + pop es + } + pos++; + } + else + dataByte = mem[pos++]; + + if (pass == 1) + { + PrintHex (dataByte); + PrintChar (' '); + } + else + PrintChar (IsPrintable (dataByte) ? dataByte : '.'); + } + + if (pass == 1) + { + pos -= i; + PrintChar (' '); + } + } + + PrintEndl (); + } +} + + +void PrintHexDump (uint16 memSegment, uint16 memOffset, size_t size) +{ + PrintHexDump ((byte *) memOffset, size, &memSegment); +} + +#endif // TC_BOOT_DEBUG_ENABLED + + +#ifdef TC_BOOT_STACK_CHECKING_ENABLED + +extern "C" char end[]; + +static void PrintStackInfo () +{ + uint16 spReg; + __asm mov spReg, sp + + Print ("Stack: "); Print (TC_BOOT_LOADER_STACK_TOP - spReg); + Print ("/"); Print (TC_BOOT_LOADER_STACK_TOP - (uint16) end); +} + + +void CheckStack () +{ + uint16 spReg; + __asm mov spReg, sp + + if (*(uint32 *) end != 0x12345678UL || spReg < (uint16) end) + { + __asm cli + __asm mov sp, TC_BOOT_LOADER_STACK_TOP + + PrintError ("Stack overflow"); + TC_THROW_FATAL_EXCEPTION; + } +} + + +void InitStackChecker () +{ + *(uint32 *) end = 0x12345678UL; + + PrintStackInfo(); + PrintEndl(); +} + +#endif // TC_BOOT_STACK_CHECKING_ENABLED diff --git a/src/Boot/Windows/BootDebug.h b/src/Boot/Windows/BootDebug.h index 138dcf62..a10c7fec 100644 --- a/src/Boot/Windows/BootDebug.h +++ b/src/Boot/Windows/BootDebug.h @@ -1,60 +1,60 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Boot_BootDebug -#define TC_HEADER_Boot_BootDebug - -#include "Platform.h" -#include "BootConsoleIo.h" - -#if 0 -# define TC_BOOT_DEBUG_ENABLED -#endif - -#if 0 || defined (TC_BOOT_DEBUG_ENABLED) -# define TC_BOOT_STACK_CHECKING_ENABLED - extern "C" void CheckStack (); -#else -# define CheckStack() -#endif - -#if 0 -# define TC_BOOT_TRACING_ENABLED -# if 1 -# define TC_TRACE_INT13 -# endif -# if 0 -# define TC_TRACE_INT15 -# endif -#endif - -#ifdef TC_BOOT_DEBUG_ENABLED -# define trace_point do { Print(__FILE__); PrintChar (':'); Print (TC_TO_STRING (__LINE__)); PrintEndl(); } while (false) -# define trace_val(VAL) PrintVal (#VAL, VAL); -# define trace_hex(VAL) do { Print (#VAL), PrintChar (':'); PrintHex (VAL); PrintEndl(); } while (false) -# define assert(COND) do { if (!(COND)) { trace_point; __asm jmp $ } } while (false) -#else -# define trace_point -# define trace_val(VAL) -# define trace_hex(VAL) -# define assert(COND) -#endif - -void InitDebugPort (); -void InitStackChecker (); -void WriteDebugPort (byte dataByte); -void PrintHexDump (byte *mem, size_t size, uint16 *memSegment = nullptr); -void PrintHexDump (uint16 memSegment, uint16 memOffset, size_t size); -void PrintVal (const char *message, const uint32 value, bool newLine = true, bool hex = false); -void PrintVal (const char *message, const uint64 &value, bool newLine = true, bool hex = false); - -#endif // TC_HEADER_Boot_BootDebug +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Boot_BootDebug +#define TC_HEADER_Boot_BootDebug + +#include "Platform.h" +#include "BootConsoleIo.h" + +#if 0 +# define TC_BOOT_DEBUG_ENABLED +#endif + +#if 0 || defined (TC_BOOT_DEBUG_ENABLED) +# define TC_BOOT_STACK_CHECKING_ENABLED + extern "C" void CheckStack (); +#else +# define CheckStack() +#endif + +#if 0 +# define TC_BOOT_TRACING_ENABLED +# if 1 +# define TC_TRACE_INT13 +# endif +# if 0 +# define TC_TRACE_INT15 +# endif +#endif + +#ifdef TC_BOOT_DEBUG_ENABLED +# define trace_point do { Print(__FILE__); PrintChar (':'); Print (TC_TO_STRING (__LINE__)); PrintEndl(); } while (false) +# define trace_val(VAL) PrintVal (#VAL, VAL); +# define trace_hex(VAL) do { Print (#VAL), PrintChar (':'); PrintHex (VAL); PrintEndl(); } while (false) +# define assert(COND) do { if (!(COND)) { trace_point; __asm jmp $ } } while (false) +#else +# define trace_point +# define trace_val(VAL) +# define trace_hex(VAL) +# define assert(COND) +#endif + +void InitDebugPort (); +void InitStackChecker (); +void WriteDebugPort (byte dataByte); +void PrintHexDump (byte *mem, size_t size, uint16 *memSegment = nullptr); +void PrintHexDump (uint16 memSegment, uint16 memOffset, size_t size); +void PrintVal (const char *message, const uint32 value, bool newLine = true, bool hex = false); +void PrintVal (const char *message, const uint64 &value, bool newLine = true, bool hex = false); + +#endif // TC_HEADER_Boot_BootDebug diff --git a/src/Boot/Windows/BootDefs.h b/src/Boot/Windows/BootDefs.h index 69c57dbc..2e69d5a3 100644 --- a/src/Boot/Windows/BootDefs.h +++ b/src/Boot/Windows/BootDefs.h @@ -1,199 +1,199 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Boot_BootDefs -#define TC_HEADER_Boot_BootDefs - -// Total memory required (CODE + DATA + BSS + STACK + 0x100) in KBytes - determined from linker map. -#define TC__BOOT_MEMORY_REQUIRED 43 - -#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE -# undef TC__BOOT_MEMORY_REQUIRED - -# ifdef TC_WINDOWS_BOOT_AES -# ifdef TC_WINDOWS_BOOT_RESCUE_DISK_MODE -# define TC__BOOT_MEMORY_REQUIRED 31 -# else -# define TC__BOOT_MEMORY_REQUIRED 29 -# endif -# elif defined (TC_WINDOWS_BOOT_SERPENT) -# define TC__BOOT_MEMORY_REQUIRED 33 -# elif defined (TC_WINDOWS_BOOT_TWOFISH) -# define TC__BOOT_MEMORY_REQUIRED 41 -# endif - -#if 0 -# undef TC__BOOT_MEMORY_REQUIRED -# define TC__BOOT_MEMORY_REQUIRED 60 -#endif - -#endif - -// Modifying this value can introduce incompatibility with previous versions -#define TC__BOOT_LOADER_SEGMENT TC_HEX (9000) // Some buggy BIOS routines fail if CS bits 0-10 are not zero - -#if TC__BOOT_MEMORY_REQUIRED <= 32 -# define TC__BOOT_LOADER_SEGMENT_LOW (TC__BOOT_LOADER_SEGMENT - 32 * 1024 / 16) -#else -# define TC__BOOT_LOADER_SEGMENT_LOW (TC__BOOT_LOADER_SEGMENT - 64 * 1024 / 16) -#endif - -#define TC__COM_EXECUTABLE_OFFSET TC_HEX (100) - -#define TC__BOOT_LOADER_LOWMEM_SEGMENT TC_HEX (2000) -#define TC__BOOT_LOADER_BUFFER_SEGMENT TC_HEX (4000) -#define TC__BOOT_LOADER_ALT_SEGMENT TC_HEX (6000) - -#define TC__BOOT_LOADER_STACK_TOP (TC_BOOT_MEMORY_REQUIRED * TC_UNSIGNED (1024) - 4) - -#define TC__LB_SIZE 512 -#define TC__BOOT_LOADER_AREA_SECTOR_COUNT 63 - -#define TC__BOOT_SECTOR_VERSION_OFFSET 430 -#define TC__BOOT_SECTOR_LOADER_LENGTH_OFFSET 432 -#define TC__BOOT_SECTOR_LOADER_CHECKSUM_OFFSET 434 -#define TC__BOOT_SECTOR_USER_CONFIG_OFFSET 438 -#define TC__BOOT_SECTOR_CONFIG_OFFSET 439 // The last byte that is reserved for the boot loader - -#define TC__BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH 24 -#define TC__BOOT_SECTOR_USER_MESSAGE_OFFSET (TC__BOOT_SECTOR_VERSION_OFFSET - TC__BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH) - -#define TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE 4 -#define TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET (TC__BOOT_SECTOR_USER_MESSAGE_OFFSET - TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE) - -#define TC__BOOT_SECTOR_PIM_VALUE_SIZE 2 -#define TC__BOOT_SECTOR_PIM_VALUE_OFFSET (TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET - TC__BOOT_SECTOR_PIM_VALUE_SIZE) - -#define TC__BOOT_LOADER_DECOMPRESSOR_START_SECTOR 2 -#define TC__BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT 4 -#define TC__BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE 32768 -#define TC__BOOT_LOADER_COMPRESSED_BUFFER_OFFSET (TC_COM_EXECUTABLE_OFFSET + 3072) - -#define TC__BOOT_LOADER_START_SECTOR (TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR + TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT) -#define TC__MAX_BOOT_LOADER_SECTOR_COUNT (TC_BOOT_LOADER_AREA_SECTOR_COUNT - TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT - 2) -#define TC__MAX_BOOT_LOADER_DECOMPRESSED_SIZE ((TC_BOOT_LOADER_AREA_SECTOR_COUNT - 2) * TC_LB_SIZE) - -#define TC__BOOT_LOADER_BACKUP_SECTOR_COUNT 30 - -#define TC__GZIP_HEADER_SIZE 10 - -#define TC__BOOT_CFG_FLAG_AREA_SIZE 1 // In bytes - -// If you add more flags, revise TC__BOOT_CFG_FLAG_AREA_SIZE -#define TC__BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE TC_HEX (02) -#define TC__BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER TC_HEX (04) -#define TC__BOOT_CFG_FLAG_RESCUE_DISABLE_HW_ENCRYPTION TC_HEX (10) -#define TC__BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER TC_HEX (20) -#define TC__BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE (TC_HEX (40) + TC_HEX (80)) - -// Modifying the following values can introduce incompatibility with previous versions -#define TC__BOOT_USER_CFG_FLAG_SILENT_MODE TC_HEX (01) -#define TC__BOOT_USER_CFG_FLAG_DISABLE_ESC TC_HEX (02) -#define TC__BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION TC_HEX (04) -#define TC__BOOT_USER_CFG_FLAG_DISABLE_PIM TC_HEX (08) - -// The following items are treated as a 2-bit value (apply TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE to obtain the value) -#define TC__HIDDEN_OS_CREATION_PHASE_NONE 0 -#define TC__HIDDEN_OS_CREATION_PHASE_CLONING TC_HEX (40) // The boot loader is to copy the content of the system partition to the hidden volume -#define TC__HIDDEN_OS_CREATION_PHASE_WIPING TC_HEX (80) // The boot loader has successfully copied the content of the system partition to the hidden volume. The original OS is to be wiped now. -#define TC__HIDDEN_OS_CREATION_PHASE_WIPED (TC_HEX (40) + TC_HEX (80)) // The original OS has been wiped. The user is required to install a new OS (decoy OS) on the system partition now. - - -#ifdef TC_ASM_PREPROCESS - -#define TC_HEX(N) 0##N##h -#define TC_UNSIGNED(N) N - -TC_BOOT_MEMORY_REQUIRED = TC__BOOT_MEMORY_REQUIRED -TC_BOOT_LOADER_SEGMENT = TC__BOOT_LOADER_SEGMENT -TC_BOOT_LOADER_SEGMENT_LOW = TC__BOOT_LOADER_SEGMENT_LOW -TC_COM_EXECUTABLE_OFFSET = TC__COM_EXECUTABLE_OFFSET -TC_BOOT_LOADER_LOWMEM_SEGMENT = TC__BOOT_LOADER_LOWMEM_SEGMENT -TC_BOOT_LOADER_BUFFER_SEGMENT = TC__BOOT_LOADER_BUFFER_SEGMENT -TC_BOOT_LOADER_ALT_SEGMENT = TC__BOOT_LOADER_ALT_SEGMENT -TC_BOOT_LOADER_STACK_TOP = TC__BOOT_LOADER_STACK_TOP -TC_LB_SIZE = TC__LB_SIZE -TC_BOOT_LOADER_AREA_SECTOR_COUNT = TC__BOOT_LOADER_AREA_SECTOR_COUNT -TC_BOOT_SECTOR_LOADER_LENGTH_OFFSET = TC__BOOT_SECTOR_LOADER_LENGTH_OFFSET -TC_BOOT_SECTOR_LOADER_CHECKSUM_OFFSET = TC__BOOT_SECTOR_LOADER_CHECKSUM_OFFSET -TC_BOOT_SECTOR_CONFIG_OFFSET = TC__BOOT_SECTOR_CONFIG_OFFSET -TC_BOOT_SECTOR_USER_CONFIG_OFFSET = TC__BOOT_SECTOR_USER_CONFIG_OFFSET -TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR = TC__BOOT_LOADER_DECOMPRESSOR_START_SECTOR -TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT = TC__BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT -TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE = TC__BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE -TC_BOOT_LOADER_COMPRESSED_BUFFER_OFFSET = TC__BOOT_LOADER_COMPRESSED_BUFFER_OFFSET -TC_BOOT_LOADER_START_SECTOR = TC__BOOT_LOADER_START_SECTOR -TC_MAX_BOOT_LOADER_SECTOR_COUNT = TC__MAX_BOOT_LOADER_SECTOR_COUNT -TC_MAX_BOOT_LOADER_DECOMPRESSED_SIZE = TC__MAX_BOOT_LOADER_DECOMPRESSED_SIZE -TC_BOOT_LOADER_BACKUP_SECTOR_COUNT = TC__BOOT_LOADER_BACKUP_SECTOR_COUNT -TC_GZIP_HEADER_SIZE = TC__GZIP_HEADER_SIZE -TC_BOOT_CFG_FLAG_AREA_SIZE = TC__BOOT_CFG_FLAG_AREA_SIZE -TC_BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE = TC__BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE -TC_BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER = TC__BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER -TC_BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER = TC__BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER -TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE = TC__BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE -TC_BOOT_USER_CFG_FLAG_SILENT_MODE = TC__BOOT_USER_CFG_FLAG_SILENT_MODE -TC_HIDDEN_OS_CREATION_PHASE_NONE = TC__HIDDEN_OS_CREATION_PHASE_NONE -TC_HIDDEN_OS_CREATION_PHASE_CLONING = TC__HIDDEN_OS_CREATION_PHASE_CLONING -TC_HIDDEN_OS_CREATION_PHASE_WIPING = TC__HIDDEN_OS_CREATION_PHASE_WIPING -TC_HIDDEN_OS_CREATION_PHASE_WIPED = TC__HIDDEN_OS_CREATION_PHASE_WIPED - -#else // TC_ASM_PREPROCESS - -#define TC_HEX(N) 0x##N -#define TC_UNSIGNED(N) N##U - -#define TC_BOOT_MEMORY_REQUIRED TC__BOOT_MEMORY_REQUIRED -#define TC_BOOT_LOADER_SEGMENT TC__BOOT_LOADER_SEGMENT -#define TC_COM_EXECUTABLE_OFFSET TC__COM_EXECUTABLE_OFFSET -#define TC_BOOT_LOADER_LOWMEM_SEGMENT TC__BOOT_LOADER_LOWMEM_SEGMENT -#define TC_BOOT_LOADER_BUFFER_SEGMENT TC__BOOT_LOADER_BUFFER_SEGMENT -#define TC_BOOT_LOADER_ALT_SEGMENT TC__BOOT_LOADER_ALT_SEGMENT -#define TC_BOOT_LOADER_STACK_TOP (TC__BOOT_LOADER_STACK_TOP) -#define TC_BOOT_LOADER_AREA_SECTOR_COUNT TC__BOOT_LOADER_AREA_SECTOR_COUNT -#define TC_BOOT_SECTOR_USER_MESSAGE_OFFSET TC__BOOT_SECTOR_USER_MESSAGE_OFFSET -#define TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE -#define TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET -#define TC_BOOT_SECTOR_PIM_VALUE_SIZE TC__BOOT_SECTOR_PIM_VALUE_SIZE -#define TC_BOOT_SECTOR_PIM_VALUE_OFFSET TC__BOOT_SECTOR_PIM_VALUE_OFFSET -#define TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH TC__BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH -#define TC_BOOT_SECTOR_VERSION_OFFSET TC__BOOT_SECTOR_VERSION_OFFSET -#define TC_BOOT_SECTOR_LOADER_LENGTH_OFFSET TC__BOOT_SECTOR_LOADER_LENGTH_OFFSET -#define TC_BOOT_SECTOR_LOADER_CHECKSUM_OFFSET TC__BOOT_SECTOR_LOADER_CHECKSUM_OFFSET -#define TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR TC__BOOT_LOADER_DECOMPRESSOR_START_SECTOR -#define TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT TC__BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT -#define TC_BOOT_SECTOR_CONFIG_OFFSET TC__BOOT_SECTOR_CONFIG_OFFSET -#define TC_BOOT_SECTOR_USER_CONFIG_OFFSET TC__BOOT_SECTOR_USER_CONFIG_OFFSET -#define TC_BOOT_LOADER_START_SECTOR TC__BOOT_LOADER_START_SECTOR -#define TC_LB_SIZE TC__LB_SIZE -#define TC_MAX_BOOT_LOADER_SECTOR_COUNT TC__MAX_BOOT_LOADER_SECTOR_COUNT -#define TC_MAX_BOOT_LOADER_DECOMPRESSED_SIZE TC__MAX_BOOT_LOADER_DECOMPRESSED_SIZE -#define TC_BOOT_LOADER_BACKUP_SECTOR_COUNT TC__BOOT_LOADER_BACKUP_SECTOR_COUNT -#define TC_GZIP_HEADER_SIZE TC__GZIP_HEADER_SIZE -#define TC_BOOT_CFG_FLAG_AREA_SIZE TC__BOOT_CFG_FLAG_AREA_SIZE -#define TC_BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE TC__BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE -#define TC_BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER TC__BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER -#define TC_BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER TC__BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER -#define TC_BOOT_CFG_FLAG_RESCUE_DISABLE_HW_ENCRYPTION TC__BOOT_CFG_FLAG_RESCUE_DISABLE_HW_ENCRYPTION -#define TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE TC__BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE -#define TC_BOOT_USER_CFG_FLAG_SILENT_MODE TC__BOOT_USER_CFG_FLAG_SILENT_MODE -#define TC_BOOT_USER_CFG_FLAG_DISABLE_ESC TC__BOOT_USER_CFG_FLAG_DISABLE_ESC -#define TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION TC__BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION -#define TC_BOOT_USER_CFG_FLAG_DISABLE_PIM TC__BOOT_USER_CFG_FLAG_DISABLE_PIM -#define TC_HIDDEN_OS_CREATION_PHASE_NONE TC__HIDDEN_OS_CREATION_PHASE_NONE -#define TC_HIDDEN_OS_CREATION_PHASE_CLONING TC__HIDDEN_OS_CREATION_PHASE_CLONING -#define TC_HIDDEN_OS_CREATION_PHASE_WIPING TC__HIDDEN_OS_CREATION_PHASE_WIPING -#define TC_HIDDEN_OS_CREATION_PHASE_WIPED TC__HIDDEN_OS_CREATION_PHASE_WIPED - -#endif // TC_ASM_PREPROCESS - -#endif // TC_HEADER_Boot_BootDefs +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Boot_BootDefs +#define TC_HEADER_Boot_BootDefs + +// Total memory required (CODE + DATA + BSS + STACK + 0x100) in KBytes - determined from linker map. +#define TC__BOOT_MEMORY_REQUIRED 43 + +#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE +# undef TC__BOOT_MEMORY_REQUIRED + +# ifdef TC_WINDOWS_BOOT_AES +# ifdef TC_WINDOWS_BOOT_RESCUE_DISK_MODE +# define TC__BOOT_MEMORY_REQUIRED 31 +# else +# define TC__BOOT_MEMORY_REQUIRED 29 +# endif +# elif defined (TC_WINDOWS_BOOT_SERPENT) +# define TC__BOOT_MEMORY_REQUIRED 33 +# elif defined (TC_WINDOWS_BOOT_TWOFISH) +# define TC__BOOT_MEMORY_REQUIRED 41 +# endif + +#if 0 +# undef TC__BOOT_MEMORY_REQUIRED +# define TC__BOOT_MEMORY_REQUIRED 60 +#endif + +#endif + +// Modifying this value can introduce incompatibility with previous versions +#define TC__BOOT_LOADER_SEGMENT TC_HEX (9000) // Some buggy BIOS routines fail if CS bits 0-10 are not zero + +#if TC__BOOT_MEMORY_REQUIRED <= 32 +# define TC__BOOT_LOADER_SEGMENT_LOW (TC__BOOT_LOADER_SEGMENT - 32 * 1024 / 16) +#else +# define TC__BOOT_LOADER_SEGMENT_LOW (TC__BOOT_LOADER_SEGMENT - 64 * 1024 / 16) +#endif + +#define TC__COM_EXECUTABLE_OFFSET TC_HEX (100) + +#define TC__BOOT_LOADER_LOWMEM_SEGMENT TC_HEX (2000) +#define TC__BOOT_LOADER_BUFFER_SEGMENT TC_HEX (4000) +#define TC__BOOT_LOADER_ALT_SEGMENT TC_HEX (6000) + +#define TC__BOOT_LOADER_STACK_TOP (TC_BOOT_MEMORY_REQUIRED * TC_UNSIGNED (1024) - 4) + +#define TC__LB_SIZE 512 +#define TC__BOOT_LOADER_AREA_SECTOR_COUNT 63 + +#define TC__BOOT_SECTOR_VERSION_OFFSET 430 +#define TC__BOOT_SECTOR_LOADER_LENGTH_OFFSET 432 +#define TC__BOOT_SECTOR_LOADER_CHECKSUM_OFFSET 434 +#define TC__BOOT_SECTOR_USER_CONFIG_OFFSET 438 +#define TC__BOOT_SECTOR_CONFIG_OFFSET 439 // The last byte that is reserved for the boot loader + +#define TC__BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH 24 +#define TC__BOOT_SECTOR_USER_MESSAGE_OFFSET (TC__BOOT_SECTOR_VERSION_OFFSET - TC__BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH) + +#define TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE 4 +#define TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET (TC__BOOT_SECTOR_USER_MESSAGE_OFFSET - TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE) + +#define TC__BOOT_SECTOR_PIM_VALUE_SIZE 2 +#define TC__BOOT_SECTOR_PIM_VALUE_OFFSET (TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET - TC__BOOT_SECTOR_PIM_VALUE_SIZE) + +#define TC__BOOT_LOADER_DECOMPRESSOR_START_SECTOR 2 +#define TC__BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT 4 +#define TC__BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE 32768 +#define TC__BOOT_LOADER_COMPRESSED_BUFFER_OFFSET (TC_COM_EXECUTABLE_OFFSET + 3072) + +#define TC__BOOT_LOADER_START_SECTOR (TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR + TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT) +#define TC__MAX_BOOT_LOADER_SECTOR_COUNT (TC_BOOT_LOADER_AREA_SECTOR_COUNT - TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT - 2) +#define TC__MAX_BOOT_LOADER_DECOMPRESSED_SIZE ((TC_BOOT_LOADER_AREA_SECTOR_COUNT - 2) * TC_LB_SIZE) + +#define TC__BOOT_LOADER_BACKUP_SECTOR_COUNT 30 + +#define TC__GZIP_HEADER_SIZE 10 + +#define TC__BOOT_CFG_FLAG_AREA_SIZE 1 // In bytes + +// If you add more flags, revise TC__BOOT_CFG_FLAG_AREA_SIZE +#define TC__BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE TC_HEX (02) +#define TC__BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER TC_HEX (04) +#define TC__BOOT_CFG_FLAG_RESCUE_DISABLE_HW_ENCRYPTION TC_HEX (10) +#define TC__BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER TC_HEX (20) +#define TC__BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE (TC_HEX (40) + TC_HEX (80)) + +// Modifying the following values can introduce incompatibility with previous versions +#define TC__BOOT_USER_CFG_FLAG_SILENT_MODE TC_HEX (01) +#define TC__BOOT_USER_CFG_FLAG_DISABLE_ESC TC_HEX (02) +#define TC__BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION TC_HEX (04) +#define TC__BOOT_USER_CFG_FLAG_DISABLE_PIM TC_HEX (08) + +// The following items are treated as a 2-bit value (apply TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE to obtain the value) +#define TC__HIDDEN_OS_CREATION_PHASE_NONE 0 +#define TC__HIDDEN_OS_CREATION_PHASE_CLONING TC_HEX (40) // The boot loader is to copy the content of the system partition to the hidden volume +#define TC__HIDDEN_OS_CREATION_PHASE_WIPING TC_HEX (80) // The boot loader has successfully copied the content of the system partition to the hidden volume. The original OS is to be wiped now. +#define TC__HIDDEN_OS_CREATION_PHASE_WIPED (TC_HEX (40) + TC_HEX (80)) // The original OS has been wiped. The user is required to install a new OS (decoy OS) on the system partition now. + + +#ifdef TC_ASM_PREPROCESS + +#define TC_HEX(N) 0##N##h +#define TC_UNSIGNED(N) N + +TC_BOOT_MEMORY_REQUIRED = TC__BOOT_MEMORY_REQUIRED +TC_BOOT_LOADER_SEGMENT = TC__BOOT_LOADER_SEGMENT +TC_BOOT_LOADER_SEGMENT_LOW = TC__BOOT_LOADER_SEGMENT_LOW +TC_COM_EXECUTABLE_OFFSET = TC__COM_EXECUTABLE_OFFSET +TC_BOOT_LOADER_LOWMEM_SEGMENT = TC__BOOT_LOADER_LOWMEM_SEGMENT +TC_BOOT_LOADER_BUFFER_SEGMENT = TC__BOOT_LOADER_BUFFER_SEGMENT +TC_BOOT_LOADER_ALT_SEGMENT = TC__BOOT_LOADER_ALT_SEGMENT +TC_BOOT_LOADER_STACK_TOP = TC__BOOT_LOADER_STACK_TOP +TC_LB_SIZE = TC__LB_SIZE +TC_BOOT_LOADER_AREA_SECTOR_COUNT = TC__BOOT_LOADER_AREA_SECTOR_COUNT +TC_BOOT_SECTOR_LOADER_LENGTH_OFFSET = TC__BOOT_SECTOR_LOADER_LENGTH_OFFSET +TC_BOOT_SECTOR_LOADER_CHECKSUM_OFFSET = TC__BOOT_SECTOR_LOADER_CHECKSUM_OFFSET +TC_BOOT_SECTOR_CONFIG_OFFSET = TC__BOOT_SECTOR_CONFIG_OFFSET +TC_BOOT_SECTOR_USER_CONFIG_OFFSET = TC__BOOT_SECTOR_USER_CONFIG_OFFSET +TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR = TC__BOOT_LOADER_DECOMPRESSOR_START_SECTOR +TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT = TC__BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT +TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE = TC__BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE +TC_BOOT_LOADER_COMPRESSED_BUFFER_OFFSET = TC__BOOT_LOADER_COMPRESSED_BUFFER_OFFSET +TC_BOOT_LOADER_START_SECTOR = TC__BOOT_LOADER_START_SECTOR +TC_MAX_BOOT_LOADER_SECTOR_COUNT = TC__MAX_BOOT_LOADER_SECTOR_COUNT +TC_MAX_BOOT_LOADER_DECOMPRESSED_SIZE = TC__MAX_BOOT_LOADER_DECOMPRESSED_SIZE +TC_BOOT_LOADER_BACKUP_SECTOR_COUNT = TC__BOOT_LOADER_BACKUP_SECTOR_COUNT +TC_GZIP_HEADER_SIZE = TC__GZIP_HEADER_SIZE +TC_BOOT_CFG_FLAG_AREA_SIZE = TC__BOOT_CFG_FLAG_AREA_SIZE +TC_BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE = TC__BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE +TC_BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER = TC__BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER +TC_BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER = TC__BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER +TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE = TC__BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE +TC_BOOT_USER_CFG_FLAG_SILENT_MODE = TC__BOOT_USER_CFG_FLAG_SILENT_MODE +TC_HIDDEN_OS_CREATION_PHASE_NONE = TC__HIDDEN_OS_CREATION_PHASE_NONE +TC_HIDDEN_OS_CREATION_PHASE_CLONING = TC__HIDDEN_OS_CREATION_PHASE_CLONING +TC_HIDDEN_OS_CREATION_PHASE_WIPING = TC__HIDDEN_OS_CREATION_PHASE_WIPING +TC_HIDDEN_OS_CREATION_PHASE_WIPED = TC__HIDDEN_OS_CREATION_PHASE_WIPED + +#else // TC_ASM_PREPROCESS + +#define TC_HEX(N) 0x##N +#define TC_UNSIGNED(N) N##U + +#define TC_BOOT_MEMORY_REQUIRED TC__BOOT_MEMORY_REQUIRED +#define TC_BOOT_LOADER_SEGMENT TC__BOOT_LOADER_SEGMENT +#define TC_COM_EXECUTABLE_OFFSET TC__COM_EXECUTABLE_OFFSET +#define TC_BOOT_LOADER_LOWMEM_SEGMENT TC__BOOT_LOADER_LOWMEM_SEGMENT +#define TC_BOOT_LOADER_BUFFER_SEGMENT TC__BOOT_LOADER_BUFFER_SEGMENT +#define TC_BOOT_LOADER_ALT_SEGMENT TC__BOOT_LOADER_ALT_SEGMENT +#define TC_BOOT_LOADER_STACK_TOP (TC__BOOT_LOADER_STACK_TOP) +#define TC_BOOT_LOADER_AREA_SECTOR_COUNT TC__BOOT_LOADER_AREA_SECTOR_COUNT +#define TC_BOOT_SECTOR_USER_MESSAGE_OFFSET TC__BOOT_SECTOR_USER_MESSAGE_OFFSET +#define TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE +#define TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET TC__BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET +#define TC_BOOT_SECTOR_PIM_VALUE_SIZE TC__BOOT_SECTOR_PIM_VALUE_SIZE +#define TC_BOOT_SECTOR_PIM_VALUE_OFFSET TC__BOOT_SECTOR_PIM_VALUE_OFFSET +#define TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH TC__BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH +#define TC_BOOT_SECTOR_VERSION_OFFSET TC__BOOT_SECTOR_VERSION_OFFSET +#define TC_BOOT_SECTOR_LOADER_LENGTH_OFFSET TC__BOOT_SECTOR_LOADER_LENGTH_OFFSET +#define TC_BOOT_SECTOR_LOADER_CHECKSUM_OFFSET TC__BOOT_SECTOR_LOADER_CHECKSUM_OFFSET +#define TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR TC__BOOT_LOADER_DECOMPRESSOR_START_SECTOR +#define TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT TC__BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT +#define TC_BOOT_SECTOR_CONFIG_OFFSET TC__BOOT_SECTOR_CONFIG_OFFSET +#define TC_BOOT_SECTOR_USER_CONFIG_OFFSET TC__BOOT_SECTOR_USER_CONFIG_OFFSET +#define TC_BOOT_LOADER_START_SECTOR TC__BOOT_LOADER_START_SECTOR +#define TC_LB_SIZE TC__LB_SIZE +#define TC_MAX_BOOT_LOADER_SECTOR_COUNT TC__MAX_BOOT_LOADER_SECTOR_COUNT +#define TC_MAX_BOOT_LOADER_DECOMPRESSED_SIZE TC__MAX_BOOT_LOADER_DECOMPRESSED_SIZE +#define TC_BOOT_LOADER_BACKUP_SECTOR_COUNT TC__BOOT_LOADER_BACKUP_SECTOR_COUNT +#define TC_GZIP_HEADER_SIZE TC__GZIP_HEADER_SIZE +#define TC_BOOT_CFG_FLAG_AREA_SIZE TC__BOOT_CFG_FLAG_AREA_SIZE +#define TC_BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE TC__BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE +#define TC_BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER TC__BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER +#define TC_BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER TC__BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER +#define TC_BOOT_CFG_FLAG_RESCUE_DISABLE_HW_ENCRYPTION TC__BOOT_CFG_FLAG_RESCUE_DISABLE_HW_ENCRYPTION +#define TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE TC__BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE +#define TC_BOOT_USER_CFG_FLAG_SILENT_MODE TC__BOOT_USER_CFG_FLAG_SILENT_MODE +#define TC_BOOT_USER_CFG_FLAG_DISABLE_ESC TC__BOOT_USER_CFG_FLAG_DISABLE_ESC +#define TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION TC__BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION +#define TC_BOOT_USER_CFG_FLAG_DISABLE_PIM TC__BOOT_USER_CFG_FLAG_DISABLE_PIM +#define TC_HIDDEN_OS_CREATION_PHASE_NONE TC__HIDDEN_OS_CREATION_PHASE_NONE +#define TC_HIDDEN_OS_CREATION_PHASE_CLONING TC__HIDDEN_OS_CREATION_PHASE_CLONING +#define TC_HIDDEN_OS_CREATION_PHASE_WIPING TC__HIDDEN_OS_CREATION_PHASE_WIPING +#define TC_HIDDEN_OS_CREATION_PHASE_WIPED TC__HIDDEN_OS_CREATION_PHASE_WIPED + +#endif // TC_ASM_PREPROCESS + +#endif // TC_HEADER_Boot_BootDefs diff --git a/src/Boot/Windows/BootDiskIo.cpp b/src/Boot/Windows/BootDiskIo.cpp index 31917a64..bf3fe9fc 100644 --- a/src/Boot/Windows/BootDiskIo.cpp +++ b/src/Boot/Windows/BootDiskIo.cpp @@ -1,491 +1,491 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Bios.h" -#include "BootConsoleIo.h" -#include "BootConfig.h" -#include "BootDebug.h" -#include "BootDefs.h" -#include "BootDiskIo.h" -#include "BootStrings.h" - - -byte SectorBuffer[TC_LB_SIZE]; - -#ifdef TC_BOOT_DEBUG_ENABLED -static bool SectorBufferInUse = false; - -void AcquireSectorBuffer () -{ - if (SectorBufferInUse) - TC_THROW_FATAL_EXCEPTION; - - SectorBufferInUse = true; -} - - -void ReleaseSectorBuffer () -{ - SectorBufferInUse = false; -} - -#endif - - -bool IsLbaSupported (byte drive) -{ - static byte CachedDrive = TC_INVALID_BIOS_DRIVE; - static bool CachedStatus; - uint16 result = 0; - - if (CachedDrive == drive) - goto ret; - - __asm - { - mov bx, 0x55aa - mov dl, drive - mov ah, 0x41 - int 0x13 - jc err - mov result, bx - err: - } - - CachedDrive = drive; - CachedStatus = (result == 0xaa55); -ret: - return CachedStatus; -} - - -void PrintDiskError (BiosResult error, bool write, byte drive, const uint64 *sector, const ChsAddress *chs) -{ - PrintEndl(); - Print (write ? "Write" : "Read"); Print (" error:"); - Print (error); - Print (" Drive:"); - Print (drive ^ 0x80); - - if (sector) - { - Print (" Sector:"); - Print (*sector); - } - - if (chs) - { - Print (" CHS:"); - Print (*chs); - } - - PrintEndl(); - Beep(); -} - - -void Print (const ChsAddress &chs) -{ - Print (chs.Cylinder); - PrintChar ('/'); - Print (chs.Head); - PrintChar ('/'); - Print (chs.Sector); -} - - -void PrintSectorCountInMB (const uint64 §orCount) -{ - Print (sectorCount >> (TC_LB_SIZE_BIT_SHIFT_DIVISOR + 2)); Print (" MB "); -} - - -BiosResult ReadWriteSectors (bool write, uint16 bufferSegment, uint16 bufferOffset, byte drive, const ChsAddress &chs, byte sectorCount, bool silent) -{ - CheckStack(); - - byte cylinderLow = (byte) chs.Cylinder; - byte sector = chs.Sector; - sector |= byte (chs.Cylinder >> 2) & 0xc0; - byte function = write ? 0x03 : 0x02; - - BiosResult result; - byte tryCount = TC_MAX_BIOS_DISK_IO_RETRIES; - - do - { - result = BiosResultSuccess; - - __asm - { - push es - mov ax, bufferSegment - mov es, ax - mov bx, bufferOffset - mov dl, drive - mov ch, cylinderLow - mov si, chs - mov dh, [si].Head - mov cl, sector - mov al, sectorCount - mov ah, function - int 0x13 - jnc ok // If CF=0, ignore AH to prevent issues caused by potential bugs in BIOSes - mov result, ah - ok: - pop es - } - - if (result == BiosResultEccCorrected) - result = BiosResultSuccess; - - // Some BIOSes report I/O errors prematurely in some cases - } while (result != BiosResultSuccess && --tryCount != 0); - - if (!silent && result != BiosResultSuccess) - PrintDiskError (result, write, drive, nullptr, &chs); - - return result; -} - - -BiosResult ReadWriteSectors (bool write, byte *buffer, byte drive, const ChsAddress &chs, byte sectorCount, bool silent) -{ - uint16 codeSeg; - __asm mov codeSeg, cs - return ReadWriteSectors (write, codeSeg, (uint16) buffer, drive, chs, sectorCount, silent); -} - - -BiosResult ReadSectors (byte *buffer, byte drive, const ChsAddress &chs, byte sectorCount, bool silent) -{ - return ReadWriteSectors (false, buffer, drive, chs, sectorCount, silent); -} - - -BiosResult WriteSectors (byte *buffer, byte drive, const ChsAddress &chs, byte sectorCount, bool silent) -{ - return ReadWriteSectors (true, buffer, drive, chs, sectorCount, silent); -} - - -static BiosResult ReadWriteSectors (bool write, BiosLbaPacket &dapPacket, byte drive, const uint64 §or, uint16 sectorCount, bool silent) -{ - CheckStack(); - - if (!IsLbaSupported (drive)) - { - DriveGeometry geometry; - - BiosResult result = GetDriveGeometry (drive, geometry, silent); - if (result != BiosResultSuccess) - return result; - - ChsAddress chs; - LbaToChs (geometry, sector, chs); - return ReadWriteSectors (write, (uint16) (dapPacket.Buffer >> 16), (uint16) dapPacket.Buffer, drive, chs, sectorCount, silent); - } - - dapPacket.Size = sizeof (dapPacket); - dapPacket.Reserved = 0; - dapPacket.SectorCount = sectorCount; - dapPacket.Sector = sector; - - byte function = write ? 0x43 : 0x42; - - BiosResult result; - byte tryCount = TC_MAX_BIOS_DISK_IO_RETRIES; - - do - { - result = BiosResultSuccess; - - __asm - { - mov bx, 0x55aa - mov dl, drive - mov si, [dapPacket] - mov ah, function - xor al, al - int 0x13 - jnc ok // If CF=0, ignore AH to prevent issues caused by potential bugs in BIOSes - mov result, ah - ok: - } - - if (result == BiosResultEccCorrected) - result = BiosResultSuccess; - - // Some BIOSes report I/O errors prematurely in some cases - } while (result != BiosResultSuccess && --tryCount != 0); - - if (!silent && result != BiosResultSuccess) - PrintDiskError (result, write, drive, §or); - - return result; -} - - -static BiosResult ReadWriteSectors (bool write, byte *buffer, byte drive, const uint64 §or, uint16 sectorCount, bool silent) -{ - BiosLbaPacket dapPacket; - dapPacket.Buffer = (uint32) buffer; - return ReadWriteSectors (write, dapPacket, drive, sector, sectorCount, silent); -} - - -BiosResult ReadWriteSectors (bool write, uint16 bufferSegment, uint16 bufferOffset, byte drive, const uint64 §or, uint16 sectorCount, bool silent) -{ - BiosLbaPacket dapPacket; - dapPacket.Buffer = ((uint32) bufferSegment << 16) | bufferOffset; - return ReadWriteSectors (write, dapPacket, drive, sector, sectorCount, silent); -} - -BiosResult ReadSectors (uint16 bufferSegment, uint16 bufferOffset, byte drive, const uint64 §or, uint16 sectorCount, bool silent) -{ - return ReadWriteSectors (false, bufferSegment, bufferOffset, drive, sector, sectorCount, silent); -} - - -BiosResult ReadSectors (byte *buffer, byte drive, const uint64 §or, uint16 sectorCount, bool silent) -{ - BiosResult result; - uint16 codeSeg; - __asm mov codeSeg, cs - - result = ReadSectors (BootStarted ? codeSeg : TC_BOOT_LOADER_ALT_SEGMENT, (uint16) buffer, drive, sector, sectorCount, silent); - - // Alternative segment is used to prevent memory corruption caused by buggy BIOSes - if (!BootStarted) - CopyMemory (TC_BOOT_LOADER_ALT_SEGMENT, (uint16) buffer, buffer, sectorCount * TC_LB_SIZE); - - return result; -} - - -BiosResult WriteSectors (byte *buffer, byte drive, const uint64 §or, uint16 sectorCount, bool silent) -{ - return ReadWriteSectors (true, buffer, drive, sector, sectorCount, silent); -} - - -BiosResult GetDriveGeometry (byte drive, DriveGeometry &geometry, bool silent) -{ - CheckStack(); - - byte maxCylinderLow, maxHead, maxSector; - BiosResult result; - __asm - { - push es - mov dl, drive - mov ah, 0x08 - int 0x13 - - mov result, ah - mov maxCylinderLow, ch - mov maxSector, cl - mov maxHead, dh - pop es - } - - if (result == BiosResultSuccess) - { - geometry.Cylinders = (maxCylinderLow | (uint16 (maxSector & 0xc0) << 2)) + 1; - geometry.Heads = maxHead + 1; - geometry.Sectors = maxSector & ~0xc0; - } - else if (!silent) - { - Print ("Drive "); - Print (drive ^ 0x80); - Print (" not found: "); - PrintErrorNoEndl (""); - Print (result); - PrintEndl(); - } - - return result; -} - - -void ChsToLba (const DriveGeometry &geometry, const ChsAddress &chs, uint64 &lba) -{ - lba.HighPart = 0; - lba.LowPart = (uint32 (chs.Cylinder) * geometry.Heads + chs.Head) * geometry.Sectors + chs.Sector - 1; -} - - -void LbaToChs (const DriveGeometry &geometry, const uint64 &lba, ChsAddress &chs) -{ - chs.Sector = (byte) ((lba.LowPart % geometry.Sectors) + 1); - uint32 ch = lba.LowPart / geometry.Sectors; - chs.Head = (byte) (ch % geometry.Heads); - chs.Cylinder = (uint16) (ch / geometry.Heads); -} - - -void PartitionEntryMBRToPartition (const PartitionEntryMBR &partEntry, Partition &partition) -{ - partition.Active = partEntry.BootIndicator == 0x80; - partition.EndSector.HighPart = 0; - partition.EndSector.LowPart = partEntry.StartLBA + partEntry.SectorCountLBA - 1; - partition.SectorCount.HighPart = 0; - partition.SectorCount.LowPart = partEntry.SectorCountLBA; - partition.StartSector.HighPart = 0; - partition.StartSector.LowPart = partEntry.StartLBA; - partition.Type = partEntry.Type; -} - - -BiosResult ReadWriteMBR (bool write, byte drive, bool silent) -{ - uint64 mbrSector; - mbrSector.HighPart = 0; - mbrSector.LowPart = 0; - - if (write) - return WriteSectors (SectorBuffer, drive, mbrSector, 1, silent); - - return ReadSectors (SectorBuffer, drive, mbrSector, 1, silent); // Uses alternative segment -} - - -BiosResult GetDrivePartitions (byte drive, Partition *partitionArray, size_t partitionArrayCapacity, size_t &partitionCount, bool activeOnly, Partition *findPartitionFollowingThis, bool silent) -{ - Partition *followingPartition; - Partition tmpPartition; - - if (findPartitionFollowingThis) - { - assert (partitionArrayCapacity == 1); - partitionArrayCapacity = 0xff; - followingPartition = partitionArray; - partitionArray = &tmpPartition; - - followingPartition->Drive = TC_INVALID_BIOS_DRIVE; - followingPartition->StartSector.LowPart = 0xFFFFffffUL; - } - - AcquireSectorBuffer(); - BiosResult result = ReadWriteMBR (false, drive, silent); - ReleaseSectorBuffer(); - - partitionCount = 0; - - MBR *mbr = (MBR *) SectorBuffer; - if (result != BiosResultSuccess || mbr->Signature != 0xaa55) - return result; - - PartitionEntryMBR mbrPartitions[4]; - memcpy (mbrPartitions, mbr->Partitions, sizeof (mbrPartitions)); - size_t partitionArrayPos = 0, partitionNumber; - - for (partitionNumber = 0; - partitionNumber < array_capacity (mbrPartitions) && partitionArrayPos < partitionArrayCapacity; - ++partitionNumber) - { - const PartitionEntryMBR &partEntry = mbrPartitions[partitionNumber]; - - if (partEntry.SectorCountLBA > 0) - { - Partition &partition = partitionArray[partitionArrayPos]; - PartitionEntryMBRToPartition (partEntry, partition); - - if (activeOnly && !partition.Active) - continue; - - partition.Drive = drive; - partition.Number = partitionArrayPos; - - if (partEntry.Type == 0x5 || partEntry.Type == 0xf) // Extended partition - { - if (IsLbaSupported (drive)) - { - // Find all extended partitions - uint64 firstExtStartLBA = partition.StartSector; - uint64 extStartLBA = partition.StartSector; - MBR *extMbr = (MBR *) SectorBuffer; - - while (partitionArrayPos < partitionArrayCapacity && - (result = ReadSectors ((byte *) extMbr, drive, extStartLBA, 1, silent)) == BiosResultSuccess - && extMbr->Signature == 0xaa55) - { - if (extMbr->Partitions[0].SectorCountLBA > 0) - { - Partition &logPart = partitionArray[partitionArrayPos]; - PartitionEntryMBRToPartition (extMbr->Partitions[0], logPart); - logPart.Drive = drive; - - logPart.Number = partitionArrayPos; - logPart.Primary = false; - - logPart.StartSector.LowPart += extStartLBA.LowPart; - logPart.EndSector.LowPart += extStartLBA.LowPart; - - if (findPartitionFollowingThis) - { - if (logPart.StartSector.LowPart > findPartitionFollowingThis->EndSector.LowPart - && logPart.StartSector.LowPart < followingPartition->StartSector.LowPart) - { - *followingPartition = logPart; - } - } - else - ++partitionArrayPos; - } - - // Secondary extended - if (extMbr->Partitions[1].Type != 0x5 && extMbr->Partitions[1].Type == 0xf - || extMbr->Partitions[1].SectorCountLBA == 0) - break; - - extStartLBA.LowPart = extMbr->Partitions[1].StartLBA + firstExtStartLBA.LowPart; - } - } - } - else - { - partition.Primary = true; - - if (findPartitionFollowingThis) - { - if (partition.StartSector.LowPart > findPartitionFollowingThis->EndSector.LowPart - && partition.StartSector.LowPart < followingPartition->StartSector.LowPart) - { - *followingPartition = partition; - } - } - else - ++partitionArrayPos; - } - } - } - - partitionCount = partitionArrayPos; - return result; -} - - -bool GetActivePartition (byte drive) -{ - size_t partCount; - - if (GetDrivePartitions (drive, &ActivePartition, 1, partCount, true) != BiosResultSuccess || partCount < 1) - { - ActivePartition.Drive = TC_INVALID_BIOS_DRIVE; - PrintError (TC_BOOT_STR_NO_BOOT_PARTITION); - return false; - } - - return true; -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Bios.h" +#include "BootConsoleIo.h" +#include "BootConfig.h" +#include "BootDebug.h" +#include "BootDefs.h" +#include "BootDiskIo.h" +#include "BootStrings.h" + + +byte SectorBuffer[TC_LB_SIZE]; + +#ifdef TC_BOOT_DEBUG_ENABLED +static bool SectorBufferInUse = false; + +void AcquireSectorBuffer () +{ + if (SectorBufferInUse) + TC_THROW_FATAL_EXCEPTION; + + SectorBufferInUse = true; +} + + +void ReleaseSectorBuffer () +{ + SectorBufferInUse = false; +} + +#endif + + +bool IsLbaSupported (byte drive) +{ + static byte CachedDrive = TC_INVALID_BIOS_DRIVE; + static bool CachedStatus; + uint16 result = 0; + + if (CachedDrive == drive) + goto ret; + + __asm + { + mov bx, 0x55aa + mov dl, drive + mov ah, 0x41 + int 0x13 + jc err + mov result, bx + err: + } + + CachedDrive = drive; + CachedStatus = (result == 0xaa55); +ret: + return CachedStatus; +} + + +void PrintDiskError (BiosResult error, bool write, byte drive, const uint64 *sector, const ChsAddress *chs) +{ + PrintEndl(); + Print (write ? "Write" : "Read"); Print (" error:"); + Print (error); + Print (" Drive:"); + Print (drive ^ 0x80); + + if (sector) + { + Print (" Sector:"); + Print (*sector); + } + + if (chs) + { + Print (" CHS:"); + Print (*chs); + } + + PrintEndl(); + Beep(); +} + + +void Print (const ChsAddress &chs) +{ + Print (chs.Cylinder); + PrintChar ('/'); + Print (chs.Head); + PrintChar ('/'); + Print (chs.Sector); +} + + +void PrintSectorCountInMB (const uint64 §orCount) +{ + Print (sectorCount >> (TC_LB_SIZE_BIT_SHIFT_DIVISOR + 2)); Print (" MB "); +} + + +BiosResult ReadWriteSectors (bool write, uint16 bufferSegment, uint16 bufferOffset, byte drive, const ChsAddress &chs, byte sectorCount, bool silent) +{ + CheckStack(); + + byte cylinderLow = (byte) chs.Cylinder; + byte sector = chs.Sector; + sector |= byte (chs.Cylinder >> 2) & 0xc0; + byte function = write ? 0x03 : 0x02; + + BiosResult result; + byte tryCount = TC_MAX_BIOS_DISK_IO_RETRIES; + + do + { + result = BiosResultSuccess; + + __asm + { + push es + mov ax, bufferSegment + mov es, ax + mov bx, bufferOffset + mov dl, drive + mov ch, cylinderLow + mov si, chs + mov dh, [si].Head + mov cl, sector + mov al, sectorCount + mov ah, function + int 0x13 + jnc ok // If CF=0, ignore AH to prevent issues caused by potential bugs in BIOSes + mov result, ah + ok: + pop es + } + + if (result == BiosResultEccCorrected) + result = BiosResultSuccess; + + // Some BIOSes report I/O errors prematurely in some cases + } while (result != BiosResultSuccess && --tryCount != 0); + + if (!silent && result != BiosResultSuccess) + PrintDiskError (result, write, drive, nullptr, &chs); + + return result; +} + + +BiosResult ReadWriteSectors (bool write, byte *buffer, byte drive, const ChsAddress &chs, byte sectorCount, bool silent) +{ + uint16 codeSeg; + __asm mov codeSeg, cs + return ReadWriteSectors (write, codeSeg, (uint16) buffer, drive, chs, sectorCount, silent); +} + + +BiosResult ReadSectors (byte *buffer, byte drive, const ChsAddress &chs, byte sectorCount, bool silent) +{ + return ReadWriteSectors (false, buffer, drive, chs, sectorCount, silent); +} + + +BiosResult WriteSectors (byte *buffer, byte drive, const ChsAddress &chs, byte sectorCount, bool silent) +{ + return ReadWriteSectors (true, buffer, drive, chs, sectorCount, silent); +} + + +static BiosResult ReadWriteSectors (bool write, BiosLbaPacket &dapPacket, byte drive, const uint64 §or, uint16 sectorCount, bool silent) +{ + CheckStack(); + + if (!IsLbaSupported (drive)) + { + DriveGeometry geometry; + + BiosResult result = GetDriveGeometry (drive, geometry, silent); + if (result != BiosResultSuccess) + return result; + + ChsAddress chs; + LbaToChs (geometry, sector, chs); + return ReadWriteSectors (write, (uint16) (dapPacket.Buffer >> 16), (uint16) dapPacket.Buffer, drive, chs, sectorCount, silent); + } + + dapPacket.Size = sizeof (dapPacket); + dapPacket.Reserved = 0; + dapPacket.SectorCount = sectorCount; + dapPacket.Sector = sector; + + byte function = write ? 0x43 : 0x42; + + BiosResult result; + byte tryCount = TC_MAX_BIOS_DISK_IO_RETRIES; + + do + { + result = BiosResultSuccess; + + __asm + { + mov bx, 0x55aa + mov dl, drive + mov si, [dapPacket] + mov ah, function + xor al, al + int 0x13 + jnc ok // If CF=0, ignore AH to prevent issues caused by potential bugs in BIOSes + mov result, ah + ok: + } + + if (result == BiosResultEccCorrected) + result = BiosResultSuccess; + + // Some BIOSes report I/O errors prematurely in some cases + } while (result != BiosResultSuccess && --tryCount != 0); + + if (!silent && result != BiosResultSuccess) + PrintDiskError (result, write, drive, §or); + + return result; +} + + +static BiosResult ReadWriteSectors (bool write, byte *buffer, byte drive, const uint64 §or, uint16 sectorCount, bool silent) +{ + BiosLbaPacket dapPacket; + dapPacket.Buffer = (uint32) buffer; + return ReadWriteSectors (write, dapPacket, drive, sector, sectorCount, silent); +} + + +BiosResult ReadWriteSectors (bool write, uint16 bufferSegment, uint16 bufferOffset, byte drive, const uint64 §or, uint16 sectorCount, bool silent) +{ + BiosLbaPacket dapPacket; + dapPacket.Buffer = ((uint32) bufferSegment << 16) | bufferOffset; + return ReadWriteSectors (write, dapPacket, drive, sector, sectorCount, silent); +} + +BiosResult ReadSectors (uint16 bufferSegment, uint16 bufferOffset, byte drive, const uint64 §or, uint16 sectorCount, bool silent) +{ + return ReadWriteSectors (false, bufferSegment, bufferOffset, drive, sector, sectorCount, silent); +} + + +BiosResult ReadSectors (byte *buffer, byte drive, const uint64 §or, uint16 sectorCount, bool silent) +{ + BiosResult result; + uint16 codeSeg; + __asm mov codeSeg, cs + + result = ReadSectors (BootStarted ? codeSeg : TC_BOOT_LOADER_ALT_SEGMENT, (uint16) buffer, drive, sector, sectorCount, silent); + + // Alternative segment is used to prevent memory corruption caused by buggy BIOSes + if (!BootStarted) + CopyMemory (TC_BOOT_LOADER_ALT_SEGMENT, (uint16) buffer, buffer, sectorCount * TC_LB_SIZE); + + return result; +} + + +BiosResult WriteSectors (byte *buffer, byte drive, const uint64 §or, uint16 sectorCount, bool silent) +{ + return ReadWriteSectors (true, buffer, drive, sector, sectorCount, silent); +} + + +BiosResult GetDriveGeometry (byte drive, DriveGeometry &geometry, bool silent) +{ + CheckStack(); + + byte maxCylinderLow, maxHead, maxSector; + BiosResult result; + __asm + { + push es + mov dl, drive + mov ah, 0x08 + int 0x13 + + mov result, ah + mov maxCylinderLow, ch + mov maxSector, cl + mov maxHead, dh + pop es + } + + if (result == BiosResultSuccess) + { + geometry.Cylinders = (maxCylinderLow | (uint16 (maxSector & 0xc0) << 2)) + 1; + geometry.Heads = maxHead + 1; + geometry.Sectors = maxSector & ~0xc0; + } + else if (!silent) + { + Print ("Drive "); + Print (drive ^ 0x80); + Print (" not found: "); + PrintErrorNoEndl (""); + Print (result); + PrintEndl(); + } + + return result; +} + + +void ChsToLba (const DriveGeometry &geometry, const ChsAddress &chs, uint64 &lba) +{ + lba.HighPart = 0; + lba.LowPart = (uint32 (chs.Cylinder) * geometry.Heads + chs.Head) * geometry.Sectors + chs.Sector - 1; +} + + +void LbaToChs (const DriveGeometry &geometry, const uint64 &lba, ChsAddress &chs) +{ + chs.Sector = (byte) ((lba.LowPart % geometry.Sectors) + 1); + uint32 ch = lba.LowPart / geometry.Sectors; + chs.Head = (byte) (ch % geometry.Heads); + chs.Cylinder = (uint16) (ch / geometry.Heads); +} + + +void PartitionEntryMBRToPartition (const PartitionEntryMBR &partEntry, Partition &partition) +{ + partition.Active = partEntry.BootIndicator == 0x80; + partition.EndSector.HighPart = 0; + partition.EndSector.LowPart = partEntry.StartLBA + partEntry.SectorCountLBA - 1; + partition.SectorCount.HighPart = 0; + partition.SectorCount.LowPart = partEntry.SectorCountLBA; + partition.StartSector.HighPart = 0; + partition.StartSector.LowPart = partEntry.StartLBA; + partition.Type = partEntry.Type; +} + + +BiosResult ReadWriteMBR (bool write, byte drive, bool silent) +{ + uint64 mbrSector; + mbrSector.HighPart = 0; + mbrSector.LowPart = 0; + + if (write) + return WriteSectors (SectorBuffer, drive, mbrSector, 1, silent); + + return ReadSectors (SectorBuffer, drive, mbrSector, 1, silent); // Uses alternative segment +} + + +BiosResult GetDrivePartitions (byte drive, Partition *partitionArray, size_t partitionArrayCapacity, size_t &partitionCount, bool activeOnly, Partition *findPartitionFollowingThis, bool silent) +{ + Partition *followingPartition; + Partition tmpPartition; + + if (findPartitionFollowingThis) + { + assert (partitionArrayCapacity == 1); + partitionArrayCapacity = 0xff; + followingPartition = partitionArray; + partitionArray = &tmpPartition; + + followingPartition->Drive = TC_INVALID_BIOS_DRIVE; + followingPartition->StartSector.LowPart = 0xFFFFffffUL; + } + + AcquireSectorBuffer(); + BiosResult result = ReadWriteMBR (false, drive, silent); + ReleaseSectorBuffer(); + + partitionCount = 0; + + MBR *mbr = (MBR *) SectorBuffer; + if (result != BiosResultSuccess || mbr->Signature != 0xaa55) + return result; + + PartitionEntryMBR mbrPartitions[4]; + memcpy (mbrPartitions, mbr->Partitions, sizeof (mbrPartitions)); + size_t partitionArrayPos = 0, partitionNumber; + + for (partitionNumber = 0; + partitionNumber < array_capacity (mbrPartitions) && partitionArrayPos < partitionArrayCapacity; + ++partitionNumber) + { + const PartitionEntryMBR &partEntry = mbrPartitions[partitionNumber]; + + if (partEntry.SectorCountLBA > 0) + { + Partition &partition = partitionArray[partitionArrayPos]; + PartitionEntryMBRToPartition (partEntry, partition); + + if (activeOnly && !partition.Active) + continue; + + partition.Drive = drive; + partition.Number = partitionArrayPos; + + if (partEntry.Type == 0x5 || partEntry.Type == 0xf) // Extended partition + { + if (IsLbaSupported (drive)) + { + // Find all extended partitions + uint64 firstExtStartLBA = partition.StartSector; + uint64 extStartLBA = partition.StartSector; + MBR *extMbr = (MBR *) SectorBuffer; + + while (partitionArrayPos < partitionArrayCapacity && + (result = ReadSectors ((byte *) extMbr, drive, extStartLBA, 1, silent)) == BiosResultSuccess + && extMbr->Signature == 0xaa55) + { + if (extMbr->Partitions[0].SectorCountLBA > 0) + { + Partition &logPart = partitionArray[partitionArrayPos]; + PartitionEntryMBRToPartition (extMbr->Partitions[0], logPart); + logPart.Drive = drive; + + logPart.Number = partitionArrayPos; + logPart.Primary = false; + + logPart.StartSector.LowPart += extStartLBA.LowPart; + logPart.EndSector.LowPart += extStartLBA.LowPart; + + if (findPartitionFollowingThis) + { + if (logPart.StartSector.LowPart > findPartitionFollowingThis->EndSector.LowPart + && logPart.StartSector.LowPart < followingPartition->StartSector.LowPart) + { + *followingPartition = logPart; + } + } + else + ++partitionArrayPos; + } + + // Secondary extended + if (extMbr->Partitions[1].Type != 0x5 && extMbr->Partitions[1].Type == 0xf + || extMbr->Partitions[1].SectorCountLBA == 0) + break; + + extStartLBA.LowPart = extMbr->Partitions[1].StartLBA + firstExtStartLBA.LowPart; + } + } + } + else + { + partition.Primary = true; + + if (findPartitionFollowingThis) + { + if (partition.StartSector.LowPart > findPartitionFollowingThis->EndSector.LowPart + && partition.StartSector.LowPart < followingPartition->StartSector.LowPart) + { + *followingPartition = partition; + } + } + else + ++partitionArrayPos; + } + } + } + + partitionCount = partitionArrayPos; + return result; +} + + +bool GetActivePartition (byte drive) +{ + size_t partCount; + + if (GetDrivePartitions (drive, &ActivePartition, 1, partCount, true) != BiosResultSuccess || partCount < 1) + { + ActivePartition.Drive = TC_INVALID_BIOS_DRIVE; + PrintError (TC_BOOT_STR_NO_BOOT_PARTITION); + return false; + } + + return true; +} diff --git a/src/Boot/Windows/BootDiskIo.h b/src/Boot/Windows/BootDiskIo.h index d1c1ccff..b09220a8 100644 --- a/src/Boot/Windows/BootDiskIo.h +++ b/src/Boot/Windows/BootDiskIo.h @@ -1,120 +1,120 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Boot_BootDiskIo -#define TC_HEADER_Boot_BootDiskIo - -#include "Bios.h" -#include "BootDebug.h" -#include "BootDefs.h" - -#define TC_MAX_BIOS_DISK_IO_RETRIES 5 - -enum -{ - BiosResultEccCorrected = 0x11 -}; - -#pragma pack(1) - -struct PartitionEntryMBR -{ - byte BootIndicator; - - byte StartHead; - byte StartCylSector; - byte StartCylinder; - - byte Type; - - byte EndHead; - byte EndSector; - byte EndCylinder; - - uint32 StartLBA; - uint32 SectorCountLBA; -}; - -struct MBR -{ - byte Code[446]; - PartitionEntryMBR Partitions[4]; - uint16 Signature; -}; - -struct BiosLbaPacket -{ - byte Size; - byte Reserved; - uint16 SectorCount; - uint32 Buffer; - uint64 Sector; -}; - -#pragma pack() - - -struct ChsAddress -{ - uint16 Cylinder; - byte Head; - byte Sector; -}; - -struct Partition -{ - byte Number; - byte Drive; - bool Active; - uint64 EndSector; - bool Primary; - uint64 SectorCount; - uint64 StartSector; - byte Type; -}; - -struct DriveGeometry -{ - uint16 Cylinders; - byte Heads; - byte Sectors; -}; - - -#ifdef TC_BOOT_DEBUG_ENABLED -void AcquireSectorBuffer (); -void ReleaseSectorBuffer (); -#else -# define AcquireSectorBuffer() -# define ReleaseSectorBuffer() -#endif - -void ChsToLba (const DriveGeometry &geometry, const ChsAddress &chs, uint64 &lba); -bool GetActivePartition (byte drive); -BiosResult GetDriveGeometry (byte drive, DriveGeometry &geometry, bool silent = false); -BiosResult GetDrivePartitions (byte drive, Partition *partitionArray, size_t partitionArrayCapacity, size_t &partitionCount, bool activeOnly = false, Partition *findPartitionFollowingThis = nullptr, bool silent = false); -bool IsLbaSupported (byte drive); -void LbaToChs (const DriveGeometry &geometry, const uint64 &lba, ChsAddress &chs); -void Print (const ChsAddress &chs); -void PrintDiskError (BiosResult error, bool write, byte drive, const uint64 *sector, const ChsAddress *chs = nullptr); -void PrintSectorCountInMB (const uint64 §orCount); -BiosResult ReadWriteMBR (bool write, byte drive, bool silent = false); -BiosResult ReadSectors (uint16 bufferSegment, uint16 bufferOffset, byte drive, const uint64 §or, uint16 sectorCount, bool silent = false); -BiosResult ReadSectors (byte *buffer, byte drive, const uint64 §or, uint16 sectorCount, bool silent = false); -BiosResult ReadSectors (byte *buffer, byte drive, const ChsAddress &chs, byte sectorCount, bool silent = false); -BiosResult ReadWriteSectors (bool write, uint16 bufferSegment, uint16 bufferOffset, byte drive, const uint64 §or, uint16 sectorCount, bool silent); -BiosResult WriteSectors (byte *buffer, byte drive, const uint64 §or, uint16 sectorCount, bool silent = false); -BiosResult WriteSectors (byte *buffer, byte drive, const ChsAddress &chs, byte sectorCount, bool silent = false); - -extern byte SectorBuffer[TC_LB_SIZE]; - -#endif // TC_HEADER_Boot_BootDiskIo +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Boot_BootDiskIo +#define TC_HEADER_Boot_BootDiskIo + +#include "Bios.h" +#include "BootDebug.h" +#include "BootDefs.h" + +#define TC_MAX_BIOS_DISK_IO_RETRIES 5 + +enum +{ + BiosResultEccCorrected = 0x11 +}; + +#pragma pack(1) + +struct PartitionEntryMBR +{ + byte BootIndicator; + + byte StartHead; + byte StartCylSector; + byte StartCylinder; + + byte Type; + + byte EndHead; + byte EndSector; + byte EndCylinder; + + uint32 StartLBA; + uint32 SectorCountLBA; +}; + +struct MBR +{ + byte Code[446]; + PartitionEntryMBR Partitions[4]; + uint16 Signature; +}; + +struct BiosLbaPacket +{ + byte Size; + byte Reserved; + uint16 SectorCount; + uint32 Buffer; + uint64 Sector; +}; + +#pragma pack() + + +struct ChsAddress +{ + uint16 Cylinder; + byte Head; + byte Sector; +}; + +struct Partition +{ + byte Number; + byte Drive; + bool Active; + uint64 EndSector; + bool Primary; + uint64 SectorCount; + uint64 StartSector; + byte Type; +}; + +struct DriveGeometry +{ + uint16 Cylinders; + byte Heads; + byte Sectors; +}; + + +#ifdef TC_BOOT_DEBUG_ENABLED +void AcquireSectorBuffer (); +void ReleaseSectorBuffer (); +#else +# define AcquireSectorBuffer() +# define ReleaseSectorBuffer() +#endif + +void ChsToLba (const DriveGeometry &geometry, const ChsAddress &chs, uint64 &lba); +bool GetActivePartition (byte drive); +BiosResult GetDriveGeometry (byte drive, DriveGeometry &geometry, bool silent = false); +BiosResult GetDrivePartitions (byte drive, Partition *partitionArray, size_t partitionArrayCapacity, size_t &partitionCount, bool activeOnly = false, Partition *findPartitionFollowingThis = nullptr, bool silent = false); +bool IsLbaSupported (byte drive); +void LbaToChs (const DriveGeometry &geometry, const uint64 &lba, ChsAddress &chs); +void Print (const ChsAddress &chs); +void PrintDiskError (BiosResult error, bool write, byte drive, const uint64 *sector, const ChsAddress *chs = nullptr); +void PrintSectorCountInMB (const uint64 §orCount); +BiosResult ReadWriteMBR (bool write, byte drive, bool silent = false); +BiosResult ReadSectors (uint16 bufferSegment, uint16 bufferOffset, byte drive, const uint64 §or, uint16 sectorCount, bool silent = false); +BiosResult ReadSectors (byte *buffer, byte drive, const uint64 §or, uint16 sectorCount, bool silent = false); +BiosResult ReadSectors (byte *buffer, byte drive, const ChsAddress &chs, byte sectorCount, bool silent = false); +BiosResult ReadWriteSectors (bool write, uint16 bufferSegment, uint16 bufferOffset, byte drive, const uint64 §or, uint16 sectorCount, bool silent); +BiosResult WriteSectors (byte *buffer, byte drive, const uint64 §or, uint16 sectorCount, bool silent = false); +BiosResult WriteSectors (byte *buffer, byte drive, const ChsAddress &chs, byte sectorCount, bool silent = false); + +extern byte SectorBuffer[TC_LB_SIZE]; + +#endif // TC_HEADER_Boot_BootDiskIo diff --git a/src/Boot/Windows/BootEncryptedIo.cpp b/src/Boot/Windows/BootEncryptedIo.cpp index d130534f..84a4bf14 100644 --- a/src/Boot/Windows/BootEncryptedIo.cpp +++ b/src/Boot/Windows/BootEncryptedIo.cpp @@ -1,132 +1,132 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Crypto.h" -#include "Platform.h" -#include "BootConfig.h" -#include "BootDebug.h" -#include "BootDefs.h" -#include "BootDiskIo.h" -#include "BootEncryptedIo.h" - - -BiosResult ReadEncryptedSectors (uint16 destSegment, uint16 destOffset, byte drive, uint64 sector, uint16 sectorCount) -{ - BiosResult result; - bool decrypt = true; - - if (BootCryptoInfo->hiddenVolume) - { - if (ReadWritePartiallyCoversEncryptedArea (sector, sectorCount)) - return BiosResultInvalidFunction; - - if (sector >= EncryptedVirtualPartition.StartSector && sector <= EncryptedVirtualPartition.EndSector) - { - // Remap the request to the hidden volume - sector -= EncryptedVirtualPartition.StartSector; - sector += HiddenVolumeStartSector; - } - else - decrypt = false; - } - - result = ReadSectors (destSegment, destOffset, drive, sector, sectorCount); - - if (result != BiosResultSuccess || !decrypt) - return result; - - if (BootCryptoInfo->hiddenVolume) - { - // Convert sector number to data unit number of the hidden volume - sector -= HiddenVolumeStartSector; - sector += PimValueOrHiddenVolumeStartUnitNo; - } - - if (drive == EncryptedVirtualPartition.Drive) - { - while (sectorCount-- > 0) - { - if (BootCryptoInfo->hiddenVolume - || (sector >= EncryptedVirtualPartition.StartSector && sector <= EncryptedVirtualPartition.EndSector)) - { - AcquireSectorBuffer(); - CopyMemory (destSegment, destOffset, SectorBuffer, TC_LB_SIZE); - - DecryptDataUnits (SectorBuffer, §or, 1, BootCryptoInfo); - - CopyMemory (SectorBuffer, destSegment, destOffset, TC_LB_SIZE); - ReleaseSectorBuffer(); - } - - ++sector; - destOffset += TC_LB_SIZE; - } - } - - return result; -} - - -BiosResult WriteEncryptedSectors (uint16 sourceSegment, uint16 sourceOffset, byte drive, uint64 sector, uint16 sectorCount) -{ - BiosResult result = BiosResultSuccess; - AcquireSectorBuffer(); - uint64 dataUnitNo; - uint64 writeOffset; - - dataUnitNo = sector; - writeOffset.HighPart = 0; - writeOffset.LowPart = 0; - - if (BootCryptoInfo->hiddenVolume) - { - if (ReadWritePartiallyCoversEncryptedArea (sector, sectorCount)) - return BiosResultInvalidFunction; - - // Remap the request to the hidden volume - writeOffset = HiddenVolumeStartSector; - writeOffset -= EncryptedVirtualPartition.StartSector; - dataUnitNo -= EncryptedVirtualPartition.StartSector; - dataUnitNo += PimValueOrHiddenVolumeStartUnitNo; - } - - while (sectorCount-- > 0) - { - CopyMemory (sourceSegment, sourceOffset, SectorBuffer, TC_LB_SIZE); - - if (drive == EncryptedVirtualPartition.Drive && sector >= EncryptedVirtualPartition.StartSector && sector <= EncryptedVirtualPartition.EndSector) - { - EncryptDataUnits (SectorBuffer, &dataUnitNo, 1, BootCryptoInfo); - } - - result = WriteSectors (SectorBuffer, drive, sector + writeOffset, 1); - - if (result != BiosResultSuccess) - break; - - ++sector; - ++dataUnitNo; - sourceOffset += TC_LB_SIZE; - } - - ReleaseSectorBuffer(); - return result; -} - - -static bool ReadWritePartiallyCoversEncryptedArea (const uint64 §or, uint16 sectorCount) -{ - uint64 readWriteEnd = sector + --sectorCount; - - return ((sector < EncryptedVirtualPartition.StartSector && readWriteEnd >= EncryptedVirtualPartition.StartSector) - || (sector >= EncryptedVirtualPartition.StartSector && readWriteEnd > EncryptedVirtualPartition.EndSector)); -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Crypto.h" +#include "Platform.h" +#include "BootConfig.h" +#include "BootDebug.h" +#include "BootDefs.h" +#include "BootDiskIo.h" +#include "BootEncryptedIo.h" + + +BiosResult ReadEncryptedSectors (uint16 destSegment, uint16 destOffset, byte drive, uint64 sector, uint16 sectorCount) +{ + BiosResult result; + bool decrypt = true; + + if (BootCryptoInfo->hiddenVolume) + { + if (ReadWritePartiallyCoversEncryptedArea (sector, sectorCount)) + return BiosResultInvalidFunction; + + if (sector >= EncryptedVirtualPartition.StartSector && sector <= EncryptedVirtualPartition.EndSector) + { + // Remap the request to the hidden volume + sector -= EncryptedVirtualPartition.StartSector; + sector += HiddenVolumeStartSector; + } + else + decrypt = false; + } + + result = ReadSectors (destSegment, destOffset, drive, sector, sectorCount); + + if (result != BiosResultSuccess || !decrypt) + return result; + + if (BootCryptoInfo->hiddenVolume) + { + // Convert sector number to data unit number of the hidden volume + sector -= HiddenVolumeStartSector; + sector += PimValueOrHiddenVolumeStartUnitNo; + } + + if (drive == EncryptedVirtualPartition.Drive) + { + while (sectorCount-- > 0) + { + if (BootCryptoInfo->hiddenVolume + || (sector >= EncryptedVirtualPartition.StartSector && sector <= EncryptedVirtualPartition.EndSector)) + { + AcquireSectorBuffer(); + CopyMemory (destSegment, destOffset, SectorBuffer, TC_LB_SIZE); + + DecryptDataUnits (SectorBuffer, §or, 1, BootCryptoInfo); + + CopyMemory (SectorBuffer, destSegment, destOffset, TC_LB_SIZE); + ReleaseSectorBuffer(); + } + + ++sector; + destOffset += TC_LB_SIZE; + } + } + + return result; +} + + +BiosResult WriteEncryptedSectors (uint16 sourceSegment, uint16 sourceOffset, byte drive, uint64 sector, uint16 sectorCount) +{ + BiosResult result = BiosResultSuccess; + AcquireSectorBuffer(); + uint64 dataUnitNo; + uint64 writeOffset; + + dataUnitNo = sector; + writeOffset.HighPart = 0; + writeOffset.LowPart = 0; + + if (BootCryptoInfo->hiddenVolume) + { + if (ReadWritePartiallyCoversEncryptedArea (sector, sectorCount)) + return BiosResultInvalidFunction; + + // Remap the request to the hidden volume + writeOffset = HiddenVolumeStartSector; + writeOffset -= EncryptedVirtualPartition.StartSector; + dataUnitNo -= EncryptedVirtualPartition.StartSector; + dataUnitNo += PimValueOrHiddenVolumeStartUnitNo; + } + + while (sectorCount-- > 0) + { + CopyMemory (sourceSegment, sourceOffset, SectorBuffer, TC_LB_SIZE); + + if (drive == EncryptedVirtualPartition.Drive && sector >= EncryptedVirtualPartition.StartSector && sector <= EncryptedVirtualPartition.EndSector) + { + EncryptDataUnits (SectorBuffer, &dataUnitNo, 1, BootCryptoInfo); + } + + result = WriteSectors (SectorBuffer, drive, sector + writeOffset, 1); + + if (result != BiosResultSuccess) + break; + + ++sector; + ++dataUnitNo; + sourceOffset += TC_LB_SIZE; + } + + ReleaseSectorBuffer(); + return result; +} + + +static bool ReadWritePartiallyCoversEncryptedArea (const uint64 §or, uint16 sectorCount) +{ + uint64 readWriteEnd = sector + --sectorCount; + + return ((sector < EncryptedVirtualPartition.StartSector && readWriteEnd >= EncryptedVirtualPartition.StartSector) + || (sector >= EncryptedVirtualPartition.StartSector && readWriteEnd > EncryptedVirtualPartition.EndSector)); +} diff --git a/src/Boot/Windows/BootEncryptedIo.h b/src/Boot/Windows/BootEncryptedIo.h index 6cc375fa..6402e705 100644 --- a/src/Boot/Windows/BootEncryptedIo.h +++ b/src/Boot/Windows/BootEncryptedIo.h @@ -1,22 +1,22 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Boot_BootEncryptionIo -#define TC_HEADER_Boot_BootEncryptionIo - -#include "Platform.h" - -BiosResult ReadEncryptedSectors (uint16 destSegment, uint16 destOffset, byte drive, uint64 sector, uint16 sectorCount); -BiosResult WriteEncryptedSectors (uint16 sourceSegment, uint16 sourceOffset, byte drive, uint64 sector, uint16 sectorCount); -static bool ReadWritePartiallyCoversEncryptedArea (const uint64 §or, uint16 sectorCount); - -#endif // TC_HEADER_Boot_BootEncryptionIo +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Boot_BootEncryptionIo +#define TC_HEADER_Boot_BootEncryptionIo + +#include "Platform.h" + +BiosResult ReadEncryptedSectors (uint16 destSegment, uint16 destOffset, byte drive, uint64 sector, uint16 sectorCount); +BiosResult WriteEncryptedSectors (uint16 sourceSegment, uint16 sourceOffset, byte drive, uint64 sector, uint16 sectorCount); +static bool ReadWritePartiallyCoversEncryptedArea (const uint64 §or, uint16 sectorCount); + +#endif // TC_HEADER_Boot_BootEncryptionIo diff --git a/src/Boot/Windows/BootMain.cpp b/src/Boot/Windows/BootMain.cpp index 275c5762..24acd23f 100644 --- a/src/Boot/Windows/BootMain.cpp +++ b/src/Boot/Windows/BootMain.cpp @@ -1,1269 +1,1269 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Crc.h" -#include "Crypto.h" -#include "Password.h" -#include "Volumes.h" - -#include "Platform.h" -#include "Bios.h" -#include "BootConfig.h" -#include "BootMain.h" -#include "BootDefs.h" -#include "BootCommon.h" -#include "BootConsoleIo.h" -#include "BootDebug.h" -#include "BootDiskIo.h" -#include "BootEncryptedIo.h" -#include "BootMemory.h" -#include "BootStrings.h" -#include "IntFilter.h" - - -static void InitScreen () -{ - ClearScreen(); - - const char *title = -#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE - " VeraCrypt Boot Loader " -#else - " VeraCrypt Rescue Disk " -#endif - VERSION_STRING "\r\n"; - - Print (title); - - PrintRepeatedChar ('\xDC', TC_BIOS_MAX_CHARS_PER_LINE); - -#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE - if (CustomUserMessage[0]) - { - PrintEndl(); - Print (CustomUserMessage); - } -#endif - - PrintEndl (2); -} - - -static void PrintMainMenu () -{ - if (PreventBootMenu) - return; - - Print (" Keyboard Controls:\r\n"); - Print (" [F5] Hide/Show Password and PIM\r\n"); - Print (" [Esc] "); - -#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE - - Print ((BootSectorFlags & TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE) != TC_HIDDEN_OS_CREATION_PHASE_NONE - ? "Boot Non-Hidden System (Boot Manager)" - : "Skip Authentication (Boot Manager)"); - -#else // TC_WINDOWS_BOOT_RESCUE_DISK_MODE - - Print ("Skip Authentication (Boot Manager)"); - Print ("\r\n [F8] "); Print ("Repair Options"); - -#endif // TC_WINDOWS_BOOT_RESCUE_DISK_MODE - - PrintEndl (3); -} - - -static bool IsMenuKey (byte scanCode) -{ -#ifdef TC_WINDOWS_BOOT_RESCUE_DISK_MODE - return scanCode == TC_MENU_KEY_REPAIR; -#else - return false; -#endif -} - - -static bool AskYesNo (const char *message) -{ - Print (message); - Print ("? (y/n): "); - while (true) - { - switch (GetKeyboardChar()) - { - case 'y': - case 'Y': - case 'z': - case 'Z': - Print ("y\r\n"); - return true; - - case 'n': - case 'N': - Print ("n\r\n"); - return false; - - default: - Beep(); - } - } -} - - -static int AskSelection (const char *options[], size_t optionCount) -{ - for (int i = 0; i < optionCount; ++i) - { - Print ("["); Print (i + 1); Print ("] "); - Print (options[i]); - PrintEndl(); - } - Print ("[Esc] Cancel\r\n\r\n"); - - Print ("To select, press 1-9: "); - - char str; - - while (true) - { - if (GetString (&str, 1) == 0) - return 0; - - if (str >= '1' && str <= optionCount + '0') - return str - '0'; - - Beep(); - PrintBackspace(); - } -} - - -static byte AskPassword (Password &password, int& pim) -{ - size_t pos = 0; - byte scanCode; - byte asciiCode; - byte hidePassword = 1; - - pim = 0; - - Print ("Enter password"); - Print (PreventNormalSystemBoot ? " for hidden system:\r\n" : ": "); - - while (true) - { - asciiCode = GetKeyboardChar (&scanCode); - - switch (scanCode) - { - case TC_BIOS_KEY_ENTER: - password.Length = pos; - Print ("\r"); - if (!PreventNormalSystemBoot) - Print ("Enter password: "); - pos = 0; - while (pos < MAX_PASSWORD) - { - pos++; - if (pos < MAX_PASSWORD) - PrintChar ('*'); - else - PrintCharAtCursor ('*'); - } - - ClearBiosKeystrokeBuffer(); - PrintEndl(); - - break; - - case TC_BIOS_KEY_BACKSPACE: - if (pos > 0) - { - if (pos < MAX_PASSWORD) - PrintBackspace(); - else - PrintCharAtCursor (' '); - - --pos; - } - continue; - - case TC_BIOS_KEY_F5: - hidePassword ^= 0x01; - continue; - - default: - if (scanCode == TC_BIOS_KEY_ESC || IsMenuKey (scanCode)) - { - burn (password.Text, sizeof (password.Text)); - ClearBiosKeystrokeBuffer(); - - PrintEndl(); - return scanCode; - } - } - - if (TC_BIOS_KEY_ENTER == scanCode) - break; - - if (!IsPrintable (asciiCode) || pos == MAX_PASSWORD) - { - Beep(); - continue; - } - - password.Text[pos++] = asciiCode; - if (hidePassword) asciiCode = '*'; - if (pos < MAX_PASSWORD) - PrintChar (asciiCode); - else - PrintCharAtCursor (asciiCode); - } - -#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE - if (PimValueOrHiddenVolumeStartUnitNo.LowPart != -1) - { - pim = (int) PimValueOrHiddenVolumeStartUnitNo.LowPart; - // reset stored PIM value to allow requesting PIM next time in case the stored value is wrong - PimValueOrHiddenVolumeStartUnitNo.LowPart = -1; - return TC_BIOS_KEY_ENTER; - } - else -#endif - { - pos = 0; - Print ("PIM: "); - - while (true) - { - asciiCode = GetKeyboardChar (&scanCode); - - switch (scanCode) - { - case TC_BIOS_KEY_ENTER: - Print ("\rPIM: "); - pos =0; - while (pos < MAX_PIM) - { - PrintChar ('*'); - pos++; - } - - ClearBiosKeystrokeBuffer(); - PrintEndl(); - - return TC_BIOS_KEY_ENTER; - - case TC_BIOS_KEY_BACKSPACE: - if (pos > 0) - { - if (pos < MAX_PIM) - PrintBackspace(); - else - PrintCharAtCursor (' '); - - --pos; - pim /= 10; - } - continue; - - case TC_BIOS_KEY_F5: - hidePassword ^= 0x01; - continue; - - default: - if (scanCode == TC_BIOS_KEY_ESC || IsMenuKey (scanCode)) - { - burn (password.Text, sizeof (password.Text)); - ClearBiosKeystrokeBuffer(); - - PrintEndl(); - return scanCode; - } - } - - if (!IsDigit (asciiCode) || pos == MAX_PIM) - { - Beep(); - continue; - } - - pim = 10*pim + (asciiCode - '0'); - pos++; - - if (hidePassword) asciiCode = '*'; - if (pos < MAX_PIM) - PrintChar (asciiCode); - else - PrintCharAtCursor (asciiCode); - } - } -} - - -static void ExecuteBootSector (byte drive, byte *sectorBuffer) -{ - Print ("Booting...\r\n"); - CopyMemory (sectorBuffer, 0x0000, 0x7c00, TC_LB_SIZE); - - BootStarted = true; - - uint32 addr = 0x7c00; - __asm - { - cli - mov dl, drive // Boot drive - mov dh, 0 - xor ax, ax - mov si, ax - mov ds, ax - mov es, ax - mov ss, ax - mov sp, 0x7c00 - sti - - jmp cs:addr - } -} - - -static bool OpenVolume (byte drive, Password &password, int pim, CRYPTO_INFO **cryptoInfo, uint32 *headerSaltCrc32, bool skipNormal, bool skipHidden) -{ - int volumeType; - bool hiddenVolume; - uint64 headerSec; - - AcquireSectorBuffer(); - - for (volumeType = 1; volumeType <= 2; ++volumeType) - { - hiddenVolume = (volumeType == 2); - - if (hiddenVolume) - { - if (skipHidden || PartitionFollowingActive.Drive != drive || PartitionFollowingActive.SectorCount <= ActivePartition.SectorCount) - continue; - - headerSec = PartitionFollowingActive.StartSector + TC_HIDDEN_VOLUME_HEADER_OFFSET / TC_LB_SIZE; - } - else - { - if (skipNormal) - continue; - - headerSec.HighPart = 0; - headerSec.LowPart = TC_BOOT_VOLUME_HEADER_SECTOR; - } - - if (ReadSectors (SectorBuffer, drive, headerSec, 1) != BiosResultSuccess) - continue; - - if (ReadVolumeHeader (!hiddenVolume, (char *) SectorBuffer, &password, pim, cryptoInfo, nullptr) == ERR_SUCCESS) - { - // Prevent opening a non-system hidden volume - if (hiddenVolume && !((*cryptoInfo)->HeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM)) - { - crypto_close (*cryptoInfo); - continue; - } - - if (headerSaltCrc32) - *headerSaltCrc32 = GetCrc32 (SectorBuffer, PKCS5_SALT_SIZE); - - break; - } - } - - ReleaseSectorBuffer(); - return volumeType != 3; -} - - -static bool CheckMemoryRequirements () -{ - uint16 codeSeg; - __asm mov codeSeg, cs - if (codeSeg == TC_BOOT_LOADER_LOWMEM_SEGMENT) - { - PrintErrorNoEndl ("BIOS reserved too much memory: "); - - uint16 memFree; - __asm - { - push es - xor ax, ax - mov es, ax - mov ax, es:[0x413] - mov memFree, ax - pop es - } - - Print (memFree); - PrintEndl(); - Print (TC_BOOT_STR_UPGRADE_BIOS); - - return false; - } - - return true; -} - - -static bool MountVolume (byte drive, byte &exitKey, bool skipNormal, bool skipHidden) -{ - BootArguments *bootArguments = (BootArguments *) TC_BOOT_LOADER_ARGS_OFFSET; - int incorrectPasswordCount = 0, pim = 0; - - EraseMemory (bootArguments, sizeof (*bootArguments)); - - // Open volume header - while (true) - { - exitKey = AskPassword (bootArguments->BootPassword, pim); - - if (exitKey != TC_BIOS_KEY_ENTER) - return false; - - Print ("Verifying password..."); - - if (OpenVolume (BootDrive, bootArguments->BootPassword, pim, &BootCryptoInfo, &bootArguments->HeaderSaltCrc32, skipNormal, skipHidden)) - { - Print ("OK\r\n"); - break; - } - if (GetShiftFlags() & TC_BIOS_SHIFTMASK_CAPSLOCK) - Print ("Warning: Caps Lock is on.\r\n"); - - Print ("Incorrect password.\r\n\r\n"); - - if (++incorrectPasswordCount == 4) - { -#ifdef TC_WINDOWS_BOOT_RESCUE_DISK_MODE - Print ("If you are sure the password is correct, the key data may be damaged.\r\n" - "If so, use 'Repair Options' > 'Restore key data'.\r\n\r\n"); -#else - Print ("If you are sure the password is correct, the key data may be damaged. Boot your\r\n" - "VeraCrypt Rescue Disk and select 'Repair Options' > 'Restore key data'.\r\n\r\n"); -#endif - } - } - - // Setup boot arguments - bootArguments->BootLoaderVersion = VERSION_NUM; - bootArguments->CryptoInfoOffset = (uint16) BootCryptoInfo; - bootArguments->CryptoInfoLength = sizeof (*BootCryptoInfo); - bootArguments->Flags = (((uint32)pim) << 16); - - if (BootCryptoInfo->hiddenVolume) - bootArguments->HiddenSystemPartitionStart = PartitionFollowingActive.StartSector << TC_LB_SIZE_BIT_SHIFT_DIVISOR; - - if (ExtraBootPartitionPresent) - bootArguments->Flags |= TC_BOOT_ARGS_FLAG_EXTRA_BOOT_PARTITION; - - TC_SET_BOOT_ARGUMENTS_SIGNATURE (bootArguments->Signature); - - // Setup virtual encrypted partition - if (BootCryptoInfo->EncryptedAreaLength.HighPart != 0 || BootCryptoInfo->EncryptedAreaLength.LowPart != 0) - { - EncryptedVirtualPartition.Drive = BootDrive; - - EncryptedVirtualPartition.StartSector = BootCryptoInfo->EncryptedAreaStart >> TC_LB_SIZE_BIT_SHIFT_DIVISOR; - - PimValueOrHiddenVolumeStartUnitNo = EncryptedVirtualPartition.StartSector; - HiddenVolumeStartSector = PartitionFollowingActive.StartSector; - HiddenVolumeStartSector += EncryptedVirtualPartition.StartSector; - - EncryptedVirtualPartition.SectorCount = BootCryptoInfo->EncryptedAreaLength >> TC_LB_SIZE_BIT_SHIFT_DIVISOR; - - EncryptedVirtualPartition.EndSector = EncryptedVirtualPartition.SectorCount - 1; - EncryptedVirtualPartition.EndSector += EncryptedVirtualPartition.StartSector; - } - else - { - // Drive not encrypted - EncryptedVirtualPartition.Drive = TC_INVALID_BIOS_DRIVE; - } - - return true; -} - - -static bool GetSystemPartitions (byte drive) -{ - size_t partCount; - - if (!GetActivePartition (drive)) - return false; - - // Find partition following the active one - GetDrivePartitions (drive, &PartitionFollowingActive, 1, partCount, false, &ActivePartition); - - // If there is an extra boot partition, use the partitions following it. - // The real boot partition is determined in BootEncryptedDrive(). - if (ActivePartition.SectorCount.HighPart == 0 && ActivePartition.SectorCount.LowPart <= TC_MAX_EXTRA_BOOT_PARTITION_SIZE / TC_LB_SIZE - && PartitionFollowingActive.Drive != TC_INVALID_BIOS_DRIVE) - { - ExtraBootPartitionPresent = true; - - ActivePartition = PartitionFollowingActive; - GetDrivePartitions (drive, &PartitionFollowingActive, 1, partCount, false, &ActivePartition); - } - - return true; -} - - -static byte BootEncryptedDrive () -{ - BootArguments *bootArguments = (BootArguments *) TC_BOOT_LOADER_ARGS_OFFSET; - byte exitKey; - BootCryptoInfo = NULL; - - if (!GetSystemPartitions (BootDrive)) - goto err; - - if (!MountVolume (BootDrive, exitKey, PreventNormalSystemBoot, false)) - return exitKey; - - if (!CheckMemoryRequirements ()) - goto err; - - if (BootCryptoInfo->hiddenVolume) - { - EncryptedVirtualPartition = ActivePartition; - bootArguments->DecoySystemPartitionStart = ActivePartition.StartSector << TC_LB_SIZE_BIT_SHIFT_DIVISOR; - } - - if (ExtraBootPartitionPresent && !GetActivePartition (BootDrive)) - goto err; - - if (ReadWriteMBR (false, ActivePartition.Drive) != BiosResultSuccess) - goto err; - - bootArguments->BootDriveSignature = *(uint32 *) (SectorBuffer + 0x1b8); - - if (!InstallInterruptFilters()) - goto err; - - bootArguments->BootArgumentsCrc32 = GetCrc32 ((byte *) bootArguments, (byte *) &bootArguments->BootArgumentsCrc32 - (byte *) bootArguments); - - while (true) - { - // Execute boot sector of the active partition - if (ReadSectors (SectorBuffer, ActivePartition.Drive, ActivePartition.StartSector, 1) == BiosResultSuccess) - { - if (*(uint16 *) (SectorBuffer + 510) != 0xaa55) - { - PrintError (TC_BOOT_STR_NO_BOOT_PARTITION); - GetKeyboardChar(); - } - - ExecuteBootSector (ActivePartition.Drive, SectorBuffer); - } - - GetKeyboardChar(); - } - -err: - if (BootCryptoInfo) - { - crypto_close (BootCryptoInfo); - BootCryptoInfo = NULL; - } - - EncryptedVirtualPartition.Drive = TC_INVALID_BIOS_DRIVE; - EraseMemory ((void *) TC_BOOT_LOADER_ARGS_OFFSET, sizeof (BootArguments)); - - byte scanCode; - GetKeyboardChar (&scanCode); - return scanCode; -} - - -static void BootMenu () -{ - BiosResult result; - Partition partitions[16]; - Partition bootablePartitions[9]; - size_t partitionCount; - size_t bootablePartitionCount = 0; - - for (byte drive = TC_FIRST_BIOS_DRIVE; drive <= TC_LAST_BIOS_DRIVE; ++drive) - { - if (GetDrivePartitions (drive, partitions, array_capacity (partitions), partitionCount, false, nullptr, true) == BiosResultSuccess) - { - for (size_t i = 0; i < partitionCount; ++i) - { - const Partition &partition = partitions[i]; - result = ReadSectors (SectorBuffer, drive, partition.StartSector, 1); - - if (result == BiosResultSuccess && *(uint16 *) (SectorBuffer + TC_LB_SIZE - 2) == 0xaa55) - { - // Windows writes boot loader on all NTFS/FAT filesytems it creates and, therefore, - // NTFS/FAT partitions must have the boot indicator set to be considered bootable. - if (!partition.Active - && (*(uint32 *) (SectorBuffer + 3) == 0x5346544e // 'NTFS' - || *(uint32 *) (SectorBuffer + 3) == 0x41465845 && SectorBuffer[7] == 'T' // 'exFAT' - || *(uint16 *) (SectorBuffer + 54) == 0x4146 && SectorBuffer[56] == 'T' // 'FAT' - || *(uint16 *) (SectorBuffer + 82) == 0x4146 && SectorBuffer[84] == 'T')) - { - continue; - } - - // Bootable sector found - if (bootablePartitionCount < array_capacity (bootablePartitions)) - bootablePartitions[bootablePartitionCount++] = partition; - } - } - } - } - - if (bootablePartitionCount < 1) - { - PrintError (TC_BOOT_STR_NO_BOOT_PARTITION); - GetKeyboardChar(); - return; - } - - char partChar; - while (true) - { - InitScreen(); - Print ("Bootable Partitions:\r\n"); - PrintRepeatedChar ('\xC4', 20); - Print ("\r\n"); - - for (size_t i = 0; i < bootablePartitionCount; ++i) - { - const Partition &partition = bootablePartitions[i]; - Print ("["); Print (i + 1); Print ("] "); - Print ("Drive: "); Print (partition.Drive - TC_FIRST_BIOS_DRIVE); - Print (", Partition: "); Print (partition.Number + 1); - Print (", Size: "); PrintSectorCountInMB (partition.SectorCount); PrintEndl(); - } - - if (bootablePartitionCount == 1) - { - // There's only one bootable partition so we'll boot it directly instead of showing boot manager - partChar = '1'; - } - else - { - Print ("[Esc] Cancel\r\n\r\n"); - Print ("Press 1-9 to select partition: "); - - if (GetString (&partChar, 1) == 0) - return; - - PrintEndl(); - - if (partChar < '1' || partChar > '0' + bootablePartitionCount) - { - Beep(); - continue; - } - } - - const Partition &partition = bootablePartitions[partChar - '0' - 1]; - - if (ReadSectors (SectorBuffer, partition.Drive, partition.StartSector, 1) == BiosResultSuccess) - { - ExecuteBootSector (partition.Drive, SectorBuffer); - } - } -} - - -#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE - -static bool CopySystemPartitionToHiddenVolume (byte drive, byte &exitKey) -{ - bool status = false; - - uint64 sectorsRemaining; - uint64 sectorOffset; - sectorOffset.LowPart = 0; - sectorOffset.HighPart = 0; - - int fragmentSectorCount = 0x7f; // Maximum safe value supported by BIOS - int statCount = 0; - - if (!CheckMemoryRequirements ()) - goto err; - - if (!GetSystemPartitions (drive)) - goto err; - - if (PartitionFollowingActive.Drive == TC_INVALID_BIOS_DRIVE) - TC_THROW_FATAL_EXCEPTION; - - // Check if BIOS can read the last sector of the hidden system - AcquireSectorBuffer(); - - if (ReadSectors (SectorBuffer, PartitionFollowingActive.Drive, PartitionFollowingActive.EndSector - (TC_VOLUME_HEADER_GROUP_SIZE / TC_LB_SIZE - 2), 1) != BiosResultSuccess - || GetCrc32 (SectorBuffer, sizeof (SectorBuffer)) != OuterVolumeBackupHeaderCrc) - { - PrintErrorNoEndl ("Your BIOS does not support large drives"); - Print (IsLbaSupported (PartitionFollowingActive.Drive) ? " due to a bug" : "\r\n- Enable LBA in BIOS"); - PrintEndl(); - Print (TC_BOOT_STR_UPGRADE_BIOS); - - ReleaseSectorBuffer(); - goto err; - } - - ReleaseSectorBuffer(); - - if (!MountVolume (drive, exitKey, true, false)) - return false; - - sectorsRemaining = EncryptedVirtualPartition.SectorCount; - - if (!(sectorsRemaining == ActivePartition.SectorCount)) - TC_THROW_FATAL_EXCEPTION; - - InitScreen(); - Print ("\r\nCopying system to hidden volume. To abort, press Esc.\r\n\r\n"); - - while (sectorsRemaining.HighPart != 0 || sectorsRemaining.LowPart != 0) - { - if (EscKeyPressed()) - { - Print ("\rIf aborted, copying will have to start from the beginning (if attempted again).\r\n"); - if (AskYesNo ("Abort")) - break; - } - - if (sectorsRemaining.HighPart == 0 && sectorsRemaining.LowPart < fragmentSectorCount) - fragmentSectorCount = (int) sectorsRemaining.LowPart; - - if (ReadWriteSectors (false, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, drive, ActivePartition.StartSector + sectorOffset, fragmentSectorCount, false) != BiosResultSuccess) - { - Print ("To fix bad sectors: 1) Terminate 2) Encrypt and decrypt sys partition 3) Retry\r\n"); - crypto_close (BootCryptoInfo); - goto err; - } - - AcquireSectorBuffer(); - - for (int i = 0; i < fragmentSectorCount; ++i) - { - CopyMemory (TC_BOOT_LOADER_BUFFER_SEGMENT, i * TC_LB_SIZE, SectorBuffer, TC_LB_SIZE); - - uint64 s = PimValueOrHiddenVolumeStartUnitNo + sectorOffset + i; - EncryptDataUnits (SectorBuffer, &s, 1, BootCryptoInfo); - - CopyMemory (SectorBuffer, TC_BOOT_LOADER_BUFFER_SEGMENT, i * TC_LB_SIZE, TC_LB_SIZE); - } - - ReleaseSectorBuffer(); - - if (ReadWriteSectors (true, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, drive, HiddenVolumeStartSector + sectorOffset, fragmentSectorCount, false) != BiosResultSuccess) - { - crypto_close (BootCryptoInfo); - goto err; - } - - sectorsRemaining = sectorsRemaining - fragmentSectorCount; - sectorOffset = sectorOffset + fragmentSectorCount; - - if (!(statCount++ & 0xf)) - { - Print ("\rRemaining: "); - PrintSectorCountInMB (sectorsRemaining); - } - } - - crypto_close (BootCryptoInfo); - - if (sectorsRemaining.HighPart == 0 && sectorsRemaining.LowPart == 0) - { - status = true; - Print ("\rCopying completed."); - } - - PrintEndl (2); - goto ret; - -err: - exitKey = TC_BIOS_KEY_ESC; - GetKeyboardChar(); - -ret: - EraseMemory ((void *) TC_BOOT_LOADER_ARGS_OFFSET, sizeof (BootArguments)); - return status; -} - - -#else // TC_WINDOWS_BOOT_RESCUE_DISK_MODE - - -static void DecryptDrive (byte drive) -{ - byte exitKey; - if (!MountVolume (drive, exitKey, false, true)) - return; - - BootArguments *bootArguments = (BootArguments *) TC_BOOT_LOADER_ARGS_OFFSET; - - bool headerUpdateRequired = false; - uint64 sectorsRemaining = EncryptedVirtualPartition.EndSector + 1 - EncryptedVirtualPartition.StartSector; - uint64 sector = EncryptedVirtualPartition.EndSector + 1; - - int fragmentSectorCount = 0x7f; // Maximum safe value supported by BIOS - int statCount = 0; - - bool skipBadSectors = false; - - Print ("\r\nUse only if Windows cannot start. Decryption under Windows is much faster\r\n" - "(in VeraCrypt, select 'System' > 'Permanently Decrypt').\r\n\r\n"); - - if (!AskYesNo ("Decrypt now")) - { - crypto_close (BootCryptoInfo); - goto ret; - } - - if (EncryptedVirtualPartition.Drive == TC_INVALID_BIOS_DRIVE) - { - // Drive already decrypted - sectorsRemaining.HighPart = 0; - sectorsRemaining.LowPart = 0; - } - else - { - Print ("\r\nTo safely interrupt and defer decryption, press Esc.\r\n" - "WARNING: You can turn off power only after you press Esc.\r\n\r\n"); - } - - while (sectorsRemaining.HighPart != 0 || sectorsRemaining.LowPart != 0) - { - if (EscKeyPressed()) - break; - - if (sectorsRemaining.HighPart == 0 && sectorsRemaining.LowPart < fragmentSectorCount) - fragmentSectorCount = (int) sectorsRemaining.LowPart; - - sector = sector - fragmentSectorCount; - - if (!(statCount++ & 0xf)) - { - Print ("\rRemaining: "); - PrintSectorCountInMB (sectorsRemaining); - } - - if (ReadWriteSectors (false, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, drive, sector, fragmentSectorCount, skipBadSectors) == BiosResultSuccess) - { - AcquireSectorBuffer(); - - for (int i = 0; i < fragmentSectorCount; ++i) - { - CopyMemory (TC_BOOT_LOADER_BUFFER_SEGMENT, i * TC_LB_SIZE, SectorBuffer, TC_LB_SIZE); - - uint64 s = sector + i; - DecryptDataUnits (SectorBuffer, &s, 1, BootCryptoInfo); - - CopyMemory (SectorBuffer, TC_BOOT_LOADER_BUFFER_SEGMENT, i * TC_LB_SIZE, TC_LB_SIZE); - } - - ReleaseSectorBuffer(); - - if (ReadWriteSectors (true, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, drive, sector, fragmentSectorCount, skipBadSectors) != BiosResultSuccess && !skipBadSectors) - goto askBadSectorSkip; - } - else if (!skipBadSectors) - goto askBadSectorSkip; - - sectorsRemaining = sectorsRemaining - fragmentSectorCount; - headerUpdateRequired = true; - continue; - -askBadSectorSkip: - if (!AskYesNo ("Skip all bad sectors")) - break; - - skipBadSectors = true; - sector = sector + fragmentSectorCount; - fragmentSectorCount = 1; - } - - crypto_close (BootCryptoInfo); - - if (headerUpdateRequired) - { - Print ("\rUpdating header..."); - - AcquireSectorBuffer(); - uint64 headerSector; - headerSector.HighPart = 0; - headerSector.LowPart = TC_BOOT_VOLUME_HEADER_SECTOR; - - // Update encrypted area size in volume header - - CRYPTO_INFO *headerCryptoInfo = crypto_open(); - while (ReadSectors (SectorBuffer, drive, headerSector, 1) != BiosResultSuccess); - - if (ReadVolumeHeader (TRUE, (char *) SectorBuffer, &bootArguments->BootPassword, (int) (bootArguments->Flags >> 16), NULL, headerCryptoInfo) == 0) - { - DecryptBuffer (SectorBuffer + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, headerCryptoInfo); - - uint64 encryptedAreaLength = sectorsRemaining << TC_LB_SIZE_BIT_SHIFT_DIVISOR; - - for (int i = 7; i >= 0; --i) - { - SectorBuffer[TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH + i] = (byte) encryptedAreaLength.LowPart; - encryptedAreaLength = encryptedAreaLength >> 8; - } - - uint32 headerCrc32 = GetCrc32 (SectorBuffer + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC); - - for (i = 3; i >= 0; --i) - { - SectorBuffer[TC_HEADER_OFFSET_HEADER_CRC + i] = (byte) headerCrc32; - headerCrc32 >>= 8; - } - - EncryptBuffer (SectorBuffer + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, headerCryptoInfo); - } - - crypto_close (headerCryptoInfo); - - while (WriteSectors (SectorBuffer, drive, headerSector, 1) != BiosResultSuccess); - ReleaseSectorBuffer(); - - Print ("Done!\r\n"); - } - - if (sectorsRemaining.HighPart == 0 && sectorsRemaining.LowPart == 0) - Print ("\rDrive decrypted.\r\n"); - else - Print ("\r\nDecryption deferred.\r\n"); - - GetKeyboardChar(); -ret: - EraseMemory (bootArguments, sizeof (*bootArguments)); -} - - -static void RepairMenu () -{ - DriveGeometry bootLoaderDriveGeometry; - - if (GetDriveGeometry (BootLoaderDrive, bootLoaderDriveGeometry, true) != BiosResultSuccess) - { - // Some BIOSes may fail to get the geometry of an emulated floppy drive - bootLoaderDriveGeometry.Cylinders = 80; - bootLoaderDriveGeometry.Heads = 2; - bootLoaderDriveGeometry.Sectors = 18; - } - - while (true) - { - InitScreen(); - Print ("Available "); Print ("Repair Options"); Print (":\r\n"); - PrintRepeatedChar ('\xC4', 25); - PrintEndl(); - - enum - { - RestoreNone = 0, - DecryptVolume, - RestoreTrueCryptLoader, - RestoreVolumeHeader, - RestoreOriginalSystemLoader - }; - - static const char *options[] = { "Permanently decrypt system partition/drive", "Restore VeraCrypt Boot Loader", "Restore key data (volume header)", "Restore original system loader" }; - - int selection = AskSelection (options, - (BootSectorFlags & TC_BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER) ? array_capacity (options) : array_capacity (options) - 1); - - PrintEndl(); - - switch (selection) - { - case RestoreNone: - return; - - case DecryptVolume: - DecryptDrive (BootDrive); - continue; - - case RestoreOriginalSystemLoader: - if (!AskYesNo ("Is the system partition/drive decrypted")) - { - Print ("Please decrypt it first.\r\n"); - GetKeyboardChar(); - continue; - } - break; - } - - bool writeConfirmed = false; - BiosResult result; - - uint64 sector; - sector.HighPart = 0; - ChsAddress chs; - - byte mbrPartTable[TC_LB_SIZE - TC_MAX_MBR_BOOT_CODE_SIZE]; - AcquireSectorBuffer(); - - for (int i = (selection == RestoreVolumeHeader ? TC_BOOT_VOLUME_HEADER_SECTOR : TC_MBR_SECTOR); - i < TC_BOOT_LOADER_AREA_SECTOR_COUNT; ++i) - { - sector.LowPart = i; - - if (selection == RestoreOriginalSystemLoader) - sector.LowPart += TC_ORIG_BOOT_LOADER_BACKUP_SECTOR; - else if (selection == RestoreTrueCryptLoader) - sector.LowPart += TC_BOOT_LOADER_BACKUP_RESCUE_DISK_SECTOR; - - // The backup medium may be a floppy-emulated bootable CD. The emulation may fail if LBA addressing is used. - // Therefore, only CHS addressing can be used. - LbaToChs (bootLoaderDriveGeometry, sector, chs); - sector.LowPart = i; - - if (i == TC_MBR_SECTOR) - { - // Read current partition table - result = ReadSectors (SectorBuffer, TC_FIRST_BIOS_DRIVE, sector, 1); - if (result != BiosResultSuccess) - goto err; - - memcpy (mbrPartTable, SectorBuffer + TC_MAX_MBR_BOOT_CODE_SIZE, sizeof (mbrPartTable)); - } - - result = ReadSectors (SectorBuffer, BootLoaderDrive, chs, 1); - if (result != BiosResultSuccess) - goto err; - - if (i == TC_MBR_SECTOR) - { - // Preserve current partition table - memcpy (SectorBuffer + TC_MAX_MBR_BOOT_CODE_SIZE, mbrPartTable, sizeof (mbrPartTable)); - } - - // Volume header - if (i == TC_BOOT_VOLUME_HEADER_SECTOR) - { - if (selection == RestoreTrueCryptLoader) - continue; - - if (selection == RestoreVolumeHeader) - { - while (true) - { - bool validHeaderPresent = false; - uint32 masterKeyScheduleCrc; - - Password password; - int pim; - byte exitKey = AskPassword (password, pim); - - if (exitKey != TC_BIOS_KEY_ENTER) - goto abort; - - CRYPTO_INFO *cryptoInfo; - - CopyMemory (SectorBuffer, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, TC_LB_SIZE); - ReleaseSectorBuffer(); - - // Restore volume header only if the current one cannot be used - if (OpenVolume (TC_FIRST_BIOS_DRIVE, password, pim, &cryptoInfo, nullptr, false, true)) - { - validHeaderPresent = true; - masterKeyScheduleCrc = GetCrc32 (cryptoInfo->ks, sizeof (cryptoInfo->ks)); - crypto_close (cryptoInfo); - } - - AcquireSectorBuffer(); - CopyMemory (TC_BOOT_LOADER_BUFFER_SEGMENT, 0, SectorBuffer, TC_LB_SIZE); - - if (ReadVolumeHeader (TRUE, (char *) SectorBuffer, &password, pim, &cryptoInfo, nullptr) == 0) - { - if (validHeaderPresent) - { - if (masterKeyScheduleCrc == GetCrc32 (cryptoInfo->ks, sizeof (cryptoInfo->ks))) - { - Print ("Original header preserved.\r\n"); - goto err; - } - - Print ("WARNING: Drive 0 contains a valid header!\r\n"); - } - - crypto_close (cryptoInfo); - break; - } - - Print ("Incorrect password.\r\n\r\n"); - } - } - } - - if (!writeConfirmed && !AskYesNo ("Modify drive 0")) - goto abort; - writeConfirmed = true; - - if (WriteSectors (SectorBuffer, TC_FIRST_BIOS_DRIVE, sector, 1) != BiosResultSuccess) - goto err; - } -done: - switch (selection) - { - case RestoreTrueCryptLoader: - Print ("VeraCrypt Boot Loader"); - break; - - case RestoreVolumeHeader: - Print ("Header"); - break; - - case RestoreOriginalSystemLoader: - Print ("System loader"); - break; - } - Print (" restored.\r\n"); - -err: GetKeyboardChar(); -abort: ReleaseSectorBuffer(); - } -} - -#endif // TC_WINDOWS_BOOT_RESCUE_DISK_MODE - - -#ifndef DEBUG -extern "C" void _acrtused () { } // Required by linker -#endif - - -void main () -{ - __asm mov BootLoaderDrive, dl - __asm mov BootSectorFlags, dh - -#ifdef TC_BOOT_TRACING_ENABLED - InitDebugPort(); -#endif - -#ifdef TC_BOOT_STACK_CHECKING_ENABLED - InitStackChecker(); -#endif - -#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE - ReadBootSectorUserConfiguration(); -#elif defined (TC_WINDOWS_BOOT_AES) - EnableHwEncryption (!(BootSectorFlags & TC_BOOT_CFG_FLAG_RESCUE_DISABLE_HW_ENCRYPTION)); -#endif - - InitVideoMode(); - InitScreen(); - - // Determine boot drive - BootDrive = BootLoaderDrive; - if (BootDrive < TC_FIRST_BIOS_DRIVE) - BootDrive = TC_FIRST_BIOS_DRIVE; - - // Query boot drive geometry - if (GetDriveGeometry (BootDrive, BootDriveGeometry) != BiosResultSuccess) - { - BootDrive = TC_FIRST_BIOS_DRIVE; - if (GetDriveGeometry (BootDrive, BootDriveGeometry) != BiosResultSuccess) - { -#ifdef TC_WINDOWS_BOOT_RESCUE_DISK_MODE - Print ("- Connect system drive to (SATA) port 1\r\n"); -#endif - GetKeyboardChar(); - } - else - BootDriveGeometryValid = true; - } - else - BootDriveGeometryValid = true; - -#ifdef TC_WINDOWS_BOOT_RESCUE_DISK_MODE - - // Check whether the user is not using the Rescue Disk to create a hidden system - - if (ReadWriteMBR (false, BootDrive, true) == BiosResultSuccess - && *(uint32 *) (SectorBuffer + 6) == 0x61726556 - && *(uint32 *) (SectorBuffer + 10) == 0x70797243 - && (SectorBuffer[TC_BOOT_SECTOR_CONFIG_OFFSET] & TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE) != TC_HIDDEN_OS_CREATION_PHASE_NONE) - { - PrintError ("It appears you are creating a hidden OS."); - if (AskYesNo ("Is this correct")) - { - Print ("Please remove the Rescue Disk from the drive and restart."); - while (true); - } - } - -#endif // TC_WINDOWS_BOOT_RESCUE_DISK_MODE - - - // Main menu - - while (true) - { - byte exitKey; - InitScreen(); - -#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE - - // Hidden system setup - byte hiddenSystemCreationPhase = BootSectorFlags & TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE; - - if (hiddenSystemCreationPhase != TC_HIDDEN_OS_CREATION_PHASE_NONE) - { - PreventNormalSystemBoot = true; - PrintMainMenu(); - - if (hiddenSystemCreationPhase == TC_HIDDEN_OS_CREATION_PHASE_CLONING) - { - if (CopySystemPartitionToHiddenVolume (BootDrive, exitKey)) - { - BootSectorFlags = (BootSectorFlags & ~TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE) | TC_HIDDEN_OS_CREATION_PHASE_WIPING; - UpdateBootSectorConfiguration (BootLoaderDrive); - } - else if (exitKey == TC_BIOS_KEY_ESC) - goto bootMenu; - else - continue; - } - } - else - PrintMainMenu(); - - exitKey = BootEncryptedDrive(); - -#else // TC_WINDOWS_BOOT_RESCUE_DISK_MODE - - PrintMainMenu(); - exitKey = BootEncryptedDrive(); - - if (exitKey == TC_MENU_KEY_REPAIR) - { - RepairMenu(); - continue; - } - -#endif // TC_WINDOWS_BOOT_RESCUE_DISK_MODE - -bootMenu: - if (!PreventBootMenu) - BootMenu(); - } -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Crc.h" +#include "Crypto.h" +#include "Password.h" +#include "Volumes.h" + +#include "Platform.h" +#include "Bios.h" +#include "BootConfig.h" +#include "BootMain.h" +#include "BootDefs.h" +#include "BootCommon.h" +#include "BootConsoleIo.h" +#include "BootDebug.h" +#include "BootDiskIo.h" +#include "BootEncryptedIo.h" +#include "BootMemory.h" +#include "BootStrings.h" +#include "IntFilter.h" + + +static void InitScreen () +{ + ClearScreen(); + + const char *title = +#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE + " VeraCrypt Boot Loader " +#else + " VeraCrypt Rescue Disk " +#endif + VERSION_STRING "\r\n"; + + Print (title); + + PrintRepeatedChar ('\xDC', TC_BIOS_MAX_CHARS_PER_LINE); + +#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE + if (CustomUserMessage[0]) + { + PrintEndl(); + Print (CustomUserMessage); + } +#endif + + PrintEndl (2); +} + + +static void PrintMainMenu () +{ + if (PreventBootMenu) + return; + + Print (" Keyboard Controls:\r\n"); + Print (" [F5] Hide/Show Password and PIM\r\n"); + Print (" [Esc] "); + +#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE + + Print ((BootSectorFlags & TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE) != TC_HIDDEN_OS_CREATION_PHASE_NONE + ? "Boot Non-Hidden System (Boot Manager)" + : "Skip Authentication (Boot Manager)"); + +#else // TC_WINDOWS_BOOT_RESCUE_DISK_MODE + + Print ("Skip Authentication (Boot Manager)"); + Print ("\r\n [F8] "); Print ("Repair Options"); + +#endif // TC_WINDOWS_BOOT_RESCUE_DISK_MODE + + PrintEndl (3); +} + + +static bool IsMenuKey (byte scanCode) +{ +#ifdef TC_WINDOWS_BOOT_RESCUE_DISK_MODE + return scanCode == TC_MENU_KEY_REPAIR; +#else + return false; +#endif +} + + +static bool AskYesNo (const char *message) +{ + Print (message); + Print ("? (y/n): "); + while (true) + { + switch (GetKeyboardChar()) + { + case 'y': + case 'Y': + case 'z': + case 'Z': + Print ("y\r\n"); + return true; + + case 'n': + case 'N': + Print ("n\r\n"); + return false; + + default: + Beep(); + } + } +} + + +static int AskSelection (const char *options[], size_t optionCount) +{ + for (int i = 0; i < optionCount; ++i) + { + Print ("["); Print (i + 1); Print ("] "); + Print (options[i]); + PrintEndl(); + } + Print ("[Esc] Cancel\r\n\r\n"); + + Print ("To select, press 1-9: "); + + char str; + + while (true) + { + if (GetString (&str, 1) == 0) + return 0; + + if (str >= '1' && str <= optionCount + '0') + return str - '0'; + + Beep(); + PrintBackspace(); + } +} + + +static byte AskPassword (Password &password, int& pim) +{ + size_t pos = 0; + byte scanCode; + byte asciiCode; + byte hidePassword = 1; + + pim = 0; + + Print ("Enter password"); + Print (PreventNormalSystemBoot ? " for hidden system:\r\n" : ": "); + + while (true) + { + asciiCode = GetKeyboardChar (&scanCode); + + switch (scanCode) + { + case TC_BIOS_KEY_ENTER: + password.Length = pos; + Print ("\r"); + if (!PreventNormalSystemBoot) + Print ("Enter password: "); + pos = 0; + while (pos < MAX_PASSWORD) + { + pos++; + if (pos < MAX_PASSWORD) + PrintChar ('*'); + else + PrintCharAtCursor ('*'); + } + + ClearBiosKeystrokeBuffer(); + PrintEndl(); + + break; + + case TC_BIOS_KEY_BACKSPACE: + if (pos > 0) + { + if (pos < MAX_PASSWORD) + PrintBackspace(); + else + PrintCharAtCursor (' '); + + --pos; + } + continue; + + case TC_BIOS_KEY_F5: + hidePassword ^= 0x01; + continue; + + default: + if (scanCode == TC_BIOS_KEY_ESC || IsMenuKey (scanCode)) + { + burn (password.Text, sizeof (password.Text)); + ClearBiosKeystrokeBuffer(); + + PrintEndl(); + return scanCode; + } + } + + if (TC_BIOS_KEY_ENTER == scanCode) + break; + + if (!IsPrintable (asciiCode) || pos == MAX_PASSWORD) + { + Beep(); + continue; + } + + password.Text[pos++] = asciiCode; + if (hidePassword) asciiCode = '*'; + if (pos < MAX_PASSWORD) + PrintChar (asciiCode); + else + PrintCharAtCursor (asciiCode); + } + +#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE + if (PimValueOrHiddenVolumeStartUnitNo.LowPart != -1) + { + pim = (int) PimValueOrHiddenVolumeStartUnitNo.LowPart; + // reset stored PIM value to allow requesting PIM next time in case the stored value is wrong + PimValueOrHiddenVolumeStartUnitNo.LowPart = -1; + return TC_BIOS_KEY_ENTER; + } + else +#endif + { + pos = 0; + Print ("PIM: "); + + while (true) + { + asciiCode = GetKeyboardChar (&scanCode); + + switch (scanCode) + { + case TC_BIOS_KEY_ENTER: + Print ("\rPIM: "); + pos =0; + while (pos < MAX_PIM) + { + PrintChar ('*'); + pos++; + } + + ClearBiosKeystrokeBuffer(); + PrintEndl(); + + return TC_BIOS_KEY_ENTER; + + case TC_BIOS_KEY_BACKSPACE: + if (pos > 0) + { + if (pos < MAX_PIM) + PrintBackspace(); + else + PrintCharAtCursor (' '); + + --pos; + pim /= 10; + } + continue; + + case TC_BIOS_KEY_F5: + hidePassword ^= 0x01; + continue; + + default: + if (scanCode == TC_BIOS_KEY_ESC || IsMenuKey (scanCode)) + { + burn (password.Text, sizeof (password.Text)); + ClearBiosKeystrokeBuffer(); + + PrintEndl(); + return scanCode; + } + } + + if (!IsDigit (asciiCode) || pos == MAX_PIM) + { + Beep(); + continue; + } + + pim = 10*pim + (asciiCode - '0'); + pos++; + + if (hidePassword) asciiCode = '*'; + if (pos < MAX_PIM) + PrintChar (asciiCode); + else + PrintCharAtCursor (asciiCode); + } + } +} + + +static void ExecuteBootSector (byte drive, byte *sectorBuffer) +{ + Print ("Booting...\r\n"); + CopyMemory (sectorBuffer, 0x0000, 0x7c00, TC_LB_SIZE); + + BootStarted = true; + + uint32 addr = 0x7c00; + __asm + { + cli + mov dl, drive // Boot drive + mov dh, 0 + xor ax, ax + mov si, ax + mov ds, ax + mov es, ax + mov ss, ax + mov sp, 0x7c00 + sti + + jmp cs:addr + } +} + + +static bool OpenVolume (byte drive, Password &password, int pim, CRYPTO_INFO **cryptoInfo, uint32 *headerSaltCrc32, bool skipNormal, bool skipHidden) +{ + int volumeType; + bool hiddenVolume; + uint64 headerSec; + + AcquireSectorBuffer(); + + for (volumeType = 1; volumeType <= 2; ++volumeType) + { + hiddenVolume = (volumeType == 2); + + if (hiddenVolume) + { + if (skipHidden || PartitionFollowingActive.Drive != drive || PartitionFollowingActive.SectorCount <= ActivePartition.SectorCount) + continue; + + headerSec = PartitionFollowingActive.StartSector + TC_HIDDEN_VOLUME_HEADER_OFFSET / TC_LB_SIZE; + } + else + { + if (skipNormal) + continue; + + headerSec.HighPart = 0; + headerSec.LowPart = TC_BOOT_VOLUME_HEADER_SECTOR; + } + + if (ReadSectors (SectorBuffer, drive, headerSec, 1) != BiosResultSuccess) + continue; + + if (ReadVolumeHeader (!hiddenVolume, (char *) SectorBuffer, &password, pim, cryptoInfo, nullptr) == ERR_SUCCESS) + { + // Prevent opening a non-system hidden volume + if (hiddenVolume && !((*cryptoInfo)->HeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM)) + { + crypto_close (*cryptoInfo); + continue; + } + + if (headerSaltCrc32) + *headerSaltCrc32 = GetCrc32 (SectorBuffer, PKCS5_SALT_SIZE); + + break; + } + } + + ReleaseSectorBuffer(); + return volumeType != 3; +} + + +static bool CheckMemoryRequirements () +{ + uint16 codeSeg; + __asm mov codeSeg, cs + if (codeSeg == TC_BOOT_LOADER_LOWMEM_SEGMENT) + { + PrintErrorNoEndl ("BIOS reserved too much memory: "); + + uint16 memFree; + __asm + { + push es + xor ax, ax + mov es, ax + mov ax, es:[0x413] + mov memFree, ax + pop es + } + + Print (memFree); + PrintEndl(); + Print (TC_BOOT_STR_UPGRADE_BIOS); + + return false; + } + + return true; +} + + +static bool MountVolume (byte drive, byte &exitKey, bool skipNormal, bool skipHidden) +{ + BootArguments *bootArguments = (BootArguments *) TC_BOOT_LOADER_ARGS_OFFSET; + int incorrectPasswordCount = 0, pim = 0; + + EraseMemory (bootArguments, sizeof (*bootArguments)); + + // Open volume header + while (true) + { + exitKey = AskPassword (bootArguments->BootPassword, pim); + + if (exitKey != TC_BIOS_KEY_ENTER) + return false; + + Print ("Verifying password..."); + + if (OpenVolume (BootDrive, bootArguments->BootPassword, pim, &BootCryptoInfo, &bootArguments->HeaderSaltCrc32, skipNormal, skipHidden)) + { + Print ("OK\r\n"); + break; + } + if (GetShiftFlags() & TC_BIOS_SHIFTMASK_CAPSLOCK) + Print ("Warning: Caps Lock is on.\r\n"); + + Print ("Incorrect password.\r\n\r\n"); + + if (++incorrectPasswordCount == 4) + { +#ifdef TC_WINDOWS_BOOT_RESCUE_DISK_MODE + Print ("If you are sure the password is correct, the key data may be damaged.\r\n" + "If so, use 'Repair Options' > 'Restore key data'.\r\n\r\n"); +#else + Print ("If you are sure the password is correct, the key data may be damaged. Boot your\r\n" + "VeraCrypt Rescue Disk and select 'Repair Options' > 'Restore key data'.\r\n\r\n"); +#endif + } + } + + // Setup boot arguments + bootArguments->BootLoaderVersion = VERSION_NUM; + bootArguments->CryptoInfoOffset = (uint16) BootCryptoInfo; + bootArguments->CryptoInfoLength = sizeof (*BootCryptoInfo); + bootArguments->Flags = (((uint32)pim) << 16); + + if (BootCryptoInfo->hiddenVolume) + bootArguments->HiddenSystemPartitionStart = PartitionFollowingActive.StartSector << TC_LB_SIZE_BIT_SHIFT_DIVISOR; + + if (ExtraBootPartitionPresent) + bootArguments->Flags |= TC_BOOT_ARGS_FLAG_EXTRA_BOOT_PARTITION; + + TC_SET_BOOT_ARGUMENTS_SIGNATURE (bootArguments->Signature); + + // Setup virtual encrypted partition + if (BootCryptoInfo->EncryptedAreaLength.HighPart != 0 || BootCryptoInfo->EncryptedAreaLength.LowPart != 0) + { + EncryptedVirtualPartition.Drive = BootDrive; + + EncryptedVirtualPartition.StartSector = BootCryptoInfo->EncryptedAreaStart >> TC_LB_SIZE_BIT_SHIFT_DIVISOR; + + PimValueOrHiddenVolumeStartUnitNo = EncryptedVirtualPartition.StartSector; + HiddenVolumeStartSector = PartitionFollowingActive.StartSector; + HiddenVolumeStartSector += EncryptedVirtualPartition.StartSector; + + EncryptedVirtualPartition.SectorCount = BootCryptoInfo->EncryptedAreaLength >> TC_LB_SIZE_BIT_SHIFT_DIVISOR; + + EncryptedVirtualPartition.EndSector = EncryptedVirtualPartition.SectorCount - 1; + EncryptedVirtualPartition.EndSector += EncryptedVirtualPartition.StartSector; + } + else + { + // Drive not encrypted + EncryptedVirtualPartition.Drive = TC_INVALID_BIOS_DRIVE; + } + + return true; +} + + +static bool GetSystemPartitions (byte drive) +{ + size_t partCount; + + if (!GetActivePartition (drive)) + return false; + + // Find partition following the active one + GetDrivePartitions (drive, &PartitionFollowingActive, 1, partCount, false, &ActivePartition); + + // If there is an extra boot partition, use the partitions following it. + // The real boot partition is determined in BootEncryptedDrive(). + if (ActivePartition.SectorCount.HighPart == 0 && ActivePartition.SectorCount.LowPart <= TC_MAX_EXTRA_BOOT_PARTITION_SIZE / TC_LB_SIZE + && PartitionFollowingActive.Drive != TC_INVALID_BIOS_DRIVE) + { + ExtraBootPartitionPresent = true; + + ActivePartition = PartitionFollowingActive; + GetDrivePartitions (drive, &PartitionFollowingActive, 1, partCount, false, &ActivePartition); + } + + return true; +} + + +static byte BootEncryptedDrive () +{ + BootArguments *bootArguments = (BootArguments *) TC_BOOT_LOADER_ARGS_OFFSET; + byte exitKey; + BootCryptoInfo = NULL; + + if (!GetSystemPartitions (BootDrive)) + goto err; + + if (!MountVolume (BootDrive, exitKey, PreventNormalSystemBoot, false)) + return exitKey; + + if (!CheckMemoryRequirements ()) + goto err; + + if (BootCryptoInfo->hiddenVolume) + { + EncryptedVirtualPartition = ActivePartition; + bootArguments->DecoySystemPartitionStart = ActivePartition.StartSector << TC_LB_SIZE_BIT_SHIFT_DIVISOR; + } + + if (ExtraBootPartitionPresent && !GetActivePartition (BootDrive)) + goto err; + + if (ReadWriteMBR (false, ActivePartition.Drive) != BiosResultSuccess) + goto err; + + bootArguments->BootDriveSignature = *(uint32 *) (SectorBuffer + 0x1b8); + + if (!InstallInterruptFilters()) + goto err; + + bootArguments->BootArgumentsCrc32 = GetCrc32 ((byte *) bootArguments, (byte *) &bootArguments->BootArgumentsCrc32 - (byte *) bootArguments); + + while (true) + { + // Execute boot sector of the active partition + if (ReadSectors (SectorBuffer, ActivePartition.Drive, ActivePartition.StartSector, 1) == BiosResultSuccess) + { + if (*(uint16 *) (SectorBuffer + 510) != 0xaa55) + { + PrintError (TC_BOOT_STR_NO_BOOT_PARTITION); + GetKeyboardChar(); + } + + ExecuteBootSector (ActivePartition.Drive, SectorBuffer); + } + + GetKeyboardChar(); + } + +err: + if (BootCryptoInfo) + { + crypto_close (BootCryptoInfo); + BootCryptoInfo = NULL; + } + + EncryptedVirtualPartition.Drive = TC_INVALID_BIOS_DRIVE; + EraseMemory ((void *) TC_BOOT_LOADER_ARGS_OFFSET, sizeof (BootArguments)); + + byte scanCode; + GetKeyboardChar (&scanCode); + return scanCode; +} + + +static void BootMenu () +{ + BiosResult result; + Partition partitions[16]; + Partition bootablePartitions[9]; + size_t partitionCount; + size_t bootablePartitionCount = 0; + + for (byte drive = TC_FIRST_BIOS_DRIVE; drive <= TC_LAST_BIOS_DRIVE; ++drive) + { + if (GetDrivePartitions (drive, partitions, array_capacity (partitions), partitionCount, false, nullptr, true) == BiosResultSuccess) + { + for (size_t i = 0; i < partitionCount; ++i) + { + const Partition &partition = partitions[i]; + result = ReadSectors (SectorBuffer, drive, partition.StartSector, 1); + + if (result == BiosResultSuccess && *(uint16 *) (SectorBuffer + TC_LB_SIZE - 2) == 0xaa55) + { + // Windows writes boot loader on all NTFS/FAT filesytems it creates and, therefore, + // NTFS/FAT partitions must have the boot indicator set to be considered bootable. + if (!partition.Active + && (*(uint32 *) (SectorBuffer + 3) == 0x5346544e // 'NTFS' + || *(uint32 *) (SectorBuffer + 3) == 0x41465845 && SectorBuffer[7] == 'T' // 'exFAT' + || *(uint16 *) (SectorBuffer + 54) == 0x4146 && SectorBuffer[56] == 'T' // 'FAT' + || *(uint16 *) (SectorBuffer + 82) == 0x4146 && SectorBuffer[84] == 'T')) + { + continue; + } + + // Bootable sector found + if (bootablePartitionCount < array_capacity (bootablePartitions)) + bootablePartitions[bootablePartitionCount++] = partition; + } + } + } + } + + if (bootablePartitionCount < 1) + { + PrintError (TC_BOOT_STR_NO_BOOT_PARTITION); + GetKeyboardChar(); + return; + } + + char partChar; + while (true) + { + InitScreen(); + Print ("Bootable Partitions:\r\n"); + PrintRepeatedChar ('\xC4', 20); + Print ("\r\n"); + + for (size_t i = 0; i < bootablePartitionCount; ++i) + { + const Partition &partition = bootablePartitions[i]; + Print ("["); Print (i + 1); Print ("] "); + Print ("Drive: "); Print (partition.Drive - TC_FIRST_BIOS_DRIVE); + Print (", Partition: "); Print (partition.Number + 1); + Print (", Size: "); PrintSectorCountInMB (partition.SectorCount); PrintEndl(); + } + + if (bootablePartitionCount == 1) + { + // There's only one bootable partition so we'll boot it directly instead of showing boot manager + partChar = '1'; + } + else + { + Print ("[Esc] Cancel\r\n\r\n"); + Print ("Press 1-9 to select partition: "); + + if (GetString (&partChar, 1) == 0) + return; + + PrintEndl(); + + if (partChar < '1' || partChar > '0' + bootablePartitionCount) + { + Beep(); + continue; + } + } + + const Partition &partition = bootablePartitions[partChar - '0' - 1]; + + if (ReadSectors (SectorBuffer, partition.Drive, partition.StartSector, 1) == BiosResultSuccess) + { + ExecuteBootSector (partition.Drive, SectorBuffer); + } + } +} + + +#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE + +static bool CopySystemPartitionToHiddenVolume (byte drive, byte &exitKey) +{ + bool status = false; + + uint64 sectorsRemaining; + uint64 sectorOffset; + sectorOffset.LowPart = 0; + sectorOffset.HighPart = 0; + + int fragmentSectorCount = 0x7f; // Maximum safe value supported by BIOS + int statCount = 0; + + if (!CheckMemoryRequirements ()) + goto err; + + if (!GetSystemPartitions (drive)) + goto err; + + if (PartitionFollowingActive.Drive == TC_INVALID_BIOS_DRIVE) + TC_THROW_FATAL_EXCEPTION; + + // Check if BIOS can read the last sector of the hidden system + AcquireSectorBuffer(); + + if (ReadSectors (SectorBuffer, PartitionFollowingActive.Drive, PartitionFollowingActive.EndSector - (TC_VOLUME_HEADER_GROUP_SIZE / TC_LB_SIZE - 2), 1) != BiosResultSuccess + || GetCrc32 (SectorBuffer, sizeof (SectorBuffer)) != OuterVolumeBackupHeaderCrc) + { + PrintErrorNoEndl ("Your BIOS does not support large drives"); + Print (IsLbaSupported (PartitionFollowingActive.Drive) ? " due to a bug" : "\r\n- Enable LBA in BIOS"); + PrintEndl(); + Print (TC_BOOT_STR_UPGRADE_BIOS); + + ReleaseSectorBuffer(); + goto err; + } + + ReleaseSectorBuffer(); + + if (!MountVolume (drive, exitKey, true, false)) + return false; + + sectorsRemaining = EncryptedVirtualPartition.SectorCount; + + if (!(sectorsRemaining == ActivePartition.SectorCount)) + TC_THROW_FATAL_EXCEPTION; + + InitScreen(); + Print ("\r\nCopying system to hidden volume. To abort, press Esc.\r\n\r\n"); + + while (sectorsRemaining.HighPart != 0 || sectorsRemaining.LowPart != 0) + { + if (EscKeyPressed()) + { + Print ("\rIf aborted, copying will have to start from the beginning (if attempted again).\r\n"); + if (AskYesNo ("Abort")) + break; + } + + if (sectorsRemaining.HighPart == 0 && sectorsRemaining.LowPart < fragmentSectorCount) + fragmentSectorCount = (int) sectorsRemaining.LowPart; + + if (ReadWriteSectors (false, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, drive, ActivePartition.StartSector + sectorOffset, fragmentSectorCount, false) != BiosResultSuccess) + { + Print ("To fix bad sectors: 1) Terminate 2) Encrypt and decrypt sys partition 3) Retry\r\n"); + crypto_close (BootCryptoInfo); + goto err; + } + + AcquireSectorBuffer(); + + for (int i = 0; i < fragmentSectorCount; ++i) + { + CopyMemory (TC_BOOT_LOADER_BUFFER_SEGMENT, i * TC_LB_SIZE, SectorBuffer, TC_LB_SIZE); + + uint64 s = PimValueOrHiddenVolumeStartUnitNo + sectorOffset + i; + EncryptDataUnits (SectorBuffer, &s, 1, BootCryptoInfo); + + CopyMemory (SectorBuffer, TC_BOOT_LOADER_BUFFER_SEGMENT, i * TC_LB_SIZE, TC_LB_SIZE); + } + + ReleaseSectorBuffer(); + + if (ReadWriteSectors (true, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, drive, HiddenVolumeStartSector + sectorOffset, fragmentSectorCount, false) != BiosResultSuccess) + { + crypto_close (BootCryptoInfo); + goto err; + } + + sectorsRemaining = sectorsRemaining - fragmentSectorCount; + sectorOffset = sectorOffset + fragmentSectorCount; + + if (!(statCount++ & 0xf)) + { + Print ("\rRemaining: "); + PrintSectorCountInMB (sectorsRemaining); + } + } + + crypto_close (BootCryptoInfo); + + if (sectorsRemaining.HighPart == 0 && sectorsRemaining.LowPart == 0) + { + status = true; + Print ("\rCopying completed."); + } + + PrintEndl (2); + goto ret; + +err: + exitKey = TC_BIOS_KEY_ESC; + GetKeyboardChar(); + +ret: + EraseMemory ((void *) TC_BOOT_LOADER_ARGS_OFFSET, sizeof (BootArguments)); + return status; +} + + +#else // TC_WINDOWS_BOOT_RESCUE_DISK_MODE + + +static void DecryptDrive (byte drive) +{ + byte exitKey; + if (!MountVolume (drive, exitKey, false, true)) + return; + + BootArguments *bootArguments = (BootArguments *) TC_BOOT_LOADER_ARGS_OFFSET; + + bool headerUpdateRequired = false; + uint64 sectorsRemaining = EncryptedVirtualPartition.EndSector + 1 - EncryptedVirtualPartition.StartSector; + uint64 sector = EncryptedVirtualPartition.EndSector + 1; + + int fragmentSectorCount = 0x7f; // Maximum safe value supported by BIOS + int statCount = 0; + + bool skipBadSectors = false; + + Print ("\r\nUse only if Windows cannot start. Decryption under Windows is much faster\r\n" + "(in VeraCrypt, select 'System' > 'Permanently Decrypt').\r\n\r\n"); + + if (!AskYesNo ("Decrypt now")) + { + crypto_close (BootCryptoInfo); + goto ret; + } + + if (EncryptedVirtualPartition.Drive == TC_INVALID_BIOS_DRIVE) + { + // Drive already decrypted + sectorsRemaining.HighPart = 0; + sectorsRemaining.LowPart = 0; + } + else + { + Print ("\r\nTo safely interrupt and defer decryption, press Esc.\r\n" + "WARNING: You can turn off power only after you press Esc.\r\n\r\n"); + } + + while (sectorsRemaining.HighPart != 0 || sectorsRemaining.LowPart != 0) + { + if (EscKeyPressed()) + break; + + if (sectorsRemaining.HighPart == 0 && sectorsRemaining.LowPart < fragmentSectorCount) + fragmentSectorCount = (int) sectorsRemaining.LowPart; + + sector = sector - fragmentSectorCount; + + if (!(statCount++ & 0xf)) + { + Print ("\rRemaining: "); + PrintSectorCountInMB (sectorsRemaining); + } + + if (ReadWriteSectors (false, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, drive, sector, fragmentSectorCount, skipBadSectors) == BiosResultSuccess) + { + AcquireSectorBuffer(); + + for (int i = 0; i < fragmentSectorCount; ++i) + { + CopyMemory (TC_BOOT_LOADER_BUFFER_SEGMENT, i * TC_LB_SIZE, SectorBuffer, TC_LB_SIZE); + + uint64 s = sector + i; + DecryptDataUnits (SectorBuffer, &s, 1, BootCryptoInfo); + + CopyMemory (SectorBuffer, TC_BOOT_LOADER_BUFFER_SEGMENT, i * TC_LB_SIZE, TC_LB_SIZE); + } + + ReleaseSectorBuffer(); + + if (ReadWriteSectors (true, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, drive, sector, fragmentSectorCount, skipBadSectors) != BiosResultSuccess && !skipBadSectors) + goto askBadSectorSkip; + } + else if (!skipBadSectors) + goto askBadSectorSkip; + + sectorsRemaining = sectorsRemaining - fragmentSectorCount; + headerUpdateRequired = true; + continue; + +askBadSectorSkip: + if (!AskYesNo ("Skip all bad sectors")) + break; + + skipBadSectors = true; + sector = sector + fragmentSectorCount; + fragmentSectorCount = 1; + } + + crypto_close (BootCryptoInfo); + + if (headerUpdateRequired) + { + Print ("\rUpdating header..."); + + AcquireSectorBuffer(); + uint64 headerSector; + headerSector.HighPart = 0; + headerSector.LowPart = TC_BOOT_VOLUME_HEADER_SECTOR; + + // Update encrypted area size in volume header + + CRYPTO_INFO *headerCryptoInfo = crypto_open(); + while (ReadSectors (SectorBuffer, drive, headerSector, 1) != BiosResultSuccess); + + if (ReadVolumeHeader (TRUE, (char *) SectorBuffer, &bootArguments->BootPassword, (int) (bootArguments->Flags >> 16), NULL, headerCryptoInfo) == 0) + { + DecryptBuffer (SectorBuffer + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, headerCryptoInfo); + + uint64 encryptedAreaLength = sectorsRemaining << TC_LB_SIZE_BIT_SHIFT_DIVISOR; + + for (int i = 7; i >= 0; --i) + { + SectorBuffer[TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH + i] = (byte) encryptedAreaLength.LowPart; + encryptedAreaLength = encryptedAreaLength >> 8; + } + + uint32 headerCrc32 = GetCrc32 (SectorBuffer + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC); + + for (i = 3; i >= 0; --i) + { + SectorBuffer[TC_HEADER_OFFSET_HEADER_CRC + i] = (byte) headerCrc32; + headerCrc32 >>= 8; + } + + EncryptBuffer (SectorBuffer + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, headerCryptoInfo); + } + + crypto_close (headerCryptoInfo); + + while (WriteSectors (SectorBuffer, drive, headerSector, 1) != BiosResultSuccess); + ReleaseSectorBuffer(); + + Print ("Done!\r\n"); + } + + if (sectorsRemaining.HighPart == 0 && sectorsRemaining.LowPart == 0) + Print ("\rDrive decrypted.\r\n"); + else + Print ("\r\nDecryption deferred.\r\n"); + + GetKeyboardChar(); +ret: + EraseMemory (bootArguments, sizeof (*bootArguments)); +} + + +static void RepairMenu () +{ + DriveGeometry bootLoaderDriveGeometry; + + if (GetDriveGeometry (BootLoaderDrive, bootLoaderDriveGeometry, true) != BiosResultSuccess) + { + // Some BIOSes may fail to get the geometry of an emulated floppy drive + bootLoaderDriveGeometry.Cylinders = 80; + bootLoaderDriveGeometry.Heads = 2; + bootLoaderDriveGeometry.Sectors = 18; + } + + while (true) + { + InitScreen(); + Print ("Available "); Print ("Repair Options"); Print (":\r\n"); + PrintRepeatedChar ('\xC4', 25); + PrintEndl(); + + enum + { + RestoreNone = 0, + DecryptVolume, + RestoreTrueCryptLoader, + RestoreVolumeHeader, + RestoreOriginalSystemLoader + }; + + static const char *options[] = { "Permanently decrypt system partition/drive", "Restore VeraCrypt Boot Loader", "Restore key data (volume header)", "Restore original system loader" }; + + int selection = AskSelection (options, + (BootSectorFlags & TC_BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER) ? array_capacity (options) : array_capacity (options) - 1); + + PrintEndl(); + + switch (selection) + { + case RestoreNone: + return; + + case DecryptVolume: + DecryptDrive (BootDrive); + continue; + + case RestoreOriginalSystemLoader: + if (!AskYesNo ("Is the system partition/drive decrypted")) + { + Print ("Please decrypt it first.\r\n"); + GetKeyboardChar(); + continue; + } + break; + } + + bool writeConfirmed = false; + BiosResult result; + + uint64 sector; + sector.HighPart = 0; + ChsAddress chs; + + byte mbrPartTable[TC_LB_SIZE - TC_MAX_MBR_BOOT_CODE_SIZE]; + AcquireSectorBuffer(); + + for (int i = (selection == RestoreVolumeHeader ? TC_BOOT_VOLUME_HEADER_SECTOR : TC_MBR_SECTOR); + i < TC_BOOT_LOADER_AREA_SECTOR_COUNT; ++i) + { + sector.LowPart = i; + + if (selection == RestoreOriginalSystemLoader) + sector.LowPart += TC_ORIG_BOOT_LOADER_BACKUP_SECTOR; + else if (selection == RestoreTrueCryptLoader) + sector.LowPart += TC_BOOT_LOADER_BACKUP_RESCUE_DISK_SECTOR; + + // The backup medium may be a floppy-emulated bootable CD. The emulation may fail if LBA addressing is used. + // Therefore, only CHS addressing can be used. + LbaToChs (bootLoaderDriveGeometry, sector, chs); + sector.LowPart = i; + + if (i == TC_MBR_SECTOR) + { + // Read current partition table + result = ReadSectors (SectorBuffer, TC_FIRST_BIOS_DRIVE, sector, 1); + if (result != BiosResultSuccess) + goto err; + + memcpy (mbrPartTable, SectorBuffer + TC_MAX_MBR_BOOT_CODE_SIZE, sizeof (mbrPartTable)); + } + + result = ReadSectors (SectorBuffer, BootLoaderDrive, chs, 1); + if (result != BiosResultSuccess) + goto err; + + if (i == TC_MBR_SECTOR) + { + // Preserve current partition table + memcpy (SectorBuffer + TC_MAX_MBR_BOOT_CODE_SIZE, mbrPartTable, sizeof (mbrPartTable)); + } + + // Volume header + if (i == TC_BOOT_VOLUME_HEADER_SECTOR) + { + if (selection == RestoreTrueCryptLoader) + continue; + + if (selection == RestoreVolumeHeader) + { + while (true) + { + bool validHeaderPresent = false; + uint32 masterKeyScheduleCrc; + + Password password; + int pim; + byte exitKey = AskPassword (password, pim); + + if (exitKey != TC_BIOS_KEY_ENTER) + goto abort; + + CRYPTO_INFO *cryptoInfo; + + CopyMemory (SectorBuffer, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, TC_LB_SIZE); + ReleaseSectorBuffer(); + + // Restore volume header only if the current one cannot be used + if (OpenVolume (TC_FIRST_BIOS_DRIVE, password, pim, &cryptoInfo, nullptr, false, true)) + { + validHeaderPresent = true; + masterKeyScheduleCrc = GetCrc32 (cryptoInfo->ks, sizeof (cryptoInfo->ks)); + crypto_close (cryptoInfo); + } + + AcquireSectorBuffer(); + CopyMemory (TC_BOOT_LOADER_BUFFER_SEGMENT, 0, SectorBuffer, TC_LB_SIZE); + + if (ReadVolumeHeader (TRUE, (char *) SectorBuffer, &password, pim, &cryptoInfo, nullptr) == 0) + { + if (validHeaderPresent) + { + if (masterKeyScheduleCrc == GetCrc32 (cryptoInfo->ks, sizeof (cryptoInfo->ks))) + { + Print ("Original header preserved.\r\n"); + goto err; + } + + Print ("WARNING: Drive 0 contains a valid header!\r\n"); + } + + crypto_close (cryptoInfo); + break; + } + + Print ("Incorrect password.\r\n\r\n"); + } + } + } + + if (!writeConfirmed && !AskYesNo ("Modify drive 0")) + goto abort; + writeConfirmed = true; + + if (WriteSectors (SectorBuffer, TC_FIRST_BIOS_DRIVE, sector, 1) != BiosResultSuccess) + goto err; + } +done: + switch (selection) + { + case RestoreTrueCryptLoader: + Print ("VeraCrypt Boot Loader"); + break; + + case RestoreVolumeHeader: + Print ("Header"); + break; + + case RestoreOriginalSystemLoader: + Print ("System loader"); + break; + } + Print (" restored.\r\n"); + +err: GetKeyboardChar(); +abort: ReleaseSectorBuffer(); + } +} + +#endif // TC_WINDOWS_BOOT_RESCUE_DISK_MODE + + +#ifndef DEBUG +extern "C" void _acrtused () { } // Required by linker +#endif + + +void main () +{ + __asm mov BootLoaderDrive, dl + __asm mov BootSectorFlags, dh + +#ifdef TC_BOOT_TRACING_ENABLED + InitDebugPort(); +#endif + +#ifdef TC_BOOT_STACK_CHECKING_ENABLED + InitStackChecker(); +#endif + +#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE + ReadBootSectorUserConfiguration(); +#elif defined (TC_WINDOWS_BOOT_AES) + EnableHwEncryption (!(BootSectorFlags & TC_BOOT_CFG_FLAG_RESCUE_DISABLE_HW_ENCRYPTION)); +#endif + + InitVideoMode(); + InitScreen(); + + // Determine boot drive + BootDrive = BootLoaderDrive; + if (BootDrive < TC_FIRST_BIOS_DRIVE) + BootDrive = TC_FIRST_BIOS_DRIVE; + + // Query boot drive geometry + if (GetDriveGeometry (BootDrive, BootDriveGeometry) != BiosResultSuccess) + { + BootDrive = TC_FIRST_BIOS_DRIVE; + if (GetDriveGeometry (BootDrive, BootDriveGeometry) != BiosResultSuccess) + { +#ifdef TC_WINDOWS_BOOT_RESCUE_DISK_MODE + Print ("- Connect system drive to (SATA) port 1\r\n"); +#endif + GetKeyboardChar(); + } + else + BootDriveGeometryValid = true; + } + else + BootDriveGeometryValid = true; + +#ifdef TC_WINDOWS_BOOT_RESCUE_DISK_MODE + + // Check whether the user is not using the Rescue Disk to create a hidden system + + if (ReadWriteMBR (false, BootDrive, true) == BiosResultSuccess + && *(uint32 *) (SectorBuffer + 6) == 0x61726556 + && *(uint32 *) (SectorBuffer + 10) == 0x70797243 + && (SectorBuffer[TC_BOOT_SECTOR_CONFIG_OFFSET] & TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE) != TC_HIDDEN_OS_CREATION_PHASE_NONE) + { + PrintError ("It appears you are creating a hidden OS."); + if (AskYesNo ("Is this correct")) + { + Print ("Please remove the Rescue Disk from the drive and restart."); + while (true); + } + } + +#endif // TC_WINDOWS_BOOT_RESCUE_DISK_MODE + + + // Main menu + + while (true) + { + byte exitKey; + InitScreen(); + +#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE + + // Hidden system setup + byte hiddenSystemCreationPhase = BootSectorFlags & TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE; + + if (hiddenSystemCreationPhase != TC_HIDDEN_OS_CREATION_PHASE_NONE) + { + PreventNormalSystemBoot = true; + PrintMainMenu(); + + if (hiddenSystemCreationPhase == TC_HIDDEN_OS_CREATION_PHASE_CLONING) + { + if (CopySystemPartitionToHiddenVolume (BootDrive, exitKey)) + { + BootSectorFlags = (BootSectorFlags & ~TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE) | TC_HIDDEN_OS_CREATION_PHASE_WIPING; + UpdateBootSectorConfiguration (BootLoaderDrive); + } + else if (exitKey == TC_BIOS_KEY_ESC) + goto bootMenu; + else + continue; + } + } + else + PrintMainMenu(); + + exitKey = BootEncryptedDrive(); + +#else // TC_WINDOWS_BOOT_RESCUE_DISK_MODE + + PrintMainMenu(); + exitKey = BootEncryptedDrive(); + + if (exitKey == TC_MENU_KEY_REPAIR) + { + RepairMenu(); + continue; + } + +#endif // TC_WINDOWS_BOOT_RESCUE_DISK_MODE + +bootMenu: + if (!PreventBootMenu) + BootMenu(); + } +} diff --git a/src/Boot/Windows/BootMain.h b/src/Boot/Windows/BootMain.h index b6e75fa6..2f212a18 100644 --- a/src/Boot/Windows/BootMain.h +++ b/src/Boot/Windows/BootMain.h @@ -1,34 +1,34 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Boot_BootMain -#define TC_HEADER_Boot_BootMain - -#include "TCdefs.h" -#include "Platform.h" - -static byte AskPassword (Password &password, int& pim); -static int AskSelection (const char *options[], size_t optionCount); -static bool AskYesNo (const char *message); -static byte BootEncryptedDrive (); -static void BootMenu (); -static void ExecuteBootSector (byte drive, byte *sectorBuffer); -static void InitScreen (); -static bool IsMenuKey (byte scanCode); -static bool MountVolume (byte drive, byte &exitKey); -static bool OpenVolume (byte drive, Password &password, CRYPTO_INFO **cryptoInfo, uint32 *headerSaltCrc32 = nullptr, bool skipNormal = false, bool skipHidden = false); -static void PrintMainMenu (); -static void RepairMenu (); - -#define TC_MENU_KEY_REPAIR TC_BIOS_KEY_F8 - -#endif // TC_HEADER_Boot_BootMain +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Boot_BootMain +#define TC_HEADER_Boot_BootMain + +#include "TCdefs.h" +#include "Platform.h" + +static byte AskPassword (Password &password, int& pim); +static int AskSelection (const char *options[], size_t optionCount); +static bool AskYesNo (const char *message); +static byte BootEncryptedDrive (); +static void BootMenu (); +static void ExecuteBootSector (byte drive, byte *sectorBuffer); +static void InitScreen (); +static bool IsMenuKey (byte scanCode); +static bool MountVolume (byte drive, byte &exitKey); +static bool OpenVolume (byte drive, Password &password, CRYPTO_INFO **cryptoInfo, uint32 *headerSaltCrc32 = nullptr, bool skipNormal = false, bool skipHidden = false); +static void PrintMainMenu (); +static void RepairMenu (); + +#define TC_MENU_KEY_REPAIR TC_BIOS_KEY_F8 + +#endif // TC_HEADER_Boot_BootMain diff --git a/src/Boot/Windows/BootMemory.cpp b/src/Boot/Windows/BootMemory.cpp index c1dd3833..505b731a 100644 --- a/src/Boot/Windows/BootMemory.cpp +++ b/src/Boot/Windows/BootMemory.cpp @@ -1,86 +1,86 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "BootDefs.h" -#include "BootMemory.h" - -static uint32 MemoryMapContValue; - -static bool GetMemoryMapEntry (BiosMemoryMapEntry &entry) -{ - static const uint32 function = 0x0000E820UL; - static const uint32 magic = 0x534D4150UL; - static const uint32 bufferSize = sizeof (BiosMemoryMapEntry); - - bool carry = false; - uint32 resultMagic; - uint32 resultSize; - - __asm - { - push es - - lea di, function - TC_ASM_MOV_EAX_DI - lea di, MemoryMapContValue - TC_ASM_MOV_EBX_DI - lea di, bufferSize - TC_ASM_MOV_ECX_DI - lea di, magic - TC_ASM_MOV_EDX_DI - lea di, MemoryMapContValue - TC_ASM_MOV_DI_ECX - - // Use alternative segment to prevent memory corruption caused by buggy BIOSes - push TC_BOOT_LOADER_ALT_SEGMENT - pop es - mov di, 0 - - int 0x15 - jnc no_carry - mov carry, true - no_carry: - - lea di, resultMagic - TC_ASM_MOV_DI_EAX - lea di, MemoryMapContValue - TC_ASM_MOV_DI_EBX - lea di, resultSize - TC_ASM_MOV_DI_ECX - - pop es - } - - CopyMemory (TC_BOOT_LOADER_ALT_SEGMENT, 0, &entry, sizeof (entry)); - - // BIOS may set CF at the end of the list - if (carry) - MemoryMapContValue = 0; - - return resultMagic == magic && resultSize == bufferSize; -} - - -bool GetFirstBiosMemoryMapEntry (BiosMemoryMapEntry &entry) -{ - MemoryMapContValue = 0; - return GetMemoryMapEntry (entry); -} - - -bool GetNextBiosMemoryMapEntry (BiosMemoryMapEntry &entry) -{ - if (MemoryMapContValue == 0) - return false; - - return GetMemoryMapEntry (entry); -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "BootDefs.h" +#include "BootMemory.h" + +static uint32 MemoryMapContValue; + +static bool GetMemoryMapEntry (BiosMemoryMapEntry &entry) +{ + static const uint32 function = 0x0000E820UL; + static const uint32 magic = 0x534D4150UL; + static const uint32 bufferSize = sizeof (BiosMemoryMapEntry); + + bool carry = false; + uint32 resultMagic; + uint32 resultSize; + + __asm + { + push es + + lea di, function + TC_ASM_MOV_EAX_DI + lea di, MemoryMapContValue + TC_ASM_MOV_EBX_DI + lea di, bufferSize + TC_ASM_MOV_ECX_DI + lea di, magic + TC_ASM_MOV_EDX_DI + lea di, MemoryMapContValue + TC_ASM_MOV_DI_ECX + + // Use alternative segment to prevent memory corruption caused by buggy BIOSes + push TC_BOOT_LOADER_ALT_SEGMENT + pop es + mov di, 0 + + int 0x15 + jnc no_carry + mov carry, true + no_carry: + + lea di, resultMagic + TC_ASM_MOV_DI_EAX + lea di, MemoryMapContValue + TC_ASM_MOV_DI_EBX + lea di, resultSize + TC_ASM_MOV_DI_ECX + + pop es + } + + CopyMemory (TC_BOOT_LOADER_ALT_SEGMENT, 0, &entry, sizeof (entry)); + + // BIOS may set CF at the end of the list + if (carry) + MemoryMapContValue = 0; + + return resultMagic == magic && resultSize == bufferSize; +} + + +bool GetFirstBiosMemoryMapEntry (BiosMemoryMapEntry &entry) +{ + MemoryMapContValue = 0; + return GetMemoryMapEntry (entry); +} + + +bool GetNextBiosMemoryMapEntry (BiosMemoryMapEntry &entry) +{ + if (MemoryMapContValue == 0) + return false; + + return GetMemoryMapEntry (entry); +} diff --git a/src/Boot/Windows/BootMemory.h b/src/Boot/Windows/BootMemory.h index 0ed0470d..d4ad1561 100644 --- a/src/Boot/Windows/BootMemory.h +++ b/src/Boot/Windows/BootMemory.h @@ -1,28 +1,28 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Platform.h" -#include "Bios.h" - -#pragma pack(1) - -struct BiosMemoryMapEntry -{ - uint64 BaseAddress; - uint64 Length; - uint32 Type; -}; - -#pragma pack() - -bool GetFirstBiosMemoryMapEntry (BiosMemoryMapEntry &entry); -bool GetNextBiosMemoryMapEntry (BiosMemoryMapEntry &entry); +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Platform.h" +#include "Bios.h" + +#pragma pack(1) + +struct BiosMemoryMapEntry +{ + uint64 BaseAddress; + uint64 Length; + uint32 Type; +}; + +#pragma pack() + +bool GetFirstBiosMemoryMapEntry (BiosMemoryMapEntry &entry); +bool GetNextBiosMemoryMapEntry (BiosMemoryMapEntry &entry); diff --git a/src/Boot/Windows/BootSector.asm b/src/Boot/Windows/BootSector.asm index e0049d29..0518414f 100644 --- a/src/Boot/Windows/BootSector.asm +++ b/src/Boot/Windows/BootSector.asm @@ -1,244 +1,244 @@ -; -; Derived from source code of TrueCrypt 7.1a, which is -; Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed -; by the TrueCrypt License 3.0. -; -; Modifications and additions to the original source code (contained in this file) -; and all other portions of this file are Copyright (c) 2013-2016 IDRIX -; and are governed by the Apache License 2.0 the full text of which is -; contained in the file License.txt included in VeraCrypt binary and source -; code distribution packages. -; - -.MODEL tiny -.386 -_TEXT SEGMENT USE16 - -INCLUDE BootDefs.i - -ORG 7C00h ; Standard boot sector offset - -start: - ; BIOS executes boot sector from 0:7C00 or 7C0:0000 (default CD boot loader address). - ; Far jump to the next instruction sets IP to the standard offset 7C00. - db 0EAh ; jmp 0:main - dw main, 0 - -loader_name_msg: - db ' VeraCrypt Boot Loader', 13, 10, 0 - -main: - cli - xor ax, ax - mov ds, ax - mov ss, ax - mov sp, 7C00h - sti - - ; Display boot loader name - test byte ptr [start + TC_BOOT_SECTOR_USER_CONFIG_OFFSET], TC_BOOT_USER_CFG_FLAG_SILENT_MODE - jnz skip_loader_name_msg - - lea si, loader_name_msg - call print -skip_loader_name_msg: - - ; Determine boot loader segment - mov ax, TC_BOOT_LOADER_SEGMENT - - ; Check available memory - cmp word ptr [ds:413h], TC_BOOT_LOADER_SEGMENT / 1024 * 16 + TC_BOOT_MEMORY_REQUIRED - jge memory_ok - - mov ax, TC_BOOT_LOADER_SEGMENT_LOW - - cmp word ptr [ds:413h], TC_BOOT_LOADER_SEGMENT_LOW / 1024 * 16 + TC_BOOT_MEMORY_REQUIRED - jge memory_ok - - ; Insufficient memory - mov ax, TC_BOOT_LOADER_LOWMEM_SEGMENT - -memory_ok: - mov es, ax - - ; Clear BSS section - xor al, al - mov di, TC_COM_EXECUTABLE_OFFSET - mov cx, TC_BOOT_MEMORY_REQUIRED * 1024 - TC_COM_EXECUTABLE_OFFSET - 1 - cld - rep stosb - - mov ax, es - sub ax, TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE / 16 ; Decompressor segment - mov es, ax - - ; Load decompressor - mov cl, TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR -retry_backup: - mov al, TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT - mov bx, TC_COM_EXECUTABLE_OFFSET - call read_sectors - - ; Decompressor checksum - xor ebx, ebx - mov si, TC_COM_EXECUTABLE_OFFSET - mov cx, TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT * TC_LB_SIZE - call checksum - push ebx - - ; Load compressed boot loader - mov bx, TC_BOOT_LOADER_COMPRESSED_BUFFER_OFFSET - mov cl, TC_BOOT_LOADER_START_SECTOR - mov al, TC_MAX_BOOT_LOADER_SECTOR_COUNT - - test backup_loader_used, 1 - jz non_backup - mov al, TC_BOOT_LOADER_BACKUP_SECTOR_COUNT - TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT - mov cl, TC_BOOT_LOADER_START_SECTOR + TC_BOOT_LOADER_BACKUP_SECTOR_COUNT - -non_backup: - call read_sectors - - ; Boot loader checksum - pop ebx - mov si, TC_BOOT_LOADER_COMPRESSED_BUFFER_OFFSET - mov cx, word ptr [start + TC_BOOT_SECTOR_LOADER_LENGTH_OFFSET] - call checksum - - ; Verify checksum - cmp ebx, dword ptr [start + TC_BOOT_SECTOR_LOADER_CHECKSUM_OFFSET] - je checksum_ok - - ; Checksum incorrect - try using backup if available - test backup_loader_used, 1 - jnz loader_damaged - - mov backup_loader_used, 1 - mov cl, TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR + TC_BOOT_LOADER_BACKUP_SECTOR_COUNT - - test TC_BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE, byte ptr [start + TC_BOOT_SECTOR_CONFIG_OFFSET] - jnz retry_backup - -loader_damaged: - lea si, loader_damaged_msg - call print - lea si, loader_name_msg - call print - jmp $ -checksum_ok: - - ; Set up decompressor segment - mov ax, es - mov ds, ax - cli - mov ss, ax - mov sp, TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE - sti - - push dx - - ; Decompress boot loader - mov cx, word ptr [start + TC_BOOT_SECTOR_LOADER_LENGTH_OFFSET] - sub cx, TC_GZIP_HEADER_SIZE - push cx ; Compressed data size - push TC_BOOT_LOADER_COMPRESSED_BUFFER_OFFSET + TC_GZIP_HEADER_SIZE ; Compressed data - push TC_MAX_BOOT_LOADER_DECOMPRESSED_SIZE ; Output buffer size - push TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE + TC_COM_EXECUTABLE_OFFSET ; Output buffer - - push cs - push decompressor_ret - push es - push TC_COM_EXECUTABLE_OFFSET - retf -decompressor_ret: - - add sp, 8 - pop dx - - ; Restore boot sector segment - push cs - pop ds - - ; Check decompression result - test ax, ax - jz decompression_ok - - lea si, loader_damaged_msg - call print - jmp $ -decompression_ok: - - ; DH = boot sector flags - mov dh, byte ptr [start + TC_BOOT_SECTOR_CONFIG_OFFSET] - - ; Set up boot loader segment - mov ax, es - add ax, TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE / 16 - mov es, ax - mov ds, ax - cli - mov ss, ax - mov sp, TC_BOOT_LOADER_STACK_TOP - sti - - ; Execute boot loader - push es - push TC_COM_EXECUTABLE_OFFSET - retf - - ; Print string -print: - xor bx, bx - mov ah, 0eh - cld - -@@: lodsb - test al, al - jz print_end - - int 10h - jmp @B - -print_end: - ret - - ; Read sectors of the first cylinder -read_sectors: - mov ch, 0 ; Cylinder - mov dh, 0 ; Head - ; DL = drive number passed from BIOS - mov ah, 2 - int 13h - jnc read_ok - - lea si, disk_error_msg - call print -read_ok: - ret - - ; Calculate checksum -checksum: - push ds - push es - pop ds - xor eax, eax - cld - -@@: lodsb - add ebx, eax - rol ebx, 1 - loop @B - - pop ds - ret - -backup_loader_used db 0 - -disk_error_msg db 'Disk error', 13, 10, 7, 0 -loader_damaged_msg db 7, 'Loader damaged! Repair with Rescue Disk', 0 - -ORG 7C00h + 510 - dw 0AA55h ; Boot sector signature - -_TEXT ENDS -END start +; +; Derived from source code of TrueCrypt 7.1a, which is +; Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed +; by the TrueCrypt License 3.0. +; +; Modifications and additions to the original source code (contained in this file) +; and all other portions of this file are Copyright (c) 2013-2016 IDRIX +; and are governed by the Apache License 2.0 the full text of which is +; contained in the file License.txt included in VeraCrypt binary and source +; code distribution packages. +; + +.MODEL tiny +.386 +_TEXT SEGMENT USE16 + +INCLUDE BootDefs.i + +ORG 7C00h ; Standard boot sector offset + +start: + ; BIOS executes boot sector from 0:7C00 or 7C0:0000 (default CD boot loader address). + ; Far jump to the next instruction sets IP to the standard offset 7C00. + db 0EAh ; jmp 0:main + dw main, 0 + +loader_name_msg: + db ' VeraCrypt Boot Loader', 13, 10, 0 + +main: + cli + xor ax, ax + mov ds, ax + mov ss, ax + mov sp, 7C00h + sti + + ; Display boot loader name + test byte ptr [start + TC_BOOT_SECTOR_USER_CONFIG_OFFSET], TC_BOOT_USER_CFG_FLAG_SILENT_MODE + jnz skip_loader_name_msg + + lea si, loader_name_msg + call print +skip_loader_name_msg: + + ; Determine boot loader segment + mov ax, TC_BOOT_LOADER_SEGMENT + + ; Check available memory + cmp word ptr [ds:413h], TC_BOOT_LOADER_SEGMENT / 1024 * 16 + TC_BOOT_MEMORY_REQUIRED + jge memory_ok + + mov ax, TC_BOOT_LOADER_SEGMENT_LOW + + cmp word ptr [ds:413h], TC_BOOT_LOADER_SEGMENT_LOW / 1024 * 16 + TC_BOOT_MEMORY_REQUIRED + jge memory_ok + + ; Insufficient memory + mov ax, TC_BOOT_LOADER_LOWMEM_SEGMENT + +memory_ok: + mov es, ax + + ; Clear BSS section + xor al, al + mov di, TC_COM_EXECUTABLE_OFFSET + mov cx, TC_BOOT_MEMORY_REQUIRED * 1024 - TC_COM_EXECUTABLE_OFFSET - 1 + cld + rep stosb + + mov ax, es + sub ax, TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE / 16 ; Decompressor segment + mov es, ax + + ; Load decompressor + mov cl, TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR +retry_backup: + mov al, TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT + mov bx, TC_COM_EXECUTABLE_OFFSET + call read_sectors + + ; Decompressor checksum + xor ebx, ebx + mov si, TC_COM_EXECUTABLE_OFFSET + mov cx, TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT * TC_LB_SIZE + call checksum + push ebx + + ; Load compressed boot loader + mov bx, TC_BOOT_LOADER_COMPRESSED_BUFFER_OFFSET + mov cl, TC_BOOT_LOADER_START_SECTOR + mov al, TC_MAX_BOOT_LOADER_SECTOR_COUNT + + test backup_loader_used, 1 + jz non_backup + mov al, TC_BOOT_LOADER_BACKUP_SECTOR_COUNT - TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT + mov cl, TC_BOOT_LOADER_START_SECTOR + TC_BOOT_LOADER_BACKUP_SECTOR_COUNT + +non_backup: + call read_sectors + + ; Boot loader checksum + pop ebx + mov si, TC_BOOT_LOADER_COMPRESSED_BUFFER_OFFSET + mov cx, word ptr [start + TC_BOOT_SECTOR_LOADER_LENGTH_OFFSET] + call checksum + + ; Verify checksum + cmp ebx, dword ptr [start + TC_BOOT_SECTOR_LOADER_CHECKSUM_OFFSET] + je checksum_ok + + ; Checksum incorrect - try using backup if available + test backup_loader_used, 1 + jnz loader_damaged + + mov backup_loader_used, 1 + mov cl, TC_BOOT_LOADER_DECOMPRESSOR_START_SECTOR + TC_BOOT_LOADER_BACKUP_SECTOR_COUNT + + test TC_BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE, byte ptr [start + TC_BOOT_SECTOR_CONFIG_OFFSET] + jnz retry_backup + +loader_damaged: + lea si, loader_damaged_msg + call print + lea si, loader_name_msg + call print + jmp $ +checksum_ok: + + ; Set up decompressor segment + mov ax, es + mov ds, ax + cli + mov ss, ax + mov sp, TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE + sti + + push dx + + ; Decompress boot loader + mov cx, word ptr [start + TC_BOOT_SECTOR_LOADER_LENGTH_OFFSET] + sub cx, TC_GZIP_HEADER_SIZE + push cx ; Compressed data size + push TC_BOOT_LOADER_COMPRESSED_BUFFER_OFFSET + TC_GZIP_HEADER_SIZE ; Compressed data + push TC_MAX_BOOT_LOADER_DECOMPRESSED_SIZE ; Output buffer size + push TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE + TC_COM_EXECUTABLE_OFFSET ; Output buffer + + push cs + push decompressor_ret + push es + push TC_COM_EXECUTABLE_OFFSET + retf +decompressor_ret: + + add sp, 8 + pop dx + + ; Restore boot sector segment + push cs + pop ds + + ; Check decompression result + test ax, ax + jz decompression_ok + + lea si, loader_damaged_msg + call print + jmp $ +decompression_ok: + + ; DH = boot sector flags + mov dh, byte ptr [start + TC_BOOT_SECTOR_CONFIG_OFFSET] + + ; Set up boot loader segment + mov ax, es + add ax, TC_BOOT_LOADER_DECOMPRESSOR_MEMORY_SIZE / 16 + mov es, ax + mov ds, ax + cli + mov ss, ax + mov sp, TC_BOOT_LOADER_STACK_TOP + sti + + ; Execute boot loader + push es + push TC_COM_EXECUTABLE_OFFSET + retf + + ; Print string +print: + xor bx, bx + mov ah, 0eh + cld + +@@: lodsb + test al, al + jz print_end + + int 10h + jmp @B + +print_end: + ret + + ; Read sectors of the first cylinder +read_sectors: + mov ch, 0 ; Cylinder + mov dh, 0 ; Head + ; DL = drive number passed from BIOS + mov ah, 2 + int 13h + jnc read_ok + + lea si, disk_error_msg + call print +read_ok: + ret + + ; Calculate checksum +checksum: + push ds + push es + pop ds + xor eax, eax + cld + +@@: lodsb + add ebx, eax + rol ebx, 1 + loop @B + + pop ds + ret + +backup_loader_used db 0 + +disk_error_msg db 'Disk error', 13, 10, 7, 0 +loader_damaged_msg db 7, 'Loader damaged! Repair with Rescue Disk', 0 + +ORG 7C00h + 510 + dw 0AA55h ; Boot sector signature + +_TEXT ENDS +END start diff --git a/src/Boot/Windows/BootStrings.h b/src/Boot/Windows/BootStrings.h index dcf197a1..99c4dc4f 100644 --- a/src/Boot/Windows/BootStrings.h +++ b/src/Boot/Windows/BootStrings.h @@ -1,20 +1,20 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Boot_BootStrings -#define TC_HEADER_Boot_BootStrings - -#define TC_BOOT_STR_ERROR "Error: " -#define TC_BOOT_STR_NO_BOOT_PARTITION "No bootable partition found" -#define TC_BOOT_STR_UPGRADE_BIOS "- Upgrade BIOS\r\n- Use a different motherboard model/brand\r\n" - -#endif // TC_HEADER_Boot_BootStrings +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Boot_BootStrings +#define TC_HEADER_Boot_BootStrings + +#define TC_BOOT_STR_ERROR "Error: " +#define TC_BOOT_STR_NO_BOOT_PARTITION "No bootable partition found" +#define TC_BOOT_STR_UPGRADE_BIOS "- Upgrade BIOS\r\n- Use a different motherboard model/brand\r\n" + +#endif // TC_HEADER_Boot_BootStrings diff --git a/src/Boot/Windows/Decompressor.c b/src/Boot/Windows/Decompressor.c index 475a501d..3bed8c67 100644 --- a/src/Boot/Windows/Decompressor.c +++ b/src/Boot/Windows/Decompressor.c @@ -83,7 +83,7 @@ local int stored(struct state *s) s->bitbuf = 0; s->bitcnt = 0; - if (s->incnt + 4 > s->inlen) + if (s->incnt + 4 > s->inlen) return 2; /* not enough input */ /* get length and check against its one's complement */ @@ -93,7 +93,7 @@ local int stored(struct state *s) s->in[s->incnt++] != ((~len >> 8) & 0xff)) return -2; /* didn't match complement! */ - if (s->incnt + len > s->inlen) + if (s->incnt + len > s->inlen) return 2; /* not enough input */ /* copy len bytes from in to out */ @@ -379,21 +379,21 @@ local int dynamic(struct state *s) lengths[index++] = symbol; else { /* repeat instruction */ len = 0; /* assume repeating zeros */ - switch(symbol) - { - case 16: { /* repeat last length 3..6 times */ - if (index == 0) return -5; /* no last length! */ - len = lengths[index - 1]; /* last length */ - symbol = 3 + bits(s, 2); - break; - } - case 17: /* repeat zero 3..10 times */ - symbol = 3 + bits(s, 3); - break; - default: /* == 18, repeat zero 11..138 times */ - symbol = 11 + bits(s, 7); - break; - } + switch(symbol) + { + case 16: { /* repeat last length 3..6 times */ + if (index == 0) return -5; /* no last length! */ + len = lengths[index - 1]; /* last length */ + symbol = 3 + bits(s, 2); + break; + } + case 17: /* repeat zero 3..10 times */ + symbol = 3 + bits(s, 3); + break; + default: /* == 18, repeat zero 11..138 times */ + symbol = 11 + bits(s, 7); + break; + } if ((index + symbol > nlen + ndist)) return -6; /* too many lengths! */ while (symbol--) /* repeat last or zero symbol times */ @@ -401,8 +401,8 @@ local int dynamic(struct state *s) } } - /* check for end-of-block code -- there better be one! */ - if (lengths[256] == 0) + /* check for end-of-block code -- there better be one! */ + if (lengths[256] == 0) return -9; /* build huffman table for literal/length codes */ @@ -423,50 +423,50 @@ local int dynamic(struct state *s) void _acrtused () { } // Decompress deflated data -int far main ( - unsigned char *dest, /* pointer to destination pointer */ - unsigned int destlen, /* amount of output space */ - unsigned char *source, /* pointer to source data pointer */ - unsigned int sourcelen) -{ - struct state s; /* input/output state */ - int last, type; /* block information */ - int err; /* return value */ - - /* initialize output state */ - s.out = dest; - s.outlen = destlen; /* ignored if dest is NIL */ - s.outcnt = 0; - - /* initialize input state */ - s.in = source; - s.inlen = sourcelen; - s.incnt = 0; - s.bitbuf = 0; - s.bitcnt = 0; - - /* process blocks until last block or error */ - do { - last = bits(&s, 1); /* one if last block */ - type = bits(&s, 2); /* block type 0..3 */ - switch(type) - { - case 0: - err = stored(&s); - break; - case 1: - err = fixed(&s); - break; - case 2: - err = dynamic(&s); - break; - default: - err = -1; /* type == 3, invalid */ - break; - } - - if (err != 0) break; /* return with error */ - } while (!last); - - return err; +int far main ( + unsigned char *dest, /* pointer to destination pointer */ + unsigned int destlen, /* amount of output space */ + unsigned char *source, /* pointer to source data pointer */ + unsigned int sourcelen) +{ + struct state s; /* input/output state */ + int last, type; /* block information */ + int err; /* return value */ + + /* initialize output state */ + s.out = dest; + s.outlen = destlen; /* ignored if dest is NIL */ + s.outcnt = 0; + + /* initialize input state */ + s.in = source; + s.inlen = sourcelen; + s.incnt = 0; + s.bitbuf = 0; + s.bitcnt = 0; + + /* process blocks until last block or error */ + do { + last = bits(&s, 1); /* one if last block */ + type = bits(&s, 2); /* block type 0..3 */ + switch(type) + { + case 0: + err = stored(&s); + break; + case 1: + err = fixed(&s); + break; + case 2: + err = dynamic(&s); + break; + default: + err = -1; /* type == 3, invalid */ + break; + } + + if (err != 0) break; /* return with error */ + } while (!last); + + return err; } diff --git a/src/Boot/Windows/IntFilter.cpp b/src/Boot/Windows/IntFilter.cpp index 0671c4d0..d9cd92df 100644 --- a/src/Boot/Windows/IntFilter.cpp +++ b/src/Boot/Windows/IntFilter.cpp @@ -1,645 +1,645 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Platform.h" -#include "BootMemory.h" -#include "BootConfig.h" -#include "BootConsoleIo.h" -#include "BootDebug.h" -#include "BootDefs.h" -#include "BootDiskIo.h" -#include "BootEncryptedIo.h" -#include "BootStrings.h" -#include "IntFilter.h" - -static uint32 OriginalInt13Handler; -static uint32 OriginalInt15Handler; - -static Registers IntRegisters; - - -bool Int13Filter () -{ - CheckStack(); - - Registers regs; - memcpy (®s, &IntRegisters, sizeof (regs)); - __asm sti - - static int ReEntryCount = -1; - ++ReEntryCount; - - byte function = (byte) (regs.AX >> 8); - -#ifdef TC_TRACE_INT13 - DisableScreenOutput(); - - PrintHex (function); - - Print (" EN:"); Print (ReEntryCount); - Print (" SS:"); PrintHex (regs.SS); - - uint16 spdbg; - __asm mov spdbg, sp - PrintChar (' '); - PrintHex (spdbg); - PrintChar ('<'); PrintHex (TC_BOOT_LOADER_STACK_TOP); - -#endif - - bool passOriginalRequest = true; - - switch (function) - { - case 0x2: // Read sectors - case 0x3: // Write sectors - { - byte drive = (byte) regs.DX; - - ChsAddress chs; - chs.Cylinder = ((regs.CX << 2) & 0x300) | (regs.CX >> 8); - chs.Head = regs.DX >> 8; - chs.Sector = regs.CX & 0x3f; - - byte sectorCount = (byte) regs.AX; - -#ifdef TC_TRACE_INT13 - PrintVal (": Drive", drive - TC_FIRST_BIOS_DRIVE, false); - Print (" Chs: "); Print (chs); -#endif - - uint64 sector; - if (drive == BootDrive) - { - if (!BootDriveGeometryValid) - TC_THROW_FATAL_EXCEPTION; - - ChsToLba (BootDriveGeometry, chs, sector); -#ifdef TC_TRACE_INT13 - PrintVal (" Sec", sector.LowPart, false); -#endif - } - -#ifdef TC_TRACE_INT13 - PrintVal (" Count", sectorCount, false); - Print (" Buf: "); PrintHex (regs.ES); PrintChar (':'); PrintHex (regs.BX); - PrintEndl(); -#endif - - if (ReEntryCount == 0 && drive == EncryptedVirtualPartition.Drive) - { - BiosResult result; - - if (function == 0x3) - result = WriteEncryptedSectors (regs.ES, regs.BX, drive, sector, sectorCount); - else - result = ReadEncryptedSectors (regs.ES, regs.BX, drive, sector, sectorCount); - - __asm cli - - memcpy (&IntRegisters, ®s, sizeof (regs)); - IntRegisters.AX = (uint16) result << 8; - - if (result == BiosResultSuccess) - { - IntRegisters.AX |= sectorCount; - IntRegisters.Flags &= ~TC_X86_CARRY_FLAG; - } - else - IntRegisters.Flags |= TC_X86_CARRY_FLAG; - - passOriginalRequest = false; - } - } - break; - - case 0x42: // Read sectors LBA - case 0x43: // Write sectors LBA - { - byte drive = (byte) regs.DX; - - BiosLbaPacket lba; - CopyMemory (regs.DS, regs.SI, (byte *) &lba, sizeof (lba)); - -#ifdef TC_TRACE_INT13 - PrintVal (": Drive", drive - TC_FIRST_BIOS_DRIVE, false); - PrintVal (" Sec", lba.Sector.LowPart, false); - PrintVal (" Count", lba.SectorCount, false); - PrintVal (" Buf", lba.Buffer, false, true); - PrintEndl(); -#endif - - if (ReEntryCount == 0 && drive == EncryptedVirtualPartition.Drive) - { - BiosResult result; - - uint16 segment = (uint16) (lba.Buffer >> 16); - uint16 offset = (uint16) lba.Buffer; - - if (function == 0x43) - result = WriteEncryptedSectors (segment, offset, drive, lba.Sector, lba.SectorCount); - else - result = ReadEncryptedSectors (segment, offset, drive, lba.Sector, lba.SectorCount); - - __asm cli - - memcpy (&IntRegisters, ®s, sizeof (regs)); - IntRegisters.AX = (IntRegisters.AX & 0xff) | ((uint16) result << 8); - - if (result == BiosResultSuccess) - IntRegisters.Flags &= ~TC_X86_CARRY_FLAG; - else - IntRegisters.Flags |= TC_X86_CARRY_FLAG; - - passOriginalRequest = false; - } - } - break; - - default: -#ifdef TC_TRACE_INT13 - PrintEndl(); -#endif - break; - } - -#ifdef TC_TRACE_INT13 - EnableScreenOutput(); -#endif - --ReEntryCount; - - return passOriginalRequest; -} - - -#define TC_MAX_MEMORY_MAP_SIZE 80 - -BiosMemoryMapEntry BiosMemoryMap[TC_MAX_MEMORY_MAP_SIZE]; -static size_t BiosMemoryMapSize; - - -static void CreateBootLoaderMemoryMapEntry (BiosMemoryMapEntry *newMapEntry, uint32 bootLoaderStart) -{ - newMapEntry->Type = 0x2; - newMapEntry->BaseAddress.HighPart = 0; - newMapEntry->BaseAddress.LowPart = bootLoaderStart; - newMapEntry->Length.HighPart = 0; - newMapEntry->Length.LowPart = TC_BOOT_MEMORY_REQUIRED * 1024UL; -} - - -static bool CreateNewBiosMemoryMap () -{ - // Create a new BIOS memory map presenting the memory area of the loader as reserved - - BiosMemoryMapSize = 0; - BiosMemoryMapEntry entry; - BiosMemoryMapEntry *newMapEntry = BiosMemoryMap; - - const BiosMemoryMapEntry *mapEnd = BiosMemoryMap + TC_MAX_MEMORY_MAP_SIZE; - - uint64 bootLoaderStart; - bootLoaderStart.HighPart = 0; - - uint16 codeSeg; - __asm mov codeSeg, cs - bootLoaderStart.LowPart = GetLinearAddress (codeSeg, 0); - - uint64 bootLoaderEnd; - bootLoaderEnd.HighPart = 0; - bootLoaderEnd.LowPart = bootLoaderStart.LowPart + TC_BOOT_MEMORY_REQUIRED * 1024UL; - - bool loaderEntryInserted = false; - - if (GetFirstBiosMemoryMapEntry (entry)) - { - do - { - uint64 entryEnd = entry.BaseAddress + entry.Length; - - if (entry.Type == 0x1 && RegionsIntersect (bootLoaderStart, TC_BOOT_MEMORY_REQUIRED * 1024UL, entry.BaseAddress, entryEnd - 1)) - { - // Free map entry covers the boot loader area - - if (entry.BaseAddress < bootLoaderStart) - { - // Create free entry below the boot loader area - if (newMapEntry >= mapEnd) - goto mapOverflow; - - *newMapEntry = entry; - newMapEntry->Length = bootLoaderStart - entry.BaseAddress; - ++newMapEntry; - } - - if (!loaderEntryInserted) - { - // Create reserved entry for the boot loader if it has not been done yet - if (newMapEntry >= mapEnd) - goto mapOverflow; - - CreateBootLoaderMemoryMapEntry (newMapEntry, bootLoaderStart.LowPart); - ++newMapEntry; - loaderEntryInserted = true; - } - - if (bootLoaderEnd < entryEnd) - { - // Create free entry above the boot loader area - if (newMapEntry >= mapEnd) - goto mapOverflow; - - newMapEntry->Type = 0x1; - newMapEntry->BaseAddress = bootLoaderEnd; - newMapEntry->Length = entryEnd - bootLoaderEnd; - ++newMapEntry; - } - } - else - { - if (newMapEntry >= mapEnd) - goto mapOverflow; - - if (!loaderEntryInserted && entry.BaseAddress > bootLoaderStart) - { - // Create reserved entry for the boot loader if it has not been done yet - CreateBootLoaderMemoryMapEntry (newMapEntry, bootLoaderStart.LowPart); - ++newMapEntry; - loaderEntryInserted = true; - } - - // Copy map entry - *newMapEntry++ = entry; - } - - } while (GetNextBiosMemoryMapEntry (entry)); - } - - BiosMemoryMapSize = newMapEntry - BiosMemoryMap; - return true; - -mapOverflow: - size_t overSize = 0; - while (GetNextBiosMemoryMapEntry (entry)) - { - ++overSize; - } - - PrintErrorNoEndl ("MMP:"); - Print (overSize); - PrintEndl(); - - return false; -} - - -bool Int15Filter () -{ - CheckStack(); - -#ifdef TC_TRACE_INT15 - DisableScreenOutput(); - - Print ("15-"); - PrintHex (IntRegisters.AX); - - Print (" SS:"); PrintHex (IntRegisters.SS); - - uint16 spdbg; - __asm mov spdbg, sp - PrintChar (' '); - PrintHex (spdbg); - PrintChar ('<'); PrintHex (TC_BOOT_LOADER_STACK_TOP); - - Print (" EAX:"); PrintHex (IntRegisters.EAX); - Print (" EBX:"); PrintHex (IntRegisters.EBX); - Print (" ECX:"); PrintHex (IntRegisters.ECX); - Print (" EDX:"); PrintHex (IntRegisters.EDX); - Print (" DI:"); PrintHex (IntRegisters.DI); - PrintEndl(); - -#endif - - if (IntRegisters.EBX >= BiosMemoryMapSize) - { - IntRegisters.Flags |= TC_X86_CARRY_FLAG; - IntRegisters.EBX = 0; - IntRegisters.AX = -1; - } - else - { - CopyMemory ((byte *) &BiosMemoryMap[IntRegisters.EBX], IntRegisters.ES, IntRegisters.DI, sizeof (BiosMemoryMap[0])); - - IntRegisters.Flags &= ~TC_X86_CARRY_FLAG; - IntRegisters.EAX = 0x534D4150UL; - - ++IntRegisters.EBX; - if (IntRegisters.EBX >= BiosMemoryMapSize) - IntRegisters.EBX = 0; - - IntRegisters.ECX = sizeof (BiosMemoryMap[0]); - } - - if (IntRegisters.EBX == 0 && !(BootSectorFlags & TC_BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER)) - { - // Uninstall filter when the modified map has been issued three times to prevent - // problems with hardware drivers on some notebooks running Windows XP. - - static int CompleteMapIssueCount = 0; - if (++CompleteMapIssueCount >= 3) - { - __asm - { - cli - push es - - lea si, OriginalInt15Handler - xor ax, ax - mov es, ax - mov di, 0x15 * 4 - - mov ax, [si] - mov es:[di], ax - mov ax, [si + 2] - mov es:[di + 2], ax - - pop es - sti - } - } - } - -#ifdef TC_TRACE_INT15 - BiosMemoryMapEntry entry; - CopyMemory (IntRegisters.ES, IntRegisters.DI, (byte *) &entry, sizeof (entry)); - PrintHex (entry.Type); PrintChar (' '); - PrintHex (entry.BaseAddress); PrintChar (' '); - PrintHex (entry.Length); PrintChar (' '); - PrintHex (entry.BaseAddress + entry.Length); PrintEndl(); - - Print ("EAX:"); PrintHex (IntRegisters.EAX); - Print (" EBX:"); PrintHex (IntRegisters.EBX); - Print (" ECX:"); PrintHex (IntRegisters.ECX); - Print (" EDX:"); PrintHex (IntRegisters.EDX); - Print (" DI:"); PrintHex (IntRegisters.DI); - Print (" FL:"); PrintHex (IntRegisters.Flags); - PrintEndl (2); -#endif - -#ifdef TC_TRACE_INT15 - EnableScreenOutput(); -#endif - return false; -} - - -void IntFilterEntry () -{ - // No automatic variables should be used in this scope as SS may change - static uint16 OrigStackPointer; - static uint16 OrigStackSegment; - - __asm - { - pushf - pushad - - cli - mov cs:IntRegisters.DI, di - - lea di, cs:IntRegisters.EAX - TC_ASM_EMIT4 (66,2E,89,05) // mov [cs:di], eax - lea di, cs:IntRegisters.EBX - TC_ASM_EMIT4 (66,2E,89,1D) // mov [cs:di], ebx - lea di, cs:IntRegisters.ECX - TC_ASM_EMIT4 (66,2E,89,0D) // mov [cs:di], ecx - lea di, cs:IntRegisters.EDX - TC_ASM_EMIT4 (66,2E,89,15) // mov [cs:di], edx - - mov ax, [bp + 8] - mov cs:IntRegisters.Flags, ax - - mov cs:IntRegisters.SI, si - mov si, [bp + 2] // Int number - - mov cs:IntRegisters.DS, ds - mov cs:IntRegisters.ES, es - mov cs:IntRegisters.SS, ss - - // Compiler assumes SS == DS - use our stack if this condition is not met - mov ax, ss - mov bx, cs - cmp ax, bx - jz stack_ok - - mov cs:OrigStackPointer, sp - mov cs:OrigStackSegment, ss - mov ax, cs - mov ss, ax - mov sp, TC_BOOT_LOADER_STACK_TOP - - stack_ok: - // DS = CS - push ds - push es - mov ax, cs - mov ds, ax - mov es, ax - - push si // Int number - - // Filter request - cmp si, 0x15 - je filter15 - cmp si, 0x13 - jne $ - - call Int13Filter - jmp s0 - - filter15: - call Int15Filter - - s0: - pop si // Int number - pop es - pop ds - - // Restore original SS:SP if our stack is empty - cli - mov bx, TC_BOOT_LOADER_STACK_TOP - cmp bx, sp - jnz stack_in_use - - mov ss, cs:OrigStackSegment - mov sp, cs:OrigStackPointer - stack_in_use: - - test ax, ax // passOriginalRequest - jnz pass_request - - // Return results of filtered request - popad - popf - mov ax, cs:IntRegisters.Flags - mov [bp + 8], ax - leave - - lea di, cs:IntRegisters.EAX - TC_ASM_EMIT4 (66,2E,8B,05) // mov eax, [cs:di] - lea di, cs:IntRegisters.EBX - TC_ASM_EMIT4 (66,2E,8B,1D) // mov ebx, [cs:di] - lea di, cs:IntRegisters.ECX - TC_ASM_EMIT4 (66,2E,8B,0D) // mov ecx, [cs:di] - lea di, cs:IntRegisters.EDX - TC_ASM_EMIT4 (66,2E,8B,15) // mov edx, [cs:di] - - mov di, cs:IntRegisters.DI - mov si, cs:IntRegisters.SI - mov es, cs:IntRegisters.ES - mov ds, cs:IntRegisters.DS - - sti - add sp, 2 - iret - - // Pass original request - pass_request: - sti - cmp si, 0x15 - je pass15 - cmp si, 0x13 - jne $ - - popad - popf - leave - add sp, 2 - jmp cs:OriginalInt13Handler - - pass15: - popad - popf - leave - add sp, 2 - jmp cs:OriginalInt15Handler - } -} - - -void Int13FilterEntry () -{ - __asm - { - leave - push 0x13 - jmp IntFilterEntry - } -} - - -static void Int15FilterEntry () -{ - __asm - { - pushf - cmp ax, 0xe820 // Get system memory map - je filter - - popf - leave - jmp cs:OriginalInt15Handler - - filter: - leave - push 0x15 - jmp IntFilterEntry - } -} - - -bool InstallInterruptFilters () -{ - -#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE - - // If the filters have already been installed, it usually indicates stack corruption - // and a consequent reentry of this routine without a system reset. - - uint32 currentInt13Handler; - CopyMemory (0, 0x13 * 4, ¤tInt13Handler, sizeof (currentInt13Handler)); - - if (currentInt13Handler == (uint32) Int13FilterEntry) - { - PrintError ("Memory corrupted"); - Print (TC_BOOT_STR_UPGRADE_BIOS); - - GetKeyboardChar(); - return true; - } - -#endif - - if (!CreateNewBiosMemoryMap()) - return false; - - __asm - { - cli - push es - - // Save original INT 13 handler - xor ax, ax - mov es, ax - - mov si, 0x13 * 4 - lea di, OriginalInt13Handler - - mov ax, es:[si] - mov [di], ax - mov ax, es:[si + 2] - mov [di + 2], ax - - // Install INT 13 filter - lea ax, Int13FilterEntry - mov es:[si], ax - mov es:[si + 2], cs - - // Save original INT 15 handler - mov si, 0x15 * 4 - lea di, OriginalInt15Handler - - mov ax, es:[si] - mov [di], ax - mov ax, es:[si + 2] - mov [di + 2], ax - - // Install INT 15 filter - lea ax, Int15FilterEntry - mov es:[si], ax - mov es:[si + 2], cs - - // If the BIOS does not support system memory map (INT15 0xe820), - // set amount of available memory to CS:0000 - 0:0000 - cmp BiosMemoryMapSize, 1 - jg mem_map_ok - mov ax, cs - shr ax, 10 - 4 // CS * 16 / 1024 - mov es:[0x413], ax // = KBytes available - mem_map_ok: - - pop es - sti - } - - return true; -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Platform.h" +#include "BootMemory.h" +#include "BootConfig.h" +#include "BootConsoleIo.h" +#include "BootDebug.h" +#include "BootDefs.h" +#include "BootDiskIo.h" +#include "BootEncryptedIo.h" +#include "BootStrings.h" +#include "IntFilter.h" + +static uint32 OriginalInt13Handler; +static uint32 OriginalInt15Handler; + +static Registers IntRegisters; + + +bool Int13Filter () +{ + CheckStack(); + + Registers regs; + memcpy (®s, &IntRegisters, sizeof (regs)); + __asm sti + + static int ReEntryCount = -1; + ++ReEntryCount; + + byte function = (byte) (regs.AX >> 8); + +#ifdef TC_TRACE_INT13 + DisableScreenOutput(); + + PrintHex (function); + + Print (" EN:"); Print (ReEntryCount); + Print (" SS:"); PrintHex (regs.SS); + + uint16 spdbg; + __asm mov spdbg, sp + PrintChar (' '); + PrintHex (spdbg); + PrintChar ('<'); PrintHex (TC_BOOT_LOADER_STACK_TOP); + +#endif + + bool passOriginalRequest = true; + + switch (function) + { + case 0x2: // Read sectors + case 0x3: // Write sectors + { + byte drive = (byte) regs.DX; + + ChsAddress chs; + chs.Cylinder = ((regs.CX << 2) & 0x300) | (regs.CX >> 8); + chs.Head = regs.DX >> 8; + chs.Sector = regs.CX & 0x3f; + + byte sectorCount = (byte) regs.AX; + +#ifdef TC_TRACE_INT13 + PrintVal (": Drive", drive - TC_FIRST_BIOS_DRIVE, false); + Print (" Chs: "); Print (chs); +#endif + + uint64 sector; + if (drive == BootDrive) + { + if (!BootDriveGeometryValid) + TC_THROW_FATAL_EXCEPTION; + + ChsToLba (BootDriveGeometry, chs, sector); +#ifdef TC_TRACE_INT13 + PrintVal (" Sec", sector.LowPart, false); +#endif + } + +#ifdef TC_TRACE_INT13 + PrintVal (" Count", sectorCount, false); + Print (" Buf: "); PrintHex (regs.ES); PrintChar (':'); PrintHex (regs.BX); + PrintEndl(); +#endif + + if (ReEntryCount == 0 && drive == EncryptedVirtualPartition.Drive) + { + BiosResult result; + + if (function == 0x3) + result = WriteEncryptedSectors (regs.ES, regs.BX, drive, sector, sectorCount); + else + result = ReadEncryptedSectors (regs.ES, regs.BX, drive, sector, sectorCount); + + __asm cli + + memcpy (&IntRegisters, ®s, sizeof (regs)); + IntRegisters.AX = (uint16) result << 8; + + if (result == BiosResultSuccess) + { + IntRegisters.AX |= sectorCount; + IntRegisters.Flags &= ~TC_X86_CARRY_FLAG; + } + else + IntRegisters.Flags |= TC_X86_CARRY_FLAG; + + passOriginalRequest = false; + } + } + break; + + case 0x42: // Read sectors LBA + case 0x43: // Write sectors LBA + { + byte drive = (byte) regs.DX; + + BiosLbaPacket lba; + CopyMemory (regs.DS, regs.SI, (byte *) &lba, sizeof (lba)); + +#ifdef TC_TRACE_INT13 + PrintVal (": Drive", drive - TC_FIRST_BIOS_DRIVE, false); + PrintVal (" Sec", lba.Sector.LowPart, false); + PrintVal (" Count", lba.SectorCount, false); + PrintVal (" Buf", lba.Buffer, false, true); + PrintEndl(); +#endif + + if (ReEntryCount == 0 && drive == EncryptedVirtualPartition.Drive) + { + BiosResult result; + + uint16 segment = (uint16) (lba.Buffer >> 16); + uint16 offset = (uint16) lba.Buffer; + + if (function == 0x43) + result = WriteEncryptedSectors (segment, offset, drive, lba.Sector, lba.SectorCount); + else + result = ReadEncryptedSectors (segment, offset, drive, lba.Sector, lba.SectorCount); + + __asm cli + + memcpy (&IntRegisters, ®s, sizeof (regs)); + IntRegisters.AX = (IntRegisters.AX & 0xff) | ((uint16) result << 8); + + if (result == BiosResultSuccess) + IntRegisters.Flags &= ~TC_X86_CARRY_FLAG; + else + IntRegisters.Flags |= TC_X86_CARRY_FLAG; + + passOriginalRequest = false; + } + } + break; + + default: +#ifdef TC_TRACE_INT13 + PrintEndl(); +#endif + break; + } + +#ifdef TC_TRACE_INT13 + EnableScreenOutput(); +#endif + --ReEntryCount; + + return passOriginalRequest; +} + + +#define TC_MAX_MEMORY_MAP_SIZE 80 + +BiosMemoryMapEntry BiosMemoryMap[TC_MAX_MEMORY_MAP_SIZE]; +static size_t BiosMemoryMapSize; + + +static void CreateBootLoaderMemoryMapEntry (BiosMemoryMapEntry *newMapEntry, uint32 bootLoaderStart) +{ + newMapEntry->Type = 0x2; + newMapEntry->BaseAddress.HighPart = 0; + newMapEntry->BaseAddress.LowPart = bootLoaderStart; + newMapEntry->Length.HighPart = 0; + newMapEntry->Length.LowPart = TC_BOOT_MEMORY_REQUIRED * 1024UL; +} + + +static bool CreateNewBiosMemoryMap () +{ + // Create a new BIOS memory map presenting the memory area of the loader as reserved + + BiosMemoryMapSize = 0; + BiosMemoryMapEntry entry; + BiosMemoryMapEntry *newMapEntry = BiosMemoryMap; + + const BiosMemoryMapEntry *mapEnd = BiosMemoryMap + TC_MAX_MEMORY_MAP_SIZE; + + uint64 bootLoaderStart; + bootLoaderStart.HighPart = 0; + + uint16 codeSeg; + __asm mov codeSeg, cs + bootLoaderStart.LowPart = GetLinearAddress (codeSeg, 0); + + uint64 bootLoaderEnd; + bootLoaderEnd.HighPart = 0; + bootLoaderEnd.LowPart = bootLoaderStart.LowPart + TC_BOOT_MEMORY_REQUIRED * 1024UL; + + bool loaderEntryInserted = false; + + if (GetFirstBiosMemoryMapEntry (entry)) + { + do + { + uint64 entryEnd = entry.BaseAddress + entry.Length; + + if (entry.Type == 0x1 && RegionsIntersect (bootLoaderStart, TC_BOOT_MEMORY_REQUIRED * 1024UL, entry.BaseAddress, entryEnd - 1)) + { + // Free map entry covers the boot loader area + + if (entry.BaseAddress < bootLoaderStart) + { + // Create free entry below the boot loader area + if (newMapEntry >= mapEnd) + goto mapOverflow; + + *newMapEntry = entry; + newMapEntry->Length = bootLoaderStart - entry.BaseAddress; + ++newMapEntry; + } + + if (!loaderEntryInserted) + { + // Create reserved entry for the boot loader if it has not been done yet + if (newMapEntry >= mapEnd) + goto mapOverflow; + + CreateBootLoaderMemoryMapEntry (newMapEntry, bootLoaderStart.LowPart); + ++newMapEntry; + loaderEntryInserted = true; + } + + if (bootLoaderEnd < entryEnd) + { + // Create free entry above the boot loader area + if (newMapEntry >= mapEnd) + goto mapOverflow; + + newMapEntry->Type = 0x1; + newMapEntry->BaseAddress = bootLoaderEnd; + newMapEntry->Length = entryEnd - bootLoaderEnd; + ++newMapEntry; + } + } + else + { + if (newMapEntry >= mapEnd) + goto mapOverflow; + + if (!loaderEntryInserted && entry.BaseAddress > bootLoaderStart) + { + // Create reserved entry for the boot loader if it has not been done yet + CreateBootLoaderMemoryMapEntry (newMapEntry, bootLoaderStart.LowPart); + ++newMapEntry; + loaderEntryInserted = true; + } + + // Copy map entry + *newMapEntry++ = entry; + } + + } while (GetNextBiosMemoryMapEntry (entry)); + } + + BiosMemoryMapSize = newMapEntry - BiosMemoryMap; + return true; + +mapOverflow: + size_t overSize = 0; + while (GetNextBiosMemoryMapEntry (entry)) + { + ++overSize; + } + + PrintErrorNoEndl ("MMP:"); + Print (overSize); + PrintEndl(); + + return false; +} + + +bool Int15Filter () +{ + CheckStack(); + +#ifdef TC_TRACE_INT15 + DisableScreenOutput(); + + Print ("15-"); + PrintHex (IntRegisters.AX); + + Print (" SS:"); PrintHex (IntRegisters.SS); + + uint16 spdbg; + __asm mov spdbg, sp + PrintChar (' '); + PrintHex (spdbg); + PrintChar ('<'); PrintHex (TC_BOOT_LOADER_STACK_TOP); + + Print (" EAX:"); PrintHex (IntRegisters.EAX); + Print (" EBX:"); PrintHex (IntRegisters.EBX); + Print (" ECX:"); PrintHex (IntRegisters.ECX); + Print (" EDX:"); PrintHex (IntRegisters.EDX); + Print (" DI:"); PrintHex (IntRegisters.DI); + PrintEndl(); + +#endif + + if (IntRegisters.EBX >= BiosMemoryMapSize) + { + IntRegisters.Flags |= TC_X86_CARRY_FLAG; + IntRegisters.EBX = 0; + IntRegisters.AX = -1; + } + else + { + CopyMemory ((byte *) &BiosMemoryMap[IntRegisters.EBX], IntRegisters.ES, IntRegisters.DI, sizeof (BiosMemoryMap[0])); + + IntRegisters.Flags &= ~TC_X86_CARRY_FLAG; + IntRegisters.EAX = 0x534D4150UL; + + ++IntRegisters.EBX; + if (IntRegisters.EBX >= BiosMemoryMapSize) + IntRegisters.EBX = 0; + + IntRegisters.ECX = sizeof (BiosMemoryMap[0]); + } + + if (IntRegisters.EBX == 0 && !(BootSectorFlags & TC_BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER)) + { + // Uninstall filter when the modified map has been issued three times to prevent + // problems with hardware drivers on some notebooks running Windows XP. + + static int CompleteMapIssueCount = 0; + if (++CompleteMapIssueCount >= 3) + { + __asm + { + cli + push es + + lea si, OriginalInt15Handler + xor ax, ax + mov es, ax + mov di, 0x15 * 4 + + mov ax, [si] + mov es:[di], ax + mov ax, [si + 2] + mov es:[di + 2], ax + + pop es + sti + } + } + } + +#ifdef TC_TRACE_INT15 + BiosMemoryMapEntry entry; + CopyMemory (IntRegisters.ES, IntRegisters.DI, (byte *) &entry, sizeof (entry)); + PrintHex (entry.Type); PrintChar (' '); + PrintHex (entry.BaseAddress); PrintChar (' '); + PrintHex (entry.Length); PrintChar (' '); + PrintHex (entry.BaseAddress + entry.Length); PrintEndl(); + + Print ("EAX:"); PrintHex (IntRegisters.EAX); + Print (" EBX:"); PrintHex (IntRegisters.EBX); + Print (" ECX:"); PrintHex (IntRegisters.ECX); + Print (" EDX:"); PrintHex (IntRegisters.EDX); + Print (" DI:"); PrintHex (IntRegisters.DI); + Print (" FL:"); PrintHex (IntRegisters.Flags); + PrintEndl (2); +#endif + +#ifdef TC_TRACE_INT15 + EnableScreenOutput(); +#endif + return false; +} + + +void IntFilterEntry () +{ + // No automatic variables should be used in this scope as SS may change + static uint16 OrigStackPointer; + static uint16 OrigStackSegment; + + __asm + { + pushf + pushad + + cli + mov cs:IntRegisters.DI, di + + lea di, cs:IntRegisters.EAX + TC_ASM_EMIT4 (66,2E,89,05) // mov [cs:di], eax + lea di, cs:IntRegisters.EBX + TC_ASM_EMIT4 (66,2E,89,1D) // mov [cs:di], ebx + lea di, cs:IntRegisters.ECX + TC_ASM_EMIT4 (66,2E,89,0D) // mov [cs:di], ecx + lea di, cs:IntRegisters.EDX + TC_ASM_EMIT4 (66,2E,89,15) // mov [cs:di], edx + + mov ax, [bp + 8] + mov cs:IntRegisters.Flags, ax + + mov cs:IntRegisters.SI, si + mov si, [bp + 2] // Int number + + mov cs:IntRegisters.DS, ds + mov cs:IntRegisters.ES, es + mov cs:IntRegisters.SS, ss + + // Compiler assumes SS == DS - use our stack if this condition is not met + mov ax, ss + mov bx, cs + cmp ax, bx + jz stack_ok + + mov cs:OrigStackPointer, sp + mov cs:OrigStackSegment, ss + mov ax, cs + mov ss, ax + mov sp, TC_BOOT_LOADER_STACK_TOP + + stack_ok: + // DS = CS + push ds + push es + mov ax, cs + mov ds, ax + mov es, ax + + push si // Int number + + // Filter request + cmp si, 0x15 + je filter15 + cmp si, 0x13 + jne $ + + call Int13Filter + jmp s0 + + filter15: + call Int15Filter + + s0: + pop si // Int number + pop es + pop ds + + // Restore original SS:SP if our stack is empty + cli + mov bx, TC_BOOT_LOADER_STACK_TOP + cmp bx, sp + jnz stack_in_use + + mov ss, cs:OrigStackSegment + mov sp, cs:OrigStackPointer + stack_in_use: + + test ax, ax // passOriginalRequest + jnz pass_request + + // Return results of filtered request + popad + popf + mov ax, cs:IntRegisters.Flags + mov [bp + 8], ax + leave + + lea di, cs:IntRegisters.EAX + TC_ASM_EMIT4 (66,2E,8B,05) // mov eax, [cs:di] + lea di, cs:IntRegisters.EBX + TC_ASM_EMIT4 (66,2E,8B,1D) // mov ebx, [cs:di] + lea di, cs:IntRegisters.ECX + TC_ASM_EMIT4 (66,2E,8B,0D) // mov ecx, [cs:di] + lea di, cs:IntRegisters.EDX + TC_ASM_EMIT4 (66,2E,8B,15) // mov edx, [cs:di] + + mov di, cs:IntRegisters.DI + mov si, cs:IntRegisters.SI + mov es, cs:IntRegisters.ES + mov ds, cs:IntRegisters.DS + + sti + add sp, 2 + iret + + // Pass original request + pass_request: + sti + cmp si, 0x15 + je pass15 + cmp si, 0x13 + jne $ + + popad + popf + leave + add sp, 2 + jmp cs:OriginalInt13Handler + + pass15: + popad + popf + leave + add sp, 2 + jmp cs:OriginalInt15Handler + } +} + + +void Int13FilterEntry () +{ + __asm + { + leave + push 0x13 + jmp IntFilterEntry + } +} + + +static void Int15FilterEntry () +{ + __asm + { + pushf + cmp ax, 0xe820 // Get system memory map + je filter + + popf + leave + jmp cs:OriginalInt15Handler + + filter: + leave + push 0x15 + jmp IntFilterEntry + } +} + + +bool InstallInterruptFilters () +{ + +#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE + + // If the filters have already been installed, it usually indicates stack corruption + // and a consequent reentry of this routine without a system reset. + + uint32 currentInt13Handler; + CopyMemory (0, 0x13 * 4, ¤tInt13Handler, sizeof (currentInt13Handler)); + + if (currentInt13Handler == (uint32) Int13FilterEntry) + { + PrintError ("Memory corrupted"); + Print (TC_BOOT_STR_UPGRADE_BIOS); + + GetKeyboardChar(); + return true; + } + +#endif + + if (!CreateNewBiosMemoryMap()) + return false; + + __asm + { + cli + push es + + // Save original INT 13 handler + xor ax, ax + mov es, ax + + mov si, 0x13 * 4 + lea di, OriginalInt13Handler + + mov ax, es:[si] + mov [di], ax + mov ax, es:[si + 2] + mov [di + 2], ax + + // Install INT 13 filter + lea ax, Int13FilterEntry + mov es:[si], ax + mov es:[si + 2], cs + + // Save original INT 15 handler + mov si, 0x15 * 4 + lea di, OriginalInt15Handler + + mov ax, es:[si] + mov [di], ax + mov ax, es:[si + 2] + mov [di + 2], ax + + // Install INT 15 filter + lea ax, Int15FilterEntry + mov es:[si], ax + mov es:[si + 2], cs + + // If the BIOS does not support system memory map (INT15 0xe820), + // set amount of available memory to CS:0000 - 0:0000 + cmp BiosMemoryMapSize, 1 + jg mem_map_ok + mov ax, cs + shr ax, 10 - 4 // CS * 16 / 1024 + mov es:[0x413], ax // = KBytes available + mem_map_ok: + + pop es + sti + } + + return true; +} diff --git a/src/Boot/Windows/IntFilter.h b/src/Boot/Windows/IntFilter.h index af354802..1ef42512 100644 --- a/src/Boot/Windows/IntFilter.h +++ b/src/Boot/Windows/IntFilter.h @@ -1,20 +1,20 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Boot_IntFilter -#define TC_HEADER_Boot_IntFilter - -#include "Platform.h" - -bool InstallInterruptFilters (); - -#endif TC_HEADER_Boot_IntFilter +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Boot_IntFilter +#define TC_HEADER_Boot_IntFilter + +#include "Platform.h" + +bool InstallInterruptFilters (); + +#endif TC_HEADER_Boot_IntFilter diff --git a/src/Boot/Windows/Makefile b/src/Boot/Windows/Makefile index f9851051..65e668cb 100644 --- a/src/Boot/Windows/Makefile +++ b/src/Boot/Windows/Makefile @@ -1,202 +1,202 @@ -# -# Derived from source code of TrueCrypt 7.1a, which is -# Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed -# by the TrueCrypt License 3.0. -# -# Modifications and additions to the original source code (contained in this file) -# and all other portions of this file are Copyright (c) 2013-2016 IDRIX -# and are governed by the Apache License 2.0 the full text of which is -# contained in the file License.txt included in VeraCrypt binary and source -# code distribution packages. - -PROJ = BootLoader -.SILENT: - -!ifndef MSVC16_ROOT -!error Environment variable MSVC16_ROOT must point to the installation directory of MS Visual C++ 1.5 -!endif - -ENVPATH = $(PATH) - -CC = $(MSVC16_ROOT)\bin\cl.exe -LD = $(MSVC16_ROOT)\bin\link.exe - -AFLAGS = /nologo /omf - -CFLAGS = /nologo /W3 /Fc /I "$(MSVC16_ROOT)\Include" /I"..\..\.." /I"..\..\..\Common" /I"..\..\..\Crypto" -CFLAGS = $(CFLAGS) /D __int8=char /D __int16=int /D __int32=long /D BOOL=char /D FALSE=0 /D TRUE=1 -CFLAGS = $(CFLAGS) /D LITTLE_ENDIAN=1234 /D BYTE_ORDER=1234 /D TC_WINDOWS_BOOT /D TC_MINIMIZE_CODE_SIZE /D TC_NO_COMPILER_INT64 -CFLAGS = $(CFLAGS) /D malloc=malloc_NA - -LFLAGS = /NOLOGO /ONERROR:NOEXE /NOI /BATCH - -OBJDIR = Release - -!ifdef RESCUE_DISK -OBJDIR = Rescue -CFLAGS = $(CFLAGS) /D TC_WINDOWS_BOOT_RESCUE_DISK_MODE -!endif - -!ifdef SINGLE_CIPHER -OBJDIR = $(OBJDIR)_$(SINGLE_CIPHER) -CFLAGS = $(CFLAGS) /D TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE /D TC_WINDOWS_BOOT_$(SINGLE_CIPHER) -!endif - -!ifdef SINGLE_PRF -OBJDIR = $(OBJDIR)_$(SINGLE_PRF) -CFLAGS = $(CFLAGS) /D TC_WINDOWS_BOOT_$(SINGLE_PRF) -!else -CFLAGS = $(CFLAGS) /D TC_WINDOWS_BOOT_RIPEMD160 -!endif - -OUTDIR = $(OBJDIR) -TARGETEXT = com -TARGETS = $(OUTDIR)\BootDefs.i $(OUTDIR)\BootSector.bin $(OUTDIR)\Decompressor.com -CFLAGS = $(CFLAGS) /AT /Zl /f- /G3 /Oe /Os /Ob1 /OV0 /Gs /Gf /Gy /D NDEBUG -LFLAGS = $(LFLAGS) /NOD /NOE /TINY -OBJS = $(OUTDIR)\BootCrt.obj -LIBS = slibce - -!if 1 -SRCDIR = .. -!else -SRCDIR = $(MAKEDIR) -!endif - -TARGETS = $(TARGETS) $(OUTDIR)\$(PROJ).$(TARGETEXT) - -OBJS = $(OBJS) $(OUTDIR)\BootConfig.obj -OBJS = $(OBJS) $(OUTDIR)\BootConsoleIo.obj -OBJS = $(OBJS) $(OUTDIR)\BootDebug.obj -OBJS = $(OBJS) $(OUTDIR)\BootDiskIo.obj -OBJS = $(OBJS) $(OUTDIR)\BootEncryptedIo.obj -OBJS = $(OBJS) $(OUTDIR)\BootMain.obj -OBJS = $(OBJS) $(OUTDIR)\BootMemory.obj -OBJS = $(OBJS) $(OUTDIR)\IntFilter.obj -OBJS = $(OBJS) $(OUTDIR)\Platform.obj - -OBJS = $(OBJS) $(OUTDIR)\Crc.obj -OBJS = $(OBJS) $(OUTDIR)\Crypto.obj -OBJS = $(OBJS) $(OUTDIR)\Endian.obj -OBJS = $(OBJS) $(OUTDIR)\Pkcs5.obj -OBJS = $(OBJS) $(OUTDIR)\Volumes.obj -OBJS = $(OBJS) $(OUTDIR)\Xts.obj - -!if "$(SINGLE_PRF)" == "SHA2" -OBJS = $(OBJS) $(OUTDIR)\Sha2Small.obj -!else -OBJS = $(OBJS) $(OUTDIR)\Rmd160.obj -!endif - -!if !DEFINED (SINGLE_CIPHER) -OBJS = $(OBJS) $(OUTDIR)\AesSmall.obj -!else if "$(SINGLE_CIPHER)" == "AES" -OBJS = $(OBJS) $(OUTDIR)\Aes_hw_cpu.obj -OBJS = $(OBJS) $(OUTDIR)\AesSmall_x86.obj -OBJS = $(OBJS) $(OUTDIR)\Aestab.obj -!endif - -!if !DEFINED (SINGLE_CIPHER) || "$(SINGLE_CIPHER)" == "SERPENT" -OBJS = $(OBJS) $(OUTDIR)\Serpent.obj -!endif - -!if !DEFINED (SINGLE_CIPHER) || "$(SINGLE_CIPHER)" == "TWOFISH" -OBJS = $(OBJS) $(OUTDIR)\Twofish.obj -!endif - - -all: env $(TARGETS) - -env: - set INCLUDE=. - set LIB=. - set LIBPATH=. - -clean: - -del /q /s $(OBJDIR) >NUL: - - -.asm{$(OUTDIR)}.obj: - cd $(OBJDIR) - $(AS) $(AFLAGS) /c "$(SRCDIR)\$<" - cd .. - -{..\..\Crypto}.asm{$(OUTDIR)}.obj: - cd $(OBJDIR) - echo $(NUL: - -dd.exe conv=notrunc bs=512 if=BootSector.bin of=$(PROJ).flp 2>NUL: - cd .. - -$(OUTDIR)\Decompressor.com: $(OUTDIR)\BootCrt.obj $(OUTDIR)\Decompressor.obj - cd $(OBJDIR) - $(LD) $(LFLAGS) BootCrt.obj Decompressor.obj,Decompressor.com,Decompressor.map,$(MSVC16_ROOT)\lib\+slibce,, - -dd.exe conv=notrunc,sync bs=512 seek=1 if=Decompressor.com of=$(PROJ).flp 2>NUL: - cd .. - -$(OUTDIR)\$(PROJ).$(TARGETEXT): $(OBJS) - @echo Linking... - cd $(OBJDIR) - - echo >NUL: @<<$(PROJ).crf2 - -$(PROJ).$(TARGETEXT) -$(PROJ).map -$(MSVC16_ROOT)\lib\+ -$(LIBS) -; -<< - del $(PROJ).crf >NUL: 2>NUL: - for %F in ($(**F)) do @echo %F + >>$(PROJ).crf - type $(PROJ).crf2 >>$(PROJ).crf - - $(LD) $(LFLAGS) @$(PROJ).crf - del $(PROJ).crf $(PROJ).crf2 - -# Compress the Rescue Disk botloader for Cascades and Serpent since it is too big (size > 31232 bytes) -!if DEFINED(RESCUE_DISK) && (!DEFINED (SINGLE_CIPHER) || ("$(SINGLE_CIPHER)" == "SERPENT")) - upx $(PROJ).$(TARGETEXT) -!endif - gzip.exe -c -n --best $(PROJ).$(TARGETEXT) >$(PROJ).$(TARGETEXT).gz - -dd.exe conv=notrunc,sync bs=512 seek=5 if=$(PROJ).$(TARGETEXT).gz of=$(PROJ).flp 2>NUL: - cd .. +# +# Derived from source code of TrueCrypt 7.1a, which is +# Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed +# by the TrueCrypt License 3.0. +# +# Modifications and additions to the original source code (contained in this file) +# and all other portions of this file are Copyright (c) 2013-2016 IDRIX +# and are governed by the Apache License 2.0 the full text of which is +# contained in the file License.txt included in VeraCrypt binary and source +# code distribution packages. + +PROJ = BootLoader +.SILENT: + +!ifndef MSVC16_ROOT +!error Environment variable MSVC16_ROOT must point to the installation directory of MS Visual C++ 1.5 +!endif + +ENVPATH = $(PATH) + +CC = $(MSVC16_ROOT)\bin\cl.exe +LD = $(MSVC16_ROOT)\bin\link.exe + +AFLAGS = /nologo /omf + +CFLAGS = /nologo /W3 /Fc /I "$(MSVC16_ROOT)\Include" /I"..\..\.." /I"..\..\..\Common" /I"..\..\..\Crypto" +CFLAGS = $(CFLAGS) /D __int8=char /D __int16=int /D __int32=long /D BOOL=char /D FALSE=0 /D TRUE=1 +CFLAGS = $(CFLAGS) /D LITTLE_ENDIAN=1234 /D BYTE_ORDER=1234 /D TC_WINDOWS_BOOT /D TC_MINIMIZE_CODE_SIZE /D TC_NO_COMPILER_INT64 +CFLAGS = $(CFLAGS) /D malloc=malloc_NA + +LFLAGS = /NOLOGO /ONERROR:NOEXE /NOI /BATCH + +OBJDIR = Release + +!ifdef RESCUE_DISK +OBJDIR = Rescue +CFLAGS = $(CFLAGS) /D TC_WINDOWS_BOOT_RESCUE_DISK_MODE +!endif + +!ifdef SINGLE_CIPHER +OBJDIR = $(OBJDIR)_$(SINGLE_CIPHER) +CFLAGS = $(CFLAGS) /D TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE /D TC_WINDOWS_BOOT_$(SINGLE_CIPHER) +!endif + +!ifdef SINGLE_PRF +OBJDIR = $(OBJDIR)_$(SINGLE_PRF) +CFLAGS = $(CFLAGS) /D TC_WINDOWS_BOOT_$(SINGLE_PRF) +!else +CFLAGS = $(CFLAGS) /D TC_WINDOWS_BOOT_RIPEMD160 +!endif + +OUTDIR = $(OBJDIR) +TARGETEXT = com +TARGETS = $(OUTDIR)\BootDefs.i $(OUTDIR)\BootSector.bin $(OUTDIR)\Decompressor.com +CFLAGS = $(CFLAGS) /AT /Zl /f- /G3 /Oe /Os /Ob1 /OV0 /Gs /Gf /Gy /D NDEBUG +LFLAGS = $(LFLAGS) /NOD /NOE /TINY +OBJS = $(OUTDIR)\BootCrt.obj +LIBS = slibce + +!if 1 +SRCDIR = .. +!else +SRCDIR = $(MAKEDIR) +!endif + +TARGETS = $(TARGETS) $(OUTDIR)\$(PROJ).$(TARGETEXT) + +OBJS = $(OBJS) $(OUTDIR)\BootConfig.obj +OBJS = $(OBJS) $(OUTDIR)\BootConsoleIo.obj +OBJS = $(OBJS) $(OUTDIR)\BootDebug.obj +OBJS = $(OBJS) $(OUTDIR)\BootDiskIo.obj +OBJS = $(OBJS) $(OUTDIR)\BootEncryptedIo.obj +OBJS = $(OBJS) $(OUTDIR)\BootMain.obj +OBJS = $(OBJS) $(OUTDIR)\BootMemory.obj +OBJS = $(OBJS) $(OUTDIR)\IntFilter.obj +OBJS = $(OBJS) $(OUTDIR)\Platform.obj + +OBJS = $(OBJS) $(OUTDIR)\Crc.obj +OBJS = $(OBJS) $(OUTDIR)\Crypto.obj +OBJS = $(OBJS) $(OUTDIR)\Endian.obj +OBJS = $(OBJS) $(OUTDIR)\Pkcs5.obj +OBJS = $(OBJS) $(OUTDIR)\Volumes.obj +OBJS = $(OBJS) $(OUTDIR)\Xts.obj + +!if "$(SINGLE_PRF)" == "SHA2" +OBJS = $(OBJS) $(OUTDIR)\Sha2Small.obj +!else +OBJS = $(OBJS) $(OUTDIR)\Rmd160.obj +!endif + +!if !DEFINED (SINGLE_CIPHER) +OBJS = $(OBJS) $(OUTDIR)\AesSmall.obj +!else if "$(SINGLE_CIPHER)" == "AES" +OBJS = $(OBJS) $(OUTDIR)\Aes_hw_cpu.obj +OBJS = $(OBJS) $(OUTDIR)\AesSmall_x86.obj +OBJS = $(OBJS) $(OUTDIR)\Aestab.obj +!endif + +!if !DEFINED (SINGLE_CIPHER) || "$(SINGLE_CIPHER)" == "SERPENT" +OBJS = $(OBJS) $(OUTDIR)\Serpent.obj +!endif + +!if !DEFINED (SINGLE_CIPHER) || "$(SINGLE_CIPHER)" == "TWOFISH" +OBJS = $(OBJS) $(OUTDIR)\Twofish.obj +!endif + + +all: env $(TARGETS) + +env: + set INCLUDE=. + set LIB=. + set LIBPATH=. + +clean: + -del /q /s $(OBJDIR) >NUL: + + +.asm{$(OUTDIR)}.obj: + cd $(OBJDIR) + $(AS) $(AFLAGS) /c "$(SRCDIR)\$<" + cd .. + +{..\..\Crypto}.asm{$(OUTDIR)}.obj: + cd $(OBJDIR) + echo $(NUL: + -dd.exe conv=notrunc bs=512 if=BootSector.bin of=$(PROJ).flp 2>NUL: + cd .. + +$(OUTDIR)\Decompressor.com: $(OUTDIR)\BootCrt.obj $(OUTDIR)\Decompressor.obj + cd $(OBJDIR) + $(LD) $(LFLAGS) BootCrt.obj Decompressor.obj,Decompressor.com,Decompressor.map,$(MSVC16_ROOT)\lib\+slibce,, + -dd.exe conv=notrunc,sync bs=512 seek=1 if=Decompressor.com of=$(PROJ).flp 2>NUL: + cd .. + +$(OUTDIR)\$(PROJ).$(TARGETEXT): $(OBJS) + @echo Linking... + cd $(OBJDIR) + + echo >NUL: @<<$(PROJ).crf2 + +$(PROJ).$(TARGETEXT) +$(PROJ).map +$(MSVC16_ROOT)\lib\+ +$(LIBS) +; +<< + del $(PROJ).crf >NUL: 2>NUL: + for %F in ($(**F)) do @echo %F + >>$(PROJ).crf + type $(PROJ).crf2 >>$(PROJ).crf + + $(LD) $(LFLAGS) @$(PROJ).crf + del $(PROJ).crf $(PROJ).crf2 + +# Compress the Rescue Disk botloader for Cascades and Serpent since it is too big (size > 31232 bytes) +!if DEFINED(RESCUE_DISK) && (!DEFINED (SINGLE_CIPHER) || ("$(SINGLE_CIPHER)" == "SERPENT")) + upx $(PROJ).$(TARGETEXT) +!endif + gzip.exe -c -n --best $(PROJ).$(TARGETEXT) >$(PROJ).$(TARGETEXT).gz + -dd.exe conv=notrunc,sync bs=512 seek=5 if=$(PROJ).$(TARGETEXT).gz of=$(PROJ).flp 2>NUL: + cd .. diff --git a/src/Boot/Windows/Platform.cpp b/src/Boot/Windows/Platform.cpp index d9819cfa..316e71b3 100644 --- a/src/Boot/Windows/Platform.cpp +++ b/src/Boot/Windows/Platform.cpp @@ -1,230 +1,230 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Platform.h" -#include "BootConsoleIo.h" - - -uint64 operator+ (const uint64 &a, const uint64 &b) -{ - int carry = 0; - uint64 r; - - r.LowPart = a.LowPart + b.LowPart; - __asm - { - jnc nocarry - mov carry, 1 - nocarry: - } - - r.HighPart = a.HighPart + b.HighPart + carry; - - return r; -} - -uint64 operator+ (const uint64 &a, uint32 b) -{ - uint64 b64; - b64.HighPart = 0; - b64.LowPart = b; - return a + b64; -} - -uint64 &operator+= (uint64 &a, const uint64 &b) -{ - return a = a + b; -} - -uint64 operator- (const uint64 &a, const uint64 &b) -{ - int carry = 0; - uint64 r; - - r.LowPart = a.LowPart - b.LowPart; - __asm - { - jnc nocarry - mov carry, 1 - nocarry: - } - - r.HighPart = a.HighPart - b.HighPart - carry; - - return r; -} - -uint64 operator- (const uint64 &a, uint32 b) -{ - uint64 b64; - b64.HighPart = 0; - b64.LowPart = b; - return a - b64; -} - -uint64 &operator-= (uint64 &a, const uint64 &b) -{ - return a = a - b; -} - -uint64 operator>> (const uint64 &a, int shiftCount) -{ - uint64 r = a; - - while (shiftCount--) - { - r.LowPart >>= 1; - - if ((byte) r.HighPart & 1) - r.LowPart |= 0x80000000UL; - - r.HighPart >>= 1; - } - - return r; -} - -uint64 operator<< (const uint64 &a, int shiftCount) -{ - uint64 r = a; - - while (shiftCount--) - r += r; - - return r; -} - -uint64 &operator++ (uint64 &a) -{ - uint64 b; - b.HighPart = 0; - b.LowPart = 1; - - return a += b; -} - -bool operator== (const uint64 &a, const uint64 &b) -{ - return a.HighPart == b.HighPart && a.LowPart == b.LowPart; -} - -bool operator> (const uint64 &a, const uint64 &b) -{ - return (a.HighPart > b.HighPart) || (a.HighPart == b.HighPart && a.LowPart > b.LowPart); -} - -bool operator< (const uint64 &a, const uint64 &b) -{ - return (a.HighPart < b.HighPart) || (a.HighPart == b.HighPart && a.LowPart < b.LowPart); -} - -bool operator>= (const uint64 &a, const uint64 &b) -{ - return a > b || a == b; -} - -bool operator<= (const uint64 &a, const uint64 &b) -{ - return a < b || a == b; -} - -bool TestInt64 () -{ - uint64 a, b, c; - a.HighPart = 0x00112233UL; - a.LowPart = 0xabcd1234UL; - - b.HighPart = 0x00ffeeddUL; - b.LowPart = 0xffffFFFFUL; - - a += b; - a -= b; - - ++a; - - b = b + (uint32) 1UL; - - c = (a - ((a + b) >> 32) - (uint32) 1UL); - if (c.HighPart != 0x112233UL || c.LowPart != 0xAABC0123UL) - return false; - - c = c << 9; - return c.HighPart == 0x22446755UL && c.LowPart == 0x78024600UL; -} - - -void CopyMemory (void *source, uint16 destSegment, uint16 destOffset, uint16 blockSize) -{ - __asm - { - push es - mov si, ss:source - mov es, ss:destSegment - mov di, ss:destOffset - mov cx, ss:blockSize - cld - rep movsb - pop es - } -} - - -void CopyMemory (uint16 sourceSegment, uint16 sourceOffset, void *destination, uint16 blockSize) -{ - __asm - { - push ds - push es - mov ax, ds - mov es, ax - mov di, ss:destination - mov si, ss:sourceOffset - mov cx, ss:blockSize - mov ds, ss:sourceSegment - cld - rep movsb - pop es - pop ds - } -} - - -void EraseMemory (void *memory, int size) -{ - memset (memory, 0, size); -} - - -uint32 GetLinearAddress (uint16 segment, uint16 offset) -{ - return (uint32 (segment) << 4) + offset; -} - - -bool RegionsIntersect (const uint64 &start1, uint32 length1, const uint64 &start2, const uint64 &end2) -{ - uint64 end1 = start1 + length1 - 1UL; - uint64 intersectEnd = (end1 <= end2) ? end1 : end2; - - uint64 intersectStart = (start1 >= start2) ? start1 : start2; - if (intersectStart > intersectEnd) - return false; - - return (intersectEnd + 1UL - intersectStart).LowPart != 0; -} - - -void ThrowFatalException (int line) -{ - PrintChar ('#'); Print (line); - while (1); -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Platform.h" +#include "BootConsoleIo.h" + + +uint64 operator+ (const uint64 &a, const uint64 &b) +{ + int carry = 0; + uint64 r; + + r.LowPart = a.LowPart + b.LowPart; + __asm + { + jnc nocarry + mov carry, 1 + nocarry: + } + + r.HighPart = a.HighPart + b.HighPart + carry; + + return r; +} + +uint64 operator+ (const uint64 &a, uint32 b) +{ + uint64 b64; + b64.HighPart = 0; + b64.LowPart = b; + return a + b64; +} + +uint64 &operator+= (uint64 &a, const uint64 &b) +{ + return a = a + b; +} + +uint64 operator- (const uint64 &a, const uint64 &b) +{ + int carry = 0; + uint64 r; + + r.LowPart = a.LowPart - b.LowPart; + __asm + { + jnc nocarry + mov carry, 1 + nocarry: + } + + r.HighPart = a.HighPart - b.HighPart - carry; + + return r; +} + +uint64 operator- (const uint64 &a, uint32 b) +{ + uint64 b64; + b64.HighPart = 0; + b64.LowPart = b; + return a - b64; +} + +uint64 &operator-= (uint64 &a, const uint64 &b) +{ + return a = a - b; +} + +uint64 operator>> (const uint64 &a, int shiftCount) +{ + uint64 r = a; + + while (shiftCount--) + { + r.LowPart >>= 1; + + if ((byte) r.HighPart & 1) + r.LowPart |= 0x80000000UL; + + r.HighPart >>= 1; + } + + return r; +} + +uint64 operator<< (const uint64 &a, int shiftCount) +{ + uint64 r = a; + + while (shiftCount--) + r += r; + + return r; +} + +uint64 &operator++ (uint64 &a) +{ + uint64 b; + b.HighPart = 0; + b.LowPart = 1; + + return a += b; +} + +bool operator== (const uint64 &a, const uint64 &b) +{ + return a.HighPart == b.HighPart && a.LowPart == b.LowPart; +} + +bool operator> (const uint64 &a, const uint64 &b) +{ + return (a.HighPart > b.HighPart) || (a.HighPart == b.HighPart && a.LowPart > b.LowPart); +} + +bool operator< (const uint64 &a, const uint64 &b) +{ + return (a.HighPart < b.HighPart) || (a.HighPart == b.HighPart && a.LowPart < b.LowPart); +} + +bool operator>= (const uint64 &a, const uint64 &b) +{ + return a > b || a == b; +} + +bool operator<= (const uint64 &a, const uint64 &b) +{ + return a < b || a == b; +} + +bool TestInt64 () +{ + uint64 a, b, c; + a.HighPart = 0x00112233UL; + a.LowPart = 0xabcd1234UL; + + b.HighPart = 0x00ffeeddUL; + b.LowPart = 0xffffFFFFUL; + + a += b; + a -= b; + + ++a; + + b = b + (uint32) 1UL; + + c = (a - ((a + b) >> 32) - (uint32) 1UL); + if (c.HighPart != 0x112233UL || c.LowPart != 0xAABC0123UL) + return false; + + c = c << 9; + return c.HighPart == 0x22446755UL && c.LowPart == 0x78024600UL; +} + + +void CopyMemory (void *source, uint16 destSegment, uint16 destOffset, uint16 blockSize) +{ + __asm + { + push es + mov si, ss:source + mov es, ss:destSegment + mov di, ss:destOffset + mov cx, ss:blockSize + cld + rep movsb + pop es + } +} + + +void CopyMemory (uint16 sourceSegment, uint16 sourceOffset, void *destination, uint16 blockSize) +{ + __asm + { + push ds + push es + mov ax, ds + mov es, ax + mov di, ss:destination + mov si, ss:sourceOffset + mov cx, ss:blockSize + mov ds, ss:sourceSegment + cld + rep movsb + pop es + pop ds + } +} + + +void EraseMemory (void *memory, int size) +{ + memset (memory, 0, size); +} + + +uint32 GetLinearAddress (uint16 segment, uint16 offset) +{ + return (uint32 (segment) << 4) + offset; +} + + +bool RegionsIntersect (const uint64 &start1, uint32 length1, const uint64 &start2, const uint64 &end2) +{ + uint64 end1 = start1 + length1 - 1UL; + uint64 intersectEnd = (end1 <= end2) ? end1 : end2; + + uint64 intersectStart = (start1 >= start2) ? start1 : start2; + if (intersectStart > intersectEnd) + return false; + + return (intersectEnd + 1UL - intersectStart).LowPart != 0; +} + + +void ThrowFatalException (int line) +{ + PrintChar ('#'); Print (line); + while (1); +} diff --git a/src/Boot/Windows/Platform.h b/src/Boot/Windows/Platform.h index 2fa532ce..879b1c39 100644 --- a/src/Boot/Windows/Platform.h +++ b/src/Boot/Windows/Platform.h @@ -1,116 +1,116 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Boot_Platform -#define TC_HEADER_Boot_Platform - -#pragma warning (disable: 4018 4102 4704 4769) - -#include "TCdefs.h" -#include - -typedef char bool; -#define false 0 -#define true 1 - -#define nullptr 0 -#define NULL 0 - -typedef UINT64_STRUCT uint64; - -#define array_capacity(arr) (sizeof (arr) / sizeof ((arr)[0])) - -#define TC_TO_STRING2(n) #n -#define TC_TO_STRING(n) TC_TO_STRING2(n) - - -#define TC_X86_CARRY_FLAG 0x1 - -#define TC_ASM_EMIT(A,B) __asm _emit 0x##A __asm _emit 0x##B -#define TC_ASM_EMIT3(A,B,C) __asm _emit 0x##A __asm _emit 0x##B __asm _emit 0x##C -#define TC_ASM_EMIT4(A,B,C,D) __asm _emit 0x##A __asm _emit 0x##B __asm _emit 0x##C __asm _emit 0x##D - -#define TC_ASM_MOV_EAX_DI TC_ASM_EMIT3 (66, 8B, 05) -#define TC_ASM_MOV_EBX_DI TC_ASM_EMIT3 (66, 8B, 1D) -#define TC_ASM_MOV_ECX_DI TC_ASM_EMIT3 (66, 8B, 0D) -#define TC_ASM_MOV_EDX_DI TC_ASM_EMIT3 (66, 8B, 15) - -#define TC_ASM_MOV_DI_EAX TC_ASM_EMIT3 (66, 89, 05) -#define TC_ASM_MOV_DI_EBX TC_ASM_EMIT3 (66, 89, 1D) -#define TC_ASM_MOV_DI_ECX TC_ASM_EMIT3 (66, 89, 0D) -#define TC_ASM_MOV_DI_EDX TC_ASM_EMIT3 (66, 89, 15) - - -#pragma pack(1) - -struct Registers -{ - uint16 Flags; - - union - { - uint32 EAX; - struct { uint16 AX; uint16 EAXH; }; - }; - - union - { - uint32 EBX; - struct { uint16 BX; uint16 EBXH; }; - }; - - union - { - uint32 ECX; - struct { uint16 CX; uint16 ECXH; }; - }; - - union - { - uint32 EDX; - struct { uint16 DX; uint16 EDXH; }; - }; - - uint16 DI; - uint16 SI; - uint16 DS; - uint16 ES; - uint16 SS; -}; - -#pragma pack() - - -uint64 operator+ (const uint64 &a, const uint64 &b); -uint64 operator+ (const uint64 &a, uint32 b); -uint64 &operator+= (uint64 &a, const uint64 &b); -uint64 operator- (const uint64 &a, const uint64 &b); -uint64 operator- (const uint64 &a, uint32 b); -uint64 &operator-= (uint64 &a, const uint64 &b); -uint64 operator>> (const uint64 &a, int shiftCount); -uint64 operator<< (const uint64 &a, int shiftCount); -uint64 &operator++ (uint64 &a); -bool operator== (const uint64 &a, const uint64 &b); -bool operator> (const uint64 &a, const uint64 &b); -bool operator< (const uint64 &a, const uint64 &b); -bool operator>= (const uint64 &a, const uint64 &b); -bool operator<= (const uint64 &a, const uint64 &b); - -void CopyMemory (void *source, uint16 destSegment, uint16 destOffset, uint16 blockSize); -void CopyMemory (uint16 sourceSegment, uint16 sourceOffset, void *destination, uint16 blockSize); -extern "C" void EraseMemory (void *memory, int size); -uint32 GetLinearAddress (uint16 segment, uint16 offset); -bool RegionsIntersect (const uint64 &start1, uint32 length1, const uint64 &start2, const uint64 &end2); -bool TestInt64 (); -extern "C" void ThrowFatalException (int line); - -#endif // TC_HEADER_Boot_Platform +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Boot_Platform +#define TC_HEADER_Boot_Platform + +#pragma warning (disable: 4018 4102 4704 4769) + +#include "TCdefs.h" +#include + +typedef char bool; +#define false 0 +#define true 1 + +#define nullptr 0 +#define NULL 0 + +typedef UINT64_STRUCT uint64; + +#define array_capacity(arr) (sizeof (arr) / sizeof ((arr)[0])) + +#define TC_TO_STRING2(n) #n +#define TC_TO_STRING(n) TC_TO_STRING2(n) + + +#define TC_X86_CARRY_FLAG 0x1 + +#define TC_ASM_EMIT(A,B) __asm _emit 0x##A __asm _emit 0x##B +#define TC_ASM_EMIT3(A,B,C) __asm _emit 0x##A __asm _emit 0x##B __asm _emit 0x##C +#define TC_ASM_EMIT4(A,B,C,D) __asm _emit 0x##A __asm _emit 0x##B __asm _emit 0x##C __asm _emit 0x##D + +#define TC_ASM_MOV_EAX_DI TC_ASM_EMIT3 (66, 8B, 05) +#define TC_ASM_MOV_EBX_DI TC_ASM_EMIT3 (66, 8B, 1D) +#define TC_ASM_MOV_ECX_DI TC_ASM_EMIT3 (66, 8B, 0D) +#define TC_ASM_MOV_EDX_DI TC_ASM_EMIT3 (66, 8B, 15) + +#define TC_ASM_MOV_DI_EAX TC_ASM_EMIT3 (66, 89, 05) +#define TC_ASM_MOV_DI_EBX TC_ASM_EMIT3 (66, 89, 1D) +#define TC_ASM_MOV_DI_ECX TC_ASM_EMIT3 (66, 89, 0D) +#define TC_ASM_MOV_DI_EDX TC_ASM_EMIT3 (66, 89, 15) + + +#pragma pack(1) + +struct Registers +{ + uint16 Flags; + + union + { + uint32 EAX; + struct { uint16 AX; uint16 EAXH; }; + }; + + union + { + uint32 EBX; + struct { uint16 BX; uint16 EBXH; }; + }; + + union + { + uint32 ECX; + struct { uint16 CX; uint16 ECXH; }; + }; + + union + { + uint32 EDX; + struct { uint16 DX; uint16 EDXH; }; + }; + + uint16 DI; + uint16 SI; + uint16 DS; + uint16 ES; + uint16 SS; +}; + +#pragma pack() + + +uint64 operator+ (const uint64 &a, const uint64 &b); +uint64 operator+ (const uint64 &a, uint32 b); +uint64 &operator+= (uint64 &a, const uint64 &b); +uint64 operator- (const uint64 &a, const uint64 &b); +uint64 operator- (const uint64 &a, uint32 b); +uint64 &operator-= (uint64 &a, const uint64 &b); +uint64 operator>> (const uint64 &a, int shiftCount); +uint64 operator<< (const uint64 &a, int shiftCount); +uint64 &operator++ (uint64 &a); +bool operator== (const uint64 &a, const uint64 &b); +bool operator> (const uint64 &a, const uint64 &b); +bool operator< (const uint64 &a, const uint64 &b); +bool operator>= (const uint64 &a, const uint64 &b); +bool operator<= (const uint64 &a, const uint64 &b); + +void CopyMemory (void *source, uint16 destSegment, uint16 destOffset, uint16 blockSize); +void CopyMemory (uint16 sourceSegment, uint16 sourceOffset, void *destination, uint16 blockSize); +extern "C" void EraseMemory (void *memory, int size); +uint32 GetLinearAddress (uint16 segment, uint16 offset); +bool RegionsIntersect (const uint64 &start1, uint32 length1, const uint64 &start2, const uint64 &end2); +bool TestInt64 (); +extern "C" void ThrowFatalException (int line); + +#endif // TC_HEADER_Boot_Platform diff --git a/src/Build/Tools/MacOSX/nasm b/src/Build/Tools/MacOSX/nasm index 7d2c38ac..62a6702a 100755 Binary files a/src/Build/Tools/MacOSX/nasm and b/src/Build/Tools/MacOSX/nasm differ diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h index f584582e..5ea89770 100644 --- a/src/Common/Apidrvr.h +++ b/src/Common/Apidrvr.h @@ -1,344 +1,344 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#pragma once - -#include "Tcdefs.h" -#include "Boot/Windows/BootDefs.h" -#include "Common.h" -#include "Crypto.h" -#include "Volumes.h" -#include "Wipe.h" - -#ifdef _WIN32 - -/* WARNING: Modifying the following values or their meanings can introduce incompatibility with previous versions. */ - -#define TC_IOCTL(CODE) (CTL_CODE (FILE_DEVICE_UNKNOWN, 0x800 + (CODE), METHOD_BUFFERED, FILE_ANY_ACCESS)) - -#define TC_IOCTL_GET_DRIVER_VERSION TC_IOCTL (1) -#define TC_IOCTL_GET_BOOT_LOADER_VERSION TC_IOCTL (2) -#define TC_IOCTL_MOUNT_VOLUME TC_IOCTL (3) -#define TC_IOCTL_DISMOUNT_VOLUME TC_IOCTL (4) -#define TC_IOCTL_DISMOUNT_ALL_VOLUMES TC_IOCTL (5) -#define TC_IOCTL_GET_MOUNTED_VOLUMES TC_IOCTL (6) -#define TC_IOCTL_GET_VOLUME_PROPERTIES TC_IOCTL (7) -#define TC_IOCTL_GET_DEVICE_REFCOUNT TC_IOCTL (8) -#define TC_IOCTL_IS_DRIVER_UNLOAD_DISABLED TC_IOCTL (9) -#define TC_IOCTL_IS_ANY_VOLUME_MOUNTED TC_IOCTL (10) -#define TC_IOCTL_GET_PASSWORD_CACHE_STATUS TC_IOCTL (11) -#define TC_IOCTL_WIPE_PASSWORD_CACHE TC_IOCTL (12) -#define TC_IOCTL_OPEN_TEST TC_IOCTL (13) -#define TC_IOCTL_GET_DRIVE_PARTITION_INFO TC_IOCTL (14) -#define TC_IOCTL_GET_DRIVE_GEOMETRY TC_IOCTL (15) -#define TC_IOCTL_PROBE_REAL_DRIVE_SIZE TC_IOCTL (16) -#define TC_IOCTL_GET_RESOLVED_SYMLINK TC_IOCTL (17) -#define TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS TC_IOCTL (18) -#define TC_IOCTL_BOOT_ENCRYPTION_SETUP TC_IOCTL (19) -#define TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP TC_IOCTL (20) -#define TC_IOCTL_GET_BOOT_ENCRYPTION_SETUP_RESULT TC_IOCTL (21) -#define TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES TC_IOCTL (22) -#define TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER TC_IOCTL (23) -#define TC_IOCTL_GET_BOOT_ENCRYPTION_ALGORITHM_NAME TC_IOCTL (24) -#define TC_IOCTL_GET_PORTABLE_MODE_STATUS TC_IOCTL (25) -#define TC_IOCTL_SET_PORTABLE_MODE_STATUS TC_IOCTL (26) -#define TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING TC_IOCTL (27) -#define TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG TC_IOCTL (28) -#define TC_IOCTL_DISK_IS_WRITABLE TC_IOCTL (29) -#define TC_IOCTL_START_DECOY_SYSTEM_WIPE TC_IOCTL (30) -#define TC_IOCTL_ABORT_DECOY_SYSTEM_WIPE TC_IOCTL (31) -#define TC_IOCTL_GET_DECOY_SYSTEM_WIPE_STATUS TC_IOCTL (32) -#define TC_IOCTL_GET_DECOY_SYSTEM_WIPE_RESULT TC_IOCTL (33) -#define TC_IOCTL_WRITE_BOOT_DRIVE_SECTOR TC_IOCTL (34) -#define TC_IOCTL_GET_WARNING_FLAGS TC_IOCTL (35) -#define TC_IOCTL_SET_SYSTEM_FAVORITE_VOLUME_DIRTY TC_IOCTL (36) -#define TC_IOCTL_REREAD_DRIVER_CONFIG TC_IOCTL (37) -#define TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG TC_IOCTL (38) -#define VC_IOCTL_GET_BOOT_LOADER_FINGERPRINT TC_IOCTL (39) - -// Legacy IOCTLs used before version 5.0 -#define TC_IOCTL_LEGACY_GET_DRIVER_VERSION 466968 -#define TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES 466948 - - -/* Start of driver interface structures, the size of these structures may - change between versions; so make sure you first send DRIVER_VERSION to - check that it's the correct device driver */ - -#pragma pack (push) -#pragma pack(1) - -typedef struct -{ - int nReturnCode; /* Return code back from driver */ - BOOL FilesystemDirty; - BOOL VolumeMountedReadOnlyAfterAccessDenied; - BOOL VolumeMountedReadOnlyAfterDeviceWriteProtected; - - wchar_t wszVolume[TC_MAX_PATH]; /* Volume to be mounted */ - Password VolumePassword; /* User password */ - BOOL bCache; /* Cache passwords in driver */ - int nDosDriveNo; /* Drive number to mount */ - uint32 BytesPerSector; - BOOL bMountReadOnly; /* Mount volume in read-only mode */ - BOOL bMountRemovable; /* Mount volume as removable media */ - BOOL bExclusiveAccess; /* Open host file/device in exclusive access mode */ - BOOL bMountManager; /* Announce volume to mount manager */ - BOOL bPreserveTimestamp; /* Preserve file container timestamp */ - BOOL bPartitionInInactiveSysEncScope; /* If TRUE, we are to attempt to mount a partition located on an encrypted system drive without pre-boot authentication. */ - int nPartitionInInactiveSysEncScopeDriveNo; /* If bPartitionInInactiveSysEncScope is TRUE, this contains the drive number of the system drive on which the partition is located. */ - BOOL SystemFavorite; - // Hidden volume protection - BOOL bProtectHiddenVolume; /* TRUE if the user wants the hidden volume within this volume to be protected against being overwritten (damaged) */ - Password ProtectedHidVolPassword; /* Password to the hidden volume to be protected against overwriting */ - BOOL UseBackupHeader; - BOOL RecoveryMode; - int pkcs5_prf; - int ProtectedHidVolPkcs5Prf; - BOOL bTrueCryptMode; - uint32 BytesPerPhysicalSector; - int VolumePim; - int ProtectedHidVolPim; - wchar_t wszLabel[33]; // maximum label length is 32 for NTFS and 11 for FAT32 - BOOL bIsNTFS; // output only - BOOL bDriverSetLabel; - BOOL bCachePim; -} MOUNT_STRUCT; - -typedef struct -{ - int nDosDriveNo; /* Drive letter to unmount */ - BOOL ignoreOpenFiles; - BOOL HiddenVolumeProtectionTriggered; - int nReturnCode; /* Return code back from driver */ -} UNMOUNT_STRUCT; - -typedef struct -{ - unsigned __int32 ulMountedDrives; /* Bitfield of all mounted drive letters */ - wchar_t wszVolume[26][TC_MAX_PATH]; /* Volume names of mounted volumes */ - wchar_t wszLabel[26][33]; /* Labels of mounted volumes */ - wchar_t volumeID[26][VOLUME_ID_SIZE]; /* IDs of mounted volumes */ - unsigned __int64 diskLength[26]; - int ea[26]; - int volumeType[26]; /* Volume type (e.g. PROP_VOL_TYPE_OUTER, PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED, etc.) */ - BOOL truecryptMode[26]; -} MOUNT_LIST_STRUCT; - -typedef struct -{ - int driveNo; - int uniqueId; - wchar_t wszVolume[TC_MAX_PATH]; - unsigned __int64 diskLength; - int ea; - int mode; - int pkcs5; - int pkcs5Iterations; - BOOL hiddenVolume; - BOOL readOnly; - BOOL removable; - BOOL partitionInInactiveSysEncScope; - uint32 volumeHeaderFlags; - unsigned __int64 totalBytesRead; - unsigned __int64 totalBytesWritten; - int hiddenVolProtection; /* Hidden volume protection status (e.g. HIDVOL_PROT_STATUS_NONE, HIDVOL_PROT_STATUS_ACTIVE, etc.) */ - int volFormatVersion; - int volumePim; - wchar_t wszLabel[33]; - BOOL bDriverSetLabel; - unsigned char volumeID[VOLUME_ID_SIZE]; -} VOLUME_PROPERTIES_STRUCT; - -typedef struct -{ - WCHAR symLinkName[TC_MAX_PATH]; - WCHAR targetName[TC_MAX_PATH]; -} RESOLVE_SYMLINK_STRUCT; - -typedef struct -{ - WCHAR deviceName[TC_MAX_PATH]; - PARTITION_INFORMATION partInfo; - BOOL IsGPT; - BOOL IsDynamic; -} -DISK_PARTITION_INFO_STRUCT; - -typedef struct -{ - WCHAR deviceName[TC_MAX_PATH]; - DISK_GEOMETRY diskGeometry; -} -DISK_GEOMETRY_STRUCT; - -typedef struct -{ - WCHAR DeviceName[TC_MAX_PATH]; - LARGE_INTEGER RealDriveSize; - BOOL TimeOut; -} ProbeRealDriveSizeRequest; - -typedef struct -{ - wchar_t wszFileName[TC_MAX_PATH]; // Volume to be "open tested" - BOOL bDetectTCBootLoader; // Whether the driver is to determine if the first sector contains a portion of the TrueCrypt Boot Loader - BOOL TCBootLoaderDetected; - BOOL DetectFilesystem; - BOOL FilesystemDetected; - BOOL bMatchVolumeID; - unsigned char volumeID[VOLUME_ID_SIZE]; - BOOL VolumeIDMatched; -} OPEN_TEST_STRUCT; - - -typedef enum -{ - SetupNone = 0, - SetupEncryption, - SetupDecryption -} BootEncryptionSetupMode; - - -typedef struct -{ - // New fields must be added at the end of the structure to maintain compatibility with previous versions - BOOL DeviceFilterActive; - - uint16 BootLoaderVersion; - - BOOL DriveMounted; - BOOL VolumeHeaderPresent; - BOOL DriveEncrypted; - - LARGE_INTEGER BootDriveLength; - - int64 ConfiguredEncryptedAreaStart; - int64 ConfiguredEncryptedAreaEnd; - int64 EncryptedAreaStart; - int64 EncryptedAreaEnd; - - uint32 VolumeHeaderSaltCrc32; - - BOOL SetupInProgress; - BootEncryptionSetupMode SetupMode; - BOOL TransformWaitingForIdle; - - uint32 HibernationPreventionCount; - - BOOL HiddenSystem; - int64 HiddenSystemPartitionStart; - - // Number of times the filter driver answered that an unencrypted volume - // is read-only (or mounted an outer/normal TrueCrypt volume as read only) - uint32 HiddenSysLeakProtectionCount; - -} BootEncryptionStatus; - - -typedef struct -{ - BootEncryptionSetupMode SetupMode; - WipeAlgorithmId WipeAlgorithm; - BOOL ZeroUnreadableSectors; - BOOL DiscardUnreadableEncryptedSectors; -} BootEncryptionSetupRequest; - - -typedef struct -{ - Password VolumePassword; - int pkcs5_prf; - int pim; -} ReopenBootVolumeHeaderRequest; - - -typedef struct -{ - char BootEncryptionAlgorithmName[256]; - char BootPrfAlgorithmName[256]; -} GetBootEncryptionAlgorithmNameRequest; - -typedef struct -{ - byte Fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE]; -} BootLoaderFingerprintRequest; - -typedef struct -{ - wchar_t DevicePath[TC_MAX_PATH]; - byte Configuration; - BOOL DriveIsDynamic; - uint16 BootLoaderVersion; - byte UserConfiguration; - char CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1]; -} GetSystemDriveConfigurationRequest; - -typedef struct -{ - WipeAlgorithmId WipeAlgorithm; - byte WipeKey[MASTER_KEYDATA_SIZE]; -} WipeDecoySystemRequest; - -typedef struct -{ - BOOL WipeInProgress; - WipeAlgorithmId WipeAlgorithm; - int64 WipedAreaEnd; -} DecoySystemWipeStatus; - -typedef struct -{ - LARGE_INTEGER Offset; - byte Data[TC_SECTOR_SIZE_BIOS]; -} WriteBootDriveSectorRequest; - -typedef struct -{ - BOOL PagingFileCreationPrevented; - BOOL SystemFavoriteVolumeDirty; -} GetWarningFlagsRequest; - -typedef struct -{ - struct _DriveFilterExtension *BootDriveFilterExtension; - BOOL HwEncryptionEnabled; -} GetSystemDriveDumpConfigRequest; - -#pragma pack (pop) - -#define DRIVER_STR WIDE - -#define TC_UNIQUE_ID_PREFIX "VeraCryptVolume" -#define TC_MOUNT_PREFIX L"\\Device\\VeraCryptVolume" - -#define NT_MOUNT_PREFIX DRIVER_STR("\\Device\\VeraCryptVolume") -#define NT_ROOT_PREFIX DRIVER_STR("\\Device\\VeraCrypt") -#define DOS_MOUNT_PREFIX_DEFAULT DRIVER_STR("\\DosDevices\\") -#define DOS_MOUNT_PREFIX_GLOBAL DRIVER_STR("\\GLOBAL??\\") // Use Global MS-DOS device names for sanity checks on drive letters -#define DOS_ROOT_PREFIX DRIVER_STR("\\DosDevices\\VeraCrypt") -#define WIN32_ROOT_PREFIX DRIVER_STR("\\\\.\\VeraCrypt") - -#define TC_DRIVER_CONFIG_REG_VALUE_NAME DRIVER_STR("VeraCryptConfig") -#define TC_ENCRYPTION_FREE_CPU_COUNT_REG_VALUE_NAME DRIVER_STR("VeraCryptEncryptionFreeCpuCount") - -// WARNING: Modifying the following values can introduce incompatibility with previous versions. -#define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD 0x1 -#define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES 0x2 -#define TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS 0x4 -#define TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION 0x8 -#define TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL 0x10 -#define TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION 0x20 -#define TC_DRIVER_CONFIG_CACHE_BOOT_PIM 0x40 - -#endif /* _WIN32 */ +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#pragma once + +#include "Tcdefs.h" +#include "Boot/Windows/BootDefs.h" +#include "Common.h" +#include "Crypto.h" +#include "Volumes.h" +#include "Wipe.h" + +#ifdef _WIN32 + +/* WARNING: Modifying the following values or their meanings can introduce incompatibility with previous versions. */ + +#define TC_IOCTL(CODE) (CTL_CODE (FILE_DEVICE_UNKNOWN, 0x800 + (CODE), METHOD_BUFFERED, FILE_ANY_ACCESS)) + +#define TC_IOCTL_GET_DRIVER_VERSION TC_IOCTL (1) +#define TC_IOCTL_GET_BOOT_LOADER_VERSION TC_IOCTL (2) +#define TC_IOCTL_MOUNT_VOLUME TC_IOCTL (3) +#define TC_IOCTL_DISMOUNT_VOLUME TC_IOCTL (4) +#define TC_IOCTL_DISMOUNT_ALL_VOLUMES TC_IOCTL (5) +#define TC_IOCTL_GET_MOUNTED_VOLUMES TC_IOCTL (6) +#define TC_IOCTL_GET_VOLUME_PROPERTIES TC_IOCTL (7) +#define TC_IOCTL_GET_DEVICE_REFCOUNT TC_IOCTL (8) +#define TC_IOCTL_IS_DRIVER_UNLOAD_DISABLED TC_IOCTL (9) +#define TC_IOCTL_IS_ANY_VOLUME_MOUNTED TC_IOCTL (10) +#define TC_IOCTL_GET_PASSWORD_CACHE_STATUS TC_IOCTL (11) +#define TC_IOCTL_WIPE_PASSWORD_CACHE TC_IOCTL (12) +#define TC_IOCTL_OPEN_TEST TC_IOCTL (13) +#define TC_IOCTL_GET_DRIVE_PARTITION_INFO TC_IOCTL (14) +#define TC_IOCTL_GET_DRIVE_GEOMETRY TC_IOCTL (15) +#define TC_IOCTL_PROBE_REAL_DRIVE_SIZE TC_IOCTL (16) +#define TC_IOCTL_GET_RESOLVED_SYMLINK TC_IOCTL (17) +#define TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS TC_IOCTL (18) +#define TC_IOCTL_BOOT_ENCRYPTION_SETUP TC_IOCTL (19) +#define TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP TC_IOCTL (20) +#define TC_IOCTL_GET_BOOT_ENCRYPTION_SETUP_RESULT TC_IOCTL (21) +#define TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES TC_IOCTL (22) +#define TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER TC_IOCTL (23) +#define TC_IOCTL_GET_BOOT_ENCRYPTION_ALGORITHM_NAME TC_IOCTL (24) +#define TC_IOCTL_GET_PORTABLE_MODE_STATUS TC_IOCTL (25) +#define TC_IOCTL_SET_PORTABLE_MODE_STATUS TC_IOCTL (26) +#define TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING TC_IOCTL (27) +#define TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG TC_IOCTL (28) +#define TC_IOCTL_DISK_IS_WRITABLE TC_IOCTL (29) +#define TC_IOCTL_START_DECOY_SYSTEM_WIPE TC_IOCTL (30) +#define TC_IOCTL_ABORT_DECOY_SYSTEM_WIPE TC_IOCTL (31) +#define TC_IOCTL_GET_DECOY_SYSTEM_WIPE_STATUS TC_IOCTL (32) +#define TC_IOCTL_GET_DECOY_SYSTEM_WIPE_RESULT TC_IOCTL (33) +#define TC_IOCTL_WRITE_BOOT_DRIVE_SECTOR TC_IOCTL (34) +#define TC_IOCTL_GET_WARNING_FLAGS TC_IOCTL (35) +#define TC_IOCTL_SET_SYSTEM_FAVORITE_VOLUME_DIRTY TC_IOCTL (36) +#define TC_IOCTL_REREAD_DRIVER_CONFIG TC_IOCTL (37) +#define TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG TC_IOCTL (38) +#define VC_IOCTL_GET_BOOT_LOADER_FINGERPRINT TC_IOCTL (39) + +// Legacy IOCTLs used before version 5.0 +#define TC_IOCTL_LEGACY_GET_DRIVER_VERSION 466968 +#define TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES 466948 + + +/* Start of driver interface structures, the size of these structures may + change between versions; so make sure you first send DRIVER_VERSION to + check that it's the correct device driver */ + +#pragma pack (push) +#pragma pack(1) + +typedef struct +{ + int nReturnCode; /* Return code back from driver */ + BOOL FilesystemDirty; + BOOL VolumeMountedReadOnlyAfterAccessDenied; + BOOL VolumeMountedReadOnlyAfterDeviceWriteProtected; + + wchar_t wszVolume[TC_MAX_PATH]; /* Volume to be mounted */ + Password VolumePassword; /* User password */ + BOOL bCache; /* Cache passwords in driver */ + int nDosDriveNo; /* Drive number to mount */ + uint32 BytesPerSector; + BOOL bMountReadOnly; /* Mount volume in read-only mode */ + BOOL bMountRemovable; /* Mount volume as removable media */ + BOOL bExclusiveAccess; /* Open host file/device in exclusive access mode */ + BOOL bMountManager; /* Announce volume to mount manager */ + BOOL bPreserveTimestamp; /* Preserve file container timestamp */ + BOOL bPartitionInInactiveSysEncScope; /* If TRUE, we are to attempt to mount a partition located on an encrypted system drive without pre-boot authentication. */ + int nPartitionInInactiveSysEncScopeDriveNo; /* If bPartitionInInactiveSysEncScope is TRUE, this contains the drive number of the system drive on which the partition is located. */ + BOOL SystemFavorite; + // Hidden volume protection + BOOL bProtectHiddenVolume; /* TRUE if the user wants the hidden volume within this volume to be protected against being overwritten (damaged) */ + Password ProtectedHidVolPassword; /* Password to the hidden volume to be protected against overwriting */ + BOOL UseBackupHeader; + BOOL RecoveryMode; + int pkcs5_prf; + int ProtectedHidVolPkcs5Prf; + BOOL bTrueCryptMode; + uint32 BytesPerPhysicalSector; + int VolumePim; + int ProtectedHidVolPim; + wchar_t wszLabel[33]; // maximum label length is 32 for NTFS and 11 for FAT32 + BOOL bIsNTFS; // output only + BOOL bDriverSetLabel; + BOOL bCachePim; +} MOUNT_STRUCT; + +typedef struct +{ + int nDosDriveNo; /* Drive letter to unmount */ + BOOL ignoreOpenFiles; + BOOL HiddenVolumeProtectionTriggered; + int nReturnCode; /* Return code back from driver */ +} UNMOUNT_STRUCT; + +typedef struct +{ + unsigned __int32 ulMountedDrives; /* Bitfield of all mounted drive letters */ + wchar_t wszVolume[26][TC_MAX_PATH]; /* Volume names of mounted volumes */ + wchar_t wszLabel[26][33]; /* Labels of mounted volumes */ + wchar_t volumeID[26][VOLUME_ID_SIZE]; /* IDs of mounted volumes */ + unsigned __int64 diskLength[26]; + int ea[26]; + int volumeType[26]; /* Volume type (e.g. PROP_VOL_TYPE_OUTER, PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED, etc.) */ + BOOL truecryptMode[26]; +} MOUNT_LIST_STRUCT; + +typedef struct +{ + int driveNo; + int uniqueId; + wchar_t wszVolume[TC_MAX_PATH]; + unsigned __int64 diskLength; + int ea; + int mode; + int pkcs5; + int pkcs5Iterations; + BOOL hiddenVolume; + BOOL readOnly; + BOOL removable; + BOOL partitionInInactiveSysEncScope; + uint32 volumeHeaderFlags; + unsigned __int64 totalBytesRead; + unsigned __int64 totalBytesWritten; + int hiddenVolProtection; /* Hidden volume protection status (e.g. HIDVOL_PROT_STATUS_NONE, HIDVOL_PROT_STATUS_ACTIVE, etc.) */ + int volFormatVersion; + int volumePim; + wchar_t wszLabel[33]; + BOOL bDriverSetLabel; + unsigned char volumeID[VOLUME_ID_SIZE]; +} VOLUME_PROPERTIES_STRUCT; + +typedef struct +{ + WCHAR symLinkName[TC_MAX_PATH]; + WCHAR targetName[TC_MAX_PATH]; +} RESOLVE_SYMLINK_STRUCT; + +typedef struct +{ + WCHAR deviceName[TC_MAX_PATH]; + PARTITION_INFORMATION partInfo; + BOOL IsGPT; + BOOL IsDynamic; +} +DISK_PARTITION_INFO_STRUCT; + +typedef struct +{ + WCHAR deviceName[TC_MAX_PATH]; + DISK_GEOMETRY diskGeometry; +} +DISK_GEOMETRY_STRUCT; + +typedef struct +{ + WCHAR DeviceName[TC_MAX_PATH]; + LARGE_INTEGER RealDriveSize; + BOOL TimeOut; +} ProbeRealDriveSizeRequest; + +typedef struct +{ + wchar_t wszFileName[TC_MAX_PATH]; // Volume to be "open tested" + BOOL bDetectTCBootLoader; // Whether the driver is to determine if the first sector contains a portion of the TrueCrypt Boot Loader + BOOL TCBootLoaderDetected; + BOOL DetectFilesystem; + BOOL FilesystemDetected; + BOOL bMatchVolumeID; + unsigned char volumeID[VOLUME_ID_SIZE]; + BOOL VolumeIDMatched; +} OPEN_TEST_STRUCT; + + +typedef enum +{ + SetupNone = 0, + SetupEncryption, + SetupDecryption +} BootEncryptionSetupMode; + + +typedef struct +{ + // New fields must be added at the end of the structure to maintain compatibility with previous versions + BOOL DeviceFilterActive; + + uint16 BootLoaderVersion; + + BOOL DriveMounted; + BOOL VolumeHeaderPresent; + BOOL DriveEncrypted; + + LARGE_INTEGER BootDriveLength; + + int64 ConfiguredEncryptedAreaStart; + int64 ConfiguredEncryptedAreaEnd; + int64 EncryptedAreaStart; + int64 EncryptedAreaEnd; + + uint32 VolumeHeaderSaltCrc32; + + BOOL SetupInProgress; + BootEncryptionSetupMode SetupMode; + BOOL TransformWaitingForIdle; + + uint32 HibernationPreventionCount; + + BOOL HiddenSystem; + int64 HiddenSystemPartitionStart; + + // Number of times the filter driver answered that an unencrypted volume + // is read-only (or mounted an outer/normal TrueCrypt volume as read only) + uint32 HiddenSysLeakProtectionCount; + +} BootEncryptionStatus; + + +typedef struct +{ + BootEncryptionSetupMode SetupMode; + WipeAlgorithmId WipeAlgorithm; + BOOL ZeroUnreadableSectors; + BOOL DiscardUnreadableEncryptedSectors; +} BootEncryptionSetupRequest; + + +typedef struct +{ + Password VolumePassword; + int pkcs5_prf; + int pim; +} ReopenBootVolumeHeaderRequest; + + +typedef struct +{ + char BootEncryptionAlgorithmName[256]; + char BootPrfAlgorithmName[256]; +} GetBootEncryptionAlgorithmNameRequest; + +typedef struct +{ + byte Fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE]; +} BootLoaderFingerprintRequest; + +typedef struct +{ + wchar_t DevicePath[TC_MAX_PATH]; + byte Configuration; + BOOL DriveIsDynamic; + uint16 BootLoaderVersion; + byte UserConfiguration; + char CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1]; +} GetSystemDriveConfigurationRequest; + +typedef struct +{ + WipeAlgorithmId WipeAlgorithm; + byte WipeKey[MASTER_KEYDATA_SIZE]; +} WipeDecoySystemRequest; + +typedef struct +{ + BOOL WipeInProgress; + WipeAlgorithmId WipeAlgorithm; + int64 WipedAreaEnd; +} DecoySystemWipeStatus; + +typedef struct +{ + LARGE_INTEGER Offset; + byte Data[TC_SECTOR_SIZE_BIOS]; +} WriteBootDriveSectorRequest; + +typedef struct +{ + BOOL PagingFileCreationPrevented; + BOOL SystemFavoriteVolumeDirty; +} GetWarningFlagsRequest; + +typedef struct +{ + struct _DriveFilterExtension *BootDriveFilterExtension; + BOOL HwEncryptionEnabled; +} GetSystemDriveDumpConfigRequest; + +#pragma pack (pop) + +#define DRIVER_STR WIDE + +#define TC_UNIQUE_ID_PREFIX "VeraCryptVolume" +#define TC_MOUNT_PREFIX L"\\Device\\VeraCryptVolume" + +#define NT_MOUNT_PREFIX DRIVER_STR("\\Device\\VeraCryptVolume") +#define NT_ROOT_PREFIX DRIVER_STR("\\Device\\VeraCrypt") +#define DOS_MOUNT_PREFIX_DEFAULT DRIVER_STR("\\DosDevices\\") +#define DOS_MOUNT_PREFIX_GLOBAL DRIVER_STR("\\GLOBAL??\\") // Use Global MS-DOS device names for sanity checks on drive letters +#define DOS_ROOT_PREFIX DRIVER_STR("\\DosDevices\\VeraCrypt") +#define WIN32_ROOT_PREFIX DRIVER_STR("\\\\.\\VeraCrypt") + +#define TC_DRIVER_CONFIG_REG_VALUE_NAME DRIVER_STR("VeraCryptConfig") +#define TC_ENCRYPTION_FREE_CPU_COUNT_REG_VALUE_NAME DRIVER_STR("VeraCryptEncryptionFreeCpuCount") + +// WARNING: Modifying the following values can introduce incompatibility with previous versions. +#define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD 0x1 +#define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES 0x2 +#define TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS 0x4 +#define TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION 0x8 +#define TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL 0x10 +#define TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION 0x20 +#define TC_DRIVER_CONFIG_CACHE_BOOT_PIM 0x40 + +#endif /* _WIN32 */ diff --git a/src/Common/BaseCom.cpp b/src/Common/BaseCom.cpp index 8e7d39ff..f6c55974 100644 --- a/src/Common/BaseCom.cpp +++ b/src/Common/BaseCom.cpp @@ -1,246 +1,246 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include -#include -#include -#include -#include "BaseCom.h" -#include "BootEncryption.h" -#include "Dlgcode.h" -#include "Registry.h" - -using namespace VeraCrypt; - -HRESULT CreateElevatedComObject (HWND hwnd, REFGUID guid, REFIID iid, void **ppv) -{ - WCHAR monikerName[1024]; - WCHAR clsid[1024]; - BIND_OPTS3 bo; - - StringFromGUID2 (guid, clsid, sizeof (clsid) / 2); - swprintf_s (monikerName, sizeof (monikerName) / 2, L"Elevation:Administrator!new:%s", clsid); - - memset (&bo, 0, sizeof (bo)); - bo.cbStruct = sizeof (bo); - bo.hwnd = hwnd; - bo.dwClassContext = CLSCTX_LOCAL_SERVER; - - // Prevent the GUI from being half-rendered when the UAC prompt "freezes" it - ProcessPaintMessages (hwnd, 5000); - - return CoGetObject (monikerName, &bo, iid, ppv); -} - - -BOOL ComGetInstanceBase (HWND hWnd, REFCLSID clsid, REFIID iid, void **tcServer) -{ - BOOL r; - - if (IsUacSupported ()) - { - while (true) - { - r = CreateElevatedComObject (hWnd, clsid, iid, tcServer) == S_OK; - if (r) - break; - else - { - if (IDRETRY == ErrorRetryCancel ("UAC_INIT_ERROR", hWnd)) - continue; - else - break; - } - } - } - else - { - r = CoCreateInstance (clsid, NULL, CLSCTX_LOCAL_SERVER, iid, tcServer) == S_OK; - if (!r) - Error ("UAC_INIT_ERROR", hWnd); - } - - return r; -} - - -DWORD BaseCom::CallDriver (DWORD ioctl, BSTR input, BSTR *output) -{ - try - { - BootEncryption bootEnc (NULL); - bootEnc.CallDriver (ioctl, - (BYTE *) input, !(BYTE *) input ? 0 : ((DWORD *) ((BYTE *) input))[-1], - (BYTE *) *output, !(BYTE *) *output ? 0 : ((DWORD *) ((BYTE *) *output))[-1]); - } - catch (SystemException &) - { - return GetLastError(); - } - catch (Exception &e) - { - e.Show (NULL); - return ERROR_EXCEPTION_IN_SERVICE; - } - catch (...) - { - return ERROR_EXCEPTION_IN_SERVICE; - } - - return ERROR_SUCCESS; -} - - -DWORD BaseCom::CopyFile (BSTR sourceFile, BSTR destinationFile) -{ - - if (!::CopyFileW (sourceFile, destinationFile, FALSE)) - return GetLastError(); - - return ERROR_SUCCESS; -} - - -DWORD BaseCom::DeleteFile (BSTR file) -{ - - if (!::DeleteFileW (file)) - return GetLastError(); - - return ERROR_SUCCESS; -} - - -BOOL BaseCom::IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly) -{ - return ::IsPagingFileActive (checkNonWindowsPartitionsOnly); -} - - -DWORD BaseCom::ReadWriteFile (BOOL write, BOOL device, BSTR filePath, BSTR *bufferBstr, unsigned __int64 offset, unsigned __int32 size, DWORD *sizeDone) -{ - try - { - auto_ptr file (device ? new Device (filePath, !write) : new File (filePath, !write)); - file->CheckOpened (SRC_POS); - file->SeekAt (offset); - - if (write) - { - file->Write ((BYTE *) *bufferBstr, size); - *sizeDone = size; - } - else - { - *sizeDone = file->Read ((BYTE *) *bufferBstr, size); - } - } - catch (SystemException &) - { - return GetLastError(); - } - catch (Exception &e) - { - e.Show (NULL); - return ERROR_EXCEPTION_IN_SERVICE; - } - catch (...) - { - return ERROR_EXCEPTION_IN_SERVICE; - } - - return ERROR_SUCCESS; -} - - -DWORD BaseCom::RegisterFilterDriver (BOOL registerDriver, int filterType) -{ - try - { - BootEncryption bootEnc (NULL); - bootEnc.RegisterFilterDriver (registerDriver ? true : false, (BootEncryption::FilterType) filterType); - } - catch (SystemException &) - { - return GetLastError(); - } - catch (Exception &e) - { - e.Show (NULL); - return ERROR_EXCEPTION_IN_SERVICE; - } - catch (...) - { - return ERROR_EXCEPTION_IN_SERVICE; - } - - return ERROR_SUCCESS; -} - - -DWORD BaseCom::RegisterSystemFavoritesService (BOOL registerService) -{ - try - { - BootEncryption bootEnc (NULL); - bootEnc.RegisterSystemFavoritesService (registerService); - } - catch (SystemException &) - { - return GetLastError(); - } - catch (Exception &e) - { - e.Show (NULL); - return ERROR_EXCEPTION_IN_SERVICE; - } - catch (...) - { - return ERROR_EXCEPTION_IN_SERVICE; - } - - return ERROR_SUCCESS; -} - - -DWORD BaseCom::SetDriverServiceStartType (DWORD startType) -{ - try - { - BootEncryption bootEnc (NULL); - bootEnc.SetDriverServiceStartType (startType); - } - catch (SystemException &) - { - return GetLastError(); - } - catch (Exception &e) - { - e.Show (NULL); - return ERROR_EXCEPTION_IN_SERVICE; - } - catch (...) - { - return ERROR_EXCEPTION_IN_SERVICE; - } - - return ERROR_SUCCESS; -} - - -DWORD BaseCom::WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value) -{ - if (!::WriteLocalMachineRegistryDword (keyPath, valueName, value)) - return GetLastError(); - - return ERROR_SUCCESS; -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include +#include +#include +#include +#include "BaseCom.h" +#include "BootEncryption.h" +#include "Dlgcode.h" +#include "Registry.h" + +using namespace VeraCrypt; + +HRESULT CreateElevatedComObject (HWND hwnd, REFGUID guid, REFIID iid, void **ppv) +{ + WCHAR monikerName[1024]; + WCHAR clsid[1024]; + BIND_OPTS3 bo; + + StringFromGUID2 (guid, clsid, sizeof (clsid) / 2); + swprintf_s (monikerName, sizeof (monikerName) / 2, L"Elevation:Administrator!new:%s", clsid); + + memset (&bo, 0, sizeof (bo)); + bo.cbStruct = sizeof (bo); + bo.hwnd = hwnd; + bo.dwClassContext = CLSCTX_LOCAL_SERVER; + + // Prevent the GUI from being half-rendered when the UAC prompt "freezes" it + ProcessPaintMessages (hwnd, 5000); + + return CoGetObject (monikerName, &bo, iid, ppv); +} + + +BOOL ComGetInstanceBase (HWND hWnd, REFCLSID clsid, REFIID iid, void **tcServer) +{ + BOOL r; + + if (IsUacSupported ()) + { + while (true) + { + r = CreateElevatedComObject (hWnd, clsid, iid, tcServer) == S_OK; + if (r) + break; + else + { + if (IDRETRY == ErrorRetryCancel ("UAC_INIT_ERROR", hWnd)) + continue; + else + break; + } + } + } + else + { + r = CoCreateInstance (clsid, NULL, CLSCTX_LOCAL_SERVER, iid, tcServer) == S_OK; + if (!r) + Error ("UAC_INIT_ERROR", hWnd); + } + + return r; +} + + +DWORD BaseCom::CallDriver (DWORD ioctl, BSTR input, BSTR *output) +{ + try + { + BootEncryption bootEnc (NULL); + bootEnc.CallDriver (ioctl, + (BYTE *) input, !(BYTE *) input ? 0 : ((DWORD *) ((BYTE *) input))[-1], + (BYTE *) *output, !(BYTE *) *output ? 0 : ((DWORD *) ((BYTE *) *output))[-1]); + } + catch (SystemException &) + { + return GetLastError(); + } + catch (Exception &e) + { + e.Show (NULL); + return ERROR_EXCEPTION_IN_SERVICE; + } + catch (...) + { + return ERROR_EXCEPTION_IN_SERVICE; + } + + return ERROR_SUCCESS; +} + + +DWORD BaseCom::CopyFile (BSTR sourceFile, BSTR destinationFile) +{ + + if (!::CopyFileW (sourceFile, destinationFile, FALSE)) + return GetLastError(); + + return ERROR_SUCCESS; +} + + +DWORD BaseCom::DeleteFile (BSTR file) +{ + + if (!::DeleteFileW (file)) + return GetLastError(); + + return ERROR_SUCCESS; +} + + +BOOL BaseCom::IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly) +{ + return ::IsPagingFileActive (checkNonWindowsPartitionsOnly); +} + + +DWORD BaseCom::ReadWriteFile (BOOL write, BOOL device, BSTR filePath, BSTR *bufferBstr, unsigned __int64 offset, unsigned __int32 size, DWORD *sizeDone) +{ + try + { + auto_ptr file (device ? new Device (filePath, !write) : new File (filePath, !write)); + file->CheckOpened (SRC_POS); + file->SeekAt (offset); + + if (write) + { + file->Write ((BYTE *) *bufferBstr, size); + *sizeDone = size; + } + else + { + *sizeDone = file->Read ((BYTE *) *bufferBstr, size); + } + } + catch (SystemException &) + { + return GetLastError(); + } + catch (Exception &e) + { + e.Show (NULL); + return ERROR_EXCEPTION_IN_SERVICE; + } + catch (...) + { + return ERROR_EXCEPTION_IN_SERVICE; + } + + return ERROR_SUCCESS; +} + + +DWORD BaseCom::RegisterFilterDriver (BOOL registerDriver, int filterType) +{ + try + { + BootEncryption bootEnc (NULL); + bootEnc.RegisterFilterDriver (registerDriver ? true : false, (BootEncryption::FilterType) filterType); + } + catch (SystemException &) + { + return GetLastError(); + } + catch (Exception &e) + { + e.Show (NULL); + return ERROR_EXCEPTION_IN_SERVICE; + } + catch (...) + { + return ERROR_EXCEPTION_IN_SERVICE; + } + + return ERROR_SUCCESS; +} + + +DWORD BaseCom::RegisterSystemFavoritesService (BOOL registerService) +{ + try + { + BootEncryption bootEnc (NULL); + bootEnc.RegisterSystemFavoritesService (registerService); + } + catch (SystemException &) + { + return GetLastError(); + } + catch (Exception &e) + { + e.Show (NULL); + return ERROR_EXCEPTION_IN_SERVICE; + } + catch (...) + { + return ERROR_EXCEPTION_IN_SERVICE; + } + + return ERROR_SUCCESS; +} + + +DWORD BaseCom::SetDriverServiceStartType (DWORD startType) +{ + try + { + BootEncryption bootEnc (NULL); + bootEnc.SetDriverServiceStartType (startType); + } + catch (SystemException &) + { + return GetLastError(); + } + catch (Exception &e) + { + e.Show (NULL); + return ERROR_EXCEPTION_IN_SERVICE; + } + catch (...) + { + return ERROR_EXCEPTION_IN_SERVICE; + } + + return ERROR_SUCCESS; +} + + +DWORD BaseCom::WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value) +{ + if (!::WriteLocalMachineRegistryDword (keyPath, valueName, value)) + return GetLastError(); + + return ERROR_SUCCESS; +} diff --git a/src/Common/BaseCom.h b/src/Common/BaseCom.h index 9f5b312a..97009410 100644 --- a/src/Common/BaseCom.h +++ b/src/Common/BaseCom.h @@ -1,119 +1,119 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_BASE_COM -#define TC_HEADER_BASE_COM - -#include - -template -class TrueCryptFactory : public IClassFactory -{ - -public: - TrueCryptFactory (DWORD messageThreadId) : - RefCount (1), ServerLockCount (0), MessageThreadId (messageThreadId) { } - - ~TrueCryptFactory () { } - - virtual ULONG STDMETHODCALLTYPE AddRef () - { - return InterlockedIncrement (&RefCount) - 1; - } - - virtual ULONG STDMETHODCALLTYPE Release () - { - ULONG r = InterlockedDecrement (&RefCount) + 1; - - if (r == 0) - delete this; - - return r; - } - - virtual HRESULT STDMETHODCALLTYPE QueryInterface (REFIID riid, void **ppvObject) - { - if (riid == IID_IUnknown || riid == IID_IClassFactory) - *ppvObject = this; - else - { - *ppvObject = NULL; - return E_NOINTERFACE; - } - - AddRef (); - return S_OK; - } - - virtual HRESULT STDMETHODCALLTYPE CreateInstance (IUnknown *pUnkOuter, REFIID riid, void **ppvObject) - { - if (pUnkOuter != NULL) - return CLASS_E_NOAGGREGATION; - - TClass *tc = new TClass (MessageThreadId); - if (tc == NULL) - return E_OUTOFMEMORY; - - HRESULT hr = tc->QueryInterface (riid, ppvObject); - - if (hr) - delete tc; - - return hr; - } - - virtual HRESULT STDMETHODCALLTYPE LockServer (BOOL fLock) - { - if (fLock) - { - InterlockedIncrement (&ServerLockCount); - } - else - { - if (!InterlockedDecrement (&ServerLockCount)) - PostThreadMessage (MessageThreadId, WM_APP, 0, 0); - } - - return S_OK; - } - - virtual bool IsServerLocked () - { - return ServerLockCount > 0; - } - -protected: - DWORD MessageThreadId; - LONG RefCount; - LONG ServerLockCount; -}; - - -class BaseCom -{ -public: - static DWORD CallDriver (DWORD ioctl, BSTR input, BSTR *output); - static DWORD CopyFile (BSTR sourceFile, BSTR destinationFile); - static DWORD DeleteFile (BSTR file); - static BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly); - static DWORD ReadWriteFile (BOOL write, BOOL device, BSTR filePath, BSTR *bufferBstr, unsigned __int64 offset, unsigned __int32 size, DWORD *sizeDone); - static DWORD RegisterFilterDriver (BOOL registerDriver, int filterType); - static DWORD RegisterSystemFavoritesService (BOOL registerService); - static DWORD SetDriverServiceStartType (DWORD startType); - static DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value); -}; - - -BOOL ComGetInstanceBase (HWND hWnd, REFCLSID clsid, REFIID iid, void **tcServer); -HRESULT CreateElevatedComObject (HWND hwnd, REFGUID guid, REFIID iid, void **ppv); - -#endif // TC_HEADER_BASE_COM +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_BASE_COM +#define TC_HEADER_BASE_COM + +#include + +template +class TrueCryptFactory : public IClassFactory +{ + +public: + TrueCryptFactory (DWORD messageThreadId) : + RefCount (1), ServerLockCount (0), MessageThreadId (messageThreadId) { } + + ~TrueCryptFactory () { } + + virtual ULONG STDMETHODCALLTYPE AddRef () + { + return InterlockedIncrement (&RefCount) - 1; + } + + virtual ULONG STDMETHODCALLTYPE Release () + { + ULONG r = InterlockedDecrement (&RefCount) + 1; + + if (r == 0) + delete this; + + return r; + } + + virtual HRESULT STDMETHODCALLTYPE QueryInterface (REFIID riid, void **ppvObject) + { + if (riid == IID_IUnknown || riid == IID_IClassFactory) + *ppvObject = this; + else + { + *ppvObject = NULL; + return E_NOINTERFACE; + } + + AddRef (); + return S_OK; + } + + virtual HRESULT STDMETHODCALLTYPE CreateInstance (IUnknown *pUnkOuter, REFIID riid, void **ppvObject) + { + if (pUnkOuter != NULL) + return CLASS_E_NOAGGREGATION; + + TClass *tc = new TClass (MessageThreadId); + if (tc == NULL) + return E_OUTOFMEMORY; + + HRESULT hr = tc->QueryInterface (riid, ppvObject); + + if (hr) + delete tc; + + return hr; + } + + virtual HRESULT STDMETHODCALLTYPE LockServer (BOOL fLock) + { + if (fLock) + { + InterlockedIncrement (&ServerLockCount); + } + else + { + if (!InterlockedDecrement (&ServerLockCount)) + PostThreadMessage (MessageThreadId, WM_APP, 0, 0); + } + + return S_OK; + } + + virtual bool IsServerLocked () + { + return ServerLockCount > 0; + } + +protected: + DWORD MessageThreadId; + LONG RefCount; + LONG ServerLockCount; +}; + + +class BaseCom +{ +public: + static DWORD CallDriver (DWORD ioctl, BSTR input, BSTR *output); + static DWORD CopyFile (BSTR sourceFile, BSTR destinationFile); + static DWORD DeleteFile (BSTR file); + static BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly); + static DWORD ReadWriteFile (BOOL write, BOOL device, BSTR filePath, BSTR *bufferBstr, unsigned __int64 offset, unsigned __int32 size, DWORD *sizeDone); + static DWORD RegisterFilterDriver (BOOL registerDriver, int filterType); + static DWORD RegisterSystemFavoritesService (BOOL registerService); + static DWORD SetDriverServiceStartType (DWORD startType); + static DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value); +}; + + +BOOL ComGetInstanceBase (HWND hWnd, REFCLSID clsid, REFIID iid, void **tcServer); +HRESULT CreateElevatedComObject (HWND hwnd, REFGUID guid, REFIID iid, void **ppv); + +#endif // TC_HEADER_BASE_COM diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp index 851d7622..73b64458 100644 --- a/src/Common/BootEncryption.cpp +++ b/src/Common/BootEncryption.cpp @@ -1,2813 +1,2813 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Tcdefs.h" -#include "Platform/Finally.h" -#include "Platform/ForEach.h" -#include -#include -#include -#include -#include "BootEncryption.h" -#include "Boot/Windows/BootCommon.h" -#include "Common/Resource.h" -#include "Crc.h" -#include "Crypto.h" -#include "Dlgcode.h" -#include "Endian.h" -#include "Language.h" -#include "Random.h" -#include "Registry.h" -#include "Volumes.h" - -#ifdef VOLFORMAT -#include "Format/FormatCom.h" -#elif defined (TCMOUNT) -#include "Mount/MainCom.h" -#endif - -#include - -namespace VeraCrypt -{ -#if !defined (SETUP) - - class Elevator - { - public: - - static void AddReference () - { - ++ReferenceCount; - } - - - static void CallDriver (DWORD ioctl, void *input, DWORD inputSize, void *output, DWORD outputSize) - { - Elevate(); - - CComBSTR inputBstr; - if (input && inputBstr.AppendBytes ((const char *) input, inputSize) != S_OK) - throw ParameterIncorrect (SRC_POS); - - CComBSTR outputBstr; - if (output && outputBstr.AppendBytes ((const char *) output, outputSize) != S_OK) - throw ParameterIncorrect (SRC_POS); - - DWORD result = ElevatedComInstance->CallDriver (ioctl, inputBstr, &outputBstr); - - if (output) - memcpy (output, *(void **) &outputBstr, outputSize); - - if (result != ERROR_SUCCESS) - { - SetLastError (result); - throw SystemException(SRC_POS); - } - } - - static void CopyFile (const wstring &sourceFile, const wstring &destinationFile) - { - Elevate(); - DWORD result; - CComBSTR sourceFileBstr, destinationFileBstr; - BSTR bstr = W2BSTR(sourceFile.c_str()); - if (bstr) - { - sourceFileBstr.Attach (bstr); - - bstr = W2BSTR(destinationFile.c_str()); - if (bstr) - { - destinationFileBstr.Attach (bstr); - result = ElevatedComInstance->CopyFile (sourceFileBstr, destinationFileBstr); - } - else - { - result = ERROR_OUTOFMEMORY; - } - } - else - { - result = ERROR_OUTOFMEMORY; - } - - if (result != ERROR_SUCCESS) - { - SetLastError (result); - throw SystemException(SRC_POS); - } - } - - static void DeleteFile (const wstring &file) - { - Elevate(); - CComBSTR fileBstr; - DWORD result; - BSTR bstr = W2BSTR(file.c_str()); - if (bstr) - { - fileBstr.Attach (bstr); - result = ElevatedComInstance->DeleteFile (fileBstr); - } - else - { - result = ERROR_OUTOFMEMORY; - } - - if (result != ERROR_SUCCESS) - { - SetLastError (result); - throw SystemException(SRC_POS); - } - } - - static void ReadWriteFile (BOOL write, BOOL device, const wstring &filePath, byte *buffer, uint64 offset, uint32 size, DWORD *sizeDone) - { - Elevate(); - - DWORD result; - CComBSTR bufferBstr, fileBstr; - if (bufferBstr.AppendBytes ((const char *) buffer, size) != S_OK) - throw ParameterIncorrect (SRC_POS); - BSTR bstr = W2BSTR(filePath.c_str()); - if (bstr) - { - fileBstr.Attach (bstr); - result = ElevatedComInstance->ReadWriteFile (write, device, fileBstr, &bufferBstr, offset, size, sizeDone); - } - else - { - result = ERROR_OUTOFMEMORY; - } - - if (result != ERROR_SUCCESS) - { - SetLastError (result); - throw SystemException(SRC_POS); - } - - if (!write) - memcpy (buffer, (BYTE *) bufferBstr.m_str, size); - } - - static BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly) - { - Elevate(); - - return ElevatedComInstance->IsPagingFileActive (checkNonWindowsPartitionsOnly); - } - - static void WriteLocalMachineRegistryDwordValue (wchar_t *keyPath, wchar_t *valueName, DWORD value) - { - Elevate(); - DWORD result; - CComBSTR keyPathBstr, valueNameBstr; - BSTR bstr = W2BSTR(keyPath); - if (bstr) - { - keyPathBstr.Attach (bstr); - - bstr = W2BSTR(valueName); - if (bstr) - { - valueNameBstr.Attach (bstr); - - result = ElevatedComInstance->WriteLocalMachineRegistryDwordValue (keyPathBstr, valueNameBstr, value); - } - else - { - result = ERROR_OUTOFMEMORY; - } - } - else - { - result = ERROR_OUTOFMEMORY; - } - - if (result != ERROR_SUCCESS) - { - SetLastError (result); - throw SystemException(SRC_POS); - } - } - - static void RegisterFilterDriver (bool registerDriver, BootEncryption::FilterType filterType) - { - Elevate(); - - DWORD result = ElevatedComInstance->RegisterFilterDriver (registerDriver ? TRUE : FALSE, filterType); - if (result != ERROR_SUCCESS) - { - SetLastError (result); - throw SystemException(SRC_POS); - } - } - - static void RegisterSystemFavoritesService (BOOL registerService) - { - Elevate(); - - DWORD result = ElevatedComInstance->RegisterSystemFavoritesService (registerService); - if (result != ERROR_SUCCESS) - { - SetLastError (result); - throw SystemException(SRC_POS); - } - } - - static void Release () - { - if (--ReferenceCount == 0 && ElevatedComInstance) - { - ElevatedComInstance->Release(); - ElevatedComInstance = nullptr; - CoUninitialize (); - } - } - - static void SetDriverServiceStartType (DWORD startType) - { - Elevate(); - - DWORD result = ElevatedComInstance->SetDriverServiceStartType (startType); - if (result != ERROR_SUCCESS) - { - SetLastError (result); - throw SystemException(SRC_POS); - } - } - - protected: - static void Elevate () - { - if (IsAdmin()) - { - SetLastError (ERROR_ACCESS_DENIED); - throw SystemException(SRC_POS); - } - - if (!ElevatedComInstance || ElevatedComInstanceThreadId != GetCurrentThreadId()) - { - CoInitialize (NULL); - ElevatedComInstance = GetElevatedInstance (GetActiveWindow() ? GetActiveWindow() : MainDlg); - ElevatedComInstanceThreadId = GetCurrentThreadId(); - } - } - -#if defined (TCMOUNT) - static ITrueCryptMainCom *ElevatedComInstance; -#elif defined (VOLFORMAT) - static ITrueCryptFormatCom *ElevatedComInstance; -#endif - static DWORD ElevatedComInstanceThreadId; - static int ReferenceCount; - }; - -#if defined (TCMOUNT) - ITrueCryptMainCom *Elevator::ElevatedComInstance; -#elif defined (VOLFORMAT) - ITrueCryptFormatCom *Elevator::ElevatedComInstance; -#endif - DWORD Elevator::ElevatedComInstanceThreadId; - int Elevator::ReferenceCount = 0; - -#else // SETUP - - class Elevator - { - public: - static void AddReference () { } - static void CallDriver (DWORD ioctl, void *input, DWORD inputSize, void *output, DWORD outputSize) { throw ParameterIncorrect (SRC_POS); } - static void ReadWriteFile (BOOL write, BOOL device, const wstring &filePath, byte *buffer, uint64 offset, uint32 size, DWORD *sizeDone) { throw ParameterIncorrect (SRC_POS); } - static void RegisterFilterDriver (bool registerDriver, BootEncryption::FilterType filterType) { throw ParameterIncorrect (SRC_POS); } - static void Release () { } - static void SetDriverServiceStartType (DWORD startType) { throw ParameterIncorrect (SRC_POS); } - }; - -#endif // SETUP - - - File::File (wstring path, bool readOnly, bool create) : Elevated (false), FileOpen (false), LastError(0) - { - Handle = CreateFile (path.c_str(), - readOnly ? GENERIC_READ : GENERIC_READ | GENERIC_WRITE, - FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, create ? CREATE_ALWAYS : OPEN_EXISTING, - FILE_FLAG_RANDOM_ACCESS | FILE_FLAG_WRITE_THROUGH, NULL); - - if (Handle != INVALID_HANDLE_VALUE) - { - FileOpen = true; - } - else - { - LastError = GetLastError(); - if (LastError == ERROR_ACCESS_DENIED && IsUacSupported()) - { - Elevated = true; - FileOpen = true; - } - } - - FilePointerPosition = 0; - IsDevice = false; - Path = path; - } - - void File::Close () - { - if (Handle != INVALID_HANDLE_VALUE) - { - CloseHandle (Handle); - Handle = INVALID_HANDLE_VALUE; - } - - FileOpen = false; - } - - DWORD File::Read (byte *buffer, DWORD size) - { - DWORD bytesRead; - - if (!FileOpen) - { - SetLastError (LastError); - throw SystemException (SRC_POS); - } - - if (Elevated) - { - DWORD bytesRead; - - Elevator::ReadWriteFile (false, IsDevice, Path, buffer, FilePointerPosition, size, &bytesRead); - FilePointerPosition += bytesRead; - return bytesRead; - } - - throw_sys_if (!ReadFile (Handle, buffer, size, &bytesRead, NULL)); - return bytesRead; - } - - void File::SeekAt (int64 position) - { - if (!FileOpen) - { - SetLastError (LastError); - throw SystemException (SRC_POS); - } - - FilePointerPosition = position; - - if (!Elevated) - { - LARGE_INTEGER pos; - pos.QuadPart = position; - throw_sys_if (!SetFilePointerEx (Handle, pos, NULL, FILE_BEGIN)); - } - } - - void File::Write (byte *buffer, DWORD size) - { - DWORD bytesWritten; - - if (!FileOpen) - { - SetLastError (LastError); - throw SystemException (SRC_POS); - } - - try - { - if (Elevated) - { - Elevator::ReadWriteFile (true, IsDevice, Path, buffer, FilePointerPosition, size, &bytesWritten); - FilePointerPosition += bytesWritten; - throw_sys_if (bytesWritten != size); - } - else - { - throw_sys_if (!WriteFile (Handle, buffer, size, &bytesWritten, NULL) || bytesWritten != size); - } - } - catch (SystemException &e) - { - if (!IsDevice || e.ErrorCode != ERROR_WRITE_PROTECT) - throw; - - BootEncryption bootEnc (NULL); - - while (size >= TC_SECTOR_SIZE_BIOS) - { - bootEnc.WriteBootDriveSector (FilePointerPosition, buffer); - - FilePointerPosition += TC_SECTOR_SIZE_BIOS; - buffer += TC_SECTOR_SIZE_BIOS; - size -= TC_SECTOR_SIZE_BIOS; - } - } - } - - void Show (HWND parent, const wstring &str) - { - MessageBox (parent, str.c_str(), NULL, 0); - } - - - Device::Device (wstring path, bool readOnly) - { - FileOpen = false; - Elevated = false; - - Handle = CreateFile ((wstring (L"\\\\.\\") + path).c_str(), - readOnly ? GENERIC_READ : GENERIC_READ | GENERIC_WRITE, - FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, - FILE_FLAG_RANDOM_ACCESS | FILE_FLAG_WRITE_THROUGH, NULL); - - if (Handle != INVALID_HANDLE_VALUE) - { - FileOpen = true; - } - else - { - LastError = GetLastError (); - if (LastError == ERROR_ACCESS_DENIED && IsUacSupported()) - { - Elevated = true; - FileOpen = true; - } - } - - FilePointerPosition = 0; - IsDevice = true; - Path = path; - } - - - BootEncryption::BootEncryption (HWND parent) - : DriveConfigValid (false), - ParentWindow (parent), - RealSystemDriveSizeValid (false), - RescueIsoImage (nullptr), - RescueVolumeHeaderValid (false), - SelectedEncryptionAlgorithmId (0), - SelectedPrfAlgorithmId (0), - VolumeHeaderValid (false) - { - HiddenOSCandidatePartition.IsGPT = FALSE; - HiddenOSCandidatePartition.Number = (size_t) -1; - DriveConfig.DriveNumber = -1; - DriveConfig.ExtraBootPartitionPresent = false; - DriveConfig.SystemLoaderPresent = false; - DriveConfig.InitialUnallocatedSpace = 0; - DriveConfig.TotalUnallocatedSpace = 0; - Elevator::AddReference(); - } - - - BootEncryption::~BootEncryption () - { - if (RescueIsoImage) - delete[] RescueIsoImage; - - Elevator::Release(); - } - - - void BootEncryption::CallDriver (DWORD ioctl, void *input, DWORD inputSize, void *output, DWORD outputSize) - { - try - { - DWORD bytesReturned; - throw_sys_if (!DeviceIoControl (hDriver, ioctl, input, inputSize, output, outputSize, &bytesReturned, NULL)); - } - catch (SystemException &) - { - if (GetLastError() == ERROR_ACCESS_DENIED && IsUacSupported()) - Elevator::CallDriver (ioctl, input, inputSize, output, outputSize); - else - throw; - } - } - - - // Finds the first partition physically located behind the active one and returns its properties - Partition BootEncryption::GetPartitionForHiddenOS () - { - Partition candidatePartition; - - memset (&candidatePartition, 0, sizeof(candidatePartition)); - - // The user may have modified/added/deleted partitions since the time the partition table was last scanned - InvalidateCachedSysDriveProperties(); - - SystemDriveConfiguration config = GetSystemDriveConfiguration (); - bool activePartitionFound = false; - bool candidateForHiddenOSFound = false; - - if (config.SystemPartition.IsGPT) - throw ParameterIncorrect (SRC_POS); // It is assumed that CheckRequirements() had been called - - // Find the first active partition on the system drive - foreach (const Partition &partition, config.Partitions) - { - if (partition.Info.BootIndicator) - { - if (partition.Info.PartitionNumber != config.SystemPartition.Number) - { - // If there is an extra boot partition, the system partition must be located right behind it - if (IsOSAtLeast (WIN_7) && config.ExtraBootPartitionPresent) - { - int64 minOffsetFound = config.DrivePartition.Info.PartitionLength.QuadPart; - Partition bootPartition = partition; - Partition partitionBehindBoot; - - foreach (const Partition &partition, config.Partitions) - { - if (partition.Info.StartingOffset.QuadPart > bootPartition.Info.StartingOffset.QuadPart - && partition.Info.StartingOffset.QuadPart < minOffsetFound) - { - minOffsetFound = partition.Info.StartingOffset.QuadPart; - partitionBehindBoot = partition; - } - } - - if (minOffsetFound != config.DrivePartition.Info.PartitionLength.QuadPart - && partitionBehindBoot.Number == config.SystemPartition.Number) - { - activePartitionFound = true; - break; - } - } - - throw ErrorException (wstring (GetString ("SYSTEM_PARTITION_NOT_ACTIVE")) - + GetRemarksOnHiddenOS(), SRC_POS); - } - - activePartitionFound = true; - break; - } - } - - /* WARNING: Note that the partition number at the end of a device path (\Device\HarddiskY\PartitionX) must - NOT be used to find the first partition physically located behind the active one. The reason is that the - user may have deleted and created partitions during this session and e.g. the second partition could have - a higer number than the third one. */ - - - // Find the first partition physically located behind the active partition - if (activePartitionFound) - { - int64 minOffsetFound = config.DrivePartition.Info.PartitionLength.QuadPart; - - foreach (const Partition &partition, config.Partitions) - { - if (partition.Info.StartingOffset.QuadPart > config.SystemPartition.Info.StartingOffset.QuadPart - && partition.Info.StartingOffset.QuadPart < minOffsetFound) - { - minOffsetFound = partition.Info.StartingOffset.QuadPart; - - candidatePartition = partition; - - candidateForHiddenOSFound = true; - } - } - - if (!candidateForHiddenOSFound) - { - throw ErrorException (wstring (GetString ("NO_PARTITION_FOLLOWS_BOOT_PARTITION")) - + GetRemarksOnHiddenOS(), SRC_POS); - } - - if (config.SystemPartition.Info.PartitionLength.QuadPart > TC_MAX_FAT_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS) - { - if ((double) candidatePartition.Info.PartitionLength.QuadPart / config.SystemPartition.Info.PartitionLength.QuadPart < MIN_HIDDENOS_DECOY_PARTITION_SIZE_RATIO_NTFS) - { - throw ErrorException (wstring (GetString ("PARTITION_TOO_SMALL_FOR_HIDDEN_OS_NTFS")) - + GetRemarksOnHiddenOS(), SRC_POS); - } - } - else if ((double) candidatePartition.Info.PartitionLength.QuadPart / config.SystemPartition.Info.PartitionLength.QuadPart < MIN_HIDDENOS_DECOY_PARTITION_SIZE_RATIO_FAT) - { - throw ErrorException (wstring (GetString ("PARTITION_TOO_SMALL_FOR_HIDDEN_OS")) - + GetRemarksOnHiddenOS(), SRC_POS); - } - } - else - { - // No active partition on the system drive - throw ErrorException ("SYSTEM_PARTITION_NOT_ACTIVE", SRC_POS); - } - - HiddenOSCandidatePartition = candidatePartition; - return candidatePartition; - } - - - DWORD BootEncryption::GetDriverServiceStartType () - { - DWORD startType; - throw_sys_if (!ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", L"Start", &startType)); - return startType; - } - - - wstring BootEncryption::GetRemarksOnHiddenOS () - { - return (wstring (L"\n\n") - + GetString ("TWO_SYSTEMS_IN_ONE_PARTITION_REMARK") - + L"\n\n" - + GetString ("FOR_MORE_INFO_ON_PARTITIONS")); - } - - - void BootEncryption::SetDriverServiceStartType (DWORD startType) - { - if (!IsAdmin() && IsUacSupported()) - { - Elevator::SetDriverServiceStartType (startType); - return; - } - - BOOL startOnBoot = (startType == SERVICE_BOOT_START); - - SC_HANDLE serviceManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); - throw_sys_if (!serviceManager); - - finally_do_arg (SC_HANDLE, serviceManager, { CloseServiceHandle (finally_arg); }); - - SC_HANDLE service = OpenService (serviceManager, L"veracrypt", SERVICE_CHANGE_CONFIG); - throw_sys_if (!service); - - finally_do_arg (SC_HANDLE, service, { CloseServiceHandle (finally_arg); }); - - // Windows versions preceding Vista can be installed on FAT filesystem which does not - // support long filenames during boot. Convert the driver path to short form if required. - wstring driverPath; - if (startOnBoot && !IsOSAtLeast (WIN_VISTA)) - { - wchar_t pathBuf[MAX_PATH]; - wchar_t filesystem[128]; - - wstring path (GetWindowsDirectory()); - path += L"\\drivers\\veracrypt.sys"; - - if (GetVolumePathName (path.c_str(), pathBuf, ARRAYSIZE (pathBuf)) - && GetVolumeInformation (pathBuf, NULL, 0, NULL, NULL, NULL, filesystem, ARRAYSIZE(filesystem)) - && wmemcmp (filesystem, L"FAT", 3) == 0) - { - throw_sys_if (GetShortPathName (path.c_str(), pathBuf, ARRAYSIZE (pathBuf)) == 0); - - // Convert absolute path to relative to the Windows directory - driverPath = pathBuf; - driverPath = driverPath.substr (driverPath.rfind (L"\\", driverPath.rfind (L"\\", driverPath.rfind (L"\\") - 1) - 1) + 1); - } - } - - throw_sys_if (!ChangeServiceConfig (service, SERVICE_NO_CHANGE, SERVICE_NO_CHANGE, - startOnBoot ? SERVICE_ERROR_SEVERE : SERVICE_ERROR_NORMAL, - driverPath.empty() ? NULL : driverPath.c_str(), - startOnBoot ? L"Filter" : NULL, - NULL, NULL, NULL, NULL, NULL)); - - // ChangeServiceConfig() rejects SERVICE_BOOT_START with ERROR_INVALID_PARAMETER - throw_sys_if (!WriteLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", L"Start", startType)); - } - - - void BootEncryption::ProbeRealSystemDriveSize () - { - if (RealSystemDriveSizeValid) - return; - - GetSystemDriveConfiguration(); - - ProbeRealDriveSizeRequest request; - StringCchCopyW (request.DeviceName, ARRAYSIZE (request.DeviceName), DriveConfig.DrivePartition.DevicePath.c_str()); - - CallDriver (TC_IOCTL_PROBE_REAL_DRIVE_SIZE, &request, sizeof (request), &request, sizeof (request)); - DriveConfig.DrivePartition.Info.PartitionLength = request.RealDriveSize; - - RealSystemDriveSizeValid = true; - - if (request.TimeOut) - throw TimeOut (SRC_POS); - } - - - void BootEncryption::InvalidateCachedSysDriveProperties () - { - DriveConfigValid = false; - RealSystemDriveSizeValid = false; - } - - - PartitionList BootEncryption::GetDrivePartitions (int driveNumber) - { - PartitionList partList; - - for (int partNumber = 0; partNumber < 64; ++partNumber) - { - wstringstream partPath; - partPath << L"\\Device\\Harddisk" << driveNumber << L"\\Partition" << partNumber; - - DISK_PARTITION_INFO_STRUCT diskPartInfo = {0}; - StringCchCopyW (diskPartInfo.deviceName, ARRAYSIZE (diskPartInfo.deviceName), partPath.str().c_str()); - - try - { - CallDriver (TC_IOCTL_GET_DRIVE_PARTITION_INFO, &diskPartInfo, sizeof (diskPartInfo), &diskPartInfo, sizeof (diskPartInfo)); - } - catch (...) - { - continue; - } - - if ( (diskPartInfo.IsGPT == TRUE || diskPartInfo.IsGPT == FALSE) - && (diskPartInfo.IsDynamic == TRUE || diskPartInfo.IsDynamic == FALSE) - && (diskPartInfo.partInfo.BootIndicator == TRUE || diskPartInfo.partInfo.BootIndicator == FALSE) - && (diskPartInfo.partInfo.RecognizedPartition == TRUE || diskPartInfo.partInfo.RecognizedPartition == FALSE) - && (diskPartInfo.partInfo.RewritePartition == TRUE || diskPartInfo.partInfo.RewritePartition == FALSE) - && (diskPartInfo.partInfo.StartingOffset.QuadPart >= 0) - && (diskPartInfo.partInfo.PartitionLength.QuadPart >= 0) - ) - { - Partition part; - part.DevicePath = partPath.str(); - part.Number = partNumber; - part.Info = diskPartInfo.partInfo; - part.IsGPT = diskPartInfo.IsGPT; - - // Mount point - int driveNumber = GetDiskDeviceDriveLetter ((wchar_t *) partPath.str().c_str()); - - if (driveNumber >= 0) - { - part.MountPoint += (wchar_t) (driveNumber + L'A'); - part.MountPoint += L":"; - } - - // Volume ID - wchar_t volumePath[TC_MAX_PATH]; - if (ResolveSymbolicLink ((wchar_t *) partPath.str().c_str(), volumePath, sizeof(volumePath))) - { - wchar_t volumeName[TC_MAX_PATH]; - HANDLE fh = FindFirstVolumeW (volumeName, array_capacity (volumeName)); - if (fh != INVALID_HANDLE_VALUE) - { - do - { - wstring volumeNameStr = volumeName; - wchar_t devicePath[TC_MAX_PATH]; - - if (QueryDosDeviceW (volumeNameStr.substr (4, volumeNameStr.size() - 1 - 4).c_str(), devicePath, array_capacity (devicePath)) != 0 - && wcscmp (volumePath, devicePath) == 0) - { - part.VolumeNameId = volumeName; - break; - } - - } while (FindNextVolumeW (fh, volumeName, array_capacity (volumeName))); - - FindVolumeClose (fh); - } - } - - partList.push_back (part); - } - } - - return partList; - } - - - DISK_GEOMETRY BootEncryption::GetDriveGeometry (int driveNumber) - { - wstringstream devName; - devName << L"\\Device\\Harddisk" << driveNumber << L"\\Partition0"; - - DISK_GEOMETRY geometry; - throw_sys_if (!::GetDriveGeometry (devName.str().c_str(), &geometry)); - return geometry; - } - - - wstring BootEncryption::GetWindowsDirectory () - { - wchar_t buf[MAX_PATH]; - throw_sys_if (GetSystemDirectory (buf, ARRAYSIZE (buf)) == 0); - - return wstring (buf); - } - - - - uint16 BootEncryption::GetInstalledBootLoaderVersion () - { - uint16 version; - CallDriver (TC_IOCTL_GET_BOOT_LOADER_VERSION, NULL, 0, &version, sizeof (version)); - return version; - } - - void BootEncryption::GetInstalledBootLoaderFingerprint (byte fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE]) - { - BootLoaderFingerprintRequest request; - CallDriver (VC_IOCTL_GET_BOOT_LOADER_FINGERPRINT, NULL, 0, &request, sizeof (request)); - memcpy (fingerprint, request.Fingerprint, sizeof (request.Fingerprint)); - } - - // Note that this does not require admin rights (it just requires the driver to be running) - bool BootEncryption::IsBootLoaderOnDrive (wchar_t *devicePath) - { - try - { - OPEN_TEST_STRUCT openTestStruct; - memset (&openTestStruct, 0, sizeof (openTestStruct)); - DWORD dwResult; - - StringCchCopyW (&openTestStruct.wszFileName[0], ARRAYSIZE(openTestStruct.wszFileName),devicePath); - - openTestStruct.bDetectTCBootLoader = TRUE; - - return (DeviceIoControl (hDriver, TC_IOCTL_OPEN_TEST, - &openTestStruct, sizeof (OPEN_TEST_STRUCT), - &openTestStruct, sizeof (OPEN_TEST_STRUCT), - &dwResult, NULL) && openTestStruct.TCBootLoaderDetected); - } - catch (...) - { - return false; - } - } - - - BootEncryptionStatus BootEncryption::GetStatus () - { - /* IMPORTANT: Do NOT add any potentially time-consuming operations to this function. */ - - BootEncryptionStatus status; - CallDriver (TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS, NULL, 0, &status, sizeof (status)); - return status; - } - - - void BootEncryption::GetVolumeProperties (VOLUME_PROPERTIES_STRUCT *properties) - { - if (properties == NULL) - throw ParameterIncorrect (SRC_POS); - - CallDriver (TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES, NULL, 0, properties, sizeof (*properties)); - } - - - bool BootEncryption::IsHiddenSystemRunning () - { - int hiddenSystemStatus; - - CallDriver (TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING, nullptr, 0, &hiddenSystemStatus, sizeof (hiddenSystemStatus)); - return hiddenSystemStatus != 0; - } - - - bool BootEncryption::SystemDriveContainsPartitionType (byte type) - { - Device device (GetSystemDriveConfiguration().DevicePath, true); - device.CheckOpened (SRC_POS); - - byte mbrBuf[TC_SECTOR_SIZE_BIOS]; - device.SeekAt (0); - device.Read (mbrBuf, sizeof (mbrBuf)); - - MBR *mbr = reinterpret_cast (mbrBuf); - if (mbr->Signature != 0xaa55) - throw ParameterIncorrect (SRC_POS); - - for (size_t i = 0; i < array_capacity (mbr->Partitions); ++i) - { - if (mbr->Partitions[i].Type == type) - return true; - } - - return false; - } - - - bool BootEncryption::SystemDriveContainsExtendedPartition () - { - return SystemDriveContainsPartitionType (PARTITION_EXTENDED) || SystemDriveContainsPartitionType (PARTITION_XINT13_EXTENDED); - } - - - bool BootEncryption::SystemDriveContainsNonStandardPartitions () - { - for (int partitionType = 1; partitionType <= 0xff; ++partitionType) - { - switch (partitionType) - { - case PARTITION_FAT_12: - case PARTITION_FAT_16: - case PARTITION_EXTENDED: - case PARTITION_HUGE: - case PARTITION_IFS: - case PARTITION_FAT32: - case PARTITION_FAT32_XINT13: - case PARTITION_XINT13: - case PARTITION_XINT13_EXTENDED: - continue; - } - - if (SystemDriveContainsPartitionType ((byte) partitionType)) - return true; - } - - return false; - } - - - bool BootEncryption::SystemDriveIsDynamic () - { - GetSystemDriveConfigurationRequest request; - StringCchCopyW (request.DevicePath, ARRAYSIZE (request.DevicePath), GetSystemDriveConfiguration().DeviceKernelPath.c_str()); - - CallDriver (TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG, &request, sizeof (request), &request, sizeof (request)); - return request.DriveIsDynamic ? true : false; - } - - - SystemDriveConfiguration BootEncryption::GetSystemDriveConfiguration () - { - if (DriveConfigValid) - return DriveConfig; - - SystemDriveConfiguration config; - - wstring winDir = GetWindowsDirectory(); - - // Scan all drives - for (int driveNumber = 0; driveNumber < 32; ++driveNumber) - { - bool windowsFound = false; - bool activePartitionFound = false; - config.ExtraBootPartitionPresent = false; - config.SystemLoaderPresent = false; - - PartitionList partitions = GetDrivePartitions (driveNumber); - foreach (const Partition &part, partitions) - { - if (!part.MountPoint.empty() - && (_waccess ((part.MountPoint + L"\\bootmgr").c_str(), 0) == 0 || _waccess ((part.MountPoint + L"\\ntldr").c_str(), 0) == 0)) - { - config.SystemLoaderPresent = true; - } - else if (!part.VolumeNameId.empty() - && (_waccess ((part.VolumeNameId + L"\\bootmgr").c_str(), 0) == 0 || _waccess ((part.VolumeNameId + L"\\ntldr").c_str(), 0) == 0)) - { - config.SystemLoaderPresent = true; - } - - if (!windowsFound && !part.MountPoint.empty() && ToUpperCase (winDir).find (ToUpperCase (part.MountPoint)) == 0) - { - config.SystemPartition = part; - windowsFound = true; - } - - if (!activePartitionFound && part.Info.BootIndicator) - { - activePartitionFound = true; - - if (part.Info.PartitionLength.QuadPart > 0 && part.Info.PartitionLength.QuadPart <= TC_MAX_EXTRA_BOOT_PARTITION_SIZE) - config.ExtraBootPartitionPresent = true; - } - } - - if (windowsFound) - { - config.DriveNumber = driveNumber; - - wstringstream ss; - ss << L"PhysicalDrive" << driveNumber; - config.DevicePath = ss.str(); - - wstringstream kernelPath; - kernelPath << L"\\Device\\Harddisk" << driveNumber << L"\\Partition0"; - config.DeviceKernelPath = kernelPath.str(); - - config.DrivePartition = partitions.front(); - partitions.pop_front(); - config.Partitions = partitions; - - config.InitialUnallocatedSpace = 0x7fffFFFFffffFFFFull; - config.TotalUnallocatedSpace = config.DrivePartition.Info.PartitionLength.QuadPart; - - foreach (const Partition &part, config.Partitions) - { - if (part.Info.StartingOffset.QuadPart < config.InitialUnallocatedSpace) - config.InitialUnallocatedSpace = part.Info.StartingOffset.QuadPart; - - config.TotalUnallocatedSpace -= part.Info.PartitionLength.QuadPart; - } - - DriveConfig = config; - DriveConfigValid = true; - return DriveConfig; - } - } - - throw ParameterIncorrect (SRC_POS); - } - - - bool BootEncryption::SystemPartitionCoversWholeDrive () - { - SystemDriveConfiguration config = GetSystemDriveConfiguration(); - - if (IsOSAtLeast (WIN_7) - && config.Partitions.size() == 2 - && config.ExtraBootPartitionPresent - && config.DrivePartition.Info.PartitionLength.QuadPart - config.SystemPartition.Info.PartitionLength.QuadPart < 164 * BYTES_PER_MB) - { - return true; - } - - return config.Partitions.size() == 1 - && config.DrivePartition.Info.PartitionLength.QuadPart - config.SystemPartition.Info.PartitionLength.QuadPart < 64 * BYTES_PER_MB; - } - - - uint32 BootEncryption::GetChecksum (byte *data, size_t size) - { - uint32 sum = 0; - - while (size-- > 0) - { - sum += *data++; - sum = _rotl (sum, 1); - } - - return sum; - } - - - void BootEncryption::CreateBootLoaderInMemory (byte *buffer, size_t bufferSize, bool rescueDisk, bool hiddenOSCreation) - { - if (bufferSize < TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE) - throw ParameterIncorrect (SRC_POS); - - ZeroMemory (buffer, bufferSize); - - int ea = 0; - int pkcs5_prf = 0; - if (GetStatus().DriveMounted) - { - try - { - GetBootEncryptionAlgorithmNameRequest request; - // since we added new field to GetBootEncryptionAlgorithmNameRequest since version 1.0f - // we zero all the structure so that if we are talking to an older driver, the field - // BootPrfAlgorithmName will be an empty string - ZeroMemory(&request, sizeof(request)); - CallDriver (TC_IOCTL_GET_BOOT_ENCRYPTION_ALGORITHM_NAME, NULL, 0, &request, sizeof (request)); - - if (_stricmp (request.BootEncryptionAlgorithmName, "AES") == 0) - ea = AES; - else if (_stricmp (request.BootEncryptionAlgorithmName, "Serpent") == 0) - ea = SERPENT; - else if (_stricmp (request.BootEncryptionAlgorithmName, "Twofish") == 0) - ea = TWOFISH; - - if (_stricmp(request.BootPrfAlgorithmName, "SHA-256") == 0) - pkcs5_prf = SHA256; - else if (_stricmp(request.BootPrfAlgorithmName, "RIPEMD-160") == 0) - pkcs5_prf = RIPEMD160; - else if (strlen(request.BootPrfAlgorithmName) == 0) // case of version < 1.0f - pkcs5_prf = RIPEMD160; - } - catch (...) - { - try - { - VOLUME_PROPERTIES_STRUCT properties; - GetVolumeProperties (&properties); - ea = properties.ea; - pkcs5_prf = properties.pkcs5; - } - catch (...) { } - } - } - else - { - if (SelectedEncryptionAlgorithmId == 0 || SelectedPrfAlgorithmId == 0) - throw ParameterIncorrect (SRC_POS); - - ea = SelectedEncryptionAlgorithmId; - pkcs5_prf = SelectedPrfAlgorithmId; - } - - // Only RIPEMD160 and SHA-256 are supported for boot loader - if (pkcs5_prf != RIPEMD160 && pkcs5_prf != SHA256) - throw ParameterIncorrect (SRC_POS); - - int bootSectorId = 0; - int bootLoaderId = 0; - - if (pkcs5_prf == SHA256) - { - bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_SHA2 : IDR_BOOT_SECTOR_SHA2; - bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_SHA2 : IDR_BOOT_LOADER_SHA2; - } - else - { - bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR : IDR_BOOT_SECTOR; - bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER : IDR_BOOT_LOADER; - } - - switch (ea) - { - case AES: - if (pkcs5_prf == SHA256) - { - bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_AES_SHA2 : IDR_BOOT_SECTOR_AES_SHA2; - bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_AES_SHA2 : IDR_BOOT_LOADER_AES_SHA2; - } - else - { - bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_AES : IDR_BOOT_SECTOR_AES; - bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_AES : IDR_BOOT_LOADER_AES; - } - break; - - case SERPENT: - if (pkcs5_prf == SHA256) - { - bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_SERPENT_SHA2 : IDR_BOOT_SECTOR_SERPENT_SHA2; - bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_SERPENT_SHA2 : IDR_BOOT_LOADER_SERPENT_SHA2; - } - else - { - bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_SERPENT : IDR_BOOT_SECTOR_SERPENT; - bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_SERPENT : IDR_BOOT_LOADER_SERPENT; - } - break; - - case TWOFISH: - if (pkcs5_prf == SHA256) - { - bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_TWOFISH_SHA2 : IDR_BOOT_SECTOR_TWOFISH_SHA2; - bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_TWOFISH_SHA2 : IDR_BOOT_LOADER_TWOFISH_SHA2; - } - else - { - bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_TWOFISH : IDR_BOOT_SECTOR_TWOFISH; - bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_TWOFISH : IDR_BOOT_LOADER_TWOFISH; - } - break; - } - - // Boot sector - DWORD size; - byte *bootSecResourceImg = MapResource (L"BIN", bootSectorId, &size); - if (!bootSecResourceImg || size != TC_SECTOR_SIZE_BIOS) - throw ParameterIncorrect (SRC_POS); - - memcpy (buffer, bootSecResourceImg, size); - - *(uint16 *) (buffer + TC_BOOT_SECTOR_VERSION_OFFSET) = BE16 (VERSION_NUM); - - if (IsOSAtLeast (WIN_VISTA)) - buffer[TC_BOOT_SECTOR_CONFIG_OFFSET] |= TC_BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER; - - if (rescueDisk && (ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION)) - buffer[TC_BOOT_SECTOR_CONFIG_OFFSET] |= TC_BOOT_CFG_FLAG_RESCUE_DISABLE_HW_ENCRYPTION; - - // Checksum of the backup header of the outer volume for the hidden system - if (hiddenOSCreation) - { - Device device (GetSystemDriveConfiguration().DevicePath); - device.CheckOpened (SRC_POS); - byte headerSector[TC_SECTOR_SIZE_BIOS]; - - device.SeekAt (HiddenOSCandidatePartition.Info.StartingOffset.QuadPart + HiddenOSCandidatePartition.Info.PartitionLength.QuadPart - TC_VOLUME_HEADER_GROUP_SIZE + TC_VOLUME_HEADER_EFFECTIVE_SIZE); - device.Read (headerSector, sizeof (headerSector)); - - *(uint32 *) (buffer + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET) = GetCrc32 (headerSector, sizeof (headerSector)); - } - - // Decompressor - byte *decompressor = MapResource (L"BIN", IDR_BOOT_LOADER_DECOMPRESSOR, &size); - if (!decompressor || size > TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS) - throw ParameterIncorrect (SRC_POS); - - memcpy (buffer + TC_SECTOR_SIZE_BIOS, decompressor, size); - - // Compressed boot loader - byte *bootLoader = MapResource (L"BIN", bootLoaderId, &size); - if (!bootLoader || size > TC_MAX_BOOT_LOADER_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS) - throw ParameterIncorrect (SRC_POS); - - memcpy (buffer + TC_SECTOR_SIZE_BIOS + TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS, bootLoader, size); - - // Boot loader and decompressor checksum - *(uint16 *) (buffer + TC_BOOT_SECTOR_LOADER_LENGTH_OFFSET) = static_cast (size); - *(uint32 *) (buffer + TC_BOOT_SECTOR_LOADER_CHECKSUM_OFFSET) = GetChecksum (buffer + TC_SECTOR_SIZE_BIOS, - TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS + size); - - // Backup of decompressor and boot loader - if (size + TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS <= TC_BOOT_LOADER_BACKUP_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS) - { - memcpy (buffer + TC_SECTOR_SIZE_BIOS + TC_BOOT_LOADER_BACKUP_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS, - buffer + TC_SECTOR_SIZE_BIOS, TC_BOOT_LOADER_BACKUP_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS); - - buffer[TC_BOOT_SECTOR_CONFIG_OFFSET] |= TC_BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE; - } - else if (!rescueDisk && bootLoaderId != IDR_BOOT_LOADER && bootLoaderId != IDR_BOOT_LOADER_SHA2) - { - throw ParameterIncorrect (SRC_POS); - } - } - - - void BootEncryption::ReadBootSectorConfig (byte *config, size_t bufLength, byte *userConfig, string *customUserMessage, uint16 *bootLoaderVersion) - { - if (config && bufLength < TC_BOOT_CFG_FLAG_AREA_SIZE) - throw ParameterIncorrect (SRC_POS); - - GetSystemDriveConfigurationRequest request; - StringCchCopyW (request.DevicePath, ARRAYSIZE (request.DevicePath), GetSystemDriveConfiguration().DeviceKernelPath.c_str()); - - try - { - CallDriver (TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG, &request, sizeof (request), &request, sizeof (request)); - if (config) - *config = request.Configuration; - - if (userConfig) - *userConfig = request.UserConfiguration; - - if (customUserMessage) - { - request.CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH] = 0; - *customUserMessage = request.CustomUserMessage; - } - - if (bootLoaderVersion) - *bootLoaderVersion = request.BootLoaderVersion; - } - catch (...) - { - if (config) - *config = 0; - - if (userConfig) - *userConfig = 0; - - if (customUserMessage) - customUserMessage->clear(); - - if (bootLoaderVersion) - *bootLoaderVersion = 0; - } - } - - - void BootEncryption::WriteBootSectorConfig (const byte newConfig[]) - { - Device device (GetSystemDriveConfiguration().DevicePath); - device.CheckOpened (SRC_POS); - byte mbr[TC_SECTOR_SIZE_BIOS]; - - device.SeekAt (0); - device.Read (mbr, sizeof (mbr)); - - memcpy (mbr + TC_BOOT_SECTOR_CONFIG_OFFSET, newConfig, TC_BOOT_CFG_FLAG_AREA_SIZE); - - device.SeekAt (0); - device.Write (mbr, sizeof (mbr)); - - byte mbrVerificationBuf[TC_SECTOR_SIZE_BIOS]; - device.SeekAt (0); - device.Read (mbrVerificationBuf, sizeof (mbr)); - - if (memcmp (mbr, mbrVerificationBuf, sizeof (mbr)) != 0) - throw ErrorException ("ERROR_MBR_PROTECTED", SRC_POS); - } - - - void BootEncryption::WriteBootSectorUserConfig (byte userConfig, const string &customUserMessage, int pim) - { - Device device (GetSystemDriveConfiguration().DevicePath); - device.CheckOpened (SRC_POS); - byte mbr[TC_SECTOR_SIZE_BIOS]; - - device.SeekAt (0); - device.Read (mbr, sizeof (mbr)); - - if (!BufferContainsString (mbr, sizeof (mbr), TC_APP_NAME) - || BE16 (*(uint16 *) (mbr + TC_BOOT_SECTOR_VERSION_OFFSET)) != VERSION_NUM) - { - return; - } - - mbr[TC_BOOT_SECTOR_USER_CONFIG_OFFSET] = userConfig; - - memset (mbr + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, 0, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH); - - if (!customUserMessage.empty()) - { - if (customUserMessage.size() > TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH) - throw ParameterIncorrect (SRC_POS); - - memcpy (mbr + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, customUserMessage.c_str(), customUserMessage.size()); - } - - if (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_PIM) - { - // PIM for pre-boot authentication can be encoded on two bytes since its maximum - // value is 65535 (0xFFFF) - memcpy (mbr + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, &pim, TC_BOOT_SECTOR_PIM_VALUE_SIZE); - } - else - memset (mbr + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, 0, TC_BOOT_SECTOR_PIM_VALUE_SIZE); - - device.SeekAt (0); - device.Write (mbr, sizeof (mbr)); - - byte mbrVerificationBuf[TC_SECTOR_SIZE_BIOS]; - device.SeekAt (0); - device.Read (mbrVerificationBuf, sizeof (mbr)); - - if (memcmp (mbr, mbrVerificationBuf, sizeof (mbr)) != 0) - throw ErrorException ("ERROR_MBR_PROTECTED", SRC_POS); - } - - - unsigned int BootEncryption::GetHiddenOSCreationPhase () - { - byte configFlags [TC_BOOT_CFG_FLAG_AREA_SIZE]; - - ReadBootSectorConfig (configFlags, sizeof(configFlags)); - - return (configFlags[0] & TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE); - } - - - void BootEncryption::SetHiddenOSCreationPhase (unsigned int newPhase) - { -#if TC_BOOT_CFG_FLAG_AREA_SIZE != 1 -# error TC_BOOT_CFG_FLAG_AREA_SIZE != 1; revise GetHiddenOSCreationPhase() and SetHiddenOSCreationPhase() -#endif - byte configFlags [TC_BOOT_CFG_FLAG_AREA_SIZE]; - - ReadBootSectorConfig (configFlags, sizeof(configFlags)); - - configFlags[0] &= (byte) ~TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE; - - configFlags[0] |= newPhase; - - WriteBootSectorConfig (configFlags); - } - - -#ifndef SETUP - - void BootEncryption::StartDecoyOSWipe (WipeAlgorithmId wipeAlgorithm) - { - if (!IsHiddenOSRunning()) - throw ParameterIncorrect (SRC_POS); - - WipeDecoySystemRequest request; - ZeroMemory (&request, sizeof (request)); - - request.WipeAlgorithm = wipeAlgorithm; - - if (Randinit() != ERR_SUCCESS) - { - if (CryptoAPILastError == ERROR_SUCCESS) - throw RandInitFailed (SRC_POS, GetLastError ()); - else - throw CryptoApiFailed (SRC_POS, CryptoAPILastError); - } - - /* force the display of the random enriching dialog */ - SetRandomPoolEnrichedByUserStatus (FALSE); - - UserEnrichRandomPool (ParentWindow); - - if (!RandgetBytes (ParentWindow, request.WipeKey, sizeof (request.WipeKey), TRUE)) - throw ParameterIncorrect (SRC_POS); - - CallDriver (TC_IOCTL_START_DECOY_SYSTEM_WIPE, &request, sizeof (request), NULL, 0); - - burn (&request, sizeof (request)); - } - - - void BootEncryption::AbortDecoyOSWipe () - { - CallDriver (TC_IOCTL_ABORT_DECOY_SYSTEM_WIPE); - } - - - DecoySystemWipeStatus BootEncryption::GetDecoyOSWipeStatus () - { - DecoySystemWipeStatus status; - CallDriver (TC_IOCTL_GET_DECOY_SYSTEM_WIPE_STATUS, NULL, 0, &status, sizeof (status)); - return status; - } - - - void BootEncryption::CheckDecoyOSWipeResult () - { - CallDriver (TC_IOCTL_GET_DECOY_SYSTEM_WIPE_RESULT); - } - - - void BootEncryption::WipeHiddenOSCreationConfig () - { - if (IsHiddenOSRunning()) - throw ParameterIncorrect (SRC_POS); - - if (Randinit() != ERR_SUCCESS) - { - if (CryptoAPILastError == ERROR_SUCCESS) - throw RandInitFailed (SRC_POS, GetLastError ()); - else - throw CryptoApiFailed (SRC_POS, CryptoAPILastError); - } - - Device device (GetSystemDriveConfiguration().DevicePath); - device.CheckOpened(SRC_POS); - byte mbr[TC_SECTOR_SIZE_BIOS]; - - device.SeekAt (0); - device.Read (mbr, sizeof (mbr)); - - finally_do_arg (BootEncryption *, this, - { - try - { - finally_arg->SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_NONE); - } catch (...) { } - }); - -#if PRAND_DISK_WIPE_PASSES > RNG_POOL_SIZE -# error PRAND_DISK_WIPE_PASSES > RNG_POOL_SIZE -#endif - - byte randData[PRAND_DISK_WIPE_PASSES]; - if (!RandgetBytes (ParentWindow, randData, sizeof (randData), FALSE)) - throw ParameterIncorrect (SRC_POS); - - for (int wipePass = 0; wipePass < PRAND_DISK_WIPE_PASSES; wipePass++) - { - for (int i = 0; i < TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE; ++i) - { - mbr[TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET + i] = randData[wipePass]; - } - - mbr[TC_BOOT_SECTOR_CONFIG_OFFSET] &= (byte) ~TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE; - mbr[TC_BOOT_SECTOR_CONFIG_OFFSET] |= randData[wipePass] & TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE; - - if (wipePass == PRAND_DISK_WIPE_PASSES - 1) - memset (mbr + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET, 0, TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE); - - device.SeekAt (0); - device.Write (mbr, sizeof (mbr)); - } - - for (int wipePass = 0; wipePass < PRAND_DISK_WIPE_PASSES/4 + 1; wipePass++) - { - SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_NONE); - SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_CLONING); - SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_WIPING); - SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_WIPED); - } - SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_NONE); - } - -#endif // !SETUP - - - void BootEncryption::InstallBootLoader (bool preserveUserConfig, bool hiddenOSCreation) - { - Device device (GetSystemDriveConfiguration().DevicePath); - device.CheckOpened (SRC_POS); - - InstallBootLoader (device, preserveUserConfig, hiddenOSCreation); - } - - void BootEncryption::InstallBootLoader (Device& device, bool preserveUserConfig, bool hiddenOSCreation, int pim) - { - byte bootLoaderBuf[TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE] = {0}; - CreateBootLoaderInMemory (bootLoaderBuf, sizeof (bootLoaderBuf), false, hiddenOSCreation); - - // Write MBR - byte mbr[TC_SECTOR_SIZE_BIOS]; - - device.SeekAt (0); - device.Read (mbr, sizeof (mbr)); - - if (preserveUserConfig && BufferContainsString (mbr, sizeof (mbr), TC_APP_NAME)) - { - uint16 version = BE16 (*(uint16 *) (mbr + TC_BOOT_SECTOR_VERSION_OFFSET)); - if (version != 0) - { - bootLoaderBuf[TC_BOOT_SECTOR_USER_CONFIG_OFFSET] = mbr[TC_BOOT_SECTOR_USER_CONFIG_OFFSET]; - memcpy (bootLoaderBuf + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, mbr + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH); - - if (bootLoaderBuf[TC_BOOT_SECTOR_USER_CONFIG_OFFSET] & TC_BOOT_USER_CFG_FLAG_DISABLE_PIM) - { - if (pim >= 0) - { - memcpy (bootLoaderBuf + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, &pim, TC_BOOT_SECTOR_PIM_VALUE_SIZE); - } - else - memcpy (bootLoaderBuf + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, mbr + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, TC_BOOT_SECTOR_PIM_VALUE_SIZE); - } - } - } - - memcpy (mbr, bootLoaderBuf, TC_MAX_MBR_BOOT_CODE_SIZE); - - device.SeekAt (0); - device.Write (mbr, sizeof (mbr)); - - byte mbrVerificationBuf[TC_SECTOR_SIZE_BIOS]; - device.SeekAt (0); - device.Read (mbrVerificationBuf, sizeof (mbr)); - - if (memcmp (mbr, mbrVerificationBuf, sizeof (mbr)) != 0) - throw ErrorException ("ERROR_MBR_PROTECTED", SRC_POS); - - // Write boot loader - device.SeekAt (TC_SECTOR_SIZE_BIOS); - device.Write (bootLoaderBuf + TC_SECTOR_SIZE_BIOS, sizeof (bootLoaderBuf) - TC_SECTOR_SIZE_BIOS); - } - -#ifndef SETUP - bool BootEncryption::CheckBootloaderFingerprint (bool bSilent) - { - byte bootLoaderBuf[TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE] = {0}; - byte fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE]; - byte expectedFingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE]; - bool bRet = false; - - try - { - // read bootloader fingerprint - GetInstalledBootLoaderFingerprint (fingerprint); - - // compute expected fingerprint - CreateBootLoaderInMemory (bootLoaderBuf, sizeof (bootLoaderBuf), false, false); - ::ComputeBootloaderFingerprint (bootLoaderBuf, sizeof (bootLoaderBuf), expectedFingerprint); - - // compare values - if (0 == memcmp (fingerprint, expectedFingerprint, sizeof (expectedFingerprint))) - { - bRet = true; - } - } - catch (SystemException &e) - { - if (!bSilent && (GetLastError () != ERROR_INVALID_IMAGE_HASH)) - e.Show (ParentWindow); - } - catch (Exception& e) - { - if (!bSilent) - e.Show (ParentWindow); - } - - return bRet; - } -#endif - - wstring BootEncryption::GetSystemLoaderBackupPath () - { - WCHAR pathBuf[MAX_PATH]; - - throw_sys_if (!SUCCEEDED (SHGetFolderPath (NULL, CSIDL_COMMON_APPDATA | CSIDL_FLAG_CREATE, NULL, 0, pathBuf))); - - wstring path = wstring (pathBuf) + L"\\" _T(TC_APP_NAME); - CreateDirectory (path.c_str(), NULL); - - return path + L'\\' + TC_SYS_BOOT_LOADER_BACKUP_NAME; - } - - - void BootEncryption::RenameDeprecatedSystemLoaderBackup () - { - WCHAR pathBuf[MAX_PATH]; - - if (SUCCEEDED (SHGetFolderPath (NULL, CSIDL_COMMON_APPDATA, NULL, 0, pathBuf))) - { - wstring path = wstring (pathBuf) + L"\\" _T(TC_APP_NAME) + L'\\' + TC_SYS_BOOT_LOADER_BACKUP_NAME_LEGACY; - - if (FileExists (path.c_str()) && !FileExists (GetSystemLoaderBackupPath().c_str())) - throw_sys_if (_wrename (path.c_str(), GetSystemLoaderBackupPath().c_str()) != 0); - } - } - - -#ifndef SETUP - void BootEncryption::CreateRescueIsoImage (bool initialSetup, const wstring &isoImagePath) - { - BootEncryptionStatus encStatus = GetStatus(); - if (encStatus.SetupInProgress) - throw ParameterIncorrect (SRC_POS); - - Buffer imageBuf (RescueIsoImageSize); - - byte *image = imageBuf.Ptr(); - memset (image, 0, RescueIsoImageSize); - - // Primary volume descriptor - const char* szPrimVolDesc = "\001CD001\001"; - const char* szPrimVolLabel = "VeraCrypt Rescue Disk "; - memcpy (image + 0x8000, szPrimVolDesc, strlen(szPrimVolDesc) + 1); - memcpy (image + 0x7fff + 41, szPrimVolLabel, strlen(szPrimVolLabel) + 1); - *(uint32 *) (image + 0x7fff + 81) = RescueIsoImageSize / 2048; - *(uint32 *) (image + 0x7fff + 85) = BE32 (RescueIsoImageSize / 2048); - image[0x7fff + 121] = 1; - image[0x7fff + 124] = 1; - image[0x7fff + 125] = 1; - image[0x7fff + 128] = 1; - image[0x7fff + 130] = 8; - image[0x7fff + 131] = 8; - - image[0x7fff + 133] = 10; - image[0x7fff + 140] = 10; - image[0x7fff + 141] = 0x14; - image[0x7fff + 157] = 0x22; - image[0x7fff + 159] = 0x18; - - // Boot record volume descriptor - const char* szBootRecDesc = "CD001\001EL TORITO SPECIFICATION"; - memcpy (image + 0x8801, szBootRecDesc, strlen(szBootRecDesc) + 1); - image[0x8800 + 0x47] = 0x19; - - // Volume descriptor set terminator - const char* szVolDescTerm = "\377CD001\001"; - memcpy (image + 0x9000, szVolDescTerm, strlen(szVolDescTerm) + 1); - - // Path table - image[0xA000 + 0] = 1; - image[0xA000 + 2] = 0x18; - image[0xA000 + 6] = 1; - - // Root directory - image[0xc000 + 0] = 0x22; - image[0xc000 + 2] = 0x18; - image[0xc000 + 9] = 0x18; - image[0xc000 + 11] = 0x08; - image[0xc000 + 16] = 0x08; - image[0xc000 + 25] = 0x02; - image[0xc000 + 28] = 0x01; - image[0xc000 + 31] = 0x01; - image[0xc000 + 32] = 0x01; - image[0xc000 + 34] = 0x22; - image[0xc000 + 36] = 0x18; - image[0xc000 + 43] = 0x18; - image[0xc000 + 45] = 0x08; - image[0xc000 + 50] = 0x08; - image[0xc000 + 59] = 0x02; - image[0xc000 + 62] = 0x01; - *(uint32 *) (image + 0xc000 + 65) = 0x010101; - - // Validation entry - image[0xc800] = 1; - int offset = 0xc800 + 0x1c; - image[offset++] = 0xaa; - image[offset++] = 0x55; - image[offset++] = 0x55; - image[offset] = 0xaa; - - // Initial entry - offset = 0xc820; - image[offset++] = 0x88; - image[offset++] = 2; - image[0xc820 + 6] = 1; - image[0xc820 + 8] = TC_CD_BOOT_LOADER_SECTOR; - - // TrueCrypt Boot Loader - CreateBootLoaderInMemory (image + TC_CD_BOOTSECTOR_OFFSET, TC_BOOT_LOADER_AREA_SIZE, true); - - // Volume header - if (initialSetup) - { - if (!RescueVolumeHeaderValid) - throw ParameterIncorrect (SRC_POS); - - memcpy (image + TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET, RescueVolumeHeader, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); - } - else - { - Device bootDevice (GetSystemDriveConfiguration().DevicePath, true); - bootDevice.CheckOpened (SRC_POS); - bootDevice.SeekAt (TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET); - bootDevice.Read (image + TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); - } - - // Original system loader - try - { - File sysBakFile (GetSystemLoaderBackupPath(), true); - sysBakFile.CheckOpened (SRC_POS); - sysBakFile.Read (image + TC_CD_BOOTSECTOR_OFFSET + TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET, TC_BOOT_LOADER_AREA_SIZE); - - image[TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_SECTOR_CONFIG_OFFSET] |= TC_BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER; - } - catch (Exception &e) - { - e.Show (ParentWindow); - Warning ("SYS_LOADER_UNAVAILABLE_FOR_RESCUE_DISK", ParentWindow); - } - - // Boot loader backup - CreateBootLoaderInMemory (image + TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_LOADER_BACKUP_RESCUE_DISK_SECTOR_OFFSET, TC_BOOT_LOADER_AREA_SIZE, false); - - RescueIsoImage = new byte[RescueIsoImageSize]; - if (!RescueIsoImage) - throw bad_alloc(); - memcpy (RescueIsoImage, image, RescueIsoImageSize); - - if (!isoImagePath.empty()) - { - File isoFile (isoImagePath, false, true); - isoFile.Write (image, RescueIsoImageSize); - } - } -#endif - - - bool BootEncryption::IsCDRecorderPresent () - { - ICDBurn* pICDBurn; - BOOL bHasRecorder = FALSE; - - if (SUCCEEDED( CoCreateInstance (CLSID_CDBurn, NULL,CLSCTX_INPROC_SERVER,IID_ICDBurn,(LPVOID*)&pICDBurn))) - { - if (pICDBurn->HasRecordableDrive (&bHasRecorder) != S_OK) - { - bHasRecorder = FALSE; - } - pICDBurn->Release(); - } - return bHasRecorder? true : false; - } - - - bool BootEncryption::VerifyRescueDisk () - { - if (!RescueIsoImage) - throw ParameterIncorrect (SRC_POS); - - for (WCHAR drive = L'Z'; drive >= L'C'; --drive) - { - try - { - WCHAR rootPath[4] = { drive, L':', L'\\', 0}; - UINT driveType = GetDriveType (rootPath); - // check that it is a CD/DVD drive or a removable media in case a bootable - // USB key was created from the rescue disk ISO file - if ((DRIVE_CDROM == driveType) || (DRIVE_REMOVABLE == driveType)) - { - rootPath[2] = 0; // remove trailing backslash - - Device driveDevice (rootPath, true); - driveDevice.CheckOpened (SRC_POS); - size_t verifiedSectorCount = (TC_CD_BOOTSECTOR_OFFSET + TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET + TC_BOOT_LOADER_AREA_SIZE) / 2048; - Buffer buffer ((verifiedSectorCount + 1) * 2048); - - DWORD bytesRead = driveDevice.Read (buffer.Ptr(), (DWORD) buffer.Size()); - if (bytesRead != buffer.Size()) - continue; - - if (memcmp (buffer.Ptr(), RescueIsoImage, buffer.Size()) == 0) - return true; - } - } - catch (...) { } - } - - return false; - } - - bool BootEncryption::VerifyRescueDiskIsoImage (const wchar_t* imageFile) - { - if (!RescueIsoImage) - throw ParameterIncorrect (SRC_POS); - - try - { - File isoFile (imageFile, true); - isoFile.CheckOpened (SRC_POS); - size_t verifiedSectorCount = (TC_CD_BOOTSECTOR_OFFSET + TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET + TC_BOOT_LOADER_AREA_SIZE) / 2048; - Buffer buffer ((verifiedSectorCount + 1) * 2048); - - DWORD bytesRead = isoFile.Read (buffer.Ptr(), (DWORD) buffer.Size()); - if ( (bytesRead == buffer.Size()) - && (memcmp (buffer.Ptr(), RescueIsoImage, buffer.Size()) == 0) - ) - { - return true; - } - } - catch (...) { } - - return false; - } - - -#ifndef SETUP - - void BootEncryption::CreateVolumeHeader (uint64 volumeSize, uint64 encryptedAreaStart, Password *password, int ea, int mode, int pkcs5, int pim) - { - PCRYPTO_INFO cryptoInfo = NULL; - - if (!IsRandomNumberGeneratorStarted()) - throw ParameterIncorrect (SRC_POS); - - throw_sys_if (CreateVolumeHeaderInMemory (ParentWindow, TRUE, (char *) VolumeHeader, ea, mode, password, pkcs5, pim, NULL, &cryptoInfo, - volumeSize, 0, encryptedAreaStart, 0, TC_SYSENC_KEYSCOPE_MIN_REQ_PROG_VERSION, TC_HEADER_FLAG_ENCRYPTED_SYSTEM, TC_SECTOR_SIZE_BIOS, FALSE) != 0); - - finally_do_arg (PCRYPTO_INFO*, &cryptoInfo, { crypto_close (*finally_arg); }); - - // Initial rescue disk assumes encryption of the drive has been completed (EncryptedAreaLength == volumeSize) - memcpy (RescueVolumeHeader, VolumeHeader, sizeof (RescueVolumeHeader)); - if (0 != ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, pim, FALSE, NULL, cryptoInfo)) - throw ParameterIncorrect (SRC_POS); - - DecryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); - - if (GetHeaderField32 (RescueVolumeHeader, TC_HEADER_OFFSET_MAGIC) != 0x56455241) - throw ParameterIncorrect (SRC_POS); - - byte *fieldPos = RescueVolumeHeader + TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH; - mputInt64 (fieldPos, volumeSize); - - // CRC of the header fields - uint32 crc = GetCrc32 (RescueVolumeHeader + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC); - fieldPos = RescueVolumeHeader + TC_HEADER_OFFSET_HEADER_CRC; - mputLong (fieldPos, crc); - - EncryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); - - VolumeHeaderValid = true; - RescueVolumeHeaderValid = true; - } - - - void BootEncryption::InstallVolumeHeader () - { - if (!VolumeHeaderValid) - throw ParameterIncorrect (SRC_POS); - - Device device (GetSystemDriveConfiguration().DevicePath); - device.CheckOpened (SRC_POS); - - device.SeekAt (TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET); - device.Write ((byte *) VolumeHeader, sizeof (VolumeHeader)); - } - - - // For synchronous operations use AbortSetupWait() - void BootEncryption::AbortSetup () - { - CallDriver (TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP); - } - - - // For asynchronous operations use AbortSetup() - void BootEncryption::AbortSetupWait () - { - CallDriver (TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP); - - BootEncryptionStatus encStatus = GetStatus(); - - while (encStatus.SetupInProgress) - { - Sleep (TC_ABORT_TRANSFORM_WAIT_INTERVAL); - encStatus = GetStatus(); - } - } - - - void BootEncryption::BackupSystemLoader () - { - Device device (GetSystemDriveConfiguration().DevicePath, true); - device.CheckOpened (SRC_POS); - byte bootLoaderBuf[TC_BOOT_LOADER_AREA_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS]; - - device.SeekAt (0); - device.Read (bootLoaderBuf, sizeof (bootLoaderBuf)); - - // Prevent TrueCrypt loader from being backed up - for (size_t i = 0; i < sizeof (bootLoaderBuf) - strlen (TC_APP_NAME); ++i) - { - if (memcmp (bootLoaderBuf + i, TC_APP_NAME, strlen (TC_APP_NAME)) == 0) - { - if (AskWarnNoYes ("TC_BOOT_LOADER_ALREADY_INSTALLED", ParentWindow) == IDNO) - throw UserAbort (SRC_POS); - return; - } - } - - File backupFile (GetSystemLoaderBackupPath(), false, true); - backupFile.Write (bootLoaderBuf, sizeof (bootLoaderBuf)); - } - - - void BootEncryption::RestoreSystemLoader () - { - byte bootLoaderBuf[TC_BOOT_LOADER_AREA_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS]; - - File backupFile (GetSystemLoaderBackupPath(), true); - backupFile.CheckOpened(SRC_POS); - if (backupFile.Read (bootLoaderBuf, sizeof (bootLoaderBuf)) != sizeof (bootLoaderBuf)) - throw ParameterIncorrect (SRC_POS); - - Device device (GetSystemDriveConfiguration().DevicePath); - device.CheckOpened (SRC_POS); - - // Preserve current partition table - byte mbr[TC_SECTOR_SIZE_BIOS]; - device.SeekAt (0); - device.Read (mbr, sizeof (mbr)); - memcpy (bootLoaderBuf + TC_MAX_MBR_BOOT_CODE_SIZE, mbr + TC_MAX_MBR_BOOT_CODE_SIZE, sizeof (mbr) - TC_MAX_MBR_BOOT_CODE_SIZE); - - device.SeekAt (0); - device.Write (bootLoaderBuf, sizeof (bootLoaderBuf)); - } - -#endif // SETUP - - void BootEncryption::RegisterFilter (bool registerFilter, FilterType filterType, const GUID *deviceClassGuid) - { - string filter; - string filterReg; - HKEY regKey; - - switch (filterType) - { - case DriveFilter: - case VolumeFilter: - filter = "veracrypt"; - filterReg = "UpperFilters"; - regKey = OpenDeviceClassRegKey (deviceClassGuid); - throw_sys_if (regKey == INVALID_HANDLE_VALUE); - - break; - - case DumpFilter: - if (!IsOSAtLeast (WIN_VISTA)) - return; - - filter = "veracrypt.sys"; - filterReg = "DumpFilters"; - SetLastError (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Control\\CrashControl", 0, KEY_READ | KEY_WRITE, ®Key)); - throw_sys_if (GetLastError() != ERROR_SUCCESS); - - break; - - default: - throw ParameterIncorrect (SRC_POS); - } - - finally_do_arg (HKEY, regKey, { RegCloseKey (finally_arg); }); - - if (registerFilter && filterType != DumpFilter) - { - // Register class filter below all other filters in the stack - - size_t strSize = filter.size() + 1; - byte regKeyBuf[65536]; - DWORD size = (DWORD) (sizeof (regKeyBuf) - strSize); - - // SetupInstallFromInfSection() does not support prepending of values so we have to modify the registry directly - StringCchCopyA ((char *) regKeyBuf, ARRAYSIZE(regKeyBuf), filter.c_str()); - - if (RegQueryValueExA (regKey, filterReg.c_str(), NULL, NULL, regKeyBuf + strSize, &size) != ERROR_SUCCESS) - size = 1; - - SetLastError (RegSetValueExA (regKey, filterReg.c_str(), 0, REG_MULTI_SZ, regKeyBuf, (DWORD) strSize + size)); - throw_sys_if (GetLastError() != ERROR_SUCCESS); - } - else - { - RegisterDriverInf (registerFilter, filter, filterReg, ParentWindow, regKey); - } - } - - void BootEncryption::RegisterFilterDriver (bool registerDriver, FilterType filterType) - { - if (!IsAdmin() && IsUacSupported()) - { - Elevator::RegisterFilterDriver (registerDriver, filterType); - return; - } - - switch (filterType) - { - case DriveFilter: - RegisterFilter (registerDriver, filterType, &GUID_DEVCLASS_DISKDRIVE); - break; - - case VolumeFilter: - RegisterFilter (registerDriver, filterType, &GUID_DEVCLASS_VOLUME); - RegisterFilter (registerDriver, filterType, &GUID_DEVCLASS_FLOPPYDISK); - break; - - case DumpFilter: - RegisterFilter (registerDriver, filterType); - break; - - default: - throw ParameterIncorrect (SRC_POS); - } - } - - void BootEncryption::RegisterSystemFavoritesService (BOOL registerService, BOOL noFileHandling) - { - SC_HANDLE scm = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); - throw_sys_if (!scm); - finally_do_arg (SC_HANDLE, scm, { CloseServiceHandle (finally_arg); }); - - wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); - wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); - - if (registerService) - { - try - { - RegisterSystemFavoritesService (FALSE, noFileHandling); - } - catch (...) { } - - if (!noFileHandling) - { - wchar_t appPath[TC_MAX_PATH]; - throw_sys_if (!GetModuleFileName (NULL, appPath, ARRAYSIZE (appPath))); - - throw_sys_if (!CopyFile (appPath, servicePath.c_str(), FALSE)); - } - - SC_HANDLE service = CreateService (scm, - TC_SYSTEM_FAVORITES_SERVICE_NAME, - _T(TC_APP_NAME) L" System Favorites", - SERVICE_ALL_ACCESS, - SERVICE_WIN32_OWN_PROCESS, - SERVICE_AUTO_START, - SERVICE_ERROR_NORMAL, - (wstring (L"\"") + servicePath + L"\" " TC_SYSTEM_FAVORITES_SERVICE_CMDLINE_OPTION).c_str(), - TC_SYSTEM_FAVORITES_SERVICE_LOAD_ORDER_GROUP, - NULL, - NULL, - NULL, - NULL); - - throw_sys_if (!service); - - SERVICE_DESCRIPTION description; - description.lpDescription = L"Mounts VeraCrypt system favorite volumes."; - ChangeServiceConfig2 (service, SERVICE_CONFIG_DESCRIPTION, &description); - - CloseServiceHandle (service); - - try - { - WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE); - WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE); - - SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, true); - } - catch (...) - { - try - { - RegisterSystemFavoritesService (FALSE, noFileHandling); - } - catch (...) { } - - throw; - } - } - else - { - SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, false); - - DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal", TC_SYSTEM_FAVORITES_SERVICE_NAME); - DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network", TC_SYSTEM_FAVORITES_SERVICE_NAME); - - SC_HANDLE service = OpenService (scm, TC_SYSTEM_FAVORITES_SERVICE_NAME, SERVICE_ALL_ACCESS); - throw_sys_if (!service); - - throw_sys_if (!DeleteService (service)); - CloseServiceHandle (service); - - if (!noFileHandling) - { - DeleteFile (servicePath.c_str()); - if (serviceLegacyPath != servicePath) - DeleteFile (serviceLegacyPath.c_str()); - } - } - } - - void BootEncryption::UpdateSystemFavoritesService () - { - SC_HANDLE scm = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); - throw_sys_if (!scm); - - finally_do_arg (SC_HANDLE, scm, { CloseServiceHandle (finally_arg); }); - - wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); - - // check if service exists - SC_HANDLE service = OpenService (scm, TC_SYSTEM_FAVORITES_SERVICE_NAME, SERVICE_ALL_ACCESS); - if (service) - { - finally_do_arg (SC_HANDLE, service, { CloseServiceHandle (finally_arg); }); - // ensure that its parameters are correct - throw_sys_if (!ChangeServiceConfig (service, - SERVICE_WIN32_OWN_PROCESS, - SERVICE_AUTO_START, - SERVICE_ERROR_NORMAL, - (wstring (L"\"") + servicePath + L"\" " TC_SYSTEM_FAVORITES_SERVICE_CMDLINE_OPTION).c_str(), - TC_SYSTEM_FAVORITES_SERVICE_LOAD_ORDER_GROUP, - NULL, - NULL, - NULL, - NULL, - _T(TC_APP_NAME) L" System Favorites")); - - } - else - { - RegisterSystemFavoritesService (TRUE, TRUE); - } - } - - void BootEncryption::SetDriverConfigurationFlag (uint32 flag, bool state) - { - DWORD configMap = ReadDriverConfigurationFlags(); - - if (state) - configMap |= flag; - else - configMap &= ~flag; -#ifdef SETUP - WriteLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", TC_DRIVER_CONFIG_REG_VALUE_NAME, configMap); -#else - WriteLocalMachineRegistryDwordValue (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", TC_DRIVER_CONFIG_REG_VALUE_NAME, configMap); -#endif - } - -#ifndef SETUP - - void BootEncryption::RegisterSystemFavoritesService (BOOL registerService) - { - if (!IsAdmin() && IsUacSupported()) - { - Elevator::RegisterSystemFavoritesService (registerService); - return; - } - - RegisterSystemFavoritesService (registerService, FALSE); - } - - void BootEncryption::CheckRequirements () - { - if (nCurrentOS == WIN_2000) - throw ErrorException ("SYS_ENCRYPTION_UNSUPPORTED_ON_CURRENT_OS", SRC_POS); - - if (CurrentOSMajor == 6 && CurrentOSMinor == 0 && CurrentOSServicePack < 1) - throw ErrorException ("SYS_ENCRYPTION_UNSUPPORTED_ON_VISTA_SP0", SRC_POS); - - if (IsNonInstallMode()) - throw ErrorException ("FEATURE_REQUIRES_INSTALLATION", SRC_POS); - - SystemDriveConfiguration config = GetSystemDriveConfiguration (); - - if (config.SystemPartition.IsGPT) - throw ErrorException ("GPT_BOOT_DRIVE_UNSUPPORTED", SRC_POS); - - if (SystemDriveIsDynamic()) - throw ErrorException ("SYSENC_UNSUPPORTED_FOR_DYNAMIC_DISK", SRC_POS); - - if (config.InitialUnallocatedSpace < TC_BOOT_LOADER_AREA_SIZE) - throw ErrorException ("NO_SPACE_FOR_BOOT_LOADER", SRC_POS); - - DISK_GEOMETRY geometry = GetDriveGeometry (config.DriveNumber); - - if (geometry.BytesPerSector != TC_SECTOR_SIZE_BIOS) - throw ErrorException ("SYSENC_UNSUPPORTED_SECTOR_SIZE_BIOS", SRC_POS); - - bool activePartitionFound = false; - if (!config.SystemPartition.IsGPT) - { - // Determine whether there is an Active partition on the system drive - foreach (const Partition &partition, config.Partitions) - { - if (partition.Info.BootIndicator) - { - activePartitionFound = true; - break; - } - } - } - - if (!config.SystemLoaderPresent || !activePartitionFound) - { - static bool confirmed = false; - - if (!confirmed && AskWarnNoYes ("WINDOWS_NOT_ON_BOOT_DRIVE_ERROR", ParentWindow) == IDNO) - throw UserAbort (SRC_POS); - - confirmed = true; - } - } - - - void BootEncryption::CheckRequirementsHiddenOS () - { - // It is assumed that CheckRequirements() had been called (so we don't check e.g. whether it's GPT). - - // The user may have modified/added/deleted partitions since the partition table was last scanned. - InvalidateCachedSysDriveProperties (); - - GetPartitionForHiddenOS (); - } - - - void BootEncryption::InitialSecurityChecksForHiddenOS () - { - wchar_t windowsDrive = (wchar_t) towupper (GetWindowsDirectory()[0]); - - // Paging files - bool pagingFilesOk = !IsPagingFileActive (TRUE); - - wchar_t pagingFileRegData[65536]; - DWORD pagingFileRegDataSize = sizeof (pagingFileRegData); - - if (ReadLocalMachineRegistryMultiString (L"System\\CurrentControlSet\\Control\\Session Manager\\Memory Management", L"PagingFiles", pagingFileRegData, &pagingFileRegDataSize) - && pagingFileRegDataSize > 8) - { - for (size_t i = 1; i < pagingFileRegDataSize/2 - 2; ++i) - { - if (wmemcmp (pagingFileRegData + i, L":\\", 2) == 0 && towupper (pagingFileRegData[i - 1]) != windowsDrive) - { - pagingFilesOk = false; - break; - } - } - } - - if (!pagingFilesOk) - { - if (AskWarnYesNoString ((wchar_t *) (wstring (GetString ("PAGING_FILE_NOT_ON_SYS_PARTITION")) - + GetString ("LEAKS_OUTSIDE_SYSPART_UNIVERSAL_EXPLANATION") - + L"\n\n\n" - + GetString ("RESTRICT_PAGING_FILES_TO_SYS_PARTITION") - ).c_str(), ParentWindow) == IDYES) - { - RestrictPagingFilesToSystemPartition(); - RestartComputer(); - AbortProcessSilent(); - } - - throw ErrorException (wstring (GetString ("PAGING_FILE_NOT_ON_SYS_PARTITION")) - + GetString ("LEAKS_OUTSIDE_SYSPART_UNIVERSAL_EXPLANATION"), SRC_POS); - } - - // User profile - wchar_t *configPath = GetConfigPath (L"dummy"); - if (configPath && towupper (configPath[0]) != windowsDrive) - { - throw ErrorException (wstring (GetString ("USER_PROFILE_NOT_ON_SYS_PARTITION")) - + GetString ("LEAKS_OUTSIDE_SYSPART_UNIVERSAL_EXPLANATION"), SRC_POS); - } - - // Temporary files - if (towupper (GetTempPathString()[0]) != windowsDrive) - { - throw ErrorException (wstring (GetString ("TEMP_NOT_ON_SYS_PARTITION")) - + GetString ("LEAKS_OUTSIDE_SYSPART_UNIVERSAL_EXPLANATION"), SRC_POS); - } - } - - - // This operation may take a long time when an antivirus is installed and its real-time protection enabled. - // Therefore, if calling it without the wizard displayed, it should be called with displayWaitDialog set to true. - void BootEncryption::Deinstall (bool displayWaitDialog) - { - BootEncryptionStatus encStatus = GetStatus(); - - if (encStatus.DriveEncrypted || encStatus.DriveMounted) - throw ParameterIncorrect (SRC_POS); - - SystemDriveConfiguration config = GetSystemDriveConfiguration (); - - if (encStatus.VolumeHeaderPresent) - { - // Verify CRC of header salt - Device device (config.DevicePath, true); - device.CheckOpened (SRC_POS); - byte header[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE]; - - device.SeekAt (TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET); - device.Read (header, sizeof (header)); - - if (encStatus.VolumeHeaderSaltCrc32 != GetCrc32 ((byte *) header, PKCS5_SALT_SIZE)) - throw ParameterIncorrect (SRC_POS); - } - - try - { - RegisterFilterDriver (false, DriveFilter); - RegisterFilterDriver (false, VolumeFilter); - RegisterFilterDriver (false, DumpFilter); - SetDriverServiceStartType (SERVICE_SYSTEM_START); - } - catch (...) - { - try - { - RegisterBootDriver (IsHiddenSystemRunning()); - } - catch (...) { } - - throw; - } - - SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_NONE); // In case RestoreSystemLoader() fails - - try - { - RegisterSystemFavoritesService (false); - } - catch (...) { } - - try - { - if (displayWaitDialog) - DisplayStaticModelessWaitDlg (ParentWindow); - - finally_do_arg (bool, displayWaitDialog, { if (finally_arg) CloseStaticModelessWaitDlg(); }); - - RestoreSystemLoader (); - } - catch (Exception &e) - { - e.Show (ParentWindow); - throw ErrorException ("SYS_LOADER_RESTORE_FAILED", SRC_POS); - } - } - - - int BootEncryption::ChangePassword (Password *oldPassword, int old_pkcs5, int old_pim, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg) - { - BootEncryptionStatus encStatus = GetStatus(); - - if (encStatus.SetupInProgress || (wipePassCount <= 0)) - throw ParameterIncorrect (SRC_POS); - - SystemDriveConfiguration config = GetSystemDriveConfiguration (); - - char header[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE]; - Device device (config.DevicePath); - device.CheckOpened (SRC_POS); - - // Only one algorithm is currently supported - if (pkcs5 != 0) - throw ParameterIncorrect (SRC_POS); - - int64 headerOffset = TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET; - int64 backupHeaderOffset = -1; - - if (encStatus.HiddenSystem) - { - headerOffset = encStatus.HiddenSystemPartitionStart + TC_HIDDEN_VOLUME_HEADER_OFFSET; - - // Find hidden system partition - foreach (const Partition &partition, config.Partitions) - { - if (partition.Info.StartingOffset.QuadPart == encStatus.HiddenSystemPartitionStart) - { - backupHeaderOffset = partition.Info.StartingOffset.QuadPart + partition.Info.PartitionLength.QuadPart - TC_VOLUME_HEADER_SIZE; - break; - } - } - - if (backupHeaderOffset == -1) - throw ParameterIncorrect (SRC_POS); - } - - device.SeekAt (headerOffset); - device.Read ((byte *) header, sizeof (header)); - - PCRYPTO_INFO cryptoInfo = NULL; - - int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, old_pkcs5, old_pim, FALSE, &cryptoInfo, NULL); - finally_do_arg (PCRYPTO_INFO, cryptoInfo, { if (finally_arg) crypto_close (finally_arg); }); - - if (status != 0) - { - handleError (hwndDlg, status, SRC_POS); - return status; - } - - // Change the PKCS-5 PRF if requested by user - if (pkcs5 != 0) - { - cryptoInfo->pkcs5 = pkcs5; - RandSetHashFunction (pkcs5); - } - - if (Randinit() != 0) - { - if (CryptoAPILastError == ERROR_SUCCESS) - throw RandInitFailed (SRC_POS, GetLastError ()); - else - throw CryptoApiFailed (SRC_POS, CryptoAPILastError); - } - finally_do ({ RandStop (FALSE); }); - - /* force the display of the random enriching dialog */ - SetRandomPoolEnrichedByUserStatus (FALSE); - - NormalCursor(); - UserEnrichRandomPool (hwndDlg); - WaitCursor(); - - /* The header will be re-encrypted wipePassCount times to prevent adversaries from using - techniques such as magnetic force microscopy or magnetic force scanning tunnelling microscopy - to recover the overwritten header. According to Peter Gutmann, data should be overwritten 22 - times (ideally, 35 times) using non-random patterns and pseudorandom data. However, as users might - impatiently interupt the process (etc.) we will not use the Gutmann's patterns but will write the - valid re-encrypted header, i.e. pseudorandom data, and there will be many more passes than Guttman - recommends. During each pass we will write a valid working header. Each pass will use the same master - key, and also the same header key, secondary key (XTS), etc., derived from the new password. The only - item that will be different for each pass will be the salt. This is sufficient to cause each "version" - of the header to differ substantially and in a random manner from the versions written during the - other passes. */ - - bool headerUpdated = false; - int result = ERR_SUCCESS; - - try - { - BOOL backupHeader = FALSE; - while (TRUE) - { - for (int wipePass = 0; wipePass < wipePassCount; wipePass++) - { - PCRYPTO_INFO tmpCryptoInfo = NULL; - - status = CreateVolumeHeaderInMemory (hwndDlg, !encStatus.HiddenSystem, - header, - cryptoInfo->ea, - cryptoInfo->mode, - newPassword, - cryptoInfo->pkcs5, - pim, - (char *) cryptoInfo->master_keydata, - &tmpCryptoInfo, - cryptoInfo->VolumeSize.Value, - cryptoInfo->hiddenVolumeSize, - cryptoInfo->EncryptedAreaStart.Value, - cryptoInfo->EncryptedAreaLength.Value, - cryptoInfo->RequiredProgramVersion, - cryptoInfo->HeaderFlags | TC_HEADER_FLAG_ENCRYPTED_SYSTEM, - cryptoInfo->SectorSize, - wipePass < wipePassCount - 1); - - if (tmpCryptoInfo) - crypto_close (tmpCryptoInfo); - - if (status != 0) - { - handleError (hwndDlg, status, SRC_POS); - return status; - } - - device.SeekAt (headerOffset); - device.Write ((byte *) header, sizeof (header)); - headerUpdated = true; - } - - if (!encStatus.HiddenSystem || backupHeader) - break; - - backupHeader = TRUE; - headerOffset = backupHeaderOffset; - } - } - catch (Exception &e) - { - e.Show (hwndDlg); - result = ERR_OS_ERROR; - } - - if (headerUpdated) - { - bool storedPimUpdateNeeded = false; - ReopenBootVolumeHeaderRequest reopenRequest; - reopenRequest.VolumePassword = *newPassword; - reopenRequest.pkcs5_prf = cryptoInfo->pkcs5; - reopenRequest.pim = pim; - finally_do_arg (ReopenBootVolumeHeaderRequest*, &reopenRequest, { burn (finally_arg, sizeof (*finally_arg)); }); - - if (old_pim != pim) - { - try - { - // check if PIM is stored in MBR - byte userConfig; - ReadBootSectorConfig (nullptr, 0, &userConfig); - if (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_PIM) - storedPimUpdateNeeded = true; - } - catch (...) - {} - } - - try - { - // force update of bootloader if fingerprint doesn't match or if the stored PIM changed - if (storedPimUpdateNeeded || !CheckBootloaderFingerprint (true)) - InstallBootLoader (device, true, false, pim); - } - catch (...) - {} - - CallDriver (TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER, &reopenRequest, sizeof (reopenRequest)); - } - - return result; - } - - - void BootEncryption::CheckEncryptionSetupResult () - { - CallDriver (TC_IOCTL_GET_BOOT_ENCRYPTION_SETUP_RESULT); - } - - - void BootEncryption::Install (bool hiddenSystem) - { - BootEncryptionStatus encStatus = GetStatus(); - if (encStatus.DriveMounted) - throw ParameterIncorrect (SRC_POS); - - try - { - InstallBootLoader (false, hiddenSystem); - - if (!hiddenSystem) - InstallVolumeHeader (); - - RegisterBootDriver (hiddenSystem); - } - catch (Exception &) - { - try - { - RestoreSystemLoader (); - } - catch (Exception &e) - { - e.Show (ParentWindow); - } - - throw; - } - } - - - void BootEncryption::PrepareHiddenOSCreation (int ea, int mode, int pkcs5) - { - BootEncryptionStatus encStatus = GetStatus(); - if (encStatus.DriveMounted) - throw ParameterIncorrect (SRC_POS); - - CheckRequirements(); - BackupSystemLoader(); - - SelectedEncryptionAlgorithmId = ea; - SelectedPrfAlgorithmId = pkcs5; - } - - - void BootEncryption::PrepareInstallation (bool systemPartitionOnly, Password &password, int ea, int mode, int pkcs5, int pim, const wstring &rescueIsoImagePath) - { - BootEncryptionStatus encStatus = GetStatus(); - if (encStatus.DriveMounted) - throw ParameterIncorrect (SRC_POS); - - CheckRequirements (); - - SystemDriveConfiguration config = GetSystemDriveConfiguration(); - - // Some chipset drivers may prevent access to the last sector of the drive - if (!systemPartitionOnly) - { - DISK_GEOMETRY geometry = GetDriveGeometry (config.DriveNumber); - if ((geometry.BytesPerSector > 0) && (geometry.BytesPerSector < TC_MAX_VOLUME_SECTOR_SIZE)) - { - Buffer sector (geometry.BytesPerSector); - - Device device (config.DevicePath); - device.CheckOpened (SRC_POS); - - try - { - device.SeekAt (config.DrivePartition.Info.PartitionLength.QuadPart - geometry.BytesPerSector); - device.Read (sector.Ptr(), (DWORD) sector.Size()); - } - catch (SystemException &e) - { - if (e.ErrorCode != ERROR_CRC) - { - e.Show (ParentWindow); - Error ("WHOLE_DRIVE_ENCRYPTION_PREVENTED_BY_DRIVERS", ParentWindow); - throw UserAbort (SRC_POS); - } - } - } - } - - BackupSystemLoader (); - - uint64 volumeSize; - uint64 encryptedAreaStart; - - if (systemPartitionOnly) - { - volumeSize = config.SystemPartition.Info.PartitionLength.QuadPart; - encryptedAreaStart = config.SystemPartition.Info.StartingOffset.QuadPart; - } - else - { - volumeSize = config.DrivePartition.Info.PartitionLength.QuadPart - TC_BOOT_LOADER_AREA_SIZE; - encryptedAreaStart = config.DrivePartition.Info.StartingOffset.QuadPart + TC_BOOT_LOADER_AREA_SIZE; - } - - SelectedEncryptionAlgorithmId = ea; - SelectedPrfAlgorithmId = pkcs5; - CreateVolumeHeader (volumeSize, encryptedAreaStart, &password, ea, mode, pkcs5, pim); - - if (!rescueIsoImagePath.empty()) - CreateRescueIsoImage (true, rescueIsoImagePath); - } - - bool BootEncryption::IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly) - { - if (!IsAdmin() && IsUacSupported()) - return Elevator::IsPagingFileActive (checkNonWindowsPartitionsOnly) ? true : false; - - return ::IsPagingFileActive (checkNonWindowsPartitionsOnly) ? true : false; - } - - void BootEncryption::RestrictPagingFilesToSystemPartition () - { - wchar_t pagingFiles[128] = {0}; - StringCchCopyW (pagingFiles, ARRAYSIZE(pagingFiles), L"X:\\pagefile.sys 0 0"); - pagingFiles[0] = GetWindowsDirectory()[0]; - - throw_sys_if (!WriteLocalMachineRegistryMultiString (L"System\\CurrentControlSet\\Control\\Session Manager\\Memory Management", L"PagingFiles", pagingFiles, (DWORD) (wcslen (pagingFiles) + 2) * sizeof (wchar_t))); - } - - void BootEncryption::WriteLocalMachineRegistryDwordValue (wchar_t *keyPath, wchar_t *valueName, DWORD value) - { - if (!IsAdmin() && IsUacSupported()) - { - Elevator::WriteLocalMachineRegistryDwordValue (keyPath, valueName, value); - return; - } - - throw_sys_if (!WriteLocalMachineRegistryDword (keyPath, valueName, value)); - } - - void BootEncryption::StartDecryption (BOOL discardUnreadableEncryptedSectors) - { - BootEncryptionStatus encStatus = GetStatus(); - - if (!encStatus.DeviceFilterActive || !encStatus.DriveMounted || encStatus.SetupInProgress) - throw ParameterIncorrect (SRC_POS); - - BootEncryptionSetupRequest request; - ZeroMemory (&request, sizeof (request)); - - request.SetupMode = SetupDecryption; - request.DiscardUnreadableEncryptedSectors = discardUnreadableEncryptedSectors; - - CallDriver (TC_IOCTL_BOOT_ENCRYPTION_SETUP, &request, sizeof (request), NULL, 0); - } - - void BootEncryption::StartEncryption (WipeAlgorithmId wipeAlgorithm, bool zeroUnreadableSectors) - { - BootEncryptionStatus encStatus = GetStatus(); - - if (!encStatus.DeviceFilterActive || !encStatus.DriveMounted || encStatus.SetupInProgress) - throw ParameterIncorrect (SRC_POS); - - BootEncryptionSetupRequest request; - ZeroMemory (&request, sizeof (request)); - - request.SetupMode = SetupEncryption; - request.WipeAlgorithm = wipeAlgorithm; - request.ZeroUnreadableSectors = zeroUnreadableSectors; - - CallDriver (TC_IOCTL_BOOT_ENCRYPTION_SETUP, &request, sizeof (request), NULL, 0); - } - - void BootEncryption::CopyFileAdmin (const wstring &sourceFile, const wstring &destinationFile) - { - if (!IsAdmin()) - { - if (!IsUacSupported()) - { - SetLastError (ERROR_ACCESS_DENIED); - throw SystemException(SRC_POS); - } - else - Elevator::CopyFile (sourceFile, destinationFile); - } - else - throw_sys_if (!::CopyFile (sourceFile.c_str(), destinationFile.c_str(), FALSE)); - } - - void BootEncryption::DeleteFileAdmin (const wstring &file) - { - if (!IsAdmin() && IsUacSupported()) - Elevator::DeleteFile (file); - else - throw_sys_if (!::DeleteFile (file.c_str())); - } - -#endif // !SETUP - - uint32 BootEncryption::ReadDriverConfigurationFlags () - { - DWORD configMap; - - if (!ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", TC_DRIVER_CONFIG_REG_VALUE_NAME, &configMap)) - configMap = 0; - - return configMap; - } - - void BootEncryption::WriteBootDriveSector (uint64 offset, byte *data) - { - WriteBootDriveSectorRequest request; - request.Offset.QuadPart = offset; - memcpy (request.Data, data, sizeof (request.Data)); - - CallDriver (TC_IOCTL_WRITE_BOOT_DRIVE_SECTOR, &request, sizeof (request), NULL, 0); - } - - void BootEncryption::RegisterBootDriver (bool hiddenSystem) - { - SetDriverServiceStartType (SERVICE_BOOT_START); - - try - { - RegisterFilterDriver (false, DriveFilter); - RegisterFilterDriver (false, VolumeFilter); - RegisterFilterDriver (false, DumpFilter); - } - catch (...) { } - - try - { - RegisterFilterDriver (true, DriveFilter); - - if (hiddenSystem) - RegisterFilterDriver (true, VolumeFilter); - - RegisterFilterDriver (true, DumpFilter); - } - catch (...) - { - try { RegisterFilterDriver (false, DriveFilter); } catch (...) { } - try { RegisterFilterDriver (false, VolumeFilter); } catch (...) { } - try { RegisterFilterDriver (false, DumpFilter); } catch (...) { } - try { SetDriverServiceStartType (SERVICE_SYSTEM_START); } catch (...) { } - - throw; - } - } - - bool BootEncryption::RestartComputer (void) - { - return (::RestartComputer() != FALSE); - } -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Tcdefs.h" +#include "Platform/Finally.h" +#include "Platform/ForEach.h" +#include +#include +#include +#include +#include "BootEncryption.h" +#include "Boot/Windows/BootCommon.h" +#include "Common/Resource.h" +#include "Crc.h" +#include "Crypto.h" +#include "Dlgcode.h" +#include "Endian.h" +#include "Language.h" +#include "Random.h" +#include "Registry.h" +#include "Volumes.h" + +#ifdef VOLFORMAT +#include "Format/FormatCom.h" +#elif defined (TCMOUNT) +#include "Mount/MainCom.h" +#endif + +#include + +namespace VeraCrypt +{ +#if !defined (SETUP) + + class Elevator + { + public: + + static void AddReference () + { + ++ReferenceCount; + } + + + static void CallDriver (DWORD ioctl, void *input, DWORD inputSize, void *output, DWORD outputSize) + { + Elevate(); + + CComBSTR inputBstr; + if (input && inputBstr.AppendBytes ((const char *) input, inputSize) != S_OK) + throw ParameterIncorrect (SRC_POS); + + CComBSTR outputBstr; + if (output && outputBstr.AppendBytes ((const char *) output, outputSize) != S_OK) + throw ParameterIncorrect (SRC_POS); + + DWORD result = ElevatedComInstance->CallDriver (ioctl, inputBstr, &outputBstr); + + if (output) + memcpy (output, *(void **) &outputBstr, outputSize); + + if (result != ERROR_SUCCESS) + { + SetLastError (result); + throw SystemException(SRC_POS); + } + } + + static void CopyFile (const wstring &sourceFile, const wstring &destinationFile) + { + Elevate(); + DWORD result; + CComBSTR sourceFileBstr, destinationFileBstr; + BSTR bstr = W2BSTR(sourceFile.c_str()); + if (bstr) + { + sourceFileBstr.Attach (bstr); + + bstr = W2BSTR(destinationFile.c_str()); + if (bstr) + { + destinationFileBstr.Attach (bstr); + result = ElevatedComInstance->CopyFile (sourceFileBstr, destinationFileBstr); + } + else + { + result = ERROR_OUTOFMEMORY; + } + } + else + { + result = ERROR_OUTOFMEMORY; + } + + if (result != ERROR_SUCCESS) + { + SetLastError (result); + throw SystemException(SRC_POS); + } + } + + static void DeleteFile (const wstring &file) + { + Elevate(); + CComBSTR fileBstr; + DWORD result; + BSTR bstr = W2BSTR(file.c_str()); + if (bstr) + { + fileBstr.Attach (bstr); + result = ElevatedComInstance->DeleteFile (fileBstr); + } + else + { + result = ERROR_OUTOFMEMORY; + } + + if (result != ERROR_SUCCESS) + { + SetLastError (result); + throw SystemException(SRC_POS); + } + } + + static void ReadWriteFile (BOOL write, BOOL device, const wstring &filePath, byte *buffer, uint64 offset, uint32 size, DWORD *sizeDone) + { + Elevate(); + + DWORD result; + CComBSTR bufferBstr, fileBstr; + if (bufferBstr.AppendBytes ((const char *) buffer, size) != S_OK) + throw ParameterIncorrect (SRC_POS); + BSTR bstr = W2BSTR(filePath.c_str()); + if (bstr) + { + fileBstr.Attach (bstr); + result = ElevatedComInstance->ReadWriteFile (write, device, fileBstr, &bufferBstr, offset, size, sizeDone); + } + else + { + result = ERROR_OUTOFMEMORY; + } + + if (result != ERROR_SUCCESS) + { + SetLastError (result); + throw SystemException(SRC_POS); + } + + if (!write) + memcpy (buffer, (BYTE *) bufferBstr.m_str, size); + } + + static BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly) + { + Elevate(); + + return ElevatedComInstance->IsPagingFileActive (checkNonWindowsPartitionsOnly); + } + + static void WriteLocalMachineRegistryDwordValue (wchar_t *keyPath, wchar_t *valueName, DWORD value) + { + Elevate(); + DWORD result; + CComBSTR keyPathBstr, valueNameBstr; + BSTR bstr = W2BSTR(keyPath); + if (bstr) + { + keyPathBstr.Attach (bstr); + + bstr = W2BSTR(valueName); + if (bstr) + { + valueNameBstr.Attach (bstr); + + result = ElevatedComInstance->WriteLocalMachineRegistryDwordValue (keyPathBstr, valueNameBstr, value); + } + else + { + result = ERROR_OUTOFMEMORY; + } + } + else + { + result = ERROR_OUTOFMEMORY; + } + + if (result != ERROR_SUCCESS) + { + SetLastError (result); + throw SystemException(SRC_POS); + } + } + + static void RegisterFilterDriver (bool registerDriver, BootEncryption::FilterType filterType) + { + Elevate(); + + DWORD result = ElevatedComInstance->RegisterFilterDriver (registerDriver ? TRUE : FALSE, filterType); + if (result != ERROR_SUCCESS) + { + SetLastError (result); + throw SystemException(SRC_POS); + } + } + + static void RegisterSystemFavoritesService (BOOL registerService) + { + Elevate(); + + DWORD result = ElevatedComInstance->RegisterSystemFavoritesService (registerService); + if (result != ERROR_SUCCESS) + { + SetLastError (result); + throw SystemException(SRC_POS); + } + } + + static void Release () + { + if (--ReferenceCount == 0 && ElevatedComInstance) + { + ElevatedComInstance->Release(); + ElevatedComInstance = nullptr; + CoUninitialize (); + } + } + + static void SetDriverServiceStartType (DWORD startType) + { + Elevate(); + + DWORD result = ElevatedComInstance->SetDriverServiceStartType (startType); + if (result != ERROR_SUCCESS) + { + SetLastError (result); + throw SystemException(SRC_POS); + } + } + + protected: + static void Elevate () + { + if (IsAdmin()) + { + SetLastError (ERROR_ACCESS_DENIED); + throw SystemException(SRC_POS); + } + + if (!ElevatedComInstance || ElevatedComInstanceThreadId != GetCurrentThreadId()) + { + CoInitialize (NULL); + ElevatedComInstance = GetElevatedInstance (GetActiveWindow() ? GetActiveWindow() : MainDlg); + ElevatedComInstanceThreadId = GetCurrentThreadId(); + } + } + +#if defined (TCMOUNT) + static ITrueCryptMainCom *ElevatedComInstance; +#elif defined (VOLFORMAT) + static ITrueCryptFormatCom *ElevatedComInstance; +#endif + static DWORD ElevatedComInstanceThreadId; + static int ReferenceCount; + }; + +#if defined (TCMOUNT) + ITrueCryptMainCom *Elevator::ElevatedComInstance; +#elif defined (VOLFORMAT) + ITrueCryptFormatCom *Elevator::ElevatedComInstance; +#endif + DWORD Elevator::ElevatedComInstanceThreadId; + int Elevator::ReferenceCount = 0; + +#else // SETUP + + class Elevator + { + public: + static void AddReference () { } + static void CallDriver (DWORD ioctl, void *input, DWORD inputSize, void *output, DWORD outputSize) { throw ParameterIncorrect (SRC_POS); } + static void ReadWriteFile (BOOL write, BOOL device, const wstring &filePath, byte *buffer, uint64 offset, uint32 size, DWORD *sizeDone) { throw ParameterIncorrect (SRC_POS); } + static void RegisterFilterDriver (bool registerDriver, BootEncryption::FilterType filterType) { throw ParameterIncorrect (SRC_POS); } + static void Release () { } + static void SetDriverServiceStartType (DWORD startType) { throw ParameterIncorrect (SRC_POS); } + }; + +#endif // SETUP + + + File::File (wstring path, bool readOnly, bool create) : Elevated (false), FileOpen (false), LastError(0) + { + Handle = CreateFile (path.c_str(), + readOnly ? GENERIC_READ : GENERIC_READ | GENERIC_WRITE, + FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, create ? CREATE_ALWAYS : OPEN_EXISTING, + FILE_FLAG_RANDOM_ACCESS | FILE_FLAG_WRITE_THROUGH, NULL); + + if (Handle != INVALID_HANDLE_VALUE) + { + FileOpen = true; + } + else + { + LastError = GetLastError(); + if (LastError == ERROR_ACCESS_DENIED && IsUacSupported()) + { + Elevated = true; + FileOpen = true; + } + } + + FilePointerPosition = 0; + IsDevice = false; + Path = path; + } + + void File::Close () + { + if (Handle != INVALID_HANDLE_VALUE) + { + CloseHandle (Handle); + Handle = INVALID_HANDLE_VALUE; + } + + FileOpen = false; + } + + DWORD File::Read (byte *buffer, DWORD size) + { + DWORD bytesRead; + + if (!FileOpen) + { + SetLastError (LastError); + throw SystemException (SRC_POS); + } + + if (Elevated) + { + DWORD bytesRead; + + Elevator::ReadWriteFile (false, IsDevice, Path, buffer, FilePointerPosition, size, &bytesRead); + FilePointerPosition += bytesRead; + return bytesRead; + } + + throw_sys_if (!ReadFile (Handle, buffer, size, &bytesRead, NULL)); + return bytesRead; + } + + void File::SeekAt (int64 position) + { + if (!FileOpen) + { + SetLastError (LastError); + throw SystemException (SRC_POS); + } + + FilePointerPosition = position; + + if (!Elevated) + { + LARGE_INTEGER pos; + pos.QuadPart = position; + throw_sys_if (!SetFilePointerEx (Handle, pos, NULL, FILE_BEGIN)); + } + } + + void File::Write (byte *buffer, DWORD size) + { + DWORD bytesWritten; + + if (!FileOpen) + { + SetLastError (LastError); + throw SystemException (SRC_POS); + } + + try + { + if (Elevated) + { + Elevator::ReadWriteFile (true, IsDevice, Path, buffer, FilePointerPosition, size, &bytesWritten); + FilePointerPosition += bytesWritten; + throw_sys_if (bytesWritten != size); + } + else + { + throw_sys_if (!WriteFile (Handle, buffer, size, &bytesWritten, NULL) || bytesWritten != size); + } + } + catch (SystemException &e) + { + if (!IsDevice || e.ErrorCode != ERROR_WRITE_PROTECT) + throw; + + BootEncryption bootEnc (NULL); + + while (size >= TC_SECTOR_SIZE_BIOS) + { + bootEnc.WriteBootDriveSector (FilePointerPosition, buffer); + + FilePointerPosition += TC_SECTOR_SIZE_BIOS; + buffer += TC_SECTOR_SIZE_BIOS; + size -= TC_SECTOR_SIZE_BIOS; + } + } + } + + void Show (HWND parent, const wstring &str) + { + MessageBox (parent, str.c_str(), NULL, 0); + } + + + Device::Device (wstring path, bool readOnly) + { + FileOpen = false; + Elevated = false; + + Handle = CreateFile ((wstring (L"\\\\.\\") + path).c_str(), + readOnly ? GENERIC_READ : GENERIC_READ | GENERIC_WRITE, + FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, + FILE_FLAG_RANDOM_ACCESS | FILE_FLAG_WRITE_THROUGH, NULL); + + if (Handle != INVALID_HANDLE_VALUE) + { + FileOpen = true; + } + else + { + LastError = GetLastError (); + if (LastError == ERROR_ACCESS_DENIED && IsUacSupported()) + { + Elevated = true; + FileOpen = true; + } + } + + FilePointerPosition = 0; + IsDevice = true; + Path = path; + } + + + BootEncryption::BootEncryption (HWND parent) + : DriveConfigValid (false), + ParentWindow (parent), + RealSystemDriveSizeValid (false), + RescueIsoImage (nullptr), + RescueVolumeHeaderValid (false), + SelectedEncryptionAlgorithmId (0), + SelectedPrfAlgorithmId (0), + VolumeHeaderValid (false) + { + HiddenOSCandidatePartition.IsGPT = FALSE; + HiddenOSCandidatePartition.Number = (size_t) -1; + DriveConfig.DriveNumber = -1; + DriveConfig.ExtraBootPartitionPresent = false; + DriveConfig.SystemLoaderPresent = false; + DriveConfig.InitialUnallocatedSpace = 0; + DriveConfig.TotalUnallocatedSpace = 0; + Elevator::AddReference(); + } + + + BootEncryption::~BootEncryption () + { + if (RescueIsoImage) + delete[] RescueIsoImage; + + Elevator::Release(); + } + + + void BootEncryption::CallDriver (DWORD ioctl, void *input, DWORD inputSize, void *output, DWORD outputSize) + { + try + { + DWORD bytesReturned; + throw_sys_if (!DeviceIoControl (hDriver, ioctl, input, inputSize, output, outputSize, &bytesReturned, NULL)); + } + catch (SystemException &) + { + if (GetLastError() == ERROR_ACCESS_DENIED && IsUacSupported()) + Elevator::CallDriver (ioctl, input, inputSize, output, outputSize); + else + throw; + } + } + + + // Finds the first partition physically located behind the active one and returns its properties + Partition BootEncryption::GetPartitionForHiddenOS () + { + Partition candidatePartition; + + memset (&candidatePartition, 0, sizeof(candidatePartition)); + + // The user may have modified/added/deleted partitions since the time the partition table was last scanned + InvalidateCachedSysDriveProperties(); + + SystemDriveConfiguration config = GetSystemDriveConfiguration (); + bool activePartitionFound = false; + bool candidateForHiddenOSFound = false; + + if (config.SystemPartition.IsGPT) + throw ParameterIncorrect (SRC_POS); // It is assumed that CheckRequirements() had been called + + // Find the first active partition on the system drive + foreach (const Partition &partition, config.Partitions) + { + if (partition.Info.BootIndicator) + { + if (partition.Info.PartitionNumber != config.SystemPartition.Number) + { + // If there is an extra boot partition, the system partition must be located right behind it + if (IsOSAtLeast (WIN_7) && config.ExtraBootPartitionPresent) + { + int64 minOffsetFound = config.DrivePartition.Info.PartitionLength.QuadPart; + Partition bootPartition = partition; + Partition partitionBehindBoot; + + foreach (const Partition &partition, config.Partitions) + { + if (partition.Info.StartingOffset.QuadPart > bootPartition.Info.StartingOffset.QuadPart + && partition.Info.StartingOffset.QuadPart < minOffsetFound) + { + minOffsetFound = partition.Info.StartingOffset.QuadPart; + partitionBehindBoot = partition; + } + } + + if (minOffsetFound != config.DrivePartition.Info.PartitionLength.QuadPart + && partitionBehindBoot.Number == config.SystemPartition.Number) + { + activePartitionFound = true; + break; + } + } + + throw ErrorException (wstring (GetString ("SYSTEM_PARTITION_NOT_ACTIVE")) + + GetRemarksOnHiddenOS(), SRC_POS); + } + + activePartitionFound = true; + break; + } + } + + /* WARNING: Note that the partition number at the end of a device path (\Device\HarddiskY\PartitionX) must + NOT be used to find the first partition physically located behind the active one. The reason is that the + user may have deleted and created partitions during this session and e.g. the second partition could have + a higer number than the third one. */ + + + // Find the first partition physically located behind the active partition + if (activePartitionFound) + { + int64 minOffsetFound = config.DrivePartition.Info.PartitionLength.QuadPart; + + foreach (const Partition &partition, config.Partitions) + { + if (partition.Info.StartingOffset.QuadPart > config.SystemPartition.Info.StartingOffset.QuadPart + && partition.Info.StartingOffset.QuadPart < minOffsetFound) + { + minOffsetFound = partition.Info.StartingOffset.QuadPart; + + candidatePartition = partition; + + candidateForHiddenOSFound = true; + } + } + + if (!candidateForHiddenOSFound) + { + throw ErrorException (wstring (GetString ("NO_PARTITION_FOLLOWS_BOOT_PARTITION")) + + GetRemarksOnHiddenOS(), SRC_POS); + } + + if (config.SystemPartition.Info.PartitionLength.QuadPart > TC_MAX_FAT_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS) + { + if ((double) candidatePartition.Info.PartitionLength.QuadPart / config.SystemPartition.Info.PartitionLength.QuadPart < MIN_HIDDENOS_DECOY_PARTITION_SIZE_RATIO_NTFS) + { + throw ErrorException (wstring (GetString ("PARTITION_TOO_SMALL_FOR_HIDDEN_OS_NTFS")) + + GetRemarksOnHiddenOS(), SRC_POS); + } + } + else if ((double) candidatePartition.Info.PartitionLength.QuadPart / config.SystemPartition.Info.PartitionLength.QuadPart < MIN_HIDDENOS_DECOY_PARTITION_SIZE_RATIO_FAT) + { + throw ErrorException (wstring (GetString ("PARTITION_TOO_SMALL_FOR_HIDDEN_OS")) + + GetRemarksOnHiddenOS(), SRC_POS); + } + } + else + { + // No active partition on the system drive + throw ErrorException ("SYSTEM_PARTITION_NOT_ACTIVE", SRC_POS); + } + + HiddenOSCandidatePartition = candidatePartition; + return candidatePartition; + } + + + DWORD BootEncryption::GetDriverServiceStartType () + { + DWORD startType; + throw_sys_if (!ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", L"Start", &startType)); + return startType; + } + + + wstring BootEncryption::GetRemarksOnHiddenOS () + { + return (wstring (L"\n\n") + + GetString ("TWO_SYSTEMS_IN_ONE_PARTITION_REMARK") + + L"\n\n" + + GetString ("FOR_MORE_INFO_ON_PARTITIONS")); + } + + + void BootEncryption::SetDriverServiceStartType (DWORD startType) + { + if (!IsAdmin() && IsUacSupported()) + { + Elevator::SetDriverServiceStartType (startType); + return; + } + + BOOL startOnBoot = (startType == SERVICE_BOOT_START); + + SC_HANDLE serviceManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); + throw_sys_if (!serviceManager); + + finally_do_arg (SC_HANDLE, serviceManager, { CloseServiceHandle (finally_arg); }); + + SC_HANDLE service = OpenService (serviceManager, L"veracrypt", SERVICE_CHANGE_CONFIG); + throw_sys_if (!service); + + finally_do_arg (SC_HANDLE, service, { CloseServiceHandle (finally_arg); }); + + // Windows versions preceding Vista can be installed on FAT filesystem which does not + // support long filenames during boot. Convert the driver path to short form if required. + wstring driverPath; + if (startOnBoot && !IsOSAtLeast (WIN_VISTA)) + { + wchar_t pathBuf[MAX_PATH]; + wchar_t filesystem[128]; + + wstring path (GetWindowsDirectory()); + path += L"\\drivers\\veracrypt.sys"; + + if (GetVolumePathName (path.c_str(), pathBuf, ARRAYSIZE (pathBuf)) + && GetVolumeInformation (pathBuf, NULL, 0, NULL, NULL, NULL, filesystem, ARRAYSIZE(filesystem)) + && wmemcmp (filesystem, L"FAT", 3) == 0) + { + throw_sys_if (GetShortPathName (path.c_str(), pathBuf, ARRAYSIZE (pathBuf)) == 0); + + // Convert absolute path to relative to the Windows directory + driverPath = pathBuf; + driverPath = driverPath.substr (driverPath.rfind (L"\\", driverPath.rfind (L"\\", driverPath.rfind (L"\\") - 1) - 1) + 1); + } + } + + throw_sys_if (!ChangeServiceConfig (service, SERVICE_NO_CHANGE, SERVICE_NO_CHANGE, + startOnBoot ? SERVICE_ERROR_SEVERE : SERVICE_ERROR_NORMAL, + driverPath.empty() ? NULL : driverPath.c_str(), + startOnBoot ? L"Filter" : NULL, + NULL, NULL, NULL, NULL, NULL)); + + // ChangeServiceConfig() rejects SERVICE_BOOT_START with ERROR_INVALID_PARAMETER + throw_sys_if (!WriteLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", L"Start", startType)); + } + + + void BootEncryption::ProbeRealSystemDriveSize () + { + if (RealSystemDriveSizeValid) + return; + + GetSystemDriveConfiguration(); + + ProbeRealDriveSizeRequest request; + StringCchCopyW (request.DeviceName, ARRAYSIZE (request.DeviceName), DriveConfig.DrivePartition.DevicePath.c_str()); + + CallDriver (TC_IOCTL_PROBE_REAL_DRIVE_SIZE, &request, sizeof (request), &request, sizeof (request)); + DriveConfig.DrivePartition.Info.PartitionLength = request.RealDriveSize; + + RealSystemDriveSizeValid = true; + + if (request.TimeOut) + throw TimeOut (SRC_POS); + } + + + void BootEncryption::InvalidateCachedSysDriveProperties () + { + DriveConfigValid = false; + RealSystemDriveSizeValid = false; + } + + + PartitionList BootEncryption::GetDrivePartitions (int driveNumber) + { + PartitionList partList; + + for (int partNumber = 0; partNumber < 64; ++partNumber) + { + wstringstream partPath; + partPath << L"\\Device\\Harddisk" << driveNumber << L"\\Partition" << partNumber; + + DISK_PARTITION_INFO_STRUCT diskPartInfo = {0}; + StringCchCopyW (diskPartInfo.deviceName, ARRAYSIZE (diskPartInfo.deviceName), partPath.str().c_str()); + + try + { + CallDriver (TC_IOCTL_GET_DRIVE_PARTITION_INFO, &diskPartInfo, sizeof (diskPartInfo), &diskPartInfo, sizeof (diskPartInfo)); + } + catch (...) + { + continue; + } + + if ( (diskPartInfo.IsGPT == TRUE || diskPartInfo.IsGPT == FALSE) + && (diskPartInfo.IsDynamic == TRUE || diskPartInfo.IsDynamic == FALSE) + && (diskPartInfo.partInfo.BootIndicator == TRUE || diskPartInfo.partInfo.BootIndicator == FALSE) + && (diskPartInfo.partInfo.RecognizedPartition == TRUE || diskPartInfo.partInfo.RecognizedPartition == FALSE) + && (diskPartInfo.partInfo.RewritePartition == TRUE || diskPartInfo.partInfo.RewritePartition == FALSE) + && (diskPartInfo.partInfo.StartingOffset.QuadPart >= 0) + && (diskPartInfo.partInfo.PartitionLength.QuadPart >= 0) + ) + { + Partition part; + part.DevicePath = partPath.str(); + part.Number = partNumber; + part.Info = diskPartInfo.partInfo; + part.IsGPT = diskPartInfo.IsGPT; + + // Mount point + int driveNumber = GetDiskDeviceDriveLetter ((wchar_t *) partPath.str().c_str()); + + if (driveNumber >= 0) + { + part.MountPoint += (wchar_t) (driveNumber + L'A'); + part.MountPoint += L":"; + } + + // Volume ID + wchar_t volumePath[TC_MAX_PATH]; + if (ResolveSymbolicLink ((wchar_t *) partPath.str().c_str(), volumePath, sizeof(volumePath))) + { + wchar_t volumeName[TC_MAX_PATH]; + HANDLE fh = FindFirstVolumeW (volumeName, array_capacity (volumeName)); + if (fh != INVALID_HANDLE_VALUE) + { + do + { + wstring volumeNameStr = volumeName; + wchar_t devicePath[TC_MAX_PATH]; + + if (QueryDosDeviceW (volumeNameStr.substr (4, volumeNameStr.size() - 1 - 4).c_str(), devicePath, array_capacity (devicePath)) != 0 + && wcscmp (volumePath, devicePath) == 0) + { + part.VolumeNameId = volumeName; + break; + } + + } while (FindNextVolumeW (fh, volumeName, array_capacity (volumeName))); + + FindVolumeClose (fh); + } + } + + partList.push_back (part); + } + } + + return partList; + } + + + DISK_GEOMETRY BootEncryption::GetDriveGeometry (int driveNumber) + { + wstringstream devName; + devName << L"\\Device\\Harddisk" << driveNumber << L"\\Partition0"; + + DISK_GEOMETRY geometry; + throw_sys_if (!::GetDriveGeometry (devName.str().c_str(), &geometry)); + return geometry; + } + + + wstring BootEncryption::GetWindowsDirectory () + { + wchar_t buf[MAX_PATH]; + throw_sys_if (GetSystemDirectory (buf, ARRAYSIZE (buf)) == 0); + + return wstring (buf); + } + + + + uint16 BootEncryption::GetInstalledBootLoaderVersion () + { + uint16 version; + CallDriver (TC_IOCTL_GET_BOOT_LOADER_VERSION, NULL, 0, &version, sizeof (version)); + return version; + } + + void BootEncryption::GetInstalledBootLoaderFingerprint (byte fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE]) + { + BootLoaderFingerprintRequest request; + CallDriver (VC_IOCTL_GET_BOOT_LOADER_FINGERPRINT, NULL, 0, &request, sizeof (request)); + memcpy (fingerprint, request.Fingerprint, sizeof (request.Fingerprint)); + } + + // Note that this does not require admin rights (it just requires the driver to be running) + bool BootEncryption::IsBootLoaderOnDrive (wchar_t *devicePath) + { + try + { + OPEN_TEST_STRUCT openTestStruct; + memset (&openTestStruct, 0, sizeof (openTestStruct)); + DWORD dwResult; + + StringCchCopyW (&openTestStruct.wszFileName[0], ARRAYSIZE(openTestStruct.wszFileName),devicePath); + + openTestStruct.bDetectTCBootLoader = TRUE; + + return (DeviceIoControl (hDriver, TC_IOCTL_OPEN_TEST, + &openTestStruct, sizeof (OPEN_TEST_STRUCT), + &openTestStruct, sizeof (OPEN_TEST_STRUCT), + &dwResult, NULL) && openTestStruct.TCBootLoaderDetected); + } + catch (...) + { + return false; + } + } + + + BootEncryptionStatus BootEncryption::GetStatus () + { + /* IMPORTANT: Do NOT add any potentially time-consuming operations to this function. */ + + BootEncryptionStatus status; + CallDriver (TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS, NULL, 0, &status, sizeof (status)); + return status; + } + + + void BootEncryption::GetVolumeProperties (VOLUME_PROPERTIES_STRUCT *properties) + { + if (properties == NULL) + throw ParameterIncorrect (SRC_POS); + + CallDriver (TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES, NULL, 0, properties, sizeof (*properties)); + } + + + bool BootEncryption::IsHiddenSystemRunning () + { + int hiddenSystemStatus; + + CallDriver (TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING, nullptr, 0, &hiddenSystemStatus, sizeof (hiddenSystemStatus)); + return hiddenSystemStatus != 0; + } + + + bool BootEncryption::SystemDriveContainsPartitionType (byte type) + { + Device device (GetSystemDriveConfiguration().DevicePath, true); + device.CheckOpened (SRC_POS); + + byte mbrBuf[TC_SECTOR_SIZE_BIOS]; + device.SeekAt (0); + device.Read (mbrBuf, sizeof (mbrBuf)); + + MBR *mbr = reinterpret_cast (mbrBuf); + if (mbr->Signature != 0xaa55) + throw ParameterIncorrect (SRC_POS); + + for (size_t i = 0; i < array_capacity (mbr->Partitions); ++i) + { + if (mbr->Partitions[i].Type == type) + return true; + } + + return false; + } + + + bool BootEncryption::SystemDriveContainsExtendedPartition () + { + return SystemDriveContainsPartitionType (PARTITION_EXTENDED) || SystemDriveContainsPartitionType (PARTITION_XINT13_EXTENDED); + } + + + bool BootEncryption::SystemDriveContainsNonStandardPartitions () + { + for (int partitionType = 1; partitionType <= 0xff; ++partitionType) + { + switch (partitionType) + { + case PARTITION_FAT_12: + case PARTITION_FAT_16: + case PARTITION_EXTENDED: + case PARTITION_HUGE: + case PARTITION_IFS: + case PARTITION_FAT32: + case PARTITION_FAT32_XINT13: + case PARTITION_XINT13: + case PARTITION_XINT13_EXTENDED: + continue; + } + + if (SystemDriveContainsPartitionType ((byte) partitionType)) + return true; + } + + return false; + } + + + bool BootEncryption::SystemDriveIsDynamic () + { + GetSystemDriveConfigurationRequest request; + StringCchCopyW (request.DevicePath, ARRAYSIZE (request.DevicePath), GetSystemDriveConfiguration().DeviceKernelPath.c_str()); + + CallDriver (TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG, &request, sizeof (request), &request, sizeof (request)); + return request.DriveIsDynamic ? true : false; + } + + + SystemDriveConfiguration BootEncryption::GetSystemDriveConfiguration () + { + if (DriveConfigValid) + return DriveConfig; + + SystemDriveConfiguration config; + + wstring winDir = GetWindowsDirectory(); + + // Scan all drives + for (int driveNumber = 0; driveNumber < 32; ++driveNumber) + { + bool windowsFound = false; + bool activePartitionFound = false; + config.ExtraBootPartitionPresent = false; + config.SystemLoaderPresent = false; + + PartitionList partitions = GetDrivePartitions (driveNumber); + foreach (const Partition &part, partitions) + { + if (!part.MountPoint.empty() + && (_waccess ((part.MountPoint + L"\\bootmgr").c_str(), 0) == 0 || _waccess ((part.MountPoint + L"\\ntldr").c_str(), 0) == 0)) + { + config.SystemLoaderPresent = true; + } + else if (!part.VolumeNameId.empty() + && (_waccess ((part.VolumeNameId + L"\\bootmgr").c_str(), 0) == 0 || _waccess ((part.VolumeNameId + L"\\ntldr").c_str(), 0) == 0)) + { + config.SystemLoaderPresent = true; + } + + if (!windowsFound && !part.MountPoint.empty() && ToUpperCase (winDir).find (ToUpperCase (part.MountPoint)) == 0) + { + config.SystemPartition = part; + windowsFound = true; + } + + if (!activePartitionFound && part.Info.BootIndicator) + { + activePartitionFound = true; + + if (part.Info.PartitionLength.QuadPart > 0 && part.Info.PartitionLength.QuadPart <= TC_MAX_EXTRA_BOOT_PARTITION_SIZE) + config.ExtraBootPartitionPresent = true; + } + } + + if (windowsFound) + { + config.DriveNumber = driveNumber; + + wstringstream ss; + ss << L"PhysicalDrive" << driveNumber; + config.DevicePath = ss.str(); + + wstringstream kernelPath; + kernelPath << L"\\Device\\Harddisk" << driveNumber << L"\\Partition0"; + config.DeviceKernelPath = kernelPath.str(); + + config.DrivePartition = partitions.front(); + partitions.pop_front(); + config.Partitions = partitions; + + config.InitialUnallocatedSpace = 0x7fffFFFFffffFFFFull; + config.TotalUnallocatedSpace = config.DrivePartition.Info.PartitionLength.QuadPart; + + foreach (const Partition &part, config.Partitions) + { + if (part.Info.StartingOffset.QuadPart < config.InitialUnallocatedSpace) + config.InitialUnallocatedSpace = part.Info.StartingOffset.QuadPart; + + config.TotalUnallocatedSpace -= part.Info.PartitionLength.QuadPart; + } + + DriveConfig = config; + DriveConfigValid = true; + return DriveConfig; + } + } + + throw ParameterIncorrect (SRC_POS); + } + + + bool BootEncryption::SystemPartitionCoversWholeDrive () + { + SystemDriveConfiguration config = GetSystemDriveConfiguration(); + + if (IsOSAtLeast (WIN_7) + && config.Partitions.size() == 2 + && config.ExtraBootPartitionPresent + && config.DrivePartition.Info.PartitionLength.QuadPart - config.SystemPartition.Info.PartitionLength.QuadPart < 164 * BYTES_PER_MB) + { + return true; + } + + return config.Partitions.size() == 1 + && config.DrivePartition.Info.PartitionLength.QuadPart - config.SystemPartition.Info.PartitionLength.QuadPart < 64 * BYTES_PER_MB; + } + + + uint32 BootEncryption::GetChecksum (byte *data, size_t size) + { + uint32 sum = 0; + + while (size-- > 0) + { + sum += *data++; + sum = _rotl (sum, 1); + } + + return sum; + } + + + void BootEncryption::CreateBootLoaderInMemory (byte *buffer, size_t bufferSize, bool rescueDisk, bool hiddenOSCreation) + { + if (bufferSize < TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE) + throw ParameterIncorrect (SRC_POS); + + ZeroMemory (buffer, bufferSize); + + int ea = 0; + int pkcs5_prf = 0; + if (GetStatus().DriveMounted) + { + try + { + GetBootEncryptionAlgorithmNameRequest request; + // since we added new field to GetBootEncryptionAlgorithmNameRequest since version 1.0f + // we zero all the structure so that if we are talking to an older driver, the field + // BootPrfAlgorithmName will be an empty string + ZeroMemory(&request, sizeof(request)); + CallDriver (TC_IOCTL_GET_BOOT_ENCRYPTION_ALGORITHM_NAME, NULL, 0, &request, sizeof (request)); + + if (_stricmp (request.BootEncryptionAlgorithmName, "AES") == 0) + ea = AES; + else if (_stricmp (request.BootEncryptionAlgorithmName, "Serpent") == 0) + ea = SERPENT; + else if (_stricmp (request.BootEncryptionAlgorithmName, "Twofish") == 0) + ea = TWOFISH; + + if (_stricmp(request.BootPrfAlgorithmName, "SHA-256") == 0) + pkcs5_prf = SHA256; + else if (_stricmp(request.BootPrfAlgorithmName, "RIPEMD-160") == 0) + pkcs5_prf = RIPEMD160; + else if (strlen(request.BootPrfAlgorithmName) == 0) // case of version < 1.0f + pkcs5_prf = RIPEMD160; + } + catch (...) + { + try + { + VOLUME_PROPERTIES_STRUCT properties; + GetVolumeProperties (&properties); + ea = properties.ea; + pkcs5_prf = properties.pkcs5; + } + catch (...) { } + } + } + else + { + if (SelectedEncryptionAlgorithmId == 0 || SelectedPrfAlgorithmId == 0) + throw ParameterIncorrect (SRC_POS); + + ea = SelectedEncryptionAlgorithmId; + pkcs5_prf = SelectedPrfAlgorithmId; + } + + // Only RIPEMD160 and SHA-256 are supported for boot loader + if (pkcs5_prf != RIPEMD160 && pkcs5_prf != SHA256) + throw ParameterIncorrect (SRC_POS); + + int bootSectorId = 0; + int bootLoaderId = 0; + + if (pkcs5_prf == SHA256) + { + bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_SHA2 : IDR_BOOT_SECTOR_SHA2; + bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_SHA2 : IDR_BOOT_LOADER_SHA2; + } + else + { + bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR : IDR_BOOT_SECTOR; + bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER : IDR_BOOT_LOADER; + } + + switch (ea) + { + case AES: + if (pkcs5_prf == SHA256) + { + bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_AES_SHA2 : IDR_BOOT_SECTOR_AES_SHA2; + bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_AES_SHA2 : IDR_BOOT_LOADER_AES_SHA2; + } + else + { + bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_AES : IDR_BOOT_SECTOR_AES; + bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_AES : IDR_BOOT_LOADER_AES; + } + break; + + case SERPENT: + if (pkcs5_prf == SHA256) + { + bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_SERPENT_SHA2 : IDR_BOOT_SECTOR_SERPENT_SHA2; + bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_SERPENT_SHA2 : IDR_BOOT_LOADER_SERPENT_SHA2; + } + else + { + bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_SERPENT : IDR_BOOT_SECTOR_SERPENT; + bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_SERPENT : IDR_BOOT_LOADER_SERPENT; + } + break; + + case TWOFISH: + if (pkcs5_prf == SHA256) + { + bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_TWOFISH_SHA2 : IDR_BOOT_SECTOR_TWOFISH_SHA2; + bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_TWOFISH_SHA2 : IDR_BOOT_LOADER_TWOFISH_SHA2; + } + else + { + bootSectorId = rescueDisk ? IDR_RESCUE_BOOT_SECTOR_TWOFISH : IDR_BOOT_SECTOR_TWOFISH; + bootLoaderId = rescueDisk ? IDR_RESCUE_LOADER_TWOFISH : IDR_BOOT_LOADER_TWOFISH; + } + break; + } + + // Boot sector + DWORD size; + byte *bootSecResourceImg = MapResource (L"BIN", bootSectorId, &size); + if (!bootSecResourceImg || size != TC_SECTOR_SIZE_BIOS) + throw ParameterIncorrect (SRC_POS); + + memcpy (buffer, bootSecResourceImg, size); + + *(uint16 *) (buffer + TC_BOOT_SECTOR_VERSION_OFFSET) = BE16 (VERSION_NUM); + + if (IsOSAtLeast (WIN_VISTA)) + buffer[TC_BOOT_SECTOR_CONFIG_OFFSET] |= TC_BOOT_CFG_FLAG_WINDOWS_VISTA_OR_LATER; + + if (rescueDisk && (ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION)) + buffer[TC_BOOT_SECTOR_CONFIG_OFFSET] |= TC_BOOT_CFG_FLAG_RESCUE_DISABLE_HW_ENCRYPTION; + + // Checksum of the backup header of the outer volume for the hidden system + if (hiddenOSCreation) + { + Device device (GetSystemDriveConfiguration().DevicePath); + device.CheckOpened (SRC_POS); + byte headerSector[TC_SECTOR_SIZE_BIOS]; + + device.SeekAt (HiddenOSCandidatePartition.Info.StartingOffset.QuadPart + HiddenOSCandidatePartition.Info.PartitionLength.QuadPart - TC_VOLUME_HEADER_GROUP_SIZE + TC_VOLUME_HEADER_EFFECTIVE_SIZE); + device.Read (headerSector, sizeof (headerSector)); + + *(uint32 *) (buffer + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET) = GetCrc32 (headerSector, sizeof (headerSector)); + } + + // Decompressor + byte *decompressor = MapResource (L"BIN", IDR_BOOT_LOADER_DECOMPRESSOR, &size); + if (!decompressor || size > TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS) + throw ParameterIncorrect (SRC_POS); + + memcpy (buffer + TC_SECTOR_SIZE_BIOS, decompressor, size); + + // Compressed boot loader + byte *bootLoader = MapResource (L"BIN", bootLoaderId, &size); + if (!bootLoader || size > TC_MAX_BOOT_LOADER_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS) + throw ParameterIncorrect (SRC_POS); + + memcpy (buffer + TC_SECTOR_SIZE_BIOS + TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS, bootLoader, size); + + // Boot loader and decompressor checksum + *(uint16 *) (buffer + TC_BOOT_SECTOR_LOADER_LENGTH_OFFSET) = static_cast (size); + *(uint32 *) (buffer + TC_BOOT_SECTOR_LOADER_CHECKSUM_OFFSET) = GetChecksum (buffer + TC_SECTOR_SIZE_BIOS, + TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS + size); + + // Backup of decompressor and boot loader + if (size + TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS <= TC_BOOT_LOADER_BACKUP_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS) + { + memcpy (buffer + TC_SECTOR_SIZE_BIOS + TC_BOOT_LOADER_BACKUP_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS, + buffer + TC_SECTOR_SIZE_BIOS, TC_BOOT_LOADER_BACKUP_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS); + + buffer[TC_BOOT_SECTOR_CONFIG_OFFSET] |= TC_BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE; + } + else if (!rescueDisk && bootLoaderId != IDR_BOOT_LOADER && bootLoaderId != IDR_BOOT_LOADER_SHA2) + { + throw ParameterIncorrect (SRC_POS); + } + } + + + void BootEncryption::ReadBootSectorConfig (byte *config, size_t bufLength, byte *userConfig, string *customUserMessage, uint16 *bootLoaderVersion) + { + if (config && bufLength < TC_BOOT_CFG_FLAG_AREA_SIZE) + throw ParameterIncorrect (SRC_POS); + + GetSystemDriveConfigurationRequest request; + StringCchCopyW (request.DevicePath, ARRAYSIZE (request.DevicePath), GetSystemDriveConfiguration().DeviceKernelPath.c_str()); + + try + { + CallDriver (TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG, &request, sizeof (request), &request, sizeof (request)); + if (config) + *config = request.Configuration; + + if (userConfig) + *userConfig = request.UserConfiguration; + + if (customUserMessage) + { + request.CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH] = 0; + *customUserMessage = request.CustomUserMessage; + } + + if (bootLoaderVersion) + *bootLoaderVersion = request.BootLoaderVersion; + } + catch (...) + { + if (config) + *config = 0; + + if (userConfig) + *userConfig = 0; + + if (customUserMessage) + customUserMessage->clear(); + + if (bootLoaderVersion) + *bootLoaderVersion = 0; + } + } + + + void BootEncryption::WriteBootSectorConfig (const byte newConfig[]) + { + Device device (GetSystemDriveConfiguration().DevicePath); + device.CheckOpened (SRC_POS); + byte mbr[TC_SECTOR_SIZE_BIOS]; + + device.SeekAt (0); + device.Read (mbr, sizeof (mbr)); + + memcpy (mbr + TC_BOOT_SECTOR_CONFIG_OFFSET, newConfig, TC_BOOT_CFG_FLAG_AREA_SIZE); + + device.SeekAt (0); + device.Write (mbr, sizeof (mbr)); + + byte mbrVerificationBuf[TC_SECTOR_SIZE_BIOS]; + device.SeekAt (0); + device.Read (mbrVerificationBuf, sizeof (mbr)); + + if (memcmp (mbr, mbrVerificationBuf, sizeof (mbr)) != 0) + throw ErrorException ("ERROR_MBR_PROTECTED", SRC_POS); + } + + + void BootEncryption::WriteBootSectorUserConfig (byte userConfig, const string &customUserMessage, int pim) + { + Device device (GetSystemDriveConfiguration().DevicePath); + device.CheckOpened (SRC_POS); + byte mbr[TC_SECTOR_SIZE_BIOS]; + + device.SeekAt (0); + device.Read (mbr, sizeof (mbr)); + + if (!BufferContainsString (mbr, sizeof (mbr), TC_APP_NAME) + || BE16 (*(uint16 *) (mbr + TC_BOOT_SECTOR_VERSION_OFFSET)) != VERSION_NUM) + { + return; + } + + mbr[TC_BOOT_SECTOR_USER_CONFIG_OFFSET] = userConfig; + + memset (mbr + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, 0, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH); + + if (!customUserMessage.empty()) + { + if (customUserMessage.size() > TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH) + throw ParameterIncorrect (SRC_POS); + + memcpy (mbr + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, customUserMessage.c_str(), customUserMessage.size()); + } + + if (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_PIM) + { + // PIM for pre-boot authentication can be encoded on two bytes since its maximum + // value is 65535 (0xFFFF) + memcpy (mbr + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, &pim, TC_BOOT_SECTOR_PIM_VALUE_SIZE); + } + else + memset (mbr + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, 0, TC_BOOT_SECTOR_PIM_VALUE_SIZE); + + device.SeekAt (0); + device.Write (mbr, sizeof (mbr)); + + byte mbrVerificationBuf[TC_SECTOR_SIZE_BIOS]; + device.SeekAt (0); + device.Read (mbrVerificationBuf, sizeof (mbr)); + + if (memcmp (mbr, mbrVerificationBuf, sizeof (mbr)) != 0) + throw ErrorException ("ERROR_MBR_PROTECTED", SRC_POS); + } + + + unsigned int BootEncryption::GetHiddenOSCreationPhase () + { + byte configFlags [TC_BOOT_CFG_FLAG_AREA_SIZE]; + + ReadBootSectorConfig (configFlags, sizeof(configFlags)); + + return (configFlags[0] & TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE); + } + + + void BootEncryption::SetHiddenOSCreationPhase (unsigned int newPhase) + { +#if TC_BOOT_CFG_FLAG_AREA_SIZE != 1 +# error TC_BOOT_CFG_FLAG_AREA_SIZE != 1; revise GetHiddenOSCreationPhase() and SetHiddenOSCreationPhase() +#endif + byte configFlags [TC_BOOT_CFG_FLAG_AREA_SIZE]; + + ReadBootSectorConfig (configFlags, sizeof(configFlags)); + + configFlags[0] &= (byte) ~TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE; + + configFlags[0] |= newPhase; + + WriteBootSectorConfig (configFlags); + } + + +#ifndef SETUP + + void BootEncryption::StartDecoyOSWipe (WipeAlgorithmId wipeAlgorithm) + { + if (!IsHiddenOSRunning()) + throw ParameterIncorrect (SRC_POS); + + WipeDecoySystemRequest request; + ZeroMemory (&request, sizeof (request)); + + request.WipeAlgorithm = wipeAlgorithm; + + if (Randinit() != ERR_SUCCESS) + { + if (CryptoAPILastError == ERROR_SUCCESS) + throw RandInitFailed (SRC_POS, GetLastError ()); + else + throw CryptoApiFailed (SRC_POS, CryptoAPILastError); + } + + /* force the display of the random enriching dialog */ + SetRandomPoolEnrichedByUserStatus (FALSE); + + UserEnrichRandomPool (ParentWindow); + + if (!RandgetBytes (ParentWindow, request.WipeKey, sizeof (request.WipeKey), TRUE)) + throw ParameterIncorrect (SRC_POS); + + CallDriver (TC_IOCTL_START_DECOY_SYSTEM_WIPE, &request, sizeof (request), NULL, 0); + + burn (&request, sizeof (request)); + } + + + void BootEncryption::AbortDecoyOSWipe () + { + CallDriver (TC_IOCTL_ABORT_DECOY_SYSTEM_WIPE); + } + + + DecoySystemWipeStatus BootEncryption::GetDecoyOSWipeStatus () + { + DecoySystemWipeStatus status; + CallDriver (TC_IOCTL_GET_DECOY_SYSTEM_WIPE_STATUS, NULL, 0, &status, sizeof (status)); + return status; + } + + + void BootEncryption::CheckDecoyOSWipeResult () + { + CallDriver (TC_IOCTL_GET_DECOY_SYSTEM_WIPE_RESULT); + } + + + void BootEncryption::WipeHiddenOSCreationConfig () + { + if (IsHiddenOSRunning()) + throw ParameterIncorrect (SRC_POS); + + if (Randinit() != ERR_SUCCESS) + { + if (CryptoAPILastError == ERROR_SUCCESS) + throw RandInitFailed (SRC_POS, GetLastError ()); + else + throw CryptoApiFailed (SRC_POS, CryptoAPILastError); + } + + Device device (GetSystemDriveConfiguration().DevicePath); + device.CheckOpened(SRC_POS); + byte mbr[TC_SECTOR_SIZE_BIOS]; + + device.SeekAt (0); + device.Read (mbr, sizeof (mbr)); + + finally_do_arg (BootEncryption *, this, + { + try + { + finally_arg->SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_NONE); + } catch (...) { } + }); + +#if PRAND_DISK_WIPE_PASSES > RNG_POOL_SIZE +# error PRAND_DISK_WIPE_PASSES > RNG_POOL_SIZE +#endif + + byte randData[PRAND_DISK_WIPE_PASSES]; + if (!RandgetBytes (ParentWindow, randData, sizeof (randData), FALSE)) + throw ParameterIncorrect (SRC_POS); + + for (int wipePass = 0; wipePass < PRAND_DISK_WIPE_PASSES; wipePass++) + { + for (int i = 0; i < TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE; ++i) + { + mbr[TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET + i] = randData[wipePass]; + } + + mbr[TC_BOOT_SECTOR_CONFIG_OFFSET] &= (byte) ~TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE; + mbr[TC_BOOT_SECTOR_CONFIG_OFFSET] |= randData[wipePass] & TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE; + + if (wipePass == PRAND_DISK_WIPE_PASSES - 1) + memset (mbr + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET, 0, TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE); + + device.SeekAt (0); + device.Write (mbr, sizeof (mbr)); + } + + for (int wipePass = 0; wipePass < PRAND_DISK_WIPE_PASSES/4 + 1; wipePass++) + { + SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_NONE); + SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_CLONING); + SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_WIPING); + SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_WIPED); + } + SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_NONE); + } + +#endif // !SETUP + + + void BootEncryption::InstallBootLoader (bool preserveUserConfig, bool hiddenOSCreation) + { + Device device (GetSystemDriveConfiguration().DevicePath); + device.CheckOpened (SRC_POS); + + InstallBootLoader (device, preserveUserConfig, hiddenOSCreation); + } + + void BootEncryption::InstallBootLoader (Device& device, bool preserveUserConfig, bool hiddenOSCreation, int pim) + { + byte bootLoaderBuf[TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE] = {0}; + CreateBootLoaderInMemory (bootLoaderBuf, sizeof (bootLoaderBuf), false, hiddenOSCreation); + + // Write MBR + byte mbr[TC_SECTOR_SIZE_BIOS]; + + device.SeekAt (0); + device.Read (mbr, sizeof (mbr)); + + if (preserveUserConfig && BufferContainsString (mbr, sizeof (mbr), TC_APP_NAME)) + { + uint16 version = BE16 (*(uint16 *) (mbr + TC_BOOT_SECTOR_VERSION_OFFSET)); + if (version != 0) + { + bootLoaderBuf[TC_BOOT_SECTOR_USER_CONFIG_OFFSET] = mbr[TC_BOOT_SECTOR_USER_CONFIG_OFFSET]; + memcpy (bootLoaderBuf + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, mbr + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH); + + if (bootLoaderBuf[TC_BOOT_SECTOR_USER_CONFIG_OFFSET] & TC_BOOT_USER_CFG_FLAG_DISABLE_PIM) + { + if (pim >= 0) + { + memcpy (bootLoaderBuf + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, &pim, TC_BOOT_SECTOR_PIM_VALUE_SIZE); + } + else + memcpy (bootLoaderBuf + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, mbr + TC_BOOT_SECTOR_PIM_VALUE_OFFSET, TC_BOOT_SECTOR_PIM_VALUE_SIZE); + } + } + } + + memcpy (mbr, bootLoaderBuf, TC_MAX_MBR_BOOT_CODE_SIZE); + + device.SeekAt (0); + device.Write (mbr, sizeof (mbr)); + + byte mbrVerificationBuf[TC_SECTOR_SIZE_BIOS]; + device.SeekAt (0); + device.Read (mbrVerificationBuf, sizeof (mbr)); + + if (memcmp (mbr, mbrVerificationBuf, sizeof (mbr)) != 0) + throw ErrorException ("ERROR_MBR_PROTECTED", SRC_POS); + + // Write boot loader + device.SeekAt (TC_SECTOR_SIZE_BIOS); + device.Write (bootLoaderBuf + TC_SECTOR_SIZE_BIOS, sizeof (bootLoaderBuf) - TC_SECTOR_SIZE_BIOS); + } + +#ifndef SETUP + bool BootEncryption::CheckBootloaderFingerprint (bool bSilent) + { + byte bootLoaderBuf[TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE] = {0}; + byte fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE]; + byte expectedFingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE]; + bool bRet = false; + + try + { + // read bootloader fingerprint + GetInstalledBootLoaderFingerprint (fingerprint); + + // compute expected fingerprint + CreateBootLoaderInMemory (bootLoaderBuf, sizeof (bootLoaderBuf), false, false); + ::ComputeBootloaderFingerprint (bootLoaderBuf, sizeof (bootLoaderBuf), expectedFingerprint); + + // compare values + if (0 == memcmp (fingerprint, expectedFingerprint, sizeof (expectedFingerprint))) + { + bRet = true; + } + } + catch (SystemException &e) + { + if (!bSilent && (GetLastError () != ERROR_INVALID_IMAGE_HASH)) + e.Show (ParentWindow); + } + catch (Exception& e) + { + if (!bSilent) + e.Show (ParentWindow); + } + + return bRet; + } +#endif + + wstring BootEncryption::GetSystemLoaderBackupPath () + { + WCHAR pathBuf[MAX_PATH]; + + throw_sys_if (!SUCCEEDED (SHGetFolderPath (NULL, CSIDL_COMMON_APPDATA | CSIDL_FLAG_CREATE, NULL, 0, pathBuf))); + + wstring path = wstring (pathBuf) + L"\\" _T(TC_APP_NAME); + CreateDirectory (path.c_str(), NULL); + + return path + L'\\' + TC_SYS_BOOT_LOADER_BACKUP_NAME; + } + + + void BootEncryption::RenameDeprecatedSystemLoaderBackup () + { + WCHAR pathBuf[MAX_PATH]; + + if (SUCCEEDED (SHGetFolderPath (NULL, CSIDL_COMMON_APPDATA, NULL, 0, pathBuf))) + { + wstring path = wstring (pathBuf) + L"\\" _T(TC_APP_NAME) + L'\\' + TC_SYS_BOOT_LOADER_BACKUP_NAME_LEGACY; + + if (FileExists (path.c_str()) && !FileExists (GetSystemLoaderBackupPath().c_str())) + throw_sys_if (_wrename (path.c_str(), GetSystemLoaderBackupPath().c_str()) != 0); + } + } + + +#ifndef SETUP + void BootEncryption::CreateRescueIsoImage (bool initialSetup, const wstring &isoImagePath) + { + BootEncryptionStatus encStatus = GetStatus(); + if (encStatus.SetupInProgress) + throw ParameterIncorrect (SRC_POS); + + Buffer imageBuf (RescueIsoImageSize); + + byte *image = imageBuf.Ptr(); + memset (image, 0, RescueIsoImageSize); + + // Primary volume descriptor + const char* szPrimVolDesc = "\001CD001\001"; + const char* szPrimVolLabel = "VeraCrypt Rescue Disk "; + memcpy (image + 0x8000, szPrimVolDesc, strlen(szPrimVolDesc) + 1); + memcpy (image + 0x7fff + 41, szPrimVolLabel, strlen(szPrimVolLabel) + 1); + *(uint32 *) (image + 0x7fff + 81) = RescueIsoImageSize / 2048; + *(uint32 *) (image + 0x7fff + 85) = BE32 (RescueIsoImageSize / 2048); + image[0x7fff + 121] = 1; + image[0x7fff + 124] = 1; + image[0x7fff + 125] = 1; + image[0x7fff + 128] = 1; + image[0x7fff + 130] = 8; + image[0x7fff + 131] = 8; + + image[0x7fff + 133] = 10; + image[0x7fff + 140] = 10; + image[0x7fff + 141] = 0x14; + image[0x7fff + 157] = 0x22; + image[0x7fff + 159] = 0x18; + + // Boot record volume descriptor + const char* szBootRecDesc = "CD001\001EL TORITO SPECIFICATION"; + memcpy (image + 0x8801, szBootRecDesc, strlen(szBootRecDesc) + 1); + image[0x8800 + 0x47] = 0x19; + + // Volume descriptor set terminator + const char* szVolDescTerm = "\377CD001\001"; + memcpy (image + 0x9000, szVolDescTerm, strlen(szVolDescTerm) + 1); + + // Path table + image[0xA000 + 0] = 1; + image[0xA000 + 2] = 0x18; + image[0xA000 + 6] = 1; + + // Root directory + image[0xc000 + 0] = 0x22; + image[0xc000 + 2] = 0x18; + image[0xc000 + 9] = 0x18; + image[0xc000 + 11] = 0x08; + image[0xc000 + 16] = 0x08; + image[0xc000 + 25] = 0x02; + image[0xc000 + 28] = 0x01; + image[0xc000 + 31] = 0x01; + image[0xc000 + 32] = 0x01; + image[0xc000 + 34] = 0x22; + image[0xc000 + 36] = 0x18; + image[0xc000 + 43] = 0x18; + image[0xc000 + 45] = 0x08; + image[0xc000 + 50] = 0x08; + image[0xc000 + 59] = 0x02; + image[0xc000 + 62] = 0x01; + *(uint32 *) (image + 0xc000 + 65) = 0x010101; + + // Validation entry + image[0xc800] = 1; + int offset = 0xc800 + 0x1c; + image[offset++] = 0xaa; + image[offset++] = 0x55; + image[offset++] = 0x55; + image[offset] = 0xaa; + + // Initial entry + offset = 0xc820; + image[offset++] = 0x88; + image[offset++] = 2; + image[0xc820 + 6] = 1; + image[0xc820 + 8] = TC_CD_BOOT_LOADER_SECTOR; + + // TrueCrypt Boot Loader + CreateBootLoaderInMemory (image + TC_CD_BOOTSECTOR_OFFSET, TC_BOOT_LOADER_AREA_SIZE, true); + + // Volume header + if (initialSetup) + { + if (!RescueVolumeHeaderValid) + throw ParameterIncorrect (SRC_POS); + + memcpy (image + TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET, RescueVolumeHeader, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); + } + else + { + Device bootDevice (GetSystemDriveConfiguration().DevicePath, true); + bootDevice.CheckOpened (SRC_POS); + bootDevice.SeekAt (TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET); + bootDevice.Read (image + TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); + } + + // Original system loader + try + { + File sysBakFile (GetSystemLoaderBackupPath(), true); + sysBakFile.CheckOpened (SRC_POS); + sysBakFile.Read (image + TC_CD_BOOTSECTOR_OFFSET + TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET, TC_BOOT_LOADER_AREA_SIZE); + + image[TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_SECTOR_CONFIG_OFFSET] |= TC_BOOT_CFG_FLAG_RESCUE_DISK_ORIG_SYS_LOADER; + } + catch (Exception &e) + { + e.Show (ParentWindow); + Warning ("SYS_LOADER_UNAVAILABLE_FOR_RESCUE_DISK", ParentWindow); + } + + // Boot loader backup + CreateBootLoaderInMemory (image + TC_CD_BOOTSECTOR_OFFSET + TC_BOOT_LOADER_BACKUP_RESCUE_DISK_SECTOR_OFFSET, TC_BOOT_LOADER_AREA_SIZE, false); + + RescueIsoImage = new byte[RescueIsoImageSize]; + if (!RescueIsoImage) + throw bad_alloc(); + memcpy (RescueIsoImage, image, RescueIsoImageSize); + + if (!isoImagePath.empty()) + { + File isoFile (isoImagePath, false, true); + isoFile.Write (image, RescueIsoImageSize); + } + } +#endif + + + bool BootEncryption::IsCDRecorderPresent () + { + ICDBurn* pICDBurn; + BOOL bHasRecorder = FALSE; + + if (SUCCEEDED( CoCreateInstance (CLSID_CDBurn, NULL,CLSCTX_INPROC_SERVER,IID_ICDBurn,(LPVOID*)&pICDBurn))) + { + if (pICDBurn->HasRecordableDrive (&bHasRecorder) != S_OK) + { + bHasRecorder = FALSE; + } + pICDBurn->Release(); + } + return bHasRecorder? true : false; + } + + + bool BootEncryption::VerifyRescueDisk () + { + if (!RescueIsoImage) + throw ParameterIncorrect (SRC_POS); + + for (WCHAR drive = L'Z'; drive >= L'C'; --drive) + { + try + { + WCHAR rootPath[4] = { drive, L':', L'\\', 0}; + UINT driveType = GetDriveType (rootPath); + // check that it is a CD/DVD drive or a removable media in case a bootable + // USB key was created from the rescue disk ISO file + if ((DRIVE_CDROM == driveType) || (DRIVE_REMOVABLE == driveType)) + { + rootPath[2] = 0; // remove trailing backslash + + Device driveDevice (rootPath, true); + driveDevice.CheckOpened (SRC_POS); + size_t verifiedSectorCount = (TC_CD_BOOTSECTOR_OFFSET + TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET + TC_BOOT_LOADER_AREA_SIZE) / 2048; + Buffer buffer ((verifiedSectorCount + 1) * 2048); + + DWORD bytesRead = driveDevice.Read (buffer.Ptr(), (DWORD) buffer.Size()); + if (bytesRead != buffer.Size()) + continue; + + if (memcmp (buffer.Ptr(), RescueIsoImage, buffer.Size()) == 0) + return true; + } + } + catch (...) { } + } + + return false; + } + + bool BootEncryption::VerifyRescueDiskIsoImage (const wchar_t* imageFile) + { + if (!RescueIsoImage) + throw ParameterIncorrect (SRC_POS); + + try + { + File isoFile (imageFile, true); + isoFile.CheckOpened (SRC_POS); + size_t verifiedSectorCount = (TC_CD_BOOTSECTOR_OFFSET + TC_ORIG_BOOT_LOADER_BACKUP_SECTOR_OFFSET + TC_BOOT_LOADER_AREA_SIZE) / 2048; + Buffer buffer ((verifiedSectorCount + 1) * 2048); + + DWORD bytesRead = isoFile.Read (buffer.Ptr(), (DWORD) buffer.Size()); + if ( (bytesRead == buffer.Size()) + && (memcmp (buffer.Ptr(), RescueIsoImage, buffer.Size()) == 0) + ) + { + return true; + } + } + catch (...) { } + + return false; + } + + +#ifndef SETUP + + void BootEncryption::CreateVolumeHeader (uint64 volumeSize, uint64 encryptedAreaStart, Password *password, int ea, int mode, int pkcs5, int pim) + { + PCRYPTO_INFO cryptoInfo = NULL; + + if (!IsRandomNumberGeneratorStarted()) + throw ParameterIncorrect (SRC_POS); + + throw_sys_if (CreateVolumeHeaderInMemory (ParentWindow, TRUE, (char *) VolumeHeader, ea, mode, password, pkcs5, pim, NULL, &cryptoInfo, + volumeSize, 0, encryptedAreaStart, 0, TC_SYSENC_KEYSCOPE_MIN_REQ_PROG_VERSION, TC_HEADER_FLAG_ENCRYPTED_SYSTEM, TC_SECTOR_SIZE_BIOS, FALSE) != 0); + + finally_do_arg (PCRYPTO_INFO*, &cryptoInfo, { crypto_close (*finally_arg); }); + + // Initial rescue disk assumes encryption of the drive has been completed (EncryptedAreaLength == volumeSize) + memcpy (RescueVolumeHeader, VolumeHeader, sizeof (RescueVolumeHeader)); + if (0 != ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, pim, FALSE, NULL, cryptoInfo)) + throw ParameterIncorrect (SRC_POS); + + DecryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); + + if (GetHeaderField32 (RescueVolumeHeader, TC_HEADER_OFFSET_MAGIC) != 0x56455241) + throw ParameterIncorrect (SRC_POS); + + byte *fieldPos = RescueVolumeHeader + TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH; + mputInt64 (fieldPos, volumeSize); + + // CRC of the header fields + uint32 crc = GetCrc32 (RescueVolumeHeader + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC); + fieldPos = RescueVolumeHeader + TC_HEADER_OFFSET_HEADER_CRC; + mputLong (fieldPos, crc); + + EncryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); + + VolumeHeaderValid = true; + RescueVolumeHeaderValid = true; + } + + + void BootEncryption::InstallVolumeHeader () + { + if (!VolumeHeaderValid) + throw ParameterIncorrect (SRC_POS); + + Device device (GetSystemDriveConfiguration().DevicePath); + device.CheckOpened (SRC_POS); + + device.SeekAt (TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET); + device.Write ((byte *) VolumeHeader, sizeof (VolumeHeader)); + } + + + // For synchronous operations use AbortSetupWait() + void BootEncryption::AbortSetup () + { + CallDriver (TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP); + } + + + // For asynchronous operations use AbortSetup() + void BootEncryption::AbortSetupWait () + { + CallDriver (TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP); + + BootEncryptionStatus encStatus = GetStatus(); + + while (encStatus.SetupInProgress) + { + Sleep (TC_ABORT_TRANSFORM_WAIT_INTERVAL); + encStatus = GetStatus(); + } + } + + + void BootEncryption::BackupSystemLoader () + { + Device device (GetSystemDriveConfiguration().DevicePath, true); + device.CheckOpened (SRC_POS); + byte bootLoaderBuf[TC_BOOT_LOADER_AREA_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS]; + + device.SeekAt (0); + device.Read (bootLoaderBuf, sizeof (bootLoaderBuf)); + + // Prevent TrueCrypt loader from being backed up + for (size_t i = 0; i < sizeof (bootLoaderBuf) - strlen (TC_APP_NAME); ++i) + { + if (memcmp (bootLoaderBuf + i, TC_APP_NAME, strlen (TC_APP_NAME)) == 0) + { + if (AskWarnNoYes ("TC_BOOT_LOADER_ALREADY_INSTALLED", ParentWindow) == IDNO) + throw UserAbort (SRC_POS); + return; + } + } + + File backupFile (GetSystemLoaderBackupPath(), false, true); + backupFile.Write (bootLoaderBuf, sizeof (bootLoaderBuf)); + } + + + void BootEncryption::RestoreSystemLoader () + { + byte bootLoaderBuf[TC_BOOT_LOADER_AREA_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS]; + + File backupFile (GetSystemLoaderBackupPath(), true); + backupFile.CheckOpened(SRC_POS); + if (backupFile.Read (bootLoaderBuf, sizeof (bootLoaderBuf)) != sizeof (bootLoaderBuf)) + throw ParameterIncorrect (SRC_POS); + + Device device (GetSystemDriveConfiguration().DevicePath); + device.CheckOpened (SRC_POS); + + // Preserve current partition table + byte mbr[TC_SECTOR_SIZE_BIOS]; + device.SeekAt (0); + device.Read (mbr, sizeof (mbr)); + memcpy (bootLoaderBuf + TC_MAX_MBR_BOOT_CODE_SIZE, mbr + TC_MAX_MBR_BOOT_CODE_SIZE, sizeof (mbr) - TC_MAX_MBR_BOOT_CODE_SIZE); + + device.SeekAt (0); + device.Write (bootLoaderBuf, sizeof (bootLoaderBuf)); + } + +#endif // SETUP + + void BootEncryption::RegisterFilter (bool registerFilter, FilterType filterType, const GUID *deviceClassGuid) + { + string filter; + string filterReg; + HKEY regKey; + + switch (filterType) + { + case DriveFilter: + case VolumeFilter: + filter = "veracrypt"; + filterReg = "UpperFilters"; + regKey = OpenDeviceClassRegKey (deviceClassGuid); + throw_sys_if (regKey == INVALID_HANDLE_VALUE); + + break; + + case DumpFilter: + if (!IsOSAtLeast (WIN_VISTA)) + return; + + filter = "veracrypt.sys"; + filterReg = "DumpFilters"; + SetLastError (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Control\\CrashControl", 0, KEY_READ | KEY_WRITE, ®Key)); + throw_sys_if (GetLastError() != ERROR_SUCCESS); + + break; + + default: + throw ParameterIncorrect (SRC_POS); + } + + finally_do_arg (HKEY, regKey, { RegCloseKey (finally_arg); }); + + if (registerFilter && filterType != DumpFilter) + { + // Register class filter below all other filters in the stack + + size_t strSize = filter.size() + 1; + byte regKeyBuf[65536]; + DWORD size = (DWORD) (sizeof (regKeyBuf) - strSize); + + // SetupInstallFromInfSection() does not support prepending of values so we have to modify the registry directly + StringCchCopyA ((char *) regKeyBuf, ARRAYSIZE(regKeyBuf), filter.c_str()); + + if (RegQueryValueExA (regKey, filterReg.c_str(), NULL, NULL, regKeyBuf + strSize, &size) != ERROR_SUCCESS) + size = 1; + + SetLastError (RegSetValueExA (regKey, filterReg.c_str(), 0, REG_MULTI_SZ, regKeyBuf, (DWORD) strSize + size)); + throw_sys_if (GetLastError() != ERROR_SUCCESS); + } + else + { + RegisterDriverInf (registerFilter, filter, filterReg, ParentWindow, regKey); + } + } + + void BootEncryption::RegisterFilterDriver (bool registerDriver, FilterType filterType) + { + if (!IsAdmin() && IsUacSupported()) + { + Elevator::RegisterFilterDriver (registerDriver, filterType); + return; + } + + switch (filterType) + { + case DriveFilter: + RegisterFilter (registerDriver, filterType, &GUID_DEVCLASS_DISKDRIVE); + break; + + case VolumeFilter: + RegisterFilter (registerDriver, filterType, &GUID_DEVCLASS_VOLUME); + RegisterFilter (registerDriver, filterType, &GUID_DEVCLASS_FLOPPYDISK); + break; + + case DumpFilter: + RegisterFilter (registerDriver, filterType); + break; + + default: + throw ParameterIncorrect (SRC_POS); + } + } + + void BootEncryption::RegisterSystemFavoritesService (BOOL registerService, BOOL noFileHandling) + { + SC_HANDLE scm = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); + throw_sys_if (!scm); + finally_do_arg (SC_HANDLE, scm, { CloseServiceHandle (finally_arg); }); + + wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); + wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); + + if (registerService) + { + try + { + RegisterSystemFavoritesService (FALSE, noFileHandling); + } + catch (...) { } + + if (!noFileHandling) + { + wchar_t appPath[TC_MAX_PATH]; + throw_sys_if (!GetModuleFileName (NULL, appPath, ARRAYSIZE (appPath))); + + throw_sys_if (!CopyFile (appPath, servicePath.c_str(), FALSE)); + } + + SC_HANDLE service = CreateService (scm, + TC_SYSTEM_FAVORITES_SERVICE_NAME, + _T(TC_APP_NAME) L" System Favorites", + SERVICE_ALL_ACCESS, + SERVICE_WIN32_OWN_PROCESS, + SERVICE_AUTO_START, + SERVICE_ERROR_NORMAL, + (wstring (L"\"") + servicePath + L"\" " TC_SYSTEM_FAVORITES_SERVICE_CMDLINE_OPTION).c_str(), + TC_SYSTEM_FAVORITES_SERVICE_LOAD_ORDER_GROUP, + NULL, + NULL, + NULL, + NULL); + + throw_sys_if (!service); + + SERVICE_DESCRIPTION description; + description.lpDescription = L"Mounts VeraCrypt system favorite volumes."; + ChangeServiceConfig2 (service, SERVICE_CONFIG_DESCRIPTION, &description); + + CloseServiceHandle (service); + + try + { + WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE); + WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE); + + SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, true); + } + catch (...) + { + try + { + RegisterSystemFavoritesService (FALSE, noFileHandling); + } + catch (...) { } + + throw; + } + } + else + { + SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, false); + + DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal", TC_SYSTEM_FAVORITES_SERVICE_NAME); + DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network", TC_SYSTEM_FAVORITES_SERVICE_NAME); + + SC_HANDLE service = OpenService (scm, TC_SYSTEM_FAVORITES_SERVICE_NAME, SERVICE_ALL_ACCESS); + throw_sys_if (!service); + + throw_sys_if (!DeleteService (service)); + CloseServiceHandle (service); + + if (!noFileHandling) + { + DeleteFile (servicePath.c_str()); + if (serviceLegacyPath != servicePath) + DeleteFile (serviceLegacyPath.c_str()); + } + } + } + + void BootEncryption::UpdateSystemFavoritesService () + { + SC_HANDLE scm = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); + throw_sys_if (!scm); + + finally_do_arg (SC_HANDLE, scm, { CloseServiceHandle (finally_arg); }); + + wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); + + // check if service exists + SC_HANDLE service = OpenService (scm, TC_SYSTEM_FAVORITES_SERVICE_NAME, SERVICE_ALL_ACCESS); + if (service) + { + finally_do_arg (SC_HANDLE, service, { CloseServiceHandle (finally_arg); }); + // ensure that its parameters are correct + throw_sys_if (!ChangeServiceConfig (service, + SERVICE_WIN32_OWN_PROCESS, + SERVICE_AUTO_START, + SERVICE_ERROR_NORMAL, + (wstring (L"\"") + servicePath + L"\" " TC_SYSTEM_FAVORITES_SERVICE_CMDLINE_OPTION).c_str(), + TC_SYSTEM_FAVORITES_SERVICE_LOAD_ORDER_GROUP, + NULL, + NULL, + NULL, + NULL, + _T(TC_APP_NAME) L" System Favorites")); + + } + else + { + RegisterSystemFavoritesService (TRUE, TRUE); + } + } + + void BootEncryption::SetDriverConfigurationFlag (uint32 flag, bool state) + { + DWORD configMap = ReadDriverConfigurationFlags(); + + if (state) + configMap |= flag; + else + configMap &= ~flag; +#ifdef SETUP + WriteLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", TC_DRIVER_CONFIG_REG_VALUE_NAME, configMap); +#else + WriteLocalMachineRegistryDwordValue (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", TC_DRIVER_CONFIG_REG_VALUE_NAME, configMap); +#endif + } + +#ifndef SETUP + + void BootEncryption::RegisterSystemFavoritesService (BOOL registerService) + { + if (!IsAdmin() && IsUacSupported()) + { + Elevator::RegisterSystemFavoritesService (registerService); + return; + } + + RegisterSystemFavoritesService (registerService, FALSE); + } + + void BootEncryption::CheckRequirements () + { + if (nCurrentOS == WIN_2000) + throw ErrorException ("SYS_ENCRYPTION_UNSUPPORTED_ON_CURRENT_OS", SRC_POS); + + if (CurrentOSMajor == 6 && CurrentOSMinor == 0 && CurrentOSServicePack < 1) + throw ErrorException ("SYS_ENCRYPTION_UNSUPPORTED_ON_VISTA_SP0", SRC_POS); + + if (IsNonInstallMode()) + throw ErrorException ("FEATURE_REQUIRES_INSTALLATION", SRC_POS); + + SystemDriveConfiguration config = GetSystemDriveConfiguration (); + + if (config.SystemPartition.IsGPT) + throw ErrorException ("GPT_BOOT_DRIVE_UNSUPPORTED", SRC_POS); + + if (SystemDriveIsDynamic()) + throw ErrorException ("SYSENC_UNSUPPORTED_FOR_DYNAMIC_DISK", SRC_POS); + + if (config.InitialUnallocatedSpace < TC_BOOT_LOADER_AREA_SIZE) + throw ErrorException ("NO_SPACE_FOR_BOOT_LOADER", SRC_POS); + + DISK_GEOMETRY geometry = GetDriveGeometry (config.DriveNumber); + + if (geometry.BytesPerSector != TC_SECTOR_SIZE_BIOS) + throw ErrorException ("SYSENC_UNSUPPORTED_SECTOR_SIZE_BIOS", SRC_POS); + + bool activePartitionFound = false; + if (!config.SystemPartition.IsGPT) + { + // Determine whether there is an Active partition on the system drive + foreach (const Partition &partition, config.Partitions) + { + if (partition.Info.BootIndicator) + { + activePartitionFound = true; + break; + } + } + } + + if (!config.SystemLoaderPresent || !activePartitionFound) + { + static bool confirmed = false; + + if (!confirmed && AskWarnNoYes ("WINDOWS_NOT_ON_BOOT_DRIVE_ERROR", ParentWindow) == IDNO) + throw UserAbort (SRC_POS); + + confirmed = true; + } + } + + + void BootEncryption::CheckRequirementsHiddenOS () + { + // It is assumed that CheckRequirements() had been called (so we don't check e.g. whether it's GPT). + + // The user may have modified/added/deleted partitions since the partition table was last scanned. + InvalidateCachedSysDriveProperties (); + + GetPartitionForHiddenOS (); + } + + + void BootEncryption::InitialSecurityChecksForHiddenOS () + { + wchar_t windowsDrive = (wchar_t) towupper (GetWindowsDirectory()[0]); + + // Paging files + bool pagingFilesOk = !IsPagingFileActive (TRUE); + + wchar_t pagingFileRegData[65536]; + DWORD pagingFileRegDataSize = sizeof (pagingFileRegData); + + if (ReadLocalMachineRegistryMultiString (L"System\\CurrentControlSet\\Control\\Session Manager\\Memory Management", L"PagingFiles", pagingFileRegData, &pagingFileRegDataSize) + && pagingFileRegDataSize > 8) + { + for (size_t i = 1; i < pagingFileRegDataSize/2 - 2; ++i) + { + if (wmemcmp (pagingFileRegData + i, L":\\", 2) == 0 && towupper (pagingFileRegData[i - 1]) != windowsDrive) + { + pagingFilesOk = false; + break; + } + } + } + + if (!pagingFilesOk) + { + if (AskWarnYesNoString ((wchar_t *) (wstring (GetString ("PAGING_FILE_NOT_ON_SYS_PARTITION")) + + GetString ("LEAKS_OUTSIDE_SYSPART_UNIVERSAL_EXPLANATION") + + L"\n\n\n" + + GetString ("RESTRICT_PAGING_FILES_TO_SYS_PARTITION") + ).c_str(), ParentWindow) == IDYES) + { + RestrictPagingFilesToSystemPartition(); + RestartComputer(); + AbortProcessSilent(); + } + + throw ErrorException (wstring (GetString ("PAGING_FILE_NOT_ON_SYS_PARTITION")) + + GetString ("LEAKS_OUTSIDE_SYSPART_UNIVERSAL_EXPLANATION"), SRC_POS); + } + + // User profile + wchar_t *configPath = GetConfigPath (L"dummy"); + if (configPath && towupper (configPath[0]) != windowsDrive) + { + throw ErrorException (wstring (GetString ("USER_PROFILE_NOT_ON_SYS_PARTITION")) + + GetString ("LEAKS_OUTSIDE_SYSPART_UNIVERSAL_EXPLANATION"), SRC_POS); + } + + // Temporary files + if (towupper (GetTempPathString()[0]) != windowsDrive) + { + throw ErrorException (wstring (GetString ("TEMP_NOT_ON_SYS_PARTITION")) + + GetString ("LEAKS_OUTSIDE_SYSPART_UNIVERSAL_EXPLANATION"), SRC_POS); + } + } + + + // This operation may take a long time when an antivirus is installed and its real-time protection enabled. + // Therefore, if calling it without the wizard displayed, it should be called with displayWaitDialog set to true. + void BootEncryption::Deinstall (bool displayWaitDialog) + { + BootEncryptionStatus encStatus = GetStatus(); + + if (encStatus.DriveEncrypted || encStatus.DriveMounted) + throw ParameterIncorrect (SRC_POS); + + SystemDriveConfiguration config = GetSystemDriveConfiguration (); + + if (encStatus.VolumeHeaderPresent) + { + // Verify CRC of header salt + Device device (config.DevicePath, true); + device.CheckOpened (SRC_POS); + byte header[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE]; + + device.SeekAt (TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET); + device.Read (header, sizeof (header)); + + if (encStatus.VolumeHeaderSaltCrc32 != GetCrc32 ((byte *) header, PKCS5_SALT_SIZE)) + throw ParameterIncorrect (SRC_POS); + } + + try + { + RegisterFilterDriver (false, DriveFilter); + RegisterFilterDriver (false, VolumeFilter); + RegisterFilterDriver (false, DumpFilter); + SetDriverServiceStartType (SERVICE_SYSTEM_START); + } + catch (...) + { + try + { + RegisterBootDriver (IsHiddenSystemRunning()); + } + catch (...) { } + + throw; + } + + SetHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_NONE); // In case RestoreSystemLoader() fails + + try + { + RegisterSystemFavoritesService (false); + } + catch (...) { } + + try + { + if (displayWaitDialog) + DisplayStaticModelessWaitDlg (ParentWindow); + + finally_do_arg (bool, displayWaitDialog, { if (finally_arg) CloseStaticModelessWaitDlg(); }); + + RestoreSystemLoader (); + } + catch (Exception &e) + { + e.Show (ParentWindow); + throw ErrorException ("SYS_LOADER_RESTORE_FAILED", SRC_POS); + } + } + + + int BootEncryption::ChangePassword (Password *oldPassword, int old_pkcs5, int old_pim, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg) + { + BootEncryptionStatus encStatus = GetStatus(); + + if (encStatus.SetupInProgress || (wipePassCount <= 0)) + throw ParameterIncorrect (SRC_POS); + + SystemDriveConfiguration config = GetSystemDriveConfiguration (); + + char header[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE]; + Device device (config.DevicePath); + device.CheckOpened (SRC_POS); + + // Only one algorithm is currently supported + if (pkcs5 != 0) + throw ParameterIncorrect (SRC_POS); + + int64 headerOffset = TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET; + int64 backupHeaderOffset = -1; + + if (encStatus.HiddenSystem) + { + headerOffset = encStatus.HiddenSystemPartitionStart + TC_HIDDEN_VOLUME_HEADER_OFFSET; + + // Find hidden system partition + foreach (const Partition &partition, config.Partitions) + { + if (partition.Info.StartingOffset.QuadPart == encStatus.HiddenSystemPartitionStart) + { + backupHeaderOffset = partition.Info.StartingOffset.QuadPart + partition.Info.PartitionLength.QuadPart - TC_VOLUME_HEADER_SIZE; + break; + } + } + + if (backupHeaderOffset == -1) + throw ParameterIncorrect (SRC_POS); + } + + device.SeekAt (headerOffset); + device.Read ((byte *) header, sizeof (header)); + + PCRYPTO_INFO cryptoInfo = NULL; + + int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, old_pkcs5, old_pim, FALSE, &cryptoInfo, NULL); + finally_do_arg (PCRYPTO_INFO, cryptoInfo, { if (finally_arg) crypto_close (finally_arg); }); + + if (status != 0) + { + handleError (hwndDlg, status, SRC_POS); + return status; + } + + // Change the PKCS-5 PRF if requested by user + if (pkcs5 != 0) + { + cryptoInfo->pkcs5 = pkcs5; + RandSetHashFunction (pkcs5); + } + + if (Randinit() != 0) + { + if (CryptoAPILastError == ERROR_SUCCESS) + throw RandInitFailed (SRC_POS, GetLastError ()); + else + throw CryptoApiFailed (SRC_POS, CryptoAPILastError); + } + finally_do ({ RandStop (FALSE); }); + + /* force the display of the random enriching dialog */ + SetRandomPoolEnrichedByUserStatus (FALSE); + + NormalCursor(); + UserEnrichRandomPool (hwndDlg); + WaitCursor(); + + /* The header will be re-encrypted wipePassCount times to prevent adversaries from using + techniques such as magnetic force microscopy or magnetic force scanning tunnelling microscopy + to recover the overwritten header. According to Peter Gutmann, data should be overwritten 22 + times (ideally, 35 times) using non-random patterns and pseudorandom data. However, as users might + impatiently interupt the process (etc.) we will not use the Gutmann's patterns but will write the + valid re-encrypted header, i.e. pseudorandom data, and there will be many more passes than Guttman + recommends. During each pass we will write a valid working header. Each pass will use the same master + key, and also the same header key, secondary key (XTS), etc., derived from the new password. The only + item that will be different for each pass will be the salt. This is sufficient to cause each "version" + of the header to differ substantially and in a random manner from the versions written during the + other passes. */ + + bool headerUpdated = false; + int result = ERR_SUCCESS; + + try + { + BOOL backupHeader = FALSE; + while (TRUE) + { + for (int wipePass = 0; wipePass < wipePassCount; wipePass++) + { + PCRYPTO_INFO tmpCryptoInfo = NULL; + + status = CreateVolumeHeaderInMemory (hwndDlg, !encStatus.HiddenSystem, + header, + cryptoInfo->ea, + cryptoInfo->mode, + newPassword, + cryptoInfo->pkcs5, + pim, + (char *) cryptoInfo->master_keydata, + &tmpCryptoInfo, + cryptoInfo->VolumeSize.Value, + cryptoInfo->hiddenVolumeSize, + cryptoInfo->EncryptedAreaStart.Value, + cryptoInfo->EncryptedAreaLength.Value, + cryptoInfo->RequiredProgramVersion, + cryptoInfo->HeaderFlags | TC_HEADER_FLAG_ENCRYPTED_SYSTEM, + cryptoInfo->SectorSize, + wipePass < wipePassCount - 1); + + if (tmpCryptoInfo) + crypto_close (tmpCryptoInfo); + + if (status != 0) + { + handleError (hwndDlg, status, SRC_POS); + return status; + } + + device.SeekAt (headerOffset); + device.Write ((byte *) header, sizeof (header)); + headerUpdated = true; + } + + if (!encStatus.HiddenSystem || backupHeader) + break; + + backupHeader = TRUE; + headerOffset = backupHeaderOffset; + } + } + catch (Exception &e) + { + e.Show (hwndDlg); + result = ERR_OS_ERROR; + } + + if (headerUpdated) + { + bool storedPimUpdateNeeded = false; + ReopenBootVolumeHeaderRequest reopenRequest; + reopenRequest.VolumePassword = *newPassword; + reopenRequest.pkcs5_prf = cryptoInfo->pkcs5; + reopenRequest.pim = pim; + finally_do_arg (ReopenBootVolumeHeaderRequest*, &reopenRequest, { burn (finally_arg, sizeof (*finally_arg)); }); + + if (old_pim != pim) + { + try + { + // check if PIM is stored in MBR + byte userConfig; + ReadBootSectorConfig (nullptr, 0, &userConfig); + if (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_PIM) + storedPimUpdateNeeded = true; + } + catch (...) + {} + } + + try + { + // force update of bootloader if fingerprint doesn't match or if the stored PIM changed + if (storedPimUpdateNeeded || !CheckBootloaderFingerprint (true)) + InstallBootLoader (device, true, false, pim); + } + catch (...) + {} + + CallDriver (TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER, &reopenRequest, sizeof (reopenRequest)); + } + + return result; + } + + + void BootEncryption::CheckEncryptionSetupResult () + { + CallDriver (TC_IOCTL_GET_BOOT_ENCRYPTION_SETUP_RESULT); + } + + + void BootEncryption::Install (bool hiddenSystem) + { + BootEncryptionStatus encStatus = GetStatus(); + if (encStatus.DriveMounted) + throw ParameterIncorrect (SRC_POS); + + try + { + InstallBootLoader (false, hiddenSystem); + + if (!hiddenSystem) + InstallVolumeHeader (); + + RegisterBootDriver (hiddenSystem); + } + catch (Exception &) + { + try + { + RestoreSystemLoader (); + } + catch (Exception &e) + { + e.Show (ParentWindow); + } + + throw; + } + } + + + void BootEncryption::PrepareHiddenOSCreation (int ea, int mode, int pkcs5) + { + BootEncryptionStatus encStatus = GetStatus(); + if (encStatus.DriveMounted) + throw ParameterIncorrect (SRC_POS); + + CheckRequirements(); + BackupSystemLoader(); + + SelectedEncryptionAlgorithmId = ea; + SelectedPrfAlgorithmId = pkcs5; + } + + + void BootEncryption::PrepareInstallation (bool systemPartitionOnly, Password &password, int ea, int mode, int pkcs5, int pim, const wstring &rescueIsoImagePath) + { + BootEncryptionStatus encStatus = GetStatus(); + if (encStatus.DriveMounted) + throw ParameterIncorrect (SRC_POS); + + CheckRequirements (); + + SystemDriveConfiguration config = GetSystemDriveConfiguration(); + + // Some chipset drivers may prevent access to the last sector of the drive + if (!systemPartitionOnly) + { + DISK_GEOMETRY geometry = GetDriveGeometry (config.DriveNumber); + if ((geometry.BytesPerSector > 0) && (geometry.BytesPerSector < TC_MAX_VOLUME_SECTOR_SIZE)) + { + Buffer sector (geometry.BytesPerSector); + + Device device (config.DevicePath); + device.CheckOpened (SRC_POS); + + try + { + device.SeekAt (config.DrivePartition.Info.PartitionLength.QuadPart - geometry.BytesPerSector); + device.Read (sector.Ptr(), (DWORD) sector.Size()); + } + catch (SystemException &e) + { + if (e.ErrorCode != ERROR_CRC) + { + e.Show (ParentWindow); + Error ("WHOLE_DRIVE_ENCRYPTION_PREVENTED_BY_DRIVERS", ParentWindow); + throw UserAbort (SRC_POS); + } + } + } + } + + BackupSystemLoader (); + + uint64 volumeSize; + uint64 encryptedAreaStart; + + if (systemPartitionOnly) + { + volumeSize = config.SystemPartition.Info.PartitionLength.QuadPart; + encryptedAreaStart = config.SystemPartition.Info.StartingOffset.QuadPart; + } + else + { + volumeSize = config.DrivePartition.Info.PartitionLength.QuadPart - TC_BOOT_LOADER_AREA_SIZE; + encryptedAreaStart = config.DrivePartition.Info.StartingOffset.QuadPart + TC_BOOT_LOADER_AREA_SIZE; + } + + SelectedEncryptionAlgorithmId = ea; + SelectedPrfAlgorithmId = pkcs5; + CreateVolumeHeader (volumeSize, encryptedAreaStart, &password, ea, mode, pkcs5, pim); + + if (!rescueIsoImagePath.empty()) + CreateRescueIsoImage (true, rescueIsoImagePath); + } + + bool BootEncryption::IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly) + { + if (!IsAdmin() && IsUacSupported()) + return Elevator::IsPagingFileActive (checkNonWindowsPartitionsOnly) ? true : false; + + return ::IsPagingFileActive (checkNonWindowsPartitionsOnly) ? true : false; + } + + void BootEncryption::RestrictPagingFilesToSystemPartition () + { + wchar_t pagingFiles[128] = {0}; + StringCchCopyW (pagingFiles, ARRAYSIZE(pagingFiles), L"X:\\pagefile.sys 0 0"); + pagingFiles[0] = GetWindowsDirectory()[0]; + + throw_sys_if (!WriteLocalMachineRegistryMultiString (L"System\\CurrentControlSet\\Control\\Session Manager\\Memory Management", L"PagingFiles", pagingFiles, (DWORD) (wcslen (pagingFiles) + 2) * sizeof (wchar_t))); + } + + void BootEncryption::WriteLocalMachineRegistryDwordValue (wchar_t *keyPath, wchar_t *valueName, DWORD value) + { + if (!IsAdmin() && IsUacSupported()) + { + Elevator::WriteLocalMachineRegistryDwordValue (keyPath, valueName, value); + return; + } + + throw_sys_if (!WriteLocalMachineRegistryDword (keyPath, valueName, value)); + } + + void BootEncryption::StartDecryption (BOOL discardUnreadableEncryptedSectors) + { + BootEncryptionStatus encStatus = GetStatus(); + + if (!encStatus.DeviceFilterActive || !encStatus.DriveMounted || encStatus.SetupInProgress) + throw ParameterIncorrect (SRC_POS); + + BootEncryptionSetupRequest request; + ZeroMemory (&request, sizeof (request)); + + request.SetupMode = SetupDecryption; + request.DiscardUnreadableEncryptedSectors = discardUnreadableEncryptedSectors; + + CallDriver (TC_IOCTL_BOOT_ENCRYPTION_SETUP, &request, sizeof (request), NULL, 0); + } + + void BootEncryption::StartEncryption (WipeAlgorithmId wipeAlgorithm, bool zeroUnreadableSectors) + { + BootEncryptionStatus encStatus = GetStatus(); + + if (!encStatus.DeviceFilterActive || !encStatus.DriveMounted || encStatus.SetupInProgress) + throw ParameterIncorrect (SRC_POS); + + BootEncryptionSetupRequest request; + ZeroMemory (&request, sizeof (request)); + + request.SetupMode = SetupEncryption; + request.WipeAlgorithm = wipeAlgorithm; + request.ZeroUnreadableSectors = zeroUnreadableSectors; + + CallDriver (TC_IOCTL_BOOT_ENCRYPTION_SETUP, &request, sizeof (request), NULL, 0); + } + + void BootEncryption::CopyFileAdmin (const wstring &sourceFile, const wstring &destinationFile) + { + if (!IsAdmin()) + { + if (!IsUacSupported()) + { + SetLastError (ERROR_ACCESS_DENIED); + throw SystemException(SRC_POS); + } + else + Elevator::CopyFile (sourceFile, destinationFile); + } + else + throw_sys_if (!::CopyFile (sourceFile.c_str(), destinationFile.c_str(), FALSE)); + } + + void BootEncryption::DeleteFileAdmin (const wstring &file) + { + if (!IsAdmin() && IsUacSupported()) + Elevator::DeleteFile (file); + else + throw_sys_if (!::DeleteFile (file.c_str())); + } + +#endif // !SETUP + + uint32 BootEncryption::ReadDriverConfigurationFlags () + { + DWORD configMap; + + if (!ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", TC_DRIVER_CONFIG_REG_VALUE_NAME, &configMap)) + configMap = 0; + + return configMap; + } + + void BootEncryption::WriteBootDriveSector (uint64 offset, byte *data) + { + WriteBootDriveSectorRequest request; + request.Offset.QuadPart = offset; + memcpy (request.Data, data, sizeof (request.Data)); + + CallDriver (TC_IOCTL_WRITE_BOOT_DRIVE_SECTOR, &request, sizeof (request), NULL, 0); + } + + void BootEncryption::RegisterBootDriver (bool hiddenSystem) + { + SetDriverServiceStartType (SERVICE_BOOT_START); + + try + { + RegisterFilterDriver (false, DriveFilter); + RegisterFilterDriver (false, VolumeFilter); + RegisterFilterDriver (false, DumpFilter); + } + catch (...) { } + + try + { + RegisterFilterDriver (true, DriveFilter); + + if (hiddenSystem) + RegisterFilterDriver (true, VolumeFilter); + + RegisterFilterDriver (true, DumpFilter); + } + catch (...) + { + try { RegisterFilterDriver (false, DriveFilter); } catch (...) { } + try { RegisterFilterDriver (false, VolumeFilter); } catch (...) { } + try { RegisterFilterDriver (false, DumpFilter); } catch (...) { } + try { SetDriverServiceStartType (SERVICE_SYSTEM_START); } catch (...) { } + + throw; + } + } + + bool BootEncryption::RestartComputer (void) + { + return (::RestartComputer() != FALSE); + } +} diff --git a/src/Common/BootEncryption.h b/src/Common/BootEncryption.h index a922d1fa..a89b2ec6 100644 --- a/src/Common/BootEncryption.h +++ b/src/Common/BootEncryption.h @@ -1,255 +1,255 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Common_BootEncryption -#define TC_HEADER_Common_BootEncryption - -#include "Tcdefs.h" -#include "Dlgcode.h" -#include "Exception.h" -#include "Platform/PlatformBase.h" -#include "Volumes.h" - -using namespace std; - -namespace VeraCrypt -{ - class File - { - public: - File () : Elevated (false), FileOpen (false), FilePointerPosition(0), Handle(INVALID_HANDLE_VALUE), IsDevice(false), LastError(0) { } - File (wstring path,bool readOnly = false, bool create = false); - virtual ~File () { Close(); } - - void CheckOpened (const char* srcPos) { if (!FileOpen) { SetLastError (LastError); throw SystemException (srcPos);} } - void Close (); - DWORD Read (byte *buffer, DWORD size); - void Write (byte *buffer, DWORD size); - void SeekAt (int64 position); - - protected: - bool Elevated; - bool FileOpen; - uint64 FilePointerPosition; - HANDLE Handle; - bool IsDevice; - wstring Path; - DWORD LastError; - }; - - - class Device : public File - { - public: - Device (wstring path,bool readOnly = false); - virtual ~Device () {} - }; - - - class Buffer - { - public: - Buffer (size_t size) : DataSize (size) - { - DataPtr = new byte[size]; - if (!DataPtr) - throw bad_alloc(); - } - - ~Buffer () { delete[] DataPtr; } - byte *Ptr () const { return DataPtr; } - size_t Size () const { return DataSize; } - - protected: - byte *DataPtr; - size_t DataSize; - }; - - - struct Partition - { - wstring DevicePath; - PARTITION_INFORMATION Info; - wstring MountPoint; - size_t Number; - BOOL IsGPT; - wstring VolumeNameId; - }; - - typedef list PartitionList; - -#pragma pack (push) -#pragma pack(1) - - struct PartitionEntryMBR - { - byte BootIndicator; - - byte StartHead; - byte StartCylSector; - byte StartCylinder; - - byte Type; - - byte EndHead; - byte EndSector; - byte EndCylinder; - - uint32 StartLBA; - uint32 SectorCountLBA; - }; - - struct MBR - { - byte Code[446]; - PartitionEntryMBR Partitions[4]; - uint16 Signature; - }; - -#pragma pack (pop) - - struct SystemDriveConfiguration - { - wstring DeviceKernelPath; - wstring DevicePath; - int DriveNumber; - Partition DrivePartition; - bool ExtraBootPartitionPresent; - int64 InitialUnallocatedSpace; - PartitionList Partitions; - Partition SystemPartition; - int64 TotalUnallocatedSpace; - bool SystemLoaderPresent; - }; - - class BootEncryption - { - public: - BootEncryption (HWND parent); - ~BootEncryption (); - - enum FilterType - { - DriveFilter, - VolumeFilter, - DumpFilter - }; - - void SetParentWindow (HWND parent) { ParentWindow = parent; } - void AbortDecoyOSWipe (); - void AbortSetup (); - void AbortSetupWait (); - void CallDriver (DWORD ioctl, void *input = nullptr, DWORD inputSize = 0, void *output = nullptr, DWORD outputSize = 0); - int ChangePassword (Password *oldPassword, int old_pkcs5, int old_pim, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg); - void CheckDecoyOSWipeResult (); - void CheckEncryptionSetupResult (); - void CheckRequirements (); - void CheckRequirementsHiddenOS (); - void CopyFileAdmin (const wstring &sourceFile, const wstring &destinationFile); - void CreateRescueIsoImage (bool initialSetup, const wstring &isoImagePath); - void Deinstall (bool displayWaitDialog = false); - void DeleteFileAdmin (const wstring &file); - DecoySystemWipeStatus GetDecoyOSWipeStatus (); - DWORD GetDriverServiceStartType (); - unsigned int GetHiddenOSCreationPhase (); - uint16 GetInstalledBootLoaderVersion (); - void GetInstalledBootLoaderFingerprint (byte fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE]); - Partition GetPartitionForHiddenOS (); - bool IsBootLoaderOnDrive (wchar_t *devicePath); - BootEncryptionStatus GetStatus (); - void GetVolumeProperties (VOLUME_PROPERTIES_STRUCT *properties); - SystemDriveConfiguration GetSystemDriveConfiguration (); - void Install (bool hiddenSystem); - void InstallBootLoader (Device& device, bool preserveUserConfig = false, bool hiddenOSCreation = false, int pim = -1); - void InstallBootLoader (bool preserveUserConfig = false, bool hiddenOSCreation = false); - bool CheckBootloaderFingerprint (bool bSilent = false); - void InvalidateCachedSysDriveProperties (); - bool IsCDRecorderPresent (); - bool IsHiddenSystemRunning (); - bool IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly); - void PrepareHiddenOSCreation (int ea, int mode, int pkcs5); - void PrepareInstallation (bool systemPartitionOnly, Password &password, int ea, int mode, int pkcs5, int pim, const wstring &rescueIsoImagePath); - void ProbeRealSystemDriveSize (); - void ReadBootSectorConfig (byte *config, size_t bufLength, byte *userConfig = nullptr, string *customUserMessage = nullptr, uint16 *bootLoaderVersion = nullptr); - uint32 ReadDriverConfigurationFlags (); - void RegisterBootDriver (bool hiddenSystem); - void RegisterFilterDriver (bool registerDriver, FilterType filterType); - void RegisterSystemFavoritesService (BOOL registerService); - void RegisterSystemFavoritesService (BOOL registerService, BOOL noFileHandling); - void UpdateSystemFavoritesService (); - void RenameDeprecatedSystemLoaderBackup (); - bool RestartComputer (void); - void InitialSecurityChecksForHiddenOS (); - void RestrictPagingFilesToSystemPartition (); - void SetDriverConfigurationFlag (uint32 flag, bool state); - void SetDriverServiceStartType (DWORD startType); - void SetHiddenOSCreationPhase (unsigned int newPhase); - void StartDecryption (BOOL discardUnreadableEncryptedSectors); - void StartDecoyOSWipe (WipeAlgorithmId wipeAlgorithm); - void StartEncryption (WipeAlgorithmId wipeAlgorithm, bool zeroUnreadableSectors); - bool SystemDriveContainsPartitionType (byte type); - bool SystemDriveContainsExtendedPartition (); - bool SystemDriveContainsNonStandardPartitions (); - bool SystemPartitionCoversWholeDrive (); - bool SystemDriveIsDynamic (); - bool VerifyRescueDisk (); - bool VerifyRescueDiskIsoImage (const wchar_t* imageFile); - void WipeHiddenOSCreationConfig (); - void WriteBootDriveSector (uint64 offset, byte *data); - void WriteBootSectorConfig (const byte newConfig[]); - void WriteBootSectorUserConfig (byte userConfig, const string &customUserMessage, int pim); - void WriteLocalMachineRegistryDwordValue (wchar_t *keyPath, wchar_t *valueName, DWORD value); - - protected: - static const uint32 RescueIsoImageSize = 1835008; // Size of ISO9660 image with bootable emulated 1.44MB floppy disk image - - void BackupSystemLoader (); - void CreateBootLoaderInMemory (byte *buffer, size_t bufferSize, bool rescueDisk, bool hiddenOSCreation = false); - void CreateVolumeHeader (uint64 volumeSize, uint64 encryptedAreaStart, Password *password, int ea, int mode, int pkcs5, int pim); - wstring GetSystemLoaderBackupPath (); - uint32 GetChecksum (byte *data, size_t size); - DISK_GEOMETRY GetDriveGeometry (int driveNumber); - PartitionList GetDrivePartitions (int driveNumber); - wstring GetRemarksOnHiddenOS (); - wstring GetWindowsDirectory (); - void RegisterFilter (bool registerFilter, FilterType filterType, const GUID *deviceClassGuid = nullptr); - void RestoreSystemLoader (); - void InstallVolumeHeader (); - - HWND ParentWindow; - SystemDriveConfiguration DriveConfig; - int SelectedEncryptionAlgorithmId; - int SelectedPrfAlgorithmId; - Partition HiddenOSCandidatePartition; - byte *RescueIsoImage; - byte RescueVolumeHeader[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE]; - byte VolumeHeader[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE]; - bool DriveConfigValid; - bool RealSystemDriveSizeValid; - bool RescueVolumeHeaderValid; - bool VolumeHeaderValid; - }; -} - -#define TC_ABORT_TRANSFORM_WAIT_INTERVAL 10 - -#define MIN_HIDDENOS_DECOY_PARTITION_SIZE_RATIO_NTFS 2.1 -#define MIN_HIDDENOS_DECOY_PARTITION_SIZE_RATIO_FAT 1.05 - -#define TC_SYS_BOOT_LOADER_BACKUP_NAME L"Original System Loader" -#define TC_SYS_BOOT_LOADER_BACKUP_NAME_LEGACY L"Original System Loader.bak" // Deprecated to prevent removal by some "cleaners" - -#define TC_SYSTEM_FAVORITES_SERVICE_NAME _T(TC_APP_NAME) L"SystemFavorites" -#define TC_SYSTEM_FAVORITES_SERVICE_LOAD_ORDER_GROUP L"Event Log" -#define TC_SYSTEM_FAVORITES_SERVICE_CMDLINE_OPTION L"/systemFavoritesService" - -#endif // TC_HEADER_Common_BootEncryption +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Common_BootEncryption +#define TC_HEADER_Common_BootEncryption + +#include "Tcdefs.h" +#include "Dlgcode.h" +#include "Exception.h" +#include "Platform/PlatformBase.h" +#include "Volumes.h" + +using namespace std; + +namespace VeraCrypt +{ + class File + { + public: + File () : Elevated (false), FileOpen (false), FilePointerPosition(0), Handle(INVALID_HANDLE_VALUE), IsDevice(false), LastError(0) { } + File (wstring path,bool readOnly = false, bool create = false); + virtual ~File () { Close(); } + + void CheckOpened (const char* srcPos) { if (!FileOpen) { SetLastError (LastError); throw SystemException (srcPos);} } + void Close (); + DWORD Read (byte *buffer, DWORD size); + void Write (byte *buffer, DWORD size); + void SeekAt (int64 position); + + protected: + bool Elevated; + bool FileOpen; + uint64 FilePointerPosition; + HANDLE Handle; + bool IsDevice; + wstring Path; + DWORD LastError; + }; + + + class Device : public File + { + public: + Device (wstring path,bool readOnly = false); + virtual ~Device () {} + }; + + + class Buffer + { + public: + Buffer (size_t size) : DataSize (size) + { + DataPtr = new byte[size]; + if (!DataPtr) + throw bad_alloc(); + } + + ~Buffer () { delete[] DataPtr; } + byte *Ptr () const { return DataPtr; } + size_t Size () const { return DataSize; } + + protected: + byte *DataPtr; + size_t DataSize; + }; + + + struct Partition + { + wstring DevicePath; + PARTITION_INFORMATION Info; + wstring MountPoint; + size_t Number; + BOOL IsGPT; + wstring VolumeNameId; + }; + + typedef list PartitionList; + +#pragma pack (push) +#pragma pack(1) + + struct PartitionEntryMBR + { + byte BootIndicator; + + byte StartHead; + byte StartCylSector; + byte StartCylinder; + + byte Type; + + byte EndHead; + byte EndSector; + byte EndCylinder; + + uint32 StartLBA; + uint32 SectorCountLBA; + }; + + struct MBR + { + byte Code[446]; + PartitionEntryMBR Partitions[4]; + uint16 Signature; + }; + +#pragma pack (pop) + + struct SystemDriveConfiguration + { + wstring DeviceKernelPath; + wstring DevicePath; + int DriveNumber; + Partition DrivePartition; + bool ExtraBootPartitionPresent; + int64 InitialUnallocatedSpace; + PartitionList Partitions; + Partition SystemPartition; + int64 TotalUnallocatedSpace; + bool SystemLoaderPresent; + }; + + class BootEncryption + { + public: + BootEncryption (HWND parent); + ~BootEncryption (); + + enum FilterType + { + DriveFilter, + VolumeFilter, + DumpFilter + }; + + void SetParentWindow (HWND parent) { ParentWindow = parent; } + void AbortDecoyOSWipe (); + void AbortSetup (); + void AbortSetupWait (); + void CallDriver (DWORD ioctl, void *input = nullptr, DWORD inputSize = 0, void *output = nullptr, DWORD outputSize = 0); + int ChangePassword (Password *oldPassword, int old_pkcs5, int old_pim, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg); + void CheckDecoyOSWipeResult (); + void CheckEncryptionSetupResult (); + void CheckRequirements (); + void CheckRequirementsHiddenOS (); + void CopyFileAdmin (const wstring &sourceFile, const wstring &destinationFile); + void CreateRescueIsoImage (bool initialSetup, const wstring &isoImagePath); + void Deinstall (bool displayWaitDialog = false); + void DeleteFileAdmin (const wstring &file); + DecoySystemWipeStatus GetDecoyOSWipeStatus (); + DWORD GetDriverServiceStartType (); + unsigned int GetHiddenOSCreationPhase (); + uint16 GetInstalledBootLoaderVersion (); + void GetInstalledBootLoaderFingerprint (byte fingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE]); + Partition GetPartitionForHiddenOS (); + bool IsBootLoaderOnDrive (wchar_t *devicePath); + BootEncryptionStatus GetStatus (); + void GetVolumeProperties (VOLUME_PROPERTIES_STRUCT *properties); + SystemDriveConfiguration GetSystemDriveConfiguration (); + void Install (bool hiddenSystem); + void InstallBootLoader (Device& device, bool preserveUserConfig = false, bool hiddenOSCreation = false, int pim = -1); + void InstallBootLoader (bool preserveUserConfig = false, bool hiddenOSCreation = false); + bool CheckBootloaderFingerprint (bool bSilent = false); + void InvalidateCachedSysDriveProperties (); + bool IsCDRecorderPresent (); + bool IsHiddenSystemRunning (); + bool IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly); + void PrepareHiddenOSCreation (int ea, int mode, int pkcs5); + void PrepareInstallation (bool systemPartitionOnly, Password &password, int ea, int mode, int pkcs5, int pim, const wstring &rescueIsoImagePath); + void ProbeRealSystemDriveSize (); + void ReadBootSectorConfig (byte *config, size_t bufLength, byte *userConfig = nullptr, string *customUserMessage = nullptr, uint16 *bootLoaderVersion = nullptr); + uint32 ReadDriverConfigurationFlags (); + void RegisterBootDriver (bool hiddenSystem); + void RegisterFilterDriver (bool registerDriver, FilterType filterType); + void RegisterSystemFavoritesService (BOOL registerService); + void RegisterSystemFavoritesService (BOOL registerService, BOOL noFileHandling); + void UpdateSystemFavoritesService (); + void RenameDeprecatedSystemLoaderBackup (); + bool RestartComputer (void); + void InitialSecurityChecksForHiddenOS (); + void RestrictPagingFilesToSystemPartition (); + void SetDriverConfigurationFlag (uint32 flag, bool state); + void SetDriverServiceStartType (DWORD startType); + void SetHiddenOSCreationPhase (unsigned int newPhase); + void StartDecryption (BOOL discardUnreadableEncryptedSectors); + void StartDecoyOSWipe (WipeAlgorithmId wipeAlgorithm); + void StartEncryption (WipeAlgorithmId wipeAlgorithm, bool zeroUnreadableSectors); + bool SystemDriveContainsPartitionType (byte type); + bool SystemDriveContainsExtendedPartition (); + bool SystemDriveContainsNonStandardPartitions (); + bool SystemPartitionCoversWholeDrive (); + bool SystemDriveIsDynamic (); + bool VerifyRescueDisk (); + bool VerifyRescueDiskIsoImage (const wchar_t* imageFile); + void WipeHiddenOSCreationConfig (); + void WriteBootDriveSector (uint64 offset, byte *data); + void WriteBootSectorConfig (const byte newConfig[]); + void WriteBootSectorUserConfig (byte userConfig, const string &customUserMessage, int pim); + void WriteLocalMachineRegistryDwordValue (wchar_t *keyPath, wchar_t *valueName, DWORD value); + + protected: + static const uint32 RescueIsoImageSize = 1835008; // Size of ISO9660 image with bootable emulated 1.44MB floppy disk image + + void BackupSystemLoader (); + void CreateBootLoaderInMemory (byte *buffer, size_t bufferSize, bool rescueDisk, bool hiddenOSCreation = false); + void CreateVolumeHeader (uint64 volumeSize, uint64 encryptedAreaStart, Password *password, int ea, int mode, int pkcs5, int pim); + wstring GetSystemLoaderBackupPath (); + uint32 GetChecksum (byte *data, size_t size); + DISK_GEOMETRY GetDriveGeometry (int driveNumber); + PartitionList GetDrivePartitions (int driveNumber); + wstring GetRemarksOnHiddenOS (); + wstring GetWindowsDirectory (); + void RegisterFilter (bool registerFilter, FilterType filterType, const GUID *deviceClassGuid = nullptr); + void RestoreSystemLoader (); + void InstallVolumeHeader (); + + HWND ParentWindow; + SystemDriveConfiguration DriveConfig; + int SelectedEncryptionAlgorithmId; + int SelectedPrfAlgorithmId; + Partition HiddenOSCandidatePartition; + byte *RescueIsoImage; + byte RescueVolumeHeader[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE]; + byte VolumeHeader[TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE]; + bool DriveConfigValid; + bool RealSystemDriveSizeValid; + bool RescueVolumeHeaderValid; + bool VolumeHeaderValid; + }; +} + +#define TC_ABORT_TRANSFORM_WAIT_INTERVAL 10 + +#define MIN_HIDDENOS_DECOY_PARTITION_SIZE_RATIO_NTFS 2.1 +#define MIN_HIDDENOS_DECOY_PARTITION_SIZE_RATIO_FAT 1.05 + +#define TC_SYS_BOOT_LOADER_BACKUP_NAME L"Original System Loader" +#define TC_SYS_BOOT_LOADER_BACKUP_NAME_LEGACY L"Original System Loader.bak" // Deprecated to prevent removal by some "cleaners" + +#define TC_SYSTEM_FAVORITES_SERVICE_NAME _T(TC_APP_NAME) L"SystemFavorites" +#define TC_SYSTEM_FAVORITES_SERVICE_LOAD_ORDER_GROUP L"Event Log" +#define TC_SYSTEM_FAVORITES_SERVICE_CMDLINE_OPTION L"/systemFavoritesService" + +#endif // TC_HEADER_Common_BootEncryption diff --git a/src/Common/Cache.c b/src/Common/Cache.c index e32896fa..ba6c6df8 100644 --- a/src/Common/Cache.c +++ b/src/Common/Cache.c @@ -1,115 +1,115 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" -#include "Crypto.h" -#include "Fat.h" -#include "Volumes.h" -#include "Apidrvr.h" -#include "Common.h" -#include "Cache.h" - -Password CachedPasswords[CACHE_SIZE]; -int CachedPim[CACHE_SIZE]; -int cacheEmpty = 1; -static int nPasswordIdx = 0; - -int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, char *header, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo) -{ - int nReturnCode = ERR_PASSWORD_WRONG; - int i, effectivePim; - - /* Attempt to recognize volume using mount password */ - if (password->Length > 0) - { - nReturnCode = ReadVolumeHeader (bBoot, header, password, pkcs5_prf, pim, truecryptMode, retInfo, NULL); - - /* Save mount passwords back into cache if asked to do so */ - if (bCache && (nReturnCode == 0 || nReturnCode == ERR_CIPHER_INIT_WEAK_KEY)) - { - for (i = 0; i < CACHE_SIZE; i++) - { - if (memcmp (&CachedPasswords[i], password, sizeof (Password)) == 0) - break; - } - - if (i == CACHE_SIZE) - { - /* Store the password */ - CachedPasswords[nPasswordIdx] = *password; - - /* Store also PIM if requested, otherwise set to default */ - if (bCachePim && (pim > 0)) - CachedPim[nPasswordIdx] = pim; - else - CachedPim[nPasswordIdx] = 0; - - /* Try another slot */ - nPasswordIdx = (nPasswordIdx + 1) % CACHE_SIZE; - - cacheEmpty = 0; - } - else if (bCachePim) - { - CachedPim[i] = pim > 0? pim : 0; - } - } - } - else if (!cacheEmpty) - { - /* Attempt to recognize volume using cached passwords */ - for (i = 0; i < CACHE_SIZE; i++) - { - if (CachedPasswords[i].Length > 0) - { - if (truecryptMode) - effectivePim = 0; - else if (pim == -1) - effectivePim = CachedPim[i]; - else - effectivePim = pim; - nReturnCode = ReadVolumeHeader (bBoot, header, &CachedPasswords[i], pkcs5_prf, effectivePim, truecryptMode, retInfo, NULL); - - if (nReturnCode != ERR_PASSWORD_WRONG) - break; - } - } - } - - return nReturnCode; -} - - -void AddPasswordToCache (Password *password, int pim) -{ - int i; - for (i = 0; i < CACHE_SIZE; i++) - { - if (memcmp (&CachedPasswords[i], password, sizeof (Password)) == 0) - return; - } - - CachedPasswords[nPasswordIdx] = *password; - CachedPim[nPasswordIdx] = pim > 0? pim : 0; - nPasswordIdx = (nPasswordIdx + 1) % CACHE_SIZE; - cacheEmpty = 0; -} - - -void WipeCache () -{ - burn (CachedPasswords, sizeof (CachedPasswords)); - burn (CachedPim, sizeof (CachedPim)); - nPasswordIdx = 0; - cacheEmpty = 1; -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" +#include "Crypto.h" +#include "Fat.h" +#include "Volumes.h" +#include "Apidrvr.h" +#include "Common.h" +#include "Cache.h" + +Password CachedPasswords[CACHE_SIZE]; +int CachedPim[CACHE_SIZE]; +int cacheEmpty = 1; +static int nPasswordIdx = 0; + +int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, char *header, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo) +{ + int nReturnCode = ERR_PASSWORD_WRONG; + int i, effectivePim; + + /* Attempt to recognize volume using mount password */ + if (password->Length > 0) + { + nReturnCode = ReadVolumeHeader (bBoot, header, password, pkcs5_prf, pim, truecryptMode, retInfo, NULL); + + /* Save mount passwords back into cache if asked to do so */ + if (bCache && (nReturnCode == 0 || nReturnCode == ERR_CIPHER_INIT_WEAK_KEY)) + { + for (i = 0; i < CACHE_SIZE; i++) + { + if (memcmp (&CachedPasswords[i], password, sizeof (Password)) == 0) + break; + } + + if (i == CACHE_SIZE) + { + /* Store the password */ + CachedPasswords[nPasswordIdx] = *password; + + /* Store also PIM if requested, otherwise set to default */ + if (bCachePim && (pim > 0)) + CachedPim[nPasswordIdx] = pim; + else + CachedPim[nPasswordIdx] = 0; + + /* Try another slot */ + nPasswordIdx = (nPasswordIdx + 1) % CACHE_SIZE; + + cacheEmpty = 0; + } + else if (bCachePim) + { + CachedPim[i] = pim > 0? pim : 0; + } + } + } + else if (!cacheEmpty) + { + /* Attempt to recognize volume using cached passwords */ + for (i = 0; i < CACHE_SIZE; i++) + { + if (CachedPasswords[i].Length > 0) + { + if (truecryptMode) + effectivePim = 0; + else if (pim == -1) + effectivePim = CachedPim[i]; + else + effectivePim = pim; + nReturnCode = ReadVolumeHeader (bBoot, header, &CachedPasswords[i], pkcs5_prf, effectivePim, truecryptMode, retInfo, NULL); + + if (nReturnCode != ERR_PASSWORD_WRONG) + break; + } + } + } + + return nReturnCode; +} + + +void AddPasswordToCache (Password *password, int pim) +{ + int i; + for (i = 0; i < CACHE_SIZE; i++) + { + if (memcmp (&CachedPasswords[i], password, sizeof (Password)) == 0) + return; + } + + CachedPasswords[nPasswordIdx] = *password; + CachedPim[nPasswordIdx] = pim > 0? pim : 0; + nPasswordIdx = (nPasswordIdx + 1) % CACHE_SIZE; + cacheEmpty = 0; +} + + +void WipeCache () +{ + burn (CachedPasswords, sizeof (CachedPasswords)); + burn (CachedPim, sizeof (CachedPim)); + nPasswordIdx = 0; + cacheEmpty = 1; +} diff --git a/src/Common/Cache.h b/src/Common/Cache.h index 05f0ba04..c4587d03 100644 --- a/src/Common/Cache.h +++ b/src/Common/Cache.h @@ -1,25 +1,25 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Common.h" - -#ifndef CACHE_SIZE -/* WARNING: Changing this value might not be safe (some items may be hard coded for 4)! Inspection necessary. */ -#define CACHE_SIZE 4 -#endif - -extern int cacheEmpty; - -void AddPasswordToCache (Password *password, int pim); -int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim,char *header, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo); -void WipeCache (void); +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Common.h" + +#ifndef CACHE_SIZE +/* WARNING: Changing this value might not be safe (some items may be hard coded for 4)! Inspection necessary. */ +#define CACHE_SIZE 4 +#endif + +extern int cacheEmpty; + +void AddPasswordToCache (Password *password, int pim); +int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim,char *header, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo); +void WipeCache (void); diff --git a/src/Common/Cmdline.c b/src/Common/Cmdline.c index 759c63f5..4a055c16 100644 --- a/src/Common/Cmdline.c +++ b/src/Common/Cmdline.c @@ -1,184 +1,184 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" - -#include -#include -#include "Cmdline.h" - -#include "Resource.h" -#include "Crypto.h" -#include "Apidrvr.h" -#include "Dlgcode.h" -#include "Language.h" -#include - -#ifndef SRC_POS -#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) -#endif - -/* Except in response to the WM_INITDIALOG message, the dialog box procedure - should return nonzero if it processes the message, and zero if it does - not. - see DialogProc */ -BOOL CALLBACK CommandHelpDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - UNREFERENCED_PARAMETER (lParam); /* remove warning */ - UNREFERENCED_PARAMETER (wParam); /* remove warning */ - - switch (msg) - { - case WM_INITDIALOG: - { - wchar_t * tmp = err_malloc(8192 * sizeof (wchar_t)); - wchar_t tmp2[MAX_PATH * 2]; - argumentspec *as; - int i; - - LocalizeDialog (hwndDlg, "IDD_COMMANDHELP_DLG"); - - as = (argumentspec*) lParam; - - *tmp = 0; - - StringCchCopyW (tmp, 8192, L"VeraCrypt " _T(VERSION_STRING)); -#ifdef _WIN64 - StringCchCatW (tmp, 8192, L" (64-bit)"); -#else - StringCchCatW (tmp, 8192, L" (32-bit)"); -#endif -#if (defined(_DEBUG) || defined(DEBUG)) - StringCchCatW (tmp, 8192, L" (debug)"); -#endif - - StringCchCatW (tmp, 8192, L"\n\nCommand line options:\n\n"); - for (i = 0; i < as->arg_cnt; i ++) - { - if (!as->args[i].Internal) - { - StringCchPrintfW(tmp2, MAX_PATH * 2, L"%s\t%s\n", as->args[i].short_name, as->args[i].long_name); - StringCchCatW(tmp, 8192, tmp2); - } - } - - StringCchCatW (tmp, 8192, L"\nExamples:\n\nMount a volume as X:\tveracrypt.exe /q /v volume.hc /l X\nDismount a volume X:\tveracrypt.exe /q /d X"); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_COMMANDHELP_TEXT), tmp); - - TCfree(tmp); - return 1; - } - - case WM_COMMAND: - EndDialog (hwndDlg, IDOK); - return 1; - case WM_CLOSE: - EndDialog (hwndDlg, 0); - return 1; - } - - return 0; -} - -int Win32CommandLine (wchar_t ***lpszArgs) -{ - int argumentCount; - int i; - - LPWSTR *arguments = CommandLineToArgvW (GetCommandLineW(), &argumentCount); - if (!arguments) - { - handleWin32Error (NULL, SRC_POS); - return 0; - } - - --argumentCount; - if (argumentCount < 1) - { - LocalFree (arguments); - return 0; - } - - *lpszArgs = malloc (sizeof (wchar_t *) * argumentCount); - if (!*lpszArgs) - AbortProcess ("OUTOFMEMORY"); - - for (i = 0; i < argumentCount; ++i) - { - wchar_t *arg = _wcsdup (arguments[i + 1]); - if (!arg) - AbortProcess ("OUTOFMEMORY"); - - (*lpszArgs)[i] = arg; - } - - LocalFree (arguments); - return argumentCount; -} - -int GetArgSepPosOffset (wchar_t *lpszArgument) -{ - if (lpszArgument[0] == L'/') - return 1; - - return 0; -} - -int GetArgumentID (argumentspec *as, wchar_t *lpszArgument) -{ - int i; - - for (i = 0; i < as->arg_cnt; i++) - { - if (_wcsicmp (as->args[i].long_name, lpszArgument) == 0) - { - return as->args[i].Id; - } - } - - for (i = 0; i < as->arg_cnt; i++) - { - if (as->args[i].short_name[0] == 0) - continue; - - if (_wcsicmp (as->args[i].short_name, lpszArgument) == 0) - { - return as->args[i].Id; - } - } - - - return -1; -} - -int GetArgumentValue (wchar_t **lpszCommandLineArgs, int *nArgIdx, - int nNoCommandLineArgs, wchar_t *lpszValue, int nValueSize) -{ - *lpszValue = 0; - - if (*nArgIdx + 1 < nNoCommandLineArgs) - { - int x = GetArgSepPosOffset (lpszCommandLineArgs[*nArgIdx + 1]); - if (x == 0) - { - /* Handles the case of space between parameter code - and value */ - StringCchCopyW (lpszValue, nValueSize, lpszCommandLineArgs[*nArgIdx + 1]); - lpszValue[nValueSize - 1] = 0; - (*nArgIdx)++; - return HAS_ARGUMENT; - } - } - - return HAS_NO_ARGUMENT; -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" + +#include +#include +#include "Cmdline.h" + +#include "Resource.h" +#include "Crypto.h" +#include "Apidrvr.h" +#include "Dlgcode.h" +#include "Language.h" +#include + +#ifndef SRC_POS +#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) +#endif + +/* Except in response to the WM_INITDIALOG message, the dialog box procedure + should return nonzero if it processes the message, and zero if it does + not. - see DialogProc */ +BOOL CALLBACK CommandHelpDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + UNREFERENCED_PARAMETER (lParam); /* remove warning */ + UNREFERENCED_PARAMETER (wParam); /* remove warning */ + + switch (msg) + { + case WM_INITDIALOG: + { + wchar_t * tmp = err_malloc(8192 * sizeof (wchar_t)); + wchar_t tmp2[MAX_PATH * 2]; + argumentspec *as; + int i; + + LocalizeDialog (hwndDlg, "IDD_COMMANDHELP_DLG"); + + as = (argumentspec*) lParam; + + *tmp = 0; + + StringCchCopyW (tmp, 8192, L"VeraCrypt " _T(VERSION_STRING)); +#ifdef _WIN64 + StringCchCatW (tmp, 8192, L" (64-bit)"); +#else + StringCchCatW (tmp, 8192, L" (32-bit)"); +#endif +#if (defined(_DEBUG) || defined(DEBUG)) + StringCchCatW (tmp, 8192, L" (debug)"); +#endif + + StringCchCatW (tmp, 8192, L"\n\nCommand line options:\n\n"); + for (i = 0; i < as->arg_cnt; i ++) + { + if (!as->args[i].Internal) + { + StringCchPrintfW(tmp2, MAX_PATH * 2, L"%s\t%s\n", as->args[i].short_name, as->args[i].long_name); + StringCchCatW(tmp, 8192, tmp2); + } + } + + StringCchCatW (tmp, 8192, L"\nExamples:\n\nMount a volume as X:\tveracrypt.exe /q /v volume.hc /l X\nDismount a volume X:\tveracrypt.exe /q /d X"); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_COMMANDHELP_TEXT), tmp); + + TCfree(tmp); + return 1; + } + + case WM_COMMAND: + EndDialog (hwndDlg, IDOK); + return 1; + case WM_CLOSE: + EndDialog (hwndDlg, 0); + return 1; + } + + return 0; +} + +int Win32CommandLine (wchar_t ***lpszArgs) +{ + int argumentCount; + int i; + + LPWSTR *arguments = CommandLineToArgvW (GetCommandLineW(), &argumentCount); + if (!arguments) + { + handleWin32Error (NULL, SRC_POS); + return 0; + } + + --argumentCount; + if (argumentCount < 1) + { + LocalFree (arguments); + return 0; + } + + *lpszArgs = malloc (sizeof (wchar_t *) * argumentCount); + if (!*lpszArgs) + AbortProcess ("OUTOFMEMORY"); + + for (i = 0; i < argumentCount; ++i) + { + wchar_t *arg = _wcsdup (arguments[i + 1]); + if (!arg) + AbortProcess ("OUTOFMEMORY"); + + (*lpszArgs)[i] = arg; + } + + LocalFree (arguments); + return argumentCount; +} + +int GetArgSepPosOffset (wchar_t *lpszArgument) +{ + if (lpszArgument[0] == L'/') + return 1; + + return 0; +} + +int GetArgumentID (argumentspec *as, wchar_t *lpszArgument) +{ + int i; + + for (i = 0; i < as->arg_cnt; i++) + { + if (_wcsicmp (as->args[i].long_name, lpszArgument) == 0) + { + return as->args[i].Id; + } + } + + for (i = 0; i < as->arg_cnt; i++) + { + if (as->args[i].short_name[0] == 0) + continue; + + if (_wcsicmp (as->args[i].short_name, lpszArgument) == 0) + { + return as->args[i].Id; + } + } + + + return -1; +} + +int GetArgumentValue (wchar_t **lpszCommandLineArgs, int *nArgIdx, + int nNoCommandLineArgs, wchar_t *lpszValue, int nValueSize) +{ + *lpszValue = 0; + + if (*nArgIdx + 1 < nNoCommandLineArgs) + { + int x = GetArgSepPosOffset (lpszCommandLineArgs[*nArgIdx + 1]); + if (x == 0) + { + /* Handles the case of space between parameter code + and value */ + StringCchCopyW (lpszValue, nValueSize, lpszCommandLineArgs[*nArgIdx + 1]); + lpszValue[nValueSize - 1] = 0; + (*nArgIdx)++; + return HAS_ARGUMENT; + } + } + + return HAS_NO_ARGUMENT; +} diff --git a/src/Common/Cmdline.h b/src/Common/Cmdline.h index 3088d563..51c173c6 100644 --- a/src/Common/Cmdline.h +++ b/src/Common/Cmdline.h @@ -1,43 +1,43 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifdef __cplusplus -extern "C" { -#endif - -#define HAS_ARGUMENT 1 -#define HAS_NO_ARGUMENT !HAS_ARGUMENT - -typedef struct argument_t -{ - int Id; - wchar_t long_name[32]; - wchar_t short_name[8]; - BOOL Internal; -} argument; - -typedef struct argumentspec_t -{ - argument *args; - int arg_cnt; -} argumentspec; - -BOOL CALLBACK CommandHelpDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); -int Win32CommandLine ( wchar_t ***lpszArgs ); -int GetArgSepPosOffset ( wchar_t *lpszArgument ); -int GetArgumentID ( argumentspec *as , wchar_t *lpszArgument ); -int GetArgumentValue ( wchar_t **lpszCommandLineArgs , int *nArgIdx , int nNoCommandLineArgs , wchar_t *lpszValue , int nValueSize ); - -#ifdef __cplusplus -} -#endif +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifdef __cplusplus +extern "C" { +#endif + +#define HAS_ARGUMENT 1 +#define HAS_NO_ARGUMENT !HAS_ARGUMENT + +typedef struct argument_t +{ + int Id; + wchar_t long_name[32]; + wchar_t short_name[8]; + BOOL Internal; +} argument; + +typedef struct argumentspec_t +{ + argument *args; + int arg_cnt; +} argumentspec; + +BOOL CALLBACK CommandHelpDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); +int Win32CommandLine ( wchar_t ***lpszArgs ); +int GetArgSepPosOffset ( wchar_t *lpszArgument ); +int GetArgumentID ( argumentspec *as , wchar_t *lpszArgument ); +int GetArgumentValue ( wchar_t **lpszCommandLineArgs , int *nArgIdx , int nNoCommandLineArgs , wchar_t *lpszValue , int nValueSize ); + +#ifdef __cplusplus +} +#endif diff --git a/src/Common/Combo.c b/src/Common/Combo.c index 0340b23a..fe456853 100644 --- a/src/Common/Combo.c +++ b/src/Common/Combo.c @@ -1,258 +1,258 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" -#include "Combo.h" -#include "Dlgcode.h" -#include "Xml.h" - -#include - -#define SIZEOF_MRU_LIST 20 - -void AddComboItem (HWND hComboBox, const wchar_t *lpszFileName, BOOL saveHistory) -{ - LPARAM nIndex; - - if (!saveHistory) - { - SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); - SetWindowText (hComboBox, lpszFileName); - return; - } - - nIndex = SendMessage (hComboBox, CB_FINDSTRINGEXACT, (WPARAM) - 1, (LPARAM) & lpszFileName[0]); - - if (nIndex == CB_ERR && *lpszFileName) - { - time_t lTime = time (NULL); - nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) & lpszFileName[0]); - if (nIndex != CB_ERR) - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) lTime); - } - - if (nIndex != CB_ERR && *lpszFileName) - nIndex = SendMessage (hComboBox, CB_SETCURSEL, nIndex, 0); - - if (*lpszFileName == 0) - { - SendMessage (hComboBox, CB_SETCURSEL, (WPARAM) - 1, 0); - } -} - - -LPARAM MoveEditToCombo (HWND hComboBox, BOOL saveHistory) -{ - wchar_t szTmp[TC_MAX_PATH] = {0}; - - if (!saveHistory) - { - GetWindowText (hComboBox, szTmp, ARRAYSIZE (szTmp)); - SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); - SetWindowText (hComboBox, szTmp); - return 0; - } - - GetWindowText (hComboBox, szTmp, ARRAYSIZE (szTmp)); - - if (wcslen (szTmp) > 0) - { - LPARAM nIndex = SendMessage (hComboBox, CB_FINDSTRINGEXACT, (WPARAM) - 1, - (LPARAM) & szTmp[0]); - if (nIndex == CB_ERR) - { - time_t lTime = time (NULL); - nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) & szTmp[0]); - if (nIndex != CB_ERR) - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (DWORD) lTime); - } - else - { - time_t lTime = time (NULL); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (DWORD) lTime); - } - - return nIndex; - } - - return SendMessage (hComboBox, CB_GETCURSEL, 0, 0); -} - -int GetOrderComboIdx (HWND hComboBox, int *nIdxList, int nElems) -{ - int x = (int) SendMessage (hComboBox, CB_GETCOUNT, 0, 0); - if (x != CB_ERR) - { - int i, nHighIdx = CB_ERR; - time_t lHighTime = -1; - - for (i = 0; i < x; i++) - { - time_t lTime = SendMessage (hComboBox, CB_GETITEMDATA, (WPARAM) i, 0); - if (lTime > lHighTime) - { - int n; - for (n = 0; n < nElems; n++) - if (nIdxList[n] == i) - break; - if (n == nElems) - { - lHighTime = lTime; - nHighIdx = i; - } - } - } - - return nHighIdx; - } - - return CB_ERR; -} - -LPARAM UpdateComboOrder (HWND hComboBox) -{ - LPARAM nIndex; - - nIndex = SendMessage (hComboBox, CB_GETCURSEL, 0, 0); - - if (nIndex != CB_ERR) - { - time_t lTime = time (NULL); - nIndex = SendMessage (hComboBox, CB_SETITEMDATA, (WPARAM) nIndex, - (LPARAM) lTime); - } - - return nIndex; -} - -void LoadCombo (HWND hComboBox, BOOL bEnabled, BOOL bOnlyCheckModified, BOOL *pbModified) -{ - DWORD size; - char *history = LoadFile (GetConfigPath (TC_APPD_FILENAME_HISTORY), &size); - char *xml = history; - char volume[MAX_PATH]; - int i, nComboIdx[SIZEOF_MRU_LIST] = {0}; - int count = SendMessage (hComboBox, CB_GETCOUNT, 0, 0); - - if (xml == NULL) - { - // No history XML file but history is enabled - if (bEnabled && pbModified) - *pbModified = TRUE; - return; - } - - if (!bEnabled && bOnlyCheckModified) - { - // History is disable but there is a history XML file - if (pbModified) - *pbModified = TRUE; - free (history); - return; - } - - - /* combo list part:- get mru items */ - for (i = 0; i < SIZEOF_MRU_LIST; i++) - nComboIdx[i] = GetOrderComboIdx (hComboBox, &nComboIdx[0], i); - - i = 0; - while (xml = XmlFindElement (xml, "volume")) - { - wchar_t szTmp[MAX_PATH] = { 0 }; - wchar_t wszVolume[MAX_PATH] = {0}; - - if (i < count) - { - if (SendMessage (hComboBox, CB_GETLBTEXTLEN, nComboIdx[i], 0) < ARRAYSIZE (szTmp)) - SendMessage (hComboBox, CB_GETLBTEXT, nComboIdx[i], (LPARAM) & szTmp[0]); - } - - XmlGetNodeText (xml, volume, sizeof (volume)); - if (0 == MultiByteToWideChar (CP_UTF8, 0, volume, -1, wszVolume, MAX_PATH)) - wszVolume [0] = 0; - if (!bOnlyCheckModified) - AddComboItem (hComboBox, wszVolume, TRUE); - - if (pbModified && wcscmp (wszVolume, szTmp)) - *pbModified = TRUE; - - xml++; - i++; - } - - if (pbModified && (i != count)) - *pbModified = TRUE; - - if (!bOnlyCheckModified) - SendMessage (hComboBox, CB_SETCURSEL, 0, 0); - - free (history); -} - -void DumpCombo (HWND hComboBox, int bClear) -{ - FILE *f; - int i, nComboIdx[SIZEOF_MRU_LIST] = {0}; - - if (bClear) - { - DeleteFile (GetConfigPath (TC_APPD_FILENAME_HISTORY)); - return; - } - - f = _wfopen (GetConfigPath (TC_APPD_FILENAME_HISTORY), L"w,ccs=UTF-8"); - if (f == NULL) return; - - XmlWriteHeader (f); - fputws (L"\n\t", f); - - /* combo list part:- get mru items */ - for (i = 0; i < SIZEOF_MRU_LIST; i++) - nComboIdx[i] = GetOrderComboIdx (hComboBox, &nComboIdx[0], i); - - /* combo list part:- write out mru items */ - for (i = 0; i < SIZEOF_MRU_LIST; i++) - { - wchar_t szTmp[MAX_PATH] = { 0 }; - - if (SendMessage (hComboBox, CB_GETLBTEXTLEN, nComboIdx[i], 0) < ARRAYSIZE (szTmp)) - SendMessage (hComboBox, CB_GETLBTEXT, nComboIdx[i], (LPARAM) & szTmp[0]); - - if (szTmp[0] != 0) - { - wchar_t q[MAX_PATH * 2] = { 0 }; - XmlQuoteTextW (szTmp, q, ARRAYSIZE (q)); - - fwprintf (f, L"\n\t\t%s", q); - } - } - - fputws (L"\n\t", f); - XmlWriteFooter (f); - fclose (f); -} - -void ClearCombo (HWND hComboBox) -{ - int i; - for (i = 0; i < SIZEOF_MRU_LIST; i++) - { - SendMessage (hComboBox, CB_DELETESTRING, 0, 0); - } -} - -int IsComboEmpty (HWND hComboBox) -{ - return SendMessage (hComboBox, CB_GETCOUNT, 0, 0) < 1; -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" +#include "Combo.h" +#include "Dlgcode.h" +#include "Xml.h" + +#include + +#define SIZEOF_MRU_LIST 20 + +void AddComboItem (HWND hComboBox, const wchar_t *lpszFileName, BOOL saveHistory) +{ + LPARAM nIndex; + + if (!saveHistory) + { + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + SetWindowText (hComboBox, lpszFileName); + return; + } + + nIndex = SendMessage (hComboBox, CB_FINDSTRINGEXACT, (WPARAM) - 1, (LPARAM) & lpszFileName[0]); + + if (nIndex == CB_ERR && *lpszFileName) + { + time_t lTime = time (NULL); + nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) & lpszFileName[0]); + if (nIndex != CB_ERR) + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) lTime); + } + + if (nIndex != CB_ERR && *lpszFileName) + nIndex = SendMessage (hComboBox, CB_SETCURSEL, nIndex, 0); + + if (*lpszFileName == 0) + { + SendMessage (hComboBox, CB_SETCURSEL, (WPARAM) - 1, 0); + } +} + + +LPARAM MoveEditToCombo (HWND hComboBox, BOOL saveHistory) +{ + wchar_t szTmp[TC_MAX_PATH] = {0}; + + if (!saveHistory) + { + GetWindowText (hComboBox, szTmp, ARRAYSIZE (szTmp)); + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + SetWindowText (hComboBox, szTmp); + return 0; + } + + GetWindowText (hComboBox, szTmp, ARRAYSIZE (szTmp)); + + if (wcslen (szTmp) > 0) + { + LPARAM nIndex = SendMessage (hComboBox, CB_FINDSTRINGEXACT, (WPARAM) - 1, + (LPARAM) & szTmp[0]); + if (nIndex == CB_ERR) + { + time_t lTime = time (NULL); + nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) & szTmp[0]); + if (nIndex != CB_ERR) + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (DWORD) lTime); + } + else + { + time_t lTime = time (NULL); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (DWORD) lTime); + } + + return nIndex; + } + + return SendMessage (hComboBox, CB_GETCURSEL, 0, 0); +} + +int GetOrderComboIdx (HWND hComboBox, int *nIdxList, int nElems) +{ + int x = (int) SendMessage (hComboBox, CB_GETCOUNT, 0, 0); + if (x != CB_ERR) + { + int i, nHighIdx = CB_ERR; + time_t lHighTime = -1; + + for (i = 0; i < x; i++) + { + time_t lTime = SendMessage (hComboBox, CB_GETITEMDATA, (WPARAM) i, 0); + if (lTime > lHighTime) + { + int n; + for (n = 0; n < nElems; n++) + if (nIdxList[n] == i) + break; + if (n == nElems) + { + lHighTime = lTime; + nHighIdx = i; + } + } + } + + return nHighIdx; + } + + return CB_ERR; +} + +LPARAM UpdateComboOrder (HWND hComboBox) +{ + LPARAM nIndex; + + nIndex = SendMessage (hComboBox, CB_GETCURSEL, 0, 0); + + if (nIndex != CB_ERR) + { + time_t lTime = time (NULL); + nIndex = SendMessage (hComboBox, CB_SETITEMDATA, (WPARAM) nIndex, + (LPARAM) lTime); + } + + return nIndex; +} + +void LoadCombo (HWND hComboBox, BOOL bEnabled, BOOL bOnlyCheckModified, BOOL *pbModified) +{ + DWORD size; + char *history = LoadFile (GetConfigPath (TC_APPD_FILENAME_HISTORY), &size); + char *xml = history; + char volume[MAX_PATH]; + int i, nComboIdx[SIZEOF_MRU_LIST] = {0}; + int count = SendMessage (hComboBox, CB_GETCOUNT, 0, 0); + + if (xml == NULL) + { + // No history XML file but history is enabled + if (bEnabled && pbModified) + *pbModified = TRUE; + return; + } + + if (!bEnabled && bOnlyCheckModified) + { + // History is disable but there is a history XML file + if (pbModified) + *pbModified = TRUE; + free (history); + return; + } + + + /* combo list part:- get mru items */ + for (i = 0; i < SIZEOF_MRU_LIST; i++) + nComboIdx[i] = GetOrderComboIdx (hComboBox, &nComboIdx[0], i); + + i = 0; + while (xml = XmlFindElement (xml, "volume")) + { + wchar_t szTmp[MAX_PATH] = { 0 }; + wchar_t wszVolume[MAX_PATH] = {0}; + + if (i < count) + { + if (SendMessage (hComboBox, CB_GETLBTEXTLEN, nComboIdx[i], 0) < ARRAYSIZE (szTmp)) + SendMessage (hComboBox, CB_GETLBTEXT, nComboIdx[i], (LPARAM) & szTmp[0]); + } + + XmlGetNodeText (xml, volume, sizeof (volume)); + if (0 == MultiByteToWideChar (CP_UTF8, 0, volume, -1, wszVolume, MAX_PATH)) + wszVolume [0] = 0; + if (!bOnlyCheckModified) + AddComboItem (hComboBox, wszVolume, TRUE); + + if (pbModified && wcscmp (wszVolume, szTmp)) + *pbModified = TRUE; + + xml++; + i++; + } + + if (pbModified && (i != count)) + *pbModified = TRUE; + + if (!bOnlyCheckModified) + SendMessage (hComboBox, CB_SETCURSEL, 0, 0); + + free (history); +} + +void DumpCombo (HWND hComboBox, int bClear) +{ + FILE *f; + int i, nComboIdx[SIZEOF_MRU_LIST] = {0}; + + if (bClear) + { + DeleteFile (GetConfigPath (TC_APPD_FILENAME_HISTORY)); + return; + } + + f = _wfopen (GetConfigPath (TC_APPD_FILENAME_HISTORY), L"w,ccs=UTF-8"); + if (f == NULL) return; + + XmlWriteHeader (f); + fputws (L"\n\t", f); + + /* combo list part:- get mru items */ + for (i = 0; i < SIZEOF_MRU_LIST; i++) + nComboIdx[i] = GetOrderComboIdx (hComboBox, &nComboIdx[0], i); + + /* combo list part:- write out mru items */ + for (i = 0; i < SIZEOF_MRU_LIST; i++) + { + wchar_t szTmp[MAX_PATH] = { 0 }; + + if (SendMessage (hComboBox, CB_GETLBTEXTLEN, nComboIdx[i], 0) < ARRAYSIZE (szTmp)) + SendMessage (hComboBox, CB_GETLBTEXT, nComboIdx[i], (LPARAM) & szTmp[0]); + + if (szTmp[0] != 0) + { + wchar_t q[MAX_PATH * 2] = { 0 }; + XmlQuoteTextW (szTmp, q, ARRAYSIZE (q)); + + fwprintf (f, L"\n\t\t%s", q); + } + } + + fputws (L"\n\t", f); + XmlWriteFooter (f); + fclose (f); +} + +void ClearCombo (HWND hComboBox) +{ + int i; + for (i = 0; i < SIZEOF_MRU_LIST; i++) + { + SendMessage (hComboBox, CB_DELETESTRING, 0, 0); + } +} + +int IsComboEmpty (HWND hComboBox) +{ + return SendMessage (hComboBox, CB_GETCOUNT, 0, 0) < 1; +} diff --git a/src/Common/Combo.h b/src/Common/Combo.h index dd181294..cacbc413 100644 --- a/src/Common/Combo.h +++ b/src/Common/Combo.h @@ -1,29 +1,29 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifdef __cplusplus -extern "C" { -#endif - -void AddComboItem (HWND hComboBox, const wchar_t *lpszFileName, BOOL saveHistory); -LPARAM MoveEditToCombo (HWND hComboBox, BOOL saveHistory); -int GetOrderComboIdx ( HWND hComboBox , int *nIdxList , int nElems ); -LPARAM UpdateComboOrder ( HWND hComboBox ); -void LoadCombo (HWND hComboBox, BOOL bEnabled, BOOL bOnlyCheckModified, BOOL *pbModified); -void DumpCombo ( HWND hComboBox , int bClear ); -void ClearCombo (HWND hComboBox); -int IsComboEmpty (HWND hComboBox); - -#ifdef __cplusplus -} -#endif +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifdef __cplusplus +extern "C" { +#endif + +void AddComboItem (HWND hComboBox, const wchar_t *lpszFileName, BOOL saveHistory); +LPARAM MoveEditToCombo (HWND hComboBox, BOOL saveHistory); +int GetOrderComboIdx ( HWND hComboBox , int *nIdxList , int nElems ); +LPARAM UpdateComboOrder ( HWND hComboBox ); +void LoadCombo (HWND hComboBox, BOOL bEnabled, BOOL bOnlyCheckModified, BOOL *pbModified); +void DumpCombo ( HWND hComboBox , int bClear ); +void ClearCombo (HWND hComboBox); +int IsComboEmpty (HWND hComboBox); + +#ifdef __cplusplus +} +#endif diff --git a/src/Common/Common.h b/src/Common/Common.h index 180cbffb..05e2e12f 100644 --- a/src/Common/Common.h +++ b/src/Common/Common.h @@ -1,95 +1,95 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef COMMON_H -#define COMMON_H - -#include "Crypto.h" - -#define MIN_MOUNTED_VOLUME_DRIVE_NUMBER ('A' - 'A') -#define MAX_MOUNTED_VOLUME_DRIVE_NUMBER ('Z' - 'A') - -#define MAX_HOST_DRIVE_NUMBER 64 -#define MAX_HOST_PARTITION_NUMBER 32 - -#define VOLUME_ID_SIZE SHA256_DIGESTSIZE - -typedef enum -{ - // IMPORTANT: If you add a new item here, update IsOSVersionAtLeast(). - - WIN_UNKNOWN = 0, - WIN_31, - WIN_95, - WIN_98, - WIN_ME, - WIN_NT3, - WIN_NT4, - WIN_2000, - WIN_XP, - WIN_XP64, - WIN_SERVER_2003, - WIN_VISTA, - WIN_SERVER_2008, - WIN_7, - WIN_SERVER_2008_R2, - WIN_8, - WIN_SERVER_2012, - WIN_8_1, - WIN_SERVER_2012_R2, - WIN_10, - WIN_SERVER_2016 -} OSVersionEnum; - -/* Volume types */ -enum -{ - TC_VOLUME_TYPE_NORMAL = 0, - TC_VOLUME_TYPE_HIDDEN, - TC_VOLUME_TYPE_COUNT -}; - -/* Prop volume types */ -enum -{ - PROP_VOL_TYPE_NORMAL = 0, - PROP_VOL_TYPE_HIDDEN, - PROP_VOL_TYPE_OUTER, /* Outer/normal (hidden volume protected) */ - PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED, /* Outer/normal (hidden volume protected AND write already prevented) */ - PROP_VOL_TYPE_SYSTEM, - PROP_NBR_VOLUME_TYPES -}; - -/* Hidden volume protection status */ -enum -{ - HIDVOL_PROT_STATUS_NONE = 0, - HIDVOL_PROT_STATUS_ACTIVE, - HIDVOL_PROT_STATUS_ACTION_TAKEN /* Active + action taken (write operation has already been denied) */ -}; - -typedef struct -{ - BOOL ReadOnly; - BOOL Removable; - BOOL ProtectHiddenVolume; - BOOL PreserveTimestamp; - BOOL PartitionInInactiveSysEncScope; /* If TRUE, we are to attempt to mount a partition located on an encrypted system drive without pre-boot authentication. */ - Password ProtectedHidVolPassword; /* Password of hidden volume to protect against overwriting */ - BOOL UseBackupHeader; - BOOL RecoveryMode; - int ProtectedHidVolPkcs5Prf; - int ProtectedHidVolPim; - wchar_t Label[33]; /* maximum label length is 32 for NTFS and 11 for FAT32 */ -} MountOptions; - -#endif +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef COMMON_H +#define COMMON_H + +#include "Crypto.h" + +#define MIN_MOUNTED_VOLUME_DRIVE_NUMBER ('A' - 'A') +#define MAX_MOUNTED_VOLUME_DRIVE_NUMBER ('Z' - 'A') + +#define MAX_HOST_DRIVE_NUMBER 64 +#define MAX_HOST_PARTITION_NUMBER 32 + +#define VOLUME_ID_SIZE SHA256_DIGESTSIZE + +typedef enum +{ + // IMPORTANT: If you add a new item here, update IsOSVersionAtLeast(). + + WIN_UNKNOWN = 0, + WIN_31, + WIN_95, + WIN_98, + WIN_ME, + WIN_NT3, + WIN_NT4, + WIN_2000, + WIN_XP, + WIN_XP64, + WIN_SERVER_2003, + WIN_VISTA, + WIN_SERVER_2008, + WIN_7, + WIN_SERVER_2008_R2, + WIN_8, + WIN_SERVER_2012, + WIN_8_1, + WIN_SERVER_2012_R2, + WIN_10, + WIN_SERVER_2016 +} OSVersionEnum; + +/* Volume types */ +enum +{ + TC_VOLUME_TYPE_NORMAL = 0, + TC_VOLUME_TYPE_HIDDEN, + TC_VOLUME_TYPE_COUNT +}; + +/* Prop volume types */ +enum +{ + PROP_VOL_TYPE_NORMAL = 0, + PROP_VOL_TYPE_HIDDEN, + PROP_VOL_TYPE_OUTER, /* Outer/normal (hidden volume protected) */ + PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED, /* Outer/normal (hidden volume protected AND write already prevented) */ + PROP_VOL_TYPE_SYSTEM, + PROP_NBR_VOLUME_TYPES +}; + +/* Hidden volume protection status */ +enum +{ + HIDVOL_PROT_STATUS_NONE = 0, + HIDVOL_PROT_STATUS_ACTIVE, + HIDVOL_PROT_STATUS_ACTION_TAKEN /* Active + action taken (write operation has already been denied) */ +}; + +typedef struct +{ + BOOL ReadOnly; + BOOL Removable; + BOOL ProtectHiddenVolume; + BOOL PreserveTimestamp; + BOOL PartitionInInactiveSysEncScope; /* If TRUE, we are to attempt to mount a partition located on an encrypted system drive without pre-boot authentication. */ + Password ProtectedHidVolPassword; /* Password of hidden volume to protect against overwriting */ + BOOL UseBackupHeader; + BOOL RecoveryMode; + int ProtectedHidVolPkcs5Prf; + int ProtectedHidVolPim; + wchar_t Label[33]; /* maximum label length is 32 for NTFS and 11 for FAT32 */ +} MountOptions; + +#endif diff --git a/src/Common/Common.rc b/src/Common/Common.rc index a0dbd612..1e529c63 100644 --- a/src/Common/Common.rc +++ b/src/Common/Common.rc @@ -1,603 +1,603 @@ -// Microsoft Visual C++ generated resource script. -// -#include "resource.h" - -#define APSTUDIO_READONLY_SYMBOLS -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 2 resource. -// -#include "afxres.h" - -///////////////////////////////////////////////////////////////////////////// -#undef APSTUDIO_READONLY_SYMBOLS - -///////////////////////////////////////////////////////////////////////////// -// English (U.S.) resources - -#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU) -#ifdef _WIN32 -LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US -#pragma code_page(1252) -#endif //_WIN32 - -///////////////////////////////////////////////////////////////////////////// -// -// Dialog -// - -IDD_ABOUT_DLG DIALOGEX 31, 51, 292, 199 -STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "About VeraCrypt" -CLASS "VeraCryptSplashDlg" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - EDITTEXT IDC_ABOUT_CREDITS,7,111,277,45,ES_MULTILINE | WS_VSCROLL | NOT WS_TABSTOP - DEFPUSHBUTTON "OK",IDOK,230,178,52,14 - LTEXT "",IDC_HOMEPAGE,18,87,117,9,SS_NOTIFY - LTEXT "",IDT_ABOUT_RELEASE,18,71,235,8 - CONTROL IDB_TEXTUAL_LOGO_BKG,IDC_ABOUT_BKG,"Static",SS_BITMAP,0,0,12,11,WS_EX_STATICEDGE - LTEXT "",IDT_ABOUT_VERSION,18,61,161,8 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,167,291,1,WS_EX_STATICEDGE - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,169,291,1,WS_EX_STATICEDGE - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,107,291,1,WS_EX_STATICEDGE - CONTROL "",IDC_ABOUT_LOGO_AREA,"Static",SS_GRAYRECT | NOT WS_VISIBLE,0,0,293,50,WS_EX_TRANSPARENT | WS_EX_STATICEDGE - CONTROL IDB_TEXTUAL_LOGO_96DPI,IDC_TEXTUAL_LOGO_IMG,"Static",SS_BITMAP,12,26,157,16 -END - -IDD_COMMANDHELP_DLG DIALOGEX 0, 0, 249, 289 -STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "Command Line Help" -CLASS "VeraCryptCustomDlg" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - DEFPUSHBUTTON "OK",IDOK,93,267,59,14 - LTEXT "",IDC_COMMANDHELP_TEXT,20,7,208,256 -END - -IDD_RAWDEVICES_DLG DIALOGEX 0, 0, 305, 209 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "Select a Partition or Device" -FONT 8, "MS Shell Dlg", 400, 0, 0x0 -BEGIN - CONTROL "",IDC_DEVICELIST,"SysListView32",LVS_REPORT | LVS_SINGLESEL | LVS_EDITLABELS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,7,291,178 - DEFPUSHBUTTON "OK",IDOK,192,190,50,14 - PUSHBUTTON "Cancel",IDCANCEL,248,190,50,14 -END - -IDD_MOUNT_OPTIONS DIALOGEX 0, 0, 277, 231 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - Mount Options" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "Mount volume as read-&only",IDC_MOUNT_READONLY,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,11,194,10 - CONTROL "Mount volume as removable &medium",IDC_MOUNT_REMOVABLE, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,25,195,10 - CONTROL "Use backup header embedded in &volume if available",IDC_USE_EMBEDDED_HEADER_BAK, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,39,257,11 - CONTROL "Mount partition &using system encryption without pre-boot authentication",IDC_MOUNT_SYSENC_PART_WITHOUT_PBA, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,53,259,11 - EDITTEXT IDC_VOLUME_LABEL,112,67,150,14,ES_AUTOHSCROLL - CONTROL "&Protect hidden volume against damage caused by writing to outer volume",IDC_PROTECT_HIDDEN_VOL, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,97,252,10 - EDITTEXT IDC_PASSWORD_PROT_HIDVOL,112,115,151,14,ES_PASSWORD | ES_AUTOHSCROLL - COMBOBOX IDC_PKCS5_PRF_ID,112,136,91,90,CBS_DROPDOWNLIST | WS_TABSTOP - EDITTEXT IDC_PIM,112,156,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE - CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,161,97,10 - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,158,159,112,8,NOT WS_VISIBLE - CONTROL "&Display password",IDC_SHOW_PASSWORD_MO,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,174,90,10 - CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE_HIDVOL_PROT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,187,90,10 - PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,204,183,60,14 - DEFPUSHBUTTON "OK",IDOK,211,7,60,14 - PUSHBUTTON "Cancel",IDCANCEL,211,24,60,14 - LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,202,247,10,SS_NOTIFY - RTEXT "P&assword to hidden volume:\n(if empty, cache is used)",IDT_HIDDEN_PROT_PASSWD,15,114,91,17,0,WS_EX_RIGHT - GROUPBOX "Hidden Volume Protection",IDT_HIDDEN_VOL_PROTECTION,6,83,265,136 - RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,15,137,91,17 - RTEXT "Volume PIM:",IDT_PIM,15,159,91,17,NOT WS_VISIBLE - LTEXT "Volume Label in Windows:",IDT_VOLUME_LABEL,12,70,95,8 -END - -IDD_KEYFILES DIALOGEX 0, 0, 363, 251 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - Keyfiles" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "",IDC_KEYLIST,"SysListView32",LVS_REPORT | LVS_SHOWSELALWAYS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,8,275,118 - PUSHBUTTON "Add &Files...",IDC_KEYADD,7,132,61,14 - PUSHBUTTON "Add &Path...",IDC_ADD_KEYFILE_PATH,79,132,61,14 - PUSHBUTTON "Add &Token Files...",IDC_TOKEN_FILES_ADD,151,132,65,14 - PUSHBUTTON "&Remove",IDC_KEYREMOVE,227,132,61,14 - PUSHBUTTON "Remove &All",IDC_KEYREMOVEALL,299,132,61,14 - CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,7,232,105,11 - PUSHBUTTON "&Generate Random Keyfile...",IDC_GENERATE_KEYFILE,237,230,123,14 - DEFPUSHBUTTON "OK",IDOK,290,8,70,14 - PUSHBUTTON "Cancel",IDCANCEL,290,25,70,14 - LTEXT "",IDT_KEYFILES_NOTE,10,161,346,41,0,WS_EX_TRANSPARENT - LTEXT "WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile!",IDT_KEYFILE_WARNING,290,44,69,85,0,WS_EX_TRANSPARENT - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,154,361,1,WS_EX_STATICEDGE - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,209,361,1,WS_EX_STATICEDGE - LTEXT "More information on keyfiles",IDC_LINK_KEYFILES_INFO,119,233,113,10,SS_NOTIFY - CONTROL "Try first to mount with an empty password",IDC_KEYFILES_TRY_EMPTY_PASSWORD, - "Button",BS_AUTOCHECKBOX | NOT WS_VISIBLE | WS_TABSTOP,7,217,310,10 -END - -IDD_LANGUAGE DIALOGEX 0, 0, 209, 183 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - Language" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - LISTBOX IDC_LANGLIST,6,7,197,67,LBS_SORT | LBS_NOINTEGRALHEIGHT | WS_VSCROLL | WS_TABSTOP - EDITTEXT IDC_LANGPACK_CREDITS,6,108,197,28,ES_MULTILINE | ES_READONLY | WS_VSCROLL | NOT WS_TABSTOP - CTEXT "Download language pack",IDC_GET_LANG_PACKS,2,146,205,10,SS_NOTIFY - DEFPUSHBUTTON "OK",IDOK,97,165,50,14 - PUSHBUTTON "Cancel",IDCANCEL,153,165,50,14 - LTEXT "Translated by:",IDT_LANGPACK_AUTHORS,6,99,101,9,SS_NOTIFY,WS_EX_TRANSPARENT - RTEXT "",IDC_LANGPACK_VERSION,79,86,118,11 - GROUPBOX "Active language pack",IDT_ACTIVE_LANG_PACK,0,77,209,65 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,158,208,1,WS_EX_STATICEDGE -END - -IDD_BENCHMARK_DLG DIALOGEX 0, 0, 330, 223 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - Encryption Algorithm Benchmark" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - COMBOBOX IDC_BENCHMARK_BUFFER_SIZE,55,7,77,129,CBS_DROPDOWNLIST | CBS_AUTOHSCROLL | WS_VSCROLL | WS_TABSTOP - COMBOBOX IDC_BENCHMARK_SORT_METHOD,207,7,116,74,CBS_DROPDOWNLIST | CBS_AUTOHSCROLL | WS_VSCROLL | WS_TABSTOP - CONTROL "",IDC_RESULTS,"SysListView32",LVS_REPORT | LVS_SINGLESEL | LVS_SHOWSELALWAYS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,37,249,160 - DEFPUSHBUTTON "Benchmark",IDC_PERFORM_BENCHMARK,265,37,58,14 - PUSHBUTTON "Close",IDCLOSE,265,55,58,14 - LTEXT "Hardware-accelerated AES:",IDC_HW_AES_LABEL_LINK,148,210,108,9,SS_NOTIFY,WS_EX_RIGHT - CONTROL "",IDC_HW_AES,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,262,209,57,11,WS_EX_STATICEDGE - LTEXT "Parallelization:",IDC_PARALLELIZATION_LABEL_LINK,4,210,67,9,SS_NOTIFY,WS_EX_RIGHT - CONTROL "",IDC_PARALLELIZATION,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,77,209,57,11,WS_EX_STATICEDGE - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,29,328,1,WS_EX_STATICEDGE - LTEXT "Buffer Size:",IDT_BUFFER_SIZE,0,9,53,8,0,WS_EX_RIGHT - LTEXT "Sort Method:",IDT_SORT_METHOD,135,9,70,8,0,WS_EX_RIGHT - LTEXT "Speed is affected by CPU load and storage device characteristics.\n\nThese tests take place in RAM.",IDT_BOX_BENCHMARK_INFO,266,81,57,116 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,205,328,1,WS_EX_STATICEDGE -END - -IDD_CIPHER_TEST_DLG DIALOGEX 0, 0, 326, 249 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - Test Vectors" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - COMBOBOX IDC_CIPHER,109,10,104,126,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP - EDITTEXT IDC_KEY,8,36,309,14,ES_AUTOHSCROLL - COMBOBOX IDC_KEY_SIZE,67,55,42,68,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP - EDITTEXT IDC_SECONDARY_KEY,8,93,309,14,ES_AUTOHSCROLL - EDITTEXT IDC_TEST_DATA_UNIT_NUMBER,8,118,84,14,ES_AUTOHSCROLL - CONTROL "XTS mode",IDC_XTS_MODE_ENABLED,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,221,12,95,10 - EDITTEXT IDC_PLAINTEXT,8,151,159,14,ES_AUTOHSCROLL - COMBOBOX IDC_PLAINTEXT_SIZE,258,151,36,30,CBS_DROPDOWNLIST | WS_DISABLED | WS_VSCROLL | WS_TABSTOP - EDITTEXT IDC_CIPHERTEXT,8,185,159,14,ES_AUTOHSCROLL - DEFPUSHBUTTON "&Encrypt",IDC_ENCRYPT,8,229,52,14 - PUSHBUTTON "&Decrypt",IDC_DECRYPT,65,229,52,14 - PUSHBUTTON "&Auto-Test All",IDC_AUTO,129,229,67,14,BS_MULTILINE - PUSHBUTTON "&Reset",IDC_RESET,208,229,52,14 - PUSHBUTTON "Close",IDCLOSE,266,229,52,14 - GROUPBOX "Key (hexadecimal)",IDT_TEST_KEY,1,26,323,49 - GROUPBOX "Plaintext (hexadecimal)",IDT_TEST_PLAINTEXT,1,140,323,33 - GROUPBOX "Ciphertext (hexadecimal)",IDT_TEST_CIPHERTEXT,1,174,323,33 - RTEXT "",IDC_TESTS_MESSAGE,50,213,178,10 - CONTROL "",IDC_REDTICK,"VCREDTICK",0x0,234,214,10,8 - RTEXT "Key size:",IDT_KEY,8,57,56,8 - RTEXT "Plaintext size:",IDT_PLAINTEXT,174,153,79,8 - LTEXT "bits",IDT_KEY_UNIT,114,57,45,8 - RTEXT "Cipher:",IDT_CIPHER,38,13,68,8 - LTEXT "bits",IDT_PLAINTEXT_SIZE_UNIT,298,153,22,8 - GROUPBOX "XTS mode",IDT_XTS_MODE,1,75,323,65 - LTEXT "Secondary key (hexadecimal)",IDT_SECONDARY_KEY,8,84,187,8 - LTEXT "Data unit number (64-bit hexadecimal, data unit size is 512 bytes)",IDT_TEST_DATA_UNIT_NUMBER,8,109,308,8 - RTEXT "Block number:",IDT_TEST_BLOCK_NUMBER,134,122,119,8 - COMBOBOX IDC_TEST_BLOCK_NUMBER,258,119,36,126,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP -END - -IDD_TEXT_INFO_DIALOG_BOX_DLG DIALOGEX 0, 0, 372, 220 -STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - DEFPUSHBUTTON "OK",IDOK,305,200,58,14 - PUSHBUTTON "&Print",IDC_PRINT,156,200,58,14 - CONTROL "",IDC_INFO_BOX_TEXT,"RichEdit20W",ES_MULTILINE | ES_READONLY | ES_NUMBER | WS_BORDER | WS_VSCROLL | WS_TABSTOP,5,6,361,188 -END - -IDD_KEYFILE_GENERATOR DIALOGEX 0, 0, 357, 362 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - Keyfile Generator" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - DEFPUSHBUTTON "Close",IDCLOSE,291,10,59,14 - COMBOBOX IDC_PRF_ID,97,49,91,90,CBS_DROPDOWNLIST | WS_TABSTOP - CONTROL "Display pool content",IDC_DISPLAY_POOL_CONTENTS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,209,51,141,10 - EDITTEXT IDC_NUMBER_KEYFILES,124,278,51,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER - EDITTEXT IDC_KEYFILES_SIZE,124,298,51,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER - CONTROL "Random size ( 64 <-> 1048576 )",IDC_KEYFILES_RANDOM_SIZE, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,181,300,174,10 - EDITTEXT IDC_KEYFILES_BASE_NAME,124,318,141,14,ES_AUTOHSCROLL - PUSHBUTTON "Generate and Save Keyfile...",IDC_GENERATE_AND_SAVE_KEYFILE,124,336,141,14 - LTEXT "IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile.",IDT_KEYFILE_GENERATOR_NOTE,11,5,271,33 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,40,356,1,WS_EX_STATICEDGE - RTEXT "Mixing PRF:",IDT_PRF,7,51,85,10,SS_CENTERIMAGE - GROUPBOX "Current Pool Content",IDT_POOL_CONTENTS,6,70,344,170 - CTEXT "",IDC_POOL_CONTENTS,16,83,323,148,0,WS_EX_TRANSPARENT - RTEXT "Number of keyfiles:",IDT_NUMBER_KEYFILES,9,281,110,8 - RTEXT "Keyfiles base name:",IDT_KEYFILES_BASE_NAME,9,321,110,8 - RTEXT "Keyfiles size (in Bytes):",IDT_KEYFILES_SIZE,9,300,110,8 - CONTROL "",IDC_ENTROPY_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,18,255,321,12 - GROUPBOX "Randomness Collected From Mouse Movements",IDT_ENTROPY_BAR,6,244,344,29 -END - -IDD_MULTI_CHOICE_DLG DIALOGEX 0, 0, 167, 322 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - PUSHBUTTON "",IDC_CHOICE10,7,292,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE - PUSHBUTTON "",IDC_CHOICE9,7,268,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE - PUSHBUTTON "",IDC_CHOICE8,7,244,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE - PUSHBUTTON "",IDC_CHOICE7,7,220,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE - PUSHBUTTON "",IDC_CHOICE6,7,196,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE - PUSHBUTTON "",IDC_CHOICE5,7,172,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE - PUSHBUTTON "",IDC_CHOICE4,7,148,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE - PUSHBUTTON "",IDC_CHOICE3,7,124,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE - PUSHBUTTON "",IDC_CHOICE2,7,100,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE - PUSHBUTTON "",IDC_CHOICE1,7,76,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE - LTEXT "",IDC_MULTI_CHOICE_MSG,7,7,153,56,0,WS_EX_TRANSPARENT - CONTROL "",IDC_MC_DLG_HR2,"Static",SS_ETCHEDHORZ,0,69,168,1,WS_EX_STATICEDGE - CONTROL "",IDC_MC_DLG_HR1,"Static",SS_ETCHEDHORZ,0,1,168,1,WS_EX_STATICEDGE -END - -IDD_AUXILIARY_DLG DIALOGEX 0, 0, 426, 296 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_NOFAILCREATE | WS_POPUP -EXSTYLE WS_EX_TRANSPARENT -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - LTEXT "",IDC_ASPECT_RATIO_CALIBRATION_BOX,3,2,282,282,WS_DISABLED -END - -IDD_TOKEN_PASSWORD DIALOGEX 0, 0, 281, 47 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "Security token password/PIN required" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - EDITTEXT IDC_TOKEN_PASSWORD,8,20,199,14,ES_PASSWORD | ES_AUTOHSCROLL - DEFPUSHBUTTON "OK",IDOK,215,7,59,14 - PUSHBUTTON "Cancel",IDCANCEL,215,25,59,14 - LTEXT "",IDT_TOKEN_PASSWORD_INFO,9,8,196,8 -END - -IDD_TOKEN_KEYFILES DIALOGEX 0, 0, 337, 185 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "Security Token Keyfiles" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "",IDC_TOKEN_FILE_LIST,"SysListView32",LVS_REPORT | LVS_SHOWSELALWAYS | LVS_EDITLABELS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,7,256,152 - PUSHBUTTON "&Export...",IDC_EXPORT,7,164,55,14 - PUSHBUTTON "&Delete",IDC_DELETE,66,164,55,14 - PUSHBUTTON "&Import Keyfile to Token...",IDC_IMPORT_KEYFILE,126,164,137,14 - DEFPUSHBUTTON "OK",IDOK,271,7,59,14 - PUSHBUTTON "Cancel",IDCANCEL,271,25,59,14 -END - -IDD_NEW_TOKEN_KEYFILE DIALOGEX 0, 0, 239, 82 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "New Security Token Keyfile Properties" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - DEFPUSHBUTTON "OK",IDOK,128,61,50,14 - PUSHBUTTON "Cancel",IDCANCEL,183,61,50,14 - COMBOBOX IDC_SELECTED_TOKEN,77,13,140,43,CBS_DROPDOWNLIST | CBS_SORT | WS_VSCROLL | WS_TABSTOP - LTEXT "Security token:",IDT_SECURITY_TOKEN,11,15,62,8,0,WS_EX_RIGHT - LTEXT "Keyfile name:",IDT_TOKEN_KEYFILE_NAME,12,34,61,8,0,WS_EX_RIGHT - EDITTEXT IDC_TOKEN_KEYFILE_NAME,77,32,140,13,ES_AUTOHSCROLL - GROUPBOX "",IDC_STATIC,5,2,228,51 -END - -IDD_RANDOM_POOL_ENRICHMENT DIALOGEX 0, 0, 308, 301 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - Random Pool Enrichment" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - DEFPUSHBUTTON "&Continue",IDC_CONTINUE,119,278,71,14 - COMBOBOX IDC_PRF_ID,79,49,91,90,CBS_DROPDOWNLIST | WS_TABSTOP - LTEXT "IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'.",IDT_RANDOM_POOL_ENRICHMENT_NOTE,11,6,282,25 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,37,307,1,WS_EX_STATICEDGE - RTEXT "Mixing PRF:",IDT_PRF,6,51,67,10,SS_CENTERIMAGE - GROUPBOX "Current Pool Content",IDT_POOL_CONTENTS,6,70,296,170 - CONTROL "",IDC_POOL_CONTENTS,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,16,83,282,148,WS_EX_TRANSPARENT - CONTROL "Display pool content",IDC_DISPLAY_POOL_CONTENTS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,191,51,111,10 - CONTROL "",IDC_ENTROPY_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,16,255,275,12 - GROUPBOX "Randomness Collected From Mouse Movements",IDT_ENTROPY_BAR,7,244,294,29 -END - -IDD_STATIC_MODELESS_WAIT_DLG DIALOGEX 0, 0, 292, 42 -STYLE DS_SYSMODAL | DS_SETFONT | DS_MODALFRAME | DS_SETFOREGROUND | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION -EXSTYLE WS_EX_TOPMOST | WS_EX_TOOLWINDOW -CAPTION "VeraCrypt" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - LTEXT "Please wait. This process may take a long time...",IDT_STATIC_MODELESS_WAIT_DLG_INFO,9,8,274,9 -END - -IDD_STATIC_MODAL_WAIT_DLG DIALOGEX 0, 0, 292, 74 -STYLE DS_SETFONT | DS_MODALFRAME | DS_SETFOREGROUND | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION -CAPTION "VeraCrypt" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - CTEXT "Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive.",IDT_STATIC_MODAL_WAIT_DLG_INFO,9,11,274,33 - CONTROL "",IDC_WAIT_PROGRESS_BAR,"msctls_progress32",WS_BORDER,7,49,278,14 -END - - -///////////////////////////////////////////////////////////////////////////// -// -// DESIGNINFO -// - -#ifdef APSTUDIO_INVOKED -GUIDELINES DESIGNINFO -BEGIN - IDD_ABOUT_DLG, DIALOG - BEGIN - END - - IDD_COMMANDHELP_DLG, DIALOG - BEGIN - BOTTOMMARGIN, 281 - END - - IDD_RAWDEVICES_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 298 - TOPMARGIN, 7 - BOTTOMMARGIN, 205 - END - - IDD_MOUNT_OPTIONS, DIALOG - BEGIN - LEFTMARGIN, 7 - TOPMARGIN, 7 - BOTTOMMARGIN, 225 - END - - IDD_KEYFILES, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 345 - TOPMARGIN, 7 - BOTTOMMARGIN, 244 - END - - IDD_LANGUAGE, DIALOG - BEGIN - LEFTMARGIN, 6 - RIGHTMARGIN, 202 - TOPMARGIN, 7 - BOTTOMMARGIN, 176 - END - - IDD_BENCHMARK_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 323 - TOPMARGIN, 7 - BOTTOMMARGIN, 216 - END - - IDD_CIPHER_TEST_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 319 - TOPMARGIN, 7 - BOTTOMMARGIN, 242 - END - - IDD_TEXT_INFO_DIALOG_BOX_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 365 - TOPMARGIN, 7 - BOTTOMMARGIN, 213 - END - - IDD_KEYFILE_GENERATOR, DIALOG - BEGIN - LEFTMARGIN, 7 - TOPMARGIN, 7 - BOTTOMMARGIN, 358 - END - - IDD_MULTI_CHOICE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 160 - TOPMARGIN, 7 - BOTTOMMARGIN, 316 - END - - IDD_AUXILIARY_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 419 - TOPMARGIN, 7 - BOTTOMMARGIN, 289 - END - - IDD_TOKEN_PASSWORD, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 274 - TOPMARGIN, 7 - BOTTOMMARGIN, 40 - END - - IDD_TOKEN_KEYFILES, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 330 - TOPMARGIN, 7 - BOTTOMMARGIN, 178 - END - - IDD_NEW_TOKEN_KEYFILE, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 232 - TOPMARGIN, 7 - BOTTOMMARGIN, 75 - END - - IDD_RANDOM_POOL_ENRICHMENT, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 301 - TOPMARGIN, 7 - BOTTOMMARGIN, 298 - END - - IDD_STATIC_MODELESS_WAIT_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 285 - TOPMARGIN, 7 - BOTTOMMARGIN, 35 - END - - IDD_STATIC_MODAL_WAIT_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 285 - TOPMARGIN, 7 - BOTTOMMARGIN, 67 - END -END -#endif // APSTUDIO_INVOKED - - -///////////////////////////////////////////////////////////////////////////// -// -// BIN -// - -IDR_BOOT_SECTOR BIN "..\\Boot\\Windows\\Release\\BootSector.bin" -IDR_BOOT_SECTOR_AES BIN "..\\Boot\\Windows\\Release_AES\\BootSector.bin" -IDR_BOOT_SECTOR_SERPENT BIN "..\\Boot\\Windows\\Release_Serpent\\BootSector.bin" -IDR_BOOT_SECTOR_TWOFISH BIN "..\\Boot\\Windows\\Release_Twofish\\BootSector.bin" -IDR_BOOT_LOADER_DECOMPRESSOR BIN "..\\Boot\\Windows\\Release\\Decompressor.com" -IDR_BOOT_LOADER BIN "..\\Boot\\Windows\\Release\\BootLoader.com.gz" -IDR_BOOT_LOADER_AES BIN "..\\Boot\\Windows\\Release_AES\\BootLoader.com.gz" -IDR_BOOT_LOADER_SERPENT BIN "..\\Boot\\Windows\\Release_Serpent\\BootLoader.com.gz" -IDR_BOOT_LOADER_TWOFISH BIN "..\\Boot\\Windows\\Release_Twofish\\BootLoader.com.gz" - -IDR_BOOT_SECTOR_SHA2 BIN "..\\Boot\\Windows\\Release_SHA2\\BootSector.bin" -IDR_BOOT_SECTOR_AES_SHA2 BIN "..\\Boot\\Windows\\Release_AES_SHA2\\BootSector.bin" -IDR_BOOT_SECTOR_SERPENT_SHA2 BIN "..\\Boot\\Windows\\Release_Serpent_SHA2\\BootSector.bin" -IDR_BOOT_SECTOR_TWOFISH_SHA2 BIN "..\\Boot\\Windows\\Release_Twofish_SHA2\\BootSector.bin" -IDR_BOOT_LOADER_SHA2 BIN "..\\Boot\\Windows\\Release_SHA2\\BootLoader.com.gz" -IDR_BOOT_LOADER_AES_SHA2 BIN "..\\Boot\\Windows\\Release_AES_SHA2\\BootLoader.com.gz" -IDR_BOOT_LOADER_SERPENT_SHA2 BIN "..\\Boot\\Windows\\Release_Serpent_SHA2\\BootLoader.com.gz" -IDR_BOOT_LOADER_TWOFISH_SHA2 BIN "..\\Boot\\Windows\\Release_Twofish_SHA2\\BootLoader.com.gz" - - -IDR_RESCUE_BOOT_SECTOR BIN "..\\Boot\\Windows\\Rescue\\BootSector.bin" -IDR_RESCUE_BOOT_SECTOR_AES BIN "..\\Boot\\Windows\\Rescue_AES\\BootSector.bin" -IDR_RESCUE_BOOT_SECTOR_SERPENT BIN "..\\Boot\\Windows\\Rescue_Serpent\\BootSector.bin" -IDR_RESCUE_BOOT_SECTOR_TWOFISH BIN "..\\Boot\\Windows\\Rescue_Twofish\\BootSector.bin" -IDR_RESCUE_LOADER BIN "..\\Boot\\Windows\\Rescue\\BootLoader.com.gz" -IDR_RESCUE_LOADER_AES BIN "..\\Boot\\Windows\\Rescue_AES\\BootLoader.com.gz" -IDR_RESCUE_LOADER_SERPENT BIN "..\\Boot\\Windows\\Rescue_Serpent\\BootLoader.com.gz" -IDR_RESCUE_LOADER_TWOFISH BIN "..\\Boot\\Windows\\Rescue_Twofish\\BootLoader.com.gz" - -IDR_RESCUE_BOOT_SECTOR_SHA2 BIN "..\\Boot\\Windows\\Rescue_SHA2\\BootSector.bin" -IDR_RESCUE_BOOT_SECTOR_AES_SHA2 BIN "..\\Boot\\Windows\\Rescue_AES_SHA2\\BootSector.bin" -IDR_RESCUE_BOOT_SECTOR_SERPENT_SHA2 BIN "..\\Boot\\Windows\\Rescue_Serpent_SHA2\\BootSector.bin" -IDR_RESCUE_BOOT_SECTOR_TWOFISH_SHA2 BIN "..\\Boot\\Windows\\Rescue_Twofish_SHA2\\BootSector.bin" -IDR_RESCUE_LOADER_SHA2 BIN "..\\Boot\\Windows\\Rescue_SHA2\\BootLoader.com.gz" -IDR_RESCUE_LOADER_AES_SHA2 BIN "..\\Boot\\Windows\\Rescue_AES_SHA2\\BootLoader.com.gz" -IDR_RESCUE_LOADER_SERPENT_SHA2 BIN "..\\Boot\\Windows\\Rescue_Serpent_SHA2\\BootLoader.com.gz" -IDR_RESCUE_LOADER_TWOFISH_SHA2 BIN "..\\Boot\\Windows\\Rescue_Twofish_SHA2\\BootLoader.com.gz" - -///////////////////////////////////////////////////////////////////////////// -// -// XML -// - -IDR_LANGUAGE XML "..\\Common\\Language.xml" - -///////////////////////////////////////////////////////////////////////////// -// -// HEADER -// - -IDR_COMMON_RSRC_HEADER HEADER "..\\Common\\Resource.h" - -///////////////////////////////////////////////////////////////////////////// -// -// TEXT -// - -IDR_LICENSE TEXT "..\\Resources\\Texts\\License.rtf" - -#ifdef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// TEXTINCLUDE -// - -1 TEXTINCLUDE -BEGIN - "resource.h\0" -END - -2 TEXTINCLUDE -BEGIN - "#include ""afxres.h""\r\n" - "\0" -END - -3 TEXTINCLUDE -BEGIN - "\r\n" - "\0" -END - -#endif // APSTUDIO_INVOKED - - -///////////////////////////////////////////////////////////////////////////// -// -// Icon -// - -// Icon with lowest ID value placed first to ensure application icon -// remains consistent on all systems. -IDI_TRUECRYPT_ICON ICON "..\\Common\\VeraCrypt.ico" -IDI_TRUECRYPT_VOL_ICON ICON "..\\Common\\VeraCrypt_volume.ico" -IDI_TRUECRYPT_MOUNTED_ICON ICON "..\\Common\\VeraCrypt_mounted.ico" - -///////////////////////////////////////////////////////////////////////////// -// -// Bitmap -// - -IDB_TEXTUAL_LOGO_BKG BITMAP "..\\Common\\Textual_logo_background.bmp" -IDB_TEXTUAL_LOGO_96DPI BITMAP "..\\Common\\Textual_logo_96dpi.bmp" -IDB_TEXTUAL_LOGO_288DPI BITMAP "..\\Common\\Textual_logo_288dpi.bmp" -#endif // English (U.S.) resources -///////////////////////////////////////////////////////////////////////////// - - - -#ifndef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 3 resource. -// - - -///////////////////////////////////////////////////////////////////////////// -#endif // not APSTUDIO_INVOKED - +// Microsoft Visual C++ generated resource script. +// +#include "resource.h" + +#define APSTUDIO_READONLY_SYMBOLS +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 2 resource. +// +#include "afxres.h" + +///////////////////////////////////////////////////////////////////////////// +#undef APSTUDIO_READONLY_SYMBOLS + +///////////////////////////////////////////////////////////////////////////// +// English (U.S.) resources + +#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU) +#ifdef _WIN32 +LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US +#pragma code_page(1252) +#endif //_WIN32 + +///////////////////////////////////////////////////////////////////////////// +// +// Dialog +// + +IDD_ABOUT_DLG DIALOGEX 31, 51, 292, 199 +STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "About VeraCrypt" +CLASS "VeraCryptSplashDlg" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + EDITTEXT IDC_ABOUT_CREDITS,7,111,277,45,ES_MULTILINE | WS_VSCROLL | NOT WS_TABSTOP + DEFPUSHBUTTON "OK",IDOK,230,178,52,14 + LTEXT "",IDC_HOMEPAGE,18,87,117,9,SS_NOTIFY + LTEXT "",IDT_ABOUT_RELEASE,18,71,235,8 + CONTROL IDB_TEXTUAL_LOGO_BKG,IDC_ABOUT_BKG,"Static",SS_BITMAP,0,0,12,11,WS_EX_STATICEDGE + LTEXT "",IDT_ABOUT_VERSION,18,61,161,8 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,167,291,1,WS_EX_STATICEDGE + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,169,291,1,WS_EX_STATICEDGE + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,107,291,1,WS_EX_STATICEDGE + CONTROL "",IDC_ABOUT_LOGO_AREA,"Static",SS_GRAYRECT | NOT WS_VISIBLE,0,0,293,50,WS_EX_TRANSPARENT | WS_EX_STATICEDGE + CONTROL IDB_TEXTUAL_LOGO_96DPI,IDC_TEXTUAL_LOGO_IMG,"Static",SS_BITMAP,12,26,157,16 +END + +IDD_COMMANDHELP_DLG DIALOGEX 0, 0, 249, 289 +STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "Command Line Help" +CLASS "VeraCryptCustomDlg" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + DEFPUSHBUTTON "OK",IDOK,93,267,59,14 + LTEXT "",IDC_COMMANDHELP_TEXT,20,7,208,256 +END + +IDD_RAWDEVICES_DLG DIALOGEX 0, 0, 305, 209 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "Select a Partition or Device" +FONT 8, "MS Shell Dlg", 400, 0, 0x0 +BEGIN + CONTROL "",IDC_DEVICELIST,"SysListView32",LVS_REPORT | LVS_SINGLESEL | LVS_EDITLABELS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,7,291,178 + DEFPUSHBUTTON "OK",IDOK,192,190,50,14 + PUSHBUTTON "Cancel",IDCANCEL,248,190,50,14 +END + +IDD_MOUNT_OPTIONS DIALOGEX 0, 0, 277, 231 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - Mount Options" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "Mount volume as read-&only",IDC_MOUNT_READONLY,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,11,194,10 + CONTROL "Mount volume as removable &medium",IDC_MOUNT_REMOVABLE, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,25,195,10 + CONTROL "Use backup header embedded in &volume if available",IDC_USE_EMBEDDED_HEADER_BAK, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,39,257,11 + CONTROL "Mount partition &using system encryption without pre-boot authentication",IDC_MOUNT_SYSENC_PART_WITHOUT_PBA, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,53,259,11 + EDITTEXT IDC_VOLUME_LABEL,112,67,150,14,ES_AUTOHSCROLL + CONTROL "&Protect hidden volume against damage caused by writing to outer volume",IDC_PROTECT_HIDDEN_VOL, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,97,252,10 + EDITTEXT IDC_PASSWORD_PROT_HIDVOL,112,115,151,14,ES_PASSWORD | ES_AUTOHSCROLL + COMBOBOX IDC_PKCS5_PRF_ID,112,136,91,90,CBS_DROPDOWNLIST | WS_TABSTOP + EDITTEXT IDC_PIM,112,156,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE + CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,161,97,10 + LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,158,159,112,8,NOT WS_VISIBLE + CONTROL "&Display password",IDC_SHOW_PASSWORD_MO,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,174,90,10 + CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE_HIDVOL_PROT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,187,90,10 + PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,204,183,60,14 + DEFPUSHBUTTON "OK",IDOK,211,7,60,14 + PUSHBUTTON "Cancel",IDCANCEL,211,24,60,14 + LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,202,247,10,SS_NOTIFY + RTEXT "P&assword to hidden volume:\n(if empty, cache is used)",IDT_HIDDEN_PROT_PASSWD,15,114,91,17,0,WS_EX_RIGHT + GROUPBOX "Hidden Volume Protection",IDT_HIDDEN_VOL_PROTECTION,6,83,265,136 + RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,15,137,91,17 + RTEXT "Volume PIM:",IDT_PIM,15,159,91,17,NOT WS_VISIBLE + LTEXT "Volume Label in Windows:",IDT_VOLUME_LABEL,12,70,95,8 +END + +IDD_KEYFILES DIALOGEX 0, 0, 363, 251 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - Keyfiles" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "",IDC_KEYLIST,"SysListView32",LVS_REPORT | LVS_SHOWSELALWAYS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,8,275,118 + PUSHBUTTON "Add &Files...",IDC_KEYADD,7,132,61,14 + PUSHBUTTON "Add &Path...",IDC_ADD_KEYFILE_PATH,79,132,61,14 + PUSHBUTTON "Add &Token Files...",IDC_TOKEN_FILES_ADD,151,132,65,14 + PUSHBUTTON "&Remove",IDC_KEYREMOVE,227,132,61,14 + PUSHBUTTON "Remove &All",IDC_KEYREMOVEALL,299,132,61,14 + CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,7,232,105,11 + PUSHBUTTON "&Generate Random Keyfile...",IDC_GENERATE_KEYFILE,237,230,123,14 + DEFPUSHBUTTON "OK",IDOK,290,8,70,14 + PUSHBUTTON "Cancel",IDCANCEL,290,25,70,14 + LTEXT "",IDT_KEYFILES_NOTE,10,161,346,41,0,WS_EX_TRANSPARENT + LTEXT "WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile!",IDT_KEYFILE_WARNING,290,44,69,85,0,WS_EX_TRANSPARENT + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,154,361,1,WS_EX_STATICEDGE + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,209,361,1,WS_EX_STATICEDGE + LTEXT "More information on keyfiles",IDC_LINK_KEYFILES_INFO,119,233,113,10,SS_NOTIFY + CONTROL "Try first to mount with an empty password",IDC_KEYFILES_TRY_EMPTY_PASSWORD, + "Button",BS_AUTOCHECKBOX | NOT WS_VISIBLE | WS_TABSTOP,7,217,310,10 +END + +IDD_LANGUAGE DIALOGEX 0, 0, 209, 183 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - Language" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + LISTBOX IDC_LANGLIST,6,7,197,67,LBS_SORT | LBS_NOINTEGRALHEIGHT | WS_VSCROLL | WS_TABSTOP + EDITTEXT IDC_LANGPACK_CREDITS,6,108,197,28,ES_MULTILINE | ES_READONLY | WS_VSCROLL | NOT WS_TABSTOP + CTEXT "Download language pack",IDC_GET_LANG_PACKS,2,146,205,10,SS_NOTIFY + DEFPUSHBUTTON "OK",IDOK,97,165,50,14 + PUSHBUTTON "Cancel",IDCANCEL,153,165,50,14 + LTEXT "Translated by:",IDT_LANGPACK_AUTHORS,6,99,101,9,SS_NOTIFY,WS_EX_TRANSPARENT + RTEXT "",IDC_LANGPACK_VERSION,79,86,118,11 + GROUPBOX "Active language pack",IDT_ACTIVE_LANG_PACK,0,77,209,65 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,158,208,1,WS_EX_STATICEDGE +END + +IDD_BENCHMARK_DLG DIALOGEX 0, 0, 330, 223 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - Encryption Algorithm Benchmark" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + COMBOBOX IDC_BENCHMARK_BUFFER_SIZE,55,7,77,129,CBS_DROPDOWNLIST | CBS_AUTOHSCROLL | WS_VSCROLL | WS_TABSTOP + COMBOBOX IDC_BENCHMARK_SORT_METHOD,207,7,116,74,CBS_DROPDOWNLIST | CBS_AUTOHSCROLL | WS_VSCROLL | WS_TABSTOP + CONTROL "",IDC_RESULTS,"SysListView32",LVS_REPORT | LVS_SINGLESEL | LVS_SHOWSELALWAYS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,37,249,160 + DEFPUSHBUTTON "Benchmark",IDC_PERFORM_BENCHMARK,265,37,58,14 + PUSHBUTTON "Close",IDCLOSE,265,55,58,14 + LTEXT "Hardware-accelerated AES:",IDC_HW_AES_LABEL_LINK,148,210,108,9,SS_NOTIFY,WS_EX_RIGHT + CONTROL "",IDC_HW_AES,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,262,209,57,11,WS_EX_STATICEDGE + LTEXT "Parallelization:",IDC_PARALLELIZATION_LABEL_LINK,4,210,67,9,SS_NOTIFY,WS_EX_RIGHT + CONTROL "",IDC_PARALLELIZATION,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,77,209,57,11,WS_EX_STATICEDGE + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,29,328,1,WS_EX_STATICEDGE + LTEXT "Buffer Size:",IDT_BUFFER_SIZE,0,9,53,8,0,WS_EX_RIGHT + LTEXT "Sort Method:",IDT_SORT_METHOD,135,9,70,8,0,WS_EX_RIGHT + LTEXT "Speed is affected by CPU load and storage device characteristics.\n\nThese tests take place in RAM.",IDT_BOX_BENCHMARK_INFO,266,81,57,116 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,205,328,1,WS_EX_STATICEDGE +END + +IDD_CIPHER_TEST_DLG DIALOGEX 0, 0, 326, 249 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - Test Vectors" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + COMBOBOX IDC_CIPHER,109,10,104,126,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP + EDITTEXT IDC_KEY,8,36,309,14,ES_AUTOHSCROLL + COMBOBOX IDC_KEY_SIZE,67,55,42,68,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP + EDITTEXT IDC_SECONDARY_KEY,8,93,309,14,ES_AUTOHSCROLL + EDITTEXT IDC_TEST_DATA_UNIT_NUMBER,8,118,84,14,ES_AUTOHSCROLL + CONTROL "XTS mode",IDC_XTS_MODE_ENABLED,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,221,12,95,10 + EDITTEXT IDC_PLAINTEXT,8,151,159,14,ES_AUTOHSCROLL + COMBOBOX IDC_PLAINTEXT_SIZE,258,151,36,30,CBS_DROPDOWNLIST | WS_DISABLED | WS_VSCROLL | WS_TABSTOP + EDITTEXT IDC_CIPHERTEXT,8,185,159,14,ES_AUTOHSCROLL + DEFPUSHBUTTON "&Encrypt",IDC_ENCRYPT,8,229,52,14 + PUSHBUTTON "&Decrypt",IDC_DECRYPT,65,229,52,14 + PUSHBUTTON "&Auto-Test All",IDC_AUTO,129,229,67,14,BS_MULTILINE + PUSHBUTTON "&Reset",IDC_RESET,208,229,52,14 + PUSHBUTTON "Close",IDCLOSE,266,229,52,14 + GROUPBOX "Key (hexadecimal)",IDT_TEST_KEY,1,26,323,49 + GROUPBOX "Plaintext (hexadecimal)",IDT_TEST_PLAINTEXT,1,140,323,33 + GROUPBOX "Ciphertext (hexadecimal)",IDT_TEST_CIPHERTEXT,1,174,323,33 + RTEXT "",IDC_TESTS_MESSAGE,50,213,178,10 + CONTROL "",IDC_REDTICK,"VCREDTICK",0x0,234,214,10,8 + RTEXT "Key size:",IDT_KEY,8,57,56,8 + RTEXT "Plaintext size:",IDT_PLAINTEXT,174,153,79,8 + LTEXT "bits",IDT_KEY_UNIT,114,57,45,8 + RTEXT "Cipher:",IDT_CIPHER,38,13,68,8 + LTEXT "bits",IDT_PLAINTEXT_SIZE_UNIT,298,153,22,8 + GROUPBOX "XTS mode",IDT_XTS_MODE,1,75,323,65 + LTEXT "Secondary key (hexadecimal)",IDT_SECONDARY_KEY,8,84,187,8 + LTEXT "Data unit number (64-bit hexadecimal, data unit size is 512 bytes)",IDT_TEST_DATA_UNIT_NUMBER,8,109,308,8 + RTEXT "Block number:",IDT_TEST_BLOCK_NUMBER,134,122,119,8 + COMBOBOX IDC_TEST_BLOCK_NUMBER,258,119,36,126,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP +END + +IDD_TEXT_INFO_DIALOG_BOX_DLG DIALOGEX 0, 0, 372, 220 +STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + DEFPUSHBUTTON "OK",IDOK,305,200,58,14 + PUSHBUTTON "&Print",IDC_PRINT,156,200,58,14 + CONTROL "",IDC_INFO_BOX_TEXT,"RichEdit20W",ES_MULTILINE | ES_READONLY | ES_NUMBER | WS_BORDER | WS_VSCROLL | WS_TABSTOP,5,6,361,188 +END + +IDD_KEYFILE_GENERATOR DIALOGEX 0, 0, 357, 362 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - Keyfile Generator" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + DEFPUSHBUTTON "Close",IDCLOSE,291,10,59,14 + COMBOBOX IDC_PRF_ID,97,49,91,90,CBS_DROPDOWNLIST | WS_TABSTOP + CONTROL "Display pool content",IDC_DISPLAY_POOL_CONTENTS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,209,51,141,10 + EDITTEXT IDC_NUMBER_KEYFILES,124,278,51,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER + EDITTEXT IDC_KEYFILES_SIZE,124,298,51,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER + CONTROL "Random size ( 64 <-> 1048576 )",IDC_KEYFILES_RANDOM_SIZE, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,181,300,174,10 + EDITTEXT IDC_KEYFILES_BASE_NAME,124,318,141,14,ES_AUTOHSCROLL + PUSHBUTTON "Generate and Save Keyfile...",IDC_GENERATE_AND_SAVE_KEYFILE,124,336,141,14 + LTEXT "IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile.",IDT_KEYFILE_GENERATOR_NOTE,11,5,271,33 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,40,356,1,WS_EX_STATICEDGE + RTEXT "Mixing PRF:",IDT_PRF,7,51,85,10,SS_CENTERIMAGE + GROUPBOX "Current Pool Content",IDT_POOL_CONTENTS,6,70,344,170 + CTEXT "",IDC_POOL_CONTENTS,16,83,323,148,0,WS_EX_TRANSPARENT + RTEXT "Number of keyfiles:",IDT_NUMBER_KEYFILES,9,281,110,8 + RTEXT "Keyfiles base name:",IDT_KEYFILES_BASE_NAME,9,321,110,8 + RTEXT "Keyfiles size (in Bytes):",IDT_KEYFILES_SIZE,9,300,110,8 + CONTROL "",IDC_ENTROPY_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,18,255,321,12 + GROUPBOX "Randomness Collected From Mouse Movements",IDT_ENTROPY_BAR,6,244,344,29 +END + +IDD_MULTI_CHOICE_DLG DIALOGEX 0, 0, 167, 322 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + PUSHBUTTON "",IDC_CHOICE10,7,292,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE + PUSHBUTTON "",IDC_CHOICE9,7,268,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE + PUSHBUTTON "",IDC_CHOICE8,7,244,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE + PUSHBUTTON "",IDC_CHOICE7,7,220,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE + PUSHBUTTON "",IDC_CHOICE6,7,196,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE + PUSHBUTTON "",IDC_CHOICE5,7,172,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE + PUSHBUTTON "",IDC_CHOICE4,7,148,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE + PUSHBUTTON "",IDC_CHOICE3,7,124,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE + PUSHBUTTON "",IDC_CHOICE2,7,100,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE + PUSHBUTTON "",IDC_CHOICE1,7,76,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE + LTEXT "",IDC_MULTI_CHOICE_MSG,7,7,153,56,0,WS_EX_TRANSPARENT + CONTROL "",IDC_MC_DLG_HR2,"Static",SS_ETCHEDHORZ,0,69,168,1,WS_EX_STATICEDGE + CONTROL "",IDC_MC_DLG_HR1,"Static",SS_ETCHEDHORZ,0,1,168,1,WS_EX_STATICEDGE +END + +IDD_AUXILIARY_DLG DIALOGEX 0, 0, 426, 296 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_NOFAILCREATE | WS_POPUP +EXSTYLE WS_EX_TRANSPARENT +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + LTEXT "",IDC_ASPECT_RATIO_CALIBRATION_BOX,3,2,282,282,WS_DISABLED +END + +IDD_TOKEN_PASSWORD DIALOGEX 0, 0, 281, 47 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "Security token password/PIN required" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + EDITTEXT IDC_TOKEN_PASSWORD,8,20,199,14,ES_PASSWORD | ES_AUTOHSCROLL + DEFPUSHBUTTON "OK",IDOK,215,7,59,14 + PUSHBUTTON "Cancel",IDCANCEL,215,25,59,14 + LTEXT "",IDT_TOKEN_PASSWORD_INFO,9,8,196,8 +END + +IDD_TOKEN_KEYFILES DIALOGEX 0, 0, 337, 185 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "Security Token Keyfiles" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "",IDC_TOKEN_FILE_LIST,"SysListView32",LVS_REPORT | LVS_SHOWSELALWAYS | LVS_EDITLABELS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,7,256,152 + PUSHBUTTON "&Export...",IDC_EXPORT,7,164,55,14 + PUSHBUTTON "&Delete",IDC_DELETE,66,164,55,14 + PUSHBUTTON "&Import Keyfile to Token...",IDC_IMPORT_KEYFILE,126,164,137,14 + DEFPUSHBUTTON "OK",IDOK,271,7,59,14 + PUSHBUTTON "Cancel",IDCANCEL,271,25,59,14 +END + +IDD_NEW_TOKEN_KEYFILE DIALOGEX 0, 0, 239, 82 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "New Security Token Keyfile Properties" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + DEFPUSHBUTTON "OK",IDOK,128,61,50,14 + PUSHBUTTON "Cancel",IDCANCEL,183,61,50,14 + COMBOBOX IDC_SELECTED_TOKEN,77,13,140,43,CBS_DROPDOWNLIST | CBS_SORT | WS_VSCROLL | WS_TABSTOP + LTEXT "Security token:",IDT_SECURITY_TOKEN,11,15,62,8,0,WS_EX_RIGHT + LTEXT "Keyfile name:",IDT_TOKEN_KEYFILE_NAME,12,34,61,8,0,WS_EX_RIGHT + EDITTEXT IDC_TOKEN_KEYFILE_NAME,77,32,140,13,ES_AUTOHSCROLL + GROUPBOX "",IDC_STATIC,5,2,228,51 +END + +IDD_RANDOM_POOL_ENRICHMENT DIALOGEX 0, 0, 308, 301 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - Random Pool Enrichment" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + DEFPUSHBUTTON "&Continue",IDC_CONTINUE,119,278,71,14 + COMBOBOX IDC_PRF_ID,79,49,91,90,CBS_DROPDOWNLIST | WS_TABSTOP + LTEXT "IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'.",IDT_RANDOM_POOL_ENRICHMENT_NOTE,11,6,282,25 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,37,307,1,WS_EX_STATICEDGE + RTEXT "Mixing PRF:",IDT_PRF,6,51,67,10,SS_CENTERIMAGE + GROUPBOX "Current Pool Content",IDT_POOL_CONTENTS,6,70,296,170 + CONTROL "",IDC_POOL_CONTENTS,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,16,83,282,148,WS_EX_TRANSPARENT + CONTROL "Display pool content",IDC_DISPLAY_POOL_CONTENTS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,191,51,111,10 + CONTROL "",IDC_ENTROPY_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,16,255,275,12 + GROUPBOX "Randomness Collected From Mouse Movements",IDT_ENTROPY_BAR,7,244,294,29 +END + +IDD_STATIC_MODELESS_WAIT_DLG DIALOGEX 0, 0, 292, 42 +STYLE DS_SYSMODAL | DS_SETFONT | DS_MODALFRAME | DS_SETFOREGROUND | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION +EXSTYLE WS_EX_TOPMOST | WS_EX_TOOLWINDOW +CAPTION "VeraCrypt" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + LTEXT "Please wait. This process may take a long time...",IDT_STATIC_MODELESS_WAIT_DLG_INFO,9,8,274,9 +END + +IDD_STATIC_MODAL_WAIT_DLG DIALOGEX 0, 0, 292, 74 +STYLE DS_SETFONT | DS_MODALFRAME | DS_SETFOREGROUND | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION +CAPTION "VeraCrypt" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + CTEXT "Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive.",IDT_STATIC_MODAL_WAIT_DLG_INFO,9,11,274,33 + CONTROL "",IDC_WAIT_PROGRESS_BAR,"msctls_progress32",WS_BORDER,7,49,278,14 +END + + +///////////////////////////////////////////////////////////////////////////// +// +// DESIGNINFO +// + +#ifdef APSTUDIO_INVOKED +GUIDELINES DESIGNINFO +BEGIN + IDD_ABOUT_DLG, DIALOG + BEGIN + END + + IDD_COMMANDHELP_DLG, DIALOG + BEGIN + BOTTOMMARGIN, 281 + END + + IDD_RAWDEVICES_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 298 + TOPMARGIN, 7 + BOTTOMMARGIN, 205 + END + + IDD_MOUNT_OPTIONS, DIALOG + BEGIN + LEFTMARGIN, 7 + TOPMARGIN, 7 + BOTTOMMARGIN, 225 + END + + IDD_KEYFILES, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 345 + TOPMARGIN, 7 + BOTTOMMARGIN, 244 + END + + IDD_LANGUAGE, DIALOG + BEGIN + LEFTMARGIN, 6 + RIGHTMARGIN, 202 + TOPMARGIN, 7 + BOTTOMMARGIN, 176 + END + + IDD_BENCHMARK_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 323 + TOPMARGIN, 7 + BOTTOMMARGIN, 216 + END + + IDD_CIPHER_TEST_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 319 + TOPMARGIN, 7 + BOTTOMMARGIN, 242 + END + + IDD_TEXT_INFO_DIALOG_BOX_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 365 + TOPMARGIN, 7 + BOTTOMMARGIN, 213 + END + + IDD_KEYFILE_GENERATOR, DIALOG + BEGIN + LEFTMARGIN, 7 + TOPMARGIN, 7 + BOTTOMMARGIN, 358 + END + + IDD_MULTI_CHOICE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 160 + TOPMARGIN, 7 + BOTTOMMARGIN, 316 + END + + IDD_AUXILIARY_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 419 + TOPMARGIN, 7 + BOTTOMMARGIN, 289 + END + + IDD_TOKEN_PASSWORD, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 274 + TOPMARGIN, 7 + BOTTOMMARGIN, 40 + END + + IDD_TOKEN_KEYFILES, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 330 + TOPMARGIN, 7 + BOTTOMMARGIN, 178 + END + + IDD_NEW_TOKEN_KEYFILE, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 232 + TOPMARGIN, 7 + BOTTOMMARGIN, 75 + END + + IDD_RANDOM_POOL_ENRICHMENT, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 301 + TOPMARGIN, 7 + BOTTOMMARGIN, 298 + END + + IDD_STATIC_MODELESS_WAIT_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 285 + TOPMARGIN, 7 + BOTTOMMARGIN, 35 + END + + IDD_STATIC_MODAL_WAIT_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 285 + TOPMARGIN, 7 + BOTTOMMARGIN, 67 + END +END +#endif // APSTUDIO_INVOKED + + +///////////////////////////////////////////////////////////////////////////// +// +// BIN +// + +IDR_BOOT_SECTOR BIN "..\\Boot\\Windows\\Release\\BootSector.bin" +IDR_BOOT_SECTOR_AES BIN "..\\Boot\\Windows\\Release_AES\\BootSector.bin" +IDR_BOOT_SECTOR_SERPENT BIN "..\\Boot\\Windows\\Release_Serpent\\BootSector.bin" +IDR_BOOT_SECTOR_TWOFISH BIN "..\\Boot\\Windows\\Release_Twofish\\BootSector.bin" +IDR_BOOT_LOADER_DECOMPRESSOR BIN "..\\Boot\\Windows\\Release\\Decompressor.com" +IDR_BOOT_LOADER BIN "..\\Boot\\Windows\\Release\\BootLoader.com.gz" +IDR_BOOT_LOADER_AES BIN "..\\Boot\\Windows\\Release_AES\\BootLoader.com.gz" +IDR_BOOT_LOADER_SERPENT BIN "..\\Boot\\Windows\\Release_Serpent\\BootLoader.com.gz" +IDR_BOOT_LOADER_TWOFISH BIN "..\\Boot\\Windows\\Release_Twofish\\BootLoader.com.gz" + +IDR_BOOT_SECTOR_SHA2 BIN "..\\Boot\\Windows\\Release_SHA2\\BootSector.bin" +IDR_BOOT_SECTOR_AES_SHA2 BIN "..\\Boot\\Windows\\Release_AES_SHA2\\BootSector.bin" +IDR_BOOT_SECTOR_SERPENT_SHA2 BIN "..\\Boot\\Windows\\Release_Serpent_SHA2\\BootSector.bin" +IDR_BOOT_SECTOR_TWOFISH_SHA2 BIN "..\\Boot\\Windows\\Release_Twofish_SHA2\\BootSector.bin" +IDR_BOOT_LOADER_SHA2 BIN "..\\Boot\\Windows\\Release_SHA2\\BootLoader.com.gz" +IDR_BOOT_LOADER_AES_SHA2 BIN "..\\Boot\\Windows\\Release_AES_SHA2\\BootLoader.com.gz" +IDR_BOOT_LOADER_SERPENT_SHA2 BIN "..\\Boot\\Windows\\Release_Serpent_SHA2\\BootLoader.com.gz" +IDR_BOOT_LOADER_TWOFISH_SHA2 BIN "..\\Boot\\Windows\\Release_Twofish_SHA2\\BootLoader.com.gz" + + +IDR_RESCUE_BOOT_SECTOR BIN "..\\Boot\\Windows\\Rescue\\BootSector.bin" +IDR_RESCUE_BOOT_SECTOR_AES BIN "..\\Boot\\Windows\\Rescue_AES\\BootSector.bin" +IDR_RESCUE_BOOT_SECTOR_SERPENT BIN "..\\Boot\\Windows\\Rescue_Serpent\\BootSector.bin" +IDR_RESCUE_BOOT_SECTOR_TWOFISH BIN "..\\Boot\\Windows\\Rescue_Twofish\\BootSector.bin" +IDR_RESCUE_LOADER BIN "..\\Boot\\Windows\\Rescue\\BootLoader.com.gz" +IDR_RESCUE_LOADER_AES BIN "..\\Boot\\Windows\\Rescue_AES\\BootLoader.com.gz" +IDR_RESCUE_LOADER_SERPENT BIN "..\\Boot\\Windows\\Rescue_Serpent\\BootLoader.com.gz" +IDR_RESCUE_LOADER_TWOFISH BIN "..\\Boot\\Windows\\Rescue_Twofish\\BootLoader.com.gz" + +IDR_RESCUE_BOOT_SECTOR_SHA2 BIN "..\\Boot\\Windows\\Rescue_SHA2\\BootSector.bin" +IDR_RESCUE_BOOT_SECTOR_AES_SHA2 BIN "..\\Boot\\Windows\\Rescue_AES_SHA2\\BootSector.bin" +IDR_RESCUE_BOOT_SECTOR_SERPENT_SHA2 BIN "..\\Boot\\Windows\\Rescue_Serpent_SHA2\\BootSector.bin" +IDR_RESCUE_BOOT_SECTOR_TWOFISH_SHA2 BIN "..\\Boot\\Windows\\Rescue_Twofish_SHA2\\BootSector.bin" +IDR_RESCUE_LOADER_SHA2 BIN "..\\Boot\\Windows\\Rescue_SHA2\\BootLoader.com.gz" +IDR_RESCUE_LOADER_AES_SHA2 BIN "..\\Boot\\Windows\\Rescue_AES_SHA2\\BootLoader.com.gz" +IDR_RESCUE_LOADER_SERPENT_SHA2 BIN "..\\Boot\\Windows\\Rescue_Serpent_SHA2\\BootLoader.com.gz" +IDR_RESCUE_LOADER_TWOFISH_SHA2 BIN "..\\Boot\\Windows\\Rescue_Twofish_SHA2\\BootLoader.com.gz" + +///////////////////////////////////////////////////////////////////////////// +// +// XML +// + +IDR_LANGUAGE XML "..\\Common\\Language.xml" + +///////////////////////////////////////////////////////////////////////////// +// +// HEADER +// + +IDR_COMMON_RSRC_HEADER HEADER "..\\Common\\Resource.h" + +///////////////////////////////////////////////////////////////////////////// +// +// TEXT +// + +IDR_LICENSE TEXT "..\\Resources\\Texts\\License.rtf" + +#ifdef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// TEXTINCLUDE +// + +1 TEXTINCLUDE +BEGIN + "resource.h\0" +END + +2 TEXTINCLUDE +BEGIN + "#include ""afxres.h""\r\n" + "\0" +END + +3 TEXTINCLUDE +BEGIN + "\r\n" + "\0" +END + +#endif // APSTUDIO_INVOKED + + +///////////////////////////////////////////////////////////////////////////// +// +// Icon +// + +// Icon with lowest ID value placed first to ensure application icon +// remains consistent on all systems. +IDI_TRUECRYPT_ICON ICON "..\\Common\\VeraCrypt.ico" +IDI_TRUECRYPT_VOL_ICON ICON "..\\Common\\VeraCrypt_volume.ico" +IDI_TRUECRYPT_MOUNTED_ICON ICON "..\\Common\\VeraCrypt_mounted.ico" + +///////////////////////////////////////////////////////////////////////////// +// +// Bitmap +// + +IDB_TEXTUAL_LOGO_BKG BITMAP "..\\Common\\Textual_logo_background.bmp" +IDB_TEXTUAL_LOGO_96DPI BITMAP "..\\Common\\Textual_logo_96dpi.bmp" +IDB_TEXTUAL_LOGO_288DPI BITMAP "..\\Common\\Textual_logo_288dpi.bmp" +#endif // English (U.S.) resources +///////////////////////////////////////////////////////////////////////////// + + + +#ifndef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 3 resource. +// + + +///////////////////////////////////////////////////////////////////////////// +#endif // not APSTUDIO_INVOKED + diff --git a/src/Common/Crc.c b/src/Common/Crc.c index b66b86ca..ba8777e6 100644 --- a/src/Common/Crc.c +++ b/src/Common/Crc.c @@ -1,135 +1,135 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" -#include "Crc.h" -#include "Common/Endian.h" - -#ifndef TC_MINIMIZE_CODE_SIZE - -/* CRC polynomial 0x04c11db7 */ -unsigned __int32 crc_32_tab[]= -{ - 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3, - 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, - 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, - 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5, - 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, - 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59, - 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f, - 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, - 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433, - 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01, - 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, - 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65, - 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, - 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, - 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f, - 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, - 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, - 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, - 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7, - 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, - 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b, - 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79, - 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, - 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d, - 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713, - 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, - 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777, - 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, - 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, - 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9, - 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf, - 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d -}; - -unsigned __int32 GetCrc32 (unsigned char *data, int length) -{ - unsigned __int32 CRC = 0xffffffff; - - while (length--) - { - CRC = (CRC >> 8) ^ crc_32_tab[ (CRC ^ *data++) & 0xFF ]; - } - - return CRC ^ 0xffffffff; -} - -unsigned __int32 crc32int (unsigned __int32 *data) -{ - unsigned char *d = (unsigned char *) data; - unsigned __int32 CRC = 0xffffffff; - - CRC = (CRC >> 8) ^ crc_32_tab[ (CRC ^ *d++) & 0xFF ]; - CRC = (CRC >> 8) ^ crc_32_tab[ (CRC ^ *d++) & 0xFF ]; - CRC = (CRC >> 8) ^ crc_32_tab[ (CRC ^ *d++) & 0xFF ]; - return (CRC >> 8) ^ crc_32_tab[ (CRC ^ *d) & 0xFF ] ^ 0xffffffff; -} - -#if BYTE_ORDER == LITTLE_ENDIAN -# define CRC_SELFTEST 0x6fcf9e13 -#else -# define CRC_SELFTEST 0xca87914d -#endif - -BOOL crc32_selftests (void) -{ - int i; - unsigned __int32 crc = 0xffffffff; - BOOL bSuccess = FALSE; - - for (i = 0; i < (int)sizeof(crc_32_tab); i++) - crc = UPDC32 (((unsigned char *) crc_32_tab)[i], crc); - - bSuccess = CRC_SELFTEST == (crc ^ 0xffffffff); - - bSuccess &= GetCrc32 ((unsigned char *)crc_32_tab, sizeof crc_32_tab) == CRC_SELFTEST; - - return bSuccess; -} - -#else // TC_MINIMIZE_CODE_SIZE - -unsigned __int32 GetCrc32 (unsigned char *data, int length) -{ - unsigned __int32 r = 0xFFFFFFFFUL; - int i, b; - - for (i = 0; i < length; ++i) - { - r ^= data[i]; - for (b = 0; b < 8; ++b) - { - if ((unsigned __int8) r & 1) - r = (r >> 1) ^ 0xEDB88320UL; - else - r >>= 1; - } - } - - return r ^ 0xFFFFFFFFUL; -} - -BOOL crc32_selftests () -{ - unsigned __int8 testData[32]; - unsigned __int8 i; - - for (i = 0; i < sizeof (testData); ++i) - testData[i] = i; - - return GetCrc32 (testData, sizeof (testData)) == 0x91267E8AUL; -} - -#endif // TC_MINIMIZE_CODE_SIZE +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" +#include "Crc.h" +#include "Common/Endian.h" + +#ifndef TC_MINIMIZE_CODE_SIZE + +/* CRC polynomial 0x04c11db7 */ +unsigned __int32 crc_32_tab[]= +{ + 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3, + 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, + 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, + 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5, + 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, + 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59, + 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f, + 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, + 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433, + 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01, + 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, + 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65, + 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, + 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, + 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f, + 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, + 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, + 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, + 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7, + 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, + 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b, + 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79, + 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, + 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d, + 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713, + 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, + 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777, + 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, + 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, + 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9, + 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf, + 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d +}; + +unsigned __int32 GetCrc32 (unsigned char *data, int length) +{ + unsigned __int32 CRC = 0xffffffff; + + while (length--) + { + CRC = (CRC >> 8) ^ crc_32_tab[ (CRC ^ *data++) & 0xFF ]; + } + + return CRC ^ 0xffffffff; +} + +unsigned __int32 crc32int (unsigned __int32 *data) +{ + unsigned char *d = (unsigned char *) data; + unsigned __int32 CRC = 0xffffffff; + + CRC = (CRC >> 8) ^ crc_32_tab[ (CRC ^ *d++) & 0xFF ]; + CRC = (CRC >> 8) ^ crc_32_tab[ (CRC ^ *d++) & 0xFF ]; + CRC = (CRC >> 8) ^ crc_32_tab[ (CRC ^ *d++) & 0xFF ]; + return (CRC >> 8) ^ crc_32_tab[ (CRC ^ *d) & 0xFF ] ^ 0xffffffff; +} + +#if BYTE_ORDER == LITTLE_ENDIAN +# define CRC_SELFTEST 0x6fcf9e13 +#else +# define CRC_SELFTEST 0xca87914d +#endif + +BOOL crc32_selftests (void) +{ + int i; + unsigned __int32 crc = 0xffffffff; + BOOL bSuccess = FALSE; + + for (i = 0; i < (int)sizeof(crc_32_tab); i++) + crc = UPDC32 (((unsigned char *) crc_32_tab)[i], crc); + + bSuccess = CRC_SELFTEST == (crc ^ 0xffffffff); + + bSuccess &= GetCrc32 ((unsigned char *)crc_32_tab, sizeof crc_32_tab) == CRC_SELFTEST; + + return bSuccess; +} + +#else // TC_MINIMIZE_CODE_SIZE + +unsigned __int32 GetCrc32 (unsigned char *data, int length) +{ + unsigned __int32 r = 0xFFFFFFFFUL; + int i, b; + + for (i = 0; i < length; ++i) + { + r ^= data[i]; + for (b = 0; b < 8; ++b) + { + if ((unsigned __int8) r & 1) + r = (r >> 1) ^ 0xEDB88320UL; + else + r >>= 1; + } + } + + return r ^ 0xFFFFFFFFUL; +} + +BOOL crc32_selftests () +{ + unsigned __int8 testData[32]; + unsigned __int8 i; + + for (i = 0; i < sizeof (testData); ++i) + testData[i] = i; + + return GetCrc32 (testData, sizeof (testData)) == 0x91267E8AUL; +} + +#endif // TC_MINIMIZE_CODE_SIZE diff --git a/src/Common/Crc.h b/src/Common/Crc.h index 531a0383..c89a6191 100644 --- a/src/Common/Crc.h +++ b/src/Common/Crc.h @@ -1,37 +1,37 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifndef TC_HEADER_CRC -#define TC_HEADER_CRC - -#include "Tcdefs.h" - -#if defined(__cplusplus) -extern "C" -{ -#endif - -#define UPDC32(octet, crc)\ - (unsigned __int32)((crc_32_tab[(((unsigned __int32)(crc)) ^ ((unsigned char)(octet))) & 0xff] ^ (((unsigned __int32)(crc)) >> 8))) - -unsigned __int32 GetCrc32 (unsigned char *data, int length); -unsigned __int32 crc32int (unsigned __int32 *data); -BOOL crc32_selftests (void); - -extern unsigned __int32 crc_32_tab[]; - -#if defined(__cplusplus) -} -#endif - -#endif // TC_HEADER_CRC +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifndef TC_HEADER_CRC +#define TC_HEADER_CRC + +#include "Tcdefs.h" + +#if defined(__cplusplus) +extern "C" +{ +#endif + +#define UPDC32(octet, crc)\ + (unsigned __int32)((crc_32_tab[(((unsigned __int32)(crc)) ^ ((unsigned char)(octet))) & 0xff] ^ (((unsigned __int32)(crc)) >> 8))) + +unsigned __int32 GetCrc32 (unsigned char *data, int length); +unsigned __int32 crc32int (unsigned __int32 *data); +BOOL crc32_selftests (void); + +extern unsigned __int32 crc_32_tab[]; + +#if defined(__cplusplus) +} +#endif + +#endif // TC_HEADER_CRC diff --git a/src/Common/Crypto.c b/src/Common/Crypto.c index d940a453..a524fd97 100644 --- a/src/Common/Crypto.c +++ b/src/Common/Crypto.c @@ -1,1058 +1,1058 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" -#include "Crypto.h" -#include "Xts.h" -#include "Crc.h" -#include "Common/Endian.h" -#include -#ifndef TC_WINDOWS_BOOT -#include "EncryptionThreadPool.h" -#endif -#include "Volumes.h" - -/* Update the following when adding a new cipher or EA: - - Crypto.h: - ID #define - MAX_EXPANDED_KEY #define - - Crypto.c: - Ciphers[] - EncryptionAlgorithms[] - CipherInit() - EncipherBlock() - DecipherBlock() - -*/ - -#ifndef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - -// Cipher configuration -static Cipher Ciphers[] = -{ -// Block Size Key Size Key Schedule Size -// ID Name (Bytes) (Bytes) (Bytes) -#ifdef TC_WINDOWS_BOOT - { AES, "AES", 16, 32, AES_KS }, - { SERPENT, "Serpent", 16, 32, 140*4 }, - { TWOFISH, "Twofish", 16, 32, TWOFISH_KS }, -#else - { AES, L"AES", 16, 32, AES_KS }, - { SERPENT, L"Serpent", 16, 32, 140*4 }, - { TWOFISH, L"Twofish", 16, 32, TWOFISH_KS }, -#endif - { 0, 0, 0, 0, 0 } -}; - - -// Encryption algorithm configuration -static EncryptionAlgorithm EncryptionAlgorithms[] = -{ - // Cipher(s) Modes FormatEnabled - -#ifndef TC_WINDOWS_BOOT - - { { 0, 0 }, { 0, 0}, 0 }, // Must be all-zero - { { AES, 0 }, { XTS, 0 }, 1 }, - { { SERPENT, 0 }, { XTS, 0 }, 1 }, - { { TWOFISH, 0 }, { XTS, 0 }, 1 }, - { { TWOFISH, AES, 0 }, { XTS, 0 }, 1 }, - { { SERPENT, TWOFISH, AES, 0 }, { XTS, 0 }, 1 }, - { { AES, SERPENT, 0 }, { XTS, 0 }, 1 }, - { { AES, TWOFISH, SERPENT, 0 }, { XTS, 0 }, 1 }, - { { SERPENT, TWOFISH, 0 }, { XTS, 0 }, 1 }, - { { 0, 0 }, { 0, 0}, 0 } // Must be all-zero - -#else // TC_WINDOWS_BOOT - - // Encryption algorithms available for boot drive encryption - { { 0, 0 }, { 0, 0 }, 0 }, // Must be all-zero - { { AES, 0 }, { XTS, 0 }, 1 }, - { { SERPENT, 0 }, { XTS, 0 }, 1 }, - { { TWOFISH, 0 }, { XTS, 0 }, 1 }, - { { TWOFISH, AES, 0 }, { XTS, 0 }, 1 }, - { { SERPENT, TWOFISH, AES, 0 }, { XTS, 0 }, 1 }, - { { AES, SERPENT, 0 }, { XTS, 0 }, 1 }, - { { AES, TWOFISH, SERPENT, 0 }, { XTS, 0 }, 1 }, - { { SERPENT, TWOFISH, 0 }, { XTS, 0 }, 1 }, - { { 0, 0 }, { 0, 0 }, 0 }, // Must be all-zero - -#endif - -}; - - -#ifndef TC_WINDOWS_BOOT -// Hash algorithms -static Hash Hashes[] = -{ // ID Name Deprecated System Encryption - { SHA512, L"SHA-512", FALSE, FALSE }, - { WHIRLPOOL, L"Whirlpool", FALSE, FALSE }, - { SHA256, L"SHA-256", FALSE, TRUE }, - { RIPEMD160, L"RIPEMD-160", TRUE, TRUE }, - { 0, 0, 0 } -}; -#endif - -/* Return values: 0 = success, ERR_CIPHER_INIT_FAILURE (fatal), ERR_CIPHER_INIT_WEAK_KEY (non-fatal) */ -int CipherInit (int cipher, unsigned char *key, unsigned __int8 *ks) -{ - int retVal = ERR_SUCCESS; - - switch (cipher) - { - case AES: -#ifndef TC_WINDOWS_BOOT - if (aes_encrypt_key256 (key, (aes_encrypt_ctx *) ks) != EXIT_SUCCESS) - return ERR_CIPHER_INIT_FAILURE; - - if (aes_decrypt_key256 (key, (aes_decrypt_ctx *) (ks + sizeof(aes_encrypt_ctx))) != EXIT_SUCCESS) - return ERR_CIPHER_INIT_FAILURE; -#else - if (aes_set_key (key, (length_type) CipherGetKeySize(AES), (aes_context *) ks) != 0) - return ERR_CIPHER_INIT_FAILURE; -#endif - break; - - case SERPENT: - serpent_set_key (key, ks); - break; - - case TWOFISH: - twofish_set_key ((TwofishInstance *)ks, (const u4byte *)key); - break; - - default: - // Unknown/wrong cipher ID - return ERR_CIPHER_INIT_FAILURE; - } - - return retVal; -} - -void EncipherBlock(int cipher, void *data, void *ks) -{ - switch (cipher) - { - case AES: - // In 32-bit kernel mode, due to KeSaveFloatingPointState() overhead, AES instructions can be used only when processing the whole data unit. -#if (defined (_WIN64) || !defined (TC_WINDOWS_DRIVER)) && !defined (TC_WINDOWS_BOOT) - if (IsAesHwCpuSupported()) - aes_hw_cpu_encrypt (ks, data); - else -#endif - aes_encrypt (data, data, ks); - break; - - case TWOFISH: twofish_encrypt (ks, data, data); break; - case SERPENT: serpent_encrypt (data, data, ks); break; - default: TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID - } -} - -#ifndef TC_WINDOWS_BOOT - -void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount) -{ - byte *data = dataPtr; -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KFLOATING_SAVE floatingPointState; -#endif - - if (cipher == AES - && (blockCount & (32 - 1)) == 0 - && IsAesHwCpuSupported() -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - && NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState)) -#endif - ) - { - while (blockCount > 0) - { - aes_hw_cpu_encrypt_32_blocks (ks, data); - - data += 32 * 16; - blockCount -= 32; - } - -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KeRestoreFloatingPointState (&floatingPointState); -#endif - } - else - { - size_t blockSize = CipherGetBlockSize (cipher); - while (blockCount-- > 0) - { - EncipherBlock (cipher, data, ks); - data += blockSize; - } - } -} - -#endif // !TC_WINDOWS_BOOT - -void DecipherBlock(int cipher, void *data, void *ks) -{ - switch (cipher) - { - case SERPENT: serpent_decrypt (data, data, ks); break; - case TWOFISH: twofish_decrypt (ks, data, data); break; -#ifndef TC_WINDOWS_BOOT - - case AES: -#if defined (_WIN64) || !defined (TC_WINDOWS_DRIVER) - if (IsAesHwCpuSupported()) - aes_hw_cpu_decrypt ((byte *) ks + sizeof (aes_encrypt_ctx), data); - else -#endif - aes_decrypt (data, data, (void *) ((char *) ks + sizeof(aes_encrypt_ctx))); - break; - -#else - case AES: aes_decrypt (data, data, ks); break; -#endif - default: TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID - } -} - -#ifndef TC_WINDOWS_BOOT - -void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount) -{ - byte *data = dataPtr; -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KFLOATING_SAVE floatingPointState; -#endif - - if (cipher == AES - && (blockCount & (32 - 1)) == 0 - && IsAesHwCpuSupported() -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - && NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState)) -#endif - ) - { - while (blockCount > 0) - { - aes_hw_cpu_decrypt_32_blocks ((byte *) ks + sizeof (aes_encrypt_ctx), data); - - data += 32 * 16; - blockCount -= 32; - } - -#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) - KeRestoreFloatingPointState (&floatingPointState); -#endif - } - else - { - size_t blockSize = CipherGetBlockSize (cipher); - while (blockCount-- > 0) - { - DecipherBlock (cipher, data, ks); - data += blockSize; - } - } -} - -#endif // !TC_WINDOWS_BOOT - - -// Ciphers support - -Cipher *CipherGet (int id) -{ - int i; - for (i = 0; Ciphers[i].Id != 0; i++) - if (Ciphers[i].Id == id) - return &Ciphers[i]; - - return NULL; -} - -#ifndef TC_WINDOWS_BOOT -const wchar_t *CipherGetName (int cipherId) -{ - Cipher* pCipher = CipherGet (cipherId); - return pCipher? pCipher -> Name : L""; -} -#endif - -int CipherGetBlockSize (int cipherId) -{ -#ifdef TC_WINDOWS_BOOT - return CipherGet (cipherId) -> BlockSize; -#else - Cipher* pCipher = CipherGet (cipherId); - return pCipher? pCipher -> BlockSize : 0; -#endif -} - -int CipherGetKeySize (int cipherId) -{ -#ifdef TC_WINDOWS_BOOT - return CipherGet (cipherId) -> KeySize; -#else - Cipher* pCipher = CipherGet (cipherId); - return pCipher? pCipher -> KeySize : 0; -#endif -} - -int CipherGetKeyScheduleSize (int cipherId) -{ -#ifdef TC_WINDOWS_BOOT - return CipherGet (cipherId) -> KeyScheduleSize; -#else - Cipher* pCipher = CipherGet (cipherId); - return pCipher? pCipher -> KeyScheduleSize : 0; -#endif -} - -#ifndef TC_WINDOWS_BOOT - -BOOL CipherSupportsIntraDataUnitParallelization (int cipher) -{ - return cipher == AES && IsAesHwCpuSupported(); -} - -#endif - - -// Encryption algorithms support - -int EAGetFirst () -{ - return 1; -} - -// Returns number of EAs -int EAGetCount (void) -{ - int ea, count = 0; - - for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea)) - { - count++; - } - return count; -} - -int EAGetNext (int previousEA) -{ - int id = previousEA + 1; - if (EncryptionAlgorithms[id].Ciphers[0] != 0) return id; - return 0; -} - - -// Return values: 0 = success, ERR_CIPHER_INIT_FAILURE (fatal), ERR_CIPHER_INIT_WEAK_KEY (non-fatal) -int EAInit (int ea, unsigned char *key, unsigned __int8 *ks) -{ - int c, retVal = ERR_SUCCESS; - - if (ea == 0) - return ERR_CIPHER_INIT_FAILURE; - - for (c = EAGetFirstCipher (ea); c != 0; c = EAGetNextCipher (ea, c)) - { - switch (CipherInit (c, key, ks)) - { - case ERR_CIPHER_INIT_FAILURE: - return ERR_CIPHER_INIT_FAILURE; - - case ERR_CIPHER_INIT_WEAK_KEY: - retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error - break; - } - - key += CipherGetKeySize (c); - ks += CipherGetKeyScheduleSize (c); - } - return retVal; -} - - -#ifndef TC_WINDOWS_BOOT - -BOOL EAInitMode (PCRYPTO_INFO ci) -{ - switch (ci->mode) - { - case XTS: - // Secondary key schedule - if (EAInit (ci->ea, ci->k2, ci->ks2) != ERR_SUCCESS) - return FALSE; - - /* Note: XTS mode could potentially be initialized with a weak key causing all blocks in one data unit - on the volume to be tweaked with zero tweaks (i.e. 512 bytes of the volume would be encrypted in ECB - mode). However, to create a TrueCrypt volume with such a weak key, each human being on Earth would have - to create approximately 11,378,125,361,078,862 (about eleven quadrillion) TrueCrypt volumes (provided - that the size of each of the volumes is 1024 terabytes). */ - break; - - default: - // Unknown/wrong ID - TC_THROW_FATAL_EXCEPTION; - } - return TRUE; -} - -static void EAGetDisplayName(wchar_t *buf, int ea, int i) -{ - wcscpy (buf, CipherGetName (i)); - if (i = EAGetPreviousCipher(ea, i)) - { - wcscat (buf, L"("); - EAGetDisplayName (&buf[wcslen(buf)], ea, i); - wcscat (buf, L")"); - } -} - -// Returns name of EA, cascaded cipher names are separated by hyphens -wchar_t *EAGetName (wchar_t *buf, int ea, int guiDisplay) -{ - if (guiDisplay) - { - EAGetDisplayName (buf, ea, EAGetLastCipher(ea)); - } - else - { - int i = EAGetLastCipher(ea); - wcscpy (buf, (i != 0) ? CipherGetName (i) : L"?"); - - while (i = EAGetPreviousCipher(ea, i)) - { - wcscat (buf, L"-"); - wcscat (buf, CipherGetName (i)); - } - } - return buf; -} - - -int EAGetByName (wchar_t *name) -{ - int ea = EAGetFirst (); - wchar_t n[128]; - - do - { - EAGetName (n, ea, 1); - if (_wcsicmp (n, name) == 0) - return ea; - } - while (ea = EAGetNext (ea)); - - return 0; -} - -#endif // TC_WINDOWS_BOOT - -// Returns sum of key sizes of all ciphers of the EA (in bytes) -int EAGetKeySize (int ea) -{ - int i = EAGetFirstCipher (ea); - int size = CipherGetKeySize (i); - - while (i = EAGetNextCipher (ea, i)) - { - size += CipherGetKeySize (i); - } - - return size; -} - - -// Returns the first mode of operation of EA -int EAGetFirstMode (int ea) -{ - return (EncryptionAlgorithms[ea].Modes[0]); -} - - -int EAGetNextMode (int ea, int previousModeId) -{ - int c, i = 0; - while (c = EncryptionAlgorithms[ea].Modes[i++]) - { - if (c == previousModeId) - return EncryptionAlgorithms[ea].Modes[i]; - } - - return 0; -} - - -#ifndef TC_WINDOWS_BOOT - -// Returns the name of the mode of operation of the whole EA -wchar_t *EAGetModeName (int ea, int mode, BOOL capitalLetters) -{ - switch (mode) - { - case XTS: - - return L"XTS"; - - } - return L"[unknown]"; -} - -#endif // TC_WINDOWS_BOOT - - -// Returns sum of key schedule sizes of all ciphers of the EA -int EAGetKeyScheduleSize (int ea) -{ - int i = EAGetFirstCipher(ea); - int size = CipherGetKeyScheduleSize (i); - - while (i = EAGetNextCipher(ea, i)) - { - size += CipherGetKeyScheduleSize (i); - } - - return size; -} - - -// Returns the largest key size needed by an EA for the specified mode of operation -int EAGetLargestKeyForMode (int mode) -{ - int ea, key = 0; - - for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea)) - { - if (!EAIsModeSupported (ea, mode)) - continue; - - if (EAGetKeySize (ea) >= key) - key = EAGetKeySize (ea); - } - return key; -} - - -// Returns the largest key needed by any EA for any mode -int EAGetLargestKey () -{ - int ea, key = 0; - - for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea)) - { - if (EAGetKeySize (ea) >= key) - key = EAGetKeySize (ea); - } - - return key; -} - - -// Returns number of ciphers in EA -int EAGetCipherCount (int ea) -{ - int i = 0; - while (EncryptionAlgorithms[ea].Ciphers[i++]); - - return i - 1; -} - - -int EAGetFirstCipher (int ea) -{ - return EncryptionAlgorithms[ea].Ciphers[0]; -} - - -int EAGetLastCipher (int ea) -{ - int c, i = 0; - while (c = EncryptionAlgorithms[ea].Ciphers[i++]); - - return EncryptionAlgorithms[ea].Ciphers[i - 2]; -} - - -int EAGetNextCipher (int ea, int previousCipherId) -{ - int c, i = 0; - while (c = EncryptionAlgorithms[ea].Ciphers[i++]) - { - if (c == previousCipherId) - return EncryptionAlgorithms[ea].Ciphers[i]; - } - - return 0; -} - - -int EAGetPreviousCipher (int ea, int previousCipherId) -{ - int c, i = 0; - - if (EncryptionAlgorithms[ea].Ciphers[i++] == previousCipherId) - return 0; - - while (c = EncryptionAlgorithms[ea].Ciphers[i++]) - { - if (c == previousCipherId) - return EncryptionAlgorithms[ea].Ciphers[i - 2]; - } - - return 0; -} - - -int EAIsFormatEnabled (int ea) -{ - return EncryptionAlgorithms[ea].FormatEnabled; -} - - -// Returns TRUE if the mode of operation is supported for the encryption algorithm -BOOL EAIsModeSupported (int ea, int testedMode) -{ - int mode; - - for (mode = EAGetFirstMode (ea); mode != 0; mode = EAGetNextMode (ea, mode)) - { - if (mode == testedMode) - return TRUE; - } - return FALSE; -} - -#ifndef TC_WINDOWS_BOOT -Hash *HashGet (int id) -{ - int i; - for (i = 0; Hashes[i].Id != 0; i++) - if (Hashes[i].Id == id) - return &Hashes[i]; - - return 0; -} - - -int HashGetIdByName (wchar_t *name) -{ - int i; - for (i = 0; Hashes[i].Id != 0; i++) - if (wcscmp (Hashes[i].Name, name) == 0) - return Hashes[i].Id; - - return 0; -} - -const wchar_t *HashGetName (int hashId) -{ - Hash* pHash = HashGet(hashId); - return pHash? pHash -> Name : L""; -} - -void HashGetName2 (wchar_t *buf, int hashId) -{ - Hash* pHash = HashGet(hashId); - if (pHash) - wcscpy(buf, pHash -> Name); - else - buf[0] = L'\0'; -} - -BOOL HashIsDeprecated (int hashId) -{ - Hash* pHash = HashGet(hashId); - return pHash? pHash -> Deprecated : FALSE; - -} - -BOOL HashForSystemEncryption (int hashId) -{ - Hash* pHash = HashGet(hashId); - return pHash? pHash -> SystemEncryption : FALSE; - -} - -// Returns the maximum number of bytes necessary to be generated by the PBKDF2 (PKCS #5) -int GetMaxPkcs5OutSize (void) -{ - int size = 32; - - size = max (size, EAGetLargestKeyForMode (XTS) * 2); // Sizes of primary + secondary keys - - return size; -} - -#endif - - -#endif // TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - - -#ifdef TC_WINDOWS_BOOT - -static byte CryptoInfoBufferInUse = 0; -CRYPTO_INFO CryptoInfoBuffer; - -#endif - -PCRYPTO_INFO crypto_open () -{ -#ifndef TC_WINDOWS_BOOT - - /* Do the crt allocation */ - PCRYPTO_INFO cryptoInfo = (PCRYPTO_INFO) TCalloc (sizeof (CRYPTO_INFO)); - if (cryptoInfo == NULL) - return NULL; - - memset (cryptoInfo, 0, sizeof (CRYPTO_INFO)); - -#ifndef DEVICE_DRIVER - VirtualLock (cryptoInfo, sizeof (CRYPTO_INFO)); -#endif - - cryptoInfo->ea = -1; - return cryptoInfo; - -#else // TC_WINDOWS_BOOT - -#if 0 - if (CryptoInfoBufferInUse) - TC_THROW_FATAL_EXCEPTION; -#endif - CryptoInfoBufferInUse = 1; - return &CryptoInfoBuffer; - -#endif // TC_WINDOWS_BOOT -} - -#ifndef TC_WINDOWS_BOOT -void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen) -{ - keyInfo->keyLength = nUserKeyLen; - burn (keyInfo->userKey, sizeof (keyInfo->userKey)); - memcpy (keyInfo->userKey, lpszUserKey, nUserKeyLen); -} -#endif - -void crypto_close (PCRYPTO_INFO cryptoInfo) -{ -#ifndef TC_WINDOWS_BOOT - - if (cryptoInfo != NULL) - { - burn (cryptoInfo, sizeof (CRYPTO_INFO)); -#ifndef DEVICE_DRIVER - VirtualUnlock (cryptoInfo, sizeof (CRYPTO_INFO)); -#endif - TCfree (cryptoInfo); - } - -#else // TC_WINDOWS_BOOT - - burn (&CryptoInfoBuffer, sizeof (CryptoInfoBuffer)); - CryptoInfoBufferInUse = FALSE; - -#endif // TC_WINDOWS_BOOT -} - - -#ifndef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - - - -// EncryptBuffer -// -// buf: data to be encrypted; the start of the buffer is assumed to be aligned with the start of a data unit. -// len: number of bytes to encrypt; must be divisible by the block size (for cascaded ciphers, divisible -// by the largest block size used within the cascade) -void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo) -{ - switch (cryptoInfo->mode) - { - case XTS: - { - unsigned __int8 *ks = cryptoInfo->ks; - unsigned __int8 *ks2 = cryptoInfo->ks2; - UINT64_STRUCT dataUnitNo; - int cipher; - - // When encrypting/decrypting a buffer (typically a volume header) the sequential number - // of the first XTS data unit in the buffer is always 0 and the start of the buffer is - // always assumed to be aligned with the start of a data unit. - dataUnitNo.LowPart = 0; - dataUnitNo.HighPart = 0; - - for (cipher = EAGetFirstCipher (cryptoInfo->ea); - cipher != 0; - cipher = EAGetNextCipher (cryptoInfo->ea, cipher)) - { - EncryptBufferXTS (buf, len, &dataUnitNo, 0, ks, ks2, cipher); - - ks += CipherGetKeyScheduleSize (cipher); - ks2 += CipherGetKeyScheduleSize (cipher); - } - } - break; - - default: - // Unknown/wrong ID - TC_THROW_FATAL_EXCEPTION; - } -} - - -// buf: data to be encrypted -// unitNo: sequential number of the data unit with which the buffer starts -// nbrUnits: number of data units in the buffer -void EncryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci) -#ifndef TC_WINDOWS_BOOT -{ - EncryptionThreadPoolDoWork (EncryptDataUnitsWork, buf, structUnitNo, nbrUnits, ci); -} - -void EncryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci) -#endif // !TC_WINDOWS_BOOT -{ - int ea = ci->ea; - unsigned __int8 *ks = ci->ks; - unsigned __int8 *ks2 = ci->ks2; - int cipher; - - switch (ci->mode) - { - case XTS: - for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher)) - { - EncryptBufferXTS (buf, - nbrUnits * ENCRYPTION_DATA_UNIT_SIZE, - structUnitNo, - 0, - ks, - ks2, - cipher); - - ks += CipherGetKeyScheduleSize (cipher); - ks2 += CipherGetKeyScheduleSize (cipher); - } - break; - - default: - // Unknown/wrong ID - TC_THROW_FATAL_EXCEPTION; - } -} - -// DecryptBuffer -// -// buf: data to be decrypted; the start of the buffer is assumed to be aligned with the start of a data unit. -// len: number of bytes to decrypt; must be divisible by the block size (for cascaded ciphers, divisible -// by the largest block size used within the cascade) -void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo) -{ - switch (cryptoInfo->mode) - { - case XTS: - { - unsigned __int8 *ks = cryptoInfo->ks + EAGetKeyScheduleSize (cryptoInfo->ea); - unsigned __int8 *ks2 = cryptoInfo->ks2 + EAGetKeyScheduleSize (cryptoInfo->ea); - UINT64_STRUCT dataUnitNo; - int cipher; - - // When encrypting/decrypting a buffer (typically a volume header) the sequential number - // of the first XTS data unit in the buffer is always 0 and the start of the buffer is - // always assumed to be aligned with the start of the data unit 0. - dataUnitNo.LowPart = 0; - dataUnitNo.HighPart = 0; - - for (cipher = EAGetLastCipher (cryptoInfo->ea); - cipher != 0; - cipher = EAGetPreviousCipher (cryptoInfo->ea, cipher)) - { - ks -= CipherGetKeyScheduleSize (cipher); - ks2 -= CipherGetKeyScheduleSize (cipher); - - DecryptBufferXTS (buf, len, &dataUnitNo, 0, ks, ks2, cipher); - } - } - break; - - default: - // Unknown/wrong ID - TC_THROW_FATAL_EXCEPTION; - } -} - -// buf: data to be decrypted -// unitNo: sequential number of the data unit with which the buffer starts -// nbrUnits: number of data units in the buffer -void DecryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci) -#ifndef TC_WINDOWS_BOOT -{ - EncryptionThreadPoolDoWork (DecryptDataUnitsWork, buf, structUnitNo, nbrUnits, ci); -} - -void DecryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci) -#endif // !TC_WINDOWS_BOOT -{ - int ea = ci->ea; - unsigned __int8 *ks = ci->ks; - unsigned __int8 *ks2 = ci->ks2; - int cipher; - - - switch (ci->mode) - { - case XTS: - ks += EAGetKeyScheduleSize (ea); - ks2 += EAGetKeyScheduleSize (ea); - - for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher)) - { - ks -= CipherGetKeyScheduleSize (cipher); - ks2 -= CipherGetKeyScheduleSize (cipher); - - DecryptBufferXTS (buf, - nbrUnits * ENCRYPTION_DATA_UNIT_SIZE, - structUnitNo, - 0, - ks, - ks2, - cipher); - } - break; - - default: - // Unknown/wrong ID - TC_THROW_FATAL_EXCEPTION; - } -} - - -#else // TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - - -#if !defined (TC_WINDOWS_BOOT_AES) && !defined (TC_WINDOWS_BOOT_SERPENT) && !defined (TC_WINDOWS_BOOT_TWOFISH) -#error No cipher defined -#endif - -void EncipherBlock(int cipher, void *data, void *ks) -{ -#ifdef TC_WINDOWS_BOOT_AES - if (IsAesHwCpuSupported()) - aes_hw_cpu_encrypt ((byte *) ks, data); - else - aes_encrypt (data, data, ks); -#elif defined (TC_WINDOWS_BOOT_SERPENT) - serpent_encrypt (data, data, ks); -#elif defined (TC_WINDOWS_BOOT_TWOFISH) - twofish_encrypt (ks, data, data); -#endif -} - -void DecipherBlock(int cipher, void *data, void *ks) -{ -#ifdef TC_WINDOWS_BOOT_AES - if (IsAesHwCpuSupported()) - aes_hw_cpu_decrypt ((byte *) ks + sizeof (aes_encrypt_ctx) + 14 * 16, data); - else - aes_decrypt (data, data, (aes_decrypt_ctx *) ((byte *) ks + sizeof(aes_encrypt_ctx))); -#elif defined (TC_WINDOWS_BOOT_SERPENT) - serpent_decrypt (data, data, ks); -#elif defined (TC_WINDOWS_BOOT_TWOFISH) - twofish_decrypt (ks, data, data); -#endif -} - - -#ifdef TC_WINDOWS_BOOT_AES - -int EAInit (unsigned char *key, unsigned __int8 *ks) -{ - aes_init(); - - if (aes_encrypt_key256 (key, (aes_encrypt_ctx *) ks) != EXIT_SUCCESS) - return ERR_CIPHER_INIT_FAILURE; - if (aes_decrypt_key256 (key, (aes_decrypt_ctx *) (ks + sizeof (aes_encrypt_ctx))) != EXIT_SUCCESS) - return ERR_CIPHER_INIT_FAILURE; - - return ERR_SUCCESS; -} - -#endif - - -void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo) -{ - UINT64_STRUCT dataUnitNo; - dataUnitNo.LowPart = 0; dataUnitNo.HighPart = 0; - EncryptBufferXTS (buf, len, &dataUnitNo, 0, cryptoInfo->ks, cryptoInfo->ks2, 1); -} - -void EncryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci) -{ - EncryptBufferXTS (buf, nbrUnits * ENCRYPTION_DATA_UNIT_SIZE, structUnitNo, 0, ci->ks, ci->ks2, 1); -} - -void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo) -{ - UINT64_STRUCT dataUnitNo; - dataUnitNo.LowPart = 0; dataUnitNo.HighPart = 0; - DecryptBufferXTS (buf, len, &dataUnitNo, 0, cryptoInfo->ks, cryptoInfo->ks2, 1); -} - -void DecryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci) -{ - DecryptBufferXTS (buf, nbrUnits * ENCRYPTION_DATA_UNIT_SIZE, structUnitNo, 0, ci->ks, ci->ks2, 1); -} - -#endif // TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - - -#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_AES) - -static BOOL HwEncryptionDisabled = FALSE; - -BOOL IsAesHwCpuSupported () -{ - static BOOL state = FALSE; - static BOOL stateValid = FALSE; - - if (!stateValid) - { - state = is_aes_hw_cpu_supported() ? TRUE : FALSE; - stateValid = TRUE; - } - - return state && !HwEncryptionDisabled; -} - -void EnableHwEncryption (BOOL enable) -{ -#if defined (TC_WINDOWS_BOOT) - if (enable) - aes_hw_cpu_enable_sse(); -#endif - - HwEncryptionDisabled = !enable; -} - -BOOL IsHwEncryptionEnabled () -{ - return !HwEncryptionDisabled; -} - -#endif // !TC_WINDOWS_BOOT +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" +#include "Crypto.h" +#include "Xts.h" +#include "Crc.h" +#include "Common/Endian.h" +#include +#ifndef TC_WINDOWS_BOOT +#include "EncryptionThreadPool.h" +#endif +#include "Volumes.h" + +/* Update the following when adding a new cipher or EA: + + Crypto.h: + ID #define + MAX_EXPANDED_KEY #define + + Crypto.c: + Ciphers[] + EncryptionAlgorithms[] + CipherInit() + EncipherBlock() + DecipherBlock() + +*/ + +#ifndef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + +// Cipher configuration +static Cipher Ciphers[] = +{ +// Block Size Key Size Key Schedule Size +// ID Name (Bytes) (Bytes) (Bytes) +#ifdef TC_WINDOWS_BOOT + { AES, "AES", 16, 32, AES_KS }, + { SERPENT, "Serpent", 16, 32, 140*4 }, + { TWOFISH, "Twofish", 16, 32, TWOFISH_KS }, +#else + { AES, L"AES", 16, 32, AES_KS }, + { SERPENT, L"Serpent", 16, 32, 140*4 }, + { TWOFISH, L"Twofish", 16, 32, TWOFISH_KS }, +#endif + { 0, 0, 0, 0, 0 } +}; + + +// Encryption algorithm configuration +static EncryptionAlgorithm EncryptionAlgorithms[] = +{ + // Cipher(s) Modes FormatEnabled + +#ifndef TC_WINDOWS_BOOT + + { { 0, 0 }, { 0, 0}, 0 }, // Must be all-zero + { { AES, 0 }, { XTS, 0 }, 1 }, + { { SERPENT, 0 }, { XTS, 0 }, 1 }, + { { TWOFISH, 0 }, { XTS, 0 }, 1 }, + { { TWOFISH, AES, 0 }, { XTS, 0 }, 1 }, + { { SERPENT, TWOFISH, AES, 0 }, { XTS, 0 }, 1 }, + { { AES, SERPENT, 0 }, { XTS, 0 }, 1 }, + { { AES, TWOFISH, SERPENT, 0 }, { XTS, 0 }, 1 }, + { { SERPENT, TWOFISH, 0 }, { XTS, 0 }, 1 }, + { { 0, 0 }, { 0, 0}, 0 } // Must be all-zero + +#else // TC_WINDOWS_BOOT + + // Encryption algorithms available for boot drive encryption + { { 0, 0 }, { 0, 0 }, 0 }, // Must be all-zero + { { AES, 0 }, { XTS, 0 }, 1 }, + { { SERPENT, 0 }, { XTS, 0 }, 1 }, + { { TWOFISH, 0 }, { XTS, 0 }, 1 }, + { { TWOFISH, AES, 0 }, { XTS, 0 }, 1 }, + { { SERPENT, TWOFISH, AES, 0 }, { XTS, 0 }, 1 }, + { { AES, SERPENT, 0 }, { XTS, 0 }, 1 }, + { { AES, TWOFISH, SERPENT, 0 }, { XTS, 0 }, 1 }, + { { SERPENT, TWOFISH, 0 }, { XTS, 0 }, 1 }, + { { 0, 0 }, { 0, 0 }, 0 }, // Must be all-zero + +#endif + +}; + + +#ifndef TC_WINDOWS_BOOT +// Hash algorithms +static Hash Hashes[] = +{ // ID Name Deprecated System Encryption + { SHA512, L"SHA-512", FALSE, FALSE }, + { WHIRLPOOL, L"Whirlpool", FALSE, FALSE }, + { SHA256, L"SHA-256", FALSE, TRUE }, + { RIPEMD160, L"RIPEMD-160", TRUE, TRUE }, + { 0, 0, 0 } +}; +#endif + +/* Return values: 0 = success, ERR_CIPHER_INIT_FAILURE (fatal), ERR_CIPHER_INIT_WEAK_KEY (non-fatal) */ +int CipherInit (int cipher, unsigned char *key, unsigned __int8 *ks) +{ + int retVal = ERR_SUCCESS; + + switch (cipher) + { + case AES: +#ifndef TC_WINDOWS_BOOT + if (aes_encrypt_key256 (key, (aes_encrypt_ctx *) ks) != EXIT_SUCCESS) + return ERR_CIPHER_INIT_FAILURE; + + if (aes_decrypt_key256 (key, (aes_decrypt_ctx *) (ks + sizeof(aes_encrypt_ctx))) != EXIT_SUCCESS) + return ERR_CIPHER_INIT_FAILURE; +#else + if (aes_set_key (key, (length_type) CipherGetKeySize(AES), (aes_context *) ks) != 0) + return ERR_CIPHER_INIT_FAILURE; +#endif + break; + + case SERPENT: + serpent_set_key (key, ks); + break; + + case TWOFISH: + twofish_set_key ((TwofishInstance *)ks, (const u4byte *)key); + break; + + default: + // Unknown/wrong cipher ID + return ERR_CIPHER_INIT_FAILURE; + } + + return retVal; +} + +void EncipherBlock(int cipher, void *data, void *ks) +{ + switch (cipher) + { + case AES: + // In 32-bit kernel mode, due to KeSaveFloatingPointState() overhead, AES instructions can be used only when processing the whole data unit. +#if (defined (_WIN64) || !defined (TC_WINDOWS_DRIVER)) && !defined (TC_WINDOWS_BOOT) + if (IsAesHwCpuSupported()) + aes_hw_cpu_encrypt (ks, data); + else +#endif + aes_encrypt (data, data, ks); + break; + + case TWOFISH: twofish_encrypt (ks, data, data); break; + case SERPENT: serpent_encrypt (data, data, ks); break; + default: TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID + } +} + +#ifndef TC_WINDOWS_BOOT + +void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount) +{ + byte *data = dataPtr; +#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) + KFLOATING_SAVE floatingPointState; +#endif + + if (cipher == AES + && (blockCount & (32 - 1)) == 0 + && IsAesHwCpuSupported() +#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) + && NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState)) +#endif + ) + { + while (blockCount > 0) + { + aes_hw_cpu_encrypt_32_blocks (ks, data); + + data += 32 * 16; + blockCount -= 32; + } + +#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) + KeRestoreFloatingPointState (&floatingPointState); +#endif + } + else + { + size_t blockSize = CipherGetBlockSize (cipher); + while (blockCount-- > 0) + { + EncipherBlock (cipher, data, ks); + data += blockSize; + } + } +} + +#endif // !TC_WINDOWS_BOOT + +void DecipherBlock(int cipher, void *data, void *ks) +{ + switch (cipher) + { + case SERPENT: serpent_decrypt (data, data, ks); break; + case TWOFISH: twofish_decrypt (ks, data, data); break; +#ifndef TC_WINDOWS_BOOT + + case AES: +#if defined (_WIN64) || !defined (TC_WINDOWS_DRIVER) + if (IsAesHwCpuSupported()) + aes_hw_cpu_decrypt ((byte *) ks + sizeof (aes_encrypt_ctx), data); + else +#endif + aes_decrypt (data, data, (void *) ((char *) ks + sizeof(aes_encrypt_ctx))); + break; + +#else + case AES: aes_decrypt (data, data, ks); break; +#endif + default: TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID + } +} + +#ifndef TC_WINDOWS_BOOT + +void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount) +{ + byte *data = dataPtr; +#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) + KFLOATING_SAVE floatingPointState; +#endif + + if (cipher == AES + && (blockCount & (32 - 1)) == 0 + && IsAesHwCpuSupported() +#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) + && NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState)) +#endif + ) + { + while (blockCount > 0) + { + aes_hw_cpu_decrypt_32_blocks ((byte *) ks + sizeof (aes_encrypt_ctx), data); + + data += 32 * 16; + blockCount -= 32; + } + +#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64) + KeRestoreFloatingPointState (&floatingPointState); +#endif + } + else + { + size_t blockSize = CipherGetBlockSize (cipher); + while (blockCount-- > 0) + { + DecipherBlock (cipher, data, ks); + data += blockSize; + } + } +} + +#endif // !TC_WINDOWS_BOOT + + +// Ciphers support + +Cipher *CipherGet (int id) +{ + int i; + for (i = 0; Ciphers[i].Id != 0; i++) + if (Ciphers[i].Id == id) + return &Ciphers[i]; + + return NULL; +} + +#ifndef TC_WINDOWS_BOOT +const wchar_t *CipherGetName (int cipherId) +{ + Cipher* pCipher = CipherGet (cipherId); + return pCipher? pCipher -> Name : L""; +} +#endif + +int CipherGetBlockSize (int cipherId) +{ +#ifdef TC_WINDOWS_BOOT + return CipherGet (cipherId) -> BlockSize; +#else + Cipher* pCipher = CipherGet (cipherId); + return pCipher? pCipher -> BlockSize : 0; +#endif +} + +int CipherGetKeySize (int cipherId) +{ +#ifdef TC_WINDOWS_BOOT + return CipherGet (cipherId) -> KeySize; +#else + Cipher* pCipher = CipherGet (cipherId); + return pCipher? pCipher -> KeySize : 0; +#endif +} + +int CipherGetKeyScheduleSize (int cipherId) +{ +#ifdef TC_WINDOWS_BOOT + return CipherGet (cipherId) -> KeyScheduleSize; +#else + Cipher* pCipher = CipherGet (cipherId); + return pCipher? pCipher -> KeyScheduleSize : 0; +#endif +} + +#ifndef TC_WINDOWS_BOOT + +BOOL CipherSupportsIntraDataUnitParallelization (int cipher) +{ + return cipher == AES && IsAesHwCpuSupported(); +} + +#endif + + +// Encryption algorithms support + +int EAGetFirst () +{ + return 1; +} + +// Returns number of EAs +int EAGetCount (void) +{ + int ea, count = 0; + + for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea)) + { + count++; + } + return count; +} + +int EAGetNext (int previousEA) +{ + int id = previousEA + 1; + if (EncryptionAlgorithms[id].Ciphers[0] != 0) return id; + return 0; +} + + +// Return values: 0 = success, ERR_CIPHER_INIT_FAILURE (fatal), ERR_CIPHER_INIT_WEAK_KEY (non-fatal) +int EAInit (int ea, unsigned char *key, unsigned __int8 *ks) +{ + int c, retVal = ERR_SUCCESS; + + if (ea == 0) + return ERR_CIPHER_INIT_FAILURE; + + for (c = EAGetFirstCipher (ea); c != 0; c = EAGetNextCipher (ea, c)) + { + switch (CipherInit (c, key, ks)) + { + case ERR_CIPHER_INIT_FAILURE: + return ERR_CIPHER_INIT_FAILURE; + + case ERR_CIPHER_INIT_WEAK_KEY: + retVal = ERR_CIPHER_INIT_WEAK_KEY; // Non-fatal error + break; + } + + key += CipherGetKeySize (c); + ks += CipherGetKeyScheduleSize (c); + } + return retVal; +} + + +#ifndef TC_WINDOWS_BOOT + +BOOL EAInitMode (PCRYPTO_INFO ci) +{ + switch (ci->mode) + { + case XTS: + // Secondary key schedule + if (EAInit (ci->ea, ci->k2, ci->ks2) != ERR_SUCCESS) + return FALSE; + + /* Note: XTS mode could potentially be initialized with a weak key causing all blocks in one data unit + on the volume to be tweaked with zero tweaks (i.e. 512 bytes of the volume would be encrypted in ECB + mode). However, to create a TrueCrypt volume with such a weak key, each human being on Earth would have + to create approximately 11,378,125,361,078,862 (about eleven quadrillion) TrueCrypt volumes (provided + that the size of each of the volumes is 1024 terabytes). */ + break; + + default: + // Unknown/wrong ID + TC_THROW_FATAL_EXCEPTION; + } + return TRUE; +} + +static void EAGetDisplayName(wchar_t *buf, int ea, int i) +{ + wcscpy (buf, CipherGetName (i)); + if (i = EAGetPreviousCipher(ea, i)) + { + wcscat (buf, L"("); + EAGetDisplayName (&buf[wcslen(buf)], ea, i); + wcscat (buf, L")"); + } +} + +// Returns name of EA, cascaded cipher names are separated by hyphens +wchar_t *EAGetName (wchar_t *buf, int ea, int guiDisplay) +{ + if (guiDisplay) + { + EAGetDisplayName (buf, ea, EAGetLastCipher(ea)); + } + else + { + int i = EAGetLastCipher(ea); + wcscpy (buf, (i != 0) ? CipherGetName (i) : L"?"); + + while (i = EAGetPreviousCipher(ea, i)) + { + wcscat (buf, L"-"); + wcscat (buf, CipherGetName (i)); + } + } + return buf; +} + + +int EAGetByName (wchar_t *name) +{ + int ea = EAGetFirst (); + wchar_t n[128]; + + do + { + EAGetName (n, ea, 1); + if (_wcsicmp (n, name) == 0) + return ea; + } + while (ea = EAGetNext (ea)); + + return 0; +} + +#endif // TC_WINDOWS_BOOT + +// Returns sum of key sizes of all ciphers of the EA (in bytes) +int EAGetKeySize (int ea) +{ + int i = EAGetFirstCipher (ea); + int size = CipherGetKeySize (i); + + while (i = EAGetNextCipher (ea, i)) + { + size += CipherGetKeySize (i); + } + + return size; +} + + +// Returns the first mode of operation of EA +int EAGetFirstMode (int ea) +{ + return (EncryptionAlgorithms[ea].Modes[0]); +} + + +int EAGetNextMode (int ea, int previousModeId) +{ + int c, i = 0; + while (c = EncryptionAlgorithms[ea].Modes[i++]) + { + if (c == previousModeId) + return EncryptionAlgorithms[ea].Modes[i]; + } + + return 0; +} + + +#ifndef TC_WINDOWS_BOOT + +// Returns the name of the mode of operation of the whole EA +wchar_t *EAGetModeName (int ea, int mode, BOOL capitalLetters) +{ + switch (mode) + { + case XTS: + + return L"XTS"; + + } + return L"[unknown]"; +} + +#endif // TC_WINDOWS_BOOT + + +// Returns sum of key schedule sizes of all ciphers of the EA +int EAGetKeyScheduleSize (int ea) +{ + int i = EAGetFirstCipher(ea); + int size = CipherGetKeyScheduleSize (i); + + while (i = EAGetNextCipher(ea, i)) + { + size += CipherGetKeyScheduleSize (i); + } + + return size; +} + + +// Returns the largest key size needed by an EA for the specified mode of operation +int EAGetLargestKeyForMode (int mode) +{ + int ea, key = 0; + + for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea)) + { + if (!EAIsModeSupported (ea, mode)) + continue; + + if (EAGetKeySize (ea) >= key) + key = EAGetKeySize (ea); + } + return key; +} + + +// Returns the largest key needed by any EA for any mode +int EAGetLargestKey () +{ + int ea, key = 0; + + for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea)) + { + if (EAGetKeySize (ea) >= key) + key = EAGetKeySize (ea); + } + + return key; +} + + +// Returns number of ciphers in EA +int EAGetCipherCount (int ea) +{ + int i = 0; + while (EncryptionAlgorithms[ea].Ciphers[i++]); + + return i - 1; +} + + +int EAGetFirstCipher (int ea) +{ + return EncryptionAlgorithms[ea].Ciphers[0]; +} + + +int EAGetLastCipher (int ea) +{ + int c, i = 0; + while (c = EncryptionAlgorithms[ea].Ciphers[i++]); + + return EncryptionAlgorithms[ea].Ciphers[i - 2]; +} + + +int EAGetNextCipher (int ea, int previousCipherId) +{ + int c, i = 0; + while (c = EncryptionAlgorithms[ea].Ciphers[i++]) + { + if (c == previousCipherId) + return EncryptionAlgorithms[ea].Ciphers[i]; + } + + return 0; +} + + +int EAGetPreviousCipher (int ea, int previousCipherId) +{ + int c, i = 0; + + if (EncryptionAlgorithms[ea].Ciphers[i++] == previousCipherId) + return 0; + + while (c = EncryptionAlgorithms[ea].Ciphers[i++]) + { + if (c == previousCipherId) + return EncryptionAlgorithms[ea].Ciphers[i - 2]; + } + + return 0; +} + + +int EAIsFormatEnabled (int ea) +{ + return EncryptionAlgorithms[ea].FormatEnabled; +} + + +// Returns TRUE if the mode of operation is supported for the encryption algorithm +BOOL EAIsModeSupported (int ea, int testedMode) +{ + int mode; + + for (mode = EAGetFirstMode (ea); mode != 0; mode = EAGetNextMode (ea, mode)) + { + if (mode == testedMode) + return TRUE; + } + return FALSE; +} + +#ifndef TC_WINDOWS_BOOT +Hash *HashGet (int id) +{ + int i; + for (i = 0; Hashes[i].Id != 0; i++) + if (Hashes[i].Id == id) + return &Hashes[i]; + + return 0; +} + + +int HashGetIdByName (wchar_t *name) +{ + int i; + for (i = 0; Hashes[i].Id != 0; i++) + if (wcscmp (Hashes[i].Name, name) == 0) + return Hashes[i].Id; + + return 0; +} + +const wchar_t *HashGetName (int hashId) +{ + Hash* pHash = HashGet(hashId); + return pHash? pHash -> Name : L""; +} + +void HashGetName2 (wchar_t *buf, int hashId) +{ + Hash* pHash = HashGet(hashId); + if (pHash) + wcscpy(buf, pHash -> Name); + else + buf[0] = L'\0'; +} + +BOOL HashIsDeprecated (int hashId) +{ + Hash* pHash = HashGet(hashId); + return pHash? pHash -> Deprecated : FALSE; + +} + +BOOL HashForSystemEncryption (int hashId) +{ + Hash* pHash = HashGet(hashId); + return pHash? pHash -> SystemEncryption : FALSE; + +} + +// Returns the maximum number of bytes necessary to be generated by the PBKDF2 (PKCS #5) +int GetMaxPkcs5OutSize (void) +{ + int size = 32; + + size = max (size, EAGetLargestKeyForMode (XTS) * 2); // Sizes of primary + secondary keys + + return size; +} + +#endif + + +#endif // TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + + +#ifdef TC_WINDOWS_BOOT + +static byte CryptoInfoBufferInUse = 0; +CRYPTO_INFO CryptoInfoBuffer; + +#endif + +PCRYPTO_INFO crypto_open () +{ +#ifndef TC_WINDOWS_BOOT + + /* Do the crt allocation */ + PCRYPTO_INFO cryptoInfo = (PCRYPTO_INFO) TCalloc (sizeof (CRYPTO_INFO)); + if (cryptoInfo == NULL) + return NULL; + + memset (cryptoInfo, 0, sizeof (CRYPTO_INFO)); + +#ifndef DEVICE_DRIVER + VirtualLock (cryptoInfo, sizeof (CRYPTO_INFO)); +#endif + + cryptoInfo->ea = -1; + return cryptoInfo; + +#else // TC_WINDOWS_BOOT + +#if 0 + if (CryptoInfoBufferInUse) + TC_THROW_FATAL_EXCEPTION; +#endif + CryptoInfoBufferInUse = 1; + return &CryptoInfoBuffer; + +#endif // TC_WINDOWS_BOOT +} + +#ifndef TC_WINDOWS_BOOT +void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen) +{ + keyInfo->keyLength = nUserKeyLen; + burn (keyInfo->userKey, sizeof (keyInfo->userKey)); + memcpy (keyInfo->userKey, lpszUserKey, nUserKeyLen); +} +#endif + +void crypto_close (PCRYPTO_INFO cryptoInfo) +{ +#ifndef TC_WINDOWS_BOOT + + if (cryptoInfo != NULL) + { + burn (cryptoInfo, sizeof (CRYPTO_INFO)); +#ifndef DEVICE_DRIVER + VirtualUnlock (cryptoInfo, sizeof (CRYPTO_INFO)); +#endif + TCfree (cryptoInfo); + } + +#else // TC_WINDOWS_BOOT + + burn (&CryptoInfoBuffer, sizeof (CryptoInfoBuffer)); + CryptoInfoBufferInUse = FALSE; + +#endif // TC_WINDOWS_BOOT +} + + +#ifndef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + + + +// EncryptBuffer +// +// buf: data to be encrypted; the start of the buffer is assumed to be aligned with the start of a data unit. +// len: number of bytes to encrypt; must be divisible by the block size (for cascaded ciphers, divisible +// by the largest block size used within the cascade) +void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo) +{ + switch (cryptoInfo->mode) + { + case XTS: + { + unsigned __int8 *ks = cryptoInfo->ks; + unsigned __int8 *ks2 = cryptoInfo->ks2; + UINT64_STRUCT dataUnitNo; + int cipher; + + // When encrypting/decrypting a buffer (typically a volume header) the sequential number + // of the first XTS data unit in the buffer is always 0 and the start of the buffer is + // always assumed to be aligned with the start of a data unit. + dataUnitNo.LowPart = 0; + dataUnitNo.HighPart = 0; + + for (cipher = EAGetFirstCipher (cryptoInfo->ea); + cipher != 0; + cipher = EAGetNextCipher (cryptoInfo->ea, cipher)) + { + EncryptBufferXTS (buf, len, &dataUnitNo, 0, ks, ks2, cipher); + + ks += CipherGetKeyScheduleSize (cipher); + ks2 += CipherGetKeyScheduleSize (cipher); + } + } + break; + + default: + // Unknown/wrong ID + TC_THROW_FATAL_EXCEPTION; + } +} + + +// buf: data to be encrypted +// unitNo: sequential number of the data unit with which the buffer starts +// nbrUnits: number of data units in the buffer +void EncryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci) +#ifndef TC_WINDOWS_BOOT +{ + EncryptionThreadPoolDoWork (EncryptDataUnitsWork, buf, structUnitNo, nbrUnits, ci); +} + +void EncryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci) +#endif // !TC_WINDOWS_BOOT +{ + int ea = ci->ea; + unsigned __int8 *ks = ci->ks; + unsigned __int8 *ks2 = ci->ks2; + int cipher; + + switch (ci->mode) + { + case XTS: + for (cipher = EAGetFirstCipher (ea); cipher != 0; cipher = EAGetNextCipher (ea, cipher)) + { + EncryptBufferXTS (buf, + nbrUnits * ENCRYPTION_DATA_UNIT_SIZE, + structUnitNo, + 0, + ks, + ks2, + cipher); + + ks += CipherGetKeyScheduleSize (cipher); + ks2 += CipherGetKeyScheduleSize (cipher); + } + break; + + default: + // Unknown/wrong ID + TC_THROW_FATAL_EXCEPTION; + } +} + +// DecryptBuffer +// +// buf: data to be decrypted; the start of the buffer is assumed to be aligned with the start of a data unit. +// len: number of bytes to decrypt; must be divisible by the block size (for cascaded ciphers, divisible +// by the largest block size used within the cascade) +void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo) +{ + switch (cryptoInfo->mode) + { + case XTS: + { + unsigned __int8 *ks = cryptoInfo->ks + EAGetKeyScheduleSize (cryptoInfo->ea); + unsigned __int8 *ks2 = cryptoInfo->ks2 + EAGetKeyScheduleSize (cryptoInfo->ea); + UINT64_STRUCT dataUnitNo; + int cipher; + + // When encrypting/decrypting a buffer (typically a volume header) the sequential number + // of the first XTS data unit in the buffer is always 0 and the start of the buffer is + // always assumed to be aligned with the start of the data unit 0. + dataUnitNo.LowPart = 0; + dataUnitNo.HighPart = 0; + + for (cipher = EAGetLastCipher (cryptoInfo->ea); + cipher != 0; + cipher = EAGetPreviousCipher (cryptoInfo->ea, cipher)) + { + ks -= CipherGetKeyScheduleSize (cipher); + ks2 -= CipherGetKeyScheduleSize (cipher); + + DecryptBufferXTS (buf, len, &dataUnitNo, 0, ks, ks2, cipher); + } + } + break; + + default: + // Unknown/wrong ID + TC_THROW_FATAL_EXCEPTION; + } +} + +// buf: data to be decrypted +// unitNo: sequential number of the data unit with which the buffer starts +// nbrUnits: number of data units in the buffer +void DecryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci) +#ifndef TC_WINDOWS_BOOT +{ + EncryptionThreadPoolDoWork (DecryptDataUnitsWork, buf, structUnitNo, nbrUnits, ci); +} + +void DecryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci) +#endif // !TC_WINDOWS_BOOT +{ + int ea = ci->ea; + unsigned __int8 *ks = ci->ks; + unsigned __int8 *ks2 = ci->ks2; + int cipher; + + + switch (ci->mode) + { + case XTS: + ks += EAGetKeyScheduleSize (ea); + ks2 += EAGetKeyScheduleSize (ea); + + for (cipher = EAGetLastCipher (ea); cipher != 0; cipher = EAGetPreviousCipher (ea, cipher)) + { + ks -= CipherGetKeyScheduleSize (cipher); + ks2 -= CipherGetKeyScheduleSize (cipher); + + DecryptBufferXTS (buf, + nbrUnits * ENCRYPTION_DATA_UNIT_SIZE, + structUnitNo, + 0, + ks, + ks2, + cipher); + } + break; + + default: + // Unknown/wrong ID + TC_THROW_FATAL_EXCEPTION; + } +} + + +#else // TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + + +#if !defined (TC_WINDOWS_BOOT_AES) && !defined (TC_WINDOWS_BOOT_SERPENT) && !defined (TC_WINDOWS_BOOT_TWOFISH) +#error No cipher defined +#endif + +void EncipherBlock(int cipher, void *data, void *ks) +{ +#ifdef TC_WINDOWS_BOOT_AES + if (IsAesHwCpuSupported()) + aes_hw_cpu_encrypt ((byte *) ks, data); + else + aes_encrypt (data, data, ks); +#elif defined (TC_WINDOWS_BOOT_SERPENT) + serpent_encrypt (data, data, ks); +#elif defined (TC_WINDOWS_BOOT_TWOFISH) + twofish_encrypt (ks, data, data); +#endif +} + +void DecipherBlock(int cipher, void *data, void *ks) +{ +#ifdef TC_WINDOWS_BOOT_AES + if (IsAesHwCpuSupported()) + aes_hw_cpu_decrypt ((byte *) ks + sizeof (aes_encrypt_ctx) + 14 * 16, data); + else + aes_decrypt (data, data, (aes_decrypt_ctx *) ((byte *) ks + sizeof(aes_encrypt_ctx))); +#elif defined (TC_WINDOWS_BOOT_SERPENT) + serpent_decrypt (data, data, ks); +#elif defined (TC_WINDOWS_BOOT_TWOFISH) + twofish_decrypt (ks, data, data); +#endif +} + + +#ifdef TC_WINDOWS_BOOT_AES + +int EAInit (unsigned char *key, unsigned __int8 *ks) +{ + aes_init(); + + if (aes_encrypt_key256 (key, (aes_encrypt_ctx *) ks) != EXIT_SUCCESS) + return ERR_CIPHER_INIT_FAILURE; + if (aes_decrypt_key256 (key, (aes_decrypt_ctx *) (ks + sizeof (aes_encrypt_ctx))) != EXIT_SUCCESS) + return ERR_CIPHER_INIT_FAILURE; + + return ERR_SUCCESS; +} + +#endif + + +void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo) +{ + UINT64_STRUCT dataUnitNo; + dataUnitNo.LowPart = 0; dataUnitNo.HighPart = 0; + EncryptBufferXTS (buf, len, &dataUnitNo, 0, cryptoInfo->ks, cryptoInfo->ks2, 1); +} + +void EncryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci) +{ + EncryptBufferXTS (buf, nbrUnits * ENCRYPTION_DATA_UNIT_SIZE, structUnitNo, 0, ci->ks, ci->ks2, 1); +} + +void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo) +{ + UINT64_STRUCT dataUnitNo; + dataUnitNo.LowPart = 0; dataUnitNo.HighPart = 0; + DecryptBufferXTS (buf, len, &dataUnitNo, 0, cryptoInfo->ks, cryptoInfo->ks2, 1); +} + +void DecryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci) +{ + DecryptBufferXTS (buf, nbrUnits * ENCRYPTION_DATA_UNIT_SIZE, structUnitNo, 0, ci->ks, ci->ks2, 1); +} + +#endif // TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + + +#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_AES) + +static BOOL HwEncryptionDisabled = FALSE; + +BOOL IsAesHwCpuSupported () +{ + static BOOL state = FALSE; + static BOOL stateValid = FALSE; + + if (!stateValid) + { + state = is_aes_hw_cpu_supported() ? TRUE : FALSE; + stateValid = TRUE; + } + + return state && !HwEncryptionDisabled; +} + +void EnableHwEncryption (BOOL enable) +{ +#if defined (TC_WINDOWS_BOOT) + if (enable) + aes_hw_cpu_enable_sse(); +#endif + + HwEncryptionDisabled = !enable; +} + +BOOL IsHwEncryptionEnabled () +{ + return !HwEncryptionDisabled; +} + +#endif // !TC_WINDOWS_BOOT diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h index e081dc60..96f0a9a6 100644 --- a/src/Common/Crypto.h +++ b/src/Common/Crypto.h @@ -1,363 +1,363 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -/* Update the following when adding a new cipher or EA: - - Crypto.h: - ID #define - MAX_EXPANDED_KEY #define - - Crypto.c: - Ciphers[] - EncryptionAlgorithms[] - CipherInit() - EncipherBlock() - DecipherBlock() - -*/ - -#ifndef CRYPTO_H -#define CRYPTO_H - -#include "Tcdefs.h" - -#ifdef __cplusplus -extern "C" { -#endif - -// Encryption data unit size, which may differ from the sector size and must always be 512 -#define ENCRYPTION_DATA_UNIT_SIZE 512 - -// Size of the salt (in bytes) -#define PKCS5_SALT_SIZE 64 - -// Size of the volume header area containing concatenated master key(s) and secondary key(s) (XTS mode) -#define MASTER_KEYDATA_SIZE 256 - -// The first PRF to try when mounting -#define FIRST_PRF_ID 1 - -// Hash algorithms (pseudorandom functions). -enum -{ - SHA512 = FIRST_PRF_ID, - WHIRLPOOL, - SHA256, - RIPEMD160, - HASH_ENUM_END_ID -}; - -// The last PRF to try when mounting and also the number of implemented PRFs -#define LAST_PRF_ID (HASH_ENUM_END_ID - 1) - -#define RIPEMD160_BLOCKSIZE 64 -#define RIPEMD160_DIGESTSIZE 20 - -#define SHA256_BLOCKSIZE 64 -#define SHA256_DIGESTSIZE 32 - -#define SHA512_BLOCKSIZE 128 -#define SHA512_DIGESTSIZE 64 - -#define WHIRLPOOL_BLOCKSIZE 64 -#define WHIRLPOOL_DIGESTSIZE 64 - -#define MAX_DIGESTSIZE WHIRLPOOL_DIGESTSIZE - -#define DEFAULT_HASH_ALGORITHM FIRST_PRF_ID -#define DEFAULT_HASH_ALGORITHM_BOOT SHA256 - -// The mode of operation used for newly created volumes and first to try when mounting -#define FIRST_MODE_OF_OPERATION_ID 1 - -// Modes of operation -enum -{ - /* If you add/remove a mode, update the following: GetMaxPkcs5OutSize(), EAInitMode() */ - - XTS = FIRST_MODE_OF_OPERATION_ID, - MODE_ENUM_END_ID -}; - - -// The last mode of operation to try when mounting and also the number of implemented modes -#define LAST_MODE_OF_OPERATION (MODE_ENUM_END_ID - 1) - -// Ciphertext/plaintext block size for XTS mode (in bytes) -#define BYTES_PER_XTS_BLOCK 16 - -// Number of ciphertext/plaintext blocks per XTS data unit -#define BLOCKS_PER_XTS_DATA_UNIT (ENCRYPTION_DATA_UNIT_SIZE / BYTES_PER_XTS_BLOCK) - - -// Cipher IDs -enum -{ - NONE = 0, - AES, - SERPENT, - TWOFISH -}; - -typedef struct -{ - int Id; // Cipher ID -#ifdef TC_WINDOWS_BOOT - char *Name; // Name -#else - wchar_t *Name; // Name -#endif - int BlockSize; // Block size (bytes) - int KeySize; // Key size (bytes) - int KeyScheduleSize; // Scheduled key size (bytes) -} Cipher; - -typedef struct -{ - int Ciphers[4]; // Null terminated array of ciphers used by encryption algorithm - int Modes[LAST_MODE_OF_OPERATION + 1]; // Null terminated array of modes of operation - int FormatEnabled; -} EncryptionAlgorithm; - -#ifndef TC_WINDOWS_BOOT -typedef struct -{ - int Id; // Hash ID - wchar_t *Name; // Name - BOOL Deprecated; - BOOL SystemEncryption; // Available for system encryption -} Hash; -#endif - -// Maxium length of scheduled key -#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_AES) -# define AES_KS (sizeof(aes_encrypt_ctx) + sizeof(aes_decrypt_ctx)) -#else -# define AES_KS (sizeof(aes_context)) -#endif -#define SERPENT_KS (140 * 4) - -#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - -# ifdef TC_WINDOWS_BOOT_AES -# define MAX_EXPANDED_KEY AES_KS -# elif defined (TC_WINDOWS_BOOT_SERPENT) -# define MAX_EXPANDED_KEY SERPENT_KS -# elif defined (TC_WINDOWS_BOOT_TWOFISH) -# define MAX_EXPANDED_KEY TWOFISH_KS -# endif - -#else - -#define MAX_EXPANDED_KEY (AES_KS + SERPENT_KS + TWOFISH_KS) - -#endif - -#ifdef DEBUG -# define PRAND_DISK_WIPE_PASSES 3 -#else -# define PRAND_DISK_WIPE_PASSES 256 -#endif - -/* specific value for volume header wipe used only when drive is fully wiped. */ -#define PRAND_HEADER_WIPE_PASSES 3 - -#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_AES) -# include "Aes.h" -#else -# include "AesSmall.h" -#endif - -#include "Aes_hw_cpu.h" -#include "Serpent.h" -#include "Twofish.h" - -#include "Rmd160.h" -#ifndef TC_WINDOWS_BOOT -# include "Sha2.h" -# include "Whirlpool.h" -#endif - -#include "GfMul.h" -#include "Password.h" - -#ifndef TC_WINDOWS_BOOT - -#include "config.h" - -typedef struct keyInfo_t -{ - int noIterations; /* Number of times to iterate (PKCS-5) */ - int keyLength; /* Length of the key */ - uint64 dummy; /* Dummy field to ensure 16-byte alignment of this structure */ - __int8 salt[PKCS5_SALT_SIZE]; /* PKCS-5 salt */ - __int8 master_keydata[MASTER_KEYDATA_SIZE]; /* Concatenated master primary and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */ - CRYPTOPP_ALIGN_DATA(16) __int8 userKey[MAX_PASSWORD]; /* Password (to which keyfiles may have been applied). WITHOUT +1 for the null terminator. */ -} KEY_INFO, *PKEY_INFO; - -#endif - -typedef struct CRYPTO_INFO_t -{ - int ea; /* Encryption algorithm ID */ - int mode; /* Mode of operation (e.g., XTS) */ - int pkcs5; /* PRF algorithm */ - - unsigned __int8 ks[MAX_EXPANDED_KEY]; /* Primary key schedule (if it is a cascade, it conatins multiple concatenated keys) */ - unsigned __int8 ks2[MAX_EXPANDED_KEY]; /* Secondary key schedule (if cascade, multiple concatenated) for XTS mode. */ - - BOOL hiddenVolume; // Indicates whether the volume is mounted/mountable as hidden volume - -#ifndef TC_WINDOWS_BOOT - uint16 HeaderVersion; - - GfCtx gf_ctx; - - unsigned __int8 master_keydata[MASTER_KEYDATA_SIZE]; /* This holds the volume header area containing concatenated master key(s) and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */ - unsigned __int8 k2[MASTER_KEYDATA_SIZE]; /* For XTS, this contains the secondary key (if cascade, multiple concatenated). For LRW (deprecated/legacy), it contains the tweak key. For CBC (deprecated/legacy), it contains the IV seed. */ - unsigned __int8 salt[PKCS5_SALT_SIZE]; - int noIterations; - BOOL bTrueCryptMode; - int volumePim; - - uint64 volume_creation_time; // Legacy - uint64 header_creation_time; // Legacy - - BOOL bProtectHiddenVolume; // Indicates whether the volume contains a hidden volume to be protected against overwriting - BOOL bHiddenVolProtectionAction; // TRUE if a write operation has been denied by the driver in order to prevent the hidden volume from being overwritten (set to FALSE upon volume mount). - - uint64 volDataAreaOffset; // Absolute position, in bytes, of the first data sector of the volume. - - uint64 hiddenVolumeSize; // Size of the hidden volume excluding the header (in bytes). Set to 0 for standard volumes. - uint64 hiddenVolumeOffset; // Absolute position, in bytes, of the first hidden volume data sector within the host volume (provided that there is a hidden volume within). This must be set for all hidden volumes; in case of a normal volume, this variable is only used when protecting a hidden volume within it. - uint64 hiddenVolumeProtectedSize; - - BOOL bPartitionInInactiveSysEncScope; // If TRUE, the volume is a partition located on an encrypted system drive and mounted without pre-boot authentication. - - UINT64_STRUCT FirstDataUnitNo; // First data unit number of the volume. This is 0 for file-hosted and non-system partition-hosted volumes. For partitions within key scope of system encryption this reflects real physical offset within the device (this is used e.g. when such a partition is mounted as a regular volume without pre-boot authentication). - - uint16 RequiredProgramVersion; - BOOL LegacyVolume; - - uint32 SectorSize; - -#endif // !TC_WINDOWS_BOOT - - UINT64_STRUCT VolumeSize; - - UINT64_STRUCT EncryptedAreaStart; - UINT64_STRUCT EncryptedAreaLength; - - uint32 HeaderFlags; - -} CRYPTO_INFO, *PCRYPTO_INFO; - -#ifdef _WIN32 - -#pragma pack (push) -#pragma pack(1) - -typedef struct BOOT_CRYPTO_HEADER_t -{ - __int16 ea; /* Encryption algorithm ID */ - __int16 mode; /* Mode of operation (e.g., XTS) */ - __int16 pkcs5; /* PRF algorithm */ - -} BOOT_CRYPTO_HEADER, *PBOOT_CRYPTO_HEADER; - -#pragma pack (pop) - -#endif - -PCRYPTO_INFO crypto_open (void); -#ifndef TC_WINDOWS_BOOT -void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen); -#endif -void crypto_close (PCRYPTO_INFO cryptoInfo); - -int CipherGetBlockSize (int cipher); -int CipherGetKeySize (int cipher); -int CipherGetKeyScheduleSize (int cipher); -BOOL CipherSupportsIntraDataUnitParallelization (int cipher); - -#ifndef TC_WINDOWS_BOOT -const wchar_t * CipherGetName (int cipher); -#endif - -int CipherInit (int cipher, unsigned char *key, unsigned char *ks); -#ifndef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE -int EAInit (int ea, unsigned char *key, unsigned char *ks); -#else -int EAInit (unsigned char *key, unsigned char *ks); -#endif -BOOL EAInitMode (PCRYPTO_INFO ci); -void EncipherBlock(int cipher, void *data, void *ks); -void DecipherBlock(int cipher, void *data, void *ks); -#ifndef TC_WINDOWS_BOOT -void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount); -void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount); -#endif - -int EAGetFirst (); -int EAGetCount (void); -int EAGetNext (int previousEA); -#ifndef TC_WINDOWS_BOOT -wchar_t * EAGetName (wchar_t *buf, int ea, int guiDisplay); -int EAGetByName (wchar_t *name); -#endif -int EAGetKeySize (int ea); -int EAGetFirstMode (int ea); -int EAGetNextMode (int ea, int previousModeId); -#ifndef TC_WINDOWS_BOOT -wchar_t * EAGetModeName (int ea, int mode, BOOL capitalLetters); -#endif -int EAGetKeyScheduleSize (int ea); -int EAGetLargestKey (); -int EAGetLargestKeyForMode (int mode); - -int EAGetCipherCount (int ea); -int EAGetFirstCipher (int ea); -int EAGetLastCipher (int ea); -int EAGetNextCipher (int ea, int previousCipherId); -int EAGetPreviousCipher (int ea, int previousCipherId); -int EAIsFormatEnabled (int ea); -BOOL EAIsModeSupported (int ea, int testedMode); - - -#ifndef TC_WINDOWS_BOOT -const wchar_t *HashGetName (int hash_algo_id); - -Hash *HashGet (int id); -void HashGetName2 (wchar_t *buf, int hashId); -BOOL HashIsDeprecated (int hashId); -BOOL HashForSystemEncryption (int hashId); -int GetMaxPkcs5OutSize (void); -#endif - - -void EncryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci); -void EncryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci); -void DecryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci); -void DecryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci); -void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo); -void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo); - -BOOL IsAesHwCpuSupported (); -void EnableHwEncryption (BOOL enable); -BOOL IsHwEncryptionEnabled (); - -#ifdef __cplusplus -} -#endif - -#endif /* CRYPTO_H */ +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +/* Update the following when adding a new cipher or EA: + + Crypto.h: + ID #define + MAX_EXPANDED_KEY #define + + Crypto.c: + Ciphers[] + EncryptionAlgorithms[] + CipherInit() + EncipherBlock() + DecipherBlock() + +*/ + +#ifndef CRYPTO_H +#define CRYPTO_H + +#include "Tcdefs.h" + +#ifdef __cplusplus +extern "C" { +#endif + +// Encryption data unit size, which may differ from the sector size and must always be 512 +#define ENCRYPTION_DATA_UNIT_SIZE 512 + +// Size of the salt (in bytes) +#define PKCS5_SALT_SIZE 64 + +// Size of the volume header area containing concatenated master key(s) and secondary key(s) (XTS mode) +#define MASTER_KEYDATA_SIZE 256 + +// The first PRF to try when mounting +#define FIRST_PRF_ID 1 + +// Hash algorithms (pseudorandom functions). +enum +{ + SHA512 = FIRST_PRF_ID, + WHIRLPOOL, + SHA256, + RIPEMD160, + HASH_ENUM_END_ID +}; + +// The last PRF to try when mounting and also the number of implemented PRFs +#define LAST_PRF_ID (HASH_ENUM_END_ID - 1) + +#define RIPEMD160_BLOCKSIZE 64 +#define RIPEMD160_DIGESTSIZE 20 + +#define SHA256_BLOCKSIZE 64 +#define SHA256_DIGESTSIZE 32 + +#define SHA512_BLOCKSIZE 128 +#define SHA512_DIGESTSIZE 64 + +#define WHIRLPOOL_BLOCKSIZE 64 +#define WHIRLPOOL_DIGESTSIZE 64 + +#define MAX_DIGESTSIZE WHIRLPOOL_DIGESTSIZE + +#define DEFAULT_HASH_ALGORITHM FIRST_PRF_ID +#define DEFAULT_HASH_ALGORITHM_BOOT SHA256 + +// The mode of operation used for newly created volumes and first to try when mounting +#define FIRST_MODE_OF_OPERATION_ID 1 + +// Modes of operation +enum +{ + /* If you add/remove a mode, update the following: GetMaxPkcs5OutSize(), EAInitMode() */ + + XTS = FIRST_MODE_OF_OPERATION_ID, + MODE_ENUM_END_ID +}; + + +// The last mode of operation to try when mounting and also the number of implemented modes +#define LAST_MODE_OF_OPERATION (MODE_ENUM_END_ID - 1) + +// Ciphertext/plaintext block size for XTS mode (in bytes) +#define BYTES_PER_XTS_BLOCK 16 + +// Number of ciphertext/plaintext blocks per XTS data unit +#define BLOCKS_PER_XTS_DATA_UNIT (ENCRYPTION_DATA_UNIT_SIZE / BYTES_PER_XTS_BLOCK) + + +// Cipher IDs +enum +{ + NONE = 0, + AES, + SERPENT, + TWOFISH +}; + +typedef struct +{ + int Id; // Cipher ID +#ifdef TC_WINDOWS_BOOT + char *Name; // Name +#else + wchar_t *Name; // Name +#endif + int BlockSize; // Block size (bytes) + int KeySize; // Key size (bytes) + int KeyScheduleSize; // Scheduled key size (bytes) +} Cipher; + +typedef struct +{ + int Ciphers[4]; // Null terminated array of ciphers used by encryption algorithm + int Modes[LAST_MODE_OF_OPERATION + 1]; // Null terminated array of modes of operation + int FormatEnabled; +} EncryptionAlgorithm; + +#ifndef TC_WINDOWS_BOOT +typedef struct +{ + int Id; // Hash ID + wchar_t *Name; // Name + BOOL Deprecated; + BOOL SystemEncryption; // Available for system encryption +} Hash; +#endif + +// Maxium length of scheduled key +#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_AES) +# define AES_KS (sizeof(aes_encrypt_ctx) + sizeof(aes_decrypt_ctx)) +#else +# define AES_KS (sizeof(aes_context)) +#endif +#define SERPENT_KS (140 * 4) + +#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + +# ifdef TC_WINDOWS_BOOT_AES +# define MAX_EXPANDED_KEY AES_KS +# elif defined (TC_WINDOWS_BOOT_SERPENT) +# define MAX_EXPANDED_KEY SERPENT_KS +# elif defined (TC_WINDOWS_BOOT_TWOFISH) +# define MAX_EXPANDED_KEY TWOFISH_KS +# endif + +#else + +#define MAX_EXPANDED_KEY (AES_KS + SERPENT_KS + TWOFISH_KS) + +#endif + +#ifdef DEBUG +# define PRAND_DISK_WIPE_PASSES 3 +#else +# define PRAND_DISK_WIPE_PASSES 256 +#endif + +/* specific value for volume header wipe used only when drive is fully wiped. */ +#define PRAND_HEADER_WIPE_PASSES 3 + +#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_AES) +# include "Aes.h" +#else +# include "AesSmall.h" +#endif + +#include "Aes_hw_cpu.h" +#include "Serpent.h" +#include "Twofish.h" + +#include "Rmd160.h" +#ifndef TC_WINDOWS_BOOT +# include "Sha2.h" +# include "Whirlpool.h" +#endif + +#include "GfMul.h" +#include "Password.h" + +#ifndef TC_WINDOWS_BOOT + +#include "config.h" + +typedef struct keyInfo_t +{ + int noIterations; /* Number of times to iterate (PKCS-5) */ + int keyLength; /* Length of the key */ + uint64 dummy; /* Dummy field to ensure 16-byte alignment of this structure */ + __int8 salt[PKCS5_SALT_SIZE]; /* PKCS-5 salt */ + __int8 master_keydata[MASTER_KEYDATA_SIZE]; /* Concatenated master primary and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */ + CRYPTOPP_ALIGN_DATA(16) __int8 userKey[MAX_PASSWORD]; /* Password (to which keyfiles may have been applied). WITHOUT +1 for the null terminator. */ +} KEY_INFO, *PKEY_INFO; + +#endif + +typedef struct CRYPTO_INFO_t +{ + int ea; /* Encryption algorithm ID */ + int mode; /* Mode of operation (e.g., XTS) */ + int pkcs5; /* PRF algorithm */ + + unsigned __int8 ks[MAX_EXPANDED_KEY]; /* Primary key schedule (if it is a cascade, it conatins multiple concatenated keys) */ + unsigned __int8 ks2[MAX_EXPANDED_KEY]; /* Secondary key schedule (if cascade, multiple concatenated) for XTS mode. */ + + BOOL hiddenVolume; // Indicates whether the volume is mounted/mountable as hidden volume + +#ifndef TC_WINDOWS_BOOT + uint16 HeaderVersion; + + GfCtx gf_ctx; + + unsigned __int8 master_keydata[MASTER_KEYDATA_SIZE]; /* This holds the volume header area containing concatenated master key(s) and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */ + unsigned __int8 k2[MASTER_KEYDATA_SIZE]; /* For XTS, this contains the secondary key (if cascade, multiple concatenated). For LRW (deprecated/legacy), it contains the tweak key. For CBC (deprecated/legacy), it contains the IV seed. */ + unsigned __int8 salt[PKCS5_SALT_SIZE]; + int noIterations; + BOOL bTrueCryptMode; + int volumePim; + + uint64 volume_creation_time; // Legacy + uint64 header_creation_time; // Legacy + + BOOL bProtectHiddenVolume; // Indicates whether the volume contains a hidden volume to be protected against overwriting + BOOL bHiddenVolProtectionAction; // TRUE if a write operation has been denied by the driver in order to prevent the hidden volume from being overwritten (set to FALSE upon volume mount). + + uint64 volDataAreaOffset; // Absolute position, in bytes, of the first data sector of the volume. + + uint64 hiddenVolumeSize; // Size of the hidden volume excluding the header (in bytes). Set to 0 for standard volumes. + uint64 hiddenVolumeOffset; // Absolute position, in bytes, of the first hidden volume data sector within the host volume (provided that there is a hidden volume within). This must be set for all hidden volumes; in case of a normal volume, this variable is only used when protecting a hidden volume within it. + uint64 hiddenVolumeProtectedSize; + + BOOL bPartitionInInactiveSysEncScope; // If TRUE, the volume is a partition located on an encrypted system drive and mounted without pre-boot authentication. + + UINT64_STRUCT FirstDataUnitNo; // First data unit number of the volume. This is 0 for file-hosted and non-system partition-hosted volumes. For partitions within key scope of system encryption this reflects real physical offset within the device (this is used e.g. when such a partition is mounted as a regular volume without pre-boot authentication). + + uint16 RequiredProgramVersion; + BOOL LegacyVolume; + + uint32 SectorSize; + +#endif // !TC_WINDOWS_BOOT + + UINT64_STRUCT VolumeSize; + + UINT64_STRUCT EncryptedAreaStart; + UINT64_STRUCT EncryptedAreaLength; + + uint32 HeaderFlags; + +} CRYPTO_INFO, *PCRYPTO_INFO; + +#ifdef _WIN32 + +#pragma pack (push) +#pragma pack(1) + +typedef struct BOOT_CRYPTO_HEADER_t +{ + __int16 ea; /* Encryption algorithm ID */ + __int16 mode; /* Mode of operation (e.g., XTS) */ + __int16 pkcs5; /* PRF algorithm */ + +} BOOT_CRYPTO_HEADER, *PBOOT_CRYPTO_HEADER; + +#pragma pack (pop) + +#endif + +PCRYPTO_INFO crypto_open (void); +#ifndef TC_WINDOWS_BOOT +void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen); +#endif +void crypto_close (PCRYPTO_INFO cryptoInfo); + +int CipherGetBlockSize (int cipher); +int CipherGetKeySize (int cipher); +int CipherGetKeyScheduleSize (int cipher); +BOOL CipherSupportsIntraDataUnitParallelization (int cipher); + +#ifndef TC_WINDOWS_BOOT +const wchar_t * CipherGetName (int cipher); +#endif + +int CipherInit (int cipher, unsigned char *key, unsigned char *ks); +#ifndef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE +int EAInit (int ea, unsigned char *key, unsigned char *ks); +#else +int EAInit (unsigned char *key, unsigned char *ks); +#endif +BOOL EAInitMode (PCRYPTO_INFO ci); +void EncipherBlock(int cipher, void *data, void *ks); +void DecipherBlock(int cipher, void *data, void *ks); +#ifndef TC_WINDOWS_BOOT +void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount); +void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount); +#endif + +int EAGetFirst (); +int EAGetCount (void); +int EAGetNext (int previousEA); +#ifndef TC_WINDOWS_BOOT +wchar_t * EAGetName (wchar_t *buf, int ea, int guiDisplay); +int EAGetByName (wchar_t *name); +#endif +int EAGetKeySize (int ea); +int EAGetFirstMode (int ea); +int EAGetNextMode (int ea, int previousModeId); +#ifndef TC_WINDOWS_BOOT +wchar_t * EAGetModeName (int ea, int mode, BOOL capitalLetters); +#endif +int EAGetKeyScheduleSize (int ea); +int EAGetLargestKey (); +int EAGetLargestKeyForMode (int mode); + +int EAGetCipherCount (int ea); +int EAGetFirstCipher (int ea); +int EAGetLastCipher (int ea); +int EAGetNextCipher (int ea, int previousCipherId); +int EAGetPreviousCipher (int ea, int previousCipherId); +int EAIsFormatEnabled (int ea); +BOOL EAIsModeSupported (int ea, int testedMode); + + +#ifndef TC_WINDOWS_BOOT +const wchar_t *HashGetName (int hash_algo_id); + +Hash *HashGet (int id); +void HashGetName2 (wchar_t *buf, int hashId); +BOOL HashIsDeprecated (int hashId); +BOOL HashForSystemEncryption (int hashId); +int GetMaxPkcs5OutSize (void); +#endif + + +void EncryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci); +void EncryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci); +void DecryptDataUnits (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, uint32 nbrUnits, PCRYPTO_INFO ci); +void DecryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci); +void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo); +void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo); + +BOOL IsAesHwCpuSupported (); +void EnableHwEncryption (BOOL enable); +BOOL IsHwEncryptionEnabled (); + +#ifdef __cplusplus +} +#endif + +#endif /* CRYPTO_H */ diff --git a/src/Common/Dictionary.c b/src/Common/Dictionary.c index 41f447c2..34741951 100644 --- a/src/Common/Dictionary.c +++ b/src/Common/Dictionary.c @@ -1,88 +1,88 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "../Common/Dictionary.h" -#include -#include -#include - -using namespace std; - -static map StringKeyMap; -static map IntKeyMap; - -static void *DataPool = NULL; -static size_t DataPoolSize = 0; - - -void AddDictionaryEntry (char *key, int intKey, void *value) -{ - try - { - if (key) - StringKeyMap[key] = value; - - if (intKey != 0) - IntKeyMap[intKey] = value; - } - catch (exception&) {} -} - - -void *GetDictionaryValue (const char *key) -{ - map ::const_iterator i = StringKeyMap.find (key); - - if (i == StringKeyMap.end()) - return NULL; - - return i->second; -} - - -void *GetDictionaryValueByInt (int intKey) -{ - map ::const_iterator i = IntKeyMap.find (intKey); - - if (i == IntKeyMap.end()) - return NULL; - - return i->second; -} - - -void *AddPoolData (void *data, size_t dataSize) -{ - if (DataPoolSize + dataSize > DATA_POOL_CAPACITY) return NULL; - - if (DataPool == NULL) - { - DataPool = malloc (DATA_POOL_CAPACITY); - if (DataPool == NULL) return NULL; - } - - memcpy ((BYTE *)DataPool + DataPoolSize, data, dataSize); - - // Ensure 32-bit alignment for next entries - dataSize = (dataSize + 3) & (~(size_t)3); - - DataPoolSize += dataSize; - return (BYTE *)DataPool + DataPoolSize - dataSize; -} - - -void ClearDictionaryPool () -{ - DataPoolSize = 0; - StringKeyMap.clear(); - IntKeyMap.clear(); +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "../Common/Dictionary.h" +#include +#include +#include + +using namespace std; + +static map StringKeyMap; +static map IntKeyMap; + +static void *DataPool = NULL; +static size_t DataPoolSize = 0; + + +void AddDictionaryEntry (char *key, int intKey, void *value) +{ + try + { + if (key) + StringKeyMap[key] = value; + + if (intKey != 0) + IntKeyMap[intKey] = value; + } + catch (exception&) {} +} + + +void *GetDictionaryValue (const char *key) +{ + map ::const_iterator i = StringKeyMap.find (key); + + if (i == StringKeyMap.end()) + return NULL; + + return i->second; +} + + +void *GetDictionaryValueByInt (int intKey) +{ + map ::const_iterator i = IntKeyMap.find (intKey); + + if (i == IntKeyMap.end()) + return NULL; + + return i->second; +} + + +void *AddPoolData (void *data, size_t dataSize) +{ + if (DataPoolSize + dataSize > DATA_POOL_CAPACITY) return NULL; + + if (DataPool == NULL) + { + DataPool = malloc (DATA_POOL_CAPACITY); + if (DataPool == NULL) return NULL; + } + + memcpy ((BYTE *)DataPool + DataPoolSize, data, dataSize); + + // Ensure 32-bit alignment for next entries + dataSize = (dataSize + 3) & (~(size_t)3); + + DataPoolSize += dataSize; + return (BYTE *)DataPool + DataPoolSize - dataSize; +} + + +void ClearDictionaryPool () +{ + DataPoolSize = 0; + StringKeyMap.clear(); + IntKeyMap.clear(); } \ No newline at end of file diff --git a/src/Common/Dictionary.h b/src/Common/Dictionary.h index 5a4d086d..0fa9c7ee 100644 --- a/src/Common/Dictionary.h +++ b/src/Common/Dictionary.h @@ -1,34 +1,34 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef DICTIONARY_H -#define DICTIONARY_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define DATA_POOL_CAPACITY 1000000 - -void AddDictionaryEntry (char *key, int intKey, void *value); -void *GetDictionaryValue (const char *key); -void *GetDictionaryValueByInt (int intKey); -void *AddPoolData (void *data, size_t dataSize); -void ClearDictionaryPool (); - -#ifdef __cplusplus -} -#endif - -#endif +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef DICTIONARY_H +#define DICTIONARY_H + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#define DATA_POOL_CAPACITY 1000000 + +void AddDictionaryEntry (char *key, int intKey, void *value); +void *GetDictionaryValue (const char *key); +void *GetDictionaryValueByInt (int intKey); +void *AddPoolData (void *data, size_t dataSize); +void ClearDictionaryPool (); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index 97dd5247..ef6a942f 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -1,11890 +1,11890 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "Resource.h" - -#include "Platform/Finally.h" -#include "Platform/ForEach.h" -#include "Apidrvr.h" -#include "BootEncryption.h" -#include "Combo.h" -#include "Crc.h" -#include "Crypto.h" -#include "Dictionary.h" -#include "Dlgcode.h" -#include "EncryptionThreadPool.h" -#include "Endian.h" -#include "Format/Inplace.h" -#include "Language.h" -#include "Keyfiles.h" -#include "Pkcs5.h" -#include "Random.h" -#include "Registry.h" -#include "SecurityToken.h" -#include "Tests.h" -#include "Volumes.h" -#include "Wipe.h" -#include "Xml.h" -#include "Xts.h" -#include "Boot/Windows/BootCommon.h" -#include "Progress.h" - -#ifdef TCMOUNT -#include "Mount/Mount.h" -#include "Mount/resource.h" -#endif - -#ifdef VOLFORMAT -#include "Format/Tcformat.h" -#endif - -#ifdef SETUP -#include "Setup/Setup.h" -#endif - -#include - -using namespace VeraCrypt; - -LONG DriverVersion; - -char *LastDialogId; -wchar_t szHelpFile[TC_MAX_PATH]; -wchar_t szHelpFile2[TC_MAX_PATH]; -wchar_t SecurityTokenLibraryPath[TC_MAX_PATH]; - -HFONT hFixedDigitFont = NULL; -HFONT hBoldFont = NULL; -HFONT hTitleFont = NULL; -HFONT hFixedFont = NULL; - -HFONT hUserFont = NULL; -HFONT hUserUnderlineFont = NULL; -HFONT hUserBoldFont = NULL; -HFONT hUserUnderlineBoldFont = NULL; - -HFONT WindowTitleBarFont; - -WCHAR EditPasswordChar = 0; - -int ScreenDPI = USER_DEFAULT_SCREEN_DPI; -double DPIScaleFactorX = 1; -double DPIScaleFactorY = 1; -double DlgAspectRatio = 1; - -HWND MainDlg = NULL; -wchar_t *lpszTitle = NULL; - -BOOL Silent = FALSE; -BOOL bPreserveTimestamp = TRUE; -BOOL bShowDisconnectedNetworkDrives = FALSE; -BOOL bHideWaitingDialog = FALSE; -BOOL bCmdHideWaitingDialog = FALSE; -BOOL bCmdHideWaitingDialogValid = FALSE; -BOOL bStartOnLogon = FALSE; -BOOL bMountDevicesOnLogon = FALSE; -BOOL bMountFavoritesOnLogon = FALSE; - -BOOL bHistory = FALSE; - -// Status of detection of hidden sectors (whole-system-drive encryption). -// 0 - Unknown/undetermined/completed, 1: Detection is or was in progress (but did not complete e.g. due to system crash). -int HiddenSectorDetectionStatus = 0; - -OSVersionEnum nCurrentOS = WIN_UNKNOWN; -int CurrentOSMajor = 0; -int CurrentOSMinor = 0; -int CurrentOSServicePack = 0; -BOOL RemoteSession = FALSE; -BOOL UacElevated = FALSE; - -BOOL bPortableModeConfirmed = FALSE; // TRUE if it is certain that the instance is running in portable mode - -BOOL bInPlaceEncNonSysPending = FALSE; // TRUE if the non-system in-place encryption config file indicates that one or more partitions are scheduled to be encrypted. This flag is set only when config files are loaded during app startup. - -/* Globals used by Mount and Format (separately per instance) */ -BOOL PimEnable = FALSE; -BOOL KeyFilesEnable = FALSE; -KeyFile *FirstKeyFile = NULL; -KeyFilesDlgParam defaultKeyFilesParam; - -BOOL IgnoreWmDeviceChange = FALSE; -BOOL DeviceChangeBroadcastDisabled = FALSE; -BOOL LastMountedVolumeDirty; -BOOL MountVolumesAsSystemFavorite = FALSE; -BOOL FavoriteMountOnArrivalInProgress = FALSE; -BOOL MultipleMountOperationInProgress = FALSE; - -BOOL WaitDialogDisplaying = FALSE; - -/* Handle to the device driver */ -HANDLE hDriver = INVALID_HANDLE_VALUE; - -/* This mutex is used to prevent multiple instances of the wizard or main app from dealing with system encryption */ -volatile HANDLE hSysEncMutex = NULL; - -/* This mutex is used for non-system in-place encryption but only for informative (non-blocking) purposes, -such as whether an app should prompt the user whether to resume scheduled process. */ -volatile HANDLE hNonSysInplaceEncMutex = NULL; - -/* This mutex is used to prevent multiple instances of the wizard or main app from trying to install or -register the driver or from trying to launch it in portable mode at the same time. */ -volatile HANDLE hDriverSetupMutex = NULL; - -/* This mutex is used to prevent users from running the main TrueCrypt app or the wizard while an instance -of the TrueCrypt installer is running (which is also useful for enforcing restart before the apps can be used). */ -volatile HANDLE hAppSetupMutex = NULL; - -/* Critical section used to protect access to global variables used in WNetGetConnection calls */ -CRITICAL_SECTION csWNetCalls; - -HINSTANCE hInst = NULL; -HCURSOR hCursor = NULL; - -ATOM hDlgClass, hSplashClass; - -/* This value may changed only by calling ChangeSystemEncryptionStatus(). Only the wizard can change it -(others may still read it though). */ -int SystemEncryptionStatus = SYSENC_STATUS_NONE; - -/* Only the wizard can change this value (others may only read it). */ -WipeAlgorithmId nWipeMode = TC_WIPE_NONE; - -BOOL bSysPartitionSelected = FALSE; /* TRUE if the user selected the system partition via the Select Device dialog */ -BOOL bSysDriveSelected = FALSE; /* TRUE if the user selected the system drive via the Select Device dialog */ - -/* To populate these arrays, call GetSysDevicePaths(). If they contain valid paths, bCachedSysDevicePathsValid is TRUE. */ -wchar_t SysPartitionDevicePath [TC_MAX_PATH]; -wchar_t SysDriveDevicePath [TC_MAX_PATH]; -wstring ExtraBootPartitionDevicePath; -char bCachedSysDevicePathsValid = FALSE; - -BOOL bHyperLinkBeingTracked = FALSE; - -int WrongPwdRetryCounter = 0; - -static FILE *ConfigFileHandle; -char *ConfigBuffer; - -BOOL SystemFileSelectorCallPending = FALSE; -DWORD SystemFileSelectorCallerThreadId; - -#define RANDPOOL_DISPLAY_REFRESH_INTERVAL 30 -#define RANDPOOL_DISPLAY_ROWS 16 -#define RANDPOOL_DISPLAY_COLUMNS 20 - -HMODULE hRichEditDll = NULL; -HMODULE hComctl32Dll = NULL; -HMODULE hSetupDll = NULL; -HMODULE hShlwapiDll = NULL; -HMODULE hProfApiDll = NULL; -HMODULE hUsp10Dll = NULL; -HMODULE hCryptSpDll = NULL; -HMODULE hUXThemeDll = NULL; -HMODULE hUserenvDll = NULL; -HMODULE hRsaenhDll = NULL; -HMODULE himm32dll = NULL; -HMODULE hMSCTFdll = NULL; -HMODULE hfltlibdll = NULL; -HMODULE hframedyndll = NULL; -HMODULE hpsapidll = NULL; -HMODULE hsecur32dll = NULL; -HMODULE hnetapi32dll = NULL; -HMODULE hauthzdll = NULL; -HMODULE hxmllitedll = NULL; -HMODULE hmprdll = NULL; -HMODULE hsppdll = NULL; -HMODULE vssapidll = NULL; -HMODULE hvsstracedll = NULL; -HMODULE hcfgmgr32dll = NULL; -HMODULE hdevobjdll = NULL; -HMODULE hpowrprofdll = NULL; -HMODULE hsspiclidll = NULL; -HMODULE hcryptbasedll = NULL; -HMODULE hdwmapidll = NULL; -HMODULE hmsasn1dll = NULL; -HMODULE hcrypt32dll = NULL; -HMODULE hbcryptdll = NULL; -HMODULE hbcryptprimitivesdll = NULL; -HMODULE hMsls31 = NULL; -HMODULE hntmartadll = NULL; -HMODULE hwinscarddll = NULL; - -#define FREE_DLL(h) if (h) { FreeLibrary (h); h = NULL;} - -typedef void (WINAPI *InitCommonControlsPtr)(void); -typedef HIMAGELIST (WINAPI *ImageList_CreatePtr)(int cx, int cy, UINT flags, int cInitial, int cGrow); -typedef int (WINAPI *ImageList_AddPtr)(HIMAGELIST himl, HBITMAP hbmImage, HBITMAP hbmMask); - -typedef VOID (WINAPI *SetupCloseInfFilePtr)(HINF InfHandle); -typedef HKEY (WINAPI *SetupDiOpenClassRegKeyPtr)(CONST GUID *ClassGuid,REGSAM samDesired); -typedef BOOL (WINAPI *SetupInstallFromInfSectionWPtr)(HWND,HINF,PCWSTR,UINT,HKEY,PCWSTR,UINT,PSP_FILE_CALLBACK_W,PVOID,HDEVINFO,PSP_DEVINFO_DATA); -typedef HINF (WINAPI *SetupOpenInfFileWPtr)(PCWSTR FileName,PCWSTR InfClass,DWORD InfStyle,PUINT ErrorLine); - -typedef LSTATUS (STDAPICALLTYPE *SHDeleteKeyWPtr)(HKEY hkey, LPCWSTR pszSubKey); - -typedef HRESULT (STDAPICALLTYPE *SHStrDupWPtr)(LPCWSTR psz, LPWSTR *ppwsz); - -// ChangeWindowMessageFilter -typedef BOOL (WINAPI *ChangeWindowMessageFilterPtr) (UINT, DWORD); - -ImageList_CreatePtr ImageList_CreateFn = NULL; -ImageList_AddPtr ImageList_AddFn = NULL; - -SetupCloseInfFilePtr SetupCloseInfFileFn = NULL; -SetupDiOpenClassRegKeyPtr SetupDiOpenClassRegKeyFn = NULL; -SetupInstallFromInfSectionWPtr SetupInstallFromInfSectionWFn = NULL; -SetupOpenInfFileWPtr SetupOpenInfFileWFn = NULL; -SHDeleteKeyWPtr SHDeleteKeyWFn = NULL; -SHStrDupWPtr SHStrDupWFn = NULL; -ChangeWindowMessageFilterPtr ChangeWindowMessageFilterFn = NULL; - -/* Windows dialog class */ -#define WINDOWS_DIALOG_CLASS L"#32770" - -/* Custom class names */ -#define TC_DLG_CLASS L"VeraCryptCustomDlg" -#define TC_SPLASH_CLASS L"VeraCryptSplashDlg" - -/* constant used by ChangeWindowMessageFilter calls */ -#ifndef MSGFLT_ADD -#define MSGFLT_ADD 1 -#endif - -/* undocumented message sent during drag-n-drop */ -#ifndef WM_COPYGLOBALDATA -#define WM_COPYGLOBALDATA 0x0049 -#endif - -/* Benchmarks */ - -#ifndef SETUP - -#define BENCHMARK_MAX_ITEMS 100 -#define BENCHMARK_DEFAULT_BUF_SIZE BYTES_PER_MB -#define HASH_FNC_BENCHMARKS FALSE // For development purposes only. Must be FALSE when building a public release. -#define PKCS5_BENCHMARKS FALSE // For development purposes only. Must be FALSE when building a public release. -#if PKCS5_BENCHMARKS && HASH_FNC_BENCHMARKS -#error PKCS5_BENCHMARKS and HASH_FNC_BENCHMARKS are both TRUE (at least one of them should be FALSE). -#endif - -enum -{ - BENCHMARK_SORT_BY_NAME = 0, - BENCHMARK_SORT_BY_SPEED -}; - -typedef struct -{ - int id; - wchar_t name[100]; - unsigned __int64 encSpeed; - unsigned __int64 decSpeed; - unsigned __int64 meanBytesPerSec; -} BENCHMARK_REC; - -BENCHMARK_REC benchmarkTable [BENCHMARK_MAX_ITEMS]; -int benchmarkTotalItems = 0; -int benchmarkBufferSize = BENCHMARK_DEFAULT_BUF_SIZE; -int benchmarkLastBufferSize = BENCHMARK_DEFAULT_BUF_SIZE; -int benchmarkSortMethod = BENCHMARK_SORT_BY_SPEED; -LARGE_INTEGER benchmarkPerformanceFrequency; - -#endif // #ifndef SETUP - - -typedef struct -{ - void *strings; - BOOL bold; - -} MULTI_CHOICE_DLGPROC_PARAMS; - - -void cleanup () -{ - /* Cleanup the GDI fonts */ - if (hFixedFont != NULL) - DeleteObject (hFixedFont); - if (hFixedDigitFont != NULL) - DeleteObject (hFixedDigitFont); - if (hBoldFont != NULL) - DeleteObject (hBoldFont); - if (hTitleFont != NULL) - DeleteObject (hTitleFont); - if (hUserFont != NULL) - DeleteObject (hUserFont); - if (hUserUnderlineFont != NULL) - DeleteObject (hUserUnderlineFont); - if (hUserBoldFont != NULL) - DeleteObject (hUserBoldFont); - if (hUserUnderlineBoldFont != NULL) - DeleteObject (hUserUnderlineBoldFont); - - /* Cleanup our dialog class */ - if (hDlgClass) - UnregisterClassW (TC_DLG_CLASS, hInst); - if (hSplashClass) - UnregisterClassW (TC_SPLASH_CLASS, hInst); - - /* Close the device driver handle */ - if (hDriver != INVALID_HANDLE_VALUE) - { - // Unload driver mode if possible (non-install mode) - if (IsNonInstallMode ()) - { - // If a dismount was forced in the lifetime of the driver, Windows may later prevent it to be loaded again from - // the same path. Therefore, the driver will not be unloaded even though it was loaded in non-install mode. - int driverUnloadDisabled; - DWORD dwResult; - - if (!DeviceIoControl (hDriver, TC_IOCTL_IS_DRIVER_UNLOAD_DISABLED, NULL, 0, &driverUnloadDisabled, sizeof (driverUnloadDisabled), &dwResult, NULL)) - driverUnloadDisabled = 0; - - if (!driverUnloadDisabled) - DriverUnload (); - else - { - CloseHandle (hDriver); - hDriver = INVALID_HANDLE_VALUE; - } - } - else - { - CloseHandle (hDriver); - hDriver = INVALID_HANDLE_VALUE; - } - } - - if (ConfigBuffer != NULL) - { - free (ConfigBuffer); - ConfigBuffer = NULL; - } - - CoUninitialize (); - - CloseSysEncMutex (); - -#ifndef SETUP - try - { - if (SecurityToken::IsInitialized()) - SecurityToken::CloseLibrary(); - } - catch (...) { } - - EncryptionThreadPoolStop(); -#endif - - DeleteCriticalSection (&csWNetCalls); -} - - -void LowerCaseCopy (wchar_t *lpszDest, const wchar_t *lpszSource) -{ - size_t i = wcslen (lpszSource) + 1; - - lpszDest[i - 1] = 0; - while (--i > 0) - { - lpszDest[i - 1] = (wchar_t) towlower (lpszSource[i - 1]); - } - -} - -void UpperCaseCopy (wchar_t *lpszDest, size_t cbDest, const wchar_t *lpszSource) -{ - if (lpszDest && cbDest) - { - size_t i = wcslen (lpszSource); - if (i >= cbDest) - i = cbDest - 1; - - lpszDest[i] = 0; - i++; - while (--i > 0) - { - lpszDest[i - 1] = (wchar_t) towupper (lpszSource[i - 1]); - } - } -} - - -std::wstring ToUpperCase (const std::wstring &str) -{ - wstring u; - foreach (wchar_t c, str) - { - u += (wchar_t) towupper (c); - } - - return u; -} - -size_t TrimWhiteSpace(wchar_t *str) -{ - wchar_t *end, *ptr = str; - size_t out_size; - - if(!str || *str == 0) - return 0; - - // Trim leading space - while(iswspace(*ptr)) ptr++; - - if(*ptr == 0) // All spaces? - { - *str = 0; - return 0; - } - - // Trim trailing space - end = str + wcslen(str) - 1; - while(end > ptr && iswspace(*end)) end--; - end++; - - // Set output size to trimmed string length - out_size = (end - ptr); - - // Copy trimmed string and add null terminator - wmemmove(str, ptr, out_size); - str[out_size] = 0; - - return out_size; -} - -// check the validity of a file name -BOOL IsValidFileName(const wchar_t* str) -{ - static wchar_t invalidChars[9] = {L'<', L'>', L':', L'"', L'/', L'\\', L'|', L'?', L'*'}; - wchar_t c; - int i; - BOOL bNotDotOnly = FALSE; - while ((c = *str)) - { - if (c != L'.') - bNotDotOnly = TRUE; - for (i= 0; i < ARRAYSIZE(invalidChars); i++) - if (c == invalidChars[i]) - return FALSE; - str++; - } - - return bNotDotOnly; -} - -BOOL IsVolumeDeviceHosted (const wchar_t *lpszDiskFile) -{ - return wcsstr (lpszDiskFile, L"\\Device\\") == lpszDiskFile - || wcsstr (lpszDiskFile, L"\\DEVICE\\") == lpszDiskFile; -} - - -void CreateFullVolumePath (wchar_t *lpszDiskFile, size_t cbDiskFile, const wchar_t *lpszFileName, BOOL * bDevice) -{ - UpperCaseCopy (lpszDiskFile, cbDiskFile, lpszFileName); - - *bDevice = FALSE; - - if (wmemcmp (lpszDiskFile, L"\\DEVICE", 7) == 0) - { - *bDevice = TRUE; - } - - StringCbCopyW (lpszDiskFile, cbDiskFile, lpszFileName); - -#if _DEBUG - OutputDebugString (L"CreateFullVolumePath: "); - OutputDebugString (lpszDiskFile); - OutputDebugString (L"\n"); -#endif - -} - -int FakeDosNameForDevice (const wchar_t *lpszDiskFile , wchar_t *lpszDosDevice , size_t cbDosDevice, wchar_t *lpszCFDevice , size_t cbCFDevice, BOOL bNameOnly) -{ - BOOL bDosLinkCreated = TRUE; - StringCbPrintfW (lpszDosDevice, cbDosDevice,L"veracrypt%lu", GetCurrentProcessId ()); - - if (bNameOnly == FALSE) - bDosLinkCreated = DefineDosDevice (DDD_RAW_TARGET_PATH, lpszDosDevice, lpszDiskFile); - - if (bDosLinkCreated == FALSE) - return ERR_OS_ERROR; - else - StringCbPrintfW (lpszCFDevice, cbCFDevice,L"\\\\.\\%s", lpszDosDevice); - - return 0; -} - -int RemoveFakeDosName (wchar_t *lpszDiskFile, wchar_t *lpszDosDevice) -{ - BOOL bDosLinkRemoved = DefineDosDevice (DDD_RAW_TARGET_PATH | DDD_EXACT_MATCH_ON_REMOVE | - DDD_REMOVE_DEFINITION, lpszDosDevice, lpszDiskFile); - if (bDosLinkRemoved == FALSE) - { - return ERR_OS_ERROR; - } - - return 0; -} - - -void AbortProcessDirect (wchar_t *abortMsg) -{ - // Note that this function also causes localcleanup() to be called (see atexit()) - MessageBeep (MB_ICONEXCLAMATION); - MessageBoxW (NULL, abortMsg, lpszTitle, ICON_HAND); - FREE_DLL (hRichEditDll); - FREE_DLL (hComctl32Dll); - FREE_DLL (hSetupDll); - FREE_DLL (hShlwapiDll); - FREE_DLL (hProfApiDll); - FREE_DLL (hUsp10Dll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hUXThemeDll); - FREE_DLL (hUserenvDll); - FREE_DLL (hRsaenhDll); - FREE_DLL (himm32dll); - FREE_DLL (hMSCTFdll); - FREE_DLL (hfltlibdll); - FREE_DLL (hframedyndll); - FREE_DLL (hpsapidll); - FREE_DLL (hsecur32dll); - FREE_DLL (hnetapi32dll); - FREE_DLL (hauthzdll); - FREE_DLL (hxmllitedll); - FREE_DLL (hmprdll); - FREE_DLL (hsppdll); - FREE_DLL (vssapidll); - FREE_DLL (hvsstracedll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hcfgmgr32dll); - FREE_DLL (hdevobjdll); - FREE_DLL (hpowrprofdll); - FREE_DLL (hsspiclidll); - FREE_DLL (hcryptbasedll); - FREE_DLL (hdwmapidll); - FREE_DLL (hmsasn1dll); - FREE_DLL (hcrypt32dll); - FREE_DLL (hbcryptdll); - FREE_DLL (hbcryptprimitivesdll); - FREE_DLL (hMsls31); - FREE_DLL (hntmartadll); - FREE_DLL (hwinscarddll); - - exit (1); -} - -void AbortProcess (char *stringId) -{ - // Note that this function also causes localcleanup() to be called (see atexit()) - AbortProcessDirect (GetString (stringId)); -} - -void AbortProcessSilent (void) -{ - FREE_DLL (hRichEditDll); - FREE_DLL (hComctl32Dll); - FREE_DLL (hSetupDll); - FREE_DLL (hShlwapiDll); - FREE_DLL (hProfApiDll); - FREE_DLL (hUsp10Dll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hUXThemeDll); - FREE_DLL (hUserenvDll); - FREE_DLL (hRsaenhDll); - FREE_DLL (himm32dll); - FREE_DLL (hMSCTFdll); - FREE_DLL (hfltlibdll); - FREE_DLL (hframedyndll); - FREE_DLL (hpsapidll); - FREE_DLL (hsecur32dll); - FREE_DLL (hnetapi32dll); - FREE_DLL (hauthzdll); - FREE_DLL (hxmllitedll); - FREE_DLL (hmprdll); - FREE_DLL (hsppdll); - FREE_DLL (vssapidll); - FREE_DLL (hvsstracedll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hcfgmgr32dll); - FREE_DLL (hdevobjdll); - FREE_DLL (hpowrprofdll); - FREE_DLL (hsspiclidll); - FREE_DLL (hcryptbasedll); - FREE_DLL (hdwmapidll); - FREE_DLL (hmsasn1dll); - FREE_DLL (hcrypt32dll); - FREE_DLL (hbcryptdll); - FREE_DLL (hbcryptprimitivesdll); - FREE_DLL (hMsls31); - FREE_DLL (hntmartadll); - FREE_DLL (hwinscarddll); - - // Note that this function also causes localcleanup() to be called (see atexit()) - exit (1); -} - - -#pragma warning(push) -#pragma warning(disable:4702) - -void *err_malloc (size_t size) -{ - void *z = (void *) TCalloc (size); - if (z) - return z; - AbortProcess ("OUTOFMEMORY"); - return 0; -} - -#pragma warning(pop) - - -char *err_strdup (char *lpszText) -{ - size_t j = (strlen (lpszText) + 1) * sizeof (char); - char *z = (char *) err_malloc (j); - memmove (z, lpszText, j); - return z; -} - - -BOOL IsDiskReadError (DWORD error) -{ - return (error == ERROR_CRC - || error == ERROR_IO_DEVICE - || error == ERROR_BAD_CLUSTERS - || error == ERROR_SECTOR_NOT_FOUND - || error == ERROR_READ_FAULT - || error == ERROR_INVALID_FUNCTION // I/O error may be reported as ERROR_INVALID_FUNCTION by buggy chipset drivers - || error == ERROR_SEM_TIMEOUT); // I/O operation timeout may be reported as ERROR_SEM_TIMEOUT -} - - -BOOL IsDiskWriteError (DWORD error) -{ - return (error == ERROR_IO_DEVICE - || error == ERROR_BAD_CLUSTERS - || error == ERROR_SECTOR_NOT_FOUND - || error == ERROR_WRITE_FAULT - || error == ERROR_INVALID_FUNCTION // I/O error may be reported as ERROR_INVALID_FUNCTION by buggy chipset drivers - || error == ERROR_SEM_TIMEOUT); // I/O operation timeout may be reported as ERROR_SEM_TIMEOUT -} - - -BOOL IsDiskError (DWORD error) -{ - return IsDiskReadError (error) || IsDiskWriteError (error); -} - - -DWORD handleWin32Error (HWND hwndDlg, const char* srcPos) -{ - PWSTR lpMsgBuf; - DWORD dwError = GetLastError (); - wchar_t szErrorValue[32]; - wchar_t* pszDesc; - - if (Silent || dwError == 0 || dwError == ERROR_INVALID_WINDOW_HANDLE) - return dwError; - - // Access denied - if (dwError == ERROR_ACCESS_DENIED && !IsAdmin ()) - { - ErrorDirect ( AppendSrcPos (GetString ("ERR_ACCESS_DENIED"), srcPos).c_str (), hwndDlg); - SetLastError (dwError); // Preserve the original error code - return dwError; - } - - FormatMessageW ( - FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, - NULL, - dwError, - MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT), /* Default language */ - (PWSTR) &lpMsgBuf, - 0, - NULL - ); - - if (lpMsgBuf) - pszDesc = (wchar_t*) lpMsgBuf; - else - { - StringCchPrintfW (szErrorValue, ARRAYSIZE (szErrorValue), L"Error 0x%.8X", dwError); - pszDesc = szErrorValue; - } - - MessageBoxW (hwndDlg, AppendSrcPos (pszDesc, srcPos).c_str (), lpszTitle, ICON_HAND); - if (lpMsgBuf) LocalFree (lpMsgBuf); - - // User-friendly hardware error explanation - if (IsDiskError (dwError)) - Error ("ERR_HARDWARE_ERROR", hwndDlg); - - // Device not ready - if (dwError == ERROR_NOT_READY) - HandleDriveNotReadyError(hwndDlg); - - SetLastError (dwError); // Preserve the original error code - - return dwError; -} - -BOOL translateWin32Error (wchar_t *lpszMsgBuf, int nWSizeOfBuf) -{ - DWORD dwError = GetLastError (); - - if (FormatMessageW (FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, dwError, - MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT), /* Default language */ - lpszMsgBuf, nWSizeOfBuf, NULL)) - { - SetLastError (dwError); // Preserve the original error code - return TRUE; - } - - SetLastError (dwError); // Preserve the original error code - return FALSE; -} - -// If the user has a non-default screen DPI, all absolute font sizes must be -// converted using this function. -int CompensateDPIFont (int val) -{ - if (ScreenDPI == USER_DEFAULT_SCREEN_DPI) - return val; - else - { - double tmpVal = (double) val * DPIScaleFactorY * DlgAspectRatio * 0.999; - - if (tmpVal > 0) - return (int) floor(tmpVal); - else - return (int) ceil(tmpVal); - } -} - - -// If the user has a non-default screen DPI, some screen coordinates and sizes must -// be converted using this function -int CompensateXDPI (int val) -{ - if (ScreenDPI == USER_DEFAULT_SCREEN_DPI) - return val; - else - { - double tmpVal = (double) val * DPIScaleFactorX; - - if (tmpVal > 0) - return (int) floor(tmpVal); - else - return (int) ceil(tmpVal); - } -} - - -// If the user has a non-default screen DPI, some screen coordinates and sizes must -// be converted using this function -int CompensateYDPI (int val) -{ - if (ScreenDPI == USER_DEFAULT_SCREEN_DPI) - return val; - else - { - double tmpVal = (double) val * DPIScaleFactorY; - - if (tmpVal > 0) - return (int) floor(tmpVal); - else - return (int) ceil(tmpVal); - } -} - - -int GetTextGfxWidth (HWND hwndDlgItem, const wchar_t *text, HFONT hFont) -{ - SIZE sizes; - TEXTMETRIC textMetrics; - HDC hdc = GetDC (hwndDlgItem); - - SelectObject(hdc, (HGDIOBJ) hFont); - - GetTextExtentPoint32W (hdc, text, (int) wcslen (text), &sizes); - - GetTextMetrics(hdc, &textMetrics); // Necessary for non-TrueType raster fonts (tmOverhang) - - ReleaseDC (hwndDlgItem, hdc); - - return ((int) sizes.cx - (int) textMetrics.tmOverhang); -} - - -int GetTextGfxHeight (HWND hwndDlgItem, const wchar_t *text, HFONT hFont) -{ - SIZE sizes; - HDC hdc = GetDC (hwndDlgItem); - - SelectObject(hdc, (HGDIOBJ) hFont); - - GetTextExtentPoint32W (hdc, text, (int) wcslen (text), &sizes); - - ReleaseDC (hwndDlgItem, hdc); - - return ((int) sizes.cy); -} - - -std::wstring FitPathInGfxWidth (HWND hwnd, HFONT hFont, LONG width, const std::wstring &path) -{ - wstring newPath; - - RECT rect; - rect.left = 0; - rect.top = 0; - rect.right = width; - rect.bottom = LONG_MAX; - - HDC hdc = GetDC (hwnd); - SelectObject (hdc, (HGDIOBJ) hFont); - - wchar_t pathBuf[TC_MAX_PATH]; - StringCchCopyW (pathBuf, ARRAYSIZE (pathBuf), path.c_str()); - - if (DrawText (hdc, pathBuf, (int) path.size(), &rect, DT_CALCRECT | DT_MODIFYSTRING | DT_PATH_ELLIPSIS | DT_SINGLELINE) != 0) - newPath = pathBuf; - - ReleaseDC (hwnd, hdc); - return newPath; -} - - -static LRESULT CALLBACK HyperlinkProc (HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam) -{ - WNDPROC wp = (WNDPROC) GetWindowLongPtrW (hwnd, GWLP_USERDATA); - - switch (message) - { - case WM_SETCURSOR: - if (!bHyperLinkBeingTracked) - { - TRACKMOUSEEVENT trackMouseEvent; - - trackMouseEvent.cbSize = sizeof(trackMouseEvent); - trackMouseEvent.dwFlags = TME_LEAVE; - trackMouseEvent.hwndTrack = hwnd; - - bHyperLinkBeingTracked = TrackMouseEvent(&trackMouseEvent); - - HandCursor(); - } - return 0; - - case WM_MOUSELEAVE: - bHyperLinkBeingTracked = FALSE; - NormalCursor(); - return 0; - } - - return CallWindowProcW (wp, hwnd, message, wParam, lParam); -} - - -BOOL ToHyperlink (HWND hwndDlg, UINT ctrlId) -{ - return ToCustHyperlink (hwndDlg, ctrlId, hUserUnderlineFont); -} - - -BOOL ToCustHyperlink (HWND hwndDlg, UINT ctrlId, HFONT hFont) -{ - HWND hwndCtrl = GetDlgItem (hwndDlg, ctrlId); - - SendMessageW (hwndCtrl, WM_SETFONT, (WPARAM) hFont, 0); - - SetWindowLongPtrW (hwndCtrl, GWLP_USERDATA, (LONG_PTR) GetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC)); - SetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC, (LONG_PTR) HyperlinkProc); - - // Resize the field according to its actual size in pixels and move it if centered or right-aligned. - // This should be done again if the link text changes. - AccommodateTextField (hwndDlg, ctrlId, TRUE, hFont); - - return TRUE; -} - - -// Resizes a text field according to its actual width and height in pixels (font size is taken into account) and moves -// it accordingly if the field is centered or right-aligned. Should be used on all hyperlinks upon dialog init -// after localization (bFirstUpdate should be TRUE) and later whenever a hyperlink text changes (bFirstUpdate -// must be FALSE). -void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT hFont) -{ - RECT rec, wrec, trec; - HWND hwndCtrl = GetDlgItem (hwndDlg, ctrlId); - int width, origWidth, height, origHeight; - int horizSubOffset, vertSubOffset, vertOffset, alignPosDiff = 0; - wchar_t text [MAX_URL_LENGTH]; - WINDOWINFO windowInfo; - BOOL bBorderlessWindow = !(GetWindowLongPtrW (hwndDlg, GWL_STYLE) & (WS_BORDER | WS_DLGFRAME)); - - // Resize the field according to its length and font size and move if centered or right-aligned - - GetWindowTextW (hwndCtrl, text, sizeof (text) / sizeof (wchar_t)); - - width = GetTextGfxWidth (hwndCtrl, text, hFont); - height = GetTextGfxHeight (hwndCtrl, text, hFont); - - GetClientRect (hwndCtrl, &rec); - origWidth = rec.right; - origHeight = rec.bottom; - - if (width >= 0 - && (!bFirstUpdate || origWidth > width)) // The original width of the field is the maximum allowed size - { - horizSubOffset = origWidth - width; - vertSubOffset = origHeight - height; - - // Window coords - GetWindowRect(hwndDlg, &wrec); - GetClientRect(hwndDlg, &trec); - - // Vertical "title bar" offset - vertOffset = wrec.bottom - wrec.top - trec.bottom - (bBorderlessWindow ? 0 : GetSystemMetrics(SM_CYFIXEDFRAME)); - - // Text field coords - GetWindowRect(hwndCtrl, &rec); - - // Alignment offset - windowInfo.cbSize = sizeof(windowInfo); - GetWindowInfo (hwndCtrl, &windowInfo); - - if (windowInfo.dwStyle & SS_CENTER) - alignPosDiff = horizSubOffset / 2; - else if (windowInfo.dwStyle & SS_RIGHT) - alignPosDiff = horizSubOffset; - - // Resize/move - if (alignPosDiff > 0) - { - // Resize and move the text field - MoveWindow (hwndCtrl, - rec.left - wrec.left - (bBorderlessWindow ? 0 : GetSystemMetrics(SM_CXFIXEDFRAME)) + alignPosDiff, - rec.top - wrec.top - vertOffset, - origWidth - horizSubOffset, - origHeight - vertSubOffset, - TRUE); - } - else - { - // Resize the text field - SetWindowPos (hwndCtrl, 0, 0, 0, - origWidth - horizSubOffset, - origHeight - vertSubOffset, - SWP_NOMOVE | SWP_NOZORDER); - } - - SetWindowPos (hwndCtrl, HWND_BOTTOM, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); - - InvalidateRect (hwndCtrl, NULL, TRUE); - } -} - -// Note that the user can still close the window by right-clicking its taskbar icon and selecting 'Close window', or by pressing Alt-F4, or using the Task Manager. -void DisableCloseButton (HWND hwndDlg) -{ - EnableMenuItem (GetSystemMenu (hwndDlg, FALSE), SC_CLOSE, MF_BYCOMMAND | MF_DISABLED | MF_GRAYED); -} - - -void EnableCloseButton (HWND hwndDlg) -{ - EnableMenuItem (GetSystemMenu (hwndDlg, FALSE), SC_CLOSE, MF_BYCOMMAND | MF_ENABLED); -} - -// Protects an input field from having its content updated by a Paste action (call ToBootPwdField() to use this). -static LRESULT CALLBACK BootPwdFieldProc (HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam) -{ - WNDPROC wp = (WNDPROC) GetWindowLongPtrW (hwnd, GWLP_USERDATA); - - switch (message) - { - case WM_PASTE: - return 1; - } - - return CallWindowProcW (wp, hwnd, message, wParam, lParam); -} - - -// Protects an input field from having its content updated by a Paste action. Used for pre-boot password -// input fields (only the US keyboard layout is supported in pre-boot environment so we must prevent the -// user from pasting a password typed using a non-US keyboard layout). -void ToBootPwdField (HWND hwndDlg, UINT ctrlId) -{ - HWND hwndCtrl = GetDlgItem (hwndDlg, ctrlId); - - SetWindowLongPtrW (hwndCtrl, GWLP_USERDATA, (LONG_PTR) GetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC)); - SetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC, (LONG_PTR) BootPwdFieldProc); -} - - - -// This function currently serves the following purposes: -// - Determines scaling factors for current screen DPI and GUI aspect ratio. -// - Determines how Windows skews the GUI aspect ratio (which happens when the user has a non-default DPI). -// The determined values must be used when performing some GUI operations and calculations. -BOOL CALLBACK AuxiliaryDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - switch (msg) - { - case WM_INITDIALOG: - { - HDC hDC = GetDC (hwndDlg); - - if (hDC) - { - ScreenDPI = GetDeviceCaps (hDC, LOGPIXELSY); - ReleaseDC (hwndDlg, hDC); - } - - DPIScaleFactorX = 1; - DPIScaleFactorY = 1; - DlgAspectRatio = 1; - - if (ScreenDPI != USER_DEFAULT_SCREEN_DPI) - { - // Windows skews the GUI aspect ratio if the user has a non-default DPI. Hence, working with - // actual screen DPI is redundant and leads to incorrect results. What really matters here is - // how Windows actually renders our GUI. This is determined by comparing the expected and current - // sizes of a hidden calibration text field. - - RECT trec; - - trec.right = 0; - trec.bottom = 0; - - GetClientRect (GetDlgItem (hwndDlg, IDC_ASPECT_RATIO_CALIBRATION_BOX), &trec); - - if (trec.right != 0 && trec.bottom != 0) - { - // The size of the 282x282 IDC_ASPECT_RATIO_CALIBRATION_BOX rendered at the default DPI (96) is 423x458 - DPIScaleFactorX = (double) trec.right / 423; - DPIScaleFactorY = (double) trec.bottom / 458; - DlgAspectRatio = DPIScaleFactorX / DPIScaleFactorY; - } - } - - EndDialog (hwndDlg, 0); - return 1; - } - - case WM_CLOSE: - EndDialog (hwndDlg, 0); - return 1; - } - - return 0; -} - - -/* Except in response to the WM_INITDIALOG message, the dialog box procedure - should return nonzero if it processes the message, and zero if it does - not. - see DialogProc */ -BOOL CALLBACK AboutDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - static HBITMAP hbmTextualLogoBitmapRescaled = NULL; - - switch (msg) - { - case WM_INITDIALOG: - { - wchar_t szTmp[100]; - RECT rec; - - LocalizeDialog (hwndDlg, "IDD_ABOUT_DLG"); - - // Hyperlink - SetWindowText (GetDlgItem (hwndDlg, IDC_HOMEPAGE), L"www.idrix.fr"); - ToHyperlink (hwndDlg, IDC_HOMEPAGE); - - // Logo area background (must not keep aspect ratio; must retain Windows-imposed distortion) - GetClientRect (GetDlgItem (hwndDlg, IDC_ABOUT_LOGO_AREA), &rec); - SetWindowPos (GetDlgItem (hwndDlg, IDC_ABOUT_BKG), HWND_TOP, 0, 0, rec.right, rec.bottom, SWP_NOMOVE); - - // Resize the logo bitmap if the user has a non-default DPI - if (ScreenDPI != USER_DEFAULT_SCREEN_DPI) - { - // Logo (must recreate and keep the original aspect ratio as Windows distorts it) - hbmTextualLogoBitmapRescaled = RenderBitmap (MAKEINTRESOURCE (IDB_TEXTUAL_LOGO_288DPI), - GetDlgItem (hwndDlg, IDC_TEXTUAL_LOGO_IMG), - 0, 0, 0, 0, FALSE, TRUE); - - SetWindowPos (GetDlgItem (hwndDlg, IDC_ABOUT_BKG), HWND_TOP, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); - } - - // Version - SendMessage (GetDlgItem (hwndDlg, IDT_ABOUT_VERSION), WM_SETFONT, (WPARAM) hUserBoldFont, 0); - StringCbPrintfW (szTmp, sizeof(szTmp), L"VeraCrypt %s", _T(VERSION_STRING)); -#ifdef _WIN64 - StringCbCatW (szTmp, sizeof(szTmp), L" (64-bit)"); -#else - StringCbCatW (szTmp, sizeof(szTmp), L" (32-bit)"); -#endif -#if (defined(_DEBUG) || defined(DEBUG)) - StringCbCatW (szTmp, sizeof(szTmp), L" (debug)"); -#endif - SetDlgItemText (hwndDlg, IDT_ABOUT_VERSION, szTmp); - SetDlgItemText (hwndDlg, IDT_ABOUT_RELEASE, TC_STR_RELEASED_BY); - - // Credits - SendMessage (GetDlgItem (hwndDlg, IDC_ABOUT_CREDITS), WM_SETFONT, (WPARAM) hUserFont, (LPARAM) 0); - SendMessage (hwndDlg, WM_APP, 0, 0); - return 1; - } - - case WM_APP: - SetWindowText (GetDlgItem (hwndDlg, IDC_ABOUT_CREDITS), - L"Based on TrueCrypt 7.1a, freely available at http://www.truecrypt.org/ .\r\n\r\n" - - L"Portions of this software:\r\n" - L"Copyright \xA9 2013-2016 IDRIX. All rights reserved.\r\n" - L"Copyright \xA9 2003-2012 TrueCrypt Developers Association. All Rights Reserved.\r\n" - L"Copyright \xA9 1998-2000 Paul Le Roux. All Rights Reserved.\r\n" - L"Copyright \xA9 1998-2008 Brian Gladman. All Rights Reserved.\r\n" - L"Copyright \xA9 2002-2004 Mark Adler. All Rights Reserved.\r\n\r\n" - - L"This software as a whole:\r\n" - L"Copyright \xA9 2013-2016 IDRIX. All rights reserved.\r\n\r\n" - - L"An IDRIX Release"); - - return 1; - - case WM_COMMAND: - if (lw == IDOK || lw == IDCANCEL) - { - PostMessage (hwndDlg, WM_CLOSE, 0, 0); - return 1; - } - - if (lw == IDC_HOMEPAGE) - { - Applink ("main", TRUE, ""); - return 1; - } - - // Disallow modification of credits - if (HIWORD (wParam) == EN_UPDATE) - { - SendMessage (hwndDlg, WM_APP, 0, 0); - return 1; - } - - return 0; - - case WM_CLOSE: - /* Delete buffered bitmaps (if any) */ - if (hbmTextualLogoBitmapRescaled != NULL) - { - DeleteObject ((HGDIOBJ) hbmTextualLogoBitmapRescaled); - hbmTextualLogoBitmapRescaled = NULL; - } - - EndDialog (hwndDlg, 0); - return 1; - } - - return 0; -} - - -static HWND StaticModelessWaitDlgHandle = NULL; - -// Call DisplayStaticModelessWaitDlg() to open this dialog and CloseStaticModelessWaitDlg() to close it. -static BOOL CALLBACK StaticModelessWaitDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - LocalizeDialog (hwndDlg, NULL); - - return 0; - } - - case WM_COMMAND: - - if (lw == IDOK || lw == IDCANCEL) - return 1; - - return 0; - - - case WM_CLOSE: - StaticModelessWaitDlgHandle = NULL; - EndDialog (hwndDlg, 0); - return 1; - } - - return 0; -} - - -// Opens a dialog window saying "Please wait..." which is not modal and does not need any GUI refresh after initialization. -void DisplayStaticModelessWaitDlg (HWND parent) -{ - if (StaticModelessWaitDlgHandle != NULL) - return; // Already shown - - StaticModelessWaitDlgHandle = CreateDialogParamW (hInst, MAKEINTRESOURCEW (IDD_STATIC_MODELESS_WAIT_DLG), parent, (DLGPROC) StaticModelessWaitDlgProc, (LPARAM) 0); - - ShowWindow (StaticModelessWaitDlgHandle, SW_SHOWNORMAL); - - // Allow synchronous use with the GUI being instantly and fully rendered - ProcessPaintMessages (StaticModelessWaitDlgHandle, 500); -} - - -void CloseStaticModelessWaitDlg (void) -{ - if (StaticModelessWaitDlgHandle == NULL) - return; // Not shown - - DestroyWindow (StaticModelessWaitDlgHandle); -} - - -BOOL IsButtonChecked (HWND hButton) -{ - if (SendMessage (hButton, BM_GETCHECK, 0, 0) == BST_CHECKED) - return TRUE; - else - return FALSE; -} - - -void CheckButton (HWND hButton) -{ - SendMessage (hButton, BM_SETCHECK, BST_CHECKED, 0); -} - - -void LeftPadString (wchar_t *szTmp, int len, int targetLen, wchar_t filler) -{ - int i; - - if (targetLen <= len) - return; - - for (i = targetLen-1; i >= (targetLen-len); i--) - szTmp [i] = szTmp [i-(targetLen-len)]; - - wmemset (szTmp, filler, targetLen-len); - szTmp [targetLen] = 0; -} - -/* InitDialog - initialize the applications main dialog, this function should - be called only once in the dialogs WM_INITDIALOG message handler */ -void InitDialog (HWND hwndDlg) -{ - NONCLIENTMETRICSW metric; - static BOOL aboutMenuAppended = FALSE; - - int nHeight; - LOGFONTW lf; - HMENU hMenu; - Font *font; - - /* Fonts */ - - memset (&lf, 0, sizeof(lf)); - - // Normal - font = GetFont ("font_normal"); - - metric.cbSize = sizeof (metric); - SystemParametersInfoW (SPI_GETNONCLIENTMETRICS, sizeof(metric), &metric, 0); - - WindowTitleBarFont = CreateFontIndirectW (&metric.lfCaptionFont); - - metric.lfMessageFont.lfHeight = CompensateDPIFont (!font ? -11 : -font->Size); - metric.lfMessageFont.lfWidth = 0; - - if (font && wcscmp (font->FaceName, L"default") != 0) - { - StringCbCopyW ((WCHAR *)metric.lfMessageFont.lfFaceName, sizeof (metric.lfMessageFont.lfFaceName), font->FaceName); - } - else if (IsOSAtLeast (WIN_VISTA)) - { - // Vista's new default font (size and spacing) breaks compatibility with Windows 2k/XP applications. - // Force use of Tahoma (as Microsoft does in many dialogs) until a native Vista look is implemented. - StringCbCopyW ((WCHAR *)metric.lfMessageFont.lfFaceName, sizeof (metric.lfMessageFont.lfFaceName), L"Tahoma"); - } - - hUserFont = CreateFontIndirectW (&metric.lfMessageFont); - - metric.lfMessageFont.lfUnderline = TRUE; - hUserUnderlineFont = CreateFontIndirectW (&metric.lfMessageFont); - - metric.lfMessageFont.lfUnderline = FALSE; - metric.lfMessageFont.lfWeight = FW_BOLD; - hUserBoldFont = CreateFontIndirectW (&metric.lfMessageFont); - - metric.lfMessageFont.lfUnderline = TRUE; - metric.lfMessageFont.lfWeight = FW_BOLD; - hUserUnderlineBoldFont = CreateFontIndirectW (&metric.lfMessageFont); - - // Fixed-size (hexadecimal digits) - nHeight = CompensateDPIFont (-12); - lf.lfHeight = nHeight; - lf.lfWidth = 0; - lf.lfEscapement = 0; - lf.lfOrientation = 0; - lf.lfWeight = FW_NORMAL; - lf.lfItalic = FALSE; - lf.lfUnderline = FALSE; - lf.lfStrikeOut = FALSE; - lf.lfCharSet = DEFAULT_CHARSET; - lf.lfOutPrecision = OUT_DEFAULT_PRECIS; - lf.lfClipPrecision = CLIP_DEFAULT_PRECIS; - lf.lfQuality = PROOF_QUALITY; - lf.lfPitchAndFamily = FF_DONTCARE; - StringCbCopyW (lf.lfFaceName, sizeof(lf.lfFaceName), L"Courier New"); - hFixedDigitFont = CreateFontIndirectW (&lf); - if (hFixedDigitFont == NULL) - { - handleWin32Error (hwndDlg, SRC_POS); - AbortProcess ("NOFONT"); - } - - // Bold - font = GetFont ("font_bold"); - - nHeight = CompensateDPIFont (!font ? -13 : -font->Size); - lf.lfHeight = nHeight; - lf.lfWeight = FW_BLACK; - StringCbCopyW (lf.lfFaceName, sizeof(lf.lfFaceName), !font ? L"Arial" : font->FaceName); - hBoldFont = CreateFontIndirectW (&lf); - if (hBoldFont == NULL) - { - handleWin32Error (hwndDlg, SRC_POS); - AbortProcess ("NOFONT"); - } - - // Title - font = GetFont ("font_title"); - - nHeight = CompensateDPIFont (!font ? -21 : -font->Size); - lf.lfHeight = nHeight; - lf.lfWeight = FW_REGULAR; - StringCbCopyW (lf.lfFaceName, sizeof(lf.lfFaceName),!font ? L"Times New Roman" : font->FaceName); - hTitleFont = CreateFontIndirectW (&lf); - if (hTitleFont == NULL) - { - handleWin32Error (hwndDlg, SRC_POS); - AbortProcess ("NOFONT"); - } - - // Fixed-size - font = GetFont ("font_fixed"); - - nHeight = CompensateDPIFont (!font ? -12 : -font->Size); - lf.lfHeight = nHeight; - lf.lfWidth = 0; - lf.lfEscapement = 0; - lf.lfOrientation = 0; - lf.lfWeight = FW_NORMAL; - lf.lfItalic = FALSE; - lf.lfUnderline = FALSE; - lf.lfStrikeOut = FALSE; - lf.lfCharSet = DEFAULT_CHARSET; - lf.lfOutPrecision = OUT_DEFAULT_PRECIS; - lf.lfClipPrecision = CLIP_DEFAULT_PRECIS; - lf.lfQuality = PROOF_QUALITY; - lf.lfPitchAndFamily = FF_DONTCARE; - StringCbCopyW (lf.lfFaceName, sizeof(lf.lfFaceName),!font ? L"Lucida Console" : font->FaceName); - hFixedFont = CreateFontIndirectW (&lf); - if (hFixedFont == NULL) - { - handleWin32Error (hwndDlg, SRC_POS); - AbortProcess ("NOFONT"); - } - - if (!aboutMenuAppended) - { - hMenu = GetSystemMenu (hwndDlg, FALSE); - AppendMenu (hMenu, MF_SEPARATOR, 0, L""); - AppendMenuW (hMenu, MF_ENABLED | MF_STRING, IDC_ABOUT, GetString ("ABOUTBOX")); - - aboutMenuAppended = TRUE; - } -} - - -// The parameter maxMessagesToProcess prevents endless processing of paint messages -void ProcessPaintMessages (HWND hwnd, int maxMessagesToProcess) -{ - MSG paintMsg; - int msgCounter = maxMessagesToProcess; - - while (PeekMessageW (&paintMsg, hwnd, 0, 0, PM_REMOVE | PM_QS_PAINT) != 0 && msgCounter-- > 0) - { - DispatchMessageW (&paintMsg); - } -} - - -HDC CreateMemBitmap (HINSTANCE hInstance, HWND hwnd, wchar_t *resource) -{ - HBITMAP picture = LoadBitmap (hInstance, resource); - HDC viewDC = GetDC (hwnd), dcMem; - - dcMem = CreateCompatibleDC (viewDC); - - SetMapMode (dcMem, MM_TEXT); - - SelectObject (dcMem, picture); - - DeleteObject (picture); - - ReleaseDC (hwnd, viewDC); - - return dcMem; -} - - -/* Renders the specified bitmap at the specified location and stretches it to fit (anti-aliasing is applied). -If bDirectRender is FALSE and both nWidth and nHeight are zero, the width and height of hwndDest are -retrieved and adjusted according to screen DPI (the width and height of the resultant image are adjusted the -same way); furthermore, if bKeepAspectRatio is TRUE, the smaller DPI factor of the two (i.e. horiz. or vert.) -is used both for horiz. and vert. scaling (note that the overall GUI aspect ratio changes irregularly in -both directions depending on the DPI). If bDirectRender is TRUE, bKeepAspectRatio is ignored. -This function returns a handle to the scaled bitmap. When the bitmap is no longer needed, it should be -deleted by calling DeleteObject() with the handle passed as the parameter. -Known Windows issues: -- For some reason, anti-aliasing is not applied if the source bitmap contains less than 16K pixels. -- Windows 2000 may produce slightly inaccurate colors even when source, buffer, and target are 24-bit true color. */ -HBITMAP RenderBitmap (wchar_t *resource, HWND hwndDest, int x, int y, int nWidth, int nHeight, BOOL bDirectRender, BOOL bKeepAspectRatio) -{ - LRESULT lResult = 0; - - HDC hdcSrc = CreateMemBitmap (hInst, hwndDest, resource); - if (!hdcSrc) - return NULL; - - HGDIOBJ picture = GetCurrentObject (hdcSrc, OBJ_BITMAP); - - HBITMAP hbmpRescaled = NULL; - BITMAP bitmap; - - HDC hdcRescaled; - - if (!bDirectRender && nWidth == 0 && nHeight == 0) - { - RECT rec; - - GetClientRect (hwndDest, &rec); - - if (bKeepAspectRatio) - { - if (DlgAspectRatio > 1) - { - // Do not fix this, it's correct. We use the Y scale factor intentionally for both - // directions to maintain aspect ratio (see above for more info). - nWidth = CompensateYDPI (rec.right); - nHeight = CompensateYDPI (rec.bottom); - } - else - { - // Do not fix this, it's correct. We use the X scale factor intentionally for both - // directions to maintain aspect ratio (see above for more info). - nWidth = CompensateXDPI (rec.right); - nHeight = CompensateXDPI (rec.bottom); - } - } - else - { - nWidth = CompensateXDPI (rec.right); - nHeight = CompensateYDPI (rec.bottom); - } - } - - GetObject (picture, sizeof (BITMAP), &bitmap); - - hdcRescaled = CreateCompatibleDC (hdcSrc); - - if (hdcRescaled) - { - hbmpRescaled = CreateCompatibleBitmap (hdcSrc, nWidth, nHeight); - - SelectObject (hdcRescaled, hbmpRescaled); - - /* Anti-aliasing mode (HALFTONE is the only anti-aliasing algorithm natively supported by Windows 2000. - TODO: GDI+ offers higher quality -- InterpolationModeHighQualityBicubic) */ - SetStretchBltMode (hdcRescaled, HALFTONE); - - StretchBlt (hdcRescaled, - 0, - 0, - nWidth, - nHeight, - hdcSrc, - 0, - 0, - bitmap.bmWidth, - bitmap.bmHeight, - SRCCOPY); - - DeleteDC (hdcSrc); - - if (bDirectRender) - { - HDC hdcDest = GetDC (hwndDest); - if (hdcDest) - { - BitBlt (hdcDest, x, y, nWidth, nHeight, hdcRescaled, 0, 0, SRCCOPY); - ReleaseDC (hwndDest, hdcDest); - } - } - else - { - lResult = SendMessage (hwndDest, (UINT) STM_SETIMAGE, (WPARAM) IMAGE_BITMAP, (LPARAM) (HANDLE) hbmpRescaled); - } - - if ((HGDIOBJ) lResult != NULL && (HGDIOBJ) lResult != (HGDIOBJ) hbmpRescaled) - DeleteObject ((HGDIOBJ) lResult); - - DeleteDC (hdcRescaled); - } - - return hbmpRescaled; -} - - -LRESULT CALLBACK -RedTick (HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam) -{ - if (uMsg == WM_CREATE) - { - } - else if (uMsg == WM_DESTROY) - { - } - else if (uMsg == WM_TIMER) - { - } - else if (uMsg == WM_PAINT) - { - PAINTSTRUCT tmp; - HPEN hPen; - HDC hDC; - BOOL bEndPaint; - RECT Rect; - - if (GetUpdateRect (hwnd, NULL, FALSE)) - { - hDC = BeginPaint (hwnd, &tmp); - bEndPaint = TRUE; - if (hDC == NULL) - return DefWindowProcW (hwnd, uMsg, wParam, lParam); - } - else - { - hDC = GetDC (hwnd); - bEndPaint = FALSE; - } - - GetClientRect (hwnd, &Rect); - - hPen = CreatePen (PS_SOLID, 2, RGB (0, 255, 0)); - if (hPen != NULL) - { - HGDIOBJ hObj = SelectObject (hDC, hPen); - WORD bx = LOWORD (GetDialogBaseUnits ()); - WORD by = HIWORD (GetDialogBaseUnits ()); - - MoveToEx (hDC, (Rect.right - Rect.left) / 2, Rect.bottom, NULL); - LineTo (hDC, Rect.right, Rect.top); - MoveToEx (hDC, (Rect.right - Rect.left) / 2, Rect.bottom, NULL); - - LineTo (hDC, (3 * bx) / 4, (2 * by) / 8); - - SelectObject (hDC, hObj); - DeleteObject (hPen); - } - - if (bEndPaint) - EndPaint (hwnd, &tmp); - else - ReleaseDC (hwnd, hDC); - - return TRUE; - } - - return DefWindowProcW (hwnd, uMsg, wParam, lParam); -} - -BOOL -RegisterRedTick (HINSTANCE hInstance) -{ - WNDCLASSW wc; - ULONG rc; - - memset(&wc, 0 , sizeof wc); - - wc.style = CS_HREDRAW | CS_VREDRAW; - wc.cbClsExtra = 0; - wc.cbWndExtra = 4; - wc.hInstance = hInstance; - wc.hIcon = LoadIcon (NULL, IDI_APPLICATION); - wc.hCursor = NULL; - wc.hbrBackground = (HBRUSH) GetStockObject (LTGRAY_BRUSH); - wc.lpszClassName = L"VCREDTICK"; - wc.lpfnWndProc = &RedTick; - - rc = (ULONG) RegisterClassW (&wc); - - return rc == 0 ? FALSE : TRUE; -} - -BOOL -UnregisterRedTick (HINSTANCE hInstance) -{ - return UnregisterClassW (L"VCREDTICK", hInstance); -} - -LRESULT CALLBACK -SplashDlgProc (HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam) -{ - return DefDlgProcW (hwnd, uMsg, wParam, lParam); -} - -static int g_waitCursorCounter = 0; - -void -WaitCursor () -{ - static HCURSOR hcWait; - if (hcWait == NULL) - hcWait = LoadCursor (NULL, IDC_WAIT); - - if ((g_waitCursorCounter == 0) || (hCursor != hcWait)) - { - SetCursor (hcWait); - hCursor = hcWait; - } - g_waitCursorCounter++; -} - -void -NormalCursor () -{ - static HCURSOR hcArrow; - if (hcArrow == NULL) - hcArrow = LoadCursor (NULL, IDC_ARROW); - if (g_waitCursorCounter > 0) - g_waitCursorCounter--; - if (g_waitCursorCounter == 0) - { - SetCursor (hcArrow); - hCursor = NULL; - } -} - -void -ArrowWaitCursor () -{ - static HCURSOR hcArrowWait; - if (hcArrowWait == NULL) - hcArrowWait = LoadCursor (NULL, IDC_APPSTARTING); - if ((g_waitCursorCounter == 0) || (hCursor != hcArrowWait)) - { - SetCursor (hcArrowWait); - hCursor = hcArrowWait; - } - g_waitCursorCounter++; -} - -void HandCursor () -{ - static HCURSOR hcHand; - if (hcHand == NULL) - hcHand = LoadCursor (NULL, IDC_HAND); - SetCursor (hcHand); - hCursor = hcHand; -} - -void -AddComboPair (HWND hComboBox, const wchar_t *lpszItem, int value) -{ - LPARAM nIndex; - - nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) lpszItem); - nIndex = SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) value); -} - -void -SelectAlgo (HWND hComboBox, int *algo_id) -{ - LPARAM nCount = SendMessage (hComboBox, CB_GETCOUNT, 0, 0); - LPARAM x, i; - - for (i = 0; i < nCount; i++) - { - x = SendMessage (hComboBox, CB_GETITEMDATA, i, 0); - if (x == (LPARAM) *algo_id) - { - SendMessage (hComboBox, CB_SETCURSEL, i, 0); - return; - } - } - - /* Something went wrong ; couldn't find the requested algo id so we drop - back to a default */ - - *algo_id = (int) SendMessage (hComboBox, CB_GETITEMDATA, 0, 0); - - SendMessage (hComboBox, CB_SETCURSEL, 0, 0); - -} - -void PopulateWipeModeCombo (HWND hComboBox, BOOL bNA, BOOL bInPlaceEncryption, BOOL bHeaderWipe) -{ - if (bNA) - { - AddComboPair (hComboBox, GetString ("NOT_APPLICABLE_OR_NOT_AVAILABLE"), TC_WIPE_NONE); - } - else - { - if (!bHeaderWipe) - { - AddComboPair (hComboBox, GetString ("WIPE_MODE_NONE"), TC_WIPE_NONE); - } - - AddComboPair (hComboBox, GetString ("WIPE_MODE_1_RAND"), TC_WIPE_1_RAND); - AddComboPair (hComboBox, GetString ("WIPE_MODE_3_DOD_5220"), TC_WIPE_3_DOD_5220); - AddComboPair (hComboBox, GetString ("WIPE_MODE_7_DOD_5220"), TC_WIPE_7_DOD_5220); - AddComboPair (hComboBox, GetString ("WIPE_MODE_35_GUTMANN"), TC_WIPE_35_GUTMANN); - - if (bHeaderWipe) - AddComboPair (hComboBox, GetString ("WIPE_MODE_256"), TC_WIPE_256); // paranoid wipe for volume header - } -} - -wchar_t *GetWipeModeName (WipeAlgorithmId modeId) -{ - switch (modeId) - { - case TC_WIPE_NONE: - return GetString ("WIPE_MODE_NONE"); - - case TC_WIPE_1_RAND: - return GetString ("WIPE_MODE_1_RAND"); - - case TC_WIPE_3_DOD_5220: - return GetString ("WIPE_MODE_3_DOD_5220"); - - case TC_WIPE_7_DOD_5220: - return GetString ("WIPE_MODE_7_DOD_5220"); - - case TC_WIPE_35_GUTMANN: - return GetString ("WIPE_MODE_35_GUTMANN"); - - case TC_WIPE_256: - return GetString ("WIPE_MODE_256"); - - default: - return GetString ("NOT_APPLICABLE_OR_NOT_AVAILABLE"); - } -} - -wchar_t *GetPathType (const wchar_t *path, BOOL bUpperCase, BOOL *bIsPartition) -{ - if (wcsstr (path, L"Partition") - && wcsstr (path, L"Partition0") == NULL) - { - *bIsPartition = TRUE; - return GetString (bUpperCase ? "PARTITION_UPPER_CASE" : "PARTITION_LOWER_CASE"); - } - else if (wcsstr (path, L"HarddiskVolume")) - { - *bIsPartition = TRUE; - return GetString (bUpperCase ? "VOLUME_UPPER_CASE" : "VOLUME_LOWER_CASE"); - } - - *bIsPartition = FALSE; - return GetString (bUpperCase ? "DEVICE_UPPER_CASE" : "DEVICE_LOWER_CASE"); -} - -LRESULT CALLBACK CustomDlgProc (HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam) -{ - if (uMsg == WM_SETCURSOR && hCursor != NULL) - { - SetCursor (hCursor); - return TRUE; - } - - return DefDlgProcW (hwnd, uMsg, wParam, lParam); -} - -/* -static BOOL IsReturnAddress (DWORD64 address) -{ - static size_t codeEnd = 0; - byte *sp = (byte *) address; - - if (codeEnd == 0) - { - MEMORY_BASIC_INFORMATION mi; - if (VirtualQuery ((LPCVOID) 0x401000, &mi, sizeof (mi)) >= sizeof (mi)) - codeEnd = (size_t) mi.BaseAddress + mi.RegionSize; - } - - if (address < 0x401000 + 8 || address > codeEnd) - return FALSE; - - return sp[-5] == 0xe8 // call ADDR - || (sp[-6] == 0xff && sp[-5] == 0x15) // call [ADDR] - || (sp[-2] == 0xff && (sp[-1] & 0xf0) == 0xd0); // call REG -} -*/ - -typedef struct -{ - EXCEPTION_POINTERS *ExceptionPointers; - HANDLE ExceptionThread; - -} ExceptionHandlerThreadArgs; - - -void ExceptionHandlerThread (void *threadArg) -{ - ExceptionHandlerThreadArgs *args = (ExceptionHandlerThreadArgs *) threadArg; - - EXCEPTION_POINTERS *ep = args->ExceptionPointers; - //DWORD addr; - DWORD exCode = ep->ExceptionRecord->ExceptionCode; - // SYSTEM_INFO si; - // wchar_t msg[8192]; - // char modPath[MAX_PATH]; - // int crc = 0; - // char url[MAX_URL_LENGTH]; - // char lpack[128]; - // stringstream callStack; - // addr = (DWORD) ep->ExceptionRecord->ExceptionAddress; - // PDWORD sp = (PDWORD) ep->ContextRecord->Esp; - // int frameNumber = 0; - - switch (exCode) - { - case STATUS_IN_PAGE_ERROR: - case 0xeedfade: - // Exception not caused by VeraCrypt - MessageBoxW (0, GetString ("EXCEPTION_REPORT_EXT"), - GetString ("EXCEPTION_REPORT_TITLE"), - MB_ICONERROR | MB_OK | MB_SETFOREGROUND | MB_TOPMOST); - return; - } - - // Call stack -/* HMODULE dbgDll = LoadLibrary ("dbghelp.dll"); - if (dbgDll) - { - typedef DWORD (__stdcall *SymGetOptions_t) (); - typedef DWORD (__stdcall *SymSetOptions_t) (DWORD SymOptions); - typedef BOOL (__stdcall *SymInitialize_t) (HANDLE hProcess, PCSTR UserSearchPath, BOOL fInvadeProcess); - typedef BOOL (__stdcall *StackWalk64_t) (DWORD MachineType, HANDLE hProcess, HANDLE hThread, LPSTACKFRAME64 StackFrame, PVOID ContextRecord, PREAD_PROCESS_MEMORY_ROUTINE64 ReadMemoryRoutine, PFUNCTION_TABLE_ACCESS_ROUTINE64 FunctionTableAccessRoutine, PGET_MODULE_BASE_ROUTINE64 GetModuleBaseRoutine, PTRANSLATE_ADDRESS_ROUTINE64 TranslateAddress); - typedef BOOL (__stdcall * SymFromAddr_t) (HANDLE hProcess, DWORD64 Address, PDWORD64 Displacement, PSYMBOL_INFO Symbol); - - SymGetOptions_t DbgHelpSymGetOptions = (SymGetOptions_t) GetProcAddress (dbgDll, "SymGetOptions"); - SymSetOptions_t DbgHelpSymSetOptions = (SymSetOptions_t) GetProcAddress (dbgDll, "SymSetOptions"); - SymInitialize_t DbgHelpSymInitialize = (SymInitialize_t) GetProcAddress (dbgDll, "SymInitialize"); - PFUNCTION_TABLE_ACCESS_ROUTINE64 DbgHelpSymFunctionTableAccess64 = (PFUNCTION_TABLE_ACCESS_ROUTINE64) GetProcAddress (dbgDll, "SymFunctionTableAccess64"); - PGET_MODULE_BASE_ROUTINE64 DbgHelpSymGetModuleBase64 = (PGET_MODULE_BASE_ROUTINE64) GetProcAddress (dbgDll, "SymGetModuleBase64"); - StackWalk64_t DbgHelpStackWalk64 = (StackWalk64_t) GetProcAddress (dbgDll, "StackWalk64"); - SymFromAddr_t DbgHelpSymFromAddr = (SymFromAddr_t) GetProcAddress (dbgDll, "SymFromAddr"); - - if (DbgHelpSymGetOptions && DbgHelpSymSetOptions && DbgHelpSymInitialize && DbgHelpSymFunctionTableAccess64 && DbgHelpSymGetModuleBase64 && DbgHelpStackWalk64 && DbgHelpSymFromAddr) - { - DbgHelpSymSetOptions (DbgHelpSymGetOptions() | SYMOPT_DEFERRED_LOADS | SYMOPT_ALLOW_ABSOLUTE_SYMBOLS | SYMOPT_NO_CPP); - - if (DbgHelpSymInitialize (GetCurrentProcess(), NULL, TRUE)) - { - STACKFRAME64 frame; - memset (&frame, 0, sizeof (frame)); - - frame.AddrPC.Offset = ep->ContextRecord->Eip; - frame.AddrPC.Mode = AddrModeFlat; - frame.AddrStack.Offset = ep->ContextRecord->Esp; - frame.AddrStack.Mode = AddrModeFlat; - frame.AddrFrame.Offset = ep->ContextRecord->Ebp; - frame.AddrFrame.Mode = AddrModeFlat; - - string lastSymbol; - - while (frameNumber < 32 && DbgHelpStackWalk64 (IMAGE_FILE_MACHINE_I386, GetCurrentProcess(), args->ExceptionThread, &frame, ep->ContextRecord, NULL, DbgHelpSymFunctionTableAccess64, DbgHelpSymGetModuleBase64, NULL)) - { - if (!frame.AddrPC.Offset) - continue; - - ULONG64 symbolBuffer[(sizeof (SYMBOL_INFO) + MAX_SYM_NAME * sizeof (TCHAR) + sizeof (ULONG64) - 1) / sizeof (ULONG64)]; - memset (symbolBuffer, 0, sizeof (symbolBuffer)); - - PSYMBOL_INFO symbol = (PSYMBOL_INFO) symbolBuffer; - symbol->SizeOfStruct = sizeof (SYMBOL_INFO); - symbol->MaxNameLen = MAX_SYM_NAME; - - if (DbgHelpSymFromAddr (GetCurrentProcess(), frame.AddrPC.Offset, NULL, symbol) && symbol->NameLen > 0) - { - for (size_t i = 0; i < symbol->NameLen; ++i) - { - if (!isalnum (symbol->Name[i])) - symbol->Name[i] = '_'; - } - - if (symbol->Name != lastSymbol) - callStack << "&st" << frameNumber++ << "=" << symbol->Name; - - lastSymbol = symbol->Name; - } - else if (frameNumber == 0 || IsReturnAddress (frame.AddrPC.Offset)) - { - callStack << "&st" << frameNumber++ << "=0x" << hex << frame.AddrPC.Offset << dec; - } - } - } - } - } - - // StackWalk64() may fail due to missing frame pointers - list retAddrs; - if (frameNumber == 0) - retAddrs.push_back (ep->ContextRecord->Eip); - - retAddrs.push_back (0); - - MEMORY_BASIC_INFORMATION mi; - VirtualQuery (sp, &mi, sizeof (mi)); - PDWORD stackTop = (PDWORD)((byte *) mi.BaseAddress + mi.RegionSize); - int i = 0; - - while (retAddrs.size() < 16 && &sp[i] < stackTop) - { - if (IsReturnAddress (sp[i])) - { - bool duplicate = false; - foreach (DWORD prevAddr, retAddrs) - { - if (sp[i] == prevAddr) - { - duplicate = true; - break; - } - } - - if (!duplicate) - retAddrs.push_back (sp[i]); - } - i++; - } - - if (retAddrs.size() > 1) - { - foreach (DWORD addr, retAddrs) - { - callStack << "&st" << frameNumber++ << "=0x" << hex << addr << dec; - } - } - - // Checksum of the module - if (GetModuleFileName (NULL, modPath, sizeof (modPath))) - { - HANDLE h = CreateFile (modPath, FILE_READ_DATA | FILE_READ_ATTRIBUTES, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - if (h != INVALID_HANDLE_VALUE) - { - BY_HANDLE_FILE_INFORMATION fi; - if (GetFileInformationByHandle (h, &fi)) - { - char *buf = (char *) malloc (fi.nFileSizeLow); - if (buf) - { - DWORD bytesRead; - if (ReadFile (h, buf, fi.nFileSizeLow, &bytesRead, NULL) && bytesRead == fi.nFileSizeLow) - crc = GetCrc32 ((unsigned char *) buf, fi.nFileSizeLow); - free (buf); - } - } - CloseHandle (h); - } - } - - GetSystemInfo (&si); - - if (LocalizationActive) - sprintf_s (lpack, sizeof (lpack), "&langpack=%s_%s", GetPreferredLangId (), GetActiveLangPackVersion ()); - else - lpack[0] = 0; - - - sprintf (url, TC_APPLINK_SECURE "&dest=err-report%s&os=%s&osver=%d.%d.%d&arch=%s&cpus=%d&app=%s&cksum=%x&dlg=%s&err=%x&addr=%x" - , lpack - , GetWindowsEdition().c_str() - , CurrentOSMajor - , CurrentOSMinor - , CurrentOSServicePack - , Is64BitOs () ? "x64" : "x86" - , si.dwNumberOfProcessors -#ifdef TCMOUNT - ,"main" -#endif -#ifdef VOLFORMAT - ,"format" -#endif -#ifdef SETUP - ,"setup" -#endif - , crc - , LastDialogId ? LastDialogId : "-" - , exCode - , addr); - - string urlStr = url + callStack.str(); - - _snwprintf (msg, array_capacity (msg), GetString ("EXCEPTION_REPORT"), urlStr.c_str()); - - if (IDYES == MessageBoxW (0, msg, GetString ("EXCEPTION_REPORT_TITLE"), MB_ICONERROR | MB_YESNO | MB_DEFBUTTON1)) - ShellExecute (NULL, "open", urlStr.c_str(), NULL, NULL, SW_SHOWNORMAL); - else */ - UnhandledExceptionFilter (ep); -} - - -LONG __stdcall ExceptionHandler (EXCEPTION_POINTERS *ep) -{ - SetUnhandledExceptionFilter (NULL); - - if (SystemFileSelectorCallPending && SystemFileSelectorCallerThreadId == GetCurrentThreadId()) - { - MessageBoxW (NULL, GetString ("EXCEPTION_REPORT_EXT_FILESEL"), GetString ("EXCEPTION_REPORT_TITLE"), MB_ICONERROR | MB_OK | MB_SETFOREGROUND | MB_TOPMOST); - - UnhandledExceptionFilter (ep); - return EXCEPTION_EXECUTE_HANDLER; - } - - ExceptionHandlerThreadArgs args; - args.ExceptionPointers = ep; - args.ExceptionThread = GetCurrentThread(); - - WaitForSingleObject ((HANDLE) _beginthread (ExceptionHandlerThread, 0, &args), INFINITE); - - return EXCEPTION_EXECUTE_HANDLER; -} - - -void InvalidParameterHandler (const wchar_t *expression, const wchar_t *function, const wchar_t *file, unsigned int line, uintptr_t reserved) -{ - TC_THROW_FATAL_EXCEPTION; -} - - -static LRESULT CALLBACK NonInstallUacWndProc (HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam) -{ - return DefWindowProcW (hWnd, message, wParam, lParam); -} - - -// Mutex handling to prevent multiple instances of the wizard or main app from dealing with system encryption. -// Returns TRUE if the mutex is (or had been) successfully acquired (otherwise FALSE). -BOOL CreateSysEncMutex (void) -{ - return TCCreateMutex (&hSysEncMutex, TC_MUTEX_NAME_SYSENC); -} - - -BOOL InstanceHasSysEncMutex (void) -{ - return (hSysEncMutex != NULL); -} - - -// Mutex handling to prevent multiple instances of the wizard from dealing with system encryption -void CloseSysEncMutex (void) -{ - TCCloseMutex (&hSysEncMutex); -} - - -// Returns TRUE if the mutex is (or had been) successfully acquired (otherwise FALSE). -BOOL CreateNonSysInplaceEncMutex (void) -{ - return TCCreateMutex (&hNonSysInplaceEncMutex, TC_MUTEX_NAME_NONSYS_INPLACE_ENC); -} - - -BOOL InstanceHasNonSysInplaceEncMutex (void) -{ - return (hNonSysInplaceEncMutex != NULL); -} - - -void CloseNonSysInplaceEncMutex (void) -{ - TCCloseMutex (&hNonSysInplaceEncMutex); -} - - -// Returns TRUE if another instance of the wizard is preparing, resuming or performing non-system in-place encryption -BOOL NonSysInplaceEncInProgressElsewhere (void) -{ - return (!InstanceHasNonSysInplaceEncMutex () - && MutexExistsOnSystem (TC_MUTEX_NAME_NONSYS_INPLACE_ENC)); -} - - -// Mutex handling to prevent multiple instances of the wizard or main app from trying to install -// or register the driver or from trying to launch it in portable mode at the same time. -// Returns TRUE if the mutex is (or had been) successfully acquired (otherwise FALSE). -BOOL CreateDriverSetupMutex (void) -{ - return TCCreateMutex (&hDriverSetupMutex, TC_MUTEX_NAME_DRIVER_SETUP); -} - - -void CloseDriverSetupMutex (void) -{ - TCCloseMutex (&hDriverSetupMutex); -} - - -BOOL CreateAppSetupMutex (void) -{ - return TCCreateMutex (&hAppSetupMutex, TC_MUTEX_NAME_APP_SETUP); -} - - -void CloseAppSetupMutex (void) -{ - TCCloseMutex (&hAppSetupMutex); -} - - -BOOL IsTrueCryptInstallerRunning (void) -{ - return (MutexExistsOnSystem (TC_MUTEX_NAME_APP_SETUP)); -} - - -// Returns TRUE if the mutex is (or had been) successfully acquired (otherwise FALSE). -BOOL TCCreateMutex (volatile HANDLE *hMutex, wchar_t *name) -{ - if (*hMutex != NULL) - return TRUE; // This instance already has the mutex - - *hMutex = CreateMutex (NULL, TRUE, name); - if (*hMutex == NULL) - { - // In multi-user configurations, the OS returns "Access is denied" here when a user attempts - // to acquire the mutex if another user already has. However, on Vista, "Access is denied" is - // returned also if the mutex is owned by a process with admin rights while we have none. - - return FALSE; - } - - if (GetLastError () == ERROR_ALREADY_EXISTS) - { - ReleaseMutex (*hMutex); - CloseHandle (*hMutex); - - *hMutex = NULL; - return FALSE; - } - - return TRUE; -} - - -void TCCloseMutex (volatile HANDLE *hMutex) -{ - if (*hMutex != NULL) - { - if (ReleaseMutex (*hMutex) - && CloseHandle (*hMutex)) - *hMutex = NULL; - } -} - - -// Returns TRUE if a process running on the system has the specified mutex (otherwise FALSE). -BOOL MutexExistsOnSystem (wchar_t *name) -{ - if (name[0] == 0) - return FALSE; - - HANDLE hMutex = OpenMutex (MUTEX_ALL_ACCESS, FALSE, name); - - if (hMutex == NULL) - { - if (GetLastError () == ERROR_FILE_NOT_FOUND) - return FALSE; - - if (GetLastError () == ERROR_ACCESS_DENIED) // On Vista, this is returned if the owner of the mutex is elevated while we are not - return TRUE; - - // The call failed and it is not certain whether the mutex exists or not - return FALSE; - } - - CloseHandle (hMutex); - return TRUE; -} - - -uint32 ReadDriverConfigurationFlags () -{ - DWORD configMap; - - if (!ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", TC_DRIVER_CONFIG_REG_VALUE_NAME, &configMap)) - configMap = 0; - - return configMap; -} - - -uint32 ReadEncryptionThreadPoolFreeCpuCountLimit () -{ - DWORD count; - - if (!ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", TC_ENCRYPTION_FREE_CPU_COUNT_REG_VALUE_NAME, &count)) - count = 0; - - return count; -} - - -BOOL LoadSysEncSettings () -{ - BOOL status = TRUE; - DWORD size = 0; - char *sysEncCfgFileBuf = LoadFile (GetConfigPath (TC_APPD_FILENAME_SYSTEM_ENCRYPTION), &size); - char *xml = sysEncCfgFileBuf; - char paramName[100], paramVal[MAX_PATH]; - - // Defaults - int newSystemEncryptionStatus = SYSENC_STATUS_NONE; - WipeAlgorithmId newnWipeMode = TC_WIPE_NONE; - - if (!FileExists (GetConfigPath (TC_APPD_FILENAME_SYSTEM_ENCRYPTION))) - { - SystemEncryptionStatus = newSystemEncryptionStatus; - nWipeMode = newnWipeMode; - } - - if (xml == NULL) - { - return FALSE; - } - - while (xml = XmlFindElement (xml, "config")) - { - XmlGetAttributeText (xml, "key", paramName, sizeof (paramName)); - XmlGetNodeText (xml, paramVal, sizeof (paramVal)); - - if (strcmp (paramName, "SystemEncryptionStatus") == 0) - { - newSystemEncryptionStatus = atoi (paramVal); - } - else if (strcmp (paramName, "WipeMode") == 0) - { - newnWipeMode = (WipeAlgorithmId) atoi (paramVal); - } - - xml++; - } - - SystemEncryptionStatus = newSystemEncryptionStatus; - nWipeMode = newnWipeMode; - - free (sysEncCfgFileBuf); - return status; -} - - -// Returns the number of partitions where non-system in-place encryption is progress or had been in progress -// but was interrupted. In addition, via the passed pointer, returns the last selected wipe algorithm ID. -int LoadNonSysInPlaceEncSettings (WipeAlgorithmId *wipeAlgorithm) -{ - char *fileBuf = NULL; - char *fileBuf2 = NULL; - DWORD size, size2; - int count; - - *wipeAlgorithm = TC_WIPE_NONE; - - if (!FileExists (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC))) - return 0; - - if ((fileBuf = LoadFile (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC), &size)) == NULL) - return 0; - - if (FileExists (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE))) - { - if ((fileBuf2 = LoadFile (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE), &size2)) != NULL) - *wipeAlgorithm = (WipeAlgorithmId) atoi (fileBuf2); - } - - count = atoi (fileBuf); - - if (fileBuf != NULL) - TCfree (fileBuf); - - if (fileBuf2 != NULL) - TCfree (fileBuf2); - - return (count); -} - - -void RemoveNonSysInPlaceEncNotifications (void) -{ - if (FileExists (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC))) - _wremove (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC)); - - if (FileExists (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE))) - _wremove (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE)); - - if (!IsNonInstallMode () && SystemEncryptionStatus == SYSENC_STATUS_NONE) - ManageStartupSeqWiz (TRUE, L""); -} - - -void SavePostInstallTasksSettings (int command) -{ - FILE *f = NULL; - - if (IsNonInstallMode() && command != TC_POST_INSTALL_CFG_REMOVE_ALL) - return; - - switch (command) - { - case TC_POST_INSTALL_CFG_REMOVE_ALL: - _wremove (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_TUTORIAL)); - _wremove (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_RELEASE_NOTES)); - break; - - case TC_POST_INSTALL_CFG_TUTORIAL: - f = _wfopen (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_TUTORIAL), L"w"); - break; - - case TC_POST_INSTALL_CFG_RELEASE_NOTES: - f = _wfopen (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_RELEASE_NOTES), L"w"); - break; - - default: - return; - } - - if (f == NULL) - return; - - if (fputws (L"1", f) < 0) - { - // Error - fclose (f); - return; - } - - TCFlushFile (f); - - fclose (f); -} - - -void DoPostInstallTasks (HWND hwndDlg) -{ - BOOL bDone = FALSE; - - if (FileExists (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_TUTORIAL))) - { - if (AskYesNo ("AFTER_INSTALL_TUTORIAL", hwndDlg) == IDYES) - Applink ("beginnerstutorial", TRUE, ""); - - bDone = TRUE; - } - - if (FileExists (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_RELEASE_NOTES))) - { - if (AskYesNo ("AFTER_UPGRADE_RELEASE_NOTES", hwndDlg) == IDYES) - Applink ("releasenotes", TRUE, ""); - - bDone = TRUE; - } - - if (bDone) - SavePostInstallTasksSettings (TC_POST_INSTALL_CFG_REMOVE_ALL); -} - - -void InitOSVersionInfo () -{ - OSVERSIONINFOEXW os; - os.dwOSVersionInfoSize = sizeof (OSVERSIONINFOEXW); - - if (GetVersionExW ((LPOSVERSIONINFOW) &os) == FALSE) - AbortProcess ("NO_OS_VER"); - - CurrentOSMajor = os.dwMajorVersion; - CurrentOSMinor = os.dwMinorVersion; - CurrentOSServicePack = os.wServicePackMajor; - - if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 5 && CurrentOSMinor == 0) - nCurrentOS = WIN_2000; - else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 5 && CurrentOSMinor == 1) - nCurrentOS = WIN_XP; - else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 5 && CurrentOSMinor == 2) - { - if (os.wProductType == VER_NT_SERVER || os.wProductType == VER_NT_DOMAIN_CONTROLLER) - nCurrentOS = WIN_SERVER_2003; - else - nCurrentOS = WIN_XP64; - } - else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 6 && CurrentOSMinor == 0) - { - if (os.wProductType != VER_NT_WORKSTATION) - nCurrentOS = WIN_SERVER_2008; - else - nCurrentOS = WIN_VISTA; - } - else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 6 && CurrentOSMinor == 1) - nCurrentOS = ((os.wProductType != VER_NT_WORKSTATION) ? WIN_SERVER_2008_R2 : WIN_7); - else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 6 && CurrentOSMinor == 2) - nCurrentOS = ((os.wProductType != VER_NT_WORKSTATION) ? WIN_SERVER_2012 : WIN_8); - else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 6 && CurrentOSMinor == 3) - nCurrentOS = ((os.wProductType != VER_NT_WORKSTATION) ? WIN_SERVER_2012_R2 : WIN_8_1); - else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 10 && CurrentOSMinor == 0) - nCurrentOS = ((os.wProductType != VER_NT_WORKSTATION) ? WIN_SERVER_2016 : WIN_10); - else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 4) - nCurrentOS = WIN_NT4; - else if (os.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS && os.dwMajorVersion == 4 && os.dwMinorVersion == 0) - nCurrentOS = WIN_95; - else if (os.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS && os.dwMajorVersion == 4 && os.dwMinorVersion == 10) - nCurrentOS = WIN_98; - else if (os.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS && os.dwMajorVersion == 4 && os.dwMinorVersion == 90) - nCurrentOS = WIN_ME; - else if (os.dwPlatformId == VER_PLATFORM_WIN32s) - nCurrentOS = WIN_31; - else - nCurrentOS = WIN_UNKNOWN; -} - -static void LoadSystemDll (LPCTSTR szModuleName, HMODULE *pHandle, BOOL bIgnoreError, const char* srcPos) -{ - wchar_t dllPath[MAX_PATH]; - - /* Load dll explictely from System32 to avoid Dll hijacking attacks*/ - if (!GetSystemDirectory(dllPath, MAX_PATH)) - StringCbCopyW(dllPath, sizeof(dllPath), L"C:\\Windows\\System32"); - - StringCbCatW(dllPath, sizeof(dllPath), L"\\"); - StringCbCatW(dllPath, sizeof(dllPath), szModuleName); - - if (((*pHandle = LoadLibrary(dllPath)) == NULL) && !bIgnoreError) - { - // This error is fatal - handleWin32Error (NULL, srcPos); - AbortProcess ("INIT_DLL"); - } -} - -/* InitApp - initialize the application, this function is called once in the - applications WinMain function, but before the main dialog has been created */ -void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) -{ - WNDCLASSW wc; - char langId[6]; - InitCommonControlsPtr InitCommonControlsFn = NULL; - - InitOSVersionInfo(); - - InitializeCriticalSection (&csWNetCalls); - - LoadSystemDll (L"ntmarta.dll", &hntmartadll, TRUE, SRC_POS); - LoadSystemDll (L"MPR.DLL", &hmprdll, TRUE, SRC_POS); -#ifdef SETUP - if (IsOSAtLeast (WIN_7)) - { - LoadSystemDll (L"ProfApi.DLL", &hProfApiDll, TRUE, SRC_POS); - LoadSystemDll (L"cryptbase.dll", &hcryptbasedll, TRUE, SRC_POS); - LoadSystemDll (L"sspicli.dll", &hsspiclidll, TRUE, SRC_POS); - } -#endif - LoadSystemDll (L"psapi.dll", &hpsapidll, TRUE, SRC_POS); - LoadSystemDll (L"secur32.dll", &hsecur32dll, TRUE, SRC_POS); - LoadSystemDll (L"msasn1.dll", &hmsasn1dll, TRUE, SRC_POS); - LoadSystemDll (L"Usp10.DLL", &hUsp10Dll, TRUE, SRC_POS); - LoadSystemDll (L"UXTheme.dll", &hUXThemeDll, TRUE, SRC_POS); - - LoadSystemDll (L"msls31.dll", &hMsls31, TRUE, SRC_POS); - LoadSystemDll (L"SETUPAPI.DLL", &hSetupDll, FALSE, SRC_POS); - LoadSystemDll (L"SHLWAPI.DLL", &hShlwapiDll, FALSE, SRC_POS); - - LoadSystemDll (L"userenv.dll", &hUserenvDll, TRUE, SRC_POS); - LoadSystemDll (L"rsaenh.dll", &hRsaenhDll, TRUE, SRC_POS); - -#ifdef SETUP - if (nCurrentOS < WIN_7) - { - if (nCurrentOS == WIN_XP) - { - LoadSystemDll (L"imm32.dll", &himm32dll, TRUE, SRC_POS); - LoadSystemDll (L"MSCTF.dll", &hMSCTFdll, TRUE, SRC_POS); - LoadSystemDll (L"fltlib.dll", &hfltlibdll, TRUE, SRC_POS); - LoadSystemDll (L"wbem\\framedyn.dll", &hframedyndll, TRUE, SRC_POS); - } - - if (IsOSAtLeast (WIN_VISTA)) - { - LoadSystemDll (L"netapi32.dll", &hnetapi32dll, TRUE, SRC_POS); - LoadSystemDll (L"authz.dll", &hauthzdll, TRUE, SRC_POS); - LoadSystemDll (L"xmllite.dll", &hxmllitedll, TRUE, SRC_POS); - } - } - - if (IsOSAtLeast (WIN_VISTA)) - { - LoadSystemDll (L"spp.dll", &hsppdll, TRUE, SRC_POS); - LoadSystemDll (L"vssapi.dll", &vssapidll, TRUE, SRC_POS); - LoadSystemDll (L"vsstrace.dll", &hvsstracedll, TRUE, SRC_POS); - - if (IsOSAtLeast (WIN_7)) - { - LoadSystemDll (L"CryptSP.dll", &hCryptSpDll, TRUE, SRC_POS); - - LoadSystemDll (L"cfgmgr32.dll", &hcfgmgr32dll, TRUE, SRC_POS); - LoadSystemDll (L"devobj.dll", &hdevobjdll, TRUE, SRC_POS); - LoadSystemDll (L"powrprof.dll", &hpowrprofdll, TRUE, SRC_POS); - - LoadSystemDll (L"dwmapi.dll", &hdwmapidll, TRUE, SRC_POS); - - LoadSystemDll (L"crypt32.dll", &hcrypt32dll, TRUE, SRC_POS); - - LoadSystemDll (L"bcrypt.dll", &hbcryptdll, TRUE, SRC_POS); - LoadSystemDll (L"bcryptprimitives.dll", &hbcryptprimitivesdll, TRUE, SRC_POS); - } - } -#else - LoadSystemDll (L"WINSCARD.DLL", &hwinscarddll, TRUE, SRC_POS); -#endif - - LoadSystemDll (L"COMCTL32.DLL", &hComctl32Dll, FALSE, SRC_POS); - - // call InitCommonControls function - InitCommonControlsFn = (InitCommonControlsPtr) GetProcAddress (hComctl32Dll, "InitCommonControls"); - ImageList_AddFn = (ImageList_AddPtr) GetProcAddress (hComctl32Dll, "ImageList_Add"); - ImageList_CreateFn = (ImageList_CreatePtr) GetProcAddress (hComctl32Dll, "ImageList_Create"); - - if (InitCommonControlsFn && ImageList_AddFn && ImageList_CreateFn) - { - InitCommonControlsFn(); - } - else - AbortProcess ("INIT_DLL"); - - LoadSystemDll (L"Riched20.dll", &hRichEditDll, FALSE, SRC_POS); - - // Get SetupAPI functions pointers - SetupCloseInfFileFn = (SetupCloseInfFilePtr) GetProcAddress (hSetupDll, "SetupCloseInfFile"); - SetupDiOpenClassRegKeyFn = (SetupDiOpenClassRegKeyPtr) GetProcAddress (hSetupDll, "SetupDiOpenClassRegKey"); - SetupInstallFromInfSectionWFn = (SetupInstallFromInfSectionWPtr) GetProcAddress (hSetupDll, "SetupInstallFromInfSectionW"); - SetupOpenInfFileWFn = (SetupOpenInfFileWPtr) GetProcAddress (hSetupDll, "SetupOpenInfFileW"); - - if (!SetupCloseInfFileFn || !SetupDiOpenClassRegKeyFn || !SetupInstallFromInfSectionWFn || !SetupOpenInfFileWFn) - AbortProcess ("INIT_DLL"); - - // Get SHDeleteKeyW function pointer - SHDeleteKeyWFn = (SHDeleteKeyWPtr) GetProcAddress (hShlwapiDll, "SHDeleteKeyW"); - SHStrDupWFn = (SHStrDupWPtr) GetProcAddress (hShlwapiDll, "SHStrDupW"); - if (!SHDeleteKeyWFn || !SHStrDupWFn) - AbortProcess ("INIT_DLL"); - - if (IsOSAtLeast (WIN_VISTA)) - { - /* Get ChangeWindowMessageFilter used to enable some messages bypasss UIPI (User Interface Privilege Isolation) */ - ChangeWindowMessageFilterFn = (ChangeWindowMessageFilterPtr) GetProcAddress (GetModuleHandle (L"user32.dll"), "ChangeWindowMessageFilter"); - -#ifndef SETUP - /* enable drag-n-drop when we are running elevated */ - AllowMessageInUIPI (WM_DROPFILES); - AllowMessageInUIPI (WM_COPYDATA); - AllowMessageInUIPI (WM_COPYGLOBALDATA); -#endif - } - - /* Save the instance handle for later */ - hInst = hInstance; - - SetErrorMode (SetErrorMode (0) | SEM_FAILCRITICALERRORS | SEM_NOOPENFILEERRORBOX); - CoInitialize (NULL); - -#ifndef SETUP - // Application ID - typedef HRESULT (WINAPI *SetAppId_t) (PCWSTR appID); - SetAppId_t setAppId = (SetAppId_t) GetProcAddress (GetModuleHandle (L"shell32.dll"), "SetCurrentProcessExplicitAppUserModelID"); - - if (setAppId) - setAppId (TC_APPLICATION_ID); -#endif - - // Language - langId[0] = 0; - SetPreferredLangId (ConfigReadString ("Language", "", langId, sizeof (langId))); - - if (langId[0] == 0) - { - if (IsNonInstallMode ()) - { - // only support automatic use of a language file in portable mode - // this is achieved by placing a unique language XML file in the same - // place as portable VeraCrypt binaries. - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_LANGUAGE), NULL, - (DLGPROC) LanguageDlgProc, (LPARAM) 1); - } - else - { - // when installed, force using English as default language - SetPreferredLangId ("en"); - } - } - - LoadLanguageFile (); - -#ifndef SETUP - // UAC elevation moniker cannot be used in portable mode. - // A new instance of the application must be created with elevated privileges. - if (IsNonInstallMode () && !IsAdmin () && IsUacSupported ()) - { - wchar_t modPath[MAX_PATH], newCmdLine[4096]; - WNDCLASSEXW wcex; - HWND hWnd; - - if (wcsstr (lpszCommandLine, L"/q UAC ") == lpszCommandLine) - { - Error ("UAC_INIT_ERROR", NULL); - exit (1); - } - - memset (&wcex, 0, sizeof (wcex)); - wcex.cbSize = sizeof(WNDCLASSEX); - wcex.lpfnWndProc = (WNDPROC) NonInstallUacWndProc; - wcex.hInstance = hInstance; - wcex.lpszClassName = L"VeraCrypt"; - RegisterClassExW (&wcex); - - // A small transparent window is necessary to bring the new instance to foreground - hWnd = CreateWindowExW (WS_EX_TOOLWINDOW | WS_EX_LAYERED, - L"VeraCrypt", L"VeraCrypt", 0, - GetSystemMetrics (SM_CXSCREEN)/2, - GetSystemMetrics (SM_CYSCREEN)/2, - 1, 1, NULL, NULL, hInstance, NULL); - - SetLayeredWindowAttributes (hWnd, 0, 0, LWA_ALPHA); - ShowWindow (hWnd, SW_SHOWNORMAL); - - GetModuleFileNameW (NULL, modPath, ARRAYSIZE (modPath)); - - StringCbCopyW (newCmdLine, sizeof(newCmdLine), L"/q UAC "); - StringCbCatW (newCmdLine, sizeof (newCmdLine), lpszCommandLine); - - if ((int)ShellExecuteW (hWnd, L"runas", modPath, newCmdLine, NULL, SW_SHOWNORMAL) <= 32) - exit (1); - - Sleep (2000); - exit (0); - } -#endif - - SetUnhandledExceptionFilter (ExceptionHandler); - _set_invalid_parameter_handler (InvalidParameterHandler); - - RemoteSession = GetSystemMetrics (SM_REMOTESESSION) != 0; - - // OS version check - if (CurrentOSMajor < 5) - { - MessageBoxW (NULL, GetString ("UNSUPPORTED_OS"), lpszTitle, MB_ICONSTOP); - exit (1); - } - else - { - // Service pack check & warnings about critical MS issues - switch (nCurrentOS) - { - case WIN_2000: - if (CurrentOSServicePack < 3) - Warning ("LARGE_IDE_WARNING_2K", NULL); - else - { - DWORD val = 0, size = sizeof(val); - HKEY hkey; - - if (RegOpenKeyExW (HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Services\\Atapi\\Parameters", 0, KEY_READ, &hkey) == ERROR_SUCCESS) - { - if (RegQueryValueExW (hkey, L"EnableBigLba", 0, 0, (LPBYTE) &val, &size) != ERROR_SUCCESS - || val != 1) - { - Warning ("LARGE_IDE_WARNING_2K_REGISTRY", NULL); - } - RegCloseKey (hkey); - } - } - break; - - case WIN_XP: - if (CurrentOSServicePack < 1) - { - HKEY k; - // PE environment does not report version of SP - if (RegOpenKeyExW (HKEY_LOCAL_MACHINE, L"System\\CurrentControlSet\\Control\\minint", 0, KEY_READ, &k) != ERROR_SUCCESS) - Warning ("LARGE_IDE_WARNING_XP", NULL); - else - RegCloseKey (k); - } - break; - } - } - - /* Get the attributes for the standard dialog class */ - if ((GetClassInfoW (hInst, WINDOWS_DIALOG_CLASS, &wc)) == 0) - { - handleWin32Error (NULL, SRC_POS); - AbortProcess ("INIT_REGISTER"); - } - -#ifndef SETUP - wc.hIcon = LoadIcon (hInstance, MAKEINTRESOURCE (IDI_TRUECRYPT_ICON)); -#else -#include "../setup/resource.h" - wc.hIcon = LoadIcon (hInstance, MAKEINTRESOURCE (IDI_SETUP)); -#endif - wc.lpszClassName = TC_DLG_CLASS; - wc.lpfnWndProc = &CustomDlgProc; - wc.hCursor = LoadCursor (NULL, IDC_ARROW); - wc.cbWndExtra = DLGWINDOWEXTRA; - - hDlgClass = RegisterClassW (&wc); - if (hDlgClass == 0) - { - handleWin32Error (NULL, SRC_POS); - AbortProcess ("INIT_REGISTER"); - } - - wc.lpszClassName = TC_SPLASH_CLASS; - wc.lpfnWndProc = &SplashDlgProc; - wc.hCursor = LoadCursor (NULL, IDC_ARROW); - wc.cbWndExtra = DLGWINDOWEXTRA; - - hSplashClass = RegisterClassW (&wc); - if (hSplashClass == 0) - { - handleWin32Error (NULL, SRC_POS); - AbortProcess ("INIT_REGISTER"); - } - - // DPI and GUI aspect ratio - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_AUXILIARY_DLG), NULL, - (DLGPROC) AuxiliaryDlgProc, (LPARAM) 1); - - InitHelpFileName (); - -#ifndef SETUP - if (!EncryptionThreadPoolStart (ReadEncryptionThreadPoolFreeCpuCountLimit())) - { - handleWin32Error (NULL, SRC_POS); - FREE_DLL (hRichEditDll); - FREE_DLL (hComctl32Dll); - FREE_DLL (hSetupDll); - FREE_DLL (hShlwapiDll); - FREE_DLL (hProfApiDll); - FREE_DLL (hUsp10Dll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hUXThemeDll); - FREE_DLL (hUserenvDll); - FREE_DLL (hRsaenhDll); - FREE_DLL (himm32dll); - FREE_DLL (hMSCTFdll); - FREE_DLL (hfltlibdll); - FREE_DLL (hframedyndll); - FREE_DLL (hpsapidll); - FREE_DLL (hsecur32dll); - FREE_DLL (hnetapi32dll); - FREE_DLL (hauthzdll); - FREE_DLL (hxmllitedll); - FREE_DLL (hmprdll); - FREE_DLL (hsppdll); - FREE_DLL (vssapidll); - FREE_DLL (hvsstracedll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hcfgmgr32dll); - FREE_DLL (hdevobjdll); - FREE_DLL (hpowrprofdll); - FREE_DLL (hsspiclidll); - FREE_DLL (hcryptbasedll); - FREE_DLL (hdwmapidll); - FREE_DLL (hmsasn1dll); - FREE_DLL (hcrypt32dll); - FREE_DLL (hbcryptdll); - FREE_DLL (hbcryptprimitivesdll); - FREE_DLL (hMsls31); - FREE_DLL (hntmartadll); - FREE_DLL (hwinscarddll); - exit (1); - } -#endif -} - -void FinalizeApp (void) -{ - FREE_DLL (hRichEditDll); - FREE_DLL (hComctl32Dll); - FREE_DLL (hSetupDll); - FREE_DLL (hShlwapiDll); - FREE_DLL (hProfApiDll); - FREE_DLL (hUsp10Dll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hUXThemeDll); - FREE_DLL (hUserenvDll); - FREE_DLL (hRsaenhDll); - FREE_DLL (himm32dll); - FREE_DLL (hMSCTFdll); - FREE_DLL (hfltlibdll); - FREE_DLL (hframedyndll); - FREE_DLL (hpsapidll); - FREE_DLL (hsecur32dll); - FREE_DLL (hnetapi32dll); - FREE_DLL (hauthzdll); - FREE_DLL (hxmllitedll); - FREE_DLL (hmprdll); - FREE_DLL (hsppdll); - FREE_DLL (vssapidll); - FREE_DLL (hvsstracedll); - FREE_DLL (hCryptSpDll); - FREE_DLL (hcfgmgr32dll); - FREE_DLL (hdevobjdll); - FREE_DLL (hpowrprofdll); - FREE_DLL (hsspiclidll); - FREE_DLL (hcryptbasedll); - FREE_DLL (hdwmapidll); - FREE_DLL (hmsasn1dll); - FREE_DLL (hcrypt32dll); - FREE_DLL (hbcryptdll); - FREE_DLL (hbcryptprimitivesdll); - FREE_DLL (hMsls31); - FREE_DLL (hntmartadll); - FREE_DLL (hwinscarddll); -} - -void InitHelpFileName (void) -{ - wchar_t *lpszTmp; - - GetModuleFileNameW (NULL, szHelpFile, ARRAYSIZE (szHelpFile)); - lpszTmp = wcsrchr (szHelpFile, L'\\'); - if (lpszTmp) - { - wchar_t szTemp[TC_MAX_PATH]; - - ++lpszTmp; - *lpszTmp = 0; // add null terminating character to prepare for append operations - - // Primary file name - if (strcmp (GetPreferredLangId(), "en") == 0 - || strlen(GetPreferredLangId()) == 0) - { - StringCbCatW (szHelpFile, sizeof(szHelpFile), L"VeraCrypt User Guide.pdf"); - } - else - { - StringCbPrintfW (szTemp, sizeof(szTemp), L"VeraCrypt User Guide.%S.pdf", GetPreferredLangId()); - StringCbCatW (szHelpFile, sizeof(szHelpFile), szTemp); - } - - // Secondary file name (used when localized documentation is not found). - GetModuleFileNameW (NULL, szHelpFile2, ARRAYSIZE (szHelpFile2)); - lpszTmp = wcsrchr (szHelpFile2, L'\\'); - if (lpszTmp) - { - ++lpszTmp; - *lpszTmp = 0; - StringCbCatW (szHelpFile2, sizeof(szHelpFile2), L"VeraCrypt User Guide.pdf"); - } - } -} - -BOOL OpenDevice (const wchar_t *lpszPath, OPEN_TEST_STRUCT *driver, BOOL detectFilesystem, BOOL matchVolumeID, const BYTE* pbVolumeID) -{ - DWORD dwResult; - BOOL bResult; - wchar_t wszFileName[TC_MAX_PATH]; - - StringCbCopyW (wszFileName, sizeof(wszFileName), lpszPath); - - memset (driver, 0, sizeof (OPEN_TEST_STRUCT)); - memcpy (driver->wszFileName, wszFileName, sizeof (wszFileName)); - - driver->bDetectTCBootLoader = FALSE; - driver->DetectFilesystem = detectFilesystem; - driver->bMatchVolumeID = matchVolumeID; - if (matchVolumeID && pbVolumeID) - memcpy (driver->volumeID, pbVolumeID, VOLUME_ID_SIZE); - - bResult = DeviceIoControl (hDriver, TC_IOCTL_OPEN_TEST, - driver, sizeof (OPEN_TEST_STRUCT), - driver, sizeof (OPEN_TEST_STRUCT), - &dwResult, NULL); - - // check variable driver - if ( bResult - && ( (driver->bDetectTCBootLoader != TRUE && driver->bDetectTCBootLoader != FALSE) || - (driver->TCBootLoaderDetected != TRUE && driver->TCBootLoaderDetected != FALSE) || - (driver->DetectFilesystem != TRUE && driver->DetectFilesystem != FALSE) || - (driver->FilesystemDetected != TRUE && driver->FilesystemDetected != FALSE) || - (wcscmp (wszFileName, driver->wszFileName)) - ) - ) - { - return FALSE; - } - - if (bResult == FALSE) - { - dwResult = GetLastError (); - - if (dwResult == ERROR_SHARING_VIOLATION || dwResult == ERROR_NOT_READY) - { - driver->TCBootLoaderDetected = FALSE; - driver->FilesystemDetected = FALSE; - driver->VolumeIDMatched = FALSE; - return TRUE; - } - else - return FALSE; - } - - return TRUE; -} - - -// Tells the driver that it's running in portable mode -void NotifyDriverOfPortableMode (void) -{ - if (hDriver != INVALID_HANDLE_VALUE) - { - DWORD dwResult; - - DeviceIoControl (hDriver, TC_IOCTL_SET_PORTABLE_MODE_STATUS, NULL, 0, NULL, 0, &dwResult, NULL); - } -} - - -BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize) -{ - DWORD fileSystemFlags; - wchar_t root[] = { L'A' + (wchar_t) driveNo, L':', L'\\', 0 }; - - return GetVolumeInformationW (root, label, labelSize / 2, NULL, NULL, &fileSystemFlags, NULL, 0); -} - - -/* Stores the device path of the system partition in SysPartitionDevicePath and the device path of the system drive -in SysDriveDevicePath. -IMPORTANT: As this may take a very long time if called for the first time, it should be called only before performing - a dangerous operation (such as header backup restore or formatting a supposedly non-system device) never - at WM_INITDIALOG or any other GUI events -- instead call IsSystemDevicePath (path, hwndDlg, FALSE) for - very fast preliminary GUI checks; also note that right after the "Select Device" dialog exits with an OK - return code, you can use the global flags bSysPartitionSelected and bSysDriveSelected to see if the user - selected the system partition/device. -After this function completes successfully, the results are cached for the rest of the session and repeated -executions complete very fast. Returns TRUE if successful (otherwise FALSE). */ -BOOL GetSysDevicePaths (HWND hwndDlg) -{ - if (!bCachedSysDevicePathsValid - || wcslen (SysPartitionDevicePath) <= 1 - || wcslen (SysDriveDevicePath) <= 1) - { - foreach (const HostDevice &device, GetAvailableHostDevices (false, true)) - { - if (device.ContainsSystem) - StringCchCopyW (device.IsPartition ? SysPartitionDevicePath : SysDriveDevicePath, TC_MAX_PATH, device.Path.c_str()); - } - - if (IsOSAtLeast (WIN_7)) - { - // Find extra boot partition - foreach (const HostDevice &drive, GetAvailableHostDevices (false, false)) - { - if (drive.ContainsSystem) - { - foreach (const HostDevice &sysDrivePartition, drive.Partitions) - { - if (sysDrivePartition.Bootable) - { - if (sysDrivePartition.Size <= TC_MAX_EXTRA_BOOT_PARTITION_SIZE) - ExtraBootPartitionDevicePath = sysDrivePartition.Path; - break; - } - } - break; - } - } - } - - bCachedSysDevicePathsValid = 1; - } - - return (bCachedSysDevicePathsValid - && wcslen (SysPartitionDevicePath) > 1 - && wcslen (SysDriveDevicePath) > 1); -} - -/* Determines whether the device path is the path of the system partition or of the system drive (or neither). -If bReliableRequired is TRUE, very fast execution is guaranteed, but the results cannot be relied upon. -If it's FALSE and the function is called for the first time, execution may take up to one minute but the -results are reliable. -IMPORTANT: As the execution may take a very long time if called for the first time with bReliableRequired set - to TRUE, it should be called with bReliableRequired set to TRUE only before performing a dangerous - operation (such as header backup restore or formatting a supposedly non-system device) never at - WM_INITDIALOG or any other GUI events (use IsSystemDevicePath(path, hwndDlg, FALSE) for fast - preliminary GUI checks; also note that right after the "Select Device" dialog exits with an OK - return code, you can use the global flags bSysPartitionSelected and bSysDriveSelected to see if the - user selected the system partition/device). -After this function completes successfully, the results are cached for the rest of the session, bReliableRequired -is ignored (TRUE implied), repeated executions complete very fast, and the results are always reliable. -Return codes: -1 - it is the system partition path (e.g. \Device\Harddisk0\Partition1) -2 - it is the system drive path (e.g. \Device\Harddisk0\Partition0) -3 - it is the extra boot partition path -0 - it's not the system partition/drive path --1 - the result can't be determined, isn't reliable, or there was an error. */ -int IsSystemDevicePath (const wchar_t *path, HWND hwndDlg, BOOL bReliableRequired) -{ - if (!bCachedSysDevicePathsValid - && bReliableRequired) - { - if (!GetSysDevicePaths (hwndDlg)) - return -1; - } - - if (wcslen (SysPartitionDevicePath) <= 1 || wcslen (SysDriveDevicePath) <= 1) - return -1; - - if (!path) - return -1; - - if (wcsncmp (path, SysPartitionDevicePath, max (wcslen(path), wcslen(SysPartitionDevicePath))) == 0) - return 1; - else if (wcsncmp (path, SysDriveDevicePath, max (wcslen(path), wcslen(SysDriveDevicePath))) == 0) - return 2; - else if (ExtraBootPartitionDevicePath == path) - return 3; - - return 0; -} - - -/* Determines whether the path points to a non-system partition on the system drive. -IMPORTANT: As this may take a very long time if called for the first time, it should be called - only before performing a dangerous operation, never at WM_INITDIALOG or any other GUI events. -Return codes: -0 - it isn't a non-system partition on the system drive -1 - it's a non-system partition on the system drive --1 - the result can't be determined, isn't reliable, or there was an error. */ -int IsNonSysPartitionOnSysDrive (const wchar_t *path) -{ - wchar_t tmpPath [TC_MAX_PATH + 1]; - int pos; - - if (!GetSysDevicePaths (MainDlg)) - return -1; - - if (wcslen (SysPartitionDevicePath) <= 1 || wcslen (SysDriveDevicePath) <= 1) - return -1; - - if (wcsncmp (path, SysPartitionDevicePath, max (wcslen(path), wcslen(SysPartitionDevicePath))) == 0 - || wcsncmp (path, SysDriveDevicePath, max (wcslen(path), wcslen(SysDriveDevicePath))) == 0) - { - // It is the system partition/drive path (it isn't a non-system partition) - return 0; - } - - memset (tmpPath, 0, sizeof (tmpPath)); - wcsncpy (tmpPath, path, ARRAYSIZE (tmpPath) - 1); - - - pos = (int) FindString ((const char*) tmpPath, (const char*) L"Partition", (int) wcslen (tmpPath) * 2, (int) wcslen (L"Partition") * 2, 0); - - if (pos < 0) - return -1; - - pos /= 2; - pos += (int) strlen ("Partition"); - - if (pos + 1 > ARRAYSIZE (tmpPath) - 1) - return -1; - - tmpPath [pos] = L'0'; - tmpPath [pos + 1] = 0; - - if (wcsncmp (tmpPath, SysDriveDevicePath, max (wcslen(tmpPath), wcslen(SysDriveDevicePath))) == 0) - { - // It is a non-system partition on the system drive - return 1; - } - else - { - // The partition is not on the system drive - return 0; - } -} - - -wstring GetSysEncryptionPretestInfo2String (void) -{ - // This huge string is divided into smaller portions to make it easier for translators to - // re-translate it when a minor modification is made to it (the whole huge string will not be - // reverted to English, so they will have to translate only a small portion of it). - return (wstring (L"\n") - + GetString ("SYS_ENCRYPTION_PRETEST_INFO2_PORTION_1") - + GetString ("SYS_ENCRYPTION_PRETEST_INFO2_PORTION_2") - + GetString ("SYS_ENCRYPTION_PRETEST_INFO2_PORTION_3") - + GetString ("SYS_ENCRYPTION_PRETEST_INFO2_PORTION_4")); -} - - -wstring GetRescueDiskHelpString (void) -{ - // This huge string is divided into smaller portions to make it easier for translators to - // re-translate it when a minor modification is made to it (the whole huge string will not be - // reverted to English, so they will have to translate only a small portion of it). - return (wstring ( - GetString ("RESCUE_DISK_HELP_PORTION_1")) - + GetString ("RESCUE_DISK_HELP_PORTION_2") - + GetString ("RESCUE_DISK_HELP_PORTION_3") - + GetString ("RESCUE_DISK_HELP_PORTION_4") - + GetString ("RESCUE_DISK_HELP_PORTION_5") - + GetString ("RESCUE_DISK_HELP_PORTION_6") - + GetString ("RESCUE_DISK_HELP_PORTION_7") - + GetString ("RESCUE_DISK_HELP_PORTION_8") - + GetString ("RESCUE_DISK_HELP_PORTION_9")); -} - - -wstring GetDecoyOsInstructionsString (void) -{ - // This huge string is divided into smaller portions to make it easier for translators to - // re-translate it when a minor modification is made to it (the whole huge string will not be - // reverted to English, so they will have to translate only a small portion of it). - return (wstring ( - GetString ("DECOY_OS_INSTRUCTIONS_PORTION_1")) - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_2") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_3") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_4") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_5") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_6") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_7") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_8") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_9") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_10") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_11") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_12") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_13") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_14") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_15") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_16") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_17") - + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_18")); -} - - -INT_PTR TextInfoDialogBox (int nID) -{ - return DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_TEXT_INFO_DIALOG_BOX_DLG), MainDlg, (DLGPROC) TextInfoDialogBoxDlgProc, (LPARAM) nID); -} - -BOOL CALLBACK TextInfoDialogBoxDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - static int nID = 0; - - switch (msg) - { - case WM_INITDIALOG: - { - nID = (int) lParam; - - // Left margin for rich edit text field - SendMessage (GetDlgItem (hwndDlg, IDC_INFO_BOX_TEXT), EM_SETMARGINS, (WPARAM) EC_LEFTMARGIN, (LPARAM) CompensateXDPI (4)); - - ShowWindow(GetDlgItem(hwndDlg, IDC_PRINT), SW_HIDE); - - switch (nID) - { - case TC_TBXID_LEGAL_NOTICES: - LocalizeDialog (hwndDlg, "LEGAL_NOTICES_DLG_TITLE"); - break; - - case TC_TBXID_SYS_ENCRYPTION_PRETEST: - LocalizeDialog (hwndDlg, NULL); - ShowWindow(GetDlgItem(hwndDlg, IDC_PRINT), SW_SHOW); - break; - - case TC_TBXID_SYS_ENC_RESCUE_DISK: - LocalizeDialog (hwndDlg, NULL); - ShowWindow(GetDlgItem(hwndDlg, IDC_PRINT), SW_SHOW); - break; - - case TC_TBXID_DECOY_OS_INSTRUCTIONS: - LocalizeDialog (hwndDlg, NULL); - ShowWindow(GetDlgItem(hwndDlg, IDC_PRINT), SW_SHOW); - break; - - case TC_TBXID_EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS: - LocalizeDialog (hwndDlg, NULL); - ShowWindow(GetDlgItem(hwndDlg, IDC_PRINT), SW_SHOW); - break; - } - - SendMessage (hwndDlg, TC_APPMSG_LOAD_TEXT_BOX_CONTENT, 0, 0); - } - return 0; - - case WM_COMMAND: - if (lw == IDOK || lw == IDCANCEL) - { - NormalCursor (); - EndDialog (hwndDlg, 0); - return 1; - } - - if (lw == IDC_PRINT) - { - switch (nID) - { - case TC_TBXID_SYS_ENCRYPTION_PRETEST: - PrintHardCopyTextUTF16 ((wchar_t *) GetSysEncryptionPretestInfo2String ().c_str(), L"Pre-Boot Troubleshooting", GetSysEncryptionPretestInfo2String ().length () * 2); - break; - - case TC_TBXID_SYS_ENC_RESCUE_DISK: - PrintHardCopyTextUTF16 ((wchar_t *) GetRescueDiskHelpString ().c_str(), L"VeraCrypt Rescue Disk Help", GetRescueDiskHelpString ().length () * 2); - break; - - case TC_TBXID_DECOY_OS_INSTRUCTIONS: - PrintHardCopyTextUTF16 ((wchar_t *) GetDecoyOsInstructionsString ().c_str(), L"How to Create Decoy OS", GetDecoyOsInstructionsString ().length () * 2); - break; - - case TC_TBXID_EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS: - PrintHardCopyTextUTF16 (GetString ("EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS"), L"How to Remove Extra Boot Partition", wcslen (GetString ("EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS")) * 2); - break; - } - return 1; - } - - return 0; - - case TC_APPMSG_LOAD_TEXT_BOX_CONTENT: - { - char *r = NULL; - - switch (nID) - { - case TC_TBXID_LEGAL_NOTICES: - LocalizeDialog (hwndDlg, "LEGAL_NOTICES_DLG_TITLE"); - r = GetLegalNotices (); - if (r != NULL) - { - SETTEXTEX TextInfo = {0}; - - TextInfo.flags = ST_SELECTION; - TextInfo.codepage = CP_ACP; - - SendMessage(GetDlgItem (hwndDlg, IDC_INFO_BOX_TEXT), EM_SETTEXTEX, (WPARAM)&TextInfo, (LPARAM)r); - free (r); - } - break; - - case TC_TBXID_SYS_ENCRYPTION_PRETEST: - LocalizeDialog (hwndDlg, NULL); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_INFO_BOX_TEXT), (wchar_t *) GetSysEncryptionPretestInfo2String ().c_str()); - break; - - case TC_TBXID_SYS_ENC_RESCUE_DISK: - LocalizeDialog (hwndDlg, NULL); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_INFO_BOX_TEXT), (wchar_t *) GetRescueDiskHelpString ().c_str()); - break; - - case TC_TBXID_DECOY_OS_INSTRUCTIONS: - LocalizeDialog (hwndDlg, NULL); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_INFO_BOX_TEXT), (wchar_t *) GetDecoyOsInstructionsString ().c_str()); - break; - - case TC_TBXID_EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS: - LocalizeDialog (hwndDlg, NULL); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_INFO_BOX_TEXT), GetString ("EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS")); - break; - } - } - return 1; - - case WM_CLOSE: - NormalCursor (); - EndDialog (hwndDlg, 0); - return 1; - } - - return 0; -} - - -char * GetLegalNotices () -{ - static char *resource; - static DWORD size; - char *buf = NULL; - - if (resource == NULL) - resource = (char *) MapResource (L"Text", IDR_LICENSE, &size); - - if (resource != NULL) - { - buf = (char *) malloc (size + 1); - if (buf != NULL) - { - memcpy (buf, resource, size); - buf[size] = 0; - } - } - - return buf; -} - - -BOOL CALLBACK RawDevicesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - static wchar_t *lpszFileName; // This is actually a pointer to a GLOBAL array - static vector devices; - static map itemToDeviceMap; - - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - LVCOLUMNW LvCol; - HWND hList = GetDlgItem (hwndDlg, IDC_DEVICELIST); - RawDevicesDlgParam* pDlgParam = (RawDevicesDlgParam *) lParam; - - LocalizeDialog (hwndDlg, "IDD_RAWDEVICES_DLG"); - - SendMessage (hList,LVM_SETEXTENDEDLISTVIEWSTYLE,0, - LVS_EX_FULLROWSELECT|LVS_EX_HEADERDRAGDROP|LVS_EX_TWOCLICKACTIVATE|LVS_EX_LABELTIP - ); - - memset (&LvCol,0,sizeof(LvCol)); - LvCol.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; - LvCol.pszText = GetString ("DEVICE"); - LvCol.cx = CompensateXDPI (186); - LvCol.fmt = LVCFMT_LEFT; - SendMessage (hList,LVM_INSERTCOLUMNW,0,(LPARAM)&LvCol); - - LvCol.pszText = GetString ("DRIVE"); - LvCol.cx = CompensateXDPI (38); - LvCol.fmt = LVCFMT_LEFT; - SendMessage (hList,LVM_INSERTCOLUMNW,1,(LPARAM)&LvCol); - - LvCol.pszText = GetString ("SIZE"); - LvCol.cx = CompensateXDPI (64); - LvCol.fmt = LVCFMT_RIGHT; - SendMessage (hList,LVM_INSERTCOLUMNW,2,(LPARAM)&LvCol); - - LvCol.pszText = GetString ("LABEL"); - LvCol.cx = CompensateXDPI (128); - LvCol.fmt = LVCFMT_LEFT; - SendMessage (hList,LVM_INSERTCOLUMNW,3,(LPARAM)&LvCol); - - devices.clear(); - itemToDeviceMap.clear(); - - if (pDlgParam->devices.empty()) - { - WaitCursor(); - devices = GetAvailableHostDevices (false, true, false); - NormalCursor(); - } - else - devices = pDlgParam->devices; - - if (devices.empty()) - { - MessageBoxW (hwndDlg, GetString ("RAWDEVICES"), lpszTitle, ICON_HAND); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - int line = 1; - LVITEM item; - memset (&item, 0, sizeof (item)); - item.mask = LVIF_TEXT; - - foreach (const HostDevice &device, devices) - { - item.iSubItem = 1; - - if (device.ContainsSystem) - { - if (device.IsPartition) - StringCbCopyW (SysPartitionDevicePath, sizeof (SysPartitionDevicePath), device.Path.c_str()); - else - StringCbCopyW (SysDriveDevicePath, sizeof (SysDriveDevicePath), device.Path.c_str()); - } - - // Path - if (!device.IsPartition || device.DynamicVolume) - { - if (!device.Floppy && (device.Size == 0) - && (device.IsPartition || device.Partitions.empty() || device.Partitions[0].Size == 0) - ) - continue; - - if (line > 1) - { - ListItemAdd (hList, item.iItem, L""); - item.iItem = line++; - } - - if (device.Floppy || device.DynamicVolume) - { - ListItemAdd (hList, item.iItem, (wchar_t *) device.Path.c_str()); - } - else - { - wchar_t s[1024]; - if (device.Removable) - StringCbPrintfW (s, sizeof(s), L"%s %d", GetString ("REMOVABLE_DISK"), device.SystemNumber); - else - StringCbPrintfW (s, sizeof(s), L"%s %d", GetString ("HARDDISK"), device.SystemNumber); - - if (!device.Partitions.empty()) - StringCbCatW (s, sizeof(s), L":"); - - ListItemAdd (hList, item.iItem, s); - } - } - else - { - ListItemAdd (hList, item.iItem, (wchar_t *) device.Path.c_str()); - } - - itemToDeviceMap[item.iItem] = device; - - // Size - if (device.Size != 0) - { - wchar_t size[100] = { 0 }; - GetSizeString (device.Size, size, sizeof(size)); - ListSubItemSet (hList, item.iItem, 2, size); - } - - // Mount point - if (!device.MountPoint.empty()) - ListSubItemSet (hList, item.iItem, 1, (wchar_t *) device.MountPoint.c_str()); - - // Label - if (!device.Name.empty()) - ListSubItemSet (hList, item.iItem, 3, (wchar_t *) device.Name.c_str()); -#ifdef TCMOUNT - else - { - bool useInExplorer = false; - wstring favoriteLabel = GetFavoriteVolumeLabel (device.Path, useInExplorer); - if (!favoriteLabel.empty()) - ListSubItemSet (hList, item.iItem, 3, (wchar_t *) favoriteLabel.c_str()); - } -#endif - - item.iItem = line++; - } - - SendMessageW(hList, LVM_SETCOLUMNWIDTH, 0, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); - SendMessageW(hList, LVM_SETCOLUMNWIDTH, 1, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); - SendMessageW(hList, LVM_SETCOLUMNWIDTH, 2, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); - SendMessageW(hList, LVM_SETCOLUMNWIDTH, 3, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); - - lpszFileName = pDlgParam->pszFileName; - -#ifdef VOLFORMAT - EnableWindow (GetDlgItem (hwndDlg, IDOK), FALSE); -#endif - return 1; - } - - case WM_COMMAND: - case WM_NOTIFY: - // catch non-device line selected - if (msg == WM_NOTIFY && ((LPNMHDR) lParam)->code == LVN_ITEMCHANGED && (((LPNMLISTVIEW) lParam)->uNewState & LVIS_FOCUSED )) - { - BOOL bEnableOkButton = FALSE; - LVITEM LvItem; - memset(&LvItem,0,sizeof(LvItem)); - LvItem.mask = LVIF_TEXT | LVIF_PARAM; - LvItem.iItem = ((LPNMLISTVIEW) lParam)->iItem; - LvItem.pszText = lpszFileName; - LvItem.cchTextMax = TC_MAX_PATH; - - lpszFileName[0] = 0; - SendMessage (GetDlgItem (hwndDlg, IDC_DEVICELIST), LVM_GETITEM, LvItem.iItem, (LPARAM) &LvItem); - if (lpszFileName[0] != 0 && lpszFileName[0] != ' ') - { - bEnableOkButton = TRUE; -#ifdef VOLFORMAT - if ( bInPlaceEncNonSysResumed && (WizardMode == WIZARD_MODE_NONSYS_DEVICE) - && LvItem.iItem != -1 && itemToDeviceMap.find (LvItem.iItem) != itemToDeviceMap.end() - ) - { - const HostDevice selectedDevice = itemToDeviceMap[LvItem.iItem]; - if (selectedDevice.ContainsSystem) - { - bEnableOkButton = FALSE; - } - } -#endif - } - EnableWindow (GetDlgItem ((HWND) hwndDlg, IDOK), bEnableOkButton); - - return 1; - } - - if (msg == WM_COMMAND && lw == IDOK || msg == WM_NOTIFY && ((NMHDR *)lParam)->code == LVN_ITEMACTIVATE) - { - int selectedItem = ListView_GetSelectionMark (GetDlgItem (hwndDlg, IDC_DEVICELIST)); - - if (selectedItem == -1 || itemToDeviceMap.find (selectedItem) == itemToDeviceMap.end()) - return 1; // non-device line selected - - const HostDevice selectedDevice = itemToDeviceMap[selectedItem]; - StringCchCopyW (lpszFileName, TC_MAX_PATH, selectedDevice.Path.c_str()); - -#ifdef VOLFORMAT - if (selectedDevice.ContainsSystem && selectedDevice.IsPartition) - { - if (WizardMode != WIZARD_MODE_SYS_DEVICE) - { - if (bInPlaceEncNonSysResumed && (WizardMode == WIZARD_MODE_NONSYS_DEVICE)) - { - // disable selection - return 1; - } - - if (AskYesNo ("CONFIRM_SYSTEM_ENCRYPTION_MODE", hwndDlg) == IDNO) - { - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - bSysPartitionSelected = TRUE; - bSysDriveSelected = FALSE; - lpszFileName[0] = 0; - SwitchWizardToSysEncMode (); - - NormalCursor (); - EndDialog (hwndDlg, IDOK); - return 1; - } - else - { - // This should never be the case because the Select Device dialog is not available in this wizard mode - bSysPartitionSelected = TRUE; - bSysDriveSelected = FALSE; - lpszFileName[0] = 0; - SwitchWizardToSysEncMode (); - NormalCursor (); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - } - - if (!(selectedDevice.ContainsSystem && !selectedDevice.IsPartition)) - { - if (bWarnDeviceFormatAdvanced - && !bHiddenVolDirect - && AskWarnNoYes("FORMAT_DEVICE_FOR_ADVANCED_ONLY", hwndDlg) == IDNO) - { - if (AskNoYes("CONFIRM_CHANGE_WIZARD_MODE_TO_FILE_CONTAINER", hwndDlg) == IDYES) - { - SwitchWizardToFileContainerMode (); - } - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - if (!bHiddenVolDirect) - bWarnDeviceFormatAdvanced = FALSE; - } - -#else // #ifdef VOLFORMAT - - bSysPartitionSelected = (selectedDevice.ContainsSystem && selectedDevice.IsPartition); - bSysDriveSelected = FALSE; - -#endif // #ifdef VOLFORMAT - - if (!selectedDevice.IsPartition && !selectedDevice.Floppy) - { - // Whole device selected - -#ifdef VOLFORMAT - if (selectedDevice.ContainsSystem && !selectedDevice.IsPartition) - { - if (WizardMode != WIZARD_MODE_SYS_DEVICE) - { - if (bInPlaceEncNonSysResumed && (WizardMode == WIZARD_MODE_NONSYS_DEVICE)) - { - // disable selection - return 1; - } - - if (AskYesNo ("CONFIRM_SYSTEM_ENCRYPTION_MODE", hwndDlg) == IDNO) - { - NormalCursor (); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - bSysDriveSelected = TRUE; - bSysPartitionSelected = FALSE; - lpszFileName[0] = 0; - SwitchWizardToSysEncMode (); - - NormalCursor (); - EndDialog (hwndDlg, IDOK); - return 1; - } - else - { - // This should never be the case because the Select Device dialog is not available in this wizard mode - bSysDriveSelected = TRUE; - bSysPartitionSelected = FALSE; - lpszFileName[0] = 0; - SwitchWizardToSysEncMode (); - NormalCursor (); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - } - - // Disallow format if the device contains partitions, but not if the partition is virtual or system - if (!selectedDevice.IsVirtualPartition - && !bHiddenVolDirect) - { - if (!selectedDevice.Partitions.empty()) - { - EnableWindow (GetDlgItem (hwndDlg, IDOK), FALSE); - Error ("DEVICE_PARTITIONS_ERR_W_INPLACE_ENC_NOTE", hwndDlg); - return 1; - } - - if (AskWarnNoYes ("WHOLE_NONSYS_DEVICE_ENC_CONFIRM", hwndDlg) == IDNO) - return 1; - } -#else // #ifdef VOLFORMAT - - bSysDriveSelected = (selectedDevice.ContainsSystem && !selectedDevice.IsPartition); - bSysPartitionSelected = FALSE; - -#endif // #ifdef VOLFORMAT - } - else - bSysDriveSelected = FALSE; - -#ifdef VOLFORMAT - bRemovableHostDevice = selectedDevice.Removable; -#endif - NormalCursor (); - EndDialog (hwndDlg, IDOK); - return 1; - } - - if ((msg == WM_COMMAND) && (lw == IDCANCEL)) - { - NormalCursor (); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - return 0; - } - return 0; -} - - -BOOL DoDriverInstall (HWND hwndDlg) -{ -#ifdef SETUP - if (SystemEncryptionUpdate) - return TRUE; -#endif - - SC_HANDLE hManager, hService = NULL; - BOOL bOK = FALSE, bRet; - - hManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); - if (hManager == NULL) - goto error; - -#ifdef SETUP - StatusMessage (hwndDlg, "INSTALLING_DRIVER"); -#endif - - hService = CreateService (hManager, L"veracrypt", L"veracrypt", - SERVICE_ALL_ACCESS, SERVICE_KERNEL_DRIVER, SERVICE_SYSTEM_START, SERVICE_ERROR_NORMAL, - L"System32\\drivers\\veracrypt.sys", - NULL, NULL, NULL, NULL, NULL); - - if (hService == NULL) - goto error; - else - CloseServiceHandle (hService); - - hService = OpenService (hManager, L"veracrypt", SERVICE_ALL_ACCESS); - if (hService == NULL) - goto error; - -#ifdef SETUP - StatusMessage (hwndDlg, "STARTING_DRIVER"); -#endif - - bRet = StartService (hService, 0, NULL); - if (bRet == FALSE) - goto error; - - bOK = TRUE; - -error: - if (bOK == FALSE && GetLastError () != ERROR_SERVICE_ALREADY_RUNNING) - { - handleWin32Error (hwndDlg, SRC_POS); - MessageBoxW (hwndDlg, GetString ("DRIVER_INSTALL_FAILED"), lpszTitle, MB_ICONHAND); - } - else - bOK = TRUE; - - if (hService != NULL) - CloseServiceHandle (hService); - - if (hManager != NULL) - CloseServiceHandle (hManager); - - return bOK; -} - - -// Install and start driver service and mark it for removal (non-install mode) -static int DriverLoad () -{ - HANDLE file; - WIN32_FIND_DATA find; - SC_HANDLE hManager, hService = NULL; - wchar_t driverPath[TC_MAX_PATH*2]; - BOOL res; - wchar_t *tmp; - DWORD startType; - - if (ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", L"Start", &startType) && startType == SERVICE_BOOT_START) - return ERR_PARAMETER_INCORRECT; - - GetModuleFileName (NULL, driverPath, ARRAYSIZE (driverPath)); - tmp = wcsrchr (driverPath, L'\\'); - if (!tmp) - { - driverPath[0] = L'.'; - driverPath[1] = 0; - } - else - *tmp = 0; - - StringCbCatW (driverPath, sizeof(driverPath), !Is64BitOs () ? L"\\veracrypt.sys" : L"\\veracrypt-x64.sys"); - - file = FindFirstFile (driverPath, &find); - - if (file == INVALID_HANDLE_VALUE) - { - MessageBoxW (0, GetString ("DRIVER_NOT_FOUND"), lpszTitle, ICON_HAND); - return ERR_DONT_REPORT; - } - - FindClose (file); - - hManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); - if (hManager == NULL) - { - if (GetLastError () == ERROR_ACCESS_DENIED) - { - MessageBoxW (0, GetString ("ADMIN_PRIVILEGES_DRIVER"), lpszTitle, ICON_HAND); - return ERR_DONT_REPORT; - } - - return ERR_OS_ERROR; - } - - hService = OpenService (hManager, L"veracrypt", SERVICE_ALL_ACCESS); - if (hService != NULL) - { - // Remove stale service (driver is not loaded but service exists) - DeleteService (hService); - CloseServiceHandle (hService); - Sleep (500); - } - - hService = CreateService (hManager, L"veracrypt", L"veracrypt", - SERVICE_ALL_ACCESS, SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START, SERVICE_ERROR_NORMAL, - driverPath, NULL, NULL, NULL, NULL, NULL); - - if (hService == NULL) - { - CloseServiceHandle (hManager); - return ERR_OS_ERROR; - } - - res = StartService (hService, 0, NULL); - DeleteService (hService); - - CloseServiceHandle (hManager); - CloseServiceHandle (hService); - - return !res ? ERR_OS_ERROR : ERROR_SUCCESS; -} - - -BOOL DriverUnload () -{ - MOUNT_LIST_STRUCT driver; - int refCount; - int volumesMounted; - DWORD dwResult; - BOOL bResult; - - SC_HANDLE hManager, hService = NULL; - BOOL bRet; - SERVICE_STATUS status; - int x; - BOOL driverUnloaded = FALSE; - - if (hDriver == INVALID_HANDLE_VALUE) - return TRUE; - - try - { - if (BootEncryption (NULL).GetStatus().DeviceFilterActive) - return FALSE; - } - catch (...) { } - - // Test for mounted volumes - bResult = DeviceIoControl (hDriver, TC_IOCTL_IS_ANY_VOLUME_MOUNTED, NULL, 0, &volumesMounted, sizeof (volumesMounted), &dwResult, NULL); - - if (!bResult) - { - bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES, NULL, 0, &driver, sizeof (driver), &dwResult, NULL); - if (bResult) - volumesMounted = driver.ulMountedDrives; - } - - if (bResult) - { - if (volumesMounted != 0) - return FALSE; - } - else - return TRUE; - - // Test for any applications attached to driver - refCount = GetDriverRefCount (); - - if (refCount > 1) - return FALSE; - - CloseHandle (hDriver); - hDriver = INVALID_HANDLE_VALUE; - - // Stop driver service - - hManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); - if (hManager == NULL) - goto error; - - hService = OpenService (hManager, L"veracrypt", SERVICE_ALL_ACCESS); - if (hService == NULL) - goto error; - - bRet = QueryServiceStatus (hService, &status); - if (bRet != TRUE) - goto error; - - if (status.dwCurrentState != SERVICE_STOPPED) - { - ControlService (hService, SERVICE_CONTROL_STOP, &status); - - for (x = 0; x < 10; x++) - { - bRet = QueryServiceStatus (hService, &status); - if (bRet != TRUE) - goto error; - - if (status.dwCurrentState == SERVICE_STOPPED) - { - driverUnloaded = TRUE; - break; - } - - Sleep (200); - } - } - else - driverUnloaded = TRUE; - -error: - if (hService != NULL) - CloseServiceHandle (hService); - - if (hManager != NULL) - CloseServiceHandle (hManager); - - if (driverUnloaded) - { - hDriver = INVALID_HANDLE_VALUE; - return TRUE; - } - - return FALSE; -} - - -int DriverAttach (void) -{ - /* Try to open a handle to the device driver. It will be closed later. */ - -#ifndef SETUP - - int nLoadRetryCount = 0; -start: - -#endif - - hDriver = CreateFile (WIN32_ROOT_PREFIX, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (hDriver == INVALID_HANDLE_VALUE) - { -#ifndef SETUP - - LoadSysEncSettings (); - - if (!CreateDriverSetupMutex ()) - { - // Another instance is already attempting to install, register or start the driver - - while (!CreateDriverSetupMutex ()) - { - Sleep (100); // Wait until the other instance finishes - } - - // Try to open a handle to the driver again (keep the mutex in case the other instance failed) - goto start; - } - else - { - // No other instance is currently attempting to install, register or start the driver - - if (SystemEncryptionStatus != SYSENC_STATUS_NONE) - { - // This is an inconsistent state. The config file indicates system encryption should be - // active, but the driver is not running. This may happen e.g. when the pretest fails and - // the user selects "Last Known Good Configuration" from the Windows boot menu. - // To fix this, we're going to reinstall the driver, start it, and register it for boot. - - if (DoDriverInstall (NULL)) - { - Sleep (1000); - hDriver = CreateFile (WIN32_ROOT_PREFIX, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - try - { - BootEncryption bootEnc (NULL); - bootEnc.RegisterBootDriver (bootEnc.GetHiddenOSCreationPhase() != TC_HIDDEN_OS_CREATION_PHASE_NONE ? true : false); - } - catch (Exception &e) - { - e.Show (NULL); - } - } - - CloseDriverSetupMutex (); - } - else - { - // Attempt to load the driver (non-install/portable mode) -load: - BOOL res = DriverLoad (); - - CloseDriverSetupMutex (); - - if (res != ERROR_SUCCESS) - return res; - - bPortableModeConfirmed = TRUE; - - if (hDriver != INVALID_HANDLE_VALUE) - CloseHandle (hDriver); - hDriver = CreateFile (WIN32_ROOT_PREFIX, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - } - - if (bPortableModeConfirmed) - NotifyDriverOfPortableMode (); - } - -#endif // #ifndef SETUP - - if (hDriver == INVALID_HANDLE_VALUE) - return ERR_OS_ERROR; - } - - CloseDriverSetupMutex (); - - if (hDriver != INVALID_HANDLE_VALUE) - { - DWORD dwResult; - - BOOL bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &DriverVersion, sizeof (DriverVersion), &dwResult, NULL); - - if (!bResult) - bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_DRIVER_VERSION, NULL, 0, &DriverVersion, sizeof (DriverVersion), &dwResult, NULL); - -#ifndef SETUP // Don't check version during setup to allow removal of another version - if (bResult == FALSE) - { - return ERR_OS_ERROR; - } - else if (DriverVersion != VERSION_NUM) - { - // Unload an incompatbile version of the driver loaded in non-install mode and load the required version - if (IsNonInstallMode () && CreateDriverSetupMutex () && DriverUnload () && nLoadRetryCount++ < 3) - goto load; - - CloseDriverSetupMutex (); - CloseHandle (hDriver); - hDriver = INVALID_HANDLE_VALUE; - return ERR_DRIVER_VERSION; - } -#else - if (!bResult) - DriverVersion = 0; -#endif - } - - return 0; -} - - -void ResetCurrentDirectory () -{ - wchar_t p[MAX_PATH]; - if (!IsNonInstallMode () && SHGetFolderPath (NULL, CSIDL_PROFILE, NULL, 0, p) == ERROR_SUCCESS) - { - SetCurrentDirectory (p); - } - else - { - GetModPath (p, ARRAYSIZE (p)); - SetCurrentDirectory (p); - } -} - - -BOOL BrowseFiles (HWND hwndDlg, char *stringId, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter) -{ - return BrowseFilesInDir (hwndDlg, stringId, NULL, lpszFileName, keepHistory, saveMode, browseFilter); -} - - -BOOL BrowseFilesInDir (HWND hwndDlg, char *stringId, wchar_t *initialDir, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter, const wchar_t *initialFileName, const wchar_t *defaultExtension) -{ - OPENFILENAMEW ofn; - wchar_t file[TC_MAX_PATH] = { 0 }; - wchar_t filter[1024]; - BOOL status = FALSE; - - CoInitialize (NULL); - - ZeroMemory (&ofn, sizeof (ofn)); - *lpszFileName = 0; - - if (initialDir) - { - ofn.lpstrInitialDir = initialDir; - } - - if (initialFileName) - StringCchCopyW (file, array_capacity (file), initialFileName); - - ofn.lStructSize = sizeof (ofn); - ofn.hwndOwner = hwndDlg; - - StringCbPrintfW (filter, sizeof(filter), L"%ls (*.*)%c*.*%c%ls (*.hc)%c*.hc%c%c", - GetString ("ALL_FILES"), 0, 0, GetString ("TC_VOLUMES"), 0, 0, 0); - ofn.lpstrFilter = browseFilter ? browseFilter : filter; - ofn.nFilterIndex = 1; - ofn.lpstrFile = file; - ofn.nMaxFile = sizeof (file) / sizeof (file[0]); - ofn.lpstrTitle = GetString (stringId); - ofn.lpstrDefExt = defaultExtension; - ofn.Flags = OFN_HIDEREADONLY - | OFN_PATHMUSTEXIST - | (keepHistory ? 0 : OFN_DONTADDTORECENT) - | (saveMode ? OFN_OVERWRITEPROMPT : 0); - - if (!keepHistory) - CleanLastVisitedMRU (); - - SystemFileSelectorCallerThreadId = GetCurrentThreadId(); - SystemFileSelectorCallPending = TRUE; - - if (!saveMode) - { - if (!GetOpenFileNameW (&ofn)) - goto ret; - } - else - { - if (!GetSaveFileNameW (&ofn)) - goto ret; - } - - SystemFileSelectorCallPending = FALSE; - - StringCchCopyW (lpszFileName, MAX_PATH, file); - - if (!keepHistory) - CleanLastVisitedMRU (); - - status = TRUE; - -ret: - SystemFileSelectorCallPending = FALSE; - ResetCurrentDirectory(); - CoUninitialize(); - - return status; -} - - -static wchar_t SelectMultipleFilesPath[131072]; -static int SelectMultipleFilesOffset; - -BOOL SelectMultipleFiles (HWND hwndDlg, const char *stringId, wchar_t *lpszFileName, size_t cbFileName,BOOL keepHistory) -{ - OPENFILENAMEW ofn; - wchar_t filter[1024]; - BOOL status = FALSE; - - CoInitialize (NULL); - - ZeroMemory (&ofn, sizeof (ofn)); - - SelectMultipleFilesPath[0] = 0; - *lpszFileName = 0; - ofn.lStructSize = sizeof (ofn); - ofn.hwndOwner = hwndDlg; - StringCbPrintfW (filter, sizeof(filter), L"%ls (*.*)%c*.*%c%ls (*.hc)%c*.hc%c%c", - GetString ("ALL_FILES"), 0, 0, GetString ("TC_VOLUMES"), 0, 0, 0); - ofn.lpstrFilter = filter; - ofn.nFilterIndex = 1; - ofn.lpstrFile = SelectMultipleFilesPath; - ofn.nMaxFile = 0xffff * 2; // The size must not exceed 0xffff*2 due to a bug in Windows 2000 and XP SP1 - ofn.lpstrTitle = GetString (stringId); - ofn.Flags = OFN_HIDEREADONLY - | OFN_EXPLORER - | OFN_PATHMUSTEXIST - | OFN_ALLOWMULTISELECT - | (keepHistory ? 0 : OFN_DONTADDTORECENT); - - if (!keepHistory) - CleanLastVisitedMRU (); - - SystemFileSelectorCallerThreadId = GetCurrentThreadId(); - SystemFileSelectorCallPending = TRUE; - - if (!GetOpenFileNameW (&ofn)) - goto ret; - - SystemFileSelectorCallPending = FALSE; - - if (SelectMultipleFilesPath[ofn.nFileOffset - 1] != 0) - { - // Single file selected - StringCbCopyW (lpszFileName, cbFileName, SelectMultipleFilesPath); - SelectMultipleFilesOffset = 0; - SecureZeroMemory (SelectMultipleFilesPath, sizeof (SelectMultipleFilesPath)); - } - else - { - // Multiple files selected - SelectMultipleFilesOffset = ofn.nFileOffset; - SelectMultipleFilesNext (lpszFileName, cbFileName); - } - - if (!keepHistory) - CleanLastVisitedMRU (); - - status = TRUE; - -ret: - SystemFileSelectorCallPending = FALSE; - ResetCurrentDirectory(); - CoUninitialize(); - - return status; -} - - -BOOL SelectMultipleFilesNext (wchar_t *lpszFileName, size_t cbFileName) -{ - if (SelectMultipleFilesOffset == 0) - return FALSE; - - StringCbCopyW (lpszFileName, cbFileName,SelectMultipleFilesPath); - lpszFileName[TC_MAX_PATH - 1] = 0; - - if (lpszFileName[wcslen (lpszFileName) - 1] != L'\\') - StringCbCatW (lpszFileName, cbFileName,L"\\"); - - StringCbCatW (lpszFileName, cbFileName,SelectMultipleFilesPath + SelectMultipleFilesOffset); - - SelectMultipleFilesOffset += (int) wcslen (SelectMultipleFilesPath + SelectMultipleFilesOffset) + 1; - if (SelectMultipleFilesPath[SelectMultipleFilesOffset] == 0) - { - SelectMultipleFilesOffset = 0; - SecureZeroMemory (SelectMultipleFilesPath, sizeof (SelectMultipleFilesPath)); - } - - return TRUE; -} - - -static int CALLBACK BrowseCallbackProc(HWND hwnd,UINT uMsg,LPARAM lp, LPARAM pData) -{ - switch(uMsg) { - case BFFM_INITIALIZED: - { - /* WParam is TRUE since we are passing a path. - It would be FALSE if we were passing a pidl. */ - SendMessageW (hwnd,BFFM_SETSELECTION,TRUE,(LPARAM)pData); - break; - } - - case BFFM_SELCHANGED: - { - wchar_t szDir[TC_MAX_PATH]; - - /* Set the status window to the currently selected path. */ - if (SHGetPathFromIDList((LPITEMIDLIST) lp ,szDir)) - { - SendMessage (hwnd,BFFM_SETSTATUSTEXT,0,(LPARAM)szDir); - } - break; - } - - default: - break; - } - - return 0; -} - - -BOOL BrowseDirectories (HWND hwndDlg, char *lpszTitle, wchar_t *dirName) -{ - BROWSEINFOW bi; - LPITEMIDLIST pidl; - LPMALLOC pMalloc; - BOOL bOK = FALSE; - - CoInitialize (NULL); - - if (SUCCEEDED (SHGetMalloc (&pMalloc))) - { - ZeroMemory (&bi, sizeof(bi)); - bi.hwndOwner = hwndDlg; - bi.pszDisplayName = 0; - bi.lpszTitle = GetString (lpszTitle); - bi.pidlRoot = 0; - bi.ulFlags = BIF_RETURNONLYFSDIRS | BIF_STATUSTEXT; - bi.lpfn = BrowseCallbackProc; - bi.lParam = (LPARAM)dirName; - - pidl = SHBrowseForFolderW (&bi); - if (pidl != NULL) - { - if (SHGetPathFromIDList(pidl, dirName)) - { - bOK = TRUE; - } - - pMalloc->Free (pidl); - pMalloc->Release(); - } - } - - CoUninitialize(); - - return bOK; -} - - -std::wstring GetWrongPasswordErrorMessage (HWND hwndDlg) -{ - WCHAR szTmp[8192]; - - StringCbPrintfW (szTmp, sizeof(szTmp), GetString (KeyFilesEnable ? "PASSWORD_OR_KEYFILE_WRONG" : "PASSWORD_WRONG")); - if (CheckCapsLock (hwndDlg, TRUE)) - StringCbCatW (szTmp, sizeof(szTmp), GetString ("PASSWORD_WRONG_CAPSLOCK_ON")); - -#ifdef TCMOUNT - wchar_t szDevicePath [TC_MAX_PATH+1] = {0}; - GetWindowText (GetDlgItem (MainDlg, IDC_VOLUME), szDevicePath, ARRAYSIZE (szDevicePath)); - - if (TCBootLoaderOnInactiveSysEncDrive (szDevicePath)) - { - StringCbPrintfW (szTmp, sizeof(szTmp), GetString (KeyFilesEnable ? "PASSWORD_OR_KEYFILE_OR_MODE_WRONG" : "PASSWORD_OR_MODE_WRONG")); - - if (CheckCapsLock (hwndDlg, TRUE)) - StringCbCatW (szTmp, sizeof(szTmp), GetString ("PASSWORD_WRONG_CAPSLOCK_ON")); - - StringCbCatW (szTmp, sizeof(szTmp), GetString ("SYSENC_MOUNT_WITHOUT_PBA_NOTE")); - } -#endif - - wstring msg = szTmp; - -#ifdef TCMOUNT - if (KeyFilesEnable && HiddenFilesPresentInKeyfilePath) - { - msg += GetString ("HIDDEN_FILES_PRESENT_IN_KEYFILE_PATH"); - HiddenFilesPresentInKeyfilePath = FALSE; - } -#endif - - return msg; -} - - -void handleError (HWND hwndDlg, int code, const char* srcPos) -{ - WCHAR szTmp[4096]; - - if (Silent) return; - - switch (code & 0x0000FFFF) - { - case ERR_OS_ERROR: - handleWin32Error (hwndDlg, srcPos); - break; - case ERR_OUTOFMEMORY: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("OUTOFMEMORY"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - - case ERR_PASSWORD_WRONG: - MessageBoxW (hwndDlg, AppendSrcPos (GetWrongPasswordErrorMessage (hwndDlg).c_str(), srcPos).c_str(), lpszTitle, MB_ICONWARNING); - break; - - case ERR_DRIVE_NOT_FOUND: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("NOT_FOUND"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - case ERR_FILES_OPEN: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("OPENFILES_DRIVER"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - case ERR_FILES_OPEN_LOCK: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("OPENFILES_LOCK"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - case ERR_VOL_SIZE_WRONG: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("VOL_SIZE_WRONG"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - case ERR_COMPRESSION_NOT_SUPPORTED: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("COMPRESSION_NOT_SUPPORTED"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - case ERR_PASSWORD_CHANGE_VOL_TYPE: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("WRONG_VOL_TYPE"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - case ERR_VOL_SEEKING: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("VOL_SEEKING"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - case ERR_CIPHER_INIT_FAILURE: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("ERR_CIPHER_INIT_FAILURE"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - case ERR_CIPHER_INIT_WEAK_KEY: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("ERR_CIPHER_INIT_WEAK_KEY"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - case ERR_VOL_ALREADY_MOUNTED: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("VOL_ALREADY_MOUNTED"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - case ERR_FILE_OPEN_FAILED: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("FILE_OPEN_FAILED"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - case ERR_VOL_MOUNT_FAILED: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("VOL_MOUNT_FAILED"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - case ERR_NO_FREE_DRIVES: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("NO_FREE_DRIVES"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - case ERR_ACCESS_DENIED: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("ACCESS_DENIED"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - - case ERR_DRIVER_VERSION: - Error ("DRIVER_VERSION", hwndDlg); - break; - - case ERR_NEW_VERSION_REQUIRED: - MessageBoxW (hwndDlg, AppendSrcPos (GetString ("NEW_VERSION_REQUIRED"), srcPos).c_str(), lpszTitle, ICON_HAND); - break; - - case ERR_SELF_TESTS_FAILED: - Error ("ERR_SELF_TESTS_FAILED", hwndDlg); - break; - - case ERR_VOL_FORMAT_BAD: - Error ("ERR_VOL_FORMAT_BAD", hwndDlg); - break; - - case ERR_ENCRYPTION_NOT_COMPLETED: - Error ("ERR_ENCRYPTION_NOT_COMPLETED", hwndDlg); - break; - - case ERR_NONSYS_INPLACE_ENC_INCOMPLETE: - Error ("ERR_NONSYS_INPLACE_ENC_INCOMPLETE", hwndDlg); - break; - - case ERR_SYS_HIDVOL_HEAD_REENC_MODE_WRONG: - Error ("ERR_SYS_HIDVOL_HEAD_REENC_MODE_WRONG", hwndDlg); - break; - - case ERR_PARAMETER_INCORRECT: - Error ("ERR_PARAMETER_INCORRECT", hwndDlg); - break; - - case ERR_USER_ABORT: - case ERR_DONT_REPORT: - // A non-error - break; - - case ERR_UNSUPPORTED_TRUECRYPT_FORMAT: - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("UNSUPPORTED_TRUECRYPT_FORMAT"), (code >> 24), (code >> 16) & 0x000000FF); - MessageBoxW (hwndDlg, AppendSrcPos (szTmp, srcPos).c_str(), lpszTitle, ICON_HAND); - break; - -#ifndef SETUP - case ERR_RAND_INIT_FAILED: - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("INIT_RAND"), SRC_POS, GetLastError ()); - MessageBoxW (hwndDlg, AppendSrcPos (szTmp, srcPos).c_str(), lpszTitle, MB_ICONERROR); - break; - - case ERR_CAPI_INIT_FAILED: - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CAPI_RAND"), SRC_POS, CryptoAPILastError); - MessageBoxW (hwndDlg, AppendSrcPos (szTmp, srcPos).c_str(), lpszTitle, MB_ICONERROR); - break; -#endif - - default: - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("ERR_UNKNOWN"), code); - MessageBoxW (hwndDlg, AppendSrcPos (szTmp, srcPos).c_str(), lpszTitle, ICON_HAND); - } -} - - -BOOL CheckFileStreamWriteErrors (HWND hwndDlg, FILE *file, const wchar_t *fileName) -{ - if (ferror (file)) - { - wchar_t s[TC_MAX_PATH]; - StringCbPrintfW (s, sizeof (s), GetString ("CANNOT_WRITE_FILE_X"), fileName); - ErrorDirect (s, hwndDlg); - - return FALSE; - } - - return TRUE; -} - - -static BOOL CALLBACK LocalizeDialogEnum( HWND hwnd, LPARAM font) -{ - // Localization of controls - - if (LocalizationActive) - { - int ctrlId = GetDlgCtrlID (hwnd); - if (ctrlId != 0) - { - WCHAR name[10] = { 0 }; - GetClassNameW (hwnd, name, array_capacity (name)); - - if (_wcsicmp (name, L"Button") == 0 || _wcsicmp (name, L"Static") == 0) - { - wchar_t *str = (wchar_t *) GetDictionaryValueByInt (ctrlId); - if (str != NULL) - SetWindowTextW (hwnd, str); - } - } - } - - // Font - SendMessageW (hwnd, WM_SETFONT, (WPARAM) font, 0); - - return TRUE; -} - -void LocalizeDialog (HWND hwnd, char *stringId) -{ - LastDialogId = stringId; - SetWindowLongPtrW (hwnd, GWLP_USERDATA, (LONG_PTR) 'VERA'); - SendMessageW (hwnd, WM_SETFONT, (WPARAM) hUserFont, 0); - - if (stringId == NULL) - SetWindowTextW (hwnd, L"VeraCrypt"); - else - SetWindowTextW (hwnd, GetString (stringId)); - - if (hUserFont != 0) - EnumChildWindows (hwnd, LocalizeDialogEnum, (LPARAM) hUserFont); -} - -void OpenVolumeExplorerWindow (int driveNo) -{ - wchar_t dosName[5]; - SHFILEINFO fInfo; - - StringCbPrintfW (dosName, sizeof(dosName), L"%c:\\", (wchar_t) driveNo + L'A'); - - // Force explorer to discover the drive - SHGetFileInfo (dosName, 0, &fInfo, sizeof (fInfo), 0); - - ShellExecute (NULL, L"open", dosName, NULL, NULL, SW_SHOWNORMAL); -} - -static BOOL explorerCloseSent; -static HWND explorerTopLevelWindow; - -static BOOL CALLBACK CloseVolumeExplorerWindowsChildEnum (HWND hwnd, LPARAM driveStr) -{ - WCHAR s[MAX_PATH]; - SendMessageW (hwnd, WM_GETTEXT, array_capacity (s), (LPARAM) s); - - if (wcsstr (s, (WCHAR *) driveStr) != NULL) - { - PostMessageW (explorerTopLevelWindow, WM_CLOSE, 0, 0); - explorerCloseSent = TRUE; - return FALSE; - } - - return TRUE; -} - -static BOOL CALLBACK CloseVolumeExplorerWindowsEnum (HWND hwnd, LPARAM driveNo) -{ - WCHAR driveStr[10]; - WCHAR s[MAX_PATH]; - - StringCbPrintfW (driveStr, sizeof(driveStr), L"%c:\\", driveNo + L'A'); - - GetClassNameW (hwnd, s, array_capacity (s)); - if (wcscmp (s, L"CabinetWClass") == 0) - { - GetWindowTextW (hwnd, s, array_capacity (s)); - if (wcsstr (s, driveStr) != NULL) - { - PostMessageW (hwnd, WM_CLOSE, 0, 0); - explorerCloseSent = TRUE; - return TRUE; - } - - explorerTopLevelWindow = hwnd; - EnumChildWindows (hwnd, CloseVolumeExplorerWindowsChildEnum, (LPARAM) driveStr); - } - - return TRUE; -} - -BOOL CloseVolumeExplorerWindows (HWND hwnd, int driveNo) -{ - if (driveNo >= 0) - { - explorerCloseSent = FALSE; - EnumWindows (CloseVolumeExplorerWindowsEnum, (LPARAM) driveNo); - } - - return explorerCloseSent; -} - -BOOL UpdateDriveCustomLabel (int driveNo, wchar_t* effectiveLabel, BOOL bSetValue) -{ - wchar_t wszRegPath[MAX_PATH]; - wchar_t driveStr[] = {L'A' + (wchar_t) driveNo, 0}; - HKEY hKey; - LSTATUS lStatus; - DWORD cbLabelLen = (DWORD) ((wcslen (effectiveLabel) + 1) * sizeof (wchar_t)); - BOOL bToBeDeleted = FALSE; - - StringCbPrintfW (wszRegPath, sizeof (wszRegPath), L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\DriveIcons\\%s\\DefaultLabel", driveStr); - - if (bSetValue) - lStatus = RegCreateKeyExW (HKEY_CURRENT_USER, wszRegPath, NULL, NULL, 0, - KEY_READ | KEY_WRITE | KEY_SET_VALUE, NULL, &hKey, NULL); - else - lStatus = RegOpenKeyExW (HKEY_CURRENT_USER, wszRegPath, 0, KEY_READ | KEY_WRITE | KEY_SET_VALUE, &hKey); - if (ERROR_SUCCESS == lStatus) - { - if (bSetValue) - lStatus = RegSetValueExW (hKey, NULL, NULL, REG_SZ, (LPCBYTE) effectiveLabel, cbLabelLen); - else - { - wchar_t storedLabel[34] = {0}; - DWORD cbStoredLen = sizeof (storedLabel) - 1, dwType; - lStatus = RegQueryValueExW (hKey, NULL, NULL, &dwType, (LPBYTE) storedLabel, &cbStoredLen); - if ((ERROR_SUCCESS == lStatus) && (REG_SZ == dwType) && (0 == wcscmp(storedLabel, effectiveLabel))) - { - // same label stored. mark key for deletion - bToBeDeleted = TRUE; - } - } - RegCloseKey (hKey); - } - - if (bToBeDeleted) - { - StringCbPrintfW (wszRegPath, sizeof (wszRegPath), L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\DriveIcons\\%s", driveStr); - lStatus = RegOpenKeyExW (HKEY_CURRENT_USER, wszRegPath, 0, KEY_READ | KEY_WRITE | KEY_SET_VALUE, &hKey); - if (ERROR_SUCCESS == lStatus) - { - lStatus = RegDeleteKeyW (hKey, L"DefaultLabel"); - RegCloseKey (hKey); - } - - // delete drive letter of nothing else is present under it - RegDeleteKeyW (HKEY_CURRENT_USER, wszRegPath); - - } - - return (ERROR_SUCCESS == lStatus)? TRUE : FALSE; -} - -wstring GetUserFriendlyVersionString (int version) -{ - wchar_t szTmp [64]; - StringCbPrintfW (szTmp, sizeof(szTmp), L"%x", version); - - wstring versionString (szTmp); - - versionString.insert (version > 0xfff ? 2 : 1,L"."); - - if (versionString[versionString.length()-1] == L'0') - versionString.erase (versionString.length()-1, 1); - - return (versionString); -} - -wstring IntToWideString (int val) -{ - wchar_t szTmp [64]; - StringCbPrintfW (szTmp, sizeof(szTmp), L"%d", val); - - return szTmp; -} - -wstring ArrayToHexWideString (const unsigned char* pbData, int cbData) -{ - static wchar_t* hexChar = L"0123456789ABCDEF"; - wstring result; - if (pbData) - { - for (int i = 0; i < cbData; i++) - { - result += hexChar[pbData[i] >> 4]; - result += hexChar[pbData[i] & 0x0F]; - } - } - - return result; -} - -bool HexToByte (wchar_t c, byte& b) -{ - bool bRet = true; - if (c >= L'0' && c <= L'9') - b = (byte) (c - L'0'); - else if (c >= L'a' && c <= L'z') - b = (byte) (c - L'a' + 10); - else if (c >= L'A' && c <= L'Z') - b = (byte) (c - L'A' + 10); - else - bRet = false; - - return bRet; -} - -bool HexWideStringToArray (const wchar_t* hexStr, std::vector& arr) -{ - byte b1, b2; - size_t i, len = wcslen (hexStr); - - arr.clear(); - if (len %2) - return false; - - for (i = 0; i < len/2; i++) - { - if (!HexToByte (*hexStr++, b1) || !HexToByte (*hexStr++, b2)) - return false; - arr.push_back (b1 << 4 | b2); - } - return true; -} - -wstring GetTempPathString () -{ - wchar_t tempPath[MAX_PATH]; - DWORD tempLen = ::GetTempPath (ARRAYSIZE (tempPath), tempPath); - if (tempLen == 0 || tempLen > ARRAYSIZE (tempPath)) - throw ParameterIncorrect (SRC_POS); - - return wstring (tempPath); -} - -void GetSizeString (unsigned __int64 size, wchar_t *str, size_t cbStr) -{ - static wchar_t *b, *kb, *mb, *gb, *tb, *pb; - static int serNo; - - if (b == NULL || serNo != LocalizationSerialNo) - { - serNo = LocalizationSerialNo; - kb = GetString ("KB"); - mb = GetString ("MB"); - gb = GetString ("GB"); - tb = GetString ("TB"); - pb = GetString ("PB"); - b = GetString ("BYTE"); - } - - if (size > 1024I64*1024*1024*1024*1024*99) - StringCbPrintfW (str, cbStr, L"%I64d %s", size/1024/1024/1024/1024/1024, pb); - else if (size > 1024I64*1024*1024*1024*1024) - StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(size/1024.0/1024/1024/1024/1024), pb); - else if (size > 1024I64*1024*1024*1024*99) - StringCbPrintfW (str, cbStr, L"%I64d %s",size/1024/1024/1024/1024, tb); - else if (size > 1024I64*1024*1024*1024) - StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(size/1024.0/1024/1024/1024), tb); - else if (size > 1024I64*1024*1024*99) - StringCbPrintfW (str, cbStr, L"%I64d %s",size/1024/1024/1024, gb); - else if (size > 1024I64*1024*1024) - StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(size/1024.0/1024/1024), gb); - else if (size > 1024I64*1024*99) - StringCbPrintfW (str, cbStr, L"%I64d %s", size/1024/1024, mb); - else if (size > 1024I64*1024) - StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(size/1024.0/1024), mb); - else if (size >= 1024I64) - StringCbPrintfW (str, cbStr, L"%I64d %s", size/1024, kb); - else - StringCbPrintfW (str, cbStr, L"%I64d %s", size, b); -} - -#ifndef SETUP -void GetSpeedString (unsigned __int64 speed, wchar_t *str, size_t cbStr) -{ - static wchar_t *b, *kb, *mb, *gb, *tb, *pb; - static int serNo; - - if (b == NULL || serNo != LocalizationSerialNo) - { - serNo = LocalizationSerialNo; - kb = GetString ("KB_PER_SEC"); - mb = GetString ("MB_PER_SEC"); - gb = GetString ("GB_PER_SEC"); - tb = GetString ("TB_PER_SEC"); - pb = GetString ("PB_PER_SEC"); - b = GetString ("B_PER_SEC"); - } - - if (speed > 1024I64*1024*1024*1024*1024*99) - StringCbPrintfW (str, cbStr, L"%I64d %s", speed/1024/1024/1024/1024/1024, pb); - else if (speed > 1024I64*1024*1024*1024*1024) - StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(speed/1024.0/1024/1024/1024/1024), pb); - else if (speed > 1024I64*1024*1024*1024*99) - StringCbPrintfW (str, cbStr, L"%I64d %s",speed/1024/1024/1024/1024, tb); - else if (speed > 1024I64*1024*1024*1024) - StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(speed/1024.0/1024/1024/1024), tb); - else if (speed > 1024I64*1024*1024*99) - StringCbPrintfW (str, cbStr, L"%I64d %s",speed/1024/1024/1024, gb); - else if (speed > 1024I64*1024*1024) - StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(speed/1024.0/1024/1024), gb); - else if (speed > 1024I64*1024*99) - StringCbPrintfW (str, cbStr, L"%I64d %s", speed/1024/1024, mb); - else if (speed > 1024I64*1024) - StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(speed/1024.0/1024), mb); - else if (speed > 1024I64) - StringCbPrintfW (str, cbStr, L"%I64d %s", speed/1024, kb); - else - StringCbPrintfW (str, cbStr, L"%I64d %s", speed, b); -} - -static void DisplayBenchmarkResults (HWND hwndDlg) -{ - wchar_t item1[100]={0}; - LVITEMW LvItem; - HWND hList = GetDlgItem (hwndDlg, IDC_RESULTS); - int ea, i; - BOOL unsorted = TRUE; - BENCHMARK_REC tmp_line; - - /* Sort the list */ - - switch (benchmarkSortMethod) - { - case BENCHMARK_SORT_BY_SPEED: - - while (unsorted) - { - unsorted = FALSE; - for (i = 0; i < benchmarkTotalItems - 1; i++) - { - if (benchmarkTable[i].meanBytesPerSec < benchmarkTable[i+1].meanBytesPerSec) - { - unsorted = TRUE; - memcpy (&tmp_line, &benchmarkTable[i], sizeof(BENCHMARK_REC)); - memcpy (&benchmarkTable[i], &benchmarkTable[i+1], sizeof(BENCHMARK_REC)); - memcpy (&benchmarkTable[i+1], &tmp_line, sizeof(BENCHMARK_REC)); - } - } - } - break; - - case BENCHMARK_SORT_BY_NAME: - - while (unsorted) - { - unsorted = FALSE; - for (i = 0; i < benchmarkTotalItems - 1; i++) - { - if (benchmarkTable[i].id > benchmarkTable[i+1].id) - { - unsorted = TRUE; - memcpy (&tmp_line, &benchmarkTable[i], sizeof(BENCHMARK_REC)); - memcpy (&benchmarkTable[i], &benchmarkTable[i+1], sizeof(BENCHMARK_REC)); - memcpy (&benchmarkTable[i+1], &tmp_line, sizeof(BENCHMARK_REC)); - } - } - } - break; - } - - /* Render the results */ - - SendMessage (hList,LVM_DELETEALLITEMS,0,(LPARAM)&LvItem); - - for (i = 0; i < benchmarkTotalItems; i++) - { - ea = benchmarkTable[i].id; - - memset (&LvItem,0,sizeof(LvItem)); - LvItem.mask = LVIF_TEXT; - LvItem.iItem = i; - LvItem.iSubItem = 0; - LvItem.pszText = (LPWSTR) benchmarkTable[i].name; - SendMessageW (hList, LVM_INSERTITEM, 0, (LPARAM)&LvItem); - -#if PKCS5_BENCHMARKS - wcscpy (item1, L"-"); -#else - GetSpeedString ((unsigned __int64) (benchmarkLastBufferSize / ((float) benchmarkTable[i].encSpeed / benchmarkPerformanceFrequency.QuadPart)), item1, sizeof(item1)); -#endif - LvItem.iSubItem = 1; - LvItem.pszText = item1; - - SendMessageW (hList, LVM_SETITEMW, 0, (LPARAM)&LvItem); - -#if PKCS5_BENCHMARKS - wcscpy (item1, L"-"); -#else - GetSpeedString ((unsigned __int64) (benchmarkLastBufferSize / ((float) benchmarkTable[i].decSpeed / benchmarkPerformanceFrequency.QuadPart)), item1, sizeof(item1)); -#endif - LvItem.iSubItem = 2; - LvItem.pszText = item1; - - SendMessageW (hList, LVM_SETITEMW, 0, (LPARAM)&LvItem); - -#if PKCS5_BENCHMARKS - swprintf (item1, L"%d t", benchmarkTable[i].encSpeed); -#else - GetSpeedString (benchmarkTable[i].meanBytesPerSec, item1, sizeof(item1)); -#endif - LvItem.iSubItem = 3; - LvItem.pszText = item1; - - SendMessageW (hList, LVM_SETITEMW, 0, (LPARAM)&LvItem); - } - - SendMessageW(hList, LVM_SETCOLUMNWIDTH, 0, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); - SendMessageW(hList, LVM_SETCOLUMNWIDTH, 1, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); - SendMessageW(hList, LVM_SETCOLUMNWIDTH, 2, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); - SendMessageW(hList, LVM_SETCOLUMNWIDTH, 3, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); -} - -// specific implementation for support of benchmark operation in wait dialog mechanism - -typedef struct -{ - HWND hBenchDlg; - BOOL bStatus; -} BenchmarkThreadParam; - -static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg); - -void CALLBACK BenchmarkThreadProc(void* pArg, HWND hwndDlg) -{ - BenchmarkThreadParam* pThreadParam = (BenchmarkThreadParam*) pArg; - - pThreadParam->bStatus = PerformBenchmark (pThreadParam->hBenchDlg, hwndDlg); -} - -static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) -{ - LARGE_INTEGER performanceCountStart, performanceCountEnd; - BYTE *lpTestBuffer; - PCRYPTO_INFO ci = NULL; - UINT64_STRUCT startDataUnitNo; - - startDataUnitNo.Value = 0; - -#if !(PKCS5_BENCHMARKS || HASH_FNC_BENCHMARKS) - ci = crypto_open (); - if (!ci) - return FALSE; -#endif - - if (QueryPerformanceFrequency (&benchmarkPerformanceFrequency) == 0) - { - if (ci) - crypto_close (ci); - MessageBoxW (hwndDlg, GetString ("ERR_PERF_COUNTER"), lpszTitle, ICON_HAND); - return FALSE; - } - - lpTestBuffer = (BYTE *) malloc(benchmarkBufferSize - (benchmarkBufferSize % 16)); - if (lpTestBuffer == NULL) - { - if (ci) - crypto_close (ci); - MessageBoxW (hwndDlg, GetString ("ERR_MEM_ALLOC"), lpszTitle, ICON_HAND); - return FALSE; - } - VirtualLock (lpTestBuffer, benchmarkBufferSize - (benchmarkBufferSize % 16)); - - WaitCursor (); - benchmarkTotalItems = 0; - -#if !(PKCS5_BENCHMARKS || HASH_FNC_BENCHMARKS) - // CPU "warm up" (an attempt to prevent skewed results on systems where CPU frequency - // gradually changes depending on CPU load). - ci->ea = EAGetFirst(); - if (!EAInit (ci->ea, ci->master_keydata, ci->ks)) - { - ci->mode = FIRST_MODE_OF_OPERATION_ID; - if (EAInitMode (ci)) - { - int i; - - for (i = 0; i < 10; i++) - { - EncryptDataUnits (lpTestBuffer, &startDataUnitNo, (TC_LARGEST_COMPILER_UINT) benchmarkBufferSize / ENCRYPTION_DATA_UNIT_SIZE, ci); - DecryptDataUnits (lpTestBuffer, &startDataUnitNo, (TC_LARGEST_COMPILER_UINT) benchmarkBufferSize / ENCRYPTION_DATA_UNIT_SIZE, ci); - } - } - } -#endif - -#if HASH_FNC_BENCHMARKS - - /* Measures the speed at which each of the hash algorithms processes the message to produce - a single digest. - - The hash algorithm benchmarks are included here for development purposes only. Do not enable - them when building a public release (the benchmark GUI strings wouldn't make sense). */ - - { - BYTE *digest [MAX_DIGESTSIZE]; - WHIRLPOOL_CTX wctx; - RMD160_CTX rctx; - sha512_ctx s2ctx; - sha256_ctx s256ctx; - int hid; - - for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) - { - if (QueryPerformanceCounter (&performanceCountStart) == 0) - goto counter_error; - - switch (hid) - { - - case SHA512: - sha512_begin (&s2ctx); - sha512_hash (lpTestBuffer, benchmarkBufferSize, &s2ctx); - sha512_end ((unsigned char *) digest, &s2ctx); - break; - - case SHA256: - sha256_begin (&s256ctx); - sha256_hash (lpTestBuffer, benchmarkBufferSize, &s256ctx); - sha256_end ((unsigned char *) digest, &s256ctx); - break; - - case RIPEMD160: - RMD160Init(&rctx); - RMD160Update(&rctx, lpTestBuffer, benchmarkBufferSize); - RMD160Final((unsigned char *) digest, &rctx); - break; - - case WHIRLPOOL: - WHIRLPOOL_init (&wctx); - WHIRLPOOL_add (lpTestBuffer, benchmarkBufferSize * 8, &wctx); - WHIRLPOOL_finalize (&wctx, (unsigned char *) digest); - break; - } - - if (QueryPerformanceCounter (&performanceCountEnd) == 0) - goto counter_error; - - benchmarkTable[benchmarkTotalItems].encSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart; - - benchmarkTable[benchmarkTotalItems].decSpeed = benchmarkTable[benchmarkTotalItems].encSpeed; - benchmarkTable[benchmarkTotalItems].id = hid; - benchmarkTable[benchmarkTotalItems].meanBytesPerSec = ((unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].encSpeed / benchmarkPerformanceFrequency.QuadPart)) + (unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].decSpeed / benchmarkPerformanceFrequency.QuadPart))) / 2; - StringCbPrintfA (benchmarkTable[benchmarkTotalItems].name, sizeof(benchmarkTable[benchmarkTotalItems].name),"%s", HashGetName(hid)); - - benchmarkTotalItems++; - } - } - -#elif PKCS5_BENCHMARKS // #if HASH_FNC_BENCHMARKS - - /* Measures the time that it takes for the PKCS-5 routine to derive a header key using - each of the implemented PRF algorithms. - - The PKCS-5 benchmarks are included here for development purposes only. Do not enable - them when building a public release (the benchmark GUI strings wouldn't make sense). */ - { - int thid, i; - char dk[MASTER_KEYDATA_SIZE]; - char *tmp_salt = {"\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF"}; - - for (thid = FIRST_PRF_ID; thid <= LAST_PRF_ID; thid++) - { - if (QueryPerformanceCounter (&performanceCountStart) == 0) - goto counter_error; - - for (i = 1; i <= 5; i++) - { - switch (thid) - { - - case SHA512: - /* PKCS-5 test with HMAC-SHA-512 used as the PRF */ - derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, 0, FALSE, FALSE), dk, MASTER_KEYDATA_SIZE); - break; - - case SHA256: - /* PKCS-5 test with HMAC-SHA-256 used as the PRF */ - derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, 0, FALSE, FALSE), dk, MASTER_KEYDATA_SIZE); - break; - - case RIPEMD160: - /* PKCS-5 test with HMAC-RIPEMD-160 used as the PRF */ - derive_key_ripemd160 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, 0, FALSE, FALSE), dk, MASTER_KEYDATA_SIZE); - break; - - case WHIRLPOOL: - /* PKCS-5 test with HMAC-Whirlpool used as the PRF */ - derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, 0, FALSE, FALSE), dk, MASTER_KEYDATA_SIZE); - break; - } - } - - if (QueryPerformanceCounter (&performanceCountEnd) == 0) - goto counter_error; - - benchmarkTable[benchmarkTotalItems].encSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart; - benchmarkTable[benchmarkTotalItems].id = thid; - StringCbPrintfW (benchmarkTable[benchmarkTotalItems].name, sizeof(benchmarkTable[benchmarkTable[benchmarkTotalItems].name),L"%s", get_pkcs5_prf_name (thid)); - - benchmarkTotalItems++; - } - } - -#else // #elif PKCS5_BENCHMARKS - - /* Encryption algorithm benchmarks */ - - for (ci->ea = EAGetFirst(); ci->ea != 0; ci->ea = EAGetNext(ci->ea)) - { - if (!EAIsFormatEnabled (ci->ea)) - continue; - - if (ERR_CIPHER_INIT_FAILURE == EAInit (ci->ea, ci->master_keydata, ci->ks)) - goto counter_error; - - ci->mode = FIRST_MODE_OF_OPERATION_ID; - if (!EAInitMode (ci)) - goto counter_error; - - if (QueryPerformanceCounter (&performanceCountStart) == 0) - goto counter_error; - - EncryptDataUnits (lpTestBuffer, &startDataUnitNo, (TC_LARGEST_COMPILER_UINT) benchmarkBufferSize / ENCRYPTION_DATA_UNIT_SIZE, ci); - - if (QueryPerformanceCounter (&performanceCountEnd) == 0) - goto counter_error; - - benchmarkTable[benchmarkTotalItems].encSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart; - - if (QueryPerformanceCounter (&performanceCountStart) == 0) - goto counter_error; - - DecryptDataUnits (lpTestBuffer, &startDataUnitNo, (TC_LARGEST_COMPILER_UINT) benchmarkBufferSize / ENCRYPTION_DATA_UNIT_SIZE, ci); - - if (QueryPerformanceCounter (&performanceCountEnd) == 0) - goto counter_error; - - benchmarkTable[benchmarkTotalItems].decSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart; - benchmarkTable[benchmarkTotalItems].id = ci->ea; - benchmarkTable[benchmarkTotalItems].meanBytesPerSec = ((unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].encSpeed / benchmarkPerformanceFrequency.QuadPart)) + (unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].decSpeed / benchmarkPerformanceFrequency.QuadPart))) / 2; - EAGetName (benchmarkTable[benchmarkTotalItems].name, ci->ea, 1); - - benchmarkTotalItems++; - } - -#endif // #elif PKCS5_BENCHMARKS (#else) - - if (ci) - crypto_close (ci); - - VirtualUnlock (lpTestBuffer, benchmarkBufferSize - (benchmarkBufferSize % 16)); - - free(lpTestBuffer); - - benchmarkLastBufferSize = benchmarkBufferSize; - - DisplayBenchmarkResults(hBenchDlg); - - EnableWindow (GetDlgItem (hBenchDlg, IDC_PERFORM_BENCHMARK), TRUE); - EnableWindow (GetDlgItem (hBenchDlg, IDCLOSE), TRUE); - - NormalCursor (); - return TRUE; - -counter_error: - - if (ci) - crypto_close (ci); - - VirtualUnlock (lpTestBuffer, benchmarkBufferSize - (benchmarkBufferSize % 16)); - - free(lpTestBuffer); - - NormalCursor (); - - EnableWindow (GetDlgItem (hBenchDlg, IDC_PERFORM_BENCHMARK), TRUE); - EnableWindow (GetDlgItem (hBenchDlg, IDCLOSE), TRUE); - - MessageBoxW (hwndDlg, GetString ("ERR_PERF_COUNTER"), lpszTitle, ICON_HAND); - return FALSE; -} - - -BOOL CALLBACK BenchmarkDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - LPARAM nIndex; - HWND hCboxSortMethod = GetDlgItem (hwndDlg, IDC_BENCHMARK_SORT_METHOD); - HWND hCboxBufferSize = GetDlgItem (hwndDlg, IDC_BENCHMARK_BUFFER_SIZE); - - switch (msg) - { - case WM_INITDIALOG: - { - LVCOLUMNW LvCol; - wchar_t s[128]; - HWND hList = GetDlgItem (hwndDlg, IDC_RESULTS); - - LocalizeDialog (hwndDlg, "IDD_BENCHMARK_DLG"); - - benchmarkBufferSize = BENCHMARK_DEFAULT_BUF_SIZE; - benchmarkSortMethod = BENCHMARK_SORT_BY_SPEED; - - SendMessage (hList,LVM_SETEXTENDEDLISTVIEWSTYLE,0, - LVS_EX_FULLROWSELECT|LVS_EX_HEADERDRAGDROP|LVS_EX_LABELTIP - ); - - memset (&LvCol,0,sizeof(LvCol)); - LvCol.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; - LvCol.pszText = GetString ("ALGORITHM"); - LvCol.cx = CompensateXDPI (114); - LvCol.fmt = LVCFMT_LEFT; - SendMessage (hList,LVM_INSERTCOLUMNW,0,(LPARAM)&LvCol); - - LvCol.pszText = GetString ("ENCRYPTION"); - LvCol.cx = CompensateXDPI (80); - LvCol.fmt = LVCFMT_RIGHT; - SendMessageW (hList,LVM_INSERTCOLUMNW,1,(LPARAM)&LvCol); - - LvCol.pszText = GetString ("DECRYPTION"); - LvCol.cx = CompensateXDPI (80); - LvCol.fmt = LVCFMT_RIGHT; - SendMessageW (hList,LVM_INSERTCOLUMNW,2,(LPARAM)&LvCol); - - LvCol.pszText = GetString ("MEAN"); - LvCol.cx = CompensateXDPI (80); - LvCol.fmt = LVCFMT_RIGHT; - SendMessageW (hList,LVM_INSERTCOLUMNW,3,(LPARAM)&LvCol); - - /* Combo boxes */ - - // Sort method - - SendMessage (hCboxSortMethod, CB_RESETCONTENT, 0, 0); - - nIndex = SendMessageW (hCboxSortMethod, CB_ADDSTRING, 0, (LPARAM) GetString ("ALPHABETICAL_CATEGORIZED")); - SendMessage (hCboxSortMethod, CB_SETITEMDATA, nIndex, (LPARAM) 0); - - nIndex = SendMessageW (hCboxSortMethod, CB_ADDSTRING, 0, (LPARAM) GetString ("MEAN_SPEED")); - SendMessage (hCboxSortMethod, CB_SETITEMDATA, nIndex, (LPARAM) 0); - - SendMessage (hCboxSortMethod, CB_SETCURSEL, 1, 0); // Default sort method - - // Buffer size - - SendMessage (hCboxBufferSize, CB_RESETCONTENT, 0, 0); - - StringCbPrintfW (s, sizeof(s), L"100 %s", GetString ("KB")); - nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); - SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 100 * BYTES_PER_KB); - - StringCbPrintfW (s, sizeof(s), L"500 %s", GetString ("KB")); - nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); - SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 500 * BYTES_PER_KB); - - StringCbPrintfW (s, sizeof(s), L"1 %s", GetString ("MB")); - nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); - SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 1 * BYTES_PER_MB); - - StringCbPrintfW (s, sizeof(s), L"5 %s", GetString ("MB")); - nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); - SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 5 * BYTES_PER_MB); - - StringCbPrintfW (s, sizeof(s), L"10 %s", GetString ("MB")); - nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); - SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 10 * BYTES_PER_MB); - - StringCbPrintfW (s, sizeof(s), L"50 %s", GetString ("MB")); - nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); - SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 50 * BYTES_PER_MB); - - StringCbPrintfW (s, sizeof(s), L"100 %s", GetString ("MB")); - nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); - SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 100 * BYTES_PER_MB); - - StringCbPrintfW (s, sizeof(s), L"200 %s", GetString ("MB")); - nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); - SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 200 * BYTES_PER_MB); - - StringCbPrintfW (s, sizeof(s), L"500 %s", GetString ("MB")); - nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); - SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 500 * BYTES_PER_MB); - - StringCbPrintfW (s, sizeof(s), L"1 %s", GetString ("GB")); - nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); - SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 1 * BYTES_PER_GB); - - SendMessage (hCboxBufferSize, CB_SETCURSEL, 5, 0); // Default buffer size - - - uint32 driverConfig = ReadDriverConfigurationFlags(); - - SetDlgItemTextW (hwndDlg, IDC_HW_AES, (wstring (L" ") + (GetString (is_aes_hw_cpu_supported() ? ((driverConfig & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? "UISTR_DISABLED" : "UISTR_YES") : "NOT_APPLICABLE_OR_NOT_AVAILABLE"))).c_str()); - - ToHyperlink (hwndDlg, IDC_HW_AES_LABEL_LINK); - - if (is_aes_hw_cpu_supported() && (driverConfig & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION)) - { - Warning ("DISABLED_HW_AES_AFFECTS_PERFORMANCE", hwndDlg); - } - - SYSTEM_INFO sysInfo; - GetSystemInfo (&sysInfo); - - size_t nbrThreads = GetEncryptionThreadCount(); - - wchar_t nbrThreadsStr [300]; - if (sysInfo.dwNumberOfProcessors < 2) - { - StringCbCopyW (nbrThreadsStr, sizeof(nbrThreadsStr), GetString ("NOT_APPLICABLE_OR_NOT_AVAILABLE")); - } - else if (nbrThreads < 2) - { - StringCbCopyW (nbrThreadsStr, sizeof(nbrThreadsStr), GetString ("UISTR_DISABLED")); - } - else - { - StringCbPrintfW (nbrThreadsStr, sizeof(nbrThreadsStr), GetString ("NUMBER_OF_THREADS"), nbrThreads); - } - - SetDlgItemTextW (hwndDlg, IDC_PARALLELIZATION, (wstring (L" ") + nbrThreadsStr).c_str()); - - ToHyperlink (hwndDlg, IDC_PARALLELIZATION_LABEL_LINK); - - if (nbrThreads < min (sysInfo.dwNumberOfProcessors, GetMaxEncryptionThreadCount()) - && sysInfo.dwNumberOfProcessors > 1) - { - Warning ("LIMITED_THREAD_COUNT_AFFECTS_PERFORMANCE", hwndDlg); - } - - return 1; - } - break; - - case WM_COMMAND: - - switch (lw) - { - case IDC_BENCHMARK_SORT_METHOD: - - nIndex = SendMessage (hCboxSortMethod, CB_GETCURSEL, 0, 0); - if (nIndex != benchmarkSortMethod) - { - benchmarkSortMethod = (int) nIndex; - DisplayBenchmarkResults (hwndDlg); - } - return 1; - - case IDC_PERFORM_BENCHMARK: - - nIndex = SendMessage (hCboxBufferSize, CB_GETCURSEL, 0, 0); - benchmarkBufferSize = (int) SendMessage (hCboxBufferSize, CB_GETITEMDATA, nIndex, 0); - - BenchmarkThreadParam threadParam; - threadParam.hBenchDlg = hwndDlg; - threadParam.bStatus = FALSE; - - WaitCursor (); - - ShowWaitDialog (hwndDlg, TRUE, BenchmarkThreadProc, &threadParam); - - NormalCursor (); - - if (threadParam.bStatus == FALSE) - { - EndDialog (hwndDlg, IDCLOSE); - } - return 1; - - case IDC_HW_AES_LABEL_LINK: - - Applink ("hwacceleration", TRUE, ""); - return 1; - - case IDC_PARALLELIZATION_LABEL_LINK: - - Applink ("parallelization", TRUE, ""); - return 1; - - case IDCLOSE: - case IDCANCEL: - - EndDialog (hwndDlg, IDCLOSE); - return 1; - } - return 0; - - break; - - case WM_CLOSE: - EndDialog (hwndDlg, IDCLOSE); - return 1; - - break; - - } - return 0; -} - - -static BOOL CALLBACK RandomPoolEnrichementDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - WORD hw = HIWORD (wParam); - static unsigned char randPool [RNG_POOL_SIZE]; - static unsigned char lastRandPool [RNG_POOL_SIZE]; - static unsigned char maskRandPool [RNG_POOL_SIZE]; - static BOOL bUseMask = FALSE; - static DWORD mouseEntropyGathered = 0xFFFFFFFF; - static DWORD mouseEventsInitialCount = 0; - /* max value of entropy needed to fill all random pool = 8 * RNG_POOL_SIZE = 2560 bits */ - static const DWORD maxEntropyLevel = RNG_POOL_SIZE * 8; - static HWND hEntropyBar = NULL; - static wchar_t outputDispBuffer [RNG_POOL_SIZE * 3 + RANDPOOL_DISPLAY_ROWS + 2]; - static BOOL bDisplayPoolContents = FALSE; - static BOOL bRandPoolDispAscii = FALSE; - int hash_algo = RandGetHashFunction(); - int hid; - - switch (msg) - { - case WM_INITDIALOG: - { - HWND hComboBox = GetDlgItem (hwndDlg, IDC_PRF_ID); - HCRYPTPROV hRngProv = NULL; - - VirtualLock (randPool, sizeof(randPool)); - VirtualLock (lastRandPool, sizeof(lastRandPool)); - VirtualLock (outputDispBuffer, sizeof(outputDispBuffer)); - VirtualLock (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); - VirtualLock (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); - VirtualLock (maskRandPool, sizeof(maskRandPool)); - - mouseEntropyGathered = 0xFFFFFFFF; - mouseEventsInitialCount = 0; - bUseMask = FALSE; - if (CryptAcquireContext (&hRngProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) - { - if (CryptGenRandom (hRngProv, sizeof (maskRandPool), maskRandPool)) - bUseMask = TRUE; - CryptReleaseContext (hRngProv, 0); - } - - LocalizeDialog (hwndDlg, "IDD_RANDOM_POOL_ENRICHMENT"); - - SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); - for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) - { - if (!HashIsDeprecated (hid)) - AddComboPair (hComboBox, HashGetName(hid), hid); - } - SelectAlgo (hComboBox, &hash_algo); - - SetCheckBox (hwndDlg, IDC_DISPLAY_POOL_CONTENTS, bDisplayPoolContents); - - SetTimer (hwndDlg, 0xfd, RANDPOOL_DISPLAY_REFRESH_INTERVAL, NULL); - SendMessage (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); - - hEntropyBar = GetDlgItem (hwndDlg, IDC_ENTROPY_BAR); - SendMessage (hEntropyBar, PBM_SETRANGE32, 0, maxEntropyLevel); - SendMessage (hEntropyBar, PBM_SETSTEP, 1, 0); - SendMessage (hEntropyBar, PBM_SETSTATE, PBST_ERROR, 0); - return 1; - } - - case WM_TIMER: - { - wchar_t tmp[4]; - unsigned char tmpByte; - int col, row; - DWORD mouseEventsCounter; - - RandpeekBytes (hwndDlg, randPool, sizeof (randPool), &mouseEventsCounter); - - ProcessEntropyEstimate (hEntropyBar, &mouseEventsInitialCount, mouseEventsCounter, maxEntropyLevel, &mouseEntropyGathered); - - if (memcmp (lastRandPool, randPool, sizeof(lastRandPool)) != 0) - { - outputDispBuffer[0] = 0; - - for (row = 0; row < RANDPOOL_DISPLAY_ROWS; row++) - { - for (col = 0; col < RANDPOOL_DISPLAY_COLUMNS; col++) - { - if (bDisplayPoolContents) - { - tmpByte = randPool[row * RANDPOOL_DISPLAY_COLUMNS + col]; - StringCbPrintfW (tmp, sizeof(tmp), bRandPoolDispAscii ? ((tmpByte >= 32 && tmpByte < 255 && tmpByte != L'&') ? L" %c " : L" . ") : L"%02X ", tmpByte); - } - else if (bUseMask) - { - /* use mask to compute a randomized ascii representation */ - tmpByte = (randPool[row * RANDPOOL_DISPLAY_COLUMNS + col] - - lastRandPool[row * RANDPOOL_DISPLAY_COLUMNS + col]) ^ maskRandPool [row * RANDPOOL_DISPLAY_COLUMNS + col]; - tmp[0] = (wchar_t) (((tmpByte >> 4) % 6) + L'*'); - tmp[1] = (wchar_t) (((tmpByte & 0x0F) % 6) + L'*'); - tmp[2] = L' '; - tmp[3] = 0; - } - else - { - StringCbCopyW (tmp, sizeof(tmp), L"** "); - } - - StringCbCatW (outputDispBuffer, sizeof(outputDispBuffer), tmp); - } - StringCbCatW (outputDispBuffer, sizeof(outputDispBuffer), L"\n"); - } - SetWindowText (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), outputDispBuffer); - - memcpy (lastRandPool, randPool, sizeof(lastRandPool)); - } - return 1; - } - - case WM_COMMAND: - if (lw == IDC_CONTINUE) - lw = IDOK; - - if (lw == IDOK || lw == IDCLOSE || lw == IDCANCEL) - { - goto exit; - } - - if (lw == IDC_PRF_ID && hw == CBN_SELCHANGE) - { - hid = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PRF_ID), CB_GETCURSEL, 0, 0); - hash_algo = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PRF_ID), CB_GETITEMDATA, hid, 0); - RandSetHashFunction (hash_algo); - return 1; - } - - if (lw == IDC_DISPLAY_POOL_CONTENTS) - { - if (!(bDisplayPoolContents = GetCheckBox (hwndDlg, IDC_DISPLAY_POOL_CONTENTS))) - { - wchar_t tmp[RNG_POOL_SIZE+1]; - - wmemset (tmp, L' ', ARRAYSIZE(tmp)); - tmp [RNG_POOL_SIZE] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), tmp); - } - - return 1; - } - - return 0; - - case WM_CLOSE: - { - wchar_t tmp[RNG_POOL_SIZE+1]; -exit: - KillTimer (hwndDlg, 0xfd); - - burn (randPool, sizeof(randPool)); - burn (lastRandPool, sizeof(lastRandPool)); - burn (outputDispBuffer, sizeof(outputDispBuffer)); - burn (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); - burn (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); - burn (maskRandPool, sizeof(maskRandPool)); - - // Attempt to wipe the pool contents in the GUI text area - wmemset (tmp, L' ', RNG_POOL_SIZE); - tmp [RNG_POOL_SIZE] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), tmp); - - if (msg == WM_COMMAND && lw == IDOK) - EndDialog (hwndDlg, IDOK); - else - EndDialog (hwndDlg, IDCLOSE); - - return 1; - } - } - return 0; -} - -/* Randinit is always called before UserEnrichRandomPool, so we don't need - * the extra Randinit call here since it will always succeed but we keep it - * for clarity purposes - */ -void UserEnrichRandomPool (HWND hwndDlg) -{ - if ((0 == Randinit()) && !IsRandomPoolEnrichedByUser()) - { - INT_PTR result = DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_RANDOM_POOL_ENRICHMENT), hwndDlg ? hwndDlg : MainDlg, (DLGPROC) RandomPoolEnrichementDlgProc, (LPARAM) 0); - SetRandomPoolEnrichedByUserStatus (result == IDOK); - } -} - - -/* Except in response to the WM_INITDIALOG message, the dialog box procedure - should return nonzero if it processes the message, and zero if it does - not. - see DialogProc */ -BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - WORD hw = HIWORD (wParam); - static unsigned char randPool [RNG_POOL_SIZE]; - static unsigned char lastRandPool [RNG_POOL_SIZE]; - static unsigned char maskRandPool [RNG_POOL_SIZE]; - static BOOL bUseMask = FALSE; - static DWORD mouseEntropyGathered = 0xFFFFFFFF; - static DWORD mouseEventsInitialCount = 0; - /* max value of entropy needed to fill all random pool = 8 * RNG_POOL_SIZE = 2560 bits */ - static const DWORD maxEntropyLevel = RNG_POOL_SIZE * 8; - static HWND hEntropyBar = NULL; - static wchar_t outputDispBuffer [RNG_POOL_SIZE * 3 + RANDPOOL_DISPLAY_ROWS + 2]; - static BOOL bDisplayPoolContents = FALSE; - static BOOL bRandPoolDispAscii = FALSE; - int hash_algo = RandGetHashFunction(); - int hid; - - switch (msg) - { - case WM_INITDIALOG: - { - HWND hComboBox = GetDlgItem (hwndDlg, IDC_PRF_ID); - HCRYPTPROV hRngProv = NULL; - - VirtualLock (randPool, sizeof(randPool)); - VirtualLock (lastRandPool, sizeof(lastRandPool)); - VirtualLock (outputDispBuffer, sizeof(outputDispBuffer)); - VirtualLock (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); - VirtualLock (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); - VirtualLock (maskRandPool, sizeof(maskRandPool)); - - mouseEntropyGathered = 0xFFFFFFFF; - mouseEventsInitialCount = 0; - bUseMask = FALSE; - if (CryptAcquireContext (&hRngProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) - { - if (CryptGenRandom (hRngProv, sizeof (maskRandPool), maskRandPool)) - bUseMask = TRUE; - CryptReleaseContext (hRngProv, 0); - } - - LocalizeDialog (hwndDlg, "IDD_KEYFILE_GENERATOR"); - - SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); - for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) - { - if (!HashIsDeprecated (hid)) - AddComboPair (hComboBox, HashGetName(hid), hid); - } - SelectAlgo (hComboBox, &hash_algo); - - SetCheckBox (hwndDlg, IDC_DISPLAY_POOL_CONTENTS, bDisplayPoolContents); - hEntropyBar = GetDlgItem (hwndDlg, IDC_ENTROPY_BAR); - SendMessage (hEntropyBar, PBM_SETRANGE32, 0, maxEntropyLevel); - SendMessage (hEntropyBar, PBM_SETSTEP, 1, 0); - SendMessage (hEntropyBar, PBM_SETSTATE, PBST_ERROR, 0); - -#ifndef VOLFORMAT - if (Randinit ()) - { - handleError (hwndDlg, (CryptoAPILastError == ERROR_SUCCESS)? ERR_RAND_INIT_FAILED : ERR_CAPI_INIT_FAILED, SRC_POS); - EndDialog (hwndDlg, IDCLOSE); - } -#endif - SetTimer (hwndDlg, 0xfd, RANDPOOL_DISPLAY_REFRESH_INTERVAL, NULL); - SendMessage (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); - // 9-digit limit for the number of keyfiles (more than enough!) - SendMessage (GetDlgItem (hwndDlg, IDC_NUMBER_KEYFILES), EM_SETLIMITTEXT, (WPARAM) 9, 0); - SetWindowText(GetDlgItem (hwndDlg, IDC_NUMBER_KEYFILES), L"1"); - // maximum keyfile size is 1048576, so limit the edit control to 7 characters - SendMessage (GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE), EM_SETLIMITTEXT, (WPARAM) 7, 0); - SetWindowText(GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE), L"64"); - // set the maximum length of the keyfile base name to (TC_MAX_PATH - 1) - SendMessage (GetDlgItem (hwndDlg, IDC_KEYFILES_BASE_NAME), EM_SETLIMITTEXT, (WPARAM) (TC_MAX_PATH - 1), 0); - return 1; - } - - case WM_TIMER: - { - wchar_t tmp[4]; - unsigned char tmpByte; - int col, row; - DWORD mouseEventsCounter; - - RandpeekBytes (hwndDlg, randPool, sizeof (randPool), &mouseEventsCounter); - - ProcessEntropyEstimate (hEntropyBar, &mouseEventsInitialCount, mouseEventsCounter, maxEntropyLevel, &mouseEntropyGathered); - - if (memcmp (lastRandPool, randPool, sizeof(lastRandPool)) != 0) - { - outputDispBuffer[0] = 0; - - for (row = 0; row < RANDPOOL_DISPLAY_ROWS; row++) - { - for (col = 0; col < RANDPOOL_DISPLAY_COLUMNS; col++) - { - if (bDisplayPoolContents) - { - tmpByte = randPool[row * RANDPOOL_DISPLAY_COLUMNS + col]; - StringCbPrintfW (tmp, sizeof(tmp), bRandPoolDispAscii ? ((tmpByte >= 32 && tmpByte < 255 && tmpByte != L'&') ? L" %c " : L" . ") : L"%02X ", tmpByte); - } - else if (bUseMask) - { - /* use mask to compute a randomized ASCII representation */ - tmpByte = (randPool[row * RANDPOOL_DISPLAY_COLUMNS + col] - - lastRandPool[row * RANDPOOL_DISPLAY_COLUMNS + col]) ^ maskRandPool [row * RANDPOOL_DISPLAY_COLUMNS + col]; - tmp[0] = (wchar_t) (((tmpByte >> 4) % 6) + L'*'); - tmp[1] = (wchar_t) (((tmpByte & 0x0F) % 6) + L'*'); - tmp[2] = L' '; - tmp[3] = 0; - } - else - { - StringCbCopyW (tmp, sizeof(tmp), L"** "); - } - - StringCbCatW (outputDispBuffer, sizeof(outputDispBuffer), tmp); - } - StringCbCatW (outputDispBuffer, sizeof(outputDispBuffer), L"\n"); - } - SetWindowText (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), outputDispBuffer); - - memcpy (lastRandPool, randPool, sizeof(lastRandPool)); - } - return 1; - } - - case WM_COMMAND: - - if (lw == IDCLOSE || lw == IDCANCEL) - { - goto exit; - } - - if (lw == IDC_PRF_ID && hw == CBN_SELCHANGE) - { - hid = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PRF_ID), CB_GETCURSEL, 0, 0); - hash_algo = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PRF_ID), CB_GETITEMDATA, hid, 0); - RandSetHashFunction (hash_algo); - return 1; - } - - if (lw == IDC_DISPLAY_POOL_CONTENTS) - { - if (!(bDisplayPoolContents = GetCheckBox (hwndDlg, IDC_DISPLAY_POOL_CONTENTS))) - { - wchar_t tmp[RNG_POOL_SIZE+1]; - - wmemset (tmp, L' ', ARRAYSIZE(tmp)); - tmp [RNG_POOL_SIZE] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), tmp); - } - return 1; - } - - if (lw == IDC_KEYFILES_RANDOM_SIZE) - { - EnableWindow(GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE), !GetCheckBox (hwndDlg, IDC_KEYFILES_RANDOM_SIZE)); - } - - if (lw == IDC_GENERATE_AND_SAVE_KEYFILE) - { - wchar_t szNumber[16] = {0}; - wchar_t szFileBaseName[TC_MAX_PATH]; - wchar_t szDirName[TC_MAX_PATH]; - wchar_t szFileName [2*TC_MAX_PATH + 16]; - unsigned char *keyfile = NULL; - int fhKeyfile = -1, status; - long keyfilesCount = 0, keyfilesSize = 0, i; - wchar_t* fileExtensionPtr = 0; - wchar_t szSuffix[32]; - BOOL bRandomSize = GetCheckBox (hwndDlg, IDC_KEYFILES_RANDOM_SIZE); - - if (!GetWindowText(GetDlgItem (hwndDlg, IDC_NUMBER_KEYFILES), szNumber, ARRAYSIZE(szNumber))) - szNumber[0] = 0; - - keyfilesCount = wcstoul(szNumber, NULL, 0); - if (keyfilesCount <= 0 || keyfilesCount == LONG_MAX) - { - Warning("KEYFILE_INCORRECT_NUMBER", hwndDlg); - SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM) GetDlgItem (hwndDlg, IDC_NUMBER_KEYFILES), TRUE); - return 1; - } - - if (!bRandomSize) - { - if (!GetWindowText(GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE), szNumber, ARRAYSIZE(szNumber))) - szNumber[0] = 0; - - keyfilesSize = wcstoul(szNumber, NULL, 0); - if (keyfilesSize < 64 || keyfilesSize > 1024*1024) - { - Warning("KEYFILE_INCORRECT_SIZE", hwndDlg); - SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM) GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE), TRUE); - return 1; - } - } - - if (!GetWindowText(GetDlgItem (hwndDlg, IDC_KEYFILES_BASE_NAME), szFileBaseName, TC_MAX_PATH)) - szFileBaseName[0] = 0; - - // Trim trailing space - if (TrimWhiteSpace(szFileBaseName) == 0) - { - Warning("KEYFILE_EMPTY_BASE_NAME", hwndDlg); - SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM) GetDlgItem (hwndDlg, IDC_KEYFILES_BASE_NAME), TRUE); - return 1; - } - - if (!IsValidFileName(szFileBaseName)) - { - Warning("KEYFILE_INVALID_BASE_NAME", hwndDlg); - SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM) GetDlgItem (hwndDlg, IDC_KEYFILES_BASE_NAME), TRUE); - return 1; - } - - fileExtensionPtr = wcsrchr(szFileBaseName, L'.'); - - /* Select directory */ - if (!BrowseDirectories (hwndDlg, "SELECT_KEYFILE_GENERATION_DIRECTORY", szDirName)) - return 1; - - if (szDirName[wcslen(szDirName) - 1] != L'\\' && szDirName[wcslen(szDirName) - 1] != L'/') - StringCbCat(szDirName, sizeof(szDirName), L"\\"); - - WaitCursor(); - - keyfile = (unsigned char*) TCalloc( bRandomSize? KEYFILE_MAX_READ_LEN : keyfilesSize ); - - for (i= 0; i < keyfilesCount; i++) - { - StringCbCopyW(szFileName, sizeof(szFileName), szDirName); - - if (i > 0) - { - StringCbPrintfW(szSuffix, sizeof(szSuffix), L"_%d", i); - // Append the counter to the name - if (fileExtensionPtr) - { - StringCchCatN(szFileName, ARRAYSIZE(szFileName), szFileBaseName, (size_t) (fileExtensionPtr - szFileBaseName)); - StringCbCat(szFileName, sizeof(szFileName), szSuffix); - StringCbCat(szFileName, sizeof(szFileName), fileExtensionPtr); - } - else - { - StringCbCat(szFileName, sizeof(szFileName), szFileBaseName); - StringCbCat(szFileName, sizeof(szFileName), szSuffix); - } - } - else - StringCbCat(szFileName, sizeof(szFileName), szFileBaseName); - - // check if the file exists - if ((fhKeyfile = _wopen(szFileName, _O_RDONLY|_O_BINARY, _S_IREAD|_S_IWRITE)) != -1) - { - WCHAR s[4*TC_MAX_PATH] = {0}; - - _close (fhKeyfile); - - StringCbPrintfW (s, sizeof(s), GetString ("KEYFILE_ALREADY_EXISTS"), szFileName); - status = AskWarnNoYesString (s, hwndDlg); - if (status == IDNO) - { - TCfree(keyfile); - NormalCursor(); - return 1; - } - } - - /* Conceive the file */ - if ((fhKeyfile = _wopen(szFileName, _O_CREAT|_O_TRUNC|_O_WRONLY|_O_BINARY, _S_IREAD|_S_IWRITE)) == -1) - { - TCfree(keyfile); - NormalCursor(); - handleWin32Error (hwndDlg, SRC_POS); - return 1; - } - - if (bRandomSize) - { - /* Generate a random size */ - if (!RandgetBytes (hwndDlg, (unsigned char*) &keyfilesSize, sizeof(keyfilesSize), FALSE)) - { - _close (fhKeyfile); - DeleteFile (szFileName); - TCfree(keyfile); - NormalCursor(); - return 1; - } - - /* since keyfilesSize < 1024 * 1024, we mask with 0x000FFFFF */ - keyfilesSize = (long) (((unsigned long) keyfilesSize) & 0x000FFFFF); - - keyfilesSize %= ((KEYFILE_MAX_READ_LEN - 64) + 1); - keyfilesSize += 64; - } - - /* Generate the keyfile */ - if (!RandgetBytesFull (hwndDlg, keyfile, keyfilesSize, TRUE, TRUE)) - { - _close (fhKeyfile); - DeleteFile (szFileName); - TCfree(keyfile); - NormalCursor(); - return 1; - } - - /* Write the keyfile */ - status = _write (fhKeyfile, keyfile, keyfilesSize); - burn (keyfile, keyfilesSize); - _close (fhKeyfile); - - if (status == -1) - { - TCfree(keyfile); - NormalCursor(); - handleWin32Error (hwndDlg, SRC_POS); - return 1; - } - } - - TCfree(keyfile); - NormalCursor(); - - Info("KEYFILE_CREATED", hwndDlg); - - return 1; - } - return 0; - - case WM_CLOSE: - { - wchar_t tmp[RNG_POOL_SIZE+1]; -exit: - WaitCursor(); - KillTimer (hwndDlg, 0xfd); - -#ifndef VOLFORMAT - RandStop (FALSE); -#endif - /* Cleanup */ - - burn (randPool, sizeof(randPool)); - burn (lastRandPool, sizeof(lastRandPool)); - burn (outputDispBuffer, sizeof(outputDispBuffer)); - burn (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); - burn (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); - burn (maskRandPool, sizeof(maskRandPool)); - - // Attempt to wipe the pool contents in the GUI text area - wmemset (tmp, L' ', RNG_POOL_SIZE); - tmp [RNG_POOL_SIZE] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), tmp); - - EndDialog (hwndDlg, IDCLOSE); - NormalCursor (); - return 1; - } - } - return 0; -} - - - -/* Except in response to the WM_INITDIALOG message, the dialog box procedure -should return nonzero if it processes the message, and zero if it does -not. - see DialogProc */ -BOOL CALLBACK -CipherTestDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) -{ - static int idTestCipher = -1; /* Currently selected cipher for the test vector facility (none = -1). */ - static BOOL bXTSTestEnabled = FALSE; - - PCRYPTO_INFO ci; - WORD lw = LOWORD (wParam); - WORD hw = HIWORD (wParam); - - switch (uMsg) - { - case WM_INITDIALOG: - { - int ea; - wchar_t buf[100]; - - LocalizeDialog (hwndDlg, "IDD_CIPHER_TEST_DLG"); - - SendMessage(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), WM_SETFONT, (WPARAM)hBoldFont, MAKELPARAM(TRUE,0)); - SendMessage(GetDlgItem(hwndDlg, IDC_KEY), EM_LIMITTEXT, 128,0); - SendMessage(GetDlgItem(hwndDlg, IDC_KEY), WM_SETFONT, (WPARAM)hFixedDigitFont, MAKELPARAM(1,0)); - SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT), EM_LIMITTEXT,64,0); - SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT), WM_SETFONT, (WPARAM)hFixedDigitFont, MAKELPARAM(1,0)); - SendMessage(GetDlgItem(hwndDlg, IDC_CIPHERTEXT), EM_LIMITTEXT,64,0); - SendMessage(GetDlgItem(hwndDlg, IDC_CIPHERTEXT), WM_SETFONT, (WPARAM)hFixedDigitFont, MAKELPARAM(1,0)); - SendMessage(GetDlgItem(hwndDlg, IDC_SECONDARY_KEY), EM_LIMITTEXT, 128,0); - SendMessage(GetDlgItem(hwndDlg, IDC_SECONDARY_KEY), WM_SETFONT, (WPARAM)hFixedDigitFont, MAKELPARAM(1,0)); - SendMessage(GetDlgItem(hwndDlg, IDC_TEST_DATA_UNIT_NUMBER), EM_LIMITTEXT,32,0); - SendMessage(GetDlgItem(hwndDlg, IDC_TEST_DATA_UNIT_NUMBER), WM_SETFONT, (WPARAM)hFixedDigitFont, MAKELPARAM(1,0)); - SetCheckBox (hwndDlg, IDC_XTS_MODE_ENABLED, bXTSTestEnabled); - EnableWindow (GetDlgItem (hwndDlg, IDC_SECONDARY_KEY), bXTSTestEnabled); - EnableWindow (GetDlgItem (hwndDlg, IDT_SECONDARY_KEY), bXTSTestEnabled); - EnableWindow (GetDlgItem (hwndDlg, IDC_TEST_BLOCK_NUMBER), bXTSTestEnabled); - EnableWindow (GetDlgItem (hwndDlg, IDT_TEST_BLOCK_NUMBER), bXTSTestEnabled); - EnableWindow (GetDlgItem (hwndDlg, IDC_TEST_DATA_UNIT_NUMBER), bXTSTestEnabled); - EnableWindow (GetDlgItem (hwndDlg, IDT_TEST_DATA_UNIT_NUMBER), bXTSTestEnabled); - - if (idTestCipher == -1) - idTestCipher = (int) lParam; - - SendMessage (GetDlgItem (hwndDlg, IDC_CIPHER), CB_RESETCONTENT, 0, 0); - for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea)) - { - if (EAGetCipherCount (ea) == 1 && EAIsFormatEnabled (ea)) - AddComboPair (GetDlgItem (hwndDlg, IDC_CIPHER), EAGetName (buf, ea, 1), EAGetFirstCipher (ea)); - } - - ResetCipherTest(hwndDlg, idTestCipher); - - SelectAlgo (GetDlgItem (hwndDlg, IDC_CIPHER), &idTestCipher); - - return 1; - } - - case WM_COMMAND: - - if (hw == CBN_SELCHANGE && lw == IDC_CIPHER) - { - idTestCipher = (int) SendMessage (GetDlgItem (hwndDlg, IDC_CIPHER), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_CIPHER), CB_GETCURSEL, 0, 0), 0); - ResetCipherTest(hwndDlg, idTestCipher); - SendMessage (hwndDlg, WM_INITDIALOG, 0, 0); - return 1; - } - - if (hw == CBN_SELCHANGE && lw == IDC_KEY_SIZE) - { - // NOP - return 1; - } - - if (lw == IDC_RESET) - { - ResetCipherTest(hwndDlg, idTestCipher); - - return 1; - } - - if (lw == IDC_AUTO) - { - WaitCursor (); - if (!AutoTestAlgorithms()) - { - ShowWindow(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), SW_SHOWNORMAL); - SetWindowTextW(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), GetString ("TESTS_FAILED")); - } - else - { - ShowWindow(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), SW_SHOWNORMAL); - SetWindowTextW(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), GetString ("TESTS_PASSED")); - ShowWindow(GetDlgItem(hwndDlg, IDC_REDTICK), SW_SHOWNORMAL); - } - NormalCursor (); - - return 1; - - } - - if (lw == IDC_XTS_MODE_ENABLED) - { - bXTSTestEnabled = GetCheckBox (hwndDlg, IDC_XTS_MODE_ENABLED); - EnableWindow (GetDlgItem (hwndDlg, IDC_SECONDARY_KEY), bXTSTestEnabled); - EnableWindow (GetDlgItem (hwndDlg, IDT_SECONDARY_KEY), bXTSTestEnabled); - EnableWindow (GetDlgItem (hwndDlg, IDC_TEST_BLOCK_NUMBER), bXTSTestEnabled); - EnableWindow (GetDlgItem (hwndDlg, IDT_TEST_BLOCK_NUMBER), bXTSTestEnabled); - EnableWindow (GetDlgItem (hwndDlg, IDT_TEST_DATA_UNIT_NUMBER), bXTSTestEnabled); - EnableWindow (GetDlgItem (hwndDlg, IDC_TEST_DATA_UNIT_NUMBER), bXTSTestEnabled); - if (bXTSTestEnabled) - SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETCURSEL, 0,0); - } - - if (lw == IDOK || lw == IDC_ENCRYPT || lw == IDC_DECRYPT) - { - char key[128+1], inputtext[128+1], secondaryKey[64+1], dataUnitNo[16+1]; - wchar_t szTmp[128+1]; - int ks, pt, n, tlen, blockNo = 0; - BOOL bEncrypt; - - ShowWindow(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), SW_HIDE); - ShowWindow(GetDlgItem(hwndDlg, IDC_REDTICK), SW_HIDE); - - ks = (int) SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_GETCURSEL, 0,0); - ks = (int) SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_GETITEMDATA, ks,0); - pt = (int) SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_GETITEMDATA, 0,0); - - bEncrypt = lw == IDC_ENCRYPT; - - memset(key,0,sizeof(key)); - memset(szTmp,0,sizeof(szTmp)); - n = GetWindowText(GetDlgItem(hwndDlg, IDC_KEY), szTmp, ARRAYSIZE(szTmp)); - if (n != ks * 2) - { - Warning ("TEST_KEY_SIZE", hwndDlg); - return 1; - } - - for (n = 0; n < ks; n ++) - { - wchar_t szTmp2[3], *ptr; - long x; - - szTmp2[2] = 0; - szTmp2[0] = szTmp[n * 2]; - szTmp2[1] = szTmp[n * 2 + 1]; - - x = wcstol(szTmp2, &ptr, 16); - - key[n] = (char) x; - } - - memset(inputtext, 0, sizeof(inputtext)); - memset(secondaryKey, 0, sizeof(secondaryKey)); - memset(dataUnitNo, 0, sizeof(dataUnitNo)); - memset(szTmp, 0, sizeof(szTmp)); - - if (bEncrypt) - { - n = GetWindowText(GetDlgItem(hwndDlg, IDC_PLAINTEXT), szTmp, ARRAYSIZE(szTmp)); - } - else - { - n = GetWindowText(GetDlgItem(hwndDlg, IDC_CIPHERTEXT), szTmp, ARRAYSIZE(szTmp)); - } - - if (n != pt * 2) - { - if (bEncrypt) - { - Warning ("TEST_PLAINTEXT_SIZE", hwndDlg); - return 1; - } - else - { - Warning ("TEST_CIPHERTEXT_SIZE", hwndDlg); - return 1; - } - } - - for (n = 0; n < pt; n ++) - { - wchar_t szTmp2[3], *ptr; - long x; - - szTmp2[2] = 0; - szTmp2[0] = szTmp[n * 2]; - szTmp2[1] = szTmp[n * 2 + 1]; - - x = wcstol(szTmp2, &ptr, 16); - - inputtext[n] = (char) x; - } - - // XTS - if (bXTSTestEnabled) - { - // Secondary key - - if (GetWindowText(GetDlgItem(hwndDlg, IDC_SECONDARY_KEY), szTmp, ARRAYSIZE(szTmp)) != 64) - { - Warning ("TEST_INCORRECT_SECONDARY_KEY_SIZE", hwndDlg); - return 1; - } - - for (n = 0; n < 64; n ++) - { - wchar_t szTmp2[3], *ptr; - long x; - - szTmp2[2] = 0; - szTmp2[0] = szTmp[n * 2]; - szTmp2[1] = szTmp[n * 2 + 1]; - - x = wcstol(szTmp2, &ptr, 16); - - secondaryKey[n] = (char) x; - } - - // Data unit number - - tlen = GetWindowText(GetDlgItem(hwndDlg, IDC_TEST_DATA_UNIT_NUMBER), szTmp, ARRAYSIZE(szTmp)); - - if (tlen > 16 || tlen < 1) - { - Warning ("TEST_INCORRECT_TEST_DATA_UNIT_SIZE", hwndDlg); - return 1; - } - - LeftPadString (szTmp, tlen, 16, L'0'); - - for (n = 0; n < 16; n ++) - { - wchar_t szTmp2[3], *ptr; - long x; - - szTmp2[2] = 0; - szTmp2[0] = szTmp[n * 2]; - szTmp2[1] = szTmp[n * 2 + 1]; - - x = wcstol(szTmp2, &ptr, 16); - - dataUnitNo[n] = (char) x; - } - - // Block number - - blockNo = (int) SendMessage (GetDlgItem (hwndDlg, IDC_TEST_BLOCK_NUMBER), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_TEST_BLOCK_NUMBER), CB_GETCURSEL, 0, 0), 0); - } // if (bXTSTestEnabled) - - - /* Perform the actual tests */ - - if (ks != CB_ERR && pt != CB_ERR) - { - char tmp[128]; - int tmpRetVal; - - /* Copy the plain/ciphertext */ - memcpy(tmp,inputtext, pt); - - if (bXTSTestEnabled) - { - UINT64_STRUCT structDataUnitNo; - - /* XTS mode */ - - ci = crypto_open (); - if (!ci) - return 1; - - ci->mode = XTS; - - for (ci->ea = EAGetFirst (); ci->ea != 0 ; ci->ea = EAGetNext (ci->ea)) - if (EAGetCipherCount (ci->ea) == 1 && EAGetFirstCipher (ci->ea) == idTestCipher) - break; - - if ((tmpRetVal = EAInit (ci->ea, (unsigned char *) key, ci->ks)) != ERR_SUCCESS) - { - handleError (hwndDlg, tmpRetVal, SRC_POS); - crypto_close (ci); - return 1; - } - - memcpy (&ci->k2, secondaryKey, sizeof (secondaryKey)); - if (!EAInitMode (ci)) - { - crypto_close (ci); - return 1; - } - - structDataUnitNo.Value = BE64(((unsigned __int64 *)dataUnitNo)[0]); - - if (bEncrypt) - EncryptBufferXTS ((unsigned char *) tmp, pt, &structDataUnitNo, blockNo, (unsigned char *) (ci->ks), (unsigned char *) ci->ks2, idTestCipher); - else - DecryptBufferXTS ((unsigned char *) tmp, pt, &structDataUnitNo, blockNo, (unsigned char *) (ci->ks), (unsigned char *) ci->ks2, idTestCipher); - - crypto_close (ci); - } - else - { - - CipherInit2(idTestCipher, key, ks_tmp, ks); - - if (bEncrypt) - { - EncipherBlock(idTestCipher, tmp, ks_tmp); - } - else - { - DecipherBlock(idTestCipher, tmp, ks_tmp); - } - - } - *szTmp = 0; - - for (n = 0; n < pt; n ++) - { - wchar_t szTmp2[3]; - StringCbPrintfW(szTmp2, sizeof(szTmp2), L"%02x", (int)((unsigned char)tmp[n])); - StringCbCatW(szTmp, sizeof(szTmp), szTmp2); - } - - if (bEncrypt) - SetWindowText(GetDlgItem(hwndDlg,IDC_CIPHERTEXT), szTmp); - else - SetWindowText(GetDlgItem(hwndDlg,IDC_PLAINTEXT), szTmp); - } - - return 1; - } - - if (lw == IDCLOSE || lw == IDCANCEL) - { - idTestCipher = -1; - EndDialog (hwndDlg, 0); - return 1; - } - break; - - case WM_CLOSE: - idTestCipher = -1; - EndDialog (hwndDlg, 0); - return 1; - } - - return 0; -} - -void -ResetCipherTest(HWND hwndDlg, int idTestCipher) -{ - int ndx; - - ShowWindow(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), SW_HIDE); - ShowWindow(GetDlgItem(hwndDlg, IDC_REDTICK), SW_HIDE); - - EnableWindow(GetDlgItem(hwndDlg,IDC_KEY_SIZE), FALSE); - - /* Setup the keysize and plaintext sizes for the selected cipher */ - - SendMessage (GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_RESETCONTENT, 0,0); - SendMessage (GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_RESETCONTENT, 0,0); - SendMessage (GetDlgItem(hwndDlg, IDC_TEST_BLOCK_NUMBER), CB_RESETCONTENT, 0,0); - - ndx = (int) SendMessage (GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_ADDSTRING, 0,(LPARAM) L"64"); - SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_SETITEMDATA, ndx,(LPARAM) 8); - SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_SETCURSEL, ndx,0); - - for (ndx = 0; ndx < BLOCKS_PER_XTS_DATA_UNIT; ndx++) - { - wchar_t tmpStr [16]; - - StringCbPrintfW (tmpStr, sizeof(tmpStr), L"%d", ndx); - - ndx = (int) SendMessage (GetDlgItem(hwndDlg, IDC_TEST_BLOCK_NUMBER), CB_ADDSTRING, 0,(LPARAM) tmpStr); - SendMessage(GetDlgItem(hwndDlg, IDC_TEST_BLOCK_NUMBER), CB_SETITEMDATA, ndx,(LPARAM) ndx); - } - - SendMessage(GetDlgItem(hwndDlg, IDC_TEST_BLOCK_NUMBER), CB_SETCURSEL, 0, 0); - - SetWindowText(GetDlgItem(hwndDlg, IDC_SECONDARY_KEY), L"0000000000000000000000000000000000000000000000000000000000000000"); - SetWindowText(GetDlgItem(hwndDlg, IDC_TEST_DATA_UNIT_NUMBER), L"0"); - - SetWindowText(GetDlgItem(hwndDlg, IDC_PLAINTEXT), L"0000000000000000"); - SetWindowText(GetDlgItem(hwndDlg, IDC_CIPHERTEXT), L"0000000000000000"); - - if (idTestCipher == AES || idTestCipher == SERPENT || idTestCipher == TWOFISH) - { - ndx = (int) SendMessage (GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_ADDSTRING, 0,(LPARAM) L"256"); - SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETITEMDATA, ndx,(LPARAM) 32); - SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETCURSEL, ndx,0); - - SendMessage (GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_RESETCONTENT, 0,0); - ndx = (int) SendMessage (GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_ADDSTRING, 0,(LPARAM) L"128"); - SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_SETITEMDATA, ndx,(LPARAM) 16); - SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_SETCURSEL, ndx,0); - - SetWindowText(GetDlgItem(hwndDlg, IDC_KEY), L"0000000000000000000000000000000000000000000000000000000000000000"); - SetWindowText(GetDlgItem(hwndDlg, IDC_PLAINTEXT), L"00000000000000000000000000000000"); - SetWindowText(GetDlgItem(hwndDlg, IDC_CIPHERTEXT), L"00000000000000000000000000000000"); - } -} - -#endif // #ifndef SETUP - - -BOOL CALLBACK MultiChoiceDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) -{ - int nChoiceIDs [MAX_MULTI_CHOICES+1] = { IDC_MULTI_CHOICE_MSG, IDC_CHOICE1, IDC_CHOICE2, IDC_CHOICE3, - IDC_CHOICE4, IDC_CHOICE5, IDC_CHOICE6, IDC_CHOICE7, IDC_CHOICE8, IDC_CHOICE9, IDC_CHOICE10 }; - int nBaseButtonWidth = 0; - int nBaseButtonHeight = 0; - int nActiveChoices = -1; - int nStr = 0; - int vertSubOffset, horizSubOffset, vertMsgHeightOffset; - int vertOffset = 0; - int nLongestButtonCaptionWidth = 6; - int nLongestButtonCaptionCharLen = 1; - int nTextGfxLineHeight = 0; - int nMainTextLenInChars = 0; - int newLineSeqCount = 0; - RECT rec, wrec, wtrec, trec; - BOOL bResolve; - - WORD lw = LOWORD (wParam); - - switch (uMsg) - { - case WM_INITDIALOG: - { - char **pStr = (char **) ((MULTI_CHOICE_DLGPROC_PARAMS *) lParam)->strings; - char **pStrOrig = pStr; - wchar_t **pwStr = (wchar_t **) ((MULTI_CHOICE_DLGPROC_PARAMS *) lParam)->strings; - wchar_t **pwStrOrig = pwStr; - - LocalizeDialog (hwndDlg, NULL); - - SetWindowPos (hwndDlg, HWND_TOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); - SetWindowPos (hwndDlg, HWND_NOTOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); - - bResolve = (*pStr == NULL); - - // Style - if (((MULTI_CHOICE_DLGPROC_PARAMS *) lParam)->bold) - { - SendMessage (GetDlgItem (hwndDlg, IDC_MULTI_CHOICE_MSG), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - } - - // Process the strings - pStr++; - pwStr++; - - do - { - if (*pStr != 0) - { - SetWindowTextW (GetDlgItem(hwndDlg, nChoiceIDs[nStr]), bResolve ? GetString(*pStr) : *pwStr); - - if (nStr > 0) - { - nLongestButtonCaptionWidth = max ( - GetTextGfxWidth (GetDlgItem(hwndDlg, IDC_CHOICE1), - bResolve ? GetString(*pStr) : *pwStr, - hUserFont), - nLongestButtonCaptionWidth); - - nLongestButtonCaptionCharLen = max (nLongestButtonCaptionCharLen, - (int) wcslen ((const wchar_t *) (bResolve ? GetString(*pStr) : *pwStr))); - } - - nActiveChoices++; - pStr++; - pwStr++; - } - else - { - ShowWindow(GetDlgItem(hwndDlg, nChoiceIDs[nStr]), SW_HIDE); - } - nStr++; - - } while (nStr < MAX_MULTI_CHOICES+1); - - // Length of main message in characters (not bytes) - nMainTextLenInChars = (int) wcslen ((const wchar_t *) (bResolve ? GetString(*(pStrOrig+1)) : *(pwStrOrig+1))); - - if (nMainTextLenInChars > 200 - && nMainTextLenInChars / nLongestButtonCaptionCharLen >= 10) - { - // As the main text is longer than 200 characters, we will "pad" the widest button caption with - // spaces (if it is not wide enough) so as to increase the width of the whole dialog window. - // Otherwise, it would look too tall (dialog boxes look better when they are more wide than tall). - nLongestButtonCaptionWidth = CompensateXDPI (max ( - nLongestButtonCaptionWidth, - min (350, nMainTextLenInChars))); - } - - // Get the window coords - GetWindowRect(hwndDlg, &wrec); - - // Get the base button size - GetClientRect(GetDlgItem(hwndDlg, IDC_CHOICE1), &rec); - nBaseButtonWidth = rec.right + 2; - nBaseButtonHeight = rec.bottom + 2; - - // Increase in width based on the gfx length of the widest button caption - horizSubOffset = min (CompensateXDPI (500), max (0, nLongestButtonCaptionWidth + CompensateXDPI (50) - nBaseButtonWidth)); - - // Vertical "title bar" offset - GetClientRect(hwndDlg, &wtrec); - vertOffset = wrec.bottom - wrec.top - wtrec.bottom - GetSystemMetrics(SM_CYFIXEDFRAME); - - // Height/width of the message text - GetClientRect(GetDlgItem(hwndDlg, IDC_MULTI_CHOICE_MSG), &trec); - - // Determine the number of newlines contained in the message text - { - int64 offset = -1; - - do - { - offset = FindString ((char *) (bResolve ? GetString(*(pStrOrig+1)) : *(pwStrOrig+1)), - (char *) L"\n", - nMainTextLenInChars * 2, - (int) wcslen (L"\n") * 2, - offset + 1); - - newLineSeqCount++; - - } while (offset != -1); - } - - nTextGfxLineHeight = GetTextGfxHeight (GetDlgItem(hwndDlg, IDC_MULTI_CHOICE_MSG), - bResolve ? GetString(*(pStrOrig+1)) : *(pwStrOrig+1), - hUserFont); - - vertMsgHeightOffset = ((GetTextGfxWidth (GetDlgItem(hwndDlg, IDC_MULTI_CHOICE_MSG), - bResolve ? GetString(*(pStrOrig+1)) : *(pwStrOrig+1), - hUserFont) / (trec.right + horizSubOffset) + 1) * nTextGfxLineHeight) - trec.bottom; - - vertMsgHeightOffset = min (CompensateYDPI (350), vertMsgHeightOffset + newLineSeqCount * nTextGfxLineHeight + (trec.bottom + vertMsgHeightOffset) / 10); // As reserve, we are adding 10% and the number of lines equal to the number of newlines in the message - - // Reduction in height according to the number of shown buttons - vertSubOffset = ((MAX_MULTI_CHOICES - nActiveChoices) * nBaseButtonHeight); - - if (horizSubOffset > 0 - || vertMsgHeightOffset > 0 - || vertOffset > 0) - { - // Resize/move each button if necessary - for (nStr = 1; nStr < MAX_MULTI_CHOICES+1; nStr++) - { - GetWindowRect(GetDlgItem(hwndDlg, nChoiceIDs[nStr]), &rec); - - MoveWindow (GetDlgItem(hwndDlg, nChoiceIDs[nStr]), - rec.left - wrec.left - GetSystemMetrics(SM_CXFIXEDFRAME), - rec.top - wrec.top - vertOffset + vertMsgHeightOffset, - nBaseButtonWidth + horizSubOffset, - nBaseButtonHeight, - TRUE); - } - - // Resize/move the remaining GUI elements - GetWindowRect(GetDlgItem(hwndDlg, IDC_MULTI_CHOICE_MSG), &rec); - GetClientRect(GetDlgItem(hwndDlg, IDC_MULTI_CHOICE_MSG), &trec); - MoveWindow (GetDlgItem(hwndDlg, IDC_MULTI_CHOICE_MSG), - rec.left - wrec.left - GetSystemMetrics(SM_CXFIXEDFRAME), - rec.top - wrec.top - vertOffset, - trec.right + 2 + horizSubOffset, - trec.bottom + 2 + vertMsgHeightOffset, - TRUE); - - GetWindowRect(GetDlgItem(hwndDlg, IDC_MC_DLG_HR1), &rec); - GetClientRect(GetDlgItem(hwndDlg, IDC_MC_DLG_HR1), &trec); - MoveWindow (GetDlgItem(hwndDlg, IDC_MC_DLG_HR1), - rec.left - wrec.left - GetSystemMetrics(SM_CXFIXEDFRAME), - rec.top - wrec.top - vertOffset, - trec.right + 2 + horizSubOffset, - trec.bottom + 2, - TRUE); - - GetWindowRect(GetDlgItem(hwndDlg, IDC_MC_DLG_HR2), &rec); - GetClientRect(GetDlgItem(hwndDlg, IDC_MC_DLG_HR2), &trec); - MoveWindow (GetDlgItem(hwndDlg, IDC_MC_DLG_HR2), - rec.left - wrec.left - GetSystemMetrics(SM_CXFIXEDFRAME), - rec.top - wrec.top - vertOffset + vertMsgHeightOffset, - trec.right + 2 + horizSubOffset, - trec.bottom + 2, - TRUE); - } - - // Resize the window according to number of shown buttons and the longest button caption - MoveWindow (hwndDlg, - wrec.left - horizSubOffset / 2, - wrec.top + vertSubOffset / 2 - vertMsgHeightOffset / 2, - wrec.right - wrec.left + horizSubOffset, - wrec.bottom - wrec.top - vertSubOffset + 1 + vertMsgHeightOffset, - TRUE); - - DisableCloseButton (hwndDlg); - - return 1; - } - - case WM_COMMAND: - - if (lw == IDCLOSE || lw == IDCANCEL) - { - EndDialog (hwndDlg, 0); - return 1; - } - - for (nStr = 1; nStr < MAX_MULTI_CHOICES+1; nStr++) - { - if (lw == nChoiceIDs[nStr]) - { - EndDialog (hwndDlg, nStr); - return 1; - } - } - break; - - case WM_CLOSE: - // This prevents the window from being closed by pressing Alt-F4 (the Close button is hidden). - // Note that the OS handles modal MessageBox() dialog windows the same way. - return 1; - } - - return 0; -} - - -BOOL CheckCapsLock (HWND hwnd, BOOL quiet) -{ - if ((GetKeyState(VK_CAPITAL) & 1) != 0) - { - if (!quiet) - { - MessageBoxW (hwnd, GetString ("CAPSLOCK_ON"), lpszTitle, MB_ICONEXCLAMATION); - } - return TRUE; - } - return FALSE; -} - - -// Checks whether the file extension is not used for executable files or similarly problematic, which often -// causes Windows and antivirus software to interfere with the container. -BOOL CheckFileExtension (wchar_t *fileName) -{ - int i = 0; - wchar_t *ext = wcsrchr (fileName, L'.'); - static wchar_t *problemFileExt[] = { - // These are protected by the Windows Resource Protection - L".asa", L".asp", L".aspx", L".ax", L".bas", L".bat", L".bin", L".cer", L".chm", L".clb", L".cmd", L".cnt", L".cnv", - L".com", L".cpl", L".cpx", L".crt", L".csh", L".dll", L".drv", L".dtd", L".exe", L".fxp", L".grp", L".h1s", L".hlp", - L".hta", L".ime", L".inf", L".ins", L".isp", L".its", L".js", L".jse", L".ksh", L".lnk", L".mad", L".maf", L".mag", - L".mam", L".man", L".maq", L".mar", L".mas", L".mat", L".mau", L".mav", L".maw", L".mda", L".mdb", L".mde", L".mdt", - L".mdw", L".mdz", L".msc", L".msi", L".msp", L".mst", L".mui", L".nls", L".ocx", L".ops", L".pal", L".pcd", L".pif", - L".prf", L".prg", L".pst", L".reg", L".scf", L".scr", L".sct", L".shb", L".shs", L".sys", L".tlb", L".tsp", L".url", - L".vb", L".vbe", L".vbs", L".vsmacros", L".vss", L".vst", L".vsw", L".ws", L".wsc", L".wsf", L".wsh", L".xsd", L".xsl", - // These additional file extensions are usually watched by antivirus programs - L".386", L".acm", L".ade", L".adp", L".ani", L".app", L".asd", L".asf", L".asx", L".awx", L".ax", L".boo", L".bz2", L".cdf", - L".class", L".dhtm", L".dhtml",L".dlo", L".emf", L".eml", L".flt", L".fot", L".gz", L".hlp", L".htm", L".html", L".ini", - L".j2k", L".jar", L".jff", L".jif", L".jmh", L".jng", L".jp2", L".jpe", L".jpeg", L".jpg", L".lsp", L".mod", L".nws", - L".obj", L".olb", L".osd", L".ov1", L".ov2", L".ov3", L".ovl", L".ovl", L".ovr", L".pdr", L".pgm", L".php", L".pkg", - L".pl", L".png", L".pot", L".pps", L".ppt", L".ps1", L".ps1xml", L".psc1", L".rar", L".rpl", L".rtf", L".sbf", L".script", L".sh", L".sha", L".shtm", - L".shtml", L".spl", L".swf", L".tar", L".tgz", L".tmp", L".ttf", L".vcs", L".vlm", L".vxd", L".vxo", L".wiz", L".wll", L".wmd", - L".wmf", L".wms", L".wmz", L".wpc", L".wsc", L".wsh", L".wwk", L".xhtm", L".xhtml", L".xl", L".xml", L".zip", L".7z", 0}; - - if (!ext) - return FALSE; - - while (problemFileExt[i]) - { - if (!_wcsicmp (ext, problemFileExt[i++])) - return TRUE; - } - - return FALSE; -} - -void CorrectFileName (wchar_t* fileName) -{ - /* replace '/' by '\' */ - size_t i, len = wcslen (fileName); - for (i = 0; i < len; i++) - { - if (fileName [i] == L'/') - fileName [i] = L'\\'; - } -} - -void IncreaseWrongPwdRetryCount (int count) -{ - WrongPwdRetryCounter += count; -} - - -void ResetWrongPwdRetryCount (void) -{ - WrongPwdRetryCounter = 0; -} - - -BOOL WrongPwdRetryCountOverLimit (void) -{ - return (WrongPwdRetryCounter > TC_TRY_HEADER_BAK_AFTER_NBR_WRONG_PWD_TRIES); -} - -DWORD GetUsedLogicalDrives (void) -{ - DWORD dwUsedDrives = GetLogicalDrives(); - if (!bShowDisconnectedNetworkDrives) - { - static DWORD g_dwLastMappedDrives = 0; - static time_t g_lastCallTime = 0; - - EnterCriticalSection (&csWNetCalls); - - finally_do ({ LeaveCriticalSection (&csWNetCalls); }); - - /* update values every 2 seconds to reduce CPU consumption */ - if ((time (NULL) - g_lastCallTime) > 2) - { - /* detect disconnected mapped network shares and removed - * their associated drives from the list - */ - WCHAR remotePath[512]; - WCHAR drive[3] = {L'A', L':', 0}; - DWORD dwLen, status; - g_dwLastMappedDrives = 0; - for (WCHAR i = 0; i <= MAX_MOUNTED_VOLUME_DRIVE_NUMBER; i++) - { - if ((dwUsedDrives & (1 << i)) == 0) - { - drive[0] = L'A' + i; - dwLen = ARRAYSIZE (remotePath); - status = WNetGetConnection (drive, remotePath, &dwLen); - if ((NO_ERROR == status) || (status == ERROR_CONNECTION_UNAVAIL)) - { - /* this is a mapped network share, mark it as used */ - g_dwLastMappedDrives |= (1 << i); - } - } - } - - g_lastCallTime = time (NULL); - } - - dwUsedDrives |= g_dwLastMappedDrives; - } - - return dwUsedDrives; -} - - -int GetFirstAvailableDrive () -{ - DWORD dwUsedDrives = GetUsedLogicalDrives(); - int i, drive; - - /* let A: and B: be used as last resort since they can introduce side effects */ - for (i = 2; i < 28; i++) - { - drive = (i < 26) ? i : (i - 26); - if (!(dwUsedDrives & 1 << drive)) - return i; - } - - return -1; -} - - -int GetLastAvailableDrive () -{ - DWORD dwUsedDrives = GetUsedLogicalDrives(); - int i; - - for (i = 25; i >= 0; i--) - { - if (!(dwUsedDrives & 1 << i)) - return i; - } - - return -1; -} - - -BOOL IsDriveAvailable (int driveNo) -{ - return (GetUsedLogicalDrives() & (1 << driveNo)) == 0; -} - - -BOOL IsDeviceMounted (wchar_t *deviceName) -{ - BOOL bResult = FALSE; - DWORD dwResult; - HANDLE dev = INVALID_HANDLE_VALUE; - - if ((dev = CreateFile (deviceName, - GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, - NULL, - OPEN_EXISTING, - 0, - NULL)) != INVALID_HANDLE_VALUE) - { - bResult = DeviceIoControl (dev, FSCTL_IS_VOLUME_MOUNTED, NULL, 0, NULL, 0, &dwResult, NULL); - CloseHandle (dev); - } - - return bResult; -} - - -int DriverUnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forced) -{ - UNMOUNT_STRUCT unmount; - DWORD dwResult; - VOLUME_PROPERTIES_STRUCT prop; - BOOL bResult; - WCHAR wszLabel[33] = {0}; - BOOL bDriverSetLabel = FALSE; - - memset (&prop, 0, sizeof(prop)); - prop.driveNo = nDosDriveNo; - - if ( DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &dwResult, NULL) - && prop.driveNo == nDosDriveNo - ) - { - memcpy (wszLabel, prop.wszLabel, sizeof (wszLabel)); - bDriverSetLabel = prop.bDriverSetLabel; - } - - unmount.nDosDriveNo = nDosDriveNo; - unmount.ignoreOpenFiles = forced; - - bResult = DeviceIoControl (hDriver, TC_IOCTL_DISMOUNT_VOLUME, &unmount, - sizeof (unmount), &unmount, sizeof (unmount), &dwResult, NULL); - - if (bResult == FALSE) - { - handleWin32Error (hwndDlg, SRC_POS); - return 1; - } - else if ((unmount.nReturnCode == ERR_SUCCESS) && bDriverSetLabel && wszLabel[0]) - UpdateDriveCustomLabel (nDosDriveNo, wszLabel, FALSE); - -#ifdef TCMOUNT - - if (unmount.nReturnCode == ERR_SUCCESS - && unmount.HiddenVolumeProtectionTriggered - && !VolumeNotificationsList.bHidVolDamagePrevReported [nDosDriveNo] - && !Silent) - { - wchar_t msg[4096]; - - VolumeNotificationsList.bHidVolDamagePrevReported [nDosDriveNo] = TRUE; - StringCbPrintfW (msg, sizeof(msg), GetString ("DAMAGE_TO_HIDDEN_VOLUME_PREVENTED"), nDosDriveNo + L'A'); - SetForegroundWindow (hwndDlg); - MessageBoxW (hwndDlg, msg, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); - } - -#endif // #ifdef TCMOUNT - - return unmount.nReturnCode; -} - - -void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap) -{ - DEV_BROADCAST_VOLUME dbv; - DWORD_PTR dwResult; - LONG eventId = 0; - int i; - - if (DeviceChangeBroadcastDisabled) - return; - - if (message == DBT_DEVICEARRIVAL) - eventId = SHCNE_DRIVEADD; - else if (message == DBT_DEVICEREMOVECOMPLETE) - eventId = SHCNE_DRIVEREMOVED; - else if (IsOSAtLeast (WIN_7) && message == DBT_DEVICEREMOVEPENDING) // Explorer on Windows 7 holds open handles of all drives when 'Computer' is expanded in navigation pane. SHCNE_DRIVEREMOVED must be used as DBT_DEVICEREMOVEPENDING is ignored. - eventId = SHCNE_DRIVEREMOVED; - - if (driveMap == 0) - driveMap = (1 << nDosDriveNo); - - if (eventId != 0) - { - for (i = 0; i < 26; i++) - { - if (driveMap & (1 << i)) - { - wchar_t root[] = { (wchar_t) i + L'A', L':', L'\\', 0 }; - SHChangeNotify (eventId, SHCNF_PATH, root, NULL); - - - } - } - } - - dbv.dbcv_size = sizeof (dbv); - dbv.dbcv_devicetype = DBT_DEVTYP_VOLUME; - dbv.dbcv_reserved = 0; - dbv.dbcv_unitmask = driveMap; - dbv.dbcv_flags = 0; - - UINT timeOut = 1000; - - // SHChangeNotify() works on Vista, so the Explorer does not require WM_DEVICECHANGE - if (CurrentOSMajor >= 6) - timeOut = 100; - - IgnoreWmDeviceChange = TRUE; - SendMessageTimeout (HWND_BROADCAST, WM_DEVICECHANGE, message, (LPARAM)(&dbv), SMTO_ABORTIFHUNG, timeOut, &dwResult); - - // Explorer prior Vista sometimes fails to register a new drive - if (CurrentOSMajor < 6 && message == DBT_DEVICEARRIVAL) - SendMessageTimeout (HWND_BROADCAST, WM_DEVICECHANGE, message, (LPARAM)(&dbv), SMTO_ABORTIFHUNG, 200, &dwResult); - - IgnoreWmDeviceChange = FALSE; -} - -BOOL GetPhysicalDriveAlignment(UINT nDriveNumber, STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR* pDesc) -{ - DWORD dwRet = NO_ERROR; - - if (!pDesc) - return FALSE; - - // Format physical drive path (may be '\\.\PhysicalDrive0', '\\.\PhysicalDrive1' and so on). - TCHAR strDrivePath[512]; - StringCbPrintf(strDrivePath, sizeof(strDrivePath), _T("\\\\.\\PhysicalDrive%u"), nDriveNumber); - - // Get a handle to physical drive - HANDLE hDevice = ::CreateFile(strDrivePath, 0, FILE_SHARE_READ, - NULL, OPEN_EXISTING, 0, NULL); - - if(INVALID_HANDLE_VALUE == hDevice) - return FALSE; - - // Set the input data structure - STORAGE_PROPERTY_QUERY storagePropertyQuery; - ZeroMemory(&storagePropertyQuery, sizeof(STORAGE_PROPERTY_QUERY)); - storagePropertyQuery.PropertyId = StorageAccessAlignmentProperty; - storagePropertyQuery.QueryType = PropertyStandardQuery; - - // Get the necessary output buffer size - DWORD dwBytesReturned = 0; - BOOL bRet = ::DeviceIoControl(hDevice, IOCTL_STORAGE_QUERY_PROPERTY, - &storagePropertyQuery, sizeof(STORAGE_PROPERTY_QUERY), - pDesc, sizeof(STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR), - &dwBytesReturned, NULL); - dwRet = ::GetLastError(); - ::CloseHandle(hDevice); - - if (!bRet) - { - SetLastError (dwRet); - return FALSE; - } - else - return TRUE; -} - -/************************************************************/ - -// implementation of the generic wait dialog mechanism - -static UINT g_wmWaitDlg = ::RegisterWindowMessage(L"VeraCryptWaitDlgMessage"); - -typedef struct -{ - HWND hwnd; - void* pArg; - WaitThreadProc callback; -} WaitThreadParam; - -static void _cdecl WaitThread (void* pParam) -{ - WaitThreadParam* pThreadParam = (WaitThreadParam*) pParam; - - pThreadParam->callback(pThreadParam->pArg, pThreadParam->hwnd); - - /* close the wait dialog */ - PostMessage (pThreadParam->hwnd, g_wmWaitDlg, 0, 0); -} - -BOOL CALLBACK WaitDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - WaitThreadParam* thParam = (WaitThreadParam*) lParam; - - // set the progress bar type to MARQUEE (indefinite progress) - HWND hProgress = GetDlgItem (hwndDlg, IDC_WAIT_PROGRESS_BAR); - if (hProgress) - { - SetWindowLongPtrW (hProgress, GWL_STYLE, PBS_MARQUEE | GetWindowLongPtrW (hProgress, GWL_STYLE)); - ::SendMessageW(hProgress, PBM_SETMARQUEE, (WPARAM) TRUE, (LPARAM) 0); - } - - thParam->hwnd = hwndDlg; - - // For now, we don't have system menu is the resources but we leave this code - // if it is enabled in the future - HMENU hSysMenu = GetSystemMenu(hwndDlg, FALSE); - if (hSysMenu) - { - //disable the X - EnableMenuItem(hSysMenu,SC_CLOSE, MF_BYCOMMAND|MF_GRAYED); - - // set icons - HICON hIcon = (HICON)::LoadImage(hInst, MAKEINTRESOURCE(IDI_TRUECRYPT_ICON), IMAGE_ICON, ::GetSystemMetrics(SM_CXICON), ::GetSystemMetrics(SM_CYICON), LR_DEFAULTCOLOR); - ::SendMessage(hwndDlg, WM_SETICON, TRUE, (LPARAM)hIcon); - HICON hIconSmall = (HICON)::LoadImage(hInst, MAKEINTRESOURCE(IDI_TRUECRYPT_ICON), IMAGE_ICON, ::GetSystemMetrics(SM_CXSMICON), ::GetSystemMetrics(SM_CYSMICON), LR_DEFAULTCOLOR); - ::SendMessage(hwndDlg, WM_SETICON, FALSE, (LPARAM)hIconSmall); - } - - LocalizeDialog (hwndDlg, NULL); - _beginthread(WaitThread, 0, thParam); - return 0; - } - - case WM_COMMAND: - - if (lw == IDOK || lw == IDCANCEL) - return 1; - else - return 0; - - default: - if (msg == g_wmWaitDlg) - { - EndDialog (hwndDlg, IDOK); - return 1; - } - return 0; - } -} - - -void BringToForeground(HWND hWnd) -{ - if(!::IsWindow(hWnd)) return; - - DWORD lockTimeOut = 0; - HWND hCurrWnd = ::GetForegroundWindow(); - DWORD dwThisTID = ::GetCurrentThreadId(), - dwCurrTID = ::GetWindowThreadProcessId(hCurrWnd,0); - - if (hCurrWnd != hWnd) - { - if(dwThisTID != dwCurrTID) - { - ::AttachThreadInput(dwThisTID, dwCurrTID, TRUE); - - ::SystemParametersInfo(SPI_GETFOREGROUNDLOCKTIMEOUT,0,&lockTimeOut,0); - ::SystemParametersInfo(SPI_SETFOREGROUNDLOCKTIMEOUT,0,0,SPIF_SENDWININICHANGE | SPIF_UPDATEINIFILE); - - ::AllowSetForegroundWindow(ASFW_ANY); - } - - ::SetForegroundWindow(hWnd); - - if(dwThisTID != dwCurrTID) - { - ::SystemParametersInfo(SPI_SETFOREGROUNDLOCKTIMEOUT,0,(PVOID)lockTimeOut,SPIF_SENDWININICHANGE | SPIF_UPDATEINIFILE); - ::AttachThreadInput(dwThisTID, dwCurrTID, FALSE); - } - } - -#ifdef TCMOUNT - if (hWnd == MainDlg) - { - SetFocus (hWnd); - ::SendMessage(hWnd, WM_NEXTDLGCTL, (WPARAM) GetDlgItem (hWnd, IDC_DRIVELIST), 1L); - } -#endif -} - -void ShowWaitDialog(HWND hwnd, BOOL bUseHwndAsParent, WaitThreadProc callback, void* pArg) -{ - HWND hParent = (hwnd && bUseHwndAsParent)? hwnd : GetDesktopWindow(); - BOOL bEffectiveHideWaitingDialog = bCmdHideWaitingDialogValid? bCmdHideWaitingDialog : bHideWaitingDialog; - WaitThreadParam threadParam; - threadParam.callback = callback; - threadParam.pArg = pArg; - - if (WaitDialogDisplaying || bEffectiveHideWaitingDialog) - { - if (!WaitDialogDisplaying) WaitCursor (); - callback (pArg, hwnd); - if (!WaitDialogDisplaying) NormalCursor (); - } - else - { - BOOL bIsForeground = FALSE; - WaitDialogDisplaying = TRUE; - if (hwnd) - { - if (GetForegroundWindow () == hwnd) - bIsForeground = TRUE; - EnableWindow (hwnd, FALSE); - } - else - EnableWindow (MainDlg, FALSE); - finally_do_arg2 (HWND, hwnd, BOOL, bIsForeground, { if (finally_arg) {EnableWindow(finally_arg, TRUE); if (finally_arg2) BringToForeground (finally_arg);} else EnableWindow (MainDlg, TRUE);}); - - DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_STATIC_MODAL_WAIT_DLG), hParent, - (DLGPROC) WaitDlgProc, (LPARAM) &threadParam); - - WaitDialogDisplaying = FALSE; - } -} - -/************************************************************************/ - -static BOOL PerformMountIoctl (MOUNT_STRUCT* pmount, LPDWORD pdwResult, BOOL useVolumeID, BYTE volumeID[VOLUME_ID_SIZE]) -{ - if (useVolumeID) - { - wstring devicePath = FindDeviceByVolumeID (volumeID); - if (devicePath == L"") - { - if (pdwResult) - *pdwResult = 0; - SetLastError (ERROR_PATH_NOT_FOUND); - return FALSE; - } - else - { - BOOL bDevice = FALSE; - CreateFullVolumePath (pmount->wszVolume, sizeof(pmount->wszVolume), devicePath.c_str(), &bDevice); - } - } - - return DeviceIoControl (hDriver, TC_IOCTL_MOUNT_VOLUME, pmount, - sizeof (MOUNT_STRUCT), pmount, sizeof (MOUNT_STRUCT), pdwResult, NULL); -} - -// specific definitions and implementation for support of mount operation -// in wait dialog mechanism - -typedef struct -{ - MOUNT_STRUCT* pmount; - BOOL useVolumeID; - BYTE volumeID[VOLUME_ID_SIZE]; - BOOL* pbResult; - DWORD* pdwResult; - DWORD dwLastError; -} MountThreadParam; - -void CALLBACK MountWaitThreadProc(void* pArg, HWND ) -{ - MountThreadParam* pThreadParam = (MountThreadParam*) pArg; - - *(pThreadParam->pbResult) = PerformMountIoctl (pThreadParam->pmount, pThreadParam->pdwResult, pThreadParam->useVolumeID, pThreadParam->volumeID); - - pThreadParam->dwLastError = GetLastError (); -} - -/************************************************************************/ - -// Use only cached passwords if password = NULL -// -// Returns: -// -1 = user aborted mount / error -// 0 = mount failed -// 1 = mount OK -// 2 = mount OK in shared mode -// -// Note that some code calling this relies on the content of the mountOptions struct -// to remain unmodified (don't remove the 'const' without proper revision). - -int MountVolume (HWND hwndDlg, - int driveNo, - wchar_t *volumePath, - Password *password, - int pkcs5, - int pim, - BOOL truecryptMode, - BOOL cachePassword, - BOOL cachePim, - BOOL sharedAccess, - const MountOptions* const mountOptions, - BOOL quiet, - BOOL bReportWrongPassword) -{ - MOUNT_STRUCT mount; - DWORD dwResult, dwLastError = ERROR_SUCCESS; - BOOL bResult, bDevice; - wchar_t root[MAX_PATH]; - int favoriteMountOnArrivalRetryCount = 0; - BOOL useVolumeID = FALSE; - BYTE volumeID[VOLUME_ID_SIZE] = {0}; - -#ifdef TCMOUNT - if (mountOptions->PartitionInInactiveSysEncScope) - { - if (!CheckSysEncMountWithoutPBA (hwndDlg, volumePath, quiet)) - return -1; - } -#endif - - if (IsMountedVolume (volumePath)) - { - if (!quiet) - Error ("VOL_ALREADY_MOUNTED", hwndDlg); - return -1; - } - - if (!IsDriveAvailable (driveNo)) - { - if (!quiet) - Error ("DRIVE_LETTER_UNAVAILABLE", hwndDlg); - - return -1; - } - - // If using cached passwords, check cache status first - if (password == NULL && IsPasswordCacheEmpty ()) - return 0; - - ZeroMemory (&mount, sizeof (mount)); - mount.bExclusiveAccess = sharedAccess ? FALSE : TRUE; - mount.SystemFavorite = MountVolumesAsSystemFavorite; - mount.UseBackupHeader = mountOptions->UseBackupHeader; - mount.RecoveryMode = mountOptions->RecoveryMode; - StringCbCopyW (mount.wszLabel, sizeof (mount.wszLabel), mountOptions->Label); - -retry: - mount.nDosDriveNo = driveNo; - mount.bCache = cachePassword; - mount.bCachePim = cachePim; - - mount.bPartitionInInactiveSysEncScope = FALSE; - - if (password != NULL) - mount.VolumePassword = *password; - else - mount.VolumePassword.Length = 0; - - if (!mountOptions->ReadOnly && mountOptions->ProtectHiddenVolume) - { - mount.ProtectedHidVolPassword = mountOptions->ProtectedHidVolPassword; - mount.bProtectHiddenVolume = TRUE; - mount.ProtectedHidVolPkcs5Prf = mountOptions->ProtectedHidVolPkcs5Prf; - mount.ProtectedHidVolPim = mountOptions->ProtectedHidVolPim; - } - else - mount.bProtectHiddenVolume = FALSE; - - mount.bMountReadOnly = mountOptions->ReadOnly; - mount.bMountRemovable = mountOptions->Removable; - mount.bPreserveTimestamp = mountOptions->PreserveTimestamp; - - mount.bMountManager = TRUE; - mount.pkcs5_prf = pkcs5; - mount.bTrueCryptMode = truecryptMode; - mount.VolumePim = pim; - - // Windows 2000 mount manager causes problems with remounted volumes - if (CurrentOSMajor == 5 && CurrentOSMinor == 0) - mount.bMountManager = FALSE; - - wstring path = volumePath; - if (path.find (L"\\\\?\\") == 0) - { - // Remove \\?\ prefix - path = path.substr (4); - StringCchCopyW (volumePath, TC_MAX_PATH, path.c_str()); - } - - if (path.find (L"Volume{") == 0 && path.rfind (L"}\\") == path.size() - 2) - { - wstring resolvedPath = VolumeGuidPathToDevicePath (path); - - if (!resolvedPath.empty()) - StringCchCopyW (volumePath, TC_MAX_PATH, resolvedPath.c_str()); - } - - if ((path.length () >= 3) && (_wcsnicmp (path.c_str(), L"ID:", 3) == 0)) - { - std::vector arr; - if ( (path.length() == (3 + 2*VOLUME_ID_SIZE)) - && HexWideStringToArray (path.c_str() + 3, arr) - && (arr.size() == VOLUME_ID_SIZE) - ) - { - useVolumeID = TRUE; - bDevice = TRUE; - memcpy (volumeID, &arr[0], VOLUME_ID_SIZE); - } - else - { - if (!quiet) - Error ("VOLUME_ID_INVALID", hwndDlg); - - SetLastError (ERROR_INVALID_PARAMETER); - return -1; - } - } - else - CreateFullVolumePath (mount.wszVolume, sizeof(mount.wszVolume), volumePath, &bDevice); - - if (!bDevice) - { - // UNC path - if (path.find (L"\\\\") == 0) - { - StringCbCopyW (mount.wszVolume, sizeof (mount.wszVolume), (L"UNC" + path.substr (1)).c_str()); - } - - if (GetVolumePathName (volumePath, root, ARRAYSIZE (root) - 1)) - { - DWORD bps, flags, d; - if (GetDiskFreeSpace (root, &d, &bps, &d, &d)) - { - mount.BytesPerSector = bps; - mount.BytesPerPhysicalSector = bps; - } - - if (IsOSAtLeast (WIN_VISTA)) - { - if ( (wcslen(root) >= 2) - && (root[1] == L':') - && (towupper(root[0]) >= L'A' && towupper(root[0]) <= L'Z') - ) - { - wstring drivePath = L"\\\\.\\X:"; - HANDLE dev = INVALID_HANDLE_VALUE; - VOLUME_DISK_EXTENTS extents = {0}; - DWORD dwResult = 0; - drivePath[4] = root[0]; - - if ((dev = CreateFile (drivePath.c_str(),0, 0, NULL, OPEN_EXISTING, 0, NULL)) != INVALID_HANDLE_VALUE) - { - if (DeviceIoControl (dev, IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS, NULL, 0, &extents, sizeof(extents), &dwResult, NULL)) - { - if (extents.NumberOfDiskExtents > 0) - { - STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR desc; - if (GetPhysicalDriveAlignment (extents.Extents[0].DiskNumber, &desc)) - { - mount.BytesPerSector = desc.BytesPerLogicalSector; - mount.BytesPerPhysicalSector = desc.BytesPerPhysicalSector; - } - } - } - CloseHandle (dev); - } - } - } - - // Read-only host filesystem - if (!mount.bMountReadOnly && GetVolumeInformation (root, NULL, 0, NULL, &d, &flags, NULL, 0)) - mount.bMountReadOnly = (flags & FILE_READ_ONLY_VOLUME) != 0; - } - } - - if (mountOptions->PartitionInInactiveSysEncScope) - { - if (mount.wszVolume == NULL || swscanf_s ((const wchar_t *) mount.wszVolume, - WIDE("\\Device\\Harddisk%d\\Partition"), - &mount.nPartitionInInactiveSysEncScopeDriveNo, - sizeof(mount.nPartitionInInactiveSysEncScopeDriveNo)) != 1) - { - if (!quiet) - Warning ("NO_SYSENC_PARTITION_SELECTED", hwndDlg); - return -1; - } - - mount.bPartitionInInactiveSysEncScope = TRUE; - } - - if (!quiet) - { - MountThreadParam mountThreadParam; - mountThreadParam.pmount = &mount; - mountThreadParam.useVolumeID = useVolumeID; - memcpy (mountThreadParam.volumeID, volumeID, VOLUME_ID_SIZE); - mountThreadParam.pbResult = &bResult; - mountThreadParam.pdwResult = &dwResult; - mountThreadParam.dwLastError = ERROR_SUCCESS; - - ShowWaitDialog (hwndDlg, FALSE, MountWaitThreadProc, &mountThreadParam); - - dwLastError = mountThreadParam.dwLastError; - } - else - { - bResult = PerformMountIoctl (&mount, &dwResult, useVolumeID, volumeID); - - dwLastError = GetLastError (); - } - - burn (&mount.VolumePassword, sizeof (mount.VolumePassword)); - burn (&mount.ProtectedHidVolPassword, sizeof (mount.ProtectedHidVolPassword)); - burn (&mount.pkcs5_prf, sizeof (mount.pkcs5_prf)); - burn (&mount.bTrueCryptMode, sizeof (mount.bTrueCryptMode)); - burn (&mount.ProtectedHidVolPkcs5Prf, sizeof (mount.ProtectedHidVolPkcs5Prf)); - - SetLastError (dwLastError); - if (bResult == FALSE) - { - // Volume already open by another process - if (GetLastError () == ERROR_SHARING_VIOLATION) - { - if (FavoriteMountOnArrivalInProgress && ++favoriteMountOnArrivalRetryCount < 10) - { - Sleep (500); - goto retry; - } - - if (mount.bExclusiveAccess == FALSE) - { - if (!quiet) - Error ("FILE_IN_USE_FAILED", hwndDlg); - - return -1; - } - else - { - if (quiet) - { - mount.bExclusiveAccess = FALSE; - goto retry; - } - - // Ask user - if (IDYES == AskWarnNoYes ("FILE_IN_USE", hwndDlg)) - { - mount.bExclusiveAccess = FALSE; - goto retry; - } - } - - return -1; - } - - if (!quiet && (!MultipleMountOperationInProgress || GetLastError() != ERROR_NOT_READY)) - handleWin32Error (hwndDlg, SRC_POS); - - return -1; - } - - if (mount.nReturnCode != 0) - { - if (mount.nReturnCode == ERR_PASSWORD_WRONG) - { - // Do not report wrong password, if not instructed to - if (bReportWrongPassword) - { - IncreaseWrongPwdRetryCount (1); // We increase the count here only if bReportWrongPassword is TRUE, because "Auto-Mount All Devices" and other callers do it separately - - if (WrongPwdRetryCountOverLimit () - && !mount.UseBackupHeader) - { - // Retry using embedded header backup (if any) - mount.UseBackupHeader = TRUE; - goto retry; - } - - if (bDevice && mount.bProtectHiddenVolume) - { - int driveNo; - - if (swscanf (volumePath, L"\\Device\\Harddisk%d\\Partition", &driveNo) == 1) - { - OPEN_TEST_STRUCT openTestStruct; - memset (&openTestStruct, 0, sizeof (openTestStruct)); - - openTestStruct.bDetectTCBootLoader = TRUE; - StringCchPrintfW ((wchar_t *) openTestStruct.wszFileName, array_capacity (openTestStruct.wszFileName), L"\\Device\\Harddisk%d\\Partition0", driveNo); - - DWORD dwResult; - if (DeviceIoControl (hDriver, TC_IOCTL_OPEN_TEST, &openTestStruct, sizeof (OPEN_TEST_STRUCT), &openTestStruct, sizeof (OPEN_TEST_STRUCT), &dwResult, NULL) && openTestStruct.TCBootLoaderDetected) - WarningDirect ((GetWrongPasswordErrorMessage (hwndDlg) + L"\n\n" + GetString ("HIDDEN_VOL_PROT_PASSWORD_US_KEYB_LAYOUT")).c_str(), hwndDlg); - else - handleError (hwndDlg, mount.nReturnCode, SRC_POS); - } - } - else - handleError (hwndDlg, mount.nReturnCode, SRC_POS); - } - - return 0; - } - - if (!quiet) - handleError (hwndDlg, mount.nReturnCode, SRC_POS); - - return 0; - } - - // Mount successful - - if (mount.UseBackupHeader != mountOptions->UseBackupHeader - && mount.UseBackupHeader) - { - if (bReportWrongPassword && !Silent) - Warning ("HEADER_DAMAGED_AUTO_USED_HEADER_BAK", hwndDlg); - } - - LastMountedVolumeDirty = mount.FilesystemDirty; - - if (mount.FilesystemDirty) - { - wchar_t msg[1024]; - wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; - StringCbPrintfW (msg, sizeof(msg), GetString ("MOUNTED_VOLUME_DIRTY"), mountPoint); - - if (AskWarnYesNoStringTopmost (msg, hwndDlg) == IDYES) - CheckFilesystem (hwndDlg, driveNo, TRUE); - } - - if (mount.VolumeMountedReadOnlyAfterAccessDenied - && !Silent - && !bDevice - && !FileHasReadOnlyAttribute (volumePath) - && !IsFileOnReadOnlyFilesystem (volumePath)) - { - wchar_t msg[1024]; - wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; - StringCbPrintfW (msg, sizeof(msg), GetString ("MOUNTED_CONTAINER_FORCED_READ_ONLY"), mountPoint); - - WarningDirect (msg, hwndDlg); - } - - if (mount.VolumeMountedReadOnlyAfterAccessDenied - && !Silent - && bDevice) - { - wchar_t msg[1024]; - wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; - StringCbPrintfW (msg, sizeof(msg), GetString ("MOUNTED_DEVICE_FORCED_READ_ONLY"), mountPoint); - - WarningDirect (msg, hwndDlg); - } - - if (mount.VolumeMountedReadOnlyAfterDeviceWriteProtected - && !Silent - && wcsstr (volumePath, L"\\Device\\Harddisk") == volumePath) - { - wchar_t msg[1024]; - wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; - StringCbPrintfW (msg, sizeof(msg), GetString ("MOUNTED_DEVICE_FORCED_READ_ONLY_WRITE_PROTECTION"), mountPoint); - - WarningDirect (msg, hwndDlg); - - if (CurrentOSMajor >= 6 - && wcsstr (volumePath, L"\\Device\\HarddiskVolume") != volumePath - && AskNoYes ("ASK_REMOVE_DEVICE_WRITE_PROTECTION", hwndDlg) == IDYES) - { - RemoveDeviceWriteProtection (hwndDlg, volumePath); - } - } - - if (mount.wszLabel[0] && !mount.bDriverSetLabel) - { - // try setting the drive label on user-mode using registry - UpdateDriveCustomLabel (driveNo, mount.wszLabel, TRUE); - } - - ResetWrongPwdRetryCount (); - - BroadcastDeviceChange (DBT_DEVICEARRIVAL, driveNo, 0); - - if (mount.bExclusiveAccess == FALSE) - return 2; - - return 1; -} - -typedef struct -{ - int nDosDriveNo; - BOOL forced; - int dismountMaxRetries; - DWORD retryDelay; - int* presult; - DWORD dwLastError; -} UnmountThreadParam; - -void CALLBACK UnmountWaitThreadProc(void* pArg, HWND hwnd) -{ - UnmountThreadParam* pThreadParam = (UnmountThreadParam*) pArg; - int dismountMaxRetries = pThreadParam->dismountMaxRetries; - DWORD retryDelay = pThreadParam->retryDelay; - - do - { - *pThreadParam->presult = DriverUnmountVolume (hwnd, pThreadParam->nDosDriveNo, pThreadParam->forced); - - if (*pThreadParam->presult == ERR_FILES_OPEN) - Sleep (retryDelay); - else - break; - - } while (--dismountMaxRetries > 0); - - pThreadParam->dwLastError = GetLastError (); -} - -static BOOL UnmountVolumeBase (HWND hwndDlg, int nDosDriveNo, BOOL forceUnmount, BOOL ntfsFormatCase) -{ - int result; - BOOL forced = forceUnmount; - int dismountMaxRetries = ntfsFormatCase? 5 : UNMOUNT_MAX_AUTO_RETRIES; - DWORD retryDelay = ntfsFormatCase? 2000: UNMOUNT_AUTO_RETRY_DELAY; - UnmountThreadParam param; - -retry: - BroadcastDeviceChange (DBT_DEVICEREMOVEPENDING, nDosDriveNo, 0); - - param.nDosDriveNo = nDosDriveNo; - param.forced = forced; - param.dismountMaxRetries = dismountMaxRetries; - param.retryDelay = retryDelay; - param.presult = &result; - - if (Silent) - { - UnmountWaitThreadProc (¶m, hwndDlg); - } - else - { - ShowWaitDialog (hwndDlg, FALSE, UnmountWaitThreadProc, ¶m); - } - - SetLastError (param.dwLastError); - - if (result != 0) - { - if (result == ERR_FILES_OPEN && !Silent) - { - if (IDYES == AskWarnYesNoTopmost ("UNMOUNT_LOCK_FAILED", hwndDlg)) - { - forced = TRUE; - goto retry; - } - - if (IsOSAtLeast (WIN_7)) - { - // Undo SHCNE_DRIVEREMOVED - wchar_t root[] = { (wchar_t) nDosDriveNo + L'A', L':', L'\\', 0 }; - SHChangeNotify (SHCNE_DRIVEADD, SHCNF_PATH, root, NULL); - } - - return FALSE; - } - - Error ("UNMOUNT_FAILED", hwndDlg); - - return FALSE; - } - - BroadcastDeviceChange (DBT_DEVICEREMOVECOMPLETE, nDosDriveNo, 0); - - return TRUE; -} - -BOOL UnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forceUnmount) -{ - return UnmountVolumeBase (hwndDlg, nDosDriveNo, forceUnmount, FALSE); -} - -BOOL UnmountVolumeAfterFormatExCall (HWND hwndDlg, int nDosDriveNo) -{ - return UnmountVolumeBase (hwndDlg, nDosDriveNo, FALSE, TRUE); -} - - -BOOL IsPasswordCacheEmpty (void) -{ - DWORD dw; - return !DeviceIoControl (hDriver, TC_IOCTL_GET_PASSWORD_CACHE_STATUS, 0, 0, 0, 0, &dw, 0); -} - -BOOL IsMountedVolumeID (BYTE volumeID[VOLUME_ID_SIZE]) -{ - MOUNT_LIST_STRUCT mlist; - DWORD dwResult; - int i; - - memset (&mlist, 0, sizeof (mlist)); - DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist, - sizeof (mlist), &mlist, sizeof (mlist), &dwResult, - NULL); - - for (i=0 ; i<26; i++) - if (0 == memcmp (mlist.volumeID[i], volumeID, VOLUME_ID_SIZE)) - return TRUE; - - return FALSE; -} - -BOOL IsMountedVolume (const wchar_t *volname) -{ - if ((wcslen (volname) == (3 + 2*VOLUME_ID_SIZE)) && _wcsnicmp (volname, L"ID:", 3) == 0) - { - /* Volume ID specified. Use it for matching mounted volumes. */ - std::vector arr; - if (HexWideStringToArray (&volname[3], arr) && (arr.size() == VOLUME_ID_SIZE)) - { - return IsMountedVolumeID (&arr[0]); - } - } - else - { - MOUNT_LIST_STRUCT mlist; - DWORD dwResult; - int i; - wchar_t volume[TC_MAX_PATH*2+16]; - - StringCbCopyW (volume, sizeof(volume), volname); - - if (wcsstr (volname, L"\\Device\\") != volname) - StringCbPrintfW(volume, sizeof(volume), L"\\??\\%s", volname); - - wstring resolvedPath = VolumeGuidPathToDevicePath (volname); - if (!resolvedPath.empty()) - StringCbCopyW (volume, sizeof (volume), resolvedPath.c_str()); - - memset (&mlist, 0, sizeof (mlist)); - DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist, - sizeof (mlist), &mlist, sizeof (mlist), &dwResult, - NULL); - - for (i=0 ; i<26; i++) - if (0 == _wcsicmp ((wchar_t *) mlist.wszVolume[i], volume)) - return TRUE; - } - - return FALSE; -} - - -int GetMountedVolumeDriveNo (wchar_t *volname) -{ - MOUNT_LIST_STRUCT mlist; - DWORD dwResult; - int i; - wchar_t volume[TC_MAX_PATH*2+16]; - - if (volname == NULL) - return -1; - - StringCbCopyW (volume, sizeof(volume), volname); - - if (wcsstr (volname, L"\\Device\\") != volname) - StringCbPrintfW (volume, sizeof(volume), L"\\??\\%s", volname); - - wstring resolvedPath = VolumeGuidPathToDevicePath (volname); - if (!resolvedPath.empty()) - StringCbCopyW (volume, sizeof (volume), resolvedPath.c_str()); - - memset (&mlist, 0, sizeof (mlist)); - DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist, - sizeof (mlist), &mlist, sizeof (mlist), &dwResult, - NULL); - - for (i=0 ; i<26; i++) - if (0 == _wcsicmp ((wchar_t *) mlist.wszVolume[i], (WCHAR *)volume)) - return i; - - return -1; -} - - -BOOL IsAdmin (void) -{ - return IsUserAnAdmin (); -} - - -BOOL IsBuiltInAdmin () -{ - HANDLE procToken; - DWORD size; - - if (!IsAdmin() || !OpenProcessToken (GetCurrentProcess(), TOKEN_QUERY, &procToken)) - return FALSE; - - finally_do_arg (HANDLE, procToken, { CloseHandle (finally_arg); }); - - if (GetTokenInformation (procToken, TokenUser, NULL, 0, &size) || GetLastError() != ERROR_INSUFFICIENT_BUFFER) - return FALSE; - - TOKEN_USER *tokenUser = (TOKEN_USER *) malloc (size); - if (!tokenUser) - return FALSE; - - finally_do_arg (void *, tokenUser, { free (finally_arg); }); - - if (!GetTokenInformation (procToken, TokenUser, tokenUser, size, &size)) - return FALSE; - - return IsWellKnownSid (tokenUser->User.Sid, WinAccountAdministratorSid); -} - - -BOOL IsUacSupported () -{ - HKEY hkey; - DWORD value = 1, size = sizeof (DWORD); - - if (!IsOSAtLeast (WIN_VISTA)) - return FALSE; - - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", 0, KEY_READ, &hkey) == ERROR_SUCCESS) - { - if (RegQueryValueEx (hkey, L"EnableLUA", 0, 0, (LPBYTE) &value, &size) != ERROR_SUCCESS) - value = 1; - - RegCloseKey (hkey); - } - - return value != 0; -} - - -BOOL ResolveSymbolicLink (const wchar_t *symLinkName, PWSTR targetName, size_t cbTargetName) -{ - BOOL bResult; - DWORD dwResult; - RESOLVE_SYMLINK_STRUCT resolve; - - memset (&resolve, 0, sizeof(resolve)); - StringCbCopyW (resolve.symLinkName, sizeof(resolve.symLinkName), symLinkName); - - bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_RESOLVED_SYMLINK, &resolve, - sizeof (resolve), &resolve, sizeof (resolve), &dwResult, - NULL); - - StringCbCopyW (targetName, cbTargetName, resolve.targetName); - - return bResult; -} - - -BOOL GetPartitionInfo (const wchar_t *deviceName, PPARTITION_INFORMATION rpartInfo) -{ - BOOL bResult; - DWORD dwResult; - DISK_PARTITION_INFO_STRUCT dpi; - - memset (&dpi, 0, sizeof(dpi)); - StringCbCopyW ((PWSTR) &dpi.deviceName, sizeof(dpi.deviceName), deviceName); - - bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVE_PARTITION_INFO, &dpi, - sizeof (dpi), &dpi, sizeof (dpi), &dwResult, NULL); - - memcpy (rpartInfo, &dpi.partInfo, sizeof (PARTITION_INFORMATION)); - return bResult; -} - - -BOOL GetDeviceInfo (const wchar_t *deviceName, DISK_PARTITION_INFO_STRUCT *info) -{ - DWORD dwResult; - - memset (info, 0, sizeof(*info)); - StringCbCopyW ((PWSTR) &info->deviceName, sizeof(info->deviceName), deviceName); - - return DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVE_PARTITION_INFO, info, sizeof (*info), info, sizeof (*info), &dwResult, NULL); -} - - -BOOL GetDriveGeometry (const wchar_t *deviceName, PDISK_GEOMETRY diskGeometry) -{ - BOOL bResult; - DWORD dwResult; - DISK_GEOMETRY_STRUCT dg; - - memset (&dg, 0, sizeof(dg)); - StringCbCopyW ((PWSTR) &dg.deviceName, sizeof(dg.deviceName), deviceName); - - bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVE_GEOMETRY, &dg, - sizeof (dg), &dg, sizeof (dg), &dwResult, NULL); - - if (bResult && (dwResult == sizeof (dg)) && dg.diskGeometry.BytesPerSector) - { - memcpy (diskGeometry, &dg.diskGeometry, sizeof (DISK_GEOMETRY)); - return TRUE; - } - else - return FALSE; -} - -BOOL GetPhysicalDriveGeometry (int driveNumber, PDISK_GEOMETRY diskGeometry) -{ - HANDLE hDev; - BOOL bResult = FALSE; - TCHAR devicePath[MAX_PATH]; - - StringCchPrintfW (devicePath, ARRAYSIZE (devicePath), L"\\\\.\\PhysicalDrive%d", driveNumber); - - if ((hDev = CreateFileW (devicePath, 0, 0, NULL, OPEN_EXISTING, 0, NULL)) != INVALID_HANDLE_VALUE) - { - DWORD bytesRead = 0; - - ZeroMemory (diskGeometry, sizeof (DISK_GEOMETRY)); - - if ( DeviceIoControl (hDev, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, diskGeometry, sizeof (DISK_GEOMETRY), &bytesRead, NULL) - && (bytesRead == sizeof (DISK_GEOMETRY)) - && diskGeometry->BytesPerSector) - { - bResult = TRUE; - } - - CloseHandle (hDev); - } - - return bResult; -} - - -// Returns drive letter number assigned to device (-1 if none) -int GetDiskDeviceDriveLetter (PWSTR deviceName) -{ - int i; - WCHAR link[MAX_PATH]; - WCHAR target[MAX_PATH]; - WCHAR device[MAX_PATH]; - - if (!ResolveSymbolicLink (deviceName, device, sizeof(device))) - StringCchCopyW (device, MAX_PATH, deviceName); - - for (i = 0; i < 26; i++) - { - WCHAR drive[] = { (WCHAR) i + L'A', L':', 0 }; - - StringCchCopyW (link, MAX_PATH, L"\\DosDevices\\"); - StringCchCatW (link, MAX_PATH, drive); - - if ( ResolveSymbolicLink (link, target, sizeof(target)) - && (wcscmp (device, target) == 0) - ) - { - return i; - } - } - - return -1; -} - - -// WARNING: This function does NOT provide 100% reliable results -- do NOT use it for critical/dangerous operations! -// Return values: 0 - filesystem does not appear empty, 1 - filesystem appears empty, -1 - an error occurred -int FileSystemAppearsEmpty (const wchar_t *devicePath) -{ - float percentFreeSpace = 0.0; - __int64 occupiedBytes = 0; - - if (GetStatsFreeSpaceOnPartition (devicePath, &percentFreeSpace, &occupiedBytes, TRUE) != -1) - { - if (occupiedBytes > BYTES_PER_GB && percentFreeSpace < 99.99 // "percentFreeSpace < 99.99" is needed because an NTFS filesystem larger than several terabytes can have more than 1GB of data in use, even if there are no files stored on it. - || percentFreeSpace < 88) // A 24-MB NTFS filesystem has 11.5% of space in use even if there are no files stored on it. - { - return 0; - } - else - return 1; - } - else - return -1; -} - - -// Returns the free space on the specified partition (volume) in bytes. If the 'occupiedBytes' pointer -// is not NULL, size of occupied space (in bytes) is written to the pointed location. In addition, if the -// 'percent' pointer is not NULL, % of free space is stored in the pointed location. If there's an error, -// returns -1. -__int64 GetStatsFreeSpaceOnPartition (const wchar_t *devicePath, float *percentFree, __int64 *occupiedBytes, BOOL silent) -{ - WCHAR devPath [MAX_PATH]; - int driveLetterNo = -1; - wchar_t szRootPath[4] = {0, L':', L'\\', 0}; - ULARGE_INTEGER freeSpaceSize; - ULARGE_INTEGER totalNumberOfBytes; - ULARGE_INTEGER totalNumberOfFreeBytes; - - StringCbCopyW (devPath, sizeof(devPath), devicePath); - - driveLetterNo = GetDiskDeviceDriveLetter (devPath); - szRootPath[0] = (wchar_t) driveLetterNo + L'A'; - - - if (!GetDiskFreeSpaceEx (szRootPath, &freeSpaceSize, &totalNumberOfBytes, &totalNumberOfFreeBytes)) - { - if (!silent) - { - handleWin32Error (MainDlg, SRC_POS); - Error ("CANNOT_CALC_SPACE", MainDlg); - } - - return -1; - } - - - if (percentFree != NULL || occupiedBytes != NULL) - { - // Determine occupied space and % of free space - - PARTITION_INFORMATION partitionInfo; - - if (!GetPartitionInfo (devicePath, &partitionInfo)) - { - if (!silent) - { - handleWin32Error (MainDlg, SRC_POS); - Error ("CANT_GET_VOLSIZE", MainDlg); - } - return -1; - } - - if (occupiedBytes != NULL) - *occupiedBytes = partitionInfo.PartitionLength.QuadPart - freeSpaceSize.QuadPart; - - if (percentFree != NULL) - *percentFree = (float) ((double) freeSpaceSize.QuadPart / (double) partitionInfo.PartitionLength.QuadPart * 100.0); - } - - return freeSpaceSize.QuadPart; -} - - -// Returns -1 if there's an error. -__int64 GetDeviceSize (const wchar_t *devicePath) -{ - PARTITION_INFORMATION partitionInfo; - - if (!GetPartitionInfo (devicePath, &partitionInfo)) - return -1; - - return partitionInfo.PartitionLength.QuadPart; -} - - -HANDLE DismountDrive (wchar_t *devName, wchar_t *devicePath) -{ - DWORD dwResult; - HANDLE hVolume; - BOOL bResult = FALSE; - int attempt = UNMOUNT_MAX_AUTO_RETRIES; - int driveLetterNo = -1; - WCHAR devPath [MAX_PATH]; - - StringCbCopyW (devPath, sizeof(devPath), devicePath); - driveLetterNo = GetDiskDeviceDriveLetter (devPath); - - - hVolume = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, - FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (hVolume == INVALID_HANDLE_VALUE) - return INVALID_HANDLE_VALUE; - - - // Try to lock the volume first so that dismount is not forced. - // If we fail, we will dismount anyway even if it needs to be forced. - - CloseVolumeExplorerWindows (MainDlg, driveLetterNo); - - while (!(bResult = DeviceIoControl (hVolume, FSCTL_LOCK_VOLUME, NULL, 0, NULL, 0, &dwResult, NULL)) - && attempt > 0) - { - Sleep (UNMOUNT_AUTO_RETRY_DELAY); - attempt--; - } - - - // Try to dismount the volume - - attempt = UNMOUNT_MAX_AUTO_RETRIES; - - while (!(bResult = DeviceIoControl (hVolume, FSCTL_DISMOUNT_VOLUME, NULL, 0, NULL, 0, &dwResult, NULL)) - && attempt > 0) - { - Sleep (UNMOUNT_AUTO_RETRY_DELAY); - attempt--; - } - - if (!bResult) - CloseHandle (hVolume); - - return (bResult ? hVolume : INVALID_HANDLE_VALUE); -} - -// Returns -1 if the specified string is not found in the buffer. Otherwise, returns the -// offset of the first occurrence of the string. The string and the buffer may contain zeroes, -// which do NOT terminate them. -int64 FindString (const char *buf, const char *str, int64 bufLen, int64 strLen, int64 startOffset) -{ - if (buf == NULL - || str == NULL - || strLen > bufLen - || bufLen < 1 - || strLen < 1 - || startOffset > bufLen - strLen) - { - return -1; - } - - for (int64 i = startOffset; i <= bufLen - strLen; i++) - { - if (memcmp (buf + i, str, (size_t) strLen) == 0) - return i; - } - - return -1; -} - -// Returns TRUE if the file or directory exists (both may be enclosed in quotation marks). -BOOL FileExists (const wchar_t *filePathPtr) -{ - wchar_t filePath [TC_MAX_PATH * 2 + 1]; - - // Strip quotation marks (if any) - if (filePathPtr [0] == L'"') - { - StringCbCopyW (filePath, sizeof(filePath), filePathPtr + 1); - } - else - { - StringCbCopyW (filePath, sizeof(filePath), filePathPtr); - } - - // Strip quotation marks (if any) - if (filePath [wcslen (filePath) - 1] == L'"') - filePath [wcslen (filePath) - 1] = 0; - - return (_waccess (filePath, 0) != -1); -} - -// Searches the file from its end for the LAST occurrence of the string str. -// The string may contain zeroes, which do NOT terminate the string. -// If the string is found, its offset from the start of the file is returned. -// If the string isn't found or if any error occurs, -1 is returned. -__int64 FindStringInFile (const wchar_t *filePath, const char* str, int strLen) -{ - int bufSize = 64 * BYTES_PER_KB; - char *buffer = (char *) err_malloc (bufSize); - HANDLE src = NULL; - DWORD bytesRead; - BOOL readRetVal; - __int64 filePos = GetFileSize64 (filePath); - int bufPos = 0; - LARGE_INTEGER seekOffset, seekOffsetNew; - BOOL bExit = FALSE; - int filePosStep; - __int64 retVal = -1; - - if (filePos <= 0 - || buffer == NULL - || strLen > bufSize - || strLen < 1) - { - if (buffer) - free (buffer); - return -1; - } - - src = CreateFile (filePath, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (src == INVALID_HANDLE_VALUE) - { - free (buffer); - return -1; - } - - filePosStep = bufSize - strLen + 1; - - do - { - filePos -= filePosStep; - - if (filePos < 0) - { - filePos = 0; - bExit = TRUE; - } - - seekOffset.QuadPart = filePos; - - if (SetFilePointerEx (src, seekOffset, &seekOffsetNew, FILE_BEGIN) == 0) - goto fsif_end; - - if ((readRetVal = ReadFile (src, buffer, bufSize, &bytesRead, NULL)) == 0 - || bytesRead == 0) - goto fsif_end; - - bufPos = bytesRead - strLen; - - while (bufPos > 0) - { - if (memcmp (buffer + bufPos, str, strLen) == 0) - { - // String found - retVal = filePos + bufPos; - goto fsif_end; - } - bufPos--; - } - - } while (!bExit); - -fsif_end: - CloseHandle (src); - free (buffer); - - return retVal; -} - -// System CopyFile() copies source file attributes (like FILE_ATTRIBUTE_ENCRYPTED) -// so we need to use our own copy function -BOOL TCCopyFileBase (HANDLE src, HANDLE dst) -{ - __int8 *buffer; - FILETIME fileTime; - DWORD bytesRead, bytesWritten; - BOOL res; - - buffer = (char *) malloc (64 * 1024); - if (!buffer) - { - CloseHandle (src); - CloseHandle (dst); - return FALSE; - } - - while (res = ReadFile (src, buffer, 64 * 1024, &bytesRead, NULL)) - { - if (bytesRead == 0) - { - res = 1; - break; - } - - if (!WriteFile (dst, buffer, bytesRead, &bytesWritten, NULL) - || bytesRead != bytesWritten) - { - res = 0; - break; - } - } - - if (GetFileTime (src, NULL, NULL, &fileTime)) - SetFileTime (dst, NULL, NULL, &fileTime); - - CloseHandle (src); - CloseHandle (dst); - - free (buffer); - return res != 0; -} - -BOOL TCCopyFile (wchar_t *sourceFileName, wchar_t *destinationFile) -{ - HANDLE src, dst; - - src = CreateFileW (sourceFileName, - GENERIC_READ, - FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (src == INVALID_HANDLE_VALUE) - return FALSE; - - dst = CreateFileW (destinationFile, - GENERIC_WRITE, - 0, NULL, CREATE_ALWAYS, 0, NULL); - - if (dst == INVALID_HANDLE_VALUE) - { - CloseHandle (src); - return FALSE; - } - - return TCCopyFileBase (src, dst); -} - -// If bAppend is TRUE, the buffer is appended to an existing file. If bAppend is FALSE, any existing file -// is replaced. If an error occurs, the incomplete file is deleted (provided that bAppend is FALSE). -BOOL SaveBufferToFile (const char *inputBuffer, const wchar_t *destinationFile, DWORD inputLength, BOOL bAppend, BOOL bRenameIfFailed) -{ - HANDLE dst; - DWORD bytesWritten; - BOOL res = TRUE; - DWORD dwLastError = 0; - - dst = CreateFile (destinationFile, - GENERIC_WRITE, - FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, bAppend ? OPEN_EXISTING : CREATE_ALWAYS, 0, NULL); - - dwLastError = GetLastError(); - if (!bAppend && bRenameIfFailed && (dst == INVALID_HANDLE_VALUE) && (GetLastError () == ERROR_SHARING_VIOLATION)) - { - wchar_t renamedPath[TC_MAX_PATH + 1]; - StringCbCopyW (renamedPath, sizeof(renamedPath), destinationFile); - StringCbCatW (renamedPath, sizeof(renamedPath), VC_FILENAME_RENAMED_SUFFIX); - - /* rename the locked file in order to be able to create a new one */ - if (MoveFileEx (destinationFile, renamedPath, MOVEFILE_REPLACE_EXISTING)) - { - dst = CreateFile (destinationFile, - GENERIC_WRITE, - FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, CREATE_ALWAYS, 0, NULL); - dwLastError = GetLastError(); - if (dst == INVALID_HANDLE_VALUE) - { - /* restore the original file name */ - MoveFileEx (renamedPath, destinationFile, MOVEFILE_REPLACE_EXISTING); - } - else - { - /* delete the renamed file when the machine reboots */ - MoveFileEx (renamedPath, NULL, MOVEFILE_DELAY_UNTIL_REBOOT); - } - } - } - - if (dst == INVALID_HANDLE_VALUE) - { - SetLastError (dwLastError); - handleWin32Error (MainDlg, SRC_POS); - return FALSE; - } - - if (bAppend) - SetFilePointer (dst, 0, NULL, FILE_END); - - if (!WriteFile (dst, inputBuffer, inputLength, &bytesWritten, NULL) - || inputLength != bytesWritten) - { - res = FALSE; - } - - if (!res) - { - // If CREATE_ALWAYS is used, ERROR_ALREADY_EXISTS is returned after successful overwrite - // of an existing file (it's not an error) - if (! (GetLastError() == ERROR_ALREADY_EXISTS && !bAppend) ) - handleWin32Error (MainDlg, SRC_POS); - } - - CloseHandle (dst); - - if (!res && !bAppend) - _wremove (destinationFile); - - return res; -} - - -// Proper flush for Windows systems. Returns TRUE if successful. -BOOL TCFlushFile (FILE *f) -{ - HANDLE hf = (HANDLE) _get_osfhandle (_fileno (f)); - - fflush (f); - - if (hf == INVALID_HANDLE_VALUE) - return FALSE; - - return FlushFileBuffers (hf) != 0; -} - - -// Prints a UTF-16 text (note that this involves a real printer, not a screen). -// textByteLen - length of the text in bytes -// title - printed as part of the page header and used as the filename for a temporary file -BOOL PrintHardCopyTextUTF16 (wchar_t *text, wchar_t *title, size_t textByteLen) -{ - wchar_t cl [MAX_PATH*3] = {L"/p \""}; - wchar_t path [MAX_PATH * 2] = { 0 }; - wchar_t filename [MAX_PATH + 1] = { 0 }; - - StringCbCopyW (filename, sizeof(filename), title); - //strcat (filename, ".txt"); - - GetTempPath (ARRAYSIZE (path), path); - - if (!FileExists (path)) - { - StringCbCopyW (path, sizeof(path), GetConfigPath (filename)); - - if (wcslen(path) < 2) - return FALSE; - } - else - { - StringCbCatW (path, sizeof(path), filename); - } - - // Write the Unicode signature - if (!SaveBufferToFile ("\xFF\xFE", path, 2, FALSE, FALSE)) - { - _wremove (path); - return FALSE; - } - - // Write the actual text - if (!SaveBufferToFile ((char *) text, path, (DWORD) textByteLen, TRUE, FALSE)) - { - _wremove (path); - return FALSE; - } - - StringCbCatW (cl, sizeof(cl), path); - StringCbCatW (cl, sizeof(cl), L"\""); - - // Get the absolute path for notepad - if (GetWindowsDirectory(filename, MAX_PATH)) - { - if (filename[wcslen (filename) - 1] != L'\\') - StringCbCatW (filename, sizeof(filename), L"\\"); - StringCbCatW(filename, sizeof(filename), PRINT_TOOL); - } - else - StringCbCopyW(filename, sizeof(filename), L"C:\\Windows\\" PRINT_TOOL); - - WaitCursor (); - ShellExecute (NULL, L"open", filename, cl, NULL, SW_HIDE); - Sleep (6000); - NormalCursor(); - - _wremove (path); - - return TRUE; -} - - -BOOL IsNonInstallMode () -{ - HKEY hkey; - DWORD dw; - - if (bPortableModeConfirmed) - return TRUE; - - if (hDriver != INVALID_HANDLE_VALUE) - { - // The driver is running - if (DeviceIoControl (hDriver, TC_IOCTL_GET_PORTABLE_MODE_STATUS, NULL, 0, NULL, 0, &dw, 0)) - { - bPortableModeConfirmed = TRUE; - return TRUE; - } - else - { - // This is also returned if we fail to determine the status (it does not mean that portable mode is disproved). - return FALSE; - } - } - else - { - // The tests in this block are necessary because this function is in some cases called before DriverAttach(). - - HANDLE hDriverTmp = CreateFile (WIN32_ROOT_PREFIX, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (hDriverTmp == INVALID_HANDLE_VALUE) - { - // The driver was not found in the system path - - wchar_t path[MAX_PATH * 2] = { 0 }; - - // We can't use GetConfigPath() here because it would call us back (indirect recursion) - if (SUCCEEDED(SHGetFolderPath (NULL, CSIDL_APPDATA, NULL, 0, path))) - { - StringCbCatW (path, MAX_PATH * 2, L"\\VeraCrypt\\"); - StringCbCatW (path, MAX_PATH * 2, TC_APPD_FILENAME_SYSTEM_ENCRYPTION); - - if (FileExists (path)) - { - // To maintain consistency and safety, if the system encryption config file exits, we cannot - // allow portable mode. (This happens e.g. when the pretest fails and the user selects - // "Last Known Good Configuration" from the Windows boot menu.) - - // However, if UAC elevation is needed, we have to confirm portable mode first (after we are elevated, we won't). - if (!IsAdmin () && IsUacSupported ()) - return TRUE; - - return FALSE; - } - } - - // As the driver was not found in the system path, we can predict that we will run in portable mode - return TRUE; - } - else - CloseHandle (hDriverTmp); - } - - // The following test may be unreliable in some cases (e.g. after the user selects restore "Last Known Good - // Configuration" from the Windows boot menu). - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt", 0, KEY_READ | KEY_WOW64_32KEY, &hkey) == ERROR_SUCCESS) - { - RegCloseKey (hkey); - return FALSE; - } - else - return TRUE; -} - - -LRESULT SetCheckBox (HWND hwndDlg, int dlgItem, BOOL state) -{ - return SendDlgItemMessage (hwndDlg, dlgItem, BM_SETCHECK, state ? BST_CHECKED : BST_UNCHECKED, 0); -} - - -BOOL GetCheckBox (HWND hwndDlg, int dlgItem) -{ - return IsButtonChecked (GetDlgItem (hwndDlg, dlgItem)); -} - - -// Scroll the listview vertically so that the item with index of topMostVisibleItem is the topmost visible item. -void SetListScrollHPos (HWND hList, int topMostVisibleItem) -{ - int testedPos = 0; - - do - { - SendMessage (hList, LVM_SCROLL, 0, testedPos); - - } while (ListView_GetTopIndex (hList) < topMostVisibleItem && ++testedPos < 10000); -} - - -// Adds or removes TrueCrypt.exe to/from the system startup sequence (with appropriate command line arguments) -void ManageStartupSeq (void) -{ - if (!IsNonInstallMode ()) - { - wchar_t regk [64]; - - GetStartupRegKeyName (regk, sizeof(regk)); - - if (bStartOnLogon || bMountDevicesOnLogon || bMountFavoritesOnLogon) - { - wchar_t exe[MAX_PATH * 2] = { L'"' }; - - GetModuleFileName (NULL, exe + 1, ARRAYSIZE (exe) - 1); - -#ifdef VOLFORMAT - { - wchar_t *tmp = NULL; - - if (tmp = wcsrchr (exe, L'\\')) - { - *tmp = 0; - StringCbCatW (exe, MAX_PATH * 2, L"\\VeraCrypt.exe"); - } - } -#endif - StringCbCatW (exe, MAX_PATH * 2, L"\" /q preferences /a logon"); - - if (bMountDevicesOnLogon) StringCbCatW (exe, MAX_PATH * 2, L" /a devices"); - if (bMountFavoritesOnLogon) StringCbCatW (exe, MAX_PATH * 2, L" /a favorites"); - - WriteRegistryString (regk, L"VeraCrypt", exe); - } - else - DeleteRegistryValue (regk, L"VeraCrypt"); - } -} - - -// Adds or removes the VeraCrypt Volume Creation Wizard to/from the system startup sequence -void ManageStartupSeqWiz (BOOL bRemove, const wchar_t *arg) -{ - wchar_t regk [64]; - - GetStartupRegKeyName (regk, sizeof(regk)); - - if (!bRemove) - { - size_t exeSize = (MAX_PATH * 2) + 3 + 20 + wcslen (arg); // enough room for all concatenation operations - wchar_t* exe = (wchar_t*) calloc(1, exeSize * sizeof (wchar_t)); - exe[0] = L'"'; - GetModuleFileName (NULL, exe + 1, (DWORD) (exeSize - 1)); - -#ifndef VOLFORMAT - { - wchar_t *tmp = NULL; - - if (tmp = wcsrchr (exe, L'\\')) - { - *tmp = 0; - - StringCchCatW (exe, exeSize, L"\\VeraCrypt Format.exe"); - } - } -#endif - - if (wcslen (arg) > 0) - { - StringCchCatW (exe, exeSize, L"\" "); - StringCchCatW (exe, exeSize, arg); - } - - WriteRegistryString (regk, L"VeraCrypt Format", exe); - - free(exe); - } - else - DeleteRegistryValue (regk, L"VeraCrypt Format"); -} - - -// Delete the last used Windows file selector path for TrueCrypt from the registry -void CleanLastVisitedMRU (void) -{ - WCHAR exeFilename[MAX_PATH]; - WCHAR *strToMatch; - - WCHAR strTmp[4096]; - WCHAR regPath[128]; - WCHAR key[64]; - int id, len; - - GetModuleFileNameW (NULL, exeFilename, sizeof (exeFilename) / sizeof(exeFilename[0])); - strToMatch = wcsrchr (exeFilename, L'\\') + 1; - - StringCbPrintfW (regPath, sizeof(regPath), L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisited%sMRU", IsOSAtLeast (WIN_VISTA) ? L"Pidl" : L""); - - for (id = (IsOSAtLeast (WIN_VISTA) ? 0 : L'a'); id <= (IsOSAtLeast (WIN_VISTA) ? 1000 : L'z'); id++) - { - *strTmp = 0; - StringCbPrintfW (key, sizeof(key), (IsOSAtLeast (WIN_VISTA) ? L"%d" : L"%c"), id); - - if ((len = ReadRegistryBytes (regPath, key, (char *) strTmp, sizeof (strTmp))) > 0) - { - if (_wcsicmp (strTmp, strToMatch) == 0) - { - char buf[65536], bufout[sizeof (buf)]; - - // Overwrite the entry with zeroes while keeping its original size - memset (strTmp, 0, len); - if (!WriteRegistryBytes (regPath, key, (char *) strTmp, len)) - MessageBoxW (NULL, GetString ("CLEAN_WINMRU_FAILED"), lpszTitle, ICON_HAND); - - DeleteRegistryValue (regPath, key); - - // Remove ID from MRUList - if (IsOSAtLeast (WIN_VISTA)) - { - int *p = (int *)buf; - int *pout = (int *)bufout; - int l; - - l = len = ReadRegistryBytes (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedPidlMRU", L"MRUListEx", buf, sizeof (buf)); - while (l > 0) - { - l -= sizeof (int); - - if (*p == id) - { - p++; - len -= sizeof (int); - continue; - } - *pout++ = *p++; - } - - WriteRegistryBytes (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedPidlMRU", L"MRUListEx", bufout, len); - } - else - { - wchar_t *p = (wchar_t*) buf; - wchar_t *pout = (wchar_t*) bufout; - - ReadRegistryString (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedMRU", L"MRUList", L"", (wchar_t*) buf, sizeof (buf)); - while (*p) - { - if (*p == id) - { - p++; - continue; - } - *pout++ = *p++; - } - *pout++ = 0; - - WriteRegistryString (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedMRU", L"MRUList", (wchar_t*) bufout); - } - - break; - } - } - } -} - - -#ifndef SETUP -void ClearHistory (HWND hwndDlgItem) -{ - ArrowWaitCursor (); - - ClearCombo (hwndDlgItem); - DumpCombo (hwndDlgItem, TRUE); - - CleanLastVisitedMRU (); - - NormalCursor (); -} -#endif // #ifndef SETUP - - -LRESULT ListItemAdd (HWND list, int index, const wchar_t *string) -{ - LVITEM li; - memset (&li, 0, sizeof(li)); - - li.mask = LVIF_TEXT; - li.pszText = (wchar_t*) string; - li.iItem = index; - li.iSubItem = 0; - return ListView_InsertItem (list, &li); -} - - -LRESULT ListSubItemSet (HWND list, int index, int subIndex, const wchar_t *string) -{ - LVITEM li; - memset (&li, 0, sizeof(li)); - - li.mask = LVIF_TEXT; - li.pszText = (wchar_t*) string; - li.iItem = index; - li.iSubItem = subIndex; - return ListView_SetItem (list, &li); -} - - -BOOL GetMountList (MOUNT_LIST_STRUCT *list) -{ - DWORD dwResult; - - memset (list, 0, sizeof (*list)); - return DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, list, - sizeof (*list), list, sizeof (*list), &dwResult, - NULL); -} - - -int GetDriverRefCount () -{ - DWORD dwResult; - BOOL bResult; - int refCount; - - bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DEVICE_REFCOUNT, &refCount, sizeof (refCount), &refCount, - sizeof (refCount), &dwResult, NULL); - - if (bResult) - return refCount; - else - return -1; -} - -// Loads a 32-bit integer from the file at the specified file offset. The saved value is assumed to have been -// processed by mputLong(). The result is stored in *result. Returns TRUE if successful (otherwise FALSE). -BOOL LoadInt32 (const wchar_t *filePath, unsigned __int32 *result, __int64 fileOffset) -{ - DWORD bufSize = sizeof(__int32); - unsigned char *buffer = (unsigned char *) malloc (bufSize); - unsigned char *bufferPtr = buffer; - HANDLE src = NULL; - DWORD bytesRead; - LARGE_INTEGER seekOffset, seekOffsetNew; - BOOL retVal = FALSE; - - if (buffer == NULL) - return -1; - - src = CreateFile (filePath, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (src == INVALID_HANDLE_VALUE) - { - free (buffer); - return FALSE; - } - - seekOffset.QuadPart = fileOffset; - - if (SetFilePointerEx (src, seekOffset, &seekOffsetNew, FILE_BEGIN) == 0) - goto fsif_end; - - if (ReadFile (src, buffer, bufSize, &bytesRead, NULL) == 0 - || bytesRead != bufSize) - goto fsif_end; - - - retVal = TRUE; - - *result = mgetLong(bufferPtr); - -fsif_end: - CloseHandle (src); - free (buffer); - - return retVal; -} - -// Loads a 16-bit integer from the file at the specified file offset. The saved value is assumed to have been -// processed by mputWord(). The result is stored in *result. Returns TRUE if successful (otherwise FALSE). -BOOL LoadInt16 (const wchar_t *filePath, int *result, __int64 fileOffset) -{ - DWORD bufSize = sizeof(__int16); - unsigned char *buffer = (unsigned char *) malloc (bufSize); - unsigned char *bufferPtr = buffer; - HANDLE src = NULL; - DWORD bytesRead; - LARGE_INTEGER seekOffset, seekOffsetNew; - BOOL retVal = FALSE; - - if (buffer == NULL) - return -1; - - src = CreateFile (filePath, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (src == INVALID_HANDLE_VALUE) - { - free (buffer); - return FALSE; - } - - seekOffset.QuadPart = fileOffset; - - if (SetFilePointerEx (src, seekOffset, &seekOffsetNew, FILE_BEGIN) == 0) - goto fsif_end; - - if (ReadFile (src, buffer, bufSize, &bytesRead, NULL) == 0 - || bytesRead != bufSize) - goto fsif_end; - - - retVal = TRUE; - - *result = mgetWord(bufferPtr); - -fsif_end: - CloseHandle (src); - free (buffer); - - return retVal; -} - -// Returns NULL if there's any error. Although the buffer can contain binary data, it is always null-terminated. -char *LoadFile (const wchar_t *fileName, DWORD *size) -{ - char *buf; - DWORD fileSize = INVALID_FILE_SIZE; - HANDLE h = CreateFile (fileName, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - if (h == INVALID_HANDLE_VALUE) - return NULL; - - if ((fileSize = GetFileSize (h, NULL)) == INVALID_FILE_SIZE) - { - CloseHandle (h); - return NULL; - } - - *size = fileSize; - buf = (char *) calloc (*size + 1, 1); - - if (buf == NULL) - { - CloseHandle (h); - return NULL; - } - - if (!ReadFile (h, buf, *size, size, NULL)) - { - free (buf); - buf = NULL; - } - - CloseHandle (h); - return buf; -} - - -// Returns NULL if there's any error. -char *LoadFileBlock (const wchar_t *fileName, __int64 fileOffset, DWORD count) -{ - char *buf; - DWORD bytesRead = 0; - LARGE_INTEGER seekOffset, seekOffsetNew; - BOOL bStatus; - - HANDLE h = CreateFile (fileName, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - if (h == INVALID_HANDLE_VALUE) - return NULL; - - seekOffset.QuadPart = fileOffset; - - if (SetFilePointerEx (h, seekOffset, &seekOffsetNew, FILE_BEGIN) == 0) - { - CloseHandle (h); - return NULL; - } - - buf = (char *) calloc (count, 1); - - if (buf == NULL) - { - CloseHandle (h); - return NULL; - } - - bStatus = ReadFile (h, buf, count, &bytesRead, NULL); - - CloseHandle (h); - - if (!bStatus || (bytesRead != count)) - { - free (buf); - return NULL; - } - - return buf; -} - - -// Returns -1 if there is an error, or the size of the file. -__int64 GetFileSize64 (const wchar_t *path) -{ - HANDLE h = CreateFile (path, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - LARGE_INTEGER size; - __int64 retSize = -1; - - if (h) - { - if (GetFileSizeEx (h, &size)) - { - retSize = size.QuadPart; - } - - CloseHandle (h); - } - - return retSize; -} - - -wchar_t *GetModPath (wchar_t *path, int maxSize) -{ - GetModuleFileName (NULL, path, maxSize); - wchar_t* ptr = wcsrchr (path, L'\\'); - if (ptr) - ptr[1] = 0; - return path; -} - - -wchar_t *GetConfigPath (wchar_t *fileName) -{ - static wchar_t path[MAX_PATH * 2] = { 0 }; - - if (IsNonInstallMode ()) - { - GetModPath (path, ARRAYSIZE (path)); - StringCchCatW (path, (MAX_PATH * 2), fileName); - - return path; - } - - if (SUCCEEDED(SHGetFolderPath (NULL, CSIDL_APPDATA | CSIDL_FLAG_CREATE, NULL, 0, path))) - { - StringCchCatW (path, (MAX_PATH * 2), L"\\VeraCrypt\\"); - CreateDirectory (path, NULL); - StringCchCatW (path, (MAX_PATH * 2), fileName); - } - else - path[0] = 0; - - return path; -} - - -wchar_t *GetProgramConfigPath (wchar_t *fileName) -{ - static wchar_t path[MAX_PATH * 2] = { 0 }; - - if (SUCCEEDED (SHGetFolderPath (NULL, CSIDL_COMMON_APPDATA | CSIDL_FLAG_CREATE, NULL, 0, path))) - { - StringCchCatW (path, (MAX_PATH * 2), L"\\VeraCrypt\\"); - CreateDirectory (path, NULL); - StringCchCatW (path, (MAX_PATH * 2), fileName); - } - else - path[0] = 0; - - return path; -} - - -std::wstring GetServiceConfigPath (const wchar_t *fileName, bool useLegacy) -{ - wchar_t sysPath[TC_MAX_PATH]; - - if (Is64BitOs() && useLegacy) - { - typedef UINT (WINAPI *GetSystemWow64Directory_t) (LPWSTR lpBuffer, UINT uSize); - - GetSystemWow64Directory_t getSystemWow64Directory = (GetSystemWow64Directory_t) GetProcAddress (GetModuleHandle (L"kernel32"), "GetSystemWow64DirectoryW"); - getSystemWow64Directory (sysPath, ARRAYSIZE (sysPath)); - } - else - GetSystemDirectory (sysPath, ARRAYSIZE (sysPath)); - - return wstring (sysPath) + L"\\" + fileName; -} - - -// Returns 0 if an error occurs or the drive letter (as an upper-case char) of the system partition (e.g. 'C'); -wchar_t GetSystemDriveLetter (void) -{ - wchar_t systemDir [MAX_PATH]; - - if (GetSystemDirectory (systemDir, ARRAYSIZE (systemDir))) - return (wchar_t) (towupper (systemDir [0])); - else - return 0; -} - - -void TaskBarIconDisplayBalloonTooltip (HWND hwnd, wchar_t *headline, wchar_t *text, BOOL warning) -{ - if (nCurrentOS == WIN_2000) - { - MessageBoxW (MainDlg, text, headline, warning ? MB_ICONWARNING : MB_ICONINFORMATION); - return; - } - - NOTIFYICONDATAW tnid; - - ZeroMemory (&tnid, sizeof (tnid)); - - tnid.cbSize = sizeof (tnid); - tnid.hWnd = hwnd; - tnid.uID = IDI_TRUECRYPT_ICON; - //tnid.uVersion = (IsOSAtLeast (WIN_VISTA) ? NOTIFYICON_VERSION_4 : NOTIFYICON_VERSION); - - //Shell_NotifyIconW (NIM_SETVERSION, &tnid); - - tnid.uFlags = NIF_INFO; - tnid.dwInfoFlags = (warning ? NIIF_WARNING : NIIF_INFO); - tnid.uTimeout = (IsOSAtLeast (WIN_VISTA) ? 1000 : 5000); // in ms - - StringCbCopyW (tnid.szInfoTitle, sizeof(tnid.szInfoTitle), headline); - StringCbCopyW (tnid.szInfo, sizeof(tnid.szInfo),text); - - // Display the balloon tooltip quickly twice in a row to avoid the slow and unwanted "fade-in" phase - Shell_NotifyIconW (NIM_MODIFY, &tnid); - Shell_NotifyIconW (NIM_MODIFY, &tnid); -} - - -// Either of the pointers may be NULL -void InfoBalloon (char *headingStringId, char *textStringId, HWND hwnd) -{ - if (Silent) - return; - - TaskBarIconDisplayBalloonTooltip (hwnd, - headingStringId == NULL ? L"VeraCrypt" : GetString (headingStringId), - textStringId == NULL ? L" " : GetString (textStringId), - FALSE); -} - - -// Either of the pointers may be NULL -void InfoBalloonDirect (wchar_t *headingString, wchar_t *textString, HWND hwnd) -{ - if (Silent) - return; - - TaskBarIconDisplayBalloonTooltip (hwnd, - headingString == NULL ? L"VeraCrypt" : headingString, - textString == NULL ? L" " : textString, - FALSE); -} - - -// Either of the pointers may be NULL -void WarningBalloon (char *headingStringId, char *textStringId, HWND hwnd) -{ - if (Silent) - return; - - TaskBarIconDisplayBalloonTooltip (hwnd, - headingStringId == NULL ? L"VeraCrypt" : GetString (headingStringId), - textStringId == NULL ? L" " : GetString (textStringId), - TRUE); -} - - -// Either of the pointers may be NULL -void WarningBalloonDirect (wchar_t *headingString, wchar_t *textString, HWND hwnd) -{ - if (Silent) - return; - - TaskBarIconDisplayBalloonTooltip (hwnd, - headingString == NULL ? L"VeraCrypt" : headingString, - textString == NULL ? L" " : textString, - TRUE); -} - - -int Info (char *stringId, HWND hwnd) -{ - if (Silent) return 0; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONINFORMATION); -} - - -int InfoTopMost (char *stringId, HWND hwnd) -{ - if (Silent) return 0; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONINFORMATION | MB_SETFOREGROUND | MB_TOPMOST); -} - - -int InfoDirect (const wchar_t *msg, HWND hwnd) -{ - if (Silent) return 0; - return MessageBoxW (hwnd, msg, lpszTitle, MB_ICONINFORMATION); -} - - -int Warning (char *stringId, HWND hwnd) -{ - if (Silent) return 0; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING); -} - - -int WarningTopMost (char *stringId, HWND hwnd) -{ - if (Silent) return 0; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); -} - - -int WarningDirect (const wchar_t *warnMsg, HWND hwnd) -{ - if (Silent) return 0; - return MessageBoxW (hwnd, warnMsg, lpszTitle, MB_ICONWARNING); -} - - -int Error (char *stringId, HWND hwnd) -{ - if (Silent) return 0; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONERROR); -} - -int ErrorRetryCancel (char *stringId, HWND hwnd) -{ - if (Silent) return 0; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONERROR | MB_RETRYCANCEL); -} - -int ErrorTopMost (char *stringId, HWND hwnd) -{ - if (Silent) return 0; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONERROR | MB_SETFOREGROUND | MB_TOPMOST); -} - - -int ErrorDirect (const wchar_t *errMsg, HWND hwnd) -{ - if (Silent) return 0; - return MessageBoxW (hwnd, errMsg, lpszTitle, MB_ICONERROR); -} - - -int AskYesNo (char *stringId, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONQUESTION | MB_YESNO | MB_DEFBUTTON1); -} - - -int AskYesNoString (const wchar_t *str, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, str, lpszTitle, MB_ICONQUESTION | MB_YESNO | MB_DEFBUTTON1); -} - - -int AskYesNoTopmost (char *stringId, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONQUESTION | MB_YESNO | MB_DEFBUTTON1 | MB_SETFOREGROUND | MB_TOPMOST); -} - - -int AskNoYes (char *stringId, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONQUESTION | MB_YESNO | MB_DEFBUTTON2); -} - -int AskNoYesString (const wchar_t *string, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, string, lpszTitle, MB_ICONQUESTION | MB_YESNO | MB_DEFBUTTON2); -} - -int AskOkCancel (char *stringId, HWND hwnd) -{ - if (Silent) return IDCANCEL; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONQUESTION | MB_OKCANCEL | MB_DEFBUTTON1); -} - - -int AskWarnYesNo (char *stringId, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON1); -} - - -int AskWarnYesNoString (const wchar_t *string, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, string, lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON1); -} - - -int AskWarnYesNoTopmost (char *stringId, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON1 | MB_SETFOREGROUND | MB_TOPMOST); -} - - -int AskWarnYesNoStringTopmost (const wchar_t *string, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, string, lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON1 | MB_SETFOREGROUND | MB_TOPMOST); -} - - -int AskWarnNoYes (char *stringId, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON2); -} - - -int AskWarnNoYesString (const wchar_t *string, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, string, lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON2); -} - - -int AskWarnNoYesTopmost (char *stringId, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON2 | MB_SETFOREGROUND | MB_TOPMOST); -} - - -int AskWarnOkCancel (char *stringId, HWND hwnd) -{ - if (Silent) return IDCANCEL; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_OKCANCEL | MB_DEFBUTTON1); -} - - -int AskWarnCancelOk (char *stringId, HWND hwnd) -{ - if (Silent) return IDCANCEL; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_OKCANCEL | MB_DEFBUTTON2); -} - - -int AskErrYesNo (char *stringId, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONERROR | MB_YESNO | MB_DEFBUTTON1); -} - - -int AskErrNoYes (char *stringId, HWND hwnd) -{ - if (Silent) return IDNO; - return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONERROR | MB_YESNO | MB_DEFBUTTON2); -} - - -// The function accepts two input formats: -// Input format 1: {0, "MESSAGE_STRING_ID", "BUTTON_1_STRING_ID", ... "LAST_BUTTON_STRING_ID", 0}; -// Input format 2: {L"", L"Message text", L"Button caption 1", ... L"Last button caption", 0}; -// The second format is to be used if any of the strings contains format specification (e.g. %s, %d) or -// in any other cases where a string needs to be resolved before calling this function. -// The returned value is the ordinal number of the choice the user selected (1..MAX_MULTI_CHOICES) -int AskMultiChoice (void *strings[], BOOL bBold, HWND hwnd) -{ - MULTI_CHOICE_DLGPROC_PARAMS params; - - params.strings = &strings[0]; - params.bold = bBold; - - return (int) DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_MULTI_CHOICE_DLG), hwnd, - (DLGPROC) MultiChoiceDialogProc, (LPARAM) ¶ms); -} - - -BOOL ConfigWriteBegin () -{ - DWORD size; - if (ConfigFileHandle != NULL) - return FALSE; - - if (ConfigBuffer == NULL) - ConfigBuffer = LoadFile (GetConfigPath (TC_APPD_FILENAME_CONFIGURATION), &size); - - ConfigFileHandle = _wfopen (GetConfigPath (TC_APPD_FILENAME_CONFIGURATION), L"w,ccs=UTF-8"); - if (ConfigFileHandle == NULL) - { - free (ConfigBuffer); - ConfigBuffer = NULL; - return FALSE; - } - XmlWriteHeader (ConfigFileHandle); - fputws (L"\n\t", ConfigFileHandle); - - return TRUE; -} - - -BOOL ConfigWriteEnd (HWND hwnd) -{ - char *xml = ConfigBuffer; - char key[128], value[2048]; - - if (ConfigFileHandle == NULL) return FALSE; - - // Write unmodified values - while (xml && (xml = XmlFindElement (xml, "config"))) - { - XmlGetAttributeText (xml, "key", key, sizeof (key)); - XmlGetNodeText (xml, value, sizeof (value)); - - fwprintf (ConfigFileHandle, L"\n\t\t%hs", key, value); - xml++; - } - - fputws (L"\n\t", ConfigFileHandle); - XmlWriteFooter (ConfigFileHandle); - - TCFlushFile (ConfigFileHandle); - - CheckFileStreamWriteErrors (hwnd, ConfigFileHandle, TC_APPD_FILENAME_CONFIGURATION); - - fclose (ConfigFileHandle); - ConfigFileHandle = NULL; - - if (ConfigBuffer != NULL) - { - DWORD size; - free (ConfigBuffer); - ConfigBuffer = LoadFile (GetConfigPath (TC_APPD_FILENAME_CONFIGURATION), &size); - } - - return TRUE; -} - - -BOOL ConfigWriteString (char *configKey, char *configValue) -{ - char *c; - if (ConfigFileHandle == NULL) - return FALSE; - - // Mark previous config value as updated - if (ConfigBuffer != NULL) - { - c = XmlFindElementByAttributeValue (ConfigBuffer, "config", "key", configKey); - if (c != NULL) - c[1] = '!'; - } - - return 0 != fwprintf ( - ConfigFileHandle, L"\n\t\t%hs", - configKey, configValue); -} - -BOOL ConfigWriteStringW (char *configKey, wchar_t *configValue) -{ - char *c; - if (ConfigFileHandle == NULL) - return FALSE; - - // Mark previous config value as updated - if (ConfigBuffer != NULL) - { - c = XmlFindElementByAttributeValue (ConfigBuffer, "config", "key", configKey); - if (c != NULL) - c[1] = '!'; - } - - return 0 != fwprintf ( - ConfigFileHandle, L"\n\t\t%ls", - configKey, configValue); -} - -BOOL ConfigWriteInt (char *configKey, int configValue) -{ - char val[32]; - StringCbPrintfA (val, sizeof(val), "%d", configValue); - return ConfigWriteString (configKey, val); -} - - -static BOOL ConfigRead (char *configKey, char *configValue, int maxValueSize) -{ - DWORD size; - char *xml; - - if (ConfigBuffer == NULL) - ConfigBuffer = LoadFile (GetConfigPath (TC_APPD_FILENAME_CONFIGURATION), &size); - - xml = ConfigBuffer; - if (xml != NULL) - { - xml = XmlFindElementByAttributeValue (xml, "config", "key", configKey); - if (xml != NULL) - { - XmlGetNodeText (xml, configValue, maxValueSize); - return TRUE; - } - } - - return FALSE; -} - - -int ConfigReadInt (char *configKey, int defaultValue) -{ - char s[32]; - - if (ConfigRead (configKey, s, sizeof (s))) - return atoi (s); - else - return defaultValue; -} - - -char *ConfigReadString (char *configKey, char *defaultValue, char *str, int maxLen) -{ - if (ConfigRead (configKey, str, maxLen)) - return str; - else - { - StringCbCopyA (str, maxLen, defaultValue); - return defaultValue; - } -} - -void ConfigReadCompareInt(char *configKey, int defaultValue, int* pOutputValue, BOOL bOnlyCheckModified, BOOL* pbModified) -{ - int intValue = ConfigReadInt (configKey, defaultValue); - if (pOutputValue) - { - if (pbModified && (*pOutputValue != intValue)) - *pbModified = TRUE; - if (!bOnlyCheckModified) - *pOutputValue = intValue; - } -} - -void ConfigReadCompareString (char *configKey, char *defaultValue, char *str, int maxLen, BOOL bOnlyCheckModified, BOOL *pbModified) -{ - char *strValue = (char*) malloc (maxLen); - if (strValue) - { - memcpy (strValue, str, maxLen); - - ConfigReadString (configKey, defaultValue, strValue, maxLen); - - if (pbModified && strcmp (str, strValue)) - *pbModified = TRUE; - if (!bOnlyCheckModified) - memcpy(str, strValue, maxLen); - - free (strValue); - } - else - { - /* allocation failed. Suppose that value changed */ - if (pbModified) - *pbModified = TRUE; - if (!bOnlyCheckModified) - ConfigReadString (configKey, defaultValue, str, maxLen); - - } -} - -void OpenPageHelp (HWND hwndDlg, int nPage) -{ - int r = (int)ShellExecuteW (NULL, L"open", szHelpFile, NULL, NULL, SW_SHOWNORMAL); - - if (r == ERROR_FILE_NOT_FOUND) - { - // Try the secondary help file - r = (int)ShellExecuteW (NULL, L"open", szHelpFile2, NULL, NULL, SW_SHOWNORMAL); - - if (r == ERROR_FILE_NOT_FOUND) - { - OpenOnlineHelp (); - return; - } - } - - if (r == SE_ERR_NOASSOC) - { - if (AskYesNo ("HELP_READER_ERROR", MainDlg) == IDYES) - OpenOnlineHelp (); - } -} - - -void OpenOnlineHelp () -{ - Applink ("help", TRUE, ""); -} - - -#ifndef SETUP - -void RestoreDefaultKeyFilesParam (void) -{ - KeyFileRemoveAll (&FirstKeyFile); - if (defaultKeyFilesParam.FirstKeyFile != NULL) - { - KeyFileCloneAll (defaultKeyFilesParam.FirstKeyFile, &FirstKeyFile); - KeyFilesEnable = defaultKeyFilesParam.EnableKeyFiles; - } - else - KeyFilesEnable = FALSE; -} - - -BOOL LoadDefaultKeyFilesParam (void) -{ - BOOL status = TRUE; - DWORD size; - char *defaultKeyfilesFile = LoadFile (GetConfigPath (TC_APPD_FILENAME_DEFAULT_KEYFILES), &size); - char *xml = defaultKeyfilesFile; - KeyFile *kf; - - if (xml == NULL) - return FALSE; - - KeyFileRemoveAll (&defaultKeyFilesParam.FirstKeyFile); - - while (xml = XmlFindElement (xml, "keyfile")) - { - kf = (KeyFile *) malloc (sizeof (KeyFile)); - if (kf) - { - char fileName [MAX_PATH + 1]; - if (XmlGetNodeText (xml, fileName, sizeof (fileName)) != NULL) - { - std::wstring wszFileName = Utf8StringToWide(fileName); - StringCbCopyW (kf->FileName, sizeof (kf->FileName), wszFileName.c_str ()); - defaultKeyFilesParam.FirstKeyFile = KeyFileAdd (defaultKeyFilesParam.FirstKeyFile, kf); - } - else - free (kf); - } - else - { - KeyFileRemoveAll (&defaultKeyFilesParam.FirstKeyFile); - status = FALSE; - break; - } - - xml++; - } - - free (defaultKeyfilesFile); - if (status) - KeyFilesEnable = defaultKeyFilesParam.EnableKeyFiles; - - return status; -} - -#endif /* #ifndef SETUP */ - - -void Debug (char *format, ...) -{ - char buf[1024]; - va_list val; - - va_start(val, format); - StringCbVPrintfA (buf, sizeof (buf), format, val); - va_end(val); - - OutputDebugStringA (buf); -} - - -void DebugMsgBox (char *format, ...) -{ - char buf[1024]; - va_list val; - - va_start(val, format); - StringCbVPrintfA (buf, sizeof (buf), format, val); - va_end(val); - - MessageBoxA (MainDlg, buf, "VeraCrypt debug", 0); -} - - -BOOL IsOSAtLeast (OSVersionEnum reqMinOS) -{ - return IsOSVersionAtLeast (reqMinOS, 0); -} - - -// Returns TRUE if the operating system is at least reqMinOS and service pack at least reqMinServicePack. -// Example 1: IsOSVersionAtLeast (WIN_VISTA, 1) called under Windows 2008, returns TRUE. -// Example 2: IsOSVersionAtLeast (WIN_XP, 3) called under Windows XP SP1, returns FALSE. -// Example 3: IsOSVersionAtLeast (WIN_XP, 3) called under Windows Vista SP1, returns TRUE. -BOOL IsOSVersionAtLeast (OSVersionEnum reqMinOS, int reqMinServicePack) -{ - /* When updating this function, update IsOSAtLeast() in Ntdriver.c too. */ - - if (CurrentOSMajor <= 0) - TC_THROW_FATAL_EXCEPTION; - - int major = 0, minor = 0; - - switch (reqMinOS) - { - case WIN_2000: major = 5; minor = 0; break; - case WIN_XP: major = 5; minor = 1; break; - case WIN_SERVER_2003: major = 5; minor = 2; break; - case WIN_VISTA: major = 6; minor = 0; break; - case WIN_7: major = 6; minor = 1; break; - case WIN_8: major = 6; minor = 2; break; - case WIN_8_1: major = 6; minor = 3; break; - case WIN_10: major = 10; minor = 0; break; - - default: - TC_THROW_FATAL_EXCEPTION; - break; - } - - return ((CurrentOSMajor << 16 | CurrentOSMinor << 8 | CurrentOSServicePack) - >= (major << 16 | minor << 8 | reqMinServicePack)); -} - - -BOOL Is64BitOs () -{ -#ifdef _WIN64 - return TRUE; -#else - static BOOL isWow64 = FALSE; - static BOOL valid = FALSE; - typedef BOOL (__stdcall *LPFN_ISWOW64PROCESS ) (HANDLE hProcess,PBOOL Wow64Process); - LPFN_ISWOW64PROCESS fnIsWow64Process; - - if (valid) - return isWow64; - - fnIsWow64Process = (LPFN_ISWOW64PROCESS) GetProcAddress (GetModuleHandle(L"kernel32"), "IsWow64Process"); - - if (fnIsWow64Process != NULL) - if (!fnIsWow64Process (GetCurrentProcess(), &isWow64)) - isWow64 = FALSE; - - valid = TRUE; - return isWow64; -#endif -} - - -BOOL IsServerOS () -{ - OSVERSIONINFOEXW osVer; - osVer.dwOSVersionInfoSize = sizeof (OSVERSIONINFOEXW); - GetVersionExW ((LPOSVERSIONINFOW) &osVer); - - return (osVer.wProductType == VER_NT_SERVER || osVer.wProductType == VER_NT_DOMAIN_CONTROLLER); -} - - -// Returns TRUE, if the currently running operating system is installed in a hidden volume. If it's not, or if -// there's an error, returns FALSE. -BOOL IsHiddenOSRunning (void) -{ - static BOOL statusCached = FALSE; - static BOOL hiddenOSRunning; - - if (!statusCached) - { - try - { - hiddenOSRunning = BootEncryption (MainDlg).IsHiddenSystemRunning(); - } - catch (...) - { - hiddenOSRunning = FALSE; - } - - statusCached = TRUE; - } - - return hiddenOSRunning; -} - - -BOOL EnableWow64FsRedirection (BOOL enable) -{ - typedef BOOLEAN (__stdcall *Wow64EnableWow64FsRedirection_t) (BOOL enable); - Wow64EnableWow64FsRedirection_t wow64EnableWow64FsRedirection = (Wow64EnableWow64FsRedirection_t) GetProcAddress (GetModuleHandle (L"kernel32"), "Wow64EnableWow64FsRedirection"); - - if (!wow64EnableWow64FsRedirection) - return FALSE; - - return wow64EnableWow64FsRedirection (enable); -} - - -BOOL RestartComputer (void) -{ - TOKEN_PRIVILEGES tokenPrivil; - HANDLE hTkn; - - if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY|TOKEN_ADJUST_PRIVILEGES, &hTkn)) - { - return false; - } - - LookupPrivilegeValue (NULL, SE_SHUTDOWN_NAME, &tokenPrivil.Privileges[0].Luid); - tokenPrivil.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; - tokenPrivil.PrivilegeCount = 1; - - AdjustTokenPrivileges (hTkn, false, &tokenPrivil, 0, (PTOKEN_PRIVILEGES) NULL, 0); - if (GetLastError() != ERROR_SUCCESS) - { - CloseHandle(hTkn); - return false; - } - - if (!ExitWindowsEx (EWX_REBOOT, - SHTDN_REASON_MAJOR_OTHER | SHTDN_REASON_MINOR_OTHER | SHTDN_REASON_FLAG_PLANNED)) - { - CloseHandle(hTkn); - return false; - } - - CloseHandle(hTkn); - return true; -} - - -std::wstring GetWindowsEdition () -{ - wstring osname = L"win"; - - OSVERSIONINFOEXW osVer; - osVer.dwOSVersionInfoSize = sizeof (OSVERSIONINFOEXW); - GetVersionExW ((LPOSVERSIONINFOW) &osVer); - - BOOL home = (osVer.wSuiteMask & VER_SUITE_PERSONAL); - BOOL server = (osVer.wProductType == VER_NT_SERVER || osVer.wProductType == VER_NT_DOMAIN_CONTROLLER); - - HKEY hkey; - wchar_t productName[300] = {0}; - DWORD productNameSize = sizeof (productName); - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", 0, KEY_QUERY_VALUE, &hkey) == ERROR_SUCCESS) - { - if (RegQueryValueEx (hkey, L"ProductName", 0, 0, (LPBYTE) &productName, &productNameSize) != ERROR_SUCCESS || productNameSize < 1) - productName[0] = 0; - - RegCloseKey (hkey); - } - - switch (nCurrentOS) - { - case WIN_2000: - osname += L"2000"; - break; - - case WIN_XP: - case WIN_XP64: - osname += L"xp"; - osname += home ? L"-home" : L"-pro"; - break; - - case WIN_SERVER_2003: - osname += L"2003"; - break; - - case WIN_VISTA: - osname += L"vista"; - break; - - case WIN_SERVER_2008: - osname += L"2008"; - break; - - case WIN_7: - osname += L"7"; - break; - - case WIN_SERVER_2008_R2: - osname += L"2008r2"; - break; - - default: - wstringstream s; - s << CurrentOSMajor << L"." << CurrentOSMinor; - osname += s.str(); - break; - } - - if (server) - osname += L"-server"; - - if (IsOSAtLeast (WIN_VISTA)) - { - if (home) - osname += L"-home"; - else if (wcsstr (productName, L"Standard") != 0) - osname += L"-standard"; - else if (wcsstr (productName, L"Professional") != 0) - osname += L"-pro"; - else if (wcsstr (productName, L"Business") != 0) - osname += L"-business"; - else if (wcsstr (productName, L"Enterprise") != 0) - osname += L"-enterprise"; - else if (wcsstr (productName, L"Datacenter") != 0) - osname += L"-datacenter"; - else if (wcsstr (productName, L"Ultimate") != 0) - osname += L"-ultimate"; - } - - if (GetSystemMetrics (SM_STARTER)) - osname += L"-starter"; - else if (wcsstr (productName, L"Basic") != 0) - osname += L"-basic"; - - if (Is64BitOs()) - osname += L"-x64"; - - if (CurrentOSServicePack > 0) - { - wstringstream s; - s << L"-sp" << CurrentOSServicePack; - osname += s.str(); - } - - return osname; -} - - -void Applink (char *dest, BOOL bSendOS, char *extraOutput) -{ - char url [MAX_URL_LENGTH]; - - ArrowWaitCursor (); - - // sprintf_s (url, sizeof (url), TC_APPLINK "%s%s&dest=%s", bSendOS ? ("&os=" + GetWindowsEdition()).c_str() : "", extraOutput, dest); - if (strcmp(dest, "donate") == 0) - { - StringCbCopyA (url, sizeof (url),"https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=5BCXVMTTNJDCY"); - } - else if (strcmp(dest, "main") == 0) - { - StringCbCopyA (url, sizeof (url),TC_HOMEPAGE); - } - else if (strcmp(dest,"localizations") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Language%20Packs"); - } - else if (strcmp(dest, "beginnerstutorial") == 0 || strcmp(dest,"tutorial") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Beginner%27s%20Tutorial"); - } - else if (strcmp(dest, "releasenotes") == 0 || strcmp(dest, "history") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Release%20Notes"); - } - else if (strcmp(dest, "hwacceleration") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Hardware%20Acceleration"); - } - else if (strcmp(dest, "parallelization") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Parallelization"); - } - else if (strcmp(dest, "help") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/documentation"); - } - else if (strcmp(dest, "keyfiles") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Keyfiles"); - } - else if (strcmp(dest, "introcontainer") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Creating%20New%20Volumes"); - } - else if (strcmp(dest, "introsysenc") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=System%20Encryption"); - } - else if (strcmp(dest, "hiddensysenc") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=VeraCrypt%20Hidden%20Operating%20System"); - } - else if (strcmp(dest, "sysencprogressinfo") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=System%20Encryption"); - } - else if (strcmp(dest, "hiddenvolume") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Hidden%20Volume"); - } - else if (strcmp(dest, "aes") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=AES"); - } - else if (strcmp(dest, "serpent") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Serpent"); - } - else if (strcmp(dest, "twofish") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Twofish"); - } - else if (strcmp(dest, "cascades") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Cascades"); - } - else if (strcmp(dest, "hashalgorithms") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Hash%20Algorithms"); - } - else if (strcmp(dest, "isoburning") == 0) - { - StringCbCopyA (url, sizeof (url),"https://cdburnerxp.se/en/home"); - } - else if (strcmp(dest, "sysfavorites") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=System%20Favorite%20Volumes"); - } - else if (strcmp(dest, "favorites") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Favorite%20Volumes"); - } - else if (strcmp(dest, "hiddenvolprotection") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Protection%20of%20Hidden%20Volumes"); - } - else if (strcmp(dest, "faq") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=FAQ"); - } - else if (strcmp(dest, "downloads") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Downloads"); - } - else if (strcmp(dest, "news") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=News"); - } - else if (strcmp(dest, "contact") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Contact"); - } - else if (strcmp(dest, "pim") == 0) - { - StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Personal%20Iterations%20Multiplier%20%28PIM%29"); - } - else - { - StringCbCopyA (url, sizeof (url),TC_APPLINK); - } - ShellExecuteA (NULL, "open", url, NULL, NULL, SW_SHOWNORMAL); - - Sleep (200); - NormalCursor (); -} - - -wchar_t *RelativePath2Absolute (wchar_t *szFileName) -{ - if (szFileName[0] != L'\\' - && wcschr (szFileName, L':') == 0 - && wcsstr (szFileName, L"Volume{") != szFileName) - { - wchar_t path[MAX_PATH*2]; - GetCurrentDirectory (MAX_PATH, path); - - if (path[wcslen (path) - 1] != L'\\') - StringCbCatW (path, (MAX_PATH * 2), L"\\"); - - StringCbCatW (path, (MAX_PATH * 2), szFileName); - StringCbCopyW (szFileName, MAX_PATH + 1, path); // szFileName size is always at least (MAX_PATH + 1) - } - - return szFileName; -} - - -void HandleDriveNotReadyError (HWND hwnd) -{ - HKEY hkey = 0; - DWORD value = 0, size = sizeof (DWORD); - - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Services\\MountMgr", - 0, KEY_READ, &hkey) != ERROR_SUCCESS) - return; - - if (RegQueryValueEx (hkey, L"NoAutoMount", 0, 0, (LPBYTE) &value, &size) == ERROR_SUCCESS - && value != 0) - { - Warning ("SYS_AUTOMOUNT_DISABLED", hwnd); - } - else if (nCurrentOS == WIN_VISTA && CurrentOSServicePack < 1) - Warning ("SYS_ASSIGN_DRIVE_LETTER", hwnd); - else - Warning ("DEVICE_NOT_READY_ERROR", hwnd); - - RegCloseKey (hkey); -} - - -BOOL CALLBACK CloseTCWindowsEnum (HWND hwnd, LPARAM lParam) -{ - LONG_PTR userDataVal = GetWindowLongPtrW (hwnd, GWLP_USERDATA); - if ((userDataVal == (LONG_PTR) 'VERA') || (userDataVal == (LONG_PTR) 'TRUE')) // Prior to 1.0e, 'TRUE' was used for VeraCrypt dialogs - { - wchar_t name[1024] = { 0 }; - GetWindowText (hwnd, name, ARRAYSIZE (name) - 1); - if (hwnd != MainDlg && wcsstr (name, L"VeraCrypt")) - { - PostMessage (hwnd, TC_APPMSG_CLOSE_BKG_TASK, 0, 0); - - PostMessage (hwnd, WM_CLOSE, 0, 0); - - if (lParam != 0) - *((BOOL *)lParam) = TRUE; - } - } - return TRUE; -} - -BOOL CALLBACK FindTCWindowEnum (HWND hwnd, LPARAM lParam) -{ - if (*(HWND *)lParam == hwnd) - return TRUE; - - LONG_PTR userDataVal = GetWindowLongPtrW (hwnd, GWLP_USERDATA); - if ((userDataVal == (LONG_PTR) 'VERA') || (userDataVal == (LONG_PTR) 'TRUE')) // Prior to 1.0e, 'TRUE' was used for VeraCrypt dialogs - { - wchar_t name[32] = { 0 }; - GetWindowText (hwnd, name, ARRAYSIZE (name) - 1); - if (hwnd != MainDlg && wcscmp (name, L"VeraCrypt") == 0) - { - if (lParam != 0) - *((HWND *)lParam) = hwnd; - } - } - return TRUE; -} - - -BYTE *MapResource (wchar_t *resourceType, int resourceId, PDWORD size) -{ - HGLOBAL hResL; - HRSRC hRes; - - hRes = FindResource (NULL, MAKEINTRESOURCE(resourceId), resourceType); - hResL = LoadResource (NULL, hRes); - - if (size != NULL) - *size = SizeofResource (NULL, hRes); - - return (BYTE *) LockResource (hResL); -} - - -void InconsistencyResolved (char *techInfo) -{ - wchar_t finalMsg[8024]; - - StringCbPrintfW (finalMsg, sizeof(finalMsg), GetString ("INCONSISTENCY_RESOLVED"), techInfo); - MessageBoxW (MainDlg, finalMsg, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); -} - - -void ReportUnexpectedState (char *techInfo) -{ - wchar_t finalMsg[8024]; - - StringCbPrintfW (finalMsg, sizeof(finalMsg), GetString ("UNEXPECTED_STATE"), techInfo); - MessageBoxW (MainDlg, finalMsg, lpszTitle, MB_ICONERROR | MB_SETFOREGROUND | MB_TOPMOST); -} - - -#ifndef SETUP - -int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader) -{ - int status = ERR_PARAMETER_INCORRECT; - int volumeType; - wchar_t szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH]; - wchar_t szDosDevice[TC_MAX_PATH]; - char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; - LARGE_INTEGER headerOffset; - DWORD dwResult; - DISK_GEOMETRY deviceGeometry; - - context->VolumeIsOpen = FALSE; - context->CryptoInfo = NULL; - context->HostFileHandle = INVALID_HANDLE_VALUE; - context->TimestampsValid = FALSE; - - CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), volumePath, &context->IsDevice); - - if (context->IsDevice) - { - status = FakeDosNameForDevice (szDiskFile, szDosDevice, sizeof(szDosDevice), szCFDevice, sizeof(szCFDevice), FALSE); - if (status != 0) - return status; - - preserveTimestamps = FALSE; - - if (!GetDriveGeometry (volumePath, &deviceGeometry)) - { - status = ERR_OS_ERROR; - goto error; - } - } - else - StringCbCopyW (szCFDevice, sizeof(szCFDevice), szDiskFile); - - if (preserveTimestamps) - write = TRUE; - - context->HostFileHandle = CreateFile (szCFDevice, GENERIC_READ | (write ? GENERIC_WRITE : 0), FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (context->HostFileHandle == INVALID_HANDLE_VALUE) - { - status = ERR_OS_ERROR; - goto error; - } - - if (context->IsDevice) - { - // Try to gain "raw" access to the partition in case there is a live filesystem on it (otherwise, - // the NTFS driver guards hidden sectors and prevents e.g. header backup restore after the user - // accidentally quick-formats a dismounted partition-hosted TrueCrypt volume as NTFS, etc.) - - DeviceIoControl (context->HostFileHandle, FSCTL_ALLOW_EXTENDED_DASD_IO, NULL, 0, NULL, 0, &dwResult, NULL); - } - - context->VolumeIsOpen = TRUE; - - // Remember the container modification/creation date and time - if (!context->IsDevice && preserveTimestamps) - { - if (GetFileTime (context->HostFileHandle, &context->CreationTime, &context->LastAccessTime, &context->LastWriteTime) == 0) - context->TimestampsValid = FALSE; - else - context->TimestampsValid = TRUE; - } - - // Determine host size - if (context->IsDevice) - { - PARTITION_INFORMATION diskInfo; - - if (GetPartitionInfo (volumePath, &diskInfo)) - { - context->HostSize = diskInfo.PartitionLength.QuadPart; - } - else - { - DISK_GEOMETRY driveInfo; - - if (!DeviceIoControl (context->HostFileHandle, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &driveInfo, sizeof (driveInfo), &dwResult, NULL)) - { - status = ERR_OS_ERROR; - goto error; - } - - context->HostSize = driveInfo.Cylinders.QuadPart * driveInfo.BytesPerSector * driveInfo.SectorsPerTrack * driveInfo.TracksPerCylinder; - } - - if (context->HostSize == 0) - { - status = ERR_VOL_SIZE_WRONG; - goto error; - } - } - else - { - LARGE_INTEGER fileSize; - if (!GetFileSizeEx (context->HostFileHandle, &fileSize)) - { - status = ERR_OS_ERROR; - goto error; - } - - context->HostSize = fileSize.QuadPart; - } - - for (volumeType = TC_VOLUME_TYPE_NORMAL; volumeType < TC_VOLUME_TYPE_COUNT; volumeType++) - { - // Seek the volume header - switch (volumeType) - { - case TC_VOLUME_TYPE_NORMAL: - headerOffset.QuadPart = useBackupHeader ? context->HostSize - TC_VOLUME_HEADER_GROUP_SIZE : TC_VOLUME_HEADER_OFFSET; - break; - - case TC_VOLUME_TYPE_HIDDEN: - if (TC_HIDDEN_VOLUME_HEADER_OFFSET + TC_VOLUME_HEADER_SIZE > context->HostSize) - continue; - - headerOffset.QuadPart = useBackupHeader ? context->HostSize - TC_VOLUME_HEADER_SIZE : TC_HIDDEN_VOLUME_HEADER_OFFSET; - break; - - } - - if (!SetFilePointerEx ((HANDLE) context->HostFileHandle, headerOffset, NULL, FILE_BEGIN)) - { - status = ERR_OS_ERROR; - goto error; - } - - // Read volume header - DWORD bytesRead; - if (!ReadEffectiveVolumeHeader (context->IsDevice, context->HostFileHandle, (byte *) buffer, &bytesRead)) - { - status = ERR_OS_ERROR; - goto error; - } - - if (bytesRead != sizeof (buffer) - && context->IsDevice) - { - // If FSCTL_ALLOW_EXTENDED_DASD_IO failed and there is a live filesystem on the partition, then the - // filesystem driver may report EOF when we are reading hidden sectors (when the filesystem is - // shorter than the partition). This can happen for example after the user quick-formats a dismounted - // partition-hosted TrueCrypt volume and then tries to read the embedded backup header. - - memset (buffer, 0, sizeof (buffer)); - } - - // Decrypt volume header - status = ReadVolumeHeader (FALSE, buffer, password, pkcs5_prf, pim, truecryptMode, &context->CryptoInfo, NULL); - - if (status == ERR_PASSWORD_WRONG) - continue; // Try next volume type - - break; - } - - if (status == ERR_SUCCESS) - return status; - -error: - DWORD sysError = GetLastError (); - - CloseVolume (context); - - SetLastError (sysError); - return status; -} - - -void CloseVolume (OpenVolumeContext *context) -{ - if (!context->VolumeIsOpen) - return; - - if (context->HostFileHandle != INVALID_HANDLE_VALUE) - { - if (context->TimestampsValid) - SetFileTime (context->HostFileHandle, &context->CreationTime, &context->LastAccessTime, &context->LastWriteTime); - - CloseHandle (context->HostFileHandle); - context->HostFileHandle = INVALID_HANDLE_VALUE; - } - - if (context->CryptoInfo) - { - crypto_close (context->CryptoInfo); - context->CryptoInfo = NULL; - } - - context->VolumeIsOpen = FALSE; -} - - -int ReEncryptVolumeHeader (HWND hwndDlg, char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode) -{ - CRYPTO_INFO *newCryptoInfo = NULL; - - RandSetHashFunction (cryptoInfo->pkcs5); - - if (Randinit() != ERR_SUCCESS) - { - if (CryptoAPILastError == ERROR_SUCCESS) - return ERR_RAND_INIT_FAILED; - else - return ERR_CAPI_INIT_FAILED; - } - - UserEnrichRandomPool (NULL); - - int status = CreateVolumeHeaderInMemory (hwndDlg, bBoot, - buffer, - cryptoInfo->ea, - cryptoInfo->mode, - password, - cryptoInfo->pkcs5, - pim, - (char *) cryptoInfo->master_keydata, - &newCryptoInfo, - cryptoInfo->VolumeSize.Value, - cryptoInfo->hiddenVolume ? cryptoInfo->hiddenVolumeSize : 0, - cryptoInfo->EncryptedAreaStart.Value, - cryptoInfo->EncryptedAreaLength.Value, - cryptoInfo->RequiredProgramVersion, - cryptoInfo->HeaderFlags, - cryptoInfo->SectorSize, - wipeMode); - - if (newCryptoInfo != NULL) - crypto_close (newCryptoInfo); - - return status; -} - -#endif // !SETUP - - -BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly) -{ - // GlobalMemoryStatusEx() cannot be used to determine if a paging file is active - - wchar_t data[65536]; - DWORD size = sizeof (data); - - if (IsPagingFileWildcardActive()) - return TRUE; - - if (ReadLocalMachineRegistryMultiString (L"System\\CurrentControlSet\\Control\\Session Manager\\Memory Management", L"PagingFiles", data, &size) - && size > 24 && !checkNonWindowsPartitionsOnly) - return TRUE; - - if (!IsAdmin()) - AbortProcess ("UAC_INIT_ERROR"); - - for (wchar_t drive = L'C'; drive <= L'Z'; ++drive) - { - // Query geometry of the drive first to prevent "no medium" pop-ups - wstring drivePath = L"\\\\.\\X:"; - drivePath[4] = drive; - - if (checkNonWindowsPartitionsOnly) - { - wchar_t sysDir[MAX_PATH]; - if (GetSystemDirectory (sysDir, ARRAYSIZE (sysDir)) != 0 && towupper (sysDir[0]) == drive) - continue; - } - - HANDLE handle = CreateFile (drivePath.c_str(), GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (handle == INVALID_HANDLE_VALUE) - continue; - - DISK_GEOMETRY driveInfo; - DWORD dwResult; - - if (!DeviceIoControl (handle, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &driveInfo, sizeof (driveInfo), &dwResult, NULL)) - { - CloseHandle (handle); - continue; - } - - CloseHandle (handle); - - // Test if a paging file exists and is locked by another process - wstring path = L"X:\\pagefile.sys"; - path[0] = drive; - - handle = CreateFile (path.c_str(), GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL); - - if (handle != INVALID_HANDLE_VALUE) - CloseHandle (handle); - else if (GetLastError() == ERROR_SHARING_VIOLATION) - return TRUE; - } - - return FALSE; -} - - -BOOL IsPagingFileWildcardActive () -{ - wchar_t pagingFiles[65536]; - DWORD size = sizeof (pagingFiles); - wchar_t *mmKey = L"System\\CurrentControlSet\\Control\\Session Manager\\Memory Management"; - - if (!ReadLocalMachineRegistryString (mmKey, L"PagingFiles", pagingFiles, &size)) - { - size = sizeof (pagingFiles); - if (!ReadLocalMachineRegistryMultiString (mmKey, L"PagingFiles", pagingFiles, &size)) - size = 0; - } - - return size > 0 && wcsstr (pagingFiles, L"?:\\") == pagingFiles; -} - - -BOOL DisablePagingFile () -{ - wchar_t empty[] = { 0, 0 }; - return WriteLocalMachineRegistryMultiString (L"System\\CurrentControlSet\\Control\\Session Manager\\Memory Management", L"PagingFiles", empty, sizeof (empty)); -} - - -std::wstring SingleStringToWide (const std::string &singleString) -{ - if (singleString.empty()) - return std::wstring(); - - WCHAR wbuf[65536]; - int wideLen = MultiByteToWideChar (CP_ACP, 0, singleString.c_str(), -1, wbuf, array_capacity (wbuf) - 1); - - // We don't throw exception here and only return empty string. - // All calls to this function use valid strings. - // throw_sys_if (wideLen == 0); - - wbuf[wideLen] = 0; - return wbuf; -} - - -std::wstring Utf8StringToWide (const std::string &utf8String) -{ - if (utf8String.empty()) - return std::wstring(); - - WCHAR wbuf[65536]; - int wideLen = MultiByteToWideChar (CP_UTF8, 0, utf8String.c_str(), -1, wbuf, array_capacity (wbuf) - 1); - throw_sys_if (wideLen == 0); - - wbuf[wideLen] = 0; - return wbuf; -} - - -std::string WideToUtf8String (const std::wstring &wideString) -{ - if (wideString.empty()) - return std::string(); - - char buf[65536]; - int len = WideCharToMultiByte (CP_UTF8, 0, wideString.c_str(), -1, buf, array_capacity (buf) - 1, NULL, NULL); - throw_sys_if (len == 0); - - buf[len] = 0; - return buf; -} - - -#ifndef SETUP - -BOOL CALLBACK SecurityTokenPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - static string *password; - - switch (msg) - { - case WM_INITDIALOG: - { - password = (string *) lParam; - LocalizeDialog (hwndDlg, "IDD_TOKEN_PASSWORD"); - - wchar_t s[1024]; - StringCbPrintfW (s, sizeof(s), GetString ("ENTER_TOKEN_PASSWORD"), Utf8StringToWide (password->c_str()).c_str()); - SetWindowTextW (GetDlgItem (hwndDlg, IDT_TOKEN_PASSWORD_INFO), s); - - SendMessage (GetDlgItem (hwndDlg, IDC_TOKEN_PASSWORD), EM_LIMITTEXT, SecurityToken::MaxPasswordLength, 0); - - SetForegroundWindow (hwndDlg); - SetFocus (GetDlgItem (hwndDlg, IDC_TOKEN_PASSWORD)); - } - return 0; - - case WM_COMMAND: - if (lw == IDCANCEL || lw == IDOK) - { - if (lw == IDOK) - { - wchar_t passwordWide[SecurityToken::MaxPasswordLength + 1]; - - if (GetWindowTextW (GetDlgItem (hwndDlg, IDC_TOKEN_PASSWORD), passwordWide, SecurityToken::MaxPasswordLength + 1) == 0) - { - handleWin32Error (hwndDlg, SRC_POS); - break; - } - - char passwordUtf8[SecurityToken::MaxPasswordLength + 1]; - - int len = WideCharToMultiByte (CP_UTF8, 0, passwordWide, -1, passwordUtf8, array_capacity (passwordUtf8) - 1, nullptr, nullptr); - passwordUtf8[len] = 0; - *password = passwordUtf8; - - burn (passwordWide, sizeof (passwordWide)); - burn (passwordUtf8, sizeof (passwordUtf8)); - } - - // Attempt to wipe password stored in the input field buffer - wchar_t tmp[SecurityToken::MaxPasswordLength+1]; - wmemset (tmp, 'X', SecurityToken::MaxPasswordLength); - tmp[SecurityToken::MaxPasswordLength] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_TOKEN_PASSWORD), tmp); - - EndDialog (hwndDlg, lw); - } - return 1; - } - - return 0; -} - - -struct NewSecurityTokenKeyfileDlgProcParams -{ - CK_SLOT_ID SlotId; - string Name; -}; - -static BOOL CALLBACK NewSecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - static NewSecurityTokenKeyfileDlgProcParams *newParams; - - WORD lw = LOWORD (wParam); - switch (msg) - { - case WM_INITDIALOG: - { - LocalizeDialog (hwndDlg, "IDD_NEW_TOKEN_KEYFILE"); - - newParams = (NewSecurityTokenKeyfileDlgProcParams *) lParam; - - WaitCursor(); - finally_do ({ NormalCursor(); }); - - list tokens; - - try - { - tokens = SecurityToken::GetAvailableTokens(); - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - - if (tokens.empty()) - { - Error ("NO_TOKENS_FOUND", hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - foreach (const SecurityTokenInfo &token, tokens) - { - wstringstream tokenLabel; - tokenLabel << L"[" << token.SlotId << L"] " << token.Label; - - AddComboPair (GetDlgItem (hwndDlg, IDC_SELECTED_TOKEN), tokenLabel.str().c_str(), token.SlotId); - } - - ComboBox_SetCurSel (GetDlgItem (hwndDlg, IDC_SELECTED_TOKEN), 0); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_TOKEN_KEYFILE_NAME), Utf8StringToWide (newParams->Name).c_str()); - return 1; - } - - case WM_COMMAND: - switch (lw) - { - case IDOK: - { - int selectedToken = ComboBox_GetCurSel (GetDlgItem (hwndDlg, IDC_SELECTED_TOKEN)); - if (selectedToken == CB_ERR) - { - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - newParams->SlotId = (CK_SLOT_ID) ComboBox_GetItemData (GetDlgItem (hwndDlg, IDC_SELECTED_TOKEN), selectedToken); - - wchar_t name[1024]; - if (GetWindowTextW (GetDlgItem (hwndDlg, IDC_TOKEN_KEYFILE_NAME), name, array_capacity (name)) != 0) - { - try - { - newParams->Name = WideToUtf8String (name); - } - catch (...) { } - } - - EndDialog (hwndDlg, IDOK); - return 1; - } - - case IDCANCEL: - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - if (HIWORD (wParam) == EN_CHANGE) - { - wchar_t name[2]; - EnableWindow (GetDlgItem (hwndDlg, IDOK), (GetWindowTextW (GetDlgItem (hwndDlg, IDC_TOKEN_KEYFILE_NAME), name, array_capacity (name)) != 0)); - return 1; - } - } - - return 0; -} - - -static void SecurityTokenKeyfileDlgFillList (HWND hwndDlg, const vector &keyfiles) -{ - HWND tokenListControl = GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST); - LVITEMW lvItem; - int line = 0; - - ListView_DeleteAllItems (tokenListControl); - - foreach (const SecurityTokenKeyfile &keyfile, keyfiles) - { - memset (&lvItem, 0, sizeof(lvItem)); - lvItem.mask = LVIF_TEXT; - lvItem.iItem = line++; - - wstringstream s; - s << keyfile.SlotId; - - ListItemAdd (tokenListControl, lvItem.iItem, (wchar_t *) s.str().c_str()); - ListSubItemSet (tokenListControl, lvItem.iItem, 1, (wchar_t *) keyfile.Token.Label.c_str()); - ListSubItemSet (tokenListControl, lvItem.iItem, 2, (wchar_t *) keyfile.Id.c_str()); - } - - BOOL selected = (ListView_GetNextItem (GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST), -1, LVIS_SELECTED) != -1); - EnableWindow (GetDlgItem (hwndDlg, IDC_EXPORT), selected); - EnableWindow (GetDlgItem (hwndDlg, IDC_DELETE), selected); -} - - -static list SecurityTokenKeyfileDlgGetSelected (HWND hwndDlg, const vector &keyfiles) -{ - HWND tokenListControl = GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST); - list selectedKeyfiles; - - int itemId = -1; - while ((itemId = ListView_GetNextItem (tokenListControl, itemId, LVIS_SELECTED)) != -1) - { - selectedKeyfiles.push_back (keyfiles[itemId]); - } - - return selectedKeyfiles; -} - - -BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - static list *selectedTokenKeyfiles; - static vector keyfiles; - - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - selectedTokenKeyfiles = (list *) lParam; - - LVCOLUMNW LvCol; - HWND tokenListControl = GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST); - - LocalizeDialog (hwndDlg, selectedTokenKeyfiles ? "SELECT_TOKEN_KEYFILES" : "IDD_TOKEN_KEYFILES"); - - SendMessage (tokenListControl,LVM_SETEXTENDEDLISTVIEWSTYLE, 0, - LVS_EX_FULLROWSELECT|LVS_EX_HEADERDRAGDROP|LVS_EX_TWOCLICKACTIVATE|LVS_EX_LABELTIP - ); - - memset (&LvCol, 0, sizeof(LvCol)); - LvCol.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; - LvCol.pszText = GetString ("TOKEN_SLOT_ID"); - LvCol.cx = CompensateXDPI (40); - LvCol.fmt = LVCFMT_CENTER; - SendMessage (tokenListControl, LVM_INSERTCOLUMNW, 1, (LPARAM)&LvCol); - - LvCol.pszText = GetString ("TOKEN_NAME"); - LvCol.cx = CompensateXDPI (128); - LvCol.fmt = LVCFMT_LEFT; - SendMessage (tokenListControl, LVM_INSERTCOLUMNW, 2, (LPARAM)&LvCol); - - LvCol.pszText = GetString ("TOKEN_DATA_OBJECT_LABEL"); - LvCol.cx = CompensateXDPI (195); - LvCol.fmt = LVCFMT_LEFT; - SendMessage (tokenListControl, LVM_INSERTCOLUMNW, 3, (LPARAM)&LvCol); - - keyfiles.clear(); - - try - { - WaitCursor(); - finally_do ({ NormalCursor(); }); - - keyfiles = SecurityToken::GetAvailableKeyfiles(); - } - catch (UserAbort&) - { - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - catch (Exception &e) - { - e.Show (hwndDlg); - - if (keyfiles.empty()) - { - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - } - - SecurityTokenKeyfileDlgFillList (hwndDlg, keyfiles); - return 1; - } - - case WM_COMMAND: - case WM_NOTIFY: - if (msg == WM_COMMAND && lw == IDOK || msg == WM_NOTIFY && ((NMHDR *)lParam)->code == LVN_ITEMACTIVATE) - { - if (selectedTokenKeyfiles) - { - foreach (const SecurityTokenKeyfile &keyfile, SecurityTokenKeyfileDlgGetSelected (hwndDlg, keyfiles)) - { - selectedTokenKeyfiles->push_back (SecurityTokenKeyfilePath (keyfile)); - } - } - - EndDialog (hwndDlg, IDOK); - return 1; - } - - if (msg == WM_NOTIFY && ((LPNMHDR) lParam)->code == LVN_ITEMCHANGED) - { - BOOL selected = (ListView_GetNextItem (GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST), -1, LVIS_SELECTED) != -1); - EnableWindow (GetDlgItem (hwndDlg, IDC_EXPORT), selected); - EnableWindow (GetDlgItem (hwndDlg, IDC_DELETE), selected); - return 1; - } - - if (msg == WM_COMMAND) - { - switch (lw) - { - case IDCANCEL: - EndDialog (hwndDlg, IDCANCEL); - return 1; - - case IDC_IMPORT_KEYFILE: - { - wchar_t keyfilePath[TC_MAX_PATH]; - - if (BrowseFiles (hwndDlg, "SELECT_KEYFILE", keyfilePath, bHistory, FALSE, NULL)) - { - DWORD keyfileSize; - byte *keyfileData = (byte *) LoadFile (keyfilePath, &keyfileSize); - if (!keyfileData) - { - handleWin32Error (hwndDlg, SRC_POS); - return 1; - } - - if (keyfileSize != 0) - { - NewSecurityTokenKeyfileDlgProcParams newParams; - newParams.Name = WideToUtf8String (keyfilePath); - - size_t lastBackSlash = newParams.Name.find_last_of ('\\'); - if (lastBackSlash != string::npos) - newParams.Name = newParams.Name.substr (lastBackSlash + 1); - - if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_NEW_TOKEN_KEYFILE), hwndDlg, (DLGPROC) NewSecurityTokenKeyfileDlgProc, (LPARAM) &newParams) == IDOK) - { - vector keyfileDataVector (keyfileSize); - memcpy (&keyfileDataVector.front(), keyfileData, keyfileSize); - - try - { - WaitCursor(); - finally_do ({ NormalCursor(); }); - - SecurityToken::CreateKeyfile (newParams.SlotId, keyfileDataVector, newParams.Name); - - keyfiles = SecurityToken::GetAvailableKeyfiles(); - SecurityTokenKeyfileDlgFillList (hwndDlg, keyfiles); - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - - burn (&keyfileDataVector.front(), keyfileSize); - } - } - else - { - SetLastError (ERROR_HANDLE_EOF); - handleWin32Error (hwndDlg, SRC_POS); - } - - burn (keyfileData, keyfileSize); - TCfree (keyfileData); - } - - return 1; - } - - case IDC_EXPORT: - { - try - { - foreach (const SecurityTokenKeyfile &keyfile, SecurityTokenKeyfileDlgGetSelected (hwndDlg, keyfiles)) - { - wchar_t keyfilePath[TC_MAX_PATH]; - - if (!BrowseFiles (hwndDlg, "OPEN_TITLE", keyfilePath, bHistory, TRUE, NULL)) - break; - - { - WaitCursor(); - finally_do ({ NormalCursor(); }); - - vector keyfileData; - - SecurityToken::GetKeyfileData (keyfile, keyfileData); - - if (keyfileData.empty()) - { - SetLastError (ERROR_HANDLE_EOF); - handleWin32Error (hwndDlg, SRC_POS); - return 1; - } - - finally_do_arg (vector *, &keyfileData, { burn (&finally_arg->front(), finally_arg->size()); }); - - if (!SaveBufferToFile ((char *) &keyfileData.front(), keyfilePath, (DWORD) keyfileData.size(), FALSE, FALSE)) - throw SystemException (SRC_POS); - } - - Info ("KEYFILE_EXPORTED", hwndDlg); - } - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - - return 1; - } - - case IDC_DELETE: - { - if (AskNoYes ("CONFIRM_SEL_FILES_DELETE", hwndDlg) == IDNO) - return 1; - - try - { - WaitCursor(); - finally_do ({ NormalCursor(); }); - - foreach (const SecurityTokenKeyfile &keyfile, SecurityTokenKeyfileDlgGetSelected (hwndDlg, keyfiles)) - { - SecurityToken::DeleteKeyfile (keyfile); - } - - keyfiles = SecurityToken::GetAvailableKeyfiles(); - SecurityTokenKeyfileDlgFillList (hwndDlg, keyfiles); - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - - return 1; - } - } - } - return 0; - } - return 0; -} - - -BOOL InitSecurityTokenLibrary (HWND hwndDlg) -{ - if (SecurityTokenLibraryPath[0] == 0) - { - Error ("NO_PKCS11_MODULE_SPECIFIED", hwndDlg); - return FALSE; - } - - struct PinRequestHandler : public GetPinFunctor - { - HWND m_hwnd; - PinRequestHandler(HWND hwnd) : m_hwnd(hwnd) {} - virtual void operator() (string &str) - { - HWND hParent = IsWindow (m_hwnd)? m_hwnd : GetActiveWindow(); - if (!hParent) - hParent = GetForegroundWindow (); - if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_TOKEN_PASSWORD), hParent, (DLGPROC) SecurityTokenPasswordDlgProc, (LPARAM) &str) == IDCANCEL) - throw UserAbort (SRC_POS); - - if (hCursor != NULL) - SetCursor (hCursor); - } - }; - - struct WarningHandler : public SendExceptionFunctor - { - HWND m_hwnd; - WarningHandler(HWND hwnd) : m_hwnd(hwnd) {} - virtual void operator() (const Exception &e) - { - HWND hParent = IsWindow (m_hwnd)? m_hwnd : GetActiveWindow(); - if (!hParent) - hParent = GetForegroundWindow (); - e.Show (hParent); - } - }; - - try - { - SecurityToken::InitLibrary (SecurityTokenLibraryPath, auto_ptr (new PinRequestHandler(MainDlg)), auto_ptr (new WarningHandler(MainDlg))); - } - catch (Exception &e) - { - e.Show (hwndDlg); - Error ("PKCS11_MODULE_INIT_FAILED", hwndDlg); - return FALSE; - } - - return TRUE; -} - -#endif // !SETUP - -std::vector GetAvailableHostDevices (bool noDeviceProperties, bool singleList, bool noFloppy, bool detectUnencryptedFilesystems) -{ - vector devices; - size_t dev0; - - for (int devNumber = 0; devNumber < MAX_HOST_DRIVE_NUMBER; devNumber++) - { - for (int partNumber = 0; partNumber < MAX_HOST_PARTITION_NUMBER; partNumber++) - { - wstringstream strm; - strm << L"\\Device\\Harddisk" << devNumber << L"\\Partition" << partNumber; - wstring devPathStr (strm.str()); - const wchar_t *devPath = devPathStr.c_str(); - - OPEN_TEST_STRUCT openTest = {0}; - if (!OpenDevice (devPath, &openTest, detectUnencryptedFilesystems && partNumber != 0, FALSE, NULL)) - { - if (partNumber == 0) - break; - - continue; - } - - HostDevice device; - device.SystemNumber = devNumber; - device.Path = devPath; - - PARTITION_INFORMATION partInfo; - - if (GetPartitionInfo (devPath, &partInfo)) - { - device.Bootable = partInfo.BootIndicator ? true : false; - device.Size = partInfo.PartitionLength.QuadPart; - } - else - { - // retrieve size using DISK_GEOMETRY - DISK_GEOMETRY deviceGeometry = {0}; - if ( GetDriveGeometry (devPath, &deviceGeometry) - || ((partNumber == 0) && GetPhysicalDriveGeometry (devNumber, &deviceGeometry)) - ) - { - device.Size = deviceGeometry.Cylinders.QuadPart * (LONGLONG) deviceGeometry.BytesPerSector - * (LONGLONG) deviceGeometry.SectorsPerTrack * (LONGLONG) deviceGeometry.TracksPerCylinder; - } - } - - device.HasUnencryptedFilesystem = (detectUnencryptedFilesystems && openTest.FilesystemDetected) ? true : false; - - if (!noDeviceProperties) - { - DISK_GEOMETRY geometry; - - int driveNumber = GetDiskDeviceDriveLetter ((wchar_t *) devPathStr.c_str()); - - if (driveNumber >= 0) - { - device.MountPoint += (wchar_t) (driveNumber + L'A'); - device.MountPoint += L":"; - - wchar_t name[64]; - if (GetDriveLabel (driveNumber, name, sizeof (name))) - device.Name = name; - - if (GetSystemDriveLetter() == L'A' + driveNumber) - device.ContainsSystem = true; - } - - if (partNumber == 0 && GetDriveGeometry (devPath, &geometry)) - device.Removable = (geometry.MediaType == RemovableMedia); - } - - if (partNumber == 0) - { - devices.push_back (device); - dev0 = devices.size() - 1; - } - else - { - // System creates a virtual partition1 for some storage devices without - // partition table. We try to detect this case by comparing sizes of - // partition0 and partition1. If they match, no partition of the device - // is displayed to the user to avoid confusion. Drive letter assigned by - // system to partition1 is assigned partition0 - if (partNumber == 1 && devices[dev0].Size == device.Size) - { - devices[dev0].IsVirtualPartition = true; - devices[dev0].MountPoint = device.MountPoint; - devices[dev0].Name = device.Name; - devices[dev0].Path = device.Path; - devices[dev0].HasUnencryptedFilesystem = device.HasUnencryptedFilesystem; - break; - } - - device.IsPartition = true; - device.SystemNumber = partNumber; - device.Removable = devices[dev0].Removable; - - if (device.ContainsSystem) - devices[dev0].ContainsSystem = true; - - if (singleList) - devices.push_back (device); - - devices[dev0].Partitions.push_back (device); - } - } - } - - // Vista does not create partition links for dynamic volumes so it is necessary to scan \\Device\\HarddiskVolumeX devices - if (CurrentOSMajor >= 6) - { - for (int devNumber = 0; devNumber < 256; devNumber++) - { - wstringstream strm; - strm << L"\\Device\\HarddiskVolume" << devNumber; - wstring devPathStr (strm.str()); - const wchar_t *devPath = devPathStr.c_str(); - - OPEN_TEST_STRUCT openTest = {0}; - if (!OpenDevice (devPath, &openTest, detectUnencryptedFilesystems, FALSE, NULL)) - continue; - - DISK_PARTITION_INFO_STRUCT info; - if (GetDeviceInfo (devPath, &info) && info.IsDynamic) - { - HostDevice device; - device.DynamicVolume = true; - device.IsPartition = true; - device.SystemNumber = devNumber; - device.Path = devPath; - device.Size = info.partInfo.PartitionLength.QuadPart; - device.HasUnencryptedFilesystem = (detectUnencryptedFilesystems && openTest.FilesystemDetected) ? true : false; - - if (!noDeviceProperties) - { - int driveNumber = GetDiskDeviceDriveLetter ((wchar_t *) devPathStr.c_str()); - - if (driveNumber >= 0) - { - device.MountPoint += (wchar_t) (driveNumber + L'A'); - device.MountPoint += L":"; - - wchar_t name[64]; - if (GetDriveLabel (driveNumber, name, sizeof (name))) - device.Name = name; - - if (GetSystemDriveLetter() == L'A' + driveNumber) - device.ContainsSystem = true; - } - } - - devices.push_back (device); - } - } - } - - return devices; -} - -wstring FindDeviceByVolumeID (const BYTE volumeID [VOLUME_ID_SIZE]) -{ - /* if it is already mounted, get the real path name used for mounting */ - MOUNT_LIST_STRUCT mlist; - DWORD dwResult; - - memset (&mlist, 0, sizeof (mlist)); - DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist, - sizeof (mlist), &mlist, sizeof (mlist), &dwResult, - NULL); - - for (int i=0 ; i < 26; i++) - { - if (0 == memcmp (mlist.volumeID[i], volumeID, VOLUME_ID_SIZE)) - return mlist.wszVolume[i]; - } - - /* not mounted. Look for it in the local drives*/ - for (int devNumber = 0; devNumber < MAX_HOST_DRIVE_NUMBER; devNumber++) - { - for (int partNumber = 0; partNumber < MAX_HOST_PARTITION_NUMBER; partNumber++) - { - wstringstream strm; - strm << L"\\Device\\Harddisk" << devNumber << L"\\Partition" << partNumber; - wstring devPathStr (strm.str()); - const wchar_t *devPath = devPathStr.c_str(); - - OPEN_TEST_STRUCT openTest = {0}; - if (!OpenDevice (devPath, &openTest, FALSE, TRUE, volumeID)) - { - continue; - } - - if (openTest.VolumeIDMatched) - return devPath; - } - } - - return L""; -} - -BOOL FileHasReadOnlyAttribute (const wchar_t *path) -{ - DWORD attributes = GetFileAttributes (path); - return attributes != INVALID_FILE_ATTRIBUTES && (attributes & FILE_ATTRIBUTE_READONLY) != 0; -} - - -BOOL IsFileOnReadOnlyFilesystem (const wchar_t *path) -{ - wchar_t root[MAX_PATH]; - if (!GetVolumePathName (path, root, ARRAYSIZE (root))) - return FALSE; - - DWORD flags, d; - if (!GetVolumeInformation (root, NULL, 0, NULL, &d, &flags, NULL, 0)) - return FALSE; - - return (flags & FILE_READ_ONLY_VOLUME) ? TRUE : FALSE; -} - - -void CheckFilesystem (HWND hwndDlg, int driveNo, BOOL fixErrors) -{ - wchar_t msg[1024], param[1024], cmdPath[MAX_PATH]; - wchar_t driveRoot[] = { L'A' + (wchar_t) driveNo, L':', 0 }; - - if (fixErrors && AskWarnYesNo ("FILESYS_REPAIR_CONFIRM_BACKUP", hwndDlg) == IDNO) - return; - - StringCbPrintfW (msg, sizeof(msg), GetString (fixErrors ? "REPAIRING_FS" : "CHECKING_FS"), driveRoot); - StringCbPrintfW (param, sizeof(param), fixErrors ? L"/C echo %s & chkdsk %s /F /X & pause" : L"/C echo %s & chkdsk %s & pause", msg, driveRoot); - - if (GetSystemDirectoryW(cmdPath, MAX_PATH)) - { - StringCbCatW(cmdPath, sizeof(cmdPath), L"\\cmd.exe"); - } - else - StringCbCopyW(cmdPath, sizeof(cmdPath), L"C:\\Windows\\System32\\cmd.exe"); - - ShellExecuteW (NULL, (!IsAdmin() && IsUacSupported()) ? L"runas" : L"open", cmdPath, param, NULL, SW_SHOW); -} - - -BOOL BufferContainsString (const byte *buffer, size_t bufferSize, const char *str) -{ - size_t strLen = strlen (str); - - if (bufferSize < strLen) - return FALSE; - - bufferSize -= strLen; - - for (size_t i = 0; i < bufferSize; ++i) - { - if (memcmp (buffer + i, str, strLen) == 0) - return TRUE; - } - - return FALSE; -} - - -#ifndef SETUP - -int AskNonSysInPlaceEncryptionResume (HWND hwndDlg, BOOL *pbDecrypt) -{ - if (AskWarnYesNo ("NONSYS_INPLACE_ENC_RESUME_PROMPT", hwndDlg) == IDYES) - { - char *tmpStr[] = {0, - "CHOOSE_ENCRYPT_OR_DECRYPT", - "ENCRYPT", - "DECRYPT", - "IDCANCEL", - 0}; - - switch (AskMultiChoice ((void **) tmpStr, FALSE, hwndDlg)) - { - case 1: - *pbDecrypt = FALSE; - return IDYES; - case 2: - *pbDecrypt = TRUE; - return IDYES; - default: - break; - } - } - - char *multiChoiceStr[] = { 0, "ASK_NONSYS_INPLACE_ENC_NOTIFICATION_REMOVAL", "DO_NOT_PROMPT_ME", "KEEP_PROMPTING_ME", 0 }; - - switch (AskMultiChoice ((void **) multiChoiceStr, FALSE, hwndDlg)) - { - case 1: - RemoveNonSysInPlaceEncNotifications(); - Warning ("NONSYS_INPLACE_ENC_NOTIFICATION_REMOVAL_NOTE", hwndDlg); - break; - - default: - // NOP - break; - } - - return IDNO; -} - -#endif // !SETUP - - -BOOL RemoveDeviceWriteProtection (HWND hwndDlg, wchar_t *devicePath) -{ - int driveNumber; - int partitionNumber; - - wchar_t temp[MAX_PATH*2]; - wchar_t cmdBatch[MAX_PATH*2]; - wchar_t diskpartScript[MAX_PATH*2]; - - if (swscanf (devicePath, L"\\Device\\Harddisk%d\\Partition%d", &driveNumber, &partitionNumber) != 2) - return FALSE; - - if (GetTempPath (ARRAYSIZE (temp), temp) == 0) - return FALSE; - - StringCbPrintfW (cmdBatch, sizeof (cmdBatch), L"%s\\VeraCrypt_Write_Protection_Removal.cmd", temp); - StringCbPrintfW (diskpartScript, sizeof (diskpartScript), L"%s\\VeraCrypt_Write_Protection_Removal.diskpart", temp); - - FILE *f = _wfopen (cmdBatch, L"w"); - if (!f) - { - handleWin32Error (hwndDlg, SRC_POS); - return FALSE; - } - - fwprintf (f, L"@diskpart /s \"%s\"\n@pause\n@del \"%s\" \"%s\"", diskpartScript, diskpartScript, cmdBatch); - - CheckFileStreamWriteErrors (hwndDlg, f, cmdBatch); - fclose (f); - - f = _wfopen (diskpartScript, L"w"); - if (!f) - { - handleWin32Error (hwndDlg, SRC_POS); - DeleteFile (cmdBatch); - return FALSE; - } - - fwprintf (f, L"select disk %d\nattributes disk clear readonly\n", driveNumber); - - if (partitionNumber != 0) - fwprintf (f, L"select partition %d\nattributes volume clear readonly\n", partitionNumber); - - fwprintf (f, L"exit\n"); - - CheckFileStreamWriteErrors (hwndDlg, f, diskpartScript); - fclose (f); - - ShellExecute (NULL, (!IsAdmin() && IsUacSupported()) ? L"runas" : L"open", cmdBatch, NULL, NULL, SW_SHOW); - - return TRUE; -} - - -static LRESULT CALLBACK EnableElevatedCursorChangeWndProc (HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam) -{ - return DefWindowProcW (hWnd, message, wParam, lParam); -} - - -void EnableElevatedCursorChange (HWND parent) -{ - // Create a transparent window to work around a UAC issue preventing change of the cursor - if (UacElevated) - { - const wchar_t *className = L"VeraCryptEnableElevatedCursorChange"; - WNDCLASSEXW winClass; - HWND hWnd; - - memset (&winClass, 0, sizeof (winClass)); - winClass.cbSize = sizeof (WNDCLASSEX); - winClass.lpfnWndProc = (WNDPROC) EnableElevatedCursorChangeWndProc; - winClass.hInstance = hInst; - winClass.lpszClassName = className; - RegisterClassExW (&winClass); - - hWnd = CreateWindowExW (WS_EX_TOOLWINDOW | WS_EX_LAYERED, className, L"VeraCrypt UAC", 0, 0, 0, GetSystemMetrics (SM_CXSCREEN), GetSystemMetrics (SM_CYSCREEN), parent, NULL, hInst, NULL); - if (hWnd) - { - SetLayeredWindowAttributes (hWnd, 0, 1, LWA_ALPHA); - ShowWindow (hWnd, SW_SHOWNORMAL); - - DestroyWindow (hWnd); - } - UnregisterClassW (className, hInst); - } -} - - -BOOL DisableFileCompression (HANDLE file) -{ - USHORT format; - DWORD bytesOut; - - if (!DeviceIoControl (file, FSCTL_GET_COMPRESSION, NULL, 0, &format, sizeof (format), &bytesOut, NULL)) - return FALSE; - - if (format == COMPRESSION_FORMAT_NONE) - return TRUE; - - format = COMPRESSION_FORMAT_NONE; - return DeviceIoControl (file, FSCTL_SET_COMPRESSION, &format, sizeof (format), NULL, 0, &bytesOut, NULL); -} - - -BOOL VolumePathExists (const wchar_t *volumePath) -{ - OPEN_TEST_STRUCT openTest = {0}; - wchar_t upperCasePath[TC_MAX_PATH + 1]; - - UpperCaseCopy (upperCasePath, sizeof(upperCasePath), volumePath); - - if (wcsstr (upperCasePath, L"\\DEVICE\\") == upperCasePath) - return OpenDevice (volumePath, &openTest, FALSE, FALSE, NULL); - - wstring path = volumePath; - if (path.find (L"\\\\?\\Volume{") == 0 && path.rfind (L"}\\") == path.size() - 2) - { - wchar_t devicePath[TC_MAX_PATH]; - if (QueryDosDevice (path.substr (4, path.size() - 5).c_str(), devicePath, TC_MAX_PATH) != 0) - return TRUE; - } - - if (_waccess (volumePath, 0) == 0) - return TRUE; - else - { - DWORD dwResult = GetLastError (); - if (dwResult == ERROR_SHARING_VIOLATION) - return TRUE; - else - return FALSE; - } -} - - -BOOL IsWindowsIsoBurnerAvailable () -{ - wchar_t path[MAX_PATH*2] = { 0 }; - - if (!IsOSAtLeast (WIN_7)) - { - return FALSE; - } - - if (SUCCEEDED(SHGetFolderPath (NULL, CSIDL_SYSTEM, NULL, 0, path))) - { - StringCbCatW (path, MAX_PATH*2, L"\\" ISO_BURNER_TOOL); - - return (FileExists (path)); - } - - return FALSE; -} - - -BOOL LaunchWindowsIsoBurner (HWND hwnd, const wchar_t *isoPath) -{ - wchar_t path[MAX_PATH*2] = { 0 }; - int r; - - if (SUCCEEDED(SHGetFolderPath (NULL, CSIDL_SYSTEM, NULL, 0, path))) - StringCbCatW (path, MAX_PATH*2, L"\\" ISO_BURNER_TOOL); - else - StringCbCopyW (path, MAX_PATH*2, L"C:\\Windows\\System32\\" ISO_BURNER_TOOL); - - r = (int) ShellExecute (hwnd, L"open", path, (wstring (L"\"") + isoPath + L"\"").c_str(), NULL, SW_SHOWNORMAL); - - if (r <= 32) - { - SetLastError (r); - handleWin32Error (hwnd, SRC_POS); - - return FALSE; - } - - return TRUE; -} - - -std::wstring VolumeGuidPathToDevicePath (std::wstring volumeGuidPath) -{ - if (volumeGuidPath.find (L"\\\\?\\") == 0) - volumeGuidPath = volumeGuidPath.substr (4); - - if (volumeGuidPath.find (L"Volume{") != 0 || volumeGuidPath.rfind (L"}\\") != volumeGuidPath.size() - 2) - return wstring(); - - wchar_t volDevPath[TC_MAX_PATH]; - if (QueryDosDevice (volumeGuidPath.substr (0, volumeGuidPath.size() - 1).c_str(), volDevPath, TC_MAX_PATH) == 0) - return wstring(); - - wstring partitionPath = HarddiskVolumePathToPartitionPath (volDevPath); - - return partitionPath.empty() ? volDevPath : partitionPath; -} - - -std::wstring HarddiskVolumePathToPartitionPath (const std::wstring &harddiskVolumePath) -{ - for (int driveNumber = 0; driveNumber < MAX_HOST_DRIVE_NUMBER; driveNumber++) - { - for (int partNumber = 0; partNumber < MAX_HOST_PARTITION_NUMBER; partNumber++) - { - wchar_t partitionPath[TC_MAX_PATH]; - StringCchPrintfW (partitionPath, ARRAYSIZE (partitionPath), L"\\Device\\Harddisk%d\\Partition%d", driveNumber, partNumber); - - wchar_t resolvedPath[TC_MAX_PATH]; - if (ResolveSymbolicLink (partitionPath, resolvedPath, sizeof(resolvedPath))) - { - if (harddiskVolumePath == resolvedPath) - return partitionPath; - } - else if (partNumber == 0) - break; - } - } - - return wstring(); -} - - -BOOL IsApplicationInstalled (const wchar_t *appName, BOOL b32bitApp) -{ - const wchar_t *uninstallRegName = L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall"; - BOOL installed = FALSE; - HKEY unistallKey; - LONG res = RegOpenKeyEx (HKEY_LOCAL_MACHINE, uninstallRegName, 0, KEY_READ | (b32bitApp? KEY_WOW64_32KEY: KEY_WOW64_64KEY), &unistallKey); - if (res != ERROR_SUCCESS) - { - SetLastError (res); - return FALSE; - } - - wchar_t regName[1024]; - DWORD regNameSize = sizeof (regName); - DWORD index = 0; - while (RegEnumKeyEx (unistallKey, index++, regName, ®NameSize, NULL, NULL, NULL, NULL) == ERROR_SUCCESS) - { - if (wcsstr (regName, L"{") == regName) - { - regNameSize = sizeof (regName); - if (!ReadLocalMachineRegistryStringNonReflected ((wstring (uninstallRegName) + L"\\" + regName).c_str(), L"DisplayName", regName, ®NameSize, b32bitApp)) - regName[0] = 0; - } - - if (_wcsicmp (regName, appName) == 0) - { - installed = TRUE; - break; - } - - regNameSize = sizeof (regName); - } - - RegCloseKey (unistallKey); - return installed; -} - - -std::wstring FindLatestFileOrDirectory (const std::wstring &directory, const wchar_t *namePattern, bool findDirectory, bool findFile) -{ - wstring name; - ULARGE_INTEGER latestTime; - latestTime.QuadPart = 0; - WIN32_FIND_DATA findData; - - HANDLE find = FindFirstFile ((directory + L"\\" + namePattern).c_str(), &findData); - if (find != INVALID_HANDLE_VALUE) - { - do - { - if (wcscmp (findData.cFileName, L".") == 0 || wcscmp (findData.cFileName, L"..") == 0) - continue; - - ULARGE_INTEGER writeTime; - writeTime.LowPart = findData.ftLastWriteTime.dwLowDateTime; - writeTime.HighPart = findData.ftLastWriteTime.dwHighDateTime; - - if ((!findFile && !(findData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)) - || (!findDirectory && (findData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY))) - continue; - - if (latestTime.QuadPart < writeTime.QuadPart) - { - latestTime = writeTime; - name = findData.cFileName; - } - } - while (FindNextFile (find, &findData)); - - FindClose (find); - } - - if (name.empty()) - return name; - - return wstring (directory) + L"\\" + name; -} - -int GetPim (HWND hwndDlg, UINT ctrlId) -{ - int pim = 0; - HWND hCtrl = GetDlgItem (hwndDlg, ctrlId); - if (IsWindowEnabled (hCtrl) && IsWindowVisible (hCtrl)) - { - wchar_t szTmp[MAX_PIM + 1] = {0}; - if (GetDlgItemText (hwndDlg, ctrlId, szTmp, MAX_PIM + 1) > 0) - { - wchar_t* endPtr = NULL; - pim = wcstol(szTmp, &endPtr, 10); - if (pim < 0 || endPtr == szTmp || !endPtr || *endPtr != L'\0') - pim = 0; - } - } - return pim; -} - -void SetPim (HWND hwndDlg, UINT ctrlId, int pim) -{ - if (pim > 0) - { - wchar_t szTmp[MAX_PIM + 1]; - StringCbPrintfW (szTmp, sizeof(szTmp), L"%d", pim); - SetDlgItemText (hwndDlg, ctrlId, szTmp); - } - else - SetDlgItemText (hwndDlg, ctrlId, L""); -} - -BOOL GetPassword (HWND hwndDlg, UINT ctrlID, char* passValue, int bufSize, BOOL bShowError) -{ - wchar_t tmp [MAX_PASSWORD + 1]; - int utf8Len; - BOOL bRet = FALSE; - - GetWindowText (GetDlgItem (hwndDlg, ctrlID), tmp, ARRAYSIZE (tmp)); - utf8Len = WideCharToMultiByte (CP_UTF8, 0, tmp, -1, passValue, bufSize, NULL, NULL); - burn (tmp, sizeof (tmp)); - if (utf8Len > 0) - { - bRet = TRUE; - } - else - { - passValue [0] = 0; - if (bShowError) - { - SetFocus (GetDlgItem(hwndDlg, ctrlID)); - if (GetLastError () == ERROR_INSUFFICIENT_BUFFER) - Error ("PASSWORD_UTF8_TOO_LONG", hwndDlg); - else - Error ("PASSWORD_UTF8_INVALID", hwndDlg); - } - } - - return bRet; -} - -void SetPassword (HWND hwndDlg, UINT ctrlID, char* passValue) -{ - wchar_t tmp [MAX_PASSWORD + 1] = {0}; - MultiByteToWideChar (CP_UTF8, 0, passValue, -1, tmp, MAX_PASSWORD + 1); - SetWindowText ( GetDlgItem (hwndDlg, ctrlID), tmp); - burn (tmp, sizeof (tmp)); -} - -void HandleShowPasswordFieldAction (HWND hwndDlg, UINT checkBoxId, UINT edit1Id, UINT edit2Id) -{ - if ((EditPasswordChar == 0) && GetCheckBox (hwndDlg, checkBoxId)) - { - EditPasswordChar = (WCHAR) SendMessageW (GetDlgItem (hwndDlg, edit1Id), EM_GETPASSWORDCHAR, 0, 0); - } - - SendMessageW (GetDlgItem (hwndDlg, edit1Id), - EM_SETPASSWORDCHAR, - GetCheckBox (hwndDlg, checkBoxId) ? 0 : EditPasswordChar, - 0); - InvalidateRect (GetDlgItem (hwndDlg, edit1Id), NULL, TRUE); - - if (edit2Id) - { - SendMessageW (GetDlgItem (hwndDlg, edit2Id), - EM_SETPASSWORDCHAR, - GetCheckBox (hwndDlg, checkBoxId) ? 0 : EditPasswordChar, - 0); - InvalidateRect (GetDlgItem (hwndDlg, edit2Id), NULL, TRUE); - } -} - -void RegisterDriverInf (bool registerFilter, const string& filter, const string& filterReg, HWND ParentWindow, HKEY regKey) -{ - wstring infFileName = GetTempPathString() + L"\\veracrypt_driver_setup.inf"; - - File infFile (infFileName, false, true); - finally_do_arg (wstring, infFileName, { DeleteFile (finally_arg.c_str()); }); - - string infTxt = "[veracrypt]\r\n" - + string (registerFilter ? "Add" : "Del") + "Reg=veracrypt_reg\r\n\r\n" - "[veracrypt_reg]\r\n" - "HKR,,\"" + filterReg + "\",0x0001" + string (registerFilter ? "0008" : "8002") + ",\"" + filter + "\"\r\n"; - - infFile.Write ((byte *) infTxt.c_str(), (DWORD) infTxt.size()); - infFile.Close(); - - HINF hInf = SetupOpenInfFileWFn (infFileName.c_str(), NULL, INF_STYLE_OLDNT | INF_STYLE_WIN4, NULL); - throw_sys_if (hInf == INVALID_HANDLE_VALUE); - finally_do_arg (HINF, hInf, { SetupCloseInfFileFn (finally_arg); }); - - throw_sys_if (!SetupInstallFromInfSectionWFn (ParentWindow, hInf, L"veracrypt", SPINST_REGISTRY, regKey, NULL, 0, NULL, NULL, NULL, NULL)); -} - -HKEY OpenDeviceClassRegKey (const GUID *deviceClassGuid) -{ - return SetupDiOpenClassRegKeyFn (deviceClassGuid, KEY_READ | KEY_WRITE); -} - -LSTATUS DeleteRegistryKey (HKEY hKey, LPCTSTR keyName) -{ - return SHDeleteKeyWFn(hKey, keyName); -} - -HIMAGELIST CreateImageList(int cx, int cy, UINT flags, int cInitial, int cGrow) -{ - return ImageList_CreateFn(cx, cy, flags, cInitial, cGrow); -} - -int AddBitmapToImageList(HIMAGELIST himl, HBITMAP hbmImage, HBITMAP hbmMask) -{ - return ImageList_AddFn(himl, hbmImage, hbmMask); -} - -HRESULT VCStrDupW(LPCWSTR psz, LPWSTR *ppwsz) -{ - return SHStrDupWFn (psz, ppwsz); -} - - -void ProcessEntropyEstimate (HWND hProgress, DWORD* pdwInitialValue, DWORD dwCounter, DWORD dwMaxLevel, DWORD* pdwEntropy) -{ - /* conservative estimate: 1 mouse move event brings 1 bit of entropy - * https://security.stackexchange.com/questions/32844/for-how-much-time-should-i-randomly-move-the-mouse-for-generating-encryption-key/32848#32848 - */ - if (*pdwEntropy == 0xFFFFFFFF) - { - *pdwInitialValue = dwCounter; - *pdwEntropy = 0; - } - else - { - if ( *pdwEntropy < dwMaxLevel - && (dwCounter >= *pdwInitialValue) - && (dwCounter - *pdwInitialValue) <= dwMaxLevel) - *pdwEntropy = dwCounter - *pdwInitialValue; - else - *pdwEntropy = dwMaxLevel; - - if (IsOSAtLeast (WIN_VISTA)) - { - int state = PBST_ERROR; - if (*pdwEntropy >= (dwMaxLevel/2)) - state = PBST_NORMAL; - else if (*pdwEntropy >= (dwMaxLevel/4)) - state = PBST_PAUSED; - - SendMessage (hProgress, PBM_SETSTATE, state, 0); - } - - SendMessage (hProgress, PBM_SETPOS, - (WPARAM) (*pdwEntropy), - 0); - } -} - -void AllowMessageInUIPI (UINT msg) -{ - if (ChangeWindowMessageFilterFn) - { - ChangeWindowMessageFilterFn (msg, MSGFLT_ADD); - } -} - -BOOL IsRepeatedByteArray (byte value, const byte* buffer, size_t bufferSize) -{ - if (buffer && bufferSize) - { - size_t i; - for (i = 0; i < bufferSize; i++) - { - if (*buffer++ != value) - return FALSE; - } - return TRUE; - } - else - return FALSE; -} - -BOOL TranslateVolumeID (HWND hwndDlg, wchar_t* pathValue, size_t cchPathValue) -{ - BOOL bRet = TRUE; - size_t pathLen = pathValue? wcslen (pathValue) : 0; - if ((pathLen >= 3) && (_wcsnicmp (pathValue, L"ID:", 3) == 0)) - { - std::vector arr; - if ( (pathLen == (3 + 2*VOLUME_ID_SIZE)) - && HexWideStringToArray (pathValue + 3, arr) - && (arr.size() == VOLUME_ID_SIZE) - ) - { - std::wstring devicePath = FindDeviceByVolumeID (&arr[0]); - if (devicePath.length() > 0) - StringCchCopyW (pathValue, cchPathValue, devicePath.c_str()); - else - { - if (!Silent && !MultipleMountOperationInProgress) - Error ("VOLUME_ID_NOT_FOUND", hwndDlg); - SetLastError (ERROR_PATH_NOT_FOUND); - bRet = FALSE; - } - } - else - { - if (!Silent) - Error ("VOLUME_ID_INVALID", hwndDlg); - - SetLastError (ERROR_INVALID_PARAMETER); - bRet = FALSE; - } - } - - return bRet; -} - -BOOL CopyTextToClipboard (LPCWSTR txtValue) -{ - size_t txtLen = wcslen(txtValue); - HGLOBAL hdst; - LPWSTR dst; - BOOL bRet = FALSE; - - // Allocate string for cwd - hdst = GlobalAlloc(GMEM_MOVEABLE, (txtLen + 1) * sizeof(WCHAR)); - if (hdst) - { - dst = (LPWSTR)GlobalLock(hdst); - wmemcpy(dst, txtValue, txtLen + 1); - GlobalUnlock(hdst); - - if (OpenClipboard(NULL)) - { - EmptyClipboard(); - SetClipboardData(CF_UNICODETEXT, hdst); - CloseClipboard(); - } - } - - return bRet; -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "Resource.h" + +#include "Platform/Finally.h" +#include "Platform/ForEach.h" +#include "Apidrvr.h" +#include "BootEncryption.h" +#include "Combo.h" +#include "Crc.h" +#include "Crypto.h" +#include "Dictionary.h" +#include "Dlgcode.h" +#include "EncryptionThreadPool.h" +#include "Endian.h" +#include "Format/Inplace.h" +#include "Language.h" +#include "Keyfiles.h" +#include "Pkcs5.h" +#include "Random.h" +#include "Registry.h" +#include "SecurityToken.h" +#include "Tests.h" +#include "Volumes.h" +#include "Wipe.h" +#include "Xml.h" +#include "Xts.h" +#include "Boot/Windows/BootCommon.h" +#include "Progress.h" + +#ifdef TCMOUNT +#include "Mount/Mount.h" +#include "Mount/resource.h" +#endif + +#ifdef VOLFORMAT +#include "Format/Tcformat.h" +#endif + +#ifdef SETUP +#include "Setup/Setup.h" +#endif + +#include + +using namespace VeraCrypt; + +LONG DriverVersion; + +char *LastDialogId; +wchar_t szHelpFile[TC_MAX_PATH]; +wchar_t szHelpFile2[TC_MAX_PATH]; +wchar_t SecurityTokenLibraryPath[TC_MAX_PATH]; + +HFONT hFixedDigitFont = NULL; +HFONT hBoldFont = NULL; +HFONT hTitleFont = NULL; +HFONT hFixedFont = NULL; + +HFONT hUserFont = NULL; +HFONT hUserUnderlineFont = NULL; +HFONT hUserBoldFont = NULL; +HFONT hUserUnderlineBoldFont = NULL; + +HFONT WindowTitleBarFont; + +WCHAR EditPasswordChar = 0; + +int ScreenDPI = USER_DEFAULT_SCREEN_DPI; +double DPIScaleFactorX = 1; +double DPIScaleFactorY = 1; +double DlgAspectRatio = 1; + +HWND MainDlg = NULL; +wchar_t *lpszTitle = NULL; + +BOOL Silent = FALSE; +BOOL bPreserveTimestamp = TRUE; +BOOL bShowDisconnectedNetworkDrives = FALSE; +BOOL bHideWaitingDialog = FALSE; +BOOL bCmdHideWaitingDialog = FALSE; +BOOL bCmdHideWaitingDialogValid = FALSE; +BOOL bStartOnLogon = FALSE; +BOOL bMountDevicesOnLogon = FALSE; +BOOL bMountFavoritesOnLogon = FALSE; + +BOOL bHistory = FALSE; + +// Status of detection of hidden sectors (whole-system-drive encryption). +// 0 - Unknown/undetermined/completed, 1: Detection is or was in progress (but did not complete e.g. due to system crash). +int HiddenSectorDetectionStatus = 0; + +OSVersionEnum nCurrentOS = WIN_UNKNOWN; +int CurrentOSMajor = 0; +int CurrentOSMinor = 0; +int CurrentOSServicePack = 0; +BOOL RemoteSession = FALSE; +BOOL UacElevated = FALSE; + +BOOL bPortableModeConfirmed = FALSE; // TRUE if it is certain that the instance is running in portable mode + +BOOL bInPlaceEncNonSysPending = FALSE; // TRUE if the non-system in-place encryption config file indicates that one or more partitions are scheduled to be encrypted. This flag is set only when config files are loaded during app startup. + +/* Globals used by Mount and Format (separately per instance) */ +BOOL PimEnable = FALSE; +BOOL KeyFilesEnable = FALSE; +KeyFile *FirstKeyFile = NULL; +KeyFilesDlgParam defaultKeyFilesParam; + +BOOL IgnoreWmDeviceChange = FALSE; +BOOL DeviceChangeBroadcastDisabled = FALSE; +BOOL LastMountedVolumeDirty; +BOOL MountVolumesAsSystemFavorite = FALSE; +BOOL FavoriteMountOnArrivalInProgress = FALSE; +BOOL MultipleMountOperationInProgress = FALSE; + +BOOL WaitDialogDisplaying = FALSE; + +/* Handle to the device driver */ +HANDLE hDriver = INVALID_HANDLE_VALUE; + +/* This mutex is used to prevent multiple instances of the wizard or main app from dealing with system encryption */ +volatile HANDLE hSysEncMutex = NULL; + +/* This mutex is used for non-system in-place encryption but only for informative (non-blocking) purposes, +such as whether an app should prompt the user whether to resume scheduled process. */ +volatile HANDLE hNonSysInplaceEncMutex = NULL; + +/* This mutex is used to prevent multiple instances of the wizard or main app from trying to install or +register the driver or from trying to launch it in portable mode at the same time. */ +volatile HANDLE hDriverSetupMutex = NULL; + +/* This mutex is used to prevent users from running the main TrueCrypt app or the wizard while an instance +of the TrueCrypt installer is running (which is also useful for enforcing restart before the apps can be used). */ +volatile HANDLE hAppSetupMutex = NULL; + +/* Critical section used to protect access to global variables used in WNetGetConnection calls */ +CRITICAL_SECTION csWNetCalls; + +HINSTANCE hInst = NULL; +HCURSOR hCursor = NULL; + +ATOM hDlgClass, hSplashClass; + +/* This value may changed only by calling ChangeSystemEncryptionStatus(). Only the wizard can change it +(others may still read it though). */ +int SystemEncryptionStatus = SYSENC_STATUS_NONE; + +/* Only the wizard can change this value (others may only read it). */ +WipeAlgorithmId nWipeMode = TC_WIPE_NONE; + +BOOL bSysPartitionSelected = FALSE; /* TRUE if the user selected the system partition via the Select Device dialog */ +BOOL bSysDriveSelected = FALSE; /* TRUE if the user selected the system drive via the Select Device dialog */ + +/* To populate these arrays, call GetSysDevicePaths(). If they contain valid paths, bCachedSysDevicePathsValid is TRUE. */ +wchar_t SysPartitionDevicePath [TC_MAX_PATH]; +wchar_t SysDriveDevicePath [TC_MAX_PATH]; +wstring ExtraBootPartitionDevicePath; +char bCachedSysDevicePathsValid = FALSE; + +BOOL bHyperLinkBeingTracked = FALSE; + +int WrongPwdRetryCounter = 0; + +static FILE *ConfigFileHandle; +char *ConfigBuffer; + +BOOL SystemFileSelectorCallPending = FALSE; +DWORD SystemFileSelectorCallerThreadId; + +#define RANDPOOL_DISPLAY_REFRESH_INTERVAL 30 +#define RANDPOOL_DISPLAY_ROWS 16 +#define RANDPOOL_DISPLAY_COLUMNS 20 + +HMODULE hRichEditDll = NULL; +HMODULE hComctl32Dll = NULL; +HMODULE hSetupDll = NULL; +HMODULE hShlwapiDll = NULL; +HMODULE hProfApiDll = NULL; +HMODULE hUsp10Dll = NULL; +HMODULE hCryptSpDll = NULL; +HMODULE hUXThemeDll = NULL; +HMODULE hUserenvDll = NULL; +HMODULE hRsaenhDll = NULL; +HMODULE himm32dll = NULL; +HMODULE hMSCTFdll = NULL; +HMODULE hfltlibdll = NULL; +HMODULE hframedyndll = NULL; +HMODULE hpsapidll = NULL; +HMODULE hsecur32dll = NULL; +HMODULE hnetapi32dll = NULL; +HMODULE hauthzdll = NULL; +HMODULE hxmllitedll = NULL; +HMODULE hmprdll = NULL; +HMODULE hsppdll = NULL; +HMODULE vssapidll = NULL; +HMODULE hvsstracedll = NULL; +HMODULE hcfgmgr32dll = NULL; +HMODULE hdevobjdll = NULL; +HMODULE hpowrprofdll = NULL; +HMODULE hsspiclidll = NULL; +HMODULE hcryptbasedll = NULL; +HMODULE hdwmapidll = NULL; +HMODULE hmsasn1dll = NULL; +HMODULE hcrypt32dll = NULL; +HMODULE hbcryptdll = NULL; +HMODULE hbcryptprimitivesdll = NULL; +HMODULE hMsls31 = NULL; +HMODULE hntmartadll = NULL; +HMODULE hwinscarddll = NULL; + +#define FREE_DLL(h) if (h) { FreeLibrary (h); h = NULL;} + +typedef void (WINAPI *InitCommonControlsPtr)(void); +typedef HIMAGELIST (WINAPI *ImageList_CreatePtr)(int cx, int cy, UINT flags, int cInitial, int cGrow); +typedef int (WINAPI *ImageList_AddPtr)(HIMAGELIST himl, HBITMAP hbmImage, HBITMAP hbmMask); + +typedef VOID (WINAPI *SetupCloseInfFilePtr)(HINF InfHandle); +typedef HKEY (WINAPI *SetupDiOpenClassRegKeyPtr)(CONST GUID *ClassGuid,REGSAM samDesired); +typedef BOOL (WINAPI *SetupInstallFromInfSectionWPtr)(HWND,HINF,PCWSTR,UINT,HKEY,PCWSTR,UINT,PSP_FILE_CALLBACK_W,PVOID,HDEVINFO,PSP_DEVINFO_DATA); +typedef HINF (WINAPI *SetupOpenInfFileWPtr)(PCWSTR FileName,PCWSTR InfClass,DWORD InfStyle,PUINT ErrorLine); + +typedef LSTATUS (STDAPICALLTYPE *SHDeleteKeyWPtr)(HKEY hkey, LPCWSTR pszSubKey); + +typedef HRESULT (STDAPICALLTYPE *SHStrDupWPtr)(LPCWSTR psz, LPWSTR *ppwsz); + +// ChangeWindowMessageFilter +typedef BOOL (WINAPI *ChangeWindowMessageFilterPtr) (UINT, DWORD); + +ImageList_CreatePtr ImageList_CreateFn = NULL; +ImageList_AddPtr ImageList_AddFn = NULL; + +SetupCloseInfFilePtr SetupCloseInfFileFn = NULL; +SetupDiOpenClassRegKeyPtr SetupDiOpenClassRegKeyFn = NULL; +SetupInstallFromInfSectionWPtr SetupInstallFromInfSectionWFn = NULL; +SetupOpenInfFileWPtr SetupOpenInfFileWFn = NULL; +SHDeleteKeyWPtr SHDeleteKeyWFn = NULL; +SHStrDupWPtr SHStrDupWFn = NULL; +ChangeWindowMessageFilterPtr ChangeWindowMessageFilterFn = NULL; + +/* Windows dialog class */ +#define WINDOWS_DIALOG_CLASS L"#32770" + +/* Custom class names */ +#define TC_DLG_CLASS L"VeraCryptCustomDlg" +#define TC_SPLASH_CLASS L"VeraCryptSplashDlg" + +/* constant used by ChangeWindowMessageFilter calls */ +#ifndef MSGFLT_ADD +#define MSGFLT_ADD 1 +#endif + +/* undocumented message sent during drag-n-drop */ +#ifndef WM_COPYGLOBALDATA +#define WM_COPYGLOBALDATA 0x0049 +#endif + +/* Benchmarks */ + +#ifndef SETUP + +#define BENCHMARK_MAX_ITEMS 100 +#define BENCHMARK_DEFAULT_BUF_SIZE BYTES_PER_MB +#define HASH_FNC_BENCHMARKS FALSE // For development purposes only. Must be FALSE when building a public release. +#define PKCS5_BENCHMARKS FALSE // For development purposes only. Must be FALSE when building a public release. +#if PKCS5_BENCHMARKS && HASH_FNC_BENCHMARKS +#error PKCS5_BENCHMARKS and HASH_FNC_BENCHMARKS are both TRUE (at least one of them should be FALSE). +#endif + +enum +{ + BENCHMARK_SORT_BY_NAME = 0, + BENCHMARK_SORT_BY_SPEED +}; + +typedef struct +{ + int id; + wchar_t name[100]; + unsigned __int64 encSpeed; + unsigned __int64 decSpeed; + unsigned __int64 meanBytesPerSec; +} BENCHMARK_REC; + +BENCHMARK_REC benchmarkTable [BENCHMARK_MAX_ITEMS]; +int benchmarkTotalItems = 0; +int benchmarkBufferSize = BENCHMARK_DEFAULT_BUF_SIZE; +int benchmarkLastBufferSize = BENCHMARK_DEFAULT_BUF_SIZE; +int benchmarkSortMethod = BENCHMARK_SORT_BY_SPEED; +LARGE_INTEGER benchmarkPerformanceFrequency; + +#endif // #ifndef SETUP + + +typedef struct +{ + void *strings; + BOOL bold; + +} MULTI_CHOICE_DLGPROC_PARAMS; + + +void cleanup () +{ + /* Cleanup the GDI fonts */ + if (hFixedFont != NULL) + DeleteObject (hFixedFont); + if (hFixedDigitFont != NULL) + DeleteObject (hFixedDigitFont); + if (hBoldFont != NULL) + DeleteObject (hBoldFont); + if (hTitleFont != NULL) + DeleteObject (hTitleFont); + if (hUserFont != NULL) + DeleteObject (hUserFont); + if (hUserUnderlineFont != NULL) + DeleteObject (hUserUnderlineFont); + if (hUserBoldFont != NULL) + DeleteObject (hUserBoldFont); + if (hUserUnderlineBoldFont != NULL) + DeleteObject (hUserUnderlineBoldFont); + + /* Cleanup our dialog class */ + if (hDlgClass) + UnregisterClassW (TC_DLG_CLASS, hInst); + if (hSplashClass) + UnregisterClassW (TC_SPLASH_CLASS, hInst); + + /* Close the device driver handle */ + if (hDriver != INVALID_HANDLE_VALUE) + { + // Unload driver mode if possible (non-install mode) + if (IsNonInstallMode ()) + { + // If a dismount was forced in the lifetime of the driver, Windows may later prevent it to be loaded again from + // the same path. Therefore, the driver will not be unloaded even though it was loaded in non-install mode. + int driverUnloadDisabled; + DWORD dwResult; + + if (!DeviceIoControl (hDriver, TC_IOCTL_IS_DRIVER_UNLOAD_DISABLED, NULL, 0, &driverUnloadDisabled, sizeof (driverUnloadDisabled), &dwResult, NULL)) + driverUnloadDisabled = 0; + + if (!driverUnloadDisabled) + DriverUnload (); + else + { + CloseHandle (hDriver); + hDriver = INVALID_HANDLE_VALUE; + } + } + else + { + CloseHandle (hDriver); + hDriver = INVALID_HANDLE_VALUE; + } + } + + if (ConfigBuffer != NULL) + { + free (ConfigBuffer); + ConfigBuffer = NULL; + } + + CoUninitialize (); + + CloseSysEncMutex (); + +#ifndef SETUP + try + { + if (SecurityToken::IsInitialized()) + SecurityToken::CloseLibrary(); + } + catch (...) { } + + EncryptionThreadPoolStop(); +#endif + + DeleteCriticalSection (&csWNetCalls); +} + + +void LowerCaseCopy (wchar_t *lpszDest, const wchar_t *lpszSource) +{ + size_t i = wcslen (lpszSource) + 1; + + lpszDest[i - 1] = 0; + while (--i > 0) + { + lpszDest[i - 1] = (wchar_t) towlower (lpszSource[i - 1]); + } + +} + +void UpperCaseCopy (wchar_t *lpszDest, size_t cbDest, const wchar_t *lpszSource) +{ + if (lpszDest && cbDest) + { + size_t i = wcslen (lpszSource); + if (i >= cbDest) + i = cbDest - 1; + + lpszDest[i] = 0; + i++; + while (--i > 0) + { + lpszDest[i - 1] = (wchar_t) towupper (lpszSource[i - 1]); + } + } +} + + +std::wstring ToUpperCase (const std::wstring &str) +{ + wstring u; + foreach (wchar_t c, str) + { + u += (wchar_t) towupper (c); + } + + return u; +} + +size_t TrimWhiteSpace(wchar_t *str) +{ + wchar_t *end, *ptr = str; + size_t out_size; + + if(!str || *str == 0) + return 0; + + // Trim leading space + while(iswspace(*ptr)) ptr++; + + if(*ptr == 0) // All spaces? + { + *str = 0; + return 0; + } + + // Trim trailing space + end = str + wcslen(str) - 1; + while(end > ptr && iswspace(*end)) end--; + end++; + + // Set output size to trimmed string length + out_size = (end - ptr); + + // Copy trimmed string and add null terminator + wmemmove(str, ptr, out_size); + str[out_size] = 0; + + return out_size; +} + +// check the validity of a file name +BOOL IsValidFileName(const wchar_t* str) +{ + static wchar_t invalidChars[9] = {L'<', L'>', L':', L'"', L'/', L'\\', L'|', L'?', L'*'}; + wchar_t c; + int i; + BOOL bNotDotOnly = FALSE; + while ((c = *str)) + { + if (c != L'.') + bNotDotOnly = TRUE; + for (i= 0; i < ARRAYSIZE(invalidChars); i++) + if (c == invalidChars[i]) + return FALSE; + str++; + } + + return bNotDotOnly; +} + +BOOL IsVolumeDeviceHosted (const wchar_t *lpszDiskFile) +{ + return wcsstr (lpszDiskFile, L"\\Device\\") == lpszDiskFile + || wcsstr (lpszDiskFile, L"\\DEVICE\\") == lpszDiskFile; +} + + +void CreateFullVolumePath (wchar_t *lpszDiskFile, size_t cbDiskFile, const wchar_t *lpszFileName, BOOL * bDevice) +{ + UpperCaseCopy (lpszDiskFile, cbDiskFile, lpszFileName); + + *bDevice = FALSE; + + if (wmemcmp (lpszDiskFile, L"\\DEVICE", 7) == 0) + { + *bDevice = TRUE; + } + + StringCbCopyW (lpszDiskFile, cbDiskFile, lpszFileName); + +#if _DEBUG + OutputDebugString (L"CreateFullVolumePath: "); + OutputDebugString (lpszDiskFile); + OutputDebugString (L"\n"); +#endif + +} + +int FakeDosNameForDevice (const wchar_t *lpszDiskFile , wchar_t *lpszDosDevice , size_t cbDosDevice, wchar_t *lpszCFDevice , size_t cbCFDevice, BOOL bNameOnly) +{ + BOOL bDosLinkCreated = TRUE; + StringCbPrintfW (lpszDosDevice, cbDosDevice,L"veracrypt%lu", GetCurrentProcessId ()); + + if (bNameOnly == FALSE) + bDosLinkCreated = DefineDosDevice (DDD_RAW_TARGET_PATH, lpszDosDevice, lpszDiskFile); + + if (bDosLinkCreated == FALSE) + return ERR_OS_ERROR; + else + StringCbPrintfW (lpszCFDevice, cbCFDevice,L"\\\\.\\%s", lpszDosDevice); + + return 0; +} + +int RemoveFakeDosName (wchar_t *lpszDiskFile, wchar_t *lpszDosDevice) +{ + BOOL bDosLinkRemoved = DefineDosDevice (DDD_RAW_TARGET_PATH | DDD_EXACT_MATCH_ON_REMOVE | + DDD_REMOVE_DEFINITION, lpszDosDevice, lpszDiskFile); + if (bDosLinkRemoved == FALSE) + { + return ERR_OS_ERROR; + } + + return 0; +} + + +void AbortProcessDirect (wchar_t *abortMsg) +{ + // Note that this function also causes localcleanup() to be called (see atexit()) + MessageBeep (MB_ICONEXCLAMATION); + MessageBoxW (NULL, abortMsg, lpszTitle, ICON_HAND); + FREE_DLL (hRichEditDll); + FREE_DLL (hComctl32Dll); + FREE_DLL (hSetupDll); + FREE_DLL (hShlwapiDll); + FREE_DLL (hProfApiDll); + FREE_DLL (hUsp10Dll); + FREE_DLL (hCryptSpDll); + FREE_DLL (hUXThemeDll); + FREE_DLL (hUserenvDll); + FREE_DLL (hRsaenhDll); + FREE_DLL (himm32dll); + FREE_DLL (hMSCTFdll); + FREE_DLL (hfltlibdll); + FREE_DLL (hframedyndll); + FREE_DLL (hpsapidll); + FREE_DLL (hsecur32dll); + FREE_DLL (hnetapi32dll); + FREE_DLL (hauthzdll); + FREE_DLL (hxmllitedll); + FREE_DLL (hmprdll); + FREE_DLL (hsppdll); + FREE_DLL (vssapidll); + FREE_DLL (hvsstracedll); + FREE_DLL (hCryptSpDll); + FREE_DLL (hcfgmgr32dll); + FREE_DLL (hdevobjdll); + FREE_DLL (hpowrprofdll); + FREE_DLL (hsspiclidll); + FREE_DLL (hcryptbasedll); + FREE_DLL (hdwmapidll); + FREE_DLL (hmsasn1dll); + FREE_DLL (hcrypt32dll); + FREE_DLL (hbcryptdll); + FREE_DLL (hbcryptprimitivesdll); + FREE_DLL (hMsls31); + FREE_DLL (hntmartadll); + FREE_DLL (hwinscarddll); + + exit (1); +} + +void AbortProcess (char *stringId) +{ + // Note that this function also causes localcleanup() to be called (see atexit()) + AbortProcessDirect (GetString (stringId)); +} + +void AbortProcessSilent (void) +{ + FREE_DLL (hRichEditDll); + FREE_DLL (hComctl32Dll); + FREE_DLL (hSetupDll); + FREE_DLL (hShlwapiDll); + FREE_DLL (hProfApiDll); + FREE_DLL (hUsp10Dll); + FREE_DLL (hCryptSpDll); + FREE_DLL (hUXThemeDll); + FREE_DLL (hUserenvDll); + FREE_DLL (hRsaenhDll); + FREE_DLL (himm32dll); + FREE_DLL (hMSCTFdll); + FREE_DLL (hfltlibdll); + FREE_DLL (hframedyndll); + FREE_DLL (hpsapidll); + FREE_DLL (hsecur32dll); + FREE_DLL (hnetapi32dll); + FREE_DLL (hauthzdll); + FREE_DLL (hxmllitedll); + FREE_DLL (hmprdll); + FREE_DLL (hsppdll); + FREE_DLL (vssapidll); + FREE_DLL (hvsstracedll); + FREE_DLL (hCryptSpDll); + FREE_DLL (hcfgmgr32dll); + FREE_DLL (hdevobjdll); + FREE_DLL (hpowrprofdll); + FREE_DLL (hsspiclidll); + FREE_DLL (hcryptbasedll); + FREE_DLL (hdwmapidll); + FREE_DLL (hmsasn1dll); + FREE_DLL (hcrypt32dll); + FREE_DLL (hbcryptdll); + FREE_DLL (hbcryptprimitivesdll); + FREE_DLL (hMsls31); + FREE_DLL (hntmartadll); + FREE_DLL (hwinscarddll); + + // Note that this function also causes localcleanup() to be called (see atexit()) + exit (1); +} + + +#pragma warning(push) +#pragma warning(disable:4702) + +void *err_malloc (size_t size) +{ + void *z = (void *) TCalloc (size); + if (z) + return z; + AbortProcess ("OUTOFMEMORY"); + return 0; +} + +#pragma warning(pop) + + +char *err_strdup (char *lpszText) +{ + size_t j = (strlen (lpszText) + 1) * sizeof (char); + char *z = (char *) err_malloc (j); + memmove (z, lpszText, j); + return z; +} + + +BOOL IsDiskReadError (DWORD error) +{ + return (error == ERROR_CRC + || error == ERROR_IO_DEVICE + || error == ERROR_BAD_CLUSTERS + || error == ERROR_SECTOR_NOT_FOUND + || error == ERROR_READ_FAULT + || error == ERROR_INVALID_FUNCTION // I/O error may be reported as ERROR_INVALID_FUNCTION by buggy chipset drivers + || error == ERROR_SEM_TIMEOUT); // I/O operation timeout may be reported as ERROR_SEM_TIMEOUT +} + + +BOOL IsDiskWriteError (DWORD error) +{ + return (error == ERROR_IO_DEVICE + || error == ERROR_BAD_CLUSTERS + || error == ERROR_SECTOR_NOT_FOUND + || error == ERROR_WRITE_FAULT + || error == ERROR_INVALID_FUNCTION // I/O error may be reported as ERROR_INVALID_FUNCTION by buggy chipset drivers + || error == ERROR_SEM_TIMEOUT); // I/O operation timeout may be reported as ERROR_SEM_TIMEOUT +} + + +BOOL IsDiskError (DWORD error) +{ + return IsDiskReadError (error) || IsDiskWriteError (error); +} + + +DWORD handleWin32Error (HWND hwndDlg, const char* srcPos) +{ + PWSTR lpMsgBuf; + DWORD dwError = GetLastError (); + wchar_t szErrorValue[32]; + wchar_t* pszDesc; + + if (Silent || dwError == 0 || dwError == ERROR_INVALID_WINDOW_HANDLE) + return dwError; + + // Access denied + if (dwError == ERROR_ACCESS_DENIED && !IsAdmin ()) + { + ErrorDirect ( AppendSrcPos (GetString ("ERR_ACCESS_DENIED"), srcPos).c_str (), hwndDlg); + SetLastError (dwError); // Preserve the original error code + return dwError; + } + + FormatMessageW ( + FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, + NULL, + dwError, + MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT), /* Default language */ + (PWSTR) &lpMsgBuf, + 0, + NULL + ); + + if (lpMsgBuf) + pszDesc = (wchar_t*) lpMsgBuf; + else + { + StringCchPrintfW (szErrorValue, ARRAYSIZE (szErrorValue), L"Error 0x%.8X", dwError); + pszDesc = szErrorValue; + } + + MessageBoxW (hwndDlg, AppendSrcPos (pszDesc, srcPos).c_str (), lpszTitle, ICON_HAND); + if (lpMsgBuf) LocalFree (lpMsgBuf); + + // User-friendly hardware error explanation + if (IsDiskError (dwError)) + Error ("ERR_HARDWARE_ERROR", hwndDlg); + + // Device not ready + if (dwError == ERROR_NOT_READY) + HandleDriveNotReadyError(hwndDlg); + + SetLastError (dwError); // Preserve the original error code + + return dwError; +} + +BOOL translateWin32Error (wchar_t *lpszMsgBuf, int nWSizeOfBuf) +{ + DWORD dwError = GetLastError (); + + if (FormatMessageW (FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, dwError, + MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT), /* Default language */ + lpszMsgBuf, nWSizeOfBuf, NULL)) + { + SetLastError (dwError); // Preserve the original error code + return TRUE; + } + + SetLastError (dwError); // Preserve the original error code + return FALSE; +} + +// If the user has a non-default screen DPI, all absolute font sizes must be +// converted using this function. +int CompensateDPIFont (int val) +{ + if (ScreenDPI == USER_DEFAULT_SCREEN_DPI) + return val; + else + { + double tmpVal = (double) val * DPIScaleFactorY * DlgAspectRatio * 0.999; + + if (tmpVal > 0) + return (int) floor(tmpVal); + else + return (int) ceil(tmpVal); + } +} + + +// If the user has a non-default screen DPI, some screen coordinates and sizes must +// be converted using this function +int CompensateXDPI (int val) +{ + if (ScreenDPI == USER_DEFAULT_SCREEN_DPI) + return val; + else + { + double tmpVal = (double) val * DPIScaleFactorX; + + if (tmpVal > 0) + return (int) floor(tmpVal); + else + return (int) ceil(tmpVal); + } +} + + +// If the user has a non-default screen DPI, some screen coordinates and sizes must +// be converted using this function +int CompensateYDPI (int val) +{ + if (ScreenDPI == USER_DEFAULT_SCREEN_DPI) + return val; + else + { + double tmpVal = (double) val * DPIScaleFactorY; + + if (tmpVal > 0) + return (int) floor(tmpVal); + else + return (int) ceil(tmpVal); + } +} + + +int GetTextGfxWidth (HWND hwndDlgItem, const wchar_t *text, HFONT hFont) +{ + SIZE sizes; + TEXTMETRIC textMetrics; + HDC hdc = GetDC (hwndDlgItem); + + SelectObject(hdc, (HGDIOBJ) hFont); + + GetTextExtentPoint32W (hdc, text, (int) wcslen (text), &sizes); + + GetTextMetrics(hdc, &textMetrics); // Necessary for non-TrueType raster fonts (tmOverhang) + + ReleaseDC (hwndDlgItem, hdc); + + return ((int) sizes.cx - (int) textMetrics.tmOverhang); +} + + +int GetTextGfxHeight (HWND hwndDlgItem, const wchar_t *text, HFONT hFont) +{ + SIZE sizes; + HDC hdc = GetDC (hwndDlgItem); + + SelectObject(hdc, (HGDIOBJ) hFont); + + GetTextExtentPoint32W (hdc, text, (int) wcslen (text), &sizes); + + ReleaseDC (hwndDlgItem, hdc); + + return ((int) sizes.cy); +} + + +std::wstring FitPathInGfxWidth (HWND hwnd, HFONT hFont, LONG width, const std::wstring &path) +{ + wstring newPath; + + RECT rect; + rect.left = 0; + rect.top = 0; + rect.right = width; + rect.bottom = LONG_MAX; + + HDC hdc = GetDC (hwnd); + SelectObject (hdc, (HGDIOBJ) hFont); + + wchar_t pathBuf[TC_MAX_PATH]; + StringCchCopyW (pathBuf, ARRAYSIZE (pathBuf), path.c_str()); + + if (DrawText (hdc, pathBuf, (int) path.size(), &rect, DT_CALCRECT | DT_MODIFYSTRING | DT_PATH_ELLIPSIS | DT_SINGLELINE) != 0) + newPath = pathBuf; + + ReleaseDC (hwnd, hdc); + return newPath; +} + + +static LRESULT CALLBACK HyperlinkProc (HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam) +{ + WNDPROC wp = (WNDPROC) GetWindowLongPtrW (hwnd, GWLP_USERDATA); + + switch (message) + { + case WM_SETCURSOR: + if (!bHyperLinkBeingTracked) + { + TRACKMOUSEEVENT trackMouseEvent; + + trackMouseEvent.cbSize = sizeof(trackMouseEvent); + trackMouseEvent.dwFlags = TME_LEAVE; + trackMouseEvent.hwndTrack = hwnd; + + bHyperLinkBeingTracked = TrackMouseEvent(&trackMouseEvent); + + HandCursor(); + } + return 0; + + case WM_MOUSELEAVE: + bHyperLinkBeingTracked = FALSE; + NormalCursor(); + return 0; + } + + return CallWindowProcW (wp, hwnd, message, wParam, lParam); +} + + +BOOL ToHyperlink (HWND hwndDlg, UINT ctrlId) +{ + return ToCustHyperlink (hwndDlg, ctrlId, hUserUnderlineFont); +} + + +BOOL ToCustHyperlink (HWND hwndDlg, UINT ctrlId, HFONT hFont) +{ + HWND hwndCtrl = GetDlgItem (hwndDlg, ctrlId); + + SendMessageW (hwndCtrl, WM_SETFONT, (WPARAM) hFont, 0); + + SetWindowLongPtrW (hwndCtrl, GWLP_USERDATA, (LONG_PTR) GetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC)); + SetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC, (LONG_PTR) HyperlinkProc); + + // Resize the field according to its actual size in pixels and move it if centered or right-aligned. + // This should be done again if the link text changes. + AccommodateTextField (hwndDlg, ctrlId, TRUE, hFont); + + return TRUE; +} + + +// Resizes a text field according to its actual width and height in pixels (font size is taken into account) and moves +// it accordingly if the field is centered or right-aligned. Should be used on all hyperlinks upon dialog init +// after localization (bFirstUpdate should be TRUE) and later whenever a hyperlink text changes (bFirstUpdate +// must be FALSE). +void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT hFont) +{ + RECT rec, wrec, trec; + HWND hwndCtrl = GetDlgItem (hwndDlg, ctrlId); + int width, origWidth, height, origHeight; + int horizSubOffset, vertSubOffset, vertOffset, alignPosDiff = 0; + wchar_t text [MAX_URL_LENGTH]; + WINDOWINFO windowInfo; + BOOL bBorderlessWindow = !(GetWindowLongPtrW (hwndDlg, GWL_STYLE) & (WS_BORDER | WS_DLGFRAME)); + + // Resize the field according to its length and font size and move if centered or right-aligned + + GetWindowTextW (hwndCtrl, text, sizeof (text) / sizeof (wchar_t)); + + width = GetTextGfxWidth (hwndCtrl, text, hFont); + height = GetTextGfxHeight (hwndCtrl, text, hFont); + + GetClientRect (hwndCtrl, &rec); + origWidth = rec.right; + origHeight = rec.bottom; + + if (width >= 0 + && (!bFirstUpdate || origWidth > width)) // The original width of the field is the maximum allowed size + { + horizSubOffset = origWidth - width; + vertSubOffset = origHeight - height; + + // Window coords + GetWindowRect(hwndDlg, &wrec); + GetClientRect(hwndDlg, &trec); + + // Vertical "title bar" offset + vertOffset = wrec.bottom - wrec.top - trec.bottom - (bBorderlessWindow ? 0 : GetSystemMetrics(SM_CYFIXEDFRAME)); + + // Text field coords + GetWindowRect(hwndCtrl, &rec); + + // Alignment offset + windowInfo.cbSize = sizeof(windowInfo); + GetWindowInfo (hwndCtrl, &windowInfo); + + if (windowInfo.dwStyle & SS_CENTER) + alignPosDiff = horizSubOffset / 2; + else if (windowInfo.dwStyle & SS_RIGHT) + alignPosDiff = horizSubOffset; + + // Resize/move + if (alignPosDiff > 0) + { + // Resize and move the text field + MoveWindow (hwndCtrl, + rec.left - wrec.left - (bBorderlessWindow ? 0 : GetSystemMetrics(SM_CXFIXEDFRAME)) + alignPosDiff, + rec.top - wrec.top - vertOffset, + origWidth - horizSubOffset, + origHeight - vertSubOffset, + TRUE); + } + else + { + // Resize the text field + SetWindowPos (hwndCtrl, 0, 0, 0, + origWidth - horizSubOffset, + origHeight - vertSubOffset, + SWP_NOMOVE | SWP_NOZORDER); + } + + SetWindowPos (hwndCtrl, HWND_BOTTOM, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); + + InvalidateRect (hwndCtrl, NULL, TRUE); + } +} + +// Note that the user can still close the window by right-clicking its taskbar icon and selecting 'Close window', or by pressing Alt-F4, or using the Task Manager. +void DisableCloseButton (HWND hwndDlg) +{ + EnableMenuItem (GetSystemMenu (hwndDlg, FALSE), SC_CLOSE, MF_BYCOMMAND | MF_DISABLED | MF_GRAYED); +} + + +void EnableCloseButton (HWND hwndDlg) +{ + EnableMenuItem (GetSystemMenu (hwndDlg, FALSE), SC_CLOSE, MF_BYCOMMAND | MF_ENABLED); +} + +// Protects an input field from having its content updated by a Paste action (call ToBootPwdField() to use this). +static LRESULT CALLBACK BootPwdFieldProc (HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam) +{ + WNDPROC wp = (WNDPROC) GetWindowLongPtrW (hwnd, GWLP_USERDATA); + + switch (message) + { + case WM_PASTE: + return 1; + } + + return CallWindowProcW (wp, hwnd, message, wParam, lParam); +} + + +// Protects an input field from having its content updated by a Paste action. Used for pre-boot password +// input fields (only the US keyboard layout is supported in pre-boot environment so we must prevent the +// user from pasting a password typed using a non-US keyboard layout). +void ToBootPwdField (HWND hwndDlg, UINT ctrlId) +{ + HWND hwndCtrl = GetDlgItem (hwndDlg, ctrlId); + + SetWindowLongPtrW (hwndCtrl, GWLP_USERDATA, (LONG_PTR) GetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC)); + SetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC, (LONG_PTR) BootPwdFieldProc); +} + + + +// This function currently serves the following purposes: +// - Determines scaling factors for current screen DPI and GUI aspect ratio. +// - Determines how Windows skews the GUI aspect ratio (which happens when the user has a non-default DPI). +// The determined values must be used when performing some GUI operations and calculations. +BOOL CALLBACK AuxiliaryDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + switch (msg) + { + case WM_INITDIALOG: + { + HDC hDC = GetDC (hwndDlg); + + if (hDC) + { + ScreenDPI = GetDeviceCaps (hDC, LOGPIXELSY); + ReleaseDC (hwndDlg, hDC); + } + + DPIScaleFactorX = 1; + DPIScaleFactorY = 1; + DlgAspectRatio = 1; + + if (ScreenDPI != USER_DEFAULT_SCREEN_DPI) + { + // Windows skews the GUI aspect ratio if the user has a non-default DPI. Hence, working with + // actual screen DPI is redundant and leads to incorrect results. What really matters here is + // how Windows actually renders our GUI. This is determined by comparing the expected and current + // sizes of a hidden calibration text field. + + RECT trec; + + trec.right = 0; + trec.bottom = 0; + + GetClientRect (GetDlgItem (hwndDlg, IDC_ASPECT_RATIO_CALIBRATION_BOX), &trec); + + if (trec.right != 0 && trec.bottom != 0) + { + // The size of the 282x282 IDC_ASPECT_RATIO_CALIBRATION_BOX rendered at the default DPI (96) is 423x458 + DPIScaleFactorX = (double) trec.right / 423; + DPIScaleFactorY = (double) trec.bottom / 458; + DlgAspectRatio = DPIScaleFactorX / DPIScaleFactorY; + } + } + + EndDialog (hwndDlg, 0); + return 1; + } + + case WM_CLOSE: + EndDialog (hwndDlg, 0); + return 1; + } + + return 0; +} + + +/* Except in response to the WM_INITDIALOG message, the dialog box procedure + should return nonzero if it processes the message, and zero if it does + not. - see DialogProc */ +BOOL CALLBACK AboutDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + static HBITMAP hbmTextualLogoBitmapRescaled = NULL; + + switch (msg) + { + case WM_INITDIALOG: + { + wchar_t szTmp[100]; + RECT rec; + + LocalizeDialog (hwndDlg, "IDD_ABOUT_DLG"); + + // Hyperlink + SetWindowText (GetDlgItem (hwndDlg, IDC_HOMEPAGE), L"www.idrix.fr"); + ToHyperlink (hwndDlg, IDC_HOMEPAGE); + + // Logo area background (must not keep aspect ratio; must retain Windows-imposed distortion) + GetClientRect (GetDlgItem (hwndDlg, IDC_ABOUT_LOGO_AREA), &rec); + SetWindowPos (GetDlgItem (hwndDlg, IDC_ABOUT_BKG), HWND_TOP, 0, 0, rec.right, rec.bottom, SWP_NOMOVE); + + // Resize the logo bitmap if the user has a non-default DPI + if (ScreenDPI != USER_DEFAULT_SCREEN_DPI) + { + // Logo (must recreate and keep the original aspect ratio as Windows distorts it) + hbmTextualLogoBitmapRescaled = RenderBitmap (MAKEINTRESOURCE (IDB_TEXTUAL_LOGO_288DPI), + GetDlgItem (hwndDlg, IDC_TEXTUAL_LOGO_IMG), + 0, 0, 0, 0, FALSE, TRUE); + + SetWindowPos (GetDlgItem (hwndDlg, IDC_ABOUT_BKG), HWND_TOP, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); + } + + // Version + SendMessage (GetDlgItem (hwndDlg, IDT_ABOUT_VERSION), WM_SETFONT, (WPARAM) hUserBoldFont, 0); + StringCbPrintfW (szTmp, sizeof(szTmp), L"VeraCrypt %s", _T(VERSION_STRING)); +#ifdef _WIN64 + StringCbCatW (szTmp, sizeof(szTmp), L" (64-bit)"); +#else + StringCbCatW (szTmp, sizeof(szTmp), L" (32-bit)"); +#endif +#if (defined(_DEBUG) || defined(DEBUG)) + StringCbCatW (szTmp, sizeof(szTmp), L" (debug)"); +#endif + SetDlgItemText (hwndDlg, IDT_ABOUT_VERSION, szTmp); + SetDlgItemText (hwndDlg, IDT_ABOUT_RELEASE, TC_STR_RELEASED_BY); + + // Credits + SendMessage (GetDlgItem (hwndDlg, IDC_ABOUT_CREDITS), WM_SETFONT, (WPARAM) hUserFont, (LPARAM) 0); + SendMessage (hwndDlg, WM_APP, 0, 0); + return 1; + } + + case WM_APP: + SetWindowText (GetDlgItem (hwndDlg, IDC_ABOUT_CREDITS), + L"Based on TrueCrypt 7.1a, freely available at http://www.truecrypt.org/ .\r\n\r\n" + + L"Portions of this software:\r\n" + L"Copyright \xA9 2013-2016 IDRIX. All rights reserved.\r\n" + L"Copyright \xA9 2003-2012 TrueCrypt Developers Association. All Rights Reserved.\r\n" + L"Copyright \xA9 1998-2000 Paul Le Roux. All Rights Reserved.\r\n" + L"Copyright \xA9 1998-2008 Brian Gladman. All Rights Reserved.\r\n" + L"Copyright \xA9 2002-2004 Mark Adler. All Rights Reserved.\r\n\r\n" + + L"This software as a whole:\r\n" + L"Copyright \xA9 2013-2016 IDRIX. All rights reserved.\r\n\r\n" + + L"An IDRIX Release"); + + return 1; + + case WM_COMMAND: + if (lw == IDOK || lw == IDCANCEL) + { + PostMessage (hwndDlg, WM_CLOSE, 0, 0); + return 1; + } + + if (lw == IDC_HOMEPAGE) + { + Applink ("main", TRUE, ""); + return 1; + } + + // Disallow modification of credits + if (HIWORD (wParam) == EN_UPDATE) + { + SendMessage (hwndDlg, WM_APP, 0, 0); + return 1; + } + + return 0; + + case WM_CLOSE: + /* Delete buffered bitmaps (if any) */ + if (hbmTextualLogoBitmapRescaled != NULL) + { + DeleteObject ((HGDIOBJ) hbmTextualLogoBitmapRescaled); + hbmTextualLogoBitmapRescaled = NULL; + } + + EndDialog (hwndDlg, 0); + return 1; + } + + return 0; +} + + +static HWND StaticModelessWaitDlgHandle = NULL; + +// Call DisplayStaticModelessWaitDlg() to open this dialog and CloseStaticModelessWaitDlg() to close it. +static BOOL CALLBACK StaticModelessWaitDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + LocalizeDialog (hwndDlg, NULL); + + return 0; + } + + case WM_COMMAND: + + if (lw == IDOK || lw == IDCANCEL) + return 1; + + return 0; + + + case WM_CLOSE: + StaticModelessWaitDlgHandle = NULL; + EndDialog (hwndDlg, 0); + return 1; + } + + return 0; +} + + +// Opens a dialog window saying "Please wait..." which is not modal and does not need any GUI refresh after initialization. +void DisplayStaticModelessWaitDlg (HWND parent) +{ + if (StaticModelessWaitDlgHandle != NULL) + return; // Already shown + + StaticModelessWaitDlgHandle = CreateDialogParamW (hInst, MAKEINTRESOURCEW (IDD_STATIC_MODELESS_WAIT_DLG), parent, (DLGPROC) StaticModelessWaitDlgProc, (LPARAM) 0); + + ShowWindow (StaticModelessWaitDlgHandle, SW_SHOWNORMAL); + + // Allow synchronous use with the GUI being instantly and fully rendered + ProcessPaintMessages (StaticModelessWaitDlgHandle, 500); +} + + +void CloseStaticModelessWaitDlg (void) +{ + if (StaticModelessWaitDlgHandle == NULL) + return; // Not shown + + DestroyWindow (StaticModelessWaitDlgHandle); +} + + +BOOL IsButtonChecked (HWND hButton) +{ + if (SendMessage (hButton, BM_GETCHECK, 0, 0) == BST_CHECKED) + return TRUE; + else + return FALSE; +} + + +void CheckButton (HWND hButton) +{ + SendMessage (hButton, BM_SETCHECK, BST_CHECKED, 0); +} + + +void LeftPadString (wchar_t *szTmp, int len, int targetLen, wchar_t filler) +{ + int i; + + if (targetLen <= len) + return; + + for (i = targetLen-1; i >= (targetLen-len); i--) + szTmp [i] = szTmp [i-(targetLen-len)]; + + wmemset (szTmp, filler, targetLen-len); + szTmp [targetLen] = 0; +} + +/* InitDialog - initialize the applications main dialog, this function should + be called only once in the dialogs WM_INITDIALOG message handler */ +void InitDialog (HWND hwndDlg) +{ + NONCLIENTMETRICSW metric; + static BOOL aboutMenuAppended = FALSE; + + int nHeight; + LOGFONTW lf; + HMENU hMenu; + Font *font; + + /* Fonts */ + + memset (&lf, 0, sizeof(lf)); + + // Normal + font = GetFont ("font_normal"); + + metric.cbSize = sizeof (metric); + SystemParametersInfoW (SPI_GETNONCLIENTMETRICS, sizeof(metric), &metric, 0); + + WindowTitleBarFont = CreateFontIndirectW (&metric.lfCaptionFont); + + metric.lfMessageFont.lfHeight = CompensateDPIFont (!font ? -11 : -font->Size); + metric.lfMessageFont.lfWidth = 0; + + if (font && wcscmp (font->FaceName, L"default") != 0) + { + StringCbCopyW ((WCHAR *)metric.lfMessageFont.lfFaceName, sizeof (metric.lfMessageFont.lfFaceName), font->FaceName); + } + else if (IsOSAtLeast (WIN_VISTA)) + { + // Vista's new default font (size and spacing) breaks compatibility with Windows 2k/XP applications. + // Force use of Tahoma (as Microsoft does in many dialogs) until a native Vista look is implemented. + StringCbCopyW ((WCHAR *)metric.lfMessageFont.lfFaceName, sizeof (metric.lfMessageFont.lfFaceName), L"Tahoma"); + } + + hUserFont = CreateFontIndirectW (&metric.lfMessageFont); + + metric.lfMessageFont.lfUnderline = TRUE; + hUserUnderlineFont = CreateFontIndirectW (&metric.lfMessageFont); + + metric.lfMessageFont.lfUnderline = FALSE; + metric.lfMessageFont.lfWeight = FW_BOLD; + hUserBoldFont = CreateFontIndirectW (&metric.lfMessageFont); + + metric.lfMessageFont.lfUnderline = TRUE; + metric.lfMessageFont.lfWeight = FW_BOLD; + hUserUnderlineBoldFont = CreateFontIndirectW (&metric.lfMessageFont); + + // Fixed-size (hexadecimal digits) + nHeight = CompensateDPIFont (-12); + lf.lfHeight = nHeight; + lf.lfWidth = 0; + lf.lfEscapement = 0; + lf.lfOrientation = 0; + lf.lfWeight = FW_NORMAL; + lf.lfItalic = FALSE; + lf.lfUnderline = FALSE; + lf.lfStrikeOut = FALSE; + lf.lfCharSet = DEFAULT_CHARSET; + lf.lfOutPrecision = OUT_DEFAULT_PRECIS; + lf.lfClipPrecision = CLIP_DEFAULT_PRECIS; + lf.lfQuality = PROOF_QUALITY; + lf.lfPitchAndFamily = FF_DONTCARE; + StringCbCopyW (lf.lfFaceName, sizeof(lf.lfFaceName), L"Courier New"); + hFixedDigitFont = CreateFontIndirectW (&lf); + if (hFixedDigitFont == NULL) + { + handleWin32Error (hwndDlg, SRC_POS); + AbortProcess ("NOFONT"); + } + + // Bold + font = GetFont ("font_bold"); + + nHeight = CompensateDPIFont (!font ? -13 : -font->Size); + lf.lfHeight = nHeight; + lf.lfWeight = FW_BLACK; + StringCbCopyW (lf.lfFaceName, sizeof(lf.lfFaceName), !font ? L"Arial" : font->FaceName); + hBoldFont = CreateFontIndirectW (&lf); + if (hBoldFont == NULL) + { + handleWin32Error (hwndDlg, SRC_POS); + AbortProcess ("NOFONT"); + } + + // Title + font = GetFont ("font_title"); + + nHeight = CompensateDPIFont (!font ? -21 : -font->Size); + lf.lfHeight = nHeight; + lf.lfWeight = FW_REGULAR; + StringCbCopyW (lf.lfFaceName, sizeof(lf.lfFaceName),!font ? L"Times New Roman" : font->FaceName); + hTitleFont = CreateFontIndirectW (&lf); + if (hTitleFont == NULL) + { + handleWin32Error (hwndDlg, SRC_POS); + AbortProcess ("NOFONT"); + } + + // Fixed-size + font = GetFont ("font_fixed"); + + nHeight = CompensateDPIFont (!font ? -12 : -font->Size); + lf.lfHeight = nHeight; + lf.lfWidth = 0; + lf.lfEscapement = 0; + lf.lfOrientation = 0; + lf.lfWeight = FW_NORMAL; + lf.lfItalic = FALSE; + lf.lfUnderline = FALSE; + lf.lfStrikeOut = FALSE; + lf.lfCharSet = DEFAULT_CHARSET; + lf.lfOutPrecision = OUT_DEFAULT_PRECIS; + lf.lfClipPrecision = CLIP_DEFAULT_PRECIS; + lf.lfQuality = PROOF_QUALITY; + lf.lfPitchAndFamily = FF_DONTCARE; + StringCbCopyW (lf.lfFaceName, sizeof(lf.lfFaceName),!font ? L"Lucida Console" : font->FaceName); + hFixedFont = CreateFontIndirectW (&lf); + if (hFixedFont == NULL) + { + handleWin32Error (hwndDlg, SRC_POS); + AbortProcess ("NOFONT"); + } + + if (!aboutMenuAppended) + { + hMenu = GetSystemMenu (hwndDlg, FALSE); + AppendMenu (hMenu, MF_SEPARATOR, 0, L""); + AppendMenuW (hMenu, MF_ENABLED | MF_STRING, IDC_ABOUT, GetString ("ABOUTBOX")); + + aboutMenuAppended = TRUE; + } +} + + +// The parameter maxMessagesToProcess prevents endless processing of paint messages +void ProcessPaintMessages (HWND hwnd, int maxMessagesToProcess) +{ + MSG paintMsg; + int msgCounter = maxMessagesToProcess; + + while (PeekMessageW (&paintMsg, hwnd, 0, 0, PM_REMOVE | PM_QS_PAINT) != 0 && msgCounter-- > 0) + { + DispatchMessageW (&paintMsg); + } +} + + +HDC CreateMemBitmap (HINSTANCE hInstance, HWND hwnd, wchar_t *resource) +{ + HBITMAP picture = LoadBitmap (hInstance, resource); + HDC viewDC = GetDC (hwnd), dcMem; + + dcMem = CreateCompatibleDC (viewDC); + + SetMapMode (dcMem, MM_TEXT); + + SelectObject (dcMem, picture); + + DeleteObject (picture); + + ReleaseDC (hwnd, viewDC); + + return dcMem; +} + + +/* Renders the specified bitmap at the specified location and stretches it to fit (anti-aliasing is applied). +If bDirectRender is FALSE and both nWidth and nHeight are zero, the width and height of hwndDest are +retrieved and adjusted according to screen DPI (the width and height of the resultant image are adjusted the +same way); furthermore, if bKeepAspectRatio is TRUE, the smaller DPI factor of the two (i.e. horiz. or vert.) +is used both for horiz. and vert. scaling (note that the overall GUI aspect ratio changes irregularly in +both directions depending on the DPI). If bDirectRender is TRUE, bKeepAspectRatio is ignored. +This function returns a handle to the scaled bitmap. When the bitmap is no longer needed, it should be +deleted by calling DeleteObject() with the handle passed as the parameter. +Known Windows issues: +- For some reason, anti-aliasing is not applied if the source bitmap contains less than 16K pixels. +- Windows 2000 may produce slightly inaccurate colors even when source, buffer, and target are 24-bit true color. */ +HBITMAP RenderBitmap (wchar_t *resource, HWND hwndDest, int x, int y, int nWidth, int nHeight, BOOL bDirectRender, BOOL bKeepAspectRatio) +{ + LRESULT lResult = 0; + + HDC hdcSrc = CreateMemBitmap (hInst, hwndDest, resource); + if (!hdcSrc) + return NULL; + + HGDIOBJ picture = GetCurrentObject (hdcSrc, OBJ_BITMAP); + + HBITMAP hbmpRescaled = NULL; + BITMAP bitmap; + + HDC hdcRescaled; + + if (!bDirectRender && nWidth == 0 && nHeight == 0) + { + RECT rec; + + GetClientRect (hwndDest, &rec); + + if (bKeepAspectRatio) + { + if (DlgAspectRatio > 1) + { + // Do not fix this, it's correct. We use the Y scale factor intentionally for both + // directions to maintain aspect ratio (see above for more info). + nWidth = CompensateYDPI (rec.right); + nHeight = CompensateYDPI (rec.bottom); + } + else + { + // Do not fix this, it's correct. We use the X scale factor intentionally for both + // directions to maintain aspect ratio (see above for more info). + nWidth = CompensateXDPI (rec.right); + nHeight = CompensateXDPI (rec.bottom); + } + } + else + { + nWidth = CompensateXDPI (rec.right); + nHeight = CompensateYDPI (rec.bottom); + } + } + + GetObject (picture, sizeof (BITMAP), &bitmap); + + hdcRescaled = CreateCompatibleDC (hdcSrc); + + if (hdcRescaled) + { + hbmpRescaled = CreateCompatibleBitmap (hdcSrc, nWidth, nHeight); + + SelectObject (hdcRescaled, hbmpRescaled); + + /* Anti-aliasing mode (HALFTONE is the only anti-aliasing algorithm natively supported by Windows 2000. + TODO: GDI+ offers higher quality -- InterpolationModeHighQualityBicubic) */ + SetStretchBltMode (hdcRescaled, HALFTONE); + + StretchBlt (hdcRescaled, + 0, + 0, + nWidth, + nHeight, + hdcSrc, + 0, + 0, + bitmap.bmWidth, + bitmap.bmHeight, + SRCCOPY); + + DeleteDC (hdcSrc); + + if (bDirectRender) + { + HDC hdcDest = GetDC (hwndDest); + if (hdcDest) + { + BitBlt (hdcDest, x, y, nWidth, nHeight, hdcRescaled, 0, 0, SRCCOPY); + ReleaseDC (hwndDest, hdcDest); + } + } + else + { + lResult = SendMessage (hwndDest, (UINT) STM_SETIMAGE, (WPARAM) IMAGE_BITMAP, (LPARAM) (HANDLE) hbmpRescaled); + } + + if ((HGDIOBJ) lResult != NULL && (HGDIOBJ) lResult != (HGDIOBJ) hbmpRescaled) + DeleteObject ((HGDIOBJ) lResult); + + DeleteDC (hdcRescaled); + } + + return hbmpRescaled; +} + + +LRESULT CALLBACK +RedTick (HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam) +{ + if (uMsg == WM_CREATE) + { + } + else if (uMsg == WM_DESTROY) + { + } + else if (uMsg == WM_TIMER) + { + } + else if (uMsg == WM_PAINT) + { + PAINTSTRUCT tmp; + HPEN hPen; + HDC hDC; + BOOL bEndPaint; + RECT Rect; + + if (GetUpdateRect (hwnd, NULL, FALSE)) + { + hDC = BeginPaint (hwnd, &tmp); + bEndPaint = TRUE; + if (hDC == NULL) + return DefWindowProcW (hwnd, uMsg, wParam, lParam); + } + else + { + hDC = GetDC (hwnd); + bEndPaint = FALSE; + } + + GetClientRect (hwnd, &Rect); + + hPen = CreatePen (PS_SOLID, 2, RGB (0, 255, 0)); + if (hPen != NULL) + { + HGDIOBJ hObj = SelectObject (hDC, hPen); + WORD bx = LOWORD (GetDialogBaseUnits ()); + WORD by = HIWORD (GetDialogBaseUnits ()); + + MoveToEx (hDC, (Rect.right - Rect.left) / 2, Rect.bottom, NULL); + LineTo (hDC, Rect.right, Rect.top); + MoveToEx (hDC, (Rect.right - Rect.left) / 2, Rect.bottom, NULL); + + LineTo (hDC, (3 * bx) / 4, (2 * by) / 8); + + SelectObject (hDC, hObj); + DeleteObject (hPen); + } + + if (bEndPaint) + EndPaint (hwnd, &tmp); + else + ReleaseDC (hwnd, hDC); + + return TRUE; + } + + return DefWindowProcW (hwnd, uMsg, wParam, lParam); +} + +BOOL +RegisterRedTick (HINSTANCE hInstance) +{ + WNDCLASSW wc; + ULONG rc; + + memset(&wc, 0 , sizeof wc); + + wc.style = CS_HREDRAW | CS_VREDRAW; + wc.cbClsExtra = 0; + wc.cbWndExtra = 4; + wc.hInstance = hInstance; + wc.hIcon = LoadIcon (NULL, IDI_APPLICATION); + wc.hCursor = NULL; + wc.hbrBackground = (HBRUSH) GetStockObject (LTGRAY_BRUSH); + wc.lpszClassName = L"VCREDTICK"; + wc.lpfnWndProc = &RedTick; + + rc = (ULONG) RegisterClassW (&wc); + + return rc == 0 ? FALSE : TRUE; +} + +BOOL +UnregisterRedTick (HINSTANCE hInstance) +{ + return UnregisterClassW (L"VCREDTICK", hInstance); +} + +LRESULT CALLBACK +SplashDlgProc (HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam) +{ + return DefDlgProcW (hwnd, uMsg, wParam, lParam); +} + +static int g_waitCursorCounter = 0; + +void +WaitCursor () +{ + static HCURSOR hcWait; + if (hcWait == NULL) + hcWait = LoadCursor (NULL, IDC_WAIT); + + if ((g_waitCursorCounter == 0) || (hCursor != hcWait)) + { + SetCursor (hcWait); + hCursor = hcWait; + } + g_waitCursorCounter++; +} + +void +NormalCursor () +{ + static HCURSOR hcArrow; + if (hcArrow == NULL) + hcArrow = LoadCursor (NULL, IDC_ARROW); + if (g_waitCursorCounter > 0) + g_waitCursorCounter--; + if (g_waitCursorCounter == 0) + { + SetCursor (hcArrow); + hCursor = NULL; + } +} + +void +ArrowWaitCursor () +{ + static HCURSOR hcArrowWait; + if (hcArrowWait == NULL) + hcArrowWait = LoadCursor (NULL, IDC_APPSTARTING); + if ((g_waitCursorCounter == 0) || (hCursor != hcArrowWait)) + { + SetCursor (hcArrowWait); + hCursor = hcArrowWait; + } + g_waitCursorCounter++; +} + +void HandCursor () +{ + static HCURSOR hcHand; + if (hcHand == NULL) + hcHand = LoadCursor (NULL, IDC_HAND); + SetCursor (hcHand); + hCursor = hcHand; +} + +void +AddComboPair (HWND hComboBox, const wchar_t *lpszItem, int value) +{ + LPARAM nIndex; + + nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) lpszItem); + nIndex = SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) value); +} + +void +SelectAlgo (HWND hComboBox, int *algo_id) +{ + LPARAM nCount = SendMessage (hComboBox, CB_GETCOUNT, 0, 0); + LPARAM x, i; + + for (i = 0; i < nCount; i++) + { + x = SendMessage (hComboBox, CB_GETITEMDATA, i, 0); + if (x == (LPARAM) *algo_id) + { + SendMessage (hComboBox, CB_SETCURSEL, i, 0); + return; + } + } + + /* Something went wrong ; couldn't find the requested algo id so we drop + back to a default */ + + *algo_id = (int) SendMessage (hComboBox, CB_GETITEMDATA, 0, 0); + + SendMessage (hComboBox, CB_SETCURSEL, 0, 0); + +} + +void PopulateWipeModeCombo (HWND hComboBox, BOOL bNA, BOOL bInPlaceEncryption, BOOL bHeaderWipe) +{ + if (bNA) + { + AddComboPair (hComboBox, GetString ("NOT_APPLICABLE_OR_NOT_AVAILABLE"), TC_WIPE_NONE); + } + else + { + if (!bHeaderWipe) + { + AddComboPair (hComboBox, GetString ("WIPE_MODE_NONE"), TC_WIPE_NONE); + } + + AddComboPair (hComboBox, GetString ("WIPE_MODE_1_RAND"), TC_WIPE_1_RAND); + AddComboPair (hComboBox, GetString ("WIPE_MODE_3_DOD_5220"), TC_WIPE_3_DOD_5220); + AddComboPair (hComboBox, GetString ("WIPE_MODE_7_DOD_5220"), TC_WIPE_7_DOD_5220); + AddComboPair (hComboBox, GetString ("WIPE_MODE_35_GUTMANN"), TC_WIPE_35_GUTMANN); + + if (bHeaderWipe) + AddComboPair (hComboBox, GetString ("WIPE_MODE_256"), TC_WIPE_256); // paranoid wipe for volume header + } +} + +wchar_t *GetWipeModeName (WipeAlgorithmId modeId) +{ + switch (modeId) + { + case TC_WIPE_NONE: + return GetString ("WIPE_MODE_NONE"); + + case TC_WIPE_1_RAND: + return GetString ("WIPE_MODE_1_RAND"); + + case TC_WIPE_3_DOD_5220: + return GetString ("WIPE_MODE_3_DOD_5220"); + + case TC_WIPE_7_DOD_5220: + return GetString ("WIPE_MODE_7_DOD_5220"); + + case TC_WIPE_35_GUTMANN: + return GetString ("WIPE_MODE_35_GUTMANN"); + + case TC_WIPE_256: + return GetString ("WIPE_MODE_256"); + + default: + return GetString ("NOT_APPLICABLE_OR_NOT_AVAILABLE"); + } +} + +wchar_t *GetPathType (const wchar_t *path, BOOL bUpperCase, BOOL *bIsPartition) +{ + if (wcsstr (path, L"Partition") + && wcsstr (path, L"Partition0") == NULL) + { + *bIsPartition = TRUE; + return GetString (bUpperCase ? "PARTITION_UPPER_CASE" : "PARTITION_LOWER_CASE"); + } + else if (wcsstr (path, L"HarddiskVolume")) + { + *bIsPartition = TRUE; + return GetString (bUpperCase ? "VOLUME_UPPER_CASE" : "VOLUME_LOWER_CASE"); + } + + *bIsPartition = FALSE; + return GetString (bUpperCase ? "DEVICE_UPPER_CASE" : "DEVICE_LOWER_CASE"); +} + +LRESULT CALLBACK CustomDlgProc (HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam) +{ + if (uMsg == WM_SETCURSOR && hCursor != NULL) + { + SetCursor (hCursor); + return TRUE; + } + + return DefDlgProcW (hwnd, uMsg, wParam, lParam); +} + +/* +static BOOL IsReturnAddress (DWORD64 address) +{ + static size_t codeEnd = 0; + byte *sp = (byte *) address; + + if (codeEnd == 0) + { + MEMORY_BASIC_INFORMATION mi; + if (VirtualQuery ((LPCVOID) 0x401000, &mi, sizeof (mi)) >= sizeof (mi)) + codeEnd = (size_t) mi.BaseAddress + mi.RegionSize; + } + + if (address < 0x401000 + 8 || address > codeEnd) + return FALSE; + + return sp[-5] == 0xe8 // call ADDR + || (sp[-6] == 0xff && sp[-5] == 0x15) // call [ADDR] + || (sp[-2] == 0xff && (sp[-1] & 0xf0) == 0xd0); // call REG +} +*/ + +typedef struct +{ + EXCEPTION_POINTERS *ExceptionPointers; + HANDLE ExceptionThread; + +} ExceptionHandlerThreadArgs; + + +void ExceptionHandlerThread (void *threadArg) +{ + ExceptionHandlerThreadArgs *args = (ExceptionHandlerThreadArgs *) threadArg; + + EXCEPTION_POINTERS *ep = args->ExceptionPointers; + //DWORD addr; + DWORD exCode = ep->ExceptionRecord->ExceptionCode; + // SYSTEM_INFO si; + // wchar_t msg[8192]; + // char modPath[MAX_PATH]; + // int crc = 0; + // char url[MAX_URL_LENGTH]; + // char lpack[128]; + // stringstream callStack; + // addr = (DWORD) ep->ExceptionRecord->ExceptionAddress; + // PDWORD sp = (PDWORD) ep->ContextRecord->Esp; + // int frameNumber = 0; + + switch (exCode) + { + case STATUS_IN_PAGE_ERROR: + case 0xeedfade: + // Exception not caused by VeraCrypt + MessageBoxW (0, GetString ("EXCEPTION_REPORT_EXT"), + GetString ("EXCEPTION_REPORT_TITLE"), + MB_ICONERROR | MB_OK | MB_SETFOREGROUND | MB_TOPMOST); + return; + } + + // Call stack +/* HMODULE dbgDll = LoadLibrary ("dbghelp.dll"); + if (dbgDll) + { + typedef DWORD (__stdcall *SymGetOptions_t) (); + typedef DWORD (__stdcall *SymSetOptions_t) (DWORD SymOptions); + typedef BOOL (__stdcall *SymInitialize_t) (HANDLE hProcess, PCSTR UserSearchPath, BOOL fInvadeProcess); + typedef BOOL (__stdcall *StackWalk64_t) (DWORD MachineType, HANDLE hProcess, HANDLE hThread, LPSTACKFRAME64 StackFrame, PVOID ContextRecord, PREAD_PROCESS_MEMORY_ROUTINE64 ReadMemoryRoutine, PFUNCTION_TABLE_ACCESS_ROUTINE64 FunctionTableAccessRoutine, PGET_MODULE_BASE_ROUTINE64 GetModuleBaseRoutine, PTRANSLATE_ADDRESS_ROUTINE64 TranslateAddress); + typedef BOOL (__stdcall * SymFromAddr_t) (HANDLE hProcess, DWORD64 Address, PDWORD64 Displacement, PSYMBOL_INFO Symbol); + + SymGetOptions_t DbgHelpSymGetOptions = (SymGetOptions_t) GetProcAddress (dbgDll, "SymGetOptions"); + SymSetOptions_t DbgHelpSymSetOptions = (SymSetOptions_t) GetProcAddress (dbgDll, "SymSetOptions"); + SymInitialize_t DbgHelpSymInitialize = (SymInitialize_t) GetProcAddress (dbgDll, "SymInitialize"); + PFUNCTION_TABLE_ACCESS_ROUTINE64 DbgHelpSymFunctionTableAccess64 = (PFUNCTION_TABLE_ACCESS_ROUTINE64) GetProcAddress (dbgDll, "SymFunctionTableAccess64"); + PGET_MODULE_BASE_ROUTINE64 DbgHelpSymGetModuleBase64 = (PGET_MODULE_BASE_ROUTINE64) GetProcAddress (dbgDll, "SymGetModuleBase64"); + StackWalk64_t DbgHelpStackWalk64 = (StackWalk64_t) GetProcAddress (dbgDll, "StackWalk64"); + SymFromAddr_t DbgHelpSymFromAddr = (SymFromAddr_t) GetProcAddress (dbgDll, "SymFromAddr"); + + if (DbgHelpSymGetOptions && DbgHelpSymSetOptions && DbgHelpSymInitialize && DbgHelpSymFunctionTableAccess64 && DbgHelpSymGetModuleBase64 && DbgHelpStackWalk64 && DbgHelpSymFromAddr) + { + DbgHelpSymSetOptions (DbgHelpSymGetOptions() | SYMOPT_DEFERRED_LOADS | SYMOPT_ALLOW_ABSOLUTE_SYMBOLS | SYMOPT_NO_CPP); + + if (DbgHelpSymInitialize (GetCurrentProcess(), NULL, TRUE)) + { + STACKFRAME64 frame; + memset (&frame, 0, sizeof (frame)); + + frame.AddrPC.Offset = ep->ContextRecord->Eip; + frame.AddrPC.Mode = AddrModeFlat; + frame.AddrStack.Offset = ep->ContextRecord->Esp; + frame.AddrStack.Mode = AddrModeFlat; + frame.AddrFrame.Offset = ep->ContextRecord->Ebp; + frame.AddrFrame.Mode = AddrModeFlat; + + string lastSymbol; + + while (frameNumber < 32 && DbgHelpStackWalk64 (IMAGE_FILE_MACHINE_I386, GetCurrentProcess(), args->ExceptionThread, &frame, ep->ContextRecord, NULL, DbgHelpSymFunctionTableAccess64, DbgHelpSymGetModuleBase64, NULL)) + { + if (!frame.AddrPC.Offset) + continue; + + ULONG64 symbolBuffer[(sizeof (SYMBOL_INFO) + MAX_SYM_NAME * sizeof (TCHAR) + sizeof (ULONG64) - 1) / sizeof (ULONG64)]; + memset (symbolBuffer, 0, sizeof (symbolBuffer)); + + PSYMBOL_INFO symbol = (PSYMBOL_INFO) symbolBuffer; + symbol->SizeOfStruct = sizeof (SYMBOL_INFO); + symbol->MaxNameLen = MAX_SYM_NAME; + + if (DbgHelpSymFromAddr (GetCurrentProcess(), frame.AddrPC.Offset, NULL, symbol) && symbol->NameLen > 0) + { + for (size_t i = 0; i < symbol->NameLen; ++i) + { + if (!isalnum (symbol->Name[i])) + symbol->Name[i] = '_'; + } + + if (symbol->Name != lastSymbol) + callStack << "&st" << frameNumber++ << "=" << symbol->Name; + + lastSymbol = symbol->Name; + } + else if (frameNumber == 0 || IsReturnAddress (frame.AddrPC.Offset)) + { + callStack << "&st" << frameNumber++ << "=0x" << hex << frame.AddrPC.Offset << dec; + } + } + } + } + } + + // StackWalk64() may fail due to missing frame pointers + list retAddrs; + if (frameNumber == 0) + retAddrs.push_back (ep->ContextRecord->Eip); + + retAddrs.push_back (0); + + MEMORY_BASIC_INFORMATION mi; + VirtualQuery (sp, &mi, sizeof (mi)); + PDWORD stackTop = (PDWORD)((byte *) mi.BaseAddress + mi.RegionSize); + int i = 0; + + while (retAddrs.size() < 16 && &sp[i] < stackTop) + { + if (IsReturnAddress (sp[i])) + { + bool duplicate = false; + foreach (DWORD prevAddr, retAddrs) + { + if (sp[i] == prevAddr) + { + duplicate = true; + break; + } + } + + if (!duplicate) + retAddrs.push_back (sp[i]); + } + i++; + } + + if (retAddrs.size() > 1) + { + foreach (DWORD addr, retAddrs) + { + callStack << "&st" << frameNumber++ << "=0x" << hex << addr << dec; + } + } + + // Checksum of the module + if (GetModuleFileName (NULL, modPath, sizeof (modPath))) + { + HANDLE h = CreateFile (modPath, FILE_READ_DATA | FILE_READ_ATTRIBUTES, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + if (h != INVALID_HANDLE_VALUE) + { + BY_HANDLE_FILE_INFORMATION fi; + if (GetFileInformationByHandle (h, &fi)) + { + char *buf = (char *) malloc (fi.nFileSizeLow); + if (buf) + { + DWORD bytesRead; + if (ReadFile (h, buf, fi.nFileSizeLow, &bytesRead, NULL) && bytesRead == fi.nFileSizeLow) + crc = GetCrc32 ((unsigned char *) buf, fi.nFileSizeLow); + free (buf); + } + } + CloseHandle (h); + } + } + + GetSystemInfo (&si); + + if (LocalizationActive) + sprintf_s (lpack, sizeof (lpack), "&langpack=%s_%s", GetPreferredLangId (), GetActiveLangPackVersion ()); + else + lpack[0] = 0; + + + sprintf (url, TC_APPLINK_SECURE "&dest=err-report%s&os=%s&osver=%d.%d.%d&arch=%s&cpus=%d&app=%s&cksum=%x&dlg=%s&err=%x&addr=%x" + , lpack + , GetWindowsEdition().c_str() + , CurrentOSMajor + , CurrentOSMinor + , CurrentOSServicePack + , Is64BitOs () ? "x64" : "x86" + , si.dwNumberOfProcessors +#ifdef TCMOUNT + ,"main" +#endif +#ifdef VOLFORMAT + ,"format" +#endif +#ifdef SETUP + ,"setup" +#endif + , crc + , LastDialogId ? LastDialogId : "-" + , exCode + , addr); + + string urlStr = url + callStack.str(); + + _snwprintf (msg, array_capacity (msg), GetString ("EXCEPTION_REPORT"), urlStr.c_str()); + + if (IDYES == MessageBoxW (0, msg, GetString ("EXCEPTION_REPORT_TITLE"), MB_ICONERROR | MB_YESNO | MB_DEFBUTTON1)) + ShellExecute (NULL, "open", urlStr.c_str(), NULL, NULL, SW_SHOWNORMAL); + else */ + UnhandledExceptionFilter (ep); +} + + +LONG __stdcall ExceptionHandler (EXCEPTION_POINTERS *ep) +{ + SetUnhandledExceptionFilter (NULL); + + if (SystemFileSelectorCallPending && SystemFileSelectorCallerThreadId == GetCurrentThreadId()) + { + MessageBoxW (NULL, GetString ("EXCEPTION_REPORT_EXT_FILESEL"), GetString ("EXCEPTION_REPORT_TITLE"), MB_ICONERROR | MB_OK | MB_SETFOREGROUND | MB_TOPMOST); + + UnhandledExceptionFilter (ep); + return EXCEPTION_EXECUTE_HANDLER; + } + + ExceptionHandlerThreadArgs args; + args.ExceptionPointers = ep; + args.ExceptionThread = GetCurrentThread(); + + WaitForSingleObject ((HANDLE) _beginthread (ExceptionHandlerThread, 0, &args), INFINITE); + + return EXCEPTION_EXECUTE_HANDLER; +} + + +void InvalidParameterHandler (const wchar_t *expression, const wchar_t *function, const wchar_t *file, unsigned int line, uintptr_t reserved) +{ + TC_THROW_FATAL_EXCEPTION; +} + + +static LRESULT CALLBACK NonInstallUacWndProc (HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam) +{ + return DefWindowProcW (hWnd, message, wParam, lParam); +} + + +// Mutex handling to prevent multiple instances of the wizard or main app from dealing with system encryption. +// Returns TRUE if the mutex is (or had been) successfully acquired (otherwise FALSE). +BOOL CreateSysEncMutex (void) +{ + return TCCreateMutex (&hSysEncMutex, TC_MUTEX_NAME_SYSENC); +} + + +BOOL InstanceHasSysEncMutex (void) +{ + return (hSysEncMutex != NULL); +} + + +// Mutex handling to prevent multiple instances of the wizard from dealing with system encryption +void CloseSysEncMutex (void) +{ + TCCloseMutex (&hSysEncMutex); +} + + +// Returns TRUE if the mutex is (or had been) successfully acquired (otherwise FALSE). +BOOL CreateNonSysInplaceEncMutex (void) +{ + return TCCreateMutex (&hNonSysInplaceEncMutex, TC_MUTEX_NAME_NONSYS_INPLACE_ENC); +} + + +BOOL InstanceHasNonSysInplaceEncMutex (void) +{ + return (hNonSysInplaceEncMutex != NULL); +} + + +void CloseNonSysInplaceEncMutex (void) +{ + TCCloseMutex (&hNonSysInplaceEncMutex); +} + + +// Returns TRUE if another instance of the wizard is preparing, resuming or performing non-system in-place encryption +BOOL NonSysInplaceEncInProgressElsewhere (void) +{ + return (!InstanceHasNonSysInplaceEncMutex () + && MutexExistsOnSystem (TC_MUTEX_NAME_NONSYS_INPLACE_ENC)); +} + + +// Mutex handling to prevent multiple instances of the wizard or main app from trying to install +// or register the driver or from trying to launch it in portable mode at the same time. +// Returns TRUE if the mutex is (or had been) successfully acquired (otherwise FALSE). +BOOL CreateDriverSetupMutex (void) +{ + return TCCreateMutex (&hDriverSetupMutex, TC_MUTEX_NAME_DRIVER_SETUP); +} + + +void CloseDriverSetupMutex (void) +{ + TCCloseMutex (&hDriverSetupMutex); +} + + +BOOL CreateAppSetupMutex (void) +{ + return TCCreateMutex (&hAppSetupMutex, TC_MUTEX_NAME_APP_SETUP); +} + + +void CloseAppSetupMutex (void) +{ + TCCloseMutex (&hAppSetupMutex); +} + + +BOOL IsTrueCryptInstallerRunning (void) +{ + return (MutexExistsOnSystem (TC_MUTEX_NAME_APP_SETUP)); +} + + +// Returns TRUE if the mutex is (or had been) successfully acquired (otherwise FALSE). +BOOL TCCreateMutex (volatile HANDLE *hMutex, wchar_t *name) +{ + if (*hMutex != NULL) + return TRUE; // This instance already has the mutex + + *hMutex = CreateMutex (NULL, TRUE, name); + if (*hMutex == NULL) + { + // In multi-user configurations, the OS returns "Access is denied" here when a user attempts + // to acquire the mutex if another user already has. However, on Vista, "Access is denied" is + // returned also if the mutex is owned by a process with admin rights while we have none. + + return FALSE; + } + + if (GetLastError () == ERROR_ALREADY_EXISTS) + { + ReleaseMutex (*hMutex); + CloseHandle (*hMutex); + + *hMutex = NULL; + return FALSE; + } + + return TRUE; +} + + +void TCCloseMutex (volatile HANDLE *hMutex) +{ + if (*hMutex != NULL) + { + if (ReleaseMutex (*hMutex) + && CloseHandle (*hMutex)) + *hMutex = NULL; + } +} + + +// Returns TRUE if a process running on the system has the specified mutex (otherwise FALSE). +BOOL MutexExistsOnSystem (wchar_t *name) +{ + if (name[0] == 0) + return FALSE; + + HANDLE hMutex = OpenMutex (MUTEX_ALL_ACCESS, FALSE, name); + + if (hMutex == NULL) + { + if (GetLastError () == ERROR_FILE_NOT_FOUND) + return FALSE; + + if (GetLastError () == ERROR_ACCESS_DENIED) // On Vista, this is returned if the owner of the mutex is elevated while we are not + return TRUE; + + // The call failed and it is not certain whether the mutex exists or not + return FALSE; + } + + CloseHandle (hMutex); + return TRUE; +} + + +uint32 ReadDriverConfigurationFlags () +{ + DWORD configMap; + + if (!ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", TC_DRIVER_CONFIG_REG_VALUE_NAME, &configMap)) + configMap = 0; + + return configMap; +} + + +uint32 ReadEncryptionThreadPoolFreeCpuCountLimit () +{ + DWORD count; + + if (!ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", TC_ENCRYPTION_FREE_CPU_COUNT_REG_VALUE_NAME, &count)) + count = 0; + + return count; +} + + +BOOL LoadSysEncSettings () +{ + BOOL status = TRUE; + DWORD size = 0; + char *sysEncCfgFileBuf = LoadFile (GetConfigPath (TC_APPD_FILENAME_SYSTEM_ENCRYPTION), &size); + char *xml = sysEncCfgFileBuf; + char paramName[100], paramVal[MAX_PATH]; + + // Defaults + int newSystemEncryptionStatus = SYSENC_STATUS_NONE; + WipeAlgorithmId newnWipeMode = TC_WIPE_NONE; + + if (!FileExists (GetConfigPath (TC_APPD_FILENAME_SYSTEM_ENCRYPTION))) + { + SystemEncryptionStatus = newSystemEncryptionStatus; + nWipeMode = newnWipeMode; + } + + if (xml == NULL) + { + return FALSE; + } + + while (xml = XmlFindElement (xml, "config")) + { + XmlGetAttributeText (xml, "key", paramName, sizeof (paramName)); + XmlGetNodeText (xml, paramVal, sizeof (paramVal)); + + if (strcmp (paramName, "SystemEncryptionStatus") == 0) + { + newSystemEncryptionStatus = atoi (paramVal); + } + else if (strcmp (paramName, "WipeMode") == 0) + { + newnWipeMode = (WipeAlgorithmId) atoi (paramVal); + } + + xml++; + } + + SystemEncryptionStatus = newSystemEncryptionStatus; + nWipeMode = newnWipeMode; + + free (sysEncCfgFileBuf); + return status; +} + + +// Returns the number of partitions where non-system in-place encryption is progress or had been in progress +// but was interrupted. In addition, via the passed pointer, returns the last selected wipe algorithm ID. +int LoadNonSysInPlaceEncSettings (WipeAlgorithmId *wipeAlgorithm) +{ + char *fileBuf = NULL; + char *fileBuf2 = NULL; + DWORD size, size2; + int count; + + *wipeAlgorithm = TC_WIPE_NONE; + + if (!FileExists (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC))) + return 0; + + if ((fileBuf = LoadFile (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC), &size)) == NULL) + return 0; + + if (FileExists (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE))) + { + if ((fileBuf2 = LoadFile (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE), &size2)) != NULL) + *wipeAlgorithm = (WipeAlgorithmId) atoi (fileBuf2); + } + + count = atoi (fileBuf); + + if (fileBuf != NULL) + TCfree (fileBuf); + + if (fileBuf2 != NULL) + TCfree (fileBuf2); + + return (count); +} + + +void RemoveNonSysInPlaceEncNotifications (void) +{ + if (FileExists (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC))) + _wremove (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC)); + + if (FileExists (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE))) + _wremove (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE)); + + if (!IsNonInstallMode () && SystemEncryptionStatus == SYSENC_STATUS_NONE) + ManageStartupSeqWiz (TRUE, L""); +} + + +void SavePostInstallTasksSettings (int command) +{ + FILE *f = NULL; + + if (IsNonInstallMode() && command != TC_POST_INSTALL_CFG_REMOVE_ALL) + return; + + switch (command) + { + case TC_POST_INSTALL_CFG_REMOVE_ALL: + _wremove (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_TUTORIAL)); + _wremove (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_RELEASE_NOTES)); + break; + + case TC_POST_INSTALL_CFG_TUTORIAL: + f = _wfopen (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_TUTORIAL), L"w"); + break; + + case TC_POST_INSTALL_CFG_RELEASE_NOTES: + f = _wfopen (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_RELEASE_NOTES), L"w"); + break; + + default: + return; + } + + if (f == NULL) + return; + + if (fputws (L"1", f) < 0) + { + // Error + fclose (f); + return; + } + + TCFlushFile (f); + + fclose (f); +} + + +void DoPostInstallTasks (HWND hwndDlg) +{ + BOOL bDone = FALSE; + + if (FileExists (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_TUTORIAL))) + { + if (AskYesNo ("AFTER_INSTALL_TUTORIAL", hwndDlg) == IDYES) + Applink ("beginnerstutorial", TRUE, ""); + + bDone = TRUE; + } + + if (FileExists (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_RELEASE_NOTES))) + { + if (AskYesNo ("AFTER_UPGRADE_RELEASE_NOTES", hwndDlg) == IDYES) + Applink ("releasenotes", TRUE, ""); + + bDone = TRUE; + } + + if (bDone) + SavePostInstallTasksSettings (TC_POST_INSTALL_CFG_REMOVE_ALL); +} + + +void InitOSVersionInfo () +{ + OSVERSIONINFOEXW os; + os.dwOSVersionInfoSize = sizeof (OSVERSIONINFOEXW); + + if (GetVersionExW ((LPOSVERSIONINFOW) &os) == FALSE) + AbortProcess ("NO_OS_VER"); + + CurrentOSMajor = os.dwMajorVersion; + CurrentOSMinor = os.dwMinorVersion; + CurrentOSServicePack = os.wServicePackMajor; + + if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 5 && CurrentOSMinor == 0) + nCurrentOS = WIN_2000; + else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 5 && CurrentOSMinor == 1) + nCurrentOS = WIN_XP; + else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 5 && CurrentOSMinor == 2) + { + if (os.wProductType == VER_NT_SERVER || os.wProductType == VER_NT_DOMAIN_CONTROLLER) + nCurrentOS = WIN_SERVER_2003; + else + nCurrentOS = WIN_XP64; + } + else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 6 && CurrentOSMinor == 0) + { + if (os.wProductType != VER_NT_WORKSTATION) + nCurrentOS = WIN_SERVER_2008; + else + nCurrentOS = WIN_VISTA; + } + else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 6 && CurrentOSMinor == 1) + nCurrentOS = ((os.wProductType != VER_NT_WORKSTATION) ? WIN_SERVER_2008_R2 : WIN_7); + else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 6 && CurrentOSMinor == 2) + nCurrentOS = ((os.wProductType != VER_NT_WORKSTATION) ? WIN_SERVER_2012 : WIN_8); + else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 6 && CurrentOSMinor == 3) + nCurrentOS = ((os.wProductType != VER_NT_WORKSTATION) ? WIN_SERVER_2012_R2 : WIN_8_1); + else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 10 && CurrentOSMinor == 0) + nCurrentOS = ((os.wProductType != VER_NT_WORKSTATION) ? WIN_SERVER_2016 : WIN_10); + else if (os.dwPlatformId == VER_PLATFORM_WIN32_NT && CurrentOSMajor == 4) + nCurrentOS = WIN_NT4; + else if (os.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS && os.dwMajorVersion == 4 && os.dwMinorVersion == 0) + nCurrentOS = WIN_95; + else if (os.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS && os.dwMajorVersion == 4 && os.dwMinorVersion == 10) + nCurrentOS = WIN_98; + else if (os.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS && os.dwMajorVersion == 4 && os.dwMinorVersion == 90) + nCurrentOS = WIN_ME; + else if (os.dwPlatformId == VER_PLATFORM_WIN32s) + nCurrentOS = WIN_31; + else + nCurrentOS = WIN_UNKNOWN; +} + +static void LoadSystemDll (LPCTSTR szModuleName, HMODULE *pHandle, BOOL bIgnoreError, const char* srcPos) +{ + wchar_t dllPath[MAX_PATH]; + + /* Load dll explictely from System32 to avoid Dll hijacking attacks*/ + if (!GetSystemDirectory(dllPath, MAX_PATH)) + StringCbCopyW(dllPath, sizeof(dllPath), L"C:\\Windows\\System32"); + + StringCbCatW(dllPath, sizeof(dllPath), L"\\"); + StringCbCatW(dllPath, sizeof(dllPath), szModuleName); + + if (((*pHandle = LoadLibrary(dllPath)) == NULL) && !bIgnoreError) + { + // This error is fatal + handleWin32Error (NULL, srcPos); + AbortProcess ("INIT_DLL"); + } +} + +/* InitApp - initialize the application, this function is called once in the + applications WinMain function, but before the main dialog has been created */ +void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) +{ + WNDCLASSW wc; + char langId[6]; + InitCommonControlsPtr InitCommonControlsFn = NULL; + + InitOSVersionInfo(); + + InitializeCriticalSection (&csWNetCalls); + + LoadSystemDll (L"ntmarta.dll", &hntmartadll, TRUE, SRC_POS); + LoadSystemDll (L"MPR.DLL", &hmprdll, TRUE, SRC_POS); +#ifdef SETUP + if (IsOSAtLeast (WIN_7)) + { + LoadSystemDll (L"ProfApi.DLL", &hProfApiDll, TRUE, SRC_POS); + LoadSystemDll (L"cryptbase.dll", &hcryptbasedll, TRUE, SRC_POS); + LoadSystemDll (L"sspicli.dll", &hsspiclidll, TRUE, SRC_POS); + } +#endif + LoadSystemDll (L"psapi.dll", &hpsapidll, TRUE, SRC_POS); + LoadSystemDll (L"secur32.dll", &hsecur32dll, TRUE, SRC_POS); + LoadSystemDll (L"msasn1.dll", &hmsasn1dll, TRUE, SRC_POS); + LoadSystemDll (L"Usp10.DLL", &hUsp10Dll, TRUE, SRC_POS); + LoadSystemDll (L"UXTheme.dll", &hUXThemeDll, TRUE, SRC_POS); + + LoadSystemDll (L"msls31.dll", &hMsls31, TRUE, SRC_POS); + LoadSystemDll (L"SETUPAPI.DLL", &hSetupDll, FALSE, SRC_POS); + LoadSystemDll (L"SHLWAPI.DLL", &hShlwapiDll, FALSE, SRC_POS); + + LoadSystemDll (L"userenv.dll", &hUserenvDll, TRUE, SRC_POS); + LoadSystemDll (L"rsaenh.dll", &hRsaenhDll, TRUE, SRC_POS); + +#ifdef SETUP + if (nCurrentOS < WIN_7) + { + if (nCurrentOS == WIN_XP) + { + LoadSystemDll (L"imm32.dll", &himm32dll, TRUE, SRC_POS); + LoadSystemDll (L"MSCTF.dll", &hMSCTFdll, TRUE, SRC_POS); + LoadSystemDll (L"fltlib.dll", &hfltlibdll, TRUE, SRC_POS); + LoadSystemDll (L"wbem\\framedyn.dll", &hframedyndll, TRUE, SRC_POS); + } + + if (IsOSAtLeast (WIN_VISTA)) + { + LoadSystemDll (L"netapi32.dll", &hnetapi32dll, TRUE, SRC_POS); + LoadSystemDll (L"authz.dll", &hauthzdll, TRUE, SRC_POS); + LoadSystemDll (L"xmllite.dll", &hxmllitedll, TRUE, SRC_POS); + } + } + + if (IsOSAtLeast (WIN_VISTA)) + { + LoadSystemDll (L"spp.dll", &hsppdll, TRUE, SRC_POS); + LoadSystemDll (L"vssapi.dll", &vssapidll, TRUE, SRC_POS); + LoadSystemDll (L"vsstrace.dll", &hvsstracedll, TRUE, SRC_POS); + + if (IsOSAtLeast (WIN_7)) + { + LoadSystemDll (L"CryptSP.dll", &hCryptSpDll, TRUE, SRC_POS); + + LoadSystemDll (L"cfgmgr32.dll", &hcfgmgr32dll, TRUE, SRC_POS); + LoadSystemDll (L"devobj.dll", &hdevobjdll, TRUE, SRC_POS); + LoadSystemDll (L"powrprof.dll", &hpowrprofdll, TRUE, SRC_POS); + + LoadSystemDll (L"dwmapi.dll", &hdwmapidll, TRUE, SRC_POS); + + LoadSystemDll (L"crypt32.dll", &hcrypt32dll, TRUE, SRC_POS); + + LoadSystemDll (L"bcrypt.dll", &hbcryptdll, TRUE, SRC_POS); + LoadSystemDll (L"bcryptprimitives.dll", &hbcryptprimitivesdll, TRUE, SRC_POS); + } + } +#else + LoadSystemDll (L"WINSCARD.DLL", &hwinscarddll, TRUE, SRC_POS); +#endif + + LoadSystemDll (L"COMCTL32.DLL", &hComctl32Dll, FALSE, SRC_POS); + + // call InitCommonControls function + InitCommonControlsFn = (InitCommonControlsPtr) GetProcAddress (hComctl32Dll, "InitCommonControls"); + ImageList_AddFn = (ImageList_AddPtr) GetProcAddress (hComctl32Dll, "ImageList_Add"); + ImageList_CreateFn = (ImageList_CreatePtr) GetProcAddress (hComctl32Dll, "ImageList_Create"); + + if (InitCommonControlsFn && ImageList_AddFn && ImageList_CreateFn) + { + InitCommonControlsFn(); + } + else + AbortProcess ("INIT_DLL"); + + LoadSystemDll (L"Riched20.dll", &hRichEditDll, FALSE, SRC_POS); + + // Get SetupAPI functions pointers + SetupCloseInfFileFn = (SetupCloseInfFilePtr) GetProcAddress (hSetupDll, "SetupCloseInfFile"); + SetupDiOpenClassRegKeyFn = (SetupDiOpenClassRegKeyPtr) GetProcAddress (hSetupDll, "SetupDiOpenClassRegKey"); + SetupInstallFromInfSectionWFn = (SetupInstallFromInfSectionWPtr) GetProcAddress (hSetupDll, "SetupInstallFromInfSectionW"); + SetupOpenInfFileWFn = (SetupOpenInfFileWPtr) GetProcAddress (hSetupDll, "SetupOpenInfFileW"); + + if (!SetupCloseInfFileFn || !SetupDiOpenClassRegKeyFn || !SetupInstallFromInfSectionWFn || !SetupOpenInfFileWFn) + AbortProcess ("INIT_DLL"); + + // Get SHDeleteKeyW function pointer + SHDeleteKeyWFn = (SHDeleteKeyWPtr) GetProcAddress (hShlwapiDll, "SHDeleteKeyW"); + SHStrDupWFn = (SHStrDupWPtr) GetProcAddress (hShlwapiDll, "SHStrDupW"); + if (!SHDeleteKeyWFn || !SHStrDupWFn) + AbortProcess ("INIT_DLL"); + + if (IsOSAtLeast (WIN_VISTA)) + { + /* Get ChangeWindowMessageFilter used to enable some messages bypasss UIPI (User Interface Privilege Isolation) */ + ChangeWindowMessageFilterFn = (ChangeWindowMessageFilterPtr) GetProcAddress (GetModuleHandle (L"user32.dll"), "ChangeWindowMessageFilter"); + +#ifndef SETUP + /* enable drag-n-drop when we are running elevated */ + AllowMessageInUIPI (WM_DROPFILES); + AllowMessageInUIPI (WM_COPYDATA); + AllowMessageInUIPI (WM_COPYGLOBALDATA); +#endif + } + + /* Save the instance handle for later */ + hInst = hInstance; + + SetErrorMode (SetErrorMode (0) | SEM_FAILCRITICALERRORS | SEM_NOOPENFILEERRORBOX); + CoInitialize (NULL); + +#ifndef SETUP + // Application ID + typedef HRESULT (WINAPI *SetAppId_t) (PCWSTR appID); + SetAppId_t setAppId = (SetAppId_t) GetProcAddress (GetModuleHandle (L"shell32.dll"), "SetCurrentProcessExplicitAppUserModelID"); + + if (setAppId) + setAppId (TC_APPLICATION_ID); +#endif + + // Language + langId[0] = 0; + SetPreferredLangId (ConfigReadString ("Language", "", langId, sizeof (langId))); + + if (langId[0] == 0) + { + if (IsNonInstallMode ()) + { + // only support automatic use of a language file in portable mode + // this is achieved by placing a unique language XML file in the same + // place as portable VeraCrypt binaries. + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_LANGUAGE), NULL, + (DLGPROC) LanguageDlgProc, (LPARAM) 1); + } + else + { + // when installed, force using English as default language + SetPreferredLangId ("en"); + } + } + + LoadLanguageFile (); + +#ifndef SETUP + // UAC elevation moniker cannot be used in portable mode. + // A new instance of the application must be created with elevated privileges. + if (IsNonInstallMode () && !IsAdmin () && IsUacSupported ()) + { + wchar_t modPath[MAX_PATH], newCmdLine[4096]; + WNDCLASSEXW wcex; + HWND hWnd; + + if (wcsstr (lpszCommandLine, L"/q UAC ") == lpszCommandLine) + { + Error ("UAC_INIT_ERROR", NULL); + exit (1); + } + + memset (&wcex, 0, sizeof (wcex)); + wcex.cbSize = sizeof(WNDCLASSEX); + wcex.lpfnWndProc = (WNDPROC) NonInstallUacWndProc; + wcex.hInstance = hInstance; + wcex.lpszClassName = L"VeraCrypt"; + RegisterClassExW (&wcex); + + // A small transparent window is necessary to bring the new instance to foreground + hWnd = CreateWindowExW (WS_EX_TOOLWINDOW | WS_EX_LAYERED, + L"VeraCrypt", L"VeraCrypt", 0, + GetSystemMetrics (SM_CXSCREEN)/2, + GetSystemMetrics (SM_CYSCREEN)/2, + 1, 1, NULL, NULL, hInstance, NULL); + + SetLayeredWindowAttributes (hWnd, 0, 0, LWA_ALPHA); + ShowWindow (hWnd, SW_SHOWNORMAL); + + GetModuleFileNameW (NULL, modPath, ARRAYSIZE (modPath)); + + StringCbCopyW (newCmdLine, sizeof(newCmdLine), L"/q UAC "); + StringCbCatW (newCmdLine, sizeof (newCmdLine), lpszCommandLine); + + if ((int)ShellExecuteW (hWnd, L"runas", modPath, newCmdLine, NULL, SW_SHOWNORMAL) <= 32) + exit (1); + + Sleep (2000); + exit (0); + } +#endif + + SetUnhandledExceptionFilter (ExceptionHandler); + _set_invalid_parameter_handler (InvalidParameterHandler); + + RemoteSession = GetSystemMetrics (SM_REMOTESESSION) != 0; + + // OS version check + if (CurrentOSMajor < 5) + { + MessageBoxW (NULL, GetString ("UNSUPPORTED_OS"), lpszTitle, MB_ICONSTOP); + exit (1); + } + else + { + // Service pack check & warnings about critical MS issues + switch (nCurrentOS) + { + case WIN_2000: + if (CurrentOSServicePack < 3) + Warning ("LARGE_IDE_WARNING_2K", NULL); + else + { + DWORD val = 0, size = sizeof(val); + HKEY hkey; + + if (RegOpenKeyExW (HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Services\\Atapi\\Parameters", 0, KEY_READ, &hkey) == ERROR_SUCCESS) + { + if (RegQueryValueExW (hkey, L"EnableBigLba", 0, 0, (LPBYTE) &val, &size) != ERROR_SUCCESS + || val != 1) + { + Warning ("LARGE_IDE_WARNING_2K_REGISTRY", NULL); + } + RegCloseKey (hkey); + } + } + break; + + case WIN_XP: + if (CurrentOSServicePack < 1) + { + HKEY k; + // PE environment does not report version of SP + if (RegOpenKeyExW (HKEY_LOCAL_MACHINE, L"System\\CurrentControlSet\\Control\\minint", 0, KEY_READ, &k) != ERROR_SUCCESS) + Warning ("LARGE_IDE_WARNING_XP", NULL); + else + RegCloseKey (k); + } + break; + } + } + + /* Get the attributes for the standard dialog class */ + if ((GetClassInfoW (hInst, WINDOWS_DIALOG_CLASS, &wc)) == 0) + { + handleWin32Error (NULL, SRC_POS); + AbortProcess ("INIT_REGISTER"); + } + +#ifndef SETUP + wc.hIcon = LoadIcon (hInstance, MAKEINTRESOURCE (IDI_TRUECRYPT_ICON)); +#else +#include "../setup/resource.h" + wc.hIcon = LoadIcon (hInstance, MAKEINTRESOURCE (IDI_SETUP)); +#endif + wc.lpszClassName = TC_DLG_CLASS; + wc.lpfnWndProc = &CustomDlgProc; + wc.hCursor = LoadCursor (NULL, IDC_ARROW); + wc.cbWndExtra = DLGWINDOWEXTRA; + + hDlgClass = RegisterClassW (&wc); + if (hDlgClass == 0) + { + handleWin32Error (NULL, SRC_POS); + AbortProcess ("INIT_REGISTER"); + } + + wc.lpszClassName = TC_SPLASH_CLASS; + wc.lpfnWndProc = &SplashDlgProc; + wc.hCursor = LoadCursor (NULL, IDC_ARROW); + wc.cbWndExtra = DLGWINDOWEXTRA; + + hSplashClass = RegisterClassW (&wc); + if (hSplashClass == 0) + { + handleWin32Error (NULL, SRC_POS); + AbortProcess ("INIT_REGISTER"); + } + + // DPI and GUI aspect ratio + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_AUXILIARY_DLG), NULL, + (DLGPROC) AuxiliaryDlgProc, (LPARAM) 1); + + InitHelpFileName (); + +#ifndef SETUP + if (!EncryptionThreadPoolStart (ReadEncryptionThreadPoolFreeCpuCountLimit())) + { + handleWin32Error (NULL, SRC_POS); + FREE_DLL (hRichEditDll); + FREE_DLL (hComctl32Dll); + FREE_DLL (hSetupDll); + FREE_DLL (hShlwapiDll); + FREE_DLL (hProfApiDll); + FREE_DLL (hUsp10Dll); + FREE_DLL (hCryptSpDll); + FREE_DLL (hUXThemeDll); + FREE_DLL (hUserenvDll); + FREE_DLL (hRsaenhDll); + FREE_DLL (himm32dll); + FREE_DLL (hMSCTFdll); + FREE_DLL (hfltlibdll); + FREE_DLL (hframedyndll); + FREE_DLL (hpsapidll); + FREE_DLL (hsecur32dll); + FREE_DLL (hnetapi32dll); + FREE_DLL (hauthzdll); + FREE_DLL (hxmllitedll); + FREE_DLL (hmprdll); + FREE_DLL (hsppdll); + FREE_DLL (vssapidll); + FREE_DLL (hvsstracedll); + FREE_DLL (hCryptSpDll); + FREE_DLL (hcfgmgr32dll); + FREE_DLL (hdevobjdll); + FREE_DLL (hpowrprofdll); + FREE_DLL (hsspiclidll); + FREE_DLL (hcryptbasedll); + FREE_DLL (hdwmapidll); + FREE_DLL (hmsasn1dll); + FREE_DLL (hcrypt32dll); + FREE_DLL (hbcryptdll); + FREE_DLL (hbcryptprimitivesdll); + FREE_DLL (hMsls31); + FREE_DLL (hntmartadll); + FREE_DLL (hwinscarddll); + exit (1); + } +#endif +} + +void FinalizeApp (void) +{ + FREE_DLL (hRichEditDll); + FREE_DLL (hComctl32Dll); + FREE_DLL (hSetupDll); + FREE_DLL (hShlwapiDll); + FREE_DLL (hProfApiDll); + FREE_DLL (hUsp10Dll); + FREE_DLL (hCryptSpDll); + FREE_DLL (hUXThemeDll); + FREE_DLL (hUserenvDll); + FREE_DLL (hRsaenhDll); + FREE_DLL (himm32dll); + FREE_DLL (hMSCTFdll); + FREE_DLL (hfltlibdll); + FREE_DLL (hframedyndll); + FREE_DLL (hpsapidll); + FREE_DLL (hsecur32dll); + FREE_DLL (hnetapi32dll); + FREE_DLL (hauthzdll); + FREE_DLL (hxmllitedll); + FREE_DLL (hmprdll); + FREE_DLL (hsppdll); + FREE_DLL (vssapidll); + FREE_DLL (hvsstracedll); + FREE_DLL (hCryptSpDll); + FREE_DLL (hcfgmgr32dll); + FREE_DLL (hdevobjdll); + FREE_DLL (hpowrprofdll); + FREE_DLL (hsspiclidll); + FREE_DLL (hcryptbasedll); + FREE_DLL (hdwmapidll); + FREE_DLL (hmsasn1dll); + FREE_DLL (hcrypt32dll); + FREE_DLL (hbcryptdll); + FREE_DLL (hbcryptprimitivesdll); + FREE_DLL (hMsls31); + FREE_DLL (hntmartadll); + FREE_DLL (hwinscarddll); +} + +void InitHelpFileName (void) +{ + wchar_t *lpszTmp; + + GetModuleFileNameW (NULL, szHelpFile, ARRAYSIZE (szHelpFile)); + lpszTmp = wcsrchr (szHelpFile, L'\\'); + if (lpszTmp) + { + wchar_t szTemp[TC_MAX_PATH]; + + ++lpszTmp; + *lpszTmp = 0; // add null terminating character to prepare for append operations + + // Primary file name + if (strcmp (GetPreferredLangId(), "en") == 0 + || strlen(GetPreferredLangId()) == 0) + { + StringCbCatW (szHelpFile, sizeof(szHelpFile), L"VeraCrypt User Guide.pdf"); + } + else + { + StringCbPrintfW (szTemp, sizeof(szTemp), L"VeraCrypt User Guide.%S.pdf", GetPreferredLangId()); + StringCbCatW (szHelpFile, sizeof(szHelpFile), szTemp); + } + + // Secondary file name (used when localized documentation is not found). + GetModuleFileNameW (NULL, szHelpFile2, ARRAYSIZE (szHelpFile2)); + lpszTmp = wcsrchr (szHelpFile2, L'\\'); + if (lpszTmp) + { + ++lpszTmp; + *lpszTmp = 0; + StringCbCatW (szHelpFile2, sizeof(szHelpFile2), L"VeraCrypt User Guide.pdf"); + } + } +} + +BOOL OpenDevice (const wchar_t *lpszPath, OPEN_TEST_STRUCT *driver, BOOL detectFilesystem, BOOL matchVolumeID, const BYTE* pbVolumeID) +{ + DWORD dwResult; + BOOL bResult; + wchar_t wszFileName[TC_MAX_PATH]; + + StringCbCopyW (wszFileName, sizeof(wszFileName), lpszPath); + + memset (driver, 0, sizeof (OPEN_TEST_STRUCT)); + memcpy (driver->wszFileName, wszFileName, sizeof (wszFileName)); + + driver->bDetectTCBootLoader = FALSE; + driver->DetectFilesystem = detectFilesystem; + driver->bMatchVolumeID = matchVolumeID; + if (matchVolumeID && pbVolumeID) + memcpy (driver->volumeID, pbVolumeID, VOLUME_ID_SIZE); + + bResult = DeviceIoControl (hDriver, TC_IOCTL_OPEN_TEST, + driver, sizeof (OPEN_TEST_STRUCT), + driver, sizeof (OPEN_TEST_STRUCT), + &dwResult, NULL); + + // check variable driver + if ( bResult + && ( (driver->bDetectTCBootLoader != TRUE && driver->bDetectTCBootLoader != FALSE) || + (driver->TCBootLoaderDetected != TRUE && driver->TCBootLoaderDetected != FALSE) || + (driver->DetectFilesystem != TRUE && driver->DetectFilesystem != FALSE) || + (driver->FilesystemDetected != TRUE && driver->FilesystemDetected != FALSE) || + (wcscmp (wszFileName, driver->wszFileName)) + ) + ) + { + return FALSE; + } + + if (bResult == FALSE) + { + dwResult = GetLastError (); + + if (dwResult == ERROR_SHARING_VIOLATION || dwResult == ERROR_NOT_READY) + { + driver->TCBootLoaderDetected = FALSE; + driver->FilesystemDetected = FALSE; + driver->VolumeIDMatched = FALSE; + return TRUE; + } + else + return FALSE; + } + + return TRUE; +} + + +// Tells the driver that it's running in portable mode +void NotifyDriverOfPortableMode (void) +{ + if (hDriver != INVALID_HANDLE_VALUE) + { + DWORD dwResult; + + DeviceIoControl (hDriver, TC_IOCTL_SET_PORTABLE_MODE_STATUS, NULL, 0, NULL, 0, &dwResult, NULL); + } +} + + +BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize) +{ + DWORD fileSystemFlags; + wchar_t root[] = { L'A' + (wchar_t) driveNo, L':', L'\\', 0 }; + + return GetVolumeInformationW (root, label, labelSize / 2, NULL, NULL, &fileSystemFlags, NULL, 0); +} + + +/* Stores the device path of the system partition in SysPartitionDevicePath and the device path of the system drive +in SysDriveDevicePath. +IMPORTANT: As this may take a very long time if called for the first time, it should be called only before performing + a dangerous operation (such as header backup restore or formatting a supposedly non-system device) never + at WM_INITDIALOG or any other GUI events -- instead call IsSystemDevicePath (path, hwndDlg, FALSE) for + very fast preliminary GUI checks; also note that right after the "Select Device" dialog exits with an OK + return code, you can use the global flags bSysPartitionSelected and bSysDriveSelected to see if the user + selected the system partition/device. +After this function completes successfully, the results are cached for the rest of the session and repeated +executions complete very fast. Returns TRUE if successful (otherwise FALSE). */ +BOOL GetSysDevicePaths (HWND hwndDlg) +{ + if (!bCachedSysDevicePathsValid + || wcslen (SysPartitionDevicePath) <= 1 + || wcslen (SysDriveDevicePath) <= 1) + { + foreach (const HostDevice &device, GetAvailableHostDevices (false, true)) + { + if (device.ContainsSystem) + StringCchCopyW (device.IsPartition ? SysPartitionDevicePath : SysDriveDevicePath, TC_MAX_PATH, device.Path.c_str()); + } + + if (IsOSAtLeast (WIN_7)) + { + // Find extra boot partition + foreach (const HostDevice &drive, GetAvailableHostDevices (false, false)) + { + if (drive.ContainsSystem) + { + foreach (const HostDevice &sysDrivePartition, drive.Partitions) + { + if (sysDrivePartition.Bootable) + { + if (sysDrivePartition.Size <= TC_MAX_EXTRA_BOOT_PARTITION_SIZE) + ExtraBootPartitionDevicePath = sysDrivePartition.Path; + break; + } + } + break; + } + } + } + + bCachedSysDevicePathsValid = 1; + } + + return (bCachedSysDevicePathsValid + && wcslen (SysPartitionDevicePath) > 1 + && wcslen (SysDriveDevicePath) > 1); +} + +/* Determines whether the device path is the path of the system partition or of the system drive (or neither). +If bReliableRequired is TRUE, very fast execution is guaranteed, but the results cannot be relied upon. +If it's FALSE and the function is called for the first time, execution may take up to one minute but the +results are reliable. +IMPORTANT: As the execution may take a very long time if called for the first time with bReliableRequired set + to TRUE, it should be called with bReliableRequired set to TRUE only before performing a dangerous + operation (such as header backup restore or formatting a supposedly non-system device) never at + WM_INITDIALOG or any other GUI events (use IsSystemDevicePath(path, hwndDlg, FALSE) for fast + preliminary GUI checks; also note that right after the "Select Device" dialog exits with an OK + return code, you can use the global flags bSysPartitionSelected and bSysDriveSelected to see if the + user selected the system partition/device). +After this function completes successfully, the results are cached for the rest of the session, bReliableRequired +is ignored (TRUE implied), repeated executions complete very fast, and the results are always reliable. +Return codes: +1 - it is the system partition path (e.g. \Device\Harddisk0\Partition1) +2 - it is the system drive path (e.g. \Device\Harddisk0\Partition0) +3 - it is the extra boot partition path +0 - it's not the system partition/drive path +-1 - the result can't be determined, isn't reliable, or there was an error. */ +int IsSystemDevicePath (const wchar_t *path, HWND hwndDlg, BOOL bReliableRequired) +{ + if (!bCachedSysDevicePathsValid + && bReliableRequired) + { + if (!GetSysDevicePaths (hwndDlg)) + return -1; + } + + if (wcslen (SysPartitionDevicePath) <= 1 || wcslen (SysDriveDevicePath) <= 1) + return -1; + + if (!path) + return -1; + + if (wcsncmp (path, SysPartitionDevicePath, max (wcslen(path), wcslen(SysPartitionDevicePath))) == 0) + return 1; + else if (wcsncmp (path, SysDriveDevicePath, max (wcslen(path), wcslen(SysDriveDevicePath))) == 0) + return 2; + else if (ExtraBootPartitionDevicePath == path) + return 3; + + return 0; +} + + +/* Determines whether the path points to a non-system partition on the system drive. +IMPORTANT: As this may take a very long time if called for the first time, it should be called + only before performing a dangerous operation, never at WM_INITDIALOG or any other GUI events. +Return codes: +0 - it isn't a non-system partition on the system drive +1 - it's a non-system partition on the system drive +-1 - the result can't be determined, isn't reliable, or there was an error. */ +int IsNonSysPartitionOnSysDrive (const wchar_t *path) +{ + wchar_t tmpPath [TC_MAX_PATH + 1]; + int pos; + + if (!GetSysDevicePaths (MainDlg)) + return -1; + + if (wcslen (SysPartitionDevicePath) <= 1 || wcslen (SysDriveDevicePath) <= 1) + return -1; + + if (wcsncmp (path, SysPartitionDevicePath, max (wcslen(path), wcslen(SysPartitionDevicePath))) == 0 + || wcsncmp (path, SysDriveDevicePath, max (wcslen(path), wcslen(SysDriveDevicePath))) == 0) + { + // It is the system partition/drive path (it isn't a non-system partition) + return 0; + } + + memset (tmpPath, 0, sizeof (tmpPath)); + wcsncpy (tmpPath, path, ARRAYSIZE (tmpPath) - 1); + + + pos = (int) FindString ((const char*) tmpPath, (const char*) L"Partition", (int) wcslen (tmpPath) * 2, (int) wcslen (L"Partition") * 2, 0); + + if (pos < 0) + return -1; + + pos /= 2; + pos += (int) strlen ("Partition"); + + if (pos + 1 > ARRAYSIZE (tmpPath) - 1) + return -1; + + tmpPath [pos] = L'0'; + tmpPath [pos + 1] = 0; + + if (wcsncmp (tmpPath, SysDriveDevicePath, max (wcslen(tmpPath), wcslen(SysDriveDevicePath))) == 0) + { + // It is a non-system partition on the system drive + return 1; + } + else + { + // The partition is not on the system drive + return 0; + } +} + + +wstring GetSysEncryptionPretestInfo2String (void) +{ + // This huge string is divided into smaller portions to make it easier for translators to + // re-translate it when a minor modification is made to it (the whole huge string will not be + // reverted to English, so they will have to translate only a small portion of it). + return (wstring (L"\n") + + GetString ("SYS_ENCRYPTION_PRETEST_INFO2_PORTION_1") + + GetString ("SYS_ENCRYPTION_PRETEST_INFO2_PORTION_2") + + GetString ("SYS_ENCRYPTION_PRETEST_INFO2_PORTION_3") + + GetString ("SYS_ENCRYPTION_PRETEST_INFO2_PORTION_4")); +} + + +wstring GetRescueDiskHelpString (void) +{ + // This huge string is divided into smaller portions to make it easier for translators to + // re-translate it when a minor modification is made to it (the whole huge string will not be + // reverted to English, so they will have to translate only a small portion of it). + return (wstring ( + GetString ("RESCUE_DISK_HELP_PORTION_1")) + + GetString ("RESCUE_DISK_HELP_PORTION_2") + + GetString ("RESCUE_DISK_HELP_PORTION_3") + + GetString ("RESCUE_DISK_HELP_PORTION_4") + + GetString ("RESCUE_DISK_HELP_PORTION_5") + + GetString ("RESCUE_DISK_HELP_PORTION_6") + + GetString ("RESCUE_DISK_HELP_PORTION_7") + + GetString ("RESCUE_DISK_HELP_PORTION_8") + + GetString ("RESCUE_DISK_HELP_PORTION_9")); +} + + +wstring GetDecoyOsInstructionsString (void) +{ + // This huge string is divided into smaller portions to make it easier for translators to + // re-translate it when a minor modification is made to it (the whole huge string will not be + // reverted to English, so they will have to translate only a small portion of it). + return (wstring ( + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_1")) + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_2") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_3") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_4") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_5") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_6") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_7") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_8") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_9") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_10") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_11") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_12") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_13") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_14") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_15") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_16") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_17") + + GetString ("DECOY_OS_INSTRUCTIONS_PORTION_18")); +} + + +INT_PTR TextInfoDialogBox (int nID) +{ + return DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_TEXT_INFO_DIALOG_BOX_DLG), MainDlg, (DLGPROC) TextInfoDialogBoxDlgProc, (LPARAM) nID); +} + +BOOL CALLBACK TextInfoDialogBoxDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + static int nID = 0; + + switch (msg) + { + case WM_INITDIALOG: + { + nID = (int) lParam; + + // Left margin for rich edit text field + SendMessage (GetDlgItem (hwndDlg, IDC_INFO_BOX_TEXT), EM_SETMARGINS, (WPARAM) EC_LEFTMARGIN, (LPARAM) CompensateXDPI (4)); + + ShowWindow(GetDlgItem(hwndDlg, IDC_PRINT), SW_HIDE); + + switch (nID) + { + case TC_TBXID_LEGAL_NOTICES: + LocalizeDialog (hwndDlg, "LEGAL_NOTICES_DLG_TITLE"); + break; + + case TC_TBXID_SYS_ENCRYPTION_PRETEST: + LocalizeDialog (hwndDlg, NULL); + ShowWindow(GetDlgItem(hwndDlg, IDC_PRINT), SW_SHOW); + break; + + case TC_TBXID_SYS_ENC_RESCUE_DISK: + LocalizeDialog (hwndDlg, NULL); + ShowWindow(GetDlgItem(hwndDlg, IDC_PRINT), SW_SHOW); + break; + + case TC_TBXID_DECOY_OS_INSTRUCTIONS: + LocalizeDialog (hwndDlg, NULL); + ShowWindow(GetDlgItem(hwndDlg, IDC_PRINT), SW_SHOW); + break; + + case TC_TBXID_EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS: + LocalizeDialog (hwndDlg, NULL); + ShowWindow(GetDlgItem(hwndDlg, IDC_PRINT), SW_SHOW); + break; + } + + SendMessage (hwndDlg, TC_APPMSG_LOAD_TEXT_BOX_CONTENT, 0, 0); + } + return 0; + + case WM_COMMAND: + if (lw == IDOK || lw == IDCANCEL) + { + NormalCursor (); + EndDialog (hwndDlg, 0); + return 1; + } + + if (lw == IDC_PRINT) + { + switch (nID) + { + case TC_TBXID_SYS_ENCRYPTION_PRETEST: + PrintHardCopyTextUTF16 ((wchar_t *) GetSysEncryptionPretestInfo2String ().c_str(), L"Pre-Boot Troubleshooting", GetSysEncryptionPretestInfo2String ().length () * 2); + break; + + case TC_TBXID_SYS_ENC_RESCUE_DISK: + PrintHardCopyTextUTF16 ((wchar_t *) GetRescueDiskHelpString ().c_str(), L"VeraCrypt Rescue Disk Help", GetRescueDiskHelpString ().length () * 2); + break; + + case TC_TBXID_DECOY_OS_INSTRUCTIONS: + PrintHardCopyTextUTF16 ((wchar_t *) GetDecoyOsInstructionsString ().c_str(), L"How to Create Decoy OS", GetDecoyOsInstructionsString ().length () * 2); + break; + + case TC_TBXID_EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS: + PrintHardCopyTextUTF16 (GetString ("EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS"), L"How to Remove Extra Boot Partition", wcslen (GetString ("EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS")) * 2); + break; + } + return 1; + } + + return 0; + + case TC_APPMSG_LOAD_TEXT_BOX_CONTENT: + { + char *r = NULL; + + switch (nID) + { + case TC_TBXID_LEGAL_NOTICES: + LocalizeDialog (hwndDlg, "LEGAL_NOTICES_DLG_TITLE"); + r = GetLegalNotices (); + if (r != NULL) + { + SETTEXTEX TextInfo = {0}; + + TextInfo.flags = ST_SELECTION; + TextInfo.codepage = CP_ACP; + + SendMessage(GetDlgItem (hwndDlg, IDC_INFO_BOX_TEXT), EM_SETTEXTEX, (WPARAM)&TextInfo, (LPARAM)r); + free (r); + } + break; + + case TC_TBXID_SYS_ENCRYPTION_PRETEST: + LocalizeDialog (hwndDlg, NULL); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_INFO_BOX_TEXT), (wchar_t *) GetSysEncryptionPretestInfo2String ().c_str()); + break; + + case TC_TBXID_SYS_ENC_RESCUE_DISK: + LocalizeDialog (hwndDlg, NULL); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_INFO_BOX_TEXT), (wchar_t *) GetRescueDiskHelpString ().c_str()); + break; + + case TC_TBXID_DECOY_OS_INSTRUCTIONS: + LocalizeDialog (hwndDlg, NULL); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_INFO_BOX_TEXT), (wchar_t *) GetDecoyOsInstructionsString ().c_str()); + break; + + case TC_TBXID_EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS: + LocalizeDialog (hwndDlg, NULL); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_INFO_BOX_TEXT), GetString ("EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS")); + break; + } + } + return 1; + + case WM_CLOSE: + NormalCursor (); + EndDialog (hwndDlg, 0); + return 1; + } + + return 0; +} + + +char * GetLegalNotices () +{ + static char *resource; + static DWORD size; + char *buf = NULL; + + if (resource == NULL) + resource = (char *) MapResource (L"Text", IDR_LICENSE, &size); + + if (resource != NULL) + { + buf = (char *) malloc (size + 1); + if (buf != NULL) + { + memcpy (buf, resource, size); + buf[size] = 0; + } + } + + return buf; +} + + +BOOL CALLBACK RawDevicesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + static wchar_t *lpszFileName; // This is actually a pointer to a GLOBAL array + static vector devices; + static map itemToDeviceMap; + + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + LVCOLUMNW LvCol; + HWND hList = GetDlgItem (hwndDlg, IDC_DEVICELIST); + RawDevicesDlgParam* pDlgParam = (RawDevicesDlgParam *) lParam; + + LocalizeDialog (hwndDlg, "IDD_RAWDEVICES_DLG"); + + SendMessage (hList,LVM_SETEXTENDEDLISTVIEWSTYLE,0, + LVS_EX_FULLROWSELECT|LVS_EX_HEADERDRAGDROP|LVS_EX_TWOCLICKACTIVATE|LVS_EX_LABELTIP + ); + + memset (&LvCol,0,sizeof(LvCol)); + LvCol.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; + LvCol.pszText = GetString ("DEVICE"); + LvCol.cx = CompensateXDPI (186); + LvCol.fmt = LVCFMT_LEFT; + SendMessage (hList,LVM_INSERTCOLUMNW,0,(LPARAM)&LvCol); + + LvCol.pszText = GetString ("DRIVE"); + LvCol.cx = CompensateXDPI (38); + LvCol.fmt = LVCFMT_LEFT; + SendMessage (hList,LVM_INSERTCOLUMNW,1,(LPARAM)&LvCol); + + LvCol.pszText = GetString ("SIZE"); + LvCol.cx = CompensateXDPI (64); + LvCol.fmt = LVCFMT_RIGHT; + SendMessage (hList,LVM_INSERTCOLUMNW,2,(LPARAM)&LvCol); + + LvCol.pszText = GetString ("LABEL"); + LvCol.cx = CompensateXDPI (128); + LvCol.fmt = LVCFMT_LEFT; + SendMessage (hList,LVM_INSERTCOLUMNW,3,(LPARAM)&LvCol); + + devices.clear(); + itemToDeviceMap.clear(); + + if (pDlgParam->devices.empty()) + { + WaitCursor(); + devices = GetAvailableHostDevices (false, true, false); + NormalCursor(); + } + else + devices = pDlgParam->devices; + + if (devices.empty()) + { + MessageBoxW (hwndDlg, GetString ("RAWDEVICES"), lpszTitle, ICON_HAND); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + int line = 1; + LVITEM item; + memset (&item, 0, sizeof (item)); + item.mask = LVIF_TEXT; + + foreach (const HostDevice &device, devices) + { + item.iSubItem = 1; + + if (device.ContainsSystem) + { + if (device.IsPartition) + StringCbCopyW (SysPartitionDevicePath, sizeof (SysPartitionDevicePath), device.Path.c_str()); + else + StringCbCopyW (SysDriveDevicePath, sizeof (SysDriveDevicePath), device.Path.c_str()); + } + + // Path + if (!device.IsPartition || device.DynamicVolume) + { + if (!device.Floppy && (device.Size == 0) + && (device.IsPartition || device.Partitions.empty() || device.Partitions[0].Size == 0) + ) + continue; + + if (line > 1) + { + ListItemAdd (hList, item.iItem, L""); + item.iItem = line++; + } + + if (device.Floppy || device.DynamicVolume) + { + ListItemAdd (hList, item.iItem, (wchar_t *) device.Path.c_str()); + } + else + { + wchar_t s[1024]; + if (device.Removable) + StringCbPrintfW (s, sizeof(s), L"%s %d", GetString ("REMOVABLE_DISK"), device.SystemNumber); + else + StringCbPrintfW (s, sizeof(s), L"%s %d", GetString ("HARDDISK"), device.SystemNumber); + + if (!device.Partitions.empty()) + StringCbCatW (s, sizeof(s), L":"); + + ListItemAdd (hList, item.iItem, s); + } + } + else + { + ListItemAdd (hList, item.iItem, (wchar_t *) device.Path.c_str()); + } + + itemToDeviceMap[item.iItem] = device; + + // Size + if (device.Size != 0) + { + wchar_t size[100] = { 0 }; + GetSizeString (device.Size, size, sizeof(size)); + ListSubItemSet (hList, item.iItem, 2, size); + } + + // Mount point + if (!device.MountPoint.empty()) + ListSubItemSet (hList, item.iItem, 1, (wchar_t *) device.MountPoint.c_str()); + + // Label + if (!device.Name.empty()) + ListSubItemSet (hList, item.iItem, 3, (wchar_t *) device.Name.c_str()); +#ifdef TCMOUNT + else + { + bool useInExplorer = false; + wstring favoriteLabel = GetFavoriteVolumeLabel (device.Path, useInExplorer); + if (!favoriteLabel.empty()) + ListSubItemSet (hList, item.iItem, 3, (wchar_t *) favoriteLabel.c_str()); + } +#endif + + item.iItem = line++; + } + + SendMessageW(hList, LVM_SETCOLUMNWIDTH, 0, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); + SendMessageW(hList, LVM_SETCOLUMNWIDTH, 1, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); + SendMessageW(hList, LVM_SETCOLUMNWIDTH, 2, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); + SendMessageW(hList, LVM_SETCOLUMNWIDTH, 3, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); + + lpszFileName = pDlgParam->pszFileName; + +#ifdef VOLFORMAT + EnableWindow (GetDlgItem (hwndDlg, IDOK), FALSE); +#endif + return 1; + } + + case WM_COMMAND: + case WM_NOTIFY: + // catch non-device line selected + if (msg == WM_NOTIFY && ((LPNMHDR) lParam)->code == LVN_ITEMCHANGED && (((LPNMLISTVIEW) lParam)->uNewState & LVIS_FOCUSED )) + { + BOOL bEnableOkButton = FALSE; + LVITEM LvItem; + memset(&LvItem,0,sizeof(LvItem)); + LvItem.mask = LVIF_TEXT | LVIF_PARAM; + LvItem.iItem = ((LPNMLISTVIEW) lParam)->iItem; + LvItem.pszText = lpszFileName; + LvItem.cchTextMax = TC_MAX_PATH; + + lpszFileName[0] = 0; + SendMessage (GetDlgItem (hwndDlg, IDC_DEVICELIST), LVM_GETITEM, LvItem.iItem, (LPARAM) &LvItem); + if (lpszFileName[0] != 0 && lpszFileName[0] != ' ') + { + bEnableOkButton = TRUE; +#ifdef VOLFORMAT + if ( bInPlaceEncNonSysResumed && (WizardMode == WIZARD_MODE_NONSYS_DEVICE) + && LvItem.iItem != -1 && itemToDeviceMap.find (LvItem.iItem) != itemToDeviceMap.end() + ) + { + const HostDevice selectedDevice = itemToDeviceMap[LvItem.iItem]; + if (selectedDevice.ContainsSystem) + { + bEnableOkButton = FALSE; + } + } +#endif + } + EnableWindow (GetDlgItem ((HWND) hwndDlg, IDOK), bEnableOkButton); + + return 1; + } + + if (msg == WM_COMMAND && lw == IDOK || msg == WM_NOTIFY && ((NMHDR *)lParam)->code == LVN_ITEMACTIVATE) + { + int selectedItem = ListView_GetSelectionMark (GetDlgItem (hwndDlg, IDC_DEVICELIST)); + + if (selectedItem == -1 || itemToDeviceMap.find (selectedItem) == itemToDeviceMap.end()) + return 1; // non-device line selected + + const HostDevice selectedDevice = itemToDeviceMap[selectedItem]; + StringCchCopyW (lpszFileName, TC_MAX_PATH, selectedDevice.Path.c_str()); + +#ifdef VOLFORMAT + if (selectedDevice.ContainsSystem && selectedDevice.IsPartition) + { + if (WizardMode != WIZARD_MODE_SYS_DEVICE) + { + if (bInPlaceEncNonSysResumed && (WizardMode == WIZARD_MODE_NONSYS_DEVICE)) + { + // disable selection + return 1; + } + + if (AskYesNo ("CONFIRM_SYSTEM_ENCRYPTION_MODE", hwndDlg) == IDNO) + { + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + bSysPartitionSelected = TRUE; + bSysDriveSelected = FALSE; + lpszFileName[0] = 0; + SwitchWizardToSysEncMode (); + + NormalCursor (); + EndDialog (hwndDlg, IDOK); + return 1; + } + else + { + // This should never be the case because the Select Device dialog is not available in this wizard mode + bSysPartitionSelected = TRUE; + bSysDriveSelected = FALSE; + lpszFileName[0] = 0; + SwitchWizardToSysEncMode (); + NormalCursor (); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + } + + if (!(selectedDevice.ContainsSystem && !selectedDevice.IsPartition)) + { + if (bWarnDeviceFormatAdvanced + && !bHiddenVolDirect + && AskWarnNoYes("FORMAT_DEVICE_FOR_ADVANCED_ONLY", hwndDlg) == IDNO) + { + if (AskNoYes("CONFIRM_CHANGE_WIZARD_MODE_TO_FILE_CONTAINER", hwndDlg) == IDYES) + { + SwitchWizardToFileContainerMode (); + } + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + if (!bHiddenVolDirect) + bWarnDeviceFormatAdvanced = FALSE; + } + +#else // #ifdef VOLFORMAT + + bSysPartitionSelected = (selectedDevice.ContainsSystem && selectedDevice.IsPartition); + bSysDriveSelected = FALSE; + +#endif // #ifdef VOLFORMAT + + if (!selectedDevice.IsPartition && !selectedDevice.Floppy) + { + // Whole device selected + +#ifdef VOLFORMAT + if (selectedDevice.ContainsSystem && !selectedDevice.IsPartition) + { + if (WizardMode != WIZARD_MODE_SYS_DEVICE) + { + if (bInPlaceEncNonSysResumed && (WizardMode == WIZARD_MODE_NONSYS_DEVICE)) + { + // disable selection + return 1; + } + + if (AskYesNo ("CONFIRM_SYSTEM_ENCRYPTION_MODE", hwndDlg) == IDNO) + { + NormalCursor (); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + bSysDriveSelected = TRUE; + bSysPartitionSelected = FALSE; + lpszFileName[0] = 0; + SwitchWizardToSysEncMode (); + + NormalCursor (); + EndDialog (hwndDlg, IDOK); + return 1; + } + else + { + // This should never be the case because the Select Device dialog is not available in this wizard mode + bSysDriveSelected = TRUE; + bSysPartitionSelected = FALSE; + lpszFileName[0] = 0; + SwitchWizardToSysEncMode (); + NormalCursor (); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + } + + // Disallow format if the device contains partitions, but not if the partition is virtual or system + if (!selectedDevice.IsVirtualPartition + && !bHiddenVolDirect) + { + if (!selectedDevice.Partitions.empty()) + { + EnableWindow (GetDlgItem (hwndDlg, IDOK), FALSE); + Error ("DEVICE_PARTITIONS_ERR_W_INPLACE_ENC_NOTE", hwndDlg); + return 1; + } + + if (AskWarnNoYes ("WHOLE_NONSYS_DEVICE_ENC_CONFIRM", hwndDlg) == IDNO) + return 1; + } +#else // #ifdef VOLFORMAT + + bSysDriveSelected = (selectedDevice.ContainsSystem && !selectedDevice.IsPartition); + bSysPartitionSelected = FALSE; + +#endif // #ifdef VOLFORMAT + } + else + bSysDriveSelected = FALSE; + +#ifdef VOLFORMAT + bRemovableHostDevice = selectedDevice.Removable; +#endif + NormalCursor (); + EndDialog (hwndDlg, IDOK); + return 1; + } + + if ((msg == WM_COMMAND) && (lw == IDCANCEL)) + { + NormalCursor (); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + return 0; + } + return 0; +} + + +BOOL DoDriverInstall (HWND hwndDlg) +{ +#ifdef SETUP + if (SystemEncryptionUpdate) + return TRUE; +#endif + + SC_HANDLE hManager, hService = NULL; + BOOL bOK = FALSE, bRet; + + hManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); + if (hManager == NULL) + goto error; + +#ifdef SETUP + StatusMessage (hwndDlg, "INSTALLING_DRIVER"); +#endif + + hService = CreateService (hManager, L"veracrypt", L"veracrypt", + SERVICE_ALL_ACCESS, SERVICE_KERNEL_DRIVER, SERVICE_SYSTEM_START, SERVICE_ERROR_NORMAL, + L"System32\\drivers\\veracrypt.sys", + NULL, NULL, NULL, NULL, NULL); + + if (hService == NULL) + goto error; + else + CloseServiceHandle (hService); + + hService = OpenService (hManager, L"veracrypt", SERVICE_ALL_ACCESS); + if (hService == NULL) + goto error; + +#ifdef SETUP + StatusMessage (hwndDlg, "STARTING_DRIVER"); +#endif + + bRet = StartService (hService, 0, NULL); + if (bRet == FALSE) + goto error; + + bOK = TRUE; + +error: + if (bOK == FALSE && GetLastError () != ERROR_SERVICE_ALREADY_RUNNING) + { + handleWin32Error (hwndDlg, SRC_POS); + MessageBoxW (hwndDlg, GetString ("DRIVER_INSTALL_FAILED"), lpszTitle, MB_ICONHAND); + } + else + bOK = TRUE; + + if (hService != NULL) + CloseServiceHandle (hService); + + if (hManager != NULL) + CloseServiceHandle (hManager); + + return bOK; +} + + +// Install and start driver service and mark it for removal (non-install mode) +static int DriverLoad () +{ + HANDLE file; + WIN32_FIND_DATA find; + SC_HANDLE hManager, hService = NULL; + wchar_t driverPath[TC_MAX_PATH*2]; + BOOL res; + wchar_t *tmp; + DWORD startType; + + if (ReadLocalMachineRegistryDword (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", L"Start", &startType) && startType == SERVICE_BOOT_START) + return ERR_PARAMETER_INCORRECT; + + GetModuleFileName (NULL, driverPath, ARRAYSIZE (driverPath)); + tmp = wcsrchr (driverPath, L'\\'); + if (!tmp) + { + driverPath[0] = L'.'; + driverPath[1] = 0; + } + else + *tmp = 0; + + StringCbCatW (driverPath, sizeof(driverPath), !Is64BitOs () ? L"\\veracrypt.sys" : L"\\veracrypt-x64.sys"); + + file = FindFirstFile (driverPath, &find); + + if (file == INVALID_HANDLE_VALUE) + { + MessageBoxW (0, GetString ("DRIVER_NOT_FOUND"), lpszTitle, ICON_HAND); + return ERR_DONT_REPORT; + } + + FindClose (file); + + hManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); + if (hManager == NULL) + { + if (GetLastError () == ERROR_ACCESS_DENIED) + { + MessageBoxW (0, GetString ("ADMIN_PRIVILEGES_DRIVER"), lpszTitle, ICON_HAND); + return ERR_DONT_REPORT; + } + + return ERR_OS_ERROR; + } + + hService = OpenService (hManager, L"veracrypt", SERVICE_ALL_ACCESS); + if (hService != NULL) + { + // Remove stale service (driver is not loaded but service exists) + DeleteService (hService); + CloseServiceHandle (hService); + Sleep (500); + } + + hService = CreateService (hManager, L"veracrypt", L"veracrypt", + SERVICE_ALL_ACCESS, SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START, SERVICE_ERROR_NORMAL, + driverPath, NULL, NULL, NULL, NULL, NULL); + + if (hService == NULL) + { + CloseServiceHandle (hManager); + return ERR_OS_ERROR; + } + + res = StartService (hService, 0, NULL); + DeleteService (hService); + + CloseServiceHandle (hManager); + CloseServiceHandle (hService); + + return !res ? ERR_OS_ERROR : ERROR_SUCCESS; +} + + +BOOL DriverUnload () +{ + MOUNT_LIST_STRUCT driver; + int refCount; + int volumesMounted; + DWORD dwResult; + BOOL bResult; + + SC_HANDLE hManager, hService = NULL; + BOOL bRet; + SERVICE_STATUS status; + int x; + BOOL driverUnloaded = FALSE; + + if (hDriver == INVALID_HANDLE_VALUE) + return TRUE; + + try + { + if (BootEncryption (NULL).GetStatus().DeviceFilterActive) + return FALSE; + } + catch (...) { } + + // Test for mounted volumes + bResult = DeviceIoControl (hDriver, TC_IOCTL_IS_ANY_VOLUME_MOUNTED, NULL, 0, &volumesMounted, sizeof (volumesMounted), &dwResult, NULL); + + if (!bResult) + { + bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES, NULL, 0, &driver, sizeof (driver), &dwResult, NULL); + if (bResult) + volumesMounted = driver.ulMountedDrives; + } + + if (bResult) + { + if (volumesMounted != 0) + return FALSE; + } + else + return TRUE; + + // Test for any applications attached to driver + refCount = GetDriverRefCount (); + + if (refCount > 1) + return FALSE; + + CloseHandle (hDriver); + hDriver = INVALID_HANDLE_VALUE; + + // Stop driver service + + hManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); + if (hManager == NULL) + goto error; + + hService = OpenService (hManager, L"veracrypt", SERVICE_ALL_ACCESS); + if (hService == NULL) + goto error; + + bRet = QueryServiceStatus (hService, &status); + if (bRet != TRUE) + goto error; + + if (status.dwCurrentState != SERVICE_STOPPED) + { + ControlService (hService, SERVICE_CONTROL_STOP, &status); + + for (x = 0; x < 10; x++) + { + bRet = QueryServiceStatus (hService, &status); + if (bRet != TRUE) + goto error; + + if (status.dwCurrentState == SERVICE_STOPPED) + { + driverUnloaded = TRUE; + break; + } + + Sleep (200); + } + } + else + driverUnloaded = TRUE; + +error: + if (hService != NULL) + CloseServiceHandle (hService); + + if (hManager != NULL) + CloseServiceHandle (hManager); + + if (driverUnloaded) + { + hDriver = INVALID_HANDLE_VALUE; + return TRUE; + } + + return FALSE; +} + + +int DriverAttach (void) +{ + /* Try to open a handle to the device driver. It will be closed later. */ + +#ifndef SETUP + + int nLoadRetryCount = 0; +start: + +#endif + + hDriver = CreateFile (WIN32_ROOT_PREFIX, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (hDriver == INVALID_HANDLE_VALUE) + { +#ifndef SETUP + + LoadSysEncSettings (); + + if (!CreateDriverSetupMutex ()) + { + // Another instance is already attempting to install, register or start the driver + + while (!CreateDriverSetupMutex ()) + { + Sleep (100); // Wait until the other instance finishes + } + + // Try to open a handle to the driver again (keep the mutex in case the other instance failed) + goto start; + } + else + { + // No other instance is currently attempting to install, register or start the driver + + if (SystemEncryptionStatus != SYSENC_STATUS_NONE) + { + // This is an inconsistent state. The config file indicates system encryption should be + // active, but the driver is not running. This may happen e.g. when the pretest fails and + // the user selects "Last Known Good Configuration" from the Windows boot menu. + // To fix this, we're going to reinstall the driver, start it, and register it for boot. + + if (DoDriverInstall (NULL)) + { + Sleep (1000); + hDriver = CreateFile (WIN32_ROOT_PREFIX, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + try + { + BootEncryption bootEnc (NULL); + bootEnc.RegisterBootDriver (bootEnc.GetHiddenOSCreationPhase() != TC_HIDDEN_OS_CREATION_PHASE_NONE ? true : false); + } + catch (Exception &e) + { + e.Show (NULL); + } + } + + CloseDriverSetupMutex (); + } + else + { + // Attempt to load the driver (non-install/portable mode) +load: + BOOL res = DriverLoad (); + + CloseDriverSetupMutex (); + + if (res != ERROR_SUCCESS) + return res; + + bPortableModeConfirmed = TRUE; + + if (hDriver != INVALID_HANDLE_VALUE) + CloseHandle (hDriver); + hDriver = CreateFile (WIN32_ROOT_PREFIX, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + } + + if (bPortableModeConfirmed) + NotifyDriverOfPortableMode (); + } + +#endif // #ifndef SETUP + + if (hDriver == INVALID_HANDLE_VALUE) + return ERR_OS_ERROR; + } + + CloseDriverSetupMutex (); + + if (hDriver != INVALID_HANDLE_VALUE) + { + DWORD dwResult; + + BOOL bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &DriverVersion, sizeof (DriverVersion), &dwResult, NULL); + + if (!bResult) + bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_DRIVER_VERSION, NULL, 0, &DriverVersion, sizeof (DriverVersion), &dwResult, NULL); + +#ifndef SETUP // Don't check version during setup to allow removal of another version + if (bResult == FALSE) + { + return ERR_OS_ERROR; + } + else if (DriverVersion != VERSION_NUM) + { + // Unload an incompatbile version of the driver loaded in non-install mode and load the required version + if (IsNonInstallMode () && CreateDriverSetupMutex () && DriverUnload () && nLoadRetryCount++ < 3) + goto load; + + CloseDriverSetupMutex (); + CloseHandle (hDriver); + hDriver = INVALID_HANDLE_VALUE; + return ERR_DRIVER_VERSION; + } +#else + if (!bResult) + DriverVersion = 0; +#endif + } + + return 0; +} + + +void ResetCurrentDirectory () +{ + wchar_t p[MAX_PATH]; + if (!IsNonInstallMode () && SHGetFolderPath (NULL, CSIDL_PROFILE, NULL, 0, p) == ERROR_SUCCESS) + { + SetCurrentDirectory (p); + } + else + { + GetModPath (p, ARRAYSIZE (p)); + SetCurrentDirectory (p); + } +} + + +BOOL BrowseFiles (HWND hwndDlg, char *stringId, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter) +{ + return BrowseFilesInDir (hwndDlg, stringId, NULL, lpszFileName, keepHistory, saveMode, browseFilter); +} + + +BOOL BrowseFilesInDir (HWND hwndDlg, char *stringId, wchar_t *initialDir, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter, const wchar_t *initialFileName, const wchar_t *defaultExtension) +{ + OPENFILENAMEW ofn; + wchar_t file[TC_MAX_PATH] = { 0 }; + wchar_t filter[1024]; + BOOL status = FALSE; + + CoInitialize (NULL); + + ZeroMemory (&ofn, sizeof (ofn)); + *lpszFileName = 0; + + if (initialDir) + { + ofn.lpstrInitialDir = initialDir; + } + + if (initialFileName) + StringCchCopyW (file, array_capacity (file), initialFileName); + + ofn.lStructSize = sizeof (ofn); + ofn.hwndOwner = hwndDlg; + + StringCbPrintfW (filter, sizeof(filter), L"%ls (*.*)%c*.*%c%ls (*.hc)%c*.hc%c%c", + GetString ("ALL_FILES"), 0, 0, GetString ("TC_VOLUMES"), 0, 0, 0); + ofn.lpstrFilter = browseFilter ? browseFilter : filter; + ofn.nFilterIndex = 1; + ofn.lpstrFile = file; + ofn.nMaxFile = sizeof (file) / sizeof (file[0]); + ofn.lpstrTitle = GetString (stringId); + ofn.lpstrDefExt = defaultExtension; + ofn.Flags = OFN_HIDEREADONLY + | OFN_PATHMUSTEXIST + | (keepHistory ? 0 : OFN_DONTADDTORECENT) + | (saveMode ? OFN_OVERWRITEPROMPT : 0); + + if (!keepHistory) + CleanLastVisitedMRU (); + + SystemFileSelectorCallerThreadId = GetCurrentThreadId(); + SystemFileSelectorCallPending = TRUE; + + if (!saveMode) + { + if (!GetOpenFileNameW (&ofn)) + goto ret; + } + else + { + if (!GetSaveFileNameW (&ofn)) + goto ret; + } + + SystemFileSelectorCallPending = FALSE; + + StringCchCopyW (lpszFileName, MAX_PATH, file); + + if (!keepHistory) + CleanLastVisitedMRU (); + + status = TRUE; + +ret: + SystemFileSelectorCallPending = FALSE; + ResetCurrentDirectory(); + CoUninitialize(); + + return status; +} + + +static wchar_t SelectMultipleFilesPath[131072]; +static int SelectMultipleFilesOffset; + +BOOL SelectMultipleFiles (HWND hwndDlg, const char *stringId, wchar_t *lpszFileName, size_t cbFileName,BOOL keepHistory) +{ + OPENFILENAMEW ofn; + wchar_t filter[1024]; + BOOL status = FALSE; + + CoInitialize (NULL); + + ZeroMemory (&ofn, sizeof (ofn)); + + SelectMultipleFilesPath[0] = 0; + *lpszFileName = 0; + ofn.lStructSize = sizeof (ofn); + ofn.hwndOwner = hwndDlg; + StringCbPrintfW (filter, sizeof(filter), L"%ls (*.*)%c*.*%c%ls (*.hc)%c*.hc%c%c", + GetString ("ALL_FILES"), 0, 0, GetString ("TC_VOLUMES"), 0, 0, 0); + ofn.lpstrFilter = filter; + ofn.nFilterIndex = 1; + ofn.lpstrFile = SelectMultipleFilesPath; + ofn.nMaxFile = 0xffff * 2; // The size must not exceed 0xffff*2 due to a bug in Windows 2000 and XP SP1 + ofn.lpstrTitle = GetString (stringId); + ofn.Flags = OFN_HIDEREADONLY + | OFN_EXPLORER + | OFN_PATHMUSTEXIST + | OFN_ALLOWMULTISELECT + | (keepHistory ? 0 : OFN_DONTADDTORECENT); + + if (!keepHistory) + CleanLastVisitedMRU (); + + SystemFileSelectorCallerThreadId = GetCurrentThreadId(); + SystemFileSelectorCallPending = TRUE; + + if (!GetOpenFileNameW (&ofn)) + goto ret; + + SystemFileSelectorCallPending = FALSE; + + if (SelectMultipleFilesPath[ofn.nFileOffset - 1] != 0) + { + // Single file selected + StringCbCopyW (lpszFileName, cbFileName, SelectMultipleFilesPath); + SelectMultipleFilesOffset = 0; + SecureZeroMemory (SelectMultipleFilesPath, sizeof (SelectMultipleFilesPath)); + } + else + { + // Multiple files selected + SelectMultipleFilesOffset = ofn.nFileOffset; + SelectMultipleFilesNext (lpszFileName, cbFileName); + } + + if (!keepHistory) + CleanLastVisitedMRU (); + + status = TRUE; + +ret: + SystemFileSelectorCallPending = FALSE; + ResetCurrentDirectory(); + CoUninitialize(); + + return status; +} + + +BOOL SelectMultipleFilesNext (wchar_t *lpszFileName, size_t cbFileName) +{ + if (SelectMultipleFilesOffset == 0) + return FALSE; + + StringCbCopyW (lpszFileName, cbFileName,SelectMultipleFilesPath); + lpszFileName[TC_MAX_PATH - 1] = 0; + + if (lpszFileName[wcslen (lpszFileName) - 1] != L'\\') + StringCbCatW (lpszFileName, cbFileName,L"\\"); + + StringCbCatW (lpszFileName, cbFileName,SelectMultipleFilesPath + SelectMultipleFilesOffset); + + SelectMultipleFilesOffset += (int) wcslen (SelectMultipleFilesPath + SelectMultipleFilesOffset) + 1; + if (SelectMultipleFilesPath[SelectMultipleFilesOffset] == 0) + { + SelectMultipleFilesOffset = 0; + SecureZeroMemory (SelectMultipleFilesPath, sizeof (SelectMultipleFilesPath)); + } + + return TRUE; +} + + +static int CALLBACK BrowseCallbackProc(HWND hwnd,UINT uMsg,LPARAM lp, LPARAM pData) +{ + switch(uMsg) { + case BFFM_INITIALIZED: + { + /* WParam is TRUE since we are passing a path. + It would be FALSE if we were passing a pidl. */ + SendMessageW (hwnd,BFFM_SETSELECTION,TRUE,(LPARAM)pData); + break; + } + + case BFFM_SELCHANGED: + { + wchar_t szDir[TC_MAX_PATH]; + + /* Set the status window to the currently selected path. */ + if (SHGetPathFromIDList((LPITEMIDLIST) lp ,szDir)) + { + SendMessage (hwnd,BFFM_SETSTATUSTEXT,0,(LPARAM)szDir); + } + break; + } + + default: + break; + } + + return 0; +} + + +BOOL BrowseDirectories (HWND hwndDlg, char *lpszTitle, wchar_t *dirName) +{ + BROWSEINFOW bi; + LPITEMIDLIST pidl; + LPMALLOC pMalloc; + BOOL bOK = FALSE; + + CoInitialize (NULL); + + if (SUCCEEDED (SHGetMalloc (&pMalloc))) + { + ZeroMemory (&bi, sizeof(bi)); + bi.hwndOwner = hwndDlg; + bi.pszDisplayName = 0; + bi.lpszTitle = GetString (lpszTitle); + bi.pidlRoot = 0; + bi.ulFlags = BIF_RETURNONLYFSDIRS | BIF_STATUSTEXT; + bi.lpfn = BrowseCallbackProc; + bi.lParam = (LPARAM)dirName; + + pidl = SHBrowseForFolderW (&bi); + if (pidl != NULL) + { + if (SHGetPathFromIDList(pidl, dirName)) + { + bOK = TRUE; + } + + pMalloc->Free (pidl); + pMalloc->Release(); + } + } + + CoUninitialize(); + + return bOK; +} + + +std::wstring GetWrongPasswordErrorMessage (HWND hwndDlg) +{ + WCHAR szTmp[8192]; + + StringCbPrintfW (szTmp, sizeof(szTmp), GetString (KeyFilesEnable ? "PASSWORD_OR_KEYFILE_WRONG" : "PASSWORD_WRONG")); + if (CheckCapsLock (hwndDlg, TRUE)) + StringCbCatW (szTmp, sizeof(szTmp), GetString ("PASSWORD_WRONG_CAPSLOCK_ON")); + +#ifdef TCMOUNT + wchar_t szDevicePath [TC_MAX_PATH+1] = {0}; + GetWindowText (GetDlgItem (MainDlg, IDC_VOLUME), szDevicePath, ARRAYSIZE (szDevicePath)); + + if (TCBootLoaderOnInactiveSysEncDrive (szDevicePath)) + { + StringCbPrintfW (szTmp, sizeof(szTmp), GetString (KeyFilesEnable ? "PASSWORD_OR_KEYFILE_OR_MODE_WRONG" : "PASSWORD_OR_MODE_WRONG")); + + if (CheckCapsLock (hwndDlg, TRUE)) + StringCbCatW (szTmp, sizeof(szTmp), GetString ("PASSWORD_WRONG_CAPSLOCK_ON")); + + StringCbCatW (szTmp, sizeof(szTmp), GetString ("SYSENC_MOUNT_WITHOUT_PBA_NOTE")); + } +#endif + + wstring msg = szTmp; + +#ifdef TCMOUNT + if (KeyFilesEnable && HiddenFilesPresentInKeyfilePath) + { + msg += GetString ("HIDDEN_FILES_PRESENT_IN_KEYFILE_PATH"); + HiddenFilesPresentInKeyfilePath = FALSE; + } +#endif + + return msg; +} + + +void handleError (HWND hwndDlg, int code, const char* srcPos) +{ + WCHAR szTmp[4096]; + + if (Silent) return; + + switch (code & 0x0000FFFF) + { + case ERR_OS_ERROR: + handleWin32Error (hwndDlg, srcPos); + break; + case ERR_OUTOFMEMORY: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("OUTOFMEMORY"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + + case ERR_PASSWORD_WRONG: + MessageBoxW (hwndDlg, AppendSrcPos (GetWrongPasswordErrorMessage (hwndDlg).c_str(), srcPos).c_str(), lpszTitle, MB_ICONWARNING); + break; + + case ERR_DRIVE_NOT_FOUND: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("NOT_FOUND"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + case ERR_FILES_OPEN: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("OPENFILES_DRIVER"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + case ERR_FILES_OPEN_LOCK: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("OPENFILES_LOCK"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + case ERR_VOL_SIZE_WRONG: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("VOL_SIZE_WRONG"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + case ERR_COMPRESSION_NOT_SUPPORTED: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("COMPRESSION_NOT_SUPPORTED"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + case ERR_PASSWORD_CHANGE_VOL_TYPE: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("WRONG_VOL_TYPE"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + case ERR_VOL_SEEKING: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("VOL_SEEKING"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + case ERR_CIPHER_INIT_FAILURE: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("ERR_CIPHER_INIT_FAILURE"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + case ERR_CIPHER_INIT_WEAK_KEY: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("ERR_CIPHER_INIT_WEAK_KEY"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + case ERR_VOL_ALREADY_MOUNTED: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("VOL_ALREADY_MOUNTED"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + case ERR_FILE_OPEN_FAILED: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("FILE_OPEN_FAILED"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + case ERR_VOL_MOUNT_FAILED: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("VOL_MOUNT_FAILED"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + case ERR_NO_FREE_DRIVES: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("NO_FREE_DRIVES"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + case ERR_ACCESS_DENIED: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("ACCESS_DENIED"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + + case ERR_DRIVER_VERSION: + Error ("DRIVER_VERSION", hwndDlg); + break; + + case ERR_NEW_VERSION_REQUIRED: + MessageBoxW (hwndDlg, AppendSrcPos (GetString ("NEW_VERSION_REQUIRED"), srcPos).c_str(), lpszTitle, ICON_HAND); + break; + + case ERR_SELF_TESTS_FAILED: + Error ("ERR_SELF_TESTS_FAILED", hwndDlg); + break; + + case ERR_VOL_FORMAT_BAD: + Error ("ERR_VOL_FORMAT_BAD", hwndDlg); + break; + + case ERR_ENCRYPTION_NOT_COMPLETED: + Error ("ERR_ENCRYPTION_NOT_COMPLETED", hwndDlg); + break; + + case ERR_NONSYS_INPLACE_ENC_INCOMPLETE: + Error ("ERR_NONSYS_INPLACE_ENC_INCOMPLETE", hwndDlg); + break; + + case ERR_SYS_HIDVOL_HEAD_REENC_MODE_WRONG: + Error ("ERR_SYS_HIDVOL_HEAD_REENC_MODE_WRONG", hwndDlg); + break; + + case ERR_PARAMETER_INCORRECT: + Error ("ERR_PARAMETER_INCORRECT", hwndDlg); + break; + + case ERR_USER_ABORT: + case ERR_DONT_REPORT: + // A non-error + break; + + case ERR_UNSUPPORTED_TRUECRYPT_FORMAT: + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("UNSUPPORTED_TRUECRYPT_FORMAT"), (code >> 24), (code >> 16) & 0x000000FF); + MessageBoxW (hwndDlg, AppendSrcPos (szTmp, srcPos).c_str(), lpszTitle, ICON_HAND); + break; + +#ifndef SETUP + case ERR_RAND_INIT_FAILED: + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("INIT_RAND"), SRC_POS, GetLastError ()); + MessageBoxW (hwndDlg, AppendSrcPos (szTmp, srcPos).c_str(), lpszTitle, MB_ICONERROR); + break; + + case ERR_CAPI_INIT_FAILED: + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CAPI_RAND"), SRC_POS, CryptoAPILastError); + MessageBoxW (hwndDlg, AppendSrcPos (szTmp, srcPos).c_str(), lpszTitle, MB_ICONERROR); + break; +#endif + + default: + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("ERR_UNKNOWN"), code); + MessageBoxW (hwndDlg, AppendSrcPos (szTmp, srcPos).c_str(), lpszTitle, ICON_HAND); + } +} + + +BOOL CheckFileStreamWriteErrors (HWND hwndDlg, FILE *file, const wchar_t *fileName) +{ + if (ferror (file)) + { + wchar_t s[TC_MAX_PATH]; + StringCbPrintfW (s, sizeof (s), GetString ("CANNOT_WRITE_FILE_X"), fileName); + ErrorDirect (s, hwndDlg); + + return FALSE; + } + + return TRUE; +} + + +static BOOL CALLBACK LocalizeDialogEnum( HWND hwnd, LPARAM font) +{ + // Localization of controls + + if (LocalizationActive) + { + int ctrlId = GetDlgCtrlID (hwnd); + if (ctrlId != 0) + { + WCHAR name[10] = { 0 }; + GetClassNameW (hwnd, name, array_capacity (name)); + + if (_wcsicmp (name, L"Button") == 0 || _wcsicmp (name, L"Static") == 0) + { + wchar_t *str = (wchar_t *) GetDictionaryValueByInt (ctrlId); + if (str != NULL) + SetWindowTextW (hwnd, str); + } + } + } + + // Font + SendMessageW (hwnd, WM_SETFONT, (WPARAM) font, 0); + + return TRUE; +} + +void LocalizeDialog (HWND hwnd, char *stringId) +{ + LastDialogId = stringId; + SetWindowLongPtrW (hwnd, GWLP_USERDATA, (LONG_PTR) 'VERA'); + SendMessageW (hwnd, WM_SETFONT, (WPARAM) hUserFont, 0); + + if (stringId == NULL) + SetWindowTextW (hwnd, L"VeraCrypt"); + else + SetWindowTextW (hwnd, GetString (stringId)); + + if (hUserFont != 0) + EnumChildWindows (hwnd, LocalizeDialogEnum, (LPARAM) hUserFont); +} + +void OpenVolumeExplorerWindow (int driveNo) +{ + wchar_t dosName[5]; + SHFILEINFO fInfo; + + StringCbPrintfW (dosName, sizeof(dosName), L"%c:\\", (wchar_t) driveNo + L'A'); + + // Force explorer to discover the drive + SHGetFileInfo (dosName, 0, &fInfo, sizeof (fInfo), 0); + + ShellExecute (NULL, L"open", dosName, NULL, NULL, SW_SHOWNORMAL); +} + +static BOOL explorerCloseSent; +static HWND explorerTopLevelWindow; + +static BOOL CALLBACK CloseVolumeExplorerWindowsChildEnum (HWND hwnd, LPARAM driveStr) +{ + WCHAR s[MAX_PATH]; + SendMessageW (hwnd, WM_GETTEXT, array_capacity (s), (LPARAM) s); + + if (wcsstr (s, (WCHAR *) driveStr) != NULL) + { + PostMessageW (explorerTopLevelWindow, WM_CLOSE, 0, 0); + explorerCloseSent = TRUE; + return FALSE; + } + + return TRUE; +} + +static BOOL CALLBACK CloseVolumeExplorerWindowsEnum (HWND hwnd, LPARAM driveNo) +{ + WCHAR driveStr[10]; + WCHAR s[MAX_PATH]; + + StringCbPrintfW (driveStr, sizeof(driveStr), L"%c:\\", driveNo + L'A'); + + GetClassNameW (hwnd, s, array_capacity (s)); + if (wcscmp (s, L"CabinetWClass") == 0) + { + GetWindowTextW (hwnd, s, array_capacity (s)); + if (wcsstr (s, driveStr) != NULL) + { + PostMessageW (hwnd, WM_CLOSE, 0, 0); + explorerCloseSent = TRUE; + return TRUE; + } + + explorerTopLevelWindow = hwnd; + EnumChildWindows (hwnd, CloseVolumeExplorerWindowsChildEnum, (LPARAM) driveStr); + } + + return TRUE; +} + +BOOL CloseVolumeExplorerWindows (HWND hwnd, int driveNo) +{ + if (driveNo >= 0) + { + explorerCloseSent = FALSE; + EnumWindows (CloseVolumeExplorerWindowsEnum, (LPARAM) driveNo); + } + + return explorerCloseSent; +} + +BOOL UpdateDriveCustomLabel (int driveNo, wchar_t* effectiveLabel, BOOL bSetValue) +{ + wchar_t wszRegPath[MAX_PATH]; + wchar_t driveStr[] = {L'A' + (wchar_t) driveNo, 0}; + HKEY hKey; + LSTATUS lStatus; + DWORD cbLabelLen = (DWORD) ((wcslen (effectiveLabel) + 1) * sizeof (wchar_t)); + BOOL bToBeDeleted = FALSE; + + StringCbPrintfW (wszRegPath, sizeof (wszRegPath), L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\DriveIcons\\%s\\DefaultLabel", driveStr); + + if (bSetValue) + lStatus = RegCreateKeyExW (HKEY_CURRENT_USER, wszRegPath, NULL, NULL, 0, + KEY_READ | KEY_WRITE | KEY_SET_VALUE, NULL, &hKey, NULL); + else + lStatus = RegOpenKeyExW (HKEY_CURRENT_USER, wszRegPath, 0, KEY_READ | KEY_WRITE | KEY_SET_VALUE, &hKey); + if (ERROR_SUCCESS == lStatus) + { + if (bSetValue) + lStatus = RegSetValueExW (hKey, NULL, NULL, REG_SZ, (LPCBYTE) effectiveLabel, cbLabelLen); + else + { + wchar_t storedLabel[34] = {0}; + DWORD cbStoredLen = sizeof (storedLabel) - 1, dwType; + lStatus = RegQueryValueExW (hKey, NULL, NULL, &dwType, (LPBYTE) storedLabel, &cbStoredLen); + if ((ERROR_SUCCESS == lStatus) && (REG_SZ == dwType) && (0 == wcscmp(storedLabel, effectiveLabel))) + { + // same label stored. mark key for deletion + bToBeDeleted = TRUE; + } + } + RegCloseKey (hKey); + } + + if (bToBeDeleted) + { + StringCbPrintfW (wszRegPath, sizeof (wszRegPath), L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\DriveIcons\\%s", driveStr); + lStatus = RegOpenKeyExW (HKEY_CURRENT_USER, wszRegPath, 0, KEY_READ | KEY_WRITE | KEY_SET_VALUE, &hKey); + if (ERROR_SUCCESS == lStatus) + { + lStatus = RegDeleteKeyW (hKey, L"DefaultLabel"); + RegCloseKey (hKey); + } + + // delete drive letter of nothing else is present under it + RegDeleteKeyW (HKEY_CURRENT_USER, wszRegPath); + + } + + return (ERROR_SUCCESS == lStatus)? TRUE : FALSE; +} + +wstring GetUserFriendlyVersionString (int version) +{ + wchar_t szTmp [64]; + StringCbPrintfW (szTmp, sizeof(szTmp), L"%x", version); + + wstring versionString (szTmp); + + versionString.insert (version > 0xfff ? 2 : 1,L"."); + + if (versionString[versionString.length()-1] == L'0') + versionString.erase (versionString.length()-1, 1); + + return (versionString); +} + +wstring IntToWideString (int val) +{ + wchar_t szTmp [64]; + StringCbPrintfW (szTmp, sizeof(szTmp), L"%d", val); + + return szTmp; +} + +wstring ArrayToHexWideString (const unsigned char* pbData, int cbData) +{ + static wchar_t* hexChar = L"0123456789ABCDEF"; + wstring result; + if (pbData) + { + for (int i = 0; i < cbData; i++) + { + result += hexChar[pbData[i] >> 4]; + result += hexChar[pbData[i] & 0x0F]; + } + } + + return result; +} + +bool HexToByte (wchar_t c, byte& b) +{ + bool bRet = true; + if (c >= L'0' && c <= L'9') + b = (byte) (c - L'0'); + else if (c >= L'a' && c <= L'z') + b = (byte) (c - L'a' + 10); + else if (c >= L'A' && c <= L'Z') + b = (byte) (c - L'A' + 10); + else + bRet = false; + + return bRet; +} + +bool HexWideStringToArray (const wchar_t* hexStr, std::vector& arr) +{ + byte b1, b2; + size_t i, len = wcslen (hexStr); + + arr.clear(); + if (len %2) + return false; + + for (i = 0; i < len/2; i++) + { + if (!HexToByte (*hexStr++, b1) || !HexToByte (*hexStr++, b2)) + return false; + arr.push_back (b1 << 4 | b2); + } + return true; +} + +wstring GetTempPathString () +{ + wchar_t tempPath[MAX_PATH]; + DWORD tempLen = ::GetTempPath (ARRAYSIZE (tempPath), tempPath); + if (tempLen == 0 || tempLen > ARRAYSIZE (tempPath)) + throw ParameterIncorrect (SRC_POS); + + return wstring (tempPath); +} + +void GetSizeString (unsigned __int64 size, wchar_t *str, size_t cbStr) +{ + static wchar_t *b, *kb, *mb, *gb, *tb, *pb; + static int serNo; + + if (b == NULL || serNo != LocalizationSerialNo) + { + serNo = LocalizationSerialNo; + kb = GetString ("KB"); + mb = GetString ("MB"); + gb = GetString ("GB"); + tb = GetString ("TB"); + pb = GetString ("PB"); + b = GetString ("BYTE"); + } + + if (size > 1024I64*1024*1024*1024*1024*99) + StringCbPrintfW (str, cbStr, L"%I64d %s", size/1024/1024/1024/1024/1024, pb); + else if (size > 1024I64*1024*1024*1024*1024) + StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(size/1024.0/1024/1024/1024/1024), pb); + else if (size > 1024I64*1024*1024*1024*99) + StringCbPrintfW (str, cbStr, L"%I64d %s",size/1024/1024/1024/1024, tb); + else if (size > 1024I64*1024*1024*1024) + StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(size/1024.0/1024/1024/1024), tb); + else if (size > 1024I64*1024*1024*99) + StringCbPrintfW (str, cbStr, L"%I64d %s",size/1024/1024/1024, gb); + else if (size > 1024I64*1024*1024) + StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(size/1024.0/1024/1024), gb); + else if (size > 1024I64*1024*99) + StringCbPrintfW (str, cbStr, L"%I64d %s", size/1024/1024, mb); + else if (size > 1024I64*1024) + StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(size/1024.0/1024), mb); + else if (size >= 1024I64) + StringCbPrintfW (str, cbStr, L"%I64d %s", size/1024, kb); + else + StringCbPrintfW (str, cbStr, L"%I64d %s", size, b); +} + +#ifndef SETUP +void GetSpeedString (unsigned __int64 speed, wchar_t *str, size_t cbStr) +{ + static wchar_t *b, *kb, *mb, *gb, *tb, *pb; + static int serNo; + + if (b == NULL || serNo != LocalizationSerialNo) + { + serNo = LocalizationSerialNo; + kb = GetString ("KB_PER_SEC"); + mb = GetString ("MB_PER_SEC"); + gb = GetString ("GB_PER_SEC"); + tb = GetString ("TB_PER_SEC"); + pb = GetString ("PB_PER_SEC"); + b = GetString ("B_PER_SEC"); + } + + if (speed > 1024I64*1024*1024*1024*1024*99) + StringCbPrintfW (str, cbStr, L"%I64d %s", speed/1024/1024/1024/1024/1024, pb); + else if (speed > 1024I64*1024*1024*1024*1024) + StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(speed/1024.0/1024/1024/1024/1024), pb); + else if (speed > 1024I64*1024*1024*1024*99) + StringCbPrintfW (str, cbStr, L"%I64d %s",speed/1024/1024/1024/1024, tb); + else if (speed > 1024I64*1024*1024*1024) + StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(speed/1024.0/1024/1024/1024), tb); + else if (speed > 1024I64*1024*1024*99) + StringCbPrintfW (str, cbStr, L"%I64d %s",speed/1024/1024/1024, gb); + else if (speed > 1024I64*1024*1024) + StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(speed/1024.0/1024/1024), gb); + else if (speed > 1024I64*1024*99) + StringCbPrintfW (str, cbStr, L"%I64d %s", speed/1024/1024, mb); + else if (speed > 1024I64*1024) + StringCbPrintfW (str, cbStr, L"%.1f %s",(double)(speed/1024.0/1024), mb); + else if (speed > 1024I64) + StringCbPrintfW (str, cbStr, L"%I64d %s", speed/1024, kb); + else + StringCbPrintfW (str, cbStr, L"%I64d %s", speed, b); +} + +static void DisplayBenchmarkResults (HWND hwndDlg) +{ + wchar_t item1[100]={0}; + LVITEMW LvItem; + HWND hList = GetDlgItem (hwndDlg, IDC_RESULTS); + int ea, i; + BOOL unsorted = TRUE; + BENCHMARK_REC tmp_line; + + /* Sort the list */ + + switch (benchmarkSortMethod) + { + case BENCHMARK_SORT_BY_SPEED: + + while (unsorted) + { + unsorted = FALSE; + for (i = 0; i < benchmarkTotalItems - 1; i++) + { + if (benchmarkTable[i].meanBytesPerSec < benchmarkTable[i+1].meanBytesPerSec) + { + unsorted = TRUE; + memcpy (&tmp_line, &benchmarkTable[i], sizeof(BENCHMARK_REC)); + memcpy (&benchmarkTable[i], &benchmarkTable[i+1], sizeof(BENCHMARK_REC)); + memcpy (&benchmarkTable[i+1], &tmp_line, sizeof(BENCHMARK_REC)); + } + } + } + break; + + case BENCHMARK_SORT_BY_NAME: + + while (unsorted) + { + unsorted = FALSE; + for (i = 0; i < benchmarkTotalItems - 1; i++) + { + if (benchmarkTable[i].id > benchmarkTable[i+1].id) + { + unsorted = TRUE; + memcpy (&tmp_line, &benchmarkTable[i], sizeof(BENCHMARK_REC)); + memcpy (&benchmarkTable[i], &benchmarkTable[i+1], sizeof(BENCHMARK_REC)); + memcpy (&benchmarkTable[i+1], &tmp_line, sizeof(BENCHMARK_REC)); + } + } + } + break; + } + + /* Render the results */ + + SendMessage (hList,LVM_DELETEALLITEMS,0,(LPARAM)&LvItem); + + for (i = 0; i < benchmarkTotalItems; i++) + { + ea = benchmarkTable[i].id; + + memset (&LvItem,0,sizeof(LvItem)); + LvItem.mask = LVIF_TEXT; + LvItem.iItem = i; + LvItem.iSubItem = 0; + LvItem.pszText = (LPWSTR) benchmarkTable[i].name; + SendMessageW (hList, LVM_INSERTITEM, 0, (LPARAM)&LvItem); + +#if PKCS5_BENCHMARKS + wcscpy (item1, L"-"); +#else + GetSpeedString ((unsigned __int64) (benchmarkLastBufferSize / ((float) benchmarkTable[i].encSpeed / benchmarkPerformanceFrequency.QuadPart)), item1, sizeof(item1)); +#endif + LvItem.iSubItem = 1; + LvItem.pszText = item1; + + SendMessageW (hList, LVM_SETITEMW, 0, (LPARAM)&LvItem); + +#if PKCS5_BENCHMARKS + wcscpy (item1, L"-"); +#else + GetSpeedString ((unsigned __int64) (benchmarkLastBufferSize / ((float) benchmarkTable[i].decSpeed / benchmarkPerformanceFrequency.QuadPart)), item1, sizeof(item1)); +#endif + LvItem.iSubItem = 2; + LvItem.pszText = item1; + + SendMessageW (hList, LVM_SETITEMW, 0, (LPARAM)&LvItem); + +#if PKCS5_BENCHMARKS + swprintf (item1, L"%d t", benchmarkTable[i].encSpeed); +#else + GetSpeedString (benchmarkTable[i].meanBytesPerSec, item1, sizeof(item1)); +#endif + LvItem.iSubItem = 3; + LvItem.pszText = item1; + + SendMessageW (hList, LVM_SETITEMW, 0, (LPARAM)&LvItem); + } + + SendMessageW(hList, LVM_SETCOLUMNWIDTH, 0, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); + SendMessageW(hList, LVM_SETCOLUMNWIDTH, 1, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); + SendMessageW(hList, LVM_SETCOLUMNWIDTH, 2, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); + SendMessageW(hList, LVM_SETCOLUMNWIDTH, 3, MAKELPARAM(LVSCW_AUTOSIZE_USEHEADER, 0)); +} + +// specific implementation for support of benchmark operation in wait dialog mechanism + +typedef struct +{ + HWND hBenchDlg; + BOOL bStatus; +} BenchmarkThreadParam; + +static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg); + +void CALLBACK BenchmarkThreadProc(void* pArg, HWND hwndDlg) +{ + BenchmarkThreadParam* pThreadParam = (BenchmarkThreadParam*) pArg; + + pThreadParam->bStatus = PerformBenchmark (pThreadParam->hBenchDlg, hwndDlg); +} + +static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) +{ + LARGE_INTEGER performanceCountStart, performanceCountEnd; + BYTE *lpTestBuffer; + PCRYPTO_INFO ci = NULL; + UINT64_STRUCT startDataUnitNo; + + startDataUnitNo.Value = 0; + +#if !(PKCS5_BENCHMARKS || HASH_FNC_BENCHMARKS) + ci = crypto_open (); + if (!ci) + return FALSE; +#endif + + if (QueryPerformanceFrequency (&benchmarkPerformanceFrequency) == 0) + { + if (ci) + crypto_close (ci); + MessageBoxW (hwndDlg, GetString ("ERR_PERF_COUNTER"), lpszTitle, ICON_HAND); + return FALSE; + } + + lpTestBuffer = (BYTE *) malloc(benchmarkBufferSize - (benchmarkBufferSize % 16)); + if (lpTestBuffer == NULL) + { + if (ci) + crypto_close (ci); + MessageBoxW (hwndDlg, GetString ("ERR_MEM_ALLOC"), lpszTitle, ICON_HAND); + return FALSE; + } + VirtualLock (lpTestBuffer, benchmarkBufferSize - (benchmarkBufferSize % 16)); + + WaitCursor (); + benchmarkTotalItems = 0; + +#if !(PKCS5_BENCHMARKS || HASH_FNC_BENCHMARKS) + // CPU "warm up" (an attempt to prevent skewed results on systems where CPU frequency + // gradually changes depending on CPU load). + ci->ea = EAGetFirst(); + if (!EAInit (ci->ea, ci->master_keydata, ci->ks)) + { + ci->mode = FIRST_MODE_OF_OPERATION_ID; + if (EAInitMode (ci)) + { + int i; + + for (i = 0; i < 10; i++) + { + EncryptDataUnits (lpTestBuffer, &startDataUnitNo, (TC_LARGEST_COMPILER_UINT) benchmarkBufferSize / ENCRYPTION_DATA_UNIT_SIZE, ci); + DecryptDataUnits (lpTestBuffer, &startDataUnitNo, (TC_LARGEST_COMPILER_UINT) benchmarkBufferSize / ENCRYPTION_DATA_UNIT_SIZE, ci); + } + } + } +#endif + +#if HASH_FNC_BENCHMARKS + + /* Measures the speed at which each of the hash algorithms processes the message to produce + a single digest. + + The hash algorithm benchmarks are included here for development purposes only. Do not enable + them when building a public release (the benchmark GUI strings wouldn't make sense). */ + + { + BYTE *digest [MAX_DIGESTSIZE]; + WHIRLPOOL_CTX wctx; + RMD160_CTX rctx; + sha512_ctx s2ctx; + sha256_ctx s256ctx; + int hid; + + for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) + { + if (QueryPerformanceCounter (&performanceCountStart) == 0) + goto counter_error; + + switch (hid) + { + + case SHA512: + sha512_begin (&s2ctx); + sha512_hash (lpTestBuffer, benchmarkBufferSize, &s2ctx); + sha512_end ((unsigned char *) digest, &s2ctx); + break; + + case SHA256: + sha256_begin (&s256ctx); + sha256_hash (lpTestBuffer, benchmarkBufferSize, &s256ctx); + sha256_end ((unsigned char *) digest, &s256ctx); + break; + + case RIPEMD160: + RMD160Init(&rctx); + RMD160Update(&rctx, lpTestBuffer, benchmarkBufferSize); + RMD160Final((unsigned char *) digest, &rctx); + break; + + case WHIRLPOOL: + WHIRLPOOL_init (&wctx); + WHIRLPOOL_add (lpTestBuffer, benchmarkBufferSize * 8, &wctx); + WHIRLPOOL_finalize (&wctx, (unsigned char *) digest); + break; + } + + if (QueryPerformanceCounter (&performanceCountEnd) == 0) + goto counter_error; + + benchmarkTable[benchmarkTotalItems].encSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart; + + benchmarkTable[benchmarkTotalItems].decSpeed = benchmarkTable[benchmarkTotalItems].encSpeed; + benchmarkTable[benchmarkTotalItems].id = hid; + benchmarkTable[benchmarkTotalItems].meanBytesPerSec = ((unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].encSpeed / benchmarkPerformanceFrequency.QuadPart)) + (unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].decSpeed / benchmarkPerformanceFrequency.QuadPart))) / 2; + StringCbPrintfA (benchmarkTable[benchmarkTotalItems].name, sizeof(benchmarkTable[benchmarkTotalItems].name),"%s", HashGetName(hid)); + + benchmarkTotalItems++; + } + } + +#elif PKCS5_BENCHMARKS // #if HASH_FNC_BENCHMARKS + + /* Measures the time that it takes for the PKCS-5 routine to derive a header key using + each of the implemented PRF algorithms. + + The PKCS-5 benchmarks are included here for development purposes only. Do not enable + them when building a public release (the benchmark GUI strings wouldn't make sense). */ + { + int thid, i; + char dk[MASTER_KEYDATA_SIZE]; + char *tmp_salt = {"\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF"}; + + for (thid = FIRST_PRF_ID; thid <= LAST_PRF_ID; thid++) + { + if (QueryPerformanceCounter (&performanceCountStart) == 0) + goto counter_error; + + for (i = 1; i <= 5; i++) + { + switch (thid) + { + + case SHA512: + /* PKCS-5 test with HMAC-SHA-512 used as the PRF */ + derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, 0, FALSE, FALSE), dk, MASTER_KEYDATA_SIZE); + break; + + case SHA256: + /* PKCS-5 test with HMAC-SHA-256 used as the PRF */ + derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, 0, FALSE, FALSE), dk, MASTER_KEYDATA_SIZE); + break; + + case RIPEMD160: + /* PKCS-5 test with HMAC-RIPEMD-160 used as the PRF */ + derive_key_ripemd160 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, 0, FALSE, FALSE), dk, MASTER_KEYDATA_SIZE); + break; + + case WHIRLPOOL: + /* PKCS-5 test with HMAC-Whirlpool used as the PRF */ + derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, 0, FALSE, FALSE), dk, MASTER_KEYDATA_SIZE); + break; + } + } + + if (QueryPerformanceCounter (&performanceCountEnd) == 0) + goto counter_error; + + benchmarkTable[benchmarkTotalItems].encSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart; + benchmarkTable[benchmarkTotalItems].id = thid; + StringCbPrintfW (benchmarkTable[benchmarkTotalItems].name, sizeof(benchmarkTable[benchmarkTable[benchmarkTotalItems].name),L"%s", get_pkcs5_prf_name (thid)); + + benchmarkTotalItems++; + } + } + +#else // #elif PKCS5_BENCHMARKS + + /* Encryption algorithm benchmarks */ + + for (ci->ea = EAGetFirst(); ci->ea != 0; ci->ea = EAGetNext(ci->ea)) + { + if (!EAIsFormatEnabled (ci->ea)) + continue; + + if (ERR_CIPHER_INIT_FAILURE == EAInit (ci->ea, ci->master_keydata, ci->ks)) + goto counter_error; + + ci->mode = FIRST_MODE_OF_OPERATION_ID; + if (!EAInitMode (ci)) + goto counter_error; + + if (QueryPerformanceCounter (&performanceCountStart) == 0) + goto counter_error; + + EncryptDataUnits (lpTestBuffer, &startDataUnitNo, (TC_LARGEST_COMPILER_UINT) benchmarkBufferSize / ENCRYPTION_DATA_UNIT_SIZE, ci); + + if (QueryPerformanceCounter (&performanceCountEnd) == 0) + goto counter_error; + + benchmarkTable[benchmarkTotalItems].encSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart; + + if (QueryPerformanceCounter (&performanceCountStart) == 0) + goto counter_error; + + DecryptDataUnits (lpTestBuffer, &startDataUnitNo, (TC_LARGEST_COMPILER_UINT) benchmarkBufferSize / ENCRYPTION_DATA_UNIT_SIZE, ci); + + if (QueryPerformanceCounter (&performanceCountEnd) == 0) + goto counter_error; + + benchmarkTable[benchmarkTotalItems].decSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart; + benchmarkTable[benchmarkTotalItems].id = ci->ea; + benchmarkTable[benchmarkTotalItems].meanBytesPerSec = ((unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].encSpeed / benchmarkPerformanceFrequency.QuadPart)) + (unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].decSpeed / benchmarkPerformanceFrequency.QuadPart))) / 2; + EAGetName (benchmarkTable[benchmarkTotalItems].name, ci->ea, 1); + + benchmarkTotalItems++; + } + +#endif // #elif PKCS5_BENCHMARKS (#else) + + if (ci) + crypto_close (ci); + + VirtualUnlock (lpTestBuffer, benchmarkBufferSize - (benchmarkBufferSize % 16)); + + free(lpTestBuffer); + + benchmarkLastBufferSize = benchmarkBufferSize; + + DisplayBenchmarkResults(hBenchDlg); + + EnableWindow (GetDlgItem (hBenchDlg, IDC_PERFORM_BENCHMARK), TRUE); + EnableWindow (GetDlgItem (hBenchDlg, IDCLOSE), TRUE); + + NormalCursor (); + return TRUE; + +counter_error: + + if (ci) + crypto_close (ci); + + VirtualUnlock (lpTestBuffer, benchmarkBufferSize - (benchmarkBufferSize % 16)); + + free(lpTestBuffer); + + NormalCursor (); + + EnableWindow (GetDlgItem (hBenchDlg, IDC_PERFORM_BENCHMARK), TRUE); + EnableWindow (GetDlgItem (hBenchDlg, IDCLOSE), TRUE); + + MessageBoxW (hwndDlg, GetString ("ERR_PERF_COUNTER"), lpszTitle, ICON_HAND); + return FALSE; +} + + +BOOL CALLBACK BenchmarkDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + LPARAM nIndex; + HWND hCboxSortMethod = GetDlgItem (hwndDlg, IDC_BENCHMARK_SORT_METHOD); + HWND hCboxBufferSize = GetDlgItem (hwndDlg, IDC_BENCHMARK_BUFFER_SIZE); + + switch (msg) + { + case WM_INITDIALOG: + { + LVCOLUMNW LvCol; + wchar_t s[128]; + HWND hList = GetDlgItem (hwndDlg, IDC_RESULTS); + + LocalizeDialog (hwndDlg, "IDD_BENCHMARK_DLG"); + + benchmarkBufferSize = BENCHMARK_DEFAULT_BUF_SIZE; + benchmarkSortMethod = BENCHMARK_SORT_BY_SPEED; + + SendMessage (hList,LVM_SETEXTENDEDLISTVIEWSTYLE,0, + LVS_EX_FULLROWSELECT|LVS_EX_HEADERDRAGDROP|LVS_EX_LABELTIP + ); + + memset (&LvCol,0,sizeof(LvCol)); + LvCol.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; + LvCol.pszText = GetString ("ALGORITHM"); + LvCol.cx = CompensateXDPI (114); + LvCol.fmt = LVCFMT_LEFT; + SendMessage (hList,LVM_INSERTCOLUMNW,0,(LPARAM)&LvCol); + + LvCol.pszText = GetString ("ENCRYPTION"); + LvCol.cx = CompensateXDPI (80); + LvCol.fmt = LVCFMT_RIGHT; + SendMessageW (hList,LVM_INSERTCOLUMNW,1,(LPARAM)&LvCol); + + LvCol.pszText = GetString ("DECRYPTION"); + LvCol.cx = CompensateXDPI (80); + LvCol.fmt = LVCFMT_RIGHT; + SendMessageW (hList,LVM_INSERTCOLUMNW,2,(LPARAM)&LvCol); + + LvCol.pszText = GetString ("MEAN"); + LvCol.cx = CompensateXDPI (80); + LvCol.fmt = LVCFMT_RIGHT; + SendMessageW (hList,LVM_INSERTCOLUMNW,3,(LPARAM)&LvCol); + + /* Combo boxes */ + + // Sort method + + SendMessage (hCboxSortMethod, CB_RESETCONTENT, 0, 0); + + nIndex = SendMessageW (hCboxSortMethod, CB_ADDSTRING, 0, (LPARAM) GetString ("ALPHABETICAL_CATEGORIZED")); + SendMessage (hCboxSortMethod, CB_SETITEMDATA, nIndex, (LPARAM) 0); + + nIndex = SendMessageW (hCboxSortMethod, CB_ADDSTRING, 0, (LPARAM) GetString ("MEAN_SPEED")); + SendMessage (hCboxSortMethod, CB_SETITEMDATA, nIndex, (LPARAM) 0); + + SendMessage (hCboxSortMethod, CB_SETCURSEL, 1, 0); // Default sort method + + // Buffer size + + SendMessage (hCboxBufferSize, CB_RESETCONTENT, 0, 0); + + StringCbPrintfW (s, sizeof(s), L"100 %s", GetString ("KB")); + nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); + SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 100 * BYTES_PER_KB); + + StringCbPrintfW (s, sizeof(s), L"500 %s", GetString ("KB")); + nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); + SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 500 * BYTES_PER_KB); + + StringCbPrintfW (s, sizeof(s), L"1 %s", GetString ("MB")); + nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); + SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 1 * BYTES_PER_MB); + + StringCbPrintfW (s, sizeof(s), L"5 %s", GetString ("MB")); + nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); + SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 5 * BYTES_PER_MB); + + StringCbPrintfW (s, sizeof(s), L"10 %s", GetString ("MB")); + nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); + SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 10 * BYTES_PER_MB); + + StringCbPrintfW (s, sizeof(s), L"50 %s", GetString ("MB")); + nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); + SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 50 * BYTES_PER_MB); + + StringCbPrintfW (s, sizeof(s), L"100 %s", GetString ("MB")); + nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); + SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 100 * BYTES_PER_MB); + + StringCbPrintfW (s, sizeof(s), L"200 %s", GetString ("MB")); + nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); + SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 200 * BYTES_PER_MB); + + StringCbPrintfW (s, sizeof(s), L"500 %s", GetString ("MB")); + nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); + SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 500 * BYTES_PER_MB); + + StringCbPrintfW (s, sizeof(s), L"1 %s", GetString ("GB")); + nIndex = SendMessageW (hCboxBufferSize, CB_ADDSTRING, 0, (LPARAM) s); + SendMessage (hCboxBufferSize, CB_SETITEMDATA, nIndex, (LPARAM) 1 * BYTES_PER_GB); + + SendMessage (hCboxBufferSize, CB_SETCURSEL, 5, 0); // Default buffer size + + + uint32 driverConfig = ReadDriverConfigurationFlags(); + + SetDlgItemTextW (hwndDlg, IDC_HW_AES, (wstring (L" ") + (GetString (is_aes_hw_cpu_supported() ? ((driverConfig & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? "UISTR_DISABLED" : "UISTR_YES") : "NOT_APPLICABLE_OR_NOT_AVAILABLE"))).c_str()); + + ToHyperlink (hwndDlg, IDC_HW_AES_LABEL_LINK); + + if (is_aes_hw_cpu_supported() && (driverConfig & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION)) + { + Warning ("DISABLED_HW_AES_AFFECTS_PERFORMANCE", hwndDlg); + } + + SYSTEM_INFO sysInfo; + GetSystemInfo (&sysInfo); + + size_t nbrThreads = GetEncryptionThreadCount(); + + wchar_t nbrThreadsStr [300]; + if (sysInfo.dwNumberOfProcessors < 2) + { + StringCbCopyW (nbrThreadsStr, sizeof(nbrThreadsStr), GetString ("NOT_APPLICABLE_OR_NOT_AVAILABLE")); + } + else if (nbrThreads < 2) + { + StringCbCopyW (nbrThreadsStr, sizeof(nbrThreadsStr), GetString ("UISTR_DISABLED")); + } + else + { + StringCbPrintfW (nbrThreadsStr, sizeof(nbrThreadsStr), GetString ("NUMBER_OF_THREADS"), nbrThreads); + } + + SetDlgItemTextW (hwndDlg, IDC_PARALLELIZATION, (wstring (L" ") + nbrThreadsStr).c_str()); + + ToHyperlink (hwndDlg, IDC_PARALLELIZATION_LABEL_LINK); + + if (nbrThreads < min (sysInfo.dwNumberOfProcessors, GetMaxEncryptionThreadCount()) + && sysInfo.dwNumberOfProcessors > 1) + { + Warning ("LIMITED_THREAD_COUNT_AFFECTS_PERFORMANCE", hwndDlg); + } + + return 1; + } + break; + + case WM_COMMAND: + + switch (lw) + { + case IDC_BENCHMARK_SORT_METHOD: + + nIndex = SendMessage (hCboxSortMethod, CB_GETCURSEL, 0, 0); + if (nIndex != benchmarkSortMethod) + { + benchmarkSortMethod = (int) nIndex; + DisplayBenchmarkResults (hwndDlg); + } + return 1; + + case IDC_PERFORM_BENCHMARK: + + nIndex = SendMessage (hCboxBufferSize, CB_GETCURSEL, 0, 0); + benchmarkBufferSize = (int) SendMessage (hCboxBufferSize, CB_GETITEMDATA, nIndex, 0); + + BenchmarkThreadParam threadParam; + threadParam.hBenchDlg = hwndDlg; + threadParam.bStatus = FALSE; + + WaitCursor (); + + ShowWaitDialog (hwndDlg, TRUE, BenchmarkThreadProc, &threadParam); + + NormalCursor (); + + if (threadParam.bStatus == FALSE) + { + EndDialog (hwndDlg, IDCLOSE); + } + return 1; + + case IDC_HW_AES_LABEL_LINK: + + Applink ("hwacceleration", TRUE, ""); + return 1; + + case IDC_PARALLELIZATION_LABEL_LINK: + + Applink ("parallelization", TRUE, ""); + return 1; + + case IDCLOSE: + case IDCANCEL: + + EndDialog (hwndDlg, IDCLOSE); + return 1; + } + return 0; + + break; + + case WM_CLOSE: + EndDialog (hwndDlg, IDCLOSE); + return 1; + + break; + + } + return 0; +} + + +static BOOL CALLBACK RandomPoolEnrichementDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + WORD hw = HIWORD (wParam); + static unsigned char randPool [RNG_POOL_SIZE]; + static unsigned char lastRandPool [RNG_POOL_SIZE]; + static unsigned char maskRandPool [RNG_POOL_SIZE]; + static BOOL bUseMask = FALSE; + static DWORD mouseEntropyGathered = 0xFFFFFFFF; + static DWORD mouseEventsInitialCount = 0; + /* max value of entropy needed to fill all random pool = 8 * RNG_POOL_SIZE = 2560 bits */ + static const DWORD maxEntropyLevel = RNG_POOL_SIZE * 8; + static HWND hEntropyBar = NULL; + static wchar_t outputDispBuffer [RNG_POOL_SIZE * 3 + RANDPOOL_DISPLAY_ROWS + 2]; + static BOOL bDisplayPoolContents = FALSE; + static BOOL bRandPoolDispAscii = FALSE; + int hash_algo = RandGetHashFunction(); + int hid; + + switch (msg) + { + case WM_INITDIALOG: + { + HWND hComboBox = GetDlgItem (hwndDlg, IDC_PRF_ID); + HCRYPTPROV hRngProv = NULL; + + VirtualLock (randPool, sizeof(randPool)); + VirtualLock (lastRandPool, sizeof(lastRandPool)); + VirtualLock (outputDispBuffer, sizeof(outputDispBuffer)); + VirtualLock (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); + VirtualLock (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); + VirtualLock (maskRandPool, sizeof(maskRandPool)); + + mouseEntropyGathered = 0xFFFFFFFF; + mouseEventsInitialCount = 0; + bUseMask = FALSE; + if (CryptAcquireContext (&hRngProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) + { + if (CryptGenRandom (hRngProv, sizeof (maskRandPool), maskRandPool)) + bUseMask = TRUE; + CryptReleaseContext (hRngProv, 0); + } + + LocalizeDialog (hwndDlg, "IDD_RANDOM_POOL_ENRICHMENT"); + + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) + { + if (!HashIsDeprecated (hid)) + AddComboPair (hComboBox, HashGetName(hid), hid); + } + SelectAlgo (hComboBox, &hash_algo); + + SetCheckBox (hwndDlg, IDC_DISPLAY_POOL_CONTENTS, bDisplayPoolContents); + + SetTimer (hwndDlg, 0xfd, RANDPOOL_DISPLAY_REFRESH_INTERVAL, NULL); + SendMessage (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); + + hEntropyBar = GetDlgItem (hwndDlg, IDC_ENTROPY_BAR); + SendMessage (hEntropyBar, PBM_SETRANGE32, 0, maxEntropyLevel); + SendMessage (hEntropyBar, PBM_SETSTEP, 1, 0); + SendMessage (hEntropyBar, PBM_SETSTATE, PBST_ERROR, 0); + return 1; + } + + case WM_TIMER: + { + wchar_t tmp[4]; + unsigned char tmpByte; + int col, row; + DWORD mouseEventsCounter; + + RandpeekBytes (hwndDlg, randPool, sizeof (randPool), &mouseEventsCounter); + + ProcessEntropyEstimate (hEntropyBar, &mouseEventsInitialCount, mouseEventsCounter, maxEntropyLevel, &mouseEntropyGathered); + + if (memcmp (lastRandPool, randPool, sizeof(lastRandPool)) != 0) + { + outputDispBuffer[0] = 0; + + for (row = 0; row < RANDPOOL_DISPLAY_ROWS; row++) + { + for (col = 0; col < RANDPOOL_DISPLAY_COLUMNS; col++) + { + if (bDisplayPoolContents) + { + tmpByte = randPool[row * RANDPOOL_DISPLAY_COLUMNS + col]; + StringCbPrintfW (tmp, sizeof(tmp), bRandPoolDispAscii ? ((tmpByte >= 32 && tmpByte < 255 && tmpByte != L'&') ? L" %c " : L" . ") : L"%02X ", tmpByte); + } + else if (bUseMask) + { + /* use mask to compute a randomized ascii representation */ + tmpByte = (randPool[row * RANDPOOL_DISPLAY_COLUMNS + col] - + lastRandPool[row * RANDPOOL_DISPLAY_COLUMNS + col]) ^ maskRandPool [row * RANDPOOL_DISPLAY_COLUMNS + col]; + tmp[0] = (wchar_t) (((tmpByte >> 4) % 6) + L'*'); + tmp[1] = (wchar_t) (((tmpByte & 0x0F) % 6) + L'*'); + tmp[2] = L' '; + tmp[3] = 0; + } + else + { + StringCbCopyW (tmp, sizeof(tmp), L"** "); + } + + StringCbCatW (outputDispBuffer, sizeof(outputDispBuffer), tmp); + } + StringCbCatW (outputDispBuffer, sizeof(outputDispBuffer), L"\n"); + } + SetWindowText (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), outputDispBuffer); + + memcpy (lastRandPool, randPool, sizeof(lastRandPool)); + } + return 1; + } + + case WM_COMMAND: + if (lw == IDC_CONTINUE) + lw = IDOK; + + if (lw == IDOK || lw == IDCLOSE || lw == IDCANCEL) + { + goto exit; + } + + if (lw == IDC_PRF_ID && hw == CBN_SELCHANGE) + { + hid = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PRF_ID), CB_GETCURSEL, 0, 0); + hash_algo = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PRF_ID), CB_GETITEMDATA, hid, 0); + RandSetHashFunction (hash_algo); + return 1; + } + + if (lw == IDC_DISPLAY_POOL_CONTENTS) + { + if (!(bDisplayPoolContents = GetCheckBox (hwndDlg, IDC_DISPLAY_POOL_CONTENTS))) + { + wchar_t tmp[RNG_POOL_SIZE+1]; + + wmemset (tmp, L' ', ARRAYSIZE(tmp)); + tmp [RNG_POOL_SIZE] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), tmp); + } + + return 1; + } + + return 0; + + case WM_CLOSE: + { + wchar_t tmp[RNG_POOL_SIZE+1]; +exit: + KillTimer (hwndDlg, 0xfd); + + burn (randPool, sizeof(randPool)); + burn (lastRandPool, sizeof(lastRandPool)); + burn (outputDispBuffer, sizeof(outputDispBuffer)); + burn (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); + burn (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); + burn (maskRandPool, sizeof(maskRandPool)); + + // Attempt to wipe the pool contents in the GUI text area + wmemset (tmp, L' ', RNG_POOL_SIZE); + tmp [RNG_POOL_SIZE] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), tmp); + + if (msg == WM_COMMAND && lw == IDOK) + EndDialog (hwndDlg, IDOK); + else + EndDialog (hwndDlg, IDCLOSE); + + return 1; + } + } + return 0; +} + +/* Randinit is always called before UserEnrichRandomPool, so we don't need + * the extra Randinit call here since it will always succeed but we keep it + * for clarity purposes + */ +void UserEnrichRandomPool (HWND hwndDlg) +{ + if ((0 == Randinit()) && !IsRandomPoolEnrichedByUser()) + { + INT_PTR result = DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_RANDOM_POOL_ENRICHMENT), hwndDlg ? hwndDlg : MainDlg, (DLGPROC) RandomPoolEnrichementDlgProc, (LPARAM) 0); + SetRandomPoolEnrichedByUserStatus (result == IDOK); + } +} + + +/* Except in response to the WM_INITDIALOG message, the dialog box procedure + should return nonzero if it processes the message, and zero if it does + not. - see DialogProc */ +BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + WORD hw = HIWORD (wParam); + static unsigned char randPool [RNG_POOL_SIZE]; + static unsigned char lastRandPool [RNG_POOL_SIZE]; + static unsigned char maskRandPool [RNG_POOL_SIZE]; + static BOOL bUseMask = FALSE; + static DWORD mouseEntropyGathered = 0xFFFFFFFF; + static DWORD mouseEventsInitialCount = 0; + /* max value of entropy needed to fill all random pool = 8 * RNG_POOL_SIZE = 2560 bits */ + static const DWORD maxEntropyLevel = RNG_POOL_SIZE * 8; + static HWND hEntropyBar = NULL; + static wchar_t outputDispBuffer [RNG_POOL_SIZE * 3 + RANDPOOL_DISPLAY_ROWS + 2]; + static BOOL bDisplayPoolContents = FALSE; + static BOOL bRandPoolDispAscii = FALSE; + int hash_algo = RandGetHashFunction(); + int hid; + + switch (msg) + { + case WM_INITDIALOG: + { + HWND hComboBox = GetDlgItem (hwndDlg, IDC_PRF_ID); + HCRYPTPROV hRngProv = NULL; + + VirtualLock (randPool, sizeof(randPool)); + VirtualLock (lastRandPool, sizeof(lastRandPool)); + VirtualLock (outputDispBuffer, sizeof(outputDispBuffer)); + VirtualLock (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); + VirtualLock (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); + VirtualLock (maskRandPool, sizeof(maskRandPool)); + + mouseEntropyGathered = 0xFFFFFFFF; + mouseEventsInitialCount = 0; + bUseMask = FALSE; + if (CryptAcquireContext (&hRngProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) + { + if (CryptGenRandom (hRngProv, sizeof (maskRandPool), maskRandPool)) + bUseMask = TRUE; + CryptReleaseContext (hRngProv, 0); + } + + LocalizeDialog (hwndDlg, "IDD_KEYFILE_GENERATOR"); + + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) + { + if (!HashIsDeprecated (hid)) + AddComboPair (hComboBox, HashGetName(hid), hid); + } + SelectAlgo (hComboBox, &hash_algo); + + SetCheckBox (hwndDlg, IDC_DISPLAY_POOL_CONTENTS, bDisplayPoolContents); + hEntropyBar = GetDlgItem (hwndDlg, IDC_ENTROPY_BAR); + SendMessage (hEntropyBar, PBM_SETRANGE32, 0, maxEntropyLevel); + SendMessage (hEntropyBar, PBM_SETSTEP, 1, 0); + SendMessage (hEntropyBar, PBM_SETSTATE, PBST_ERROR, 0); + +#ifndef VOLFORMAT + if (Randinit ()) + { + handleError (hwndDlg, (CryptoAPILastError == ERROR_SUCCESS)? ERR_RAND_INIT_FAILED : ERR_CAPI_INIT_FAILED, SRC_POS); + EndDialog (hwndDlg, IDCLOSE); + } +#endif + SetTimer (hwndDlg, 0xfd, RANDPOOL_DISPLAY_REFRESH_INTERVAL, NULL); + SendMessage (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); + // 9-digit limit for the number of keyfiles (more than enough!) + SendMessage (GetDlgItem (hwndDlg, IDC_NUMBER_KEYFILES), EM_SETLIMITTEXT, (WPARAM) 9, 0); + SetWindowText(GetDlgItem (hwndDlg, IDC_NUMBER_KEYFILES), L"1"); + // maximum keyfile size is 1048576, so limit the edit control to 7 characters + SendMessage (GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE), EM_SETLIMITTEXT, (WPARAM) 7, 0); + SetWindowText(GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE), L"64"); + // set the maximum length of the keyfile base name to (TC_MAX_PATH - 1) + SendMessage (GetDlgItem (hwndDlg, IDC_KEYFILES_BASE_NAME), EM_SETLIMITTEXT, (WPARAM) (TC_MAX_PATH - 1), 0); + return 1; + } + + case WM_TIMER: + { + wchar_t tmp[4]; + unsigned char tmpByte; + int col, row; + DWORD mouseEventsCounter; + + RandpeekBytes (hwndDlg, randPool, sizeof (randPool), &mouseEventsCounter); + + ProcessEntropyEstimate (hEntropyBar, &mouseEventsInitialCount, mouseEventsCounter, maxEntropyLevel, &mouseEntropyGathered); + + if (memcmp (lastRandPool, randPool, sizeof(lastRandPool)) != 0) + { + outputDispBuffer[0] = 0; + + for (row = 0; row < RANDPOOL_DISPLAY_ROWS; row++) + { + for (col = 0; col < RANDPOOL_DISPLAY_COLUMNS; col++) + { + if (bDisplayPoolContents) + { + tmpByte = randPool[row * RANDPOOL_DISPLAY_COLUMNS + col]; + StringCbPrintfW (tmp, sizeof(tmp), bRandPoolDispAscii ? ((tmpByte >= 32 && tmpByte < 255 && tmpByte != L'&') ? L" %c " : L" . ") : L"%02X ", tmpByte); + } + else if (bUseMask) + { + /* use mask to compute a randomized ASCII representation */ + tmpByte = (randPool[row * RANDPOOL_DISPLAY_COLUMNS + col] - + lastRandPool[row * RANDPOOL_DISPLAY_COLUMNS + col]) ^ maskRandPool [row * RANDPOOL_DISPLAY_COLUMNS + col]; + tmp[0] = (wchar_t) (((tmpByte >> 4) % 6) + L'*'); + tmp[1] = (wchar_t) (((tmpByte & 0x0F) % 6) + L'*'); + tmp[2] = L' '; + tmp[3] = 0; + } + else + { + StringCbCopyW (tmp, sizeof(tmp), L"** "); + } + + StringCbCatW (outputDispBuffer, sizeof(outputDispBuffer), tmp); + } + StringCbCatW (outputDispBuffer, sizeof(outputDispBuffer), L"\n"); + } + SetWindowText (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), outputDispBuffer); + + memcpy (lastRandPool, randPool, sizeof(lastRandPool)); + } + return 1; + } + + case WM_COMMAND: + + if (lw == IDCLOSE || lw == IDCANCEL) + { + goto exit; + } + + if (lw == IDC_PRF_ID && hw == CBN_SELCHANGE) + { + hid = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PRF_ID), CB_GETCURSEL, 0, 0); + hash_algo = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PRF_ID), CB_GETITEMDATA, hid, 0); + RandSetHashFunction (hash_algo); + return 1; + } + + if (lw == IDC_DISPLAY_POOL_CONTENTS) + { + if (!(bDisplayPoolContents = GetCheckBox (hwndDlg, IDC_DISPLAY_POOL_CONTENTS))) + { + wchar_t tmp[RNG_POOL_SIZE+1]; + + wmemset (tmp, L' ', ARRAYSIZE(tmp)); + tmp [RNG_POOL_SIZE] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), tmp); + } + return 1; + } + + if (lw == IDC_KEYFILES_RANDOM_SIZE) + { + EnableWindow(GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE), !GetCheckBox (hwndDlg, IDC_KEYFILES_RANDOM_SIZE)); + } + + if (lw == IDC_GENERATE_AND_SAVE_KEYFILE) + { + wchar_t szNumber[16] = {0}; + wchar_t szFileBaseName[TC_MAX_PATH]; + wchar_t szDirName[TC_MAX_PATH]; + wchar_t szFileName [2*TC_MAX_PATH + 16]; + unsigned char *keyfile = NULL; + int fhKeyfile = -1, status; + long keyfilesCount = 0, keyfilesSize = 0, i; + wchar_t* fileExtensionPtr = 0; + wchar_t szSuffix[32]; + BOOL bRandomSize = GetCheckBox (hwndDlg, IDC_KEYFILES_RANDOM_SIZE); + + if (!GetWindowText(GetDlgItem (hwndDlg, IDC_NUMBER_KEYFILES), szNumber, ARRAYSIZE(szNumber))) + szNumber[0] = 0; + + keyfilesCount = wcstoul(szNumber, NULL, 0); + if (keyfilesCount <= 0 || keyfilesCount == LONG_MAX) + { + Warning("KEYFILE_INCORRECT_NUMBER", hwndDlg); + SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM) GetDlgItem (hwndDlg, IDC_NUMBER_KEYFILES), TRUE); + return 1; + } + + if (!bRandomSize) + { + if (!GetWindowText(GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE), szNumber, ARRAYSIZE(szNumber))) + szNumber[0] = 0; + + keyfilesSize = wcstoul(szNumber, NULL, 0); + if (keyfilesSize < 64 || keyfilesSize > 1024*1024) + { + Warning("KEYFILE_INCORRECT_SIZE", hwndDlg); + SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM) GetDlgItem (hwndDlg, IDC_KEYFILES_SIZE), TRUE); + return 1; + } + } + + if (!GetWindowText(GetDlgItem (hwndDlg, IDC_KEYFILES_BASE_NAME), szFileBaseName, TC_MAX_PATH)) + szFileBaseName[0] = 0; + + // Trim trailing space + if (TrimWhiteSpace(szFileBaseName) == 0) + { + Warning("KEYFILE_EMPTY_BASE_NAME", hwndDlg); + SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM) GetDlgItem (hwndDlg, IDC_KEYFILES_BASE_NAME), TRUE); + return 1; + } + + if (!IsValidFileName(szFileBaseName)) + { + Warning("KEYFILE_INVALID_BASE_NAME", hwndDlg); + SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM) GetDlgItem (hwndDlg, IDC_KEYFILES_BASE_NAME), TRUE); + return 1; + } + + fileExtensionPtr = wcsrchr(szFileBaseName, L'.'); + + /* Select directory */ + if (!BrowseDirectories (hwndDlg, "SELECT_KEYFILE_GENERATION_DIRECTORY", szDirName)) + return 1; + + if (szDirName[wcslen(szDirName) - 1] != L'\\' && szDirName[wcslen(szDirName) - 1] != L'/') + StringCbCat(szDirName, sizeof(szDirName), L"\\"); + + WaitCursor(); + + keyfile = (unsigned char*) TCalloc( bRandomSize? KEYFILE_MAX_READ_LEN : keyfilesSize ); + + for (i= 0; i < keyfilesCount; i++) + { + StringCbCopyW(szFileName, sizeof(szFileName), szDirName); + + if (i > 0) + { + StringCbPrintfW(szSuffix, sizeof(szSuffix), L"_%d", i); + // Append the counter to the name + if (fileExtensionPtr) + { + StringCchCatN(szFileName, ARRAYSIZE(szFileName), szFileBaseName, (size_t) (fileExtensionPtr - szFileBaseName)); + StringCbCat(szFileName, sizeof(szFileName), szSuffix); + StringCbCat(szFileName, sizeof(szFileName), fileExtensionPtr); + } + else + { + StringCbCat(szFileName, sizeof(szFileName), szFileBaseName); + StringCbCat(szFileName, sizeof(szFileName), szSuffix); + } + } + else + StringCbCat(szFileName, sizeof(szFileName), szFileBaseName); + + // check if the file exists + if ((fhKeyfile = _wopen(szFileName, _O_RDONLY|_O_BINARY, _S_IREAD|_S_IWRITE)) != -1) + { + WCHAR s[4*TC_MAX_PATH] = {0}; + + _close (fhKeyfile); + + StringCbPrintfW (s, sizeof(s), GetString ("KEYFILE_ALREADY_EXISTS"), szFileName); + status = AskWarnNoYesString (s, hwndDlg); + if (status == IDNO) + { + TCfree(keyfile); + NormalCursor(); + return 1; + } + } + + /* Conceive the file */ + if ((fhKeyfile = _wopen(szFileName, _O_CREAT|_O_TRUNC|_O_WRONLY|_O_BINARY, _S_IREAD|_S_IWRITE)) == -1) + { + TCfree(keyfile); + NormalCursor(); + handleWin32Error (hwndDlg, SRC_POS); + return 1; + } + + if (bRandomSize) + { + /* Generate a random size */ + if (!RandgetBytes (hwndDlg, (unsigned char*) &keyfilesSize, sizeof(keyfilesSize), FALSE)) + { + _close (fhKeyfile); + DeleteFile (szFileName); + TCfree(keyfile); + NormalCursor(); + return 1; + } + + /* since keyfilesSize < 1024 * 1024, we mask with 0x000FFFFF */ + keyfilesSize = (long) (((unsigned long) keyfilesSize) & 0x000FFFFF); + + keyfilesSize %= ((KEYFILE_MAX_READ_LEN - 64) + 1); + keyfilesSize += 64; + } + + /* Generate the keyfile */ + if (!RandgetBytesFull (hwndDlg, keyfile, keyfilesSize, TRUE, TRUE)) + { + _close (fhKeyfile); + DeleteFile (szFileName); + TCfree(keyfile); + NormalCursor(); + return 1; + } + + /* Write the keyfile */ + status = _write (fhKeyfile, keyfile, keyfilesSize); + burn (keyfile, keyfilesSize); + _close (fhKeyfile); + + if (status == -1) + { + TCfree(keyfile); + NormalCursor(); + handleWin32Error (hwndDlg, SRC_POS); + return 1; + } + } + + TCfree(keyfile); + NormalCursor(); + + Info("KEYFILE_CREATED", hwndDlg); + + return 1; + } + return 0; + + case WM_CLOSE: + { + wchar_t tmp[RNG_POOL_SIZE+1]; +exit: + WaitCursor(); + KillTimer (hwndDlg, 0xfd); + +#ifndef VOLFORMAT + RandStop (FALSE); +#endif + /* Cleanup */ + + burn (randPool, sizeof(randPool)); + burn (lastRandPool, sizeof(lastRandPool)); + burn (outputDispBuffer, sizeof(outputDispBuffer)); + burn (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); + burn (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); + burn (maskRandPool, sizeof(maskRandPool)); + + // Attempt to wipe the pool contents in the GUI text area + wmemset (tmp, L' ', RNG_POOL_SIZE); + tmp [RNG_POOL_SIZE] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_POOL_CONTENTS), tmp); + + EndDialog (hwndDlg, IDCLOSE); + NormalCursor (); + return 1; + } + } + return 0; +} + + + +/* Except in response to the WM_INITDIALOG message, the dialog box procedure +should return nonzero if it processes the message, and zero if it does +not. - see DialogProc */ +BOOL CALLBACK +CipherTestDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) +{ + static int idTestCipher = -1; /* Currently selected cipher for the test vector facility (none = -1). */ + static BOOL bXTSTestEnabled = FALSE; + + PCRYPTO_INFO ci; + WORD lw = LOWORD (wParam); + WORD hw = HIWORD (wParam); + + switch (uMsg) + { + case WM_INITDIALOG: + { + int ea; + wchar_t buf[100]; + + LocalizeDialog (hwndDlg, "IDD_CIPHER_TEST_DLG"); + + SendMessage(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), WM_SETFONT, (WPARAM)hBoldFont, MAKELPARAM(TRUE,0)); + SendMessage(GetDlgItem(hwndDlg, IDC_KEY), EM_LIMITTEXT, 128,0); + SendMessage(GetDlgItem(hwndDlg, IDC_KEY), WM_SETFONT, (WPARAM)hFixedDigitFont, MAKELPARAM(1,0)); + SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT), EM_LIMITTEXT,64,0); + SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT), WM_SETFONT, (WPARAM)hFixedDigitFont, MAKELPARAM(1,0)); + SendMessage(GetDlgItem(hwndDlg, IDC_CIPHERTEXT), EM_LIMITTEXT,64,0); + SendMessage(GetDlgItem(hwndDlg, IDC_CIPHERTEXT), WM_SETFONT, (WPARAM)hFixedDigitFont, MAKELPARAM(1,0)); + SendMessage(GetDlgItem(hwndDlg, IDC_SECONDARY_KEY), EM_LIMITTEXT, 128,0); + SendMessage(GetDlgItem(hwndDlg, IDC_SECONDARY_KEY), WM_SETFONT, (WPARAM)hFixedDigitFont, MAKELPARAM(1,0)); + SendMessage(GetDlgItem(hwndDlg, IDC_TEST_DATA_UNIT_NUMBER), EM_LIMITTEXT,32,0); + SendMessage(GetDlgItem(hwndDlg, IDC_TEST_DATA_UNIT_NUMBER), WM_SETFONT, (WPARAM)hFixedDigitFont, MAKELPARAM(1,0)); + SetCheckBox (hwndDlg, IDC_XTS_MODE_ENABLED, bXTSTestEnabled); + EnableWindow (GetDlgItem (hwndDlg, IDC_SECONDARY_KEY), bXTSTestEnabled); + EnableWindow (GetDlgItem (hwndDlg, IDT_SECONDARY_KEY), bXTSTestEnabled); + EnableWindow (GetDlgItem (hwndDlg, IDC_TEST_BLOCK_NUMBER), bXTSTestEnabled); + EnableWindow (GetDlgItem (hwndDlg, IDT_TEST_BLOCK_NUMBER), bXTSTestEnabled); + EnableWindow (GetDlgItem (hwndDlg, IDC_TEST_DATA_UNIT_NUMBER), bXTSTestEnabled); + EnableWindow (GetDlgItem (hwndDlg, IDT_TEST_DATA_UNIT_NUMBER), bXTSTestEnabled); + + if (idTestCipher == -1) + idTestCipher = (int) lParam; + + SendMessage (GetDlgItem (hwndDlg, IDC_CIPHER), CB_RESETCONTENT, 0, 0); + for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea)) + { + if (EAGetCipherCount (ea) == 1 && EAIsFormatEnabled (ea)) + AddComboPair (GetDlgItem (hwndDlg, IDC_CIPHER), EAGetName (buf, ea, 1), EAGetFirstCipher (ea)); + } + + ResetCipherTest(hwndDlg, idTestCipher); + + SelectAlgo (GetDlgItem (hwndDlg, IDC_CIPHER), &idTestCipher); + + return 1; + } + + case WM_COMMAND: + + if (hw == CBN_SELCHANGE && lw == IDC_CIPHER) + { + idTestCipher = (int) SendMessage (GetDlgItem (hwndDlg, IDC_CIPHER), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_CIPHER), CB_GETCURSEL, 0, 0), 0); + ResetCipherTest(hwndDlg, idTestCipher); + SendMessage (hwndDlg, WM_INITDIALOG, 0, 0); + return 1; + } + + if (hw == CBN_SELCHANGE && lw == IDC_KEY_SIZE) + { + // NOP + return 1; + } + + if (lw == IDC_RESET) + { + ResetCipherTest(hwndDlg, idTestCipher); + + return 1; + } + + if (lw == IDC_AUTO) + { + WaitCursor (); + if (!AutoTestAlgorithms()) + { + ShowWindow(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), SW_SHOWNORMAL); + SetWindowTextW(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), GetString ("TESTS_FAILED")); + } + else + { + ShowWindow(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), SW_SHOWNORMAL); + SetWindowTextW(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), GetString ("TESTS_PASSED")); + ShowWindow(GetDlgItem(hwndDlg, IDC_REDTICK), SW_SHOWNORMAL); + } + NormalCursor (); + + return 1; + + } + + if (lw == IDC_XTS_MODE_ENABLED) + { + bXTSTestEnabled = GetCheckBox (hwndDlg, IDC_XTS_MODE_ENABLED); + EnableWindow (GetDlgItem (hwndDlg, IDC_SECONDARY_KEY), bXTSTestEnabled); + EnableWindow (GetDlgItem (hwndDlg, IDT_SECONDARY_KEY), bXTSTestEnabled); + EnableWindow (GetDlgItem (hwndDlg, IDC_TEST_BLOCK_NUMBER), bXTSTestEnabled); + EnableWindow (GetDlgItem (hwndDlg, IDT_TEST_BLOCK_NUMBER), bXTSTestEnabled); + EnableWindow (GetDlgItem (hwndDlg, IDT_TEST_DATA_UNIT_NUMBER), bXTSTestEnabled); + EnableWindow (GetDlgItem (hwndDlg, IDC_TEST_DATA_UNIT_NUMBER), bXTSTestEnabled); + if (bXTSTestEnabled) + SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETCURSEL, 0,0); + } + + if (lw == IDOK || lw == IDC_ENCRYPT || lw == IDC_DECRYPT) + { + char key[128+1], inputtext[128+1], secondaryKey[64+1], dataUnitNo[16+1]; + wchar_t szTmp[128+1]; + int ks, pt, n, tlen, blockNo = 0; + BOOL bEncrypt; + + ShowWindow(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), SW_HIDE); + ShowWindow(GetDlgItem(hwndDlg, IDC_REDTICK), SW_HIDE); + + ks = (int) SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_GETCURSEL, 0,0); + ks = (int) SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_GETITEMDATA, ks,0); + pt = (int) SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_GETITEMDATA, 0,0); + + bEncrypt = lw == IDC_ENCRYPT; + + memset(key,0,sizeof(key)); + memset(szTmp,0,sizeof(szTmp)); + n = GetWindowText(GetDlgItem(hwndDlg, IDC_KEY), szTmp, ARRAYSIZE(szTmp)); + if (n != ks * 2) + { + Warning ("TEST_KEY_SIZE", hwndDlg); + return 1; + } + + for (n = 0; n < ks; n ++) + { + wchar_t szTmp2[3], *ptr; + long x; + + szTmp2[2] = 0; + szTmp2[0] = szTmp[n * 2]; + szTmp2[1] = szTmp[n * 2 + 1]; + + x = wcstol(szTmp2, &ptr, 16); + + key[n] = (char) x; + } + + memset(inputtext, 0, sizeof(inputtext)); + memset(secondaryKey, 0, sizeof(secondaryKey)); + memset(dataUnitNo, 0, sizeof(dataUnitNo)); + memset(szTmp, 0, sizeof(szTmp)); + + if (bEncrypt) + { + n = GetWindowText(GetDlgItem(hwndDlg, IDC_PLAINTEXT), szTmp, ARRAYSIZE(szTmp)); + } + else + { + n = GetWindowText(GetDlgItem(hwndDlg, IDC_CIPHERTEXT), szTmp, ARRAYSIZE(szTmp)); + } + + if (n != pt * 2) + { + if (bEncrypt) + { + Warning ("TEST_PLAINTEXT_SIZE", hwndDlg); + return 1; + } + else + { + Warning ("TEST_CIPHERTEXT_SIZE", hwndDlg); + return 1; + } + } + + for (n = 0; n < pt; n ++) + { + wchar_t szTmp2[3], *ptr; + long x; + + szTmp2[2] = 0; + szTmp2[0] = szTmp[n * 2]; + szTmp2[1] = szTmp[n * 2 + 1]; + + x = wcstol(szTmp2, &ptr, 16); + + inputtext[n] = (char) x; + } + + // XTS + if (bXTSTestEnabled) + { + // Secondary key + + if (GetWindowText(GetDlgItem(hwndDlg, IDC_SECONDARY_KEY), szTmp, ARRAYSIZE(szTmp)) != 64) + { + Warning ("TEST_INCORRECT_SECONDARY_KEY_SIZE", hwndDlg); + return 1; + } + + for (n = 0; n < 64; n ++) + { + wchar_t szTmp2[3], *ptr; + long x; + + szTmp2[2] = 0; + szTmp2[0] = szTmp[n * 2]; + szTmp2[1] = szTmp[n * 2 + 1]; + + x = wcstol(szTmp2, &ptr, 16); + + secondaryKey[n] = (char) x; + } + + // Data unit number + + tlen = GetWindowText(GetDlgItem(hwndDlg, IDC_TEST_DATA_UNIT_NUMBER), szTmp, ARRAYSIZE(szTmp)); + + if (tlen > 16 || tlen < 1) + { + Warning ("TEST_INCORRECT_TEST_DATA_UNIT_SIZE", hwndDlg); + return 1; + } + + LeftPadString (szTmp, tlen, 16, L'0'); + + for (n = 0; n < 16; n ++) + { + wchar_t szTmp2[3], *ptr; + long x; + + szTmp2[2] = 0; + szTmp2[0] = szTmp[n * 2]; + szTmp2[1] = szTmp[n * 2 + 1]; + + x = wcstol(szTmp2, &ptr, 16); + + dataUnitNo[n] = (char) x; + } + + // Block number + + blockNo = (int) SendMessage (GetDlgItem (hwndDlg, IDC_TEST_BLOCK_NUMBER), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_TEST_BLOCK_NUMBER), CB_GETCURSEL, 0, 0), 0); + } // if (bXTSTestEnabled) + + + /* Perform the actual tests */ + + if (ks != CB_ERR && pt != CB_ERR) + { + char tmp[128]; + int tmpRetVal; + + /* Copy the plain/ciphertext */ + memcpy(tmp,inputtext, pt); + + if (bXTSTestEnabled) + { + UINT64_STRUCT structDataUnitNo; + + /* XTS mode */ + + ci = crypto_open (); + if (!ci) + return 1; + + ci->mode = XTS; + + for (ci->ea = EAGetFirst (); ci->ea != 0 ; ci->ea = EAGetNext (ci->ea)) + if (EAGetCipherCount (ci->ea) == 1 && EAGetFirstCipher (ci->ea) == idTestCipher) + break; + + if ((tmpRetVal = EAInit (ci->ea, (unsigned char *) key, ci->ks)) != ERR_SUCCESS) + { + handleError (hwndDlg, tmpRetVal, SRC_POS); + crypto_close (ci); + return 1; + } + + memcpy (&ci->k2, secondaryKey, sizeof (secondaryKey)); + if (!EAInitMode (ci)) + { + crypto_close (ci); + return 1; + } + + structDataUnitNo.Value = BE64(((unsigned __int64 *)dataUnitNo)[0]); + + if (bEncrypt) + EncryptBufferXTS ((unsigned char *) tmp, pt, &structDataUnitNo, blockNo, (unsigned char *) (ci->ks), (unsigned char *) ci->ks2, idTestCipher); + else + DecryptBufferXTS ((unsigned char *) tmp, pt, &structDataUnitNo, blockNo, (unsigned char *) (ci->ks), (unsigned char *) ci->ks2, idTestCipher); + + crypto_close (ci); + } + else + { + + CipherInit2(idTestCipher, key, ks_tmp, ks); + + if (bEncrypt) + { + EncipherBlock(idTestCipher, tmp, ks_tmp); + } + else + { + DecipherBlock(idTestCipher, tmp, ks_tmp); + } + + } + *szTmp = 0; + + for (n = 0; n < pt; n ++) + { + wchar_t szTmp2[3]; + StringCbPrintfW(szTmp2, sizeof(szTmp2), L"%02x", (int)((unsigned char)tmp[n])); + StringCbCatW(szTmp, sizeof(szTmp), szTmp2); + } + + if (bEncrypt) + SetWindowText(GetDlgItem(hwndDlg,IDC_CIPHERTEXT), szTmp); + else + SetWindowText(GetDlgItem(hwndDlg,IDC_PLAINTEXT), szTmp); + } + + return 1; + } + + if (lw == IDCLOSE || lw == IDCANCEL) + { + idTestCipher = -1; + EndDialog (hwndDlg, 0); + return 1; + } + break; + + case WM_CLOSE: + idTestCipher = -1; + EndDialog (hwndDlg, 0); + return 1; + } + + return 0; +} + +void +ResetCipherTest(HWND hwndDlg, int idTestCipher) +{ + int ndx; + + ShowWindow(GetDlgItem(hwndDlg, IDC_TESTS_MESSAGE), SW_HIDE); + ShowWindow(GetDlgItem(hwndDlg, IDC_REDTICK), SW_HIDE); + + EnableWindow(GetDlgItem(hwndDlg,IDC_KEY_SIZE), FALSE); + + /* Setup the keysize and plaintext sizes for the selected cipher */ + + SendMessage (GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_RESETCONTENT, 0,0); + SendMessage (GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_RESETCONTENT, 0,0); + SendMessage (GetDlgItem(hwndDlg, IDC_TEST_BLOCK_NUMBER), CB_RESETCONTENT, 0,0); + + ndx = (int) SendMessage (GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_ADDSTRING, 0,(LPARAM) L"64"); + SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_SETITEMDATA, ndx,(LPARAM) 8); + SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_SETCURSEL, ndx,0); + + for (ndx = 0; ndx < BLOCKS_PER_XTS_DATA_UNIT; ndx++) + { + wchar_t tmpStr [16]; + + StringCbPrintfW (tmpStr, sizeof(tmpStr), L"%d", ndx); + + ndx = (int) SendMessage (GetDlgItem(hwndDlg, IDC_TEST_BLOCK_NUMBER), CB_ADDSTRING, 0,(LPARAM) tmpStr); + SendMessage(GetDlgItem(hwndDlg, IDC_TEST_BLOCK_NUMBER), CB_SETITEMDATA, ndx,(LPARAM) ndx); + } + + SendMessage(GetDlgItem(hwndDlg, IDC_TEST_BLOCK_NUMBER), CB_SETCURSEL, 0, 0); + + SetWindowText(GetDlgItem(hwndDlg, IDC_SECONDARY_KEY), L"0000000000000000000000000000000000000000000000000000000000000000"); + SetWindowText(GetDlgItem(hwndDlg, IDC_TEST_DATA_UNIT_NUMBER), L"0"); + + SetWindowText(GetDlgItem(hwndDlg, IDC_PLAINTEXT), L"0000000000000000"); + SetWindowText(GetDlgItem(hwndDlg, IDC_CIPHERTEXT), L"0000000000000000"); + + if (idTestCipher == AES || idTestCipher == SERPENT || idTestCipher == TWOFISH) + { + ndx = (int) SendMessage (GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_ADDSTRING, 0,(LPARAM) L"256"); + SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETITEMDATA, ndx,(LPARAM) 32); + SendMessage(GetDlgItem(hwndDlg, IDC_KEY_SIZE), CB_SETCURSEL, ndx,0); + + SendMessage (GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_RESETCONTENT, 0,0); + ndx = (int) SendMessage (GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_ADDSTRING, 0,(LPARAM) L"128"); + SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_SETITEMDATA, ndx,(LPARAM) 16); + SendMessage(GetDlgItem(hwndDlg, IDC_PLAINTEXT_SIZE), CB_SETCURSEL, ndx,0); + + SetWindowText(GetDlgItem(hwndDlg, IDC_KEY), L"0000000000000000000000000000000000000000000000000000000000000000"); + SetWindowText(GetDlgItem(hwndDlg, IDC_PLAINTEXT), L"00000000000000000000000000000000"); + SetWindowText(GetDlgItem(hwndDlg, IDC_CIPHERTEXT), L"00000000000000000000000000000000"); + } +} + +#endif // #ifndef SETUP + + +BOOL CALLBACK MultiChoiceDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) +{ + int nChoiceIDs [MAX_MULTI_CHOICES+1] = { IDC_MULTI_CHOICE_MSG, IDC_CHOICE1, IDC_CHOICE2, IDC_CHOICE3, + IDC_CHOICE4, IDC_CHOICE5, IDC_CHOICE6, IDC_CHOICE7, IDC_CHOICE8, IDC_CHOICE9, IDC_CHOICE10 }; + int nBaseButtonWidth = 0; + int nBaseButtonHeight = 0; + int nActiveChoices = -1; + int nStr = 0; + int vertSubOffset, horizSubOffset, vertMsgHeightOffset; + int vertOffset = 0; + int nLongestButtonCaptionWidth = 6; + int nLongestButtonCaptionCharLen = 1; + int nTextGfxLineHeight = 0; + int nMainTextLenInChars = 0; + int newLineSeqCount = 0; + RECT rec, wrec, wtrec, trec; + BOOL bResolve; + + WORD lw = LOWORD (wParam); + + switch (uMsg) + { + case WM_INITDIALOG: + { + char **pStr = (char **) ((MULTI_CHOICE_DLGPROC_PARAMS *) lParam)->strings; + char **pStrOrig = pStr; + wchar_t **pwStr = (wchar_t **) ((MULTI_CHOICE_DLGPROC_PARAMS *) lParam)->strings; + wchar_t **pwStrOrig = pwStr; + + LocalizeDialog (hwndDlg, NULL); + + SetWindowPos (hwndDlg, HWND_TOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); + SetWindowPos (hwndDlg, HWND_NOTOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); + + bResolve = (*pStr == NULL); + + // Style + if (((MULTI_CHOICE_DLGPROC_PARAMS *) lParam)->bold) + { + SendMessage (GetDlgItem (hwndDlg, IDC_MULTI_CHOICE_MSG), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + } + + // Process the strings + pStr++; + pwStr++; + + do + { + if (*pStr != 0) + { + SetWindowTextW (GetDlgItem(hwndDlg, nChoiceIDs[nStr]), bResolve ? GetString(*pStr) : *pwStr); + + if (nStr > 0) + { + nLongestButtonCaptionWidth = max ( + GetTextGfxWidth (GetDlgItem(hwndDlg, IDC_CHOICE1), + bResolve ? GetString(*pStr) : *pwStr, + hUserFont), + nLongestButtonCaptionWidth); + + nLongestButtonCaptionCharLen = max (nLongestButtonCaptionCharLen, + (int) wcslen ((const wchar_t *) (bResolve ? GetString(*pStr) : *pwStr))); + } + + nActiveChoices++; + pStr++; + pwStr++; + } + else + { + ShowWindow(GetDlgItem(hwndDlg, nChoiceIDs[nStr]), SW_HIDE); + } + nStr++; + + } while (nStr < MAX_MULTI_CHOICES+1); + + // Length of main message in characters (not bytes) + nMainTextLenInChars = (int) wcslen ((const wchar_t *) (bResolve ? GetString(*(pStrOrig+1)) : *(pwStrOrig+1))); + + if (nMainTextLenInChars > 200 + && nMainTextLenInChars / nLongestButtonCaptionCharLen >= 10) + { + // As the main text is longer than 200 characters, we will "pad" the widest button caption with + // spaces (if it is not wide enough) so as to increase the width of the whole dialog window. + // Otherwise, it would look too tall (dialog boxes look better when they are more wide than tall). + nLongestButtonCaptionWidth = CompensateXDPI (max ( + nLongestButtonCaptionWidth, + min (350, nMainTextLenInChars))); + } + + // Get the window coords + GetWindowRect(hwndDlg, &wrec); + + // Get the base button size + GetClientRect(GetDlgItem(hwndDlg, IDC_CHOICE1), &rec); + nBaseButtonWidth = rec.right + 2; + nBaseButtonHeight = rec.bottom + 2; + + // Increase in width based on the gfx length of the widest button caption + horizSubOffset = min (CompensateXDPI (500), max (0, nLongestButtonCaptionWidth + CompensateXDPI (50) - nBaseButtonWidth)); + + // Vertical "title bar" offset + GetClientRect(hwndDlg, &wtrec); + vertOffset = wrec.bottom - wrec.top - wtrec.bottom - GetSystemMetrics(SM_CYFIXEDFRAME); + + // Height/width of the message text + GetClientRect(GetDlgItem(hwndDlg, IDC_MULTI_CHOICE_MSG), &trec); + + // Determine the number of newlines contained in the message text + { + int64 offset = -1; + + do + { + offset = FindString ((char *) (bResolve ? GetString(*(pStrOrig+1)) : *(pwStrOrig+1)), + (char *) L"\n", + nMainTextLenInChars * 2, + (int) wcslen (L"\n") * 2, + offset + 1); + + newLineSeqCount++; + + } while (offset != -1); + } + + nTextGfxLineHeight = GetTextGfxHeight (GetDlgItem(hwndDlg, IDC_MULTI_CHOICE_MSG), + bResolve ? GetString(*(pStrOrig+1)) : *(pwStrOrig+1), + hUserFont); + + vertMsgHeightOffset = ((GetTextGfxWidth (GetDlgItem(hwndDlg, IDC_MULTI_CHOICE_MSG), + bResolve ? GetString(*(pStrOrig+1)) : *(pwStrOrig+1), + hUserFont) / (trec.right + horizSubOffset) + 1) * nTextGfxLineHeight) - trec.bottom; + + vertMsgHeightOffset = min (CompensateYDPI (350), vertMsgHeightOffset + newLineSeqCount * nTextGfxLineHeight + (trec.bottom + vertMsgHeightOffset) / 10); // As reserve, we are adding 10% and the number of lines equal to the number of newlines in the message + + // Reduction in height according to the number of shown buttons + vertSubOffset = ((MAX_MULTI_CHOICES - nActiveChoices) * nBaseButtonHeight); + + if (horizSubOffset > 0 + || vertMsgHeightOffset > 0 + || vertOffset > 0) + { + // Resize/move each button if necessary + for (nStr = 1; nStr < MAX_MULTI_CHOICES+1; nStr++) + { + GetWindowRect(GetDlgItem(hwndDlg, nChoiceIDs[nStr]), &rec); + + MoveWindow (GetDlgItem(hwndDlg, nChoiceIDs[nStr]), + rec.left - wrec.left - GetSystemMetrics(SM_CXFIXEDFRAME), + rec.top - wrec.top - vertOffset + vertMsgHeightOffset, + nBaseButtonWidth + horizSubOffset, + nBaseButtonHeight, + TRUE); + } + + // Resize/move the remaining GUI elements + GetWindowRect(GetDlgItem(hwndDlg, IDC_MULTI_CHOICE_MSG), &rec); + GetClientRect(GetDlgItem(hwndDlg, IDC_MULTI_CHOICE_MSG), &trec); + MoveWindow (GetDlgItem(hwndDlg, IDC_MULTI_CHOICE_MSG), + rec.left - wrec.left - GetSystemMetrics(SM_CXFIXEDFRAME), + rec.top - wrec.top - vertOffset, + trec.right + 2 + horizSubOffset, + trec.bottom + 2 + vertMsgHeightOffset, + TRUE); + + GetWindowRect(GetDlgItem(hwndDlg, IDC_MC_DLG_HR1), &rec); + GetClientRect(GetDlgItem(hwndDlg, IDC_MC_DLG_HR1), &trec); + MoveWindow (GetDlgItem(hwndDlg, IDC_MC_DLG_HR1), + rec.left - wrec.left - GetSystemMetrics(SM_CXFIXEDFRAME), + rec.top - wrec.top - vertOffset, + trec.right + 2 + horizSubOffset, + trec.bottom + 2, + TRUE); + + GetWindowRect(GetDlgItem(hwndDlg, IDC_MC_DLG_HR2), &rec); + GetClientRect(GetDlgItem(hwndDlg, IDC_MC_DLG_HR2), &trec); + MoveWindow (GetDlgItem(hwndDlg, IDC_MC_DLG_HR2), + rec.left - wrec.left - GetSystemMetrics(SM_CXFIXEDFRAME), + rec.top - wrec.top - vertOffset + vertMsgHeightOffset, + trec.right + 2 + horizSubOffset, + trec.bottom + 2, + TRUE); + } + + // Resize the window according to number of shown buttons and the longest button caption + MoveWindow (hwndDlg, + wrec.left - horizSubOffset / 2, + wrec.top + vertSubOffset / 2 - vertMsgHeightOffset / 2, + wrec.right - wrec.left + horizSubOffset, + wrec.bottom - wrec.top - vertSubOffset + 1 + vertMsgHeightOffset, + TRUE); + + DisableCloseButton (hwndDlg); + + return 1; + } + + case WM_COMMAND: + + if (lw == IDCLOSE || lw == IDCANCEL) + { + EndDialog (hwndDlg, 0); + return 1; + } + + for (nStr = 1; nStr < MAX_MULTI_CHOICES+1; nStr++) + { + if (lw == nChoiceIDs[nStr]) + { + EndDialog (hwndDlg, nStr); + return 1; + } + } + break; + + case WM_CLOSE: + // This prevents the window from being closed by pressing Alt-F4 (the Close button is hidden). + // Note that the OS handles modal MessageBox() dialog windows the same way. + return 1; + } + + return 0; +} + + +BOOL CheckCapsLock (HWND hwnd, BOOL quiet) +{ + if ((GetKeyState(VK_CAPITAL) & 1) != 0) + { + if (!quiet) + { + MessageBoxW (hwnd, GetString ("CAPSLOCK_ON"), lpszTitle, MB_ICONEXCLAMATION); + } + return TRUE; + } + return FALSE; +} + + +// Checks whether the file extension is not used for executable files or similarly problematic, which often +// causes Windows and antivirus software to interfere with the container. +BOOL CheckFileExtension (wchar_t *fileName) +{ + int i = 0; + wchar_t *ext = wcsrchr (fileName, L'.'); + static wchar_t *problemFileExt[] = { + // These are protected by the Windows Resource Protection + L".asa", L".asp", L".aspx", L".ax", L".bas", L".bat", L".bin", L".cer", L".chm", L".clb", L".cmd", L".cnt", L".cnv", + L".com", L".cpl", L".cpx", L".crt", L".csh", L".dll", L".drv", L".dtd", L".exe", L".fxp", L".grp", L".h1s", L".hlp", + L".hta", L".ime", L".inf", L".ins", L".isp", L".its", L".js", L".jse", L".ksh", L".lnk", L".mad", L".maf", L".mag", + L".mam", L".man", L".maq", L".mar", L".mas", L".mat", L".mau", L".mav", L".maw", L".mda", L".mdb", L".mde", L".mdt", + L".mdw", L".mdz", L".msc", L".msi", L".msp", L".mst", L".mui", L".nls", L".ocx", L".ops", L".pal", L".pcd", L".pif", + L".prf", L".prg", L".pst", L".reg", L".scf", L".scr", L".sct", L".shb", L".shs", L".sys", L".tlb", L".tsp", L".url", + L".vb", L".vbe", L".vbs", L".vsmacros", L".vss", L".vst", L".vsw", L".ws", L".wsc", L".wsf", L".wsh", L".xsd", L".xsl", + // These additional file extensions are usually watched by antivirus programs + L".386", L".acm", L".ade", L".adp", L".ani", L".app", L".asd", L".asf", L".asx", L".awx", L".ax", L".boo", L".bz2", L".cdf", + L".class", L".dhtm", L".dhtml",L".dlo", L".emf", L".eml", L".flt", L".fot", L".gz", L".hlp", L".htm", L".html", L".ini", + L".j2k", L".jar", L".jff", L".jif", L".jmh", L".jng", L".jp2", L".jpe", L".jpeg", L".jpg", L".lsp", L".mod", L".nws", + L".obj", L".olb", L".osd", L".ov1", L".ov2", L".ov3", L".ovl", L".ovl", L".ovr", L".pdr", L".pgm", L".php", L".pkg", + L".pl", L".png", L".pot", L".pps", L".ppt", L".ps1", L".ps1xml", L".psc1", L".rar", L".rpl", L".rtf", L".sbf", L".script", L".sh", L".sha", L".shtm", + L".shtml", L".spl", L".swf", L".tar", L".tgz", L".tmp", L".ttf", L".vcs", L".vlm", L".vxd", L".vxo", L".wiz", L".wll", L".wmd", + L".wmf", L".wms", L".wmz", L".wpc", L".wsc", L".wsh", L".wwk", L".xhtm", L".xhtml", L".xl", L".xml", L".zip", L".7z", 0}; + + if (!ext) + return FALSE; + + while (problemFileExt[i]) + { + if (!_wcsicmp (ext, problemFileExt[i++])) + return TRUE; + } + + return FALSE; +} + +void CorrectFileName (wchar_t* fileName) +{ + /* replace '/' by '\' */ + size_t i, len = wcslen (fileName); + for (i = 0; i < len; i++) + { + if (fileName [i] == L'/') + fileName [i] = L'\\'; + } +} + +void IncreaseWrongPwdRetryCount (int count) +{ + WrongPwdRetryCounter += count; +} + + +void ResetWrongPwdRetryCount (void) +{ + WrongPwdRetryCounter = 0; +} + + +BOOL WrongPwdRetryCountOverLimit (void) +{ + return (WrongPwdRetryCounter > TC_TRY_HEADER_BAK_AFTER_NBR_WRONG_PWD_TRIES); +} + +DWORD GetUsedLogicalDrives (void) +{ + DWORD dwUsedDrives = GetLogicalDrives(); + if (!bShowDisconnectedNetworkDrives) + { + static DWORD g_dwLastMappedDrives = 0; + static time_t g_lastCallTime = 0; + + EnterCriticalSection (&csWNetCalls); + + finally_do ({ LeaveCriticalSection (&csWNetCalls); }); + + /* update values every 2 seconds to reduce CPU consumption */ + if ((time (NULL) - g_lastCallTime) > 2) + { + /* detect disconnected mapped network shares and removed + * their associated drives from the list + */ + WCHAR remotePath[512]; + WCHAR drive[3] = {L'A', L':', 0}; + DWORD dwLen, status; + g_dwLastMappedDrives = 0; + for (WCHAR i = 0; i <= MAX_MOUNTED_VOLUME_DRIVE_NUMBER; i++) + { + if ((dwUsedDrives & (1 << i)) == 0) + { + drive[0] = L'A' + i; + dwLen = ARRAYSIZE (remotePath); + status = WNetGetConnection (drive, remotePath, &dwLen); + if ((NO_ERROR == status) || (status == ERROR_CONNECTION_UNAVAIL)) + { + /* this is a mapped network share, mark it as used */ + g_dwLastMappedDrives |= (1 << i); + } + } + } + + g_lastCallTime = time (NULL); + } + + dwUsedDrives |= g_dwLastMappedDrives; + } + + return dwUsedDrives; +} + + +int GetFirstAvailableDrive () +{ + DWORD dwUsedDrives = GetUsedLogicalDrives(); + int i, drive; + + /* let A: and B: be used as last resort since they can introduce side effects */ + for (i = 2; i < 28; i++) + { + drive = (i < 26) ? i : (i - 26); + if (!(dwUsedDrives & 1 << drive)) + return i; + } + + return -1; +} + + +int GetLastAvailableDrive () +{ + DWORD dwUsedDrives = GetUsedLogicalDrives(); + int i; + + for (i = 25; i >= 0; i--) + { + if (!(dwUsedDrives & 1 << i)) + return i; + } + + return -1; +} + + +BOOL IsDriveAvailable (int driveNo) +{ + return (GetUsedLogicalDrives() & (1 << driveNo)) == 0; +} + + +BOOL IsDeviceMounted (wchar_t *deviceName) +{ + BOOL bResult = FALSE; + DWORD dwResult; + HANDLE dev = INVALID_HANDLE_VALUE; + + if ((dev = CreateFile (deviceName, + GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, + NULL, + OPEN_EXISTING, + 0, + NULL)) != INVALID_HANDLE_VALUE) + { + bResult = DeviceIoControl (dev, FSCTL_IS_VOLUME_MOUNTED, NULL, 0, NULL, 0, &dwResult, NULL); + CloseHandle (dev); + } + + return bResult; +} + + +int DriverUnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forced) +{ + UNMOUNT_STRUCT unmount; + DWORD dwResult; + VOLUME_PROPERTIES_STRUCT prop; + BOOL bResult; + WCHAR wszLabel[33] = {0}; + BOOL bDriverSetLabel = FALSE; + + memset (&prop, 0, sizeof(prop)); + prop.driveNo = nDosDriveNo; + + if ( DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &dwResult, NULL) + && prop.driveNo == nDosDriveNo + ) + { + memcpy (wszLabel, prop.wszLabel, sizeof (wszLabel)); + bDriverSetLabel = prop.bDriverSetLabel; + } + + unmount.nDosDriveNo = nDosDriveNo; + unmount.ignoreOpenFiles = forced; + + bResult = DeviceIoControl (hDriver, TC_IOCTL_DISMOUNT_VOLUME, &unmount, + sizeof (unmount), &unmount, sizeof (unmount), &dwResult, NULL); + + if (bResult == FALSE) + { + handleWin32Error (hwndDlg, SRC_POS); + return 1; + } + else if ((unmount.nReturnCode == ERR_SUCCESS) && bDriverSetLabel && wszLabel[0]) + UpdateDriveCustomLabel (nDosDriveNo, wszLabel, FALSE); + +#ifdef TCMOUNT + + if (unmount.nReturnCode == ERR_SUCCESS + && unmount.HiddenVolumeProtectionTriggered + && !VolumeNotificationsList.bHidVolDamagePrevReported [nDosDriveNo] + && !Silent) + { + wchar_t msg[4096]; + + VolumeNotificationsList.bHidVolDamagePrevReported [nDosDriveNo] = TRUE; + StringCbPrintfW (msg, sizeof(msg), GetString ("DAMAGE_TO_HIDDEN_VOLUME_PREVENTED"), nDosDriveNo + L'A'); + SetForegroundWindow (hwndDlg); + MessageBoxW (hwndDlg, msg, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); + } + +#endif // #ifdef TCMOUNT + + return unmount.nReturnCode; +} + + +void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap) +{ + DEV_BROADCAST_VOLUME dbv; + DWORD_PTR dwResult; + LONG eventId = 0; + int i; + + if (DeviceChangeBroadcastDisabled) + return; + + if (message == DBT_DEVICEARRIVAL) + eventId = SHCNE_DRIVEADD; + else if (message == DBT_DEVICEREMOVECOMPLETE) + eventId = SHCNE_DRIVEREMOVED; + else if (IsOSAtLeast (WIN_7) && message == DBT_DEVICEREMOVEPENDING) // Explorer on Windows 7 holds open handles of all drives when 'Computer' is expanded in navigation pane. SHCNE_DRIVEREMOVED must be used as DBT_DEVICEREMOVEPENDING is ignored. + eventId = SHCNE_DRIVEREMOVED; + + if (driveMap == 0) + driveMap = (1 << nDosDriveNo); + + if (eventId != 0) + { + for (i = 0; i < 26; i++) + { + if (driveMap & (1 << i)) + { + wchar_t root[] = { (wchar_t) i + L'A', L':', L'\\', 0 }; + SHChangeNotify (eventId, SHCNF_PATH, root, NULL); + + + } + } + } + + dbv.dbcv_size = sizeof (dbv); + dbv.dbcv_devicetype = DBT_DEVTYP_VOLUME; + dbv.dbcv_reserved = 0; + dbv.dbcv_unitmask = driveMap; + dbv.dbcv_flags = 0; + + UINT timeOut = 1000; + + // SHChangeNotify() works on Vista, so the Explorer does not require WM_DEVICECHANGE + if (CurrentOSMajor >= 6) + timeOut = 100; + + IgnoreWmDeviceChange = TRUE; + SendMessageTimeout (HWND_BROADCAST, WM_DEVICECHANGE, message, (LPARAM)(&dbv), SMTO_ABORTIFHUNG, timeOut, &dwResult); + + // Explorer prior Vista sometimes fails to register a new drive + if (CurrentOSMajor < 6 && message == DBT_DEVICEARRIVAL) + SendMessageTimeout (HWND_BROADCAST, WM_DEVICECHANGE, message, (LPARAM)(&dbv), SMTO_ABORTIFHUNG, 200, &dwResult); + + IgnoreWmDeviceChange = FALSE; +} + +BOOL GetPhysicalDriveAlignment(UINT nDriveNumber, STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR* pDesc) +{ + DWORD dwRet = NO_ERROR; + + if (!pDesc) + return FALSE; + + // Format physical drive path (may be '\\.\PhysicalDrive0', '\\.\PhysicalDrive1' and so on). + TCHAR strDrivePath[512]; + StringCbPrintf(strDrivePath, sizeof(strDrivePath), _T("\\\\.\\PhysicalDrive%u"), nDriveNumber); + + // Get a handle to physical drive + HANDLE hDevice = ::CreateFile(strDrivePath, 0, FILE_SHARE_READ, + NULL, OPEN_EXISTING, 0, NULL); + + if(INVALID_HANDLE_VALUE == hDevice) + return FALSE; + + // Set the input data structure + STORAGE_PROPERTY_QUERY storagePropertyQuery; + ZeroMemory(&storagePropertyQuery, sizeof(STORAGE_PROPERTY_QUERY)); + storagePropertyQuery.PropertyId = StorageAccessAlignmentProperty; + storagePropertyQuery.QueryType = PropertyStandardQuery; + + // Get the necessary output buffer size + DWORD dwBytesReturned = 0; + BOOL bRet = ::DeviceIoControl(hDevice, IOCTL_STORAGE_QUERY_PROPERTY, + &storagePropertyQuery, sizeof(STORAGE_PROPERTY_QUERY), + pDesc, sizeof(STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR), + &dwBytesReturned, NULL); + dwRet = ::GetLastError(); + ::CloseHandle(hDevice); + + if (!bRet) + { + SetLastError (dwRet); + return FALSE; + } + else + return TRUE; +} + +/************************************************************/ + +// implementation of the generic wait dialog mechanism + +static UINT g_wmWaitDlg = ::RegisterWindowMessage(L"VeraCryptWaitDlgMessage"); + +typedef struct +{ + HWND hwnd; + void* pArg; + WaitThreadProc callback; +} WaitThreadParam; + +static void _cdecl WaitThread (void* pParam) +{ + WaitThreadParam* pThreadParam = (WaitThreadParam*) pParam; + + pThreadParam->callback(pThreadParam->pArg, pThreadParam->hwnd); + + /* close the wait dialog */ + PostMessage (pThreadParam->hwnd, g_wmWaitDlg, 0, 0); +} + +BOOL CALLBACK WaitDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + WaitThreadParam* thParam = (WaitThreadParam*) lParam; + + // set the progress bar type to MARQUEE (indefinite progress) + HWND hProgress = GetDlgItem (hwndDlg, IDC_WAIT_PROGRESS_BAR); + if (hProgress) + { + SetWindowLongPtrW (hProgress, GWL_STYLE, PBS_MARQUEE | GetWindowLongPtrW (hProgress, GWL_STYLE)); + ::SendMessageW(hProgress, PBM_SETMARQUEE, (WPARAM) TRUE, (LPARAM) 0); + } + + thParam->hwnd = hwndDlg; + + // For now, we don't have system menu is the resources but we leave this code + // if it is enabled in the future + HMENU hSysMenu = GetSystemMenu(hwndDlg, FALSE); + if (hSysMenu) + { + //disable the X + EnableMenuItem(hSysMenu,SC_CLOSE, MF_BYCOMMAND|MF_GRAYED); + + // set icons + HICON hIcon = (HICON)::LoadImage(hInst, MAKEINTRESOURCE(IDI_TRUECRYPT_ICON), IMAGE_ICON, ::GetSystemMetrics(SM_CXICON), ::GetSystemMetrics(SM_CYICON), LR_DEFAULTCOLOR); + ::SendMessage(hwndDlg, WM_SETICON, TRUE, (LPARAM)hIcon); + HICON hIconSmall = (HICON)::LoadImage(hInst, MAKEINTRESOURCE(IDI_TRUECRYPT_ICON), IMAGE_ICON, ::GetSystemMetrics(SM_CXSMICON), ::GetSystemMetrics(SM_CYSMICON), LR_DEFAULTCOLOR); + ::SendMessage(hwndDlg, WM_SETICON, FALSE, (LPARAM)hIconSmall); + } + + LocalizeDialog (hwndDlg, NULL); + _beginthread(WaitThread, 0, thParam); + return 0; + } + + case WM_COMMAND: + + if (lw == IDOK || lw == IDCANCEL) + return 1; + else + return 0; + + default: + if (msg == g_wmWaitDlg) + { + EndDialog (hwndDlg, IDOK); + return 1; + } + return 0; + } +} + + +void BringToForeground(HWND hWnd) +{ + if(!::IsWindow(hWnd)) return; + + DWORD lockTimeOut = 0; + HWND hCurrWnd = ::GetForegroundWindow(); + DWORD dwThisTID = ::GetCurrentThreadId(), + dwCurrTID = ::GetWindowThreadProcessId(hCurrWnd,0); + + if (hCurrWnd != hWnd) + { + if(dwThisTID != dwCurrTID) + { + ::AttachThreadInput(dwThisTID, dwCurrTID, TRUE); + + ::SystemParametersInfo(SPI_GETFOREGROUNDLOCKTIMEOUT,0,&lockTimeOut,0); + ::SystemParametersInfo(SPI_SETFOREGROUNDLOCKTIMEOUT,0,0,SPIF_SENDWININICHANGE | SPIF_UPDATEINIFILE); + + ::AllowSetForegroundWindow(ASFW_ANY); + } + + ::SetForegroundWindow(hWnd); + + if(dwThisTID != dwCurrTID) + { + ::SystemParametersInfo(SPI_SETFOREGROUNDLOCKTIMEOUT,0,(PVOID)lockTimeOut,SPIF_SENDWININICHANGE | SPIF_UPDATEINIFILE); + ::AttachThreadInput(dwThisTID, dwCurrTID, FALSE); + } + } + +#ifdef TCMOUNT + if (hWnd == MainDlg) + { + SetFocus (hWnd); + ::SendMessage(hWnd, WM_NEXTDLGCTL, (WPARAM) GetDlgItem (hWnd, IDC_DRIVELIST), 1L); + } +#endif +} + +void ShowWaitDialog(HWND hwnd, BOOL bUseHwndAsParent, WaitThreadProc callback, void* pArg) +{ + HWND hParent = (hwnd && bUseHwndAsParent)? hwnd : GetDesktopWindow(); + BOOL bEffectiveHideWaitingDialog = bCmdHideWaitingDialogValid? bCmdHideWaitingDialog : bHideWaitingDialog; + WaitThreadParam threadParam; + threadParam.callback = callback; + threadParam.pArg = pArg; + + if (WaitDialogDisplaying || bEffectiveHideWaitingDialog) + { + if (!WaitDialogDisplaying) WaitCursor (); + callback (pArg, hwnd); + if (!WaitDialogDisplaying) NormalCursor (); + } + else + { + BOOL bIsForeground = FALSE; + WaitDialogDisplaying = TRUE; + if (hwnd) + { + if (GetForegroundWindow () == hwnd) + bIsForeground = TRUE; + EnableWindow (hwnd, FALSE); + } + else + EnableWindow (MainDlg, FALSE); + finally_do_arg2 (HWND, hwnd, BOOL, bIsForeground, { if (finally_arg) {EnableWindow(finally_arg, TRUE); if (finally_arg2) BringToForeground (finally_arg);} else EnableWindow (MainDlg, TRUE);}); + + DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_STATIC_MODAL_WAIT_DLG), hParent, + (DLGPROC) WaitDlgProc, (LPARAM) &threadParam); + + WaitDialogDisplaying = FALSE; + } +} + +/************************************************************************/ + +static BOOL PerformMountIoctl (MOUNT_STRUCT* pmount, LPDWORD pdwResult, BOOL useVolumeID, BYTE volumeID[VOLUME_ID_SIZE]) +{ + if (useVolumeID) + { + wstring devicePath = FindDeviceByVolumeID (volumeID); + if (devicePath == L"") + { + if (pdwResult) + *pdwResult = 0; + SetLastError (ERROR_PATH_NOT_FOUND); + return FALSE; + } + else + { + BOOL bDevice = FALSE; + CreateFullVolumePath (pmount->wszVolume, sizeof(pmount->wszVolume), devicePath.c_str(), &bDevice); + } + } + + return DeviceIoControl (hDriver, TC_IOCTL_MOUNT_VOLUME, pmount, + sizeof (MOUNT_STRUCT), pmount, sizeof (MOUNT_STRUCT), pdwResult, NULL); +} + +// specific definitions and implementation for support of mount operation +// in wait dialog mechanism + +typedef struct +{ + MOUNT_STRUCT* pmount; + BOOL useVolumeID; + BYTE volumeID[VOLUME_ID_SIZE]; + BOOL* pbResult; + DWORD* pdwResult; + DWORD dwLastError; +} MountThreadParam; + +void CALLBACK MountWaitThreadProc(void* pArg, HWND ) +{ + MountThreadParam* pThreadParam = (MountThreadParam*) pArg; + + *(pThreadParam->pbResult) = PerformMountIoctl (pThreadParam->pmount, pThreadParam->pdwResult, pThreadParam->useVolumeID, pThreadParam->volumeID); + + pThreadParam->dwLastError = GetLastError (); +} + +/************************************************************************/ + +// Use only cached passwords if password = NULL +// +// Returns: +// -1 = user aborted mount / error +// 0 = mount failed +// 1 = mount OK +// 2 = mount OK in shared mode +// +// Note that some code calling this relies on the content of the mountOptions struct +// to remain unmodified (don't remove the 'const' without proper revision). + +int MountVolume (HWND hwndDlg, + int driveNo, + wchar_t *volumePath, + Password *password, + int pkcs5, + int pim, + BOOL truecryptMode, + BOOL cachePassword, + BOOL cachePim, + BOOL sharedAccess, + const MountOptions* const mountOptions, + BOOL quiet, + BOOL bReportWrongPassword) +{ + MOUNT_STRUCT mount; + DWORD dwResult, dwLastError = ERROR_SUCCESS; + BOOL bResult, bDevice; + wchar_t root[MAX_PATH]; + int favoriteMountOnArrivalRetryCount = 0; + BOOL useVolumeID = FALSE; + BYTE volumeID[VOLUME_ID_SIZE] = {0}; + +#ifdef TCMOUNT + if (mountOptions->PartitionInInactiveSysEncScope) + { + if (!CheckSysEncMountWithoutPBA (hwndDlg, volumePath, quiet)) + return -1; + } +#endif + + if (IsMountedVolume (volumePath)) + { + if (!quiet) + Error ("VOL_ALREADY_MOUNTED", hwndDlg); + return -1; + } + + if (!IsDriveAvailable (driveNo)) + { + if (!quiet) + Error ("DRIVE_LETTER_UNAVAILABLE", hwndDlg); + + return -1; + } + + // If using cached passwords, check cache status first + if (password == NULL && IsPasswordCacheEmpty ()) + return 0; + + ZeroMemory (&mount, sizeof (mount)); + mount.bExclusiveAccess = sharedAccess ? FALSE : TRUE; + mount.SystemFavorite = MountVolumesAsSystemFavorite; + mount.UseBackupHeader = mountOptions->UseBackupHeader; + mount.RecoveryMode = mountOptions->RecoveryMode; + StringCbCopyW (mount.wszLabel, sizeof (mount.wszLabel), mountOptions->Label); + +retry: + mount.nDosDriveNo = driveNo; + mount.bCache = cachePassword; + mount.bCachePim = cachePim; + + mount.bPartitionInInactiveSysEncScope = FALSE; + + if (password != NULL) + mount.VolumePassword = *password; + else + mount.VolumePassword.Length = 0; + + if (!mountOptions->ReadOnly && mountOptions->ProtectHiddenVolume) + { + mount.ProtectedHidVolPassword = mountOptions->ProtectedHidVolPassword; + mount.bProtectHiddenVolume = TRUE; + mount.ProtectedHidVolPkcs5Prf = mountOptions->ProtectedHidVolPkcs5Prf; + mount.ProtectedHidVolPim = mountOptions->ProtectedHidVolPim; + } + else + mount.bProtectHiddenVolume = FALSE; + + mount.bMountReadOnly = mountOptions->ReadOnly; + mount.bMountRemovable = mountOptions->Removable; + mount.bPreserveTimestamp = mountOptions->PreserveTimestamp; + + mount.bMountManager = TRUE; + mount.pkcs5_prf = pkcs5; + mount.bTrueCryptMode = truecryptMode; + mount.VolumePim = pim; + + // Windows 2000 mount manager causes problems with remounted volumes + if (CurrentOSMajor == 5 && CurrentOSMinor == 0) + mount.bMountManager = FALSE; + + wstring path = volumePath; + if (path.find (L"\\\\?\\") == 0) + { + // Remove \\?\ prefix + path = path.substr (4); + StringCchCopyW (volumePath, TC_MAX_PATH, path.c_str()); + } + + if (path.find (L"Volume{") == 0 && path.rfind (L"}\\") == path.size() - 2) + { + wstring resolvedPath = VolumeGuidPathToDevicePath (path); + + if (!resolvedPath.empty()) + StringCchCopyW (volumePath, TC_MAX_PATH, resolvedPath.c_str()); + } + + if ((path.length () >= 3) && (_wcsnicmp (path.c_str(), L"ID:", 3) == 0)) + { + std::vector arr; + if ( (path.length() == (3 + 2*VOLUME_ID_SIZE)) + && HexWideStringToArray (path.c_str() + 3, arr) + && (arr.size() == VOLUME_ID_SIZE) + ) + { + useVolumeID = TRUE; + bDevice = TRUE; + memcpy (volumeID, &arr[0], VOLUME_ID_SIZE); + } + else + { + if (!quiet) + Error ("VOLUME_ID_INVALID", hwndDlg); + + SetLastError (ERROR_INVALID_PARAMETER); + return -1; + } + } + else + CreateFullVolumePath (mount.wszVolume, sizeof(mount.wszVolume), volumePath, &bDevice); + + if (!bDevice) + { + // UNC path + if (path.find (L"\\\\") == 0) + { + StringCbCopyW (mount.wszVolume, sizeof (mount.wszVolume), (L"UNC" + path.substr (1)).c_str()); + } + + if (GetVolumePathName (volumePath, root, ARRAYSIZE (root) - 1)) + { + DWORD bps, flags, d; + if (GetDiskFreeSpace (root, &d, &bps, &d, &d)) + { + mount.BytesPerSector = bps; + mount.BytesPerPhysicalSector = bps; + } + + if (IsOSAtLeast (WIN_VISTA)) + { + if ( (wcslen(root) >= 2) + && (root[1] == L':') + && (towupper(root[0]) >= L'A' && towupper(root[0]) <= L'Z') + ) + { + wstring drivePath = L"\\\\.\\X:"; + HANDLE dev = INVALID_HANDLE_VALUE; + VOLUME_DISK_EXTENTS extents = {0}; + DWORD dwResult = 0; + drivePath[4] = root[0]; + + if ((dev = CreateFile (drivePath.c_str(),0, 0, NULL, OPEN_EXISTING, 0, NULL)) != INVALID_HANDLE_VALUE) + { + if (DeviceIoControl (dev, IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS, NULL, 0, &extents, sizeof(extents), &dwResult, NULL)) + { + if (extents.NumberOfDiskExtents > 0) + { + STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR desc; + if (GetPhysicalDriveAlignment (extents.Extents[0].DiskNumber, &desc)) + { + mount.BytesPerSector = desc.BytesPerLogicalSector; + mount.BytesPerPhysicalSector = desc.BytesPerPhysicalSector; + } + } + } + CloseHandle (dev); + } + } + } + + // Read-only host filesystem + if (!mount.bMountReadOnly && GetVolumeInformation (root, NULL, 0, NULL, &d, &flags, NULL, 0)) + mount.bMountReadOnly = (flags & FILE_READ_ONLY_VOLUME) != 0; + } + } + + if (mountOptions->PartitionInInactiveSysEncScope) + { + if (mount.wszVolume == NULL || swscanf_s ((const wchar_t *) mount.wszVolume, + WIDE("\\Device\\Harddisk%d\\Partition"), + &mount.nPartitionInInactiveSysEncScopeDriveNo, + sizeof(mount.nPartitionInInactiveSysEncScopeDriveNo)) != 1) + { + if (!quiet) + Warning ("NO_SYSENC_PARTITION_SELECTED", hwndDlg); + return -1; + } + + mount.bPartitionInInactiveSysEncScope = TRUE; + } + + if (!quiet) + { + MountThreadParam mountThreadParam; + mountThreadParam.pmount = &mount; + mountThreadParam.useVolumeID = useVolumeID; + memcpy (mountThreadParam.volumeID, volumeID, VOLUME_ID_SIZE); + mountThreadParam.pbResult = &bResult; + mountThreadParam.pdwResult = &dwResult; + mountThreadParam.dwLastError = ERROR_SUCCESS; + + ShowWaitDialog (hwndDlg, FALSE, MountWaitThreadProc, &mountThreadParam); + + dwLastError = mountThreadParam.dwLastError; + } + else + { + bResult = PerformMountIoctl (&mount, &dwResult, useVolumeID, volumeID); + + dwLastError = GetLastError (); + } + + burn (&mount.VolumePassword, sizeof (mount.VolumePassword)); + burn (&mount.ProtectedHidVolPassword, sizeof (mount.ProtectedHidVolPassword)); + burn (&mount.pkcs5_prf, sizeof (mount.pkcs5_prf)); + burn (&mount.bTrueCryptMode, sizeof (mount.bTrueCryptMode)); + burn (&mount.ProtectedHidVolPkcs5Prf, sizeof (mount.ProtectedHidVolPkcs5Prf)); + + SetLastError (dwLastError); + if (bResult == FALSE) + { + // Volume already open by another process + if (GetLastError () == ERROR_SHARING_VIOLATION) + { + if (FavoriteMountOnArrivalInProgress && ++favoriteMountOnArrivalRetryCount < 10) + { + Sleep (500); + goto retry; + } + + if (mount.bExclusiveAccess == FALSE) + { + if (!quiet) + Error ("FILE_IN_USE_FAILED", hwndDlg); + + return -1; + } + else + { + if (quiet) + { + mount.bExclusiveAccess = FALSE; + goto retry; + } + + // Ask user + if (IDYES == AskWarnNoYes ("FILE_IN_USE", hwndDlg)) + { + mount.bExclusiveAccess = FALSE; + goto retry; + } + } + + return -1; + } + + if (!quiet && (!MultipleMountOperationInProgress || GetLastError() != ERROR_NOT_READY)) + handleWin32Error (hwndDlg, SRC_POS); + + return -1; + } + + if (mount.nReturnCode != 0) + { + if (mount.nReturnCode == ERR_PASSWORD_WRONG) + { + // Do not report wrong password, if not instructed to + if (bReportWrongPassword) + { + IncreaseWrongPwdRetryCount (1); // We increase the count here only if bReportWrongPassword is TRUE, because "Auto-Mount All Devices" and other callers do it separately + + if (WrongPwdRetryCountOverLimit () + && !mount.UseBackupHeader) + { + // Retry using embedded header backup (if any) + mount.UseBackupHeader = TRUE; + goto retry; + } + + if (bDevice && mount.bProtectHiddenVolume) + { + int driveNo; + + if (swscanf (volumePath, L"\\Device\\Harddisk%d\\Partition", &driveNo) == 1) + { + OPEN_TEST_STRUCT openTestStruct; + memset (&openTestStruct, 0, sizeof (openTestStruct)); + + openTestStruct.bDetectTCBootLoader = TRUE; + StringCchPrintfW ((wchar_t *) openTestStruct.wszFileName, array_capacity (openTestStruct.wszFileName), L"\\Device\\Harddisk%d\\Partition0", driveNo); + + DWORD dwResult; + if (DeviceIoControl (hDriver, TC_IOCTL_OPEN_TEST, &openTestStruct, sizeof (OPEN_TEST_STRUCT), &openTestStruct, sizeof (OPEN_TEST_STRUCT), &dwResult, NULL) && openTestStruct.TCBootLoaderDetected) + WarningDirect ((GetWrongPasswordErrorMessage (hwndDlg) + L"\n\n" + GetString ("HIDDEN_VOL_PROT_PASSWORD_US_KEYB_LAYOUT")).c_str(), hwndDlg); + else + handleError (hwndDlg, mount.nReturnCode, SRC_POS); + } + } + else + handleError (hwndDlg, mount.nReturnCode, SRC_POS); + } + + return 0; + } + + if (!quiet) + handleError (hwndDlg, mount.nReturnCode, SRC_POS); + + return 0; + } + + // Mount successful + + if (mount.UseBackupHeader != mountOptions->UseBackupHeader + && mount.UseBackupHeader) + { + if (bReportWrongPassword && !Silent) + Warning ("HEADER_DAMAGED_AUTO_USED_HEADER_BAK", hwndDlg); + } + + LastMountedVolumeDirty = mount.FilesystemDirty; + + if (mount.FilesystemDirty) + { + wchar_t msg[1024]; + wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; + StringCbPrintfW (msg, sizeof(msg), GetString ("MOUNTED_VOLUME_DIRTY"), mountPoint); + + if (AskWarnYesNoStringTopmost (msg, hwndDlg) == IDYES) + CheckFilesystem (hwndDlg, driveNo, TRUE); + } + + if (mount.VolumeMountedReadOnlyAfterAccessDenied + && !Silent + && !bDevice + && !FileHasReadOnlyAttribute (volumePath) + && !IsFileOnReadOnlyFilesystem (volumePath)) + { + wchar_t msg[1024]; + wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; + StringCbPrintfW (msg, sizeof(msg), GetString ("MOUNTED_CONTAINER_FORCED_READ_ONLY"), mountPoint); + + WarningDirect (msg, hwndDlg); + } + + if (mount.VolumeMountedReadOnlyAfterAccessDenied + && !Silent + && bDevice) + { + wchar_t msg[1024]; + wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; + StringCbPrintfW (msg, sizeof(msg), GetString ("MOUNTED_DEVICE_FORCED_READ_ONLY"), mountPoint); + + WarningDirect (msg, hwndDlg); + } + + if (mount.VolumeMountedReadOnlyAfterDeviceWriteProtected + && !Silent + && wcsstr (volumePath, L"\\Device\\Harddisk") == volumePath) + { + wchar_t msg[1024]; + wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; + StringCbPrintfW (msg, sizeof(msg), GetString ("MOUNTED_DEVICE_FORCED_READ_ONLY_WRITE_PROTECTION"), mountPoint); + + WarningDirect (msg, hwndDlg); + + if (CurrentOSMajor >= 6 + && wcsstr (volumePath, L"\\Device\\HarddiskVolume") != volumePath + && AskNoYes ("ASK_REMOVE_DEVICE_WRITE_PROTECTION", hwndDlg) == IDYES) + { + RemoveDeviceWriteProtection (hwndDlg, volumePath); + } + } + + if (mount.wszLabel[0] && !mount.bDriverSetLabel) + { + // try setting the drive label on user-mode using registry + UpdateDriveCustomLabel (driveNo, mount.wszLabel, TRUE); + } + + ResetWrongPwdRetryCount (); + + BroadcastDeviceChange (DBT_DEVICEARRIVAL, driveNo, 0); + + if (mount.bExclusiveAccess == FALSE) + return 2; + + return 1; +} + +typedef struct +{ + int nDosDriveNo; + BOOL forced; + int dismountMaxRetries; + DWORD retryDelay; + int* presult; + DWORD dwLastError; +} UnmountThreadParam; + +void CALLBACK UnmountWaitThreadProc(void* pArg, HWND hwnd) +{ + UnmountThreadParam* pThreadParam = (UnmountThreadParam*) pArg; + int dismountMaxRetries = pThreadParam->dismountMaxRetries; + DWORD retryDelay = pThreadParam->retryDelay; + + do + { + *pThreadParam->presult = DriverUnmountVolume (hwnd, pThreadParam->nDosDriveNo, pThreadParam->forced); + + if (*pThreadParam->presult == ERR_FILES_OPEN) + Sleep (retryDelay); + else + break; + + } while (--dismountMaxRetries > 0); + + pThreadParam->dwLastError = GetLastError (); +} + +static BOOL UnmountVolumeBase (HWND hwndDlg, int nDosDriveNo, BOOL forceUnmount, BOOL ntfsFormatCase) +{ + int result; + BOOL forced = forceUnmount; + int dismountMaxRetries = ntfsFormatCase? 5 : UNMOUNT_MAX_AUTO_RETRIES; + DWORD retryDelay = ntfsFormatCase? 2000: UNMOUNT_AUTO_RETRY_DELAY; + UnmountThreadParam param; + +retry: + BroadcastDeviceChange (DBT_DEVICEREMOVEPENDING, nDosDriveNo, 0); + + param.nDosDriveNo = nDosDriveNo; + param.forced = forced; + param.dismountMaxRetries = dismountMaxRetries; + param.retryDelay = retryDelay; + param.presult = &result; + + if (Silent) + { + UnmountWaitThreadProc (¶m, hwndDlg); + } + else + { + ShowWaitDialog (hwndDlg, FALSE, UnmountWaitThreadProc, ¶m); + } + + SetLastError (param.dwLastError); + + if (result != 0) + { + if (result == ERR_FILES_OPEN && !Silent) + { + if (IDYES == AskWarnYesNoTopmost ("UNMOUNT_LOCK_FAILED", hwndDlg)) + { + forced = TRUE; + goto retry; + } + + if (IsOSAtLeast (WIN_7)) + { + // Undo SHCNE_DRIVEREMOVED + wchar_t root[] = { (wchar_t) nDosDriveNo + L'A', L':', L'\\', 0 }; + SHChangeNotify (SHCNE_DRIVEADD, SHCNF_PATH, root, NULL); + } + + return FALSE; + } + + Error ("UNMOUNT_FAILED", hwndDlg); + + return FALSE; + } + + BroadcastDeviceChange (DBT_DEVICEREMOVECOMPLETE, nDosDriveNo, 0); + + return TRUE; +} + +BOOL UnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forceUnmount) +{ + return UnmountVolumeBase (hwndDlg, nDosDriveNo, forceUnmount, FALSE); +} + +BOOL UnmountVolumeAfterFormatExCall (HWND hwndDlg, int nDosDriveNo) +{ + return UnmountVolumeBase (hwndDlg, nDosDriveNo, FALSE, TRUE); +} + + +BOOL IsPasswordCacheEmpty (void) +{ + DWORD dw; + return !DeviceIoControl (hDriver, TC_IOCTL_GET_PASSWORD_CACHE_STATUS, 0, 0, 0, 0, &dw, 0); +} + +BOOL IsMountedVolumeID (BYTE volumeID[VOLUME_ID_SIZE]) +{ + MOUNT_LIST_STRUCT mlist; + DWORD dwResult; + int i; + + memset (&mlist, 0, sizeof (mlist)); + DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist, + sizeof (mlist), &mlist, sizeof (mlist), &dwResult, + NULL); + + for (i=0 ; i<26; i++) + if (0 == memcmp (mlist.volumeID[i], volumeID, VOLUME_ID_SIZE)) + return TRUE; + + return FALSE; +} + +BOOL IsMountedVolume (const wchar_t *volname) +{ + if ((wcslen (volname) == (3 + 2*VOLUME_ID_SIZE)) && _wcsnicmp (volname, L"ID:", 3) == 0) + { + /* Volume ID specified. Use it for matching mounted volumes. */ + std::vector arr; + if (HexWideStringToArray (&volname[3], arr) && (arr.size() == VOLUME_ID_SIZE)) + { + return IsMountedVolumeID (&arr[0]); + } + } + else + { + MOUNT_LIST_STRUCT mlist; + DWORD dwResult; + int i; + wchar_t volume[TC_MAX_PATH*2+16]; + + StringCbCopyW (volume, sizeof(volume), volname); + + if (wcsstr (volname, L"\\Device\\") != volname) + StringCbPrintfW(volume, sizeof(volume), L"\\??\\%s", volname); + + wstring resolvedPath = VolumeGuidPathToDevicePath (volname); + if (!resolvedPath.empty()) + StringCbCopyW (volume, sizeof (volume), resolvedPath.c_str()); + + memset (&mlist, 0, sizeof (mlist)); + DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist, + sizeof (mlist), &mlist, sizeof (mlist), &dwResult, + NULL); + + for (i=0 ; i<26; i++) + if (0 == _wcsicmp ((wchar_t *) mlist.wszVolume[i], volume)) + return TRUE; + } + + return FALSE; +} + + +int GetMountedVolumeDriveNo (wchar_t *volname) +{ + MOUNT_LIST_STRUCT mlist; + DWORD dwResult; + int i; + wchar_t volume[TC_MAX_PATH*2+16]; + + if (volname == NULL) + return -1; + + StringCbCopyW (volume, sizeof(volume), volname); + + if (wcsstr (volname, L"\\Device\\") != volname) + StringCbPrintfW (volume, sizeof(volume), L"\\??\\%s", volname); + + wstring resolvedPath = VolumeGuidPathToDevicePath (volname); + if (!resolvedPath.empty()) + StringCbCopyW (volume, sizeof (volume), resolvedPath.c_str()); + + memset (&mlist, 0, sizeof (mlist)); + DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist, + sizeof (mlist), &mlist, sizeof (mlist), &dwResult, + NULL); + + for (i=0 ; i<26; i++) + if (0 == _wcsicmp ((wchar_t *) mlist.wszVolume[i], (WCHAR *)volume)) + return i; + + return -1; +} + + +BOOL IsAdmin (void) +{ + return IsUserAnAdmin (); +} + + +BOOL IsBuiltInAdmin () +{ + HANDLE procToken; + DWORD size; + + if (!IsAdmin() || !OpenProcessToken (GetCurrentProcess(), TOKEN_QUERY, &procToken)) + return FALSE; + + finally_do_arg (HANDLE, procToken, { CloseHandle (finally_arg); }); + + if (GetTokenInformation (procToken, TokenUser, NULL, 0, &size) || GetLastError() != ERROR_INSUFFICIENT_BUFFER) + return FALSE; + + TOKEN_USER *tokenUser = (TOKEN_USER *) malloc (size); + if (!tokenUser) + return FALSE; + + finally_do_arg (void *, tokenUser, { free (finally_arg); }); + + if (!GetTokenInformation (procToken, TokenUser, tokenUser, size, &size)) + return FALSE; + + return IsWellKnownSid (tokenUser->User.Sid, WinAccountAdministratorSid); +} + + +BOOL IsUacSupported () +{ + HKEY hkey; + DWORD value = 1, size = sizeof (DWORD); + + if (!IsOSAtLeast (WIN_VISTA)) + return FALSE; + + if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", 0, KEY_READ, &hkey) == ERROR_SUCCESS) + { + if (RegQueryValueEx (hkey, L"EnableLUA", 0, 0, (LPBYTE) &value, &size) != ERROR_SUCCESS) + value = 1; + + RegCloseKey (hkey); + } + + return value != 0; +} + + +BOOL ResolveSymbolicLink (const wchar_t *symLinkName, PWSTR targetName, size_t cbTargetName) +{ + BOOL bResult; + DWORD dwResult; + RESOLVE_SYMLINK_STRUCT resolve; + + memset (&resolve, 0, sizeof(resolve)); + StringCbCopyW (resolve.symLinkName, sizeof(resolve.symLinkName), symLinkName); + + bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_RESOLVED_SYMLINK, &resolve, + sizeof (resolve), &resolve, sizeof (resolve), &dwResult, + NULL); + + StringCbCopyW (targetName, cbTargetName, resolve.targetName); + + return bResult; +} + + +BOOL GetPartitionInfo (const wchar_t *deviceName, PPARTITION_INFORMATION rpartInfo) +{ + BOOL bResult; + DWORD dwResult; + DISK_PARTITION_INFO_STRUCT dpi; + + memset (&dpi, 0, sizeof(dpi)); + StringCbCopyW ((PWSTR) &dpi.deviceName, sizeof(dpi.deviceName), deviceName); + + bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVE_PARTITION_INFO, &dpi, + sizeof (dpi), &dpi, sizeof (dpi), &dwResult, NULL); + + memcpy (rpartInfo, &dpi.partInfo, sizeof (PARTITION_INFORMATION)); + return bResult; +} + + +BOOL GetDeviceInfo (const wchar_t *deviceName, DISK_PARTITION_INFO_STRUCT *info) +{ + DWORD dwResult; + + memset (info, 0, sizeof(*info)); + StringCbCopyW ((PWSTR) &info->deviceName, sizeof(info->deviceName), deviceName); + + return DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVE_PARTITION_INFO, info, sizeof (*info), info, sizeof (*info), &dwResult, NULL); +} + + +BOOL GetDriveGeometry (const wchar_t *deviceName, PDISK_GEOMETRY diskGeometry) +{ + BOOL bResult; + DWORD dwResult; + DISK_GEOMETRY_STRUCT dg; + + memset (&dg, 0, sizeof(dg)); + StringCbCopyW ((PWSTR) &dg.deviceName, sizeof(dg.deviceName), deviceName); + + bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVE_GEOMETRY, &dg, + sizeof (dg), &dg, sizeof (dg), &dwResult, NULL); + + if (bResult && (dwResult == sizeof (dg)) && dg.diskGeometry.BytesPerSector) + { + memcpy (diskGeometry, &dg.diskGeometry, sizeof (DISK_GEOMETRY)); + return TRUE; + } + else + return FALSE; +} + +BOOL GetPhysicalDriveGeometry (int driveNumber, PDISK_GEOMETRY diskGeometry) +{ + HANDLE hDev; + BOOL bResult = FALSE; + TCHAR devicePath[MAX_PATH]; + + StringCchPrintfW (devicePath, ARRAYSIZE (devicePath), L"\\\\.\\PhysicalDrive%d", driveNumber); + + if ((hDev = CreateFileW (devicePath, 0, 0, NULL, OPEN_EXISTING, 0, NULL)) != INVALID_HANDLE_VALUE) + { + DWORD bytesRead = 0; + + ZeroMemory (diskGeometry, sizeof (DISK_GEOMETRY)); + + if ( DeviceIoControl (hDev, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, diskGeometry, sizeof (DISK_GEOMETRY), &bytesRead, NULL) + && (bytesRead == sizeof (DISK_GEOMETRY)) + && diskGeometry->BytesPerSector) + { + bResult = TRUE; + } + + CloseHandle (hDev); + } + + return bResult; +} + + +// Returns drive letter number assigned to device (-1 if none) +int GetDiskDeviceDriveLetter (PWSTR deviceName) +{ + int i; + WCHAR link[MAX_PATH]; + WCHAR target[MAX_PATH]; + WCHAR device[MAX_PATH]; + + if (!ResolveSymbolicLink (deviceName, device, sizeof(device))) + StringCchCopyW (device, MAX_PATH, deviceName); + + for (i = 0; i < 26; i++) + { + WCHAR drive[] = { (WCHAR) i + L'A', L':', 0 }; + + StringCchCopyW (link, MAX_PATH, L"\\DosDevices\\"); + StringCchCatW (link, MAX_PATH, drive); + + if ( ResolveSymbolicLink (link, target, sizeof(target)) + && (wcscmp (device, target) == 0) + ) + { + return i; + } + } + + return -1; +} + + +// WARNING: This function does NOT provide 100% reliable results -- do NOT use it for critical/dangerous operations! +// Return values: 0 - filesystem does not appear empty, 1 - filesystem appears empty, -1 - an error occurred +int FileSystemAppearsEmpty (const wchar_t *devicePath) +{ + float percentFreeSpace = 0.0; + __int64 occupiedBytes = 0; + + if (GetStatsFreeSpaceOnPartition (devicePath, &percentFreeSpace, &occupiedBytes, TRUE) != -1) + { + if (occupiedBytes > BYTES_PER_GB && percentFreeSpace < 99.99 // "percentFreeSpace < 99.99" is needed because an NTFS filesystem larger than several terabytes can have more than 1GB of data in use, even if there are no files stored on it. + || percentFreeSpace < 88) // A 24-MB NTFS filesystem has 11.5% of space in use even if there are no files stored on it. + { + return 0; + } + else + return 1; + } + else + return -1; +} + + +// Returns the free space on the specified partition (volume) in bytes. If the 'occupiedBytes' pointer +// is not NULL, size of occupied space (in bytes) is written to the pointed location. In addition, if the +// 'percent' pointer is not NULL, % of free space is stored in the pointed location. If there's an error, +// returns -1. +__int64 GetStatsFreeSpaceOnPartition (const wchar_t *devicePath, float *percentFree, __int64 *occupiedBytes, BOOL silent) +{ + WCHAR devPath [MAX_PATH]; + int driveLetterNo = -1; + wchar_t szRootPath[4] = {0, L':', L'\\', 0}; + ULARGE_INTEGER freeSpaceSize; + ULARGE_INTEGER totalNumberOfBytes; + ULARGE_INTEGER totalNumberOfFreeBytes; + + StringCbCopyW (devPath, sizeof(devPath), devicePath); + + driveLetterNo = GetDiskDeviceDriveLetter (devPath); + szRootPath[0] = (wchar_t) driveLetterNo + L'A'; + + + if (!GetDiskFreeSpaceEx (szRootPath, &freeSpaceSize, &totalNumberOfBytes, &totalNumberOfFreeBytes)) + { + if (!silent) + { + handleWin32Error (MainDlg, SRC_POS); + Error ("CANNOT_CALC_SPACE", MainDlg); + } + + return -1; + } + + + if (percentFree != NULL || occupiedBytes != NULL) + { + // Determine occupied space and % of free space + + PARTITION_INFORMATION partitionInfo; + + if (!GetPartitionInfo (devicePath, &partitionInfo)) + { + if (!silent) + { + handleWin32Error (MainDlg, SRC_POS); + Error ("CANT_GET_VOLSIZE", MainDlg); + } + return -1; + } + + if (occupiedBytes != NULL) + *occupiedBytes = partitionInfo.PartitionLength.QuadPart - freeSpaceSize.QuadPart; + + if (percentFree != NULL) + *percentFree = (float) ((double) freeSpaceSize.QuadPart / (double) partitionInfo.PartitionLength.QuadPart * 100.0); + } + + return freeSpaceSize.QuadPart; +} + + +// Returns -1 if there's an error. +__int64 GetDeviceSize (const wchar_t *devicePath) +{ + PARTITION_INFORMATION partitionInfo; + + if (!GetPartitionInfo (devicePath, &partitionInfo)) + return -1; + + return partitionInfo.PartitionLength.QuadPart; +} + + +HANDLE DismountDrive (wchar_t *devName, wchar_t *devicePath) +{ + DWORD dwResult; + HANDLE hVolume; + BOOL bResult = FALSE; + int attempt = UNMOUNT_MAX_AUTO_RETRIES; + int driveLetterNo = -1; + WCHAR devPath [MAX_PATH]; + + StringCbCopyW (devPath, sizeof(devPath), devicePath); + driveLetterNo = GetDiskDeviceDriveLetter (devPath); + + + hVolume = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, + FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (hVolume == INVALID_HANDLE_VALUE) + return INVALID_HANDLE_VALUE; + + + // Try to lock the volume first so that dismount is not forced. + // If we fail, we will dismount anyway even if it needs to be forced. + + CloseVolumeExplorerWindows (MainDlg, driveLetterNo); + + while (!(bResult = DeviceIoControl (hVolume, FSCTL_LOCK_VOLUME, NULL, 0, NULL, 0, &dwResult, NULL)) + && attempt > 0) + { + Sleep (UNMOUNT_AUTO_RETRY_DELAY); + attempt--; + } + + + // Try to dismount the volume + + attempt = UNMOUNT_MAX_AUTO_RETRIES; + + while (!(bResult = DeviceIoControl (hVolume, FSCTL_DISMOUNT_VOLUME, NULL, 0, NULL, 0, &dwResult, NULL)) + && attempt > 0) + { + Sleep (UNMOUNT_AUTO_RETRY_DELAY); + attempt--; + } + + if (!bResult) + CloseHandle (hVolume); + + return (bResult ? hVolume : INVALID_HANDLE_VALUE); +} + +// Returns -1 if the specified string is not found in the buffer. Otherwise, returns the +// offset of the first occurrence of the string. The string and the buffer may contain zeroes, +// which do NOT terminate them. +int64 FindString (const char *buf, const char *str, int64 bufLen, int64 strLen, int64 startOffset) +{ + if (buf == NULL + || str == NULL + || strLen > bufLen + || bufLen < 1 + || strLen < 1 + || startOffset > bufLen - strLen) + { + return -1; + } + + for (int64 i = startOffset; i <= bufLen - strLen; i++) + { + if (memcmp (buf + i, str, (size_t) strLen) == 0) + return i; + } + + return -1; +} + +// Returns TRUE if the file or directory exists (both may be enclosed in quotation marks). +BOOL FileExists (const wchar_t *filePathPtr) +{ + wchar_t filePath [TC_MAX_PATH * 2 + 1]; + + // Strip quotation marks (if any) + if (filePathPtr [0] == L'"') + { + StringCbCopyW (filePath, sizeof(filePath), filePathPtr + 1); + } + else + { + StringCbCopyW (filePath, sizeof(filePath), filePathPtr); + } + + // Strip quotation marks (if any) + if (filePath [wcslen (filePath) - 1] == L'"') + filePath [wcslen (filePath) - 1] = 0; + + return (_waccess (filePath, 0) != -1); +} + +// Searches the file from its end for the LAST occurrence of the string str. +// The string may contain zeroes, which do NOT terminate the string. +// If the string is found, its offset from the start of the file is returned. +// If the string isn't found or if any error occurs, -1 is returned. +__int64 FindStringInFile (const wchar_t *filePath, const char* str, int strLen) +{ + int bufSize = 64 * BYTES_PER_KB; + char *buffer = (char *) err_malloc (bufSize); + HANDLE src = NULL; + DWORD bytesRead; + BOOL readRetVal; + __int64 filePos = GetFileSize64 (filePath); + int bufPos = 0; + LARGE_INTEGER seekOffset, seekOffsetNew; + BOOL bExit = FALSE; + int filePosStep; + __int64 retVal = -1; + + if (filePos <= 0 + || buffer == NULL + || strLen > bufSize + || strLen < 1) + { + if (buffer) + free (buffer); + return -1; + } + + src = CreateFile (filePath, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (src == INVALID_HANDLE_VALUE) + { + free (buffer); + return -1; + } + + filePosStep = bufSize - strLen + 1; + + do + { + filePos -= filePosStep; + + if (filePos < 0) + { + filePos = 0; + bExit = TRUE; + } + + seekOffset.QuadPart = filePos; + + if (SetFilePointerEx (src, seekOffset, &seekOffsetNew, FILE_BEGIN) == 0) + goto fsif_end; + + if ((readRetVal = ReadFile (src, buffer, bufSize, &bytesRead, NULL)) == 0 + || bytesRead == 0) + goto fsif_end; + + bufPos = bytesRead - strLen; + + while (bufPos > 0) + { + if (memcmp (buffer + bufPos, str, strLen) == 0) + { + // String found + retVal = filePos + bufPos; + goto fsif_end; + } + bufPos--; + } + + } while (!bExit); + +fsif_end: + CloseHandle (src); + free (buffer); + + return retVal; +} + +// System CopyFile() copies source file attributes (like FILE_ATTRIBUTE_ENCRYPTED) +// so we need to use our own copy function +BOOL TCCopyFileBase (HANDLE src, HANDLE dst) +{ + __int8 *buffer; + FILETIME fileTime; + DWORD bytesRead, bytesWritten; + BOOL res; + + buffer = (char *) malloc (64 * 1024); + if (!buffer) + { + CloseHandle (src); + CloseHandle (dst); + return FALSE; + } + + while (res = ReadFile (src, buffer, 64 * 1024, &bytesRead, NULL)) + { + if (bytesRead == 0) + { + res = 1; + break; + } + + if (!WriteFile (dst, buffer, bytesRead, &bytesWritten, NULL) + || bytesRead != bytesWritten) + { + res = 0; + break; + } + } + + if (GetFileTime (src, NULL, NULL, &fileTime)) + SetFileTime (dst, NULL, NULL, &fileTime); + + CloseHandle (src); + CloseHandle (dst); + + free (buffer); + return res != 0; +} + +BOOL TCCopyFile (wchar_t *sourceFileName, wchar_t *destinationFile) +{ + HANDLE src, dst; + + src = CreateFileW (sourceFileName, + GENERIC_READ, + FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (src == INVALID_HANDLE_VALUE) + return FALSE; + + dst = CreateFileW (destinationFile, + GENERIC_WRITE, + 0, NULL, CREATE_ALWAYS, 0, NULL); + + if (dst == INVALID_HANDLE_VALUE) + { + CloseHandle (src); + return FALSE; + } + + return TCCopyFileBase (src, dst); +} + +// If bAppend is TRUE, the buffer is appended to an existing file. If bAppend is FALSE, any existing file +// is replaced. If an error occurs, the incomplete file is deleted (provided that bAppend is FALSE). +BOOL SaveBufferToFile (const char *inputBuffer, const wchar_t *destinationFile, DWORD inputLength, BOOL bAppend, BOOL bRenameIfFailed) +{ + HANDLE dst; + DWORD bytesWritten; + BOOL res = TRUE; + DWORD dwLastError = 0; + + dst = CreateFile (destinationFile, + GENERIC_WRITE, + FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, bAppend ? OPEN_EXISTING : CREATE_ALWAYS, 0, NULL); + + dwLastError = GetLastError(); + if (!bAppend && bRenameIfFailed && (dst == INVALID_HANDLE_VALUE) && (GetLastError () == ERROR_SHARING_VIOLATION)) + { + wchar_t renamedPath[TC_MAX_PATH + 1]; + StringCbCopyW (renamedPath, sizeof(renamedPath), destinationFile); + StringCbCatW (renamedPath, sizeof(renamedPath), VC_FILENAME_RENAMED_SUFFIX); + + /* rename the locked file in order to be able to create a new one */ + if (MoveFileEx (destinationFile, renamedPath, MOVEFILE_REPLACE_EXISTING)) + { + dst = CreateFile (destinationFile, + GENERIC_WRITE, + FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, CREATE_ALWAYS, 0, NULL); + dwLastError = GetLastError(); + if (dst == INVALID_HANDLE_VALUE) + { + /* restore the original file name */ + MoveFileEx (renamedPath, destinationFile, MOVEFILE_REPLACE_EXISTING); + } + else + { + /* delete the renamed file when the machine reboots */ + MoveFileEx (renamedPath, NULL, MOVEFILE_DELAY_UNTIL_REBOOT); + } + } + } + + if (dst == INVALID_HANDLE_VALUE) + { + SetLastError (dwLastError); + handleWin32Error (MainDlg, SRC_POS); + return FALSE; + } + + if (bAppend) + SetFilePointer (dst, 0, NULL, FILE_END); + + if (!WriteFile (dst, inputBuffer, inputLength, &bytesWritten, NULL) + || inputLength != bytesWritten) + { + res = FALSE; + } + + if (!res) + { + // If CREATE_ALWAYS is used, ERROR_ALREADY_EXISTS is returned after successful overwrite + // of an existing file (it's not an error) + if (! (GetLastError() == ERROR_ALREADY_EXISTS && !bAppend) ) + handleWin32Error (MainDlg, SRC_POS); + } + + CloseHandle (dst); + + if (!res && !bAppend) + _wremove (destinationFile); + + return res; +} + + +// Proper flush for Windows systems. Returns TRUE if successful. +BOOL TCFlushFile (FILE *f) +{ + HANDLE hf = (HANDLE) _get_osfhandle (_fileno (f)); + + fflush (f); + + if (hf == INVALID_HANDLE_VALUE) + return FALSE; + + return FlushFileBuffers (hf) != 0; +} + + +// Prints a UTF-16 text (note that this involves a real printer, not a screen). +// textByteLen - length of the text in bytes +// title - printed as part of the page header and used as the filename for a temporary file +BOOL PrintHardCopyTextUTF16 (wchar_t *text, wchar_t *title, size_t textByteLen) +{ + wchar_t cl [MAX_PATH*3] = {L"/p \""}; + wchar_t path [MAX_PATH * 2] = { 0 }; + wchar_t filename [MAX_PATH + 1] = { 0 }; + + StringCbCopyW (filename, sizeof(filename), title); + //strcat (filename, ".txt"); + + GetTempPath (ARRAYSIZE (path), path); + + if (!FileExists (path)) + { + StringCbCopyW (path, sizeof(path), GetConfigPath (filename)); + + if (wcslen(path) < 2) + return FALSE; + } + else + { + StringCbCatW (path, sizeof(path), filename); + } + + // Write the Unicode signature + if (!SaveBufferToFile ("\xFF\xFE", path, 2, FALSE, FALSE)) + { + _wremove (path); + return FALSE; + } + + // Write the actual text + if (!SaveBufferToFile ((char *) text, path, (DWORD) textByteLen, TRUE, FALSE)) + { + _wremove (path); + return FALSE; + } + + StringCbCatW (cl, sizeof(cl), path); + StringCbCatW (cl, sizeof(cl), L"\""); + + // Get the absolute path for notepad + if (GetWindowsDirectory(filename, MAX_PATH)) + { + if (filename[wcslen (filename) - 1] != L'\\') + StringCbCatW (filename, sizeof(filename), L"\\"); + StringCbCatW(filename, sizeof(filename), PRINT_TOOL); + } + else + StringCbCopyW(filename, sizeof(filename), L"C:\\Windows\\" PRINT_TOOL); + + WaitCursor (); + ShellExecute (NULL, L"open", filename, cl, NULL, SW_HIDE); + Sleep (6000); + NormalCursor(); + + _wremove (path); + + return TRUE; +} + + +BOOL IsNonInstallMode () +{ + HKEY hkey; + DWORD dw; + + if (bPortableModeConfirmed) + return TRUE; + + if (hDriver != INVALID_HANDLE_VALUE) + { + // The driver is running + if (DeviceIoControl (hDriver, TC_IOCTL_GET_PORTABLE_MODE_STATUS, NULL, 0, NULL, 0, &dw, 0)) + { + bPortableModeConfirmed = TRUE; + return TRUE; + } + else + { + // This is also returned if we fail to determine the status (it does not mean that portable mode is disproved). + return FALSE; + } + } + else + { + // The tests in this block are necessary because this function is in some cases called before DriverAttach(). + + HANDLE hDriverTmp = CreateFile (WIN32_ROOT_PREFIX, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (hDriverTmp == INVALID_HANDLE_VALUE) + { + // The driver was not found in the system path + + wchar_t path[MAX_PATH * 2] = { 0 }; + + // We can't use GetConfigPath() here because it would call us back (indirect recursion) + if (SUCCEEDED(SHGetFolderPath (NULL, CSIDL_APPDATA, NULL, 0, path))) + { + StringCbCatW (path, MAX_PATH * 2, L"\\VeraCrypt\\"); + StringCbCatW (path, MAX_PATH * 2, TC_APPD_FILENAME_SYSTEM_ENCRYPTION); + + if (FileExists (path)) + { + // To maintain consistency and safety, if the system encryption config file exits, we cannot + // allow portable mode. (This happens e.g. when the pretest fails and the user selects + // "Last Known Good Configuration" from the Windows boot menu.) + + // However, if UAC elevation is needed, we have to confirm portable mode first (after we are elevated, we won't). + if (!IsAdmin () && IsUacSupported ()) + return TRUE; + + return FALSE; + } + } + + // As the driver was not found in the system path, we can predict that we will run in portable mode + return TRUE; + } + else + CloseHandle (hDriverTmp); + } + + // The following test may be unreliable in some cases (e.g. after the user selects restore "Last Known Good + // Configuration" from the Windows boot menu). + if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt", 0, KEY_READ | KEY_WOW64_32KEY, &hkey) == ERROR_SUCCESS) + { + RegCloseKey (hkey); + return FALSE; + } + else + return TRUE; +} + + +LRESULT SetCheckBox (HWND hwndDlg, int dlgItem, BOOL state) +{ + return SendDlgItemMessage (hwndDlg, dlgItem, BM_SETCHECK, state ? BST_CHECKED : BST_UNCHECKED, 0); +} + + +BOOL GetCheckBox (HWND hwndDlg, int dlgItem) +{ + return IsButtonChecked (GetDlgItem (hwndDlg, dlgItem)); +} + + +// Scroll the listview vertically so that the item with index of topMostVisibleItem is the topmost visible item. +void SetListScrollHPos (HWND hList, int topMostVisibleItem) +{ + int testedPos = 0; + + do + { + SendMessage (hList, LVM_SCROLL, 0, testedPos); + + } while (ListView_GetTopIndex (hList) < topMostVisibleItem && ++testedPos < 10000); +} + + +// Adds or removes TrueCrypt.exe to/from the system startup sequence (with appropriate command line arguments) +void ManageStartupSeq (void) +{ + if (!IsNonInstallMode ()) + { + wchar_t regk [64]; + + GetStartupRegKeyName (regk, sizeof(regk)); + + if (bStartOnLogon || bMountDevicesOnLogon || bMountFavoritesOnLogon) + { + wchar_t exe[MAX_PATH * 2] = { L'"' }; + + GetModuleFileName (NULL, exe + 1, ARRAYSIZE (exe) - 1); + +#ifdef VOLFORMAT + { + wchar_t *tmp = NULL; + + if (tmp = wcsrchr (exe, L'\\')) + { + *tmp = 0; + StringCbCatW (exe, MAX_PATH * 2, L"\\VeraCrypt.exe"); + } + } +#endif + StringCbCatW (exe, MAX_PATH * 2, L"\" /q preferences /a logon"); + + if (bMountDevicesOnLogon) StringCbCatW (exe, MAX_PATH * 2, L" /a devices"); + if (bMountFavoritesOnLogon) StringCbCatW (exe, MAX_PATH * 2, L" /a favorites"); + + WriteRegistryString (regk, L"VeraCrypt", exe); + } + else + DeleteRegistryValue (regk, L"VeraCrypt"); + } +} + + +// Adds or removes the VeraCrypt Volume Creation Wizard to/from the system startup sequence +void ManageStartupSeqWiz (BOOL bRemove, const wchar_t *arg) +{ + wchar_t regk [64]; + + GetStartupRegKeyName (regk, sizeof(regk)); + + if (!bRemove) + { + size_t exeSize = (MAX_PATH * 2) + 3 + 20 + wcslen (arg); // enough room for all concatenation operations + wchar_t* exe = (wchar_t*) calloc(1, exeSize * sizeof (wchar_t)); + exe[0] = L'"'; + GetModuleFileName (NULL, exe + 1, (DWORD) (exeSize - 1)); + +#ifndef VOLFORMAT + { + wchar_t *tmp = NULL; + + if (tmp = wcsrchr (exe, L'\\')) + { + *tmp = 0; + + StringCchCatW (exe, exeSize, L"\\VeraCrypt Format.exe"); + } + } +#endif + + if (wcslen (arg) > 0) + { + StringCchCatW (exe, exeSize, L"\" "); + StringCchCatW (exe, exeSize, arg); + } + + WriteRegistryString (regk, L"VeraCrypt Format", exe); + + free(exe); + } + else + DeleteRegistryValue (regk, L"VeraCrypt Format"); +} + + +// Delete the last used Windows file selector path for TrueCrypt from the registry +void CleanLastVisitedMRU (void) +{ + WCHAR exeFilename[MAX_PATH]; + WCHAR *strToMatch; + + WCHAR strTmp[4096]; + WCHAR regPath[128]; + WCHAR key[64]; + int id, len; + + GetModuleFileNameW (NULL, exeFilename, sizeof (exeFilename) / sizeof(exeFilename[0])); + strToMatch = wcsrchr (exeFilename, L'\\') + 1; + + StringCbPrintfW (regPath, sizeof(regPath), L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisited%sMRU", IsOSAtLeast (WIN_VISTA) ? L"Pidl" : L""); + + for (id = (IsOSAtLeast (WIN_VISTA) ? 0 : L'a'); id <= (IsOSAtLeast (WIN_VISTA) ? 1000 : L'z'); id++) + { + *strTmp = 0; + StringCbPrintfW (key, sizeof(key), (IsOSAtLeast (WIN_VISTA) ? L"%d" : L"%c"), id); + + if ((len = ReadRegistryBytes (regPath, key, (char *) strTmp, sizeof (strTmp))) > 0) + { + if (_wcsicmp (strTmp, strToMatch) == 0) + { + char buf[65536], bufout[sizeof (buf)]; + + // Overwrite the entry with zeroes while keeping its original size + memset (strTmp, 0, len); + if (!WriteRegistryBytes (regPath, key, (char *) strTmp, len)) + MessageBoxW (NULL, GetString ("CLEAN_WINMRU_FAILED"), lpszTitle, ICON_HAND); + + DeleteRegistryValue (regPath, key); + + // Remove ID from MRUList + if (IsOSAtLeast (WIN_VISTA)) + { + int *p = (int *)buf; + int *pout = (int *)bufout; + int l; + + l = len = ReadRegistryBytes (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedPidlMRU", L"MRUListEx", buf, sizeof (buf)); + while (l > 0) + { + l -= sizeof (int); + + if (*p == id) + { + p++; + len -= sizeof (int); + continue; + } + *pout++ = *p++; + } + + WriteRegistryBytes (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedPidlMRU", L"MRUListEx", bufout, len); + } + else + { + wchar_t *p = (wchar_t*) buf; + wchar_t *pout = (wchar_t*) bufout; + + ReadRegistryString (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedMRU", L"MRUList", L"", (wchar_t*) buf, sizeof (buf)); + while (*p) + { + if (*p == id) + { + p++; + continue; + } + *pout++ = *p++; + } + *pout++ = 0; + + WriteRegistryString (L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\ComDlg32\\LastVisitedMRU", L"MRUList", (wchar_t*) bufout); + } + + break; + } + } + } +} + + +#ifndef SETUP +void ClearHistory (HWND hwndDlgItem) +{ + ArrowWaitCursor (); + + ClearCombo (hwndDlgItem); + DumpCombo (hwndDlgItem, TRUE); + + CleanLastVisitedMRU (); + + NormalCursor (); +} +#endif // #ifndef SETUP + + +LRESULT ListItemAdd (HWND list, int index, const wchar_t *string) +{ + LVITEM li; + memset (&li, 0, sizeof(li)); + + li.mask = LVIF_TEXT; + li.pszText = (wchar_t*) string; + li.iItem = index; + li.iSubItem = 0; + return ListView_InsertItem (list, &li); +} + + +LRESULT ListSubItemSet (HWND list, int index, int subIndex, const wchar_t *string) +{ + LVITEM li; + memset (&li, 0, sizeof(li)); + + li.mask = LVIF_TEXT; + li.pszText = (wchar_t*) string; + li.iItem = index; + li.iSubItem = subIndex; + return ListView_SetItem (list, &li); +} + + +BOOL GetMountList (MOUNT_LIST_STRUCT *list) +{ + DWORD dwResult; + + memset (list, 0, sizeof (*list)); + return DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, list, + sizeof (*list), list, sizeof (*list), &dwResult, + NULL); +} + + +int GetDriverRefCount () +{ + DWORD dwResult; + BOOL bResult; + int refCount; + + bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DEVICE_REFCOUNT, &refCount, sizeof (refCount), &refCount, + sizeof (refCount), &dwResult, NULL); + + if (bResult) + return refCount; + else + return -1; +} + +// Loads a 32-bit integer from the file at the specified file offset. The saved value is assumed to have been +// processed by mputLong(). The result is stored in *result. Returns TRUE if successful (otherwise FALSE). +BOOL LoadInt32 (const wchar_t *filePath, unsigned __int32 *result, __int64 fileOffset) +{ + DWORD bufSize = sizeof(__int32); + unsigned char *buffer = (unsigned char *) malloc (bufSize); + unsigned char *bufferPtr = buffer; + HANDLE src = NULL; + DWORD bytesRead; + LARGE_INTEGER seekOffset, seekOffsetNew; + BOOL retVal = FALSE; + + if (buffer == NULL) + return -1; + + src = CreateFile (filePath, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (src == INVALID_HANDLE_VALUE) + { + free (buffer); + return FALSE; + } + + seekOffset.QuadPart = fileOffset; + + if (SetFilePointerEx (src, seekOffset, &seekOffsetNew, FILE_BEGIN) == 0) + goto fsif_end; + + if (ReadFile (src, buffer, bufSize, &bytesRead, NULL) == 0 + || bytesRead != bufSize) + goto fsif_end; + + + retVal = TRUE; + + *result = mgetLong(bufferPtr); + +fsif_end: + CloseHandle (src); + free (buffer); + + return retVal; +} + +// Loads a 16-bit integer from the file at the specified file offset. The saved value is assumed to have been +// processed by mputWord(). The result is stored in *result. Returns TRUE if successful (otherwise FALSE). +BOOL LoadInt16 (const wchar_t *filePath, int *result, __int64 fileOffset) +{ + DWORD bufSize = sizeof(__int16); + unsigned char *buffer = (unsigned char *) malloc (bufSize); + unsigned char *bufferPtr = buffer; + HANDLE src = NULL; + DWORD bytesRead; + LARGE_INTEGER seekOffset, seekOffsetNew; + BOOL retVal = FALSE; + + if (buffer == NULL) + return -1; + + src = CreateFile (filePath, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (src == INVALID_HANDLE_VALUE) + { + free (buffer); + return FALSE; + } + + seekOffset.QuadPart = fileOffset; + + if (SetFilePointerEx (src, seekOffset, &seekOffsetNew, FILE_BEGIN) == 0) + goto fsif_end; + + if (ReadFile (src, buffer, bufSize, &bytesRead, NULL) == 0 + || bytesRead != bufSize) + goto fsif_end; + + + retVal = TRUE; + + *result = mgetWord(bufferPtr); + +fsif_end: + CloseHandle (src); + free (buffer); + + return retVal; +} + +// Returns NULL if there's any error. Although the buffer can contain binary data, it is always null-terminated. +char *LoadFile (const wchar_t *fileName, DWORD *size) +{ + char *buf; + DWORD fileSize = INVALID_FILE_SIZE; + HANDLE h = CreateFile (fileName, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + if (h == INVALID_HANDLE_VALUE) + return NULL; + + if ((fileSize = GetFileSize (h, NULL)) == INVALID_FILE_SIZE) + { + CloseHandle (h); + return NULL; + } + + *size = fileSize; + buf = (char *) calloc (*size + 1, 1); + + if (buf == NULL) + { + CloseHandle (h); + return NULL; + } + + if (!ReadFile (h, buf, *size, size, NULL)) + { + free (buf); + buf = NULL; + } + + CloseHandle (h); + return buf; +} + + +// Returns NULL if there's any error. +char *LoadFileBlock (const wchar_t *fileName, __int64 fileOffset, DWORD count) +{ + char *buf; + DWORD bytesRead = 0; + LARGE_INTEGER seekOffset, seekOffsetNew; + BOOL bStatus; + + HANDLE h = CreateFile (fileName, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + if (h == INVALID_HANDLE_VALUE) + return NULL; + + seekOffset.QuadPart = fileOffset; + + if (SetFilePointerEx (h, seekOffset, &seekOffsetNew, FILE_BEGIN) == 0) + { + CloseHandle (h); + return NULL; + } + + buf = (char *) calloc (count, 1); + + if (buf == NULL) + { + CloseHandle (h); + return NULL; + } + + bStatus = ReadFile (h, buf, count, &bytesRead, NULL); + + CloseHandle (h); + + if (!bStatus || (bytesRead != count)) + { + free (buf); + return NULL; + } + + return buf; +} + + +// Returns -1 if there is an error, or the size of the file. +__int64 GetFileSize64 (const wchar_t *path) +{ + HANDLE h = CreateFile (path, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + LARGE_INTEGER size; + __int64 retSize = -1; + + if (h) + { + if (GetFileSizeEx (h, &size)) + { + retSize = size.QuadPart; + } + + CloseHandle (h); + } + + return retSize; +} + + +wchar_t *GetModPath (wchar_t *path, int maxSize) +{ + GetModuleFileName (NULL, path, maxSize); + wchar_t* ptr = wcsrchr (path, L'\\'); + if (ptr) + ptr[1] = 0; + return path; +} + + +wchar_t *GetConfigPath (wchar_t *fileName) +{ + static wchar_t path[MAX_PATH * 2] = { 0 }; + + if (IsNonInstallMode ()) + { + GetModPath (path, ARRAYSIZE (path)); + StringCchCatW (path, (MAX_PATH * 2), fileName); + + return path; + } + + if (SUCCEEDED(SHGetFolderPath (NULL, CSIDL_APPDATA | CSIDL_FLAG_CREATE, NULL, 0, path))) + { + StringCchCatW (path, (MAX_PATH * 2), L"\\VeraCrypt\\"); + CreateDirectory (path, NULL); + StringCchCatW (path, (MAX_PATH * 2), fileName); + } + else + path[0] = 0; + + return path; +} + + +wchar_t *GetProgramConfigPath (wchar_t *fileName) +{ + static wchar_t path[MAX_PATH * 2] = { 0 }; + + if (SUCCEEDED (SHGetFolderPath (NULL, CSIDL_COMMON_APPDATA | CSIDL_FLAG_CREATE, NULL, 0, path))) + { + StringCchCatW (path, (MAX_PATH * 2), L"\\VeraCrypt\\"); + CreateDirectory (path, NULL); + StringCchCatW (path, (MAX_PATH * 2), fileName); + } + else + path[0] = 0; + + return path; +} + + +std::wstring GetServiceConfigPath (const wchar_t *fileName, bool useLegacy) +{ + wchar_t sysPath[TC_MAX_PATH]; + + if (Is64BitOs() && useLegacy) + { + typedef UINT (WINAPI *GetSystemWow64Directory_t) (LPWSTR lpBuffer, UINT uSize); + + GetSystemWow64Directory_t getSystemWow64Directory = (GetSystemWow64Directory_t) GetProcAddress (GetModuleHandle (L"kernel32"), "GetSystemWow64DirectoryW"); + getSystemWow64Directory (sysPath, ARRAYSIZE (sysPath)); + } + else + GetSystemDirectory (sysPath, ARRAYSIZE (sysPath)); + + return wstring (sysPath) + L"\\" + fileName; +} + + +// Returns 0 if an error occurs or the drive letter (as an upper-case char) of the system partition (e.g. 'C'); +wchar_t GetSystemDriveLetter (void) +{ + wchar_t systemDir [MAX_PATH]; + + if (GetSystemDirectory (systemDir, ARRAYSIZE (systemDir))) + return (wchar_t) (towupper (systemDir [0])); + else + return 0; +} + + +void TaskBarIconDisplayBalloonTooltip (HWND hwnd, wchar_t *headline, wchar_t *text, BOOL warning) +{ + if (nCurrentOS == WIN_2000) + { + MessageBoxW (MainDlg, text, headline, warning ? MB_ICONWARNING : MB_ICONINFORMATION); + return; + } + + NOTIFYICONDATAW tnid; + + ZeroMemory (&tnid, sizeof (tnid)); + + tnid.cbSize = sizeof (tnid); + tnid.hWnd = hwnd; + tnid.uID = IDI_TRUECRYPT_ICON; + //tnid.uVersion = (IsOSAtLeast (WIN_VISTA) ? NOTIFYICON_VERSION_4 : NOTIFYICON_VERSION); + + //Shell_NotifyIconW (NIM_SETVERSION, &tnid); + + tnid.uFlags = NIF_INFO; + tnid.dwInfoFlags = (warning ? NIIF_WARNING : NIIF_INFO); + tnid.uTimeout = (IsOSAtLeast (WIN_VISTA) ? 1000 : 5000); // in ms + + StringCbCopyW (tnid.szInfoTitle, sizeof(tnid.szInfoTitle), headline); + StringCbCopyW (tnid.szInfo, sizeof(tnid.szInfo),text); + + // Display the balloon tooltip quickly twice in a row to avoid the slow and unwanted "fade-in" phase + Shell_NotifyIconW (NIM_MODIFY, &tnid); + Shell_NotifyIconW (NIM_MODIFY, &tnid); +} + + +// Either of the pointers may be NULL +void InfoBalloon (char *headingStringId, char *textStringId, HWND hwnd) +{ + if (Silent) + return; + + TaskBarIconDisplayBalloonTooltip (hwnd, + headingStringId == NULL ? L"VeraCrypt" : GetString (headingStringId), + textStringId == NULL ? L" " : GetString (textStringId), + FALSE); +} + + +// Either of the pointers may be NULL +void InfoBalloonDirect (wchar_t *headingString, wchar_t *textString, HWND hwnd) +{ + if (Silent) + return; + + TaskBarIconDisplayBalloonTooltip (hwnd, + headingString == NULL ? L"VeraCrypt" : headingString, + textString == NULL ? L" " : textString, + FALSE); +} + + +// Either of the pointers may be NULL +void WarningBalloon (char *headingStringId, char *textStringId, HWND hwnd) +{ + if (Silent) + return; + + TaskBarIconDisplayBalloonTooltip (hwnd, + headingStringId == NULL ? L"VeraCrypt" : GetString (headingStringId), + textStringId == NULL ? L" " : GetString (textStringId), + TRUE); +} + + +// Either of the pointers may be NULL +void WarningBalloonDirect (wchar_t *headingString, wchar_t *textString, HWND hwnd) +{ + if (Silent) + return; + + TaskBarIconDisplayBalloonTooltip (hwnd, + headingString == NULL ? L"VeraCrypt" : headingString, + textString == NULL ? L" " : textString, + TRUE); +} + + +int Info (char *stringId, HWND hwnd) +{ + if (Silent) return 0; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONINFORMATION); +} + + +int InfoTopMost (char *stringId, HWND hwnd) +{ + if (Silent) return 0; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONINFORMATION | MB_SETFOREGROUND | MB_TOPMOST); +} + + +int InfoDirect (const wchar_t *msg, HWND hwnd) +{ + if (Silent) return 0; + return MessageBoxW (hwnd, msg, lpszTitle, MB_ICONINFORMATION); +} + + +int Warning (char *stringId, HWND hwnd) +{ + if (Silent) return 0; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING); +} + + +int WarningTopMost (char *stringId, HWND hwnd) +{ + if (Silent) return 0; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); +} + + +int WarningDirect (const wchar_t *warnMsg, HWND hwnd) +{ + if (Silent) return 0; + return MessageBoxW (hwnd, warnMsg, lpszTitle, MB_ICONWARNING); +} + + +int Error (char *stringId, HWND hwnd) +{ + if (Silent) return 0; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONERROR); +} + +int ErrorRetryCancel (char *stringId, HWND hwnd) +{ + if (Silent) return 0; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONERROR | MB_RETRYCANCEL); +} + +int ErrorTopMost (char *stringId, HWND hwnd) +{ + if (Silent) return 0; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONERROR | MB_SETFOREGROUND | MB_TOPMOST); +} + + +int ErrorDirect (const wchar_t *errMsg, HWND hwnd) +{ + if (Silent) return 0; + return MessageBoxW (hwnd, errMsg, lpszTitle, MB_ICONERROR); +} + + +int AskYesNo (char *stringId, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONQUESTION | MB_YESNO | MB_DEFBUTTON1); +} + + +int AskYesNoString (const wchar_t *str, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, str, lpszTitle, MB_ICONQUESTION | MB_YESNO | MB_DEFBUTTON1); +} + + +int AskYesNoTopmost (char *stringId, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONQUESTION | MB_YESNO | MB_DEFBUTTON1 | MB_SETFOREGROUND | MB_TOPMOST); +} + + +int AskNoYes (char *stringId, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONQUESTION | MB_YESNO | MB_DEFBUTTON2); +} + +int AskNoYesString (const wchar_t *string, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, string, lpszTitle, MB_ICONQUESTION | MB_YESNO | MB_DEFBUTTON2); +} + +int AskOkCancel (char *stringId, HWND hwnd) +{ + if (Silent) return IDCANCEL; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONQUESTION | MB_OKCANCEL | MB_DEFBUTTON1); +} + + +int AskWarnYesNo (char *stringId, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON1); +} + + +int AskWarnYesNoString (const wchar_t *string, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, string, lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON1); +} + + +int AskWarnYesNoTopmost (char *stringId, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON1 | MB_SETFOREGROUND | MB_TOPMOST); +} + + +int AskWarnYesNoStringTopmost (const wchar_t *string, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, string, lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON1 | MB_SETFOREGROUND | MB_TOPMOST); +} + + +int AskWarnNoYes (char *stringId, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON2); +} + + +int AskWarnNoYesString (const wchar_t *string, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, string, lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON2); +} + + +int AskWarnNoYesTopmost (char *stringId, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON2 | MB_SETFOREGROUND | MB_TOPMOST); +} + + +int AskWarnOkCancel (char *stringId, HWND hwnd) +{ + if (Silent) return IDCANCEL; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_OKCANCEL | MB_DEFBUTTON1); +} + + +int AskWarnCancelOk (char *stringId, HWND hwnd) +{ + if (Silent) return IDCANCEL; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONWARNING | MB_OKCANCEL | MB_DEFBUTTON2); +} + + +int AskErrYesNo (char *stringId, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONERROR | MB_YESNO | MB_DEFBUTTON1); +} + + +int AskErrNoYes (char *stringId, HWND hwnd) +{ + if (Silent) return IDNO; + return MessageBoxW (hwnd, GetString (stringId), lpszTitle, MB_ICONERROR | MB_YESNO | MB_DEFBUTTON2); +} + + +// The function accepts two input formats: +// Input format 1: {0, "MESSAGE_STRING_ID", "BUTTON_1_STRING_ID", ... "LAST_BUTTON_STRING_ID", 0}; +// Input format 2: {L"", L"Message text", L"Button caption 1", ... L"Last button caption", 0}; +// The second format is to be used if any of the strings contains format specification (e.g. %s, %d) or +// in any other cases where a string needs to be resolved before calling this function. +// The returned value is the ordinal number of the choice the user selected (1..MAX_MULTI_CHOICES) +int AskMultiChoice (void *strings[], BOOL bBold, HWND hwnd) +{ + MULTI_CHOICE_DLGPROC_PARAMS params; + + params.strings = &strings[0]; + params.bold = bBold; + + return (int) DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_MULTI_CHOICE_DLG), hwnd, + (DLGPROC) MultiChoiceDialogProc, (LPARAM) ¶ms); +} + + +BOOL ConfigWriteBegin () +{ + DWORD size; + if (ConfigFileHandle != NULL) + return FALSE; + + if (ConfigBuffer == NULL) + ConfigBuffer = LoadFile (GetConfigPath (TC_APPD_FILENAME_CONFIGURATION), &size); + + ConfigFileHandle = _wfopen (GetConfigPath (TC_APPD_FILENAME_CONFIGURATION), L"w,ccs=UTF-8"); + if (ConfigFileHandle == NULL) + { + free (ConfigBuffer); + ConfigBuffer = NULL; + return FALSE; + } + XmlWriteHeader (ConfigFileHandle); + fputws (L"\n\t", ConfigFileHandle); + + return TRUE; +} + + +BOOL ConfigWriteEnd (HWND hwnd) +{ + char *xml = ConfigBuffer; + char key[128], value[2048]; + + if (ConfigFileHandle == NULL) return FALSE; + + // Write unmodified values + while (xml && (xml = XmlFindElement (xml, "config"))) + { + XmlGetAttributeText (xml, "key", key, sizeof (key)); + XmlGetNodeText (xml, value, sizeof (value)); + + fwprintf (ConfigFileHandle, L"\n\t\t%hs", key, value); + xml++; + } + + fputws (L"\n\t", ConfigFileHandle); + XmlWriteFooter (ConfigFileHandle); + + TCFlushFile (ConfigFileHandle); + + CheckFileStreamWriteErrors (hwnd, ConfigFileHandle, TC_APPD_FILENAME_CONFIGURATION); + + fclose (ConfigFileHandle); + ConfigFileHandle = NULL; + + if (ConfigBuffer != NULL) + { + DWORD size; + free (ConfigBuffer); + ConfigBuffer = LoadFile (GetConfigPath (TC_APPD_FILENAME_CONFIGURATION), &size); + } + + return TRUE; +} + + +BOOL ConfigWriteString (char *configKey, char *configValue) +{ + char *c; + if (ConfigFileHandle == NULL) + return FALSE; + + // Mark previous config value as updated + if (ConfigBuffer != NULL) + { + c = XmlFindElementByAttributeValue (ConfigBuffer, "config", "key", configKey); + if (c != NULL) + c[1] = '!'; + } + + return 0 != fwprintf ( + ConfigFileHandle, L"\n\t\t%hs", + configKey, configValue); +} + +BOOL ConfigWriteStringW (char *configKey, wchar_t *configValue) +{ + char *c; + if (ConfigFileHandle == NULL) + return FALSE; + + // Mark previous config value as updated + if (ConfigBuffer != NULL) + { + c = XmlFindElementByAttributeValue (ConfigBuffer, "config", "key", configKey); + if (c != NULL) + c[1] = '!'; + } + + return 0 != fwprintf ( + ConfigFileHandle, L"\n\t\t%ls", + configKey, configValue); +} + +BOOL ConfigWriteInt (char *configKey, int configValue) +{ + char val[32]; + StringCbPrintfA (val, sizeof(val), "%d", configValue); + return ConfigWriteString (configKey, val); +} + + +static BOOL ConfigRead (char *configKey, char *configValue, int maxValueSize) +{ + DWORD size; + char *xml; + + if (ConfigBuffer == NULL) + ConfigBuffer = LoadFile (GetConfigPath (TC_APPD_FILENAME_CONFIGURATION), &size); + + xml = ConfigBuffer; + if (xml != NULL) + { + xml = XmlFindElementByAttributeValue (xml, "config", "key", configKey); + if (xml != NULL) + { + XmlGetNodeText (xml, configValue, maxValueSize); + return TRUE; + } + } + + return FALSE; +} + + +int ConfigReadInt (char *configKey, int defaultValue) +{ + char s[32]; + + if (ConfigRead (configKey, s, sizeof (s))) + return atoi (s); + else + return defaultValue; +} + + +char *ConfigReadString (char *configKey, char *defaultValue, char *str, int maxLen) +{ + if (ConfigRead (configKey, str, maxLen)) + return str; + else + { + StringCbCopyA (str, maxLen, defaultValue); + return defaultValue; + } +} + +void ConfigReadCompareInt(char *configKey, int defaultValue, int* pOutputValue, BOOL bOnlyCheckModified, BOOL* pbModified) +{ + int intValue = ConfigReadInt (configKey, defaultValue); + if (pOutputValue) + { + if (pbModified && (*pOutputValue != intValue)) + *pbModified = TRUE; + if (!bOnlyCheckModified) + *pOutputValue = intValue; + } +} + +void ConfigReadCompareString (char *configKey, char *defaultValue, char *str, int maxLen, BOOL bOnlyCheckModified, BOOL *pbModified) +{ + char *strValue = (char*) malloc (maxLen); + if (strValue) + { + memcpy (strValue, str, maxLen); + + ConfigReadString (configKey, defaultValue, strValue, maxLen); + + if (pbModified && strcmp (str, strValue)) + *pbModified = TRUE; + if (!bOnlyCheckModified) + memcpy(str, strValue, maxLen); + + free (strValue); + } + else + { + /* allocation failed. Suppose that value changed */ + if (pbModified) + *pbModified = TRUE; + if (!bOnlyCheckModified) + ConfigReadString (configKey, defaultValue, str, maxLen); + + } +} + +void OpenPageHelp (HWND hwndDlg, int nPage) +{ + int r = (int)ShellExecuteW (NULL, L"open", szHelpFile, NULL, NULL, SW_SHOWNORMAL); + + if (r == ERROR_FILE_NOT_FOUND) + { + // Try the secondary help file + r = (int)ShellExecuteW (NULL, L"open", szHelpFile2, NULL, NULL, SW_SHOWNORMAL); + + if (r == ERROR_FILE_NOT_FOUND) + { + OpenOnlineHelp (); + return; + } + } + + if (r == SE_ERR_NOASSOC) + { + if (AskYesNo ("HELP_READER_ERROR", MainDlg) == IDYES) + OpenOnlineHelp (); + } +} + + +void OpenOnlineHelp () +{ + Applink ("help", TRUE, ""); +} + + +#ifndef SETUP + +void RestoreDefaultKeyFilesParam (void) +{ + KeyFileRemoveAll (&FirstKeyFile); + if (defaultKeyFilesParam.FirstKeyFile != NULL) + { + KeyFileCloneAll (defaultKeyFilesParam.FirstKeyFile, &FirstKeyFile); + KeyFilesEnable = defaultKeyFilesParam.EnableKeyFiles; + } + else + KeyFilesEnable = FALSE; +} + + +BOOL LoadDefaultKeyFilesParam (void) +{ + BOOL status = TRUE; + DWORD size; + char *defaultKeyfilesFile = LoadFile (GetConfigPath (TC_APPD_FILENAME_DEFAULT_KEYFILES), &size); + char *xml = defaultKeyfilesFile; + KeyFile *kf; + + if (xml == NULL) + return FALSE; + + KeyFileRemoveAll (&defaultKeyFilesParam.FirstKeyFile); + + while (xml = XmlFindElement (xml, "keyfile")) + { + kf = (KeyFile *) malloc (sizeof (KeyFile)); + if (kf) + { + char fileName [MAX_PATH + 1]; + if (XmlGetNodeText (xml, fileName, sizeof (fileName)) != NULL) + { + std::wstring wszFileName = Utf8StringToWide(fileName); + StringCbCopyW (kf->FileName, sizeof (kf->FileName), wszFileName.c_str ()); + defaultKeyFilesParam.FirstKeyFile = KeyFileAdd (defaultKeyFilesParam.FirstKeyFile, kf); + } + else + free (kf); + } + else + { + KeyFileRemoveAll (&defaultKeyFilesParam.FirstKeyFile); + status = FALSE; + break; + } + + xml++; + } + + free (defaultKeyfilesFile); + if (status) + KeyFilesEnable = defaultKeyFilesParam.EnableKeyFiles; + + return status; +} + +#endif /* #ifndef SETUP */ + + +void Debug (char *format, ...) +{ + char buf[1024]; + va_list val; + + va_start(val, format); + StringCbVPrintfA (buf, sizeof (buf), format, val); + va_end(val); + + OutputDebugStringA (buf); +} + + +void DebugMsgBox (char *format, ...) +{ + char buf[1024]; + va_list val; + + va_start(val, format); + StringCbVPrintfA (buf, sizeof (buf), format, val); + va_end(val); + + MessageBoxA (MainDlg, buf, "VeraCrypt debug", 0); +} + + +BOOL IsOSAtLeast (OSVersionEnum reqMinOS) +{ + return IsOSVersionAtLeast (reqMinOS, 0); +} + + +// Returns TRUE if the operating system is at least reqMinOS and service pack at least reqMinServicePack. +// Example 1: IsOSVersionAtLeast (WIN_VISTA, 1) called under Windows 2008, returns TRUE. +// Example 2: IsOSVersionAtLeast (WIN_XP, 3) called under Windows XP SP1, returns FALSE. +// Example 3: IsOSVersionAtLeast (WIN_XP, 3) called under Windows Vista SP1, returns TRUE. +BOOL IsOSVersionAtLeast (OSVersionEnum reqMinOS, int reqMinServicePack) +{ + /* When updating this function, update IsOSAtLeast() in Ntdriver.c too. */ + + if (CurrentOSMajor <= 0) + TC_THROW_FATAL_EXCEPTION; + + int major = 0, minor = 0; + + switch (reqMinOS) + { + case WIN_2000: major = 5; minor = 0; break; + case WIN_XP: major = 5; minor = 1; break; + case WIN_SERVER_2003: major = 5; minor = 2; break; + case WIN_VISTA: major = 6; minor = 0; break; + case WIN_7: major = 6; minor = 1; break; + case WIN_8: major = 6; minor = 2; break; + case WIN_8_1: major = 6; minor = 3; break; + case WIN_10: major = 10; minor = 0; break; + + default: + TC_THROW_FATAL_EXCEPTION; + break; + } + + return ((CurrentOSMajor << 16 | CurrentOSMinor << 8 | CurrentOSServicePack) + >= (major << 16 | minor << 8 | reqMinServicePack)); +} + + +BOOL Is64BitOs () +{ +#ifdef _WIN64 + return TRUE; +#else + static BOOL isWow64 = FALSE; + static BOOL valid = FALSE; + typedef BOOL (__stdcall *LPFN_ISWOW64PROCESS ) (HANDLE hProcess,PBOOL Wow64Process); + LPFN_ISWOW64PROCESS fnIsWow64Process; + + if (valid) + return isWow64; + + fnIsWow64Process = (LPFN_ISWOW64PROCESS) GetProcAddress (GetModuleHandle(L"kernel32"), "IsWow64Process"); + + if (fnIsWow64Process != NULL) + if (!fnIsWow64Process (GetCurrentProcess(), &isWow64)) + isWow64 = FALSE; + + valid = TRUE; + return isWow64; +#endif +} + + +BOOL IsServerOS () +{ + OSVERSIONINFOEXW osVer; + osVer.dwOSVersionInfoSize = sizeof (OSVERSIONINFOEXW); + GetVersionExW ((LPOSVERSIONINFOW) &osVer); + + return (osVer.wProductType == VER_NT_SERVER || osVer.wProductType == VER_NT_DOMAIN_CONTROLLER); +} + + +// Returns TRUE, if the currently running operating system is installed in a hidden volume. If it's not, or if +// there's an error, returns FALSE. +BOOL IsHiddenOSRunning (void) +{ + static BOOL statusCached = FALSE; + static BOOL hiddenOSRunning; + + if (!statusCached) + { + try + { + hiddenOSRunning = BootEncryption (MainDlg).IsHiddenSystemRunning(); + } + catch (...) + { + hiddenOSRunning = FALSE; + } + + statusCached = TRUE; + } + + return hiddenOSRunning; +} + + +BOOL EnableWow64FsRedirection (BOOL enable) +{ + typedef BOOLEAN (__stdcall *Wow64EnableWow64FsRedirection_t) (BOOL enable); + Wow64EnableWow64FsRedirection_t wow64EnableWow64FsRedirection = (Wow64EnableWow64FsRedirection_t) GetProcAddress (GetModuleHandle (L"kernel32"), "Wow64EnableWow64FsRedirection"); + + if (!wow64EnableWow64FsRedirection) + return FALSE; + + return wow64EnableWow64FsRedirection (enable); +} + + +BOOL RestartComputer (void) +{ + TOKEN_PRIVILEGES tokenPrivil; + HANDLE hTkn; + + if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY|TOKEN_ADJUST_PRIVILEGES, &hTkn)) + { + return false; + } + + LookupPrivilegeValue (NULL, SE_SHUTDOWN_NAME, &tokenPrivil.Privileges[0].Luid); + tokenPrivil.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; + tokenPrivil.PrivilegeCount = 1; + + AdjustTokenPrivileges (hTkn, false, &tokenPrivil, 0, (PTOKEN_PRIVILEGES) NULL, 0); + if (GetLastError() != ERROR_SUCCESS) + { + CloseHandle(hTkn); + return false; + } + + if (!ExitWindowsEx (EWX_REBOOT, + SHTDN_REASON_MAJOR_OTHER | SHTDN_REASON_MINOR_OTHER | SHTDN_REASON_FLAG_PLANNED)) + { + CloseHandle(hTkn); + return false; + } + + CloseHandle(hTkn); + return true; +} + + +std::wstring GetWindowsEdition () +{ + wstring osname = L"win"; + + OSVERSIONINFOEXW osVer; + osVer.dwOSVersionInfoSize = sizeof (OSVERSIONINFOEXW); + GetVersionExW ((LPOSVERSIONINFOW) &osVer); + + BOOL home = (osVer.wSuiteMask & VER_SUITE_PERSONAL); + BOOL server = (osVer.wProductType == VER_NT_SERVER || osVer.wProductType == VER_NT_DOMAIN_CONTROLLER); + + HKEY hkey; + wchar_t productName[300] = {0}; + DWORD productNameSize = sizeof (productName); + if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", 0, KEY_QUERY_VALUE, &hkey) == ERROR_SUCCESS) + { + if (RegQueryValueEx (hkey, L"ProductName", 0, 0, (LPBYTE) &productName, &productNameSize) != ERROR_SUCCESS || productNameSize < 1) + productName[0] = 0; + + RegCloseKey (hkey); + } + + switch (nCurrentOS) + { + case WIN_2000: + osname += L"2000"; + break; + + case WIN_XP: + case WIN_XP64: + osname += L"xp"; + osname += home ? L"-home" : L"-pro"; + break; + + case WIN_SERVER_2003: + osname += L"2003"; + break; + + case WIN_VISTA: + osname += L"vista"; + break; + + case WIN_SERVER_2008: + osname += L"2008"; + break; + + case WIN_7: + osname += L"7"; + break; + + case WIN_SERVER_2008_R2: + osname += L"2008r2"; + break; + + default: + wstringstream s; + s << CurrentOSMajor << L"." << CurrentOSMinor; + osname += s.str(); + break; + } + + if (server) + osname += L"-server"; + + if (IsOSAtLeast (WIN_VISTA)) + { + if (home) + osname += L"-home"; + else if (wcsstr (productName, L"Standard") != 0) + osname += L"-standard"; + else if (wcsstr (productName, L"Professional") != 0) + osname += L"-pro"; + else if (wcsstr (productName, L"Business") != 0) + osname += L"-business"; + else if (wcsstr (productName, L"Enterprise") != 0) + osname += L"-enterprise"; + else if (wcsstr (productName, L"Datacenter") != 0) + osname += L"-datacenter"; + else if (wcsstr (productName, L"Ultimate") != 0) + osname += L"-ultimate"; + } + + if (GetSystemMetrics (SM_STARTER)) + osname += L"-starter"; + else if (wcsstr (productName, L"Basic") != 0) + osname += L"-basic"; + + if (Is64BitOs()) + osname += L"-x64"; + + if (CurrentOSServicePack > 0) + { + wstringstream s; + s << L"-sp" << CurrentOSServicePack; + osname += s.str(); + } + + return osname; +} + + +void Applink (char *dest, BOOL bSendOS, char *extraOutput) +{ + char url [MAX_URL_LENGTH]; + + ArrowWaitCursor (); + + // sprintf_s (url, sizeof (url), TC_APPLINK "%s%s&dest=%s", bSendOS ? ("&os=" + GetWindowsEdition()).c_str() : "", extraOutput, dest); + if (strcmp(dest, "donate") == 0) + { + StringCbCopyA (url, sizeof (url),"https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=5BCXVMTTNJDCY"); + } + else if (strcmp(dest, "main") == 0) + { + StringCbCopyA (url, sizeof (url),TC_HOMEPAGE); + } + else if (strcmp(dest,"localizations") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Language%20Packs"); + } + else if (strcmp(dest, "beginnerstutorial") == 0 || strcmp(dest,"tutorial") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Beginner%27s%20Tutorial"); + } + else if (strcmp(dest, "releasenotes") == 0 || strcmp(dest, "history") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Release%20Notes"); + } + else if (strcmp(dest, "hwacceleration") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Hardware%20Acceleration"); + } + else if (strcmp(dest, "parallelization") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Parallelization"); + } + else if (strcmp(dest, "help") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/documentation"); + } + else if (strcmp(dest, "keyfiles") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Keyfiles"); + } + else if (strcmp(dest, "introcontainer") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Creating%20New%20Volumes"); + } + else if (strcmp(dest, "introsysenc") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=System%20Encryption"); + } + else if (strcmp(dest, "hiddensysenc") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=VeraCrypt%20Hidden%20Operating%20System"); + } + else if (strcmp(dest, "sysencprogressinfo") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=System%20Encryption"); + } + else if (strcmp(dest, "hiddenvolume") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Hidden%20Volume"); + } + else if (strcmp(dest, "aes") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=AES"); + } + else if (strcmp(dest, "serpent") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Serpent"); + } + else if (strcmp(dest, "twofish") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Twofish"); + } + else if (strcmp(dest, "cascades") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Cascades"); + } + else if (strcmp(dest, "hashalgorithms") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Hash%20Algorithms"); + } + else if (strcmp(dest, "isoburning") == 0) + { + StringCbCopyA (url, sizeof (url),"https://cdburnerxp.se/en/home"); + } + else if (strcmp(dest, "sysfavorites") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=System%20Favorite%20Volumes"); + } + else if (strcmp(dest, "favorites") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Favorite%20Volumes"); + } + else if (strcmp(dest, "hiddenvolprotection") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Protection%20of%20Hidden%20Volumes"); + } + else if (strcmp(dest, "faq") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=FAQ"); + } + else if (strcmp(dest, "downloads") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Downloads"); + } + else if (strcmp(dest, "news") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=News"); + } + else if (strcmp(dest, "contact") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Contact"); + } + else if (strcmp(dest, "pim") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Personal%20Iterations%20Multiplier%20%28PIM%29"); + } + else + { + StringCbCopyA (url, sizeof (url),TC_APPLINK); + } + ShellExecuteA (NULL, "open", url, NULL, NULL, SW_SHOWNORMAL); + + Sleep (200); + NormalCursor (); +} + + +wchar_t *RelativePath2Absolute (wchar_t *szFileName) +{ + if (szFileName[0] != L'\\' + && wcschr (szFileName, L':') == 0 + && wcsstr (szFileName, L"Volume{") != szFileName) + { + wchar_t path[MAX_PATH*2]; + GetCurrentDirectory (MAX_PATH, path); + + if (path[wcslen (path) - 1] != L'\\') + StringCbCatW (path, (MAX_PATH * 2), L"\\"); + + StringCbCatW (path, (MAX_PATH * 2), szFileName); + StringCbCopyW (szFileName, MAX_PATH + 1, path); // szFileName size is always at least (MAX_PATH + 1) + } + + return szFileName; +} + + +void HandleDriveNotReadyError (HWND hwnd) +{ + HKEY hkey = 0; + DWORD value = 0, size = sizeof (DWORD); + + if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Services\\MountMgr", + 0, KEY_READ, &hkey) != ERROR_SUCCESS) + return; + + if (RegQueryValueEx (hkey, L"NoAutoMount", 0, 0, (LPBYTE) &value, &size) == ERROR_SUCCESS + && value != 0) + { + Warning ("SYS_AUTOMOUNT_DISABLED", hwnd); + } + else if (nCurrentOS == WIN_VISTA && CurrentOSServicePack < 1) + Warning ("SYS_ASSIGN_DRIVE_LETTER", hwnd); + else + Warning ("DEVICE_NOT_READY_ERROR", hwnd); + + RegCloseKey (hkey); +} + + +BOOL CALLBACK CloseTCWindowsEnum (HWND hwnd, LPARAM lParam) +{ + LONG_PTR userDataVal = GetWindowLongPtrW (hwnd, GWLP_USERDATA); + if ((userDataVal == (LONG_PTR) 'VERA') || (userDataVal == (LONG_PTR) 'TRUE')) // Prior to 1.0e, 'TRUE' was used for VeraCrypt dialogs + { + wchar_t name[1024] = { 0 }; + GetWindowText (hwnd, name, ARRAYSIZE (name) - 1); + if (hwnd != MainDlg && wcsstr (name, L"VeraCrypt")) + { + PostMessage (hwnd, TC_APPMSG_CLOSE_BKG_TASK, 0, 0); + + PostMessage (hwnd, WM_CLOSE, 0, 0); + + if (lParam != 0) + *((BOOL *)lParam) = TRUE; + } + } + return TRUE; +} + +BOOL CALLBACK FindTCWindowEnum (HWND hwnd, LPARAM lParam) +{ + if (*(HWND *)lParam == hwnd) + return TRUE; + + LONG_PTR userDataVal = GetWindowLongPtrW (hwnd, GWLP_USERDATA); + if ((userDataVal == (LONG_PTR) 'VERA') || (userDataVal == (LONG_PTR) 'TRUE')) // Prior to 1.0e, 'TRUE' was used for VeraCrypt dialogs + { + wchar_t name[32] = { 0 }; + GetWindowText (hwnd, name, ARRAYSIZE (name) - 1); + if (hwnd != MainDlg && wcscmp (name, L"VeraCrypt") == 0) + { + if (lParam != 0) + *((HWND *)lParam) = hwnd; + } + } + return TRUE; +} + + +BYTE *MapResource (wchar_t *resourceType, int resourceId, PDWORD size) +{ + HGLOBAL hResL; + HRSRC hRes; + + hRes = FindResource (NULL, MAKEINTRESOURCE(resourceId), resourceType); + hResL = LoadResource (NULL, hRes); + + if (size != NULL) + *size = SizeofResource (NULL, hRes); + + return (BYTE *) LockResource (hResL); +} + + +void InconsistencyResolved (char *techInfo) +{ + wchar_t finalMsg[8024]; + + StringCbPrintfW (finalMsg, sizeof(finalMsg), GetString ("INCONSISTENCY_RESOLVED"), techInfo); + MessageBoxW (MainDlg, finalMsg, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); +} + + +void ReportUnexpectedState (char *techInfo) +{ + wchar_t finalMsg[8024]; + + StringCbPrintfW (finalMsg, sizeof(finalMsg), GetString ("UNEXPECTED_STATE"), techInfo); + MessageBoxW (MainDlg, finalMsg, lpszTitle, MB_ICONERROR | MB_SETFOREGROUND | MB_TOPMOST); +} + + +#ifndef SETUP + +int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader) +{ + int status = ERR_PARAMETER_INCORRECT; + int volumeType; + wchar_t szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH]; + wchar_t szDosDevice[TC_MAX_PATH]; + char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; + LARGE_INTEGER headerOffset; + DWORD dwResult; + DISK_GEOMETRY deviceGeometry; + + context->VolumeIsOpen = FALSE; + context->CryptoInfo = NULL; + context->HostFileHandle = INVALID_HANDLE_VALUE; + context->TimestampsValid = FALSE; + + CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), volumePath, &context->IsDevice); + + if (context->IsDevice) + { + status = FakeDosNameForDevice (szDiskFile, szDosDevice, sizeof(szDosDevice), szCFDevice, sizeof(szCFDevice), FALSE); + if (status != 0) + return status; + + preserveTimestamps = FALSE; + + if (!GetDriveGeometry (volumePath, &deviceGeometry)) + { + status = ERR_OS_ERROR; + goto error; + } + } + else + StringCbCopyW (szCFDevice, sizeof(szCFDevice), szDiskFile); + + if (preserveTimestamps) + write = TRUE; + + context->HostFileHandle = CreateFile (szCFDevice, GENERIC_READ | (write ? GENERIC_WRITE : 0), FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (context->HostFileHandle == INVALID_HANDLE_VALUE) + { + status = ERR_OS_ERROR; + goto error; + } + + if (context->IsDevice) + { + // Try to gain "raw" access to the partition in case there is a live filesystem on it (otherwise, + // the NTFS driver guards hidden sectors and prevents e.g. header backup restore after the user + // accidentally quick-formats a dismounted partition-hosted TrueCrypt volume as NTFS, etc.) + + DeviceIoControl (context->HostFileHandle, FSCTL_ALLOW_EXTENDED_DASD_IO, NULL, 0, NULL, 0, &dwResult, NULL); + } + + context->VolumeIsOpen = TRUE; + + // Remember the container modification/creation date and time + if (!context->IsDevice && preserveTimestamps) + { + if (GetFileTime (context->HostFileHandle, &context->CreationTime, &context->LastAccessTime, &context->LastWriteTime) == 0) + context->TimestampsValid = FALSE; + else + context->TimestampsValid = TRUE; + } + + // Determine host size + if (context->IsDevice) + { + PARTITION_INFORMATION diskInfo; + + if (GetPartitionInfo (volumePath, &diskInfo)) + { + context->HostSize = diskInfo.PartitionLength.QuadPart; + } + else + { + DISK_GEOMETRY driveInfo; + + if (!DeviceIoControl (context->HostFileHandle, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &driveInfo, sizeof (driveInfo), &dwResult, NULL)) + { + status = ERR_OS_ERROR; + goto error; + } + + context->HostSize = driveInfo.Cylinders.QuadPart * driveInfo.BytesPerSector * driveInfo.SectorsPerTrack * driveInfo.TracksPerCylinder; + } + + if (context->HostSize == 0) + { + status = ERR_VOL_SIZE_WRONG; + goto error; + } + } + else + { + LARGE_INTEGER fileSize; + if (!GetFileSizeEx (context->HostFileHandle, &fileSize)) + { + status = ERR_OS_ERROR; + goto error; + } + + context->HostSize = fileSize.QuadPart; + } + + for (volumeType = TC_VOLUME_TYPE_NORMAL; volumeType < TC_VOLUME_TYPE_COUNT; volumeType++) + { + // Seek the volume header + switch (volumeType) + { + case TC_VOLUME_TYPE_NORMAL: + headerOffset.QuadPart = useBackupHeader ? context->HostSize - TC_VOLUME_HEADER_GROUP_SIZE : TC_VOLUME_HEADER_OFFSET; + break; + + case TC_VOLUME_TYPE_HIDDEN: + if (TC_HIDDEN_VOLUME_HEADER_OFFSET + TC_VOLUME_HEADER_SIZE > context->HostSize) + continue; + + headerOffset.QuadPart = useBackupHeader ? context->HostSize - TC_VOLUME_HEADER_SIZE : TC_HIDDEN_VOLUME_HEADER_OFFSET; + break; + + } + + if (!SetFilePointerEx ((HANDLE) context->HostFileHandle, headerOffset, NULL, FILE_BEGIN)) + { + status = ERR_OS_ERROR; + goto error; + } + + // Read volume header + DWORD bytesRead; + if (!ReadEffectiveVolumeHeader (context->IsDevice, context->HostFileHandle, (byte *) buffer, &bytesRead)) + { + status = ERR_OS_ERROR; + goto error; + } + + if (bytesRead != sizeof (buffer) + && context->IsDevice) + { + // If FSCTL_ALLOW_EXTENDED_DASD_IO failed and there is a live filesystem on the partition, then the + // filesystem driver may report EOF when we are reading hidden sectors (when the filesystem is + // shorter than the partition). This can happen for example after the user quick-formats a dismounted + // partition-hosted TrueCrypt volume and then tries to read the embedded backup header. + + memset (buffer, 0, sizeof (buffer)); + } + + // Decrypt volume header + status = ReadVolumeHeader (FALSE, buffer, password, pkcs5_prf, pim, truecryptMode, &context->CryptoInfo, NULL); + + if (status == ERR_PASSWORD_WRONG) + continue; // Try next volume type + + break; + } + + if (status == ERR_SUCCESS) + return status; + +error: + DWORD sysError = GetLastError (); + + CloseVolume (context); + + SetLastError (sysError); + return status; +} + + +void CloseVolume (OpenVolumeContext *context) +{ + if (!context->VolumeIsOpen) + return; + + if (context->HostFileHandle != INVALID_HANDLE_VALUE) + { + if (context->TimestampsValid) + SetFileTime (context->HostFileHandle, &context->CreationTime, &context->LastAccessTime, &context->LastWriteTime); + + CloseHandle (context->HostFileHandle); + context->HostFileHandle = INVALID_HANDLE_VALUE; + } + + if (context->CryptoInfo) + { + crypto_close (context->CryptoInfo); + context->CryptoInfo = NULL; + } + + context->VolumeIsOpen = FALSE; +} + + +int ReEncryptVolumeHeader (HWND hwndDlg, char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode) +{ + CRYPTO_INFO *newCryptoInfo = NULL; + + RandSetHashFunction (cryptoInfo->pkcs5); + + if (Randinit() != ERR_SUCCESS) + { + if (CryptoAPILastError == ERROR_SUCCESS) + return ERR_RAND_INIT_FAILED; + else + return ERR_CAPI_INIT_FAILED; + } + + UserEnrichRandomPool (NULL); + + int status = CreateVolumeHeaderInMemory (hwndDlg, bBoot, + buffer, + cryptoInfo->ea, + cryptoInfo->mode, + password, + cryptoInfo->pkcs5, + pim, + (char *) cryptoInfo->master_keydata, + &newCryptoInfo, + cryptoInfo->VolumeSize.Value, + cryptoInfo->hiddenVolume ? cryptoInfo->hiddenVolumeSize : 0, + cryptoInfo->EncryptedAreaStart.Value, + cryptoInfo->EncryptedAreaLength.Value, + cryptoInfo->RequiredProgramVersion, + cryptoInfo->HeaderFlags, + cryptoInfo->SectorSize, + wipeMode); + + if (newCryptoInfo != NULL) + crypto_close (newCryptoInfo); + + return status; +} + +#endif // !SETUP + + +BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly) +{ + // GlobalMemoryStatusEx() cannot be used to determine if a paging file is active + + wchar_t data[65536]; + DWORD size = sizeof (data); + + if (IsPagingFileWildcardActive()) + return TRUE; + + if (ReadLocalMachineRegistryMultiString (L"System\\CurrentControlSet\\Control\\Session Manager\\Memory Management", L"PagingFiles", data, &size) + && size > 24 && !checkNonWindowsPartitionsOnly) + return TRUE; + + if (!IsAdmin()) + AbortProcess ("UAC_INIT_ERROR"); + + for (wchar_t drive = L'C'; drive <= L'Z'; ++drive) + { + // Query geometry of the drive first to prevent "no medium" pop-ups + wstring drivePath = L"\\\\.\\X:"; + drivePath[4] = drive; + + if (checkNonWindowsPartitionsOnly) + { + wchar_t sysDir[MAX_PATH]; + if (GetSystemDirectory (sysDir, ARRAYSIZE (sysDir)) != 0 && towupper (sysDir[0]) == drive) + continue; + } + + HANDLE handle = CreateFile (drivePath.c_str(), GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (handle == INVALID_HANDLE_VALUE) + continue; + + DISK_GEOMETRY driveInfo; + DWORD dwResult; + + if (!DeviceIoControl (handle, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &driveInfo, sizeof (driveInfo), &dwResult, NULL)) + { + CloseHandle (handle); + continue; + } + + CloseHandle (handle); + + // Test if a paging file exists and is locked by another process + wstring path = L"X:\\pagefile.sys"; + path[0] = drive; + + handle = CreateFile (path.c_str(), GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL); + + if (handle != INVALID_HANDLE_VALUE) + CloseHandle (handle); + else if (GetLastError() == ERROR_SHARING_VIOLATION) + return TRUE; + } + + return FALSE; +} + + +BOOL IsPagingFileWildcardActive () +{ + wchar_t pagingFiles[65536]; + DWORD size = sizeof (pagingFiles); + wchar_t *mmKey = L"System\\CurrentControlSet\\Control\\Session Manager\\Memory Management"; + + if (!ReadLocalMachineRegistryString (mmKey, L"PagingFiles", pagingFiles, &size)) + { + size = sizeof (pagingFiles); + if (!ReadLocalMachineRegistryMultiString (mmKey, L"PagingFiles", pagingFiles, &size)) + size = 0; + } + + return size > 0 && wcsstr (pagingFiles, L"?:\\") == pagingFiles; +} + + +BOOL DisablePagingFile () +{ + wchar_t empty[] = { 0, 0 }; + return WriteLocalMachineRegistryMultiString (L"System\\CurrentControlSet\\Control\\Session Manager\\Memory Management", L"PagingFiles", empty, sizeof (empty)); +} + + +std::wstring SingleStringToWide (const std::string &singleString) +{ + if (singleString.empty()) + return std::wstring(); + + WCHAR wbuf[65536]; + int wideLen = MultiByteToWideChar (CP_ACP, 0, singleString.c_str(), -1, wbuf, array_capacity (wbuf) - 1); + + // We don't throw exception here and only return empty string. + // All calls to this function use valid strings. + // throw_sys_if (wideLen == 0); + + wbuf[wideLen] = 0; + return wbuf; +} + + +std::wstring Utf8StringToWide (const std::string &utf8String) +{ + if (utf8String.empty()) + return std::wstring(); + + WCHAR wbuf[65536]; + int wideLen = MultiByteToWideChar (CP_UTF8, 0, utf8String.c_str(), -1, wbuf, array_capacity (wbuf) - 1); + throw_sys_if (wideLen == 0); + + wbuf[wideLen] = 0; + return wbuf; +} + + +std::string WideToUtf8String (const std::wstring &wideString) +{ + if (wideString.empty()) + return std::string(); + + char buf[65536]; + int len = WideCharToMultiByte (CP_UTF8, 0, wideString.c_str(), -1, buf, array_capacity (buf) - 1, NULL, NULL); + throw_sys_if (len == 0); + + buf[len] = 0; + return buf; +} + + +#ifndef SETUP + +BOOL CALLBACK SecurityTokenPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + static string *password; + + switch (msg) + { + case WM_INITDIALOG: + { + password = (string *) lParam; + LocalizeDialog (hwndDlg, "IDD_TOKEN_PASSWORD"); + + wchar_t s[1024]; + StringCbPrintfW (s, sizeof(s), GetString ("ENTER_TOKEN_PASSWORD"), Utf8StringToWide (password->c_str()).c_str()); + SetWindowTextW (GetDlgItem (hwndDlg, IDT_TOKEN_PASSWORD_INFO), s); + + SendMessage (GetDlgItem (hwndDlg, IDC_TOKEN_PASSWORD), EM_LIMITTEXT, SecurityToken::MaxPasswordLength, 0); + + SetForegroundWindow (hwndDlg); + SetFocus (GetDlgItem (hwndDlg, IDC_TOKEN_PASSWORD)); + } + return 0; + + case WM_COMMAND: + if (lw == IDCANCEL || lw == IDOK) + { + if (lw == IDOK) + { + wchar_t passwordWide[SecurityToken::MaxPasswordLength + 1]; + + if (GetWindowTextW (GetDlgItem (hwndDlg, IDC_TOKEN_PASSWORD), passwordWide, SecurityToken::MaxPasswordLength + 1) == 0) + { + handleWin32Error (hwndDlg, SRC_POS); + break; + } + + char passwordUtf8[SecurityToken::MaxPasswordLength + 1]; + + int len = WideCharToMultiByte (CP_UTF8, 0, passwordWide, -1, passwordUtf8, array_capacity (passwordUtf8) - 1, nullptr, nullptr); + passwordUtf8[len] = 0; + *password = passwordUtf8; + + burn (passwordWide, sizeof (passwordWide)); + burn (passwordUtf8, sizeof (passwordUtf8)); + } + + // Attempt to wipe password stored in the input field buffer + wchar_t tmp[SecurityToken::MaxPasswordLength+1]; + wmemset (tmp, 'X', SecurityToken::MaxPasswordLength); + tmp[SecurityToken::MaxPasswordLength] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_TOKEN_PASSWORD), tmp); + + EndDialog (hwndDlg, lw); + } + return 1; + } + + return 0; +} + + +struct NewSecurityTokenKeyfileDlgProcParams +{ + CK_SLOT_ID SlotId; + string Name; +}; + +static BOOL CALLBACK NewSecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + static NewSecurityTokenKeyfileDlgProcParams *newParams; + + WORD lw = LOWORD (wParam); + switch (msg) + { + case WM_INITDIALOG: + { + LocalizeDialog (hwndDlg, "IDD_NEW_TOKEN_KEYFILE"); + + newParams = (NewSecurityTokenKeyfileDlgProcParams *) lParam; + + WaitCursor(); + finally_do ({ NormalCursor(); }); + + list tokens; + + try + { + tokens = SecurityToken::GetAvailableTokens(); + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + + if (tokens.empty()) + { + Error ("NO_TOKENS_FOUND", hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + foreach (const SecurityTokenInfo &token, tokens) + { + wstringstream tokenLabel; + tokenLabel << L"[" << token.SlotId << L"] " << token.Label; + + AddComboPair (GetDlgItem (hwndDlg, IDC_SELECTED_TOKEN), tokenLabel.str().c_str(), token.SlotId); + } + + ComboBox_SetCurSel (GetDlgItem (hwndDlg, IDC_SELECTED_TOKEN), 0); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_TOKEN_KEYFILE_NAME), Utf8StringToWide (newParams->Name).c_str()); + return 1; + } + + case WM_COMMAND: + switch (lw) + { + case IDOK: + { + int selectedToken = ComboBox_GetCurSel (GetDlgItem (hwndDlg, IDC_SELECTED_TOKEN)); + if (selectedToken == CB_ERR) + { + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + newParams->SlotId = (CK_SLOT_ID) ComboBox_GetItemData (GetDlgItem (hwndDlg, IDC_SELECTED_TOKEN), selectedToken); + + wchar_t name[1024]; + if (GetWindowTextW (GetDlgItem (hwndDlg, IDC_TOKEN_KEYFILE_NAME), name, array_capacity (name)) != 0) + { + try + { + newParams->Name = WideToUtf8String (name); + } + catch (...) { } + } + + EndDialog (hwndDlg, IDOK); + return 1; + } + + case IDCANCEL: + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + if (HIWORD (wParam) == EN_CHANGE) + { + wchar_t name[2]; + EnableWindow (GetDlgItem (hwndDlg, IDOK), (GetWindowTextW (GetDlgItem (hwndDlg, IDC_TOKEN_KEYFILE_NAME), name, array_capacity (name)) != 0)); + return 1; + } + } + + return 0; +} + + +static void SecurityTokenKeyfileDlgFillList (HWND hwndDlg, const vector &keyfiles) +{ + HWND tokenListControl = GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST); + LVITEMW lvItem; + int line = 0; + + ListView_DeleteAllItems (tokenListControl); + + foreach (const SecurityTokenKeyfile &keyfile, keyfiles) + { + memset (&lvItem, 0, sizeof(lvItem)); + lvItem.mask = LVIF_TEXT; + lvItem.iItem = line++; + + wstringstream s; + s << keyfile.SlotId; + + ListItemAdd (tokenListControl, lvItem.iItem, (wchar_t *) s.str().c_str()); + ListSubItemSet (tokenListControl, lvItem.iItem, 1, (wchar_t *) keyfile.Token.Label.c_str()); + ListSubItemSet (tokenListControl, lvItem.iItem, 2, (wchar_t *) keyfile.Id.c_str()); + } + + BOOL selected = (ListView_GetNextItem (GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST), -1, LVIS_SELECTED) != -1); + EnableWindow (GetDlgItem (hwndDlg, IDC_EXPORT), selected); + EnableWindow (GetDlgItem (hwndDlg, IDC_DELETE), selected); +} + + +static list SecurityTokenKeyfileDlgGetSelected (HWND hwndDlg, const vector &keyfiles) +{ + HWND tokenListControl = GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST); + list selectedKeyfiles; + + int itemId = -1; + while ((itemId = ListView_GetNextItem (tokenListControl, itemId, LVIS_SELECTED)) != -1) + { + selectedKeyfiles.push_back (keyfiles[itemId]); + } + + return selectedKeyfiles; +} + + +BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + static list *selectedTokenKeyfiles; + static vector keyfiles; + + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + selectedTokenKeyfiles = (list *) lParam; + + LVCOLUMNW LvCol; + HWND tokenListControl = GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST); + + LocalizeDialog (hwndDlg, selectedTokenKeyfiles ? "SELECT_TOKEN_KEYFILES" : "IDD_TOKEN_KEYFILES"); + + SendMessage (tokenListControl,LVM_SETEXTENDEDLISTVIEWSTYLE, 0, + LVS_EX_FULLROWSELECT|LVS_EX_HEADERDRAGDROP|LVS_EX_TWOCLICKACTIVATE|LVS_EX_LABELTIP + ); + + memset (&LvCol, 0, sizeof(LvCol)); + LvCol.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; + LvCol.pszText = GetString ("TOKEN_SLOT_ID"); + LvCol.cx = CompensateXDPI (40); + LvCol.fmt = LVCFMT_CENTER; + SendMessage (tokenListControl, LVM_INSERTCOLUMNW, 1, (LPARAM)&LvCol); + + LvCol.pszText = GetString ("TOKEN_NAME"); + LvCol.cx = CompensateXDPI (128); + LvCol.fmt = LVCFMT_LEFT; + SendMessage (tokenListControl, LVM_INSERTCOLUMNW, 2, (LPARAM)&LvCol); + + LvCol.pszText = GetString ("TOKEN_DATA_OBJECT_LABEL"); + LvCol.cx = CompensateXDPI (195); + LvCol.fmt = LVCFMT_LEFT; + SendMessage (tokenListControl, LVM_INSERTCOLUMNW, 3, (LPARAM)&LvCol); + + keyfiles.clear(); + + try + { + WaitCursor(); + finally_do ({ NormalCursor(); }); + + keyfiles = SecurityToken::GetAvailableKeyfiles(); + } + catch (UserAbort&) + { + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + catch (Exception &e) + { + e.Show (hwndDlg); + + if (keyfiles.empty()) + { + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + } + + SecurityTokenKeyfileDlgFillList (hwndDlg, keyfiles); + return 1; + } + + case WM_COMMAND: + case WM_NOTIFY: + if (msg == WM_COMMAND && lw == IDOK || msg == WM_NOTIFY && ((NMHDR *)lParam)->code == LVN_ITEMACTIVATE) + { + if (selectedTokenKeyfiles) + { + foreach (const SecurityTokenKeyfile &keyfile, SecurityTokenKeyfileDlgGetSelected (hwndDlg, keyfiles)) + { + selectedTokenKeyfiles->push_back (SecurityTokenKeyfilePath (keyfile)); + } + } + + EndDialog (hwndDlg, IDOK); + return 1; + } + + if (msg == WM_NOTIFY && ((LPNMHDR) lParam)->code == LVN_ITEMCHANGED) + { + BOOL selected = (ListView_GetNextItem (GetDlgItem (hwndDlg, IDC_TOKEN_FILE_LIST), -1, LVIS_SELECTED) != -1); + EnableWindow (GetDlgItem (hwndDlg, IDC_EXPORT), selected); + EnableWindow (GetDlgItem (hwndDlg, IDC_DELETE), selected); + return 1; + } + + if (msg == WM_COMMAND) + { + switch (lw) + { + case IDCANCEL: + EndDialog (hwndDlg, IDCANCEL); + return 1; + + case IDC_IMPORT_KEYFILE: + { + wchar_t keyfilePath[TC_MAX_PATH]; + + if (BrowseFiles (hwndDlg, "SELECT_KEYFILE", keyfilePath, bHistory, FALSE, NULL)) + { + DWORD keyfileSize; + byte *keyfileData = (byte *) LoadFile (keyfilePath, &keyfileSize); + if (!keyfileData) + { + handleWin32Error (hwndDlg, SRC_POS); + return 1; + } + + if (keyfileSize != 0) + { + NewSecurityTokenKeyfileDlgProcParams newParams; + newParams.Name = WideToUtf8String (keyfilePath); + + size_t lastBackSlash = newParams.Name.find_last_of ('\\'); + if (lastBackSlash != string::npos) + newParams.Name = newParams.Name.substr (lastBackSlash + 1); + + if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_NEW_TOKEN_KEYFILE), hwndDlg, (DLGPROC) NewSecurityTokenKeyfileDlgProc, (LPARAM) &newParams) == IDOK) + { + vector keyfileDataVector (keyfileSize); + memcpy (&keyfileDataVector.front(), keyfileData, keyfileSize); + + try + { + WaitCursor(); + finally_do ({ NormalCursor(); }); + + SecurityToken::CreateKeyfile (newParams.SlotId, keyfileDataVector, newParams.Name); + + keyfiles = SecurityToken::GetAvailableKeyfiles(); + SecurityTokenKeyfileDlgFillList (hwndDlg, keyfiles); + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + + burn (&keyfileDataVector.front(), keyfileSize); + } + } + else + { + SetLastError (ERROR_HANDLE_EOF); + handleWin32Error (hwndDlg, SRC_POS); + } + + burn (keyfileData, keyfileSize); + TCfree (keyfileData); + } + + return 1; + } + + case IDC_EXPORT: + { + try + { + foreach (const SecurityTokenKeyfile &keyfile, SecurityTokenKeyfileDlgGetSelected (hwndDlg, keyfiles)) + { + wchar_t keyfilePath[TC_MAX_PATH]; + + if (!BrowseFiles (hwndDlg, "OPEN_TITLE", keyfilePath, bHistory, TRUE, NULL)) + break; + + { + WaitCursor(); + finally_do ({ NormalCursor(); }); + + vector keyfileData; + + SecurityToken::GetKeyfileData (keyfile, keyfileData); + + if (keyfileData.empty()) + { + SetLastError (ERROR_HANDLE_EOF); + handleWin32Error (hwndDlg, SRC_POS); + return 1; + } + + finally_do_arg (vector *, &keyfileData, { burn (&finally_arg->front(), finally_arg->size()); }); + + if (!SaveBufferToFile ((char *) &keyfileData.front(), keyfilePath, (DWORD) keyfileData.size(), FALSE, FALSE)) + throw SystemException (SRC_POS); + } + + Info ("KEYFILE_EXPORTED", hwndDlg); + } + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + + return 1; + } + + case IDC_DELETE: + { + if (AskNoYes ("CONFIRM_SEL_FILES_DELETE", hwndDlg) == IDNO) + return 1; + + try + { + WaitCursor(); + finally_do ({ NormalCursor(); }); + + foreach (const SecurityTokenKeyfile &keyfile, SecurityTokenKeyfileDlgGetSelected (hwndDlg, keyfiles)) + { + SecurityToken::DeleteKeyfile (keyfile); + } + + keyfiles = SecurityToken::GetAvailableKeyfiles(); + SecurityTokenKeyfileDlgFillList (hwndDlg, keyfiles); + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + + return 1; + } + } + } + return 0; + } + return 0; +} + + +BOOL InitSecurityTokenLibrary (HWND hwndDlg) +{ + if (SecurityTokenLibraryPath[0] == 0) + { + Error ("NO_PKCS11_MODULE_SPECIFIED", hwndDlg); + return FALSE; + } + + struct PinRequestHandler : public GetPinFunctor + { + HWND m_hwnd; + PinRequestHandler(HWND hwnd) : m_hwnd(hwnd) {} + virtual void operator() (string &str) + { + HWND hParent = IsWindow (m_hwnd)? m_hwnd : GetActiveWindow(); + if (!hParent) + hParent = GetForegroundWindow (); + if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_TOKEN_PASSWORD), hParent, (DLGPROC) SecurityTokenPasswordDlgProc, (LPARAM) &str) == IDCANCEL) + throw UserAbort (SRC_POS); + + if (hCursor != NULL) + SetCursor (hCursor); + } + }; + + struct WarningHandler : public SendExceptionFunctor + { + HWND m_hwnd; + WarningHandler(HWND hwnd) : m_hwnd(hwnd) {} + virtual void operator() (const Exception &e) + { + HWND hParent = IsWindow (m_hwnd)? m_hwnd : GetActiveWindow(); + if (!hParent) + hParent = GetForegroundWindow (); + e.Show (hParent); + } + }; + + try + { + SecurityToken::InitLibrary (SecurityTokenLibraryPath, auto_ptr (new PinRequestHandler(MainDlg)), auto_ptr (new WarningHandler(MainDlg))); + } + catch (Exception &e) + { + e.Show (hwndDlg); + Error ("PKCS11_MODULE_INIT_FAILED", hwndDlg); + return FALSE; + } + + return TRUE; +} + +#endif // !SETUP + +std::vector GetAvailableHostDevices (bool noDeviceProperties, bool singleList, bool noFloppy, bool detectUnencryptedFilesystems) +{ + vector devices; + size_t dev0; + + for (int devNumber = 0; devNumber < MAX_HOST_DRIVE_NUMBER; devNumber++) + { + for (int partNumber = 0; partNumber < MAX_HOST_PARTITION_NUMBER; partNumber++) + { + wstringstream strm; + strm << L"\\Device\\Harddisk" << devNumber << L"\\Partition" << partNumber; + wstring devPathStr (strm.str()); + const wchar_t *devPath = devPathStr.c_str(); + + OPEN_TEST_STRUCT openTest = {0}; + if (!OpenDevice (devPath, &openTest, detectUnencryptedFilesystems && partNumber != 0, FALSE, NULL)) + { + if (partNumber == 0) + break; + + continue; + } + + HostDevice device; + device.SystemNumber = devNumber; + device.Path = devPath; + + PARTITION_INFORMATION partInfo; + + if (GetPartitionInfo (devPath, &partInfo)) + { + device.Bootable = partInfo.BootIndicator ? true : false; + device.Size = partInfo.PartitionLength.QuadPart; + } + else + { + // retrieve size using DISK_GEOMETRY + DISK_GEOMETRY deviceGeometry = {0}; + if ( GetDriveGeometry (devPath, &deviceGeometry) + || ((partNumber == 0) && GetPhysicalDriveGeometry (devNumber, &deviceGeometry)) + ) + { + device.Size = deviceGeometry.Cylinders.QuadPart * (LONGLONG) deviceGeometry.BytesPerSector + * (LONGLONG) deviceGeometry.SectorsPerTrack * (LONGLONG) deviceGeometry.TracksPerCylinder; + } + } + + device.HasUnencryptedFilesystem = (detectUnencryptedFilesystems && openTest.FilesystemDetected) ? true : false; + + if (!noDeviceProperties) + { + DISK_GEOMETRY geometry; + + int driveNumber = GetDiskDeviceDriveLetter ((wchar_t *) devPathStr.c_str()); + + if (driveNumber >= 0) + { + device.MountPoint += (wchar_t) (driveNumber + L'A'); + device.MountPoint += L":"; + + wchar_t name[64]; + if (GetDriveLabel (driveNumber, name, sizeof (name))) + device.Name = name; + + if (GetSystemDriveLetter() == L'A' + driveNumber) + device.ContainsSystem = true; + } + + if (partNumber == 0 && GetDriveGeometry (devPath, &geometry)) + device.Removable = (geometry.MediaType == RemovableMedia); + } + + if (partNumber == 0) + { + devices.push_back (device); + dev0 = devices.size() - 1; + } + else + { + // System creates a virtual partition1 for some storage devices without + // partition table. We try to detect this case by comparing sizes of + // partition0 and partition1. If they match, no partition of the device + // is displayed to the user to avoid confusion. Drive letter assigned by + // system to partition1 is assigned partition0 + if (partNumber == 1 && devices[dev0].Size == device.Size) + { + devices[dev0].IsVirtualPartition = true; + devices[dev0].MountPoint = device.MountPoint; + devices[dev0].Name = device.Name; + devices[dev0].Path = device.Path; + devices[dev0].HasUnencryptedFilesystem = device.HasUnencryptedFilesystem; + break; + } + + device.IsPartition = true; + device.SystemNumber = partNumber; + device.Removable = devices[dev0].Removable; + + if (device.ContainsSystem) + devices[dev0].ContainsSystem = true; + + if (singleList) + devices.push_back (device); + + devices[dev0].Partitions.push_back (device); + } + } + } + + // Vista does not create partition links for dynamic volumes so it is necessary to scan \\Device\\HarddiskVolumeX devices + if (CurrentOSMajor >= 6) + { + for (int devNumber = 0; devNumber < 256; devNumber++) + { + wstringstream strm; + strm << L"\\Device\\HarddiskVolume" << devNumber; + wstring devPathStr (strm.str()); + const wchar_t *devPath = devPathStr.c_str(); + + OPEN_TEST_STRUCT openTest = {0}; + if (!OpenDevice (devPath, &openTest, detectUnencryptedFilesystems, FALSE, NULL)) + continue; + + DISK_PARTITION_INFO_STRUCT info; + if (GetDeviceInfo (devPath, &info) && info.IsDynamic) + { + HostDevice device; + device.DynamicVolume = true; + device.IsPartition = true; + device.SystemNumber = devNumber; + device.Path = devPath; + device.Size = info.partInfo.PartitionLength.QuadPart; + device.HasUnencryptedFilesystem = (detectUnencryptedFilesystems && openTest.FilesystemDetected) ? true : false; + + if (!noDeviceProperties) + { + int driveNumber = GetDiskDeviceDriveLetter ((wchar_t *) devPathStr.c_str()); + + if (driveNumber >= 0) + { + device.MountPoint += (wchar_t) (driveNumber + L'A'); + device.MountPoint += L":"; + + wchar_t name[64]; + if (GetDriveLabel (driveNumber, name, sizeof (name))) + device.Name = name; + + if (GetSystemDriveLetter() == L'A' + driveNumber) + device.ContainsSystem = true; + } + } + + devices.push_back (device); + } + } + } + + return devices; +} + +wstring FindDeviceByVolumeID (const BYTE volumeID [VOLUME_ID_SIZE]) +{ + /* if it is already mounted, get the real path name used for mounting */ + MOUNT_LIST_STRUCT mlist; + DWORD dwResult; + + memset (&mlist, 0, sizeof (mlist)); + DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist, + sizeof (mlist), &mlist, sizeof (mlist), &dwResult, + NULL); + + for (int i=0 ; i < 26; i++) + { + if (0 == memcmp (mlist.volumeID[i], volumeID, VOLUME_ID_SIZE)) + return mlist.wszVolume[i]; + } + + /* not mounted. Look for it in the local drives*/ + for (int devNumber = 0; devNumber < MAX_HOST_DRIVE_NUMBER; devNumber++) + { + for (int partNumber = 0; partNumber < MAX_HOST_PARTITION_NUMBER; partNumber++) + { + wstringstream strm; + strm << L"\\Device\\Harddisk" << devNumber << L"\\Partition" << partNumber; + wstring devPathStr (strm.str()); + const wchar_t *devPath = devPathStr.c_str(); + + OPEN_TEST_STRUCT openTest = {0}; + if (!OpenDevice (devPath, &openTest, FALSE, TRUE, volumeID)) + { + continue; + } + + if (openTest.VolumeIDMatched) + return devPath; + } + } + + return L""; +} + +BOOL FileHasReadOnlyAttribute (const wchar_t *path) +{ + DWORD attributes = GetFileAttributes (path); + return attributes != INVALID_FILE_ATTRIBUTES && (attributes & FILE_ATTRIBUTE_READONLY) != 0; +} + + +BOOL IsFileOnReadOnlyFilesystem (const wchar_t *path) +{ + wchar_t root[MAX_PATH]; + if (!GetVolumePathName (path, root, ARRAYSIZE (root))) + return FALSE; + + DWORD flags, d; + if (!GetVolumeInformation (root, NULL, 0, NULL, &d, &flags, NULL, 0)) + return FALSE; + + return (flags & FILE_READ_ONLY_VOLUME) ? TRUE : FALSE; +} + + +void CheckFilesystem (HWND hwndDlg, int driveNo, BOOL fixErrors) +{ + wchar_t msg[1024], param[1024], cmdPath[MAX_PATH]; + wchar_t driveRoot[] = { L'A' + (wchar_t) driveNo, L':', 0 }; + + if (fixErrors && AskWarnYesNo ("FILESYS_REPAIR_CONFIRM_BACKUP", hwndDlg) == IDNO) + return; + + StringCbPrintfW (msg, sizeof(msg), GetString (fixErrors ? "REPAIRING_FS" : "CHECKING_FS"), driveRoot); + StringCbPrintfW (param, sizeof(param), fixErrors ? L"/C echo %s & chkdsk %s /F /X & pause" : L"/C echo %s & chkdsk %s & pause", msg, driveRoot); + + if (GetSystemDirectoryW(cmdPath, MAX_PATH)) + { + StringCbCatW(cmdPath, sizeof(cmdPath), L"\\cmd.exe"); + } + else + StringCbCopyW(cmdPath, sizeof(cmdPath), L"C:\\Windows\\System32\\cmd.exe"); + + ShellExecuteW (NULL, (!IsAdmin() && IsUacSupported()) ? L"runas" : L"open", cmdPath, param, NULL, SW_SHOW); +} + + +BOOL BufferContainsString (const byte *buffer, size_t bufferSize, const char *str) +{ + size_t strLen = strlen (str); + + if (bufferSize < strLen) + return FALSE; + + bufferSize -= strLen; + + for (size_t i = 0; i < bufferSize; ++i) + { + if (memcmp (buffer + i, str, strLen) == 0) + return TRUE; + } + + return FALSE; +} + + +#ifndef SETUP + +int AskNonSysInPlaceEncryptionResume (HWND hwndDlg, BOOL *pbDecrypt) +{ + if (AskWarnYesNo ("NONSYS_INPLACE_ENC_RESUME_PROMPT", hwndDlg) == IDYES) + { + char *tmpStr[] = {0, + "CHOOSE_ENCRYPT_OR_DECRYPT", + "ENCRYPT", + "DECRYPT", + "IDCANCEL", + 0}; + + switch (AskMultiChoice ((void **) tmpStr, FALSE, hwndDlg)) + { + case 1: + *pbDecrypt = FALSE; + return IDYES; + case 2: + *pbDecrypt = TRUE; + return IDYES; + default: + break; + } + } + + char *multiChoiceStr[] = { 0, "ASK_NONSYS_INPLACE_ENC_NOTIFICATION_REMOVAL", "DO_NOT_PROMPT_ME", "KEEP_PROMPTING_ME", 0 }; + + switch (AskMultiChoice ((void **) multiChoiceStr, FALSE, hwndDlg)) + { + case 1: + RemoveNonSysInPlaceEncNotifications(); + Warning ("NONSYS_INPLACE_ENC_NOTIFICATION_REMOVAL_NOTE", hwndDlg); + break; + + default: + // NOP + break; + } + + return IDNO; +} + +#endif // !SETUP + + +BOOL RemoveDeviceWriteProtection (HWND hwndDlg, wchar_t *devicePath) +{ + int driveNumber; + int partitionNumber; + + wchar_t temp[MAX_PATH*2]; + wchar_t cmdBatch[MAX_PATH*2]; + wchar_t diskpartScript[MAX_PATH*2]; + + if (swscanf (devicePath, L"\\Device\\Harddisk%d\\Partition%d", &driveNumber, &partitionNumber) != 2) + return FALSE; + + if (GetTempPath (ARRAYSIZE (temp), temp) == 0) + return FALSE; + + StringCbPrintfW (cmdBatch, sizeof (cmdBatch), L"%s\\VeraCrypt_Write_Protection_Removal.cmd", temp); + StringCbPrintfW (diskpartScript, sizeof (diskpartScript), L"%s\\VeraCrypt_Write_Protection_Removal.diskpart", temp); + + FILE *f = _wfopen (cmdBatch, L"w"); + if (!f) + { + handleWin32Error (hwndDlg, SRC_POS); + return FALSE; + } + + fwprintf (f, L"@diskpart /s \"%s\"\n@pause\n@del \"%s\" \"%s\"", diskpartScript, diskpartScript, cmdBatch); + + CheckFileStreamWriteErrors (hwndDlg, f, cmdBatch); + fclose (f); + + f = _wfopen (diskpartScript, L"w"); + if (!f) + { + handleWin32Error (hwndDlg, SRC_POS); + DeleteFile (cmdBatch); + return FALSE; + } + + fwprintf (f, L"select disk %d\nattributes disk clear readonly\n", driveNumber); + + if (partitionNumber != 0) + fwprintf (f, L"select partition %d\nattributes volume clear readonly\n", partitionNumber); + + fwprintf (f, L"exit\n"); + + CheckFileStreamWriteErrors (hwndDlg, f, diskpartScript); + fclose (f); + + ShellExecute (NULL, (!IsAdmin() && IsUacSupported()) ? L"runas" : L"open", cmdBatch, NULL, NULL, SW_SHOW); + + return TRUE; +} + + +static LRESULT CALLBACK EnableElevatedCursorChangeWndProc (HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam) +{ + return DefWindowProcW (hWnd, message, wParam, lParam); +} + + +void EnableElevatedCursorChange (HWND parent) +{ + // Create a transparent window to work around a UAC issue preventing change of the cursor + if (UacElevated) + { + const wchar_t *className = L"VeraCryptEnableElevatedCursorChange"; + WNDCLASSEXW winClass; + HWND hWnd; + + memset (&winClass, 0, sizeof (winClass)); + winClass.cbSize = sizeof (WNDCLASSEX); + winClass.lpfnWndProc = (WNDPROC) EnableElevatedCursorChangeWndProc; + winClass.hInstance = hInst; + winClass.lpszClassName = className; + RegisterClassExW (&winClass); + + hWnd = CreateWindowExW (WS_EX_TOOLWINDOW | WS_EX_LAYERED, className, L"VeraCrypt UAC", 0, 0, 0, GetSystemMetrics (SM_CXSCREEN), GetSystemMetrics (SM_CYSCREEN), parent, NULL, hInst, NULL); + if (hWnd) + { + SetLayeredWindowAttributes (hWnd, 0, 1, LWA_ALPHA); + ShowWindow (hWnd, SW_SHOWNORMAL); + + DestroyWindow (hWnd); + } + UnregisterClassW (className, hInst); + } +} + + +BOOL DisableFileCompression (HANDLE file) +{ + USHORT format; + DWORD bytesOut; + + if (!DeviceIoControl (file, FSCTL_GET_COMPRESSION, NULL, 0, &format, sizeof (format), &bytesOut, NULL)) + return FALSE; + + if (format == COMPRESSION_FORMAT_NONE) + return TRUE; + + format = COMPRESSION_FORMAT_NONE; + return DeviceIoControl (file, FSCTL_SET_COMPRESSION, &format, sizeof (format), NULL, 0, &bytesOut, NULL); +} + + +BOOL VolumePathExists (const wchar_t *volumePath) +{ + OPEN_TEST_STRUCT openTest = {0}; + wchar_t upperCasePath[TC_MAX_PATH + 1]; + + UpperCaseCopy (upperCasePath, sizeof(upperCasePath), volumePath); + + if (wcsstr (upperCasePath, L"\\DEVICE\\") == upperCasePath) + return OpenDevice (volumePath, &openTest, FALSE, FALSE, NULL); + + wstring path = volumePath; + if (path.find (L"\\\\?\\Volume{") == 0 && path.rfind (L"}\\") == path.size() - 2) + { + wchar_t devicePath[TC_MAX_PATH]; + if (QueryDosDevice (path.substr (4, path.size() - 5).c_str(), devicePath, TC_MAX_PATH) != 0) + return TRUE; + } + + if (_waccess (volumePath, 0) == 0) + return TRUE; + else + { + DWORD dwResult = GetLastError (); + if (dwResult == ERROR_SHARING_VIOLATION) + return TRUE; + else + return FALSE; + } +} + + +BOOL IsWindowsIsoBurnerAvailable () +{ + wchar_t path[MAX_PATH*2] = { 0 }; + + if (!IsOSAtLeast (WIN_7)) + { + return FALSE; + } + + if (SUCCEEDED(SHGetFolderPath (NULL, CSIDL_SYSTEM, NULL, 0, path))) + { + StringCbCatW (path, MAX_PATH*2, L"\\" ISO_BURNER_TOOL); + + return (FileExists (path)); + } + + return FALSE; +} + + +BOOL LaunchWindowsIsoBurner (HWND hwnd, const wchar_t *isoPath) +{ + wchar_t path[MAX_PATH*2] = { 0 }; + int r; + + if (SUCCEEDED(SHGetFolderPath (NULL, CSIDL_SYSTEM, NULL, 0, path))) + StringCbCatW (path, MAX_PATH*2, L"\\" ISO_BURNER_TOOL); + else + StringCbCopyW (path, MAX_PATH*2, L"C:\\Windows\\System32\\" ISO_BURNER_TOOL); + + r = (int) ShellExecute (hwnd, L"open", path, (wstring (L"\"") + isoPath + L"\"").c_str(), NULL, SW_SHOWNORMAL); + + if (r <= 32) + { + SetLastError (r); + handleWin32Error (hwnd, SRC_POS); + + return FALSE; + } + + return TRUE; +} + + +std::wstring VolumeGuidPathToDevicePath (std::wstring volumeGuidPath) +{ + if (volumeGuidPath.find (L"\\\\?\\") == 0) + volumeGuidPath = volumeGuidPath.substr (4); + + if (volumeGuidPath.find (L"Volume{") != 0 || volumeGuidPath.rfind (L"}\\") != volumeGuidPath.size() - 2) + return wstring(); + + wchar_t volDevPath[TC_MAX_PATH]; + if (QueryDosDevice (volumeGuidPath.substr (0, volumeGuidPath.size() - 1).c_str(), volDevPath, TC_MAX_PATH) == 0) + return wstring(); + + wstring partitionPath = HarddiskVolumePathToPartitionPath (volDevPath); + + return partitionPath.empty() ? volDevPath : partitionPath; +} + + +std::wstring HarddiskVolumePathToPartitionPath (const std::wstring &harddiskVolumePath) +{ + for (int driveNumber = 0; driveNumber < MAX_HOST_DRIVE_NUMBER; driveNumber++) + { + for (int partNumber = 0; partNumber < MAX_HOST_PARTITION_NUMBER; partNumber++) + { + wchar_t partitionPath[TC_MAX_PATH]; + StringCchPrintfW (partitionPath, ARRAYSIZE (partitionPath), L"\\Device\\Harddisk%d\\Partition%d", driveNumber, partNumber); + + wchar_t resolvedPath[TC_MAX_PATH]; + if (ResolveSymbolicLink (partitionPath, resolvedPath, sizeof(resolvedPath))) + { + if (harddiskVolumePath == resolvedPath) + return partitionPath; + } + else if (partNumber == 0) + break; + } + } + + return wstring(); +} + + +BOOL IsApplicationInstalled (const wchar_t *appName, BOOL b32bitApp) +{ + const wchar_t *uninstallRegName = L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall"; + BOOL installed = FALSE; + HKEY unistallKey; + LONG res = RegOpenKeyEx (HKEY_LOCAL_MACHINE, uninstallRegName, 0, KEY_READ | (b32bitApp? KEY_WOW64_32KEY: KEY_WOW64_64KEY), &unistallKey); + if (res != ERROR_SUCCESS) + { + SetLastError (res); + return FALSE; + } + + wchar_t regName[1024]; + DWORD regNameSize = sizeof (regName); + DWORD index = 0; + while (RegEnumKeyEx (unistallKey, index++, regName, ®NameSize, NULL, NULL, NULL, NULL) == ERROR_SUCCESS) + { + if (wcsstr (regName, L"{") == regName) + { + regNameSize = sizeof (regName); + if (!ReadLocalMachineRegistryStringNonReflected ((wstring (uninstallRegName) + L"\\" + regName).c_str(), L"DisplayName", regName, ®NameSize, b32bitApp)) + regName[0] = 0; + } + + if (_wcsicmp (regName, appName) == 0) + { + installed = TRUE; + break; + } + + regNameSize = sizeof (regName); + } + + RegCloseKey (unistallKey); + return installed; +} + + +std::wstring FindLatestFileOrDirectory (const std::wstring &directory, const wchar_t *namePattern, bool findDirectory, bool findFile) +{ + wstring name; + ULARGE_INTEGER latestTime; + latestTime.QuadPart = 0; + WIN32_FIND_DATA findData; + + HANDLE find = FindFirstFile ((directory + L"\\" + namePattern).c_str(), &findData); + if (find != INVALID_HANDLE_VALUE) + { + do + { + if (wcscmp (findData.cFileName, L".") == 0 || wcscmp (findData.cFileName, L"..") == 0) + continue; + + ULARGE_INTEGER writeTime; + writeTime.LowPart = findData.ftLastWriteTime.dwLowDateTime; + writeTime.HighPart = findData.ftLastWriteTime.dwHighDateTime; + + if ((!findFile && !(findData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)) + || (!findDirectory && (findData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY))) + continue; + + if (latestTime.QuadPart < writeTime.QuadPart) + { + latestTime = writeTime; + name = findData.cFileName; + } + } + while (FindNextFile (find, &findData)); + + FindClose (find); + } + + if (name.empty()) + return name; + + return wstring (directory) + L"\\" + name; +} + +int GetPim (HWND hwndDlg, UINT ctrlId) +{ + int pim = 0; + HWND hCtrl = GetDlgItem (hwndDlg, ctrlId); + if (IsWindowEnabled (hCtrl) && IsWindowVisible (hCtrl)) + { + wchar_t szTmp[MAX_PIM + 1] = {0}; + if (GetDlgItemText (hwndDlg, ctrlId, szTmp, MAX_PIM + 1) > 0) + { + wchar_t* endPtr = NULL; + pim = wcstol(szTmp, &endPtr, 10); + if (pim < 0 || endPtr == szTmp || !endPtr || *endPtr != L'\0') + pim = 0; + } + } + return pim; +} + +void SetPim (HWND hwndDlg, UINT ctrlId, int pim) +{ + if (pim > 0) + { + wchar_t szTmp[MAX_PIM + 1]; + StringCbPrintfW (szTmp, sizeof(szTmp), L"%d", pim); + SetDlgItemText (hwndDlg, ctrlId, szTmp); + } + else + SetDlgItemText (hwndDlg, ctrlId, L""); +} + +BOOL GetPassword (HWND hwndDlg, UINT ctrlID, char* passValue, int bufSize, BOOL bShowError) +{ + wchar_t tmp [MAX_PASSWORD + 1]; + int utf8Len; + BOOL bRet = FALSE; + + GetWindowText (GetDlgItem (hwndDlg, ctrlID), tmp, ARRAYSIZE (tmp)); + utf8Len = WideCharToMultiByte (CP_UTF8, 0, tmp, -1, passValue, bufSize, NULL, NULL); + burn (tmp, sizeof (tmp)); + if (utf8Len > 0) + { + bRet = TRUE; + } + else + { + passValue [0] = 0; + if (bShowError) + { + SetFocus (GetDlgItem(hwndDlg, ctrlID)); + if (GetLastError () == ERROR_INSUFFICIENT_BUFFER) + Error ("PASSWORD_UTF8_TOO_LONG", hwndDlg); + else + Error ("PASSWORD_UTF8_INVALID", hwndDlg); + } + } + + return bRet; +} + +void SetPassword (HWND hwndDlg, UINT ctrlID, char* passValue) +{ + wchar_t tmp [MAX_PASSWORD + 1] = {0}; + MultiByteToWideChar (CP_UTF8, 0, passValue, -1, tmp, MAX_PASSWORD + 1); + SetWindowText ( GetDlgItem (hwndDlg, ctrlID), tmp); + burn (tmp, sizeof (tmp)); +} + +void HandleShowPasswordFieldAction (HWND hwndDlg, UINT checkBoxId, UINT edit1Id, UINT edit2Id) +{ + if ((EditPasswordChar == 0) && GetCheckBox (hwndDlg, checkBoxId)) + { + EditPasswordChar = (WCHAR) SendMessageW (GetDlgItem (hwndDlg, edit1Id), EM_GETPASSWORDCHAR, 0, 0); + } + + SendMessageW (GetDlgItem (hwndDlg, edit1Id), + EM_SETPASSWORDCHAR, + GetCheckBox (hwndDlg, checkBoxId) ? 0 : EditPasswordChar, + 0); + InvalidateRect (GetDlgItem (hwndDlg, edit1Id), NULL, TRUE); + + if (edit2Id) + { + SendMessageW (GetDlgItem (hwndDlg, edit2Id), + EM_SETPASSWORDCHAR, + GetCheckBox (hwndDlg, checkBoxId) ? 0 : EditPasswordChar, + 0); + InvalidateRect (GetDlgItem (hwndDlg, edit2Id), NULL, TRUE); + } +} + +void RegisterDriverInf (bool registerFilter, const string& filter, const string& filterReg, HWND ParentWindow, HKEY regKey) +{ + wstring infFileName = GetTempPathString() + L"\\veracrypt_driver_setup.inf"; + + File infFile (infFileName, false, true); + finally_do_arg (wstring, infFileName, { DeleteFile (finally_arg.c_str()); }); + + string infTxt = "[veracrypt]\r\n" + + string (registerFilter ? "Add" : "Del") + "Reg=veracrypt_reg\r\n\r\n" + "[veracrypt_reg]\r\n" + "HKR,,\"" + filterReg + "\",0x0001" + string (registerFilter ? "0008" : "8002") + ",\"" + filter + "\"\r\n"; + + infFile.Write ((byte *) infTxt.c_str(), (DWORD) infTxt.size()); + infFile.Close(); + + HINF hInf = SetupOpenInfFileWFn (infFileName.c_str(), NULL, INF_STYLE_OLDNT | INF_STYLE_WIN4, NULL); + throw_sys_if (hInf == INVALID_HANDLE_VALUE); + finally_do_arg (HINF, hInf, { SetupCloseInfFileFn (finally_arg); }); + + throw_sys_if (!SetupInstallFromInfSectionWFn (ParentWindow, hInf, L"veracrypt", SPINST_REGISTRY, regKey, NULL, 0, NULL, NULL, NULL, NULL)); +} + +HKEY OpenDeviceClassRegKey (const GUID *deviceClassGuid) +{ + return SetupDiOpenClassRegKeyFn (deviceClassGuid, KEY_READ | KEY_WRITE); +} + +LSTATUS DeleteRegistryKey (HKEY hKey, LPCTSTR keyName) +{ + return SHDeleteKeyWFn(hKey, keyName); +} + +HIMAGELIST CreateImageList(int cx, int cy, UINT flags, int cInitial, int cGrow) +{ + return ImageList_CreateFn(cx, cy, flags, cInitial, cGrow); +} + +int AddBitmapToImageList(HIMAGELIST himl, HBITMAP hbmImage, HBITMAP hbmMask) +{ + return ImageList_AddFn(himl, hbmImage, hbmMask); +} + +HRESULT VCStrDupW(LPCWSTR psz, LPWSTR *ppwsz) +{ + return SHStrDupWFn (psz, ppwsz); +} + + +void ProcessEntropyEstimate (HWND hProgress, DWORD* pdwInitialValue, DWORD dwCounter, DWORD dwMaxLevel, DWORD* pdwEntropy) +{ + /* conservative estimate: 1 mouse move event brings 1 bit of entropy + * https://security.stackexchange.com/questions/32844/for-how-much-time-should-i-randomly-move-the-mouse-for-generating-encryption-key/32848#32848 + */ + if (*pdwEntropy == 0xFFFFFFFF) + { + *pdwInitialValue = dwCounter; + *pdwEntropy = 0; + } + else + { + if ( *pdwEntropy < dwMaxLevel + && (dwCounter >= *pdwInitialValue) + && (dwCounter - *pdwInitialValue) <= dwMaxLevel) + *pdwEntropy = dwCounter - *pdwInitialValue; + else + *pdwEntropy = dwMaxLevel; + + if (IsOSAtLeast (WIN_VISTA)) + { + int state = PBST_ERROR; + if (*pdwEntropy >= (dwMaxLevel/2)) + state = PBST_NORMAL; + else if (*pdwEntropy >= (dwMaxLevel/4)) + state = PBST_PAUSED; + + SendMessage (hProgress, PBM_SETSTATE, state, 0); + } + + SendMessage (hProgress, PBM_SETPOS, + (WPARAM) (*pdwEntropy), + 0); + } +} + +void AllowMessageInUIPI (UINT msg) +{ + if (ChangeWindowMessageFilterFn) + { + ChangeWindowMessageFilterFn (msg, MSGFLT_ADD); + } +} + +BOOL IsRepeatedByteArray (byte value, const byte* buffer, size_t bufferSize) +{ + if (buffer && bufferSize) + { + size_t i; + for (i = 0; i < bufferSize; i++) + { + if (*buffer++ != value) + return FALSE; + } + return TRUE; + } + else + return FALSE; +} + +BOOL TranslateVolumeID (HWND hwndDlg, wchar_t* pathValue, size_t cchPathValue) +{ + BOOL bRet = TRUE; + size_t pathLen = pathValue? wcslen (pathValue) : 0; + if ((pathLen >= 3) && (_wcsnicmp (pathValue, L"ID:", 3) == 0)) + { + std::vector arr; + if ( (pathLen == (3 + 2*VOLUME_ID_SIZE)) + && HexWideStringToArray (pathValue + 3, arr) + && (arr.size() == VOLUME_ID_SIZE) + ) + { + std::wstring devicePath = FindDeviceByVolumeID (&arr[0]); + if (devicePath.length() > 0) + StringCchCopyW (pathValue, cchPathValue, devicePath.c_str()); + else + { + if (!Silent && !MultipleMountOperationInProgress) + Error ("VOLUME_ID_NOT_FOUND", hwndDlg); + SetLastError (ERROR_PATH_NOT_FOUND); + bRet = FALSE; + } + } + else + { + if (!Silent) + Error ("VOLUME_ID_INVALID", hwndDlg); + + SetLastError (ERROR_INVALID_PARAMETER); + bRet = FALSE; + } + } + + return bRet; +} + +BOOL CopyTextToClipboard (LPCWSTR txtValue) +{ + size_t txtLen = wcslen(txtValue); + HGLOBAL hdst; + LPWSTR dst; + BOOL bRet = FALSE; + + // Allocate string for cwd + hdst = GlobalAlloc(GMEM_MOVEABLE, (txtLen + 1) * sizeof(WCHAR)); + if (hdst) + { + dst = (LPWSTR)GlobalLock(hdst); + wmemcpy(dst, txtValue, txtLen + 1); + GlobalUnlock(hdst); + + if (OpenClipboard(NULL)) + { + EmptyClipboard(); + SetClipboardData(CF_UNICODETEXT, hdst); + CloseClipboard(); + } + } + + return bRet; +} diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h index cf9239e0..dd6eb801 100644 --- a/src/Common/Dlgcode.h +++ b/src/Common/Dlgcode.h @@ -1,593 +1,593 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifndef TC_HEADER_DLGCODE -#define TC_HEADER_DLGCODE - -#include "Common.h" -#include "Apidrvr.h" -#include "Keyfiles.h" -#include "Wipe.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/* IDs for dynamically generated GUI elements */ -enum dynamic_gui_element_ids -{ - IDPM_CHECK_FILESYS = 500001, - IDPM_REPAIR_FILESYS, - IDPM_OPEN_VOLUME, - IDPM_SELECT_FILE_AND_MOUNT, - IDPM_SELECT_DEVICE_AND_MOUNT, - IDPM_ADD_TO_FAVORITES, - IDPM_ADD_TO_SYSTEM_FAVORITES, - IDM_SHOW_HIDE, - IDM_HOMEPAGE_SYSTRAY, - IDPM_COPY_VALUE_TO_CLIPBOARD -}; - -enum -{ - TC_TBXID_LEGAL_NOTICES, - TC_TBXID_SYS_ENCRYPTION_PRETEST, - TC_TBXID_SYS_ENC_RESCUE_DISK, - TC_TBXID_DECOY_OS_INSTRUCTIONS, - TC_TBXID_EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS -}; - -#define TC_APPLICATION_ID L"IDRIX.VeraCrypt" - -#define TC_MUTEX_NAME_SYSENC L"Global\\VeraCrypt System Encryption Wizard" -#define TC_MUTEX_NAME_NONSYS_INPLACE_ENC L"Global\\VeraCrypt In-Place Encryption Wizard" -#define TC_MUTEX_NAME_APP_SETUP L"Global\\VeraCrypt Setup" -#define TC_MUTEX_NAME_DRIVER_SETUP L"Global\\VeraCrypt Driver Setup" - -#define IDC_ABOUT 0x7fff /* ID for AboutBox on system menu in wm_user range */ - -#define EXCL_ACCESS_MAX_AUTO_RETRIES 500 -#define EXCL_ACCESS_AUTO_RETRY_DELAY 10 - -#define UNMOUNT_MAX_AUTO_RETRIES 30 -#define UNMOUNT_AUTO_RETRY_DELAY 50 - -// After the user receives the "Incorrect password" error this number of times in a row, we should automatically -// try using the embedded header backup (if any). This ensures that the "Incorrect password" message is reported faster -// initially (most such errors are really caused by supplying an incorrect password, not by header corruption). -#define TC_TRY_HEADER_BAK_AFTER_NBR_WRONG_PWD_TRIES 2 - -#define MAX_MULTI_CHOICES 10 /* Maximum number of options for mutliple-choice dialog */ - -#define TC_APPD_FILENAME_CONFIGURATION L"Configuration.xml" -#define TC_APPD_FILENAME_SYSTEM_ENCRYPTION L"System Encryption.xml" -#define TC_APPD_FILENAME_DEFAULT_KEYFILES L"Default Keyfiles.xml" -#define TC_APPD_FILENAME_HISTORY L"History.xml" -#define TC_APPD_FILENAME_FAVORITE_VOLUMES L"Favorite Volumes.xml" -#define TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES _T(TC_APP_NAME) L" System Favorite Volumes.xml" -#define TC_APPD_FILENAME_NONSYS_INPLACE_ENC L"In-Place Encryption" -#define TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE L"In-Place Encryption Wipe Algo" -#define TC_APPD_FILENAME_POST_INSTALL_TASK_TUTORIAL L"Post-Install Task - Tutorial" -#define TC_APPD_FILENAME_POST_INSTALL_TASK_RELEASE_NOTES L"Post-Install Task - Release Notes" - -#define VC_FILENAME_RENAMED_SUFFIX L"_old" - -#ifndef USER_DEFAULT_SCREEN_DPI -#define USER_DEFAULT_SCREEN_DPI 96 -#endif - -#if (USER_DEFAULT_SCREEN_DPI != 96) -# error Revision of GUI and graphics necessary, since everything assumes default screen DPI as 96 (note that 96 is the default on Windows 2000, XP, and Vista). -#endif - -enum -{ - TC_POST_INSTALL_CFG_REMOVE_ALL = 0, - TC_POST_INSTALL_CFG_TUTORIAL, - TC_POST_INSTALL_CFG_RELEASE_NOTES -}; - -extern char *LastDialogId; -extern char *ConfigBuffer; -extern wchar_t szHelpFile[TC_MAX_PATH]; -extern wchar_t szHelpFile2[TC_MAX_PATH]; -extern wchar_t SecurityTokenLibraryPath[TC_MAX_PATH]; -extern HFONT hFixedDigitFont; -extern HFONT hBoldFont; -extern HFONT hTitleFont; -extern HFONT hFixedFont; -extern HFONT hUserFont; -extern HFONT hUserUnderlineFont; -extern HFONT hUserBoldFont; -extern HFONT WindowTitleBarFont; -extern int ScreenDPI; -extern double DlgAspectRatio; -extern HWND MainDlg; -extern BOOL Silent; -extern BOOL bHistory; -extern BOOL bPreserveTimestamp; -extern BOOL bShowDisconnectedNetworkDrives; -extern BOOL bHideWaitingDialog; -extern BOOL bCmdHideWaitingDialog; -extern BOOL bCmdHideWaitingDialogValid; -extern BOOL bStartOnLogon; -extern BOOL bMountDevicesOnLogon; -extern BOOL bMountFavoritesOnLogon; -extern int HiddenSectorDetectionStatus; -extern wchar_t *lpszTitle; -extern OSVersionEnum nCurrentOS; -extern int CurrentOSMajor; -extern int CurrentOSMinor; -extern int CurrentOSServicePack; -extern BOOL RemoteSession; -extern HANDLE hDriver; -extern HINSTANCE hInst; -extern int SystemEncryptionStatus; -extern WipeAlgorithmId nWipeMode; -extern BOOL bSysPartitionSelected; -extern BOOL bSysDriveSelected; - -extern wchar_t SysPartitionDevicePath [TC_MAX_PATH]; -extern wchar_t SysDriveDevicePath [TC_MAX_PATH]; -extern char bCachedSysDevicePathsValid; - -extern BOOL bHyperLinkBeingTracked; -extern BOOL bInPlaceEncNonSysPending; - -extern BOOL PimEnable; -extern BOOL KeyFilesEnable; -extern KeyFile *FirstKeyFile; -extern KeyFilesDlgParam defaultKeyFilesParam; -extern BOOL UacElevated; -extern BOOL IgnoreWmDeviceChange; -extern BOOL DeviceChangeBroadcastDisabled; -extern BOOL LastMountedVolumeDirty; -extern BOOL MountVolumesAsSystemFavorite; -extern BOOL FavoriteMountOnArrivalInProgress; -extern BOOL MultipleMountOperationInProgress; - - -enum tc_app_msg_ids -{ - /* WARNING: Changing these values or their meanings may cause incompatibility with other versions - (for example, if a new version of the TrueCrypt installer needed to shut down this version of - TrueCrypt during upgrade, it could fail or do something unwanted because the signal value would - be incorrect). When adding a new constant, verify that the value is unique within this block and - that it is less than WM_APP+16383. */ - - // Common (inter-app) - TC_APPMSG_CLOSE_BKG_TASK = WM_APP + 4, // Changing this value will prevent smooth upgrades from pre-5.x versions - TC_APPMSG_SYSENC_CONFIG_UPDATE = WM_APP + 101, - TC_APPMSG_TASKBAR_ICON = WM_APP + 102, - TC_APPMSG_LOAD_TEXT_BOX_CONTENT = WM_APP + 103, - // Mount - TC_APPMSG_MOUNT_ENABLE_DISABLE_CONTROLS = WM_APP + 201, - TC_APPMSG_MOUNT_SHOW_WINDOW = WM_APP + 202, - TC_APPMSG_PREBOOT_PASSWORD_MODE = WM_APP + 203, - // Format - TC_APPMSG_VOL_TRANSFORM_THREAD_ENDED = WM_APP + 301, - TC_APPMSG_FORMAT_FINISHED = WM_APP + 302, - TC_APPMSG_FORMAT_USER_QUIT = WM_APP + 303, - TC_APPMSG_PERFORM_POST_WMINIT_TASKS = WM_APP + 304, - TC_APPMSG_PERFORM_POST_SYSENC_WMINIT_TASKS = WM_APP + 305, - TC_APPMSG_NONSYS_INPLACE_ENC_FINISHED = WM_APP + 306, - // Setup - TC_APPMSG_INSTALL_SUCCESS = WM_APP + 401, - TC_APPMSG_UNINSTALL_SUCCESS = WM_APP + 402, - TC_APPMSG_EXTRACTION_SUCCESS = WM_APP + 403, - TC_APPMSG_INSTALL_FAILURE = WM_APP + 404, - TC_APPMSG_UNINSTALL_FAILURE = WM_APP + 405, - TC_APPMSG_EXTRACTION_FAILURE = WM_APP + 406 -}; - -enum system_encryption_status -{ - /* WARNING: As these values are written to config files, if they or their meanings - are changed, incompatiblity with other versions may arise (upgrade, downgrade, etc.). - When adding a new constant, verify that the value is unique within this block. */ - SYSENC_STATUS_NONE = 0, - SYSENC_STATUS_PRETEST = 200, // This may also mean that the OS is to be (or has been) copied to a hidden volume (to create a hidden OS). - SYSENC_STATUS_ENCRYPTING = 400, - SYSENC_STATUS_DECRYPTING = 600 -}; - -enum vol_creation_wizard_modes -{ - WIZARD_MODE_FILE_CONTAINER = 0, - WIZARD_MODE_NONSYS_DEVICE, - WIZARD_MODE_SYS_DEVICE -}; - - -typedef struct -{ - BOOL VolumeIsOpen; - - CRYPTO_INFO *CryptoInfo; - BOOL IsDevice; - HANDLE HostFileHandle; - uint64 HostSize; - - BOOL TimestampsValid; - FILETIME CreationTime; - FILETIME LastWriteTime; - FILETIME LastAccessTime; - -} OpenVolumeContext; - - -#define DEFAULT_VOL_CREATION_WIZARD_MODE WIZARD_MODE_FILE_CONTAINER - -#define ICON_HAND MB_ICONHAND -#define YES_NO MB_YESNO - -#define ISO_BURNER_TOOL L"isoburn.exe" -#define PRINT_TOOL L"notepad.exe" - -void cleanup ( void ); -void LowerCaseCopy ( wchar_t *lpszDest , const wchar_t *lpszSource ); -void UpperCaseCopy ( wchar_t *lpszDest , size_t cbDest, const wchar_t *lpszSource ); -void CreateFullVolumePath ( wchar_t *lpszDiskFile , size_t cbDiskFile, const wchar_t *lpszFileName , BOOL *bDevice ); -int FakeDosNameForDevice ( const wchar_t *lpszDiskFile , wchar_t *lpszDosDevice , size_t cbDosDevice, wchar_t *lpszCFDevice , size_t cbCFDevice, BOOL bNameOnly ); -int RemoveFakeDosName ( wchar_t *lpszDiskFile , wchar_t *lpszDosDevice ); -void AbortProcessDirect ( wchar_t *abortMsg ); -void AbortProcess ( char *stringId ); -void AbortProcessSilent ( void ); -void *err_malloc ( size_t size ); -char *err_strdup ( char *lpszText ); -DWORD handleWin32Error ( HWND hwndDlg, const char* srcPos ); -BOOL IsDiskReadError (DWORD error); -BOOL IsDiskWriteError (DWORD error); -BOOL IsDiskError (DWORD error); -BOOL translateWin32Error ( wchar_t *lpszMsgBuf , int nWSizeOfBuf ); -BOOL CALLBACK AboutDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); -static BOOL CALLBACK StaticModelessWaitDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); -void DisplayStaticModelessWaitDlg (HWND parent); -void CloseStaticModelessWaitDlg (void); -BOOL IsButtonChecked ( HWND hButton ); -void CheckButton ( HWND hButton ); -void LeftPadString (wchar_t *szTmp, int len, int targetLen, wchar_t filler); -void InitDialog ( HWND hwndDlg ); -void ProcessPaintMessages (HWND hwnd, int maxMessagesToProcess); -HDC CreateMemBitmap ( HINSTANCE hInstance , HWND hwnd , wchar_t *resource ); -HBITMAP RenderBitmap ( wchar_t *resource , HWND hwndDest , int x , int y , int nWidth , int nHeight , BOOL bDirectRender , BOOL bKeepAspectRatio); -LRESULT CALLBACK RedTick ( HWND hwnd , UINT uMsg , WPARAM wParam , LPARAM lParam ); -BOOL RegisterRedTick ( HINSTANCE hInstance ); -BOOL UnregisterRedTick ( HINSTANCE hInstance ); -LRESULT CALLBACK SplashDlgProc ( HWND hwnd , UINT uMsg , WPARAM wParam , LPARAM lParam ); -void WaitCursor ( void ); -void NormalCursor ( void ); -void ArrowWaitCursor ( void ); -void HandCursor (); -void AddComboPair (HWND hComboBox, const wchar_t *lpszItem, int value); -void SelectAlgo ( HWND hComboBox , int *nCipher ); -void PopulateWipeModeCombo (HWND hComboBox, BOOL bNA, BOOL bInPlaceEncryption, BOOL bHeaderWipe); -wchar_t *GetWipeModeName (WipeAlgorithmId modeId); -wchar_t *GetPathType (const wchar_t *path, BOOL bUpperCase, BOOL *bIsPartition); -LRESULT CALLBACK CustomDlgProc ( HWND hwnd , UINT uMsg , WPARAM wParam , LPARAM lParam ); -BOOL TCCreateMutex (volatile HANDLE *hMutex, wchar_t *name); -void TCCloseMutex (volatile HANDLE *hMutex); -BOOL MutexExistsOnSystem (wchar_t *name); -BOOL CreateSysEncMutex (void); -BOOL InstanceHasSysEncMutex (void); -void CloseSysEncMutex (void); -BOOL CreateNonSysInplaceEncMutex (void); -BOOL InstanceHasNonSysInplaceEncMutex (void); -void CloseNonSysInplaceEncMutex (void); -BOOL NonSysInplaceEncInProgressElsewhere (void); -BOOL CreateDriverSetupMutex (void); -void CloseDriverSetupMutex (void); -BOOL CreateAppSetupMutex (void); -BOOL InstanceHasAppSetupMutex (void); -void CloseAppSetupMutex (void); -BOOL IsTrueCryptInstallerRunning (void); -uint32 ReadDriverConfigurationFlags (); -uint32 ReadEncryptionThreadPoolFreeCpuCountLimit (); -BOOL LoadSysEncSettings (); -int LoadNonSysInPlaceEncSettings (WipeAlgorithmId *wipeAlgorithm); -void RemoveNonSysInPlaceEncNotifications (void); -void SavePostInstallTasksSettings (int command); -void DoPostInstallTasks (HWND hwndDlg); -void InitOSVersionInfo (); -void InitApp ( HINSTANCE hInstance, wchar_t *lpszCommandLine ); -void FinalizeApp (void); -void InitHelpFileName (void); -BOOL OpenDevice (const wchar_t *lpszPath, OPEN_TEST_STRUCT *driver, BOOL detectFilesystem, BOOL matchVolumeID, const BYTE* pbVolumeID); -void NotifyDriverOfPortableMode (void); -int GetAvailableFixedDisks ( HWND hComboBox , char *lpszRootPath ); -int GetAvailableRemovables ( HWND hComboBox , char *lpszRootPath ); -int IsSystemDevicePath (const wchar_t *path, HWND hwndDlg, BOOL bReliableRequired); -int IsNonSysPartitionOnSysDrive (const wchar_t *path); -BOOL CALLBACK RawDevicesDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); -INT_PTR TextInfoDialogBox (int nID); -BOOL CALLBACK TextInfoDialogBoxDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); -char * GetLegalNotices (); -BOOL CALLBACK BenchmarkDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); -void UserEnrichRandomPool (HWND hwndDlg); -BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); -BOOL CALLBACK MultiChoiceDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam); -int DriverAttach ( void ); -BOOL CALLBACK CipherTestDialogProc ( HWND hwndDlg , UINT uMsg , WPARAM wParam , LPARAM lParam ); -void ResetCipherTest ( HWND hwndDlg , int idTestCipher ); -void ResetCurrentDirectory (); -BOOL BrowseFiles (HWND hwndDlg, char *stringId, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter); -BOOL BrowseDirectories (HWND hWnd, char *lpszTitle, wchar_t *dirName); -void handleError ( HWND hwndDlg , int code, const char* srcPos ); -BOOL CheckFileStreamWriteErrors (HWND hwndDlg, FILE *file, const wchar_t *fileName); -void LocalizeDialog ( HWND hwnd, char *stringId ); -void OpenVolumeExplorerWindow (int driveNo); -static BOOL CALLBACK CloseVolumeExplorerWindowsEnum( HWND hwnd, LPARAM driveNo); -BOOL CloseVolumeExplorerWindows (HWND hwnd, int driveNo); -BOOL UpdateDriveCustomLabel (int driveNo, wchar_t* effectiveLabel, BOOL bSetValue); -BOOL CheckCapsLock (HWND hwnd, BOOL quiet); -BOOL CheckFileExtension (wchar_t *fileName); -void CorrectFileName (wchar_t* fileName); -void IncreaseWrongPwdRetryCount (int count); -void ResetWrongPwdRetryCount (void); -BOOL WrongPwdRetryCountOverLimit (void); -DWORD GetUsedLogicalDrives (void); -int GetFirstAvailableDrive (); -int GetLastAvailableDrive (); -BOOL IsDriveAvailable (int driveNo); -BOOL IsDeviceMounted (wchar_t *deviceName); -int DriverUnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forced); -void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap); -int MountVolume (HWND hwndDlg, int driveNo, wchar_t *volumePath, Password *password, int pkcs5, int pim, BOOL truecryptMode, BOOL cachePassword, BOOL cachePim, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword); -BOOL UnmountVolume (HWND hwndDlg , int nDosDriveNo, BOOL forceUnmount); -BOOL UnmountVolumeAfterFormatExCall (HWND hwndDlg, int nDosDriveNo); -BOOL IsPasswordCacheEmpty (void); -BOOL IsMountedVolumeID (BYTE volumeID[VOLUME_ID_SIZE]); -BOOL IsMountedVolume (const wchar_t *volname); -int GetMountedVolumeDriveNo (wchar_t *volname); -BOOL IsAdmin (void); -BOOL IsBuiltInAdmin (); -BOOL IsUacSupported (); -BOOL ResolveSymbolicLink (const wchar_t *symLinkName, PWSTR targetName, size_t cbTargetName); -int GetDiskDeviceDriveLetter (PWSTR deviceName); -int FileSystemAppearsEmpty (const wchar_t *devicePath); -__int64 GetStatsFreeSpaceOnPartition (const wchar_t *devicePath, float *percent, __int64 *occupiedBytes, BOOL silent); -__int64 GetDeviceSize (const wchar_t *devicePath); -HANDLE DismountDrive (wchar_t *devName, wchar_t *devicePath); -int64 FindString (const char *buf, const char *str, int64 bufLen, int64 strLen, int64 startOffset); -BOOL FileExists (const wchar_t *filePathPtr); -__int64 FindStringInFile (const wchar_t *filePath, const char *str, int strLen); -BOOL TCCopyFile (wchar_t *sourceFileName, wchar_t *destinationFile); -BOOL SaveBufferToFile (const char *inputBuffer, const wchar_t *destinationFile, DWORD inputLength, BOOL bAppend, BOOL bRenameIfFailed); -BOOL TCFlushFile (FILE *f); -BOOL PrintHardCopyTextUTF16 (wchar_t *text, wchar_t *title, size_t byteLen); -void GetSpeedString (unsigned __int64 speed, wchar_t *str, size_t cbStr); -BOOL IsNonInstallMode (); -BOOL DriverUnload (); -LRESULT SetCheckBox (HWND hwndDlg, int dlgItem, BOOL state); -BOOL GetCheckBox (HWND hwndDlg, int dlgItem); -void SetListScrollHPos (HWND hList, int topMostVisibleItem); -void ManageStartupSeq (void); -void ManageStartupSeqWiz (BOOL bRemove, const wchar_t *arg); -void CleanLastVisitedMRU (void); -void ClearHistory (HWND hwndDlgItem); -LRESULT ListItemAdd (HWND list, int index, const wchar_t *string); -LRESULT ListSubItemSet (HWND list, int index, int subIndex, const wchar_t *string); -BOOL GetMountList (MOUNT_LIST_STRUCT *list); -int GetDriverRefCount (); -void GetSizeString (unsigned __int64 size, wchar_t *str, size_t cbStr); -__int64 GetFileSize64 (const wchar_t *path); -BOOL LoadInt16 (const wchar_t *filePath, int *result, __int64 fileOffset); -BOOL LoadInt32 (const wchar_t *filePath, unsigned __int32 *result, __int64 fileOffset); -char *LoadFile (const wchar_t *fileName, DWORD *size); -char *LoadFileBlock (const wchar_t *fileName, __int64 fileOffset, DWORD count); -wchar_t *GetModPath (wchar_t *path, int maxSize); -wchar_t *GetConfigPath (wchar_t *fileName); -wchar_t *GetProgramConfigPath (wchar_t *fileName); -wchar_t GetSystemDriveLetter (void); -void OpenPageHelp (HWND hwndDlg, int nPage); -void TaskBarIconDisplayBalloonTooltip (HWND hwnd, wchar_t *headline, wchar_t *text, BOOL warning); -void InfoBalloon (char *headingStringId, char *textStringId, HWND hwnd); -void InfoBalloonDirect (wchar_t *headingString, wchar_t *textString, HWND hwnd); -void WarningBalloon (char *headingStringId, char *textStringId, HWND hwnd); -void WarningBalloonDirect (wchar_t *headingString, wchar_t *textString, HWND hwnd); -int Info (char *stringId, HWND hwnd); -int InfoTopMost (char *stringId, HWND hwnd); -int InfoDirect (const wchar_t *msg, HWND hwnd); -int Warning (char *stringId, HWND hwnd); -int WarningTopMost (char *stringId, HWND hwnd); -int WarningDirect (const wchar_t *warnMsg, HWND hwnd); -int Error (char *stringId, HWND hwnd); -int ErrorRetryCancel (char *stringId, HWND hwnd); -int ErrorDirect (const wchar_t *errMsg, HWND hwnd); -int ErrorTopMost (char *stringId, HWND hwnd); -int AskYesNo (char *stringId, HWND hwnd); -int AskYesNoString (const wchar_t *str, HWND hwnd); -int AskYesNoTopmost (char *stringId, HWND hwnd); -int AskNoYes (char *stringId, HWND hwnd); -int AskNoYesString (const wchar_t *string, HWND hwnd); -int AskOkCancel (char *stringId, HWND hwnd); -int AskWarnYesNo (char *stringId, HWND hwnd); -int AskWarnYesNoString (const wchar_t *string, HWND hwnd); -int AskWarnYesNoTopmost (char *stringId, HWND hwnd); -int AskWarnYesNoStringTopmost (const wchar_t *string, HWND hwnd); -int AskWarnNoYes (char *stringId, HWND hwnd); -int AskWarnNoYesString (const wchar_t *string, HWND hwnd); -int AskWarnNoYesTopmost (char *stringId, HWND hwnd); -int AskWarnOkCancel (char *stringId, HWND hwnd); -int AskWarnCancelOk (char *stringId, HWND hwnd); -int AskErrYesNo (char *stringId, HWND hwnd); -int AskErrNoYes (char *stringId, HWND hwnd); -int AskMultiChoice (void *strings[], BOOL bBold, HWND hwnd); -BOOL ConfigWriteBegin (); -BOOL ConfigWriteEnd (HWND hwnd); -BOOL ConfigWriteString (char *configKey, char *configValue); -BOOL ConfigWriteStringW (char *configKey, wchar_t *configValue); -BOOL ConfigWriteInt (char *configKey, int configValue); -int ConfigReadInt (char *configKey, int defaultValue); -char *ConfigReadString (char *configKey, char *defaultValue, char *str, int maxLen); -void ConfigReadCompareInt(char *configKey, int defaultValue, int* pOutputValue, BOOL bOnlyCheckModified, BOOL* pbModified); -void ConfigReadCompareString (char *configKey, char *defaultValue, char *str, int maxLen, BOOL bOnlyCheckModified, BOOL *pbModified); -void RestoreDefaultKeyFilesParam (void); -BOOL LoadDefaultKeyFilesParam (void); -void Debug (char *format, ...); -void DebugMsgBox (char *format, ...); -BOOL IsOSAtLeast (OSVersionEnum reqMinOS); -BOOL IsOSVersionAtLeast (OSVersionEnum reqMinOS, int reqMinServicePack); -BOOL Is64BitOs (); -BOOL IsServerOS (); -BOOL IsHiddenOSRunning (void); -BOOL EnableWow64FsRedirection (BOOL enable); -BOOL RestartComputer (void); -void Applink (char *dest, BOOL bSendOS, char *extraOutput); -wchar_t *RelativePath2Absolute (wchar_t *szFileName); -void HandleDriveNotReadyError (HWND hwnd); -BOOL CALLBACK CloseTCWindowsEnum( HWND hwnd, LPARAM lParam); -BOOL CALLBACK FindTCWindowEnum (HWND hwnd, LPARAM lParam); -BYTE *MapResource (wchar_t *resourceType, int resourceId, PDWORD size); -void InconsistencyResolved (char *msg); -void ReportUnexpectedState (char *techInfo); -BOOL SelectMultipleFiles (HWND hwndDlg, const char *stringId, wchar_t *lpszFileName, size_t cbFileName, BOOL keepHistory); -BOOL SelectMultipleFilesNext (wchar_t *lpszFileName, size_t cbFileName); -void OpenOnlineHelp (); -BOOL GetPartitionInfo (const wchar_t *deviceName, PPARTITION_INFORMATION rpartInfo); -BOOL GetDeviceInfo (const wchar_t *deviceName, DISK_PARTITION_INFO_STRUCT *info); -BOOL GetDriveGeometry (const wchar_t *deviceName, PDISK_GEOMETRY diskGeometry); -BOOL GetPhysicalDriveGeometry (int driveNumber, PDISK_GEOMETRY diskGeometry); -BOOL IsVolumeDeviceHosted (const wchar_t *lpszDiskFile); -int CompensateXDPI (int val); -int CompensateYDPI (int val); -int CompensateDPIFont (int val); -int GetTextGfxWidth (HWND hwndDlgItem, const wchar_t *text, HFONT hFont); -int GetTextGfxHeight (HWND hwndDlgItem, const wchar_t *text, HFONT hFont); -BOOL ToHyperlink (HWND hwndDlg, UINT ctrlId); -BOOL ToCustHyperlink (HWND hwndDlg, UINT ctrlId, HFONT hFont); -void DisableCloseButton (HWND hwndDlg); -void EnableCloseButton (HWND hwndDlg); -void ToBootPwdField (HWND hwndDlg, UINT ctrlId); -void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT hFont); -BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize); -BOOL GetSysDevicePaths (HWND hwndDlg); -BOOL DoDriverInstall (HWND hwndDlg); -int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader); -void CloseVolume (OpenVolumeContext *context); -int ReEncryptVolumeHeader (HWND hwndDlg, char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode); -BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly); -BOOL IsPagingFileWildcardActive (); -BOOL DisablePagingFile (); -BOOL CALLBACK SecurityTokenPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); -BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); -BOOL InitSecurityTokenLibrary (HWND hwndDlg); -BOOL FileHasReadOnlyAttribute (const wchar_t *path); -BOOL IsFileOnReadOnlyFilesystem (const wchar_t *path); -void CheckFilesystem (HWND hwndDlg, int driveNo, BOOL fixErrors); -BOOL BufferContainsString (const byte *buffer, size_t bufferSize, const char *str); -int AskNonSysInPlaceEncryptionResume (HWND hwndDlg, BOOL* pbDecrypt); -BOOL RemoveDeviceWriteProtection (HWND hwndDlg, wchar_t *devicePath); -void EnableElevatedCursorChange (HWND parent); -BOOL DisableFileCompression (HANDLE file); -BOOL VolumePathExists (const wchar_t *volumePath); -BOOL IsWindowsIsoBurnerAvailable (); -BOOL LaunchWindowsIsoBurner (HWND hwnd, const wchar_t *isoPath); -BOOL IsApplicationInstalled (const wchar_t *appName); -int GetPim (HWND hwndDlg, UINT ctrlId); -void SetPim (HWND hwndDlg, UINT ctrlId, int pim); -BOOL GetPassword (HWND hwndDlg, UINT ctrlID, char* passValue, int bufSize, BOOL bShowError); -void SetPassword (HWND hwndDlg, UINT ctrlID, char* passValue); -void HandleShowPasswordFieldAction (HWND hwndDlg, UINT checkBoxId, UINT edit1Id, UINT edit2Id); -HKEY OpenDeviceClassRegKey (const GUID *deviceClassGuid); -LSTATUS DeleteRegistryKey (HKEY, LPCTSTR); -HIMAGELIST CreateImageList(int cx, int cy, UINT flags, int cInitial, int cGrow); -int AddBitmapToImageList(HIMAGELIST himl, HBITMAP hbmImage, HBITMAP hbmMask); -HRESULT VCStrDupW(LPCWSTR psz, LPWSTR *ppwsz); -void ProcessEntropyEstimate (HWND hProgress, DWORD* pdwInitialValue, DWORD dwCounter, DWORD dwMaxLevel, DWORD* pdwEntropy); -void AllowMessageInUIPI (UINT msg); -BOOL IsRepeatedByteArray (byte value, const byte* buffer, size_t bufferSize); -BOOL TranslateVolumeID (HWND hwndDlg, wchar_t* pathValue, size_t cchPathValue); -BOOL CopyTextToClipboard (const wchar_t* txtValue); - -#ifdef __cplusplus -} - -#include -#include - -struct HostDevice -{ - HostDevice () - : - Bootable (false), - ContainsSystem (false), - DynamicVolume (false), - Floppy (false), - IsPartition (false), - IsVirtualPartition (false), - HasUnencryptedFilesystem (false), - Removable (false), - Size (0), - SystemNumber((uint32) -1) - { - } - - ~HostDevice () { } - - bool Bootable; - bool ContainsSystem; - bool DynamicVolume; - bool Floppy; - bool IsPartition; - bool IsVirtualPartition; - bool HasUnencryptedFilesystem; - std::wstring MountPoint; - std::wstring Name; - std::wstring Path; - bool Removable; - uint64 Size; - uint32 SystemNumber; - - std::vector Partitions; -}; - -struct RawDevicesDlgParam -{ - std::vector devices; - wchar_t *pszFileName; -}; - -BOOL BrowseFilesInDir (HWND hwndDlg, char *stringId, wchar_t *initialDir, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter, const wchar_t *initialFileName = NULL, const wchar_t *defaultExtension = NULL); -std::wstring SingleStringToWide (const std::string &singleString); -std::wstring Utf8StringToWide (const std::string &utf8String); -std::string WideToUtf8String (const std::wstring &wideString); -std::vector GetAvailableHostDevices (bool noDeviceProperties = false, bool singleList = false, bool noFloppy = true, bool detectUnencryptedFilesystems = false); -std::wstring ToUpperCase (const std::wstring &str); -std::wstring GetWrongPasswordErrorMessage (HWND hwndDlg); -std::wstring GetWindowsEdition (); -std::wstring FitPathInGfxWidth (HWND hwnd, HFONT hFont, LONG width, const std::wstring &path); -std::wstring GetServiceConfigPath (const wchar_t *fileName, bool useLegacy); -std::wstring VolumeGuidPathToDevicePath (std::wstring volumeGuidPath); -std::wstring HarddiskVolumePathToPartitionPath (const std::wstring &harddiskVolumePath); -std::wstring FindLatestFileOrDirectory (const std::wstring &directory, const wchar_t *namePattern, bool findDirectory, bool findFile); -std::wstring GetUserFriendlyVersionString (int version); -std::wstring IntToWideString (int val); -std::wstring ArrayToHexWideString (const unsigned char* pbData, int cbData); -bool HexWideStringToArray (const wchar_t* hexStr, std::vector& arr); -std::wstring FindDeviceByVolumeID (const BYTE volumeID [VOLUME_ID_SIZE]); -void RegisterDriverInf (bool registerFilter, const std::string& filter, const std::string& filterReg, HWND ParentWindow, HKEY regKey); -std::wstring GetTempPathString (); -inline std::wstring AppendSrcPos (const wchar_t* msg, const char* srcPos) -{ - return std::wstring (msg? msg : L"") + L"\n\nSource: " + SingleStringToWide (srcPos); -} - -// Display a wait dialog while calling the provided callback with the given parameter -typedef void (CALLBACK* WaitThreadProc)(void* pArg, HWND hWaitDlg); -void BringToForeground(HWND hWnd); -void ShowWaitDialog(HWND hwnd, BOOL bUseHwndAsParent, WaitThreadProc callback, void* pArg); - -#endif // __cplusplus - -#endif // TC_HEADER_DLGCODE +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifndef TC_HEADER_DLGCODE +#define TC_HEADER_DLGCODE + +#include "Common.h" +#include "Apidrvr.h" +#include "Keyfiles.h" +#include "Wipe.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* IDs for dynamically generated GUI elements */ +enum dynamic_gui_element_ids +{ + IDPM_CHECK_FILESYS = 500001, + IDPM_REPAIR_FILESYS, + IDPM_OPEN_VOLUME, + IDPM_SELECT_FILE_AND_MOUNT, + IDPM_SELECT_DEVICE_AND_MOUNT, + IDPM_ADD_TO_FAVORITES, + IDPM_ADD_TO_SYSTEM_FAVORITES, + IDM_SHOW_HIDE, + IDM_HOMEPAGE_SYSTRAY, + IDPM_COPY_VALUE_TO_CLIPBOARD +}; + +enum +{ + TC_TBXID_LEGAL_NOTICES, + TC_TBXID_SYS_ENCRYPTION_PRETEST, + TC_TBXID_SYS_ENC_RESCUE_DISK, + TC_TBXID_DECOY_OS_INSTRUCTIONS, + TC_TBXID_EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS +}; + +#define TC_APPLICATION_ID L"IDRIX.VeraCrypt" + +#define TC_MUTEX_NAME_SYSENC L"Global\\VeraCrypt System Encryption Wizard" +#define TC_MUTEX_NAME_NONSYS_INPLACE_ENC L"Global\\VeraCrypt In-Place Encryption Wizard" +#define TC_MUTEX_NAME_APP_SETUP L"Global\\VeraCrypt Setup" +#define TC_MUTEX_NAME_DRIVER_SETUP L"Global\\VeraCrypt Driver Setup" + +#define IDC_ABOUT 0x7fff /* ID for AboutBox on system menu in wm_user range */ + +#define EXCL_ACCESS_MAX_AUTO_RETRIES 500 +#define EXCL_ACCESS_AUTO_RETRY_DELAY 10 + +#define UNMOUNT_MAX_AUTO_RETRIES 30 +#define UNMOUNT_AUTO_RETRY_DELAY 50 + +// After the user receives the "Incorrect password" error this number of times in a row, we should automatically +// try using the embedded header backup (if any). This ensures that the "Incorrect password" message is reported faster +// initially (most such errors are really caused by supplying an incorrect password, not by header corruption). +#define TC_TRY_HEADER_BAK_AFTER_NBR_WRONG_PWD_TRIES 2 + +#define MAX_MULTI_CHOICES 10 /* Maximum number of options for mutliple-choice dialog */ + +#define TC_APPD_FILENAME_CONFIGURATION L"Configuration.xml" +#define TC_APPD_FILENAME_SYSTEM_ENCRYPTION L"System Encryption.xml" +#define TC_APPD_FILENAME_DEFAULT_KEYFILES L"Default Keyfiles.xml" +#define TC_APPD_FILENAME_HISTORY L"History.xml" +#define TC_APPD_FILENAME_FAVORITE_VOLUMES L"Favorite Volumes.xml" +#define TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES _T(TC_APP_NAME) L" System Favorite Volumes.xml" +#define TC_APPD_FILENAME_NONSYS_INPLACE_ENC L"In-Place Encryption" +#define TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE L"In-Place Encryption Wipe Algo" +#define TC_APPD_FILENAME_POST_INSTALL_TASK_TUTORIAL L"Post-Install Task - Tutorial" +#define TC_APPD_FILENAME_POST_INSTALL_TASK_RELEASE_NOTES L"Post-Install Task - Release Notes" + +#define VC_FILENAME_RENAMED_SUFFIX L"_old" + +#ifndef USER_DEFAULT_SCREEN_DPI +#define USER_DEFAULT_SCREEN_DPI 96 +#endif + +#if (USER_DEFAULT_SCREEN_DPI != 96) +# error Revision of GUI and graphics necessary, since everything assumes default screen DPI as 96 (note that 96 is the default on Windows 2000, XP, and Vista). +#endif + +enum +{ + TC_POST_INSTALL_CFG_REMOVE_ALL = 0, + TC_POST_INSTALL_CFG_TUTORIAL, + TC_POST_INSTALL_CFG_RELEASE_NOTES +}; + +extern char *LastDialogId; +extern char *ConfigBuffer; +extern wchar_t szHelpFile[TC_MAX_PATH]; +extern wchar_t szHelpFile2[TC_MAX_PATH]; +extern wchar_t SecurityTokenLibraryPath[TC_MAX_PATH]; +extern HFONT hFixedDigitFont; +extern HFONT hBoldFont; +extern HFONT hTitleFont; +extern HFONT hFixedFont; +extern HFONT hUserFont; +extern HFONT hUserUnderlineFont; +extern HFONT hUserBoldFont; +extern HFONT WindowTitleBarFont; +extern int ScreenDPI; +extern double DlgAspectRatio; +extern HWND MainDlg; +extern BOOL Silent; +extern BOOL bHistory; +extern BOOL bPreserveTimestamp; +extern BOOL bShowDisconnectedNetworkDrives; +extern BOOL bHideWaitingDialog; +extern BOOL bCmdHideWaitingDialog; +extern BOOL bCmdHideWaitingDialogValid; +extern BOOL bStartOnLogon; +extern BOOL bMountDevicesOnLogon; +extern BOOL bMountFavoritesOnLogon; +extern int HiddenSectorDetectionStatus; +extern wchar_t *lpszTitle; +extern OSVersionEnum nCurrentOS; +extern int CurrentOSMajor; +extern int CurrentOSMinor; +extern int CurrentOSServicePack; +extern BOOL RemoteSession; +extern HANDLE hDriver; +extern HINSTANCE hInst; +extern int SystemEncryptionStatus; +extern WipeAlgorithmId nWipeMode; +extern BOOL bSysPartitionSelected; +extern BOOL bSysDriveSelected; + +extern wchar_t SysPartitionDevicePath [TC_MAX_PATH]; +extern wchar_t SysDriveDevicePath [TC_MAX_PATH]; +extern char bCachedSysDevicePathsValid; + +extern BOOL bHyperLinkBeingTracked; +extern BOOL bInPlaceEncNonSysPending; + +extern BOOL PimEnable; +extern BOOL KeyFilesEnable; +extern KeyFile *FirstKeyFile; +extern KeyFilesDlgParam defaultKeyFilesParam; +extern BOOL UacElevated; +extern BOOL IgnoreWmDeviceChange; +extern BOOL DeviceChangeBroadcastDisabled; +extern BOOL LastMountedVolumeDirty; +extern BOOL MountVolumesAsSystemFavorite; +extern BOOL FavoriteMountOnArrivalInProgress; +extern BOOL MultipleMountOperationInProgress; + + +enum tc_app_msg_ids +{ + /* WARNING: Changing these values or their meanings may cause incompatibility with other versions + (for example, if a new version of the TrueCrypt installer needed to shut down this version of + TrueCrypt during upgrade, it could fail or do something unwanted because the signal value would + be incorrect). When adding a new constant, verify that the value is unique within this block and + that it is less than WM_APP+16383. */ + + // Common (inter-app) + TC_APPMSG_CLOSE_BKG_TASK = WM_APP + 4, // Changing this value will prevent smooth upgrades from pre-5.x versions + TC_APPMSG_SYSENC_CONFIG_UPDATE = WM_APP + 101, + TC_APPMSG_TASKBAR_ICON = WM_APP + 102, + TC_APPMSG_LOAD_TEXT_BOX_CONTENT = WM_APP + 103, + // Mount + TC_APPMSG_MOUNT_ENABLE_DISABLE_CONTROLS = WM_APP + 201, + TC_APPMSG_MOUNT_SHOW_WINDOW = WM_APP + 202, + TC_APPMSG_PREBOOT_PASSWORD_MODE = WM_APP + 203, + // Format + TC_APPMSG_VOL_TRANSFORM_THREAD_ENDED = WM_APP + 301, + TC_APPMSG_FORMAT_FINISHED = WM_APP + 302, + TC_APPMSG_FORMAT_USER_QUIT = WM_APP + 303, + TC_APPMSG_PERFORM_POST_WMINIT_TASKS = WM_APP + 304, + TC_APPMSG_PERFORM_POST_SYSENC_WMINIT_TASKS = WM_APP + 305, + TC_APPMSG_NONSYS_INPLACE_ENC_FINISHED = WM_APP + 306, + // Setup + TC_APPMSG_INSTALL_SUCCESS = WM_APP + 401, + TC_APPMSG_UNINSTALL_SUCCESS = WM_APP + 402, + TC_APPMSG_EXTRACTION_SUCCESS = WM_APP + 403, + TC_APPMSG_INSTALL_FAILURE = WM_APP + 404, + TC_APPMSG_UNINSTALL_FAILURE = WM_APP + 405, + TC_APPMSG_EXTRACTION_FAILURE = WM_APP + 406 +}; + +enum system_encryption_status +{ + /* WARNING: As these values are written to config files, if they or their meanings + are changed, incompatiblity with other versions may arise (upgrade, downgrade, etc.). + When adding a new constant, verify that the value is unique within this block. */ + SYSENC_STATUS_NONE = 0, + SYSENC_STATUS_PRETEST = 200, // This may also mean that the OS is to be (or has been) copied to a hidden volume (to create a hidden OS). + SYSENC_STATUS_ENCRYPTING = 400, + SYSENC_STATUS_DECRYPTING = 600 +}; + +enum vol_creation_wizard_modes +{ + WIZARD_MODE_FILE_CONTAINER = 0, + WIZARD_MODE_NONSYS_DEVICE, + WIZARD_MODE_SYS_DEVICE +}; + + +typedef struct +{ + BOOL VolumeIsOpen; + + CRYPTO_INFO *CryptoInfo; + BOOL IsDevice; + HANDLE HostFileHandle; + uint64 HostSize; + + BOOL TimestampsValid; + FILETIME CreationTime; + FILETIME LastWriteTime; + FILETIME LastAccessTime; + +} OpenVolumeContext; + + +#define DEFAULT_VOL_CREATION_WIZARD_MODE WIZARD_MODE_FILE_CONTAINER + +#define ICON_HAND MB_ICONHAND +#define YES_NO MB_YESNO + +#define ISO_BURNER_TOOL L"isoburn.exe" +#define PRINT_TOOL L"notepad.exe" + +void cleanup ( void ); +void LowerCaseCopy ( wchar_t *lpszDest , const wchar_t *lpszSource ); +void UpperCaseCopy ( wchar_t *lpszDest , size_t cbDest, const wchar_t *lpszSource ); +void CreateFullVolumePath ( wchar_t *lpszDiskFile , size_t cbDiskFile, const wchar_t *lpszFileName , BOOL *bDevice ); +int FakeDosNameForDevice ( const wchar_t *lpszDiskFile , wchar_t *lpszDosDevice , size_t cbDosDevice, wchar_t *lpszCFDevice , size_t cbCFDevice, BOOL bNameOnly ); +int RemoveFakeDosName ( wchar_t *lpszDiskFile , wchar_t *lpszDosDevice ); +void AbortProcessDirect ( wchar_t *abortMsg ); +void AbortProcess ( char *stringId ); +void AbortProcessSilent ( void ); +void *err_malloc ( size_t size ); +char *err_strdup ( char *lpszText ); +DWORD handleWin32Error ( HWND hwndDlg, const char* srcPos ); +BOOL IsDiskReadError (DWORD error); +BOOL IsDiskWriteError (DWORD error); +BOOL IsDiskError (DWORD error); +BOOL translateWin32Error ( wchar_t *lpszMsgBuf , int nWSizeOfBuf ); +BOOL CALLBACK AboutDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); +static BOOL CALLBACK StaticModelessWaitDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); +void DisplayStaticModelessWaitDlg (HWND parent); +void CloseStaticModelessWaitDlg (void); +BOOL IsButtonChecked ( HWND hButton ); +void CheckButton ( HWND hButton ); +void LeftPadString (wchar_t *szTmp, int len, int targetLen, wchar_t filler); +void InitDialog ( HWND hwndDlg ); +void ProcessPaintMessages (HWND hwnd, int maxMessagesToProcess); +HDC CreateMemBitmap ( HINSTANCE hInstance , HWND hwnd , wchar_t *resource ); +HBITMAP RenderBitmap ( wchar_t *resource , HWND hwndDest , int x , int y , int nWidth , int nHeight , BOOL bDirectRender , BOOL bKeepAspectRatio); +LRESULT CALLBACK RedTick ( HWND hwnd , UINT uMsg , WPARAM wParam , LPARAM lParam ); +BOOL RegisterRedTick ( HINSTANCE hInstance ); +BOOL UnregisterRedTick ( HINSTANCE hInstance ); +LRESULT CALLBACK SplashDlgProc ( HWND hwnd , UINT uMsg , WPARAM wParam , LPARAM lParam ); +void WaitCursor ( void ); +void NormalCursor ( void ); +void ArrowWaitCursor ( void ); +void HandCursor (); +void AddComboPair (HWND hComboBox, const wchar_t *lpszItem, int value); +void SelectAlgo ( HWND hComboBox , int *nCipher ); +void PopulateWipeModeCombo (HWND hComboBox, BOOL bNA, BOOL bInPlaceEncryption, BOOL bHeaderWipe); +wchar_t *GetWipeModeName (WipeAlgorithmId modeId); +wchar_t *GetPathType (const wchar_t *path, BOOL bUpperCase, BOOL *bIsPartition); +LRESULT CALLBACK CustomDlgProc ( HWND hwnd , UINT uMsg , WPARAM wParam , LPARAM lParam ); +BOOL TCCreateMutex (volatile HANDLE *hMutex, wchar_t *name); +void TCCloseMutex (volatile HANDLE *hMutex); +BOOL MutexExistsOnSystem (wchar_t *name); +BOOL CreateSysEncMutex (void); +BOOL InstanceHasSysEncMutex (void); +void CloseSysEncMutex (void); +BOOL CreateNonSysInplaceEncMutex (void); +BOOL InstanceHasNonSysInplaceEncMutex (void); +void CloseNonSysInplaceEncMutex (void); +BOOL NonSysInplaceEncInProgressElsewhere (void); +BOOL CreateDriverSetupMutex (void); +void CloseDriverSetupMutex (void); +BOOL CreateAppSetupMutex (void); +BOOL InstanceHasAppSetupMutex (void); +void CloseAppSetupMutex (void); +BOOL IsTrueCryptInstallerRunning (void); +uint32 ReadDriverConfigurationFlags (); +uint32 ReadEncryptionThreadPoolFreeCpuCountLimit (); +BOOL LoadSysEncSettings (); +int LoadNonSysInPlaceEncSettings (WipeAlgorithmId *wipeAlgorithm); +void RemoveNonSysInPlaceEncNotifications (void); +void SavePostInstallTasksSettings (int command); +void DoPostInstallTasks (HWND hwndDlg); +void InitOSVersionInfo (); +void InitApp ( HINSTANCE hInstance, wchar_t *lpszCommandLine ); +void FinalizeApp (void); +void InitHelpFileName (void); +BOOL OpenDevice (const wchar_t *lpszPath, OPEN_TEST_STRUCT *driver, BOOL detectFilesystem, BOOL matchVolumeID, const BYTE* pbVolumeID); +void NotifyDriverOfPortableMode (void); +int GetAvailableFixedDisks ( HWND hComboBox , char *lpszRootPath ); +int GetAvailableRemovables ( HWND hComboBox , char *lpszRootPath ); +int IsSystemDevicePath (const wchar_t *path, HWND hwndDlg, BOOL bReliableRequired); +int IsNonSysPartitionOnSysDrive (const wchar_t *path); +BOOL CALLBACK RawDevicesDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); +INT_PTR TextInfoDialogBox (int nID); +BOOL CALLBACK TextInfoDialogBoxDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); +char * GetLegalNotices (); +BOOL CALLBACK BenchmarkDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); +void UserEnrichRandomPool (HWND hwndDlg); +BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); +BOOL CALLBACK MultiChoiceDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam); +int DriverAttach ( void ); +BOOL CALLBACK CipherTestDialogProc ( HWND hwndDlg , UINT uMsg , WPARAM wParam , LPARAM lParam ); +void ResetCipherTest ( HWND hwndDlg , int idTestCipher ); +void ResetCurrentDirectory (); +BOOL BrowseFiles (HWND hwndDlg, char *stringId, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter); +BOOL BrowseDirectories (HWND hWnd, char *lpszTitle, wchar_t *dirName); +void handleError ( HWND hwndDlg , int code, const char* srcPos ); +BOOL CheckFileStreamWriteErrors (HWND hwndDlg, FILE *file, const wchar_t *fileName); +void LocalizeDialog ( HWND hwnd, char *stringId ); +void OpenVolumeExplorerWindow (int driveNo); +static BOOL CALLBACK CloseVolumeExplorerWindowsEnum( HWND hwnd, LPARAM driveNo); +BOOL CloseVolumeExplorerWindows (HWND hwnd, int driveNo); +BOOL UpdateDriveCustomLabel (int driveNo, wchar_t* effectiveLabel, BOOL bSetValue); +BOOL CheckCapsLock (HWND hwnd, BOOL quiet); +BOOL CheckFileExtension (wchar_t *fileName); +void CorrectFileName (wchar_t* fileName); +void IncreaseWrongPwdRetryCount (int count); +void ResetWrongPwdRetryCount (void); +BOOL WrongPwdRetryCountOverLimit (void); +DWORD GetUsedLogicalDrives (void); +int GetFirstAvailableDrive (); +int GetLastAvailableDrive (); +BOOL IsDriveAvailable (int driveNo); +BOOL IsDeviceMounted (wchar_t *deviceName); +int DriverUnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forced); +void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap); +int MountVolume (HWND hwndDlg, int driveNo, wchar_t *volumePath, Password *password, int pkcs5, int pim, BOOL truecryptMode, BOOL cachePassword, BOOL cachePim, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword); +BOOL UnmountVolume (HWND hwndDlg , int nDosDriveNo, BOOL forceUnmount); +BOOL UnmountVolumeAfterFormatExCall (HWND hwndDlg, int nDosDriveNo); +BOOL IsPasswordCacheEmpty (void); +BOOL IsMountedVolumeID (BYTE volumeID[VOLUME_ID_SIZE]); +BOOL IsMountedVolume (const wchar_t *volname); +int GetMountedVolumeDriveNo (wchar_t *volname); +BOOL IsAdmin (void); +BOOL IsBuiltInAdmin (); +BOOL IsUacSupported (); +BOOL ResolveSymbolicLink (const wchar_t *symLinkName, PWSTR targetName, size_t cbTargetName); +int GetDiskDeviceDriveLetter (PWSTR deviceName); +int FileSystemAppearsEmpty (const wchar_t *devicePath); +__int64 GetStatsFreeSpaceOnPartition (const wchar_t *devicePath, float *percent, __int64 *occupiedBytes, BOOL silent); +__int64 GetDeviceSize (const wchar_t *devicePath); +HANDLE DismountDrive (wchar_t *devName, wchar_t *devicePath); +int64 FindString (const char *buf, const char *str, int64 bufLen, int64 strLen, int64 startOffset); +BOOL FileExists (const wchar_t *filePathPtr); +__int64 FindStringInFile (const wchar_t *filePath, const char *str, int strLen); +BOOL TCCopyFile (wchar_t *sourceFileName, wchar_t *destinationFile); +BOOL SaveBufferToFile (const char *inputBuffer, const wchar_t *destinationFile, DWORD inputLength, BOOL bAppend, BOOL bRenameIfFailed); +BOOL TCFlushFile (FILE *f); +BOOL PrintHardCopyTextUTF16 (wchar_t *text, wchar_t *title, size_t byteLen); +void GetSpeedString (unsigned __int64 speed, wchar_t *str, size_t cbStr); +BOOL IsNonInstallMode (); +BOOL DriverUnload (); +LRESULT SetCheckBox (HWND hwndDlg, int dlgItem, BOOL state); +BOOL GetCheckBox (HWND hwndDlg, int dlgItem); +void SetListScrollHPos (HWND hList, int topMostVisibleItem); +void ManageStartupSeq (void); +void ManageStartupSeqWiz (BOOL bRemove, const wchar_t *arg); +void CleanLastVisitedMRU (void); +void ClearHistory (HWND hwndDlgItem); +LRESULT ListItemAdd (HWND list, int index, const wchar_t *string); +LRESULT ListSubItemSet (HWND list, int index, int subIndex, const wchar_t *string); +BOOL GetMountList (MOUNT_LIST_STRUCT *list); +int GetDriverRefCount (); +void GetSizeString (unsigned __int64 size, wchar_t *str, size_t cbStr); +__int64 GetFileSize64 (const wchar_t *path); +BOOL LoadInt16 (const wchar_t *filePath, int *result, __int64 fileOffset); +BOOL LoadInt32 (const wchar_t *filePath, unsigned __int32 *result, __int64 fileOffset); +char *LoadFile (const wchar_t *fileName, DWORD *size); +char *LoadFileBlock (const wchar_t *fileName, __int64 fileOffset, DWORD count); +wchar_t *GetModPath (wchar_t *path, int maxSize); +wchar_t *GetConfigPath (wchar_t *fileName); +wchar_t *GetProgramConfigPath (wchar_t *fileName); +wchar_t GetSystemDriveLetter (void); +void OpenPageHelp (HWND hwndDlg, int nPage); +void TaskBarIconDisplayBalloonTooltip (HWND hwnd, wchar_t *headline, wchar_t *text, BOOL warning); +void InfoBalloon (char *headingStringId, char *textStringId, HWND hwnd); +void InfoBalloonDirect (wchar_t *headingString, wchar_t *textString, HWND hwnd); +void WarningBalloon (char *headingStringId, char *textStringId, HWND hwnd); +void WarningBalloonDirect (wchar_t *headingString, wchar_t *textString, HWND hwnd); +int Info (char *stringId, HWND hwnd); +int InfoTopMost (char *stringId, HWND hwnd); +int InfoDirect (const wchar_t *msg, HWND hwnd); +int Warning (char *stringId, HWND hwnd); +int WarningTopMost (char *stringId, HWND hwnd); +int WarningDirect (const wchar_t *warnMsg, HWND hwnd); +int Error (char *stringId, HWND hwnd); +int ErrorRetryCancel (char *stringId, HWND hwnd); +int ErrorDirect (const wchar_t *errMsg, HWND hwnd); +int ErrorTopMost (char *stringId, HWND hwnd); +int AskYesNo (char *stringId, HWND hwnd); +int AskYesNoString (const wchar_t *str, HWND hwnd); +int AskYesNoTopmost (char *stringId, HWND hwnd); +int AskNoYes (char *stringId, HWND hwnd); +int AskNoYesString (const wchar_t *string, HWND hwnd); +int AskOkCancel (char *stringId, HWND hwnd); +int AskWarnYesNo (char *stringId, HWND hwnd); +int AskWarnYesNoString (const wchar_t *string, HWND hwnd); +int AskWarnYesNoTopmost (char *stringId, HWND hwnd); +int AskWarnYesNoStringTopmost (const wchar_t *string, HWND hwnd); +int AskWarnNoYes (char *stringId, HWND hwnd); +int AskWarnNoYesString (const wchar_t *string, HWND hwnd); +int AskWarnNoYesTopmost (char *stringId, HWND hwnd); +int AskWarnOkCancel (char *stringId, HWND hwnd); +int AskWarnCancelOk (char *stringId, HWND hwnd); +int AskErrYesNo (char *stringId, HWND hwnd); +int AskErrNoYes (char *stringId, HWND hwnd); +int AskMultiChoice (void *strings[], BOOL bBold, HWND hwnd); +BOOL ConfigWriteBegin (); +BOOL ConfigWriteEnd (HWND hwnd); +BOOL ConfigWriteString (char *configKey, char *configValue); +BOOL ConfigWriteStringW (char *configKey, wchar_t *configValue); +BOOL ConfigWriteInt (char *configKey, int configValue); +int ConfigReadInt (char *configKey, int defaultValue); +char *ConfigReadString (char *configKey, char *defaultValue, char *str, int maxLen); +void ConfigReadCompareInt(char *configKey, int defaultValue, int* pOutputValue, BOOL bOnlyCheckModified, BOOL* pbModified); +void ConfigReadCompareString (char *configKey, char *defaultValue, char *str, int maxLen, BOOL bOnlyCheckModified, BOOL *pbModified); +void RestoreDefaultKeyFilesParam (void); +BOOL LoadDefaultKeyFilesParam (void); +void Debug (char *format, ...); +void DebugMsgBox (char *format, ...); +BOOL IsOSAtLeast (OSVersionEnum reqMinOS); +BOOL IsOSVersionAtLeast (OSVersionEnum reqMinOS, int reqMinServicePack); +BOOL Is64BitOs (); +BOOL IsServerOS (); +BOOL IsHiddenOSRunning (void); +BOOL EnableWow64FsRedirection (BOOL enable); +BOOL RestartComputer (void); +void Applink (char *dest, BOOL bSendOS, char *extraOutput); +wchar_t *RelativePath2Absolute (wchar_t *szFileName); +void HandleDriveNotReadyError (HWND hwnd); +BOOL CALLBACK CloseTCWindowsEnum( HWND hwnd, LPARAM lParam); +BOOL CALLBACK FindTCWindowEnum (HWND hwnd, LPARAM lParam); +BYTE *MapResource (wchar_t *resourceType, int resourceId, PDWORD size); +void InconsistencyResolved (char *msg); +void ReportUnexpectedState (char *techInfo); +BOOL SelectMultipleFiles (HWND hwndDlg, const char *stringId, wchar_t *lpszFileName, size_t cbFileName, BOOL keepHistory); +BOOL SelectMultipleFilesNext (wchar_t *lpszFileName, size_t cbFileName); +void OpenOnlineHelp (); +BOOL GetPartitionInfo (const wchar_t *deviceName, PPARTITION_INFORMATION rpartInfo); +BOOL GetDeviceInfo (const wchar_t *deviceName, DISK_PARTITION_INFO_STRUCT *info); +BOOL GetDriveGeometry (const wchar_t *deviceName, PDISK_GEOMETRY diskGeometry); +BOOL GetPhysicalDriveGeometry (int driveNumber, PDISK_GEOMETRY diskGeometry); +BOOL IsVolumeDeviceHosted (const wchar_t *lpszDiskFile); +int CompensateXDPI (int val); +int CompensateYDPI (int val); +int CompensateDPIFont (int val); +int GetTextGfxWidth (HWND hwndDlgItem, const wchar_t *text, HFONT hFont); +int GetTextGfxHeight (HWND hwndDlgItem, const wchar_t *text, HFONT hFont); +BOOL ToHyperlink (HWND hwndDlg, UINT ctrlId); +BOOL ToCustHyperlink (HWND hwndDlg, UINT ctrlId, HFONT hFont); +void DisableCloseButton (HWND hwndDlg); +void EnableCloseButton (HWND hwndDlg); +void ToBootPwdField (HWND hwndDlg, UINT ctrlId); +void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT hFont); +BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize); +BOOL GetSysDevicePaths (HWND hwndDlg); +BOOL DoDriverInstall (HWND hwndDlg); +int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader); +void CloseVolume (OpenVolumeContext *context); +int ReEncryptVolumeHeader (HWND hwndDlg, char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode); +BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly); +BOOL IsPagingFileWildcardActive (); +BOOL DisablePagingFile (); +BOOL CALLBACK SecurityTokenPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); +BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); +BOOL InitSecurityTokenLibrary (HWND hwndDlg); +BOOL FileHasReadOnlyAttribute (const wchar_t *path); +BOOL IsFileOnReadOnlyFilesystem (const wchar_t *path); +void CheckFilesystem (HWND hwndDlg, int driveNo, BOOL fixErrors); +BOOL BufferContainsString (const byte *buffer, size_t bufferSize, const char *str); +int AskNonSysInPlaceEncryptionResume (HWND hwndDlg, BOOL* pbDecrypt); +BOOL RemoveDeviceWriteProtection (HWND hwndDlg, wchar_t *devicePath); +void EnableElevatedCursorChange (HWND parent); +BOOL DisableFileCompression (HANDLE file); +BOOL VolumePathExists (const wchar_t *volumePath); +BOOL IsWindowsIsoBurnerAvailable (); +BOOL LaunchWindowsIsoBurner (HWND hwnd, const wchar_t *isoPath); +BOOL IsApplicationInstalled (const wchar_t *appName); +int GetPim (HWND hwndDlg, UINT ctrlId); +void SetPim (HWND hwndDlg, UINT ctrlId, int pim); +BOOL GetPassword (HWND hwndDlg, UINT ctrlID, char* passValue, int bufSize, BOOL bShowError); +void SetPassword (HWND hwndDlg, UINT ctrlID, char* passValue); +void HandleShowPasswordFieldAction (HWND hwndDlg, UINT checkBoxId, UINT edit1Id, UINT edit2Id); +HKEY OpenDeviceClassRegKey (const GUID *deviceClassGuid); +LSTATUS DeleteRegistryKey (HKEY, LPCTSTR); +HIMAGELIST CreateImageList(int cx, int cy, UINT flags, int cInitial, int cGrow); +int AddBitmapToImageList(HIMAGELIST himl, HBITMAP hbmImage, HBITMAP hbmMask); +HRESULT VCStrDupW(LPCWSTR psz, LPWSTR *ppwsz); +void ProcessEntropyEstimate (HWND hProgress, DWORD* pdwInitialValue, DWORD dwCounter, DWORD dwMaxLevel, DWORD* pdwEntropy); +void AllowMessageInUIPI (UINT msg); +BOOL IsRepeatedByteArray (byte value, const byte* buffer, size_t bufferSize); +BOOL TranslateVolumeID (HWND hwndDlg, wchar_t* pathValue, size_t cchPathValue); +BOOL CopyTextToClipboard (const wchar_t* txtValue); + +#ifdef __cplusplus +} + +#include +#include + +struct HostDevice +{ + HostDevice () + : + Bootable (false), + ContainsSystem (false), + DynamicVolume (false), + Floppy (false), + IsPartition (false), + IsVirtualPartition (false), + HasUnencryptedFilesystem (false), + Removable (false), + Size (0), + SystemNumber((uint32) -1) + { + } + + ~HostDevice () { } + + bool Bootable; + bool ContainsSystem; + bool DynamicVolume; + bool Floppy; + bool IsPartition; + bool IsVirtualPartition; + bool HasUnencryptedFilesystem; + std::wstring MountPoint; + std::wstring Name; + std::wstring Path; + bool Removable; + uint64 Size; + uint32 SystemNumber; + + std::vector Partitions; +}; + +struct RawDevicesDlgParam +{ + std::vector devices; + wchar_t *pszFileName; +}; + +BOOL BrowseFilesInDir (HWND hwndDlg, char *stringId, wchar_t *initialDir, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter, const wchar_t *initialFileName = NULL, const wchar_t *defaultExtension = NULL); +std::wstring SingleStringToWide (const std::string &singleString); +std::wstring Utf8StringToWide (const std::string &utf8String); +std::string WideToUtf8String (const std::wstring &wideString); +std::vector GetAvailableHostDevices (bool noDeviceProperties = false, bool singleList = false, bool noFloppy = true, bool detectUnencryptedFilesystems = false); +std::wstring ToUpperCase (const std::wstring &str); +std::wstring GetWrongPasswordErrorMessage (HWND hwndDlg); +std::wstring GetWindowsEdition (); +std::wstring FitPathInGfxWidth (HWND hwnd, HFONT hFont, LONG width, const std::wstring &path); +std::wstring GetServiceConfigPath (const wchar_t *fileName, bool useLegacy); +std::wstring VolumeGuidPathToDevicePath (std::wstring volumeGuidPath); +std::wstring HarddiskVolumePathToPartitionPath (const std::wstring &harddiskVolumePath); +std::wstring FindLatestFileOrDirectory (const std::wstring &directory, const wchar_t *namePattern, bool findDirectory, bool findFile); +std::wstring GetUserFriendlyVersionString (int version); +std::wstring IntToWideString (int val); +std::wstring ArrayToHexWideString (const unsigned char* pbData, int cbData); +bool HexWideStringToArray (const wchar_t* hexStr, std::vector& arr); +std::wstring FindDeviceByVolumeID (const BYTE volumeID [VOLUME_ID_SIZE]); +void RegisterDriverInf (bool registerFilter, const std::string& filter, const std::string& filterReg, HWND ParentWindow, HKEY regKey); +std::wstring GetTempPathString (); +inline std::wstring AppendSrcPos (const wchar_t* msg, const char* srcPos) +{ + return std::wstring (msg? msg : L"") + L"\n\nSource: " + SingleStringToWide (srcPos); +} + +// Display a wait dialog while calling the provided callback with the given parameter +typedef void (CALLBACK* WaitThreadProc)(void* pArg, HWND hWaitDlg); +void BringToForeground(HWND hWnd); +void ShowWaitDialog(HWND hwnd, BOOL bUseHwndAsParent, WaitThreadProc callback, void* pArg); + +#endif // __cplusplus + +#endif // TC_HEADER_DLGCODE diff --git a/src/Common/EncryptionThreadPool.c b/src/Common/EncryptionThreadPool.c index ec0d1f26..9cc641cc 100644 --- a/src/Common/EncryptionThreadPool.c +++ b/src/Common/EncryptionThreadPool.c @@ -1,511 +1,511 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "EncryptionThreadPool.h" -#include "Pkcs5.h" -#ifdef DEVICE_DRIVER -#include "Driver/Ntdriver.h" -#endif - -#define TC_ENC_THREAD_POOL_MAX_THREAD_COUNT 64 -#define TC_ENC_THREAD_POOL_QUEUE_SIZE (TC_ENC_THREAD_POOL_MAX_THREAD_COUNT * 2) - -#ifdef DEVICE_DRIVER - -#define TC_THREAD_HANDLE PKTHREAD -#define TC_THREAD_PROC VOID - -#define TC_SET_EVENT(EVENT) KeSetEvent (&EVENT, IO_DISK_INCREMENT, FALSE) -#define TC_CLEAR_EVENT(EVENT) KeClearEvent (&EVENT) - -#define TC_MUTEX FAST_MUTEX -#define TC_ACQUIRE_MUTEX(MUTEX) ExAcquireFastMutex (MUTEX) -#define TC_RELEASE_MUTEX(MUTEX) ExReleaseFastMutex (MUTEX) - -#else // !DEVICE_DRIVER - -#define TC_THREAD_HANDLE HANDLE -#define TC_THREAD_PROC unsigned __stdcall - -#define TC_SET_EVENT(EVENT) SetEvent (EVENT) -#define TC_CLEAR_EVENT(EVENT) ResetEvent (EVENT) - -#define TC_MUTEX HANDLE -#define TC_ACQUIRE_MUTEX(MUTEX) WaitForSingleObject (*(MUTEX), INFINITE) -#define TC_RELEASE_MUTEX(MUTEX) ReleaseMutex (*(MUTEX)) - -#endif // !DEVICE_DRIVER - - -typedef enum -{ - WorkItemFree, - WorkItemReady, - WorkItemBusy -} WorkItemState; - - -typedef struct EncryptionThreadPoolWorkItemStruct -{ - WorkItemState State; - EncryptionThreadPoolWorkType Type; - - TC_EVENT ItemCompletedEvent; - - struct EncryptionThreadPoolWorkItemStruct *FirstFragment; - LONG OutstandingFragmentCount; - - union - { - struct - { - PCRYPTO_INFO CryptoInfo; - byte *Data; - UINT64_STRUCT StartUnitNo; - uint32 UnitCount; - - } Encryption; - - struct - { - TC_EVENT *CompletionEvent; - LONG *CompletionFlag; - char *DerivedKey; - int IterationCount; - TC_EVENT *NoOutstandingWorkItemEvent; - LONG *OutstandingWorkItemCount; - char *Password; - int PasswordLength; - int Pkcs5Prf; - char *Salt; - - } KeyDerivation; - }; - -} EncryptionThreadPoolWorkItem; - - -static volatile BOOL ThreadPoolRunning = FALSE; -static volatile BOOL StopPending = FALSE; - -static uint32 ThreadCount; -static TC_THREAD_HANDLE ThreadHandles[TC_ENC_THREAD_POOL_MAX_THREAD_COUNT]; - -static EncryptionThreadPoolWorkItem WorkItemQueue[TC_ENC_THREAD_POOL_QUEUE_SIZE]; - -static volatile int EnqueuePosition; -static volatile int DequeuePosition; - -static TC_MUTEX EnqueueMutex; -static TC_MUTEX DequeueMutex; - -static TC_EVENT WorkItemReadyEvent; -static TC_EVENT WorkItemCompletedEvent; - - -static WorkItemState GetWorkItemState (EncryptionThreadPoolWorkItem *workItem) -{ - return InterlockedExchangeAdd ((LONG *) &workItem->State, 0); -} - - -static void SetWorkItemState (EncryptionThreadPoolWorkItem *workItem, WorkItemState newState) -{ - InterlockedExchange ((LONG *) &workItem->State, (LONG) newState); -} - - -static TC_THREAD_PROC EncryptionThreadProc (void *threadArg) -{ - EncryptionThreadPoolWorkItem *workItem; - - while (!StopPending) - { - TC_ACQUIRE_MUTEX (&DequeueMutex); - - workItem = &WorkItemQueue[DequeuePosition++]; - - if (DequeuePosition >= TC_ENC_THREAD_POOL_QUEUE_SIZE) - DequeuePosition = 0; - - while (!StopPending && GetWorkItemState (workItem) != WorkItemReady) - { - TC_WAIT_EVENT (WorkItemReadyEvent); - } - - SetWorkItemState (workItem, WorkItemBusy); - - TC_RELEASE_MUTEX (&DequeueMutex); - - if (StopPending) - break; - - switch (workItem->Type) - { - case DecryptDataUnitsWork: - DecryptDataUnitsCurrentThread (workItem->Encryption.Data, &workItem->Encryption.StartUnitNo, workItem->Encryption.UnitCount, workItem->Encryption.CryptoInfo); - break; - - case EncryptDataUnitsWork: - EncryptDataUnitsCurrentThread (workItem->Encryption.Data, &workItem->Encryption.StartUnitNo, workItem->Encryption.UnitCount, workItem->Encryption.CryptoInfo); - break; - - case DeriveKeyWork: - switch (workItem->KeyDerivation.Pkcs5Prf) - { - case RIPEMD160: - derive_key_ripemd160 (workItem->KeyDerivation.Password, workItem->KeyDerivation.PasswordLength, workItem->KeyDerivation.Salt, PKCS5_SALT_SIZE, - workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize()); - break; - - case SHA512: - derive_key_sha512 (workItem->KeyDerivation.Password, workItem->KeyDerivation.PasswordLength, workItem->KeyDerivation.Salt, PKCS5_SALT_SIZE, - workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize()); - break; - - case WHIRLPOOL: - derive_key_whirlpool (workItem->KeyDerivation.Password, workItem->KeyDerivation.PasswordLength, workItem->KeyDerivation.Salt, PKCS5_SALT_SIZE, - workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize()); - break; - - case SHA256: - derive_key_sha256 (workItem->KeyDerivation.Password, workItem->KeyDerivation.PasswordLength, workItem->KeyDerivation.Salt, PKCS5_SALT_SIZE, - workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize()); - break; - - default: - TC_THROW_FATAL_EXCEPTION; - } - - InterlockedExchange (workItem->KeyDerivation.CompletionFlag, TRUE); - TC_SET_EVENT (*workItem->KeyDerivation.CompletionEvent); - - if (InterlockedDecrement (workItem->KeyDerivation.OutstandingWorkItemCount) == 0) - TC_SET_EVENT (*workItem->KeyDerivation.NoOutstandingWorkItemEvent); - - SetWorkItemState (workItem, WorkItemFree); - TC_SET_EVENT (WorkItemCompletedEvent); - continue; - - default: - TC_THROW_FATAL_EXCEPTION; - } - - if (workItem != workItem->FirstFragment) - { - SetWorkItemState (workItem, WorkItemFree); - TC_SET_EVENT (WorkItemCompletedEvent); - } - - if (InterlockedDecrement (&workItem->FirstFragment->OutstandingFragmentCount) == 0) - TC_SET_EVENT (workItem->FirstFragment->ItemCompletedEvent); - } - -#ifdef DEVICE_DRIVER - PsTerminateSystemThread (STATUS_SUCCESS); -#else - _endthreadex (0); - return 0; -#endif -} - - -BOOL EncryptionThreadPoolStart (size_t encryptionFreeCpuCount) -{ - size_t cpuCount, i; - - if (ThreadPoolRunning) - return TRUE; - -#ifdef DEVICE_DRIVER - cpuCount = GetCpuCount(); -#else - { - SYSTEM_INFO sysInfo; - GetSystemInfo (&sysInfo); - cpuCount = sysInfo.dwNumberOfProcessors; - } -#endif - - if (cpuCount > encryptionFreeCpuCount) - cpuCount -= encryptionFreeCpuCount; - - if (cpuCount < 2) - return TRUE; - - if (cpuCount > TC_ENC_THREAD_POOL_MAX_THREAD_COUNT) - cpuCount = TC_ENC_THREAD_POOL_MAX_THREAD_COUNT; - - StopPending = FALSE; - DequeuePosition = 0; - EnqueuePosition = 0; - -#ifdef DEVICE_DRIVER - KeInitializeEvent (&WorkItemReadyEvent, SynchronizationEvent, FALSE); - KeInitializeEvent (&WorkItemCompletedEvent, SynchronizationEvent, FALSE); -#else - WorkItemReadyEvent = CreateEvent (NULL, FALSE, FALSE, NULL); - if (!WorkItemReadyEvent) - return FALSE; - - WorkItemCompletedEvent = CreateEvent (NULL, FALSE, FALSE, NULL); - if (!WorkItemCompletedEvent) - return FALSE; -#endif - -#ifdef DEVICE_DRIVER - ExInitializeFastMutex (&DequeueMutex); - ExInitializeFastMutex (&EnqueueMutex); -#else - DequeueMutex = CreateMutex (NULL, FALSE, NULL); - if (!DequeueMutex) - return FALSE; - - EnqueueMutex = CreateMutex (NULL, FALSE, NULL); - if (!EnqueueMutex) - return FALSE; -#endif - - memset (WorkItemQueue, 0, sizeof (WorkItemQueue)); - - for (i = 0; i < sizeof (WorkItemQueue) / sizeof (WorkItemQueue[0]); ++i) - { - WorkItemQueue[i].State = WorkItemFree; - -#ifdef DEVICE_DRIVER - KeInitializeEvent (&WorkItemQueue[i].ItemCompletedEvent, SynchronizationEvent, FALSE); -#else - WorkItemQueue[i].ItemCompletedEvent = CreateEvent (NULL, FALSE, FALSE, NULL); - if (!WorkItemQueue[i].ItemCompletedEvent) - { - EncryptionThreadPoolStop(); - return FALSE; - } -#endif - } - - for (ThreadCount = 0; ThreadCount < cpuCount; ++ThreadCount) - { -#ifdef DEVICE_DRIVER - if (!NT_SUCCESS (TCStartThread (EncryptionThreadProc, NULL, &ThreadHandles[ThreadCount]))) -#else - if (!(ThreadHandles[ThreadCount] = (HANDLE) _beginthreadex (NULL, 0, EncryptionThreadProc, NULL, 0, NULL))) -#endif - { - EncryptionThreadPoolStop(); - return FALSE; - } - } - - ThreadPoolRunning = TRUE; - return TRUE; -} - - -void EncryptionThreadPoolStop () -{ - size_t i; - - if (!ThreadPoolRunning) - return; - - StopPending = TRUE; - TC_SET_EVENT (WorkItemReadyEvent); - - for (i = 0; i < ThreadCount; ++i) - { -#ifdef DEVICE_DRIVER - TCStopThread (ThreadHandles[i], &WorkItemReadyEvent); -#else - TC_WAIT_EVENT (ThreadHandles[i]); -#endif - } - - ThreadCount = 0; - -#ifndef DEVICE_DRIVER - CloseHandle (DequeueMutex); - CloseHandle (EnqueueMutex); - - CloseHandle (WorkItemReadyEvent); - CloseHandle (WorkItemCompletedEvent); - - for (i = 0; i < sizeof (WorkItemQueue) / sizeof (WorkItemQueue[0]); ++i) - { - if (WorkItemQueue[i].ItemCompletedEvent) - CloseHandle (WorkItemQueue[i].ItemCompletedEvent); - } -#endif - - ThreadPoolRunning = FALSE; -} - - -void EncryptionThreadPoolBeginKeyDerivation (TC_EVENT *completionEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG *completionFlag, LONG *outstandingWorkItemCount, int pkcs5Prf, char *password, int passwordLength, char *salt, int iterationCount, char *derivedKey) -{ - EncryptionThreadPoolWorkItem *workItem; - - if (!ThreadPoolRunning) - TC_THROW_FATAL_EXCEPTION; - - TC_ACQUIRE_MUTEX (&EnqueueMutex); - - workItem = &WorkItemQueue[EnqueuePosition++]; - if (EnqueuePosition >= TC_ENC_THREAD_POOL_QUEUE_SIZE) - EnqueuePosition = 0; - - while (GetWorkItemState (workItem) != WorkItemFree) - { - TC_WAIT_EVENT (WorkItemCompletedEvent); - } - - workItem->Type = DeriveKeyWork; - workItem->KeyDerivation.CompletionEvent = completionEvent; - workItem->KeyDerivation.CompletionFlag = completionFlag; - workItem->KeyDerivation.DerivedKey = derivedKey; - workItem->KeyDerivation.IterationCount = iterationCount; - workItem->KeyDerivation.NoOutstandingWorkItemEvent = noOutstandingWorkItemEvent; - workItem->KeyDerivation.OutstandingWorkItemCount = outstandingWorkItemCount; - workItem->KeyDerivation.Password = password; - workItem->KeyDerivation.PasswordLength = passwordLength; - workItem->KeyDerivation.Pkcs5Prf = pkcs5Prf; - workItem->KeyDerivation.Salt = salt; - - InterlockedIncrement (outstandingWorkItemCount); - TC_CLEAR_EVENT (*noOutstandingWorkItemEvent); - - SetWorkItemState (workItem, WorkItemReady); - TC_SET_EVENT (WorkItemReadyEvent); - TC_RELEASE_MUTEX (&EnqueueMutex); -} - - -void EncryptionThreadPoolDoWork (EncryptionThreadPoolWorkType type, byte *data, const UINT64_STRUCT *startUnitNo, uint32 unitCount, PCRYPTO_INFO cryptoInfo) -{ - uint32 fragmentCount; - uint32 unitsPerFragment; - uint32 remainder; - - byte *fragmentData; - uint64 fragmentStartUnitNo; - - EncryptionThreadPoolWorkItem *workItem; - EncryptionThreadPoolWorkItem *firstFragmentWorkItem; - - if (unitCount == 0) - return; - - if (!ThreadPoolRunning || unitCount == 1) - { - switch (type) - { - case DecryptDataUnitsWork: - DecryptDataUnitsCurrentThread (data, startUnitNo, unitCount, cryptoInfo); - break; - - case EncryptDataUnitsWork: - EncryptDataUnitsCurrentThread (data, startUnitNo, unitCount, cryptoInfo); - break; - - default: - TC_THROW_FATAL_EXCEPTION; - } - - return; - } - - if (unitCount <= ThreadCount) - { - fragmentCount = unitCount; - unitsPerFragment = 1; - remainder = 0; - } - else - { - /* Note that it is not efficient to divide the data into fragments smaller than a few hundred bytes. - The reason is that the overhead associated with thread handling would in most cases make a multi-threaded - process actually slower than a single-threaded process. */ - - fragmentCount = ThreadCount; - unitsPerFragment = unitCount / ThreadCount; - remainder = unitCount % ThreadCount; - - if (remainder > 0) - ++unitsPerFragment; - } - - fragmentData = data; - fragmentStartUnitNo = startUnitNo->Value; - - TC_ACQUIRE_MUTEX (&EnqueueMutex); - firstFragmentWorkItem = &WorkItemQueue[EnqueuePosition]; - - while (GetWorkItemState (firstFragmentWorkItem) != WorkItemFree) - { - TC_WAIT_EVENT (WorkItemCompletedEvent); - } - - firstFragmentWorkItem->OutstandingFragmentCount = fragmentCount; - - while (fragmentCount-- > 0) - { - workItem = &WorkItemQueue[EnqueuePosition++]; - if (EnqueuePosition >= TC_ENC_THREAD_POOL_QUEUE_SIZE) - EnqueuePosition = 0; - - while (GetWorkItemState (workItem) != WorkItemFree) - { - TC_WAIT_EVENT (WorkItemCompletedEvent); - } - - workItem->Type = type; - workItem->FirstFragment = firstFragmentWorkItem; - - workItem->Encryption.CryptoInfo = cryptoInfo; - workItem->Encryption.Data = fragmentData; - workItem->Encryption.UnitCount = unitsPerFragment; - workItem->Encryption.StartUnitNo.Value = fragmentStartUnitNo; - - fragmentData += unitsPerFragment * ENCRYPTION_DATA_UNIT_SIZE; - fragmentStartUnitNo += unitsPerFragment; - - if (remainder > 0 && --remainder == 0) - --unitsPerFragment; - - SetWorkItemState (workItem, WorkItemReady); - TC_SET_EVENT (WorkItemReadyEvent); - } - - TC_RELEASE_MUTEX (&EnqueueMutex); - - TC_WAIT_EVENT (firstFragmentWorkItem->ItemCompletedEvent); - SetWorkItemState (firstFragmentWorkItem, WorkItemFree); - TC_SET_EVENT (WorkItemCompletedEvent); -} - - -size_t GetEncryptionThreadCount () -{ - return ThreadPoolRunning ? ThreadCount : 0; -} - - -size_t GetMaxEncryptionThreadCount () -{ - return TC_ENC_THREAD_POOL_MAX_THREAD_COUNT; -} - - -BOOL IsEncryptionThreadPoolRunning () -{ - return ThreadPoolRunning; -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "EncryptionThreadPool.h" +#include "Pkcs5.h" +#ifdef DEVICE_DRIVER +#include "Driver/Ntdriver.h" +#endif + +#define TC_ENC_THREAD_POOL_MAX_THREAD_COUNT 64 +#define TC_ENC_THREAD_POOL_QUEUE_SIZE (TC_ENC_THREAD_POOL_MAX_THREAD_COUNT * 2) + +#ifdef DEVICE_DRIVER + +#define TC_THREAD_HANDLE PKTHREAD +#define TC_THREAD_PROC VOID + +#define TC_SET_EVENT(EVENT) KeSetEvent (&EVENT, IO_DISK_INCREMENT, FALSE) +#define TC_CLEAR_EVENT(EVENT) KeClearEvent (&EVENT) + +#define TC_MUTEX FAST_MUTEX +#define TC_ACQUIRE_MUTEX(MUTEX) ExAcquireFastMutex (MUTEX) +#define TC_RELEASE_MUTEX(MUTEX) ExReleaseFastMutex (MUTEX) + +#else // !DEVICE_DRIVER + +#define TC_THREAD_HANDLE HANDLE +#define TC_THREAD_PROC unsigned __stdcall + +#define TC_SET_EVENT(EVENT) SetEvent (EVENT) +#define TC_CLEAR_EVENT(EVENT) ResetEvent (EVENT) + +#define TC_MUTEX HANDLE +#define TC_ACQUIRE_MUTEX(MUTEX) WaitForSingleObject (*(MUTEX), INFINITE) +#define TC_RELEASE_MUTEX(MUTEX) ReleaseMutex (*(MUTEX)) + +#endif // !DEVICE_DRIVER + + +typedef enum +{ + WorkItemFree, + WorkItemReady, + WorkItemBusy +} WorkItemState; + + +typedef struct EncryptionThreadPoolWorkItemStruct +{ + WorkItemState State; + EncryptionThreadPoolWorkType Type; + + TC_EVENT ItemCompletedEvent; + + struct EncryptionThreadPoolWorkItemStruct *FirstFragment; + LONG OutstandingFragmentCount; + + union + { + struct + { + PCRYPTO_INFO CryptoInfo; + byte *Data; + UINT64_STRUCT StartUnitNo; + uint32 UnitCount; + + } Encryption; + + struct + { + TC_EVENT *CompletionEvent; + LONG *CompletionFlag; + char *DerivedKey; + int IterationCount; + TC_EVENT *NoOutstandingWorkItemEvent; + LONG *OutstandingWorkItemCount; + char *Password; + int PasswordLength; + int Pkcs5Prf; + char *Salt; + + } KeyDerivation; + }; + +} EncryptionThreadPoolWorkItem; + + +static volatile BOOL ThreadPoolRunning = FALSE; +static volatile BOOL StopPending = FALSE; + +static uint32 ThreadCount; +static TC_THREAD_HANDLE ThreadHandles[TC_ENC_THREAD_POOL_MAX_THREAD_COUNT]; + +static EncryptionThreadPoolWorkItem WorkItemQueue[TC_ENC_THREAD_POOL_QUEUE_SIZE]; + +static volatile int EnqueuePosition; +static volatile int DequeuePosition; + +static TC_MUTEX EnqueueMutex; +static TC_MUTEX DequeueMutex; + +static TC_EVENT WorkItemReadyEvent; +static TC_EVENT WorkItemCompletedEvent; + + +static WorkItemState GetWorkItemState (EncryptionThreadPoolWorkItem *workItem) +{ + return InterlockedExchangeAdd ((LONG *) &workItem->State, 0); +} + + +static void SetWorkItemState (EncryptionThreadPoolWorkItem *workItem, WorkItemState newState) +{ + InterlockedExchange ((LONG *) &workItem->State, (LONG) newState); +} + + +static TC_THREAD_PROC EncryptionThreadProc (void *threadArg) +{ + EncryptionThreadPoolWorkItem *workItem; + + while (!StopPending) + { + TC_ACQUIRE_MUTEX (&DequeueMutex); + + workItem = &WorkItemQueue[DequeuePosition++]; + + if (DequeuePosition >= TC_ENC_THREAD_POOL_QUEUE_SIZE) + DequeuePosition = 0; + + while (!StopPending && GetWorkItemState (workItem) != WorkItemReady) + { + TC_WAIT_EVENT (WorkItemReadyEvent); + } + + SetWorkItemState (workItem, WorkItemBusy); + + TC_RELEASE_MUTEX (&DequeueMutex); + + if (StopPending) + break; + + switch (workItem->Type) + { + case DecryptDataUnitsWork: + DecryptDataUnitsCurrentThread (workItem->Encryption.Data, &workItem->Encryption.StartUnitNo, workItem->Encryption.UnitCount, workItem->Encryption.CryptoInfo); + break; + + case EncryptDataUnitsWork: + EncryptDataUnitsCurrentThread (workItem->Encryption.Data, &workItem->Encryption.StartUnitNo, workItem->Encryption.UnitCount, workItem->Encryption.CryptoInfo); + break; + + case DeriveKeyWork: + switch (workItem->KeyDerivation.Pkcs5Prf) + { + case RIPEMD160: + derive_key_ripemd160 (workItem->KeyDerivation.Password, workItem->KeyDerivation.PasswordLength, workItem->KeyDerivation.Salt, PKCS5_SALT_SIZE, + workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize()); + break; + + case SHA512: + derive_key_sha512 (workItem->KeyDerivation.Password, workItem->KeyDerivation.PasswordLength, workItem->KeyDerivation.Salt, PKCS5_SALT_SIZE, + workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize()); + break; + + case WHIRLPOOL: + derive_key_whirlpool (workItem->KeyDerivation.Password, workItem->KeyDerivation.PasswordLength, workItem->KeyDerivation.Salt, PKCS5_SALT_SIZE, + workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize()); + break; + + case SHA256: + derive_key_sha256 (workItem->KeyDerivation.Password, workItem->KeyDerivation.PasswordLength, workItem->KeyDerivation.Salt, PKCS5_SALT_SIZE, + workItem->KeyDerivation.IterationCount, workItem->KeyDerivation.DerivedKey, GetMaxPkcs5OutSize()); + break; + + default: + TC_THROW_FATAL_EXCEPTION; + } + + InterlockedExchange (workItem->KeyDerivation.CompletionFlag, TRUE); + TC_SET_EVENT (*workItem->KeyDerivation.CompletionEvent); + + if (InterlockedDecrement (workItem->KeyDerivation.OutstandingWorkItemCount) == 0) + TC_SET_EVENT (*workItem->KeyDerivation.NoOutstandingWorkItemEvent); + + SetWorkItemState (workItem, WorkItemFree); + TC_SET_EVENT (WorkItemCompletedEvent); + continue; + + default: + TC_THROW_FATAL_EXCEPTION; + } + + if (workItem != workItem->FirstFragment) + { + SetWorkItemState (workItem, WorkItemFree); + TC_SET_EVENT (WorkItemCompletedEvent); + } + + if (InterlockedDecrement (&workItem->FirstFragment->OutstandingFragmentCount) == 0) + TC_SET_EVENT (workItem->FirstFragment->ItemCompletedEvent); + } + +#ifdef DEVICE_DRIVER + PsTerminateSystemThread (STATUS_SUCCESS); +#else + _endthreadex (0); + return 0; +#endif +} + + +BOOL EncryptionThreadPoolStart (size_t encryptionFreeCpuCount) +{ + size_t cpuCount, i; + + if (ThreadPoolRunning) + return TRUE; + +#ifdef DEVICE_DRIVER + cpuCount = GetCpuCount(); +#else + { + SYSTEM_INFO sysInfo; + GetSystemInfo (&sysInfo); + cpuCount = sysInfo.dwNumberOfProcessors; + } +#endif + + if (cpuCount > encryptionFreeCpuCount) + cpuCount -= encryptionFreeCpuCount; + + if (cpuCount < 2) + return TRUE; + + if (cpuCount > TC_ENC_THREAD_POOL_MAX_THREAD_COUNT) + cpuCount = TC_ENC_THREAD_POOL_MAX_THREAD_COUNT; + + StopPending = FALSE; + DequeuePosition = 0; + EnqueuePosition = 0; + +#ifdef DEVICE_DRIVER + KeInitializeEvent (&WorkItemReadyEvent, SynchronizationEvent, FALSE); + KeInitializeEvent (&WorkItemCompletedEvent, SynchronizationEvent, FALSE); +#else + WorkItemReadyEvent = CreateEvent (NULL, FALSE, FALSE, NULL); + if (!WorkItemReadyEvent) + return FALSE; + + WorkItemCompletedEvent = CreateEvent (NULL, FALSE, FALSE, NULL); + if (!WorkItemCompletedEvent) + return FALSE; +#endif + +#ifdef DEVICE_DRIVER + ExInitializeFastMutex (&DequeueMutex); + ExInitializeFastMutex (&EnqueueMutex); +#else + DequeueMutex = CreateMutex (NULL, FALSE, NULL); + if (!DequeueMutex) + return FALSE; + + EnqueueMutex = CreateMutex (NULL, FALSE, NULL); + if (!EnqueueMutex) + return FALSE; +#endif + + memset (WorkItemQueue, 0, sizeof (WorkItemQueue)); + + for (i = 0; i < sizeof (WorkItemQueue) / sizeof (WorkItemQueue[0]); ++i) + { + WorkItemQueue[i].State = WorkItemFree; + +#ifdef DEVICE_DRIVER + KeInitializeEvent (&WorkItemQueue[i].ItemCompletedEvent, SynchronizationEvent, FALSE); +#else + WorkItemQueue[i].ItemCompletedEvent = CreateEvent (NULL, FALSE, FALSE, NULL); + if (!WorkItemQueue[i].ItemCompletedEvent) + { + EncryptionThreadPoolStop(); + return FALSE; + } +#endif + } + + for (ThreadCount = 0; ThreadCount < cpuCount; ++ThreadCount) + { +#ifdef DEVICE_DRIVER + if (!NT_SUCCESS (TCStartThread (EncryptionThreadProc, NULL, &ThreadHandles[ThreadCount]))) +#else + if (!(ThreadHandles[ThreadCount] = (HANDLE) _beginthreadex (NULL, 0, EncryptionThreadProc, NULL, 0, NULL))) +#endif + { + EncryptionThreadPoolStop(); + return FALSE; + } + } + + ThreadPoolRunning = TRUE; + return TRUE; +} + + +void EncryptionThreadPoolStop () +{ + size_t i; + + if (!ThreadPoolRunning) + return; + + StopPending = TRUE; + TC_SET_EVENT (WorkItemReadyEvent); + + for (i = 0; i < ThreadCount; ++i) + { +#ifdef DEVICE_DRIVER + TCStopThread (ThreadHandles[i], &WorkItemReadyEvent); +#else + TC_WAIT_EVENT (ThreadHandles[i]); +#endif + } + + ThreadCount = 0; + +#ifndef DEVICE_DRIVER + CloseHandle (DequeueMutex); + CloseHandle (EnqueueMutex); + + CloseHandle (WorkItemReadyEvent); + CloseHandle (WorkItemCompletedEvent); + + for (i = 0; i < sizeof (WorkItemQueue) / sizeof (WorkItemQueue[0]); ++i) + { + if (WorkItemQueue[i].ItemCompletedEvent) + CloseHandle (WorkItemQueue[i].ItemCompletedEvent); + } +#endif + + ThreadPoolRunning = FALSE; +} + + +void EncryptionThreadPoolBeginKeyDerivation (TC_EVENT *completionEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG *completionFlag, LONG *outstandingWorkItemCount, int pkcs5Prf, char *password, int passwordLength, char *salt, int iterationCount, char *derivedKey) +{ + EncryptionThreadPoolWorkItem *workItem; + + if (!ThreadPoolRunning) + TC_THROW_FATAL_EXCEPTION; + + TC_ACQUIRE_MUTEX (&EnqueueMutex); + + workItem = &WorkItemQueue[EnqueuePosition++]; + if (EnqueuePosition >= TC_ENC_THREAD_POOL_QUEUE_SIZE) + EnqueuePosition = 0; + + while (GetWorkItemState (workItem) != WorkItemFree) + { + TC_WAIT_EVENT (WorkItemCompletedEvent); + } + + workItem->Type = DeriveKeyWork; + workItem->KeyDerivation.CompletionEvent = completionEvent; + workItem->KeyDerivation.CompletionFlag = completionFlag; + workItem->KeyDerivation.DerivedKey = derivedKey; + workItem->KeyDerivation.IterationCount = iterationCount; + workItem->KeyDerivation.NoOutstandingWorkItemEvent = noOutstandingWorkItemEvent; + workItem->KeyDerivation.OutstandingWorkItemCount = outstandingWorkItemCount; + workItem->KeyDerivation.Password = password; + workItem->KeyDerivation.PasswordLength = passwordLength; + workItem->KeyDerivation.Pkcs5Prf = pkcs5Prf; + workItem->KeyDerivation.Salt = salt; + + InterlockedIncrement (outstandingWorkItemCount); + TC_CLEAR_EVENT (*noOutstandingWorkItemEvent); + + SetWorkItemState (workItem, WorkItemReady); + TC_SET_EVENT (WorkItemReadyEvent); + TC_RELEASE_MUTEX (&EnqueueMutex); +} + + +void EncryptionThreadPoolDoWork (EncryptionThreadPoolWorkType type, byte *data, const UINT64_STRUCT *startUnitNo, uint32 unitCount, PCRYPTO_INFO cryptoInfo) +{ + uint32 fragmentCount; + uint32 unitsPerFragment; + uint32 remainder; + + byte *fragmentData; + uint64 fragmentStartUnitNo; + + EncryptionThreadPoolWorkItem *workItem; + EncryptionThreadPoolWorkItem *firstFragmentWorkItem; + + if (unitCount == 0) + return; + + if (!ThreadPoolRunning || unitCount == 1) + { + switch (type) + { + case DecryptDataUnitsWork: + DecryptDataUnitsCurrentThread (data, startUnitNo, unitCount, cryptoInfo); + break; + + case EncryptDataUnitsWork: + EncryptDataUnitsCurrentThread (data, startUnitNo, unitCount, cryptoInfo); + break; + + default: + TC_THROW_FATAL_EXCEPTION; + } + + return; + } + + if (unitCount <= ThreadCount) + { + fragmentCount = unitCount; + unitsPerFragment = 1; + remainder = 0; + } + else + { + /* Note that it is not efficient to divide the data into fragments smaller than a few hundred bytes. + The reason is that the overhead associated with thread handling would in most cases make a multi-threaded + process actually slower than a single-threaded process. */ + + fragmentCount = ThreadCount; + unitsPerFragment = unitCount / ThreadCount; + remainder = unitCount % ThreadCount; + + if (remainder > 0) + ++unitsPerFragment; + } + + fragmentData = data; + fragmentStartUnitNo = startUnitNo->Value; + + TC_ACQUIRE_MUTEX (&EnqueueMutex); + firstFragmentWorkItem = &WorkItemQueue[EnqueuePosition]; + + while (GetWorkItemState (firstFragmentWorkItem) != WorkItemFree) + { + TC_WAIT_EVENT (WorkItemCompletedEvent); + } + + firstFragmentWorkItem->OutstandingFragmentCount = fragmentCount; + + while (fragmentCount-- > 0) + { + workItem = &WorkItemQueue[EnqueuePosition++]; + if (EnqueuePosition >= TC_ENC_THREAD_POOL_QUEUE_SIZE) + EnqueuePosition = 0; + + while (GetWorkItemState (workItem) != WorkItemFree) + { + TC_WAIT_EVENT (WorkItemCompletedEvent); + } + + workItem->Type = type; + workItem->FirstFragment = firstFragmentWorkItem; + + workItem->Encryption.CryptoInfo = cryptoInfo; + workItem->Encryption.Data = fragmentData; + workItem->Encryption.UnitCount = unitsPerFragment; + workItem->Encryption.StartUnitNo.Value = fragmentStartUnitNo; + + fragmentData += unitsPerFragment * ENCRYPTION_DATA_UNIT_SIZE; + fragmentStartUnitNo += unitsPerFragment; + + if (remainder > 0 && --remainder == 0) + --unitsPerFragment; + + SetWorkItemState (workItem, WorkItemReady); + TC_SET_EVENT (WorkItemReadyEvent); + } + + TC_RELEASE_MUTEX (&EnqueueMutex); + + TC_WAIT_EVENT (firstFragmentWorkItem->ItemCompletedEvent); + SetWorkItemState (firstFragmentWorkItem, WorkItemFree); + TC_SET_EVENT (WorkItemCompletedEvent); +} + + +size_t GetEncryptionThreadCount () +{ + return ThreadPoolRunning ? ThreadCount : 0; +} + + +size_t GetMaxEncryptionThreadCount () +{ + return TC_ENC_THREAD_POOL_MAX_THREAD_COUNT; +} + + +BOOL IsEncryptionThreadPoolRunning () +{ + return ThreadPoolRunning; +} diff --git a/src/Common/EncryptionThreadPool.h b/src/Common/EncryptionThreadPool.h index f34f7493..5ca131f5 100644 --- a/src/Common/EncryptionThreadPool.h +++ b/src/Common/EncryptionThreadPool.h @@ -1,42 +1,42 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_ENCRYPTION_THREAD_POOL -#define TC_HEADER_ENCRYPTION_THREAD_POOL - -#include "Tcdefs.h" -#include "Crypto.h" - -#ifdef __cplusplus -extern "C" { -#endif - -typedef enum -{ - EncryptDataUnitsWork, - DecryptDataUnitsWork, - DeriveKeyWork -} EncryptionThreadPoolWorkType; - -void EncryptionThreadPoolBeginKeyDerivation (TC_EVENT *completionEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG *completionFlag, LONG *outstandingWorkItemCount, int pkcs5Prf, char *password, int passwordLength, char *salt, int iterationCount, char *derivedKey); -void EncryptionThreadPoolDoWork (EncryptionThreadPoolWorkType type, byte *data, const UINT64_STRUCT *startUnitNo, uint32 unitCount, PCRYPTO_INFO cryptoInfo); -BOOL EncryptionThreadPoolStart (size_t encryptionFreeCpuCount); -void EncryptionThreadPoolStop (); -size_t GetEncryptionThreadCount (); -size_t GetMaxEncryptionThreadCount (); -BOOL IsEncryptionThreadPoolRunning (); - -#ifdef __cplusplus -} -#endif - -#endif // TC_HEADER_ENCRYPTION_THREAD_POOL +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_ENCRYPTION_THREAD_POOL +#define TC_HEADER_ENCRYPTION_THREAD_POOL + +#include "Tcdefs.h" +#include "Crypto.h" + +#ifdef __cplusplus +extern "C" { +#endif + +typedef enum +{ + EncryptDataUnitsWork, + DecryptDataUnitsWork, + DeriveKeyWork +} EncryptionThreadPoolWorkType; + +void EncryptionThreadPoolBeginKeyDerivation (TC_EVENT *completionEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG *completionFlag, LONG *outstandingWorkItemCount, int pkcs5Prf, char *password, int passwordLength, char *salt, int iterationCount, char *derivedKey); +void EncryptionThreadPoolDoWork (EncryptionThreadPoolWorkType type, byte *data, const UINT64_STRUCT *startUnitNo, uint32 unitCount, PCRYPTO_INFO cryptoInfo); +BOOL EncryptionThreadPoolStart (size_t encryptionFreeCpuCount); +void EncryptionThreadPoolStop (); +size_t GetEncryptionThreadCount (); +size_t GetMaxEncryptionThreadCount (); +BOOL IsEncryptionThreadPoolRunning (); + +#ifdef __cplusplus +} +#endif + +#endif // TC_HEADER_ENCRYPTION_THREAD_POOL diff --git a/src/Common/Endian.c b/src/Common/Endian.c index 9cf16cce..44d96e40 100644 --- a/src/Common/Endian.c +++ b/src/Common/Endian.c @@ -1,59 +1,59 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" -#include "Common/Endian.h" - - -unsigned __int16 MirrorBytes16 (unsigned __int16 x) -{ - return (x << 8) | (x >> 8); -} - - -unsigned __int32 MirrorBytes32 (unsigned __int32 x) -{ - unsigned __int32 n = (unsigned __int8) x; - n <<= 8; n |= (unsigned __int8) (x >> 8); - n <<= 8; n |= (unsigned __int8) (x >> 16); - return (n << 8) | (unsigned __int8) (x >> 24); -} - -#ifndef TC_NO_COMPILER_INT64 -uint64 MirrorBytes64 (uint64 x) -{ - uint64 n = (unsigned __int8) x; - n <<= 8; n |= (unsigned __int8) (x >> 8); - n <<= 8; n |= (unsigned __int8) (x >> 16); - n <<= 8; n |= (unsigned __int8) (x >> 24); - n <<= 8; n |= (unsigned __int8) (x >> 32); - n <<= 8; n |= (unsigned __int8) (x >> 40); - n <<= 8; n |= (unsigned __int8) (x >> 48); - return (n << 8) | (unsigned __int8) (x >> 56); -} -#endif - -void -LongReverse (unsigned __int32 *buffer, unsigned byteCount) -{ - unsigned __int32 value; - - byteCount /= sizeof (unsigned __int32); - while (byteCount--) - { - value = *buffer; - value = ((value & 0xFF00FF00L) >> 8) | \ - ((value & 0x00FF00FFL) << 8); - *buffer++ = (value << 16) | (value >> 16); - } -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" +#include "Common/Endian.h" + + +unsigned __int16 MirrorBytes16 (unsigned __int16 x) +{ + return (x << 8) | (x >> 8); +} + + +unsigned __int32 MirrorBytes32 (unsigned __int32 x) +{ + unsigned __int32 n = (unsigned __int8) x; + n <<= 8; n |= (unsigned __int8) (x >> 8); + n <<= 8; n |= (unsigned __int8) (x >> 16); + return (n << 8) | (unsigned __int8) (x >> 24); +} + +#ifndef TC_NO_COMPILER_INT64 +uint64 MirrorBytes64 (uint64 x) +{ + uint64 n = (unsigned __int8) x; + n <<= 8; n |= (unsigned __int8) (x >> 8); + n <<= 8; n |= (unsigned __int8) (x >> 16); + n <<= 8; n |= (unsigned __int8) (x >> 24); + n <<= 8; n |= (unsigned __int8) (x >> 32); + n <<= 8; n |= (unsigned __int8) (x >> 40); + n <<= 8; n |= (unsigned __int8) (x >> 48); + return (n << 8) | (unsigned __int8) (x >> 56); +} +#endif + +void +LongReverse (unsigned __int32 *buffer, unsigned byteCount) +{ + unsigned __int32 value; + + byteCount /= sizeof (unsigned __int32); + while (byteCount--) + { + value = *buffer; + value = ((value & 0xFF00FF00L) >> 8) | \ + ((value & 0x00FF00FFL) << 8); + *buffer++ = (value << 16) | (value >> 16); + } +} diff --git a/src/Common/Endian.h b/src/Common/Endian.h index 0f35304e..7d97e5fb 100644 --- a/src/Common/Endian.h +++ b/src/Common/Endian.h @@ -1,149 +1,149 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifndef TC_ENDIAN_H -#define TC_ENDIAN_H - -#include "Common/Tcdefs.h" - -#if defined(__cplusplus) -extern "C" -{ -#endif - -#ifdef _WIN32 - -# ifndef LITTLE_ENDIAN -# define LITTLE_ENDIAN 1234 -# endif -# ifndef BYTE_ORDER -# define BYTE_ORDER LITTLE_ENDIAN -# endif - -#elif !defined(BYTE_ORDER) - -# ifdef TC_MACOSX -# include -# elif defined (TC_BSD) -# include -# elif defined (TC_SOLARIS) -# include -# define LITTLE_ENDIAN 1234 -# define BIG_ENDIAN 4321 -# ifdef _BIG_ENDIAN -# define BYTE_ORDER BIG_ENDIAN -# else -# define BYTE_ORDER LITTLE_ENDIAN -# endif -# else -# include -# endif - -# ifndef BYTE_ORDER -# ifndef __BYTE_ORDER -# error Byte order cannot be determined (BYTE_ORDER undefined) -# endif - -# define BYTE_ORDER __BYTE_ORDER -# endif - -# ifndef LITTLE_ENDIAN -# define LITTLE_ENDIAN __LITTLE_ENDIAN -# endif - -# ifndef BIG_ENDIAN -# define BIG_ENDIAN __BIG_ENDIAN -# endif - -#endif // !BYTE_ORDER - -/* Macros to read and write 16, 32, and 64-bit quantities in a portable manner. - These functions are implemented as macros rather than true functions as - the need to adjust the memory pointers makes them somewhat painful to call - in user code */ - -#define mputInt64(memPtr,data) \ - *memPtr++ = ( unsigned char ) ( ( ( data ) >> 56 ) & 0xFF ), \ - *memPtr++ = ( unsigned char ) ( ( ( data ) >> 48 ) & 0xFF ), \ - *memPtr++ = ( unsigned char ) ( ( ( data ) >> 40 ) & 0xFF ), \ - *memPtr++ = ( unsigned char ) ( ( ( data ) >> 32 ) & 0xFF ), \ - *memPtr++ = ( unsigned char ) ( ( ( data ) >> 24 ) & 0xFF ), \ - *memPtr++ = ( unsigned char ) ( ( ( data ) >> 16 ) & 0xFF ), \ - *memPtr++ = ( unsigned char ) ( ( ( data ) >> 8 ) & 0xFF ), \ - *memPtr++ = ( unsigned char ) ( ( data ) & 0xFF ) - -#define mputLong(memPtr,data) \ - *memPtr++ = ( unsigned char ) ( ( ( data ) >> 24 ) & 0xFF ), \ - *memPtr++ = ( unsigned char ) ( ( ( data ) >> 16 ) & 0xFF ), \ - *memPtr++ = ( unsigned char ) ( ( ( data ) >> 8 ) & 0xFF ), \ - *memPtr++ = ( unsigned char ) ( ( data ) & 0xFF ) - -#define mputWord(memPtr,data) \ - *memPtr++ = ( unsigned char ) ( ( ( data ) >> 8 ) & 0xFF ), \ - *memPtr++ = ( unsigned char ) ( ( data ) & 0xFF ) - -#define mputByte(memPtr,data) \ - *memPtr++ = ( unsigned char ) data - -#define mputBytes(memPtr,data,len) \ - memcpy (memPtr,data,len); \ - memPtr += len; - -#define mgetInt64(memPtr) \ - ( memPtr += 8, ( ( unsigned __int64 ) memPtr[ -8 ] << 56 ) | ( ( unsigned __int64 ) memPtr[ -7 ] << 48 ) | \ - ( ( unsigned __int64 ) memPtr[ -6 ] << 40 ) | ( ( unsigned __int64 ) memPtr[ -5 ] << 32 ) | \ - ( ( unsigned __int64 ) memPtr[ -4 ] << 24 ) | ( ( unsigned __int64 ) memPtr[ -3 ] << 16 ) | \ - ( ( unsigned __int64 ) memPtr[ -2 ] << 8 ) | ( unsigned __int64 ) memPtr[ -1 ] ) - -#define mgetLong(memPtr) \ - ( memPtr += 4, ( ( unsigned __int32 ) memPtr[ -4 ] << 24 ) | ( ( unsigned __int32 ) memPtr[ -3 ] << 16 ) | \ - ( ( unsigned __int32 ) memPtr[ -2 ] << 8 ) | ( unsigned __int32 ) memPtr[ -1 ] ) - -#define mgetWord(memPtr) \ - ( memPtr += 2, ((( unsigned short ) memPtr[ -2 ] << 8 ) | ( ( unsigned short ) memPtr[ -1 ] )) ) - -#define mgetByte(memPtr) \ - ( ( unsigned char ) *memPtr++ ) - -#if BYTE_ORDER == BIG_ENDIAN -# define LE16(x) MirrorBytes16(x) -# define LE32(x) MirrorBytes32(x) -# define LE64(x) MirrorBytes64(x) -#else -# define LE16(x) (x) -# define LE32(x) (x) -# define LE64(x) (x) -#endif - -#if BYTE_ORDER == LITTLE_ENDIAN -# define BE16(x) MirrorBytes16(x) -# define BE32(x) MirrorBytes32(x) -# define BE64(x) MirrorBytes64(x) -#else -# define BE16(x) (x) -# define BE32(x) (x) -# define BE64(x) (x) -#endif - -unsigned __int16 MirrorBytes16 (unsigned __int16 x); -unsigned __int32 MirrorBytes32 (unsigned __int32 x); -#ifndef TC_NO_COMPILER_INT64 -uint64 MirrorBytes64 (uint64 x); -#endif -void LongReverse ( unsigned __int32 *buffer , unsigned byteCount ); - -#if defined(__cplusplus) -} -#endif - -#endif /* TC_ENDIAN_H */ +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifndef TC_ENDIAN_H +#define TC_ENDIAN_H + +#include "Common/Tcdefs.h" + +#if defined(__cplusplus) +extern "C" +{ +#endif + +#ifdef _WIN32 + +# ifndef LITTLE_ENDIAN +# define LITTLE_ENDIAN 1234 +# endif +# ifndef BYTE_ORDER +# define BYTE_ORDER LITTLE_ENDIAN +# endif + +#elif !defined(BYTE_ORDER) + +# ifdef TC_MACOSX +# include +# elif defined (TC_BSD) +# include +# elif defined (TC_SOLARIS) +# include +# define LITTLE_ENDIAN 1234 +# define BIG_ENDIAN 4321 +# ifdef _BIG_ENDIAN +# define BYTE_ORDER BIG_ENDIAN +# else +# define BYTE_ORDER LITTLE_ENDIAN +# endif +# else +# include +# endif + +# ifndef BYTE_ORDER +# ifndef __BYTE_ORDER +# error Byte order cannot be determined (BYTE_ORDER undefined) +# endif + +# define BYTE_ORDER __BYTE_ORDER +# endif + +# ifndef LITTLE_ENDIAN +# define LITTLE_ENDIAN __LITTLE_ENDIAN +# endif + +# ifndef BIG_ENDIAN +# define BIG_ENDIAN __BIG_ENDIAN +# endif + +#endif // !BYTE_ORDER + +/* Macros to read and write 16, 32, and 64-bit quantities in a portable manner. + These functions are implemented as macros rather than true functions as + the need to adjust the memory pointers makes them somewhat painful to call + in user code */ + +#define mputInt64(memPtr,data) \ + *memPtr++ = ( unsigned char ) ( ( ( data ) >> 56 ) & 0xFF ), \ + *memPtr++ = ( unsigned char ) ( ( ( data ) >> 48 ) & 0xFF ), \ + *memPtr++ = ( unsigned char ) ( ( ( data ) >> 40 ) & 0xFF ), \ + *memPtr++ = ( unsigned char ) ( ( ( data ) >> 32 ) & 0xFF ), \ + *memPtr++ = ( unsigned char ) ( ( ( data ) >> 24 ) & 0xFF ), \ + *memPtr++ = ( unsigned char ) ( ( ( data ) >> 16 ) & 0xFF ), \ + *memPtr++ = ( unsigned char ) ( ( ( data ) >> 8 ) & 0xFF ), \ + *memPtr++ = ( unsigned char ) ( ( data ) & 0xFF ) + +#define mputLong(memPtr,data) \ + *memPtr++ = ( unsigned char ) ( ( ( data ) >> 24 ) & 0xFF ), \ + *memPtr++ = ( unsigned char ) ( ( ( data ) >> 16 ) & 0xFF ), \ + *memPtr++ = ( unsigned char ) ( ( ( data ) >> 8 ) & 0xFF ), \ + *memPtr++ = ( unsigned char ) ( ( data ) & 0xFF ) + +#define mputWord(memPtr,data) \ + *memPtr++ = ( unsigned char ) ( ( ( data ) >> 8 ) & 0xFF ), \ + *memPtr++ = ( unsigned char ) ( ( data ) & 0xFF ) + +#define mputByte(memPtr,data) \ + *memPtr++ = ( unsigned char ) data + +#define mputBytes(memPtr,data,len) \ + memcpy (memPtr,data,len); \ + memPtr += len; + +#define mgetInt64(memPtr) \ + ( memPtr += 8, ( ( unsigned __int64 ) memPtr[ -8 ] << 56 ) | ( ( unsigned __int64 ) memPtr[ -7 ] << 48 ) | \ + ( ( unsigned __int64 ) memPtr[ -6 ] << 40 ) | ( ( unsigned __int64 ) memPtr[ -5 ] << 32 ) | \ + ( ( unsigned __int64 ) memPtr[ -4 ] << 24 ) | ( ( unsigned __int64 ) memPtr[ -3 ] << 16 ) | \ + ( ( unsigned __int64 ) memPtr[ -2 ] << 8 ) | ( unsigned __int64 ) memPtr[ -1 ] ) + +#define mgetLong(memPtr) \ + ( memPtr += 4, ( ( unsigned __int32 ) memPtr[ -4 ] << 24 ) | ( ( unsigned __int32 ) memPtr[ -3 ] << 16 ) | \ + ( ( unsigned __int32 ) memPtr[ -2 ] << 8 ) | ( unsigned __int32 ) memPtr[ -1 ] ) + +#define mgetWord(memPtr) \ + ( memPtr += 2, ((( unsigned short ) memPtr[ -2 ] << 8 ) | ( ( unsigned short ) memPtr[ -1 ] )) ) + +#define mgetByte(memPtr) \ + ( ( unsigned char ) *memPtr++ ) + +#if BYTE_ORDER == BIG_ENDIAN +# define LE16(x) MirrorBytes16(x) +# define LE32(x) MirrorBytes32(x) +# define LE64(x) MirrorBytes64(x) +#else +# define LE16(x) (x) +# define LE32(x) (x) +# define LE64(x) (x) +#endif + +#if BYTE_ORDER == LITTLE_ENDIAN +# define BE16(x) MirrorBytes16(x) +# define BE32(x) MirrorBytes32(x) +# define BE64(x) MirrorBytes64(x) +#else +# define BE16(x) (x) +# define BE32(x) (x) +# define BE64(x) (x) +#endif + +unsigned __int16 MirrorBytes16 (unsigned __int16 x); +unsigned __int32 MirrorBytes32 (unsigned __int32 x); +#ifndef TC_NO_COMPILER_INT64 +uint64 MirrorBytes64 (uint64 x); +#endif +void LongReverse ( unsigned __int32 *buffer , unsigned byteCount ); + +#if defined(__cplusplus) +} +#endif + +#endif /* TC_ENDIAN_H */ diff --git a/src/Common/Exception.h b/src/Common/Exception.h index f3635a1d..c4cd1b10 100644 --- a/src/Common/Exception.h +++ b/src/Common/Exception.h @@ -1,123 +1,123 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Common_Exception -#define TC_HEADER_Common_Exception - -#include "Platform/PlatformBase.h" -#include "Dlgcode.h" -#include "Language.h" -#include - -namespace VeraCrypt -{ - struct Exception - { - virtual void Show (HWND parent) const = 0; - }; - - struct SystemException : public Exception - { - SystemException (const char *srcPos) : ErrorCode (GetLastError()), SrcPos (srcPos) { } - - void Show (HWND parent) const - { - SetLastError (ErrorCode); - handleWin32Error (parent, SrcPos); - } - - DWORD ErrorCode; - const char *SrcPos; - }; - - struct ErrorException : public Exception - { - ErrorException (char *langId, const char *srcPos) : SrcPos (srcPos), ErrLangId (langId) { } - ErrorException (const wstring &errMsg, const char *srcPos) : SrcPos (srcPos), ErrLangId(NULL), ErrMsg (errMsg) { } - - void Show (HWND parent) const - { - if (ErrMsg.empty()) - ::ErrorDirect (AppendSrcPos (GetString (ErrLangId? ErrLangId : ""), SrcPos).c_str (), parent); - else - ::ErrorDirect (AppendSrcPos (ErrMsg.c_str(), SrcPos).c_str (), parent); - } - - const char *SrcPos; - char *ErrLangId; - wstring ErrMsg; - }; - - struct ParameterIncorrect : public Exception - { - ParameterIncorrect (const char *srcPos) : SrcPos (srcPos) { } - - void Show (HWND parent) const - { - string msgBody = "Parameter incorrect.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n" + string (SrcPos) + ")"; - MessageBoxA (parent, msgBody.c_str(), "VeraCrypt", MB_ICONERROR | MB_SETFOREGROUND); - } - - const char *SrcPos; - }; - - struct RandInitFailed : public Exception - { - RandInitFailed (const char *srcPos, DWORD dwLastError) : SrcPos (srcPos), LastError (dwLastError) { } - - void Show (HWND parent) const - { - char szErrCode[16]; - StringCchPrintfA (szErrCode, ARRAYSIZE(szErrCode), "0x%.8X", LastError); - string msgBody = "The Random Generator initialization failed.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n" + string (SrcPos) + "\nLast Error = " + string (szErrCode) + ")"; - MessageBoxA (parent, msgBody.c_str(), "VeraCrypt", MB_ICONERROR | MB_SETFOREGROUND); - } - - const char *SrcPos; - DWORD LastError; - }; - - struct CryptoApiFailed : public Exception - { - CryptoApiFailed (const char *srcPos, DWORD dwLastError) : SrcPos (srcPos), LastError (dwLastError) { } - - void Show (HWND parent) const - { - char szErrCode[16]; - StringCchPrintfA (szErrCode, ARRAYSIZE(szErrCode), "0x%.8X", LastError); - string msgBody = "Windows Crypto API failed.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n" + string (SrcPos) + "\nLast Error = " + string (szErrCode) + ")"; - MessageBoxA (parent, msgBody.c_str(), "VeraCrypt", MB_ICONERROR | MB_SETFOREGROUND); - } - - const char *SrcPos; - DWORD LastError; - }; - - struct TimeOut : public Exception - { - TimeOut (const char *srcPos) : SrcPos (srcPos) { } - void Show (HWND parent) const { ErrorDirect (AppendSrcPos (L"Timeout", SrcPos).c_str (), parent); } - - const char *SrcPos; - }; - - struct UserAbort : public Exception - { - UserAbort (const char *srcPos) { } - void Show (HWND parent) const { } - }; -} - -#define throw_sys_if(condition) do { if (condition) throw SystemException( SRC_POS ); } while (false) - - -#endif // TC_HEADER_Common_Exception +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Common_Exception +#define TC_HEADER_Common_Exception + +#include "Platform/PlatformBase.h" +#include "Dlgcode.h" +#include "Language.h" +#include + +namespace VeraCrypt +{ + struct Exception + { + virtual void Show (HWND parent) const = 0; + }; + + struct SystemException : public Exception + { + SystemException (const char *srcPos) : ErrorCode (GetLastError()), SrcPos (srcPos) { } + + void Show (HWND parent) const + { + SetLastError (ErrorCode); + handleWin32Error (parent, SrcPos); + } + + DWORD ErrorCode; + const char *SrcPos; + }; + + struct ErrorException : public Exception + { + ErrorException (char *langId, const char *srcPos) : SrcPos (srcPos), ErrLangId (langId) { } + ErrorException (const wstring &errMsg, const char *srcPos) : SrcPos (srcPos), ErrLangId(NULL), ErrMsg (errMsg) { } + + void Show (HWND parent) const + { + if (ErrMsg.empty()) + ::ErrorDirect (AppendSrcPos (GetString (ErrLangId? ErrLangId : ""), SrcPos).c_str (), parent); + else + ::ErrorDirect (AppendSrcPos (ErrMsg.c_str(), SrcPos).c_str (), parent); + } + + const char *SrcPos; + char *ErrLangId; + wstring ErrMsg; + }; + + struct ParameterIncorrect : public Exception + { + ParameterIncorrect (const char *srcPos) : SrcPos (srcPos) { } + + void Show (HWND parent) const + { + string msgBody = "Parameter incorrect.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n" + string (SrcPos) + ")"; + MessageBoxA (parent, msgBody.c_str(), "VeraCrypt", MB_ICONERROR | MB_SETFOREGROUND); + } + + const char *SrcPos; + }; + + struct RandInitFailed : public Exception + { + RandInitFailed (const char *srcPos, DWORD dwLastError) : SrcPos (srcPos), LastError (dwLastError) { } + + void Show (HWND parent) const + { + char szErrCode[16]; + StringCchPrintfA (szErrCode, ARRAYSIZE(szErrCode), "0x%.8X", LastError); + string msgBody = "The Random Generator initialization failed.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n" + string (SrcPos) + "\nLast Error = " + string (szErrCode) + ")"; + MessageBoxA (parent, msgBody.c_str(), "VeraCrypt", MB_ICONERROR | MB_SETFOREGROUND); + } + + const char *SrcPos; + DWORD LastError; + }; + + struct CryptoApiFailed : public Exception + { + CryptoApiFailed (const char *srcPos, DWORD dwLastError) : SrcPos (srcPos), LastError (dwLastError) { } + + void Show (HWND parent) const + { + char szErrCode[16]; + StringCchPrintfA (szErrCode, ARRAYSIZE(szErrCode), "0x%.8X", LastError); + string msgBody = "Windows Crypto API failed.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n" + string (SrcPos) + "\nLast Error = " + string (szErrCode) + ")"; + MessageBoxA (parent, msgBody.c_str(), "VeraCrypt", MB_ICONERROR | MB_SETFOREGROUND); + } + + const char *SrcPos; + DWORD LastError; + }; + + struct TimeOut : public Exception + { + TimeOut (const char *srcPos) : SrcPos (srcPos) { } + void Show (HWND parent) const { ErrorDirect (AppendSrcPos (L"Timeout", SrcPos).c_str (), parent); } + + const char *SrcPos; + }; + + struct UserAbort : public Exception + { + UserAbort (const char *srcPos) { } + void Show (HWND parent) const { } + }; +} + +#define throw_sys_if(condition) do { if (condition) throw SystemException( SRC_POS ); } while (false) + + +#endif // TC_HEADER_Common_Exception diff --git a/src/Common/Fat.c b/src/Common/Fat.c index 2a34674a..fadb80b1 100644 --- a/src/Common/Fat.c +++ b/src/Common/Fat.c @@ -1,449 +1,449 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include -#include -#include - -#include "Tcdefs.h" - -#include "Crypto.h" -#include "Common/Endian.h" -#include "Format.h" -#include "Fat.h" -#include "Progress.h" -#include "Random.h" -#include "Volumes.h" - -void -GetFatParams (fatparams * ft) -{ - uint64 volumeSize = (uint64) ft->num_sectors * ft->sector_size; - unsigned int fatsecs; - - if(ft->cluster_size == 0) // 'Default' cluster size - { - uint32 clusterSize; - - // Determine optimal cluster size to minimize FAT size (mounting delay), maximize number of files, keep 4 KB alignment, etc. - if (volumeSize >= 2 * BYTES_PER_TB) - clusterSize = 256 * BYTES_PER_KB; - else if (volumeSize >= 512 * BYTES_PER_GB) - clusterSize = 128 * BYTES_PER_KB; - else if (volumeSize >= 128 * BYTES_PER_GB) - clusterSize = 64 * BYTES_PER_KB; - else if (volumeSize >= 64 * BYTES_PER_GB) - clusterSize = 32 * BYTES_PER_KB; - else if (volumeSize >= 32 * BYTES_PER_GB) - clusterSize = 16 * BYTES_PER_KB; - else if (volumeSize >= 16 * BYTES_PER_GB) - clusterSize = 8 * BYTES_PER_KB; - else if (volumeSize >= 512 * BYTES_PER_MB) - clusterSize = 4 * BYTES_PER_KB; - else if (volumeSize >= 256 * BYTES_PER_MB) - clusterSize = 2 * BYTES_PER_KB; - else if (volumeSize >= 1 * BYTES_PER_MB) - clusterSize = 1 * BYTES_PER_KB; - else - clusterSize = 512; - - ft->cluster_size = clusterSize / ft->sector_size; - - if (ft->cluster_size == 0) - ft->cluster_size = 1; - - if (((unsigned __int64) ft->cluster_size * ft->sector_size) > TC_MAX_FAT_CLUSTER_SIZE) - ft->cluster_size = TC_MAX_FAT_CLUSTER_SIZE / ft->sector_size; - - if (ft->cluster_size > 128) - ft->cluster_size = 128; - } - - if (volumeSize <= TC_MAX_FAT_CLUSTER_SIZE * 4) - ft->cluster_size = 1; - - // Geometry always set to SECTORS/1/1 - ft->secs_track = 1; - ft->heads = 1; - - ft->dir_entries = 512; - ft->fats = 2; - ft->media = 0xf8; - ft->hidden = 0; - - ft->size_root_dir = ft->dir_entries * 32; - - // FAT12 - ft->size_fat = 12; - ft->reserved = 2; - fatsecs = ft->num_sectors - (ft->size_root_dir + ft->sector_size - 1) / ft->sector_size - ft->reserved; - ft->cluster_count = (int) (((unsigned __int64) fatsecs * ft->sector_size) / ((unsigned __int64) ft->cluster_size * ft->sector_size)); - ft->fat_length = (((ft->cluster_count * 3 + 1) >> 1) + ft->sector_size - 1) / ft->sector_size; - - if (ft->cluster_count >= 4085) // FAT16 - { - ft->size_fat = 16; - ft->reserved = 2; - fatsecs = ft->num_sectors - (ft->size_root_dir + ft->sector_size - 1) / ft->sector_size - ft->reserved; - ft->cluster_count = (int) (((__int64) fatsecs * ft->sector_size) / (ft->cluster_size * ft->sector_size)); - ft->fat_length = (ft->cluster_count * 2 + ft->sector_size - 1) / ft->sector_size; - } - - if(ft->cluster_count >= 65525) // FAT32 - { - ft->size_fat = 32; - ft->reserved = 32 - 1; - - do - { - ft->reserved++; - - fatsecs = ft->num_sectors - ft->reserved; - ft->size_root_dir = ft->cluster_size * ft->sector_size; - ft->cluster_count = (int) (((unsigned __int64) fatsecs * ft->sector_size) / (ft->cluster_size * ft->sector_size)); - ft->fat_length = (ft->cluster_count * 4 + ft->sector_size - 1) / ft->sector_size; - - // Align data area on TC_MAX_VOLUME_SECTOR_SIZE - - } while (ft->sector_size == TC_SECTOR_SIZE_LEGACY - && (ft->reserved * ft->sector_size + ft->fat_length * ft->fats * ft->sector_size) % TC_MAX_VOLUME_SECTOR_SIZE != 0); - } - - ft->cluster_count -= ft->fat_length * ft->fats / ft->cluster_size; - - if (ft->num_sectors >= 65536 || ft->size_fat == 32) - { - ft->sectors = 0; - ft->total_sect = ft->num_sectors; - } - else - { - ft->sectors = (uint16) ft->num_sectors; - ft->total_sect = 0; - } -} - -void -PutBoot (fatparams * ft, unsigned char *boot) -{ - int cnt = 0; - - boot[cnt++] = 0xeb; /* boot jump */ - boot[cnt++] = 0x3c; - boot[cnt++] = 0x90; - memcpy (boot + cnt, "MSDOS5.0", 8); /* system id */ - cnt += 8; - *(__int16 *)(boot + cnt) = LE16(ft->sector_size); /* bytes per sector */ - cnt += 2; - boot[cnt++] = (__int8) ft->cluster_size; /* sectors per cluster */ - *(__int16 *)(boot + cnt) = LE16(ft->reserved); /* reserved sectors */ - cnt += 2; - boot[cnt++] = (__int8) ft->fats; /* 2 fats */ - - if(ft->size_fat == 32) - { - boot[cnt++] = 0x00; - boot[cnt++] = 0x00; - } - else - { - *(__int16 *)(boot + cnt) = LE16(ft->dir_entries); /* 512 root entries */ - cnt += 2; - } - - *(__int16 *)(boot + cnt) = LE16(ft->sectors); /* # sectors */ - cnt += 2; - boot[cnt++] = (__int8) ft->media; /* media byte */ - - if(ft->size_fat == 32) - { - boot[cnt++] = 0x00; - boot[cnt++] = 0x00; - } - else - { - *(__int16 *)(boot + cnt) = LE16((uint16) ft->fat_length); /* fat size */ - cnt += 2; - } - - *(__int16 *)(boot + cnt) = LE16(ft->secs_track); /* # sectors per track */ - cnt += 2; - *(__int16 *)(boot + cnt) = LE16(ft->heads); /* # heads */ - cnt += 2; - *(__int32 *)(boot + cnt) = LE32(ft->hidden); /* # hidden sectors */ - cnt += 4; - *(__int32 *)(boot + cnt) = LE32(ft->total_sect); /* # huge sectors */ - cnt += 4; - - if(ft->size_fat == 32) - { - *(__int32 *)(boot + cnt) = LE32(ft->fat_length); cnt += 4; /* fat size 32 */ - boot[cnt++] = 0x00; /* ExtFlags */ - boot[cnt++] = 0x00; - boot[cnt++] = 0x00; /* FSVer */ - boot[cnt++] = 0x00; - boot[cnt++] = 0x02; /* RootClus */ - boot[cnt++] = 0x00; - boot[cnt++] = 0x00; - boot[cnt++] = 0x00; - boot[cnt++] = 0x01; /* FSInfo */ - boot[cnt++] = 0x00; - boot[cnt++] = 0x06; /* BkBootSec */ - boot[cnt++] = 0x00; - memset(boot+cnt, 0, 12); cnt+=12; /* Reserved */ - } - - boot[cnt++] = 0x00; /* drive number */ // FIXED 80 > 00 - boot[cnt++] = 0x00; /* reserved */ - boot[cnt++] = 0x29; /* boot sig */ - - memcpy (boot + cnt, ft->volume_id, 4); /* vol id */ - cnt += 4; - - memcpy (boot + cnt, ft->volume_name, 11); /* vol title */ - cnt += 11; - - switch(ft->size_fat) /* filesystem type */ - { - case 12: memcpy (boot + cnt, "FAT12 ", 8); break; - case 16: memcpy (boot + cnt, "FAT16 ", 8); break; - case 32: memcpy (boot + cnt, "FAT32 ", 8); break; - } - cnt += 8; - - memset (boot + cnt, 0, ft->size_fat==32 ? 420:448); /* boot code */ - cnt += ft->size_fat==32 ? 420:448; - boot[cnt++] = 0x55; - boot[cnt++] = 0xaa; /* boot sig */ -} - - -/* FAT32 FSInfo */ -static void PutFSInfo (unsigned char *sector, fatparams *ft) -{ - memset (sector, 0, ft->sector_size); - sector[3]=0x41; /* LeadSig */ - sector[2]=0x61; - sector[1]=0x52; - sector[0]=0x52; - sector[484+3]=0x61; /* StrucSig */ - sector[484+2]=0x41; - sector[484+1]=0x72; - sector[484+0]=0x72; - - // Free cluster count - *(uint32 *)(sector + 488) = LE32 (ft->cluster_count - ft->size_root_dir / ft->sector_size / ft->cluster_size); - - // Next free cluster - *(uint32 *)(sector + 492) = LE32 (2); - - sector[508+3]=0xaa; /* TrailSig */ - sector[508+2]=0x55; - sector[508+1]=0x00; - sector[508+0]=0x00; -} - - -int -FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void * dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat) -{ - int write_buf_cnt = 0; - char sector[TC_MAX_VOLUME_SECTOR_SIZE], *write_buf; - unsigned __int64 nSecNo = startSector; - int x, n; - int retVal; - char temporaryKey[MASTER_KEYDATA_SIZE]; - HWND hwndDlg = (HWND) hwndDlgPtr; - - LARGE_INTEGER startOffset; - LARGE_INTEGER newOffset; - - // Seek to start sector - startOffset.QuadPart = startSector * ft->sector_size; - if (!SetFilePointerEx ((HANDLE) dev, startOffset, &newOffset, FILE_BEGIN) - || newOffset.QuadPart != startOffset.QuadPart) - { - return ERR_VOL_SEEKING; - } - - /* Write the data area */ - - write_buf = (char *)TCalloc (FormatWriteBufferSize); - if (!write_buf) - return ERR_OUTOFMEMORY; - - memset (sector, 0, ft->sector_size); - - if (!RandgetBytes (hwndDlg, ft->volume_id, sizeof (ft->volume_id), FALSE)) - goto fail; - - PutBoot (ft, (unsigned char *) sector); - if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, - cryptoInfo) == FALSE) - goto fail; - - /* fat32 boot area */ - if (ft->size_fat == 32) - { - /* fsinfo */ - PutFSInfo((unsigned char *) sector, ft); - if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, - cryptoInfo) == FALSE) - goto fail; - - /* reserved */ - while (nSecNo - startSector < 6) - { - memset (sector, 0, ft->sector_size); - sector[508+3]=0xaa; /* TrailSig */ - sector[508+2]=0x55; - if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, - cryptoInfo) == FALSE) - goto fail; - } - - /* bootsector backup */ - memset (sector, 0, ft->sector_size); - PutBoot (ft, (unsigned char *) sector); - if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, - cryptoInfo) == FALSE) - goto fail; - - PutFSInfo((unsigned char *) sector, ft); - if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, - cryptoInfo) == FALSE) - goto fail; - } - - /* reserved */ - while (nSecNo - startSector < (unsigned int)ft->reserved) - { - memset (sector, 0, ft->sector_size); - if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, - cryptoInfo) == FALSE) - goto fail; - } - - /* write fat */ - for (x = 1; x <= ft->fats; x++) - { - for (n = 0; n < ft->fat_length; n++) - { - memset (sector, 0, ft->sector_size); - - if (n == 0) - { - unsigned char fat_sig[12]; - if (ft->size_fat == 32) - { - fat_sig[0] = (unsigned char) ft->media; - fat_sig[1] = fat_sig[2] = 0xff; - fat_sig[3] = 0x0f; - fat_sig[4] = fat_sig[5] = fat_sig[6] = 0xff; - fat_sig[7] = 0x0f; - fat_sig[8] = fat_sig[9] = fat_sig[10] = 0xff; - fat_sig[11] = 0x0f; - memcpy (sector, fat_sig, 12); - } - else if (ft->size_fat == 16) - { - fat_sig[0] = (unsigned char) ft->media; - fat_sig[1] = 0xff; - fat_sig[2] = 0xff; - fat_sig[3] = 0xff; - memcpy (sector, fat_sig, 4); - } - else if (ft->size_fat == 12) - { - fat_sig[0] = (unsigned char) ft->media; - fat_sig[1] = 0xff; - fat_sig[2] = 0xff; - fat_sig[3] = 0x00; - memcpy (sector, fat_sig, 4); - } - } - - if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, - cryptoInfo) == FALSE) - goto fail; - } - } - - - /* write rootdir */ - for (x = 0; x < ft->size_root_dir / ft->sector_size; x++) - { - memset (sector, 0, ft->sector_size); - if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, - cryptoInfo) == FALSE) - goto fail; - - } - - /* Fill the rest of the data area with random data */ - - if(!quickFormat) - { - if (!FlushFormatWriteBuffer (dev, write_buf, &write_buf_cnt, &nSecNo, cryptoInfo)) - goto fail; - - /* Generate a random temporary key set to be used for "dummy" encryption that will fill - the free disk space (data area) with random data. This is necessary for plausible - deniability of hidden volumes (and also reduces the amount of predictable plaintext - within the volume). */ - - // Temporary master key - if (!RandgetBytes (hwndDlg, temporaryKey, EAGetKeySize (cryptoInfo->ea), FALSE)) - goto fail; - - // Temporary secondary key (XTS mode) - if (!RandgetBytes (hwndDlg, cryptoInfo->k2, sizeof cryptoInfo->k2, FALSE)) - goto fail; - - retVal = EAInit (cryptoInfo->ea, temporaryKey, cryptoInfo->ks); - if (retVal != ERR_SUCCESS) - { - burn (temporaryKey, sizeof(temporaryKey)); - return retVal; - } - if (!EAInitMode (cryptoInfo)) - { - burn (temporaryKey, sizeof(temporaryKey)); - return ERR_MODE_INIT_FAILED; - } - - x = ft->num_sectors - ft->reserved - ft->size_root_dir / ft->sector_size - ft->fat_length * 2; - while (x--) - { - if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, - cryptoInfo) == FALSE) - goto fail; - } - UpdateProgressBar (nSecNo * ft->sector_size); - } - else - UpdateProgressBar ((uint64) ft->num_sectors * ft->sector_size); - - if (!FlushFormatWriteBuffer (dev, write_buf, &write_buf_cnt, &nSecNo, cryptoInfo)) - goto fail; - - TCfree (write_buf); - burn (temporaryKey, sizeof(temporaryKey)); - return 0; - -fail: - - TCfree (write_buf); - burn (temporaryKey, sizeof(temporaryKey)); - return ERR_OS_ERROR; -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include +#include +#include + +#include "Tcdefs.h" + +#include "Crypto.h" +#include "Common/Endian.h" +#include "Format.h" +#include "Fat.h" +#include "Progress.h" +#include "Random.h" +#include "Volumes.h" + +void +GetFatParams (fatparams * ft) +{ + uint64 volumeSize = (uint64) ft->num_sectors * ft->sector_size; + unsigned int fatsecs; + + if(ft->cluster_size == 0) // 'Default' cluster size + { + uint32 clusterSize; + + // Determine optimal cluster size to minimize FAT size (mounting delay), maximize number of files, keep 4 KB alignment, etc. + if (volumeSize >= 2 * BYTES_PER_TB) + clusterSize = 256 * BYTES_PER_KB; + else if (volumeSize >= 512 * BYTES_PER_GB) + clusterSize = 128 * BYTES_PER_KB; + else if (volumeSize >= 128 * BYTES_PER_GB) + clusterSize = 64 * BYTES_PER_KB; + else if (volumeSize >= 64 * BYTES_PER_GB) + clusterSize = 32 * BYTES_PER_KB; + else if (volumeSize >= 32 * BYTES_PER_GB) + clusterSize = 16 * BYTES_PER_KB; + else if (volumeSize >= 16 * BYTES_PER_GB) + clusterSize = 8 * BYTES_PER_KB; + else if (volumeSize >= 512 * BYTES_PER_MB) + clusterSize = 4 * BYTES_PER_KB; + else if (volumeSize >= 256 * BYTES_PER_MB) + clusterSize = 2 * BYTES_PER_KB; + else if (volumeSize >= 1 * BYTES_PER_MB) + clusterSize = 1 * BYTES_PER_KB; + else + clusterSize = 512; + + ft->cluster_size = clusterSize / ft->sector_size; + + if (ft->cluster_size == 0) + ft->cluster_size = 1; + + if (((unsigned __int64) ft->cluster_size * ft->sector_size) > TC_MAX_FAT_CLUSTER_SIZE) + ft->cluster_size = TC_MAX_FAT_CLUSTER_SIZE / ft->sector_size; + + if (ft->cluster_size > 128) + ft->cluster_size = 128; + } + + if (volumeSize <= TC_MAX_FAT_CLUSTER_SIZE * 4) + ft->cluster_size = 1; + + // Geometry always set to SECTORS/1/1 + ft->secs_track = 1; + ft->heads = 1; + + ft->dir_entries = 512; + ft->fats = 2; + ft->media = 0xf8; + ft->hidden = 0; + + ft->size_root_dir = ft->dir_entries * 32; + + // FAT12 + ft->size_fat = 12; + ft->reserved = 2; + fatsecs = ft->num_sectors - (ft->size_root_dir + ft->sector_size - 1) / ft->sector_size - ft->reserved; + ft->cluster_count = (int) (((unsigned __int64) fatsecs * ft->sector_size) / ((unsigned __int64) ft->cluster_size * ft->sector_size)); + ft->fat_length = (((ft->cluster_count * 3 + 1) >> 1) + ft->sector_size - 1) / ft->sector_size; + + if (ft->cluster_count >= 4085) // FAT16 + { + ft->size_fat = 16; + ft->reserved = 2; + fatsecs = ft->num_sectors - (ft->size_root_dir + ft->sector_size - 1) / ft->sector_size - ft->reserved; + ft->cluster_count = (int) (((__int64) fatsecs * ft->sector_size) / (ft->cluster_size * ft->sector_size)); + ft->fat_length = (ft->cluster_count * 2 + ft->sector_size - 1) / ft->sector_size; + } + + if(ft->cluster_count >= 65525) // FAT32 + { + ft->size_fat = 32; + ft->reserved = 32 - 1; + + do + { + ft->reserved++; + + fatsecs = ft->num_sectors - ft->reserved; + ft->size_root_dir = ft->cluster_size * ft->sector_size; + ft->cluster_count = (int) (((unsigned __int64) fatsecs * ft->sector_size) / (ft->cluster_size * ft->sector_size)); + ft->fat_length = (ft->cluster_count * 4 + ft->sector_size - 1) / ft->sector_size; + + // Align data area on TC_MAX_VOLUME_SECTOR_SIZE + + } while (ft->sector_size == TC_SECTOR_SIZE_LEGACY + && (ft->reserved * ft->sector_size + ft->fat_length * ft->fats * ft->sector_size) % TC_MAX_VOLUME_SECTOR_SIZE != 0); + } + + ft->cluster_count -= ft->fat_length * ft->fats / ft->cluster_size; + + if (ft->num_sectors >= 65536 || ft->size_fat == 32) + { + ft->sectors = 0; + ft->total_sect = ft->num_sectors; + } + else + { + ft->sectors = (uint16) ft->num_sectors; + ft->total_sect = 0; + } +} + +void +PutBoot (fatparams * ft, unsigned char *boot) +{ + int cnt = 0; + + boot[cnt++] = 0xeb; /* boot jump */ + boot[cnt++] = 0x3c; + boot[cnt++] = 0x90; + memcpy (boot + cnt, "MSDOS5.0", 8); /* system id */ + cnt += 8; + *(__int16 *)(boot + cnt) = LE16(ft->sector_size); /* bytes per sector */ + cnt += 2; + boot[cnt++] = (__int8) ft->cluster_size; /* sectors per cluster */ + *(__int16 *)(boot + cnt) = LE16(ft->reserved); /* reserved sectors */ + cnt += 2; + boot[cnt++] = (__int8) ft->fats; /* 2 fats */ + + if(ft->size_fat == 32) + { + boot[cnt++] = 0x00; + boot[cnt++] = 0x00; + } + else + { + *(__int16 *)(boot + cnt) = LE16(ft->dir_entries); /* 512 root entries */ + cnt += 2; + } + + *(__int16 *)(boot + cnt) = LE16(ft->sectors); /* # sectors */ + cnt += 2; + boot[cnt++] = (__int8) ft->media; /* media byte */ + + if(ft->size_fat == 32) + { + boot[cnt++] = 0x00; + boot[cnt++] = 0x00; + } + else + { + *(__int16 *)(boot + cnt) = LE16((uint16) ft->fat_length); /* fat size */ + cnt += 2; + } + + *(__int16 *)(boot + cnt) = LE16(ft->secs_track); /* # sectors per track */ + cnt += 2; + *(__int16 *)(boot + cnt) = LE16(ft->heads); /* # heads */ + cnt += 2; + *(__int32 *)(boot + cnt) = LE32(ft->hidden); /* # hidden sectors */ + cnt += 4; + *(__int32 *)(boot + cnt) = LE32(ft->total_sect); /* # huge sectors */ + cnt += 4; + + if(ft->size_fat == 32) + { + *(__int32 *)(boot + cnt) = LE32(ft->fat_length); cnt += 4; /* fat size 32 */ + boot[cnt++] = 0x00; /* ExtFlags */ + boot[cnt++] = 0x00; + boot[cnt++] = 0x00; /* FSVer */ + boot[cnt++] = 0x00; + boot[cnt++] = 0x02; /* RootClus */ + boot[cnt++] = 0x00; + boot[cnt++] = 0x00; + boot[cnt++] = 0x00; + boot[cnt++] = 0x01; /* FSInfo */ + boot[cnt++] = 0x00; + boot[cnt++] = 0x06; /* BkBootSec */ + boot[cnt++] = 0x00; + memset(boot+cnt, 0, 12); cnt+=12; /* Reserved */ + } + + boot[cnt++] = 0x00; /* drive number */ // FIXED 80 > 00 + boot[cnt++] = 0x00; /* reserved */ + boot[cnt++] = 0x29; /* boot sig */ + + memcpy (boot + cnt, ft->volume_id, 4); /* vol id */ + cnt += 4; + + memcpy (boot + cnt, ft->volume_name, 11); /* vol title */ + cnt += 11; + + switch(ft->size_fat) /* filesystem type */ + { + case 12: memcpy (boot + cnt, "FAT12 ", 8); break; + case 16: memcpy (boot + cnt, "FAT16 ", 8); break; + case 32: memcpy (boot + cnt, "FAT32 ", 8); break; + } + cnt += 8; + + memset (boot + cnt, 0, ft->size_fat==32 ? 420:448); /* boot code */ + cnt += ft->size_fat==32 ? 420:448; + boot[cnt++] = 0x55; + boot[cnt++] = 0xaa; /* boot sig */ +} + + +/* FAT32 FSInfo */ +static void PutFSInfo (unsigned char *sector, fatparams *ft) +{ + memset (sector, 0, ft->sector_size); + sector[3]=0x41; /* LeadSig */ + sector[2]=0x61; + sector[1]=0x52; + sector[0]=0x52; + sector[484+3]=0x61; /* StrucSig */ + sector[484+2]=0x41; + sector[484+1]=0x72; + sector[484+0]=0x72; + + // Free cluster count + *(uint32 *)(sector + 488) = LE32 (ft->cluster_count - ft->size_root_dir / ft->sector_size / ft->cluster_size); + + // Next free cluster + *(uint32 *)(sector + 492) = LE32 (2); + + sector[508+3]=0xaa; /* TrailSig */ + sector[508+2]=0x55; + sector[508+1]=0x00; + sector[508+0]=0x00; +} + + +int +FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void * dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat) +{ + int write_buf_cnt = 0; + char sector[TC_MAX_VOLUME_SECTOR_SIZE], *write_buf; + unsigned __int64 nSecNo = startSector; + int x, n; + int retVal; + char temporaryKey[MASTER_KEYDATA_SIZE]; + HWND hwndDlg = (HWND) hwndDlgPtr; + + LARGE_INTEGER startOffset; + LARGE_INTEGER newOffset; + + // Seek to start sector + startOffset.QuadPart = startSector * ft->sector_size; + if (!SetFilePointerEx ((HANDLE) dev, startOffset, &newOffset, FILE_BEGIN) + || newOffset.QuadPart != startOffset.QuadPart) + { + return ERR_VOL_SEEKING; + } + + /* Write the data area */ + + write_buf = (char *)TCalloc (FormatWriteBufferSize); + if (!write_buf) + return ERR_OUTOFMEMORY; + + memset (sector, 0, ft->sector_size); + + if (!RandgetBytes (hwndDlg, ft->volume_id, sizeof (ft->volume_id), FALSE)) + goto fail; + + PutBoot (ft, (unsigned char *) sector); + if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, + cryptoInfo) == FALSE) + goto fail; + + /* fat32 boot area */ + if (ft->size_fat == 32) + { + /* fsinfo */ + PutFSInfo((unsigned char *) sector, ft); + if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, + cryptoInfo) == FALSE) + goto fail; + + /* reserved */ + while (nSecNo - startSector < 6) + { + memset (sector, 0, ft->sector_size); + sector[508+3]=0xaa; /* TrailSig */ + sector[508+2]=0x55; + if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, + cryptoInfo) == FALSE) + goto fail; + } + + /* bootsector backup */ + memset (sector, 0, ft->sector_size); + PutBoot (ft, (unsigned char *) sector); + if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, + cryptoInfo) == FALSE) + goto fail; + + PutFSInfo((unsigned char *) sector, ft); + if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, + cryptoInfo) == FALSE) + goto fail; + } + + /* reserved */ + while (nSecNo - startSector < (unsigned int)ft->reserved) + { + memset (sector, 0, ft->sector_size); + if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, + cryptoInfo) == FALSE) + goto fail; + } + + /* write fat */ + for (x = 1; x <= ft->fats; x++) + { + for (n = 0; n < ft->fat_length; n++) + { + memset (sector, 0, ft->sector_size); + + if (n == 0) + { + unsigned char fat_sig[12]; + if (ft->size_fat == 32) + { + fat_sig[0] = (unsigned char) ft->media; + fat_sig[1] = fat_sig[2] = 0xff; + fat_sig[3] = 0x0f; + fat_sig[4] = fat_sig[5] = fat_sig[6] = 0xff; + fat_sig[7] = 0x0f; + fat_sig[8] = fat_sig[9] = fat_sig[10] = 0xff; + fat_sig[11] = 0x0f; + memcpy (sector, fat_sig, 12); + } + else if (ft->size_fat == 16) + { + fat_sig[0] = (unsigned char) ft->media; + fat_sig[1] = 0xff; + fat_sig[2] = 0xff; + fat_sig[3] = 0xff; + memcpy (sector, fat_sig, 4); + } + else if (ft->size_fat == 12) + { + fat_sig[0] = (unsigned char) ft->media; + fat_sig[1] = 0xff; + fat_sig[2] = 0xff; + fat_sig[3] = 0x00; + memcpy (sector, fat_sig, 4); + } + } + + if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, + cryptoInfo) == FALSE) + goto fail; + } + } + + + /* write rootdir */ + for (x = 0; x < ft->size_root_dir / ft->sector_size; x++) + { + memset (sector, 0, ft->sector_size); + if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, + cryptoInfo) == FALSE) + goto fail; + + } + + /* Fill the rest of the data area with random data */ + + if(!quickFormat) + { + if (!FlushFormatWriteBuffer (dev, write_buf, &write_buf_cnt, &nSecNo, cryptoInfo)) + goto fail; + + /* Generate a random temporary key set to be used for "dummy" encryption that will fill + the free disk space (data area) with random data. This is necessary for plausible + deniability of hidden volumes (and also reduces the amount of predictable plaintext + within the volume). */ + + // Temporary master key + if (!RandgetBytes (hwndDlg, temporaryKey, EAGetKeySize (cryptoInfo->ea), FALSE)) + goto fail; + + // Temporary secondary key (XTS mode) + if (!RandgetBytes (hwndDlg, cryptoInfo->k2, sizeof cryptoInfo->k2, FALSE)) + goto fail; + + retVal = EAInit (cryptoInfo->ea, temporaryKey, cryptoInfo->ks); + if (retVal != ERR_SUCCESS) + { + burn (temporaryKey, sizeof(temporaryKey)); + return retVal; + } + if (!EAInitMode (cryptoInfo)) + { + burn (temporaryKey, sizeof(temporaryKey)); + return ERR_MODE_INIT_FAILED; + } + + x = ft->num_sectors - ft->reserved - ft->size_root_dir / ft->sector_size - ft->fat_length * 2; + while (x--) + { + if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, + cryptoInfo) == FALSE) + goto fail; + } + UpdateProgressBar (nSecNo * ft->sector_size); + } + else + UpdateProgressBar ((uint64) ft->num_sectors * ft->sector_size); + + if (!FlushFormatWriteBuffer (dev, write_buf, &write_buf_cnt, &nSecNo, cryptoInfo)) + goto fail; + + TCfree (write_buf); + burn (temporaryKey, sizeof(temporaryKey)); + return 0; + +fail: + + TCfree (write_buf); + burn (temporaryKey, sizeof(temporaryKey)); + return ERR_OS_ERROR; +} diff --git a/src/Common/Fat.h b/src/Common/Fat.h index 76714046..b637f8ec 100644 --- a/src/Common/Fat.h +++ b/src/Common/Fat.h @@ -1,69 +1,69 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -typedef struct fatparams_t -{ - char volume_name[11]; - byte volume_id[4]; - unsigned int num_sectors; /* total number of sectors */ - int cluster_count; /* number of clusters */ - int size_root_dir; /* size of the root directory in bytes */ - int size_fat; /* size of FAT */ - int fats; - int media; - unsigned int cluster_size; - int fat_length; - uint16 dir_entries; - uint16 sector_size; - int hidden; - __int16 reserved; - uint16 sectors; - unsigned int total_sect; - - uint16 heads; - uint16 secs_track; - -} fatparams; - - -struct msdos_boot_sector -{ - unsigned char boot_jump[3]; /* Boot strap short or near jump */ - char system_id[8]; /* Name - can be used to special case - partition manager volumes */ - unsigned char sector_size[2]; /* bytes per logical sector */ - unsigned char cluster_size; /* sectors/cluster */ - unsigned short reserved;/* reserved sectors */ - unsigned char fats; /* number of FATs */ - unsigned char dir_entries[2]; /* root directory entries */ - unsigned char sectors[2]; /* number of sectors */ - unsigned char media; /* media code */ - unsigned short fat_length; /* sectors/FAT */ - unsigned short secs_track; /* sectors per track */ - unsigned short heads; /* number of heads */ - unsigned __int32 hidden; /* hidden sectors */ - unsigned __int32 total_sect; /* number of sectors (if sectors == 0) */ - unsigned char drive_number; /* BIOS drive number */ - unsigned char RESERVED; /* Unused */ - unsigned char ext_boot_sign; /* 0x29 if fields below exist (DOS 3.3+) */ - unsigned char volume_id[4]; /* Volume ID number */ - char volume_label[11]; /* Volume label */ - char fs_type[8]; /* Typically FAT12, FAT16, or FAT32 */ - unsigned char boot_code[448]; /* Boot code (or message) */ - unsigned short boot_sign; /* 0xAA55 */ -}; - - -void GetFatParams ( fatparams *ft ); -void PutBoot ( fatparams *ft , unsigned char *boot ); -int FormatFat (void* hwndDlg, unsigned __int64 startSector, fatparams * ft, void * dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat); +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +typedef struct fatparams_t +{ + char volume_name[11]; + byte volume_id[4]; + unsigned int num_sectors; /* total number of sectors */ + int cluster_count; /* number of clusters */ + int size_root_dir; /* size of the root directory in bytes */ + int size_fat; /* size of FAT */ + int fats; + int media; + unsigned int cluster_size; + int fat_length; + uint16 dir_entries; + uint16 sector_size; + int hidden; + __int16 reserved; + uint16 sectors; + unsigned int total_sect; + + uint16 heads; + uint16 secs_track; + +} fatparams; + + +struct msdos_boot_sector +{ + unsigned char boot_jump[3]; /* Boot strap short or near jump */ + char system_id[8]; /* Name - can be used to special case + partition manager volumes */ + unsigned char sector_size[2]; /* bytes per logical sector */ + unsigned char cluster_size; /* sectors/cluster */ + unsigned short reserved;/* reserved sectors */ + unsigned char fats; /* number of FATs */ + unsigned char dir_entries[2]; /* root directory entries */ + unsigned char sectors[2]; /* number of sectors */ + unsigned char media; /* media code */ + unsigned short fat_length; /* sectors/FAT */ + unsigned short secs_track; /* sectors per track */ + unsigned short heads; /* number of heads */ + unsigned __int32 hidden; /* hidden sectors */ + unsigned __int32 total_sect; /* number of sectors (if sectors == 0) */ + unsigned char drive_number; /* BIOS drive number */ + unsigned char RESERVED; /* Unused */ + unsigned char ext_boot_sign; /* 0x29 if fields below exist (DOS 3.3+) */ + unsigned char volume_id[4]; /* Volume ID number */ + char volume_label[11]; /* Volume label */ + char fs_type[8]; /* Typically FAT12, FAT16, or FAT32 */ + unsigned char boot_code[448]; /* Boot code (or message) */ + unsigned short boot_sign; /* 0xAA55 */ +}; + + +void GetFatParams ( fatparams *ft ); +void PutBoot ( fatparams *ft , unsigned char *boot ); +int FormatFat (void* hwndDlg, unsigned __int64 startSector, fatparams * ft, void * dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat); diff --git a/src/Common/Format.c b/src/Common/Format.c index fe12c041..43a96d04 100644 --- a/src/Common/Format.c +++ b/src/Common/Format.c @@ -1,810 +1,810 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include -#include - -#include "Tcdefs.h" - -#include "Common.h" -#include "Crypto.h" -#include "Fat.h" -#include "Format.h" -#include "Random.h" -#include "Volumes.h" - -#include "Apidrvr.h" -#include "Dlgcode.h" -#include "Language.h" -#include "Progress.h" -#include "Resource.h" -#include "Format/FormatCom.h" -#include "Format/Tcformat.h" - -#include - -#ifndef SRC_POS -#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) -#endif - -int FormatWriteBufferSize = 1024 * 1024; -static uint32 FormatSectorSize = 0; - - -uint64 GetVolumeDataAreaSize (BOOL hiddenVolume, uint64 volumeSize) -{ - uint64 reservedSize; - - if (hiddenVolume) - { - // Reserve free space at the end of the host filesystem. FAT file system fills the last sector with - // zeroes (marked as free; observed when quick format was performed using the OS format tool). - // Therefore, when the outer volume is mounted with hidden volume protection, such write operations - // (e.g. quick formatting the outer volume filesystem as FAT) would needlessly trigger hidden volume - // protection. - -#if TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE > 4096 -# error TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE too large for very small volumes. Revise the code. -#endif - -#if TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE_HIGH < TC_MAX_VOLUME_SECTOR_SIZE -# error TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE_HIGH too small. -#endif - - if (volumeSize < TC_VOLUME_SMALL_SIZE_THRESHOLD) - reservedSize = TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE; - else - reservedSize = TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE_HIGH; // Ensure size of a hidden volume larger than TC_VOLUME_SMALL_SIZE_THRESHOLD is a multiple of the maximum supported sector size - } - else - { - reservedSize = TC_TOTAL_VOLUME_HEADERS_SIZE; - } - - if (volumeSize < reservedSize) - return 0; - - return volumeSize - reservedSize; -} - - -int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams) -{ - int nStatus; - PCRYPTO_INFO cryptoInfo = NULL; - HANDLE dev = INVALID_HANDLE_VALUE; - DWORD dwError; - char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; - unsigned __int64 num_sectors, startSector; - fatparams ft; - FILETIME ftCreationTime; - FILETIME ftLastWriteTime; - FILETIME ftLastAccessTime; - BOOL bTimeStampValid = FALSE; - BOOL bInstantRetryOtherFilesys = FALSE; - WCHAR dosDev[TC_MAX_PATH] = { 0 }; - WCHAR devName[MAX_PATH] = { 0 }; - int driveLetter = -1; - WCHAR deviceName[MAX_PATH]; - uint64 dataOffset, dataAreaSize; - LARGE_INTEGER offset; - BOOL bFailedRequiredDASD = FALSE; - HWND hwndDlg = volParams->hwndDlg; - - FormatSectorSize = volParams->sectorSize; - - if (FormatSectorSize < TC_MIN_VOLUME_SECTOR_SIZE - || FormatSectorSize > TC_MAX_VOLUME_SECTOR_SIZE - || FormatSectorSize % ENCRYPTION_DATA_UNIT_SIZE != 0) - { - Error ("SECTOR_SIZE_UNSUPPORTED", hwndDlg); - return ERR_DONT_REPORT; - } - - /* WARNING: Note that if Windows fails to format the volume as NTFS and the volume size is - less than the maximum FAT size, the user is asked within this function whether he wants to instantly - retry FAT format instead (to avoid having to re-create the whole container again). If the user - answers yes, some of the input parameters are modified, the code below 'begin_format' is re-executed - and some destructive operations that were performed during the first attempt must be (and are) skipped. - Therefore, whenever adding or modifying any potentially destructive operations below 'begin_format', - determine whether they (or their portions) need to be skipped during such a second attempt; if so, - use the 'bInstantRetryOtherFilesys' flag to skip them. */ - - if (volParams->hiddenVol) - { - dataOffset = volParams->hiddenVolHostSize - TC_VOLUME_HEADER_GROUP_SIZE - volParams->size; - } - else - { - if (volParams->size <= TC_TOTAL_VOLUME_HEADERS_SIZE) - return ERR_VOL_SIZE_WRONG; - - dataOffset = TC_VOLUME_DATA_OFFSET; - } - - dataAreaSize = GetVolumeDataAreaSize (volParams->hiddenVol, volParams->size); - - num_sectors = dataAreaSize / FormatSectorSize; - - if (volParams->bDevice) - { - StringCchCopyW (deviceName, ARRAYSIZE(deviceName), volParams->volumePath); - - driveLetter = GetDiskDeviceDriveLetter (deviceName); - } - - VirtualLock (header, sizeof (header)); - - nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, - header, - volParams->ea, - FIRST_MODE_OF_OPERATION_ID, - volParams->password, - volParams->pkcs5, - volParams->pim, - NULL, - &cryptoInfo, - dataAreaSize, - volParams->hiddenVol ? dataAreaSize : 0, - dataOffset, - dataAreaSize, - 0, - volParams->headerFlags, - FormatSectorSize, - FALSE); - - if (nStatus != 0) - { - burn (header, sizeof (header)); - VirtualUnlock (header, sizeof (header)); - return nStatus; - } - -begin_format: - - if (volParams->bDevice) - { - /* Device-hosted volume */ - - DWORD dwResult; - int nPass; - - if (FakeDosNameForDevice (volParams->volumePath, dosDev, sizeof(dosDev), devName, sizeof(devName), FALSE) != 0) - return ERR_OS_ERROR; - - if (IsDeviceMounted (devName)) - { - if ((dev = DismountDrive (devName, volParams->volumePath)) == INVALID_HANDLE_VALUE) - { - Error ("FORMAT_CANT_DISMOUNT_FILESYS", hwndDlg); - nStatus = ERR_DONT_REPORT; - goto error; - } - - /* Gain "raw" access to the partition (it contains a live filesystem and the filesystem driver - would otherwise prevent us from writing to hidden sectors). */ - - if (!DeviceIoControl (dev, - FSCTL_ALLOW_EXTENDED_DASD_IO, - NULL, - 0, - NULL, - 0, - &dwResult, - NULL)) - { - bFailedRequiredDASD = TRUE; - } - } - else if (IsOSAtLeast (WIN_VISTA) && driveLetter == -1) - { - // Windows Vista doesn't allow overwriting sectors belonging to an unformatted partition - // to which no drive letter has been assigned under the system. This problem can be worked - // around by assigning a drive letter to the partition temporarily. - - wchar_t szDriveLetter[] = { L'A', L':', 0 }; - wchar_t rootPath[] = { L'A', L':', L'\\', 0 }; - wchar_t uniqVolName[MAX_PATH+1] = { 0 }; - int tmpDriveLetter = -1; - BOOL bResult = FALSE; - - tmpDriveLetter = GetFirstAvailableDrive (); - - if (tmpDriveLetter != -1) - { - rootPath[0] += (wchar_t) tmpDriveLetter; - szDriveLetter[0] += (wchar_t) tmpDriveLetter; - - if (DefineDosDevice (DDD_RAW_TARGET_PATH, szDriveLetter, volParams->volumePath)) - { - bResult = GetVolumeNameForVolumeMountPoint (rootPath, uniqVolName, MAX_PATH); - - DefineDosDevice (DDD_RAW_TARGET_PATH|DDD_REMOVE_DEFINITION|DDD_EXACT_MATCH_ON_REMOVE, - szDriveLetter, - volParams->volumePath); - - if (bResult - && SetVolumeMountPoint (rootPath, uniqVolName)) - { - // The drive letter can be removed now - DeleteVolumeMountPoint (rootPath); - } - } - } - } - - // For extra safety, we will try to gain "raw" access to the partition. Note that this should actually be - // redundant because if the filesystem was mounted, we already tried to obtain DASD above. If we failed, - // bFailedRequiredDASD was set to TRUE and therefore we will perform pseudo "quick format" below. However, - // for extra safety, in case IsDeviceMounted() failed to detect a live filesystem, we will blindly - // send FSCTL_ALLOW_EXTENDED_DASD_IO (possibly for a second time) without checking the result. - - DeviceIoControl (dev, - FSCTL_ALLOW_EXTENDED_DASD_IO, - NULL, - 0, - NULL, - 0, - &dwResult, - NULL); - - - // If DASD is needed but we failed to obtain it, perform open - 'quick format' - close - open - // so that the filesystem driver does not prevent us from formatting hidden sectors. - for (nPass = (bFailedRequiredDASD ? 0 : 1); nPass < 2; nPass++) - { - int retryCount; - - retryCount = 0; - - // Try exclusive access mode first - // Note that when exclusive access is denied, it is worth retrying (usually succeeds after a few tries). - while (dev == INVALID_HANDLE_VALUE && retryCount++ < EXCL_ACCESS_MAX_AUTO_RETRIES) - { - dev = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL); - - if (retryCount > 1) - Sleep (EXCL_ACCESS_AUTO_RETRY_DELAY); - } - - if (dev == INVALID_HANDLE_VALUE) - { - // Exclusive access denied -- retry in shared mode - dev = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - if (dev != INVALID_HANDLE_VALUE) - { - if (!volParams->bForceOperation && (Silent || (IDNO == MessageBoxW (volParams->hwndDlg, GetString ("DEVICE_IN_USE_FORMAT"), lpszTitle, MB_YESNO|MB_ICONWARNING|MB_DEFBUTTON2)))) - { - nStatus = ERR_DONT_REPORT; - goto error; - } - } - else - { - handleWin32Error (volParams->hwndDlg, SRC_POS); - Error ("CANT_ACCESS_VOL", hwndDlg); - nStatus = ERR_DONT_REPORT; - goto error; - } - } - - if (volParams->hiddenVol || bInstantRetryOtherFilesys) - break; // The following "quick format" operation would damage the outer volume - - if (nPass == 0) - { - char buf [2 * TC_MAX_VOLUME_SECTOR_SIZE]; - DWORD bw; - - // Perform pseudo "quick format" so that the filesystem driver does not prevent us from - // formatting hidden sectors - memset (buf, 0, sizeof (buf)); - - if (!WriteFile (dev, buf, sizeof (buf), &bw, NULL)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - FlushFileBuffers (dev); - CloseHandle (dev); - dev = INVALID_HANDLE_VALUE; - } - } - - if (DeviceIoControl (dev, FSCTL_IS_VOLUME_MOUNTED, NULL, 0, NULL, 0, &dwResult, NULL)) - { - Error ("FORMAT_CANT_DISMOUNT_FILESYS", hwndDlg); - nStatus = ERR_DONT_REPORT; - goto error; - } - } - else - { - /* File-hosted volume */ - - dev = CreateFile (volParams->volumePath, GENERIC_READ | GENERIC_WRITE, - (volParams->hiddenVol || bInstantRetryOtherFilesys) ? (FILE_SHARE_READ | FILE_SHARE_WRITE) : 0, - NULL, (volParams->hiddenVol || bInstantRetryOtherFilesys) ? OPEN_EXISTING : CREATE_ALWAYS, 0, NULL); - - if (dev == INVALID_HANDLE_VALUE) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - DisableFileCompression (dev); - - if (!volParams->hiddenVol && !bInstantRetryOtherFilesys) - { - LARGE_INTEGER volumeSize; - volumeSize.QuadPart = dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE; - - if (volParams->sparseFileSwitch && volParams->quickFormat) - { - // Create as sparse file container - DWORD tmp; - if (!DeviceIoControl (dev, FSCTL_SET_SPARSE, NULL, 0, NULL, 0, &tmp, NULL)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - } - - // Preallocate the file - if (!SetFilePointerEx (dev, volumeSize, NULL, FILE_BEGIN) - || !SetEndOfFile (dev) - || SetFilePointer (dev, 0, NULL, FILE_BEGIN) != 0) - { - nStatus = ERR_OS_ERROR; - goto error; - } - } - } - - if (volParams->hiddenVol && !volParams->bDevice && bPreserveTimestamp) - { - if (GetFileTime ((HANDLE) dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime) == 0) - bTimeStampValid = FALSE; - else - bTimeStampValid = TRUE; - } - - if (volParams->hwndDlg && volParams->bGuiMode) KillTimer (volParams->hwndDlg, TIMER_ID_RANDVIEW); - - /* Volume header */ - - // Hidden volume setup - if (volParams->hiddenVol) - { - LARGE_INTEGER headerOffset; - - // Check hidden volume size - if (volParams->hiddenVolHostSize < TC_MIN_HIDDEN_VOLUME_HOST_SIZE || volParams->hiddenVolHostSize > TC_MAX_HIDDEN_VOLUME_HOST_SIZE) - { - nStatus = ERR_VOL_SIZE_WRONG; - goto error; - } - - // Seek to hidden volume header location - - headerOffset.QuadPart = TC_HIDDEN_VOLUME_HEADER_OFFSET; - - if (!SetFilePointerEx ((HANDLE) dev, headerOffset, NULL, FILE_BEGIN)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - } - else if (bInstantRetryOtherFilesys) - { - // The previous file system format failed and the user wants to try again with a different file system. - // The volume header had been written successfully so we need to seek to the byte after the header. - - LARGE_INTEGER offset; - offset.QuadPart = TC_VOLUME_DATA_OFFSET; - if (!SetFilePointerEx ((HANDLE) dev, offset, NULL, FILE_BEGIN)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - } - - if (!bInstantRetryOtherFilesys) - { - // Write the volume header - if (!WriteEffectiveVolumeHeader (volParams->bDevice, dev, header)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - // To prevent fragmentation, write zeroes to reserved header sectors which are going to be filled with random data - if (!volParams->bDevice && !volParams->hiddenVol) - { - byte buf[TC_VOLUME_HEADER_GROUP_SIZE - TC_VOLUME_HEADER_EFFECTIVE_SIZE]; - DWORD bytesWritten; - ZeroMemory (buf, sizeof (buf)); - - if (!WriteFile (dev, buf, sizeof (buf), &bytesWritten, NULL)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - if (bytesWritten != sizeof (buf)) - { - nStatus = ERR_PARAMETER_INCORRECT; - goto error; - } - } - } - - if (volParams->hiddenVol) - { - // Calculate data area position of hidden volume - cryptoInfo->hiddenVolumeOffset = dataOffset; - - // Validate the offset - if (dataOffset % FormatSectorSize != 0) - { - nStatus = ERR_VOL_SIZE_WRONG; - goto error; - } - - volParams->quickFormat = TRUE; // To entirely format a hidden volume would be redundant - } - - /* Data area */ - startSector = dataOffset / FormatSectorSize; - - // Format filesystem - - switch (volParams->fileSystem) - { - case FILESYS_NONE: - case FILESYS_NTFS: - case FILESYS_EXFAT: - - if (volParams->bDevice && !StartFormatWriteThread()) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - nStatus = FormatNoFs (hwndDlg, startSector, num_sectors, dev, cryptoInfo, volParams->quickFormat); - - if (volParams->bDevice) - StopFormatWriteThread(); - - break; - - case FILESYS_FAT: - if (num_sectors > 0xFFFFffff) - { - nStatus = ERR_VOL_SIZE_WRONG; - goto error; - } - - // Calculate the fats, root dir etc - ft.num_sectors = (unsigned int) (num_sectors); - -#if TC_MAX_VOLUME_SECTOR_SIZE > 0xFFFF -#error TC_MAX_VOLUME_SECTOR_SIZE > 0xFFFF -#endif - - ft.sector_size = (uint16) FormatSectorSize; - ft.cluster_size = volParams->clusterSize; - memcpy (ft.volume_name, "NO NAME ", 11); - GetFatParams (&ft); - *(volParams->realClusterSize) = ft.cluster_size * FormatSectorSize; - - if (volParams->bDevice && !StartFormatWriteThread()) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - nStatus = FormatFat (hwndDlg, startSector, &ft, (void *) dev, cryptoInfo, volParams->quickFormat); - - if (volParams->bDevice) - StopFormatWriteThread(); - - break; - - default: - nStatus = ERR_PARAMETER_INCORRECT; - goto error; - } - - if (nStatus != ERR_SUCCESS) - goto error; - - // Write header backup - offset.QuadPart = volParams->hiddenVol ? volParams->hiddenVolHostSize - TC_HIDDEN_VOLUME_HEADER_OFFSET : dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE; - - if (!SetFilePointerEx ((HANDLE) dev, offset, NULL, FILE_BEGIN)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, - header, - volParams->ea, - FIRST_MODE_OF_OPERATION_ID, - volParams->password, - volParams->pkcs5, - volParams->pim, - cryptoInfo->master_keydata, - &cryptoInfo, - dataAreaSize, - volParams->hiddenVol ? dataAreaSize : 0, - dataOffset, - dataAreaSize, - 0, - volParams->headerFlags, - FormatSectorSize, - FALSE); - - if (!WriteEffectiveVolumeHeader (volParams->bDevice, dev, header)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - // Fill reserved header sectors (including the backup header area) with random data - if (!volParams->hiddenVol) - { - nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, dataAreaSize, FALSE, FALSE); - - if (nStatus != ERR_SUCCESS) - goto error; - } - -#ifndef DEBUG - if (volParams->quickFormat && volParams->fileSystem != FILESYS_NTFS && volParams->fileSystem != FILESYS_EXFAT) - Sleep (500); // User-friendly GUI -#endif - -error: - dwError = GetLastError(); - - burn (header, sizeof (header)); - VirtualUnlock (header, sizeof (header)); - - if (dev != INVALID_HANDLE_VALUE) - { - if (!volParams->bDevice && !volParams->hiddenVol && nStatus != 0) - { - // Remove preallocated part before closing file handle if format failed - if (SetFilePointer (dev, 0, NULL, FILE_BEGIN) == 0) - SetEndOfFile (dev); - } - - FlushFileBuffers (dev); - - if (bTimeStampValid) - SetFileTime (dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime); - - CloseHandle (dev); - dev = INVALID_HANDLE_VALUE; - } - - if (nStatus != 0) - { - SetLastError(dwError); - goto fv_end; - } - - if (volParams->fileSystem == FILESYS_NTFS || volParams->fileSystem == FILESYS_EXFAT) - { - // Quick-format volume as NTFS - int driveNo = GetLastAvailableDrive (); - MountOptions mountOptions; - int retCode; - int fsType = (volParams->fileSystem == FILESYS_EXFAT)? FILESYS_EXFAT: FILESYS_NTFS; - - ZeroMemory (&mountOptions, sizeof (mountOptions)); - - if (driveNo == -1) - { - if (!Silent) - { - MessageBoxW (volParams->hwndDlg, GetString ("NO_FREE_DRIVES"), lpszTitle, ICON_HAND); - MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND); - } - - nStatus = ERR_NO_FREE_DRIVES; - goto fv_end; - } - - mountOptions.ReadOnly = FALSE; - mountOptions.Removable = FALSE; - mountOptions.ProtectHiddenVolume = FALSE; - mountOptions.PreserveTimestamp = bPreserveTimestamp; - mountOptions.PartitionInInactiveSysEncScope = FALSE; - mountOptions.UseBackupHeader = FALSE; - - if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, volParams->pkcs5, volParams->pim, FALSE, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1) - { - if (!Silent) - { - MessageBoxW (volParams->hwndDlg, GetString ("CANT_MOUNT_VOLUME"), lpszTitle, ICON_HAND); - MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND); - } - nStatus = ERR_VOL_MOUNT_FAILED; - goto fv_end; - } - - if (!Silent && !IsAdmin () && IsUacSupported ()) - retCode = UacFormatFs (volParams->hwndDlg, driveNo, volParams->clusterSize, fsType); - else - retCode = FormatFs (driveNo, volParams->clusterSize, fsType); - - if (retCode != TRUE) - { - if (!UnmountVolumeAfterFormatExCall (volParams->hwndDlg, driveNo) && !Silent) - MessageBoxW (volParams->hwndDlg, GetString ("CANT_DISMOUNT_VOLUME"), lpszTitle, ICON_HAND); - - if (dataAreaSize <= TC_MAX_FAT_SECTOR_COUNT * FormatSectorSize) - { - if (AskErrYesNo ("FORMAT_NTFS_FAILED_ASK_FAT", hwndDlg) == IDYES) - { - // NTFS format failed and the user wants to try FAT format immediately - volParams->fileSystem = FILESYS_FAT; - bInstantRetryOtherFilesys = TRUE; - volParams->quickFormat = TRUE; // Volume has already been successfully TC-formatted - volParams->clusterSize = 0; // Default cluster size - goto begin_format; - } - } - else - Error ("FORMAT_NTFS_FAILED", hwndDlg); - - nStatus = ERR_DONT_REPORT; - goto fv_end; - } - - if (!UnmountVolumeAfterFormatExCall (volParams->hwndDlg, driveNo) && !Silent) - MessageBoxW (volParams->hwndDlg, GetString ("CANT_DISMOUNT_VOLUME"), lpszTitle, ICON_HAND); - } - -fv_end: - dwError = GetLastError(); - - if (dosDev[0]) - RemoveFakeDosName (volParams->volumePath, dosDev); - - crypto_close (cryptoInfo); - - SetLastError (dwError); - return nStatus; -} - - -int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors, void * dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat) -{ - int write_buf_cnt = 0; - char sector[TC_MAX_VOLUME_SECTOR_SIZE], *write_buf; - unsigned __int64 nSecNo = startSector; - int retVal = 0; - DWORD err; - char temporaryKey[MASTER_KEYDATA_SIZE]; - char originalK2[MASTER_KEYDATA_SIZE]; - - LARGE_INTEGER startOffset; - LARGE_INTEGER newOffset; - - // Seek to start sector - startOffset.QuadPart = startSector * FormatSectorSize; - if (!SetFilePointerEx ((HANDLE) dev, startOffset, &newOffset, FILE_BEGIN) - || newOffset.QuadPart != startOffset.QuadPart) - { - return ERR_OS_ERROR; - } - - write_buf = (char *)TCalloc (FormatWriteBufferSize); - if (!write_buf) - return ERR_OUTOFMEMORY; - - VirtualLock (temporaryKey, sizeof (temporaryKey)); - VirtualLock (originalK2, sizeof (originalK2)); - - memset (sector, 0, sizeof (sector)); - - // Remember the original secondary key (XTS mode) before generating a temporary one - memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2)); - - /* Fill the rest of the data area with random data */ - - if(!quickFormat) - { - /* Generate a random temporary key set to be used for "dummy" encryption that will fill - the free disk space (data area) with random data. This is necessary for plausible - deniability of hidden volumes. */ - - // Temporary master key - if (!RandgetBytes (hwndDlg, temporaryKey, EAGetKeySize (cryptoInfo->ea), FALSE)) - goto fail; - - // Temporary secondary key (XTS mode) - if (!RandgetBytes (hwndDlg, cryptoInfo->k2, sizeof cryptoInfo->k2, FALSE)) - goto fail; - - retVal = EAInit (cryptoInfo->ea, temporaryKey, cryptoInfo->ks); - if (retVal != ERR_SUCCESS) - goto fail; - - if (!EAInitMode (cryptoInfo)) - { - retVal = ERR_MODE_INIT_FAILED; - goto fail; - } - - while (num_sectors--) - { - if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, - cryptoInfo) == FALSE) - goto fail; - } - - if (!FlushFormatWriteBuffer (dev, write_buf, &write_buf_cnt, &nSecNo, cryptoInfo)) - goto fail; - } - else - nSecNo = num_sectors; - - UpdateProgressBar (nSecNo * FormatSectorSize); - - // Restore the original secondary key (XTS mode) in case NTFS format fails and the user wants to try FAT immediately - memcpy (cryptoInfo->k2, originalK2, sizeof (cryptoInfo->k2)); - - // Reinitialize the encryption algorithm and mode in case NTFS format fails and the user wants to try FAT immediately - retVal = EAInit (cryptoInfo->ea, cryptoInfo->master_keydata, cryptoInfo->ks); - if (retVal != ERR_SUCCESS) - goto fail; - if (!EAInitMode (cryptoInfo)) - { - retVal = ERR_MODE_INIT_FAILED; - goto fail; - } - - burn (temporaryKey, sizeof(temporaryKey)); - burn (originalK2, sizeof(originalK2)); - VirtualUnlock (temporaryKey, sizeof (temporaryKey)); - VirtualUnlock (originalK2, sizeof (originalK2)); - TCfree (write_buf); - - return 0; - -fail: - err = GetLastError(); - - burn (temporaryKey, sizeof(temporaryKey)); - burn (originalK2, sizeof(originalK2)); - VirtualUnlock (temporaryKey, sizeof (temporaryKey)); - VirtualUnlock (originalK2, sizeof (originalK2)); - TCfree (write_buf); - - SetLastError (err); - return (retVal ? retVal : ERR_OS_ERROR); -} - - -volatile BOOLEAN FormatExError; - -BOOLEAN __stdcall FormatExCallback (int command, DWORD subCommand, PVOID parameter) +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include +#include + +#include "Tcdefs.h" + +#include "Common.h" +#include "Crypto.h" +#include "Fat.h" +#include "Format.h" +#include "Random.h" +#include "Volumes.h" + +#include "Apidrvr.h" +#include "Dlgcode.h" +#include "Language.h" +#include "Progress.h" +#include "Resource.h" +#include "Format/FormatCom.h" +#include "Format/Tcformat.h" + +#include + +#ifndef SRC_POS +#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) +#endif + +int FormatWriteBufferSize = 1024 * 1024; +static uint32 FormatSectorSize = 0; + + +uint64 GetVolumeDataAreaSize (BOOL hiddenVolume, uint64 volumeSize) +{ + uint64 reservedSize; + + if (hiddenVolume) + { + // Reserve free space at the end of the host filesystem. FAT file system fills the last sector with + // zeroes (marked as free; observed when quick format was performed using the OS format tool). + // Therefore, when the outer volume is mounted with hidden volume protection, such write operations + // (e.g. quick formatting the outer volume filesystem as FAT) would needlessly trigger hidden volume + // protection. + +#if TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE > 4096 +# error TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE too large for very small volumes. Revise the code. +#endif + +#if TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE_HIGH < TC_MAX_VOLUME_SECTOR_SIZE +# error TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE_HIGH too small. +#endif + + if (volumeSize < TC_VOLUME_SMALL_SIZE_THRESHOLD) + reservedSize = TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE; + else + reservedSize = TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE_HIGH; // Ensure size of a hidden volume larger than TC_VOLUME_SMALL_SIZE_THRESHOLD is a multiple of the maximum supported sector size + } + else + { + reservedSize = TC_TOTAL_VOLUME_HEADERS_SIZE; + } + + if (volumeSize < reservedSize) + return 0; + + return volumeSize - reservedSize; +} + + +int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams) +{ + int nStatus; + PCRYPTO_INFO cryptoInfo = NULL; + HANDLE dev = INVALID_HANDLE_VALUE; + DWORD dwError; + char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; + unsigned __int64 num_sectors, startSector; + fatparams ft; + FILETIME ftCreationTime; + FILETIME ftLastWriteTime; + FILETIME ftLastAccessTime; + BOOL bTimeStampValid = FALSE; + BOOL bInstantRetryOtherFilesys = FALSE; + WCHAR dosDev[TC_MAX_PATH] = { 0 }; + WCHAR devName[MAX_PATH] = { 0 }; + int driveLetter = -1; + WCHAR deviceName[MAX_PATH]; + uint64 dataOffset, dataAreaSize; + LARGE_INTEGER offset; + BOOL bFailedRequiredDASD = FALSE; + HWND hwndDlg = volParams->hwndDlg; + + FormatSectorSize = volParams->sectorSize; + + if (FormatSectorSize < TC_MIN_VOLUME_SECTOR_SIZE + || FormatSectorSize > TC_MAX_VOLUME_SECTOR_SIZE + || FormatSectorSize % ENCRYPTION_DATA_UNIT_SIZE != 0) + { + Error ("SECTOR_SIZE_UNSUPPORTED", hwndDlg); + return ERR_DONT_REPORT; + } + + /* WARNING: Note that if Windows fails to format the volume as NTFS and the volume size is + less than the maximum FAT size, the user is asked within this function whether he wants to instantly + retry FAT format instead (to avoid having to re-create the whole container again). If the user + answers yes, some of the input parameters are modified, the code below 'begin_format' is re-executed + and some destructive operations that were performed during the first attempt must be (and are) skipped. + Therefore, whenever adding or modifying any potentially destructive operations below 'begin_format', + determine whether they (or their portions) need to be skipped during such a second attempt; if so, + use the 'bInstantRetryOtherFilesys' flag to skip them. */ + + if (volParams->hiddenVol) + { + dataOffset = volParams->hiddenVolHostSize - TC_VOLUME_HEADER_GROUP_SIZE - volParams->size; + } + else + { + if (volParams->size <= TC_TOTAL_VOLUME_HEADERS_SIZE) + return ERR_VOL_SIZE_WRONG; + + dataOffset = TC_VOLUME_DATA_OFFSET; + } + + dataAreaSize = GetVolumeDataAreaSize (volParams->hiddenVol, volParams->size); + + num_sectors = dataAreaSize / FormatSectorSize; + + if (volParams->bDevice) + { + StringCchCopyW (deviceName, ARRAYSIZE(deviceName), volParams->volumePath); + + driveLetter = GetDiskDeviceDriveLetter (deviceName); + } + + VirtualLock (header, sizeof (header)); + + nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, + header, + volParams->ea, + FIRST_MODE_OF_OPERATION_ID, + volParams->password, + volParams->pkcs5, + volParams->pim, + NULL, + &cryptoInfo, + dataAreaSize, + volParams->hiddenVol ? dataAreaSize : 0, + dataOffset, + dataAreaSize, + 0, + volParams->headerFlags, + FormatSectorSize, + FALSE); + + if (nStatus != 0) + { + burn (header, sizeof (header)); + VirtualUnlock (header, sizeof (header)); + return nStatus; + } + +begin_format: + + if (volParams->bDevice) + { + /* Device-hosted volume */ + + DWORD dwResult; + int nPass; + + if (FakeDosNameForDevice (volParams->volumePath, dosDev, sizeof(dosDev), devName, sizeof(devName), FALSE) != 0) + return ERR_OS_ERROR; + + if (IsDeviceMounted (devName)) + { + if ((dev = DismountDrive (devName, volParams->volumePath)) == INVALID_HANDLE_VALUE) + { + Error ("FORMAT_CANT_DISMOUNT_FILESYS", hwndDlg); + nStatus = ERR_DONT_REPORT; + goto error; + } + + /* Gain "raw" access to the partition (it contains a live filesystem and the filesystem driver + would otherwise prevent us from writing to hidden sectors). */ + + if (!DeviceIoControl (dev, + FSCTL_ALLOW_EXTENDED_DASD_IO, + NULL, + 0, + NULL, + 0, + &dwResult, + NULL)) + { + bFailedRequiredDASD = TRUE; + } + } + else if (IsOSAtLeast (WIN_VISTA) && driveLetter == -1) + { + // Windows Vista doesn't allow overwriting sectors belonging to an unformatted partition + // to which no drive letter has been assigned under the system. This problem can be worked + // around by assigning a drive letter to the partition temporarily. + + wchar_t szDriveLetter[] = { L'A', L':', 0 }; + wchar_t rootPath[] = { L'A', L':', L'\\', 0 }; + wchar_t uniqVolName[MAX_PATH+1] = { 0 }; + int tmpDriveLetter = -1; + BOOL bResult = FALSE; + + tmpDriveLetter = GetFirstAvailableDrive (); + + if (tmpDriveLetter != -1) + { + rootPath[0] += (wchar_t) tmpDriveLetter; + szDriveLetter[0] += (wchar_t) tmpDriveLetter; + + if (DefineDosDevice (DDD_RAW_TARGET_PATH, szDriveLetter, volParams->volumePath)) + { + bResult = GetVolumeNameForVolumeMountPoint (rootPath, uniqVolName, MAX_PATH); + + DefineDosDevice (DDD_RAW_TARGET_PATH|DDD_REMOVE_DEFINITION|DDD_EXACT_MATCH_ON_REMOVE, + szDriveLetter, + volParams->volumePath); + + if (bResult + && SetVolumeMountPoint (rootPath, uniqVolName)) + { + // The drive letter can be removed now + DeleteVolumeMountPoint (rootPath); + } + } + } + } + + // For extra safety, we will try to gain "raw" access to the partition. Note that this should actually be + // redundant because if the filesystem was mounted, we already tried to obtain DASD above. If we failed, + // bFailedRequiredDASD was set to TRUE and therefore we will perform pseudo "quick format" below. However, + // for extra safety, in case IsDeviceMounted() failed to detect a live filesystem, we will blindly + // send FSCTL_ALLOW_EXTENDED_DASD_IO (possibly for a second time) without checking the result. + + DeviceIoControl (dev, + FSCTL_ALLOW_EXTENDED_DASD_IO, + NULL, + 0, + NULL, + 0, + &dwResult, + NULL); + + + // If DASD is needed but we failed to obtain it, perform open - 'quick format' - close - open + // so that the filesystem driver does not prevent us from formatting hidden sectors. + for (nPass = (bFailedRequiredDASD ? 0 : 1); nPass < 2; nPass++) + { + int retryCount; + + retryCount = 0; + + // Try exclusive access mode first + // Note that when exclusive access is denied, it is worth retrying (usually succeeds after a few tries). + while (dev == INVALID_HANDLE_VALUE && retryCount++ < EXCL_ACCESS_MAX_AUTO_RETRIES) + { + dev = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL); + + if (retryCount > 1) + Sleep (EXCL_ACCESS_AUTO_RETRY_DELAY); + } + + if (dev == INVALID_HANDLE_VALUE) + { + // Exclusive access denied -- retry in shared mode + dev = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + if (dev != INVALID_HANDLE_VALUE) + { + if (!volParams->bForceOperation && (Silent || (IDNO == MessageBoxW (volParams->hwndDlg, GetString ("DEVICE_IN_USE_FORMAT"), lpszTitle, MB_YESNO|MB_ICONWARNING|MB_DEFBUTTON2)))) + { + nStatus = ERR_DONT_REPORT; + goto error; + } + } + else + { + handleWin32Error (volParams->hwndDlg, SRC_POS); + Error ("CANT_ACCESS_VOL", hwndDlg); + nStatus = ERR_DONT_REPORT; + goto error; + } + } + + if (volParams->hiddenVol || bInstantRetryOtherFilesys) + break; // The following "quick format" operation would damage the outer volume + + if (nPass == 0) + { + char buf [2 * TC_MAX_VOLUME_SECTOR_SIZE]; + DWORD bw; + + // Perform pseudo "quick format" so that the filesystem driver does not prevent us from + // formatting hidden sectors + memset (buf, 0, sizeof (buf)); + + if (!WriteFile (dev, buf, sizeof (buf), &bw, NULL)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + FlushFileBuffers (dev); + CloseHandle (dev); + dev = INVALID_HANDLE_VALUE; + } + } + + if (DeviceIoControl (dev, FSCTL_IS_VOLUME_MOUNTED, NULL, 0, NULL, 0, &dwResult, NULL)) + { + Error ("FORMAT_CANT_DISMOUNT_FILESYS", hwndDlg); + nStatus = ERR_DONT_REPORT; + goto error; + } + } + else + { + /* File-hosted volume */ + + dev = CreateFile (volParams->volumePath, GENERIC_READ | GENERIC_WRITE, + (volParams->hiddenVol || bInstantRetryOtherFilesys) ? (FILE_SHARE_READ | FILE_SHARE_WRITE) : 0, + NULL, (volParams->hiddenVol || bInstantRetryOtherFilesys) ? OPEN_EXISTING : CREATE_ALWAYS, 0, NULL); + + if (dev == INVALID_HANDLE_VALUE) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + DisableFileCompression (dev); + + if (!volParams->hiddenVol && !bInstantRetryOtherFilesys) + { + LARGE_INTEGER volumeSize; + volumeSize.QuadPart = dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE; + + if (volParams->sparseFileSwitch && volParams->quickFormat) + { + // Create as sparse file container + DWORD tmp; + if (!DeviceIoControl (dev, FSCTL_SET_SPARSE, NULL, 0, NULL, 0, &tmp, NULL)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + } + + // Preallocate the file + if (!SetFilePointerEx (dev, volumeSize, NULL, FILE_BEGIN) + || !SetEndOfFile (dev) + || SetFilePointer (dev, 0, NULL, FILE_BEGIN) != 0) + { + nStatus = ERR_OS_ERROR; + goto error; + } + } + } + + if (volParams->hiddenVol && !volParams->bDevice && bPreserveTimestamp) + { + if (GetFileTime ((HANDLE) dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime) == 0) + bTimeStampValid = FALSE; + else + bTimeStampValid = TRUE; + } + + if (volParams->hwndDlg && volParams->bGuiMode) KillTimer (volParams->hwndDlg, TIMER_ID_RANDVIEW); + + /* Volume header */ + + // Hidden volume setup + if (volParams->hiddenVol) + { + LARGE_INTEGER headerOffset; + + // Check hidden volume size + if (volParams->hiddenVolHostSize < TC_MIN_HIDDEN_VOLUME_HOST_SIZE || volParams->hiddenVolHostSize > TC_MAX_HIDDEN_VOLUME_HOST_SIZE) + { + nStatus = ERR_VOL_SIZE_WRONG; + goto error; + } + + // Seek to hidden volume header location + + headerOffset.QuadPart = TC_HIDDEN_VOLUME_HEADER_OFFSET; + + if (!SetFilePointerEx ((HANDLE) dev, headerOffset, NULL, FILE_BEGIN)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + } + else if (bInstantRetryOtherFilesys) + { + // The previous file system format failed and the user wants to try again with a different file system. + // The volume header had been written successfully so we need to seek to the byte after the header. + + LARGE_INTEGER offset; + offset.QuadPart = TC_VOLUME_DATA_OFFSET; + if (!SetFilePointerEx ((HANDLE) dev, offset, NULL, FILE_BEGIN)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + } + + if (!bInstantRetryOtherFilesys) + { + // Write the volume header + if (!WriteEffectiveVolumeHeader (volParams->bDevice, dev, header)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + // To prevent fragmentation, write zeroes to reserved header sectors which are going to be filled with random data + if (!volParams->bDevice && !volParams->hiddenVol) + { + byte buf[TC_VOLUME_HEADER_GROUP_SIZE - TC_VOLUME_HEADER_EFFECTIVE_SIZE]; + DWORD bytesWritten; + ZeroMemory (buf, sizeof (buf)); + + if (!WriteFile (dev, buf, sizeof (buf), &bytesWritten, NULL)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + if (bytesWritten != sizeof (buf)) + { + nStatus = ERR_PARAMETER_INCORRECT; + goto error; + } + } + } + + if (volParams->hiddenVol) + { + // Calculate data area position of hidden volume + cryptoInfo->hiddenVolumeOffset = dataOffset; + + // Validate the offset + if (dataOffset % FormatSectorSize != 0) + { + nStatus = ERR_VOL_SIZE_WRONG; + goto error; + } + + volParams->quickFormat = TRUE; // To entirely format a hidden volume would be redundant + } + + /* Data area */ + startSector = dataOffset / FormatSectorSize; + + // Format filesystem + + switch (volParams->fileSystem) + { + case FILESYS_NONE: + case FILESYS_NTFS: + case FILESYS_EXFAT: + + if (volParams->bDevice && !StartFormatWriteThread()) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + nStatus = FormatNoFs (hwndDlg, startSector, num_sectors, dev, cryptoInfo, volParams->quickFormat); + + if (volParams->bDevice) + StopFormatWriteThread(); + + break; + + case FILESYS_FAT: + if (num_sectors > 0xFFFFffff) + { + nStatus = ERR_VOL_SIZE_WRONG; + goto error; + } + + // Calculate the fats, root dir etc + ft.num_sectors = (unsigned int) (num_sectors); + +#if TC_MAX_VOLUME_SECTOR_SIZE > 0xFFFF +#error TC_MAX_VOLUME_SECTOR_SIZE > 0xFFFF +#endif + + ft.sector_size = (uint16) FormatSectorSize; + ft.cluster_size = volParams->clusterSize; + memcpy (ft.volume_name, "NO NAME ", 11); + GetFatParams (&ft); + *(volParams->realClusterSize) = ft.cluster_size * FormatSectorSize; + + if (volParams->bDevice && !StartFormatWriteThread()) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + nStatus = FormatFat (hwndDlg, startSector, &ft, (void *) dev, cryptoInfo, volParams->quickFormat); + + if (volParams->bDevice) + StopFormatWriteThread(); + + break; + + default: + nStatus = ERR_PARAMETER_INCORRECT; + goto error; + } + + if (nStatus != ERR_SUCCESS) + goto error; + + // Write header backup + offset.QuadPart = volParams->hiddenVol ? volParams->hiddenVolHostSize - TC_HIDDEN_VOLUME_HEADER_OFFSET : dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE; + + if (!SetFilePointerEx ((HANDLE) dev, offset, NULL, FILE_BEGIN)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, + header, + volParams->ea, + FIRST_MODE_OF_OPERATION_ID, + volParams->password, + volParams->pkcs5, + volParams->pim, + cryptoInfo->master_keydata, + &cryptoInfo, + dataAreaSize, + volParams->hiddenVol ? dataAreaSize : 0, + dataOffset, + dataAreaSize, + 0, + volParams->headerFlags, + FormatSectorSize, + FALSE); + + if (!WriteEffectiveVolumeHeader (volParams->bDevice, dev, header)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + // Fill reserved header sectors (including the backup header area) with random data + if (!volParams->hiddenVol) + { + nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, dataAreaSize, FALSE, FALSE); + + if (nStatus != ERR_SUCCESS) + goto error; + } + +#ifndef DEBUG + if (volParams->quickFormat && volParams->fileSystem != FILESYS_NTFS && volParams->fileSystem != FILESYS_EXFAT) + Sleep (500); // User-friendly GUI +#endif + +error: + dwError = GetLastError(); + + burn (header, sizeof (header)); + VirtualUnlock (header, sizeof (header)); + + if (dev != INVALID_HANDLE_VALUE) + { + if (!volParams->bDevice && !volParams->hiddenVol && nStatus != 0) + { + // Remove preallocated part before closing file handle if format failed + if (SetFilePointer (dev, 0, NULL, FILE_BEGIN) == 0) + SetEndOfFile (dev); + } + + FlushFileBuffers (dev); + + if (bTimeStampValid) + SetFileTime (dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime); + + CloseHandle (dev); + dev = INVALID_HANDLE_VALUE; + } + + if (nStatus != 0) + { + SetLastError(dwError); + goto fv_end; + } + + if (volParams->fileSystem == FILESYS_NTFS || volParams->fileSystem == FILESYS_EXFAT) + { + // Quick-format volume as NTFS + int driveNo = GetLastAvailableDrive (); + MountOptions mountOptions; + int retCode; + int fsType = (volParams->fileSystem == FILESYS_EXFAT)? FILESYS_EXFAT: FILESYS_NTFS; + + ZeroMemory (&mountOptions, sizeof (mountOptions)); + + if (driveNo == -1) + { + if (!Silent) + { + MessageBoxW (volParams->hwndDlg, GetString ("NO_FREE_DRIVES"), lpszTitle, ICON_HAND); + MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND); + } + + nStatus = ERR_NO_FREE_DRIVES; + goto fv_end; + } + + mountOptions.ReadOnly = FALSE; + mountOptions.Removable = FALSE; + mountOptions.ProtectHiddenVolume = FALSE; + mountOptions.PreserveTimestamp = bPreserveTimestamp; + mountOptions.PartitionInInactiveSysEncScope = FALSE; + mountOptions.UseBackupHeader = FALSE; + + if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, volParams->pkcs5, volParams->pim, FALSE, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1) + { + if (!Silent) + { + MessageBoxW (volParams->hwndDlg, GetString ("CANT_MOUNT_VOLUME"), lpszTitle, ICON_HAND); + MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND); + } + nStatus = ERR_VOL_MOUNT_FAILED; + goto fv_end; + } + + if (!Silent && !IsAdmin () && IsUacSupported ()) + retCode = UacFormatFs (volParams->hwndDlg, driveNo, volParams->clusterSize, fsType); + else + retCode = FormatFs (driveNo, volParams->clusterSize, fsType); + + if (retCode != TRUE) + { + if (!UnmountVolumeAfterFormatExCall (volParams->hwndDlg, driveNo) && !Silent) + MessageBoxW (volParams->hwndDlg, GetString ("CANT_DISMOUNT_VOLUME"), lpszTitle, ICON_HAND); + + if (dataAreaSize <= TC_MAX_FAT_SECTOR_COUNT * FormatSectorSize) + { + if (AskErrYesNo ("FORMAT_NTFS_FAILED_ASK_FAT", hwndDlg) == IDYES) + { + // NTFS format failed and the user wants to try FAT format immediately + volParams->fileSystem = FILESYS_FAT; + bInstantRetryOtherFilesys = TRUE; + volParams->quickFormat = TRUE; // Volume has already been successfully TC-formatted + volParams->clusterSize = 0; // Default cluster size + goto begin_format; + } + } + else + Error ("FORMAT_NTFS_FAILED", hwndDlg); + + nStatus = ERR_DONT_REPORT; + goto fv_end; + } + + if (!UnmountVolumeAfterFormatExCall (volParams->hwndDlg, driveNo) && !Silent) + MessageBoxW (volParams->hwndDlg, GetString ("CANT_DISMOUNT_VOLUME"), lpszTitle, ICON_HAND); + } + +fv_end: + dwError = GetLastError(); + + if (dosDev[0]) + RemoveFakeDosName (volParams->volumePath, dosDev); + + crypto_close (cryptoInfo); + + SetLastError (dwError); + return nStatus; +} + + +int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors, void * dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat) +{ + int write_buf_cnt = 0; + char sector[TC_MAX_VOLUME_SECTOR_SIZE], *write_buf; + unsigned __int64 nSecNo = startSector; + int retVal = 0; + DWORD err; + char temporaryKey[MASTER_KEYDATA_SIZE]; + char originalK2[MASTER_KEYDATA_SIZE]; + + LARGE_INTEGER startOffset; + LARGE_INTEGER newOffset; + + // Seek to start sector + startOffset.QuadPart = startSector * FormatSectorSize; + if (!SetFilePointerEx ((HANDLE) dev, startOffset, &newOffset, FILE_BEGIN) + || newOffset.QuadPart != startOffset.QuadPart) + { + return ERR_OS_ERROR; + } + + write_buf = (char *)TCalloc (FormatWriteBufferSize); + if (!write_buf) + return ERR_OUTOFMEMORY; + + VirtualLock (temporaryKey, sizeof (temporaryKey)); + VirtualLock (originalK2, sizeof (originalK2)); + + memset (sector, 0, sizeof (sector)); + + // Remember the original secondary key (XTS mode) before generating a temporary one + memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2)); + + /* Fill the rest of the data area with random data */ + + if(!quickFormat) + { + /* Generate a random temporary key set to be used for "dummy" encryption that will fill + the free disk space (data area) with random data. This is necessary for plausible + deniability of hidden volumes. */ + + // Temporary master key + if (!RandgetBytes (hwndDlg, temporaryKey, EAGetKeySize (cryptoInfo->ea), FALSE)) + goto fail; + + // Temporary secondary key (XTS mode) + if (!RandgetBytes (hwndDlg, cryptoInfo->k2, sizeof cryptoInfo->k2, FALSE)) + goto fail; + + retVal = EAInit (cryptoInfo->ea, temporaryKey, cryptoInfo->ks); + if (retVal != ERR_SUCCESS) + goto fail; + + if (!EAInitMode (cryptoInfo)) + { + retVal = ERR_MODE_INIT_FAILED; + goto fail; + } + + while (num_sectors--) + { + if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, + cryptoInfo) == FALSE) + goto fail; + } + + if (!FlushFormatWriteBuffer (dev, write_buf, &write_buf_cnt, &nSecNo, cryptoInfo)) + goto fail; + } + else + nSecNo = num_sectors; + + UpdateProgressBar (nSecNo * FormatSectorSize); + + // Restore the original secondary key (XTS mode) in case NTFS format fails and the user wants to try FAT immediately + memcpy (cryptoInfo->k2, originalK2, sizeof (cryptoInfo->k2)); + + // Reinitialize the encryption algorithm and mode in case NTFS format fails and the user wants to try FAT immediately + retVal = EAInit (cryptoInfo->ea, cryptoInfo->master_keydata, cryptoInfo->ks); + if (retVal != ERR_SUCCESS) + goto fail; + if (!EAInitMode (cryptoInfo)) + { + retVal = ERR_MODE_INIT_FAILED; + goto fail; + } + + burn (temporaryKey, sizeof(temporaryKey)); + burn (originalK2, sizeof(originalK2)); + VirtualUnlock (temporaryKey, sizeof (temporaryKey)); + VirtualUnlock (originalK2, sizeof (originalK2)); + TCfree (write_buf); + + return 0; + +fail: + err = GetLastError(); + + burn (temporaryKey, sizeof(temporaryKey)); + burn (originalK2, sizeof(originalK2)); + VirtualUnlock (temporaryKey, sizeof (temporaryKey)); + VirtualUnlock (originalK2, sizeof (originalK2)); + TCfree (write_buf); + + SetLastError (err); + return (retVal ? retVal : ERR_OS_ERROR); +} + + +volatile BOOLEAN FormatExError; + +BOOLEAN __stdcall FormatExCallback (int command, DWORD subCommand, PVOID parameter) { if (FormatExError) return FALSE; @@ -859,250 +859,250 @@ BOOLEAN __stdcall FormatExCallback (int command, DWORD subCommand, PVOID paramet FormatExError = TRUE; break; } - return (FormatExError? FALSE : TRUE); -} - -BOOL FormatFs (int driveNo, int clusterSize, int fsType) -{ - wchar_t dllPath[MAX_PATH] = {0}; - WCHAR dir[8] = { (WCHAR) driveNo + L'A', 0 }; - PFORMATEX FormatEx; - HMODULE hModule; - int i; - WCHAR szFsFormat[16]; - WCHAR szLabel[2] = {0}; - switch (fsType) - { - case FILESYS_NTFS: - StringCchCopyW (szFsFormat, ARRAYSIZE (szFsFormat),L"NTFS"); - break; - case FILESYS_EXFAT: - StringCchCopyW (szFsFormat, ARRAYSIZE (szFsFormat),L"EXFAT"); - break; - default: - return FALSE; - } - - - if (GetSystemDirectory (dllPath, MAX_PATH)) - { - StringCchCatW(dllPath, ARRAYSIZE(dllPath), L"\\fmifs.dll"); - } - else - StringCchCopyW(dllPath, ARRAYSIZE(dllPath), L"C:\\Windows\\System32\\fmifs.dll"); - - hModule = LoadLibrary (dllPath); - - if (hModule == NULL) - return FALSE; - - if (!(FormatEx = (PFORMATEX) GetProcAddress (GetModuleHandle (L"fmifs.dll"), "FormatEx"))) - { - FreeLibrary (hModule); - return FALSE; - } - - StringCchCatW (dir, ARRAYSIZE(dir), L":\\"); - - FormatExError = TRUE; - - // Windows sometimes fails to format a volume (hosted on a removable medium) as NTFS. - // It often helps to retry several times. - for (i = 0; i < 50 && FormatExError; i++) - { - FormatExError = FALSE; - FormatEx (dir, FMIFS_HARDDISK, szFsFormat, szLabel, TRUE, clusterSize * FormatSectorSize, FormatExCallback); - } - - // The device may be referenced for some time after FormatEx() returns - Sleep (4000); - - FreeLibrary (hModule); - return FormatExError? FALSE : TRUE; -} - -BOOL FormatNtfs (int driveNo, int clusterSize) -{ - return FormatFs (driveNo, clusterSize, FILESYS_NTFS); -} - -BOOL WriteSector (void *dev, char *sector, - char *write_buf, int *write_buf_cnt, - __int64 *nSecNo, PCRYPTO_INFO cryptoInfo) -{ - static __int32 updateTime = 0; - - (*nSecNo)++; - - memcpy (write_buf + *write_buf_cnt, sector, FormatSectorSize); - (*write_buf_cnt) += FormatSectorSize; - - if (*write_buf_cnt == FormatWriteBufferSize && !FlushFormatWriteBuffer (dev, write_buf, write_buf_cnt, nSecNo, cryptoInfo)) - return FALSE; - - if (GetTickCount () - updateTime > 25) - { - if (UpdateProgressBar (*nSecNo * FormatSectorSize)) - return FALSE; - - updateTime = GetTickCount (); - } - - return TRUE; - -} - - -static volatile BOOL WriteThreadRunning; -static volatile BOOL WriteThreadExitRequested; -static HANDLE WriteThreadHandle; - -static byte *WriteThreadBuffer; -static HANDLE WriteBufferEmptyEvent; -static HANDLE WriteBufferFullEvent; - -static volatile HANDLE WriteRequestHandle; -static volatile int WriteRequestSize; -static volatile DWORD WriteRequestResult; - - -static void __cdecl FormatWriteThreadProc (void *arg) -{ - DWORD bytesWritten; - - SetThreadPriority (GetCurrentThread(), THREAD_PRIORITY_HIGHEST); - - while (!WriteThreadExitRequested) - { - if (WaitForSingleObject (WriteBufferFullEvent, INFINITE) == WAIT_FAILED) - { - handleWin32Error (NULL, SRC_POS); - break; - } - - if (WriteThreadExitRequested) - break; - - if (!WriteFile (WriteRequestHandle, WriteThreadBuffer, WriteRequestSize, &bytesWritten, NULL)) - WriteRequestResult = GetLastError(); - else - WriteRequestResult = ERROR_SUCCESS; - - if (!SetEvent (WriteBufferEmptyEvent)) - { - handleWin32Error (NULL, SRC_POS); - break; - } - } - - WriteThreadRunning = FALSE; - _endthread(); -} - - -static BOOL StartFormatWriteThread () -{ - DWORD sysErr; - - WriteBufferEmptyEvent = NULL; - WriteBufferFullEvent = NULL; - WriteThreadBuffer = NULL; - - WriteBufferEmptyEvent = CreateEvent (NULL, FALSE, TRUE, NULL); - if (!WriteBufferEmptyEvent) - goto err; - - WriteBufferFullEvent = CreateEvent (NULL, FALSE, FALSE, NULL); - if (!WriteBufferFullEvent) - goto err; - - WriteThreadBuffer = TCalloc (FormatWriteBufferSize); - if (!WriteThreadBuffer) - { - SetLastError (ERROR_OUTOFMEMORY); - goto err; - } - - WriteThreadExitRequested = FALSE; - WriteRequestResult = ERROR_SUCCESS; - - WriteThreadHandle = (HANDLE) _beginthread (FormatWriteThreadProc, 0, NULL); - if ((uintptr_t) WriteThreadHandle == -1L) - goto err; - - WriteThreadRunning = TRUE; - return TRUE; - -err: - sysErr = GetLastError(); - - if (WriteBufferEmptyEvent) - CloseHandle (WriteBufferEmptyEvent); - if (WriteBufferFullEvent) - CloseHandle (WriteBufferFullEvent); - if (WriteThreadBuffer) - TCfree (WriteThreadBuffer); - - SetLastError (sysErr); - return FALSE; -} - - -static void StopFormatWriteThread () -{ - if (WriteThreadRunning) - { - WaitForSingleObject (WriteBufferEmptyEvent, INFINITE); - - WriteThreadExitRequested = TRUE; - SetEvent (WriteBufferFullEvent); - - WaitForSingleObject (WriteThreadHandle, INFINITE); - } - - CloseHandle (WriteBufferEmptyEvent); - CloseHandle (WriteBufferFullEvent); - TCfree (WriteThreadBuffer); -} - - -BOOL FlushFormatWriteBuffer (void *dev, char *write_buf, int *write_buf_cnt, __int64 *nSecNo, PCRYPTO_INFO cryptoInfo) -{ - UINT64_STRUCT unitNo; - DWORD bytesWritten; - - if (*write_buf_cnt == 0) - return TRUE; - - unitNo.Value = (*nSecNo * FormatSectorSize - *write_buf_cnt) / ENCRYPTION_DATA_UNIT_SIZE; - - EncryptDataUnits (write_buf, &unitNo, *write_buf_cnt / ENCRYPTION_DATA_UNIT_SIZE, cryptoInfo); - - if (WriteThreadRunning) - { - if (WaitForSingleObject (WriteBufferEmptyEvent, INFINITE) == WAIT_FAILED) - return FALSE; - - if (WriteRequestResult != ERROR_SUCCESS) - { - SetEvent (WriteBufferEmptyEvent); - SetLastError (WriteRequestResult); - return FALSE; - } - - memcpy (WriteThreadBuffer, write_buf, *write_buf_cnt); - WriteRequestHandle = dev; - WriteRequestSize = *write_buf_cnt; - - if (!SetEvent (WriteBufferFullEvent)) - return FALSE; - } - else - { - if (!WriteFile ((HANDLE) dev, write_buf, *write_buf_cnt, &bytesWritten, NULL)) - return FALSE; - } - - *write_buf_cnt = 0; - return TRUE; -} + return (FormatExError? FALSE : TRUE); +} + +BOOL FormatFs (int driveNo, int clusterSize, int fsType) +{ + wchar_t dllPath[MAX_PATH] = {0}; + WCHAR dir[8] = { (WCHAR) driveNo + L'A', 0 }; + PFORMATEX FormatEx; + HMODULE hModule; + int i; + WCHAR szFsFormat[16]; + WCHAR szLabel[2] = {0}; + switch (fsType) + { + case FILESYS_NTFS: + StringCchCopyW (szFsFormat, ARRAYSIZE (szFsFormat),L"NTFS"); + break; + case FILESYS_EXFAT: + StringCchCopyW (szFsFormat, ARRAYSIZE (szFsFormat),L"EXFAT"); + break; + default: + return FALSE; + } + + + if (GetSystemDirectory (dllPath, MAX_PATH)) + { + StringCchCatW(dllPath, ARRAYSIZE(dllPath), L"\\fmifs.dll"); + } + else + StringCchCopyW(dllPath, ARRAYSIZE(dllPath), L"C:\\Windows\\System32\\fmifs.dll"); + + hModule = LoadLibrary (dllPath); + + if (hModule == NULL) + return FALSE; + + if (!(FormatEx = (PFORMATEX) GetProcAddress (GetModuleHandle (L"fmifs.dll"), "FormatEx"))) + { + FreeLibrary (hModule); + return FALSE; + } + + StringCchCatW (dir, ARRAYSIZE(dir), L":\\"); + + FormatExError = TRUE; + + // Windows sometimes fails to format a volume (hosted on a removable medium) as NTFS. + // It often helps to retry several times. + for (i = 0; i < 50 && FormatExError; i++) + { + FormatExError = FALSE; + FormatEx (dir, FMIFS_HARDDISK, szFsFormat, szLabel, TRUE, clusterSize * FormatSectorSize, FormatExCallback); + } + + // The device may be referenced for some time after FormatEx() returns + Sleep (4000); + + FreeLibrary (hModule); + return FormatExError? FALSE : TRUE; +} + +BOOL FormatNtfs (int driveNo, int clusterSize) +{ + return FormatFs (driveNo, clusterSize, FILESYS_NTFS); +} + +BOOL WriteSector (void *dev, char *sector, + char *write_buf, int *write_buf_cnt, + __int64 *nSecNo, PCRYPTO_INFO cryptoInfo) +{ + static __int32 updateTime = 0; + + (*nSecNo)++; + + memcpy (write_buf + *write_buf_cnt, sector, FormatSectorSize); + (*write_buf_cnt) += FormatSectorSize; + + if (*write_buf_cnt == FormatWriteBufferSize && !FlushFormatWriteBuffer (dev, write_buf, write_buf_cnt, nSecNo, cryptoInfo)) + return FALSE; + + if (GetTickCount () - updateTime > 25) + { + if (UpdateProgressBar (*nSecNo * FormatSectorSize)) + return FALSE; + + updateTime = GetTickCount (); + } + + return TRUE; + +} + + +static volatile BOOL WriteThreadRunning; +static volatile BOOL WriteThreadExitRequested; +static HANDLE WriteThreadHandle; + +static byte *WriteThreadBuffer; +static HANDLE WriteBufferEmptyEvent; +static HANDLE WriteBufferFullEvent; + +static volatile HANDLE WriteRequestHandle; +static volatile int WriteRequestSize; +static volatile DWORD WriteRequestResult; + + +static void __cdecl FormatWriteThreadProc (void *arg) +{ + DWORD bytesWritten; + + SetThreadPriority (GetCurrentThread(), THREAD_PRIORITY_HIGHEST); + + while (!WriteThreadExitRequested) + { + if (WaitForSingleObject (WriteBufferFullEvent, INFINITE) == WAIT_FAILED) + { + handleWin32Error (NULL, SRC_POS); + break; + } + + if (WriteThreadExitRequested) + break; + + if (!WriteFile (WriteRequestHandle, WriteThreadBuffer, WriteRequestSize, &bytesWritten, NULL)) + WriteRequestResult = GetLastError(); + else + WriteRequestResult = ERROR_SUCCESS; + + if (!SetEvent (WriteBufferEmptyEvent)) + { + handleWin32Error (NULL, SRC_POS); + break; + } + } + + WriteThreadRunning = FALSE; + _endthread(); +} + + +static BOOL StartFormatWriteThread () +{ + DWORD sysErr; + + WriteBufferEmptyEvent = NULL; + WriteBufferFullEvent = NULL; + WriteThreadBuffer = NULL; + + WriteBufferEmptyEvent = CreateEvent (NULL, FALSE, TRUE, NULL); + if (!WriteBufferEmptyEvent) + goto err; + + WriteBufferFullEvent = CreateEvent (NULL, FALSE, FALSE, NULL); + if (!WriteBufferFullEvent) + goto err; + + WriteThreadBuffer = TCalloc (FormatWriteBufferSize); + if (!WriteThreadBuffer) + { + SetLastError (ERROR_OUTOFMEMORY); + goto err; + } + + WriteThreadExitRequested = FALSE; + WriteRequestResult = ERROR_SUCCESS; + + WriteThreadHandle = (HANDLE) _beginthread (FormatWriteThreadProc, 0, NULL); + if ((uintptr_t) WriteThreadHandle == -1L) + goto err; + + WriteThreadRunning = TRUE; + return TRUE; + +err: + sysErr = GetLastError(); + + if (WriteBufferEmptyEvent) + CloseHandle (WriteBufferEmptyEvent); + if (WriteBufferFullEvent) + CloseHandle (WriteBufferFullEvent); + if (WriteThreadBuffer) + TCfree (WriteThreadBuffer); + + SetLastError (sysErr); + return FALSE; +} + + +static void StopFormatWriteThread () +{ + if (WriteThreadRunning) + { + WaitForSingleObject (WriteBufferEmptyEvent, INFINITE); + + WriteThreadExitRequested = TRUE; + SetEvent (WriteBufferFullEvent); + + WaitForSingleObject (WriteThreadHandle, INFINITE); + } + + CloseHandle (WriteBufferEmptyEvent); + CloseHandle (WriteBufferFullEvent); + TCfree (WriteThreadBuffer); +} + + +BOOL FlushFormatWriteBuffer (void *dev, char *write_buf, int *write_buf_cnt, __int64 *nSecNo, PCRYPTO_INFO cryptoInfo) +{ + UINT64_STRUCT unitNo; + DWORD bytesWritten; + + if (*write_buf_cnt == 0) + return TRUE; + + unitNo.Value = (*nSecNo * FormatSectorSize - *write_buf_cnt) / ENCRYPTION_DATA_UNIT_SIZE; + + EncryptDataUnits (write_buf, &unitNo, *write_buf_cnt / ENCRYPTION_DATA_UNIT_SIZE, cryptoInfo); + + if (WriteThreadRunning) + { + if (WaitForSingleObject (WriteBufferEmptyEvent, INFINITE) == WAIT_FAILED) + return FALSE; + + if (WriteRequestResult != ERROR_SUCCESS) + { + SetEvent (WriteBufferEmptyEvent); + SetLastError (WriteRequestResult); + return FALSE; + } + + memcpy (WriteThreadBuffer, write_buf, *write_buf_cnt); + WriteRequestHandle = dev; + WriteRequestSize = *write_buf_cnt; + + if (!SetEvent (WriteBufferFullEvent)) + return FALSE; + } + else + { + if (!WriteFile ((HANDLE) dev, write_buf, *write_buf_cnt, &bytesWritten, NULL)) + return FALSE; + } + + *write_buf_cnt = 0; + return TRUE; +} diff --git a/src/Common/Format.h b/src/Common/Format.h index 3aa764b0..de342b93 100644 --- a/src/Common/Format.h +++ b/src/Common/Format.h @@ -1,53 +1,53 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifndef TC_HEADER_Format -#define TC_HEADER_Format - -#include "Password.h" - -#ifdef __cplusplus -extern "C" { -#endif - -// FMIFS -typedef BOOLEAN (__stdcall *PFMIFSCALLBACK)( int command, DWORD subCommand, PVOID parameter ); -typedef VOID (__stdcall *PFORMATEX)( PWCHAR DriveRoot, DWORD MediaFlag, PWCHAR Format, PWCHAR Label, BOOL QuickFormat, DWORD ClusterSize, PFMIFSCALLBACK Callback ); - -typedef struct -{ - BOOL bDevice; - BOOL hiddenVol; - wchar_t *volumePath; - unsigned __int64 size; - unsigned __int64 hiddenVolHostSize; - int ea; - int pkcs5; - uint32 headerFlags; - int fileSystem; - unsigned int clusterSize; - BOOL sparseFileSwitch; - BOOL quickFormat; - DWORD sectorSize; - int *realClusterSize; - Password *password; - int pim; - HWND hwndDlg; - BOOL bForceOperation; - BOOL bGuiMode; -} -FORMAT_VOL_PARAMETERS; - +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifndef TC_HEADER_Format +#define TC_HEADER_Format + +#include "Password.h" + +#ifdef __cplusplus +extern "C" { +#endif + +// FMIFS +typedef BOOLEAN (__stdcall *PFMIFSCALLBACK)( int command, DWORD subCommand, PVOID parameter ); +typedef VOID (__stdcall *PFORMATEX)( PWCHAR DriveRoot, DWORD MediaFlag, PWCHAR Format, PWCHAR Label, BOOL QuickFormat, DWORD ClusterSize, PFMIFSCALLBACK Callback ); + +typedef struct +{ + BOOL bDevice; + BOOL hiddenVol; + wchar_t *volumePath; + unsigned __int64 size; + unsigned __int64 hiddenVolHostSize; + int ea; + int pkcs5; + uint32 headerFlags; + int fileSystem; + unsigned int clusterSize; + BOOL sparseFileSwitch; + BOOL quickFormat; + DWORD sectorSize; + int *realClusterSize; + Password *password; + int pim; + HWND hwndDlg; + BOOL bForceOperation; + BOOL bGuiMode; +} +FORMAT_VOL_PARAMETERS; + #define FMIFS_PROGRESS 0x00 #define FMIFS_DONE_WITH_STRUCTURE 0x01 #define FMIFS_INCOMPATIBLE_FILE_SYSTEM 0x03 @@ -66,29 +66,29 @@ FORMAT_VOL_PARAMETERS; #define FMIFS_NO_MEDIA_IN_DRIVE 0x14 #define FMIFS_DEVICE_NOT_READY 0x18 #define FMIFS_CHECKDISK_PROGRESS 0x19 -#define FMIFS_READ_ONLY_MODE 0x20 - -#define FMIFS_HARDDISK 0xC - -extern int FormatWriteBufferSize; - -int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams); -BOOL FormatNtfs (int driveNo, int clusterSize); -BOOL FormatFs (int driveNo, int clusterSize, int fsType); -uint64 GetVolumeDataAreaSize (BOOL hiddenVolume, uint64 volumeSize); -int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors, void *dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat); -BOOL WriteSector ( void *dev , char *sector , char *write_buf , int *write_buf_cnt , __int64 *nSecNo , PCRYPTO_INFO cryptoInfo ); -BOOL FlushFormatWriteBuffer (void *dev, char *write_buf, int *write_buf_cnt, __int64 *nSecNo, PCRYPTO_INFO cryptoInfo); -static BOOL StartFormatWriteThread (); -static void StopFormatWriteThread (); - -#define FILESYS_NONE 0 -#define FILESYS_FAT 1 -#define FILESYS_NTFS 2 -#define FILESYS_EXFAT 3 - -#ifdef __cplusplus -} -#endif - -#endif // TC_HEADER_Format +#define FMIFS_READ_ONLY_MODE 0x20 + +#define FMIFS_HARDDISK 0xC + +extern int FormatWriteBufferSize; + +int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams); +BOOL FormatNtfs (int driveNo, int clusterSize); +BOOL FormatFs (int driveNo, int clusterSize, int fsType); +uint64 GetVolumeDataAreaSize (BOOL hiddenVolume, uint64 volumeSize); +int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors, void *dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat); +BOOL WriteSector ( void *dev , char *sector , char *write_buf , int *write_buf_cnt , __int64 *nSecNo , PCRYPTO_INFO cryptoInfo ); +BOOL FlushFormatWriteBuffer (void *dev, char *write_buf, int *write_buf_cnt, __int64 *nSecNo, PCRYPTO_INFO cryptoInfo); +static BOOL StartFormatWriteThread (); +static void StopFormatWriteThread (); + +#define FILESYS_NONE 0 +#define FILESYS_FAT 1 +#define FILESYS_NTFS 2 +#define FILESYS_EXFAT 3 + +#ifdef __cplusplus +} +#endif + +#endif // TC_HEADER_Format diff --git a/src/Common/GfMul.c b/src/Common/GfMul.c index e933e56b..9cd74a89 100644 --- a/src/Common/GfMul.c +++ b/src/Common/GfMul.c @@ -1,768 +1,768 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software is allowed (with or without - changes) provided that: - - 1. source code distributions include the above copyright notice, this - list of conditions and the following disclaimer; - - 2. binary distributions include the above copyright notice, this list - of conditions and the following disclaimer in their documentation; - - 3. the name of the copyright holder is not used to endorse products - built using this software without specific written permission. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 31/01/2004 - - My thanks to John Viega and David McGrew for their support in developing - this code and to David for testing it on a big-endain system. -*/ - -/* - --------------------------------------------------------------------------- - Portions Copyright (c) 2005 TrueCrypt Developers Association - - Changes: - - - Added multiplication in the finite field GF(2^128) optimized for - cases involving a 64-bit operand. - - - Added multiplication in the finite field GF(2^64). - - - Added MSB-first mode. - - - Added basic test algorithms. - - - Removed GCM. - --------------------------------------------------------------------------- -*/ - -#include -#include -#include "GfMul.h" -#include "Tcdefs.h" -#include "Common/Endian.h" - -/* BUFFER_ALIGN32 or BUFFER_ALIGN64 must be defined at this point to */ -/* enable faster operation by taking advantage of memory aligned values */ -/* NOTE: the BUFFER_ALIGN64 option has not been tested extensively */ - -#define BUFFER_ALIGN32 -#define UNROLL_LOOPS /* define to unroll some loops */ -#define IN_LINES /* define to use inline functions */ - /* in place of macros */ - -#define mode(x) GM_##x - -#if defined(__cplusplus) -extern "C" -{ -#endif - -typedef unsigned __int32 mode(32t); -typedef uint64 mode(64t); - -#define BRG_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */ -#define BRG_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */ - -#if BYTE_ORDER == LITTLE_ENDIAN -# define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN -#endif - -#if BYTE_ORDER == BIG_ENDIAN -# define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN -#endif - -#ifdef _MSC_VER -#pragma intrinsic(memcpy) -#define in_line __inline -#else -#define in_line -#endif - -#if 0 && defined(_MSC_VER) -#define rotl32 _lrotl -#define rotr32 _lrotr -#else -#define rotl32(x,n) (((x) << n) | ((x) >> (32 - n))) -#define rotr32(x,n) (((x) >> n) | ((x) << (32 - n))) -#endif - -#if !defined(bswap_32) -#define bswap_32(x) ((rotr32((x), 24) & 0x00ff00ff) | (rotr32((x), 8) & 0xff00ff00)) -#endif - -#if (PLATFORM_BYTE_ORDER == BRG_LITTLE_ENDIAN) -#define SWAP_BYTES -#else -#undef SWAP_BYTES -#endif - -#if defined(SWAP_BYTES) - -#if defined ( IN_LINES ) - -in_line void bsw_32(void * p, unsigned int n) -{ unsigned int i = n; - while(i--) - ((mode(32t)*)p)[i] = bswap_32(((mode(32t)*)p)[i]); -} - -#else - -#define bsw_32(p,n) \ - { int _i = (n); while(_i--) ((mode(32t)*)p)[_i] = bswap_32(((mode(32t)*)p)[_i]); } - -#endif - -#else -#define bsw_32(p,n) -#endif - -/* These values are used to detect long word alignment in order */ -/* to speed up some GCM buffer operations. This facility may */ -/* not work on some machines */ - -#define lp08(x) ((unsigned char*)(x)) -#define lp32(x) ((mode(32t)*)(x)) -#define lp64(x) ((mode(64t)*)(x)) - -#define A32_MASK 3 -#define A64_MASK 7 -#define aligned32(x) (!(((mode(32t))(x)) & A32_MASK)) -#define aligned64(x) (!(((mode(32t))(x)) & A64_MASK)) - -#if defined( BUFFER_ALIGN32 ) - -#define ADR_MASK A32_MASK -#define aligned aligned32 -#define lp lp32 -#define lp_inc 4 - -#if defined( IN_LINES ) - -in_line void move_block_aligned( void *p, const void *q) -{ - lp32(p)[0] = lp32(q)[0], lp32(p)[1] = lp32(q)[1], - lp32(p)[2] = lp32(q)[2], lp32(p)[3] = lp32(q)[3]; -} - -in_line void move_block_aligned64( void *p, const void *q) -{ - lp32(p)[0] = lp32(q)[0], lp32(p)[1] = lp32(q)[1]; -} - -in_line void xor_block_aligned( void *p, const void *q) -{ - lp32(p)[0] ^= lp32(q)[0], lp32(p)[1] ^= lp32(q)[1], - lp32(p)[2] ^= lp32(q)[2], lp32(p)[3] ^= lp32(q)[3]; -} - -in_line void xor_block_aligned64( void *p, const void *q) -{ - lp32(p)[0] ^= lp32(q)[0], lp32(p)[1] ^= lp32(q)[1]; -} - -#else - -#define move_block_aligned(p,q) \ - lp32(p)[0] = lp32(q)[0], lp32(p)[1] = lp32(q)[1], \ - lp32(p)[2] = lp32(q)[2], lp32(p)[3] = lp32(q)[3] - -#define xor_block_aligned(p,q) \ - lp32(p)[0] ^= lp32(q)[0], lp32(p)[1] ^= lp32(q)[1], \ - lp32(p)[2] ^= lp32(q)[2], lp32(p)[3] ^= lp32(q)[3] - -#endif - -#elif defined( BUFFER_ALIGN64 ) - -#define ADR_MASK A64_MASK -#define aligned aligned64 -#define lp lp64 -#define lp_inc 8 - -#define move_block_aligned(p,q) \ - lp64(p)[0] = lp64(q)[0], lp64(p)[1] = lp64(q)[1] - -#define xor_block_aligned(p,q) \ - lp64(p)[0] ^= lp64(q)[0], lp64(p)[1] ^= lp64(q)[1] - -#else -#define aligned(x) 0 -#endif - -#define move_block(p,q) memcpy((p), (q), BLOCK_LEN) - -#define xor_block(p,q) \ - lp08(p)[ 0] ^= lp08(q)[ 0], lp08(p)[ 1] ^= lp08(q)[ 1], \ - lp08(p)[ 2] ^= lp08(q)[ 2], lp08(p)[ 3] ^= lp08(q)[ 3], \ - lp08(p)[ 4] ^= lp08(q)[ 4], lp08(p)[ 5] ^= lp08(q)[ 5], \ - lp08(p)[ 6] ^= lp08(q)[ 6], lp08(p)[ 7] ^= lp08(q)[ 7], \ - lp08(p)[ 8] ^= lp08(q)[ 8], lp08(p)[ 9] ^= lp08(q)[ 9], \ - lp08(p)[10] ^= lp08(q)[10], lp08(p)[11] ^= lp08(q)[11], \ - lp08(p)[12] ^= lp08(q)[12], lp08(p)[13] ^= lp08(q)[13], \ - lp08(p)[14] ^= lp08(q)[14], lp08(p)[15] ^= lp08(q)[15] - - -#define gf_dat(q) {\ - q(0x00), q(0x01), q(0x02), q(0x03), q(0x04), q(0x05), q(0x06), q(0x07),\ - q(0x08), q(0x09), q(0x0a), q(0x0b), q(0x0c), q(0x0d), q(0x0e), q(0x0f),\ - q(0x10), q(0x11), q(0x12), q(0x13), q(0x14), q(0x15), q(0x16), q(0x17),\ - q(0x18), q(0x19), q(0x1a), q(0x1b), q(0x1c), q(0x1d), q(0x1e), q(0x1f),\ - q(0x20), q(0x21), q(0x22), q(0x23), q(0x24), q(0x25), q(0x26), q(0x27),\ - q(0x28), q(0x29), q(0x2a), q(0x2b), q(0x2c), q(0x2d), q(0x2e), q(0x2f),\ - q(0x30), q(0x31), q(0x32), q(0x33), q(0x34), q(0x35), q(0x36), q(0x37),\ - q(0x38), q(0x39), q(0x3a), q(0x3b), q(0x3c), q(0x3d), q(0x3e), q(0x3f),\ - q(0x40), q(0x41), q(0x42), q(0x43), q(0x44), q(0x45), q(0x46), q(0x47),\ - q(0x48), q(0x49), q(0x4a), q(0x4b), q(0x4c), q(0x4d), q(0x4e), q(0x4f),\ - q(0x50), q(0x51), q(0x52), q(0x53), q(0x54), q(0x55), q(0x56), q(0x57),\ - q(0x58), q(0x59), q(0x5a), q(0x5b), q(0x5c), q(0x5d), q(0x5e), q(0x5f),\ - q(0x60), q(0x61), q(0x62), q(0x63), q(0x64), q(0x65), q(0x66), q(0x67),\ - q(0x68), q(0x69), q(0x6a), q(0x6b), q(0x6c), q(0x6d), q(0x6e), q(0x6f),\ - q(0x70), q(0x71), q(0x72), q(0x73), q(0x74), q(0x75), q(0x76), q(0x77),\ - q(0x78), q(0x79), q(0x7a), q(0x7b), q(0x7c), q(0x7d), q(0x7e), q(0x7f),\ - q(0x80), q(0x81), q(0x82), q(0x83), q(0x84), q(0x85), q(0x86), q(0x87),\ - q(0x88), q(0x89), q(0x8a), q(0x8b), q(0x8c), q(0x8d), q(0x8e), q(0x8f),\ - q(0x90), q(0x91), q(0x92), q(0x93), q(0x94), q(0x95), q(0x96), q(0x97),\ - q(0x98), q(0x99), q(0x9a), q(0x9b), q(0x9c), q(0x9d), q(0x9e), q(0x9f),\ - q(0xa0), q(0xa1), q(0xa2), q(0xa3), q(0xa4), q(0xa5), q(0xa6), q(0xa7),\ - q(0xa8), q(0xa9), q(0xaa), q(0xab), q(0xac), q(0xad), q(0xae), q(0xaf),\ - q(0xb0), q(0xb1), q(0xb2), q(0xb3), q(0xb4), q(0xb5), q(0xb6), q(0xb7),\ - q(0xb8), q(0xb9), q(0xba), q(0xbb), q(0xbc), q(0xbd), q(0xbe), q(0xbf),\ - q(0xc0), q(0xc1), q(0xc2), q(0xc3), q(0xc4), q(0xc5), q(0xc6), q(0xc7),\ - q(0xc8), q(0xc9), q(0xca), q(0xcb), q(0xcc), q(0xcd), q(0xce), q(0xcf),\ - q(0xd0), q(0xd1), q(0xd2), q(0xd3), q(0xd4), q(0xd5), q(0xd6), q(0xd7),\ - q(0xd8), q(0xd9), q(0xda), q(0xdb), q(0xdc), q(0xdd), q(0xde), q(0xdf),\ - q(0xe0), q(0xe1), q(0xe2), q(0xe3), q(0xe4), q(0xe5), q(0xe6), q(0xe7),\ - q(0xe8), q(0xe9), q(0xea), q(0xeb), q(0xec), q(0xed), q(0xee), q(0xef),\ - q(0xf0), q(0xf1), q(0xf2), q(0xf3), q(0xf4), q(0xf5), q(0xf6), q(0xf7),\ - q(0xf8), q(0xf9), q(0xfa), q(0xfb), q(0xfc), q(0xfd), q(0xfe), q(0xff) } - -/* given the value i in 0..255 as the byte overflow when a a field */ -/* element in GHASH is multipled by x^8, this function will return */ -/* the values that are generated in the lo 16-bit word of the field */ -/* value by applying the modular polynomial. The values lo_byte and */ -/* hi_byte are returned via the macro xp_fun(lo_byte, hi_byte) so */ -/* that the values can be assembled into memory as required by a */ -/* suitable definition of this macro operating on the table above */ - -#define xp(i) xp_fun( \ - (i & 0x80 ? 0xe1 : 0) ^ (i & 0x40 ? 0x70 : 0) ^ \ - (i & 0x20 ? 0x38 : 0) ^ (i & 0x10 ? 0x1c : 0) ^ \ - (i & 0x08 ? 0x0e : 0) ^ (i & 0x04 ? 0x07 : 0) ^ \ - (i & 0x02 ? 0x03 : 0) ^ (i & 0x01 ? 0x01 : 0), \ - (i & 0x80 ? 0x00 : 0) ^ (i & 0x40 ? 0x80 : 0) ^ \ - (i & 0x20 ? 0x40 : 0) ^ (i & 0x10 ? 0x20 : 0) ^ \ - (i & 0x08 ? 0x10 : 0) ^ (i & 0x04 ? 0x08 : 0) ^ \ - (i & 0x02 ? 0x84 : 0) ^ (i & 0x01 ? 0xc2 : 0) ) - -#define xp64(i) xp_fun( \ - (i & 0x80 ? 0xd8 : 0) ^ (i & 0x40 ? 0x6c : 0) ^ \ - (i & 0x20 ? 0x36 : 0) ^ (i & 0x10 ? 0x1b : 0) ^ \ - (i & 0x08 ? 0x0d : 0) ^ (i & 0x04 ? 0x06 : 0) ^ \ - (i & 0x02 ? 0x03 : 0) ^ (i & 0x01 ? 0x01 : 0), \ - (i & 0x80 ? 0x00 : 0) ^ (i & 0x40 ? 0x00 : 0) ^ \ - (i & 0x20 ? 0x00 : 0) ^ (i & 0x10 ? 0x00 : 0) ^ \ - (i & 0x08 ? 0x80 : 0) ^ (i & 0x04 ? 0xc0 : 0) ^ \ - (i & 0x02 ? 0x60 : 0) ^ (i & 0x01 ? 0xb0 : 0) ) - -static mode(32t) gf_poly[2] = { 0, 0xe1000000 }; -static mode(32t) gf_poly64[2] = { 0, 0xd8000000 }; - -/* Multiply of a GF128 field element by x. The field element */ -/* is held in an array of bytes in which field bits 8n..8n + 7 */ -/* are held in byte[n], with lower indexed bits placed in the */ -/* more numerically significant bit positions in bytes. */ - -/* This function multiples a field element x, in the polynomial */ -/* field representation. It uses 32-bit word operations to gain */ -/* speed but compensates for machine endianess and hence works */ -/* correctly on both styles of machine */ - -in_line void mul_x(mode(32t) x[4]) -{ mode(32t) t; - - bsw_32(x, 4); - - /* at this point the filed element bits 0..127 are set out */ - /* as follows in 32-bit words (where the most significant */ - /* (ms) numeric bits are to the left) */ - /* */ - /* x[0] x[1] x[2] x[3] */ - /* ms ls ms ls ms ls ms ls */ - /* field: 0 ... 31 32 .. 63 64 .. 95 96 .. 127 */ - - t = gf_poly[x[3] & 1]; /* bit 127 of the element */ - x[3] = (x[3] >> 1) | (x[2] << 31); /* shift bits up by one */ - x[2] = (x[2] >> 1) | (x[1] << 31); /* position */ - x[1] = (x[1] >> 1) | (x[0] << 31); /* if bit 7 is 1 xor in */ - x[0] = (x[0] >> 1) ^ t; /* the field polynomial */ - bsw_32(x, 4); -} - -in_line void mul_x64(mode(32t) x[2]) -{ mode(32t) t; - - bsw_32(x, 2); - - /* at this point the filed element bits 0..127 are set out */ - /* as follows in 32-bit words (where the most significant */ - /* (ms) numeric bits are to the left) */ - /* */ - /* x[0] x[1] x[2] x[3] */ - /* ms ls ms ls ms ls ms ls */ - /* field: 0 ... 31 32 .. 63 64 .. 95 96 .. 127 */ - - t = gf_poly64[x[1] & 1]; /* bit 127 of the element */ - /* shift bits up by one */ - /* position */ - x[1] = (x[1] >> 1) | (x[0] << 31); /* if bit 7 is 1 xor in */ - x[0] = (x[0] >> 1) ^ t; /* the field polynomial */ - bsw_32(x, 2); -} - -/* Multiply of a GF128 field element by x^8 using 32-bit words */ -/* for speed - machine endianess matters here */ - -#if (PLATFORM_BYTE_ORDER == BRG_LITTLE_ENDIAN) - -#define xp_fun(x,y) ((mode(32t))(x)) | (((mode(32t))(y)) << 8) -static const unsigned __int16 gft_le[256] = gf_dat(xp); -static const unsigned __int16 gft_le64[256] = gf_dat(xp64); - -in_line void mul_lex8(mode(32t) x[4]) /* mutiply with long words */ -{ mode(32t) t = (x[3] >> 24); /* in little endian format */ - x[3] = (x[3] << 8) | (x[2] >> 24); - x[2] = (x[2] << 8) | (x[1] >> 24); - x[1] = (x[1] << 8) | (x[0] >> 24); - x[0] = (x[0] << 8) ^ gft_le[t]; -} - -in_line void mul_lex8_64(mode(32t) x[2]) /* mutiply with long words */ -{ mode(32t) t = (x[1] >> 24); /* in little endian format */ - x[1] = (x[1] << 8) | (x[0] >> 24); - x[0] = (x[0] << 8) ^ gft_le64[t]; -} - -#endif - -#if 1 || (PLATFORM_BYTE_ORDER == BRG_LITTLE_ENDIAN) - -#undef xp_fun -#define xp_fun(x,y) ((mode(32t))(y)) | (((mode(32t))(x)) << 8) -static const unsigned __int16 gft_be[256] = gf_dat(xp); -static const unsigned __int16 gft_be64[256] = gf_dat(xp64); - -in_line void mul_bex8(mode(32t) x[4]) /* mutiply with long words */ -{ mode(32t) t = (x[3] & 0xff); /* in big endian format */ - x[3] = (x[3] >> 8) | (x[2] << 24); - x[2] = (x[2] >> 8) | (x[1] << 24); - x[1] = (x[1] >> 8) | (x[0] << 24); - x[0] = (x[0] >> 8) ^ (((mode(32t))gft_be[t]) << 16); -} - -in_line void mul_bex8_64(mode(32t) x[2]) /* mutiply with long words */ -{ mode(32t) t = (x[1] & 0xff); /* in big endian format */ - x[1] = (x[1] >> 8) | (x[0] << 24); - x[0] = (x[0] >> 8) ^ (((mode(32t))gft_be64[t]) << 16); -} - -#endif - -/* hence choose the correct version for the machine endianess */ - -#if PLATFORM_BYTE_ORDER == BRG_BIG_ENDIAN -#define mul_x8 mul_bex8 -#define mul_x8_64 mul_bex8_64 -#else -#define mul_x8 mul_lex8 -#define mul_x8_64 mul_lex8_64 -#endif - -/* different versions of the general gf_mul function are provided */ -/* here. Sadly none are very fast :-( */ - -void GfMul128 (void *a, const void* b) -{ mode(32t) r[CBLK_LEN >> 2], p[8][CBLK_LEN >> 2]; - int i; - - move_block_aligned(p[0], b); - bsw_32(p[0], 4); - for(i = 0; i < 7; ++i) - { - p[i + 1][3] = (p[i][3] >> 1) | (p[i][2] << 31); - p[i + 1][2] = (p[i][2] >> 1) | (p[i][1] << 31); - p[i + 1][1] = (p[i][1] >> 1) | (p[i][0] << 31); - p[i + 1][0] = (p[i][0] >> 1) ^ gf_poly[p[i][3] & 1]; - } - - memset(r, 0, CBLK_LEN); - for(i = 0; i < 16; ++i) - { - if(i) mul_bex8(r); /* order is always big endian here */ - - if(((unsigned char*)a)[15 - i] & 0x80) - xor_block_aligned(r, p[0]); - if(((unsigned char*)a)[15 - i] & 0x40) - xor_block_aligned(r, p[1]); - if(((unsigned char*)a)[15 - i] & 0x20) - xor_block_aligned(r, p[2]); - if(((unsigned char*)a)[15 - i] & 0x10) - xor_block_aligned(r, p[3]); - if(((unsigned char*)a)[15 - i] & 0x08) - xor_block_aligned(r, p[4]); - if(((unsigned char*)a)[15 - i] & 0x04) - xor_block_aligned(r, p[5]); - if(((unsigned char*)a)[15 - i] & 0x02) - xor_block_aligned(r, p[6]); - if(((unsigned char*)a)[15 - i] & 0x01) - xor_block_aligned(r, p[7]); - } - bsw_32(r, 4); - move_block_aligned(a, r); -} - -#if defined( UNROLL_LOOPS ) - -#define xor_8k(i) \ - xor_block_aligned(r, ctx->gf_t8k[i + i][a[i] & 15]); \ - xor_block_aligned(r, ctx->gf_t8k[i + i + 1][a[i] >> 4]) - - -void GfMul128Tab (unsigned char a[CBLK_LEN], GfCtx8k *ctx) -{ unsigned __int32 r[CBLK_LEN >> 2]; - - move_block_aligned(r, ctx->gf_t8k[0][a[0] & 15]); - xor_block_aligned(r, ctx->gf_t8k[1][a[0] >> 4]); - xor_8k( 1); xor_8k( 2); xor_8k( 3); - xor_8k( 4); xor_8k( 5); xor_8k( 6); xor_8k( 7); - xor_8k( 8); xor_8k( 9); xor_8k(10); xor_8k(11); - xor_8k(12); xor_8k(13); xor_8k(14); xor_8k(15); - move_block_aligned(a, r); -} - -#else - -void GfMul128Tab (unsigned char a[CBLK_LEN], GfCtx8k *ctx) -{ unsigned __int32 r[CBLK_LEN >> 2], *p; - int i; - - p = ctx->gf_t8k[0][a[0] & 15]; - memcpy(r, p, CBLK_LEN); - p = ctx->gf_t8k[1][a[0] >> 4]; - xor_block_aligned(r, p); - for(i = 1; i < CBLK_LEN; ++i) - { - xor_block_aligned(r, ctx->gf_t8k[i + i][a[i] & 15]); - xor_block_aligned(r, ctx->gf_t8k[i + i + 1][a[i] >> 4]); - } - memcpy(a, r, CBLK_LEN); -} - -#endif - -void compile_8k_table(unsigned __int8 *a, GfCtx8k *ctx) -{ int i, j, k; - - memset(ctx->gf_t8k, 0, 32 * 16 * 16); - for(i = 0; i < 2 * CBLK_LEN; ++i) - { - if(i == 0) - { - memcpy(ctx->gf_t8k[1][8], a, CBLK_LEN); - for(j = 4; j > 0; j >>= 1) - { - memcpy(ctx->gf_t8k[1][j], ctx->gf_t8k[1][j + j], CBLK_LEN); - mul_x(ctx->gf_t8k[1][j]); - } - memcpy(ctx->gf_t8k[0][8], ctx->gf_t8k[1][1], CBLK_LEN); - mul_x(ctx->gf_t8k[0][8]); - for(j = 4; j > 0; j >>= 1) - { - memcpy(ctx->gf_t8k[0][j], ctx->gf_t8k[0][j + j], CBLK_LEN); - mul_x(ctx->gf_t8k[0][j]); - } - } - else if(i > 1) - for(j = 8; j > 0; j >>= 1) - { - memcpy(ctx->gf_t8k[i][j], ctx->gf_t8k[i - 2][j], CBLK_LEN); - mul_x8(ctx->gf_t8k[i][j]); - } - - for(j = 2; j < 16; j += j) - { - mode(32t) *pj = ctx->gf_t8k[i][j]; - mode(32t) *pk = ctx->gf_t8k[i][1]; - mode(32t) *pl = ctx->gf_t8k[i][j + 1]; - - for(k = 1; k < j; ++k) - { - *pl++ = pj[0] ^ *pk++; - *pl++ = pj[1] ^ *pk++; - *pl++ = pj[2] ^ *pk++; - *pl++ = pj[3] ^ *pk++; - } - } - } -} - - -void compile_4k_table64(unsigned __int8 *a, GfCtx4k64 *ctx) -{ int i, j, k; - - memset(ctx->gf_t4k, 0, sizeof(ctx->gf_t4k)); - for(i = 0; i < 2 * CBLK_LEN8; ++i) - { - if(i == 0) - { - memcpy(ctx->gf_t4k[1][8], a, CBLK_LEN8); - for(j = 4; j > 0; j >>= 1) - { - memcpy(ctx->gf_t4k[1][j], ctx->gf_t4k[1][j + j], CBLK_LEN8); - mul_x64(ctx->gf_t4k[1][j]); - } - memcpy(ctx->gf_t4k[0][8], ctx->gf_t4k[1][1], CBLK_LEN8); - mul_x64(ctx->gf_t4k[0][8]); - for(j = 4; j > 0; j >>= 1) - { - memcpy(ctx->gf_t4k[0][j], ctx->gf_t4k[0][j + j], CBLK_LEN8); - mul_x64(ctx->gf_t4k[0][j]); - } - } - else if(i > 1) - for(j = 8; j > 0; j >>= 1) - { - memcpy(ctx->gf_t4k[i][j], ctx->gf_t4k[i - 2][j], CBLK_LEN8); - mul_x8_64(ctx->gf_t4k[i][j]); - } - - for(j = 2; j < 16; j += j) - { - mode(32t) *pj = ctx->gf_t4k[i][j]; - mode(32t) *pk = ctx->gf_t4k[i][1]; - mode(32t) *pl = ctx->gf_t4k[i][j + 1]; - - for(k = 1; k < j; ++k) - { - *pl++ = pj[0] ^ *pk++; - *pl++ = pj[1] ^ *pk++; - *pl++ = pj[2] ^ *pk++; - *pl++ = pj[3] ^ *pk++; - } - } - } -} - -static int IsBitSet128 (unsigned int bit, unsigned __int8 *a) -{ - return a[(127 - bit) / 8] & (0x80 >> ((127 - bit) % 8)); -} - -static int IsBitSet64 (unsigned int bit, unsigned __int8 *a) -{ - return a[(63 - bit) / 8] & (0x80 >> ((63 - bit) % 8)); -} - -static void SetBit128 (unsigned int bit, unsigned __int8 *a) -{ - a[(127 - bit) / 8] |= 0x80 >> ((127 - bit) % 8); -} - -static void SetBit64 (unsigned int bit, unsigned __int8 *a) -{ - a[(63 - bit) / 8] |= 0x80 >> ((63 - bit) % 8); -} - -void MirrorBits128 (unsigned __int8 *a) -{ - unsigned __int8 t[128 / 8]; - int i; - memset (t,0,16); - for (i = 0; i < 128; i++) - { - if (IsBitSet128(i, a)) - SetBit128 (127 - i, t); - } - memcpy (a, t, sizeof (t)); - burn (t,sizeof (t)); -} - -void MirrorBits64 (unsigned __int8 *a) -{ - unsigned __int8 t[64 / 8]; - int i; - memset (t,0,8); - for (i = 0; i < 64; i++) - { - if (IsBitSet64(i, a)) - SetBit64 (63 - i, t); - } - memcpy (a, t, sizeof (t)); - burn (t,sizeof (t)); -} - -/* Allocate and initialize speed optimization table - for multiplication by 64-bit operand in MSB-first mode */ -int Gf128Tab64Init (unsigned __int8 *a, GfCtx *ctx) -{ - GfCtx8k *ctx8k; - unsigned __int8 am[16]; - int i, j; - - ctx8k = (GfCtx8k *) TCalloc (sizeof (GfCtx8k)); - if (!ctx8k) - return FALSE; - - memcpy (am, a, 16); - MirrorBits128 (am); - compile_8k_table (am, ctx8k); - - /* Convert 8k LSB-first table to 4k MSB-first */ - for (i = 16; i < 32; i++) - { - for (j = 0; j < 16; j++) - { - int jm = 0; - jm |= (j & 0x1) << 3; - jm |= (j & 0x2) << 1; - jm |= (j & 0x4) >> 1; - jm |= (j & 0x8) >> 3; - - memcpy (&ctx->gf_t128[i-16][jm], (unsigned char *)&ctx8k->gf_t8k[31-i][j], 16); - MirrorBits128 ((unsigned char *)&ctx->gf_t128[i-16][jm]); - } - } - - burn (ctx8k ,sizeof (*ctx8k)); - burn (am, sizeof (am)); - TCfree (ctx8k); - return TRUE; -} - - -#define xor_8kt64(i) \ - xor_block_aligned(r, ctx->gf_t128[i + i][a[i] & 15]); \ - xor_block_aligned(r, ctx->gf_t128[i + i + 1][a[i] >> 4]) - -/* Multiply a 128-bit number by a 64-bit number in the finite field GF(2^128) */ -void Gf128MulBy64Tab (unsigned __int8 a[8], unsigned __int8 p[16], GfCtx *ctx) -{ - unsigned __int32 r[CBLK_LEN >> 2]; - - move_block_aligned(r, ctx->gf_t128[7*2][a[7] & 15]); - xor_block_aligned(r, ctx->gf_t128[7*2+1][a[7] >> 4]); - - if (*(unsigned __int16 *)a) - { - xor_8kt64(0); - xor_8kt64(1); - } - if (a[2]) - { - xor_8kt64(2); - } - xor_8kt64(3); - xor_8kt64(4); - xor_8kt64(5); - xor_8kt64(6); - - move_block_aligned(p, r); -} - - - -/* Basic algorithms for testing of optimized algorithms */ - -static void xor128 (uint64 *a, uint64 *b) -{ - *a++ ^= *b++; - *a ^= *b; -} - -static void shl128 (unsigned __int8 *a) -{ - int i, x = 0, xx; - for (i = 15; i >= 0; i--) - { - xx = (a[i] & 0x80) >> 7; - a[i] = (char) ((a[i] << 1) | x); - x = xx; - } -} - -static void GfMul128Basic (unsigned __int8 *a, unsigned __int8 *b, unsigned __int8 *p) -{ - int i; - unsigned __int8 la[16]; - memcpy (la, a, 16); - memset (p, 0, 16); - - for (i = 0; i < 128; i++) - { - if (IsBitSet128 (i, b)) - xor128 ((uint64 *)p, (uint64 *)la); - - if (la[0] & 0x80) - { - shl128 (la); - la[15] ^= 0x87; - } - else - { - shl128 (la); - } - } -} - - -BOOL GfMulSelfTest () -{ - BOOL result = TRUE; - unsigned __int8 a[16]; - unsigned __int8 b[16]; - unsigned __int8 p1[16]; - unsigned __int8 p2[16]; - GfCtx *gfCtx = (GfCtx *) TCalloc (sizeof (GfCtx)); - int i, j; - - if (!gfCtx) - return FALSE; - - - /* GF(2^128) */ - for (i = 0; i < 0x100; i++) - { - for (j = 0; j < 16; j++) - { - a[j] = (unsigned __int8) i; - b[j] = j < 8 ? 0 : a[j] ^ 0xff; - } - - GfMul128Basic (a, b, p1); - - Gf128Tab64Init (a, gfCtx); - Gf128MulBy64Tab (b + 8, p2, gfCtx); - - if (memcmp (p1, p2, 16) != 0) - result = FALSE; - } - - TCfree (gfCtx); - return result; -} - -#if defined(__cplusplus) -} -#endif +/* + --------------------------------------------------------------------------- + Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 31/01/2004 + + My thanks to John Viega and David McGrew for their support in developing + this code and to David for testing it on a big-endain system. +*/ + +/* + --------------------------------------------------------------------------- + Portions Copyright (c) 2005 TrueCrypt Developers Association + + Changes: + + - Added multiplication in the finite field GF(2^128) optimized for + cases involving a 64-bit operand. + + - Added multiplication in the finite field GF(2^64). + + - Added MSB-first mode. + + - Added basic test algorithms. + + - Removed GCM. + --------------------------------------------------------------------------- +*/ + +#include +#include +#include "GfMul.h" +#include "Tcdefs.h" +#include "Common/Endian.h" + +/* BUFFER_ALIGN32 or BUFFER_ALIGN64 must be defined at this point to */ +/* enable faster operation by taking advantage of memory aligned values */ +/* NOTE: the BUFFER_ALIGN64 option has not been tested extensively */ + +#define BUFFER_ALIGN32 +#define UNROLL_LOOPS /* define to unroll some loops */ +#define IN_LINES /* define to use inline functions */ + /* in place of macros */ + +#define mode(x) GM_##x + +#if defined(__cplusplus) +extern "C" +{ +#endif + +typedef unsigned __int32 mode(32t); +typedef uint64 mode(64t); + +#define BRG_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */ +#define BRG_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */ + +#if BYTE_ORDER == LITTLE_ENDIAN +# define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN +#endif + +#if BYTE_ORDER == BIG_ENDIAN +# define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN +#endif + +#ifdef _MSC_VER +#pragma intrinsic(memcpy) +#define in_line __inline +#else +#define in_line +#endif + +#if 0 && defined(_MSC_VER) +#define rotl32 _lrotl +#define rotr32 _lrotr +#else +#define rotl32(x,n) (((x) << n) | ((x) >> (32 - n))) +#define rotr32(x,n) (((x) >> n) | ((x) << (32 - n))) +#endif + +#if !defined(bswap_32) +#define bswap_32(x) ((rotr32((x), 24) & 0x00ff00ff) | (rotr32((x), 8) & 0xff00ff00)) +#endif + +#if (PLATFORM_BYTE_ORDER == BRG_LITTLE_ENDIAN) +#define SWAP_BYTES +#else +#undef SWAP_BYTES +#endif + +#if defined(SWAP_BYTES) + +#if defined ( IN_LINES ) + +in_line void bsw_32(void * p, unsigned int n) +{ unsigned int i = n; + while(i--) + ((mode(32t)*)p)[i] = bswap_32(((mode(32t)*)p)[i]); +} + +#else + +#define bsw_32(p,n) \ + { int _i = (n); while(_i--) ((mode(32t)*)p)[_i] = bswap_32(((mode(32t)*)p)[_i]); } + +#endif + +#else +#define bsw_32(p,n) +#endif + +/* These values are used to detect long word alignment in order */ +/* to speed up some GCM buffer operations. This facility may */ +/* not work on some machines */ + +#define lp08(x) ((unsigned char*)(x)) +#define lp32(x) ((mode(32t)*)(x)) +#define lp64(x) ((mode(64t)*)(x)) + +#define A32_MASK 3 +#define A64_MASK 7 +#define aligned32(x) (!(((mode(32t))(x)) & A32_MASK)) +#define aligned64(x) (!(((mode(32t))(x)) & A64_MASK)) + +#if defined( BUFFER_ALIGN32 ) + +#define ADR_MASK A32_MASK +#define aligned aligned32 +#define lp lp32 +#define lp_inc 4 + +#if defined( IN_LINES ) + +in_line void move_block_aligned( void *p, const void *q) +{ + lp32(p)[0] = lp32(q)[0], lp32(p)[1] = lp32(q)[1], + lp32(p)[2] = lp32(q)[2], lp32(p)[3] = lp32(q)[3]; +} + +in_line void move_block_aligned64( void *p, const void *q) +{ + lp32(p)[0] = lp32(q)[0], lp32(p)[1] = lp32(q)[1]; +} + +in_line void xor_block_aligned( void *p, const void *q) +{ + lp32(p)[0] ^= lp32(q)[0], lp32(p)[1] ^= lp32(q)[1], + lp32(p)[2] ^= lp32(q)[2], lp32(p)[3] ^= lp32(q)[3]; +} + +in_line void xor_block_aligned64( void *p, const void *q) +{ + lp32(p)[0] ^= lp32(q)[0], lp32(p)[1] ^= lp32(q)[1]; +} + +#else + +#define move_block_aligned(p,q) \ + lp32(p)[0] = lp32(q)[0], lp32(p)[1] = lp32(q)[1], \ + lp32(p)[2] = lp32(q)[2], lp32(p)[3] = lp32(q)[3] + +#define xor_block_aligned(p,q) \ + lp32(p)[0] ^= lp32(q)[0], lp32(p)[1] ^= lp32(q)[1], \ + lp32(p)[2] ^= lp32(q)[2], lp32(p)[3] ^= lp32(q)[3] + +#endif + +#elif defined( BUFFER_ALIGN64 ) + +#define ADR_MASK A64_MASK +#define aligned aligned64 +#define lp lp64 +#define lp_inc 8 + +#define move_block_aligned(p,q) \ + lp64(p)[0] = lp64(q)[0], lp64(p)[1] = lp64(q)[1] + +#define xor_block_aligned(p,q) \ + lp64(p)[0] ^= lp64(q)[0], lp64(p)[1] ^= lp64(q)[1] + +#else +#define aligned(x) 0 +#endif + +#define move_block(p,q) memcpy((p), (q), BLOCK_LEN) + +#define xor_block(p,q) \ + lp08(p)[ 0] ^= lp08(q)[ 0], lp08(p)[ 1] ^= lp08(q)[ 1], \ + lp08(p)[ 2] ^= lp08(q)[ 2], lp08(p)[ 3] ^= lp08(q)[ 3], \ + lp08(p)[ 4] ^= lp08(q)[ 4], lp08(p)[ 5] ^= lp08(q)[ 5], \ + lp08(p)[ 6] ^= lp08(q)[ 6], lp08(p)[ 7] ^= lp08(q)[ 7], \ + lp08(p)[ 8] ^= lp08(q)[ 8], lp08(p)[ 9] ^= lp08(q)[ 9], \ + lp08(p)[10] ^= lp08(q)[10], lp08(p)[11] ^= lp08(q)[11], \ + lp08(p)[12] ^= lp08(q)[12], lp08(p)[13] ^= lp08(q)[13], \ + lp08(p)[14] ^= lp08(q)[14], lp08(p)[15] ^= lp08(q)[15] + + +#define gf_dat(q) {\ + q(0x00), q(0x01), q(0x02), q(0x03), q(0x04), q(0x05), q(0x06), q(0x07),\ + q(0x08), q(0x09), q(0x0a), q(0x0b), q(0x0c), q(0x0d), q(0x0e), q(0x0f),\ + q(0x10), q(0x11), q(0x12), q(0x13), q(0x14), q(0x15), q(0x16), q(0x17),\ + q(0x18), q(0x19), q(0x1a), q(0x1b), q(0x1c), q(0x1d), q(0x1e), q(0x1f),\ + q(0x20), q(0x21), q(0x22), q(0x23), q(0x24), q(0x25), q(0x26), q(0x27),\ + q(0x28), q(0x29), q(0x2a), q(0x2b), q(0x2c), q(0x2d), q(0x2e), q(0x2f),\ + q(0x30), q(0x31), q(0x32), q(0x33), q(0x34), q(0x35), q(0x36), q(0x37),\ + q(0x38), q(0x39), q(0x3a), q(0x3b), q(0x3c), q(0x3d), q(0x3e), q(0x3f),\ + q(0x40), q(0x41), q(0x42), q(0x43), q(0x44), q(0x45), q(0x46), q(0x47),\ + q(0x48), q(0x49), q(0x4a), q(0x4b), q(0x4c), q(0x4d), q(0x4e), q(0x4f),\ + q(0x50), q(0x51), q(0x52), q(0x53), q(0x54), q(0x55), q(0x56), q(0x57),\ + q(0x58), q(0x59), q(0x5a), q(0x5b), q(0x5c), q(0x5d), q(0x5e), q(0x5f),\ + q(0x60), q(0x61), q(0x62), q(0x63), q(0x64), q(0x65), q(0x66), q(0x67),\ + q(0x68), q(0x69), q(0x6a), q(0x6b), q(0x6c), q(0x6d), q(0x6e), q(0x6f),\ + q(0x70), q(0x71), q(0x72), q(0x73), q(0x74), q(0x75), q(0x76), q(0x77),\ + q(0x78), q(0x79), q(0x7a), q(0x7b), q(0x7c), q(0x7d), q(0x7e), q(0x7f),\ + q(0x80), q(0x81), q(0x82), q(0x83), q(0x84), q(0x85), q(0x86), q(0x87),\ + q(0x88), q(0x89), q(0x8a), q(0x8b), q(0x8c), q(0x8d), q(0x8e), q(0x8f),\ + q(0x90), q(0x91), q(0x92), q(0x93), q(0x94), q(0x95), q(0x96), q(0x97),\ + q(0x98), q(0x99), q(0x9a), q(0x9b), q(0x9c), q(0x9d), q(0x9e), q(0x9f),\ + q(0xa0), q(0xa1), q(0xa2), q(0xa3), q(0xa4), q(0xa5), q(0xa6), q(0xa7),\ + q(0xa8), q(0xa9), q(0xaa), q(0xab), q(0xac), q(0xad), q(0xae), q(0xaf),\ + q(0xb0), q(0xb1), q(0xb2), q(0xb3), q(0xb4), q(0xb5), q(0xb6), q(0xb7),\ + q(0xb8), q(0xb9), q(0xba), q(0xbb), q(0xbc), q(0xbd), q(0xbe), q(0xbf),\ + q(0xc0), q(0xc1), q(0xc2), q(0xc3), q(0xc4), q(0xc5), q(0xc6), q(0xc7),\ + q(0xc8), q(0xc9), q(0xca), q(0xcb), q(0xcc), q(0xcd), q(0xce), q(0xcf),\ + q(0xd0), q(0xd1), q(0xd2), q(0xd3), q(0xd4), q(0xd5), q(0xd6), q(0xd7),\ + q(0xd8), q(0xd9), q(0xda), q(0xdb), q(0xdc), q(0xdd), q(0xde), q(0xdf),\ + q(0xe0), q(0xe1), q(0xe2), q(0xe3), q(0xe4), q(0xe5), q(0xe6), q(0xe7),\ + q(0xe8), q(0xe9), q(0xea), q(0xeb), q(0xec), q(0xed), q(0xee), q(0xef),\ + q(0xf0), q(0xf1), q(0xf2), q(0xf3), q(0xf4), q(0xf5), q(0xf6), q(0xf7),\ + q(0xf8), q(0xf9), q(0xfa), q(0xfb), q(0xfc), q(0xfd), q(0xfe), q(0xff) } + +/* given the value i in 0..255 as the byte overflow when a a field */ +/* element in GHASH is multipled by x^8, this function will return */ +/* the values that are generated in the lo 16-bit word of the field */ +/* value by applying the modular polynomial. The values lo_byte and */ +/* hi_byte are returned via the macro xp_fun(lo_byte, hi_byte) so */ +/* that the values can be assembled into memory as required by a */ +/* suitable definition of this macro operating on the table above */ + +#define xp(i) xp_fun( \ + (i & 0x80 ? 0xe1 : 0) ^ (i & 0x40 ? 0x70 : 0) ^ \ + (i & 0x20 ? 0x38 : 0) ^ (i & 0x10 ? 0x1c : 0) ^ \ + (i & 0x08 ? 0x0e : 0) ^ (i & 0x04 ? 0x07 : 0) ^ \ + (i & 0x02 ? 0x03 : 0) ^ (i & 0x01 ? 0x01 : 0), \ + (i & 0x80 ? 0x00 : 0) ^ (i & 0x40 ? 0x80 : 0) ^ \ + (i & 0x20 ? 0x40 : 0) ^ (i & 0x10 ? 0x20 : 0) ^ \ + (i & 0x08 ? 0x10 : 0) ^ (i & 0x04 ? 0x08 : 0) ^ \ + (i & 0x02 ? 0x84 : 0) ^ (i & 0x01 ? 0xc2 : 0) ) + +#define xp64(i) xp_fun( \ + (i & 0x80 ? 0xd8 : 0) ^ (i & 0x40 ? 0x6c : 0) ^ \ + (i & 0x20 ? 0x36 : 0) ^ (i & 0x10 ? 0x1b : 0) ^ \ + (i & 0x08 ? 0x0d : 0) ^ (i & 0x04 ? 0x06 : 0) ^ \ + (i & 0x02 ? 0x03 : 0) ^ (i & 0x01 ? 0x01 : 0), \ + (i & 0x80 ? 0x00 : 0) ^ (i & 0x40 ? 0x00 : 0) ^ \ + (i & 0x20 ? 0x00 : 0) ^ (i & 0x10 ? 0x00 : 0) ^ \ + (i & 0x08 ? 0x80 : 0) ^ (i & 0x04 ? 0xc0 : 0) ^ \ + (i & 0x02 ? 0x60 : 0) ^ (i & 0x01 ? 0xb0 : 0) ) + +static mode(32t) gf_poly[2] = { 0, 0xe1000000 }; +static mode(32t) gf_poly64[2] = { 0, 0xd8000000 }; + +/* Multiply of a GF128 field element by x. The field element */ +/* is held in an array of bytes in which field bits 8n..8n + 7 */ +/* are held in byte[n], with lower indexed bits placed in the */ +/* more numerically significant bit positions in bytes. */ + +/* This function multiples a field element x, in the polynomial */ +/* field representation. It uses 32-bit word operations to gain */ +/* speed but compensates for machine endianess and hence works */ +/* correctly on both styles of machine */ + +in_line void mul_x(mode(32t) x[4]) +{ mode(32t) t; + + bsw_32(x, 4); + + /* at this point the filed element bits 0..127 are set out */ + /* as follows in 32-bit words (where the most significant */ + /* (ms) numeric bits are to the left) */ + /* */ + /* x[0] x[1] x[2] x[3] */ + /* ms ls ms ls ms ls ms ls */ + /* field: 0 ... 31 32 .. 63 64 .. 95 96 .. 127 */ + + t = gf_poly[x[3] & 1]; /* bit 127 of the element */ + x[3] = (x[3] >> 1) | (x[2] << 31); /* shift bits up by one */ + x[2] = (x[2] >> 1) | (x[1] << 31); /* position */ + x[1] = (x[1] >> 1) | (x[0] << 31); /* if bit 7 is 1 xor in */ + x[0] = (x[0] >> 1) ^ t; /* the field polynomial */ + bsw_32(x, 4); +} + +in_line void mul_x64(mode(32t) x[2]) +{ mode(32t) t; + + bsw_32(x, 2); + + /* at this point the filed element bits 0..127 are set out */ + /* as follows in 32-bit words (where the most significant */ + /* (ms) numeric bits are to the left) */ + /* */ + /* x[0] x[1] x[2] x[3] */ + /* ms ls ms ls ms ls ms ls */ + /* field: 0 ... 31 32 .. 63 64 .. 95 96 .. 127 */ + + t = gf_poly64[x[1] & 1]; /* bit 127 of the element */ + /* shift bits up by one */ + /* position */ + x[1] = (x[1] >> 1) | (x[0] << 31); /* if bit 7 is 1 xor in */ + x[0] = (x[0] >> 1) ^ t; /* the field polynomial */ + bsw_32(x, 2); +} + +/* Multiply of a GF128 field element by x^8 using 32-bit words */ +/* for speed - machine endianess matters here */ + +#if (PLATFORM_BYTE_ORDER == BRG_LITTLE_ENDIAN) + +#define xp_fun(x,y) ((mode(32t))(x)) | (((mode(32t))(y)) << 8) +static const unsigned __int16 gft_le[256] = gf_dat(xp); +static const unsigned __int16 gft_le64[256] = gf_dat(xp64); + +in_line void mul_lex8(mode(32t) x[4]) /* mutiply with long words */ +{ mode(32t) t = (x[3] >> 24); /* in little endian format */ + x[3] = (x[3] << 8) | (x[2] >> 24); + x[2] = (x[2] << 8) | (x[1] >> 24); + x[1] = (x[1] << 8) | (x[0] >> 24); + x[0] = (x[0] << 8) ^ gft_le[t]; +} + +in_line void mul_lex8_64(mode(32t) x[2]) /* mutiply with long words */ +{ mode(32t) t = (x[1] >> 24); /* in little endian format */ + x[1] = (x[1] << 8) | (x[0] >> 24); + x[0] = (x[0] << 8) ^ gft_le64[t]; +} + +#endif + +#if 1 || (PLATFORM_BYTE_ORDER == BRG_LITTLE_ENDIAN) + +#undef xp_fun +#define xp_fun(x,y) ((mode(32t))(y)) | (((mode(32t))(x)) << 8) +static const unsigned __int16 gft_be[256] = gf_dat(xp); +static const unsigned __int16 gft_be64[256] = gf_dat(xp64); + +in_line void mul_bex8(mode(32t) x[4]) /* mutiply with long words */ +{ mode(32t) t = (x[3] & 0xff); /* in big endian format */ + x[3] = (x[3] >> 8) | (x[2] << 24); + x[2] = (x[2] >> 8) | (x[1] << 24); + x[1] = (x[1] >> 8) | (x[0] << 24); + x[0] = (x[0] >> 8) ^ (((mode(32t))gft_be[t]) << 16); +} + +in_line void mul_bex8_64(mode(32t) x[2]) /* mutiply with long words */ +{ mode(32t) t = (x[1] & 0xff); /* in big endian format */ + x[1] = (x[1] >> 8) | (x[0] << 24); + x[0] = (x[0] >> 8) ^ (((mode(32t))gft_be64[t]) << 16); +} + +#endif + +/* hence choose the correct version for the machine endianess */ + +#if PLATFORM_BYTE_ORDER == BRG_BIG_ENDIAN +#define mul_x8 mul_bex8 +#define mul_x8_64 mul_bex8_64 +#else +#define mul_x8 mul_lex8 +#define mul_x8_64 mul_lex8_64 +#endif + +/* different versions of the general gf_mul function are provided */ +/* here. Sadly none are very fast :-( */ + +void GfMul128 (void *a, const void* b) +{ mode(32t) r[CBLK_LEN >> 2], p[8][CBLK_LEN >> 2]; + int i; + + move_block_aligned(p[0], b); + bsw_32(p[0], 4); + for(i = 0; i < 7; ++i) + { + p[i + 1][3] = (p[i][3] >> 1) | (p[i][2] << 31); + p[i + 1][2] = (p[i][2] >> 1) | (p[i][1] << 31); + p[i + 1][1] = (p[i][1] >> 1) | (p[i][0] << 31); + p[i + 1][0] = (p[i][0] >> 1) ^ gf_poly[p[i][3] & 1]; + } + + memset(r, 0, CBLK_LEN); + for(i = 0; i < 16; ++i) + { + if(i) mul_bex8(r); /* order is always big endian here */ + + if(((unsigned char*)a)[15 - i] & 0x80) + xor_block_aligned(r, p[0]); + if(((unsigned char*)a)[15 - i] & 0x40) + xor_block_aligned(r, p[1]); + if(((unsigned char*)a)[15 - i] & 0x20) + xor_block_aligned(r, p[2]); + if(((unsigned char*)a)[15 - i] & 0x10) + xor_block_aligned(r, p[3]); + if(((unsigned char*)a)[15 - i] & 0x08) + xor_block_aligned(r, p[4]); + if(((unsigned char*)a)[15 - i] & 0x04) + xor_block_aligned(r, p[5]); + if(((unsigned char*)a)[15 - i] & 0x02) + xor_block_aligned(r, p[6]); + if(((unsigned char*)a)[15 - i] & 0x01) + xor_block_aligned(r, p[7]); + } + bsw_32(r, 4); + move_block_aligned(a, r); +} + +#if defined( UNROLL_LOOPS ) + +#define xor_8k(i) \ + xor_block_aligned(r, ctx->gf_t8k[i + i][a[i] & 15]); \ + xor_block_aligned(r, ctx->gf_t8k[i + i + 1][a[i] >> 4]) + + +void GfMul128Tab (unsigned char a[CBLK_LEN], GfCtx8k *ctx) +{ unsigned __int32 r[CBLK_LEN >> 2]; + + move_block_aligned(r, ctx->gf_t8k[0][a[0] & 15]); + xor_block_aligned(r, ctx->gf_t8k[1][a[0] >> 4]); + xor_8k( 1); xor_8k( 2); xor_8k( 3); + xor_8k( 4); xor_8k( 5); xor_8k( 6); xor_8k( 7); + xor_8k( 8); xor_8k( 9); xor_8k(10); xor_8k(11); + xor_8k(12); xor_8k(13); xor_8k(14); xor_8k(15); + move_block_aligned(a, r); +} + +#else + +void GfMul128Tab (unsigned char a[CBLK_LEN], GfCtx8k *ctx) +{ unsigned __int32 r[CBLK_LEN >> 2], *p; + int i; + + p = ctx->gf_t8k[0][a[0] & 15]; + memcpy(r, p, CBLK_LEN); + p = ctx->gf_t8k[1][a[0] >> 4]; + xor_block_aligned(r, p); + for(i = 1; i < CBLK_LEN; ++i) + { + xor_block_aligned(r, ctx->gf_t8k[i + i][a[i] & 15]); + xor_block_aligned(r, ctx->gf_t8k[i + i + 1][a[i] >> 4]); + } + memcpy(a, r, CBLK_LEN); +} + +#endif + +void compile_8k_table(unsigned __int8 *a, GfCtx8k *ctx) +{ int i, j, k; + + memset(ctx->gf_t8k, 0, 32 * 16 * 16); + for(i = 0; i < 2 * CBLK_LEN; ++i) + { + if(i == 0) + { + memcpy(ctx->gf_t8k[1][8], a, CBLK_LEN); + for(j = 4; j > 0; j >>= 1) + { + memcpy(ctx->gf_t8k[1][j], ctx->gf_t8k[1][j + j], CBLK_LEN); + mul_x(ctx->gf_t8k[1][j]); + } + memcpy(ctx->gf_t8k[0][8], ctx->gf_t8k[1][1], CBLK_LEN); + mul_x(ctx->gf_t8k[0][8]); + for(j = 4; j > 0; j >>= 1) + { + memcpy(ctx->gf_t8k[0][j], ctx->gf_t8k[0][j + j], CBLK_LEN); + mul_x(ctx->gf_t8k[0][j]); + } + } + else if(i > 1) + for(j = 8; j > 0; j >>= 1) + { + memcpy(ctx->gf_t8k[i][j], ctx->gf_t8k[i - 2][j], CBLK_LEN); + mul_x8(ctx->gf_t8k[i][j]); + } + + for(j = 2; j < 16; j += j) + { + mode(32t) *pj = ctx->gf_t8k[i][j]; + mode(32t) *pk = ctx->gf_t8k[i][1]; + mode(32t) *pl = ctx->gf_t8k[i][j + 1]; + + for(k = 1; k < j; ++k) + { + *pl++ = pj[0] ^ *pk++; + *pl++ = pj[1] ^ *pk++; + *pl++ = pj[2] ^ *pk++; + *pl++ = pj[3] ^ *pk++; + } + } + } +} + + +void compile_4k_table64(unsigned __int8 *a, GfCtx4k64 *ctx) +{ int i, j, k; + + memset(ctx->gf_t4k, 0, sizeof(ctx->gf_t4k)); + for(i = 0; i < 2 * CBLK_LEN8; ++i) + { + if(i == 0) + { + memcpy(ctx->gf_t4k[1][8], a, CBLK_LEN8); + for(j = 4; j > 0; j >>= 1) + { + memcpy(ctx->gf_t4k[1][j], ctx->gf_t4k[1][j + j], CBLK_LEN8); + mul_x64(ctx->gf_t4k[1][j]); + } + memcpy(ctx->gf_t4k[0][8], ctx->gf_t4k[1][1], CBLK_LEN8); + mul_x64(ctx->gf_t4k[0][8]); + for(j = 4; j > 0; j >>= 1) + { + memcpy(ctx->gf_t4k[0][j], ctx->gf_t4k[0][j + j], CBLK_LEN8); + mul_x64(ctx->gf_t4k[0][j]); + } + } + else if(i > 1) + for(j = 8; j > 0; j >>= 1) + { + memcpy(ctx->gf_t4k[i][j], ctx->gf_t4k[i - 2][j], CBLK_LEN8); + mul_x8_64(ctx->gf_t4k[i][j]); + } + + for(j = 2; j < 16; j += j) + { + mode(32t) *pj = ctx->gf_t4k[i][j]; + mode(32t) *pk = ctx->gf_t4k[i][1]; + mode(32t) *pl = ctx->gf_t4k[i][j + 1]; + + for(k = 1; k < j; ++k) + { + *pl++ = pj[0] ^ *pk++; + *pl++ = pj[1] ^ *pk++; + *pl++ = pj[2] ^ *pk++; + *pl++ = pj[3] ^ *pk++; + } + } + } +} + +static int IsBitSet128 (unsigned int bit, unsigned __int8 *a) +{ + return a[(127 - bit) / 8] & (0x80 >> ((127 - bit) % 8)); +} + +static int IsBitSet64 (unsigned int bit, unsigned __int8 *a) +{ + return a[(63 - bit) / 8] & (0x80 >> ((63 - bit) % 8)); +} + +static void SetBit128 (unsigned int bit, unsigned __int8 *a) +{ + a[(127 - bit) / 8] |= 0x80 >> ((127 - bit) % 8); +} + +static void SetBit64 (unsigned int bit, unsigned __int8 *a) +{ + a[(63 - bit) / 8] |= 0x80 >> ((63 - bit) % 8); +} + +void MirrorBits128 (unsigned __int8 *a) +{ + unsigned __int8 t[128 / 8]; + int i; + memset (t,0,16); + for (i = 0; i < 128; i++) + { + if (IsBitSet128(i, a)) + SetBit128 (127 - i, t); + } + memcpy (a, t, sizeof (t)); + burn (t,sizeof (t)); +} + +void MirrorBits64 (unsigned __int8 *a) +{ + unsigned __int8 t[64 / 8]; + int i; + memset (t,0,8); + for (i = 0; i < 64; i++) + { + if (IsBitSet64(i, a)) + SetBit64 (63 - i, t); + } + memcpy (a, t, sizeof (t)); + burn (t,sizeof (t)); +} + +/* Allocate and initialize speed optimization table + for multiplication by 64-bit operand in MSB-first mode */ +int Gf128Tab64Init (unsigned __int8 *a, GfCtx *ctx) +{ + GfCtx8k *ctx8k; + unsigned __int8 am[16]; + int i, j; + + ctx8k = (GfCtx8k *) TCalloc (sizeof (GfCtx8k)); + if (!ctx8k) + return FALSE; + + memcpy (am, a, 16); + MirrorBits128 (am); + compile_8k_table (am, ctx8k); + + /* Convert 8k LSB-first table to 4k MSB-first */ + for (i = 16; i < 32; i++) + { + for (j = 0; j < 16; j++) + { + int jm = 0; + jm |= (j & 0x1) << 3; + jm |= (j & 0x2) << 1; + jm |= (j & 0x4) >> 1; + jm |= (j & 0x8) >> 3; + + memcpy (&ctx->gf_t128[i-16][jm], (unsigned char *)&ctx8k->gf_t8k[31-i][j], 16); + MirrorBits128 ((unsigned char *)&ctx->gf_t128[i-16][jm]); + } + } + + burn (ctx8k ,sizeof (*ctx8k)); + burn (am, sizeof (am)); + TCfree (ctx8k); + return TRUE; +} + + +#define xor_8kt64(i) \ + xor_block_aligned(r, ctx->gf_t128[i + i][a[i] & 15]); \ + xor_block_aligned(r, ctx->gf_t128[i + i + 1][a[i] >> 4]) + +/* Multiply a 128-bit number by a 64-bit number in the finite field GF(2^128) */ +void Gf128MulBy64Tab (unsigned __int8 a[8], unsigned __int8 p[16], GfCtx *ctx) +{ + unsigned __int32 r[CBLK_LEN >> 2]; + + move_block_aligned(r, ctx->gf_t128[7*2][a[7] & 15]); + xor_block_aligned(r, ctx->gf_t128[7*2+1][a[7] >> 4]); + + if (*(unsigned __int16 *)a) + { + xor_8kt64(0); + xor_8kt64(1); + } + if (a[2]) + { + xor_8kt64(2); + } + xor_8kt64(3); + xor_8kt64(4); + xor_8kt64(5); + xor_8kt64(6); + + move_block_aligned(p, r); +} + + + +/* Basic algorithms for testing of optimized algorithms */ + +static void xor128 (uint64 *a, uint64 *b) +{ + *a++ ^= *b++; + *a ^= *b; +} + +static void shl128 (unsigned __int8 *a) +{ + int i, x = 0, xx; + for (i = 15; i >= 0; i--) + { + xx = (a[i] & 0x80) >> 7; + a[i] = (char) ((a[i] << 1) | x); + x = xx; + } +} + +static void GfMul128Basic (unsigned __int8 *a, unsigned __int8 *b, unsigned __int8 *p) +{ + int i; + unsigned __int8 la[16]; + memcpy (la, a, 16); + memset (p, 0, 16); + + for (i = 0; i < 128; i++) + { + if (IsBitSet128 (i, b)) + xor128 ((uint64 *)p, (uint64 *)la); + + if (la[0] & 0x80) + { + shl128 (la); + la[15] ^= 0x87; + } + else + { + shl128 (la); + } + } +} + + +BOOL GfMulSelfTest () +{ + BOOL result = TRUE; + unsigned __int8 a[16]; + unsigned __int8 b[16]; + unsigned __int8 p1[16]; + unsigned __int8 p2[16]; + GfCtx *gfCtx = (GfCtx *) TCalloc (sizeof (GfCtx)); + int i, j; + + if (!gfCtx) + return FALSE; + + + /* GF(2^128) */ + for (i = 0; i < 0x100; i++) + { + for (j = 0; j < 16; j++) + { + a[j] = (unsigned __int8) i; + b[j] = j < 8 ? 0 : a[j] ^ 0xff; + } + + GfMul128Basic (a, b, p1); + + Gf128Tab64Init (a, gfCtx); + Gf128MulBy64Tab (b + 8, p2, gfCtx); + + if (memcmp (p1, p2, 16) != 0) + result = FALSE; + } + + TCfree (gfCtx); + return result; +} + +#if defined(__cplusplus) +} +#endif diff --git a/src/Common/GfMul.h b/src/Common/GfMul.h index 12dc864f..bc1ab435 100644 --- a/src/Common/GfMul.h +++ b/src/Common/GfMul.h @@ -1,74 +1,74 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software is allowed (with or without - changes) provided that: - - 1. source code distributions include the above copyright notice, this - list of conditions and the following disclaimer; - - 2. binary distributions include the above copyright notice, this list - of conditions and the following disclaimer in their documentation; - - 3. the name of the copyright holder is not used to endorse products - built using this software without specific written permission. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 31/01/2004 -*/ - -/* Adapted for TrueCrypt */ - -#ifndef _GCM_H -#define _GCM_H - -#include "Tcdefs.h" - -#if defined(__cplusplus) -extern "C" -{ -#endif - -#define CBLK_LEN 16 /* encryption block length */ -#define CBLK_LEN8 8 - -typedef struct -{ - unsigned __int32 gf_t8k[CBLK_LEN * 2][16][CBLK_LEN / 4]; -} GfCtx8k; - -typedef struct -{ - unsigned __int32 gf_t4k[CBLK_LEN8 * 2][16][CBLK_LEN / 4]; -} GfCtx4k64; - -typedef struct -{ - /* union not used to support faster mounting */ - unsigned __int32 gf_t128[CBLK_LEN * 2 / 2][16][CBLK_LEN / 4]; - unsigned __int32 gf_t64[CBLK_LEN8 * 2][16][CBLK_LEN8 / 4]; -} GfCtx; - -typedef int ret_type; - -void GfMul128 (void *a, const void* b); -void GfMul128Tab(unsigned char a[16], GfCtx8k *ctx); -int Gf128Tab64Init (unsigned __int8 *a, GfCtx *ctx); -void Gf128MulBy64Tab (unsigned __int8 a[8], unsigned __int8 p[16], GfCtx *ctx); -void MirrorBits128 (unsigned __int8 *a); -void MirrorBits64 (unsigned __int8 *a); -BOOL GfMulSelfTest (); - -#if defined(__cplusplus) -} -#endif - -#endif +/* + --------------------------------------------------------------------------- + Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 31/01/2004 +*/ + +/* Adapted for TrueCrypt */ + +#ifndef _GCM_H +#define _GCM_H + +#include "Tcdefs.h" + +#if defined(__cplusplus) +extern "C" +{ +#endif + +#define CBLK_LEN 16 /* encryption block length */ +#define CBLK_LEN8 8 + +typedef struct +{ + unsigned __int32 gf_t8k[CBLK_LEN * 2][16][CBLK_LEN / 4]; +} GfCtx8k; + +typedef struct +{ + unsigned __int32 gf_t4k[CBLK_LEN8 * 2][16][CBLK_LEN / 4]; +} GfCtx4k64; + +typedef struct +{ + /* union not used to support faster mounting */ + unsigned __int32 gf_t128[CBLK_LEN * 2 / 2][16][CBLK_LEN / 4]; + unsigned __int32 gf_t64[CBLK_LEN8 * 2][16][CBLK_LEN8 / 4]; +} GfCtx; + +typedef int ret_type; + +void GfMul128 (void *a, const void* b); +void GfMul128Tab(unsigned char a[16], GfCtx8k *ctx); +int Gf128Tab64Init (unsigned __int8 *a, GfCtx *ctx); +void Gf128MulBy64Tab (unsigned __int8 a[8], unsigned __int8 p[16], GfCtx *ctx); +void MirrorBits128 (unsigned __int8 *a); +void MirrorBits64 (unsigned __int8 *a); +BOOL GfMulSelfTest (); + +#if defined(__cplusplus) +} +#endif + +#endif diff --git a/src/Common/Inflate.c b/src/Common/Inflate.c index bf850e79..2d8c96b6 100644 --- a/src/Common/Inflate.c +++ b/src/Common/Inflate.c @@ -1,1321 +1,1321 @@ -/* inflate.c -- put in the public domain by Mark Adler */ - -/* Decompresses raw data compressed using the DEFLATE algorithm (RFC 1951) */ - -/* You can do whatever you like with this source file, though I would - prefer that if you modify it and redistribute it that you include - comments to that effect with your name and the date. Thank you. - - History: - vers date who what - ---- --------- -------------- ------------------------------------ - a ~~ Feb 92 M. Adler used full (large, one-step) lookup table - b1 21 Mar 92 M. Adler first version with partial lookup tables - b2 21 Mar 92 M. Adler fixed bug in fixed-code blocks - b3 22 Mar 92 M. Adler sped up match copies, cleaned up some - b4 25 Mar 92 M. Adler added prototypes; removed window[] (now - is the responsibility of unzip.h--also - changed name to slide[]), so needs diffs - for unzip.c and unzip.h (this allows - compiling in the small model on MSDOS); - fixed cast of q in huft_build(); - b5 26 Mar 92 M. Adler got rid of unintended macro recursion. - b6 27 Mar 92 M. Adler got rid of nextbyte() routine. fixed - bug in inflate_fixed(). - c1 30 Mar 92 M. Adler removed lbits, dbits environment variables. - changed BMAX to 16 for explode. Removed - OUTB usage, and replaced it with flush()-- - this was a 20% speed improvement! Added - an explode.c (to replace unimplod.c) that - uses the huft routines here. Removed - register union. - c2 4 Apr 92 M. Adler fixed bug for file sizes a multiple of 32k. - c3 10 Apr 92 M. Adler reduced memory of code tables made by - huft_build significantly (factor of two to - three). - c4 15 Apr 92 M. Adler added NOMEMCPY do kill use of memcpy(). - worked around a Turbo C optimization bug. - c5 21 Apr 92 M. Adler added the WSIZE #define to allow reducing - the 32K window size for specialized - applications. - c6 31 May 92 M. Adler added some typecasts to eliminate warnings - c7 27 Jun 92 G. Roelofs added some more typecasts (444: MSC bug). - c8 5 Oct 92 J-l. Gailly added ifdef'd code to deal with PKZIP bug. - c9 9 Oct 92 M. Adler removed a memory error message (~line 416). - c10 17 Oct 92 G. Roelofs changed ULONG/UWORD/byte to ulg/ush/uch, - removed old inflate, renamed inflate_entry - to inflate, added Mark's fix to a comment. - c10.5 14 Dec 92 M. Adler fix up error messages for incomplete trees. - c11 2 Jan 93 M. Adler fixed bug in detection of incomplete - tables, and removed assumption that EOB is - the longest code (bad assumption). - c12 3 Jan 93 M. Adler make tables for fixed blocks only once. - c13 5 Jan 93 M. Adler allow all zero length codes (pkzip 2.04c - outputs one zero length code for an empty - distance tree). - c14 12 Mar 93 M. Adler made inflate.c standalone with the - introduction of inflate.h. - c14b 16 Jul 93 G. Roelofs added (unsigned) typecast to w at 470. - c14c 19 Jul 93 J. Bush changed v[N_MAX], l[288], ll[28x+3x] arrays - to static for Amiga. - c14d 13 Aug 93 J-l. Gailly de-complicatified Mark's c[*p++]++ thing. - c14e 8 Oct 93 G. Roelofs changed memset() to memzero(). - c14f 22 Oct 93 G. Roelofs renamed quietflg to qflag; made Trace() - conditional; added inflate_free(). - c14g 28 Oct 93 G. Roelofs changed l/(lx+1) macro to pointer (Cray bug) - c14h 7 Dec 93 C. Ghisler huft_build() optimizations. - c14i 9 Jan 94 A. Verheijen set fixed_t{d,l} to NULL after freeing; - G. Roelofs check NEXTBYTE macro for EOF. - c14j 23 Jan 94 G. Roelofs removed Ghisler "optimizations"; ifdef'd - EOF check. - c14k 27 Feb 94 G. Roelofs added some typecasts to avoid warnings. - c14l 9 Apr 94 G. Roelofs fixed split comments on preprocessor lines - to avoid bug in Encore compiler. - c14m 7 Jul 94 P. Kienitz modified to allow assembler version of - inflate_codes() (define ASM_INFLATECODES) - c14n 22 Jul 94 G. Roelofs changed fprintf to macro for DLL versions - c14o 23 Aug 94 C. Spieler added a newline to a debug statement; - G. Roelofs added another typecast to avoid MSC warning - c14p 4 Oct 94 G. Roelofs added (voidp *) cast to free() argument - c14q 30 Oct 94 G. Roelofs changed fprintf macro to MESSAGE() - c14r 1 Nov 94 G. Roelofs fixed possible redefinition of CHECK_EOF - c14s 7 May 95 S. Maxwell OS/2 DLL globals stuff incorporated; - P. Kienitz "fixed" ASM_INFLATECODES macro/prototype - c14t 18 Aug 95 G. Roelofs added inflate() to use zlib functions; - changed voidp to zvoid; moved huft_build() - and huft_free() to end of file - c14u 1 Oct 95 G. Roelofs moved G into definition of MESSAGE macro - c14v 8 Nov 95 P. Kienitz changed ASM_INFLATECODES to use a regular - call with __G__ instead of a macro - c15 3 Aug 96 M. Adler fixed bomb-bug on random input data (Adobe) - c15b 24 Aug 96 M. Adler more fixes for random input data - c15c 28 Mar 97 G. Roelofs changed USE_ZLIB fatal exit code from - PK_MEM2 to PK_MEM3 - c16 20 Apr 97 J. Altman added memzero(v[]) in huft_build() - c16b 29 Mar 98 C. Spieler modified DLL code for slide redirection - - fork 12 Dec 07 Adapted for TrueCrypt - */ - - -/* - Inflate deflated (PKZIP's method 8 compressed) data. The compression - method searches for as much of the current string of bytes (up to a - length of 258) in the previous 32K bytes. If it doesn't find any - matches (of at least length 3), it codes the next byte. Otherwise, it - codes the length of the matched string and its distance backwards from - the current position. There is a single Huffman code that codes both - single bytes (called "literals") and match lengths. A second Huffman - code codes the distance information, which follows a length code. Each - length or distance code actually represents a base value and a number - of "extra" (sometimes zero) bits to get to add to the base value. At - the end of each deflated block is a special end-of-block (EOB) literal/ - length code. The decoding process is basically: get a literal/length - code; if EOB then done; if a literal, emit the decoded byte; if a - length then get the distance and emit the referred-to bytes from the - sliding window of previously emitted data. - - There are (currently) three kinds of inflate blocks: stored, fixed, and - dynamic. The compressor outputs a chunk of data at a time and decides - which method to use on a chunk-by-chunk basis. A chunk might typically - be 32K to 64K, uncompressed. If the chunk is uncompressible, then the - "stored" method is used. In this case, the bytes are simply stored as - is, eight bits per byte, with none of the above coding. The bytes are - preceded by a count, since there is no longer an EOB code. - - If the data are compressible, then either the fixed or dynamic methods - are used. In the dynamic method, the compressed data are preceded by - an encoding of the literal/length and distance Huffman codes that are - to be used to decode this block. The representation is itself Huffman - coded, and so is preceded by a description of that code. These code - descriptions take up a little space, and so for small blocks, there is - a predefined set of codes, called the fixed codes. The fixed method is - used if the block ends up smaller that way (usually for quite small - chunks); otherwise the dynamic method is used. In the latter case, the - codes are customized to the probabilities in the current block and so - can code it much better than the pre-determined fixed codes can. - - The Huffman codes themselves are decoded using a multi-level table - lookup, in order to maximize the speed of decoding plus the speed of - building the decoding tables. See the comments below that precede the - lbits and dbits tuning parameters. - - GRR: return values(?) - 0 OK - 1 incomplete table - 2 bad input - 3 not enough memory - */ - - -/* - Notes beyond the 1.93a appnote.txt: - - 1. Distance pointers never point before the beginning of the output - stream. - 2. Distance pointers can point back across blocks, up to 32k away. - 3. There is an implied maximum of 7 bits for the bit length table and - 15 bits for the actual data. - 4. If only one code exists, then it is encoded using one bit. (Zero - would be more efficient, but perhaps a little confusing.) If two - codes exist, they are coded using one bit each (0 and 1). - 5. There is no way of sending zero distance codes--a dummy must be - sent if there are none. (History: a pre 2.0 version of PKZIP would - store blocks with no distance codes, but this was discovered to be - too harsh a criterion.) Valid only for 1.93a. 2.04c does allow - zero distance codes, which is sent as one code of zero bits in - length. - 6. There are up to 286 literal/length codes. Code 256 represents the - end-of-block. Note however that the static length tree defines - 288 codes just to fill out the Huffman codes. Codes 286 and 287 - cannot be used though, since there is no length base or extra bits - defined for them. Similarily, there are up to 30 distance codes. - However, static trees define 32 codes (all 5 bits) to fill out the - Huffman codes, but the last two had better not show up in the data. - 7. Unzip can check dynamic Huffman blocks for complete code sets. - The exception is that a single code would not be complete (see #4). - 8. The five bits following the block type is really the number of - literal codes sent minus 257. - 9. Length codes 8,16,16 are interpreted as 13 length codes of 8 bits - (1+6+6). Therefore, to output three times the length, you output - three codes (1+1+1), whereas to output four times the same length, - you only need two codes (1+3). Hmm. - 10. In the tree reconstruction algorithm, Code = Code + Increment - only if BitLength(i) is not zero. (Pretty obvious.) - 11. Correction: 4 Bits: # of Bit Length codes - 4 (4 - 19) - 12. Note: length code 284 can represent 227-258, but length code 285 - really is 258. The last length deserves its own, short code - since it gets used a lot in very redundant files. The length - 258 is special since 258 - 3 (the min match length) is 255. - 13. The literal/length and distance code bit lengths are read as a - single stream of lengths. It is possible (and advantageous) for - a repeat code (16, 17, or 18) to go across the boundary between - the two sets of lengths. - */ - - -/* #define DEBUG */ -#define INFMOD /* tell inflate.h to include code to be compiled */ -#include "inflate.h" - - -#ifndef WSIZE /* default is 32K */ -# define WSIZE 0x8000 /* window size--must be a power of two, and at least */ -#endif /* 32K for zip's deflate method */ - -#if (defined(DLL) && !defined(NO_SLIDE_REDIR)) -# define wsize G._wsize /* wsize is a variable */ -#else -# define wsize WSIZE /* wsize is a constant */ -#endif - - -#ifndef NEXTBYTE /* default is to simply get a byte from stdin */ -# define NEXTBYTE getchar() -#endif - -#ifndef MESSAGE /* only used twice, for fixed strings--NOT general-purpose */ -# define MESSAGE(str,len,flag) fprintf(stderr,(char *)(str)) -#endif - -#ifndef FLUSH /* default is to simply write the buffer to stdout */ -# define FLUSH(n) fwrite(redirSlide, 1, n, stdout) /* return value not used */ -#endif -/* Warning: the fwrite above might not work on 16-bit compilers, since - 0x8000 might be interpreted as -32,768 by the library function. */ - -#ifndef Trace -# ifdef DEBUG -# define Trace(x) fprintf x -# else -# define Trace(x) -# endif -#endif - -G_struct G; -uch redirSlide [WSIZE]; - -/*---------------------------------------------------------------------------*/ -#ifdef USE_ZLIB - - -/* - GRR: return values for both original inflate() and inflate() - 0 OK - 1 incomplete table(?) - 2 bad input - 3 not enough memory - */ - -/**************************/ -/* Function inflate() */ -/**************************/ - -int inflate(__G) /* decompress an inflated entry using the zlib routines */ - __GDEF -{ - int err=Z_OK; - -#if (defined(DLL) && !defined(NO_SLIDE_REDIR)) - if (G.redirect_slide) - wsize = G.redirect_size, redirSlide = G.redirect_buffer; - else - wsize = WSIZE, redirSlide = slide; -#endif - - G.dstrm.next_out = redirSlide; - G.dstrm.avail_out = wsize; - - G.dstrm.next_in = G.inptr; - G.dstrm.avail_in = G.incnt; - - if (!G.inflInit) { - unsigned i; - int windowBits; - - /* only need to test this stuff once */ - if (zlib_version[0] != ZLIB_VERSION[0]) { - Info(slide, 0x21, ((char *)slide, - "error: incompatible zlib version (expected %s, found %s)\n", - ZLIB_VERSION, zlib_version)); - return 3; - } else if (strcmp(zlib_version, ZLIB_VERSION) != 0) - Info(slide, 0x21, ((char *)slide, - "warning: different zlib version (expected %s, using %s)\n", - ZLIB_VERSION, zlib_version)); - - /* windowBits = log2(wsize) */ - for (i = ((unsigned)wsize * 2 - 1), windowBits = 0; - !(i & 1); i >>= 1, ++windowBits); - if ((unsigned)windowBits > (unsigned)15) - windowBits = 15; - else if (windowBits < 8) - windowBits = 8; - - G.dstrm.zalloc = (alloc_func)Z_NULL; - G.dstrm.zfree = (free_func)Z_NULL; - - Trace((stderr, "initializing inflate()\n")); - err = inflateInit2(&G.dstrm, -windowBits); - - if (err == Z_MEM_ERROR) - return 3; - else if (err != Z_OK) - Trace((stderr, "oops! (inflateInit2() err = %d)\n", err)); - G.inflInit = 1; - } - -#ifdef FUNZIP - while (err != Z_STREAM_END) { -#else /* !FUNZIP */ - while (G.csize > 0) { - Trace((stderr, "first loop: G.csize = %ld\n", G.csize)); -#endif /* ?FUNZIP */ - while (G.dstrm.avail_out > 0) { - err = inflate(&G.dstrm, Z_PARTIAL_FLUSH); - - if (err == Z_DATA_ERROR) - return 2; - else if (err == Z_MEM_ERROR) - return 3; - else if (err != Z_OK && err != Z_STREAM_END) - Trace((stderr, "oops! (inflate(first loop) err = %d)\n", err)); - -#ifdef FUNZIP - if (err == Z_STREAM_END) /* "END-of-entry-condition" ? */ -#else /* !FUNZIP */ - if (G.csize <= 0L) /* "END-of-entry-condition" ? */ -#endif /* ?FUNZIP */ - break; - - if (G.dstrm.avail_in <= 0) { - if (fillinbuf(__G) == 0) - return 2; /* no "END-condition" yet, but no more data */ - - G.dstrm.next_in = G.inptr; - G.dstrm.avail_in = G.incnt; - } - Trace((stderr, " avail_in = %d\n", G.dstrm.avail_in)); - } - FLUSH(wsize - G.dstrm.avail_out); /* flush slide[] */ - Trace((stderr, "inside loop: flushing %ld bytes (ptr diff = %ld)\n", - (long)(wsize - G.dstrm.avail_out), - (long)(G.dstrm.next_out-(Bytef *)redirSlide))); - G.dstrm.next_out = redirSlide; - G.dstrm.avail_out = wsize; - } - - /* no more input, so loop until we have all output */ - Trace((stderr, "beginning final loop: err = %d\n", err)); - while (err != Z_STREAM_END) { - err = inflate(&G.dstrm, Z_PARTIAL_FLUSH); - if (err == Z_DATA_ERROR) - return 2; - else if (err == Z_MEM_ERROR) - return 3; - else if (err == Z_BUF_ERROR) { /* DEBUG */ - Trace((stderr, "zlib inflate() did not detect stream end (%s, %s)\n" - , G.zipfn, G.filename)); - break; - } else if (err != Z_OK && err != Z_STREAM_END) { - Trace((stderr, "oops! (inflate(final loop) err = %d)\n", err)); - DESTROYGLOBALS() - EXIT(PK_MEM3); - } - FLUSH(wsize - G.dstrm.avail_out); /* final flush of slide[] */ - Trace((stderr, "final loop: flushing %ld bytes (ptr diff = %ld)\n", - (long)(wsize - G.dstrm.avail_out), - (long)(G.dstrm.next_out-(Bytef *)redirSlide))); - G.dstrm.next_out = redirSlide; - G.dstrm.avail_out = wsize; - } - Trace((stderr, "total in = %ld, total out = %ld\n", G.dstrm.total_in, - G.dstrm.total_out)); - - G.inptr = (uch *)G.dstrm.next_in; - G.incnt = (G.inbuf + INBUFSIZ) - G.inptr; /* reset for other routines */ - - err = inflateReset(&G.dstrm); - if (err != Z_OK) - Trace((stderr, "oops! (inflateReset() err = %d)\n", err)); - - return 0; -} - - -/*---------------------------------------------------------------------------*/ -#else /* !USE_ZLIB */ - - -/* Function prototypes */ -#ifndef OF -# ifdef __STDC__ -# define OF(a) a -# else -# define OF(a) () -# endif -#endif /* !OF */ -int inflate_codes OF((__GPRO__ struct huft *tl, struct huft *td, - int bl, int bd)); -static int inflate_stored OF((__GPRO)); -static int inflate_fixed OF((__GPRO)); -static int inflate_dynamic OF((__GPRO)); -static int inflate_block OF((__GPRO__ int *e)); - - -/* The inflate algorithm uses a sliding 32K byte window on the uncompressed - stream to find repeated byte strings. This is implemented here as a - circular buffer. The index is updated simply by incrementing and then - and'ing with 0x7fff (32K-1). */ -/* It is left to other modules to supply the 32K area. It is assumed - to be usable as if it were declared "uch slide[32768];" or as just - "uch *slide;" and then malloc'ed in the latter case. The definition - must be in unzip.h, included above. */ - - -/* unsigned wp; moved to globals.h */ /* current position in slide */ - - -/* Tables for deflate from PKZIP's appnote.txt. */ -static ZCONST unsigned border[] = { /* Order of the bit length code lengths */ - 16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15}; -static ZCONST ush cplens[] = { /* Copy lengths for literal codes 257..285 */ - 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31, - 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0}; - /* note: see note #13 above about the 258 in this list. */ -static ZCONST ush cplext[] = { /* Extra bits for literal codes 257..285 */ - 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 2, 2, 2, 2, - 3, 3, 3, 3, 4, 4, 4, 4, 5, 5, 5, 5, 0, 99, 99}; /* 99==invalid */ -static ZCONST ush cpdist[] = { /* Copy offsets for distance codes 0..29 */ - 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193, - 257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145, - 8193, 12289, 16385, 24577}; -static ZCONST ush cpdext[] = { /* Extra bits for distance codes */ - 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 6, - 7, 7, 8, 8, 9, 9, 10, 10, 11, 11, - 12, 12, 13, 13}; - - -/* moved to consts.h (included in unzip.c), resp. funzip.c */ -#if 1 -/* And'ing with mask_bits[n] masks the lower n bits */ -ZCONST ush near mask_bits[] = { - 0x0000, - 0x0001, 0x0003, 0x0007, 0x000f, 0x001f, 0x003f, 0x007f, 0x00ff, - 0x01ff, 0x03ff, 0x07ff, 0x0fff, 0x1fff, 0x3fff, 0x7fff, 0xffff -}; -#endif /* 0 */ - - -/* Macros for inflate() bit peeking and grabbing. - The usage is: - - NEEDBITS(j) - x = b & mask_bits[j]; - DUMPBITS(j) - - where NEEDBITS makes sure that b has at least j bits in it, and - DUMPBITS removes the bits from b. The macros use the variable k - for the number of bits in b. Normally, b and k are register - variables for speed and are initialized at the begining of a - routine that uses these macros from a global bit buffer and count. - - In order to not ask for more bits than there are in the compressed - stream, the Huffman tables are constructed to only ask for just - enough bits to make up the end-of-block code (value 256). Then no - bytes need to be "returned" to the buffer at the end of the last - block. See the huft_build() routine. - */ - -/* These have been moved to globals.h */ -#if 0 -ulg bb; /* bit buffer */ -unsigned bk; /* bits in bit buffer */ -#endif - -#ifndef CHECK_EOF -# define CHECK_EOF /* default as of 5.13/5.2 */ -#endif - -#ifndef CHECK_EOF -# define NEEDBITS(n) {while(k<(n)){b|=((ulg)NEXTBYTE)<>=(n);k-=(n);} - - -/* - Huffman code decoding is performed using a multi-level table lookup. - The fastest way to decode is to simply build a lookup table whose - size is determined by the longest code. However, the time it takes - to build this table can also be a factor if the data being decoded - are not very long. The most common codes are necessarily the - shortest codes, so those codes dominate the decoding time, and hence - the speed. The idea is you can have a shorter table that decodes the - shorter, more probable codes, and then point to subsidiary tables for - the longer codes. The time it costs to decode the longer codes is - then traded against the time it takes to make longer tables. - - This results of this trade are in the variables lbits and dbits - below. lbits is the number of bits the first level table for literal/ - length codes can decode in one step, and dbits is the same thing for - the distance codes. Subsequent tables are also less than or equal to - those sizes. These values may be adjusted either when all of the - codes are shorter than that, in which case the longest code length in - bits is used, or when the shortest code is *longer* than the requested - table size, in which case the length of the shortest code in bits is - used. - - There are two different values for the two tables, since they code a - different number of possibilities each. The literal/length table - codes 286 possible values, or in a flat code, a little over eight - bits. The distance table codes 30 possible values, or a little less - than five bits, flat. The optimum values for speed end up being - about one bit more than those, so lbits is 8+1 and dbits is 5+1. - The optimum values may differ though from machine to machine, and - possibly even between compilers. Your mileage may vary. - */ - -static ZCONST int lbits = 9; /* bits in base literal/length lookup table */ -static ZCONST int dbits = 6; /* bits in base distance lookup table */ - - -#ifndef ASM_INFLATECODES - -#pragma warning(disable:4131) - -int inflate_codes(__G__ tl, td, bl, bd) - __GDEF -struct huft *tl, *td; /* literal/length and distance decoder tables */ -int bl, bd; /* number of bits decoded by tl[] and td[] */ -/* inflate (decompress) the codes in a deflated (compressed) block. - Return an error code or zero if it all goes ok. */ -{ - register unsigned e; /* table entry flag/number of extra bits */ - unsigned n, d; /* length and index for copy */ - unsigned w; /* current window position */ - struct huft *t; /* pointer to table entry */ - unsigned ml, md; /* masks for bl and bd bits */ - register ulg b; /* bit buffer */ - register unsigned k; /* number of bits in bit buffer */ - - - /* make local copies of globals */ - b = G.bb; /* initialize bit buffer */ - k = G.bk; - w = G.wp; /* initialize window position */ - - - /* inflate the coded data */ - ml = mask_bits[bl]; /* precompute masks for speed */ - md = mask_bits[bd]; - while (1) /* do until end of block */ - { - NEEDBITS((unsigned)bl) - if ((e = (t = tl + ((unsigned)b & ml))->e) > 16) - do { - if (e == 99) - return 1; - DUMPBITS(t->b) - e -= 16; - NEEDBITS(e) - } while ((e = (t = t->v.t + ((unsigned)b & mask_bits[e]))->e) > 16); - DUMPBITS(t->b) - if (e == 16) /* then it's a literal */ - { - redirSlide[w++] = (uch)t->v.n; - if (w == wsize) - { - FLUSH(w); - w = 0; - } - } - else /* it's an EOB or a length */ - { - /* exit if end of block */ - if (e == 15) - break; - - /* get length of block to copy */ - NEEDBITS(e) - n = t->v.n + ((unsigned)b & mask_bits[e]); - DUMPBITS(e); - - /* decode distance of block to copy */ - NEEDBITS((unsigned)bd) - if ((e = (t = td + ((unsigned)b & md))->e) > 16) - do { - if (e == 99) - return 1; - DUMPBITS(t->b) - e -= 16; - NEEDBITS(e) - } while ((e = (t = t->v.t + ((unsigned)b & mask_bits[e]))->e) > 16); - DUMPBITS(t->b) - NEEDBITS(e) - d = w - t->v.n - ((unsigned)b & mask_bits[e]); - DUMPBITS(e) - - /* do the copy */ - do { -#if (defined(DLL) && !defined(NO_SLIDE_REDIR)) - if (G.redirect_slide) {/* &= w/ wsize unnecessary & wrong if redirect */ - if (d >= wsize) - return 1; /* invalid compressed data */ - n -= (e = (e = wsize - (d > w ? d : w)) > n ? n : e); - } - else -#endif - n -= (e = (e = wsize - ((d &= wsize-1) > w ? d : w)) > n ? n : e); -#ifndef NOMEMCPY - if (w - d >= e) /* (this test assumes unsigned comparison) */ - { - memcpy(redirSlide + w, redirSlide + d, e); - w += e; - d += e; - } - else /* do it slowly to avoid memcpy() overlap */ -#endif /* !NOMEMCPY */ - do { - redirSlide[w++] = redirSlide[d++]; - } while (--e); - if (w == wsize) - { - FLUSH(w); - w = 0; - } - } while (n); - } - } - - - /* restore the globals from the locals */ - G.wp = w; /* restore global window pointer */ - G.bb = b; /* restore global bit buffer */ - G.bk = k; - - - /* done */ - return 0; -} - -#endif /* ASM_INFLATECODES */ - - - -static int inflate_stored(__G) - __GDEF -/* "decompress" an inflated type 0 (stored) block. */ -{ - unsigned n; /* number of bytes in block */ - unsigned w; /* current window position */ - register ulg b; /* bit buffer */ - register unsigned k; /* number of bits in bit buffer */ - - - /* make local copies of globals */ - Trace((stderr, "\nstored block")); - b = G.bb; /* initialize bit buffer */ - k = G.bk; - w = G.wp; /* initialize window position */ - - - /* go to byte boundary */ - n = k & 7; - DUMPBITS(n); - - - /* get the length and its complement */ - NEEDBITS(16) - n = ((unsigned)b & 0xffff); - DUMPBITS(16) - NEEDBITS(16) - if (n != (unsigned)((~b) & 0xffff)) - return 1; /* error in compressed data */ - DUMPBITS(16) - - - /* read and output the compressed data */ - while (n--) - { - NEEDBITS(8) - redirSlide[w++] = (uch)b; - if (w == wsize) - { - FLUSH(w); - w = 0; - } - DUMPBITS(8) - } - - - /* restore the globals from the locals */ - G.wp = w; /* restore global window pointer */ - G.bb = b; /* restore global bit buffer */ - G.bk = k; - return 0; -} - - -/* Globals for literal tables (built once) */ -/* Moved to globals.h */ -#if 0 -struct huft *fixed_tl = (struct huft *)NULL; -struct huft *fixed_td; -int fixed_bl, fixed_bd; -#endif - -static int inflate_fixed(__G) - __GDEF -/* decompress an inflated type 1 (fixed Huffman codes) block. We should - either replace this with a custom decoder, or at least precompute the - Huffman tables. */ -{ - /* if first time, set up tables for fixed blocks */ - Trace((stderr, "\nliteral block")); - if (G.fixed_tl == (struct huft *)NULL) - { - int i; /* temporary variable */ - unsigned l[288]; /* length list for huft_build */ - - /* literal table */ - for (i = 0; i < 144; i++) - l[i] = 8; - for (; i < 256; i++) - l[i] = 9; - for (; i < 280; i++) - l[i] = 7; - for (; i < 288; i++) /* make a complete, but wrong code set */ - l[i] = 8; - G.fixed_bl = 7; - if ((i = huft_build(__G__ l, 288, 257, cplens, cplext, - &G.fixed_tl, &G.fixed_bl)) != 0) - { - G.fixed_tl = (struct huft *)NULL; - return i; - } - - /* distance table */ - for (i = 0; i < 30; i++) /* make an incomplete code set */ - l[i] = 5; - G.fixed_bd = 5; - if ((i = huft_build(__G__ l, 30, 0, cpdist, cpdext, - &G.fixed_td, &G.fixed_bd)) > 1) - { - huft_free(G.fixed_tl); - G.fixed_tl = (struct huft *)NULL; - return i; - } - } - - /* decompress until an end-of-block code */ - return inflate_codes(__G__ G.fixed_tl, G.fixed_td, - G.fixed_bl, G.fixed_bd) != 0; -} - - - -static int inflate_dynamic(__G) - __GDEF -/* decompress an inflated type 2 (dynamic Huffman codes) block. */ -{ - int i; /* temporary variables */ - unsigned j; - unsigned l; /* last length */ - unsigned m; /* mask for bit lengths table */ - unsigned n; /* number of lengths to get */ - struct huft *tl; /* literal/length code table */ - struct huft *td; /* distance code table */ - int bl; /* lookup bits for tl */ - int bd; /* lookup bits for td */ - unsigned nb; /* number of bit length codes */ - unsigned nl; /* number of literal/length codes */ - unsigned nd; /* number of distance codes */ -#ifdef PKZIP_BUG_WORKAROUND - unsigned ll[288+32]; /* literal/length and distance code lengths */ -#else - unsigned ll[286+30]; /* literal/length and distance code lengths */ -#endif - register ulg b; /* bit buffer */ - register unsigned k; /* number of bits in bit buffer */ - - - /* make local bit buffer */ - Trace((stderr, "\ndynamic block")); - b = G.bb; - k = G.bk; - - - /* read in table lengths */ - NEEDBITS(5) - nl = 257 + ((unsigned)b & 0x1f); /* number of literal/length codes */ - DUMPBITS(5) - NEEDBITS(5) - nd = 1 + ((unsigned)b & 0x1f); /* number of distance codes */ - DUMPBITS(5) - NEEDBITS(4) - nb = 4 + ((unsigned)b & 0xf); /* number of bit length codes */ - DUMPBITS(4) -#ifdef PKZIP_BUG_WORKAROUND - if (nl > 288 || nd > 32) -#else - if (nl > 286 || nd > 30) -#endif - return 1; /* bad lengths */ - - - /* read in bit-length-code lengths */ - for (j = 0; j < nb; j++) - { - NEEDBITS(3) - ll[border[j]] = (unsigned)b & 7; - DUMPBITS(3) - } - for (; j < 19; j++) - ll[border[j]] = 0; - - - /* build decoding table for trees--single level, 7 bit lookup */ - bl = 7; - i = huft_build(__G__ ll, 19, 19, NULL, NULL, &tl, &bl); - if (bl == 0) /* no bit lengths */ - i = 1; - if (i) - { - if (i == 1) - huft_free(tl); - return i; /* incomplete code set */ - } - - - /* read in literal and distance code lengths */ - n = nl + nd; - m = mask_bits[bl]; - i = l = 0; - while ((unsigned)i < n) - { - NEEDBITS((unsigned)bl) - j = (td = tl + ((unsigned)b & m))->b; - DUMPBITS(j) - j = td->v.n; - if (j < 16) /* length of code in bits (0..15) */ - ll[i++] = l = j; /* save last length in l */ - else if (j == 16) /* repeat last length 3 to 6 times */ - { - NEEDBITS(2) - j = 3 + ((unsigned)b & 3); - DUMPBITS(2) - if ((unsigned)i + j > n) - { - huft_free(tl); - return 1; - } - while (j--) - ll[i++] = l; - } - else if (j == 17) /* 3 to 10 zero length codes */ - { - NEEDBITS(3) - j = 3 + ((unsigned)b & 7); - DUMPBITS(3) - if ((unsigned)i + j > n) - { - huft_free(tl); - return 1; - } - while (j--) - ll[i++] = 0; - l = 0; - } - else /* j == 18: 11 to 138 zero length codes */ - { - NEEDBITS(7) - j = 11 + ((unsigned)b & 0x7f); - DUMPBITS(7) - if ((unsigned)i + j > n) - { - huft_free(tl); - return 1; - } - while (j--) - ll[i++] = 0; - l = 0; - } - } - - - /* free decoding table for trees */ - huft_free(tl); - - - /* restore the global bit buffer */ - G.bb = b; - G.bk = k; - - - /* build the decoding tables for literal/length and distance codes */ - bl = lbits; - i = huft_build(__G__ ll, nl, 257, cplens, cplext, &tl, &bl); - if (bl == 0) /* no literals or lengths */ - i = 1; - if (i) - { - if (i == 1) { - //if (!uO.qflag) - MESSAGE((uch *)"(incomplete l-tree) ", 21L, 1); - huft_free(tl); - } - return i; /* incomplete code set */ - } - bd = dbits; - i = huft_build(__G__ ll + nl, nd, 0, cpdist, cpdext, &td, &bd); - if (bd == 0 && nl > 257) /* lengths but no distances */ - { - //if (!uO.qflag) - MESSAGE((uch *)"(incomplete d-tree) ", 21L, 1); - huft_free(tl); - huft_free(td); - return 1; - } - if (i == 1) { -#ifdef PKZIP_BUG_WORKAROUND - i = 0; -#else - //if (!uO.qflag) - MESSAGE((uch *)"(incomplete d-tree) ", 21L, 1); - huft_free(td); - td = NULL; -#endif - } - if (i) - { - huft_free(tl); - return i; - } - - - /* decompress until an end-of-block code */ - i = inflate_codes(__G__ tl, td, bl, bd); - - /* free the decoding tables, return */ - huft_free(tl); - huft_free(td); - - if (i) - return 1; - - return 0; -} - - - -static int inflate_block(__G__ e) - __GDEF - int *e; /* last block flag */ -/* decompress an inflated block */ -{ - unsigned t; /* block type */ - register ulg b; /* bit buffer */ - register unsigned k; /* number of bits in bit buffer */ - - - /* make local bit buffer */ - b = G.bb; - k = G.bk; - - - /* read in last block bit */ - NEEDBITS(1) - *e = (int)b & 1; - DUMPBITS(1) - - - /* read in block type */ - NEEDBITS(2) - t = (unsigned)b & 3; - DUMPBITS(2) - - - /* restore the global bit buffer */ - G.bb = b; - G.bk = k; - - - /* inflate that block type */ - if (t == 2) - return inflate_dynamic(__G); - if (t == 0) - return inflate_stored(__G); - if (t == 1) - return inflate_fixed(__G); - - - /* bad block type */ - return 2; -} - - - -int inflate(__G) - __GDEF -/* decompress an inflated entry */ -{ - int e; /* last block flag */ - int r; /* result code */ -//#ifdef DEBUG -// unsigned h = 0; /* maximum struct huft's malloc'ed */ -//#endif - -#if (defined(DLL) && !defined(NO_SLIDE_REDIR)) - if (G.redirect_slide) - wsize = G.redirect_size, redirSlide = G.redirect_buffer; - else - wsize = WSIZE, redirSlide = slide; /* how they're #defined if !DLL */ -#endif - - /* initialize window, bit buffer */ - G.wp = 0; - G.bk = 0; - G.bb = 0; - - - /* decompress until the last block */ - do { -//#ifdef DEBUG -// G.hufts = 0; -//#endif - if ((r = inflate_block(__G__ &e)) != 0) - return r; -//#ifdef DEBUG -// if (G.hufts > h) -// h = G.hufts; -//#endif - } while (!e); - - - /* flush out redirSlide */ - FLUSH(G.wp); - - - /* return success */ - //Trace((stderr, "\n%u bytes in Huffman tables (%d/entry)\n", - // h * sizeof(struct huft), sizeof(struct huft))); - return 0; -} - - - -int inflate_free(__G) - __GDEF -{ - if (G.fixed_tl != (struct huft *)NULL) - { - huft_free(G.fixed_td); - huft_free(G.fixed_tl); - G.fixed_td = G.fixed_tl = (struct huft *)NULL; - } - return 0; -} - -#endif /* ?USE_ZLIB */ - - -/* - * GRR: moved huft_build() and huft_free() down here; used by explode() - * and fUnZip regardless of whether USE_ZLIB defined or not - */ - - -/* If BMAX needs to be larger than 16, then h and x[] should be ulg. */ -#define BMAX 16 /* maximum bit length of any code (16 for explode) */ -#define N_MAX 288 /* maximum number of codes in any set */ - - -int huft_build( - __GDEF - ZCONST unsigned *b, /* code lengths in bits (all assumed <= BMAX) */ - unsigned n, /* number of codes (assumed <= N_MAX) */ - unsigned s, /* number of simple-valued codes (0..s-1) */ - ZCONST ush *d, /* list of base values for non-simple codes */ - ZCONST ush *e, /* list of extra bits for non-simple codes */ - struct huft **t, /* result: starting table */ - int *m /* maximum lookup bits, returns actual */ - ) -/* Given a list of code lengths and a maximum table size, make a set of - tables to decode that set of codes. Return zero on success, one if - the given code set is incomplete (the tables are still built in this - case), two if the input is invalid (all zero length codes or an - oversubscribed set of lengths), and three if not enough memory. - The code with value 256 is special, and the tables are constructed - so that no bits beyond that code are fetched when that code is - decoded. */ -{ - unsigned a; /* counter for codes of length k */ - unsigned c[BMAX+1]; /* bit length count table */ - unsigned el; /* length of EOB code (value 256) */ - unsigned f; /* i repeats in table every f entries */ - int g; /* maximum code length */ - int h; /* table level */ - register unsigned i; /* counter, current code */ - register unsigned j; /* counter */ - register int k; /* number of bits in current code */ - int lx[BMAX+1]; /* memory for l[-1..BMAX-1] */ - int *l = lx+1; /* stack of bits per table */ - register unsigned *p; /* pointer into c[], b[], or v[] */ - register struct huft *q; /* points to current table */ - struct huft r; /* table entry for structure assignment */ - struct huft *u[BMAX]; /* table stack */ - unsigned v[N_MAX]; /* values in order of bit length */ - register int w; /* bits before this table == (l * h) */ - unsigned x[BMAX+1]; /* bit offsets, then code stack */ - unsigned *xp; /* pointer into x */ - int y; /* number of dummy codes added */ - unsigned z; /* number of entries in current table */ - - - /* Generate counts for each bit length */ - el = n > 256 ? b[256] : BMAX; /* set length of EOB code, if any */ - memset(c, 0, sizeof(c)); - p = (unsigned *)b; i = n; - do { - c[*p]++; p++; /* assume all entries <= BMAX */ - } while (--i); - if (c[0] == n) /* null input--all zero length codes */ - { - *t = (struct huft *)NULL; - *m = 0; - return 0; - } - - - /* Find minimum and maximum length, bound *m by those */ - for (j = 1; j <= BMAX; j++) - if (c[j]) - break; - k = j; /* minimum code length */ - if ((unsigned)*m < j) - *m = j; - for (i = BMAX; i; i--) - if (c[i]) - break; - g = i; /* maximum code length */ - if ((unsigned)*m > i) - *m = i; - - - /* Adjust last length count to fill out codes, if needed */ - for (y = 1 << j; j < i; j++, y <<= 1) - if ((y -= c[j]) < 0) - return 2; /* bad input: more codes than bits */ - if ((y -= c[i]) < 0) - return 2; - c[i] += y; - - - /* Generate starting offsets into the value table for each length */ - x[1] = j = 0; - p = c + 1; xp = x + 2; - while (--i) { /* note that i == g from above */ - *xp++ = (j += *p++); - } - - - /* Make a table of values in order of bit lengths */ - memset(v, 0, sizeof(v)); - p = (unsigned *)b; i = 0; - do { - if ((j = *p++) != 0) - v[x[j]++] = i; - } while (++i < n); - n = x[g]; /* set n to length of v */ - - - /* Generate the Huffman codes and for each, make the table entries */ - x[0] = i = 0; /* first Huffman code is zero */ - p = v; /* grab values in bit order */ - h = -1; /* no tables yet--level -1 */ - w = l[-1] = 0; /* no bits decoded yet */ - u[0] = (struct huft *)NULL; /* just to keep compilers happy */ - q = (struct huft *)NULL; /* ditto */ - z = 0; /* ditto */ - - /* go through the bit lengths (k already is bits in shortest code) */ - for (; k <= g; k++) - { - a = c[k]; - while (a--) - { - /* here i is the Huffman code of length k bits for value *p */ - /* make tables up to required level */ - while (k > w + l[h]) - { - w += l[h++]; /* add bits already decoded */ - - /* compute minimum size table less than or equal to *m bits */ - z = (z = g - w) > (unsigned)*m ? *m : z; /* upper limit */ - if ((f = 1 << (j = k - w)) > a + 1) /* try a k-w bit table */ - { /* too few codes for k-w bit table */ - f -= a + 1; /* deduct codes from patterns left */ - xp = c + k; - while (++j < z) /* try smaller tables up to z bits */ - { - if ((f <<= 1) <= *++xp) - break; /* enough codes to use up j bits */ - f -= *xp; /* else deduct codes from patterns */ - } - } - if ((unsigned)w + j > el && (unsigned)w < el) - j = el - w; /* make EOB code end at table */ - z = 1 << j; /* table entries for j-bit table */ - l[h] = j; /* set table size in stack */ - - /* allocate and link in new table */ - if ((q = (struct huft *)malloc((z + 1)*sizeof(struct huft))) == - (struct huft *)NULL) - { - if (h) - huft_free(u[0]); - return 3; /* not enough memory */ - } -//#ifdef DEBUG -// G.hufts += z + 1; /* track memory usage */ -//#endif - *t = q + 1; /* link to list for huft_free() */ - *(t = &(q->v.t)) = (struct huft *)NULL; - u[h] = ++q; /* table starts after link */ - - /* connect to last table, if there is one */ - if (h) - { - x[h] = i; /* save pattern for backing up */ - r.b = (uch)l[h-1]; /* bits to dump before this table */ - r.e = (uch)(16 + j); /* bits in this table */ - r.v.t = q; /* pointer to this table */ - j = (i & ((1 << w) - 1)) >> (w - l[h-1]); - u[h-1][j] = r; /* connect to last table */ - } - } - - /* set up table entry in r */ - r.b = (uch)(k - w); - if (p >= v + n) - r.e = 99; /* out of values--invalid code */ - else if (*p < s) - { - r.e = (uch)(*p < 256 ? 16 : 15); /* 256 is end-of-block code */ - r.v.n = (ush)*p++; /* simple code is just the value */ - } - else - { - r.e = (uch)e[*p - s]; /* non-simple--look up in lists */ - r.v.n = d[*p++ - s]; - } - - /* fill code-like entries with r */ - f = 1 << (k - w); - for (j = i >> w; j < z; j += f) - q[j] = r; - - /* backwards increment the k-bit code i */ - for (j = 1 << (k - 1); i & j; j >>= 1) - i ^= j; - i ^= j; - - /* backup over finished tables */ - while ((i & ((1 << w) - 1)) != x[h]) - w -= l[--h]; /* don't need to update q */ - } - } - - - /* return actual size of base table */ - *m = l[0]; - - - /* Return true (1) if we were given an incomplete table */ - return y != 0 && g != 1; -} - - - -int huft_free (struct huft *t) - /* table to free */ -/* Free the malloc'ed tables built by huft_build(), which makes a linked - list of the tables it made, with the links in a dummy first entry of - each table. */ -{ - register struct huft *p, *q; - - - /* Go through linked list, freeing from the malloced (t[-1]) address. */ - p = t; - while (p != (struct huft *)NULL) - { - q = (--p)->v.t; - free((zvoid *)p); - p = q; - } - return 0; -} - - -// Main public function. Decompresses raw data compressed using the DEFLATE algorithm (RFC 1951 - e.g. zlib, gzip). -// Returns 0 if decompression fails or, if successful, returns the size of the decompressed data. -int DecompressDeflatedData (char *out, char *in, int inLength) -{ - G.outbufptr = out; - G.inptr = in; - G.incnt = inLength; - G.outCounter = 0; - - if (inflate(__G) != 0) - { - // Error decompressing - return 0; - } - return G.outCounter; -} - +/* inflate.c -- put in the public domain by Mark Adler */ + +/* Decompresses raw data compressed using the DEFLATE algorithm (RFC 1951) */ + +/* You can do whatever you like with this source file, though I would + prefer that if you modify it and redistribute it that you include + comments to that effect with your name and the date. Thank you. + + History: + vers date who what + ---- --------- -------------- ------------------------------------ + a ~~ Feb 92 M. Adler used full (large, one-step) lookup table + b1 21 Mar 92 M. Adler first version with partial lookup tables + b2 21 Mar 92 M. Adler fixed bug in fixed-code blocks + b3 22 Mar 92 M. Adler sped up match copies, cleaned up some + b4 25 Mar 92 M. Adler added prototypes; removed window[] (now + is the responsibility of unzip.h--also + changed name to slide[]), so needs diffs + for unzip.c and unzip.h (this allows + compiling in the small model on MSDOS); + fixed cast of q in huft_build(); + b5 26 Mar 92 M. Adler got rid of unintended macro recursion. + b6 27 Mar 92 M. Adler got rid of nextbyte() routine. fixed + bug in inflate_fixed(). + c1 30 Mar 92 M. Adler removed lbits, dbits environment variables. + changed BMAX to 16 for explode. Removed + OUTB usage, and replaced it with flush()-- + this was a 20% speed improvement! Added + an explode.c (to replace unimplod.c) that + uses the huft routines here. Removed + register union. + c2 4 Apr 92 M. Adler fixed bug for file sizes a multiple of 32k. + c3 10 Apr 92 M. Adler reduced memory of code tables made by + huft_build significantly (factor of two to + three). + c4 15 Apr 92 M. Adler added NOMEMCPY do kill use of memcpy(). + worked around a Turbo C optimization bug. + c5 21 Apr 92 M. Adler added the WSIZE #define to allow reducing + the 32K window size for specialized + applications. + c6 31 May 92 M. Adler added some typecasts to eliminate warnings + c7 27 Jun 92 G. Roelofs added some more typecasts (444: MSC bug). + c8 5 Oct 92 J-l. Gailly added ifdef'd code to deal with PKZIP bug. + c9 9 Oct 92 M. Adler removed a memory error message (~line 416). + c10 17 Oct 92 G. Roelofs changed ULONG/UWORD/byte to ulg/ush/uch, + removed old inflate, renamed inflate_entry + to inflate, added Mark's fix to a comment. + c10.5 14 Dec 92 M. Adler fix up error messages for incomplete trees. + c11 2 Jan 93 M. Adler fixed bug in detection of incomplete + tables, and removed assumption that EOB is + the longest code (bad assumption). + c12 3 Jan 93 M. Adler make tables for fixed blocks only once. + c13 5 Jan 93 M. Adler allow all zero length codes (pkzip 2.04c + outputs one zero length code for an empty + distance tree). + c14 12 Mar 93 M. Adler made inflate.c standalone with the + introduction of inflate.h. + c14b 16 Jul 93 G. Roelofs added (unsigned) typecast to w at 470. + c14c 19 Jul 93 J. Bush changed v[N_MAX], l[288], ll[28x+3x] arrays + to static for Amiga. + c14d 13 Aug 93 J-l. Gailly de-complicatified Mark's c[*p++]++ thing. + c14e 8 Oct 93 G. Roelofs changed memset() to memzero(). + c14f 22 Oct 93 G. Roelofs renamed quietflg to qflag; made Trace() + conditional; added inflate_free(). + c14g 28 Oct 93 G. Roelofs changed l/(lx+1) macro to pointer (Cray bug) + c14h 7 Dec 93 C. Ghisler huft_build() optimizations. + c14i 9 Jan 94 A. Verheijen set fixed_t{d,l} to NULL after freeing; + G. Roelofs check NEXTBYTE macro for EOF. + c14j 23 Jan 94 G. Roelofs removed Ghisler "optimizations"; ifdef'd + EOF check. + c14k 27 Feb 94 G. Roelofs added some typecasts to avoid warnings. + c14l 9 Apr 94 G. Roelofs fixed split comments on preprocessor lines + to avoid bug in Encore compiler. + c14m 7 Jul 94 P. Kienitz modified to allow assembler version of + inflate_codes() (define ASM_INFLATECODES) + c14n 22 Jul 94 G. Roelofs changed fprintf to macro for DLL versions + c14o 23 Aug 94 C. Spieler added a newline to a debug statement; + G. Roelofs added another typecast to avoid MSC warning + c14p 4 Oct 94 G. Roelofs added (voidp *) cast to free() argument + c14q 30 Oct 94 G. Roelofs changed fprintf macro to MESSAGE() + c14r 1 Nov 94 G. Roelofs fixed possible redefinition of CHECK_EOF + c14s 7 May 95 S. Maxwell OS/2 DLL globals stuff incorporated; + P. Kienitz "fixed" ASM_INFLATECODES macro/prototype + c14t 18 Aug 95 G. Roelofs added inflate() to use zlib functions; + changed voidp to zvoid; moved huft_build() + and huft_free() to end of file + c14u 1 Oct 95 G. Roelofs moved G into definition of MESSAGE macro + c14v 8 Nov 95 P. Kienitz changed ASM_INFLATECODES to use a regular + call with __G__ instead of a macro + c15 3 Aug 96 M. Adler fixed bomb-bug on random input data (Adobe) + c15b 24 Aug 96 M. Adler more fixes for random input data + c15c 28 Mar 97 G. Roelofs changed USE_ZLIB fatal exit code from + PK_MEM2 to PK_MEM3 + c16 20 Apr 97 J. Altman added memzero(v[]) in huft_build() + c16b 29 Mar 98 C. Spieler modified DLL code for slide redirection + + fork 12 Dec 07 Adapted for TrueCrypt + */ + + +/* + Inflate deflated (PKZIP's method 8 compressed) data. The compression + method searches for as much of the current string of bytes (up to a + length of 258) in the previous 32K bytes. If it doesn't find any + matches (of at least length 3), it codes the next byte. Otherwise, it + codes the length of the matched string and its distance backwards from + the current position. There is a single Huffman code that codes both + single bytes (called "literals") and match lengths. A second Huffman + code codes the distance information, which follows a length code. Each + length or distance code actually represents a base value and a number + of "extra" (sometimes zero) bits to get to add to the base value. At + the end of each deflated block is a special end-of-block (EOB) literal/ + length code. The decoding process is basically: get a literal/length + code; if EOB then done; if a literal, emit the decoded byte; if a + length then get the distance and emit the referred-to bytes from the + sliding window of previously emitted data. + + There are (currently) three kinds of inflate blocks: stored, fixed, and + dynamic. The compressor outputs a chunk of data at a time and decides + which method to use on a chunk-by-chunk basis. A chunk might typically + be 32K to 64K, uncompressed. If the chunk is uncompressible, then the + "stored" method is used. In this case, the bytes are simply stored as + is, eight bits per byte, with none of the above coding. The bytes are + preceded by a count, since there is no longer an EOB code. + + If the data are compressible, then either the fixed or dynamic methods + are used. In the dynamic method, the compressed data are preceded by + an encoding of the literal/length and distance Huffman codes that are + to be used to decode this block. The representation is itself Huffman + coded, and so is preceded by a description of that code. These code + descriptions take up a little space, and so for small blocks, there is + a predefined set of codes, called the fixed codes. The fixed method is + used if the block ends up smaller that way (usually for quite small + chunks); otherwise the dynamic method is used. In the latter case, the + codes are customized to the probabilities in the current block and so + can code it much better than the pre-determined fixed codes can. + + The Huffman codes themselves are decoded using a multi-level table + lookup, in order to maximize the speed of decoding plus the speed of + building the decoding tables. See the comments below that precede the + lbits and dbits tuning parameters. + + GRR: return values(?) + 0 OK + 1 incomplete table + 2 bad input + 3 not enough memory + */ + + +/* + Notes beyond the 1.93a appnote.txt: + + 1. Distance pointers never point before the beginning of the output + stream. + 2. Distance pointers can point back across blocks, up to 32k away. + 3. There is an implied maximum of 7 bits for the bit length table and + 15 bits for the actual data. + 4. If only one code exists, then it is encoded using one bit. (Zero + would be more efficient, but perhaps a little confusing.) If two + codes exist, they are coded using one bit each (0 and 1). + 5. There is no way of sending zero distance codes--a dummy must be + sent if there are none. (History: a pre 2.0 version of PKZIP would + store blocks with no distance codes, but this was discovered to be + too harsh a criterion.) Valid only for 1.93a. 2.04c does allow + zero distance codes, which is sent as one code of zero bits in + length. + 6. There are up to 286 literal/length codes. Code 256 represents the + end-of-block. Note however that the static length tree defines + 288 codes just to fill out the Huffman codes. Codes 286 and 287 + cannot be used though, since there is no length base or extra bits + defined for them. Similarily, there are up to 30 distance codes. + However, static trees define 32 codes (all 5 bits) to fill out the + Huffman codes, but the last two had better not show up in the data. + 7. Unzip can check dynamic Huffman blocks for complete code sets. + The exception is that a single code would not be complete (see #4). + 8. The five bits following the block type is really the number of + literal codes sent minus 257. + 9. Length codes 8,16,16 are interpreted as 13 length codes of 8 bits + (1+6+6). Therefore, to output three times the length, you output + three codes (1+1+1), whereas to output four times the same length, + you only need two codes (1+3). Hmm. + 10. In the tree reconstruction algorithm, Code = Code + Increment + only if BitLength(i) is not zero. (Pretty obvious.) + 11. Correction: 4 Bits: # of Bit Length codes - 4 (4 - 19) + 12. Note: length code 284 can represent 227-258, but length code 285 + really is 258. The last length deserves its own, short code + since it gets used a lot in very redundant files. The length + 258 is special since 258 - 3 (the min match length) is 255. + 13. The literal/length and distance code bit lengths are read as a + single stream of lengths. It is possible (and advantageous) for + a repeat code (16, 17, or 18) to go across the boundary between + the two sets of lengths. + */ + + +/* #define DEBUG */ +#define INFMOD /* tell inflate.h to include code to be compiled */ +#include "inflate.h" + + +#ifndef WSIZE /* default is 32K */ +# define WSIZE 0x8000 /* window size--must be a power of two, and at least */ +#endif /* 32K for zip's deflate method */ + +#if (defined(DLL) && !defined(NO_SLIDE_REDIR)) +# define wsize G._wsize /* wsize is a variable */ +#else +# define wsize WSIZE /* wsize is a constant */ +#endif + + +#ifndef NEXTBYTE /* default is to simply get a byte from stdin */ +# define NEXTBYTE getchar() +#endif + +#ifndef MESSAGE /* only used twice, for fixed strings--NOT general-purpose */ +# define MESSAGE(str,len,flag) fprintf(stderr,(char *)(str)) +#endif + +#ifndef FLUSH /* default is to simply write the buffer to stdout */ +# define FLUSH(n) fwrite(redirSlide, 1, n, stdout) /* return value not used */ +#endif +/* Warning: the fwrite above might not work on 16-bit compilers, since + 0x8000 might be interpreted as -32,768 by the library function. */ + +#ifndef Trace +# ifdef DEBUG +# define Trace(x) fprintf x +# else +# define Trace(x) +# endif +#endif + +G_struct G; +uch redirSlide [WSIZE]; + +/*---------------------------------------------------------------------------*/ +#ifdef USE_ZLIB + + +/* + GRR: return values for both original inflate() and inflate() + 0 OK + 1 incomplete table(?) + 2 bad input + 3 not enough memory + */ + +/**************************/ +/* Function inflate() */ +/**************************/ + +int inflate(__G) /* decompress an inflated entry using the zlib routines */ + __GDEF +{ + int err=Z_OK; + +#if (defined(DLL) && !defined(NO_SLIDE_REDIR)) + if (G.redirect_slide) + wsize = G.redirect_size, redirSlide = G.redirect_buffer; + else + wsize = WSIZE, redirSlide = slide; +#endif + + G.dstrm.next_out = redirSlide; + G.dstrm.avail_out = wsize; + + G.dstrm.next_in = G.inptr; + G.dstrm.avail_in = G.incnt; + + if (!G.inflInit) { + unsigned i; + int windowBits; + + /* only need to test this stuff once */ + if (zlib_version[0] != ZLIB_VERSION[0]) { + Info(slide, 0x21, ((char *)slide, + "error: incompatible zlib version (expected %s, found %s)\n", + ZLIB_VERSION, zlib_version)); + return 3; + } else if (strcmp(zlib_version, ZLIB_VERSION) != 0) + Info(slide, 0x21, ((char *)slide, + "warning: different zlib version (expected %s, using %s)\n", + ZLIB_VERSION, zlib_version)); + + /* windowBits = log2(wsize) */ + for (i = ((unsigned)wsize * 2 - 1), windowBits = 0; + !(i & 1); i >>= 1, ++windowBits); + if ((unsigned)windowBits > (unsigned)15) + windowBits = 15; + else if (windowBits < 8) + windowBits = 8; + + G.dstrm.zalloc = (alloc_func)Z_NULL; + G.dstrm.zfree = (free_func)Z_NULL; + + Trace((stderr, "initializing inflate()\n")); + err = inflateInit2(&G.dstrm, -windowBits); + + if (err == Z_MEM_ERROR) + return 3; + else if (err != Z_OK) + Trace((stderr, "oops! (inflateInit2() err = %d)\n", err)); + G.inflInit = 1; + } + +#ifdef FUNZIP + while (err != Z_STREAM_END) { +#else /* !FUNZIP */ + while (G.csize > 0) { + Trace((stderr, "first loop: G.csize = %ld\n", G.csize)); +#endif /* ?FUNZIP */ + while (G.dstrm.avail_out > 0) { + err = inflate(&G.dstrm, Z_PARTIAL_FLUSH); + + if (err == Z_DATA_ERROR) + return 2; + else if (err == Z_MEM_ERROR) + return 3; + else if (err != Z_OK && err != Z_STREAM_END) + Trace((stderr, "oops! (inflate(first loop) err = %d)\n", err)); + +#ifdef FUNZIP + if (err == Z_STREAM_END) /* "END-of-entry-condition" ? */ +#else /* !FUNZIP */ + if (G.csize <= 0L) /* "END-of-entry-condition" ? */ +#endif /* ?FUNZIP */ + break; + + if (G.dstrm.avail_in <= 0) { + if (fillinbuf(__G) == 0) + return 2; /* no "END-condition" yet, but no more data */ + + G.dstrm.next_in = G.inptr; + G.dstrm.avail_in = G.incnt; + } + Trace((stderr, " avail_in = %d\n", G.dstrm.avail_in)); + } + FLUSH(wsize - G.dstrm.avail_out); /* flush slide[] */ + Trace((stderr, "inside loop: flushing %ld bytes (ptr diff = %ld)\n", + (long)(wsize - G.dstrm.avail_out), + (long)(G.dstrm.next_out-(Bytef *)redirSlide))); + G.dstrm.next_out = redirSlide; + G.dstrm.avail_out = wsize; + } + + /* no more input, so loop until we have all output */ + Trace((stderr, "beginning final loop: err = %d\n", err)); + while (err != Z_STREAM_END) { + err = inflate(&G.dstrm, Z_PARTIAL_FLUSH); + if (err == Z_DATA_ERROR) + return 2; + else if (err == Z_MEM_ERROR) + return 3; + else if (err == Z_BUF_ERROR) { /* DEBUG */ + Trace((stderr, "zlib inflate() did not detect stream end (%s, %s)\n" + , G.zipfn, G.filename)); + break; + } else if (err != Z_OK && err != Z_STREAM_END) { + Trace((stderr, "oops! (inflate(final loop) err = %d)\n", err)); + DESTROYGLOBALS() + EXIT(PK_MEM3); + } + FLUSH(wsize - G.dstrm.avail_out); /* final flush of slide[] */ + Trace((stderr, "final loop: flushing %ld bytes (ptr diff = %ld)\n", + (long)(wsize - G.dstrm.avail_out), + (long)(G.dstrm.next_out-(Bytef *)redirSlide))); + G.dstrm.next_out = redirSlide; + G.dstrm.avail_out = wsize; + } + Trace((stderr, "total in = %ld, total out = %ld\n", G.dstrm.total_in, + G.dstrm.total_out)); + + G.inptr = (uch *)G.dstrm.next_in; + G.incnt = (G.inbuf + INBUFSIZ) - G.inptr; /* reset for other routines */ + + err = inflateReset(&G.dstrm); + if (err != Z_OK) + Trace((stderr, "oops! (inflateReset() err = %d)\n", err)); + + return 0; +} + + +/*---------------------------------------------------------------------------*/ +#else /* !USE_ZLIB */ + + +/* Function prototypes */ +#ifndef OF +# ifdef __STDC__ +# define OF(a) a +# else +# define OF(a) () +# endif +#endif /* !OF */ +int inflate_codes OF((__GPRO__ struct huft *tl, struct huft *td, + int bl, int bd)); +static int inflate_stored OF((__GPRO)); +static int inflate_fixed OF((__GPRO)); +static int inflate_dynamic OF((__GPRO)); +static int inflate_block OF((__GPRO__ int *e)); + + +/* The inflate algorithm uses a sliding 32K byte window on the uncompressed + stream to find repeated byte strings. This is implemented here as a + circular buffer. The index is updated simply by incrementing and then + and'ing with 0x7fff (32K-1). */ +/* It is left to other modules to supply the 32K area. It is assumed + to be usable as if it were declared "uch slide[32768];" or as just + "uch *slide;" and then malloc'ed in the latter case. The definition + must be in unzip.h, included above. */ + + +/* unsigned wp; moved to globals.h */ /* current position in slide */ + + +/* Tables for deflate from PKZIP's appnote.txt. */ +static ZCONST unsigned border[] = { /* Order of the bit length code lengths */ + 16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15}; +static ZCONST ush cplens[] = { /* Copy lengths for literal codes 257..285 */ + 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31, + 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0}; + /* note: see note #13 above about the 258 in this list. */ +static ZCONST ush cplext[] = { /* Extra bits for literal codes 257..285 */ + 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 2, 2, 2, 2, + 3, 3, 3, 3, 4, 4, 4, 4, 5, 5, 5, 5, 0, 99, 99}; /* 99==invalid */ +static ZCONST ush cpdist[] = { /* Copy offsets for distance codes 0..29 */ + 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193, + 257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145, + 8193, 12289, 16385, 24577}; +static ZCONST ush cpdext[] = { /* Extra bits for distance codes */ + 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 6, + 7, 7, 8, 8, 9, 9, 10, 10, 11, 11, + 12, 12, 13, 13}; + + +/* moved to consts.h (included in unzip.c), resp. funzip.c */ +#if 1 +/* And'ing with mask_bits[n] masks the lower n bits */ +ZCONST ush near mask_bits[] = { + 0x0000, + 0x0001, 0x0003, 0x0007, 0x000f, 0x001f, 0x003f, 0x007f, 0x00ff, + 0x01ff, 0x03ff, 0x07ff, 0x0fff, 0x1fff, 0x3fff, 0x7fff, 0xffff +}; +#endif /* 0 */ + + +/* Macros for inflate() bit peeking and grabbing. + The usage is: + + NEEDBITS(j) + x = b & mask_bits[j]; + DUMPBITS(j) + + where NEEDBITS makes sure that b has at least j bits in it, and + DUMPBITS removes the bits from b. The macros use the variable k + for the number of bits in b. Normally, b and k are register + variables for speed and are initialized at the begining of a + routine that uses these macros from a global bit buffer and count. + + In order to not ask for more bits than there are in the compressed + stream, the Huffman tables are constructed to only ask for just + enough bits to make up the end-of-block code (value 256). Then no + bytes need to be "returned" to the buffer at the end of the last + block. See the huft_build() routine. + */ + +/* These have been moved to globals.h */ +#if 0 +ulg bb; /* bit buffer */ +unsigned bk; /* bits in bit buffer */ +#endif + +#ifndef CHECK_EOF +# define CHECK_EOF /* default as of 5.13/5.2 */ +#endif + +#ifndef CHECK_EOF +# define NEEDBITS(n) {while(k<(n)){b|=((ulg)NEXTBYTE)<>=(n);k-=(n);} + + +/* + Huffman code decoding is performed using a multi-level table lookup. + The fastest way to decode is to simply build a lookup table whose + size is determined by the longest code. However, the time it takes + to build this table can also be a factor if the data being decoded + are not very long. The most common codes are necessarily the + shortest codes, so those codes dominate the decoding time, and hence + the speed. The idea is you can have a shorter table that decodes the + shorter, more probable codes, and then point to subsidiary tables for + the longer codes. The time it costs to decode the longer codes is + then traded against the time it takes to make longer tables. + + This results of this trade are in the variables lbits and dbits + below. lbits is the number of bits the first level table for literal/ + length codes can decode in one step, and dbits is the same thing for + the distance codes. Subsequent tables are also less than or equal to + those sizes. These values may be adjusted either when all of the + codes are shorter than that, in which case the longest code length in + bits is used, or when the shortest code is *longer* than the requested + table size, in which case the length of the shortest code in bits is + used. + + There are two different values for the two tables, since they code a + different number of possibilities each. The literal/length table + codes 286 possible values, or in a flat code, a little over eight + bits. The distance table codes 30 possible values, or a little less + than five bits, flat. The optimum values for speed end up being + about one bit more than those, so lbits is 8+1 and dbits is 5+1. + The optimum values may differ though from machine to machine, and + possibly even between compilers. Your mileage may vary. + */ + +static ZCONST int lbits = 9; /* bits in base literal/length lookup table */ +static ZCONST int dbits = 6; /* bits in base distance lookup table */ + + +#ifndef ASM_INFLATECODES + +#pragma warning(disable:4131) + +int inflate_codes(__G__ tl, td, bl, bd) + __GDEF +struct huft *tl, *td; /* literal/length and distance decoder tables */ +int bl, bd; /* number of bits decoded by tl[] and td[] */ +/* inflate (decompress) the codes in a deflated (compressed) block. + Return an error code or zero if it all goes ok. */ +{ + register unsigned e; /* table entry flag/number of extra bits */ + unsigned n, d; /* length and index for copy */ + unsigned w; /* current window position */ + struct huft *t; /* pointer to table entry */ + unsigned ml, md; /* masks for bl and bd bits */ + register ulg b; /* bit buffer */ + register unsigned k; /* number of bits in bit buffer */ + + + /* make local copies of globals */ + b = G.bb; /* initialize bit buffer */ + k = G.bk; + w = G.wp; /* initialize window position */ + + + /* inflate the coded data */ + ml = mask_bits[bl]; /* precompute masks for speed */ + md = mask_bits[bd]; + while (1) /* do until end of block */ + { + NEEDBITS((unsigned)bl) + if ((e = (t = tl + ((unsigned)b & ml))->e) > 16) + do { + if (e == 99) + return 1; + DUMPBITS(t->b) + e -= 16; + NEEDBITS(e) + } while ((e = (t = t->v.t + ((unsigned)b & mask_bits[e]))->e) > 16); + DUMPBITS(t->b) + if (e == 16) /* then it's a literal */ + { + redirSlide[w++] = (uch)t->v.n; + if (w == wsize) + { + FLUSH(w); + w = 0; + } + } + else /* it's an EOB or a length */ + { + /* exit if end of block */ + if (e == 15) + break; + + /* get length of block to copy */ + NEEDBITS(e) + n = t->v.n + ((unsigned)b & mask_bits[e]); + DUMPBITS(e); + + /* decode distance of block to copy */ + NEEDBITS((unsigned)bd) + if ((e = (t = td + ((unsigned)b & md))->e) > 16) + do { + if (e == 99) + return 1; + DUMPBITS(t->b) + e -= 16; + NEEDBITS(e) + } while ((e = (t = t->v.t + ((unsigned)b & mask_bits[e]))->e) > 16); + DUMPBITS(t->b) + NEEDBITS(e) + d = w - t->v.n - ((unsigned)b & mask_bits[e]); + DUMPBITS(e) + + /* do the copy */ + do { +#if (defined(DLL) && !defined(NO_SLIDE_REDIR)) + if (G.redirect_slide) {/* &= w/ wsize unnecessary & wrong if redirect */ + if (d >= wsize) + return 1; /* invalid compressed data */ + n -= (e = (e = wsize - (d > w ? d : w)) > n ? n : e); + } + else +#endif + n -= (e = (e = wsize - ((d &= wsize-1) > w ? d : w)) > n ? n : e); +#ifndef NOMEMCPY + if (w - d >= e) /* (this test assumes unsigned comparison) */ + { + memcpy(redirSlide + w, redirSlide + d, e); + w += e; + d += e; + } + else /* do it slowly to avoid memcpy() overlap */ +#endif /* !NOMEMCPY */ + do { + redirSlide[w++] = redirSlide[d++]; + } while (--e); + if (w == wsize) + { + FLUSH(w); + w = 0; + } + } while (n); + } + } + + + /* restore the globals from the locals */ + G.wp = w; /* restore global window pointer */ + G.bb = b; /* restore global bit buffer */ + G.bk = k; + + + /* done */ + return 0; +} + +#endif /* ASM_INFLATECODES */ + + + +static int inflate_stored(__G) + __GDEF +/* "decompress" an inflated type 0 (stored) block. */ +{ + unsigned n; /* number of bytes in block */ + unsigned w; /* current window position */ + register ulg b; /* bit buffer */ + register unsigned k; /* number of bits in bit buffer */ + + + /* make local copies of globals */ + Trace((stderr, "\nstored block")); + b = G.bb; /* initialize bit buffer */ + k = G.bk; + w = G.wp; /* initialize window position */ + + + /* go to byte boundary */ + n = k & 7; + DUMPBITS(n); + + + /* get the length and its complement */ + NEEDBITS(16) + n = ((unsigned)b & 0xffff); + DUMPBITS(16) + NEEDBITS(16) + if (n != (unsigned)((~b) & 0xffff)) + return 1; /* error in compressed data */ + DUMPBITS(16) + + + /* read and output the compressed data */ + while (n--) + { + NEEDBITS(8) + redirSlide[w++] = (uch)b; + if (w == wsize) + { + FLUSH(w); + w = 0; + } + DUMPBITS(8) + } + + + /* restore the globals from the locals */ + G.wp = w; /* restore global window pointer */ + G.bb = b; /* restore global bit buffer */ + G.bk = k; + return 0; +} + + +/* Globals for literal tables (built once) */ +/* Moved to globals.h */ +#if 0 +struct huft *fixed_tl = (struct huft *)NULL; +struct huft *fixed_td; +int fixed_bl, fixed_bd; +#endif + +static int inflate_fixed(__G) + __GDEF +/* decompress an inflated type 1 (fixed Huffman codes) block. We should + either replace this with a custom decoder, or at least precompute the + Huffman tables. */ +{ + /* if first time, set up tables for fixed blocks */ + Trace((stderr, "\nliteral block")); + if (G.fixed_tl == (struct huft *)NULL) + { + int i; /* temporary variable */ + unsigned l[288]; /* length list for huft_build */ + + /* literal table */ + for (i = 0; i < 144; i++) + l[i] = 8; + for (; i < 256; i++) + l[i] = 9; + for (; i < 280; i++) + l[i] = 7; + for (; i < 288; i++) /* make a complete, but wrong code set */ + l[i] = 8; + G.fixed_bl = 7; + if ((i = huft_build(__G__ l, 288, 257, cplens, cplext, + &G.fixed_tl, &G.fixed_bl)) != 0) + { + G.fixed_tl = (struct huft *)NULL; + return i; + } + + /* distance table */ + for (i = 0; i < 30; i++) /* make an incomplete code set */ + l[i] = 5; + G.fixed_bd = 5; + if ((i = huft_build(__G__ l, 30, 0, cpdist, cpdext, + &G.fixed_td, &G.fixed_bd)) > 1) + { + huft_free(G.fixed_tl); + G.fixed_tl = (struct huft *)NULL; + return i; + } + } + + /* decompress until an end-of-block code */ + return inflate_codes(__G__ G.fixed_tl, G.fixed_td, + G.fixed_bl, G.fixed_bd) != 0; +} + + + +static int inflate_dynamic(__G) + __GDEF +/* decompress an inflated type 2 (dynamic Huffman codes) block. */ +{ + int i; /* temporary variables */ + unsigned j; + unsigned l; /* last length */ + unsigned m; /* mask for bit lengths table */ + unsigned n; /* number of lengths to get */ + struct huft *tl; /* literal/length code table */ + struct huft *td; /* distance code table */ + int bl; /* lookup bits for tl */ + int bd; /* lookup bits for td */ + unsigned nb; /* number of bit length codes */ + unsigned nl; /* number of literal/length codes */ + unsigned nd; /* number of distance codes */ +#ifdef PKZIP_BUG_WORKAROUND + unsigned ll[288+32]; /* literal/length and distance code lengths */ +#else + unsigned ll[286+30]; /* literal/length and distance code lengths */ +#endif + register ulg b; /* bit buffer */ + register unsigned k; /* number of bits in bit buffer */ + + + /* make local bit buffer */ + Trace((stderr, "\ndynamic block")); + b = G.bb; + k = G.bk; + + + /* read in table lengths */ + NEEDBITS(5) + nl = 257 + ((unsigned)b & 0x1f); /* number of literal/length codes */ + DUMPBITS(5) + NEEDBITS(5) + nd = 1 + ((unsigned)b & 0x1f); /* number of distance codes */ + DUMPBITS(5) + NEEDBITS(4) + nb = 4 + ((unsigned)b & 0xf); /* number of bit length codes */ + DUMPBITS(4) +#ifdef PKZIP_BUG_WORKAROUND + if (nl > 288 || nd > 32) +#else + if (nl > 286 || nd > 30) +#endif + return 1; /* bad lengths */ + + + /* read in bit-length-code lengths */ + for (j = 0; j < nb; j++) + { + NEEDBITS(3) + ll[border[j]] = (unsigned)b & 7; + DUMPBITS(3) + } + for (; j < 19; j++) + ll[border[j]] = 0; + + + /* build decoding table for trees--single level, 7 bit lookup */ + bl = 7; + i = huft_build(__G__ ll, 19, 19, NULL, NULL, &tl, &bl); + if (bl == 0) /* no bit lengths */ + i = 1; + if (i) + { + if (i == 1) + huft_free(tl); + return i; /* incomplete code set */ + } + + + /* read in literal and distance code lengths */ + n = nl + nd; + m = mask_bits[bl]; + i = l = 0; + while ((unsigned)i < n) + { + NEEDBITS((unsigned)bl) + j = (td = tl + ((unsigned)b & m))->b; + DUMPBITS(j) + j = td->v.n; + if (j < 16) /* length of code in bits (0..15) */ + ll[i++] = l = j; /* save last length in l */ + else if (j == 16) /* repeat last length 3 to 6 times */ + { + NEEDBITS(2) + j = 3 + ((unsigned)b & 3); + DUMPBITS(2) + if ((unsigned)i + j > n) + { + huft_free(tl); + return 1; + } + while (j--) + ll[i++] = l; + } + else if (j == 17) /* 3 to 10 zero length codes */ + { + NEEDBITS(3) + j = 3 + ((unsigned)b & 7); + DUMPBITS(3) + if ((unsigned)i + j > n) + { + huft_free(tl); + return 1; + } + while (j--) + ll[i++] = 0; + l = 0; + } + else /* j == 18: 11 to 138 zero length codes */ + { + NEEDBITS(7) + j = 11 + ((unsigned)b & 0x7f); + DUMPBITS(7) + if ((unsigned)i + j > n) + { + huft_free(tl); + return 1; + } + while (j--) + ll[i++] = 0; + l = 0; + } + } + + + /* free decoding table for trees */ + huft_free(tl); + + + /* restore the global bit buffer */ + G.bb = b; + G.bk = k; + + + /* build the decoding tables for literal/length and distance codes */ + bl = lbits; + i = huft_build(__G__ ll, nl, 257, cplens, cplext, &tl, &bl); + if (bl == 0) /* no literals or lengths */ + i = 1; + if (i) + { + if (i == 1) { + //if (!uO.qflag) + MESSAGE((uch *)"(incomplete l-tree) ", 21L, 1); + huft_free(tl); + } + return i; /* incomplete code set */ + } + bd = dbits; + i = huft_build(__G__ ll + nl, nd, 0, cpdist, cpdext, &td, &bd); + if (bd == 0 && nl > 257) /* lengths but no distances */ + { + //if (!uO.qflag) + MESSAGE((uch *)"(incomplete d-tree) ", 21L, 1); + huft_free(tl); + huft_free(td); + return 1; + } + if (i == 1) { +#ifdef PKZIP_BUG_WORKAROUND + i = 0; +#else + //if (!uO.qflag) + MESSAGE((uch *)"(incomplete d-tree) ", 21L, 1); + huft_free(td); + td = NULL; +#endif + } + if (i) + { + huft_free(tl); + return i; + } + + + /* decompress until an end-of-block code */ + i = inflate_codes(__G__ tl, td, bl, bd); + + /* free the decoding tables, return */ + huft_free(tl); + huft_free(td); + + if (i) + return 1; + + return 0; +} + + + +static int inflate_block(__G__ e) + __GDEF + int *e; /* last block flag */ +/* decompress an inflated block */ +{ + unsigned t; /* block type */ + register ulg b; /* bit buffer */ + register unsigned k; /* number of bits in bit buffer */ + + + /* make local bit buffer */ + b = G.bb; + k = G.bk; + + + /* read in last block bit */ + NEEDBITS(1) + *e = (int)b & 1; + DUMPBITS(1) + + + /* read in block type */ + NEEDBITS(2) + t = (unsigned)b & 3; + DUMPBITS(2) + + + /* restore the global bit buffer */ + G.bb = b; + G.bk = k; + + + /* inflate that block type */ + if (t == 2) + return inflate_dynamic(__G); + if (t == 0) + return inflate_stored(__G); + if (t == 1) + return inflate_fixed(__G); + + + /* bad block type */ + return 2; +} + + + +int inflate(__G) + __GDEF +/* decompress an inflated entry */ +{ + int e; /* last block flag */ + int r; /* result code */ +//#ifdef DEBUG +// unsigned h = 0; /* maximum struct huft's malloc'ed */ +//#endif + +#if (defined(DLL) && !defined(NO_SLIDE_REDIR)) + if (G.redirect_slide) + wsize = G.redirect_size, redirSlide = G.redirect_buffer; + else + wsize = WSIZE, redirSlide = slide; /* how they're #defined if !DLL */ +#endif + + /* initialize window, bit buffer */ + G.wp = 0; + G.bk = 0; + G.bb = 0; + + + /* decompress until the last block */ + do { +//#ifdef DEBUG +// G.hufts = 0; +//#endif + if ((r = inflate_block(__G__ &e)) != 0) + return r; +//#ifdef DEBUG +// if (G.hufts > h) +// h = G.hufts; +//#endif + } while (!e); + + + /* flush out redirSlide */ + FLUSH(G.wp); + + + /* return success */ + //Trace((stderr, "\n%u bytes in Huffman tables (%d/entry)\n", + // h * sizeof(struct huft), sizeof(struct huft))); + return 0; +} + + + +int inflate_free(__G) + __GDEF +{ + if (G.fixed_tl != (struct huft *)NULL) + { + huft_free(G.fixed_td); + huft_free(G.fixed_tl); + G.fixed_td = G.fixed_tl = (struct huft *)NULL; + } + return 0; +} + +#endif /* ?USE_ZLIB */ + + +/* + * GRR: moved huft_build() and huft_free() down here; used by explode() + * and fUnZip regardless of whether USE_ZLIB defined or not + */ + + +/* If BMAX needs to be larger than 16, then h and x[] should be ulg. */ +#define BMAX 16 /* maximum bit length of any code (16 for explode) */ +#define N_MAX 288 /* maximum number of codes in any set */ + + +int huft_build( + __GDEF + ZCONST unsigned *b, /* code lengths in bits (all assumed <= BMAX) */ + unsigned n, /* number of codes (assumed <= N_MAX) */ + unsigned s, /* number of simple-valued codes (0..s-1) */ + ZCONST ush *d, /* list of base values for non-simple codes */ + ZCONST ush *e, /* list of extra bits for non-simple codes */ + struct huft **t, /* result: starting table */ + int *m /* maximum lookup bits, returns actual */ + ) +/* Given a list of code lengths and a maximum table size, make a set of + tables to decode that set of codes. Return zero on success, one if + the given code set is incomplete (the tables are still built in this + case), two if the input is invalid (all zero length codes or an + oversubscribed set of lengths), and three if not enough memory. + The code with value 256 is special, and the tables are constructed + so that no bits beyond that code are fetched when that code is + decoded. */ +{ + unsigned a; /* counter for codes of length k */ + unsigned c[BMAX+1]; /* bit length count table */ + unsigned el; /* length of EOB code (value 256) */ + unsigned f; /* i repeats in table every f entries */ + int g; /* maximum code length */ + int h; /* table level */ + register unsigned i; /* counter, current code */ + register unsigned j; /* counter */ + register int k; /* number of bits in current code */ + int lx[BMAX+1]; /* memory for l[-1..BMAX-1] */ + int *l = lx+1; /* stack of bits per table */ + register unsigned *p; /* pointer into c[], b[], or v[] */ + register struct huft *q; /* points to current table */ + struct huft r; /* table entry for structure assignment */ + struct huft *u[BMAX]; /* table stack */ + unsigned v[N_MAX]; /* values in order of bit length */ + register int w; /* bits before this table == (l * h) */ + unsigned x[BMAX+1]; /* bit offsets, then code stack */ + unsigned *xp; /* pointer into x */ + int y; /* number of dummy codes added */ + unsigned z; /* number of entries in current table */ + + + /* Generate counts for each bit length */ + el = n > 256 ? b[256] : BMAX; /* set length of EOB code, if any */ + memset(c, 0, sizeof(c)); + p = (unsigned *)b; i = n; + do { + c[*p]++; p++; /* assume all entries <= BMAX */ + } while (--i); + if (c[0] == n) /* null input--all zero length codes */ + { + *t = (struct huft *)NULL; + *m = 0; + return 0; + } + + + /* Find minimum and maximum length, bound *m by those */ + for (j = 1; j <= BMAX; j++) + if (c[j]) + break; + k = j; /* minimum code length */ + if ((unsigned)*m < j) + *m = j; + for (i = BMAX; i; i--) + if (c[i]) + break; + g = i; /* maximum code length */ + if ((unsigned)*m > i) + *m = i; + + + /* Adjust last length count to fill out codes, if needed */ + for (y = 1 << j; j < i; j++, y <<= 1) + if ((y -= c[j]) < 0) + return 2; /* bad input: more codes than bits */ + if ((y -= c[i]) < 0) + return 2; + c[i] += y; + + + /* Generate starting offsets into the value table for each length */ + x[1] = j = 0; + p = c + 1; xp = x + 2; + while (--i) { /* note that i == g from above */ + *xp++ = (j += *p++); + } + + + /* Make a table of values in order of bit lengths */ + memset(v, 0, sizeof(v)); + p = (unsigned *)b; i = 0; + do { + if ((j = *p++) != 0) + v[x[j]++] = i; + } while (++i < n); + n = x[g]; /* set n to length of v */ + + + /* Generate the Huffman codes and for each, make the table entries */ + x[0] = i = 0; /* first Huffman code is zero */ + p = v; /* grab values in bit order */ + h = -1; /* no tables yet--level -1 */ + w = l[-1] = 0; /* no bits decoded yet */ + u[0] = (struct huft *)NULL; /* just to keep compilers happy */ + q = (struct huft *)NULL; /* ditto */ + z = 0; /* ditto */ + + /* go through the bit lengths (k already is bits in shortest code) */ + for (; k <= g; k++) + { + a = c[k]; + while (a--) + { + /* here i is the Huffman code of length k bits for value *p */ + /* make tables up to required level */ + while (k > w + l[h]) + { + w += l[h++]; /* add bits already decoded */ + + /* compute minimum size table less than or equal to *m bits */ + z = (z = g - w) > (unsigned)*m ? *m : z; /* upper limit */ + if ((f = 1 << (j = k - w)) > a + 1) /* try a k-w bit table */ + { /* too few codes for k-w bit table */ + f -= a + 1; /* deduct codes from patterns left */ + xp = c + k; + while (++j < z) /* try smaller tables up to z bits */ + { + if ((f <<= 1) <= *++xp) + break; /* enough codes to use up j bits */ + f -= *xp; /* else deduct codes from patterns */ + } + } + if ((unsigned)w + j > el && (unsigned)w < el) + j = el - w; /* make EOB code end at table */ + z = 1 << j; /* table entries for j-bit table */ + l[h] = j; /* set table size in stack */ + + /* allocate and link in new table */ + if ((q = (struct huft *)malloc((z + 1)*sizeof(struct huft))) == + (struct huft *)NULL) + { + if (h) + huft_free(u[0]); + return 3; /* not enough memory */ + } +//#ifdef DEBUG +// G.hufts += z + 1; /* track memory usage */ +//#endif + *t = q + 1; /* link to list for huft_free() */ + *(t = &(q->v.t)) = (struct huft *)NULL; + u[h] = ++q; /* table starts after link */ + + /* connect to last table, if there is one */ + if (h) + { + x[h] = i; /* save pattern for backing up */ + r.b = (uch)l[h-1]; /* bits to dump before this table */ + r.e = (uch)(16 + j); /* bits in this table */ + r.v.t = q; /* pointer to this table */ + j = (i & ((1 << w) - 1)) >> (w - l[h-1]); + u[h-1][j] = r; /* connect to last table */ + } + } + + /* set up table entry in r */ + r.b = (uch)(k - w); + if (p >= v + n) + r.e = 99; /* out of values--invalid code */ + else if (*p < s) + { + r.e = (uch)(*p < 256 ? 16 : 15); /* 256 is end-of-block code */ + r.v.n = (ush)*p++; /* simple code is just the value */ + } + else + { + r.e = (uch)e[*p - s]; /* non-simple--look up in lists */ + r.v.n = d[*p++ - s]; + } + + /* fill code-like entries with r */ + f = 1 << (k - w); + for (j = i >> w; j < z; j += f) + q[j] = r; + + /* backwards increment the k-bit code i */ + for (j = 1 << (k - 1); i & j; j >>= 1) + i ^= j; + i ^= j; + + /* backup over finished tables */ + while ((i & ((1 << w) - 1)) != x[h]) + w -= l[--h]; /* don't need to update q */ + } + } + + + /* return actual size of base table */ + *m = l[0]; + + + /* Return true (1) if we were given an incomplete table */ + return y != 0 && g != 1; +} + + + +int huft_free (struct huft *t) + /* table to free */ +/* Free the malloc'ed tables built by huft_build(), which makes a linked + list of the tables it made, with the links in a dummy first entry of + each table. */ +{ + register struct huft *p, *q; + + + /* Go through linked list, freeing from the malloced (t[-1]) address. */ + p = t; + while (p != (struct huft *)NULL) + { + q = (--p)->v.t; + free((zvoid *)p); + p = q; + } + return 0; +} + + +// Main public function. Decompresses raw data compressed using the DEFLATE algorithm (RFC 1951 - e.g. zlib, gzip). +// Returns 0 if decompression fails or, if successful, returns the size of the decompressed data. +int DecompressDeflatedData (char *out, char *in, int inLength) +{ + G.outbufptr = out; + G.inptr = in; + G.incnt = inLength; + G.outCounter = 0; + + if (inflate(__G) != 0) + { + // Error decompressing + return 0; + } + return G.outCounter; +} + diff --git a/src/Common/Inflate.h b/src/Common/Inflate.h index a0d4aa5b..c2810c82 100644 --- a/src/Common/Inflate.h +++ b/src/Common/Inflate.h @@ -1,51 +1,51 @@ -#include -#include - -#define WSIZE 0x8000 // Window size -#define ZCONST const -#define OF(p) p - -typedef unsigned long ulg; -typedef unsigned char uch; -typedef unsigned short ush; -typedef void zvoid; - -typedef struct huft -{ - uch b, e; - union - { - ush n; - struct huft *t; - }v; -}; - -typedef struct -{ - uch *inptr, *outbufptr; - int incnt; - int outCounter; - - struct huft *fixed_tl; - struct huft *fixed_td; - int fixed_bl, fixed_bd; - - unsigned bk, wp; - ulg bb; -} G_struct; - -#define __GPRO void -#define __GPRO__ -#define __G -#define __G__ -#define __GDEF - - -#define FLUSH(cnt) { memcpy (G.outbufptr, redirSlide, cnt); G.outbufptr += cnt; G.outCounter += cnt; } -#define NEXTBYTE (((G.incnt--) >= 0) ? (*G.inptr++) : EOF) - - -int huft_free(struct huft *t); -int huft_build(__GDEF ZCONST unsigned *b, unsigned n, unsigned s, ZCONST ush *d, ZCONST ush *e, struct huft **t, int *m); - -int DecompressDeflatedData (char *out, char *in, int inLength); +#include +#include + +#define WSIZE 0x8000 // Window size +#define ZCONST const +#define OF(p) p + +typedef unsigned long ulg; +typedef unsigned char uch; +typedef unsigned short ush; +typedef void zvoid; + +typedef struct huft +{ + uch b, e; + union + { + ush n; + struct huft *t; + }v; +}; + +typedef struct +{ + uch *inptr, *outbufptr; + int incnt; + int outCounter; + + struct huft *fixed_tl; + struct huft *fixed_td; + int fixed_bl, fixed_bd; + + unsigned bk, wp; + ulg bb; +} G_struct; + +#define __GPRO void +#define __GPRO__ +#define __G +#define __G__ +#define __GDEF + + +#define FLUSH(cnt) { memcpy (G.outbufptr, redirSlide, cnt); G.outbufptr += cnt; G.outCounter += cnt; } +#define NEXTBYTE (((G.incnt--) >= 0) ? (*G.inptr++) : EOF) + + +int huft_free(struct huft *t); +int huft_build(__GDEF ZCONST unsigned *b, unsigned n, unsigned s, ZCONST ush *d, ZCONST ush *e, struct huft **t, int *m); + +int DecompressDeflatedData (char *out, char *in, int inLength); diff --git a/src/Common/Keyfiles.c b/src/Common/Keyfiles.c index 8b3825d5..c59ab374 100644 --- a/src/Common/Keyfiles.c +++ b/src/Common/Keyfiles.c @@ -1,778 +1,778 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include -#include -#include -#include - -#include "Tcdefs.h" -#include "Keyfiles.h" -#include "Crc.h" - -#include -#include "Dlgcode.h" -#include "Language.h" -#include "SecurityToken.h" -#include "Common/resource.h" -#include "Platform/Finally.h" -#include "Platform/ForEach.h" -#ifdef TCMOUNT -#include "Mount/Mount.h" -#endif - -#include - -using namespace VeraCrypt; - -#define stat _stat -#define S_IFDIR _S_IFDIR - - -BOOL HiddenFilesPresentInKeyfilePath = FALSE; - -#ifdef TCMOUNT -extern BOOL UsePreferences; -#endif - -KeyFile *KeyFileAdd (KeyFile *firstKeyFile, KeyFile *keyFile) -{ - KeyFile *kf = firstKeyFile; - - if (firstKeyFile != NULL) - { - while (kf->Next) - kf = kf->Next; - - kf->Next = keyFile; - } - else - firstKeyFile = keyFile; - - keyFile->Next = NULL; - - return firstKeyFile; -} - - -// Returns first keyfile, NULL if last keyfile was removed -static KeyFile *KeyFileRemove (KeyFile *firstKeyFile, KeyFile *keyFile) -{ - KeyFile *prevkf = NULL, *kf = firstKeyFile; - - if (firstKeyFile == NULL) return NULL; - do - { - if (kf == keyFile) - { - if (prevkf == NULL) - firstKeyFile = kf->Next; - else - prevkf->Next = kf->Next; - - burn (keyFile, sizeof(*keyFile)); // wipe - free (keyFile); - break; - } - prevkf = kf; - } - while (kf = kf->Next); - - return firstKeyFile; -} - - -void KeyFileRemoveAll (KeyFile **firstKeyFile) -{ - KeyFile *kf = *firstKeyFile; - while (kf != NULL) - { - KeyFile *d = kf; - kf = kf->Next; - burn (d, sizeof(*d)); // wipe - free (d); - } - - *firstKeyFile = NULL; -} - - -KeyFile *KeyFileClone (KeyFile *keyFile) -{ - KeyFile *clone = NULL; - - if (keyFile == NULL) return NULL; - - clone = (KeyFile *) malloc (sizeof (KeyFile)); - if (clone) - { - StringCbCopyW (clone->FileName, sizeof(clone->FileName), keyFile->FileName); - clone->Next = NULL; - } - return clone; -} - - -void KeyFileCloneAll (KeyFile *firstKeyFile, KeyFile **outputKeyFile) -{ - if (outputKeyFile) - { - KeyFile *cloneFirstKeyFile = KeyFileClone (firstKeyFile); - KeyFile *kf; - - // free output only if different from input - if (*outputKeyFile != firstKeyFile) - KeyFileRemoveAll (outputKeyFile); - if (firstKeyFile) - { - kf = firstKeyFile->Next; - while (kf != NULL) - { - KeyFileAdd (cloneFirstKeyFile, KeyFileClone (kf)); - kf = kf->Next; - } - - *outputKeyFile = cloneFirstKeyFile; - } - } -} - - -static BOOL KeyFileProcess (unsigned __int8 *keyPool, KeyFile *keyFile) -{ - FILE *f; - unsigned __int8 buffer[64 * 1024]; - unsigned __int32 crc = 0xffffffff; - int writePos = 0; - size_t bytesRead, totalRead = 0; - int status = TRUE; - - HANDLE src; - FILETIME ftCreationTime; - FILETIME ftLastWriteTime; - FILETIME ftLastAccessTime; - - BOOL bTimeStampValid = FALSE; - - /* Remember the last access time of the keyfile. It will be preserved in order to prevent - an adversary from determining which file may have been used as keyfile. */ - src = CreateFile (keyFile->FileName, - GENERIC_READ | GENERIC_WRITE, - FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (src != INVALID_HANDLE_VALUE) - { - if (GetFileTime ((HANDLE) src, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime)) - bTimeStampValid = TRUE; - } - - finally_do_arg (HANDLE, src, - { - if (finally_arg != INVALID_HANDLE_VALUE) - CloseHandle (finally_arg); - }); - - f = _wfopen (keyFile->FileName, L"rb"); - if (f == NULL) return FALSE; - - while ((bytesRead = fread (buffer, 1, sizeof (buffer), f)) > 0) - { - size_t i; - - if (ferror (f)) - { - status = FALSE; - goto close; - } - - for (i = 0; i < bytesRead; i++) - { - crc = UPDC32 (buffer[i], crc); - - keyPool[writePos++] += (unsigned __int8) (crc >> 24); - keyPool[writePos++] += (unsigned __int8) (crc >> 16); - keyPool[writePos++] += (unsigned __int8) (crc >> 8); - keyPool[writePos++] += (unsigned __int8) crc; - - if (writePos >= KEYFILE_POOL_SIZE) - writePos = 0; - - if (++totalRead >= KEYFILE_MAX_READ_LEN) - goto close; - } - } - - if (ferror (f)) - { - status = FALSE; - } - else if (totalRead == 0) - { - status = FALSE; - SetLastError (ERROR_HANDLE_EOF); - } - -close: - DWORD err = GetLastError(); - fclose (f); - - if (bTimeStampValid && !IsFileOnReadOnlyFilesystem (keyFile->FileName)) - { - // Restore the keyfile timestamp - SetFileTime (src, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime); - } - - SetLastError (err); - return status; -} - - -BOOL KeyFilesApply (HWND hwndDlg, Password *password, KeyFile *firstKeyFile, const wchar_t* volumeFileName) -{ - return KeyFilesApplyWithPin (hwndDlg, password, nullptr, firstKeyFile, volumeFileName); -} - -BOOL KeyFilesApplyWithPin (HWND hwndDlg, Password *password, char* pin, KeyFile *firstKeyFile, const wchar_t* volumeFileName) -{ - BOOL status = TRUE; - KeyFile kfSubStruct; - KeyFile *kf; - KeyFile *kfSub = &kfSubStruct; - static unsigned __int8 keyPool [KEYFILE_POOL_SIZE]; - size_t i; - struct stat statStruct; - wchar_t searchPath [TC_MAX_PATH*2]; - struct _wfinddata_t fBuf; - intptr_t searchHandle; - - HiddenFilesPresentInKeyfilePath = FALSE; - - if (firstKeyFile == NULL) return TRUE; - - VirtualLock (keyPool, sizeof (keyPool)); - memset (keyPool, 0, sizeof (keyPool)); - - for (kf = firstKeyFile; kf != NULL; kf = kf->Next) - { - // Determine whether it's a security token path - try - { - if (SecurityToken::IsKeyfilePathValid (kf->FileName)) - { - // Apply security token keyfile - vector keyfileData; - SecurityTokenKeyfilePath secPath (kf->FileName); - SecurityToken::GetKeyfileData (SecurityTokenKeyfile (secPath, pin), pin, keyfileData); - - if (keyfileData.empty()) - { - SetLastError (ERROR_HANDLE_EOF); - handleWin32Error (hwndDlg, SRC_POS); - Error ("ERR_PROCESS_KEYFILE", hwndDlg); - status = FALSE; - continue; - } - - unsigned __int32 crc = 0xffffffff; - int writePos = 0; - size_t totalRead = 0; - - for (size_t i = 0; i < keyfileData.size(); i++) - { - crc = UPDC32 (keyfileData[i], crc); - - keyPool[writePos++] += (unsigned __int8) (crc >> 24); - keyPool[writePos++] += (unsigned __int8) (crc >> 16); - keyPool[writePos++] += (unsigned __int8) (crc >> 8); - keyPool[writePos++] += (unsigned __int8) crc; - - if (writePos >= KEYFILE_POOL_SIZE) - writePos = 0; - - if (++totalRead >= KEYFILE_MAX_READ_LEN) - break; - } - - burn (&keyfileData.front(), keyfileData.size()); - continue; - } - } - catch (Exception &e) - { - e.Show (NULL); - return FALSE; - } - - // Determine whether it's a path or a file - if (_wstat (kf->FileName, &statStruct) != 0) - { - handleWin32Error (hwndDlg, SRC_POS); - Error ("ERR_PROCESS_KEYFILE", hwndDlg); - status = FALSE; - continue; - } - - if (statStruct.st_mode & S_IFDIR) // If it's a directory - { - /* Find and process all keyfiles in the directory */ - int keyfileCount = 0; - - StringCbPrintfW (searchPath, sizeof (searchPath), L"%s\\*.*", kf->FileName); - if ((searchHandle = _wfindfirst (searchPath, &fBuf)) == -1) - { - handleWin32Error (hwndDlg, SRC_POS); - Error ("ERR_PROCESS_KEYFILE_PATH", hwndDlg); - status = FALSE; - continue; - } - - do - { - WIN32_FILE_ATTRIBUTE_DATA fileAttributes; - - StringCbPrintfW (kfSub->FileName, sizeof(kfSub->FileName), L"%s%c%s", kf->FileName, - L'\\', - fBuf.name - ); - - // Determine whether it's a path or a file - if (_wstat (kfSub->FileName, &statStruct) != 0) - { - handleWin32Error (hwndDlg, SRC_POS); - Error ("ERR_PROCESS_KEYFILE", hwndDlg); - status = FALSE; - continue; - } - else if (statStruct.st_mode & S_IFDIR) // If it's a directory - { - // Prevent recursive folder scanning - continue; - } - - // Skip hidden files - if (GetFileAttributesExW (kfSub->FileName, GetFileExInfoStandard, &fileAttributes) - && (fileAttributes.dwFileAttributes & FILE_ATTRIBUTE_HIDDEN) != 0) - { - HiddenFilesPresentInKeyfilePath = TRUE; - continue; - } - - CorrectFileName (kfSub->FileName); - if (volumeFileName && (_wcsicmp (volumeFileName, kfSub->FileName) == 0)) - { - // skip if it is the current container file name - continue; - } - - ++keyfileCount; - - // Apply keyfile to the pool - if (!KeyFileProcess (keyPool, kfSub)) - { - handleWin32Error (hwndDlg, SRC_POS); - Error ("ERR_PROCESS_KEYFILE", hwndDlg); - status = FALSE; - } - - } while (_wfindnext (searchHandle, &fBuf) != -1); - _findclose (searchHandle); - - burn (&kfSubStruct, sizeof (kfSubStruct)); - - if (keyfileCount == 0) - { - ErrorDirect ((wstring (GetString ("ERR_KEYFILE_PATH_EMPTY")) + L"\n\n" + wstring (kf->FileName)).c_str(), hwndDlg); - status = FALSE; - } - } - // Apply keyfile to the pool - else if (!KeyFileProcess (keyPool, kf)) - { - handleWin32Error (hwndDlg, SRC_POS); - Error ("ERR_PROCESS_KEYFILE", hwndDlg); - status = FALSE; - } - } - - /* Mix the keyfile pool contents into the password */ - - for (i = 0; i < sizeof (keyPool); i++) - { - if (i < password->Length) - password->Text[i] += keyPool[i]; - else - password->Text[i] = keyPool[i]; - } - - if (password->Length < (int)sizeof (keyPool)) - password->Length = sizeof (keyPool); - - burn (keyPool, sizeof (keyPool)); - - return status; -} - - -static void LoadKeyList (HWND hwndDlg, KeyFile *firstKeyFile) -{ - KeyFile *kf; - LVITEM LvItem; - int line = 0; - HWND hList = GetDlgItem (hwndDlg, IDC_KEYLIST); - - ListView_DeleteAllItems (hList); - EnableWindow (GetDlgItem (hwndDlg, IDC_KEYREMOVE), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_KEYREMOVEALL), firstKeyFile != NULL); - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, firstKeyFile != NULL); - - for (kf = firstKeyFile; kf != NULL; kf = kf->Next) - { - memset (&LvItem,0,sizeof(LvItem)); - LvItem.mask = LVIF_TEXT|LVIF_PARAM; - LvItem.iItem = line++; - LvItem.iSubItem = 0; - LvItem.pszText = kf->FileName; - LvItem.lParam = (LPARAM) kf; - SendMessage (hList, LVM_INSERTITEM, 0, (LPARAM)&LvItem); - } -} - -#if KEYFILE_POOL_SIZE % 4 != 0 -#error KEYFILE_POOL_SIZE must be a multiple of 4 -#endif - -BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - static KeyFilesDlgParam *param; - static KeyFilesDlgParam origParam; - - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - LVCOLUMNW LvCol; - HWND hList = GetDlgItem (hwndDlg, IDC_KEYLIST); - - param = (KeyFilesDlgParam *) lParam; - origParam = *(KeyFilesDlgParam *) lParam; - - KeyFileCloneAll (param->FirstKeyFile, ¶m->FirstKeyFile); - - LocalizeDialog (hwndDlg, "IDD_KEYFILES"); - DragAcceptFiles (hwndDlg, TRUE); - - SendMessageW (hList,LVM_SETEXTENDEDLISTVIEWSTYLE,0, - LVS_EX_FULLROWSELECT|LVS_EX_HEADERDRAGDROP - ); - - memset (&LvCol,0,sizeof(LvCol)); - LvCol.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; - LvCol.pszText = GetString ("KEYFILE"); - LvCol.cx = CompensateXDPI (374); - LvCol.fmt = LVCFMT_LEFT; - SendMessageW (hList, LVM_INSERTCOLUMNW, 0, (LPARAM)&LvCol); - - LoadKeyList (hwndDlg, param->FirstKeyFile); - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, param->EnableKeyFiles); - -#ifdef TCMOUNT - if ( (origParam.EnableKeyFiles == defaultKeyFilesParam.EnableKeyFiles) - && (origParam.FirstKeyFile == defaultKeyFilesParam.FirstKeyFile) - ) - { - /* default keyfile dialog case */ - SetCheckBox (hwndDlg, IDC_KEYFILES_TRY_EMPTY_PASSWORD, bTryEmptyPasswordWhenKeyfileUsed); - ShowWindow(GetDlgItem(hwndDlg, IDC_KEYFILES_TRY_EMPTY_PASSWORD), SW_SHOW); - } -#endif - - SetWindowTextW(GetDlgItem(hwndDlg, IDT_KEYFILES_NOTE), GetString ("KEYFILES_NOTE")); - - ToHyperlink (hwndDlg, IDC_LINK_KEYFILES_INFO); - } - return 1; - - case WM_COMMAND: - - if (lw == IDC_KEYADD) - { - KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); - if (kf) - { - if (SelectMultipleFiles (hwndDlg, "SELECT_KEYFILE", kf->FileName, sizeof(kf->FileName),bHistory)) - { - bool containerFileSkipped = false; - do - { - CorrectFileName (kf->FileName); - if (_wcsicmp (param->VolumeFileName, kf->FileName) == 0) - containerFileSkipped = true; - else - { - param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); - LoadKeyList (hwndDlg, param->FirstKeyFile); - - kf = (KeyFile *) malloc (sizeof (KeyFile)); - } - } while (SelectMultipleFilesNext (kf->FileName, sizeof(kf->FileName))); - - if (containerFileSkipped) - { - Warning ("SELECTED_KEYFILE_IS_CONTAINER_FILE", hwndDlg); - } - } - - free (kf); - } - return 1; - } - - if (lw == IDC_ADD_KEYFILE_PATH) - { - KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); - - if (BrowseDirectories (hwndDlg,"SELECT_KEYFILE_PATH", kf->FileName)) - { - param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); - LoadKeyList (hwndDlg, param->FirstKeyFile); - } - else - { - free (kf); - } - return 1; - } - - if (lw == IDC_TOKEN_FILES_ADD) - { - list selectedTokenKeyfiles; - if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_TOKEN_KEYFILES), hwndDlg, (DLGPROC) SecurityTokenKeyfileDlgProc, (LPARAM) &selectedTokenKeyfiles) == IDOK) - { - foreach (const SecurityTokenKeyfilePath &keyPath, selectedTokenKeyfiles) - { - KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); - if (kf) - { - StringCbCopyW (kf->FileName, sizeof (kf->FileName), wstring(keyPath).c_str ()); - - param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); - LoadKeyList (hwndDlg, param->FirstKeyFile); - } - } - } - - return 1; - } - - if (lw == IDC_KEYREMOVE) - { - HWND list = GetDlgItem (hwndDlg, IDC_KEYLIST); - LVITEM LvItem; - memset (&LvItem, 0, sizeof(LvItem)); - LvItem.mask = LVIF_PARAM; - LvItem.iItem = -1; - - while (-1 != (LvItem.iItem = ListView_GetNextItem (list, LvItem.iItem, LVIS_SELECTED))) - { - ListView_GetItem (list, &LvItem); - param->FirstKeyFile = KeyFileRemove (param->FirstKeyFile, (KeyFile *) LvItem.lParam); - } - - LoadKeyList (hwndDlg, param->FirstKeyFile); - return 1; - } - - if (lw == IDC_KEYREMOVEALL) - { - KeyFileRemoveAll (¶m->FirstKeyFile); - LoadKeyList (hwndDlg, NULL); - return 1; - } - - if (lw == IDC_GENERATE_KEYFILE) - { - DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_KEYFILE_GENERATOR), hwndDlg, - (DLGPROC) KeyfileGeneratorDlgProc, (LPARAM) 0); - return 1; - } - - if (lw == IDC_LINK_KEYFILES_INFO) - { - Applink ("keyfiles", TRUE, ""); - return 1; - } - - if (lw == IDOK) - { - param->EnableKeyFiles = IsButtonChecked (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE)); - -#ifdef TCMOUNT - if (IsWindowVisible (GetDlgItem (hwndDlg, IDC_KEYFILES_TRY_EMPTY_PASSWORD))) - { - bTryEmptyPasswordWhenKeyfileUsed = IsButtonChecked (GetDlgItem (hwndDlg, IDC_KEYFILES_TRY_EMPTY_PASSWORD)); - - if (UsePreferences) - { - WaitCursor (); - SaveSettings (hwndDlg); - NormalCursor (); - } - } -#endif - EndDialog (hwndDlg, IDOK); - return 1; - } - - if (lw == IDCANCEL) - { - KeyFileRemoveAll (¶m->FirstKeyFile); - *param = origParam; - - EndDialog (hwndDlg, IDCLOSE); - return 1; - } - break; - - case WM_DROPFILES: - { - HDROP hdrop = (HDROP) wParam; - - int i = 0, count = DragQueryFile (hdrop, 0xFFFFFFFF, NULL, 0); - - while (count-- > 0) - { - KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); - if (kf) - { - DragQueryFile (hdrop, i++, kf->FileName, ARRAYSIZE (kf->FileName)); - param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); - LoadKeyList (hwndDlg, param->FirstKeyFile); - } - } - - DragFinish (hdrop); - } - return 1; - - case WM_NOTIFY: - if (((LPNMHDR) lParam)->code == LVN_ITEMCHANGED) - { - EnableWindow (GetDlgItem (hwndDlg, IDC_KEYREMOVE), - ListView_GetNextItem (GetDlgItem (hwndDlg, IDC_KEYLIST), -1, LVIS_SELECTED) != -1); - return 1; - } - break; - - case WM_CLOSE: - KeyFileRemoveAll (¶m->FirstKeyFile); - *param = origParam; - - EndDialog (hwndDlg, IDCLOSE); - return 1; - - break; - - } - - return 0; -} - - -#define IDM_KEYFILES_POPUP_ADD_FILES 9001 -#define IDM_KEYFILES_POPUP_ADD_DIR 9002 -#define IDM_KEYFILES_POPUP_ADD_TOKEN_FILES 9003 - -BOOL KeyfilesPopupMenu (HWND hwndDlg, POINT popupPosition, KeyFilesDlgParam *param) -{ - HMENU popup = CreatePopupMenu (); - if (!popup) - return FALSE; - int sel; - BOOL status = FALSE; - - AppendMenuW (popup, MF_STRING, IDM_KEYFILES_POPUP_ADD_FILES, GetString ("IDC_KEYADD")); - AppendMenuW (popup, MF_STRING, IDM_KEYFILES_POPUP_ADD_DIR, GetString ("IDC_ADD_KEYFILE_PATH")); - AppendMenuW (popup, MF_STRING, IDM_KEYFILES_POPUP_ADD_TOKEN_FILES, GetString ("IDC_TOKEN_FILES_ADD")); - - sel = TrackPopupMenu (popup, TPM_RETURNCMD | TPM_LEFTBUTTON, popupPosition.x, popupPosition.y, 0, hwndDlg, NULL); - - switch (sel) - { - case IDM_KEYFILES_POPUP_ADD_FILES: - { - KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); - if (kf) - { - if (SelectMultipleFiles (hwndDlg, "SELECT_KEYFILE", kf->FileName, sizeof(kf->FileName),bHistory)) - { - do - { - param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); - kf = (KeyFile *) malloc (sizeof (KeyFile)); - } while (SelectMultipleFilesNext (kf->FileName, sizeof(kf->FileName))); - - param->EnableKeyFiles = TRUE; - status = TRUE; - } - - free (kf); - } - } - break; - - case IDM_KEYFILES_POPUP_ADD_DIR: - { - KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); - if (kf) - { - if (BrowseDirectories (hwndDlg,"SELECT_KEYFILE_PATH", kf->FileName)) - { - param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); - param->EnableKeyFiles = TRUE; - status = TRUE; - } - else - { - free (kf); - } - } - } - break; - - case IDM_KEYFILES_POPUP_ADD_TOKEN_FILES: - { - list selectedTokenKeyfiles; - if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_TOKEN_KEYFILES), hwndDlg, (DLGPROC) SecurityTokenKeyfileDlgProc, (LPARAM) &selectedTokenKeyfiles) == IDOK) - { - foreach (const SecurityTokenKeyfilePath &keyPath, selectedTokenKeyfiles) - { - KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); - if (kf) - { - StringCbCopyW (kf->FileName, sizeof (kf->FileName), wstring (keyPath).c_str()); - - param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); - param->EnableKeyFiles = TRUE; - status = TRUE; - } - } - } - } - break; - } - - DestroyMenu (popup); - return status; -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include +#include +#include +#include + +#include "Tcdefs.h" +#include "Keyfiles.h" +#include "Crc.h" + +#include +#include "Dlgcode.h" +#include "Language.h" +#include "SecurityToken.h" +#include "Common/resource.h" +#include "Platform/Finally.h" +#include "Platform/ForEach.h" +#ifdef TCMOUNT +#include "Mount/Mount.h" +#endif + +#include + +using namespace VeraCrypt; + +#define stat _stat +#define S_IFDIR _S_IFDIR + + +BOOL HiddenFilesPresentInKeyfilePath = FALSE; + +#ifdef TCMOUNT +extern BOOL UsePreferences; +#endif + +KeyFile *KeyFileAdd (KeyFile *firstKeyFile, KeyFile *keyFile) +{ + KeyFile *kf = firstKeyFile; + + if (firstKeyFile != NULL) + { + while (kf->Next) + kf = kf->Next; + + kf->Next = keyFile; + } + else + firstKeyFile = keyFile; + + keyFile->Next = NULL; + + return firstKeyFile; +} + + +// Returns first keyfile, NULL if last keyfile was removed +static KeyFile *KeyFileRemove (KeyFile *firstKeyFile, KeyFile *keyFile) +{ + KeyFile *prevkf = NULL, *kf = firstKeyFile; + + if (firstKeyFile == NULL) return NULL; + do + { + if (kf == keyFile) + { + if (prevkf == NULL) + firstKeyFile = kf->Next; + else + prevkf->Next = kf->Next; + + burn (keyFile, sizeof(*keyFile)); // wipe + free (keyFile); + break; + } + prevkf = kf; + } + while (kf = kf->Next); + + return firstKeyFile; +} + + +void KeyFileRemoveAll (KeyFile **firstKeyFile) +{ + KeyFile *kf = *firstKeyFile; + while (kf != NULL) + { + KeyFile *d = kf; + kf = kf->Next; + burn (d, sizeof(*d)); // wipe + free (d); + } + + *firstKeyFile = NULL; +} + + +KeyFile *KeyFileClone (KeyFile *keyFile) +{ + KeyFile *clone = NULL; + + if (keyFile == NULL) return NULL; + + clone = (KeyFile *) malloc (sizeof (KeyFile)); + if (clone) + { + StringCbCopyW (clone->FileName, sizeof(clone->FileName), keyFile->FileName); + clone->Next = NULL; + } + return clone; +} + + +void KeyFileCloneAll (KeyFile *firstKeyFile, KeyFile **outputKeyFile) +{ + if (outputKeyFile) + { + KeyFile *cloneFirstKeyFile = KeyFileClone (firstKeyFile); + KeyFile *kf; + + // free output only if different from input + if (*outputKeyFile != firstKeyFile) + KeyFileRemoveAll (outputKeyFile); + if (firstKeyFile) + { + kf = firstKeyFile->Next; + while (kf != NULL) + { + KeyFileAdd (cloneFirstKeyFile, KeyFileClone (kf)); + kf = kf->Next; + } + + *outputKeyFile = cloneFirstKeyFile; + } + } +} + + +static BOOL KeyFileProcess (unsigned __int8 *keyPool, KeyFile *keyFile) +{ + FILE *f; + unsigned __int8 buffer[64 * 1024]; + unsigned __int32 crc = 0xffffffff; + int writePos = 0; + size_t bytesRead, totalRead = 0; + int status = TRUE; + + HANDLE src; + FILETIME ftCreationTime; + FILETIME ftLastWriteTime; + FILETIME ftLastAccessTime; + + BOOL bTimeStampValid = FALSE; + + /* Remember the last access time of the keyfile. It will be preserved in order to prevent + an adversary from determining which file may have been used as keyfile. */ + src = CreateFile (keyFile->FileName, + GENERIC_READ | GENERIC_WRITE, + FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (src != INVALID_HANDLE_VALUE) + { + if (GetFileTime ((HANDLE) src, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime)) + bTimeStampValid = TRUE; + } + + finally_do_arg (HANDLE, src, + { + if (finally_arg != INVALID_HANDLE_VALUE) + CloseHandle (finally_arg); + }); + + f = _wfopen (keyFile->FileName, L"rb"); + if (f == NULL) return FALSE; + + while ((bytesRead = fread (buffer, 1, sizeof (buffer), f)) > 0) + { + size_t i; + + if (ferror (f)) + { + status = FALSE; + goto close; + } + + for (i = 0; i < bytesRead; i++) + { + crc = UPDC32 (buffer[i], crc); + + keyPool[writePos++] += (unsigned __int8) (crc >> 24); + keyPool[writePos++] += (unsigned __int8) (crc >> 16); + keyPool[writePos++] += (unsigned __int8) (crc >> 8); + keyPool[writePos++] += (unsigned __int8) crc; + + if (writePos >= KEYFILE_POOL_SIZE) + writePos = 0; + + if (++totalRead >= KEYFILE_MAX_READ_LEN) + goto close; + } + } + + if (ferror (f)) + { + status = FALSE; + } + else if (totalRead == 0) + { + status = FALSE; + SetLastError (ERROR_HANDLE_EOF); + } + +close: + DWORD err = GetLastError(); + fclose (f); + + if (bTimeStampValid && !IsFileOnReadOnlyFilesystem (keyFile->FileName)) + { + // Restore the keyfile timestamp + SetFileTime (src, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime); + } + + SetLastError (err); + return status; +} + + +BOOL KeyFilesApply (HWND hwndDlg, Password *password, KeyFile *firstKeyFile, const wchar_t* volumeFileName) +{ + return KeyFilesApplyWithPin (hwndDlg, password, nullptr, firstKeyFile, volumeFileName); +} + +BOOL KeyFilesApplyWithPin (HWND hwndDlg, Password *password, char* pin, KeyFile *firstKeyFile, const wchar_t* volumeFileName) +{ + BOOL status = TRUE; + KeyFile kfSubStruct; + KeyFile *kf; + KeyFile *kfSub = &kfSubStruct; + static unsigned __int8 keyPool [KEYFILE_POOL_SIZE]; + size_t i; + struct stat statStruct; + wchar_t searchPath [TC_MAX_PATH*2]; + struct _wfinddata_t fBuf; + intptr_t searchHandle; + + HiddenFilesPresentInKeyfilePath = FALSE; + + if (firstKeyFile == NULL) return TRUE; + + VirtualLock (keyPool, sizeof (keyPool)); + memset (keyPool, 0, sizeof (keyPool)); + + for (kf = firstKeyFile; kf != NULL; kf = kf->Next) + { + // Determine whether it's a security token path + try + { + if (SecurityToken::IsKeyfilePathValid (kf->FileName)) + { + // Apply security token keyfile + vector keyfileData; + SecurityTokenKeyfilePath secPath (kf->FileName); + SecurityToken::GetKeyfileData (SecurityTokenKeyfile (secPath, pin), pin, keyfileData); + + if (keyfileData.empty()) + { + SetLastError (ERROR_HANDLE_EOF); + handleWin32Error (hwndDlg, SRC_POS); + Error ("ERR_PROCESS_KEYFILE", hwndDlg); + status = FALSE; + continue; + } + + unsigned __int32 crc = 0xffffffff; + int writePos = 0; + size_t totalRead = 0; + + for (size_t i = 0; i < keyfileData.size(); i++) + { + crc = UPDC32 (keyfileData[i], crc); + + keyPool[writePos++] += (unsigned __int8) (crc >> 24); + keyPool[writePos++] += (unsigned __int8) (crc >> 16); + keyPool[writePos++] += (unsigned __int8) (crc >> 8); + keyPool[writePos++] += (unsigned __int8) crc; + + if (writePos >= KEYFILE_POOL_SIZE) + writePos = 0; + + if (++totalRead >= KEYFILE_MAX_READ_LEN) + break; + } + + burn (&keyfileData.front(), keyfileData.size()); + continue; + } + } + catch (Exception &e) + { + e.Show (NULL); + return FALSE; + } + + // Determine whether it's a path or a file + if (_wstat (kf->FileName, &statStruct) != 0) + { + handleWin32Error (hwndDlg, SRC_POS); + Error ("ERR_PROCESS_KEYFILE", hwndDlg); + status = FALSE; + continue; + } + + if (statStruct.st_mode & S_IFDIR) // If it's a directory + { + /* Find and process all keyfiles in the directory */ + int keyfileCount = 0; + + StringCbPrintfW (searchPath, sizeof (searchPath), L"%s\\*.*", kf->FileName); + if ((searchHandle = _wfindfirst (searchPath, &fBuf)) == -1) + { + handleWin32Error (hwndDlg, SRC_POS); + Error ("ERR_PROCESS_KEYFILE_PATH", hwndDlg); + status = FALSE; + continue; + } + + do + { + WIN32_FILE_ATTRIBUTE_DATA fileAttributes; + + StringCbPrintfW (kfSub->FileName, sizeof(kfSub->FileName), L"%s%c%s", kf->FileName, + L'\\', + fBuf.name + ); + + // Determine whether it's a path or a file + if (_wstat (kfSub->FileName, &statStruct) != 0) + { + handleWin32Error (hwndDlg, SRC_POS); + Error ("ERR_PROCESS_KEYFILE", hwndDlg); + status = FALSE; + continue; + } + else if (statStruct.st_mode & S_IFDIR) // If it's a directory + { + // Prevent recursive folder scanning + continue; + } + + // Skip hidden files + if (GetFileAttributesExW (kfSub->FileName, GetFileExInfoStandard, &fileAttributes) + && (fileAttributes.dwFileAttributes & FILE_ATTRIBUTE_HIDDEN) != 0) + { + HiddenFilesPresentInKeyfilePath = TRUE; + continue; + } + + CorrectFileName (kfSub->FileName); + if (volumeFileName && (_wcsicmp (volumeFileName, kfSub->FileName) == 0)) + { + // skip if it is the current container file name + continue; + } + + ++keyfileCount; + + // Apply keyfile to the pool + if (!KeyFileProcess (keyPool, kfSub)) + { + handleWin32Error (hwndDlg, SRC_POS); + Error ("ERR_PROCESS_KEYFILE", hwndDlg); + status = FALSE; + } + + } while (_wfindnext (searchHandle, &fBuf) != -1); + _findclose (searchHandle); + + burn (&kfSubStruct, sizeof (kfSubStruct)); + + if (keyfileCount == 0) + { + ErrorDirect ((wstring (GetString ("ERR_KEYFILE_PATH_EMPTY")) + L"\n\n" + wstring (kf->FileName)).c_str(), hwndDlg); + status = FALSE; + } + } + // Apply keyfile to the pool + else if (!KeyFileProcess (keyPool, kf)) + { + handleWin32Error (hwndDlg, SRC_POS); + Error ("ERR_PROCESS_KEYFILE", hwndDlg); + status = FALSE; + } + } + + /* Mix the keyfile pool contents into the password */ + + for (i = 0; i < sizeof (keyPool); i++) + { + if (i < password->Length) + password->Text[i] += keyPool[i]; + else + password->Text[i] = keyPool[i]; + } + + if (password->Length < (int)sizeof (keyPool)) + password->Length = sizeof (keyPool); + + burn (keyPool, sizeof (keyPool)); + + return status; +} + + +static void LoadKeyList (HWND hwndDlg, KeyFile *firstKeyFile) +{ + KeyFile *kf; + LVITEM LvItem; + int line = 0; + HWND hList = GetDlgItem (hwndDlg, IDC_KEYLIST); + + ListView_DeleteAllItems (hList); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEYREMOVE), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEYREMOVEALL), firstKeyFile != NULL); + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, firstKeyFile != NULL); + + for (kf = firstKeyFile; kf != NULL; kf = kf->Next) + { + memset (&LvItem,0,sizeof(LvItem)); + LvItem.mask = LVIF_TEXT|LVIF_PARAM; + LvItem.iItem = line++; + LvItem.iSubItem = 0; + LvItem.pszText = kf->FileName; + LvItem.lParam = (LPARAM) kf; + SendMessage (hList, LVM_INSERTITEM, 0, (LPARAM)&LvItem); + } +} + +#if KEYFILE_POOL_SIZE % 4 != 0 +#error KEYFILE_POOL_SIZE must be a multiple of 4 +#endif + +BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + static KeyFilesDlgParam *param; + static KeyFilesDlgParam origParam; + + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + LVCOLUMNW LvCol; + HWND hList = GetDlgItem (hwndDlg, IDC_KEYLIST); + + param = (KeyFilesDlgParam *) lParam; + origParam = *(KeyFilesDlgParam *) lParam; + + KeyFileCloneAll (param->FirstKeyFile, ¶m->FirstKeyFile); + + LocalizeDialog (hwndDlg, "IDD_KEYFILES"); + DragAcceptFiles (hwndDlg, TRUE); + + SendMessageW (hList,LVM_SETEXTENDEDLISTVIEWSTYLE,0, + LVS_EX_FULLROWSELECT|LVS_EX_HEADERDRAGDROP + ); + + memset (&LvCol,0,sizeof(LvCol)); + LvCol.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; + LvCol.pszText = GetString ("KEYFILE"); + LvCol.cx = CompensateXDPI (374); + LvCol.fmt = LVCFMT_LEFT; + SendMessageW (hList, LVM_INSERTCOLUMNW, 0, (LPARAM)&LvCol); + + LoadKeyList (hwndDlg, param->FirstKeyFile); + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, param->EnableKeyFiles); + +#ifdef TCMOUNT + if ( (origParam.EnableKeyFiles == defaultKeyFilesParam.EnableKeyFiles) + && (origParam.FirstKeyFile == defaultKeyFilesParam.FirstKeyFile) + ) + { + /* default keyfile dialog case */ + SetCheckBox (hwndDlg, IDC_KEYFILES_TRY_EMPTY_PASSWORD, bTryEmptyPasswordWhenKeyfileUsed); + ShowWindow(GetDlgItem(hwndDlg, IDC_KEYFILES_TRY_EMPTY_PASSWORD), SW_SHOW); + } +#endif + + SetWindowTextW(GetDlgItem(hwndDlg, IDT_KEYFILES_NOTE), GetString ("KEYFILES_NOTE")); + + ToHyperlink (hwndDlg, IDC_LINK_KEYFILES_INFO); + } + return 1; + + case WM_COMMAND: + + if (lw == IDC_KEYADD) + { + KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); + if (kf) + { + if (SelectMultipleFiles (hwndDlg, "SELECT_KEYFILE", kf->FileName, sizeof(kf->FileName),bHistory)) + { + bool containerFileSkipped = false; + do + { + CorrectFileName (kf->FileName); + if (_wcsicmp (param->VolumeFileName, kf->FileName) == 0) + containerFileSkipped = true; + else + { + param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); + LoadKeyList (hwndDlg, param->FirstKeyFile); + + kf = (KeyFile *) malloc (sizeof (KeyFile)); + } + } while (SelectMultipleFilesNext (kf->FileName, sizeof(kf->FileName))); + + if (containerFileSkipped) + { + Warning ("SELECTED_KEYFILE_IS_CONTAINER_FILE", hwndDlg); + } + } + + free (kf); + } + return 1; + } + + if (lw == IDC_ADD_KEYFILE_PATH) + { + KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); + + if (BrowseDirectories (hwndDlg,"SELECT_KEYFILE_PATH", kf->FileName)) + { + param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); + LoadKeyList (hwndDlg, param->FirstKeyFile); + } + else + { + free (kf); + } + return 1; + } + + if (lw == IDC_TOKEN_FILES_ADD) + { + list selectedTokenKeyfiles; + if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_TOKEN_KEYFILES), hwndDlg, (DLGPROC) SecurityTokenKeyfileDlgProc, (LPARAM) &selectedTokenKeyfiles) == IDOK) + { + foreach (const SecurityTokenKeyfilePath &keyPath, selectedTokenKeyfiles) + { + KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); + if (kf) + { + StringCbCopyW (kf->FileName, sizeof (kf->FileName), wstring(keyPath).c_str ()); + + param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); + LoadKeyList (hwndDlg, param->FirstKeyFile); + } + } + } + + return 1; + } + + if (lw == IDC_KEYREMOVE) + { + HWND list = GetDlgItem (hwndDlg, IDC_KEYLIST); + LVITEM LvItem; + memset (&LvItem, 0, sizeof(LvItem)); + LvItem.mask = LVIF_PARAM; + LvItem.iItem = -1; + + while (-1 != (LvItem.iItem = ListView_GetNextItem (list, LvItem.iItem, LVIS_SELECTED))) + { + ListView_GetItem (list, &LvItem); + param->FirstKeyFile = KeyFileRemove (param->FirstKeyFile, (KeyFile *) LvItem.lParam); + } + + LoadKeyList (hwndDlg, param->FirstKeyFile); + return 1; + } + + if (lw == IDC_KEYREMOVEALL) + { + KeyFileRemoveAll (¶m->FirstKeyFile); + LoadKeyList (hwndDlg, NULL); + return 1; + } + + if (lw == IDC_GENERATE_KEYFILE) + { + DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_KEYFILE_GENERATOR), hwndDlg, + (DLGPROC) KeyfileGeneratorDlgProc, (LPARAM) 0); + return 1; + } + + if (lw == IDC_LINK_KEYFILES_INFO) + { + Applink ("keyfiles", TRUE, ""); + return 1; + } + + if (lw == IDOK) + { + param->EnableKeyFiles = IsButtonChecked (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE)); + +#ifdef TCMOUNT + if (IsWindowVisible (GetDlgItem (hwndDlg, IDC_KEYFILES_TRY_EMPTY_PASSWORD))) + { + bTryEmptyPasswordWhenKeyfileUsed = IsButtonChecked (GetDlgItem (hwndDlg, IDC_KEYFILES_TRY_EMPTY_PASSWORD)); + + if (UsePreferences) + { + WaitCursor (); + SaveSettings (hwndDlg); + NormalCursor (); + } + } +#endif + EndDialog (hwndDlg, IDOK); + return 1; + } + + if (lw == IDCANCEL) + { + KeyFileRemoveAll (¶m->FirstKeyFile); + *param = origParam; + + EndDialog (hwndDlg, IDCLOSE); + return 1; + } + break; + + case WM_DROPFILES: + { + HDROP hdrop = (HDROP) wParam; + + int i = 0, count = DragQueryFile (hdrop, 0xFFFFFFFF, NULL, 0); + + while (count-- > 0) + { + KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); + if (kf) + { + DragQueryFile (hdrop, i++, kf->FileName, ARRAYSIZE (kf->FileName)); + param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); + LoadKeyList (hwndDlg, param->FirstKeyFile); + } + } + + DragFinish (hdrop); + } + return 1; + + case WM_NOTIFY: + if (((LPNMHDR) lParam)->code == LVN_ITEMCHANGED) + { + EnableWindow (GetDlgItem (hwndDlg, IDC_KEYREMOVE), + ListView_GetNextItem (GetDlgItem (hwndDlg, IDC_KEYLIST), -1, LVIS_SELECTED) != -1); + return 1; + } + break; + + case WM_CLOSE: + KeyFileRemoveAll (¶m->FirstKeyFile); + *param = origParam; + + EndDialog (hwndDlg, IDCLOSE); + return 1; + + break; + + } + + return 0; +} + + +#define IDM_KEYFILES_POPUP_ADD_FILES 9001 +#define IDM_KEYFILES_POPUP_ADD_DIR 9002 +#define IDM_KEYFILES_POPUP_ADD_TOKEN_FILES 9003 + +BOOL KeyfilesPopupMenu (HWND hwndDlg, POINT popupPosition, KeyFilesDlgParam *param) +{ + HMENU popup = CreatePopupMenu (); + if (!popup) + return FALSE; + int sel; + BOOL status = FALSE; + + AppendMenuW (popup, MF_STRING, IDM_KEYFILES_POPUP_ADD_FILES, GetString ("IDC_KEYADD")); + AppendMenuW (popup, MF_STRING, IDM_KEYFILES_POPUP_ADD_DIR, GetString ("IDC_ADD_KEYFILE_PATH")); + AppendMenuW (popup, MF_STRING, IDM_KEYFILES_POPUP_ADD_TOKEN_FILES, GetString ("IDC_TOKEN_FILES_ADD")); + + sel = TrackPopupMenu (popup, TPM_RETURNCMD | TPM_LEFTBUTTON, popupPosition.x, popupPosition.y, 0, hwndDlg, NULL); + + switch (sel) + { + case IDM_KEYFILES_POPUP_ADD_FILES: + { + KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); + if (kf) + { + if (SelectMultipleFiles (hwndDlg, "SELECT_KEYFILE", kf->FileName, sizeof(kf->FileName),bHistory)) + { + do + { + param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); + kf = (KeyFile *) malloc (sizeof (KeyFile)); + } while (SelectMultipleFilesNext (kf->FileName, sizeof(kf->FileName))); + + param->EnableKeyFiles = TRUE; + status = TRUE; + } + + free (kf); + } + } + break; + + case IDM_KEYFILES_POPUP_ADD_DIR: + { + KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); + if (kf) + { + if (BrowseDirectories (hwndDlg,"SELECT_KEYFILE_PATH", kf->FileName)) + { + param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); + param->EnableKeyFiles = TRUE; + status = TRUE; + } + else + { + free (kf); + } + } + } + break; + + case IDM_KEYFILES_POPUP_ADD_TOKEN_FILES: + { + list selectedTokenKeyfiles; + if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_TOKEN_KEYFILES), hwndDlg, (DLGPROC) SecurityTokenKeyfileDlgProc, (LPARAM) &selectedTokenKeyfiles) == IDOK) + { + foreach (const SecurityTokenKeyfilePath &keyPath, selectedTokenKeyfiles) + { + KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); + if (kf) + { + StringCbCopyW (kf->FileName, sizeof (kf->FileName), wstring (keyPath).c_str()); + + param->FirstKeyFile = KeyFileAdd (param->FirstKeyFile, kf); + param->EnableKeyFiles = TRUE; + status = TRUE; + } + } + } + } + break; + } + + DestroyMenu (popup); + return status; +} diff --git a/src/Common/Keyfiles.h b/src/Common/Keyfiles.h index 899cd9e4..dea906b1 100644 --- a/src/Common/Keyfiles.h +++ b/src/Common/Keyfiles.h @@ -1,54 +1,54 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef KEYFILES_H -#define KEYFILES_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include "Common.h" - -#define KEYFILE_POOL_SIZE 64 -#define KEYFILE_MAX_READ_LEN (1024*1024) - -typedef struct KeyFileStruct -{ - wchar_t FileName[MAX_PATH + 1]; - struct KeyFileStruct *Next; -} KeyFile; - -typedef struct -{ - wchar_t VolumeFileName[MAX_PATH + 1]; - BOOL EnableKeyFiles; - KeyFile *FirstKeyFile; -} KeyFilesDlgParam; - -KeyFile *KeyFileAdd (KeyFile *firstKeyFile, KeyFile *keyFile); -void KeyFileRemoveAll (KeyFile **firstKeyFile); -KeyFile *KeyFileClone (KeyFile *keyFile); -void KeyFileCloneAll (KeyFile *firstKeyFile, KeyFile **outputKeyFile); -BOOL KeyFilesApply (HWND hwndDlg, Password *password, KeyFile *firstKeyFilem, const wchar_t* volumeFileName); -BOOL KeyFilesApplyWithPin (HWND hwndDlg, Password *password, char* pin, KeyFile *firstKeyFilem, const wchar_t* volumeFileName); - -BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); -BOOL KeyfilesPopupMenu (HWND hwndDlg, POINT popupPosition, KeyFilesDlgParam *dialogParam); - -extern BOOL HiddenFilesPresentInKeyfilePath; - -#ifdef __cplusplus -} -#endif - -#endif /* #ifndef KEYFILES_H */ +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef KEYFILES_H +#define KEYFILES_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "Common.h" + +#define KEYFILE_POOL_SIZE 64 +#define KEYFILE_MAX_READ_LEN (1024*1024) + +typedef struct KeyFileStruct +{ + wchar_t FileName[MAX_PATH + 1]; + struct KeyFileStruct *Next; +} KeyFile; + +typedef struct +{ + wchar_t VolumeFileName[MAX_PATH + 1]; + BOOL EnableKeyFiles; + KeyFile *FirstKeyFile; +} KeyFilesDlgParam; + +KeyFile *KeyFileAdd (KeyFile *firstKeyFile, KeyFile *keyFile); +void KeyFileRemoveAll (KeyFile **firstKeyFile); +KeyFile *KeyFileClone (KeyFile *keyFile); +void KeyFileCloneAll (KeyFile *firstKeyFile, KeyFile **outputKeyFile); +BOOL KeyFilesApply (HWND hwndDlg, Password *password, KeyFile *firstKeyFilem, const wchar_t* volumeFileName); +BOOL KeyFilesApplyWithPin (HWND hwndDlg, Password *password, char* pin, KeyFile *firstKeyFilem, const wchar_t* volumeFileName); + +BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); +BOOL KeyfilesPopupMenu (HWND hwndDlg, POINT popupPosition, KeyFilesDlgParam *dialogParam); + +extern BOOL HiddenFilesPresentInKeyfilePath; + +#ifdef __cplusplus +} +#endif + +#endif /* #ifndef KEYFILES_H */ diff --git a/src/Common/Language.c b/src/Common/Language.c index 44615e65..3d9b22d3 100644 --- a/src/Common/Language.c +++ b/src/Common/Language.c @@ -1,583 +1,583 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Language.h" -#include "Dlgcode.h" -#include "Dictionary.h" -#include "Tcdefs.h" -#include "Xml.h" - -#include "../Common/Resource.h" - -#ifdef TCMOUNT -#include "../Mount/Resource.h" -#endif - -#ifdef VOLFORMAT -#include "../Format/Resource.h" -#endif - -#ifdef SETUP -#include "../Setup/Resource.h" -#endif - -#include - -BOOL LocalizationActive; -int LocalizationSerialNo; - -wchar_t UnknownString[1024] = {0}; -static char *LanguageFileBuffer = NULL; -static HANDLE LanguageFileFindHandle = INVALID_HANDLE_VALUE; -static char PreferredLangId[6] = {0}; -static char *LanguageResource = NULL; -static DWORD LanguageResourceSize = 0; -static char *HeaderResource[2] = {NULL, NULL}; -static DWORD HeaderResourceSize[2] = {0, 0}; -static char ActiveLangPackVersion[6] = {0}; - -static char *MapFirstLanguageFile () -{ - if (LanguageFileFindHandle != INVALID_HANDLE_VALUE) - { - FindClose (LanguageFileFindHandle); - LanguageFileFindHandle = INVALID_HANDLE_VALUE; - } - - if (LanguageFileBuffer != NULL) - { - free (LanguageFileBuffer); - LanguageFileBuffer = NULL; - } - - if (LanguageResource == NULL) - { - DWORD size; - LanguageResource = MapResource (L"Xml", IDR_LANGUAGE, &size); - if (LanguageResource) - LanguageResourceSize = size; - } - - if (LanguageResource) - { - LanguageFileBuffer = malloc(LanguageResourceSize + 1); - if (LanguageFileBuffer) - { - memcpy (LanguageFileBuffer, LanguageResource, LanguageResourceSize); - LanguageFileBuffer[LanguageResourceSize] = 0; - } - } - - return LanguageFileBuffer; -} - - -static char *MapNextLanguageFile () -{ - wchar_t f[TC_MAX_PATH*2], *t; - WIN32_FIND_DATAW find; - HANDLE file; - DWORD read; - BOOL bStatus; - - /* free memory here to avoid leaks */ - if (LanguageFileBuffer != NULL) - { - free (LanguageFileBuffer); - LanguageFileBuffer = NULL; - } - - if (LanguageFileFindHandle == INVALID_HANDLE_VALUE) - { - GetModuleFileNameW (NULL, f, sizeof (f) / sizeof (f[0])); - t = wcsrchr (f, L'\\'); - if (t == NULL) return NULL; - - *t = 0; - StringCbCatW (f, sizeof(f), L"\\Language*.xml"); - - LanguageFileFindHandle = FindFirstFileW (f, &find); - } - else if (!FindNextFileW (LanguageFileFindHandle, &find)) - { - FindClose (LanguageFileFindHandle); - LanguageFileFindHandle = INVALID_HANDLE_VALUE; - return NULL; - } - - if (LanguageFileFindHandle == INVALID_HANDLE_VALUE) return NULL; - if (find.nFileSizeHigh != 0) return NULL; - - LanguageFileBuffer = malloc(find.nFileSizeLow + 1); - if (LanguageFileBuffer == NULL) return NULL; - - GetModuleFileNameW (NULL, f, sizeof (f) / sizeof(f[0])); - t = wcsrchr (f, L'\\'); - if (t == NULL) - { - free(LanguageFileBuffer); - LanguageFileBuffer = NULL; - return NULL; - } - - t[1] = 0; - StringCbCatW (f, sizeof(f),find.cFileName); - - file = CreateFileW (f, GENERIC_READ, 0, NULL, OPEN_EXISTING, 0, NULL); - if (file == INVALID_HANDLE_VALUE) - { - free(LanguageFileBuffer); - LanguageFileBuffer = NULL; - return NULL; - } - - bStatus = ReadFile (file, LanguageFileBuffer, find.nFileSizeLow, &read, NULL); - CloseHandle (file); - if (!bStatus || (read != find.nFileSizeLow)) - { - free(LanguageFileBuffer); - LanguageFileBuffer = NULL; - return NULL; - } - - LanguageFileBuffer [find.nFileSizeLow] = 0; // we have allocated (find.nFileSizeLow + 1) bytes - - return LanguageFileBuffer; -} - - -BOOL LoadLanguageFile () -{ - DWORD size; - BYTE *res; - char *xml, *header, *headerPtr; - char langId[6] = "en", attr[32768], key[128]; - BOOL defaultLangParsed = FALSE, langFound = FALSE; - WCHAR wattr[32768]; - int i, intKey, len; - - char *xmlElements[] = {"control", "string", 0}; - -#ifdef TCMOUNT - int headers[] = { IDR_COMMON_RSRC_HEADER, IDR_MOUNT_RSRC_HEADER, 0 }; -#endif - -#ifdef VOLFORMAT - int headers[] = { IDR_COMMON_RSRC_HEADER, IDR_FORMAT_RSRC_HEADER, 0 }; -#endif - -#ifdef SETUP - int headers[] = { IDR_COMMON_RSRC_HEADER, IDR_SETUP_RSRC_HEADER, 0 }; -#endif - - LocalizationActive = FALSE; - ActiveLangPackVersion[0] = 0; - ClearDictionaryPool (); - - if (PreferredLangId[0] != 0) - StringCbCopyA (langId, sizeof(langId), PreferredLangId); - - // Parse all available language files until preferred language is found - for (res = MapFirstLanguageFile (); res != NULL; res = MapNextLanguageFile ()) - { - xml = (char *) res; - xml = XmlFindElement (xml, "localization"); - if (!xml) - continue; - - // Required TrueCrypt version - XmlGetAttributeText (xml, "prog-version", attr, sizeof (attr)); - - // Check version of external language file - if (defaultLangParsed && strcmp (attr, VERSION_STRING) && strcmp (attr, "DEBUG")) - { - wchar_t m[2048]; - StringCbPrintfW (m, sizeof(m), L"The installed language pack is incompatible with this version of VeraCrypt (the language pack is for VeraCrypt %hs). A newer version may be available at www.idrix.fr.\n\nTo prevent this message from being displayed, do any of the following:\n\n- Select 'Settings' > 'Language'; then select 'English' and click 'OK'.\n\n- Remove or replace the language pack with a compatible version (the language pack may reside e.g. in 'C:\\Program Files\\VeraCrypt' or '%%LOCALAPPDATA%%\\VirtualStore\\Program Files\\VeraCrypt', etc.)", attr); - MessageBoxW (NULL, m, L"VeraCrypt", MB_ICONERROR); - continue; - } - - // Search language id in language file - if (defaultLangParsed) - { - while (xml = XmlFindElement (xml, "language")) - { - XmlGetAttributeText (xml, "langid", attr, sizeof (attr)); - if (strcmp (attr, langId) == 0) - { - XmlGetAttributeText (xml++, "version", ActiveLangPackVersion, sizeof (ActiveLangPackVersion)); - langFound = TRUE; - break; - } - xml++; - } - - if (!langFound) continue; - } - - // Create font dictionary - xml = (char *) res; - while (xml = XmlFindElement (xml, "font")) - { - XmlGetAttributeText (xml, "lang", attr, sizeof (attr)); - if (!defaultLangParsed - || strcmp (attr, langId) == 0) - { - Font font; - memset (&font, 0, sizeof (font)); - - XmlGetAttributeText (xml, "face", attr, sizeof (attr)); - - len = MultiByteToWideChar (CP_UTF8, 0, attr, -1, wattr, sizeof (wattr) / sizeof(wattr[0])); - font.FaceName = AddPoolData ((void *) wattr, len * 2); - - XmlGetAttributeText (xml, "size", attr, sizeof (attr)); - sscanf (attr, "%d", &font.Size); - - StringCbCopyA (attr, sizeof(attr), "font_"); - XmlGetAttributeText (xml, "class", attr + 5, sizeof (attr) - 5); - AddDictionaryEntry ( - AddPoolData ((void *) attr, strlen (attr) + 1), 0, - AddPoolData ((void *) &font, sizeof(font))); - } - - xml++; - } - - // Create string and control dictionaries - for (i = 0; xmlElements[i] != 0; i++) - { - xml = (char *) res; - while (xml = XmlFindElement (xml, xmlElements[i])) - { - void *key; - void *text; - - XmlGetAttributeText (xml, "lang", attr, sizeof (attr)); - if (!defaultLangParsed - || strcmp (attr, langId) == 0) - { - if (XmlGetAttributeText (xml, "key", attr, sizeof (attr))) - { - key = AddPoolData (attr, strlen (attr) + 1); - if (key == NULL) return FALSE; - - XmlGetNodeText (xml, attr, sizeof (attr)); - - // Parse \ escape sequences - { - char *in = attr, *out = attr; - while (*in) - { - if (*in == '\\') - { - in++; - switch (*in++) - { - case '\\': *out++ = '\\'; break; - case 't': *out++ = '\t'; break; - case 'n': *out++ = 13; *out++ = 10; break; - default: - MessageBoxA (0, key, "VeraCrypt: Unknown '\\' escape sequence in string", MB_ICONERROR); - return FALSE; - } - } - else - *out++ = *in++; - } - *out = 0; - } - - // UTF8 => wide char - len = MultiByteToWideChar (CP_UTF8, 0, attr, -1, wattr, sizeof (wattr) / sizeof(wattr[0])); - if (len == 0) - { - MessageBoxA (0, key, "VeraCrypt: Error while decoding UTF-8 string", MB_ICONERROR); - return FALSE; - } - - // Add to dictionary - text = AddPoolData ((void *) wattr, len * 2); - if (text == NULL) return FALSE; - - AddDictionaryEntry ((char *) key, 0, text); - } - } - - xml++; - } - } - - if (langFound) - break; - - if (!defaultLangParsed) - { - defaultLangParsed = TRUE; - if (langId[0] == 0 || strcmp (langId, "en") == 0) - break; - } - } - - LocalizationActive = langFound && strcmp (langId, "en") != 0; - LocalizationSerialNo++; - - // Create control ID dictionary - - // Default controls - AddDictionaryEntry (NULL, 1, GetString ("IDOK")); - AddDictionaryEntry (NULL, 2, GetString ("IDCANCEL")); - AddDictionaryEntry (NULL, 8, GetString ("IDCLOSE")); - AddDictionaryEntry (NULL, 9, GetString ("IDHELP")); - - for (i = 0; headers[i] != 0; i++) - { - if (HeaderResource[i] == NULL) - { - HeaderResource[i] = MapResource (L"Header", headers[i], &size); - if (HeaderResource[i]) - HeaderResourceSize[i] = size; - } - - headerPtr = NULL; - if (HeaderResource[i]) - { - headerPtr = (char*) malloc (HeaderResourceSize[i] + 1); - if (headerPtr) - { - memcpy (headerPtr, HeaderResource[i], HeaderResourceSize[i]); - headerPtr [HeaderResourceSize[i]] = 0; - } - } - - header = headerPtr; - if (header == NULL) return FALSE; - - do - { - if (sscanf (header, "#define %127s %d", key, &intKey) == 2) - { - WCHAR *str = GetString (key); - - if (str != UnknownString) - AddDictionaryEntry (NULL, intKey, str); - } - - } while ((header = strchr (header, '\n') + 1) != (char *) 1); - - free (headerPtr); - } - - return TRUE; -} - - -// lParam = 1: auto mode -BOOL CALLBACK LanguageDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - WORD hw = HIWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - char *xml; - char attr[2048], lastLangId[10]; - WCHAR wattr[2048]; - int len; - int langCount = 0; - BOOL defaultLangFound = FALSE; - - LocalizeDialog (hwndDlg, "IDD_LANGUAGE"); - ToHyperlink (hwndDlg, IDC_GET_LANG_PACKS); - - for (xml = MapFirstLanguageFile (); xml != NULL; xml = MapNextLanguageFile ()) - { - while (xml = XmlFindElement (xml, "language")) - { - XmlGetAttributeText (xml, "name", attr, sizeof (attr)); - len = MultiByteToWideChar (CP_UTF8, 0, attr, -1, wattr, sizeof (wattr) / sizeof(wattr[0])); - - if (len != 0 - && (!defaultLangFound || wcscmp (wattr, L"English") != 0)) - { - int i = (int) SendDlgItemMessageW (hwndDlg, IDC_LANGLIST, LB_ADDSTRING, 0, (LPARAM)wattr); - if (i >= 0) - { - int id; - - // Encode language id in LPARAM - XmlGetAttributeText (xml, "langid", attr, sizeof (attr)); - switch (strlen (attr)) - { - case 2: id = attr[0] | attr[1] << 8; break; - case 5: id = attr[0] | attr[1] << 8 | attr[3] << 16 | attr[4] << 24; break; - default: continue; - } - - if (!defaultLangFound) - defaultLangFound = TRUE; - - SendDlgItemMessage (hwndDlg, IDC_LANGLIST, LB_SETITEMDATA, i, (LPARAM) id); - - if (strcmp (attr, PreferredLangId) == 0) - { - char credits [10000]; - WCHAR wcredits [10000]; - WCHAR wversion [20]; - wchar_t szVers [200]; - int nLen; - - SendDlgItemMessage (hwndDlg, IDC_LANGLIST, LB_SETCURSEL, i, 0); - - // Language pack version - if (!ActiveLangPackVersion[0] || memcmp (ActiveLangPackVersion, "0.0.0", 5) == 0) - { - StringCbPrintfW (szVers, sizeof(szVers), GetString("LANG_PACK_VERSION"), L"--"); - } - else - { - nLen = MultiByteToWideChar (CP_UTF8, 0, ActiveLangPackVersion, -1, wversion, sizeof (wversion) / sizeof(wversion[0])); - if (nLen != 0) - StringCbPrintfW (szVers, sizeof(szVers),GetString("LANG_PACK_VERSION"), wversion); - } - SetWindowTextW (GetDlgItem (hwndDlg, IDC_LANGPACK_VERSION), szVers); - - // Translator credits - XmlGetAttributeText (xml, "translators", credits, sizeof (credits)); - nLen = MultiByteToWideChar (CP_UTF8, 0, credits, -1, wcredits, sizeof (wcredits) / sizeof(wcredits[0])); - if (nLen != 0) - { - SetWindowTextW (GetDlgItem (hwndDlg, IDC_LANGPACK_CREDITS), wcredits); - } - } - - StringCbCopyA (lastLangId, sizeof(lastLangId),attr); - langCount++; - } - } - - xml++; - } - } - - if (lParam == 1) - { - // Auto mode - if (langCount < 2) - EndDialog (hwndDlg, IDCANCEL); - - if (langCount == 2) - StringCbCopyA (PreferredLangId, sizeof(PreferredLangId), lastLangId); - - EndDialog (hwndDlg, IDOK); - } - - return 1; - } - - case WM_COMMAND: - - if (lw == IDOK || hw == LBN_DBLCLK) - { - int i = (int) SendDlgItemMessage (hwndDlg, IDC_LANGLIST, LB_GETCURSEL, 0, 0); - - if (i >= 0) - { - int id = (int) SendDlgItemMessage (hwndDlg, IDC_LANGLIST, LB_GETITEMDATA, i, 0); - - if (id != LB_ERR) - { - char l[6]; - - // Decode language id from LPARAM - l[0] = (char) id; - l[1] = (char) (id >> 8); - l[2] = 0; - - if ((id & 0xffff0000) != 0) - { - l[2] = '-'; - l[3] = (char) (id >> 16); - l[4] = id >> 24; - l[5] = 0; - } - - if (SendDlgItemMessage (hwndDlg, IDC_LANGLIST, LB_GETCOUNT, 0, 0) > 1) - StringCbCopyA (PreferredLangId, sizeof(PreferredLangId), l); - } - } - - EndDialog (hwndDlg, IDOK); - return 1; - } - - if (lw == IDCANCEL) - { - EndDialog (hwndDlg, lw); - return 1; - } - - if (lw == IDC_GET_LANG_PACKS) - { - char tmpstr [256]; - - if (strlen (ActiveLangPackVersion) > 0 && strlen (GetPreferredLangId()) > 0) - StringCbPrintfA (tmpstr, sizeof(tmpstr), "&langpackversion=%s&lang=%s", ActiveLangPackVersion, GetPreferredLangId()); - else - tmpstr[0] = 0; - - Applink ("localizations", TRUE, tmpstr); - - return 1; - } - return 0; - } - - return 0; -} - - -char *GetPreferredLangId () -{ - return PreferredLangId; -} - - -void SetPreferredLangId (char *langId) -{ - StringCbCopyA (PreferredLangId, sizeof(PreferredLangId), langId); -} - - -char *GetActiveLangPackVersion () -{ - return ActiveLangPackVersion; -} - - -wchar_t *GetString (const char *stringId) -{ - WCHAR *str = (WCHAR *) GetDictionaryValue (stringId); - if (str != NULL) return str; - - StringCbPrintfW (UnknownString, sizeof(UnknownString), UNKNOWN_STRING_ID L"%hs" UNKNOWN_STRING_ID, stringId); - return UnknownString; -} - - -Font *GetFont (char *fontType) -{ - return (Font *) GetDictionaryValue (fontType); - -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Language.h" +#include "Dlgcode.h" +#include "Dictionary.h" +#include "Tcdefs.h" +#include "Xml.h" + +#include "../Common/Resource.h" + +#ifdef TCMOUNT +#include "../Mount/Resource.h" +#endif + +#ifdef VOLFORMAT +#include "../Format/Resource.h" +#endif + +#ifdef SETUP +#include "../Setup/Resource.h" +#endif + +#include + +BOOL LocalizationActive; +int LocalizationSerialNo; + +wchar_t UnknownString[1024] = {0}; +static char *LanguageFileBuffer = NULL; +static HANDLE LanguageFileFindHandle = INVALID_HANDLE_VALUE; +static char PreferredLangId[6] = {0}; +static char *LanguageResource = NULL; +static DWORD LanguageResourceSize = 0; +static char *HeaderResource[2] = {NULL, NULL}; +static DWORD HeaderResourceSize[2] = {0, 0}; +static char ActiveLangPackVersion[6] = {0}; + +static char *MapFirstLanguageFile () +{ + if (LanguageFileFindHandle != INVALID_HANDLE_VALUE) + { + FindClose (LanguageFileFindHandle); + LanguageFileFindHandle = INVALID_HANDLE_VALUE; + } + + if (LanguageFileBuffer != NULL) + { + free (LanguageFileBuffer); + LanguageFileBuffer = NULL; + } + + if (LanguageResource == NULL) + { + DWORD size; + LanguageResource = MapResource (L"Xml", IDR_LANGUAGE, &size); + if (LanguageResource) + LanguageResourceSize = size; + } + + if (LanguageResource) + { + LanguageFileBuffer = malloc(LanguageResourceSize + 1); + if (LanguageFileBuffer) + { + memcpy (LanguageFileBuffer, LanguageResource, LanguageResourceSize); + LanguageFileBuffer[LanguageResourceSize] = 0; + } + } + + return LanguageFileBuffer; +} + + +static char *MapNextLanguageFile () +{ + wchar_t f[TC_MAX_PATH*2], *t; + WIN32_FIND_DATAW find; + HANDLE file; + DWORD read; + BOOL bStatus; + + /* free memory here to avoid leaks */ + if (LanguageFileBuffer != NULL) + { + free (LanguageFileBuffer); + LanguageFileBuffer = NULL; + } + + if (LanguageFileFindHandle == INVALID_HANDLE_VALUE) + { + GetModuleFileNameW (NULL, f, sizeof (f) / sizeof (f[0])); + t = wcsrchr (f, L'\\'); + if (t == NULL) return NULL; + + *t = 0; + StringCbCatW (f, sizeof(f), L"\\Language*.xml"); + + LanguageFileFindHandle = FindFirstFileW (f, &find); + } + else if (!FindNextFileW (LanguageFileFindHandle, &find)) + { + FindClose (LanguageFileFindHandle); + LanguageFileFindHandle = INVALID_HANDLE_VALUE; + return NULL; + } + + if (LanguageFileFindHandle == INVALID_HANDLE_VALUE) return NULL; + if (find.nFileSizeHigh != 0) return NULL; + + LanguageFileBuffer = malloc(find.nFileSizeLow + 1); + if (LanguageFileBuffer == NULL) return NULL; + + GetModuleFileNameW (NULL, f, sizeof (f) / sizeof(f[0])); + t = wcsrchr (f, L'\\'); + if (t == NULL) + { + free(LanguageFileBuffer); + LanguageFileBuffer = NULL; + return NULL; + } + + t[1] = 0; + StringCbCatW (f, sizeof(f),find.cFileName); + + file = CreateFileW (f, GENERIC_READ, 0, NULL, OPEN_EXISTING, 0, NULL); + if (file == INVALID_HANDLE_VALUE) + { + free(LanguageFileBuffer); + LanguageFileBuffer = NULL; + return NULL; + } + + bStatus = ReadFile (file, LanguageFileBuffer, find.nFileSizeLow, &read, NULL); + CloseHandle (file); + if (!bStatus || (read != find.nFileSizeLow)) + { + free(LanguageFileBuffer); + LanguageFileBuffer = NULL; + return NULL; + } + + LanguageFileBuffer [find.nFileSizeLow] = 0; // we have allocated (find.nFileSizeLow + 1) bytes + + return LanguageFileBuffer; +} + + +BOOL LoadLanguageFile () +{ + DWORD size; + BYTE *res; + char *xml, *header, *headerPtr; + char langId[6] = "en", attr[32768], key[128]; + BOOL defaultLangParsed = FALSE, langFound = FALSE; + WCHAR wattr[32768]; + int i, intKey, len; + + char *xmlElements[] = {"control", "string", 0}; + +#ifdef TCMOUNT + int headers[] = { IDR_COMMON_RSRC_HEADER, IDR_MOUNT_RSRC_HEADER, 0 }; +#endif + +#ifdef VOLFORMAT + int headers[] = { IDR_COMMON_RSRC_HEADER, IDR_FORMAT_RSRC_HEADER, 0 }; +#endif + +#ifdef SETUP + int headers[] = { IDR_COMMON_RSRC_HEADER, IDR_SETUP_RSRC_HEADER, 0 }; +#endif + + LocalizationActive = FALSE; + ActiveLangPackVersion[0] = 0; + ClearDictionaryPool (); + + if (PreferredLangId[0] != 0) + StringCbCopyA (langId, sizeof(langId), PreferredLangId); + + // Parse all available language files until preferred language is found + for (res = MapFirstLanguageFile (); res != NULL; res = MapNextLanguageFile ()) + { + xml = (char *) res; + xml = XmlFindElement (xml, "localization"); + if (!xml) + continue; + + // Required TrueCrypt version + XmlGetAttributeText (xml, "prog-version", attr, sizeof (attr)); + + // Check version of external language file + if (defaultLangParsed && strcmp (attr, VERSION_STRING) && strcmp (attr, "DEBUG")) + { + wchar_t m[2048]; + StringCbPrintfW (m, sizeof(m), L"The installed language pack is incompatible with this version of VeraCrypt (the language pack is for VeraCrypt %hs). A newer version may be available at www.idrix.fr.\n\nTo prevent this message from being displayed, do any of the following:\n\n- Select 'Settings' > 'Language'; then select 'English' and click 'OK'.\n\n- Remove or replace the language pack with a compatible version (the language pack may reside e.g. in 'C:\\Program Files\\VeraCrypt' or '%%LOCALAPPDATA%%\\VirtualStore\\Program Files\\VeraCrypt', etc.)", attr); + MessageBoxW (NULL, m, L"VeraCrypt", MB_ICONERROR); + continue; + } + + // Search language id in language file + if (defaultLangParsed) + { + while (xml = XmlFindElement (xml, "language")) + { + XmlGetAttributeText (xml, "langid", attr, sizeof (attr)); + if (strcmp (attr, langId) == 0) + { + XmlGetAttributeText (xml++, "version", ActiveLangPackVersion, sizeof (ActiveLangPackVersion)); + langFound = TRUE; + break; + } + xml++; + } + + if (!langFound) continue; + } + + // Create font dictionary + xml = (char *) res; + while (xml = XmlFindElement (xml, "font")) + { + XmlGetAttributeText (xml, "lang", attr, sizeof (attr)); + if (!defaultLangParsed + || strcmp (attr, langId) == 0) + { + Font font; + memset (&font, 0, sizeof (font)); + + XmlGetAttributeText (xml, "face", attr, sizeof (attr)); + + len = MultiByteToWideChar (CP_UTF8, 0, attr, -1, wattr, sizeof (wattr) / sizeof(wattr[0])); + font.FaceName = AddPoolData ((void *) wattr, len * 2); + + XmlGetAttributeText (xml, "size", attr, sizeof (attr)); + sscanf (attr, "%d", &font.Size); + + StringCbCopyA (attr, sizeof(attr), "font_"); + XmlGetAttributeText (xml, "class", attr + 5, sizeof (attr) - 5); + AddDictionaryEntry ( + AddPoolData ((void *) attr, strlen (attr) + 1), 0, + AddPoolData ((void *) &font, sizeof(font))); + } + + xml++; + } + + // Create string and control dictionaries + for (i = 0; xmlElements[i] != 0; i++) + { + xml = (char *) res; + while (xml = XmlFindElement (xml, xmlElements[i])) + { + void *key; + void *text; + + XmlGetAttributeText (xml, "lang", attr, sizeof (attr)); + if (!defaultLangParsed + || strcmp (attr, langId) == 0) + { + if (XmlGetAttributeText (xml, "key", attr, sizeof (attr))) + { + key = AddPoolData (attr, strlen (attr) + 1); + if (key == NULL) return FALSE; + + XmlGetNodeText (xml, attr, sizeof (attr)); + + // Parse \ escape sequences + { + char *in = attr, *out = attr; + while (*in) + { + if (*in == '\\') + { + in++; + switch (*in++) + { + case '\\': *out++ = '\\'; break; + case 't': *out++ = '\t'; break; + case 'n': *out++ = 13; *out++ = 10; break; + default: + MessageBoxA (0, key, "VeraCrypt: Unknown '\\' escape sequence in string", MB_ICONERROR); + return FALSE; + } + } + else + *out++ = *in++; + } + *out = 0; + } + + // UTF8 => wide char + len = MultiByteToWideChar (CP_UTF8, 0, attr, -1, wattr, sizeof (wattr) / sizeof(wattr[0])); + if (len == 0) + { + MessageBoxA (0, key, "VeraCrypt: Error while decoding UTF-8 string", MB_ICONERROR); + return FALSE; + } + + // Add to dictionary + text = AddPoolData ((void *) wattr, len * 2); + if (text == NULL) return FALSE; + + AddDictionaryEntry ((char *) key, 0, text); + } + } + + xml++; + } + } + + if (langFound) + break; + + if (!defaultLangParsed) + { + defaultLangParsed = TRUE; + if (langId[0] == 0 || strcmp (langId, "en") == 0) + break; + } + } + + LocalizationActive = langFound && strcmp (langId, "en") != 0; + LocalizationSerialNo++; + + // Create control ID dictionary + + // Default controls + AddDictionaryEntry (NULL, 1, GetString ("IDOK")); + AddDictionaryEntry (NULL, 2, GetString ("IDCANCEL")); + AddDictionaryEntry (NULL, 8, GetString ("IDCLOSE")); + AddDictionaryEntry (NULL, 9, GetString ("IDHELP")); + + for (i = 0; headers[i] != 0; i++) + { + if (HeaderResource[i] == NULL) + { + HeaderResource[i] = MapResource (L"Header", headers[i], &size); + if (HeaderResource[i]) + HeaderResourceSize[i] = size; + } + + headerPtr = NULL; + if (HeaderResource[i]) + { + headerPtr = (char*) malloc (HeaderResourceSize[i] + 1); + if (headerPtr) + { + memcpy (headerPtr, HeaderResource[i], HeaderResourceSize[i]); + headerPtr [HeaderResourceSize[i]] = 0; + } + } + + header = headerPtr; + if (header == NULL) return FALSE; + + do + { + if (sscanf (header, "#define %127s %d", key, &intKey) == 2) + { + WCHAR *str = GetString (key); + + if (str != UnknownString) + AddDictionaryEntry (NULL, intKey, str); + } + + } while ((header = strchr (header, '\n') + 1) != (char *) 1); + + free (headerPtr); + } + + return TRUE; +} + + +// lParam = 1: auto mode +BOOL CALLBACK LanguageDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + WORD hw = HIWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + char *xml; + char attr[2048], lastLangId[10]; + WCHAR wattr[2048]; + int len; + int langCount = 0; + BOOL defaultLangFound = FALSE; + + LocalizeDialog (hwndDlg, "IDD_LANGUAGE"); + ToHyperlink (hwndDlg, IDC_GET_LANG_PACKS); + + for (xml = MapFirstLanguageFile (); xml != NULL; xml = MapNextLanguageFile ()) + { + while (xml = XmlFindElement (xml, "language")) + { + XmlGetAttributeText (xml, "name", attr, sizeof (attr)); + len = MultiByteToWideChar (CP_UTF8, 0, attr, -1, wattr, sizeof (wattr) / sizeof(wattr[0])); + + if (len != 0 + && (!defaultLangFound || wcscmp (wattr, L"English") != 0)) + { + int i = (int) SendDlgItemMessageW (hwndDlg, IDC_LANGLIST, LB_ADDSTRING, 0, (LPARAM)wattr); + if (i >= 0) + { + int id; + + // Encode language id in LPARAM + XmlGetAttributeText (xml, "langid", attr, sizeof (attr)); + switch (strlen (attr)) + { + case 2: id = attr[0] | attr[1] << 8; break; + case 5: id = attr[0] | attr[1] << 8 | attr[3] << 16 | attr[4] << 24; break; + default: continue; + } + + if (!defaultLangFound) + defaultLangFound = TRUE; + + SendDlgItemMessage (hwndDlg, IDC_LANGLIST, LB_SETITEMDATA, i, (LPARAM) id); + + if (strcmp (attr, PreferredLangId) == 0) + { + char credits [10000]; + WCHAR wcredits [10000]; + WCHAR wversion [20]; + wchar_t szVers [200]; + int nLen; + + SendDlgItemMessage (hwndDlg, IDC_LANGLIST, LB_SETCURSEL, i, 0); + + // Language pack version + if (!ActiveLangPackVersion[0] || memcmp (ActiveLangPackVersion, "0.0.0", 5) == 0) + { + StringCbPrintfW (szVers, sizeof(szVers), GetString("LANG_PACK_VERSION"), L"--"); + } + else + { + nLen = MultiByteToWideChar (CP_UTF8, 0, ActiveLangPackVersion, -1, wversion, sizeof (wversion) / sizeof(wversion[0])); + if (nLen != 0) + StringCbPrintfW (szVers, sizeof(szVers),GetString("LANG_PACK_VERSION"), wversion); + } + SetWindowTextW (GetDlgItem (hwndDlg, IDC_LANGPACK_VERSION), szVers); + + // Translator credits + XmlGetAttributeText (xml, "translators", credits, sizeof (credits)); + nLen = MultiByteToWideChar (CP_UTF8, 0, credits, -1, wcredits, sizeof (wcredits) / sizeof(wcredits[0])); + if (nLen != 0) + { + SetWindowTextW (GetDlgItem (hwndDlg, IDC_LANGPACK_CREDITS), wcredits); + } + } + + StringCbCopyA (lastLangId, sizeof(lastLangId),attr); + langCount++; + } + } + + xml++; + } + } + + if (lParam == 1) + { + // Auto mode + if (langCount < 2) + EndDialog (hwndDlg, IDCANCEL); + + if (langCount == 2) + StringCbCopyA (PreferredLangId, sizeof(PreferredLangId), lastLangId); + + EndDialog (hwndDlg, IDOK); + } + + return 1; + } + + case WM_COMMAND: + + if (lw == IDOK || hw == LBN_DBLCLK) + { + int i = (int) SendDlgItemMessage (hwndDlg, IDC_LANGLIST, LB_GETCURSEL, 0, 0); + + if (i >= 0) + { + int id = (int) SendDlgItemMessage (hwndDlg, IDC_LANGLIST, LB_GETITEMDATA, i, 0); + + if (id != LB_ERR) + { + char l[6]; + + // Decode language id from LPARAM + l[0] = (char) id; + l[1] = (char) (id >> 8); + l[2] = 0; + + if ((id & 0xffff0000) != 0) + { + l[2] = '-'; + l[3] = (char) (id >> 16); + l[4] = id >> 24; + l[5] = 0; + } + + if (SendDlgItemMessage (hwndDlg, IDC_LANGLIST, LB_GETCOUNT, 0, 0) > 1) + StringCbCopyA (PreferredLangId, sizeof(PreferredLangId), l); + } + } + + EndDialog (hwndDlg, IDOK); + return 1; + } + + if (lw == IDCANCEL) + { + EndDialog (hwndDlg, lw); + return 1; + } + + if (lw == IDC_GET_LANG_PACKS) + { + char tmpstr [256]; + + if (strlen (ActiveLangPackVersion) > 0 && strlen (GetPreferredLangId()) > 0) + StringCbPrintfA (tmpstr, sizeof(tmpstr), "&langpackversion=%s&lang=%s", ActiveLangPackVersion, GetPreferredLangId()); + else + tmpstr[0] = 0; + + Applink ("localizations", TRUE, tmpstr); + + return 1; + } + return 0; + } + + return 0; +} + + +char *GetPreferredLangId () +{ + return PreferredLangId; +} + + +void SetPreferredLangId (char *langId) +{ + StringCbCopyA (PreferredLangId, sizeof(PreferredLangId), langId); +} + + +char *GetActiveLangPackVersion () +{ + return ActiveLangPackVersion; +} + + +wchar_t *GetString (const char *stringId) +{ + WCHAR *str = (WCHAR *) GetDictionaryValue (stringId); + if (str != NULL) return str; + + StringCbPrintfW (UnknownString, sizeof(UnknownString), UNKNOWN_STRING_ID L"%hs" UNKNOWN_STRING_ID, stringId); + return UnknownString; +} + + +Font *GetFont (char *fontType) +{ + return (Font *) GetDictionaryValue (fontType); + +} diff --git a/src/Common/Language.h b/src/Common/Language.h index 7bce30a3..4e4c1795 100644 --- a/src/Common/Language.h +++ b/src/Common/Language.h @@ -1,43 +1,43 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#pragma once - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define UNKNOWN_STRING_ID L"[?]" - -extern BOOL LocalizationActive; -extern int LocalizationSerialNo; -extern wchar_t UnknownString[1024]; - -typedef struct -{ - wchar_t *FaceName; - int Size; -} Font; - -BOOL CALLBACK LanguageDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); -wchar_t *GetString (const char *stringId); -Font *GetFont (char *fontType); -BOOL LoadLanguageFile (); -char *GetPreferredLangId (); -void SetPreferredLangId (char *langId); -char *GetActiveLangPackVersion (); - -#ifdef __cplusplus -} -#endif +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#pragma once + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#define UNKNOWN_STRING_ID L"[?]" + +extern BOOL LocalizationActive; +extern int LocalizationSerialNo; +extern wchar_t UnknownString[1024]; + +typedef struct +{ + wchar_t *FaceName; + int Size; +} Font; + +BOOL CALLBACK LanguageDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); +wchar_t *GetString (const char *stringId); +Font *GetFont (char *fontType); +BOOL LoadLanguageFile (); +char *GetPreferredLangId (); +void SetPreferredLangId (char *langId); +char *GetActiveLangPackVersion (); + +#ifdef __cplusplus +} +#endif diff --git a/src/Common/Language.xml b/src/Common/Language.xml index add35c7a..99e260c0 100644 --- a/src/Common/Language.xml +++ b/src/Common/Language.xml @@ -1,1456 +1,1456 @@ - - - - - - - - - - - - Cancel - Install &for all users - Bro&wse... - Add VeraCrypt icon to &desktop - Donate now... - Associate the .hc file &extension with VeraCrypt - &Open the destination location when finished - Add VeraCrypt to &Start menu - Create System &Restore point - &Uninstall - &Extract - &Install - VeraCrypt Setup Wizard - Uninstall VeraCrypt - &Help - Please select or type the location where you want to place the extracted files: - Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. - Click Uninstall to remove VeraCrypt from this system. - Abort - &Benchmark - &Test - Create encrypted volume and format it - Encrypt partition in place - Display generated keys (their portions) - Display pool content - Download CD/DVD recording software - Create an encrypted file container - &GB - &TB - More information - Hi&dden VeraCrypt volume - More information about hidden volumes - Direct mode - Normal mode - &KB - U&se keyfiles - Try first to mount with an empty password - Random size ( 64 <-> 1048576 ) - &Keyfiles... - Information on hash algorithms - More information - Information on PIM - &MB - More information - More information about system encryption - More information - Multi-Boot - Encrypt a non-system partition/drive - &Never save history - Open Outer Volume - &Pause - Use P&IM - Use PIM - Quick Format - &Display password - &Display password - &Display PIM - Single-boot - Standard VeraCrypt volume - Hi&dden - Normal - Encrypt the system partition or entire system drive - Encrypt the Windows system partition - Encrypt the whole drive - VeraCrypt Volume Creation Wizard - Cluster - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. - &Confirm: - Done - Drive letter: - Encryption Algorithm - Filesystem - Creates a virtual encrypted disk within a file. Recommended for inexperienced users. - Options - Hash Algorithm - Header Key: - Left - Master Key: - Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X - Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. - Current pool content (partial) - Pass - Password: - Volume PIM: - Volume PIM: - Progress: - Random Pool: - Select this option if there is only one operating system installed on this computer (even if it has multiple users). - Speed - Status - The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. - Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. - Select this option to encrypt the partition where the currently running Windows operating system is installed. - Volume Label in Windows: - Wipe mode: - Close - Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) - Do nothing - &Auto-mount VeraCrypt volume (specified below) - &Start VeraCrypt - Auto-&Detect Library - &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) - Browse... - Browse... - Cache passwords and keyfil&es in memory - Exit when there are no mounted volumes - &Close token session (log out) after a volume is successfully mounted - Include VeraCrypt Volume Expander - Include VeraCrypt Volume Creation Wizard - Create - &Create Volume - Do not &show any texts in the pre-boot authentication screen (except the below custom message) - Disable "Evil Maid" attack detection - Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) - Use keyfiles - Use keyfiles - E&xit - Help on favorite volumes - Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed - Mount selected volume when its host device gets &connected - Mount selected volume upon log&on - Mount selected volume as read-o&nly - Mount selected volume as remo&vable medium - Move &Down - Move &Up - Open &Explorer window for selected volume when successfully mounted - &Remove - Use favorite label as Explorer drive label - Global Settings - Display balloon tooltip after successful hot-key dismount - Play system notification sound after successful hot-key dismount - Alt - Ctrl - Shift - Win - Assign - Remove - Keyfiles... - Do not use the following number of processors for encryption/decryption: - More information - More information - More Settings... - &Auto-Mount Devices - Mount Opti&ons... - Mount volume as read-&only - Keyfiles... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) - Enabled - Cache passwords in driver memory - Auto-dismount volume after no data has been read/written to it for - User logs off - User session locked - Entering power saving mode - Screen saver is launched - Force auto-dismount even if volume contains open files or directories - Mount all device-hosted VeraCrypt volumes - Start VeraCrypt Background Task - Mount volumes as read-only - Mount volumes as removable media - Open Explorer window for successfully mounted volume - Temporary Cache password during "Mount Favorite Volumes" operations - Use a different taskbar icon when there are mounted volumes - Wipe cached passwords on auto-dismount - Wipe cached passwords on exit - Preserve modification timestamp of file containers - Reset - Select D&evice... - Select &File... - Select &Library... - Display password - Display password - Open &Explorer window for mounted volume - &Cache password in driver memory - TrueCrypt Mode - Di&smount All - &Volume Properties... - Volume &Tools... - &Wipe Cache - VeraCrypt - Mount Parameters - VeraCrypt - Favorite Volumes - VeraCrypt - System-Wide Hot Keys - VeraCrypt - Change Password or Keyfiles - Enter VeraCrypt Volume Password - VeraCrypt - Performance and Driver Options - VeraCrypt - Preferences - VeraCrypt - System Encryption Settings - VeraCrypt - Security Token Preferences - VeraCrypt Traveler Disk Setup - VeraCrypt Volume Properties - About - Add/Remove Keyfiles to/from Volume... - Add Mounted Volume to Favorites... - Add Mounted Volume to System Favorites... - Analyze a System Crash... - Backup Volume Header... - Benchmark... - Set Header Key Derivation Algorithm... - Change Volume Password... - Set Header Key Derivation Algorithm... - Change Password... - Clear Volume History - Close All Security Token Sessions - Contact - Create Hidden Operating System... - Create Rescue Disk... - Create New Volume... - Permanently Decrypt... - Default Keyfiles... - Default Mount Parameters... - Donate now... - Encrypt System Partition/Drive... - Frequently Asked Questions - User's Guide - &Homepage - Hot Keys... - Keyfile Generator - Language... - Legal Notices - Manage Security Token Keyfiles... - Auto-Mount All Device-Hosted Volumes - Mount Favorite Volumes - Mount Without Pre-Boot &Authentication... - Mount Volume - Mount Volume with Options - News - Online Help - Beginner's Tutorial - Organize Favorite Volumes... - Organize System Favorite Volumes... - Performance/Driver Configuration - Permanently Decrypt System Partition/Drive - Preferences... - Refresh Drive Letters - Remove All Keyfiles from Volume... - Restore Volume Header... - Resume Interrupted Process - Select Device... - Select File... - Resume Interrupted Process - System Encryption... - Properties... - Settings... - System Favorite Volumes... - Downloads - Test Vectors... - Security Tokens... - Traveler Disk Setup... - Dismount All Mounted Volumes - Dismount Volume - Verify Rescue Disk - Verify Rescue Disk ISO Image - Version History - Volume Expander - Volume Properties - Volume Creation Wizard - VeraCrypt Website - Wipe Cached Passwords - OK - Hardware Acceleration - Shortcut - AutoRun Configuration (autorun.inf) - Auto-Dismount - Dismount all when: - Boot Loader Screen Options - Confirm Password: - Current - Display this custom message in the pre-boot authentication screen (24 characters maximum): - Default Mount Options - Hot Key Options - Driver Configuration - Enable extended disk control codes support - Label of selected favorite volume: - File Settings - Key to assign: - Processor (CPU) in this computer supports hardware acceleration for AES: - Actions to perform upon logon to Windows - minutes - Mount volume as drive letter: - Mount Settings - New - Password: - Thread-Based Parallelization - PKCS #11 Library Path - PKCS-5 PRF: - PKCS-5 PRF: - Password Cache - Security Options - VeraCrypt Background Task - VeraCrypt volume to mount (relative to traveler disk root): - Upon insertion of traveler disk: - Create traveler disk files at (traveler disk root directory): - Volume - Windows - Add &Path... - &Auto-Test All - &Continue - &Decrypt - &Delete - &Encrypt - &Export... - Generate and Save Keyfile... - &Generate Random Keyfile... - Download language pack - Hardware-accelerated AES: - &Import Keyfile to Token... - Add &Files... - U&se keyfiles - &Keyfiles... - &Remove - Remove &All - What is hidden volume protection? - More information on keyfiles - Mount volume as removable &medium - Mount partition &using system encryption without pre-boot authentication - Parallelization: - Benchmark - &Print - &Protect hidden volume against damage caused by writing to outer volume - &Reset - &Display password - Add &Token Files... - Use backup header embedded in &volume if available - XTS mode - About VeraCrypt - VeraCrypt - Encryption Algorithm Benchmark - VeraCrypt - Test Vectors - Command Line Help - VeraCrypt - Keyfiles - VeraCrypt - Keyfile Generator - VeraCrypt - Language - VeraCrypt - Mount Options - New Security Token Keyfile Properties - VeraCrypt - Random Pool Enrichment - Select a Partition or Device - VeraCrypt - Security Token Keyfiles - Security token password/PIN required - Active language pack - Speed is affected by CPU load and storage device characteristics.\n\nThese tests take place in RAM. - Buffer Size: - Cipher: - P&assword to hidden volume:\n(if empty, cache is used) - Hidden Volume Protection - Key size: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. - WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile! - bits - Number of keyfiles: - Keyfiles size (in Bytes): - Keyfiles base name: - Translated by: - Plaintext size: - bits - Current Pool Content - Mixing PRF: - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - Secondary key (hexadecimal) - Security token: - Sort Method: - Please wait. This process may take a long time... - Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. - Block number: - Ciphertext (hexadecimal) - Data unit number (64-bit hexadecimal, data unit size is 512 bytes) - Key (hexadecimal) - Plaintext (hexadecimal) - Keyfile name: - XTS mode - S&ystem - &Volumes - Favor&ites - T&ools - Settin&gs - &Help - Home&page - - &About... - The read-only attribute on your old volume could not be changed. Please check the file access permissions. - Error: Access denied.\n\nThe partition you are trying to access is either 0 sectors long, or it is the boot device. - Administrator - In order to load the VeraCrypt driver, you need to be logged into an account with administrator privileges. - Please note that in order to encrypt, decrypt or format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes. - In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue? - Please note that in order to format the volume as NTFS/exFAT you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT. - FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. - Volume is already mounted. - CAUTION: At least one encryption or hash algorithm failed the built-in automatic self-tests!\n\nVeraCrypt installation may be corrupted. - CAUTION: There is not enough data in the Random Number Generator pool to provide the requested amount of random data.\n\nYou should not proceed any further. Please select 'Report a Bug' from the Help menu, and report this error. - The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). - If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. - Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. - Invalid drive letter. - Invalid path. - Cancel - Cannot access device. Make sure the selected device exists and is not used by system. - Warning: Caps Lock is on. This may cause you to enter your password incorrectly. - Volume Type - It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. - Select this option if you want to create a normal VeraCrypt volume. - Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. - Outer Volume Encryption Options - Hidden Volume Encryption Options - Encryption Options - WARNING: Failed to clear the path of the last selected volume/keyfile (remembered by file selector)! - Error: The container has been compressed at the filesystem level. VeraCrypt does not support compressed containers (note that compression of encrypted data is ineffective and redundant).\n\nPlease disable compression for the container by following these steps:\n1) Right-click the container in Windows Explorer (not in VeraCrypt).\n2) Select 'Properties'.\n3) In the 'Properties' dialog box, click 'Advanced'.\n4) In the 'Advanced Attributes' dialog box, disable the option 'Compress contents to save disk space' and click 'OK'.\n5) In the 'Properties' dialog box, click 'OK'. - Failed to create volume %s - Size of %s is %.2f bytes - Size of %s is %.2f KB - Size of %s is %.2f MB - Size of %s is %.2f GB - Size of %s is %.2f TB - Size of %s is %.2f PB - WARNING: The device/partition is in use by the operating system or applications. Formatting the device/partition might cause data corruption and system instability.\n\nContinue? - Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? - Error: The device/partition contains a file system that could not be dismounted. The file system may be in use by the operating system. Formatting the device/partition would very likely cause data corruption and system instability.\n\nTo solve this issue, we recommend that you first delete the partition and then recreate it without formatting. To do so, follow these steps:\n1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear.\n2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'.\n3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'.\n4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5.\n5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'.\n6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'.\n7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again.\n8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. - Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. - WARNING: Some of the mounted devices/partitions were already in use!\n\nIgnoring this can cause undesired results including system instability.\n\nWe strongly recommend that you close any application that might be using the devices/partitions. - The selected device contains partitions.\n\nFormatting the device might cause system instability and/or data corruption. Please either select a partition on the device, or remove all partitions on the device to enable VeraCrypt to format it safely. - The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. - Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? - IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). - In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). - The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: The partition is too small. VeraCrypt cannot encrypt it in place. - To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. - VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). - Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. - Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. - Free space on drive %s is %.2f bytes. - Free space on drive %s is %.2f KB - Free space on drive %s is %.2f MB - Free space on drive %s is %.2f GB - Free space on drive %s is %.2f TB - Free space on drive %s is %.2f PB - Could not get available drive letters. - Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. - Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. - Error: Cipher initialization failure. - Error: A weak or a potentially weak key has been detected. The key will be discarded. Please try again. - A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). - A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). - VeraCrypt Critical Error - VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? - Do you want VeraCrypt to continue detecting system crashes? - VeraCrypt found no system crash minidump file. - Do you want to delete the Windows crash dump file to free up disk space? - In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). - After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. - Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). - It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) - Results of the analysis indicate that updating the following driver might solve this issue: - To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. - Do you want to send us the above error report? - &Encrypt - &Decrypt - &Permanently Decrypt - Exit - Please create a logical drive for this extended partition, and then try again. - A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. - Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. - Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. - A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. - \nSelect the location of the VeraCrypt volume within which you wish to create a hidden volume. - WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? - Error: Cannot mount volume. The host file/device is already in use. Attempt to mount without exclusive access failed as well. - The file could not be opened. - Volume Location - Large Files - Do you intend to store files larger than 4 GB in this VeraCrypt volume? - Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). - As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT/exFAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT/exFAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. - Are you sure you want to choose 'Yes'? - Volume Creation Mode - This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. - The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). - Note: - &Resume - &Defer - &Start - &Continue - &Format - &Wipe - Abort format? - Show more information - Do not show this again - The content of the partition/device has been successfully erased. - The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. - Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. - The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). - The system partition/drive has been successfully decrypted. - \n\nThe VeraCrypt volume has been created and is ready for use. If you wish to create another VeraCrypt volume, click Next. Otherwise, click Exit. - \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. - Volume Fully Encrypted - Volume Fully Decrypted - IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. - The VeraCrypt volume has been successfully decrypted. - The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. - Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. - The VeraCrypt volume has been successfully created. - Volume Created - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. - Click Format to create the outer volume. For more information, please refer to the documentation. - Outer Volume Format - Hidden Volume Format - Volume Format - Adobe Reader (or a compatible tool) is necessary to view or print the VeraCrypt User's Guide. Adobe Reader (freeware) can be downloaded at: www.adobe.com\n\nDo you want to view the online documentation instead? - If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. - If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. - Volume Creation Mode - Hidden Volume Created - The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! - You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. - The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). - Outer volume has been successfully created and mounted as drive %hc:. To this volume you should now copy some sensitive-looking files that you actually do NOT want to hide. The files will be there for anyone forcing you to disclose your password. You will reveal only the password for this outer volume, not for the hidden one. The files that you really care about will be stored in the hidden volume, which will be created later on. When you finish copying, click Next. Do not dismount the volume.\n\nNote: After you click Next, cluster bitmap of the outer volume will be scanned to determine the size of uninterrupted area of free space whose end is aligned with the end of the volume. This area will accommodate the hidden volume, so it will limit its maximum possible size. Cluster bitmap scanning ensures that no data on the outer volume are overwritten by the hidden volume. - Outer Volume Contents - \n\nIn the next steps, you will set the options for the outer volume (within which the hidden volume will be created later on). - \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). - Outer Volume - In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. - IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). - \n\nThe volume cluster bitmap has been scanned and the maximum possible size of the hidden volume has been determined. In the next steps you will set the options, the size, and the password for the hidden volume. - Hidden Volume - The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). - WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. - You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS/exFAT, which, however, will not be possible. - Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS/exFAT. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS/exFAT volume from within the decoy operating system. - For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. - For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). - There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. - Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. - Your computer must be restarted.\n\nDo you want to restart it now? - An error occurred when obtaining the system encryption status. - No password specified in the command line. The volume can't be created. - No volume size specified in the command line. The volume can't be created. - The volume file size specified in the command line is incompatible with selected NTFS filesystem. - The volume file size specified in the command line is incompatible with selected FAT32 filesystem. - The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. - Only container files can be created through the command line. - The container file size specified in the command line is greater than the available disk free space. Volume can't be created. - The volume size specified in the command line is too small. The volume can't be created. - The volume size specified in the command line is too big. The volume can't be created. - Cannot initialize application components for system encryption. - Failed to initialize the random number generator!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) - Unable to initialize the application. Failed to register the Dialog class. - Error: Failed to load the Rich Edit system library. - VeraCrypt Volume Creation Wizard - Maximum possible hidden volume size for this volume is %.2f bytes. - Maximum possible hidden volume size for this volume is %.2f KB. - Maximum possible hidden volume size for this volume is %.2f MB. - Maximum possible hidden volume size for this volume is %.2f GB. - Maximum possible hidden volume size for this volume is %.2f TB. - Volume password/keyfiles cannot be changed while the volume is mounted. Please dismount the volume first. - The header key derivation algorithm cannot be changed while the volume is mounted. Please dismount the volume first. - &Mount - A newer version of VeraCrypt is required to mount this volume. - Error: Volume Creation Wizard not found.\n\nPlease make sure that the file 'VeraCrypt Format.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCrypt Format.exe' on your disk and run it. - Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. - &Next > - &Finish - &Install - E&xtract - Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. - Error occurred when loading/preparing fonts. - The drive letter was not found or no drive letter was specified. - Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? - Drive letter not available. - No file selected! - No drive letters available. - No free drive letter for the outer volume! Volume creation cannot continue. - Could not determine your operating system version or you are using an unsupported operating system. - No path selected! - Not enough free space for the hidden volume! Volume creation cannot continue. - Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. - The driver is unable to dismount the volume. Some files located on the volume are probably still open. - Unable to lock the volume. There are still open files on the volume. Therefore, it cannot be dismounted. - VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? - Select a VeraCrypt Volume - Specify Path and File Name - Select PKCS #11 Library - Out of Memory - IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? - WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? - CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? - WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? - WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? - CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? - WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! - Erase any files stored on the partition by creating a VeraCrypt volume within it - Password - PIM - Set Header Key Derivation Algorithm - Add/Remove Keyfiles to/from Volume - Remove All Keyfiles from Volume - Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. - This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. - IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? - Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). - Keyfile(s) successfully added/removed. - Keyfile exported. - Header key derivation algorithm successfully set. - Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption/decryption.\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption/decryption has been interrupted and where the VeraCrypt volume header can be deciphered using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. - Please select one of the listed volumes. The list contains each accessible non-system volume where the process of encryption/decryption has been interrupted and where the volume header was successfully deciphered using the supplied password and/or keyfile(s). - Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. - It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. - Please choose a password for the hidden volume. - Please choose a password for the hidden operating system (i.e. for the hidden volume). - IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). - Please enter the password for the volume within which you wish to create a hidden volume.\n\nAfter you click Next, VeraCrypt will attempt to mount the volume. As soon as the volume is mounted, its cluster bitmap will be scanned to determine the size of the uninterrupted area of free space (if there is any) whose end is aligned with the end of the volume. This area will accommodate the hidden volume and therefore will limit its maximum possible size. Cluster map scanning is necessary to ensure that no data on the outer volume will be overwritten by the hidden volume. - \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. - Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). - Outer Volume Password - Hidden Volume Password - Password for Hidden Operating System - WARNING: Short passwords are easy to crack using brute force techniques!\n\nWe recommend choosing a password consisting of 20 or more characters. Are you sure you want to use a short password? - Volume Password - Operation failed due to one or more of the following:\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. - Operation failed due to one or more of the following:\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. - Operation failed due to one or more of the following:\n - Wrong mount mode.\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. - Operation failed due to one or more of the following:\n - Wrong mount mode.\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. - Auto-mount failed due to one or more of the following:\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found. - Auto-mount failed due to one or more of the following:\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found. - \n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly. - Remember Number to Mount Volume - Outer Volume PIM - Hidden Volume PIM - PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. - Remember Number to Boot System - You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. - You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? - Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. - Volume PIM - \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). - If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. - VeraCrypt has not found any volume where the process of encryption/decryption of a non-system volume has been interrupted and where the volume header can be deciphered using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). - The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X - The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X - \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. - In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. - VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). - Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. - < &Back - Unable to list raw devices installed on your system! - The volume '%s' exists, and is read-only. Are you sure you want to replace it? - Select destination directory - Select Keyfile - Select a keyfile search path. WARNING: Note that only the path will be remembered, not the filenames! - Select a directory where to store the keyfiles. - The current container file was selected as a keyfile. It will be skipped. - Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. - Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an exFAT volume is 424 KB. The minimum possible size of an NTFS volume is 3792 KB. - Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. - Outer Volume Size - Hidden Volume Size - Please verify that the size of the selected device/partition shown above is correct and click Next. - The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. - \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. - Volume Size - Dynamic - CAUTION: SELF-TEST FAILED! - Self-tests of all algorithms passed - The data unit number that you supplied is too long or short. - The secondary key that you supplied is too long or short. - The test ciphertext you have supplied is too long or short. - The test key you have supplied is too long or short. - The test plaintext you have supplied is too long or short. - Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. - Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). - VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. - VeraCrypt Traveler Disk - Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. - More information on %s - Unknown - An unspecified or unknown error occurred (%d). - Some volumes contain files or folders being used by applications or system.\n\nForce dismount? - &Dismount - Dismount failed! - Volume contains files or folders being used by applications or system.\n\nForce dismount? - No volume is mounted to the specified drive letter. - The volume you are trying to mount is already mounted. - An error occurred when attempting to mount volume. - Error seeking location within volume. - Error: Incorrect volume size. - WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? - Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? - Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) - Password cache wiped - Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. - VeraCrypt cannot change the password for a foreign volume. - Please select a free drive letter from the list. - Please select a mounted volume in the drive letter list. - Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: - Error: Cannot create autorun.inf - Error while processing keyfile! - Error processing keyfile path! - The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. - VeraCrypt does not support this operating system. - Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). - Error: Cannot allocate memory. - Error: Could not retrieve value of performance counter. - Error: Bad volume format. - Error: You supplied a password for a hidden volume (not for a normal volume). - For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). - VeraCrypt - Legal Notices - All Files - VeraCrypt Volumes - Library Modules - NTFS/exFAT formatting cannot continue. - Cannot mount volume. - Cannot dismount volume. - Windows failed to format the volume as NTFS/exFAT.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). - Windows failed to format the volume as NTFS/exFAT.\n\nDo you want to format the volume as FAT instead? - Default - partition - PARTITION - Device - device - DEVICE - Volume - volume - VOLUME - Label - The selected cluster size is too small for this volume size. A greater cluster size will be used instead. - Error: Cannot get volume size!\n\nMake sure the selected volume is not being used by the system or an application. - Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. - The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT/exFAT or NTFS volume. - Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. - Note: The FAT/exFAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT/exFAT). - Note that the FAT/exFAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT/exFAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? - Do you want to format the volume as FAT instead? - Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). - Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. - Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). - Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). - Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). - For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. - Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. - You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? - Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. - Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). - The volume does not contain any hidden volume. Proceed. - The volume contains a hidden volume. Cancel. - Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot obtain volume properties. - Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. - Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. - An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. - An error prevented VeraCrypt from resuming the process of encryption/decryption of the partition/volume.\n\nPlease try fixing any previously reported problems and then try resuming the process again if possible. Note that the volume cannot be mounted until it has been fully encrypted or fully decrypted. - An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. - Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. - Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. - Error: Cannot access the outer volume! Volume creation cannot continue. - Error: Cannot mount the outer volume! Volume creation cannot continue. - Error: Cannot get volume cluster bitmap! Volume creation cannot continue. - Alphabetical/Categorized - Mean Speed (Descending) - Algorithm - Encryption - Decryption - Mean - Drive - Size - Encryption Algorithm - Encryption Algorithm - Type - Value - Property - Location - bytes - Hidden - Outer - Normal - System - Hidden (system) - Read-Only - System drive - System drive (encrypting - %.2f%% done) - System drive (decrypting - %.2f%% done) - System drive (%.2f%% encrypted) - System partition - Hidden system partition - System partition (encrypting - %.2f%% done) - System partition (decrypting - %.2f%% done) - System partition (%.2f%% encrypted) - Yes (damage prevented!) - None - Primary Key Size - Secondary Key Size (XTS Mode) - Tweak Key Size (LRW Mode) - bits - Block Size - PKCS-5 PRF - PKCS-5 Iteration Count - Volume Created - Header Last Modified - (%I64d days ago) - Volume Format Version - Embedded Backup Header - VeraCrypt Boot Loader Version - First available - Removable Disk - Harddisk - Unchanged - Autodetection - Wizard Mode - Select one of the modes. If you are not sure which to select, use the default mode. - Select this option if you want to install VeraCrypt on this system. - Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. - If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). - Setup Options - Here you can set various options to control the installation process. - Installing - Please wait while VeraCrypt is being installed. - VeraCrypt has been successfully installed - VeraCrypt has been successfully upgraded - Please consider making a donation. You can click Finish anytime to close the installer. - Extraction Options - Here you can set various options to control the extraction process. - Please wait while files are being extracted. - Files successfully extracted - All files have been successfully extracted to the destination location. - If the specified folder does not exist, it will be automatically created. - The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. - Do you want to view release notes for the current (latest stable) version of VeraCrypt? - If you have never used VeraCrypt before, we recommend that you read the chapter Beginner's Tutorial in the VeraCrypt User Guide. Do you want to view the tutorial? - Please select an action to perform from the following: - Repair/Reinstall - Upgrade - Uninstall - To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? - VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - Installation failed. - Uninstallation failed. - This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). - Cannot write file %s - Extracting - Cannot read data from the package. - Cannot verify the integrity of this distribution package. - Extraction failed. - The installation has been rolled back. - VeraCrypt has been successfully installed. - VeraCrypt has been successfully updated. - VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? - Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. - VeraCrypt has been successfully uninstalled.\n\nClick 'Finish' to remove the VeraCrypt installer and the folder %s. Note that the folder will not be removed if it contains any files that were not installed by the VeraCrypt installer or created by VeraCrypt. - Removing VeraCrypt registry entries - Adding registry entry - Removing application-specific data - Installing - Stopping - Removing - Adding icon - Creating System Restore point - Failed to create System Restore point! - Updating boot loader - Failed to install '%s'. %s\nDo you want to continue installing? - Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? - Installation completed. - The folder '%s' could not be created - The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. - All VeraCrypt volumes must be dismounted before installing or uninstalling VeraCrypt. - An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. - The installation of the registry entries has failed - The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. - Starting VeraCrypt device driver - Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). - Installing VeraCrypt device driver - Stopping VeraCrypt device driver - Uninstalling VeraCrypt device driver - Registration of the User Account Control support library failed. - Unregistration of the User Account Control support library failed. - Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. - Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? - Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? - Error: Cannot display license. - Outer(!) - days - hours - minutes - s - Open - Dismount - Show VeraCrypt - Hide VeraCrypt - Data Read since Mount - Data Written since Mount - Encrypted Portion - 100% (fully encrypted) - 0% (not encrypted) - %.3f%% - 100% - Waiting - Preparing - Resizing - Encrypting - Decrypting - Finalizing - Paused - Finished - Error - Device disconnected - System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. - The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. - The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. - VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. - A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. - The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. - Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. - Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). - Enter password for %s - Enter password for '%s' - Enter password for the normal/outer volume - Enter password for the hidden volume - Enter password for the header stored in backup file - Keyfiles have been successfully created. - The number of keyfiles you supplied is invalid. - The keyfile size must be comprized between 64 and 1048576 bytes. - Please enter a name for the keyfile(s) to be generated - The base name of the keyfile(s) is invalid - The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. - WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. - Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). - The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. - For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. - Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). - Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. - Does the volume contain a hidden volume? - The volume contains a hidden volume - The volume does not contain a hidden volume - Please select the type of volume header backup you want to use: - Restore the volume header from the backup embedded in the volume - Restore the volume header from an external backup file - The size of the volume header backup file is incorrect. - There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). - You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? - After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. - Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. - The VeraCrypt Rescue Disk has been successfully verified. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - The VeraCrypt Rescue Disk ISO image has been successfully verified. - The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. - Error creating VeraCrypt Rescue Disk. - VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. - Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. - and/or other CD/DVD recording software - VeraCrypt - System Favorite Volumes - What are system favorite volumes? - The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. - Please dismount the volume before proceeding. - Error: Cannot set timer. - Check Filesystem - Repair Filesystem - Add to Favorites... - Add to System Favorites... - P&roperties... - Hidden Volume Protected - N/A - Yes - No - Disabled - 1 - 2 or more - Mode of Operation - Label: - Size: - Path: - Drive Letter: - Error: Password must contain only ASCII characters.\n\nNon-ASCII characters in password might cause the volume to be impossible to mount when your system configuration changes.\n\nThe following characters are allowed:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - Warning: Password contains non-ASCII characters. This may cause the volume to be impossible to mount when your system configuration changes.\n\nYou should replace all non-ASCII characters in the password with ASCII characters. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nThe following are ASCII characters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ - WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? - WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. - Homepage - WARNING: It appears that you have not applied any Service Pack to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows XP to which you did not apply Service Pack 1 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt. - WARNING: It appears that you have not applied Service Pack 3 or later to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows 2000 to which you did not apply Service Pack 3 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt.\n\nNote: You may also need to enable the 48-bit LBA support in the registry; for more information, see http://support.microsoft.com/kb/305098/EN-US - WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 - Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. - Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. - WARNING: If you want to be able to add more data/files to the outer volume in future, you should consider choosing a smaller size for the hidden volume.\n\nAre you sure you want to continue with the size you specified? - No volume selected.\n\nClick 'Select Device' or 'Select File' to select a VeraCrypt volume. - No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. - WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? - Auto-Mount Devices - Dismount All - Wipe Cache - Dismount All & Wipe Cache - Force Dismount All & Wipe Cache - Force Dismount All, Wipe Cache & Exit - Mount Favorite Volumes - Show/Hide Main VeraCrypt Window - (Click here and press a key) - Action - Shortcut - Error: This shortcut is reserved. Please choose a different shortcut. - Error: Shortcut already in use. - WARNING: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. - Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. - An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. - Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. - VeraCrypt volume mounted as %c: has been dismounted. - VeraCrypt volumes have been dismounted. - VeraCrypt volumes have been dismounted and password cache has been wiped. - Successfully dismounted - WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? - WARNING: If this option is disabled, volumes containing open files/directories will not be possible to auto-dismount.\n\nAre you sure you want to disable this option? - WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' - WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. - You have scheduled the process of encryption/decryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? - You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? - Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption/decryption of non-system partitions/volumes? - Yes, keep prompting me - No, do not prompt me - IMPORTANT: Keep in mind that you can resume the process of encryption/decryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? - Exit? - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. - VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. - Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. - Do you want to interrupt and postpone the process of encryption/decryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted or decrypted. You will be able to resume the process of encryption/decryption and it will continue from the point where it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. - Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. - Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. - Error: Failed to interrupt the process of wiping. - Error: Failed to resume the process of encryption/decryption of the system partition/drive. - Error: Failed to start the process of wiping. - Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) - There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. - WARNING: VeraCrypt Background Task is disabled. After you exit VeraCrypt, you will not be notified if damage to hidden volume is prevented.\n\nNote: You may shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nEnable VeraCrypt Background Task? - Language pack version: %s - Checking the file system on the VeraCrypt volume mounted as %s... - Attempting to repair the file system on the VeraCrypt volume mounted as %s... - Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. - Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E - Please assign a drive letter to the partition/device before proceeding ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nNote that this is a requirement of the operating system. - Mount VeraCrypt volume - Dismount all VeraCrypt volumes - VeraCrypt failed to obtain Administrator privileges. - Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. - Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. - It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. - The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. - The feature is not supported on the version of the operating system you are currently using. - VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. - Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. - VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. - Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. - WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? - Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. - CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? - Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. - The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). - Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. - WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. - The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. - Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. - WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? - Your system partition/drive appears to be fully encrypted. - VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. - The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). - WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). - Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. - Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). - As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? - Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. - Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. - There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. - Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. - Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. - WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? - For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? - Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. - \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). - Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). - This algorithm is currently not supported for system encryption. - This algorithm is not supported for TrueCrypt mode. - PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. - Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. - Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. - Keyfiles are currently not supported for system encryption. - Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. - Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. - As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. - VeraCrypt prevented change of keyboard layout. - Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. - Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. - After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. - The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. - IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n - Launch Microsoft Windows Disc Image Burner - WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. - Error: Cannot save system encryption settings. - Cannot initiate the system encryption pretest. - Cannot initiate the process of creation of the hidden operating system. - Wipe Mode - On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwriting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend to encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. - On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwriting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. - Wiping - \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. - \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. - Do you want to abort the process of wiping? - Warning: The entire content of the selected partition/device will be erased and lost. - The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. - WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? - None (fastest) - 1-pass (random data) - 3-pass (US DoD 5220.22-M) - 7-pass (US DoD 5220.22-M) - 35-pass ("Gutmann") - 256-pass - Number of Operating Systems - WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? - When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? - VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. - Boot Drive - Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. - VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. - Number of System Drives - How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. - VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. - Multiple Systems on Single Drive - Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. - Non-Windows Boot Loader - Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. - Multi-Boot - VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. - If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. - Encryption of Host Protected Area - At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? - Type of System Encryption - Select this option if you merely want to encrypt the system partition or the entire system drive. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. - It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. - Hidden Operating System - In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. - Detecting Hidden Sectors - Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. - Area to Encrypt - Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. - Collecting Random Data - Keys Generated - VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. - I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). - I will connect a CD/DVD burner to my computer later. Terminate the process now. - A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. - Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). - Rescue Disk Recording - Rescue Disk Created - System Encryption Pretest - Rescue Disk Verified - \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. - WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. - Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? - Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. - IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n - What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n - - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n - Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - Pretest Completed - The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. - You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. - \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. - \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. - Hidden System Started - Original System - Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. - The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). - You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. - Restart the computer and proceed - Permanently terminate the process of creation of the hidden operating system - Do nothing now and ask again later - \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n - I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n - II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n - 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n - 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n - 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n - 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n - Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n - Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. - \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n - How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n - 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n - 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n - 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n - 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n - 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n - 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n - 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n - 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n - 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n - 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n - After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n - If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n - The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n - If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n - If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n - WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! - Operating System Cloning - In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). - Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. - Do you want to cancel the system encryption pretest? - The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting - The system partition/drive does not appear to be encrypted (neither partially nor fully). - Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). - Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. - An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. - The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. - Error: The process of encryption of the partition/drive has not been completed. It must be completed first. - Error: The process of encryption or decryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. - The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. - VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. - Error: Incorrect/invalid parameter. - You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? - Do you want to create a VeraCrypt file container instead? - You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? - Are you sure you want to permanently decrypt the system partition/drive? - CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? - Are you sure you want to permanently decrypt the following volume? - CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? - Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? - If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). - WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. - The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. - The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. - Failed to upgrade the VeraCrypt Boot Loader. - VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. - WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. - Skip detection of hidden sectors (use the size reported by the operating system) - Try to detect hidden sectors again - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? - Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. - Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. - Enter password/PIN for token '%s': - In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). - Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. - In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. - Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. - No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). - No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. - Security token keyfile not found. - A security token keyfile with the same name already exists. - Do you want to delete the selected files? - Security token keyfile path is invalid. - Security token error - Password for security token is incorrect. - The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). - All open security token sessions have been closed. - Select Security Token Keyfiles - Slot - Token name - File name - IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). - System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. - Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. - IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. - Note that this setting takes effect only after the operating system is restarted. - Error while parsing command line. - Rescue Disk - Select &File and Mount... - Select &Device and Mount... - Allow only administrators to view and dismount system favorite volumes in VeraCrypt - Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) - Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? - Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). - Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? - Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. - Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. - Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. - Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. - %d threads - Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. - Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. - Do you want VeraCrypt to attempt to disable write protection of the partition/drive? - WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? - Warning: VeraCrypt volume auto-dismounted - Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. - This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series - Test - Keyfile - Backspace - Tab - Clear - Enter - Pause - Caps Lock - Spacebar - Page Up - Page Down - End - Home - Left Arrow - Up Arrow - Right Arrow - Down Arrow - Select Key - Print Key - Execute Key - Print Screen - Insert - Delete - Applications Key - Sleep - Num Lock - Scroll Lock - Browser Back - Browser Forward - Browser Refresh - Browser Stop - Browser Search - Browser Favorites - Browser Home - Mute - Volume Down - Volume Up - Next Track - Previous Track - Stop Media - Play/Pause Media - Start Mail Key - Select Media Key - Application 1 - Application 2 - Attn - CrSel - ExSel - Play - Zoom - NumPad - Shift - Control - Alt - Win - B - KB - MB - GB - TB - PB - B/s - KB/s - MB/s - GB/s - TB/s - PB/s - - Include &PIM when caching pre-boot authentication password - Include PIM when caching a password - Make disconnected network drives available for mounting - The entered password is too long: its UTF-8 representation exceeds 64 bytes. - The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. - Error: Failed to load a system library. - The volume file size specified in the command line is incompatible with selected exFAT filesystem. - Randomness Collected From Mouse Movements - Volume ID: - Volume ID - Use Volume ID to mount favorite - The Volume ID value is invalid - No Volume with the specified ID was found on the system - Copy Value to Clipboard... - Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) - WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? - Personal Iterations Multiplier (PIM) maximum value is 2147468. - Skip Rescue Disk verification - Don't show wait message dialog when performing operations - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + Cancel + Install &for all users + Bro&wse... + Add VeraCrypt icon to &desktop + Donate now... + Associate the .hc file &extension with VeraCrypt + &Open the destination location when finished + Add VeraCrypt to &Start menu + Create System &Restore point + &Uninstall + &Extract + &Install + VeraCrypt Setup Wizard + Uninstall VeraCrypt + &Help + Please select or type the location where you want to place the extracted files: + Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created. + Click Uninstall to remove VeraCrypt from this system. + Abort + &Benchmark + &Test + Create encrypted volume and format it + Encrypt partition in place + Display generated keys (their portions) + Display pool content + Download CD/DVD recording software + Create an encrypted file container + &GB + &TB + More information + Hi&dden VeraCrypt volume + More information about hidden volumes + Direct mode + Normal mode + &KB + U&se keyfiles + Try first to mount with an empty password + Random size ( 64 <-> 1048576 ) + &Keyfiles... + Information on hash algorithms + More information + Information on PIM + &MB + More information + More information about system encryption + More information + Multi-Boot + Encrypt a non-system partition/drive + &Never save history + Open Outer Volume + &Pause + Use P&IM + Use PIM + Quick Format + &Display password + &Display password + &Display PIM + Single-boot + Standard VeraCrypt volume + Hi&dden + Normal + Encrypt the system partition or entire system drive + Encrypt the Windows system partition + Encrypt the whole drive + VeraCrypt Volume Creation Wizard + Cluster + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue. + &Confirm: + Done + Drive letter: + Encryption Algorithm + Filesystem + Creates a virtual encrypted disk within a file. Recommended for inexperienced users. + Options + Hash Algorithm + Header Key: + Left + Master Key: + Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X + Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume. + Current pool content (partial) + Pass + Password: + Volume PIM: + Volume PIM: + Progress: + Random Pool: + Select this option if there is only one operating system installed on this computer (even if it has multiple users). + Speed + Status + The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue. + Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system. + Select this option to encrypt the partition where the currently running Windows operating system is installed. + Volume Label in Windows: + Wipe mode: + Close + Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager) + Do nothing + &Auto-mount VeraCrypt volume (specified below) + &Start VeraCrypt + Auto-&Detect Library + &Cache pre-boot authentication password in driver memory (for mounting of non-system volumes) + Browse... + Browse... + Cache passwords and keyfil&es in memory + Exit when there are no mounted volumes + &Close token session (log out) after a volume is successfully mounted + Include VeraCrypt Volume Expander + Include VeraCrypt Volume Creation Wizard + Create + &Create Volume + Do not &show any texts in the pre-boot authentication screen (except the below custom message) + Disable "Evil Maid" attack detection + Accelerate AES encryption/decryption by using the AES instructions of the processor (if available) + Use keyfiles + Use keyfiles + E&xit + Help on favorite volumes + Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed + Mount selected volume when its host device gets &connected + Mount selected volume upon log&on + Mount selected volume as read-o&nly + Mount selected volume as remo&vable medium + Move &Down + Move &Up + Open &Explorer window for selected volume when successfully mounted + &Remove + Use favorite label as Explorer drive label + Global Settings + Display balloon tooltip after successful hot-key dismount + Play system notification sound after successful hot-key dismount + Alt + Ctrl + Shift + Win + Assign + Remove + Keyfiles... + Do not use the following number of processors for encryption/decryption: + More information + More information + More Settings... + &Auto-Mount Devices + Mount Opti&ons... + Mount volume as read-&only + Keyfiles... + (Empty or 0 for default iterations) + (Empty or 0 for default iterations) + Enabled + Cache passwords in driver memory + Auto-dismount volume after no data has been read/written to it for + User logs off + User session locked + Entering power saving mode + Screen saver is launched + Force auto-dismount even if volume contains open files or directories + Mount all device-hosted VeraCrypt volumes + Start VeraCrypt Background Task + Mount volumes as read-only + Mount volumes as removable media + Open Explorer window for successfully mounted volume + Temporary Cache password during "Mount Favorite Volumes" operations + Use a different taskbar icon when there are mounted volumes + Wipe cached passwords on auto-dismount + Wipe cached passwords on exit + Preserve modification timestamp of file containers + Reset + Select D&evice... + Select &File... + Select &Library... + Display password + Display password + Open &Explorer window for mounted volume + &Cache password in driver memory + TrueCrypt Mode + Di&smount All + &Volume Properties... + Volume &Tools... + &Wipe Cache + VeraCrypt - Mount Parameters + VeraCrypt - Favorite Volumes + VeraCrypt - System-Wide Hot Keys + VeraCrypt + Change Password or Keyfiles + Enter VeraCrypt Volume Password + VeraCrypt - Performance and Driver Options + VeraCrypt - Preferences + VeraCrypt - System Encryption Settings + VeraCrypt - Security Token Preferences + VeraCrypt Traveler Disk Setup + VeraCrypt Volume Properties + About + Add/Remove Keyfiles to/from Volume... + Add Mounted Volume to Favorites... + Add Mounted Volume to System Favorites... + Analyze a System Crash... + Backup Volume Header... + Benchmark... + Set Header Key Derivation Algorithm... + Change Volume Password... + Set Header Key Derivation Algorithm... + Change Password... + Clear Volume History + Close All Security Token Sessions + Contact + Create Hidden Operating System... + Create Rescue Disk... + Create New Volume... + Permanently Decrypt... + Default Keyfiles... + Default Mount Parameters... + Donate now... + Encrypt System Partition/Drive... + Frequently Asked Questions + User's Guide + &Homepage + Hot Keys... + Keyfile Generator + Language... + Legal Notices + Manage Security Token Keyfiles... + Auto-Mount All Device-Hosted Volumes + Mount Favorite Volumes + Mount Without Pre-Boot &Authentication... + Mount Volume + Mount Volume with Options + News + Online Help + Beginner's Tutorial + Organize Favorite Volumes... + Organize System Favorite Volumes... + Performance/Driver Configuration + Permanently Decrypt System Partition/Drive + Preferences... + Refresh Drive Letters + Remove All Keyfiles from Volume... + Restore Volume Header... + Resume Interrupted Process + Select Device... + Select File... + Resume Interrupted Process + System Encryption... + Properties... + Settings... + System Favorite Volumes... + Downloads + Test Vectors... + Security Tokens... + Traveler Disk Setup... + Dismount All Mounted Volumes + Dismount Volume + Verify Rescue Disk + Verify Rescue Disk ISO Image + Version History + Volume Expander + Volume Properties + Volume Creation Wizard + VeraCrypt Website + Wipe Cached Passwords + OK + Hardware Acceleration + Shortcut + AutoRun Configuration (autorun.inf) + Auto-Dismount + Dismount all when: + Boot Loader Screen Options + Confirm Password: + Current + Display this custom message in the pre-boot authentication screen (24 characters maximum): + Default Mount Options + Hot Key Options + Driver Configuration + Enable extended disk control codes support + Label of selected favorite volume: + File Settings + Key to assign: + Processor (CPU) in this computer supports hardware acceleration for AES: + Actions to perform upon logon to Windows + minutes + Mount volume as drive letter: + Mount Settings + New + Password: + Thread-Based Parallelization + PKCS #11 Library Path + PKCS-5 PRF: + PKCS-5 PRF: + Password Cache + Security Options + VeraCrypt Background Task + VeraCrypt volume to mount (relative to traveler disk root): + Upon insertion of traveler disk: + Create traveler disk files at (traveler disk root directory): + Volume + Windows + Add &Path... + &Auto-Test All + &Continue + &Decrypt + &Delete + &Encrypt + &Export... + Generate and Save Keyfile... + &Generate Random Keyfile... + Download language pack + Hardware-accelerated AES: + &Import Keyfile to Token... + Add &Files... + U&se keyfiles + &Keyfiles... + &Remove + Remove &All + What is hidden volume protection? + More information on keyfiles + Mount volume as removable &medium + Mount partition &using system encryption without pre-boot authentication + Parallelization: + Benchmark + &Print + &Protect hidden volume against damage caused by writing to outer volume + &Reset + &Display password + Add &Token Files... + Use backup header embedded in &volume if available + XTS mode + About VeraCrypt + VeraCrypt - Encryption Algorithm Benchmark + VeraCrypt - Test Vectors + Command Line Help + VeraCrypt - Keyfiles + VeraCrypt - Keyfile Generator + VeraCrypt - Language + VeraCrypt - Mount Options + New Security Token Keyfile Properties + VeraCrypt - Random Pool Enrichment + Select a Partition or Device + VeraCrypt + Security Token Keyfiles + Security token password/PIN required + Active language pack + Speed is affected by CPU load and storage device characteristics.\n\nThese tests take place in RAM. + Buffer Size: + Cipher: + P&assword to hidden volume:\n(if empty, cache is used) + Hidden Volume Protection + Key size: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. + WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile! + bits + Number of keyfiles: + Keyfiles size (in Bytes): + Keyfiles base name: + Translated by: + Plaintext size: + bits + Current Pool Content + Mixing PRF: + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + Secondary key (hexadecimal) + Security token: + Sort Method: + Please wait. This process may take a long time... + Please wait...\nThis process may take a long time and VeraCrypt may seem unresponsive. + Block number: + Ciphertext (hexadecimal) + Data unit number (64-bit hexadecimal, data unit size is 512 bytes) + Key (hexadecimal) + Plaintext (hexadecimal) + Keyfile name: + XTS mode + S&ystem + &Volumes + Favor&ites + T&ools + Settin&gs + &Help + Home&page + + &About... + The read-only attribute on your old volume could not be changed. Please check the file access permissions. + Error: Access denied.\n\nThe partition you are trying to access is either 0 sectors long, or it is the boot device. + Administrator + In order to load the VeraCrypt driver, you need to be logged into an account with administrator privileges. + Please note that in order to encrypt, decrypt or format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes. + In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue? + Please note that in order to format the volume as NTFS/exFAT you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT. + FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS. + Volume is already mounted. + CAUTION: At least one encryption or hash algorithm failed the built-in automatic self-tests!\n\nVeraCrypt installation may be corrupted. + CAUTION: There is not enough data in the Random Number Generator pool to provide the requested amount of random data.\n\nYou should not proceed any further. Please select 'Report a Bug' from the Help menu, and report this error. + The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.\n\nPlease note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor's technical support team for assistance. Thank you.\n\nNote: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the 'chkdsk /r' command cannot correct it because it works only at the filesystem level; in some cases, the 'chkdsk' tool cannot even detect it). + If you are accessing a drive for removable media, please make sure that a medium is inserted in the drive. The drive/medium may also be damaged (there may be a physical defect on it) or a cable may be damaged/disconnected. + Your system appears to be using custom chipset drivers containing a bug that prevents encryption of the whole system drive.\n\nPlease try updating or uninstalling any custom (non-Microsoft) chipset drivers before proceeding. If it does not help, try encrypting the system partition only. + Invalid drive letter. + Invalid path. + Cancel + Cannot access device. Make sure the selected device exists and is not used by system. + Warning: Caps Lock is on. This may cause you to enter your password incorrectly. + Volume Type + It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. + Select this option if you want to create a normal VeraCrypt volume. + Please note that if you wish an operating system to be installed in a hidden partition-hosted volume, then the entire system drive cannot be encrypted using a single key. + Outer Volume Encryption Options + Hidden Volume Encryption Options + Encryption Options + WARNING: Failed to clear the path of the last selected volume/keyfile (remembered by file selector)! + Error: The container has been compressed at the filesystem level. VeraCrypt does not support compressed containers (note that compression of encrypted data is ineffective and redundant).\n\nPlease disable compression for the container by following these steps:\n1) Right-click the container in Windows Explorer (not in VeraCrypt).\n2) Select 'Properties'.\n3) In the 'Properties' dialog box, click 'Advanced'.\n4) In the 'Advanced Attributes' dialog box, disable the option 'Compress contents to save disk space' and click 'OK'.\n5) In the 'Properties' dialog box, click 'OK'. + Failed to create volume %s + Size of %s is %.2f bytes + Size of %s is %.2f KB + Size of %s is %.2f MB + Size of %s is %.2f GB + Size of %s is %.2f TB + Size of %s is %.2f PB + WARNING: The device/partition is in use by the operating system or applications. Formatting the device/partition might cause data corruption and system instability.\n\nContinue? + Warning: The partition is in use by the operating system or applications. You should close any applications that might be using the partition (including antivirus software).\n\nContinue? + Error: The device/partition contains a file system that could not be dismounted. The file system may be in use by the operating system. Formatting the device/partition would very likely cause data corruption and system instability.\n\nTo solve this issue, we recommend that you first delete the partition and then recreate it without formatting. To do so, follow these steps:\n1) Right-click the 'Computer' (or 'My Computer') icon in the 'Start Menu' and select 'Manage'. The 'Computer Management' window should appear.\n2) In the 'Computer Management' window, select 'Storage' > 'Disk Management'.\n3) Right-click the partition you want to encrypt and select either 'Delete Partition', or 'Delete Volume', or 'Delete Logical Drive'.\n4) Click 'Yes'. If Windows asks you to restart the computer, do so. Then repeat the steps 1 and 2 and continue from the step 5.\n5) Right-click the unallocated/free space area and select either 'New Partition', or 'New Simple Volume', or 'New Logical Drive'.\n6) The 'New Partition Wizard' or 'New Simple Volume Wizard' window should appear now; follow its instructions. On the wizard page entitled 'Format Partition', select either 'Do not format this partition' or 'Do not format this volume'. In the same wizard, click 'Next' and then 'Finish'.\n7) Note that the device path you have selected in VeraCrypt may be wrong now. Therefore, exit the VeraCrypt Volume Creation Wizard (if it is still running) and then start it again.\n8) Try encrypting the device/partition again.\n\nIf VeraCrypt repeatedly fails to encrypt the device/partition, you may want to consider creating a file container instead. + Error: The filesystem could not be locked and/or dismounted. It may be in use by the operating system or applications (for example, antivirus software). Encrypting the partition might cause data corruption and system instability.\n\nPlease close any applications that might be using the filesystem (including antivirus software) and try again. If it does not help, please follow the below steps. + WARNING: Some of the mounted devices/partitions were already in use!\n\nIgnoring this can cause undesired results including system instability.\n\nWe strongly recommend that you close any application that might be using the devices/partitions. + The selected device contains partitions.\n\nFormatting the device might cause system instability and/or data corruption. Please either select a partition on the device, or remove all partitions on the device to enable VeraCrypt to format it safely. + The selected non-system device contains partitions.\n\nEncrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives). A device that contains partitions can be entirely encrypted in place (using a single master key) only if it is the drive where Windows is installed and from which it boots.\n\nIf you want to encrypt the selected non-system device using a single master key, you will need to remove all partitions on the device first to enable VeraCrypt to format it safely (formatting a device that contains partitions might cause system instability and/or data corruption). Alternatively, you can encrypt each partition on the drive individually (each partition will be encrypted using a different master key).\n\nNote: If you want to remove all partitions from a GPT disk, you may need to convert it to a MBR disk (using e.g. the Computer Management tool) in order to remove hidden partitions. + Warning: If you encrypt the entire device (as opposed to encrypting only a partition on it), operating systems will consider the device as new, empty, and unformatted (as it will contain no partition table) and may spontaneously initialize the device (or ask you if you want to do so), which may damage the volume. Furthermore, it will not be possible to consistently mount the volume as favorite (e.g. when the drive number changes) or to assign a favorite-volume label to it.\n\nTo avoid that you may want to consider creating a partition on the device and encrypting the partition instead.\n\nAre you sure want to encrypt the entire device? + IMPORTANT: Please keep in mind that this volume can NOT be mounted/accessed using the drive letter %c:, which is currently assigned to it!\n\nTo mount this volume, click 'Auto-Mount Devices' in the main VeraCrypt window (alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/device, and click 'Mount'). The volume will be mounted to a different drive letter, which you select from the list in the main VeraCrypt window.\n\nThe original drive letter %c: should be used only in case you need to remove encryption from the partition/device (e.g., if you no longer need encryption). In such a case, right-click the drive letter %c: in the 'Computer' (or 'My Computer') list and select 'Format'. Otherwise, the drive letter %c: should never be used (unless you remove it, as described e.g. in the VeraCrypt FAQ, and assign it to another partition/device). + In-place encryption of non-system volumes is not supported on the version of the operating system you are currently using (it is supported only on Windows Vista and later versions of Windows).\n\nThe reason is that this version of Windows does not support shrinking of a filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nNote: The reason is that Windows does not support shrinking of other types of filesystems (the filesystem needs to be shrunk to make space for the volume header and backup header). + The selected partition does not appear to contain an NTFS filesystem. Only partitions that contain an NTFS filesystem can be encrypted in place.\n\nIf you want to create an encrypted VeraCrypt volume within this partition, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: The partition is too small. VeraCrypt cannot encrypt it in place. + To encrypt the data on this partition, please follow these steps:\n\n1) Create a VeraCrypt volume on an empty partition/device and then mount it.\n\n2) Copy all files from the partition that you originally wanted to encrypt to the mounted VeraCrypt volume (that has been created and mounted in step 1). That way, you will create a VeraCrypt-encrypted backup of the data.\n\n3) Create a VeraCrypt volume on the partition that you originally wanted to encrypt and make sure that (in the VeraCrypt wizard) you choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). Note that all data stored on the partition will be erased. After the volume is created, mount it.\n\n4) Copy all files from the mounted backup VeraCrypt volume (created and mounted in step 1) to the mounted VeraCrypt volume that has been created (and mounted) in step 3.\n\nAfter you complete these steps, the data will be encrypted and, in addition, there will be an encrypted backup of the data. + VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive.\n\nIf you want to create an encrypted VeraCrypt volume within the selected non-system device, choose the option "Create encrypted volume and format it" (instead of the option "Encrypt partition in place"). + Error: VeraCrypt can in-place encrypt only a partition, a dynamic volume, or an entire system drive. Please make sure the specified path is valid. + Error: Cannot shrink the filesystem (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPossible causes and solutions:\n\n- Not enough free space on the volume. Please make sure no other application is writing to the filesystem.\n\n- Corrupted file system. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Error: There is not enough free space on the volume and so the filesystem cannot be shrunk (the filesystem needs to be shrunk to make space for the volume header and backup header).\n\nPlease delete any redundant files and empty the Recycle Bin so as to free at least 256 KB of space and then try again. Note that due to a Windows issue, the amount of free space reported by the Windows Explorer may be incorrect until the operating system is restarted. If restarting the system does not help, the file system may be corrupted. Try to check it and fix any errors (right-click the corresponding drive letter in the 'Computer' list, then select Properties > Tools > 'Check Now', make sure the option 'Automatically fix file system errors' is enabled and click Start).\n\nIf the above steps do not help, please follow the below steps. + Free space on drive %s is %.2f bytes. + Free space on drive %s is %.2f KB + Free space on drive %s is %.2f MB + Free space on drive %s is %.2f GB + Free space on drive %s is %.2f TB + Free space on drive %s is %.2f PB + Could not get available drive letters. + Error: VeraCrypt driver not found.\n\nPlease copy the files 'veracrypt.sys' and 'veracrypt-x64.sys' to the directory where the main VeraCrypt application (VeraCrypt.exe) is located. + Error: An incompatible version of the VeraCrypt driver is currently running.\n\nIf you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already installed, you must uninstall it first (or upgrade it using the VeraCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > VeraCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > VeraCrypt > Remove.\n\nSimilarly, if you are trying to run VeraCrypt in portable mode (i.e. without installing it) and a different version of VeraCrypt is already running in portable mode, you must restart the system first and then run only this new version. + Error: Cipher initialization failure. + Error: A weak or a potentially weak key has been detected. The key will be discarded. Please try again. + A critical error has occurred and VeraCrypt must be terminated. If this is caused by a bug in VeraCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- VeraCrypt component name\n- Checksum of VeraCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- VeraCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report? + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nNote that this error has not been caused by VeraCrypt (so the VeraCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components). + A critical error has occurred in your system, which requires VeraCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware). + VeraCrypt Critical Error + VeraCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want VeraCrypt to check whether a bug in VeraCrypt could have caused the system crash? + Do you want VeraCrypt to continue detecting system crashes? + VeraCrypt found no system crash minidump file. + Do you want to delete the Windows crash dump file to free up disk space? + In order to analyze the system crash, VeraCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the veracrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package). + After you click OK, VeraCrypt will analyze the system crash. This may take up to several minutes. + Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger). + It appears that VeraCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.) + Results of the analysis indicate that updating the following driver might solve this issue: + To help us determine whether there is a bug in VeraCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser. + Do you want to send us the above error report? + &Encrypt + &Decrypt + &Permanently Decrypt + Exit + Please create a logical drive for this extended partition, and then try again. + A VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container is just like any normal file (it can be, for example, moved or deleted as any normal file). Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created.\n\nWARNING: If you select an existing file, VeraCrypt will NOT encrypt it; the file will be deleted and replaced with the newly created VeraCrypt container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container that you are about to create now. + Select the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nA VeraCrypt volume can reside in a file (called VeraCrypt container), which can reside on a hard disk, on a USB flash drive, etc. A VeraCrypt container can be moved or deleted as any normal file. Click 'Select File' to choose a filename for the container and to select the location where you wish the container to be created. If you select an existing file, VeraCrypt will NOT encrypt it; it will be deleted and replaced with the newly created container. You will be able to encrypt existing files (later on) by moving them to the VeraCrypt container you are about to create now. + Encrypted device-hosted VeraCrypt volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Partitions can also be encrypted in place.\n\nIn addition, encrypted device-hosted VeraCrypt volumes can be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nNote: A device that contains partitions can be entirely encrypted in place (using a single key) only if it is the drive where Windows is installed and from which it boots. + A device-hosted VeraCrypt volume can be created within a hard disk partition, solid-state drive, USB memory stick, and other storage devices.\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the outer volume to be created (within this volume the hidden volume will be created later on).\n\nOuter volumes can be created within partitions on hard disks, solid-state drives, USB memory sticks, and on any other supported storage devices. Outer volumes can also be created within devices that do not contain any partitions (including hard disks and solid-state drives).\n\nWARNING: Note that the partition/device will be formatted and all data currently stored on it will be lost. + \nSelect the location of the VeraCrypt volume within which you wish to create a hidden volume. + WARNING: The host file/device is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device (for example, antivirus or backup applications) should be closed before mounting the volume.\n\nContinue mounting? + Error: Cannot mount volume. The host file/device is already in use. Attempt to mount without exclusive access failed as well. + The file could not be opened. + Volume Location + Large Files + Do you intend to store files larger than 4 GB in this VeraCrypt volume? + Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step). + As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT/exFAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT/exFAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GB (which the FAT file system does not allow), then FAT is not the default. + Are you sure you want to choose 'Yes'? + Volume Creation Mode + This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option. + The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster). + Note: + &Resume + &Defer + &Start + &Continue + &Format + &Wipe + Abort format? + Show more information + Do not show this again + The content of the partition/device has been successfully erased. + The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased. + Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition. + The system partition/drive has been successfully encrypted.\n\nNote: If there are non-system VeraCrypt volumes that you need to have mounted automatically every time Windows starts, you can set it up by mounting each of them and selecting 'Favorites' > 'Add Mounted Volume to System Favorites'). + The system partition/drive has been successfully decrypted. + \n\nThe VeraCrypt volume has been created and is ready for use. If you wish to create another VeraCrypt volume, click Next. Otherwise, click Exit. + \n\nThe hidden VeraCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue. + Volume Fully Encrypted + Volume Fully Decrypted + IMPORTANT: TO MOUNT THIS NEWLY CREATED VERACRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN VERACRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main VeraCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main VeraCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted VeraCrypt volume now) and is ready for use. + The VeraCrypt volume has been successfully decrypted. + The VeraCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume. + Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK. + The VeraCrypt volume has been successfully created. + Volume Created + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume. + Click Format to create the outer volume. For more information, please refer to the documentation. + Outer Volume Format + Hidden Volume Format + Volume Format + Adobe Reader (or a compatible tool) is necessary to view or print the VeraCrypt User's Guide. Adobe Reader (freeware) can be downloaded at: www.adobe.com\n\nDo you want to view the online documentation instead? + If you select this option, the wizard will first help you create a normal VeraCrypt volume and then a hidden VeraCrypt volume within it. Inexperienced users should always select this option. + If you select this option, you will create a hidden volume within an existing VeraCrypt volume. It will be assumed that you have already created a VeraCrypt volume that is suitable to host the hidden volume. + Volume Creation Mode + Hidden Volume Created + The hidden VeraCrypt volume has been successfully created and is ready for use. If all the instructions have been followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume exists, even when the outer volume is mounted.\n\nWARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (FOR INFORMATION ON HOW TO DO SO, REFER TO THE SECTION "PROTECTION OF HIDDEN VOLUMES AGAINST DAMAGE" IN THE VERACRYPT USER'S GUIDE), DO NOT WRITE TO THE OUTER VOLUME. OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME! + You have started the hidden operating system. As you may have noticed, the hidden operating system appears to be installed on the same partition as the original operating system. However, in reality, it is installed within the partition behind it (in the hidden volume). All read and write operations are being transparently redirected from the original system partition to the hidden volume.\n\nNeither the operating system nor applications will know that data written to and read from the system partition are actually written to and read from the partition behind it (from/to a hidden volume). Any such data is encrypted and decrypted on the fly as usual (with an encryption key different from the one that will be used for the decoy operating system).\n\n\nPlease click Next to continue. + The outer volume has been created and mounted as drive %hc:. To this outer volume you should now copy some sensitive-looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. You will be able to reveal the password for this outer volume, and the existence of the hidden volume (and of the hidden operating system) will remain secret.\n\nIMPORTANT: The files you copy to the outer volume should not occupy more than %s. Otherwise, there may not be enough free space on the outer volume for the hidden volume (and you will not be able to continue). After you finish copying, click Next (do not dismount the volume). + Outer volume has been successfully created and mounted as drive %hc:. To this volume you should now copy some sensitive-looking files that you actually do NOT want to hide. The files will be there for anyone forcing you to disclose your password. You will reveal only the password for this outer volume, not for the hidden one. The files that you really care about will be stored in the hidden volume, which will be created later on. When you finish copying, click Next. Do not dismount the volume.\n\nNote: After you click Next, cluster bitmap of the outer volume will be scanned to determine the size of uninterrupted area of free space whose end is aligned with the end of the volume. This area will accommodate the hidden volume, so it will limit its maximum possible size. Cluster bitmap scanning ensures that no data on the outer volume are overwritten by the hidden volume. + Outer Volume Contents + \n\nIn the next steps, you will set the options for the outer volume (within which the hidden volume will be created later on). + \n\nIn the next steps, you will create a so-called outer VeraCrypt volume within the first partition behind the system partition (as was explained in one of the previous steps). + Outer Volume + In the following steps, you will set the options and password for the hidden volume, which will contain the hidden operating system.\n\nRemark: The cluster bitmap of the outer volume has been scanned in order to determine the size of uninterrupted area of free space whose end is aligned with the end of the outer volume. This area will accommodate the hidden volume, so it limits its maximum possible size. The maximum possible size of the hidden volume has been determined and confirmed to be greater than the size of the system partition (which is required, because the entire content of the system partition will need to be copied to the hidden volume). This ensures that no data currently stored on the outer volume will be overwritten by data written to the area of the hidden volume. + IMPORTANT: Please remember the algorithms that you select in this step. You will have to select the same algorithms for the decoy system. Otherwise, the hidden system will be inaccessible! (The decoy system must be encrypted with the same encryption algorithm as the hidden system.)\n\nNote: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader). + \n\nThe volume cluster bitmap has been scanned and the maximum possible size of the hidden volume has been determined. In the next steps you will set the options, the size, and the password for the hidden volume. + Hidden Volume + The hidden volume is now protected against damage until the outer volume is dismounted.\n\nWARNING: If any data is attempted to be saved to the hidden volume area, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to the hidden volume area will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + Each of the hidden volumes within the newly mounted volumes is now protected against damage until dismounted.\n\nWARNING: If any data is attempted to be saved to protected hidden volume area of any of these volumes, VeraCrypt will start write-protecting the entire volume (both the outer and the hidden part) until it is dismounted. This may cause filesystem corruption on the outer volume, which (if repeated) might adversely affect plausible deniability of the hidden volume. Therefore, you should make every effort to avoid writing to the hidden volume area. Any data being saved to protected hidden volume areas will not be saved and will be lost. Windows may report this as a write error ("Delayed Write Failed" or "The parameter is incorrect"). + WARNING: Data were attempted to be saved to the hidden volume area of the volume mounted as %c:! VeraCrypt prevented these data from being saved in order to protect the hidden volume. This may have caused filesystem corruption on the outer volume and Windows may have reported a write error ("Delayed Write Failed" or "The parameter is incorrect"). The entire volume (both the outer and the hidden part) will be write-protected until it is dismounted. If this is not the first time VeraCrypt has prevented data from being saved to the hidden volume area of this volume, plausible deniability of this hidden volume might be adversely affected (due to possible unusual correlated inconsistencies within the outer volume file system). Therefore, you should consider creating a new VeraCrypt volume (with Quick Format disabled) and moving files from this volume to the new volume; this volume should be securely erased (both the outer and the hidden part). We strongly recommend that you restart the operating system now. + You have indicated intent to store files larger than 4 GB on the volume. This requires the volume to be formatted as NTFS/exFAT, which, however, will not be possible. + Please note that when a hidden operating system is running, non-hidden VeraCrypt volumes cannot be formatted as NTFS/exFAT. The reason is that the volume would need to be temporarily mounted without write protection in order to allow the operating system to format it as NTFS (whereas formatting as FAT is performed by VeraCrypt, not by the operating system, and without mounting the volume). For further technical details, see below. You can create a non-hidden NTFS/exFAT volume from within the decoy operating system. + For security reasons, when a hidden operating system is running, hidden volumes can be created only in the 'direct' mode (because outer volumes must always be mounted as read-only). To create a hidden volume securely, follow these steps:\n\n1) Boot the decoy system.\n\n2) Create a normal VeraCrypt volume and, to this volume, copy some sensitive-looking files that you actually do NOT want to hide (the volume will become the outer volume).\n\n3) Boot the hidden system and start the VeraCrypt Volume Creation Wizard. If the volume is file-hosted, move it to the system partition or to another hidden volume (otherwise, the newly created hidden volume would be mounted as read-only and could not be formatted). Follow the instructions in the wizard so as to select the 'direct' hidden volume creation mode.\n\n4) In the wizard, select the volume you created in step 2 and then follow the instructions to create a hidden volume within it. + For security reasons, when a hidden operating system is running, local unencrypted filesystems and non-hidden VeraCrypt volumes are mounted as read-only (no data can be written to such filesystems or VeraCrypt volumes).\n\nData is allowed to be written to any filesystem that resides within a hidden VeraCrypt volume (provided that the hidden volume is not located in a container stored on an unencrypted filesystem or on any other read-only filesystem). + There are three main reasons why such countermeasures have been implemented:\n\n- It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. (For more information, see the subsection 'Security Requirements and Precautions Pertaining to Hidden Volumes' in the documentation.)\n\n- In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.\n\n- It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated. + Note: If you need to securely transfer files from the decoy system to the hidden system, follow these steps:\n1) Start the decoy system.\n2) Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.\n3) Start the hidden system.\n4) If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).\n5) Copy the files to the hidden system partition or to another hidden volume. + Your computer must be restarted.\n\nDo you want to restart it now? + An error occurred when obtaining the system encryption status. + No password specified in the command line. The volume can't be created. + No volume size specified in the command line. The volume can't be created. + The volume file size specified in the command line is incompatible with selected NTFS filesystem. + The volume file size specified in the command line is incompatible with selected FAT32 filesystem. + The filesystem on the target drive doesn't support creating sparse files which is required for dynamic volumes. + Only container files can be created through the command line. + The container file size specified in the command line is greater than the available disk free space. Volume can't be created. + The volume size specified in the command line is too small. The volume can't be created. + The volume size specified in the command line is too big. The volume can't be created. + Cannot initialize application components for system encryption. + Failed to initialize the random number generator!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Windows Crypto API failed!\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs, Last Error = 0x%.8X) + Unable to initialize the application. Failed to register the Dialog class. + Error: Failed to load the Rich Edit system library. + VeraCrypt Volume Creation Wizard + Maximum possible hidden volume size for this volume is %.2f bytes. + Maximum possible hidden volume size for this volume is %.2f KB. + Maximum possible hidden volume size for this volume is %.2f MB. + Maximum possible hidden volume size for this volume is %.2f GB. + Maximum possible hidden volume size for this volume is %.2f TB. + Volume password/keyfiles cannot be changed while the volume is mounted. Please dismount the volume first. + The header key derivation algorithm cannot be changed while the volume is mounted. Please dismount the volume first. + &Mount + A newer version of VeraCrypt is required to mount this volume. + Error: Volume Creation Wizard not found.\n\nPlease make sure that the file 'VeraCrypt Format.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCrypt Format.exe' on your disk and run it. + Error: Volume Expander not found.\n\nPlease make sure that the file 'VeraCryptExpander.exe' is in the folder from which 'VeraCrypt.exe' was launched. If it is not, please reinstall VeraCrypt, or locate 'VeraCryptExpander.exe' on your disk and run it. + &Next > + &Finish + &Install + E&xtract + Unable to connect to the VeraCrypt device driver. VeraCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded. + Error occurred when loading/preparing fonts. + The drive letter was not found or no drive letter was specified. + Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry? + Drive letter not available. + No file selected! + No drive letters available. + No free drive letter for the outer volume! Volume creation cannot continue. + Could not determine your operating system version or you are using an unsupported operating system. + No path selected! + Not enough free space for the hidden volume! Volume creation cannot continue. + Error: The files you copied to the outer volume occupy too much space. Therefore, there is not enough free space on the outer volume for the hidden volume.\n\nNote that the hidden volume must be as large as the system partition (the partition where the currently running operating system is installed). The reason is that the hidden operating system needs to be created by copying the content of the system partition to the hidden volume.\n\n\nThe process of creation of the hidden operating system cannot continue. + The driver is unable to dismount the volume. Some files located on the volume are probably still open. + Unable to lock the volume. There are still open files on the volume. Therefore, it cannot be dismounted. + VeraCrypt cannot lock the volume because it is in use by the system or applications (there may be open files on the volume).\n\nDo you want to force dismount on the volume? + Select a VeraCrypt Volume + Specify Path and File Name + Select PKCS #11 Library + Out of Memory + IMPORTANT: We strongly recommend that inexperienced users create a VeraCrypt file container on the selected device/partition, instead of attempting to encrypt the entire device/partition.\n\nWhen you create a VeraCrypt file container (as opposed to encrypting a device or partition) there is, for example, no risk of destroying a large number of files. Note that a VeraCrypt file container (even though it contains a virtual encrypted disk) is actually just like any normal file. For more information, see the chapter Beginner's Tutorial in the VeraCrypt User Guide.\n\nAre you sure you want to encrypt the entire device/partition? + WARNING: The file '%s' already exists!\n\nIMPORTANT: VERACRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new VeraCrypt container? + CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%s'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%s'%s? + WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%s'%s? + WARNING: Please note that if power supply is suddenly interrupted while encrypting/decrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting/decrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting/decrypting, please make sure that you have backup copies of the files you want to encrypt/decrypt.\n\nDo you have such a backup? + CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format? + WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)! + Erase any files stored on the partition by creating a VeraCrypt volume within it + Password + PIM + Set Header Key Derivation Algorithm + Add/Remove Keyfiles to/from Volume + Remove All Keyfiles from Volume + Password, PIM and/or keyfile(s) successfully changed.\n\nIMPORTANT: Please make sure you have read the section 'Changing Passwords and Keyfiles' in the chapter 'Security Requirements and Precautions' in the VeraCrypt User Guide. + This volume is registered as a System Favorite and its PIM was changed.\nDo you want VeraCrypt to automatically update the System Favorite configuration (administrator privileges required)?\n\nPlease note that if you answer no, you'll have to update the System Favorite manually. + IMPORTANT: If you did not destroy your VeraCrypt Rescue Disk, your system partition/drive can still be decrypted using the old password (by booting the VeraCrypt Rescue Disk and entering the old password). You should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk? + Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards). + Keyfile(s) successfully added/removed. + Keyfile exported. + Header key derivation algorithm successfully set. + Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption/decryption.\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption/decryption has been interrupted and where the VeraCrypt volume header can be deciphered using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step. + Please select one of the listed volumes. The list contains each accessible non-system volume where the process of encryption/decryption has been interrupted and where the volume header was successfully deciphered using the supplied password and/or keyfile(s). + Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt. + It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters. + Please choose a password for the hidden volume. + Please choose a password for the hidden operating system (i.e. for the hidden volume). + IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system). + Please enter the password for the volume within which you wish to create a hidden volume.\n\nAfter you click Next, VeraCrypt will attempt to mount the volume. As soon as the volume is mounted, its cluster bitmap will be scanned to determine the size of the uninterrupted area of free space (if there is any) whose end is aligned with the end of the volume. This area will accommodate the hidden volume and therefore will limit its maximum possible size. Cluster map scanning is necessary to ensure that no data on the outer volume will be overwritten by the hidden volume. + \nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters. + Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system). + Outer Volume Password + Hidden Volume Password + Password for Hidden Operating System + WARNING: Short passwords are easy to crack using brute force techniques!\n\nWe recommend choosing a password consisting of 20 or more characters. Are you sure you want to use a short password? + Volume Password + Operation failed due to one or more of the following:\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. + Operation failed due to one or more of the following:\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. + Operation failed due to one or more of the following:\n - Wrong mount mode.\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. + Operation failed due to one or more of the following:\n - Wrong mount mode.\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. + Auto-mount failed due to one or more of the following:\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found. + Auto-mount failed due to one or more of the following:\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found. + \n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly. + Remember Number to Mount Volume + Outer Volume PIM + Hidden Volume PIM + PIM for Hidden Operating System + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. + Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. + Volume PIM + \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). + If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. + VeraCrypt has not found any volume where the process of encryption/decryption of a non-system volume has been interrupted and where the volume header can be deciphered using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software). + The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X + The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X + \n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'. + In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system. + VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). + Warning: As the drive contains the VeraCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that VeraCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later. + < &Back + Unable to list raw devices installed on your system! + The volume '%s' exists, and is read-only. Are you sure you want to replace it? + Select destination directory + Select Keyfile + Select a keyfile search path. WARNING: Note that only the path will be remembered, not the filenames! + Select a directory where to store the keyfiles. + The current container file was selected as a keyfile. It will be skipped. + Designed by Ross Anderson, Eli Biham, and Lars Knudsen. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Serpent was one of the AES finalists. + Please specify the size of the container you want to create.\n\nIf you create a dynamic (sparse-file) container, this parameter will specify its maximum possible size.\n\nNote that the minimum possible size of a FAT volume is 292 KB. The minimum possible size of an exFAT volume is 424 KB. The minimum possible size of an NTFS volume is 3792 KB. + Please specify the size of the outer volume to be created (you will first create the outer volume and then a hidden volume within it). The minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Please specify the size of the hidden volume to create. The minimum possible size of a hidden volume is 40 KB (or 3664 KB if it is formatted as NTFS). The maximum possible size you can specify for the hidden volume is displayed above. + Outer Volume Size + Hidden Volume Size + Please verify that the size of the selected device/partition shown above is correct and click Next. + The outer volume and the hidden volume (containing the hidden operating system) will reside within the above partition. It should be the first partition behind the system partition.\n\nPlease verify that the size of the partition and its number shown above are correct, and if they are, click Next. + \n\nNote that the minimum possible size of a volume within which a hidden volume is intended to be created is 340 KB. + Volume Size + Dynamic + CAUTION: SELF-TEST FAILED! + Self-tests of all algorithms passed + The data unit number that you supplied is too long or short. + The secondary key that you supplied is too long or short. + The test ciphertext you have supplied is too long or short. + The test key you have supplied is too long or short. + The test plaintext you have supplied is too long or short. + Two ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key) and then with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Three ciphers in a cascade operating in XTS mode. Each block is first encrypted with %s (%d-bit key), then with %s (%d-bit key), and finally with %s (%d-bit key). Each cipher uses its own key. All keys are mutually independent. + Note that, depending on the operating system configuration, these auto-run and auto-mount features may work only when the traveler disk files are created on a non-writable CD/DVD-like medium. Also note that this is not a bug in VeraCrypt (it is a limitation of Windows). + VeraCrypt traveler disk has been successfully created.\n\nNote that you need administrator privileges to run VeraCrypt in portable mode. Also note that, after examining the registry file, it may be possible to tell that VeraCrypt was run on a Windows system even if it is run in portable mode. + VeraCrypt Traveler Disk + Designed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Published in 1998. 256-bit key, 128-bit block. Mode of operation is XTS. Twofish was one of the AES finalists. + More information on %s + Unknown + An unspecified or unknown error occurred (%d). + Some volumes contain files or folders being used by applications or system.\n\nForce dismount? + &Dismount + Dismount failed! + Volume contains files or folders being used by applications or system.\n\nForce dismount? + No volume is mounted to the specified drive letter. + The volume you are trying to mount is already mounted. + An error occurred when attempting to mount volume. + Error seeking location within volume. + Error: Incorrect volume size. + WARNING: You should use Quick Format only in the following cases:\n\n1) The device contains no sensitive data and you do not need plausible deniability.\n2) The device has already been securely and fully encrypted.\n\nAre you sure you want to use Quick Format? + Dynamic container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it.\n\nWARNING: Performance of sparse-file-hosted volumes is significantly worse than performance of regular volumes. Sparse-file-hosted volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, sparse-file-hosted volumes cannot provide plausible deniability (host a hidden volume). Also note that if data is written to a sparse file container when there is not enough free space in the host file system, the encrypted file system may get corrupted.\n\nAre you sure you want to create a sparse-file-hosted volume? + Note that the size of the dynamic container reported by Windows and by VeraCrypt will always be equal to its maximum size. To find out current physical size of the container (actual disk space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then select 'Properties' and see the 'Size on disk' value.\n\nAlso note that if you move a dynamic container to another volume or drive, the physical size of the container will be extended to the maximum. (You can prevent that by creating a new dynamic container in the destination location, mounting it and then moving the files from the old container to the new one.) + Password cache wiped + Passwords (and/or processed keyfile contents) stored in the VeraCrypt driver cache have been wiped. + VeraCrypt cannot change the password for a foreign volume. + Please select a free drive letter from the list. + Please select a mounted volume in the drive letter list. + Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice: + Error: Cannot create autorun.inf + Error while processing keyfile! + Error processing keyfile path! + The keyfile path contains no files.\n\nPlease note that folders (and files they contain) found in keyfile search paths are ignored. + VeraCrypt does not support this operating system. + Error: VeraCrypt supports only stable versions of this operating system (beta/RC versions are not supported). + Error: Cannot allocate memory. + Error: Could not retrieve value of performance counter. + Error: Bad volume format. + Error: You supplied a password for a hidden volume (not for a normal volume). + For security reasons, a hidden volume cannot be created within a VeraCrypt volume containing a filesystem that has been encrypted in place (because the free space on the volume has not been filled with random data). + VeraCrypt - Legal Notices + All Files + VeraCrypt Volumes + Library Modules + NTFS/exFAT formatting cannot continue. + Cannot mount volume. + Cannot dismount volume. + Windows failed to format the volume as NTFS/exFAT.\n\nPlease select a different type of file system (if possible) and try again. Alternatively, you could leave the volume unformatted (select 'None' as the filesystem), exit this wizard, mount the volume, and then use either a system or a third-party tool to format the mounted volume (the volume will remain encrypted). + Windows failed to format the volume as NTFS/exFAT.\n\nDo you want to format the volume as FAT instead? + Default + partition + PARTITION + Device + device + DEVICE + Volume + volume + VOLUME + Label + The selected cluster size is too small for this volume size. A greater cluster size will be used instead. + Error: Cannot get volume size!\n\nMake sure the selected volume is not being used by the system or an application. + Hidden volumes must not be created within dynamic (sparse file) containers. To achieve plausible deniability, the hidden volume needs to be created within a non-dynamic container. + The VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT/exFAT or NTFS volume. + Under Windows 2000, the VeraCrypt Volume Creation Wizard can create a hidden volume only within a FAT volume. + Note: The FAT/exFAT file system is more suitable for outer volumes than the NTFS file system (for example, the maximum possible size of the hidden volume would very likely have been significantly greater if the outer volume had been formatted as FAT/exFAT). + Note that the FAT/exFAT file system is more suitable for outer volumes than the NTFS file system. For example, the maximum possible size of the hidden volume will very likely be significantly greater if the outer volume is formatted as FAT/exFAT (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume can reside only in the second half of the outer volume).\n\nAre you sure you want to format the outer volume as NTFS? + Do you want to format the volume as FAT instead? + Note: This volume cannot be formatted as FAT, because it exceeds the maximum volume size supported by the FAT32 filesystem for the applicable sector size (2 TB for 512-byte sectors and 16 TB for 4096-byte sectors). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). + Error: The partition for the hidden operating system (i.e. the first partition behind the system partition) must be at least 110% (2.1 times) larger than the system partition (the system partition is the one where the currently running operating system is installed). The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the partition. + Error: If the outer volume is formatted as NTFS, it must be at least 110% (2.1 times) larger than the system partition. The reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume (which is to contain a clone of the system partition) can reside only in the second half of the outer volume.\n\nNote: The outer volume needs to reside within the same partition as the hidden operating system (i.e. within the first partition behind the system partition). + Error: There is no partition behind the system partition.\n\nNote that before you can create a hidden operating system, you need to create a partition for it on the system drive. It must be the first partition behind the system partition and it must be at least 5% larger than the system partition (the system partition is the one where the currently running operating system is installed). However, if the outer volume (not to be confused with the system partition) is formatted as NTFS, the partition for the hidden operating system must be at least 110% (2.1 times) larger than the system partition (the reason is that the NTFS file system always stores internal data exactly in the middle of the volume and, therefore, the hidden volume, which is to contain a clone of the system partition, can reside only in the second half of the partition). + Remark: It is not practical (and therefore is not supported) to install operating systems in two VeraCrypt volumes that are embedded within a single partition, because using the outer operating system would often require data to be written to the area of the hidden operating system (and if such write operations were prevented using the hidden volume protection feature, it would inherently cause system crashes, i.e. 'Blue Screen' errors). + For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance. + Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported. + You indicated that you intend to store files larger than 4 GB in this VeraCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT? + Error: VeraCrypt does not support in-place decryption of legacy non-system volumes created by VeraCrypt 1.0b or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Error: VeraCrypt cannot in-place decrypt a hidden VeraCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume. + Warning: Note that VeraCrypt cannot in-place decrypt a volume that contains a hidden VeraCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted). + The volume does not contain any hidden volume. Proceed. + The volume contains a hidden volume. Cancel. + Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot obtain volume properties. + Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected. + Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps. + An error prevented VeraCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps. + An error prevented VeraCrypt from resuming the process of encryption/decryption of the partition/volume.\n\nPlease try fixing any previously reported problems and then try resuming the process again if possible. Note that the volume cannot be mounted until it has been fully encrypted or fully decrypted. + An error prevented VeraCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible. + Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry. + Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue. + Error: Cannot access the outer volume! Volume creation cannot continue. + Error: Cannot mount the outer volume! Volume creation cannot continue. + Error: Cannot get volume cluster bitmap! Volume creation cannot continue. + Alphabetical/Categorized + Mean Speed (Descending) + Algorithm + Encryption + Decryption + Mean + Drive + Size + Encryption Algorithm + Encryption Algorithm + Type + Value + Property + Location + bytes + Hidden + Outer + Normal + System + Hidden (system) + Read-Only + System drive + System drive (encrypting - %.2f%% done) + System drive (decrypting - %.2f%% done) + System drive (%.2f%% encrypted) + System partition + Hidden system partition + System partition (encrypting - %.2f%% done) + System partition (decrypting - %.2f%% done) + System partition (%.2f%% encrypted) + Yes (damage prevented!) + None + Primary Key Size + Secondary Key Size (XTS Mode) + Tweak Key Size (LRW Mode) + bits + Block Size + PKCS-5 PRF + PKCS-5 Iteration Count + Volume Created + Header Last Modified + (%I64d days ago) + Volume Format Version + Embedded Backup Header + VeraCrypt Boot Loader Version + First available + Removable Disk + Harddisk + Unchanged + Autodetection + Wizard Mode + Select one of the modes. If you are not sure which to select, use the default mode. + Select this option if you want to install VeraCrypt on this system. + Note: You can upgrade without decrypting even if the system partition/drive is encrypted or you use a hidden operating system. + If you select this option, all files will be extracted from this package but nothing will be installed on the system. Do not select it if you intend to encrypt the system partition or system drive. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not have to be installed on the operating system under which it is run. After all files are extracted, you can directly run the extracted file 'VeraCrypt.exe' (then VeraCrypt will run in portable mode). + Setup Options + Here you can set various options to control the installation process. + Installing + Please wait while VeraCrypt is being installed. + VeraCrypt has been successfully installed + VeraCrypt has been successfully upgraded + Please consider making a donation. You can click Finish anytime to close the installer. + Extraction Options + Here you can set various options to control the extraction process. + Please wait while files are being extracted. + Files successfully extracted + All files have been successfully extracted to the destination location. + If the specified folder does not exist, it will be automatically created. + The VeraCrypt program files will be upgraded in the location where VeraCrypt is installed. If you need to select a different location, please uninstall VeraCrypt first. + Do you want to view release notes for the current (latest stable) version of VeraCrypt? + If you have never used VeraCrypt before, we recommend that you read the chapter Beginner's Tutorial in the VeraCrypt User Guide. Do you want to view the tutorial? + Please select an action to perform from the following: + Repair/Reinstall + Upgrade + Uninstall + To successfully install/uninstall VeraCrypt, you must have administrator privileges. Do you want to continue? + VeraCrypt Installer is currently running on this system and performing or preparing installation or update of VeraCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + Installation failed. + Uninstallation failed. + This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.codeplex.com). + Cannot write file %s + Extracting + Cannot read data from the package. + Cannot verify the integrity of this distribution package. + Extraction failed. + The installation has been rolled back. + VeraCrypt has been successfully installed. + VeraCrypt has been successfully updated. + VeraCrypt has been successfully upgraded. However, before you can start using it, the computer must be restarted.\n\nDo you want to restart it now? + Failed to upgrade VeraCrypt!\n\nIMPORTANT: Before you shut down or restart the system, we strongly recommend that you use System Restore (Windows Start menu > All programs > Accessories > System Tools > System Restore) to restore your system to the restore point named 'VeraCrypt installation'. If System Restore is not available, you should try installing the original or the new version of VeraCrypt again before you shut down or restart the system. + VeraCrypt has been successfully uninstalled.\n\nClick 'Finish' to remove the VeraCrypt installer and the folder %s. Note that the folder will not be removed if it contains any files that were not installed by the VeraCrypt installer or created by VeraCrypt. + Removing VeraCrypt registry entries + Adding registry entry + Removing application-specific data + Installing + Stopping + Removing + Adding icon + Creating System Restore point + Failed to create System Restore point! + Updating boot loader + Failed to install '%s'. %s\nDo you want to continue installing? + Failed to uninstall '%s'. %s\nDo you want to continue uninstalling? + Installation completed. + The folder '%s' could not be created + The VeraCrypt device driver cannot be unloaded.\n\nPlease close all open VeraCrypt windows first. If it does not help, please restart Windows and then try again. + All VeraCrypt volumes must be dismounted before installing or uninstalling VeraCrypt. + An obsolete version of VeraCrypt is currently installed on this system. It needs to be uninstalled before you can install this new version of VeraCrypt.\n\nAs soon as you close this message box, the uninstaller of the old version will be launched. Note that no volume will be decrypted when you uninstall VeraCrypt. After you uninstall the old version of VeraCrypt, run the installer of the new version of VeraCrypt again. + The installation of the registry entries has failed + The installation of the device driver has failed. Please restart Windows and then try installing VeraCrypt again. + Starting VeraCrypt device driver + Uninstallation of the device driver has failed. Please note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be uninstalled (or reinstalled). + Installing VeraCrypt device driver + Stopping VeraCrypt device driver + Uninstalling VeraCrypt device driver + Registration of the User Account Control support library failed. + Unregistration of the User Account Control support library failed. + Note about portable mode:\n\nPlease note that the operating system requires drivers to be registered with it before they can be started. Hence, the VeraCrypt driver is not (and cannot be) fully portable (whereas the VeraCrypt applications are fully portable, i.e. they do not have to be installed or registered with the operating system). Also note that VeraCrypt needs a driver to provide transparent on-the-fly encryption/decryption. + Note that if you decide to run VeraCrypt in portable mode (as opposed to running an installed copy of VeraCrypt), the system will ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nThe reason is that when you run VeraCrypt in portable mode, VeraCrypt needs to load and start the VeraCrypt device driver. VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot start device drivers in Windows. Therefore, the system will ask you for permission to run VeraCrypt with administrator privileges (UAC prompt).\n\nNote that if you install VeraCrypt on the system (as opposed to running VeraCrypt in portable mode), the system will NOT ask you for permission to run VeraCrypt (UAC prompt) every time you attempt to run it.\n\nAre you sure you want to extract the files? + Warning: This instance of the Volume Creation Wizard has administrator privileges.\n\nYour new volume may be created with permissions that will not allow you to write to the volume when it is mounted. If you want to avoid that, close this instance of the Volume Creation Wizard and launch a new one without administrator privileges.\n\nDo you want to close this instance of the Volume Creation Wizard? + Error: Cannot display license. + Outer(!) + days + hours + minutes + s + Open + Dismount + Show VeraCrypt + Hide VeraCrypt + Data Read since Mount + Data Written since Mount + Encrypted Portion + 100% (fully encrypted) + 0% (not encrypted) + %.3f%% + 100% + Waiting + Preparing + Resizing + Encrypting + Decrypting + Finalizing + Paused + Finished + Error + Device disconnected + System favorite volumes saved.\n\nTo enable mounting of system favorite volumes when the system starts, please select 'Settings' > 'System Favorite Volumes' > 'Mount system favorite volumes when Windows starts'. + The volume you are adding to favorites is neither a partition nor a dynamic volume. Therefore, VeraCrypt will be unable to mount this favorite volume if the device number changes. + The volume you are adding to favorites is a partition not recognized by Windows.\n\nVeraCrypt will be unable to mount this favorite volume if the device number changes. Please set the type of the partition to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then add the partition to favorites again. + VeraCrypt Background Task is disabled or it is configured to exit when there are no mounted volumes (or VeraCrypt is running in portable mode). This may prevent your favorite volumes from being automatically mounted when devices hosting them get connected.\n\nNote: To enable the VeraCrypt Background Task, select Settings > Preferences and check the 'Enabled' checkbox in the section 'VeraCrypt Background Task'. + A container stored in a remote filesystem shared over a network cannot be automatically mounted when its host device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, the volume hosted on the device cannot be automatically mounted when the device gets connected. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable the volume hosted on the device to be automatically mounted when the device gets connected. + The device displayed below is neither a partition nor a dynamic volume. Therefore, no label can be assigned to it. + Please set the type of the partition displayed below to a type recognized by Windows (use the SETID command of the Windows 'diskpart' tool). Then remove the partition from favorites and add it again. This will enable VeraCrypt to assign a label to the partition. + Due to a Windows limitation, a container stored in a remote filesystem shared over a network cannot be mounted as a system favorite volume (however, it can be mounted as a non-system favorite volume when a user logs on). + Enter password for %s + Enter password for '%s' + Enter password for the normal/outer volume + Enter password for the hidden volume + Enter password for the header stored in backup file + Keyfiles have been successfully created. + The number of keyfiles you supplied is invalid. + The keyfile size must be comprized between 64 and 1048576 bytes. + Please enter a name for the keyfile(s) to be generated + The base name of the keyfile(s) is invalid + The keyfile '%s' already exists.\nDo you want to overwrite it? The generation process will be stopped if you answer No. + WARNING: The header of this volume is damaged! VeraCrypt automatically used the backup of the volume header embedded in the volume.\n\nYou should repair the volume header by selecting 'Tools' > 'Restore Volume Header'. + Volume header backup has been successfully created.\n\nIMPORTANT: Restoring the volume header using this backup will also restore the current volume password. Moreover, if keyfile(s) are/is necessary to mount the volume, the same keyfile(s) will be necessary to mount the volume again when the volume header is restored.\n\nWARNING: This volume header backup may be used to restore the header ONLY of this particular volume. If you use this header backup to restore a header of a different volume, you will be able to mount the volume, but you will NOT be able to decrypt any data stored in the volume (because you will change its master key). + The volume header has been successfully restored.\n\nIMPORTANT: Please note that an old password may have been restored as well. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) are now necessary to mount the volume again. + For security reasons, you will have to enter the correct password (and/or supply the correct keyfiles) for the volume.\n\nNote: If the volume contains a hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the outer volume first. Afterwards, if you choose to back up the header of the hidden volume, you will have to enter the correct password (and/or supply the correct keyfiles) for the hidden volume. + Are you sure you want to create volume header backup for %s?\n\nAfter you click Yes, you will prompted for a filename for the header backup.\n\nNote: Both the standard and the hidden volume headers will be re-encrypted using a new salt and stored in the backup file. If there is no hidden volume within this volume, the area reserved for the hidden volume header in the backup file will be filled with random data (to preserve plausible deniability). When restoring a volume header from the backup file, you will need to enter the correct password (and/or to supply the correct keyfiles) that was/were valid when the volume header backup was created. The password (and/or keyfiles) will also automatically determine the type of the volume header to restore, i.e. standard or hidden (note that VeraCrypt determines the type through the process of trial and error). + Are you sure you want to restore volume header of %s?\n\nWARNING: Restoring a volume header also restores the volume password that was valid when the backup was created. Moreover, if keyfile(s) were/was necessary to mount the volume when the backup was created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored.\n\nAfter you click Yes, you will select the header backup file. + Does the volume contain a hidden volume? + The volume contains a hidden volume + The volume does not contain a hidden volume + Please select the type of volume header backup you want to use: + Restore the volume header from the backup embedded in the volume + Restore the volume header from an external backup file + The size of the volume header backup file is incorrect. + There is no backup header embedded in this volume (note that only volumes created by VeraCrypt 6.0 or later contain embedded backup headers). + You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk? + After you click OK, you will select a filename for the new VeraCrypt Rescue Disk ISO image and the location where you wish to place it. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nIMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software.\n\nAfter you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn the Rescue Disk image to a CD or DVD.\n\nDo you want to launch the Microsoft Windows Disc Image Burner now?\n\nNote: After you burn the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly burned. + Please insert your VeraCrypt Rescue Disk into your CD/DVD drive and click OK to verify it. + The VeraCrypt Rescue Disk has been successfully verified. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then try again. If this does not help, please try other CD/DVD recording software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + The VeraCrypt Rescue Disk ISO image has been successfully verified. + The Rescue Disk ISO image verification failed.\n\nIf you attempted to verify a VeraCrypt Rescue Disk ISO image created for a different master key, password, salt, etc., please note that such Rescue Disk ISO image will always fail this verification. To create a new Rescue Disk ISO image fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'. + Error creating VeraCrypt Rescue Disk. + VeraCrypt Rescue Disk cannot be created when a hidden operating system is running.\n\nTo create a VeraCrypt Rescue Disk, boot the decoy operating system and then select 'System' > 'Create Rescue Disk'. + Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk. + and/or other CD/DVD recording software + VeraCrypt - System Favorite Volumes + What are system favorite volumes? + The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first. + Please dismount the volume before proceeding. + Error: Cannot set timer. + Check Filesystem + Repair Filesystem + Add to Favorites... + Add to System Favorites... + P&roperties... + Hidden Volume Protected + N/A + Yes + No + Disabled + 1 + 2 or more + Mode of Operation + Label: + Size: + Path: + Drive Letter: + Error: Password must contain only ASCII characters.\n\nNon-ASCII characters in password might cause the volume to be impossible to mount when your system configuration changes.\n\nThe following characters are allowed:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + Warning: Password contains non-ASCII characters. This may cause the volume to be impossible to mount when your system configuration changes.\n\nYou should replace all non-ASCII characters in the password with ASCII characters. To do so, click 'Volumes' -> 'Change Volume Password'.\n\nThe following are ASCII characters:\n\n ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ + WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.hc').\n\nAre you sure you want to use the problematic file extension? + WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.hc') after you dismount the volume. + Homepage + WARNING: It appears that you have not applied any Service Pack to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows XP to which you did not apply Service Pack 1 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt. + WARNING: It appears that you have not applied Service Pack 3 or later to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows 2000 to which you did not apply Service Pack 3 or later! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in VeraCrypt.\n\nNote: You may also need to enable the 48-bit LBA support in the registry; for more information, see http://support.microsoft.com/kb/305098/EN-US + WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a VeraCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of VeraCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098 + Error: Files larger than 4 GB cannot be stored on a FAT32 file system. Therefore, file-hosted VeraCrypt volumes (containers) stored on a FAT32 file system cannot be larger than 4 GB.\n\nIf you need a larger volume, create it on an NTFS file system (or, if you use Windows Vista SP1 or later, on an exFAT file system) or, instead of creating a file-hosted volume, encrypt an entire partition or device. + Warning: Windows XP does not support files larger than 2048 GB (it will report that "Not enough storage is available"). Therefore, you cannot create a file-hosted VeraCrypt volume (container) larger than 2048 GB under Windows XP.\n\nNote that it is still possible to encrypt the entire drive or create a partition-hosted VeraCrypt volume larger than 2048 GB under Windows XP. + WARNING: If you want to be able to add more data/files to the outer volume in future, you should consider choosing a smaller size for the hidden volume.\n\nAre you sure you want to continue with the size you specified? + No volume selected.\n\nClick 'Select Device' or 'Select File' to select a VeraCrypt volume. + No partition selected.\n\nClick 'Select Device' to select a dismounted partition that normally requires pre-boot authentication (for example, a partition located on the encrypted system drive of another operating system, which is not running, or the encrypted system partition of another operating system).\n\nNote: The selected partition will be mounted as a regular VeraCrypt volume without pre-boot authentication. This is useful e.g. for backup or repair operations. + WARNING: If default keyfiles are set and enabled, volumes that are not using these keyfiles will be impossible to mount. Therefore, after you enable default keyfiles, keep in mind to uncheck the 'Use keyfiles' checkbox (below a password input field) whenever mounting such volumes.\n\nAre you sure you want to save the selected keyfiles/paths as default? + Auto-Mount Devices + Dismount All + Wipe Cache + Dismount All & Wipe Cache + Force Dismount All & Wipe Cache + Force Dismount All, Wipe Cache & Exit + Mount Favorite Volumes + Show/Hide Main VeraCrypt Window + (Click here and press a key) + Action + Shortcut + Error: This shortcut is reserved. Please choose a different shortcut. + Error: Shortcut already in use. + WARNING: One or more VeraCrypt system-wide hot keys will not work!\n\nPlease make sure that other applications and the operating system do not use the same shortcut(s) as VeraCrypt. + Paging file creation has been prevented.\n\nPlease note that, due to Windows issues, paging files cannot be located on non-system VeraCrypt volumes (including system favorite volumes). VeraCrypt supports creation of paging files only on an encrypted system partition/drive. + An error or incompatibility prevents VeraCrypt from encrypting the hibernation file. Therefore, hibernation has been prevented.\n\nNote: When a computer hibernates (or enters a power-saving mode), the content of its system memory is written to a hibernation storage file residing on the system drive. VeraCrypt would not be able to prevent encryption keys and the contents of sensitive files opened in RAM from being saved unencrypted to the hibernation storage file. + Hibernation has been prevented.\n\nVeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition. Please note that the boot partition is shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating. + VeraCrypt volume mounted as %c: has been dismounted. + VeraCrypt volumes have been dismounted. + VeraCrypt volumes have been dismounted and password cache has been wiped. + Successfully dismounted + WARNING: If the VeraCrypt Background Task is disabled, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n5) Tray icon\n\nNote: You can shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nAre you sure you want to permanently disable the VeraCrypt Background Task? + WARNING: If this option is disabled, volumes containing open files/directories will not be possible to auto-dismount.\n\nAre you sure you want to disable this option? + WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories' + WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, VeraCrypt may fail to auto-dismount volumes in such cases. + You have scheduled the process of encryption/decryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now? + You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now? + Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption/decryption of non-system partitions/volumes? + Yes, keep prompting me + No, do not prompt me + IMPORTANT: Keep in mind that you can resume the process of encryption/decryption of any non-system partition/volume by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + WARNING: If VeraCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish VeraCrypt to run in the background, disable the VeraCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of VeraCrypt in the Preferences).\n\nAre you sure you want VeraCrypt to exit? + Exit? + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt. + VeraCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt. + Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main VeraCrypt window, select 'Volumes' > 'Resume Interrupted Process'.\n3) Select 'Decrypt'. + Do you want to interrupt and postpone the process of encryption/decryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted or decrypted. You will be able to resume the process of encryption/decryption and it will continue from the point where it was stopped. You can do so, for example, by selecting 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' > 'Permanently Decrypt System Partition/Drive'. + Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' > 'Encrypt System Partition/Drive'. + Error: Failed to interrupt the process of encryption/decryption of the system partition/drive. + Error: Failed to interrupt the process of wiping. + Error: Failed to resume the process of encryption/decryption of the system partition/drive. + Error: Failed to start the process of wiping. + Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs) + There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' > 'Resume Interrupted Process'. + WARNING: VeraCrypt Background Task is disabled. After you exit VeraCrypt, you will not be notified if damage to hidden volume is prevented.\n\nNote: You may shut down the Background Task anytime by right-clicking the VeraCrypt tray icon and selecting 'Exit'.\n\nEnable VeraCrypt Background Task? + Language pack version: %s + Checking the file system on the VeraCrypt volume mounted as %s... + Attempting to repair the file system on the VeraCrypt volume mounted as %s... + Warning: This volume is encrypted with a legacy encryption algorithm.\n\nAll 64-bit-block encryption algorithms (e.g., Blowfish, CAST-128, or Triple DES) are deprecated. It will be possible to mount this volume using future versions of VeraCrypt. However, there will be no further enhancements to the implementations of these legacy encryption algorithms. We recommend that you create a new VeraCrypt volume encrypted with a 128-bit-block encryption algorithm (e.g., AES, Serpent, Twofish, etc.) and that you move all files from this volume to the new volume. + Your system is not configured to auto-mount new volumes. It may be impossible to mount device-hosted VeraCrypt volumes. Auto-mounting can be enabled by executing the following command and restarting the system.\n\nmountvol.exe /E + Please assign a drive letter to the partition/device before proceeding ('Control Panel' > 'System and Maintenance' > 'Administrative Tools' - 'Create and format hard disk partitions').\n\nNote that this is a requirement of the operating system. + Mount VeraCrypt volume + Dismount all VeraCrypt volumes + VeraCrypt failed to obtain Administrator privileges. + Access was denied by the operating system.\n\nPossible cause: The operating system requires that you have read/write permission (or administrator privileges) for certain folders, files, and devices, in order for you to be allowed to read and write data to/from them. Normally, a user without administrator privileges is allowed to create, read and modify files in his or her Documents folder. + Error: The drive uses an unsupported sector size.\n\nIt is currently not possible to create partition/device-hosted volumes on drives that use sectors larger than 4096 bytes. However, note that you can create file-hosted volumes (containers) on such drives. + It is currently not possible to encrypt a system installed on a disk that uses a sector size other than 512 bytes. + The VeraCrypt Boot Loader requires at least 32 KBytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). Unfortunately, your drive does not meet this condition.\n\nPlease do NOT report this as a bug/problem in VeraCrypt. To solve this problem, you will need to repartition your disk and leave the first 32 KBytes of the disk free (in most cases, you will need to delete and recreate the first partition). We recommend that you use the Microsoft partition manager that is available e.g. when you are installing Windows. + The feature is not supported on the version of the operating system you are currently using. + VeraCrypt does not support encryption of a system partition/drive on the version of the operating system you are currently using. + Before you can encrypt the system partition/drive on Windows Vista, you need to install Service Pack 1 or higher for Windows Vista (no such Service Pack has been installed on this system yet).\n\nNote: Service Pack 1 for Windows Vista resolved an issue causing a shortage of free base memory during system boot. + VeraCrypt no longer supports encryption of the system partition/drive on Windows Vista with no Service Pack installed. Before upgrading VeraCrypt, please install Service Pack 1 or higher for Windows Vista. + Error: This feature requires VeraCrypt to be installed on the system (you are running VeraCrypt in portable mode).\n\nPlease install VeraCrypt and then try again. + WARNING: Windows does not appear to be installed on the drive from which it boots. This is not supported.\n\nYou should continue only if you are sure that Windows is installed on the drive from which it boots.\n\nDo you want to continue? + Your system drive has a GUID partition table (GPT). Currently, only drives with a MBR partition table are supported. + CAUTION: The VeraCrypt Boot Loader is already installed on your system drive!\n\nIt is possible that another system on your computer is already encrypted.\n\nWARNING: PROCEEDING WITH ENCRYPTION OF THE CURRENTLY RUNNING SYSTEM MAY MAKE OTHER SYSTEM(S) IMPOSSIBLE TO START AND RELATED DATA INACCESSIBLE.\n\nAre you sure you want to continue? + Failed to restore the original system loader.\n\nPlease use your VeraCrypt Rescue Disk ('Repair Options' > 'Restore original system loader') or Windows installation medium to replace the VeraCrypt Boot Loader with the Windows system loader. + The original system loader will not be stored on the Rescue Disk (probable cause: missing backup file). + Failed to write the MBR sector.\n\nYour BIOS may be configured to protect the MBR sector. Check your BIOS settings (press F2, Delete, or Esc, after powering on your computer) for MBR/antivirus protection. + WARNING: The verification of VeraCrypt bootloader fingerprint failed!\nYour disk may have been tampered with by an attacker ("Evil Maid" attack).\n\nThis warning can also be triggered if you restored VeraCrypt boot loader using an Rescue Disk generated using a different VeraCrypt version.\n\nYou are advised to change your password immediately which will also restore the correct VeraCrypt bootloader. It is recommended to reinstall VeraCrypt and to take measures to avoid access to this machine by untrusted entities. + The required version of the VeraCrypt Boot Loader is currently not installed. This may prevent some of the settings from being saved. + Note: In some situations, you may wish to prevent a person (adversary) that is watching you start the computer from knowing that you use VeraCrypt. The above options allow you to do that by customizing the VeraCrypt boot loader screen. If you enable the first option, no texts will be displayed by the boot loader (not even when you enter the wrong password). The computer will appear to be "frozen" while you can type your password. In addition, a custom message can be displayed to mislead the adversary. For example, fake error messages such as "Missing operating system" (which is normally displayed by the Windows boot loader if it finds no Windows boot partition). It is, however, important to note that if the adversary can analyze the content of the hard drive, he can still find out that it contains the VeraCrypt boot loader. + WARNING: Please keep in mind that if you enable this option, the VeraCrypt boot loader will not display any texts (not even when you enter the wrong password). The computer will appear to be "frozen" (unresponsive) while you can type your password (the cursor will NOT move and no asterisk will be displayed when you press a key).\n\nAre you sure you want to enable this option? + Your system partition/drive appears to be fully encrypted. + VeraCrypt does not support encrypting a system drive that has been converted to a dynamic disk. + The system drive contains extended (logical) partitions.\n\nYou can encrypt an entire system drive containing extended (logical) partitions only on Windows Vista and later versions of Windows. On Windows XP, you can encrypt an entire system drive provided that it contains only primary partitions.\n\nNote: You can still encrypt the system partition instead of the entire system drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive). + WARNING: As you are running Windows XP/2003, after you start encrypting the drive, you must NOT create any extended (logical) partitions on it (you may create only primary partitions). Any extended (logical) partition on the drive would be inaccessible after you start encrypting (the drive currently does not contain any such partition).\n\nNote: If this limitation is not acceptable, you can go back and choose to encrypt only the system partition instead of the entire drive (and, in addition to that, you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive).\n\nAlternatively, if this limitation is not acceptable, you may want to consider upgrading to Windows Vista or a later version of Windows (you can encrypt an entire system drive containing extended/logical partitions only on Windows Vista or later). + Your system drive contains a non-standard partition.\n\nIf you are using a notebook, your system drive probably contains a special recovery partition. After the whole system drive is encrypted (including any recovery partition), your system might become unbootable if your computer is using an inappropriately designed BIOS. It would also be impossible to use any recovery partition until the system drive is decrypted. Therefore, we recommend that you encrypt only the system partition. + Do you want to encrypt the system partition instead of the entire drive?\n\nNote that you can create partition-hosted VeraCrypt volumes within any non-system partitions on the drive (in addition to encrypting the system partition). + As your system drive contains only a single partition that occupies the whole drive, it is preferable (more secure) to encrypt the entire drive including the free "slack" space that typically surrounds such a partition.\n\nDo you want to encrypt the entire system drive? + Your system is configured to store temporary files on a non-system partition.\n\nTemporary files may be stored only on the system partition. + Your user profile files are not stored on the system partition.\n\nUser profile files may be stored only on the system partition. + There is/are paging file(s) on non-system partitions.\n\nPaging files may be located only on the system partition. + Do you want to configure Windows to create paging files only on the Windows partition now?\n\nNote that if you click 'Yes', the computer will be restarted. Then start VeraCrypt and try creating the hidden OS again. + Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system. + WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)? + For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition? + Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed. + \nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer). + Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions). + This algorithm is currently not supported for system encryption. + This algorithm is not supported for TrueCrypt mode. + PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. + Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. + Keyfiles are currently not supported for system encryption. + Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. + Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. + As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down. + VeraCrypt prevented change of keyboard layout. + Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard. + Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below. + After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned. + The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue. + IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n + Launch Microsoft Windows Disc Image Burner + WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password. + Error: Cannot save system encryption settings. + Cannot initiate the system encryption pretest. + Cannot initiate the process of creation of the hidden operating system. + Wipe Mode + On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when VeraCrypt initially encrypts an unencrypted partition or drive). According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwriting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend to encrypt, you may want to select one of the wipe modes (existing data will NOT be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk. + On some types of storage media, when data is overwritten with other data (e.g. when the data is erased), it may be possible to recover the overwritten data using techniques such as magnetic force microscopy. According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwriting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data that is to be erased, you may want to select one of the multi-pass wipe modes.\n\nNote: The more wipe passes you use, the longer it takes to erase the data. + Wiping + \nNote: You can interrupt the process of wiping, shut down your computer, start the hidden system again and then resume the process (this wizard will be launched automatically). However, if you interrupt it, the entire process of wiping will have to start from the beginning. + \n\nNote: If you interrupt the process of wiping and then attempt to resume it, the entire process will have to start from the beginning. + Do you want to abort the process of wiping? + Warning: The entire content of the selected partition/device will be erased and lost. + The entire content of the partition where the original system resides will be erased.\n\nNote: The entire content of the partition that is to be erased has been copied to this hidden system partition. + WARNING: Note that when you choose e.g. the 3-pass wipe mode, the time necessary to encrypt the partition/drive will be up to 4 times longer. Likewise, if you choose the 35-pass wipe mode, it will be up to 36 times longer (it might even take several weeks).\n\nHowever, please note that wiping will NOT be performed after the partition/drive is fully encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk (so the performance will NOT be affected).\n\nAre you sure you want to use the wipe mode? + None (fastest) + 1-pass (random data) + 3-pass (US DoD 5220.22-M) + 7-pass (US DoD 5220.22-M) + 35-pass ("Gutmann") + 256-pass + Number of Operating Systems + WARNING: Inexperienced users should never attempt to encrypt Windows in multi-boot configurations.\n\nContinue? + When creating/using a hidden operating system, VeraCrypt supports multi-boot configurations only when the following conditions are met:\n\n- The currently running operating system must be installed on the boot drive, which must not contain any other operating systems.\n\n- Operating systems installed on other drives must not use any boot loader residing on the drive on which the currently running operating system is installed.\n\nAre the above conditions met? + VeraCrypt does not support this multi-boot configuration when creating/using a hidden operating system. + Boot Drive + Is the currently running operating system installed on the boot drive?\n\nNote: Sometimes, Windows is not installed on the same drive as the Windows boot loader (boot partition). If that is the case, select 'No'. + VeraCrypt currently does not support encrypting an operating system that does not boot from the drive on which it is installed. + Number of System Drives + How many drives contain an operating system?\n\nNote: For example, if you have any operating system (e.g. Windows, Mac OS X, Linux, etc.) installed on your primary drive and any additional operating system installed on your secondary drive, select '2 or more'. + VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt. + Multiple Systems on Single Drive + Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'. + Non-Windows Boot Loader + Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'. + Multi-Boot + VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux. + If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition. + Encryption of Host Protected Area + At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive? + Type of System Encryption + Select this option if you merely want to encrypt the system partition or the entire system drive. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below. + It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system. + Hidden Operating System + In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start. + Detecting Hidden Sectors + Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt. + Area to Encrypt + Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it. + Collecting Random Data + Keys Generated + VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk. + I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive). + I will connect a CD/DVD burner to my computer later. Terminate the process now. + A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk. + Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file). + Rescue Disk Recording + Rescue Disk Created + System Encryption Pretest + Rescue Disk Verified + \nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue. + WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK. + Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue? + Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed. + IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n + What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n + - If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n + Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + Pretest Completed + The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while VeraCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run VeraCrypt again anytime, and select 'System' > 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting. + You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, VeraCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting. + \n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted. + \n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted. + Hidden System Started + Original System + Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed. + The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed). + You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process. + Restart the computer and proceed + Permanently terminate the process of creation of the hidden operating system + Do nothing now and ask again later + \nIF POSSIBLE, PLEASE PRINT THIS TEXT (click 'Print' below).\n\n\nHow and When to Use VeraCrypt Rescue Disk (After Encrypting)\n-----------------------------------------------------------------------------------\n\n + I. How to Boot VeraCrypt Rescue Disk\n\nTo boot a VeraCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select 'Repair Options' by pressing F8 on your keyboard.\n\n\n + II. When and How to Use VeraCrypt Rescue Disk (After Encrypting)\n\n + 1) If the VeraCrypt Boot Loader screen does not appear after you start your computer (or if Windows does not boot), the VeraCrypt Boot Loader may be damaged. The VeraCrypt Rescue Disk allows you to restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore VeraCrypt Boot Loader'. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.\n\n + 2) If you repeatedly enter the correct password but VeraCrypt says that the password is incorrect, the master key or other critical data may be damaged. The VeraCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select 'Repair Options' > 'Restore key data'. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.\n\n + 3) If the VeraCrypt Boot Loader is damaged, you can avoid running it by booting directly from the VeraCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.\n\n + 4) If Windows is damaged and cannot start, the VeraCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select 'Repair Options' > 'Permanently decrypt system partition/drive'. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows installation.\n\n + Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD or you can connect your system drive as a secondary or external drive to another computer and then boot the operating system installed on the computer. After you boot a system, run VeraCrypt, click 'Select Device', select the affected system partition, click 'OK', select 'System' > 'Mount Without Pre-Boot Authentication', enter your pre-boot authentication password and click 'OK'. The partition will be mounted as a regular VeraCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).\n\n\n + Note that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password. + \n\nI M P O R T A N T -- PLEASE PRINT THIS TEXT IF POSSIBLE (click 'Print' below).\n\n\nNote: This text will be automatically displayed each time you start the hidden system until you start creating the decoy system.\n\n\n + How to Create Decoy System Safely and Securely\n----------------------------------------------------------------------------\n\nIn order to achieve plausible deniability, you need to create the decoy operating system now. To do so, follow these steps:\n\n + 1) For security reasons, shut down your computer and leave it powered off for at least several minutes (the longer, the better). This is required to clear the memory, which contains sensitive data. Then turn on the computer but do not boot the hidden system.\n\n + 2) Install Windows on the partition whose content has been erased (i.e. on the partition where the original system, of which the hidden system is a clone, was installed).\n\nIMPORTANT: WHEN YOU START INSTALLING THE DECOY SYSTEM, THE HIDDEN SYSTEM WILL *NOT* BE POSSIBLE TO BOOT (because the VeraCrypt Boot Loader will be erased by the Windows system installer). THIS IS NORMAL AND EXPECTED. PLEASE DO NOT PANIC. YOU WILL BE ABLE TO BOOT THE HIDDEN SYSTEM AGAIN AS SOON AS YOU START ENCRYPTING THE DECOY SYSTEM (because VeraCrypt will then automatically install the VeraCrypt Boot Loader on the system drive).\n\nImportant: The size of the decoy system partition must remain the same as the size of the hidden volume (this condition is now met). Moreover, you must not create any partition between the decoy system partition and the partition where the hidden system resides.\n\n + 3) Boot the decoy system (which you installed in step 2 and install VeraCrypt on it).\n\nKeep in mind that the decoy system must never contain any sensitive data.\n\n + 4) On the decoy system, run VeraCrypt and select 'System' > 'Encrypt System Partition/Drive'. The VeraCrypt Volume Creation Wizard window should appear.\n\nThe following steps apply to the VeraCrypt Volume Creation Wizard.\n\n + 5) In the VeraCrypt Volume Creation Wizard, do NOT select the 'Hidden' option. Leave the 'Normal' option selected and click 'Next'.\n\n + 6) Select the option 'Encrypt the Windows system partition' and then click 'Next'.\n\n + 7) If there are only the hidden system and the decoy system installed on the computer, select the option 'Single-boot' (if there are more than these two systems installed on the computer, select 'Multi-boot'). Then click 'Next'.\n\n + 8) IMPORTANT: In this step, FOR THE DECOY SYSTEM, YOU MUST SELECT THE SAME ENCRYPTION ALGORITHM AND HASH ALGORITHM THAT YOU SELECTED FOR THE HIDDEN SYSTEM! OTHERWISE, THE HIDDEN SYSTEM WILL BE INACCESSIBLE! In other words, the decoy system must be encrypted with the same encryption algorithm as the hidden system. Note: The reason is that the decoy system and the hidden system will share a single boot loader, which supports only a single algorithm, selected by the user (for each algorithm, there is a special version of the VeraCrypt Boot Loader).\n\n + 9) In this step, choose a password for the decoy operating system. This will be the password that you will be able to reveal to an adversary if you are asked or forced to disclose your pre-boot authentication password (the other password you can reveal is the one for the outer volume). The existence of the third password (i.e. of the pre-boot authentication password for the hidden operating system) will remain secret.\n\nImportant: The password you choose for the decoy system must be substantially different from the one you chose for the hidden volume (i.e. for the hidden operating system).\n\n + 10) Follow the remaining instructions in the wizard so as to encrypt the decoy operating system.\n\n\n\n + After Decoy System Is Created\n------------------------------------------------\n\nAfter you encrypt the decoy system, the whole process of creation of the hidden operating system will be completed and you will be able to use these three passwords:\n\n1) Pre-boot authentication password for the hidden operating system.\n\n2) Pre-boot authentication password for the decoy operating system.\n\n3) Password for the outer volume.\n\n + If you want to start the hidden operating system, you will just need to enter the password for the hidden operating system in the VeraCrypt Boot Loader screen (which appears after you turn on or restart your computer).\n\nIf you want to start the decoy operating system, you will just need to enter the password for the decoy operating system in the VeraCrypt Boot Loader screen.\n\nThe password for the decoy system can be disclosed to anyone forcing you to reveal your pre-boot authentication password. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n + The third password (for the outer volume) can be disclosed to anyone forcing you to reveal the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) reside. The existence of the hidden volume (and of the hidden operating system) will remain secret.\n\n\n + If you revealed the password for the decoy system to an adversary and he asked you why the free space of the (decoy) system partition contains random data, you could answer, for example: "The partition previously contained a system encrypted by VeraCrypt, but I forgot the pre-boot authentication password (or the system was damaged and stopped booting), so I had to reinstall Windows and encrypt the partition again."\n\n\n + If all the instructions are followed and if the precautions and requirements listed in the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.\n\nIf you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after you have created the decoy system and after you have understood all the information contained in the text (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).\n\n + WARNING: IF YOU DO NOT PROTECT THE HIDDEN VOLUME (for information on how to do so, refer to the section "Protection of Hidden Volumes Against Damage" in the VeraCrypt User's Guide), DO NOT WRITE TO THE OUTER VOLUME (note that the decoy operating system is NOT installed in the outer volume). OTHERWISE, YOU MAY OVERWRITE AND DAMAGE THE HIDDEN VOLUME (AND THE HIDDEN OPERATING SYSTEM WITHIN IT)! + Operating System Cloning + In the next steps, VeraCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning). + Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now. + Do you want to cancel the system encryption pretest? + The VeraCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the VeraCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting + The system partition/drive does not appear to be encrypted (neither partially nor fully). + Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + When the system partition/drive is encrypted (partially or fully), you cannot downgrade VeraCrypt (but you can upgrade it or reinstall the same version). + Your system partition/drive is currently being encrypted, decrypted, or otherwise modified. Please interrupt the encryption/decryption/modification process (or wait until it is complete) before proceeding. + An instance of the VeraCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding. + The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding. + Error: The process of encryption of the partition/drive has not been completed. It must be completed first. + Error: The process of encryption or decryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' > 'Resume Interrupted Process' from the menu bar of the main VeraCrypt window. + The password is correct, VeraCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' > 'Change Password' from the menu bar of the main VeraCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' > 'Set Header Key Derivation Algorithm'. + VeraCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' > 'Permanently Decrypt System Partition/Drive' from the menu bar of the main VeraCrypt window. + Error: Incorrect/invalid parameter. + You have selected a partition or a device but the wizard mode you selected is suitable only for file containers.\n\nDo you want to change the wizard mode? + Do you want to create a VeraCrypt file container instead? + You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive? + Are you sure you want to permanently decrypt the system partition/drive? + CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive? + Are you sure you want to permanently decrypt the following volume? + CAUTION: If you permanently decrypt the VeraCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume? + Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the VeraCrypt Rescue Disk to boot or to repair the VeraCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers? + If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES). + WARNING: For safety and security reasons, you should update VeraCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the VeraCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded VeraCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a VeraCrypt driver and VeraCrypt applications whose version numbers are different from the version number of the VeraCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue? + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system.\n\nYou should run the VeraCrypt installer (whose version number is the same as the one of the VeraCrypt Boot Loader) to update VeraCrypt on this operating system. + The version number of the VeraCrypt Boot Loader that booted this operating system is different from the version number of the VeraCrypt driver (and of the VeraCrypt applications) installed on this system. Note that older versions may contain bugs fixed in later versions.\n\nIf you did not boot from the VeraCrypt Rescue Disk, you should reinstall VeraCrypt or upgrade it to the latest stable version (the boot loader will be updated too).\n\nIf you booted from the VeraCrypt Rescue Disk, you should update it ('System' > 'Create Rescue Disk'). + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk' after you restart your computer. + The VeraCrypt Boot Loader has been upgraded.\n\nIt is strongly recommended that you boot the decoy operating system and then create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'. + Failed to upgrade the VeraCrypt Boot Loader. + VeraCrypt failed to detect the real size of the system drive and, therefore, the size reported by the operating system (which may be smaller than the real size) will be used. Also note that this is not a bug in VeraCrypt. + WARNING: It appears that VeraCrypt has already tried to detect hidden sectors on this system drive. If you encountered any problems during the previous detection process, you can avoid the problems by skipping the detection of hidden sectors now. Note that if you do so, VeraCrypt will use the size reported by the operating system (which may be smaller than the real size of the drive).\n\nNote that this issue is not caused by a bug in VeraCrypt. + Skip detection of hidden sectors (use the size reported by the operating system) + Try to detect hidden sectors again + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. VeraCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want VeraCrypt to write zeroes to unreadable sectors? + Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, VeraCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want VeraCrypt to discard data in the unreadable sectors now? + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks. + Note: VeraCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data. + Enter password/PIN for token '%s': + In order to allow VeraCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let VeraCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched). + Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename. + In order to allow VeraCrypt to access a security token or smart card, you need to select a PKCS #11 software library for the token/card first. To do so, select 'Settings' > 'Security Tokens'. + Failed to initialize PKCS #11 security token library.\n\nPlease make sure the specified path and filename refer to a valid PKCS #11 library. To specify a PKCS #11 library path and filename, select 'Settings' > 'Security Tokens'. + No PKCS #11 library has been found in the Windows system directory.\n\nPlease make sure that a PKCS #11 library for your security token (or for your smart card) is installed (such a library may be supplied with the token/card or it may be available for download from the website of the vendor or other third parties). If it is installed in a directory other than the Windows system directory, click 'Select Library' to locate the library (e.g. in the folder where the software for the token/card is installed). + No security token found.\n\nPlease make sure your security token is connected to your computer and the correct device driver for your token is installed. + Security token keyfile not found. + A security token keyfile with the same name already exists. + Do you want to delete the selected files? + Security token keyfile path is invalid. + Security token error + Password for security token is incorrect. + The security token does not have enough memory/space to perform the requested operation.\n\nIf you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator'). + All open security token sessions have been closed. + Select Security Token Keyfiles + Slot + Token name + File name + IMPORTANT: Please note that pre-boot authentication passwords are always typed using the standard US keyboard layout. Therefore, a volume that uses a password typed using any other keyboard layout may be impossible to mount using a pre-boot authentication password (note that this is not a bug in VeraCrypt). To allow such a volume to be mounted using a pre-boot authentication password, follow these steps:\n\n1) Click 'Select File' or 'Select Device' and select the volume.\n2) Select 'Volumes' > 'Change Volume Password'.\n3) Enter the current password for the volume.\n4) Change the keyboard layout to English (US) by clicking the Language bar icon in the Windows taskbar and selecting 'EN English (United States)'.\n5) In VeraCrypt, in the field for the new password, type the pre-boot authentication password.\n6) Confirm the new password by retyping it in the confirmation field and click 'OK'.\nWARNING: Please keep in mind that if you follow these steps, the volume password will always have to be typed using the US keyboard layout (which is automatically ensured only in the pre-boot environment). + System favorite volumes will be mounted using the pre-boot authentication password. If any system favorite volume uses a different password, it will not be mounted. + Please note that if you need to prevent normal VeraCrypt volume actions (such as 'Dismount All', auto-dismount, etc.) from affecting system favorite volumes, you should enable the option 'Allow only administrators to view and dismount system favorite volumes in VeraCrypt'. In addition, when VeraCrypt is run without administrator privileges (the default on Windows Vista and later), system favorite volumes will not be displayed in the drive letter list in the main VeraCrypt application window. + IMPORTANT: Please keep in mind that if this option is enabled and VeraCrypt does not have administrator privileges, mounted system favorite volumes are NOT displayed in the VeraCrypt application window and they cannot be dismounted. Therefore, if you need e.g. to dismount a system favorite volume, please right-click the VeraCrypt icon (in the Start menu) and select 'Run as administrator' first. The same limitation applies to the 'Dismount All' function, 'Auto-Dismount' functions, 'Dismount All' hot keys, etc. + Note that this setting takes effect only after the operating system is restarted. + Error while parsing command line. + Rescue Disk + Select &File and Mount... + Select &Device and Mount... + Allow only administrators to view and dismount system favorite volumes in VeraCrypt + Mount system favorite volumes when Windows starts (in the initial phase of the startup procedure) + Warning: The filesystem on the volume mounted as '%s' was not cleanly dismounted and thus may contain errors. Using a corrupted filesystem can cause data loss or data corruption.\n\nNote: Before you physically remove or switch off a device (such as a USB flash drive or an external hard drive) where a mounted VeraCrypt volume resides, you should always dismount the VeraCrypt volume in VeraCrypt first.\n\n\nDo you want Windows to attempt to detect and fix errors (if any) on the filesystem? + Warning: One or more system favorite volumes were not cleanly dismounted and thus may contain filesystem errors. Please see the system event log for further details.\n\nUsing a corrupted filesystem can cause data loss or data corruption. You should check the affected system favorite volume(s) for errors (right-click each of them in VeraCrypt and select 'Repair Filesystem'). + Warning: Repairing a damaged filesystem using the Microsoft 'chkdsk' tool might cause loss of files in damaged areas. Therefore, it is recommended that you first back up the files stored on the VeraCrypt volume to another, healthy, VeraCrypt volume.\n\nDo you want to repair the filesystem now? + Volume '%s' has been mounted as read-only because write access was denied.\n\nPlease make sure the security permissions of the file container allow you to write to it (right-click the container and select Properties > Security).\n\nNote that, due to a Windows issue, you may see this warning even after setting the appropriate security permissions. This is not caused by a bug in VeraCrypt. A possible solution is to move your container to, e.g., your 'Documents' folder.\n\nIf you intend to keep your volume read-only, set the read-only attribute of the container (right-click the container and select Properties > Read-only), which will suppress this warning. + Volume '%s' had to be mounted as read-only because write access was denied.\n\nPlease make sure no other application (e.g. antivirus software) is accessing the partition/device on which the volume is hosted. + Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system. + Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores. + %d threads + Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option. + Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option. + Do you want VeraCrypt to attempt to disable write protection of the partition/drive? + WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting? + Warning: VeraCrypt volume auto-dismounted + Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc. + This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series + Test + Keyfile + Backspace + Tab + Clear + Enter + Pause + Caps Lock + Spacebar + Page Up + Page Down + End + Home + Left Arrow + Up Arrow + Right Arrow + Down Arrow + Select Key + Print Key + Execute Key + Print Screen + Insert + Delete + Applications Key + Sleep + Num Lock + Scroll Lock + Browser Back + Browser Forward + Browser Refresh + Browser Stop + Browser Search + Browser Favorites + Browser Home + Mute + Volume Down + Volume Up + Next Track + Previous Track + Stop Media + Play/Pause Media + Start Mail Key + Select Media Key + Application 1 + Application 2 + Attn + CrSel + ExSel + Play + Zoom + NumPad + Shift + Control + Alt + Win + B + KB + MB + GB + TB + PB + B/s + KB/s + MB/s + GB/s + TB/s + PB/s + + Include &PIM when caching pre-boot authentication password + Include PIM when caching a password + Make disconnected network drives available for mounting + The entered password is too long: its UTF-8 representation exceeds 64 bytes. + The entered password contains Unicode characters that couldn't be converted to UTF-8 representation. + Error: Failed to load a system library. + The volume file size specified in the command line is incompatible with selected exFAT filesystem. + Randomness Collected From Mouse Movements + Volume ID: + Volume ID + Use Volume ID to mount favorite + The Volume ID value is invalid + No Volume with the specified ID was found on the system + Copy Value to Clipboard... + Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk) + WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option? + Personal Iterations Multiplier (PIM) maximum value is 2147468. + Skip Rescue Disk verification + Don't show wait message dialog when performing operations + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/Common/Makefile b/src/Common/Makefile index 53b9a3d6..5acbbd24 100644 --- a/src/Common/Makefile +++ b/src/Common/Makefile @@ -1 +1 @@ -!INCLUDE $(NTMAKEENV)\makefile.def +!INCLUDE $(NTMAKEENV)\makefile.def diff --git a/src/Common/Password.c b/src/Common/Password.c index 8a93065d..4d7c7952 100644 --- a/src/Common/Password.c +++ b/src/Common/Password.c @@ -1,491 +1,491 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" - -#include "Crypto.h" -#include "Volumes.h" -#include "Password.h" -#include "Dlgcode.h" -#include "Language.h" -#include "Pkcs5.h" -#include "Endian.h" -#include "Random.h" - -#include - -#ifndef SRC_POS -#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) -#endif - -void VerifyPasswordAndUpdate (HWND hwndDlg, HWND hButton, HWND hPassword, - HWND hVerify, unsigned char *szPassword, - char *szVerify, - BOOL keyFilesEnabled) -{ - wchar_t szTmp1[MAX_PASSWORD + 1]; - wchar_t szTmp2[MAX_PASSWORD + 1]; - char szTmp1Utf8[MAX_PASSWORD + 1]; - char szTmp2Utf8[MAX_PASSWORD + 1]; - int k = GetWindowTextLength (hPassword); - BOOL bEnable = FALSE; - int utf8Len1, utf8Len2; - - UNREFERENCED_PARAMETER (hwndDlg); /* Remove warning */ - - GetWindowText (hPassword, szTmp1, ARRAYSIZE (szTmp1)); - GetWindowText (hVerify, szTmp2, ARRAYSIZE (szTmp2)); - - utf8Len1 = WideCharToMultiByte (CP_UTF8, 0, szTmp1, -1, szTmp1Utf8, MAX_PASSWORD + 1, NULL, NULL); - utf8Len2 = WideCharToMultiByte (CP_UTF8, 0, szTmp2, -1, szTmp2Utf8, MAX_PASSWORD + 1, NULL, NULL); - - if (wcscmp (szTmp1, szTmp2) != 0) - bEnable = FALSE; - else if (utf8Len1 <= 0) - bEnable = FALSE; - else - { - if (k >= MIN_PASSWORD || keyFilesEnabled) - bEnable = TRUE; - else - bEnable = FALSE; - } - - if (szPassword != NULL) - { - if (utf8Len1 > 0) - memcpy (szPassword, szTmp1Utf8, sizeof (szTmp1Utf8)); - else - szPassword [0] = 0; - } - - if (szVerify != NULL) - { - if (utf8Len2 > 0) - memcpy (szVerify, szTmp2Utf8, sizeof (szTmp2Utf8)); - else - szVerify [0] = 0; - } - - burn (szTmp1, sizeof (szTmp1)); - burn (szTmp2, sizeof (szTmp2)); - burn (szTmp1Utf8, sizeof (szTmp1Utf8)); - burn (szTmp2Utf8, sizeof (szTmp2Utf8)); - - EnableWindow (hButton, bEnable); -} - - -BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw) -{ - int i, len; - - if (hPassword == NULL) - { - if (ptrPw) - { - unsigned char *pw; - len = ptrPw->Length; - pw = (unsigned char *) ptrPw->Text; - - for (i = 0; i < len; i++) - { - if (pw[i] >= 0x7f || pw[i] < 0x20) // A non-ASCII or non-printable character? - return FALSE; - } - } - else - return FALSE; - } - else - { - wchar_t s[MAX_PASSWORD + 1]; - len = GetWindowTextLength (hPassword); - - if (len > MAX_PASSWORD) - return FALSE; - - GetWindowTextW (hPassword, s, sizeof (s) / sizeof (wchar_t)); - - for (i = 0; i < len; i++) - { - if (s[i] >= 0x7f || s[i] < 0x20) // A non-ASCII or non-printable character? - break; - } - - burn (s, sizeof(s)); - - if (i < len) - return FALSE; - } - - return TRUE; -} - - -BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning) -{ - BOOL bCustomPimSmall = ((pim != 0) && (pim < (bForBoot? 98 : 485)))? TRUE : FALSE; - if (passwordLength < PASSWORD_LEN_WARNING) - { - if (bCustomPimSmall) - { - Error (bForBoot? "BOOT_PIM_REQUIRE_LONG_PASSWORD": "PIM_REQUIRE_LONG_PASSWORD", hwndDlg); - return FALSE; - } - -#ifndef _DEBUG - if (!bSkipPasswordWarning && (MessageBoxW (hwndDlg, GetString ("PASSWORD_LENGTH_WARNING"), lpszTitle, MB_YESNO|MB_ICONWARNING|MB_DEFBUTTON2) != IDYES)) - return FALSE; -#endif - } -#ifndef _DEBUG - else if (bCustomPimSmall) - { - if (!bSkipPimWarning && AskWarnNoYes ("PIM_SMALL_WARNING", hwndDlg) != IDYES) - return FALSE; - } -#endif - - if ((pim != 0) && (pim > (bForBoot? 98 : 485))) - { - // warn that mount/boot will take more time - Warning ("PIM_LARGE_WARNING", hwndDlg); - - } - return TRUE; -} - -int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg) -{ - int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR; - wchar_t szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH]; - wchar_t szDosDevice[TC_MAX_PATH]; - char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; - PCRYPTO_INFO cryptoInfo = NULL, ci = NULL; - void *dev = INVALID_HANDLE_VALUE; - DWORD dwError; - DWORD bytesRead; - BOOL bDevice; - unsigned __int64 hostSize = 0; - int volumeType; - int wipePass; - FILETIME ftCreationTime; - FILETIME ftLastWriteTime; - FILETIME ftLastAccessTime; - BOOL bTimeStampValid = FALSE; - LARGE_INTEGER headerOffset; - BOOL backupHeader; - DISK_GEOMETRY driveInfo; - - if (oldPassword->Length == 0 || newPassword->Length == 0) return -1; - - if ((wipePassCount <= 0) || (truecryptMode && (old_pkcs5 == SHA256))) - { - nStatus = ERR_PARAMETER_INCORRECT; - handleError (hwndDlg, nStatus, SRC_POS); - return nStatus; - } - - if (!lpszVolume) - { - nStatus = ERR_OUTOFMEMORY; - handleError (hwndDlg, nStatus, SRC_POS); - return nStatus; - } - - WaitCursor (); - - CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), lpszVolume, &bDevice); - - if (bDevice == FALSE) - { - wcscpy (szCFDevice, szDiskFile); - } - else - { - nDosLinkCreated = FakeDosNameForDevice (szDiskFile, szDosDevice, sizeof(szDosDevice), szCFDevice, sizeof(szCFDevice),FALSE); - - if (nDosLinkCreated != 0) - goto error; - } - - dev = CreateFile (szCFDevice, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (dev == INVALID_HANDLE_VALUE) - goto error; - - if (bDevice) - { - /* This is necessary to determine the hidden volume header offset */ - - if (dev == INVALID_HANDLE_VALUE) - { - goto error; - } - else - { - PARTITION_INFORMATION diskInfo; - DWORD dwResult; - BOOL bResult; - - bResult = DeviceIoControl (dev, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, - &driveInfo, sizeof (driveInfo), &dwResult, NULL); - - if (!bResult) - goto error; - - bResult = GetPartitionInfo (lpszVolume, &diskInfo); - - if (bResult) - { - hostSize = diskInfo.PartitionLength.QuadPart; - } - else - { - hostSize = driveInfo.Cylinders.QuadPart * driveInfo.BytesPerSector * - driveInfo.SectorsPerTrack * driveInfo.TracksPerCylinder; - } - - if (hostSize == 0) - { - nStatus = ERR_VOL_SIZE_WRONG; - goto error; - } - } - } - else - { - LARGE_INTEGER fileSize; - if (!GetFileSizeEx (dev, &fileSize)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - hostSize = fileSize.QuadPart; - } - - if (Randinit ()) - { - if (CryptoAPILastError == ERROR_SUCCESS) - nStatus = ERR_RAND_INIT_FAILED; - else - nStatus = ERR_CAPI_INIT_FAILED; - goto error; - } - - SetRandomPoolEnrichedByUserStatus (FALSE); /* force the display of the random enriching dialog */ - - if (!bDevice && bPreserveTimestamp) - { - if (GetFileTime ((HANDLE) dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime) == 0) - bTimeStampValid = FALSE; - else - bTimeStampValid = TRUE; - } - - for (volumeType = TC_VOLUME_TYPE_NORMAL; volumeType < TC_VOLUME_TYPE_COUNT; volumeType++) - { - // Seek the volume header - switch (volumeType) - { - case TC_VOLUME_TYPE_NORMAL: - headerOffset.QuadPart = TC_VOLUME_HEADER_OFFSET; - break; - - case TC_VOLUME_TYPE_HIDDEN: - if (TC_HIDDEN_VOLUME_HEADER_OFFSET + TC_VOLUME_HEADER_SIZE > hostSize) - continue; - - headerOffset.QuadPart = TC_HIDDEN_VOLUME_HEADER_OFFSET; - break; - - } - - if (!SetFilePointerEx ((HANDLE) dev, headerOffset, NULL, FILE_BEGIN)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - /* Read in volume header */ - if (!ReadEffectiveVolumeHeader (bDevice, dev, buffer, &bytesRead)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - if (bytesRead != sizeof (buffer)) - { - // Windows may report EOF when reading sectors from the last cluster of a device formatted as NTFS - memset (buffer, 0, sizeof (buffer)); - } - - /* Try to decrypt the header */ - - nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, old_pkcs5, old_pim, truecryptMode, &cryptoInfo, NULL); - if (nStatus == ERR_CIPHER_INIT_WEAK_KEY) - nStatus = 0; // We can ignore this error here - - if (nStatus == ERR_PASSWORD_WRONG) - { - continue; // Try next volume type - } - else if (nStatus != 0) - { - cryptoInfo = NULL; - goto error; - } - else - break; - } - - if (nStatus != 0) - { - cryptoInfo = NULL; - goto error; - } - - if (cryptoInfo->HeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM) - { - nStatus = ERR_SYS_HIDVOL_HEAD_REENC_MODE_WRONG; - goto error; - } - - // Change the PKCS-5 PRF if requested by user - if (pkcs5 != 0) - cryptoInfo->pkcs5 = pkcs5; - - RandSetHashFunction (cryptoInfo->pkcs5); - - NormalCursor(); - UserEnrichRandomPool (hwndDlg); - EnableElevatedCursorChange (hwndDlg); - WaitCursor(); - - /* Re-encrypt the volume header */ - backupHeader = FALSE; - - while (TRUE) - { - /* The header will be re-encrypted wipePassCount times to prevent adversaries from using - techniques such as magnetic force microscopy or magnetic force scanning tunnelling microscopy - to recover the overwritten header. According to Peter Gutmann, data should be overwritten 22 - times (ideally, 35 times) using non-random patterns and pseudorandom data. However, as users might - impatiently interupt the process (etc.) we will not use the Gutmann's patterns but will write the - valid re-encrypted header, i.e. pseudorandom data, and there will be many more passes than Guttman - recommends. During each pass we will write a valid working header. Each pass will use the same master - key, and also the same header key, secondary key (XTS), etc., derived from the new password. The only - item that will be different for each pass will be the salt. This is sufficient to cause each "version" - of the header to differ substantially and in a random manner from the versions written during the - other passes. */ - - for (wipePass = 0; wipePass < wipePassCount; wipePass++) - { - // Prepare new volume header - nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, - buffer, - cryptoInfo->ea, - cryptoInfo->mode, - newPassword, - cryptoInfo->pkcs5, - pim, - cryptoInfo->master_keydata, - &ci, - cryptoInfo->VolumeSize.Value, - (volumeType == TC_VOLUME_TYPE_HIDDEN) ? cryptoInfo->hiddenVolumeSize : 0, - cryptoInfo->EncryptedAreaStart.Value, - cryptoInfo->EncryptedAreaLength.Value, - truecryptMode? 0 : cryptoInfo->RequiredProgramVersion, - cryptoInfo->HeaderFlags, - cryptoInfo->SectorSize, - wipePass < wipePassCount - 1); - - if (ci != NULL) - crypto_close (ci); - - if (nStatus != 0) - goto error; - - if (!SetFilePointerEx ((HANDLE) dev, headerOffset, NULL, FILE_BEGIN)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - if (!WriteEffectiveVolumeHeader (bDevice, dev, buffer)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - if (bDevice - && !cryptoInfo->LegacyVolume - && !cryptoInfo->hiddenVolume - && cryptoInfo->HeaderVersion == 4 - && (cryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) != 0 - && (cryptoInfo->HeaderFlags & ~TC_HEADER_FLAG_NONSYS_INPLACE_ENC) == 0) - { - nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, cryptoInfo->VolumeSize.Value, !backupHeader, backupHeader); - if (nStatus != ERR_SUCCESS) - goto error; - } - - FlushFileBuffers (dev); - } - - if (backupHeader || cryptoInfo->LegacyVolume) - break; - - backupHeader = TRUE; - headerOffset.QuadPart += hostSize - TC_VOLUME_HEADER_GROUP_SIZE; - } - - /* Password successfully changed */ - nStatus = 0; - -error: - dwError = GetLastError (); - - burn (buffer, sizeof (buffer)); - - if (cryptoInfo != NULL) - crypto_close (cryptoInfo); - - if (bTimeStampValid) - SetFileTime (dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime); - - if (dev != INVALID_HANDLE_VALUE) - CloseHandle ((HANDLE) dev); - - if (nDosLinkCreated == 0) - RemoveFakeDosName (szDiskFile, szDosDevice); - - RandStop (FALSE); - NormalCursor (); - - SetLastError (dwError); - - if (nStatus == ERR_OS_ERROR && dwError == ERROR_ACCESS_DENIED - && bDevice - && !UacElevated - && IsUacSupported ()) - return nStatus; - - if (nStatus != 0) - handleError (hwndDlg, nStatus, SRC_POS); - - return nStatus; -} - +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" + +#include "Crypto.h" +#include "Volumes.h" +#include "Password.h" +#include "Dlgcode.h" +#include "Language.h" +#include "Pkcs5.h" +#include "Endian.h" +#include "Random.h" + +#include + +#ifndef SRC_POS +#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) +#endif + +void VerifyPasswordAndUpdate (HWND hwndDlg, HWND hButton, HWND hPassword, + HWND hVerify, unsigned char *szPassword, + char *szVerify, + BOOL keyFilesEnabled) +{ + wchar_t szTmp1[MAX_PASSWORD + 1]; + wchar_t szTmp2[MAX_PASSWORD + 1]; + char szTmp1Utf8[MAX_PASSWORD + 1]; + char szTmp2Utf8[MAX_PASSWORD + 1]; + int k = GetWindowTextLength (hPassword); + BOOL bEnable = FALSE; + int utf8Len1, utf8Len2; + + UNREFERENCED_PARAMETER (hwndDlg); /* Remove warning */ + + GetWindowText (hPassword, szTmp1, ARRAYSIZE (szTmp1)); + GetWindowText (hVerify, szTmp2, ARRAYSIZE (szTmp2)); + + utf8Len1 = WideCharToMultiByte (CP_UTF8, 0, szTmp1, -1, szTmp1Utf8, MAX_PASSWORD + 1, NULL, NULL); + utf8Len2 = WideCharToMultiByte (CP_UTF8, 0, szTmp2, -1, szTmp2Utf8, MAX_PASSWORD + 1, NULL, NULL); + + if (wcscmp (szTmp1, szTmp2) != 0) + bEnable = FALSE; + else if (utf8Len1 <= 0) + bEnable = FALSE; + else + { + if (k >= MIN_PASSWORD || keyFilesEnabled) + bEnable = TRUE; + else + bEnable = FALSE; + } + + if (szPassword != NULL) + { + if (utf8Len1 > 0) + memcpy (szPassword, szTmp1Utf8, sizeof (szTmp1Utf8)); + else + szPassword [0] = 0; + } + + if (szVerify != NULL) + { + if (utf8Len2 > 0) + memcpy (szVerify, szTmp2Utf8, sizeof (szTmp2Utf8)); + else + szVerify [0] = 0; + } + + burn (szTmp1, sizeof (szTmp1)); + burn (szTmp2, sizeof (szTmp2)); + burn (szTmp1Utf8, sizeof (szTmp1Utf8)); + burn (szTmp2Utf8, sizeof (szTmp2Utf8)); + + EnableWindow (hButton, bEnable); +} + + +BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw) +{ + int i, len; + + if (hPassword == NULL) + { + if (ptrPw) + { + unsigned char *pw; + len = ptrPw->Length; + pw = (unsigned char *) ptrPw->Text; + + for (i = 0; i < len; i++) + { + if (pw[i] >= 0x7f || pw[i] < 0x20) // A non-ASCII or non-printable character? + return FALSE; + } + } + else + return FALSE; + } + else + { + wchar_t s[MAX_PASSWORD + 1]; + len = GetWindowTextLength (hPassword); + + if (len > MAX_PASSWORD) + return FALSE; + + GetWindowTextW (hPassword, s, sizeof (s) / sizeof (wchar_t)); + + for (i = 0; i < len; i++) + { + if (s[i] >= 0x7f || s[i] < 0x20) // A non-ASCII or non-printable character? + break; + } + + burn (s, sizeof(s)); + + if (i < len) + return FALSE; + } + + return TRUE; +} + + +BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning) +{ + BOOL bCustomPimSmall = ((pim != 0) && (pim < (bForBoot? 98 : 485)))? TRUE : FALSE; + if (passwordLength < PASSWORD_LEN_WARNING) + { + if (bCustomPimSmall) + { + Error (bForBoot? "BOOT_PIM_REQUIRE_LONG_PASSWORD": "PIM_REQUIRE_LONG_PASSWORD", hwndDlg); + return FALSE; + } + +#ifndef _DEBUG + if (!bSkipPasswordWarning && (MessageBoxW (hwndDlg, GetString ("PASSWORD_LENGTH_WARNING"), lpszTitle, MB_YESNO|MB_ICONWARNING|MB_DEFBUTTON2) != IDYES)) + return FALSE; +#endif + } +#ifndef _DEBUG + else if (bCustomPimSmall) + { + if (!bSkipPimWarning && AskWarnNoYes ("PIM_SMALL_WARNING", hwndDlg) != IDYES) + return FALSE; + } +#endif + + if ((pim != 0) && (pim > (bForBoot? 98 : 485))) + { + // warn that mount/boot will take more time + Warning ("PIM_LARGE_WARNING", hwndDlg); + + } + return TRUE; +} + +int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg) +{ + int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR; + wchar_t szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH]; + wchar_t szDosDevice[TC_MAX_PATH]; + char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; + PCRYPTO_INFO cryptoInfo = NULL, ci = NULL; + void *dev = INVALID_HANDLE_VALUE; + DWORD dwError; + DWORD bytesRead; + BOOL bDevice; + unsigned __int64 hostSize = 0; + int volumeType; + int wipePass; + FILETIME ftCreationTime; + FILETIME ftLastWriteTime; + FILETIME ftLastAccessTime; + BOOL bTimeStampValid = FALSE; + LARGE_INTEGER headerOffset; + BOOL backupHeader; + DISK_GEOMETRY driveInfo; + + if (oldPassword->Length == 0 || newPassword->Length == 0) return -1; + + if ((wipePassCount <= 0) || (truecryptMode && (old_pkcs5 == SHA256))) + { + nStatus = ERR_PARAMETER_INCORRECT; + handleError (hwndDlg, nStatus, SRC_POS); + return nStatus; + } + + if (!lpszVolume) + { + nStatus = ERR_OUTOFMEMORY; + handleError (hwndDlg, nStatus, SRC_POS); + return nStatus; + } + + WaitCursor (); + + CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), lpszVolume, &bDevice); + + if (bDevice == FALSE) + { + wcscpy (szCFDevice, szDiskFile); + } + else + { + nDosLinkCreated = FakeDosNameForDevice (szDiskFile, szDosDevice, sizeof(szDosDevice), szCFDevice, sizeof(szCFDevice),FALSE); + + if (nDosLinkCreated != 0) + goto error; + } + + dev = CreateFile (szCFDevice, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (dev == INVALID_HANDLE_VALUE) + goto error; + + if (bDevice) + { + /* This is necessary to determine the hidden volume header offset */ + + if (dev == INVALID_HANDLE_VALUE) + { + goto error; + } + else + { + PARTITION_INFORMATION diskInfo; + DWORD dwResult; + BOOL bResult; + + bResult = DeviceIoControl (dev, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, + &driveInfo, sizeof (driveInfo), &dwResult, NULL); + + if (!bResult) + goto error; + + bResult = GetPartitionInfo (lpszVolume, &diskInfo); + + if (bResult) + { + hostSize = diskInfo.PartitionLength.QuadPart; + } + else + { + hostSize = driveInfo.Cylinders.QuadPart * driveInfo.BytesPerSector * + driveInfo.SectorsPerTrack * driveInfo.TracksPerCylinder; + } + + if (hostSize == 0) + { + nStatus = ERR_VOL_SIZE_WRONG; + goto error; + } + } + } + else + { + LARGE_INTEGER fileSize; + if (!GetFileSizeEx (dev, &fileSize)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + hostSize = fileSize.QuadPart; + } + + if (Randinit ()) + { + if (CryptoAPILastError == ERROR_SUCCESS) + nStatus = ERR_RAND_INIT_FAILED; + else + nStatus = ERR_CAPI_INIT_FAILED; + goto error; + } + + SetRandomPoolEnrichedByUserStatus (FALSE); /* force the display of the random enriching dialog */ + + if (!bDevice && bPreserveTimestamp) + { + if (GetFileTime ((HANDLE) dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime) == 0) + bTimeStampValid = FALSE; + else + bTimeStampValid = TRUE; + } + + for (volumeType = TC_VOLUME_TYPE_NORMAL; volumeType < TC_VOLUME_TYPE_COUNT; volumeType++) + { + // Seek the volume header + switch (volumeType) + { + case TC_VOLUME_TYPE_NORMAL: + headerOffset.QuadPart = TC_VOLUME_HEADER_OFFSET; + break; + + case TC_VOLUME_TYPE_HIDDEN: + if (TC_HIDDEN_VOLUME_HEADER_OFFSET + TC_VOLUME_HEADER_SIZE > hostSize) + continue; + + headerOffset.QuadPart = TC_HIDDEN_VOLUME_HEADER_OFFSET; + break; + + } + + if (!SetFilePointerEx ((HANDLE) dev, headerOffset, NULL, FILE_BEGIN)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + /* Read in volume header */ + if (!ReadEffectiveVolumeHeader (bDevice, dev, buffer, &bytesRead)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + if (bytesRead != sizeof (buffer)) + { + // Windows may report EOF when reading sectors from the last cluster of a device formatted as NTFS + memset (buffer, 0, sizeof (buffer)); + } + + /* Try to decrypt the header */ + + nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, old_pkcs5, old_pim, truecryptMode, &cryptoInfo, NULL); + if (nStatus == ERR_CIPHER_INIT_WEAK_KEY) + nStatus = 0; // We can ignore this error here + + if (nStatus == ERR_PASSWORD_WRONG) + { + continue; // Try next volume type + } + else if (nStatus != 0) + { + cryptoInfo = NULL; + goto error; + } + else + break; + } + + if (nStatus != 0) + { + cryptoInfo = NULL; + goto error; + } + + if (cryptoInfo->HeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM) + { + nStatus = ERR_SYS_HIDVOL_HEAD_REENC_MODE_WRONG; + goto error; + } + + // Change the PKCS-5 PRF if requested by user + if (pkcs5 != 0) + cryptoInfo->pkcs5 = pkcs5; + + RandSetHashFunction (cryptoInfo->pkcs5); + + NormalCursor(); + UserEnrichRandomPool (hwndDlg); + EnableElevatedCursorChange (hwndDlg); + WaitCursor(); + + /* Re-encrypt the volume header */ + backupHeader = FALSE; + + while (TRUE) + { + /* The header will be re-encrypted wipePassCount times to prevent adversaries from using + techniques such as magnetic force microscopy or magnetic force scanning tunnelling microscopy + to recover the overwritten header. According to Peter Gutmann, data should be overwritten 22 + times (ideally, 35 times) using non-random patterns and pseudorandom data. However, as users might + impatiently interupt the process (etc.) we will not use the Gutmann's patterns but will write the + valid re-encrypted header, i.e. pseudorandom data, and there will be many more passes than Guttman + recommends. During each pass we will write a valid working header. Each pass will use the same master + key, and also the same header key, secondary key (XTS), etc., derived from the new password. The only + item that will be different for each pass will be the salt. This is sufficient to cause each "version" + of the header to differ substantially and in a random manner from the versions written during the + other passes. */ + + for (wipePass = 0; wipePass < wipePassCount; wipePass++) + { + // Prepare new volume header + nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, + buffer, + cryptoInfo->ea, + cryptoInfo->mode, + newPassword, + cryptoInfo->pkcs5, + pim, + cryptoInfo->master_keydata, + &ci, + cryptoInfo->VolumeSize.Value, + (volumeType == TC_VOLUME_TYPE_HIDDEN) ? cryptoInfo->hiddenVolumeSize : 0, + cryptoInfo->EncryptedAreaStart.Value, + cryptoInfo->EncryptedAreaLength.Value, + truecryptMode? 0 : cryptoInfo->RequiredProgramVersion, + cryptoInfo->HeaderFlags, + cryptoInfo->SectorSize, + wipePass < wipePassCount - 1); + + if (ci != NULL) + crypto_close (ci); + + if (nStatus != 0) + goto error; + + if (!SetFilePointerEx ((HANDLE) dev, headerOffset, NULL, FILE_BEGIN)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + if (!WriteEffectiveVolumeHeader (bDevice, dev, buffer)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + if (bDevice + && !cryptoInfo->LegacyVolume + && !cryptoInfo->hiddenVolume + && cryptoInfo->HeaderVersion == 4 + && (cryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) != 0 + && (cryptoInfo->HeaderFlags & ~TC_HEADER_FLAG_NONSYS_INPLACE_ENC) == 0) + { + nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, cryptoInfo->VolumeSize.Value, !backupHeader, backupHeader); + if (nStatus != ERR_SUCCESS) + goto error; + } + + FlushFileBuffers (dev); + } + + if (backupHeader || cryptoInfo->LegacyVolume) + break; + + backupHeader = TRUE; + headerOffset.QuadPart += hostSize - TC_VOLUME_HEADER_GROUP_SIZE; + } + + /* Password successfully changed */ + nStatus = 0; + +error: + dwError = GetLastError (); + + burn (buffer, sizeof (buffer)); + + if (cryptoInfo != NULL) + crypto_close (cryptoInfo); + + if (bTimeStampValid) + SetFileTime (dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime); + + if (dev != INVALID_HANDLE_VALUE) + CloseHandle ((HANDLE) dev); + + if (nDosLinkCreated == 0) + RemoveFakeDosName (szDiskFile, szDosDevice); + + RandStop (FALSE); + NormalCursor (); + + SetLastError (dwError); + + if (nStatus == ERR_OS_ERROR && dwError == ERROR_ACCESS_DENIED + && bDevice + && !UacElevated + && IsUacSupported ()) + return nStatus; + + if (nStatus != 0) + handleError (hwndDlg, nStatus, SRC_POS); + + return nStatus; +} + diff --git a/src/Common/Password.h b/src/Common/Password.h index e2058cdb..8cc0b7ea 100644 --- a/src/Common/Password.h +++ b/src/Common/Password.h @@ -1,52 +1,52 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifndef PASSWORD_H -#define PASSWORD_H - -// User text input limits -#define MIN_PASSWORD 1 // Minimum possible password length -#define MAX_PASSWORD 64 // Maximum possible password length -#define MAX_PIM 7 // Maximum allowed digits in a PIM (enough for maximum value) -#define MAX_PIM_VALUE 2147468 // Maximum value to have a positive 32-bit result for formula 15000 + (PIM x 1000) -#define MAX_BOOT_PIM 5 // Maximum allowed digits in a PIM for boot (enough for 16-bit value) -#define MAX_BOOT_PIM_VALUE 65535 - -#define PASSWORD_LEN_WARNING 20 // Display a warning when a password is shorter than this - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct -{ - // Modifying this structure can introduce incompatibility with previous versions - unsigned __int32 Length; - unsigned char Text[MAX_PASSWORD + 1]; - char Pad[3]; // keep 64-bit alignment -} Password; - -#if defined(_WIN32) && !defined(TC_WINDOWS_DRIVER) - -void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled ); -BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning); -BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw); -int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg); - -#endif // defined(_WIN32) && !defined(TC_WINDOWS_DRIVER) - -#ifdef __cplusplus -} -#endif - -#endif // PASSWORD_H +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifndef PASSWORD_H +#define PASSWORD_H + +// User text input limits +#define MIN_PASSWORD 1 // Minimum possible password length +#define MAX_PASSWORD 64 // Maximum possible password length +#define MAX_PIM 7 // Maximum allowed digits in a PIM (enough for maximum value) +#define MAX_PIM_VALUE 2147468 // Maximum value to have a positive 32-bit result for formula 15000 + (PIM x 1000) +#define MAX_BOOT_PIM 5 // Maximum allowed digits in a PIM for boot (enough for 16-bit value) +#define MAX_BOOT_PIM_VALUE 65535 + +#define PASSWORD_LEN_WARNING 20 // Display a warning when a password is shorter than this + +#ifdef __cplusplus +extern "C" { +#endif + +typedef struct +{ + // Modifying this structure can introduce incompatibility with previous versions + unsigned __int32 Length; + unsigned char Text[MAX_PASSWORD + 1]; + char Pad[3]; // keep 64-bit alignment +} Password; + +#if defined(_WIN32) && !defined(TC_WINDOWS_DRIVER) + +void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled ); +BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning); +BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw); +int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg); + +#endif // defined(_WIN32) && !defined(TC_WINDOWS_DRIVER) + +#ifdef __cplusplus +} +#endif + +#endif // PASSWORD_H diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c index 1dadb1e9..a71be573 100644 --- a/src/Common/Pkcs5.c +++ b/src/Common/Pkcs5.c @@ -1,960 +1,960 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" - -#include -#include -#include "Rmd160.h" -#ifndef TC_WINDOWS_BOOT -#include "Sha2.h" -#include "Whirlpool.h" -#include "misc.h" -#else -#pragma optimize ("t", on) -#include -#if defined( _MSC_VER ) -# ifndef DEBUG -# pragma intrinsic( memcpy ) -# pragma intrinsic( memset ) -# endif -#endif -#include "Sha2Small.h" -#endif -#include "Pkcs5.h" -#include "Crypto.h" - -void hmac_truncate - ( - char *d1, /* data to be truncated */ - char *d2, /* truncated data */ - int len /* length in bytes to keep */ -) -{ - int i; - for (i = 0; i < len; i++) - d2[i] = d1[i]; -} - -#if !defined(TC_WINDOWS_BOOT) || defined(TC_WINDOWS_BOOT_SHA2) - -typedef struct hmac_sha256_ctx_struct -{ - sha256_ctx ctx; - sha256_ctx inner_digest_ctx; /*pre-computed inner digest context */ - sha256_ctx outer_digest_ctx; /*pre-computed outer digest context */ - char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the SHA256 hash */ - char u[SHA256_DIGESTSIZE]; -} hmac_sha256_ctx; - -void hmac_sha256_internal -( - char *k, /* secret key. It's ensured to be always <= 32 bytes */ - int lk, /* length of the key in bytes */ - char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */ - int ld, /* length of input data in bytes */ - hmac_sha256_ctx* hmac /* HMAC-SHA256 context which holds temporary variables */ -) -{ - sha256_ctx* ctx = &(hmac->ctx); - - /**** Restore Precomputed Inner Digest Context ****/ - - memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (sha256_ctx)); - - sha256_hash ((unsigned char *) d, ld, ctx); - - sha256_end ((unsigned char *) d, ctx); /* d = inner digest */ - - /**** Restore Precomputed Outer Digest Context ****/ - - memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (sha256_ctx)); - - sha256_hash ((unsigned char *) d, SHA256_DIGESTSIZE, ctx); - - sha256_end ((unsigned char *) d, ctx); /* d = outer digest */ -} - -#ifndef TC_WINDOWS_BOOT -void hmac_sha256 -( - char *k, /* secret key */ - int lk, /* length of the key in bytes */ - char *d, /* data */ - int ld /* length of data in bytes */ -) -{ - hmac_sha256_ctx hmac; - sha256_ctx* ctx; - char* buf = hmac.k; - int b; - char key[SHA256_DIGESTSIZE]; - /* If the key is longer than the hash algorithm block size, - let key = sha256(key), as per HMAC specifications. */ - if (lk > SHA256_BLOCKSIZE) - { - sha256_ctx tctx; - - sha256_begin (&tctx); - sha256_hash ((unsigned char *) k, lk, &tctx); - sha256_end ((unsigned char *) key, &tctx); - - k = key; - lk = SHA256_DIGESTSIZE; - - burn (&tctx, sizeof(tctx)); // Prevent leaks - } - - /**** Precompute HMAC Inner Digest ****/ - - ctx = &(hmac.inner_digest_ctx); - sha256_begin (ctx); - - /* Pad the key for inner digest */ - for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x36); - memset (&buf[lk], 0x36, SHA256_BLOCKSIZE - lk); - - sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx); - - /**** Precompute HMAC Outer Digest ****/ - - ctx = &(hmac.outer_digest_ctx); - sha256_begin (ctx); - - for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x5C); - memset (&buf[lk], 0x5C, SHA256_BLOCKSIZE - lk); - - sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx); - - hmac_sha256_internal(k, lk, d, ld, &hmac); - /* Prevent leaks */ - burn(&hmac, sizeof(hmac)); - burn(key, sizeof(key)); -} -#endif - -static void derive_u_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, int b, hmac_sha256_ctx* hmac) -{ - char* k = hmac->k; - char* u = hmac->u; - uint32 c; - int i; - -#ifdef TC_WINDOWS_BOOT - /* In bootloader mode, least significant bit of iterations is a boolean (TRUE for boot derivation mode, FALSE otherwise) - * and the most significant 16 bits hold the pim value - * This enables us to save code space needed for implementing other features. - */ - c = iterations >> 16; - i = ((int) iterations) & 0x01; - if (i) - c = (c == 0)? 200000 : c << 11; - else - c = (c == 0)? 500000 : 15000 + c * 1000; -#else - c = iterations; -#endif - - /* iteration 1 */ - memcpy (k, salt, salt_len); /* salt */ - - /* big-endian block number */ - memset (&k[salt_len], 0, 3); - k[salt_len + 3] = (char) b; - - hmac_sha256_internal (pwd, pwd_len, k, salt_len + 4, hmac); - memcpy (u, k, SHA256_DIGESTSIZE); - - /* remaining iterations */ - while (c > 1) - { - hmac_sha256_internal (pwd, pwd_len, k, SHA256_DIGESTSIZE, hmac); - for (i = 0; i < SHA256_DIGESTSIZE; i++) - { - u[i] ^= k[i]; - } - c--; - } -} - - -void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) -{ - hmac_sha256_ctx hmac; - sha256_ctx* ctx; - char* buf = hmac.k; - int b, l, r; -#ifndef TC_WINDOWS_BOOT - char key[SHA256_DIGESTSIZE]; - /* If the password is longer than the hash algorithm block size, - let pwd = sha256(pwd), as per HMAC specifications. */ - if (pwd_len > SHA256_BLOCKSIZE) - { - sha256_ctx tctx; - - sha256_begin (&tctx); - sha256_hash ((unsigned char *) pwd, pwd_len, &tctx); - sha256_end ((unsigned char *) key, &tctx); - - pwd = key; - pwd_len = SHA256_DIGESTSIZE; - - burn (&tctx, sizeof(tctx)); // Prevent leaks - } -#endif - - if (dklen % SHA256_DIGESTSIZE) - { - l = 1 + dklen / SHA256_DIGESTSIZE; - } - else - { - l = dklen / SHA256_DIGESTSIZE; - } - - r = dklen - (l - 1) * SHA256_DIGESTSIZE; - - /**** Precompute HMAC Inner Digest ****/ - - ctx = &(hmac.inner_digest_ctx); - sha256_begin (ctx); - - /* Pad the key for inner digest */ - for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x36); - memset (&buf[pwd_len], 0x36, SHA256_BLOCKSIZE - pwd_len); - - sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx); - - /**** Precompute HMAC Outer Digest ****/ - - ctx = &(hmac.outer_digest_ctx); - sha256_begin (ctx); - - for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x5C); - memset (&buf[pwd_len], 0x5C, SHA256_BLOCKSIZE - pwd_len); - - sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx); - - /* first l - 1 blocks */ - for (b = 1; b < l; b++) - { - derive_u_sha256 (pwd, pwd_len, salt, salt_len, iterations, b, &hmac); - memcpy (dk, hmac.u, SHA256_DIGESTSIZE); - dk += SHA256_DIGESTSIZE; - } - - /* last block */ - derive_u_sha256 (pwd, pwd_len, salt, salt_len, iterations, b, &hmac); - memcpy (dk, hmac.u, r); - - - /* Prevent possible leaks. */ - burn (&hmac, sizeof(hmac)); -#ifndef TC_WINDOWS_BOOT - burn (key, sizeof(key)); -#endif -} - -#endif - -#ifndef TC_WINDOWS_BOOT - -typedef struct hmac_sha512_ctx_struct -{ - sha512_ctx ctx; - sha512_ctx inner_digest_ctx; /*pre-computed inner digest context */ - sha512_ctx outer_digest_ctx; /*pre-computed outer digest context */ - char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the SHA512 hash */ - char u[SHA512_DIGESTSIZE]; -} hmac_sha512_ctx; - -void hmac_sha512_internal -( - char *k, /* secret key */ - int lk, /* length of the key in bytes */ - char *d, /* data and also output buffer of at least 64 bytes */ - int ld, /* length of data in bytes */ - hmac_sha512_ctx* hmac -) -{ - sha512_ctx* ctx = &(hmac->ctx); - - /**** Restore Precomputed Inner Digest Context ****/ - - memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (sha512_ctx)); - - sha512_hash ((unsigned char *) d, ld, ctx); - - sha512_end ((unsigned char *) d, ctx); - - /**** Restore Precomputed Outer Digest Context ****/ - - memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (sha512_ctx)); - - sha512_hash ((unsigned char *) d, SHA512_DIGESTSIZE, ctx); - - sha512_end ((unsigned char *) d, ctx); -} - -void hmac_sha512 -( - char *k, /* secret key */ - int lk, /* length of the key in bytes */ - char *d, /* data and also output buffer of at least 64 bytes */ - int ld /* length of data in bytes */ -) -{ - hmac_sha512_ctx hmac; - sha512_ctx* ctx; - char* buf = hmac.k; /* there is enough space to hold SHA512_BLOCKSIZE (128) bytes - * because k is followed by u in hmac_sha512_ctx - */ - int b; - char key[SHA512_DIGESTSIZE]; - - /* If the key is longer than the hash algorithm block size, - let key = sha512(key), as per HMAC specifications. */ - if (lk > SHA512_BLOCKSIZE) - { - sha512_ctx tctx; - - sha512_begin (&tctx); - sha512_hash ((unsigned char *) k, lk, &tctx); - sha512_end ((unsigned char *) key, &tctx); - - k = key; - lk = SHA512_DIGESTSIZE; - - burn (&tctx, sizeof(tctx)); // Prevent leaks - } - - /**** Precompute HMAC Inner Digest ****/ - - ctx = &(hmac.inner_digest_ctx); - sha512_begin (ctx); - - /* Pad the key for inner digest */ - for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x36); - memset (&buf[lk], 0x36, SHA512_BLOCKSIZE - lk); - - sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx); - - /**** Precompute HMAC Outer Digest ****/ - - ctx = &(hmac.outer_digest_ctx); - sha512_begin (ctx); - - for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x5C); - memset (&buf[lk], 0x5C, SHA512_BLOCKSIZE - lk); - - sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx); - - hmac_sha512_internal (k, lk, d, ld, &hmac); - - /* Prevent leaks */ - burn (&hmac, sizeof(hmac)); - burn (key, sizeof(key)); -} - -static void derive_u_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, int b, hmac_sha512_ctx* hmac) -{ - char* k = hmac->k; - char* u = hmac->u; - uint32 c, i; - - /* iteration 1 */ - memcpy (k, salt, salt_len); /* salt */ - /* big-endian block number */ - memset (&k[salt_len], 0, 3); - k[salt_len + 3] = (char) b; - - hmac_sha512_internal (pwd, pwd_len, k, salt_len + 4, hmac); - memcpy (u, k, SHA512_DIGESTSIZE); - - /* remaining iterations */ - for (c = 1; c < iterations; c++) - { - hmac_sha512_internal (pwd, pwd_len, k, SHA512_DIGESTSIZE, hmac); - for (i = 0; i < SHA512_DIGESTSIZE; i++) - { - u[i] ^= k[i]; - } - } -} - - -void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) -{ - hmac_sha512_ctx hmac; - sha512_ctx* ctx; - char* buf = hmac.k; /* there is enough space to hold SHA512_BLOCKSIZE (128) bytes - * because k is followed by u in hmac_sha512_ctx - */ - int b, l, r; - char key[SHA512_DIGESTSIZE]; - - /* If the password is longer than the hash algorithm block size, - let pwd = sha512(pwd), as per HMAC specifications. */ - if (pwd_len > SHA512_BLOCKSIZE) - { - sha512_ctx tctx; - - sha512_begin (&tctx); - sha512_hash ((unsigned char *) pwd, pwd_len, &tctx); - sha512_end ((unsigned char *) key, &tctx); - - pwd = key; - pwd_len = SHA512_DIGESTSIZE; - - burn (&tctx, sizeof(tctx)); // Prevent leaks - } - - if (dklen % SHA512_DIGESTSIZE) - { - l = 1 + dklen / SHA512_DIGESTSIZE; - } - else - { - l = dklen / SHA512_DIGESTSIZE; - } - - r = dklen - (l - 1) * SHA512_DIGESTSIZE; - - /**** Precompute HMAC Inner Digest ****/ - - ctx = &(hmac.inner_digest_ctx); - sha512_begin (ctx); - - /* Pad the key for inner digest */ - for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x36); - memset (&buf[pwd_len], 0x36, SHA512_BLOCKSIZE - pwd_len); - - sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx); - - /**** Precompute HMAC Outer Digest ****/ - - ctx = &(hmac.outer_digest_ctx); - sha512_begin (ctx); - - for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x5C); - memset (&buf[pwd_len], 0x5C, SHA512_BLOCKSIZE - pwd_len); - - sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx); - - /* first l - 1 blocks */ - for (b = 1; b < l; b++) - { - derive_u_sha512 (pwd, pwd_len, salt, salt_len, iterations, b, &hmac); - memcpy (dk, hmac.u, SHA512_DIGESTSIZE); - dk += SHA512_DIGESTSIZE; - } - - /* last block */ - derive_u_sha512 (pwd, pwd_len, salt, salt_len, iterations, b, &hmac); - memcpy (dk, hmac.u, r); - - - /* Prevent possible leaks. */ - burn (&hmac, sizeof(hmac)); - burn (key, sizeof(key)); -} - -#endif // TC_WINDOWS_BOOT - -#if !defined(TC_WINDOWS_BOOT) || defined(TC_WINDOWS_BOOT_RIPEMD160) - -typedef struct hmac_ripemd160_ctx_struct -{ - RMD160_CTX context; - RMD160_CTX inner_digest_ctx; /*pre-computed inner digest context */ - RMD160_CTX outer_digest_ctx; /*pre-computed outer digest context */ - char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the RIPEMD-160 hash */ - char u[RIPEMD160_DIGESTSIZE]; -} hmac_ripemd160_ctx; - -void hmac_ripemd160_internal (char *key, int keylen, char *input_digest, int len, hmac_ripemd160_ctx* hmac) -{ - RMD160_CTX* context = &(hmac->context); - - /**** Restore Precomputed Inner Digest Context ****/ - - memcpy (context, &(hmac->inner_digest_ctx), sizeof (RMD160_CTX)); - - RMD160Update(context, (const unsigned char *) input_digest, len); /* then text of datagram */ - RMD160Final((unsigned char *) input_digest, context); /* finish up 1st pass */ - - /**** Restore Precomputed Outer Digest Context ****/ - - memcpy (context, &(hmac->outer_digest_ctx), sizeof (RMD160_CTX)); - - /* results of 1st hash */ - RMD160Update(context, (const unsigned char *) input_digest, RIPEMD160_DIGESTSIZE); - RMD160Final((unsigned char *) input_digest, context); /* finish up 2nd pass */ -} - -#ifndef TC_WINDOWS_BOOT -void hmac_ripemd160 (char *key, int keylen, char *input_digest, int len) -{ - hmac_ripemd160_ctx hmac; - RMD160_CTX* ctx; - unsigned char* k_pad = (unsigned char*) hmac.k; /* inner/outer padding - key XORd with ipad */ - unsigned char tk[RIPEMD160_DIGESTSIZE]; - int i; - - /* If the key is longer than the hash algorithm block size, - let key = ripemd160(key), as per HMAC specifications. */ - if (keylen > RIPEMD160_BLOCKSIZE) - { - RMD160_CTX tctx; - - RMD160Init(&tctx); - RMD160Update(&tctx, (const unsigned char *) key, keylen); - RMD160Final(tk, &tctx); - - key = (char *) tk; - keylen = RIPEMD160_DIGESTSIZE; - - burn (&tctx, sizeof(tctx)); // Prevent leaks - } - - /* perform inner RIPEMD-160 */ - ctx = &(hmac.inner_digest_ctx); - /* start out by storing key in pads */ - memset(k_pad, 0x36, 64); - /* XOR key with ipad and opad values */ - for (i=0; ik; - char* u = hmac->u; - uint32 c; - int i; - -#ifdef TC_WINDOWS_BOOT - /* In bootloader mode, least significant bit of iterations is a boolean (TRUE for boot derivation mode, FALSE otherwise) - * and the most significant 16 bits hold the pim value - * This enables us to save code space needed for implementing other features. - */ - c = iterations >> 16; - i = ((int) iterations) & 0x01; - if (i) - c = (c == 0)? 327661 : c << 11; - else - c = (c == 0)? 655331 : 15000 + c * 1000; -#else - c = iterations; -#endif - - /* iteration 1 */ - memcpy (k, salt, salt_len); /* salt */ - - /* big-endian block number */ - memset (&k[salt_len], 0, 3); - k[salt_len + 3] = (char) b; - - hmac_ripemd160_internal (pwd, pwd_len, k, salt_len + 4, hmac); - memcpy (u, k, RIPEMD160_DIGESTSIZE); - - /* remaining iterations */ - while ( c > 1) - { - hmac_ripemd160_internal (pwd, pwd_len, k, RIPEMD160_DIGESTSIZE, hmac); - for (i = 0; i < RIPEMD160_DIGESTSIZE; i++) - { - u[i] ^= k[i]; - } - c--; - } -} - -void derive_key_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) -{ - int b, l, r; - hmac_ripemd160_ctx hmac; - RMD160_CTX* ctx; - unsigned char* k_pad = (unsigned char*) hmac.k; -#ifndef TC_WINDOWS_BOOT - unsigned char tk[RIPEMD160_DIGESTSIZE]; - /* If the password is longer than the hash algorithm block size, - let password = ripemd160(password), as per HMAC specifications. */ - if (pwd_len > RIPEMD160_BLOCKSIZE) - { - RMD160_CTX tctx; - - RMD160Init(&tctx); - RMD160Update(&tctx, (const unsigned char *) pwd, pwd_len); - RMD160Final(tk, &tctx); - - pwd = (char *) tk; - pwd_len = RIPEMD160_DIGESTSIZE; - - burn (&tctx, sizeof(tctx)); // Prevent leaks - } -#endif - - if (dklen % RIPEMD160_DIGESTSIZE) - { - l = 1 + dklen / RIPEMD160_DIGESTSIZE; - } - else - { - l = dklen / RIPEMD160_DIGESTSIZE; - } - - r = dklen - (l - 1) * RIPEMD160_DIGESTSIZE; - - /* perform inner RIPEMD-160 */ - ctx = &(hmac.inner_digest_ctx); - /* start out by storing key in pads */ - memset(k_pad, 0x36, 64); - /* XOR key with ipad and opad values */ - for (b=0; bctx); - - /**** Restore Precomputed Inner Digest Context ****/ - - memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (WHIRLPOOL_CTX)); - - WHIRLPOOL_add ((unsigned char *) d, ld * 8, ctx); - - WHIRLPOOL_finalize (ctx, (unsigned char *) d); - - /**** Restore Precomputed Outer Digest Context ****/ - - memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (WHIRLPOOL_CTX)); - - WHIRLPOOL_add ((unsigned char *) d, WHIRLPOOL_DIGESTSIZE * 8, ctx); - - WHIRLPOOL_finalize (ctx, (unsigned char *) d); -} - -void hmac_whirlpool -( - char *k, /* secret key */ - int lk, /* length of the key in bytes */ - char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */ - int ld /* length of data in bytes */ -) -{ - hmac_whirlpool_ctx hmac; - WHIRLPOOL_CTX* ctx; - char* buf = hmac.k; - int b; - char key[WHIRLPOOL_DIGESTSIZE]; - /* If the key is longer than the hash algorithm block size, - let key = whirlpool(key), as per HMAC specifications. */ - if (lk > WHIRLPOOL_BLOCKSIZE) - { - WHIRLPOOL_CTX tctx; - - WHIRLPOOL_init (&tctx); - WHIRLPOOL_add ((unsigned char *) k, lk * 8, &tctx); - WHIRLPOOL_finalize (&tctx, (unsigned char *) key); - - k = key; - lk = WHIRLPOOL_DIGESTSIZE; - - burn (&tctx, sizeof(tctx)); // Prevent leaks - } - - /**** Precompute HMAC Inner Digest ****/ - - ctx = &(hmac.inner_digest_ctx); - WHIRLPOOL_init (ctx); - - /* Pad the key for inner digest */ - for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x36); - memset (&buf[lk], 0x36, WHIRLPOOL_BLOCKSIZE - lk); - - WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE * 8, ctx); - - /**** Precompute HMAC Outer Digest ****/ - - ctx = &(hmac.outer_digest_ctx); - WHIRLPOOL_init (ctx); - - for (b = 0; b < lk; ++b) - buf[b] = (char) (k[b] ^ 0x5C); - memset (&buf[lk], 0x5C, WHIRLPOOL_BLOCKSIZE - lk); - - WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE * 8, ctx); - - hmac_whirlpool_internal(k, lk, d, ld, &hmac); - /* Prevent leaks */ - burn(&hmac, sizeof(hmac)); -} - -static void derive_u_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, int b, hmac_whirlpool_ctx* hmac) -{ - char* u = hmac->u; - char* k = hmac->k; - uint32 c, i; - - /* iteration 1 */ - memcpy (k, salt, salt_len); /* salt */ - /* big-endian block number */ - memset (&k[salt_len], 0, 3); - k[salt_len + 3] = (char) b; - - hmac_whirlpool_internal (pwd, pwd_len, k, salt_len + 4, hmac); - memcpy (u, k, WHIRLPOOL_DIGESTSIZE); - - /* remaining iterations */ - for (c = 1; c < iterations; c++) - { - hmac_whirlpool_internal (pwd, pwd_len, k, WHIRLPOOL_DIGESTSIZE, hmac); - for (i = 0; i < WHIRLPOOL_DIGESTSIZE; i++) - { - u[i] ^= k[i]; - } - } -} - -void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) -{ - hmac_whirlpool_ctx hmac; - WHIRLPOOL_CTX* ctx; - char* buf = hmac.k; - char key[WHIRLPOOL_DIGESTSIZE]; - int b, l, r; - /* If the password is longer than the hash algorithm block size, - let pwd = whirlpool(pwd), as per HMAC specifications. */ - if (pwd_len > WHIRLPOOL_BLOCKSIZE) - { - WHIRLPOOL_CTX tctx; - - WHIRLPOOL_init (&tctx); - WHIRLPOOL_add ((unsigned char *) pwd, pwd_len * 8, &tctx); - WHIRLPOOL_finalize (&tctx, (unsigned char *) key); - - pwd = key; - pwd_len = WHIRLPOOL_DIGESTSIZE; - - burn (&tctx, sizeof(tctx)); // Prevent leaks - } - - if (dklen % WHIRLPOOL_DIGESTSIZE) - { - l = 1 + dklen / WHIRLPOOL_DIGESTSIZE; - } - else - { - l = dklen / WHIRLPOOL_DIGESTSIZE; - } - - r = dklen - (l - 1) * WHIRLPOOL_DIGESTSIZE; - - /**** Precompute HMAC Inner Digest ****/ - - ctx = &(hmac.inner_digest_ctx); - WHIRLPOOL_init (ctx); - - /* Pad the key for inner digest */ - for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x36); - memset (&buf[pwd_len], 0x36, WHIRLPOOL_BLOCKSIZE - pwd_len); - - WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE * 8, ctx); - - /**** Precompute HMAC Outer Digest ****/ - - ctx = &(hmac.outer_digest_ctx); - WHIRLPOOL_init (ctx); - - for (b = 0; b < pwd_len; ++b) - buf[b] = (char) (pwd[b] ^ 0x5C); - memset (&buf[pwd_len], 0x5C, WHIRLPOOL_BLOCKSIZE - pwd_len); - - WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE * 8, ctx); - - /* first l - 1 blocks */ - for (b = 1; b < l; b++) - { - derive_u_whirlpool (pwd, pwd_len, salt, salt_len, iterations, b, &hmac); - memcpy (dk, hmac.u, WHIRLPOOL_DIGESTSIZE); - dk += WHIRLPOOL_DIGESTSIZE; - } - - /* last block */ - derive_u_whirlpool (pwd, pwd_len, salt, salt_len, iterations, b, &hmac); - memcpy (dk, hmac.u, r); - - - /* Prevent possible leaks. */ - burn (&hmac, sizeof(hmac)); - burn (key, sizeof(key)); -} - - -wchar_t *get_pkcs5_prf_name (int pkcs5_prf_id) -{ - switch (pkcs5_prf_id) - { - case SHA512: - return L"HMAC-SHA-512"; - - case SHA256: - return L"HMAC-SHA-256"; - - case RIPEMD160: - return L"HMAC-RIPEMD-160"; - - case WHIRLPOOL: - return L"HMAC-Whirlpool"; - - default: - return L"(Unknown)"; - } -} - - - -int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BOOL bBoot) -{ - if ( (pim < 0) - || (truecryptMode && pim > 0) /* No PIM for TrueCrypt mode */ - ) - { - return 0; - } - - switch (pkcs5_prf_id) - { - - case RIPEMD160: - if (truecryptMode) - return bBoot ? 1000 : 2000; - else if (pim == 0) - return bBoot? 327661 : 655331; - else - { - return bBoot? pim * 2048 : 15000 + pim * 1000; - } - - case SHA512: - return truecryptMode? 1000 : ((pim == 0)? 500000 : 15000 + pim * 1000); - - case WHIRLPOOL: - return truecryptMode? 1000 : ((pim == 0)? 500000 : 15000 + pim * 1000); - - case SHA256: - if (truecryptMode) - return 0; // SHA-256 not supported by TrueCrypt - else if (pim == 0) - return bBoot? 200000 : 500000; - else - { - return bBoot? pim * 2048 : 15000 + pim * 1000; - } - - default: - TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID - } - return 0; -} - +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" + +#include +#include +#include "Rmd160.h" +#ifndef TC_WINDOWS_BOOT +#include "Sha2.h" +#include "Whirlpool.h" +#include "misc.h" +#else +#pragma optimize ("t", on) +#include +#if defined( _MSC_VER ) +# ifndef DEBUG +# pragma intrinsic( memcpy ) +# pragma intrinsic( memset ) +# endif +#endif +#include "Sha2Small.h" +#endif +#include "Pkcs5.h" +#include "Crypto.h" + +void hmac_truncate + ( + char *d1, /* data to be truncated */ + char *d2, /* truncated data */ + int len /* length in bytes to keep */ +) +{ + int i; + for (i = 0; i < len; i++) + d2[i] = d1[i]; +} + +#if !defined(TC_WINDOWS_BOOT) || defined(TC_WINDOWS_BOOT_SHA2) + +typedef struct hmac_sha256_ctx_struct +{ + sha256_ctx ctx; + sha256_ctx inner_digest_ctx; /*pre-computed inner digest context */ + sha256_ctx outer_digest_ctx; /*pre-computed outer digest context */ + char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the SHA256 hash */ + char u[SHA256_DIGESTSIZE]; +} hmac_sha256_ctx; + +void hmac_sha256_internal +( + char *k, /* secret key. It's ensured to be always <= 32 bytes */ + int lk, /* length of the key in bytes */ + char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */ + int ld, /* length of input data in bytes */ + hmac_sha256_ctx* hmac /* HMAC-SHA256 context which holds temporary variables */ +) +{ + sha256_ctx* ctx = &(hmac->ctx); + + /**** Restore Precomputed Inner Digest Context ****/ + + memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (sha256_ctx)); + + sha256_hash ((unsigned char *) d, ld, ctx); + + sha256_end ((unsigned char *) d, ctx); /* d = inner digest */ + + /**** Restore Precomputed Outer Digest Context ****/ + + memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (sha256_ctx)); + + sha256_hash ((unsigned char *) d, SHA256_DIGESTSIZE, ctx); + + sha256_end ((unsigned char *) d, ctx); /* d = outer digest */ +} + +#ifndef TC_WINDOWS_BOOT +void hmac_sha256 +( + char *k, /* secret key */ + int lk, /* length of the key in bytes */ + char *d, /* data */ + int ld /* length of data in bytes */ +) +{ + hmac_sha256_ctx hmac; + sha256_ctx* ctx; + char* buf = hmac.k; + int b; + char key[SHA256_DIGESTSIZE]; + /* If the key is longer than the hash algorithm block size, + let key = sha256(key), as per HMAC specifications. */ + if (lk > SHA256_BLOCKSIZE) + { + sha256_ctx tctx; + + sha256_begin (&tctx); + sha256_hash ((unsigned char *) k, lk, &tctx); + sha256_end ((unsigned char *) key, &tctx); + + k = key; + lk = SHA256_DIGESTSIZE; + + burn (&tctx, sizeof(tctx)); // Prevent leaks + } + + /**** Precompute HMAC Inner Digest ****/ + + ctx = &(hmac.inner_digest_ctx); + sha256_begin (ctx); + + /* Pad the key for inner digest */ + for (b = 0; b < lk; ++b) + buf[b] = (char) (k[b] ^ 0x36); + memset (&buf[lk], 0x36, SHA256_BLOCKSIZE - lk); + + sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx); + + /**** Precompute HMAC Outer Digest ****/ + + ctx = &(hmac.outer_digest_ctx); + sha256_begin (ctx); + + for (b = 0; b < lk; ++b) + buf[b] = (char) (k[b] ^ 0x5C); + memset (&buf[lk], 0x5C, SHA256_BLOCKSIZE - lk); + + sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx); + + hmac_sha256_internal(k, lk, d, ld, &hmac); + /* Prevent leaks */ + burn(&hmac, sizeof(hmac)); + burn(key, sizeof(key)); +} +#endif + +static void derive_u_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, int b, hmac_sha256_ctx* hmac) +{ + char* k = hmac->k; + char* u = hmac->u; + uint32 c; + int i; + +#ifdef TC_WINDOWS_BOOT + /* In bootloader mode, least significant bit of iterations is a boolean (TRUE for boot derivation mode, FALSE otherwise) + * and the most significant 16 bits hold the pim value + * This enables us to save code space needed for implementing other features. + */ + c = iterations >> 16; + i = ((int) iterations) & 0x01; + if (i) + c = (c == 0)? 200000 : c << 11; + else + c = (c == 0)? 500000 : 15000 + c * 1000; +#else + c = iterations; +#endif + + /* iteration 1 */ + memcpy (k, salt, salt_len); /* salt */ + + /* big-endian block number */ + memset (&k[salt_len], 0, 3); + k[salt_len + 3] = (char) b; + + hmac_sha256_internal (pwd, pwd_len, k, salt_len + 4, hmac); + memcpy (u, k, SHA256_DIGESTSIZE); + + /* remaining iterations */ + while (c > 1) + { + hmac_sha256_internal (pwd, pwd_len, k, SHA256_DIGESTSIZE, hmac); + for (i = 0; i < SHA256_DIGESTSIZE; i++) + { + u[i] ^= k[i]; + } + c--; + } +} + + +void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) +{ + hmac_sha256_ctx hmac; + sha256_ctx* ctx; + char* buf = hmac.k; + int b, l, r; +#ifndef TC_WINDOWS_BOOT + char key[SHA256_DIGESTSIZE]; + /* If the password is longer than the hash algorithm block size, + let pwd = sha256(pwd), as per HMAC specifications. */ + if (pwd_len > SHA256_BLOCKSIZE) + { + sha256_ctx tctx; + + sha256_begin (&tctx); + sha256_hash ((unsigned char *) pwd, pwd_len, &tctx); + sha256_end ((unsigned char *) key, &tctx); + + pwd = key; + pwd_len = SHA256_DIGESTSIZE; + + burn (&tctx, sizeof(tctx)); // Prevent leaks + } +#endif + + if (dklen % SHA256_DIGESTSIZE) + { + l = 1 + dklen / SHA256_DIGESTSIZE; + } + else + { + l = dklen / SHA256_DIGESTSIZE; + } + + r = dklen - (l - 1) * SHA256_DIGESTSIZE; + + /**** Precompute HMAC Inner Digest ****/ + + ctx = &(hmac.inner_digest_ctx); + sha256_begin (ctx); + + /* Pad the key for inner digest */ + for (b = 0; b < pwd_len; ++b) + buf[b] = (char) (pwd[b] ^ 0x36); + memset (&buf[pwd_len], 0x36, SHA256_BLOCKSIZE - pwd_len); + + sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx); + + /**** Precompute HMAC Outer Digest ****/ + + ctx = &(hmac.outer_digest_ctx); + sha256_begin (ctx); + + for (b = 0; b < pwd_len; ++b) + buf[b] = (char) (pwd[b] ^ 0x5C); + memset (&buf[pwd_len], 0x5C, SHA256_BLOCKSIZE - pwd_len); + + sha256_hash ((unsigned char *) buf, SHA256_BLOCKSIZE, ctx); + + /* first l - 1 blocks */ + for (b = 1; b < l; b++) + { + derive_u_sha256 (pwd, pwd_len, salt, salt_len, iterations, b, &hmac); + memcpy (dk, hmac.u, SHA256_DIGESTSIZE); + dk += SHA256_DIGESTSIZE; + } + + /* last block */ + derive_u_sha256 (pwd, pwd_len, salt, salt_len, iterations, b, &hmac); + memcpy (dk, hmac.u, r); + + + /* Prevent possible leaks. */ + burn (&hmac, sizeof(hmac)); +#ifndef TC_WINDOWS_BOOT + burn (key, sizeof(key)); +#endif +} + +#endif + +#ifndef TC_WINDOWS_BOOT + +typedef struct hmac_sha512_ctx_struct +{ + sha512_ctx ctx; + sha512_ctx inner_digest_ctx; /*pre-computed inner digest context */ + sha512_ctx outer_digest_ctx; /*pre-computed outer digest context */ + char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the SHA512 hash */ + char u[SHA512_DIGESTSIZE]; +} hmac_sha512_ctx; + +void hmac_sha512_internal +( + char *k, /* secret key */ + int lk, /* length of the key in bytes */ + char *d, /* data and also output buffer of at least 64 bytes */ + int ld, /* length of data in bytes */ + hmac_sha512_ctx* hmac +) +{ + sha512_ctx* ctx = &(hmac->ctx); + + /**** Restore Precomputed Inner Digest Context ****/ + + memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (sha512_ctx)); + + sha512_hash ((unsigned char *) d, ld, ctx); + + sha512_end ((unsigned char *) d, ctx); + + /**** Restore Precomputed Outer Digest Context ****/ + + memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (sha512_ctx)); + + sha512_hash ((unsigned char *) d, SHA512_DIGESTSIZE, ctx); + + sha512_end ((unsigned char *) d, ctx); +} + +void hmac_sha512 +( + char *k, /* secret key */ + int lk, /* length of the key in bytes */ + char *d, /* data and also output buffer of at least 64 bytes */ + int ld /* length of data in bytes */ +) +{ + hmac_sha512_ctx hmac; + sha512_ctx* ctx; + char* buf = hmac.k; /* there is enough space to hold SHA512_BLOCKSIZE (128) bytes + * because k is followed by u in hmac_sha512_ctx + */ + int b; + char key[SHA512_DIGESTSIZE]; + + /* If the key is longer than the hash algorithm block size, + let key = sha512(key), as per HMAC specifications. */ + if (lk > SHA512_BLOCKSIZE) + { + sha512_ctx tctx; + + sha512_begin (&tctx); + sha512_hash ((unsigned char *) k, lk, &tctx); + sha512_end ((unsigned char *) key, &tctx); + + k = key; + lk = SHA512_DIGESTSIZE; + + burn (&tctx, sizeof(tctx)); // Prevent leaks + } + + /**** Precompute HMAC Inner Digest ****/ + + ctx = &(hmac.inner_digest_ctx); + sha512_begin (ctx); + + /* Pad the key for inner digest */ + for (b = 0; b < lk; ++b) + buf[b] = (char) (k[b] ^ 0x36); + memset (&buf[lk], 0x36, SHA512_BLOCKSIZE - lk); + + sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx); + + /**** Precompute HMAC Outer Digest ****/ + + ctx = &(hmac.outer_digest_ctx); + sha512_begin (ctx); + + for (b = 0; b < lk; ++b) + buf[b] = (char) (k[b] ^ 0x5C); + memset (&buf[lk], 0x5C, SHA512_BLOCKSIZE - lk); + + sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx); + + hmac_sha512_internal (k, lk, d, ld, &hmac); + + /* Prevent leaks */ + burn (&hmac, sizeof(hmac)); + burn (key, sizeof(key)); +} + +static void derive_u_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, int b, hmac_sha512_ctx* hmac) +{ + char* k = hmac->k; + char* u = hmac->u; + uint32 c, i; + + /* iteration 1 */ + memcpy (k, salt, salt_len); /* salt */ + /* big-endian block number */ + memset (&k[salt_len], 0, 3); + k[salt_len + 3] = (char) b; + + hmac_sha512_internal (pwd, pwd_len, k, salt_len + 4, hmac); + memcpy (u, k, SHA512_DIGESTSIZE); + + /* remaining iterations */ + for (c = 1; c < iterations; c++) + { + hmac_sha512_internal (pwd, pwd_len, k, SHA512_DIGESTSIZE, hmac); + for (i = 0; i < SHA512_DIGESTSIZE; i++) + { + u[i] ^= k[i]; + } + } +} + + +void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) +{ + hmac_sha512_ctx hmac; + sha512_ctx* ctx; + char* buf = hmac.k; /* there is enough space to hold SHA512_BLOCKSIZE (128) bytes + * because k is followed by u in hmac_sha512_ctx + */ + int b, l, r; + char key[SHA512_DIGESTSIZE]; + + /* If the password is longer than the hash algorithm block size, + let pwd = sha512(pwd), as per HMAC specifications. */ + if (pwd_len > SHA512_BLOCKSIZE) + { + sha512_ctx tctx; + + sha512_begin (&tctx); + sha512_hash ((unsigned char *) pwd, pwd_len, &tctx); + sha512_end ((unsigned char *) key, &tctx); + + pwd = key; + pwd_len = SHA512_DIGESTSIZE; + + burn (&tctx, sizeof(tctx)); // Prevent leaks + } + + if (dklen % SHA512_DIGESTSIZE) + { + l = 1 + dklen / SHA512_DIGESTSIZE; + } + else + { + l = dklen / SHA512_DIGESTSIZE; + } + + r = dklen - (l - 1) * SHA512_DIGESTSIZE; + + /**** Precompute HMAC Inner Digest ****/ + + ctx = &(hmac.inner_digest_ctx); + sha512_begin (ctx); + + /* Pad the key for inner digest */ + for (b = 0; b < pwd_len; ++b) + buf[b] = (char) (pwd[b] ^ 0x36); + memset (&buf[pwd_len], 0x36, SHA512_BLOCKSIZE - pwd_len); + + sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx); + + /**** Precompute HMAC Outer Digest ****/ + + ctx = &(hmac.outer_digest_ctx); + sha512_begin (ctx); + + for (b = 0; b < pwd_len; ++b) + buf[b] = (char) (pwd[b] ^ 0x5C); + memset (&buf[pwd_len], 0x5C, SHA512_BLOCKSIZE - pwd_len); + + sha512_hash ((unsigned char *) buf, SHA512_BLOCKSIZE, ctx); + + /* first l - 1 blocks */ + for (b = 1; b < l; b++) + { + derive_u_sha512 (pwd, pwd_len, salt, salt_len, iterations, b, &hmac); + memcpy (dk, hmac.u, SHA512_DIGESTSIZE); + dk += SHA512_DIGESTSIZE; + } + + /* last block */ + derive_u_sha512 (pwd, pwd_len, salt, salt_len, iterations, b, &hmac); + memcpy (dk, hmac.u, r); + + + /* Prevent possible leaks. */ + burn (&hmac, sizeof(hmac)); + burn (key, sizeof(key)); +} + +#endif // TC_WINDOWS_BOOT + +#if !defined(TC_WINDOWS_BOOT) || defined(TC_WINDOWS_BOOT_RIPEMD160) + +typedef struct hmac_ripemd160_ctx_struct +{ + RMD160_CTX context; + RMD160_CTX inner_digest_ctx; /*pre-computed inner digest context */ + RMD160_CTX outer_digest_ctx; /*pre-computed outer digest context */ + char k[PKCS5_SALT_SIZE + 4]; /* enough to hold (salt_len + 4) and also the RIPEMD-160 hash */ + char u[RIPEMD160_DIGESTSIZE]; +} hmac_ripemd160_ctx; + +void hmac_ripemd160_internal (char *key, int keylen, char *input_digest, int len, hmac_ripemd160_ctx* hmac) +{ + RMD160_CTX* context = &(hmac->context); + + /**** Restore Precomputed Inner Digest Context ****/ + + memcpy (context, &(hmac->inner_digest_ctx), sizeof (RMD160_CTX)); + + RMD160Update(context, (const unsigned char *) input_digest, len); /* then text of datagram */ + RMD160Final((unsigned char *) input_digest, context); /* finish up 1st pass */ + + /**** Restore Precomputed Outer Digest Context ****/ + + memcpy (context, &(hmac->outer_digest_ctx), sizeof (RMD160_CTX)); + + /* results of 1st hash */ + RMD160Update(context, (const unsigned char *) input_digest, RIPEMD160_DIGESTSIZE); + RMD160Final((unsigned char *) input_digest, context); /* finish up 2nd pass */ +} + +#ifndef TC_WINDOWS_BOOT +void hmac_ripemd160 (char *key, int keylen, char *input_digest, int len) +{ + hmac_ripemd160_ctx hmac; + RMD160_CTX* ctx; + unsigned char* k_pad = (unsigned char*) hmac.k; /* inner/outer padding - key XORd with ipad */ + unsigned char tk[RIPEMD160_DIGESTSIZE]; + int i; + + /* If the key is longer than the hash algorithm block size, + let key = ripemd160(key), as per HMAC specifications. */ + if (keylen > RIPEMD160_BLOCKSIZE) + { + RMD160_CTX tctx; + + RMD160Init(&tctx); + RMD160Update(&tctx, (const unsigned char *) key, keylen); + RMD160Final(tk, &tctx); + + key = (char *) tk; + keylen = RIPEMD160_DIGESTSIZE; + + burn (&tctx, sizeof(tctx)); // Prevent leaks + } + + /* perform inner RIPEMD-160 */ + ctx = &(hmac.inner_digest_ctx); + /* start out by storing key in pads */ + memset(k_pad, 0x36, 64); + /* XOR key with ipad and opad values */ + for (i=0; ik; + char* u = hmac->u; + uint32 c; + int i; + +#ifdef TC_WINDOWS_BOOT + /* In bootloader mode, least significant bit of iterations is a boolean (TRUE for boot derivation mode, FALSE otherwise) + * and the most significant 16 bits hold the pim value + * This enables us to save code space needed for implementing other features. + */ + c = iterations >> 16; + i = ((int) iterations) & 0x01; + if (i) + c = (c == 0)? 327661 : c << 11; + else + c = (c == 0)? 655331 : 15000 + c * 1000; +#else + c = iterations; +#endif + + /* iteration 1 */ + memcpy (k, salt, salt_len); /* salt */ + + /* big-endian block number */ + memset (&k[salt_len], 0, 3); + k[salt_len + 3] = (char) b; + + hmac_ripemd160_internal (pwd, pwd_len, k, salt_len + 4, hmac); + memcpy (u, k, RIPEMD160_DIGESTSIZE); + + /* remaining iterations */ + while ( c > 1) + { + hmac_ripemd160_internal (pwd, pwd_len, k, RIPEMD160_DIGESTSIZE, hmac); + for (i = 0; i < RIPEMD160_DIGESTSIZE; i++) + { + u[i] ^= k[i]; + } + c--; + } +} + +void derive_key_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) +{ + int b, l, r; + hmac_ripemd160_ctx hmac; + RMD160_CTX* ctx; + unsigned char* k_pad = (unsigned char*) hmac.k; +#ifndef TC_WINDOWS_BOOT + unsigned char tk[RIPEMD160_DIGESTSIZE]; + /* If the password is longer than the hash algorithm block size, + let password = ripemd160(password), as per HMAC specifications. */ + if (pwd_len > RIPEMD160_BLOCKSIZE) + { + RMD160_CTX tctx; + + RMD160Init(&tctx); + RMD160Update(&tctx, (const unsigned char *) pwd, pwd_len); + RMD160Final(tk, &tctx); + + pwd = (char *) tk; + pwd_len = RIPEMD160_DIGESTSIZE; + + burn (&tctx, sizeof(tctx)); // Prevent leaks + } +#endif + + if (dklen % RIPEMD160_DIGESTSIZE) + { + l = 1 + dklen / RIPEMD160_DIGESTSIZE; + } + else + { + l = dklen / RIPEMD160_DIGESTSIZE; + } + + r = dklen - (l - 1) * RIPEMD160_DIGESTSIZE; + + /* perform inner RIPEMD-160 */ + ctx = &(hmac.inner_digest_ctx); + /* start out by storing key in pads */ + memset(k_pad, 0x36, 64); + /* XOR key with ipad and opad values */ + for (b=0; bctx); + + /**** Restore Precomputed Inner Digest Context ****/ + + memcpy (ctx, &(hmac->inner_digest_ctx), sizeof (WHIRLPOOL_CTX)); + + WHIRLPOOL_add ((unsigned char *) d, ld * 8, ctx); + + WHIRLPOOL_finalize (ctx, (unsigned char *) d); + + /**** Restore Precomputed Outer Digest Context ****/ + + memcpy (ctx, &(hmac->outer_digest_ctx), sizeof (WHIRLPOOL_CTX)); + + WHIRLPOOL_add ((unsigned char *) d, WHIRLPOOL_DIGESTSIZE * 8, ctx); + + WHIRLPOOL_finalize (ctx, (unsigned char *) d); +} + +void hmac_whirlpool +( + char *k, /* secret key */ + int lk, /* length of the key in bytes */ + char *d, /* input data. d pointer is guaranteed to be at least 32-bytes long */ + int ld /* length of data in bytes */ +) +{ + hmac_whirlpool_ctx hmac; + WHIRLPOOL_CTX* ctx; + char* buf = hmac.k; + int b; + char key[WHIRLPOOL_DIGESTSIZE]; + /* If the key is longer than the hash algorithm block size, + let key = whirlpool(key), as per HMAC specifications. */ + if (lk > WHIRLPOOL_BLOCKSIZE) + { + WHIRLPOOL_CTX tctx; + + WHIRLPOOL_init (&tctx); + WHIRLPOOL_add ((unsigned char *) k, lk * 8, &tctx); + WHIRLPOOL_finalize (&tctx, (unsigned char *) key); + + k = key; + lk = WHIRLPOOL_DIGESTSIZE; + + burn (&tctx, sizeof(tctx)); // Prevent leaks + } + + /**** Precompute HMAC Inner Digest ****/ + + ctx = &(hmac.inner_digest_ctx); + WHIRLPOOL_init (ctx); + + /* Pad the key for inner digest */ + for (b = 0; b < lk; ++b) + buf[b] = (char) (k[b] ^ 0x36); + memset (&buf[lk], 0x36, WHIRLPOOL_BLOCKSIZE - lk); + + WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE * 8, ctx); + + /**** Precompute HMAC Outer Digest ****/ + + ctx = &(hmac.outer_digest_ctx); + WHIRLPOOL_init (ctx); + + for (b = 0; b < lk; ++b) + buf[b] = (char) (k[b] ^ 0x5C); + memset (&buf[lk], 0x5C, WHIRLPOOL_BLOCKSIZE - lk); + + WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE * 8, ctx); + + hmac_whirlpool_internal(k, lk, d, ld, &hmac); + /* Prevent leaks */ + burn(&hmac, sizeof(hmac)); +} + +static void derive_u_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, int b, hmac_whirlpool_ctx* hmac) +{ + char* u = hmac->u; + char* k = hmac->k; + uint32 c, i; + + /* iteration 1 */ + memcpy (k, salt, salt_len); /* salt */ + /* big-endian block number */ + memset (&k[salt_len], 0, 3); + k[salt_len + 3] = (char) b; + + hmac_whirlpool_internal (pwd, pwd_len, k, salt_len + 4, hmac); + memcpy (u, k, WHIRLPOOL_DIGESTSIZE); + + /* remaining iterations */ + for (c = 1; c < iterations; c++) + { + hmac_whirlpool_internal (pwd, pwd_len, k, WHIRLPOOL_DIGESTSIZE, hmac); + for (i = 0; i < WHIRLPOOL_DIGESTSIZE; i++) + { + u[i] ^= k[i]; + } + } +} + +void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen) +{ + hmac_whirlpool_ctx hmac; + WHIRLPOOL_CTX* ctx; + char* buf = hmac.k; + char key[WHIRLPOOL_DIGESTSIZE]; + int b, l, r; + /* If the password is longer than the hash algorithm block size, + let pwd = whirlpool(pwd), as per HMAC specifications. */ + if (pwd_len > WHIRLPOOL_BLOCKSIZE) + { + WHIRLPOOL_CTX tctx; + + WHIRLPOOL_init (&tctx); + WHIRLPOOL_add ((unsigned char *) pwd, pwd_len * 8, &tctx); + WHIRLPOOL_finalize (&tctx, (unsigned char *) key); + + pwd = key; + pwd_len = WHIRLPOOL_DIGESTSIZE; + + burn (&tctx, sizeof(tctx)); // Prevent leaks + } + + if (dklen % WHIRLPOOL_DIGESTSIZE) + { + l = 1 + dklen / WHIRLPOOL_DIGESTSIZE; + } + else + { + l = dklen / WHIRLPOOL_DIGESTSIZE; + } + + r = dklen - (l - 1) * WHIRLPOOL_DIGESTSIZE; + + /**** Precompute HMAC Inner Digest ****/ + + ctx = &(hmac.inner_digest_ctx); + WHIRLPOOL_init (ctx); + + /* Pad the key for inner digest */ + for (b = 0; b < pwd_len; ++b) + buf[b] = (char) (pwd[b] ^ 0x36); + memset (&buf[pwd_len], 0x36, WHIRLPOOL_BLOCKSIZE - pwd_len); + + WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE * 8, ctx); + + /**** Precompute HMAC Outer Digest ****/ + + ctx = &(hmac.outer_digest_ctx); + WHIRLPOOL_init (ctx); + + for (b = 0; b < pwd_len; ++b) + buf[b] = (char) (pwd[b] ^ 0x5C); + memset (&buf[pwd_len], 0x5C, WHIRLPOOL_BLOCKSIZE - pwd_len); + + WHIRLPOOL_add ((unsigned char *) buf, WHIRLPOOL_BLOCKSIZE * 8, ctx); + + /* first l - 1 blocks */ + for (b = 1; b < l; b++) + { + derive_u_whirlpool (pwd, pwd_len, salt, salt_len, iterations, b, &hmac); + memcpy (dk, hmac.u, WHIRLPOOL_DIGESTSIZE); + dk += WHIRLPOOL_DIGESTSIZE; + } + + /* last block */ + derive_u_whirlpool (pwd, pwd_len, salt, salt_len, iterations, b, &hmac); + memcpy (dk, hmac.u, r); + + + /* Prevent possible leaks. */ + burn (&hmac, sizeof(hmac)); + burn (key, sizeof(key)); +} + + +wchar_t *get_pkcs5_prf_name (int pkcs5_prf_id) +{ + switch (pkcs5_prf_id) + { + case SHA512: + return L"HMAC-SHA-512"; + + case SHA256: + return L"HMAC-SHA-256"; + + case RIPEMD160: + return L"HMAC-RIPEMD-160"; + + case WHIRLPOOL: + return L"HMAC-Whirlpool"; + + default: + return L"(Unknown)"; + } +} + + + +int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BOOL bBoot) +{ + if ( (pim < 0) + || (truecryptMode && pim > 0) /* No PIM for TrueCrypt mode */ + ) + { + return 0; + } + + switch (pkcs5_prf_id) + { + + case RIPEMD160: + if (truecryptMode) + return bBoot ? 1000 : 2000; + else if (pim == 0) + return bBoot? 327661 : 655331; + else + { + return bBoot? pim * 2048 : 15000 + pim * 1000; + } + + case SHA512: + return truecryptMode? 1000 : ((pim == 0)? 500000 : 15000 + pim * 1000); + + case WHIRLPOOL: + return truecryptMode? 1000 : ((pim == 0)? 500000 : 15000 + pim * 1000); + + case SHA256: + if (truecryptMode) + return 0; // SHA-256 not supported by TrueCrypt + else if (pim == 0) + return bBoot? 200000 : 500000; + else + { + return bBoot? pim * 2048 : 15000 + pim * 1000; + } + + default: + TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID + } + return 0; +} + #endif //!TC_WINDOWS_BOOT diff --git a/src/Common/Pkcs5.h b/src/Common/Pkcs5.h index b54e36f9..ec9bf434 100644 --- a/src/Common/Pkcs5.h +++ b/src/Common/Pkcs5.h @@ -1,48 +1,48 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifndef TC_HEADER_PKCS5 -#define TC_HEADER_PKCS5 - -#include "Tcdefs.h" - -#if defined(__cplusplus) -extern "C" -{ -#endif -/* output written to input_digest which must be at lease 20 bytes long */ -void hmac_ripemd160 (char *key, int keylen, char *input_digest, int len); -void derive_key_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen); - -/* output written to d which must be at lease 32 bytes long */ -void hmac_sha256 (char *k, int lk, char *d, int ld); -void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen); - -#ifndef TC_WINDOWS_BOOT -/* output written to d which must be at lease 64 bytes long */ -void hmac_sha512 (char *k, int lk, char *d, int ld); -void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen); - -/* output written to d which must be at lease 64 bytes long */ -void hmac_whirlpool (char *k, int lk, char *d, int ld); -void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen); - -int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BOOL bBoot); -wchar_t *get_pkcs5_prf_name (int pkcs5_prf_id); -#endif - -#if defined(__cplusplus) -} -#endif - -#endif // TC_HEADER_PKCS5 +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifndef TC_HEADER_PKCS5 +#define TC_HEADER_PKCS5 + +#include "Tcdefs.h" + +#if defined(__cplusplus) +extern "C" +{ +#endif +/* output written to input_digest which must be at lease 20 bytes long */ +void hmac_ripemd160 (char *key, int keylen, char *input_digest, int len); +void derive_key_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen); + +/* output written to d which must be at lease 32 bytes long */ +void hmac_sha256 (char *k, int lk, char *d, int ld); +void derive_key_sha256 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen); + +#ifndef TC_WINDOWS_BOOT +/* output written to d which must be at lease 64 bytes long */ +void hmac_sha512 (char *k, int lk, char *d, int ld); +void derive_key_sha512 (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen); + +/* output written to d which must be at lease 64 bytes long */ +void hmac_whirlpool (char *k, int lk, char *d, int ld); +void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen); + +int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BOOL bBoot); +wchar_t *get_pkcs5_prf_name (int pkcs5_prf_id); +#endif + +#if defined(__cplusplus) +} +#endif + +#endif // TC_HEADER_PKCS5 diff --git a/src/Common/Progress.c b/src/Common/Progress.c index 19bd2171..ceb528f2 100644 --- a/src/Common/Progress.c +++ b/src/Common/Progress.c @@ -1,134 +1,134 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" -#include "Language.h" -#include "Dlgcode.h" -#include "Progress.h" -#include "../Format/Tcformat.h" -#include "../Format/FormatCom.h" -#include "../Format/resource.h" - -#include - -static ULONG prevTime, startTime; -static __int64 TotalSize; -static __int64 resumedPointBytesDone; -static BOOL bProgressBarReverse = FALSE; -static BOOL bRWThroughput = FALSE; -static BOOL bShowStatus = FALSE; -static BOOL bPercentMode = FALSE; - -static wchar_t *seconds, *minutes, *hours, *days; - - -// If bIOThroughput is TRUE, the speed reflects the amount of data read AND written per second (rather than -// the speed of the "transform cursor"). -void InitProgressBar (__int64 totalBytes, __int64 bytesDone, BOOL bReverse, BOOL bIOThroughput, BOOL bDisplayStatus, BOOL bShowPercent) -{ - HWND hProgressBar = GetDlgItem (hCurPage, nPbar); - SendMessage (hProgressBar, PBM_SETRANGE32, 0, 10000); - SendMessage (hProgressBar, PBM_SETSTEP, 1, 0); - - bProgressBarReverse = bReverse; - bRWThroughput = bIOThroughput; - bShowStatus = bDisplayStatus; - bPercentMode = bShowPercent; - - seconds = GetString ("SECONDS"); - minutes = GetString ("MINUTES"); - hours = GetString ("HOURS"); - days = GetString ("DAYS"); - - prevTime = startTime = GetTickCount (); - TotalSize = totalBytes; - resumedPointBytesDone = bytesDone; -} - - -BOOL UpdateProgressBar (__int64 byteOffset) -{ - return UpdateProgressBarProc (byteOffset); -} - - -BOOL UpdateProgressBarProc (__int64 byteOffset) -{ - wchar_t text[100]; - wchar_t speed[100]; - HWND hProgressBar = GetDlgItem (hCurPage, nPbar); - int time = GetTickCount (); - int elapsed = (time - startTime) / 1000; - - uint64 bytesDone = (bProgressBarReverse ? (TotalSize - byteOffset) : byteOffset); - uint64 bytesPerSec = (bProgressBarReverse ? (resumedPointBytesDone - byteOffset) : (bytesDone - resumedPointBytesDone)) / (elapsed + 1); - - if (bPercentMode) - { - double perc = (double) (100.0 * (bProgressBarReverse ? ((double) (TotalSize - byteOffset)) : ((double) byteOffset)) / (TotalSize == 0 ? 0.0001 : ((double) TotalSize))); - - if (perc > 99.999999999) - StringCchCopyW (text,ARRAYSIZE(text), GetString ("PROCESSED_PORTION_100_PERCENT")); - else - StringCchPrintfW (text, ARRAYSIZE (text), GetString ("PROCESSED_PORTION_X_PERCENT"), perc); - - StringCchCatW (text, ARRAYSIZE(text), L" "); - } - else - { - GetSizeString (bytesDone, text, sizeof(text)); - if (bytesDone < (unsigned __int64) BYTES_PER_MB * 1000000) - StringCchPrintfW(text, ARRAYSIZE(text), L"%I64d %s ", bytesDone / BYTES_PER_MB, GetString ("MB")); - else if (bytesDone < (unsigned __int64) BYTES_PER_GB * 1000000) - StringCchPrintfW(text, ARRAYSIZE(text), L"%I64d %s ", bytesDone / BYTES_PER_GB, GetString ("GB")); - else if (bytesDone < (unsigned __int64) BYTES_PER_TB * 1000000) - StringCchPrintfW(text, ARRAYSIZE(text), L"%I64d %s ", bytesDone / BYTES_PER_TB, GetString ("TB")); - else - StringCchPrintfW(text, ARRAYSIZE(text), L"%I64d %s ", bytesDone / BYTES_PER_PB, GetString ("PB")); - } - - SetWindowTextW (GetDlgItem (hCurPage, IDC_BYTESWRITTEN), text); - - if (!bShowStatus) - { - GetSpeedString (bRWThroughput ? bytesPerSec*2 : bytesPerSec, speed, sizeof(speed)); - StringCchCatW (speed, ARRAYSIZE(speed), L" "); - SetWindowTextW (GetDlgItem (hCurPage, IDC_WRITESPEED), speed); - } - - if (byteOffset < TotalSize) - { - int64 sec = (int64) ((bProgressBarReverse ? byteOffset : (TotalSize - byteOffset)) / (bytesPerSec == 0 ? 0.001 : bytesPerSec)); - - if (bytesPerSec == 0 || sec > 60 * 60 * 24 * 999) - StringCchPrintfW (text, ARRAYSIZE(text), L"%s ", GetString ("NOT_APPLICABLE_OR_NOT_AVAILABLE")); - else if (sec >= 60 * 60 * 24 * 2) - StringCchPrintfW (text, ARRAYSIZE(text), L"%I64d %s ", sec / (60 * 24 * 60), days); - else if (sec >= 120 * 60) - StringCchPrintfW (text, ARRAYSIZE(text), L"%I64d %s ", sec / (60 * 60), hours); - else if (sec >= 120) - StringCchPrintfW (text, ARRAYSIZE(text), L"%I64d %s ", sec / 60, minutes); - else - StringCchPrintfW (text, ARRAYSIZE(text), L"%I64d %s ", sec, seconds); - - SetWindowTextW (GetDlgItem (hCurPage, IDC_TIMEREMAIN), text); - } - - prevTime = time; - - SendMessage (hProgressBar, PBM_SETPOS, - (int) (10000.0 * (bProgressBarReverse ? (TotalSize - byteOffset) : byteOffset) / (TotalSize == 0 ? 1 : TotalSize)), - 0); - - return bVolTransformThreadCancel; -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" +#include "Language.h" +#include "Dlgcode.h" +#include "Progress.h" +#include "../Format/Tcformat.h" +#include "../Format/FormatCom.h" +#include "../Format/resource.h" + +#include + +static ULONG prevTime, startTime; +static __int64 TotalSize; +static __int64 resumedPointBytesDone; +static BOOL bProgressBarReverse = FALSE; +static BOOL bRWThroughput = FALSE; +static BOOL bShowStatus = FALSE; +static BOOL bPercentMode = FALSE; + +static wchar_t *seconds, *minutes, *hours, *days; + + +// If bIOThroughput is TRUE, the speed reflects the amount of data read AND written per second (rather than +// the speed of the "transform cursor"). +void InitProgressBar (__int64 totalBytes, __int64 bytesDone, BOOL bReverse, BOOL bIOThroughput, BOOL bDisplayStatus, BOOL bShowPercent) +{ + HWND hProgressBar = GetDlgItem (hCurPage, nPbar); + SendMessage (hProgressBar, PBM_SETRANGE32, 0, 10000); + SendMessage (hProgressBar, PBM_SETSTEP, 1, 0); + + bProgressBarReverse = bReverse; + bRWThroughput = bIOThroughput; + bShowStatus = bDisplayStatus; + bPercentMode = bShowPercent; + + seconds = GetString ("SECONDS"); + minutes = GetString ("MINUTES"); + hours = GetString ("HOURS"); + days = GetString ("DAYS"); + + prevTime = startTime = GetTickCount (); + TotalSize = totalBytes; + resumedPointBytesDone = bytesDone; +} + + +BOOL UpdateProgressBar (__int64 byteOffset) +{ + return UpdateProgressBarProc (byteOffset); +} + + +BOOL UpdateProgressBarProc (__int64 byteOffset) +{ + wchar_t text[100]; + wchar_t speed[100]; + HWND hProgressBar = GetDlgItem (hCurPage, nPbar); + int time = GetTickCount (); + int elapsed = (time - startTime) / 1000; + + uint64 bytesDone = (bProgressBarReverse ? (TotalSize - byteOffset) : byteOffset); + uint64 bytesPerSec = (bProgressBarReverse ? (resumedPointBytesDone - byteOffset) : (bytesDone - resumedPointBytesDone)) / (elapsed + 1); + + if (bPercentMode) + { + double perc = (double) (100.0 * (bProgressBarReverse ? ((double) (TotalSize - byteOffset)) : ((double) byteOffset)) / (TotalSize == 0 ? 0.0001 : ((double) TotalSize))); + + if (perc > 99.999999999) + StringCchCopyW (text,ARRAYSIZE(text), GetString ("PROCESSED_PORTION_100_PERCENT")); + else + StringCchPrintfW (text, ARRAYSIZE (text), GetString ("PROCESSED_PORTION_X_PERCENT"), perc); + + StringCchCatW (text, ARRAYSIZE(text), L" "); + } + else + { + GetSizeString (bytesDone, text, sizeof(text)); + if (bytesDone < (unsigned __int64) BYTES_PER_MB * 1000000) + StringCchPrintfW(text, ARRAYSIZE(text), L"%I64d %s ", bytesDone / BYTES_PER_MB, GetString ("MB")); + else if (bytesDone < (unsigned __int64) BYTES_PER_GB * 1000000) + StringCchPrintfW(text, ARRAYSIZE(text), L"%I64d %s ", bytesDone / BYTES_PER_GB, GetString ("GB")); + else if (bytesDone < (unsigned __int64) BYTES_PER_TB * 1000000) + StringCchPrintfW(text, ARRAYSIZE(text), L"%I64d %s ", bytesDone / BYTES_PER_TB, GetString ("TB")); + else + StringCchPrintfW(text, ARRAYSIZE(text), L"%I64d %s ", bytesDone / BYTES_PER_PB, GetString ("PB")); + } + + SetWindowTextW (GetDlgItem (hCurPage, IDC_BYTESWRITTEN), text); + + if (!bShowStatus) + { + GetSpeedString (bRWThroughput ? bytesPerSec*2 : bytesPerSec, speed, sizeof(speed)); + StringCchCatW (speed, ARRAYSIZE(speed), L" "); + SetWindowTextW (GetDlgItem (hCurPage, IDC_WRITESPEED), speed); + } + + if (byteOffset < TotalSize) + { + int64 sec = (int64) ((bProgressBarReverse ? byteOffset : (TotalSize - byteOffset)) / (bytesPerSec == 0 ? 0.001 : bytesPerSec)); + + if (bytesPerSec == 0 || sec > 60 * 60 * 24 * 999) + StringCchPrintfW (text, ARRAYSIZE(text), L"%s ", GetString ("NOT_APPLICABLE_OR_NOT_AVAILABLE")); + else if (sec >= 60 * 60 * 24 * 2) + StringCchPrintfW (text, ARRAYSIZE(text), L"%I64d %s ", sec / (60 * 24 * 60), days); + else if (sec >= 120 * 60) + StringCchPrintfW (text, ARRAYSIZE(text), L"%I64d %s ", sec / (60 * 60), hours); + else if (sec >= 120) + StringCchPrintfW (text, ARRAYSIZE(text), L"%I64d %s ", sec / 60, minutes); + else + StringCchPrintfW (text, ARRAYSIZE(text), L"%I64d %s ", sec, seconds); + + SetWindowTextW (GetDlgItem (hCurPage, IDC_TIMEREMAIN), text); + } + + prevTime = time; + + SendMessage (hProgressBar, PBM_SETPOS, + (int) (10000.0 * (bProgressBarReverse ? (TotalSize - byteOffset) : byteOffset) / (TotalSize == 0 ? 1 : TotalSize)), + 0); + + return bVolTransformThreadCancel; +} diff --git a/src/Common/Progress.h b/src/Common/Progress.h index 9e80a086..f3579d69 100644 --- a/src/Common/Progress.h +++ b/src/Common/Progress.h @@ -1,33 +1,33 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef PBM_SETSTATE - -#define PBM_SETSTATE (WM_USER+16) // wParam = PBST_[State] (NORMAL, ERROR, PAUSED) -#define PBST_NORMAL 0x0001 -#define PBST_ERROR 0x0002 -#define PBST_PAUSED 0x0003 - -#endif - -void InitProgressBar (__int64 totalBytes, __int64 bytesDone, BOOL bReverse, BOOL bIOThroughput, BOOL bDisplayStatus, BOOL bShowPercent); -BOOL UpdateProgressBar (__int64 byteOffset); -BOOL UpdateProgressBarProc (__int64 byteOffset); - -#ifdef __cplusplus -} -#endif +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifdef __cplusplus +extern "C" { +#endif + +#ifndef PBM_SETSTATE + +#define PBM_SETSTATE (WM_USER+16) // wParam = PBST_[State] (NORMAL, ERROR, PAUSED) +#define PBST_NORMAL 0x0001 +#define PBST_ERROR 0x0002 +#define PBST_PAUSED 0x0003 + +#endif + +void InitProgressBar (__int64 totalBytes, __int64 bytesDone, BOOL bReverse, BOOL bIOThroughput, BOOL bDisplayStatus, BOOL bShowPercent); +BOOL UpdateProgressBar (__int64 byteOffset); +BOOL UpdateProgressBarProc (__int64 byteOffset); + +#ifdef __cplusplus +} +#endif diff --git a/src/Common/Random.c b/src/Common/Random.c index 21c18dad..56431262 100644 --- a/src/Common/Random.c +++ b/src/Common/Random.c @@ -1,898 +1,898 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" -#include "Crc.h" -#include "Random.h" -#include - -static unsigned __int8 buffer[RNG_POOL_SIZE]; -static unsigned char *pRandPool = NULL; -static BOOL bRandDidInit = FALSE; -static int nRandIndex = 0, randPoolReadIndex = 0; -static int HashFunction = DEFAULT_HASH_ALGORITHM; -static BOOL bDidSlowPoll = FALSE; -BOOL volatile bFastPollEnabled = TRUE; /* Used to reduce CPU load when performing benchmarks */ -BOOL volatile bRandmixEnabled = TRUE; /* Used to reduce CPU load when performing benchmarks */ -static BOOL RandomPoolEnrichedByUser = FALSE; -static HANDLE PeriodicFastPollThreadHandle = NULL; - -/* Macro to add a single byte to the pool */ -#define RandaddByte(x) {\ - if (nRandIndex == RNG_POOL_SIZE) nRandIndex = 0;\ - pRandPool[nRandIndex] = (unsigned char) ((unsigned char)x + pRandPool[nRandIndex]); \ - if (nRandIndex % RANDMIX_BYTE_INTERVAL == 0) Randmix();\ - nRandIndex++; \ - } - -/* Macro to add four bytes to the pool */ -#define RandaddInt32(x) RandAddInt((unsigned __int32)x); - -#ifdef _WIN64 -#define RandaddIntPtr(x) RandAddInt64((unsigned __int64)x); -#else -#define RandaddIntPtr(x) RandAddInt((unsigned __int32)x); -#endif - -void RandAddInt (unsigned __int32 x) -{ - RandaddByte(x); - RandaddByte((x >> 8)); - RandaddByte((x >> 16)); - RandaddByte((x >> 24)); -} - -void RandAddInt64 (unsigned __int64 x) -{ - RandaddByte(x); - RandaddByte((x >> 8)); - RandaddByte((x >> 16)); - RandaddByte((x >> 24)); - - RandaddByte((x >> 32)); - RandaddByte((x >> 40)); - RandaddByte((x >> 48)); - RandaddByte((x >> 56)); -} - -#include -#include "Dlgcode.h" - -#ifndef SRC_POS -#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) -#endif - -HHOOK hMouse = NULL; /* Mouse hook for the random number generator */ -HHOOK hKeyboard = NULL; /* Keyboard hook for the random number generator */ -DWORD ProcessedMouseEventsCounter = 0; - -/* Variables for thread control, the thread is used to gather up info about - the system in in the background */ -CRITICAL_SECTION critRandProt; /* The critical section */ -BOOL volatile bThreadTerminate = FALSE; /* This variable is shared among thread's so its made volatile */ - -/* Network library handle for the SlowPoll function */ -HANDLE hNetAPI32 = NULL; - -// CryptoAPI -BOOL CryptoAPIAvailable = FALSE; -DWORD CryptoAPILastError = ERROR_SUCCESS; -HCRYPTPROV hCryptProv; - - -/* Init the random number generator, setup the hooks, and start the thread */ -int Randinit () -{ - DWORD dwLastError = ERROR_SUCCESS; - if (GetMaxPkcs5OutSize() > RNG_POOL_SIZE) - TC_THROW_FATAL_EXCEPTION; - - if(bRandDidInit) - return 0; - - InitializeCriticalSection (&critRandProt); - - bRandDidInit = TRUE; - CryptoAPILastError = ERROR_SUCCESS; - ProcessedMouseEventsCounter = 0; - - if (pRandPool == NULL) - { - pRandPool = (unsigned char *) TCalloc (RANDOMPOOL_ALLOCSIZE); - if (pRandPool == NULL) - goto error; - - bDidSlowPoll = FALSE; - RandomPoolEnrichedByUser = FALSE; - - memset (pRandPool, 0, RANDOMPOOL_ALLOCSIZE); - VirtualLock (pRandPool, RANDOMPOOL_ALLOCSIZE); - } - - hKeyboard = SetWindowsHookEx (WH_KEYBOARD, (HOOKPROC)&KeyboardProc, NULL, GetCurrentThreadId ()); - if (hKeyboard == 0) handleWin32Error (0, SRC_POS); - - hMouse = SetWindowsHookEx (WH_MOUSE, (HOOKPROC)&MouseProc, NULL, GetCurrentThreadId ()); - if (hMouse == 0) - { - handleWin32Error (0, SRC_POS); - goto error; - } - - if (!CryptAcquireContext (&hCryptProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) - { - CryptoAPIAvailable = FALSE; - CryptoAPILastError = GetLastError (); - goto error; - } - else - CryptoAPIAvailable = TRUE; - - if (!(PeriodicFastPollThreadHandle = (HANDLE) _beginthreadex (NULL, 0, PeriodicFastPollThreadProc, NULL, 0, NULL))) - goto error; - - return 0; - -error: - dwLastError = GetLastError(); - RandStop (TRUE); - SetLastError (dwLastError); - return 1; -} - -/* Close everything down, including the thread which is closed down by - setting a flag which eventually causes the thread function to exit */ -void RandStop (BOOL freePool) -{ - if (!bRandDidInit && freePool && pRandPool) - goto freePool; - - if (bRandDidInit == FALSE) - return; - - EnterCriticalSection (&critRandProt); - - if (hMouse != 0) - UnhookWindowsHookEx (hMouse); - if (hKeyboard != 0) - UnhookWindowsHookEx (hKeyboard); - - bThreadTerminate = TRUE; - - LeaveCriticalSection (&critRandProt); - - if (PeriodicFastPollThreadHandle) - WaitForSingleObject (PeriodicFastPollThreadHandle, INFINITE); - - if (hNetAPI32 != 0) - { - FreeLibrary (hNetAPI32); - hNetAPI32 = NULL; - } - - if (CryptoAPIAvailable) - { - CryptReleaseContext (hCryptProv, 0); - CryptoAPIAvailable = FALSE; - CryptoAPILastError = ERROR_SUCCESS; - } - - hMouse = NULL; - hKeyboard = NULL; - bThreadTerminate = FALSE; - DeleteCriticalSection (&critRandProt); - - bRandDidInit = FALSE; - -freePool: - if (freePool) - { - bDidSlowPoll = FALSE; - RandomPoolEnrichedByUser = FALSE; - - if (pRandPool != NULL) - { - burn (pRandPool, RANDOMPOOL_ALLOCSIZE); - TCfree (pRandPool); - pRandPool = NULL; - } - } -} - -BOOL IsRandomNumberGeneratorStarted () -{ - return bRandDidInit; -} - -void RandSetHashFunction (int hash_algo_id) -{ - if (HashIsDeprecated (hash_algo_id)) - hash_algo_id = DEFAULT_HASH_ALGORITHM; - - HashFunction = hash_algo_id; -} - -int RandGetHashFunction (void) -{ - return HashFunction; -} - -void SetRandomPoolEnrichedByUserStatus (BOOL enriched) -{ - RandomPoolEnrichedByUser = enriched; -} - -BOOL IsRandomPoolEnrichedByUser () -{ - return RandomPoolEnrichedByUser; -} - -/* The random pool mixing function */ -BOOL Randmix () -{ - if (bRandmixEnabled) - { - unsigned char hashOutputBuffer [MAX_DIGESTSIZE]; - WHIRLPOOL_CTX wctx; - RMD160_CTX rctx; - sha512_ctx sctx; - sha256_ctx s256ctx; - int poolIndex, digestIndex, digestSize; - - switch (HashFunction) - { - case RIPEMD160: - digestSize = RIPEMD160_DIGESTSIZE; - break; - - case SHA512: - digestSize = SHA512_DIGESTSIZE; - break; - - case SHA256: - digestSize = SHA256_DIGESTSIZE; - break; - - case WHIRLPOOL: - digestSize = WHIRLPOOL_DIGESTSIZE; - break; - - default: - TC_THROW_FATAL_EXCEPTION; - } - - if (RNG_POOL_SIZE % digestSize) - TC_THROW_FATAL_EXCEPTION; - - for (poolIndex = 0; poolIndex < RNG_POOL_SIZE; poolIndex += digestSize) - { - /* Compute the message digest of the entire pool using the selected hash function. */ - switch (HashFunction) - { - case RIPEMD160: - RMD160Init(&rctx); - RMD160Update(&rctx, pRandPool, RNG_POOL_SIZE); - RMD160Final(hashOutputBuffer, &rctx); - break; - - case SHA512: - sha512_begin (&sctx); - sha512_hash (pRandPool, RNG_POOL_SIZE, &sctx); - sha512_end (hashOutputBuffer, &sctx); - break; - - case SHA256: - sha256_begin (&s256ctx); - sha256_hash (pRandPool, RNG_POOL_SIZE, &s256ctx); - sha256_end (hashOutputBuffer, &s256ctx); - break; - - case WHIRLPOOL: - WHIRLPOOL_init (&wctx); - WHIRLPOOL_add (pRandPool, RNG_POOL_SIZE * 8, &wctx); - WHIRLPOOL_finalize (&wctx, hashOutputBuffer); - break; - - default: - // Unknown/wrong ID - TC_THROW_FATAL_EXCEPTION; - } - - /* XOR the resultant message digest to the pool at the poolIndex position. */ - for (digestIndex = 0; digestIndex < digestSize; digestIndex++) - { - pRandPool [poolIndex + digestIndex] ^= hashOutputBuffer [digestIndex]; - } - } - - /* Prevent leaks */ - burn (hashOutputBuffer, MAX_DIGESTSIZE); - switch (HashFunction) - { - case RIPEMD160: - burn (&rctx, sizeof(rctx)); - break; - - case SHA512: - burn (&sctx, sizeof(sctx)); - break; - - case SHA256: - burn (&s256ctx, sizeof(s256ctx)); - break; - - case WHIRLPOOL: - burn (&wctx, sizeof(wctx)); - break; - - default: - // Unknown/wrong ID - TC_THROW_FATAL_EXCEPTION; - } - } - return TRUE; -} - -/* Add a buffer to the pool */ -void RandaddBuf (void *buf, int len) -{ - int i; - for (i = 0; i < len; i++) - { - RandaddByte (((unsigned char *) buf)[i]); - } -} - -BOOL RandpeekBytes (void* hwndDlg, unsigned char *buf, int len, DWORD* mouseCounter) -{ - if (!bRandDidInit) - return FALSE; - - if (len > RNG_POOL_SIZE) - { - Error ("ERR_NOT_ENOUGH_RANDOM_DATA", (HWND) hwndDlg); - len = RNG_POOL_SIZE; - } - - EnterCriticalSection (&critRandProt); - *mouseCounter = ProcessedMouseEventsCounter; - memcpy (buf, pRandPool, len); - LeaveCriticalSection (&critRandProt); - - return TRUE; -} - - -/* Get len random bytes from the pool (max. RNG_POOL_SIZE bytes per a single call) */ -BOOL RandgetBytes (void* hwndDlg, unsigned char *buf, int len, BOOL forceSlowPoll) -{ - return RandgetBytesFull (hwndDlg, buf, len, forceSlowPoll, FALSE); -} - -/* Get len random bytes from the pool. - * If allowAnyLength is FALSE, then len must be less or equal to RNG_POOL_SIZE - * If allowAnyLength is TRUE, then len can have any positive value - */ -BOOL RandgetBytesFull ( void* hwndDlg, unsigned char *buf , int len, BOOL forceSlowPoll , BOOL allowAnyLength) -{ - int i, looplen; - BOOL ret = TRUE; - - if (!bRandDidInit || HashFunction == 0) - TC_THROW_FATAL_EXCEPTION; - - EnterCriticalSection (&critRandProt); - - if (bDidSlowPoll == FALSE || forceSlowPoll) - { - if (!SlowPoll ()) - { - handleError ((HWND) hwndDlg, ERR_CAPI_INIT_FAILED, SRC_POS); - ret = FALSE; - } - else - bDidSlowPoll = TRUE; - } - - if (!FastPoll ()) - { - handleError ((HWND) hwndDlg, ERR_CAPI_INIT_FAILED, SRC_POS); - ret = FALSE; - } - - /* There's never more than RNG_POOL_SIZE worth of randomess */ - if ( (!allowAnyLength) && (len > RNG_POOL_SIZE)) - { - Error ("ERR_NOT_ENOUGH_RANDOM_DATA", (HWND) hwndDlg); - len = RNG_POOL_SIZE; - LeaveCriticalSection (&critRandProt); - return FALSE; - } - - while (len > 0) - { - if (len > RNG_POOL_SIZE) - { - looplen = RNG_POOL_SIZE; - len -= RNG_POOL_SIZE; - } - else - { - looplen = len; - len = 0; - } - - // this loop number of bytes is copied from pool to output buffer, - // pool is rehashed, and output buffer is XORed with new data from pool - for (i = 0; i < looplen; i++) - { - buf[i] = pRandPool[randPoolReadIndex++]; - if (randPoolReadIndex == RNG_POOL_SIZE) randPoolReadIndex = 0; - } - - /* Invert the pool */ - for (i = 0; i < RNG_POOL_SIZE / 4; i++) - { - ((unsigned __int32 *) pRandPool)[i] = ~((unsigned __int32 *) pRandPool)[i]; - } - - // Mix the pool - if (!FastPoll ()) - ret = FALSE; - - // XOR the current pool content into the output buffer to prevent pool state leaks - for (i = 0; i < looplen; i++) - { - buf[i] ^= pRandPool[randPoolReadIndex++]; - if (randPoolReadIndex == RNG_POOL_SIZE) randPoolReadIndex = 0; - } - - // increment the pointer for the next loop - buf += looplen; - } - - LeaveCriticalSection (&critRandProt); - - if (!ret) - TC_THROW_FATAL_EXCEPTION; - - return ret; -} - -/* Capture the mouse, and as long as the event is not the same as the last - two events, add the crc of the event, and the crc of the time difference - between this event and the last + the current time to the pool. - The role of CRC-32 is merely to perform diffusion. Note that the output - of CRC-32 is subsequently processed using a cryptographically secure hash - algorithm. */ -LRESULT CALLBACK MouseProc (int nCode, WPARAM wParam, LPARAM lParam) -{ - static DWORD dwLastTimer; - static unsigned __int32 lastCrc, lastCrc2; - static POINT lastPoint; - MOUSEHOOKSTRUCT *lpMouse = (MOUSEHOOKSTRUCT *) lParam; - - if (nCode < 0) - return CallNextHookEx (hMouse, nCode, wParam, lParam); - else - { - DWORD dwTimer = GetTickCount (); - DWORD j = dwLastTimer - dwTimer; - unsigned __int32 crc = 0L; - int i; - POINT pt = lpMouse->pt; - - dwLastTimer = dwTimer; - - for (i = 0; i < sizeof (MOUSEHOOKSTRUCT); i++) - { - crc = UPDC32 (((unsigned char *) lpMouse)[i], crc); - } - - if (crc != lastCrc && crc != lastCrc2) - { - unsigned __int32 timeCrc = 0L; - - for (i = 0; i < 4; i++) - { - timeCrc = UPDC32 (((unsigned char *) &j)[i], timeCrc); - } - - for (i = 0; i < 4; i++) - { - timeCrc = UPDC32 (((unsigned char *) &dwTimer)[i], timeCrc); - } - - EnterCriticalSection (&critRandProt); - /* only count real mouse messages in entropy estimation */ - if ( (nCode == HC_ACTION) && (wParam == WM_MOUSEMOVE) - && ((pt.x != lastPoint.x) || (pt.y != lastPoint.y))) - { - ProcessedMouseEventsCounter++; - lastPoint = pt; - } - RandaddInt32 ((unsigned __int32) (crc + timeCrc)); - LeaveCriticalSection (&critRandProt); - } - lastCrc2 = lastCrc; - lastCrc = crc; - - } - return 0; -} - -/* Capture the keyboard, as long as the event is not the same as the last two - events, add the crc of the event to the pool along with the crc of the time - difference between this event and the last. The role of CRC-32 is merely to - perform diffusion. Note that the output of CRC-32 is subsequently processed - using a cryptographically secure hash algorithm. */ -LRESULT CALLBACK KeyboardProc (int nCode, WPARAM wParam, LPARAM lParam) -{ - static int lLastKey, lLastKey2; - static DWORD dwLastTimer; - int nKey = (lParam & 0x00ff0000) >> 16; - int nCapture = 0; - - if (nCode < 0) - return CallNextHookEx (hMouse, nCode, wParam, lParam); - - if ((lParam & 0x0000ffff) == 1 && !(lParam & 0x20000000) && - (lParam & 0x80000000)) - { - if (nKey != lLastKey) - nCapture = 1; /* Capture this key */ - else if (nKey != lLastKey2) - nCapture = 1; /* Allow for one repeat */ - } - if (nCapture) - { - DWORD dwTimer = GetTickCount (); - DWORD j = dwLastTimer - dwTimer; - unsigned __int32 timeCrc = 0L; - int i; - - dwLastTimer = dwTimer; - lLastKey2 = lLastKey; - lLastKey = nKey; - - for (i = 0; i < 4; i++) - { - timeCrc = UPDC32 (((unsigned char *) &j)[i], timeCrc); - } - - for (i = 0; i < 4; i++) - { - timeCrc = UPDC32 (((unsigned char *) &dwTimer)[i], timeCrc); - } - - EnterCriticalSection (&critRandProt); - RandaddInt32 ((unsigned __int32) (GetCrc32((unsigned char*) &lParam, sizeof(lParam)) + timeCrc)); - LeaveCriticalSection (&critRandProt); - } - - return CallNextHookEx (hMouse, nCode, wParam, lParam); -} - -/* This is the thread function which will poll the system for randomness */ -static unsigned __stdcall PeriodicFastPollThreadProc (void *dummy) -{ - UNREFERENCED_PARAMETER (dummy); /* Remove unused parameter warning */ - - for (;;) - { - EnterCriticalSection (&critRandProt); - - if (bThreadTerminate) - { - bThreadTerminate = FALSE; - LeaveCriticalSection (&critRandProt); - _endthreadex (0); - } - else if (bFastPollEnabled) - { - FastPoll (); - } - - LeaveCriticalSection (&critRandProt); - - Sleep (FASTPOLL_INTERVAL); - } -} - -/* Type definitions for function pointers to call NetAPI32 functions */ - -typedef - DWORD (WINAPI * NETSTATISTICSGET) (LPWSTR szServer, LPWSTR szService, - DWORD dwLevel, DWORD dwOptions, - LPBYTE * lpBuffer); -typedef - DWORD (WINAPI * NETAPIBUFFERSIZE) (LPVOID lpBuffer, LPDWORD cbBuffer); -typedef - DWORD (WINAPI * NETAPIBUFFERFREE) (LPVOID lpBuffer); - -NETSTATISTICSGET pNetStatisticsGet = NULL; -NETAPIBUFFERSIZE pNetApiBufferSize = NULL; -NETAPIBUFFERFREE pNetApiBufferFree = NULL; - - -/* This is the slowpoll function which gathers up network/hard drive - performance data for the random pool */ -BOOL SlowPoll (void) -{ - static int isWorkstation = -1; - static int cbPerfData = 0x10000; - HANDLE hDevice; - LPBYTE lpBuffer; - DWORD dwSize, status; - LPWSTR lpszLanW, lpszLanS; - int nDrive; - - /* Find out whether this is an NT server or workstation if necessary */ - if (isWorkstation == -1) - { - HKEY hKey; - - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, - L"SYSTEM\\CurrentControlSet\\Control\\ProductOptions", - 0, KEY_READ, &hKey) == ERROR_SUCCESS) - { - wchar_t szValue[32]; - dwSize = sizeof (szValue); - - isWorkstation = TRUE; - status = RegQueryValueEx (hKey, L"ProductType", 0, NULL, - (LPBYTE) szValue, &dwSize); - - if (status == ERROR_SUCCESS && _wcsicmp (szValue, L"WinNT")) - /* Note: There are (at least) three cases for - ProductType: WinNT = NT Workstation, - ServerNT = NT Server, LanmanNT = NT Server - acting as a Domain Controller */ - isWorkstation = FALSE; - - RegCloseKey (hKey); - } - } - /* Initialize the NetAPI32 function pointers if necessary */ - if (hNetAPI32 == NULL) - { - /* Obtain a handle to the module containing the Lan Manager - functions */ - wchar_t dllPath[MAX_PATH]; - if (GetSystemDirectory (dllPath, MAX_PATH)) - { - StringCchCatW(dllPath, ARRAYSIZE(dllPath), L"\\NETAPI32.DLL"); - } - else - StringCchCopyW(dllPath, ARRAYSIZE(dllPath), L"C:\\Windows\\System32\\NETAPI32.DLL"); - - hNetAPI32 = LoadLibrary (dllPath); - if (hNetAPI32 != NULL) - { - /* Now get pointers to the functions */ - pNetStatisticsGet = (NETSTATISTICSGET) GetProcAddress (hNetAPI32, - "NetStatisticsGet"); - pNetApiBufferSize = (NETAPIBUFFERSIZE) GetProcAddress (hNetAPI32, - "NetApiBufferSize"); - pNetApiBufferFree = (NETAPIBUFFERFREE) GetProcAddress (hNetAPI32, - "NetApiBufferFree"); - - /* Make sure we got valid pointers for every NetAPI32 - function */ - if (pNetStatisticsGet == NULL || - pNetApiBufferSize == NULL || - pNetApiBufferFree == NULL) - { - /* Free the library reference and reset the - static handle */ - FreeLibrary (hNetAPI32); - hNetAPI32 = NULL; - } - } - } - - /* Get network statistics. Note: Both NT Workstation and NT Server - by default will be running both the workstation and server - services. The heuristic below is probably useful though on the - assumption that the majority of the network traffic will be via - the appropriate service */ - lpszLanW = (LPWSTR) WIDE ("LanmanWorkstation"); - lpszLanS = (LPWSTR) WIDE ("LanmanServer"); - if (hNetAPI32 && - pNetStatisticsGet (NULL, - isWorkstation ? lpszLanW : lpszLanS, - 0, 0, &lpBuffer) == 0) - { - pNetApiBufferSize (lpBuffer, &dwSize); - RandaddBuf ((unsigned char *) lpBuffer, dwSize); - pNetApiBufferFree (lpBuffer); - } - - /* Get disk I/O statistics for all the hard drives */ - for (nDrive = 0;; nDrive++) - { - DISK_PERFORMANCE diskPerformance; - wchar_t szDevice[24]; - - /* Check whether we can access this device */ - StringCchPrintfW (szDevice, ARRAYSIZE(szDevice), L"\\\\.\\PhysicalDrive%d", nDrive); - hDevice = CreateFile (szDevice, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, - NULL, OPEN_EXISTING, 0, NULL); - if (hDevice == INVALID_HANDLE_VALUE) - break; - - - /* Note: This only works if you have turned on the disk - performance counters with 'diskperf -y'. These counters - are off by default */ - if (DeviceIoControl (hDevice, IOCTL_DISK_PERFORMANCE, NULL, 0, - &diskPerformance, sizeof (DISK_PERFORMANCE), - &dwSize, NULL)) - { - RandaddBuf ((unsigned char *) &diskPerformance, dwSize); - } - CloseHandle (hDevice); - } - - // CryptoAPI: We always have a valid CryptoAPI context when we arrive here but - // we keep the check for clarity purpose - if ( !CryptoAPIAvailable ) - return FALSE; - if (CryptGenRandom (hCryptProv, sizeof (buffer), buffer)) - { - RandaddBuf (buffer, sizeof (buffer)); - - burn(buffer, sizeof (buffer)); - Randmix(); - return TRUE; - } - else - { - /* return error in case CryptGenRandom fails */ - CryptoAPILastError = GetLastError (); - return FALSE; - } -} - - -/* This is the fastpoll function which gathers up info by calling various api's */ -BOOL FastPoll (void) -{ - int nOriginalRandIndex = nRandIndex; - static BOOL addedFixedItems = FALSE; - FILETIME creationTime, exitTime, kernelTime, userTime; - SIZE_T minimumWorkingSetSize, maximumWorkingSetSize; - LARGE_INTEGER performanceCount; - MEMORYSTATUS memoryStatus; - HANDLE handle; - POINT point; - - /* Get various basic pieces of system information */ - RandaddIntPtr (GetActiveWindow ()); /* Handle of active window */ - RandaddIntPtr (GetCapture ()); /* Handle of window with mouse - capture */ - RandaddIntPtr (GetClipboardOwner ()); /* Handle of clipboard owner */ - RandaddIntPtr (GetClipboardViewer ()); /* Handle of start of - clpbd.viewer list */ - RandaddIntPtr (GetCurrentProcess ()); /* Pseudohandle of current - process */ - RandaddInt32 (GetCurrentProcessId ()); /* Current process ID */ - RandaddIntPtr (GetCurrentThread ()); /* Pseudohandle of current - thread */ - RandaddInt32 (GetCurrentThreadId ()); /* Current thread ID */ - RandaddInt32 (GetCurrentTime ()); /* Milliseconds since Windows - started */ - RandaddIntPtr (GetDesktopWindow ()); /* Handle of desktop window */ - RandaddIntPtr (GetFocus ()); /* Handle of window with kb.focus */ - RandaddInt32 (GetInputState ()); /* Whether sys.queue has any events */ - RandaddInt32 (GetMessagePos ()); /* Cursor pos.for last message */ - RandaddInt32 (GetMessageTime ()); /* 1 ms time for last message */ - RandaddIntPtr (GetOpenClipboardWindow ()); /* Handle of window with - clpbd.open */ - RandaddIntPtr (GetProcessHeap ()); /* Handle of process heap */ - RandaddIntPtr (GetProcessWindowStation ()); /* Handle of procs - window station */ - RandaddInt32 (GetQueueStatus (QS_ALLEVENTS)); /* Types of events in - input queue */ - - /* Get multiword system information */ - GetCaretPos (&point); /* Current caret position */ - RandaddBuf ((unsigned char *) &point, sizeof (POINT)); - GetCursorPos (&point); /* Current mouse cursor position */ - RandaddBuf ((unsigned char *) &point, sizeof (POINT)); - - /* Get percent of memory in use, bytes of physical memory, bytes of - free physical memory, bytes in paging file, free bytes in paging - file, user bytes of address space, and free user bytes */ - memoryStatus.dwLength = sizeof (MEMORYSTATUS); - GlobalMemoryStatus (&memoryStatus); - RandaddBuf ((unsigned char *) &memoryStatus, sizeof (MEMORYSTATUS)); - - /* Get thread and process creation time, exit time, time in kernel - mode, and time in user mode in 100ns intervals */ - handle = GetCurrentThread (); - GetThreadTimes (handle, &creationTime, &exitTime, &kernelTime, &userTime); - RandaddBuf ((unsigned char *) &creationTime, sizeof (FILETIME)); - RandaddBuf ((unsigned char *) &exitTime, sizeof (FILETIME)); - RandaddBuf ((unsigned char *) &kernelTime, sizeof (FILETIME)); - RandaddBuf ((unsigned char *) &userTime, sizeof (FILETIME)); - handle = GetCurrentProcess (); - GetProcessTimes (handle, &creationTime, &exitTime, &kernelTime, &userTime); - RandaddBuf ((unsigned char *) &creationTime, sizeof (FILETIME)); - RandaddBuf ((unsigned char *) &exitTime, sizeof (FILETIME)); - RandaddBuf ((unsigned char *) &kernelTime, sizeof (FILETIME)); - RandaddBuf ((unsigned char *) &userTime, sizeof (FILETIME)); - - /* Get the minimum and maximum working set size for the current - process */ - GetProcessWorkingSetSize (handle, &minimumWorkingSetSize, - &maximumWorkingSetSize); - RandaddIntPtr (minimumWorkingSetSize); - RandaddIntPtr (maximumWorkingSetSize); - - /* The following are fixed for the lifetime of the process so we only - add them once */ - if (addedFixedItems == 0) - { - STARTUPINFO startupInfo; - - /* Get name of desktop, console window title, new window - position and size, window flags, and handles for stdin, - stdout, and stderr */ - startupInfo.cb = sizeof (STARTUPINFO); - GetStartupInfo (&startupInfo); - RandaddBuf ((unsigned char *) &startupInfo, sizeof (STARTUPINFO)); - addedFixedItems = TRUE; - } - /* The docs say QPC can fail if appropriate hardware is not - available. It works on 486 & Pentium boxes, but hasn't been tested - for 386 or RISC boxes */ - if (QueryPerformanceCounter (&performanceCount)) - RandaddBuf ((unsigned char *) &performanceCount, sizeof (LARGE_INTEGER)); - else - { - /* Millisecond accuracy at best... */ - DWORD dwTicks = GetTickCount (); - RandaddBuf ((unsigned char *) &dwTicks, sizeof (dwTicks)); - } - - // CryptoAPI: We always have a valid CryptoAPI context when we arrive here but - // we keep the check for clarity purpose - if ( !CryptoAPIAvailable ) - return FALSE; - if (CryptGenRandom (hCryptProv, sizeof (buffer), buffer)) - { - RandaddBuf (buffer, sizeof (buffer)); - burn (buffer, sizeof(buffer)); - } - else - { - /* return error in case CryptGenRandom fails */ - CryptoAPILastError = GetLastError (); - return FALSE; - } - - /* Apply the pool mixing function */ - Randmix(); - - /* Restore the original pool cursor position. If this wasn't done, mouse coordinates - could be written to a limited area of the pool, especially when moving the mouse - uninterruptedly. The severity of the problem would depend on the length of data - written by FastPoll (if it was equal to the size of the pool, mouse coordinates - would be written only to a particular 4-byte area, whenever moving the mouse - uninterruptedly). */ - nRandIndex = nOriginalRandIndex; - - return TRUE; -} - +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" +#include "Crc.h" +#include "Random.h" +#include + +static unsigned __int8 buffer[RNG_POOL_SIZE]; +static unsigned char *pRandPool = NULL; +static BOOL bRandDidInit = FALSE; +static int nRandIndex = 0, randPoolReadIndex = 0; +static int HashFunction = DEFAULT_HASH_ALGORITHM; +static BOOL bDidSlowPoll = FALSE; +BOOL volatile bFastPollEnabled = TRUE; /* Used to reduce CPU load when performing benchmarks */ +BOOL volatile bRandmixEnabled = TRUE; /* Used to reduce CPU load when performing benchmarks */ +static BOOL RandomPoolEnrichedByUser = FALSE; +static HANDLE PeriodicFastPollThreadHandle = NULL; + +/* Macro to add a single byte to the pool */ +#define RandaddByte(x) {\ + if (nRandIndex == RNG_POOL_SIZE) nRandIndex = 0;\ + pRandPool[nRandIndex] = (unsigned char) ((unsigned char)x + pRandPool[nRandIndex]); \ + if (nRandIndex % RANDMIX_BYTE_INTERVAL == 0) Randmix();\ + nRandIndex++; \ + } + +/* Macro to add four bytes to the pool */ +#define RandaddInt32(x) RandAddInt((unsigned __int32)x); + +#ifdef _WIN64 +#define RandaddIntPtr(x) RandAddInt64((unsigned __int64)x); +#else +#define RandaddIntPtr(x) RandAddInt((unsigned __int32)x); +#endif + +void RandAddInt (unsigned __int32 x) +{ + RandaddByte(x); + RandaddByte((x >> 8)); + RandaddByte((x >> 16)); + RandaddByte((x >> 24)); +} + +void RandAddInt64 (unsigned __int64 x) +{ + RandaddByte(x); + RandaddByte((x >> 8)); + RandaddByte((x >> 16)); + RandaddByte((x >> 24)); + + RandaddByte((x >> 32)); + RandaddByte((x >> 40)); + RandaddByte((x >> 48)); + RandaddByte((x >> 56)); +} + +#include +#include "Dlgcode.h" + +#ifndef SRC_POS +#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) +#endif + +HHOOK hMouse = NULL; /* Mouse hook for the random number generator */ +HHOOK hKeyboard = NULL; /* Keyboard hook for the random number generator */ +DWORD ProcessedMouseEventsCounter = 0; + +/* Variables for thread control, the thread is used to gather up info about + the system in in the background */ +CRITICAL_SECTION critRandProt; /* The critical section */ +BOOL volatile bThreadTerminate = FALSE; /* This variable is shared among thread's so its made volatile */ + +/* Network library handle for the SlowPoll function */ +HANDLE hNetAPI32 = NULL; + +// CryptoAPI +BOOL CryptoAPIAvailable = FALSE; +DWORD CryptoAPILastError = ERROR_SUCCESS; +HCRYPTPROV hCryptProv; + + +/* Init the random number generator, setup the hooks, and start the thread */ +int Randinit () +{ + DWORD dwLastError = ERROR_SUCCESS; + if (GetMaxPkcs5OutSize() > RNG_POOL_SIZE) + TC_THROW_FATAL_EXCEPTION; + + if(bRandDidInit) + return 0; + + InitializeCriticalSection (&critRandProt); + + bRandDidInit = TRUE; + CryptoAPILastError = ERROR_SUCCESS; + ProcessedMouseEventsCounter = 0; + + if (pRandPool == NULL) + { + pRandPool = (unsigned char *) TCalloc (RANDOMPOOL_ALLOCSIZE); + if (pRandPool == NULL) + goto error; + + bDidSlowPoll = FALSE; + RandomPoolEnrichedByUser = FALSE; + + memset (pRandPool, 0, RANDOMPOOL_ALLOCSIZE); + VirtualLock (pRandPool, RANDOMPOOL_ALLOCSIZE); + } + + hKeyboard = SetWindowsHookEx (WH_KEYBOARD, (HOOKPROC)&KeyboardProc, NULL, GetCurrentThreadId ()); + if (hKeyboard == 0) handleWin32Error (0, SRC_POS); + + hMouse = SetWindowsHookEx (WH_MOUSE, (HOOKPROC)&MouseProc, NULL, GetCurrentThreadId ()); + if (hMouse == 0) + { + handleWin32Error (0, SRC_POS); + goto error; + } + + if (!CryptAcquireContext (&hCryptProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) + { + CryptoAPIAvailable = FALSE; + CryptoAPILastError = GetLastError (); + goto error; + } + else + CryptoAPIAvailable = TRUE; + + if (!(PeriodicFastPollThreadHandle = (HANDLE) _beginthreadex (NULL, 0, PeriodicFastPollThreadProc, NULL, 0, NULL))) + goto error; + + return 0; + +error: + dwLastError = GetLastError(); + RandStop (TRUE); + SetLastError (dwLastError); + return 1; +} + +/* Close everything down, including the thread which is closed down by + setting a flag which eventually causes the thread function to exit */ +void RandStop (BOOL freePool) +{ + if (!bRandDidInit && freePool && pRandPool) + goto freePool; + + if (bRandDidInit == FALSE) + return; + + EnterCriticalSection (&critRandProt); + + if (hMouse != 0) + UnhookWindowsHookEx (hMouse); + if (hKeyboard != 0) + UnhookWindowsHookEx (hKeyboard); + + bThreadTerminate = TRUE; + + LeaveCriticalSection (&critRandProt); + + if (PeriodicFastPollThreadHandle) + WaitForSingleObject (PeriodicFastPollThreadHandle, INFINITE); + + if (hNetAPI32 != 0) + { + FreeLibrary (hNetAPI32); + hNetAPI32 = NULL; + } + + if (CryptoAPIAvailable) + { + CryptReleaseContext (hCryptProv, 0); + CryptoAPIAvailable = FALSE; + CryptoAPILastError = ERROR_SUCCESS; + } + + hMouse = NULL; + hKeyboard = NULL; + bThreadTerminate = FALSE; + DeleteCriticalSection (&critRandProt); + + bRandDidInit = FALSE; + +freePool: + if (freePool) + { + bDidSlowPoll = FALSE; + RandomPoolEnrichedByUser = FALSE; + + if (pRandPool != NULL) + { + burn (pRandPool, RANDOMPOOL_ALLOCSIZE); + TCfree (pRandPool); + pRandPool = NULL; + } + } +} + +BOOL IsRandomNumberGeneratorStarted () +{ + return bRandDidInit; +} + +void RandSetHashFunction (int hash_algo_id) +{ + if (HashIsDeprecated (hash_algo_id)) + hash_algo_id = DEFAULT_HASH_ALGORITHM; + + HashFunction = hash_algo_id; +} + +int RandGetHashFunction (void) +{ + return HashFunction; +} + +void SetRandomPoolEnrichedByUserStatus (BOOL enriched) +{ + RandomPoolEnrichedByUser = enriched; +} + +BOOL IsRandomPoolEnrichedByUser () +{ + return RandomPoolEnrichedByUser; +} + +/* The random pool mixing function */ +BOOL Randmix () +{ + if (bRandmixEnabled) + { + unsigned char hashOutputBuffer [MAX_DIGESTSIZE]; + WHIRLPOOL_CTX wctx; + RMD160_CTX rctx; + sha512_ctx sctx; + sha256_ctx s256ctx; + int poolIndex, digestIndex, digestSize; + + switch (HashFunction) + { + case RIPEMD160: + digestSize = RIPEMD160_DIGESTSIZE; + break; + + case SHA512: + digestSize = SHA512_DIGESTSIZE; + break; + + case SHA256: + digestSize = SHA256_DIGESTSIZE; + break; + + case WHIRLPOOL: + digestSize = WHIRLPOOL_DIGESTSIZE; + break; + + default: + TC_THROW_FATAL_EXCEPTION; + } + + if (RNG_POOL_SIZE % digestSize) + TC_THROW_FATAL_EXCEPTION; + + for (poolIndex = 0; poolIndex < RNG_POOL_SIZE; poolIndex += digestSize) + { + /* Compute the message digest of the entire pool using the selected hash function. */ + switch (HashFunction) + { + case RIPEMD160: + RMD160Init(&rctx); + RMD160Update(&rctx, pRandPool, RNG_POOL_SIZE); + RMD160Final(hashOutputBuffer, &rctx); + break; + + case SHA512: + sha512_begin (&sctx); + sha512_hash (pRandPool, RNG_POOL_SIZE, &sctx); + sha512_end (hashOutputBuffer, &sctx); + break; + + case SHA256: + sha256_begin (&s256ctx); + sha256_hash (pRandPool, RNG_POOL_SIZE, &s256ctx); + sha256_end (hashOutputBuffer, &s256ctx); + break; + + case WHIRLPOOL: + WHIRLPOOL_init (&wctx); + WHIRLPOOL_add (pRandPool, RNG_POOL_SIZE * 8, &wctx); + WHIRLPOOL_finalize (&wctx, hashOutputBuffer); + break; + + default: + // Unknown/wrong ID + TC_THROW_FATAL_EXCEPTION; + } + + /* XOR the resultant message digest to the pool at the poolIndex position. */ + for (digestIndex = 0; digestIndex < digestSize; digestIndex++) + { + pRandPool [poolIndex + digestIndex] ^= hashOutputBuffer [digestIndex]; + } + } + + /* Prevent leaks */ + burn (hashOutputBuffer, MAX_DIGESTSIZE); + switch (HashFunction) + { + case RIPEMD160: + burn (&rctx, sizeof(rctx)); + break; + + case SHA512: + burn (&sctx, sizeof(sctx)); + break; + + case SHA256: + burn (&s256ctx, sizeof(s256ctx)); + break; + + case WHIRLPOOL: + burn (&wctx, sizeof(wctx)); + break; + + default: + // Unknown/wrong ID + TC_THROW_FATAL_EXCEPTION; + } + } + return TRUE; +} + +/* Add a buffer to the pool */ +void RandaddBuf (void *buf, int len) +{ + int i; + for (i = 0; i < len; i++) + { + RandaddByte (((unsigned char *) buf)[i]); + } +} + +BOOL RandpeekBytes (void* hwndDlg, unsigned char *buf, int len, DWORD* mouseCounter) +{ + if (!bRandDidInit) + return FALSE; + + if (len > RNG_POOL_SIZE) + { + Error ("ERR_NOT_ENOUGH_RANDOM_DATA", (HWND) hwndDlg); + len = RNG_POOL_SIZE; + } + + EnterCriticalSection (&critRandProt); + *mouseCounter = ProcessedMouseEventsCounter; + memcpy (buf, pRandPool, len); + LeaveCriticalSection (&critRandProt); + + return TRUE; +} + + +/* Get len random bytes from the pool (max. RNG_POOL_SIZE bytes per a single call) */ +BOOL RandgetBytes (void* hwndDlg, unsigned char *buf, int len, BOOL forceSlowPoll) +{ + return RandgetBytesFull (hwndDlg, buf, len, forceSlowPoll, FALSE); +} + +/* Get len random bytes from the pool. + * If allowAnyLength is FALSE, then len must be less or equal to RNG_POOL_SIZE + * If allowAnyLength is TRUE, then len can have any positive value + */ +BOOL RandgetBytesFull ( void* hwndDlg, unsigned char *buf , int len, BOOL forceSlowPoll , BOOL allowAnyLength) +{ + int i, looplen; + BOOL ret = TRUE; + + if (!bRandDidInit || HashFunction == 0) + TC_THROW_FATAL_EXCEPTION; + + EnterCriticalSection (&critRandProt); + + if (bDidSlowPoll == FALSE || forceSlowPoll) + { + if (!SlowPoll ()) + { + handleError ((HWND) hwndDlg, ERR_CAPI_INIT_FAILED, SRC_POS); + ret = FALSE; + } + else + bDidSlowPoll = TRUE; + } + + if (!FastPoll ()) + { + handleError ((HWND) hwndDlg, ERR_CAPI_INIT_FAILED, SRC_POS); + ret = FALSE; + } + + /* There's never more than RNG_POOL_SIZE worth of randomess */ + if ( (!allowAnyLength) && (len > RNG_POOL_SIZE)) + { + Error ("ERR_NOT_ENOUGH_RANDOM_DATA", (HWND) hwndDlg); + len = RNG_POOL_SIZE; + LeaveCriticalSection (&critRandProt); + return FALSE; + } + + while (len > 0) + { + if (len > RNG_POOL_SIZE) + { + looplen = RNG_POOL_SIZE; + len -= RNG_POOL_SIZE; + } + else + { + looplen = len; + len = 0; + } + + // this loop number of bytes is copied from pool to output buffer, + // pool is rehashed, and output buffer is XORed with new data from pool + for (i = 0; i < looplen; i++) + { + buf[i] = pRandPool[randPoolReadIndex++]; + if (randPoolReadIndex == RNG_POOL_SIZE) randPoolReadIndex = 0; + } + + /* Invert the pool */ + for (i = 0; i < RNG_POOL_SIZE / 4; i++) + { + ((unsigned __int32 *) pRandPool)[i] = ~((unsigned __int32 *) pRandPool)[i]; + } + + // Mix the pool + if (!FastPoll ()) + ret = FALSE; + + // XOR the current pool content into the output buffer to prevent pool state leaks + for (i = 0; i < looplen; i++) + { + buf[i] ^= pRandPool[randPoolReadIndex++]; + if (randPoolReadIndex == RNG_POOL_SIZE) randPoolReadIndex = 0; + } + + // increment the pointer for the next loop + buf += looplen; + } + + LeaveCriticalSection (&critRandProt); + + if (!ret) + TC_THROW_FATAL_EXCEPTION; + + return ret; +} + +/* Capture the mouse, and as long as the event is not the same as the last + two events, add the crc of the event, and the crc of the time difference + between this event and the last + the current time to the pool. + The role of CRC-32 is merely to perform diffusion. Note that the output + of CRC-32 is subsequently processed using a cryptographically secure hash + algorithm. */ +LRESULT CALLBACK MouseProc (int nCode, WPARAM wParam, LPARAM lParam) +{ + static DWORD dwLastTimer; + static unsigned __int32 lastCrc, lastCrc2; + static POINT lastPoint; + MOUSEHOOKSTRUCT *lpMouse = (MOUSEHOOKSTRUCT *) lParam; + + if (nCode < 0) + return CallNextHookEx (hMouse, nCode, wParam, lParam); + else + { + DWORD dwTimer = GetTickCount (); + DWORD j = dwLastTimer - dwTimer; + unsigned __int32 crc = 0L; + int i; + POINT pt = lpMouse->pt; + + dwLastTimer = dwTimer; + + for (i = 0; i < sizeof (MOUSEHOOKSTRUCT); i++) + { + crc = UPDC32 (((unsigned char *) lpMouse)[i], crc); + } + + if (crc != lastCrc && crc != lastCrc2) + { + unsigned __int32 timeCrc = 0L; + + for (i = 0; i < 4; i++) + { + timeCrc = UPDC32 (((unsigned char *) &j)[i], timeCrc); + } + + for (i = 0; i < 4; i++) + { + timeCrc = UPDC32 (((unsigned char *) &dwTimer)[i], timeCrc); + } + + EnterCriticalSection (&critRandProt); + /* only count real mouse messages in entropy estimation */ + if ( (nCode == HC_ACTION) && (wParam == WM_MOUSEMOVE) + && ((pt.x != lastPoint.x) || (pt.y != lastPoint.y))) + { + ProcessedMouseEventsCounter++; + lastPoint = pt; + } + RandaddInt32 ((unsigned __int32) (crc + timeCrc)); + LeaveCriticalSection (&critRandProt); + } + lastCrc2 = lastCrc; + lastCrc = crc; + + } + return 0; +} + +/* Capture the keyboard, as long as the event is not the same as the last two + events, add the crc of the event to the pool along with the crc of the time + difference between this event and the last. The role of CRC-32 is merely to + perform diffusion. Note that the output of CRC-32 is subsequently processed + using a cryptographically secure hash algorithm. */ +LRESULT CALLBACK KeyboardProc (int nCode, WPARAM wParam, LPARAM lParam) +{ + static int lLastKey, lLastKey2; + static DWORD dwLastTimer; + int nKey = (lParam & 0x00ff0000) >> 16; + int nCapture = 0; + + if (nCode < 0) + return CallNextHookEx (hMouse, nCode, wParam, lParam); + + if ((lParam & 0x0000ffff) == 1 && !(lParam & 0x20000000) && + (lParam & 0x80000000)) + { + if (nKey != lLastKey) + nCapture = 1; /* Capture this key */ + else if (nKey != lLastKey2) + nCapture = 1; /* Allow for one repeat */ + } + if (nCapture) + { + DWORD dwTimer = GetTickCount (); + DWORD j = dwLastTimer - dwTimer; + unsigned __int32 timeCrc = 0L; + int i; + + dwLastTimer = dwTimer; + lLastKey2 = lLastKey; + lLastKey = nKey; + + for (i = 0; i < 4; i++) + { + timeCrc = UPDC32 (((unsigned char *) &j)[i], timeCrc); + } + + for (i = 0; i < 4; i++) + { + timeCrc = UPDC32 (((unsigned char *) &dwTimer)[i], timeCrc); + } + + EnterCriticalSection (&critRandProt); + RandaddInt32 ((unsigned __int32) (GetCrc32((unsigned char*) &lParam, sizeof(lParam)) + timeCrc)); + LeaveCriticalSection (&critRandProt); + } + + return CallNextHookEx (hMouse, nCode, wParam, lParam); +} + +/* This is the thread function which will poll the system for randomness */ +static unsigned __stdcall PeriodicFastPollThreadProc (void *dummy) +{ + UNREFERENCED_PARAMETER (dummy); /* Remove unused parameter warning */ + + for (;;) + { + EnterCriticalSection (&critRandProt); + + if (bThreadTerminate) + { + bThreadTerminate = FALSE; + LeaveCriticalSection (&critRandProt); + _endthreadex (0); + } + else if (bFastPollEnabled) + { + FastPoll (); + } + + LeaveCriticalSection (&critRandProt); + + Sleep (FASTPOLL_INTERVAL); + } +} + +/* Type definitions for function pointers to call NetAPI32 functions */ + +typedef + DWORD (WINAPI * NETSTATISTICSGET) (LPWSTR szServer, LPWSTR szService, + DWORD dwLevel, DWORD dwOptions, + LPBYTE * lpBuffer); +typedef + DWORD (WINAPI * NETAPIBUFFERSIZE) (LPVOID lpBuffer, LPDWORD cbBuffer); +typedef + DWORD (WINAPI * NETAPIBUFFERFREE) (LPVOID lpBuffer); + +NETSTATISTICSGET pNetStatisticsGet = NULL; +NETAPIBUFFERSIZE pNetApiBufferSize = NULL; +NETAPIBUFFERFREE pNetApiBufferFree = NULL; + + +/* This is the slowpoll function which gathers up network/hard drive + performance data for the random pool */ +BOOL SlowPoll (void) +{ + static int isWorkstation = -1; + static int cbPerfData = 0x10000; + HANDLE hDevice; + LPBYTE lpBuffer; + DWORD dwSize, status; + LPWSTR lpszLanW, lpszLanS; + int nDrive; + + /* Find out whether this is an NT server or workstation if necessary */ + if (isWorkstation == -1) + { + HKEY hKey; + + if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, + L"SYSTEM\\CurrentControlSet\\Control\\ProductOptions", + 0, KEY_READ, &hKey) == ERROR_SUCCESS) + { + wchar_t szValue[32]; + dwSize = sizeof (szValue); + + isWorkstation = TRUE; + status = RegQueryValueEx (hKey, L"ProductType", 0, NULL, + (LPBYTE) szValue, &dwSize); + + if (status == ERROR_SUCCESS && _wcsicmp (szValue, L"WinNT")) + /* Note: There are (at least) three cases for + ProductType: WinNT = NT Workstation, + ServerNT = NT Server, LanmanNT = NT Server + acting as a Domain Controller */ + isWorkstation = FALSE; + + RegCloseKey (hKey); + } + } + /* Initialize the NetAPI32 function pointers if necessary */ + if (hNetAPI32 == NULL) + { + /* Obtain a handle to the module containing the Lan Manager + functions */ + wchar_t dllPath[MAX_PATH]; + if (GetSystemDirectory (dllPath, MAX_PATH)) + { + StringCchCatW(dllPath, ARRAYSIZE(dllPath), L"\\NETAPI32.DLL"); + } + else + StringCchCopyW(dllPath, ARRAYSIZE(dllPath), L"C:\\Windows\\System32\\NETAPI32.DLL"); + + hNetAPI32 = LoadLibrary (dllPath); + if (hNetAPI32 != NULL) + { + /* Now get pointers to the functions */ + pNetStatisticsGet = (NETSTATISTICSGET) GetProcAddress (hNetAPI32, + "NetStatisticsGet"); + pNetApiBufferSize = (NETAPIBUFFERSIZE) GetProcAddress (hNetAPI32, + "NetApiBufferSize"); + pNetApiBufferFree = (NETAPIBUFFERFREE) GetProcAddress (hNetAPI32, + "NetApiBufferFree"); + + /* Make sure we got valid pointers for every NetAPI32 + function */ + if (pNetStatisticsGet == NULL || + pNetApiBufferSize == NULL || + pNetApiBufferFree == NULL) + { + /* Free the library reference and reset the + static handle */ + FreeLibrary (hNetAPI32); + hNetAPI32 = NULL; + } + } + } + + /* Get network statistics. Note: Both NT Workstation and NT Server + by default will be running both the workstation and server + services. The heuristic below is probably useful though on the + assumption that the majority of the network traffic will be via + the appropriate service */ + lpszLanW = (LPWSTR) WIDE ("LanmanWorkstation"); + lpszLanS = (LPWSTR) WIDE ("LanmanServer"); + if (hNetAPI32 && + pNetStatisticsGet (NULL, + isWorkstation ? lpszLanW : lpszLanS, + 0, 0, &lpBuffer) == 0) + { + pNetApiBufferSize (lpBuffer, &dwSize); + RandaddBuf ((unsigned char *) lpBuffer, dwSize); + pNetApiBufferFree (lpBuffer); + } + + /* Get disk I/O statistics for all the hard drives */ + for (nDrive = 0;; nDrive++) + { + DISK_PERFORMANCE diskPerformance; + wchar_t szDevice[24]; + + /* Check whether we can access this device */ + StringCchPrintfW (szDevice, ARRAYSIZE(szDevice), L"\\\\.\\PhysicalDrive%d", nDrive); + hDevice = CreateFile (szDevice, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, + NULL, OPEN_EXISTING, 0, NULL); + if (hDevice == INVALID_HANDLE_VALUE) + break; + + + /* Note: This only works if you have turned on the disk + performance counters with 'diskperf -y'. These counters + are off by default */ + if (DeviceIoControl (hDevice, IOCTL_DISK_PERFORMANCE, NULL, 0, + &diskPerformance, sizeof (DISK_PERFORMANCE), + &dwSize, NULL)) + { + RandaddBuf ((unsigned char *) &diskPerformance, dwSize); + } + CloseHandle (hDevice); + } + + // CryptoAPI: We always have a valid CryptoAPI context when we arrive here but + // we keep the check for clarity purpose + if ( !CryptoAPIAvailable ) + return FALSE; + if (CryptGenRandom (hCryptProv, sizeof (buffer), buffer)) + { + RandaddBuf (buffer, sizeof (buffer)); + + burn(buffer, sizeof (buffer)); + Randmix(); + return TRUE; + } + else + { + /* return error in case CryptGenRandom fails */ + CryptoAPILastError = GetLastError (); + return FALSE; + } +} + + +/* This is the fastpoll function which gathers up info by calling various api's */ +BOOL FastPoll (void) +{ + int nOriginalRandIndex = nRandIndex; + static BOOL addedFixedItems = FALSE; + FILETIME creationTime, exitTime, kernelTime, userTime; + SIZE_T minimumWorkingSetSize, maximumWorkingSetSize; + LARGE_INTEGER performanceCount; + MEMORYSTATUS memoryStatus; + HANDLE handle; + POINT point; + + /* Get various basic pieces of system information */ + RandaddIntPtr (GetActiveWindow ()); /* Handle of active window */ + RandaddIntPtr (GetCapture ()); /* Handle of window with mouse + capture */ + RandaddIntPtr (GetClipboardOwner ()); /* Handle of clipboard owner */ + RandaddIntPtr (GetClipboardViewer ()); /* Handle of start of + clpbd.viewer list */ + RandaddIntPtr (GetCurrentProcess ()); /* Pseudohandle of current + process */ + RandaddInt32 (GetCurrentProcessId ()); /* Current process ID */ + RandaddIntPtr (GetCurrentThread ()); /* Pseudohandle of current + thread */ + RandaddInt32 (GetCurrentThreadId ()); /* Current thread ID */ + RandaddInt32 (GetCurrentTime ()); /* Milliseconds since Windows + started */ + RandaddIntPtr (GetDesktopWindow ()); /* Handle of desktop window */ + RandaddIntPtr (GetFocus ()); /* Handle of window with kb.focus */ + RandaddInt32 (GetInputState ()); /* Whether sys.queue has any events */ + RandaddInt32 (GetMessagePos ()); /* Cursor pos.for last message */ + RandaddInt32 (GetMessageTime ()); /* 1 ms time for last message */ + RandaddIntPtr (GetOpenClipboardWindow ()); /* Handle of window with + clpbd.open */ + RandaddIntPtr (GetProcessHeap ()); /* Handle of process heap */ + RandaddIntPtr (GetProcessWindowStation ()); /* Handle of procs + window station */ + RandaddInt32 (GetQueueStatus (QS_ALLEVENTS)); /* Types of events in + input queue */ + + /* Get multiword system information */ + GetCaretPos (&point); /* Current caret position */ + RandaddBuf ((unsigned char *) &point, sizeof (POINT)); + GetCursorPos (&point); /* Current mouse cursor position */ + RandaddBuf ((unsigned char *) &point, sizeof (POINT)); + + /* Get percent of memory in use, bytes of physical memory, bytes of + free physical memory, bytes in paging file, free bytes in paging + file, user bytes of address space, and free user bytes */ + memoryStatus.dwLength = sizeof (MEMORYSTATUS); + GlobalMemoryStatus (&memoryStatus); + RandaddBuf ((unsigned char *) &memoryStatus, sizeof (MEMORYSTATUS)); + + /* Get thread and process creation time, exit time, time in kernel + mode, and time in user mode in 100ns intervals */ + handle = GetCurrentThread (); + GetThreadTimes (handle, &creationTime, &exitTime, &kernelTime, &userTime); + RandaddBuf ((unsigned char *) &creationTime, sizeof (FILETIME)); + RandaddBuf ((unsigned char *) &exitTime, sizeof (FILETIME)); + RandaddBuf ((unsigned char *) &kernelTime, sizeof (FILETIME)); + RandaddBuf ((unsigned char *) &userTime, sizeof (FILETIME)); + handle = GetCurrentProcess (); + GetProcessTimes (handle, &creationTime, &exitTime, &kernelTime, &userTime); + RandaddBuf ((unsigned char *) &creationTime, sizeof (FILETIME)); + RandaddBuf ((unsigned char *) &exitTime, sizeof (FILETIME)); + RandaddBuf ((unsigned char *) &kernelTime, sizeof (FILETIME)); + RandaddBuf ((unsigned char *) &userTime, sizeof (FILETIME)); + + /* Get the minimum and maximum working set size for the current + process */ + GetProcessWorkingSetSize (handle, &minimumWorkingSetSize, + &maximumWorkingSetSize); + RandaddIntPtr (minimumWorkingSetSize); + RandaddIntPtr (maximumWorkingSetSize); + + /* The following are fixed for the lifetime of the process so we only + add them once */ + if (addedFixedItems == 0) + { + STARTUPINFO startupInfo; + + /* Get name of desktop, console window title, new window + position and size, window flags, and handles for stdin, + stdout, and stderr */ + startupInfo.cb = sizeof (STARTUPINFO); + GetStartupInfo (&startupInfo); + RandaddBuf ((unsigned char *) &startupInfo, sizeof (STARTUPINFO)); + addedFixedItems = TRUE; + } + /* The docs say QPC can fail if appropriate hardware is not + available. It works on 486 & Pentium boxes, but hasn't been tested + for 386 or RISC boxes */ + if (QueryPerformanceCounter (&performanceCount)) + RandaddBuf ((unsigned char *) &performanceCount, sizeof (LARGE_INTEGER)); + else + { + /* Millisecond accuracy at best... */ + DWORD dwTicks = GetTickCount (); + RandaddBuf ((unsigned char *) &dwTicks, sizeof (dwTicks)); + } + + // CryptoAPI: We always have a valid CryptoAPI context when we arrive here but + // we keep the check for clarity purpose + if ( !CryptoAPIAvailable ) + return FALSE; + if (CryptGenRandom (hCryptProv, sizeof (buffer), buffer)) + { + RandaddBuf (buffer, sizeof (buffer)); + burn (buffer, sizeof(buffer)); + } + else + { + /* return error in case CryptGenRandom fails */ + CryptoAPILastError = GetLastError (); + return FALSE; + } + + /* Apply the pool mixing function */ + Randmix(); + + /* Restore the original pool cursor position. If this wasn't done, mouse coordinates + could be written to a limited area of the pool, especially when moving the mouse + uninterruptedly. The severity of the problem would depend on the length of data + written by FastPoll (if it was equal to the size of the pool, mouse coordinates + would be written only to a particular 4-byte area, whenever moving the mouse + uninterruptedly). */ + nRandIndex = nOriginalRandIndex; + + return TRUE; +} + diff --git a/src/Common/Random.h b/src/Common/Random.h index 0d397091..ecf04ca3 100644 --- a/src/Common/Random.h +++ b/src/Common/Random.h @@ -1,76 +1,76 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - - -#include "Crypto.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/* RNG defines & pool pointers */ -#define RNG_POOL_SIZE 320 // Must be divisible by the size of the output of each of the implemented hash functions. (in bytes) - -#if RNG_POOL_SIZE % SHA512_DIGESTSIZE || RNG_POOL_SIZE % WHIRLPOOL_DIGESTSIZE || RNG_POOL_SIZE % RIPEMD160_DIGESTSIZE -#error RNG_POOL_SIZE must be divisible by the size of the output of each of the implemented hash functions. -#endif - -#define RANDOMPOOL_ALLOCSIZE RNG_POOL_SIZE - -// After every RANDMIX_BYTE_INTERVAL-th byte written to the pool, the pool mixing function is applied to the entire pool -#define RANDMIX_BYTE_INTERVAL 16 - -// FastPoll interval (in milliseconds) -#define FASTPOLL_INTERVAL 500 - -void RandAddInt ( unsigned __int32 x ); -int Randinit ( void ); -void RandStop (BOOL freePool); -BOOL IsRandomNumberGeneratorStarted (); -void RandSetHashFunction ( int hash_algo_id ); -int RandGetHashFunction (void); -void SetRandomPoolEnrichedByUserStatus (BOOL enriched); -BOOL IsRandomPoolEnrichedByUser (); -BOOL Randmix ( void ); -void RandaddBuf ( void *buf , int len ); -BOOL FastPoll ( void ); -BOOL SlowPoll ( void ); - -/* Get len random bytes from the pool (max. RNG_POOL_SIZE bytes per a single call) */ -BOOL RandgetBytes ( void* hwndDlg, unsigned char *buf , int len, BOOL forceSlowPoll ); - -/* Get len random bytes from the pool. - * If allowAnyLength is FALSE, then len must be less or equal to RNG_POOL_SIZE - * If allowAnyLength is TRUE, then len can have any positive value - */ -BOOL RandgetBytesFull ( void* hwndDlg, unsigned char *buf , int len, BOOL forceSlowPoll , BOOL allowAnyLength); - -#ifdef _WIN32 - -extern BOOL volatile bFastPollEnabled; -extern BOOL volatile bRandmixEnabled; -extern DWORD CryptoAPILastError; -extern DWORD ProcessedMouseEventsCounter; - -BOOL RandpeekBytes ( void* hwndDlg, unsigned char *buf , int len, DWORD* mouseCounter ); -void RandAddInt64 ( unsigned __int64 x ); - -LRESULT CALLBACK MouseProc ( int nCode , WPARAM wParam , LPARAM lParam ); -LRESULT CALLBACK KeyboardProc ( int nCode , WPARAM wParam , LPARAM lParam ); -static unsigned __stdcall PeriodicFastPollThreadProc (void *dummy); - -#endif - -#ifdef __cplusplus -} -#endif +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + + +#include "Crypto.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* RNG defines & pool pointers */ +#define RNG_POOL_SIZE 320 // Must be divisible by the size of the output of each of the implemented hash functions. (in bytes) + +#if RNG_POOL_SIZE % SHA512_DIGESTSIZE || RNG_POOL_SIZE % WHIRLPOOL_DIGESTSIZE || RNG_POOL_SIZE % RIPEMD160_DIGESTSIZE +#error RNG_POOL_SIZE must be divisible by the size of the output of each of the implemented hash functions. +#endif + +#define RANDOMPOOL_ALLOCSIZE RNG_POOL_SIZE + +// After every RANDMIX_BYTE_INTERVAL-th byte written to the pool, the pool mixing function is applied to the entire pool +#define RANDMIX_BYTE_INTERVAL 16 + +// FastPoll interval (in milliseconds) +#define FASTPOLL_INTERVAL 500 + +void RandAddInt ( unsigned __int32 x ); +int Randinit ( void ); +void RandStop (BOOL freePool); +BOOL IsRandomNumberGeneratorStarted (); +void RandSetHashFunction ( int hash_algo_id ); +int RandGetHashFunction (void); +void SetRandomPoolEnrichedByUserStatus (BOOL enriched); +BOOL IsRandomPoolEnrichedByUser (); +BOOL Randmix ( void ); +void RandaddBuf ( void *buf , int len ); +BOOL FastPoll ( void ); +BOOL SlowPoll ( void ); + +/* Get len random bytes from the pool (max. RNG_POOL_SIZE bytes per a single call) */ +BOOL RandgetBytes ( void* hwndDlg, unsigned char *buf , int len, BOOL forceSlowPoll ); + +/* Get len random bytes from the pool. + * If allowAnyLength is FALSE, then len must be less or equal to RNG_POOL_SIZE + * If allowAnyLength is TRUE, then len can have any positive value + */ +BOOL RandgetBytesFull ( void* hwndDlg, unsigned char *buf , int len, BOOL forceSlowPoll , BOOL allowAnyLength); + +#ifdef _WIN32 + +extern BOOL volatile bFastPollEnabled; +extern BOOL volatile bRandmixEnabled; +extern DWORD CryptoAPILastError; +extern DWORD ProcessedMouseEventsCounter; + +BOOL RandpeekBytes ( void* hwndDlg, unsigned char *buf , int len, DWORD* mouseCounter ); +void RandAddInt64 ( unsigned __int64 x ); + +LRESULT CALLBACK MouseProc ( int nCode , WPARAM wParam , LPARAM lParam ); +LRESULT CALLBACK KeyboardProc ( int nCode , WPARAM wParam , LPARAM lParam ); +static unsigned __stdcall PeriodicFastPollThreadProc (void *dummy); + +#endif + +#ifdef __cplusplus +} +#endif diff --git a/src/Common/Registry.c b/src/Common/Registry.c index 4dc165f2..1e5883a2 100644 --- a/src/Common/Registry.c +++ b/src/Common/Registry.c @@ -1,300 +1,300 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Tcdefs.h" -#include "Registry.h" -#include - -BOOL ReadLocalMachineRegistryDword (wchar_t *subKey, wchar_t *name, DWORD *value) -{ - HKEY hkey = 0; - DWORD size = sizeof (*value); - DWORD type; - - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, subKey, 0, KEY_READ, &hkey) != ERROR_SUCCESS) - return FALSE; - - if (RegQueryValueEx (hkey, name, NULL, &type, (BYTE *) value, &size) != ERROR_SUCCESS) - { - RegCloseKey (hkey); - return FALSE; - } - - RegCloseKey (hkey); - return type == REG_DWORD; -} - -BOOL ReadLocalMachineRegistryMultiString (wchar_t *subKey, wchar_t *name, wchar_t *value, DWORD *size) -{ - HKEY hkey = 0; - DWORD type; - - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, subKey, 0, KEY_READ, &hkey) != ERROR_SUCCESS) - return FALSE; - - if (RegQueryValueEx (hkey, name, NULL, &type, (BYTE *) value, size) != ERROR_SUCCESS) - { - RegCloseKey (hkey); - return FALSE; - } - - RegCloseKey (hkey); - return type == REG_MULTI_SZ; -} - -BOOL ReadLocalMachineRegistryString (const wchar_t *subKey, wchar_t *name, wchar_t *str, DWORD *size) -{ - HKEY hkey = 0; - DWORD type; - - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, subKey, 0, KEY_READ, &hkey) != ERROR_SUCCESS) - return FALSE; - - if (RegQueryValueEx (hkey, name, NULL, &type, (BYTE *) str, size) != ERROR_SUCCESS) - { - RegCloseKey (hkey); - return FALSE; - } - - RegCloseKey (hkey); - return type == REG_SZ; -} - -BOOL ReadLocalMachineRegistryStringNonReflected (const wchar_t *subKey, wchar_t *name, wchar_t *str, DWORD *size, BOOL b32bitApp) -{ - HKEY hkey = 0; - DWORD type; - - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, subKey, 0, KEY_READ | (b32bitApp? KEY_WOW64_32KEY: KEY_WOW64_64KEY), &hkey) != ERROR_SUCCESS) - return FALSE; - - if (RegQueryValueEx (hkey, name, NULL, &type, (BYTE *) str, size) != ERROR_SUCCESS) - { - RegCloseKey (hkey); - return FALSE; - } - - RegCloseKey (hkey); - return type == REG_SZ; -} - -int ReadRegistryInt (wchar_t *subKey, wchar_t *name, int defaultValue) -{ - HKEY hkey = 0; - DWORD value, size = sizeof (DWORD); - - if (RegOpenKeyEx (HKEY_CURRENT_USER, subKey, - 0, KEY_READ, &hkey) != ERROR_SUCCESS) - return defaultValue; - - if (RegQueryValueEx (hkey, name, 0, 0, (LPBYTE) &value, &size) != ERROR_SUCCESS) - value = defaultValue; - - RegCloseKey (hkey); - return value; -} - -wchar_t *ReadRegistryString (wchar_t *subKey, wchar_t *name, wchar_t *defaultValue, wchar_t *str, int maxLen) -{ - HKEY hkey = 0; - wchar_t value[MAX_PATH*4]; - DWORD size = sizeof (value); - - str[maxLen/2-1] = 0; - StringCbCopyW (str, maxLen, defaultValue); - - ZeroMemory (value, sizeof value); - if (RegOpenKeyEx (HKEY_CURRENT_USER, subKey, - 0, KEY_READ, &hkey) == ERROR_SUCCESS) - if (RegQueryValueEx (hkey, name, 0, 0, (LPBYTE) value, &size) == ERROR_SUCCESS) - StringCbCopyW (str, maxLen,value); - - if (hkey) - RegCloseKey (hkey); - return str; -} - -DWORD ReadRegistryBytes (wchar_t *path, wchar_t *name, char *value, int maxLen) -{ - HKEY hkey = 0; - DWORD size = maxLen; - BOOL success = FALSE; - - if (RegOpenKeyEx (HKEY_CURRENT_USER, path, 0, KEY_READ, &hkey) != ERROR_SUCCESS) - return 0; - - success = (RegQueryValueEx (hkey, name, 0, 0, (LPBYTE) value, &size) == ERROR_SUCCESS); - RegCloseKey (hkey); - - return success ? size : 0; -} - -void WriteRegistryInt (wchar_t *subKey, wchar_t *name, int value) -{ - HKEY hkey = 0; - DWORD disp; - - if (RegCreateKeyEx (HKEY_CURRENT_USER, subKey, - 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &disp) != ERROR_SUCCESS) - return; - - RegSetValueEx (hkey, name, 0, REG_DWORD, (BYTE *) &value, sizeof value); - RegCloseKey (hkey); -} - -BOOL WriteLocalMachineRegistryDword (wchar_t *subKey, wchar_t *name, DWORD value) -{ - HKEY hkey = 0; - DWORD disp; - LONG status; - - if ((status = RegCreateKeyEx (HKEY_LOCAL_MACHINE, subKey, - 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &disp)) != ERROR_SUCCESS) - { - SetLastError (status); - return FALSE; - } - - if ((status = RegSetValueEx (hkey, name, 0, REG_DWORD, (BYTE *) &value, sizeof value)) != ERROR_SUCCESS) - { - RegCloseKey (hkey); - SetLastError (status); - return FALSE; - } - - RegCloseKey (hkey); - return TRUE; -} - -BOOL WriteLocalMachineRegistryMultiString (wchar_t *subKey, wchar_t *name, wchar_t *multiString, DWORD size) -{ - HKEY hkey = 0; - DWORD disp; - LONG status; - - if ((status = RegCreateKeyEx (HKEY_LOCAL_MACHINE, subKey, - 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &disp)) != ERROR_SUCCESS) - { - SetLastError (status); - return FALSE; - } - - if ((status = RegSetValueEx (hkey, name, 0, REG_MULTI_SZ, (BYTE *) multiString, size)) != ERROR_SUCCESS) - { - RegCloseKey (hkey); - SetLastError (status); - return FALSE; - } - - RegCloseKey (hkey); - return TRUE; -} - -BOOL WriteLocalMachineRegistryString (wchar_t *subKey, wchar_t *name, wchar_t *str, BOOL expandable) -{ - HKEY hkey = 0; - DWORD disp; - LONG status; - - if ((status = RegCreateKeyEx (HKEY_LOCAL_MACHINE, subKey, - 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &disp)) != ERROR_SUCCESS) - { - SetLastError (status); - return FALSE; - } - - if ((status = RegSetValueEx (hkey, name, 0, expandable ? REG_EXPAND_SZ : REG_SZ, (BYTE *) str, (DWORD) (wcslen (str) + 1) * sizeof (wchar_t))) != ERROR_SUCCESS) - { - RegCloseKey (hkey); - SetLastError (status); - return FALSE; - } - - RegCloseKey (hkey); - return TRUE; -} - -void WriteRegistryString (wchar_t *subKey, wchar_t *name, wchar_t *str) -{ - HKEY hkey = 0; - DWORD disp; - - if (RegCreateKeyEx (HKEY_CURRENT_USER, subKey, - 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &disp) != ERROR_SUCCESS) - return; - - RegSetValueEx (hkey, name, 0, REG_SZ, (BYTE *) str, (DWORD) (wcslen (str) + 1) * sizeof (wchar_t)); - RegCloseKey (hkey); -} - -BOOL WriteRegistryBytes (wchar_t *path, wchar_t *name, char *str, DWORD size) -{ - HKEY hkey = 0; - DWORD disp; - BOOL res; - - if (RegCreateKeyEx (HKEY_CURRENT_USER, path, - 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &disp) != ERROR_SUCCESS) - return FALSE; - - res = RegSetValueEx (hkey, name, 0, REG_BINARY, (BYTE *) str, size); - RegCloseKey (hkey); - return res == ERROR_SUCCESS; -} - -BOOL DeleteLocalMachineRegistryKey (wchar_t *parentKey, wchar_t *subKeyToDelete) -{ - LONG status; - HKEY hkey = 0; - - if ((status = RegOpenKeyEx (HKEY_LOCAL_MACHINE, parentKey, 0, KEY_WRITE, &hkey)) != ERROR_SUCCESS) - { - SetLastError (status); - return FALSE; - } - - if ((status = RegDeleteKey (hkey, subKeyToDelete)) != ERROR_SUCCESS) - { - RegCloseKey (hkey); - SetLastError (status); - return FALSE; - } - - RegCloseKey (hkey); - return TRUE; -} - -void DeleteRegistryValue (wchar_t *subKey, wchar_t *name) -{ - HKEY hkey = 0; - - if (RegOpenKeyEx (HKEY_CURRENT_USER, subKey, 0, KEY_WRITE, &hkey) != ERROR_SUCCESS) - return; - - RegDeleteValue (hkey, name); - RegCloseKey (hkey); -} - - -void GetStartupRegKeyName (wchar_t *regk, size_t cbRegk) -{ - // The string is split in order to prevent some antivirus packages from falsely reporting - // VeraCrypt.exe to contain a possible Trojan horse because of this string (heuristic scan). - StringCbPrintfW (regk, cbRegk,L"%s%s", L"Software\\Microsoft\\Windows\\Curren", L"tVersion\\Run"); -} - -void GetRestorePointRegKeyName (wchar_t *regk, size_t cbRegk) -{ - // The string is split in order to prevent some antivirus packages from falsely reporting - // VeraCrypt.exe to contain a possible Trojan horse because of this string (heuristic scan). - StringCbPrintfW (regk, cbRegk,L"%s%s%s%s", L"Software\\Microsoft\\Windows", L" NT\\Curren", L"tVersion\\Sy", L"stemRestore"); +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Tcdefs.h" +#include "Registry.h" +#include + +BOOL ReadLocalMachineRegistryDword (wchar_t *subKey, wchar_t *name, DWORD *value) +{ + HKEY hkey = 0; + DWORD size = sizeof (*value); + DWORD type; + + if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, subKey, 0, KEY_READ, &hkey) != ERROR_SUCCESS) + return FALSE; + + if (RegQueryValueEx (hkey, name, NULL, &type, (BYTE *) value, &size) != ERROR_SUCCESS) + { + RegCloseKey (hkey); + return FALSE; + } + + RegCloseKey (hkey); + return type == REG_DWORD; +} + +BOOL ReadLocalMachineRegistryMultiString (wchar_t *subKey, wchar_t *name, wchar_t *value, DWORD *size) +{ + HKEY hkey = 0; + DWORD type; + + if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, subKey, 0, KEY_READ, &hkey) != ERROR_SUCCESS) + return FALSE; + + if (RegQueryValueEx (hkey, name, NULL, &type, (BYTE *) value, size) != ERROR_SUCCESS) + { + RegCloseKey (hkey); + return FALSE; + } + + RegCloseKey (hkey); + return type == REG_MULTI_SZ; +} + +BOOL ReadLocalMachineRegistryString (const wchar_t *subKey, wchar_t *name, wchar_t *str, DWORD *size) +{ + HKEY hkey = 0; + DWORD type; + + if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, subKey, 0, KEY_READ, &hkey) != ERROR_SUCCESS) + return FALSE; + + if (RegQueryValueEx (hkey, name, NULL, &type, (BYTE *) str, size) != ERROR_SUCCESS) + { + RegCloseKey (hkey); + return FALSE; + } + + RegCloseKey (hkey); + return type == REG_SZ; +} + +BOOL ReadLocalMachineRegistryStringNonReflected (const wchar_t *subKey, wchar_t *name, wchar_t *str, DWORD *size, BOOL b32bitApp) +{ + HKEY hkey = 0; + DWORD type; + + if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, subKey, 0, KEY_READ | (b32bitApp? KEY_WOW64_32KEY: KEY_WOW64_64KEY), &hkey) != ERROR_SUCCESS) + return FALSE; + + if (RegQueryValueEx (hkey, name, NULL, &type, (BYTE *) str, size) != ERROR_SUCCESS) + { + RegCloseKey (hkey); + return FALSE; + } + + RegCloseKey (hkey); + return type == REG_SZ; +} + +int ReadRegistryInt (wchar_t *subKey, wchar_t *name, int defaultValue) +{ + HKEY hkey = 0; + DWORD value, size = sizeof (DWORD); + + if (RegOpenKeyEx (HKEY_CURRENT_USER, subKey, + 0, KEY_READ, &hkey) != ERROR_SUCCESS) + return defaultValue; + + if (RegQueryValueEx (hkey, name, 0, 0, (LPBYTE) &value, &size) != ERROR_SUCCESS) + value = defaultValue; + + RegCloseKey (hkey); + return value; +} + +wchar_t *ReadRegistryString (wchar_t *subKey, wchar_t *name, wchar_t *defaultValue, wchar_t *str, int maxLen) +{ + HKEY hkey = 0; + wchar_t value[MAX_PATH*4]; + DWORD size = sizeof (value); + + str[maxLen/2-1] = 0; + StringCbCopyW (str, maxLen, defaultValue); + + ZeroMemory (value, sizeof value); + if (RegOpenKeyEx (HKEY_CURRENT_USER, subKey, + 0, KEY_READ, &hkey) == ERROR_SUCCESS) + if (RegQueryValueEx (hkey, name, 0, 0, (LPBYTE) value, &size) == ERROR_SUCCESS) + StringCbCopyW (str, maxLen,value); + + if (hkey) + RegCloseKey (hkey); + return str; +} + +DWORD ReadRegistryBytes (wchar_t *path, wchar_t *name, char *value, int maxLen) +{ + HKEY hkey = 0; + DWORD size = maxLen; + BOOL success = FALSE; + + if (RegOpenKeyEx (HKEY_CURRENT_USER, path, 0, KEY_READ, &hkey) != ERROR_SUCCESS) + return 0; + + success = (RegQueryValueEx (hkey, name, 0, 0, (LPBYTE) value, &size) == ERROR_SUCCESS); + RegCloseKey (hkey); + + return success ? size : 0; +} + +void WriteRegistryInt (wchar_t *subKey, wchar_t *name, int value) +{ + HKEY hkey = 0; + DWORD disp; + + if (RegCreateKeyEx (HKEY_CURRENT_USER, subKey, + 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &disp) != ERROR_SUCCESS) + return; + + RegSetValueEx (hkey, name, 0, REG_DWORD, (BYTE *) &value, sizeof value); + RegCloseKey (hkey); +} + +BOOL WriteLocalMachineRegistryDword (wchar_t *subKey, wchar_t *name, DWORD value) +{ + HKEY hkey = 0; + DWORD disp; + LONG status; + + if ((status = RegCreateKeyEx (HKEY_LOCAL_MACHINE, subKey, + 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &disp)) != ERROR_SUCCESS) + { + SetLastError (status); + return FALSE; + } + + if ((status = RegSetValueEx (hkey, name, 0, REG_DWORD, (BYTE *) &value, sizeof value)) != ERROR_SUCCESS) + { + RegCloseKey (hkey); + SetLastError (status); + return FALSE; + } + + RegCloseKey (hkey); + return TRUE; +} + +BOOL WriteLocalMachineRegistryMultiString (wchar_t *subKey, wchar_t *name, wchar_t *multiString, DWORD size) +{ + HKEY hkey = 0; + DWORD disp; + LONG status; + + if ((status = RegCreateKeyEx (HKEY_LOCAL_MACHINE, subKey, + 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &disp)) != ERROR_SUCCESS) + { + SetLastError (status); + return FALSE; + } + + if ((status = RegSetValueEx (hkey, name, 0, REG_MULTI_SZ, (BYTE *) multiString, size)) != ERROR_SUCCESS) + { + RegCloseKey (hkey); + SetLastError (status); + return FALSE; + } + + RegCloseKey (hkey); + return TRUE; +} + +BOOL WriteLocalMachineRegistryString (wchar_t *subKey, wchar_t *name, wchar_t *str, BOOL expandable) +{ + HKEY hkey = 0; + DWORD disp; + LONG status; + + if ((status = RegCreateKeyEx (HKEY_LOCAL_MACHINE, subKey, + 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &disp)) != ERROR_SUCCESS) + { + SetLastError (status); + return FALSE; + } + + if ((status = RegSetValueEx (hkey, name, 0, expandable ? REG_EXPAND_SZ : REG_SZ, (BYTE *) str, (DWORD) (wcslen (str) + 1) * sizeof (wchar_t))) != ERROR_SUCCESS) + { + RegCloseKey (hkey); + SetLastError (status); + return FALSE; + } + + RegCloseKey (hkey); + return TRUE; +} + +void WriteRegistryString (wchar_t *subKey, wchar_t *name, wchar_t *str) +{ + HKEY hkey = 0; + DWORD disp; + + if (RegCreateKeyEx (HKEY_CURRENT_USER, subKey, + 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &disp) != ERROR_SUCCESS) + return; + + RegSetValueEx (hkey, name, 0, REG_SZ, (BYTE *) str, (DWORD) (wcslen (str) + 1) * sizeof (wchar_t)); + RegCloseKey (hkey); +} + +BOOL WriteRegistryBytes (wchar_t *path, wchar_t *name, char *str, DWORD size) +{ + HKEY hkey = 0; + DWORD disp; + BOOL res; + + if (RegCreateKeyEx (HKEY_CURRENT_USER, path, + 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &disp) != ERROR_SUCCESS) + return FALSE; + + res = RegSetValueEx (hkey, name, 0, REG_BINARY, (BYTE *) str, size); + RegCloseKey (hkey); + return res == ERROR_SUCCESS; +} + +BOOL DeleteLocalMachineRegistryKey (wchar_t *parentKey, wchar_t *subKeyToDelete) +{ + LONG status; + HKEY hkey = 0; + + if ((status = RegOpenKeyEx (HKEY_LOCAL_MACHINE, parentKey, 0, KEY_WRITE, &hkey)) != ERROR_SUCCESS) + { + SetLastError (status); + return FALSE; + } + + if ((status = RegDeleteKey (hkey, subKeyToDelete)) != ERROR_SUCCESS) + { + RegCloseKey (hkey); + SetLastError (status); + return FALSE; + } + + RegCloseKey (hkey); + return TRUE; +} + +void DeleteRegistryValue (wchar_t *subKey, wchar_t *name) +{ + HKEY hkey = 0; + + if (RegOpenKeyEx (HKEY_CURRENT_USER, subKey, 0, KEY_WRITE, &hkey) != ERROR_SUCCESS) + return; + + RegDeleteValue (hkey, name); + RegCloseKey (hkey); +} + + +void GetStartupRegKeyName (wchar_t *regk, size_t cbRegk) +{ + // The string is split in order to prevent some antivirus packages from falsely reporting + // VeraCrypt.exe to contain a possible Trojan horse because of this string (heuristic scan). + StringCbPrintfW (regk, cbRegk,L"%s%s", L"Software\\Microsoft\\Windows\\Curren", L"tVersion\\Run"); +} + +void GetRestorePointRegKeyName (wchar_t *regk, size_t cbRegk) +{ + // The string is split in order to prevent some antivirus packages from falsely reporting + // VeraCrypt.exe to contain a possible Trojan horse because of this string (heuristic scan). + StringCbPrintfW (regk, cbRegk,L"%s%s%s%s", L"Software\\Microsoft\\Windows", L" NT\\Curren", L"tVersion\\Sy", L"stemRestore"); } \ No newline at end of file diff --git a/src/Common/Registry.h b/src/Common/Registry.h index 692106c5..be80fa4d 100644 --- a/src/Common/Registry.h +++ b/src/Common/Registry.h @@ -1,37 +1,37 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifdef __cplusplus -extern "C" { -#endif - -BOOL ReadLocalMachineRegistryDword (wchar_t *subKey, wchar_t *name, DWORD *value); -BOOL ReadLocalMachineRegistryMultiString (wchar_t *subKey, wchar_t *name, wchar_t *value, DWORD *size); -BOOL ReadLocalMachineRegistryString (const wchar_t *subKey, wchar_t *name, wchar_t *value, DWORD *size); -BOOL ReadLocalMachineRegistryStringNonReflected (const wchar_t *subKey, wchar_t *name, wchar_t *str, DWORD *size, BOOL b32bitApp); -int ReadRegistryInt (wchar_t *subKey, wchar_t *name, int defaultValue); -wchar_t *ReadRegistryString (wchar_t *subKey, wchar_t *name, wchar_t *defaultValue, wchar_t *str, int maxLen); -DWORD ReadRegistryBytes (wchar_t *path, wchar_t *name, char *value, int maxLen); -void WriteRegistryInt (wchar_t *subKey, wchar_t *name, int value); -BOOL WriteLocalMachineRegistryDword (wchar_t *subKey, wchar_t *name, DWORD value); -BOOL WriteLocalMachineRegistryMultiString (wchar_t *subKey, wchar_t *name, wchar_t *multiString, DWORD size); -BOOL WriteLocalMachineRegistryString (wchar_t *subKey, wchar_t *name, wchar_t *str, BOOL expandable); -void WriteRegistryString (wchar_t *subKey, wchar_t *name, wchar_t *str); -BOOL WriteRegistryBytes (wchar_t *path, wchar_t *name, char *str, DWORD size); -BOOL DeleteLocalMachineRegistryKey (wchar_t *parentKey, wchar_t *subKeyToDelete); -void DeleteRegistryValue (wchar_t *subKey, wchar_t *name); -void GetStartupRegKeyName (wchar_t *regk, size_t cbRegk); -void GetRestorePointRegKeyName (wchar_t *regk, size_t cbRegk); - -#ifdef __cplusplus -} -#endif +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifdef __cplusplus +extern "C" { +#endif + +BOOL ReadLocalMachineRegistryDword (wchar_t *subKey, wchar_t *name, DWORD *value); +BOOL ReadLocalMachineRegistryMultiString (wchar_t *subKey, wchar_t *name, wchar_t *value, DWORD *size); +BOOL ReadLocalMachineRegistryString (const wchar_t *subKey, wchar_t *name, wchar_t *value, DWORD *size); +BOOL ReadLocalMachineRegistryStringNonReflected (const wchar_t *subKey, wchar_t *name, wchar_t *str, DWORD *size, BOOL b32bitApp); +int ReadRegistryInt (wchar_t *subKey, wchar_t *name, int defaultValue); +wchar_t *ReadRegistryString (wchar_t *subKey, wchar_t *name, wchar_t *defaultValue, wchar_t *str, int maxLen); +DWORD ReadRegistryBytes (wchar_t *path, wchar_t *name, char *value, int maxLen); +void WriteRegistryInt (wchar_t *subKey, wchar_t *name, int value); +BOOL WriteLocalMachineRegistryDword (wchar_t *subKey, wchar_t *name, DWORD value); +BOOL WriteLocalMachineRegistryMultiString (wchar_t *subKey, wchar_t *name, wchar_t *multiString, DWORD size); +BOOL WriteLocalMachineRegistryString (wchar_t *subKey, wchar_t *name, wchar_t *str, BOOL expandable); +void WriteRegistryString (wchar_t *subKey, wchar_t *name, wchar_t *str); +BOOL WriteRegistryBytes (wchar_t *path, wchar_t *name, char *str, DWORD size); +BOOL DeleteLocalMachineRegistryKey (wchar_t *parentKey, wchar_t *subKeyToDelete); +void DeleteRegistryValue (wchar_t *subKey, wchar_t *name); +void GetStartupRegKeyName (wchar_t *regk, size_t cbRegk); +void GetRestorePointRegKeyName (wchar_t *regk, size_t cbRegk); + +#ifdef __cplusplus +} +#endif diff --git a/src/Common/Resource.h b/src/Common/Resource.h index 8755f6c3..3eca197e 100644 --- a/src/Common/Resource.h +++ b/src/Common/Resource.h @@ -1,211 +1,211 @@ -//{{NO_DEPENDENCIES}} -// Microsoft Visual C++ generated include file. -// Used by Common.rc -// -#define IDI_TRUECRYPT_ICON 501 -#define IDI_TRUECRYPT_VOL_ICON 502 -#define IDD_BENCHMARK_DLG 503 -#define IDD_MOUNT_OPTIONS 504 -#define IDD_KEYFILES 505 -#define IDR_LANGUAGE 506 -#define IDI_TRUECRYPT 507 -#define IDD_ABOUT_DLG 508 -#define IDD_COMMANDHELP_DLG 509 -#define IDD_RAWDEVICES_DLG 510 -#define IDC_HOMEPAGE 511 -#define IDR_COMMON_RSRC_HEADER 512 -#define IDD_LANGUAGE 513 -#define IDD_CIPHER_TEST_DLG 514 -#define IDR_LICENSE 515 -#define IDD_AUXILIARY_DLG 516 -#define IDB_TEXTUAL_LOGO_BKG 517 -#define IDB_TEXTUAL_LOGO_96DPI 518 -#define IDB_TEXTUAL_LOGO_288DPI 519 -#define IDR_BOOT_SECTOR 520 -#define IDR_BOOT_SECTOR_AES 521 -#define IDR_BOOT_SECTOR_SERPENT 522 -#define IDR_BOOT_SECTOR_TWOFISH 523 -#define IDR_BOOT_LOADER_DECOMPRESSOR 524 -#define IDR_BOOT_LOADER 525 -#define IDR_BOOT_LOADER_AES 526 -#define IDR_BOOT_LOADER_SERPENT 527 -#define IDR_BOOT_LOADER_TWOFISH 528 -#define IDR_RESCUE_BOOT_SECTOR 529 -#define IDR_RESCUE_BOOT_SECTOR_AES 530 -#define IDR_RESCUE_BOOT_SECTOR_SERPENT 531 -#define IDR_RESCUE_BOOT_SECTOR_TWOFISH 532 -#define IDR_RESCUE_LOADER 533 -#define IDR_RESCUE_LOADER_AES 534 -#define IDR_RESCUE_LOADER_SERPENT 535 -#define IDR_RESCUE_LOADER_TWOFISH 536 -#define IDD_TOKEN_PASSWORD 537 -#define IDD_TOKEN_KEYFILES 538 -#define IDD_NEW_TOKEN_KEYFILE 539 -#define IDD_RANDOM_POOL_ENRICHMENT 540 -#define IDI_TRUECRYPT_MOUNTED_ICON 541 -#define IDR_BOOT_SECTOR_SHA2 542 -#define IDR_BOOT_SECTOR_AES_SHA2 543 -#define IDR_BOOT_SECTOR_SERPENT_SHA2 544 -#define IDR_BOOT_SECTOR_TWOFISH_SHA2 545 -#define IDR_BOOT_LOADER_SHA2 546 -#define IDR_BOOT_LOADER_AES_SHA2 547 -#define IDR_BOOT_LOADER_SERPENT_SHA2 548 -#define IDR_BOOT_LOADER_TWOFISH_SHA2 549 -#define IDR_RESCUE_BOOT_SECTOR_SHA2 550 -#define IDR_RESCUE_BOOT_SECTOR_AES_SHA2 551 -#define IDR_RESCUE_BOOT_SECTOR_SERPENT_SHA2 552 -#define IDR_RESCUE_BOOT_SECTOR_TWOFISH_SHA2 553 -#define IDR_RESCUE_LOADER_SHA2 554 -#define IDR_RESCUE_LOADER_AES_SHA2 555 -#define IDR_RESCUE_LOADER_SERPENT_SHA2 556 -#define IDR_RESCUE_LOADER_TWOFISH_SHA2 557 -#define IDC_HW_AES_LABEL_LINK 5000 -#define IDC_HW_AES 5001 -#define IDC_PARALLELIZATION_LABEL_LINK 5002 -#define IDC_PARALLELIZATION 5003 -#define IDT_TOKEN_PASSWORD 5004 -#define IDC_PRINT 5005 -#define IDC_KEY 5006 -#define IDC_PLAINTEXT 5007 -#define IDC_CIPHERTEXT 5008 -#define IDC_INFO_BOX_TEXT 5009 -#define IDC_SECONDARY_KEY 5010 -#define IDD_TEXT_INFO_DIALOG_BOX_DLG 5011 -#define IDC_TEST_DATA_UNIT_NUMBER 5012 -#define IDD_KEYFILE_GENERATOR 5013 -#define IDC_CIPHER 5014 -#define IDD_MULTI_CHOICE_DLG 5015 -#define IDC_TEST_BLOCK_NUMBER 5016 -#define IDD_STATIC_MODELESS_WAIT_DLG 5017 -#define IDC_POOL_CONTENTS 5018 -#define IDC_PRF_ID 5019 -#define IDC_KEY_SIZE 5020 -#define IDC_PLAINTEXT_SIZE 5021 -#define IDC_REDTICK 5022 -#define IDC_TESTS_MESSAGE 5023 -#define IDC_RESET 5024 -#define IDC_AUTO 5025 -#define IDC_DECRYPT 5026 -#define IDT_TEST_KEY 5027 -#define IDT_TEST_PLAINTEXT 5028 -#define IDT_PRF 5029 -#define IDT_XTS_MODE 5030 -#define IDT_TEST_CIPHERTEXT 5031 -#define IDT_KEY 5032 -#define IDT_PLAINTEXT 5033 -#define IDC_ENCRYPT 5034 -#define IDT_KEY_UNIT 5035 -#define IDT_CIPHER 5036 -#define IDT_PLAINTEXT_SIZE_UNIT 5037 -#define IDC_DEVICELIST 5038 -#define IDT_TEST_BLOCK_NUMBER 5039 -#define IDT_SECONDARY_KEY 5040 -#define IDC_PERFORM_BENCHMARK 5041 -#define IDT_TEST_DATA_UNIT_NUMBER 5042 -#define IDC_KEYFILES_HIDVOL_PROT 5043 -#define IDC_KEYLIST 5044 -#define IDC_ABOUT_BKG 5045 -#define IDT_ABOUT_VERSION 5046 -#define IDT_BOX_BENCHMARK_INFO 5047 -#define IDC_ABOUT_CREDITS 5048 -#define IDT_SORT_METHOD 5049 -#define IDC_MOUNT_READONLY 5050 -#define IDC_MOUNT_REMOVABLE 5051 -#define IDC_PROTECT_HIDDEN_VOL 5052 -#define IDC_COMMANDHELP_TEXT 5053 -#define IDC_USE_EMBEDDED_HEADER_BAK 5054 -#define IDC_MOUNT_SYSENC_PART_WITHOUT_PBA 5055 -#define IDT_HIDDEN_PROT_PASSWD 5056 -#define IDC_RESULTS 5057 -#define IDC_KEYADD 5058 -#define IDC_KEYREMOVE 5059 -#define IDC_KEYREMOVEALL 5060 -#define IDC_KEYFILES_ENABLE 5061 -#define IDT_HIDDEN_VOL_PROTECTION 5062 -#define IDC_ADD_KEYFILE_PATH 5063 -#define IDC_BENCHMARK_BUFFER_SIZE 5064 -#define IDC_SHOW_PASSWORD_MO 5065 -#define IDC_GENERATE_KEYFILE 5066 -#define IDC_BENCHMARK_SORT_METHOD 5067 -#define IDC_PASSWORD_PROT_HIDVOL 5068 -#define IDT_BUFFER_SIZE 5069 -#define IDC_LANGLIST 5070 -#define IDC_KEYFILES_ENABLE_HIDVOL_PROT 5071 -#define IDT_KEYFILES_NOTE 5072 -#define IDT_KEYFILE_WARNING 5073 -#define IDT_KEYFILE_GENERATOR_NOTE 5074 -#define IDC_GENERATE_AND_SAVE_KEYFILE 5075 -#define IDT_POOL_CONTENTS 5076 -#define IDC_GET_LANG_PACKS 5077 -#define IDT_LANGPACK_AUTHORS 5078 -#define IDC_LANGPACK_CREDITS 5079 -#define IDC_LANGPACK_VERSION 5080 -#define IDT_ACTIVE_LANG_PACK 5081 -#define IDC_DISPLAY_POOL_CONTENTS 5082 -#define IDC_XTS_MODE_ENABLED 5083 -#define IDC_MULTI_CHOICE_MSG 5084 -#define IDC_CHOICE1 5085 -#define IDC_CHOICE5 5086 -#define IDC_CHOICE2 5087 -#define IDC_CHOICE3 5088 -#define IDC_CHOICE4 5089 -#define IDC_CHOICE6 5090 -#define IDC_CHOICE7 5091 -#define IDC_CHOICE8 5092 -#define IDC_CHOICE9 5093 -#define IDC_CHOICE10 5094 -#define IDC_MC_DLG_HR1 5095 -#define IDC_MC_DLG_HR2 5096 -#define IDC_LINK_HIDVOL_PROTECTION_INFO 5097 -#define IDC_LINK_KEYFILES_INFO 5098 -#define IDC_TEXTUAL_LOGO_IMG 5099 -#define IDC_ASPECT_RATIO_CALIBRATION_BOX 5100 -#define IDC_ABOUT_LOGO_AREA 5101 -#define IDC_TOKEN_PASSWORD 5102 -#define IDC_TOKEN_FILE_LIST 5103 -#define IDC_TOKEN_FILES_ADD 5104 -#define IDC_EXPORT 5105 -#define IDC_DELETE 5106 -#define IDC_IMPORT_KEYFILE 5107 -#define IDC_SELECTED_TOKEN 5108 -#define IDT_SECURITY_TOKEN 5109 -#define IDT_TOKEN_KEYFILE_NAME 5110 -#define IDC_TOKEN_KEYFILE_NAME 5111 -#define IDT_TOKEN_PASSWORD_INFO 5112 -#define IDT_RANDOM_POOL_ENRICHMENT_NOTE 5113 -#define IDC_CONTINUE 5114 -#define IDT_ABOUT_RELEASE 5115 -#define IDT_STATIC_MODELESS_WAIT_DLG_INFO 5116 -#define IDT_NUMBER_KEYFILES 5117 -#define IDC_NUMBER_KEYFILES 5118 -#define IDT_KEYFILES_BASE_NAME 5119 -#define IDC_KEYFILES_BASE_NAME 5120 -#define IDC_KEYFILES_SIZE 5121 -#define IDC_KEYFILES_RANDOM_SIZE 5122 -#define IDT_KEYFILES_SIZE 5123 -#define IDD_STATIC_MODAL_WAIT_DLG 5124 -#define IDT_STATIC_MODAL_WAIT_DLG_INFO 5125 -#define IDC_WAIT_PROGRESS_BAR 5126 -#define IDC_PKCS5_PRF_ID 5127 -#define IDT_PKCS5_PRF 5128 -#define IDT_PIM 5129 -#define IDC_PIM 5130 -#define IDC_PIM_HELP 5131 -#define IDC_PIM_ENABLE 5132 -#define IDC_VOLUME_LABEL 5133 -#define IDT_VOLUME_LABEL 5134 -#define IDC_KEYFILES_TRY_EMPTY_PASSWORD 5135 -#define IDC_ENTROPY_BAR 5136 -#define IDT_ENTROPY_BAR 5137 - -// Next default values for new objects -// -#ifdef APSTUDIO_INVOKED -#ifndef APSTUDIO_READONLY_SYMBOLS -#define _APS_NO_MFC 1 -#define _APS_NEXT_RESOURCE_VALUE 558 -#define _APS_NEXT_COMMAND_VALUE 40001 -#define _APS_NEXT_CONTROL_VALUE 5138 -#define _APS_NEXT_SYMED_VALUE 101 -#endif -#endif +//{{NO_DEPENDENCIES}} +// Microsoft Visual C++ generated include file. +// Used by Common.rc +// +#define IDI_TRUECRYPT_ICON 501 +#define IDI_TRUECRYPT_VOL_ICON 502 +#define IDD_BENCHMARK_DLG 503 +#define IDD_MOUNT_OPTIONS 504 +#define IDD_KEYFILES 505 +#define IDR_LANGUAGE 506 +#define IDI_TRUECRYPT 507 +#define IDD_ABOUT_DLG 508 +#define IDD_COMMANDHELP_DLG 509 +#define IDD_RAWDEVICES_DLG 510 +#define IDC_HOMEPAGE 511 +#define IDR_COMMON_RSRC_HEADER 512 +#define IDD_LANGUAGE 513 +#define IDD_CIPHER_TEST_DLG 514 +#define IDR_LICENSE 515 +#define IDD_AUXILIARY_DLG 516 +#define IDB_TEXTUAL_LOGO_BKG 517 +#define IDB_TEXTUAL_LOGO_96DPI 518 +#define IDB_TEXTUAL_LOGO_288DPI 519 +#define IDR_BOOT_SECTOR 520 +#define IDR_BOOT_SECTOR_AES 521 +#define IDR_BOOT_SECTOR_SERPENT 522 +#define IDR_BOOT_SECTOR_TWOFISH 523 +#define IDR_BOOT_LOADER_DECOMPRESSOR 524 +#define IDR_BOOT_LOADER 525 +#define IDR_BOOT_LOADER_AES 526 +#define IDR_BOOT_LOADER_SERPENT 527 +#define IDR_BOOT_LOADER_TWOFISH 528 +#define IDR_RESCUE_BOOT_SECTOR 529 +#define IDR_RESCUE_BOOT_SECTOR_AES 530 +#define IDR_RESCUE_BOOT_SECTOR_SERPENT 531 +#define IDR_RESCUE_BOOT_SECTOR_TWOFISH 532 +#define IDR_RESCUE_LOADER 533 +#define IDR_RESCUE_LOADER_AES 534 +#define IDR_RESCUE_LOADER_SERPENT 535 +#define IDR_RESCUE_LOADER_TWOFISH 536 +#define IDD_TOKEN_PASSWORD 537 +#define IDD_TOKEN_KEYFILES 538 +#define IDD_NEW_TOKEN_KEYFILE 539 +#define IDD_RANDOM_POOL_ENRICHMENT 540 +#define IDI_TRUECRYPT_MOUNTED_ICON 541 +#define IDR_BOOT_SECTOR_SHA2 542 +#define IDR_BOOT_SECTOR_AES_SHA2 543 +#define IDR_BOOT_SECTOR_SERPENT_SHA2 544 +#define IDR_BOOT_SECTOR_TWOFISH_SHA2 545 +#define IDR_BOOT_LOADER_SHA2 546 +#define IDR_BOOT_LOADER_AES_SHA2 547 +#define IDR_BOOT_LOADER_SERPENT_SHA2 548 +#define IDR_BOOT_LOADER_TWOFISH_SHA2 549 +#define IDR_RESCUE_BOOT_SECTOR_SHA2 550 +#define IDR_RESCUE_BOOT_SECTOR_AES_SHA2 551 +#define IDR_RESCUE_BOOT_SECTOR_SERPENT_SHA2 552 +#define IDR_RESCUE_BOOT_SECTOR_TWOFISH_SHA2 553 +#define IDR_RESCUE_LOADER_SHA2 554 +#define IDR_RESCUE_LOADER_AES_SHA2 555 +#define IDR_RESCUE_LOADER_SERPENT_SHA2 556 +#define IDR_RESCUE_LOADER_TWOFISH_SHA2 557 +#define IDC_HW_AES_LABEL_LINK 5000 +#define IDC_HW_AES 5001 +#define IDC_PARALLELIZATION_LABEL_LINK 5002 +#define IDC_PARALLELIZATION 5003 +#define IDT_TOKEN_PASSWORD 5004 +#define IDC_PRINT 5005 +#define IDC_KEY 5006 +#define IDC_PLAINTEXT 5007 +#define IDC_CIPHERTEXT 5008 +#define IDC_INFO_BOX_TEXT 5009 +#define IDC_SECONDARY_KEY 5010 +#define IDD_TEXT_INFO_DIALOG_BOX_DLG 5011 +#define IDC_TEST_DATA_UNIT_NUMBER 5012 +#define IDD_KEYFILE_GENERATOR 5013 +#define IDC_CIPHER 5014 +#define IDD_MULTI_CHOICE_DLG 5015 +#define IDC_TEST_BLOCK_NUMBER 5016 +#define IDD_STATIC_MODELESS_WAIT_DLG 5017 +#define IDC_POOL_CONTENTS 5018 +#define IDC_PRF_ID 5019 +#define IDC_KEY_SIZE 5020 +#define IDC_PLAINTEXT_SIZE 5021 +#define IDC_REDTICK 5022 +#define IDC_TESTS_MESSAGE 5023 +#define IDC_RESET 5024 +#define IDC_AUTO 5025 +#define IDC_DECRYPT 5026 +#define IDT_TEST_KEY 5027 +#define IDT_TEST_PLAINTEXT 5028 +#define IDT_PRF 5029 +#define IDT_XTS_MODE 5030 +#define IDT_TEST_CIPHERTEXT 5031 +#define IDT_KEY 5032 +#define IDT_PLAINTEXT 5033 +#define IDC_ENCRYPT 5034 +#define IDT_KEY_UNIT 5035 +#define IDT_CIPHER 5036 +#define IDT_PLAINTEXT_SIZE_UNIT 5037 +#define IDC_DEVICELIST 5038 +#define IDT_TEST_BLOCK_NUMBER 5039 +#define IDT_SECONDARY_KEY 5040 +#define IDC_PERFORM_BENCHMARK 5041 +#define IDT_TEST_DATA_UNIT_NUMBER 5042 +#define IDC_KEYFILES_HIDVOL_PROT 5043 +#define IDC_KEYLIST 5044 +#define IDC_ABOUT_BKG 5045 +#define IDT_ABOUT_VERSION 5046 +#define IDT_BOX_BENCHMARK_INFO 5047 +#define IDC_ABOUT_CREDITS 5048 +#define IDT_SORT_METHOD 5049 +#define IDC_MOUNT_READONLY 5050 +#define IDC_MOUNT_REMOVABLE 5051 +#define IDC_PROTECT_HIDDEN_VOL 5052 +#define IDC_COMMANDHELP_TEXT 5053 +#define IDC_USE_EMBEDDED_HEADER_BAK 5054 +#define IDC_MOUNT_SYSENC_PART_WITHOUT_PBA 5055 +#define IDT_HIDDEN_PROT_PASSWD 5056 +#define IDC_RESULTS 5057 +#define IDC_KEYADD 5058 +#define IDC_KEYREMOVE 5059 +#define IDC_KEYREMOVEALL 5060 +#define IDC_KEYFILES_ENABLE 5061 +#define IDT_HIDDEN_VOL_PROTECTION 5062 +#define IDC_ADD_KEYFILE_PATH 5063 +#define IDC_BENCHMARK_BUFFER_SIZE 5064 +#define IDC_SHOW_PASSWORD_MO 5065 +#define IDC_GENERATE_KEYFILE 5066 +#define IDC_BENCHMARK_SORT_METHOD 5067 +#define IDC_PASSWORD_PROT_HIDVOL 5068 +#define IDT_BUFFER_SIZE 5069 +#define IDC_LANGLIST 5070 +#define IDC_KEYFILES_ENABLE_HIDVOL_PROT 5071 +#define IDT_KEYFILES_NOTE 5072 +#define IDT_KEYFILE_WARNING 5073 +#define IDT_KEYFILE_GENERATOR_NOTE 5074 +#define IDC_GENERATE_AND_SAVE_KEYFILE 5075 +#define IDT_POOL_CONTENTS 5076 +#define IDC_GET_LANG_PACKS 5077 +#define IDT_LANGPACK_AUTHORS 5078 +#define IDC_LANGPACK_CREDITS 5079 +#define IDC_LANGPACK_VERSION 5080 +#define IDT_ACTIVE_LANG_PACK 5081 +#define IDC_DISPLAY_POOL_CONTENTS 5082 +#define IDC_XTS_MODE_ENABLED 5083 +#define IDC_MULTI_CHOICE_MSG 5084 +#define IDC_CHOICE1 5085 +#define IDC_CHOICE5 5086 +#define IDC_CHOICE2 5087 +#define IDC_CHOICE3 5088 +#define IDC_CHOICE4 5089 +#define IDC_CHOICE6 5090 +#define IDC_CHOICE7 5091 +#define IDC_CHOICE8 5092 +#define IDC_CHOICE9 5093 +#define IDC_CHOICE10 5094 +#define IDC_MC_DLG_HR1 5095 +#define IDC_MC_DLG_HR2 5096 +#define IDC_LINK_HIDVOL_PROTECTION_INFO 5097 +#define IDC_LINK_KEYFILES_INFO 5098 +#define IDC_TEXTUAL_LOGO_IMG 5099 +#define IDC_ASPECT_RATIO_CALIBRATION_BOX 5100 +#define IDC_ABOUT_LOGO_AREA 5101 +#define IDC_TOKEN_PASSWORD 5102 +#define IDC_TOKEN_FILE_LIST 5103 +#define IDC_TOKEN_FILES_ADD 5104 +#define IDC_EXPORT 5105 +#define IDC_DELETE 5106 +#define IDC_IMPORT_KEYFILE 5107 +#define IDC_SELECTED_TOKEN 5108 +#define IDT_SECURITY_TOKEN 5109 +#define IDT_TOKEN_KEYFILE_NAME 5110 +#define IDC_TOKEN_KEYFILE_NAME 5111 +#define IDT_TOKEN_PASSWORD_INFO 5112 +#define IDT_RANDOM_POOL_ENRICHMENT_NOTE 5113 +#define IDC_CONTINUE 5114 +#define IDT_ABOUT_RELEASE 5115 +#define IDT_STATIC_MODELESS_WAIT_DLG_INFO 5116 +#define IDT_NUMBER_KEYFILES 5117 +#define IDC_NUMBER_KEYFILES 5118 +#define IDT_KEYFILES_BASE_NAME 5119 +#define IDC_KEYFILES_BASE_NAME 5120 +#define IDC_KEYFILES_SIZE 5121 +#define IDC_KEYFILES_RANDOM_SIZE 5122 +#define IDT_KEYFILES_SIZE 5123 +#define IDD_STATIC_MODAL_WAIT_DLG 5124 +#define IDT_STATIC_MODAL_WAIT_DLG_INFO 5125 +#define IDC_WAIT_PROGRESS_BAR 5126 +#define IDC_PKCS5_PRF_ID 5127 +#define IDT_PKCS5_PRF 5128 +#define IDT_PIM 5129 +#define IDC_PIM 5130 +#define IDC_PIM_HELP 5131 +#define IDC_PIM_ENABLE 5132 +#define IDC_VOLUME_LABEL 5133 +#define IDT_VOLUME_LABEL 5134 +#define IDC_KEYFILES_TRY_EMPTY_PASSWORD 5135 +#define IDC_ENTROPY_BAR 5136 +#define IDT_ENTROPY_BAR 5137 + +// Next default values for new objects +// +#ifdef APSTUDIO_INVOKED +#ifndef APSTUDIO_READONLY_SYMBOLS +#define _APS_NO_MFC 1 +#define _APS_NEXT_RESOURCE_VALUE 558 +#define _APS_NEXT_COMMAND_VALUE 40001 +#define _APS_NEXT_CONTROL_VALUE 5138 +#define _APS_NEXT_SYMED_VALUE 101 +#endif +#endif diff --git a/src/Common/SecurityToken.cpp b/src/Common/SecurityToken.cpp index db80ff0d..8909059d 100644 --- a/src/Common/SecurityToken.cpp +++ b/src/Common/SecurityToken.cpp @@ -1,787 +1,787 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Platform/Finally.h" -#include "Platform/ForEach.h" - -#if !defined (TC_WINDOWS) || defined (TC_PROTOTYPE) -# include "Platform/SerializerFactory.h" -# include "Platform/StringConverter.h" -# include "Platform/SystemException.h" -#else -# include "Dictionary.h" -# include "Language.h" -#endif - -#ifdef TC_UNIX -# include -#endif - -#include "SecurityToken.h" - -#ifndef burn -# define burn Memory::Erase -#endif - -using namespace std; - -namespace VeraCrypt -{ - SecurityTokenKeyfile::SecurityTokenKeyfile (const SecurityTokenKeyfilePath &path, char* pin) - { - wstring pathStr = path; - unsigned long slotId; - - if (swscanf (pathStr.c_str(), TC_SECURITY_TOKEN_KEYFILE_URL_PREFIX TC_SECURITY_TOKEN_KEYFILE_URL_SLOT L"/%lu", &slotId) != 1) - throw InvalidSecurityTokenKeyfilePath(); - - SlotId = slotId; - - size_t keyIdPos = pathStr.find (L"/" TC_SECURITY_TOKEN_KEYFILE_URL_FILE L"/"); - if (keyIdPos == wstring::npos) - throw InvalidSecurityTokenKeyfilePath(); - - Id = pathStr.substr (keyIdPos + wstring (L"/" TC_SECURITY_TOKEN_KEYFILE_URL_FILE L"/").size()); - - vector keyfiles = SecurityToken::GetAvailableKeyfiles (&SlotId, Id, pin); - - if (keyfiles.empty()) - throw SecurityTokenKeyfileNotFound(); - - *this = keyfiles.front(); - } - - SecurityTokenKeyfile::operator SecurityTokenKeyfilePath () const - { - wstringstream path; - path << TC_SECURITY_TOKEN_KEYFILE_URL_PREFIX TC_SECURITY_TOKEN_KEYFILE_URL_SLOT L"/" << SlotId << L"/" TC_SECURITY_TOKEN_KEYFILE_URL_FILE L"/" << Id; - return path.str(); - } - - void SecurityToken::CheckLibraryStatus () - { - if (!Initialized) - throw SecurityTokenLibraryNotInitialized(); - } - - void SecurityToken::CloseLibrary () - { - if (Initialized) - { - CloseAllSessions(); - Pkcs11Functions->C_Finalize (NULL_PTR); - -#ifdef TC_WINDOWS - FreeLibrary (Pkcs11LibraryHandle); -#else - dlclose (Pkcs11LibraryHandle); -#endif - Initialized = false; - } - } - - void SecurityToken::CloseAllSessions () throw () - { - if (!Initialized) - return; - - typedef pair SessionMapPair; - - foreach (SessionMapPair p, Sessions) - { - try - { - CloseSession (p.first); - } - catch (...) { } - } - } - - void SecurityToken::CloseSession (CK_SLOT_ID slotId) - { - if (Sessions.find (slotId) == Sessions.end()) - throw ParameterIncorrect (SRC_POS); - - Pkcs11Functions->C_CloseSession (Sessions[slotId].Handle); - Sessions.erase (Sessions.find (slotId)); - } - - void SecurityToken::CreateKeyfile (CK_SLOT_ID slotId, vector &keyfileData, const string &name) - { - if (name.empty()) - throw ParameterIncorrect (SRC_POS); - - LoginUserIfRequired (slotId); - - foreach (const SecurityTokenKeyfile &keyfile, GetAvailableKeyfiles (&slotId)) - { - if (keyfile.IdUtf8 == name) - throw SecurityTokenKeyfileAlreadyExists(); - } - - CK_OBJECT_CLASS dataClass = CKO_DATA; - CK_BBOOL trueVal = CK_TRUE; - - CK_ATTRIBUTE keyfileTemplate[] = - { - { CKA_CLASS, &dataClass, sizeof (dataClass) }, - { CKA_TOKEN, &trueVal, sizeof (trueVal) }, - { CKA_PRIVATE, &trueVal, sizeof (trueVal) }, - { CKA_LABEL, (CK_UTF8CHAR *) name.c_str(), (CK_ULONG) name.size() }, - { CKA_VALUE, &keyfileData.front(), (CK_ULONG) keyfileData.size() } - }; - - CK_OBJECT_HANDLE keyfileHandle; - - CK_RV status = Pkcs11Functions->C_CreateObject (Sessions[slotId].Handle, keyfileTemplate, array_capacity (keyfileTemplate), &keyfileHandle); - - switch (status) - { - case CKR_DATA_LEN_RANGE: - status = CKR_DEVICE_MEMORY; - break; - - case CKR_SESSION_READ_ONLY: - status = CKR_TOKEN_WRITE_PROTECTED; - break; - } - - if (status != CKR_OK) - throw Pkcs11Exception (status); - - // Some tokens report success even if the new object was truncated to fit in the available memory - vector objectData; - - GetObjectAttribute (slotId, keyfileHandle, CKA_VALUE, objectData); - finally_do_arg (vector *, &objectData, { if (!finally_arg->empty()) burn (&finally_arg->front(), finally_arg->size()); }); - - if (objectData.size() != keyfileData.size()) - { - Pkcs11Functions->C_DestroyObject (Sessions[slotId].Handle, keyfileHandle); - throw Pkcs11Exception (CKR_DEVICE_MEMORY); - } - } - - void SecurityToken::DeleteKeyfile (const SecurityTokenKeyfile &keyfile) - { - LoginUserIfRequired (keyfile.SlotId); - - CK_RV status = Pkcs11Functions->C_DestroyObject (Sessions[keyfile.SlotId].Handle, keyfile.Handle); - if (status != CKR_OK) - throw Pkcs11Exception (status); - } - - vector SecurityToken::GetAvailableKeyfiles (CK_SLOT_ID *slotIdFilter, const wstring keyfileIdFilter, char* pin) - { - bool unrecognizedTokenPresent = false; - vector keyfiles; - - foreach (const CK_SLOT_ID &slotId, GetTokenSlots()) - { - SecurityTokenInfo token; - - if (slotIdFilter && *slotIdFilter != slotId) - continue; - - try - { - LoginUserIfRequired (slotId, pin); - token = GetTokenInfo (slotId); - } - catch (UserAbort &) - { - continue; - } - catch (Pkcs11Exception &e) - { - if (e.GetErrorCode() == CKR_TOKEN_NOT_RECOGNIZED) - { - unrecognizedTokenPresent = true; - continue; - } - - throw; - } - - foreach (const CK_OBJECT_HANDLE &dataHandle, GetObjects (slotId, CKO_DATA)) - { - SecurityTokenKeyfile keyfile; - keyfile.Handle = dataHandle; - keyfile.SlotId = slotId; - keyfile.Token = token; - - vector privateAttrib; - GetObjectAttribute (slotId, dataHandle, CKA_PRIVATE, privateAttrib); - - if (privateAttrib.size() == sizeof (CK_BBOOL) && *(CK_BBOOL *) &privateAttrib.front() != CK_TRUE) - continue; - - vector label; - GetObjectAttribute (slotId, dataHandle, CKA_LABEL, label); - label.push_back (0); - - keyfile.IdUtf8 = (char *) &label.front(); - -#if defined (TC_WINDOWS) && !defined (TC_PROTOTYPE) - keyfile.Id = Utf8StringToWide ((const char *) &label.front()); -#else - keyfile.Id = StringConverter::ToWide ((const char *) &label.front()); -#endif - if (keyfile.Id.empty() || (!keyfileIdFilter.empty() && keyfileIdFilter != keyfile.Id)) - continue; - - keyfiles.push_back (keyfile); - - if (!keyfileIdFilter.empty()) - break; - } - } - - if (keyfiles.empty() && unrecognizedTokenPresent) - throw Pkcs11Exception (CKR_TOKEN_NOT_RECOGNIZED); - - return keyfiles; - } - - list SecurityToken::GetAvailableTokens () - { - bool unrecognizedTokenPresent = false; - list tokens; - - foreach (const CK_SLOT_ID &slotId, GetTokenSlots()) - { - try - { - tokens.push_back (GetTokenInfo (slotId)); - } - catch (Pkcs11Exception &e) - { - if (e.GetErrorCode() == CKR_TOKEN_NOT_RECOGNIZED) - { - unrecognizedTokenPresent = true; - continue; - } - - throw; - } - } - - if (tokens.empty() && unrecognizedTokenPresent) - throw Pkcs11Exception (CKR_TOKEN_NOT_RECOGNIZED); - - return tokens; - } - - SecurityTokenInfo SecurityToken::GetTokenInfo (CK_SLOT_ID slotId) - { - CK_TOKEN_INFO info; - CK_RV status = Pkcs11Functions->C_GetTokenInfo (slotId, &info); - if (status != CKR_OK) - throw Pkcs11Exception (status); - - SecurityTokenInfo token; - token.SlotId = slotId; - token.Flags = info.flags; - - char label[sizeof (info.label) + 1]; - memset (label, 0, sizeof (label)); - memcpy (label, info.label, sizeof (info.label)); - - token.LabelUtf8 = label; - - size_t lastSpace = token.LabelUtf8.find_last_not_of (' '); - if (lastSpace == string::npos) - token.LabelUtf8.clear(); - else - token.LabelUtf8 = token.LabelUtf8.substr (0, lastSpace + 1); - -#if defined (TC_WINDOWS) && !defined (TC_PROTOTYPE) - token.Label = Utf8StringToWide (token.LabelUtf8); -#else - token.Label = StringConverter::ToWide (token.LabelUtf8); -#endif - return token; - } - - void SecurityToken::GetKeyfileData (const SecurityTokenKeyfile &keyfile, vector &keyfileData) - { - GetKeyfileData (keyfile, nullptr, keyfileData); - } - - void SecurityToken::GetKeyfileData (const SecurityTokenKeyfile &keyfile, char* pin, vector &keyfileData) - { - LoginUserIfRequired (keyfile.SlotId, pin); - GetObjectAttribute (keyfile.SlotId, keyfile.Handle, CKA_VALUE, keyfileData); - } - - vector SecurityToken::GetObjects (CK_SLOT_ID slotId, CK_ATTRIBUTE_TYPE objectClass) - { - if (Sessions.find (slotId) == Sessions.end()) - throw ParameterIncorrect (SRC_POS); - - CK_ATTRIBUTE findTemplate; - findTemplate.type = CKA_CLASS; - findTemplate.pValue = &objectClass; - findTemplate.ulValueLen = sizeof (objectClass); - - CK_RV status = Pkcs11Functions->C_FindObjectsInit (Sessions[slotId].Handle, &findTemplate, 1); - if (status != CKR_OK) - throw Pkcs11Exception (status); - - finally_do_arg (CK_SLOT_ID, slotId, { Pkcs11Functions->C_FindObjectsFinal (Sessions[finally_arg].Handle); }); - - CK_ULONG objectCount; - vector objects; - - while (true) - { - CK_OBJECT_HANDLE object; - CK_RV status = Pkcs11Functions->C_FindObjects (Sessions[slotId].Handle, &object, 1, &objectCount); - if (status != CKR_OK) - throw Pkcs11Exception (status); - - if (objectCount != 1) - break; - - objects.push_back (object); - } - - return objects; - } - - void SecurityToken::GetObjectAttribute (CK_SLOT_ID slotId, CK_OBJECT_HANDLE tokenObject, CK_ATTRIBUTE_TYPE attributeType, vector &attributeValue) - { - attributeValue.clear(); - - if (Sessions.find (slotId) == Sessions.end()) - throw ParameterIncorrect (SRC_POS); - - CK_ATTRIBUTE attribute; - attribute.type = attributeType; - attribute.pValue = NULL_PTR; - - CK_RV status = Pkcs11Functions->C_GetAttributeValue (Sessions[slotId].Handle, tokenObject, &attribute, 1); - if (status != CKR_OK) - throw Pkcs11Exception (status); - - if (attribute.ulValueLen == 0) - return; - - attributeValue = vector (attribute.ulValueLen); - attribute.pValue = &attributeValue.front(); - - status = Pkcs11Functions->C_GetAttributeValue (Sessions[slotId].Handle, tokenObject, &attribute, 1); - if (status != CKR_OK) - throw Pkcs11Exception (status); - } - - list SecurityToken::GetTokenSlots () - { - CheckLibraryStatus(); - - list slots; - CK_ULONG slotCount; - - CK_RV status = Pkcs11Functions->C_GetSlotList (TRUE, NULL_PTR, &slotCount); - if (status != CKR_OK) - throw Pkcs11Exception (status); - - if (slotCount > 0) - { - vector slotArray (slotCount); - status = Pkcs11Functions->C_GetSlotList (TRUE, &slotArray.front(), &slotCount); - if (status != CKR_OK) - throw Pkcs11Exception (status); - - for (size_t i = 0; i < slotCount; i++) - { - CK_SLOT_INFO slotInfo; - status = Pkcs11Functions->C_GetSlotInfo (slotArray[i], &slotInfo); - - if (status != CKR_OK || !(slotInfo.flags & CKF_TOKEN_PRESENT)) - continue; - - slots.push_back (slotArray[i]); - } - } - - return slots; - } - - bool SecurityToken::IsKeyfilePathValid (const wstring &securityTokenKeyfilePath) - { - return securityTokenKeyfilePath.find (TC_SECURITY_TOKEN_KEYFILE_URL_PREFIX) == 0; - } - - void SecurityToken::Login (CK_SLOT_ID slotId, const char* pin) - { - if (Sessions.find (slotId) == Sessions.end()) - OpenSession (slotId); - else if (Sessions[slotId].UserLoggedIn) - return; - - size_t pinLen = pin? strlen (pin) : 0; - CK_RV status = Pkcs11Functions->C_Login (Sessions[slotId].Handle, CKU_USER, (CK_CHAR_PTR) pin, (CK_ULONG) pinLen); - - if (status != CKR_OK) - throw Pkcs11Exception (status); - - Sessions[slotId].UserLoggedIn = true; - } - - void SecurityToken::LoginUserIfRequired (CK_SLOT_ID slotId, char* cmdPin) - { - CheckLibraryStatus(); - CK_RV status; - - if (Sessions.find (slotId) == Sessions.end()) - { - OpenSession (slotId); - } - else - { - CK_SESSION_INFO sessionInfo; - status = Pkcs11Functions->C_GetSessionInfo (Sessions[slotId].Handle, &sessionInfo); - - if (status == CKR_OK) - { - Sessions[slotId].UserLoggedIn = (sessionInfo.state == CKS_RO_USER_FUNCTIONS || sessionInfo.state == CKS_RW_USER_FUNCTIONS); - } - else - { - try - { - CloseSession (slotId); - } - catch (...) { } - OpenSession (slotId); - } - } - - SecurityTokenInfo tokenInfo = GetTokenInfo (slotId); - - while (!Sessions[slotId].UserLoggedIn && (tokenInfo.Flags & CKF_LOGIN_REQUIRED)) - { - try - { - if (tokenInfo.Flags & CKF_PROTECTED_AUTHENTICATION_PATH) - { - status = Pkcs11Functions->C_Login (Sessions[slotId].Handle, CKU_USER, NULL_PTR, 0); - if (status != CKR_OK) - throw Pkcs11Exception (status); - } - else if (cmdPin && cmdPin [0]) - { - Login (slotId, cmdPin); - } - else - { - string pin = tokenInfo.LabelUtf8; - if (tokenInfo.Label.empty()) - { - stringstream s; - s << "#" << slotId; - pin = s.str(); - } - - finally_do_arg (string*, &pin, { burn ((void *) finally_arg->c_str(), finally_arg->size()); }); - - (*PinCallback) (pin); - Login (slotId, pin.c_str()); - } - - Sessions[slotId].UserLoggedIn = true; - } - catch (Pkcs11Exception &e) - { - CK_RV error = e.GetErrorCode(); - - if (error == CKR_USER_ALREADY_LOGGED_IN) - { - break; - } - else if (error == CKR_PIN_INCORRECT && !(tokenInfo.Flags & CKF_PROTECTED_AUTHENTICATION_PATH)) - { - if (cmdPin && cmdPin [0]) - { - // clear wrong PIN - size_t cmdPinLen = strlen (cmdPin); - burn (cmdPin, cmdPinLen); - } - (*WarningCallback) (Pkcs11Exception (CKR_PIN_INCORRECT)); - continue; - } - - throw; - } - } - } - -#ifdef TC_WINDOWS - void SecurityToken::InitLibrary (const wstring &pkcs11LibraryPath, auto_ptr pinCallback, auto_ptr warningCallback) -#else - void SecurityToken::InitLibrary (const string &pkcs11LibraryPath, auto_ptr pinCallback, auto_ptr warningCallback) -#endif - { - if (Initialized) - CloseLibrary(); - -#ifdef TC_WINDOWS +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Platform/Finally.h" +#include "Platform/ForEach.h" + +#if !defined (TC_WINDOWS) || defined (TC_PROTOTYPE) +# include "Platform/SerializerFactory.h" +# include "Platform/StringConverter.h" +# include "Platform/SystemException.h" +#else +# include "Dictionary.h" +# include "Language.h" +#endif + +#ifdef TC_UNIX +# include +#endif + +#include "SecurityToken.h" + +#ifndef burn +# define burn Memory::Erase +#endif + +using namespace std; + +namespace VeraCrypt +{ + SecurityTokenKeyfile::SecurityTokenKeyfile (const SecurityTokenKeyfilePath &path, char* pin) + { + wstring pathStr = path; + unsigned long slotId; + + if (swscanf (pathStr.c_str(), TC_SECURITY_TOKEN_KEYFILE_URL_PREFIX TC_SECURITY_TOKEN_KEYFILE_URL_SLOT L"/%lu", &slotId) != 1) + throw InvalidSecurityTokenKeyfilePath(); + + SlotId = slotId; + + size_t keyIdPos = pathStr.find (L"/" TC_SECURITY_TOKEN_KEYFILE_URL_FILE L"/"); + if (keyIdPos == wstring::npos) + throw InvalidSecurityTokenKeyfilePath(); + + Id = pathStr.substr (keyIdPos + wstring (L"/" TC_SECURITY_TOKEN_KEYFILE_URL_FILE L"/").size()); + + vector keyfiles = SecurityToken::GetAvailableKeyfiles (&SlotId, Id, pin); + + if (keyfiles.empty()) + throw SecurityTokenKeyfileNotFound(); + + *this = keyfiles.front(); + } + + SecurityTokenKeyfile::operator SecurityTokenKeyfilePath () const + { + wstringstream path; + path << TC_SECURITY_TOKEN_KEYFILE_URL_PREFIX TC_SECURITY_TOKEN_KEYFILE_URL_SLOT L"/" << SlotId << L"/" TC_SECURITY_TOKEN_KEYFILE_URL_FILE L"/" << Id; + return path.str(); + } + + void SecurityToken::CheckLibraryStatus () + { + if (!Initialized) + throw SecurityTokenLibraryNotInitialized(); + } + + void SecurityToken::CloseLibrary () + { + if (Initialized) + { + CloseAllSessions(); + Pkcs11Functions->C_Finalize (NULL_PTR); + +#ifdef TC_WINDOWS + FreeLibrary (Pkcs11LibraryHandle); +#else + dlclose (Pkcs11LibraryHandle); +#endif + Initialized = false; + } + } + + void SecurityToken::CloseAllSessions () throw () + { + if (!Initialized) + return; + + typedef pair SessionMapPair; + + foreach (SessionMapPair p, Sessions) + { + try + { + CloseSession (p.first); + } + catch (...) { } + } + } + + void SecurityToken::CloseSession (CK_SLOT_ID slotId) + { + if (Sessions.find (slotId) == Sessions.end()) + throw ParameterIncorrect (SRC_POS); + + Pkcs11Functions->C_CloseSession (Sessions[slotId].Handle); + Sessions.erase (Sessions.find (slotId)); + } + + void SecurityToken::CreateKeyfile (CK_SLOT_ID slotId, vector &keyfileData, const string &name) + { + if (name.empty()) + throw ParameterIncorrect (SRC_POS); + + LoginUserIfRequired (slotId); + + foreach (const SecurityTokenKeyfile &keyfile, GetAvailableKeyfiles (&slotId)) + { + if (keyfile.IdUtf8 == name) + throw SecurityTokenKeyfileAlreadyExists(); + } + + CK_OBJECT_CLASS dataClass = CKO_DATA; + CK_BBOOL trueVal = CK_TRUE; + + CK_ATTRIBUTE keyfileTemplate[] = + { + { CKA_CLASS, &dataClass, sizeof (dataClass) }, + { CKA_TOKEN, &trueVal, sizeof (trueVal) }, + { CKA_PRIVATE, &trueVal, sizeof (trueVal) }, + { CKA_LABEL, (CK_UTF8CHAR *) name.c_str(), (CK_ULONG) name.size() }, + { CKA_VALUE, &keyfileData.front(), (CK_ULONG) keyfileData.size() } + }; + + CK_OBJECT_HANDLE keyfileHandle; + + CK_RV status = Pkcs11Functions->C_CreateObject (Sessions[slotId].Handle, keyfileTemplate, array_capacity (keyfileTemplate), &keyfileHandle); + + switch (status) + { + case CKR_DATA_LEN_RANGE: + status = CKR_DEVICE_MEMORY; + break; + + case CKR_SESSION_READ_ONLY: + status = CKR_TOKEN_WRITE_PROTECTED; + break; + } + + if (status != CKR_OK) + throw Pkcs11Exception (status); + + // Some tokens report success even if the new object was truncated to fit in the available memory + vector objectData; + + GetObjectAttribute (slotId, keyfileHandle, CKA_VALUE, objectData); + finally_do_arg (vector *, &objectData, { if (!finally_arg->empty()) burn (&finally_arg->front(), finally_arg->size()); }); + + if (objectData.size() != keyfileData.size()) + { + Pkcs11Functions->C_DestroyObject (Sessions[slotId].Handle, keyfileHandle); + throw Pkcs11Exception (CKR_DEVICE_MEMORY); + } + } + + void SecurityToken::DeleteKeyfile (const SecurityTokenKeyfile &keyfile) + { + LoginUserIfRequired (keyfile.SlotId); + + CK_RV status = Pkcs11Functions->C_DestroyObject (Sessions[keyfile.SlotId].Handle, keyfile.Handle); + if (status != CKR_OK) + throw Pkcs11Exception (status); + } + + vector SecurityToken::GetAvailableKeyfiles (CK_SLOT_ID *slotIdFilter, const wstring keyfileIdFilter, char* pin) + { + bool unrecognizedTokenPresent = false; + vector keyfiles; + + foreach (const CK_SLOT_ID &slotId, GetTokenSlots()) + { + SecurityTokenInfo token; + + if (slotIdFilter && *slotIdFilter != slotId) + continue; + + try + { + LoginUserIfRequired (slotId, pin); + token = GetTokenInfo (slotId); + } + catch (UserAbort &) + { + continue; + } + catch (Pkcs11Exception &e) + { + if (e.GetErrorCode() == CKR_TOKEN_NOT_RECOGNIZED) + { + unrecognizedTokenPresent = true; + continue; + } + + throw; + } + + foreach (const CK_OBJECT_HANDLE &dataHandle, GetObjects (slotId, CKO_DATA)) + { + SecurityTokenKeyfile keyfile; + keyfile.Handle = dataHandle; + keyfile.SlotId = slotId; + keyfile.Token = token; + + vector privateAttrib; + GetObjectAttribute (slotId, dataHandle, CKA_PRIVATE, privateAttrib); + + if (privateAttrib.size() == sizeof (CK_BBOOL) && *(CK_BBOOL *) &privateAttrib.front() != CK_TRUE) + continue; + + vector label; + GetObjectAttribute (slotId, dataHandle, CKA_LABEL, label); + label.push_back (0); + + keyfile.IdUtf8 = (char *) &label.front(); + +#if defined (TC_WINDOWS) && !defined (TC_PROTOTYPE) + keyfile.Id = Utf8StringToWide ((const char *) &label.front()); +#else + keyfile.Id = StringConverter::ToWide ((const char *) &label.front()); +#endif + if (keyfile.Id.empty() || (!keyfileIdFilter.empty() && keyfileIdFilter != keyfile.Id)) + continue; + + keyfiles.push_back (keyfile); + + if (!keyfileIdFilter.empty()) + break; + } + } + + if (keyfiles.empty() && unrecognizedTokenPresent) + throw Pkcs11Exception (CKR_TOKEN_NOT_RECOGNIZED); + + return keyfiles; + } + + list SecurityToken::GetAvailableTokens () + { + bool unrecognizedTokenPresent = false; + list tokens; + + foreach (const CK_SLOT_ID &slotId, GetTokenSlots()) + { + try + { + tokens.push_back (GetTokenInfo (slotId)); + } + catch (Pkcs11Exception &e) + { + if (e.GetErrorCode() == CKR_TOKEN_NOT_RECOGNIZED) + { + unrecognizedTokenPresent = true; + continue; + } + + throw; + } + } + + if (tokens.empty() && unrecognizedTokenPresent) + throw Pkcs11Exception (CKR_TOKEN_NOT_RECOGNIZED); + + return tokens; + } + + SecurityTokenInfo SecurityToken::GetTokenInfo (CK_SLOT_ID slotId) + { + CK_TOKEN_INFO info; + CK_RV status = Pkcs11Functions->C_GetTokenInfo (slotId, &info); + if (status != CKR_OK) + throw Pkcs11Exception (status); + + SecurityTokenInfo token; + token.SlotId = slotId; + token.Flags = info.flags; + + char label[sizeof (info.label) + 1]; + memset (label, 0, sizeof (label)); + memcpy (label, info.label, sizeof (info.label)); + + token.LabelUtf8 = label; + + size_t lastSpace = token.LabelUtf8.find_last_not_of (' '); + if (lastSpace == string::npos) + token.LabelUtf8.clear(); + else + token.LabelUtf8 = token.LabelUtf8.substr (0, lastSpace + 1); + +#if defined (TC_WINDOWS) && !defined (TC_PROTOTYPE) + token.Label = Utf8StringToWide (token.LabelUtf8); +#else + token.Label = StringConverter::ToWide (token.LabelUtf8); +#endif + return token; + } + + void SecurityToken::GetKeyfileData (const SecurityTokenKeyfile &keyfile, vector &keyfileData) + { + GetKeyfileData (keyfile, nullptr, keyfileData); + } + + void SecurityToken::GetKeyfileData (const SecurityTokenKeyfile &keyfile, char* pin, vector &keyfileData) + { + LoginUserIfRequired (keyfile.SlotId, pin); + GetObjectAttribute (keyfile.SlotId, keyfile.Handle, CKA_VALUE, keyfileData); + } + + vector SecurityToken::GetObjects (CK_SLOT_ID slotId, CK_ATTRIBUTE_TYPE objectClass) + { + if (Sessions.find (slotId) == Sessions.end()) + throw ParameterIncorrect (SRC_POS); + + CK_ATTRIBUTE findTemplate; + findTemplate.type = CKA_CLASS; + findTemplate.pValue = &objectClass; + findTemplate.ulValueLen = sizeof (objectClass); + + CK_RV status = Pkcs11Functions->C_FindObjectsInit (Sessions[slotId].Handle, &findTemplate, 1); + if (status != CKR_OK) + throw Pkcs11Exception (status); + + finally_do_arg (CK_SLOT_ID, slotId, { Pkcs11Functions->C_FindObjectsFinal (Sessions[finally_arg].Handle); }); + + CK_ULONG objectCount; + vector objects; + + while (true) + { + CK_OBJECT_HANDLE object; + CK_RV status = Pkcs11Functions->C_FindObjects (Sessions[slotId].Handle, &object, 1, &objectCount); + if (status != CKR_OK) + throw Pkcs11Exception (status); + + if (objectCount != 1) + break; + + objects.push_back (object); + } + + return objects; + } + + void SecurityToken::GetObjectAttribute (CK_SLOT_ID slotId, CK_OBJECT_HANDLE tokenObject, CK_ATTRIBUTE_TYPE attributeType, vector &attributeValue) + { + attributeValue.clear(); + + if (Sessions.find (slotId) == Sessions.end()) + throw ParameterIncorrect (SRC_POS); + + CK_ATTRIBUTE attribute; + attribute.type = attributeType; + attribute.pValue = NULL_PTR; + + CK_RV status = Pkcs11Functions->C_GetAttributeValue (Sessions[slotId].Handle, tokenObject, &attribute, 1); + if (status != CKR_OK) + throw Pkcs11Exception (status); + + if (attribute.ulValueLen == 0) + return; + + attributeValue = vector (attribute.ulValueLen); + attribute.pValue = &attributeValue.front(); + + status = Pkcs11Functions->C_GetAttributeValue (Sessions[slotId].Handle, tokenObject, &attribute, 1); + if (status != CKR_OK) + throw Pkcs11Exception (status); + } + + list SecurityToken::GetTokenSlots () + { + CheckLibraryStatus(); + + list slots; + CK_ULONG slotCount; + + CK_RV status = Pkcs11Functions->C_GetSlotList (TRUE, NULL_PTR, &slotCount); + if (status != CKR_OK) + throw Pkcs11Exception (status); + + if (slotCount > 0) + { + vector slotArray (slotCount); + status = Pkcs11Functions->C_GetSlotList (TRUE, &slotArray.front(), &slotCount); + if (status != CKR_OK) + throw Pkcs11Exception (status); + + for (size_t i = 0; i < slotCount; i++) + { + CK_SLOT_INFO slotInfo; + status = Pkcs11Functions->C_GetSlotInfo (slotArray[i], &slotInfo); + + if (status != CKR_OK || !(slotInfo.flags & CKF_TOKEN_PRESENT)) + continue; + + slots.push_back (slotArray[i]); + } + } + + return slots; + } + + bool SecurityToken::IsKeyfilePathValid (const wstring &securityTokenKeyfilePath) + { + return securityTokenKeyfilePath.find (TC_SECURITY_TOKEN_KEYFILE_URL_PREFIX) == 0; + } + + void SecurityToken::Login (CK_SLOT_ID slotId, const char* pin) + { + if (Sessions.find (slotId) == Sessions.end()) + OpenSession (slotId); + else if (Sessions[slotId].UserLoggedIn) + return; + + size_t pinLen = pin? strlen (pin) : 0; + CK_RV status = Pkcs11Functions->C_Login (Sessions[slotId].Handle, CKU_USER, (CK_CHAR_PTR) pin, (CK_ULONG) pinLen); + + if (status != CKR_OK) + throw Pkcs11Exception (status); + + Sessions[slotId].UserLoggedIn = true; + } + + void SecurityToken::LoginUserIfRequired (CK_SLOT_ID slotId, char* cmdPin) + { + CheckLibraryStatus(); + CK_RV status; + + if (Sessions.find (slotId) == Sessions.end()) + { + OpenSession (slotId); + } + else + { + CK_SESSION_INFO sessionInfo; + status = Pkcs11Functions->C_GetSessionInfo (Sessions[slotId].Handle, &sessionInfo); + + if (status == CKR_OK) + { + Sessions[slotId].UserLoggedIn = (sessionInfo.state == CKS_RO_USER_FUNCTIONS || sessionInfo.state == CKS_RW_USER_FUNCTIONS); + } + else + { + try + { + CloseSession (slotId); + } + catch (...) { } + OpenSession (slotId); + } + } + + SecurityTokenInfo tokenInfo = GetTokenInfo (slotId); + + while (!Sessions[slotId].UserLoggedIn && (tokenInfo.Flags & CKF_LOGIN_REQUIRED)) + { + try + { + if (tokenInfo.Flags & CKF_PROTECTED_AUTHENTICATION_PATH) + { + status = Pkcs11Functions->C_Login (Sessions[slotId].Handle, CKU_USER, NULL_PTR, 0); + if (status != CKR_OK) + throw Pkcs11Exception (status); + } + else if (cmdPin && cmdPin [0]) + { + Login (slotId, cmdPin); + } + else + { + string pin = tokenInfo.LabelUtf8; + if (tokenInfo.Label.empty()) + { + stringstream s; + s << "#" << slotId; + pin = s.str(); + } + + finally_do_arg (string*, &pin, { burn ((void *) finally_arg->c_str(), finally_arg->size()); }); + + (*PinCallback) (pin); + Login (slotId, pin.c_str()); + } + + Sessions[slotId].UserLoggedIn = true; + } + catch (Pkcs11Exception &e) + { + CK_RV error = e.GetErrorCode(); + + if (error == CKR_USER_ALREADY_LOGGED_IN) + { + break; + } + else if (error == CKR_PIN_INCORRECT && !(tokenInfo.Flags & CKF_PROTECTED_AUTHENTICATION_PATH)) + { + if (cmdPin && cmdPin [0]) + { + // clear wrong PIN + size_t cmdPinLen = strlen (cmdPin); + burn (cmdPin, cmdPinLen); + } + (*WarningCallback) (Pkcs11Exception (CKR_PIN_INCORRECT)); + continue; + } + + throw; + } + } + } + +#ifdef TC_WINDOWS + void SecurityToken::InitLibrary (const wstring &pkcs11LibraryPath, auto_ptr pinCallback, auto_ptr warningCallback) +#else + void SecurityToken::InitLibrary (const string &pkcs11LibraryPath, auto_ptr pinCallback, auto_ptr warningCallback) +#endif + { + if (Initialized) + CloseLibrary(); + +#ifdef TC_WINDOWS Pkcs11LibraryHandle = LoadLibraryW (pkcs11LibraryPath.c_str()); - throw_sys_if (!Pkcs11LibraryHandle); -#else + throw_sys_if (!Pkcs11LibraryHandle); +#else Pkcs11LibraryHandle = dlopen (pkcs11LibraryPath.c_str(), RTLD_NOW | RTLD_LOCAL); - throw_sys_sub_if (!Pkcs11LibraryHandle, dlerror()); -#endif - - - typedef CK_RV (*C_GetFunctionList_t) (CK_FUNCTION_LIST_PTR_PTR ppFunctionList); -#ifdef TC_WINDOWS - C_GetFunctionList_t C_GetFunctionList = (C_GetFunctionList_t) GetProcAddress (Pkcs11LibraryHandle, "C_GetFunctionList"); -#else - C_GetFunctionList_t C_GetFunctionList = (C_GetFunctionList_t) dlsym (Pkcs11LibraryHandle, "C_GetFunctionList"); -#endif - - if (!C_GetFunctionList) - throw SecurityTokenLibraryNotInitialized(); - - CK_RV status = C_GetFunctionList (&Pkcs11Functions); - if (status != CKR_OK) - throw Pkcs11Exception (status); - - status = Pkcs11Functions->C_Initialize (NULL_PTR); - if (status != CKR_OK) - throw Pkcs11Exception (status); - - PinCallback = pinCallback; - WarningCallback = warningCallback; - - Initialized = true; - } - - void SecurityToken::OpenSession (CK_SLOT_ID slotId) - { - if (Sessions.find (slotId) != Sessions.end()) - return; - - CK_SESSION_HANDLE session; - - CK_FLAGS flags = CKF_SERIAL_SESSION; - - if (!(GetTokenInfo (slotId).Flags & CKF_WRITE_PROTECTED)) - flags |= CKF_RW_SESSION; - - CK_RV status = Pkcs11Functions->C_OpenSession (slotId, flags, NULL_PTR, NULL_PTR, &session); - if (status != CKR_OK) - throw Pkcs11Exception (status); - - Sessions[slotId].Handle = session; - } - - Pkcs11Exception::operator string () const - { - if (ErrorCode == CKR_OK) - return string(); - - static const struct - { - CK_RV ErrorCode; - const char *ErrorString; - } ErrorStrings[] = - { -# define TC_TOKEN_ERR(CODE) { CODE, #CODE }, - - TC_TOKEN_ERR (CKR_CANCEL) - TC_TOKEN_ERR (CKR_HOST_MEMORY) - TC_TOKEN_ERR (CKR_SLOT_ID_INVALID) - TC_TOKEN_ERR (CKR_GENERAL_ERROR) - TC_TOKEN_ERR (CKR_FUNCTION_FAILED) - TC_TOKEN_ERR (CKR_ARGUMENTS_BAD) - TC_TOKEN_ERR (CKR_NO_EVENT) - TC_TOKEN_ERR (CKR_NEED_TO_CREATE_THREADS) - TC_TOKEN_ERR (CKR_CANT_LOCK) - TC_TOKEN_ERR (CKR_ATTRIBUTE_READ_ONLY) - TC_TOKEN_ERR (CKR_ATTRIBUTE_SENSITIVE) - TC_TOKEN_ERR (CKR_ATTRIBUTE_TYPE_INVALID) - TC_TOKEN_ERR (CKR_ATTRIBUTE_VALUE_INVALID) - TC_TOKEN_ERR (CKR_DATA_INVALID) - TC_TOKEN_ERR (CKR_DATA_LEN_RANGE) - TC_TOKEN_ERR (CKR_DEVICE_ERROR) - TC_TOKEN_ERR (CKR_DEVICE_MEMORY) - TC_TOKEN_ERR (CKR_DEVICE_REMOVED) - TC_TOKEN_ERR (CKR_ENCRYPTED_DATA_INVALID) - TC_TOKEN_ERR (CKR_ENCRYPTED_DATA_LEN_RANGE) - TC_TOKEN_ERR (CKR_FUNCTION_CANCELED) - TC_TOKEN_ERR (CKR_FUNCTION_NOT_PARALLEL) - TC_TOKEN_ERR (CKR_FUNCTION_NOT_SUPPORTED) - TC_TOKEN_ERR (CKR_KEY_HANDLE_INVALID) - TC_TOKEN_ERR (CKR_KEY_SIZE_RANGE) - TC_TOKEN_ERR (CKR_KEY_TYPE_INCONSISTENT) - TC_TOKEN_ERR (CKR_KEY_NOT_NEEDED) - TC_TOKEN_ERR (CKR_KEY_CHANGED) - TC_TOKEN_ERR (CKR_KEY_NEEDED) - TC_TOKEN_ERR (CKR_KEY_INDIGESTIBLE) - TC_TOKEN_ERR (CKR_KEY_FUNCTION_NOT_PERMITTED) - TC_TOKEN_ERR (CKR_KEY_NOT_WRAPPABLE) - TC_TOKEN_ERR (CKR_KEY_UNEXTRACTABLE) - TC_TOKEN_ERR (CKR_MECHANISM_INVALID) - TC_TOKEN_ERR (CKR_MECHANISM_PARAM_INVALID) - TC_TOKEN_ERR (CKR_OBJECT_HANDLE_INVALID) - TC_TOKEN_ERR (CKR_OPERATION_ACTIVE) - TC_TOKEN_ERR (CKR_OPERATION_NOT_INITIALIZED) - TC_TOKEN_ERR (CKR_PIN_INCORRECT) - TC_TOKEN_ERR (CKR_PIN_INVALID) - TC_TOKEN_ERR (CKR_PIN_LEN_RANGE) - TC_TOKEN_ERR (CKR_PIN_EXPIRED) - TC_TOKEN_ERR (CKR_PIN_LOCKED) - TC_TOKEN_ERR (CKR_SESSION_CLOSED) - TC_TOKEN_ERR (CKR_SESSION_COUNT) - TC_TOKEN_ERR (CKR_SESSION_HANDLE_INVALID) - TC_TOKEN_ERR (CKR_SESSION_PARALLEL_NOT_SUPPORTED) - TC_TOKEN_ERR (CKR_SESSION_READ_ONLY) - TC_TOKEN_ERR (CKR_SESSION_EXISTS) - TC_TOKEN_ERR (CKR_SESSION_READ_ONLY_EXISTS) - TC_TOKEN_ERR (CKR_SESSION_READ_WRITE_SO_EXISTS) - TC_TOKEN_ERR (CKR_SIGNATURE_INVALID) - TC_TOKEN_ERR (CKR_SIGNATURE_LEN_RANGE) - TC_TOKEN_ERR (CKR_TEMPLATE_INCOMPLETE) - TC_TOKEN_ERR (CKR_TEMPLATE_INCONSISTENT) - TC_TOKEN_ERR (CKR_TOKEN_NOT_PRESENT) - TC_TOKEN_ERR (CKR_TOKEN_NOT_RECOGNIZED) - TC_TOKEN_ERR (CKR_TOKEN_WRITE_PROTECTED) - TC_TOKEN_ERR (CKR_UNWRAPPING_KEY_HANDLE_INVALID) - TC_TOKEN_ERR (CKR_UNWRAPPING_KEY_SIZE_RANGE) - TC_TOKEN_ERR (CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT) - TC_TOKEN_ERR (CKR_USER_ALREADY_LOGGED_IN) - TC_TOKEN_ERR (CKR_USER_NOT_LOGGED_IN) - TC_TOKEN_ERR (CKR_USER_PIN_NOT_INITIALIZED) - TC_TOKEN_ERR (CKR_USER_TYPE_INVALID) - TC_TOKEN_ERR (CKR_USER_ANOTHER_ALREADY_LOGGED_IN) - TC_TOKEN_ERR (CKR_USER_TOO_MANY_TYPES) - TC_TOKEN_ERR (CKR_WRAPPED_KEY_INVALID) - TC_TOKEN_ERR (CKR_WRAPPED_KEY_LEN_RANGE) - TC_TOKEN_ERR (CKR_WRAPPING_KEY_HANDLE_INVALID) - TC_TOKEN_ERR (CKR_WRAPPING_KEY_SIZE_RANGE) - TC_TOKEN_ERR (CKR_WRAPPING_KEY_TYPE_INCONSISTENT) - TC_TOKEN_ERR (CKR_RANDOM_SEED_NOT_SUPPORTED) - TC_TOKEN_ERR (CKR_RANDOM_NO_RNG) - TC_TOKEN_ERR (CKR_DOMAIN_PARAMS_INVALID) - TC_TOKEN_ERR (CKR_BUFFER_TOO_SMALL) - TC_TOKEN_ERR (CKR_SAVED_STATE_INVALID) - TC_TOKEN_ERR (CKR_INFORMATION_SENSITIVE) - TC_TOKEN_ERR (CKR_STATE_UNSAVEABLE) - TC_TOKEN_ERR (CKR_CRYPTOKI_NOT_INITIALIZED) - TC_TOKEN_ERR (CKR_CRYPTOKI_ALREADY_INITIALIZED) - TC_TOKEN_ERR (CKR_MUTEX_BAD) - TC_TOKEN_ERR (CKR_MUTEX_NOT_LOCKED) - TC_TOKEN_ERR (CKR_NEW_PIN_MODE) - TC_TOKEN_ERR (CKR_NEXT_OTP) - TC_TOKEN_ERR (CKR_FUNCTION_REJECTED) - -#undef TC_TOKEN_ERR - }; - - - for (size_t i = 0; i < array_capacity (ErrorStrings); ++i) - { - if (ErrorStrings[i].ErrorCode == ErrorCode) - return ErrorStrings[i].ErrorString; - } - - stringstream s; - s << "0x" << hex << ErrorCode; - return s.str(); - - } - -#ifdef TC_HEADER_Common_Exception - void Pkcs11Exception::Show (HWND parent) const - { - string errorString = string (*this); - - if (!errorString.empty()) - { - wstringstream subjectErrorCode; - if (SubjectErrorCodeValid) - subjectErrorCode << L": " << SubjectErrorCode; - - if (!GetDictionaryValue (errorString.c_str())) - { - if (errorString.find ("CKR_") == 0) - { - errorString = errorString.substr (4); - for (size_t i = 0; i < errorString.size(); ++i) - { - if (errorString[i] == '_') - errorString[i] = ' '; - } - } - wchar_t err[8192]; - StringCbPrintfW (err, sizeof(err),L"%s:\n\n%hs%s", GetString ("SECURITY_TOKEN_ERROR"), errorString.c_str(), subjectErrorCode.str().c_str()); - ErrorDirect (err, parent); - } - else - { - wstring err = GetString (errorString.c_str()); - - if (SubjectErrorCodeValid) - err += L"\n\nError code" + subjectErrorCode.str(); - - ErrorDirect (err.c_str(), parent); - } - } - } -#endif // TC_HEADER_Common_Exception - - auto_ptr SecurityToken::PinCallback; - auto_ptr SecurityToken::WarningCallback; - - bool SecurityToken::Initialized; - CK_FUNCTION_LIST_PTR SecurityToken::Pkcs11Functions; - map SecurityToken::Sessions; - -#ifdef TC_WINDOWS - HMODULE SecurityToken::Pkcs11LibraryHandle; -#else - void *SecurityToken::Pkcs11LibraryHandle; -#endif - -#ifdef TC_HEADER_Platform_Exception - - void Pkcs11Exception::Deserialize (shared_ptr stream) - { - Exception::Deserialize (stream); - Serializer sr (stream); - uint64 code; - sr.Deserialize ("ErrorCode", code); - sr.Deserialize ("SubjectErrorCodeValid", SubjectErrorCodeValid); - sr.Deserialize ("SubjectErrorCode", SubjectErrorCode); - ErrorCode = (CK_RV) code; - } - - void Pkcs11Exception::Serialize (shared_ptr stream) const - { - Exception::Serialize (stream); - Serializer sr (stream); - sr.Serialize ("ErrorCode", (uint64) ErrorCode); - sr.Serialize ("SubjectErrorCodeValid", SubjectErrorCodeValid); - sr.Serialize ("SubjectErrorCode", SubjectErrorCode); - } - -# define TC_EXCEPTION(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE) -# undef TC_EXCEPTION_NODECL -# define TC_EXCEPTION_NODECL(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE) - - TC_SERIALIZER_FACTORY_ADD_EXCEPTION_SET (SecurityTokenException); - -#endif -} + throw_sys_sub_if (!Pkcs11LibraryHandle, dlerror()); +#endif + + + typedef CK_RV (*C_GetFunctionList_t) (CK_FUNCTION_LIST_PTR_PTR ppFunctionList); +#ifdef TC_WINDOWS + C_GetFunctionList_t C_GetFunctionList = (C_GetFunctionList_t) GetProcAddress (Pkcs11LibraryHandle, "C_GetFunctionList"); +#else + C_GetFunctionList_t C_GetFunctionList = (C_GetFunctionList_t) dlsym (Pkcs11LibraryHandle, "C_GetFunctionList"); +#endif + + if (!C_GetFunctionList) + throw SecurityTokenLibraryNotInitialized(); + + CK_RV status = C_GetFunctionList (&Pkcs11Functions); + if (status != CKR_OK) + throw Pkcs11Exception (status); + + status = Pkcs11Functions->C_Initialize (NULL_PTR); + if (status != CKR_OK) + throw Pkcs11Exception (status); + + PinCallback = pinCallback; + WarningCallback = warningCallback; + + Initialized = true; + } + + void SecurityToken::OpenSession (CK_SLOT_ID slotId) + { + if (Sessions.find (slotId) != Sessions.end()) + return; + + CK_SESSION_HANDLE session; + + CK_FLAGS flags = CKF_SERIAL_SESSION; + + if (!(GetTokenInfo (slotId).Flags & CKF_WRITE_PROTECTED)) + flags |= CKF_RW_SESSION; + + CK_RV status = Pkcs11Functions->C_OpenSession (slotId, flags, NULL_PTR, NULL_PTR, &session); + if (status != CKR_OK) + throw Pkcs11Exception (status); + + Sessions[slotId].Handle = session; + } + + Pkcs11Exception::operator string () const + { + if (ErrorCode == CKR_OK) + return string(); + + static const struct + { + CK_RV ErrorCode; + const char *ErrorString; + } ErrorStrings[] = + { +# define TC_TOKEN_ERR(CODE) { CODE, #CODE }, + + TC_TOKEN_ERR (CKR_CANCEL) + TC_TOKEN_ERR (CKR_HOST_MEMORY) + TC_TOKEN_ERR (CKR_SLOT_ID_INVALID) + TC_TOKEN_ERR (CKR_GENERAL_ERROR) + TC_TOKEN_ERR (CKR_FUNCTION_FAILED) + TC_TOKEN_ERR (CKR_ARGUMENTS_BAD) + TC_TOKEN_ERR (CKR_NO_EVENT) + TC_TOKEN_ERR (CKR_NEED_TO_CREATE_THREADS) + TC_TOKEN_ERR (CKR_CANT_LOCK) + TC_TOKEN_ERR (CKR_ATTRIBUTE_READ_ONLY) + TC_TOKEN_ERR (CKR_ATTRIBUTE_SENSITIVE) + TC_TOKEN_ERR (CKR_ATTRIBUTE_TYPE_INVALID) + TC_TOKEN_ERR (CKR_ATTRIBUTE_VALUE_INVALID) + TC_TOKEN_ERR (CKR_DATA_INVALID) + TC_TOKEN_ERR (CKR_DATA_LEN_RANGE) + TC_TOKEN_ERR (CKR_DEVICE_ERROR) + TC_TOKEN_ERR (CKR_DEVICE_MEMORY) + TC_TOKEN_ERR (CKR_DEVICE_REMOVED) + TC_TOKEN_ERR (CKR_ENCRYPTED_DATA_INVALID) + TC_TOKEN_ERR (CKR_ENCRYPTED_DATA_LEN_RANGE) + TC_TOKEN_ERR (CKR_FUNCTION_CANCELED) + TC_TOKEN_ERR (CKR_FUNCTION_NOT_PARALLEL) + TC_TOKEN_ERR (CKR_FUNCTION_NOT_SUPPORTED) + TC_TOKEN_ERR (CKR_KEY_HANDLE_INVALID) + TC_TOKEN_ERR (CKR_KEY_SIZE_RANGE) + TC_TOKEN_ERR (CKR_KEY_TYPE_INCONSISTENT) + TC_TOKEN_ERR (CKR_KEY_NOT_NEEDED) + TC_TOKEN_ERR (CKR_KEY_CHANGED) + TC_TOKEN_ERR (CKR_KEY_NEEDED) + TC_TOKEN_ERR (CKR_KEY_INDIGESTIBLE) + TC_TOKEN_ERR (CKR_KEY_FUNCTION_NOT_PERMITTED) + TC_TOKEN_ERR (CKR_KEY_NOT_WRAPPABLE) + TC_TOKEN_ERR (CKR_KEY_UNEXTRACTABLE) + TC_TOKEN_ERR (CKR_MECHANISM_INVALID) + TC_TOKEN_ERR (CKR_MECHANISM_PARAM_INVALID) + TC_TOKEN_ERR (CKR_OBJECT_HANDLE_INVALID) + TC_TOKEN_ERR (CKR_OPERATION_ACTIVE) + TC_TOKEN_ERR (CKR_OPERATION_NOT_INITIALIZED) + TC_TOKEN_ERR (CKR_PIN_INCORRECT) + TC_TOKEN_ERR (CKR_PIN_INVALID) + TC_TOKEN_ERR (CKR_PIN_LEN_RANGE) + TC_TOKEN_ERR (CKR_PIN_EXPIRED) + TC_TOKEN_ERR (CKR_PIN_LOCKED) + TC_TOKEN_ERR (CKR_SESSION_CLOSED) + TC_TOKEN_ERR (CKR_SESSION_COUNT) + TC_TOKEN_ERR (CKR_SESSION_HANDLE_INVALID) + TC_TOKEN_ERR (CKR_SESSION_PARALLEL_NOT_SUPPORTED) + TC_TOKEN_ERR (CKR_SESSION_READ_ONLY) + TC_TOKEN_ERR (CKR_SESSION_EXISTS) + TC_TOKEN_ERR (CKR_SESSION_READ_ONLY_EXISTS) + TC_TOKEN_ERR (CKR_SESSION_READ_WRITE_SO_EXISTS) + TC_TOKEN_ERR (CKR_SIGNATURE_INVALID) + TC_TOKEN_ERR (CKR_SIGNATURE_LEN_RANGE) + TC_TOKEN_ERR (CKR_TEMPLATE_INCOMPLETE) + TC_TOKEN_ERR (CKR_TEMPLATE_INCONSISTENT) + TC_TOKEN_ERR (CKR_TOKEN_NOT_PRESENT) + TC_TOKEN_ERR (CKR_TOKEN_NOT_RECOGNIZED) + TC_TOKEN_ERR (CKR_TOKEN_WRITE_PROTECTED) + TC_TOKEN_ERR (CKR_UNWRAPPING_KEY_HANDLE_INVALID) + TC_TOKEN_ERR (CKR_UNWRAPPING_KEY_SIZE_RANGE) + TC_TOKEN_ERR (CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT) + TC_TOKEN_ERR (CKR_USER_ALREADY_LOGGED_IN) + TC_TOKEN_ERR (CKR_USER_NOT_LOGGED_IN) + TC_TOKEN_ERR (CKR_USER_PIN_NOT_INITIALIZED) + TC_TOKEN_ERR (CKR_USER_TYPE_INVALID) + TC_TOKEN_ERR (CKR_USER_ANOTHER_ALREADY_LOGGED_IN) + TC_TOKEN_ERR (CKR_USER_TOO_MANY_TYPES) + TC_TOKEN_ERR (CKR_WRAPPED_KEY_INVALID) + TC_TOKEN_ERR (CKR_WRAPPED_KEY_LEN_RANGE) + TC_TOKEN_ERR (CKR_WRAPPING_KEY_HANDLE_INVALID) + TC_TOKEN_ERR (CKR_WRAPPING_KEY_SIZE_RANGE) + TC_TOKEN_ERR (CKR_WRAPPING_KEY_TYPE_INCONSISTENT) + TC_TOKEN_ERR (CKR_RANDOM_SEED_NOT_SUPPORTED) + TC_TOKEN_ERR (CKR_RANDOM_NO_RNG) + TC_TOKEN_ERR (CKR_DOMAIN_PARAMS_INVALID) + TC_TOKEN_ERR (CKR_BUFFER_TOO_SMALL) + TC_TOKEN_ERR (CKR_SAVED_STATE_INVALID) + TC_TOKEN_ERR (CKR_INFORMATION_SENSITIVE) + TC_TOKEN_ERR (CKR_STATE_UNSAVEABLE) + TC_TOKEN_ERR (CKR_CRYPTOKI_NOT_INITIALIZED) + TC_TOKEN_ERR (CKR_CRYPTOKI_ALREADY_INITIALIZED) + TC_TOKEN_ERR (CKR_MUTEX_BAD) + TC_TOKEN_ERR (CKR_MUTEX_NOT_LOCKED) + TC_TOKEN_ERR (CKR_NEW_PIN_MODE) + TC_TOKEN_ERR (CKR_NEXT_OTP) + TC_TOKEN_ERR (CKR_FUNCTION_REJECTED) + +#undef TC_TOKEN_ERR + }; + + + for (size_t i = 0; i < array_capacity (ErrorStrings); ++i) + { + if (ErrorStrings[i].ErrorCode == ErrorCode) + return ErrorStrings[i].ErrorString; + } + + stringstream s; + s << "0x" << hex << ErrorCode; + return s.str(); + + } + +#ifdef TC_HEADER_Common_Exception + void Pkcs11Exception::Show (HWND parent) const + { + string errorString = string (*this); + + if (!errorString.empty()) + { + wstringstream subjectErrorCode; + if (SubjectErrorCodeValid) + subjectErrorCode << L": " << SubjectErrorCode; + + if (!GetDictionaryValue (errorString.c_str())) + { + if (errorString.find ("CKR_") == 0) + { + errorString = errorString.substr (4); + for (size_t i = 0; i < errorString.size(); ++i) + { + if (errorString[i] == '_') + errorString[i] = ' '; + } + } + wchar_t err[8192]; + StringCbPrintfW (err, sizeof(err),L"%s:\n\n%hs%s", GetString ("SECURITY_TOKEN_ERROR"), errorString.c_str(), subjectErrorCode.str().c_str()); + ErrorDirect (err, parent); + } + else + { + wstring err = GetString (errorString.c_str()); + + if (SubjectErrorCodeValid) + err += L"\n\nError code" + subjectErrorCode.str(); + + ErrorDirect (err.c_str(), parent); + } + } + } +#endif // TC_HEADER_Common_Exception + + auto_ptr SecurityToken::PinCallback; + auto_ptr SecurityToken::WarningCallback; + + bool SecurityToken::Initialized; + CK_FUNCTION_LIST_PTR SecurityToken::Pkcs11Functions; + map SecurityToken::Sessions; + +#ifdef TC_WINDOWS + HMODULE SecurityToken::Pkcs11LibraryHandle; +#else + void *SecurityToken::Pkcs11LibraryHandle; +#endif + +#ifdef TC_HEADER_Platform_Exception + + void Pkcs11Exception::Deserialize (shared_ptr stream) + { + Exception::Deserialize (stream); + Serializer sr (stream); + uint64 code; + sr.Deserialize ("ErrorCode", code); + sr.Deserialize ("SubjectErrorCodeValid", SubjectErrorCodeValid); + sr.Deserialize ("SubjectErrorCode", SubjectErrorCode); + ErrorCode = (CK_RV) code; + } + + void Pkcs11Exception::Serialize (shared_ptr stream) const + { + Exception::Serialize (stream); + Serializer sr (stream); + sr.Serialize ("ErrorCode", (uint64) ErrorCode); + sr.Serialize ("SubjectErrorCodeValid", SubjectErrorCodeValid); + sr.Serialize ("SubjectErrorCode", SubjectErrorCode); + } + +# define TC_EXCEPTION(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE) +# undef TC_EXCEPTION_NODECL +# define TC_EXCEPTION_NODECL(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE) + + TC_SERIALIZER_FACTORY_ADD_EXCEPTION_SET (SecurityTokenException); + +#endif +} diff --git a/src/Common/SecurityToken.h b/src/Common/SecurityToken.h index 9c6c47cf..00d543a2 100644 --- a/src/Common/SecurityToken.h +++ b/src/Common/SecurityToken.h @@ -1,226 +1,226 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Common_SecurityToken -#define TC_HEADER_Common_SecurityToken - -#include "Platform/PlatformBase.h" -#if defined (TC_WINDOWS) && !defined (TC_PROTOTYPE) -# include "Exception.h" -#else -# include "Platform/Exception.h" -#endif - -#ifndef NULL_PTR -# define NULL_PTR 0 -#endif -#define CK_PTR * -#define CK_CALLBACK_FUNCTION(RET_TYPE, NAME) RET_TYPE (* NAME) - -#ifdef TC_WINDOWS - -# include - -# define CK_DEFINE_FUNCTION(RET_TYPE, NAME) RET_TYPE __declspec(dllexport) NAME -# define CK_DECLARE_FUNCTION(RET_TYPE, NAME) RET_TYPE __declspec(dllimport) NAME -# define CK_DECLARE_FUNCTION_POINTER(RET_TYPE, NAME) RET_TYPE __declspec(dllimport) (* NAME) - -# pragma pack(push, cryptoki, 1) -# include -# pragma pack(pop, cryptoki) - -#else // !TC_WINDOWS - -# define CK_DEFINE_FUNCTION(RET_TYPE, NAME) RET_TYPE NAME -# define CK_DECLARE_FUNCTION(RET_TYPE, NAME) RET_TYPE NAME -# define CK_DECLARE_FUNCTION_POINTER(RET_TYPE, NAME) RET_TYPE (* NAME) - -# include - -#endif // !TC_WINDOWS - - -#define TC_SECURITY_TOKEN_KEYFILE_URL_PREFIX L"token://" -#define TC_SECURITY_TOKEN_KEYFILE_URL_SLOT L"slot" -#define TC_SECURITY_TOKEN_KEYFILE_URL_FILE L"file" - -namespace VeraCrypt -{ - struct SecurityTokenInfo - { - CK_SLOT_ID SlotId; - CK_FLAGS Flags; - wstring Label; - string LabelUtf8; - }; - - struct SecurityTokenKeyfilePath - { - SecurityTokenKeyfilePath () { } - SecurityTokenKeyfilePath (const wstring &path) : Path (path) { } - operator wstring () const { return Path; } - wstring Path; - }; - - struct SecurityTokenKeyfile - { - SecurityTokenKeyfile () : Handle(CK_INVALID_HANDLE), SlotId(CK_UNAVAILABLE_INFORMATION) { Token.SlotId = CK_UNAVAILABLE_INFORMATION; Token.Flags = 0; } - SecurityTokenKeyfile (const SecurityTokenKeyfilePath &path, char* pin = nullptr); - - operator SecurityTokenKeyfilePath () const; - - CK_OBJECT_HANDLE Handle; - wstring Id; - string IdUtf8; - CK_SLOT_ID SlotId; - SecurityTokenInfo Token; - }; - - struct Pkcs11Exception : public Exception - { - Pkcs11Exception (CK_RV errorCode = (CK_RV) -1) - : ErrorCode (errorCode), - SubjectErrorCodeValid (false), - SubjectErrorCode( (uint64) -1) - { - } - - Pkcs11Exception (CK_RV errorCode, uint64 subjectErrorCode) - : ErrorCode (errorCode), - SubjectErrorCodeValid (true), - SubjectErrorCode (subjectErrorCode) - { - } - -#ifdef TC_HEADER_Platform_Exception - virtual ~Pkcs11Exception () throw () { } - TC_SERIALIZABLE_EXCEPTION (Pkcs11Exception); -#else - void Show (HWND parent) const; -#endif - operator string () const; - CK_RV GetErrorCode () const { return ErrorCode; } - - protected: - CK_RV ErrorCode; - bool SubjectErrorCodeValid; - uint64 SubjectErrorCode; - }; - - -#ifdef TC_HEADER_Platform_Exception - -#define TC_EXCEPTION(NAME) TC_EXCEPTION_DECL(NAME,Exception) - -#undef TC_EXCEPTION_SET -#define TC_EXCEPTION_SET \ - TC_EXCEPTION_NODECL (Pkcs11Exception); \ - TC_EXCEPTION (InvalidSecurityTokenKeyfilePath); \ - TC_EXCEPTION (SecurityTokenLibraryNotInitialized); \ - TC_EXCEPTION (SecurityTokenKeyfileAlreadyExists); \ - TC_EXCEPTION (SecurityTokenKeyfileNotFound); - - TC_EXCEPTION_SET; - -#undef TC_EXCEPTION - -#else // !TC_HEADER_Platform_Exception - - struct SecurityTokenLibraryNotInitialized : public Exception - { - void Show (HWND parent) const { Error (SecurityTokenLibraryPath[0] == 0 ? "NO_PKCS11_MODULE_SPECIFIED" : "PKCS11_MODULE_INIT_FAILED", parent); } - }; - - struct InvalidSecurityTokenKeyfilePath : public Exception - { - void Show (HWND parent) const { Error ("INVALID_TOKEN_KEYFILE_PATH", parent); } - }; - - struct SecurityTokenKeyfileAlreadyExists : public Exception - { - void Show (HWND parent) const { Error ("TOKEN_KEYFILE_ALREADY_EXISTS", parent); } - }; - - struct SecurityTokenKeyfileNotFound : public Exception - { - void Show (HWND parent) const { Error ("TOKEN_KEYFILE_NOT_FOUND", parent); } - }; - -#endif // !TC_HEADER_Platform_Exception - - - struct Pkcs11Session - { - Pkcs11Session () : Handle (CK_UNAVAILABLE_INFORMATION), UserLoggedIn (false) { } - - CK_SESSION_HANDLE Handle; - bool UserLoggedIn; - }; - - struct GetPinFunctor - { - virtual ~GetPinFunctor () { } - virtual void operator() (string &str) = 0; - }; - - struct SendExceptionFunctor - { - virtual ~SendExceptionFunctor () { } - virtual void operator() (const Exception &e) = 0; - }; - - class SecurityToken - { - public: - static void CloseAllSessions () throw (); - static void CloseLibrary (); - static void CreateKeyfile (CK_SLOT_ID slotId, vector &keyfileData, const string &name); - static void DeleteKeyfile (const SecurityTokenKeyfile &keyfile); - static vector GetAvailableKeyfiles (CK_SLOT_ID *slotIdFilter = nullptr, const wstring keyfileIdFilter = wstring(), char* pin = nullptr); - static void GetKeyfileData (const SecurityTokenKeyfile &keyfile, vector &keyfileData); - static void GetKeyfileData (const SecurityTokenKeyfile &keyfile, char* pin, vector &keyfileData); - static list GetAvailableTokens (); - static SecurityTokenInfo GetTokenInfo (CK_SLOT_ID slotId); -#ifdef TC_WINDOWS - static void InitLibrary (const wstring &pkcs11LibraryPath, auto_ptr pinCallback, auto_ptr warningCallback); -#else - static void InitLibrary (const string &pkcs11LibraryPath, auto_ptr pinCallback, auto_ptr warningCallback); -#endif - static bool IsInitialized () { return Initialized; } - static bool IsKeyfilePathValid (const wstring &securityTokenKeyfilePath); - - static const size_t MaxPasswordLength = 128; - - protected: - static void CloseSession (CK_SLOT_ID slotId); - static vector GetObjects (CK_SLOT_ID slotId, CK_ATTRIBUTE_TYPE objectClass); - static void GetObjectAttribute (CK_SLOT_ID slotId, CK_OBJECT_HANDLE tokenObject, CK_ATTRIBUTE_TYPE attributeType, vector &attributeValue); - static list GetTokenSlots (); - static void Login (CK_SLOT_ID slotId, const char* pin); - static void LoginUserIfRequired (CK_SLOT_ID slotId, char* cmdPin = nullptr); - static void OpenSession (CK_SLOT_ID slotId); - static void CheckLibraryStatus (); - - static bool Initialized; - static auto_ptr PinCallback; - static CK_FUNCTION_LIST_PTR Pkcs11Functions; -#ifdef TC_WINDOWS - static HMODULE Pkcs11LibraryHandle; -#else - static void *Pkcs11LibraryHandle; -#endif - static map Sessions; - static auto_ptr WarningCallback; - }; -} - -#endif // TC_HEADER_Common_SecurityToken +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Common_SecurityToken +#define TC_HEADER_Common_SecurityToken + +#include "Platform/PlatformBase.h" +#if defined (TC_WINDOWS) && !defined (TC_PROTOTYPE) +# include "Exception.h" +#else +# include "Platform/Exception.h" +#endif + +#ifndef NULL_PTR +# define NULL_PTR 0 +#endif +#define CK_PTR * +#define CK_CALLBACK_FUNCTION(RET_TYPE, NAME) RET_TYPE (* NAME) + +#ifdef TC_WINDOWS + +# include + +# define CK_DEFINE_FUNCTION(RET_TYPE, NAME) RET_TYPE __declspec(dllexport) NAME +# define CK_DECLARE_FUNCTION(RET_TYPE, NAME) RET_TYPE __declspec(dllimport) NAME +# define CK_DECLARE_FUNCTION_POINTER(RET_TYPE, NAME) RET_TYPE __declspec(dllimport) (* NAME) + +# pragma pack(push, cryptoki, 1) +# include +# pragma pack(pop, cryptoki) + +#else // !TC_WINDOWS + +# define CK_DEFINE_FUNCTION(RET_TYPE, NAME) RET_TYPE NAME +# define CK_DECLARE_FUNCTION(RET_TYPE, NAME) RET_TYPE NAME +# define CK_DECLARE_FUNCTION_POINTER(RET_TYPE, NAME) RET_TYPE (* NAME) + +# include + +#endif // !TC_WINDOWS + + +#define TC_SECURITY_TOKEN_KEYFILE_URL_PREFIX L"token://" +#define TC_SECURITY_TOKEN_KEYFILE_URL_SLOT L"slot" +#define TC_SECURITY_TOKEN_KEYFILE_URL_FILE L"file" + +namespace VeraCrypt +{ + struct SecurityTokenInfo + { + CK_SLOT_ID SlotId; + CK_FLAGS Flags; + wstring Label; + string LabelUtf8; + }; + + struct SecurityTokenKeyfilePath + { + SecurityTokenKeyfilePath () { } + SecurityTokenKeyfilePath (const wstring &path) : Path (path) { } + operator wstring () const { return Path; } + wstring Path; + }; + + struct SecurityTokenKeyfile + { + SecurityTokenKeyfile () : Handle(CK_INVALID_HANDLE), SlotId(CK_UNAVAILABLE_INFORMATION) { Token.SlotId = CK_UNAVAILABLE_INFORMATION; Token.Flags = 0; } + SecurityTokenKeyfile (const SecurityTokenKeyfilePath &path, char* pin = nullptr); + + operator SecurityTokenKeyfilePath () const; + + CK_OBJECT_HANDLE Handle; + wstring Id; + string IdUtf8; + CK_SLOT_ID SlotId; + SecurityTokenInfo Token; + }; + + struct Pkcs11Exception : public Exception + { + Pkcs11Exception (CK_RV errorCode = (CK_RV) -1) + : ErrorCode (errorCode), + SubjectErrorCodeValid (false), + SubjectErrorCode( (uint64) -1) + { + } + + Pkcs11Exception (CK_RV errorCode, uint64 subjectErrorCode) + : ErrorCode (errorCode), + SubjectErrorCodeValid (true), + SubjectErrorCode (subjectErrorCode) + { + } + +#ifdef TC_HEADER_Platform_Exception + virtual ~Pkcs11Exception () throw () { } + TC_SERIALIZABLE_EXCEPTION (Pkcs11Exception); +#else + void Show (HWND parent) const; +#endif + operator string () const; + CK_RV GetErrorCode () const { return ErrorCode; } + + protected: + CK_RV ErrorCode; + bool SubjectErrorCodeValid; + uint64 SubjectErrorCode; + }; + + +#ifdef TC_HEADER_Platform_Exception + +#define TC_EXCEPTION(NAME) TC_EXCEPTION_DECL(NAME,Exception) + +#undef TC_EXCEPTION_SET +#define TC_EXCEPTION_SET \ + TC_EXCEPTION_NODECL (Pkcs11Exception); \ + TC_EXCEPTION (InvalidSecurityTokenKeyfilePath); \ + TC_EXCEPTION (SecurityTokenLibraryNotInitialized); \ + TC_EXCEPTION (SecurityTokenKeyfileAlreadyExists); \ + TC_EXCEPTION (SecurityTokenKeyfileNotFound); + + TC_EXCEPTION_SET; + +#undef TC_EXCEPTION + +#else // !TC_HEADER_Platform_Exception + + struct SecurityTokenLibraryNotInitialized : public Exception + { + void Show (HWND parent) const { Error (SecurityTokenLibraryPath[0] == 0 ? "NO_PKCS11_MODULE_SPECIFIED" : "PKCS11_MODULE_INIT_FAILED", parent); } + }; + + struct InvalidSecurityTokenKeyfilePath : public Exception + { + void Show (HWND parent) const { Error ("INVALID_TOKEN_KEYFILE_PATH", parent); } + }; + + struct SecurityTokenKeyfileAlreadyExists : public Exception + { + void Show (HWND parent) const { Error ("TOKEN_KEYFILE_ALREADY_EXISTS", parent); } + }; + + struct SecurityTokenKeyfileNotFound : public Exception + { + void Show (HWND parent) const { Error ("TOKEN_KEYFILE_NOT_FOUND", parent); } + }; + +#endif // !TC_HEADER_Platform_Exception + + + struct Pkcs11Session + { + Pkcs11Session () : Handle (CK_UNAVAILABLE_INFORMATION), UserLoggedIn (false) { } + + CK_SESSION_HANDLE Handle; + bool UserLoggedIn; + }; + + struct GetPinFunctor + { + virtual ~GetPinFunctor () { } + virtual void operator() (string &str) = 0; + }; + + struct SendExceptionFunctor + { + virtual ~SendExceptionFunctor () { } + virtual void operator() (const Exception &e) = 0; + }; + + class SecurityToken + { + public: + static void CloseAllSessions () throw (); + static void CloseLibrary (); + static void CreateKeyfile (CK_SLOT_ID slotId, vector &keyfileData, const string &name); + static void DeleteKeyfile (const SecurityTokenKeyfile &keyfile); + static vector GetAvailableKeyfiles (CK_SLOT_ID *slotIdFilter = nullptr, const wstring keyfileIdFilter = wstring(), char* pin = nullptr); + static void GetKeyfileData (const SecurityTokenKeyfile &keyfile, vector &keyfileData); + static void GetKeyfileData (const SecurityTokenKeyfile &keyfile, char* pin, vector &keyfileData); + static list GetAvailableTokens (); + static SecurityTokenInfo GetTokenInfo (CK_SLOT_ID slotId); +#ifdef TC_WINDOWS + static void InitLibrary (const wstring &pkcs11LibraryPath, auto_ptr pinCallback, auto_ptr warningCallback); +#else + static void InitLibrary (const string &pkcs11LibraryPath, auto_ptr pinCallback, auto_ptr warningCallback); +#endif + static bool IsInitialized () { return Initialized; } + static bool IsKeyfilePathValid (const wstring &securityTokenKeyfilePath); + + static const size_t MaxPasswordLength = 128; + + protected: + static void CloseSession (CK_SLOT_ID slotId); + static vector GetObjects (CK_SLOT_ID slotId, CK_ATTRIBUTE_TYPE objectClass); + static void GetObjectAttribute (CK_SLOT_ID slotId, CK_OBJECT_HANDLE tokenObject, CK_ATTRIBUTE_TYPE attributeType, vector &attributeValue); + static list GetTokenSlots (); + static void Login (CK_SLOT_ID slotId, const char* pin); + static void LoginUserIfRequired (CK_SLOT_ID slotId, char* cmdPin = nullptr); + static void OpenSession (CK_SLOT_ID slotId); + static void CheckLibraryStatus (); + + static bool Initialized; + static auto_ptr PinCallback; + static CK_FUNCTION_LIST_PTR Pkcs11Functions; +#ifdef TC_WINDOWS + static HMODULE Pkcs11LibraryHandle; +#else + static void *Pkcs11LibraryHandle; +#endif + static map Sessions; + static auto_ptr WarningCallback; + }; +} + +#endif // TC_HEADER_Common_SecurityToken diff --git a/src/Common/Sources b/src/Common/Sources index 98dbb93e..5e49829f 100644 --- a/src/Common/Sources +++ b/src/Common/Sources @@ -1,17 +1,17 @@ -TARGETNAME=Common -TARGETTYPE=DRIVER_LIBRARY - -INCLUDES = ..;../Crypto - -SOURCES = \ - Cache.c \ - Crc.c \ - Crypto.c \ - EncryptionThreadPool.c \ - Endian.c \ - GfMul.c \ - Pkcs5.c \ - Volumes.c \ - Xts.c \ - Tests.c \ - Wipe.c +TARGETNAME=Common +TARGETTYPE=DRIVER_LIBRARY + +INCLUDES = ..;../Crypto + +SOURCES = \ + Cache.c \ + Crc.c \ + Crypto.c \ + EncryptionThreadPool.c \ + Endian.c \ + GfMul.c \ + Pkcs5.c \ + Volumes.c \ + Xts.c \ + Tests.c \ + Wipe.c diff --git a/src/Common/Tcdefs.h b/src/Common/Tcdefs.h index 02744401..85cb01d0 100644 --- a/src/Common/Tcdefs.h +++ b/src/Common/Tcdefs.h @@ -1,323 +1,323 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifndef TCDEFS_H -#define TCDEFS_H - -#define TC_APP_NAME "VeraCrypt" - -// Version displayed to user -#define VERSION_STRING "1.17" - -// Version number to compare against driver -#define VERSION_NUM 0x0117 - -// Release date -#define TC_STR_RELEASE_DATE L"February 13th, 2016" -#define TC_RELEASE_DATE_YEAR 2016 -#define TC_RELEASE_DATE_MONTH 2 - -#define BYTES_PER_KB 1024LL -#define BYTES_PER_MB 1048576LL -#define BYTES_PER_GB 1073741824LL -#define BYTES_PER_TB 1099511627776LL -#define BYTES_PER_PB 1125899906842624LL - -/* GUI/driver errors */ - -#define WIDE(x) (LPWSTR)L##x - -#ifdef _MSC_VER - -typedef __int8 int8; -typedef __int16 int16; -typedef __int32 int32; -typedef unsigned __int8 byte; -typedef unsigned __int16 uint16; -typedef unsigned __int32 uint32; - -#ifdef TC_NO_COMPILER_INT64 -typedef unsigned __int32 TC_LARGEST_COMPILER_UINT; -#else -typedef unsigned __int64 TC_LARGEST_COMPILER_UINT; -typedef __int64 int64; -typedef unsigned __int64 uint64; -#define LL(x) x##ui64 -#endif - -#else // !_MSC_VER - -#include -#include - -typedef int8_t int8; -typedef int16_t int16; -typedef int32_t int32; -typedef int64_t int64; -typedef uint8_t byte; -typedef uint16_t uint16; -typedef uint32_t uint32; -typedef uint64_t uint64; - -#define LL(x) x##ULL - -#if UCHAR_MAX != 0xffU -#error UCHAR_MAX != 0xff -#endif -#define __int8 char - -#if USHRT_MAX != 0xffffU -#error USHRT_MAX != 0xffff -#endif -#define __int16 short - -#if UINT_MAX != 0xffffffffU -#error UINT_MAX != 0xffffffff -#endif -#define __int32 int - -typedef uint64 TC_LARGEST_COMPILER_UINT; - -#define BOOL int -#ifndef FALSE -#define FALSE 0 -#define TRUE 1 -#endif - -#endif // !_MSC_VER - -#define TC_INT_TYPES_DEFINED - -// Integer types required by Cryptolib -typedef unsigned __int8 uint_8t; -typedef unsigned __int16 uint_16t; -typedef unsigned __int32 uint_32t; -#ifndef TC_NO_COMPILER_INT64 -typedef uint64 uint_64t; -#endif - -typedef union -{ - struct - { - unsigned __int32 LowPart; - unsigned __int32 HighPart; - }; -#ifndef TC_NO_COMPILER_INT64 - uint64 Value; -#endif - -} UINT64_STRUCT; - -#ifndef __has_builtin // Optional of course -#define __has_builtin(x) 0 // Compatibility with non-clang compilers -#endif - -#ifdef TC_WINDOWS_BOOT - -# ifdef __cplusplus -extern "C" -# endif -void ThrowFatalException (int line); - -# define TC_THROW_FATAL_EXCEPTION ThrowFatalException (__LINE__) -#elif defined (TC_WINDOWS_DRIVER) -# define TC_THROW_FATAL_EXCEPTION KeBugCheckEx (SECURITY_SYSTEM, __LINE__, 0, 0, 'VC') -#elif (defined(__clang__) && __has_builtin(__builtin_trap)) \ - || (defined(__GNUC__ ) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 3))) \ - || (__has_builtin(__builtin_trap)) -# define TC_THROW_FATAL_EXCEPTION __builtin_trap() -#else -# define TC_THROW_FATAL_EXCEPTION *(char *) 0 = 0 -#endif - -#ifdef __COVERITY__ -#undef TC_THROW_FATAL_EXCEPTION -#define TC_THROW_FATAL_EXCEPTION __coverity_panic__() -#endif - -#ifdef TC_WINDOWS_DRIVER - -#include -#include /* Standard header file for nt drivers */ -#include /* Standard I/O control codes */ - -#define TCalloc(size) ((void *) ExAllocatePoolWithTag( NonPagedPool, size, 'MMCV' )) -#define TCfree(memblock) ExFreePoolWithTag( memblock, 'MMCV' ) - -#define DEVICE_DRIVER - -#ifndef BOOL -typedef int BOOL; -#endif - -#ifndef TRUE -#define TRUE 1 -#endif - -#ifndef FALSE -#define FALSE !TRUE -#endif - -#else /* !TC_WINDOWS_DRIVER */ - -#define TCalloc malloc -#define TCfree free - -#ifdef _WIN32 - -#ifndef TC_LOCAL_WIN32_WINNT_OVERRIDE -# undef _WIN32_WINNT -# define _WIN32_WINNT 0x0501 /* Does not apply to the driver */ -#endif - -#include /* Windows header */ -#include /* The common controls */ -#include /* Process control */ -#include -#include /* For sprintf */ -#include - -#endif /* _WIN32 */ - -#endif /* !TC_WINDOWS_DRIVER */ - -#ifndef TC_TO_STRING -# define TC_TO_STRING2(n) #n -# define TC_TO_STRING(n) TC_TO_STRING2(n) -#endif - -#ifdef DEVICE_DRIVER -# if defined (DEBUG) || 0 -# if 1 // DbgPrintEx is not available on Windows 2000 -# define Dump DbgPrint -# else -# define Dump(...) DbgPrintEx (DPFLTR_IHVDRIVER_ID, DPFLTR_ERROR_LEVEL, __VA_ARGS__) -# endif -# define DumpMem(...) DumpMemory (__VA_ARGS__) -# else -# define Dump(...) -# define DumpMem(...) -# endif -#endif - -#if !defined (trace_msg) && !defined (TC_WINDOWS_BOOT) -# ifdef DEBUG -# ifdef DEVICE_DRIVER -# define trace_msg Dump -# elif defined (_WIN32) -# define trace_msg(...) do { char msg[2048]; StringCbPrintfA (msg, sizeof (msg), __VA_ARGS__); OutputDebugString (msg); } while (0) -# endif -# define trace_point trace_msg (__FUNCTION__ ":" TC_TO_STRING(__LINE__) "\n") -# else -# define trace_msg(...) -# define trace_point -# endif -#endif - -#ifdef DEVICE_DRIVER -# define TC_EVENT KEVENT -# define TC_WAIT_EVENT(EVENT) KeWaitForSingleObject (&EVENT, Executive, KernelMode, FALSE, NULL) -#elif defined (_WIN32) -# define TC_EVENT HANDLE -# define TC_WAIT_EVENT(EVENT) WaitForSingleObject (EVENT, INFINITE) -#endif - -#ifdef _WIN32 -#define burn(mem,size) do { volatile char *burnm = (volatile char *)(mem); size_t burnc = size; RtlSecureZeroMemory (mem, size); while (burnc--) *burnm++ = 0; } while (0) -#else -#define burn(mem,size) do { volatile char *burnm = (volatile char *)(mem); int burnc = size; while (burnc--) *burnm++ = 0; } while (0) -#endif - -// The size of the memory area to wipe is in bytes amd it must be a multiple of 8. -#ifndef TC_NO_COMPILER_INT64 -# define FAST_ERASE64(mem,size) do { volatile uint64 *burnm = (volatile uint64 *)(mem); int burnc = size >> 3; while (burnc--) *burnm++ = 0; } while (0) -#else -# define FAST_ERASE64(mem,size) do { volatile unsigned __int32 *burnm = (volatile unsigned __int32 *)(mem); int burnc = size >> 2; while (burnc--) *burnm++ = 0; } while (0) -#endif - -#ifdef TC_WINDOWS_BOOT -# ifndef max -# define max(a,b) (((a) > (b)) ? (a) : (b)) -# endif - -# ifdef __cplusplus -extern "C" -# endif -void EraseMemory (void *memory, int size); - -# undef burn -# define burn EraseMemory -#endif - -#ifdef MAX_PATH -#define TC_MAX_PATH MAX_PATH -#else -#define TC_MAX_PATH 260 /* Includes the null terminator */ -#endif - -#define TC_STR_RELEASED_BY L"Released by IDRIX on " TC_STR_RELEASE_DATE - -#define MAX_URL_LENGTH 2084 /* Internet Explorer limit. Includes the terminating null character. */ - -#define TC_HOMEPAGE "http://www.idrix.fr/" -#define TC_APPLINK "https://veracrypt.codeplex.com" -#define TC_APPLINK_SECURE "https://veracrypt.codeplex.com" - -enum -{ - /* WARNING: ADD ANY NEW CODES AT THE END (DO NOT INSERT THEM BETWEEN EXISTING). DO *NOT* DELETE ANY - EXISTING CODES! Changing these values or their meanings may cause incompatibility with other versions - (for example, if a new version of the TrueCrypt installer receives an error code from an installed - driver whose version is lower, it will report and interpret the error incorrectly). */ - - ERR_SUCCESS = 0, - ERR_OS_ERROR = 1, - ERR_OUTOFMEMORY = 2, - ERR_PASSWORD_WRONG = 3, - ERR_VOL_FORMAT_BAD = 4, - ERR_DRIVE_NOT_FOUND = 5, - ERR_FILES_OPEN = 6, - ERR_VOL_SIZE_WRONG = 7, - ERR_COMPRESSION_NOT_SUPPORTED = 8, - ERR_PASSWORD_CHANGE_VOL_TYPE = 9, - ERR_PASSWORD_CHANGE_VOL_VERSION = 10, - ERR_VOL_SEEKING = 11, - ERR_VOL_WRITING = 12, - ERR_FILES_OPEN_LOCK = 13, - ERR_VOL_READING = 14, - ERR_DRIVER_VERSION = 15, - ERR_NEW_VERSION_REQUIRED = 16, - ERR_CIPHER_INIT_FAILURE = 17, - ERR_CIPHER_INIT_WEAK_KEY = 18, - ERR_SELF_TESTS_FAILED = 19, - ERR_SECTOR_SIZE_INCOMPATIBLE = 20, - ERR_VOL_ALREADY_MOUNTED = 21, - ERR_NO_FREE_DRIVES = 22, - ERR_FILE_OPEN_FAILED = 23, - ERR_VOL_MOUNT_FAILED = 24, - DEPRECATED_ERR_INVALID_DEVICE = 25, - ERR_ACCESS_DENIED = 26, - ERR_MODE_INIT_FAILED = 27, - ERR_DONT_REPORT = 28, - ERR_ENCRYPTION_NOT_COMPLETED = 29, - ERR_PARAMETER_INCORRECT = 30, - ERR_SYS_HIDVOL_HEAD_REENC_MODE_WRONG = 31, - ERR_NONSYS_INPLACE_ENC_INCOMPLETE = 32, - ERR_USER_ABORT = 33, - ERR_UNSUPPORTED_TRUECRYPT_FORMAT = 34, - ERR_RAND_INIT_FAILED = 35, - ERR_CAPI_INIT_FAILED = 36 -}; - -#endif // #ifndef TCDEFS_H +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifndef TCDEFS_H +#define TCDEFS_H + +#define TC_APP_NAME "VeraCrypt" + +// Version displayed to user +#define VERSION_STRING "1.17" + +// Version number to compare against driver +#define VERSION_NUM 0x0117 + +// Release date +#define TC_STR_RELEASE_DATE L"February 13th, 2016" +#define TC_RELEASE_DATE_YEAR 2016 +#define TC_RELEASE_DATE_MONTH 2 + +#define BYTES_PER_KB 1024LL +#define BYTES_PER_MB 1048576LL +#define BYTES_PER_GB 1073741824LL +#define BYTES_PER_TB 1099511627776LL +#define BYTES_PER_PB 1125899906842624LL + +/* GUI/driver errors */ + +#define WIDE(x) (LPWSTR)L##x + +#ifdef _MSC_VER + +typedef __int8 int8; +typedef __int16 int16; +typedef __int32 int32; +typedef unsigned __int8 byte; +typedef unsigned __int16 uint16; +typedef unsigned __int32 uint32; + +#ifdef TC_NO_COMPILER_INT64 +typedef unsigned __int32 TC_LARGEST_COMPILER_UINT; +#else +typedef unsigned __int64 TC_LARGEST_COMPILER_UINT; +typedef __int64 int64; +typedef unsigned __int64 uint64; +#define LL(x) x##ui64 +#endif + +#else // !_MSC_VER + +#include +#include + +typedef int8_t int8; +typedef int16_t int16; +typedef int32_t int32; +typedef int64_t int64; +typedef uint8_t byte; +typedef uint16_t uint16; +typedef uint32_t uint32; +typedef uint64_t uint64; + +#define LL(x) x##ULL + +#if UCHAR_MAX != 0xffU +#error UCHAR_MAX != 0xff +#endif +#define __int8 char + +#if USHRT_MAX != 0xffffU +#error USHRT_MAX != 0xffff +#endif +#define __int16 short + +#if UINT_MAX != 0xffffffffU +#error UINT_MAX != 0xffffffff +#endif +#define __int32 int + +typedef uint64 TC_LARGEST_COMPILER_UINT; + +#define BOOL int +#ifndef FALSE +#define FALSE 0 +#define TRUE 1 +#endif + +#endif // !_MSC_VER + +#define TC_INT_TYPES_DEFINED + +// Integer types required by Cryptolib +typedef unsigned __int8 uint_8t; +typedef unsigned __int16 uint_16t; +typedef unsigned __int32 uint_32t; +#ifndef TC_NO_COMPILER_INT64 +typedef uint64 uint_64t; +#endif + +typedef union +{ + struct + { + unsigned __int32 LowPart; + unsigned __int32 HighPart; + }; +#ifndef TC_NO_COMPILER_INT64 + uint64 Value; +#endif + +} UINT64_STRUCT; + +#ifndef __has_builtin // Optional of course +#define __has_builtin(x) 0 // Compatibility with non-clang compilers +#endif + +#ifdef TC_WINDOWS_BOOT + +# ifdef __cplusplus +extern "C" +# endif +void ThrowFatalException (int line); + +# define TC_THROW_FATAL_EXCEPTION ThrowFatalException (__LINE__) +#elif defined (TC_WINDOWS_DRIVER) +# define TC_THROW_FATAL_EXCEPTION KeBugCheckEx (SECURITY_SYSTEM, __LINE__, 0, 0, 'VC') +#elif (defined(__clang__) && __has_builtin(__builtin_trap)) \ + || (defined(__GNUC__ ) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 3))) \ + || (__has_builtin(__builtin_trap)) +# define TC_THROW_FATAL_EXCEPTION __builtin_trap() +#else +# define TC_THROW_FATAL_EXCEPTION *(char *) 0 = 0 +#endif + +#ifdef __COVERITY__ +#undef TC_THROW_FATAL_EXCEPTION +#define TC_THROW_FATAL_EXCEPTION __coverity_panic__() +#endif + +#ifdef TC_WINDOWS_DRIVER + +#include +#include /* Standard header file for nt drivers */ +#include /* Standard I/O control codes */ + +#define TCalloc(size) ((void *) ExAllocatePoolWithTag( NonPagedPool, size, 'MMCV' )) +#define TCfree(memblock) ExFreePoolWithTag( memblock, 'MMCV' ) + +#define DEVICE_DRIVER + +#ifndef BOOL +typedef int BOOL; +#endif + +#ifndef TRUE +#define TRUE 1 +#endif + +#ifndef FALSE +#define FALSE !TRUE +#endif + +#else /* !TC_WINDOWS_DRIVER */ + +#define TCalloc malloc +#define TCfree free + +#ifdef _WIN32 + +#ifndef TC_LOCAL_WIN32_WINNT_OVERRIDE +# undef _WIN32_WINNT +# define _WIN32_WINNT 0x0501 /* Does not apply to the driver */ +#endif + +#include /* Windows header */ +#include /* The common controls */ +#include /* Process control */ +#include +#include /* For sprintf */ +#include + +#endif /* _WIN32 */ + +#endif /* !TC_WINDOWS_DRIVER */ + +#ifndef TC_TO_STRING +# define TC_TO_STRING2(n) #n +# define TC_TO_STRING(n) TC_TO_STRING2(n) +#endif + +#ifdef DEVICE_DRIVER +# if defined (DEBUG) || 0 +# if 1 // DbgPrintEx is not available on Windows 2000 +# define Dump DbgPrint +# else +# define Dump(...) DbgPrintEx (DPFLTR_IHVDRIVER_ID, DPFLTR_ERROR_LEVEL, __VA_ARGS__) +# endif +# define DumpMem(...) DumpMemory (__VA_ARGS__) +# else +# define Dump(...) +# define DumpMem(...) +# endif +#endif + +#if !defined (trace_msg) && !defined (TC_WINDOWS_BOOT) +# ifdef DEBUG +# ifdef DEVICE_DRIVER +# define trace_msg Dump +# elif defined (_WIN32) +# define trace_msg(...) do { char msg[2048]; StringCbPrintfA (msg, sizeof (msg), __VA_ARGS__); OutputDebugString (msg); } while (0) +# endif +# define trace_point trace_msg (__FUNCTION__ ":" TC_TO_STRING(__LINE__) "\n") +# else +# define trace_msg(...) +# define trace_point +# endif +#endif + +#ifdef DEVICE_DRIVER +# define TC_EVENT KEVENT +# define TC_WAIT_EVENT(EVENT) KeWaitForSingleObject (&EVENT, Executive, KernelMode, FALSE, NULL) +#elif defined (_WIN32) +# define TC_EVENT HANDLE +# define TC_WAIT_EVENT(EVENT) WaitForSingleObject (EVENT, INFINITE) +#endif + +#ifdef _WIN32 +#define burn(mem,size) do { volatile char *burnm = (volatile char *)(mem); size_t burnc = size; RtlSecureZeroMemory (mem, size); while (burnc--) *burnm++ = 0; } while (0) +#else +#define burn(mem,size) do { volatile char *burnm = (volatile char *)(mem); int burnc = size; while (burnc--) *burnm++ = 0; } while (0) +#endif + +// The size of the memory area to wipe is in bytes amd it must be a multiple of 8. +#ifndef TC_NO_COMPILER_INT64 +# define FAST_ERASE64(mem,size) do { volatile uint64 *burnm = (volatile uint64 *)(mem); int burnc = size >> 3; while (burnc--) *burnm++ = 0; } while (0) +#else +# define FAST_ERASE64(mem,size) do { volatile unsigned __int32 *burnm = (volatile unsigned __int32 *)(mem); int burnc = size >> 2; while (burnc--) *burnm++ = 0; } while (0) +#endif + +#ifdef TC_WINDOWS_BOOT +# ifndef max +# define max(a,b) (((a) > (b)) ? (a) : (b)) +# endif + +# ifdef __cplusplus +extern "C" +# endif +void EraseMemory (void *memory, int size); + +# undef burn +# define burn EraseMemory +#endif + +#ifdef MAX_PATH +#define TC_MAX_PATH MAX_PATH +#else +#define TC_MAX_PATH 260 /* Includes the null terminator */ +#endif + +#define TC_STR_RELEASED_BY L"Released by IDRIX on " TC_STR_RELEASE_DATE + +#define MAX_URL_LENGTH 2084 /* Internet Explorer limit. Includes the terminating null character. */ + +#define TC_HOMEPAGE "http://www.idrix.fr/" +#define TC_APPLINK "https://veracrypt.codeplex.com" +#define TC_APPLINK_SECURE "https://veracrypt.codeplex.com" + +enum +{ + /* WARNING: ADD ANY NEW CODES AT THE END (DO NOT INSERT THEM BETWEEN EXISTING). DO *NOT* DELETE ANY + EXISTING CODES! Changing these values or their meanings may cause incompatibility with other versions + (for example, if a new version of the TrueCrypt installer receives an error code from an installed + driver whose version is lower, it will report and interpret the error incorrectly). */ + + ERR_SUCCESS = 0, + ERR_OS_ERROR = 1, + ERR_OUTOFMEMORY = 2, + ERR_PASSWORD_WRONG = 3, + ERR_VOL_FORMAT_BAD = 4, + ERR_DRIVE_NOT_FOUND = 5, + ERR_FILES_OPEN = 6, + ERR_VOL_SIZE_WRONG = 7, + ERR_COMPRESSION_NOT_SUPPORTED = 8, + ERR_PASSWORD_CHANGE_VOL_TYPE = 9, + ERR_PASSWORD_CHANGE_VOL_VERSION = 10, + ERR_VOL_SEEKING = 11, + ERR_VOL_WRITING = 12, + ERR_FILES_OPEN_LOCK = 13, + ERR_VOL_READING = 14, + ERR_DRIVER_VERSION = 15, + ERR_NEW_VERSION_REQUIRED = 16, + ERR_CIPHER_INIT_FAILURE = 17, + ERR_CIPHER_INIT_WEAK_KEY = 18, + ERR_SELF_TESTS_FAILED = 19, + ERR_SECTOR_SIZE_INCOMPATIBLE = 20, + ERR_VOL_ALREADY_MOUNTED = 21, + ERR_NO_FREE_DRIVES = 22, + ERR_FILE_OPEN_FAILED = 23, + ERR_VOL_MOUNT_FAILED = 24, + DEPRECATED_ERR_INVALID_DEVICE = 25, + ERR_ACCESS_DENIED = 26, + ERR_MODE_INIT_FAILED = 27, + ERR_DONT_REPORT = 28, + ERR_ENCRYPTION_NOT_COMPLETED = 29, + ERR_PARAMETER_INCORRECT = 30, + ERR_SYS_HIDVOL_HEAD_REENC_MODE_WRONG = 31, + ERR_NONSYS_INPLACE_ENC_INCOMPLETE = 32, + ERR_USER_ABORT = 33, + ERR_UNSUPPORTED_TRUECRYPT_FORMAT = 34, + ERR_RAND_INIT_FAILED = 35, + ERR_CAPI_INIT_FAILED = 36 +}; + +#endif // #ifndef TCDEFS_H diff --git a/src/Common/Tests.c b/src/Common/Tests.c index b1b67dfc..8dc72d2c 100644 --- a/src/Common/Tests.c +++ b/src/Common/Tests.c @@ -1,1155 +1,1155 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" -#include "Crc.h" -#include "Crypto.h" -#include "Common/Endian.h" -#include "Tests.h" -#include "Xts.h" -#include -#include "Pkcs5.h" - -typedef struct { - unsigned __int8 key1[32]; - unsigned __int8 key2[32]; - unsigned __int8 dataUnitNo[8]; - unsigned int blockNo; - unsigned __int8 plaintext[ENCRYPTION_DATA_UNIT_SIZE]; - unsigned __int8 ciphertext[ENCRYPTION_DATA_UNIT_SIZE]; -} XTS_TEST; - -#define XTS_TEST_COUNT 5 - -XTS_TEST XTS_vectors[XTS_TEST_COUNT] = { -/* XTS-AES-256 */ -{ - // IEEE 1619 - Vector 10 - - { 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45, 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26, 0x62, 0x49, 0x77, 0x57, 0x24, 0x70, 0x93, 0x69, 0x99, 0x59, 0x57, 0x49, 0x66, 0x96, 0x76, 0x27 }, - { 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93, 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95, 0x02, 0x88, 0x41, 0x97, 0x16, 0x93, 0x99, 0x37, 0x51, 0x05, 0x82, 0x09, 0x74, 0x94, 0x45, 0x92 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff }, - 0, - { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, - 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, - 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, - 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, - 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, - 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, - 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, - 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, - 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, - 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, - 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff - }, - { - 0x1c, 0x3b, 0x3a, 0x10, 0x2f, 0x77, 0x03, 0x86, 0xe4, 0x83, 0x6c, 0x99, 0xe3, 0x70, 0xcf, 0x9b, 0xea, 0x00, 0x80, 0x3f, 0x5e, 0x48, 0x23, 0x57, 0xa4, 0xae, 0x12, 0xd4, 0x14, 0xa3, 0xe6, 0x3b, - 0x5d, 0x31, 0xe2, 0x76, 0xf8, 0xfe, 0x4a, 0x8d, 0x66, 0xb3, 0x17, 0xf9, 0xac, 0x68, 0x3f, 0x44, 0x68, 0x0a, 0x86, 0xac, 0x35, 0xad, 0xfc, 0x33, 0x45, 0xbe, 0xfe, 0xcb, 0x4b, 0xb1, 0x88, 0xfd, - 0x57, 0x76, 0x92, 0x6c, 0x49, 0xa3, 0x09, 0x5e, 0xb1, 0x08, 0xfd, 0x10, 0x98, 0xba, 0xec, 0x70, 0xaa, 0xa6, 0x69, 0x99, 0xa7, 0x2a, 0x82, 0xf2, 0x7d, 0x84, 0x8b, 0x21, 0xd4, 0xa7, 0x41, 0xb0, - 0xc5, 0xcd, 0x4d, 0x5f, 0xff, 0x9d, 0xac, 0x89, 0xae, 0xba, 0x12, 0x29, 0x61, 0xd0, 0x3a, 0x75, 0x71, 0x23, 0xe9, 0x87, 0x0f, 0x8a, 0xcf, 0x10, 0x00, 0x02, 0x08, 0x87, 0x89, 0x14, 0x29, 0xca, - 0x2a, 0x3e, 0x7a, 0x7d, 0x7d, 0xf7, 0xb1, 0x03, 0x55, 0x16, 0x5c, 0x8b, 0x9a, 0x6d, 0x0a, 0x7d, 0xe8, 0xb0, 0x62, 0xc4, 0x50, 0x0d, 0xc4, 0xcd, 0x12, 0x0c, 0x0f, 0x74, 0x18, 0xda, 0xe3, 0xd0, - 0xb5, 0x78, 0x1c, 0x34, 0x80, 0x3f, 0xa7, 0x54, 0x21, 0xc7, 0x90, 0xdf, 0xe1, 0xde, 0x18, 0x34, 0xf2, 0x80, 0xd7, 0x66, 0x7b, 0x32, 0x7f, 0x6c, 0x8c, 0xd7, 0x55, 0x7e, 0x12, 0xac, 0x3a, 0x0f, - 0x93, 0xec, 0x05, 0xc5, 0x2e, 0x04, 0x93, 0xef, 0x31, 0xa1, 0x2d, 0x3d, 0x92, 0x60, 0xf7, 0x9a, 0x28, 0x9d, 0x6a, 0x37, 0x9b, 0xc7, 0x0c, 0x50, 0x84, 0x14, 0x73, 0xd1, 0xa8, 0xcc, 0x81, 0xec, - 0x58, 0x3e, 0x96, 0x45, 0xe0, 0x7b, 0x8d, 0x96, 0x70, 0x65, 0x5b, 0xa5, 0xbb, 0xcf, 0xec, 0xc6, 0xdc, 0x39, 0x66, 0x38, 0x0a, 0xd8, 0xfe, 0xcb, 0x17, 0xb6, 0xba, 0x02, 0x46, 0x9a, 0x02, 0x0a, - 0x84, 0xe1, 0x8e, 0x8f, 0x84, 0x25, 0x20, 0x70, 0xc1, 0x3e, 0x9f, 0x1f, 0x28, 0x9b, 0xe5, 0x4f, 0xbc, 0x48, 0x14, 0x57, 0x77, 0x8f, 0x61, 0x60, 0x15, 0xe1, 0x32, 0x7a, 0x02, 0xb1, 0x40, 0xf1, - 0x50, 0x5e, 0xb3, 0x09, 0x32, 0x6d, 0x68, 0x37, 0x8f, 0x83, 0x74, 0x59, 0x5c, 0x84, 0x9d, 0x84, 0xf4, 0xc3, 0x33, 0xec, 0x44, 0x23, 0x88, 0x51, 0x43, 0xcb, 0x47, 0xbd, 0x71, 0xc5, 0xed, 0xae, - 0x9b, 0xe6, 0x9a, 0x2f, 0xfe, 0xce, 0xb1, 0xbe, 0xc9, 0xde, 0x24, 0x4f, 0xbe, 0x15, 0x99, 0x2b, 0x11, 0xb7, 0x7c, 0x04, 0x0f, 0x12, 0xbd, 0x8f, 0x6a, 0x97, 0x5a, 0x44, 0xa0, 0xf9, 0x0c, 0x29, - 0xa9, 0xab, 0xc3, 0xd4, 0xd8, 0x93, 0x92, 0x72, 0x84, 0xc5, 0x87, 0x54, 0xcc, 0xe2, 0x94, 0x52, 0x9f, 0x86, 0x14, 0xdc, 0xd2, 0xab, 0xa9, 0x91, 0x92, 0x5f, 0xed, 0xc4, 0xae, 0x74, 0xff, 0xac, - 0x6e, 0x33, 0x3b, 0x93, 0xeb, 0x4a, 0xff, 0x04, 0x79, 0xda, 0x9a, 0x41, 0x0e, 0x44, 0x50, 0xe0, 0xdd, 0x7a, 0xe4, 0xc6, 0xe2, 0x91, 0x09, 0x00, 0x57, 0x5d, 0xa4, 0x01, 0xfc, 0x07, 0x05, 0x9f, - 0x64, 0x5e, 0x8b, 0x7e, 0x9b, 0xfd, 0xef, 0x33, 0x94, 0x30, 0x54, 0xff, 0x84, 0x01, 0x14, 0x93, 0xc2, 0x7b, 0x34, 0x29, 0xea, 0xed, 0xb4, 0xed, 0x53, 0x76, 0x44, 0x1a, 0x77, 0xed, 0x43, 0x85, - 0x1a, 0xd7, 0x7f, 0x16, 0xf5, 0x41, 0xdf, 0xd2, 0x69, 0xd5, 0x0d, 0x6a, 0x5f, 0x14, 0xfb, 0x0a, 0xab, 0x1c, 0xbb, 0x4c, 0x15, 0x50, 0xbe, 0x97, 0xf7, 0xab, 0x40, 0x66, 0x19, 0x3c, 0x4c, 0xaa, - 0x77, 0x3d, 0xad, 0x38, 0x01, 0x4b, 0xd2, 0x09, 0x2f, 0xa7, 0x55, 0xc8, 0x24, 0xbb, 0x5e, 0x54, 0xc4, 0xf3, 0x6f, 0xfd, 0xa9, 0xfc, 0xea, 0x70, 0xb9, 0xc6, 0xe6, 0x93, 0xe1, 0x48, 0xc1, 0x51 - } -}, -{ - // IEEE 1619 - Vector 11 - - { 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45, 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26, 0x62, 0x49, 0x77, 0x57, 0x24, 0x70, 0x93, 0x69, 0x99, 0x59, 0x57, 0x49, 0x66, 0x96, 0x76, 0x27 }, - { 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93, 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95, 0x02, 0x88, 0x41, 0x97, 0x16, 0x93, 0x99, 0x37, 0x51, 0x05, 0x82, 0x09, 0x74, 0x94, 0x45, 0x92 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff }, - 0, - { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, - 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, - 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, - 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, - 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, - 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, - 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, - 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, - 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, - 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, - 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff - }, - { - 0x77, 0xa3, 0x12, 0x51, 0x61, 0x8a, 0x15, 0xe6, 0xb9, 0x2d, 0x1d, 0x66, 0xdf, 0xfe, 0x7b, 0x50, 0xb5, 0x0b, 0xad, 0x55, 0x23, 0x05, 0xba, 0x02, 0x17, 0xa6, 0x10, 0x68, 0x8e, 0xff, 0x7e, 0x11, - 0xe1, 0xd0, 0x22, 0x54, 0x38, 0xe0, 0x93, 0x24, 0x2d, 0x6d, 0xb2, 0x74, 0xfd, 0xe8, 0x01, 0xd4, 0xca, 0xe0, 0x6f, 0x20, 0x92, 0xc7, 0x28, 0xb2, 0x47, 0x85, 0x59, 0xdf, 0x58, 0xe8, 0x37, 0xc2, - 0x46, 0x9e, 0xe4, 0xa4, 0xfa, 0x79, 0x4e, 0x4b, 0xbc, 0x7f, 0x39, 0xbc, 0x02, 0x6e, 0x3c, 0xb7, 0x2c, 0x33, 0xb0, 0x88, 0x8f, 0x25, 0xb4, 0xac, 0xf5, 0x6a, 0x2a, 0x98, 0x04, 0xf1, 0xce, 0x6d, - 0x3d, 0x6e, 0x1d, 0xc6, 0xca, 0x18, 0x1d, 0x4b, 0x54, 0x61, 0x79, 0xd5, 0x55, 0x44, 0xaa, 0x77, 0x60, 0xc4, 0x0d, 0x06, 0x74, 0x15, 0x39, 0xc7, 0xe3, 0xcd, 0x9d, 0x2f, 0x66, 0x50, 0xb2, 0x01, - 0x3f, 0xd0, 0xee, 0xb8, 0xc2, 0xb8, 0xe3, 0xd8, 0xd2, 0x40, 0xcc, 0xae, 0x2d, 0x4c, 0x98, 0x32, 0x0a, 0x74, 0x42, 0xe1, 0xc8, 0xd7, 0x5a, 0x42, 0xd6, 0xe6, 0xcf, 0xa4, 0xc2, 0xec, 0xa1, 0x79, - 0x8d, 0x15, 0x8c, 0x7a, 0xec, 0xdf, 0x82, 0x49, 0x0f, 0x24, 0xbb, 0x9b, 0x38, 0xe1, 0x08, 0xbc, 0xda, 0x12, 0xc3, 0xfa, 0xf9, 0xa2, 0x11, 0x41, 0xc3, 0x61, 0x3b, 0x58, 0x36, 0x7f, 0x92, 0x2a, - 0xaa, 0x26, 0xcd, 0x22, 0xf2, 0x3d, 0x70, 0x8d, 0xae, 0x69, 0x9a, 0xd7, 0xcb, 0x40, 0xa8, 0xad, 0x0b, 0x6e, 0x27, 0x84, 0x97, 0x3d, 0xcb, 0x60, 0x56, 0x84, 0xc0, 0x8b, 0x8d, 0x69, 0x98, 0xc6, - 0x9a, 0xac, 0x04, 0x99, 0x21, 0x87, 0x1e, 0xbb, 0x65, 0x30, 0x1a, 0x46, 0x19, 0xca, 0x80, 0xec, 0xb4, 0x85, 0xa3, 0x1d, 0x74, 0x42, 0x23, 0xce, 0x8d, 0xdc, 0x23, 0x94, 0x82, 0x8d, 0x6a, 0x80, - 0x47, 0x0c, 0x09, 0x2f, 0x5b, 0xa4, 0x13, 0xc3, 0x37, 0x8f, 0xa6, 0x05, 0x42, 0x55, 0xc6, 0xf9, 0xdf, 0x44, 0x95, 0x86, 0x2b, 0xbb, 0x32, 0x87, 0x68, 0x1f, 0x93, 0x1b, 0x68, 0x7c, 0x88, 0x8a, - 0xbf, 0x84, 0x4d, 0xfc, 0x8f, 0xc2, 0x83, 0x31, 0xe5, 0x79, 0x92, 0x8c, 0xd1, 0x2b, 0xd2, 0x39, 0x0a, 0xe1, 0x23, 0xcf, 0x03, 0x81, 0x8d, 0x14, 0xde, 0xdd, 0xe5, 0xc0, 0xc2, 0x4c, 0x8a, 0xb0, - 0x18, 0xbf, 0xca, 0x75, 0xca, 0x09, 0x6f, 0x2d, 0x53, 0x1f, 0x3d, 0x16, 0x19, 0xe7, 0x85, 0xf1, 0xad, 0xa4, 0x37, 0xca, 0xb9, 0x2e, 0x98, 0x05, 0x58, 0xb3, 0xdc, 0xe1, 0x47, 0x4a, 0xfb, 0x75, - 0xbf, 0xed, 0xbf, 0x8f, 0xf5, 0x4c, 0xb2, 0x61, 0x8e, 0x02, 0x44, 0xc9, 0xac, 0x0d, 0x3c, 0x66, 0xfb, 0x51, 0x59, 0x8c, 0xd2, 0xdb, 0x11, 0xf9, 0xbe, 0x39, 0x79, 0x1a, 0xbe, 0x44, 0x7c, 0x63, - 0x09, 0x4f, 0x7c, 0x45, 0x3b, 0x7f, 0xf8, 0x7c, 0xb5, 0xbb, 0x36, 0xb7, 0xc7, 0x9e, 0xfb, 0x08, 0x72, 0xd1, 0x70, 0x58, 0xb8, 0x3b, 0x15, 0xab, 0x08, 0x66, 0xad, 0x8a, 0x58, 0x65, 0x6c, 0x5a, - 0x7e, 0x20, 0xdb, 0xdf, 0x30, 0x8b, 0x24, 0x61, 0xd9, 0x7c, 0x0e, 0xc0, 0x02, 0x4a, 0x27, 0x15, 0x05, 0x52, 0x49, 0xcf, 0x3b, 0x47, 0x8d, 0xdd, 0x47, 0x40, 0xde, 0x65, 0x4f, 0x75, 0xca, 0x68, - 0x6e, 0x0d, 0x73, 0x45, 0xc6, 0x9e, 0xd5, 0x0c, 0xdc, 0x2a, 0x8b, 0x33, 0x2b, 0x1f, 0x88, 0x24, 0x10, 0x8a, 0xc9, 0x37, 0xeb, 0x05, 0x05, 0x85, 0x60, 0x8e, 0xe7, 0x34, 0x09, 0x7f, 0xc0, 0x90, - 0x54, 0xfb, 0xff, 0x89, 0xee, 0xae, 0xea, 0x79, 0x1f, 0x4a, 0x7a, 0xb1, 0xf9, 0x86, 0x82, 0x94, 0xa4, 0xf9, 0xe2, 0x7b, 0x42, 0xaf, 0x81, 0x00, 0xcb, 0x9d, 0x59, 0xce, 0xf9, 0x64, 0x58, 0x03 - } -}, -{ - // IEEE 1619 - Vector 12 - - { 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45, 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26, 0x62, 0x49, 0x77, 0x57, 0x24, 0x70, 0x93, 0x69, 0x99, 0x59, 0x57, 0x49, 0x66, 0x96, 0x76, 0x27 }, - { 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93, 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95, 0x02, 0x88, 0x41, 0x97, 0x16, 0x93, 0x99, 0x37, 0x51, 0x05, 0x82, 0x09, 0x74, 0x94, 0x45, 0x92 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff }, - 0, - { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, - 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, - 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, - 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, - 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, - 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, - 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, - 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, - 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, - 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, - 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff - }, - { - 0xe3, 0x87, 0xaa, 0xa5, 0x8b, 0xa4, 0x83, 0xaf, 0xa7, 0xe8, 0xeb, 0x46, 0x97, 0x78, 0x31, 0x7e, 0xcf, 0x4c, 0xf5, 0x73, 0xaa, 0x9d, 0x4e, 0xac, 0x23, 0xf2, 0xcd, 0xf9, 0x14, 0xe4, 0xe2, 0x00, - 0xa8, 0xb4, 0x90, 0xe4, 0x2e, 0xe6, 0x46, 0x80, 0x2d, 0xc6, 0xee, 0x2b, 0x47, 0x1b, 0x27, 0x81, 0x95, 0xd6, 0x09, 0x18, 0xec, 0xec, 0xb4, 0x4b, 0xf7, 0x99, 0x66, 0xf8, 0x3f, 0xab, 0xa0, 0x49, - 0x92, 0x98, 0xeb, 0xc6, 0x99, 0xc0, 0xc8, 0x63, 0x47, 0x15, 0xa3, 0x20, 0xbb, 0x4f, 0x07, 0x5d, 0x62, 0x2e, 0x74, 0xc8, 0xc9, 0x32, 0x00, 0x4f, 0x25, 0xb4, 0x1e, 0x36, 0x10, 0x25, 0xb5, 0xa8, - 0x78, 0x15, 0x39, 0x1f, 0x61, 0x08, 0xfc, 0x4a, 0xfa, 0x6a, 0x05, 0xd9, 0x30, 0x3c, 0x6b, 0xa6, 0x8a, 0x12, 0x8a, 0x55, 0x70, 0x5d, 0x41, 0x59, 0x85, 0x83, 0x2f, 0xde, 0xaa, 0xe6, 0xc8, 0xe1, - 0x91, 0x10, 0xe8, 0x4d, 0x1b, 0x1f, 0x19, 0x9a, 0x26, 0x92, 0x11, 0x9e, 0xdc, 0x96, 0x13, 0x26, 0x58, 0xf0, 0x9d, 0xa7, 0xc6, 0x23, 0xef, 0xce, 0xc7, 0x12, 0x53, 0x7a, 0x3d, 0x94, 0xc0, 0xbf, - 0x5d, 0x7e, 0x35, 0x2e, 0xc9, 0x4a, 0xe5, 0x79, 0x7f, 0xdb, 0x37, 0x7d, 0xc1, 0x55, 0x11, 0x50, 0x72, 0x1a, 0xdf, 0x15, 0xbd, 0x26, 0xa8, 0xef, 0xc2, 0xfc, 0xaa, 0xd5, 0x68, 0x81, 0xfa, 0x9e, - 0x62, 0x46, 0x2c, 0x28, 0xf3, 0x0a, 0xe1, 0xce, 0xac, 0xa9, 0x3c, 0x34, 0x5c, 0xf2, 0x43, 0xb7, 0x3f, 0x54, 0x2e, 0x20, 0x74, 0xa7, 0x05, 0xbd, 0x26, 0x43, 0xbb, 0x9f, 0x7c, 0xc7, 0x9b, 0xb6, - 0xe7, 0x09, 0x1e, 0xa6, 0xe2, 0x32, 0xdf, 0x0f, 0x9a, 0xd0, 0xd6, 0xcf, 0x50, 0x23, 0x27, 0x87, 0x6d, 0x82, 0x20, 0x7a, 0xbf, 0x21, 0x15, 0xcd, 0xac, 0xf6, 0xd5, 0xa4, 0x8f, 0x6c, 0x18, 0x79, - 0xa6, 0x5b, 0x11, 0x5f, 0x0f, 0x8b, 0x3c, 0xb3, 0xc5, 0x9d, 0x15, 0xdd, 0x8c, 0x76, 0x9b, 0xc0, 0x14, 0x79, 0x5a, 0x18, 0x37, 0xf3, 0x90, 0x1b, 0x58, 0x45, 0xeb, 0x49, 0x1a, 0xdf, 0xef, 0xe0, - 0x97, 0xb1, 0xfa, 0x30, 0xa1, 0x2f, 0xc1, 0xf6, 0x5b, 0xa2, 0x29, 0x05, 0x03, 0x15, 0x39, 0x97, 0x1a, 0x10, 0xf2, 0xf3, 0x6c, 0x32, 0x1b, 0xb5, 0x13, 0x31, 0xcd, 0xef, 0xb3, 0x9e, 0x39, 0x64, - 0xc7, 0xef, 0x07, 0x99, 0x94, 0xf5, 0xb6, 0x9b, 0x2e, 0xdd, 0x83, 0xa7, 0x1e, 0xf5, 0x49, 0x97, 0x1e, 0xe9, 0x3f, 0x44, 0xea, 0xc3, 0x93, 0x8f, 0xcd, 0xd6, 0x1d, 0x01, 0xfa, 0x71, 0x79, 0x9d, - 0xa3, 0xa8, 0x09, 0x1c, 0x4c, 0x48, 0xaa, 0x9e, 0xd2, 0x63, 0xff, 0x07, 0x49, 0xdf, 0x95, 0xd4, 0x4f, 0xef, 0x6a, 0x0b, 0xb5, 0x78, 0xec, 0x69, 0x45, 0x6a, 0xa5, 0x40, 0x8a, 0xe3, 0x2c, 0x7a, - 0xf0, 0x8a, 0xd7, 0xba, 0x89, 0x21, 0x28, 0x7e, 0x3b, 0xbe, 0xe3, 0x1b, 0x76, 0x7b, 0xe0, 0x6a, 0x0e, 0x70, 0x5c, 0x86, 0x4a, 0x76, 0x91, 0x37, 0xdf, 0x28, 0x29, 0x22, 0x83, 0xea, 0x81, 0xa2, - 0x48, 0x02, 0x41, 0xb4, 0x4d, 0x99, 0x21, 0xcd, 0xbe, 0xc1, 0xbc, 0x28, 0xdc, 0x1f, 0xda, 0x11, 0x4b, 0xd8, 0xe5, 0x21, 0x7a, 0xc9, 0xd8, 0xeb, 0xaf, 0xa7, 0x20, 0xe9, 0xda, 0x4f, 0x9a, 0xce, - 0x23, 0x1c, 0xc9, 0x49, 0xe5, 0xb9, 0x6f, 0xe7, 0x6f, 0xfc, 0x21, 0x06, 0x3f, 0xdd, 0xc8, 0x3a, 0x6b, 0x86, 0x79, 0xc0, 0x0d, 0x35, 0xe0, 0x95, 0x76, 0xa8, 0x75, 0x30, 0x5b, 0xed, 0x5f, 0x36, - 0xed, 0x24, 0x2c, 0x89, 0x00, 0xdd, 0x1f, 0xa9, 0x65, 0xbc, 0x95, 0x0d, 0xfc, 0xe0, 0x9b, 0x13, 0x22, 0x63, 0xa1, 0xee, 0xf5, 0x2d, 0xd6, 0x88, 0x8c, 0x30, 0x9f, 0x5a, 0x7d, 0x71, 0x28, 0x26 - } -}, -{ - // IEEE 1619 - Vector 13 - - { 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45, 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26, 0x62, 0x49, 0x77, 0x57, 0x24, 0x70, 0x93, 0x69, 0x99, 0x59, 0x57, 0x49, 0x66, 0x96, 0x76, 0x27 }, - { 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93, 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95, 0x02, 0x88, 0x41, 0x97, 0x16, 0x93, 0x99, 0x37, 0x51, 0x05, 0x82, 0x09, 0x74, 0x94, 0x45, 0x92 }, - { 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff }, - 0, - { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, - 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, - 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, - 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, - 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, - 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, - 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, - 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, - 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, - 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, - 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff - }, - { - 0xbf, 0x53, 0xd2, 0xda, 0xde, 0x78, 0xe8, 0x22, 0xa4, 0xd9, 0x49, 0xa9, 0xbc, 0x67, 0x66, 0xb0, 0x1b, 0x06, 0xa8, 0xef, 0x70, 0xd2, 0x67, 0x48, 0xc6, 0xa7, 0xfc, 0x36, 0xd8, 0x0a, 0xe4, 0xc5, - 0x52, 0x0f, 0x7c, 0x4a, 0xb0, 0xac, 0x85, 0x44, 0x42, 0x4f, 0xa4, 0x05, 0x16, 0x2f, 0xef, 0x5a, 0x6b, 0x7f, 0x22, 0x94, 0x98, 0x06, 0x36, 0x18, 0xd3, 0x9f, 0x00, 0x03, 0xcb, 0x5f, 0xb8, 0xd1, - 0xc8, 0x6b, 0x64, 0x34, 0x97, 0xda, 0x1f, 0xf9, 0x45, 0xc8, 0xd3, 0xbe, 0xde, 0xca, 0x4f, 0x47, 0x97, 0x02, 0xa7, 0xa7, 0x35, 0xf0, 0x43, 0xdd, 0xb1, 0xd6, 0xaa, 0xad, 0xe3, 0xc4, 0xa0, 0xac, - 0x7c, 0xa7, 0xf3, 0xfa, 0x52, 0x79, 0xbe, 0xf5, 0x6f, 0x82, 0xcd, 0x7a, 0x2f, 0x38, 0x67, 0x2e, 0x82, 0x48, 0x14, 0xe1, 0x07, 0x00, 0x30, 0x0a, 0x05, 0x5e, 0x16, 0x30, 0xb8, 0xf1, 0xcb, 0x0e, - 0x91, 0x9f, 0x5e, 0x94, 0x20, 0x10, 0xa4, 0x16, 0xe2, 0xbf, 0x48, 0xcb, 0x46, 0x99, 0x3d, 0x3c, 0xb6, 0xa5, 0x1c, 0x19, 0xba, 0xcf, 0x86, 0x47, 0x85, 0xa0, 0x0b, 0xc2, 0xec, 0xff, 0x15, 0xd3, - 0x50, 0x87, 0x5b, 0x24, 0x6e, 0xd5, 0x3e, 0x68, 0xbe, 0x6f, 0x55, 0xbd, 0x7e, 0x05, 0xcf, 0xc2, 0xb2, 0xed, 0x64, 0x32, 0x19, 0x8a, 0x64, 0x44, 0xb6, 0xd8, 0xc2, 0x47, 0xfa, 0xb9, 0x41, 0xf5, - 0x69, 0x76, 0x8b, 0x5c, 0x42, 0x93, 0x66, 0xf1, 0xd3, 0xf0, 0x0f, 0x03, 0x45, 0xb9, 0x61, 0x23, 0xd5, 0x62, 0x04, 0xc0, 0x1c, 0x63, 0xb2, 0x2c, 0xe7, 0x8b, 0xaf, 0x11, 0x6e, 0x52, 0x5e, 0xd9, - 0x0f, 0xde, 0xa3, 0x9f, 0xa4, 0x69, 0x49, 0x4d, 0x38, 0x66, 0xc3, 0x1e, 0x05, 0xf2, 0x95, 0xff, 0x21, 0xfe, 0xa8, 0xd4, 0xe6, 0xe1, 0x3d, 0x67, 0xe4, 0x7c, 0xe7, 0x22, 0xe9, 0x69, 0x8a, 0x1c, - 0x10, 0x48, 0xd6, 0x8e, 0xbc, 0xde, 0x76, 0xb8, 0x6f, 0xcf, 0x97, 0x6e, 0xab, 0x8a, 0xa9, 0x79, 0x02, 0x68, 0xb7, 0x06, 0x8e, 0x01, 0x7a, 0x8b, 0x9b, 0x74, 0x94, 0x09, 0x51, 0x4f, 0x10, 0x53, - 0x02, 0x7f, 0xd1, 0x6c, 0x37, 0x86, 0xea, 0x1b, 0xac, 0x5f, 0x15, 0xcb, 0x79, 0x71, 0x1e, 0xe2, 0xab, 0xe8, 0x2f, 0x5c, 0xf8, 0xb1, 0x3a, 0xe7, 0x30, 0x30, 0xef, 0x5b, 0x9e, 0x44, 0x57, 0xe7, - 0x5d, 0x13, 0x04, 0xf9, 0x88, 0xd6, 0x2d, 0xd6, 0xfc, 0x4b, 0x94, 0xed, 0x38, 0xba, 0x83, 0x1d, 0xa4, 0xb7, 0x63, 0x49, 0x71, 0xb6, 0xcd, 0x8e, 0xc3, 0x25, 0xd9, 0xc6, 0x1c, 0x00, 0xf1, 0xdf, - 0x73, 0x62, 0x7e, 0xd3, 0x74, 0x5a, 0x5e, 0x84, 0x89, 0xf3, 0xa9, 0x5c, 0x69, 0x63, 0x9c, 0x32, 0xcd, 0x6e, 0x1d, 0x53, 0x7a, 0x85, 0xf7, 0x5c, 0xc8, 0x44, 0x72, 0x6e, 0x8a, 0x72, 0xfc, 0x00, - 0x77, 0xad, 0x22, 0x00, 0x0f, 0x1d, 0x50, 0x78, 0xf6, 0xb8, 0x66, 0x31, 0x8c, 0x66, 0x8f, 0x1a, 0xd0, 0x3d, 0x5a, 0x5f, 0xce, 0xd5, 0x21, 0x9f, 0x2e, 0xab, 0xbd, 0x0a, 0xa5, 0xc0, 0xf4, 0x60, - 0xd1, 0x83, 0xf0, 0x44, 0x04, 0xa0, 0xd6, 0xf4, 0x69, 0x55, 0x8e, 0x81, 0xfa, 0xb2, 0x4a, 0x16, 0x79, 0x05, 0xab, 0x4c, 0x78, 0x78, 0x50, 0x2a, 0xd3, 0xe3, 0x8f, 0xdb, 0xe6, 0x2a, 0x41, 0x55, - 0x6c, 0xec, 0x37, 0x32, 0x57, 0x59, 0x53, 0x3c, 0xe8, 0xf2, 0x5f, 0x36, 0x7c, 0x87, 0xbb, 0x55, 0x78, 0xd6, 0x67, 0xae, 0x93, 0xf9, 0xe2, 0xfd, 0x99, 0xbc, 0xbc, 0x5f, 0x2f, 0xbb, 0xa8, 0x8c, - 0xf6, 0x51, 0x61, 0x39, 0x42, 0x0f, 0xcf, 0xf3, 0xb7, 0x36, 0x1d, 0x86, 0x32, 0x2c, 0x4b, 0xd8, 0x4c, 0x82, 0xf3, 0x35, 0xab, 0xb1, 0x52, 0xc4, 0xa9, 0x34, 0x11, 0x37, 0x3a, 0xaa, 0x82, 0x20 - } -}, -{ - // IEEE 1619 - Vector 14 - - /* This vector must always be the last one in XTS_vectors[] because TestSectorBufEncryption() relies on it. */ - - { 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45, 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26, 0x62, 0x49, 0x77, 0x57, 0x24, 0x70, 0x93, 0x69, 0x99, 0x59, 0x57, 0x49, 0x66, 0x96, 0x76, 0x27 }, - { 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93, 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95, 0x02, 0x88, 0x41, 0x97, 0x16, 0x93, 0x99, 0x37, 0x51, 0x05, 0x82, 0x09, 0x74, 0x94, 0x45, 0x92 }, - { 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff }, - 0, - { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, - 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, - 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, - 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, - 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, - 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, - 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, - 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, - 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, - 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, - 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff - }, - { - 0x64, 0x49, 0x7e, 0x5a, 0x83, 0x1e, 0x4a, 0x93, 0x2c, 0x09, 0xbe, 0x3e, 0x53, 0x93, 0x37, 0x6d, 0xaa, 0x59, 0x95, 0x48, 0xb8, 0x16, 0x03, 0x1d, 0x22, 0x4b, 0xbf, 0x50, 0xa8, 0x18, 0xed, 0x23, - 0x50, 0xea, 0xe7, 0xe9, 0x60, 0x87, 0xc8, 0xa0, 0xdb, 0x51, 0xad, 0x29, 0x0b, 0xd0, 0x0c, 0x1a, 0xc1, 0x62, 0x08, 0x57, 0x63, 0x5b, 0xf2, 0x46, 0xc1, 0x76, 0xab, 0x46, 0x3b, 0xe3, 0x0b, 0x80, - 0x8d, 0xa5, 0x48, 0x08, 0x1a, 0xc8, 0x47, 0xb1, 0x58, 0xe1, 0x26, 0x4b, 0xe2, 0x5b, 0xb0, 0x91, 0x0b, 0xbc, 0x92, 0x64, 0x71, 0x08, 0x08, 0x94, 0x15, 0xd4, 0x5f, 0xab, 0x1b, 0x3d, 0x26, 0x04, - 0xe8, 0xa8, 0xef, 0xf1, 0xae, 0x40, 0x20, 0xcf, 0xa3, 0x99, 0x36, 0xb6, 0x68, 0x27, 0xb2, 0x3f, 0x37, 0x1b, 0x92, 0x20, 0x0b, 0xe9, 0x02, 0x51, 0xe6, 0xd7, 0x3c, 0x5f, 0x86, 0xde, 0x5f, 0xd4, - 0xa9, 0x50, 0x78, 0x19, 0x33, 0xd7, 0x9a, 0x28, 0x27, 0x2b, 0x78, 0x2a, 0x2e, 0xc3, 0x13, 0xef, 0xdf, 0xcc, 0x06, 0x28, 0xf4, 0x3d, 0x74, 0x4c, 0x2d, 0xc2, 0xff, 0x3d, 0xcb, 0x66, 0x99, 0x9b, - 0x50, 0xc7, 0xca, 0x89, 0x5b, 0x0c, 0x64, 0x79, 0x1e, 0xea, 0xa5, 0xf2, 0x94, 0x99, 0xfb, 0x1c, 0x02, 0x6f, 0x84, 0xce, 0x5b, 0x5c, 0x72, 0xba, 0x10, 0x83, 0xcd, 0xdb, 0x5c, 0xe4, 0x54, 0x34, - 0x63, 0x16, 0x65, 0xc3, 0x33, 0xb6, 0x0b, 0x11, 0x59, 0x3f, 0xb2, 0x53, 0xc5, 0x17, 0x9a, 0x2c, 0x8d, 0xb8, 0x13, 0x78, 0x2a, 0x00, 0x48, 0x56, 0xa1, 0x65, 0x30, 0x11, 0xe9, 0x3f, 0xb6, 0xd8, - 0x76, 0xc1, 0x83, 0x66, 0xdd, 0x86, 0x83, 0xf5, 0x34, 0x12, 0xc0, 0xc1, 0x80, 0xf9, 0xc8, 0x48, 0x59, 0x2d, 0x59, 0x3f, 0x86, 0x09, 0xca, 0x73, 0x63, 0x17, 0xd3, 0x56, 0xe1, 0x3e, 0x2b, 0xff, - 0x3a, 0x9f, 0x59, 0xcd, 0x9a, 0xeb, 0x19, 0xcd, 0x48, 0x25, 0x93, 0xd8, 0xc4, 0x61, 0x28, 0xbb, 0x32, 0x42, 0x3b, 0x37, 0xa9, 0xad, 0xfb, 0x48, 0x2b, 0x99, 0x45, 0x3f, 0xbe, 0x25, 0xa4, 0x1b, - 0xf6, 0xfe, 0xb4, 0xaa, 0x0b, 0xef, 0x5e, 0xd2, 0x4b, 0xf7, 0x3c, 0x76, 0x29, 0x78, 0x02, 0x54, 0x82, 0xc1, 0x31, 0x15, 0xe4, 0x01, 0x5a, 0xac, 0x99, 0x2e, 0x56, 0x13, 0xa3, 0xb5, 0xc2, 0xf6, - 0x85, 0xb8, 0x47, 0x95, 0xcb, 0x6e, 0x9b, 0x26, 0x56, 0xd8, 0xc8, 0x81, 0x57, 0xe5, 0x2c, 0x42, 0xf9, 0x78, 0xd8, 0x63, 0x4c, 0x43, 0xd0, 0x6f, 0xea, 0x92, 0x8f, 0x28, 0x22, 0xe4, 0x65, 0xaa, - 0x65, 0x76, 0xe9, 0xbf, 0x41, 0x93, 0x84, 0x50, 0x6c, 0xc3, 0xce, 0x3c, 0x54, 0xac, 0x1a, 0x6f, 0x67, 0xdc, 0x66, 0xf3, 0xb3, 0x01, 0x91, 0xe6, 0x98, 0x38, 0x0b, 0xc9, 0x99, 0xb0, 0x5a, 0xbc, - 0xe1, 0x9d, 0xc0, 0xc6, 0xdc, 0xc2, 0xdd, 0x00, 0x1e, 0xc5, 0x35, 0xba, 0x18, 0xde, 0xb2, 0xdf, 0x1a, 0x10, 0x10, 0x23, 0x10, 0x83, 0x18, 0xc7, 0x5d, 0xc9, 0x86, 0x11, 0xa0, 0x9d, 0xc4, 0x8a, - 0x0a, 0xcd, 0xec, 0x67, 0x6f, 0xab, 0xdf, 0x22, 0x2f, 0x07, 0xe0, 0x26, 0xf0, 0x59, 0xb6, 0x72, 0xb5, 0x6e, 0x5c, 0xbc, 0x8e, 0x1d, 0x21, 0xbb, 0xd8, 0x67, 0xdd, 0x92, 0x72, 0x12, 0x05, 0x46, - 0x81, 0xd7, 0x0e, 0xa7, 0x37, 0x13, 0x4c, 0xdf, 0xce, 0x93, 0xb6, 0xf8, 0x2a, 0xe2, 0x24, 0x23, 0x27, 0x4e, 0x58, 0xa0, 0x82, 0x1c, 0xc5, 0x50, 0x2e, 0x2d, 0x0a, 0xb4, 0x58, 0x5e, 0x94, 0xde, - 0x69, 0x75, 0xbe, 0x5e, 0x0b, 0x4e, 0xfc, 0xe5, 0x1c, 0xd3, 0xe7, 0x0c, 0x25, 0xa1, 0xfb, 0xbb, 0xd6, 0x09, 0xd2, 0x73, 0xad, 0x5b, 0x0d, 0x59, 0x63, 0x1c, 0x53, 0x1f, 0x6a, 0x0a, 0x57, 0xb9 - } -} }; // XTS_TEST XTS_vectors[] - - -BOOL XTSAesTest (PCRYPTO_INFO ci) -{ - unsigned __int8 p[ENCRYPTION_DATA_UNIT_SIZE]; - UINT64_STRUCT dataUnitNo; - int i; - - for (i = 0; i < XTS_TEST_COUNT; i++) - { - ci->ea = EAGetByName (L"AES"); - if (ci->ea == 0) - return FALSE; - - ci->mode = XTS; - - if (EAInit (ci->ea, XTS_vectors[i].key1, ci->ks) != ERR_SUCCESS) - return FALSE; - - memcpy (&ci->k2, XTS_vectors[i].key2, sizeof (XTS_vectors[i].key2)); - - if (!EAInitMode (ci)) - return FALSE; - - memcpy (p, XTS_vectors[i].plaintext, sizeof (p)); - - dataUnitNo.Value = BE64 (*((unsigned __int64 *) XTS_vectors[i].dataUnitNo)); - - EncryptBufferXTS (p, sizeof (p), &dataUnitNo, XTS_vectors[i].blockNo, (unsigned char *) (ci->ks), (unsigned char *) ci->ks2, AES); - - if (memcmp (XTS_vectors[i].ciphertext, p, sizeof (p)) != 0) - return FALSE; - } - - return TRUE; -} - - -// AES ECB test vectors FIPS-197 - -#define AES_TEST_COUNT 1 - -typedef struct { - unsigned char key[32]; - unsigned char plaintext[16]; - unsigned char ciphertext[16]; - } AES_TEST; - -AES_TEST aes_ecb_vectors[AES_TEST_COUNT] = { -0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f, -0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f, - -0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xaa,0xbb,0xcc,0xdd,0xee,0xff, - -0x8e,0xa2,0xb7,0xca,0x51,0x67,0x45,0xbf,0xea,0xfc,0x49,0x90,0x4b,0x49,0x60,0x89 -}; - -// Serpent ECB test vectors - -#define SERPENT_TEST_COUNT 1 - -typedef struct { - unsigned char key[32]; - unsigned char plaintext[16]; - unsigned char ciphertext[16]; - } SERPENT_TEST; - -SERPENT_TEST serpent_vectors[SERPENT_TEST_COUNT] = { -0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, -0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - -0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, -0xde, 0x26, 0x9f, 0xf8, 0x33, 0xe4, 0x32, 0xb8, 0x5b, 0x2e, 0x88, 0xd2, 0x70, 0x1c, 0xe7, 0x5c -}; - -// Twofish ECB test vectors - -#define TWOFISH_TEST_COUNT 1 - -typedef struct { - unsigned char key[32]; - unsigned char plaintext[16]; - unsigned char ciphertext[16]; - } TWOFISH_TEST; - -TWOFISH_TEST twofish_vectors[TWOFISH_TEST_COUNT] = { -0xD4, 0x3B, 0xB7, 0x55, 0x6E, 0xA3, 0x2E, 0x46, 0xF2, 0xA2, 0x82, 0xB7, 0xD4, 0x5B, 0x4E, 0x0D, -0x57, 0xFF, 0x73, 0x9D, 0x4D, 0xC9, 0x2C, 0x1B, 0xD7, 0xFC, 0x01, 0x70, 0x0C, 0xC8, 0x21, 0x6F, - -0x90, 0xAF, 0xE9, 0x1B, 0xB2, 0x88, 0x54, 0x4F, 0x2C, 0x32, 0xDC, 0x23, 0x9B, 0x26, 0x35, 0xE6, -0x6C, 0xB4, 0x56, 0x1C, 0x40, 0xBF, 0x0A, 0x97, 0x05, 0x93, 0x1C, 0xB6, 0xD4, 0x08, 0xE7, 0xFA -}; - -/* Test vectors from FIPS 198a, RFC 4231, RFC 2104, RFC 2202, and other sources. */ - -char *hmac_sha256_test_keys[] = -{ - "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", - "Jefe", - "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", - "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19", - "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", - "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", -}; - -char *hmac_sha256_test_data[] = -{ - "Hi There", - "what do ya want for nothing?", - "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd", - "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd", - "Test Using Larger Than Block-Size Key - Hash Key First", - "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.", -}; - -char *hmac_sha256_test_vectors[] = -{ - "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32\xcf\xf7", - "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec\x38\x43", - "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5\x65\xfe", - "\x82\x55\x8a\x38\x9a\x44\x3c\x0e\xa4\xcc\x81\x98\x99\xf2\x08\x3a\x85\xf0\xfa\xa3\xe5\x78\xf8\x07\x7a\x2e\x3f\xf4\x67\x29\x66\x5b", - "\x60\xe4\x31\x59\x1e\xe0\xb6\x7f\x0d\x8a\x26\xaa\xcb\xf5\xb7\x7f\x8e\x0b\xc6\x21\x37\x28\xc5\x14\x05\x46\x04\x0f\x0e\xe3\x7f\x54", - "\x9b\x09\xff\xa7\x1b\x94\x2f\xcb\x27\x63\x5f\xbc\xd5\xb0\xe9\x44\xbf\xdc\x63\x64\x4f\x07\x13\x93\x8a\x7f\x51\x53\x5c\x3a\x35\xe2", -}; - -char *hmac_sha512_test_keys[] = -{ - "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", - "Jefe", - "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", - "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19", - "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", - "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", -}; - -char *hmac_sha512_test_data[] = -{ - "Hi There", - "what do ya want for nothing?", - "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd", - "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd", - "Test Using Larger Than Block-Size Key - Hash Key First", - "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.", -}; - -char *hmac_sha512_test_vectors[] = -{ - "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20\x3a\x12\x68\x54", - "\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0\xa3\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25\x05\x54\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8\xf0\xe6\xfd\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a\x38\xbc\xe7\x37", - "\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b\xe9\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27\x9d\x39\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e\x67\xc8\x07\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59\xe1\x32\x92\xfb", - "\xb0\xba\x46\x56\x37\x45\x8c\x69\x90\xe5\xa8\xc5\xf6\x1d\x4a\xf7\xe5\x76\xd9\x7f\xf9\x4b\x87\x2d\xe7\x6f\x80\x50\x36\x1e\xe3\xdb\xa9\x1c\xa5\xc1\x1a\xa2\x5e\xb4\xd6\x79\x27\x5c\xc5\x78\x80\x63\xa5\xf1\x97\x41\x12\x0c\x4f\x2d\xe2\xad\xeb\xeb\x10\xa2\x98\xdd", - "\x80\xb2\x42\x63\xc7\xc1\xa3\xeb\xb7\x14\x93\xc1\xdd\x7b\xe8\xb4\x9b\x46\xd1\xf4\x1b\x4a\xee\xc1\x12\x1b\x01\x37\x83\xf8\xf3\x52\x6b\x56\xd0\x37\xe0\x5f\x25\x98\xbd\x0f\xd2\x21\x5d\x6a\x1e\x52\x95\xe6\x4f\x73\xf6\x3f\x0a\xec\x8b\x91\x5a\x98\x5d\x78\x65\x98", - "\xe3\x7b\x6a\x77\x5d\xc8\x7d\xba\xa4\xdf\xa9\xf9\x6e\x5e\x3f\xfd\xde\xbd\x71\xf8\x86\x72\x89\x86\x5d\xf5\xa3\x2d\x20\xcd\xc9\x44\xb6\x02\x2c\xac\x3c\x49\x82\xb1\x0d\x5e\xeb\x55\xc3\xe4\xde\x15\x13\x46\x76\xfb\x6d\xe0\x44\x60\x65\xc9\x74\x40\xfa\x8c\x6a\x58", -}; - -char *hmac_ripemd160_test_keys[] = -{ - "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xdd\xee\xff\x01\x23\x45\x67", - "\x01\x23\x45\x67\x89\xab\xcd\xef\xfe\xdc\xba\x98\x76\x54\x32\x10\x00\x11\x22\x33", -}; - -char *hmac_ripemd160_test_data[] = -{ - "message digest", - "12345678901234567890123456789012345678901234567890123456789012345678901234567890", -}; - -char *hmac_ripemd160_test_vectors[] = -{ - "\xf8\x36\x62\xcc\x8d\x33\x9c\x22\x7e\x60\x0f\xcd\x63\x6c\x57\xd2\x57\x1b\x1c\x34", - "\x85\xf1\x64\x70\x3e\x61\xa6\x31\x31\xbe\x7e\x45\x95\x8e\x07\x94\x12\x39\x04\xf9", -}; - -char *hmac_whirlpool_test_key = -{ - "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" -}; - -char *hmac_whirlpool_test_data = -{ - "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -}; - -char *hmac_whirlpool_test_vectors = -{ - "\x03\x91\xd2\x80\x00\xb6\x62\xbb\xb8\xe6\x23\x3e\xe8\x6c\xf2\xb2\x84\x74\x4c\x73" - "\x8b\x58\x00\xba\x28\x12\xed\x52\x6f\xe3\x15\x3a\xb1\xba\xe7\xe2\x36\xbe\x96\x54" - "\x49\x3f\x19\xfa\xce\xa6\x44\x1f\x60\xf5\xf0\x18\x93\x09\x11\xa5\xe5\xce\xd8\xf2" - "\x6a\xbf\xa4\x02" -}; - -unsigned char ks_tmp[MAX_EXPANDED_KEY]; - -void CipherInit2(int cipher, void* key, void* ks, int key_len) -{ - switch (cipher) - { - - case AES: - CipherInit(cipher,key,ks); - break; - - case SERPENT: - CipherInit(cipher,key,ks); - break; - - case TWOFISH: - CipherInit(cipher,key,ks); - break; - - default: - /* Unknown/wrong ID */ - TC_THROW_FATAL_EXCEPTION; - } -} - - -BOOL TestSectorBufEncryption (PCRYPTO_INFO ci) -{ - unsigned char buf [ENCRYPTION_DATA_UNIT_SIZE * 4]; - unsigned int i; - wchar_t name[64]; - unsigned __int32 crc; - UINT64_STRUCT unitNo; - uint32 nbrUnits; - unsigned __int64 writeOffset; - int testCase = 0; - int nTestsPerformed = 0; - - static unsigned char key1[] = - { - 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45, 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26, 0x62, 0x49, 0x77, 0x57, 0x24, 0x70, 0x93, 0x69, 0x99, 0x59, 0x57, 0x49, 0x66, 0x96, 0x76, 0x27, - 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93, 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95, 0x02, 0x88, 0x41, 0x97, 0x16, 0x93, 0x99, 0x37, 0x51, 0x05, 0x82, 0x09, 0x74, 0x94, 0x45, 0x92, - 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13 - }; - - - /* Encryption/decryption of data units (typically, volume data sectors) */ - - nbrUnits = sizeof (buf) / ENCRYPTION_DATA_UNIT_SIZE; - - ci->mode = XTS; // we only implement XTS - - /* The buffer can accommodate 4 data units and we'll test 4 cases by "scrolling". The data unit 0xFFFFFFFFFF - will "move" from the start of the buffer to its end. For a 512-byte data unit, the byte offset 562949953420800 - corresponds to the data unit 0xFFFFFFFFFF. */ - for (writeOffset = 562949953420800ULL; - writeOffset > 562949953420800ULL - nbrUnits * ENCRYPTION_DATA_UNIT_SIZE; - writeOffset -= ENCRYPTION_DATA_UNIT_SIZE) - { - unitNo.Value = writeOffset / ENCRYPTION_DATA_UNIT_SIZE; - - // Test all EAs that support this mode of operation - for (ci->ea = EAGetFirst (); ci->ea != 0; ci->ea = EAGetNext (ci->ea)) - { - if (!EAIsModeSupported (ci->ea, ci->mode)) - continue; - - EAGetName (name, ci->ea, 0); - - if (EAInit (ci->ea, key1, ci->ks) != ERR_SUCCESS) - return FALSE; - - for (i = 0; i < sizeof (ci->k2); i++) - ci->k2[i] = (unsigned char) i; - - memcpy (&ci->k2, XTS_vectors[XTS_TEST_COUNT-1].key2, sizeof (XTS_vectors[XTS_TEST_COUNT-1].key2)); - - if (!EAInitMode (ci)) - return FALSE; - - // Each data unit will contain the same plaintext - for (i = 0; i < nbrUnits; i++) - { - memcpy ((unsigned char *) buf + i * ENCRYPTION_DATA_UNIT_SIZE, - XTS_vectors[XTS_TEST_COUNT-1].plaintext, - ENCRYPTION_DATA_UNIT_SIZE); - } - - EncryptDataUnits (buf, &unitNo, nbrUnits, ci); - - crc = GetCrc32 (buf, sizeof (buf)); - - if (wcscmp (name, L"AES") == 0) - { - // Verify the ciphertext of the "moving" data unit using the IEEE test vector #14 - if (memcmp (XTS_vectors[XTS_TEST_COUNT-1].ciphertext, - (unsigned char *) buf + testCase * ENCRYPTION_DATA_UNIT_SIZE, - ENCRYPTION_DATA_UNIT_SIZE) != 0) - { - return FALSE; - } - - // CRC of all data units in the buffer for each test case - switch (testCase) - { - case 0: - if (crc != 0x888f2990) - return FALSE; - nTestsPerformed++; - break; - case 1: - if (crc != 0xea28ea34) - return FALSE; - nTestsPerformed++; - break; - case 2: - if (crc != 0xe058f5a2) - return FALSE; - nTestsPerformed++; - break; - case 3: - if (crc != 0x10473dc9) - return FALSE; - nTestsPerformed++; - break; - } - } - else if (wcscmp (name, L"Serpent") == 0) - { - switch (testCase) - { - case 0: - if (crc != 0x7edfecb3) - return FALSE; - nTestsPerformed++; - break; - case 1: - if (crc != 0x357baaaa) - return FALSE; - nTestsPerformed++; - break; - case 2: - if (crc != 0xc7b9fca5) - return FALSE; - nTestsPerformed++; - break; - case 3: - if (crc != 0xb5263e0c) - return FALSE; - nTestsPerformed++; - break; - } - } - else if (wcscmp (name, L"Twofish") == 0) - { - switch (testCase) - { - case 0: - if (crc != 0x91525124) - return FALSE; - nTestsPerformed++; - break; - case 1: - if (crc != 0x2895cc47) - return FALSE; - nTestsPerformed++; - break; - case 2: - if (crc != 0x6bee346d) - return FALSE; - nTestsPerformed++; - break; - case 3: - if (crc != 0xb1c45759) - return FALSE; - nTestsPerformed++; - break; - } - } - else if (wcscmp (name, L"AES-Twofish") == 0) - { - switch (testCase) - { - case 0: - if (crc != 0x6cea7fa2) - return FALSE; - nTestsPerformed++; - break; - case 1: - if (crc != 0x69052c4c) - return FALSE; - nTestsPerformed++; - break; - case 2: - if (crc != 0x88db8de5) - return FALSE; - nTestsPerformed++; - break; - case 3: - if (crc != 0xf16fd8c5) - return FALSE; - nTestsPerformed++; - break; - } - } - else if (wcscmp (name, L"AES-Twofish-Serpent") == 0) - { - switch (testCase) - { - case 0: - if (crc != 0xa2d7d82a) - return FALSE; - nTestsPerformed++; - break; - case 1: - if (crc != 0xdbf76412) - return FALSE; - nTestsPerformed++; - break; - case 2: - if (crc != 0xdf0ea03e) - return FALSE; - nTestsPerformed++; - break; - case 3: - if (crc != 0xdadedff7) - return FALSE; - nTestsPerformed++; - break; - } - } - else if (wcscmp (name, L"Serpent-AES") == 0) - { - switch (testCase) - { - case 0: - if (crc != 0x6dd133b3) - return FALSE; - nTestsPerformed++; - break; - case 1: - if (crc != 0x0e5717d2) - return FALSE; - nTestsPerformed++; - break; - case 2: - if (crc != 0x39f83cd9) - return FALSE; - nTestsPerformed++; - break; - case 3: - if (crc != 0x8a79fa2c) - return FALSE; - nTestsPerformed++; - break; - } - } - else if (wcscmp (name, L"Serpent-Twofish-AES") == 0) - { - switch (testCase) - { - case 0: - if (crc != 0xe536daf8) - return FALSE; - nTestsPerformed++; - break; - case 1: - if (crc != 0x3ae89e7f) - return FALSE; - nTestsPerformed++; - break; - case 2: - if (crc != 0x2cc1301a) - return FALSE; - nTestsPerformed++; - break; - case 3: - if (crc != 0xcac7bdc7) - return FALSE; - nTestsPerformed++; - break; - } - } - else if (wcscmp (name, L"Twofish-Serpent") == 0) - { - switch (testCase) - { - case 0: - if (crc != 0x2686c859) - return FALSE; - nTestsPerformed++; - break; - case 1: - if (crc != 0x8a201780) - return FALSE; - nTestsPerformed++; - break; - case 2: - if (crc != 0x8dd13796) - return FALSE; - nTestsPerformed++; - break; - case 3: - if (crc != 0xe95196cb) - return FALSE; - nTestsPerformed++; - break; - } - } - - if (crc == 0x9f5edd58) - return FALSE; - - DecryptDataUnits (buf, &unitNo, nbrUnits, ci); - - if (GetCrc32 (buf, sizeof (buf)) != 0x9f5edd58) - return FALSE; - - nTestsPerformed++; - } - testCase++; - } - - /* Encryption/decryption of a buffer (typically, a volume header) */ - - nbrUnits = sizeof (buf) / ENCRYPTION_DATA_UNIT_SIZE; - - // Test all EAs that support this mode of operation - for (ci->ea = EAGetFirst (); ci->ea != 0; ci->ea = EAGetNext (ci->ea)) - { - if (!EAIsModeSupported (ci->ea, ci->mode)) - continue; - - EAGetName (name, ci->ea, 0); - - if (EAInit (ci->ea, key1, ci->ks) != ERR_SUCCESS) - return FALSE; - - memcpy (&ci->k2, XTS_vectors[XTS_TEST_COUNT-1].key2, sizeof (XTS_vectors[XTS_TEST_COUNT-1].key2)); - - if (!EAInitMode (ci)) - return FALSE; - - // Each data unit will contain the same plaintext - for (i = 0; i < nbrUnits; i++) - { - memcpy ((unsigned char *) buf + i * ENCRYPTION_DATA_UNIT_SIZE, - XTS_vectors[XTS_TEST_COUNT-1].plaintext, - ENCRYPTION_DATA_UNIT_SIZE); - } - - EncryptBuffer (buf, sizeof (buf), ci); - - crc = GetCrc32 (buf, sizeof (buf)); - - if (wcscmp (name, L"AES") == 0) - { - if (crc != 0x33b91fab) - return FALSE; - nTestsPerformed++; - } - else if (wcscmp (name, L"Serpent") == 0) - { - if (crc != 0x3494d480) - return FALSE; - nTestsPerformed++; - } - else if (wcscmp (name, L"Twofish") == 0) - { - if (crc != 0xc4d65b46) - return FALSE; - nTestsPerformed++; - } - else if (wcscmp (name, L"AES-Twofish") == 0) - { - if (crc != 0x14ce7385) - return FALSE; - nTestsPerformed++; - } - else if (wcscmp (name, L"AES-Twofish-Serpent") == 0) - { - if (crc != 0x0ec81bf7) - return FALSE; - nTestsPerformed++; - } - else if (wcscmp (name, L"Serpent-AES") == 0) - { - if (crc != 0x42f919ad) - return FALSE; - nTestsPerformed++; - } - else if (wcscmp (name, L"Serpent-Twofish-AES") == 0) - { - if (crc != 0x208d5c58) - return FALSE; - nTestsPerformed++; - } - else if (wcscmp (name, L"Twofish-Serpent") == 0) - { - if (crc != 0xbe78cec1) - return FALSE; - nTestsPerformed++; - } - - if (crc == 0x9f5edd58) - return FALSE; - - DecryptBuffer (buf, sizeof (buf), ci); - - if (GetCrc32 (buf, sizeof (buf)) != 0x9f5edd58) - return FALSE; - - nTestsPerformed++; - } - - return (nTestsPerformed == 80); -} - -static BOOL DoAutoTestAlgorithms (void) -{ - PCRYPTO_INFO ci; - char key[32]; - unsigned char tmp[16]; - BOOL bFailed = FALSE; - int i; - - ci = crypto_open (); - if (!ci) - return FALSE; - - memset (ci, 0, sizeof (*ci)); - - /* AES */ - - for (i = 0; i < AES_TEST_COUNT; i++) - { - int cipher = AES; - memcpy(key, aes_ecb_vectors[i].key, 32); - memcpy(tmp, aes_ecb_vectors[i].plaintext, 16); - CipherInit(cipher, key, ks_tmp); - - EncipherBlock(cipher, tmp, ks_tmp); - if (memcmp(aes_ecb_vectors[i].ciphertext, tmp, 16) != 0) - break; - - DecipherBlock(cipher, tmp, ks_tmp); - if (memcmp(aes_ecb_vectors[i].plaintext, tmp, 16) != 0) - break; - } - if (i != AES_TEST_COUNT) - bFailed = TRUE; - - // AES EncipherBlocks()/DecipherBlocks() - { - byte testData[1024]; - uint32 origCrc; - size_t i; - - for (i = 0; i < sizeof (testData); ++i) - { - testData[i] = (byte) i; - } - - origCrc = GetCrc32 (testData, sizeof (testData)); - - CipherInit (AES, testData, ks_tmp); - EncipherBlocks (AES, testData, ks_tmp, sizeof (testData) / CipherGetBlockSize (AES)); - - if (GetCrc32 (testData, sizeof (testData)) != 0xb5cd5631) - bFailed = TRUE; - - DecipherBlocks (AES, testData, ks_tmp, sizeof (testData) / CipherGetBlockSize (AES)); - - if (origCrc != GetCrc32 (testData, sizeof (testData))) - bFailed = TRUE; - } - - /* Serpent */ - - for (i = 0; i < SERPENT_TEST_COUNT; i++) - { - int cipher = SERPENT; - memcpy(key, serpent_vectors[i].key, 32); - memcpy(tmp, serpent_vectors[i].plaintext, 16); - CipherInit(cipher, key, ks_tmp); - - EncipherBlock(cipher, tmp, ks_tmp); - if (memcmp(serpent_vectors[i].ciphertext, tmp, 16) != 0) - break; - - DecipherBlock(cipher, tmp, ks_tmp); - if (memcmp(serpent_vectors[i].plaintext, tmp, 16) != 0) - break; - } - if (i != SERPENT_TEST_COUNT) - bFailed = TRUE; - - - /* Twofish */ - - for (i = 0; i < TWOFISH_TEST_COUNT; i++) - { - int cipher = TWOFISH; - memcpy(key, twofish_vectors[i].key, 32); - memcpy(tmp, twofish_vectors[i].plaintext, 16); - CipherInit(cipher, key, ks_tmp); - - EncipherBlock(cipher, tmp, ks_tmp); - if (memcmp(twofish_vectors[i].ciphertext, tmp, 16) != 0) - break; - - DecipherBlock(cipher, tmp, ks_tmp); - if (memcmp(twofish_vectors[i].plaintext, tmp, 16) != 0) - break; - } - if (i != TWOFISH_TEST_COUNT) - bFailed = TRUE; - - - /* PKCS #5 and HMACs */ - if (!test_pkcs5 ()) - bFailed = TRUE; - - /* CRC-32 */ - if (!crc32_selftests ()) - bFailed = TRUE; - - /* GF multiplicator */ -#if 0 - if (!GfMulSelfTest ()) - bFailed = TRUE; -#endif - - /* XTS-AES */ - if (!XTSAesTest (ci)) - bFailed = TRUE; - - /* Sector and buffer related algorithms */ - if (!TestSectorBufEncryption (ci)) - bFailed = TRUE; - - crypto_close (ci); - return !bFailed; -} - - -BOOL AutoTestAlgorithms (void) -{ - BOOL result = TRUE; - BOOL hwEncryptionEnabled = IsHwEncryptionEnabled(); - - EnableHwEncryption (FALSE); - - if (!DoAutoTestAlgorithms()) - result = FALSE; - - EnableHwEncryption (TRUE); - - if (!DoAutoTestAlgorithms()) - result = FALSE; - - EnableHwEncryption (hwEncryptionEnabled); - return result; -} - -BOOL test_hmac_sha256 () -{ - unsigned int i; - int nTestsPerformed = 0; - - for (i = 0; i < sizeof (hmac_sha256_test_data) / sizeof(char *); i++) - { - char digest[1024]; /* large enough to hold digets and test vector inputs */ - memcpy (digest, hmac_sha256_test_data[i], strlen (hmac_sha256_test_data[i])); - hmac_sha256 (hmac_sha256_test_keys[i], (int) strlen (hmac_sha256_test_keys[i]), digest, (int) strlen (hmac_sha256_test_data[i])); - if (memcmp (digest, hmac_sha256_test_vectors[i], SHA256_DIGESTSIZE) != 0) - return FALSE; - else - nTestsPerformed++; - } - - return (nTestsPerformed == 6); -} - -BOOL test_hmac_sha512 () -{ - unsigned int i; - int nTestsPerformed = 0; - - for (i = 0; i < sizeof (hmac_sha512_test_data) / sizeof(char *); i++) - { - char digest[1024]; /* large enough to hold digets and test vector inputs */ - memcpy (digest, hmac_sha512_test_data[i], (int) strlen (hmac_sha512_test_data[i])); - hmac_sha512 (hmac_sha512_test_keys[i], (int) strlen (hmac_sha512_test_keys[i]), digest, (int) strlen (hmac_sha512_test_data[i])); - if (memcmp (digest, hmac_sha512_test_vectors[i], SHA512_DIGESTSIZE) != 0) - return FALSE; - else - nTestsPerformed++; - } - - return (nTestsPerformed == 6); -} - -BOOL test_hmac_ripemd160 () -{ - int nTestsPerformed = 0; - unsigned int i; - - for (i = 0; i < sizeof (hmac_ripemd160_test_data) / sizeof(char *); i++) - { - char digest[1024]; /* large enough to hold digets and test vector inputs */ - memcpy (digest, hmac_ripemd160_test_data[i], strlen (hmac_ripemd160_test_data[i])); - hmac_ripemd160 (hmac_ripemd160_test_keys[i], RIPEMD160_DIGESTSIZE, digest, (int) strlen (hmac_ripemd160_test_data[i])); - if (memcmp (digest, hmac_ripemd160_test_vectors[i], RIPEMD160_DIGESTSIZE) != 0) - return FALSE; - else - nTestsPerformed++; - } - - return (nTestsPerformed == 2); -} - -BOOL test_hmac_whirlpool () -{ - unsigned char digest[1024]; /* large enough to hold digets and test vector inputs */ - - memcpy (digest, hmac_whirlpool_test_data, strlen (hmac_whirlpool_test_data)); - hmac_whirlpool (hmac_whirlpool_test_key, 64, digest, (int) strlen (hmac_whirlpool_test_data)); - if (memcmp (digest, hmac_whirlpool_test_vectors, WHIRLPOOL_DIGESTSIZE) != 0) - return FALSE; - - return TRUE; -} - -BOOL test_pkcs5 () -{ - char dk[144]; - - /* HMAC-SHA-256 tests */ - if (!test_hmac_sha256()) - return FALSE; - - /* HMAC-SHA-512 tests */ - if (!test_hmac_sha512()) - return FALSE; - - /* HMAC-RIPEMD-160 tests */ - if (test_hmac_ripemd160() == FALSE) - return FALSE; - - /* HMAC-Whirlpool tests */ - if (test_hmac_whirlpool() == FALSE) - return FALSE; - - /* PKCS-5 test 1 with HMAC-SHA-256 used as the PRF (https://tools.ietf.org/html/draft-josefsson-scrypt-kdf-00) */ - derive_key_sha256 ("passwd", 6, "\x73\x61\x6C\x74", 4, 1, dk, 64); - if (memcmp (dk, "\x55\xac\x04\x6e\x56\xe3\x08\x9f\xec\x16\x91\xc2\x25\x44\xb6\x05\xf9\x41\x85\x21\x6d\xde\x04\x65\xe6\x8b\x9d\x57\xc2\x0d\xac\xbc\x49\xca\x9c\xcc\xf1\x79\xb6\x45\x99\x16\x64\xb3\x9d\x77\xef\x31\x7c\x71\xb8\x45\xb1\xe3\x0b\xd5\x09\x11\x20\x41\xd3\xa1\x97\x83", 64) != 0) - return FALSE; - - /* PKCS-5 test 2 with HMAC-SHA-256 used as the PRF (https://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors) */ - derive_key_sha256 ("password", 8, "\x73\x61\x6C\x74", 4, 2, dk, 32); - if (memcmp (dk, "\xae\x4d\x0c\x95\xaf\x6b\x46\xd3\x2d\x0a\xdf\xf9\x28\xf0\x6d\xd0\x2a\x30\x3f\x8e\xf3\xc2\x51\xdf\xd6\xe2\xd8\x5a\x95\x47\x4c\x43", 32) != 0) - return FALSE; - - /* PKCS-5 test 3 with HMAC-SHA-256 used as the PRF (MS CryptoAPI) */ - derive_key_sha256 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); - if (memcmp (dk, "\xf2\xa0\x4f\xb2", 4) != 0) - return FALSE; - - /* PKCS-5 test 4 with HMAC-SHA-256 used as the PRF (MS CryptoAPI) */ - derive_key_sha256 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 144); - if (memcmp (dk, "\xf2\xa0\x4f\xb2\xd3\xe9\xa5\xd8\x51\x0b\x5c\x06\xdf\x70\x8e\x24\xe9\xc7\xd9\x15\x3d\x22\xcd\xde\xb8\xa6\xdb\xfd\x71\x85\xc6\x99\x32\xc0\xee\x37\x27\xf7\x24\xcf\xea\xa6\xac\x73\xa1\x4c\x4e\x52\x9b\x94\xf3\x54\x06\xfc\x04\x65\xa1\x0a\x24\xfe\xf0\x98\x1d\xa6\x22\x28\xeb\x24\x55\x74\xce\x6a\x3a\x28\xe2\x04\x3a\x59\x13\xec\x3f\xf2\xdb\xcf\x58\xdd\x53\xd9\xf9\x17\xf6\xda\x74\x06\x3c\x0b\x66\xf5\x0f\xf5\x58\xa3\x27\x52\x8c\x5b\x07\x91\xd0\x81\xeb\xb6\xbc\x30\x69\x42\x71\xf2\xd7\x18\x42\xbe\xe8\x02\x93\x70\x66\xad\x35\x65\xbc\xf7\x96\x8e\x64\xf1\xc6\x92\xda\xe0\xdc\x1f\xb5\xf4", 144) != 0) - return FALSE; - - /* PKCS-5 test 1 with HMAC-SHA-512 used as the PRF */ - derive_key_sha512 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); - if (memcmp (dk, "\x13\x64\xae\xf8", 4) != 0) - return FALSE; - - /* PKCS-5 test 2 with HMAC-SHA-512 used as the PRF (derives a key longer than the underlying - hash output size and block size) */ - derive_key_sha512 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 144); - if (memcmp (dk, "\x13\x64\xae\xf8\x0d\xf5\x57\x6c\x30\xd5\x71\x4c\xa7\x75\x3f\xfd\x00\xe5\x25\x8b\x39\xc7\x44\x7f\xce\x23\x3d\x08\x75\xe0\x2f\x48\xd6\x30\xd7\x00\xb6\x24\xdb\xe0\x5a\xd7\x47\xef\x52\xca\xa6\x34\x83\x47\xe5\xcb\xe9\x87\xf1\x20\x59\x6a\xe6\xa9\xcf\x51\x78\xc6\xb6\x23\xa6\x74\x0d\xe8\x91\xbe\x1a\xd0\x28\xcc\xce\x16\x98\x9a\xbe\xfb\xdc\x78\xc9\xe1\x7d\x72\x67\xce\xe1\x61\x56\x5f\x96\x68\xe6\xe1\xdd\xf4\xbf\x1b\x80\xe0\x19\x1c\xf4\xc4\xd3\xdd\xd5\xd5\x57\x2d\x83\xc7\xa3\x37\x87\xf4\x4e\xe0\xf6\xd8\x6d\x65\xdc\xa0\x52\xa3\x13\xbe\x81\xfc\x30\xbe\x7d\x69\x58\x34\xb6\xdd\x41\xc6", 144) != 0) - return FALSE; - - /* PKCS-5 test 1 with HMAC-RIPEMD-160 used as the PRF */ - derive_key_ripemd160 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); - if (memcmp (dk, "\x7a\x3d\x7c\x03", 4) != 0) - return FALSE; - - /* PKCS-5 test 2 with HMAC-RIPEMD-160 used as the PRF (derives a key longer than the underlying hash) */ - derive_key_ripemd160 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 48); - if (memcmp (dk, "\x7a\x3d\x7c\x03\xe7\x26\x6b\xf8\x3d\x78\xfb\x29\xd2\x64\x1f\x56\xea\xf0\xe5\xf5\xcc\xc4\x3a\x31\xa8\x84\x70\xbf\xbd\x6f\x8e\x78\x24\x5a\xc0\x0a\xf6\xfa\xf0\xf6\xe9\x00\x47\x5f\x73\xce\xe1\x43", 48) != 0) - return FALSE; - - /* PKCS-5 test 1 with HMAC-Whirlpool used as the PRF */ - derive_key_whirlpool ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); - if (memcmp (dk, "\x50\x7c\x36\x6f", 4) != 0) - return FALSE; - - /* PKCS-5 test 2 with HMAC-Whirlpool used as the PRF (derives a key longer than the underlying hash) */ - derive_key_whirlpool ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 96); - if (memcmp (dk, "\x50\x7c\x36\x6f\xee\x10\x2e\x9a\xe2\x8a\xd5\x82\x72\x7d\x27\x0f\xe8\x4d\x7f\x68\x7a\xcf\xb5\xe7\x43\x67\xaa\x98\x93\x52\x2b\x09\x6e\x42\xdf\x2c\x59\x4a\x91\x6d\x7e\x10\xae\xb2\x1a\x89\x8f\xb9\x8f\xe6\x31\xa9\xd8\x9f\x98\x26\xf4\xda\xcd\x7d\x65\x65\xde\x10\x95\x91\xb4\x84\x26\xae\x43\xa1\x00\x5b\x1e\xb8\x38\x97\xa4\x1e\x4b\xd2\x65\x64\xbc\xfa\x1f\x35\x85\xdb\x4f\x97\x65\x6f\xbd\x24", 96) != 0) - return FALSE; - - return TRUE; -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" +#include "Crc.h" +#include "Crypto.h" +#include "Common/Endian.h" +#include "Tests.h" +#include "Xts.h" +#include +#include "Pkcs5.h" + +typedef struct { + unsigned __int8 key1[32]; + unsigned __int8 key2[32]; + unsigned __int8 dataUnitNo[8]; + unsigned int blockNo; + unsigned __int8 plaintext[ENCRYPTION_DATA_UNIT_SIZE]; + unsigned __int8 ciphertext[ENCRYPTION_DATA_UNIT_SIZE]; +} XTS_TEST; + +#define XTS_TEST_COUNT 5 + +XTS_TEST XTS_vectors[XTS_TEST_COUNT] = { +/* XTS-AES-256 */ +{ + // IEEE 1619 - Vector 10 + + { 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45, 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26, 0x62, 0x49, 0x77, 0x57, 0x24, 0x70, 0x93, 0x69, 0x99, 0x59, 0x57, 0x49, 0x66, 0x96, 0x76, 0x27 }, + { 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93, 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95, 0x02, 0x88, 0x41, 0x97, 0x16, 0x93, 0x99, 0x37, 0x51, 0x05, 0x82, 0x09, 0x74, 0x94, 0x45, 0x92 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff }, + 0, + { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, + 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, + 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff + }, + { + 0x1c, 0x3b, 0x3a, 0x10, 0x2f, 0x77, 0x03, 0x86, 0xe4, 0x83, 0x6c, 0x99, 0xe3, 0x70, 0xcf, 0x9b, 0xea, 0x00, 0x80, 0x3f, 0x5e, 0x48, 0x23, 0x57, 0xa4, 0xae, 0x12, 0xd4, 0x14, 0xa3, 0xe6, 0x3b, + 0x5d, 0x31, 0xe2, 0x76, 0xf8, 0xfe, 0x4a, 0x8d, 0x66, 0xb3, 0x17, 0xf9, 0xac, 0x68, 0x3f, 0x44, 0x68, 0x0a, 0x86, 0xac, 0x35, 0xad, 0xfc, 0x33, 0x45, 0xbe, 0xfe, 0xcb, 0x4b, 0xb1, 0x88, 0xfd, + 0x57, 0x76, 0x92, 0x6c, 0x49, 0xa3, 0x09, 0x5e, 0xb1, 0x08, 0xfd, 0x10, 0x98, 0xba, 0xec, 0x70, 0xaa, 0xa6, 0x69, 0x99, 0xa7, 0x2a, 0x82, 0xf2, 0x7d, 0x84, 0x8b, 0x21, 0xd4, 0xa7, 0x41, 0xb0, + 0xc5, 0xcd, 0x4d, 0x5f, 0xff, 0x9d, 0xac, 0x89, 0xae, 0xba, 0x12, 0x29, 0x61, 0xd0, 0x3a, 0x75, 0x71, 0x23, 0xe9, 0x87, 0x0f, 0x8a, 0xcf, 0x10, 0x00, 0x02, 0x08, 0x87, 0x89, 0x14, 0x29, 0xca, + 0x2a, 0x3e, 0x7a, 0x7d, 0x7d, 0xf7, 0xb1, 0x03, 0x55, 0x16, 0x5c, 0x8b, 0x9a, 0x6d, 0x0a, 0x7d, 0xe8, 0xb0, 0x62, 0xc4, 0x50, 0x0d, 0xc4, 0xcd, 0x12, 0x0c, 0x0f, 0x74, 0x18, 0xda, 0xe3, 0xd0, + 0xb5, 0x78, 0x1c, 0x34, 0x80, 0x3f, 0xa7, 0x54, 0x21, 0xc7, 0x90, 0xdf, 0xe1, 0xde, 0x18, 0x34, 0xf2, 0x80, 0xd7, 0x66, 0x7b, 0x32, 0x7f, 0x6c, 0x8c, 0xd7, 0x55, 0x7e, 0x12, 0xac, 0x3a, 0x0f, + 0x93, 0xec, 0x05, 0xc5, 0x2e, 0x04, 0x93, 0xef, 0x31, 0xa1, 0x2d, 0x3d, 0x92, 0x60, 0xf7, 0x9a, 0x28, 0x9d, 0x6a, 0x37, 0x9b, 0xc7, 0x0c, 0x50, 0x84, 0x14, 0x73, 0xd1, 0xa8, 0xcc, 0x81, 0xec, + 0x58, 0x3e, 0x96, 0x45, 0xe0, 0x7b, 0x8d, 0x96, 0x70, 0x65, 0x5b, 0xa5, 0xbb, 0xcf, 0xec, 0xc6, 0xdc, 0x39, 0x66, 0x38, 0x0a, 0xd8, 0xfe, 0xcb, 0x17, 0xb6, 0xba, 0x02, 0x46, 0x9a, 0x02, 0x0a, + 0x84, 0xe1, 0x8e, 0x8f, 0x84, 0x25, 0x20, 0x70, 0xc1, 0x3e, 0x9f, 0x1f, 0x28, 0x9b, 0xe5, 0x4f, 0xbc, 0x48, 0x14, 0x57, 0x77, 0x8f, 0x61, 0x60, 0x15, 0xe1, 0x32, 0x7a, 0x02, 0xb1, 0x40, 0xf1, + 0x50, 0x5e, 0xb3, 0x09, 0x32, 0x6d, 0x68, 0x37, 0x8f, 0x83, 0x74, 0x59, 0x5c, 0x84, 0x9d, 0x84, 0xf4, 0xc3, 0x33, 0xec, 0x44, 0x23, 0x88, 0x51, 0x43, 0xcb, 0x47, 0xbd, 0x71, 0xc5, 0xed, 0xae, + 0x9b, 0xe6, 0x9a, 0x2f, 0xfe, 0xce, 0xb1, 0xbe, 0xc9, 0xde, 0x24, 0x4f, 0xbe, 0x15, 0x99, 0x2b, 0x11, 0xb7, 0x7c, 0x04, 0x0f, 0x12, 0xbd, 0x8f, 0x6a, 0x97, 0x5a, 0x44, 0xa0, 0xf9, 0x0c, 0x29, + 0xa9, 0xab, 0xc3, 0xd4, 0xd8, 0x93, 0x92, 0x72, 0x84, 0xc5, 0x87, 0x54, 0xcc, 0xe2, 0x94, 0x52, 0x9f, 0x86, 0x14, 0xdc, 0xd2, 0xab, 0xa9, 0x91, 0x92, 0x5f, 0xed, 0xc4, 0xae, 0x74, 0xff, 0xac, + 0x6e, 0x33, 0x3b, 0x93, 0xeb, 0x4a, 0xff, 0x04, 0x79, 0xda, 0x9a, 0x41, 0x0e, 0x44, 0x50, 0xe0, 0xdd, 0x7a, 0xe4, 0xc6, 0xe2, 0x91, 0x09, 0x00, 0x57, 0x5d, 0xa4, 0x01, 0xfc, 0x07, 0x05, 0x9f, + 0x64, 0x5e, 0x8b, 0x7e, 0x9b, 0xfd, 0xef, 0x33, 0x94, 0x30, 0x54, 0xff, 0x84, 0x01, 0x14, 0x93, 0xc2, 0x7b, 0x34, 0x29, 0xea, 0xed, 0xb4, 0xed, 0x53, 0x76, 0x44, 0x1a, 0x77, 0xed, 0x43, 0x85, + 0x1a, 0xd7, 0x7f, 0x16, 0xf5, 0x41, 0xdf, 0xd2, 0x69, 0xd5, 0x0d, 0x6a, 0x5f, 0x14, 0xfb, 0x0a, 0xab, 0x1c, 0xbb, 0x4c, 0x15, 0x50, 0xbe, 0x97, 0xf7, 0xab, 0x40, 0x66, 0x19, 0x3c, 0x4c, 0xaa, + 0x77, 0x3d, 0xad, 0x38, 0x01, 0x4b, 0xd2, 0x09, 0x2f, 0xa7, 0x55, 0xc8, 0x24, 0xbb, 0x5e, 0x54, 0xc4, 0xf3, 0x6f, 0xfd, 0xa9, 0xfc, 0xea, 0x70, 0xb9, 0xc6, 0xe6, 0x93, 0xe1, 0x48, 0xc1, 0x51 + } +}, +{ + // IEEE 1619 - Vector 11 + + { 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45, 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26, 0x62, 0x49, 0x77, 0x57, 0x24, 0x70, 0x93, 0x69, 0x99, 0x59, 0x57, 0x49, 0x66, 0x96, 0x76, 0x27 }, + { 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93, 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95, 0x02, 0x88, 0x41, 0x97, 0x16, 0x93, 0x99, 0x37, 0x51, 0x05, 0x82, 0x09, 0x74, 0x94, 0x45, 0x92 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff }, + 0, + { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, + 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, + 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff + }, + { + 0x77, 0xa3, 0x12, 0x51, 0x61, 0x8a, 0x15, 0xe6, 0xb9, 0x2d, 0x1d, 0x66, 0xdf, 0xfe, 0x7b, 0x50, 0xb5, 0x0b, 0xad, 0x55, 0x23, 0x05, 0xba, 0x02, 0x17, 0xa6, 0x10, 0x68, 0x8e, 0xff, 0x7e, 0x11, + 0xe1, 0xd0, 0x22, 0x54, 0x38, 0xe0, 0x93, 0x24, 0x2d, 0x6d, 0xb2, 0x74, 0xfd, 0xe8, 0x01, 0xd4, 0xca, 0xe0, 0x6f, 0x20, 0x92, 0xc7, 0x28, 0xb2, 0x47, 0x85, 0x59, 0xdf, 0x58, 0xe8, 0x37, 0xc2, + 0x46, 0x9e, 0xe4, 0xa4, 0xfa, 0x79, 0x4e, 0x4b, 0xbc, 0x7f, 0x39, 0xbc, 0x02, 0x6e, 0x3c, 0xb7, 0x2c, 0x33, 0xb0, 0x88, 0x8f, 0x25, 0xb4, 0xac, 0xf5, 0x6a, 0x2a, 0x98, 0x04, 0xf1, 0xce, 0x6d, + 0x3d, 0x6e, 0x1d, 0xc6, 0xca, 0x18, 0x1d, 0x4b, 0x54, 0x61, 0x79, 0xd5, 0x55, 0x44, 0xaa, 0x77, 0x60, 0xc4, 0x0d, 0x06, 0x74, 0x15, 0x39, 0xc7, 0xe3, 0xcd, 0x9d, 0x2f, 0x66, 0x50, 0xb2, 0x01, + 0x3f, 0xd0, 0xee, 0xb8, 0xc2, 0xb8, 0xe3, 0xd8, 0xd2, 0x40, 0xcc, 0xae, 0x2d, 0x4c, 0x98, 0x32, 0x0a, 0x74, 0x42, 0xe1, 0xc8, 0xd7, 0x5a, 0x42, 0xd6, 0xe6, 0xcf, 0xa4, 0xc2, 0xec, 0xa1, 0x79, + 0x8d, 0x15, 0x8c, 0x7a, 0xec, 0xdf, 0x82, 0x49, 0x0f, 0x24, 0xbb, 0x9b, 0x38, 0xe1, 0x08, 0xbc, 0xda, 0x12, 0xc3, 0xfa, 0xf9, 0xa2, 0x11, 0x41, 0xc3, 0x61, 0x3b, 0x58, 0x36, 0x7f, 0x92, 0x2a, + 0xaa, 0x26, 0xcd, 0x22, 0xf2, 0x3d, 0x70, 0x8d, 0xae, 0x69, 0x9a, 0xd7, 0xcb, 0x40, 0xa8, 0xad, 0x0b, 0x6e, 0x27, 0x84, 0x97, 0x3d, 0xcb, 0x60, 0x56, 0x84, 0xc0, 0x8b, 0x8d, 0x69, 0x98, 0xc6, + 0x9a, 0xac, 0x04, 0x99, 0x21, 0x87, 0x1e, 0xbb, 0x65, 0x30, 0x1a, 0x46, 0x19, 0xca, 0x80, 0xec, 0xb4, 0x85, 0xa3, 0x1d, 0x74, 0x42, 0x23, 0xce, 0x8d, 0xdc, 0x23, 0x94, 0x82, 0x8d, 0x6a, 0x80, + 0x47, 0x0c, 0x09, 0x2f, 0x5b, 0xa4, 0x13, 0xc3, 0x37, 0x8f, 0xa6, 0x05, 0x42, 0x55, 0xc6, 0xf9, 0xdf, 0x44, 0x95, 0x86, 0x2b, 0xbb, 0x32, 0x87, 0x68, 0x1f, 0x93, 0x1b, 0x68, 0x7c, 0x88, 0x8a, + 0xbf, 0x84, 0x4d, 0xfc, 0x8f, 0xc2, 0x83, 0x31, 0xe5, 0x79, 0x92, 0x8c, 0xd1, 0x2b, 0xd2, 0x39, 0x0a, 0xe1, 0x23, 0xcf, 0x03, 0x81, 0x8d, 0x14, 0xde, 0xdd, 0xe5, 0xc0, 0xc2, 0x4c, 0x8a, 0xb0, + 0x18, 0xbf, 0xca, 0x75, 0xca, 0x09, 0x6f, 0x2d, 0x53, 0x1f, 0x3d, 0x16, 0x19, 0xe7, 0x85, 0xf1, 0xad, 0xa4, 0x37, 0xca, 0xb9, 0x2e, 0x98, 0x05, 0x58, 0xb3, 0xdc, 0xe1, 0x47, 0x4a, 0xfb, 0x75, + 0xbf, 0xed, 0xbf, 0x8f, 0xf5, 0x4c, 0xb2, 0x61, 0x8e, 0x02, 0x44, 0xc9, 0xac, 0x0d, 0x3c, 0x66, 0xfb, 0x51, 0x59, 0x8c, 0xd2, 0xdb, 0x11, 0xf9, 0xbe, 0x39, 0x79, 0x1a, 0xbe, 0x44, 0x7c, 0x63, + 0x09, 0x4f, 0x7c, 0x45, 0x3b, 0x7f, 0xf8, 0x7c, 0xb5, 0xbb, 0x36, 0xb7, 0xc7, 0x9e, 0xfb, 0x08, 0x72, 0xd1, 0x70, 0x58, 0xb8, 0x3b, 0x15, 0xab, 0x08, 0x66, 0xad, 0x8a, 0x58, 0x65, 0x6c, 0x5a, + 0x7e, 0x20, 0xdb, 0xdf, 0x30, 0x8b, 0x24, 0x61, 0xd9, 0x7c, 0x0e, 0xc0, 0x02, 0x4a, 0x27, 0x15, 0x05, 0x52, 0x49, 0xcf, 0x3b, 0x47, 0x8d, 0xdd, 0x47, 0x40, 0xde, 0x65, 0x4f, 0x75, 0xca, 0x68, + 0x6e, 0x0d, 0x73, 0x45, 0xc6, 0x9e, 0xd5, 0x0c, 0xdc, 0x2a, 0x8b, 0x33, 0x2b, 0x1f, 0x88, 0x24, 0x10, 0x8a, 0xc9, 0x37, 0xeb, 0x05, 0x05, 0x85, 0x60, 0x8e, 0xe7, 0x34, 0x09, 0x7f, 0xc0, 0x90, + 0x54, 0xfb, 0xff, 0x89, 0xee, 0xae, 0xea, 0x79, 0x1f, 0x4a, 0x7a, 0xb1, 0xf9, 0x86, 0x82, 0x94, 0xa4, 0xf9, 0xe2, 0x7b, 0x42, 0xaf, 0x81, 0x00, 0xcb, 0x9d, 0x59, 0xce, 0xf9, 0x64, 0x58, 0x03 + } +}, +{ + // IEEE 1619 - Vector 12 + + { 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45, 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26, 0x62, 0x49, 0x77, 0x57, 0x24, 0x70, 0x93, 0x69, 0x99, 0x59, 0x57, 0x49, 0x66, 0x96, 0x76, 0x27 }, + { 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93, 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95, 0x02, 0x88, 0x41, 0x97, 0x16, 0x93, 0x99, 0x37, 0x51, 0x05, 0x82, 0x09, 0x74, 0x94, 0x45, 0x92 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff }, + 0, + { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, + 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, + 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff + }, + { + 0xe3, 0x87, 0xaa, 0xa5, 0x8b, 0xa4, 0x83, 0xaf, 0xa7, 0xe8, 0xeb, 0x46, 0x97, 0x78, 0x31, 0x7e, 0xcf, 0x4c, 0xf5, 0x73, 0xaa, 0x9d, 0x4e, 0xac, 0x23, 0xf2, 0xcd, 0xf9, 0x14, 0xe4, 0xe2, 0x00, + 0xa8, 0xb4, 0x90, 0xe4, 0x2e, 0xe6, 0x46, 0x80, 0x2d, 0xc6, 0xee, 0x2b, 0x47, 0x1b, 0x27, 0x81, 0x95, 0xd6, 0x09, 0x18, 0xec, 0xec, 0xb4, 0x4b, 0xf7, 0x99, 0x66, 0xf8, 0x3f, 0xab, 0xa0, 0x49, + 0x92, 0x98, 0xeb, 0xc6, 0x99, 0xc0, 0xc8, 0x63, 0x47, 0x15, 0xa3, 0x20, 0xbb, 0x4f, 0x07, 0x5d, 0x62, 0x2e, 0x74, 0xc8, 0xc9, 0x32, 0x00, 0x4f, 0x25, 0xb4, 0x1e, 0x36, 0x10, 0x25, 0xb5, 0xa8, + 0x78, 0x15, 0x39, 0x1f, 0x61, 0x08, 0xfc, 0x4a, 0xfa, 0x6a, 0x05, 0xd9, 0x30, 0x3c, 0x6b, 0xa6, 0x8a, 0x12, 0x8a, 0x55, 0x70, 0x5d, 0x41, 0x59, 0x85, 0x83, 0x2f, 0xde, 0xaa, 0xe6, 0xc8, 0xe1, + 0x91, 0x10, 0xe8, 0x4d, 0x1b, 0x1f, 0x19, 0x9a, 0x26, 0x92, 0x11, 0x9e, 0xdc, 0x96, 0x13, 0x26, 0x58, 0xf0, 0x9d, 0xa7, 0xc6, 0x23, 0xef, 0xce, 0xc7, 0x12, 0x53, 0x7a, 0x3d, 0x94, 0xc0, 0xbf, + 0x5d, 0x7e, 0x35, 0x2e, 0xc9, 0x4a, 0xe5, 0x79, 0x7f, 0xdb, 0x37, 0x7d, 0xc1, 0x55, 0x11, 0x50, 0x72, 0x1a, 0xdf, 0x15, 0xbd, 0x26, 0xa8, 0xef, 0xc2, 0xfc, 0xaa, 0xd5, 0x68, 0x81, 0xfa, 0x9e, + 0x62, 0x46, 0x2c, 0x28, 0xf3, 0x0a, 0xe1, 0xce, 0xac, 0xa9, 0x3c, 0x34, 0x5c, 0xf2, 0x43, 0xb7, 0x3f, 0x54, 0x2e, 0x20, 0x74, 0xa7, 0x05, 0xbd, 0x26, 0x43, 0xbb, 0x9f, 0x7c, 0xc7, 0x9b, 0xb6, + 0xe7, 0x09, 0x1e, 0xa6, 0xe2, 0x32, 0xdf, 0x0f, 0x9a, 0xd0, 0xd6, 0xcf, 0x50, 0x23, 0x27, 0x87, 0x6d, 0x82, 0x20, 0x7a, 0xbf, 0x21, 0x15, 0xcd, 0xac, 0xf6, 0xd5, 0xa4, 0x8f, 0x6c, 0x18, 0x79, + 0xa6, 0x5b, 0x11, 0x5f, 0x0f, 0x8b, 0x3c, 0xb3, 0xc5, 0x9d, 0x15, 0xdd, 0x8c, 0x76, 0x9b, 0xc0, 0x14, 0x79, 0x5a, 0x18, 0x37, 0xf3, 0x90, 0x1b, 0x58, 0x45, 0xeb, 0x49, 0x1a, 0xdf, 0xef, 0xe0, + 0x97, 0xb1, 0xfa, 0x30, 0xa1, 0x2f, 0xc1, 0xf6, 0x5b, 0xa2, 0x29, 0x05, 0x03, 0x15, 0x39, 0x97, 0x1a, 0x10, 0xf2, 0xf3, 0x6c, 0x32, 0x1b, 0xb5, 0x13, 0x31, 0xcd, 0xef, 0xb3, 0x9e, 0x39, 0x64, + 0xc7, 0xef, 0x07, 0x99, 0x94, 0xf5, 0xb6, 0x9b, 0x2e, 0xdd, 0x83, 0xa7, 0x1e, 0xf5, 0x49, 0x97, 0x1e, 0xe9, 0x3f, 0x44, 0xea, 0xc3, 0x93, 0x8f, 0xcd, 0xd6, 0x1d, 0x01, 0xfa, 0x71, 0x79, 0x9d, + 0xa3, 0xa8, 0x09, 0x1c, 0x4c, 0x48, 0xaa, 0x9e, 0xd2, 0x63, 0xff, 0x07, 0x49, 0xdf, 0x95, 0xd4, 0x4f, 0xef, 0x6a, 0x0b, 0xb5, 0x78, 0xec, 0x69, 0x45, 0x6a, 0xa5, 0x40, 0x8a, 0xe3, 0x2c, 0x7a, + 0xf0, 0x8a, 0xd7, 0xba, 0x89, 0x21, 0x28, 0x7e, 0x3b, 0xbe, 0xe3, 0x1b, 0x76, 0x7b, 0xe0, 0x6a, 0x0e, 0x70, 0x5c, 0x86, 0x4a, 0x76, 0x91, 0x37, 0xdf, 0x28, 0x29, 0x22, 0x83, 0xea, 0x81, 0xa2, + 0x48, 0x02, 0x41, 0xb4, 0x4d, 0x99, 0x21, 0xcd, 0xbe, 0xc1, 0xbc, 0x28, 0xdc, 0x1f, 0xda, 0x11, 0x4b, 0xd8, 0xe5, 0x21, 0x7a, 0xc9, 0xd8, 0xeb, 0xaf, 0xa7, 0x20, 0xe9, 0xda, 0x4f, 0x9a, 0xce, + 0x23, 0x1c, 0xc9, 0x49, 0xe5, 0xb9, 0x6f, 0xe7, 0x6f, 0xfc, 0x21, 0x06, 0x3f, 0xdd, 0xc8, 0x3a, 0x6b, 0x86, 0x79, 0xc0, 0x0d, 0x35, 0xe0, 0x95, 0x76, 0xa8, 0x75, 0x30, 0x5b, 0xed, 0x5f, 0x36, + 0xed, 0x24, 0x2c, 0x89, 0x00, 0xdd, 0x1f, 0xa9, 0x65, 0xbc, 0x95, 0x0d, 0xfc, 0xe0, 0x9b, 0x13, 0x22, 0x63, 0xa1, 0xee, 0xf5, 0x2d, 0xd6, 0x88, 0x8c, 0x30, 0x9f, 0x5a, 0x7d, 0x71, 0x28, 0x26 + } +}, +{ + // IEEE 1619 - Vector 13 + + { 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45, 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26, 0x62, 0x49, 0x77, 0x57, 0x24, 0x70, 0x93, 0x69, 0x99, 0x59, 0x57, 0x49, 0x66, 0x96, 0x76, 0x27 }, + { 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93, 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95, 0x02, 0x88, 0x41, 0x97, 0x16, 0x93, 0x99, 0x37, 0x51, 0x05, 0x82, 0x09, 0x74, 0x94, 0x45, 0x92 }, + { 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff }, + 0, + { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, + 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, + 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff + }, + { + 0xbf, 0x53, 0xd2, 0xda, 0xde, 0x78, 0xe8, 0x22, 0xa4, 0xd9, 0x49, 0xa9, 0xbc, 0x67, 0x66, 0xb0, 0x1b, 0x06, 0xa8, 0xef, 0x70, 0xd2, 0x67, 0x48, 0xc6, 0xa7, 0xfc, 0x36, 0xd8, 0x0a, 0xe4, 0xc5, + 0x52, 0x0f, 0x7c, 0x4a, 0xb0, 0xac, 0x85, 0x44, 0x42, 0x4f, 0xa4, 0x05, 0x16, 0x2f, 0xef, 0x5a, 0x6b, 0x7f, 0x22, 0x94, 0x98, 0x06, 0x36, 0x18, 0xd3, 0x9f, 0x00, 0x03, 0xcb, 0x5f, 0xb8, 0xd1, + 0xc8, 0x6b, 0x64, 0x34, 0x97, 0xda, 0x1f, 0xf9, 0x45, 0xc8, 0xd3, 0xbe, 0xde, 0xca, 0x4f, 0x47, 0x97, 0x02, 0xa7, 0xa7, 0x35, 0xf0, 0x43, 0xdd, 0xb1, 0xd6, 0xaa, 0xad, 0xe3, 0xc4, 0xa0, 0xac, + 0x7c, 0xa7, 0xf3, 0xfa, 0x52, 0x79, 0xbe, 0xf5, 0x6f, 0x82, 0xcd, 0x7a, 0x2f, 0x38, 0x67, 0x2e, 0x82, 0x48, 0x14, 0xe1, 0x07, 0x00, 0x30, 0x0a, 0x05, 0x5e, 0x16, 0x30, 0xb8, 0xf1, 0xcb, 0x0e, + 0x91, 0x9f, 0x5e, 0x94, 0x20, 0x10, 0xa4, 0x16, 0xe2, 0xbf, 0x48, 0xcb, 0x46, 0x99, 0x3d, 0x3c, 0xb6, 0xa5, 0x1c, 0x19, 0xba, 0xcf, 0x86, 0x47, 0x85, 0xa0, 0x0b, 0xc2, 0xec, 0xff, 0x15, 0xd3, + 0x50, 0x87, 0x5b, 0x24, 0x6e, 0xd5, 0x3e, 0x68, 0xbe, 0x6f, 0x55, 0xbd, 0x7e, 0x05, 0xcf, 0xc2, 0xb2, 0xed, 0x64, 0x32, 0x19, 0x8a, 0x64, 0x44, 0xb6, 0xd8, 0xc2, 0x47, 0xfa, 0xb9, 0x41, 0xf5, + 0x69, 0x76, 0x8b, 0x5c, 0x42, 0x93, 0x66, 0xf1, 0xd3, 0xf0, 0x0f, 0x03, 0x45, 0xb9, 0x61, 0x23, 0xd5, 0x62, 0x04, 0xc0, 0x1c, 0x63, 0xb2, 0x2c, 0xe7, 0x8b, 0xaf, 0x11, 0x6e, 0x52, 0x5e, 0xd9, + 0x0f, 0xde, 0xa3, 0x9f, 0xa4, 0x69, 0x49, 0x4d, 0x38, 0x66, 0xc3, 0x1e, 0x05, 0xf2, 0x95, 0xff, 0x21, 0xfe, 0xa8, 0xd4, 0xe6, 0xe1, 0x3d, 0x67, 0xe4, 0x7c, 0xe7, 0x22, 0xe9, 0x69, 0x8a, 0x1c, + 0x10, 0x48, 0xd6, 0x8e, 0xbc, 0xde, 0x76, 0xb8, 0x6f, 0xcf, 0x97, 0x6e, 0xab, 0x8a, 0xa9, 0x79, 0x02, 0x68, 0xb7, 0x06, 0x8e, 0x01, 0x7a, 0x8b, 0x9b, 0x74, 0x94, 0x09, 0x51, 0x4f, 0x10, 0x53, + 0x02, 0x7f, 0xd1, 0x6c, 0x37, 0x86, 0xea, 0x1b, 0xac, 0x5f, 0x15, 0xcb, 0x79, 0x71, 0x1e, 0xe2, 0xab, 0xe8, 0x2f, 0x5c, 0xf8, 0xb1, 0x3a, 0xe7, 0x30, 0x30, 0xef, 0x5b, 0x9e, 0x44, 0x57, 0xe7, + 0x5d, 0x13, 0x04, 0xf9, 0x88, 0xd6, 0x2d, 0xd6, 0xfc, 0x4b, 0x94, 0xed, 0x38, 0xba, 0x83, 0x1d, 0xa4, 0xb7, 0x63, 0x49, 0x71, 0xb6, 0xcd, 0x8e, 0xc3, 0x25, 0xd9, 0xc6, 0x1c, 0x00, 0xf1, 0xdf, + 0x73, 0x62, 0x7e, 0xd3, 0x74, 0x5a, 0x5e, 0x84, 0x89, 0xf3, 0xa9, 0x5c, 0x69, 0x63, 0x9c, 0x32, 0xcd, 0x6e, 0x1d, 0x53, 0x7a, 0x85, 0xf7, 0x5c, 0xc8, 0x44, 0x72, 0x6e, 0x8a, 0x72, 0xfc, 0x00, + 0x77, 0xad, 0x22, 0x00, 0x0f, 0x1d, 0x50, 0x78, 0xf6, 0xb8, 0x66, 0x31, 0x8c, 0x66, 0x8f, 0x1a, 0xd0, 0x3d, 0x5a, 0x5f, 0xce, 0xd5, 0x21, 0x9f, 0x2e, 0xab, 0xbd, 0x0a, 0xa5, 0xc0, 0xf4, 0x60, + 0xd1, 0x83, 0xf0, 0x44, 0x04, 0xa0, 0xd6, 0xf4, 0x69, 0x55, 0x8e, 0x81, 0xfa, 0xb2, 0x4a, 0x16, 0x79, 0x05, 0xab, 0x4c, 0x78, 0x78, 0x50, 0x2a, 0xd3, 0xe3, 0x8f, 0xdb, 0xe6, 0x2a, 0x41, 0x55, + 0x6c, 0xec, 0x37, 0x32, 0x57, 0x59, 0x53, 0x3c, 0xe8, 0xf2, 0x5f, 0x36, 0x7c, 0x87, 0xbb, 0x55, 0x78, 0xd6, 0x67, 0xae, 0x93, 0xf9, 0xe2, 0xfd, 0x99, 0xbc, 0xbc, 0x5f, 0x2f, 0xbb, 0xa8, 0x8c, + 0xf6, 0x51, 0x61, 0x39, 0x42, 0x0f, 0xcf, 0xf3, 0xb7, 0x36, 0x1d, 0x86, 0x32, 0x2c, 0x4b, 0xd8, 0x4c, 0x82, 0xf3, 0x35, 0xab, 0xb1, 0x52, 0xc4, 0xa9, 0x34, 0x11, 0x37, 0x3a, 0xaa, 0x82, 0x20 + } +}, +{ + // IEEE 1619 - Vector 14 + + /* This vector must always be the last one in XTS_vectors[] because TestSectorBufEncryption() relies on it. */ + + { 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45, 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26, 0x62, 0x49, 0x77, 0x57, 0x24, 0x70, 0x93, 0x69, 0x99, 0x59, 0x57, 0x49, 0x66, 0x96, 0x76, 0x27 }, + { 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93, 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95, 0x02, 0x88, 0x41, 0x97, 0x16, 0x93, 0x99, 0x37, 0x51, 0x05, 0x82, 0x09, 0x74, 0x94, 0x45, 0x92 }, + { 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff }, + 0, + { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, + 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, + 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff + }, + { + 0x64, 0x49, 0x7e, 0x5a, 0x83, 0x1e, 0x4a, 0x93, 0x2c, 0x09, 0xbe, 0x3e, 0x53, 0x93, 0x37, 0x6d, 0xaa, 0x59, 0x95, 0x48, 0xb8, 0x16, 0x03, 0x1d, 0x22, 0x4b, 0xbf, 0x50, 0xa8, 0x18, 0xed, 0x23, + 0x50, 0xea, 0xe7, 0xe9, 0x60, 0x87, 0xc8, 0xa0, 0xdb, 0x51, 0xad, 0x29, 0x0b, 0xd0, 0x0c, 0x1a, 0xc1, 0x62, 0x08, 0x57, 0x63, 0x5b, 0xf2, 0x46, 0xc1, 0x76, 0xab, 0x46, 0x3b, 0xe3, 0x0b, 0x80, + 0x8d, 0xa5, 0x48, 0x08, 0x1a, 0xc8, 0x47, 0xb1, 0x58, 0xe1, 0x26, 0x4b, 0xe2, 0x5b, 0xb0, 0x91, 0x0b, 0xbc, 0x92, 0x64, 0x71, 0x08, 0x08, 0x94, 0x15, 0xd4, 0x5f, 0xab, 0x1b, 0x3d, 0x26, 0x04, + 0xe8, 0xa8, 0xef, 0xf1, 0xae, 0x40, 0x20, 0xcf, 0xa3, 0x99, 0x36, 0xb6, 0x68, 0x27, 0xb2, 0x3f, 0x37, 0x1b, 0x92, 0x20, 0x0b, 0xe9, 0x02, 0x51, 0xe6, 0xd7, 0x3c, 0x5f, 0x86, 0xde, 0x5f, 0xd4, + 0xa9, 0x50, 0x78, 0x19, 0x33, 0xd7, 0x9a, 0x28, 0x27, 0x2b, 0x78, 0x2a, 0x2e, 0xc3, 0x13, 0xef, 0xdf, 0xcc, 0x06, 0x28, 0xf4, 0x3d, 0x74, 0x4c, 0x2d, 0xc2, 0xff, 0x3d, 0xcb, 0x66, 0x99, 0x9b, + 0x50, 0xc7, 0xca, 0x89, 0x5b, 0x0c, 0x64, 0x79, 0x1e, 0xea, 0xa5, 0xf2, 0x94, 0x99, 0xfb, 0x1c, 0x02, 0x6f, 0x84, 0xce, 0x5b, 0x5c, 0x72, 0xba, 0x10, 0x83, 0xcd, 0xdb, 0x5c, 0xe4, 0x54, 0x34, + 0x63, 0x16, 0x65, 0xc3, 0x33, 0xb6, 0x0b, 0x11, 0x59, 0x3f, 0xb2, 0x53, 0xc5, 0x17, 0x9a, 0x2c, 0x8d, 0xb8, 0x13, 0x78, 0x2a, 0x00, 0x48, 0x56, 0xa1, 0x65, 0x30, 0x11, 0xe9, 0x3f, 0xb6, 0xd8, + 0x76, 0xc1, 0x83, 0x66, 0xdd, 0x86, 0x83, 0xf5, 0x34, 0x12, 0xc0, 0xc1, 0x80, 0xf9, 0xc8, 0x48, 0x59, 0x2d, 0x59, 0x3f, 0x86, 0x09, 0xca, 0x73, 0x63, 0x17, 0xd3, 0x56, 0xe1, 0x3e, 0x2b, 0xff, + 0x3a, 0x9f, 0x59, 0xcd, 0x9a, 0xeb, 0x19, 0xcd, 0x48, 0x25, 0x93, 0xd8, 0xc4, 0x61, 0x28, 0xbb, 0x32, 0x42, 0x3b, 0x37, 0xa9, 0xad, 0xfb, 0x48, 0x2b, 0x99, 0x45, 0x3f, 0xbe, 0x25, 0xa4, 0x1b, + 0xf6, 0xfe, 0xb4, 0xaa, 0x0b, 0xef, 0x5e, 0xd2, 0x4b, 0xf7, 0x3c, 0x76, 0x29, 0x78, 0x02, 0x54, 0x82, 0xc1, 0x31, 0x15, 0xe4, 0x01, 0x5a, 0xac, 0x99, 0x2e, 0x56, 0x13, 0xa3, 0xb5, 0xc2, 0xf6, + 0x85, 0xb8, 0x47, 0x95, 0xcb, 0x6e, 0x9b, 0x26, 0x56, 0xd8, 0xc8, 0x81, 0x57, 0xe5, 0x2c, 0x42, 0xf9, 0x78, 0xd8, 0x63, 0x4c, 0x43, 0xd0, 0x6f, 0xea, 0x92, 0x8f, 0x28, 0x22, 0xe4, 0x65, 0xaa, + 0x65, 0x76, 0xe9, 0xbf, 0x41, 0x93, 0x84, 0x50, 0x6c, 0xc3, 0xce, 0x3c, 0x54, 0xac, 0x1a, 0x6f, 0x67, 0xdc, 0x66, 0xf3, 0xb3, 0x01, 0x91, 0xe6, 0x98, 0x38, 0x0b, 0xc9, 0x99, 0xb0, 0x5a, 0xbc, + 0xe1, 0x9d, 0xc0, 0xc6, 0xdc, 0xc2, 0xdd, 0x00, 0x1e, 0xc5, 0x35, 0xba, 0x18, 0xde, 0xb2, 0xdf, 0x1a, 0x10, 0x10, 0x23, 0x10, 0x83, 0x18, 0xc7, 0x5d, 0xc9, 0x86, 0x11, 0xa0, 0x9d, 0xc4, 0x8a, + 0x0a, 0xcd, 0xec, 0x67, 0x6f, 0xab, 0xdf, 0x22, 0x2f, 0x07, 0xe0, 0x26, 0xf0, 0x59, 0xb6, 0x72, 0xb5, 0x6e, 0x5c, 0xbc, 0x8e, 0x1d, 0x21, 0xbb, 0xd8, 0x67, 0xdd, 0x92, 0x72, 0x12, 0x05, 0x46, + 0x81, 0xd7, 0x0e, 0xa7, 0x37, 0x13, 0x4c, 0xdf, 0xce, 0x93, 0xb6, 0xf8, 0x2a, 0xe2, 0x24, 0x23, 0x27, 0x4e, 0x58, 0xa0, 0x82, 0x1c, 0xc5, 0x50, 0x2e, 0x2d, 0x0a, 0xb4, 0x58, 0x5e, 0x94, 0xde, + 0x69, 0x75, 0xbe, 0x5e, 0x0b, 0x4e, 0xfc, 0xe5, 0x1c, 0xd3, 0xe7, 0x0c, 0x25, 0xa1, 0xfb, 0xbb, 0xd6, 0x09, 0xd2, 0x73, 0xad, 0x5b, 0x0d, 0x59, 0x63, 0x1c, 0x53, 0x1f, 0x6a, 0x0a, 0x57, 0xb9 + } +} }; // XTS_TEST XTS_vectors[] + + +BOOL XTSAesTest (PCRYPTO_INFO ci) +{ + unsigned __int8 p[ENCRYPTION_DATA_UNIT_SIZE]; + UINT64_STRUCT dataUnitNo; + int i; + + for (i = 0; i < XTS_TEST_COUNT; i++) + { + ci->ea = EAGetByName (L"AES"); + if (ci->ea == 0) + return FALSE; + + ci->mode = XTS; + + if (EAInit (ci->ea, XTS_vectors[i].key1, ci->ks) != ERR_SUCCESS) + return FALSE; + + memcpy (&ci->k2, XTS_vectors[i].key2, sizeof (XTS_vectors[i].key2)); + + if (!EAInitMode (ci)) + return FALSE; + + memcpy (p, XTS_vectors[i].plaintext, sizeof (p)); + + dataUnitNo.Value = BE64 (*((unsigned __int64 *) XTS_vectors[i].dataUnitNo)); + + EncryptBufferXTS (p, sizeof (p), &dataUnitNo, XTS_vectors[i].blockNo, (unsigned char *) (ci->ks), (unsigned char *) ci->ks2, AES); + + if (memcmp (XTS_vectors[i].ciphertext, p, sizeof (p)) != 0) + return FALSE; + } + + return TRUE; +} + + +// AES ECB test vectors FIPS-197 + +#define AES_TEST_COUNT 1 + +typedef struct { + unsigned char key[32]; + unsigned char plaintext[16]; + unsigned char ciphertext[16]; + } AES_TEST; + +AES_TEST aes_ecb_vectors[AES_TEST_COUNT] = { +0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f, +0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f, + +0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xaa,0xbb,0xcc,0xdd,0xee,0xff, + +0x8e,0xa2,0xb7,0xca,0x51,0x67,0x45,0xbf,0xea,0xfc,0x49,0x90,0x4b,0x49,0x60,0x89 +}; + +// Serpent ECB test vectors + +#define SERPENT_TEST_COUNT 1 + +typedef struct { + unsigned char key[32]; + unsigned char plaintext[16]; + unsigned char ciphertext[16]; + } SERPENT_TEST; + +SERPENT_TEST serpent_vectors[SERPENT_TEST_COUNT] = { +0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, +0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + +0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, +0xde, 0x26, 0x9f, 0xf8, 0x33, 0xe4, 0x32, 0xb8, 0x5b, 0x2e, 0x88, 0xd2, 0x70, 0x1c, 0xe7, 0x5c +}; + +// Twofish ECB test vectors + +#define TWOFISH_TEST_COUNT 1 + +typedef struct { + unsigned char key[32]; + unsigned char plaintext[16]; + unsigned char ciphertext[16]; + } TWOFISH_TEST; + +TWOFISH_TEST twofish_vectors[TWOFISH_TEST_COUNT] = { +0xD4, 0x3B, 0xB7, 0x55, 0x6E, 0xA3, 0x2E, 0x46, 0xF2, 0xA2, 0x82, 0xB7, 0xD4, 0x5B, 0x4E, 0x0D, +0x57, 0xFF, 0x73, 0x9D, 0x4D, 0xC9, 0x2C, 0x1B, 0xD7, 0xFC, 0x01, 0x70, 0x0C, 0xC8, 0x21, 0x6F, + +0x90, 0xAF, 0xE9, 0x1B, 0xB2, 0x88, 0x54, 0x4F, 0x2C, 0x32, 0xDC, 0x23, 0x9B, 0x26, 0x35, 0xE6, +0x6C, 0xB4, 0x56, 0x1C, 0x40, 0xBF, 0x0A, 0x97, 0x05, 0x93, 0x1C, 0xB6, 0xD4, 0x08, 0xE7, 0xFA +}; + +/* Test vectors from FIPS 198a, RFC 4231, RFC 2104, RFC 2202, and other sources. */ + +char *hmac_sha256_test_keys[] = +{ + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", + "Jefe", + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19", + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", +}; + +char *hmac_sha256_test_data[] = +{ + "Hi There", + "what do ya want for nothing?", + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd", + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd", + "Test Using Larger Than Block-Size Key - Hash Key First", + "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.", +}; + +char *hmac_sha256_test_vectors[] = +{ + "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32\xcf\xf7", + "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec\x38\x43", + "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5\x65\xfe", + "\x82\x55\x8a\x38\x9a\x44\x3c\x0e\xa4\xcc\x81\x98\x99\xf2\x08\x3a\x85\xf0\xfa\xa3\xe5\x78\xf8\x07\x7a\x2e\x3f\xf4\x67\x29\x66\x5b", + "\x60\xe4\x31\x59\x1e\xe0\xb6\x7f\x0d\x8a\x26\xaa\xcb\xf5\xb7\x7f\x8e\x0b\xc6\x21\x37\x28\xc5\x14\x05\x46\x04\x0f\x0e\xe3\x7f\x54", + "\x9b\x09\xff\xa7\x1b\x94\x2f\xcb\x27\x63\x5f\xbc\xd5\xb0\xe9\x44\xbf\xdc\x63\x64\x4f\x07\x13\x93\x8a\x7f\x51\x53\x5c\x3a\x35\xe2", +}; + +char *hmac_sha512_test_keys[] = +{ + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", + "Jefe", + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19", + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", +}; + +char *hmac_sha512_test_data[] = +{ + "Hi There", + "what do ya want for nothing?", + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd", + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd", + "Test Using Larger Than Block-Size Key - Hash Key First", + "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.", +}; + +char *hmac_sha512_test_vectors[] = +{ + "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20\x3a\x12\x68\x54", + "\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0\xa3\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25\x05\x54\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8\xf0\xe6\xfd\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a\x38\xbc\xe7\x37", + "\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b\xe9\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27\x9d\x39\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e\x67\xc8\x07\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59\xe1\x32\x92\xfb", + "\xb0\xba\x46\x56\x37\x45\x8c\x69\x90\xe5\xa8\xc5\xf6\x1d\x4a\xf7\xe5\x76\xd9\x7f\xf9\x4b\x87\x2d\xe7\x6f\x80\x50\x36\x1e\xe3\xdb\xa9\x1c\xa5\xc1\x1a\xa2\x5e\xb4\xd6\x79\x27\x5c\xc5\x78\x80\x63\xa5\xf1\x97\x41\x12\x0c\x4f\x2d\xe2\xad\xeb\xeb\x10\xa2\x98\xdd", + "\x80\xb2\x42\x63\xc7\xc1\xa3\xeb\xb7\x14\x93\xc1\xdd\x7b\xe8\xb4\x9b\x46\xd1\xf4\x1b\x4a\xee\xc1\x12\x1b\x01\x37\x83\xf8\xf3\x52\x6b\x56\xd0\x37\xe0\x5f\x25\x98\xbd\x0f\xd2\x21\x5d\x6a\x1e\x52\x95\xe6\x4f\x73\xf6\x3f\x0a\xec\x8b\x91\x5a\x98\x5d\x78\x65\x98", + "\xe3\x7b\x6a\x77\x5d\xc8\x7d\xba\xa4\xdf\xa9\xf9\x6e\x5e\x3f\xfd\xde\xbd\x71\xf8\x86\x72\x89\x86\x5d\xf5\xa3\x2d\x20\xcd\xc9\x44\xb6\x02\x2c\xac\x3c\x49\x82\xb1\x0d\x5e\xeb\x55\xc3\xe4\xde\x15\x13\x46\x76\xfb\x6d\xe0\x44\x60\x65\xc9\x74\x40\xfa\x8c\x6a\x58", +}; + +char *hmac_ripemd160_test_keys[] = +{ + "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xdd\xee\xff\x01\x23\x45\x67", + "\x01\x23\x45\x67\x89\xab\xcd\xef\xfe\xdc\xba\x98\x76\x54\x32\x10\x00\x11\x22\x33", +}; + +char *hmac_ripemd160_test_data[] = +{ + "message digest", + "12345678901234567890123456789012345678901234567890123456789012345678901234567890", +}; + +char *hmac_ripemd160_test_vectors[] = +{ + "\xf8\x36\x62\xcc\x8d\x33\x9c\x22\x7e\x60\x0f\xcd\x63\x6c\x57\xd2\x57\x1b\x1c\x34", + "\x85\xf1\x64\x70\x3e\x61\xa6\x31\x31\xbe\x7e\x45\x95\x8e\x07\x94\x12\x39\x04\xf9", +}; + +char *hmac_whirlpool_test_key = +{ + "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" +}; + +char *hmac_whirlpool_test_data = +{ + "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +}; + +char *hmac_whirlpool_test_vectors = +{ + "\x03\x91\xd2\x80\x00\xb6\x62\xbb\xb8\xe6\x23\x3e\xe8\x6c\xf2\xb2\x84\x74\x4c\x73" + "\x8b\x58\x00\xba\x28\x12\xed\x52\x6f\xe3\x15\x3a\xb1\xba\xe7\xe2\x36\xbe\x96\x54" + "\x49\x3f\x19\xfa\xce\xa6\x44\x1f\x60\xf5\xf0\x18\x93\x09\x11\xa5\xe5\xce\xd8\xf2" + "\x6a\xbf\xa4\x02" +}; + +unsigned char ks_tmp[MAX_EXPANDED_KEY]; + +void CipherInit2(int cipher, void* key, void* ks, int key_len) +{ + switch (cipher) + { + + case AES: + CipherInit(cipher,key,ks); + break; + + case SERPENT: + CipherInit(cipher,key,ks); + break; + + case TWOFISH: + CipherInit(cipher,key,ks); + break; + + default: + /* Unknown/wrong ID */ + TC_THROW_FATAL_EXCEPTION; + } +} + + +BOOL TestSectorBufEncryption (PCRYPTO_INFO ci) +{ + unsigned char buf [ENCRYPTION_DATA_UNIT_SIZE * 4]; + unsigned int i; + wchar_t name[64]; + unsigned __int32 crc; + UINT64_STRUCT unitNo; + uint32 nbrUnits; + unsigned __int64 writeOffset; + int testCase = 0; + int nTestsPerformed = 0; + + static unsigned char key1[] = + { + 0x27, 0x18, 0x28, 0x18, 0x28, 0x45, 0x90, 0x45, 0x23, 0x53, 0x60, 0x28, 0x74, 0x71, 0x35, 0x26, 0x62, 0x49, 0x77, 0x57, 0x24, 0x70, 0x93, 0x69, 0x99, 0x59, 0x57, 0x49, 0x66, 0x96, 0x76, 0x27, + 0x31, 0x41, 0x59, 0x26, 0x53, 0x58, 0x97, 0x93, 0x23, 0x84, 0x62, 0x64, 0x33, 0x83, 0x27, 0x95, 0x02, 0x88, 0x41, 0x97, 0x16, 0x93, 0x99, 0x37, 0x51, 0x05, 0x82, 0x09, 0x74, 0x94, 0x45, 0x92, + 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13 + }; + + + /* Encryption/decryption of data units (typically, volume data sectors) */ + + nbrUnits = sizeof (buf) / ENCRYPTION_DATA_UNIT_SIZE; + + ci->mode = XTS; // we only implement XTS + + /* The buffer can accommodate 4 data units and we'll test 4 cases by "scrolling". The data unit 0xFFFFFFFFFF + will "move" from the start of the buffer to its end. For a 512-byte data unit, the byte offset 562949953420800 + corresponds to the data unit 0xFFFFFFFFFF. */ + for (writeOffset = 562949953420800ULL; + writeOffset > 562949953420800ULL - nbrUnits * ENCRYPTION_DATA_UNIT_SIZE; + writeOffset -= ENCRYPTION_DATA_UNIT_SIZE) + { + unitNo.Value = writeOffset / ENCRYPTION_DATA_UNIT_SIZE; + + // Test all EAs that support this mode of operation + for (ci->ea = EAGetFirst (); ci->ea != 0; ci->ea = EAGetNext (ci->ea)) + { + if (!EAIsModeSupported (ci->ea, ci->mode)) + continue; + + EAGetName (name, ci->ea, 0); + + if (EAInit (ci->ea, key1, ci->ks) != ERR_SUCCESS) + return FALSE; + + for (i = 0; i < sizeof (ci->k2); i++) + ci->k2[i] = (unsigned char) i; + + memcpy (&ci->k2, XTS_vectors[XTS_TEST_COUNT-1].key2, sizeof (XTS_vectors[XTS_TEST_COUNT-1].key2)); + + if (!EAInitMode (ci)) + return FALSE; + + // Each data unit will contain the same plaintext + for (i = 0; i < nbrUnits; i++) + { + memcpy ((unsigned char *) buf + i * ENCRYPTION_DATA_UNIT_SIZE, + XTS_vectors[XTS_TEST_COUNT-1].plaintext, + ENCRYPTION_DATA_UNIT_SIZE); + } + + EncryptDataUnits (buf, &unitNo, nbrUnits, ci); + + crc = GetCrc32 (buf, sizeof (buf)); + + if (wcscmp (name, L"AES") == 0) + { + // Verify the ciphertext of the "moving" data unit using the IEEE test vector #14 + if (memcmp (XTS_vectors[XTS_TEST_COUNT-1].ciphertext, + (unsigned char *) buf + testCase * ENCRYPTION_DATA_UNIT_SIZE, + ENCRYPTION_DATA_UNIT_SIZE) != 0) + { + return FALSE; + } + + // CRC of all data units in the buffer for each test case + switch (testCase) + { + case 0: + if (crc != 0x888f2990) + return FALSE; + nTestsPerformed++; + break; + case 1: + if (crc != 0xea28ea34) + return FALSE; + nTestsPerformed++; + break; + case 2: + if (crc != 0xe058f5a2) + return FALSE; + nTestsPerformed++; + break; + case 3: + if (crc != 0x10473dc9) + return FALSE; + nTestsPerformed++; + break; + } + } + else if (wcscmp (name, L"Serpent") == 0) + { + switch (testCase) + { + case 0: + if (crc != 0x7edfecb3) + return FALSE; + nTestsPerformed++; + break; + case 1: + if (crc != 0x357baaaa) + return FALSE; + nTestsPerformed++; + break; + case 2: + if (crc != 0xc7b9fca5) + return FALSE; + nTestsPerformed++; + break; + case 3: + if (crc != 0xb5263e0c) + return FALSE; + nTestsPerformed++; + break; + } + } + else if (wcscmp (name, L"Twofish") == 0) + { + switch (testCase) + { + case 0: + if (crc != 0x91525124) + return FALSE; + nTestsPerformed++; + break; + case 1: + if (crc != 0x2895cc47) + return FALSE; + nTestsPerformed++; + break; + case 2: + if (crc != 0x6bee346d) + return FALSE; + nTestsPerformed++; + break; + case 3: + if (crc != 0xb1c45759) + return FALSE; + nTestsPerformed++; + break; + } + } + else if (wcscmp (name, L"AES-Twofish") == 0) + { + switch (testCase) + { + case 0: + if (crc != 0x6cea7fa2) + return FALSE; + nTestsPerformed++; + break; + case 1: + if (crc != 0x69052c4c) + return FALSE; + nTestsPerformed++; + break; + case 2: + if (crc != 0x88db8de5) + return FALSE; + nTestsPerformed++; + break; + case 3: + if (crc != 0xf16fd8c5) + return FALSE; + nTestsPerformed++; + break; + } + } + else if (wcscmp (name, L"AES-Twofish-Serpent") == 0) + { + switch (testCase) + { + case 0: + if (crc != 0xa2d7d82a) + return FALSE; + nTestsPerformed++; + break; + case 1: + if (crc != 0xdbf76412) + return FALSE; + nTestsPerformed++; + break; + case 2: + if (crc != 0xdf0ea03e) + return FALSE; + nTestsPerformed++; + break; + case 3: + if (crc != 0xdadedff7) + return FALSE; + nTestsPerformed++; + break; + } + } + else if (wcscmp (name, L"Serpent-AES") == 0) + { + switch (testCase) + { + case 0: + if (crc != 0x6dd133b3) + return FALSE; + nTestsPerformed++; + break; + case 1: + if (crc != 0x0e5717d2) + return FALSE; + nTestsPerformed++; + break; + case 2: + if (crc != 0x39f83cd9) + return FALSE; + nTestsPerformed++; + break; + case 3: + if (crc != 0x8a79fa2c) + return FALSE; + nTestsPerformed++; + break; + } + } + else if (wcscmp (name, L"Serpent-Twofish-AES") == 0) + { + switch (testCase) + { + case 0: + if (crc != 0xe536daf8) + return FALSE; + nTestsPerformed++; + break; + case 1: + if (crc != 0x3ae89e7f) + return FALSE; + nTestsPerformed++; + break; + case 2: + if (crc != 0x2cc1301a) + return FALSE; + nTestsPerformed++; + break; + case 3: + if (crc != 0xcac7bdc7) + return FALSE; + nTestsPerformed++; + break; + } + } + else if (wcscmp (name, L"Twofish-Serpent") == 0) + { + switch (testCase) + { + case 0: + if (crc != 0x2686c859) + return FALSE; + nTestsPerformed++; + break; + case 1: + if (crc != 0x8a201780) + return FALSE; + nTestsPerformed++; + break; + case 2: + if (crc != 0x8dd13796) + return FALSE; + nTestsPerformed++; + break; + case 3: + if (crc != 0xe95196cb) + return FALSE; + nTestsPerformed++; + break; + } + } + + if (crc == 0x9f5edd58) + return FALSE; + + DecryptDataUnits (buf, &unitNo, nbrUnits, ci); + + if (GetCrc32 (buf, sizeof (buf)) != 0x9f5edd58) + return FALSE; + + nTestsPerformed++; + } + testCase++; + } + + /* Encryption/decryption of a buffer (typically, a volume header) */ + + nbrUnits = sizeof (buf) / ENCRYPTION_DATA_UNIT_SIZE; + + // Test all EAs that support this mode of operation + for (ci->ea = EAGetFirst (); ci->ea != 0; ci->ea = EAGetNext (ci->ea)) + { + if (!EAIsModeSupported (ci->ea, ci->mode)) + continue; + + EAGetName (name, ci->ea, 0); + + if (EAInit (ci->ea, key1, ci->ks) != ERR_SUCCESS) + return FALSE; + + memcpy (&ci->k2, XTS_vectors[XTS_TEST_COUNT-1].key2, sizeof (XTS_vectors[XTS_TEST_COUNT-1].key2)); + + if (!EAInitMode (ci)) + return FALSE; + + // Each data unit will contain the same plaintext + for (i = 0; i < nbrUnits; i++) + { + memcpy ((unsigned char *) buf + i * ENCRYPTION_DATA_UNIT_SIZE, + XTS_vectors[XTS_TEST_COUNT-1].plaintext, + ENCRYPTION_DATA_UNIT_SIZE); + } + + EncryptBuffer (buf, sizeof (buf), ci); + + crc = GetCrc32 (buf, sizeof (buf)); + + if (wcscmp (name, L"AES") == 0) + { + if (crc != 0x33b91fab) + return FALSE; + nTestsPerformed++; + } + else if (wcscmp (name, L"Serpent") == 0) + { + if (crc != 0x3494d480) + return FALSE; + nTestsPerformed++; + } + else if (wcscmp (name, L"Twofish") == 0) + { + if (crc != 0xc4d65b46) + return FALSE; + nTestsPerformed++; + } + else if (wcscmp (name, L"AES-Twofish") == 0) + { + if (crc != 0x14ce7385) + return FALSE; + nTestsPerformed++; + } + else if (wcscmp (name, L"AES-Twofish-Serpent") == 0) + { + if (crc != 0x0ec81bf7) + return FALSE; + nTestsPerformed++; + } + else if (wcscmp (name, L"Serpent-AES") == 0) + { + if (crc != 0x42f919ad) + return FALSE; + nTestsPerformed++; + } + else if (wcscmp (name, L"Serpent-Twofish-AES") == 0) + { + if (crc != 0x208d5c58) + return FALSE; + nTestsPerformed++; + } + else if (wcscmp (name, L"Twofish-Serpent") == 0) + { + if (crc != 0xbe78cec1) + return FALSE; + nTestsPerformed++; + } + + if (crc == 0x9f5edd58) + return FALSE; + + DecryptBuffer (buf, sizeof (buf), ci); + + if (GetCrc32 (buf, sizeof (buf)) != 0x9f5edd58) + return FALSE; + + nTestsPerformed++; + } + + return (nTestsPerformed == 80); +} + +static BOOL DoAutoTestAlgorithms (void) +{ + PCRYPTO_INFO ci; + char key[32]; + unsigned char tmp[16]; + BOOL bFailed = FALSE; + int i; + + ci = crypto_open (); + if (!ci) + return FALSE; + + memset (ci, 0, sizeof (*ci)); + + /* AES */ + + for (i = 0; i < AES_TEST_COUNT; i++) + { + int cipher = AES; + memcpy(key, aes_ecb_vectors[i].key, 32); + memcpy(tmp, aes_ecb_vectors[i].plaintext, 16); + CipherInit(cipher, key, ks_tmp); + + EncipherBlock(cipher, tmp, ks_tmp); + if (memcmp(aes_ecb_vectors[i].ciphertext, tmp, 16) != 0) + break; + + DecipherBlock(cipher, tmp, ks_tmp); + if (memcmp(aes_ecb_vectors[i].plaintext, tmp, 16) != 0) + break; + } + if (i != AES_TEST_COUNT) + bFailed = TRUE; + + // AES EncipherBlocks()/DecipherBlocks() + { + byte testData[1024]; + uint32 origCrc; + size_t i; + + for (i = 0; i < sizeof (testData); ++i) + { + testData[i] = (byte) i; + } + + origCrc = GetCrc32 (testData, sizeof (testData)); + + CipherInit (AES, testData, ks_tmp); + EncipherBlocks (AES, testData, ks_tmp, sizeof (testData) / CipherGetBlockSize (AES)); + + if (GetCrc32 (testData, sizeof (testData)) != 0xb5cd5631) + bFailed = TRUE; + + DecipherBlocks (AES, testData, ks_tmp, sizeof (testData) / CipherGetBlockSize (AES)); + + if (origCrc != GetCrc32 (testData, sizeof (testData))) + bFailed = TRUE; + } + + /* Serpent */ + + for (i = 0; i < SERPENT_TEST_COUNT; i++) + { + int cipher = SERPENT; + memcpy(key, serpent_vectors[i].key, 32); + memcpy(tmp, serpent_vectors[i].plaintext, 16); + CipherInit(cipher, key, ks_tmp); + + EncipherBlock(cipher, tmp, ks_tmp); + if (memcmp(serpent_vectors[i].ciphertext, tmp, 16) != 0) + break; + + DecipherBlock(cipher, tmp, ks_tmp); + if (memcmp(serpent_vectors[i].plaintext, tmp, 16) != 0) + break; + } + if (i != SERPENT_TEST_COUNT) + bFailed = TRUE; + + + /* Twofish */ + + for (i = 0; i < TWOFISH_TEST_COUNT; i++) + { + int cipher = TWOFISH; + memcpy(key, twofish_vectors[i].key, 32); + memcpy(tmp, twofish_vectors[i].plaintext, 16); + CipherInit(cipher, key, ks_tmp); + + EncipherBlock(cipher, tmp, ks_tmp); + if (memcmp(twofish_vectors[i].ciphertext, tmp, 16) != 0) + break; + + DecipherBlock(cipher, tmp, ks_tmp); + if (memcmp(twofish_vectors[i].plaintext, tmp, 16) != 0) + break; + } + if (i != TWOFISH_TEST_COUNT) + bFailed = TRUE; + + + /* PKCS #5 and HMACs */ + if (!test_pkcs5 ()) + bFailed = TRUE; + + /* CRC-32 */ + if (!crc32_selftests ()) + bFailed = TRUE; + + /* GF multiplicator */ +#if 0 + if (!GfMulSelfTest ()) + bFailed = TRUE; +#endif + + /* XTS-AES */ + if (!XTSAesTest (ci)) + bFailed = TRUE; + + /* Sector and buffer related algorithms */ + if (!TestSectorBufEncryption (ci)) + bFailed = TRUE; + + crypto_close (ci); + return !bFailed; +} + + +BOOL AutoTestAlgorithms (void) +{ + BOOL result = TRUE; + BOOL hwEncryptionEnabled = IsHwEncryptionEnabled(); + + EnableHwEncryption (FALSE); + + if (!DoAutoTestAlgorithms()) + result = FALSE; + + EnableHwEncryption (TRUE); + + if (!DoAutoTestAlgorithms()) + result = FALSE; + + EnableHwEncryption (hwEncryptionEnabled); + return result; +} + +BOOL test_hmac_sha256 () +{ + unsigned int i; + int nTestsPerformed = 0; + + for (i = 0; i < sizeof (hmac_sha256_test_data) / sizeof(char *); i++) + { + char digest[1024]; /* large enough to hold digets and test vector inputs */ + memcpy (digest, hmac_sha256_test_data[i], strlen (hmac_sha256_test_data[i])); + hmac_sha256 (hmac_sha256_test_keys[i], (int) strlen (hmac_sha256_test_keys[i]), digest, (int) strlen (hmac_sha256_test_data[i])); + if (memcmp (digest, hmac_sha256_test_vectors[i], SHA256_DIGESTSIZE) != 0) + return FALSE; + else + nTestsPerformed++; + } + + return (nTestsPerformed == 6); +} + +BOOL test_hmac_sha512 () +{ + unsigned int i; + int nTestsPerformed = 0; + + for (i = 0; i < sizeof (hmac_sha512_test_data) / sizeof(char *); i++) + { + char digest[1024]; /* large enough to hold digets and test vector inputs */ + memcpy (digest, hmac_sha512_test_data[i], (int) strlen (hmac_sha512_test_data[i])); + hmac_sha512 (hmac_sha512_test_keys[i], (int) strlen (hmac_sha512_test_keys[i]), digest, (int) strlen (hmac_sha512_test_data[i])); + if (memcmp (digest, hmac_sha512_test_vectors[i], SHA512_DIGESTSIZE) != 0) + return FALSE; + else + nTestsPerformed++; + } + + return (nTestsPerformed == 6); +} + +BOOL test_hmac_ripemd160 () +{ + int nTestsPerformed = 0; + unsigned int i; + + for (i = 0; i < sizeof (hmac_ripemd160_test_data) / sizeof(char *); i++) + { + char digest[1024]; /* large enough to hold digets and test vector inputs */ + memcpy (digest, hmac_ripemd160_test_data[i], strlen (hmac_ripemd160_test_data[i])); + hmac_ripemd160 (hmac_ripemd160_test_keys[i], RIPEMD160_DIGESTSIZE, digest, (int) strlen (hmac_ripemd160_test_data[i])); + if (memcmp (digest, hmac_ripemd160_test_vectors[i], RIPEMD160_DIGESTSIZE) != 0) + return FALSE; + else + nTestsPerformed++; + } + + return (nTestsPerformed == 2); +} + +BOOL test_hmac_whirlpool () +{ + unsigned char digest[1024]; /* large enough to hold digets and test vector inputs */ + + memcpy (digest, hmac_whirlpool_test_data, strlen (hmac_whirlpool_test_data)); + hmac_whirlpool (hmac_whirlpool_test_key, 64, digest, (int) strlen (hmac_whirlpool_test_data)); + if (memcmp (digest, hmac_whirlpool_test_vectors, WHIRLPOOL_DIGESTSIZE) != 0) + return FALSE; + + return TRUE; +} + +BOOL test_pkcs5 () +{ + char dk[144]; + + /* HMAC-SHA-256 tests */ + if (!test_hmac_sha256()) + return FALSE; + + /* HMAC-SHA-512 tests */ + if (!test_hmac_sha512()) + return FALSE; + + /* HMAC-RIPEMD-160 tests */ + if (test_hmac_ripemd160() == FALSE) + return FALSE; + + /* HMAC-Whirlpool tests */ + if (test_hmac_whirlpool() == FALSE) + return FALSE; + + /* PKCS-5 test 1 with HMAC-SHA-256 used as the PRF (https://tools.ietf.org/html/draft-josefsson-scrypt-kdf-00) */ + derive_key_sha256 ("passwd", 6, "\x73\x61\x6C\x74", 4, 1, dk, 64); + if (memcmp (dk, "\x55\xac\x04\x6e\x56\xe3\x08\x9f\xec\x16\x91\xc2\x25\x44\xb6\x05\xf9\x41\x85\x21\x6d\xde\x04\x65\xe6\x8b\x9d\x57\xc2\x0d\xac\xbc\x49\xca\x9c\xcc\xf1\x79\xb6\x45\x99\x16\x64\xb3\x9d\x77\xef\x31\x7c\x71\xb8\x45\xb1\xe3\x0b\xd5\x09\x11\x20\x41\xd3\xa1\x97\x83", 64) != 0) + return FALSE; + + /* PKCS-5 test 2 with HMAC-SHA-256 used as the PRF (https://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors) */ + derive_key_sha256 ("password", 8, "\x73\x61\x6C\x74", 4, 2, dk, 32); + if (memcmp (dk, "\xae\x4d\x0c\x95\xaf\x6b\x46\xd3\x2d\x0a\xdf\xf9\x28\xf0\x6d\xd0\x2a\x30\x3f\x8e\xf3\xc2\x51\xdf\xd6\xe2\xd8\x5a\x95\x47\x4c\x43", 32) != 0) + return FALSE; + + /* PKCS-5 test 3 with HMAC-SHA-256 used as the PRF (MS CryptoAPI) */ + derive_key_sha256 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); + if (memcmp (dk, "\xf2\xa0\x4f\xb2", 4) != 0) + return FALSE; + + /* PKCS-5 test 4 with HMAC-SHA-256 used as the PRF (MS CryptoAPI) */ + derive_key_sha256 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 144); + if (memcmp (dk, "\xf2\xa0\x4f\xb2\xd3\xe9\xa5\xd8\x51\x0b\x5c\x06\xdf\x70\x8e\x24\xe9\xc7\xd9\x15\x3d\x22\xcd\xde\xb8\xa6\xdb\xfd\x71\x85\xc6\x99\x32\xc0\xee\x37\x27\xf7\x24\xcf\xea\xa6\xac\x73\xa1\x4c\x4e\x52\x9b\x94\xf3\x54\x06\xfc\x04\x65\xa1\x0a\x24\xfe\xf0\x98\x1d\xa6\x22\x28\xeb\x24\x55\x74\xce\x6a\x3a\x28\xe2\x04\x3a\x59\x13\xec\x3f\xf2\xdb\xcf\x58\xdd\x53\xd9\xf9\x17\xf6\xda\x74\x06\x3c\x0b\x66\xf5\x0f\xf5\x58\xa3\x27\x52\x8c\x5b\x07\x91\xd0\x81\xeb\xb6\xbc\x30\x69\x42\x71\xf2\xd7\x18\x42\xbe\xe8\x02\x93\x70\x66\xad\x35\x65\xbc\xf7\x96\x8e\x64\xf1\xc6\x92\xda\xe0\xdc\x1f\xb5\xf4", 144) != 0) + return FALSE; + + /* PKCS-5 test 1 with HMAC-SHA-512 used as the PRF */ + derive_key_sha512 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); + if (memcmp (dk, "\x13\x64\xae\xf8", 4) != 0) + return FALSE; + + /* PKCS-5 test 2 with HMAC-SHA-512 used as the PRF (derives a key longer than the underlying + hash output size and block size) */ + derive_key_sha512 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 144); + if (memcmp (dk, "\x13\x64\xae\xf8\x0d\xf5\x57\x6c\x30\xd5\x71\x4c\xa7\x75\x3f\xfd\x00\xe5\x25\x8b\x39\xc7\x44\x7f\xce\x23\x3d\x08\x75\xe0\x2f\x48\xd6\x30\xd7\x00\xb6\x24\xdb\xe0\x5a\xd7\x47\xef\x52\xca\xa6\x34\x83\x47\xe5\xcb\xe9\x87\xf1\x20\x59\x6a\xe6\xa9\xcf\x51\x78\xc6\xb6\x23\xa6\x74\x0d\xe8\x91\xbe\x1a\xd0\x28\xcc\xce\x16\x98\x9a\xbe\xfb\xdc\x78\xc9\xe1\x7d\x72\x67\xce\xe1\x61\x56\x5f\x96\x68\xe6\xe1\xdd\xf4\xbf\x1b\x80\xe0\x19\x1c\xf4\xc4\xd3\xdd\xd5\xd5\x57\x2d\x83\xc7\xa3\x37\x87\xf4\x4e\xe0\xf6\xd8\x6d\x65\xdc\xa0\x52\xa3\x13\xbe\x81\xfc\x30\xbe\x7d\x69\x58\x34\xb6\xdd\x41\xc6", 144) != 0) + return FALSE; + + /* PKCS-5 test 1 with HMAC-RIPEMD-160 used as the PRF */ + derive_key_ripemd160 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); + if (memcmp (dk, "\x7a\x3d\x7c\x03", 4) != 0) + return FALSE; + + /* PKCS-5 test 2 with HMAC-RIPEMD-160 used as the PRF (derives a key longer than the underlying hash) */ + derive_key_ripemd160 ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 48); + if (memcmp (dk, "\x7a\x3d\x7c\x03\xe7\x26\x6b\xf8\x3d\x78\xfb\x29\xd2\x64\x1f\x56\xea\xf0\xe5\xf5\xcc\xc4\x3a\x31\xa8\x84\x70\xbf\xbd\x6f\x8e\x78\x24\x5a\xc0\x0a\xf6\xfa\xf0\xf6\xe9\x00\x47\x5f\x73\xce\xe1\x43", 48) != 0) + return FALSE; + + /* PKCS-5 test 1 with HMAC-Whirlpool used as the PRF */ + derive_key_whirlpool ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 4); + if (memcmp (dk, "\x50\x7c\x36\x6f", 4) != 0) + return FALSE; + + /* PKCS-5 test 2 with HMAC-Whirlpool used as the PRF (derives a key longer than the underlying hash) */ + derive_key_whirlpool ("password", 8, "\x12\x34\x56\x78", 4, 5, dk, 96); + if (memcmp (dk, "\x50\x7c\x36\x6f\xee\x10\x2e\x9a\xe2\x8a\xd5\x82\x72\x7d\x27\x0f\xe8\x4d\x7f\x68\x7a\xcf\xb5\xe7\x43\x67\xaa\x98\x93\x52\x2b\x09\x6e\x42\xdf\x2c\x59\x4a\x91\x6d\x7e\x10\xae\xb2\x1a\x89\x8f\xb9\x8f\xe6\x31\xa9\xd8\x9f\x98\x26\xf4\xda\xcd\x7d\x65\x65\xde\x10\x95\x91\xb4\x84\x26\xae\x43\xa1\x00\x5b\x1e\xb8\x38\x97\xa4\x1e\x4b\xd2\x65\x64\xbc\xfa\x1f\x35\x85\xdb\x4f\x97\x65\x6f\xbd\x24", 96) != 0) + return FALSE; + + return TRUE; +} diff --git a/src/Common/Tests.h b/src/Common/Tests.h index 6cb335b2..5e56ff55 100644 --- a/src/Common/Tests.h +++ b/src/Common/Tests.h @@ -1,31 +1,31 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifdef __cplusplus -extern "C" { -#endif - -extern unsigned char ks_tmp[MAX_EXPANDED_KEY]; - -void CipherInit2(int cipher, void* key, void* ks, int key_len); -BOOL test_hmac_sha512 (void); -BOOL test_hmac_ripemd160 (void); -BOOL test_hmac_whirlpool (void); -BOOL test_pkcs5 (void); -BOOL TestSectorBufEncryption (); -BOOL TestLegacySectorBufEncryption (); -BOOL AutoTestAlgorithms (void); - -#ifdef __cplusplus -} -#endif +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifdef __cplusplus +extern "C" { +#endif + +extern unsigned char ks_tmp[MAX_EXPANDED_KEY]; + +void CipherInit2(int cipher, void* key, void* ks, int key_len); +BOOL test_hmac_sha512 (void); +BOOL test_hmac_ripemd160 (void); +BOOL test_hmac_whirlpool (void); +BOOL test_pkcs5 (void); +BOOL TestSectorBufEncryption (); +BOOL TestLegacySectorBufEncryption (); +BOOL AutoTestAlgorithms (void); + +#ifdef __cplusplus +} +#endif diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c index 955c7e48..d2a54b5c 100644 --- a/src/Common/Volumes.c +++ b/src/Common/Volumes.c @@ -1,1270 +1,1270 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" - -#ifndef TC_WINDOWS_BOOT -#include -#include -#include -#include -#include "EncryptionThreadPool.h" -#endif - -#include -#include -#include - -#ifndef DEVICE_DRIVER -#include "Random.h" -#endif - -#include "Crc.h" -#include "Crypto.h" -#include "Endian.h" -#include "Volumes.h" -#include "Pkcs5.h" - -#ifdef _WIN32 -#include -#include "../Boot/Windows/BootCommon.h" -#endif - -/* Volume header v5 structure (used since TrueCrypt 7.0): */ -// -// Offset Length Description -// ------------------------------------------ -// Unencrypted: -// 0 64 Salt -// Encrypted: -// 64 4 ASCII string 'VERA' -// 68 2 Header version -// 70 2 Required program version -// 72 4 CRC-32 checksum of the (decrypted) bytes 256-511 -// 76 16 Reserved (must contain zeroes) -// 92 8 Size of hidden volume in bytes (0 = normal volume) -// 100 8 Size of the volume in bytes (identical with field 92 for hidden volumes, valid if field 70 >= 0x600 or flag bit 0 == 1) -// 108 8 Byte offset of the start of the master key scope (valid if field 70 >= 0x600 or flag bit 0 == 1) -// 116 8 Size of the encrypted area within the master key scope (valid if field 70 >= 0x600 or flag bit 0 == 1) -// 124 4 Flags: bit 0 set = system encryption; bit 1 set = non-system in-place encryption, bits 2-31 are reserved (set to zero) -// 128 4 Sector size in bytes -// 132 120 Reserved (must contain zeroes) -// 252 4 CRC-32 checksum of the (decrypted) bytes 64-251 -// 256 256 Concatenated primary master key(s) and secondary master key(s) (XTS mode) - - -/* Deprecated/legacy volume header v4 structure (used by TrueCrypt 6.x): */ -// -// Offset Length Description -// ------------------------------------------ -// Unencrypted: -// 0 64 Salt -// Encrypted: -// 64 4 ASCII string 'VERA' -// 68 2 Header version -// 70 2 Required program version -// 72 4 CRC-32 checksum of the (decrypted) bytes 256-511 -// 76 16 Reserved (must contain zeroes) -// 92 8 Size of hidden volume in bytes (0 = normal volume) -// 100 8 Size of the volume in bytes (identical with field 92 for hidden volumes, valid if field 70 >= 0x600 or flag bit 0 == 1) -// 108 8 Byte offset of the start of the master key scope (valid if field 70 >= 0x600 or flag bit 0 == 1) -// 116 8 Size of the encrypted area within the master key scope (valid if field 70 >= 0x600 or flag bit 0 == 1) -// 124 4 Flags: bit 0 set = system encryption; bit 1 set = non-system in-place encryption, bits 2-31 are reserved -// 128 124 Reserved (must contain zeroes) -// 252 4 CRC-32 checksum of the (decrypted) bytes 64-251 -// 256 256 Concatenated primary master key(s) and secondary master key(s) (XTS mode) - - -/* Deprecated/legacy volume header v3 structure (used by TrueCrypt 5.x): */ -// -// Offset Length Description -// ------------------------------------------ -// Unencrypted: -// 0 64 Salt -// Encrypted: -// 64 4 ASCII string 'VERA' -// 68 2 Header version -// 70 2 Required program version -// 72 4 CRC-32 checksum of the (decrypted) bytes 256-511 -// 76 8 Volume creation time -// 84 8 Header creation time -// 92 8 Size of hidden volume in bytes (0 = normal volume) -// 100 8 Size of the volume in bytes (identical with field 92 for hidden volumes) -// 108 8 Start byte offset of the encrypted area of the volume -// 116 8 Size of the encrypted area of the volume in bytes -// 124 132 Reserved (must contain zeroes) -// 256 256 Concatenated primary master key(s) and secondary master key(s) (XTS mode) - - -/* Deprecated/legacy volume header v2 structure (used before TrueCrypt 5.0): */ -// -// Offset Length Description -// ------------------------------------------ -// Unencrypted: -// 0 64 Salt -// Encrypted: -// 64 4 ASCII string 'VERA' -// 68 2 Header version -// 70 2 Required program version -// 72 4 CRC-32 checksum of the (decrypted) bytes 256-511 -// 76 8 Volume creation time -// 84 8 Header creation time -// 92 8 Size of hidden volume in bytes (0 = normal volume) -// 100 156 Reserved (must contain zeroes) -// 256 32 For LRW (deprecated/legacy), secondary key -// For CBC (deprecated/legacy), data used to generate IV and whitening values -// 288 224 Master key(s) - - - -uint16 GetHeaderField16 (byte *header, int offset) -{ - return BE16 (*(uint16 *) (header + offset)); -} - - -uint32 GetHeaderField32 (byte *header, int offset) -{ - return BE32 (*(uint32 *) (header + offset)); -} - - -UINT64_STRUCT GetHeaderField64 (byte *header, int offset) -{ - UINT64_STRUCT uint64Struct; - -#ifndef TC_NO_COMPILER_INT64 - uint64Struct.Value = BE64 (*(uint64 *) (header + offset)); -#else - uint64Struct.HighPart = BE32 (*(uint32 *) (header + offset)); - uint64Struct.LowPart = BE32 (*(uint32 *) (header + offset + 4)); -#endif - return uint64Struct; -} - - -#ifndef TC_WINDOWS_BOOT - -typedef struct -{ - char DerivedKey[MASTER_KEYDATA_SIZE]; - BOOL Free; - LONG KeyReady; - int Pkcs5Prf; -} KeyDerivationWorkItem; - - -BOOL ReadVolumeHeaderRecoveryMode = FALSE; - -int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo) -{ - char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; - CRYPTOPP_ALIGN_DATA(16) KEY_INFO keyInfo; - PCRYPTO_INFO cryptoInfo; - char dk[MASTER_KEYDATA_SIZE]; - int enqPkcs5Prf, pkcs5_prf; - uint16 headerVersion; - int status = ERR_PARAMETER_INCORRECT; - int primaryKeyOffset; - - TC_EVENT keyDerivationCompletedEvent; - TC_EVENT noOutstandingWorkItemEvent; - KeyDerivationWorkItem *keyDerivationWorkItems; - KeyDerivationWorkItem *item; - int pkcs5PrfCount = LAST_PRF_ID - FIRST_PRF_ID + 1; - size_t encryptionThreadCount = GetEncryptionThreadCount(); - size_t queuedWorkItems = 0; - LONG outstandingWorkItemCount = 0; - int i; - - // if no PIM specified, use default value - if (pim < 0) - pim = 0; - - if (truecryptMode) - { - // SHA-256 not supported in TrueCrypt mode - if (selected_pkcs5_prf == SHA256) - return ERR_PARAMETER_INCORRECT; - pkcs5PrfCount--; // don't count SHA-256 in case of TrueCrypt mode - } - - if (retHeaderCryptoInfo != NULL) - { - cryptoInfo = retHeaderCryptoInfo; - } - else - { - if (!retInfo) - return ERR_PARAMETER_INCORRECT; - - cryptoInfo = *retInfo = crypto_open (); - if (cryptoInfo == NULL) - return ERR_OUTOFMEMORY; - } - - /* use thread pool only if no PRF was specified */ - if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1)) - { - keyDerivationWorkItems = TCalloc (sizeof (KeyDerivationWorkItem) * pkcs5PrfCount); - if (!keyDerivationWorkItems) - return ERR_OUTOFMEMORY; - - for (i = 0; i < pkcs5PrfCount; ++i) - keyDerivationWorkItems[i].Free = TRUE; - -#ifdef DEVICE_DRIVER - KeInitializeEvent (&keyDerivationCompletedEvent, SynchronizationEvent, FALSE); - KeInitializeEvent (&noOutstandingWorkItemEvent, SynchronizationEvent, TRUE); -#else - keyDerivationCompletedEvent = CreateEvent (NULL, FALSE, FALSE, NULL); - if (!keyDerivationCompletedEvent) - { - TCfree (keyDerivationWorkItems); - return ERR_OUTOFMEMORY; - } - - noOutstandingWorkItemEvent = CreateEvent (NULL, FALSE, TRUE, NULL); - if (!noOutstandingWorkItemEvent) - { - CloseHandle (keyDerivationCompletedEvent); - TCfree (keyDerivationWorkItems); - return ERR_OUTOFMEMORY; - } -#endif - } - -#ifndef DEVICE_DRIVER - VirtualLock (&keyInfo, sizeof (keyInfo)); - VirtualLock (&dk, sizeof (dk)); -#endif - - crypto_loadkey (&keyInfo, password->Text, (int) password->Length); - - // PKCS5 is used to derive the primary header key(s) and secondary header key(s) (XTS mode) from the password - memcpy (keyInfo.salt, encryptedHeader + HEADER_SALT_OFFSET, PKCS5_SALT_SIZE); - - // Test all available PKCS5 PRFs - for (enqPkcs5Prf = FIRST_PRF_ID; enqPkcs5Prf <= LAST_PRF_ID || queuedWorkItems > 0; ++enqPkcs5Prf) - { - // if a PRF is specified, we skip all other PRFs - if (selected_pkcs5_prf != 0 && enqPkcs5Prf != selected_pkcs5_prf) - continue; - - // skip SHA-256 in case of TrueCrypt mode - if (truecryptMode && (enqPkcs5Prf == SHA256)) - continue; - - if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1)) - { - // Enqueue key derivation on thread pool - if (queuedWorkItems < encryptionThreadCount && enqPkcs5Prf <= LAST_PRF_ID) - { - for (i = 0; i < pkcs5PrfCount; ++i) - { - item = &keyDerivationWorkItems[i]; - if (item->Free) - { - item->Free = FALSE; - item->KeyReady = FALSE; - item->Pkcs5Prf = enqPkcs5Prf; - - EncryptionThreadPoolBeginKeyDerivation (&keyDerivationCompletedEvent, &noOutstandingWorkItemEvent, - &item->KeyReady, &outstandingWorkItemCount, enqPkcs5Prf, keyInfo.userKey, - keyInfo.keyLength, keyInfo.salt, get_pkcs5_iteration_count (enqPkcs5Prf, pim, truecryptMode, bBoot), item->DerivedKey); - - ++queuedWorkItems; - break; - } - } - - if (enqPkcs5Prf < LAST_PRF_ID) - continue; - } - else - --enqPkcs5Prf; - - // Wait for completion of a key derivation - while (queuedWorkItems > 0) - { - for (i = 0; i < pkcs5PrfCount; ++i) - { - item = &keyDerivationWorkItems[i]; - if (!item->Free && InterlockedExchangeAdd (&item->KeyReady, 0) == TRUE) - { - pkcs5_prf = item->Pkcs5Prf; - keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, pim, truecryptMode, bBoot); - memcpy (dk, item->DerivedKey, sizeof (dk)); - - item->Free = TRUE; - --queuedWorkItems; - goto KeyReady; - } - } - - if (queuedWorkItems > 0) - TC_WAIT_EVENT (keyDerivationCompletedEvent); - } - continue; -KeyReady: ; - } - else - { - pkcs5_prf = enqPkcs5Prf; - keyInfo.noIterations = get_pkcs5_iteration_count (enqPkcs5Prf, pim, truecryptMode, bBoot); - - switch (pkcs5_prf) - { - case RIPEMD160: - derive_key_ripemd160 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, - PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); - break; - - case SHA512: - derive_key_sha512 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, - PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); - break; - - case WHIRLPOOL: - derive_key_whirlpool (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, - PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); - break; - - case SHA256: - derive_key_sha256 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, - PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); - break; - - default: - // Unknown/wrong ID - TC_THROW_FATAL_EXCEPTION; - } - } - - // Test all available modes of operation - for (cryptoInfo->mode = FIRST_MODE_OF_OPERATION_ID; - cryptoInfo->mode <= LAST_MODE_OF_OPERATION; - cryptoInfo->mode++) - { - switch (cryptoInfo->mode) - { - - default: - primaryKeyOffset = 0; - } - - // Test all available encryption algorithms - for (cryptoInfo->ea = EAGetFirst (); - cryptoInfo->ea != 0; - cryptoInfo->ea = EAGetNext (cryptoInfo->ea)) - { - int blockSize; - - if (!EAIsModeSupported (cryptoInfo->ea, cryptoInfo->mode)) - continue; // This encryption algorithm has never been available with this mode of operation - - blockSize = CipherGetBlockSize (EAGetFirstCipher (cryptoInfo->ea)); - - status = EAInit (cryptoInfo->ea, dk + primaryKeyOffset, cryptoInfo->ks); - if (status == ERR_CIPHER_INIT_FAILURE) - goto err; - - // Init objects related to the mode of operation - - if (cryptoInfo->mode == XTS) - { - // Copy the secondary key (if cascade, multiple concatenated) - memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); - - // Secondary key schedule - if (!EAInitMode (cryptoInfo)) - { - status = ERR_MODE_INIT_FAILED; - goto err; - } - } - else - { - continue; - } - - // Copy the header for decryption - memcpy (header, encryptedHeader, sizeof (header)); - - // Try to decrypt header - - DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); - - // Magic 'VERA' or 'TRUE' depending if we are in TrueCrypt mode or not - if ((truecryptMode && GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x54525545) - || (!truecryptMode && GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241) - ) - continue; - - // Header version - headerVersion = GetHeaderField16 (header, TC_HEADER_OFFSET_VERSION); - - if (headerVersion > VOLUME_HEADER_VERSION) - { - status = ERR_NEW_VERSION_REQUIRED; - goto err; - } - - // Check CRC of the header fields - if (!ReadVolumeHeaderRecoveryMode - && headerVersion >= 4 - && GetHeaderField32 (header, TC_HEADER_OFFSET_HEADER_CRC) != GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC)) - continue; - - // Required program version - cryptoInfo->RequiredProgramVersion = GetHeaderField16 (header, TC_HEADER_OFFSET_REQUIRED_VERSION); - if (truecryptMode) - { - if (cryptoInfo->RequiredProgramVersion < 0x600 || cryptoInfo->RequiredProgramVersion > 0x71a) - { - status = ERR_UNSUPPORTED_TRUECRYPT_FORMAT | (((int)cryptoInfo->RequiredProgramVersion) << 16); - goto err; - } - cryptoInfo->LegacyVolume = FALSE; - } - else - cryptoInfo->LegacyVolume = cryptoInfo->RequiredProgramVersion < 0x10b; - - // Check CRC of the key set - if (!ReadVolumeHeaderRecoveryMode - && GetHeaderField32 (header, TC_HEADER_OFFSET_KEY_AREA_CRC) != GetCrc32 (header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE)) - continue; - - // Now we have the correct password, cipher, hash algorithm, and volume type - - // Check the version required to handle this volume - if (!truecryptMode && (cryptoInfo->RequiredProgramVersion > VERSION_NUM)) - { - status = ERR_NEW_VERSION_REQUIRED; - goto err; - } - - // Header version - cryptoInfo->HeaderVersion = headerVersion; - - // Volume creation time (legacy) - cryptoInfo->volume_creation_time = GetHeaderField64 (header, TC_HEADER_OFFSET_VOLUME_CREATION_TIME).Value; - - // Header creation time (legacy) - cryptoInfo->header_creation_time = GetHeaderField64 (header, TC_HEADER_OFFSET_MODIFICATION_TIME).Value; - - // Hidden volume size (if any) - cryptoInfo->hiddenVolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_HIDDEN_VOLUME_SIZE).Value; - - // Hidden volume status - cryptoInfo->hiddenVolume = (cryptoInfo->hiddenVolumeSize != 0); - - // Volume size - cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_VOLUME_SIZE); - - // Encrypted area size and length - cryptoInfo->EncryptedAreaStart = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_START); - cryptoInfo->EncryptedAreaLength = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH); - - // Flags - cryptoInfo->HeaderFlags = GetHeaderField32 (header, TC_HEADER_OFFSET_FLAGS); - - // Sector size - if (headerVersion >= 5) - cryptoInfo->SectorSize = GetHeaderField32 (header, TC_HEADER_OFFSET_SECTOR_SIZE); - else - cryptoInfo->SectorSize = TC_SECTOR_SIZE_LEGACY; - - if (cryptoInfo->SectorSize < TC_MIN_VOLUME_SECTOR_SIZE - || cryptoInfo->SectorSize > TC_MAX_VOLUME_SECTOR_SIZE - || cryptoInfo->SectorSize % ENCRYPTION_DATA_UNIT_SIZE != 0) - { - status = ERR_PARAMETER_INCORRECT; - goto err; - } - - // Preserve scheduled header keys if requested - if (retHeaderCryptoInfo) - { - if (retInfo == NULL) - { - cryptoInfo->pkcs5 = pkcs5_prf; - cryptoInfo->noIterations = keyInfo.noIterations; - cryptoInfo->bTrueCryptMode = truecryptMode; - cryptoInfo->volumePim = pim; - goto ret; - } - - cryptoInfo = *retInfo = crypto_open (); - if (cryptoInfo == NULL) - { - status = ERR_OUTOFMEMORY; - goto err; - } - - memcpy (cryptoInfo, retHeaderCryptoInfo, sizeof (*cryptoInfo)); - } - - // Master key data - memcpy (keyInfo.master_keydata, header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE); - memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE); - - // PKCS #5 - memcpy (cryptoInfo->salt, keyInfo.salt, PKCS5_SALT_SIZE); - cryptoInfo->pkcs5 = pkcs5_prf; - cryptoInfo->noIterations = keyInfo.noIterations; - cryptoInfo->bTrueCryptMode = truecryptMode; - cryptoInfo->volumePim = pim; - - // Init the cipher with the decrypted master key - status = EAInit (cryptoInfo->ea, keyInfo.master_keydata + primaryKeyOffset, cryptoInfo->ks); - if (status == ERR_CIPHER_INIT_FAILURE) - goto err; - - switch (cryptoInfo->mode) - { - - default: - // The secondary master key (if cascade, multiple concatenated) - memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); - - } - - if (!EAInitMode (cryptoInfo)) - { - status = ERR_MODE_INIT_FAILED; - goto err; - } - - status = ERR_SUCCESS; - goto ret; - } - } - } - status = ERR_PASSWORD_WRONG; - -err: - if (cryptoInfo != retHeaderCryptoInfo) - { - crypto_close(cryptoInfo); - *retInfo = NULL; - } - -ret: - burn (&keyInfo, sizeof (keyInfo)); - burn (dk, sizeof(dk)); - -#ifndef DEVICE_DRIVER - VirtualUnlock (&keyInfo, sizeof (keyInfo)); - VirtualUnlock (&dk, sizeof (dk)); -#endif - - if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1)) - { - TC_WAIT_EVENT (noOutstandingWorkItemEvent); - - burn (keyDerivationWorkItems, sizeof (KeyDerivationWorkItem) * pkcs5PrfCount); - TCfree (keyDerivationWorkItems); - -#ifndef DEVICE_DRIVER - CloseHandle (keyDerivationCompletedEvent); - CloseHandle (noOutstandingWorkItemEvent); -#endif - } - - return status; -} - -#ifdef _WIN32 -void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderSize, byte* fingerprint) -{ - // compute Whirlpool+SHA512 fingerprint of bootloader including MBR - // we skip user configuration fields: - // TC_BOOT_SECTOR_PIM_VALUE_OFFSET = 400 - // TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET = 402 - // => TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE = 4 - // TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = 406 - // => TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH = 24 - // TC_BOOT_SECTOR_USER_CONFIG_OFFSET = 438 - // - // we have: TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE - - WHIRLPOOL_CTX whirlpool; - sha512_ctx sha2; - - WHIRLPOOL_init (&whirlpool); - sha512_begin (&sha2); - - WHIRLPOOL_add (bootLoaderBuf, TC_BOOT_SECTOR_PIM_VALUE_OFFSET * 8, &whirlpool); - sha512_hash (bootLoaderBuf, TC_BOOT_SECTOR_PIM_VALUE_OFFSET, &sha2); - - WHIRLPOOL_add (bootLoaderBuf + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)) * 8, &whirlpool); - sha512_hash (bootLoaderBuf + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)), &sha2); - - WHIRLPOOL_add (bootLoaderBuf + TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1, (TC_MAX_MBR_BOOT_CODE_SIZE - (TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1)) * 8, &whirlpool); - sha512_hash (bootLoaderBuf + TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1, (TC_MAX_MBR_BOOT_CODE_SIZE - (TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1)), &sha2); - - WHIRLPOOL_add (bootLoaderBuf + TC_SECTOR_SIZE_BIOS, (bootLoaderSize - TC_SECTOR_SIZE_BIOS) * 8, &whirlpool); - sha512_hash (bootLoaderBuf + TC_SECTOR_SIZE_BIOS, (bootLoaderSize - TC_SECTOR_SIZE_BIOS), &sha2); - - WHIRLPOOL_finalize (&whirlpool, fingerprint); - sha512_end (&fingerprint [WHIRLPOOL_DIGESTSIZE], &sha2); -} -#endif - -#else // TC_WINDOWS_BOOT - -int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo) -{ -#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - char dk[32 * 2]; // 2 * 256-bit key -#else - char dk[32 * 2 * 3]; // 6 * 256-bit key -#endif - - PCRYPTO_INFO cryptoInfo; - int status = ERR_SUCCESS; - uint32 iterations = pim; - iterations <<= 16; - iterations |= bBoot; - - if (retHeaderCryptoInfo != NULL) - cryptoInfo = retHeaderCryptoInfo; - else - cryptoInfo = *retInfo = crypto_open (); - - // PKCS5 PRF -#ifdef TC_WINDOWS_BOOT_SHA2 - derive_key_sha256 (password->Text, (int) password->Length, header + HEADER_SALT_OFFSET, - PKCS5_SALT_SIZE, iterations, dk, sizeof (dk)); -#else - derive_key_ripemd160 (password->Text, (int) password->Length, header + HEADER_SALT_OFFSET, - PKCS5_SALT_SIZE, iterations, dk, sizeof (dk)); -#endif - - // Mode of operation - cryptoInfo->mode = FIRST_MODE_OF_OPERATION_ID; - -#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - cryptoInfo->ea = 1; -#else - // Test all available encryption algorithms - for (cryptoInfo->ea = EAGetFirst (); cryptoInfo->ea != 0; cryptoInfo->ea = EAGetNext (cryptoInfo->ea)) -#endif - { -#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - #if defined (TC_WINDOWS_BOOT_SERPENT) - serpent_set_key (dk, cryptoInfo->ks); - #elif defined (TC_WINDOWS_BOOT_TWOFISH) - twofish_set_key ((TwofishInstance *) cryptoInfo->ks, (const u4byte *) dk); - #else - status = EAInit (dk, cryptoInfo->ks); - if (status == ERR_CIPHER_INIT_FAILURE) - goto err; - #endif -#else - status = EAInit (cryptoInfo->ea, dk, cryptoInfo->ks); - if (status == ERR_CIPHER_INIT_FAILURE) - goto err; -#endif - // Secondary key schedule -#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - #if defined (TC_WINDOWS_BOOT_SERPENT) - serpent_set_key (dk + 32, cryptoInfo->ks2); - #elif defined (TC_WINDOWS_BOOT_TWOFISH) - twofish_set_key ((TwofishInstance *)cryptoInfo->ks2, (const u4byte *) (dk + 32)); - #else - EAInit (dk + 32, cryptoInfo->ks2); - #endif -#else - EAInit (cryptoInfo->ea, dk + EAGetKeySize (cryptoInfo->ea), cryptoInfo->ks2); -#endif - - // Try to decrypt header - DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); - - // Check magic 'VERA' and CRC-32 of header fields and master keydata - if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241 - || (GetHeaderField16 (header, TC_HEADER_OFFSET_VERSION) >= 4 && GetHeaderField32 (header, TC_HEADER_OFFSET_HEADER_CRC) != GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC)) - || GetHeaderField32 (header, TC_HEADER_OFFSET_KEY_AREA_CRC) != GetCrc32 (header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE)) - { - EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); -#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - status = ERR_PASSWORD_WRONG; - goto err; -#else - continue; -#endif - } - - // Header decrypted - status = 0; - - // Hidden volume status - cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_HIDDEN_VOLUME_SIZE); - cryptoInfo->hiddenVolume = (cryptoInfo->VolumeSize.LowPart != 0 || cryptoInfo->VolumeSize.HighPart != 0); - - // Volume size - cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_VOLUME_SIZE); - - // Encrypted area size and length - cryptoInfo->EncryptedAreaStart = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_START); - cryptoInfo->EncryptedAreaLength = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH); - - // Flags - cryptoInfo->HeaderFlags = GetHeaderField32 (header, TC_HEADER_OFFSET_FLAGS); - -#ifdef TC_WINDOWS_BOOT_SHA2 - cryptoInfo->pkcs5 = SHA256; -#else - cryptoInfo->pkcs5 = RIPEMD160; -#endif - - memcpy (dk, header + HEADER_MASTER_KEYDATA_OFFSET, sizeof (dk)); - EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); - - if (retHeaderCryptoInfo) - goto ret; - - // Init the encryption algorithm with the decrypted master key -#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - #if defined (TC_WINDOWS_BOOT_SERPENT) - serpent_set_key (dk, cryptoInfo->ks); - #elif defined (TC_WINDOWS_BOOT_TWOFISH) - twofish_set_key ((TwofishInstance *) cryptoInfo->ks, (const u4byte *) dk); - #else - status = EAInit (dk, cryptoInfo->ks); - if (status == ERR_CIPHER_INIT_FAILURE) - goto err; - #endif -#else - status = EAInit (cryptoInfo->ea, dk, cryptoInfo->ks); - if (status == ERR_CIPHER_INIT_FAILURE) - goto err; -#endif - - // The secondary master key (if cascade, multiple concatenated) -#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE - #if defined (TC_WINDOWS_BOOT_SERPENT) - serpent_set_key (dk + 32, cryptoInfo->ks2); - #elif defined (TC_WINDOWS_BOOT_TWOFISH) - twofish_set_key ((TwofishInstance *)cryptoInfo->ks2, (const u4byte *) (dk + 32)); - #else - EAInit (dk + 32, cryptoInfo->ks2); - #endif -#else - EAInit (cryptoInfo->ea, dk + EAGetKeySize (cryptoInfo->ea), cryptoInfo->ks2); -#endif - goto ret; - } - - status = ERR_PASSWORD_WRONG; - -err: - if (cryptoInfo != retHeaderCryptoInfo) - { - crypto_close(cryptoInfo); - *retInfo = NULL; - } - -ret: - burn (dk, sizeof(dk)); - return status; -} - -#endif // TC_WINDOWS_BOOT - - -#if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT) - -#ifdef VOLFORMAT -# include "../Format/TcFormat.h" -# include "Dlgcode.h" -#endif - -// Creates a volume header in memory -int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, int mode, Password *password, - int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, - unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, - unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode) -{ - unsigned char *p = (unsigned char *) header; - static CRYPTOPP_ALIGN_DATA(16) KEY_INFO keyInfo; - - int nUserKeyLen = password->Length; - PCRYPTO_INFO cryptoInfo = crypto_open (); - static char dk[MASTER_KEYDATA_SIZE]; - int x; - int retVal = 0; - int primaryKeyOffset; - - if (cryptoInfo == NULL) - return ERR_OUTOFMEMORY; - - // if no PIM specified, use default value - if (pim < 0) - pim = 0; - - memset (header, 0, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - - VirtualLock (&keyInfo, sizeof (keyInfo)); - VirtualLock (&dk, sizeof (dk)); - - /* Encryption setup */ - - if (masterKeydata == NULL) - { - // We have no master key data (creating a new volume) so we'll use the TrueCrypt RNG to generate them - - int bytesNeeded; - - switch (mode) - { - - default: - bytesNeeded = EAGetKeySize (ea) * 2; // Size of primary + secondary key(s) - } - - if (!RandgetBytes (hwndDlg, keyInfo.master_keydata, bytesNeeded, TRUE)) - return ERR_CIPHER_INIT_WEAK_KEY; - } - else - { - // We already have existing master key data (the header is being re-encrypted) - memcpy (keyInfo.master_keydata, masterKeydata, MASTER_KEYDATA_SIZE); - } - - // User key - memcpy (keyInfo.userKey, password->Text, nUserKeyLen); - keyInfo.keyLength = nUserKeyLen; - keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, pim, FALSE, bBoot); - - // User selected encryption algorithm - cryptoInfo->ea = ea; - - // User selected PRF - cryptoInfo->pkcs5 = pkcs5_prf; - cryptoInfo->bTrueCryptMode = FALSE; - cryptoInfo->noIterations = keyInfo.noIterations; - cryptoInfo->volumePim = pim; - - // Mode of operation - cryptoInfo->mode = mode; - - // Salt for header key derivation - if (!RandgetBytes (hwndDlg, keyInfo.salt, PKCS5_SALT_SIZE, !bWipeMode)) - return ERR_CIPHER_INIT_WEAK_KEY; - - // PBKDF2 (PKCS5) is used to derive primary header key(s) and secondary header key(s) (XTS) from the password/keyfiles - switch (pkcs5_prf) - { - case SHA512: - derive_key_sha512 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, - PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); - break; - - case SHA256: - derive_key_sha256 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, - PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); - break; - - case RIPEMD160: - derive_key_ripemd160 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, - PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); - break; - - case WHIRLPOOL: - derive_key_whirlpool (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, - PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); - break; - - default: - // Unknown/wrong ID - TC_THROW_FATAL_EXCEPTION; - } - - /* Header setup */ - - // Salt - mputBytes (p, keyInfo.salt, PKCS5_SALT_SIZE); - - // Magic - mputLong (p, 0x56455241); - - // Header version - mputWord (p, VOLUME_HEADER_VERSION); - cryptoInfo->HeaderVersion = VOLUME_HEADER_VERSION; - - // Required program version to handle this volume - mputWord (p, requiredProgramVersion != 0 ? requiredProgramVersion : TC_VOLUME_MIN_REQUIRED_PROGRAM_VERSION); - - // CRC of the master key data - x = GetCrc32(keyInfo.master_keydata, MASTER_KEYDATA_SIZE); - mputLong (p, x); - - // Reserved fields - p += 2 * 8; - - // Size of hidden volume (if any) - cryptoInfo->hiddenVolumeSize = hiddenVolumeSize; - mputInt64 (p, cryptoInfo->hiddenVolumeSize); - - cryptoInfo->hiddenVolume = cryptoInfo->hiddenVolumeSize != 0; - - // Volume size - cryptoInfo->VolumeSize.Value = volumeSize; - mputInt64 (p, volumeSize); - - // Encrypted area start - cryptoInfo->EncryptedAreaStart.Value = encryptedAreaStart; - mputInt64 (p, encryptedAreaStart); - - // Encrypted area size - cryptoInfo->EncryptedAreaLength.Value = encryptedAreaLength; - mputInt64 (p, encryptedAreaLength); - - // Flags - cryptoInfo->HeaderFlags = headerFlags; - mputLong (p, headerFlags); - - // Sector size - if (sectorSize < TC_MIN_VOLUME_SECTOR_SIZE - || sectorSize > TC_MAX_VOLUME_SECTOR_SIZE - || sectorSize % ENCRYPTION_DATA_UNIT_SIZE != 0) - { - TC_THROW_FATAL_EXCEPTION; - } - - cryptoInfo->SectorSize = sectorSize; - mputLong (p, sectorSize); - - // CRC of the header fields - x = GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC); - p = header + TC_HEADER_OFFSET_HEADER_CRC; - mputLong (p, x); - - // The master key data - memcpy (header + HEADER_MASTER_KEYDATA_OFFSET, keyInfo.master_keydata, MASTER_KEYDATA_SIZE); - - - /* Header encryption */ - - switch (mode) - { - - default: - // The secondary key (if cascade, multiple concatenated) - memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); - primaryKeyOffset = 0; - } - - retVal = EAInit (cryptoInfo->ea, dk + primaryKeyOffset, cryptoInfo->ks); - if (retVal != ERR_SUCCESS) - return retVal; - - // Mode of operation - if (!EAInitMode (cryptoInfo)) - return ERR_OUTOFMEMORY; - - - // Encrypt the entire header (except the salt) - EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, - HEADER_ENCRYPTED_DATA_SIZE, - cryptoInfo); - - - /* cryptoInfo setup for further use (disk format) */ - - // Init with the master key(s) - retVal = EAInit (cryptoInfo->ea, keyInfo.master_keydata + primaryKeyOffset, cryptoInfo->ks); - if (retVal != ERR_SUCCESS) - return retVal; - - memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE); - - switch (cryptoInfo->mode) - { - - default: - // The secondary master key (if cascade, multiple concatenated) - memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); - } - - // Mode of operation - if (!EAInitMode (cryptoInfo)) - return ERR_OUTOFMEMORY; - - -#ifdef VOLFORMAT - if (!bInPlaceEncNonSys && (showKeys || (bBoot && !masterKeydata))) - { - BOOL dots3 = FALSE; - int i, j; - - j = EAGetKeySize (ea); - - if (j > NBR_KEY_BYTES_TO_DISPLAY) - { - dots3 = TRUE; - j = NBR_KEY_BYTES_TO_DISPLAY; - } - - MasterKeyGUIView[0] = 0; - for (i = 0; i < j; i++) - { - wchar_t tmp2[8] = {0}; - StringCchPrintfW (tmp2, ARRAYSIZE(tmp2), L"%02X", (int) (unsigned char) keyInfo.master_keydata[i + primaryKeyOffset]); - StringCchCatW (MasterKeyGUIView, ARRAYSIZE(MasterKeyGUIView), tmp2); - } - - HeaderKeyGUIView[0] = 0; - for (i = 0; i < NBR_KEY_BYTES_TO_DISPLAY; i++) - { - wchar_t tmp2[8]; - StringCchPrintfW (tmp2, ARRAYSIZE(tmp2), L"%02X", (int) (unsigned char) dk[primaryKeyOffset + i]); - StringCchCatW (HeaderKeyGUIView, ARRAYSIZE(HeaderKeyGUIView), tmp2); - } - - if (dots3) - { - DisplayPortionsOfKeys (hHeaderKey, hMasterKey, HeaderKeyGUIView, MasterKeyGUIView, !showKeys); - } - else - { - SendMessage (hMasterKey, WM_SETTEXT, 0, (LPARAM) MasterKeyGUIView); - SendMessage (hHeaderKey, WM_SETTEXT, 0, (LPARAM) HeaderKeyGUIView); - } - } -#endif // #ifdef VOLFORMAT - - burn (dk, sizeof(dk)); - burn (&keyInfo, sizeof (keyInfo)); - - *retInfo = cryptoInfo; - return 0; -} - - -BOOL ReadEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header, DWORD *bytesRead) -{ -#if TC_VOLUME_HEADER_EFFECTIVE_SIZE > TC_MAX_VOLUME_SECTOR_SIZE -#error TC_VOLUME_HEADER_EFFECTIVE_SIZE > TC_MAX_VOLUME_SECTOR_SIZE -#endif - - byte sectorBuffer[TC_MAX_VOLUME_SECTOR_SIZE]; - DISK_GEOMETRY geometry; - - if (!device) - return ReadFile (fileHandle, header, TC_VOLUME_HEADER_EFFECTIVE_SIZE, bytesRead, NULL); - - if (!DeviceIoControl (fileHandle, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &geometry, sizeof (geometry), bytesRead, NULL)) - return FALSE; - - if (geometry.BytesPerSector > sizeof (sectorBuffer) || geometry.BytesPerSector < TC_MIN_VOLUME_SECTOR_SIZE) - { - SetLastError (ERROR_INVALID_PARAMETER); - return FALSE; - } - - if (!ReadFile (fileHandle, sectorBuffer, max (TC_VOLUME_HEADER_EFFECTIVE_SIZE, geometry.BytesPerSector), bytesRead, NULL)) - return FALSE; - - memcpy (header, sectorBuffer, min (*bytesRead, TC_VOLUME_HEADER_EFFECTIVE_SIZE)); - - if (*bytesRead > TC_VOLUME_HEADER_EFFECTIVE_SIZE) - *bytesRead = TC_VOLUME_HEADER_EFFECTIVE_SIZE; - - return TRUE; -} - - -BOOL WriteEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header) -{ -#if TC_VOLUME_HEADER_EFFECTIVE_SIZE > TC_MAX_VOLUME_SECTOR_SIZE -#error TC_VOLUME_HEADER_EFFECTIVE_SIZE > TC_MAX_VOLUME_SECTOR_SIZE -#endif - - byte sectorBuffer[TC_MAX_VOLUME_SECTOR_SIZE]; - DWORD bytesDone; - DISK_GEOMETRY geometry; - - if (!device) - { - if (!WriteFile (fileHandle, header, TC_VOLUME_HEADER_EFFECTIVE_SIZE, &bytesDone, NULL)) - return FALSE; - - if (bytesDone != TC_VOLUME_HEADER_EFFECTIVE_SIZE) - { - SetLastError (ERROR_INVALID_PARAMETER); - return FALSE; - } - - return TRUE; - } - - if (!DeviceIoControl (fileHandle, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &geometry, sizeof (geometry), &bytesDone, NULL)) - return FALSE; - - if (geometry.BytesPerSector > sizeof (sectorBuffer) || geometry.BytesPerSector < TC_MIN_VOLUME_SECTOR_SIZE) - { - SetLastError (ERROR_INVALID_PARAMETER); - return FALSE; - } - - if (geometry.BytesPerSector != TC_VOLUME_HEADER_EFFECTIVE_SIZE) - { - LARGE_INTEGER seekOffset; - - if (!ReadFile (fileHandle, sectorBuffer, geometry.BytesPerSector, &bytesDone, NULL)) - return FALSE; - - if (bytesDone != geometry.BytesPerSector) - { - SetLastError (ERROR_INVALID_PARAMETER); - return FALSE; - } - - seekOffset.QuadPart = -(int) bytesDone; - if (!SetFilePointerEx (fileHandle, seekOffset, NULL, FILE_CURRENT)) - return FALSE; - } - - memcpy (sectorBuffer, header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - - if (!WriteFile (fileHandle, sectorBuffer, geometry.BytesPerSector, &bytesDone, NULL)) - return FALSE; - - if (bytesDone != geometry.BytesPerSector) - { - SetLastError (ERROR_INVALID_PARAMETER); - return FALSE; - } - - return TRUE; -} - - -// Writes randomly generated data to unused/reserved header areas. -// When bPrimaryOnly is TRUE, then only the primary header area (not the backup header area) is filled with random data. -// When bBackupOnly is TRUE, only the backup header area (not the primary header area) is filled with random data. -int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO *cryptoInfo, uint64 dataAreaSize, BOOL bPrimaryOnly, BOOL bBackupOnly) -{ - char temporaryKey[MASTER_KEYDATA_SIZE]; - char originalK2[MASTER_KEYDATA_SIZE]; - - byte buf[TC_VOLUME_HEADER_GROUP_SIZE]; - - LARGE_INTEGER offset; - int nStatus = ERR_SUCCESS; - DWORD dwError; - DWORD bytesDone; - BOOL backupHeaders = bBackupOnly; - - if (bPrimaryOnly && bBackupOnly) - TC_THROW_FATAL_EXCEPTION; - - memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2)); - - while (TRUE) - { - // Temporary keys - if (!RandgetBytes (hwndDlg, temporaryKey, EAGetKeySize (cryptoInfo->ea), FALSE) - || !RandgetBytes (hwndDlg, cryptoInfo->k2, sizeof (cryptoInfo->k2), FALSE)) - { - nStatus = ERR_PARAMETER_INCORRECT; - goto final_seq; - } - - nStatus = EAInit (cryptoInfo->ea, temporaryKey, cryptoInfo->ks); - if (nStatus != ERR_SUCCESS) - goto final_seq; - - if (!EAInitMode (cryptoInfo)) - { - nStatus = ERR_MODE_INIT_FAILED; - goto final_seq; - } - - offset.QuadPart = backupHeaders ? dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE : TC_VOLUME_HEADER_OFFSET; - - if (!SetFilePointerEx (dev, offset, NULL, FILE_BEGIN)) - { - nStatus = ERR_OS_ERROR; - goto final_seq; - } - - if (!ReadFile (dev, buf, sizeof (buf), &bytesDone, NULL)) - { - nStatus = ERR_OS_ERROR; - goto final_seq; - } - - if (bytesDone < TC_VOLUME_HEADER_EFFECTIVE_SIZE) - { - SetLastError (ERROR_INVALID_PARAMETER); - nStatus = ERR_OS_ERROR; - goto final_seq; - } - - EncryptBuffer (buf + TC_VOLUME_HEADER_EFFECTIVE_SIZE, sizeof (buf) - TC_VOLUME_HEADER_EFFECTIVE_SIZE, cryptoInfo); - - if (!SetFilePointerEx (dev, offset, NULL, FILE_BEGIN)) - { - nStatus = ERR_OS_ERROR; - goto final_seq; - } - - if (!WriteFile (dev, buf, sizeof (buf), &bytesDone, NULL)) - { - nStatus = ERR_OS_ERROR; - goto final_seq; - } - - if (bytesDone != sizeof (buf)) - { - nStatus = ERR_PARAMETER_INCORRECT; - goto final_seq; - } - - if (backupHeaders || bPrimaryOnly) - break; - - backupHeaders = TRUE; - } - - memcpy (cryptoInfo->k2, originalK2, sizeof (cryptoInfo->k2)); - - nStatus = EAInit (cryptoInfo->ea, cryptoInfo->master_keydata, cryptoInfo->ks); - if (nStatus != ERR_SUCCESS) - goto final_seq; - - if (!EAInitMode (cryptoInfo)) - { - nStatus = ERR_MODE_INIT_FAILED; - goto final_seq; - } - -final_seq: - - dwError = GetLastError(); - - burn (temporaryKey, sizeof (temporaryKey)); - burn (originalK2, sizeof (originalK2)); - - if (nStatus != ERR_SUCCESS) - SetLastError (dwError); - - return nStatus; -} - -#endif // !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT) +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" + +#ifndef TC_WINDOWS_BOOT +#include +#include +#include +#include +#include "EncryptionThreadPool.h" +#endif + +#include +#include +#include + +#ifndef DEVICE_DRIVER +#include "Random.h" +#endif + +#include "Crc.h" +#include "Crypto.h" +#include "Endian.h" +#include "Volumes.h" +#include "Pkcs5.h" + +#ifdef _WIN32 +#include +#include "../Boot/Windows/BootCommon.h" +#endif + +/* Volume header v5 structure (used since TrueCrypt 7.0): */ +// +// Offset Length Description +// ------------------------------------------ +// Unencrypted: +// 0 64 Salt +// Encrypted: +// 64 4 ASCII string 'VERA' +// 68 2 Header version +// 70 2 Required program version +// 72 4 CRC-32 checksum of the (decrypted) bytes 256-511 +// 76 16 Reserved (must contain zeroes) +// 92 8 Size of hidden volume in bytes (0 = normal volume) +// 100 8 Size of the volume in bytes (identical with field 92 for hidden volumes, valid if field 70 >= 0x600 or flag bit 0 == 1) +// 108 8 Byte offset of the start of the master key scope (valid if field 70 >= 0x600 or flag bit 0 == 1) +// 116 8 Size of the encrypted area within the master key scope (valid if field 70 >= 0x600 or flag bit 0 == 1) +// 124 4 Flags: bit 0 set = system encryption; bit 1 set = non-system in-place encryption, bits 2-31 are reserved (set to zero) +// 128 4 Sector size in bytes +// 132 120 Reserved (must contain zeroes) +// 252 4 CRC-32 checksum of the (decrypted) bytes 64-251 +// 256 256 Concatenated primary master key(s) and secondary master key(s) (XTS mode) + + +/* Deprecated/legacy volume header v4 structure (used by TrueCrypt 6.x): */ +// +// Offset Length Description +// ------------------------------------------ +// Unencrypted: +// 0 64 Salt +// Encrypted: +// 64 4 ASCII string 'VERA' +// 68 2 Header version +// 70 2 Required program version +// 72 4 CRC-32 checksum of the (decrypted) bytes 256-511 +// 76 16 Reserved (must contain zeroes) +// 92 8 Size of hidden volume in bytes (0 = normal volume) +// 100 8 Size of the volume in bytes (identical with field 92 for hidden volumes, valid if field 70 >= 0x600 or flag bit 0 == 1) +// 108 8 Byte offset of the start of the master key scope (valid if field 70 >= 0x600 or flag bit 0 == 1) +// 116 8 Size of the encrypted area within the master key scope (valid if field 70 >= 0x600 or flag bit 0 == 1) +// 124 4 Flags: bit 0 set = system encryption; bit 1 set = non-system in-place encryption, bits 2-31 are reserved +// 128 124 Reserved (must contain zeroes) +// 252 4 CRC-32 checksum of the (decrypted) bytes 64-251 +// 256 256 Concatenated primary master key(s) and secondary master key(s) (XTS mode) + + +/* Deprecated/legacy volume header v3 structure (used by TrueCrypt 5.x): */ +// +// Offset Length Description +// ------------------------------------------ +// Unencrypted: +// 0 64 Salt +// Encrypted: +// 64 4 ASCII string 'VERA' +// 68 2 Header version +// 70 2 Required program version +// 72 4 CRC-32 checksum of the (decrypted) bytes 256-511 +// 76 8 Volume creation time +// 84 8 Header creation time +// 92 8 Size of hidden volume in bytes (0 = normal volume) +// 100 8 Size of the volume in bytes (identical with field 92 for hidden volumes) +// 108 8 Start byte offset of the encrypted area of the volume +// 116 8 Size of the encrypted area of the volume in bytes +// 124 132 Reserved (must contain zeroes) +// 256 256 Concatenated primary master key(s) and secondary master key(s) (XTS mode) + + +/* Deprecated/legacy volume header v2 structure (used before TrueCrypt 5.0): */ +// +// Offset Length Description +// ------------------------------------------ +// Unencrypted: +// 0 64 Salt +// Encrypted: +// 64 4 ASCII string 'VERA' +// 68 2 Header version +// 70 2 Required program version +// 72 4 CRC-32 checksum of the (decrypted) bytes 256-511 +// 76 8 Volume creation time +// 84 8 Header creation time +// 92 8 Size of hidden volume in bytes (0 = normal volume) +// 100 156 Reserved (must contain zeroes) +// 256 32 For LRW (deprecated/legacy), secondary key +// For CBC (deprecated/legacy), data used to generate IV and whitening values +// 288 224 Master key(s) + + + +uint16 GetHeaderField16 (byte *header, int offset) +{ + return BE16 (*(uint16 *) (header + offset)); +} + + +uint32 GetHeaderField32 (byte *header, int offset) +{ + return BE32 (*(uint32 *) (header + offset)); +} + + +UINT64_STRUCT GetHeaderField64 (byte *header, int offset) +{ + UINT64_STRUCT uint64Struct; + +#ifndef TC_NO_COMPILER_INT64 + uint64Struct.Value = BE64 (*(uint64 *) (header + offset)); +#else + uint64Struct.HighPart = BE32 (*(uint32 *) (header + offset)); + uint64Struct.LowPart = BE32 (*(uint32 *) (header + offset + 4)); +#endif + return uint64Struct; +} + + +#ifndef TC_WINDOWS_BOOT + +typedef struct +{ + char DerivedKey[MASTER_KEYDATA_SIZE]; + BOOL Free; + LONG KeyReady; + int Pkcs5Prf; +} KeyDerivationWorkItem; + + +BOOL ReadVolumeHeaderRecoveryMode = FALSE; + +int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo) +{ + char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; + CRYPTOPP_ALIGN_DATA(16) KEY_INFO keyInfo; + PCRYPTO_INFO cryptoInfo; + char dk[MASTER_KEYDATA_SIZE]; + int enqPkcs5Prf, pkcs5_prf; + uint16 headerVersion; + int status = ERR_PARAMETER_INCORRECT; + int primaryKeyOffset; + + TC_EVENT keyDerivationCompletedEvent; + TC_EVENT noOutstandingWorkItemEvent; + KeyDerivationWorkItem *keyDerivationWorkItems; + KeyDerivationWorkItem *item; + int pkcs5PrfCount = LAST_PRF_ID - FIRST_PRF_ID + 1; + size_t encryptionThreadCount = GetEncryptionThreadCount(); + size_t queuedWorkItems = 0; + LONG outstandingWorkItemCount = 0; + int i; + + // if no PIM specified, use default value + if (pim < 0) + pim = 0; + + if (truecryptMode) + { + // SHA-256 not supported in TrueCrypt mode + if (selected_pkcs5_prf == SHA256) + return ERR_PARAMETER_INCORRECT; + pkcs5PrfCount--; // don't count SHA-256 in case of TrueCrypt mode + } + + if (retHeaderCryptoInfo != NULL) + { + cryptoInfo = retHeaderCryptoInfo; + } + else + { + if (!retInfo) + return ERR_PARAMETER_INCORRECT; + + cryptoInfo = *retInfo = crypto_open (); + if (cryptoInfo == NULL) + return ERR_OUTOFMEMORY; + } + + /* use thread pool only if no PRF was specified */ + if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1)) + { + keyDerivationWorkItems = TCalloc (sizeof (KeyDerivationWorkItem) * pkcs5PrfCount); + if (!keyDerivationWorkItems) + return ERR_OUTOFMEMORY; + + for (i = 0; i < pkcs5PrfCount; ++i) + keyDerivationWorkItems[i].Free = TRUE; + +#ifdef DEVICE_DRIVER + KeInitializeEvent (&keyDerivationCompletedEvent, SynchronizationEvent, FALSE); + KeInitializeEvent (&noOutstandingWorkItemEvent, SynchronizationEvent, TRUE); +#else + keyDerivationCompletedEvent = CreateEvent (NULL, FALSE, FALSE, NULL); + if (!keyDerivationCompletedEvent) + { + TCfree (keyDerivationWorkItems); + return ERR_OUTOFMEMORY; + } + + noOutstandingWorkItemEvent = CreateEvent (NULL, FALSE, TRUE, NULL); + if (!noOutstandingWorkItemEvent) + { + CloseHandle (keyDerivationCompletedEvent); + TCfree (keyDerivationWorkItems); + return ERR_OUTOFMEMORY; + } +#endif + } + +#ifndef DEVICE_DRIVER + VirtualLock (&keyInfo, sizeof (keyInfo)); + VirtualLock (&dk, sizeof (dk)); +#endif + + crypto_loadkey (&keyInfo, password->Text, (int) password->Length); + + // PKCS5 is used to derive the primary header key(s) and secondary header key(s) (XTS mode) from the password + memcpy (keyInfo.salt, encryptedHeader + HEADER_SALT_OFFSET, PKCS5_SALT_SIZE); + + // Test all available PKCS5 PRFs + for (enqPkcs5Prf = FIRST_PRF_ID; enqPkcs5Prf <= LAST_PRF_ID || queuedWorkItems > 0; ++enqPkcs5Prf) + { + // if a PRF is specified, we skip all other PRFs + if (selected_pkcs5_prf != 0 && enqPkcs5Prf != selected_pkcs5_prf) + continue; + + // skip SHA-256 in case of TrueCrypt mode + if (truecryptMode && (enqPkcs5Prf == SHA256)) + continue; + + if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1)) + { + // Enqueue key derivation on thread pool + if (queuedWorkItems < encryptionThreadCount && enqPkcs5Prf <= LAST_PRF_ID) + { + for (i = 0; i < pkcs5PrfCount; ++i) + { + item = &keyDerivationWorkItems[i]; + if (item->Free) + { + item->Free = FALSE; + item->KeyReady = FALSE; + item->Pkcs5Prf = enqPkcs5Prf; + + EncryptionThreadPoolBeginKeyDerivation (&keyDerivationCompletedEvent, &noOutstandingWorkItemEvent, + &item->KeyReady, &outstandingWorkItemCount, enqPkcs5Prf, keyInfo.userKey, + keyInfo.keyLength, keyInfo.salt, get_pkcs5_iteration_count (enqPkcs5Prf, pim, truecryptMode, bBoot), item->DerivedKey); + + ++queuedWorkItems; + break; + } + } + + if (enqPkcs5Prf < LAST_PRF_ID) + continue; + } + else + --enqPkcs5Prf; + + // Wait for completion of a key derivation + while (queuedWorkItems > 0) + { + for (i = 0; i < pkcs5PrfCount; ++i) + { + item = &keyDerivationWorkItems[i]; + if (!item->Free && InterlockedExchangeAdd (&item->KeyReady, 0) == TRUE) + { + pkcs5_prf = item->Pkcs5Prf; + keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, pim, truecryptMode, bBoot); + memcpy (dk, item->DerivedKey, sizeof (dk)); + + item->Free = TRUE; + --queuedWorkItems; + goto KeyReady; + } + } + + if (queuedWorkItems > 0) + TC_WAIT_EVENT (keyDerivationCompletedEvent); + } + continue; +KeyReady: ; + } + else + { + pkcs5_prf = enqPkcs5Prf; + keyInfo.noIterations = get_pkcs5_iteration_count (enqPkcs5Prf, pim, truecryptMode, bBoot); + + switch (pkcs5_prf) + { + case RIPEMD160: + derive_key_ripemd160 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, + PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); + break; + + case SHA512: + derive_key_sha512 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, + PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); + break; + + case WHIRLPOOL: + derive_key_whirlpool (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, + PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); + break; + + case SHA256: + derive_key_sha256 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, + PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); + break; + + default: + // Unknown/wrong ID + TC_THROW_FATAL_EXCEPTION; + } + } + + // Test all available modes of operation + for (cryptoInfo->mode = FIRST_MODE_OF_OPERATION_ID; + cryptoInfo->mode <= LAST_MODE_OF_OPERATION; + cryptoInfo->mode++) + { + switch (cryptoInfo->mode) + { + + default: + primaryKeyOffset = 0; + } + + // Test all available encryption algorithms + for (cryptoInfo->ea = EAGetFirst (); + cryptoInfo->ea != 0; + cryptoInfo->ea = EAGetNext (cryptoInfo->ea)) + { + int blockSize; + + if (!EAIsModeSupported (cryptoInfo->ea, cryptoInfo->mode)) + continue; // This encryption algorithm has never been available with this mode of operation + + blockSize = CipherGetBlockSize (EAGetFirstCipher (cryptoInfo->ea)); + + status = EAInit (cryptoInfo->ea, dk + primaryKeyOffset, cryptoInfo->ks); + if (status == ERR_CIPHER_INIT_FAILURE) + goto err; + + // Init objects related to the mode of operation + + if (cryptoInfo->mode == XTS) + { + // Copy the secondary key (if cascade, multiple concatenated) + memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); + + // Secondary key schedule + if (!EAInitMode (cryptoInfo)) + { + status = ERR_MODE_INIT_FAILED; + goto err; + } + } + else + { + continue; + } + + // Copy the header for decryption + memcpy (header, encryptedHeader, sizeof (header)); + + // Try to decrypt header + + DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); + + // Magic 'VERA' or 'TRUE' depending if we are in TrueCrypt mode or not + if ((truecryptMode && GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x54525545) + || (!truecryptMode && GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241) + ) + continue; + + // Header version + headerVersion = GetHeaderField16 (header, TC_HEADER_OFFSET_VERSION); + + if (headerVersion > VOLUME_HEADER_VERSION) + { + status = ERR_NEW_VERSION_REQUIRED; + goto err; + } + + // Check CRC of the header fields + if (!ReadVolumeHeaderRecoveryMode + && headerVersion >= 4 + && GetHeaderField32 (header, TC_HEADER_OFFSET_HEADER_CRC) != GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC)) + continue; + + // Required program version + cryptoInfo->RequiredProgramVersion = GetHeaderField16 (header, TC_HEADER_OFFSET_REQUIRED_VERSION); + if (truecryptMode) + { + if (cryptoInfo->RequiredProgramVersion < 0x600 || cryptoInfo->RequiredProgramVersion > 0x71a) + { + status = ERR_UNSUPPORTED_TRUECRYPT_FORMAT | (((int)cryptoInfo->RequiredProgramVersion) << 16); + goto err; + } + cryptoInfo->LegacyVolume = FALSE; + } + else + cryptoInfo->LegacyVolume = cryptoInfo->RequiredProgramVersion < 0x10b; + + // Check CRC of the key set + if (!ReadVolumeHeaderRecoveryMode + && GetHeaderField32 (header, TC_HEADER_OFFSET_KEY_AREA_CRC) != GetCrc32 (header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE)) + continue; + + // Now we have the correct password, cipher, hash algorithm, and volume type + + // Check the version required to handle this volume + if (!truecryptMode && (cryptoInfo->RequiredProgramVersion > VERSION_NUM)) + { + status = ERR_NEW_VERSION_REQUIRED; + goto err; + } + + // Header version + cryptoInfo->HeaderVersion = headerVersion; + + // Volume creation time (legacy) + cryptoInfo->volume_creation_time = GetHeaderField64 (header, TC_HEADER_OFFSET_VOLUME_CREATION_TIME).Value; + + // Header creation time (legacy) + cryptoInfo->header_creation_time = GetHeaderField64 (header, TC_HEADER_OFFSET_MODIFICATION_TIME).Value; + + // Hidden volume size (if any) + cryptoInfo->hiddenVolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_HIDDEN_VOLUME_SIZE).Value; + + // Hidden volume status + cryptoInfo->hiddenVolume = (cryptoInfo->hiddenVolumeSize != 0); + + // Volume size + cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_VOLUME_SIZE); + + // Encrypted area size and length + cryptoInfo->EncryptedAreaStart = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_START); + cryptoInfo->EncryptedAreaLength = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH); + + // Flags + cryptoInfo->HeaderFlags = GetHeaderField32 (header, TC_HEADER_OFFSET_FLAGS); + + // Sector size + if (headerVersion >= 5) + cryptoInfo->SectorSize = GetHeaderField32 (header, TC_HEADER_OFFSET_SECTOR_SIZE); + else + cryptoInfo->SectorSize = TC_SECTOR_SIZE_LEGACY; + + if (cryptoInfo->SectorSize < TC_MIN_VOLUME_SECTOR_SIZE + || cryptoInfo->SectorSize > TC_MAX_VOLUME_SECTOR_SIZE + || cryptoInfo->SectorSize % ENCRYPTION_DATA_UNIT_SIZE != 0) + { + status = ERR_PARAMETER_INCORRECT; + goto err; + } + + // Preserve scheduled header keys if requested + if (retHeaderCryptoInfo) + { + if (retInfo == NULL) + { + cryptoInfo->pkcs5 = pkcs5_prf; + cryptoInfo->noIterations = keyInfo.noIterations; + cryptoInfo->bTrueCryptMode = truecryptMode; + cryptoInfo->volumePim = pim; + goto ret; + } + + cryptoInfo = *retInfo = crypto_open (); + if (cryptoInfo == NULL) + { + status = ERR_OUTOFMEMORY; + goto err; + } + + memcpy (cryptoInfo, retHeaderCryptoInfo, sizeof (*cryptoInfo)); + } + + // Master key data + memcpy (keyInfo.master_keydata, header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE); + memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE); + + // PKCS #5 + memcpy (cryptoInfo->salt, keyInfo.salt, PKCS5_SALT_SIZE); + cryptoInfo->pkcs5 = pkcs5_prf; + cryptoInfo->noIterations = keyInfo.noIterations; + cryptoInfo->bTrueCryptMode = truecryptMode; + cryptoInfo->volumePim = pim; + + // Init the cipher with the decrypted master key + status = EAInit (cryptoInfo->ea, keyInfo.master_keydata + primaryKeyOffset, cryptoInfo->ks); + if (status == ERR_CIPHER_INIT_FAILURE) + goto err; + + switch (cryptoInfo->mode) + { + + default: + // The secondary master key (if cascade, multiple concatenated) + memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); + + } + + if (!EAInitMode (cryptoInfo)) + { + status = ERR_MODE_INIT_FAILED; + goto err; + } + + status = ERR_SUCCESS; + goto ret; + } + } + } + status = ERR_PASSWORD_WRONG; + +err: + if (cryptoInfo != retHeaderCryptoInfo) + { + crypto_close(cryptoInfo); + *retInfo = NULL; + } + +ret: + burn (&keyInfo, sizeof (keyInfo)); + burn (dk, sizeof(dk)); + +#ifndef DEVICE_DRIVER + VirtualUnlock (&keyInfo, sizeof (keyInfo)); + VirtualUnlock (&dk, sizeof (dk)); +#endif + + if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1)) + { + TC_WAIT_EVENT (noOutstandingWorkItemEvent); + + burn (keyDerivationWorkItems, sizeof (KeyDerivationWorkItem) * pkcs5PrfCount); + TCfree (keyDerivationWorkItems); + +#ifndef DEVICE_DRIVER + CloseHandle (keyDerivationCompletedEvent); + CloseHandle (noOutstandingWorkItemEvent); +#endif + } + + return status; +} + +#ifdef _WIN32 +void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderSize, byte* fingerprint) +{ + // compute Whirlpool+SHA512 fingerprint of bootloader including MBR + // we skip user configuration fields: + // TC_BOOT_SECTOR_PIM_VALUE_OFFSET = 400 + // TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET = 402 + // => TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE = 4 + // TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = 406 + // => TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH = 24 + // TC_BOOT_SECTOR_USER_CONFIG_OFFSET = 438 + // + // we have: TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE + + WHIRLPOOL_CTX whirlpool; + sha512_ctx sha2; + + WHIRLPOOL_init (&whirlpool); + sha512_begin (&sha2); + + WHIRLPOOL_add (bootLoaderBuf, TC_BOOT_SECTOR_PIM_VALUE_OFFSET * 8, &whirlpool); + sha512_hash (bootLoaderBuf, TC_BOOT_SECTOR_PIM_VALUE_OFFSET, &sha2); + + WHIRLPOOL_add (bootLoaderBuf + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)) * 8, &whirlpool); + sha512_hash (bootLoaderBuf + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)), &sha2); + + WHIRLPOOL_add (bootLoaderBuf + TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1, (TC_MAX_MBR_BOOT_CODE_SIZE - (TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1)) * 8, &whirlpool); + sha512_hash (bootLoaderBuf + TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1, (TC_MAX_MBR_BOOT_CODE_SIZE - (TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1)), &sha2); + + WHIRLPOOL_add (bootLoaderBuf + TC_SECTOR_SIZE_BIOS, (bootLoaderSize - TC_SECTOR_SIZE_BIOS) * 8, &whirlpool); + sha512_hash (bootLoaderBuf + TC_SECTOR_SIZE_BIOS, (bootLoaderSize - TC_SECTOR_SIZE_BIOS), &sha2); + + WHIRLPOOL_finalize (&whirlpool, fingerprint); + sha512_end (&fingerprint [WHIRLPOOL_DIGESTSIZE], &sha2); +} +#endif + +#else // TC_WINDOWS_BOOT + +int ReadVolumeHeader (BOOL bBoot, char *header, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo) +{ +#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + char dk[32 * 2]; // 2 * 256-bit key +#else + char dk[32 * 2 * 3]; // 6 * 256-bit key +#endif + + PCRYPTO_INFO cryptoInfo; + int status = ERR_SUCCESS; + uint32 iterations = pim; + iterations <<= 16; + iterations |= bBoot; + + if (retHeaderCryptoInfo != NULL) + cryptoInfo = retHeaderCryptoInfo; + else + cryptoInfo = *retInfo = crypto_open (); + + // PKCS5 PRF +#ifdef TC_WINDOWS_BOOT_SHA2 + derive_key_sha256 (password->Text, (int) password->Length, header + HEADER_SALT_OFFSET, + PKCS5_SALT_SIZE, iterations, dk, sizeof (dk)); +#else + derive_key_ripemd160 (password->Text, (int) password->Length, header + HEADER_SALT_OFFSET, + PKCS5_SALT_SIZE, iterations, dk, sizeof (dk)); +#endif + + // Mode of operation + cryptoInfo->mode = FIRST_MODE_OF_OPERATION_ID; + +#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + cryptoInfo->ea = 1; +#else + // Test all available encryption algorithms + for (cryptoInfo->ea = EAGetFirst (); cryptoInfo->ea != 0; cryptoInfo->ea = EAGetNext (cryptoInfo->ea)) +#endif + { +#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + #if defined (TC_WINDOWS_BOOT_SERPENT) + serpent_set_key (dk, cryptoInfo->ks); + #elif defined (TC_WINDOWS_BOOT_TWOFISH) + twofish_set_key ((TwofishInstance *) cryptoInfo->ks, (const u4byte *) dk); + #else + status = EAInit (dk, cryptoInfo->ks); + if (status == ERR_CIPHER_INIT_FAILURE) + goto err; + #endif +#else + status = EAInit (cryptoInfo->ea, dk, cryptoInfo->ks); + if (status == ERR_CIPHER_INIT_FAILURE) + goto err; +#endif + // Secondary key schedule +#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + #if defined (TC_WINDOWS_BOOT_SERPENT) + serpent_set_key (dk + 32, cryptoInfo->ks2); + #elif defined (TC_WINDOWS_BOOT_TWOFISH) + twofish_set_key ((TwofishInstance *)cryptoInfo->ks2, (const u4byte *) (dk + 32)); + #else + EAInit (dk + 32, cryptoInfo->ks2); + #endif +#else + EAInit (cryptoInfo->ea, dk + EAGetKeySize (cryptoInfo->ea), cryptoInfo->ks2); +#endif + + // Try to decrypt header + DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); + + // Check magic 'VERA' and CRC-32 of header fields and master keydata + if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241 + || (GetHeaderField16 (header, TC_HEADER_OFFSET_VERSION) >= 4 && GetHeaderField32 (header, TC_HEADER_OFFSET_HEADER_CRC) != GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC)) + || GetHeaderField32 (header, TC_HEADER_OFFSET_KEY_AREA_CRC) != GetCrc32 (header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE)) + { + EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); +#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + status = ERR_PASSWORD_WRONG; + goto err; +#else + continue; +#endif + } + + // Header decrypted + status = 0; + + // Hidden volume status + cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_HIDDEN_VOLUME_SIZE); + cryptoInfo->hiddenVolume = (cryptoInfo->VolumeSize.LowPart != 0 || cryptoInfo->VolumeSize.HighPart != 0); + + // Volume size + cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_VOLUME_SIZE); + + // Encrypted area size and length + cryptoInfo->EncryptedAreaStart = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_START); + cryptoInfo->EncryptedAreaLength = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH); + + // Flags + cryptoInfo->HeaderFlags = GetHeaderField32 (header, TC_HEADER_OFFSET_FLAGS); + +#ifdef TC_WINDOWS_BOOT_SHA2 + cryptoInfo->pkcs5 = SHA256; +#else + cryptoInfo->pkcs5 = RIPEMD160; +#endif + + memcpy (dk, header + HEADER_MASTER_KEYDATA_OFFSET, sizeof (dk)); + EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); + + if (retHeaderCryptoInfo) + goto ret; + + // Init the encryption algorithm with the decrypted master key +#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + #if defined (TC_WINDOWS_BOOT_SERPENT) + serpent_set_key (dk, cryptoInfo->ks); + #elif defined (TC_WINDOWS_BOOT_TWOFISH) + twofish_set_key ((TwofishInstance *) cryptoInfo->ks, (const u4byte *) dk); + #else + status = EAInit (dk, cryptoInfo->ks); + if (status == ERR_CIPHER_INIT_FAILURE) + goto err; + #endif +#else + status = EAInit (cryptoInfo->ea, dk, cryptoInfo->ks); + if (status == ERR_CIPHER_INIT_FAILURE) + goto err; +#endif + + // The secondary master key (if cascade, multiple concatenated) +#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE + #if defined (TC_WINDOWS_BOOT_SERPENT) + serpent_set_key (dk + 32, cryptoInfo->ks2); + #elif defined (TC_WINDOWS_BOOT_TWOFISH) + twofish_set_key ((TwofishInstance *)cryptoInfo->ks2, (const u4byte *) (dk + 32)); + #else + EAInit (dk + 32, cryptoInfo->ks2); + #endif +#else + EAInit (cryptoInfo->ea, dk + EAGetKeySize (cryptoInfo->ea), cryptoInfo->ks2); +#endif + goto ret; + } + + status = ERR_PASSWORD_WRONG; + +err: + if (cryptoInfo != retHeaderCryptoInfo) + { + crypto_close(cryptoInfo); + *retInfo = NULL; + } + +ret: + burn (dk, sizeof(dk)); + return status; +} + +#endif // TC_WINDOWS_BOOT + + +#if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT) + +#ifdef VOLFORMAT +# include "../Format/TcFormat.h" +# include "Dlgcode.h" +#endif + +// Creates a volume header in memory +int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, int mode, Password *password, + int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, + unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, + unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode) +{ + unsigned char *p = (unsigned char *) header; + static CRYPTOPP_ALIGN_DATA(16) KEY_INFO keyInfo; + + int nUserKeyLen = password->Length; + PCRYPTO_INFO cryptoInfo = crypto_open (); + static char dk[MASTER_KEYDATA_SIZE]; + int x; + int retVal = 0; + int primaryKeyOffset; + + if (cryptoInfo == NULL) + return ERR_OUTOFMEMORY; + + // if no PIM specified, use default value + if (pim < 0) + pim = 0; + + memset (header, 0, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + + VirtualLock (&keyInfo, sizeof (keyInfo)); + VirtualLock (&dk, sizeof (dk)); + + /* Encryption setup */ + + if (masterKeydata == NULL) + { + // We have no master key data (creating a new volume) so we'll use the TrueCrypt RNG to generate them + + int bytesNeeded; + + switch (mode) + { + + default: + bytesNeeded = EAGetKeySize (ea) * 2; // Size of primary + secondary key(s) + } + + if (!RandgetBytes (hwndDlg, keyInfo.master_keydata, bytesNeeded, TRUE)) + return ERR_CIPHER_INIT_WEAK_KEY; + } + else + { + // We already have existing master key data (the header is being re-encrypted) + memcpy (keyInfo.master_keydata, masterKeydata, MASTER_KEYDATA_SIZE); + } + + // User key + memcpy (keyInfo.userKey, password->Text, nUserKeyLen); + keyInfo.keyLength = nUserKeyLen; + keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, pim, FALSE, bBoot); + + // User selected encryption algorithm + cryptoInfo->ea = ea; + + // User selected PRF + cryptoInfo->pkcs5 = pkcs5_prf; + cryptoInfo->bTrueCryptMode = FALSE; + cryptoInfo->noIterations = keyInfo.noIterations; + cryptoInfo->volumePim = pim; + + // Mode of operation + cryptoInfo->mode = mode; + + // Salt for header key derivation + if (!RandgetBytes (hwndDlg, keyInfo.salt, PKCS5_SALT_SIZE, !bWipeMode)) + return ERR_CIPHER_INIT_WEAK_KEY; + + // PBKDF2 (PKCS5) is used to derive primary header key(s) and secondary header key(s) (XTS) from the password/keyfiles + switch (pkcs5_prf) + { + case SHA512: + derive_key_sha512 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, + PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); + break; + + case SHA256: + derive_key_sha256 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, + PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); + break; + + case RIPEMD160: + derive_key_ripemd160 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, + PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); + break; + + case WHIRLPOOL: + derive_key_whirlpool (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt, + PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize()); + break; + + default: + // Unknown/wrong ID + TC_THROW_FATAL_EXCEPTION; + } + + /* Header setup */ + + // Salt + mputBytes (p, keyInfo.salt, PKCS5_SALT_SIZE); + + // Magic + mputLong (p, 0x56455241); + + // Header version + mputWord (p, VOLUME_HEADER_VERSION); + cryptoInfo->HeaderVersion = VOLUME_HEADER_VERSION; + + // Required program version to handle this volume + mputWord (p, requiredProgramVersion != 0 ? requiredProgramVersion : TC_VOLUME_MIN_REQUIRED_PROGRAM_VERSION); + + // CRC of the master key data + x = GetCrc32(keyInfo.master_keydata, MASTER_KEYDATA_SIZE); + mputLong (p, x); + + // Reserved fields + p += 2 * 8; + + // Size of hidden volume (if any) + cryptoInfo->hiddenVolumeSize = hiddenVolumeSize; + mputInt64 (p, cryptoInfo->hiddenVolumeSize); + + cryptoInfo->hiddenVolume = cryptoInfo->hiddenVolumeSize != 0; + + // Volume size + cryptoInfo->VolumeSize.Value = volumeSize; + mputInt64 (p, volumeSize); + + // Encrypted area start + cryptoInfo->EncryptedAreaStart.Value = encryptedAreaStart; + mputInt64 (p, encryptedAreaStart); + + // Encrypted area size + cryptoInfo->EncryptedAreaLength.Value = encryptedAreaLength; + mputInt64 (p, encryptedAreaLength); + + // Flags + cryptoInfo->HeaderFlags = headerFlags; + mputLong (p, headerFlags); + + // Sector size + if (sectorSize < TC_MIN_VOLUME_SECTOR_SIZE + || sectorSize > TC_MAX_VOLUME_SECTOR_SIZE + || sectorSize % ENCRYPTION_DATA_UNIT_SIZE != 0) + { + TC_THROW_FATAL_EXCEPTION; + } + + cryptoInfo->SectorSize = sectorSize; + mputLong (p, sectorSize); + + // CRC of the header fields + x = GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC); + p = header + TC_HEADER_OFFSET_HEADER_CRC; + mputLong (p, x); + + // The master key data + memcpy (header + HEADER_MASTER_KEYDATA_OFFSET, keyInfo.master_keydata, MASTER_KEYDATA_SIZE); + + + /* Header encryption */ + + switch (mode) + { + + default: + // The secondary key (if cascade, multiple concatenated) + memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); + primaryKeyOffset = 0; + } + + retVal = EAInit (cryptoInfo->ea, dk + primaryKeyOffset, cryptoInfo->ks); + if (retVal != ERR_SUCCESS) + return retVal; + + // Mode of operation + if (!EAInitMode (cryptoInfo)) + return ERR_OUTOFMEMORY; + + + // Encrypt the entire header (except the salt) + EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, + HEADER_ENCRYPTED_DATA_SIZE, + cryptoInfo); + + + /* cryptoInfo setup for further use (disk format) */ + + // Init with the master key(s) + retVal = EAInit (cryptoInfo->ea, keyInfo.master_keydata + primaryKeyOffset, cryptoInfo->ks); + if (retVal != ERR_SUCCESS) + return retVal; + + memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE); + + switch (cryptoInfo->mode) + { + + default: + // The secondary master key (if cascade, multiple concatenated) + memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea)); + } + + // Mode of operation + if (!EAInitMode (cryptoInfo)) + return ERR_OUTOFMEMORY; + + +#ifdef VOLFORMAT + if (!bInPlaceEncNonSys && (showKeys || (bBoot && !masterKeydata))) + { + BOOL dots3 = FALSE; + int i, j; + + j = EAGetKeySize (ea); + + if (j > NBR_KEY_BYTES_TO_DISPLAY) + { + dots3 = TRUE; + j = NBR_KEY_BYTES_TO_DISPLAY; + } + + MasterKeyGUIView[0] = 0; + for (i = 0; i < j; i++) + { + wchar_t tmp2[8] = {0}; + StringCchPrintfW (tmp2, ARRAYSIZE(tmp2), L"%02X", (int) (unsigned char) keyInfo.master_keydata[i + primaryKeyOffset]); + StringCchCatW (MasterKeyGUIView, ARRAYSIZE(MasterKeyGUIView), tmp2); + } + + HeaderKeyGUIView[0] = 0; + for (i = 0; i < NBR_KEY_BYTES_TO_DISPLAY; i++) + { + wchar_t tmp2[8]; + StringCchPrintfW (tmp2, ARRAYSIZE(tmp2), L"%02X", (int) (unsigned char) dk[primaryKeyOffset + i]); + StringCchCatW (HeaderKeyGUIView, ARRAYSIZE(HeaderKeyGUIView), tmp2); + } + + if (dots3) + { + DisplayPortionsOfKeys (hHeaderKey, hMasterKey, HeaderKeyGUIView, MasterKeyGUIView, !showKeys); + } + else + { + SendMessage (hMasterKey, WM_SETTEXT, 0, (LPARAM) MasterKeyGUIView); + SendMessage (hHeaderKey, WM_SETTEXT, 0, (LPARAM) HeaderKeyGUIView); + } + } +#endif // #ifdef VOLFORMAT + + burn (dk, sizeof(dk)); + burn (&keyInfo, sizeof (keyInfo)); + + *retInfo = cryptoInfo; + return 0; +} + + +BOOL ReadEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header, DWORD *bytesRead) +{ +#if TC_VOLUME_HEADER_EFFECTIVE_SIZE > TC_MAX_VOLUME_SECTOR_SIZE +#error TC_VOLUME_HEADER_EFFECTIVE_SIZE > TC_MAX_VOLUME_SECTOR_SIZE +#endif + + byte sectorBuffer[TC_MAX_VOLUME_SECTOR_SIZE]; + DISK_GEOMETRY geometry; + + if (!device) + return ReadFile (fileHandle, header, TC_VOLUME_HEADER_EFFECTIVE_SIZE, bytesRead, NULL); + + if (!DeviceIoControl (fileHandle, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &geometry, sizeof (geometry), bytesRead, NULL)) + return FALSE; + + if (geometry.BytesPerSector > sizeof (sectorBuffer) || geometry.BytesPerSector < TC_MIN_VOLUME_SECTOR_SIZE) + { + SetLastError (ERROR_INVALID_PARAMETER); + return FALSE; + } + + if (!ReadFile (fileHandle, sectorBuffer, max (TC_VOLUME_HEADER_EFFECTIVE_SIZE, geometry.BytesPerSector), bytesRead, NULL)) + return FALSE; + + memcpy (header, sectorBuffer, min (*bytesRead, TC_VOLUME_HEADER_EFFECTIVE_SIZE)); + + if (*bytesRead > TC_VOLUME_HEADER_EFFECTIVE_SIZE) + *bytesRead = TC_VOLUME_HEADER_EFFECTIVE_SIZE; + + return TRUE; +} + + +BOOL WriteEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header) +{ +#if TC_VOLUME_HEADER_EFFECTIVE_SIZE > TC_MAX_VOLUME_SECTOR_SIZE +#error TC_VOLUME_HEADER_EFFECTIVE_SIZE > TC_MAX_VOLUME_SECTOR_SIZE +#endif + + byte sectorBuffer[TC_MAX_VOLUME_SECTOR_SIZE]; + DWORD bytesDone; + DISK_GEOMETRY geometry; + + if (!device) + { + if (!WriteFile (fileHandle, header, TC_VOLUME_HEADER_EFFECTIVE_SIZE, &bytesDone, NULL)) + return FALSE; + + if (bytesDone != TC_VOLUME_HEADER_EFFECTIVE_SIZE) + { + SetLastError (ERROR_INVALID_PARAMETER); + return FALSE; + } + + return TRUE; + } + + if (!DeviceIoControl (fileHandle, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &geometry, sizeof (geometry), &bytesDone, NULL)) + return FALSE; + + if (geometry.BytesPerSector > sizeof (sectorBuffer) || geometry.BytesPerSector < TC_MIN_VOLUME_SECTOR_SIZE) + { + SetLastError (ERROR_INVALID_PARAMETER); + return FALSE; + } + + if (geometry.BytesPerSector != TC_VOLUME_HEADER_EFFECTIVE_SIZE) + { + LARGE_INTEGER seekOffset; + + if (!ReadFile (fileHandle, sectorBuffer, geometry.BytesPerSector, &bytesDone, NULL)) + return FALSE; + + if (bytesDone != geometry.BytesPerSector) + { + SetLastError (ERROR_INVALID_PARAMETER); + return FALSE; + } + + seekOffset.QuadPart = -(int) bytesDone; + if (!SetFilePointerEx (fileHandle, seekOffset, NULL, FILE_CURRENT)) + return FALSE; + } + + memcpy (sectorBuffer, header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + + if (!WriteFile (fileHandle, sectorBuffer, geometry.BytesPerSector, &bytesDone, NULL)) + return FALSE; + + if (bytesDone != geometry.BytesPerSector) + { + SetLastError (ERROR_INVALID_PARAMETER); + return FALSE; + } + + return TRUE; +} + + +// Writes randomly generated data to unused/reserved header areas. +// When bPrimaryOnly is TRUE, then only the primary header area (not the backup header area) is filled with random data. +// When bBackupOnly is TRUE, only the backup header area (not the primary header area) is filled with random data. +int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO *cryptoInfo, uint64 dataAreaSize, BOOL bPrimaryOnly, BOOL bBackupOnly) +{ + char temporaryKey[MASTER_KEYDATA_SIZE]; + char originalK2[MASTER_KEYDATA_SIZE]; + + byte buf[TC_VOLUME_HEADER_GROUP_SIZE]; + + LARGE_INTEGER offset; + int nStatus = ERR_SUCCESS; + DWORD dwError; + DWORD bytesDone; + BOOL backupHeaders = bBackupOnly; + + if (bPrimaryOnly && bBackupOnly) + TC_THROW_FATAL_EXCEPTION; + + memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2)); + + while (TRUE) + { + // Temporary keys + if (!RandgetBytes (hwndDlg, temporaryKey, EAGetKeySize (cryptoInfo->ea), FALSE) + || !RandgetBytes (hwndDlg, cryptoInfo->k2, sizeof (cryptoInfo->k2), FALSE)) + { + nStatus = ERR_PARAMETER_INCORRECT; + goto final_seq; + } + + nStatus = EAInit (cryptoInfo->ea, temporaryKey, cryptoInfo->ks); + if (nStatus != ERR_SUCCESS) + goto final_seq; + + if (!EAInitMode (cryptoInfo)) + { + nStatus = ERR_MODE_INIT_FAILED; + goto final_seq; + } + + offset.QuadPart = backupHeaders ? dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE : TC_VOLUME_HEADER_OFFSET; + + if (!SetFilePointerEx (dev, offset, NULL, FILE_BEGIN)) + { + nStatus = ERR_OS_ERROR; + goto final_seq; + } + + if (!ReadFile (dev, buf, sizeof (buf), &bytesDone, NULL)) + { + nStatus = ERR_OS_ERROR; + goto final_seq; + } + + if (bytesDone < TC_VOLUME_HEADER_EFFECTIVE_SIZE) + { + SetLastError (ERROR_INVALID_PARAMETER); + nStatus = ERR_OS_ERROR; + goto final_seq; + } + + EncryptBuffer (buf + TC_VOLUME_HEADER_EFFECTIVE_SIZE, sizeof (buf) - TC_VOLUME_HEADER_EFFECTIVE_SIZE, cryptoInfo); + + if (!SetFilePointerEx (dev, offset, NULL, FILE_BEGIN)) + { + nStatus = ERR_OS_ERROR; + goto final_seq; + } + + if (!WriteFile (dev, buf, sizeof (buf), &bytesDone, NULL)) + { + nStatus = ERR_OS_ERROR; + goto final_seq; + } + + if (bytesDone != sizeof (buf)) + { + nStatus = ERR_PARAMETER_INCORRECT; + goto final_seq; + } + + if (backupHeaders || bPrimaryOnly) + break; + + backupHeaders = TRUE; + } + + memcpy (cryptoInfo->k2, originalK2, sizeof (cryptoInfo->k2)); + + nStatus = EAInit (cryptoInfo->ea, cryptoInfo->master_keydata, cryptoInfo->ks); + if (nStatus != ERR_SUCCESS) + goto final_seq; + + if (!EAInitMode (cryptoInfo)) + { + nStatus = ERR_MODE_INIT_FAILED; + goto final_seq; + } + +final_seq: + + dwError = GetLastError(); + + burn (temporaryKey, sizeof (temporaryKey)); + burn (originalK2, sizeof (originalK2)); + + if (nStatus != ERR_SUCCESS) + SetLastError (dwError); + + return nStatus; +} + +#endif // !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT) diff --git a/src/Common/Volumes.h b/src/Common/Volumes.h index b0f295f3..43aaaf73 100644 --- a/src/Common/Volumes.h +++ b/src/Common/Volumes.h @@ -1,155 +1,155 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifndef TC_HEADER_Common_Volumes -#define TC_HEADER_Common_Volumes - -#ifdef __cplusplus -extern "C" { -#endif - -// Volume header version -#define VOLUME_HEADER_VERSION 0x0005 - -// Version number written to volume header during format; -// specifies the minimum program version required to mount the volume -#define TC_VOLUME_MIN_REQUIRED_PROGRAM_VERSION 0x010b - -// Version number written (encrypted) to the key data area of an encrypted system partition/drive; -// specifies the minimum program version required to decrypt the system partition/drive -#define TC_SYSENC_KEYSCOPE_MIN_REQ_PROG_VERSION 0x010b - -// Current volume format version (created by TrueCrypt 6.0+) -#define TC_VOLUME_FORMAT_VERSION 2 - -// Version number of volume format created by TrueCrypt 1.0-5.1a -#define TC_VOLUME_FORMAT_VERSION_PRE_6_0 1 - -// Volume header sizes -#define TC_VOLUME_HEADER_SIZE (64 * 1024L) -#define TC_VOLUME_HEADER_EFFECTIVE_SIZE 512 -#define TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE 512 -#define TC_VOLUME_HEADER_SIZE_LEGACY 512 - -#define TC_VOLUME_HEADER_GROUP_SIZE (2 * TC_VOLUME_HEADER_SIZE) -#define TC_TOTAL_VOLUME_HEADERS_SIZE (4 * TC_VOLUME_HEADER_SIZE) - -// Volume offsets -#define TC_VOLUME_HEADER_OFFSET 0 -#define TC_HIDDEN_VOLUME_HEADER_OFFSET TC_VOLUME_HEADER_SIZE - -// Sector sizes -#define TC_MIN_VOLUME_SECTOR_SIZE 512 -#define TC_MAX_VOLUME_SECTOR_SIZE 4096 -#define TC_SECTOR_SIZE_FILE_HOSTED_VOLUME 512 -#define TC_SECTOR_SIZE_LEGACY 512 - -// Sector size which can be safely assumed to be supported by all BIOSes -#define TC_SECTOR_SIZE_BIOS 512 - -#define TC_VOLUME_SMALL_SIZE_THRESHOLD (2 * BYTES_PER_MB) // Volume sizes below this threshold are considered small - -#define TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE TC_MAX_VOLUME_SECTOR_SIZE // FAT file system fills the last sector with zeroes (marked as free; observed when quick format was performed using the OS format tool). -#define TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE_HIGH TC_VOLUME_HEADER_GROUP_SIZE // Reserved area size used for hidden volumes larger than TC_VOLUME_SMALL_SIZE_THRESHOLD - -#define TC_VOLUME_DATA_OFFSET TC_VOLUME_HEADER_GROUP_SIZE - -// The offset, in bytes, of the legacy hidden volume header position from the end of the file (a positive value). -#define TC_HIDDEN_VOLUME_HEADER_OFFSET_LEGACY (TC_VOLUME_HEADER_SIZE_LEGACY + TC_SECTOR_SIZE_LEGACY * 2) - -#define TC_MAX_128BIT_BLOCK_VOLUME_SIZE BYTES_PER_PB // Security bound (128-bit block XTS mode) - -// Filesystem size limits -#define TC_MIN_FAT_FS_SIZE (9 * TC_MAX_VOLUME_SECTOR_SIZE) -#define TC_MAX_FAT_SECTOR_COUNT 0x100000000ULL -#define TC_MIN_NTFS_FS_SIZE (884 * TC_MAX_VOLUME_SECTOR_SIZE) -#define TC_MAX_NTFS_FS_SIZE (128LL * BYTES_PER_TB) // NTFS volume can theoretically be up to 16 exabytes, but Windows XP and 2003 limit the size to that addressable with 32-bit clusters, i.e. max size is 128 TB (if 64-KB clusters are used). -#define TC_MAX_FAT_CLUSTER_SIZE (256 * BYTES_PER_KB) // Windows XP/Vista may crash when writing to a filesystem using clusters larger than 256 KB -#define TC_MIN_EXFAT_FS_SIZE (42 * TC_MAX_VOLUME_SECTOR_SIZE) -#define TC_MAX_EXFAT_FS_SIZE (128LL * BYTES_PER_PB) - -// Volume size limits -#define TC_MIN_VOLUME_SIZE (TC_TOTAL_VOLUME_HEADERS_SIZE + TC_MIN_FAT_FS_SIZE) -#define TC_MIN_VOLUME_SIZE_LEGACY (37 * TC_SECTOR_SIZE_LEGACY) -#define TC_MAX_VOLUME_SIZE_GENERAL 0x7fffFFFFffffFFFFLL // Signed 64-bit integer file offset values -#define TC_MAX_VOLUME_SIZE TC_MAX_128BIT_BLOCK_VOLUME_SIZE - -#define TC_MIN_HIDDEN_VOLUME_SIZE (TC_MIN_FAT_FS_SIZE + TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE) - -#define TC_MIN_HIDDEN_VOLUME_HOST_SIZE (TC_MIN_VOLUME_SIZE + TC_MIN_HIDDEN_VOLUME_SIZE + 2 * TC_MAX_VOLUME_SECTOR_SIZE) -#define TC_MAX_HIDDEN_VOLUME_HOST_SIZE (TC_MAX_NTFS_FS_SIZE - TC_TOTAL_VOLUME_HEADERS_SIZE) - -#ifndef TC_NO_COMPILER_INT64 -# if TC_MAX_VOLUME_SIZE > TC_MAX_VOLUME_SIZE_GENERAL -# error TC_MAX_VOLUME_SIZE > TC_MAX_VOLUME_SIZE_GENERAL -# endif -#endif - -#define HEADER_ENCRYPTED_DATA_SIZE (TC_VOLUME_HEADER_EFFECTIVE_SIZE - HEADER_ENCRYPTED_DATA_OFFSET) - -// Volume header field offsets -#define HEADER_SALT_OFFSET 0 -#define HEADER_ENCRYPTED_DATA_OFFSET PKCS5_SALT_SIZE -#define HEADER_MASTER_KEYDATA_OFFSET 256 - -#define TC_HEADER_OFFSET_MAGIC 64 -#define TC_HEADER_OFFSET_VERSION 68 -#define TC_HEADER_OFFSET_REQUIRED_VERSION 70 -#define TC_HEADER_OFFSET_KEY_AREA_CRC 72 -#define TC_HEADER_OFFSET_VOLUME_CREATION_TIME 76 -#define TC_HEADER_OFFSET_MODIFICATION_TIME 84 -#define TC_HEADER_OFFSET_HIDDEN_VOLUME_SIZE 92 -#define TC_HEADER_OFFSET_VOLUME_SIZE 100 -#define TC_HEADER_OFFSET_ENCRYPTED_AREA_START 108 -#define TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH 116 -#define TC_HEADER_OFFSET_FLAGS 124 -#define TC_HEADER_OFFSET_SECTOR_SIZE 128 -#define TC_HEADER_OFFSET_HEADER_CRC 252 - -// Volume header flags -#define TC_HEADER_FLAG_ENCRYPTED_SYSTEM 0x1 -#define TC_HEADER_FLAG_NONSYS_INPLACE_ENC 0x2 // The volume has been created (or is being encrypted/decrypted) using non-system in-place encryption - - -#ifndef TC_HEADER_Volume_VolumeHeader - -#include "Password.h" - -extern BOOL ReadVolumeHeaderRecoveryMode; - -uint16 GetHeaderField16 (byte *header, int offset); -uint32 GetHeaderField32 (byte *header, int offset); -UINT64_STRUCT GetHeaderField64 (byte *header, int offset); -#ifdef TC_WINDOWS_BOOT -int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo); -#else -int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo); -#ifdef _WIN32 -void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderSize, byte* fingerprint); -#endif -#endif - -#if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT) -int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode); -BOOL ReadEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header, DWORD *bytesRead); -BOOL WriteEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header); -int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO *cryptoInfo, uint64 dataAreaSize, BOOL bPrimaryOnly, BOOL bBackupOnly); -#endif - -#endif // !TC_HEADER_Volume_VolumeHeader - -#ifdef __cplusplus -} -#endif - -#endif // TC_HEADER_Common_Volumes +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifndef TC_HEADER_Common_Volumes +#define TC_HEADER_Common_Volumes + +#ifdef __cplusplus +extern "C" { +#endif + +// Volume header version +#define VOLUME_HEADER_VERSION 0x0005 + +// Version number written to volume header during format; +// specifies the minimum program version required to mount the volume +#define TC_VOLUME_MIN_REQUIRED_PROGRAM_VERSION 0x010b + +// Version number written (encrypted) to the key data area of an encrypted system partition/drive; +// specifies the minimum program version required to decrypt the system partition/drive +#define TC_SYSENC_KEYSCOPE_MIN_REQ_PROG_VERSION 0x010b + +// Current volume format version (created by TrueCrypt 6.0+) +#define TC_VOLUME_FORMAT_VERSION 2 + +// Version number of volume format created by TrueCrypt 1.0-5.1a +#define TC_VOLUME_FORMAT_VERSION_PRE_6_0 1 + +// Volume header sizes +#define TC_VOLUME_HEADER_SIZE (64 * 1024L) +#define TC_VOLUME_HEADER_EFFECTIVE_SIZE 512 +#define TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE 512 +#define TC_VOLUME_HEADER_SIZE_LEGACY 512 + +#define TC_VOLUME_HEADER_GROUP_SIZE (2 * TC_VOLUME_HEADER_SIZE) +#define TC_TOTAL_VOLUME_HEADERS_SIZE (4 * TC_VOLUME_HEADER_SIZE) + +// Volume offsets +#define TC_VOLUME_HEADER_OFFSET 0 +#define TC_HIDDEN_VOLUME_HEADER_OFFSET TC_VOLUME_HEADER_SIZE + +// Sector sizes +#define TC_MIN_VOLUME_SECTOR_SIZE 512 +#define TC_MAX_VOLUME_SECTOR_SIZE 4096 +#define TC_SECTOR_SIZE_FILE_HOSTED_VOLUME 512 +#define TC_SECTOR_SIZE_LEGACY 512 + +// Sector size which can be safely assumed to be supported by all BIOSes +#define TC_SECTOR_SIZE_BIOS 512 + +#define TC_VOLUME_SMALL_SIZE_THRESHOLD (2 * BYTES_PER_MB) // Volume sizes below this threshold are considered small + +#define TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE TC_MAX_VOLUME_SECTOR_SIZE // FAT file system fills the last sector with zeroes (marked as free; observed when quick format was performed using the OS format tool). +#define TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE_HIGH TC_VOLUME_HEADER_GROUP_SIZE // Reserved area size used for hidden volumes larger than TC_VOLUME_SMALL_SIZE_THRESHOLD + +#define TC_VOLUME_DATA_OFFSET TC_VOLUME_HEADER_GROUP_SIZE + +// The offset, in bytes, of the legacy hidden volume header position from the end of the file (a positive value). +#define TC_HIDDEN_VOLUME_HEADER_OFFSET_LEGACY (TC_VOLUME_HEADER_SIZE_LEGACY + TC_SECTOR_SIZE_LEGACY * 2) + +#define TC_MAX_128BIT_BLOCK_VOLUME_SIZE BYTES_PER_PB // Security bound (128-bit block XTS mode) + +// Filesystem size limits +#define TC_MIN_FAT_FS_SIZE (9 * TC_MAX_VOLUME_SECTOR_SIZE) +#define TC_MAX_FAT_SECTOR_COUNT 0x100000000ULL +#define TC_MIN_NTFS_FS_SIZE (884 * TC_MAX_VOLUME_SECTOR_SIZE) +#define TC_MAX_NTFS_FS_SIZE (128LL * BYTES_PER_TB) // NTFS volume can theoretically be up to 16 exabytes, but Windows XP and 2003 limit the size to that addressable with 32-bit clusters, i.e. max size is 128 TB (if 64-KB clusters are used). +#define TC_MAX_FAT_CLUSTER_SIZE (256 * BYTES_PER_KB) // Windows XP/Vista may crash when writing to a filesystem using clusters larger than 256 KB +#define TC_MIN_EXFAT_FS_SIZE (42 * TC_MAX_VOLUME_SECTOR_SIZE) +#define TC_MAX_EXFAT_FS_SIZE (128LL * BYTES_PER_PB) + +// Volume size limits +#define TC_MIN_VOLUME_SIZE (TC_TOTAL_VOLUME_HEADERS_SIZE + TC_MIN_FAT_FS_SIZE) +#define TC_MIN_VOLUME_SIZE_LEGACY (37 * TC_SECTOR_SIZE_LEGACY) +#define TC_MAX_VOLUME_SIZE_GENERAL 0x7fffFFFFffffFFFFLL // Signed 64-bit integer file offset values +#define TC_MAX_VOLUME_SIZE TC_MAX_128BIT_BLOCK_VOLUME_SIZE + +#define TC_MIN_HIDDEN_VOLUME_SIZE (TC_MIN_FAT_FS_SIZE + TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE) + +#define TC_MIN_HIDDEN_VOLUME_HOST_SIZE (TC_MIN_VOLUME_SIZE + TC_MIN_HIDDEN_VOLUME_SIZE + 2 * TC_MAX_VOLUME_SECTOR_SIZE) +#define TC_MAX_HIDDEN_VOLUME_HOST_SIZE (TC_MAX_NTFS_FS_SIZE - TC_TOTAL_VOLUME_HEADERS_SIZE) + +#ifndef TC_NO_COMPILER_INT64 +# if TC_MAX_VOLUME_SIZE > TC_MAX_VOLUME_SIZE_GENERAL +# error TC_MAX_VOLUME_SIZE > TC_MAX_VOLUME_SIZE_GENERAL +# endif +#endif + +#define HEADER_ENCRYPTED_DATA_SIZE (TC_VOLUME_HEADER_EFFECTIVE_SIZE - HEADER_ENCRYPTED_DATA_OFFSET) + +// Volume header field offsets +#define HEADER_SALT_OFFSET 0 +#define HEADER_ENCRYPTED_DATA_OFFSET PKCS5_SALT_SIZE +#define HEADER_MASTER_KEYDATA_OFFSET 256 + +#define TC_HEADER_OFFSET_MAGIC 64 +#define TC_HEADER_OFFSET_VERSION 68 +#define TC_HEADER_OFFSET_REQUIRED_VERSION 70 +#define TC_HEADER_OFFSET_KEY_AREA_CRC 72 +#define TC_HEADER_OFFSET_VOLUME_CREATION_TIME 76 +#define TC_HEADER_OFFSET_MODIFICATION_TIME 84 +#define TC_HEADER_OFFSET_HIDDEN_VOLUME_SIZE 92 +#define TC_HEADER_OFFSET_VOLUME_SIZE 100 +#define TC_HEADER_OFFSET_ENCRYPTED_AREA_START 108 +#define TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH 116 +#define TC_HEADER_OFFSET_FLAGS 124 +#define TC_HEADER_OFFSET_SECTOR_SIZE 128 +#define TC_HEADER_OFFSET_HEADER_CRC 252 + +// Volume header flags +#define TC_HEADER_FLAG_ENCRYPTED_SYSTEM 0x1 +#define TC_HEADER_FLAG_NONSYS_INPLACE_ENC 0x2 // The volume has been created (or is being encrypted/decrypted) using non-system in-place encryption + + +#ifndef TC_HEADER_Volume_VolumeHeader + +#include "Password.h" + +extern BOOL ReadVolumeHeaderRecoveryMode; + +uint16 GetHeaderField16 (byte *header, int offset); +uint32 GetHeaderField32 (byte *header, int offset); +UINT64_STRUCT GetHeaderField64 (byte *header, int offset); +#ifdef TC_WINDOWS_BOOT +int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo); +#else +int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo); +#ifdef _WIN32 +void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderSize, byte* fingerprint); +#endif +#endif + +#if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT) +int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode); +BOOL ReadEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header, DWORD *bytesRead); +BOOL WriteEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header); +int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO *cryptoInfo, uint64 dataAreaSize, BOOL bPrimaryOnly, BOOL bBackupOnly); +#endif + +#endif // !TC_HEADER_Volume_VolumeHeader + +#ifdef __cplusplus +} +#endif + +#endif // TC_HEADER_Common_Volumes diff --git a/src/Common/Wipe.c b/src/Common/Wipe.c index 0dce3ace..83099547 100644 --- a/src/Common/Wipe.c +++ b/src/Common/Wipe.c @@ -1,198 +1,198 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Tcdefs.h" -#include "Wipe.h" - - -static BOOL Wipe1PseudoRandom (int pass, byte *buffer, size_t size) -{ - return FALSE; -} - - -// Fill buffer with wipe patterns defined in "National Industrial Security Program Operating Manual", US DoD 5220.22-M. -// Return: FALSE = buffer must be filled with random data - -static BOOL Wipe3Dod5220 (int pass, byte *buffer, size_t size) -{ - byte wipeChar; - - switch (pass) - { - case 1: - wipeChar = 0; - break; - - case 2: - wipeChar = 0xff; - break; - - default: - return FALSE; - } - - memset (buffer, wipeChar, size); - return TRUE; -} - - -static BOOL Wipe7Dod5220 (int pass, byte randChars[TC_WIPE_RAND_CHAR_COUNT], byte *buffer, size_t size) -{ - byte wipeChar; - - switch (pass) - { - case 1: - wipeChar = randChars[0]; - break; - - case 2: - wipeChar = ~randChars[0]; - break; - - case 4: - wipeChar = randChars[1]; - break; - - case 5: - wipeChar = randChars[2]; - break; - - case 6: - wipeChar = ~randChars[2]; - break; - - default: - return FALSE; - } - - memset (buffer, wipeChar, size); - return TRUE; -} - - -// Fill the buffer with wipe patterns defined in the paper "Secure Deletion of Data from Magnetic and Solid-State Memory" by Peter Gutmann. -// Return: FALSE = buffer must be filled with random data - -static BOOL Wipe35Gutmann (int pass, byte *buffer, size_t size) -{ - byte wipePat3[] = { 0x92, 0x49, 0x24 }; - int wipePat3Pos; - size_t i; - - switch (pass) - { - case 5: - memset (buffer, 0x55, size); - break; - - case 6: - memset (buffer, 0xaa, size); - break; - - case 7: - case 26: - case 29: - wipePat3Pos = 0; - goto wipe3; - - case 8: - case 27: - case 30: - wipePat3Pos = 1; - goto wipe3; - - case 9: - case 28: - case 31: - wipePat3Pos = 2; - goto wipe3; - -wipe3: - if (pass >= 29) - { - wipePat3[0] = ~wipePat3[0]; - wipePat3[1] = ~wipePat3[1]; - wipePat3[2] = ~wipePat3[2]; - } - - for (i = 0; i < size; ++i) - { - buffer[i] = wipePat3[wipePat3Pos++ % 3]; - } - break; - - default: - if (pass >= 10 && pass <= 25) - memset (buffer, (pass - 10) * 0x11, size); - else - return FALSE; - } - - return TRUE; -} - - -int GetWipePassCount (WipeAlgorithmId algorithm) -{ - switch (algorithm) - { - case TC_WIPE_1_RAND: - return 1; - - case TC_WIPE_3_DOD_5220: - return 3; - - case TC_WIPE_7_DOD_5220: - return 7; - - case TC_WIPE_35_GUTMANN: - return 35; - - case TC_WIPE_256: - return 256; - } - - return -1; // Prevent compiler warnings -} - - -BOOL WipeBuffer (WipeAlgorithmId algorithm, byte randChars[TC_WIPE_RAND_CHAR_COUNT], int pass, byte *buffer, size_t size) -{ - switch (algorithm) - { - case TC_WIPE_1_RAND: - case TC_WIPE_256: - return Wipe1PseudoRandom (pass, buffer, size); - - case TC_WIPE_3_DOD_5220: - return Wipe3Dod5220 (pass, buffer, size); - - case TC_WIPE_7_DOD_5220: - return Wipe7Dod5220 (pass, randChars, buffer, size); - - case TC_WIPE_35_GUTMANN: - return Wipe35Gutmann (pass, buffer, size); - - /* we will never reach here because all calls to WipeBuffer are preceeded - * by a call to GetWipePassCount that already checks the same algorithm - * parameters and in case of unsupported value an error is returned before - * calling WipeBuffer - */ - /* - default: - TC_THROW_FATAL_EXCEPTION;*/ - } - - return FALSE; // Prevent compiler warnings -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Tcdefs.h" +#include "Wipe.h" + + +static BOOL Wipe1PseudoRandom (int pass, byte *buffer, size_t size) +{ + return FALSE; +} + + +// Fill buffer with wipe patterns defined in "National Industrial Security Program Operating Manual", US DoD 5220.22-M. +// Return: FALSE = buffer must be filled with random data + +static BOOL Wipe3Dod5220 (int pass, byte *buffer, size_t size) +{ + byte wipeChar; + + switch (pass) + { + case 1: + wipeChar = 0; + break; + + case 2: + wipeChar = 0xff; + break; + + default: + return FALSE; + } + + memset (buffer, wipeChar, size); + return TRUE; +} + + +static BOOL Wipe7Dod5220 (int pass, byte randChars[TC_WIPE_RAND_CHAR_COUNT], byte *buffer, size_t size) +{ + byte wipeChar; + + switch (pass) + { + case 1: + wipeChar = randChars[0]; + break; + + case 2: + wipeChar = ~randChars[0]; + break; + + case 4: + wipeChar = randChars[1]; + break; + + case 5: + wipeChar = randChars[2]; + break; + + case 6: + wipeChar = ~randChars[2]; + break; + + default: + return FALSE; + } + + memset (buffer, wipeChar, size); + return TRUE; +} + + +// Fill the buffer with wipe patterns defined in the paper "Secure Deletion of Data from Magnetic and Solid-State Memory" by Peter Gutmann. +// Return: FALSE = buffer must be filled with random data + +static BOOL Wipe35Gutmann (int pass, byte *buffer, size_t size) +{ + byte wipePat3[] = { 0x92, 0x49, 0x24 }; + int wipePat3Pos; + size_t i; + + switch (pass) + { + case 5: + memset (buffer, 0x55, size); + break; + + case 6: + memset (buffer, 0xaa, size); + break; + + case 7: + case 26: + case 29: + wipePat3Pos = 0; + goto wipe3; + + case 8: + case 27: + case 30: + wipePat3Pos = 1; + goto wipe3; + + case 9: + case 28: + case 31: + wipePat3Pos = 2; + goto wipe3; + +wipe3: + if (pass >= 29) + { + wipePat3[0] = ~wipePat3[0]; + wipePat3[1] = ~wipePat3[1]; + wipePat3[2] = ~wipePat3[2]; + } + + for (i = 0; i < size; ++i) + { + buffer[i] = wipePat3[wipePat3Pos++ % 3]; + } + break; + + default: + if (pass >= 10 && pass <= 25) + memset (buffer, (pass - 10) * 0x11, size); + else + return FALSE; + } + + return TRUE; +} + + +int GetWipePassCount (WipeAlgorithmId algorithm) +{ + switch (algorithm) + { + case TC_WIPE_1_RAND: + return 1; + + case TC_WIPE_3_DOD_5220: + return 3; + + case TC_WIPE_7_DOD_5220: + return 7; + + case TC_WIPE_35_GUTMANN: + return 35; + + case TC_WIPE_256: + return 256; + } + + return -1; // Prevent compiler warnings +} + + +BOOL WipeBuffer (WipeAlgorithmId algorithm, byte randChars[TC_WIPE_RAND_CHAR_COUNT], int pass, byte *buffer, size_t size) +{ + switch (algorithm) + { + case TC_WIPE_1_RAND: + case TC_WIPE_256: + return Wipe1PseudoRandom (pass, buffer, size); + + case TC_WIPE_3_DOD_5220: + return Wipe3Dod5220 (pass, buffer, size); + + case TC_WIPE_7_DOD_5220: + return Wipe7Dod5220 (pass, randChars, buffer, size); + + case TC_WIPE_35_GUTMANN: + return Wipe35Gutmann (pass, buffer, size); + + /* we will never reach here because all calls to WipeBuffer are preceeded + * by a call to GetWipePassCount that already checks the same algorithm + * parameters and in case of unsupported value an error is returned before + * calling WipeBuffer + */ + /* + default: + TC_THROW_FATAL_EXCEPTION;*/ + } + + return FALSE; // Prevent compiler warnings +} diff --git a/src/Common/Wipe.h b/src/Common/Wipe.h index 82afe5fd..97011085 100644 --- a/src/Common/Wipe.h +++ b/src/Common/Wipe.h @@ -1,45 +1,45 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Common_Wipe -#define TC_HEADER_Common_Wipe - -#include "Tcdefs.h" - -#ifdef __cplusplus -extern "C" { -#endif - -typedef enum -{ - /* WARNING: As these values are written to config files, if they or their meanings - are changed, incompatiblity with other versions may arise (upgrade, downgrade, etc.). - When adding a new constant, verify that the value is unique within this block. */ - TC_WIPE_NONE = 0, - TC_WIPE_1_RAND = 100, - TC_WIPE_3_DOD_5220 = 300, - TC_WIPE_7_DOD_5220 = 700, - TC_WIPE_35_GUTMANN = 3500, - TC_WIPE_256 = 25600 - -} WipeAlgorithmId; - -#define TC_WIPE_RAND_CHAR_COUNT 3 - -int GetWipePassCount (WipeAlgorithmId algorithm); -BOOL WipeBuffer (WipeAlgorithmId algorithm, byte randChars[TC_WIPE_RAND_CHAR_COUNT], int pass, byte *buffer, size_t size); - -#ifdef __cplusplus -} -#endif - -#endif // TC_HEADER_Common_Wipe +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Common_Wipe +#define TC_HEADER_Common_Wipe + +#include "Tcdefs.h" + +#ifdef __cplusplus +extern "C" { +#endif + +typedef enum +{ + /* WARNING: As these values are written to config files, if they or their meanings + are changed, incompatiblity with other versions may arise (upgrade, downgrade, etc.). + When adding a new constant, verify that the value is unique within this block. */ + TC_WIPE_NONE = 0, + TC_WIPE_1_RAND = 100, + TC_WIPE_3_DOD_5220 = 300, + TC_WIPE_7_DOD_5220 = 700, + TC_WIPE_35_GUTMANN = 3500, + TC_WIPE_256 = 25600 + +} WipeAlgorithmId; + +#define TC_WIPE_RAND_CHAR_COUNT 3 + +int GetWipePassCount (WipeAlgorithmId algorithm); +BOOL WipeBuffer (WipeAlgorithmId algorithm, byte randChars[TC_WIPE_RAND_CHAR_COUNT], int pass, byte *buffer, size_t size); + +#ifdef __cplusplus +} +#endif + +#endif // TC_HEADER_Common_Wipe diff --git a/src/Common/Xml.c b/src/Common/Xml.c index d6eb0276..60dd8266 100644 --- a/src/Common/Xml.c +++ b/src/Common/Xml.c @@ -1,268 +1,268 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include -#include -#include "Xml.h" - - -static BOOL BeginsWith (char *string, char *subString) -{ - while (*string++ == *subString++) - { - if (*subString == 0) return TRUE; - if (*string == 0) return FALSE; - } - - return FALSE; -} - - -char *XmlNextNode (char *xmlNode) -{ - char *t = xmlNode + 1; - while ((t = strchr (t, '<')) != NULL) - { - if (t[1] != '/') - return t; - - t++; - } - - return NULL; -} - - -char *XmlFindElement (char *xmlNode, char *nodeName) -{ - char *t = xmlNode; - size_t nameLen = strlen (nodeName); - - do - { - if (BeginsWith (t + 1, nodeName) - && (t[nameLen + 1] == '>' - || t[nameLen + 1] == ' ')) return t; - - } while (t = XmlNextNode (t)); - - return NULL; -} - - -char *XmlFindElementByAttributeValue (char *xml, char *nodeName, char *attrName, char *attrValue) -{ - char attr[2048]; - - while (xml = XmlFindElement (xml, nodeName)) - { - XmlGetAttributeText (xml, attrName, attr, sizeof (attr)); - if (strcmp (attr, attrValue) == 0) - return xml; - - xml++; - } - - return NULL; -} - - -char *XmlGetAttributeText (char *xmlNode, char *xmlAttrName, char *xmlAttrValue, int xmlAttrValueSize) -{ - char *t = xmlNode; - char *e = xmlNode; - int l = 0; - - xmlAttrValue[0] = 0; - if (t[0] != '<') return NULL; - - e = strchr (e, '>'); - if (e == NULL) return NULL; - - while ((t = strstr (t, xmlAttrName)) && t < e) - { - char *o = t + strlen (xmlAttrName); - if (t[-1] == ' ' - && - (BeginsWith (o, "=\"") - || BeginsWith (o, "= \"") - || BeginsWith (o, " =\"") - || BeginsWith (o, " = \"")) - ) - break; - - t++; - } - - if (t == NULL || t > e) return NULL; - - t = strchr (t, '"') + 1; - e = strchr (t, '"'); - l = (int)(e - t); - if (e == NULL || l > xmlAttrValueSize) return NULL; - - memcpy (xmlAttrValue, t, l); - xmlAttrValue[l] = 0; - - return xmlAttrValue; -} - - -char *XmlGetNodeText (char *xmlNode, char *xmlText, int xmlTextSize) -{ - char *t = xmlNode; - char *e = xmlNode + 1; - int l = 0, i = 0, j = 0; - - xmlText[0] = 0; - - if (t[0] != '<') - return NULL; - - t = strchr (t, '>') + 1; - if (t == (char *)1) return NULL; - - e = strchr (e, '<'); - if (e == NULL) return NULL; - - l = (int)(e - t); - if (e == NULL || l > xmlTextSize) return NULL; - - while (i < l) - { - if (BeginsWith (&t[i], "<")) - { - xmlText[j++] = '<'; - i += 4; - continue; - } - if (BeginsWith (&t[i], ">")) - { - xmlText[j++] = '>'; - i += 4; - continue; - } - if (BeginsWith (&t[i], "&")) - { - xmlText[j++] = '&'; - i += 5; - continue; - } - xmlText[j++] = t[i++]; - } - xmlText[j] = 0; - - return t; -} - - -char *XmlQuoteText (const char *textSrc, char *textDst, int textDstMaxSize) -{ - char *textDstLast = textDst + textDstMaxSize - 1; - - if (textDstMaxSize == 0) - return NULL; - - while (*textSrc != 0 && textDst <= textDstLast) - { - char c = *textSrc++; - switch (c) - { - case '&': - if (textDst + 6 > textDstLast) - return NULL; - strcpy (textDst, "&"); - textDst += 5; - continue; - - case '>': - if (textDst + 5 > textDstLast) - return NULL; - strcpy (textDst, ">"); - textDst += 4; - continue; - - case '<': - if (textDst + 5 > textDstLast) - return NULL; - strcpy (textDst, "<"); - textDst += 4; - continue; - - default: - *textDst++ = c; - } - } - - if (textDst > textDstLast) - return NULL; - - *textDst = 0; - return textDst; -} - -wchar_t *XmlQuoteTextW (const wchar_t *textSrc, wchar_t *textDst, int textDstMaxSize) -{ - wchar_t *textDstLast = textDst + textDstMaxSize - 1; - - if (textDstMaxSize == 0) - return NULL; - - while (*textSrc != 0 && textDst <= textDstLast) - { - wchar_t c = *textSrc++; - switch (c) - { - case L'&': - if (textDst + 6 > textDstLast) - return NULL; - wcscpy (textDst, L"&"); - textDst += 5; - continue; - - case L'>': - if (textDst + 5 > textDstLast) - return NULL; - wcscpy (textDst, L">"); - textDst += 4; - continue; - - case L'<': - if (textDst + 5 > textDstLast) - return NULL; - wcscpy (textDst, L"<"); - textDst += 4; - continue; - - default: - *textDst++ = c; - } - } - - if (textDst > textDstLast) - return NULL; - - *textDst = 0; - return textDst; -} - - -int XmlWriteHeader (FILE *file) -{ - return fputws (L"\n", file); -} - - -int XmlWriteFooter (FILE *file) -{ - return fputws (L"\n", file); -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include +#include +#include "Xml.h" + + +static BOOL BeginsWith (char *string, char *subString) +{ + while (*string++ == *subString++) + { + if (*subString == 0) return TRUE; + if (*string == 0) return FALSE; + } + + return FALSE; +} + + +char *XmlNextNode (char *xmlNode) +{ + char *t = xmlNode + 1; + while ((t = strchr (t, '<')) != NULL) + { + if (t[1] != '/') + return t; + + t++; + } + + return NULL; +} + + +char *XmlFindElement (char *xmlNode, char *nodeName) +{ + char *t = xmlNode; + size_t nameLen = strlen (nodeName); + + do + { + if (BeginsWith (t + 1, nodeName) + && (t[nameLen + 1] == '>' + || t[nameLen + 1] == ' ')) return t; + + } while (t = XmlNextNode (t)); + + return NULL; +} + + +char *XmlFindElementByAttributeValue (char *xml, char *nodeName, char *attrName, char *attrValue) +{ + char attr[2048]; + + while (xml = XmlFindElement (xml, nodeName)) + { + XmlGetAttributeText (xml, attrName, attr, sizeof (attr)); + if (strcmp (attr, attrValue) == 0) + return xml; + + xml++; + } + + return NULL; +} + + +char *XmlGetAttributeText (char *xmlNode, char *xmlAttrName, char *xmlAttrValue, int xmlAttrValueSize) +{ + char *t = xmlNode; + char *e = xmlNode; + int l = 0; + + xmlAttrValue[0] = 0; + if (t[0] != '<') return NULL; + + e = strchr (e, '>'); + if (e == NULL) return NULL; + + while ((t = strstr (t, xmlAttrName)) && t < e) + { + char *o = t + strlen (xmlAttrName); + if (t[-1] == ' ' + && + (BeginsWith (o, "=\"") + || BeginsWith (o, "= \"") + || BeginsWith (o, " =\"") + || BeginsWith (o, " = \"")) + ) + break; + + t++; + } + + if (t == NULL || t > e) return NULL; + + t = strchr (t, '"') + 1; + e = strchr (t, '"'); + l = (int)(e - t); + if (e == NULL || l > xmlAttrValueSize) return NULL; + + memcpy (xmlAttrValue, t, l); + xmlAttrValue[l] = 0; + + return xmlAttrValue; +} + + +char *XmlGetNodeText (char *xmlNode, char *xmlText, int xmlTextSize) +{ + char *t = xmlNode; + char *e = xmlNode + 1; + int l = 0, i = 0, j = 0; + + xmlText[0] = 0; + + if (t[0] != '<') + return NULL; + + t = strchr (t, '>') + 1; + if (t == (char *)1) return NULL; + + e = strchr (e, '<'); + if (e == NULL) return NULL; + + l = (int)(e - t); + if (e == NULL || l > xmlTextSize) return NULL; + + while (i < l) + { + if (BeginsWith (&t[i], "<")) + { + xmlText[j++] = '<'; + i += 4; + continue; + } + if (BeginsWith (&t[i], ">")) + { + xmlText[j++] = '>'; + i += 4; + continue; + } + if (BeginsWith (&t[i], "&")) + { + xmlText[j++] = '&'; + i += 5; + continue; + } + xmlText[j++] = t[i++]; + } + xmlText[j] = 0; + + return t; +} + + +char *XmlQuoteText (const char *textSrc, char *textDst, int textDstMaxSize) +{ + char *textDstLast = textDst + textDstMaxSize - 1; + + if (textDstMaxSize == 0) + return NULL; + + while (*textSrc != 0 && textDst <= textDstLast) + { + char c = *textSrc++; + switch (c) + { + case '&': + if (textDst + 6 > textDstLast) + return NULL; + strcpy (textDst, "&"); + textDst += 5; + continue; + + case '>': + if (textDst + 5 > textDstLast) + return NULL; + strcpy (textDst, ">"); + textDst += 4; + continue; + + case '<': + if (textDst + 5 > textDstLast) + return NULL; + strcpy (textDst, "<"); + textDst += 4; + continue; + + default: + *textDst++ = c; + } + } + + if (textDst > textDstLast) + return NULL; + + *textDst = 0; + return textDst; +} + +wchar_t *XmlQuoteTextW (const wchar_t *textSrc, wchar_t *textDst, int textDstMaxSize) +{ + wchar_t *textDstLast = textDst + textDstMaxSize - 1; + + if (textDstMaxSize == 0) + return NULL; + + while (*textSrc != 0 && textDst <= textDstLast) + { + wchar_t c = *textSrc++; + switch (c) + { + case L'&': + if (textDst + 6 > textDstLast) + return NULL; + wcscpy (textDst, L"&"); + textDst += 5; + continue; + + case L'>': + if (textDst + 5 > textDstLast) + return NULL; + wcscpy (textDst, L">"); + textDst += 4; + continue; + + case L'<': + if (textDst + 5 > textDstLast) + return NULL; + wcscpy (textDst, L"<"); + textDst += 4; + continue; + + default: + *textDst++ = c; + } + } + + if (textDst > textDstLast) + return NULL; + + *textDst = 0; + return textDst; +} + + +int XmlWriteHeader (FILE *file) +{ + return fputws (L"\n", file); +} + + +int XmlWriteFooter (FILE *file) +{ + return fputws (L"\n", file); +} diff --git a/src/Common/Xml.h b/src/Common/Xml.h index 55c02196..41daf40f 100644 --- a/src/Common/Xml.h +++ b/src/Common/Xml.h @@ -1,29 +1,29 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifdef __cplusplus -extern "C" { -#endif - -char *XmlNextNode (char *xmlNode); -char *XmlFindElement (char *xmlNode, char *nodeName); -char *XmlGetAttributeText (char *xmlNode, char *xmlAttrName, char *xmlAttrValue, int xmlAttrValueSize); -char *XmlGetNodeText (char *xmlNode, char *xmlText, int xmlTextSize); -int XmlWriteHeader (FILE *file); -int XmlWriteFooter (FILE *file); -char *XmlFindElementByAttributeValue (char *xml, char *nodeName, char *attrName, char *attrValue); -char *XmlQuoteText (const char *textSrc, char *textDst, int textDstMaxSize); -wchar_t *XmlQuoteTextW (const wchar_t *textSrc, wchar_t *textDst, int textDstMaxSize); - -#ifdef __cplusplus -} -#endif +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifdef __cplusplus +extern "C" { +#endif + +char *XmlNextNode (char *xmlNode); +char *XmlFindElement (char *xmlNode, char *nodeName); +char *XmlGetAttributeText (char *xmlNode, char *xmlAttrName, char *xmlAttrValue, int xmlAttrValueSize); +char *XmlGetNodeText (char *xmlNode, char *xmlText, int xmlTextSize); +int XmlWriteHeader (FILE *file); +int XmlWriteFooter (FILE *file); +char *XmlFindElementByAttributeValue (char *xml, char *nodeName, char *attrName, char *attrValue); +char *XmlQuoteText (const char *textSrc, char *textDst, int textDstMaxSize); +wchar_t *XmlQuoteTextW (const wchar_t *textSrc, wchar_t *textDst, int textDstMaxSize); + +#ifdef __cplusplus +} +#endif diff --git a/src/Common/Xts.c b/src/Common/Xts.c index c2fe125c..0bdb8271 100644 --- a/src/Common/Xts.c +++ b/src/Common/Xts.c @@ -1,750 +1,750 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -/* If native 64-bit data types are not available, define TC_NO_COMPILER_INT64. - -For big-endian platforms define BYTE_ORDER as BIG_ENDIAN. */ - - -#ifdef TC_MINIMIZE_CODE_SIZE -// Preboot/boot version -# ifndef TC_NO_COMPILER_INT64 -# define TC_NO_COMPILER_INT64 -# endif -# pragma optimize ("tl", on) -#endif - -#ifdef TC_NO_COMPILER_INT64 -# include -#endif - -#include "Xts.h" - - -#ifndef TC_NO_COMPILER_INT64 - -// length: number of bytes to encrypt; may be larger than one data unit and must be divisible by the cipher block size -// ks: the primary key schedule -// ks2: the secondary key schedule -// startDataUnitNo: The sequential number of the data unit with which the buffer starts. -// startCipherBlockNo: The sequential number of the first plaintext block to encrypt inside the data unit startDataUnitNo. -// When encrypting the data unit from its first block, startCipherBlockNo is 0. -// The startCipherBlockNo value applies only to the first data unit in the buffer; each successive -// data unit is encrypted from its first block. The start of the buffer does not have to be -// aligned with the start of a data unit. If it is aligned, startCipherBlockNo must be 0; if it -// is not aligned, startCipherBlockNo must reflect the misalignment accordingly. -void EncryptBufferXTS (unsigned __int8 *buffer, - TC_LARGEST_COMPILER_UINT length, - const UINT64_STRUCT *startDataUnitNo, - unsigned int startCipherBlockNo, - unsigned __int8 *ks, - unsigned __int8 *ks2, - int cipher) -{ - if (CipherSupportsIntraDataUnitParallelization (cipher)) - EncryptBufferXTSParallel (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher); - else - EncryptBufferXTSNonParallel (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher); -} - - -// Optimized for encryption algorithms supporting intra-data-unit parallelization -static void EncryptBufferXTSParallel (unsigned __int8 *buffer, - TC_LARGEST_COMPILER_UINT length, - const UINT64_STRUCT *startDataUnitNo, - unsigned int startCipherBlockNo, - unsigned __int8 *ks, - unsigned __int8 *ks2, - int cipher) -{ - unsigned __int8 finalCarry; - unsigned __int8 whiteningValues [ENCRYPTION_DATA_UNIT_SIZE]; - unsigned __int8 whiteningValue [BYTES_PER_XTS_BLOCK]; - unsigned __int8 byteBufUnitNo [BYTES_PER_XTS_BLOCK]; - unsigned __int64 *whiteningValuesPtr64 = (unsigned __int64 *) whiteningValues; - unsigned __int64 *whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; - unsigned __int64 *bufPtr = (unsigned __int64 *) buffer; - unsigned __int64 *dataUnitBufPtr; - unsigned int startBlock = startCipherBlockNo, endBlock, block; - unsigned __int64 *const finalInt64WhiteningValuesPtr = whiteningValuesPtr64 + sizeof (whiteningValues) / sizeof (*whiteningValuesPtr64) - 1; - TC_LARGEST_COMPILER_UINT blockCount, dataUnitNo; - - /* The encrypted data unit number (i.e. the resultant ciphertext block) is to be multiplied in the - finite field GF(2^128) by j-th power of n, where j is the sequential plaintext/ciphertext block - number and n is 2, a primitive element of GF(2^128). This can be (and is) simplified and implemented - as a left shift of the preceding whitening value by one bit (with carry propagating). In addition, if - the shift of the highest byte results in a carry, 135 is XORed into the lowest byte. The value 135 is - derived from the modulus of the Galois Field (x^128+x^7+x^2+x+1). */ - - // Convert the 64-bit data unit number into a little-endian 16-byte array. - // Note that as we are converting a 64-bit number into a 16-byte array we can always zero the last 8 bytes. - dataUnitNo = startDataUnitNo->Value; - *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); - *((unsigned __int64 *) byteBufUnitNo + 1) = 0; - - if (length % BYTES_PER_XTS_BLOCK) - TC_THROW_FATAL_EXCEPTION; - - blockCount = length / BYTES_PER_XTS_BLOCK; - - // Process all blocks in the buffer - while (blockCount > 0) - { - if (blockCount < BLOCKS_PER_XTS_DATA_UNIT) - endBlock = startBlock + (unsigned int) blockCount; - else - endBlock = BLOCKS_PER_XTS_DATA_UNIT; - - whiteningValuesPtr64 = finalInt64WhiteningValuesPtr; - whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; - - // Encrypt the data unit number using the secondary key (in order to generate the first - // whitening value for this data unit) - *whiteningValuePtr64 = *((unsigned __int64 *) byteBufUnitNo); - *(whiteningValuePtr64 + 1) = 0; - EncipherBlock (cipher, whiteningValue, ks2); - - // Generate subsequent whitening values for blocks in this data unit. Note that all generated 128-bit - // whitening values are stored in memory as a sequence of 64-bit integers in reverse order. - for (block = 0; block < endBlock; block++) - { - if (block >= startBlock) - { - *whiteningValuesPtr64-- = *whiteningValuePtr64++; - *whiteningValuesPtr64-- = *whiteningValuePtr64; - } - else - whiteningValuePtr64++; - - // Derive the next whitening value - -#if BYTE_ORDER == LITTLE_ENDIAN - - // Little-endian platforms - - finalCarry = - (*whiteningValuePtr64 & 0x8000000000000000) ? - 135 : 0; - - *whiteningValuePtr64-- <<= 1; - - if (*whiteningValuePtr64 & 0x8000000000000000) - *(whiteningValuePtr64 + 1) |= 1; - - *whiteningValuePtr64 <<= 1; -#else - - // Big-endian platforms - - finalCarry = - (*whiteningValuePtr64 & 0x80) ? - 135 : 0; - - *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); - - whiteningValuePtr64--; - - if (*whiteningValuePtr64 & 0x80) - *(whiteningValuePtr64 + 1) |= 0x0100000000000000; - - *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); -#endif - - whiteningValue[0] ^= finalCarry; - } - - dataUnitBufPtr = bufPtr; - whiteningValuesPtr64 = finalInt64WhiteningValuesPtr; - - // Encrypt all blocks in this data unit - - for (block = startBlock; block < endBlock; block++) - { - // Pre-whitening - *bufPtr++ ^= *whiteningValuesPtr64--; - *bufPtr++ ^= *whiteningValuesPtr64--; - } - - // Actual encryption - EncipherBlocks (cipher, dataUnitBufPtr, ks, endBlock - startBlock); - - bufPtr = dataUnitBufPtr; - whiteningValuesPtr64 = finalInt64WhiteningValuesPtr; - - for (block = startBlock; block < endBlock; block++) - { - // Post-whitening - *bufPtr++ ^= *whiteningValuesPtr64--; - *bufPtr++ ^= *whiteningValuesPtr64--; - } - - blockCount -= endBlock - startBlock; - startBlock = 0; - dataUnitNo++; - *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); - } - - FAST_ERASE64 (whiteningValue, sizeof (whiteningValue)); - FAST_ERASE64 (whiteningValues, sizeof (whiteningValues)); -} - - -// Optimized for encryption algorithms not supporting intra-data-unit parallelization -static void EncryptBufferXTSNonParallel (unsigned __int8 *buffer, - TC_LARGEST_COMPILER_UINT length, - const UINT64_STRUCT *startDataUnitNo, - unsigned int startCipherBlockNo, - unsigned __int8 *ks, - unsigned __int8 *ks2, - int cipher) -{ - unsigned __int8 finalCarry; - unsigned __int8 whiteningValue [BYTES_PER_XTS_BLOCK]; - unsigned __int8 byteBufUnitNo [BYTES_PER_XTS_BLOCK]; - unsigned __int64 *whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; - unsigned __int64 *bufPtr = (unsigned __int64 *) buffer; - unsigned int startBlock = startCipherBlockNo, endBlock, block; - TC_LARGEST_COMPILER_UINT blockCount, dataUnitNo; - - /* The encrypted data unit number (i.e. the resultant ciphertext block) is to be multiplied in the - finite field GF(2^128) by j-th power of n, where j is the sequential plaintext/ciphertext block - number and n is 2, a primitive element of GF(2^128). This can be (and is) simplified and implemented - as a left shift of the preceding whitening value by one bit (with carry propagating). In addition, if - the shift of the highest byte results in a carry, 135 is XORed into the lowest byte. The value 135 is - derived from the modulus of the Galois Field (x^128+x^7+x^2+x+1). */ - - // Convert the 64-bit data unit number into a little-endian 16-byte array. - // Note that as we are converting a 64-bit number into a 16-byte array we can always zero the last 8 bytes. - dataUnitNo = startDataUnitNo->Value; - *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); - *((unsigned __int64 *) byteBufUnitNo + 1) = 0; - - if (length % BYTES_PER_XTS_BLOCK) - TC_THROW_FATAL_EXCEPTION; - - blockCount = length / BYTES_PER_XTS_BLOCK; - - // Process all blocks in the buffer - while (blockCount > 0) - { - if (blockCount < BLOCKS_PER_XTS_DATA_UNIT) - endBlock = startBlock + (unsigned int) blockCount; - else - endBlock = BLOCKS_PER_XTS_DATA_UNIT; - - whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; - - // Encrypt the data unit number using the secondary key (in order to generate the first - // whitening value for this data unit) - *whiteningValuePtr64 = *((unsigned __int64 *) byteBufUnitNo); - *(whiteningValuePtr64 + 1) = 0; - EncipherBlock (cipher, whiteningValue, ks2); - - // Generate (and apply) subsequent whitening values for blocks in this data unit and - // encrypt all relevant blocks in this data unit - for (block = 0; block < endBlock; block++) - { - if (block >= startBlock) - { - // Pre-whitening - *bufPtr++ ^= *whiteningValuePtr64++; - *bufPtr-- ^= *whiteningValuePtr64--; - - // Actual encryption - EncipherBlock (cipher, bufPtr, ks); - - // Post-whitening - *bufPtr++ ^= *whiteningValuePtr64++; - *bufPtr++ ^= *whiteningValuePtr64; - } - else - whiteningValuePtr64++; - - // Derive the next whitening value - -#if BYTE_ORDER == LITTLE_ENDIAN - - // Little-endian platforms - - finalCarry = - (*whiteningValuePtr64 & 0x8000000000000000) ? - 135 : 0; - - *whiteningValuePtr64-- <<= 1; - - if (*whiteningValuePtr64 & 0x8000000000000000) - *(whiteningValuePtr64 + 1) |= 1; - - *whiteningValuePtr64 <<= 1; -#else - - // Big-endian platforms - - finalCarry = - (*whiteningValuePtr64 & 0x80) ? - 135 : 0; - - *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); - - whiteningValuePtr64--; - - if (*whiteningValuePtr64 & 0x80) - *(whiteningValuePtr64 + 1) |= 0x0100000000000000; - - *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); -#endif - - whiteningValue[0] ^= finalCarry; - } - - blockCount -= endBlock - startBlock; - startBlock = 0; - dataUnitNo++; - *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); - } - - FAST_ERASE64 (whiteningValue, sizeof (whiteningValue)); -} - - -// For descriptions of the input parameters, see EncryptBufferXTS(). -void DecryptBufferXTS (unsigned __int8 *buffer, - TC_LARGEST_COMPILER_UINT length, - const UINT64_STRUCT *startDataUnitNo, - unsigned int startCipherBlockNo, - unsigned __int8 *ks, - unsigned __int8 *ks2, - int cipher) -{ - if (CipherSupportsIntraDataUnitParallelization (cipher)) - DecryptBufferXTSParallel (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher); - else - DecryptBufferXTSNonParallel (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher); -} - - -// Optimized for encryption algorithms supporting intra-data-unit parallelization -static void DecryptBufferXTSParallel (unsigned __int8 *buffer, - TC_LARGEST_COMPILER_UINT length, - const UINT64_STRUCT *startDataUnitNo, - unsigned int startCipherBlockNo, - unsigned __int8 *ks, - unsigned __int8 *ks2, - int cipher) -{ - unsigned __int8 finalCarry; - unsigned __int8 whiteningValues [ENCRYPTION_DATA_UNIT_SIZE]; - unsigned __int8 whiteningValue [BYTES_PER_XTS_BLOCK]; - unsigned __int8 byteBufUnitNo [BYTES_PER_XTS_BLOCK]; - unsigned __int64 *whiteningValuesPtr64 = (unsigned __int64 *) whiteningValues; - unsigned __int64 *whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; - unsigned __int64 *bufPtr = (unsigned __int64 *) buffer; - unsigned __int64 *dataUnitBufPtr; - unsigned int startBlock = startCipherBlockNo, endBlock, block; - unsigned __int64 *const finalInt64WhiteningValuesPtr = whiteningValuesPtr64 + sizeof (whiteningValues) / sizeof (*whiteningValuesPtr64) - 1; - TC_LARGEST_COMPILER_UINT blockCount, dataUnitNo; - - // Convert the 64-bit data unit number into a little-endian 16-byte array. - // Note that as we are converting a 64-bit number into a 16-byte array we can always zero the last 8 bytes. - dataUnitNo = startDataUnitNo->Value; - *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); - *((unsigned __int64 *) byteBufUnitNo + 1) = 0; - - if (length % BYTES_PER_XTS_BLOCK) - TC_THROW_FATAL_EXCEPTION; - - blockCount = length / BYTES_PER_XTS_BLOCK; - - // Process all blocks in the buffer - while (blockCount > 0) - { - if (blockCount < BLOCKS_PER_XTS_DATA_UNIT) - endBlock = startBlock + (unsigned int) blockCount; - else - endBlock = BLOCKS_PER_XTS_DATA_UNIT; - - whiteningValuesPtr64 = finalInt64WhiteningValuesPtr; - whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; - - // Encrypt the data unit number using the secondary key (in order to generate the first - // whitening value for this data unit) - *whiteningValuePtr64 = *((unsigned __int64 *) byteBufUnitNo); - *(whiteningValuePtr64 + 1) = 0; - EncipherBlock (cipher, whiteningValue, ks2); - - // Generate subsequent whitening values for blocks in this data unit. Note that all generated 128-bit - // whitening values are stored in memory as a sequence of 64-bit integers in reverse order. - for (block = 0; block < endBlock; block++) - { - if (block >= startBlock) - { - *whiteningValuesPtr64-- = *whiteningValuePtr64++; - *whiteningValuesPtr64-- = *whiteningValuePtr64; - } - else - whiteningValuePtr64++; - - // Derive the next whitening value - -#if BYTE_ORDER == LITTLE_ENDIAN - - // Little-endian platforms - - finalCarry = - (*whiteningValuePtr64 & 0x8000000000000000) ? - 135 : 0; - - *whiteningValuePtr64-- <<= 1; - - if (*whiteningValuePtr64 & 0x8000000000000000) - *(whiteningValuePtr64 + 1) |= 1; - - *whiteningValuePtr64 <<= 1; - -#else - // Big-endian platforms - - finalCarry = - (*whiteningValuePtr64 & 0x80) ? - 135 : 0; - - *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); - - whiteningValuePtr64--; - - if (*whiteningValuePtr64 & 0x80) - *(whiteningValuePtr64 + 1) |= 0x0100000000000000; - - *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); -#endif - - whiteningValue[0] ^= finalCarry; - } - - dataUnitBufPtr = bufPtr; - whiteningValuesPtr64 = finalInt64WhiteningValuesPtr; - - // Decrypt blocks in this data unit - - for (block = startBlock; block < endBlock; block++) - { - *bufPtr++ ^= *whiteningValuesPtr64--; - *bufPtr++ ^= *whiteningValuesPtr64--; - } - - DecipherBlocks (cipher, dataUnitBufPtr, ks, endBlock - startBlock); - - bufPtr = dataUnitBufPtr; - whiteningValuesPtr64 = finalInt64WhiteningValuesPtr; - - for (block = startBlock; block < endBlock; block++) - { - *bufPtr++ ^= *whiteningValuesPtr64--; - *bufPtr++ ^= *whiteningValuesPtr64--; - } - - blockCount -= endBlock - startBlock; - startBlock = 0; - dataUnitNo++; - - *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); - } - - FAST_ERASE64 (whiteningValue, sizeof (whiteningValue)); - FAST_ERASE64 (whiteningValues, sizeof (whiteningValues)); -} - - -// Optimized for encryption algorithms not supporting intra-data-unit parallelization -static void DecryptBufferXTSNonParallel (unsigned __int8 *buffer, - TC_LARGEST_COMPILER_UINT length, - const UINT64_STRUCT *startDataUnitNo, - unsigned int startCipherBlockNo, - unsigned __int8 *ks, - unsigned __int8 *ks2, - int cipher) -{ - unsigned __int8 finalCarry; - unsigned __int8 whiteningValue [BYTES_PER_XTS_BLOCK]; - unsigned __int8 byteBufUnitNo [BYTES_PER_XTS_BLOCK]; - unsigned __int64 *whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; - unsigned __int64 *bufPtr = (unsigned __int64 *) buffer; - unsigned int startBlock = startCipherBlockNo, endBlock, block; - TC_LARGEST_COMPILER_UINT blockCount, dataUnitNo; - - // Convert the 64-bit data unit number into a little-endian 16-byte array. - // Note that as we are converting a 64-bit number into a 16-byte array we can always zero the last 8 bytes. - dataUnitNo = startDataUnitNo->Value; - *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); - *((unsigned __int64 *) byteBufUnitNo + 1) = 0; - - if (length % BYTES_PER_XTS_BLOCK) - TC_THROW_FATAL_EXCEPTION; - - blockCount = length / BYTES_PER_XTS_BLOCK; - - // Process all blocks in the buffer - while (blockCount > 0) - { - if (blockCount < BLOCKS_PER_XTS_DATA_UNIT) - endBlock = startBlock + (unsigned int) blockCount; - else - endBlock = BLOCKS_PER_XTS_DATA_UNIT; - - whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; - - // Encrypt the data unit number using the secondary key (in order to generate the first - // whitening value for this data unit) - *whiteningValuePtr64 = *((unsigned __int64 *) byteBufUnitNo); - *(whiteningValuePtr64 + 1) = 0; - EncipherBlock (cipher, whiteningValue, ks2); - - // Generate (and apply) subsequent whitening values for blocks in this data unit and - // decrypt all relevant blocks in this data unit - for (block = 0; block < endBlock; block++) - { - if (block >= startBlock) - { - // Post-whitening - *bufPtr++ ^= *whiteningValuePtr64++; - *bufPtr-- ^= *whiteningValuePtr64--; - - // Actual decryption - DecipherBlock (cipher, bufPtr, ks); - - // Pre-whitening - *bufPtr++ ^= *whiteningValuePtr64++; - *bufPtr++ ^= *whiteningValuePtr64; - } - else - whiteningValuePtr64++; - - // Derive the next whitening value - -#if BYTE_ORDER == LITTLE_ENDIAN - - // Little-endian platforms - - finalCarry = - (*whiteningValuePtr64 & 0x8000000000000000) ? - 135 : 0; - - *whiteningValuePtr64-- <<= 1; - - if (*whiteningValuePtr64 & 0x8000000000000000) - *(whiteningValuePtr64 + 1) |= 1; - - *whiteningValuePtr64 <<= 1; - -#else - // Big-endian platforms - - finalCarry = - (*whiteningValuePtr64 & 0x80) ? - 135 : 0; - - *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); - - whiteningValuePtr64--; - - if (*whiteningValuePtr64 & 0x80) - *(whiteningValuePtr64 + 1) |= 0x0100000000000000; - - *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); -#endif - - whiteningValue[0] ^= finalCarry; - } - - blockCount -= endBlock - startBlock; - startBlock = 0; - dataUnitNo++; - *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); - } - - FAST_ERASE64 (whiteningValue, sizeof (whiteningValue)); -} - - -#else // TC_NO_COMPILER_INT64 - -/* ---- The following code is to be used only when native 64-bit data types are not available. ---- */ - -#if BYTE_ORDER == BIG_ENDIAN -#error The TC_NO_COMPILER_INT64 version of the XTS code is not compatible with big-endian platforms -#endif - - -// Converts a 64-bit unsigned integer (passed as two 32-bit integers for compatibility with non-64-bit -// environments/platforms) into a little-endian 16-byte array. -static void Uint64ToLE16ByteArray (unsigned __int8 *byteBuf, unsigned __int32 highInt32, unsigned __int32 lowInt32) -{ - unsigned __int32 *bufPtr32 = (unsigned __int32 *) byteBuf; - - *bufPtr32++ = lowInt32; - *bufPtr32++ = highInt32; - - // We're converting a 64-bit number into a little-endian 16-byte array so we can zero the last 8 bytes - *bufPtr32++ = 0; - *bufPtr32 = 0; -} - - -// Encrypts or decrypts all blocks in the buffer in XTS mode. For descriptions of the input parameters, -// see the 64-bit version of EncryptBufferXTS(). -static void EncryptDecryptBufferXTS32 (const unsigned __int8 *buffer, - TC_LARGEST_COMPILER_UINT length, - const UINT64_STRUCT *startDataUnitNo, - unsigned int startBlock, - unsigned __int8 *ks, - unsigned __int8 *ks2, - int cipher, - BOOL decryption) -{ - TC_LARGEST_COMPILER_UINT blockCount; - UINT64_STRUCT dataUnitNo; - unsigned int block; - unsigned int endBlock; - unsigned __int8 byteBufUnitNo [BYTES_PER_XTS_BLOCK]; - unsigned __int8 whiteningValue [BYTES_PER_XTS_BLOCK]; - unsigned __int32 *bufPtr32 = (unsigned __int32 *) buffer; - unsigned __int32 *whiteningValuePtr32 = (unsigned __int32 *) whiteningValue; - unsigned __int8 finalCarry; - unsigned __int32 *const finalDwordWhiteningValuePtr = whiteningValuePtr32 + sizeof (whiteningValue) / sizeof (*whiteningValuePtr32) - 1; - - // Store the 64-bit data unit number in a way compatible with non-64-bit environments/platforms - dataUnitNo.HighPart = startDataUnitNo->HighPart; - dataUnitNo.LowPart = startDataUnitNo->LowPart; - - blockCount = length / BYTES_PER_XTS_BLOCK; - - // Convert the 64-bit data unit number into a little-endian 16-byte array. - // (Passed as two 32-bit integers for compatibility with non-64-bit environments/platforms.) - Uint64ToLE16ByteArray (byteBufUnitNo, dataUnitNo.HighPart, dataUnitNo.LowPart); - - // Generate whitening values for all blocks in the buffer - while (blockCount > 0) - { - if (blockCount < BLOCKS_PER_XTS_DATA_UNIT) - endBlock = startBlock + (unsigned int) blockCount; - else - endBlock = BLOCKS_PER_XTS_DATA_UNIT; - - // Encrypt the data unit number using the secondary key (in order to generate the first - // whitening value for this data unit) - memcpy (whiteningValue, byteBufUnitNo, BYTES_PER_XTS_BLOCK); - EncipherBlock (cipher, whiteningValue, ks2); - - // Generate (and apply) subsequent whitening values for blocks in this data unit and - // encrypt/decrypt all relevant blocks in this data unit - for (block = 0; block < endBlock; block++) - { - if (block >= startBlock) - { - whiteningValuePtr32 = (unsigned __int32 *) whiteningValue; - - // Whitening - *bufPtr32++ ^= *whiteningValuePtr32++; - *bufPtr32++ ^= *whiteningValuePtr32++; - *bufPtr32++ ^= *whiteningValuePtr32++; - *bufPtr32 ^= *whiteningValuePtr32; - - bufPtr32 -= BYTES_PER_XTS_BLOCK / sizeof (*bufPtr32) - 1; - - // Actual encryption/decryption - if (decryption) - DecipherBlock (cipher, bufPtr32, ks); - else - EncipherBlock (cipher, bufPtr32, ks); - - whiteningValuePtr32 = (unsigned __int32 *) whiteningValue; - - // Whitening - *bufPtr32++ ^= *whiteningValuePtr32++; - *bufPtr32++ ^= *whiteningValuePtr32++; - *bufPtr32++ ^= *whiteningValuePtr32++; - *bufPtr32++ ^= *whiteningValuePtr32; - } - - // Derive the next whitening value - - finalCarry = 0; - - for (whiteningValuePtr32 = finalDwordWhiteningValuePtr; - whiteningValuePtr32 >= (unsigned __int32 *) whiteningValue; - whiteningValuePtr32--) - { - if (*whiteningValuePtr32 & 0x80000000) // If the following shift results in a carry - { - if (whiteningValuePtr32 != finalDwordWhiteningValuePtr) // If not processing the highest double word - { - // A regular carry - *(whiteningValuePtr32 + 1) |= 1; - } - else - { - // The highest byte shift will result in a carry - finalCarry = 135; - } - } - - *whiteningValuePtr32 <<= 1; - } - - whiteningValue[0] ^= finalCarry; - } - - blockCount -= endBlock - startBlock; - startBlock = 0; - - // Increase the data unit number by one - if (!++dataUnitNo.LowPart) - { - dataUnitNo.HighPart++; - } - - // Convert the 64-bit data unit number into a little-endian 16-byte array. - Uint64ToLE16ByteArray (byteBufUnitNo, dataUnitNo.HighPart, dataUnitNo.LowPart); - } - - FAST_ERASE64 (whiteningValue, sizeof (whiteningValue)); -} - - -// For descriptions of the input parameters, see the 64-bit version of EncryptBufferXTS() above. -void EncryptBufferXTS (unsigned __int8 *buffer, - TC_LARGEST_COMPILER_UINT length, - const UINT64_STRUCT *startDataUnitNo, - unsigned int startCipherBlockNo, - unsigned __int8 *ks, - unsigned __int8 *ks2, - int cipher) -{ - // Encrypt all plaintext blocks in the buffer - EncryptDecryptBufferXTS32 (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher, FALSE); -} - - -// For descriptions of the input parameters, see the 64-bit version of EncryptBufferXTS(). -void DecryptBufferXTS (unsigned __int8 *buffer, - TC_LARGEST_COMPILER_UINT length, - const UINT64_STRUCT *startDataUnitNo, - unsigned int startCipherBlockNo, - unsigned __int8 *ks, - unsigned __int8 *ks2, - int cipher) -{ - // Decrypt all ciphertext blocks in the buffer - EncryptDecryptBufferXTS32 (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher, TRUE); -} - -#endif // TC_NO_COMPILER_INT64 +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +/* If native 64-bit data types are not available, define TC_NO_COMPILER_INT64. + +For big-endian platforms define BYTE_ORDER as BIG_ENDIAN. */ + + +#ifdef TC_MINIMIZE_CODE_SIZE +// Preboot/boot version +# ifndef TC_NO_COMPILER_INT64 +# define TC_NO_COMPILER_INT64 +# endif +# pragma optimize ("tl", on) +#endif + +#ifdef TC_NO_COMPILER_INT64 +# include +#endif + +#include "Xts.h" + + +#ifndef TC_NO_COMPILER_INT64 + +// length: number of bytes to encrypt; may be larger than one data unit and must be divisible by the cipher block size +// ks: the primary key schedule +// ks2: the secondary key schedule +// startDataUnitNo: The sequential number of the data unit with which the buffer starts. +// startCipherBlockNo: The sequential number of the first plaintext block to encrypt inside the data unit startDataUnitNo. +// When encrypting the data unit from its first block, startCipherBlockNo is 0. +// The startCipherBlockNo value applies only to the first data unit in the buffer; each successive +// data unit is encrypted from its first block. The start of the buffer does not have to be +// aligned with the start of a data unit. If it is aligned, startCipherBlockNo must be 0; if it +// is not aligned, startCipherBlockNo must reflect the misalignment accordingly. +void EncryptBufferXTS (unsigned __int8 *buffer, + TC_LARGEST_COMPILER_UINT length, + const UINT64_STRUCT *startDataUnitNo, + unsigned int startCipherBlockNo, + unsigned __int8 *ks, + unsigned __int8 *ks2, + int cipher) +{ + if (CipherSupportsIntraDataUnitParallelization (cipher)) + EncryptBufferXTSParallel (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher); + else + EncryptBufferXTSNonParallel (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher); +} + + +// Optimized for encryption algorithms supporting intra-data-unit parallelization +static void EncryptBufferXTSParallel (unsigned __int8 *buffer, + TC_LARGEST_COMPILER_UINT length, + const UINT64_STRUCT *startDataUnitNo, + unsigned int startCipherBlockNo, + unsigned __int8 *ks, + unsigned __int8 *ks2, + int cipher) +{ + unsigned __int8 finalCarry; + unsigned __int8 whiteningValues [ENCRYPTION_DATA_UNIT_SIZE]; + unsigned __int8 whiteningValue [BYTES_PER_XTS_BLOCK]; + unsigned __int8 byteBufUnitNo [BYTES_PER_XTS_BLOCK]; + unsigned __int64 *whiteningValuesPtr64 = (unsigned __int64 *) whiteningValues; + unsigned __int64 *whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; + unsigned __int64 *bufPtr = (unsigned __int64 *) buffer; + unsigned __int64 *dataUnitBufPtr; + unsigned int startBlock = startCipherBlockNo, endBlock, block; + unsigned __int64 *const finalInt64WhiteningValuesPtr = whiteningValuesPtr64 + sizeof (whiteningValues) / sizeof (*whiteningValuesPtr64) - 1; + TC_LARGEST_COMPILER_UINT blockCount, dataUnitNo; + + /* The encrypted data unit number (i.e. the resultant ciphertext block) is to be multiplied in the + finite field GF(2^128) by j-th power of n, where j is the sequential plaintext/ciphertext block + number and n is 2, a primitive element of GF(2^128). This can be (and is) simplified and implemented + as a left shift of the preceding whitening value by one bit (with carry propagating). In addition, if + the shift of the highest byte results in a carry, 135 is XORed into the lowest byte. The value 135 is + derived from the modulus of the Galois Field (x^128+x^7+x^2+x+1). */ + + // Convert the 64-bit data unit number into a little-endian 16-byte array. + // Note that as we are converting a 64-bit number into a 16-byte array we can always zero the last 8 bytes. + dataUnitNo = startDataUnitNo->Value; + *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); + *((unsigned __int64 *) byteBufUnitNo + 1) = 0; + + if (length % BYTES_PER_XTS_BLOCK) + TC_THROW_FATAL_EXCEPTION; + + blockCount = length / BYTES_PER_XTS_BLOCK; + + // Process all blocks in the buffer + while (blockCount > 0) + { + if (blockCount < BLOCKS_PER_XTS_DATA_UNIT) + endBlock = startBlock + (unsigned int) blockCount; + else + endBlock = BLOCKS_PER_XTS_DATA_UNIT; + + whiteningValuesPtr64 = finalInt64WhiteningValuesPtr; + whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; + + // Encrypt the data unit number using the secondary key (in order to generate the first + // whitening value for this data unit) + *whiteningValuePtr64 = *((unsigned __int64 *) byteBufUnitNo); + *(whiteningValuePtr64 + 1) = 0; + EncipherBlock (cipher, whiteningValue, ks2); + + // Generate subsequent whitening values for blocks in this data unit. Note that all generated 128-bit + // whitening values are stored in memory as a sequence of 64-bit integers in reverse order. + for (block = 0; block < endBlock; block++) + { + if (block >= startBlock) + { + *whiteningValuesPtr64-- = *whiteningValuePtr64++; + *whiteningValuesPtr64-- = *whiteningValuePtr64; + } + else + whiteningValuePtr64++; + + // Derive the next whitening value + +#if BYTE_ORDER == LITTLE_ENDIAN + + // Little-endian platforms + + finalCarry = + (*whiteningValuePtr64 & 0x8000000000000000) ? + 135 : 0; + + *whiteningValuePtr64-- <<= 1; + + if (*whiteningValuePtr64 & 0x8000000000000000) + *(whiteningValuePtr64 + 1) |= 1; + + *whiteningValuePtr64 <<= 1; +#else + + // Big-endian platforms + + finalCarry = + (*whiteningValuePtr64 & 0x80) ? + 135 : 0; + + *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); + + whiteningValuePtr64--; + + if (*whiteningValuePtr64 & 0x80) + *(whiteningValuePtr64 + 1) |= 0x0100000000000000; + + *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); +#endif + + whiteningValue[0] ^= finalCarry; + } + + dataUnitBufPtr = bufPtr; + whiteningValuesPtr64 = finalInt64WhiteningValuesPtr; + + // Encrypt all blocks in this data unit + + for (block = startBlock; block < endBlock; block++) + { + // Pre-whitening + *bufPtr++ ^= *whiteningValuesPtr64--; + *bufPtr++ ^= *whiteningValuesPtr64--; + } + + // Actual encryption + EncipherBlocks (cipher, dataUnitBufPtr, ks, endBlock - startBlock); + + bufPtr = dataUnitBufPtr; + whiteningValuesPtr64 = finalInt64WhiteningValuesPtr; + + for (block = startBlock; block < endBlock; block++) + { + // Post-whitening + *bufPtr++ ^= *whiteningValuesPtr64--; + *bufPtr++ ^= *whiteningValuesPtr64--; + } + + blockCount -= endBlock - startBlock; + startBlock = 0; + dataUnitNo++; + *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); + } + + FAST_ERASE64 (whiteningValue, sizeof (whiteningValue)); + FAST_ERASE64 (whiteningValues, sizeof (whiteningValues)); +} + + +// Optimized for encryption algorithms not supporting intra-data-unit parallelization +static void EncryptBufferXTSNonParallel (unsigned __int8 *buffer, + TC_LARGEST_COMPILER_UINT length, + const UINT64_STRUCT *startDataUnitNo, + unsigned int startCipherBlockNo, + unsigned __int8 *ks, + unsigned __int8 *ks2, + int cipher) +{ + unsigned __int8 finalCarry; + unsigned __int8 whiteningValue [BYTES_PER_XTS_BLOCK]; + unsigned __int8 byteBufUnitNo [BYTES_PER_XTS_BLOCK]; + unsigned __int64 *whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; + unsigned __int64 *bufPtr = (unsigned __int64 *) buffer; + unsigned int startBlock = startCipherBlockNo, endBlock, block; + TC_LARGEST_COMPILER_UINT blockCount, dataUnitNo; + + /* The encrypted data unit number (i.e. the resultant ciphertext block) is to be multiplied in the + finite field GF(2^128) by j-th power of n, where j is the sequential plaintext/ciphertext block + number and n is 2, a primitive element of GF(2^128). This can be (and is) simplified and implemented + as a left shift of the preceding whitening value by one bit (with carry propagating). In addition, if + the shift of the highest byte results in a carry, 135 is XORed into the lowest byte. The value 135 is + derived from the modulus of the Galois Field (x^128+x^7+x^2+x+1). */ + + // Convert the 64-bit data unit number into a little-endian 16-byte array. + // Note that as we are converting a 64-bit number into a 16-byte array we can always zero the last 8 bytes. + dataUnitNo = startDataUnitNo->Value; + *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); + *((unsigned __int64 *) byteBufUnitNo + 1) = 0; + + if (length % BYTES_PER_XTS_BLOCK) + TC_THROW_FATAL_EXCEPTION; + + blockCount = length / BYTES_PER_XTS_BLOCK; + + // Process all blocks in the buffer + while (blockCount > 0) + { + if (blockCount < BLOCKS_PER_XTS_DATA_UNIT) + endBlock = startBlock + (unsigned int) blockCount; + else + endBlock = BLOCKS_PER_XTS_DATA_UNIT; + + whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; + + // Encrypt the data unit number using the secondary key (in order to generate the first + // whitening value for this data unit) + *whiteningValuePtr64 = *((unsigned __int64 *) byteBufUnitNo); + *(whiteningValuePtr64 + 1) = 0; + EncipherBlock (cipher, whiteningValue, ks2); + + // Generate (and apply) subsequent whitening values for blocks in this data unit and + // encrypt all relevant blocks in this data unit + for (block = 0; block < endBlock; block++) + { + if (block >= startBlock) + { + // Pre-whitening + *bufPtr++ ^= *whiteningValuePtr64++; + *bufPtr-- ^= *whiteningValuePtr64--; + + // Actual encryption + EncipherBlock (cipher, bufPtr, ks); + + // Post-whitening + *bufPtr++ ^= *whiteningValuePtr64++; + *bufPtr++ ^= *whiteningValuePtr64; + } + else + whiteningValuePtr64++; + + // Derive the next whitening value + +#if BYTE_ORDER == LITTLE_ENDIAN + + // Little-endian platforms + + finalCarry = + (*whiteningValuePtr64 & 0x8000000000000000) ? + 135 : 0; + + *whiteningValuePtr64-- <<= 1; + + if (*whiteningValuePtr64 & 0x8000000000000000) + *(whiteningValuePtr64 + 1) |= 1; + + *whiteningValuePtr64 <<= 1; +#else + + // Big-endian platforms + + finalCarry = + (*whiteningValuePtr64 & 0x80) ? + 135 : 0; + + *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); + + whiteningValuePtr64--; + + if (*whiteningValuePtr64 & 0x80) + *(whiteningValuePtr64 + 1) |= 0x0100000000000000; + + *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); +#endif + + whiteningValue[0] ^= finalCarry; + } + + blockCount -= endBlock - startBlock; + startBlock = 0; + dataUnitNo++; + *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); + } + + FAST_ERASE64 (whiteningValue, sizeof (whiteningValue)); +} + + +// For descriptions of the input parameters, see EncryptBufferXTS(). +void DecryptBufferXTS (unsigned __int8 *buffer, + TC_LARGEST_COMPILER_UINT length, + const UINT64_STRUCT *startDataUnitNo, + unsigned int startCipherBlockNo, + unsigned __int8 *ks, + unsigned __int8 *ks2, + int cipher) +{ + if (CipherSupportsIntraDataUnitParallelization (cipher)) + DecryptBufferXTSParallel (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher); + else + DecryptBufferXTSNonParallel (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher); +} + + +// Optimized for encryption algorithms supporting intra-data-unit parallelization +static void DecryptBufferXTSParallel (unsigned __int8 *buffer, + TC_LARGEST_COMPILER_UINT length, + const UINT64_STRUCT *startDataUnitNo, + unsigned int startCipherBlockNo, + unsigned __int8 *ks, + unsigned __int8 *ks2, + int cipher) +{ + unsigned __int8 finalCarry; + unsigned __int8 whiteningValues [ENCRYPTION_DATA_UNIT_SIZE]; + unsigned __int8 whiteningValue [BYTES_PER_XTS_BLOCK]; + unsigned __int8 byteBufUnitNo [BYTES_PER_XTS_BLOCK]; + unsigned __int64 *whiteningValuesPtr64 = (unsigned __int64 *) whiteningValues; + unsigned __int64 *whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; + unsigned __int64 *bufPtr = (unsigned __int64 *) buffer; + unsigned __int64 *dataUnitBufPtr; + unsigned int startBlock = startCipherBlockNo, endBlock, block; + unsigned __int64 *const finalInt64WhiteningValuesPtr = whiteningValuesPtr64 + sizeof (whiteningValues) / sizeof (*whiteningValuesPtr64) - 1; + TC_LARGEST_COMPILER_UINT blockCount, dataUnitNo; + + // Convert the 64-bit data unit number into a little-endian 16-byte array. + // Note that as we are converting a 64-bit number into a 16-byte array we can always zero the last 8 bytes. + dataUnitNo = startDataUnitNo->Value; + *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); + *((unsigned __int64 *) byteBufUnitNo + 1) = 0; + + if (length % BYTES_PER_XTS_BLOCK) + TC_THROW_FATAL_EXCEPTION; + + blockCount = length / BYTES_PER_XTS_BLOCK; + + // Process all blocks in the buffer + while (blockCount > 0) + { + if (blockCount < BLOCKS_PER_XTS_DATA_UNIT) + endBlock = startBlock + (unsigned int) blockCount; + else + endBlock = BLOCKS_PER_XTS_DATA_UNIT; + + whiteningValuesPtr64 = finalInt64WhiteningValuesPtr; + whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; + + // Encrypt the data unit number using the secondary key (in order to generate the first + // whitening value for this data unit) + *whiteningValuePtr64 = *((unsigned __int64 *) byteBufUnitNo); + *(whiteningValuePtr64 + 1) = 0; + EncipherBlock (cipher, whiteningValue, ks2); + + // Generate subsequent whitening values for blocks in this data unit. Note that all generated 128-bit + // whitening values are stored in memory as a sequence of 64-bit integers in reverse order. + for (block = 0; block < endBlock; block++) + { + if (block >= startBlock) + { + *whiteningValuesPtr64-- = *whiteningValuePtr64++; + *whiteningValuesPtr64-- = *whiteningValuePtr64; + } + else + whiteningValuePtr64++; + + // Derive the next whitening value + +#if BYTE_ORDER == LITTLE_ENDIAN + + // Little-endian platforms + + finalCarry = + (*whiteningValuePtr64 & 0x8000000000000000) ? + 135 : 0; + + *whiteningValuePtr64-- <<= 1; + + if (*whiteningValuePtr64 & 0x8000000000000000) + *(whiteningValuePtr64 + 1) |= 1; + + *whiteningValuePtr64 <<= 1; + +#else + // Big-endian platforms + + finalCarry = + (*whiteningValuePtr64 & 0x80) ? + 135 : 0; + + *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); + + whiteningValuePtr64--; + + if (*whiteningValuePtr64 & 0x80) + *(whiteningValuePtr64 + 1) |= 0x0100000000000000; + + *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); +#endif + + whiteningValue[0] ^= finalCarry; + } + + dataUnitBufPtr = bufPtr; + whiteningValuesPtr64 = finalInt64WhiteningValuesPtr; + + // Decrypt blocks in this data unit + + for (block = startBlock; block < endBlock; block++) + { + *bufPtr++ ^= *whiteningValuesPtr64--; + *bufPtr++ ^= *whiteningValuesPtr64--; + } + + DecipherBlocks (cipher, dataUnitBufPtr, ks, endBlock - startBlock); + + bufPtr = dataUnitBufPtr; + whiteningValuesPtr64 = finalInt64WhiteningValuesPtr; + + for (block = startBlock; block < endBlock; block++) + { + *bufPtr++ ^= *whiteningValuesPtr64--; + *bufPtr++ ^= *whiteningValuesPtr64--; + } + + blockCount -= endBlock - startBlock; + startBlock = 0; + dataUnitNo++; + + *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); + } + + FAST_ERASE64 (whiteningValue, sizeof (whiteningValue)); + FAST_ERASE64 (whiteningValues, sizeof (whiteningValues)); +} + + +// Optimized for encryption algorithms not supporting intra-data-unit parallelization +static void DecryptBufferXTSNonParallel (unsigned __int8 *buffer, + TC_LARGEST_COMPILER_UINT length, + const UINT64_STRUCT *startDataUnitNo, + unsigned int startCipherBlockNo, + unsigned __int8 *ks, + unsigned __int8 *ks2, + int cipher) +{ + unsigned __int8 finalCarry; + unsigned __int8 whiteningValue [BYTES_PER_XTS_BLOCK]; + unsigned __int8 byteBufUnitNo [BYTES_PER_XTS_BLOCK]; + unsigned __int64 *whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; + unsigned __int64 *bufPtr = (unsigned __int64 *) buffer; + unsigned int startBlock = startCipherBlockNo, endBlock, block; + TC_LARGEST_COMPILER_UINT blockCount, dataUnitNo; + + // Convert the 64-bit data unit number into a little-endian 16-byte array. + // Note that as we are converting a 64-bit number into a 16-byte array we can always zero the last 8 bytes. + dataUnitNo = startDataUnitNo->Value; + *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); + *((unsigned __int64 *) byteBufUnitNo + 1) = 0; + + if (length % BYTES_PER_XTS_BLOCK) + TC_THROW_FATAL_EXCEPTION; + + blockCount = length / BYTES_PER_XTS_BLOCK; + + // Process all blocks in the buffer + while (blockCount > 0) + { + if (blockCount < BLOCKS_PER_XTS_DATA_UNIT) + endBlock = startBlock + (unsigned int) blockCount; + else + endBlock = BLOCKS_PER_XTS_DATA_UNIT; + + whiteningValuePtr64 = (unsigned __int64 *) whiteningValue; + + // Encrypt the data unit number using the secondary key (in order to generate the first + // whitening value for this data unit) + *whiteningValuePtr64 = *((unsigned __int64 *) byteBufUnitNo); + *(whiteningValuePtr64 + 1) = 0; + EncipherBlock (cipher, whiteningValue, ks2); + + // Generate (and apply) subsequent whitening values for blocks in this data unit and + // decrypt all relevant blocks in this data unit + for (block = 0; block < endBlock; block++) + { + if (block >= startBlock) + { + // Post-whitening + *bufPtr++ ^= *whiteningValuePtr64++; + *bufPtr-- ^= *whiteningValuePtr64--; + + // Actual decryption + DecipherBlock (cipher, bufPtr, ks); + + // Pre-whitening + *bufPtr++ ^= *whiteningValuePtr64++; + *bufPtr++ ^= *whiteningValuePtr64; + } + else + whiteningValuePtr64++; + + // Derive the next whitening value + +#if BYTE_ORDER == LITTLE_ENDIAN + + // Little-endian platforms + + finalCarry = + (*whiteningValuePtr64 & 0x8000000000000000) ? + 135 : 0; + + *whiteningValuePtr64-- <<= 1; + + if (*whiteningValuePtr64 & 0x8000000000000000) + *(whiteningValuePtr64 + 1) |= 1; + + *whiteningValuePtr64 <<= 1; + +#else + // Big-endian platforms + + finalCarry = + (*whiteningValuePtr64 & 0x80) ? + 135 : 0; + + *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); + + whiteningValuePtr64--; + + if (*whiteningValuePtr64 & 0x80) + *(whiteningValuePtr64 + 1) |= 0x0100000000000000; + + *whiteningValuePtr64 = LE64 (LE64 (*whiteningValuePtr64) << 1); +#endif + + whiteningValue[0] ^= finalCarry; + } + + blockCount -= endBlock - startBlock; + startBlock = 0; + dataUnitNo++; + *((unsigned __int64 *) byteBufUnitNo) = LE64 (dataUnitNo); + } + + FAST_ERASE64 (whiteningValue, sizeof (whiteningValue)); +} + + +#else // TC_NO_COMPILER_INT64 + +/* ---- The following code is to be used only when native 64-bit data types are not available. ---- */ + +#if BYTE_ORDER == BIG_ENDIAN +#error The TC_NO_COMPILER_INT64 version of the XTS code is not compatible with big-endian platforms +#endif + + +// Converts a 64-bit unsigned integer (passed as two 32-bit integers for compatibility with non-64-bit +// environments/platforms) into a little-endian 16-byte array. +static void Uint64ToLE16ByteArray (unsigned __int8 *byteBuf, unsigned __int32 highInt32, unsigned __int32 lowInt32) +{ + unsigned __int32 *bufPtr32 = (unsigned __int32 *) byteBuf; + + *bufPtr32++ = lowInt32; + *bufPtr32++ = highInt32; + + // We're converting a 64-bit number into a little-endian 16-byte array so we can zero the last 8 bytes + *bufPtr32++ = 0; + *bufPtr32 = 0; +} + + +// Encrypts or decrypts all blocks in the buffer in XTS mode. For descriptions of the input parameters, +// see the 64-bit version of EncryptBufferXTS(). +static void EncryptDecryptBufferXTS32 (const unsigned __int8 *buffer, + TC_LARGEST_COMPILER_UINT length, + const UINT64_STRUCT *startDataUnitNo, + unsigned int startBlock, + unsigned __int8 *ks, + unsigned __int8 *ks2, + int cipher, + BOOL decryption) +{ + TC_LARGEST_COMPILER_UINT blockCount; + UINT64_STRUCT dataUnitNo; + unsigned int block; + unsigned int endBlock; + unsigned __int8 byteBufUnitNo [BYTES_PER_XTS_BLOCK]; + unsigned __int8 whiteningValue [BYTES_PER_XTS_BLOCK]; + unsigned __int32 *bufPtr32 = (unsigned __int32 *) buffer; + unsigned __int32 *whiteningValuePtr32 = (unsigned __int32 *) whiteningValue; + unsigned __int8 finalCarry; + unsigned __int32 *const finalDwordWhiteningValuePtr = whiteningValuePtr32 + sizeof (whiteningValue) / sizeof (*whiteningValuePtr32) - 1; + + // Store the 64-bit data unit number in a way compatible with non-64-bit environments/platforms + dataUnitNo.HighPart = startDataUnitNo->HighPart; + dataUnitNo.LowPart = startDataUnitNo->LowPart; + + blockCount = length / BYTES_PER_XTS_BLOCK; + + // Convert the 64-bit data unit number into a little-endian 16-byte array. + // (Passed as two 32-bit integers for compatibility with non-64-bit environments/platforms.) + Uint64ToLE16ByteArray (byteBufUnitNo, dataUnitNo.HighPart, dataUnitNo.LowPart); + + // Generate whitening values for all blocks in the buffer + while (blockCount > 0) + { + if (blockCount < BLOCKS_PER_XTS_DATA_UNIT) + endBlock = startBlock + (unsigned int) blockCount; + else + endBlock = BLOCKS_PER_XTS_DATA_UNIT; + + // Encrypt the data unit number using the secondary key (in order to generate the first + // whitening value for this data unit) + memcpy (whiteningValue, byteBufUnitNo, BYTES_PER_XTS_BLOCK); + EncipherBlock (cipher, whiteningValue, ks2); + + // Generate (and apply) subsequent whitening values for blocks in this data unit and + // encrypt/decrypt all relevant blocks in this data unit + for (block = 0; block < endBlock; block++) + { + if (block >= startBlock) + { + whiteningValuePtr32 = (unsigned __int32 *) whiteningValue; + + // Whitening + *bufPtr32++ ^= *whiteningValuePtr32++; + *bufPtr32++ ^= *whiteningValuePtr32++; + *bufPtr32++ ^= *whiteningValuePtr32++; + *bufPtr32 ^= *whiteningValuePtr32; + + bufPtr32 -= BYTES_PER_XTS_BLOCK / sizeof (*bufPtr32) - 1; + + // Actual encryption/decryption + if (decryption) + DecipherBlock (cipher, bufPtr32, ks); + else + EncipherBlock (cipher, bufPtr32, ks); + + whiteningValuePtr32 = (unsigned __int32 *) whiteningValue; + + // Whitening + *bufPtr32++ ^= *whiteningValuePtr32++; + *bufPtr32++ ^= *whiteningValuePtr32++; + *bufPtr32++ ^= *whiteningValuePtr32++; + *bufPtr32++ ^= *whiteningValuePtr32; + } + + // Derive the next whitening value + + finalCarry = 0; + + for (whiteningValuePtr32 = finalDwordWhiteningValuePtr; + whiteningValuePtr32 >= (unsigned __int32 *) whiteningValue; + whiteningValuePtr32--) + { + if (*whiteningValuePtr32 & 0x80000000) // If the following shift results in a carry + { + if (whiteningValuePtr32 != finalDwordWhiteningValuePtr) // If not processing the highest double word + { + // A regular carry + *(whiteningValuePtr32 + 1) |= 1; + } + else + { + // The highest byte shift will result in a carry + finalCarry = 135; + } + } + + *whiteningValuePtr32 <<= 1; + } + + whiteningValue[0] ^= finalCarry; + } + + blockCount -= endBlock - startBlock; + startBlock = 0; + + // Increase the data unit number by one + if (!++dataUnitNo.LowPart) + { + dataUnitNo.HighPart++; + } + + // Convert the 64-bit data unit number into a little-endian 16-byte array. + Uint64ToLE16ByteArray (byteBufUnitNo, dataUnitNo.HighPart, dataUnitNo.LowPart); + } + + FAST_ERASE64 (whiteningValue, sizeof (whiteningValue)); +} + + +// For descriptions of the input parameters, see the 64-bit version of EncryptBufferXTS() above. +void EncryptBufferXTS (unsigned __int8 *buffer, + TC_LARGEST_COMPILER_UINT length, + const UINT64_STRUCT *startDataUnitNo, + unsigned int startCipherBlockNo, + unsigned __int8 *ks, + unsigned __int8 *ks2, + int cipher) +{ + // Encrypt all plaintext blocks in the buffer + EncryptDecryptBufferXTS32 (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher, FALSE); +} + + +// For descriptions of the input parameters, see the 64-bit version of EncryptBufferXTS(). +void DecryptBufferXTS (unsigned __int8 *buffer, + TC_LARGEST_COMPILER_UINT length, + const UINT64_STRUCT *startDataUnitNo, + unsigned int startCipherBlockNo, + unsigned __int8 *ks, + unsigned __int8 *ks2, + int cipher) +{ + // Decrypt all ciphertext blocks in the buffer + EncryptDecryptBufferXTS32 (buffer, length, startDataUnitNo, startCipherBlockNo, ks, ks2, cipher, TRUE); +} + +#endif // TC_NO_COMPILER_INT64 diff --git a/src/Common/Xts.h b/src/Common/Xts.h index b984dd99..f4f4ab5b 100644 --- a/src/Common/Xts.h +++ b/src/Common/Xts.h @@ -1,84 +1,84 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef XTS_H -#define XTS_H - -// Header files (optional) - -#include "Tcdefs.h" -#include "Common/Endian.h" -#include "Crypto.h" - -#ifdef __cplusplus -extern "C" { -#endif - -// Macros - -#ifndef LITTLE_ENDIAN -# define LITTLE_ENDIAN 1 -#endif - -#ifndef BIG_ENDIAN -# define BIG_ENDIAN 2 -#endif - -#ifndef BYTE_ORDER -# define BYTE_ORDER LITTLE_ENDIAN -#endif - -#ifndef LE64 -# if BYTE_ORDER == LITTLE_ENDIAN -# define LE64(x) (x) -# endif -#endif - -// Custom data types - -#ifndef TC_LARGEST_COMPILER_UINT -# ifdef TC_NO_COMPILER_INT64 - typedef unsigned __int32 TC_LARGEST_COMPILER_UINT; -# else - typedef unsigned __int64 TC_LARGEST_COMPILER_UINT; -# endif -#endif - -#ifndef TCDEFS_H -typedef union -{ - struct - { - unsigned __int32 LowPart; - unsigned __int32 HighPart; - }; -# ifndef TC_NO_COMPILER_INT64 - unsigned __int64 Value; -# endif - -} UINT64_STRUCT; -#endif - -// Public function prototypes - -void EncryptBufferXTS (unsigned __int8 *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, unsigned __int8 *ks, unsigned __int8 *ks2, int cipher); -static void EncryptBufferXTSParallel (unsigned __int8 *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, unsigned __int8 *ks, unsigned __int8 *ks2, int cipher); -static void EncryptBufferXTSNonParallel (unsigned __int8 *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, unsigned __int8 *ks, unsigned __int8 *ks2, int cipher); -void DecryptBufferXTS (unsigned __int8 *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, unsigned __int8 *ks, unsigned __int8 *ks2, int cipher); -static void DecryptBufferXTSParallel (unsigned __int8 *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, unsigned __int8 *ks, unsigned __int8 *ks2, int cipher); -static void DecryptBufferXTSNonParallel (unsigned __int8 *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, unsigned __int8 *ks, unsigned __int8 *ks2, int cipher); - -#ifdef __cplusplus -} -#endif - -#endif // #ifndef XTS_H +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef XTS_H +#define XTS_H + +// Header files (optional) + +#include "Tcdefs.h" +#include "Common/Endian.h" +#include "Crypto.h" + +#ifdef __cplusplus +extern "C" { +#endif + +// Macros + +#ifndef LITTLE_ENDIAN +# define LITTLE_ENDIAN 1 +#endif + +#ifndef BIG_ENDIAN +# define BIG_ENDIAN 2 +#endif + +#ifndef BYTE_ORDER +# define BYTE_ORDER LITTLE_ENDIAN +#endif + +#ifndef LE64 +# if BYTE_ORDER == LITTLE_ENDIAN +# define LE64(x) (x) +# endif +#endif + +// Custom data types + +#ifndef TC_LARGEST_COMPILER_UINT +# ifdef TC_NO_COMPILER_INT64 + typedef unsigned __int32 TC_LARGEST_COMPILER_UINT; +# else + typedef unsigned __int64 TC_LARGEST_COMPILER_UINT; +# endif +#endif + +#ifndef TCDEFS_H +typedef union +{ + struct + { + unsigned __int32 LowPart; + unsigned __int32 HighPart; + }; +# ifndef TC_NO_COMPILER_INT64 + unsigned __int64 Value; +# endif + +} UINT64_STRUCT; +#endif + +// Public function prototypes + +void EncryptBufferXTS (unsigned __int8 *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, unsigned __int8 *ks, unsigned __int8 *ks2, int cipher); +static void EncryptBufferXTSParallel (unsigned __int8 *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, unsigned __int8 *ks, unsigned __int8 *ks2, int cipher); +static void EncryptBufferXTSNonParallel (unsigned __int8 *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, unsigned __int8 *ks, unsigned __int8 *ks2, int cipher); +void DecryptBufferXTS (unsigned __int8 *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, unsigned __int8 *ks, unsigned __int8 *ks2, int cipher); +static void DecryptBufferXTSParallel (unsigned __int8 *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, unsigned __int8 *ks, unsigned __int8 *ks2, int cipher); +static void DecryptBufferXTSNonParallel (unsigned __int8 *buffer, TC_LARGEST_COMPILER_UINT length, const UINT64_STRUCT *startDataUnitNo, unsigned int startCipherBlockNo, unsigned __int8 *ks, unsigned __int8 *ks2, int cipher); + +#ifdef __cplusplus +} +#endif + +#endif // #ifndef XTS_H diff --git a/src/Crypto/Aes.h b/src/Crypto/Aes.h index 7a1eff47..e12c6fc8 100644 --- a/src/Crypto/Aes.h +++ b/src/Crypto/Aes.h @@ -1,215 +1,215 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software is allowed (with or without - changes) provided that: - - 1. source code distributions include the above copyright notice, this - list of conditions and the following disclaimer; - - 2. binary distributions include the above copyright notice, this list - of conditions and the following disclaimer in their documentation; - - 3. the name of the copyright holder is not used to endorse products - built using this software without specific written permission. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 20/12/2007 - - This file contains the definitions required to use AES in C. See aesopt.h - for optimisation details. -*/ - -/* Adapted for TrueCrypt */ - -#ifndef _AES_H -#define _AES_H - -#include "Common/Tcdefs.h" - -#ifndef EXIT_SUCCESS -#define EXIT_SUCCESS 0 -#define EXIT_FAILURE 1 -#endif -#define INT_RETURN int - -#if defined(__cplusplus) -extern "C" -{ -#endif - -// #define AES_128 /* define if AES with 128 bit keys is needed */ -// #define AES_192 /* define if AES with 192 bit keys is needed */ -#define AES_256 /* define if AES with 256 bit keys is needed */ -// #define AES_VAR /* define if a variable key size is needed */ -// #define AES_MODES /* define if support is needed for modes */ - -/* The following must also be set in assembler files if being used */ - -#define AES_ENCRYPT /* if support for encryption is needed */ -#define AES_DECRYPT /* if support for decryption is needed */ -#define AES_ERR_CHK /* for parameter checks & error return codes */ -#define AES_REV_DKS /* define to reverse decryption key schedule */ - -#define AES_BLOCK_SIZE 16 /* the AES block size in bytes */ -#define N_COLS 4 /* the number of columns in the state */ - -/* The key schedule length is 11, 13 or 15 16-byte blocks for 128, */ -/* 192 or 256-bit keys respectively. That is 176, 208 or 240 bytes */ -/* or 44, 52 or 60 32-bit words. */ - -#if defined( AES_VAR ) || defined( AES_256 ) -#define KS_LENGTH 60 -#elif defined( AES_192 ) -#define KS_LENGTH 52 -#else -#define KS_LENGTH 44 -#endif - -#if defined( AES_ERR_CHK ) -#define AES_RETURN INT_RETURN -#else -#define AES_RETURN VOID_RETURN -#endif - -/* the character array 'inf' in the following structures is used */ -/* to hold AES context information. This AES code uses cx->inf.b[0] */ -/* to hold the number of rounds multiplied by 16. The other three */ -/* elements can be used by code that implements additional modes */ - -typedef union -{ uint_32t l; - uint_8t b[4]; -} aes_inf; - -typedef struct -{ uint_32t ks[KS_LENGTH]; - aes_inf inf; -} aes_encrypt_ctx; - -typedef struct -{ uint_32t ks[KS_LENGTH]; - aes_inf inf; -} aes_decrypt_ctx; - -/* This routine must be called before first use if non-static */ -/* tables are being used */ - -AES_RETURN aes_init(void); - -/* Key lengths in the range 16 <= key_len <= 32 are given in bytes, */ -/* those in the range 128 <= key_len <= 256 are given in bits */ - -#if defined( AES_ENCRYPT ) - -#if defined(AES_128) || defined(AES_VAR) -AES_RETURN aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1]); -#endif - -#if defined(AES_192) || defined(AES_VAR) -AES_RETURN aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1]); -#endif - -#if defined(AES_256) || defined(AES_VAR) -AES_RETURN aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1]); -#endif - -#if defined(AES_VAR) -AES_RETURN aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1]); -#endif - -AES_RETURN aes_encrypt(const unsigned char *in, unsigned char *out, const aes_encrypt_ctx cx[1]); - -#endif - -#if defined( AES_DECRYPT ) - -#if defined(AES_128) || defined(AES_VAR) -AES_RETURN aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1]); -#endif - -#if defined(AES_192) || defined(AES_VAR) -AES_RETURN aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1]); -#endif - -#if defined(AES_256) || defined(AES_VAR) -AES_RETURN aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1]); -#endif - -#if defined(AES_VAR) -AES_RETURN aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1]); -#endif - -AES_RETURN aes_decrypt(const unsigned char *in, unsigned char *out, const aes_decrypt_ctx cx[1]); - -#endif - -#if defined(AES_MODES) - -/* Multiple calls to the following subroutines for multiple block */ -/* ECB, CBC, CFB, OFB and CTR mode encryption can be used to handle */ -/* long messages incremantally provided that the context AND the iv */ -/* are preserved between all such calls. For the ECB and CBC modes */ -/* each individual call within a series of incremental calls must */ -/* process only full blocks (i.e. len must be a multiple of 16) but */ -/* the CFB, OFB and CTR mode calls can handle multiple incremental */ -/* calls of any length. Each mode is reset when a new AES key is */ -/* set but ECB and CBC operations can be reset without setting a */ -/* new key by setting a new IV value. To reset CFB, OFB and CTR */ -/* without setting the key, aes_mode_reset() must be called and the */ -/* IV must be set. NOTE: All these calls update the IV on exit so */ -/* this has to be reset if a new operation with the same IV as the */ -/* previous one is required (or decryption follows encryption with */ -/* the same IV array). */ - -AES_RETURN aes_test_alignment_detection(unsigned int n); - -AES_RETURN aes_ecb_encrypt(const unsigned char *ibuf, unsigned char *obuf, - int len, const aes_encrypt_ctx cx[1]); - -AES_RETURN aes_ecb_decrypt(const unsigned char *ibuf, unsigned char *obuf, - int len, const aes_decrypt_ctx cx[1]); - -AES_RETURN aes_cbc_encrypt(const unsigned char *ibuf, unsigned char *obuf, - int len, unsigned char *iv, const aes_encrypt_ctx cx[1]); - -AES_RETURN aes_cbc_decrypt(const unsigned char *ibuf, unsigned char *obuf, - int len, unsigned char *iv, const aes_decrypt_ctx cx[1]); - -AES_RETURN aes_mode_reset(aes_encrypt_ctx cx[1]); - -AES_RETURN aes_cfb_encrypt(const unsigned char *ibuf, unsigned char *obuf, - int len, unsigned char *iv, aes_encrypt_ctx cx[1]); - -AES_RETURN aes_cfb_decrypt(const unsigned char *ibuf, unsigned char *obuf, - int len, unsigned char *iv, aes_encrypt_ctx cx[1]); - -#define aes_ofb_encrypt aes_ofb_crypt -#define aes_ofb_decrypt aes_ofb_crypt - -AES_RETURN aes_ofb_crypt(const unsigned char *ibuf, unsigned char *obuf, - int len, unsigned char *iv, aes_encrypt_ctx cx[1]); - -typedef void cbuf_inc(unsigned char *cbuf); - -#define aes_ctr_encrypt aes_ctr_crypt -#define aes_ctr_decrypt aes_ctr_crypt - -AES_RETURN aes_ctr_crypt(const unsigned char *ibuf, unsigned char *obuf, - int len, unsigned char *cbuf, cbuf_inc ctr_inc, aes_encrypt_ctx cx[1]); - -#endif - -#if defined(__cplusplus) -} -#endif - -#endif +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 + + This file contains the definitions required to use AES in C. See aesopt.h + for optimisation details. +*/ + +/* Adapted for TrueCrypt */ + +#ifndef _AES_H +#define _AES_H + +#include "Common/Tcdefs.h" + +#ifndef EXIT_SUCCESS +#define EXIT_SUCCESS 0 +#define EXIT_FAILURE 1 +#endif +#define INT_RETURN int + +#if defined(__cplusplus) +extern "C" +{ +#endif + +// #define AES_128 /* define if AES with 128 bit keys is needed */ +// #define AES_192 /* define if AES with 192 bit keys is needed */ +#define AES_256 /* define if AES with 256 bit keys is needed */ +// #define AES_VAR /* define if a variable key size is needed */ +// #define AES_MODES /* define if support is needed for modes */ + +/* The following must also be set in assembler files if being used */ + +#define AES_ENCRYPT /* if support for encryption is needed */ +#define AES_DECRYPT /* if support for decryption is needed */ +#define AES_ERR_CHK /* for parameter checks & error return codes */ +#define AES_REV_DKS /* define to reverse decryption key schedule */ + +#define AES_BLOCK_SIZE 16 /* the AES block size in bytes */ +#define N_COLS 4 /* the number of columns in the state */ + +/* The key schedule length is 11, 13 or 15 16-byte blocks for 128, */ +/* 192 or 256-bit keys respectively. That is 176, 208 or 240 bytes */ +/* or 44, 52 or 60 32-bit words. */ + +#if defined( AES_VAR ) || defined( AES_256 ) +#define KS_LENGTH 60 +#elif defined( AES_192 ) +#define KS_LENGTH 52 +#else +#define KS_LENGTH 44 +#endif + +#if defined( AES_ERR_CHK ) +#define AES_RETURN INT_RETURN +#else +#define AES_RETURN VOID_RETURN +#endif + +/* the character array 'inf' in the following structures is used */ +/* to hold AES context information. This AES code uses cx->inf.b[0] */ +/* to hold the number of rounds multiplied by 16. The other three */ +/* elements can be used by code that implements additional modes */ + +typedef union +{ uint_32t l; + uint_8t b[4]; +} aes_inf; + +typedef struct +{ uint_32t ks[KS_LENGTH]; + aes_inf inf; +} aes_encrypt_ctx; + +typedef struct +{ uint_32t ks[KS_LENGTH]; + aes_inf inf; +} aes_decrypt_ctx; + +/* This routine must be called before first use if non-static */ +/* tables are being used */ + +AES_RETURN aes_init(void); + +/* Key lengths in the range 16 <= key_len <= 32 are given in bytes, */ +/* those in the range 128 <= key_len <= 256 are given in bits */ + +#if defined( AES_ENCRYPT ) + +#if defined(AES_128) || defined(AES_VAR) +AES_RETURN aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1]); +#endif + +#if defined(AES_192) || defined(AES_VAR) +AES_RETURN aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1]); +#endif + +#if defined(AES_256) || defined(AES_VAR) +AES_RETURN aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1]); +#endif + +#if defined(AES_VAR) +AES_RETURN aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1]); +#endif + +AES_RETURN aes_encrypt(const unsigned char *in, unsigned char *out, const aes_encrypt_ctx cx[1]); + +#endif + +#if defined( AES_DECRYPT ) + +#if defined(AES_128) || defined(AES_VAR) +AES_RETURN aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1]); +#endif + +#if defined(AES_192) || defined(AES_VAR) +AES_RETURN aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1]); +#endif + +#if defined(AES_256) || defined(AES_VAR) +AES_RETURN aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1]); +#endif + +#if defined(AES_VAR) +AES_RETURN aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1]); +#endif + +AES_RETURN aes_decrypt(const unsigned char *in, unsigned char *out, const aes_decrypt_ctx cx[1]); + +#endif + +#if defined(AES_MODES) + +/* Multiple calls to the following subroutines for multiple block */ +/* ECB, CBC, CFB, OFB and CTR mode encryption can be used to handle */ +/* long messages incremantally provided that the context AND the iv */ +/* are preserved between all such calls. For the ECB and CBC modes */ +/* each individual call within a series of incremental calls must */ +/* process only full blocks (i.e. len must be a multiple of 16) but */ +/* the CFB, OFB and CTR mode calls can handle multiple incremental */ +/* calls of any length. Each mode is reset when a new AES key is */ +/* set but ECB and CBC operations can be reset without setting a */ +/* new key by setting a new IV value. To reset CFB, OFB and CTR */ +/* without setting the key, aes_mode_reset() must be called and the */ +/* IV must be set. NOTE: All these calls update the IV on exit so */ +/* this has to be reset if a new operation with the same IV as the */ +/* previous one is required (or decryption follows encryption with */ +/* the same IV array). */ + +AES_RETURN aes_test_alignment_detection(unsigned int n); + +AES_RETURN aes_ecb_encrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, const aes_encrypt_ctx cx[1]); + +AES_RETURN aes_ecb_decrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, const aes_decrypt_ctx cx[1]); + +AES_RETURN aes_cbc_encrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, const aes_encrypt_ctx cx[1]); + +AES_RETURN aes_cbc_decrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, const aes_decrypt_ctx cx[1]); + +AES_RETURN aes_mode_reset(aes_encrypt_ctx cx[1]); + +AES_RETURN aes_cfb_encrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, aes_encrypt_ctx cx[1]); + +AES_RETURN aes_cfb_decrypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, aes_encrypt_ctx cx[1]); + +#define aes_ofb_encrypt aes_ofb_crypt +#define aes_ofb_decrypt aes_ofb_crypt + +AES_RETURN aes_ofb_crypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *iv, aes_encrypt_ctx cx[1]); + +typedef void cbuf_inc(unsigned char *cbuf); + +#define aes_ctr_encrypt aes_ctr_crypt +#define aes_ctr_decrypt aes_ctr_crypt + +AES_RETURN aes_ctr_crypt(const unsigned char *ibuf, unsigned char *obuf, + int len, unsigned char *cbuf, cbuf_inc ctr_inc, aes_encrypt_ctx cx[1]); + +#endif + +#if defined(__cplusplus) +} +#endif + +#endif diff --git a/src/Crypto/AesSmall.c b/src/Crypto/AesSmall.c index 91c89873..10e7cf83 100644 --- a/src/Crypto/AesSmall.c +++ b/src/Crypto/AesSmall.c @@ -1,953 +1,953 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 1998-2006, Brian Gladman, Worcester, UK. All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software is allowed (with or without - changes) provided that: - - 1. source code distributions include the above copyright notice, this - list of conditions and the following disclaimer; - - 2. binary distributions include the above copyright notice, this list - of conditions and the following disclaimer in their documentation; - - 3. the name of the copyright holder is not used to endorse products - built using this software without specific written permission. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue 09/09/2006 - - This is an AES implementation that uses only 8-bit byte operations on the - cipher state (there are options to use 32-bit types if available). - - The combination of mix columns and byte substitution used here is based on - that developed by Karl Malbrain. His contribution is acknowledged. - */ - -/* Adapted for TrueCrypt: - - Macro-generated tables were replaced with static data to enable compiling - with MSVC++ 1.5 which runs out of resources when expanding large macros. -*/ - -#pragma optimize ("t", on) - -/* define if you have a fast memcpy function on your system */ -#if 1 -# define HAVE_MEMCPY -# include -# if defined( _MSC_VER ) -# ifndef DEBUG -# pragma intrinsic( memcpy ) -# endif -# endif -#endif - -/* define if you have fast 32-bit types on your system */ -#if 1 -# define HAVE_UINT_32T -#endif - -/* alternative versions (test for performance on your system) */ -#if 0 -# define VERSION_1 -#endif - -#include "AesSmall.h" - -#define WPOLY 0x011b -#define DPOLY 0x008d -#define f1(x) (x) -#define f2(x) ((x<<1) ^ (((x>>7) & 1) * WPOLY)) -#define f4(x) ((x<<2) ^ (((x>>6) & 1) * WPOLY) ^ (((x>>6) & 2) * WPOLY)) -#define f8(x) ((x<<3) ^ (((x>>5) & 1) * WPOLY) ^ (((x>>5) & 2) * WPOLY) \ - ^ (((x>>5) & 4) * WPOLY)) -#define d2(x) (((x) >> 1) ^ ((x) & 1 ? DPOLY : 0)) - -#define f3(x) (f2(x) ^ x) -#define f9(x) (f8(x) ^ x) -#define fb(x) (f8(x) ^ f2(x) ^ x) -#define fd(x) (f8(x) ^ f4(x) ^ x) -#define fe(x) (f8(x) ^ f4(x) ^ f2(x)) - -static const uint_8t s_box[256] = { - 0x63,0x7c,0x77,0x7b,0xf2,0x6b,0x6f,0xc5, - 0x30,0x01,0x67,0x2b,0xfe,0xd7,0xab,0x76, - 0xca,0x82,0xc9,0x7d,0xfa,0x59,0x47,0xf0, - 0xad,0xd4,0xa2,0xaf,0x9c,0xa4,0x72,0xc0, - 0xb7,0xfd,0x93,0x26,0x36,0x3f,0xf7,0xcc, - 0x34,0xa5,0xe5,0xf1,0x71,0xd8,0x31,0x15, - 0x04,0xc7,0x23,0xc3,0x18,0x96,0x05,0x9a, - 0x07,0x12,0x80,0xe2,0xeb,0x27,0xb2,0x75, - 0x09,0x83,0x2c,0x1a,0x1b,0x6e,0x5a,0xa0, - 0x52,0x3b,0xd6,0xb3,0x29,0xe3,0x2f,0x84, - 0x53,0xd1,0x00,0xed,0x20,0xfc,0xb1,0x5b, - 0x6a,0xcb,0xbe,0x39,0x4a,0x4c,0x58,0xcf, - 0xd0,0xef,0xaa,0xfb,0x43,0x4d,0x33,0x85, - 0x45,0xf9,0x02,0x7f,0x50,0x3c,0x9f,0xa8, - 0x51,0xa3,0x40,0x8f,0x92,0x9d,0x38,0xf5, - 0xbc,0xb6,0xda,0x21,0x10,0xff,0xf3,0xd2, - 0xcd,0x0c,0x13,0xec,0x5f,0x97,0x44,0x17, - 0xc4,0xa7,0x7e,0x3d,0x64,0x5d,0x19,0x73, - 0x60,0x81,0x4f,0xdc,0x22,0x2a,0x90,0x88, - 0x46,0xee,0xb8,0x14,0xde,0x5e,0x0b,0xdb, - 0xe0,0x32,0x3a,0x0a,0x49,0x06,0x24,0x5c, - 0xc2,0xd3,0xac,0x62,0x91,0x95,0xe4,0x79, - 0xe7,0xc8,0x37,0x6d,0x8d,0xd5,0x4e,0xa9, - 0x6c,0x56,0xf4,0xea,0x65,0x7a,0xae,0x08, - 0xba,0x78,0x25,0x2e,0x1c,0xa6,0xb4,0xc6, - 0xe8,0xdd,0x74,0x1f,0x4b,0xbd,0x8b,0x8a, - 0x70,0x3e,0xb5,0x66,0x48,0x03,0xf6,0x0e, - 0x61,0x35,0x57,0xb9,0x86,0xc1,0x1d,0x9e, - 0xe1,0xf8,0x98,0x11,0x69,0xd9,0x8e,0x94, - 0x9b,0x1e,0x87,0xe9,0xce,0x55,0x28,0xdf, - 0x8c,0xa1,0x89,0x0d,0xbf,0xe6,0x42,0x68, - 0x41,0x99,0x2d,0x0f,0xb0,0x54,0xbb,0x16 -}; - -static const uint_8t inv_s_box[256] = { - 0x52,0x09,0x6a,0xd5,0x30,0x36,0xa5,0x38, - 0xbf,0x40,0xa3,0x9e,0x81,0xf3,0xd7,0xfb, - 0x7c,0xe3,0x39,0x82,0x9b,0x2f,0xff,0x87, - 0x34,0x8e,0x43,0x44,0xc4,0xde,0xe9,0xcb, - 0x54,0x7b,0x94,0x32,0xa6,0xc2,0x23,0x3d, - 0xee,0x4c,0x95,0x0b,0x42,0xfa,0xc3,0x4e, - 0x08,0x2e,0xa1,0x66,0x28,0xd9,0x24,0xb2, - 0x76,0x5b,0xa2,0x49,0x6d,0x8b,0xd1,0x25, - 0x72,0xf8,0xf6,0x64,0x86,0x68,0x98,0x16, - 0xd4,0xa4,0x5c,0xcc,0x5d,0x65,0xb6,0x92, - 0x6c,0x70,0x48,0x50,0xfd,0xed,0xb9,0xda, - 0x5e,0x15,0x46,0x57,0xa7,0x8d,0x9d,0x84, - 0x90,0xd8,0xab,0x00,0x8c,0xbc,0xd3,0x0a, - 0xf7,0xe4,0x58,0x05,0xb8,0xb3,0x45,0x06, - 0xd0,0x2c,0x1e,0x8f,0xca,0x3f,0x0f,0x02, - 0xc1,0xaf,0xbd,0x03,0x01,0x13,0x8a,0x6b, - 0x3a,0x91,0x11,0x41,0x4f,0x67,0xdc,0xea, - 0x97,0xf2,0xcf,0xce,0xf0,0xb4,0xe6,0x73, - 0x96,0xac,0x74,0x22,0xe7,0xad,0x35,0x85, - 0xe2,0xf9,0x37,0xe8,0x1c,0x75,0xdf,0x6e, - 0x47,0xf1,0x1a,0x71,0x1d,0x29,0xc5,0x89, - 0x6f,0xb7,0x62,0x0e,0xaa,0x18,0xbe,0x1b, - 0xfc,0x56,0x3e,0x4b,0xc6,0xd2,0x79,0x20, - 0x9a,0xdb,0xc0,0xfe,0x78,0xcd,0x5a,0xf4, - 0x1f,0xdd,0xa8,0x33,0x88,0x07,0xc7,0x31, - 0xb1,0x12,0x10,0x59,0x27,0x80,0xec,0x5f, - 0x60,0x51,0x7f,0xa9,0x19,0xb5,0x4a,0x0d, - 0x2d,0xe5,0x7a,0x9f,0x93,0xc9,0x9c,0xef, - 0xa0,0xe0,0x3b,0x4d,0xae,0x2a,0xf5,0xb0, - 0xc8,0xeb,0xbb,0x3c,0x83,0x53,0x99,0x61, - 0x17,0x2b,0x04,0x7e,0xba,0x77,0xd6,0x26, - 0xe1,0x69,0x14,0x63,0x55,0x21,0x0c,0x7d -}; - -static const uint_8t gfm2_s_box[256] = { - 0xc6,0xf8,0xee,0xf6,0xff,0xd6,0xde,0x91, - 0x60,0x02,0xce,0x56,0xe7,0xb5,0x4d,0xec, - 0x8f,0x1f,0x89,0xfa,0xef,0xb2,0x8e,0xfb, - 0x41,0xb3,0x5f,0x45,0x23,0x53,0xe4,0x9b, - 0x75,0xe1,0x3d,0x4c,0x6c,0x7e,0xf5,0x83, - 0x68,0x51,0xd1,0xf9,0xe2,0xab,0x62,0x2a, - 0x08,0x95,0x46,0x9d,0x30,0x37,0x0a,0x2f, - 0x0e,0x24,0x1b,0xdf,0xcd,0x4e,0x7f,0xea, - 0x12,0x1d,0x58,0x34,0x36,0xdc,0xb4,0x5b, - 0xa4,0x76,0xb7,0x7d,0x52,0xdd,0x5e,0x13, - 0xa6,0xb9,0x00,0xc1,0x40,0xe3,0x79,0xb6, - 0xd4,0x8d,0x67,0x72,0x94,0x98,0xb0,0x85, - 0xbb,0xc5,0x4f,0xed,0x86,0x9a,0x66,0x11, - 0x8a,0xe9,0x04,0xfe,0xa0,0x78,0x25,0x4b, - 0xa2,0x5d,0x80,0x05,0x3f,0x21,0x70,0xf1, - 0x63,0x77,0xaf,0x42,0x20,0xe5,0xfd,0xbf, - 0x81,0x18,0x26,0xc3,0xbe,0x35,0x88,0x2e, - 0x93,0x55,0xfc,0x7a,0xc8,0xba,0x32,0xe6, - 0xc0,0x19,0x9e,0xa3,0x44,0x54,0x3b,0x0b, - 0x8c,0xc7,0x6b,0x28,0xa7,0xbc,0x16,0xad, - 0xdb,0x64,0x74,0x14,0x92,0x0c,0x48,0xb8, - 0x9f,0xbd,0x43,0xc4,0x39,0x31,0xd3,0xf2, - 0xd5,0x8b,0x6e,0xda,0x01,0xb1,0x9c,0x49, - 0xd8,0xac,0xf3,0xcf,0xca,0xf4,0x47,0x10, - 0x6f,0xf0,0x4a,0x5c,0x38,0x57,0x73,0x97, - 0xcb,0xa1,0xe8,0x3e,0x96,0x61,0x0d,0x0f, - 0xe0,0x7c,0x71,0xcc,0x90,0x06,0xf7,0x1c, - 0xc2,0x6a,0xae,0x69,0x17,0x99,0x3a,0x27, - 0xd9,0xeb,0x2b,0x22,0xd2,0xa9,0x07,0x33, - 0x2d,0x3c,0x15,0xc9,0x87,0xaa,0x50,0xa5, - 0x03,0x59,0x09,0x1a,0x65,0xd7,0x84,0xd0, - 0x82,0x29,0x5a,0x1e,0x7b,0xa8,0x6d,0x2c -}; - -static const uint_8t gfm3_s_box[256] = { - 0xa5,0x84,0x99,0x8d,0x0d,0xbd,0xb1,0x54, - 0x50,0x03,0xa9,0x7d,0x19,0x62,0xe6,0x9a, - 0x45,0x9d,0x40,0x87,0x15,0xeb,0xc9,0x0b, - 0xec,0x67,0xfd,0xea,0xbf,0xf7,0x96,0x5b, - 0xc2,0x1c,0xae,0x6a,0x5a,0x41,0x02,0x4f, - 0x5c,0xf4,0x34,0x08,0x93,0x73,0x53,0x3f, - 0x0c,0x52,0x65,0x5e,0x28,0xa1,0x0f,0xb5, - 0x09,0x36,0x9b,0x3d,0x26,0x69,0xcd,0x9f, - 0x1b,0x9e,0x74,0x2e,0x2d,0xb2,0xee,0xfb, - 0xf6,0x4d,0x61,0xce,0x7b,0x3e,0x71,0x97, - 0xf5,0x68,0x00,0x2c,0x60,0x1f,0xc8,0xed, - 0xbe,0x46,0xd9,0x4b,0xde,0xd4,0xe8,0x4a, - 0x6b,0x2a,0xe5,0x16,0xc5,0xd7,0x55,0x94, - 0xcf,0x10,0x06,0x81,0xf0,0x44,0xba,0xe3, - 0xf3,0xfe,0xc0,0x8a,0xad,0xbc,0x48,0x04, - 0xdf,0xc1,0x75,0x63,0x30,0x1a,0x0e,0x6d, - 0x4c,0x14,0x35,0x2f,0xe1,0xa2,0xcc,0x39, - 0x57,0xf2,0x82,0x47,0xac,0xe7,0x2b,0x95, - 0xa0,0x98,0xd1,0x7f,0x66,0x7e,0xab,0x83, - 0xca,0x29,0xd3,0x3c,0x79,0xe2,0x1d,0x76, - 0x3b,0x56,0x4e,0x1e,0xdb,0x0a,0x6c,0xe4, - 0x5d,0x6e,0xef,0xa6,0xa8,0xa4,0x37,0x8b, - 0x32,0x43,0x59,0xb7,0x8c,0x64,0xd2,0xe0, - 0xb4,0xfa,0x07,0x25,0xaf,0x8e,0xe9,0x18, - 0xd5,0x88,0x6f,0x72,0x24,0xf1,0xc7,0x51, - 0x23,0x7c,0x9c,0x21,0xdd,0xdc,0x86,0x85, - 0x90,0x42,0xc4,0xaa,0xd8,0x05,0x01,0x12, - 0xa3,0x5f,0xf9,0xd0,0x91,0x58,0x27,0xb9, - 0x38,0x13,0xb3,0x33,0xbb,0x70,0x89,0xa7, - 0xb6,0x22,0x92,0x20,0x49,0xff,0x78,0x7a, - 0x8f,0xf8,0x80,0x17,0xda,0x31,0xc6,0xb8, - 0xc3,0xb0,0x77,0x11,0xcb,0xfc,0xd6,0x3a -}; - -static const uint_8t gfmul_9[256] = { - 0x00,0x09,0x12,0x1b,0x24,0x2d,0x36,0x3f, - 0x48,0x41,0x5a,0x53,0x6c,0x65,0x7e,0x77, - 0x90,0x99,0x82,0x8b,0xb4,0xbd,0xa6,0xaf, - 0xd8,0xd1,0xca,0xc3,0xfc,0xf5,0xee,0xe7, - 0x3b,0x32,0x29,0x20,0x1f,0x16,0x0d,0x04, - 0x73,0x7a,0x61,0x68,0x57,0x5e,0x45,0x4c, - 0xab,0xa2,0xb9,0xb0,0x8f,0x86,0x9d,0x94, - 0xe3,0xea,0xf1,0xf8,0xc7,0xce,0xd5,0xdc, - 0x76,0x7f,0x64,0x6d,0x52,0x5b,0x40,0x49, - 0x3e,0x37,0x2c,0x25,0x1a,0x13,0x08,0x01, - 0xe6,0xef,0xf4,0xfd,0xc2,0xcb,0xd0,0xd9, - 0xae,0xa7,0xbc,0xb5,0x8a,0x83,0x98,0x91, - 0x4d,0x44,0x5f,0x56,0x69,0x60,0x7b,0x72, - 0x05,0x0c,0x17,0x1e,0x21,0x28,0x33,0x3a, - 0xdd,0xd4,0xcf,0xc6,0xf9,0xf0,0xeb,0xe2, - 0x95,0x9c,0x87,0x8e,0xb1,0xb8,0xa3,0xaa, - 0xec,0xe5,0xfe,0xf7,0xc8,0xc1,0xda,0xd3, - 0xa4,0xad,0xb6,0xbf,0x80,0x89,0x92,0x9b, - 0x7c,0x75,0x6e,0x67,0x58,0x51,0x4a,0x43, - 0x34,0x3d,0x26,0x2f,0x10,0x19,0x02,0x0b, - 0xd7,0xde,0xc5,0xcc,0xf3,0xfa,0xe1,0xe8, - 0x9f,0x96,0x8d,0x84,0xbb,0xb2,0xa9,0xa0, - 0x47,0x4e,0x55,0x5c,0x63,0x6a,0x71,0x78, - 0x0f,0x06,0x1d,0x14,0x2b,0x22,0x39,0x30, - 0x9a,0x93,0x88,0x81,0xbe,0xb7,0xac,0xa5, - 0xd2,0xdb,0xc0,0xc9,0xf6,0xff,0xe4,0xed, - 0x0a,0x03,0x18,0x11,0x2e,0x27,0x3c,0x35, - 0x42,0x4b,0x50,0x59,0x66,0x6f,0x74,0x7d, - 0xa1,0xa8,0xb3,0xba,0x85,0x8c,0x97,0x9e, - 0xe9,0xe0,0xfb,0xf2,0xcd,0xc4,0xdf,0xd6, - 0x31,0x38,0x23,0x2a,0x15,0x1c,0x07,0x0e, - 0x79,0x70,0x6b,0x62,0x5d,0x54,0x4f,0x46 -}; - -static const uint_8t gfmul_b[256] = { - 0x00,0x0b,0x16,0x1d,0x2c,0x27,0x3a,0x31, - 0x58,0x53,0x4e,0x45,0x74,0x7f,0x62,0x69, - 0xb0,0xbb,0xa6,0xad,0x9c,0x97,0x8a,0x81, - 0xe8,0xe3,0xfe,0xf5,0xc4,0xcf,0xd2,0xd9, - 0x7b,0x70,0x6d,0x66,0x57,0x5c,0x41,0x4a, - 0x23,0x28,0x35,0x3e,0x0f,0x04,0x19,0x12, - 0xcb,0xc0,0xdd,0xd6,0xe7,0xec,0xf1,0xfa, - 0x93,0x98,0x85,0x8e,0xbf,0xb4,0xa9,0xa2, - 0xf6,0xfd,0xe0,0xeb,0xda,0xd1,0xcc,0xc7, - 0xae,0xa5,0xb8,0xb3,0x82,0x89,0x94,0x9f, - 0x46,0x4d,0x50,0x5b,0x6a,0x61,0x7c,0x77, - 0x1e,0x15,0x08,0x03,0x32,0x39,0x24,0x2f, - 0x8d,0x86,0x9b,0x90,0xa1,0xaa,0xb7,0xbc, - 0xd5,0xde,0xc3,0xc8,0xf9,0xf2,0xef,0xe4, - 0x3d,0x36,0x2b,0x20,0x11,0x1a,0x07,0x0c, - 0x65,0x6e,0x73,0x78,0x49,0x42,0x5f,0x54, - 0xf7,0xfc,0xe1,0xea,0xdb,0xd0,0xcd,0xc6, - 0xaf,0xa4,0xb9,0xb2,0x83,0x88,0x95,0x9e, - 0x47,0x4c,0x51,0x5a,0x6b,0x60,0x7d,0x76, - 0x1f,0x14,0x09,0x02,0x33,0x38,0x25,0x2e, - 0x8c,0x87,0x9a,0x91,0xa0,0xab,0xb6,0xbd, - 0xd4,0xdf,0xc2,0xc9,0xf8,0xf3,0xee,0xe5, - 0x3c,0x37,0x2a,0x21,0x10,0x1b,0x06,0x0d, - 0x64,0x6f,0x72,0x79,0x48,0x43,0x5e,0x55, - 0x01,0x0a,0x17,0x1c,0x2d,0x26,0x3b,0x30, - 0x59,0x52,0x4f,0x44,0x75,0x7e,0x63,0x68, - 0xb1,0xba,0xa7,0xac,0x9d,0x96,0x8b,0x80, - 0xe9,0xe2,0xff,0xf4,0xc5,0xce,0xd3,0xd8, - 0x7a,0x71,0x6c,0x67,0x56,0x5d,0x40,0x4b, - 0x22,0x29,0x34,0x3f,0x0e,0x05,0x18,0x13, - 0xca,0xc1,0xdc,0xd7,0xe6,0xed,0xf0,0xfb, - 0x92,0x99,0x84,0x8f,0xbe,0xb5,0xa8,0xa3 -}; - -static const uint_8t gfmul_d[256] = { - 0x00,0x0d,0x1a,0x17,0x34,0x39,0x2e,0x23, - 0x68,0x65,0x72,0x7f,0x5c,0x51,0x46,0x4b, - 0xd0,0xdd,0xca,0xc7,0xe4,0xe9,0xfe,0xf3, - 0xb8,0xb5,0xa2,0xaf,0x8c,0x81,0x96,0x9b, - 0xbb,0xb6,0xa1,0xac,0x8f,0x82,0x95,0x98, - 0xd3,0xde,0xc9,0xc4,0xe7,0xea,0xfd,0xf0, - 0x6b,0x66,0x71,0x7c,0x5f,0x52,0x45,0x48, - 0x03,0x0e,0x19,0x14,0x37,0x3a,0x2d,0x20, - 0x6d,0x60,0x77,0x7a,0x59,0x54,0x43,0x4e, - 0x05,0x08,0x1f,0x12,0x31,0x3c,0x2b,0x26, - 0xbd,0xb0,0xa7,0xaa,0x89,0x84,0x93,0x9e, - 0xd5,0xd8,0xcf,0xc2,0xe1,0xec,0xfb,0xf6, - 0xd6,0xdb,0xcc,0xc1,0xe2,0xef,0xf8,0xf5, - 0xbe,0xb3,0xa4,0xa9,0x8a,0x87,0x90,0x9d, - 0x06,0x0b,0x1c,0x11,0x32,0x3f,0x28,0x25, - 0x6e,0x63,0x74,0x79,0x5a,0x57,0x40,0x4d, - 0xda,0xd7,0xc0,0xcd,0xee,0xe3,0xf4,0xf9, - 0xb2,0xbf,0xa8,0xa5,0x86,0x8b,0x9c,0x91, - 0x0a,0x07,0x10,0x1d,0x3e,0x33,0x24,0x29, - 0x62,0x6f,0x78,0x75,0x56,0x5b,0x4c,0x41, - 0x61,0x6c,0x7b,0x76,0x55,0x58,0x4f,0x42, - 0x09,0x04,0x13,0x1e,0x3d,0x30,0x27,0x2a, - 0xb1,0xbc,0xab,0xa6,0x85,0x88,0x9f,0x92, - 0xd9,0xd4,0xc3,0xce,0xed,0xe0,0xf7,0xfa, - 0xb7,0xba,0xad,0xa0,0x83,0x8e,0x99,0x94, - 0xdf,0xd2,0xc5,0xc8,0xeb,0xe6,0xf1,0xfc, - 0x67,0x6a,0x7d,0x70,0x53,0x5e,0x49,0x44, - 0x0f,0x02,0x15,0x18,0x3b,0x36,0x21,0x2c, - 0x0c,0x01,0x16,0x1b,0x38,0x35,0x22,0x2f, - 0x64,0x69,0x7e,0x73,0x50,0x5d,0x4a,0x47, - 0xdc,0xd1,0xc6,0xcb,0xe8,0xe5,0xf2,0xff, - 0xb4,0xb9,0xae,0xa3,0x80,0x8d,0x9a,0x97 -}; - -static const uint_8t gfmul_e[256] = { - 0x00,0x0e,0x1c,0x12,0x38,0x36,0x24,0x2a, - 0x70,0x7e,0x6c,0x62,0x48,0x46,0x54,0x5a, - 0xe0,0xee,0xfc,0xf2,0xd8,0xd6,0xc4,0xca, - 0x90,0x9e,0x8c,0x82,0xa8,0xa6,0xb4,0xba, - 0xdb,0xd5,0xc7,0xc9,0xe3,0xed,0xff,0xf1, - 0xab,0xa5,0xb7,0xb9,0x93,0x9d,0x8f,0x81, - 0x3b,0x35,0x27,0x29,0x03,0x0d,0x1f,0x11, - 0x4b,0x45,0x57,0x59,0x73,0x7d,0x6f,0x61, - 0xad,0xa3,0xb1,0xbf,0x95,0x9b,0x89,0x87, - 0xdd,0xd3,0xc1,0xcf,0xe5,0xeb,0xf9,0xf7, - 0x4d,0x43,0x51,0x5f,0x75,0x7b,0x69,0x67, - 0x3d,0x33,0x21,0x2f,0x05,0x0b,0x19,0x17, - 0x76,0x78,0x6a,0x64,0x4e,0x40,0x52,0x5c, - 0x06,0x08,0x1a,0x14,0x3e,0x30,0x22,0x2c, - 0x96,0x98,0x8a,0x84,0xae,0xa0,0xb2,0xbc, - 0xe6,0xe8,0xfa,0xf4,0xde,0xd0,0xc2,0xcc, - 0x41,0x4f,0x5d,0x53,0x79,0x77,0x65,0x6b, - 0x31,0x3f,0x2d,0x23,0x09,0x07,0x15,0x1b, - 0xa1,0xaf,0xbd,0xb3,0x99,0x97,0x85,0x8b, - 0xd1,0xdf,0xcd,0xc3,0xe9,0xe7,0xf5,0xfb, - 0x9a,0x94,0x86,0x88,0xa2,0xac,0xbe,0xb0, - 0xea,0xe4,0xf6,0xf8,0xd2,0xdc,0xce,0xc0, - 0x7a,0x74,0x66,0x68,0x42,0x4c,0x5e,0x50, - 0x0a,0x04,0x16,0x18,0x32,0x3c,0x2e,0x20, - 0xec,0xe2,0xf0,0xfe,0xd4,0xda,0xc8,0xc6, - 0x9c,0x92,0x80,0x8e,0xa4,0xaa,0xb8,0xb6, - 0x0c,0x02,0x10,0x1e,0x34,0x3a,0x28,0x26, - 0x7c,0x72,0x60,0x6e,0x44,0x4a,0x58,0x56, - 0x37,0x39,0x2b,0x25,0x0f,0x01,0x13,0x1d, - 0x47,0x49,0x5b,0x55,0x7f,0x71,0x63,0x6d, - 0xd7,0xd9,0xcb,0xc5,0xef,0xe1,0xf3,0xfd, - 0xa7,0xa9,0xbb,0xb5,0x9f,0x91,0x83,0x8d -}; - -#if defined( HAVE_UINT_32T ) - typedef unsigned long uint_32t; -#endif - -#if defined( HAVE_MEMCPY ) -# define block_copy(d, s, l) memcpy(d, s, l) -# define block16_copy(d, s) memcpy(d, s, N_BLOCK) -#else -# define block_copy(d, s, l) copy_block(d, s, l) -# define block16_copy(d, s) copy_block16(d, s) -#endif - -/* block size 'nn' must be a multiple of four */ - -static void copy_block16( void *d, const void *s ) -{ -#if defined( HAVE_UINT_32T ) - ((uint_32t*)d)[ 0] = ((uint_32t*)s)[ 0]; - ((uint_32t*)d)[ 1] = ((uint_32t*)s)[ 1]; - ((uint_32t*)d)[ 2] = ((uint_32t*)s)[ 2]; - ((uint_32t*)d)[ 3] = ((uint_32t*)s)[ 3]; -#else - ((uint_8t*)d)[ 0] = ((uint_8t*)s)[ 0]; - ((uint_8t*)d)[ 1] = ((uint_8t*)s)[ 1]; - ((uint_8t*)d)[ 2] = ((uint_8t*)s)[ 2]; - ((uint_8t*)d)[ 3] = ((uint_8t*)s)[ 3]; - ((uint_8t*)d)[ 4] = ((uint_8t*)s)[ 4]; - ((uint_8t*)d)[ 5] = ((uint_8t*)s)[ 5]; - ((uint_8t*)d)[ 6] = ((uint_8t*)s)[ 6]; - ((uint_8t*)d)[ 7] = ((uint_8t*)s)[ 7]; - ((uint_8t*)d)[ 8] = ((uint_8t*)s)[ 8]; - ((uint_8t*)d)[ 9] = ((uint_8t*)s)[ 9]; - ((uint_8t*)d)[10] = ((uint_8t*)s)[10]; - ((uint_8t*)d)[11] = ((uint_8t*)s)[11]; - ((uint_8t*)d)[12] = ((uint_8t*)s)[12]; - ((uint_8t*)d)[13] = ((uint_8t*)s)[13]; - ((uint_8t*)d)[14] = ((uint_8t*)s)[14]; - ((uint_8t*)d)[15] = ((uint_8t*)s)[15]; -#endif -} - -static void copy_block( void * d, void *s, uint_8t nn ) -{ - while( nn-- ) - *((uint_8t*)d)++ = *((uint_8t*)s)++; -} - -static void xor_block( void *d, const void *s ) -{ -#if defined( HAVE_UINT_32T ) - ((uint_32t*)d)[ 0] ^= ((uint_32t*)s)[ 0]; - ((uint_32t*)d)[ 1] ^= ((uint_32t*)s)[ 1]; - ((uint_32t*)d)[ 2] ^= ((uint_32t*)s)[ 2]; - ((uint_32t*)d)[ 3] ^= ((uint_32t*)s)[ 3]; -#else - ((uint_8t*)d)[ 0] ^= ((uint_8t*)s)[ 0]; - ((uint_8t*)d)[ 1] ^= ((uint_8t*)s)[ 1]; - ((uint_8t*)d)[ 2] ^= ((uint_8t*)s)[ 2]; - ((uint_8t*)d)[ 3] ^= ((uint_8t*)s)[ 3]; - ((uint_8t*)d)[ 4] ^= ((uint_8t*)s)[ 4]; - ((uint_8t*)d)[ 5] ^= ((uint_8t*)s)[ 5]; - ((uint_8t*)d)[ 6] ^= ((uint_8t*)s)[ 6]; - ((uint_8t*)d)[ 7] ^= ((uint_8t*)s)[ 7]; - ((uint_8t*)d)[ 8] ^= ((uint_8t*)s)[ 8]; - ((uint_8t*)d)[ 9] ^= ((uint_8t*)s)[ 9]; - ((uint_8t*)d)[10] ^= ((uint_8t*)s)[10]; - ((uint_8t*)d)[11] ^= ((uint_8t*)s)[11]; - ((uint_8t*)d)[12] ^= ((uint_8t*)s)[12]; - ((uint_8t*)d)[13] ^= ((uint_8t*)s)[13]; - ((uint_8t*)d)[14] ^= ((uint_8t*)s)[14]; - ((uint_8t*)d)[15] ^= ((uint_8t*)s)[15]; -#endif -} - -static void copy_and_key( void *d, const void *s, const void *k ) -{ -#if defined( HAVE_UINT_32T ) - ((uint_32t*)d)[ 0] = ((uint_32t*)s)[ 0] ^ ((uint_32t*)k)[ 0]; - ((uint_32t*)d)[ 1] = ((uint_32t*)s)[ 1] ^ ((uint_32t*)k)[ 1]; - ((uint_32t*)d)[ 2] = ((uint_32t*)s)[ 2] ^ ((uint_32t*)k)[ 2]; - ((uint_32t*)d)[ 3] = ((uint_32t*)s)[ 3] ^ ((uint_32t*)k)[ 3]; -#elif 1 - ((uint_8t*)d)[ 0] = ((uint_8t*)s)[ 0] ^ ((uint_8t*)k)[ 0]; - ((uint_8t*)d)[ 1] = ((uint_8t*)s)[ 1] ^ ((uint_8t*)k)[ 1]; - ((uint_8t*)d)[ 2] = ((uint_8t*)s)[ 2] ^ ((uint_8t*)k)[ 2]; - ((uint_8t*)d)[ 3] = ((uint_8t*)s)[ 3] ^ ((uint_8t*)k)[ 3]; - ((uint_8t*)d)[ 4] = ((uint_8t*)s)[ 4] ^ ((uint_8t*)k)[ 4]; - ((uint_8t*)d)[ 5] = ((uint_8t*)s)[ 5] ^ ((uint_8t*)k)[ 5]; - ((uint_8t*)d)[ 6] = ((uint_8t*)s)[ 6] ^ ((uint_8t*)k)[ 6]; - ((uint_8t*)d)[ 7] = ((uint_8t*)s)[ 7] ^ ((uint_8t*)k)[ 7]; - ((uint_8t*)d)[ 8] = ((uint_8t*)s)[ 8] ^ ((uint_8t*)k)[ 8]; - ((uint_8t*)d)[ 9] = ((uint_8t*)s)[ 9] ^ ((uint_8t*)k)[ 9]; - ((uint_8t*)d)[10] = ((uint_8t*)s)[10] ^ ((uint_8t*)k)[10]; - ((uint_8t*)d)[11] = ((uint_8t*)s)[11] ^ ((uint_8t*)k)[11]; - ((uint_8t*)d)[12] = ((uint_8t*)s)[12] ^ ((uint_8t*)k)[12]; - ((uint_8t*)d)[13] = ((uint_8t*)s)[13] ^ ((uint_8t*)k)[13]; - ((uint_8t*)d)[14] = ((uint_8t*)s)[14] ^ ((uint_8t*)k)[14]; - ((uint_8t*)d)[15] = ((uint_8t*)s)[15] ^ ((uint_8t*)k)[15]; -#else - block16_copy(d, s); - xor_block(d, k); -#endif -} - -static void add_round_key( uint_8t d[N_BLOCK], const uint_8t k[N_BLOCK] ) -{ - xor_block(d, k); -} - -static void shift_sub_rows( uint_8t st[N_BLOCK] ) -{ uint_8t tt; - - st[ 0] = s_box[st[ 0]]; st[ 4] = s_box[st[ 4]]; - st[ 8] = s_box[st[ 8]]; st[12] = s_box[st[12]]; - - tt = st[1]; st[ 1] = s_box[st[ 5]]; st[ 5] = s_box[st[ 9]]; - st[ 9] = s_box[st[13]]; st[13] = s_box[ tt ]; - - tt = st[2]; st[ 2] = s_box[st[10]]; st[10] = s_box[ tt ]; - tt = st[6]; st[ 6] = s_box[st[14]]; st[14] = s_box[ tt ]; - - tt = st[15]; st[15] = s_box[st[11]]; st[11] = s_box[st[ 7]]; - st[ 7] = s_box[st[ 3]]; st[ 3] = s_box[ tt ]; -} - -static void inv_shift_sub_rows( uint_8t st[N_BLOCK] ) -{ uint_8t tt; - - st[ 0] = inv_s_box[st[ 0]]; st[ 4] = inv_s_box[st[ 4]]; - st[ 8] = inv_s_box[st[ 8]]; st[12] = inv_s_box[st[12]]; - - tt = st[13]; st[13] = inv_s_box[st[9]]; st[ 9] = inv_s_box[st[5]]; - st[ 5] = inv_s_box[st[1]]; st[ 1] = inv_s_box[ tt ]; - - tt = st[2]; st[ 2] = inv_s_box[st[10]]; st[10] = inv_s_box[ tt ]; - tt = st[6]; st[ 6] = inv_s_box[st[14]]; st[14] = inv_s_box[ tt ]; - - tt = st[3]; st[ 3] = inv_s_box[st[ 7]]; st[ 7] = inv_s_box[st[11]]; - st[11] = inv_s_box[st[15]]; st[15] = inv_s_box[ tt ]; -} - -#if defined( VERSION_1 ) - static void mix_sub_columns( uint_8t dt[N_BLOCK] ) - { uint_8t st[N_BLOCK]; - block16_copy(st, dt); -#else - static void mix_sub_columns( uint_8t dt[N_BLOCK], uint_8t st[N_BLOCK] ) - { -#endif - dt[ 0] = gfm2_s_box[st[0]] ^ gfm3_s_box[st[5]] ^ s_box[st[10]] ^ s_box[st[15]]; - dt[ 1] = s_box[st[0]] ^ gfm2_s_box[st[5]] ^ gfm3_s_box[st[10]] ^ s_box[st[15]]; - dt[ 2] = s_box[st[0]] ^ s_box[st[5]] ^ gfm2_s_box[st[10]] ^ gfm3_s_box[st[15]]; - dt[ 3] = gfm3_s_box[st[0]] ^ s_box[st[5]] ^ s_box[st[10]] ^ gfm2_s_box[st[15]]; - - dt[ 4] = gfm2_s_box[st[4]] ^ gfm3_s_box[st[9]] ^ s_box[st[14]] ^ s_box[st[3]]; - dt[ 5] = s_box[st[4]] ^ gfm2_s_box[st[9]] ^ gfm3_s_box[st[14]] ^ s_box[st[3]]; - dt[ 6] = s_box[st[4]] ^ s_box[st[9]] ^ gfm2_s_box[st[14]] ^ gfm3_s_box[st[3]]; - dt[ 7] = gfm3_s_box[st[4]] ^ s_box[st[9]] ^ s_box[st[14]] ^ gfm2_s_box[st[3]]; - - dt[ 8] = gfm2_s_box[st[8]] ^ gfm3_s_box[st[13]] ^ s_box[st[2]] ^ s_box[st[7]]; - dt[ 9] = s_box[st[8]] ^ gfm2_s_box[st[13]] ^ gfm3_s_box[st[2]] ^ s_box[st[7]]; - dt[10] = s_box[st[8]] ^ s_box[st[13]] ^ gfm2_s_box[st[2]] ^ gfm3_s_box[st[7]]; - dt[11] = gfm3_s_box[st[8]] ^ s_box[st[13]] ^ s_box[st[2]] ^ gfm2_s_box[st[7]]; - - dt[12] = gfm2_s_box[st[12]] ^ gfm3_s_box[st[1]] ^ s_box[st[6]] ^ s_box[st[11]]; - dt[13] = s_box[st[12]] ^ gfm2_s_box[st[1]] ^ gfm3_s_box[st[6]] ^ s_box[st[11]]; - dt[14] = s_box[st[12]] ^ s_box[st[1]] ^ gfm2_s_box[st[6]] ^ gfm3_s_box[st[11]]; - dt[15] = gfm3_s_box[st[12]] ^ s_box[st[1]] ^ s_box[st[6]] ^ gfm2_s_box[st[11]]; - } - -#if defined( VERSION_1 ) - static void inv_mix_sub_columns( uint_8t dt[N_BLOCK] ) - { uint_8t st[N_BLOCK]; - block16_copy(st, dt); -#else - static void inv_mix_sub_columns( uint_8t dt[N_BLOCK], uint_8t st[N_BLOCK] ) - { -#endif - dt[ 0] = inv_s_box[gfmul_e[st[ 0]] ^ gfmul_b[st[ 1]] ^ gfmul_d[st[ 2]] ^ gfmul_9[st[ 3]]]; - dt[ 5] = inv_s_box[gfmul_9[st[ 0]] ^ gfmul_e[st[ 1]] ^ gfmul_b[st[ 2]] ^ gfmul_d[st[ 3]]]; - dt[10] = inv_s_box[gfmul_d[st[ 0]] ^ gfmul_9[st[ 1]] ^ gfmul_e[st[ 2]] ^ gfmul_b[st[ 3]]]; - dt[15] = inv_s_box[gfmul_b[st[ 0]] ^ gfmul_d[st[ 1]] ^ gfmul_9[st[ 2]] ^ gfmul_e[st[ 3]]]; - - dt[ 4] = inv_s_box[gfmul_e[st[ 4]] ^ gfmul_b[st[ 5]] ^ gfmul_d[st[ 6]] ^ gfmul_9[st[ 7]]]; - dt[ 9] = inv_s_box[gfmul_9[st[ 4]] ^ gfmul_e[st[ 5]] ^ gfmul_b[st[ 6]] ^ gfmul_d[st[ 7]]]; - dt[14] = inv_s_box[gfmul_d[st[ 4]] ^ gfmul_9[st[ 5]] ^ gfmul_e[st[ 6]] ^ gfmul_b[st[ 7]]]; - dt[ 3] = inv_s_box[gfmul_b[st[ 4]] ^ gfmul_d[st[ 5]] ^ gfmul_9[st[ 6]] ^ gfmul_e[st[ 7]]]; - - dt[ 8] = inv_s_box[gfmul_e[st[ 8]] ^ gfmul_b[st[ 9]] ^ gfmul_d[st[10]] ^ gfmul_9[st[11]]]; - dt[13] = inv_s_box[gfmul_9[st[ 8]] ^ gfmul_e[st[ 9]] ^ gfmul_b[st[10]] ^ gfmul_d[st[11]]]; - dt[ 2] = inv_s_box[gfmul_d[st[ 8]] ^ gfmul_9[st[ 9]] ^ gfmul_e[st[10]] ^ gfmul_b[st[11]]]; - dt[ 7] = inv_s_box[gfmul_b[st[ 8]] ^ gfmul_d[st[ 9]] ^ gfmul_9[st[10]] ^ gfmul_e[st[11]]]; - - dt[12] = inv_s_box[gfmul_e[st[12]] ^ gfmul_b[st[13]] ^ gfmul_d[st[14]] ^ gfmul_9[st[15]]]; - dt[ 1] = inv_s_box[gfmul_9[st[12]] ^ gfmul_e[st[13]] ^ gfmul_b[st[14]] ^ gfmul_d[st[15]]]; - dt[ 6] = inv_s_box[gfmul_d[st[12]] ^ gfmul_9[st[13]] ^ gfmul_e[st[14]] ^ gfmul_b[st[15]]]; - dt[11] = inv_s_box[gfmul_b[st[12]] ^ gfmul_d[st[13]] ^ gfmul_9[st[14]] ^ gfmul_e[st[15]]]; - } - -#if defined( AES_ENC_PREKEYED ) || defined( AES_DEC_PREKEYED ) - -/* Set the cipher key for the pre-keyed version */ - -return_type aes_set_key( const unsigned char key[], length_type keylen, aes_context ctx[1] ) -{ - uint_8t cc, rc, hi; - - switch( keylen ) - { - case 16: - case 128: - keylen = 16; - break; - case 24: - case 192: - keylen = 24; - break; - case 32: - case 256: - keylen = 32; - break; - default: - ctx->rnd = 0; - return (return_type) -1; - } - block_copy(ctx->ksch, key, keylen); - hi = (keylen + 28) << 2; - ctx->rnd = (hi >> 4) - 1; - for( cc = keylen, rc = 1; cc < hi; cc += 4 ) - { uint_8t tt, t0, t1, t2, t3; - - t0 = ctx->ksch[cc - 4]; - t1 = ctx->ksch[cc - 3]; - t2 = ctx->ksch[cc - 2]; - t3 = ctx->ksch[cc - 1]; - if( cc % keylen == 0 ) - { - tt = t0; - t0 = s_box[t1] ^ rc; - t1 = s_box[t2]; - t2 = s_box[t3]; - t3 = s_box[tt]; - rc = f2(rc); - } - else if( keylen > 24 && cc % keylen == 16 ) - { - t0 = s_box[t0]; - t1 = s_box[t1]; - t2 = s_box[t2]; - t3 = s_box[t3]; - } - tt = cc - keylen; - ctx->ksch[cc + 0] = ctx->ksch[tt + 0] ^ t0; - ctx->ksch[cc + 1] = ctx->ksch[tt + 1] ^ t1; - ctx->ksch[cc + 2] = ctx->ksch[tt + 2] ^ t2; - ctx->ksch[cc + 3] = ctx->ksch[tt + 3] ^ t3; - } - return 0; -} - -#endif - -#if defined( AES_ENC_PREKEYED ) - -/* Encrypt a single block of 16 bytes */ - -return_type aes_encrypt( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], const aes_context ctx[1] ) -{ - if( ctx->rnd ) - { - uint_8t s1[N_BLOCK], r; - copy_and_key( s1, in, ctx->ksch ); - - for( r = 1 ; r < ctx->rnd ; ++r ) -#if defined( VERSION_1 ) - { - mix_sub_columns( s1 ); - add_round_key( s1, ctx->ksch + r * N_BLOCK); - } -#else - { uint_8t s2[N_BLOCK]; - mix_sub_columns( s2, s1 ); - copy_and_key( s1, s2, ctx->ksch + r * N_BLOCK); - } -#endif - shift_sub_rows( s1 ); - copy_and_key( out, s1, ctx->ksch + r * N_BLOCK ); - } - else - return (return_type) -1; - return 0; -} - -#endif - -#if defined( AES_DEC_PREKEYED ) - -/* Decrypt a single block of 16 bytes */ - -return_type aes_decrypt( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], const aes_context ctx[1] ) -{ - if( ctx->rnd ) - { - uint_8t s1[N_BLOCK], r; - copy_and_key( s1, in, ctx->ksch + ctx->rnd * N_BLOCK ); - inv_shift_sub_rows( s1 ); - - for( r = ctx->rnd ; --r ; ) -#if defined( VERSION_1 ) - { - add_round_key( s1, ctx->ksch + r * N_BLOCK ); - inv_mix_sub_columns( s1 ); - } -#else - { uint_8t s2[N_BLOCK]; - copy_and_key( s2, s1, ctx->ksch + r * N_BLOCK ); - inv_mix_sub_columns( s1, s2 ); - } -#endif - copy_and_key( out, s1, ctx->ksch ); - } - else - return (return_type) -1; - return 0; -} - -#endif - -#if defined( AES_ENC_128_OTFK ) - -/* The 'on the fly' encryption key update for for 128 bit keys */ - -static void update_encrypt_key_128( uint_8t k[N_BLOCK], uint_8t *rc ) -{ uint_8t cc; - - k[0] ^= s_box[k[13]] ^ *rc; - k[1] ^= s_box[k[14]]; - k[2] ^= s_box[k[15]]; - k[3] ^= s_box[k[12]]; - *rc = f2( *rc ); - - for(cc = 4; cc < 16; cc += 4 ) - { - k[cc + 0] ^= k[cc - 4]; - k[cc + 1] ^= k[cc - 3]; - k[cc + 2] ^= k[cc - 2]; - k[cc + 3] ^= k[cc - 1]; - } -} - -/* Encrypt a single block of 16 bytes with 'on the fly' 128 bit keying */ - -void aes_encrypt_128( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], - const unsigned char key[N_BLOCK], unsigned char o_key[N_BLOCK] ) -{ uint_8t s1[N_BLOCK], r, rc = 1; - - if(o_key != key) - block16_copy( o_key, key ); - copy_and_key( s1, in, o_key ); - - for( r = 1 ; r < 10 ; ++r ) -#if defined( VERSION_1 ) - { - mix_sub_columns( s1 ); - update_encrypt_key_128( o_key, &rc ); - add_round_key( s1, o_key ); - } -#else - { uint_8t s2[N_BLOCK]; - mix_sub_columns( s2, s1 ); - update_encrypt_key_128( o_key, &rc ); - copy_and_key( s1, s2, o_key ); - } -#endif - - shift_sub_rows( s1 ); - update_encrypt_key_128( o_key, &rc ); - copy_and_key( out, s1, o_key ); -} - -#endif - -#if defined( AES_DEC_128_OTFK ) - -/* The 'on the fly' decryption key update for for 128 bit keys */ - -static void update_decrypt_key_128( uint_8t k[N_BLOCK], uint_8t *rc ) -{ uint_8t cc; - - for( cc = 12; cc > 0; cc -= 4 ) - { - k[cc + 0] ^= k[cc - 4]; - k[cc + 1] ^= k[cc - 3]; - k[cc + 2] ^= k[cc - 2]; - k[cc + 3] ^= k[cc - 1]; - } - *rc = d2(*rc); - k[0] ^= s_box[k[13]] ^ *rc; - k[1] ^= s_box[k[14]]; - k[2] ^= s_box[k[15]]; - k[3] ^= s_box[k[12]]; -} - -/* Decrypt a single block of 16 bytes with 'on the fly' 128 bit keying */ - -void aes_decrypt_128( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], - const unsigned char key[N_BLOCK], unsigned char o_key[N_BLOCK] ) -{ - uint_8t s1[N_BLOCK], r, rc = 0x6c; - if(o_key != key) - block16_copy( o_key, key ); - - copy_and_key( s1, in, o_key ); - inv_shift_sub_rows( s1 ); - - for( r = 10 ; --r ; ) -#if defined( VERSION_1 ) - { - update_decrypt_key_128( o_key, &rc ); - add_round_key( s1, o_key ); - inv_mix_sub_columns( s1 ); - } -#else - { uint_8t s2[N_BLOCK]; - update_decrypt_key_128( o_key, &rc ); - copy_and_key( s2, s1, o_key ); - inv_mix_sub_columns( s1, s2 ); - } -#endif - update_decrypt_key_128( o_key, &rc ); - copy_and_key( out, s1, o_key ); -} - -#endif - -#if defined( AES_ENC_256_OTFK ) - -/* The 'on the fly' encryption key update for for 256 bit keys */ - -static void update_encrypt_key_256( uint_8t k[2 * N_BLOCK], uint_8t *rc ) -{ uint_8t cc; - - k[0] ^= s_box[k[29]] ^ *rc; - k[1] ^= s_box[k[30]]; - k[2] ^= s_box[k[31]]; - k[3] ^= s_box[k[28]]; - *rc = f2( *rc ); - - for(cc = 4; cc < 16; cc += 4) - { - k[cc + 0] ^= k[cc - 4]; - k[cc + 1] ^= k[cc - 3]; - k[cc + 2] ^= k[cc - 2]; - k[cc + 3] ^= k[cc - 1]; - } - - k[16] ^= s_box[k[12]]; - k[17] ^= s_box[k[13]]; - k[18] ^= s_box[k[14]]; - k[19] ^= s_box[k[15]]; - - for( cc = 20; cc < 32; cc += 4 ) - { - k[cc + 0] ^= k[cc - 4]; - k[cc + 1] ^= k[cc - 3]; - k[cc + 2] ^= k[cc - 2]; - k[cc + 3] ^= k[cc - 1]; - } -} - -/* Encrypt a single block of 16 bytes with 'on the fly' 256 bit keying */ - -void aes_encrypt_256( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], - const unsigned char key[2 * N_BLOCK], unsigned char o_key[2 * N_BLOCK] ) -{ - uint_8t s1[N_BLOCK], r, rc = 1; - if(o_key != key) - { - block16_copy( o_key, key ); - block16_copy( o_key + 16, key + 16 ); - } - copy_and_key( s1, in, o_key ); - - for( r = 1 ; r < 14 ; ++r ) -#if defined( VERSION_1 ) - { - mix_sub_columns(s1); - if( r & 1 ) - add_round_key( s1, o_key + 16 ); - else - { - update_encrypt_key_256( o_key, &rc ); - add_round_key( s1, o_key ); - } - } -#else - { uint_8t s2[N_BLOCK]; - mix_sub_columns( s2, s1 ); - if( r & 1 ) - copy_and_key( s1, s2, o_key + 16 ); - else - { - update_encrypt_key_256( o_key, &rc ); - copy_and_key( s1, s2, o_key ); - } - } -#endif - - shift_sub_rows( s1 ); - update_encrypt_key_256( o_key, &rc ); - copy_and_key( out, s1, o_key ); -} - -#endif - -#if defined( AES_DEC_256_OTFK ) - -/* The 'on the fly' encryption key update for for 256 bit keys */ - -static void update_decrypt_key_256( uint_8t k[2 * N_BLOCK], uint_8t *rc ) -{ uint_8t cc; - - for(cc = 28; cc > 16; cc -= 4) - { - k[cc + 0] ^= k[cc - 4]; - k[cc + 1] ^= k[cc - 3]; - k[cc + 2] ^= k[cc - 2]; - k[cc + 3] ^= k[cc - 1]; - } - - k[16] ^= s_box[k[12]]; - k[17] ^= s_box[k[13]]; - k[18] ^= s_box[k[14]]; - k[19] ^= s_box[k[15]]; - - for(cc = 12; cc > 0; cc -= 4) - { - k[cc + 0] ^= k[cc - 4]; - k[cc + 1] ^= k[cc - 3]; - k[cc + 2] ^= k[cc - 2]; - k[cc + 3] ^= k[cc - 1]; - } - - *rc = d2(*rc); - k[0] ^= s_box[k[29]] ^ *rc; - k[1] ^= s_box[k[30]]; - k[2] ^= s_box[k[31]]; - k[3] ^= s_box[k[28]]; -} - -/* Decrypt a single block of 16 bytes with 'on the fly' - 256 bit keying -*/ -void aes_decrypt_256( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], - const unsigned char key[2 * N_BLOCK], unsigned char o_key[2 * N_BLOCK] ) -{ - uint_8t s1[N_BLOCK], r, rc = 0x80; - - if(o_key != key) - { - block16_copy( o_key, key ); - block16_copy( o_key + 16, key + 16 ); - } - - copy_and_key( s1, in, o_key ); - inv_shift_sub_rows( s1 ); - - for( r = 14 ; --r ; ) -#if defined( VERSION_1 ) - { - if( ( r & 1 ) ) - { - update_decrypt_key_256( o_key, &rc ); - add_round_key( s1, o_key + 16 ); - } - else - add_round_key( s1, o_key ); - inv_mix_sub_columns( s1 ); - } -#else - { uint_8t s2[N_BLOCK]; - if( ( r & 1 ) ) - { - update_decrypt_key_256( o_key, &rc ); - copy_and_key( s2, s1, o_key + 16 ); - } - else - copy_and_key( s2, s1, o_key ); - inv_mix_sub_columns( s1, s2 ); - } -#endif - copy_and_key( out, s1, o_key ); -} - -#endif +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2006, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue 09/09/2006 + + This is an AES implementation that uses only 8-bit byte operations on the + cipher state (there are options to use 32-bit types if available). + + The combination of mix columns and byte substitution used here is based on + that developed by Karl Malbrain. His contribution is acknowledged. + */ + +/* Adapted for TrueCrypt: + - Macro-generated tables were replaced with static data to enable compiling + with MSVC++ 1.5 which runs out of resources when expanding large macros. +*/ + +#pragma optimize ("t", on) + +/* define if you have a fast memcpy function on your system */ +#if 1 +# define HAVE_MEMCPY +# include +# if defined( _MSC_VER ) +# ifndef DEBUG +# pragma intrinsic( memcpy ) +# endif +# endif +#endif + +/* define if you have fast 32-bit types on your system */ +#if 1 +# define HAVE_UINT_32T +#endif + +/* alternative versions (test for performance on your system) */ +#if 0 +# define VERSION_1 +#endif + +#include "AesSmall.h" + +#define WPOLY 0x011b +#define DPOLY 0x008d +#define f1(x) (x) +#define f2(x) ((x<<1) ^ (((x>>7) & 1) * WPOLY)) +#define f4(x) ((x<<2) ^ (((x>>6) & 1) * WPOLY) ^ (((x>>6) & 2) * WPOLY)) +#define f8(x) ((x<<3) ^ (((x>>5) & 1) * WPOLY) ^ (((x>>5) & 2) * WPOLY) \ + ^ (((x>>5) & 4) * WPOLY)) +#define d2(x) (((x) >> 1) ^ ((x) & 1 ? DPOLY : 0)) + +#define f3(x) (f2(x) ^ x) +#define f9(x) (f8(x) ^ x) +#define fb(x) (f8(x) ^ f2(x) ^ x) +#define fd(x) (f8(x) ^ f4(x) ^ x) +#define fe(x) (f8(x) ^ f4(x) ^ f2(x)) + +static const uint_8t s_box[256] = { + 0x63,0x7c,0x77,0x7b,0xf2,0x6b,0x6f,0xc5, + 0x30,0x01,0x67,0x2b,0xfe,0xd7,0xab,0x76, + 0xca,0x82,0xc9,0x7d,0xfa,0x59,0x47,0xf0, + 0xad,0xd4,0xa2,0xaf,0x9c,0xa4,0x72,0xc0, + 0xb7,0xfd,0x93,0x26,0x36,0x3f,0xf7,0xcc, + 0x34,0xa5,0xe5,0xf1,0x71,0xd8,0x31,0x15, + 0x04,0xc7,0x23,0xc3,0x18,0x96,0x05,0x9a, + 0x07,0x12,0x80,0xe2,0xeb,0x27,0xb2,0x75, + 0x09,0x83,0x2c,0x1a,0x1b,0x6e,0x5a,0xa0, + 0x52,0x3b,0xd6,0xb3,0x29,0xe3,0x2f,0x84, + 0x53,0xd1,0x00,0xed,0x20,0xfc,0xb1,0x5b, + 0x6a,0xcb,0xbe,0x39,0x4a,0x4c,0x58,0xcf, + 0xd0,0xef,0xaa,0xfb,0x43,0x4d,0x33,0x85, + 0x45,0xf9,0x02,0x7f,0x50,0x3c,0x9f,0xa8, + 0x51,0xa3,0x40,0x8f,0x92,0x9d,0x38,0xf5, + 0xbc,0xb6,0xda,0x21,0x10,0xff,0xf3,0xd2, + 0xcd,0x0c,0x13,0xec,0x5f,0x97,0x44,0x17, + 0xc4,0xa7,0x7e,0x3d,0x64,0x5d,0x19,0x73, + 0x60,0x81,0x4f,0xdc,0x22,0x2a,0x90,0x88, + 0x46,0xee,0xb8,0x14,0xde,0x5e,0x0b,0xdb, + 0xe0,0x32,0x3a,0x0a,0x49,0x06,0x24,0x5c, + 0xc2,0xd3,0xac,0x62,0x91,0x95,0xe4,0x79, + 0xe7,0xc8,0x37,0x6d,0x8d,0xd5,0x4e,0xa9, + 0x6c,0x56,0xf4,0xea,0x65,0x7a,0xae,0x08, + 0xba,0x78,0x25,0x2e,0x1c,0xa6,0xb4,0xc6, + 0xe8,0xdd,0x74,0x1f,0x4b,0xbd,0x8b,0x8a, + 0x70,0x3e,0xb5,0x66,0x48,0x03,0xf6,0x0e, + 0x61,0x35,0x57,0xb9,0x86,0xc1,0x1d,0x9e, + 0xe1,0xf8,0x98,0x11,0x69,0xd9,0x8e,0x94, + 0x9b,0x1e,0x87,0xe9,0xce,0x55,0x28,0xdf, + 0x8c,0xa1,0x89,0x0d,0xbf,0xe6,0x42,0x68, + 0x41,0x99,0x2d,0x0f,0xb0,0x54,0xbb,0x16 +}; + +static const uint_8t inv_s_box[256] = { + 0x52,0x09,0x6a,0xd5,0x30,0x36,0xa5,0x38, + 0xbf,0x40,0xa3,0x9e,0x81,0xf3,0xd7,0xfb, + 0x7c,0xe3,0x39,0x82,0x9b,0x2f,0xff,0x87, + 0x34,0x8e,0x43,0x44,0xc4,0xde,0xe9,0xcb, + 0x54,0x7b,0x94,0x32,0xa6,0xc2,0x23,0x3d, + 0xee,0x4c,0x95,0x0b,0x42,0xfa,0xc3,0x4e, + 0x08,0x2e,0xa1,0x66,0x28,0xd9,0x24,0xb2, + 0x76,0x5b,0xa2,0x49,0x6d,0x8b,0xd1,0x25, + 0x72,0xf8,0xf6,0x64,0x86,0x68,0x98,0x16, + 0xd4,0xa4,0x5c,0xcc,0x5d,0x65,0xb6,0x92, + 0x6c,0x70,0x48,0x50,0xfd,0xed,0xb9,0xda, + 0x5e,0x15,0x46,0x57,0xa7,0x8d,0x9d,0x84, + 0x90,0xd8,0xab,0x00,0x8c,0xbc,0xd3,0x0a, + 0xf7,0xe4,0x58,0x05,0xb8,0xb3,0x45,0x06, + 0xd0,0x2c,0x1e,0x8f,0xca,0x3f,0x0f,0x02, + 0xc1,0xaf,0xbd,0x03,0x01,0x13,0x8a,0x6b, + 0x3a,0x91,0x11,0x41,0x4f,0x67,0xdc,0xea, + 0x97,0xf2,0xcf,0xce,0xf0,0xb4,0xe6,0x73, + 0x96,0xac,0x74,0x22,0xe7,0xad,0x35,0x85, + 0xe2,0xf9,0x37,0xe8,0x1c,0x75,0xdf,0x6e, + 0x47,0xf1,0x1a,0x71,0x1d,0x29,0xc5,0x89, + 0x6f,0xb7,0x62,0x0e,0xaa,0x18,0xbe,0x1b, + 0xfc,0x56,0x3e,0x4b,0xc6,0xd2,0x79,0x20, + 0x9a,0xdb,0xc0,0xfe,0x78,0xcd,0x5a,0xf4, + 0x1f,0xdd,0xa8,0x33,0x88,0x07,0xc7,0x31, + 0xb1,0x12,0x10,0x59,0x27,0x80,0xec,0x5f, + 0x60,0x51,0x7f,0xa9,0x19,0xb5,0x4a,0x0d, + 0x2d,0xe5,0x7a,0x9f,0x93,0xc9,0x9c,0xef, + 0xa0,0xe0,0x3b,0x4d,0xae,0x2a,0xf5,0xb0, + 0xc8,0xeb,0xbb,0x3c,0x83,0x53,0x99,0x61, + 0x17,0x2b,0x04,0x7e,0xba,0x77,0xd6,0x26, + 0xe1,0x69,0x14,0x63,0x55,0x21,0x0c,0x7d +}; + +static const uint_8t gfm2_s_box[256] = { + 0xc6,0xf8,0xee,0xf6,0xff,0xd6,0xde,0x91, + 0x60,0x02,0xce,0x56,0xe7,0xb5,0x4d,0xec, + 0x8f,0x1f,0x89,0xfa,0xef,0xb2,0x8e,0xfb, + 0x41,0xb3,0x5f,0x45,0x23,0x53,0xe4,0x9b, + 0x75,0xe1,0x3d,0x4c,0x6c,0x7e,0xf5,0x83, + 0x68,0x51,0xd1,0xf9,0xe2,0xab,0x62,0x2a, + 0x08,0x95,0x46,0x9d,0x30,0x37,0x0a,0x2f, + 0x0e,0x24,0x1b,0xdf,0xcd,0x4e,0x7f,0xea, + 0x12,0x1d,0x58,0x34,0x36,0xdc,0xb4,0x5b, + 0xa4,0x76,0xb7,0x7d,0x52,0xdd,0x5e,0x13, + 0xa6,0xb9,0x00,0xc1,0x40,0xe3,0x79,0xb6, + 0xd4,0x8d,0x67,0x72,0x94,0x98,0xb0,0x85, + 0xbb,0xc5,0x4f,0xed,0x86,0x9a,0x66,0x11, + 0x8a,0xe9,0x04,0xfe,0xa0,0x78,0x25,0x4b, + 0xa2,0x5d,0x80,0x05,0x3f,0x21,0x70,0xf1, + 0x63,0x77,0xaf,0x42,0x20,0xe5,0xfd,0xbf, + 0x81,0x18,0x26,0xc3,0xbe,0x35,0x88,0x2e, + 0x93,0x55,0xfc,0x7a,0xc8,0xba,0x32,0xe6, + 0xc0,0x19,0x9e,0xa3,0x44,0x54,0x3b,0x0b, + 0x8c,0xc7,0x6b,0x28,0xa7,0xbc,0x16,0xad, + 0xdb,0x64,0x74,0x14,0x92,0x0c,0x48,0xb8, + 0x9f,0xbd,0x43,0xc4,0x39,0x31,0xd3,0xf2, + 0xd5,0x8b,0x6e,0xda,0x01,0xb1,0x9c,0x49, + 0xd8,0xac,0xf3,0xcf,0xca,0xf4,0x47,0x10, + 0x6f,0xf0,0x4a,0x5c,0x38,0x57,0x73,0x97, + 0xcb,0xa1,0xe8,0x3e,0x96,0x61,0x0d,0x0f, + 0xe0,0x7c,0x71,0xcc,0x90,0x06,0xf7,0x1c, + 0xc2,0x6a,0xae,0x69,0x17,0x99,0x3a,0x27, + 0xd9,0xeb,0x2b,0x22,0xd2,0xa9,0x07,0x33, + 0x2d,0x3c,0x15,0xc9,0x87,0xaa,0x50,0xa5, + 0x03,0x59,0x09,0x1a,0x65,0xd7,0x84,0xd0, + 0x82,0x29,0x5a,0x1e,0x7b,0xa8,0x6d,0x2c +}; + +static const uint_8t gfm3_s_box[256] = { + 0xa5,0x84,0x99,0x8d,0x0d,0xbd,0xb1,0x54, + 0x50,0x03,0xa9,0x7d,0x19,0x62,0xe6,0x9a, + 0x45,0x9d,0x40,0x87,0x15,0xeb,0xc9,0x0b, + 0xec,0x67,0xfd,0xea,0xbf,0xf7,0x96,0x5b, + 0xc2,0x1c,0xae,0x6a,0x5a,0x41,0x02,0x4f, + 0x5c,0xf4,0x34,0x08,0x93,0x73,0x53,0x3f, + 0x0c,0x52,0x65,0x5e,0x28,0xa1,0x0f,0xb5, + 0x09,0x36,0x9b,0x3d,0x26,0x69,0xcd,0x9f, + 0x1b,0x9e,0x74,0x2e,0x2d,0xb2,0xee,0xfb, + 0xf6,0x4d,0x61,0xce,0x7b,0x3e,0x71,0x97, + 0xf5,0x68,0x00,0x2c,0x60,0x1f,0xc8,0xed, + 0xbe,0x46,0xd9,0x4b,0xde,0xd4,0xe8,0x4a, + 0x6b,0x2a,0xe5,0x16,0xc5,0xd7,0x55,0x94, + 0xcf,0x10,0x06,0x81,0xf0,0x44,0xba,0xe3, + 0xf3,0xfe,0xc0,0x8a,0xad,0xbc,0x48,0x04, + 0xdf,0xc1,0x75,0x63,0x30,0x1a,0x0e,0x6d, + 0x4c,0x14,0x35,0x2f,0xe1,0xa2,0xcc,0x39, + 0x57,0xf2,0x82,0x47,0xac,0xe7,0x2b,0x95, + 0xa0,0x98,0xd1,0x7f,0x66,0x7e,0xab,0x83, + 0xca,0x29,0xd3,0x3c,0x79,0xe2,0x1d,0x76, + 0x3b,0x56,0x4e,0x1e,0xdb,0x0a,0x6c,0xe4, + 0x5d,0x6e,0xef,0xa6,0xa8,0xa4,0x37,0x8b, + 0x32,0x43,0x59,0xb7,0x8c,0x64,0xd2,0xe0, + 0xb4,0xfa,0x07,0x25,0xaf,0x8e,0xe9,0x18, + 0xd5,0x88,0x6f,0x72,0x24,0xf1,0xc7,0x51, + 0x23,0x7c,0x9c,0x21,0xdd,0xdc,0x86,0x85, + 0x90,0x42,0xc4,0xaa,0xd8,0x05,0x01,0x12, + 0xa3,0x5f,0xf9,0xd0,0x91,0x58,0x27,0xb9, + 0x38,0x13,0xb3,0x33,0xbb,0x70,0x89,0xa7, + 0xb6,0x22,0x92,0x20,0x49,0xff,0x78,0x7a, + 0x8f,0xf8,0x80,0x17,0xda,0x31,0xc6,0xb8, + 0xc3,0xb0,0x77,0x11,0xcb,0xfc,0xd6,0x3a +}; + +static const uint_8t gfmul_9[256] = { + 0x00,0x09,0x12,0x1b,0x24,0x2d,0x36,0x3f, + 0x48,0x41,0x5a,0x53,0x6c,0x65,0x7e,0x77, + 0x90,0x99,0x82,0x8b,0xb4,0xbd,0xa6,0xaf, + 0xd8,0xd1,0xca,0xc3,0xfc,0xf5,0xee,0xe7, + 0x3b,0x32,0x29,0x20,0x1f,0x16,0x0d,0x04, + 0x73,0x7a,0x61,0x68,0x57,0x5e,0x45,0x4c, + 0xab,0xa2,0xb9,0xb0,0x8f,0x86,0x9d,0x94, + 0xe3,0xea,0xf1,0xf8,0xc7,0xce,0xd5,0xdc, + 0x76,0x7f,0x64,0x6d,0x52,0x5b,0x40,0x49, + 0x3e,0x37,0x2c,0x25,0x1a,0x13,0x08,0x01, + 0xe6,0xef,0xf4,0xfd,0xc2,0xcb,0xd0,0xd9, + 0xae,0xa7,0xbc,0xb5,0x8a,0x83,0x98,0x91, + 0x4d,0x44,0x5f,0x56,0x69,0x60,0x7b,0x72, + 0x05,0x0c,0x17,0x1e,0x21,0x28,0x33,0x3a, + 0xdd,0xd4,0xcf,0xc6,0xf9,0xf0,0xeb,0xe2, + 0x95,0x9c,0x87,0x8e,0xb1,0xb8,0xa3,0xaa, + 0xec,0xe5,0xfe,0xf7,0xc8,0xc1,0xda,0xd3, + 0xa4,0xad,0xb6,0xbf,0x80,0x89,0x92,0x9b, + 0x7c,0x75,0x6e,0x67,0x58,0x51,0x4a,0x43, + 0x34,0x3d,0x26,0x2f,0x10,0x19,0x02,0x0b, + 0xd7,0xde,0xc5,0xcc,0xf3,0xfa,0xe1,0xe8, + 0x9f,0x96,0x8d,0x84,0xbb,0xb2,0xa9,0xa0, + 0x47,0x4e,0x55,0x5c,0x63,0x6a,0x71,0x78, + 0x0f,0x06,0x1d,0x14,0x2b,0x22,0x39,0x30, + 0x9a,0x93,0x88,0x81,0xbe,0xb7,0xac,0xa5, + 0xd2,0xdb,0xc0,0xc9,0xf6,0xff,0xe4,0xed, + 0x0a,0x03,0x18,0x11,0x2e,0x27,0x3c,0x35, + 0x42,0x4b,0x50,0x59,0x66,0x6f,0x74,0x7d, + 0xa1,0xa8,0xb3,0xba,0x85,0x8c,0x97,0x9e, + 0xe9,0xe0,0xfb,0xf2,0xcd,0xc4,0xdf,0xd6, + 0x31,0x38,0x23,0x2a,0x15,0x1c,0x07,0x0e, + 0x79,0x70,0x6b,0x62,0x5d,0x54,0x4f,0x46 +}; + +static const uint_8t gfmul_b[256] = { + 0x00,0x0b,0x16,0x1d,0x2c,0x27,0x3a,0x31, + 0x58,0x53,0x4e,0x45,0x74,0x7f,0x62,0x69, + 0xb0,0xbb,0xa6,0xad,0x9c,0x97,0x8a,0x81, + 0xe8,0xe3,0xfe,0xf5,0xc4,0xcf,0xd2,0xd9, + 0x7b,0x70,0x6d,0x66,0x57,0x5c,0x41,0x4a, + 0x23,0x28,0x35,0x3e,0x0f,0x04,0x19,0x12, + 0xcb,0xc0,0xdd,0xd6,0xe7,0xec,0xf1,0xfa, + 0x93,0x98,0x85,0x8e,0xbf,0xb4,0xa9,0xa2, + 0xf6,0xfd,0xe0,0xeb,0xda,0xd1,0xcc,0xc7, + 0xae,0xa5,0xb8,0xb3,0x82,0x89,0x94,0x9f, + 0x46,0x4d,0x50,0x5b,0x6a,0x61,0x7c,0x77, + 0x1e,0x15,0x08,0x03,0x32,0x39,0x24,0x2f, + 0x8d,0x86,0x9b,0x90,0xa1,0xaa,0xb7,0xbc, + 0xd5,0xde,0xc3,0xc8,0xf9,0xf2,0xef,0xe4, + 0x3d,0x36,0x2b,0x20,0x11,0x1a,0x07,0x0c, + 0x65,0x6e,0x73,0x78,0x49,0x42,0x5f,0x54, + 0xf7,0xfc,0xe1,0xea,0xdb,0xd0,0xcd,0xc6, + 0xaf,0xa4,0xb9,0xb2,0x83,0x88,0x95,0x9e, + 0x47,0x4c,0x51,0x5a,0x6b,0x60,0x7d,0x76, + 0x1f,0x14,0x09,0x02,0x33,0x38,0x25,0x2e, + 0x8c,0x87,0x9a,0x91,0xa0,0xab,0xb6,0xbd, + 0xd4,0xdf,0xc2,0xc9,0xf8,0xf3,0xee,0xe5, + 0x3c,0x37,0x2a,0x21,0x10,0x1b,0x06,0x0d, + 0x64,0x6f,0x72,0x79,0x48,0x43,0x5e,0x55, + 0x01,0x0a,0x17,0x1c,0x2d,0x26,0x3b,0x30, + 0x59,0x52,0x4f,0x44,0x75,0x7e,0x63,0x68, + 0xb1,0xba,0xa7,0xac,0x9d,0x96,0x8b,0x80, + 0xe9,0xe2,0xff,0xf4,0xc5,0xce,0xd3,0xd8, + 0x7a,0x71,0x6c,0x67,0x56,0x5d,0x40,0x4b, + 0x22,0x29,0x34,0x3f,0x0e,0x05,0x18,0x13, + 0xca,0xc1,0xdc,0xd7,0xe6,0xed,0xf0,0xfb, + 0x92,0x99,0x84,0x8f,0xbe,0xb5,0xa8,0xa3 +}; + +static const uint_8t gfmul_d[256] = { + 0x00,0x0d,0x1a,0x17,0x34,0x39,0x2e,0x23, + 0x68,0x65,0x72,0x7f,0x5c,0x51,0x46,0x4b, + 0xd0,0xdd,0xca,0xc7,0xe4,0xe9,0xfe,0xf3, + 0xb8,0xb5,0xa2,0xaf,0x8c,0x81,0x96,0x9b, + 0xbb,0xb6,0xa1,0xac,0x8f,0x82,0x95,0x98, + 0xd3,0xde,0xc9,0xc4,0xe7,0xea,0xfd,0xf0, + 0x6b,0x66,0x71,0x7c,0x5f,0x52,0x45,0x48, + 0x03,0x0e,0x19,0x14,0x37,0x3a,0x2d,0x20, + 0x6d,0x60,0x77,0x7a,0x59,0x54,0x43,0x4e, + 0x05,0x08,0x1f,0x12,0x31,0x3c,0x2b,0x26, + 0xbd,0xb0,0xa7,0xaa,0x89,0x84,0x93,0x9e, + 0xd5,0xd8,0xcf,0xc2,0xe1,0xec,0xfb,0xf6, + 0xd6,0xdb,0xcc,0xc1,0xe2,0xef,0xf8,0xf5, + 0xbe,0xb3,0xa4,0xa9,0x8a,0x87,0x90,0x9d, + 0x06,0x0b,0x1c,0x11,0x32,0x3f,0x28,0x25, + 0x6e,0x63,0x74,0x79,0x5a,0x57,0x40,0x4d, + 0xda,0xd7,0xc0,0xcd,0xee,0xe3,0xf4,0xf9, + 0xb2,0xbf,0xa8,0xa5,0x86,0x8b,0x9c,0x91, + 0x0a,0x07,0x10,0x1d,0x3e,0x33,0x24,0x29, + 0x62,0x6f,0x78,0x75,0x56,0x5b,0x4c,0x41, + 0x61,0x6c,0x7b,0x76,0x55,0x58,0x4f,0x42, + 0x09,0x04,0x13,0x1e,0x3d,0x30,0x27,0x2a, + 0xb1,0xbc,0xab,0xa6,0x85,0x88,0x9f,0x92, + 0xd9,0xd4,0xc3,0xce,0xed,0xe0,0xf7,0xfa, + 0xb7,0xba,0xad,0xa0,0x83,0x8e,0x99,0x94, + 0xdf,0xd2,0xc5,0xc8,0xeb,0xe6,0xf1,0xfc, + 0x67,0x6a,0x7d,0x70,0x53,0x5e,0x49,0x44, + 0x0f,0x02,0x15,0x18,0x3b,0x36,0x21,0x2c, + 0x0c,0x01,0x16,0x1b,0x38,0x35,0x22,0x2f, + 0x64,0x69,0x7e,0x73,0x50,0x5d,0x4a,0x47, + 0xdc,0xd1,0xc6,0xcb,0xe8,0xe5,0xf2,0xff, + 0xb4,0xb9,0xae,0xa3,0x80,0x8d,0x9a,0x97 +}; + +static const uint_8t gfmul_e[256] = { + 0x00,0x0e,0x1c,0x12,0x38,0x36,0x24,0x2a, + 0x70,0x7e,0x6c,0x62,0x48,0x46,0x54,0x5a, + 0xe0,0xee,0xfc,0xf2,0xd8,0xd6,0xc4,0xca, + 0x90,0x9e,0x8c,0x82,0xa8,0xa6,0xb4,0xba, + 0xdb,0xd5,0xc7,0xc9,0xe3,0xed,0xff,0xf1, + 0xab,0xa5,0xb7,0xb9,0x93,0x9d,0x8f,0x81, + 0x3b,0x35,0x27,0x29,0x03,0x0d,0x1f,0x11, + 0x4b,0x45,0x57,0x59,0x73,0x7d,0x6f,0x61, + 0xad,0xa3,0xb1,0xbf,0x95,0x9b,0x89,0x87, + 0xdd,0xd3,0xc1,0xcf,0xe5,0xeb,0xf9,0xf7, + 0x4d,0x43,0x51,0x5f,0x75,0x7b,0x69,0x67, + 0x3d,0x33,0x21,0x2f,0x05,0x0b,0x19,0x17, + 0x76,0x78,0x6a,0x64,0x4e,0x40,0x52,0x5c, + 0x06,0x08,0x1a,0x14,0x3e,0x30,0x22,0x2c, + 0x96,0x98,0x8a,0x84,0xae,0xa0,0xb2,0xbc, + 0xe6,0xe8,0xfa,0xf4,0xde,0xd0,0xc2,0xcc, + 0x41,0x4f,0x5d,0x53,0x79,0x77,0x65,0x6b, + 0x31,0x3f,0x2d,0x23,0x09,0x07,0x15,0x1b, + 0xa1,0xaf,0xbd,0xb3,0x99,0x97,0x85,0x8b, + 0xd1,0xdf,0xcd,0xc3,0xe9,0xe7,0xf5,0xfb, + 0x9a,0x94,0x86,0x88,0xa2,0xac,0xbe,0xb0, + 0xea,0xe4,0xf6,0xf8,0xd2,0xdc,0xce,0xc0, + 0x7a,0x74,0x66,0x68,0x42,0x4c,0x5e,0x50, + 0x0a,0x04,0x16,0x18,0x32,0x3c,0x2e,0x20, + 0xec,0xe2,0xf0,0xfe,0xd4,0xda,0xc8,0xc6, + 0x9c,0x92,0x80,0x8e,0xa4,0xaa,0xb8,0xb6, + 0x0c,0x02,0x10,0x1e,0x34,0x3a,0x28,0x26, + 0x7c,0x72,0x60,0x6e,0x44,0x4a,0x58,0x56, + 0x37,0x39,0x2b,0x25,0x0f,0x01,0x13,0x1d, + 0x47,0x49,0x5b,0x55,0x7f,0x71,0x63,0x6d, + 0xd7,0xd9,0xcb,0xc5,0xef,0xe1,0xf3,0xfd, + 0xa7,0xa9,0xbb,0xb5,0x9f,0x91,0x83,0x8d +}; + +#if defined( HAVE_UINT_32T ) + typedef unsigned long uint_32t; +#endif + +#if defined( HAVE_MEMCPY ) +# define block_copy(d, s, l) memcpy(d, s, l) +# define block16_copy(d, s) memcpy(d, s, N_BLOCK) +#else +# define block_copy(d, s, l) copy_block(d, s, l) +# define block16_copy(d, s) copy_block16(d, s) +#endif + +/* block size 'nn' must be a multiple of four */ + +static void copy_block16( void *d, const void *s ) +{ +#if defined( HAVE_UINT_32T ) + ((uint_32t*)d)[ 0] = ((uint_32t*)s)[ 0]; + ((uint_32t*)d)[ 1] = ((uint_32t*)s)[ 1]; + ((uint_32t*)d)[ 2] = ((uint_32t*)s)[ 2]; + ((uint_32t*)d)[ 3] = ((uint_32t*)s)[ 3]; +#else + ((uint_8t*)d)[ 0] = ((uint_8t*)s)[ 0]; + ((uint_8t*)d)[ 1] = ((uint_8t*)s)[ 1]; + ((uint_8t*)d)[ 2] = ((uint_8t*)s)[ 2]; + ((uint_8t*)d)[ 3] = ((uint_8t*)s)[ 3]; + ((uint_8t*)d)[ 4] = ((uint_8t*)s)[ 4]; + ((uint_8t*)d)[ 5] = ((uint_8t*)s)[ 5]; + ((uint_8t*)d)[ 6] = ((uint_8t*)s)[ 6]; + ((uint_8t*)d)[ 7] = ((uint_8t*)s)[ 7]; + ((uint_8t*)d)[ 8] = ((uint_8t*)s)[ 8]; + ((uint_8t*)d)[ 9] = ((uint_8t*)s)[ 9]; + ((uint_8t*)d)[10] = ((uint_8t*)s)[10]; + ((uint_8t*)d)[11] = ((uint_8t*)s)[11]; + ((uint_8t*)d)[12] = ((uint_8t*)s)[12]; + ((uint_8t*)d)[13] = ((uint_8t*)s)[13]; + ((uint_8t*)d)[14] = ((uint_8t*)s)[14]; + ((uint_8t*)d)[15] = ((uint_8t*)s)[15]; +#endif +} + +static void copy_block( void * d, void *s, uint_8t nn ) +{ + while( nn-- ) + *((uint_8t*)d)++ = *((uint_8t*)s)++; +} + +static void xor_block( void *d, const void *s ) +{ +#if defined( HAVE_UINT_32T ) + ((uint_32t*)d)[ 0] ^= ((uint_32t*)s)[ 0]; + ((uint_32t*)d)[ 1] ^= ((uint_32t*)s)[ 1]; + ((uint_32t*)d)[ 2] ^= ((uint_32t*)s)[ 2]; + ((uint_32t*)d)[ 3] ^= ((uint_32t*)s)[ 3]; +#else + ((uint_8t*)d)[ 0] ^= ((uint_8t*)s)[ 0]; + ((uint_8t*)d)[ 1] ^= ((uint_8t*)s)[ 1]; + ((uint_8t*)d)[ 2] ^= ((uint_8t*)s)[ 2]; + ((uint_8t*)d)[ 3] ^= ((uint_8t*)s)[ 3]; + ((uint_8t*)d)[ 4] ^= ((uint_8t*)s)[ 4]; + ((uint_8t*)d)[ 5] ^= ((uint_8t*)s)[ 5]; + ((uint_8t*)d)[ 6] ^= ((uint_8t*)s)[ 6]; + ((uint_8t*)d)[ 7] ^= ((uint_8t*)s)[ 7]; + ((uint_8t*)d)[ 8] ^= ((uint_8t*)s)[ 8]; + ((uint_8t*)d)[ 9] ^= ((uint_8t*)s)[ 9]; + ((uint_8t*)d)[10] ^= ((uint_8t*)s)[10]; + ((uint_8t*)d)[11] ^= ((uint_8t*)s)[11]; + ((uint_8t*)d)[12] ^= ((uint_8t*)s)[12]; + ((uint_8t*)d)[13] ^= ((uint_8t*)s)[13]; + ((uint_8t*)d)[14] ^= ((uint_8t*)s)[14]; + ((uint_8t*)d)[15] ^= ((uint_8t*)s)[15]; +#endif +} + +static void copy_and_key( void *d, const void *s, const void *k ) +{ +#if defined( HAVE_UINT_32T ) + ((uint_32t*)d)[ 0] = ((uint_32t*)s)[ 0] ^ ((uint_32t*)k)[ 0]; + ((uint_32t*)d)[ 1] = ((uint_32t*)s)[ 1] ^ ((uint_32t*)k)[ 1]; + ((uint_32t*)d)[ 2] = ((uint_32t*)s)[ 2] ^ ((uint_32t*)k)[ 2]; + ((uint_32t*)d)[ 3] = ((uint_32t*)s)[ 3] ^ ((uint_32t*)k)[ 3]; +#elif 1 + ((uint_8t*)d)[ 0] = ((uint_8t*)s)[ 0] ^ ((uint_8t*)k)[ 0]; + ((uint_8t*)d)[ 1] = ((uint_8t*)s)[ 1] ^ ((uint_8t*)k)[ 1]; + ((uint_8t*)d)[ 2] = ((uint_8t*)s)[ 2] ^ ((uint_8t*)k)[ 2]; + ((uint_8t*)d)[ 3] = ((uint_8t*)s)[ 3] ^ ((uint_8t*)k)[ 3]; + ((uint_8t*)d)[ 4] = ((uint_8t*)s)[ 4] ^ ((uint_8t*)k)[ 4]; + ((uint_8t*)d)[ 5] = ((uint_8t*)s)[ 5] ^ ((uint_8t*)k)[ 5]; + ((uint_8t*)d)[ 6] = ((uint_8t*)s)[ 6] ^ ((uint_8t*)k)[ 6]; + ((uint_8t*)d)[ 7] = ((uint_8t*)s)[ 7] ^ ((uint_8t*)k)[ 7]; + ((uint_8t*)d)[ 8] = ((uint_8t*)s)[ 8] ^ ((uint_8t*)k)[ 8]; + ((uint_8t*)d)[ 9] = ((uint_8t*)s)[ 9] ^ ((uint_8t*)k)[ 9]; + ((uint_8t*)d)[10] = ((uint_8t*)s)[10] ^ ((uint_8t*)k)[10]; + ((uint_8t*)d)[11] = ((uint_8t*)s)[11] ^ ((uint_8t*)k)[11]; + ((uint_8t*)d)[12] = ((uint_8t*)s)[12] ^ ((uint_8t*)k)[12]; + ((uint_8t*)d)[13] = ((uint_8t*)s)[13] ^ ((uint_8t*)k)[13]; + ((uint_8t*)d)[14] = ((uint_8t*)s)[14] ^ ((uint_8t*)k)[14]; + ((uint_8t*)d)[15] = ((uint_8t*)s)[15] ^ ((uint_8t*)k)[15]; +#else + block16_copy(d, s); + xor_block(d, k); +#endif +} + +static void add_round_key( uint_8t d[N_BLOCK], const uint_8t k[N_BLOCK] ) +{ + xor_block(d, k); +} + +static void shift_sub_rows( uint_8t st[N_BLOCK] ) +{ uint_8t tt; + + st[ 0] = s_box[st[ 0]]; st[ 4] = s_box[st[ 4]]; + st[ 8] = s_box[st[ 8]]; st[12] = s_box[st[12]]; + + tt = st[1]; st[ 1] = s_box[st[ 5]]; st[ 5] = s_box[st[ 9]]; + st[ 9] = s_box[st[13]]; st[13] = s_box[ tt ]; + + tt = st[2]; st[ 2] = s_box[st[10]]; st[10] = s_box[ tt ]; + tt = st[6]; st[ 6] = s_box[st[14]]; st[14] = s_box[ tt ]; + + tt = st[15]; st[15] = s_box[st[11]]; st[11] = s_box[st[ 7]]; + st[ 7] = s_box[st[ 3]]; st[ 3] = s_box[ tt ]; +} + +static void inv_shift_sub_rows( uint_8t st[N_BLOCK] ) +{ uint_8t tt; + + st[ 0] = inv_s_box[st[ 0]]; st[ 4] = inv_s_box[st[ 4]]; + st[ 8] = inv_s_box[st[ 8]]; st[12] = inv_s_box[st[12]]; + + tt = st[13]; st[13] = inv_s_box[st[9]]; st[ 9] = inv_s_box[st[5]]; + st[ 5] = inv_s_box[st[1]]; st[ 1] = inv_s_box[ tt ]; + + tt = st[2]; st[ 2] = inv_s_box[st[10]]; st[10] = inv_s_box[ tt ]; + tt = st[6]; st[ 6] = inv_s_box[st[14]]; st[14] = inv_s_box[ tt ]; + + tt = st[3]; st[ 3] = inv_s_box[st[ 7]]; st[ 7] = inv_s_box[st[11]]; + st[11] = inv_s_box[st[15]]; st[15] = inv_s_box[ tt ]; +} + +#if defined( VERSION_1 ) + static void mix_sub_columns( uint_8t dt[N_BLOCK] ) + { uint_8t st[N_BLOCK]; + block16_copy(st, dt); +#else + static void mix_sub_columns( uint_8t dt[N_BLOCK], uint_8t st[N_BLOCK] ) + { +#endif + dt[ 0] = gfm2_s_box[st[0]] ^ gfm3_s_box[st[5]] ^ s_box[st[10]] ^ s_box[st[15]]; + dt[ 1] = s_box[st[0]] ^ gfm2_s_box[st[5]] ^ gfm3_s_box[st[10]] ^ s_box[st[15]]; + dt[ 2] = s_box[st[0]] ^ s_box[st[5]] ^ gfm2_s_box[st[10]] ^ gfm3_s_box[st[15]]; + dt[ 3] = gfm3_s_box[st[0]] ^ s_box[st[5]] ^ s_box[st[10]] ^ gfm2_s_box[st[15]]; + + dt[ 4] = gfm2_s_box[st[4]] ^ gfm3_s_box[st[9]] ^ s_box[st[14]] ^ s_box[st[3]]; + dt[ 5] = s_box[st[4]] ^ gfm2_s_box[st[9]] ^ gfm3_s_box[st[14]] ^ s_box[st[3]]; + dt[ 6] = s_box[st[4]] ^ s_box[st[9]] ^ gfm2_s_box[st[14]] ^ gfm3_s_box[st[3]]; + dt[ 7] = gfm3_s_box[st[4]] ^ s_box[st[9]] ^ s_box[st[14]] ^ gfm2_s_box[st[3]]; + + dt[ 8] = gfm2_s_box[st[8]] ^ gfm3_s_box[st[13]] ^ s_box[st[2]] ^ s_box[st[7]]; + dt[ 9] = s_box[st[8]] ^ gfm2_s_box[st[13]] ^ gfm3_s_box[st[2]] ^ s_box[st[7]]; + dt[10] = s_box[st[8]] ^ s_box[st[13]] ^ gfm2_s_box[st[2]] ^ gfm3_s_box[st[7]]; + dt[11] = gfm3_s_box[st[8]] ^ s_box[st[13]] ^ s_box[st[2]] ^ gfm2_s_box[st[7]]; + + dt[12] = gfm2_s_box[st[12]] ^ gfm3_s_box[st[1]] ^ s_box[st[6]] ^ s_box[st[11]]; + dt[13] = s_box[st[12]] ^ gfm2_s_box[st[1]] ^ gfm3_s_box[st[6]] ^ s_box[st[11]]; + dt[14] = s_box[st[12]] ^ s_box[st[1]] ^ gfm2_s_box[st[6]] ^ gfm3_s_box[st[11]]; + dt[15] = gfm3_s_box[st[12]] ^ s_box[st[1]] ^ s_box[st[6]] ^ gfm2_s_box[st[11]]; + } + +#if defined( VERSION_1 ) + static void inv_mix_sub_columns( uint_8t dt[N_BLOCK] ) + { uint_8t st[N_BLOCK]; + block16_copy(st, dt); +#else + static void inv_mix_sub_columns( uint_8t dt[N_BLOCK], uint_8t st[N_BLOCK] ) + { +#endif + dt[ 0] = inv_s_box[gfmul_e[st[ 0]] ^ gfmul_b[st[ 1]] ^ gfmul_d[st[ 2]] ^ gfmul_9[st[ 3]]]; + dt[ 5] = inv_s_box[gfmul_9[st[ 0]] ^ gfmul_e[st[ 1]] ^ gfmul_b[st[ 2]] ^ gfmul_d[st[ 3]]]; + dt[10] = inv_s_box[gfmul_d[st[ 0]] ^ gfmul_9[st[ 1]] ^ gfmul_e[st[ 2]] ^ gfmul_b[st[ 3]]]; + dt[15] = inv_s_box[gfmul_b[st[ 0]] ^ gfmul_d[st[ 1]] ^ gfmul_9[st[ 2]] ^ gfmul_e[st[ 3]]]; + + dt[ 4] = inv_s_box[gfmul_e[st[ 4]] ^ gfmul_b[st[ 5]] ^ gfmul_d[st[ 6]] ^ gfmul_9[st[ 7]]]; + dt[ 9] = inv_s_box[gfmul_9[st[ 4]] ^ gfmul_e[st[ 5]] ^ gfmul_b[st[ 6]] ^ gfmul_d[st[ 7]]]; + dt[14] = inv_s_box[gfmul_d[st[ 4]] ^ gfmul_9[st[ 5]] ^ gfmul_e[st[ 6]] ^ gfmul_b[st[ 7]]]; + dt[ 3] = inv_s_box[gfmul_b[st[ 4]] ^ gfmul_d[st[ 5]] ^ gfmul_9[st[ 6]] ^ gfmul_e[st[ 7]]]; + + dt[ 8] = inv_s_box[gfmul_e[st[ 8]] ^ gfmul_b[st[ 9]] ^ gfmul_d[st[10]] ^ gfmul_9[st[11]]]; + dt[13] = inv_s_box[gfmul_9[st[ 8]] ^ gfmul_e[st[ 9]] ^ gfmul_b[st[10]] ^ gfmul_d[st[11]]]; + dt[ 2] = inv_s_box[gfmul_d[st[ 8]] ^ gfmul_9[st[ 9]] ^ gfmul_e[st[10]] ^ gfmul_b[st[11]]]; + dt[ 7] = inv_s_box[gfmul_b[st[ 8]] ^ gfmul_d[st[ 9]] ^ gfmul_9[st[10]] ^ gfmul_e[st[11]]]; + + dt[12] = inv_s_box[gfmul_e[st[12]] ^ gfmul_b[st[13]] ^ gfmul_d[st[14]] ^ gfmul_9[st[15]]]; + dt[ 1] = inv_s_box[gfmul_9[st[12]] ^ gfmul_e[st[13]] ^ gfmul_b[st[14]] ^ gfmul_d[st[15]]]; + dt[ 6] = inv_s_box[gfmul_d[st[12]] ^ gfmul_9[st[13]] ^ gfmul_e[st[14]] ^ gfmul_b[st[15]]]; + dt[11] = inv_s_box[gfmul_b[st[12]] ^ gfmul_d[st[13]] ^ gfmul_9[st[14]] ^ gfmul_e[st[15]]]; + } + +#if defined( AES_ENC_PREKEYED ) || defined( AES_DEC_PREKEYED ) + +/* Set the cipher key for the pre-keyed version */ + +return_type aes_set_key( const unsigned char key[], length_type keylen, aes_context ctx[1] ) +{ + uint_8t cc, rc, hi; + + switch( keylen ) + { + case 16: + case 128: + keylen = 16; + break; + case 24: + case 192: + keylen = 24; + break; + case 32: + case 256: + keylen = 32; + break; + default: + ctx->rnd = 0; + return (return_type) -1; + } + block_copy(ctx->ksch, key, keylen); + hi = (keylen + 28) << 2; + ctx->rnd = (hi >> 4) - 1; + for( cc = keylen, rc = 1; cc < hi; cc += 4 ) + { uint_8t tt, t0, t1, t2, t3; + + t0 = ctx->ksch[cc - 4]; + t1 = ctx->ksch[cc - 3]; + t2 = ctx->ksch[cc - 2]; + t3 = ctx->ksch[cc - 1]; + if( cc % keylen == 0 ) + { + tt = t0; + t0 = s_box[t1] ^ rc; + t1 = s_box[t2]; + t2 = s_box[t3]; + t3 = s_box[tt]; + rc = f2(rc); + } + else if( keylen > 24 && cc % keylen == 16 ) + { + t0 = s_box[t0]; + t1 = s_box[t1]; + t2 = s_box[t2]; + t3 = s_box[t3]; + } + tt = cc - keylen; + ctx->ksch[cc + 0] = ctx->ksch[tt + 0] ^ t0; + ctx->ksch[cc + 1] = ctx->ksch[tt + 1] ^ t1; + ctx->ksch[cc + 2] = ctx->ksch[tt + 2] ^ t2; + ctx->ksch[cc + 3] = ctx->ksch[tt + 3] ^ t3; + } + return 0; +} + +#endif + +#if defined( AES_ENC_PREKEYED ) + +/* Encrypt a single block of 16 bytes */ + +return_type aes_encrypt( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], const aes_context ctx[1] ) +{ + if( ctx->rnd ) + { + uint_8t s1[N_BLOCK], r; + copy_and_key( s1, in, ctx->ksch ); + + for( r = 1 ; r < ctx->rnd ; ++r ) +#if defined( VERSION_1 ) + { + mix_sub_columns( s1 ); + add_round_key( s1, ctx->ksch + r * N_BLOCK); + } +#else + { uint_8t s2[N_BLOCK]; + mix_sub_columns( s2, s1 ); + copy_and_key( s1, s2, ctx->ksch + r * N_BLOCK); + } +#endif + shift_sub_rows( s1 ); + copy_and_key( out, s1, ctx->ksch + r * N_BLOCK ); + } + else + return (return_type) -1; + return 0; +} + +#endif + +#if defined( AES_DEC_PREKEYED ) + +/* Decrypt a single block of 16 bytes */ + +return_type aes_decrypt( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], const aes_context ctx[1] ) +{ + if( ctx->rnd ) + { + uint_8t s1[N_BLOCK], r; + copy_and_key( s1, in, ctx->ksch + ctx->rnd * N_BLOCK ); + inv_shift_sub_rows( s1 ); + + for( r = ctx->rnd ; --r ; ) +#if defined( VERSION_1 ) + { + add_round_key( s1, ctx->ksch + r * N_BLOCK ); + inv_mix_sub_columns( s1 ); + } +#else + { uint_8t s2[N_BLOCK]; + copy_and_key( s2, s1, ctx->ksch + r * N_BLOCK ); + inv_mix_sub_columns( s1, s2 ); + } +#endif + copy_and_key( out, s1, ctx->ksch ); + } + else + return (return_type) -1; + return 0; +} + +#endif + +#if defined( AES_ENC_128_OTFK ) + +/* The 'on the fly' encryption key update for for 128 bit keys */ + +static void update_encrypt_key_128( uint_8t k[N_BLOCK], uint_8t *rc ) +{ uint_8t cc; + + k[0] ^= s_box[k[13]] ^ *rc; + k[1] ^= s_box[k[14]]; + k[2] ^= s_box[k[15]]; + k[3] ^= s_box[k[12]]; + *rc = f2( *rc ); + + for(cc = 4; cc < 16; cc += 4 ) + { + k[cc + 0] ^= k[cc - 4]; + k[cc + 1] ^= k[cc - 3]; + k[cc + 2] ^= k[cc - 2]; + k[cc + 3] ^= k[cc - 1]; + } +} + +/* Encrypt a single block of 16 bytes with 'on the fly' 128 bit keying */ + +void aes_encrypt_128( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], + const unsigned char key[N_BLOCK], unsigned char o_key[N_BLOCK] ) +{ uint_8t s1[N_BLOCK], r, rc = 1; + + if(o_key != key) + block16_copy( o_key, key ); + copy_and_key( s1, in, o_key ); + + for( r = 1 ; r < 10 ; ++r ) +#if defined( VERSION_1 ) + { + mix_sub_columns( s1 ); + update_encrypt_key_128( o_key, &rc ); + add_round_key( s1, o_key ); + } +#else + { uint_8t s2[N_BLOCK]; + mix_sub_columns( s2, s1 ); + update_encrypt_key_128( o_key, &rc ); + copy_and_key( s1, s2, o_key ); + } +#endif + + shift_sub_rows( s1 ); + update_encrypt_key_128( o_key, &rc ); + copy_and_key( out, s1, o_key ); +} + +#endif + +#if defined( AES_DEC_128_OTFK ) + +/* The 'on the fly' decryption key update for for 128 bit keys */ + +static void update_decrypt_key_128( uint_8t k[N_BLOCK], uint_8t *rc ) +{ uint_8t cc; + + for( cc = 12; cc > 0; cc -= 4 ) + { + k[cc + 0] ^= k[cc - 4]; + k[cc + 1] ^= k[cc - 3]; + k[cc + 2] ^= k[cc - 2]; + k[cc + 3] ^= k[cc - 1]; + } + *rc = d2(*rc); + k[0] ^= s_box[k[13]] ^ *rc; + k[1] ^= s_box[k[14]]; + k[2] ^= s_box[k[15]]; + k[3] ^= s_box[k[12]]; +} + +/* Decrypt a single block of 16 bytes with 'on the fly' 128 bit keying */ + +void aes_decrypt_128( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], + const unsigned char key[N_BLOCK], unsigned char o_key[N_BLOCK] ) +{ + uint_8t s1[N_BLOCK], r, rc = 0x6c; + if(o_key != key) + block16_copy( o_key, key ); + + copy_and_key( s1, in, o_key ); + inv_shift_sub_rows( s1 ); + + for( r = 10 ; --r ; ) +#if defined( VERSION_1 ) + { + update_decrypt_key_128( o_key, &rc ); + add_round_key( s1, o_key ); + inv_mix_sub_columns( s1 ); + } +#else + { uint_8t s2[N_BLOCK]; + update_decrypt_key_128( o_key, &rc ); + copy_and_key( s2, s1, o_key ); + inv_mix_sub_columns( s1, s2 ); + } +#endif + update_decrypt_key_128( o_key, &rc ); + copy_and_key( out, s1, o_key ); +} + +#endif + +#if defined( AES_ENC_256_OTFK ) + +/* The 'on the fly' encryption key update for for 256 bit keys */ + +static void update_encrypt_key_256( uint_8t k[2 * N_BLOCK], uint_8t *rc ) +{ uint_8t cc; + + k[0] ^= s_box[k[29]] ^ *rc; + k[1] ^= s_box[k[30]]; + k[2] ^= s_box[k[31]]; + k[3] ^= s_box[k[28]]; + *rc = f2( *rc ); + + for(cc = 4; cc < 16; cc += 4) + { + k[cc + 0] ^= k[cc - 4]; + k[cc + 1] ^= k[cc - 3]; + k[cc + 2] ^= k[cc - 2]; + k[cc + 3] ^= k[cc - 1]; + } + + k[16] ^= s_box[k[12]]; + k[17] ^= s_box[k[13]]; + k[18] ^= s_box[k[14]]; + k[19] ^= s_box[k[15]]; + + for( cc = 20; cc < 32; cc += 4 ) + { + k[cc + 0] ^= k[cc - 4]; + k[cc + 1] ^= k[cc - 3]; + k[cc + 2] ^= k[cc - 2]; + k[cc + 3] ^= k[cc - 1]; + } +} + +/* Encrypt a single block of 16 bytes with 'on the fly' 256 bit keying */ + +void aes_encrypt_256( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], + const unsigned char key[2 * N_BLOCK], unsigned char o_key[2 * N_BLOCK] ) +{ + uint_8t s1[N_BLOCK], r, rc = 1; + if(o_key != key) + { + block16_copy( o_key, key ); + block16_copy( o_key + 16, key + 16 ); + } + copy_and_key( s1, in, o_key ); + + for( r = 1 ; r < 14 ; ++r ) +#if defined( VERSION_1 ) + { + mix_sub_columns(s1); + if( r & 1 ) + add_round_key( s1, o_key + 16 ); + else + { + update_encrypt_key_256( o_key, &rc ); + add_round_key( s1, o_key ); + } + } +#else + { uint_8t s2[N_BLOCK]; + mix_sub_columns( s2, s1 ); + if( r & 1 ) + copy_and_key( s1, s2, o_key + 16 ); + else + { + update_encrypt_key_256( o_key, &rc ); + copy_and_key( s1, s2, o_key ); + } + } +#endif + + shift_sub_rows( s1 ); + update_encrypt_key_256( o_key, &rc ); + copy_and_key( out, s1, o_key ); +} + +#endif + +#if defined( AES_DEC_256_OTFK ) + +/* The 'on the fly' encryption key update for for 256 bit keys */ + +static void update_decrypt_key_256( uint_8t k[2 * N_BLOCK], uint_8t *rc ) +{ uint_8t cc; + + for(cc = 28; cc > 16; cc -= 4) + { + k[cc + 0] ^= k[cc - 4]; + k[cc + 1] ^= k[cc - 3]; + k[cc + 2] ^= k[cc - 2]; + k[cc + 3] ^= k[cc - 1]; + } + + k[16] ^= s_box[k[12]]; + k[17] ^= s_box[k[13]]; + k[18] ^= s_box[k[14]]; + k[19] ^= s_box[k[15]]; + + for(cc = 12; cc > 0; cc -= 4) + { + k[cc + 0] ^= k[cc - 4]; + k[cc + 1] ^= k[cc - 3]; + k[cc + 2] ^= k[cc - 2]; + k[cc + 3] ^= k[cc - 1]; + } + + *rc = d2(*rc); + k[0] ^= s_box[k[29]] ^ *rc; + k[1] ^= s_box[k[30]]; + k[2] ^= s_box[k[31]]; + k[3] ^= s_box[k[28]]; +} + +/* Decrypt a single block of 16 bytes with 'on the fly' + 256 bit keying +*/ +void aes_decrypt_256( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], + const unsigned char key[2 * N_BLOCK], unsigned char o_key[2 * N_BLOCK] ) +{ + uint_8t s1[N_BLOCK], r, rc = 0x80; + + if(o_key != key) + { + block16_copy( o_key, key ); + block16_copy( o_key + 16, key + 16 ); + } + + copy_and_key( s1, in, o_key ); + inv_shift_sub_rows( s1 ); + + for( r = 14 ; --r ; ) +#if defined( VERSION_1 ) + { + if( ( r & 1 ) ) + { + update_decrypt_key_256( o_key, &rc ); + add_round_key( s1, o_key + 16 ); + } + else + add_round_key( s1, o_key ); + inv_mix_sub_columns( s1 ); + } +#else + { uint_8t s2[N_BLOCK]; + if( ( r & 1 ) ) + { + update_decrypt_key_256( o_key, &rc ); + copy_and_key( s2, s1, o_key + 16 ); + } + else + copy_and_key( s2, s1, o_key ); + inv_mix_sub_columns( s1, s2 ); + } +#endif + copy_and_key( out, s1, o_key ); +} + +#endif diff --git a/src/Crypto/AesSmall.h b/src/Crypto/AesSmall.h index 516c6964..ebeb24ef 100644 --- a/src/Crypto/AesSmall.h +++ b/src/Crypto/AesSmall.h @@ -1,169 +1,169 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 1998-2006, Brian Gladman, Worcester, UK. All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software in both source and binary - form is allowed (with or without changes) provided that: - - 1. distributions of this source code include the above copyright - notice, this list of conditions and the following disclaimer; - - 2. distributions in binary form include the above copyright - notice, this list of conditions and the following disclaimer - in the documentation and/or other associated materials; - - 3. the copyright holder's name is not used to endorse products - built using this software without specific written permission. - - ALTERNATIVELY, provided that this notice is retained in full, this product - may be distributed under the terms of the GNU General Public License (GPL), - in which case the provisions of the GPL apply INSTEAD OF those given above. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue 09/09/2006 - - This is an AES implementation that uses only 8-bit byte operations on the - cipher state. - */ - -#ifndef AES_H -#define AES_H - -#if defined(__cplusplus) -extern "C" -{ -#endif - -/* This provides speed optimisation opportunities if 32-bit word - operations are available -*/ -#if 1 -# define HAVE_UINT_32T -#endif - -#if 1 -# define AES_ENC_PREKEYED /* AES encryption with a precomputed key schedule */ -#endif -#if 1 -# define AES_DEC_PREKEYED /* AES decryption with a precomputed key schedule */ -#endif -#if 0 -# define AES_ENC_128_OTFK /* AES encryption with 'on the fly' 128 bit keying */ -#endif -#if 0 -# define AES_DEC_128_OTFK /* AES decryption with 'on the fly' 128 bit keying */ -#endif -#if 0 -# define AES_ENC_256_OTFK /* AES encryption with 'on the fly' 256 bit keying */ -#endif -#if 0 -# define AES_DEC_256_OTFK /* AES decryption with 'on the fly' 256 bit keying */ -#endif - -#define N_ROW 4 -#define N_COL 4 -#define N_BLOCK (N_ROW * N_COL) -#define N_MAX_ROUNDS 14 - -typedef unsigned char uint_8t; - -typedef uint_8t return_type; -typedef uint_8t length_type; -typedef uint_8t uint_type; - -typedef unsigned char uint_8t; - -typedef struct -{ uint_8t ksch[(N_MAX_ROUNDS + 1) * N_BLOCK]; - uint_8t rnd; -} aes_context; - -/* The following calls are for a precomputed key schedule - - NOTE: If the length_type used for the key length is an - unsigned 8-bit character, a key length of 256 bits must - be entered as a length in bytes (valid inputs are hence - 128, 192, 16, 24 and 32). -*/ - -#if defined( AES_ENC_PREKEYED ) || defined( AES_DEC_PREKEYED ) - -return_type aes_set_key( const unsigned char key[], - length_type keylen, - aes_context ctx[1] ); -#endif - -#if defined( AES_ENC_PREKEYED ) - -return_type aes_encrypt( const unsigned char in[N_BLOCK], - unsigned char out[N_BLOCK], - const aes_context ctx[1] ); -#endif - -#if defined( AES_DEC_PREKEYED ) - -return_type aes_decrypt( const unsigned char in[N_BLOCK], - unsigned char out[N_BLOCK], - const aes_context ctx[1] ); -#endif - -/* The following calls are for 'on the fly' keying. In this case the - encryption and decryption keys are different. - - The encryption subroutines take a key in an array of bytes in - key[L] where L is 16, 24 or 32 bytes for key lengths of 128, - 192, and 256 bits respectively. They then encrypts the input - data, in[] with this key and put the reult in the output array - out[]. In addition, the second key array, o_key[L], is used - to output the key that is needed by the decryption subroutine - to reverse the encryption operation. The two key arrays can - be the same array but in this case the original key will be - overwritten. - - In the same way, the decryption subroutines output keys that - can be used to reverse their effect when used for encryption. - - Only 128 and 256 bit keys are supported in these 'on the fly' - modes. -*/ - -#if defined( AES_ENC_128_OTFK ) -void aes_encrypt_128( const unsigned char in[N_BLOCK], - unsigned char out[N_BLOCK], - const unsigned char key[N_BLOCK], - uint_8t o_key[N_BLOCK] ); -#endif - -#if defined( AES_DEC_128_OTFK ) -void aes_decrypt_128( const unsigned char in[N_BLOCK], - unsigned char out[N_BLOCK], - const unsigned char key[N_BLOCK], - unsigned char o_key[N_BLOCK] ); -#endif - -#if defined( AES_ENC_256_OTFK ) -void aes_encrypt_256( const unsigned char in[N_BLOCK], - unsigned char out[N_BLOCK], - const unsigned char key[2 * N_BLOCK], - unsigned char o_key[2 * N_BLOCK] ); -#endif - -#if defined( AES_DEC_256_OTFK ) -void aes_decrypt_256( const unsigned char in[N_BLOCK], - unsigned char out[N_BLOCK], - const unsigned char key[2 * N_BLOCK], - unsigned char o_key[2 * N_BLOCK] ); -#endif - -#if defined(__cplusplus) -} -#endif - -#endif +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2006, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software in both source and binary + form is allowed (with or without changes) provided that: + + 1. distributions of this source code include the above copyright + notice, this list of conditions and the following disclaimer; + + 2. distributions in binary form include the above copyright + notice, this list of conditions and the following disclaimer + in the documentation and/or other associated materials; + + 3. the copyright holder's name is not used to endorse products + built using this software without specific written permission. + + ALTERNATIVELY, provided that this notice is retained in full, this product + may be distributed under the terms of the GNU General Public License (GPL), + in which case the provisions of the GPL apply INSTEAD OF those given above. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue 09/09/2006 + + This is an AES implementation that uses only 8-bit byte operations on the + cipher state. + */ + +#ifndef AES_H +#define AES_H + +#if defined(__cplusplus) +extern "C" +{ +#endif + +/* This provides speed optimisation opportunities if 32-bit word + operations are available +*/ +#if 1 +# define HAVE_UINT_32T +#endif + +#if 1 +# define AES_ENC_PREKEYED /* AES encryption with a precomputed key schedule */ +#endif +#if 1 +# define AES_DEC_PREKEYED /* AES decryption with a precomputed key schedule */ +#endif +#if 0 +# define AES_ENC_128_OTFK /* AES encryption with 'on the fly' 128 bit keying */ +#endif +#if 0 +# define AES_DEC_128_OTFK /* AES decryption with 'on the fly' 128 bit keying */ +#endif +#if 0 +# define AES_ENC_256_OTFK /* AES encryption with 'on the fly' 256 bit keying */ +#endif +#if 0 +# define AES_DEC_256_OTFK /* AES decryption with 'on the fly' 256 bit keying */ +#endif + +#define N_ROW 4 +#define N_COL 4 +#define N_BLOCK (N_ROW * N_COL) +#define N_MAX_ROUNDS 14 + +typedef unsigned char uint_8t; + +typedef uint_8t return_type; +typedef uint_8t length_type; +typedef uint_8t uint_type; + +typedef unsigned char uint_8t; + +typedef struct +{ uint_8t ksch[(N_MAX_ROUNDS + 1) * N_BLOCK]; + uint_8t rnd; +} aes_context; + +/* The following calls are for a precomputed key schedule + + NOTE: If the length_type used for the key length is an + unsigned 8-bit character, a key length of 256 bits must + be entered as a length in bytes (valid inputs are hence + 128, 192, 16, 24 and 32). +*/ + +#if defined( AES_ENC_PREKEYED ) || defined( AES_DEC_PREKEYED ) + +return_type aes_set_key( const unsigned char key[], + length_type keylen, + aes_context ctx[1] ); +#endif + +#if defined( AES_ENC_PREKEYED ) + +return_type aes_encrypt( const unsigned char in[N_BLOCK], + unsigned char out[N_BLOCK], + const aes_context ctx[1] ); +#endif + +#if defined( AES_DEC_PREKEYED ) + +return_type aes_decrypt( const unsigned char in[N_BLOCK], + unsigned char out[N_BLOCK], + const aes_context ctx[1] ); +#endif + +/* The following calls are for 'on the fly' keying. In this case the + encryption and decryption keys are different. + + The encryption subroutines take a key in an array of bytes in + key[L] where L is 16, 24 or 32 bytes for key lengths of 128, + 192, and 256 bits respectively. They then encrypts the input + data, in[] with this key and put the reult in the output array + out[]. In addition, the second key array, o_key[L], is used + to output the key that is needed by the decryption subroutine + to reverse the encryption operation. The two key arrays can + be the same array but in this case the original key will be + overwritten. + + In the same way, the decryption subroutines output keys that + can be used to reverse their effect when used for encryption. + + Only 128 and 256 bit keys are supported in these 'on the fly' + modes. +*/ + +#if defined( AES_ENC_128_OTFK ) +void aes_encrypt_128( const unsigned char in[N_BLOCK], + unsigned char out[N_BLOCK], + const unsigned char key[N_BLOCK], + uint_8t o_key[N_BLOCK] ); +#endif + +#if defined( AES_DEC_128_OTFK ) +void aes_decrypt_128( const unsigned char in[N_BLOCK], + unsigned char out[N_BLOCK], + const unsigned char key[N_BLOCK], + unsigned char o_key[N_BLOCK] ); +#endif + +#if defined( AES_ENC_256_OTFK ) +void aes_encrypt_256( const unsigned char in[N_BLOCK], + unsigned char out[N_BLOCK], + const unsigned char key[2 * N_BLOCK], + unsigned char o_key[2 * N_BLOCK] ); +#endif + +#if defined( AES_DEC_256_OTFK ) +void aes_decrypt_256( const unsigned char in[N_BLOCK], + unsigned char out[N_BLOCK], + const unsigned char key[2 * N_BLOCK], + unsigned char o_key[2 * N_BLOCK] ); +#endif + +#if defined(__cplusplus) +} +#endif + +#endif diff --git a/src/Crypto/AesSmall_x86.asm b/src/Crypto/AesSmall_x86.asm index fe7dc47b..de32fc66 100644 --- a/src/Crypto/AesSmall_x86.asm +++ b/src/Crypto/AesSmall_x86.asm @@ -1,1444 +1,1444 @@ - -; --------------------------------------------------------------------------- -; Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. -; -; LICENSE TERMS -; -; The free distribution and use of this software is allowed (with or without -; changes) provided that: -; -; 1. source code distributions include the above copyright notice, this -; list of conditions and the following disclaimer; -; -; 2. binary distributions include the above copyright notice, this list -; of conditions and the following disclaimer in their documentation; -; -; 3. the name of the copyright holder is not used to endorse products -; built using this software without specific written permission. -; -; DISCLAIMER -; -; This software is provided 'as is' with no explicit or implied warranties -; in respect of its properties, including, but not limited to, correctness -; and/or fitness for purpose. -; --------------------------------------------------------------------------- -; Issue 20/12/2007 -; -; This code requires either ASM_X86_V2 or ASM_X86_V2C to be set in aesopt.h -; and the same define to be set here as well. If AES_V2C is set this file -; requires the C files aeskey.c and aestab.c for support. - -; An AES implementation for x86 processors using the YASM (or NASM) assembler. -; This is a full assembler implementation covering encryption, decryption and -; key scheduling. It uses 2k bytes of tables but its encryption and decryption -; performance is very close to that obtained using large tables. Key schedule -; expansion is slower for both encryption and decryption but this is likely to -; be offset by the much smaller load that this version places on the processor -; cache. I acknowledge the contribution made by Daniel Bernstein to aspects of -; the design of the AES round function used here. -; -; This code provides the standard AES block size (128 bits, 16 bytes) and the -; three standard AES key sizes (128, 192 and 256 bits). It has the same call -; interface as my C implementation. The ebx, esi, edi and ebp registers are -; preserved across calls but eax, ecx and edx and the artihmetic status flags -; are not. Although this is a full assembler implementation, it can be used -; in conjunction with my C code which provides faster key scheduling using -; large tables. In this case aeskey.c should be compiled with ASM_X86_V2C -; defined. It is also important that the defines below match those used in the -; C code. This code uses the VC++ register saving conentions; if it is used -; with another compiler, conventions for using and saving registers may need -; to be checked (and calling conventions). The YASM command line for the VC++ -; custom build step is: -; -; yasm -Xvc -f win32 -D -o "$(TargetDir)\$(InputName).obj" "$(InputPath)" -; -; For the cryptlib build this is (pcg): -; -; yasm -Xvc -f win32 -D ASM_X86_V2C -o aescrypt2.obj aes_x86_v2.asm -; -; where is ASM_X86_V2 or ASM_X86_V2C. The calling intefaces are: -; -; AES_RETURN aes_encrypt(const unsigned char in_blk[], -; unsigned char out_blk[], const aes_encrypt_ctx cx[1]); -; -; AES_RETURN aes_decrypt(const unsigned char in_blk[], -; unsigned char out_blk[], const aes_decrypt_ctx cx[1]); -; -; AES_RETURN aes_encrypt_key(const unsigned char key[], -; const aes_encrypt_ctx cx[1]); -; -; AES_RETURN aes_decrypt_key(const unsigned char key[], -; const aes_decrypt_ctx cx[1]); -; -; AES_RETURN aes_encrypt_key(const unsigned char key[], -; unsigned int len, const aes_decrypt_ctx cx[1]); -; -; AES_RETURN aes_decrypt_key(const unsigned char key[], -; unsigned int len, const aes_decrypt_ctx cx[1]); -; -; where is 128, 102 or 256. In the last two calls the length can be in -; either bits or bytes. - -; The DLL interface must use the _stdcall convention in which the number -; of bytes of parameter space is added after an @ to the sutine's name. -; We must also remove our parameters from the stack before return (see -; the do_exit macro). Define DLL_EXPORT for the Dynamic Link Library version. - -; -; Adapted for TrueCrypt: -; - All tables generated at run-time -; - Adapted for 16-bit environment -; - -CPU 386 -USE16 -SEGMENT _TEXT PUBLIC CLASS=CODE USE16 -SEGMENT _DATA PUBLIC CLASS=DATA USE16 - -GROUP DGROUP _TEXT _DATA - -extern _aes_dec_tab ; Aestab.c -extern _aes_enc_tab - -; %define DLL_EXPORT - -; The size of the code can be reduced by using functions for the encryption -; and decryption rounds in place of macro expansion - -%define REDUCE_CODE_SIZE - -; Comment in/out the following lines to obtain the desired subroutines. These -; selections MUST match those in the C header file aes.h - -; %define AES_128 ; define if AES with 128 bit keys is needed -; %define AES_192 ; define if AES with 192 bit keys is needed -%define AES_256 ; define if AES with 256 bit keys is needed -; %define AES_VAR ; define if a variable key size is needed -%define ENCRYPTION ; define if encryption is needed -%define DECRYPTION ; define if decryption is needed -; %define AES_REV_DKS ; define if key decryption schedule is reversed - -%ifndef ASM_X86_V2C -%define ENCRYPTION_KEY_SCHEDULE ; define if encryption key expansion is needed -%define DECRYPTION_KEY_SCHEDULE ; define if decryption key expansion is needed -%endif - -; The encryption key schedule has the following in memory layout where N is the -; number of rounds (10, 12 or 14): -; -; lo: | input key (round 0) | ; each round is four 32-bit words -; | encryption round 1 | -; | encryption round 2 | -; .... -; | encryption round N-1 | -; hi: | encryption round N | -; -; The decryption key schedule is normally set up so that it has the same -; layout as above by actually reversing the order of the encryption key -; schedule in memory (this happens when AES_REV_DKS is set): -; -; lo: | decryption round 0 | = | encryption round N | -; | decryption round 1 | = INV_MIX_COL[ | encryption round N-1 | ] -; | decryption round 2 | = INV_MIX_COL[ | encryption round N-2 | ] -; .... .... -; | decryption round N-1 | = INV_MIX_COL[ | encryption round 1 | ] -; hi: | decryption round N | = | input key (round 0) | -; -; with rounds except the first and last modified using inv_mix_column() -; But if AES_REV_DKS is NOT set the order of keys is left as it is for -; encryption so that it has to be accessed in reverse when used for -; decryption (although the inverse mix column modifications are done) -; -; lo: | decryption round 0 | = | input key (round 0) | -; | decryption round 1 | = INV_MIX_COL[ | encryption round 1 | ] -; | decryption round 2 | = INV_MIX_COL[ | encryption round 2 | ] -; .... .... -; | decryption round N-1 | = INV_MIX_COL[ | encryption round N-1 | ] -; hi: | decryption round N | = | encryption round N | -; -; This layout is faster when the assembler key scheduling provided here -; is used. -; -; End of user defines - -%ifdef AES_VAR -%ifndef AES_128 -%define AES_128 -%endif -%ifndef AES_192 -%define AES_192 -%endif -%ifndef AES_256 -%define AES_256 -%endif -%endif - -%ifdef AES_VAR -%define KS_LENGTH 60 -%elifdef AES_256 -%define KS_LENGTH 60 -%elifdef AES_192 -%define KS_LENGTH 52 -%else -%define KS_LENGTH 44 -%endif - -; These macros implement stack based local variables - -%macro save 2 - mov [esp+4*%1],%2 -%endmacro - -%macro restore 2 - mov %1,[esp+4*%2] -%endmacro - -%ifdef REDUCE_CODE_SIZE - %macro mf_call 1 - call %1 - %endmacro -%else - %macro mf_call 1 - %1 - %endmacro -%endif - -; the DLL has to implement the _stdcall calling interface on return -; In this case we have to take our parameters (3 4-byte pointers) -; off the stack - -%define parms 12 - -%macro do_name 1-2 parms -%ifndef DLL_EXPORT - global %1 -%1: -%else - global %1@%2 - export %1@%2 -%1@%2: -%endif -%endmacro - -%macro do_call 1-2 parms -%ifndef DLL_EXPORT - call %1 - add esp,%2 -%else - call %1@%2 -%endif -%endmacro - -%macro do_exit 0-1 parms -%ifdef DLL_EXPORT - ret %1 -%else - ret -%endif -%endmacro - -; finite field multiplies by {02}, {04} and {08} - -%define f2(x) ((x<<1)^(((x>>7)&1)*0x11b)) -%define f4(x) ((x<<2)^(((x>>6)&1)*0x11b)^(((x>>6)&2)*0x11b)) -%define f8(x) ((x<<3)^(((x>>5)&1)*0x11b)^(((x>>5)&2)*0x11b)^(((x>>5)&4)*0x11b)) - -; finite field multiplies required in table generation - -%define f3(x) (f2(x) ^ x) -%define f9(x) (f8(x) ^ x) -%define fb(x) (f8(x) ^ f2(x) ^ x) -%define fd(x) (f8(x) ^ f4(x) ^ x) -%define fe(x) (f8(x) ^ f4(x) ^ f2(x)) - -%define etab_0(x) [_aes_enc_tab+4+8*x] -%define etab_1(x) [_aes_enc_tab+3+8*x] -%define etab_2(x) [_aes_enc_tab+2+8*x] -%define etab_3(x) [_aes_enc_tab+1+8*x] -%define etab_b(x) byte [_aes_enc_tab+1+8*x] ; used with movzx for 0x000000xx -%define etab_w(x) word [_aes_enc_tab+8*x] ; used with movzx for 0x0000xx00 - -%define btab_0(x) [_aes_enc_tab+6+8*x] -%define btab_1(x) [_aes_enc_tab+5+8*x] -%define btab_2(x) [_aes_enc_tab+4+8*x] -%define btab_3(x) [_aes_enc_tab+3+8*x] - -; ROUND FUNCTION. Build column[2] on ESI and column[3] on EDI that have the -; round keys pre-loaded. Build column[0] in EBP and column[1] in EBX. -; -; Input: -; -; EAX column[0] -; EBX column[1] -; ECX column[2] -; EDX column[3] -; ESI column key[round][2] -; EDI column key[round][3] -; EBP scratch -; -; Output: -; -; EBP column[0] unkeyed -; EBX column[1] unkeyed -; ESI column[2] keyed -; EDI column[3] keyed -; EAX scratch -; ECX scratch -; EDX scratch - -%macro rnd_fun 2 - - rol ebx,16 - %1 esi, cl, 0, ebp - %1 esi, dh, 1, ebp - %1 esi, bh, 3, ebp - %1 edi, dl, 0, ebp - %1 edi, ah, 1, ebp - %1 edi, bl, 2, ebp - %2 ebp, al, 0, ebp - shr ebx,16 - and eax,0xffff0000 - or eax,ebx - shr edx,16 - %1 ebp, ah, 1, ebx - %1 ebp, dh, 3, ebx - %2 ebx, dl, 2, ebx - %1 ebx, ch, 1, edx - %1 ebx, al, 0, edx - shr eax,16 - shr ecx,16 - %1 ebp, cl, 2, edx - %1 edi, ch, 3, edx - %1 esi, al, 2, edx - %1 ebx, ah, 3, edx - -%endmacro - -; Basic MOV and XOR Operations for normal rounds - -%macro nr_xor 4 - movzx %4,%2 - xor %1,etab_%3(%4) -%endmacro - -%macro nr_mov 4 - movzx %4,%2 - mov %1,etab_%3(%4) -%endmacro - -; Basic MOV and XOR Operations for last round - -%if 1 - - %macro lr_xor 4 - movzx %4,%2 - movzx %4,etab_b(%4) - %if %3 != 0 - shl %4,8*%3 - %endif - xor %1,%4 - %endmacro - - %macro lr_mov 4 - movzx %4,%2 - movzx %1,etab_b(%4) - %if %3 != 0 - shl %1,8*%3 - %endif - %endmacro - -%else ; less effective but worth leaving as an option - - %macro lr_xor 4 - movzx %4,%2 - mov %4,btab_%3(%4) - and %4,0x000000ff << 8 * %3 - xor %1,%4 - %endmacro - - %macro lr_mov 4 - movzx %4,%2 - mov %1,btab_%3(%4) - and %1,0x000000ff << 8 * %3 - %endmacro - -%endif - -; Apply S-Box to the 4 bytes in a 32-bit word and rotate byte positions - -%ifdef REDUCE_CODE_SIZE - -l3s_col: - movzx ecx,al ; in eax - movzx ecx, etab_b(ecx) ; out eax - xor edx,ecx ; scratch ecx,edx - movzx ecx,ah - movzx ecx, etab_b(ecx) - shl ecx,8 - xor edx,ecx - shr eax,16 - movzx ecx,al - movzx ecx, etab_b(ecx) - shl ecx,16 - xor edx,ecx - movzx ecx,ah - movzx ecx, etab_b(ecx) - shl ecx,24 - xor edx,ecx - mov eax,edx - ret - -%else - -%macro l3s_col 0 - - movzx ecx,al ; in eax - movzx ecx, etab_b(ecx) ; out eax - xor edx,ecx ; scratch ecx,edx - movzx ecx,ah - movzx ecx, etab_b(ecx) - shl ecx,8 - xor edx,ecx - shr eax,16 - movzx ecx,al - movzx ecx, etab_b(ecx) - shl ecx,16 - xor edx,ecx - movzx ecx,ah - movzx ecx, etab_b(ecx) - shl ecx,24 - xor edx,ecx - mov eax,edx - -%endmacro - -%endif - -; offsets to parameters - -in_blk equ 2 ; input byte array address parameter -out_blk equ 4 ; output byte array address parameter -ctx equ 6 ; AES context structure -stk_spc equ 20 ; stack space - -%ifdef ENCRYPTION - -; %define ENCRYPTION_TABLE - -%ifdef REDUCE_CODE_SIZE - -enc_round: - sub sp, 2 - add ebp,16 - save 1,ebp - mov esi,[ebp+8] - mov edi,[ebp+12] - - rnd_fun nr_xor, nr_mov - - mov eax,ebp - mov ecx,esi - mov edx,edi - restore ebp,1 - xor eax,[ebp] - xor ebx,[ebp+4] - add sp, 2 - ret - -%else - -%macro enc_round 0 - - add ebp,16 - save 0,ebp - mov esi,[ebp+8] - mov edi,[ebp+12] - - rnd_fun nr_xor, nr_mov - - mov eax,ebp - mov ecx,esi - mov edx,edi - restore ebp,0 - xor eax,[ebp] - xor ebx,[ebp+4] - -%endmacro - -%endif - -%macro enc_last_round 0 - - add ebp,16 - save 0,ebp - mov esi,[ebp+8] - mov edi,[ebp+12] - - rnd_fun lr_xor, lr_mov - - mov eax,ebp - restore ebp,0 - xor eax,[ebp] - xor ebx,[ebp+4] - -%endmacro - - section _TEXT - -; AES Encryption Subroutine - - do_name _aes_encrypt,12 - - mov ax, sp - movzx esp, ax - - sub esp,stk_spc - mov [esp+16],ebp - mov [esp+12],ebx - mov [esp+ 8],esi - mov [esp+ 4],edi - - movzx esi,word [esp+in_blk+stk_spc] ; input pointer - mov eax,[esi ] - mov ebx,[esi+ 4] - mov ecx,[esi+ 8] - mov edx,[esi+12] - - movzx ebp,word [esp+ctx+stk_spc] ; key pointer - movzx edi,byte [ebp+4*KS_LENGTH] - xor eax,[ebp ] - xor ebx,[ebp+ 4] - xor ecx,[ebp+ 8] - xor edx,[ebp+12] - -; determine the number of rounds - -%ifndef AES_256 - cmp edi,10*16 - je .3 - cmp edi,12*16 - je .2 - cmp edi,14*16 - je .1 - mov eax,-1 - jmp .5 -%endif - -.1: mf_call enc_round - mf_call enc_round -.2: mf_call enc_round - mf_call enc_round -.3: mf_call enc_round - mf_call enc_round - mf_call enc_round - mf_call enc_round - mf_call enc_round - mf_call enc_round - mf_call enc_round - mf_call enc_round - mf_call enc_round - enc_last_round - - movzx edx,word [esp+out_blk+stk_spc] - mov [edx],eax - mov [edx+4],ebx - mov [edx+8],esi - mov [edx+12],edi - xor eax,eax - -.5: mov ebp,[esp+16] - mov ebx,[esp+12] - mov esi,[esp+ 8] - mov edi,[esp+ 4] - add esp,stk_spc - do_exit 12 - -%endif - -%macro f_key 2 - - push ecx - push edx - mov edx,esi - ror eax,8 - mf_call l3s_col - mov esi,eax - pop edx - pop ecx - xor esi,rc_val - - mov [ebp+%1*%2],esi - xor edi,esi - mov [ebp+%1*%2+4],edi - xor ecx,edi - mov [ebp+%1*%2+8],ecx - xor edx,ecx - mov [ebp+%1*%2+12],edx - mov eax,edx - -%if %2 == 24 - -%if %1 < 7 - xor eax,[ebp+%1*%2+16-%2] - mov [ebp+%1*%2+16],eax - xor eax,[ebp+%1*%2+20-%2] - mov [ebp+%1*%2+20],eax -%endif - -%elif %2 == 32 - -%if %1 < 6 - push ecx - push edx - mov edx,[ebp+%1*%2+16-%2] - mf_call l3s_col - pop edx - pop ecx - mov [ebp+%1*%2+16],eax - xor eax,[ebp+%1*%2+20-%2] - mov [ebp+%1*%2+20],eax - xor eax,[ebp+%1*%2+24-%2] - mov [ebp+%1*%2+24],eax - xor eax,[ebp+%1*%2+28-%2] - mov [ebp+%1*%2+28],eax -%endif - -%endif - -%assign rc_val f2(rc_val) - -%endmacro - -%ifdef ENCRYPTION_KEY_SCHEDULE - -%ifdef AES_128 - -%ifndef ENCRYPTION_TABLE -; %define ENCRYPTION_TABLE -%endif - -%assign rc_val 1 - - do_name _aes_encrypt_key128,8 - - push ebp - push ebx - push esi - push edi - - mov ebp,[esp+24] - mov [ebp+4*KS_LENGTH],dword 10*16 - mov ebx,[esp+20] - - mov esi,[ebx] - mov [ebp],esi - mov edi,[ebx+4] - mov [ebp+4],edi - mov ecx,[ebx+8] - mov [ebp+8],ecx - mov edx,[ebx+12] - mov [ebp+12],edx - add ebp,16 - mov eax,edx - - f_key 0,16 ; 11 * 4 = 44 unsigned longs - f_key 1,16 ; 4 + 4 * 10 generated = 44 - f_key 2,16 - f_key 3,16 - f_key 4,16 - f_key 5,16 - f_key 6,16 - f_key 7,16 - f_key 8,16 - f_key 9,16 - - pop edi - pop esi - pop ebx - pop ebp - xor eax,eax - do_exit 8 - -%endif - -%ifdef AES_192 - -%ifndef ENCRYPTION_TABLE -; %define ENCRYPTION_TABLE -%endif - -%assign rc_val 1 - - do_name _aes_encrypt_key192,8 - - push ebp - push ebx - push esi - push edi - - mov ebp,[esp+24] - mov [ebp+4*KS_LENGTH],dword 12 * 16 - mov ebx,[esp+20] - - mov esi,[ebx] - mov [ebp],esi - mov edi,[ebx+4] - mov [ebp+4],edi - mov ecx,[ebx+8] - mov [ebp+8],ecx - mov edx,[ebx+12] - mov [ebp+12],edx - mov eax,[ebx+16] - mov [ebp+16],eax - mov eax,[ebx+20] - mov [ebp+20],eax - add ebp,24 - - f_key 0,24 ; 13 * 4 = 52 unsigned longs - f_key 1,24 ; 6 + 6 * 8 generated = 54 - f_key 2,24 - f_key 3,24 - f_key 4,24 - f_key 5,24 - f_key 6,24 - f_key 7,24 - - pop edi - pop esi - pop ebx - pop ebp - xor eax,eax - do_exit 8 - -%endif - -%ifdef AES_256 - -%ifndef ENCRYPTION_TABLE -; %define ENCRYPTION_TABLE -%endif - -%assign rc_val 1 - - do_name _aes_encrypt_key256,8 - - mov ax, sp - movzx esp, ax - - push ebp - push ebx - push esi - push edi - - movzx ebp, word [esp+20] ; ks - mov [ebp+4*KS_LENGTH],dword 14 * 16 - movzx ebx, word [esp+18] ; key - - mov esi,[ebx] - mov [ebp],esi - mov edi,[ebx+4] - mov [ebp+4],edi - mov ecx,[ebx+8] - mov [ebp+8],ecx - mov edx,[ebx+12] - mov [ebp+12],edx - mov eax,[ebx+16] - mov [ebp+16],eax - mov eax,[ebx+20] - mov [ebp+20],eax - mov eax,[ebx+24] - mov [ebp+24],eax - mov eax,[ebx+28] - mov [ebp+28],eax - add ebp,32 - - f_key 0,32 ; 15 * 4 = 60 unsigned longs - f_key 1,32 ; 8 + 8 * 7 generated = 64 - f_key 2,32 - f_key 3,32 - f_key 4,32 - f_key 5,32 - f_key 6,32 - - pop edi - pop esi - pop ebx - pop ebp - xor eax,eax - do_exit 8 - -%endif - -%ifdef AES_VAR - -%ifndef ENCRYPTION_TABLE -; %define ENCRYPTION_TABLE -%endif - - do_name _aes_encrypt_key,12 - - mov ecx,[esp+4] - mov eax,[esp+8] - mov edx,[esp+12] - push edx - push ecx - - cmp eax,16 - je .1 - cmp eax,128 - je .1 - - cmp eax,24 - je .2 - cmp eax,192 - je .2 - - cmp eax,32 - je .3 - cmp eax,256 - je .3 - mov eax,-1 - add esp,8 - do_exit 12 - -.1: do_call _aes_encrypt_key128,8 - do_exit 12 -.2: do_call _aes_encrypt_key192,8 - do_exit 12 -.3: do_call _aes_encrypt_key256,8 - do_exit 12 - -%endif - -%endif - -%ifdef ENCRYPTION_TABLE - -; S-box data - 256 entries - - section _DATA - -%define u8(x) 0, x, x, f3(x), f2(x), x, x, f3(x) - -_aes_enc_tab: - db u8(0x63),u8(0x7c),u8(0x77),u8(0x7b),u8(0xf2),u8(0x6b),u8(0x6f),u8(0xc5) - db u8(0x30),u8(0x01),u8(0x67),u8(0x2b),u8(0xfe),u8(0xd7),u8(0xab),u8(0x76) - db u8(0xca),u8(0x82),u8(0xc9),u8(0x7d),u8(0xfa),u8(0x59),u8(0x47),u8(0xf0) - db u8(0xad),u8(0xd4),u8(0xa2),u8(0xaf),u8(0x9c),u8(0xa4),u8(0x72),u8(0xc0) - db u8(0xb7),u8(0xfd),u8(0x93),u8(0x26),u8(0x36),u8(0x3f),u8(0xf7),u8(0xcc) - db u8(0x34),u8(0xa5),u8(0xe5),u8(0xf1),u8(0x71),u8(0xd8),u8(0x31),u8(0x15) - db u8(0x04),u8(0xc7),u8(0x23),u8(0xc3),u8(0x18),u8(0x96),u8(0x05),u8(0x9a) - db u8(0x07),u8(0x12),u8(0x80),u8(0xe2),u8(0xeb),u8(0x27),u8(0xb2),u8(0x75) - db u8(0x09),u8(0x83),u8(0x2c),u8(0x1a),u8(0x1b),u8(0x6e),u8(0x5a),u8(0xa0) - db u8(0x52),u8(0x3b),u8(0xd6),u8(0xb3),u8(0x29),u8(0xe3),u8(0x2f),u8(0x84) - db u8(0x53),u8(0xd1),u8(0x00),u8(0xed),u8(0x20),u8(0xfc),u8(0xb1),u8(0x5b) - db u8(0x6a),u8(0xcb),u8(0xbe),u8(0x39),u8(0x4a),u8(0x4c),u8(0x58),u8(0xcf) - db u8(0xd0),u8(0xef),u8(0xaa),u8(0xfb),u8(0x43),u8(0x4d),u8(0x33),u8(0x85) - db u8(0x45),u8(0xf9),u8(0x02),u8(0x7f),u8(0x50),u8(0x3c),u8(0x9f),u8(0xa8) - db u8(0x51),u8(0xa3),u8(0x40),u8(0x8f),u8(0x92),u8(0x9d),u8(0x38),u8(0xf5) - db u8(0xbc),u8(0xb6),u8(0xda),u8(0x21),u8(0x10),u8(0xff),u8(0xf3),u8(0xd2) - db u8(0xcd),u8(0x0c),u8(0x13),u8(0xec),u8(0x5f),u8(0x97),u8(0x44),u8(0x17) - db u8(0xc4),u8(0xa7),u8(0x7e),u8(0x3d),u8(0x64),u8(0x5d),u8(0x19),u8(0x73) - db u8(0x60),u8(0x81),u8(0x4f),u8(0xdc),u8(0x22),u8(0x2a),u8(0x90),u8(0x88) - db u8(0x46),u8(0xee),u8(0xb8),u8(0x14),u8(0xde),u8(0x5e),u8(0x0b),u8(0xdb) - db u8(0xe0),u8(0x32),u8(0x3a),u8(0x0a),u8(0x49),u8(0x06),u8(0x24),u8(0x5c) - db u8(0xc2),u8(0xd3),u8(0xac),u8(0x62),u8(0x91),u8(0x95),u8(0xe4),u8(0x79) - db u8(0xe7),u8(0xc8),u8(0x37),u8(0x6d),u8(0x8d),u8(0xd5),u8(0x4e),u8(0xa9) - db u8(0x6c),u8(0x56),u8(0xf4),u8(0xea),u8(0x65),u8(0x7a),u8(0xae),u8(0x08) - db u8(0xba),u8(0x78),u8(0x25),u8(0x2e),u8(0x1c),u8(0xa6),u8(0xb4),u8(0xc6) - db u8(0xe8),u8(0xdd),u8(0x74),u8(0x1f),u8(0x4b),u8(0xbd),u8(0x8b),u8(0x8a) - db u8(0x70),u8(0x3e),u8(0xb5),u8(0x66),u8(0x48),u8(0x03),u8(0xf6),u8(0x0e) - db u8(0x61),u8(0x35),u8(0x57),u8(0xb9),u8(0x86),u8(0xc1),u8(0x1d),u8(0x9e) - db u8(0xe1),u8(0xf8),u8(0x98),u8(0x11),u8(0x69),u8(0xd9),u8(0x8e),u8(0x94) - db u8(0x9b),u8(0x1e),u8(0x87),u8(0xe9),u8(0xce),u8(0x55),u8(0x28),u8(0xdf) - db u8(0x8c),u8(0xa1),u8(0x89),u8(0x0d),u8(0xbf),u8(0xe6),u8(0x42),u8(0x68) - db u8(0x41),u8(0x99),u8(0x2d),u8(0x0f),u8(0xb0),u8(0x54),u8(0xbb),u8(0x16) - -%endif - -%ifdef DECRYPTION - -; %define DECRYPTION_TABLE - -%define dtab_0(x) [_aes_dec_tab+ 8*x] -%define dtab_1(x) [_aes_dec_tab+3+8*x] -%define dtab_2(x) [_aes_dec_tab+2+8*x] -%define dtab_3(x) [_aes_dec_tab+1+8*x] -%define dtab_x(x) byte [_aes_dec_tab+7+8*x] - -%macro irn_fun 2 - - rol eax,16 - %1 esi, cl, 0, ebp - %1 esi, bh, 1, ebp - %1 esi, al, 2, ebp - %1 edi, dl, 0, ebp - %1 edi, ch, 1, ebp - %1 edi, ah, 3, ebp - %2 ebp, bl, 0, ebp - shr eax,16 - and ebx,0xffff0000 - or ebx,eax - shr ecx,16 - %1 ebp, bh, 1, eax - %1 ebp, ch, 3, eax - %2 eax, cl, 2, ecx - %1 eax, bl, 0, ecx - %1 eax, dh, 1, ecx - shr ebx,16 - shr edx,16 - %1 esi, dh, 3, ecx - %1 ebp, dl, 2, ecx - %1 eax, bh, 3, ecx - %1 edi, bl, 2, ecx - -%endmacro - -; Basic MOV and XOR Operations for normal rounds - -%macro ni_xor 4 - movzx %4,%2 - xor %1,dtab_%3(%4) -%endmacro - -%macro ni_mov 4 - movzx %4,%2 - mov %1,dtab_%3(%4) -%endmacro - -; Basic MOV and XOR Operations for last round - -%macro li_xor 4 - movzx %4,%2 - movzx %4,dtab_x(%4) -%if %3 != 0 - shl %4,8*%3 -%endif - xor %1,%4 -%endmacro - -%macro li_mov 4 - movzx %4,%2 - movzx %1,dtab_x(%4) -%if %3 != 0 - shl %1,8*%3 -%endif -%endmacro - -%ifdef REDUCE_CODE_SIZE - -dec_round: - sub sp, 2 -%ifdef AES_REV_DKS - add ebp,16 -%else - sub ebp,16 -%endif - save 1,ebp - mov esi,[ebp+8] - mov edi,[ebp+12] - - irn_fun ni_xor, ni_mov - - mov ebx,ebp - mov ecx,esi - mov edx,edi - restore ebp,1 - xor eax,[ebp] - xor ebx,[ebp+4] - add sp, 2 - ret - -%else - -%macro dec_round 0 - -%ifdef AES_REV_DKS - add ebp,16 -%else - sub ebp,16 -%endif - save 0,ebp - mov esi,[ebp+8] - mov edi,[ebp+12] - - irn_fun ni_xor, ni_mov - - mov ebx,ebp - mov ecx,esi - mov edx,edi - restore ebp,0 - xor eax,[ebp] - xor ebx,[ebp+4] - -%endmacro - -%endif - -%macro dec_last_round 0 - -%ifdef AES_REV_DKS - add ebp,16 -%else - sub ebp,16 -%endif - save 0,ebp - mov esi,[ebp+8] - mov edi,[ebp+12] - - irn_fun li_xor, li_mov - - mov ebx,ebp - restore ebp,0 - xor eax,[ebp] - xor ebx,[ebp+4] - -%endmacro - - section _TEXT - -; AES Decryption Subroutine - - do_name _aes_decrypt,12 - - mov ax, sp - movzx esp, ax - - sub esp,stk_spc - mov [esp+16],ebp - mov [esp+12],ebx - mov [esp+ 8],esi - mov [esp+ 4],edi - -; input four columns and xor in first round key - - movzx esi,word [esp+in_blk+stk_spc] ; input pointer - mov eax,[esi ] - mov ebx,[esi+ 4] - mov ecx,[esi+ 8] - mov edx,[esi+12] - lea esi,[esi+16] - - movzx ebp, word [esp+ctx+stk_spc] ; key pointer - movzx edi,byte[ebp+4*KS_LENGTH] -%ifndef AES_REV_DKS ; if decryption key schedule is not reversed - lea ebp,[ebp+edi] ; we have to access it from the top down -%endif - xor eax,[ebp ] ; key schedule - xor ebx,[ebp+ 4] - xor ecx,[ebp+ 8] - xor edx,[ebp+12] - -; determine the number of rounds - -%ifndef AES_256 - cmp edi,10*16 - je .3 - cmp edi,12*16 - je .2 - cmp edi,14*16 - je .1 - mov eax,-1 - jmp .5 -%endif - -.1: mf_call dec_round - mf_call dec_round -.2: mf_call dec_round - mf_call dec_round -.3: mf_call dec_round - mf_call dec_round - mf_call dec_round - mf_call dec_round - mf_call dec_round - mf_call dec_round - mf_call dec_round - mf_call dec_round - mf_call dec_round - dec_last_round - -; move final values to the output array. - - movzx ebp,word [esp+out_blk+stk_spc] - mov [ebp],eax - mov [ebp+4],ebx - mov [ebp+8],esi - mov [ebp+12],edi - xor eax,eax - -.5: mov ebp,[esp+16] - mov ebx,[esp+12] - mov esi,[esp+ 8] - mov edi,[esp+ 4] - add esp,stk_spc - do_exit 12 - -%endif - -%ifdef REDUCE_CODE_SIZE - -inv_mix_col: - movzx ecx,dl ; input eax, edx - movzx ecx,etab_b(ecx) ; output eax - mov eax,dtab_0(ecx) ; used ecx - movzx ecx,dh - shr edx,16 - movzx ecx,etab_b(ecx) - xor eax,dtab_1(ecx) - movzx ecx,dl - movzx ecx,etab_b(ecx) - xor eax,dtab_2(ecx) - movzx ecx,dh - movzx ecx,etab_b(ecx) - xor eax,dtab_3(ecx) - ret - -%else - -%macro inv_mix_col 0 - - movzx ecx,dl ; input eax, edx - movzx ecx,etab_b(ecx) ; output eax - mov eax,dtab_0(ecx) ; used ecx - movzx ecx,dh - shr edx,16 - movzx ecx,etab_b(ecx) - xor eax,dtab_1(ecx) - movzx ecx,dl - movzx ecx,etab_b(ecx) - xor eax,dtab_2(ecx) - movzx ecx,dh - movzx ecx,etab_b(ecx) - xor eax,dtab_3(ecx) - -%endmacro - -%endif - -%ifdef DECRYPTION_KEY_SCHEDULE - -%ifdef AES_128 - -%ifndef DECRYPTION_TABLE -; %define DECRYPTION_TABLE -%endif - - do_name _aes_decrypt_key128,8 - - push ebp - push ebx - push esi - push edi - mov eax,[esp+24] ; context - mov edx,[esp+20] ; key - push eax - push edx - do_call _aes_encrypt_key128,8 ; generate expanded encryption key - mov eax,10*16 - mov esi,[esp+24] ; pointer to first round key - lea edi,[esi+eax] ; pointer to last round key - add esi,32 - ; the inverse mix column transformation - mov edx,[esi-16] ; needs to be applied to all round keys - mf_call inv_mix_col ; except first and last. Hence start by - mov [esi-16],eax ; transforming the four sub-keys in the - mov edx,[esi-12] ; second round key - mf_call inv_mix_col - mov [esi-12],eax ; transformations for subsequent rounds - mov edx,[esi-8] ; can then be made more efficient by - mf_call inv_mix_col ; noting that for three of the four sub-keys - mov [esi-8],eax ; in the encryption round key ek[r]: - mov edx,[esi-4] ; - mf_call inv_mix_col ; ek[r][n] = ek[r][n-1] ^ ek[r-1][n] - mov [esi-4],eax ; - ; where n is 1..3. Hence the corresponding -.0: mov edx,[esi] ; subkeys in the decryption round key dk[r] - mf_call inv_mix_col ; also obey since inv_mix_col is linear in - mov [esi],eax ; GF(256): - xor eax,[esi-12] ; - mov [esi+4],eax ; dk[r][n] = dk[r][n-1] ^ dk[r-1][n] - xor eax,[esi-8] ; - mov [esi+8],eax ; So we only need one inverse mix column - xor eax,[esi-4] ; operation (n = 0) for each four word cycle - mov [esi+12],eax ; in the expanded key. - add esi,16 - cmp edi,esi - jg .0 - jmp dec_end - -%endif - -%ifdef AES_192 - -%ifndef DECRYPTION_TABLE -; %define DECRYPTION_TABLE -%endif - - do_name _aes_decrypt_key192,8 - - push ebp - push ebx - push esi - push edi - mov eax,[esp+24] ; context - mov edx,[esp+20] ; key - push eax - push edx - do_call _aes_encrypt_key192,8 ; generate expanded encryption key - mov eax,12*16 - mov esi,[esp+24] ; first round key - lea edi,[esi+eax] ; last round key - add esi,48 ; the first 6 words are the key, of - ; which the top 2 words are part of - mov edx,[esi-32] ; the second round key and hence - mf_call inv_mix_col ; need to be modified. After this we - mov [esi-32],eax ; need to do a further six values prior - mov edx,[esi-28] ; to using a more efficient technique - mf_call inv_mix_col ; based on: - mov [esi-28],eax ; - ; dk[r][n] = dk[r][n-1] ^ dk[r-1][n] - mov edx,[esi-24] ; - mf_call inv_mix_col ; for n = 1 .. 5 where the key expansion - mov [esi-24],eax ; cycle is now 6 words long - mov edx,[esi-20] - mf_call inv_mix_col - mov [esi-20],eax - mov edx,[esi-16] - mf_call inv_mix_col - mov [esi-16],eax - mov edx,[esi-12] - mf_call inv_mix_col - mov [esi-12],eax - mov edx,[esi-8] - mf_call inv_mix_col - mov [esi-8],eax - mov edx,[esi-4] - mf_call inv_mix_col - mov [esi-4],eax - -.0: mov edx,[esi] ; the expanded key is 13 * 4 = 44 32-bit words - mf_call inv_mix_col ; of which 11 * 4 = 44 have to be modified - mov [esi],eax ; using inv_mix_col. We have already done 8 - xor eax,[esi-20] ; of these so 36 are left - hence we need - mov [esi+4],eax ; exactly 6 loops of six here - xor eax,[esi-16] - mov [esi+8],eax - xor eax,[esi-12] - mov [esi+12],eax - xor eax,[esi-8] - mov [esi+16],eax - xor eax,[esi-4] - mov [esi+20],eax - add esi,24 - cmp edi,esi - jg .0 - jmp dec_end - -%endif - -%ifdef AES_256 - -%ifndef DECRYPTION_TABLE -; %define DECRYPTION_TABLE -%endif - - do_name _aes_decrypt_key256,8 - - mov ax, sp - movzx esp, ax - push ebp - push ebx - push esi - push edi - - movzx eax, word [esp+20] ; ks - movzx edx, word [esp+18] ; key - push ax - push dx - do_call _aes_encrypt_key256,4 ; generate expanded encryption key - mov eax,14*16 - movzx esi, word [esp+20] ; ks - lea edi,[esi+eax] - add esi,64 - - mov edx,[esi-48] ; the primary key is 8 words, of which - mf_call inv_mix_col ; the top four require modification - mov [esi-48],eax - mov edx,[esi-44] - mf_call inv_mix_col - mov [esi-44],eax - mov edx,[esi-40] - mf_call inv_mix_col - mov [esi-40],eax - mov edx,[esi-36] - mf_call inv_mix_col - mov [esi-36],eax - - mov edx,[esi-32] ; the encryption key expansion cycle is - mf_call inv_mix_col ; now eight words long so we need to - mov [esi-32],eax ; start by doing one complete block - mov edx,[esi-28] - mf_call inv_mix_col - mov [esi-28],eax - mov edx,[esi-24] - mf_call inv_mix_col - mov [esi-24],eax - mov edx,[esi-20] - mf_call inv_mix_col - mov [esi-20],eax - mov edx,[esi-16] - mf_call inv_mix_col - mov [esi-16],eax - mov edx,[esi-12] - mf_call inv_mix_col - mov [esi-12],eax - mov edx,[esi-8] - mf_call inv_mix_col - mov [esi-8],eax - mov edx,[esi-4] - mf_call inv_mix_col - mov [esi-4],eax - -.0: mov edx,[esi] ; we can now speed up the remaining - mf_call inv_mix_col ; rounds by using the technique - mov [esi],eax ; outlined earlier. But note that - xor eax,[esi-28] ; there is one extra inverse mix - mov [esi+4],eax ; column operation as the 256 bit - xor eax,[esi-24] ; key has an extra non-linear step - mov [esi+8],eax ; for the midway element. - xor eax,[esi-20] - mov [esi+12],eax ; the expanded key is 15 * 4 = 60 - mov edx,[esi+16] ; 32-bit words of which 52 need to - mf_call inv_mix_col ; be modified. We have already done - mov [esi+16],eax ; 12 so 40 are left - which means - xor eax,[esi-12] ; that we need exactly 5 loops of 8 - mov [esi+20],eax - xor eax,[esi-8] - mov [esi+24],eax - xor eax,[esi-4] - mov [esi+28],eax - add esi,32 - cmp edi,esi - jg .0 - -%endif - -dec_end: - -%ifdef AES_REV_DKS - - movzx esi,word [esp+20] ; this reverses the order of the -.1: mov eax,[esi] ; round keys if required - mov ebx,[esi+4] - mov ebp,[edi] - mov edx,[edi+4] - mov [esi],ebp - mov [esi+4],edx - mov [edi],eax - mov [edi+4],ebx - - mov eax,[esi+8] - mov ebx,[esi+12] - mov ebp,[edi+8] - mov edx,[edi+12] - mov [esi+8],ebp - mov [esi+12],edx - mov [edi+8],eax - mov [edi+12],ebx - - add esi,16 - sub edi,16 - cmp edi,esi - jg .1 - -%endif - - pop edi - pop esi - pop ebx - pop ebp - xor eax,eax - do_exit 8 - -%ifdef AES_VAR - - do_name _aes_decrypt_key,12 - - mov ecx,[esp+4] - mov eax,[esp+8] - mov edx,[esp+12] - push edx - push ecx - - cmp eax,16 - je .1 - cmp eax,128 - je .1 - - cmp eax,24 - je .2 - cmp eax,192 - je .2 - - cmp eax,32 - je .3 - cmp eax,256 - je .3 - mov eax,-1 - add esp,8 - do_exit 12 - -.1: do_call _aes_decrypt_key128,8 - do_exit 12 -.2: do_call _aes_decrypt_key192,8 - do_exit 12 -.3: do_call _aes_decrypt_key256,8 - do_exit 12 - -%endif - -%endif - -%ifdef DECRYPTION_TABLE - -; Inverse S-box data - 256 entries - - section _DATA - -%define v8(x) fe(x), f9(x), fd(x), fb(x), fe(x), f9(x), fd(x), x - -_aes_dec_tab: - db v8(0x52),v8(0x09),v8(0x6a),v8(0xd5),v8(0x30),v8(0x36),v8(0xa5),v8(0x38) - db v8(0xbf),v8(0x40),v8(0xa3),v8(0x9e),v8(0x81),v8(0xf3),v8(0xd7),v8(0xfb) - db v8(0x7c),v8(0xe3),v8(0x39),v8(0x82),v8(0x9b),v8(0x2f),v8(0xff),v8(0x87) - db v8(0x34),v8(0x8e),v8(0x43),v8(0x44),v8(0xc4),v8(0xde),v8(0xe9),v8(0xcb) - db v8(0x54),v8(0x7b),v8(0x94),v8(0x32),v8(0xa6),v8(0xc2),v8(0x23),v8(0x3d) - db v8(0xee),v8(0x4c),v8(0x95),v8(0x0b),v8(0x42),v8(0xfa),v8(0xc3),v8(0x4e) - db v8(0x08),v8(0x2e),v8(0xa1),v8(0x66),v8(0x28),v8(0xd9),v8(0x24),v8(0xb2) - db v8(0x76),v8(0x5b),v8(0xa2),v8(0x49),v8(0x6d),v8(0x8b),v8(0xd1),v8(0x25) - db v8(0x72),v8(0xf8),v8(0xf6),v8(0x64),v8(0x86),v8(0x68),v8(0x98),v8(0x16) - db v8(0xd4),v8(0xa4),v8(0x5c),v8(0xcc),v8(0x5d),v8(0x65),v8(0xb6),v8(0x92) - db v8(0x6c),v8(0x70),v8(0x48),v8(0x50),v8(0xfd),v8(0xed),v8(0xb9),v8(0xda) - db v8(0x5e),v8(0x15),v8(0x46),v8(0x57),v8(0xa7),v8(0x8d),v8(0x9d),v8(0x84) - db v8(0x90),v8(0xd8),v8(0xab),v8(0x00),v8(0x8c),v8(0xbc),v8(0xd3),v8(0x0a) - db v8(0xf7),v8(0xe4),v8(0x58),v8(0x05),v8(0xb8),v8(0xb3),v8(0x45),v8(0x06) - db v8(0xd0),v8(0x2c),v8(0x1e),v8(0x8f),v8(0xca),v8(0x3f),v8(0x0f),v8(0x02) - db v8(0xc1),v8(0xaf),v8(0xbd),v8(0x03),v8(0x01),v8(0x13),v8(0x8a),v8(0x6b) - db v8(0x3a),v8(0x91),v8(0x11),v8(0x41),v8(0x4f),v8(0x67),v8(0xdc),v8(0xea) - db v8(0x97),v8(0xf2),v8(0xcf),v8(0xce),v8(0xf0),v8(0xb4),v8(0xe6),v8(0x73) - db v8(0x96),v8(0xac),v8(0x74),v8(0x22),v8(0xe7),v8(0xad),v8(0x35),v8(0x85) - db v8(0xe2),v8(0xf9),v8(0x37),v8(0xe8),v8(0x1c),v8(0x75),v8(0xdf),v8(0x6e) - db v8(0x47),v8(0xf1),v8(0x1a),v8(0x71),v8(0x1d),v8(0x29),v8(0xc5),v8(0x89) - db v8(0x6f),v8(0xb7),v8(0x62),v8(0x0e),v8(0xaa),v8(0x18),v8(0xbe),v8(0x1b) - db v8(0xfc),v8(0x56),v8(0x3e),v8(0x4b),v8(0xc6),v8(0xd2),v8(0x79),v8(0x20) - db v8(0x9a),v8(0xdb),v8(0xc0),v8(0xfe),v8(0x78),v8(0xcd),v8(0x5a),v8(0xf4) - db v8(0x1f),v8(0xdd),v8(0xa8),v8(0x33),v8(0x88),v8(0x07),v8(0xc7),v8(0x31) - db v8(0xb1),v8(0x12),v8(0x10),v8(0x59),v8(0x27),v8(0x80),v8(0xec),v8(0x5f) - db v8(0x60),v8(0x51),v8(0x7f),v8(0xa9),v8(0x19),v8(0xb5),v8(0x4a),v8(0x0d) - db v8(0x2d),v8(0xe5),v8(0x7a),v8(0x9f),v8(0x93),v8(0xc9),v8(0x9c),v8(0xef) - db v8(0xa0),v8(0xe0),v8(0x3b),v8(0x4d),v8(0xae),v8(0x2a),v8(0xf5),v8(0xb0) - db v8(0xc8),v8(0xeb),v8(0xbb),v8(0x3c),v8(0x83),v8(0x53),v8(0x99),v8(0x61) - db v8(0x17),v8(0x2b),v8(0x04),v8(0x7e),v8(0xba),v8(0x77),v8(0xd6),v8(0x26) - db v8(0xe1),v8(0x69),v8(0x14),v8(0x63),v8(0x55),v8(0x21),v8(0x0c),v8(0x7d) - -%endif + +; --------------------------------------------------------------------------- +; Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. +; +; LICENSE TERMS +; +; The free distribution and use of this software is allowed (with or without +; changes) provided that: +; +; 1. source code distributions include the above copyright notice, this +; list of conditions and the following disclaimer; +; +; 2. binary distributions include the above copyright notice, this list +; of conditions and the following disclaimer in their documentation; +; +; 3. the name of the copyright holder is not used to endorse products +; built using this software without specific written permission. +; +; DISCLAIMER +; +; This software is provided 'as is' with no explicit or implied warranties +; in respect of its properties, including, but not limited to, correctness +; and/or fitness for purpose. +; --------------------------------------------------------------------------- +; Issue 20/12/2007 +; +; This code requires either ASM_X86_V2 or ASM_X86_V2C to be set in aesopt.h +; and the same define to be set here as well. If AES_V2C is set this file +; requires the C files aeskey.c and aestab.c for support. + +; An AES implementation for x86 processors using the YASM (or NASM) assembler. +; This is a full assembler implementation covering encryption, decryption and +; key scheduling. It uses 2k bytes of tables but its encryption and decryption +; performance is very close to that obtained using large tables. Key schedule +; expansion is slower for both encryption and decryption but this is likely to +; be offset by the much smaller load that this version places on the processor +; cache. I acknowledge the contribution made by Daniel Bernstein to aspects of +; the design of the AES round function used here. +; +; This code provides the standard AES block size (128 bits, 16 bytes) and the +; three standard AES key sizes (128, 192 and 256 bits). It has the same call +; interface as my C implementation. The ebx, esi, edi and ebp registers are +; preserved across calls but eax, ecx and edx and the artihmetic status flags +; are not. Although this is a full assembler implementation, it can be used +; in conjunction with my C code which provides faster key scheduling using +; large tables. In this case aeskey.c should be compiled with ASM_X86_V2C +; defined. It is also important that the defines below match those used in the +; C code. This code uses the VC++ register saving conentions; if it is used +; with another compiler, conventions for using and saving registers may need +; to be checked (and calling conventions). The YASM command line for the VC++ +; custom build step is: +; +; yasm -Xvc -f win32 -D -o "$(TargetDir)\$(InputName).obj" "$(InputPath)" +; +; For the cryptlib build this is (pcg): +; +; yasm -Xvc -f win32 -D ASM_X86_V2C -o aescrypt2.obj aes_x86_v2.asm +; +; where is ASM_X86_V2 or ASM_X86_V2C. The calling intefaces are: +; +; AES_RETURN aes_encrypt(const unsigned char in_blk[], +; unsigned char out_blk[], const aes_encrypt_ctx cx[1]); +; +; AES_RETURN aes_decrypt(const unsigned char in_blk[], +; unsigned char out_blk[], const aes_decrypt_ctx cx[1]); +; +; AES_RETURN aes_encrypt_key(const unsigned char key[], +; const aes_encrypt_ctx cx[1]); +; +; AES_RETURN aes_decrypt_key(const unsigned char key[], +; const aes_decrypt_ctx cx[1]); +; +; AES_RETURN aes_encrypt_key(const unsigned char key[], +; unsigned int len, const aes_decrypt_ctx cx[1]); +; +; AES_RETURN aes_decrypt_key(const unsigned char key[], +; unsigned int len, const aes_decrypt_ctx cx[1]); +; +; where is 128, 102 or 256. In the last two calls the length can be in +; either bits or bytes. + +; The DLL interface must use the _stdcall convention in which the number +; of bytes of parameter space is added after an @ to the sutine's name. +; We must also remove our parameters from the stack before return (see +; the do_exit macro). Define DLL_EXPORT for the Dynamic Link Library version. + +; +; Adapted for TrueCrypt: +; - All tables generated at run-time +; - Adapted for 16-bit environment +; + +CPU 386 +USE16 +SEGMENT _TEXT PUBLIC CLASS=CODE USE16 +SEGMENT _DATA PUBLIC CLASS=DATA USE16 + +GROUP DGROUP _TEXT _DATA + +extern _aes_dec_tab ; Aestab.c +extern _aes_enc_tab + +; %define DLL_EXPORT + +; The size of the code can be reduced by using functions for the encryption +; and decryption rounds in place of macro expansion + +%define REDUCE_CODE_SIZE + +; Comment in/out the following lines to obtain the desired subroutines. These +; selections MUST match those in the C header file aes.h + +; %define AES_128 ; define if AES with 128 bit keys is needed +; %define AES_192 ; define if AES with 192 bit keys is needed +%define AES_256 ; define if AES with 256 bit keys is needed +; %define AES_VAR ; define if a variable key size is needed +%define ENCRYPTION ; define if encryption is needed +%define DECRYPTION ; define if decryption is needed +; %define AES_REV_DKS ; define if key decryption schedule is reversed + +%ifndef ASM_X86_V2C +%define ENCRYPTION_KEY_SCHEDULE ; define if encryption key expansion is needed +%define DECRYPTION_KEY_SCHEDULE ; define if decryption key expansion is needed +%endif + +; The encryption key schedule has the following in memory layout where N is the +; number of rounds (10, 12 or 14): +; +; lo: | input key (round 0) | ; each round is four 32-bit words +; | encryption round 1 | +; | encryption round 2 | +; .... +; | encryption round N-1 | +; hi: | encryption round N | +; +; The decryption key schedule is normally set up so that it has the same +; layout as above by actually reversing the order of the encryption key +; schedule in memory (this happens when AES_REV_DKS is set): +; +; lo: | decryption round 0 | = | encryption round N | +; | decryption round 1 | = INV_MIX_COL[ | encryption round N-1 | ] +; | decryption round 2 | = INV_MIX_COL[ | encryption round N-2 | ] +; .... .... +; | decryption round N-1 | = INV_MIX_COL[ | encryption round 1 | ] +; hi: | decryption round N | = | input key (round 0) | +; +; with rounds except the first and last modified using inv_mix_column() +; But if AES_REV_DKS is NOT set the order of keys is left as it is for +; encryption so that it has to be accessed in reverse when used for +; decryption (although the inverse mix column modifications are done) +; +; lo: | decryption round 0 | = | input key (round 0) | +; | decryption round 1 | = INV_MIX_COL[ | encryption round 1 | ] +; | decryption round 2 | = INV_MIX_COL[ | encryption round 2 | ] +; .... .... +; | decryption round N-1 | = INV_MIX_COL[ | encryption round N-1 | ] +; hi: | decryption round N | = | encryption round N | +; +; This layout is faster when the assembler key scheduling provided here +; is used. +; +; End of user defines + +%ifdef AES_VAR +%ifndef AES_128 +%define AES_128 +%endif +%ifndef AES_192 +%define AES_192 +%endif +%ifndef AES_256 +%define AES_256 +%endif +%endif + +%ifdef AES_VAR +%define KS_LENGTH 60 +%elifdef AES_256 +%define KS_LENGTH 60 +%elifdef AES_192 +%define KS_LENGTH 52 +%else +%define KS_LENGTH 44 +%endif + +; These macros implement stack based local variables + +%macro save 2 + mov [esp+4*%1],%2 +%endmacro + +%macro restore 2 + mov %1,[esp+4*%2] +%endmacro + +%ifdef REDUCE_CODE_SIZE + %macro mf_call 1 + call %1 + %endmacro +%else + %macro mf_call 1 + %1 + %endmacro +%endif + +; the DLL has to implement the _stdcall calling interface on return +; In this case we have to take our parameters (3 4-byte pointers) +; off the stack + +%define parms 12 + +%macro do_name 1-2 parms +%ifndef DLL_EXPORT + global %1 +%1: +%else + global %1@%2 + export %1@%2 +%1@%2: +%endif +%endmacro + +%macro do_call 1-2 parms +%ifndef DLL_EXPORT + call %1 + add esp,%2 +%else + call %1@%2 +%endif +%endmacro + +%macro do_exit 0-1 parms +%ifdef DLL_EXPORT + ret %1 +%else + ret +%endif +%endmacro + +; finite field multiplies by {02}, {04} and {08} + +%define f2(x) ((x<<1)^(((x>>7)&1)*0x11b)) +%define f4(x) ((x<<2)^(((x>>6)&1)*0x11b)^(((x>>6)&2)*0x11b)) +%define f8(x) ((x<<3)^(((x>>5)&1)*0x11b)^(((x>>5)&2)*0x11b)^(((x>>5)&4)*0x11b)) + +; finite field multiplies required in table generation + +%define f3(x) (f2(x) ^ x) +%define f9(x) (f8(x) ^ x) +%define fb(x) (f8(x) ^ f2(x) ^ x) +%define fd(x) (f8(x) ^ f4(x) ^ x) +%define fe(x) (f8(x) ^ f4(x) ^ f2(x)) + +%define etab_0(x) [_aes_enc_tab+4+8*x] +%define etab_1(x) [_aes_enc_tab+3+8*x] +%define etab_2(x) [_aes_enc_tab+2+8*x] +%define etab_3(x) [_aes_enc_tab+1+8*x] +%define etab_b(x) byte [_aes_enc_tab+1+8*x] ; used with movzx for 0x000000xx +%define etab_w(x) word [_aes_enc_tab+8*x] ; used with movzx for 0x0000xx00 + +%define btab_0(x) [_aes_enc_tab+6+8*x] +%define btab_1(x) [_aes_enc_tab+5+8*x] +%define btab_2(x) [_aes_enc_tab+4+8*x] +%define btab_3(x) [_aes_enc_tab+3+8*x] + +; ROUND FUNCTION. Build column[2] on ESI and column[3] on EDI that have the +; round keys pre-loaded. Build column[0] in EBP and column[1] in EBX. +; +; Input: +; +; EAX column[0] +; EBX column[1] +; ECX column[2] +; EDX column[3] +; ESI column key[round][2] +; EDI column key[round][3] +; EBP scratch +; +; Output: +; +; EBP column[0] unkeyed +; EBX column[1] unkeyed +; ESI column[2] keyed +; EDI column[3] keyed +; EAX scratch +; ECX scratch +; EDX scratch + +%macro rnd_fun 2 + + rol ebx,16 + %1 esi, cl, 0, ebp + %1 esi, dh, 1, ebp + %1 esi, bh, 3, ebp + %1 edi, dl, 0, ebp + %1 edi, ah, 1, ebp + %1 edi, bl, 2, ebp + %2 ebp, al, 0, ebp + shr ebx,16 + and eax,0xffff0000 + or eax,ebx + shr edx,16 + %1 ebp, ah, 1, ebx + %1 ebp, dh, 3, ebx + %2 ebx, dl, 2, ebx + %1 ebx, ch, 1, edx + %1 ebx, al, 0, edx + shr eax,16 + shr ecx,16 + %1 ebp, cl, 2, edx + %1 edi, ch, 3, edx + %1 esi, al, 2, edx + %1 ebx, ah, 3, edx + +%endmacro + +; Basic MOV and XOR Operations for normal rounds + +%macro nr_xor 4 + movzx %4,%2 + xor %1,etab_%3(%4) +%endmacro + +%macro nr_mov 4 + movzx %4,%2 + mov %1,etab_%3(%4) +%endmacro + +; Basic MOV and XOR Operations for last round + +%if 1 + + %macro lr_xor 4 + movzx %4,%2 + movzx %4,etab_b(%4) + %if %3 != 0 + shl %4,8*%3 + %endif + xor %1,%4 + %endmacro + + %macro lr_mov 4 + movzx %4,%2 + movzx %1,etab_b(%4) + %if %3 != 0 + shl %1,8*%3 + %endif + %endmacro + +%else ; less effective but worth leaving as an option + + %macro lr_xor 4 + movzx %4,%2 + mov %4,btab_%3(%4) + and %4,0x000000ff << 8 * %3 + xor %1,%4 + %endmacro + + %macro lr_mov 4 + movzx %4,%2 + mov %1,btab_%3(%4) + and %1,0x000000ff << 8 * %3 + %endmacro + +%endif + +; Apply S-Box to the 4 bytes in a 32-bit word and rotate byte positions + +%ifdef REDUCE_CODE_SIZE + +l3s_col: + movzx ecx,al ; in eax + movzx ecx, etab_b(ecx) ; out eax + xor edx,ecx ; scratch ecx,edx + movzx ecx,ah + movzx ecx, etab_b(ecx) + shl ecx,8 + xor edx,ecx + shr eax,16 + movzx ecx,al + movzx ecx, etab_b(ecx) + shl ecx,16 + xor edx,ecx + movzx ecx,ah + movzx ecx, etab_b(ecx) + shl ecx,24 + xor edx,ecx + mov eax,edx + ret + +%else + +%macro l3s_col 0 + + movzx ecx,al ; in eax + movzx ecx, etab_b(ecx) ; out eax + xor edx,ecx ; scratch ecx,edx + movzx ecx,ah + movzx ecx, etab_b(ecx) + shl ecx,8 + xor edx,ecx + shr eax,16 + movzx ecx,al + movzx ecx, etab_b(ecx) + shl ecx,16 + xor edx,ecx + movzx ecx,ah + movzx ecx, etab_b(ecx) + shl ecx,24 + xor edx,ecx + mov eax,edx + +%endmacro + +%endif + +; offsets to parameters + +in_blk equ 2 ; input byte array address parameter +out_blk equ 4 ; output byte array address parameter +ctx equ 6 ; AES context structure +stk_spc equ 20 ; stack space + +%ifdef ENCRYPTION + +; %define ENCRYPTION_TABLE + +%ifdef REDUCE_CODE_SIZE + +enc_round: + sub sp, 2 + add ebp,16 + save 1,ebp + mov esi,[ebp+8] + mov edi,[ebp+12] + + rnd_fun nr_xor, nr_mov + + mov eax,ebp + mov ecx,esi + mov edx,edi + restore ebp,1 + xor eax,[ebp] + xor ebx,[ebp+4] + add sp, 2 + ret + +%else + +%macro enc_round 0 + + add ebp,16 + save 0,ebp + mov esi,[ebp+8] + mov edi,[ebp+12] + + rnd_fun nr_xor, nr_mov + + mov eax,ebp + mov ecx,esi + mov edx,edi + restore ebp,0 + xor eax,[ebp] + xor ebx,[ebp+4] + +%endmacro + +%endif + +%macro enc_last_round 0 + + add ebp,16 + save 0,ebp + mov esi,[ebp+8] + mov edi,[ebp+12] + + rnd_fun lr_xor, lr_mov + + mov eax,ebp + restore ebp,0 + xor eax,[ebp] + xor ebx,[ebp+4] + +%endmacro + + section _TEXT + +; AES Encryption Subroutine + + do_name _aes_encrypt,12 + + mov ax, sp + movzx esp, ax + + sub esp,stk_spc + mov [esp+16],ebp + mov [esp+12],ebx + mov [esp+ 8],esi + mov [esp+ 4],edi + + movzx esi,word [esp+in_blk+stk_spc] ; input pointer + mov eax,[esi ] + mov ebx,[esi+ 4] + mov ecx,[esi+ 8] + mov edx,[esi+12] + + movzx ebp,word [esp+ctx+stk_spc] ; key pointer + movzx edi,byte [ebp+4*KS_LENGTH] + xor eax,[ebp ] + xor ebx,[ebp+ 4] + xor ecx,[ebp+ 8] + xor edx,[ebp+12] + +; determine the number of rounds + +%ifndef AES_256 + cmp edi,10*16 + je .3 + cmp edi,12*16 + je .2 + cmp edi,14*16 + je .1 + mov eax,-1 + jmp .5 +%endif + +.1: mf_call enc_round + mf_call enc_round +.2: mf_call enc_round + mf_call enc_round +.3: mf_call enc_round + mf_call enc_round + mf_call enc_round + mf_call enc_round + mf_call enc_round + mf_call enc_round + mf_call enc_round + mf_call enc_round + mf_call enc_round + enc_last_round + + movzx edx,word [esp+out_blk+stk_spc] + mov [edx],eax + mov [edx+4],ebx + mov [edx+8],esi + mov [edx+12],edi + xor eax,eax + +.5: mov ebp,[esp+16] + mov ebx,[esp+12] + mov esi,[esp+ 8] + mov edi,[esp+ 4] + add esp,stk_spc + do_exit 12 + +%endif + +%macro f_key 2 + + push ecx + push edx + mov edx,esi + ror eax,8 + mf_call l3s_col + mov esi,eax + pop edx + pop ecx + xor esi,rc_val + + mov [ebp+%1*%2],esi + xor edi,esi + mov [ebp+%1*%2+4],edi + xor ecx,edi + mov [ebp+%1*%2+8],ecx + xor edx,ecx + mov [ebp+%1*%2+12],edx + mov eax,edx + +%if %2 == 24 + +%if %1 < 7 + xor eax,[ebp+%1*%2+16-%2] + mov [ebp+%1*%2+16],eax + xor eax,[ebp+%1*%2+20-%2] + mov [ebp+%1*%2+20],eax +%endif + +%elif %2 == 32 + +%if %1 < 6 + push ecx + push edx + mov edx,[ebp+%1*%2+16-%2] + mf_call l3s_col + pop edx + pop ecx + mov [ebp+%1*%2+16],eax + xor eax,[ebp+%1*%2+20-%2] + mov [ebp+%1*%2+20],eax + xor eax,[ebp+%1*%2+24-%2] + mov [ebp+%1*%2+24],eax + xor eax,[ebp+%1*%2+28-%2] + mov [ebp+%1*%2+28],eax +%endif + +%endif + +%assign rc_val f2(rc_val) + +%endmacro + +%ifdef ENCRYPTION_KEY_SCHEDULE + +%ifdef AES_128 + +%ifndef ENCRYPTION_TABLE +; %define ENCRYPTION_TABLE +%endif + +%assign rc_val 1 + + do_name _aes_encrypt_key128,8 + + push ebp + push ebx + push esi + push edi + + mov ebp,[esp+24] + mov [ebp+4*KS_LENGTH],dword 10*16 + mov ebx,[esp+20] + + mov esi,[ebx] + mov [ebp],esi + mov edi,[ebx+4] + mov [ebp+4],edi + mov ecx,[ebx+8] + mov [ebp+8],ecx + mov edx,[ebx+12] + mov [ebp+12],edx + add ebp,16 + mov eax,edx + + f_key 0,16 ; 11 * 4 = 44 unsigned longs + f_key 1,16 ; 4 + 4 * 10 generated = 44 + f_key 2,16 + f_key 3,16 + f_key 4,16 + f_key 5,16 + f_key 6,16 + f_key 7,16 + f_key 8,16 + f_key 9,16 + + pop edi + pop esi + pop ebx + pop ebp + xor eax,eax + do_exit 8 + +%endif + +%ifdef AES_192 + +%ifndef ENCRYPTION_TABLE +; %define ENCRYPTION_TABLE +%endif + +%assign rc_val 1 + + do_name _aes_encrypt_key192,8 + + push ebp + push ebx + push esi + push edi + + mov ebp,[esp+24] + mov [ebp+4*KS_LENGTH],dword 12 * 16 + mov ebx,[esp+20] + + mov esi,[ebx] + mov [ebp],esi + mov edi,[ebx+4] + mov [ebp+4],edi + mov ecx,[ebx+8] + mov [ebp+8],ecx + mov edx,[ebx+12] + mov [ebp+12],edx + mov eax,[ebx+16] + mov [ebp+16],eax + mov eax,[ebx+20] + mov [ebp+20],eax + add ebp,24 + + f_key 0,24 ; 13 * 4 = 52 unsigned longs + f_key 1,24 ; 6 + 6 * 8 generated = 54 + f_key 2,24 + f_key 3,24 + f_key 4,24 + f_key 5,24 + f_key 6,24 + f_key 7,24 + + pop edi + pop esi + pop ebx + pop ebp + xor eax,eax + do_exit 8 + +%endif + +%ifdef AES_256 + +%ifndef ENCRYPTION_TABLE +; %define ENCRYPTION_TABLE +%endif + +%assign rc_val 1 + + do_name _aes_encrypt_key256,8 + + mov ax, sp + movzx esp, ax + + push ebp + push ebx + push esi + push edi + + movzx ebp, word [esp+20] ; ks + mov [ebp+4*KS_LENGTH],dword 14 * 16 + movzx ebx, word [esp+18] ; key + + mov esi,[ebx] + mov [ebp],esi + mov edi,[ebx+4] + mov [ebp+4],edi + mov ecx,[ebx+8] + mov [ebp+8],ecx + mov edx,[ebx+12] + mov [ebp+12],edx + mov eax,[ebx+16] + mov [ebp+16],eax + mov eax,[ebx+20] + mov [ebp+20],eax + mov eax,[ebx+24] + mov [ebp+24],eax + mov eax,[ebx+28] + mov [ebp+28],eax + add ebp,32 + + f_key 0,32 ; 15 * 4 = 60 unsigned longs + f_key 1,32 ; 8 + 8 * 7 generated = 64 + f_key 2,32 + f_key 3,32 + f_key 4,32 + f_key 5,32 + f_key 6,32 + + pop edi + pop esi + pop ebx + pop ebp + xor eax,eax + do_exit 8 + +%endif + +%ifdef AES_VAR + +%ifndef ENCRYPTION_TABLE +; %define ENCRYPTION_TABLE +%endif + + do_name _aes_encrypt_key,12 + + mov ecx,[esp+4] + mov eax,[esp+8] + mov edx,[esp+12] + push edx + push ecx + + cmp eax,16 + je .1 + cmp eax,128 + je .1 + + cmp eax,24 + je .2 + cmp eax,192 + je .2 + + cmp eax,32 + je .3 + cmp eax,256 + je .3 + mov eax,-1 + add esp,8 + do_exit 12 + +.1: do_call _aes_encrypt_key128,8 + do_exit 12 +.2: do_call _aes_encrypt_key192,8 + do_exit 12 +.3: do_call _aes_encrypt_key256,8 + do_exit 12 + +%endif + +%endif + +%ifdef ENCRYPTION_TABLE + +; S-box data - 256 entries + + section _DATA + +%define u8(x) 0, x, x, f3(x), f2(x), x, x, f3(x) + +_aes_enc_tab: + db u8(0x63),u8(0x7c),u8(0x77),u8(0x7b),u8(0xf2),u8(0x6b),u8(0x6f),u8(0xc5) + db u8(0x30),u8(0x01),u8(0x67),u8(0x2b),u8(0xfe),u8(0xd7),u8(0xab),u8(0x76) + db u8(0xca),u8(0x82),u8(0xc9),u8(0x7d),u8(0xfa),u8(0x59),u8(0x47),u8(0xf0) + db u8(0xad),u8(0xd4),u8(0xa2),u8(0xaf),u8(0x9c),u8(0xa4),u8(0x72),u8(0xc0) + db u8(0xb7),u8(0xfd),u8(0x93),u8(0x26),u8(0x36),u8(0x3f),u8(0xf7),u8(0xcc) + db u8(0x34),u8(0xa5),u8(0xe5),u8(0xf1),u8(0x71),u8(0xd8),u8(0x31),u8(0x15) + db u8(0x04),u8(0xc7),u8(0x23),u8(0xc3),u8(0x18),u8(0x96),u8(0x05),u8(0x9a) + db u8(0x07),u8(0x12),u8(0x80),u8(0xe2),u8(0xeb),u8(0x27),u8(0xb2),u8(0x75) + db u8(0x09),u8(0x83),u8(0x2c),u8(0x1a),u8(0x1b),u8(0x6e),u8(0x5a),u8(0xa0) + db u8(0x52),u8(0x3b),u8(0xd6),u8(0xb3),u8(0x29),u8(0xe3),u8(0x2f),u8(0x84) + db u8(0x53),u8(0xd1),u8(0x00),u8(0xed),u8(0x20),u8(0xfc),u8(0xb1),u8(0x5b) + db u8(0x6a),u8(0xcb),u8(0xbe),u8(0x39),u8(0x4a),u8(0x4c),u8(0x58),u8(0xcf) + db u8(0xd0),u8(0xef),u8(0xaa),u8(0xfb),u8(0x43),u8(0x4d),u8(0x33),u8(0x85) + db u8(0x45),u8(0xf9),u8(0x02),u8(0x7f),u8(0x50),u8(0x3c),u8(0x9f),u8(0xa8) + db u8(0x51),u8(0xa3),u8(0x40),u8(0x8f),u8(0x92),u8(0x9d),u8(0x38),u8(0xf5) + db u8(0xbc),u8(0xb6),u8(0xda),u8(0x21),u8(0x10),u8(0xff),u8(0xf3),u8(0xd2) + db u8(0xcd),u8(0x0c),u8(0x13),u8(0xec),u8(0x5f),u8(0x97),u8(0x44),u8(0x17) + db u8(0xc4),u8(0xa7),u8(0x7e),u8(0x3d),u8(0x64),u8(0x5d),u8(0x19),u8(0x73) + db u8(0x60),u8(0x81),u8(0x4f),u8(0xdc),u8(0x22),u8(0x2a),u8(0x90),u8(0x88) + db u8(0x46),u8(0xee),u8(0xb8),u8(0x14),u8(0xde),u8(0x5e),u8(0x0b),u8(0xdb) + db u8(0xe0),u8(0x32),u8(0x3a),u8(0x0a),u8(0x49),u8(0x06),u8(0x24),u8(0x5c) + db u8(0xc2),u8(0xd3),u8(0xac),u8(0x62),u8(0x91),u8(0x95),u8(0xe4),u8(0x79) + db u8(0xe7),u8(0xc8),u8(0x37),u8(0x6d),u8(0x8d),u8(0xd5),u8(0x4e),u8(0xa9) + db u8(0x6c),u8(0x56),u8(0xf4),u8(0xea),u8(0x65),u8(0x7a),u8(0xae),u8(0x08) + db u8(0xba),u8(0x78),u8(0x25),u8(0x2e),u8(0x1c),u8(0xa6),u8(0xb4),u8(0xc6) + db u8(0xe8),u8(0xdd),u8(0x74),u8(0x1f),u8(0x4b),u8(0xbd),u8(0x8b),u8(0x8a) + db u8(0x70),u8(0x3e),u8(0xb5),u8(0x66),u8(0x48),u8(0x03),u8(0xf6),u8(0x0e) + db u8(0x61),u8(0x35),u8(0x57),u8(0xb9),u8(0x86),u8(0xc1),u8(0x1d),u8(0x9e) + db u8(0xe1),u8(0xf8),u8(0x98),u8(0x11),u8(0x69),u8(0xd9),u8(0x8e),u8(0x94) + db u8(0x9b),u8(0x1e),u8(0x87),u8(0xe9),u8(0xce),u8(0x55),u8(0x28),u8(0xdf) + db u8(0x8c),u8(0xa1),u8(0x89),u8(0x0d),u8(0xbf),u8(0xe6),u8(0x42),u8(0x68) + db u8(0x41),u8(0x99),u8(0x2d),u8(0x0f),u8(0xb0),u8(0x54),u8(0xbb),u8(0x16) + +%endif + +%ifdef DECRYPTION + +; %define DECRYPTION_TABLE + +%define dtab_0(x) [_aes_dec_tab+ 8*x] +%define dtab_1(x) [_aes_dec_tab+3+8*x] +%define dtab_2(x) [_aes_dec_tab+2+8*x] +%define dtab_3(x) [_aes_dec_tab+1+8*x] +%define dtab_x(x) byte [_aes_dec_tab+7+8*x] + +%macro irn_fun 2 + + rol eax,16 + %1 esi, cl, 0, ebp + %1 esi, bh, 1, ebp + %1 esi, al, 2, ebp + %1 edi, dl, 0, ebp + %1 edi, ch, 1, ebp + %1 edi, ah, 3, ebp + %2 ebp, bl, 0, ebp + shr eax,16 + and ebx,0xffff0000 + or ebx,eax + shr ecx,16 + %1 ebp, bh, 1, eax + %1 ebp, ch, 3, eax + %2 eax, cl, 2, ecx + %1 eax, bl, 0, ecx + %1 eax, dh, 1, ecx + shr ebx,16 + shr edx,16 + %1 esi, dh, 3, ecx + %1 ebp, dl, 2, ecx + %1 eax, bh, 3, ecx + %1 edi, bl, 2, ecx + +%endmacro + +; Basic MOV and XOR Operations for normal rounds + +%macro ni_xor 4 + movzx %4,%2 + xor %1,dtab_%3(%4) +%endmacro + +%macro ni_mov 4 + movzx %4,%2 + mov %1,dtab_%3(%4) +%endmacro + +; Basic MOV and XOR Operations for last round + +%macro li_xor 4 + movzx %4,%2 + movzx %4,dtab_x(%4) +%if %3 != 0 + shl %4,8*%3 +%endif + xor %1,%4 +%endmacro + +%macro li_mov 4 + movzx %4,%2 + movzx %1,dtab_x(%4) +%if %3 != 0 + shl %1,8*%3 +%endif +%endmacro + +%ifdef REDUCE_CODE_SIZE + +dec_round: + sub sp, 2 +%ifdef AES_REV_DKS + add ebp,16 +%else + sub ebp,16 +%endif + save 1,ebp + mov esi,[ebp+8] + mov edi,[ebp+12] + + irn_fun ni_xor, ni_mov + + mov ebx,ebp + mov ecx,esi + mov edx,edi + restore ebp,1 + xor eax,[ebp] + xor ebx,[ebp+4] + add sp, 2 + ret + +%else + +%macro dec_round 0 + +%ifdef AES_REV_DKS + add ebp,16 +%else + sub ebp,16 +%endif + save 0,ebp + mov esi,[ebp+8] + mov edi,[ebp+12] + + irn_fun ni_xor, ni_mov + + mov ebx,ebp + mov ecx,esi + mov edx,edi + restore ebp,0 + xor eax,[ebp] + xor ebx,[ebp+4] + +%endmacro + +%endif + +%macro dec_last_round 0 + +%ifdef AES_REV_DKS + add ebp,16 +%else + sub ebp,16 +%endif + save 0,ebp + mov esi,[ebp+8] + mov edi,[ebp+12] + + irn_fun li_xor, li_mov + + mov ebx,ebp + restore ebp,0 + xor eax,[ebp] + xor ebx,[ebp+4] + +%endmacro + + section _TEXT + +; AES Decryption Subroutine + + do_name _aes_decrypt,12 + + mov ax, sp + movzx esp, ax + + sub esp,stk_spc + mov [esp+16],ebp + mov [esp+12],ebx + mov [esp+ 8],esi + mov [esp+ 4],edi + +; input four columns and xor in first round key + + movzx esi,word [esp+in_blk+stk_spc] ; input pointer + mov eax,[esi ] + mov ebx,[esi+ 4] + mov ecx,[esi+ 8] + mov edx,[esi+12] + lea esi,[esi+16] + + movzx ebp, word [esp+ctx+stk_spc] ; key pointer + movzx edi,byte[ebp+4*KS_LENGTH] +%ifndef AES_REV_DKS ; if decryption key schedule is not reversed + lea ebp,[ebp+edi] ; we have to access it from the top down +%endif + xor eax,[ebp ] ; key schedule + xor ebx,[ebp+ 4] + xor ecx,[ebp+ 8] + xor edx,[ebp+12] + +; determine the number of rounds + +%ifndef AES_256 + cmp edi,10*16 + je .3 + cmp edi,12*16 + je .2 + cmp edi,14*16 + je .1 + mov eax,-1 + jmp .5 +%endif + +.1: mf_call dec_round + mf_call dec_round +.2: mf_call dec_round + mf_call dec_round +.3: mf_call dec_round + mf_call dec_round + mf_call dec_round + mf_call dec_round + mf_call dec_round + mf_call dec_round + mf_call dec_round + mf_call dec_round + mf_call dec_round + dec_last_round + +; move final values to the output array. + + movzx ebp,word [esp+out_blk+stk_spc] + mov [ebp],eax + mov [ebp+4],ebx + mov [ebp+8],esi + mov [ebp+12],edi + xor eax,eax + +.5: mov ebp,[esp+16] + mov ebx,[esp+12] + mov esi,[esp+ 8] + mov edi,[esp+ 4] + add esp,stk_spc + do_exit 12 + +%endif + +%ifdef REDUCE_CODE_SIZE + +inv_mix_col: + movzx ecx,dl ; input eax, edx + movzx ecx,etab_b(ecx) ; output eax + mov eax,dtab_0(ecx) ; used ecx + movzx ecx,dh + shr edx,16 + movzx ecx,etab_b(ecx) + xor eax,dtab_1(ecx) + movzx ecx,dl + movzx ecx,etab_b(ecx) + xor eax,dtab_2(ecx) + movzx ecx,dh + movzx ecx,etab_b(ecx) + xor eax,dtab_3(ecx) + ret + +%else + +%macro inv_mix_col 0 + + movzx ecx,dl ; input eax, edx + movzx ecx,etab_b(ecx) ; output eax + mov eax,dtab_0(ecx) ; used ecx + movzx ecx,dh + shr edx,16 + movzx ecx,etab_b(ecx) + xor eax,dtab_1(ecx) + movzx ecx,dl + movzx ecx,etab_b(ecx) + xor eax,dtab_2(ecx) + movzx ecx,dh + movzx ecx,etab_b(ecx) + xor eax,dtab_3(ecx) + +%endmacro + +%endif + +%ifdef DECRYPTION_KEY_SCHEDULE + +%ifdef AES_128 + +%ifndef DECRYPTION_TABLE +; %define DECRYPTION_TABLE +%endif + + do_name _aes_decrypt_key128,8 + + push ebp + push ebx + push esi + push edi + mov eax,[esp+24] ; context + mov edx,[esp+20] ; key + push eax + push edx + do_call _aes_encrypt_key128,8 ; generate expanded encryption key + mov eax,10*16 + mov esi,[esp+24] ; pointer to first round key + lea edi,[esi+eax] ; pointer to last round key + add esi,32 + ; the inverse mix column transformation + mov edx,[esi-16] ; needs to be applied to all round keys + mf_call inv_mix_col ; except first and last. Hence start by + mov [esi-16],eax ; transforming the four sub-keys in the + mov edx,[esi-12] ; second round key + mf_call inv_mix_col + mov [esi-12],eax ; transformations for subsequent rounds + mov edx,[esi-8] ; can then be made more efficient by + mf_call inv_mix_col ; noting that for three of the four sub-keys + mov [esi-8],eax ; in the encryption round key ek[r]: + mov edx,[esi-4] ; + mf_call inv_mix_col ; ek[r][n] = ek[r][n-1] ^ ek[r-1][n] + mov [esi-4],eax ; + ; where n is 1..3. Hence the corresponding +.0: mov edx,[esi] ; subkeys in the decryption round key dk[r] + mf_call inv_mix_col ; also obey since inv_mix_col is linear in + mov [esi],eax ; GF(256): + xor eax,[esi-12] ; + mov [esi+4],eax ; dk[r][n] = dk[r][n-1] ^ dk[r-1][n] + xor eax,[esi-8] ; + mov [esi+8],eax ; So we only need one inverse mix column + xor eax,[esi-4] ; operation (n = 0) for each four word cycle + mov [esi+12],eax ; in the expanded key. + add esi,16 + cmp edi,esi + jg .0 + jmp dec_end + +%endif + +%ifdef AES_192 + +%ifndef DECRYPTION_TABLE +; %define DECRYPTION_TABLE +%endif + + do_name _aes_decrypt_key192,8 + + push ebp + push ebx + push esi + push edi + mov eax,[esp+24] ; context + mov edx,[esp+20] ; key + push eax + push edx + do_call _aes_encrypt_key192,8 ; generate expanded encryption key + mov eax,12*16 + mov esi,[esp+24] ; first round key + lea edi,[esi+eax] ; last round key + add esi,48 ; the first 6 words are the key, of + ; which the top 2 words are part of + mov edx,[esi-32] ; the second round key and hence + mf_call inv_mix_col ; need to be modified. After this we + mov [esi-32],eax ; need to do a further six values prior + mov edx,[esi-28] ; to using a more efficient technique + mf_call inv_mix_col ; based on: + mov [esi-28],eax ; + ; dk[r][n] = dk[r][n-1] ^ dk[r-1][n] + mov edx,[esi-24] ; + mf_call inv_mix_col ; for n = 1 .. 5 where the key expansion + mov [esi-24],eax ; cycle is now 6 words long + mov edx,[esi-20] + mf_call inv_mix_col + mov [esi-20],eax + mov edx,[esi-16] + mf_call inv_mix_col + mov [esi-16],eax + mov edx,[esi-12] + mf_call inv_mix_col + mov [esi-12],eax + mov edx,[esi-8] + mf_call inv_mix_col + mov [esi-8],eax + mov edx,[esi-4] + mf_call inv_mix_col + mov [esi-4],eax + +.0: mov edx,[esi] ; the expanded key is 13 * 4 = 44 32-bit words + mf_call inv_mix_col ; of which 11 * 4 = 44 have to be modified + mov [esi],eax ; using inv_mix_col. We have already done 8 + xor eax,[esi-20] ; of these so 36 are left - hence we need + mov [esi+4],eax ; exactly 6 loops of six here + xor eax,[esi-16] + mov [esi+8],eax + xor eax,[esi-12] + mov [esi+12],eax + xor eax,[esi-8] + mov [esi+16],eax + xor eax,[esi-4] + mov [esi+20],eax + add esi,24 + cmp edi,esi + jg .0 + jmp dec_end + +%endif + +%ifdef AES_256 + +%ifndef DECRYPTION_TABLE +; %define DECRYPTION_TABLE +%endif + + do_name _aes_decrypt_key256,8 + + mov ax, sp + movzx esp, ax + push ebp + push ebx + push esi + push edi + + movzx eax, word [esp+20] ; ks + movzx edx, word [esp+18] ; key + push ax + push dx + do_call _aes_encrypt_key256,4 ; generate expanded encryption key + mov eax,14*16 + movzx esi, word [esp+20] ; ks + lea edi,[esi+eax] + add esi,64 + + mov edx,[esi-48] ; the primary key is 8 words, of which + mf_call inv_mix_col ; the top four require modification + mov [esi-48],eax + mov edx,[esi-44] + mf_call inv_mix_col + mov [esi-44],eax + mov edx,[esi-40] + mf_call inv_mix_col + mov [esi-40],eax + mov edx,[esi-36] + mf_call inv_mix_col + mov [esi-36],eax + + mov edx,[esi-32] ; the encryption key expansion cycle is + mf_call inv_mix_col ; now eight words long so we need to + mov [esi-32],eax ; start by doing one complete block + mov edx,[esi-28] + mf_call inv_mix_col + mov [esi-28],eax + mov edx,[esi-24] + mf_call inv_mix_col + mov [esi-24],eax + mov edx,[esi-20] + mf_call inv_mix_col + mov [esi-20],eax + mov edx,[esi-16] + mf_call inv_mix_col + mov [esi-16],eax + mov edx,[esi-12] + mf_call inv_mix_col + mov [esi-12],eax + mov edx,[esi-8] + mf_call inv_mix_col + mov [esi-8],eax + mov edx,[esi-4] + mf_call inv_mix_col + mov [esi-4],eax + +.0: mov edx,[esi] ; we can now speed up the remaining + mf_call inv_mix_col ; rounds by using the technique + mov [esi],eax ; outlined earlier. But note that + xor eax,[esi-28] ; there is one extra inverse mix + mov [esi+4],eax ; column operation as the 256 bit + xor eax,[esi-24] ; key has an extra non-linear step + mov [esi+8],eax ; for the midway element. + xor eax,[esi-20] + mov [esi+12],eax ; the expanded key is 15 * 4 = 60 + mov edx,[esi+16] ; 32-bit words of which 52 need to + mf_call inv_mix_col ; be modified. We have already done + mov [esi+16],eax ; 12 so 40 are left - which means + xor eax,[esi-12] ; that we need exactly 5 loops of 8 + mov [esi+20],eax + xor eax,[esi-8] + mov [esi+24],eax + xor eax,[esi-4] + mov [esi+28],eax + add esi,32 + cmp edi,esi + jg .0 + +%endif + +dec_end: + +%ifdef AES_REV_DKS + + movzx esi,word [esp+20] ; this reverses the order of the +.1: mov eax,[esi] ; round keys if required + mov ebx,[esi+4] + mov ebp,[edi] + mov edx,[edi+4] + mov [esi],ebp + mov [esi+4],edx + mov [edi],eax + mov [edi+4],ebx + + mov eax,[esi+8] + mov ebx,[esi+12] + mov ebp,[edi+8] + mov edx,[edi+12] + mov [esi+8],ebp + mov [esi+12],edx + mov [edi+8],eax + mov [edi+12],ebx + + add esi,16 + sub edi,16 + cmp edi,esi + jg .1 + +%endif + + pop edi + pop esi + pop ebx + pop ebp + xor eax,eax + do_exit 8 + +%ifdef AES_VAR + + do_name _aes_decrypt_key,12 + + mov ecx,[esp+4] + mov eax,[esp+8] + mov edx,[esp+12] + push edx + push ecx + + cmp eax,16 + je .1 + cmp eax,128 + je .1 + + cmp eax,24 + je .2 + cmp eax,192 + je .2 + + cmp eax,32 + je .3 + cmp eax,256 + je .3 + mov eax,-1 + add esp,8 + do_exit 12 + +.1: do_call _aes_decrypt_key128,8 + do_exit 12 +.2: do_call _aes_decrypt_key192,8 + do_exit 12 +.3: do_call _aes_decrypt_key256,8 + do_exit 12 + +%endif + +%endif + +%ifdef DECRYPTION_TABLE + +; Inverse S-box data - 256 entries + + section _DATA + +%define v8(x) fe(x), f9(x), fd(x), fb(x), fe(x), f9(x), fd(x), x + +_aes_dec_tab: + db v8(0x52),v8(0x09),v8(0x6a),v8(0xd5),v8(0x30),v8(0x36),v8(0xa5),v8(0x38) + db v8(0xbf),v8(0x40),v8(0xa3),v8(0x9e),v8(0x81),v8(0xf3),v8(0xd7),v8(0xfb) + db v8(0x7c),v8(0xe3),v8(0x39),v8(0x82),v8(0x9b),v8(0x2f),v8(0xff),v8(0x87) + db v8(0x34),v8(0x8e),v8(0x43),v8(0x44),v8(0xc4),v8(0xde),v8(0xe9),v8(0xcb) + db v8(0x54),v8(0x7b),v8(0x94),v8(0x32),v8(0xa6),v8(0xc2),v8(0x23),v8(0x3d) + db v8(0xee),v8(0x4c),v8(0x95),v8(0x0b),v8(0x42),v8(0xfa),v8(0xc3),v8(0x4e) + db v8(0x08),v8(0x2e),v8(0xa1),v8(0x66),v8(0x28),v8(0xd9),v8(0x24),v8(0xb2) + db v8(0x76),v8(0x5b),v8(0xa2),v8(0x49),v8(0x6d),v8(0x8b),v8(0xd1),v8(0x25) + db v8(0x72),v8(0xf8),v8(0xf6),v8(0x64),v8(0x86),v8(0x68),v8(0x98),v8(0x16) + db v8(0xd4),v8(0xa4),v8(0x5c),v8(0xcc),v8(0x5d),v8(0x65),v8(0xb6),v8(0x92) + db v8(0x6c),v8(0x70),v8(0x48),v8(0x50),v8(0xfd),v8(0xed),v8(0xb9),v8(0xda) + db v8(0x5e),v8(0x15),v8(0x46),v8(0x57),v8(0xa7),v8(0x8d),v8(0x9d),v8(0x84) + db v8(0x90),v8(0xd8),v8(0xab),v8(0x00),v8(0x8c),v8(0xbc),v8(0xd3),v8(0x0a) + db v8(0xf7),v8(0xe4),v8(0x58),v8(0x05),v8(0xb8),v8(0xb3),v8(0x45),v8(0x06) + db v8(0xd0),v8(0x2c),v8(0x1e),v8(0x8f),v8(0xca),v8(0x3f),v8(0x0f),v8(0x02) + db v8(0xc1),v8(0xaf),v8(0xbd),v8(0x03),v8(0x01),v8(0x13),v8(0x8a),v8(0x6b) + db v8(0x3a),v8(0x91),v8(0x11),v8(0x41),v8(0x4f),v8(0x67),v8(0xdc),v8(0xea) + db v8(0x97),v8(0xf2),v8(0xcf),v8(0xce),v8(0xf0),v8(0xb4),v8(0xe6),v8(0x73) + db v8(0x96),v8(0xac),v8(0x74),v8(0x22),v8(0xe7),v8(0xad),v8(0x35),v8(0x85) + db v8(0xe2),v8(0xf9),v8(0x37),v8(0xe8),v8(0x1c),v8(0x75),v8(0xdf),v8(0x6e) + db v8(0x47),v8(0xf1),v8(0x1a),v8(0x71),v8(0x1d),v8(0x29),v8(0xc5),v8(0x89) + db v8(0x6f),v8(0xb7),v8(0x62),v8(0x0e),v8(0xaa),v8(0x18),v8(0xbe),v8(0x1b) + db v8(0xfc),v8(0x56),v8(0x3e),v8(0x4b),v8(0xc6),v8(0xd2),v8(0x79),v8(0x20) + db v8(0x9a),v8(0xdb),v8(0xc0),v8(0xfe),v8(0x78),v8(0xcd),v8(0x5a),v8(0xf4) + db v8(0x1f),v8(0xdd),v8(0xa8),v8(0x33),v8(0x88),v8(0x07),v8(0xc7),v8(0x31) + db v8(0xb1),v8(0x12),v8(0x10),v8(0x59),v8(0x27),v8(0x80),v8(0xec),v8(0x5f) + db v8(0x60),v8(0x51),v8(0x7f),v8(0xa9),v8(0x19),v8(0xb5),v8(0x4a),v8(0x0d) + db v8(0x2d),v8(0xe5),v8(0x7a),v8(0x9f),v8(0x93),v8(0xc9),v8(0x9c),v8(0xef) + db v8(0xa0),v8(0xe0),v8(0x3b),v8(0x4d),v8(0xae),v8(0x2a),v8(0xf5),v8(0xb0) + db v8(0xc8),v8(0xeb),v8(0xbb),v8(0x3c),v8(0x83),v8(0x53),v8(0x99),v8(0x61) + db v8(0x17),v8(0x2b),v8(0x04),v8(0x7e),v8(0xba),v8(0x77),v8(0xd6),v8(0x26) + db v8(0xe1),v8(0x69),v8(0x14),v8(0x63),v8(0x55),v8(0x21),v8(0x0c),v8(0x7d) + +%endif diff --git a/src/Crypto/Aes_hw_cpu.asm b/src/Crypto/Aes_hw_cpu.asm index 64c3bad8..53852665 100644 --- a/src/Crypto/Aes_hw_cpu.asm +++ b/src/Crypto/Aes_hw_cpu.asm @@ -1,330 +1,330 @@ -; -; Copyright (c) 2010 TrueCrypt Developers Association. All rights reserved. -; -; Governed by the TrueCrypt License 3.0 the full text of which is contained in -; the file License.txt included in TrueCrypt binary and source code distribution -; packages. -; - - -%ifidn __BITS__, 16 - %define R e -%elifidn __BITS__, 32 - %define R e -%elifidn __BITS__, 64 - %define R r -%endif - - -%macro export_function 1-2 0 - - %ifdef MS_STDCALL - global %1@%2 - export _%1@%2 - %1@%2: - %elifidn __BITS__, 16 - global _%1 - _%1: - %else - global %1 - %1: - %endif - -%endmacro - - -%macro aes_function_entry 1 - - ; void (const byte *ks, byte *data); - - export_function %1, 8 - - %ifidn __BITS__, 32 - mov ecx, [esp + 4 + 4 * 0] - mov edx, [esp + 4 + 4 * 1] - %elifidn __BITS__, 64 - %ifnidn __OUTPUT_FORMAT__, win64 - mov rcx, rdi - mov rdx, rsi - %endif - %endif - - ; ecx/rcx = ks - ; edx/rdx = data - -%endmacro - - -%macro aes_function_exit 0 - - ; void (const byte *, byte *); - - %ifdef MS_STDCALL - ret 8 - %else - ret - %endif - -%endmacro - - -%macro push_xmm 2 - sub rsp, 16 * (%2 - %1 + 1) - - %assign stackoffset 0 - %assign regnumber %1 - - %rep (%2 - %1 + 1) - movdqu [rsp + 16 * stackoffset], xmm%[regnumber] - - %assign stackoffset stackoffset+1 - %assign regnumber regnumber+1 - %endrep -%endmacro - - -%macro pop_xmm 2 - %assign stackoffset 0 - %assign regnumber %1 - - %rep (%2 - %1 + 1) - movdqu xmm%[regnumber], [rsp + 16 * stackoffset] - - %assign stackoffset stackoffset+1 - %assign regnumber regnumber+1 - %endrep - - add rsp, 16 * (%2 - %1 + 1) -%endmacro - - -%macro aes_hw_cpu 2 - %define OPERATION %1 - %define BLOCK_COUNT %2 - - ; Load data blocks - %assign block 1 - %rep BLOCK_COUNT - movdqu xmm%[block], [%[R]dx + 16 * (block - 1)] - %assign block block+1 - %endrep - - ; Encrypt/decrypt data blocks - %assign round 0 - %rep 15 - movdqu xmm0, [%[R]cx + 16 * round] - - %assign block 1 - %rep BLOCK_COUNT - - %if round = 0 - pxor xmm%[block], xmm0 - %else - %if round < 14 - aes%[OPERATION] xmm%[block], xmm0 - %else - aes%[OPERATION]last xmm%[block], xmm0 - %endif - %endif - - %assign block block+1 - %endrep - - %assign round round+1 - %endrep - - ; Store data blocks - %assign block 1 - %rep BLOCK_COUNT - movdqu [%[R]dx + 16 * (block - 1)], xmm%[block] - %assign block block+1 - %endrep - - %undef OPERATION - %undef BLOCK_COUNT -%endmacro - - -%macro aes_hw_cpu_32_blocks 1 - %define OPERATION_32_BLOCKS %1 - - %ifidn __BITS__, 64 - %define MAX_REG_BLOCK_COUNT 15 - %else - %define MAX_REG_BLOCK_COUNT 7 - %endif - - %ifidn __OUTPUT_FORMAT__, win64 - %if MAX_REG_BLOCK_COUNT > 5 - push_xmm 6, MAX_REG_BLOCK_COUNT - %endif - %endif - - mov eax, 32 / MAX_REG_BLOCK_COUNT - .1: - aes_hw_cpu %[OPERATION_32_BLOCKS], MAX_REG_BLOCK_COUNT - - add %[R]dx, 16 * MAX_REG_BLOCK_COUNT - dec eax - jnz .1 - - %if (32 % MAX_REG_BLOCK_COUNT) != 0 - aes_hw_cpu %[OPERATION_32_BLOCKS], (32 % MAX_REG_BLOCK_COUNT) - %endif - - %ifidn __OUTPUT_FORMAT__, win64 - %if MAX_REG_BLOCK_COUNT > 5 - pop_xmm 6, MAX_REG_BLOCK_COUNT - %endif - %endif - - %undef OPERATION_32_BLOCKS - %undef MAX_REG_BLOCK_COUNT -%endmacro - - -%ifidn __BITS__, 16 - - USE16 - SEGMENT _TEXT PUBLIC CLASS=CODE USE16 - SEGMENT _DATA PUBLIC CLASS=DATA USE16 - GROUP DGROUP _TEXT _DATA - SECTION _TEXT - -%else - - SECTION .text - -%endif - - -; void aes_hw_cpu_enable_sse (); - - export_function aes_hw_cpu_enable_sse - mov %[R]ax, cr4 - or ax, 1 << 9 - mov cr4, %[R]ax - ret - - -%ifidn __BITS__, 16 - - -; byte is_aes_hw_cpu_supported (); - - export_function is_aes_hw_cpu_supported - mov eax, 1 - cpuid - mov eax, ecx - shr eax, 25 - and al, 1 - ret - - -; void aes_hw_cpu_decrypt (const byte *ks, byte *data); - - export_function aes_hw_cpu_decrypt - mov ax, -16 - jmp aes_hw_cpu_encrypt_decrypt - -; void aes_hw_cpu_encrypt (const byte *ks, byte *data); - - export_function aes_hw_cpu_encrypt - mov ax, 16 - - aes_hw_cpu_encrypt_decrypt: - push bp - mov bp, sp - push di - push si - - mov si, [bp + 4] ; ks - mov di, [bp + 4 + 2] ; data - - movdqu xmm0, [si] - movdqu xmm1, [di] - - pxor xmm1, xmm0 - - mov cx, 13 - - .round1_13: - add si, ax - movdqu xmm0, [si] - - cmp ax, 0 - jl .decrypt - - aesenc xmm1, xmm0 - jmp .2 - .decrypt: - aesdec xmm1, xmm0 - .2: - loop .round1_13 - - add si, ax - movdqu xmm0, [si] - - cmp ax, 0 - jl .decrypt_last - - aesenclast xmm1, xmm0 - jmp .3 - .decrypt_last: - aesdeclast xmm1, xmm0 - .3: - movdqu [di], xmm1 - - pop si - pop di - pop bp - ret - - -%else ; __BITS__ != 16 - - -; byte is_aes_hw_cpu_supported (); - - export_function is_aes_hw_cpu_supported - push %[R]bx - - mov eax, 1 - cpuid - mov eax, ecx - shr eax, 25 - and eax, 1 - - pop %[R]bx - ret - - -; void aes_hw_cpu_decrypt (const byte *ks, byte *data); - - aes_function_entry aes_hw_cpu_decrypt - aes_hw_cpu dec, 1 - aes_function_exit - - -; void aes_hw_cpu_decrypt_32_blocks (const byte *ks, byte *data); - - aes_function_entry aes_hw_cpu_decrypt_32_blocks - aes_hw_cpu_32_blocks dec - aes_function_exit - - -; void aes_hw_cpu_encrypt (const byte *ks, byte *data); - - aes_function_entry aes_hw_cpu_encrypt - aes_hw_cpu enc, 1 - aes_function_exit - - -; void aes_hw_cpu_encrypt_32_blocks (const byte *ks, byte *data); - - aes_function_entry aes_hw_cpu_encrypt_32_blocks - aes_hw_cpu_32_blocks enc - aes_function_exit - - -%endif ; __BITS__ != 16 +; +; Copyright (c) 2010 TrueCrypt Developers Association. All rights reserved. +; +; Governed by the TrueCrypt License 3.0 the full text of which is contained in +; the file License.txt included in TrueCrypt binary and source code distribution +; packages. +; + + +%ifidn __BITS__, 16 + %define R e +%elifidn __BITS__, 32 + %define R e +%elifidn __BITS__, 64 + %define R r +%endif + + +%macro export_function 1-2 0 + + %ifdef MS_STDCALL + global %1@%2 + export _%1@%2 + %1@%2: + %elifidn __BITS__, 16 + global _%1 + _%1: + %else + global %1 + %1: + %endif + +%endmacro + + +%macro aes_function_entry 1 + + ; void (const byte *ks, byte *data); + + export_function %1, 8 + + %ifidn __BITS__, 32 + mov ecx, [esp + 4 + 4 * 0] + mov edx, [esp + 4 + 4 * 1] + %elifidn __BITS__, 64 + %ifnidn __OUTPUT_FORMAT__, win64 + mov rcx, rdi + mov rdx, rsi + %endif + %endif + + ; ecx/rcx = ks + ; edx/rdx = data + +%endmacro + + +%macro aes_function_exit 0 + + ; void (const byte *, byte *); + + %ifdef MS_STDCALL + ret 8 + %else + ret + %endif + +%endmacro + + +%macro push_xmm 2 + sub rsp, 16 * (%2 - %1 + 1) + + %assign stackoffset 0 + %assign regnumber %1 + + %rep (%2 - %1 + 1) + movdqu [rsp + 16 * stackoffset], xmm%[regnumber] + + %assign stackoffset stackoffset+1 + %assign regnumber regnumber+1 + %endrep +%endmacro + + +%macro pop_xmm 2 + %assign stackoffset 0 + %assign regnumber %1 + + %rep (%2 - %1 + 1) + movdqu xmm%[regnumber], [rsp + 16 * stackoffset] + + %assign stackoffset stackoffset+1 + %assign regnumber regnumber+1 + %endrep + + add rsp, 16 * (%2 - %1 + 1) +%endmacro + + +%macro aes_hw_cpu 2 + %define OPERATION %1 + %define BLOCK_COUNT %2 + + ; Load data blocks + %assign block 1 + %rep BLOCK_COUNT + movdqu xmm%[block], [%[R]dx + 16 * (block - 1)] + %assign block block+1 + %endrep + + ; Encrypt/decrypt data blocks + %assign round 0 + %rep 15 + movdqu xmm0, [%[R]cx + 16 * round] + + %assign block 1 + %rep BLOCK_COUNT + + %if round = 0 + pxor xmm%[block], xmm0 + %else + %if round < 14 + aes%[OPERATION] xmm%[block], xmm0 + %else + aes%[OPERATION]last xmm%[block], xmm0 + %endif + %endif + + %assign block block+1 + %endrep + + %assign round round+1 + %endrep + + ; Store data blocks + %assign block 1 + %rep BLOCK_COUNT + movdqu [%[R]dx + 16 * (block - 1)], xmm%[block] + %assign block block+1 + %endrep + + %undef OPERATION + %undef BLOCK_COUNT +%endmacro + + +%macro aes_hw_cpu_32_blocks 1 + %define OPERATION_32_BLOCKS %1 + + %ifidn __BITS__, 64 + %define MAX_REG_BLOCK_COUNT 15 + %else + %define MAX_REG_BLOCK_COUNT 7 + %endif + + %ifidn __OUTPUT_FORMAT__, win64 + %if MAX_REG_BLOCK_COUNT > 5 + push_xmm 6, MAX_REG_BLOCK_COUNT + %endif + %endif + + mov eax, 32 / MAX_REG_BLOCK_COUNT + .1: + aes_hw_cpu %[OPERATION_32_BLOCKS], MAX_REG_BLOCK_COUNT + + add %[R]dx, 16 * MAX_REG_BLOCK_COUNT + dec eax + jnz .1 + + %if (32 % MAX_REG_BLOCK_COUNT) != 0 + aes_hw_cpu %[OPERATION_32_BLOCKS], (32 % MAX_REG_BLOCK_COUNT) + %endif + + %ifidn __OUTPUT_FORMAT__, win64 + %if MAX_REG_BLOCK_COUNT > 5 + pop_xmm 6, MAX_REG_BLOCK_COUNT + %endif + %endif + + %undef OPERATION_32_BLOCKS + %undef MAX_REG_BLOCK_COUNT +%endmacro + + +%ifidn __BITS__, 16 + + USE16 + SEGMENT _TEXT PUBLIC CLASS=CODE USE16 + SEGMENT _DATA PUBLIC CLASS=DATA USE16 + GROUP DGROUP _TEXT _DATA + SECTION _TEXT + +%else + + SECTION .text + +%endif + + +; void aes_hw_cpu_enable_sse (); + + export_function aes_hw_cpu_enable_sse + mov %[R]ax, cr4 + or ax, 1 << 9 + mov cr4, %[R]ax + ret + + +%ifidn __BITS__, 16 + + +; byte is_aes_hw_cpu_supported (); + + export_function is_aes_hw_cpu_supported + mov eax, 1 + cpuid + mov eax, ecx + shr eax, 25 + and al, 1 + ret + + +; void aes_hw_cpu_decrypt (const byte *ks, byte *data); + + export_function aes_hw_cpu_decrypt + mov ax, -16 + jmp aes_hw_cpu_encrypt_decrypt + +; void aes_hw_cpu_encrypt (const byte *ks, byte *data); + + export_function aes_hw_cpu_encrypt + mov ax, 16 + + aes_hw_cpu_encrypt_decrypt: + push bp + mov bp, sp + push di + push si + + mov si, [bp + 4] ; ks + mov di, [bp + 4 + 2] ; data + + movdqu xmm0, [si] + movdqu xmm1, [di] + + pxor xmm1, xmm0 + + mov cx, 13 + + .round1_13: + add si, ax + movdqu xmm0, [si] + + cmp ax, 0 + jl .decrypt + + aesenc xmm1, xmm0 + jmp .2 + .decrypt: + aesdec xmm1, xmm0 + .2: + loop .round1_13 + + add si, ax + movdqu xmm0, [si] + + cmp ax, 0 + jl .decrypt_last + + aesenclast xmm1, xmm0 + jmp .3 + .decrypt_last: + aesdeclast xmm1, xmm0 + .3: + movdqu [di], xmm1 + + pop si + pop di + pop bp + ret + + +%else ; __BITS__ != 16 + + +; byte is_aes_hw_cpu_supported (); + + export_function is_aes_hw_cpu_supported + push %[R]bx + + mov eax, 1 + cpuid + mov eax, ecx + shr eax, 25 + and eax, 1 + + pop %[R]bx + ret + + +; void aes_hw_cpu_decrypt (const byte *ks, byte *data); + + aes_function_entry aes_hw_cpu_decrypt + aes_hw_cpu dec, 1 + aes_function_exit + + +; void aes_hw_cpu_decrypt_32_blocks (const byte *ks, byte *data); + + aes_function_entry aes_hw_cpu_decrypt_32_blocks + aes_hw_cpu_32_blocks dec + aes_function_exit + + +; void aes_hw_cpu_encrypt (const byte *ks, byte *data); + + aes_function_entry aes_hw_cpu_encrypt + aes_hw_cpu enc, 1 + aes_function_exit + + +; void aes_hw_cpu_encrypt_32_blocks (const byte *ks, byte *data); + + aes_function_entry aes_hw_cpu_encrypt_32_blocks + aes_hw_cpu_32_blocks enc + aes_function_exit + + +%endif ; __BITS__ != 16 diff --git a/src/Crypto/Aes_hw_cpu.h b/src/Crypto/Aes_hw_cpu.h index 2342b4c5..e2fed1a1 100644 --- a/src/Crypto/Aes_hw_cpu.h +++ b/src/Crypto/Aes_hw_cpu.h @@ -8,27 +8,27 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Crypto_Aes_Hw_Cpu -#define TC_HEADER_Crypto_Aes_Hw_Cpu - -#include "Common/Tcdefs.h" - -#if defined(__cplusplus) -extern "C" -{ -#endif - -byte is_aes_hw_cpu_supported (); -void aes_hw_cpu_enable_sse (); -void aes_hw_cpu_decrypt (const byte *ks, byte *data); -void aes_hw_cpu_decrypt_32_blocks (const byte *ks, byte *data); -void aes_hw_cpu_encrypt (const byte *ks, byte *data); -void aes_hw_cpu_encrypt_32_blocks (const byte *ks, byte *data); - -#if defined(__cplusplus) -} -#endif - -#endif // TC_HEADER_Crypto_Aes_Hw_Cpu +*/ + +#ifndef TC_HEADER_Crypto_Aes_Hw_Cpu +#define TC_HEADER_Crypto_Aes_Hw_Cpu + +#include "Common/Tcdefs.h" + +#if defined(__cplusplus) +extern "C" +{ +#endif + +byte is_aes_hw_cpu_supported (); +void aes_hw_cpu_enable_sse (); +void aes_hw_cpu_decrypt (const byte *ks, byte *data); +void aes_hw_cpu_decrypt_32_blocks (const byte *ks, byte *data); +void aes_hw_cpu_encrypt (const byte *ks, byte *data); +void aes_hw_cpu_encrypt_32_blocks (const byte *ks, byte *data); + +#if defined(__cplusplus) +} +#endif + +#endif // TC_HEADER_Crypto_Aes_Hw_Cpu diff --git a/src/Crypto/Aes_x64.asm b/src/Crypto/Aes_x64.asm index b29fdcac..06d57ac2 100644 --- a/src/Crypto/Aes_x64.asm +++ b/src/Crypto/Aes_x64.asm @@ -1,907 +1,907 @@ - -; --------------------------------------------------------------------------- -; Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. -; -; LICENSE TERMS -; -; The free distribution and use of this software is allowed (with or without -; changes) provided that: -; -; 1. source code distributions include the above copyright notice, this -; list of conditions and the following disclaimer; -; -; 2. binary distributions include the above copyright notice, this list -; of conditions and the following disclaimer in their documentation; -; -; 3. the name of the copyright holder is not used to endorse products -; built using this software without specific written permission. -; -; DISCLAIMER -; -; This software is provided 'as is' with no explicit or implied warranties -; in respect of its properties, including, but not limited to, correctness -; and/or fitness for purpose. -; --------------------------------------------------------------------------- -; Issue 20/12/2007 -; -; I am grateful to Dag Arne Osvik for many discussions of the techniques that -; can be used to optimise AES assembler code on AMD64/EM64T architectures. -; Some of the techniques used in this implementation are the result of -; suggestions made by him for which I am most grateful. - -; -; Adapted for TrueCrypt: -; - Compatibility with NASM -; - -; An AES implementation for AMD64 processors using the YASM assembler. This -; implemetation provides only encryption, decryption and hence requires key -; scheduling support in C. It uses 8k bytes of tables but its encryption and -; decryption performance is very close to that obtained using large tables. -; It can use either Windows or Gnu/Linux calling conventions, which are as -; follows: -; windows gnu/linux -; -; in_blk rcx rdi -; out_blk rdx rsi -; context (cx) r8 rdx -; -; preserved rsi - + rbx, rbp, rsp, r12, r13, r14 & r15 -; registers rdi - on both -; -; destroyed - rsi + rax, rcx, rdx, r8, r9, r10 & r11 -; registers - rdi on both -; -; The default convention is that for windows, the gnu/linux convention being -; used if __GNUC__ is defined. -; -; Define _SEH_ to include support for Win64 structured exception handling -; (this requires YASM version 0.6 or later). -; -; This code provides the standard AES block size (128 bits, 16 bytes) and the -; three standard AES key sizes (128, 192 and 256 bits). It has the same call -; interface as my C implementation. It uses the Microsoft C AMD64 calling -; conventions in which the three parameters are placed in rcx, rdx and r8 -; respectively. The rbx, rsi, rdi, rbp and r12..r15 registers are preserved. -; -; AES_RETURN aes_encrypt(const unsigned char in_blk[], -; unsigned char out_blk[], const aes_encrypt_ctx cx[1]); -; -; AES_RETURN aes_decrypt(const unsigned char in_blk[], -; unsigned char out_blk[], const aes_decrypt_ctx cx[1]); -; -; AES_RETURN aes_encrypt_key(const unsigned char key[], -; const aes_encrypt_ctx cx[1]); -; -; AES_RETURN aes_decrypt_key(const unsigned char key[], -; const aes_decrypt_ctx cx[1]); -; -; AES_RETURN aes_encrypt_key(const unsigned char key[], -; unsigned int len, const aes_decrypt_ctx cx[1]); -; -; AES_RETURN aes_decrypt_key(const unsigned char key[], -; unsigned int len, const aes_decrypt_ctx cx[1]); -; -; where is 128, 102 or 256. In the last two calls the length can be in -; either bits or bytes. -; -; Comment in/out the following lines to obtain the desired subroutines. These -; selections MUST match those in the C header file aes.h - -; %define AES_128 ; define if AES with 128 bit keys is needed -; %define AES_192 ; define if AES with 192 bit keys is needed -%define AES_256 ; define if AES with 256 bit keys is needed -; %define AES_VAR ; define if a variable key size is needed -%define ENCRYPTION ; define if encryption is needed -%define DECRYPTION ; define if decryption is needed -%define AES_REV_DKS ; define if key decryption schedule is reversed -%define LAST_ROUND_TABLES ; define for the faster version using extra tables - -; The encryption key schedule has the following in memory layout where N is the -; number of rounds (10, 12 or 14): -; -; lo: | input key (round 0) | ; each round is four 32-bit words -; | encryption round 1 | -; | encryption round 2 | -; .... -; | encryption round N-1 | -; hi: | encryption round N | -; -; The decryption key schedule is normally set up so that it has the same -; layout as above by actually reversing the order of the encryption key -; schedule in memory (this happens when AES_REV_DKS is set): -; -; lo: | decryption round 0 | = | encryption round N | -; | decryption round 1 | = INV_MIX_COL[ | encryption round N-1 | ] -; | decryption round 2 | = INV_MIX_COL[ | encryption round N-2 | ] -; .... .... -; | decryption round N-1 | = INV_MIX_COL[ | encryption round 1 | ] -; hi: | decryption round N | = | input key (round 0) | -; -; with rounds except the first and last modified using inv_mix_column() -; But if AES_REV_DKS is NOT set the order of keys is left as it is for -; encryption so that it has to be accessed in reverse when used for -; decryption (although the inverse mix column modifications are done) -; -; lo: | decryption round 0 | = | input key (round 0) | -; | decryption round 1 | = INV_MIX_COL[ | encryption round 1 | ] -; | decryption round 2 | = INV_MIX_COL[ | encryption round 2 | ] -; .... .... -; | decryption round N-1 | = INV_MIX_COL[ | encryption round N-1 | ] -; hi: | decryption round N | = | encryption round N | -; -; This layout is faster when the assembler key scheduling provided here -; is used. -; -; The DLL interface must use the _stdcall convention in which the number -; of bytes of parameter space is added after an @ to the sutine's name. -; We must also remove our parameters from the stack before return (see -; the do_exit macro). Define DLL_EXPORT for the Dynamic Link Library version. - -;%define DLL_EXPORT - -; End of user defines - -%ifdef AES_VAR -%ifndef AES_128 -%define AES_128 -%endif -%ifndef AES_192 -%define AES_192 -%endif -%ifndef AES_256 -%define AES_256 -%endif -%endif - -%ifdef AES_VAR -%define KS_LENGTH 60 -%elifdef AES_256 -%define KS_LENGTH 60 -%elifdef AES_192 -%define KS_LENGTH 52 -%else -%define KS_LENGTH 44 -%endif - -%define r0 rax -%define r1 rdx -%define r2 rcx -%define r3 rbx -%define r4 rsi -%define r5 rdi -%define r6 rbp -%define r7 rsp - -%define raxd eax -%define rdxd edx -%define rcxd ecx -%define rbxd ebx -%define rsid esi -%define rdid edi -%define rbpd ebp -%define rspd esp - -%define raxb al -%define rdxb dl -%define rcxb cl -%define rbxb bl -%define rsib sil -%define rdib dil -%define rbpb bpl -%define rspb spl - -%define r0h ah -%define r1h dh -%define r2h ch -%define r3h bh - -%define r0d eax -%define r1d edx -%define r2d ecx -%define r3d ebx - -; finite field multiplies by {02}, {04} and {08} - -%define f2(x) ((x<<1)^(((x>>7)&1)*0x11b)) -%define f4(x) ((x<<2)^(((x>>6)&1)*0x11b)^(((x>>6)&2)*0x11b)) -%define f8(x) ((x<<3)^(((x>>5)&1)*0x11b)^(((x>>5)&2)*0x11b)^(((x>>5)&4)*0x11b)) - -; finite field multiplies required in table generation - -%define f3(x) (f2(x) ^ x) -%define f9(x) (f8(x) ^ x) -%define fb(x) (f8(x) ^ f2(x) ^ x) -%define fd(x) (f8(x) ^ f4(x) ^ x) -%define fe(x) (f8(x) ^ f4(x) ^ f2(x)) - -; macro for expanding S-box data - -%macro enc_vals 1 - db %1(0x63),%1(0x7c),%1(0x77),%1(0x7b),%1(0xf2),%1(0x6b),%1(0x6f),%1(0xc5) - db %1(0x30),%1(0x01),%1(0x67),%1(0x2b),%1(0xfe),%1(0xd7),%1(0xab),%1(0x76) - db %1(0xca),%1(0x82),%1(0xc9),%1(0x7d),%1(0xfa),%1(0x59),%1(0x47),%1(0xf0) - db %1(0xad),%1(0xd4),%1(0xa2),%1(0xaf),%1(0x9c),%1(0xa4),%1(0x72),%1(0xc0) - db %1(0xb7),%1(0xfd),%1(0x93),%1(0x26),%1(0x36),%1(0x3f),%1(0xf7),%1(0xcc) - db %1(0x34),%1(0xa5),%1(0xe5),%1(0xf1),%1(0x71),%1(0xd8),%1(0x31),%1(0x15) - db %1(0x04),%1(0xc7),%1(0x23),%1(0xc3),%1(0x18),%1(0x96),%1(0x05),%1(0x9a) - db %1(0x07),%1(0x12),%1(0x80),%1(0xe2),%1(0xeb),%1(0x27),%1(0xb2),%1(0x75) - db %1(0x09),%1(0x83),%1(0x2c),%1(0x1a),%1(0x1b),%1(0x6e),%1(0x5a),%1(0xa0) - db %1(0x52),%1(0x3b),%1(0xd6),%1(0xb3),%1(0x29),%1(0xe3),%1(0x2f),%1(0x84) - db %1(0x53),%1(0xd1),%1(0x00),%1(0xed),%1(0x20),%1(0xfc),%1(0xb1),%1(0x5b) - db %1(0x6a),%1(0xcb),%1(0xbe),%1(0x39),%1(0x4a),%1(0x4c),%1(0x58),%1(0xcf) - db %1(0xd0),%1(0xef),%1(0xaa),%1(0xfb),%1(0x43),%1(0x4d),%1(0x33),%1(0x85) - db %1(0x45),%1(0xf9),%1(0x02),%1(0x7f),%1(0x50),%1(0x3c),%1(0x9f),%1(0xa8) - db %1(0x51),%1(0xa3),%1(0x40),%1(0x8f),%1(0x92),%1(0x9d),%1(0x38),%1(0xf5) - db %1(0xbc),%1(0xb6),%1(0xda),%1(0x21),%1(0x10),%1(0xff),%1(0xf3),%1(0xd2) - db %1(0xcd),%1(0x0c),%1(0x13),%1(0xec),%1(0x5f),%1(0x97),%1(0x44),%1(0x17) - db %1(0xc4),%1(0xa7),%1(0x7e),%1(0x3d),%1(0x64),%1(0x5d),%1(0x19),%1(0x73) - db %1(0x60),%1(0x81),%1(0x4f),%1(0xdc),%1(0x22),%1(0x2a),%1(0x90),%1(0x88) - db %1(0x46),%1(0xee),%1(0xb8),%1(0x14),%1(0xde),%1(0x5e),%1(0x0b),%1(0xdb) - db %1(0xe0),%1(0x32),%1(0x3a),%1(0x0a),%1(0x49),%1(0x06),%1(0x24),%1(0x5c) - db %1(0xc2),%1(0xd3),%1(0xac),%1(0x62),%1(0x91),%1(0x95),%1(0xe4),%1(0x79) - db %1(0xe7),%1(0xc8),%1(0x37),%1(0x6d),%1(0x8d),%1(0xd5),%1(0x4e),%1(0xa9) - db %1(0x6c),%1(0x56),%1(0xf4),%1(0xea),%1(0x65),%1(0x7a),%1(0xae),%1(0x08) - db %1(0xba),%1(0x78),%1(0x25),%1(0x2e),%1(0x1c),%1(0xa6),%1(0xb4),%1(0xc6) - db %1(0xe8),%1(0xdd),%1(0x74),%1(0x1f),%1(0x4b),%1(0xbd),%1(0x8b),%1(0x8a) - db %1(0x70),%1(0x3e),%1(0xb5),%1(0x66),%1(0x48),%1(0x03),%1(0xf6),%1(0x0e) - db %1(0x61),%1(0x35),%1(0x57),%1(0xb9),%1(0x86),%1(0xc1),%1(0x1d),%1(0x9e) - db %1(0xe1),%1(0xf8),%1(0x98),%1(0x11),%1(0x69),%1(0xd9),%1(0x8e),%1(0x94) - db %1(0x9b),%1(0x1e),%1(0x87),%1(0xe9),%1(0xce),%1(0x55),%1(0x28),%1(0xdf) - db %1(0x8c),%1(0xa1),%1(0x89),%1(0x0d),%1(0xbf),%1(0xe6),%1(0x42),%1(0x68) - db %1(0x41),%1(0x99),%1(0x2d),%1(0x0f),%1(0xb0),%1(0x54),%1(0xbb),%1(0x16) -%endmacro - -%macro dec_vals 1 - db %1(0x52),%1(0x09),%1(0x6a),%1(0xd5),%1(0x30),%1(0x36),%1(0xa5),%1(0x38) - db %1(0xbf),%1(0x40),%1(0xa3),%1(0x9e),%1(0x81),%1(0xf3),%1(0xd7),%1(0xfb) - db %1(0x7c),%1(0xe3),%1(0x39),%1(0x82),%1(0x9b),%1(0x2f),%1(0xff),%1(0x87) - db %1(0x34),%1(0x8e),%1(0x43),%1(0x44),%1(0xc4),%1(0xde),%1(0xe9),%1(0xcb) - db %1(0x54),%1(0x7b),%1(0x94),%1(0x32),%1(0xa6),%1(0xc2),%1(0x23),%1(0x3d) - db %1(0xee),%1(0x4c),%1(0x95),%1(0x0b),%1(0x42),%1(0xfa),%1(0xc3),%1(0x4e) - db %1(0x08),%1(0x2e),%1(0xa1),%1(0x66),%1(0x28),%1(0xd9),%1(0x24),%1(0xb2) - db %1(0x76),%1(0x5b),%1(0xa2),%1(0x49),%1(0x6d),%1(0x8b),%1(0xd1),%1(0x25) - db %1(0x72),%1(0xf8),%1(0xf6),%1(0x64),%1(0x86),%1(0x68),%1(0x98),%1(0x16) - db %1(0xd4),%1(0xa4),%1(0x5c),%1(0xcc),%1(0x5d),%1(0x65),%1(0xb6),%1(0x92) - db %1(0x6c),%1(0x70),%1(0x48),%1(0x50),%1(0xfd),%1(0xed),%1(0xb9),%1(0xda) - db %1(0x5e),%1(0x15),%1(0x46),%1(0x57),%1(0xa7),%1(0x8d),%1(0x9d),%1(0x84) - db %1(0x90),%1(0xd8),%1(0xab),%1(0x00),%1(0x8c),%1(0xbc),%1(0xd3),%1(0x0a) - db %1(0xf7),%1(0xe4),%1(0x58),%1(0x05),%1(0xb8),%1(0xb3),%1(0x45),%1(0x06) - db %1(0xd0),%1(0x2c),%1(0x1e),%1(0x8f),%1(0xca),%1(0x3f),%1(0x0f),%1(0x02) - db %1(0xc1),%1(0xaf),%1(0xbd),%1(0x03),%1(0x01),%1(0x13),%1(0x8a),%1(0x6b) - db %1(0x3a),%1(0x91),%1(0x11),%1(0x41),%1(0x4f),%1(0x67),%1(0xdc),%1(0xea) - db %1(0x97),%1(0xf2),%1(0xcf),%1(0xce),%1(0xf0),%1(0xb4),%1(0xe6),%1(0x73) - db %1(0x96),%1(0xac),%1(0x74),%1(0x22),%1(0xe7),%1(0xad),%1(0x35),%1(0x85) - db %1(0xe2),%1(0xf9),%1(0x37),%1(0xe8),%1(0x1c),%1(0x75),%1(0xdf),%1(0x6e) - db %1(0x47),%1(0xf1),%1(0x1a),%1(0x71),%1(0x1d),%1(0x29),%1(0xc5),%1(0x89) - db %1(0x6f),%1(0xb7),%1(0x62),%1(0x0e),%1(0xaa),%1(0x18),%1(0xbe),%1(0x1b) - db %1(0xfc),%1(0x56),%1(0x3e),%1(0x4b),%1(0xc6),%1(0xd2),%1(0x79),%1(0x20) - db %1(0x9a),%1(0xdb),%1(0xc0),%1(0xfe),%1(0x78),%1(0xcd),%1(0x5a),%1(0xf4) - db %1(0x1f),%1(0xdd),%1(0xa8),%1(0x33),%1(0x88),%1(0x07),%1(0xc7),%1(0x31) - db %1(0xb1),%1(0x12),%1(0x10),%1(0x59),%1(0x27),%1(0x80),%1(0xec),%1(0x5f) - db %1(0x60),%1(0x51),%1(0x7f),%1(0xa9),%1(0x19),%1(0xb5),%1(0x4a),%1(0x0d) - db %1(0x2d),%1(0xe5),%1(0x7a),%1(0x9f),%1(0x93),%1(0xc9),%1(0x9c),%1(0xef) - db %1(0xa0),%1(0xe0),%1(0x3b),%1(0x4d),%1(0xae),%1(0x2a),%1(0xf5),%1(0xb0) - db %1(0xc8),%1(0xeb),%1(0xbb),%1(0x3c),%1(0x83),%1(0x53),%1(0x99),%1(0x61) - db %1(0x17),%1(0x2b),%1(0x04),%1(0x7e),%1(0xba),%1(0x77),%1(0xd6),%1(0x26) - db %1(0xe1),%1(0x69),%1(0x14),%1(0x63),%1(0x55),%1(0x21),%1(0x0c),%1(0x7d) -%endmacro - -%define u8(x) f2(x), x, x, f3(x), f2(x), x, x, f3(x) -%define v8(x) fe(x), f9(x), fd(x), fb(x), fe(x), f9(x), fd(x), x -%define w8(x) x, 0, 0, 0, x, 0, 0, 0 - -%define tptr rbp ; table pointer -%define kptr r8 ; key schedule pointer -%define fofs 128 ; adjust offset in key schedule to keep |disp| < 128 -%define fk_ref(x,y) [kptr-16*x+fofs+4*y] -%ifdef AES_REV_DKS -%define rofs 128 -%define ik_ref(x,y) [kptr-16*x+rofs+4*y] -%else -%define rofs -128 -%define ik_ref(x,y) [kptr+16*x+rofs+4*y] -%endif - -%define tab_0(x) [tptr+8*x] -%define tab_1(x) [tptr+8*x+3] -%define tab_2(x) [tptr+8*x+2] -%define tab_3(x) [tptr+8*x+1] -%define tab_f(x) byte [tptr+8*x+1] -%define tab_i(x) byte [tptr+8*x+7] -%define t_ref(x,r) tab_ %+ x(r) - -%macro ff_rnd 5 ; normal forward round - mov %1d, fk_ref(%5,0) - mov %2d, fk_ref(%5,1) - mov %3d, fk_ref(%5,2) - mov %4d, fk_ref(%5,3) - - movzx esi, al - movzx edi, ah - shr eax, 16 - xor %1d, t_ref(0,rsi) - xor %4d, t_ref(1,rdi) - movzx esi, al - movzx edi, ah - xor %3d, t_ref(2,rsi) - xor %2d, t_ref(3,rdi) - - movzx esi, bl - movzx edi, bh - shr ebx, 16 - xor %2d, t_ref(0,rsi) - xor %1d, t_ref(1,rdi) - movzx esi, bl - movzx edi, bh - xor %4d, t_ref(2,rsi) - xor %3d, t_ref(3,rdi) - - movzx esi, cl - movzx edi, ch - shr ecx, 16 - xor %3d, t_ref(0,rsi) - xor %2d, t_ref(1,rdi) - movzx esi, cl - movzx edi, ch - xor %1d, t_ref(2,rsi) - xor %4d, t_ref(3,rdi) - - movzx esi, dl - movzx edi, dh - shr edx, 16 - xor %4d, t_ref(0,rsi) - xor %3d, t_ref(1,rdi) - movzx esi, dl - movzx edi, dh - xor %2d, t_ref(2,rsi) - xor %1d, t_ref(3,rdi) - - mov eax,%1d - mov ebx,%2d - mov ecx,%3d - mov edx,%4d -%endmacro - -%ifdef LAST_ROUND_TABLES - -%macro fl_rnd 5 ; last forward round - add tptr, 2048 - mov %1d, fk_ref(%5,0) - mov %2d, fk_ref(%5,1) - mov %3d, fk_ref(%5,2) - mov %4d, fk_ref(%5,3) - - movzx esi, al - movzx edi, ah - shr eax, 16 - xor %1d, t_ref(0,rsi) - xor %4d, t_ref(1,rdi) - movzx esi, al - movzx edi, ah - xor %3d, t_ref(2,rsi) - xor %2d, t_ref(3,rdi) - - movzx esi, bl - movzx edi, bh - shr ebx, 16 - xor %2d, t_ref(0,rsi) - xor %1d, t_ref(1,rdi) - movzx esi, bl - movzx edi, bh - xor %4d, t_ref(2,rsi) - xor %3d, t_ref(3,rdi) - - movzx esi, cl - movzx edi, ch - shr ecx, 16 - xor %3d, t_ref(0,rsi) - xor %2d, t_ref(1,rdi) - movzx esi, cl - movzx edi, ch - xor %1d, t_ref(2,rsi) - xor %4d, t_ref(3,rdi) - - movzx esi, dl - movzx edi, dh - shr edx, 16 - xor %4d, t_ref(0,rsi) - xor %3d, t_ref(1,rdi) - movzx esi, dl - movzx edi, dh - xor %2d, t_ref(2,rsi) - xor %1d, t_ref(3,rdi) -%endmacro - -%else - -%macro fl_rnd 5 ; last forward round - mov %1d, fk_ref(%5,0) - mov %2d, fk_ref(%5,1) - mov %3d, fk_ref(%5,2) - mov %4d, fk_ref(%5,3) - - movzx esi, al - movzx edi, ah - shr eax, 16 - movzx esi, t_ref(f,rsi) - movzx edi, t_ref(f,rdi) - xor %1d, esi - rol edi, 8 - xor %4d, edi - movzx esi, al - movzx edi, ah - movzx esi, t_ref(f,rsi) - movzx edi, t_ref(f,rdi) - rol esi, 16 - rol edi, 24 - xor %3d, esi - xor %2d, edi - - movzx esi, bl - movzx edi, bh - shr ebx, 16 - movzx esi, t_ref(f,rsi) - movzx edi, t_ref(f,rdi) - xor %2d, esi - rol edi, 8 - xor %1d, edi - movzx esi, bl - movzx edi, bh - movzx esi, t_ref(f,rsi) - movzx edi, t_ref(f,rdi) - rol esi, 16 - rol edi, 24 - xor %4d, esi - xor %3d, edi - - movzx esi, cl - movzx edi, ch - movzx esi, t_ref(f,rsi) - movzx edi, t_ref(f,rdi) - shr ecx, 16 - xor %3d, esi - rol edi, 8 - xor %2d, edi - movzx esi, cl - movzx edi, ch - movzx esi, t_ref(f,rsi) - movzx edi, t_ref(f,rdi) - rol esi, 16 - rol edi, 24 - xor %1d, esi - xor %4d, edi - - movzx esi, dl - movzx edi, dh - movzx esi, t_ref(f,rsi) - movzx edi, t_ref(f,rdi) - shr edx, 16 - xor %4d, esi - rol edi, 8 - xor %3d, edi - movzx esi, dl - movzx edi, dh - movzx esi, t_ref(f,rsi) - movzx edi, t_ref(f,rdi) - rol esi, 16 - rol edi, 24 - xor %2d, esi - xor %1d, edi -%endmacro - -%endif - -%macro ii_rnd 5 ; normal inverse round - mov %1d, ik_ref(%5,0) - mov %2d, ik_ref(%5,1) - mov %3d, ik_ref(%5,2) - mov %4d, ik_ref(%5,3) - - movzx esi, al - movzx edi, ah - shr eax, 16 - xor %1d, t_ref(0,rsi) - xor %2d, t_ref(1,rdi) - movzx esi, al - movzx edi, ah - xor %3d, t_ref(2,rsi) - xor %4d, t_ref(3,rdi) - - movzx esi, bl - movzx edi, bh - shr ebx, 16 - xor %2d, t_ref(0,rsi) - xor %3d, t_ref(1,rdi) - movzx esi, bl - movzx edi, bh - xor %4d, t_ref(2,rsi) - xor %1d, t_ref(3,rdi) - - movzx esi, cl - movzx edi, ch - shr ecx, 16 - xor %3d, t_ref(0,rsi) - xor %4d, t_ref(1,rdi) - movzx esi, cl - movzx edi, ch - xor %1d, t_ref(2,rsi) - xor %2d, t_ref(3,rdi) - - movzx esi, dl - movzx edi, dh - shr edx, 16 - xor %4d, t_ref(0,rsi) - xor %1d, t_ref(1,rdi) - movzx esi, dl - movzx edi, dh - xor %2d, t_ref(2,rsi) - xor %3d, t_ref(3,rdi) - - mov eax,%1d - mov ebx,%2d - mov ecx,%3d - mov edx,%4d -%endmacro - -%ifdef LAST_ROUND_TABLES - -%macro il_rnd 5 ; last inverse round - add tptr, 2048 - mov %1d, ik_ref(%5,0) - mov %2d, ik_ref(%5,1) - mov %3d, ik_ref(%5,2) - mov %4d, ik_ref(%5,3) - - movzx esi, al - movzx edi, ah - shr eax, 16 - xor %1d, t_ref(0,rsi) - xor %2d, t_ref(1,rdi) - movzx esi, al - movzx edi, ah - xor %3d, t_ref(2,rsi) - xor %4d, t_ref(3,rdi) - - movzx esi, bl - movzx edi, bh - shr ebx, 16 - xor %2d, t_ref(0,rsi) - xor %3d, t_ref(1,rdi) - movzx esi, bl - movzx edi, bh - xor %4d, t_ref(2,rsi) - xor %1d, t_ref(3,rdi) - - movzx esi, cl - movzx edi, ch - shr ecx, 16 - xor %3d, t_ref(0,rsi) - xor %4d, t_ref(1,rdi) - movzx esi, cl - movzx edi, ch - xor %1d, t_ref(2,rsi) - xor %2d, t_ref(3,rdi) - - movzx esi, dl - movzx edi, dh - shr edx, 16 - xor %4d, t_ref(0,rsi) - xor %1d, t_ref(1,rdi) - movzx esi, dl - movzx edi, dh - xor %2d, t_ref(2,rsi) - xor %3d, t_ref(3,rdi) -%endmacro - -%else - -%macro il_rnd 5 ; last inverse round - mov %1d, ik_ref(%5,0) - mov %2d, ik_ref(%5,1) - mov %3d, ik_ref(%5,2) - mov %4d, ik_ref(%5,3) - - movzx esi, al - movzx edi, ah - movzx esi, t_ref(i,rsi) - movzx edi, t_ref(i,rdi) - shr eax, 16 - xor %1d, esi - rol edi, 8 - xor %2d, edi - movzx esi, al - movzx edi, ah - movzx esi, t_ref(i,rsi) - movzx edi, t_ref(i,rdi) - rol esi, 16 - rol edi, 24 - xor %3d, esi - xor %4d, edi - - movzx esi, bl - movzx edi, bh - movzx esi, t_ref(i,rsi) - movzx edi, t_ref(i,rdi) - shr ebx, 16 - xor %2d, esi - rol edi, 8 - xor %3d, edi - movzx esi, bl - movzx edi, bh - movzx esi, t_ref(i,rsi) - movzx edi, t_ref(i,rdi) - rol esi, 16 - rol edi, 24 - xor %4d, esi - xor %1d, edi - - movzx esi, cl - movzx edi, ch - movzx esi, t_ref(i,rsi) - movzx edi, t_ref(i,rdi) - shr ecx, 16 - xor %3d, esi - rol edi, 8 - xor %4d, edi - movzx esi, cl - movzx edi, ch - movzx esi, t_ref(i,rsi) - movzx edi, t_ref(i,rdi) - rol esi, 16 - rol edi, 24 - xor %1d, esi - xor %2d, edi - - movzx esi, dl - movzx edi, dh - movzx esi, t_ref(i,rsi) - movzx edi, t_ref(i,rdi) - shr edx, 16 - xor %4d, esi - rol edi, 8 - xor %1d, edi - movzx esi, dl - movzx edi, dh - movzx esi, t_ref(i,rsi) - movzx edi, t_ref(i,rdi) - rol esi, 16 - rol edi, 24 - xor %2d, esi - xor %3d, edi -%endmacro - -%endif - -%ifdef ENCRYPTION - - global aes_encrypt -%ifdef DLL_EXPORT - export aes_encrypt -%endif - - section .data align=64 - align 64 -enc_tab: - enc_vals u8 -%ifdef LAST_ROUND_TABLES - enc_vals w8 -%endif - - section .text align=16 - align 16 - -%ifdef _SEH_ -proc_frame aes_encrypt - alloc_stack 7*8 ; 7 to align stack to 16 bytes - save_reg rsi,4*8 - save_reg rdi,5*8 - save_reg rbx,1*8 - save_reg rbp,2*8 - save_reg r12,3*8 -end_prologue - mov rdi, rcx ; input pointer - mov [rsp+0*8], rdx ; output pointer -%else - aes_encrypt: - %ifdef __GNUC__ - sub rsp, 4*8 ; gnu/linux binary interface - mov [rsp+0*8], rsi ; output pointer - mov r8, rdx ; context - %else - sub rsp, 6*8 ; windows binary interface - mov [rsp+4*8], rsi - mov [rsp+5*8], rdi - mov rdi, rcx ; input pointer - mov [rsp+0*8], rdx ; output pointer - %endif - mov [rsp+1*8], rbx ; input pointer in rdi - mov [rsp+2*8], rbp ; output pointer in [rsp] - mov [rsp+3*8], r12 ; context in r8 -%endif - - movzx esi, byte [kptr+4*KS_LENGTH] - lea tptr, [rel enc_tab] - sub kptr, fofs - - mov eax, [rdi+0*4] - mov ebx, [rdi+1*4] - mov ecx, [rdi+2*4] - mov edx, [rdi+3*4] - - xor eax, [kptr+fofs] - xor ebx, [kptr+fofs+4] - xor ecx, [kptr+fofs+8] - xor edx, [kptr+fofs+12] - - lea kptr,[kptr+rsi] - cmp esi, 10*16 - je .3 - cmp esi, 12*16 - je .2 - cmp esi, 14*16 - je .1 - mov rax, -1 - jmp .4 - -.1: ff_rnd r9, r10, r11, r12, 13 - ff_rnd r9, r10, r11, r12, 12 -.2: ff_rnd r9, r10, r11, r12, 11 - ff_rnd r9, r10, r11, r12, 10 -.3: ff_rnd r9, r10, r11, r12, 9 - ff_rnd r9, r10, r11, r12, 8 - ff_rnd r9, r10, r11, r12, 7 - ff_rnd r9, r10, r11, r12, 6 - ff_rnd r9, r10, r11, r12, 5 - ff_rnd r9, r10, r11, r12, 4 - ff_rnd r9, r10, r11, r12, 3 - ff_rnd r9, r10, r11, r12, 2 - ff_rnd r9, r10, r11, r12, 1 - fl_rnd r9, r10, r11, r12, 0 - - mov rbx, [rsp] - mov [rbx], r9d - mov [rbx+4], r10d - mov [rbx+8], r11d - mov [rbx+12], r12d - xor rax, rax -.4: - mov rbx, [rsp+1*8] - mov rbp, [rsp+2*8] - mov r12, [rsp+3*8] -%ifdef __GNUC__ - add rsp, 4*8 - ret -%else - mov rsi, [rsp+4*8] - mov rdi, [rsp+5*8] - %ifdef _SEH_ - add rsp, 7*8 - ret - endproc_frame - %else - add rsp, 6*8 - ret - %endif -%endif - -%endif - -%ifdef DECRYPTION - - global aes_decrypt -%ifdef DLL_EXPORT - export aes_decrypt -%endif - - section .data - align 64 -dec_tab: - dec_vals v8 -%ifdef LAST_ROUND_TABLES - dec_vals w8 -%endif - - section .text - align 16 - -%ifdef _SEH_ -proc_frame aes_decrypt - alloc_stack 7*8 ; 7 to align stack to 16 bytes - save_reg rsi,4*8 - save_reg rdi,5*8 - save_reg rbx,1*8 - save_reg rbp,2*8 - save_reg r12,3*8 -end_prologue - mov rdi, rcx ; input pointer - mov [rsp+0*8], rdx ; output pointer -%else - aes_decrypt: - %ifdef __GNUC__ - sub rsp, 4*8 ; gnu/linux binary interface - mov [rsp+0*8], rsi ; output pointer - mov r8, rdx ; context - %else - sub rsp, 6*8 ; windows binary interface - mov [rsp+4*8], rsi - mov [rsp+5*8], rdi - mov rdi, rcx ; input pointer - mov [rsp+0*8], rdx ; output pointer - %endif - mov [rsp+1*8], rbx ; input pointer in rdi - mov [rsp+2*8], rbp ; output pointer in [rsp] - mov [rsp+3*8], r12 ; context in r8 -%endif - - movzx esi,byte[kptr+4*KS_LENGTH] - lea tptr, [rel dec_tab] - sub kptr, rofs - - mov eax, [rdi+0*4] - mov ebx, [rdi+1*4] - mov ecx, [rdi+2*4] - mov edx, [rdi+3*4] - -%ifdef AES_REV_DKS - mov rdi, kptr - lea kptr,[kptr+rsi] -%else - lea rdi,[kptr+rsi] -%endif - - xor eax, [rdi+rofs] - xor ebx, [rdi+rofs+4] - xor ecx, [rdi+rofs+8] - xor edx, [rdi+rofs+12] - - cmp esi, 10*16 - je .3 - cmp esi, 12*16 - je .2 - cmp esi, 14*16 - je .1 - mov rax, -1 - jmp .4 - -.1: ii_rnd r9, r10, r11, r12, 13 - ii_rnd r9, r10, r11, r12, 12 -.2: ii_rnd r9, r10, r11, r12, 11 - ii_rnd r9, r10, r11, r12, 10 -.3: ii_rnd r9, r10, r11, r12, 9 - ii_rnd r9, r10, r11, r12, 8 - ii_rnd r9, r10, r11, r12, 7 - ii_rnd r9, r10, r11, r12, 6 - ii_rnd r9, r10, r11, r12, 5 - ii_rnd r9, r10, r11, r12, 4 - ii_rnd r9, r10, r11, r12, 3 - ii_rnd r9, r10, r11, r12, 2 - ii_rnd r9, r10, r11, r12, 1 - il_rnd r9, r10, r11, r12, 0 - - mov rbx, [rsp] - mov [rbx], r9d - mov [rbx+4], r10d - mov [rbx+8], r11d - mov [rbx+12], r12d - xor rax, rax -.4: mov rbx, [rsp+1*8] - mov rbp, [rsp+2*8] - mov r12, [rsp+3*8] -%ifdef __GNUC__ - add rsp, 4*8 - ret -%else - mov rsi, [rsp+4*8] - mov rdi, [rsp+5*8] - %ifdef _SEH_ - add rsp, 7*8 - ret - endproc_frame - %else - add rsp, 6*8 - ret - %endif -%endif - -%endif + +; --------------------------------------------------------------------------- +; Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. +; +; LICENSE TERMS +; +; The free distribution and use of this software is allowed (with or without +; changes) provided that: +; +; 1. source code distributions include the above copyright notice, this +; list of conditions and the following disclaimer; +; +; 2. binary distributions include the above copyright notice, this list +; of conditions and the following disclaimer in their documentation; +; +; 3. the name of the copyright holder is not used to endorse products +; built using this software without specific written permission. +; +; DISCLAIMER +; +; This software is provided 'as is' with no explicit or implied warranties +; in respect of its properties, including, but not limited to, correctness +; and/or fitness for purpose. +; --------------------------------------------------------------------------- +; Issue 20/12/2007 +; +; I am grateful to Dag Arne Osvik for many discussions of the techniques that +; can be used to optimise AES assembler code on AMD64/EM64T architectures. +; Some of the techniques used in this implementation are the result of +; suggestions made by him for which I am most grateful. + +; +; Adapted for TrueCrypt: +; - Compatibility with NASM +; + +; An AES implementation for AMD64 processors using the YASM assembler. This +; implemetation provides only encryption, decryption and hence requires key +; scheduling support in C. It uses 8k bytes of tables but its encryption and +; decryption performance is very close to that obtained using large tables. +; It can use either Windows or Gnu/Linux calling conventions, which are as +; follows: +; windows gnu/linux +; +; in_blk rcx rdi +; out_blk rdx rsi +; context (cx) r8 rdx +; +; preserved rsi - + rbx, rbp, rsp, r12, r13, r14 & r15 +; registers rdi - on both +; +; destroyed - rsi + rax, rcx, rdx, r8, r9, r10 & r11 +; registers - rdi on both +; +; The default convention is that for windows, the gnu/linux convention being +; used if __GNUC__ is defined. +; +; Define _SEH_ to include support for Win64 structured exception handling +; (this requires YASM version 0.6 or later). +; +; This code provides the standard AES block size (128 bits, 16 bytes) and the +; three standard AES key sizes (128, 192 and 256 bits). It has the same call +; interface as my C implementation. It uses the Microsoft C AMD64 calling +; conventions in which the three parameters are placed in rcx, rdx and r8 +; respectively. The rbx, rsi, rdi, rbp and r12..r15 registers are preserved. +; +; AES_RETURN aes_encrypt(const unsigned char in_blk[], +; unsigned char out_blk[], const aes_encrypt_ctx cx[1]); +; +; AES_RETURN aes_decrypt(const unsigned char in_blk[], +; unsigned char out_blk[], const aes_decrypt_ctx cx[1]); +; +; AES_RETURN aes_encrypt_key(const unsigned char key[], +; const aes_encrypt_ctx cx[1]); +; +; AES_RETURN aes_decrypt_key(const unsigned char key[], +; const aes_decrypt_ctx cx[1]); +; +; AES_RETURN aes_encrypt_key(const unsigned char key[], +; unsigned int len, const aes_decrypt_ctx cx[1]); +; +; AES_RETURN aes_decrypt_key(const unsigned char key[], +; unsigned int len, const aes_decrypt_ctx cx[1]); +; +; where is 128, 102 or 256. In the last two calls the length can be in +; either bits or bytes. +; +; Comment in/out the following lines to obtain the desired subroutines. These +; selections MUST match those in the C header file aes.h + +; %define AES_128 ; define if AES with 128 bit keys is needed +; %define AES_192 ; define if AES with 192 bit keys is needed +%define AES_256 ; define if AES with 256 bit keys is needed +; %define AES_VAR ; define if a variable key size is needed +%define ENCRYPTION ; define if encryption is needed +%define DECRYPTION ; define if decryption is needed +%define AES_REV_DKS ; define if key decryption schedule is reversed +%define LAST_ROUND_TABLES ; define for the faster version using extra tables + +; The encryption key schedule has the following in memory layout where N is the +; number of rounds (10, 12 or 14): +; +; lo: | input key (round 0) | ; each round is four 32-bit words +; | encryption round 1 | +; | encryption round 2 | +; .... +; | encryption round N-1 | +; hi: | encryption round N | +; +; The decryption key schedule is normally set up so that it has the same +; layout as above by actually reversing the order of the encryption key +; schedule in memory (this happens when AES_REV_DKS is set): +; +; lo: | decryption round 0 | = | encryption round N | +; | decryption round 1 | = INV_MIX_COL[ | encryption round N-1 | ] +; | decryption round 2 | = INV_MIX_COL[ | encryption round N-2 | ] +; .... .... +; | decryption round N-1 | = INV_MIX_COL[ | encryption round 1 | ] +; hi: | decryption round N | = | input key (round 0) | +; +; with rounds except the first and last modified using inv_mix_column() +; But if AES_REV_DKS is NOT set the order of keys is left as it is for +; encryption so that it has to be accessed in reverse when used for +; decryption (although the inverse mix column modifications are done) +; +; lo: | decryption round 0 | = | input key (round 0) | +; | decryption round 1 | = INV_MIX_COL[ | encryption round 1 | ] +; | decryption round 2 | = INV_MIX_COL[ | encryption round 2 | ] +; .... .... +; | decryption round N-1 | = INV_MIX_COL[ | encryption round N-1 | ] +; hi: | decryption round N | = | encryption round N | +; +; This layout is faster when the assembler key scheduling provided here +; is used. +; +; The DLL interface must use the _stdcall convention in which the number +; of bytes of parameter space is added after an @ to the sutine's name. +; We must also remove our parameters from the stack before return (see +; the do_exit macro). Define DLL_EXPORT for the Dynamic Link Library version. + +;%define DLL_EXPORT + +; End of user defines + +%ifdef AES_VAR +%ifndef AES_128 +%define AES_128 +%endif +%ifndef AES_192 +%define AES_192 +%endif +%ifndef AES_256 +%define AES_256 +%endif +%endif + +%ifdef AES_VAR +%define KS_LENGTH 60 +%elifdef AES_256 +%define KS_LENGTH 60 +%elifdef AES_192 +%define KS_LENGTH 52 +%else +%define KS_LENGTH 44 +%endif + +%define r0 rax +%define r1 rdx +%define r2 rcx +%define r3 rbx +%define r4 rsi +%define r5 rdi +%define r6 rbp +%define r7 rsp + +%define raxd eax +%define rdxd edx +%define rcxd ecx +%define rbxd ebx +%define rsid esi +%define rdid edi +%define rbpd ebp +%define rspd esp + +%define raxb al +%define rdxb dl +%define rcxb cl +%define rbxb bl +%define rsib sil +%define rdib dil +%define rbpb bpl +%define rspb spl + +%define r0h ah +%define r1h dh +%define r2h ch +%define r3h bh + +%define r0d eax +%define r1d edx +%define r2d ecx +%define r3d ebx + +; finite field multiplies by {02}, {04} and {08} + +%define f2(x) ((x<<1)^(((x>>7)&1)*0x11b)) +%define f4(x) ((x<<2)^(((x>>6)&1)*0x11b)^(((x>>6)&2)*0x11b)) +%define f8(x) ((x<<3)^(((x>>5)&1)*0x11b)^(((x>>5)&2)*0x11b)^(((x>>5)&4)*0x11b)) + +; finite field multiplies required in table generation + +%define f3(x) (f2(x) ^ x) +%define f9(x) (f8(x) ^ x) +%define fb(x) (f8(x) ^ f2(x) ^ x) +%define fd(x) (f8(x) ^ f4(x) ^ x) +%define fe(x) (f8(x) ^ f4(x) ^ f2(x)) + +; macro for expanding S-box data + +%macro enc_vals 1 + db %1(0x63),%1(0x7c),%1(0x77),%1(0x7b),%1(0xf2),%1(0x6b),%1(0x6f),%1(0xc5) + db %1(0x30),%1(0x01),%1(0x67),%1(0x2b),%1(0xfe),%1(0xd7),%1(0xab),%1(0x76) + db %1(0xca),%1(0x82),%1(0xc9),%1(0x7d),%1(0xfa),%1(0x59),%1(0x47),%1(0xf0) + db %1(0xad),%1(0xd4),%1(0xa2),%1(0xaf),%1(0x9c),%1(0xa4),%1(0x72),%1(0xc0) + db %1(0xb7),%1(0xfd),%1(0x93),%1(0x26),%1(0x36),%1(0x3f),%1(0xf7),%1(0xcc) + db %1(0x34),%1(0xa5),%1(0xe5),%1(0xf1),%1(0x71),%1(0xd8),%1(0x31),%1(0x15) + db %1(0x04),%1(0xc7),%1(0x23),%1(0xc3),%1(0x18),%1(0x96),%1(0x05),%1(0x9a) + db %1(0x07),%1(0x12),%1(0x80),%1(0xe2),%1(0xeb),%1(0x27),%1(0xb2),%1(0x75) + db %1(0x09),%1(0x83),%1(0x2c),%1(0x1a),%1(0x1b),%1(0x6e),%1(0x5a),%1(0xa0) + db %1(0x52),%1(0x3b),%1(0xd6),%1(0xb3),%1(0x29),%1(0xe3),%1(0x2f),%1(0x84) + db %1(0x53),%1(0xd1),%1(0x00),%1(0xed),%1(0x20),%1(0xfc),%1(0xb1),%1(0x5b) + db %1(0x6a),%1(0xcb),%1(0xbe),%1(0x39),%1(0x4a),%1(0x4c),%1(0x58),%1(0xcf) + db %1(0xd0),%1(0xef),%1(0xaa),%1(0xfb),%1(0x43),%1(0x4d),%1(0x33),%1(0x85) + db %1(0x45),%1(0xf9),%1(0x02),%1(0x7f),%1(0x50),%1(0x3c),%1(0x9f),%1(0xa8) + db %1(0x51),%1(0xa3),%1(0x40),%1(0x8f),%1(0x92),%1(0x9d),%1(0x38),%1(0xf5) + db %1(0xbc),%1(0xb6),%1(0xda),%1(0x21),%1(0x10),%1(0xff),%1(0xf3),%1(0xd2) + db %1(0xcd),%1(0x0c),%1(0x13),%1(0xec),%1(0x5f),%1(0x97),%1(0x44),%1(0x17) + db %1(0xc4),%1(0xa7),%1(0x7e),%1(0x3d),%1(0x64),%1(0x5d),%1(0x19),%1(0x73) + db %1(0x60),%1(0x81),%1(0x4f),%1(0xdc),%1(0x22),%1(0x2a),%1(0x90),%1(0x88) + db %1(0x46),%1(0xee),%1(0xb8),%1(0x14),%1(0xde),%1(0x5e),%1(0x0b),%1(0xdb) + db %1(0xe0),%1(0x32),%1(0x3a),%1(0x0a),%1(0x49),%1(0x06),%1(0x24),%1(0x5c) + db %1(0xc2),%1(0xd3),%1(0xac),%1(0x62),%1(0x91),%1(0x95),%1(0xe4),%1(0x79) + db %1(0xe7),%1(0xc8),%1(0x37),%1(0x6d),%1(0x8d),%1(0xd5),%1(0x4e),%1(0xa9) + db %1(0x6c),%1(0x56),%1(0xf4),%1(0xea),%1(0x65),%1(0x7a),%1(0xae),%1(0x08) + db %1(0xba),%1(0x78),%1(0x25),%1(0x2e),%1(0x1c),%1(0xa6),%1(0xb4),%1(0xc6) + db %1(0xe8),%1(0xdd),%1(0x74),%1(0x1f),%1(0x4b),%1(0xbd),%1(0x8b),%1(0x8a) + db %1(0x70),%1(0x3e),%1(0xb5),%1(0x66),%1(0x48),%1(0x03),%1(0xf6),%1(0x0e) + db %1(0x61),%1(0x35),%1(0x57),%1(0xb9),%1(0x86),%1(0xc1),%1(0x1d),%1(0x9e) + db %1(0xe1),%1(0xf8),%1(0x98),%1(0x11),%1(0x69),%1(0xd9),%1(0x8e),%1(0x94) + db %1(0x9b),%1(0x1e),%1(0x87),%1(0xe9),%1(0xce),%1(0x55),%1(0x28),%1(0xdf) + db %1(0x8c),%1(0xa1),%1(0x89),%1(0x0d),%1(0xbf),%1(0xe6),%1(0x42),%1(0x68) + db %1(0x41),%1(0x99),%1(0x2d),%1(0x0f),%1(0xb0),%1(0x54),%1(0xbb),%1(0x16) +%endmacro + +%macro dec_vals 1 + db %1(0x52),%1(0x09),%1(0x6a),%1(0xd5),%1(0x30),%1(0x36),%1(0xa5),%1(0x38) + db %1(0xbf),%1(0x40),%1(0xa3),%1(0x9e),%1(0x81),%1(0xf3),%1(0xd7),%1(0xfb) + db %1(0x7c),%1(0xe3),%1(0x39),%1(0x82),%1(0x9b),%1(0x2f),%1(0xff),%1(0x87) + db %1(0x34),%1(0x8e),%1(0x43),%1(0x44),%1(0xc4),%1(0xde),%1(0xe9),%1(0xcb) + db %1(0x54),%1(0x7b),%1(0x94),%1(0x32),%1(0xa6),%1(0xc2),%1(0x23),%1(0x3d) + db %1(0xee),%1(0x4c),%1(0x95),%1(0x0b),%1(0x42),%1(0xfa),%1(0xc3),%1(0x4e) + db %1(0x08),%1(0x2e),%1(0xa1),%1(0x66),%1(0x28),%1(0xd9),%1(0x24),%1(0xb2) + db %1(0x76),%1(0x5b),%1(0xa2),%1(0x49),%1(0x6d),%1(0x8b),%1(0xd1),%1(0x25) + db %1(0x72),%1(0xf8),%1(0xf6),%1(0x64),%1(0x86),%1(0x68),%1(0x98),%1(0x16) + db %1(0xd4),%1(0xa4),%1(0x5c),%1(0xcc),%1(0x5d),%1(0x65),%1(0xb6),%1(0x92) + db %1(0x6c),%1(0x70),%1(0x48),%1(0x50),%1(0xfd),%1(0xed),%1(0xb9),%1(0xda) + db %1(0x5e),%1(0x15),%1(0x46),%1(0x57),%1(0xa7),%1(0x8d),%1(0x9d),%1(0x84) + db %1(0x90),%1(0xd8),%1(0xab),%1(0x00),%1(0x8c),%1(0xbc),%1(0xd3),%1(0x0a) + db %1(0xf7),%1(0xe4),%1(0x58),%1(0x05),%1(0xb8),%1(0xb3),%1(0x45),%1(0x06) + db %1(0xd0),%1(0x2c),%1(0x1e),%1(0x8f),%1(0xca),%1(0x3f),%1(0x0f),%1(0x02) + db %1(0xc1),%1(0xaf),%1(0xbd),%1(0x03),%1(0x01),%1(0x13),%1(0x8a),%1(0x6b) + db %1(0x3a),%1(0x91),%1(0x11),%1(0x41),%1(0x4f),%1(0x67),%1(0xdc),%1(0xea) + db %1(0x97),%1(0xf2),%1(0xcf),%1(0xce),%1(0xf0),%1(0xb4),%1(0xe6),%1(0x73) + db %1(0x96),%1(0xac),%1(0x74),%1(0x22),%1(0xe7),%1(0xad),%1(0x35),%1(0x85) + db %1(0xe2),%1(0xf9),%1(0x37),%1(0xe8),%1(0x1c),%1(0x75),%1(0xdf),%1(0x6e) + db %1(0x47),%1(0xf1),%1(0x1a),%1(0x71),%1(0x1d),%1(0x29),%1(0xc5),%1(0x89) + db %1(0x6f),%1(0xb7),%1(0x62),%1(0x0e),%1(0xaa),%1(0x18),%1(0xbe),%1(0x1b) + db %1(0xfc),%1(0x56),%1(0x3e),%1(0x4b),%1(0xc6),%1(0xd2),%1(0x79),%1(0x20) + db %1(0x9a),%1(0xdb),%1(0xc0),%1(0xfe),%1(0x78),%1(0xcd),%1(0x5a),%1(0xf4) + db %1(0x1f),%1(0xdd),%1(0xa8),%1(0x33),%1(0x88),%1(0x07),%1(0xc7),%1(0x31) + db %1(0xb1),%1(0x12),%1(0x10),%1(0x59),%1(0x27),%1(0x80),%1(0xec),%1(0x5f) + db %1(0x60),%1(0x51),%1(0x7f),%1(0xa9),%1(0x19),%1(0xb5),%1(0x4a),%1(0x0d) + db %1(0x2d),%1(0xe5),%1(0x7a),%1(0x9f),%1(0x93),%1(0xc9),%1(0x9c),%1(0xef) + db %1(0xa0),%1(0xe0),%1(0x3b),%1(0x4d),%1(0xae),%1(0x2a),%1(0xf5),%1(0xb0) + db %1(0xc8),%1(0xeb),%1(0xbb),%1(0x3c),%1(0x83),%1(0x53),%1(0x99),%1(0x61) + db %1(0x17),%1(0x2b),%1(0x04),%1(0x7e),%1(0xba),%1(0x77),%1(0xd6),%1(0x26) + db %1(0xe1),%1(0x69),%1(0x14),%1(0x63),%1(0x55),%1(0x21),%1(0x0c),%1(0x7d) +%endmacro + +%define u8(x) f2(x), x, x, f3(x), f2(x), x, x, f3(x) +%define v8(x) fe(x), f9(x), fd(x), fb(x), fe(x), f9(x), fd(x), x +%define w8(x) x, 0, 0, 0, x, 0, 0, 0 + +%define tptr rbp ; table pointer +%define kptr r8 ; key schedule pointer +%define fofs 128 ; adjust offset in key schedule to keep |disp| < 128 +%define fk_ref(x,y) [kptr-16*x+fofs+4*y] +%ifdef AES_REV_DKS +%define rofs 128 +%define ik_ref(x,y) [kptr-16*x+rofs+4*y] +%else +%define rofs -128 +%define ik_ref(x,y) [kptr+16*x+rofs+4*y] +%endif + +%define tab_0(x) [tptr+8*x] +%define tab_1(x) [tptr+8*x+3] +%define tab_2(x) [tptr+8*x+2] +%define tab_3(x) [tptr+8*x+1] +%define tab_f(x) byte [tptr+8*x+1] +%define tab_i(x) byte [tptr+8*x+7] +%define t_ref(x,r) tab_ %+ x(r) + +%macro ff_rnd 5 ; normal forward round + mov %1d, fk_ref(%5,0) + mov %2d, fk_ref(%5,1) + mov %3d, fk_ref(%5,2) + mov %4d, fk_ref(%5,3) + + movzx esi, al + movzx edi, ah + shr eax, 16 + xor %1d, t_ref(0,rsi) + xor %4d, t_ref(1,rdi) + movzx esi, al + movzx edi, ah + xor %3d, t_ref(2,rsi) + xor %2d, t_ref(3,rdi) + + movzx esi, bl + movzx edi, bh + shr ebx, 16 + xor %2d, t_ref(0,rsi) + xor %1d, t_ref(1,rdi) + movzx esi, bl + movzx edi, bh + xor %4d, t_ref(2,rsi) + xor %3d, t_ref(3,rdi) + + movzx esi, cl + movzx edi, ch + shr ecx, 16 + xor %3d, t_ref(0,rsi) + xor %2d, t_ref(1,rdi) + movzx esi, cl + movzx edi, ch + xor %1d, t_ref(2,rsi) + xor %4d, t_ref(3,rdi) + + movzx esi, dl + movzx edi, dh + shr edx, 16 + xor %4d, t_ref(0,rsi) + xor %3d, t_ref(1,rdi) + movzx esi, dl + movzx edi, dh + xor %2d, t_ref(2,rsi) + xor %1d, t_ref(3,rdi) + + mov eax,%1d + mov ebx,%2d + mov ecx,%3d + mov edx,%4d +%endmacro + +%ifdef LAST_ROUND_TABLES + +%macro fl_rnd 5 ; last forward round + add tptr, 2048 + mov %1d, fk_ref(%5,0) + mov %2d, fk_ref(%5,1) + mov %3d, fk_ref(%5,2) + mov %4d, fk_ref(%5,3) + + movzx esi, al + movzx edi, ah + shr eax, 16 + xor %1d, t_ref(0,rsi) + xor %4d, t_ref(1,rdi) + movzx esi, al + movzx edi, ah + xor %3d, t_ref(2,rsi) + xor %2d, t_ref(3,rdi) + + movzx esi, bl + movzx edi, bh + shr ebx, 16 + xor %2d, t_ref(0,rsi) + xor %1d, t_ref(1,rdi) + movzx esi, bl + movzx edi, bh + xor %4d, t_ref(2,rsi) + xor %3d, t_ref(3,rdi) + + movzx esi, cl + movzx edi, ch + shr ecx, 16 + xor %3d, t_ref(0,rsi) + xor %2d, t_ref(1,rdi) + movzx esi, cl + movzx edi, ch + xor %1d, t_ref(2,rsi) + xor %4d, t_ref(3,rdi) + + movzx esi, dl + movzx edi, dh + shr edx, 16 + xor %4d, t_ref(0,rsi) + xor %3d, t_ref(1,rdi) + movzx esi, dl + movzx edi, dh + xor %2d, t_ref(2,rsi) + xor %1d, t_ref(3,rdi) +%endmacro + +%else + +%macro fl_rnd 5 ; last forward round + mov %1d, fk_ref(%5,0) + mov %2d, fk_ref(%5,1) + mov %3d, fk_ref(%5,2) + mov %4d, fk_ref(%5,3) + + movzx esi, al + movzx edi, ah + shr eax, 16 + movzx esi, t_ref(f,rsi) + movzx edi, t_ref(f,rdi) + xor %1d, esi + rol edi, 8 + xor %4d, edi + movzx esi, al + movzx edi, ah + movzx esi, t_ref(f,rsi) + movzx edi, t_ref(f,rdi) + rol esi, 16 + rol edi, 24 + xor %3d, esi + xor %2d, edi + + movzx esi, bl + movzx edi, bh + shr ebx, 16 + movzx esi, t_ref(f,rsi) + movzx edi, t_ref(f,rdi) + xor %2d, esi + rol edi, 8 + xor %1d, edi + movzx esi, bl + movzx edi, bh + movzx esi, t_ref(f,rsi) + movzx edi, t_ref(f,rdi) + rol esi, 16 + rol edi, 24 + xor %4d, esi + xor %3d, edi + + movzx esi, cl + movzx edi, ch + movzx esi, t_ref(f,rsi) + movzx edi, t_ref(f,rdi) + shr ecx, 16 + xor %3d, esi + rol edi, 8 + xor %2d, edi + movzx esi, cl + movzx edi, ch + movzx esi, t_ref(f,rsi) + movzx edi, t_ref(f,rdi) + rol esi, 16 + rol edi, 24 + xor %1d, esi + xor %4d, edi + + movzx esi, dl + movzx edi, dh + movzx esi, t_ref(f,rsi) + movzx edi, t_ref(f,rdi) + shr edx, 16 + xor %4d, esi + rol edi, 8 + xor %3d, edi + movzx esi, dl + movzx edi, dh + movzx esi, t_ref(f,rsi) + movzx edi, t_ref(f,rdi) + rol esi, 16 + rol edi, 24 + xor %2d, esi + xor %1d, edi +%endmacro + +%endif + +%macro ii_rnd 5 ; normal inverse round + mov %1d, ik_ref(%5,0) + mov %2d, ik_ref(%5,1) + mov %3d, ik_ref(%5,2) + mov %4d, ik_ref(%5,3) + + movzx esi, al + movzx edi, ah + shr eax, 16 + xor %1d, t_ref(0,rsi) + xor %2d, t_ref(1,rdi) + movzx esi, al + movzx edi, ah + xor %3d, t_ref(2,rsi) + xor %4d, t_ref(3,rdi) + + movzx esi, bl + movzx edi, bh + shr ebx, 16 + xor %2d, t_ref(0,rsi) + xor %3d, t_ref(1,rdi) + movzx esi, bl + movzx edi, bh + xor %4d, t_ref(2,rsi) + xor %1d, t_ref(3,rdi) + + movzx esi, cl + movzx edi, ch + shr ecx, 16 + xor %3d, t_ref(0,rsi) + xor %4d, t_ref(1,rdi) + movzx esi, cl + movzx edi, ch + xor %1d, t_ref(2,rsi) + xor %2d, t_ref(3,rdi) + + movzx esi, dl + movzx edi, dh + shr edx, 16 + xor %4d, t_ref(0,rsi) + xor %1d, t_ref(1,rdi) + movzx esi, dl + movzx edi, dh + xor %2d, t_ref(2,rsi) + xor %3d, t_ref(3,rdi) + + mov eax,%1d + mov ebx,%2d + mov ecx,%3d + mov edx,%4d +%endmacro + +%ifdef LAST_ROUND_TABLES + +%macro il_rnd 5 ; last inverse round + add tptr, 2048 + mov %1d, ik_ref(%5,0) + mov %2d, ik_ref(%5,1) + mov %3d, ik_ref(%5,2) + mov %4d, ik_ref(%5,3) + + movzx esi, al + movzx edi, ah + shr eax, 16 + xor %1d, t_ref(0,rsi) + xor %2d, t_ref(1,rdi) + movzx esi, al + movzx edi, ah + xor %3d, t_ref(2,rsi) + xor %4d, t_ref(3,rdi) + + movzx esi, bl + movzx edi, bh + shr ebx, 16 + xor %2d, t_ref(0,rsi) + xor %3d, t_ref(1,rdi) + movzx esi, bl + movzx edi, bh + xor %4d, t_ref(2,rsi) + xor %1d, t_ref(3,rdi) + + movzx esi, cl + movzx edi, ch + shr ecx, 16 + xor %3d, t_ref(0,rsi) + xor %4d, t_ref(1,rdi) + movzx esi, cl + movzx edi, ch + xor %1d, t_ref(2,rsi) + xor %2d, t_ref(3,rdi) + + movzx esi, dl + movzx edi, dh + shr edx, 16 + xor %4d, t_ref(0,rsi) + xor %1d, t_ref(1,rdi) + movzx esi, dl + movzx edi, dh + xor %2d, t_ref(2,rsi) + xor %3d, t_ref(3,rdi) +%endmacro + +%else + +%macro il_rnd 5 ; last inverse round + mov %1d, ik_ref(%5,0) + mov %2d, ik_ref(%5,1) + mov %3d, ik_ref(%5,2) + mov %4d, ik_ref(%5,3) + + movzx esi, al + movzx edi, ah + movzx esi, t_ref(i,rsi) + movzx edi, t_ref(i,rdi) + shr eax, 16 + xor %1d, esi + rol edi, 8 + xor %2d, edi + movzx esi, al + movzx edi, ah + movzx esi, t_ref(i,rsi) + movzx edi, t_ref(i,rdi) + rol esi, 16 + rol edi, 24 + xor %3d, esi + xor %4d, edi + + movzx esi, bl + movzx edi, bh + movzx esi, t_ref(i,rsi) + movzx edi, t_ref(i,rdi) + shr ebx, 16 + xor %2d, esi + rol edi, 8 + xor %3d, edi + movzx esi, bl + movzx edi, bh + movzx esi, t_ref(i,rsi) + movzx edi, t_ref(i,rdi) + rol esi, 16 + rol edi, 24 + xor %4d, esi + xor %1d, edi + + movzx esi, cl + movzx edi, ch + movzx esi, t_ref(i,rsi) + movzx edi, t_ref(i,rdi) + shr ecx, 16 + xor %3d, esi + rol edi, 8 + xor %4d, edi + movzx esi, cl + movzx edi, ch + movzx esi, t_ref(i,rsi) + movzx edi, t_ref(i,rdi) + rol esi, 16 + rol edi, 24 + xor %1d, esi + xor %2d, edi + + movzx esi, dl + movzx edi, dh + movzx esi, t_ref(i,rsi) + movzx edi, t_ref(i,rdi) + shr edx, 16 + xor %4d, esi + rol edi, 8 + xor %1d, edi + movzx esi, dl + movzx edi, dh + movzx esi, t_ref(i,rsi) + movzx edi, t_ref(i,rdi) + rol esi, 16 + rol edi, 24 + xor %2d, esi + xor %3d, edi +%endmacro + +%endif + +%ifdef ENCRYPTION + + global aes_encrypt +%ifdef DLL_EXPORT + export aes_encrypt +%endif + + section .data align=64 + align 64 +enc_tab: + enc_vals u8 +%ifdef LAST_ROUND_TABLES + enc_vals w8 +%endif + + section .text align=16 + align 16 + +%ifdef _SEH_ +proc_frame aes_encrypt + alloc_stack 7*8 ; 7 to align stack to 16 bytes + save_reg rsi,4*8 + save_reg rdi,5*8 + save_reg rbx,1*8 + save_reg rbp,2*8 + save_reg r12,3*8 +end_prologue + mov rdi, rcx ; input pointer + mov [rsp+0*8], rdx ; output pointer +%else + aes_encrypt: + %ifdef __GNUC__ + sub rsp, 4*8 ; gnu/linux binary interface + mov [rsp+0*8], rsi ; output pointer + mov r8, rdx ; context + %else + sub rsp, 6*8 ; windows binary interface + mov [rsp+4*8], rsi + mov [rsp+5*8], rdi + mov rdi, rcx ; input pointer + mov [rsp+0*8], rdx ; output pointer + %endif + mov [rsp+1*8], rbx ; input pointer in rdi + mov [rsp+2*8], rbp ; output pointer in [rsp] + mov [rsp+3*8], r12 ; context in r8 +%endif + + movzx esi, byte [kptr+4*KS_LENGTH] + lea tptr, [rel enc_tab] + sub kptr, fofs + + mov eax, [rdi+0*4] + mov ebx, [rdi+1*4] + mov ecx, [rdi+2*4] + mov edx, [rdi+3*4] + + xor eax, [kptr+fofs] + xor ebx, [kptr+fofs+4] + xor ecx, [kptr+fofs+8] + xor edx, [kptr+fofs+12] + + lea kptr,[kptr+rsi] + cmp esi, 10*16 + je .3 + cmp esi, 12*16 + je .2 + cmp esi, 14*16 + je .1 + mov rax, -1 + jmp .4 + +.1: ff_rnd r9, r10, r11, r12, 13 + ff_rnd r9, r10, r11, r12, 12 +.2: ff_rnd r9, r10, r11, r12, 11 + ff_rnd r9, r10, r11, r12, 10 +.3: ff_rnd r9, r10, r11, r12, 9 + ff_rnd r9, r10, r11, r12, 8 + ff_rnd r9, r10, r11, r12, 7 + ff_rnd r9, r10, r11, r12, 6 + ff_rnd r9, r10, r11, r12, 5 + ff_rnd r9, r10, r11, r12, 4 + ff_rnd r9, r10, r11, r12, 3 + ff_rnd r9, r10, r11, r12, 2 + ff_rnd r9, r10, r11, r12, 1 + fl_rnd r9, r10, r11, r12, 0 + + mov rbx, [rsp] + mov [rbx], r9d + mov [rbx+4], r10d + mov [rbx+8], r11d + mov [rbx+12], r12d + xor rax, rax +.4: + mov rbx, [rsp+1*8] + mov rbp, [rsp+2*8] + mov r12, [rsp+3*8] +%ifdef __GNUC__ + add rsp, 4*8 + ret +%else + mov rsi, [rsp+4*8] + mov rdi, [rsp+5*8] + %ifdef _SEH_ + add rsp, 7*8 + ret + endproc_frame + %else + add rsp, 6*8 + ret + %endif +%endif + +%endif + +%ifdef DECRYPTION + + global aes_decrypt +%ifdef DLL_EXPORT + export aes_decrypt +%endif + + section .data + align 64 +dec_tab: + dec_vals v8 +%ifdef LAST_ROUND_TABLES + dec_vals w8 +%endif + + section .text + align 16 + +%ifdef _SEH_ +proc_frame aes_decrypt + alloc_stack 7*8 ; 7 to align stack to 16 bytes + save_reg rsi,4*8 + save_reg rdi,5*8 + save_reg rbx,1*8 + save_reg rbp,2*8 + save_reg r12,3*8 +end_prologue + mov rdi, rcx ; input pointer + mov [rsp+0*8], rdx ; output pointer +%else + aes_decrypt: + %ifdef __GNUC__ + sub rsp, 4*8 ; gnu/linux binary interface + mov [rsp+0*8], rsi ; output pointer + mov r8, rdx ; context + %else + sub rsp, 6*8 ; windows binary interface + mov [rsp+4*8], rsi + mov [rsp+5*8], rdi + mov rdi, rcx ; input pointer + mov [rsp+0*8], rdx ; output pointer + %endif + mov [rsp+1*8], rbx ; input pointer in rdi + mov [rsp+2*8], rbp ; output pointer in [rsp] + mov [rsp+3*8], r12 ; context in r8 +%endif + + movzx esi,byte[kptr+4*KS_LENGTH] + lea tptr, [rel dec_tab] + sub kptr, rofs + + mov eax, [rdi+0*4] + mov ebx, [rdi+1*4] + mov ecx, [rdi+2*4] + mov edx, [rdi+3*4] + +%ifdef AES_REV_DKS + mov rdi, kptr + lea kptr,[kptr+rsi] +%else + lea rdi,[kptr+rsi] +%endif + + xor eax, [rdi+rofs] + xor ebx, [rdi+rofs+4] + xor ecx, [rdi+rofs+8] + xor edx, [rdi+rofs+12] + + cmp esi, 10*16 + je .3 + cmp esi, 12*16 + je .2 + cmp esi, 14*16 + je .1 + mov rax, -1 + jmp .4 + +.1: ii_rnd r9, r10, r11, r12, 13 + ii_rnd r9, r10, r11, r12, 12 +.2: ii_rnd r9, r10, r11, r12, 11 + ii_rnd r9, r10, r11, r12, 10 +.3: ii_rnd r9, r10, r11, r12, 9 + ii_rnd r9, r10, r11, r12, 8 + ii_rnd r9, r10, r11, r12, 7 + ii_rnd r9, r10, r11, r12, 6 + ii_rnd r9, r10, r11, r12, 5 + ii_rnd r9, r10, r11, r12, 4 + ii_rnd r9, r10, r11, r12, 3 + ii_rnd r9, r10, r11, r12, 2 + ii_rnd r9, r10, r11, r12, 1 + il_rnd r9, r10, r11, r12, 0 + + mov rbx, [rsp] + mov [rbx], r9d + mov [rbx+4], r10d + mov [rbx+8], r11d + mov [rbx+12], r12d + xor rax, rax +.4: mov rbx, [rsp+1*8] + mov rbp, [rsp+2*8] + mov r12, [rsp+3*8] +%ifdef __GNUC__ + add rsp, 4*8 + ret +%else + mov rsi, [rsp+4*8] + mov rdi, [rsp+5*8] + %ifdef _SEH_ + add rsp, 7*8 + ret + endproc_frame + %else + add rsp, 6*8 + ret + %endif +%endif + +%endif diff --git a/src/Crypto/Aes_x86.asm b/src/Crypto/Aes_x86.asm index 239da3e3..3825deee 100644 --- a/src/Crypto/Aes_x86.asm +++ b/src/Crypto/Aes_x86.asm @@ -1,646 +1,646 @@ - -; --------------------------------------------------------------------------- -; Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. -; -; LICENSE TERMS -; -; The free distribution and use of this software is allowed (with or without -; changes) provided that: -; -; 1. source code distributions include the above copyright notice, this -; list of conditions and the following disclaimer; -; -; 2. binary distributions include the above copyright notice, this list -; of conditions and the following disclaimer in their documentation; -; -; 3. the name of the copyright holder is not used to endorse products -; built using this software without specific written permission. -; -; DISCLAIMER -; -; This software is provided 'as is' with no explicit or implied warranties -; in respect of its properties, including, but not limited to, correctness -; and/or fitness for purpose. -; --------------------------------------------------------------------------- -; Issue 20/12/2007 -; -; This code requires ASM_X86_V1C to be set in aesopt.h. It requires the C files -; aeskey.c and aestab.c for support. - -; -; Adapted for TrueCrypt: -; - Compatibility with NASM and GCC -; - -; An AES implementation for x86 processors using the YASM (or NASM) assembler. -; This is an assembler implementation that covers encryption and decryption -; only and is intended as a replacement of the C file aescrypt.c. It hence -; requires the file aeskey.c for keying and aestab.c for the AES tables. It -; employs full tables rather than compressed tables. - -; This code provides the standard AES block size (128 bits, 16 bytes) and the -; three standard AES key sizes (128, 192 and 256 bits). It has the same call -; interface as my C implementation. The ebx, esi, edi and ebp registers are -; preserved across calls but eax, ecx and edx and the artihmetic status flags -; are not. It is also important that the defines below match those used in the -; C code. This code uses the VC++ register saving conentions; if it is used -; with another compiler, conventions for using and saving registers may need to -; be checked (and calling conventions). The YASM command line for the VC++ -; custom build step is: -; -; yasm -Xvc -f win32 -o "$(TargetDir)\$(InputName).obj" "$(InputPath)" -; -; The calling intefaces are: -; -; AES_RETURN aes_encrypt(const unsigned char in_blk[], -; unsigned char out_blk[], const aes_encrypt_ctx cx[1]); -; -; AES_RETURN aes_decrypt(const unsigned char in_blk[], -; unsigned char out_blk[], const aes_decrypt_ctx cx[1]); -; -; AES_RETURN aes_encrypt_key(const unsigned char key[], -; const aes_encrypt_ctx cx[1]); -; -; AES_RETURN aes_decrypt_key(const unsigned char key[], -; const aes_decrypt_ctx cx[1]); -; -; AES_RETURN aes_encrypt_key(const unsigned char key[], -; unsigned int len, const aes_decrypt_ctx cx[1]); -; -; AES_RETURN aes_decrypt_key(const unsigned char key[], -; unsigned int len, const aes_decrypt_ctx cx[1]); -; -; where is 128, 102 or 256. In the last two calls the length can be in -; either bits or bytes. -; -; Comment in/out the following lines to obtain the desired subroutines. These -; selections MUST match those in the C header file aes.h - -; %define AES_128 ; define if AES with 128 bit keys is needed -; %define AES_192 ; define if AES with 192 bit keys is needed -%define AES_256 ; define if AES with 256 bit keys is needed -; %define AES_VAR ; define if a variable key size is needed -%define ENCRYPTION ; define if encryption is needed -%define DECRYPTION ; define if decryption is needed -%define AES_REV_DKS ; define if key decryption schedule is reversed -%define LAST_ROUND_TABLES ; define if tables are to be used for last round - -; offsets to parameters - -in_blk equ 4 ; input byte array address parameter -out_blk equ 8 ; output byte array address parameter -ctx equ 12 ; AES context structure -stk_spc equ 20 ; stack space -%define parms 12 ; parameter space on stack - -; The encryption key schedule has the following in memory layout where N is the -; number of rounds (10, 12 or 14): -; -; lo: | input key (round 0) | ; each round is four 32-bit words -; | encryption round 1 | -; | encryption round 2 | -; .... -; | encryption round N-1 | -; hi: | encryption round N | -; -; The decryption key schedule is normally set up so that it has the same -; layout as above by actually reversing the order of the encryption key -; schedule in memory (this happens when AES_REV_DKS is set): -; -; lo: | decryption round 0 | = | encryption round N | -; | decryption round 1 | = INV_MIX_COL[ | encryption round N-1 | ] -; | decryption round 2 | = INV_MIX_COL[ | encryption round N-2 | ] -; .... .... -; | decryption round N-1 | = INV_MIX_COL[ | encryption round 1 | ] -; hi: | decryption round N | = | input key (round 0) | -; -; with rounds except the first and last modified using inv_mix_column() -; But if AES_REV_DKS is NOT set the order of keys is left as it is for -; encryption so that it has to be accessed in reverse when used for -; decryption (although the inverse mix column modifications are done) -; -; lo: | decryption round 0 | = | input key (round 0) | -; | decryption round 1 | = INV_MIX_COL[ | encryption round 1 | ] -; | decryption round 2 | = INV_MIX_COL[ | encryption round 2 | ] -; .... .... -; | decryption round N-1 | = INV_MIX_COL[ | encryption round N-1 | ] -; hi: | decryption round N | = | encryption round N | -; -; This layout is faster when the assembler key scheduling provided here -; is used. -; -; The DLL interface must use the _stdcall convention in which the number -; of bytes of parameter space is added after an @ to the sutine's name. -; We must also remove our parameters from the stack before return (see -; the do_exit macro). Define DLL_EXPORT for the Dynamic Link Library version. - -;%define DLL_EXPORT - -; End of user defines - -%ifdef AES_VAR -%ifndef AES_128 -%define AES_128 -%endif -%ifndef AES_192 -%define AES_192 -%endif -%ifndef AES_256 -%define AES_256 -%endif -%endif - -%ifdef AES_VAR -%define KS_LENGTH 60 -%elifdef AES_256 -%define KS_LENGTH 60 -%elifdef AES_192 -%define KS_LENGTH 52 -%else -%define KS_LENGTH 44 -%endif - -; These macros implement stack based local variables - -%macro save 2 - mov [esp+4*%1],%2 -%endmacro - -%macro restore 2 - mov %1,[esp+4*%2] -%endmacro - -; the DLL has to implement the _stdcall calling interface on return -; In this case we have to take our parameters (3 4-byte pointers) -; off the stack - -%macro do_name 1-2 parms -%ifndef DLL_EXPORT - align 32 - global %1 -%1: -%else - align 32 - global %1@%2 - export _%1@%2 -%1@%2: -%endif -%endmacro - -%macro do_call 1-2 parms -%ifndef DLL_EXPORT - call %1 - add esp,%2 -%else - call %1@%2 -%endif -%endmacro - -%macro do_exit 0-1 parms -%ifdef DLL_EXPORT - ret %1 -%else - ret -%endif -%endmacro - -%ifdef ENCRYPTION - - extern t_fn - -%define etab_0(x) [t_fn+4*x] -%define etab_1(x) [t_fn+1024+4*x] -%define etab_2(x) [t_fn+2048+4*x] -%define etab_3(x) [t_fn+3072+4*x] - -%ifdef LAST_ROUND_TABLES - - extern t_fl - -%define eltab_0(x) [t_fl+4*x] -%define eltab_1(x) [t_fl+1024+4*x] -%define eltab_2(x) [t_fl+2048+4*x] -%define eltab_3(x) [t_fl+3072+4*x] - -%else - -%define etab_b(x) byte [t_fn+3072+4*x] - -%endif - -; ROUND FUNCTION. Build column[2] on ESI and column[3] on EDI that have the -; round keys pre-loaded. Build column[0] in EBP and column[1] in EBX. -; -; Input: -; -; EAX column[0] -; EBX column[1] -; ECX column[2] -; EDX column[3] -; ESI column key[round][2] -; EDI column key[round][3] -; EBP scratch -; -; Output: -; -; EBP column[0] unkeyed -; EBX column[1] unkeyed -; ESI column[2] keyed -; EDI column[3] keyed -; EAX scratch -; ECX scratch -; EDX scratch - -%macro rnd_fun 2 - - rol ebx,16 - %1 esi, cl, 0, ebp - %1 esi, dh, 1, ebp - %1 esi, bh, 3, ebp - %1 edi, dl, 0, ebp - %1 edi, ah, 1, ebp - %1 edi, bl, 2, ebp - %2 ebp, al, 0, ebp - shr ebx,16 - and eax,0xffff0000 - or eax,ebx - shr edx,16 - %1 ebp, ah, 1, ebx - %1 ebp, dh, 3, ebx - %2 ebx, dl, 2, ebx - %1 ebx, ch, 1, edx - %1 ebx, al, 0, edx - shr eax,16 - shr ecx,16 - %1 ebp, cl, 2, edx - %1 edi, ch, 3, edx - %1 esi, al, 2, edx - %1 ebx, ah, 3, edx - -%endmacro - -; Basic MOV and XOR Operations for normal rounds - -%macro nr_xor 4 - movzx %4,%2 - xor %1,etab_%3(%4) -%endmacro - -%macro nr_mov 4 - movzx %4,%2 - mov %1,etab_%3(%4) -%endmacro - -; Basic MOV and XOR Operations for last round - -%ifdef LAST_ROUND_TABLES - - %macro lr_xor 4 - movzx %4,%2 - xor %1,eltab_%3(%4) - %endmacro - - %macro lr_mov 4 - movzx %4,%2 - mov %1,eltab_%3(%4) - %endmacro - -%else - - %macro lr_xor 4 - movzx %4,%2 - movzx %4,etab_b(%4) - %if %3 != 0 - shl %4,8*%3 - %endif - xor %1,%4 - %endmacro - - %macro lr_mov 4 - movzx %4,%2 - movzx %1,etab_b(%4) - %if %3 != 0 - shl %1,8*%3 - %endif - %endmacro - -%endif - -%macro enc_round 0 - - add ebp,16 - save 0,ebp - mov esi,[ebp+8] - mov edi,[ebp+12] - - rnd_fun nr_xor, nr_mov - - mov eax,ebp - mov ecx,esi - mov edx,edi - restore ebp,0 - xor eax,[ebp] - xor ebx,[ebp+4] - -%endmacro - -%macro enc_last_round 0 - - add ebp,16 - save 0,ebp - mov esi,[ebp+8] - mov edi,[ebp+12] - - rnd_fun lr_xor, lr_mov - - mov eax,ebp - restore ebp,0 - xor eax,[ebp] - xor ebx,[ebp+4] - -%endmacro - - section .text align=32 - -; AES Encryption Subroutine - - do_name aes_encrypt - - sub esp,stk_spc - mov [esp+16],ebp - mov [esp+12],ebx - mov [esp+ 8],esi - mov [esp+ 4],edi - - mov esi,[esp+in_blk+stk_spc] ; input pointer - mov eax,[esi ] - mov ebx,[esi+ 4] - mov ecx,[esi+ 8] - mov edx,[esi+12] - - mov ebp,[esp+ctx+stk_spc] ; key pointer - movzx edi,byte [ebp+4*KS_LENGTH] - xor eax,[ebp ] - xor ebx,[ebp+ 4] - xor ecx,[ebp+ 8] - xor edx,[ebp+12] - -; determine the number of rounds - - cmp edi,10*16 - je .3 - cmp edi,12*16 - je .2 - cmp edi,14*16 - je .1 - mov eax,-1 - jmp .5 - -.1: enc_round - enc_round -.2: enc_round - enc_round -.3: enc_round - enc_round - enc_round - enc_round - enc_round - enc_round - enc_round - enc_round - enc_round - enc_last_round - - mov edx,[esp+out_blk+stk_spc] - mov [edx],eax - mov [edx+4],ebx - mov [edx+8],esi - mov [edx+12],edi - xor eax,eax - -.5: mov ebp,[esp+16] - mov ebx,[esp+12] - mov esi,[esp+ 8] - mov edi,[esp+ 4] - add esp,stk_spc - do_exit - -%endif - -%ifdef DECRYPTION - - extern t_in - -%define dtab_0(x) [t_in+4*x] -%define dtab_1(x) [t_in+1024+4*x] -%define dtab_2(x) [t_in+2048+4*x] -%define dtab_3(x) [t_in+3072+4*x] - -%ifdef LAST_ROUND_TABLES - - extern t_il - -%define dltab_0(x) [t_il+4*x] -%define dltab_1(x) [t_il+1024+4*x] -%define dltab_2(x) [t_il+2048+4*x] -%define dltab_3(x) [t_il+3072+4*x] - -%else - - extern _t_ibox - -%define dtab_x(x) byte [_t_ibox+x] - -%endif - -%macro irn_fun 2 - - rol eax,16 - %1 esi, cl, 0, ebp - %1 esi, bh, 1, ebp - %1 esi, al, 2, ebp - %1 edi, dl, 0, ebp - %1 edi, ch, 1, ebp - %1 edi, ah, 3, ebp - %2 ebp, bl, 0, ebp - shr eax,16 - and ebx,0xffff0000 - or ebx,eax - shr ecx,16 - %1 ebp, bh, 1, eax - %1 ebp, ch, 3, eax - %2 eax, cl, 2, ecx - %1 eax, bl, 0, ecx - %1 eax, dh, 1, ecx - shr ebx,16 - shr edx,16 - %1 esi, dh, 3, ecx - %1 ebp, dl, 2, ecx - %1 eax, bh, 3, ecx - %1 edi, bl, 2, ecx - -%endmacro - -; Basic MOV and XOR Operations for normal rounds - -%macro ni_xor 4 - movzx %4,%2 - xor %1,dtab_%3(%4) -%endmacro - -%macro ni_mov 4 - movzx %4,%2 - mov %1,dtab_%3(%4) -%endmacro - -; Basic MOV and XOR Operations for last round - -%ifdef LAST_ROUND_TABLES - -%macro li_xor 4 - movzx %4,%2 - xor %1,dltab_%3(%4) -%endmacro - -%macro li_mov 4 - movzx %4,%2 - mov %1,dltab_%3(%4) -%endmacro - -%else - - %macro li_xor 4 - movzx %4,%2 - movzx %4,dtab_x(%4) - %if %3 != 0 - shl %4,8*%3 - %endif - xor %1,%4 - %endmacro - - %macro li_mov 4 - movzx %4,%2 - movzx %1,dtab_x(%4) - %if %3 != 0 - shl %1,8*%3 - %endif - %endmacro - -%endif - -%macro dec_round 0 - -%ifdef AES_REV_DKS - add ebp,16 -%else - sub ebp,16 -%endif - save 0,ebp - mov esi,[ebp+8] - mov edi,[ebp+12] - - irn_fun ni_xor, ni_mov - - mov ebx,ebp - mov ecx,esi - mov edx,edi - restore ebp,0 - xor eax,[ebp] - xor ebx,[ebp+4] - -%endmacro - -%macro dec_last_round 0 - -%ifdef AES_REV_DKS - add ebp,16 -%else - sub ebp,16 -%endif - save 0,ebp - mov esi,[ebp+8] - mov edi,[ebp+12] - - irn_fun li_xor, li_mov - - mov ebx,ebp - restore ebp,0 - xor eax,[ebp] - xor ebx,[ebp+4] - -%endmacro - - section .text - -; AES Decryption Subroutine - - do_name aes_decrypt - - sub esp,stk_spc - mov [esp+16],ebp - mov [esp+12],ebx - mov [esp+ 8],esi - mov [esp+ 4],edi - -; input four columns and xor in first round key - - mov esi,[esp+in_blk+stk_spc] ; input pointer - mov eax,[esi ] - mov ebx,[esi+ 4] - mov ecx,[esi+ 8] - mov edx,[esi+12] - lea esi,[esi+16] - - mov ebp,[esp+ctx+stk_spc] ; key pointer - movzx edi,byte[ebp+4*KS_LENGTH] -%ifndef AES_REV_DKS ; if decryption key schedule is not reversed - lea ebp,[ebp+edi] ; we have to access it from the top down -%endif - xor eax,[ebp ] ; key schedule - xor ebx,[ebp+ 4] - xor ecx,[ebp+ 8] - xor edx,[ebp+12] - -; determine the number of rounds - - cmp edi,10*16 - je .3 - cmp edi,12*16 - je .2 - cmp edi,14*16 - je .1 - mov eax,-1 - jmp .5 - -.1: dec_round - dec_round -.2: dec_round - dec_round -.3: dec_round - dec_round - dec_round - dec_round - dec_round - dec_round - dec_round - dec_round - dec_round - dec_last_round - -; move final values to the output array. - - mov ebp,[esp+out_blk+stk_spc] - mov [ebp],eax - mov [ebp+4],ebx - mov [ebp+8],esi - mov [ebp+12],edi - xor eax,eax - -.5: mov ebp,[esp+16] - mov ebx,[esp+12] - mov esi,[esp+ 8] - mov edi,[esp+ 4] - add esp,stk_spc - do_exit - -%endif + +; --------------------------------------------------------------------------- +; Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. +; +; LICENSE TERMS +; +; The free distribution and use of this software is allowed (with or without +; changes) provided that: +; +; 1. source code distributions include the above copyright notice, this +; list of conditions and the following disclaimer; +; +; 2. binary distributions include the above copyright notice, this list +; of conditions and the following disclaimer in their documentation; +; +; 3. the name of the copyright holder is not used to endorse products +; built using this software without specific written permission. +; +; DISCLAIMER +; +; This software is provided 'as is' with no explicit or implied warranties +; in respect of its properties, including, but not limited to, correctness +; and/or fitness for purpose. +; --------------------------------------------------------------------------- +; Issue 20/12/2007 +; +; This code requires ASM_X86_V1C to be set in aesopt.h. It requires the C files +; aeskey.c and aestab.c for support. + +; +; Adapted for TrueCrypt: +; - Compatibility with NASM and GCC +; + +; An AES implementation for x86 processors using the YASM (or NASM) assembler. +; This is an assembler implementation that covers encryption and decryption +; only and is intended as a replacement of the C file aescrypt.c. It hence +; requires the file aeskey.c for keying and aestab.c for the AES tables. It +; employs full tables rather than compressed tables. + +; This code provides the standard AES block size (128 bits, 16 bytes) and the +; three standard AES key sizes (128, 192 and 256 bits). It has the same call +; interface as my C implementation. The ebx, esi, edi and ebp registers are +; preserved across calls but eax, ecx and edx and the artihmetic status flags +; are not. It is also important that the defines below match those used in the +; C code. This code uses the VC++ register saving conentions; if it is used +; with another compiler, conventions for using and saving registers may need to +; be checked (and calling conventions). The YASM command line for the VC++ +; custom build step is: +; +; yasm -Xvc -f win32 -o "$(TargetDir)\$(InputName).obj" "$(InputPath)" +; +; The calling intefaces are: +; +; AES_RETURN aes_encrypt(const unsigned char in_blk[], +; unsigned char out_blk[], const aes_encrypt_ctx cx[1]); +; +; AES_RETURN aes_decrypt(const unsigned char in_blk[], +; unsigned char out_blk[], const aes_decrypt_ctx cx[1]); +; +; AES_RETURN aes_encrypt_key(const unsigned char key[], +; const aes_encrypt_ctx cx[1]); +; +; AES_RETURN aes_decrypt_key(const unsigned char key[], +; const aes_decrypt_ctx cx[1]); +; +; AES_RETURN aes_encrypt_key(const unsigned char key[], +; unsigned int len, const aes_decrypt_ctx cx[1]); +; +; AES_RETURN aes_decrypt_key(const unsigned char key[], +; unsigned int len, const aes_decrypt_ctx cx[1]); +; +; where is 128, 102 or 256. In the last two calls the length can be in +; either bits or bytes. +; +; Comment in/out the following lines to obtain the desired subroutines. These +; selections MUST match those in the C header file aes.h + +; %define AES_128 ; define if AES with 128 bit keys is needed +; %define AES_192 ; define if AES with 192 bit keys is needed +%define AES_256 ; define if AES with 256 bit keys is needed +; %define AES_VAR ; define if a variable key size is needed +%define ENCRYPTION ; define if encryption is needed +%define DECRYPTION ; define if decryption is needed +%define AES_REV_DKS ; define if key decryption schedule is reversed +%define LAST_ROUND_TABLES ; define if tables are to be used for last round + +; offsets to parameters + +in_blk equ 4 ; input byte array address parameter +out_blk equ 8 ; output byte array address parameter +ctx equ 12 ; AES context structure +stk_spc equ 20 ; stack space +%define parms 12 ; parameter space on stack + +; The encryption key schedule has the following in memory layout where N is the +; number of rounds (10, 12 or 14): +; +; lo: | input key (round 0) | ; each round is four 32-bit words +; | encryption round 1 | +; | encryption round 2 | +; .... +; | encryption round N-1 | +; hi: | encryption round N | +; +; The decryption key schedule is normally set up so that it has the same +; layout as above by actually reversing the order of the encryption key +; schedule in memory (this happens when AES_REV_DKS is set): +; +; lo: | decryption round 0 | = | encryption round N | +; | decryption round 1 | = INV_MIX_COL[ | encryption round N-1 | ] +; | decryption round 2 | = INV_MIX_COL[ | encryption round N-2 | ] +; .... .... +; | decryption round N-1 | = INV_MIX_COL[ | encryption round 1 | ] +; hi: | decryption round N | = | input key (round 0) | +; +; with rounds except the first and last modified using inv_mix_column() +; But if AES_REV_DKS is NOT set the order of keys is left as it is for +; encryption so that it has to be accessed in reverse when used for +; decryption (although the inverse mix column modifications are done) +; +; lo: | decryption round 0 | = | input key (round 0) | +; | decryption round 1 | = INV_MIX_COL[ | encryption round 1 | ] +; | decryption round 2 | = INV_MIX_COL[ | encryption round 2 | ] +; .... .... +; | decryption round N-1 | = INV_MIX_COL[ | encryption round N-1 | ] +; hi: | decryption round N | = | encryption round N | +; +; This layout is faster when the assembler key scheduling provided here +; is used. +; +; The DLL interface must use the _stdcall convention in which the number +; of bytes of parameter space is added after an @ to the sutine's name. +; We must also remove our parameters from the stack before return (see +; the do_exit macro). Define DLL_EXPORT for the Dynamic Link Library version. + +;%define DLL_EXPORT + +; End of user defines + +%ifdef AES_VAR +%ifndef AES_128 +%define AES_128 +%endif +%ifndef AES_192 +%define AES_192 +%endif +%ifndef AES_256 +%define AES_256 +%endif +%endif + +%ifdef AES_VAR +%define KS_LENGTH 60 +%elifdef AES_256 +%define KS_LENGTH 60 +%elifdef AES_192 +%define KS_LENGTH 52 +%else +%define KS_LENGTH 44 +%endif + +; These macros implement stack based local variables + +%macro save 2 + mov [esp+4*%1],%2 +%endmacro + +%macro restore 2 + mov %1,[esp+4*%2] +%endmacro + +; the DLL has to implement the _stdcall calling interface on return +; In this case we have to take our parameters (3 4-byte pointers) +; off the stack + +%macro do_name 1-2 parms +%ifndef DLL_EXPORT + align 32 + global %1 +%1: +%else + align 32 + global %1@%2 + export _%1@%2 +%1@%2: +%endif +%endmacro + +%macro do_call 1-2 parms +%ifndef DLL_EXPORT + call %1 + add esp,%2 +%else + call %1@%2 +%endif +%endmacro + +%macro do_exit 0-1 parms +%ifdef DLL_EXPORT + ret %1 +%else + ret +%endif +%endmacro + +%ifdef ENCRYPTION + + extern t_fn + +%define etab_0(x) [t_fn+4*x] +%define etab_1(x) [t_fn+1024+4*x] +%define etab_2(x) [t_fn+2048+4*x] +%define etab_3(x) [t_fn+3072+4*x] + +%ifdef LAST_ROUND_TABLES + + extern t_fl + +%define eltab_0(x) [t_fl+4*x] +%define eltab_1(x) [t_fl+1024+4*x] +%define eltab_2(x) [t_fl+2048+4*x] +%define eltab_3(x) [t_fl+3072+4*x] + +%else + +%define etab_b(x) byte [t_fn+3072+4*x] + +%endif + +; ROUND FUNCTION. Build column[2] on ESI and column[3] on EDI that have the +; round keys pre-loaded. Build column[0] in EBP and column[1] in EBX. +; +; Input: +; +; EAX column[0] +; EBX column[1] +; ECX column[2] +; EDX column[3] +; ESI column key[round][2] +; EDI column key[round][3] +; EBP scratch +; +; Output: +; +; EBP column[0] unkeyed +; EBX column[1] unkeyed +; ESI column[2] keyed +; EDI column[3] keyed +; EAX scratch +; ECX scratch +; EDX scratch + +%macro rnd_fun 2 + + rol ebx,16 + %1 esi, cl, 0, ebp + %1 esi, dh, 1, ebp + %1 esi, bh, 3, ebp + %1 edi, dl, 0, ebp + %1 edi, ah, 1, ebp + %1 edi, bl, 2, ebp + %2 ebp, al, 0, ebp + shr ebx,16 + and eax,0xffff0000 + or eax,ebx + shr edx,16 + %1 ebp, ah, 1, ebx + %1 ebp, dh, 3, ebx + %2 ebx, dl, 2, ebx + %1 ebx, ch, 1, edx + %1 ebx, al, 0, edx + shr eax,16 + shr ecx,16 + %1 ebp, cl, 2, edx + %1 edi, ch, 3, edx + %1 esi, al, 2, edx + %1 ebx, ah, 3, edx + +%endmacro + +; Basic MOV and XOR Operations for normal rounds + +%macro nr_xor 4 + movzx %4,%2 + xor %1,etab_%3(%4) +%endmacro + +%macro nr_mov 4 + movzx %4,%2 + mov %1,etab_%3(%4) +%endmacro + +; Basic MOV and XOR Operations for last round + +%ifdef LAST_ROUND_TABLES + + %macro lr_xor 4 + movzx %4,%2 + xor %1,eltab_%3(%4) + %endmacro + + %macro lr_mov 4 + movzx %4,%2 + mov %1,eltab_%3(%4) + %endmacro + +%else + + %macro lr_xor 4 + movzx %4,%2 + movzx %4,etab_b(%4) + %if %3 != 0 + shl %4,8*%3 + %endif + xor %1,%4 + %endmacro + + %macro lr_mov 4 + movzx %4,%2 + movzx %1,etab_b(%4) + %if %3 != 0 + shl %1,8*%3 + %endif + %endmacro + +%endif + +%macro enc_round 0 + + add ebp,16 + save 0,ebp + mov esi,[ebp+8] + mov edi,[ebp+12] + + rnd_fun nr_xor, nr_mov + + mov eax,ebp + mov ecx,esi + mov edx,edi + restore ebp,0 + xor eax,[ebp] + xor ebx,[ebp+4] + +%endmacro + +%macro enc_last_round 0 + + add ebp,16 + save 0,ebp + mov esi,[ebp+8] + mov edi,[ebp+12] + + rnd_fun lr_xor, lr_mov + + mov eax,ebp + restore ebp,0 + xor eax,[ebp] + xor ebx,[ebp+4] + +%endmacro + + section .text align=32 + +; AES Encryption Subroutine + + do_name aes_encrypt + + sub esp,stk_spc + mov [esp+16],ebp + mov [esp+12],ebx + mov [esp+ 8],esi + mov [esp+ 4],edi + + mov esi,[esp+in_blk+stk_spc] ; input pointer + mov eax,[esi ] + mov ebx,[esi+ 4] + mov ecx,[esi+ 8] + mov edx,[esi+12] + + mov ebp,[esp+ctx+stk_spc] ; key pointer + movzx edi,byte [ebp+4*KS_LENGTH] + xor eax,[ebp ] + xor ebx,[ebp+ 4] + xor ecx,[ebp+ 8] + xor edx,[ebp+12] + +; determine the number of rounds + + cmp edi,10*16 + je .3 + cmp edi,12*16 + je .2 + cmp edi,14*16 + je .1 + mov eax,-1 + jmp .5 + +.1: enc_round + enc_round +.2: enc_round + enc_round +.3: enc_round + enc_round + enc_round + enc_round + enc_round + enc_round + enc_round + enc_round + enc_round + enc_last_round + + mov edx,[esp+out_blk+stk_spc] + mov [edx],eax + mov [edx+4],ebx + mov [edx+8],esi + mov [edx+12],edi + xor eax,eax + +.5: mov ebp,[esp+16] + mov ebx,[esp+12] + mov esi,[esp+ 8] + mov edi,[esp+ 4] + add esp,stk_spc + do_exit + +%endif + +%ifdef DECRYPTION + + extern t_in + +%define dtab_0(x) [t_in+4*x] +%define dtab_1(x) [t_in+1024+4*x] +%define dtab_2(x) [t_in+2048+4*x] +%define dtab_3(x) [t_in+3072+4*x] + +%ifdef LAST_ROUND_TABLES + + extern t_il + +%define dltab_0(x) [t_il+4*x] +%define dltab_1(x) [t_il+1024+4*x] +%define dltab_2(x) [t_il+2048+4*x] +%define dltab_3(x) [t_il+3072+4*x] + +%else + + extern _t_ibox + +%define dtab_x(x) byte [_t_ibox+x] + +%endif + +%macro irn_fun 2 + + rol eax,16 + %1 esi, cl, 0, ebp + %1 esi, bh, 1, ebp + %1 esi, al, 2, ebp + %1 edi, dl, 0, ebp + %1 edi, ch, 1, ebp + %1 edi, ah, 3, ebp + %2 ebp, bl, 0, ebp + shr eax,16 + and ebx,0xffff0000 + or ebx,eax + shr ecx,16 + %1 ebp, bh, 1, eax + %1 ebp, ch, 3, eax + %2 eax, cl, 2, ecx + %1 eax, bl, 0, ecx + %1 eax, dh, 1, ecx + shr ebx,16 + shr edx,16 + %1 esi, dh, 3, ecx + %1 ebp, dl, 2, ecx + %1 eax, bh, 3, ecx + %1 edi, bl, 2, ecx + +%endmacro + +; Basic MOV and XOR Operations for normal rounds + +%macro ni_xor 4 + movzx %4,%2 + xor %1,dtab_%3(%4) +%endmacro + +%macro ni_mov 4 + movzx %4,%2 + mov %1,dtab_%3(%4) +%endmacro + +; Basic MOV and XOR Operations for last round + +%ifdef LAST_ROUND_TABLES + +%macro li_xor 4 + movzx %4,%2 + xor %1,dltab_%3(%4) +%endmacro + +%macro li_mov 4 + movzx %4,%2 + mov %1,dltab_%3(%4) +%endmacro + +%else + + %macro li_xor 4 + movzx %4,%2 + movzx %4,dtab_x(%4) + %if %3 != 0 + shl %4,8*%3 + %endif + xor %1,%4 + %endmacro + + %macro li_mov 4 + movzx %4,%2 + movzx %1,dtab_x(%4) + %if %3 != 0 + shl %1,8*%3 + %endif + %endmacro + +%endif + +%macro dec_round 0 + +%ifdef AES_REV_DKS + add ebp,16 +%else + sub ebp,16 +%endif + save 0,ebp + mov esi,[ebp+8] + mov edi,[ebp+12] + + irn_fun ni_xor, ni_mov + + mov ebx,ebp + mov ecx,esi + mov edx,edi + restore ebp,0 + xor eax,[ebp] + xor ebx,[ebp+4] + +%endmacro + +%macro dec_last_round 0 + +%ifdef AES_REV_DKS + add ebp,16 +%else + sub ebp,16 +%endif + save 0,ebp + mov esi,[ebp+8] + mov edi,[ebp+12] + + irn_fun li_xor, li_mov + + mov ebx,ebp + restore ebp,0 + xor eax,[ebp] + xor ebx,[ebp+4] + +%endmacro + + section .text + +; AES Decryption Subroutine + + do_name aes_decrypt + + sub esp,stk_spc + mov [esp+16],ebp + mov [esp+12],ebx + mov [esp+ 8],esi + mov [esp+ 4],edi + +; input four columns and xor in first round key + + mov esi,[esp+in_blk+stk_spc] ; input pointer + mov eax,[esi ] + mov ebx,[esi+ 4] + mov ecx,[esi+ 8] + mov edx,[esi+12] + lea esi,[esi+16] + + mov ebp,[esp+ctx+stk_spc] ; key pointer + movzx edi,byte[ebp+4*KS_LENGTH] +%ifndef AES_REV_DKS ; if decryption key schedule is not reversed + lea ebp,[ebp+edi] ; we have to access it from the top down +%endif + xor eax,[ebp ] ; key schedule + xor ebx,[ebp+ 4] + xor ecx,[ebp+ 8] + xor edx,[ebp+12] + +; determine the number of rounds + + cmp edi,10*16 + je .3 + cmp edi,12*16 + je .2 + cmp edi,14*16 + je .1 + mov eax,-1 + jmp .5 + +.1: dec_round + dec_round +.2: dec_round + dec_round +.3: dec_round + dec_round + dec_round + dec_round + dec_round + dec_round + dec_round + dec_round + dec_round + dec_last_round + +; move final values to the output array. + + mov ebp,[esp+out_blk+stk_spc] + mov [ebp],eax + mov [ebp+4],ebx + mov [ebp+8],esi + mov [ebp+12],edi + xor eax,eax + +.5: mov ebp,[esp+16] + mov ebx,[esp+12] + mov esi,[esp+ 8] + mov edi,[esp+ 4] + add esp,stk_spc + do_exit + +%endif diff --git a/src/Crypto/Aescrypt.c b/src/Crypto/Aescrypt.c index c77ec675..46175981 100644 --- a/src/Crypto/Aescrypt.c +++ b/src/Crypto/Aescrypt.c @@ -1,311 +1,311 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software is allowed (with or without - changes) provided that: - - 1. source code distributions include the above copyright notice, this - list of conditions and the following disclaimer; - - 2. binary distributions include the above copyright notice, this list - of conditions and the following disclaimer in their documentation; - - 3. the name of the copyright holder is not used to endorse products - built using this software without specific written permission. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 20/12/2007 -*/ - -#include "Aesopt.h" -#include "Aestab.h" - -#if defined(__cplusplus) -extern "C" -{ -#endif - -#define si(y,x,k,c) (s(y,c) = word_in(x, c) ^ (k)[c]) -#define so(y,x,c) word_out(y, c, s(x,c)) - -#if defined(ARRAYS) -#define locals(y,x) x[4],y[4] -#else -#define locals(y,x) x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3 -#endif - -#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \ - s(y,2) = s(x,2); s(y,3) = s(x,3); -#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3) -#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3) -#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3) - -#if ( FUNCS_IN_C & ENCRYPTION_IN_C ) - -/* Visual C++ .Net v7.1 provides the fastest encryption code when using - Pentium optimiation with small code but this is poor for decryption - so we need to control this with the following VC++ pragmas -*/ - -#if defined( _MSC_VER ) && !defined( _WIN64 ) -#pragma optimize( "s", on ) -#endif - -/* Given the column (c) of the output state variable, the following - macros give the input state variables which are needed in its - computation for each row (r) of the state. All the alternative - macros give the same end values but expand into different ways - of calculating these values. In particular the complex macro - used for dynamically variable block sizes is designed to expand - to a compile time constant whenever possible but will expand to - conditional clauses on some branches (I am grateful to Frank - Yellin for this construction) -*/ - -#define fwd_var(x,r,c)\ - ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ - : r == 1 ? ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))\ - : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ - : ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))) - -#if defined(FT4_SET) -#undef dec_fmvars -#define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,n),fwd_var,rf1,c)) -#elif defined(FT1_SET) -#undef dec_fmvars -#define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(f,n),fwd_var,rf1,c)) -#else -#define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ fwd_mcol(no_table(x,t_use(s,box),fwd_var,rf1,c))) -#endif - -#if defined(FL4_SET) -#define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,l),fwd_var,rf1,c)) -#elif defined(FL1_SET) -#define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(f,l),fwd_var,rf1,c)) -#else -#define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(s,box),fwd_var,rf1,c)) -#endif - -AES_RETURN aes_encrypt(const unsigned char *in, unsigned char *out, const aes_encrypt_ctx cx[1]) -{ uint_32t locals(b0, b1); - const uint_32t *kp; -#if defined( dec_fmvars ) - dec_fmvars; /* declare variables for fwd_mcol() if needed */ -#endif - -#if defined( AES_ERR_CHK ) - if( cx->inf.b[0] != 10 * 16 && cx->inf.b[0] != 12 * 16 && cx->inf.b[0] != 14 * 16 ) - return EXIT_FAILURE; -#endif - - kp = cx->ks; - state_in(b0, in, kp); - -#if (ENC_UNROLL == FULL) - - switch(cx->inf.b[0]) - { - case 14 * 16: - round(fwd_rnd, b1, b0, kp + 1 * N_COLS); - round(fwd_rnd, b0, b1, kp + 2 * N_COLS); - kp += 2 * N_COLS; - case 12 * 16: - round(fwd_rnd, b1, b0, kp + 1 * N_COLS); - round(fwd_rnd, b0, b1, kp + 2 * N_COLS); - kp += 2 * N_COLS; - case 10 * 16: - round(fwd_rnd, b1, b0, kp + 1 * N_COLS); - round(fwd_rnd, b0, b1, kp + 2 * N_COLS); - round(fwd_rnd, b1, b0, kp + 3 * N_COLS); - round(fwd_rnd, b0, b1, kp + 4 * N_COLS); - round(fwd_rnd, b1, b0, kp + 5 * N_COLS); - round(fwd_rnd, b0, b1, kp + 6 * N_COLS); - round(fwd_rnd, b1, b0, kp + 7 * N_COLS); - round(fwd_rnd, b0, b1, kp + 8 * N_COLS); - round(fwd_rnd, b1, b0, kp + 9 * N_COLS); - round(fwd_lrnd, b0, b1, kp +10 * N_COLS); - } - -#else - -#if (ENC_UNROLL == PARTIAL) - { uint_32t rnd; - for(rnd = 0; rnd < (cx->inf.b[0] >> 5) - 1; ++rnd) - { - kp += N_COLS; - round(fwd_rnd, b1, b0, kp); - kp += N_COLS; - round(fwd_rnd, b0, b1, kp); - } - kp += N_COLS; - round(fwd_rnd, b1, b0, kp); -#else - { uint_32t rnd; - for(rnd = 0; rnd < (cx->inf.b[0] >> 4) - 1; ++rnd) - { - kp += N_COLS; - round(fwd_rnd, b1, b0, kp); - l_copy(b0, b1); - } -#endif - kp += N_COLS; - round(fwd_lrnd, b0, b1, kp); - } -#endif - - state_out(out, b0); - -#if defined( AES_ERR_CHK ) - return EXIT_SUCCESS; -#endif -} - -#endif - -#if ( FUNCS_IN_C & DECRYPTION_IN_C) - -/* Visual C++ .Net v7.1 provides the fastest encryption code when using - Pentium optimiation with small code but this is poor for decryption - so we need to control this with the following VC++ pragmas -*/ - -#if defined( _MSC_VER ) && !defined( _WIN64 ) -#pragma optimize( "t", on ) -#endif - -/* Given the column (c) of the output state variable, the following - macros give the input state variables which are needed in its - computation for each row (r) of the state. All the alternative - macros give the same end values but expand into different ways - of calculating these values. In particular the complex macro - used for dynamically variable block sizes is designed to expand - to a compile time constant whenever possible but will expand to - conditional clauses on some branches (I am grateful to Frank - Yellin for this construction) -*/ - -#define inv_var(x,r,c)\ - ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ - : r == 1 ? ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))\ - : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ - : ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))) - -#if defined(IT4_SET) -#undef dec_imvars -#define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,n),inv_var,rf1,c)) -#elif defined(IT1_SET) -#undef dec_imvars -#define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(i,n),inv_var,rf1,c)) -#else -#define inv_rnd(y,x,k,c) (s(y,c) = inv_mcol((k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c))) -#endif - -#if defined(IL4_SET) -#define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,l),inv_var,rf1,c)) -#elif defined(IL1_SET) -#define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(i,l),inv_var,rf1,c)) -#else -#define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c)) -#endif - -/* This code can work with the decryption key schedule in the */ -/* order that is used for encrytpion (where the 1st decryption */ -/* round key is at the high end ot the schedule) or with a key */ -/* schedule that has been reversed to put the 1st decryption */ -/* round key at the low end of the schedule in memory (when */ -/* AES_REV_DKS is defined) */ - -#ifdef AES_REV_DKS -#define key_ofs 0 -#define rnd_key(n) (kp + n * N_COLS) -#else -#define key_ofs 1 -#define rnd_key(n) (kp - n * N_COLS) -#endif - -AES_RETURN aes_decrypt(const unsigned char *in, unsigned char *out, const aes_decrypt_ctx cx[1]) -{ uint_32t locals(b0, b1); -#if defined( dec_imvars ) - dec_imvars; /* declare variables for inv_mcol() if needed */ -#endif - const uint_32t *kp; - -#if defined( AES_ERR_CHK ) - if( cx->inf.b[0] != 10 * 16 && cx->inf.b[0] != 12 * 16 && cx->inf.b[0] != 14 * 16 ) - return EXIT_FAILURE; -#endif - - kp = cx->ks + (key_ofs ? (cx->inf.b[0] >> 2) : 0); - state_in(b0, in, kp); - -#if (DEC_UNROLL == FULL) - - kp = cx->ks + (key_ofs ? 0 : (cx->inf.b[0] >> 2)); - switch(cx->inf.b[0]) - { - case 14 * 16: - round(inv_rnd, b1, b0, rnd_key(-13)); - round(inv_rnd, b0, b1, rnd_key(-12)); - case 12 * 16: - round(inv_rnd, b1, b0, rnd_key(-11)); - round(inv_rnd, b0, b1, rnd_key(-10)); - case 10 * 16: - round(inv_rnd, b1, b0, rnd_key(-9)); - round(inv_rnd, b0, b1, rnd_key(-8)); - round(inv_rnd, b1, b0, rnd_key(-7)); - round(inv_rnd, b0, b1, rnd_key(-6)); - round(inv_rnd, b1, b0, rnd_key(-5)); - round(inv_rnd, b0, b1, rnd_key(-4)); - round(inv_rnd, b1, b0, rnd_key(-3)); - round(inv_rnd, b0, b1, rnd_key(-2)); - round(inv_rnd, b1, b0, rnd_key(-1)); - round(inv_lrnd, b0, b1, rnd_key( 0)); - } - -#else - -#if (DEC_UNROLL == PARTIAL) - { uint_32t rnd; - for(rnd = 0; rnd < (cx->inf.b[0] >> 5) - 1; ++rnd) - { - kp = rnd_key(1); - round(inv_rnd, b1, b0, kp); - kp = rnd_key(1); - round(inv_rnd, b0, b1, kp); - } - kp = rnd_key(1); - round(inv_rnd, b1, b0, kp); -#else - { uint_32t rnd; - for(rnd = 0; rnd < (cx->inf.b[0] >> 4) - 1; ++rnd) - { - kp = rnd_key(1); - round(inv_rnd, b1, b0, kp); - l_copy(b0, b1); - } -#endif - kp = rnd_key(1); - round(inv_lrnd, b0, b1, kp); - } -#endif - - state_out(out, b0); - -#if defined( AES_ERR_CHK ) - return EXIT_SUCCESS; -#endif -} - -#endif - -#if defined(__cplusplus) -} -#endif +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 +*/ + +#include "Aesopt.h" +#include "Aestab.h" + +#if defined(__cplusplus) +extern "C" +{ +#endif + +#define si(y,x,k,c) (s(y,c) = word_in(x, c) ^ (k)[c]) +#define so(y,x,c) word_out(y, c, s(x,c)) + +#if defined(ARRAYS) +#define locals(y,x) x[4],y[4] +#else +#define locals(y,x) x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3 +#endif + +#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \ + s(y,2) = s(x,2); s(y,3) = s(x,3); +#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3) +#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3) +#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3) + +#if ( FUNCS_IN_C & ENCRYPTION_IN_C ) + +/* Visual C++ .Net v7.1 provides the fastest encryption code when using + Pentium optimiation with small code but this is poor for decryption + so we need to control this with the following VC++ pragmas +*/ + +#if defined( _MSC_VER ) && !defined( _WIN64 ) +#pragma optimize( "s", on ) +#endif + +/* Given the column (c) of the output state variable, the following + macros give the input state variables which are needed in its + computation for each row (r) of the state. All the alternative + macros give the same end values but expand into different ways + of calculating these values. In particular the complex macro + used for dynamically variable block sizes is designed to expand + to a compile time constant whenever possible but will expand to + conditional clauses on some branches (I am grateful to Frank + Yellin for this construction) +*/ + +#define fwd_var(x,r,c)\ + ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ + : r == 1 ? ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))\ + : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ + : ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))) + +#if defined(FT4_SET) +#undef dec_fmvars +#define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,n),fwd_var,rf1,c)) +#elif defined(FT1_SET) +#undef dec_fmvars +#define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(f,n),fwd_var,rf1,c)) +#else +#define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ fwd_mcol(no_table(x,t_use(s,box),fwd_var,rf1,c))) +#endif + +#if defined(FL4_SET) +#define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,l),fwd_var,rf1,c)) +#elif defined(FL1_SET) +#define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(f,l),fwd_var,rf1,c)) +#else +#define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(s,box),fwd_var,rf1,c)) +#endif + +AES_RETURN aes_encrypt(const unsigned char *in, unsigned char *out, const aes_encrypt_ctx cx[1]) +{ uint_32t locals(b0, b1); + const uint_32t *kp; +#if defined( dec_fmvars ) + dec_fmvars; /* declare variables for fwd_mcol() if needed */ +#endif + +#if defined( AES_ERR_CHK ) + if( cx->inf.b[0] != 10 * 16 && cx->inf.b[0] != 12 * 16 && cx->inf.b[0] != 14 * 16 ) + return EXIT_FAILURE; +#endif + + kp = cx->ks; + state_in(b0, in, kp); + +#if (ENC_UNROLL == FULL) + + switch(cx->inf.b[0]) + { + case 14 * 16: + round(fwd_rnd, b1, b0, kp + 1 * N_COLS); + round(fwd_rnd, b0, b1, kp + 2 * N_COLS); + kp += 2 * N_COLS; + case 12 * 16: + round(fwd_rnd, b1, b0, kp + 1 * N_COLS); + round(fwd_rnd, b0, b1, kp + 2 * N_COLS); + kp += 2 * N_COLS; + case 10 * 16: + round(fwd_rnd, b1, b0, kp + 1 * N_COLS); + round(fwd_rnd, b0, b1, kp + 2 * N_COLS); + round(fwd_rnd, b1, b0, kp + 3 * N_COLS); + round(fwd_rnd, b0, b1, kp + 4 * N_COLS); + round(fwd_rnd, b1, b0, kp + 5 * N_COLS); + round(fwd_rnd, b0, b1, kp + 6 * N_COLS); + round(fwd_rnd, b1, b0, kp + 7 * N_COLS); + round(fwd_rnd, b0, b1, kp + 8 * N_COLS); + round(fwd_rnd, b1, b0, kp + 9 * N_COLS); + round(fwd_lrnd, b0, b1, kp +10 * N_COLS); + } + +#else + +#if (ENC_UNROLL == PARTIAL) + { uint_32t rnd; + for(rnd = 0; rnd < (cx->inf.b[0] >> 5) - 1; ++rnd) + { + kp += N_COLS; + round(fwd_rnd, b1, b0, kp); + kp += N_COLS; + round(fwd_rnd, b0, b1, kp); + } + kp += N_COLS; + round(fwd_rnd, b1, b0, kp); +#else + { uint_32t rnd; + for(rnd = 0; rnd < (cx->inf.b[0] >> 4) - 1; ++rnd) + { + kp += N_COLS; + round(fwd_rnd, b1, b0, kp); + l_copy(b0, b1); + } +#endif + kp += N_COLS; + round(fwd_lrnd, b0, b1, kp); + } +#endif + + state_out(out, b0); + +#if defined( AES_ERR_CHK ) + return EXIT_SUCCESS; +#endif +} + +#endif + +#if ( FUNCS_IN_C & DECRYPTION_IN_C) + +/* Visual C++ .Net v7.1 provides the fastest encryption code when using + Pentium optimiation with small code but this is poor for decryption + so we need to control this with the following VC++ pragmas +*/ + +#if defined( _MSC_VER ) && !defined( _WIN64 ) +#pragma optimize( "t", on ) +#endif + +/* Given the column (c) of the output state variable, the following + macros give the input state variables which are needed in its + computation for each row (r) of the state. All the alternative + macros give the same end values but expand into different ways + of calculating these values. In particular the complex macro + used for dynamically variable block sizes is designed to expand + to a compile time constant whenever possible but will expand to + conditional clauses on some branches (I am grateful to Frank + Yellin for this construction) +*/ + +#define inv_var(x,r,c)\ + ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ + : r == 1 ? ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))\ + : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ + : ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))) + +#if defined(IT4_SET) +#undef dec_imvars +#define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,n),inv_var,rf1,c)) +#elif defined(IT1_SET) +#undef dec_imvars +#define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(i,n),inv_var,rf1,c)) +#else +#define inv_rnd(y,x,k,c) (s(y,c) = inv_mcol((k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c))) +#endif + +#if defined(IL4_SET) +#define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,l),inv_var,rf1,c)) +#elif defined(IL1_SET) +#define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(i,l),inv_var,rf1,c)) +#else +#define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c)) +#endif + +/* This code can work with the decryption key schedule in the */ +/* order that is used for encrytpion (where the 1st decryption */ +/* round key is at the high end ot the schedule) or with a key */ +/* schedule that has been reversed to put the 1st decryption */ +/* round key at the low end of the schedule in memory (when */ +/* AES_REV_DKS is defined) */ + +#ifdef AES_REV_DKS +#define key_ofs 0 +#define rnd_key(n) (kp + n * N_COLS) +#else +#define key_ofs 1 +#define rnd_key(n) (kp - n * N_COLS) +#endif + +AES_RETURN aes_decrypt(const unsigned char *in, unsigned char *out, const aes_decrypt_ctx cx[1]) +{ uint_32t locals(b0, b1); +#if defined( dec_imvars ) + dec_imvars; /* declare variables for inv_mcol() if needed */ +#endif + const uint_32t *kp; + +#if defined( AES_ERR_CHK ) + if( cx->inf.b[0] != 10 * 16 && cx->inf.b[0] != 12 * 16 && cx->inf.b[0] != 14 * 16 ) + return EXIT_FAILURE; +#endif + + kp = cx->ks + (key_ofs ? (cx->inf.b[0] >> 2) : 0); + state_in(b0, in, kp); + +#if (DEC_UNROLL == FULL) + + kp = cx->ks + (key_ofs ? 0 : (cx->inf.b[0] >> 2)); + switch(cx->inf.b[0]) + { + case 14 * 16: + round(inv_rnd, b1, b0, rnd_key(-13)); + round(inv_rnd, b0, b1, rnd_key(-12)); + case 12 * 16: + round(inv_rnd, b1, b0, rnd_key(-11)); + round(inv_rnd, b0, b1, rnd_key(-10)); + case 10 * 16: + round(inv_rnd, b1, b0, rnd_key(-9)); + round(inv_rnd, b0, b1, rnd_key(-8)); + round(inv_rnd, b1, b0, rnd_key(-7)); + round(inv_rnd, b0, b1, rnd_key(-6)); + round(inv_rnd, b1, b0, rnd_key(-5)); + round(inv_rnd, b0, b1, rnd_key(-4)); + round(inv_rnd, b1, b0, rnd_key(-3)); + round(inv_rnd, b0, b1, rnd_key(-2)); + round(inv_rnd, b1, b0, rnd_key(-1)); + round(inv_lrnd, b0, b1, rnd_key( 0)); + } + +#else + +#if (DEC_UNROLL == PARTIAL) + { uint_32t rnd; + for(rnd = 0; rnd < (cx->inf.b[0] >> 5) - 1; ++rnd) + { + kp = rnd_key(1); + round(inv_rnd, b1, b0, kp); + kp = rnd_key(1); + round(inv_rnd, b0, b1, kp); + } + kp = rnd_key(1); + round(inv_rnd, b1, b0, kp); +#else + { uint_32t rnd; + for(rnd = 0; rnd < (cx->inf.b[0] >> 4) - 1; ++rnd) + { + kp = rnd_key(1); + round(inv_rnd, b1, b0, kp); + l_copy(b0, b1); + } +#endif + kp = rnd_key(1); + round(inv_lrnd, b0, b1, kp); + } +#endif + + state_out(out, b0); + +#if defined( AES_ERR_CHK ) + return EXIT_SUCCESS; +#endif +} + +#endif + +#if defined(__cplusplus) +} +#endif diff --git a/src/Crypto/Aeskey.c b/src/Crypto/Aeskey.c index 948b9238..c9ab0269 100644 --- a/src/Crypto/Aeskey.c +++ b/src/Crypto/Aeskey.c @@ -1,573 +1,573 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software is allowed (with or without - changes) provided that: - - 1. source code distributions include the above copyright notice, this - list of conditions and the following disclaimer; - - 2. binary distributions include the above copyright notice, this list - of conditions and the following disclaimer in their documentation; - - 3. the name of the copyright holder is not used to endorse products - built using this software without specific written permission. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 20/12/2007 -*/ - -#include "Aesopt.h" -#include "Aestab.h" - -#ifdef USE_VIA_ACE_IF_PRESENT -# include "aes_via_ace.h" -#endif - -#if defined(__cplusplus) -extern "C" -{ -#endif - -/* Initialise the key schedule from the user supplied key. The key - length can be specified in bytes, with legal values of 16, 24 - and 32, or in bits, with legal values of 128, 192 and 256. These - values correspond with Nk values of 4, 6 and 8 respectively. - - The following macros implement a single cycle in the key - schedule generation process. The number of cycles needed - for each cx->n_col and nk value is: - - nk = 4 5 6 7 8 - ------------------------------ - cx->n_col = 4 10 9 8 7 7 - cx->n_col = 5 14 11 10 9 9 - cx->n_col = 6 19 15 12 11 11 - cx->n_col = 7 21 19 16 13 14 - cx->n_col = 8 29 23 19 17 14 -*/ - -#if (FUNCS_IN_C & ENC_KEYING_IN_C) - -#if defined(AES_128) || defined(AES_VAR) - -#define ke4(k,i) \ -{ k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; \ - k[4*(i)+5] = ss[1] ^= ss[0]; \ - k[4*(i)+6] = ss[2] ^= ss[1]; \ - k[4*(i)+7] = ss[3] ^= ss[2]; \ -} - -AES_RETURN aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1]) -{ uint_32t ss[4]; - - cx->ks[0] = ss[0] = word_in(key, 0); - cx->ks[1] = ss[1] = word_in(key, 1); - cx->ks[2] = ss[2] = word_in(key, 2); - cx->ks[3] = ss[3] = word_in(key, 3); - -#if ENC_UNROLL == NONE - { uint_32t i; - for(i = 0; i < 9; ++i) - ke4(cx->ks, i); - } -#else - ke4(cx->ks, 0); ke4(cx->ks, 1); - ke4(cx->ks, 2); ke4(cx->ks, 3); - ke4(cx->ks, 4); ke4(cx->ks, 5); - ke4(cx->ks, 6); ke4(cx->ks, 7); - ke4(cx->ks, 8); -#endif - ke4(cx->ks, 9); - cx->inf.l = 0; - cx->inf.b[0] = 10 * 16; - -#ifdef USE_VIA_ACE_IF_PRESENT - if(VIA_ACE_AVAILABLE) - cx->inf.b[1] = 0xff; -#endif - -#if defined( AES_ERR_CHK ) - return EXIT_SUCCESS; -#endif -} - -#endif - -#if defined(AES_192) || defined(AES_VAR) - -#define kef6(k,i) \ -{ k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; \ - k[6*(i)+ 7] = ss[1] ^= ss[0]; \ - k[6*(i)+ 8] = ss[2] ^= ss[1]; \ - k[6*(i)+ 9] = ss[3] ^= ss[2]; \ -} - -#define ke6(k,i) \ -{ kef6(k,i); \ - k[6*(i)+10] = ss[4] ^= ss[3]; \ - k[6*(i)+11] = ss[5] ^= ss[4]; \ -} - -AES_RETURN aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1]) -{ uint_32t ss[6]; - - cx->ks[0] = ss[0] = word_in(key, 0); - cx->ks[1] = ss[1] = word_in(key, 1); - cx->ks[2] = ss[2] = word_in(key, 2); - cx->ks[3] = ss[3] = word_in(key, 3); - cx->ks[4] = ss[4] = word_in(key, 4); - cx->ks[5] = ss[5] = word_in(key, 5); - -#if ENC_UNROLL == NONE - { uint_32t i; - for(i = 0; i < 7; ++i) - ke6(cx->ks, i); - } -#else - ke6(cx->ks, 0); ke6(cx->ks, 1); - ke6(cx->ks, 2); ke6(cx->ks, 3); - ke6(cx->ks, 4); ke6(cx->ks, 5); - ke6(cx->ks, 6); -#endif - kef6(cx->ks, 7); - cx->inf.l = 0; - cx->inf.b[0] = 12 * 16; - -#ifdef USE_VIA_ACE_IF_PRESENT - if(VIA_ACE_AVAILABLE) - cx->inf.b[1] = 0xff; -#endif - -#if defined( AES_ERR_CHK ) - return EXIT_SUCCESS; -#endif -} - -#endif - -#if defined(AES_256) || defined(AES_VAR) - -#define kef8(k,i) \ -{ k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; \ - k[8*(i)+ 9] = ss[1] ^= ss[0]; \ - k[8*(i)+10] = ss[2] ^= ss[1]; \ - k[8*(i)+11] = ss[3] ^= ss[2]; \ -} - -#define ke8(k,i) \ -{ kef8(k,i); \ - k[8*(i)+12] = ss[4] ^= ls_box(ss[3],0); \ - k[8*(i)+13] = ss[5] ^= ss[4]; \ - k[8*(i)+14] = ss[6] ^= ss[5]; \ - k[8*(i)+15] = ss[7] ^= ss[6]; \ -} - -AES_RETURN aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1]) -{ uint_32t ss[8]; - - cx->ks[0] = ss[0] = word_in(key, 0); - cx->ks[1] = ss[1] = word_in(key, 1); - cx->ks[2] = ss[2] = word_in(key, 2); - cx->ks[3] = ss[3] = word_in(key, 3); - cx->ks[4] = ss[4] = word_in(key, 4); - cx->ks[5] = ss[5] = word_in(key, 5); - cx->ks[6] = ss[6] = word_in(key, 6); - cx->ks[7] = ss[7] = word_in(key, 7); - -#if ENC_UNROLL == NONE - { uint_32t i; - for(i = 0; i < 6; ++i) - ke8(cx->ks, i); - } -#else - ke8(cx->ks, 0); ke8(cx->ks, 1); - ke8(cx->ks, 2); ke8(cx->ks, 3); - ke8(cx->ks, 4); ke8(cx->ks, 5); -#endif - kef8(cx->ks, 6); - cx->inf.l = 0; - cx->inf.b[0] = 14 * 16; - -#ifdef USE_VIA_ACE_IF_PRESENT - if(VIA_ACE_AVAILABLE) - cx->inf.b[1] = 0xff; -#endif - -#if defined( AES_ERR_CHK ) - return EXIT_SUCCESS; -#endif -} - -#endif - -#if defined(AES_VAR) - -AES_RETURN aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1]) -{ - switch(key_len) - { -#if defined( AES_ERR_CHK ) - case 16: case 128: return aes_encrypt_key128(key, cx); - case 24: case 192: return aes_encrypt_key192(key, cx); - case 32: case 256: return aes_encrypt_key256(key, cx); - default: return EXIT_FAILURE; -#else - case 16: case 128: aes_encrypt_key128(key, cx); return; - case 24: case 192: aes_encrypt_key192(key, cx); return; - case 32: case 256: aes_encrypt_key256(key, cx); return; -#endif - } -} - -#endif - -#endif - -#if (FUNCS_IN_C & DEC_KEYING_IN_C) - -/* this is used to store the decryption round keys */ -/* in forward or reverse order */ - -#ifdef AES_REV_DKS -#define v(n,i) ((n) - (i) + 2 * ((i) & 3)) -#else -#define v(n,i) (i) -#endif - -#if DEC_ROUND == NO_TABLES -#define ff(x) (x) -#else -#define ff(x) inv_mcol(x) -#if defined( dec_imvars ) -#define d_vars dec_imvars -#endif -#endif - -#if defined(AES_128) || defined(AES_VAR) - -#define k4e(k,i) \ -{ k[v(40,(4*(i))+4)] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; \ - k[v(40,(4*(i))+5)] = ss[1] ^= ss[0]; \ - k[v(40,(4*(i))+6)] = ss[2] ^= ss[1]; \ - k[v(40,(4*(i))+7)] = ss[3] ^= ss[2]; \ -} - -#if 1 - -#define kdf4(k,i) \ -{ ss[0] = ss[0] ^ ss[2] ^ ss[1] ^ ss[3]; \ - ss[1] = ss[1] ^ ss[3]; \ - ss[2] = ss[2] ^ ss[3]; \ - ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; \ - ss[i % 4] ^= ss[4]; \ - ss[4] ^= k[v(40,(4*(i)))]; k[v(40,(4*(i))+4)] = ff(ss[4]); \ - ss[4] ^= k[v(40,(4*(i))+1)]; k[v(40,(4*(i))+5)] = ff(ss[4]); \ - ss[4] ^= k[v(40,(4*(i))+2)]; k[v(40,(4*(i))+6)] = ff(ss[4]); \ - ss[4] ^= k[v(40,(4*(i))+3)]; k[v(40,(4*(i))+7)] = ff(ss[4]); \ -} - -#define kd4(k,i) \ -{ ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; \ - ss[i % 4] ^= ss[4]; ss[4] = ff(ss[4]); \ - k[v(40,(4*(i))+4)] = ss[4] ^= k[v(40,(4*(i)))]; \ - k[v(40,(4*(i))+5)] = ss[4] ^= k[v(40,(4*(i))+1)]; \ - k[v(40,(4*(i))+6)] = ss[4] ^= k[v(40,(4*(i))+2)]; \ - k[v(40,(4*(i))+7)] = ss[4] ^= k[v(40,(4*(i))+3)]; \ -} - -#define kdl4(k,i) \ -{ ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \ - k[v(40,(4*(i))+4)] = (ss[0] ^= ss[1]) ^ ss[2] ^ ss[3]; \ - k[v(40,(4*(i))+5)] = ss[1] ^ ss[3]; \ - k[v(40,(4*(i))+6)] = ss[0]; \ - k[v(40,(4*(i))+7)] = ss[1]; \ -} - -#else - -#define kdf4(k,i) \ -{ ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[v(40,(4*(i))+ 4)] = ff(ss[0]); \ - ss[1] ^= ss[0]; k[v(40,(4*(i))+ 5)] = ff(ss[1]); \ - ss[2] ^= ss[1]; k[v(40,(4*(i))+ 6)] = ff(ss[2]); \ - ss[3] ^= ss[2]; k[v(40,(4*(i))+ 7)] = ff(ss[3]); \ -} - -#define kd4(k,i) \ -{ ss[4] = ls_box(ss[3],3) ^ t_use(r,c)[i]; \ - ss[0] ^= ss[4]; ss[4] = ff(ss[4]); k[v(40,(4*(i))+ 4)] = ss[4] ^= k[v(40,(4*(i)))]; \ - ss[1] ^= ss[0]; k[v(40,(4*(i))+ 5)] = ss[4] ^= k[v(40,(4*(i))+ 1)]; \ - ss[2] ^= ss[1]; k[v(40,(4*(i))+ 6)] = ss[4] ^= k[v(40,(4*(i))+ 2)]; \ - ss[3] ^= ss[2]; k[v(40,(4*(i))+ 7)] = ss[4] ^= k[v(40,(4*(i))+ 3)]; \ -} - -#define kdl4(k,i) \ -{ ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[v(40,(4*(i))+ 4)] = ss[0]; \ - ss[1] ^= ss[0]; k[v(40,(4*(i))+ 5)] = ss[1]; \ - ss[2] ^= ss[1]; k[v(40,(4*(i))+ 6)] = ss[2]; \ - ss[3] ^= ss[2]; k[v(40,(4*(i))+ 7)] = ss[3]; \ -} - -#endif - -AES_RETURN aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1]) -{ uint_32t ss[5]; -#if defined( d_vars ) - d_vars; -#endif - cx->ks[v(40,(0))] = ss[0] = word_in(key, 0); - cx->ks[v(40,(1))] = ss[1] = word_in(key, 1); - cx->ks[v(40,(2))] = ss[2] = word_in(key, 2); - cx->ks[v(40,(3))] = ss[3] = word_in(key, 3); - -#if DEC_UNROLL == NONE - { uint_32t i; - for(i = 0; i < 10; ++i) - k4e(cx->ks, i); -#if !(DEC_ROUND == NO_TABLES) - for(i = N_COLS; i < 10 * N_COLS; ++i) - cx->ks[i] = inv_mcol(cx->ks[i]); -#endif - } -#else - kdf4(cx->ks, 0); kd4(cx->ks, 1); - kd4(cx->ks, 2); kd4(cx->ks, 3); - kd4(cx->ks, 4); kd4(cx->ks, 5); - kd4(cx->ks, 6); kd4(cx->ks, 7); - kd4(cx->ks, 8); kdl4(cx->ks, 9); -#endif - cx->inf.l = 0; - cx->inf.b[0] = 10 * 16; - -#ifdef USE_VIA_ACE_IF_PRESENT - if(VIA_ACE_AVAILABLE) - cx->inf.b[1] = 0xff; -#endif - -#if defined( AES_ERR_CHK ) - return EXIT_SUCCESS; -#endif -} - -#endif - -#if defined(AES_192) || defined(AES_VAR) - -#define k6ef(k,i) \ -{ k[v(48,(6*(i))+ 6)] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; \ - k[v(48,(6*(i))+ 7)] = ss[1] ^= ss[0]; \ - k[v(48,(6*(i))+ 8)] = ss[2] ^= ss[1]; \ - k[v(48,(6*(i))+ 9)] = ss[3] ^= ss[2]; \ -} - -#define k6e(k,i) \ -{ k6ef(k,i); \ - k[v(48,(6*(i))+10)] = ss[4] ^= ss[3]; \ - k[v(48,(6*(i))+11)] = ss[5] ^= ss[4]; \ -} - -#define kdf6(k,i) \ -{ ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[v(48,(6*(i))+ 6)] = ff(ss[0]); \ - ss[1] ^= ss[0]; k[v(48,(6*(i))+ 7)] = ff(ss[1]); \ - ss[2] ^= ss[1]; k[v(48,(6*(i))+ 8)] = ff(ss[2]); \ - ss[3] ^= ss[2]; k[v(48,(6*(i))+ 9)] = ff(ss[3]); \ - ss[4] ^= ss[3]; k[v(48,(6*(i))+10)] = ff(ss[4]); \ - ss[5] ^= ss[4]; k[v(48,(6*(i))+11)] = ff(ss[5]); \ -} - -#define kd6(k,i) \ -{ ss[6] = ls_box(ss[5],3) ^ t_use(r,c)[i]; \ - ss[0] ^= ss[6]; ss[6] = ff(ss[6]); k[v(48,(6*(i))+ 6)] = ss[6] ^= k[v(48,(6*(i)))]; \ - ss[1] ^= ss[0]; k[v(48,(6*(i))+ 7)] = ss[6] ^= k[v(48,(6*(i))+ 1)]; \ - ss[2] ^= ss[1]; k[v(48,(6*(i))+ 8)] = ss[6] ^= k[v(48,(6*(i))+ 2)]; \ - ss[3] ^= ss[2]; k[v(48,(6*(i))+ 9)] = ss[6] ^= k[v(48,(6*(i))+ 3)]; \ - ss[4] ^= ss[3]; k[v(48,(6*(i))+10)] = ss[6] ^= k[v(48,(6*(i))+ 4)]; \ - ss[5] ^= ss[4]; k[v(48,(6*(i))+11)] = ss[6] ^= k[v(48,(6*(i))+ 5)]; \ -} - -#define kdl6(k,i) \ -{ ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[v(48,(6*(i))+ 6)] = ss[0]; \ - ss[1] ^= ss[0]; k[v(48,(6*(i))+ 7)] = ss[1]; \ - ss[2] ^= ss[1]; k[v(48,(6*(i))+ 8)] = ss[2]; \ - ss[3] ^= ss[2]; k[v(48,(6*(i))+ 9)] = ss[3]; \ -} - -AES_RETURN aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1]) -{ uint_32t ss[7]; -#if defined( d_vars ) - d_vars; -#endif - cx->ks[v(48,(0))] = ss[0] = word_in(key, 0); - cx->ks[v(48,(1))] = ss[1] = word_in(key, 1); - cx->ks[v(48,(2))] = ss[2] = word_in(key, 2); - cx->ks[v(48,(3))] = ss[3] = word_in(key, 3); - -#if DEC_UNROLL == NONE - cx->ks[v(48,(4))] = ss[4] = word_in(key, 4); - cx->ks[v(48,(5))] = ss[5] = word_in(key, 5); - { uint_32t i; - - for(i = 0; i < 7; ++i) - k6e(cx->ks, i); - k6ef(cx->ks, 7); -#if !(DEC_ROUND == NO_TABLES) - for(i = N_COLS; i < 12 * N_COLS; ++i) - cx->ks[i] = inv_mcol(cx->ks[i]); -#endif - } -#else - cx->ks[v(48,(4))] = ff(ss[4] = word_in(key, 4)); - cx->ks[v(48,(5))] = ff(ss[5] = word_in(key, 5)); - kdf6(cx->ks, 0); kd6(cx->ks, 1); - kd6(cx->ks, 2); kd6(cx->ks, 3); - kd6(cx->ks, 4); kd6(cx->ks, 5); - kd6(cx->ks, 6); kdl6(cx->ks, 7); -#endif - cx->inf.l = 0; - cx->inf.b[0] = 12 * 16; - -#ifdef USE_VIA_ACE_IF_PRESENT - if(VIA_ACE_AVAILABLE) - cx->inf.b[1] = 0xff; -#endif - -#if defined( AES_ERR_CHK ) - return EXIT_SUCCESS; -#endif -} - -#endif - -#if defined(AES_256) || defined(AES_VAR) - -#define k8ef(k,i) \ -{ k[v(56,(8*(i))+ 8)] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; \ - k[v(56,(8*(i))+ 9)] = ss[1] ^= ss[0]; \ - k[v(56,(8*(i))+10)] = ss[2] ^= ss[1]; \ - k[v(56,(8*(i))+11)] = ss[3] ^= ss[2]; \ -} - -#define k8e(k,i) \ -{ k8ef(k,i); \ - k[v(56,(8*(i))+12)] = ss[4] ^= ls_box(ss[3],0); \ - k[v(56,(8*(i))+13)] = ss[5] ^= ss[4]; \ - k[v(56,(8*(i))+14)] = ss[6] ^= ss[5]; \ - k[v(56,(8*(i))+15)] = ss[7] ^= ss[6]; \ -} - -#define kdf8(k,i) \ -{ ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[v(56,(8*(i))+ 8)] = ff(ss[0]); \ - ss[1] ^= ss[0]; k[v(56,(8*(i))+ 9)] = ff(ss[1]); \ - ss[2] ^= ss[1]; k[v(56,(8*(i))+10)] = ff(ss[2]); \ - ss[3] ^= ss[2]; k[v(56,(8*(i))+11)] = ff(ss[3]); \ - ss[4] ^= ls_box(ss[3],0); k[v(56,(8*(i))+12)] = ff(ss[4]); \ - ss[5] ^= ss[4]; k[v(56,(8*(i))+13)] = ff(ss[5]); \ - ss[6] ^= ss[5]; k[v(56,(8*(i))+14)] = ff(ss[6]); \ - ss[7] ^= ss[6]; k[v(56,(8*(i))+15)] = ff(ss[7]); \ -} - -#define kd8(k,i) \ -{ ss[8] = ls_box(ss[7],3) ^ t_use(r,c)[i]; \ - ss[0] ^= ss[8]; ss[8] = ff(ss[8]); k[v(56,(8*(i))+ 8)] = ss[8] ^= k[v(56,(8*(i)))]; \ - ss[1] ^= ss[0]; k[v(56,(8*(i))+ 9)] = ss[8] ^= k[v(56,(8*(i))+ 1)]; \ - ss[2] ^= ss[1]; k[v(56,(8*(i))+10)] = ss[8] ^= k[v(56,(8*(i))+ 2)]; \ - ss[3] ^= ss[2]; k[v(56,(8*(i))+11)] = ss[8] ^= k[v(56,(8*(i))+ 3)]; \ - ss[8] = ls_box(ss[3],0); \ - ss[4] ^= ss[8]; ss[8] = ff(ss[8]); k[v(56,(8*(i))+12)] = ss[8] ^= k[v(56,(8*(i))+ 4)]; \ - ss[5] ^= ss[4]; k[v(56,(8*(i))+13)] = ss[8] ^= k[v(56,(8*(i))+ 5)]; \ - ss[6] ^= ss[5]; k[v(56,(8*(i))+14)] = ss[8] ^= k[v(56,(8*(i))+ 6)]; \ - ss[7] ^= ss[6]; k[v(56,(8*(i))+15)] = ss[8] ^= k[v(56,(8*(i))+ 7)]; \ -} - -#define kdl8(k,i) \ -{ ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[v(56,(8*(i))+ 8)] = ss[0]; \ - ss[1] ^= ss[0]; k[v(56,(8*(i))+ 9)] = ss[1]; \ - ss[2] ^= ss[1]; k[v(56,(8*(i))+10)] = ss[2]; \ - ss[3] ^= ss[2]; k[v(56,(8*(i))+11)] = ss[3]; \ -} - -AES_RETURN aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1]) -{ uint_32t ss[9]; -#if defined( d_vars ) - d_vars; -#endif - cx->ks[v(56,(0))] = ss[0] = word_in(key, 0); - cx->ks[v(56,(1))] = ss[1] = word_in(key, 1); - cx->ks[v(56,(2))] = ss[2] = word_in(key, 2); - cx->ks[v(56,(3))] = ss[3] = word_in(key, 3); - -#if DEC_UNROLL == NONE - cx->ks[v(56,(4))] = ss[4] = word_in(key, 4); - cx->ks[v(56,(5))] = ss[5] = word_in(key, 5); - cx->ks[v(56,(6))] = ss[6] = word_in(key, 6); - cx->ks[v(56,(7))] = ss[7] = word_in(key, 7); - { uint_32t i; - - for(i = 0; i < 6; ++i) - k8e(cx->ks, i); - k8ef(cx->ks, 6); -#if !(DEC_ROUND == NO_TABLES) - for(i = N_COLS; i < 14 * N_COLS; ++i) - cx->ks[i] = inv_mcol(cx->ks[i]); - -#endif - } -#else - ss[4] = word_in(key, 4); cx->ks[v(56,(4))] = ff(ss[4]); - ss[5] = word_in(key, 5); cx->ks[v(56,(5))] = ff(ss[5]); - ss[6] = word_in(key, 6); cx->ks[v(56,(6))] = ff(ss[6]); - ss[7] = word_in(key, 7); cx->ks[v(56,(7))] = ff(ss[7]); - kdf8(cx->ks, 0); kd8(cx->ks, 1); - kd8(cx->ks, 2); kd8(cx->ks, 3); - kd8(cx->ks, 4); kd8(cx->ks, 5); - kdl8(cx->ks, 6); -#endif - cx->inf.l = 0; - cx->inf.b[0] = 14 * 16; - -#ifdef USE_VIA_ACE_IF_PRESENT - if(VIA_ACE_AVAILABLE) - cx->inf.b[1] = 0xff; -#endif - -#if defined( AES_ERR_CHK ) - return EXIT_SUCCESS; -#endif -} - -#endif - -#if defined(AES_VAR) - -AES_RETURN aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1]) -{ - switch(key_len) - { -#if defined( AES_ERR_CHK ) - case 16: case 128: return aes_decrypt_key128(key, cx); - case 24: case 192: return aes_decrypt_key192(key, cx); - case 32: case 256: return aes_decrypt_key256(key, cx); - default: return EXIT_FAILURE; -#else - case 16: case 128: aes_decrypt_key128(key, cx); return; - case 24: case 192: aes_decrypt_key192(key, cx); return; - case 32: case 256: aes_decrypt_key256(key, cx); return; -#endif - } -} - -#endif - -#endif - -#if defined(__cplusplus) -} -#endif +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 +*/ + +#include "Aesopt.h" +#include "Aestab.h" + +#ifdef USE_VIA_ACE_IF_PRESENT +# include "aes_via_ace.h" +#endif + +#if defined(__cplusplus) +extern "C" +{ +#endif + +/* Initialise the key schedule from the user supplied key. The key + length can be specified in bytes, with legal values of 16, 24 + and 32, or in bits, with legal values of 128, 192 and 256. These + values correspond with Nk values of 4, 6 and 8 respectively. + + The following macros implement a single cycle in the key + schedule generation process. The number of cycles needed + for each cx->n_col and nk value is: + + nk = 4 5 6 7 8 + ------------------------------ + cx->n_col = 4 10 9 8 7 7 + cx->n_col = 5 14 11 10 9 9 + cx->n_col = 6 19 15 12 11 11 + cx->n_col = 7 21 19 16 13 14 + cx->n_col = 8 29 23 19 17 14 +*/ + +#if (FUNCS_IN_C & ENC_KEYING_IN_C) + +#if defined(AES_128) || defined(AES_VAR) + +#define ke4(k,i) \ +{ k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; \ + k[4*(i)+5] = ss[1] ^= ss[0]; \ + k[4*(i)+6] = ss[2] ^= ss[1]; \ + k[4*(i)+7] = ss[3] ^= ss[2]; \ +} + +AES_RETURN aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1]) +{ uint_32t ss[4]; + + cx->ks[0] = ss[0] = word_in(key, 0); + cx->ks[1] = ss[1] = word_in(key, 1); + cx->ks[2] = ss[2] = word_in(key, 2); + cx->ks[3] = ss[3] = word_in(key, 3); + +#if ENC_UNROLL == NONE + { uint_32t i; + for(i = 0; i < 9; ++i) + ke4(cx->ks, i); + } +#else + ke4(cx->ks, 0); ke4(cx->ks, 1); + ke4(cx->ks, 2); ke4(cx->ks, 3); + ke4(cx->ks, 4); ke4(cx->ks, 5); + ke4(cx->ks, 6); ke4(cx->ks, 7); + ke4(cx->ks, 8); +#endif + ke4(cx->ks, 9); + cx->inf.l = 0; + cx->inf.b[0] = 10 * 16; + +#ifdef USE_VIA_ACE_IF_PRESENT + if(VIA_ACE_AVAILABLE) + cx->inf.b[1] = 0xff; +#endif + +#if defined( AES_ERR_CHK ) + return EXIT_SUCCESS; +#endif +} + +#endif + +#if defined(AES_192) || defined(AES_VAR) + +#define kef6(k,i) \ +{ k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; \ + k[6*(i)+ 7] = ss[1] ^= ss[0]; \ + k[6*(i)+ 8] = ss[2] ^= ss[1]; \ + k[6*(i)+ 9] = ss[3] ^= ss[2]; \ +} + +#define ke6(k,i) \ +{ kef6(k,i); \ + k[6*(i)+10] = ss[4] ^= ss[3]; \ + k[6*(i)+11] = ss[5] ^= ss[4]; \ +} + +AES_RETURN aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1]) +{ uint_32t ss[6]; + + cx->ks[0] = ss[0] = word_in(key, 0); + cx->ks[1] = ss[1] = word_in(key, 1); + cx->ks[2] = ss[2] = word_in(key, 2); + cx->ks[3] = ss[3] = word_in(key, 3); + cx->ks[4] = ss[4] = word_in(key, 4); + cx->ks[5] = ss[5] = word_in(key, 5); + +#if ENC_UNROLL == NONE + { uint_32t i; + for(i = 0; i < 7; ++i) + ke6(cx->ks, i); + } +#else + ke6(cx->ks, 0); ke6(cx->ks, 1); + ke6(cx->ks, 2); ke6(cx->ks, 3); + ke6(cx->ks, 4); ke6(cx->ks, 5); + ke6(cx->ks, 6); +#endif + kef6(cx->ks, 7); + cx->inf.l = 0; + cx->inf.b[0] = 12 * 16; + +#ifdef USE_VIA_ACE_IF_PRESENT + if(VIA_ACE_AVAILABLE) + cx->inf.b[1] = 0xff; +#endif + +#if defined( AES_ERR_CHK ) + return EXIT_SUCCESS; +#endif +} + +#endif + +#if defined(AES_256) || defined(AES_VAR) + +#define kef8(k,i) \ +{ k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; \ + k[8*(i)+ 9] = ss[1] ^= ss[0]; \ + k[8*(i)+10] = ss[2] ^= ss[1]; \ + k[8*(i)+11] = ss[3] ^= ss[2]; \ +} + +#define ke8(k,i) \ +{ kef8(k,i); \ + k[8*(i)+12] = ss[4] ^= ls_box(ss[3],0); \ + k[8*(i)+13] = ss[5] ^= ss[4]; \ + k[8*(i)+14] = ss[6] ^= ss[5]; \ + k[8*(i)+15] = ss[7] ^= ss[6]; \ +} + +AES_RETURN aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1]) +{ uint_32t ss[8]; + + cx->ks[0] = ss[0] = word_in(key, 0); + cx->ks[1] = ss[1] = word_in(key, 1); + cx->ks[2] = ss[2] = word_in(key, 2); + cx->ks[3] = ss[3] = word_in(key, 3); + cx->ks[4] = ss[4] = word_in(key, 4); + cx->ks[5] = ss[5] = word_in(key, 5); + cx->ks[6] = ss[6] = word_in(key, 6); + cx->ks[7] = ss[7] = word_in(key, 7); + +#if ENC_UNROLL == NONE + { uint_32t i; + for(i = 0; i < 6; ++i) + ke8(cx->ks, i); + } +#else + ke8(cx->ks, 0); ke8(cx->ks, 1); + ke8(cx->ks, 2); ke8(cx->ks, 3); + ke8(cx->ks, 4); ke8(cx->ks, 5); +#endif + kef8(cx->ks, 6); + cx->inf.l = 0; + cx->inf.b[0] = 14 * 16; + +#ifdef USE_VIA_ACE_IF_PRESENT + if(VIA_ACE_AVAILABLE) + cx->inf.b[1] = 0xff; +#endif + +#if defined( AES_ERR_CHK ) + return EXIT_SUCCESS; +#endif +} + +#endif + +#if defined(AES_VAR) + +AES_RETURN aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1]) +{ + switch(key_len) + { +#if defined( AES_ERR_CHK ) + case 16: case 128: return aes_encrypt_key128(key, cx); + case 24: case 192: return aes_encrypt_key192(key, cx); + case 32: case 256: return aes_encrypt_key256(key, cx); + default: return EXIT_FAILURE; +#else + case 16: case 128: aes_encrypt_key128(key, cx); return; + case 24: case 192: aes_encrypt_key192(key, cx); return; + case 32: case 256: aes_encrypt_key256(key, cx); return; +#endif + } +} + +#endif + +#endif + +#if (FUNCS_IN_C & DEC_KEYING_IN_C) + +/* this is used to store the decryption round keys */ +/* in forward or reverse order */ + +#ifdef AES_REV_DKS +#define v(n,i) ((n) - (i) + 2 * ((i) & 3)) +#else +#define v(n,i) (i) +#endif + +#if DEC_ROUND == NO_TABLES +#define ff(x) (x) +#else +#define ff(x) inv_mcol(x) +#if defined( dec_imvars ) +#define d_vars dec_imvars +#endif +#endif + +#if defined(AES_128) || defined(AES_VAR) + +#define k4e(k,i) \ +{ k[v(40,(4*(i))+4)] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; \ + k[v(40,(4*(i))+5)] = ss[1] ^= ss[0]; \ + k[v(40,(4*(i))+6)] = ss[2] ^= ss[1]; \ + k[v(40,(4*(i))+7)] = ss[3] ^= ss[2]; \ +} + +#if 1 + +#define kdf4(k,i) \ +{ ss[0] = ss[0] ^ ss[2] ^ ss[1] ^ ss[3]; \ + ss[1] = ss[1] ^ ss[3]; \ + ss[2] = ss[2] ^ ss[3]; \ + ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; \ + ss[i % 4] ^= ss[4]; \ + ss[4] ^= k[v(40,(4*(i)))]; k[v(40,(4*(i))+4)] = ff(ss[4]); \ + ss[4] ^= k[v(40,(4*(i))+1)]; k[v(40,(4*(i))+5)] = ff(ss[4]); \ + ss[4] ^= k[v(40,(4*(i))+2)]; k[v(40,(4*(i))+6)] = ff(ss[4]); \ + ss[4] ^= k[v(40,(4*(i))+3)]; k[v(40,(4*(i))+7)] = ff(ss[4]); \ +} + +#define kd4(k,i) \ +{ ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; \ + ss[i % 4] ^= ss[4]; ss[4] = ff(ss[4]); \ + k[v(40,(4*(i))+4)] = ss[4] ^= k[v(40,(4*(i)))]; \ + k[v(40,(4*(i))+5)] = ss[4] ^= k[v(40,(4*(i))+1)]; \ + k[v(40,(4*(i))+6)] = ss[4] ^= k[v(40,(4*(i))+2)]; \ + k[v(40,(4*(i))+7)] = ss[4] ^= k[v(40,(4*(i))+3)]; \ +} + +#define kdl4(k,i) \ +{ ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \ + k[v(40,(4*(i))+4)] = (ss[0] ^= ss[1]) ^ ss[2] ^ ss[3]; \ + k[v(40,(4*(i))+5)] = ss[1] ^ ss[3]; \ + k[v(40,(4*(i))+6)] = ss[0]; \ + k[v(40,(4*(i))+7)] = ss[1]; \ +} + +#else + +#define kdf4(k,i) \ +{ ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[v(40,(4*(i))+ 4)] = ff(ss[0]); \ + ss[1] ^= ss[0]; k[v(40,(4*(i))+ 5)] = ff(ss[1]); \ + ss[2] ^= ss[1]; k[v(40,(4*(i))+ 6)] = ff(ss[2]); \ + ss[3] ^= ss[2]; k[v(40,(4*(i))+ 7)] = ff(ss[3]); \ +} + +#define kd4(k,i) \ +{ ss[4] = ls_box(ss[3],3) ^ t_use(r,c)[i]; \ + ss[0] ^= ss[4]; ss[4] = ff(ss[4]); k[v(40,(4*(i))+ 4)] = ss[4] ^= k[v(40,(4*(i)))]; \ + ss[1] ^= ss[0]; k[v(40,(4*(i))+ 5)] = ss[4] ^= k[v(40,(4*(i))+ 1)]; \ + ss[2] ^= ss[1]; k[v(40,(4*(i))+ 6)] = ss[4] ^= k[v(40,(4*(i))+ 2)]; \ + ss[3] ^= ss[2]; k[v(40,(4*(i))+ 7)] = ss[4] ^= k[v(40,(4*(i))+ 3)]; \ +} + +#define kdl4(k,i) \ +{ ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[v(40,(4*(i))+ 4)] = ss[0]; \ + ss[1] ^= ss[0]; k[v(40,(4*(i))+ 5)] = ss[1]; \ + ss[2] ^= ss[1]; k[v(40,(4*(i))+ 6)] = ss[2]; \ + ss[3] ^= ss[2]; k[v(40,(4*(i))+ 7)] = ss[3]; \ +} + +#endif + +AES_RETURN aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1]) +{ uint_32t ss[5]; +#if defined( d_vars ) + d_vars; +#endif + cx->ks[v(40,(0))] = ss[0] = word_in(key, 0); + cx->ks[v(40,(1))] = ss[1] = word_in(key, 1); + cx->ks[v(40,(2))] = ss[2] = word_in(key, 2); + cx->ks[v(40,(3))] = ss[3] = word_in(key, 3); + +#if DEC_UNROLL == NONE + { uint_32t i; + for(i = 0; i < 10; ++i) + k4e(cx->ks, i); +#if !(DEC_ROUND == NO_TABLES) + for(i = N_COLS; i < 10 * N_COLS; ++i) + cx->ks[i] = inv_mcol(cx->ks[i]); +#endif + } +#else + kdf4(cx->ks, 0); kd4(cx->ks, 1); + kd4(cx->ks, 2); kd4(cx->ks, 3); + kd4(cx->ks, 4); kd4(cx->ks, 5); + kd4(cx->ks, 6); kd4(cx->ks, 7); + kd4(cx->ks, 8); kdl4(cx->ks, 9); +#endif + cx->inf.l = 0; + cx->inf.b[0] = 10 * 16; + +#ifdef USE_VIA_ACE_IF_PRESENT + if(VIA_ACE_AVAILABLE) + cx->inf.b[1] = 0xff; +#endif + +#if defined( AES_ERR_CHK ) + return EXIT_SUCCESS; +#endif +} + +#endif + +#if defined(AES_192) || defined(AES_VAR) + +#define k6ef(k,i) \ +{ k[v(48,(6*(i))+ 6)] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; \ + k[v(48,(6*(i))+ 7)] = ss[1] ^= ss[0]; \ + k[v(48,(6*(i))+ 8)] = ss[2] ^= ss[1]; \ + k[v(48,(6*(i))+ 9)] = ss[3] ^= ss[2]; \ +} + +#define k6e(k,i) \ +{ k6ef(k,i); \ + k[v(48,(6*(i))+10)] = ss[4] ^= ss[3]; \ + k[v(48,(6*(i))+11)] = ss[5] ^= ss[4]; \ +} + +#define kdf6(k,i) \ +{ ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[v(48,(6*(i))+ 6)] = ff(ss[0]); \ + ss[1] ^= ss[0]; k[v(48,(6*(i))+ 7)] = ff(ss[1]); \ + ss[2] ^= ss[1]; k[v(48,(6*(i))+ 8)] = ff(ss[2]); \ + ss[3] ^= ss[2]; k[v(48,(6*(i))+ 9)] = ff(ss[3]); \ + ss[4] ^= ss[3]; k[v(48,(6*(i))+10)] = ff(ss[4]); \ + ss[5] ^= ss[4]; k[v(48,(6*(i))+11)] = ff(ss[5]); \ +} + +#define kd6(k,i) \ +{ ss[6] = ls_box(ss[5],3) ^ t_use(r,c)[i]; \ + ss[0] ^= ss[6]; ss[6] = ff(ss[6]); k[v(48,(6*(i))+ 6)] = ss[6] ^= k[v(48,(6*(i)))]; \ + ss[1] ^= ss[0]; k[v(48,(6*(i))+ 7)] = ss[6] ^= k[v(48,(6*(i))+ 1)]; \ + ss[2] ^= ss[1]; k[v(48,(6*(i))+ 8)] = ss[6] ^= k[v(48,(6*(i))+ 2)]; \ + ss[3] ^= ss[2]; k[v(48,(6*(i))+ 9)] = ss[6] ^= k[v(48,(6*(i))+ 3)]; \ + ss[4] ^= ss[3]; k[v(48,(6*(i))+10)] = ss[6] ^= k[v(48,(6*(i))+ 4)]; \ + ss[5] ^= ss[4]; k[v(48,(6*(i))+11)] = ss[6] ^= k[v(48,(6*(i))+ 5)]; \ +} + +#define kdl6(k,i) \ +{ ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[v(48,(6*(i))+ 6)] = ss[0]; \ + ss[1] ^= ss[0]; k[v(48,(6*(i))+ 7)] = ss[1]; \ + ss[2] ^= ss[1]; k[v(48,(6*(i))+ 8)] = ss[2]; \ + ss[3] ^= ss[2]; k[v(48,(6*(i))+ 9)] = ss[3]; \ +} + +AES_RETURN aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1]) +{ uint_32t ss[7]; +#if defined( d_vars ) + d_vars; +#endif + cx->ks[v(48,(0))] = ss[0] = word_in(key, 0); + cx->ks[v(48,(1))] = ss[1] = word_in(key, 1); + cx->ks[v(48,(2))] = ss[2] = word_in(key, 2); + cx->ks[v(48,(3))] = ss[3] = word_in(key, 3); + +#if DEC_UNROLL == NONE + cx->ks[v(48,(4))] = ss[4] = word_in(key, 4); + cx->ks[v(48,(5))] = ss[5] = word_in(key, 5); + { uint_32t i; + + for(i = 0; i < 7; ++i) + k6e(cx->ks, i); + k6ef(cx->ks, 7); +#if !(DEC_ROUND == NO_TABLES) + for(i = N_COLS; i < 12 * N_COLS; ++i) + cx->ks[i] = inv_mcol(cx->ks[i]); +#endif + } +#else + cx->ks[v(48,(4))] = ff(ss[4] = word_in(key, 4)); + cx->ks[v(48,(5))] = ff(ss[5] = word_in(key, 5)); + kdf6(cx->ks, 0); kd6(cx->ks, 1); + kd6(cx->ks, 2); kd6(cx->ks, 3); + kd6(cx->ks, 4); kd6(cx->ks, 5); + kd6(cx->ks, 6); kdl6(cx->ks, 7); +#endif + cx->inf.l = 0; + cx->inf.b[0] = 12 * 16; + +#ifdef USE_VIA_ACE_IF_PRESENT + if(VIA_ACE_AVAILABLE) + cx->inf.b[1] = 0xff; +#endif + +#if defined( AES_ERR_CHK ) + return EXIT_SUCCESS; +#endif +} + +#endif + +#if defined(AES_256) || defined(AES_VAR) + +#define k8ef(k,i) \ +{ k[v(56,(8*(i))+ 8)] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; \ + k[v(56,(8*(i))+ 9)] = ss[1] ^= ss[0]; \ + k[v(56,(8*(i))+10)] = ss[2] ^= ss[1]; \ + k[v(56,(8*(i))+11)] = ss[3] ^= ss[2]; \ +} + +#define k8e(k,i) \ +{ k8ef(k,i); \ + k[v(56,(8*(i))+12)] = ss[4] ^= ls_box(ss[3],0); \ + k[v(56,(8*(i))+13)] = ss[5] ^= ss[4]; \ + k[v(56,(8*(i))+14)] = ss[6] ^= ss[5]; \ + k[v(56,(8*(i))+15)] = ss[7] ^= ss[6]; \ +} + +#define kdf8(k,i) \ +{ ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[v(56,(8*(i))+ 8)] = ff(ss[0]); \ + ss[1] ^= ss[0]; k[v(56,(8*(i))+ 9)] = ff(ss[1]); \ + ss[2] ^= ss[1]; k[v(56,(8*(i))+10)] = ff(ss[2]); \ + ss[3] ^= ss[2]; k[v(56,(8*(i))+11)] = ff(ss[3]); \ + ss[4] ^= ls_box(ss[3],0); k[v(56,(8*(i))+12)] = ff(ss[4]); \ + ss[5] ^= ss[4]; k[v(56,(8*(i))+13)] = ff(ss[5]); \ + ss[6] ^= ss[5]; k[v(56,(8*(i))+14)] = ff(ss[6]); \ + ss[7] ^= ss[6]; k[v(56,(8*(i))+15)] = ff(ss[7]); \ +} + +#define kd8(k,i) \ +{ ss[8] = ls_box(ss[7],3) ^ t_use(r,c)[i]; \ + ss[0] ^= ss[8]; ss[8] = ff(ss[8]); k[v(56,(8*(i))+ 8)] = ss[8] ^= k[v(56,(8*(i)))]; \ + ss[1] ^= ss[0]; k[v(56,(8*(i))+ 9)] = ss[8] ^= k[v(56,(8*(i))+ 1)]; \ + ss[2] ^= ss[1]; k[v(56,(8*(i))+10)] = ss[8] ^= k[v(56,(8*(i))+ 2)]; \ + ss[3] ^= ss[2]; k[v(56,(8*(i))+11)] = ss[8] ^= k[v(56,(8*(i))+ 3)]; \ + ss[8] = ls_box(ss[3],0); \ + ss[4] ^= ss[8]; ss[8] = ff(ss[8]); k[v(56,(8*(i))+12)] = ss[8] ^= k[v(56,(8*(i))+ 4)]; \ + ss[5] ^= ss[4]; k[v(56,(8*(i))+13)] = ss[8] ^= k[v(56,(8*(i))+ 5)]; \ + ss[6] ^= ss[5]; k[v(56,(8*(i))+14)] = ss[8] ^= k[v(56,(8*(i))+ 6)]; \ + ss[7] ^= ss[6]; k[v(56,(8*(i))+15)] = ss[8] ^= k[v(56,(8*(i))+ 7)]; \ +} + +#define kdl8(k,i) \ +{ ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[v(56,(8*(i))+ 8)] = ss[0]; \ + ss[1] ^= ss[0]; k[v(56,(8*(i))+ 9)] = ss[1]; \ + ss[2] ^= ss[1]; k[v(56,(8*(i))+10)] = ss[2]; \ + ss[3] ^= ss[2]; k[v(56,(8*(i))+11)] = ss[3]; \ +} + +AES_RETURN aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1]) +{ uint_32t ss[9]; +#if defined( d_vars ) + d_vars; +#endif + cx->ks[v(56,(0))] = ss[0] = word_in(key, 0); + cx->ks[v(56,(1))] = ss[1] = word_in(key, 1); + cx->ks[v(56,(2))] = ss[2] = word_in(key, 2); + cx->ks[v(56,(3))] = ss[3] = word_in(key, 3); + +#if DEC_UNROLL == NONE + cx->ks[v(56,(4))] = ss[4] = word_in(key, 4); + cx->ks[v(56,(5))] = ss[5] = word_in(key, 5); + cx->ks[v(56,(6))] = ss[6] = word_in(key, 6); + cx->ks[v(56,(7))] = ss[7] = word_in(key, 7); + { uint_32t i; + + for(i = 0; i < 6; ++i) + k8e(cx->ks, i); + k8ef(cx->ks, 6); +#if !(DEC_ROUND == NO_TABLES) + for(i = N_COLS; i < 14 * N_COLS; ++i) + cx->ks[i] = inv_mcol(cx->ks[i]); + +#endif + } +#else + ss[4] = word_in(key, 4); cx->ks[v(56,(4))] = ff(ss[4]); + ss[5] = word_in(key, 5); cx->ks[v(56,(5))] = ff(ss[5]); + ss[6] = word_in(key, 6); cx->ks[v(56,(6))] = ff(ss[6]); + ss[7] = word_in(key, 7); cx->ks[v(56,(7))] = ff(ss[7]); + kdf8(cx->ks, 0); kd8(cx->ks, 1); + kd8(cx->ks, 2); kd8(cx->ks, 3); + kd8(cx->ks, 4); kd8(cx->ks, 5); + kdl8(cx->ks, 6); +#endif + cx->inf.l = 0; + cx->inf.b[0] = 14 * 16; + +#ifdef USE_VIA_ACE_IF_PRESENT + if(VIA_ACE_AVAILABLE) + cx->inf.b[1] = 0xff; +#endif + +#if defined( AES_ERR_CHK ) + return EXIT_SUCCESS; +#endif +} + +#endif + +#if defined(AES_VAR) + +AES_RETURN aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1]) +{ + switch(key_len) + { +#if defined( AES_ERR_CHK ) + case 16: case 128: return aes_decrypt_key128(key, cx); + case 24: case 192: return aes_decrypt_key192(key, cx); + case 32: case 256: return aes_decrypt_key256(key, cx); + default: return EXIT_FAILURE; +#else + case 16: case 128: aes_decrypt_key128(key, cx); return; + case 24: case 192: aes_decrypt_key192(key, cx); return; + case 32: case 256: aes_decrypt_key256(key, cx); return; +#endif + } +} + +#endif + +#endif + +#if defined(__cplusplus) +} +#endif diff --git a/src/Crypto/Aesopt.h b/src/Crypto/Aesopt.h index 1b793e43..cf7edbe2 100644 --- a/src/Crypto/Aesopt.h +++ b/src/Crypto/Aesopt.h @@ -1,734 +1,734 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software is allowed (with or without - changes) provided that: - - 1. source code distributions include the above copyright notice, this - list of conditions and the following disclaimer; - - 2. binary distributions include the above copyright notice, this list - of conditions and the following disclaimer in their documentation; - - 3. the name of the copyright holder is not used to endorse products - built using this software without specific written permission. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 20/12/2007 - - This file contains the compilation options for AES (Rijndael) and code - that is common across encryption, key scheduling and table generation. - - OPERATION - - These source code files implement the AES algorithm Rijndael designed by - Joan Daemen and Vincent Rijmen. This version is designed for the standard - block size of 16 bytes and for key sizes of 128, 192 and 256 bits (16, 24 - and 32 bytes). - - This version is designed for flexibility and speed using operations on - 32-bit words rather than operations on bytes. It can be compiled with - either big or little endian internal byte order but is faster when the - native byte order for the processor is used. - - THE CIPHER INTERFACE - - The cipher interface is implemented as an array of bytes in which lower - AES bit sequence indexes map to higher numeric significance within bytes. - - uint_8t (an unsigned 8-bit type) - uint_32t (an unsigned 32-bit type) - struct aes_encrypt_ctx (structure for the cipher encryption context) - struct aes_decrypt_ctx (structure for the cipher decryption context) - AES_RETURN the function return type - - C subroutine calls: - - AES_RETURN aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1]); - AES_RETURN aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1]); - AES_RETURN aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1]); - AES_RETURN aes_encrypt(const unsigned char *in, unsigned char *out, - const aes_encrypt_ctx cx[1]); - - AES_RETURN aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1]); - AES_RETURN aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1]); - AES_RETURN aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1]); - AES_RETURN aes_decrypt(const unsigned char *in, unsigned char *out, - const aes_decrypt_ctx cx[1]); - - IMPORTANT NOTE: If you are using this C interface with dynamic tables make sure that - you call aes_init() before AES is used so that the tables are initialised. - - C++ aes class subroutines: - - Class AESencrypt for encryption - - Construtors: - AESencrypt(void) - AESencrypt(const unsigned char *key) - 128 bit key - Members: - AES_RETURN key128(const unsigned char *key) - AES_RETURN key192(const unsigned char *key) - AES_RETURN key256(const unsigned char *key) - AES_RETURN encrypt(const unsigned char *in, unsigned char *out) const - - Class AESdecrypt for encryption - Construtors: - AESdecrypt(void) - AESdecrypt(const unsigned char *key) - 128 bit key - Members: - AES_RETURN key128(const unsigned char *key) - AES_RETURN key192(const unsigned char *key) - AES_RETURN key256(const unsigned char *key) - AES_RETURN decrypt(const unsigned char *in, unsigned char *out) const -*/ - -/* Adapted for TrueCrypt */ - -#if !defined( _AESOPT_H ) -#define _AESOPT_H - -#ifdef TC_WINDOWS_BOOT -#define ASM_X86_V2 -#endif - -#if defined( __cplusplus ) -#include "Aescpp.h" -#else -#include "Aes.h" -#endif - - -#include "Common/Endian.h" -#define IS_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */ -#define IS_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */ - -#if BYTE_ORDER == LITTLE_ENDIAN -# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN -#endif - -#if BYTE_ORDER == BIG_ENDIAN -# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN -#endif - - -/* CONFIGURATION - THE USE OF DEFINES - - Later in this section there are a number of defines that control the - operation of the code. In each section, the purpose of each define is - explained so that the relevant form can be included or excluded by - setting either 1's or 0's respectively on the branches of the related - #if clauses. The following local defines should not be changed. -*/ - -#define ENCRYPTION_IN_C 1 -#define DECRYPTION_IN_C 2 -#define ENC_KEYING_IN_C 4 -#define DEC_KEYING_IN_C 8 - -#define NO_TABLES 0 -#define ONE_TABLE 1 -#define FOUR_TABLES 4 -#define NONE 0 -#define PARTIAL 1 -#define FULL 2 - -/* --- START OF USER CONFIGURED OPTIONS --- */ - -/* 1. BYTE ORDER WITHIN 32 BIT WORDS - - The fundamental data processing units in Rijndael are 8-bit bytes. The - input, output and key input are all enumerated arrays of bytes in which - bytes are numbered starting at zero and increasing to one less than the - number of bytes in the array in question. This enumeration is only used - for naming bytes and does not imply any adjacency or order relationship - from one byte to another. When these inputs and outputs are considered - as bit sequences, bits 8*n to 8*n+7 of the bit sequence are mapped to - byte[n] with bit 8n+i in the sequence mapped to bit 7-i within the byte. - In this implementation bits are numbered from 0 to 7 starting at the - numerically least significant end of each byte (bit n represents 2^n). - - However, Rijndael can be implemented more efficiently using 32-bit - words by packing bytes into words so that bytes 4*n to 4*n+3 are placed - into word[n]. While in principle these bytes can be assembled into words - in any positions, this implementation only supports the two formats in - which bytes in adjacent positions within words also have adjacent byte - numbers. This order is called big-endian if the lowest numbered bytes - in words have the highest numeric significance and little-endian if the - opposite applies. - - This code can work in either order irrespective of the order used by the - machine on which it runs. Normally the internal byte order will be set - to the order of the processor on which the code is to be run but this - define can be used to reverse this in special situations - - WARNING: Assembler code versions rely on PLATFORM_BYTE_ORDER being set. - This define will hence be redefined later (in section 4) if necessary -*/ - -#if 1 -#define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER -#elif 0 -#define ALGORITHM_BYTE_ORDER IS_LITTLE_ENDIAN -#elif 0 -#define ALGORITHM_BYTE_ORDER IS_BIG_ENDIAN -#else -#error The algorithm byte order is not defined -#endif - -/* 2. VIA ACE SUPPORT - - Define this option if support for the VIA ACE is required. This uses - inline assembler instructions and is only implemented for the Microsoft, - Intel and GCC compilers. If VIA ACE is known to be present, then defining - ASSUME_VIA_ACE_PRESENT will remove the ordinary encryption/decryption - code. If USE_VIA_ACE_IF_PRESENT is defined then VIA ACE will be used if - it is detected (both present and enabled) but the normal AES code will - also be present. - - When VIA ACE is to be used, all AES encryption contexts MUST be 16 byte - aligned; other input/output buffers do not need to be 16 byte aligned - but there are very large performance gains if this can be arranged. - VIA ACE also requires the decryption key schedule to be in reverse - order (which later checks below ensure). -*/ - -#if 0 && !defined( USE_VIA_ACE_IF_PRESENT ) -# define USE_VIA_ACE_IF_PRESENT -#endif - -#if 0 && !defined( ASSUME_VIA_ACE_PRESENT ) -# define ASSUME_VIA_ACE_PRESENT -# endif - -#if defined ( _WIN64 ) || defined( _WIN32_WCE ) || \ - defined( _MSC_VER ) && ( _MSC_VER <= 800 ) -# if defined( USE_VIA_ACE_IF_PRESENT ) -# undef USE_VIA_ACE_IF_PRESENT -# endif -# if defined( ASSUME_VIA_ACE_PRESENT ) -# undef ASSUME_VIA_ACE_PRESENT -# endif -#endif - -/* 3. ASSEMBLER SUPPORT - - This define (which can be on the command line) enables the use of the - assembler code routines for encryption, decryption and key scheduling - as follows: - - ASM_X86_V1C uses the assembler (aes_x86_v1.asm) with large tables for - encryption and decryption and but with key scheduling in C - ASM_X86_V2 uses assembler (aes_x86_v2.asm) with compressed tables for - encryption, decryption and key scheduling - ASM_X86_V2C uses assembler (aes_x86_v2.asm) with compressed tables for - encryption and decryption and but with key scheduling in C - ASM_AMD64_C uses assembler (aes_amd64.asm) with compressed tables for - encryption and decryption and but with key scheduling in C - - Change one 'if 0' below to 'if 1' to select the version or define - as a compilation option. -*/ - -#if 0 && !defined( ASM_X86_V1C ) -# define ASM_X86_V1C -#elif 0 && !defined( ASM_X86_V2 ) -# define ASM_X86_V2 -#elif 0 && !defined( ASM_X86_V2C ) -# define ASM_X86_V2C -#elif 0 && !defined( ASM_AMD64_C ) -# define ASM_AMD64_C -#endif - -#if (defined ( ASM_X86_V1C ) || defined( ASM_X86_V2 ) || defined( ASM_X86_V2C )) \ - && !defined( _M_IX86 ) || defined( ASM_AMD64_C ) && !defined( _M_X64 ) -//# error Assembler code is only available for x86 and AMD64 systems -#endif - -/* 4. FAST INPUT/OUTPUT OPERATIONS. - - On some machines it is possible to improve speed by transferring the - bytes in the input and output arrays to and from the internal 32-bit - variables by addressing these arrays as if they are arrays of 32-bit - words. On some machines this will always be possible but there may - be a large performance penalty if the byte arrays are not aligned on - the normal word boundaries. On other machines this technique will - lead to memory access errors when such 32-bit word accesses are not - properly aligned. The option SAFE_IO avoids such problems but will - often be slower on those machines that support misaligned access - (especially so if care is taken to align the input and output byte - arrays on 32-bit word boundaries). If SAFE_IO is not defined it is - assumed that access to byte arrays as if they are arrays of 32-bit - words will not cause problems when such accesses are misaligned. -*/ -#if 1 && !defined( _MSC_VER ) -#define SAFE_IO -#endif - -/* 5. LOOP UNROLLING - - The code for encryption and decrytpion cycles through a number of rounds - that can be implemented either in a loop or by expanding the code into a - long sequence of instructions, the latter producing a larger program but - one that will often be much faster. The latter is called loop unrolling. - There are also potential speed advantages in expanding two iterations in - a loop with half the number of iterations, which is called partial loop - unrolling. The following options allow partial or full loop unrolling - to be set independently for encryption and decryption -*/ -#if 1 -#define ENC_UNROLL FULL -#elif 0 -#define ENC_UNROLL PARTIAL -#else -#define ENC_UNROLL NONE -#endif - -#if 1 -#define DEC_UNROLL FULL -#elif 0 -#define DEC_UNROLL PARTIAL -#else -#define DEC_UNROLL NONE -#endif - -/* 6. FAST FINITE FIELD OPERATIONS - - If this section is included, tables are used to provide faster finite - field arithmetic (this has no effect if FIXED_TABLES is defined). -*/ -#if !defined (TC_WINDOWS_BOOT) -#define FF_TABLES -#endif - -/* 7. INTERNAL STATE VARIABLE FORMAT - - The internal state of Rijndael is stored in a number of local 32-bit - word varaibles which can be defined either as an array or as individual - names variables. Include this section if you want to store these local - varaibles in arrays. Otherwise individual local variables will be used. -*/ -#if 1 -#define ARRAYS -#endif - -/* 8. FIXED OR DYNAMIC TABLES - - When this section is included the tables used by the code are compiled - statically into the binary file. Otherwise the subroutine aes_init() - must be called to compute them before the code is first used. -*/ -#if !defined (TC_WINDOWS_BOOT) && !(defined( _MSC_VER ) && ( _MSC_VER <= 800 )) -#define FIXED_TABLES -#endif - -/* 9. TABLE ALIGNMENT - - On some sytsems speed will be improved by aligning the AES large lookup - tables on particular boundaries. This define should be set to a power of - two giving the desired alignment. It can be left undefined if alignment - is not needed. This option is specific to the Microsft VC++ compiler - - it seems to sometimes cause trouble for the VC++ version 6 compiler. -*/ - -#if 1 && defined( _MSC_VER ) && ( _MSC_VER >= 1300 ) -#define TABLE_ALIGN 32 -#endif - -/* 10. TABLE OPTIONS - - This cipher proceeds by repeating in a number of cycles known as 'rounds' - which are implemented by a round function which can optionally be speeded - up using tables. The basic tables are each 256 32-bit words, with either - one or four tables being required for each round function depending on - how much speed is required. The encryption and decryption round functions - are different and the last encryption and decrytpion round functions are - different again making four different round functions in all. - - This means that: - 1. Normal encryption and decryption rounds can each use either 0, 1 - or 4 tables and table spaces of 0, 1024 or 4096 bytes each. - 2. The last encryption and decryption rounds can also use either 0, 1 - or 4 tables and table spaces of 0, 1024 or 4096 bytes each. - - Include or exclude the appropriate definitions below to set the number - of tables used by this implementation. -*/ - -#if 1 /* set tables for the normal encryption round */ -#define ENC_ROUND FOUR_TABLES -#elif 0 -#define ENC_ROUND ONE_TABLE -#else -#define ENC_ROUND NO_TABLES -#endif - -#if 1 /* set tables for the last encryption round */ -#define LAST_ENC_ROUND FOUR_TABLES -#elif 0 -#define LAST_ENC_ROUND ONE_TABLE -#else -#define LAST_ENC_ROUND NO_TABLES -#endif - -#if 1 /* set tables for the normal decryption round */ -#define DEC_ROUND FOUR_TABLES -#elif 0 -#define DEC_ROUND ONE_TABLE -#else -#define DEC_ROUND NO_TABLES -#endif - -#if 1 /* set tables for the last decryption round */ -#define LAST_DEC_ROUND FOUR_TABLES -#elif 0 -#define LAST_DEC_ROUND ONE_TABLE -#else -#define LAST_DEC_ROUND NO_TABLES -#endif - -/* The decryption key schedule can be speeded up with tables in the same - way that the round functions can. Include or exclude the following - defines to set this requirement. -*/ -#if 1 -#define KEY_SCHED FOUR_TABLES -#elif 0 -#define KEY_SCHED ONE_TABLE -#else -#define KEY_SCHED NO_TABLES -#endif - -/* ---- END OF USER CONFIGURED OPTIONS ---- */ - -/* VIA ACE support is only available for VC++ and GCC */ - -#if !defined( _MSC_VER ) && !defined( __GNUC__ ) -# if defined( ASSUME_VIA_ACE_PRESENT ) -# undef ASSUME_VIA_ACE_PRESENT -# endif -# if defined( USE_VIA_ACE_IF_PRESENT ) -# undef USE_VIA_ACE_IF_PRESENT -# endif -#endif - -#if defined( ASSUME_VIA_ACE_PRESENT ) && !defined( USE_VIA_ACE_IF_PRESENT ) -#define USE_VIA_ACE_IF_PRESENT -#endif - -#if defined( USE_VIA_ACE_IF_PRESENT ) && !defined ( AES_REV_DKS ) -#define AES_REV_DKS -#endif - -/* Assembler support requires the use of platform byte order */ - -#if ( defined( ASM_X86_V1C ) || defined( ASM_X86_V2C ) || defined( ASM_AMD64_C ) ) \ - && (ALGORITHM_BYTE_ORDER != PLATFORM_BYTE_ORDER) -#undef ALGORITHM_BYTE_ORDER -#define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER -#endif - -/* In this implementation the columns of the state array are each held in - 32-bit words. The state array can be held in various ways: in an array - of words, in a number of individual word variables or in a number of - processor registers. The following define maps a variable name x and - a column number c to the way the state array variable is to be held. - The first define below maps the state into an array x[c] whereas the - second form maps the state into a number of individual variables x0, - x1, etc. Another form could map individual state colums to machine - register names. -*/ - -#if defined( ARRAYS ) -#define s(x,c) x[c] -#else -#define s(x,c) x##c -#endif - -/* This implementation provides subroutines for encryption, decryption - and for setting the three key lengths (separately) for encryption - and decryption. Since not all functions are needed, masks are set - up here to determine which will be implemented in C -*/ - -#if !defined( AES_ENCRYPT ) -# define EFUNCS_IN_C 0 -#elif defined( ASSUME_VIA_ACE_PRESENT ) || defined( ASM_X86_V1C ) \ - || defined( ASM_X86_V2C ) || defined( ASM_AMD64_C ) -# define EFUNCS_IN_C ENC_KEYING_IN_C -#elif !defined( ASM_X86_V2 ) -# define EFUNCS_IN_C ( ENCRYPTION_IN_C | ENC_KEYING_IN_C ) -#else -# define EFUNCS_IN_C 0 -#endif - -#if !defined( AES_DECRYPT ) -# define DFUNCS_IN_C 0 -#elif defined( ASSUME_VIA_ACE_PRESENT ) || defined( ASM_X86_V1C ) \ - || defined( ASM_X86_V2C ) || defined( ASM_AMD64_C ) -# define DFUNCS_IN_C DEC_KEYING_IN_C -#elif !defined( ASM_X86_V2 ) -# define DFUNCS_IN_C ( DECRYPTION_IN_C | DEC_KEYING_IN_C ) -#else -# define DFUNCS_IN_C 0 -#endif - -#define FUNCS_IN_C ( EFUNCS_IN_C | DFUNCS_IN_C ) - -/* END OF CONFIGURATION OPTIONS */ - -#define RC_LENGTH (5 * (AES_BLOCK_SIZE / 4 - 2)) - -/* Disable or report errors on some combinations of options */ - -#if ENC_ROUND == NO_TABLES && LAST_ENC_ROUND != NO_TABLES -#undef LAST_ENC_ROUND -#define LAST_ENC_ROUND NO_TABLES -#elif ENC_ROUND == ONE_TABLE && LAST_ENC_ROUND == FOUR_TABLES -#undef LAST_ENC_ROUND -#define LAST_ENC_ROUND ONE_TABLE -#endif - -#if ENC_ROUND == NO_TABLES && ENC_UNROLL != NONE -#undef ENC_UNROLL -#define ENC_UNROLL NONE -#endif - -#if DEC_ROUND == NO_TABLES && LAST_DEC_ROUND != NO_TABLES -#undef LAST_DEC_ROUND -#define LAST_DEC_ROUND NO_TABLES -#elif DEC_ROUND == ONE_TABLE && LAST_DEC_ROUND == FOUR_TABLES -#undef LAST_DEC_ROUND -#define LAST_DEC_ROUND ONE_TABLE -#endif - -#if DEC_ROUND == NO_TABLES && DEC_UNROLL != NONE -#undef DEC_UNROLL -#define DEC_UNROLL NONE -#endif - -#if defined( bswap32 ) -#define aes_sw32 bswap32 -#elif defined( bswap_32 ) -#define aes_sw32 bswap_32 -#else -#define brot(x,n) (((uint_32t)(x) << n) | ((uint_32t)(x) >> (32 - n))) -#define aes_sw32(x) ((brot((x),8) & 0x00ff00ff) | (brot((x),24) & 0xff00ff00)) -#endif - -/* upr(x,n): rotates bytes within words by n positions, moving bytes to - higher index positions with wrap around into low positions - ups(x,n): moves bytes by n positions to higher index positions in - words but without wrap around - bval(x,n): extracts a byte from a word - - WARNING: The definitions given here are intended only for use with - unsigned variables and with shift counts that are compile - time constants -*/ - -#if ( ALGORITHM_BYTE_ORDER == IS_LITTLE_ENDIAN ) -#define upr(x,n) (((uint_32t)(x) << (8 * (n))) | ((uint_32t)(x) >> (32 - 8 * (n)))) -#define ups(x,n) ((uint_32t) (x) << (8 * (n))) -#define bval(x,n) ((uint_8t)((x) >> (8 * (n)))) -#define bytes2word(b0, b1, b2, b3) \ - (((uint_32t)(b3) << 24) | ((uint_32t)(b2) << 16) | ((uint_32t)(b1) << 8) | (b0)) -#endif - -#if ( ALGORITHM_BYTE_ORDER == IS_BIG_ENDIAN ) -#define upr(x,n) (((uint_32t)(x) >> (8 * (n))) | ((uint_32t)(x) << (32 - 8 * (n)))) -#define ups(x,n) ((uint_32t) (x) >> (8 * (n))) -#define bval(x,n) ((uint_8t)((x) >> (24 - 8 * (n)))) -#define bytes2word(b0, b1, b2, b3) \ - (((uint_32t)(b0) << 24) | ((uint_32t)(b1) << 16) | ((uint_32t)(b2) << 8) | (b3)) -#endif - -#if defined( SAFE_IO ) - -#define word_in(x,c) bytes2word(((const uint_8t*)(x)+4*c)[0], ((const uint_8t*)(x)+4*c)[1], \ - ((const uint_8t*)(x)+4*c)[2], ((const uint_8t*)(x)+4*c)[3]) -#define word_out(x,c,v) { ((uint_8t*)(x)+4*c)[0] = bval(v,0); ((uint_8t*)(x)+4*c)[1] = bval(v,1); \ - ((uint_8t*)(x)+4*c)[2] = bval(v,2); ((uint_8t*)(x)+4*c)[3] = bval(v,3); } - -#elif ( ALGORITHM_BYTE_ORDER == PLATFORM_BYTE_ORDER ) - -#define word_in(x,c) (*((uint_32t*)(x)+(c))) -#define word_out(x,c,v) (*((uint_32t*)(x)+(c)) = (v)) - -#else - -#define word_in(x,c) aes_sw32(*((uint_32t*)(x)+(c))) -#define word_out(x,c,v) (*((uint_32t*)(x)+(c)) = aes_sw32(v)) - -#endif - -/* the finite field modular polynomial and elements */ - -#define WPOLY 0x011b -#define BPOLY 0x1b - -/* multiply four bytes in GF(2^8) by 'x' {02} in parallel */ - -#define m1 0x80808080 -#define m2 0x7f7f7f7f -#define gf_mulx(x) ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * BPOLY)) - -/* The following defines provide alternative definitions of gf_mulx that might - give improved performance if a fast 32-bit multiply is not available. Note - that a temporary variable u needs to be defined where gf_mulx is used. - -#define gf_mulx(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6)) -#define m4 (0x01010101 * BPOLY) -#define gf_mulx(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4) -*/ - -/* Work out which tables are needed for the different options */ - -#if defined( ASM_X86_V1C ) -#if defined( ENC_ROUND ) -#undef ENC_ROUND -#endif -#define ENC_ROUND FOUR_TABLES -#if defined( LAST_ENC_ROUND ) -#undef LAST_ENC_ROUND -#endif -#define LAST_ENC_ROUND FOUR_TABLES -#if defined( DEC_ROUND ) -#undef DEC_ROUND -#endif -#define DEC_ROUND FOUR_TABLES -#if defined( LAST_DEC_ROUND ) -#undef LAST_DEC_ROUND -#endif -#define LAST_DEC_ROUND FOUR_TABLES -#if defined( KEY_SCHED ) -#undef KEY_SCHED -#define KEY_SCHED FOUR_TABLES -#endif -#endif - -#if ( FUNCS_IN_C & ENCRYPTION_IN_C ) || defined( ASM_X86_V1C ) -#if ENC_ROUND == ONE_TABLE -#define FT1_SET -#elif ENC_ROUND == FOUR_TABLES -#define FT4_SET -#else -#define SBX_SET -#endif -#if LAST_ENC_ROUND == ONE_TABLE -#define FL1_SET -#elif LAST_ENC_ROUND == FOUR_TABLES -#define FL4_SET -#elif !defined( SBX_SET ) -#define SBX_SET -#endif -#endif - -#if ( FUNCS_IN_C & DECRYPTION_IN_C ) || defined( ASM_X86_V1C ) -#if DEC_ROUND == ONE_TABLE -#define IT1_SET -#elif DEC_ROUND == FOUR_TABLES -#define IT4_SET -#else -#define ISB_SET -#endif -#if LAST_DEC_ROUND == ONE_TABLE -#define IL1_SET -#elif LAST_DEC_ROUND == FOUR_TABLES -#define IL4_SET -#elif !defined(ISB_SET) -#define ISB_SET -#endif -#endif - -#if (FUNCS_IN_C & ENC_KEYING_IN_C) || (FUNCS_IN_C & DEC_KEYING_IN_C) -#if KEY_SCHED == ONE_TABLE -#define LS1_SET -#elif KEY_SCHED == FOUR_TABLES -#define LS4_SET -#elif !defined( SBX_SET ) -#define SBX_SET -#endif -#endif - -#if (FUNCS_IN_C & DEC_KEYING_IN_C) -#if KEY_SCHED == ONE_TABLE -#define IM1_SET -#elif KEY_SCHED == FOUR_TABLES -#define IM4_SET -#elif !defined( SBX_SET ) -#define SBX_SET -#endif -#endif - -/* generic definitions of Rijndael macros that use tables */ - -#define no_table(x,box,vf,rf,c) bytes2word( \ - box[bval(vf(x,0,c),rf(0,c))], \ - box[bval(vf(x,1,c),rf(1,c))], \ - box[bval(vf(x,2,c),rf(2,c))], \ - box[bval(vf(x,3,c),rf(3,c))]) - -#define one_table(x,op,tab,vf,rf,c) \ - ( tab[bval(vf(x,0,c),rf(0,c))] \ - ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \ - ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \ - ^ op(tab[bval(vf(x,3,c),rf(3,c))],3)) - -#define four_tables(x,tab,vf,rf,c) \ - ( tab[0][bval(vf(x,0,c),rf(0,c))] \ - ^ tab[1][bval(vf(x,1,c),rf(1,c))] \ - ^ tab[2][bval(vf(x,2,c),rf(2,c))] \ - ^ tab[3][bval(vf(x,3,c),rf(3,c))]) - -#define vf1(x,r,c) (x) -#define rf1(r,c) (r) -#define rf2(r,c) ((8+r-c)&3) - -/* perform forward and inverse column mix operation on four bytes in long word x in */ -/* parallel. NOTE: x must be a simple variable, NOT an expression in these macros. */ - -#if defined( FM4_SET ) /* not currently used */ -#define fwd_mcol(x) four_tables(x,t_use(f,m),vf1,rf1,0) -#elif defined( FM1_SET ) /* not currently used */ -#define fwd_mcol(x) one_table(x,upr,t_use(f,m),vf1,rf1,0) -#else -#define dec_fmvars uint_32t g2 -#define fwd_mcol(x) (g2 = gf_mulx(x), g2 ^ upr((x) ^ g2, 3) ^ upr((x), 2) ^ upr((x), 1)) -#endif - -#if defined( IM4_SET ) -#define inv_mcol(x) four_tables(x,t_use(i,m),vf1,rf1,0) -#elif defined( IM1_SET ) -#define inv_mcol(x) one_table(x,upr,t_use(i,m),vf1,rf1,0) -#else -#define dec_imvars uint_32t g2, g4, g9 -#define inv_mcol(x) (g2 = gf_mulx(x), g4 = gf_mulx(g2), g9 = (x) ^ gf_mulx(g4), g4 ^= g9, \ - (x) ^ g2 ^ g4 ^ upr(g2 ^ g9, 3) ^ upr(g4, 2) ^ upr(g9, 1)) -#endif - -#if defined( FL4_SET ) -#define ls_box(x,c) four_tables(x,t_use(f,l),vf1,rf2,c) -#elif defined( LS4_SET ) -#define ls_box(x,c) four_tables(x,t_use(l,s),vf1,rf2,c) -#elif defined( FL1_SET ) -#define ls_box(x,c) one_table(x,upr,t_use(f,l),vf1,rf2,c) -#elif defined( LS1_SET ) -#define ls_box(x,c) one_table(x,upr,t_use(l,s),vf1,rf2,c) -#else -#define ls_box(x,c) no_table(x,t_use(s,box),vf1,rf2,c) -#endif - -#if defined( ASM_X86_V1C ) && defined( AES_DECRYPT ) && !defined( ISB_SET ) -#define ISB_SET -#endif - -#endif +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 + + This file contains the compilation options for AES (Rijndael) and code + that is common across encryption, key scheduling and table generation. + + OPERATION + + These source code files implement the AES algorithm Rijndael designed by + Joan Daemen and Vincent Rijmen. This version is designed for the standard + block size of 16 bytes and for key sizes of 128, 192 and 256 bits (16, 24 + and 32 bytes). + + This version is designed for flexibility and speed using operations on + 32-bit words rather than operations on bytes. It can be compiled with + either big or little endian internal byte order but is faster when the + native byte order for the processor is used. + + THE CIPHER INTERFACE + + The cipher interface is implemented as an array of bytes in which lower + AES bit sequence indexes map to higher numeric significance within bytes. + + uint_8t (an unsigned 8-bit type) + uint_32t (an unsigned 32-bit type) + struct aes_encrypt_ctx (structure for the cipher encryption context) + struct aes_decrypt_ctx (structure for the cipher decryption context) + AES_RETURN the function return type + + C subroutine calls: + + AES_RETURN aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1]); + AES_RETURN aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1]); + AES_RETURN aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1]); + AES_RETURN aes_encrypt(const unsigned char *in, unsigned char *out, + const aes_encrypt_ctx cx[1]); + + AES_RETURN aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1]); + AES_RETURN aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1]); + AES_RETURN aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1]); + AES_RETURN aes_decrypt(const unsigned char *in, unsigned char *out, + const aes_decrypt_ctx cx[1]); + + IMPORTANT NOTE: If you are using this C interface with dynamic tables make sure that + you call aes_init() before AES is used so that the tables are initialised. + + C++ aes class subroutines: + + Class AESencrypt for encryption + + Construtors: + AESencrypt(void) + AESencrypt(const unsigned char *key) - 128 bit key + Members: + AES_RETURN key128(const unsigned char *key) + AES_RETURN key192(const unsigned char *key) + AES_RETURN key256(const unsigned char *key) + AES_RETURN encrypt(const unsigned char *in, unsigned char *out) const + + Class AESdecrypt for encryption + Construtors: + AESdecrypt(void) + AESdecrypt(const unsigned char *key) - 128 bit key + Members: + AES_RETURN key128(const unsigned char *key) + AES_RETURN key192(const unsigned char *key) + AES_RETURN key256(const unsigned char *key) + AES_RETURN decrypt(const unsigned char *in, unsigned char *out) const +*/ + +/* Adapted for TrueCrypt */ + +#if !defined( _AESOPT_H ) +#define _AESOPT_H + +#ifdef TC_WINDOWS_BOOT +#define ASM_X86_V2 +#endif + +#if defined( __cplusplus ) +#include "Aescpp.h" +#else +#include "Aes.h" +#endif + + +#include "Common/Endian.h" +#define IS_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */ +#define IS_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */ + +#if BYTE_ORDER == LITTLE_ENDIAN +# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN +#endif + +#if BYTE_ORDER == BIG_ENDIAN +# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN +#endif + + +/* CONFIGURATION - THE USE OF DEFINES + + Later in this section there are a number of defines that control the + operation of the code. In each section, the purpose of each define is + explained so that the relevant form can be included or excluded by + setting either 1's or 0's respectively on the branches of the related + #if clauses. The following local defines should not be changed. +*/ + +#define ENCRYPTION_IN_C 1 +#define DECRYPTION_IN_C 2 +#define ENC_KEYING_IN_C 4 +#define DEC_KEYING_IN_C 8 + +#define NO_TABLES 0 +#define ONE_TABLE 1 +#define FOUR_TABLES 4 +#define NONE 0 +#define PARTIAL 1 +#define FULL 2 + +/* --- START OF USER CONFIGURED OPTIONS --- */ + +/* 1. BYTE ORDER WITHIN 32 BIT WORDS + + The fundamental data processing units in Rijndael are 8-bit bytes. The + input, output and key input are all enumerated arrays of bytes in which + bytes are numbered starting at zero and increasing to one less than the + number of bytes in the array in question. This enumeration is only used + for naming bytes and does not imply any adjacency or order relationship + from one byte to another. When these inputs and outputs are considered + as bit sequences, bits 8*n to 8*n+7 of the bit sequence are mapped to + byte[n] with bit 8n+i in the sequence mapped to bit 7-i within the byte. + In this implementation bits are numbered from 0 to 7 starting at the + numerically least significant end of each byte (bit n represents 2^n). + + However, Rijndael can be implemented more efficiently using 32-bit + words by packing bytes into words so that bytes 4*n to 4*n+3 are placed + into word[n]. While in principle these bytes can be assembled into words + in any positions, this implementation only supports the two formats in + which bytes in adjacent positions within words also have adjacent byte + numbers. This order is called big-endian if the lowest numbered bytes + in words have the highest numeric significance and little-endian if the + opposite applies. + + This code can work in either order irrespective of the order used by the + machine on which it runs. Normally the internal byte order will be set + to the order of the processor on which the code is to be run but this + define can be used to reverse this in special situations + + WARNING: Assembler code versions rely on PLATFORM_BYTE_ORDER being set. + This define will hence be redefined later (in section 4) if necessary +*/ + +#if 1 +#define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER +#elif 0 +#define ALGORITHM_BYTE_ORDER IS_LITTLE_ENDIAN +#elif 0 +#define ALGORITHM_BYTE_ORDER IS_BIG_ENDIAN +#else +#error The algorithm byte order is not defined +#endif + +/* 2. VIA ACE SUPPORT + + Define this option if support for the VIA ACE is required. This uses + inline assembler instructions and is only implemented for the Microsoft, + Intel and GCC compilers. If VIA ACE is known to be present, then defining + ASSUME_VIA_ACE_PRESENT will remove the ordinary encryption/decryption + code. If USE_VIA_ACE_IF_PRESENT is defined then VIA ACE will be used if + it is detected (both present and enabled) but the normal AES code will + also be present. + + When VIA ACE is to be used, all AES encryption contexts MUST be 16 byte + aligned; other input/output buffers do not need to be 16 byte aligned + but there are very large performance gains if this can be arranged. + VIA ACE also requires the decryption key schedule to be in reverse + order (which later checks below ensure). +*/ + +#if 0 && !defined( USE_VIA_ACE_IF_PRESENT ) +# define USE_VIA_ACE_IF_PRESENT +#endif + +#if 0 && !defined( ASSUME_VIA_ACE_PRESENT ) +# define ASSUME_VIA_ACE_PRESENT +# endif + +#if defined ( _WIN64 ) || defined( _WIN32_WCE ) || \ + defined( _MSC_VER ) && ( _MSC_VER <= 800 ) +# if defined( USE_VIA_ACE_IF_PRESENT ) +# undef USE_VIA_ACE_IF_PRESENT +# endif +# if defined( ASSUME_VIA_ACE_PRESENT ) +# undef ASSUME_VIA_ACE_PRESENT +# endif +#endif + +/* 3. ASSEMBLER SUPPORT + + This define (which can be on the command line) enables the use of the + assembler code routines for encryption, decryption and key scheduling + as follows: + + ASM_X86_V1C uses the assembler (aes_x86_v1.asm) with large tables for + encryption and decryption and but with key scheduling in C + ASM_X86_V2 uses assembler (aes_x86_v2.asm) with compressed tables for + encryption, decryption and key scheduling + ASM_X86_V2C uses assembler (aes_x86_v2.asm) with compressed tables for + encryption and decryption and but with key scheduling in C + ASM_AMD64_C uses assembler (aes_amd64.asm) with compressed tables for + encryption and decryption and but with key scheduling in C + + Change one 'if 0' below to 'if 1' to select the version or define + as a compilation option. +*/ + +#if 0 && !defined( ASM_X86_V1C ) +# define ASM_X86_V1C +#elif 0 && !defined( ASM_X86_V2 ) +# define ASM_X86_V2 +#elif 0 && !defined( ASM_X86_V2C ) +# define ASM_X86_V2C +#elif 0 && !defined( ASM_AMD64_C ) +# define ASM_AMD64_C +#endif + +#if (defined ( ASM_X86_V1C ) || defined( ASM_X86_V2 ) || defined( ASM_X86_V2C )) \ + && !defined( _M_IX86 ) || defined( ASM_AMD64_C ) && !defined( _M_X64 ) +//# error Assembler code is only available for x86 and AMD64 systems +#endif + +/* 4. FAST INPUT/OUTPUT OPERATIONS. + + On some machines it is possible to improve speed by transferring the + bytes in the input and output arrays to and from the internal 32-bit + variables by addressing these arrays as if they are arrays of 32-bit + words. On some machines this will always be possible but there may + be a large performance penalty if the byte arrays are not aligned on + the normal word boundaries. On other machines this technique will + lead to memory access errors when such 32-bit word accesses are not + properly aligned. The option SAFE_IO avoids such problems but will + often be slower on those machines that support misaligned access + (especially so if care is taken to align the input and output byte + arrays on 32-bit word boundaries). If SAFE_IO is not defined it is + assumed that access to byte arrays as if they are arrays of 32-bit + words will not cause problems when such accesses are misaligned. +*/ +#if 1 && !defined( _MSC_VER ) +#define SAFE_IO +#endif + +/* 5. LOOP UNROLLING + + The code for encryption and decrytpion cycles through a number of rounds + that can be implemented either in a loop or by expanding the code into a + long sequence of instructions, the latter producing a larger program but + one that will often be much faster. The latter is called loop unrolling. + There are also potential speed advantages in expanding two iterations in + a loop with half the number of iterations, which is called partial loop + unrolling. The following options allow partial or full loop unrolling + to be set independently for encryption and decryption +*/ +#if 1 +#define ENC_UNROLL FULL +#elif 0 +#define ENC_UNROLL PARTIAL +#else +#define ENC_UNROLL NONE +#endif + +#if 1 +#define DEC_UNROLL FULL +#elif 0 +#define DEC_UNROLL PARTIAL +#else +#define DEC_UNROLL NONE +#endif + +/* 6. FAST FINITE FIELD OPERATIONS + + If this section is included, tables are used to provide faster finite + field arithmetic (this has no effect if FIXED_TABLES is defined). +*/ +#if !defined (TC_WINDOWS_BOOT) +#define FF_TABLES +#endif + +/* 7. INTERNAL STATE VARIABLE FORMAT + + The internal state of Rijndael is stored in a number of local 32-bit + word varaibles which can be defined either as an array or as individual + names variables. Include this section if you want to store these local + varaibles in arrays. Otherwise individual local variables will be used. +*/ +#if 1 +#define ARRAYS +#endif + +/* 8. FIXED OR DYNAMIC TABLES + + When this section is included the tables used by the code are compiled + statically into the binary file. Otherwise the subroutine aes_init() + must be called to compute them before the code is first used. +*/ +#if !defined (TC_WINDOWS_BOOT) && !(defined( _MSC_VER ) && ( _MSC_VER <= 800 )) +#define FIXED_TABLES +#endif + +/* 9. TABLE ALIGNMENT + + On some sytsems speed will be improved by aligning the AES large lookup + tables on particular boundaries. This define should be set to a power of + two giving the desired alignment. It can be left undefined if alignment + is not needed. This option is specific to the Microsft VC++ compiler - + it seems to sometimes cause trouble for the VC++ version 6 compiler. +*/ + +#if 1 && defined( _MSC_VER ) && ( _MSC_VER >= 1300 ) +#define TABLE_ALIGN 32 +#endif + +/* 10. TABLE OPTIONS + + This cipher proceeds by repeating in a number of cycles known as 'rounds' + which are implemented by a round function which can optionally be speeded + up using tables. The basic tables are each 256 32-bit words, with either + one or four tables being required for each round function depending on + how much speed is required. The encryption and decryption round functions + are different and the last encryption and decrytpion round functions are + different again making four different round functions in all. + + This means that: + 1. Normal encryption and decryption rounds can each use either 0, 1 + or 4 tables and table spaces of 0, 1024 or 4096 bytes each. + 2. The last encryption and decryption rounds can also use either 0, 1 + or 4 tables and table spaces of 0, 1024 or 4096 bytes each. + + Include or exclude the appropriate definitions below to set the number + of tables used by this implementation. +*/ + +#if 1 /* set tables for the normal encryption round */ +#define ENC_ROUND FOUR_TABLES +#elif 0 +#define ENC_ROUND ONE_TABLE +#else +#define ENC_ROUND NO_TABLES +#endif + +#if 1 /* set tables for the last encryption round */ +#define LAST_ENC_ROUND FOUR_TABLES +#elif 0 +#define LAST_ENC_ROUND ONE_TABLE +#else +#define LAST_ENC_ROUND NO_TABLES +#endif + +#if 1 /* set tables for the normal decryption round */ +#define DEC_ROUND FOUR_TABLES +#elif 0 +#define DEC_ROUND ONE_TABLE +#else +#define DEC_ROUND NO_TABLES +#endif + +#if 1 /* set tables for the last decryption round */ +#define LAST_DEC_ROUND FOUR_TABLES +#elif 0 +#define LAST_DEC_ROUND ONE_TABLE +#else +#define LAST_DEC_ROUND NO_TABLES +#endif + +/* The decryption key schedule can be speeded up with tables in the same + way that the round functions can. Include or exclude the following + defines to set this requirement. +*/ +#if 1 +#define KEY_SCHED FOUR_TABLES +#elif 0 +#define KEY_SCHED ONE_TABLE +#else +#define KEY_SCHED NO_TABLES +#endif + +/* ---- END OF USER CONFIGURED OPTIONS ---- */ + +/* VIA ACE support is only available for VC++ and GCC */ + +#if !defined( _MSC_VER ) && !defined( __GNUC__ ) +# if defined( ASSUME_VIA_ACE_PRESENT ) +# undef ASSUME_VIA_ACE_PRESENT +# endif +# if defined( USE_VIA_ACE_IF_PRESENT ) +# undef USE_VIA_ACE_IF_PRESENT +# endif +#endif + +#if defined( ASSUME_VIA_ACE_PRESENT ) && !defined( USE_VIA_ACE_IF_PRESENT ) +#define USE_VIA_ACE_IF_PRESENT +#endif + +#if defined( USE_VIA_ACE_IF_PRESENT ) && !defined ( AES_REV_DKS ) +#define AES_REV_DKS +#endif + +/* Assembler support requires the use of platform byte order */ + +#if ( defined( ASM_X86_V1C ) || defined( ASM_X86_V2C ) || defined( ASM_AMD64_C ) ) \ + && (ALGORITHM_BYTE_ORDER != PLATFORM_BYTE_ORDER) +#undef ALGORITHM_BYTE_ORDER +#define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER +#endif + +/* In this implementation the columns of the state array are each held in + 32-bit words. The state array can be held in various ways: in an array + of words, in a number of individual word variables or in a number of + processor registers. The following define maps a variable name x and + a column number c to the way the state array variable is to be held. + The first define below maps the state into an array x[c] whereas the + second form maps the state into a number of individual variables x0, + x1, etc. Another form could map individual state colums to machine + register names. +*/ + +#if defined( ARRAYS ) +#define s(x,c) x[c] +#else +#define s(x,c) x##c +#endif + +/* This implementation provides subroutines for encryption, decryption + and for setting the three key lengths (separately) for encryption + and decryption. Since not all functions are needed, masks are set + up here to determine which will be implemented in C +*/ + +#if !defined( AES_ENCRYPT ) +# define EFUNCS_IN_C 0 +#elif defined( ASSUME_VIA_ACE_PRESENT ) || defined( ASM_X86_V1C ) \ + || defined( ASM_X86_V2C ) || defined( ASM_AMD64_C ) +# define EFUNCS_IN_C ENC_KEYING_IN_C +#elif !defined( ASM_X86_V2 ) +# define EFUNCS_IN_C ( ENCRYPTION_IN_C | ENC_KEYING_IN_C ) +#else +# define EFUNCS_IN_C 0 +#endif + +#if !defined( AES_DECRYPT ) +# define DFUNCS_IN_C 0 +#elif defined( ASSUME_VIA_ACE_PRESENT ) || defined( ASM_X86_V1C ) \ + || defined( ASM_X86_V2C ) || defined( ASM_AMD64_C ) +# define DFUNCS_IN_C DEC_KEYING_IN_C +#elif !defined( ASM_X86_V2 ) +# define DFUNCS_IN_C ( DECRYPTION_IN_C | DEC_KEYING_IN_C ) +#else +# define DFUNCS_IN_C 0 +#endif + +#define FUNCS_IN_C ( EFUNCS_IN_C | DFUNCS_IN_C ) + +/* END OF CONFIGURATION OPTIONS */ + +#define RC_LENGTH (5 * (AES_BLOCK_SIZE / 4 - 2)) + +/* Disable or report errors on some combinations of options */ + +#if ENC_ROUND == NO_TABLES && LAST_ENC_ROUND != NO_TABLES +#undef LAST_ENC_ROUND +#define LAST_ENC_ROUND NO_TABLES +#elif ENC_ROUND == ONE_TABLE && LAST_ENC_ROUND == FOUR_TABLES +#undef LAST_ENC_ROUND +#define LAST_ENC_ROUND ONE_TABLE +#endif + +#if ENC_ROUND == NO_TABLES && ENC_UNROLL != NONE +#undef ENC_UNROLL +#define ENC_UNROLL NONE +#endif + +#if DEC_ROUND == NO_TABLES && LAST_DEC_ROUND != NO_TABLES +#undef LAST_DEC_ROUND +#define LAST_DEC_ROUND NO_TABLES +#elif DEC_ROUND == ONE_TABLE && LAST_DEC_ROUND == FOUR_TABLES +#undef LAST_DEC_ROUND +#define LAST_DEC_ROUND ONE_TABLE +#endif + +#if DEC_ROUND == NO_TABLES && DEC_UNROLL != NONE +#undef DEC_UNROLL +#define DEC_UNROLL NONE +#endif + +#if defined( bswap32 ) +#define aes_sw32 bswap32 +#elif defined( bswap_32 ) +#define aes_sw32 bswap_32 +#else +#define brot(x,n) (((uint_32t)(x) << n) | ((uint_32t)(x) >> (32 - n))) +#define aes_sw32(x) ((brot((x),8) & 0x00ff00ff) | (brot((x),24) & 0xff00ff00)) +#endif + +/* upr(x,n): rotates bytes within words by n positions, moving bytes to + higher index positions with wrap around into low positions + ups(x,n): moves bytes by n positions to higher index positions in + words but without wrap around + bval(x,n): extracts a byte from a word + + WARNING: The definitions given here are intended only for use with + unsigned variables and with shift counts that are compile + time constants +*/ + +#if ( ALGORITHM_BYTE_ORDER == IS_LITTLE_ENDIAN ) +#define upr(x,n) (((uint_32t)(x) << (8 * (n))) | ((uint_32t)(x) >> (32 - 8 * (n)))) +#define ups(x,n) ((uint_32t) (x) << (8 * (n))) +#define bval(x,n) ((uint_8t)((x) >> (8 * (n)))) +#define bytes2word(b0, b1, b2, b3) \ + (((uint_32t)(b3) << 24) | ((uint_32t)(b2) << 16) | ((uint_32t)(b1) << 8) | (b0)) +#endif + +#if ( ALGORITHM_BYTE_ORDER == IS_BIG_ENDIAN ) +#define upr(x,n) (((uint_32t)(x) >> (8 * (n))) | ((uint_32t)(x) << (32 - 8 * (n)))) +#define ups(x,n) ((uint_32t) (x) >> (8 * (n))) +#define bval(x,n) ((uint_8t)((x) >> (24 - 8 * (n)))) +#define bytes2word(b0, b1, b2, b3) \ + (((uint_32t)(b0) << 24) | ((uint_32t)(b1) << 16) | ((uint_32t)(b2) << 8) | (b3)) +#endif + +#if defined( SAFE_IO ) + +#define word_in(x,c) bytes2word(((const uint_8t*)(x)+4*c)[0], ((const uint_8t*)(x)+4*c)[1], \ + ((const uint_8t*)(x)+4*c)[2], ((const uint_8t*)(x)+4*c)[3]) +#define word_out(x,c,v) { ((uint_8t*)(x)+4*c)[0] = bval(v,0); ((uint_8t*)(x)+4*c)[1] = bval(v,1); \ + ((uint_8t*)(x)+4*c)[2] = bval(v,2); ((uint_8t*)(x)+4*c)[3] = bval(v,3); } + +#elif ( ALGORITHM_BYTE_ORDER == PLATFORM_BYTE_ORDER ) + +#define word_in(x,c) (*((uint_32t*)(x)+(c))) +#define word_out(x,c,v) (*((uint_32t*)(x)+(c)) = (v)) + +#else + +#define word_in(x,c) aes_sw32(*((uint_32t*)(x)+(c))) +#define word_out(x,c,v) (*((uint_32t*)(x)+(c)) = aes_sw32(v)) + +#endif + +/* the finite field modular polynomial and elements */ + +#define WPOLY 0x011b +#define BPOLY 0x1b + +/* multiply four bytes in GF(2^8) by 'x' {02} in parallel */ + +#define m1 0x80808080 +#define m2 0x7f7f7f7f +#define gf_mulx(x) ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * BPOLY)) + +/* The following defines provide alternative definitions of gf_mulx that might + give improved performance if a fast 32-bit multiply is not available. Note + that a temporary variable u needs to be defined where gf_mulx is used. + +#define gf_mulx(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6)) +#define m4 (0x01010101 * BPOLY) +#define gf_mulx(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4) +*/ + +/* Work out which tables are needed for the different options */ + +#if defined( ASM_X86_V1C ) +#if defined( ENC_ROUND ) +#undef ENC_ROUND +#endif +#define ENC_ROUND FOUR_TABLES +#if defined( LAST_ENC_ROUND ) +#undef LAST_ENC_ROUND +#endif +#define LAST_ENC_ROUND FOUR_TABLES +#if defined( DEC_ROUND ) +#undef DEC_ROUND +#endif +#define DEC_ROUND FOUR_TABLES +#if defined( LAST_DEC_ROUND ) +#undef LAST_DEC_ROUND +#endif +#define LAST_DEC_ROUND FOUR_TABLES +#if defined( KEY_SCHED ) +#undef KEY_SCHED +#define KEY_SCHED FOUR_TABLES +#endif +#endif + +#if ( FUNCS_IN_C & ENCRYPTION_IN_C ) || defined( ASM_X86_V1C ) +#if ENC_ROUND == ONE_TABLE +#define FT1_SET +#elif ENC_ROUND == FOUR_TABLES +#define FT4_SET +#else +#define SBX_SET +#endif +#if LAST_ENC_ROUND == ONE_TABLE +#define FL1_SET +#elif LAST_ENC_ROUND == FOUR_TABLES +#define FL4_SET +#elif !defined( SBX_SET ) +#define SBX_SET +#endif +#endif + +#if ( FUNCS_IN_C & DECRYPTION_IN_C ) || defined( ASM_X86_V1C ) +#if DEC_ROUND == ONE_TABLE +#define IT1_SET +#elif DEC_ROUND == FOUR_TABLES +#define IT4_SET +#else +#define ISB_SET +#endif +#if LAST_DEC_ROUND == ONE_TABLE +#define IL1_SET +#elif LAST_DEC_ROUND == FOUR_TABLES +#define IL4_SET +#elif !defined(ISB_SET) +#define ISB_SET +#endif +#endif + +#if (FUNCS_IN_C & ENC_KEYING_IN_C) || (FUNCS_IN_C & DEC_KEYING_IN_C) +#if KEY_SCHED == ONE_TABLE +#define LS1_SET +#elif KEY_SCHED == FOUR_TABLES +#define LS4_SET +#elif !defined( SBX_SET ) +#define SBX_SET +#endif +#endif + +#if (FUNCS_IN_C & DEC_KEYING_IN_C) +#if KEY_SCHED == ONE_TABLE +#define IM1_SET +#elif KEY_SCHED == FOUR_TABLES +#define IM4_SET +#elif !defined( SBX_SET ) +#define SBX_SET +#endif +#endif + +/* generic definitions of Rijndael macros that use tables */ + +#define no_table(x,box,vf,rf,c) bytes2word( \ + box[bval(vf(x,0,c),rf(0,c))], \ + box[bval(vf(x,1,c),rf(1,c))], \ + box[bval(vf(x,2,c),rf(2,c))], \ + box[bval(vf(x,3,c),rf(3,c))]) + +#define one_table(x,op,tab,vf,rf,c) \ + ( tab[bval(vf(x,0,c),rf(0,c))] \ + ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \ + ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \ + ^ op(tab[bval(vf(x,3,c),rf(3,c))],3)) + +#define four_tables(x,tab,vf,rf,c) \ + ( tab[0][bval(vf(x,0,c),rf(0,c))] \ + ^ tab[1][bval(vf(x,1,c),rf(1,c))] \ + ^ tab[2][bval(vf(x,2,c),rf(2,c))] \ + ^ tab[3][bval(vf(x,3,c),rf(3,c))]) + +#define vf1(x,r,c) (x) +#define rf1(r,c) (r) +#define rf2(r,c) ((8+r-c)&3) + +/* perform forward and inverse column mix operation on four bytes in long word x in */ +/* parallel. NOTE: x must be a simple variable, NOT an expression in these macros. */ + +#if defined( FM4_SET ) /* not currently used */ +#define fwd_mcol(x) four_tables(x,t_use(f,m),vf1,rf1,0) +#elif defined( FM1_SET ) /* not currently used */ +#define fwd_mcol(x) one_table(x,upr,t_use(f,m),vf1,rf1,0) +#else +#define dec_fmvars uint_32t g2 +#define fwd_mcol(x) (g2 = gf_mulx(x), g2 ^ upr((x) ^ g2, 3) ^ upr((x), 2) ^ upr((x), 1)) +#endif + +#if defined( IM4_SET ) +#define inv_mcol(x) four_tables(x,t_use(i,m),vf1,rf1,0) +#elif defined( IM1_SET ) +#define inv_mcol(x) one_table(x,upr,t_use(i,m),vf1,rf1,0) +#else +#define dec_imvars uint_32t g2, g4, g9 +#define inv_mcol(x) (g2 = gf_mulx(x), g4 = gf_mulx(g2), g9 = (x) ^ gf_mulx(g4), g4 ^= g9, \ + (x) ^ g2 ^ g4 ^ upr(g2 ^ g9, 3) ^ upr(g4, 2) ^ upr(g9, 1)) +#endif + +#if defined( FL4_SET ) +#define ls_box(x,c) four_tables(x,t_use(f,l),vf1,rf2,c) +#elif defined( LS4_SET ) +#define ls_box(x,c) four_tables(x,t_use(l,s),vf1,rf2,c) +#elif defined( FL1_SET ) +#define ls_box(x,c) one_table(x,upr,t_use(f,l),vf1,rf2,c) +#elif defined( LS1_SET ) +#define ls_box(x,c) one_table(x,upr,t_use(l,s),vf1,rf2,c) +#else +#define ls_box(x,c) no_table(x,t_use(s,box),vf1,rf2,c) +#endif + +#if defined( ASM_X86_V1C ) && defined( AES_DECRYPT ) && !defined( ISB_SET ) +#define ISB_SET +#endif + +#endif diff --git a/src/Crypto/Aestab.c b/src/Crypto/Aestab.c index 2fd53789..1effb6f6 100644 --- a/src/Crypto/Aestab.c +++ b/src/Crypto/Aestab.c @@ -1,428 +1,428 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software is allowed (with or without - changes) provided that: - - 1. source code distributions include the above copyright notice, this - list of conditions and the following disclaimer; - - 2. binary distributions include the above copyright notice, this list - of conditions and the following disclaimer in their documentation; - - 3. the name of the copyright holder is not used to endorse products - built using this software without specific written permission. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 20/12/2007 -*/ - -/* Adapted for TrueCrypt: - - Added run-time table generator for Aes_x86_v2.asm -*/ - -#define DO_TABLES - -#include "Aes.h" -#include "Aesopt.h" - -#if defined(FIXED_TABLES) - -#define sb_data(w) {\ - w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\ - w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\ - w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\ - w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\ - w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\ - w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\ - w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\ - w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\ - w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\ - w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\ - w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\ - w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\ - w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\ - w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\ - w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\ - w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\ - w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\ - w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\ - w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\ - w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\ - w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\ - w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\ - w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\ - w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\ - w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\ - w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\ - w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\ - w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\ - w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\ - w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\ - w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\ - w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16) } - -#define isb_data(w) {\ - w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38),\ - w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb),\ - w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87),\ - w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb),\ - w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d),\ - w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e),\ - w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2),\ - w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25),\ - w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16),\ - w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92),\ - w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda),\ - w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84),\ - w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a),\ - w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06),\ - w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02),\ - w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b),\ - w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea),\ - w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73),\ - w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85),\ - w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e),\ - w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89),\ - w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b),\ - w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20),\ - w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4),\ - w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31),\ - w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f),\ - w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d),\ - w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef),\ - w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0),\ - w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61),\ - w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26),\ - w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d) } - -#define mm_data(w) {\ - w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07),\ - w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f),\ - w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17),\ - w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f),\ - w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27),\ - w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f),\ - w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37),\ - w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f),\ - w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47),\ - w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f),\ - w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57),\ - w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f),\ - w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67),\ - w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f),\ - w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77),\ - w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f),\ - w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87),\ - w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f),\ - w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97),\ - w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f),\ - w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7),\ - w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf),\ - w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7),\ - w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf),\ - w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7),\ - w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf),\ - w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7),\ - w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf),\ - w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7),\ - w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef),\ - w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7),\ - w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff) } - -#define rc_data(w) {\ - w(0x01), w(0x02), w(0x04), w(0x08), w(0x10),w(0x20), w(0x40), w(0x80),\ - w(0x1b), w(0x36) } - -#define h0(x) (x) - -#define w0(p) bytes2word(p, 0, 0, 0) -#define w1(p) bytes2word(0, p, 0, 0) -#define w2(p) bytes2word(0, 0, p, 0) -#define w3(p) bytes2word(0, 0, 0, p) - -#define u0(p) bytes2word(f2(p), p, p, f3(p)) -#define u1(p) bytes2word(f3(p), f2(p), p, p) -#define u2(p) bytes2word(p, f3(p), f2(p), p) -#define u3(p) bytes2word(p, p, f3(p), f2(p)) - -#define v0(p) bytes2word(fe(p), f9(p), fd(p), fb(p)) -#define v1(p) bytes2word(fb(p), fe(p), f9(p), fd(p)) -#define v2(p) bytes2word(fd(p), fb(p), fe(p), f9(p)) -#define v3(p) bytes2word(f9(p), fd(p), fb(p), fe(p)) - -#endif - -#if defined(FIXED_TABLES) || !defined(FF_TABLES) - -#define f2(x) ((x<<1) ^ (((x>>7) & 1) * WPOLY)) -#define f4(x) ((x<<2) ^ (((x>>6) & 1) * WPOLY) ^ (((x>>6) & 2) * WPOLY)) -#define f8(x) ((x<<3) ^ (((x>>5) & 1) * WPOLY) ^ (((x>>5) & 2) * WPOLY) \ - ^ (((x>>5) & 4) * WPOLY)) -#define f3(x) (f2(x) ^ x) -#define f9(x) (f8(x) ^ x) -#define fb(x) (f8(x) ^ f2(x) ^ x) -#define fd(x) (f8(x) ^ f4(x) ^ x) -#define fe(x) (f8(x) ^ f4(x) ^ f2(x)) - -#else - -#define f2(x) ((x) ? pow[log[x] + 0x19] : 0) -#define f3(x) ((x) ? pow[log[x] + 0x01] : 0) -#define f9(x) ((x) ? pow[log[x] + 0xc7] : 0) -#define fb(x) ((x) ? pow[log[x] + 0x68] : 0) -#define fd(x) ((x) ? pow[log[x] + 0xee] : 0) -#define fe(x) ((x) ? pow[log[x] + 0xdf] : 0) -#define fi(x) ((x) ? pow[ 255 - log[x]] : 0) - -#endif - -#include "Aestab.h" - -#if defined(__cplusplus) -extern "C" -{ -#endif - -#if defined(FIXED_TABLES) - -/* implemented in case of wrong call for fixed tables */ - -AES_RETURN aes_init(void) -{ - return EXIT_SUCCESS; -} - -#else /* dynamic table generation */ - -#if !defined(FF_TABLES) - -/* Generate the tables for the dynamic table option - - It will generally be sensible to use tables to compute finite - field multiplies and inverses but where memory is scarse this - code might sometimes be better. But it only has effect during - initialisation so its pretty unimportant in overall terms. -*/ - -/* return 2 ^ (n - 1) where n is the bit number of the highest bit - set in x with x in the range 1 < x < 0x00000200. This form is - used so that locals within fi can be bytes rather than words -*/ - -static uint_8t hibit(const uint_32t x) -{ uint_8t r = (uint_8t)((x >> 1) | (x >> 2)); - - r |= (r >> 2); - r |= (r >> 4); - return (r + 1) >> 1; -} - -/* return the inverse of the finite field element x */ - -static uint_8t fi(const uint_8t x) -{ uint_8t p1 = x, p2 = BPOLY, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0; - - if(x < 2) return x; - - for(;;) - { - if(!n1) return v1; - - while(n2 >= n1) - { - n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2); - } - - if(!n2) return v2; - - while(n1 >= n2) - { - n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1); - } - } -} - -#endif - -/* The forward and inverse affine transformations used in the S-box */ - -#define fwd_affine(x) \ - (w = (uint_32t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(uint_8t)(w^(w>>8))) - -#define inv_affine(x) \ - (w = (uint_32t)x, w = (w<<1)^(w<<3)^(w<<6), 0x05^(uint_8t)(w^(w>>8))) - -static int init = 0; - -#ifdef TC_WINDOWS_BOOT - -#pragma optimize ("l", on) -uint_8t aes_enc_tab[256][8]; -uint_8t aes_dec_tab[256][8]; - -#endif - -AES_RETURN aes_init(void) -{ uint_32t i, w; - -#ifdef TC_WINDOWS_BOOT - - if (init) - return EXIT_SUCCESS; - - for (i = 0; i < 256; ++i) - { - uint_8t x = fwd_affine(fi((uint_8t)i)); - aes_enc_tab[i][0] = 0; - aes_enc_tab[i][1] = x; - aes_enc_tab[i][2] = x; - aes_enc_tab[i][3] = f3(x); - aes_enc_tab[i][4] = f2(x); - aes_enc_tab[i][5] = x; - aes_enc_tab[i][6] = x; - aes_enc_tab[i][7] = f3(x); - - x = fi((uint_8t)inv_affine((uint_8t)i)); - aes_dec_tab[i][0] = fe(x); - aes_dec_tab[i][1] = f9(x); - aes_dec_tab[i][2] = fd(x); - aes_dec_tab[i][3] = fb(x); - aes_dec_tab[i][4] = fe(x); - aes_dec_tab[i][5] = f9(x); - aes_dec_tab[i][6] = fd(x); - aes_dec_tab[i][7] = x; - } - -#else // TC_WINDOWS_BOOT - -#if defined(FF_TABLES) - - uint_8t pow[512], log[256]; - - if(init) - return EXIT_SUCCESS; - /* log and power tables for GF(2^8) finite field with - WPOLY as modular polynomial - the simplest primitive - root is 0x03, used here to generate the tables - */ - - i = 0; w = 1; - do - { - pow[i] = (uint_8t)w; - pow[i + 255] = (uint_8t)w; - log[w] = (uint_8t)i++; - w ^= (w << 1) ^ (w & 0x80 ? WPOLY : 0); - } - while (w != 1); - -#else - if(init) - return EXIT_SUCCESS; -#endif - - for(i = 0, w = 1; i < RC_LENGTH; ++i) - { - t_set(r,c)[i] = bytes2word(w, 0, 0, 0); - w = f2(w); - } - - for(i = 0; i < 256; ++i) - { uint_8t b; - - b = fwd_affine(fi((uint_8t)i)); - w = bytes2word(f2(b), b, b, f3(b)); - -#if defined( SBX_SET ) - t_set(s,box)[i] = b; -#endif - -#if defined( FT1_SET ) /* tables for a normal encryption round */ - t_set(f,n)[i] = w; -#endif -#if defined( FT4_SET ) - t_set(f,n)[0][i] = w; - t_set(f,n)[1][i] = upr(w,1); - t_set(f,n)[2][i] = upr(w,2); - t_set(f,n)[3][i] = upr(w,3); -#endif - w = bytes2word(b, 0, 0, 0); - -#if defined( FL1_SET ) /* tables for last encryption round (may also */ - t_set(f,l)[i] = w; /* be used in the key schedule) */ -#endif -#if defined( FL4_SET ) - t_set(f,l)[0][i] = w; - t_set(f,l)[1][i] = upr(w,1); - t_set(f,l)[2][i] = upr(w,2); - t_set(f,l)[3][i] = upr(w,3); -#endif - -#if defined( LS1_SET ) /* table for key schedule if t_set(f,l) above is*/ - t_set(l,s)[i] = w; /* not of the required form */ -#endif -#if defined( LS4_SET ) - t_set(l,s)[0][i] = w; - t_set(l,s)[1][i] = upr(w,1); - t_set(l,s)[2][i] = upr(w,2); - t_set(l,s)[3][i] = upr(w,3); -#endif - - b = fi(inv_affine((uint_8t)i)); - w = bytes2word(fe(b), f9(b), fd(b), fb(b)); - -#if defined( IM1_SET ) /* tables for the inverse mix column operation */ - t_set(i,m)[b] = w; -#endif -#if defined( IM4_SET ) - t_set(i,m)[0][b] = w; - t_set(i,m)[1][b] = upr(w,1); - t_set(i,m)[2][b] = upr(w,2); - t_set(i,m)[3][b] = upr(w,3); -#endif - -#if defined( ISB_SET ) - t_set(i,box)[i] = b; -#endif -#if defined( IT1_SET ) /* tables for a normal decryption round */ - t_set(i,n)[i] = w; -#endif -#if defined( IT4_SET ) - t_set(i,n)[0][i] = w; - t_set(i,n)[1][i] = upr(w,1); - t_set(i,n)[2][i] = upr(w,2); - t_set(i,n)[3][i] = upr(w,3); -#endif - w = bytes2word(b, 0, 0, 0); -#if defined( IL1_SET ) /* tables for last decryption round */ - t_set(i,l)[i] = w; -#endif -#if defined( IL4_SET ) - t_set(i,l)[0][i] = w; - t_set(i,l)[1][i] = upr(w,1); - t_set(i,l)[2][i] = upr(w,2); - t_set(i,l)[3][i] = upr(w,3); -#endif - } - -#endif // TC_WINDOWS_BOOT - - init = 1; - return EXIT_SUCCESS; -} - -#endif - -#if defined(__cplusplus) -} -#endif - +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 +*/ + +/* Adapted for TrueCrypt: + - Added run-time table generator for Aes_x86_v2.asm +*/ + +#define DO_TABLES + +#include "Aes.h" +#include "Aesopt.h" + +#if defined(FIXED_TABLES) + +#define sb_data(w) {\ + w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\ + w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\ + w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\ + w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\ + w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\ + w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\ + w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\ + w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\ + w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\ + w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\ + w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\ + w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\ + w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\ + w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\ + w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\ + w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\ + w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\ + w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\ + w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\ + w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\ + w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\ + w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\ + w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\ + w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\ + w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\ + w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\ + w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\ + w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\ + w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\ + w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\ + w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\ + w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16) } + +#define isb_data(w) {\ + w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38),\ + w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb),\ + w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87),\ + w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb),\ + w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d),\ + w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e),\ + w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2),\ + w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25),\ + w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16),\ + w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92),\ + w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda),\ + w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84),\ + w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a),\ + w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06),\ + w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02),\ + w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b),\ + w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea),\ + w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73),\ + w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85),\ + w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e),\ + w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89),\ + w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b),\ + w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20),\ + w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4),\ + w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31),\ + w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f),\ + w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d),\ + w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef),\ + w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0),\ + w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61),\ + w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26),\ + w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d) } + +#define mm_data(w) {\ + w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07),\ + w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f),\ + w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17),\ + w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f),\ + w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27),\ + w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f),\ + w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37),\ + w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f),\ + w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47),\ + w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f),\ + w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57),\ + w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f),\ + w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67),\ + w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f),\ + w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77),\ + w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f),\ + w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87),\ + w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f),\ + w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97),\ + w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f),\ + w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7),\ + w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf),\ + w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7),\ + w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf),\ + w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7),\ + w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf),\ + w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7),\ + w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf),\ + w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7),\ + w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef),\ + w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7),\ + w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff) } + +#define rc_data(w) {\ + w(0x01), w(0x02), w(0x04), w(0x08), w(0x10),w(0x20), w(0x40), w(0x80),\ + w(0x1b), w(0x36) } + +#define h0(x) (x) + +#define w0(p) bytes2word(p, 0, 0, 0) +#define w1(p) bytes2word(0, p, 0, 0) +#define w2(p) bytes2word(0, 0, p, 0) +#define w3(p) bytes2word(0, 0, 0, p) + +#define u0(p) bytes2word(f2(p), p, p, f3(p)) +#define u1(p) bytes2word(f3(p), f2(p), p, p) +#define u2(p) bytes2word(p, f3(p), f2(p), p) +#define u3(p) bytes2word(p, p, f3(p), f2(p)) + +#define v0(p) bytes2word(fe(p), f9(p), fd(p), fb(p)) +#define v1(p) bytes2word(fb(p), fe(p), f9(p), fd(p)) +#define v2(p) bytes2word(fd(p), fb(p), fe(p), f9(p)) +#define v3(p) bytes2word(f9(p), fd(p), fb(p), fe(p)) + +#endif + +#if defined(FIXED_TABLES) || !defined(FF_TABLES) + +#define f2(x) ((x<<1) ^ (((x>>7) & 1) * WPOLY)) +#define f4(x) ((x<<2) ^ (((x>>6) & 1) * WPOLY) ^ (((x>>6) & 2) * WPOLY)) +#define f8(x) ((x<<3) ^ (((x>>5) & 1) * WPOLY) ^ (((x>>5) & 2) * WPOLY) \ + ^ (((x>>5) & 4) * WPOLY)) +#define f3(x) (f2(x) ^ x) +#define f9(x) (f8(x) ^ x) +#define fb(x) (f8(x) ^ f2(x) ^ x) +#define fd(x) (f8(x) ^ f4(x) ^ x) +#define fe(x) (f8(x) ^ f4(x) ^ f2(x)) + +#else + +#define f2(x) ((x) ? pow[log[x] + 0x19] : 0) +#define f3(x) ((x) ? pow[log[x] + 0x01] : 0) +#define f9(x) ((x) ? pow[log[x] + 0xc7] : 0) +#define fb(x) ((x) ? pow[log[x] + 0x68] : 0) +#define fd(x) ((x) ? pow[log[x] + 0xee] : 0) +#define fe(x) ((x) ? pow[log[x] + 0xdf] : 0) +#define fi(x) ((x) ? pow[ 255 - log[x]] : 0) + +#endif + +#include "Aestab.h" + +#if defined(__cplusplus) +extern "C" +{ +#endif + +#if defined(FIXED_TABLES) + +/* implemented in case of wrong call for fixed tables */ + +AES_RETURN aes_init(void) +{ + return EXIT_SUCCESS; +} + +#else /* dynamic table generation */ + +#if !defined(FF_TABLES) + +/* Generate the tables for the dynamic table option + + It will generally be sensible to use tables to compute finite + field multiplies and inverses but where memory is scarse this + code might sometimes be better. But it only has effect during + initialisation so its pretty unimportant in overall terms. +*/ + +/* return 2 ^ (n - 1) where n is the bit number of the highest bit + set in x with x in the range 1 < x < 0x00000200. This form is + used so that locals within fi can be bytes rather than words +*/ + +static uint_8t hibit(const uint_32t x) +{ uint_8t r = (uint_8t)((x >> 1) | (x >> 2)); + + r |= (r >> 2); + r |= (r >> 4); + return (r + 1) >> 1; +} + +/* return the inverse of the finite field element x */ + +static uint_8t fi(const uint_8t x) +{ uint_8t p1 = x, p2 = BPOLY, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0; + + if(x < 2) return x; + + for(;;) + { + if(!n1) return v1; + + while(n2 >= n1) + { + n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2); + } + + if(!n2) return v2; + + while(n1 >= n2) + { + n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1); + } + } +} + +#endif + +/* The forward and inverse affine transformations used in the S-box */ + +#define fwd_affine(x) \ + (w = (uint_32t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(uint_8t)(w^(w>>8))) + +#define inv_affine(x) \ + (w = (uint_32t)x, w = (w<<1)^(w<<3)^(w<<6), 0x05^(uint_8t)(w^(w>>8))) + +static int init = 0; + +#ifdef TC_WINDOWS_BOOT + +#pragma optimize ("l", on) +uint_8t aes_enc_tab[256][8]; +uint_8t aes_dec_tab[256][8]; + +#endif + +AES_RETURN aes_init(void) +{ uint_32t i, w; + +#ifdef TC_WINDOWS_BOOT + + if (init) + return EXIT_SUCCESS; + + for (i = 0; i < 256; ++i) + { + uint_8t x = fwd_affine(fi((uint_8t)i)); + aes_enc_tab[i][0] = 0; + aes_enc_tab[i][1] = x; + aes_enc_tab[i][2] = x; + aes_enc_tab[i][3] = f3(x); + aes_enc_tab[i][4] = f2(x); + aes_enc_tab[i][5] = x; + aes_enc_tab[i][6] = x; + aes_enc_tab[i][7] = f3(x); + + x = fi((uint_8t)inv_affine((uint_8t)i)); + aes_dec_tab[i][0] = fe(x); + aes_dec_tab[i][1] = f9(x); + aes_dec_tab[i][2] = fd(x); + aes_dec_tab[i][3] = fb(x); + aes_dec_tab[i][4] = fe(x); + aes_dec_tab[i][5] = f9(x); + aes_dec_tab[i][6] = fd(x); + aes_dec_tab[i][7] = x; + } + +#else // TC_WINDOWS_BOOT + +#if defined(FF_TABLES) + + uint_8t pow[512], log[256]; + + if(init) + return EXIT_SUCCESS; + /* log and power tables for GF(2^8) finite field with + WPOLY as modular polynomial - the simplest primitive + root is 0x03, used here to generate the tables + */ + + i = 0; w = 1; + do + { + pow[i] = (uint_8t)w; + pow[i + 255] = (uint_8t)w; + log[w] = (uint_8t)i++; + w ^= (w << 1) ^ (w & 0x80 ? WPOLY : 0); + } + while (w != 1); + +#else + if(init) + return EXIT_SUCCESS; +#endif + + for(i = 0, w = 1; i < RC_LENGTH; ++i) + { + t_set(r,c)[i] = bytes2word(w, 0, 0, 0); + w = f2(w); + } + + for(i = 0; i < 256; ++i) + { uint_8t b; + + b = fwd_affine(fi((uint_8t)i)); + w = bytes2word(f2(b), b, b, f3(b)); + +#if defined( SBX_SET ) + t_set(s,box)[i] = b; +#endif + +#if defined( FT1_SET ) /* tables for a normal encryption round */ + t_set(f,n)[i] = w; +#endif +#if defined( FT4_SET ) + t_set(f,n)[0][i] = w; + t_set(f,n)[1][i] = upr(w,1); + t_set(f,n)[2][i] = upr(w,2); + t_set(f,n)[3][i] = upr(w,3); +#endif + w = bytes2word(b, 0, 0, 0); + +#if defined( FL1_SET ) /* tables for last encryption round (may also */ + t_set(f,l)[i] = w; /* be used in the key schedule) */ +#endif +#if defined( FL4_SET ) + t_set(f,l)[0][i] = w; + t_set(f,l)[1][i] = upr(w,1); + t_set(f,l)[2][i] = upr(w,2); + t_set(f,l)[3][i] = upr(w,3); +#endif + +#if defined( LS1_SET ) /* table for key schedule if t_set(f,l) above is*/ + t_set(l,s)[i] = w; /* not of the required form */ +#endif +#if defined( LS4_SET ) + t_set(l,s)[0][i] = w; + t_set(l,s)[1][i] = upr(w,1); + t_set(l,s)[2][i] = upr(w,2); + t_set(l,s)[3][i] = upr(w,3); +#endif + + b = fi(inv_affine((uint_8t)i)); + w = bytes2word(fe(b), f9(b), fd(b), fb(b)); + +#if defined( IM1_SET ) /* tables for the inverse mix column operation */ + t_set(i,m)[b] = w; +#endif +#if defined( IM4_SET ) + t_set(i,m)[0][b] = w; + t_set(i,m)[1][b] = upr(w,1); + t_set(i,m)[2][b] = upr(w,2); + t_set(i,m)[3][b] = upr(w,3); +#endif + +#if defined( ISB_SET ) + t_set(i,box)[i] = b; +#endif +#if defined( IT1_SET ) /* tables for a normal decryption round */ + t_set(i,n)[i] = w; +#endif +#if defined( IT4_SET ) + t_set(i,n)[0][i] = w; + t_set(i,n)[1][i] = upr(w,1); + t_set(i,n)[2][i] = upr(w,2); + t_set(i,n)[3][i] = upr(w,3); +#endif + w = bytes2word(b, 0, 0, 0); +#if defined( IL1_SET ) /* tables for last decryption round */ + t_set(i,l)[i] = w; +#endif +#if defined( IL4_SET ) + t_set(i,l)[0][i] = w; + t_set(i,l)[1][i] = upr(w,1); + t_set(i,l)[2][i] = upr(w,2); + t_set(i,l)[3][i] = upr(w,3); +#endif + } + +#endif // TC_WINDOWS_BOOT + + init = 1; + return EXIT_SUCCESS; +} + +#endif + +#if defined(__cplusplus) +} +#endif + diff --git a/src/Crypto/Aestab.h b/src/Crypto/Aestab.h index 2ad1b034..e52e0057 100644 --- a/src/Crypto/Aestab.h +++ b/src/Crypto/Aestab.h @@ -1,174 +1,174 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software is allowed (with or without - changes) provided that: - - 1. source code distributions include the above copyright notice, this - list of conditions and the following disclaimer; - - 2. binary distributions include the above copyright notice, this list - of conditions and the following disclaimer in their documentation; - - 3. the name of the copyright holder is not used to endorse products - built using this software without specific written permission. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 20/12/2007 - - This file contains the code for declaring the tables needed to implement - AES. The file aesopt.h is assumed to be included before this header file. - If there are no global variables, the definitions here can be used to put - the AES tables in a structure so that a pointer can then be added to the - AES context to pass them to the AES routines that need them. If this - facility is used, the calling program has to ensure that this pointer is - managed appropriately. In particular, the value of the t_dec(in,it) item - in the table structure must be set to zero in order to ensure that the - tables are initialised. In practice the three code sequences in aeskey.c - that control the calls to aes_init() and the aes_init() routine itself will - have to be changed for a specific implementation. If global variables are - available it will generally be preferable to use them with the precomputed - FIXED_TABLES option that uses static global tables. - - The following defines can be used to control the way the tables - are defined, initialised and used in embedded environments that - require special features for these purposes - - the 't_dec' construction is used to declare fixed table arrays - the 't_set' construction is used to set fixed table values - the 't_use' construction is used to access fixed table values - - 256 byte tables: - - t_xxx(s,box) => forward S box - t_xxx(i,box) => inverse S box - - 256 32-bit word OR 4 x 256 32-bit word tables: - - t_xxx(f,n) => forward normal round - t_xxx(f,l) => forward last round - t_xxx(i,n) => inverse normal round - t_xxx(i,l) => inverse last round - t_xxx(l,s) => key schedule table - t_xxx(i,m) => key schedule table - - Other variables and tables: - - t_xxx(r,c) => the rcon table -*/ - -#if !defined( _AESTAB_H ) -#define _AESTAB_H - -#define t_dec(m,n) t_##m##n -#define t_set(m,n) t_##m##n -#define t_use(m,n) t_##m##n - -#if defined(FIXED_TABLES) -# if !defined( __GNUC__ ) && (defined( __MSDOS__ ) || defined( __WIN16__ )) -/* make tables far data to avoid using too much DGROUP space (PG) */ -# define CONST const far -# else -# define CONST const -# endif -#else -# define CONST -#endif - -#if defined(__cplusplus) -# define EXTERN extern "C" -#elif defined(DO_TABLES) -# define EXTERN -#else -# define EXTERN extern -#endif - -#if defined(_MSC_VER) && defined(TABLE_ALIGN) -#define ALIGN __declspec(align(TABLE_ALIGN)) -#else -#define ALIGN -#endif - -#if defined( __WATCOMC__ ) && ( __WATCOMC__ >= 1100 ) -# define XP_DIR __cdecl -#else -# define XP_DIR -#endif - -#if defined(DO_TABLES) && defined(FIXED_TABLES) -#define d_1(t,n,b,e) EXTERN ALIGN CONST XP_DIR t n[256] = b(e) -#define d_4(t,n,b,e,f,g,h) EXTERN ALIGN CONST XP_DIR t n[4][256] = { b(e), b(f), b(g), b(h) } -EXTERN ALIGN CONST uint_32t t_dec(r,c)[RC_LENGTH] = rc_data(w0); -#else -#define d_1(t,n,b,e) EXTERN ALIGN CONST XP_DIR t n[256] -#define d_4(t,n,b,e,f,g,h) EXTERN ALIGN CONST XP_DIR t n[4][256] -EXTERN ALIGN CONST uint_32t t_dec(r,c)[RC_LENGTH]; -#endif - -#if defined( SBX_SET ) - d_1(uint_8t, t_dec(s,box), sb_data, h0); -#endif -#if defined( ISB_SET ) - d_1(uint_8t, t_dec(i,box), isb_data, h0); -#endif - -#if defined( FT1_SET ) - d_1(uint_32t, t_dec(f,n), sb_data, u0); -#endif -#if defined( FT4_SET ) - d_4(uint_32t, t_dec(f,n), sb_data, u0, u1, u2, u3); -#endif - -#if defined( FL1_SET ) - d_1(uint_32t, t_dec(f,l), sb_data, w0); -#endif -#if defined( FL4_SET ) - d_4(uint_32t, t_dec(f,l), sb_data, w0, w1, w2, w3); -#endif - -#if defined( IT1_SET ) - d_1(uint_32t, t_dec(i,n), isb_data, v0); -#endif -#if defined( IT4_SET ) - d_4(uint_32t, t_dec(i,n), isb_data, v0, v1, v2, v3); -#endif - -#if defined( IL1_SET ) - d_1(uint_32t, t_dec(i,l), isb_data, w0); -#endif -#if defined( IL4_SET ) - d_4(uint_32t, t_dec(i,l), isb_data, w0, w1, w2, w3); -#endif - -#if defined( LS1_SET ) -#if defined( FL1_SET ) -#undef LS1_SET -#else - d_1(uint_32t, t_dec(l,s), sb_data, w0); -#endif -#endif - -#if defined( LS4_SET ) -#if defined( FL4_SET ) -#undef LS4_SET -#else - d_4(uint_32t, t_dec(l,s), sb_data, w0, w1, w2, w3); -#endif -#endif - -#if defined( IM1_SET ) - d_1(uint_32t, t_dec(i,m), mm_data, v0); -#endif -#if defined( IM4_SET ) - d_4(uint_32t, t_dec(i,m), mm_data, v0, v1, v2, v3); -#endif - -#endif +/* + --------------------------------------------------------------------------- + Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 20/12/2007 + + This file contains the code for declaring the tables needed to implement + AES. The file aesopt.h is assumed to be included before this header file. + If there are no global variables, the definitions here can be used to put + the AES tables in a structure so that a pointer can then be added to the + AES context to pass them to the AES routines that need them. If this + facility is used, the calling program has to ensure that this pointer is + managed appropriately. In particular, the value of the t_dec(in,it) item + in the table structure must be set to zero in order to ensure that the + tables are initialised. In practice the three code sequences in aeskey.c + that control the calls to aes_init() and the aes_init() routine itself will + have to be changed for a specific implementation. If global variables are + available it will generally be preferable to use them with the precomputed + FIXED_TABLES option that uses static global tables. + + The following defines can be used to control the way the tables + are defined, initialised and used in embedded environments that + require special features for these purposes + + the 't_dec' construction is used to declare fixed table arrays + the 't_set' construction is used to set fixed table values + the 't_use' construction is used to access fixed table values + + 256 byte tables: + + t_xxx(s,box) => forward S box + t_xxx(i,box) => inverse S box + + 256 32-bit word OR 4 x 256 32-bit word tables: + + t_xxx(f,n) => forward normal round + t_xxx(f,l) => forward last round + t_xxx(i,n) => inverse normal round + t_xxx(i,l) => inverse last round + t_xxx(l,s) => key schedule table + t_xxx(i,m) => key schedule table + + Other variables and tables: + + t_xxx(r,c) => the rcon table +*/ + +#if !defined( _AESTAB_H ) +#define _AESTAB_H + +#define t_dec(m,n) t_##m##n +#define t_set(m,n) t_##m##n +#define t_use(m,n) t_##m##n + +#if defined(FIXED_TABLES) +# if !defined( __GNUC__ ) && (defined( __MSDOS__ ) || defined( __WIN16__ )) +/* make tables far data to avoid using too much DGROUP space (PG) */ +# define CONST const far +# else +# define CONST const +# endif +#else +# define CONST +#endif + +#if defined(__cplusplus) +# define EXTERN extern "C" +#elif defined(DO_TABLES) +# define EXTERN +#else +# define EXTERN extern +#endif + +#if defined(_MSC_VER) && defined(TABLE_ALIGN) +#define ALIGN __declspec(align(TABLE_ALIGN)) +#else +#define ALIGN +#endif + +#if defined( __WATCOMC__ ) && ( __WATCOMC__ >= 1100 ) +# define XP_DIR __cdecl +#else +# define XP_DIR +#endif + +#if defined(DO_TABLES) && defined(FIXED_TABLES) +#define d_1(t,n,b,e) EXTERN ALIGN CONST XP_DIR t n[256] = b(e) +#define d_4(t,n,b,e,f,g,h) EXTERN ALIGN CONST XP_DIR t n[4][256] = { b(e), b(f), b(g), b(h) } +EXTERN ALIGN CONST uint_32t t_dec(r,c)[RC_LENGTH] = rc_data(w0); +#else +#define d_1(t,n,b,e) EXTERN ALIGN CONST XP_DIR t n[256] +#define d_4(t,n,b,e,f,g,h) EXTERN ALIGN CONST XP_DIR t n[4][256] +EXTERN ALIGN CONST uint_32t t_dec(r,c)[RC_LENGTH]; +#endif + +#if defined( SBX_SET ) + d_1(uint_8t, t_dec(s,box), sb_data, h0); +#endif +#if defined( ISB_SET ) + d_1(uint_8t, t_dec(i,box), isb_data, h0); +#endif + +#if defined( FT1_SET ) + d_1(uint_32t, t_dec(f,n), sb_data, u0); +#endif +#if defined( FT4_SET ) + d_4(uint_32t, t_dec(f,n), sb_data, u0, u1, u2, u3); +#endif + +#if defined( FL1_SET ) + d_1(uint_32t, t_dec(f,l), sb_data, w0); +#endif +#if defined( FL4_SET ) + d_4(uint_32t, t_dec(f,l), sb_data, w0, w1, w2, w3); +#endif + +#if defined( IT1_SET ) + d_1(uint_32t, t_dec(i,n), isb_data, v0); +#endif +#if defined( IT4_SET ) + d_4(uint_32t, t_dec(i,n), isb_data, v0, v1, v2, v3); +#endif + +#if defined( IL1_SET ) + d_1(uint_32t, t_dec(i,l), isb_data, w0); +#endif +#if defined( IL4_SET ) + d_4(uint_32t, t_dec(i,l), isb_data, w0, w1, w2, w3); +#endif + +#if defined( LS1_SET ) +#if defined( FL1_SET ) +#undef LS1_SET +#else + d_1(uint_32t, t_dec(l,s), sb_data, w0); +#endif +#endif + +#if defined( LS4_SET ) +#if defined( FL4_SET ) +#undef LS4_SET +#else + d_4(uint_32t, t_dec(l,s), sb_data, w0, w1, w2, w3); +#endif +#endif + +#if defined( IM1_SET ) + d_1(uint_32t, t_dec(i,m), mm_data, v0); +#endif +#if defined( IM4_SET ) + d_4(uint_32t, t_dec(i,m), mm_data, v0, v1, v2, v3); +#endif + +#endif diff --git a/src/Crypto/Crypto.vcproj b/src/Crypto/Crypto.vcproj index 24b012c5..50f67a11 100644 --- a/src/Crypto/Crypto.vcproj +++ b/src/Crypto/Crypto.vcproj @@ -1,517 +1,517 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/Crypto/Makefile b/src/Crypto/Makefile index 53b9a3d6..5acbbd24 100644 --- a/src/Crypto/Makefile +++ b/src/Crypto/Makefile @@ -1 +1 @@ -!INCLUDE $(NTMAKEENV)\makefile.def +!INCLUDE $(NTMAKEENV)\makefile.def diff --git a/src/Crypto/Makefile.inc b/src/Crypto/Makefile.inc index 51c4f46d..955f2a76 100644 --- a/src/Crypto/Makefile.inc +++ b/src/Crypto/Makefile.inc @@ -1,15 +1,15 @@ -TC_ASFLAGS = -Xvc -Ox - -!if "$(TC_ARCH)" == "x86" -TC_ASFLAGS = $(TC_ASFLAGS) -f win32 --prefix _ -D MS_STDCALL -D DLL_EXPORT -!else -TC_ASFLAGS = $(TC_ASFLAGS) -f win64 -!endif - -TC_ASM_ERR_LOG = ..\Driver\build_errors_asm.log - -"$(OBJ_PATH)\$(O)\Aes_$(TC_ARCH).obj": Aes_$(TC_ARCH).asm - nasm.exe $(TC_ASFLAGS) -o "$@" -l "$(OBJ_PATH)\$(O)\Aes_$(TC_ARCH).lst" Aes_$(TC_ARCH).asm 2>$(TC_ASM_ERR_LOG) - -"$(OBJ_PATH)\$(O)\Aes_hw_cpu.obj": Aes_hw_cpu.asm - nasm.exe $(TC_ASFLAGS) -o "$@" -l "$(OBJ_PATH)\$(O)\Aes_hw_cpu.lst" Aes_hw_cpu.asm 2>$(TC_ASM_ERR_LOG) +TC_ASFLAGS = -Xvc -Ox + +!if "$(TC_ARCH)" == "x86" +TC_ASFLAGS = $(TC_ASFLAGS) -f win32 --prefix _ -D MS_STDCALL -D DLL_EXPORT +!else +TC_ASFLAGS = $(TC_ASFLAGS) -f win64 +!endif + +TC_ASM_ERR_LOG = ..\Driver\build_errors_asm.log + +"$(OBJ_PATH)\$(O)\Aes_$(TC_ARCH).obj": Aes_$(TC_ARCH).asm + nasm.exe $(TC_ASFLAGS) -o "$@" -l "$(OBJ_PATH)\$(O)\Aes_$(TC_ARCH).lst" Aes_$(TC_ARCH).asm 2>$(TC_ASM_ERR_LOG) + +"$(OBJ_PATH)\$(O)\Aes_hw_cpu.obj": Aes_hw_cpu.asm + nasm.exe $(TC_ASFLAGS) -o "$@" -l "$(OBJ_PATH)\$(O)\Aes_hw_cpu.lst" Aes_hw_cpu.asm 2>$(TC_ASM_ERR_LOG) diff --git a/src/Crypto/Rmd160.c b/src/Crypto/Rmd160.c index f94f5e08..75a34c3e 100644 --- a/src/Crypto/Rmd160.c +++ b/src/Crypto/Rmd160.c @@ -1,498 +1,498 @@ -// RIPEMD-160 written and placed in the public domain by Wei Dai - -/* - * This code implements the MD4 message-digest algorithm. - * The algorithm is due to Ron Rivest. This code was - * written by Colin Plumb in 1993, no copyright is claimed. - * This code is in the public domain; do with it what you wish. - */ - -/* Adapted for TrueCrypt */ -/* Adapted for VeraCrypt */ - -#include -#include "Common/Tcdefs.h" -#include "Common/Endian.h" -#include "Rmd160.h" - -#define F(x, y, z) (x ^ y ^ z) -#define G(x, y, z) (z ^ (x & (y^z))) -#define H(x, y, z) (z ^ (x | ~y)) -#define I(x, y, z) (y ^ (z & (x^y))) -#define J(x, y, z) (x ^ (y | ~z)) - -#define PUT_64BIT_LE(cp, value) do { \ - (cp)[7] = (byte) ((value) >> 56); \ - (cp)[6] = (byte) ((value) >> 48); \ - (cp)[5] = (byte) ((value) >> 40); \ - (cp)[4] = (byte) ((value) >> 32); \ - (cp)[3] = (byte) ((value) >> 24); \ - (cp)[2] = (byte) ((value) >> 16); \ - (cp)[1] = (byte) ((value) >> 8); \ - (cp)[0] = (byte) (value); } while (0) - -#define PUT_32BIT_LE(cp, value) do { \ - (cp)[3] = (byte) ((value) >> 24); \ - (cp)[2] = (byte) ((value) >> 16); \ - (cp)[1] = (byte) ((value) >> 8); \ - (cp)[0] = (byte) (value); } while (0) - -#ifndef TC_MINIMIZE_CODE_SIZE - -static byte PADDING[64] = { - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 -}; - -#else - -static byte PADDING[64]; - -#endif - -void RMD160Init (RMD160_CTX *ctx) -{ - ctx->count = 0; - ctx->state[0] = 0x67452301; - ctx->state[1] = 0xefcdab89; - ctx->state[2] = 0x98badcfe; - ctx->state[3] = 0x10325476; - ctx->state[4] = 0xc3d2e1f0; - PADDING[0] = 0x80; -} - -/* -* Update context to reflect the concatenation of another buffer full -* of bytes. -*/ -void RMD160Update (RMD160_CTX *ctx, const unsigned char *input, unsigned __int32 lenArg) -{ -#ifndef TC_WINDOWS_BOOT - uint64 len = lenArg; -#else - uint32 len = lenArg; -#endif - unsigned int have, need; - - /* Check how many bytes we already have and how many more we need. */ - have = (unsigned int) ((ctx->count) & (RIPEMD160_BLOCK_LENGTH - 1)); - need = RIPEMD160_BLOCK_LENGTH - have; - - /* Update bitcount */ - ctx->count += len; - - if (len >= need) { - if (have != 0) { - memcpy (ctx->buffer + have, input, (size_t) need); - RMD160Transform ((uint32 *) ctx->state, (const uint32 *) ctx->buffer); - input += need; - len -= need; - have = 0; - } - - /* Process data in RIPEMD160_BLOCK_LENGTH-byte chunks. */ - while (len >= RIPEMD160_BLOCK_LENGTH) { - RMD160Transform ((uint32 *) ctx->state, (const uint32 *) input); - input += RIPEMD160_BLOCK_LENGTH; - len -= RIPEMD160_BLOCK_LENGTH; - } - } - - /* Handle any remaining bytes of data. */ - if (len != 0) - memcpy (ctx->buffer + have, input, (size_t) len); -} - -/* -* Pad pad to 64-byte boundary with the bit pattern -* 1 0* (64-bit count of bits processed, MSB-first) -*/ -static void RMD160Pad(RMD160_CTX *ctx) -{ - byte count[8]; - uint32 padlen; - - /* Convert count to 8 bytes in little endian order. */ - -#ifndef TC_WINDOWS_BOOT - uint64 bitcount = ctx->count << 3; - PUT_64BIT_LE(count, bitcount); -#else - *(uint32 *) (count + 4) = 0; - *(uint32 *) (count + 0) = ctx->count << 3; -#endif - - /* Pad out to 56 mod 64. */ - padlen = RIPEMD160_BLOCK_LENGTH - - (uint32)((ctx->count) & (RIPEMD160_BLOCK_LENGTH - 1)); - if (padlen < 1 + 8) - padlen += RIPEMD160_BLOCK_LENGTH; - RMD160Update(ctx, PADDING, padlen - 8); /* padlen - 8 <= 64 */ - RMD160Update(ctx, count, 8); -} - -/* -* Final wrapup--call RMD160Pad, fill in digest and zero out ctx. -*/ -void RMD160Final(unsigned char *digest, RMD160_CTX *ctx) -{ - int i; - - RMD160Pad(ctx); - if (digest) { - for (i = 0; i < 5; i++) - PUT_32BIT_LE(digest + i * 4, ctx->state[i]); -#ifndef TC_WINDOWS_BOOT - burn (ctx, sizeof(*ctx)); -#endif - } -} - - -#ifndef TC_MINIMIZE_CODE_SIZE - -#define word32 unsigned __int32 - -#define k0 0 -#define k1 0x5a827999UL -#define k2 0x6ed9eba1UL -#define k3 0x8f1bbcdcUL -#define k4 0xa953fd4eUL -#define k5 0x50a28be6UL -#define k6 0x5c4dd124UL -#define k7 0x6d703ef3UL -#define k8 0x7a6d76e9UL -#define k9 0 - -static word32 rotlFixed (word32 x, unsigned int y) -{ - return (word32)((x<>(sizeof(word32)*8-y))); -} - -#define Subround(f, a, b, c, d, e, x, s, k) \ - a += f(b, c, d) + x + k;\ - a = rotlFixed((word32)a, s) + e;\ - c = rotlFixed((word32)c, 10U) - -void RMD160Transform (unsigned __int32 *digest, const unsigned __int32 *data) -{ -#if BYTE_ORDER == LITTLE_ENDIAN - const word32 *X = data; -#else - word32 X[16]; - int i; -#endif - - word32 a1, b1, c1, d1, e1, a2, b2, c2, d2, e2; - a1 = a2 = digest[0]; - b1 = b2 = digest[1]; - c1 = c2 = digest[2]; - d1 = d2 = digest[3]; - e1 = e2 = digest[4]; - -#if BYTE_ORDER == BIG_ENDIAN - for (i = 0; i < 16; i++) - { - X[i] = LE32 (data[i]); - } -#endif - - Subround(F, a1, b1, c1, d1, e1, X[ 0], 11, k0); - Subround(F, e1, a1, b1, c1, d1, X[ 1], 14, k0); - Subround(F, d1, e1, a1, b1, c1, X[ 2], 15, k0); - Subround(F, c1, d1, e1, a1, b1, X[ 3], 12, k0); - Subround(F, b1, c1, d1, e1, a1, X[ 4], 5, k0); - Subround(F, a1, b1, c1, d1, e1, X[ 5], 8, k0); - Subround(F, e1, a1, b1, c1, d1, X[ 6], 7, k0); - Subround(F, d1, e1, a1, b1, c1, X[ 7], 9, k0); - Subround(F, c1, d1, e1, a1, b1, X[ 8], 11, k0); - Subround(F, b1, c1, d1, e1, a1, X[ 9], 13, k0); - Subround(F, a1, b1, c1, d1, e1, X[10], 14, k0); - Subround(F, e1, a1, b1, c1, d1, X[11], 15, k0); - Subround(F, d1, e1, a1, b1, c1, X[12], 6, k0); - Subround(F, c1, d1, e1, a1, b1, X[13], 7, k0); - Subround(F, b1, c1, d1, e1, a1, X[14], 9, k0); - Subround(F, a1, b1, c1, d1, e1, X[15], 8, k0); - - Subround(G, e1, a1, b1, c1, d1, X[ 7], 7, k1); - Subround(G, d1, e1, a1, b1, c1, X[ 4], 6, k1); - Subround(G, c1, d1, e1, a1, b1, X[13], 8, k1); - Subround(G, b1, c1, d1, e1, a1, X[ 1], 13, k1); - Subround(G, a1, b1, c1, d1, e1, X[10], 11, k1); - Subround(G, e1, a1, b1, c1, d1, X[ 6], 9, k1); - Subround(G, d1, e1, a1, b1, c1, X[15], 7, k1); - Subround(G, c1, d1, e1, a1, b1, X[ 3], 15, k1); - Subround(G, b1, c1, d1, e1, a1, X[12], 7, k1); - Subround(G, a1, b1, c1, d1, e1, X[ 0], 12, k1); - Subround(G, e1, a1, b1, c1, d1, X[ 9], 15, k1); - Subround(G, d1, e1, a1, b1, c1, X[ 5], 9, k1); - Subround(G, c1, d1, e1, a1, b1, X[ 2], 11, k1); - Subround(G, b1, c1, d1, e1, a1, X[14], 7, k1); - Subround(G, a1, b1, c1, d1, e1, X[11], 13, k1); - Subround(G, e1, a1, b1, c1, d1, X[ 8], 12, k1); - - Subround(H, d1, e1, a1, b1, c1, X[ 3], 11, k2); - Subround(H, c1, d1, e1, a1, b1, X[10], 13, k2); - Subround(H, b1, c1, d1, e1, a1, X[14], 6, k2); - Subround(H, a1, b1, c1, d1, e1, X[ 4], 7, k2); - Subround(H, e1, a1, b1, c1, d1, X[ 9], 14, k2); - Subround(H, d1, e1, a1, b1, c1, X[15], 9, k2); - Subround(H, c1, d1, e1, a1, b1, X[ 8], 13, k2); - Subround(H, b1, c1, d1, e1, a1, X[ 1], 15, k2); - Subround(H, a1, b1, c1, d1, e1, X[ 2], 14, k2); - Subround(H, e1, a1, b1, c1, d1, X[ 7], 8, k2); - Subround(H, d1, e1, a1, b1, c1, X[ 0], 13, k2); - Subround(H, c1, d1, e1, a1, b1, X[ 6], 6, k2); - Subround(H, b1, c1, d1, e1, a1, X[13], 5, k2); - Subround(H, a1, b1, c1, d1, e1, X[11], 12, k2); - Subround(H, e1, a1, b1, c1, d1, X[ 5], 7, k2); - Subround(H, d1, e1, a1, b1, c1, X[12], 5, k2); - - Subround(I, c1, d1, e1, a1, b1, X[ 1], 11, k3); - Subround(I, b1, c1, d1, e1, a1, X[ 9], 12, k3); - Subround(I, a1, b1, c1, d1, e1, X[11], 14, k3); - Subround(I, e1, a1, b1, c1, d1, X[10], 15, k3); - Subround(I, d1, e1, a1, b1, c1, X[ 0], 14, k3); - Subround(I, c1, d1, e1, a1, b1, X[ 8], 15, k3); - Subround(I, b1, c1, d1, e1, a1, X[12], 9, k3); - Subround(I, a1, b1, c1, d1, e1, X[ 4], 8, k3); - Subround(I, e1, a1, b1, c1, d1, X[13], 9, k3); - Subround(I, d1, e1, a1, b1, c1, X[ 3], 14, k3); - Subround(I, c1, d1, e1, a1, b1, X[ 7], 5, k3); - Subround(I, b1, c1, d1, e1, a1, X[15], 6, k3); - Subround(I, a1, b1, c1, d1, e1, X[14], 8, k3); - Subround(I, e1, a1, b1, c1, d1, X[ 5], 6, k3); - Subround(I, d1, e1, a1, b1, c1, X[ 6], 5, k3); - Subround(I, c1, d1, e1, a1, b1, X[ 2], 12, k3); - - Subround(J, b1, c1, d1, e1, a1, X[ 4], 9, k4); - Subround(J, a1, b1, c1, d1, e1, X[ 0], 15, k4); - Subround(J, e1, a1, b1, c1, d1, X[ 5], 5, k4); - Subround(J, d1, e1, a1, b1, c1, X[ 9], 11, k4); - Subround(J, c1, d1, e1, a1, b1, X[ 7], 6, k4); - Subround(J, b1, c1, d1, e1, a1, X[12], 8, k4); - Subround(J, a1, b1, c1, d1, e1, X[ 2], 13, k4); - Subround(J, e1, a1, b1, c1, d1, X[10], 12, k4); - Subround(J, d1, e1, a1, b1, c1, X[14], 5, k4); - Subround(J, c1, d1, e1, a1, b1, X[ 1], 12, k4); - Subround(J, b1, c1, d1, e1, a1, X[ 3], 13, k4); - Subround(J, a1, b1, c1, d1, e1, X[ 8], 14, k4); - Subround(J, e1, a1, b1, c1, d1, X[11], 11, k4); - Subround(J, d1, e1, a1, b1, c1, X[ 6], 8, k4); - Subround(J, c1, d1, e1, a1, b1, X[15], 5, k4); - Subround(J, b1, c1, d1, e1, a1, X[13], 6, k4); - - Subround(J, a2, b2, c2, d2, e2, X[ 5], 8, k5); - Subround(J, e2, a2, b2, c2, d2, X[14], 9, k5); - Subround(J, d2, e2, a2, b2, c2, X[ 7], 9, k5); - Subround(J, c2, d2, e2, a2, b2, X[ 0], 11, k5); - Subround(J, b2, c2, d2, e2, a2, X[ 9], 13, k5); - Subround(J, a2, b2, c2, d2, e2, X[ 2], 15, k5); - Subround(J, e2, a2, b2, c2, d2, X[11], 15, k5); - Subround(J, d2, e2, a2, b2, c2, X[ 4], 5, k5); - Subround(J, c2, d2, e2, a2, b2, X[13], 7, k5); - Subround(J, b2, c2, d2, e2, a2, X[ 6], 7, k5); - Subround(J, a2, b2, c2, d2, e2, X[15], 8, k5); - Subround(J, e2, a2, b2, c2, d2, X[ 8], 11, k5); - Subround(J, d2, e2, a2, b2, c2, X[ 1], 14, k5); - Subround(J, c2, d2, e2, a2, b2, X[10], 14, k5); - Subround(J, b2, c2, d2, e2, a2, X[ 3], 12, k5); - Subround(J, a2, b2, c2, d2, e2, X[12], 6, k5); - - Subround(I, e2, a2, b2, c2, d2, X[ 6], 9, k6); - Subround(I, d2, e2, a2, b2, c2, X[11], 13, k6); - Subround(I, c2, d2, e2, a2, b2, X[ 3], 15, k6); - Subround(I, b2, c2, d2, e2, a2, X[ 7], 7, k6); - Subround(I, a2, b2, c2, d2, e2, X[ 0], 12, k6); - Subround(I, e2, a2, b2, c2, d2, X[13], 8, k6); - Subround(I, d2, e2, a2, b2, c2, X[ 5], 9, k6); - Subround(I, c2, d2, e2, a2, b2, X[10], 11, k6); - Subround(I, b2, c2, d2, e2, a2, X[14], 7, k6); - Subround(I, a2, b2, c2, d2, e2, X[15], 7, k6); - Subround(I, e2, a2, b2, c2, d2, X[ 8], 12, k6); - Subround(I, d2, e2, a2, b2, c2, X[12], 7, k6); - Subround(I, c2, d2, e2, a2, b2, X[ 4], 6, k6); - Subround(I, b2, c2, d2, e2, a2, X[ 9], 15, k6); - Subround(I, a2, b2, c2, d2, e2, X[ 1], 13, k6); - Subround(I, e2, a2, b2, c2, d2, X[ 2], 11, k6); - - Subround(H, d2, e2, a2, b2, c2, X[15], 9, k7); - Subround(H, c2, d2, e2, a2, b2, X[ 5], 7, k7); - Subround(H, b2, c2, d2, e2, a2, X[ 1], 15, k7); - Subround(H, a2, b2, c2, d2, e2, X[ 3], 11, k7); - Subround(H, e2, a2, b2, c2, d2, X[ 7], 8, k7); - Subround(H, d2, e2, a2, b2, c2, X[14], 6, k7); - Subround(H, c2, d2, e2, a2, b2, X[ 6], 6, k7); - Subround(H, b2, c2, d2, e2, a2, X[ 9], 14, k7); - Subround(H, a2, b2, c2, d2, e2, X[11], 12, k7); - Subround(H, e2, a2, b2, c2, d2, X[ 8], 13, k7); - Subround(H, d2, e2, a2, b2, c2, X[12], 5, k7); - Subround(H, c2, d2, e2, a2, b2, X[ 2], 14, k7); - Subround(H, b2, c2, d2, e2, a2, X[10], 13, k7); - Subround(H, a2, b2, c2, d2, e2, X[ 0], 13, k7); - Subround(H, e2, a2, b2, c2, d2, X[ 4], 7, k7); - Subround(H, d2, e2, a2, b2, c2, X[13], 5, k7); - - Subround(G, c2, d2, e2, a2, b2, X[ 8], 15, k8); - Subround(G, b2, c2, d2, e2, a2, X[ 6], 5, k8); - Subround(G, a2, b2, c2, d2, e2, X[ 4], 8, k8); - Subround(G, e2, a2, b2, c2, d2, X[ 1], 11, k8); - Subround(G, d2, e2, a2, b2, c2, X[ 3], 14, k8); - Subround(G, c2, d2, e2, a2, b2, X[11], 14, k8); - Subround(G, b2, c2, d2, e2, a2, X[15], 6, k8); - Subround(G, a2, b2, c2, d2, e2, X[ 0], 14, k8); - Subround(G, e2, a2, b2, c2, d2, X[ 5], 6, k8); - Subround(G, d2, e2, a2, b2, c2, X[12], 9, k8); - Subround(G, c2, d2, e2, a2, b2, X[ 2], 12, k8); - Subround(G, b2, c2, d2, e2, a2, X[13], 9, k8); - Subround(G, a2, b2, c2, d2, e2, X[ 9], 12, k8); - Subround(G, e2, a2, b2, c2, d2, X[ 7], 5, k8); - Subround(G, d2, e2, a2, b2, c2, X[10], 15, k8); - Subround(G, c2, d2, e2, a2, b2, X[14], 8, k8); - - Subround(F, b2, c2, d2, e2, a2, X[12], 8, k9); - Subround(F, a2, b2, c2, d2, e2, X[15], 5, k9); - Subround(F, e2, a2, b2, c2, d2, X[10], 12, k9); - Subround(F, d2, e2, a2, b2, c2, X[ 4], 9, k9); - Subround(F, c2, d2, e2, a2, b2, X[ 1], 12, k9); - Subround(F, b2, c2, d2, e2, a2, X[ 5], 5, k9); - Subround(F, a2, b2, c2, d2, e2, X[ 8], 14, k9); - Subround(F, e2, a2, b2, c2, d2, X[ 7], 6, k9); - Subround(F, d2, e2, a2, b2, c2, X[ 6], 8, k9); - Subround(F, c2, d2, e2, a2, b2, X[ 2], 13, k9); - Subround(F, b2, c2, d2, e2, a2, X[13], 6, k9); - Subround(F, a2, b2, c2, d2, e2, X[14], 5, k9); - Subround(F, e2, a2, b2, c2, d2, X[ 0], 15, k9); - Subround(F, d2, e2, a2, b2, c2, X[ 3], 13, k9); - Subround(F, c2, d2, e2, a2, b2, X[ 9], 11, k9); - Subround(F, b2, c2, d2, e2, a2, X[11], 11, k9); - - c1 = digest[1] + c1 + d2; - digest[1] = digest[2] + d1 + e2; - digest[2] = digest[3] + e1 + a2; - digest[3] = digest[4] + a1 + b2; - digest[4] = digest[0] + b1 + c2; - digest[0] = c1; -} - -#else // TC_MINIMIZE_CODE_SIZE - -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#pragma optimize ("tl", on) - -typedef unsigned __int32 uint32; -typedef unsigned __int8 byte; - -#include -#pragma intrinsic (_lrotl) - -static const byte OrderTab[] = { - 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, - 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8, - 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12, - 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2, - 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13, - 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12, - 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2, - 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13, - 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14, - 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11 -}; - -static const byte RolTab[] = { - 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8, - 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12, - 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5, - 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12, - 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6, - 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6, - 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11, - 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5, - 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8, - 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11 -}; - -static const uint32 KTab[] = { - 0x00000000UL, - 0x5A827999UL, - 0x6ED9EBA1UL, - 0x8F1BBCDCUL, - 0xA953FD4EUL, - 0x50A28BE6UL, - 0x5C4DD124UL, - 0x6D703EF3UL, - 0x7A6D76E9UL, - 0x00000000UL -}; - - -void RMD160Transform (unsigned __int32 *state, const unsigned __int32 *data) -{ - uint32 a, b, c, d, e; - uint32 a2, b2, c2, d2, e2; - byte pos; - uint32 tmp; - - a = state[0]; - b = state[1]; - c = state[2]; - d = state[3]; - e = state[4]; - - for (pos = 0; pos < 160; ++pos) - { - tmp = a + data[OrderTab[pos]] + KTab[pos >> 4]; - - switch (pos >> 4) - { - case 0: case 9: tmp += F (b, c, d); break; - case 1: case 8: tmp += G (b, c, d); break; - case 2: case 7: tmp += H (b, c, d); break; - case 3: case 6: tmp += I (b, c, d); break; - case 4: case 5: tmp += J (b, c, d); break; - } - - tmp = _lrotl (tmp, RolTab[pos]) + e; - a = e; - e = d; - d = _lrotl (c, 10); - c = b; - b = tmp; - - if (pos == 79) - { - a2 = a; - b2 = b; - c2 = c; - d2 = d; - e2 = e; - - a = state[0]; - b = state[1]; - c = state[2]; - d = state[3]; - e = state[4]; - } - } - - tmp = state[1] + c2 + d; - state[1] = state[2] + d2 + e; - state[2] = state[3] + e2 + a; - state[3] = state[4] + a2 + b; - state[4] = state[0] + b2 + c; - state[0] = tmp; -} - -#endif // TC_MINIMIZE_CODE_SIZE +// RIPEMD-160 written and placed in the public domain by Wei Dai + +/* + * This code implements the MD4 message-digest algorithm. + * The algorithm is due to Ron Rivest. This code was + * written by Colin Plumb in 1993, no copyright is claimed. + * This code is in the public domain; do with it what you wish. + */ + +/* Adapted for TrueCrypt */ +/* Adapted for VeraCrypt */ + +#include +#include "Common/Tcdefs.h" +#include "Common/Endian.h" +#include "Rmd160.h" + +#define F(x, y, z) (x ^ y ^ z) +#define G(x, y, z) (z ^ (x & (y^z))) +#define H(x, y, z) (z ^ (x | ~y)) +#define I(x, y, z) (y ^ (z & (x^y))) +#define J(x, y, z) (x ^ (y | ~z)) + +#define PUT_64BIT_LE(cp, value) do { \ + (cp)[7] = (byte) ((value) >> 56); \ + (cp)[6] = (byte) ((value) >> 48); \ + (cp)[5] = (byte) ((value) >> 40); \ + (cp)[4] = (byte) ((value) >> 32); \ + (cp)[3] = (byte) ((value) >> 24); \ + (cp)[2] = (byte) ((value) >> 16); \ + (cp)[1] = (byte) ((value) >> 8); \ + (cp)[0] = (byte) (value); } while (0) + +#define PUT_32BIT_LE(cp, value) do { \ + (cp)[3] = (byte) ((value) >> 24); \ + (cp)[2] = (byte) ((value) >> 16); \ + (cp)[1] = (byte) ((value) >> 8); \ + (cp)[0] = (byte) (value); } while (0) + +#ifndef TC_MINIMIZE_CODE_SIZE + +static byte PADDING[64] = { + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 +}; + +#else + +static byte PADDING[64]; + +#endif + +void RMD160Init (RMD160_CTX *ctx) +{ + ctx->count = 0; + ctx->state[0] = 0x67452301; + ctx->state[1] = 0xefcdab89; + ctx->state[2] = 0x98badcfe; + ctx->state[3] = 0x10325476; + ctx->state[4] = 0xc3d2e1f0; + PADDING[0] = 0x80; +} + +/* +* Update context to reflect the concatenation of another buffer full +* of bytes. +*/ +void RMD160Update (RMD160_CTX *ctx, const unsigned char *input, unsigned __int32 lenArg) +{ +#ifndef TC_WINDOWS_BOOT + uint64 len = lenArg; +#else + uint32 len = lenArg; +#endif + unsigned int have, need; + + /* Check how many bytes we already have and how many more we need. */ + have = (unsigned int) ((ctx->count) & (RIPEMD160_BLOCK_LENGTH - 1)); + need = RIPEMD160_BLOCK_LENGTH - have; + + /* Update bitcount */ + ctx->count += len; + + if (len >= need) { + if (have != 0) { + memcpy (ctx->buffer + have, input, (size_t) need); + RMD160Transform ((uint32 *) ctx->state, (const uint32 *) ctx->buffer); + input += need; + len -= need; + have = 0; + } + + /* Process data in RIPEMD160_BLOCK_LENGTH-byte chunks. */ + while (len >= RIPEMD160_BLOCK_LENGTH) { + RMD160Transform ((uint32 *) ctx->state, (const uint32 *) input); + input += RIPEMD160_BLOCK_LENGTH; + len -= RIPEMD160_BLOCK_LENGTH; + } + } + + /* Handle any remaining bytes of data. */ + if (len != 0) + memcpy (ctx->buffer + have, input, (size_t) len); +} + +/* +* Pad pad to 64-byte boundary with the bit pattern +* 1 0* (64-bit count of bits processed, MSB-first) +*/ +static void RMD160Pad(RMD160_CTX *ctx) +{ + byte count[8]; + uint32 padlen; + + /* Convert count to 8 bytes in little endian order. */ + +#ifndef TC_WINDOWS_BOOT + uint64 bitcount = ctx->count << 3; + PUT_64BIT_LE(count, bitcount); +#else + *(uint32 *) (count + 4) = 0; + *(uint32 *) (count + 0) = ctx->count << 3; +#endif + + /* Pad out to 56 mod 64. */ + padlen = RIPEMD160_BLOCK_LENGTH - + (uint32)((ctx->count) & (RIPEMD160_BLOCK_LENGTH - 1)); + if (padlen < 1 + 8) + padlen += RIPEMD160_BLOCK_LENGTH; + RMD160Update(ctx, PADDING, padlen - 8); /* padlen - 8 <= 64 */ + RMD160Update(ctx, count, 8); +} + +/* +* Final wrapup--call RMD160Pad, fill in digest and zero out ctx. +*/ +void RMD160Final(unsigned char *digest, RMD160_CTX *ctx) +{ + int i; + + RMD160Pad(ctx); + if (digest) { + for (i = 0; i < 5; i++) + PUT_32BIT_LE(digest + i * 4, ctx->state[i]); +#ifndef TC_WINDOWS_BOOT + burn (ctx, sizeof(*ctx)); +#endif + } +} + + +#ifndef TC_MINIMIZE_CODE_SIZE + +#define word32 unsigned __int32 + +#define k0 0 +#define k1 0x5a827999UL +#define k2 0x6ed9eba1UL +#define k3 0x8f1bbcdcUL +#define k4 0xa953fd4eUL +#define k5 0x50a28be6UL +#define k6 0x5c4dd124UL +#define k7 0x6d703ef3UL +#define k8 0x7a6d76e9UL +#define k9 0 + +static word32 rotlFixed (word32 x, unsigned int y) +{ + return (word32)((x<>(sizeof(word32)*8-y))); +} + +#define Subround(f, a, b, c, d, e, x, s, k) \ + a += f(b, c, d) + x + k;\ + a = rotlFixed((word32)a, s) + e;\ + c = rotlFixed((word32)c, 10U) + +void RMD160Transform (unsigned __int32 *digest, const unsigned __int32 *data) +{ +#if BYTE_ORDER == LITTLE_ENDIAN + const word32 *X = data; +#else + word32 X[16]; + int i; +#endif + + word32 a1, b1, c1, d1, e1, a2, b2, c2, d2, e2; + a1 = a2 = digest[0]; + b1 = b2 = digest[1]; + c1 = c2 = digest[2]; + d1 = d2 = digest[3]; + e1 = e2 = digest[4]; + +#if BYTE_ORDER == BIG_ENDIAN + for (i = 0; i < 16; i++) + { + X[i] = LE32 (data[i]); + } +#endif + + Subround(F, a1, b1, c1, d1, e1, X[ 0], 11, k0); + Subround(F, e1, a1, b1, c1, d1, X[ 1], 14, k0); + Subround(F, d1, e1, a1, b1, c1, X[ 2], 15, k0); + Subround(F, c1, d1, e1, a1, b1, X[ 3], 12, k0); + Subround(F, b1, c1, d1, e1, a1, X[ 4], 5, k0); + Subround(F, a1, b1, c1, d1, e1, X[ 5], 8, k0); + Subround(F, e1, a1, b1, c1, d1, X[ 6], 7, k0); + Subround(F, d1, e1, a1, b1, c1, X[ 7], 9, k0); + Subround(F, c1, d1, e1, a1, b1, X[ 8], 11, k0); + Subround(F, b1, c1, d1, e1, a1, X[ 9], 13, k0); + Subround(F, a1, b1, c1, d1, e1, X[10], 14, k0); + Subround(F, e1, a1, b1, c1, d1, X[11], 15, k0); + Subround(F, d1, e1, a1, b1, c1, X[12], 6, k0); + Subround(F, c1, d1, e1, a1, b1, X[13], 7, k0); + Subround(F, b1, c1, d1, e1, a1, X[14], 9, k0); + Subround(F, a1, b1, c1, d1, e1, X[15], 8, k0); + + Subround(G, e1, a1, b1, c1, d1, X[ 7], 7, k1); + Subround(G, d1, e1, a1, b1, c1, X[ 4], 6, k1); + Subround(G, c1, d1, e1, a1, b1, X[13], 8, k1); + Subround(G, b1, c1, d1, e1, a1, X[ 1], 13, k1); + Subround(G, a1, b1, c1, d1, e1, X[10], 11, k1); + Subround(G, e1, a1, b1, c1, d1, X[ 6], 9, k1); + Subround(G, d1, e1, a1, b1, c1, X[15], 7, k1); + Subround(G, c1, d1, e1, a1, b1, X[ 3], 15, k1); + Subround(G, b1, c1, d1, e1, a1, X[12], 7, k1); + Subround(G, a1, b1, c1, d1, e1, X[ 0], 12, k1); + Subround(G, e1, a1, b1, c1, d1, X[ 9], 15, k1); + Subround(G, d1, e1, a1, b1, c1, X[ 5], 9, k1); + Subround(G, c1, d1, e1, a1, b1, X[ 2], 11, k1); + Subround(G, b1, c1, d1, e1, a1, X[14], 7, k1); + Subround(G, a1, b1, c1, d1, e1, X[11], 13, k1); + Subround(G, e1, a1, b1, c1, d1, X[ 8], 12, k1); + + Subround(H, d1, e1, a1, b1, c1, X[ 3], 11, k2); + Subround(H, c1, d1, e1, a1, b1, X[10], 13, k2); + Subround(H, b1, c1, d1, e1, a1, X[14], 6, k2); + Subround(H, a1, b1, c1, d1, e1, X[ 4], 7, k2); + Subround(H, e1, a1, b1, c1, d1, X[ 9], 14, k2); + Subround(H, d1, e1, a1, b1, c1, X[15], 9, k2); + Subround(H, c1, d1, e1, a1, b1, X[ 8], 13, k2); + Subround(H, b1, c1, d1, e1, a1, X[ 1], 15, k2); + Subround(H, a1, b1, c1, d1, e1, X[ 2], 14, k2); + Subround(H, e1, a1, b1, c1, d1, X[ 7], 8, k2); + Subround(H, d1, e1, a1, b1, c1, X[ 0], 13, k2); + Subround(H, c1, d1, e1, a1, b1, X[ 6], 6, k2); + Subround(H, b1, c1, d1, e1, a1, X[13], 5, k2); + Subround(H, a1, b1, c1, d1, e1, X[11], 12, k2); + Subround(H, e1, a1, b1, c1, d1, X[ 5], 7, k2); + Subround(H, d1, e1, a1, b1, c1, X[12], 5, k2); + + Subround(I, c1, d1, e1, a1, b1, X[ 1], 11, k3); + Subround(I, b1, c1, d1, e1, a1, X[ 9], 12, k3); + Subround(I, a1, b1, c1, d1, e1, X[11], 14, k3); + Subround(I, e1, a1, b1, c1, d1, X[10], 15, k3); + Subround(I, d1, e1, a1, b1, c1, X[ 0], 14, k3); + Subround(I, c1, d1, e1, a1, b1, X[ 8], 15, k3); + Subround(I, b1, c1, d1, e1, a1, X[12], 9, k3); + Subround(I, a1, b1, c1, d1, e1, X[ 4], 8, k3); + Subround(I, e1, a1, b1, c1, d1, X[13], 9, k3); + Subround(I, d1, e1, a1, b1, c1, X[ 3], 14, k3); + Subround(I, c1, d1, e1, a1, b1, X[ 7], 5, k3); + Subround(I, b1, c1, d1, e1, a1, X[15], 6, k3); + Subround(I, a1, b1, c1, d1, e1, X[14], 8, k3); + Subround(I, e1, a1, b1, c1, d1, X[ 5], 6, k3); + Subround(I, d1, e1, a1, b1, c1, X[ 6], 5, k3); + Subround(I, c1, d1, e1, a1, b1, X[ 2], 12, k3); + + Subround(J, b1, c1, d1, e1, a1, X[ 4], 9, k4); + Subround(J, a1, b1, c1, d1, e1, X[ 0], 15, k4); + Subround(J, e1, a1, b1, c1, d1, X[ 5], 5, k4); + Subround(J, d1, e1, a1, b1, c1, X[ 9], 11, k4); + Subround(J, c1, d1, e1, a1, b1, X[ 7], 6, k4); + Subround(J, b1, c1, d1, e1, a1, X[12], 8, k4); + Subround(J, a1, b1, c1, d1, e1, X[ 2], 13, k4); + Subround(J, e1, a1, b1, c1, d1, X[10], 12, k4); + Subround(J, d1, e1, a1, b1, c1, X[14], 5, k4); + Subround(J, c1, d1, e1, a1, b1, X[ 1], 12, k4); + Subround(J, b1, c1, d1, e1, a1, X[ 3], 13, k4); + Subround(J, a1, b1, c1, d1, e1, X[ 8], 14, k4); + Subround(J, e1, a1, b1, c1, d1, X[11], 11, k4); + Subround(J, d1, e1, a1, b1, c1, X[ 6], 8, k4); + Subround(J, c1, d1, e1, a1, b1, X[15], 5, k4); + Subround(J, b1, c1, d1, e1, a1, X[13], 6, k4); + + Subround(J, a2, b2, c2, d2, e2, X[ 5], 8, k5); + Subround(J, e2, a2, b2, c2, d2, X[14], 9, k5); + Subround(J, d2, e2, a2, b2, c2, X[ 7], 9, k5); + Subround(J, c2, d2, e2, a2, b2, X[ 0], 11, k5); + Subround(J, b2, c2, d2, e2, a2, X[ 9], 13, k5); + Subround(J, a2, b2, c2, d2, e2, X[ 2], 15, k5); + Subround(J, e2, a2, b2, c2, d2, X[11], 15, k5); + Subround(J, d2, e2, a2, b2, c2, X[ 4], 5, k5); + Subround(J, c2, d2, e2, a2, b2, X[13], 7, k5); + Subround(J, b2, c2, d2, e2, a2, X[ 6], 7, k5); + Subround(J, a2, b2, c2, d2, e2, X[15], 8, k5); + Subround(J, e2, a2, b2, c2, d2, X[ 8], 11, k5); + Subround(J, d2, e2, a2, b2, c2, X[ 1], 14, k5); + Subround(J, c2, d2, e2, a2, b2, X[10], 14, k5); + Subround(J, b2, c2, d2, e2, a2, X[ 3], 12, k5); + Subround(J, a2, b2, c2, d2, e2, X[12], 6, k5); + + Subround(I, e2, a2, b2, c2, d2, X[ 6], 9, k6); + Subround(I, d2, e2, a2, b2, c2, X[11], 13, k6); + Subround(I, c2, d2, e2, a2, b2, X[ 3], 15, k6); + Subround(I, b2, c2, d2, e2, a2, X[ 7], 7, k6); + Subround(I, a2, b2, c2, d2, e2, X[ 0], 12, k6); + Subround(I, e2, a2, b2, c2, d2, X[13], 8, k6); + Subround(I, d2, e2, a2, b2, c2, X[ 5], 9, k6); + Subround(I, c2, d2, e2, a2, b2, X[10], 11, k6); + Subround(I, b2, c2, d2, e2, a2, X[14], 7, k6); + Subround(I, a2, b2, c2, d2, e2, X[15], 7, k6); + Subround(I, e2, a2, b2, c2, d2, X[ 8], 12, k6); + Subround(I, d2, e2, a2, b2, c2, X[12], 7, k6); + Subround(I, c2, d2, e2, a2, b2, X[ 4], 6, k6); + Subround(I, b2, c2, d2, e2, a2, X[ 9], 15, k6); + Subround(I, a2, b2, c2, d2, e2, X[ 1], 13, k6); + Subround(I, e2, a2, b2, c2, d2, X[ 2], 11, k6); + + Subround(H, d2, e2, a2, b2, c2, X[15], 9, k7); + Subround(H, c2, d2, e2, a2, b2, X[ 5], 7, k7); + Subround(H, b2, c2, d2, e2, a2, X[ 1], 15, k7); + Subround(H, a2, b2, c2, d2, e2, X[ 3], 11, k7); + Subround(H, e2, a2, b2, c2, d2, X[ 7], 8, k7); + Subround(H, d2, e2, a2, b2, c2, X[14], 6, k7); + Subround(H, c2, d2, e2, a2, b2, X[ 6], 6, k7); + Subround(H, b2, c2, d2, e2, a2, X[ 9], 14, k7); + Subround(H, a2, b2, c2, d2, e2, X[11], 12, k7); + Subround(H, e2, a2, b2, c2, d2, X[ 8], 13, k7); + Subround(H, d2, e2, a2, b2, c2, X[12], 5, k7); + Subround(H, c2, d2, e2, a2, b2, X[ 2], 14, k7); + Subround(H, b2, c2, d2, e2, a2, X[10], 13, k7); + Subround(H, a2, b2, c2, d2, e2, X[ 0], 13, k7); + Subround(H, e2, a2, b2, c2, d2, X[ 4], 7, k7); + Subround(H, d2, e2, a2, b2, c2, X[13], 5, k7); + + Subround(G, c2, d2, e2, a2, b2, X[ 8], 15, k8); + Subround(G, b2, c2, d2, e2, a2, X[ 6], 5, k8); + Subround(G, a2, b2, c2, d2, e2, X[ 4], 8, k8); + Subround(G, e2, a2, b2, c2, d2, X[ 1], 11, k8); + Subround(G, d2, e2, a2, b2, c2, X[ 3], 14, k8); + Subround(G, c2, d2, e2, a2, b2, X[11], 14, k8); + Subround(G, b2, c2, d2, e2, a2, X[15], 6, k8); + Subround(G, a2, b2, c2, d2, e2, X[ 0], 14, k8); + Subround(G, e2, a2, b2, c2, d2, X[ 5], 6, k8); + Subround(G, d2, e2, a2, b2, c2, X[12], 9, k8); + Subround(G, c2, d2, e2, a2, b2, X[ 2], 12, k8); + Subround(G, b2, c2, d2, e2, a2, X[13], 9, k8); + Subround(G, a2, b2, c2, d2, e2, X[ 9], 12, k8); + Subround(G, e2, a2, b2, c2, d2, X[ 7], 5, k8); + Subround(G, d2, e2, a2, b2, c2, X[10], 15, k8); + Subround(G, c2, d2, e2, a2, b2, X[14], 8, k8); + + Subround(F, b2, c2, d2, e2, a2, X[12], 8, k9); + Subround(F, a2, b2, c2, d2, e2, X[15], 5, k9); + Subround(F, e2, a2, b2, c2, d2, X[10], 12, k9); + Subround(F, d2, e2, a2, b2, c2, X[ 4], 9, k9); + Subround(F, c2, d2, e2, a2, b2, X[ 1], 12, k9); + Subround(F, b2, c2, d2, e2, a2, X[ 5], 5, k9); + Subround(F, a2, b2, c2, d2, e2, X[ 8], 14, k9); + Subround(F, e2, a2, b2, c2, d2, X[ 7], 6, k9); + Subround(F, d2, e2, a2, b2, c2, X[ 6], 8, k9); + Subround(F, c2, d2, e2, a2, b2, X[ 2], 13, k9); + Subround(F, b2, c2, d2, e2, a2, X[13], 6, k9); + Subround(F, a2, b2, c2, d2, e2, X[14], 5, k9); + Subround(F, e2, a2, b2, c2, d2, X[ 0], 15, k9); + Subround(F, d2, e2, a2, b2, c2, X[ 3], 13, k9); + Subround(F, c2, d2, e2, a2, b2, X[ 9], 11, k9); + Subround(F, b2, c2, d2, e2, a2, X[11], 11, k9); + + c1 = digest[1] + c1 + d2; + digest[1] = digest[2] + d1 + e2; + digest[2] = digest[3] + e1 + a2; + digest[3] = digest[4] + a1 + b2; + digest[4] = digest[0] + b1 + c2; + digest[0] = c1; +} + +#else // TC_MINIMIZE_CODE_SIZE + +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#pragma optimize ("tl", on) + +typedef unsigned __int32 uint32; +typedef unsigned __int8 byte; + +#include +#pragma intrinsic (_lrotl) + +static const byte OrderTab[] = { + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, + 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8, + 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12, + 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2, + 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13, + 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12, + 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2, + 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13, + 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14, + 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11 +}; + +static const byte RolTab[] = { + 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8, + 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12, + 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5, + 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12, + 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6, + 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6, + 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11, + 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5, + 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8, + 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11 +}; + +static const uint32 KTab[] = { + 0x00000000UL, + 0x5A827999UL, + 0x6ED9EBA1UL, + 0x8F1BBCDCUL, + 0xA953FD4EUL, + 0x50A28BE6UL, + 0x5C4DD124UL, + 0x6D703EF3UL, + 0x7A6D76E9UL, + 0x00000000UL +}; + + +void RMD160Transform (unsigned __int32 *state, const unsigned __int32 *data) +{ + uint32 a, b, c, d, e; + uint32 a2, b2, c2, d2, e2; + byte pos; + uint32 tmp; + + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + e = state[4]; + + for (pos = 0; pos < 160; ++pos) + { + tmp = a + data[OrderTab[pos]] + KTab[pos >> 4]; + + switch (pos >> 4) + { + case 0: case 9: tmp += F (b, c, d); break; + case 1: case 8: tmp += G (b, c, d); break; + case 2: case 7: tmp += H (b, c, d); break; + case 3: case 6: tmp += I (b, c, d); break; + case 4: case 5: tmp += J (b, c, d); break; + } + + tmp = _lrotl (tmp, RolTab[pos]) + e; + a = e; + e = d; + d = _lrotl (c, 10); + c = b; + b = tmp; + + if (pos == 79) + { + a2 = a; + b2 = b; + c2 = c; + d2 = d; + e2 = e; + + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + e = state[4]; + } + } + + tmp = state[1] + c2 + d; + state[1] = state[2] + d2 + e; + state[2] = state[3] + e2 + a; + state[3] = state[4] + a2 + b; + state[4] = state[0] + b2 + c; + state[0] = tmp; +} + +#endif // TC_MINIMIZE_CODE_SIZE diff --git a/src/Crypto/Rmd160.h b/src/Crypto/Rmd160.h index 4dfa38f1..81b5d6f0 100644 --- a/src/Crypto/Rmd160.h +++ b/src/Crypto/Rmd160.h @@ -1,33 +1,33 @@ -#ifndef TC_HEADER_Crypto_Ripemd160 -#define TC_HEADER_Crypto_Ripemd160 - -#include "Common/Tcdefs.h" - -#if defined(__cplusplus) -extern "C" -{ -#endif - -#define RIPEMD160_BLOCK_LENGTH 64 - -typedef struct RMD160Context -{ - unsigned __int32 state[5]; -#ifndef TC_WINDOWS_BOOT - uint64 count; -#else - uint32 count; -#endif - unsigned char buffer[RIPEMD160_BLOCK_LENGTH]; -} RMD160_CTX; - -void RMD160Init (RMD160_CTX *ctx); -void RMD160Transform (unsigned __int32 *state, const unsigned __int32 *data); -void RMD160Update (RMD160_CTX *ctx, const unsigned char *input, unsigned __int32 len); -void RMD160Final (unsigned char *digest, RMD160_CTX *ctx); - -#if defined(__cplusplus) -} -#endif - -#endif // TC_HEADER_Crypto_Ripemd160 +#ifndef TC_HEADER_Crypto_Ripemd160 +#define TC_HEADER_Crypto_Ripemd160 + +#include "Common/Tcdefs.h" + +#if defined(__cplusplus) +extern "C" +{ +#endif + +#define RIPEMD160_BLOCK_LENGTH 64 + +typedef struct RMD160Context +{ + unsigned __int32 state[5]; +#ifndef TC_WINDOWS_BOOT + uint64 count; +#else + uint32 count; +#endif + unsigned char buffer[RIPEMD160_BLOCK_LENGTH]; +} RMD160_CTX; + +void RMD160Init (RMD160_CTX *ctx); +void RMD160Transform (unsigned __int32 *state, const unsigned __int32 *data); +void RMD160Update (RMD160_CTX *ctx, const unsigned char *input, unsigned __int32 len); +void RMD160Final (unsigned char *digest, RMD160_CTX *ctx); + +#if defined(__cplusplus) +} +#endif + +#endif // TC_HEADER_Crypto_Ripemd160 diff --git a/src/Crypto/Serpent.c b/src/Crypto/Serpent.c index 87d710c4..a8c528de 100644 --- a/src/Crypto/Serpent.c +++ b/src/Crypto/Serpent.c @@ -1,938 +1,938 @@ -// serpent.cpp - written and placed in the public domain by Wei Dai - -/* Adapted for TrueCrypt */ -/* Adapted for VeraCrypt */ - -#ifdef TC_WINDOWS_BOOT -#pragma optimize ("t", on) -#endif - -#include "Serpent.h" -#include "Common/Endian.h" - -#include - -#if defined(_WIN32) && !defined(_DEBUG) -#include -#define rotlFixed _rotl -#define rotrFixed _rotr -#else -#define rotlFixed(x,n) (((x) << (n)) | ((x) >> (32 - (n)))) -#define rotrFixed(x,n) (((x) >> (n)) | ((x) << (32 - (n)))) -#endif - -// linear transformation -#define LT(i,a,b,c,d,e) {\ - a = rotlFixed(a, 13); \ - c = rotlFixed(c, 3); \ - d = rotlFixed(d ^ c ^ (a << 3), 7); \ - b = rotlFixed(b ^ a ^ c, 1); \ - a = rotlFixed(a ^ b ^ d, 5); \ - c = rotlFixed(c ^ d ^ (b << 7), 22);} - -// inverse linear transformation -#define ILT(i,a,b,c,d,e) {\ - c = rotrFixed(c, 22); \ - a = rotrFixed(a, 5); \ - c ^= d ^ (b << 7); \ - a ^= b ^ d; \ - b = rotrFixed(b, 1); \ - d = rotrFixed(d, 7) ^ c ^ (a << 3); \ - b ^= a ^ c; \ - c = rotrFixed(c, 3); \ - a = rotrFixed(a, 13);} - -// order of output from S-box functions -#define beforeS0(f) f(0,a,b,c,d,e) -#define afterS0(f) f(1,b,e,c,a,d) -#define afterS1(f) f(2,c,b,a,e,d) -#define afterS2(f) f(3,a,e,b,d,c) -#define afterS3(f) f(4,e,b,d,c,a) -#define afterS4(f) f(5,b,a,e,c,d) -#define afterS5(f) f(6,a,c,b,e,d) -#define afterS6(f) f(7,a,c,d,b,e) -#define afterS7(f) f(8,d,e,b,a,c) - -// order of output from inverse S-box functions -#define beforeI7(f) f(8,a,b,c,d,e) -#define afterI7(f) f(7,d,a,b,e,c) -#define afterI6(f) f(6,a,b,c,e,d) -#define afterI5(f) f(5,b,d,e,c,a) -#define afterI4(f) f(4,b,c,e,a,d) -#define afterI3(f) f(3,a,b,e,c,d) -#define afterI2(f) f(2,b,d,e,c,a) -#define afterI1(f) f(1,a,b,c,e,d) -#define afterI0(f) f(0,a,d,b,e,c) - -// The instruction sequences for the S-box functions -// come from Dag Arne Osvik's paper "Speeding up Serpent". - -#define S0(i, r0, r1, r2, r3, r4) \ - { \ - r3 ^= r0; \ - r4 = r1; \ - r1 &= r3; \ - r4 ^= r2; \ - r1 ^= r0; \ - r0 |= r3; \ - r0 ^= r4; \ - r4 ^= r3; \ - r3 ^= r2; \ - r2 |= r1; \ - r2 ^= r4; \ - r4 = ~r4; \ - r4 |= r1; \ - r1 ^= r3; \ - r1 ^= r4; \ - r3 |= r0; \ - r1 ^= r3; \ - r4 ^= r3; \ - } - -#define I0(i, r0, r1, r2, r3, r4) \ - { \ - r2 = ~r2; \ - r4 = r1; \ - r1 |= r0; \ - r4 = ~r4; \ - r1 ^= r2; \ - r2 |= r4; \ - r1 ^= r3; \ - r0 ^= r4; \ - r2 ^= r0; \ - r0 &= r3; \ - r4 ^= r0; \ - r0 |= r1; \ - r0 ^= r2; \ - r3 ^= r4; \ - r2 ^= r1; \ - r3 ^= r0; \ - r3 ^= r1; \ - r2 &= r3; \ - r4 ^= r2; \ - } - -#define S1(i, r0, r1, r2, r3, r4) \ - { \ - r0 = ~r0; \ - r2 = ~r2; \ - r4 = r0; \ - r0 &= r1; \ - r2 ^= r0; \ - r0 |= r3; \ - r3 ^= r2; \ - r1 ^= r0; \ - r0 ^= r4; \ - r4 |= r1; \ - r1 ^= r3; \ - r2 |= r0; \ - r2 &= r4; \ - r0 ^= r1; \ - r1 &= r2; \ - r1 ^= r0; \ - r0 &= r2; \ - r0 ^= r4; \ - } - -#define I1(i, r0, r1, r2, r3, r4) \ - { \ - r4 = r1; \ - r1 ^= r3; \ - r3 &= r1; \ - r4 ^= r2; \ - r3 ^= r0; \ - r0 |= r1; \ - r2 ^= r3; \ - r0 ^= r4; \ - r0 |= r2; \ - r1 ^= r3; \ - r0 ^= r1; \ - r1 |= r3; \ - r1 ^= r0; \ - r4 = ~r4; \ - r4 ^= r1; \ - r1 |= r0; \ - r1 ^= r0; \ - r1 |= r4; \ - r3 ^= r1; \ - } - -#define S2(i, r0, r1, r2, r3, r4) \ - { \ - r4 = r0; \ - r0 &= r2; \ - r0 ^= r3; \ - r2 ^= r1; \ - r2 ^= r0; \ - r3 |= r4; \ - r3 ^= r1; \ - r4 ^= r2; \ - r1 = r3; \ - r3 |= r4; \ - r3 ^= r0; \ - r0 &= r1; \ - r4 ^= r0; \ - r1 ^= r3; \ - r1 ^= r4; \ - r4 = ~r4; \ - } - -#define I2(i, r0, r1, r2, r3, r4) \ - { \ - r2 ^= r3; \ - r3 ^= r0; \ - r4 = r3; \ - r3 &= r2; \ - r3 ^= r1; \ - r1 |= r2; \ - r1 ^= r4; \ - r4 &= r3; \ - r2 ^= r3; \ - r4 &= r0; \ - r4 ^= r2; \ - r2 &= r1; \ - r2 |= r0; \ - r3 = ~r3; \ - r2 ^= r3; \ - r0 ^= r3; \ - r0 &= r1; \ - r3 ^= r4; \ - r3 ^= r0; \ - } - -#define S3(i, r0, r1, r2, r3, r4) \ - { \ - r4 = r0; \ - r0 |= r3; \ - r3 ^= r1; \ - r1 &= r4; \ - r4 ^= r2; \ - r2 ^= r3; \ - r3 &= r0; \ - r4 |= r1; \ - r3 ^= r4; \ - r0 ^= r1; \ - r4 &= r0; \ - r1 ^= r3; \ - r4 ^= r2; \ - r1 |= r0; \ - r1 ^= r2; \ - r0 ^= r3; \ - r2 = r1; \ - r1 |= r3; \ - r1 ^= r0; \ - } - -#define I3(i, r0, r1, r2, r3, r4) \ - { \ - r4 = r2; \ - r2 ^= r1; \ - r1 &= r2; \ - r1 ^= r0; \ - r0 &= r4; \ - r4 ^= r3; \ - r3 |= r1; \ - r3 ^= r2; \ - r0 ^= r4; \ - r2 ^= r0; \ - r0 |= r3; \ - r0 ^= r1; \ - r4 ^= r2; \ - r2 &= r3; \ - r1 |= r3; \ - r1 ^= r2; \ - r4 ^= r0; \ - r2 ^= r4; \ - } - -#define S4(i, r0, r1, r2, r3, r4) \ - { \ - r1 ^= r3; \ - r3 = ~r3; \ - r2 ^= r3; \ - r3 ^= r0; \ - r4 = r1; \ - r1 &= r3; \ - r1 ^= r2; \ - r4 ^= r3; \ - r0 ^= r4; \ - r2 &= r4; \ - r2 ^= r0; \ - r0 &= r1; \ - r3 ^= r0; \ - r4 |= r1; \ - r4 ^= r0; \ - r0 |= r3; \ - r0 ^= r2; \ - r2 &= r3; \ - r0 = ~r0; \ - r4 ^= r2; \ - } - -#define I4(i, r0, r1, r2, r3, r4) \ - { \ - r4 = r2; \ - r2 &= r3; \ - r2 ^= r1; \ - r1 |= r3; \ - r1 &= r0; \ - r4 ^= r2; \ - r4 ^= r1; \ - r1 &= r2; \ - r0 = ~r0; \ - r3 ^= r4; \ - r1 ^= r3; \ - r3 &= r0; \ - r3 ^= r2; \ - r0 ^= r1; \ - r2 &= r0; \ - r3 ^= r0; \ - r2 ^= r4; \ - r2 |= r3; \ - r3 ^= r0; \ - r2 ^= r1; \ - } - -#define S5(i, r0, r1, r2, r3, r4) \ - { \ - r0 ^= r1; \ - r1 ^= r3; \ - r3 = ~r3; \ - r4 = r1; \ - r1 &= r0; \ - r2 ^= r3; \ - r1 ^= r2; \ - r2 |= r4; \ - r4 ^= r3; \ - r3 &= r1; \ - r3 ^= r0; \ - r4 ^= r1; \ - r4 ^= r2; \ - r2 ^= r0; \ - r0 &= r3; \ - r2 = ~r2; \ - r0 ^= r4; \ - r4 |= r3; \ - r2 ^= r4; \ - } - -#define I5(i, r0, r1, r2, r3, r4) \ - { \ - r1 = ~r1; \ - r4 = r3; \ - r2 ^= r1; \ - r3 |= r0; \ - r3 ^= r2; \ - r2 |= r1; \ - r2 &= r0; \ - r4 ^= r3; \ - r2 ^= r4; \ - r4 |= r0; \ - r4 ^= r1; \ - r1 &= r2; \ - r1 ^= r3; \ - r4 ^= r2; \ - r3 &= r4; \ - r4 ^= r1; \ - r3 ^= r0; \ - r3 ^= r4; \ - r4 = ~r4; \ - } - -#define S6(i, r0, r1, r2, r3, r4) \ - { \ - r2 = ~r2; \ - r4 = r3; \ - r3 &= r0; \ - r0 ^= r4; \ - r3 ^= r2; \ - r2 |= r4; \ - r1 ^= r3; \ - r2 ^= r0; \ - r0 |= r1; \ - r2 ^= r1; \ - r4 ^= r0; \ - r0 |= r3; \ - r0 ^= r2; \ - r4 ^= r3; \ - r4 ^= r0; \ - r3 = ~r3; \ - r2 &= r4; \ - r2 ^= r3; \ - } - -#define I6(i, r0, r1, r2, r3, r4) \ - { \ - r0 ^= r2; \ - r4 = r2; \ - r2 &= r0; \ - r4 ^= r3; \ - r2 = ~r2; \ - r3 ^= r1; \ - r2 ^= r3; \ - r4 |= r0; \ - r0 ^= r2; \ - r3 ^= r4; \ - r4 ^= r1; \ - r1 &= r3; \ - r1 ^= r0; \ - r0 ^= r3; \ - r0 |= r2; \ - r3 ^= r1; \ - r4 ^= r0; \ - } - -#define S7(i, r0, r1, r2, r3, r4) \ - { \ - r4 = r2; \ - r2 &= r1; \ - r2 ^= r3; \ - r3 &= r1; \ - r4 ^= r2; \ - r2 ^= r1; \ - r1 ^= r0; \ - r0 |= r4; \ - r0 ^= r2; \ - r3 ^= r1; \ - r2 ^= r3; \ - r3 &= r0; \ - r3 ^= r4; \ - r4 ^= r2; \ - r2 &= r0; \ - r4 = ~r4; \ - r2 ^= r4; \ - r4 &= r0; \ - r1 ^= r3; \ - r4 ^= r1; \ - } - -#define I7(i, r0, r1, r2, r3, r4) \ - { \ - r4 = r2; \ - r2 ^= r0; \ - r0 &= r3; \ - r2 = ~r2; \ - r4 |= r3; \ - r3 ^= r1; \ - r1 |= r0; \ - r0 ^= r2; \ - r2 &= r4; \ - r1 ^= r2; \ - r2 ^= r0; \ - r0 |= r2; \ - r3 &= r4; \ - r0 ^= r3; \ - r4 ^= r1; \ - r3 ^= r4; \ - r4 |= r0; \ - r3 ^= r2; \ - r4 ^= r2; \ - } - -// key xor -#define KX(r, a, b, c, d, e) {\ - a ^= k[4 * r + 0]; \ - b ^= k[4 * r + 1]; \ - c ^= k[4 * r + 2]; \ - d ^= k[4 * r + 3];} - - -#ifdef TC_MINIMIZE_CODE_SIZE - -static void S0f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) -{ - *r3 ^= *r0; - *r4 = *r1; - *r1 &= *r3; - *r4 ^= *r2; - *r1 ^= *r0; - *r0 |= *r3; - *r0 ^= *r4; - *r4 ^= *r3; - *r3 ^= *r2; - *r2 |= *r1; - *r2 ^= *r4; - *r4 = ~*r4; - *r4 |= *r1; - *r1 ^= *r3; - *r1 ^= *r4; - *r3 |= *r0; - *r1 ^= *r3; - *r4 ^= *r3; -} - -static void S1f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) -{ - *r0 = ~*r0; - *r2 = ~*r2; - *r4 = *r0; - *r0 &= *r1; - *r2 ^= *r0; - *r0 |= *r3; - *r3 ^= *r2; - *r1 ^= *r0; - *r0 ^= *r4; - *r4 |= *r1; - *r1 ^= *r3; - *r2 |= *r0; - *r2 &= *r4; - *r0 ^= *r1; - *r1 &= *r2; - *r1 ^= *r0; - *r0 &= *r2; - *r0 ^= *r4; -} - -static void S2f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) -{ - *r4 = *r0; - *r0 &= *r2; - *r0 ^= *r3; - *r2 ^= *r1; - *r2 ^= *r0; - *r3 |= *r4; - *r3 ^= *r1; - *r4 ^= *r2; - *r1 = *r3; - *r3 |= *r4; - *r3 ^= *r0; - *r0 &= *r1; - *r4 ^= *r0; - *r1 ^= *r3; - *r1 ^= *r4; - *r4 = ~*r4; -} - -static void S3f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) -{ - *r4 = *r0; - *r0 |= *r3; - *r3 ^= *r1; - *r1 &= *r4; - *r4 ^= *r2; - *r2 ^= *r3; - *r3 &= *r0; - *r4 |= *r1; - *r3 ^= *r4; - *r0 ^= *r1; - *r4 &= *r0; - *r1 ^= *r3; - *r4 ^= *r2; - *r1 |= *r0; - *r1 ^= *r2; - *r0 ^= *r3; - *r2 = *r1; - *r1 |= *r3; - *r1 ^= *r0; -} - -static void S4f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) -{ - *r1 ^= *r3; - *r3 = ~*r3; - *r2 ^= *r3; - *r3 ^= *r0; - *r4 = *r1; - *r1 &= *r3; - *r1 ^= *r2; - *r4 ^= *r3; - *r0 ^= *r4; - *r2 &= *r4; - *r2 ^= *r0; - *r0 &= *r1; - *r3 ^= *r0; - *r4 |= *r1; - *r4 ^= *r0; - *r0 |= *r3; - *r0 ^= *r2; - *r2 &= *r3; - *r0 = ~*r0; - *r4 ^= *r2; -} - -static void S5f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) -{ - *r0 ^= *r1; - *r1 ^= *r3; - *r3 = ~*r3; - *r4 = *r1; - *r1 &= *r0; - *r2 ^= *r3; - *r1 ^= *r2; - *r2 |= *r4; - *r4 ^= *r3; - *r3 &= *r1; - *r3 ^= *r0; - *r4 ^= *r1; - *r4 ^= *r2; - *r2 ^= *r0; - *r0 &= *r3; - *r2 = ~*r2; - *r0 ^= *r4; - *r4 |= *r3; - *r2 ^= *r4; -} - -static void S6f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) -{ - *r2 = ~*r2; - *r4 = *r3; - *r3 &= *r0; - *r0 ^= *r4; - *r3 ^= *r2; - *r2 |= *r4; - *r1 ^= *r3; - *r2 ^= *r0; - *r0 |= *r1; - *r2 ^= *r1; - *r4 ^= *r0; - *r0 |= *r3; - *r0 ^= *r2; - *r4 ^= *r3; - *r4 ^= *r0; - *r3 = ~*r3; - *r2 &= *r4; - *r2 ^= *r3; -} - -static void S7f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) -{ - *r4 = *r2; - *r2 &= *r1; - *r2 ^= *r3; - *r3 &= *r1; - *r4 ^= *r2; - *r2 ^= *r1; - *r1 ^= *r0; - *r0 |= *r4; - *r0 ^= *r2; - *r3 ^= *r1; - *r2 ^= *r3; - *r3 &= *r0; - *r3 ^= *r4; - *r4 ^= *r2; - *r2 &= *r0; - *r4 = ~*r4; - *r2 ^= *r4; - *r4 &= *r0; - *r1 ^= *r3; - *r4 ^= *r1; -} - -static void KXf (const unsigned __int32 *k, unsigned int r, unsigned __int32 *a, unsigned __int32 *b, unsigned __int32 *c, unsigned __int32 *d) -{ - *a ^= k[r]; - *b ^= k[r + 1]; - *c ^= k[r + 2]; - *d ^= k[r + 3]; -} - -#endif // TC_MINIMIZE_CODE_SIZE - -#ifndef TC_MINIMIZE_CODE_SIZE - -void serpent_set_key(const unsigned __int8 userKey[],unsigned __int8 *ks) -{ - unsigned __int32 a,b,c,d,e; - unsigned __int32 *k = (unsigned __int32 *)ks; - unsigned __int32 t; - int i; - - for (i = 0; i < 8; i++) - k[i] = LE32(((unsigned __int32*)userKey)[i]); - - k += 8; - t = k[-1]; - for (i = 0; i < 132; ++i) - k[i] = t = rotlFixed(k[i-8] ^ k[i-5] ^ k[i-3] ^ t ^ 0x9e3779b9 ^ i, 11); - k -= 20; - -#define LK(r, a, b, c, d, e) {\ - a = k[(8-r)*4 + 0]; \ - b = k[(8-r)*4 + 1]; \ - c = k[(8-r)*4 + 2]; \ - d = k[(8-r)*4 + 3];} - -#define SK(r, a, b, c, d, e) {\ - k[(8-r)*4 + 4] = a; \ - k[(8-r)*4 + 5] = b; \ - k[(8-r)*4 + 6] = c; \ - k[(8-r)*4 + 7] = d;} \ - - for (i=0; i<4; i++) - { - afterS2(LK); afterS2(S3); afterS3(SK); - afterS1(LK); afterS1(S2); afterS2(SK); - afterS0(LK); afterS0(S1); afterS1(SK); - beforeS0(LK); beforeS0(S0); afterS0(SK); - k += 8*4; - afterS6(LK); afterS6(S7); afterS7(SK); - afterS5(LK); afterS5(S6); afterS6(SK); - afterS4(LK); afterS4(S5); afterS5(SK); - afterS3(LK); afterS3(S4); afterS4(SK); - } - afterS2(LK); afterS2(S3); afterS3(SK); -} - -#else // TC_MINIMIZE_CODE_SIZE - -static void LKf (unsigned __int32 *k, unsigned int r, unsigned __int32 *a, unsigned __int32 *b, unsigned __int32 *c, unsigned __int32 *d) -{ - *a = k[r]; - *b = k[r + 1]; - *c = k[r + 2]; - *d = k[r + 3]; -} - -static void SKf (unsigned __int32 *k, unsigned int r, unsigned __int32 *a, unsigned __int32 *b, unsigned __int32 *c, unsigned __int32 *d) -{ - k[r + 4] = *a; - k[r + 5] = *b; - k[r + 6] = *c; - k[r + 7] = *d; -} - -void serpent_set_key(const unsigned __int8 userKey[], unsigned __int8 *ks) -{ - unsigned __int32 a,b,c,d,e; - unsigned __int32 *k = (unsigned __int32 *)ks; - unsigned __int32 t; - int i; - - for (i = 0; i < 8; i++) - k[i] = LE32(((unsigned __int32*)userKey)[i]); - - k += 8; - t = k[-1]; - for (i = 0; i < 132; ++i) - k[i] = t = rotlFixed(k[i-8] ^ k[i-5] ^ k[i-3] ^ t ^ 0x9e3779b9 ^ i, 11); - k -= 20; - - for (i=0; i<4; i++) - { - LKf (k, 20, &a, &e, &b, &d); S3f (&a, &e, &b, &d, &c); SKf (k, 16, &e, &b, &d, &c); - LKf (k, 24, &c, &b, &a, &e); S2f (&c, &b, &a, &e, &d); SKf (k, 20, &a, &e, &b, &d); - LKf (k, 28, &b, &e, &c, &a); S1f (&b, &e, &c, &a, &d); SKf (k, 24, &c, &b, &a, &e); - LKf (k, 32, &a, &b, &c, &d); S0f (&a, &b, &c, &d, &e); SKf (k, 28, &b, &e, &c, &a); - k += 8*4; - LKf (k, 4, &a, &c, &d, &b); S7f (&a, &c, &d, &b, &e); SKf (k, 0, &d, &e, &b, &a); - LKf (k, 8, &a, &c, &b, &e); S6f (&a, &c, &b, &e, &d); SKf (k, 4, &a, &c, &d, &b); - LKf (k, 12, &b, &a, &e, &c); S5f (&b, &a, &e, &c, &d); SKf (k, 8, &a, &c, &b, &e); - LKf (k, 16, &e, &b, &d, &c); S4f (&e, &b, &d, &c, &a); SKf (k, 12, &b, &a, &e, &c); - } - LKf (k, 20, &a, &e, &b, &d); S3f (&a, &e, &b, &d, &c); SKf (k, 16, &e, &b, &d, &c); -} - -#endif // TC_MINIMIZE_CODE_SIZE - - -#ifndef TC_MINIMIZE_CODE_SIZE - -void serpent_encrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks) -{ - unsigned __int32 a, b, c, d, e; - unsigned int i=1; - const unsigned __int32 *k = (unsigned __int32 *)ks + 8; - unsigned __int32 *in = (unsigned __int32 *) inBlock; - unsigned __int32 *out = (unsigned __int32 *) outBlock; - - a = LE32(in[0]); - b = LE32(in[1]); - c = LE32(in[2]); - d = LE32(in[3]); - - do - { - beforeS0(KX); beforeS0(S0); afterS0(LT); - afterS0(KX); afterS0(S1); afterS1(LT); - afterS1(KX); afterS1(S2); afterS2(LT); - afterS2(KX); afterS2(S3); afterS3(LT); - afterS3(KX); afterS3(S4); afterS4(LT); - afterS4(KX); afterS4(S5); afterS5(LT); - afterS5(KX); afterS5(S6); afterS6(LT); - afterS6(KX); afterS6(S7); - - if (i == 4) - break; - - ++i; - c = b; - b = e; - e = d; - d = a; - a = e; - k += 32; - beforeS0(LT); - } - while (1); - - afterS7(KX); - - out[0] = LE32(d); - out[1] = LE32(e); - out[2] = LE32(b); - out[3] = LE32(a); -} - -#else // TC_MINIMIZE_CODE_SIZE - -typedef unsigned __int32 uint32; - -static void LTf (uint32 *a, uint32 *b, uint32 *c, uint32 *d) -{ - *a = rotlFixed(*a, 13); - *c = rotlFixed(*c, 3); - *d = rotlFixed(*d ^ *c ^ (*a << 3), 7); - *b = rotlFixed(*b ^ *a ^ *c, 1); - *a = rotlFixed(*a ^ *b ^ *d, 5); - *c = rotlFixed(*c ^ *d ^ (*b << 7), 22); -} - -void serpent_encrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks) -{ - unsigned __int32 a, b, c, d, e; - unsigned int i=1; - const unsigned __int32 *k = (unsigned __int32 *)ks + 8; - unsigned __int32 *in = (unsigned __int32 *) inBlock; - unsigned __int32 *out = (unsigned __int32 *) outBlock; - - a = LE32(in[0]); - b = LE32(in[1]); - c = LE32(in[2]); - d = LE32(in[3]); - - do - { - KXf (k, 0, &a, &b, &c, &d); S0f (&a, &b, &c, &d, &e); LTf (&b, &e, &c, &a); - KXf (k, 4, &b, &e, &c, &a); S1f (&b, &e, &c, &a, &d); LTf (&c, &b, &a, &e); - KXf (k, 8, &c, &b, &a, &e); S2f (&c, &b, &a, &e, &d); LTf (&a, &e, &b, &d); - KXf (k, 12, &a, &e, &b, &d); S3f (&a, &e, &b, &d, &c); LTf (&e, &b, &d, &c); - KXf (k, 16, &e, &b, &d, &c); S4f (&e, &b, &d, &c, &a); LTf (&b, &a, &e, &c); - KXf (k, 20, &b, &a, &e, &c); S5f (&b, &a, &e, &c, &d); LTf (&a, &c, &b, &e); - KXf (k, 24, &a, &c, &b, &e); S6f (&a, &c, &b, &e, &d); LTf (&a, &c, &d, &b); - KXf (k, 28, &a, &c, &d, &b); S7f (&a, &c, &d, &b, &e); - - if (i == 4) - break; - - ++i; - c = b; - b = e; - e = d; - d = a; - a = e; - k += 32; - LTf (&a,&b,&c,&d); - } - while (1); - - KXf (k, 32, &d, &e, &b, &a); - - out[0] = LE32(d); - out[1] = LE32(e); - out[2] = LE32(b); - out[3] = LE32(a); -} - -#endif // TC_MINIMIZE_CODE_SIZE - -#if !defined (TC_MINIMIZE_CODE_SIZE) - -void serpent_decrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks) -{ - unsigned __int32 a, b, c, d, e; - const unsigned __int32 *k = (unsigned __int32 *)ks + 104; - unsigned int i=4; - unsigned __int32 *in = (unsigned __int32 *) inBlock; - unsigned __int32 *out = (unsigned __int32 *) outBlock; - - a = LE32(in[0]); - b = LE32(in[1]); - c = LE32(in[2]); - d = LE32(in[3]); - - beforeI7(KX); - goto start; - - do - { - c = b; - b = d; - d = e; - k -= 32; - beforeI7(ILT); -start: - beforeI7(I7); afterI7(KX); - afterI7(ILT); afterI7(I6); afterI6(KX); - afterI6(ILT); afterI6(I5); afterI5(KX); - afterI5(ILT); afterI5(I4); afterI4(KX); - afterI4(ILT); afterI4(I3); afterI3(KX); - afterI3(ILT); afterI3(I2); afterI2(KX); - afterI2(ILT); afterI2(I1); afterI1(KX); - afterI1(ILT); afterI1(I0); afterI0(KX); - } - while (--i != 0); - - out[0] = LE32(a); - out[1] = LE32(d); - out[2] = LE32(b); - out[3] = LE32(e); -} - -#else // TC_MINIMIZE_CODE_SIZE - -static void ILTf (uint32 *a, uint32 *b, uint32 *c, uint32 *d) -{ - *c = rotrFixed(*c, 22); - *a = rotrFixed(*a, 5); - *c ^= *d ^ (*b << 7); - *a ^= *b ^ *d; - *b = rotrFixed(*b, 1); - *d = rotrFixed(*d, 7) ^ *c ^ (*a << 3); - *b ^= *a ^ *c; - *c = rotrFixed(*c, 3); - *a = rotrFixed(*a, 13); -} - -void serpent_decrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks) -{ - unsigned __int32 a, b, c, d, e; - const unsigned __int32 *k = (unsigned __int32 *)ks + 104; - unsigned int i=4; - unsigned __int32 *in = (unsigned __int32 *) inBlock; - unsigned __int32 *out = (unsigned __int32 *) outBlock; - - a = LE32(in[0]); - b = LE32(in[1]); - c = LE32(in[2]); - d = LE32(in[3]); - - KXf (k, 32, &a, &b, &c, &d); - goto start; - - do - { - c = b; - b = d; - d = e; - k -= 32; - beforeI7(ILT); -start: - beforeI7(I7); KXf (k, 28, &d, &a, &b, &e); - ILTf (&d, &a, &b, &e); afterI7(I6); KXf (k, 24, &a, &b, &c, &e); - ILTf (&a, &b, &c, &e); afterI6(I5); KXf (k, 20, &b, &d, &e, &c); - ILTf (&b, &d, &e, &c); afterI5(I4); KXf (k, 16, &b, &c, &e, &a); - ILTf (&b, &c, &e, &a); afterI4(I3); KXf (k, 12, &a, &b, &e, &c); - ILTf (&a, &b, &e, &c); afterI3(I2); KXf (k, 8, &b, &d, &e, &c); - ILTf (&b, &d, &e, &c); afterI2(I1); KXf (k, 4, &a, &b, &c, &e); - ILTf (&a, &b, &c, &e); afterI1(I0); KXf (k, 0, &a, &d, &b, &e); - } - while (--i != 0); - - out[0] = LE32(a); - out[1] = LE32(d); - out[2] = LE32(b); - out[3] = LE32(e); -} - -#endif // TC_MINIMIZE_CODE_SIZE +// serpent.cpp - written and placed in the public domain by Wei Dai + +/* Adapted for TrueCrypt */ +/* Adapted for VeraCrypt */ + +#ifdef TC_WINDOWS_BOOT +#pragma optimize ("t", on) +#endif + +#include "Serpent.h" +#include "Common/Endian.h" + +#include + +#if defined(_WIN32) && !defined(_DEBUG) +#include +#define rotlFixed _rotl +#define rotrFixed _rotr +#else +#define rotlFixed(x,n) (((x) << (n)) | ((x) >> (32 - (n)))) +#define rotrFixed(x,n) (((x) >> (n)) | ((x) << (32 - (n)))) +#endif + +// linear transformation +#define LT(i,a,b,c,d,e) {\ + a = rotlFixed(a, 13); \ + c = rotlFixed(c, 3); \ + d = rotlFixed(d ^ c ^ (a << 3), 7); \ + b = rotlFixed(b ^ a ^ c, 1); \ + a = rotlFixed(a ^ b ^ d, 5); \ + c = rotlFixed(c ^ d ^ (b << 7), 22);} + +// inverse linear transformation +#define ILT(i,a,b,c,d,e) {\ + c = rotrFixed(c, 22); \ + a = rotrFixed(a, 5); \ + c ^= d ^ (b << 7); \ + a ^= b ^ d; \ + b = rotrFixed(b, 1); \ + d = rotrFixed(d, 7) ^ c ^ (a << 3); \ + b ^= a ^ c; \ + c = rotrFixed(c, 3); \ + a = rotrFixed(a, 13);} + +// order of output from S-box functions +#define beforeS0(f) f(0,a,b,c,d,e) +#define afterS0(f) f(1,b,e,c,a,d) +#define afterS1(f) f(2,c,b,a,e,d) +#define afterS2(f) f(3,a,e,b,d,c) +#define afterS3(f) f(4,e,b,d,c,a) +#define afterS4(f) f(5,b,a,e,c,d) +#define afterS5(f) f(6,a,c,b,e,d) +#define afterS6(f) f(7,a,c,d,b,e) +#define afterS7(f) f(8,d,e,b,a,c) + +// order of output from inverse S-box functions +#define beforeI7(f) f(8,a,b,c,d,e) +#define afterI7(f) f(7,d,a,b,e,c) +#define afterI6(f) f(6,a,b,c,e,d) +#define afterI5(f) f(5,b,d,e,c,a) +#define afterI4(f) f(4,b,c,e,a,d) +#define afterI3(f) f(3,a,b,e,c,d) +#define afterI2(f) f(2,b,d,e,c,a) +#define afterI1(f) f(1,a,b,c,e,d) +#define afterI0(f) f(0,a,d,b,e,c) + +// The instruction sequences for the S-box functions +// come from Dag Arne Osvik's paper "Speeding up Serpent". + +#define S0(i, r0, r1, r2, r3, r4) \ + { \ + r3 ^= r0; \ + r4 = r1; \ + r1 &= r3; \ + r4 ^= r2; \ + r1 ^= r0; \ + r0 |= r3; \ + r0 ^= r4; \ + r4 ^= r3; \ + r3 ^= r2; \ + r2 |= r1; \ + r2 ^= r4; \ + r4 = ~r4; \ + r4 |= r1; \ + r1 ^= r3; \ + r1 ^= r4; \ + r3 |= r0; \ + r1 ^= r3; \ + r4 ^= r3; \ + } + +#define I0(i, r0, r1, r2, r3, r4) \ + { \ + r2 = ~r2; \ + r4 = r1; \ + r1 |= r0; \ + r4 = ~r4; \ + r1 ^= r2; \ + r2 |= r4; \ + r1 ^= r3; \ + r0 ^= r4; \ + r2 ^= r0; \ + r0 &= r3; \ + r4 ^= r0; \ + r0 |= r1; \ + r0 ^= r2; \ + r3 ^= r4; \ + r2 ^= r1; \ + r3 ^= r0; \ + r3 ^= r1; \ + r2 &= r3; \ + r4 ^= r2; \ + } + +#define S1(i, r0, r1, r2, r3, r4) \ + { \ + r0 = ~r0; \ + r2 = ~r2; \ + r4 = r0; \ + r0 &= r1; \ + r2 ^= r0; \ + r0 |= r3; \ + r3 ^= r2; \ + r1 ^= r0; \ + r0 ^= r4; \ + r4 |= r1; \ + r1 ^= r3; \ + r2 |= r0; \ + r2 &= r4; \ + r0 ^= r1; \ + r1 &= r2; \ + r1 ^= r0; \ + r0 &= r2; \ + r0 ^= r4; \ + } + +#define I1(i, r0, r1, r2, r3, r4) \ + { \ + r4 = r1; \ + r1 ^= r3; \ + r3 &= r1; \ + r4 ^= r2; \ + r3 ^= r0; \ + r0 |= r1; \ + r2 ^= r3; \ + r0 ^= r4; \ + r0 |= r2; \ + r1 ^= r3; \ + r0 ^= r1; \ + r1 |= r3; \ + r1 ^= r0; \ + r4 = ~r4; \ + r4 ^= r1; \ + r1 |= r0; \ + r1 ^= r0; \ + r1 |= r4; \ + r3 ^= r1; \ + } + +#define S2(i, r0, r1, r2, r3, r4) \ + { \ + r4 = r0; \ + r0 &= r2; \ + r0 ^= r3; \ + r2 ^= r1; \ + r2 ^= r0; \ + r3 |= r4; \ + r3 ^= r1; \ + r4 ^= r2; \ + r1 = r3; \ + r3 |= r4; \ + r3 ^= r0; \ + r0 &= r1; \ + r4 ^= r0; \ + r1 ^= r3; \ + r1 ^= r4; \ + r4 = ~r4; \ + } + +#define I2(i, r0, r1, r2, r3, r4) \ + { \ + r2 ^= r3; \ + r3 ^= r0; \ + r4 = r3; \ + r3 &= r2; \ + r3 ^= r1; \ + r1 |= r2; \ + r1 ^= r4; \ + r4 &= r3; \ + r2 ^= r3; \ + r4 &= r0; \ + r4 ^= r2; \ + r2 &= r1; \ + r2 |= r0; \ + r3 = ~r3; \ + r2 ^= r3; \ + r0 ^= r3; \ + r0 &= r1; \ + r3 ^= r4; \ + r3 ^= r0; \ + } + +#define S3(i, r0, r1, r2, r3, r4) \ + { \ + r4 = r0; \ + r0 |= r3; \ + r3 ^= r1; \ + r1 &= r4; \ + r4 ^= r2; \ + r2 ^= r3; \ + r3 &= r0; \ + r4 |= r1; \ + r3 ^= r4; \ + r0 ^= r1; \ + r4 &= r0; \ + r1 ^= r3; \ + r4 ^= r2; \ + r1 |= r0; \ + r1 ^= r2; \ + r0 ^= r3; \ + r2 = r1; \ + r1 |= r3; \ + r1 ^= r0; \ + } + +#define I3(i, r0, r1, r2, r3, r4) \ + { \ + r4 = r2; \ + r2 ^= r1; \ + r1 &= r2; \ + r1 ^= r0; \ + r0 &= r4; \ + r4 ^= r3; \ + r3 |= r1; \ + r3 ^= r2; \ + r0 ^= r4; \ + r2 ^= r0; \ + r0 |= r3; \ + r0 ^= r1; \ + r4 ^= r2; \ + r2 &= r3; \ + r1 |= r3; \ + r1 ^= r2; \ + r4 ^= r0; \ + r2 ^= r4; \ + } + +#define S4(i, r0, r1, r2, r3, r4) \ + { \ + r1 ^= r3; \ + r3 = ~r3; \ + r2 ^= r3; \ + r3 ^= r0; \ + r4 = r1; \ + r1 &= r3; \ + r1 ^= r2; \ + r4 ^= r3; \ + r0 ^= r4; \ + r2 &= r4; \ + r2 ^= r0; \ + r0 &= r1; \ + r3 ^= r0; \ + r4 |= r1; \ + r4 ^= r0; \ + r0 |= r3; \ + r0 ^= r2; \ + r2 &= r3; \ + r0 = ~r0; \ + r4 ^= r2; \ + } + +#define I4(i, r0, r1, r2, r3, r4) \ + { \ + r4 = r2; \ + r2 &= r3; \ + r2 ^= r1; \ + r1 |= r3; \ + r1 &= r0; \ + r4 ^= r2; \ + r4 ^= r1; \ + r1 &= r2; \ + r0 = ~r0; \ + r3 ^= r4; \ + r1 ^= r3; \ + r3 &= r0; \ + r3 ^= r2; \ + r0 ^= r1; \ + r2 &= r0; \ + r3 ^= r0; \ + r2 ^= r4; \ + r2 |= r3; \ + r3 ^= r0; \ + r2 ^= r1; \ + } + +#define S5(i, r0, r1, r2, r3, r4) \ + { \ + r0 ^= r1; \ + r1 ^= r3; \ + r3 = ~r3; \ + r4 = r1; \ + r1 &= r0; \ + r2 ^= r3; \ + r1 ^= r2; \ + r2 |= r4; \ + r4 ^= r3; \ + r3 &= r1; \ + r3 ^= r0; \ + r4 ^= r1; \ + r4 ^= r2; \ + r2 ^= r0; \ + r0 &= r3; \ + r2 = ~r2; \ + r0 ^= r4; \ + r4 |= r3; \ + r2 ^= r4; \ + } + +#define I5(i, r0, r1, r2, r3, r4) \ + { \ + r1 = ~r1; \ + r4 = r3; \ + r2 ^= r1; \ + r3 |= r0; \ + r3 ^= r2; \ + r2 |= r1; \ + r2 &= r0; \ + r4 ^= r3; \ + r2 ^= r4; \ + r4 |= r0; \ + r4 ^= r1; \ + r1 &= r2; \ + r1 ^= r3; \ + r4 ^= r2; \ + r3 &= r4; \ + r4 ^= r1; \ + r3 ^= r0; \ + r3 ^= r4; \ + r4 = ~r4; \ + } + +#define S6(i, r0, r1, r2, r3, r4) \ + { \ + r2 = ~r2; \ + r4 = r3; \ + r3 &= r0; \ + r0 ^= r4; \ + r3 ^= r2; \ + r2 |= r4; \ + r1 ^= r3; \ + r2 ^= r0; \ + r0 |= r1; \ + r2 ^= r1; \ + r4 ^= r0; \ + r0 |= r3; \ + r0 ^= r2; \ + r4 ^= r3; \ + r4 ^= r0; \ + r3 = ~r3; \ + r2 &= r4; \ + r2 ^= r3; \ + } + +#define I6(i, r0, r1, r2, r3, r4) \ + { \ + r0 ^= r2; \ + r4 = r2; \ + r2 &= r0; \ + r4 ^= r3; \ + r2 = ~r2; \ + r3 ^= r1; \ + r2 ^= r3; \ + r4 |= r0; \ + r0 ^= r2; \ + r3 ^= r4; \ + r4 ^= r1; \ + r1 &= r3; \ + r1 ^= r0; \ + r0 ^= r3; \ + r0 |= r2; \ + r3 ^= r1; \ + r4 ^= r0; \ + } + +#define S7(i, r0, r1, r2, r3, r4) \ + { \ + r4 = r2; \ + r2 &= r1; \ + r2 ^= r3; \ + r3 &= r1; \ + r4 ^= r2; \ + r2 ^= r1; \ + r1 ^= r0; \ + r0 |= r4; \ + r0 ^= r2; \ + r3 ^= r1; \ + r2 ^= r3; \ + r3 &= r0; \ + r3 ^= r4; \ + r4 ^= r2; \ + r2 &= r0; \ + r4 = ~r4; \ + r2 ^= r4; \ + r4 &= r0; \ + r1 ^= r3; \ + r4 ^= r1; \ + } + +#define I7(i, r0, r1, r2, r3, r4) \ + { \ + r4 = r2; \ + r2 ^= r0; \ + r0 &= r3; \ + r2 = ~r2; \ + r4 |= r3; \ + r3 ^= r1; \ + r1 |= r0; \ + r0 ^= r2; \ + r2 &= r4; \ + r1 ^= r2; \ + r2 ^= r0; \ + r0 |= r2; \ + r3 &= r4; \ + r0 ^= r3; \ + r4 ^= r1; \ + r3 ^= r4; \ + r4 |= r0; \ + r3 ^= r2; \ + r4 ^= r2; \ + } + +// key xor +#define KX(r, a, b, c, d, e) {\ + a ^= k[4 * r + 0]; \ + b ^= k[4 * r + 1]; \ + c ^= k[4 * r + 2]; \ + d ^= k[4 * r + 3];} + + +#ifdef TC_MINIMIZE_CODE_SIZE + +static void S0f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) +{ + *r3 ^= *r0; + *r4 = *r1; + *r1 &= *r3; + *r4 ^= *r2; + *r1 ^= *r0; + *r0 |= *r3; + *r0 ^= *r4; + *r4 ^= *r3; + *r3 ^= *r2; + *r2 |= *r1; + *r2 ^= *r4; + *r4 = ~*r4; + *r4 |= *r1; + *r1 ^= *r3; + *r1 ^= *r4; + *r3 |= *r0; + *r1 ^= *r3; + *r4 ^= *r3; +} + +static void S1f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) +{ + *r0 = ~*r0; + *r2 = ~*r2; + *r4 = *r0; + *r0 &= *r1; + *r2 ^= *r0; + *r0 |= *r3; + *r3 ^= *r2; + *r1 ^= *r0; + *r0 ^= *r4; + *r4 |= *r1; + *r1 ^= *r3; + *r2 |= *r0; + *r2 &= *r4; + *r0 ^= *r1; + *r1 &= *r2; + *r1 ^= *r0; + *r0 &= *r2; + *r0 ^= *r4; +} + +static void S2f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) +{ + *r4 = *r0; + *r0 &= *r2; + *r0 ^= *r3; + *r2 ^= *r1; + *r2 ^= *r0; + *r3 |= *r4; + *r3 ^= *r1; + *r4 ^= *r2; + *r1 = *r3; + *r3 |= *r4; + *r3 ^= *r0; + *r0 &= *r1; + *r4 ^= *r0; + *r1 ^= *r3; + *r1 ^= *r4; + *r4 = ~*r4; +} + +static void S3f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) +{ + *r4 = *r0; + *r0 |= *r3; + *r3 ^= *r1; + *r1 &= *r4; + *r4 ^= *r2; + *r2 ^= *r3; + *r3 &= *r0; + *r4 |= *r1; + *r3 ^= *r4; + *r0 ^= *r1; + *r4 &= *r0; + *r1 ^= *r3; + *r4 ^= *r2; + *r1 |= *r0; + *r1 ^= *r2; + *r0 ^= *r3; + *r2 = *r1; + *r1 |= *r3; + *r1 ^= *r0; +} + +static void S4f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) +{ + *r1 ^= *r3; + *r3 = ~*r3; + *r2 ^= *r3; + *r3 ^= *r0; + *r4 = *r1; + *r1 &= *r3; + *r1 ^= *r2; + *r4 ^= *r3; + *r0 ^= *r4; + *r2 &= *r4; + *r2 ^= *r0; + *r0 &= *r1; + *r3 ^= *r0; + *r4 |= *r1; + *r4 ^= *r0; + *r0 |= *r3; + *r0 ^= *r2; + *r2 &= *r3; + *r0 = ~*r0; + *r4 ^= *r2; +} + +static void S5f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) +{ + *r0 ^= *r1; + *r1 ^= *r3; + *r3 = ~*r3; + *r4 = *r1; + *r1 &= *r0; + *r2 ^= *r3; + *r1 ^= *r2; + *r2 |= *r4; + *r4 ^= *r3; + *r3 &= *r1; + *r3 ^= *r0; + *r4 ^= *r1; + *r4 ^= *r2; + *r2 ^= *r0; + *r0 &= *r3; + *r2 = ~*r2; + *r0 ^= *r4; + *r4 |= *r3; + *r2 ^= *r4; +} + +static void S6f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) +{ + *r2 = ~*r2; + *r4 = *r3; + *r3 &= *r0; + *r0 ^= *r4; + *r3 ^= *r2; + *r2 |= *r4; + *r1 ^= *r3; + *r2 ^= *r0; + *r0 |= *r1; + *r2 ^= *r1; + *r4 ^= *r0; + *r0 |= *r3; + *r0 ^= *r2; + *r4 ^= *r3; + *r4 ^= *r0; + *r3 = ~*r3; + *r2 &= *r4; + *r2 ^= *r3; +} + +static void S7f (unsigned __int32 *r0, unsigned __int32 *r1, unsigned __int32 *r2, unsigned __int32 *r3, unsigned __int32 *r4) +{ + *r4 = *r2; + *r2 &= *r1; + *r2 ^= *r3; + *r3 &= *r1; + *r4 ^= *r2; + *r2 ^= *r1; + *r1 ^= *r0; + *r0 |= *r4; + *r0 ^= *r2; + *r3 ^= *r1; + *r2 ^= *r3; + *r3 &= *r0; + *r3 ^= *r4; + *r4 ^= *r2; + *r2 &= *r0; + *r4 = ~*r4; + *r2 ^= *r4; + *r4 &= *r0; + *r1 ^= *r3; + *r4 ^= *r1; +} + +static void KXf (const unsigned __int32 *k, unsigned int r, unsigned __int32 *a, unsigned __int32 *b, unsigned __int32 *c, unsigned __int32 *d) +{ + *a ^= k[r]; + *b ^= k[r + 1]; + *c ^= k[r + 2]; + *d ^= k[r + 3]; +} + +#endif // TC_MINIMIZE_CODE_SIZE + +#ifndef TC_MINIMIZE_CODE_SIZE + +void serpent_set_key(const unsigned __int8 userKey[],unsigned __int8 *ks) +{ + unsigned __int32 a,b,c,d,e; + unsigned __int32 *k = (unsigned __int32 *)ks; + unsigned __int32 t; + int i; + + for (i = 0; i < 8; i++) + k[i] = LE32(((unsigned __int32*)userKey)[i]); + + k += 8; + t = k[-1]; + for (i = 0; i < 132; ++i) + k[i] = t = rotlFixed(k[i-8] ^ k[i-5] ^ k[i-3] ^ t ^ 0x9e3779b9 ^ i, 11); + k -= 20; + +#define LK(r, a, b, c, d, e) {\ + a = k[(8-r)*4 + 0]; \ + b = k[(8-r)*4 + 1]; \ + c = k[(8-r)*4 + 2]; \ + d = k[(8-r)*4 + 3];} + +#define SK(r, a, b, c, d, e) {\ + k[(8-r)*4 + 4] = a; \ + k[(8-r)*4 + 5] = b; \ + k[(8-r)*4 + 6] = c; \ + k[(8-r)*4 + 7] = d;} \ + + for (i=0; i<4; i++) + { + afterS2(LK); afterS2(S3); afterS3(SK); + afterS1(LK); afterS1(S2); afterS2(SK); + afterS0(LK); afterS0(S1); afterS1(SK); + beforeS0(LK); beforeS0(S0); afterS0(SK); + k += 8*4; + afterS6(LK); afterS6(S7); afterS7(SK); + afterS5(LK); afterS5(S6); afterS6(SK); + afterS4(LK); afterS4(S5); afterS5(SK); + afterS3(LK); afterS3(S4); afterS4(SK); + } + afterS2(LK); afterS2(S3); afterS3(SK); +} + +#else // TC_MINIMIZE_CODE_SIZE + +static void LKf (unsigned __int32 *k, unsigned int r, unsigned __int32 *a, unsigned __int32 *b, unsigned __int32 *c, unsigned __int32 *d) +{ + *a = k[r]; + *b = k[r + 1]; + *c = k[r + 2]; + *d = k[r + 3]; +} + +static void SKf (unsigned __int32 *k, unsigned int r, unsigned __int32 *a, unsigned __int32 *b, unsigned __int32 *c, unsigned __int32 *d) +{ + k[r + 4] = *a; + k[r + 5] = *b; + k[r + 6] = *c; + k[r + 7] = *d; +} + +void serpent_set_key(const unsigned __int8 userKey[], unsigned __int8 *ks) +{ + unsigned __int32 a,b,c,d,e; + unsigned __int32 *k = (unsigned __int32 *)ks; + unsigned __int32 t; + int i; + + for (i = 0; i < 8; i++) + k[i] = LE32(((unsigned __int32*)userKey)[i]); + + k += 8; + t = k[-1]; + for (i = 0; i < 132; ++i) + k[i] = t = rotlFixed(k[i-8] ^ k[i-5] ^ k[i-3] ^ t ^ 0x9e3779b9 ^ i, 11); + k -= 20; + + for (i=0; i<4; i++) + { + LKf (k, 20, &a, &e, &b, &d); S3f (&a, &e, &b, &d, &c); SKf (k, 16, &e, &b, &d, &c); + LKf (k, 24, &c, &b, &a, &e); S2f (&c, &b, &a, &e, &d); SKf (k, 20, &a, &e, &b, &d); + LKf (k, 28, &b, &e, &c, &a); S1f (&b, &e, &c, &a, &d); SKf (k, 24, &c, &b, &a, &e); + LKf (k, 32, &a, &b, &c, &d); S0f (&a, &b, &c, &d, &e); SKf (k, 28, &b, &e, &c, &a); + k += 8*4; + LKf (k, 4, &a, &c, &d, &b); S7f (&a, &c, &d, &b, &e); SKf (k, 0, &d, &e, &b, &a); + LKf (k, 8, &a, &c, &b, &e); S6f (&a, &c, &b, &e, &d); SKf (k, 4, &a, &c, &d, &b); + LKf (k, 12, &b, &a, &e, &c); S5f (&b, &a, &e, &c, &d); SKf (k, 8, &a, &c, &b, &e); + LKf (k, 16, &e, &b, &d, &c); S4f (&e, &b, &d, &c, &a); SKf (k, 12, &b, &a, &e, &c); + } + LKf (k, 20, &a, &e, &b, &d); S3f (&a, &e, &b, &d, &c); SKf (k, 16, &e, &b, &d, &c); +} + +#endif // TC_MINIMIZE_CODE_SIZE + + +#ifndef TC_MINIMIZE_CODE_SIZE + +void serpent_encrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks) +{ + unsigned __int32 a, b, c, d, e; + unsigned int i=1; + const unsigned __int32 *k = (unsigned __int32 *)ks + 8; + unsigned __int32 *in = (unsigned __int32 *) inBlock; + unsigned __int32 *out = (unsigned __int32 *) outBlock; + + a = LE32(in[0]); + b = LE32(in[1]); + c = LE32(in[2]); + d = LE32(in[3]); + + do + { + beforeS0(KX); beforeS0(S0); afterS0(LT); + afterS0(KX); afterS0(S1); afterS1(LT); + afterS1(KX); afterS1(S2); afterS2(LT); + afterS2(KX); afterS2(S3); afterS3(LT); + afterS3(KX); afterS3(S4); afterS4(LT); + afterS4(KX); afterS4(S5); afterS5(LT); + afterS5(KX); afterS5(S6); afterS6(LT); + afterS6(KX); afterS6(S7); + + if (i == 4) + break; + + ++i; + c = b; + b = e; + e = d; + d = a; + a = e; + k += 32; + beforeS0(LT); + } + while (1); + + afterS7(KX); + + out[0] = LE32(d); + out[1] = LE32(e); + out[2] = LE32(b); + out[3] = LE32(a); +} + +#else // TC_MINIMIZE_CODE_SIZE + +typedef unsigned __int32 uint32; + +static void LTf (uint32 *a, uint32 *b, uint32 *c, uint32 *d) +{ + *a = rotlFixed(*a, 13); + *c = rotlFixed(*c, 3); + *d = rotlFixed(*d ^ *c ^ (*a << 3), 7); + *b = rotlFixed(*b ^ *a ^ *c, 1); + *a = rotlFixed(*a ^ *b ^ *d, 5); + *c = rotlFixed(*c ^ *d ^ (*b << 7), 22); +} + +void serpent_encrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks) +{ + unsigned __int32 a, b, c, d, e; + unsigned int i=1; + const unsigned __int32 *k = (unsigned __int32 *)ks + 8; + unsigned __int32 *in = (unsigned __int32 *) inBlock; + unsigned __int32 *out = (unsigned __int32 *) outBlock; + + a = LE32(in[0]); + b = LE32(in[1]); + c = LE32(in[2]); + d = LE32(in[3]); + + do + { + KXf (k, 0, &a, &b, &c, &d); S0f (&a, &b, &c, &d, &e); LTf (&b, &e, &c, &a); + KXf (k, 4, &b, &e, &c, &a); S1f (&b, &e, &c, &a, &d); LTf (&c, &b, &a, &e); + KXf (k, 8, &c, &b, &a, &e); S2f (&c, &b, &a, &e, &d); LTf (&a, &e, &b, &d); + KXf (k, 12, &a, &e, &b, &d); S3f (&a, &e, &b, &d, &c); LTf (&e, &b, &d, &c); + KXf (k, 16, &e, &b, &d, &c); S4f (&e, &b, &d, &c, &a); LTf (&b, &a, &e, &c); + KXf (k, 20, &b, &a, &e, &c); S5f (&b, &a, &e, &c, &d); LTf (&a, &c, &b, &e); + KXf (k, 24, &a, &c, &b, &e); S6f (&a, &c, &b, &e, &d); LTf (&a, &c, &d, &b); + KXf (k, 28, &a, &c, &d, &b); S7f (&a, &c, &d, &b, &e); + + if (i == 4) + break; + + ++i; + c = b; + b = e; + e = d; + d = a; + a = e; + k += 32; + LTf (&a,&b,&c,&d); + } + while (1); + + KXf (k, 32, &d, &e, &b, &a); + + out[0] = LE32(d); + out[1] = LE32(e); + out[2] = LE32(b); + out[3] = LE32(a); +} + +#endif // TC_MINIMIZE_CODE_SIZE + +#if !defined (TC_MINIMIZE_CODE_SIZE) + +void serpent_decrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks) +{ + unsigned __int32 a, b, c, d, e; + const unsigned __int32 *k = (unsigned __int32 *)ks + 104; + unsigned int i=4; + unsigned __int32 *in = (unsigned __int32 *) inBlock; + unsigned __int32 *out = (unsigned __int32 *) outBlock; + + a = LE32(in[0]); + b = LE32(in[1]); + c = LE32(in[2]); + d = LE32(in[3]); + + beforeI7(KX); + goto start; + + do + { + c = b; + b = d; + d = e; + k -= 32; + beforeI7(ILT); +start: + beforeI7(I7); afterI7(KX); + afterI7(ILT); afterI7(I6); afterI6(KX); + afterI6(ILT); afterI6(I5); afterI5(KX); + afterI5(ILT); afterI5(I4); afterI4(KX); + afterI4(ILT); afterI4(I3); afterI3(KX); + afterI3(ILT); afterI3(I2); afterI2(KX); + afterI2(ILT); afterI2(I1); afterI1(KX); + afterI1(ILT); afterI1(I0); afterI0(KX); + } + while (--i != 0); + + out[0] = LE32(a); + out[1] = LE32(d); + out[2] = LE32(b); + out[3] = LE32(e); +} + +#else // TC_MINIMIZE_CODE_SIZE + +static void ILTf (uint32 *a, uint32 *b, uint32 *c, uint32 *d) +{ + *c = rotrFixed(*c, 22); + *a = rotrFixed(*a, 5); + *c ^= *d ^ (*b << 7); + *a ^= *b ^ *d; + *b = rotrFixed(*b, 1); + *d = rotrFixed(*d, 7) ^ *c ^ (*a << 3); + *b ^= *a ^ *c; + *c = rotrFixed(*c, 3); + *a = rotrFixed(*a, 13); +} + +void serpent_decrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks) +{ + unsigned __int32 a, b, c, d, e; + const unsigned __int32 *k = (unsigned __int32 *)ks + 104; + unsigned int i=4; + unsigned __int32 *in = (unsigned __int32 *) inBlock; + unsigned __int32 *out = (unsigned __int32 *) outBlock; + + a = LE32(in[0]); + b = LE32(in[1]); + c = LE32(in[2]); + d = LE32(in[3]); + + KXf (k, 32, &a, &b, &c, &d); + goto start; + + do + { + c = b; + b = d; + d = e; + k -= 32; + beforeI7(ILT); +start: + beforeI7(I7); KXf (k, 28, &d, &a, &b, &e); + ILTf (&d, &a, &b, &e); afterI7(I6); KXf (k, 24, &a, &b, &c, &e); + ILTf (&a, &b, &c, &e); afterI6(I5); KXf (k, 20, &b, &d, &e, &c); + ILTf (&b, &d, &e, &c); afterI5(I4); KXf (k, 16, &b, &c, &e, &a); + ILTf (&b, &c, &e, &a); afterI4(I3); KXf (k, 12, &a, &b, &e, &c); + ILTf (&a, &b, &e, &c); afterI3(I2); KXf (k, 8, &b, &d, &e, &c); + ILTf (&b, &d, &e, &c); afterI2(I1); KXf (k, 4, &a, &b, &c, &e); + ILTf (&a, &b, &c, &e); afterI1(I0); KXf (k, 0, &a, &d, &b, &e); + } + while (--i != 0); + + out[0] = LE32(a); + out[1] = LE32(d); + out[2] = LE32(b); + out[3] = LE32(e); +} + +#endif // TC_MINIMIZE_CODE_SIZE diff --git a/src/Crypto/Serpent.h b/src/Crypto/Serpent.h index b88ddc4d..0f4ab787 100644 --- a/src/Crypto/Serpent.h +++ b/src/Crypto/Serpent.h @@ -1,20 +1,20 @@ -#ifndef HEADER_Crypto_Serpent -#define HEADER_Crypto_Serpent - -#include "Common/Tcdefs.h" - -#ifdef __cplusplus -extern "C" -{ -#endif - -/* userKey is always 32-bytes long */ -void serpent_set_key(const unsigned __int8 userKey[], unsigned __int8 *ks); -void serpent_encrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks); -void serpent_decrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks); - -#ifdef __cplusplus -} -#endif - -#endif // HEADER_Crypto_Serpent +#ifndef HEADER_Crypto_Serpent +#define HEADER_Crypto_Serpent + +#include "Common/Tcdefs.h" + +#ifdef __cplusplus +extern "C" +{ +#endif + +/* userKey is always 32-bytes long */ +void serpent_set_key(const unsigned __int8 userKey[], unsigned __int8 *ks); +void serpent_encrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks); +void serpent_decrypt(const unsigned __int8 *inBlock, unsigned __int8 *outBlock, unsigned __int8 *ks); + +#ifdef __cplusplus +} +#endif + +#endif // HEADER_Crypto_Serpent diff --git a/src/Crypto/Sha2.c b/src/Crypto/Sha2.c index f1a9850a..02680eb5 100644 --- a/src/Crypto/Sha2.c +++ b/src/Crypto/Sha2.c @@ -1,753 +1,753 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software is allowed (with or without - changes) provided that: - - 1. source code distributions include the above copyright notice, this - list of conditions and the following disclaimer; - - 2. binary distributions include the above copyright notice, this list - of conditions and the following disclaimer in their documentation; - - 3. the name of the copyright holder is not used to endorse products - built using this software without specific written permission. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 01/08/2005 - - This is a byte oriented version of SHA2 that operates on arrays of bytes - stored in memory. This code implements sha256, sha384 and sha512 but the - latter two functions rely on efficient 64-bit integer operations that - may not be very efficient on 32-bit machines - - The sha256 functions use a type 'sha256_ctx' to hold details of the - current hash state and uses the following three calls: - - void sha256_begin(sha256_ctx ctx[1]) - void sha256_hash(const unsigned char data[], - unsigned long len, sha256_ctx ctx[1]) - void sha_end1(unsigned char hval[], sha256_ctx ctx[1]) - - The first subroutine initialises a hash computation by setting up the - context in the sha256_ctx context. The second subroutine hashes 8-bit - bytes from array data[] into the hash state withinh sha256_ctx context, - the number of bytes to be hashed being given by the the unsigned long - integer len. The third subroutine completes the hash calculation and - places the resulting digest value in the array of 8-bit bytes hval[]. - - The sha384 and sha512 functions are similar and use the interfaces: - - void sha384_begin(sha384_ctx ctx[1]); - void sha384_hash(const unsigned char data[], - unsigned long len, sha384_ctx ctx[1]); - void sha384_end(unsigned char hval[], sha384_ctx ctx[1]); - - void sha512_begin(sha512_ctx ctx[1]); - void sha512_hash(const unsigned char data[], - unsigned long len, sha512_ctx ctx[1]); - void sha512_end(unsigned char hval[], sha512_ctx ctx[1]); - - In addition there is a function sha2 that can be used to call all these - functions using a call with a hash length parameter as follows: - - int sha2_begin(unsigned long len, sha2_ctx ctx[1]); - void sha2_hash(const unsigned char data[], - unsigned long len, sha2_ctx ctx[1]); - void sha2_end(unsigned char hval[], sha2_ctx ctx[1]); - - My thanks to Erik Andersen for testing this code - on big-endian systems and for his assistance with corrections -*/ - -#include "Common/Endian.h" -#include "Crypto/misc.h" -#define PLATFORM_BYTE_ORDER BYTE_ORDER -#define IS_LITTLE_ENDIAN LITTLE_ENDIAN - -#if 0 -#define UNROLL_SHA2 /* for SHA2 loop unroll */ -#endif - -#include /* for memcpy() etc. */ - -#include "Sha2.h" - -#if defined(__cplusplus) -extern "C" -{ -#endif - -#if defined( _MSC_VER ) && ( _MSC_VER > 800 ) -#pragma intrinsic(memcpy) -#endif - -#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN) -#define SWAP_BYTES -#else -#undef SWAP_BYTES -#endif - -#if 0 - -#define ch(x,y,z) (((x) & (y)) ^ (~(x) & (z))) -#define maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) - -#else /* Thanks to Rich Schroeppel and Colin Plumb for the following */ - -#define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) -#define maj(x,y,z) (((x) & (y)) | ((z) & ((x) ^ (y)))) - -#endif - -/* round transforms for SHA256 and SHA512 compression functions */ - -#define vf(n,i) v[(n - i) & 7] - -#define hf(i) (p[i & 15] += \ - g_1(p[(i + 14) & 15]) + p[(i + 9) & 15] + g_0(p[(i + 1) & 15])) - -#define v_cycle(i,j) \ - vf(7,i) += (j ? hf(i) : p[i]) + k_0[i+j] \ - + s_1(vf(4,i)) + ch(vf(4,i),vf(5,i),vf(6,i)); \ - vf(3,i) += vf(7,i); \ - vf(7,i) += s_0(vf(0,i))+ maj(vf(0,i),vf(1,i),vf(2,i)) - -#if defined(SHA_224) || defined(SHA_256) - -#define SHA256_MASK (SHA256_BLOCK_SIZE - 1) - -#if defined(SWAP_BYTES) -#define bsw_32(p,n) \ - { int _i = (n); while(_i--) ((uint_32t*)p)[_i] = bswap_32(((uint_32t*)p)[_i]); } -#else -#define bsw_32(p,n) -#endif - -#define s_0(x) (rotr32((x), 2) ^ rotr32((x), 13) ^ rotr32((x), 22)) -#define s_1(x) (rotr32((x), 6) ^ rotr32((x), 11) ^ rotr32((x), 25)) -#define g_0(x) (rotr32((x), 7) ^ rotr32((x), 18) ^ ((x) >> 3)) -#define g_1(x) (rotr32((x), 17) ^ rotr32((x), 19) ^ ((x) >> 10)) -#define k_0 k256 - -/* rotated SHA256 round definition. Rather than swapping variables as in */ -/* FIPS-180, different variables are 'rotated' on each round, returning */ -/* to their starting positions every eight rounds */ - -#define q(n) v##n - -#define one_cycle(a,b,c,d,e,f,g,h,k,w) \ - q(h) += s_1(q(e)) + ch(q(e), q(f), q(g)) + k + w; \ - q(d) += q(h); q(h) += s_0(q(a)) + maj(q(a), q(b), q(c)) - -/* SHA256 mixing data */ - -const uint_32t k256[64] = -{ 0x428a2f98ul, 0x71374491ul, 0xb5c0fbcful, 0xe9b5dba5ul, - 0x3956c25bul, 0x59f111f1ul, 0x923f82a4ul, 0xab1c5ed5ul, - 0xd807aa98ul, 0x12835b01ul, 0x243185beul, 0x550c7dc3ul, - 0x72be5d74ul, 0x80deb1feul, 0x9bdc06a7ul, 0xc19bf174ul, - 0xe49b69c1ul, 0xefbe4786ul, 0x0fc19dc6ul, 0x240ca1ccul, - 0x2de92c6ful, 0x4a7484aaul, 0x5cb0a9dcul, 0x76f988daul, - 0x983e5152ul, 0xa831c66dul, 0xb00327c8ul, 0xbf597fc7ul, - 0xc6e00bf3ul, 0xd5a79147ul, 0x06ca6351ul, 0x14292967ul, - 0x27b70a85ul, 0x2e1b2138ul, 0x4d2c6dfcul, 0x53380d13ul, - 0x650a7354ul, 0x766a0abbul, 0x81c2c92eul, 0x92722c85ul, - 0xa2bfe8a1ul, 0xa81a664bul, 0xc24b8b70ul, 0xc76c51a3ul, - 0xd192e819ul, 0xd6990624ul, 0xf40e3585ul, 0x106aa070ul, - 0x19a4c116ul, 0x1e376c08ul, 0x2748774cul, 0x34b0bcb5ul, - 0x391c0cb3ul, 0x4ed8aa4aul, 0x5b9cca4ful, 0x682e6ff3ul, - 0x748f82eeul, 0x78a5636ful, 0x84c87814ul, 0x8cc70208ul, - 0x90befffaul, 0xa4506cebul, 0xbef9a3f7ul, 0xc67178f2ul, -}; - -/* Compile 64 bytes of hash data into SHA256 digest value */ -/* NOTE: this routine assumes that the byte order in the */ -/* ctx->wbuf[] at this point is such that low address bytes */ -/* in the ORIGINAL byte stream will go into the high end of */ -/* words on BOTH big and little endian systems */ - -VOID_RETURN sha256_compile(sha256_ctx ctx[1]) -{ -#if !defined(UNROLL_SHA2) - - uint_32t j, *p = ctx->wbuf, v[8]; - - memcpy(v, ctx->hash, 8 * sizeof(uint_32t)); - - for(j = 0; j < 64; j += 16) - { - v_cycle( 0, j); v_cycle( 1, j); - v_cycle( 2, j); v_cycle( 3, j); - v_cycle( 4, j); v_cycle( 5, j); - v_cycle( 6, j); v_cycle( 7, j); - v_cycle( 8, j); v_cycle( 9, j); - v_cycle(10, j); v_cycle(11, j); - v_cycle(12, j); v_cycle(13, j); - v_cycle(14, j); v_cycle(15, j); - } - - ctx->hash[0] += v[0]; ctx->hash[1] += v[1]; - ctx->hash[2] += v[2]; ctx->hash[3] += v[3]; - ctx->hash[4] += v[4]; ctx->hash[5] += v[5]; - ctx->hash[6] += v[6]; ctx->hash[7] += v[7]; - -#else - - uint_32t *p = ctx->wbuf,v0,v1,v2,v3,v4,v5,v6,v7; - - v0 = ctx->hash[0]; v1 = ctx->hash[1]; - v2 = ctx->hash[2]; v3 = ctx->hash[3]; - v4 = ctx->hash[4]; v5 = ctx->hash[5]; - v6 = ctx->hash[6]; v7 = ctx->hash[7]; - - one_cycle(0,1,2,3,4,5,6,7,k256[ 0],p[ 0]); - one_cycle(7,0,1,2,3,4,5,6,k256[ 1],p[ 1]); - one_cycle(6,7,0,1,2,3,4,5,k256[ 2],p[ 2]); - one_cycle(5,6,7,0,1,2,3,4,k256[ 3],p[ 3]); - one_cycle(4,5,6,7,0,1,2,3,k256[ 4],p[ 4]); - one_cycle(3,4,5,6,7,0,1,2,k256[ 5],p[ 5]); - one_cycle(2,3,4,5,6,7,0,1,k256[ 6],p[ 6]); - one_cycle(1,2,3,4,5,6,7,0,k256[ 7],p[ 7]); - one_cycle(0,1,2,3,4,5,6,7,k256[ 8],p[ 8]); - one_cycle(7,0,1,2,3,4,5,6,k256[ 9],p[ 9]); - one_cycle(6,7,0,1,2,3,4,5,k256[10],p[10]); - one_cycle(5,6,7,0,1,2,3,4,k256[11],p[11]); - one_cycle(4,5,6,7,0,1,2,3,k256[12],p[12]); - one_cycle(3,4,5,6,7,0,1,2,k256[13],p[13]); - one_cycle(2,3,4,5,6,7,0,1,k256[14],p[14]); - one_cycle(1,2,3,4,5,6,7,0,k256[15],p[15]); - - one_cycle(0,1,2,3,4,5,6,7,k256[16],hf( 0)); - one_cycle(7,0,1,2,3,4,5,6,k256[17],hf( 1)); - one_cycle(6,7,0,1,2,3,4,5,k256[18],hf( 2)); - one_cycle(5,6,7,0,1,2,3,4,k256[19],hf( 3)); - one_cycle(4,5,6,7,0,1,2,3,k256[20],hf( 4)); - one_cycle(3,4,5,6,7,0,1,2,k256[21],hf( 5)); - one_cycle(2,3,4,5,6,7,0,1,k256[22],hf( 6)); - one_cycle(1,2,3,4,5,6,7,0,k256[23],hf( 7)); - one_cycle(0,1,2,3,4,5,6,7,k256[24],hf( 8)); - one_cycle(7,0,1,2,3,4,5,6,k256[25],hf( 9)); - one_cycle(6,7,0,1,2,3,4,5,k256[26],hf(10)); - one_cycle(5,6,7,0,1,2,3,4,k256[27],hf(11)); - one_cycle(4,5,6,7,0,1,2,3,k256[28],hf(12)); - one_cycle(3,4,5,6,7,0,1,2,k256[29],hf(13)); - one_cycle(2,3,4,5,6,7,0,1,k256[30],hf(14)); - one_cycle(1,2,3,4,5,6,7,0,k256[31],hf(15)); - - one_cycle(0,1,2,3,4,5,6,7,k256[32],hf( 0)); - one_cycle(7,0,1,2,3,4,5,6,k256[33],hf( 1)); - one_cycle(6,7,0,1,2,3,4,5,k256[34],hf( 2)); - one_cycle(5,6,7,0,1,2,3,4,k256[35],hf( 3)); - one_cycle(4,5,6,7,0,1,2,3,k256[36],hf( 4)); - one_cycle(3,4,5,6,7,0,1,2,k256[37],hf( 5)); - one_cycle(2,3,4,5,6,7,0,1,k256[38],hf( 6)); - one_cycle(1,2,3,4,5,6,7,0,k256[39],hf( 7)); - one_cycle(0,1,2,3,4,5,6,7,k256[40],hf( 8)); - one_cycle(7,0,1,2,3,4,5,6,k256[41],hf( 9)); - one_cycle(6,7,0,1,2,3,4,5,k256[42],hf(10)); - one_cycle(5,6,7,0,1,2,3,4,k256[43],hf(11)); - one_cycle(4,5,6,7,0,1,2,3,k256[44],hf(12)); - one_cycle(3,4,5,6,7,0,1,2,k256[45],hf(13)); - one_cycle(2,3,4,5,6,7,0,1,k256[46],hf(14)); - one_cycle(1,2,3,4,5,6,7,0,k256[47],hf(15)); - - one_cycle(0,1,2,3,4,5,6,7,k256[48],hf( 0)); - one_cycle(7,0,1,2,3,4,5,6,k256[49],hf( 1)); - one_cycle(6,7,0,1,2,3,4,5,k256[50],hf( 2)); - one_cycle(5,6,7,0,1,2,3,4,k256[51],hf( 3)); - one_cycle(4,5,6,7,0,1,2,3,k256[52],hf( 4)); - one_cycle(3,4,5,6,7,0,1,2,k256[53],hf( 5)); - one_cycle(2,3,4,5,6,7,0,1,k256[54],hf( 6)); - one_cycle(1,2,3,4,5,6,7,0,k256[55],hf( 7)); - one_cycle(0,1,2,3,4,5,6,7,k256[56],hf( 8)); - one_cycle(7,0,1,2,3,4,5,6,k256[57],hf( 9)); - one_cycle(6,7,0,1,2,3,4,5,k256[58],hf(10)); - one_cycle(5,6,7,0,1,2,3,4,k256[59],hf(11)); - one_cycle(4,5,6,7,0,1,2,3,k256[60],hf(12)); - one_cycle(3,4,5,6,7,0,1,2,k256[61],hf(13)); - one_cycle(2,3,4,5,6,7,0,1,k256[62],hf(14)); - one_cycle(1,2,3,4,5,6,7,0,k256[63],hf(15)); - - ctx->hash[0] += v0; ctx->hash[1] += v1; - ctx->hash[2] += v2; ctx->hash[3] += v3; - ctx->hash[4] += v4; ctx->hash[5] += v5; - ctx->hash[6] += v6; ctx->hash[7] += v7; -#endif -} - -/* SHA256 hash data in an array of bytes into hash buffer */ -/* and call the hash_compile function as required. */ - -VOID_RETURN sha256_hash(const unsigned char data[], unsigned long len, sha256_ctx ctx[1]) -{ uint_32t pos = (uint_32t)(ctx->count[0] & SHA256_MASK), - space = SHA256_BLOCK_SIZE - pos; - const unsigned char *sp = data; - - if((ctx->count[0] += len) < len) - ++(ctx->count[1]); - - while(len >= space) /* tranfer whole blocks while possible */ - { - memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space); - sp += space; len -= space; space = SHA256_BLOCK_SIZE; pos = 0; - bsw_32(ctx->wbuf, SHA256_BLOCK_SIZE >> 2) - sha256_compile(ctx); - } - - memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len); -} - -/* SHA256 Final padding and digest calculation */ - -static void sha_end1(unsigned char hval[], sha256_ctx ctx[1], const unsigned int hlen) -{ uint_32t i = (uint_32t)(ctx->count[0] & SHA256_MASK); - - /* put bytes in the buffer in an order in which references to */ - /* 32-bit words will put bytes with lower addresses into the */ - /* top of 32 bit words on BOTH big and little endian machines */ - bsw_32(ctx->wbuf, (i + 3) >> 2) - - /* we now need to mask valid bytes and add the padding which is */ - /* a single 1 bit and as many zero bits as necessary. Note that */ - /* we can always add the first padding byte here because the */ - /* buffer always has at least one empty slot */ - ctx->wbuf[i >> 2] &= 0xffffff80 << 8 * (~i & 3); - ctx->wbuf[i >> 2] |= 0x00000080 << 8 * (~i & 3); - - /* we need 9 or more empty positions, one for the padding byte */ - /* (above) and eight for the length count. If there is not */ - /* enough space pad and empty the buffer */ - if(i > SHA256_BLOCK_SIZE - 9) - { - if(i < 60) ctx->wbuf[15] = 0; - sha256_compile(ctx); - i = 0; - } - else /* compute a word index for the empty buffer positions */ - i = (i >> 2) + 1; - - while(i < 14) /* and zero pad all but last two positions */ - ctx->wbuf[i++] = 0; - - /* the following 32-bit length fields are assembled in the */ - /* wrong byte order on little endian machines but this is */ - /* corrected later since they are only ever used as 32-bit */ - /* word values. */ - ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 29); - ctx->wbuf[15] = ctx->count[0] << 3; - sha256_compile(ctx); - - /* extract the hash value as bytes in case the hash buffer is */ - /* mislaigned for 32-bit words */ - for(i = 0; i < hlen; ++i) - hval[i] = (unsigned char)(ctx->hash[i >> 2] >> (8 * (~i & 3))); -} - -#endif - -#if defined(SHA_224) - -const uint_32t i224[8] = -{ - 0xc1059ed8ul, 0x367cd507ul, 0x3070dd17ul, 0xf70e5939ul, - 0xffc00b31ul, 0x68581511ul, 0x64f98fa7ul, 0xbefa4fa4ul -}; - -VOID_RETURN sha224_begin(sha224_ctx ctx[1]) -{ - ctx->count[0] = ctx->count[1] = 0; - memcpy(ctx->hash, i224, 8 * sizeof(uint_32t)); -} - -VOID_RETURN sha224_end(unsigned char hval[], sha224_ctx ctx[1]) -{ - sha_end1(hval, ctx, SHA224_DIGEST_SIZE); -} - -VOID_RETURN sha224(unsigned char hval[], const unsigned char data[], unsigned long len) -{ sha224_ctx cx[1]; - - sha224_begin(cx); - sha224_hash(data, len, cx); - sha_end1(hval, cx, SHA224_DIGEST_SIZE); -} - -#endif - -#if defined(SHA_256) - -const uint_32t i256[8] = -{ - 0x6a09e667ul, 0xbb67ae85ul, 0x3c6ef372ul, 0xa54ff53aul, - 0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul -}; - -VOID_RETURN sha256_begin(sha256_ctx ctx[1]) -{ - ctx->count[0] = ctx->count[1] = 0; - memcpy(ctx->hash, i256, 8 * sizeof(uint_32t)); -} - -VOID_RETURN sha256_end(unsigned char hval[], sha256_ctx ctx[1]) -{ - sha_end1(hval, ctx, SHA256_DIGEST_SIZE); -} - -VOID_RETURN sha256(unsigned char hval[], const unsigned char data[], unsigned long len) -{ sha256_ctx cx[1]; - - sha256_begin(cx); - sha256_hash(data, len, cx); - sha_end1(hval, cx, SHA256_DIGEST_SIZE); -} - -#endif - -#if defined(SHA_384) || defined(SHA_512) - -#define SHA512_MASK (SHA512_BLOCK_SIZE - 1) - -#if defined(SWAP_BYTES) -#define bsw_64(p,n) \ - { int _i = (n); while(_i--) ((uint_64t*)p)[_i] = bswap_64(((uint_64t*)p)[_i]); } -#else -#define bsw_64(p,n) -#endif - -/* SHA512 mixing function definitions */ - -#ifdef s_0 -# undef s_0 -# undef s_1 -# undef g_0 -# undef g_1 -# undef k_0 -#endif - -#define s_0(x) (rotr64((x), 28) ^ rotr64((x), 34) ^ rotr64((x), 39)) -#define s_1(x) (rotr64((x), 14) ^ rotr64((x), 18) ^ rotr64((x), 41)) -#define g_0(x) (rotr64((x), 1) ^ rotr64((x), 8) ^ ((x) >> 7)) -#define g_1(x) (rotr64((x), 19) ^ rotr64((x), 61) ^ ((x) >> 6)) -#define k_0 k512 - -/* SHA384/SHA512 mixing data */ - -const uint_64t k512[80] = -{ - li_64(428a2f98d728ae22), li_64(7137449123ef65cd), - li_64(b5c0fbcfec4d3b2f), li_64(e9b5dba58189dbbc), - li_64(3956c25bf348b538), li_64(59f111f1b605d019), - li_64(923f82a4af194f9b), li_64(ab1c5ed5da6d8118), - li_64(d807aa98a3030242), li_64(12835b0145706fbe), - li_64(243185be4ee4b28c), li_64(550c7dc3d5ffb4e2), - li_64(72be5d74f27b896f), li_64(80deb1fe3b1696b1), - li_64(9bdc06a725c71235), li_64(c19bf174cf692694), - li_64(e49b69c19ef14ad2), li_64(efbe4786384f25e3), - li_64(0fc19dc68b8cd5b5), li_64(240ca1cc77ac9c65), - li_64(2de92c6f592b0275), li_64(4a7484aa6ea6e483), - li_64(5cb0a9dcbd41fbd4), li_64(76f988da831153b5), - li_64(983e5152ee66dfab), li_64(a831c66d2db43210), - li_64(b00327c898fb213f), li_64(bf597fc7beef0ee4), - li_64(c6e00bf33da88fc2), li_64(d5a79147930aa725), - li_64(06ca6351e003826f), li_64(142929670a0e6e70), - li_64(27b70a8546d22ffc), li_64(2e1b21385c26c926), - li_64(4d2c6dfc5ac42aed), li_64(53380d139d95b3df), - li_64(650a73548baf63de), li_64(766a0abb3c77b2a8), - li_64(81c2c92e47edaee6), li_64(92722c851482353b), - li_64(a2bfe8a14cf10364), li_64(a81a664bbc423001), - li_64(c24b8b70d0f89791), li_64(c76c51a30654be30), - li_64(d192e819d6ef5218), li_64(d69906245565a910), - li_64(f40e35855771202a), li_64(106aa07032bbd1b8), - li_64(19a4c116b8d2d0c8), li_64(1e376c085141ab53), - li_64(2748774cdf8eeb99), li_64(34b0bcb5e19b48a8), - li_64(391c0cb3c5c95a63), li_64(4ed8aa4ae3418acb), - li_64(5b9cca4f7763e373), li_64(682e6ff3d6b2b8a3), - li_64(748f82ee5defb2fc), li_64(78a5636f43172f60), - li_64(84c87814a1f0ab72), li_64(8cc702081a6439ec), - li_64(90befffa23631e28), li_64(a4506cebde82bde9), - li_64(bef9a3f7b2c67915), li_64(c67178f2e372532b), - li_64(ca273eceea26619c), li_64(d186b8c721c0c207), - li_64(eada7dd6cde0eb1e), li_64(f57d4f7fee6ed178), - li_64(06f067aa72176fba), li_64(0a637dc5a2c898a6), - li_64(113f9804bef90dae), li_64(1b710b35131c471b), - li_64(28db77f523047d84), li_64(32caab7b40c72493), - li_64(3c9ebe0a15c9bebc), li_64(431d67c49c100d4c), - li_64(4cc5d4becb3e42b6), li_64(597f299cfc657e2a), - li_64(5fcb6fab3ad6faec), li_64(6c44198c4a475817) -}; - -/* Compile 128 bytes of hash data into SHA384/512 digest */ -/* NOTE: this routine assumes that the byte order in the */ -/* ctx->wbuf[] at this point is such that low address bytes */ -/* in the ORIGINAL byte stream will go into the high end of */ -/* words on BOTH big and little endian systems */ - -VOID_RETURN sha512_compile(sha512_ctx ctx[1]) -{ uint_64t v[8], *p = ctx->wbuf; - uint_32t j; - - memcpy(v, ctx->hash, 8 * sizeof(uint_64t)); - - for(j = 0; j < 80; j += 16) - { - v_cycle( 0, j); v_cycle( 1, j); - v_cycle( 2, j); v_cycle( 3, j); - v_cycle( 4, j); v_cycle( 5, j); - v_cycle( 6, j); v_cycle( 7, j); - v_cycle( 8, j); v_cycle( 9, j); - v_cycle(10, j); v_cycle(11, j); - v_cycle(12, j); v_cycle(13, j); - v_cycle(14, j); v_cycle(15, j); - } - - ctx->hash[0] += v[0]; ctx->hash[1] += v[1]; - ctx->hash[2] += v[2]; ctx->hash[3] += v[3]; - ctx->hash[4] += v[4]; ctx->hash[5] += v[5]; - ctx->hash[6] += v[6]; ctx->hash[7] += v[7]; -} - -/* Compile 128 bytes of hash data into SHA256 digest value */ -/* NOTE: this routine assumes that the byte order in the */ -/* ctx->wbuf[] at this point is in such an order that low */ -/* address bytes in the ORIGINAL byte stream placed in this */ -/* buffer will now go to the high end of words on BOTH big */ -/* and little endian systems */ - -VOID_RETURN sha512_hash(const unsigned char data[], unsigned long len, sha512_ctx ctx[1]) -{ uint_32t pos = (uint_32t)(ctx->count[0] & SHA512_MASK), - space = SHA512_BLOCK_SIZE - pos; - const unsigned char *sp = data; - - if((ctx->count[0] += len) < len) - ++(ctx->count[1]); - - while(len >= space) /* tranfer whole blocks while possible */ - { - memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space); - sp += space; len -= space; space = SHA512_BLOCK_SIZE; pos = 0; - bsw_64(ctx->wbuf, SHA512_BLOCK_SIZE >> 3); - sha512_compile(ctx); - } - - memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len); -} - -/* SHA384/512 Final padding and digest calculation */ - -static void sha_end2(unsigned char hval[], sha512_ctx ctx[1], const unsigned int hlen) -{ uint_32t i = (uint_32t)(ctx->count[0] & SHA512_MASK); - - /* put bytes in the buffer in an order in which references to */ - /* 32-bit words will put bytes with lower addresses into the */ - /* top of 32 bit words on BOTH big and little endian machines */ - bsw_64(ctx->wbuf, (i + 7) >> 3); - - /* we now need to mask valid bytes and add the padding which is */ - /* a single 1 bit and as many zero bits as necessary. Note that */ - /* we can always add the first padding byte here because the */ - /* buffer always has at least one empty slot */ - ctx->wbuf[i >> 3] &= li_64(ffffffffffffff00) << 8 * (~i & 7); - ctx->wbuf[i >> 3] |= li_64(0000000000000080) << 8 * (~i & 7); - - /* we need 17 or more empty byte positions, one for the padding */ - /* byte (above) and sixteen for the length count. If there is */ - /* not enough space pad and empty the buffer */ - if(i > SHA512_BLOCK_SIZE - 17) - { - if(i < 120) ctx->wbuf[15] = 0; - sha512_compile(ctx); - i = 0; - } - else - i = (i >> 3) + 1; - - while(i < 14) - ctx->wbuf[i++] = 0; - - /* the following 64-bit length fields are assembled in the */ - /* wrong byte order on little endian machines but this is */ - /* corrected later since they are only ever used as 64-bit */ - /* word values. */ - ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 61); - ctx->wbuf[15] = ctx->count[0] << 3; - sha512_compile(ctx); - - /* extract the hash value as bytes in case the hash buffer is */ - /* misaligned for 32-bit words */ - for(i = 0; i < hlen; ++i) - hval[i] = (unsigned char)(ctx->hash[i >> 3] >> (8 * (~i & 7))); -} - -#endif - -#if defined(SHA_384) - -/* SHA384 initialisation data */ - -const uint_64t i384[80] = -{ - li_64(cbbb9d5dc1059ed8), li_64(629a292a367cd507), - li_64(9159015a3070dd17), li_64(152fecd8f70e5939), - li_64(67332667ffc00b31), li_64(8eb44a8768581511), - li_64(db0c2e0d64f98fa7), li_64(47b5481dbefa4fa4) -}; - -VOID_RETURN sha384_begin(sha384_ctx ctx[1]) -{ - ctx->count[0] = ctx->count[1] = 0; - memcpy(ctx->hash, i384, 8 * sizeof(uint_64t)); -} - -VOID_RETURN sha384_end(unsigned char hval[], sha384_ctx ctx[1]) -{ - sha_end2(hval, ctx, SHA384_DIGEST_SIZE); -} - -VOID_RETURN sha384(unsigned char hval[], const unsigned char data[], unsigned long len) -{ sha384_ctx cx[1]; - - sha384_begin(cx); - sha384_hash(data, len, cx); - sha_end2(hval, cx, SHA384_DIGEST_SIZE); -} - -#endif - -#if defined(SHA_512) - -/* SHA512 initialisation data */ - -const uint_64t i512[80] = -{ - li_64(6a09e667f3bcc908), li_64(bb67ae8584caa73b), - li_64(3c6ef372fe94f82b), li_64(a54ff53a5f1d36f1), - li_64(510e527fade682d1), li_64(9b05688c2b3e6c1f), - li_64(1f83d9abfb41bd6b), li_64(5be0cd19137e2179) -}; - -VOID_RETURN sha512_begin(sha512_ctx ctx[1]) -{ - ctx->count[0] = ctx->count[1] = 0; - memcpy(ctx->hash, i512, 8 * sizeof(uint_64t)); -} - -VOID_RETURN sha512_end(unsigned char hval[], sha512_ctx ctx[1]) -{ - sha_end2(hval, ctx, SHA512_DIGEST_SIZE); -} - -VOID_RETURN sha512(unsigned char hval[], const unsigned char data[], unsigned long len) -{ sha512_ctx cx[1]; - - sha512_begin(cx); - sha512_hash(data, len, cx); - sha_end2(hval, cx, SHA512_DIGEST_SIZE); -} - -#endif - -#if defined(SHA_2) - -#define CTX_224(x) ((x)->uu->ctx256) -#define CTX_256(x) ((x)->uu->ctx256) -#define CTX_384(x) ((x)->uu->ctx512) -#define CTX_512(x) ((x)->uu->ctx512) - -/* SHA2 initialisation */ - -INT_RETURN sha2_begin(unsigned long len, sha2_ctx ctx[1]) -{ - switch(len) - { -#if defined(SHA_224) - case 224: - case 28: CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0; - memcpy(CTX_256(ctx)->hash, i224, 32); - ctx->sha2_len = 28; return EXIT_SUCCESS; -#endif -#if defined(SHA_256) - case 256: - case 32: CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0; - memcpy(CTX_256(ctx)->hash, i256, 32); - ctx->sha2_len = 32; return EXIT_SUCCESS; -#endif -#if defined(SHA_384) - case 384: - case 48: CTX_384(ctx)->count[0] = CTX_384(ctx)->count[1] = 0; - memcpy(CTX_384(ctx)->hash, i384, 64); - ctx->sha2_len = 48; return EXIT_SUCCESS; -#endif -#if defined(SHA_512) - case 512: - case 64: CTX_512(ctx)->count[0] = CTX_512(ctx)->count[1] = 0; - memcpy(CTX_512(ctx)->hash, i512, 64); - ctx->sha2_len = 64; return EXIT_SUCCESS; -#endif - default: return EXIT_FAILURE; - } -} - -VOID_RETURN sha2_hash(const unsigned char data[], unsigned long len, sha2_ctx ctx[1]) -{ - switch(ctx->sha2_len) - { -#if defined(SHA_224) - case 28: sha224_hash(data, len, CTX_224(ctx)); return; -#endif -#if defined(SHA_256) - case 32: sha256_hash(data, len, CTX_256(ctx)); return; -#endif -#if defined(SHA_384) - case 48: sha384_hash(data, len, CTX_384(ctx)); return; -#endif -#if defined(SHA_512) - case 64: sha512_hash(data, len, CTX_512(ctx)); return; -#endif - } -} - -VOID_RETURN sha2_end(unsigned char hval[], sha2_ctx ctx[1]) -{ - switch(ctx->sha2_len) - { -#if defined(SHA_224) - case 28: sha_end1(hval, CTX_224(ctx), SHA224_DIGEST_SIZE); return; -#endif -#if defined(SHA_256) - case 32: sha_end1(hval, CTX_256(ctx), SHA256_DIGEST_SIZE); return; -#endif -#if defined(SHA_384) - case 48: sha_end2(hval, CTX_384(ctx), SHA384_DIGEST_SIZE); return; -#endif -#if defined(SHA_512) - case 64: sha_end2(hval, CTX_512(ctx), SHA512_DIGEST_SIZE); return; -#endif - } -} - -INT_RETURN sha2(unsigned char hval[], unsigned long size, - const unsigned char data[], unsigned long len) -{ sha2_ctx cx[1]; - - if(sha2_begin(size, cx) == EXIT_SUCCESS) - { - sha2_hash(data, len, cx); sha2_end(hval, cx); return EXIT_SUCCESS; - } - else - return EXIT_FAILURE; -} - -#endif - -#if defined(__cplusplus) -} -#endif +/* + --------------------------------------------------------------------------- + Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 01/08/2005 + + This is a byte oriented version of SHA2 that operates on arrays of bytes + stored in memory. This code implements sha256, sha384 and sha512 but the + latter two functions rely on efficient 64-bit integer operations that + may not be very efficient on 32-bit machines + + The sha256 functions use a type 'sha256_ctx' to hold details of the + current hash state and uses the following three calls: + + void sha256_begin(sha256_ctx ctx[1]) + void sha256_hash(const unsigned char data[], + unsigned long len, sha256_ctx ctx[1]) + void sha_end1(unsigned char hval[], sha256_ctx ctx[1]) + + The first subroutine initialises a hash computation by setting up the + context in the sha256_ctx context. The second subroutine hashes 8-bit + bytes from array data[] into the hash state withinh sha256_ctx context, + the number of bytes to be hashed being given by the the unsigned long + integer len. The third subroutine completes the hash calculation and + places the resulting digest value in the array of 8-bit bytes hval[]. + + The sha384 and sha512 functions are similar and use the interfaces: + + void sha384_begin(sha384_ctx ctx[1]); + void sha384_hash(const unsigned char data[], + unsigned long len, sha384_ctx ctx[1]); + void sha384_end(unsigned char hval[], sha384_ctx ctx[1]); + + void sha512_begin(sha512_ctx ctx[1]); + void sha512_hash(const unsigned char data[], + unsigned long len, sha512_ctx ctx[1]); + void sha512_end(unsigned char hval[], sha512_ctx ctx[1]); + + In addition there is a function sha2 that can be used to call all these + functions using a call with a hash length parameter as follows: + + int sha2_begin(unsigned long len, sha2_ctx ctx[1]); + void sha2_hash(const unsigned char data[], + unsigned long len, sha2_ctx ctx[1]); + void sha2_end(unsigned char hval[], sha2_ctx ctx[1]); + + My thanks to Erik Andersen for testing this code + on big-endian systems and for his assistance with corrections +*/ + +#include "Common/Endian.h" +#include "Crypto/misc.h" +#define PLATFORM_BYTE_ORDER BYTE_ORDER +#define IS_LITTLE_ENDIAN LITTLE_ENDIAN + +#if 0 +#define UNROLL_SHA2 /* for SHA2 loop unroll */ +#endif + +#include /* for memcpy() etc. */ + +#include "Sha2.h" + +#if defined(__cplusplus) +extern "C" +{ +#endif + +#if defined( _MSC_VER ) && ( _MSC_VER > 800 ) +#pragma intrinsic(memcpy) +#endif + +#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN) +#define SWAP_BYTES +#else +#undef SWAP_BYTES +#endif + +#if 0 + +#define ch(x,y,z) (((x) & (y)) ^ (~(x) & (z))) +#define maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) + +#else /* Thanks to Rich Schroeppel and Colin Plumb for the following */ + +#define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) +#define maj(x,y,z) (((x) & (y)) | ((z) & ((x) ^ (y)))) + +#endif + +/* round transforms for SHA256 and SHA512 compression functions */ + +#define vf(n,i) v[(n - i) & 7] + +#define hf(i) (p[i & 15] += \ + g_1(p[(i + 14) & 15]) + p[(i + 9) & 15] + g_0(p[(i + 1) & 15])) + +#define v_cycle(i,j) \ + vf(7,i) += (j ? hf(i) : p[i]) + k_0[i+j] \ + + s_1(vf(4,i)) + ch(vf(4,i),vf(5,i),vf(6,i)); \ + vf(3,i) += vf(7,i); \ + vf(7,i) += s_0(vf(0,i))+ maj(vf(0,i),vf(1,i),vf(2,i)) + +#if defined(SHA_224) || defined(SHA_256) + +#define SHA256_MASK (SHA256_BLOCK_SIZE - 1) + +#if defined(SWAP_BYTES) +#define bsw_32(p,n) \ + { int _i = (n); while(_i--) ((uint_32t*)p)[_i] = bswap_32(((uint_32t*)p)[_i]); } +#else +#define bsw_32(p,n) +#endif + +#define s_0(x) (rotr32((x), 2) ^ rotr32((x), 13) ^ rotr32((x), 22)) +#define s_1(x) (rotr32((x), 6) ^ rotr32((x), 11) ^ rotr32((x), 25)) +#define g_0(x) (rotr32((x), 7) ^ rotr32((x), 18) ^ ((x) >> 3)) +#define g_1(x) (rotr32((x), 17) ^ rotr32((x), 19) ^ ((x) >> 10)) +#define k_0 k256 + +/* rotated SHA256 round definition. Rather than swapping variables as in */ +/* FIPS-180, different variables are 'rotated' on each round, returning */ +/* to their starting positions every eight rounds */ + +#define q(n) v##n + +#define one_cycle(a,b,c,d,e,f,g,h,k,w) \ + q(h) += s_1(q(e)) + ch(q(e), q(f), q(g)) + k + w; \ + q(d) += q(h); q(h) += s_0(q(a)) + maj(q(a), q(b), q(c)) + +/* SHA256 mixing data */ + +const uint_32t k256[64] = +{ 0x428a2f98ul, 0x71374491ul, 0xb5c0fbcful, 0xe9b5dba5ul, + 0x3956c25bul, 0x59f111f1ul, 0x923f82a4ul, 0xab1c5ed5ul, + 0xd807aa98ul, 0x12835b01ul, 0x243185beul, 0x550c7dc3ul, + 0x72be5d74ul, 0x80deb1feul, 0x9bdc06a7ul, 0xc19bf174ul, + 0xe49b69c1ul, 0xefbe4786ul, 0x0fc19dc6ul, 0x240ca1ccul, + 0x2de92c6ful, 0x4a7484aaul, 0x5cb0a9dcul, 0x76f988daul, + 0x983e5152ul, 0xa831c66dul, 0xb00327c8ul, 0xbf597fc7ul, + 0xc6e00bf3ul, 0xd5a79147ul, 0x06ca6351ul, 0x14292967ul, + 0x27b70a85ul, 0x2e1b2138ul, 0x4d2c6dfcul, 0x53380d13ul, + 0x650a7354ul, 0x766a0abbul, 0x81c2c92eul, 0x92722c85ul, + 0xa2bfe8a1ul, 0xa81a664bul, 0xc24b8b70ul, 0xc76c51a3ul, + 0xd192e819ul, 0xd6990624ul, 0xf40e3585ul, 0x106aa070ul, + 0x19a4c116ul, 0x1e376c08ul, 0x2748774cul, 0x34b0bcb5ul, + 0x391c0cb3ul, 0x4ed8aa4aul, 0x5b9cca4ful, 0x682e6ff3ul, + 0x748f82eeul, 0x78a5636ful, 0x84c87814ul, 0x8cc70208ul, + 0x90befffaul, 0xa4506cebul, 0xbef9a3f7ul, 0xc67178f2ul, +}; + +/* Compile 64 bytes of hash data into SHA256 digest value */ +/* NOTE: this routine assumes that the byte order in the */ +/* ctx->wbuf[] at this point is such that low address bytes */ +/* in the ORIGINAL byte stream will go into the high end of */ +/* words on BOTH big and little endian systems */ + +VOID_RETURN sha256_compile(sha256_ctx ctx[1]) +{ +#if !defined(UNROLL_SHA2) + + uint_32t j, *p = ctx->wbuf, v[8]; + + memcpy(v, ctx->hash, 8 * sizeof(uint_32t)); + + for(j = 0; j < 64; j += 16) + { + v_cycle( 0, j); v_cycle( 1, j); + v_cycle( 2, j); v_cycle( 3, j); + v_cycle( 4, j); v_cycle( 5, j); + v_cycle( 6, j); v_cycle( 7, j); + v_cycle( 8, j); v_cycle( 9, j); + v_cycle(10, j); v_cycle(11, j); + v_cycle(12, j); v_cycle(13, j); + v_cycle(14, j); v_cycle(15, j); + } + + ctx->hash[0] += v[0]; ctx->hash[1] += v[1]; + ctx->hash[2] += v[2]; ctx->hash[3] += v[3]; + ctx->hash[4] += v[4]; ctx->hash[5] += v[5]; + ctx->hash[6] += v[6]; ctx->hash[7] += v[7]; + +#else + + uint_32t *p = ctx->wbuf,v0,v1,v2,v3,v4,v5,v6,v7; + + v0 = ctx->hash[0]; v1 = ctx->hash[1]; + v2 = ctx->hash[2]; v3 = ctx->hash[3]; + v4 = ctx->hash[4]; v5 = ctx->hash[5]; + v6 = ctx->hash[6]; v7 = ctx->hash[7]; + + one_cycle(0,1,2,3,4,5,6,7,k256[ 0],p[ 0]); + one_cycle(7,0,1,2,3,4,5,6,k256[ 1],p[ 1]); + one_cycle(6,7,0,1,2,3,4,5,k256[ 2],p[ 2]); + one_cycle(5,6,7,0,1,2,3,4,k256[ 3],p[ 3]); + one_cycle(4,5,6,7,0,1,2,3,k256[ 4],p[ 4]); + one_cycle(3,4,5,6,7,0,1,2,k256[ 5],p[ 5]); + one_cycle(2,3,4,5,6,7,0,1,k256[ 6],p[ 6]); + one_cycle(1,2,3,4,5,6,7,0,k256[ 7],p[ 7]); + one_cycle(0,1,2,3,4,5,6,7,k256[ 8],p[ 8]); + one_cycle(7,0,1,2,3,4,5,6,k256[ 9],p[ 9]); + one_cycle(6,7,0,1,2,3,4,5,k256[10],p[10]); + one_cycle(5,6,7,0,1,2,3,4,k256[11],p[11]); + one_cycle(4,5,6,7,0,1,2,3,k256[12],p[12]); + one_cycle(3,4,5,6,7,0,1,2,k256[13],p[13]); + one_cycle(2,3,4,5,6,7,0,1,k256[14],p[14]); + one_cycle(1,2,3,4,5,6,7,0,k256[15],p[15]); + + one_cycle(0,1,2,3,4,5,6,7,k256[16],hf( 0)); + one_cycle(7,0,1,2,3,4,5,6,k256[17],hf( 1)); + one_cycle(6,7,0,1,2,3,4,5,k256[18],hf( 2)); + one_cycle(5,6,7,0,1,2,3,4,k256[19],hf( 3)); + one_cycle(4,5,6,7,0,1,2,3,k256[20],hf( 4)); + one_cycle(3,4,5,6,7,0,1,2,k256[21],hf( 5)); + one_cycle(2,3,4,5,6,7,0,1,k256[22],hf( 6)); + one_cycle(1,2,3,4,5,6,7,0,k256[23],hf( 7)); + one_cycle(0,1,2,3,4,5,6,7,k256[24],hf( 8)); + one_cycle(7,0,1,2,3,4,5,6,k256[25],hf( 9)); + one_cycle(6,7,0,1,2,3,4,5,k256[26],hf(10)); + one_cycle(5,6,7,0,1,2,3,4,k256[27],hf(11)); + one_cycle(4,5,6,7,0,1,2,3,k256[28],hf(12)); + one_cycle(3,4,5,6,7,0,1,2,k256[29],hf(13)); + one_cycle(2,3,4,5,6,7,0,1,k256[30],hf(14)); + one_cycle(1,2,3,4,5,6,7,0,k256[31],hf(15)); + + one_cycle(0,1,2,3,4,5,6,7,k256[32],hf( 0)); + one_cycle(7,0,1,2,3,4,5,6,k256[33],hf( 1)); + one_cycle(6,7,0,1,2,3,4,5,k256[34],hf( 2)); + one_cycle(5,6,7,0,1,2,3,4,k256[35],hf( 3)); + one_cycle(4,5,6,7,0,1,2,3,k256[36],hf( 4)); + one_cycle(3,4,5,6,7,0,1,2,k256[37],hf( 5)); + one_cycle(2,3,4,5,6,7,0,1,k256[38],hf( 6)); + one_cycle(1,2,3,4,5,6,7,0,k256[39],hf( 7)); + one_cycle(0,1,2,3,4,5,6,7,k256[40],hf( 8)); + one_cycle(7,0,1,2,3,4,5,6,k256[41],hf( 9)); + one_cycle(6,7,0,1,2,3,4,5,k256[42],hf(10)); + one_cycle(5,6,7,0,1,2,3,4,k256[43],hf(11)); + one_cycle(4,5,6,7,0,1,2,3,k256[44],hf(12)); + one_cycle(3,4,5,6,7,0,1,2,k256[45],hf(13)); + one_cycle(2,3,4,5,6,7,0,1,k256[46],hf(14)); + one_cycle(1,2,3,4,5,6,7,0,k256[47],hf(15)); + + one_cycle(0,1,2,3,4,5,6,7,k256[48],hf( 0)); + one_cycle(7,0,1,2,3,4,5,6,k256[49],hf( 1)); + one_cycle(6,7,0,1,2,3,4,5,k256[50],hf( 2)); + one_cycle(5,6,7,0,1,2,3,4,k256[51],hf( 3)); + one_cycle(4,5,6,7,0,1,2,3,k256[52],hf( 4)); + one_cycle(3,4,5,6,7,0,1,2,k256[53],hf( 5)); + one_cycle(2,3,4,5,6,7,0,1,k256[54],hf( 6)); + one_cycle(1,2,3,4,5,6,7,0,k256[55],hf( 7)); + one_cycle(0,1,2,3,4,5,6,7,k256[56],hf( 8)); + one_cycle(7,0,1,2,3,4,5,6,k256[57],hf( 9)); + one_cycle(6,7,0,1,2,3,4,5,k256[58],hf(10)); + one_cycle(5,6,7,0,1,2,3,4,k256[59],hf(11)); + one_cycle(4,5,6,7,0,1,2,3,k256[60],hf(12)); + one_cycle(3,4,5,6,7,0,1,2,k256[61],hf(13)); + one_cycle(2,3,4,5,6,7,0,1,k256[62],hf(14)); + one_cycle(1,2,3,4,5,6,7,0,k256[63],hf(15)); + + ctx->hash[0] += v0; ctx->hash[1] += v1; + ctx->hash[2] += v2; ctx->hash[3] += v3; + ctx->hash[4] += v4; ctx->hash[5] += v5; + ctx->hash[6] += v6; ctx->hash[7] += v7; +#endif +} + +/* SHA256 hash data in an array of bytes into hash buffer */ +/* and call the hash_compile function as required. */ + +VOID_RETURN sha256_hash(const unsigned char data[], unsigned long len, sha256_ctx ctx[1]) +{ uint_32t pos = (uint_32t)(ctx->count[0] & SHA256_MASK), + space = SHA256_BLOCK_SIZE - pos; + const unsigned char *sp = data; + + if((ctx->count[0] += len) < len) + ++(ctx->count[1]); + + while(len >= space) /* tranfer whole blocks while possible */ + { + memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space); + sp += space; len -= space; space = SHA256_BLOCK_SIZE; pos = 0; + bsw_32(ctx->wbuf, SHA256_BLOCK_SIZE >> 2) + sha256_compile(ctx); + } + + memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len); +} + +/* SHA256 Final padding and digest calculation */ + +static void sha_end1(unsigned char hval[], sha256_ctx ctx[1], const unsigned int hlen) +{ uint_32t i = (uint_32t)(ctx->count[0] & SHA256_MASK); + + /* put bytes in the buffer in an order in which references to */ + /* 32-bit words will put bytes with lower addresses into the */ + /* top of 32 bit words on BOTH big and little endian machines */ + bsw_32(ctx->wbuf, (i + 3) >> 2) + + /* we now need to mask valid bytes and add the padding which is */ + /* a single 1 bit and as many zero bits as necessary. Note that */ + /* we can always add the first padding byte here because the */ + /* buffer always has at least one empty slot */ + ctx->wbuf[i >> 2] &= 0xffffff80 << 8 * (~i & 3); + ctx->wbuf[i >> 2] |= 0x00000080 << 8 * (~i & 3); + + /* we need 9 or more empty positions, one for the padding byte */ + /* (above) and eight for the length count. If there is not */ + /* enough space pad and empty the buffer */ + if(i > SHA256_BLOCK_SIZE - 9) + { + if(i < 60) ctx->wbuf[15] = 0; + sha256_compile(ctx); + i = 0; + } + else /* compute a word index for the empty buffer positions */ + i = (i >> 2) + 1; + + while(i < 14) /* and zero pad all but last two positions */ + ctx->wbuf[i++] = 0; + + /* the following 32-bit length fields are assembled in the */ + /* wrong byte order on little endian machines but this is */ + /* corrected later since they are only ever used as 32-bit */ + /* word values. */ + ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 29); + ctx->wbuf[15] = ctx->count[0] << 3; + sha256_compile(ctx); + + /* extract the hash value as bytes in case the hash buffer is */ + /* mislaigned for 32-bit words */ + for(i = 0; i < hlen; ++i) + hval[i] = (unsigned char)(ctx->hash[i >> 2] >> (8 * (~i & 3))); +} + +#endif + +#if defined(SHA_224) + +const uint_32t i224[8] = +{ + 0xc1059ed8ul, 0x367cd507ul, 0x3070dd17ul, 0xf70e5939ul, + 0xffc00b31ul, 0x68581511ul, 0x64f98fa7ul, 0xbefa4fa4ul +}; + +VOID_RETURN sha224_begin(sha224_ctx ctx[1]) +{ + ctx->count[0] = ctx->count[1] = 0; + memcpy(ctx->hash, i224, 8 * sizeof(uint_32t)); +} + +VOID_RETURN sha224_end(unsigned char hval[], sha224_ctx ctx[1]) +{ + sha_end1(hval, ctx, SHA224_DIGEST_SIZE); +} + +VOID_RETURN sha224(unsigned char hval[], const unsigned char data[], unsigned long len) +{ sha224_ctx cx[1]; + + sha224_begin(cx); + sha224_hash(data, len, cx); + sha_end1(hval, cx, SHA224_DIGEST_SIZE); +} + +#endif + +#if defined(SHA_256) + +const uint_32t i256[8] = +{ + 0x6a09e667ul, 0xbb67ae85ul, 0x3c6ef372ul, 0xa54ff53aul, + 0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul +}; + +VOID_RETURN sha256_begin(sha256_ctx ctx[1]) +{ + ctx->count[0] = ctx->count[1] = 0; + memcpy(ctx->hash, i256, 8 * sizeof(uint_32t)); +} + +VOID_RETURN sha256_end(unsigned char hval[], sha256_ctx ctx[1]) +{ + sha_end1(hval, ctx, SHA256_DIGEST_SIZE); +} + +VOID_RETURN sha256(unsigned char hval[], const unsigned char data[], unsigned long len) +{ sha256_ctx cx[1]; + + sha256_begin(cx); + sha256_hash(data, len, cx); + sha_end1(hval, cx, SHA256_DIGEST_SIZE); +} + +#endif + +#if defined(SHA_384) || defined(SHA_512) + +#define SHA512_MASK (SHA512_BLOCK_SIZE - 1) + +#if defined(SWAP_BYTES) +#define bsw_64(p,n) \ + { int _i = (n); while(_i--) ((uint_64t*)p)[_i] = bswap_64(((uint_64t*)p)[_i]); } +#else +#define bsw_64(p,n) +#endif + +/* SHA512 mixing function definitions */ + +#ifdef s_0 +# undef s_0 +# undef s_1 +# undef g_0 +# undef g_1 +# undef k_0 +#endif + +#define s_0(x) (rotr64((x), 28) ^ rotr64((x), 34) ^ rotr64((x), 39)) +#define s_1(x) (rotr64((x), 14) ^ rotr64((x), 18) ^ rotr64((x), 41)) +#define g_0(x) (rotr64((x), 1) ^ rotr64((x), 8) ^ ((x) >> 7)) +#define g_1(x) (rotr64((x), 19) ^ rotr64((x), 61) ^ ((x) >> 6)) +#define k_0 k512 + +/* SHA384/SHA512 mixing data */ + +const uint_64t k512[80] = +{ + li_64(428a2f98d728ae22), li_64(7137449123ef65cd), + li_64(b5c0fbcfec4d3b2f), li_64(e9b5dba58189dbbc), + li_64(3956c25bf348b538), li_64(59f111f1b605d019), + li_64(923f82a4af194f9b), li_64(ab1c5ed5da6d8118), + li_64(d807aa98a3030242), li_64(12835b0145706fbe), + li_64(243185be4ee4b28c), li_64(550c7dc3d5ffb4e2), + li_64(72be5d74f27b896f), li_64(80deb1fe3b1696b1), + li_64(9bdc06a725c71235), li_64(c19bf174cf692694), + li_64(e49b69c19ef14ad2), li_64(efbe4786384f25e3), + li_64(0fc19dc68b8cd5b5), li_64(240ca1cc77ac9c65), + li_64(2de92c6f592b0275), li_64(4a7484aa6ea6e483), + li_64(5cb0a9dcbd41fbd4), li_64(76f988da831153b5), + li_64(983e5152ee66dfab), li_64(a831c66d2db43210), + li_64(b00327c898fb213f), li_64(bf597fc7beef0ee4), + li_64(c6e00bf33da88fc2), li_64(d5a79147930aa725), + li_64(06ca6351e003826f), li_64(142929670a0e6e70), + li_64(27b70a8546d22ffc), li_64(2e1b21385c26c926), + li_64(4d2c6dfc5ac42aed), li_64(53380d139d95b3df), + li_64(650a73548baf63de), li_64(766a0abb3c77b2a8), + li_64(81c2c92e47edaee6), li_64(92722c851482353b), + li_64(a2bfe8a14cf10364), li_64(a81a664bbc423001), + li_64(c24b8b70d0f89791), li_64(c76c51a30654be30), + li_64(d192e819d6ef5218), li_64(d69906245565a910), + li_64(f40e35855771202a), li_64(106aa07032bbd1b8), + li_64(19a4c116b8d2d0c8), li_64(1e376c085141ab53), + li_64(2748774cdf8eeb99), li_64(34b0bcb5e19b48a8), + li_64(391c0cb3c5c95a63), li_64(4ed8aa4ae3418acb), + li_64(5b9cca4f7763e373), li_64(682e6ff3d6b2b8a3), + li_64(748f82ee5defb2fc), li_64(78a5636f43172f60), + li_64(84c87814a1f0ab72), li_64(8cc702081a6439ec), + li_64(90befffa23631e28), li_64(a4506cebde82bde9), + li_64(bef9a3f7b2c67915), li_64(c67178f2e372532b), + li_64(ca273eceea26619c), li_64(d186b8c721c0c207), + li_64(eada7dd6cde0eb1e), li_64(f57d4f7fee6ed178), + li_64(06f067aa72176fba), li_64(0a637dc5a2c898a6), + li_64(113f9804bef90dae), li_64(1b710b35131c471b), + li_64(28db77f523047d84), li_64(32caab7b40c72493), + li_64(3c9ebe0a15c9bebc), li_64(431d67c49c100d4c), + li_64(4cc5d4becb3e42b6), li_64(597f299cfc657e2a), + li_64(5fcb6fab3ad6faec), li_64(6c44198c4a475817) +}; + +/* Compile 128 bytes of hash data into SHA384/512 digest */ +/* NOTE: this routine assumes that the byte order in the */ +/* ctx->wbuf[] at this point is such that low address bytes */ +/* in the ORIGINAL byte stream will go into the high end of */ +/* words on BOTH big and little endian systems */ + +VOID_RETURN sha512_compile(sha512_ctx ctx[1]) +{ uint_64t v[8], *p = ctx->wbuf; + uint_32t j; + + memcpy(v, ctx->hash, 8 * sizeof(uint_64t)); + + for(j = 0; j < 80; j += 16) + { + v_cycle( 0, j); v_cycle( 1, j); + v_cycle( 2, j); v_cycle( 3, j); + v_cycle( 4, j); v_cycle( 5, j); + v_cycle( 6, j); v_cycle( 7, j); + v_cycle( 8, j); v_cycle( 9, j); + v_cycle(10, j); v_cycle(11, j); + v_cycle(12, j); v_cycle(13, j); + v_cycle(14, j); v_cycle(15, j); + } + + ctx->hash[0] += v[0]; ctx->hash[1] += v[1]; + ctx->hash[2] += v[2]; ctx->hash[3] += v[3]; + ctx->hash[4] += v[4]; ctx->hash[5] += v[5]; + ctx->hash[6] += v[6]; ctx->hash[7] += v[7]; +} + +/* Compile 128 bytes of hash data into SHA256 digest value */ +/* NOTE: this routine assumes that the byte order in the */ +/* ctx->wbuf[] at this point is in such an order that low */ +/* address bytes in the ORIGINAL byte stream placed in this */ +/* buffer will now go to the high end of words on BOTH big */ +/* and little endian systems */ + +VOID_RETURN sha512_hash(const unsigned char data[], unsigned long len, sha512_ctx ctx[1]) +{ uint_32t pos = (uint_32t)(ctx->count[0] & SHA512_MASK), + space = SHA512_BLOCK_SIZE - pos; + const unsigned char *sp = data; + + if((ctx->count[0] += len) < len) + ++(ctx->count[1]); + + while(len >= space) /* tranfer whole blocks while possible */ + { + memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space); + sp += space; len -= space; space = SHA512_BLOCK_SIZE; pos = 0; + bsw_64(ctx->wbuf, SHA512_BLOCK_SIZE >> 3); + sha512_compile(ctx); + } + + memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len); +} + +/* SHA384/512 Final padding and digest calculation */ + +static void sha_end2(unsigned char hval[], sha512_ctx ctx[1], const unsigned int hlen) +{ uint_32t i = (uint_32t)(ctx->count[0] & SHA512_MASK); + + /* put bytes in the buffer in an order in which references to */ + /* 32-bit words will put bytes with lower addresses into the */ + /* top of 32 bit words on BOTH big and little endian machines */ + bsw_64(ctx->wbuf, (i + 7) >> 3); + + /* we now need to mask valid bytes and add the padding which is */ + /* a single 1 bit and as many zero bits as necessary. Note that */ + /* we can always add the first padding byte here because the */ + /* buffer always has at least one empty slot */ + ctx->wbuf[i >> 3] &= li_64(ffffffffffffff00) << 8 * (~i & 7); + ctx->wbuf[i >> 3] |= li_64(0000000000000080) << 8 * (~i & 7); + + /* we need 17 or more empty byte positions, one for the padding */ + /* byte (above) and sixteen for the length count. If there is */ + /* not enough space pad and empty the buffer */ + if(i > SHA512_BLOCK_SIZE - 17) + { + if(i < 120) ctx->wbuf[15] = 0; + sha512_compile(ctx); + i = 0; + } + else + i = (i >> 3) + 1; + + while(i < 14) + ctx->wbuf[i++] = 0; + + /* the following 64-bit length fields are assembled in the */ + /* wrong byte order on little endian machines but this is */ + /* corrected later since they are only ever used as 64-bit */ + /* word values. */ + ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 61); + ctx->wbuf[15] = ctx->count[0] << 3; + sha512_compile(ctx); + + /* extract the hash value as bytes in case the hash buffer is */ + /* misaligned for 32-bit words */ + for(i = 0; i < hlen; ++i) + hval[i] = (unsigned char)(ctx->hash[i >> 3] >> (8 * (~i & 7))); +} + +#endif + +#if defined(SHA_384) + +/* SHA384 initialisation data */ + +const uint_64t i384[80] = +{ + li_64(cbbb9d5dc1059ed8), li_64(629a292a367cd507), + li_64(9159015a3070dd17), li_64(152fecd8f70e5939), + li_64(67332667ffc00b31), li_64(8eb44a8768581511), + li_64(db0c2e0d64f98fa7), li_64(47b5481dbefa4fa4) +}; + +VOID_RETURN sha384_begin(sha384_ctx ctx[1]) +{ + ctx->count[0] = ctx->count[1] = 0; + memcpy(ctx->hash, i384, 8 * sizeof(uint_64t)); +} + +VOID_RETURN sha384_end(unsigned char hval[], sha384_ctx ctx[1]) +{ + sha_end2(hval, ctx, SHA384_DIGEST_SIZE); +} + +VOID_RETURN sha384(unsigned char hval[], const unsigned char data[], unsigned long len) +{ sha384_ctx cx[1]; + + sha384_begin(cx); + sha384_hash(data, len, cx); + sha_end2(hval, cx, SHA384_DIGEST_SIZE); +} + +#endif + +#if defined(SHA_512) + +/* SHA512 initialisation data */ + +const uint_64t i512[80] = +{ + li_64(6a09e667f3bcc908), li_64(bb67ae8584caa73b), + li_64(3c6ef372fe94f82b), li_64(a54ff53a5f1d36f1), + li_64(510e527fade682d1), li_64(9b05688c2b3e6c1f), + li_64(1f83d9abfb41bd6b), li_64(5be0cd19137e2179) +}; + +VOID_RETURN sha512_begin(sha512_ctx ctx[1]) +{ + ctx->count[0] = ctx->count[1] = 0; + memcpy(ctx->hash, i512, 8 * sizeof(uint_64t)); +} + +VOID_RETURN sha512_end(unsigned char hval[], sha512_ctx ctx[1]) +{ + sha_end2(hval, ctx, SHA512_DIGEST_SIZE); +} + +VOID_RETURN sha512(unsigned char hval[], const unsigned char data[], unsigned long len) +{ sha512_ctx cx[1]; + + sha512_begin(cx); + sha512_hash(data, len, cx); + sha_end2(hval, cx, SHA512_DIGEST_SIZE); +} + +#endif + +#if defined(SHA_2) + +#define CTX_224(x) ((x)->uu->ctx256) +#define CTX_256(x) ((x)->uu->ctx256) +#define CTX_384(x) ((x)->uu->ctx512) +#define CTX_512(x) ((x)->uu->ctx512) + +/* SHA2 initialisation */ + +INT_RETURN sha2_begin(unsigned long len, sha2_ctx ctx[1]) +{ + switch(len) + { +#if defined(SHA_224) + case 224: + case 28: CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0; + memcpy(CTX_256(ctx)->hash, i224, 32); + ctx->sha2_len = 28; return EXIT_SUCCESS; +#endif +#if defined(SHA_256) + case 256: + case 32: CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0; + memcpy(CTX_256(ctx)->hash, i256, 32); + ctx->sha2_len = 32; return EXIT_SUCCESS; +#endif +#if defined(SHA_384) + case 384: + case 48: CTX_384(ctx)->count[0] = CTX_384(ctx)->count[1] = 0; + memcpy(CTX_384(ctx)->hash, i384, 64); + ctx->sha2_len = 48; return EXIT_SUCCESS; +#endif +#if defined(SHA_512) + case 512: + case 64: CTX_512(ctx)->count[0] = CTX_512(ctx)->count[1] = 0; + memcpy(CTX_512(ctx)->hash, i512, 64); + ctx->sha2_len = 64; return EXIT_SUCCESS; +#endif + default: return EXIT_FAILURE; + } +} + +VOID_RETURN sha2_hash(const unsigned char data[], unsigned long len, sha2_ctx ctx[1]) +{ + switch(ctx->sha2_len) + { +#if defined(SHA_224) + case 28: sha224_hash(data, len, CTX_224(ctx)); return; +#endif +#if defined(SHA_256) + case 32: sha256_hash(data, len, CTX_256(ctx)); return; +#endif +#if defined(SHA_384) + case 48: sha384_hash(data, len, CTX_384(ctx)); return; +#endif +#if defined(SHA_512) + case 64: sha512_hash(data, len, CTX_512(ctx)); return; +#endif + } +} + +VOID_RETURN sha2_end(unsigned char hval[], sha2_ctx ctx[1]) +{ + switch(ctx->sha2_len) + { +#if defined(SHA_224) + case 28: sha_end1(hval, CTX_224(ctx), SHA224_DIGEST_SIZE); return; +#endif +#if defined(SHA_256) + case 32: sha_end1(hval, CTX_256(ctx), SHA256_DIGEST_SIZE); return; +#endif +#if defined(SHA_384) + case 48: sha_end2(hval, CTX_384(ctx), SHA384_DIGEST_SIZE); return; +#endif +#if defined(SHA_512) + case 64: sha_end2(hval, CTX_512(ctx), SHA512_DIGEST_SIZE); return; +#endif + } +} + +INT_RETURN sha2(unsigned char hval[], unsigned long size, + const unsigned char data[], unsigned long len) +{ sha2_ctx cx[1]; + + if(sha2_begin(size, cx) == EXIT_SUCCESS) + { + sha2_hash(data, len, cx); sha2_end(hval, cx); return EXIT_SUCCESS; + } + else + return EXIT_FAILURE; +} + +#endif + +#if defined(__cplusplus) +} +#endif diff --git a/src/Crypto/Sha2.h b/src/Crypto/Sha2.h index 64379d17..6d0aeb0f 100644 --- a/src/Crypto/Sha2.h +++ b/src/Crypto/Sha2.h @@ -1,155 +1,155 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software is allowed (with or without - changes) provided that: - - 1. source code distributions include the above copyright notice, this - list of conditions and the following disclaimer; - - 2. binary distributions include the above copyright notice, this list - of conditions and the following disclaimer in their documentation; - - 3. the name of the copyright holder is not used to endorse products - built using this software without specific written permission. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - Issue Date: 01/08/2005 -*/ - -#ifndef _SHA2_H -#define _SHA2_H - -#include "Common/Tcdefs.h" -#include "Common/Endian.h" - -#define SHA_64BIT - -/* define the hash functions that you need */ -#define SHA_2 /* for dynamic hash length */ -#define SHA_224 -#define SHA_256 -#ifdef SHA_64BIT -# define SHA_384 -# define SHA_512 -# define NEED_UINT_64T -#endif - -#ifndef EXIT_SUCCESS -#define EXIT_SUCCESS 0 -#define EXIT_FAILURE 1 -#endif - -#define li_64(h) 0x##h##ull - -#define VOID_RETURN void -#define INT_RETURN int - -#if defined(__cplusplus) -extern "C" -{ -#endif - -/* Note that the following function prototypes are the same */ -/* for both the bit and byte oriented implementations. But */ -/* the length fields are in bytes or bits as is appropriate */ -/* for the version used. Bit sequences are arrays of bytes */ -/* in which bit sequence indexes increase from the most to */ -/* the least significant end of each byte */ - -#define SHA224_DIGEST_SIZE 28 -#define SHA224_BLOCK_SIZE 64 -#define SHA256_DIGEST_SIZE 32 -#define SHA256_BLOCK_SIZE 64 - -/* type to hold the SHA256 (and SHA224) context */ - -typedef struct -{ uint_32t count[2]; - uint_32t hash[8]; - uint_32t wbuf[16]; -} sha256_ctx; - -typedef sha256_ctx sha224_ctx; - -VOID_RETURN sha256_compile(sha256_ctx ctx[1]); - -VOID_RETURN sha224_begin(sha224_ctx ctx[1]); -#define sha224_hash sha256_hash -VOID_RETURN sha224_end(unsigned char hval[], sha224_ctx ctx[1]); -VOID_RETURN sha224(unsigned char hval[], const unsigned char data[], unsigned long len); - -VOID_RETURN sha256_begin(sha256_ctx ctx[1]); -VOID_RETURN sha256_hash(const unsigned char data[], unsigned long len, sha256_ctx ctx[1]); -VOID_RETURN sha256_end(unsigned char hval[], sha256_ctx ctx[1]); -VOID_RETURN sha256(unsigned char hval[], const unsigned char data[], unsigned long len); - -#ifndef SHA_64BIT - -typedef struct -{ union - { sha256_ctx ctx256[1]; - } uu[1]; - uint_32t sha2_len; -} sha2_ctx; - -#define SHA2_MAX_DIGEST_SIZE SHA256_DIGEST_SIZE - -#else - -#define SHA384_DIGEST_SIZE 48 -#define SHA384_BLOCK_SIZE 128 -#define SHA512_DIGEST_SIZE 64 -#define SHA512_BLOCK_SIZE 128 -#define SHA2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE - -/* type to hold the SHA384 (and SHA512) context */ - -typedef struct -{ uint_64t count[2]; - uint_64t hash[8]; - uint_64t wbuf[16]; -} sha512_ctx; - -typedef sha512_ctx sha384_ctx; - -typedef struct -{ union - { sha256_ctx ctx256[1]; - sha512_ctx ctx512[1]; - } uu[1]; - uint_32t sha2_len; -} sha2_ctx; - -VOID_RETURN sha512_compile(sha512_ctx ctx[1]); - -VOID_RETURN sha384_begin(sha384_ctx ctx[1]); -#define sha384_hash sha512_hash -VOID_RETURN sha384_end(unsigned char hval[], sha384_ctx ctx[1]); -VOID_RETURN sha384(unsigned char hval[], const unsigned char data[], unsigned long len); - -VOID_RETURN sha512_begin(sha512_ctx ctx[1]); -VOID_RETURN sha512_hash(const unsigned char data[], unsigned long len, sha512_ctx ctx[1]); -VOID_RETURN sha512_end(unsigned char hval[], sha512_ctx ctx[1]); -VOID_RETURN sha512(unsigned char hval[], const unsigned char data[], unsigned long len); - -INT_RETURN sha2_begin(unsigned long size, sha2_ctx ctx[1]); -VOID_RETURN sha2_hash(const unsigned char data[], unsigned long len, sha2_ctx ctx[1]); -VOID_RETURN sha2_end(unsigned char hval[], sha2_ctx ctx[1]); -INT_RETURN sha2(unsigned char hval[], unsigned long size, const unsigned char data[], unsigned long len); - -#endif - -#if defined(__cplusplus) -} -#endif - -#endif +/* + --------------------------------------------------------------------------- + Copyright (c) 2002, Dr Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + Issue Date: 01/08/2005 +*/ + +#ifndef _SHA2_H +#define _SHA2_H + +#include "Common/Tcdefs.h" +#include "Common/Endian.h" + +#define SHA_64BIT + +/* define the hash functions that you need */ +#define SHA_2 /* for dynamic hash length */ +#define SHA_224 +#define SHA_256 +#ifdef SHA_64BIT +# define SHA_384 +# define SHA_512 +# define NEED_UINT_64T +#endif + +#ifndef EXIT_SUCCESS +#define EXIT_SUCCESS 0 +#define EXIT_FAILURE 1 +#endif + +#define li_64(h) 0x##h##ull + +#define VOID_RETURN void +#define INT_RETURN int + +#if defined(__cplusplus) +extern "C" +{ +#endif + +/* Note that the following function prototypes are the same */ +/* for both the bit and byte oriented implementations. But */ +/* the length fields are in bytes or bits as is appropriate */ +/* for the version used. Bit sequences are arrays of bytes */ +/* in which bit sequence indexes increase from the most to */ +/* the least significant end of each byte */ + +#define SHA224_DIGEST_SIZE 28 +#define SHA224_BLOCK_SIZE 64 +#define SHA256_DIGEST_SIZE 32 +#define SHA256_BLOCK_SIZE 64 + +/* type to hold the SHA256 (and SHA224) context */ + +typedef struct +{ uint_32t count[2]; + uint_32t hash[8]; + uint_32t wbuf[16]; +} sha256_ctx; + +typedef sha256_ctx sha224_ctx; + +VOID_RETURN sha256_compile(sha256_ctx ctx[1]); + +VOID_RETURN sha224_begin(sha224_ctx ctx[1]); +#define sha224_hash sha256_hash +VOID_RETURN sha224_end(unsigned char hval[], sha224_ctx ctx[1]); +VOID_RETURN sha224(unsigned char hval[], const unsigned char data[], unsigned long len); + +VOID_RETURN sha256_begin(sha256_ctx ctx[1]); +VOID_RETURN sha256_hash(const unsigned char data[], unsigned long len, sha256_ctx ctx[1]); +VOID_RETURN sha256_end(unsigned char hval[], sha256_ctx ctx[1]); +VOID_RETURN sha256(unsigned char hval[], const unsigned char data[], unsigned long len); + +#ifndef SHA_64BIT + +typedef struct +{ union + { sha256_ctx ctx256[1]; + } uu[1]; + uint_32t sha2_len; +} sha2_ctx; + +#define SHA2_MAX_DIGEST_SIZE SHA256_DIGEST_SIZE + +#else + +#define SHA384_DIGEST_SIZE 48 +#define SHA384_BLOCK_SIZE 128 +#define SHA512_DIGEST_SIZE 64 +#define SHA512_BLOCK_SIZE 128 +#define SHA2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE + +/* type to hold the SHA384 (and SHA512) context */ + +typedef struct +{ uint_64t count[2]; + uint_64t hash[8]; + uint_64t wbuf[16]; +} sha512_ctx; + +typedef sha512_ctx sha384_ctx; + +typedef struct +{ union + { sha256_ctx ctx256[1]; + sha512_ctx ctx512[1]; + } uu[1]; + uint_32t sha2_len; +} sha2_ctx; + +VOID_RETURN sha512_compile(sha512_ctx ctx[1]); + +VOID_RETURN sha384_begin(sha384_ctx ctx[1]); +#define sha384_hash sha512_hash +VOID_RETURN sha384_end(unsigned char hval[], sha384_ctx ctx[1]); +VOID_RETURN sha384(unsigned char hval[], const unsigned char data[], unsigned long len); + +VOID_RETURN sha512_begin(sha512_ctx ctx[1]); +VOID_RETURN sha512_hash(const unsigned char data[], unsigned long len, sha512_ctx ctx[1]); +VOID_RETURN sha512_end(unsigned char hval[], sha512_ctx ctx[1]); +VOID_RETURN sha512(unsigned char hval[], const unsigned char data[], unsigned long len); + +INT_RETURN sha2_begin(unsigned long size, sha2_ctx ctx[1]); +VOID_RETURN sha2_hash(const unsigned char data[], unsigned long len, sha2_ctx ctx[1]); +VOID_RETURN sha2_end(unsigned char hval[], sha2_ctx ctx[1]); +INT_RETURN sha2(unsigned char hval[], unsigned long size, const unsigned char data[], unsigned long len); + +#endif + +#if defined(__cplusplus) +} +#endif + +#endif diff --git a/src/Crypto/Sha2Small.c b/src/Crypto/Sha2Small.c index 9acd1b83..539ff05d 100644 --- a/src/Crypto/Sha2Small.c +++ b/src/Crypto/Sha2Small.c @@ -10,237 +10,237 @@ * */ -/* Adapted for VeraCrypt */ - -#include -#include "Common/Tcdefs.h" -#include "Common/Endian.h" -#include "Sha2Small.h" - -#pragma optimize ("tl", on) - -typedef unsigned __int32 uint32; -typedef unsigned __int8 byte; - -#include -#pragma intrinsic(_lrotr) -#define RORc(x,n) _lrotr(x,n) - -/******************************************************************************/ - -/* - The K array - */ - -static const uint32 K[64] = { - 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL, - 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL, - 0x243185beUL, 0x550c7dc3UL, 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, - 0xc19bf174UL, 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL, - 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, 0x983e5152UL, - 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, 0xc6e00bf3UL, 0xd5a79147UL, - 0x06ca6351UL, 0x14292967UL, 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, - 0x53380d13UL, 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, - 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, 0xd192e819UL, - 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, 0x19a4c116UL, 0x1e376c08UL, - 0x2748774cUL, 0x34b0bcb5UL, 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, - 0x682e6ff3UL, 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, - 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL -}; - -/* - Various logical functions - */ -#define Ch(x,y,z) (z ^ (x & (y ^ z))) -#define Maj(x,y,z) (((x | y) & z) | (x & y)) -#define S(x, n) RORc((x),(n)) -#define R(x, n) ((x)>>(n)) -#define Sigma0(x) (S(x, 2) ^ S(x, 13) ^ S(x, 22)) -#define Sigma1(x) (S(x, 6) ^ S(x, 11) ^ S(x, 25)) -#define Gamma0(x) (S(x, 7) ^ S(x, 18) ^ R(x, 3)) -#define Gamma1(x) (S(x, 17) ^ S(x, 19) ^ R(x, 10)) - -#define STORE32H(x, y, i) { \ -(y)[i] = (unsigned char)(((x)>>24)); \ -(y)[i+1] = (unsigned char)(((x)>>16)); \ -(y)[i+2] = (unsigned char)(((x)>>8)); \ -(y)[i+3] = (unsigned char)((x)); \ -} - -#define LOAD32H(x, y, i) { \ -x = ((unsigned long)((y)[i])<<24) | \ -((unsigned long)((y)[i+1])<<16) | \ -((unsigned long)((y)[i+2])<<8) | \ -((unsigned long)((y)[i+3])); \ -} - -/* - compress 512-bits - */ -static void sha256_compress(sha256_ctx * ctx, unsigned char *buf) -{ - - uint32 S[8], W[64], t0, t1; - uint32 t, w2, w15; - int i; - -/* - copy state into S - */ - for (i = 0; i < 8; i++) { - S[i] = ctx->state[i]; - } - -/* - copy the state into 512-bits into W[0..15] - */ - for (i = 0; i < 16; i++) { - LOAD32H(W[i], buf , (4*i)); - } - -/* - fill W[16..63] - */ - for (i = 16; i < 64; i++) { - w2 = W[i - 2]; - w15 = W[i - 15]; - W[i] = Gamma1(w2) + W[i - 7] + Gamma0(w15) + W[i - 16]; - } - -/* - Compress - */ - -#define RND(a,b,c,d,e,f,g,h,i) \ - t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i]; \ - t1 = Sigma0(a) + Maj(a, b, c); \ - d += t0; \ - h = t0 + t1; - - for (i = 0; i < 64; ++i) { - RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],i); - t = S[7]; S[7] = S[6]; S[6] = S[5]; S[5] = S[4]; - S[4] = S[3]; S[3] = S[2]; S[2] = S[1]; S[1] = S[0]; S[0] = t; - } - -/* - feedback - */ - for (i = 0; i < 8; i++) { - ctx->state[i] += S[i]; - } - -} - -/* - init the sha256 state - */ -VOID_RETURN sha256_begin(sha256_ctx* ctx) -{ - ctx->curlen = 0; - ctx->state[0] = 0x6A09E667UL; - ctx->state[1] = 0xBB67AE85UL; - ctx->state[2] = 0x3C6EF372UL; - ctx->state[3] = 0xA54FF53AUL; - ctx->state[4] = 0x510E527FUL; - ctx->state[5] = 0x9B05688CUL; - ctx->state[6] = 0x1F83D9ABUL; - ctx->state[7] = 0x5BE0CD19UL; - ctx->highLength = 0; - ctx->lowLength = 0; -} - -VOID_RETURN sha256_hash(unsigned char* data, unsigned int len, sha256_ctx* ctx) -{ - uint32 n; - while (len > 0) { - if (ctx->curlen == 0 && len >= 64) { - sha256_compress(ctx, (unsigned char *)data); - - n = ctx->lowLength + 512; - if (n < ctx->lowLength) { - ctx->highLength++; - } - ctx->lowLength = n; - data += 64; - len -= 64; - } else { - n = min(len, 64 - ctx->curlen); - memcpy(ctx->buf + ctx->curlen, data, (size_t)n); - ctx->curlen += (unsigned int) n; - data += (unsigned int) n; - len -= (unsigned int) n; - - if (ctx->curlen == 64) { - sha256_compress (ctx, ctx->buf); - - n = ctx->lowLength + 512; - if (n < ctx->lowLength) { - ctx->highLength++; - } - ctx->lowLength = n; - ctx->curlen = 0; - } - } - } - return; -} - -VOID_RETURN sha256_end(unsigned char* hval, sha256_ctx* ctx) -{ - int i; - uint32 n; - -/* - increase the length of the message - */ - - n = ctx->lowLength + (ctx->curlen << 3); - if (n < ctx->lowLength) { - ctx->highLength++; - } - ctx->highLength += (ctx->curlen >> 29); - ctx->lowLength = n; - -/* - append the '1' bit - */ - ctx->buf[ctx->curlen++] = (unsigned char)0x80; - -/* - if the length is currently above 56 bytes we append zeros then compress. - Then we can fall back to padding zeros and length encoding like normal. - */ - if (ctx->curlen > 56) { - while (ctx->curlen < 64) { - ctx->buf[ctx->curlen++] = (unsigned char)0; - } - sha256_compress(ctx, ctx->buf); - ctx->curlen = 0; - } - -/* - pad upto 56 bytes of zeroes - */ - while (ctx->curlen < 56) { - ctx->buf[ctx->curlen++] = (unsigned char)0; - } - -/* - store length - */ - - STORE32H(ctx->highLength, ctx->buf, 56); - STORE32H(ctx->lowLength, ctx->buf, 60); - - sha256_compress(ctx, ctx->buf); - -/* - copy output - */ - for (i = 0; i < 8; i++) { - STORE32H(ctx->state[i], hval, (4*i)); - } -} - -/******************************************************************************/ +/* Adapted for VeraCrypt */ + +#include +#include "Common/Tcdefs.h" +#include "Common/Endian.h" +#include "Sha2Small.h" + +#pragma optimize ("tl", on) + +typedef unsigned __int32 uint32; +typedef unsigned __int8 byte; + +#include +#pragma intrinsic(_lrotr) +#define RORc(x,n) _lrotr(x,n) + +/******************************************************************************/ + +/* + The K array + */ + +static const uint32 K[64] = { + 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL, + 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL, + 0x243185beUL, 0x550c7dc3UL, 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, + 0xc19bf174UL, 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL, + 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, 0x983e5152UL, + 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, 0xc6e00bf3UL, 0xd5a79147UL, + 0x06ca6351UL, 0x14292967UL, 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, + 0x53380d13UL, 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, + 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, 0xd192e819UL, + 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, 0x19a4c116UL, 0x1e376c08UL, + 0x2748774cUL, 0x34b0bcb5UL, 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, + 0x682e6ff3UL, 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, + 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL +}; + +/* + Various logical functions + */ +#define Ch(x,y,z) (z ^ (x & (y ^ z))) +#define Maj(x,y,z) (((x | y) & z) | (x & y)) +#define S(x, n) RORc((x),(n)) +#define R(x, n) ((x)>>(n)) +#define Sigma0(x) (S(x, 2) ^ S(x, 13) ^ S(x, 22)) +#define Sigma1(x) (S(x, 6) ^ S(x, 11) ^ S(x, 25)) +#define Gamma0(x) (S(x, 7) ^ S(x, 18) ^ R(x, 3)) +#define Gamma1(x) (S(x, 17) ^ S(x, 19) ^ R(x, 10)) + +#define STORE32H(x, y, i) { \ +(y)[i] = (unsigned char)(((x)>>24)); \ +(y)[i+1] = (unsigned char)(((x)>>16)); \ +(y)[i+2] = (unsigned char)(((x)>>8)); \ +(y)[i+3] = (unsigned char)((x)); \ +} + +#define LOAD32H(x, y, i) { \ +x = ((unsigned long)((y)[i])<<24) | \ +((unsigned long)((y)[i+1])<<16) | \ +((unsigned long)((y)[i+2])<<8) | \ +((unsigned long)((y)[i+3])); \ +} + +/* + compress 512-bits + */ +static void sha256_compress(sha256_ctx * ctx, unsigned char *buf) +{ + + uint32 S[8], W[64], t0, t1; + uint32 t, w2, w15; + int i; + +/* + copy state into S + */ + for (i = 0; i < 8; i++) { + S[i] = ctx->state[i]; + } + +/* + copy the state into 512-bits into W[0..15] + */ + for (i = 0; i < 16; i++) { + LOAD32H(W[i], buf , (4*i)); + } + +/* + fill W[16..63] + */ + for (i = 16; i < 64; i++) { + w2 = W[i - 2]; + w15 = W[i - 15]; + W[i] = Gamma1(w2) + W[i - 7] + Gamma0(w15) + W[i - 16]; + } + +/* + Compress + */ + +#define RND(a,b,c,d,e,f,g,h,i) \ + t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i]; \ + t1 = Sigma0(a) + Maj(a, b, c); \ + d += t0; \ + h = t0 + t1; + + for (i = 0; i < 64; ++i) { + RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],i); + t = S[7]; S[7] = S[6]; S[6] = S[5]; S[5] = S[4]; + S[4] = S[3]; S[3] = S[2]; S[2] = S[1]; S[1] = S[0]; S[0] = t; + } + +/* + feedback + */ + for (i = 0; i < 8; i++) { + ctx->state[i] += S[i]; + } + +} + +/* + init the sha256 state + */ +VOID_RETURN sha256_begin(sha256_ctx* ctx) +{ + ctx->curlen = 0; + ctx->state[0] = 0x6A09E667UL; + ctx->state[1] = 0xBB67AE85UL; + ctx->state[2] = 0x3C6EF372UL; + ctx->state[3] = 0xA54FF53AUL; + ctx->state[4] = 0x510E527FUL; + ctx->state[5] = 0x9B05688CUL; + ctx->state[6] = 0x1F83D9ABUL; + ctx->state[7] = 0x5BE0CD19UL; + ctx->highLength = 0; + ctx->lowLength = 0; +} + +VOID_RETURN sha256_hash(unsigned char* data, unsigned int len, sha256_ctx* ctx) +{ + uint32 n; + while (len > 0) { + if (ctx->curlen == 0 && len >= 64) { + sha256_compress(ctx, (unsigned char *)data); + + n = ctx->lowLength + 512; + if (n < ctx->lowLength) { + ctx->highLength++; + } + ctx->lowLength = n; + data += 64; + len -= 64; + } else { + n = min(len, 64 - ctx->curlen); + memcpy(ctx->buf + ctx->curlen, data, (size_t)n); + ctx->curlen += (unsigned int) n; + data += (unsigned int) n; + len -= (unsigned int) n; + + if (ctx->curlen == 64) { + sha256_compress (ctx, ctx->buf); + + n = ctx->lowLength + 512; + if (n < ctx->lowLength) { + ctx->highLength++; + } + ctx->lowLength = n; + ctx->curlen = 0; + } + } + } + return; +} + +VOID_RETURN sha256_end(unsigned char* hval, sha256_ctx* ctx) +{ + int i; + uint32 n; + +/* + increase the length of the message + */ + + n = ctx->lowLength + (ctx->curlen << 3); + if (n < ctx->lowLength) { + ctx->highLength++; + } + ctx->highLength += (ctx->curlen >> 29); + ctx->lowLength = n; + +/* + append the '1' bit + */ + ctx->buf[ctx->curlen++] = (unsigned char)0x80; + +/* + if the length is currently above 56 bytes we append zeros then compress. + Then we can fall back to padding zeros and length encoding like normal. + */ + if (ctx->curlen > 56) { + while (ctx->curlen < 64) { + ctx->buf[ctx->curlen++] = (unsigned char)0; + } + sha256_compress(ctx, ctx->buf); + ctx->curlen = 0; + } + +/* + pad upto 56 bytes of zeroes + */ + while (ctx->curlen < 56) { + ctx->buf[ctx->curlen++] = (unsigned char)0; + } + +/* + store length + */ + + STORE32H(ctx->highLength, ctx->buf, 56); + STORE32H(ctx->lowLength, ctx->buf, 60); + + sha256_compress(ctx, ctx->buf); + +/* + copy output + */ + for (i = 0; i < 8; i++) { + STORE32H(ctx->state[i], hval, (4*i)); + } +} + +/******************************************************************************/ diff --git a/src/Crypto/Sha2Small.h b/src/Crypto/Sha2Small.h index 2b79eaf4..1b5c106e 100644 --- a/src/Crypto/Sha2Small.h +++ b/src/Crypto/Sha2Small.h @@ -12,21 +12,21 @@ /* Adapted for VeraCrypt */ -#ifndef _SHA2_SMALL_H +#ifndef _SHA2_SMALL_H #define _SHA2_SMALL_H -#include "Common/Tcdefs.h" +#include "Common/Tcdefs.h" #include "Common/Endian.h" -#define SHA256_DIGEST_SIZE 32 +#define SHA256_DIGEST_SIZE 32 #define SHA256_BLOCK_SIZE 64 -#define VOID_RETURN void -#define INT_RETURN int - -#if defined(__cplusplus) -extern "C" -{ +#define VOID_RETURN void +#define INT_RETURN int + +#if defined(__cplusplus) +extern "C" +{ #endif typedef struct { @@ -40,12 +40,12 @@ typedef struct { /******************************************************************************/ -VOID_RETURN sha256_begin(sha256_ctx* ctx); -VOID_RETURN sha256_hash(unsigned char* data, unsigned int len, sha256_ctx* ctx); +VOID_RETURN sha256_begin(sha256_ctx* ctx); +VOID_RETURN sha256_hash(unsigned char* data, unsigned int len, sha256_ctx* ctx); VOID_RETURN sha256_end(unsigned char* hval, sha256_ctx* ctx); -#if defined(__cplusplus) -} +#if defined(__cplusplus) +} #endif /******************************************************************************/ diff --git a/src/Crypto/Sources b/src/Crypto/Sources index 9b1b988c..6eb7b7b4 100644 --- a/src/Crypto/Sources +++ b/src/Crypto/Sources @@ -1,20 +1,20 @@ -TARGETNAME=Crypto -TARGETTYPE=DRIVER_LIBRARY - -INCLUDES = .. - -NTTARGETFILES = \ - "$(OBJ_PATH)\$(O)\Aes_$(TC_ARCH).obj" \ - "$(OBJ_PATH)\$(O)\Aes_hw_cpu.obj" - -SOURCES = \ - Aes_$(TC_ARCH).asm \ - Aes_hw_cpu.asm \ - Aeskey.c \ - Aestab.c \ - cpu.c \ - Rmd160.c \ - Serpent.c \ - Sha2.c \ - Twofish.c \ - Whirlpool.c +TARGETNAME=Crypto +TARGETTYPE=DRIVER_LIBRARY + +INCLUDES = .. + +NTTARGETFILES = \ + "$(OBJ_PATH)\$(O)\Aes_$(TC_ARCH).obj" \ + "$(OBJ_PATH)\$(O)\Aes_hw_cpu.obj" + +SOURCES = \ + Aes_$(TC_ARCH).asm \ + Aes_hw_cpu.asm \ + Aeskey.c \ + Aestab.c \ + cpu.c \ + Rmd160.c \ + Serpent.c \ + Sha2.c \ + Twofish.c \ + Whirlpool.c diff --git a/src/Crypto/Twofish.c b/src/Crypto/Twofish.c index 2273ac5e..7c58c91e 100644 --- a/src/Crypto/Twofish.c +++ b/src/Crypto/Twofish.c @@ -1,549 +1,549 @@ -/* - --------------------------------------------------------------------------- - Copyright (c) 1999, Dr Brian Gladman, Worcester, UK. All rights reserved. - - LICENSE TERMS - - The free distribution and use of this software is allowed (with or without - changes) provided that: - - 1. source code distributions include the above copyright notice, this - list of conditions and the following disclaimer; - - 2. binary distributions include the above copyright notice, this list - of conditions and the following disclaimer in their documentation; - - 3. the name of the copyright holder is not used to endorse products - built using this software without specific written permission. - - DISCLAIMER - - This software is provided 'as is' with no explicit or implied warranties - in respect of its properties, including, but not limited to, correctness - and/or fitness for purpose. - --------------------------------------------------------------------------- - - My thanks to Doug Whiting and Niels Ferguson for comments that led - to improvements in this implementation. - - Issue Date: 14th January 1999 -*/ - -/* Adapted for TrueCrypt */ -/* Adapted for VeraCrypt */ - - -#ifdef TC_WINDOWS_BOOT -#pragma optimize ("tl", on) -#endif - -#include "Twofish.h" -#include "Common/Endian.h" - -#define Q_TABLES -#define M_TABLE - -#if !defined (TC_MINIMIZE_CODE_SIZE) || defined (TC_WINDOWS_BOOT_TWOFISH) -# define MK_TABLE -# define ONE_STEP -#endif - -/* finite field arithmetic for GF(2**8) with the modular */ -/* polynomial x^8 + x^6 + x^5 + x^3 + 1 (0x169) */ - -#define G_M 0x0169 - -static u1byte tab_5b[4] = { 0, G_M >> 2, G_M >> 1, (G_M >> 1) ^ (G_M >> 2) }; -static u1byte tab_ef[4] = { 0, (G_M >> 1) ^ (G_M >> 2), G_M >> 1, G_M >> 2 }; - -#define ffm_01(x) (x) -#define ffm_5b(x) ((x) ^ ((x) >> 2) ^ tab_5b[(x) & 3]) -#define ffm_ef(x) ((x) ^ ((x) >> 1) ^ ((x) >> 2) ^ tab_ef[(x) & 3]) - -static u1byte ror4[16] = { 0, 8, 1, 9, 2, 10, 3, 11, 4, 12, 5, 13, 6, 14, 7, 15 }; -static u1byte ashx[16] = { 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12, 5, 14, 7 }; - -static u1byte qt0[2][16] = -{ { 8, 1, 7, 13, 6, 15, 3, 2, 0, 11, 5, 9, 14, 12, 10, 4 }, - { 2, 8, 11, 13, 15, 7, 6, 14, 3, 1, 9, 4, 0, 10, 12, 5 } -}; - -static u1byte qt1[2][16] = -{ { 14, 12, 11, 8, 1, 2, 3, 5, 15, 4, 10, 6, 7, 0, 9, 13 }, - { 1, 14, 2, 11, 4, 12, 3, 7, 6, 13, 10, 5, 15, 9, 0, 8 } -}; - -static u1byte qt2[2][16] = -{ { 11, 10, 5, 14, 6, 13, 9, 0, 12, 8, 15, 3, 2, 4, 7, 1 }, - { 4, 12, 7, 5, 1, 6, 9, 10, 0, 14, 13, 8, 2, 11, 3, 15 } -}; - -static u1byte qt3[2][16] = -{ { 13, 7, 15, 4, 1, 2, 6, 14, 9, 11, 3, 0, 8, 5, 12, 10 }, - { 11, 9, 5, 1, 12, 3, 13, 14, 6, 4, 7, 15, 2, 0, 8, 10 } -}; - -static u1byte qp(const u4byte n, const u1byte x) -{ u1byte a0, a1, a2, a3, a4, b0, b1, b2, b3, b4; - - a0 = x >> 4; b0 = x & 15; - a1 = a0 ^ b0; b1 = ror4[b0] ^ ashx[a0]; - a2 = qt0[n][a1]; b2 = qt1[n][b1]; - a3 = a2 ^ b2; b3 = ror4[b2] ^ ashx[a2]; - a4 = qt2[n][a3]; b4 = qt3[n][b3]; - return (b4 << 4) | a4; -}; - -#ifdef Q_TABLES - -static u4byte qt_gen = 0; -static u1byte q_tab[2][256]; - -#define q(n,x) q_tab[n][x] - -static void gen_qtab(void) -{ u4byte i; - - for(i = 0; i < 256; ++i) - { - q(0,i) = qp(0, (u1byte)i); - q(1,i) = qp(1, (u1byte)i); - } -}; - -#else - -#define q(n,x) qp(n, x) - -#endif - -#ifdef M_TABLE - -static u4byte mt_gen = 0; -static u4byte m_tab[4][256]; - -static void gen_mtab(void) -{ u4byte i, f01, f5b, fef; - - for(i = 0; i < 256; ++i) - { - f01 = q(1,i); f5b = ffm_5b(f01); fef = ffm_ef(f01); - m_tab[0][i] = f01 + (f5b << 8) + (fef << 16) + (fef << 24); - m_tab[2][i] = f5b + (fef << 8) + (f01 << 16) + (fef << 24); - - f01 = q(0,i); f5b = ffm_5b(f01); fef = ffm_ef(f01); - m_tab[1][i] = fef + (fef << 8) + (f5b << 16) + (f01 << 24); - m_tab[3][i] = f5b + (f01 << 8) + (fef << 16) + (f5b << 24); - } -}; - -#define mds(n,x) m_tab[n][x] - -#else - -#define fm_00 ffm_01 -#define fm_10 ffm_5b -#define fm_20 ffm_ef -#define fm_30 ffm_ef -#define q_0(x) q(1,x) - -#define fm_01 ffm_ef -#define fm_11 ffm_ef -#define fm_21 ffm_5b -#define fm_31 ffm_01 -#define q_1(x) q(0,x) - -#define fm_02 ffm_5b -#define fm_12 ffm_ef -#define fm_22 ffm_01 -#define fm_32 ffm_ef -#define q_2(x) q(1,x) - -#define fm_03 ffm_5b -#define fm_13 ffm_01 -#define fm_23 ffm_ef -#define fm_33 ffm_5b -#define q_3(x) q(0,x) - -#define f_0(n,x) ((u4byte)fm_0##n(x)) -#define f_1(n,x) ((u4byte)fm_1##n(x) << 8) -#define f_2(n,x) ((u4byte)fm_2##n(x) << 16) -#define f_3(n,x) ((u4byte)fm_3##n(x) << 24) - -#define mds(n,x) f_0(n,q_##n(x)) ^ f_1(n,q_##n(x)) ^ f_2(n,q_##n(x)) ^ f_3(n,q_##n(x)) - -#endif - -static u4byte h_fun(TwofishInstance *instance, const u4byte x, const u4byte key[]) -{ u4byte b0, b1, b2, b3; - -#ifndef M_TABLE - u4byte m5b_b0, m5b_b1, m5b_b2, m5b_b3; - u4byte mef_b0, mef_b1, mef_b2, mef_b3; -#endif - - b0 = extract_byte(x, 0); b1 = extract_byte(x, 1); b2 = extract_byte(x, 2); b3 = extract_byte(x, 3); - - switch(instance->k_len) - { - case 4: b0 = q(1, (u1byte) b0) ^ extract_byte(key[3],0); - b1 = q(0, (u1byte) b1) ^ extract_byte(key[3],1); - b2 = q(0, (u1byte) b2) ^ extract_byte(key[3],2); - b3 = q(1, (u1byte) b3) ^ extract_byte(key[3],3); - case 3: b0 = q(1, (u1byte) b0) ^ extract_byte(key[2],0); - b1 = q(1, (u1byte) b1) ^ extract_byte(key[2],1); - b2 = q(0, (u1byte) b2) ^ extract_byte(key[2],2); - b3 = q(0, (u1byte) b3) ^ extract_byte(key[2],3); - case 2: b0 = q(0, (u1byte) (q(0, (u1byte) b0) ^ extract_byte(key[1],0))) ^ extract_byte(key[0],0); - b1 = q(0, (u1byte) (q(1, (u1byte) b1) ^ extract_byte(key[1],1))) ^ extract_byte(key[0],1); - b2 = q(1, (u1byte) (q(0, (u1byte) b2) ^ extract_byte(key[1],2))) ^ extract_byte(key[0],2); - b3 = q(1, (u1byte) (q(1, (u1byte) b3) ^ extract_byte(key[1],3))) ^ extract_byte(key[0],3); - } -#ifdef M_TABLE - - return mds(0, b0) ^ mds(1, b1) ^ mds(2, b2) ^ mds(3, b3); - -#else - - b0 = q(1, (u1byte) b0); b1 = q(0, (u1byte) b1); b2 = q(1, (u1byte) b2); b3 = q(0, (u1byte) b3); - m5b_b0 = ffm_5b(b0); m5b_b1 = ffm_5b(b1); m5b_b2 = ffm_5b(b2); m5b_b3 = ffm_5b(b3); - mef_b0 = ffm_ef(b0); mef_b1 = ffm_ef(b1); mef_b2 = ffm_ef(b2); mef_b3 = ffm_ef(b3); - b0 ^= mef_b1 ^ m5b_b2 ^ m5b_b3; b3 ^= m5b_b0 ^ mef_b1 ^ mef_b2; - b2 ^= mef_b0 ^ m5b_b1 ^ mef_b3; b1 ^= mef_b0 ^ mef_b2 ^ m5b_b3; - - return b0 | (b3 << 8) | (b2 << 16) | (b1 << 24); - -#endif -}; - -#ifdef MK_TABLE - -#ifdef ONE_STEP -//u4byte mk_tab[4][256]; -#else -static u1byte sb[4][256]; -#endif - -#define q20(x) q(0,q(0,x) ^ extract_byte(key[1],0)) ^ extract_byte(key[0],0) -#define q21(x) q(0,q(1,x) ^ extract_byte(key[1],1)) ^ extract_byte(key[0],1) -#define q22(x) q(1,q(0,x) ^ extract_byte(key[1],2)) ^ extract_byte(key[0],2) -#define q23(x) q(1,q(1,x) ^ extract_byte(key[1],3)) ^ extract_byte(key[0],3) - -#define q30(x) q(0,q(0,q(1, x) ^ extract_byte(key[2],0)) ^ extract_byte(key[1],0)) ^ extract_byte(key[0],0) -#define q31(x) q(0,q(1,q(1, x) ^ extract_byte(key[2],1)) ^ extract_byte(key[1],1)) ^ extract_byte(key[0],1) -#define q32(x) q(1,q(0,q(0, x) ^ extract_byte(key[2],2)) ^ extract_byte(key[1],2)) ^ extract_byte(key[0],2) -#define q33(x) q(1,q(1,q(0, x) ^ extract_byte(key[2],3)) ^ extract_byte(key[1],3)) ^ extract_byte(key[0],3) - -#define q40(x) q(0,q(0,q(1, q(1, x) ^ extract_byte(key[3],0)) ^ extract_byte(key[2],0)) ^ extract_byte(key[1],0)) ^ extract_byte(key[0],0) -#define q41(x) q(0,q(1,q(1, q(0, x) ^ extract_byte(key[3],1)) ^ extract_byte(key[2],1)) ^ extract_byte(key[1],1)) ^ extract_byte(key[0],1) -#define q42(x) q(1,q(0,q(0, q(0, x) ^ extract_byte(key[3],2)) ^ extract_byte(key[2],2)) ^ extract_byte(key[1],2)) ^ extract_byte(key[0],2) -#define q43(x) q(1,q(1,q(0, q(1, x) ^ extract_byte(key[3],3)) ^ extract_byte(key[2],3)) ^ extract_byte(key[1],3)) ^ extract_byte(key[0],3) - -static void gen_mk_tab(TwofishInstance *instance, u4byte key[]) -{ u4byte i; - u1byte by; - - u4byte *mk_tab = instance->mk_tab; - - switch(instance->k_len) - { - case 2: for(i = 0; i < 256; ++i) - { - by = (u1byte)i; -#ifdef ONE_STEP - mk_tab[0 + 4*i] = mds(0, q20(by)); mk_tab[1 + 4*i] = mds(1, q21(by)); - mk_tab[2 + 4*i] = mds(2, q22(by)); mk_tab[3 + 4*i] = mds(3, q23(by)); -#else - sb[0][i] = q20(by); sb[1][i] = q21(by); - sb[2][i] = q22(by); sb[3][i] = q23(by); -#endif - } - break; - - case 3: for(i = 0; i < 256; ++i) - { - by = (u1byte)i; -#ifdef ONE_STEP - mk_tab[0 + 4*i] = mds(0, q30(by)); mk_tab[1 + 4*i] = mds(1, q31(by)); - mk_tab[2 + 4*i] = mds(2, q32(by)); mk_tab[3 + 4*i] = mds(3, q33(by)); -#else - sb[0][i] = q30(by); sb[1][i] = q31(by); - sb[2][i] = q32(by); sb[3][i] = q33(by); -#endif - } - break; - - case 4: for(i = 0; i < 256; ++i) - { - by = (u1byte)i; -#ifdef ONE_STEP - mk_tab[0 + 4*i] = mds(0, q40(by)); mk_tab[1 + 4*i] = mds(1, q41(by)); - mk_tab[2 + 4*i] = mds(2, q42(by)); mk_tab[3 + 4*i] = mds(3, q43(by)); -#else - sb[0][i] = q40(by); sb[1][i] = q41(by); - sb[2][i] = q42(by); sb[3][i] = q43(by); -#endif - } - } -}; - -# ifdef ONE_STEP -# define g0_fun(x) ( mk_tab[0 + 4*extract_byte(x,0)] ^ mk_tab[1 + 4*extract_byte(x,1)] \ - ^ mk_tab[2 + 4*extract_byte(x,2)] ^ mk_tab[3 + 4*extract_byte(x,3)] ) -# define g1_fun(x) ( mk_tab[0 + 4*extract_byte(x,3)] ^ mk_tab[1 + 4*extract_byte(x,0)] \ - ^ mk_tab[2 + 4*extract_byte(x,1)] ^ mk_tab[3 + 4*extract_byte(x,2)] ) - - -# else -# define g0_fun(x) ( mds(0, sb[0][extract_byte(x,0)]) ^ mds(1, sb[1][extract_byte(x,1)]) \ - ^ mds(2, sb[2][extract_byte(x,2)]) ^ mds(3, sb[3][extract_byte(x,3)]) ) -# define g1_fun(x) ( mds(0, sb[0][extract_byte(x,3)]) ^ mds(1, sb[1][extract_byte(x,0)]) \ - ^ mds(2, sb[2][extract_byte(x,1)]) ^ mds(3, sb[3][extract_byte(x,2)]) ) -# endif - -#else - -#define g0_fun(x) h_fun(instance, x, instance->s_key) -#define g1_fun(x) h_fun(instance, rotl(x,8), instance->s_key) - -#endif - -/* The (12,8) Reed Soloman code has the generator polynomial - - g(x) = x^4 + (a + 1/a) * x^3 + a * x^2 + (a + 1/a) * x + 1 - -where the coefficients are in the finite field GF(2^8) with a -modular polynomial a^8 + a^6 + a^3 + a^2 + 1. To generate the -remainder we have to start with a 12th order polynomial with our -eight input bytes as the coefficients of the 4th to 11th terms. -That is: - - m[7] * x^11 + m[6] * x^10 ... + m[0] * x^4 + 0 * x^3 +... + 0 - -We then multiply the generator polynomial by m[7] * x^7 and subtract -it - xor in GF(2^8) - from the above to eliminate the x^7 term (the -artihmetic on the coefficients is done in GF(2^8). We then multiply -the generator polynomial by x^6 * coeff(x^10) and use this to remove -the x^10 term. We carry on in this way until the x^4 term is removed -so that we are left with: - - r[3] * x^3 + r[2] * x^2 + r[1] 8 x^1 + r[0] - -which give the resulting 4 bytes of the remainder. This is equivalent -to the matrix multiplication in the Twofish description but much faster -to implement. - -*/ - -#define G_MOD 0x0000014d - -static u4byte mds_rem(u4byte p0, u4byte p1) -{ u4byte i, t, u; - - for(i = 0; i < 8; ++i) - { - t = p1 >> 24; // get most significant coefficient - - p1 = (p1 << 8) | (p0 >> 24); p0 <<= 8; // shift others up - - // multiply t by a (the primitive element - i.e. left shift) - - u = (t << 1); - - if(t & 0x80) // subtract modular polynomial on overflow - - u ^= G_MOD; - - p1 ^= t ^ (u << 16); // remove t * (a * x^2 + 1) - - u ^= (t >> 1); // form u = a * t + t / a = t * (a + 1 / a); - - if(t & 0x01) // add the modular polynomial on underflow - - u ^= G_MOD >> 1; - - p1 ^= (u << 24) | (u << 8); // remove t * (a + 1/a) * (x^3 + x) - } - - return p1; -}; - -/* initialise the key schedule from the user supplied key */ - -u4byte *twofish_set_key(TwofishInstance *instance, const u4byte in_key[]) -{ u4byte i, a, b, me_key[4], mo_key[4]; - u4byte *l_key, *s_key; - - l_key = instance->l_key; - s_key = instance->s_key; - -#ifdef Q_TABLES - if(!qt_gen) - { - gen_qtab(); qt_gen = 1; - } -#endif - -#ifdef M_TABLE - if(!mt_gen) - { - gen_mtab(); mt_gen = 1; - } -#endif - - instance->k_len = 4; - - for(i = 0; i < instance->k_len; ++i) - { - a = LE32(in_key[i + i]); me_key[i] = a; - b = LE32(in_key[i + i + 1]); mo_key[i] = b; - s_key[instance->k_len - i - 1] = mds_rem(a, b); - } - - for(i = 0; i < 40; i += 2) - { - a = 0x01010101 * i; b = a + 0x01010101; - a = h_fun(instance, a, me_key); - b = rotl(h_fun(instance, b, mo_key), 8); - l_key[i] = a + b; - l_key[i + 1] = rotl(a + 2 * b, 9); - } - -#ifdef MK_TABLE - gen_mk_tab(instance, s_key); -#endif - - return l_key; -}; - -/* encrypt a block of text */ - -#ifndef TC_MINIMIZE_CODE_SIZE - -#define f_rnd(i) \ - t1 = g1_fun(blk[1]); t0 = g0_fun(blk[0]); \ - blk[2] = rotr(blk[2] ^ (t0 + t1 + l_key[4 * (i) + 8]), 1); \ - blk[3] = rotl(blk[3], 1) ^ (t0 + 2 * t1 + l_key[4 * (i) + 9]); \ - t1 = g1_fun(blk[3]); t0 = g0_fun(blk[2]); \ - blk[0] = rotr(blk[0] ^ (t0 + t1 + l_key[4 * (i) + 10]), 1); \ - blk[1] = rotl(blk[1], 1) ^ (t0 + 2 * t1 + l_key[4 * (i) + 11]) - -void twofish_encrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[]) -{ u4byte t0, t1, blk[4]; - - u4byte *l_key = instance->l_key; - u4byte *mk_tab = instance->mk_tab; - - blk[0] = LE32(in_blk[0]) ^ l_key[0]; - blk[1] = LE32(in_blk[1]) ^ l_key[1]; - blk[2] = LE32(in_blk[2]) ^ l_key[2]; - blk[3] = LE32(in_blk[3]) ^ l_key[3]; - - f_rnd(0); f_rnd(1); f_rnd(2); f_rnd(3); - f_rnd(4); f_rnd(5); f_rnd(6); f_rnd(7); - - out_blk[0] = LE32(blk[2] ^ l_key[4]); - out_blk[1] = LE32(blk[3] ^ l_key[5]); - out_blk[2] = LE32(blk[0] ^ l_key[6]); - out_blk[3] = LE32(blk[1] ^ l_key[7]); -}; - -#else // TC_MINIMIZE_CODE_SIZE - -void twofish_encrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[]) -{ u4byte t0, t1, blk[4]; - - u4byte *l_key = instance->l_key; -#ifdef TC_WINDOWS_BOOT_TWOFISH - u4byte *mk_tab = instance->mk_tab; -#endif - int i; - - blk[0] = LE32(in_blk[0]) ^ l_key[0]; - blk[1] = LE32(in_blk[1]) ^ l_key[1]; - blk[2] = LE32(in_blk[2]) ^ l_key[2]; - blk[3] = LE32(in_blk[3]) ^ l_key[3]; - - for (i = 0; i <= 7; ++i) - { - t1 = g1_fun(blk[1]); t0 = g0_fun(blk[0]); - blk[2] = rotr(blk[2] ^ (t0 + t1 + l_key[4 * (i) + 8]), 1); - blk[3] = rotl(blk[3], 1) ^ (t0 + 2 * t1 + l_key[4 * (i) + 9]); - t1 = g1_fun(blk[3]); t0 = g0_fun(blk[2]); - blk[0] = rotr(blk[0] ^ (t0 + t1 + l_key[4 * (i) + 10]), 1); - blk[1] = rotl(blk[1], 1) ^ (t0 + 2 * t1 + l_key[4 * (i) + 11]); - } - - out_blk[0] = LE32(blk[2] ^ l_key[4]); - out_blk[1] = LE32(blk[3] ^ l_key[5]); - out_blk[2] = LE32(blk[0] ^ l_key[6]); - out_blk[3] = LE32(blk[1] ^ l_key[7]); -}; - -#endif // TC_MINIMIZE_CODE_SIZE - -/* decrypt a block of text */ - -#ifndef TC_MINIMIZE_CODE_SIZE - -#define i_rnd(i) \ - t1 = g1_fun(blk[1]); t0 = g0_fun(blk[0]); \ - blk[2] = rotl(blk[2], 1) ^ (t0 + t1 + l_key[4 * (i) + 10]); \ - blk[3] = rotr(blk[3] ^ (t0 + 2 * t1 + l_key[4 * (i) + 11]), 1); \ - t1 = g1_fun(blk[3]); t0 = g0_fun(blk[2]); \ - blk[0] = rotl(blk[0], 1) ^ (t0 + t1 + l_key[4 * (i) + 8]); \ - blk[1] = rotr(blk[1] ^ (t0 + 2 * t1 + l_key[4 * (i) + 9]), 1) - -void twofish_decrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[4]) -{ u4byte t0, t1, blk[4]; - - u4byte *l_key = instance->l_key; - u4byte *mk_tab = instance->mk_tab; - - blk[0] = LE32(in_blk[0]) ^ l_key[4]; - blk[1] = LE32(in_blk[1]) ^ l_key[5]; - blk[2] = LE32(in_blk[2]) ^ l_key[6]; - blk[3] = LE32(in_blk[3]) ^ l_key[7]; - - i_rnd(7); i_rnd(6); i_rnd(5); i_rnd(4); - i_rnd(3); i_rnd(2); i_rnd(1); i_rnd(0); - - out_blk[0] = LE32(blk[2] ^ l_key[0]); - out_blk[1] = LE32(blk[3] ^ l_key[1]); - out_blk[2] = LE32(blk[0] ^ l_key[2]); - out_blk[3] = LE32(blk[1] ^ l_key[3]); -}; - -#else // TC_MINIMIZE_CODE_SIZE - -void twofish_decrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[4]) -{ u4byte t0, t1, blk[4]; - - u4byte *l_key = instance->l_key; -#ifdef TC_WINDOWS_BOOT_TWOFISH - u4byte *mk_tab = instance->mk_tab; -#endif - int i; - - blk[0] = LE32(in_blk[0]) ^ l_key[4]; - blk[1] = LE32(in_blk[1]) ^ l_key[5]; - blk[2] = LE32(in_blk[2]) ^ l_key[6]; - blk[3] = LE32(in_blk[3]) ^ l_key[7]; - - for (i = 7; i >= 0; --i) - { - t1 = g1_fun(blk[1]); t0 = g0_fun(blk[0]); - blk[2] = rotl(blk[2], 1) ^ (t0 + t1 + l_key[4 * (i) + 10]); - blk[3] = rotr(blk[3] ^ (t0 + 2 * t1 + l_key[4 * (i) + 11]), 1); - t1 = g1_fun(blk[3]); t0 = g0_fun(blk[2]); - blk[0] = rotl(blk[0], 1) ^ (t0 + t1 + l_key[4 * (i) + 8]); - blk[1] = rotr(blk[1] ^ (t0 + 2 * t1 + l_key[4 * (i) + 9]), 1); - } - - out_blk[0] = LE32(blk[2] ^ l_key[0]); - out_blk[1] = LE32(blk[3] ^ l_key[1]); - out_blk[2] = LE32(blk[0] ^ l_key[2]); - out_blk[3] = LE32(blk[1] ^ l_key[3]); -}; - -#endif // TC_MINIMIZE_CODE_SIZE +/* + --------------------------------------------------------------------------- + Copyright (c) 1999, Dr Brian Gladman, Worcester, UK. All rights reserved. + + LICENSE TERMS + + The free distribution and use of this software is allowed (with or without + changes) provided that: + + 1. source code distributions include the above copyright notice, this + list of conditions and the following disclaimer; + + 2. binary distributions include the above copyright notice, this list + of conditions and the following disclaimer in their documentation; + + 3. the name of the copyright holder is not used to endorse products + built using this software without specific written permission. + + DISCLAIMER + + This software is provided 'as is' with no explicit or implied warranties + in respect of its properties, including, but not limited to, correctness + and/or fitness for purpose. + --------------------------------------------------------------------------- + + My thanks to Doug Whiting and Niels Ferguson for comments that led + to improvements in this implementation. + + Issue Date: 14th January 1999 +*/ + +/* Adapted for TrueCrypt */ +/* Adapted for VeraCrypt */ + + +#ifdef TC_WINDOWS_BOOT +#pragma optimize ("tl", on) +#endif + +#include "Twofish.h" +#include "Common/Endian.h" + +#define Q_TABLES +#define M_TABLE + +#if !defined (TC_MINIMIZE_CODE_SIZE) || defined (TC_WINDOWS_BOOT_TWOFISH) +# define MK_TABLE +# define ONE_STEP +#endif + +/* finite field arithmetic for GF(2**8) with the modular */ +/* polynomial x^8 + x^6 + x^5 + x^3 + 1 (0x169) */ + +#define G_M 0x0169 + +static u1byte tab_5b[4] = { 0, G_M >> 2, G_M >> 1, (G_M >> 1) ^ (G_M >> 2) }; +static u1byte tab_ef[4] = { 0, (G_M >> 1) ^ (G_M >> 2), G_M >> 1, G_M >> 2 }; + +#define ffm_01(x) (x) +#define ffm_5b(x) ((x) ^ ((x) >> 2) ^ tab_5b[(x) & 3]) +#define ffm_ef(x) ((x) ^ ((x) >> 1) ^ ((x) >> 2) ^ tab_ef[(x) & 3]) + +static u1byte ror4[16] = { 0, 8, 1, 9, 2, 10, 3, 11, 4, 12, 5, 13, 6, 14, 7, 15 }; +static u1byte ashx[16] = { 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12, 5, 14, 7 }; + +static u1byte qt0[2][16] = +{ { 8, 1, 7, 13, 6, 15, 3, 2, 0, 11, 5, 9, 14, 12, 10, 4 }, + { 2, 8, 11, 13, 15, 7, 6, 14, 3, 1, 9, 4, 0, 10, 12, 5 } +}; + +static u1byte qt1[2][16] = +{ { 14, 12, 11, 8, 1, 2, 3, 5, 15, 4, 10, 6, 7, 0, 9, 13 }, + { 1, 14, 2, 11, 4, 12, 3, 7, 6, 13, 10, 5, 15, 9, 0, 8 } +}; + +static u1byte qt2[2][16] = +{ { 11, 10, 5, 14, 6, 13, 9, 0, 12, 8, 15, 3, 2, 4, 7, 1 }, + { 4, 12, 7, 5, 1, 6, 9, 10, 0, 14, 13, 8, 2, 11, 3, 15 } +}; + +static u1byte qt3[2][16] = +{ { 13, 7, 15, 4, 1, 2, 6, 14, 9, 11, 3, 0, 8, 5, 12, 10 }, + { 11, 9, 5, 1, 12, 3, 13, 14, 6, 4, 7, 15, 2, 0, 8, 10 } +}; + +static u1byte qp(const u4byte n, const u1byte x) +{ u1byte a0, a1, a2, a3, a4, b0, b1, b2, b3, b4; + + a0 = x >> 4; b0 = x & 15; + a1 = a0 ^ b0; b1 = ror4[b0] ^ ashx[a0]; + a2 = qt0[n][a1]; b2 = qt1[n][b1]; + a3 = a2 ^ b2; b3 = ror4[b2] ^ ashx[a2]; + a4 = qt2[n][a3]; b4 = qt3[n][b3]; + return (b4 << 4) | a4; +}; + +#ifdef Q_TABLES + +static u4byte qt_gen = 0; +static u1byte q_tab[2][256]; + +#define q(n,x) q_tab[n][x] + +static void gen_qtab(void) +{ u4byte i; + + for(i = 0; i < 256; ++i) + { + q(0,i) = qp(0, (u1byte)i); + q(1,i) = qp(1, (u1byte)i); + } +}; + +#else + +#define q(n,x) qp(n, x) + +#endif + +#ifdef M_TABLE + +static u4byte mt_gen = 0; +static u4byte m_tab[4][256]; + +static void gen_mtab(void) +{ u4byte i, f01, f5b, fef; + + for(i = 0; i < 256; ++i) + { + f01 = q(1,i); f5b = ffm_5b(f01); fef = ffm_ef(f01); + m_tab[0][i] = f01 + (f5b << 8) + (fef << 16) + (fef << 24); + m_tab[2][i] = f5b + (fef << 8) + (f01 << 16) + (fef << 24); + + f01 = q(0,i); f5b = ffm_5b(f01); fef = ffm_ef(f01); + m_tab[1][i] = fef + (fef << 8) + (f5b << 16) + (f01 << 24); + m_tab[3][i] = f5b + (f01 << 8) + (fef << 16) + (f5b << 24); + } +}; + +#define mds(n,x) m_tab[n][x] + +#else + +#define fm_00 ffm_01 +#define fm_10 ffm_5b +#define fm_20 ffm_ef +#define fm_30 ffm_ef +#define q_0(x) q(1,x) + +#define fm_01 ffm_ef +#define fm_11 ffm_ef +#define fm_21 ffm_5b +#define fm_31 ffm_01 +#define q_1(x) q(0,x) + +#define fm_02 ffm_5b +#define fm_12 ffm_ef +#define fm_22 ffm_01 +#define fm_32 ffm_ef +#define q_2(x) q(1,x) + +#define fm_03 ffm_5b +#define fm_13 ffm_01 +#define fm_23 ffm_ef +#define fm_33 ffm_5b +#define q_3(x) q(0,x) + +#define f_0(n,x) ((u4byte)fm_0##n(x)) +#define f_1(n,x) ((u4byte)fm_1##n(x) << 8) +#define f_2(n,x) ((u4byte)fm_2##n(x) << 16) +#define f_3(n,x) ((u4byte)fm_3##n(x) << 24) + +#define mds(n,x) f_0(n,q_##n(x)) ^ f_1(n,q_##n(x)) ^ f_2(n,q_##n(x)) ^ f_3(n,q_##n(x)) + +#endif + +static u4byte h_fun(TwofishInstance *instance, const u4byte x, const u4byte key[]) +{ u4byte b0, b1, b2, b3; + +#ifndef M_TABLE + u4byte m5b_b0, m5b_b1, m5b_b2, m5b_b3; + u4byte mef_b0, mef_b1, mef_b2, mef_b3; +#endif + + b0 = extract_byte(x, 0); b1 = extract_byte(x, 1); b2 = extract_byte(x, 2); b3 = extract_byte(x, 3); + + switch(instance->k_len) + { + case 4: b0 = q(1, (u1byte) b0) ^ extract_byte(key[3],0); + b1 = q(0, (u1byte) b1) ^ extract_byte(key[3],1); + b2 = q(0, (u1byte) b2) ^ extract_byte(key[3],2); + b3 = q(1, (u1byte) b3) ^ extract_byte(key[3],3); + case 3: b0 = q(1, (u1byte) b0) ^ extract_byte(key[2],0); + b1 = q(1, (u1byte) b1) ^ extract_byte(key[2],1); + b2 = q(0, (u1byte) b2) ^ extract_byte(key[2],2); + b3 = q(0, (u1byte) b3) ^ extract_byte(key[2],3); + case 2: b0 = q(0, (u1byte) (q(0, (u1byte) b0) ^ extract_byte(key[1],0))) ^ extract_byte(key[0],0); + b1 = q(0, (u1byte) (q(1, (u1byte) b1) ^ extract_byte(key[1],1))) ^ extract_byte(key[0],1); + b2 = q(1, (u1byte) (q(0, (u1byte) b2) ^ extract_byte(key[1],2))) ^ extract_byte(key[0],2); + b3 = q(1, (u1byte) (q(1, (u1byte) b3) ^ extract_byte(key[1],3))) ^ extract_byte(key[0],3); + } +#ifdef M_TABLE + + return mds(0, b0) ^ mds(1, b1) ^ mds(2, b2) ^ mds(3, b3); + +#else + + b0 = q(1, (u1byte) b0); b1 = q(0, (u1byte) b1); b2 = q(1, (u1byte) b2); b3 = q(0, (u1byte) b3); + m5b_b0 = ffm_5b(b0); m5b_b1 = ffm_5b(b1); m5b_b2 = ffm_5b(b2); m5b_b3 = ffm_5b(b3); + mef_b0 = ffm_ef(b0); mef_b1 = ffm_ef(b1); mef_b2 = ffm_ef(b2); mef_b3 = ffm_ef(b3); + b0 ^= mef_b1 ^ m5b_b2 ^ m5b_b3; b3 ^= m5b_b0 ^ mef_b1 ^ mef_b2; + b2 ^= mef_b0 ^ m5b_b1 ^ mef_b3; b1 ^= mef_b0 ^ mef_b2 ^ m5b_b3; + + return b0 | (b3 << 8) | (b2 << 16) | (b1 << 24); + +#endif +}; + +#ifdef MK_TABLE + +#ifdef ONE_STEP +//u4byte mk_tab[4][256]; +#else +static u1byte sb[4][256]; +#endif + +#define q20(x) q(0,q(0,x) ^ extract_byte(key[1],0)) ^ extract_byte(key[0],0) +#define q21(x) q(0,q(1,x) ^ extract_byte(key[1],1)) ^ extract_byte(key[0],1) +#define q22(x) q(1,q(0,x) ^ extract_byte(key[1],2)) ^ extract_byte(key[0],2) +#define q23(x) q(1,q(1,x) ^ extract_byte(key[1],3)) ^ extract_byte(key[0],3) + +#define q30(x) q(0,q(0,q(1, x) ^ extract_byte(key[2],0)) ^ extract_byte(key[1],0)) ^ extract_byte(key[0],0) +#define q31(x) q(0,q(1,q(1, x) ^ extract_byte(key[2],1)) ^ extract_byte(key[1],1)) ^ extract_byte(key[0],1) +#define q32(x) q(1,q(0,q(0, x) ^ extract_byte(key[2],2)) ^ extract_byte(key[1],2)) ^ extract_byte(key[0],2) +#define q33(x) q(1,q(1,q(0, x) ^ extract_byte(key[2],3)) ^ extract_byte(key[1],3)) ^ extract_byte(key[0],3) + +#define q40(x) q(0,q(0,q(1, q(1, x) ^ extract_byte(key[3],0)) ^ extract_byte(key[2],0)) ^ extract_byte(key[1],0)) ^ extract_byte(key[0],0) +#define q41(x) q(0,q(1,q(1, q(0, x) ^ extract_byte(key[3],1)) ^ extract_byte(key[2],1)) ^ extract_byte(key[1],1)) ^ extract_byte(key[0],1) +#define q42(x) q(1,q(0,q(0, q(0, x) ^ extract_byte(key[3],2)) ^ extract_byte(key[2],2)) ^ extract_byte(key[1],2)) ^ extract_byte(key[0],2) +#define q43(x) q(1,q(1,q(0, q(1, x) ^ extract_byte(key[3],3)) ^ extract_byte(key[2],3)) ^ extract_byte(key[1],3)) ^ extract_byte(key[0],3) + +static void gen_mk_tab(TwofishInstance *instance, u4byte key[]) +{ u4byte i; + u1byte by; + + u4byte *mk_tab = instance->mk_tab; + + switch(instance->k_len) + { + case 2: for(i = 0; i < 256; ++i) + { + by = (u1byte)i; +#ifdef ONE_STEP + mk_tab[0 + 4*i] = mds(0, q20(by)); mk_tab[1 + 4*i] = mds(1, q21(by)); + mk_tab[2 + 4*i] = mds(2, q22(by)); mk_tab[3 + 4*i] = mds(3, q23(by)); +#else + sb[0][i] = q20(by); sb[1][i] = q21(by); + sb[2][i] = q22(by); sb[3][i] = q23(by); +#endif + } + break; + + case 3: for(i = 0; i < 256; ++i) + { + by = (u1byte)i; +#ifdef ONE_STEP + mk_tab[0 + 4*i] = mds(0, q30(by)); mk_tab[1 + 4*i] = mds(1, q31(by)); + mk_tab[2 + 4*i] = mds(2, q32(by)); mk_tab[3 + 4*i] = mds(3, q33(by)); +#else + sb[0][i] = q30(by); sb[1][i] = q31(by); + sb[2][i] = q32(by); sb[3][i] = q33(by); +#endif + } + break; + + case 4: for(i = 0; i < 256; ++i) + { + by = (u1byte)i; +#ifdef ONE_STEP + mk_tab[0 + 4*i] = mds(0, q40(by)); mk_tab[1 + 4*i] = mds(1, q41(by)); + mk_tab[2 + 4*i] = mds(2, q42(by)); mk_tab[3 + 4*i] = mds(3, q43(by)); +#else + sb[0][i] = q40(by); sb[1][i] = q41(by); + sb[2][i] = q42(by); sb[3][i] = q43(by); +#endif + } + } +}; + +# ifdef ONE_STEP +# define g0_fun(x) ( mk_tab[0 + 4*extract_byte(x,0)] ^ mk_tab[1 + 4*extract_byte(x,1)] \ + ^ mk_tab[2 + 4*extract_byte(x,2)] ^ mk_tab[3 + 4*extract_byte(x,3)] ) +# define g1_fun(x) ( mk_tab[0 + 4*extract_byte(x,3)] ^ mk_tab[1 + 4*extract_byte(x,0)] \ + ^ mk_tab[2 + 4*extract_byte(x,1)] ^ mk_tab[3 + 4*extract_byte(x,2)] ) + + +# else +# define g0_fun(x) ( mds(0, sb[0][extract_byte(x,0)]) ^ mds(1, sb[1][extract_byte(x,1)]) \ + ^ mds(2, sb[2][extract_byte(x,2)]) ^ mds(3, sb[3][extract_byte(x,3)]) ) +# define g1_fun(x) ( mds(0, sb[0][extract_byte(x,3)]) ^ mds(1, sb[1][extract_byte(x,0)]) \ + ^ mds(2, sb[2][extract_byte(x,1)]) ^ mds(3, sb[3][extract_byte(x,2)]) ) +# endif + +#else + +#define g0_fun(x) h_fun(instance, x, instance->s_key) +#define g1_fun(x) h_fun(instance, rotl(x,8), instance->s_key) + +#endif + +/* The (12,8) Reed Soloman code has the generator polynomial + + g(x) = x^4 + (a + 1/a) * x^3 + a * x^2 + (a + 1/a) * x + 1 + +where the coefficients are in the finite field GF(2^8) with a +modular polynomial a^8 + a^6 + a^3 + a^2 + 1. To generate the +remainder we have to start with a 12th order polynomial with our +eight input bytes as the coefficients of the 4th to 11th terms. +That is: + + m[7] * x^11 + m[6] * x^10 ... + m[0] * x^4 + 0 * x^3 +... + 0 + +We then multiply the generator polynomial by m[7] * x^7 and subtract +it - xor in GF(2^8) - from the above to eliminate the x^7 term (the +artihmetic on the coefficients is done in GF(2^8). We then multiply +the generator polynomial by x^6 * coeff(x^10) and use this to remove +the x^10 term. We carry on in this way until the x^4 term is removed +so that we are left with: + + r[3] * x^3 + r[2] * x^2 + r[1] 8 x^1 + r[0] + +which give the resulting 4 bytes of the remainder. This is equivalent +to the matrix multiplication in the Twofish description but much faster +to implement. + +*/ + +#define G_MOD 0x0000014d + +static u4byte mds_rem(u4byte p0, u4byte p1) +{ u4byte i, t, u; + + for(i = 0; i < 8; ++i) + { + t = p1 >> 24; // get most significant coefficient + + p1 = (p1 << 8) | (p0 >> 24); p0 <<= 8; // shift others up + + // multiply t by a (the primitive element - i.e. left shift) + + u = (t << 1); + + if(t & 0x80) // subtract modular polynomial on overflow + + u ^= G_MOD; + + p1 ^= t ^ (u << 16); // remove t * (a * x^2 + 1) + + u ^= (t >> 1); // form u = a * t + t / a = t * (a + 1 / a); + + if(t & 0x01) // add the modular polynomial on underflow + + u ^= G_MOD >> 1; + + p1 ^= (u << 24) | (u << 8); // remove t * (a + 1/a) * (x^3 + x) + } + + return p1; +}; + +/* initialise the key schedule from the user supplied key */ + +u4byte *twofish_set_key(TwofishInstance *instance, const u4byte in_key[]) +{ u4byte i, a, b, me_key[4], mo_key[4]; + u4byte *l_key, *s_key; + + l_key = instance->l_key; + s_key = instance->s_key; + +#ifdef Q_TABLES + if(!qt_gen) + { + gen_qtab(); qt_gen = 1; + } +#endif + +#ifdef M_TABLE + if(!mt_gen) + { + gen_mtab(); mt_gen = 1; + } +#endif + + instance->k_len = 4; + + for(i = 0; i < instance->k_len; ++i) + { + a = LE32(in_key[i + i]); me_key[i] = a; + b = LE32(in_key[i + i + 1]); mo_key[i] = b; + s_key[instance->k_len - i - 1] = mds_rem(a, b); + } + + for(i = 0; i < 40; i += 2) + { + a = 0x01010101 * i; b = a + 0x01010101; + a = h_fun(instance, a, me_key); + b = rotl(h_fun(instance, b, mo_key), 8); + l_key[i] = a + b; + l_key[i + 1] = rotl(a + 2 * b, 9); + } + +#ifdef MK_TABLE + gen_mk_tab(instance, s_key); +#endif + + return l_key; +}; + +/* encrypt a block of text */ + +#ifndef TC_MINIMIZE_CODE_SIZE + +#define f_rnd(i) \ + t1 = g1_fun(blk[1]); t0 = g0_fun(blk[0]); \ + blk[2] = rotr(blk[2] ^ (t0 + t1 + l_key[4 * (i) + 8]), 1); \ + blk[3] = rotl(blk[3], 1) ^ (t0 + 2 * t1 + l_key[4 * (i) + 9]); \ + t1 = g1_fun(blk[3]); t0 = g0_fun(blk[2]); \ + blk[0] = rotr(blk[0] ^ (t0 + t1 + l_key[4 * (i) + 10]), 1); \ + blk[1] = rotl(blk[1], 1) ^ (t0 + 2 * t1 + l_key[4 * (i) + 11]) + +void twofish_encrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[]) +{ u4byte t0, t1, blk[4]; + + u4byte *l_key = instance->l_key; + u4byte *mk_tab = instance->mk_tab; + + blk[0] = LE32(in_blk[0]) ^ l_key[0]; + blk[1] = LE32(in_blk[1]) ^ l_key[1]; + blk[2] = LE32(in_blk[2]) ^ l_key[2]; + blk[3] = LE32(in_blk[3]) ^ l_key[3]; + + f_rnd(0); f_rnd(1); f_rnd(2); f_rnd(3); + f_rnd(4); f_rnd(5); f_rnd(6); f_rnd(7); + + out_blk[0] = LE32(blk[2] ^ l_key[4]); + out_blk[1] = LE32(blk[3] ^ l_key[5]); + out_blk[2] = LE32(blk[0] ^ l_key[6]); + out_blk[3] = LE32(blk[1] ^ l_key[7]); +}; + +#else // TC_MINIMIZE_CODE_SIZE + +void twofish_encrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[]) +{ u4byte t0, t1, blk[4]; + + u4byte *l_key = instance->l_key; +#ifdef TC_WINDOWS_BOOT_TWOFISH + u4byte *mk_tab = instance->mk_tab; +#endif + int i; + + blk[0] = LE32(in_blk[0]) ^ l_key[0]; + blk[1] = LE32(in_blk[1]) ^ l_key[1]; + blk[2] = LE32(in_blk[2]) ^ l_key[2]; + blk[3] = LE32(in_blk[3]) ^ l_key[3]; + + for (i = 0; i <= 7; ++i) + { + t1 = g1_fun(blk[1]); t0 = g0_fun(blk[0]); + blk[2] = rotr(blk[2] ^ (t0 + t1 + l_key[4 * (i) + 8]), 1); + blk[3] = rotl(blk[3], 1) ^ (t0 + 2 * t1 + l_key[4 * (i) + 9]); + t1 = g1_fun(blk[3]); t0 = g0_fun(blk[2]); + blk[0] = rotr(blk[0] ^ (t0 + t1 + l_key[4 * (i) + 10]), 1); + blk[1] = rotl(blk[1], 1) ^ (t0 + 2 * t1 + l_key[4 * (i) + 11]); + } + + out_blk[0] = LE32(blk[2] ^ l_key[4]); + out_blk[1] = LE32(blk[3] ^ l_key[5]); + out_blk[2] = LE32(blk[0] ^ l_key[6]); + out_blk[3] = LE32(blk[1] ^ l_key[7]); +}; + +#endif // TC_MINIMIZE_CODE_SIZE + +/* decrypt a block of text */ + +#ifndef TC_MINIMIZE_CODE_SIZE + +#define i_rnd(i) \ + t1 = g1_fun(blk[1]); t0 = g0_fun(blk[0]); \ + blk[2] = rotl(blk[2], 1) ^ (t0 + t1 + l_key[4 * (i) + 10]); \ + blk[3] = rotr(blk[3] ^ (t0 + 2 * t1 + l_key[4 * (i) + 11]), 1); \ + t1 = g1_fun(blk[3]); t0 = g0_fun(blk[2]); \ + blk[0] = rotl(blk[0], 1) ^ (t0 + t1 + l_key[4 * (i) + 8]); \ + blk[1] = rotr(blk[1] ^ (t0 + 2 * t1 + l_key[4 * (i) + 9]), 1) + +void twofish_decrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[4]) +{ u4byte t0, t1, blk[4]; + + u4byte *l_key = instance->l_key; + u4byte *mk_tab = instance->mk_tab; + + blk[0] = LE32(in_blk[0]) ^ l_key[4]; + blk[1] = LE32(in_blk[1]) ^ l_key[5]; + blk[2] = LE32(in_blk[2]) ^ l_key[6]; + blk[3] = LE32(in_blk[3]) ^ l_key[7]; + + i_rnd(7); i_rnd(6); i_rnd(5); i_rnd(4); + i_rnd(3); i_rnd(2); i_rnd(1); i_rnd(0); + + out_blk[0] = LE32(blk[2] ^ l_key[0]); + out_blk[1] = LE32(blk[3] ^ l_key[1]); + out_blk[2] = LE32(blk[0] ^ l_key[2]); + out_blk[3] = LE32(blk[1] ^ l_key[3]); +}; + +#else // TC_MINIMIZE_CODE_SIZE + +void twofish_decrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[4]) +{ u4byte t0, t1, blk[4]; + + u4byte *l_key = instance->l_key; +#ifdef TC_WINDOWS_BOOT_TWOFISH + u4byte *mk_tab = instance->mk_tab; +#endif + int i; + + blk[0] = LE32(in_blk[0]) ^ l_key[4]; + blk[1] = LE32(in_blk[1]) ^ l_key[5]; + blk[2] = LE32(in_blk[2]) ^ l_key[6]; + blk[3] = LE32(in_blk[3]) ^ l_key[7]; + + for (i = 7; i >= 0; --i) + { + t1 = g1_fun(blk[1]); t0 = g0_fun(blk[0]); + blk[2] = rotl(blk[2], 1) ^ (t0 + t1 + l_key[4 * (i) + 10]); + blk[3] = rotr(blk[3] ^ (t0 + 2 * t1 + l_key[4 * (i) + 11]), 1); + t1 = g1_fun(blk[3]); t0 = g0_fun(blk[2]); + blk[0] = rotl(blk[0], 1) ^ (t0 + t1 + l_key[4 * (i) + 8]); + blk[1] = rotr(blk[1] ^ (t0 + 2 * t1 + l_key[4 * (i) + 9]), 1); + } + + out_blk[0] = LE32(blk[2] ^ l_key[0]); + out_blk[1] = LE32(blk[3] ^ l_key[1]); + out_blk[2] = LE32(blk[0] ^ l_key[2]); + out_blk[3] = LE32(blk[1] ^ l_key[3]); +}; + +#endif // TC_MINIMIZE_CODE_SIZE diff --git a/src/Crypto/Twofish.h b/src/Crypto/Twofish.h index ed400257..1011608e 100644 --- a/src/Crypto/Twofish.h +++ b/src/Crypto/Twofish.h @@ -1,56 +1,56 @@ -#ifndef TWOFISH_H -#define TWOFISH_H - -#include "Common/Tcdefs.h" - -#if defined(__cplusplus) -extern "C" -{ -#endif - -#ifndef u4byte -#define u4byte unsigned __int32 -#endif -#ifndef u1byte -#define u1byte unsigned char -#endif - -#ifndef extract_byte -#define extract_byte(x,n) ((u1byte)((x) >> (8 * n))) -#endif - -#ifndef rotl - -#ifdef _WIN32 -#include -#pragma intrinsic(_lrotr,_lrotl) -#define rotr(x,n) _lrotr(x,n) -#define rotl(x,n) _lrotl(x,n) -#else -#define rotr(x,n) (((x)>>(n))|((x)<<(32-(n)))) -#define rotl(x,n) (((x)<<(n))|((x)>>(32-(n)))) -#endif - -#endif -typedef struct -{ - u4byte l_key[40]; - u4byte s_key[4]; -#if !defined (TC_MINIMIZE_CODE_SIZE) || defined (TC_WINDOWS_BOOT_TWOFISH) - u4byte mk_tab[4 * 256]; -#endif - u4byte k_len; -} TwofishInstance; - -#define TWOFISH_KS sizeof(TwofishInstance) - -/* in_key must be 32-bytes long */ -u4byte * twofish_set_key(TwofishInstance *instance, const u4byte in_key[]); -void twofish_encrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[]); -void twofish_decrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[4]); - -#if defined(__cplusplus) -} -#endif - -#endif // TWOFISH_H +#ifndef TWOFISH_H +#define TWOFISH_H + +#include "Common/Tcdefs.h" + +#if defined(__cplusplus) +extern "C" +{ +#endif + +#ifndef u4byte +#define u4byte unsigned __int32 +#endif +#ifndef u1byte +#define u1byte unsigned char +#endif + +#ifndef extract_byte +#define extract_byte(x,n) ((u1byte)((x) >> (8 * n))) +#endif + +#ifndef rotl + +#ifdef _WIN32 +#include +#pragma intrinsic(_lrotr,_lrotl) +#define rotr(x,n) _lrotr(x,n) +#define rotl(x,n) _lrotl(x,n) +#else +#define rotr(x,n) (((x)>>(n))|((x)<<(32-(n)))) +#define rotl(x,n) (((x)<<(n))|((x)>>(32-(n)))) +#endif + +#endif +typedef struct +{ + u4byte l_key[40]; + u4byte s_key[4]; +#if !defined (TC_MINIMIZE_CODE_SIZE) || defined (TC_WINDOWS_BOOT_TWOFISH) + u4byte mk_tab[4 * 256]; +#endif + u4byte k_len; +} TwofishInstance; + +#define TWOFISH_KS sizeof(TwofishInstance) + +/* in_key must be 32-bytes long */ +u4byte * twofish_set_key(TwofishInstance *instance, const u4byte in_key[]); +void twofish_encrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[]); +void twofish_decrypt(TwofishInstance *instance, const u4byte in_blk[4], u4byte out_blk[4]); + +#if defined(__cplusplus) +} +#endif + +#endif // TWOFISH_H diff --git a/src/Crypto/Whirlpool.h b/src/Crypto/Whirlpool.h index df8aa7ac..9e771935 100644 --- a/src/Crypto/Whirlpool.h +++ b/src/Crypto/Whirlpool.h @@ -1,27 +1,27 @@ -#ifndef WHIRLPOOL_H -#define WHIRLPOOL_H 1 - -#include "Common/Tcdefs.h" -#include "config.h" - -typedef struct WHIRLPOOL_CTX { - uint64 countLo; - uint64 countHi; - CRYPTOPP_ALIGN_DATA(16) uint64 data[8]; - CRYPTOPP_ALIGN_DATA(16) uint64 state[8]; -} WHIRLPOOL_CTX; - -// ------------- -#if defined(__cplusplus) -extern "C" { -#endif - -void WHIRLPOOL_add(const unsigned char * source, unsigned __int32 sourceBits, WHIRLPOOL_CTX * const ctx); -void WHIRLPOOL_finalize(WHIRLPOOL_CTX* const ctx, unsigned char * result); -void WHIRLPOOL_init(WHIRLPOOL_CTX* const ctx); - -#if defined(__cplusplus) -} -#endif - -#endif /* WHIRLPOOL_H */ +#ifndef WHIRLPOOL_H +#define WHIRLPOOL_H 1 + +#include "Common/Tcdefs.h" +#include "config.h" + +typedef struct WHIRLPOOL_CTX { + uint64 countLo; + uint64 countHi; + CRYPTOPP_ALIGN_DATA(16) uint64 data[8]; + CRYPTOPP_ALIGN_DATA(16) uint64 state[8]; +} WHIRLPOOL_CTX; + +// ------------- +#if defined(__cplusplus) +extern "C" { +#endif + +void WHIRLPOOL_add(const unsigned char * source, unsigned __int32 sourceBits, WHIRLPOOL_CTX * const ctx); +void WHIRLPOOL_finalize(WHIRLPOOL_CTX* const ctx, unsigned char * result); +void WHIRLPOOL_init(WHIRLPOOL_CTX* const ctx); + +#if defined(__cplusplus) +} +#endif + +#endif /* WHIRLPOOL_H */ diff --git a/src/Crypto/cpu.c b/src/Crypto/cpu.c index 58a131af..4274a8ae 100644 --- a/src/Crypto/cpu.c +++ b/src/Crypto/cpu.c @@ -1,231 +1,231 @@ -/* cpu.c - written and placed in the public domain by Wei Dai */ - -#include "cpu.h" -#include "misc.h" - -#ifndef EXCEPTION_EXECUTE_HANDLER -#define EXCEPTION_EXECUTE_HANDLER 1 -#endif - -#ifndef CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY -#include -#include -#endif - -#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE -#include -#endif - -#ifdef CRYPTOPP_CPUID_AVAILABLE - -#if _MSC_VER >= 1400 && CRYPTOPP_BOOL_X64 - -int CpuId(uint32 input, uint32 output[4]) -{ - __cpuid((int *)output, input); - return 1; -} - -#else - -#ifndef CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY - -#if defined(__cplusplus) -extern "C" { -#endif - -typedef void (*SigHandler)(int); - -static jmp_buf s_jmpNoCPUID; -static void SigIllHandlerCPUID(int p) -{ - longjmp(s_jmpNoCPUID, 1); -} - -#if CRYPTOPP_BOOL_X64 == 0 -static jmp_buf s_jmpNoSSE2; -static void SigIllHandlerSSE2(int p) -{ - longjmp(s_jmpNoSSE2, 1); -} -#endif - -#if defined(__cplusplus) -} -#endif -#endif - -int CpuId(uint32 input, uint32 output[4]) -{ -#ifdef CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY - __try - { - __asm - { - mov eax, input - mov ecx, 0 - cpuid - mov edi, output - mov [edi], eax - mov [edi+4], ebx - mov [edi+8], ecx - mov [edi+12], edx - } - } - __except (EXCEPTION_EXECUTE_HANDLER) - { - return 0; - } - - // function 0 returns the highest basic function understood in EAX - if(input == 0) - return !!output[0]? 1 : 0; - - return 1; -#else - // longjmp and clobber warnings. Volatile is required. - // http://github.com/weidai11/cryptopp/issues/24 - // http://stackoverflow.com/q/7721854 - volatile int result = 1; - - SigHandler oldHandler = signal(SIGILL, SigIllHandlerCPUID); - if (oldHandler == SIG_ERR) - result = 0; - - if (setjmp(s_jmpNoCPUID)) - result = 0; - else - { - asm volatile - ( - // save ebx in case -fPIC is being used - // TODO: this might need an early clobber on EDI. -#if CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64 - "pushq %%rbx; cpuid; mov %%ebx, %%edi; popq %%rbx" -#else - "push %%ebx; cpuid; mov %%ebx, %%edi; pop %%ebx" -#endif - : "=a" (output[0]), "=D" (output[1]), "=c" (output[2]), "=d" (output[3]) - : "a" (input), "c" (0) - ); - } - - signal(SIGILL, oldHandler); - return result; -#endif -} - -#endif - -static int TrySSE2() -{ -#if CRYPTOPP_BOOL_X64 - return 1; -#elif defined(CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY) - __try - { -#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE - AS2(por xmm0, xmm0) // executing SSE2 instruction -#elif CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE - __m128i x = _mm_setzero_si128(); - return _mm_cvtsi128_si32(x) == 0 ? 1 : 0; -#endif - } - __except (EXCEPTION_EXECUTE_HANDLER) - { - return 0; - } - return 1; -#else - // longjmp and clobber warnings. Volatile is required. - // http://github.com/weidai11/cryptopp/issues/24 - // http://stackoverflow.com/q/7721854 - volatile int result = 1; - - SigHandler oldHandler = signal(SIGILL, SigIllHandlerSSE2); - if (oldHandler == SIG_ERR) - return 0; - - if (setjmp(s_jmpNoSSE2)) - result = 1; - else - { -#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE - __asm __volatile ("por %xmm0, %xmm0"); -#elif CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE - __m128i x = _mm_setzero_si128(); - result = _mm_cvtsi128_si32(x) == 0? 1 : 0; -#endif - } - - signal(SIGILL, oldHandler); - return result; -#endif -} - -int g_x86DetectionDone = 0; -int g_hasISSE = 0, g_hasSSE2 = 0, g_hasSSSE3 = 0, g_hasMMX = 0, g_hasAESNI = 0, g_hasCLMUL = 0, g_isP4 = 0; -uint32 g_cacheLineSize = CRYPTOPP_L1_CACHE_LINE_SIZE; - -VC_INLINE int IsIntel(const uint32 output[4]) -{ - // This is the "GenuineIntel" string - return (output[1] /*EBX*/ == 0x756e6547) && - (output[2] /*ECX*/ == 0x6c65746e) && - (output[3] /*EDX*/ == 0x49656e69); -} - -VC_INLINE int IsAMD(const uint32 output[4]) -{ - // This is the "AuthenticAMD" string - return (output[1] /*EBX*/ == 0x68747541) && - (output[2] /*ECX*/ == 0x69746E65) && - (output[3] /*EDX*/ == 0x444D4163); -} - -void DetectX86Features() -{ - uint32 cpuid[4], cpuid1[4]; - if (!CpuId(0, cpuid)) - return; - if (!CpuId(1, cpuid1)) - return; - - g_hasMMX = (cpuid1[3] & (1 << 23)) != 0; - if ((cpuid1[3] & (1 << 26)) != 0) - g_hasSSE2 = TrySSE2(); - g_hasSSSE3 = g_hasSSE2 && (cpuid1[2] & (1<<9)); - g_hasAESNI = g_hasSSE2 && (cpuid1[2] & (1<<25)); - g_hasCLMUL = g_hasSSE2 && (cpuid1[2] & (1<<1)); - - if ((cpuid1[3] & (1 << 25)) != 0) - g_hasISSE = 1; - else - { - uint32 cpuid2[4]; - CpuId(0x080000000, cpuid2); - if (cpuid2[0] >= 0x080000001) - { - CpuId(0x080000001, cpuid2); - g_hasISSE = (cpuid2[3] & (1 << 22)) != 0; - } - } - - if (IsIntel(cpuid)) - { - g_isP4 = ((cpuid1[0] >> 8) & 0xf) == 0xf; - g_cacheLineSize = 8 * GETBYTE(cpuid1[1], 1); - } - else if (IsAMD(cpuid)) - { - CpuId(0x80000005, cpuid); - g_cacheLineSize = GETBYTE(cpuid[2], 0); - } - - if (!g_cacheLineSize) - g_cacheLineSize = CRYPTOPP_L1_CACHE_LINE_SIZE; - - *((volatile int*)&g_x86DetectionDone) = 1; -} - -#endif +/* cpu.c - written and placed in the public domain by Wei Dai */ + +#include "cpu.h" +#include "misc.h" + +#ifndef EXCEPTION_EXECUTE_HANDLER +#define EXCEPTION_EXECUTE_HANDLER 1 +#endif + +#ifndef CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY +#include +#include +#endif + +#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE +#include +#endif + +#ifdef CRYPTOPP_CPUID_AVAILABLE + +#if _MSC_VER >= 1400 && CRYPTOPP_BOOL_X64 + +int CpuId(uint32 input, uint32 output[4]) +{ + __cpuid((int *)output, input); + return 1; +} + +#else + +#ifndef CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY + +#if defined(__cplusplus) +extern "C" { +#endif + +typedef void (*SigHandler)(int); + +static jmp_buf s_jmpNoCPUID; +static void SigIllHandlerCPUID(int p) +{ + longjmp(s_jmpNoCPUID, 1); +} + +#if CRYPTOPP_BOOL_X64 == 0 +static jmp_buf s_jmpNoSSE2; +static void SigIllHandlerSSE2(int p) +{ + longjmp(s_jmpNoSSE2, 1); +} +#endif + +#if defined(__cplusplus) +} +#endif +#endif + +int CpuId(uint32 input, uint32 output[4]) +{ +#ifdef CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY + __try + { + __asm + { + mov eax, input + mov ecx, 0 + cpuid + mov edi, output + mov [edi], eax + mov [edi+4], ebx + mov [edi+8], ecx + mov [edi+12], edx + } + } + __except (EXCEPTION_EXECUTE_HANDLER) + { + return 0; + } + + // function 0 returns the highest basic function understood in EAX + if(input == 0) + return !!output[0]? 1 : 0; + + return 1; +#else + // longjmp and clobber warnings. Volatile is required. + // http://github.com/weidai11/cryptopp/issues/24 + // http://stackoverflow.com/q/7721854 + volatile int result = 1; + + SigHandler oldHandler = signal(SIGILL, SigIllHandlerCPUID); + if (oldHandler == SIG_ERR) + result = 0; + + if (setjmp(s_jmpNoCPUID)) + result = 0; + else + { + asm volatile + ( + // save ebx in case -fPIC is being used + // TODO: this might need an early clobber on EDI. +#if CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64 + "pushq %%rbx; cpuid; mov %%ebx, %%edi; popq %%rbx" +#else + "push %%ebx; cpuid; mov %%ebx, %%edi; pop %%ebx" +#endif + : "=a" (output[0]), "=D" (output[1]), "=c" (output[2]), "=d" (output[3]) + : "a" (input), "c" (0) + ); + } + + signal(SIGILL, oldHandler); + return result; +#endif +} + +#endif + +static int TrySSE2() +{ +#if CRYPTOPP_BOOL_X64 + return 1; +#elif defined(CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY) + __try + { +#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE + AS2(por xmm0, xmm0) // executing SSE2 instruction +#elif CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE + __m128i x = _mm_setzero_si128(); + return _mm_cvtsi128_si32(x) == 0 ? 1 : 0; +#endif + } + __except (EXCEPTION_EXECUTE_HANDLER) + { + return 0; + } + return 1; +#else + // longjmp and clobber warnings. Volatile is required. + // http://github.com/weidai11/cryptopp/issues/24 + // http://stackoverflow.com/q/7721854 + volatile int result = 1; + + SigHandler oldHandler = signal(SIGILL, SigIllHandlerSSE2); + if (oldHandler == SIG_ERR) + return 0; + + if (setjmp(s_jmpNoSSE2)) + result = 1; + else + { +#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE + __asm __volatile ("por %xmm0, %xmm0"); +#elif CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE + __m128i x = _mm_setzero_si128(); + result = _mm_cvtsi128_si32(x) == 0? 1 : 0; +#endif + } + + signal(SIGILL, oldHandler); + return result; +#endif +} + +int g_x86DetectionDone = 0; +int g_hasISSE = 0, g_hasSSE2 = 0, g_hasSSSE3 = 0, g_hasMMX = 0, g_hasAESNI = 0, g_hasCLMUL = 0, g_isP4 = 0; +uint32 g_cacheLineSize = CRYPTOPP_L1_CACHE_LINE_SIZE; + +VC_INLINE int IsIntel(const uint32 output[4]) +{ + // This is the "GenuineIntel" string + return (output[1] /*EBX*/ == 0x756e6547) && + (output[2] /*ECX*/ == 0x6c65746e) && + (output[3] /*EDX*/ == 0x49656e69); +} + +VC_INLINE int IsAMD(const uint32 output[4]) +{ + // This is the "AuthenticAMD" string + return (output[1] /*EBX*/ == 0x68747541) && + (output[2] /*ECX*/ == 0x69746E65) && + (output[3] /*EDX*/ == 0x444D4163); +} + +void DetectX86Features() +{ + uint32 cpuid[4], cpuid1[4]; + if (!CpuId(0, cpuid)) + return; + if (!CpuId(1, cpuid1)) + return; + + g_hasMMX = (cpuid1[3] & (1 << 23)) != 0; + if ((cpuid1[3] & (1 << 26)) != 0) + g_hasSSE2 = TrySSE2(); + g_hasSSSE3 = g_hasSSE2 && (cpuid1[2] & (1<<9)); + g_hasAESNI = g_hasSSE2 && (cpuid1[2] & (1<<25)); + g_hasCLMUL = g_hasSSE2 && (cpuid1[2] & (1<<1)); + + if ((cpuid1[3] & (1 << 25)) != 0) + g_hasISSE = 1; + else + { + uint32 cpuid2[4]; + CpuId(0x080000000, cpuid2); + if (cpuid2[0] >= 0x080000001) + { + CpuId(0x080000001, cpuid2); + g_hasISSE = (cpuid2[3] & (1 << 22)) != 0; + } + } + + if (IsIntel(cpuid)) + { + g_isP4 = ((cpuid1[0] >> 8) & 0xf) == 0xf; + g_cacheLineSize = 8 * GETBYTE(cpuid1[1], 1); + } + else if (IsAMD(cpuid)) + { + CpuId(0x80000005, cpuid); + g_cacheLineSize = GETBYTE(cpuid[2], 0); + } + + if (!g_cacheLineSize) + g_cacheLineSize = CRYPTOPP_L1_CACHE_LINE_SIZE; + + *((volatile int*)&g_x86DetectionDone) = 1; +} + +#endif diff --git a/src/Crypto/cpu.h b/src/Crypto/cpu.h index da8d14cb..7ef509ec 100644 --- a/src/Crypto/cpu.h +++ b/src/Crypto/cpu.h @@ -1,308 +1,308 @@ -#ifndef CRYPTOPP_CPU_H -#define CRYPTOPP_CPU_H - -#include "Common/Tcdefs.h" -#include "config.h" - -#ifdef CRYPTOPP_GENERATE_X64_MASM - -#define CRYPTOPP_X86_ASM_AVAILABLE -#define CRYPTOPP_BOOL_X64 1 -#define CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE 1 - -#else - -#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE -#include -#endif - -#if CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE -#if defined(__SSSE3__) || defined(__INTEL_COMPILER) -#ifdef TC_WINDOWS_DRIVER -extern __m128i _mm_shuffle_epi8 (__m128i a, __m128i b); -#else -#include -#endif -#endif - -#if defined(__SSE4_1__) || defined(__INTEL_COMPILER) -#ifdef TC_WINDOWS_DRIVER -extern int _mm_extract_epi32(__m128i src, const int ndx); -extern __m128i _mm_insert_epi32(__m128i dst, int s, const int ndx); -#else -#include -#endif -#endif - -#if (defined(__AES__) && defined(__PCLMUL__)) || defined(__INTEL_COMPILER) -#ifdef TC_WINDOWS_DRIVER -extern __m128i _mm_clmulepi64_si128(__m128i v1, __m128i v2, - const int imm8); -extern __m128i _mm_aeskeygenassist_si128(__m128i ckey, const int rcon); -extern __m128i _mm_aesimc_si128(__m128i v); -extern __m128i _mm_aesenc_si128(__m128i v, __m128i rkey); -extern __m128i _mm_aesenclast_si128(__m128i v, __m128i rkey); -extern __m128i _mm_aesdec_si128(__m128i v, __m128i rkey); -extern __m128i _mm_aesdeclast_si128(__m128i v, __m128i rkey); -#else -#include -#endif -#endif -#endif - -#if CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64 - -#define CRYPTOPP_CPUID_AVAILABLE - -#if defined(__cplusplus) -extern "C" { -#endif - -// these should not be used directly -extern int g_x86DetectionDone; -extern int g_hasSSSE3; -extern int g_hasAESNI; -extern int g_hasCLMUL; -extern int g_isP4; -extern uint32 g_cacheLineSize; -void DetectX86Features(); // must be called at the start of the program/driver -int CpuId(uint32 input, uint32 *output); - -#if CRYPTOPP_BOOL_X64 -#define HasSSE2() 1 -#define HasISSE() 1 -#define HasMMX() 1 -#else - -extern int g_hasSSE2; -extern int g_hasISSE; -extern int g_hasMMX; - -#define HasSSE2() g_hasSSE2 -#define HasISSE() g_hasISSE -#define HasMMX() g_hasMMX - -#endif - -#define HasSSSE3() g_hasSSSE3 -#define HasAESNI() g_hasAESNI -#define HasCLMUL() g_hasCLMUL -#define IsP4() g_isP4 -#define GetCacheLineSize() g_cacheLineSize - -#if defined(__cplusplus) -} -#endif - -#else - -#define GetCacheLineSize() CRYPTOPP_L1_CACHE_LINE_SIZE - -#endif - -#endif - -#ifdef CRYPTOPP_GENERATE_X64_MASM - #define AS1(x) x*newline* - #define AS2(x, y) x, y*newline* - #define AS3(x, y, z) x, y, z*newline* - #define ASS(x, y, a, b, c, d) x, y, a*64+b*16+c*4+d*newline* - #define ASL(x) label##x:*newline* - #define ASJ(x, y, z) x label##y*newline* - #define ASC(x, y) x label##y*newline* - #define AS_HEX(y) 0##y##h -#elif defined(_MSC_VER) || defined(__BORLANDC__) - #define CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY - #define AS1(x) __asm {x} - #define AS2(x, y) __asm {x, y} - #define AS3(x, y, z) __asm {x, y, z} - #define ASS(x, y, a, b, c, d) __asm {x, y, (a)*64+(b)*16+(c)*4+(d)} - #define ASL(x) __asm {label##x:} - #define ASJ(x, y, z) __asm {x label##y} - #define ASC(x, y) __asm {x label##y} - #define CRYPTOPP_NAKED __declspec(naked) - #define AS_HEX(y) 0x##y -#else - #define CRYPTOPP_GNU_STYLE_INLINE_ASSEMBLY - - #if defined(CRYPTOPP_CLANG_VERSION) || defined(CRYPTOPP_APPLE_CLANG_VERSION) - #define NEW_LINE "\n" - #define INTEL_PREFIX ".intel_syntax;" - #define INTEL_NOPREFIX ".intel_syntax;" - #define ATT_PREFIX ".att_syntax;" - #define ATT_NOPREFIX ".att_syntax;" - #else - #define NEW_LINE - #define INTEL_PREFIX ".intel_syntax prefix;" - #define INTEL_NOPREFIX ".intel_syntax noprefix;" - #define ATT_PREFIX ".att_syntax prefix;" - #define ATT_NOPREFIX ".att_syntax noprefix;" - #endif - - // define these in two steps to allow arguments to be expanded - #define GNU_AS1(x) #x ";" NEW_LINE - #define GNU_AS2(x, y) #x ", " #y ";" NEW_LINE - #define GNU_AS3(x, y, z) #x ", " #y ", " #z ";" NEW_LINE - #define GNU_ASL(x) "\n" #x ":" NEW_LINE - #define GNU_ASJ(x, y, z) #x " " #y #z ";" NEW_LINE - #define AS1(x) GNU_AS1(x) - #define AS2(x, y) GNU_AS2(x, y) - #define AS3(x, y, z) GNU_AS3(x, y, z) - #define ASS(x, y, a, b, c, d) #x ", " #y ", " #a "*64+" #b "*16+" #c "*4+" #d ";" - #define ASL(x) GNU_ASL(x) - #define ASJ(x, y, z) GNU_ASJ(x, y, z) - #define ASC(x, y) #x " " #y ";" - #define CRYPTOPP_NAKED - #define AS_HEX(y) 0x##y -#endif - -#define IF0(y) -#define IF1(y) y - -// Should be confined to GCC, but its used to help manage Clang 3.4 compiler error. -// Also see LLVM Bug 24232, http://llvm.org/bugs/show_bug.cgi?id=24232 . -#ifndef INTEL_PREFIX -#define INTEL_PREFIX -#endif -#ifndef INTEL_NOPREFIX -#define INTEL_NOPREFIX -#endif -#ifndef ATT_PREFIX -#define ATT_PREFIX -#endif -#ifndef ATT_NOPREFIX -#define ATT_NOPREFIX -#endif - -#ifdef CRYPTOPP_GENERATE_X64_MASM -#define ASM_MOD(x, y) ((x) MOD (y)) -#define XMMWORD_PTR XMMWORD PTR -#else -// GNU assembler doesn't seem to have mod operator -#define ASM_MOD(x, y) ((x)-((x)/(y))*(y)) -// GAS 2.15 doesn't support XMMWORD PTR. it seems necessary only for MASM -#define XMMWORD_PTR -#endif - -#if CRYPTOPP_BOOL_X86 - #define AS_REG_1 ecx - #define AS_REG_2 edx - #define AS_REG_3 esi - #define AS_REG_4 edi - #define AS_REG_5 eax - #define AS_REG_6 ebx - #define AS_REG_7 ebp - #define AS_REG_1d ecx - #define AS_REG_2d edx - #define AS_REG_3d esi - #define AS_REG_4d edi - #define AS_REG_5d eax - #define AS_REG_6d ebx - #define AS_REG_7d ebp - #define WORD_SZ 4 - #define WORD_REG(x) e##x - #define WORD_PTR DWORD PTR - #define AS_PUSH_IF86(x) AS1(push e##x) - #define AS_POP_IF86(x) AS1(pop e##x) - #define AS_JCXZ jecxz -#elif CRYPTOPP_BOOL_X32 - #define AS_REG_1 ecx - #define AS_REG_2 edx - #define AS_REG_3 r8d - #define AS_REG_4 r9d - #define AS_REG_5 eax - #define AS_REG_6 r10d - #define AS_REG_7 r11d - #define AS_REG_1d ecx - #define AS_REG_2d edx - #define AS_REG_3d r8d - #define AS_REG_4d r9d - #define AS_REG_5d eax - #define AS_REG_6d r10d - #define AS_REG_7d r11d - #define WORD_SZ 4 - #define WORD_REG(x) e##x - #define WORD_PTR DWORD PTR - #define AS_PUSH_IF86(x) AS1(push r##x) - #define AS_POP_IF86(x) AS1(pop r##x) - #define AS_JCXZ jecxz -#elif CRYPTOPP_BOOL_X64 - #ifdef CRYPTOPP_GENERATE_X64_MASM - #define AS_REG_1 rcx - #define AS_REG_2 rdx - #define AS_REG_3 r8 - #define AS_REG_4 r9 - #define AS_REG_5 rax - #define AS_REG_6 r10 - #define AS_REG_7 r11 - #define AS_REG_1d ecx - #define AS_REG_2d edx - #define AS_REG_3d r8d - #define AS_REG_4d r9d - #define AS_REG_5d eax - #define AS_REG_6d r10d - #define AS_REG_7d r11d - #else - #define AS_REG_1 rdi - #define AS_REG_2 rsi - #define AS_REG_3 rdx - #define AS_REG_4 rcx - #define AS_REG_5 r8 - #define AS_REG_6 r9 - #define AS_REG_7 r10 - #define AS_REG_1d edi - #define AS_REG_2d esi - #define AS_REG_3d edx - #define AS_REG_4d ecx - #define AS_REG_5d r8d - #define AS_REG_6d r9d - #define AS_REG_7d r10d - #endif - #define WORD_SZ 8 - #define WORD_REG(x) r##x - #define WORD_PTR QWORD PTR - #define AS_PUSH_IF86(x) - #define AS_POP_IF86(x) - #define AS_JCXZ jrcxz -#endif - -// helper macro for stream cipher output -#define AS_XMM_OUTPUT4(labelPrefix, inputPtr, outputPtr, x0, x1, x2, x3, t, p0, p1, p2, p3, increment)\ - AS2( test inputPtr, inputPtr)\ - ASC( jz, labelPrefix##3)\ - AS2( test inputPtr, 15)\ - ASC( jnz, labelPrefix##7)\ - AS2( pxor xmm##x0, [inputPtr+p0*16])\ - AS2( pxor xmm##x1, [inputPtr+p1*16])\ - AS2( pxor xmm##x2, [inputPtr+p2*16])\ - AS2( pxor xmm##x3, [inputPtr+p3*16])\ - AS2( add inputPtr, increment*16)\ - ASC( jmp, labelPrefix##3)\ - ASL(labelPrefix##7)\ - AS2( movdqu xmm##t, [inputPtr+p0*16])\ - AS2( pxor xmm##x0, xmm##t)\ - AS2( movdqu xmm##t, [inputPtr+p1*16])\ - AS2( pxor xmm##x1, xmm##t)\ - AS2( movdqu xmm##t, [inputPtr+p2*16])\ - AS2( pxor xmm##x2, xmm##t)\ - AS2( movdqu xmm##t, [inputPtr+p3*16])\ - AS2( pxor xmm##x3, xmm##t)\ - AS2( add inputPtr, increment*16)\ - ASL(labelPrefix##3)\ - AS2( test outputPtr, 15)\ - ASC( jnz, labelPrefix##8)\ - AS2( movdqa [outputPtr+p0*16], xmm##x0)\ - AS2( movdqa [outputPtr+p1*16], xmm##x1)\ - AS2( movdqa [outputPtr+p2*16], xmm##x2)\ - AS2( movdqa [outputPtr+p3*16], xmm##x3)\ - ASC( jmp, labelPrefix##9)\ - ASL(labelPrefix##8)\ - AS2( movdqu [outputPtr+p0*16], xmm##x0)\ - AS2( movdqu [outputPtr+p1*16], xmm##x1)\ - AS2( movdqu [outputPtr+p2*16], xmm##x2)\ - AS2( movdqu [outputPtr+p3*16], xmm##x3)\ - ASL(labelPrefix##9)\ - AS2( add outputPtr, increment*16) - - -#endif +#ifndef CRYPTOPP_CPU_H +#define CRYPTOPP_CPU_H + +#include "Common/Tcdefs.h" +#include "config.h" + +#ifdef CRYPTOPP_GENERATE_X64_MASM + +#define CRYPTOPP_X86_ASM_AVAILABLE +#define CRYPTOPP_BOOL_X64 1 +#define CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE 1 + +#else + +#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE +#include +#endif + +#if CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE +#if defined(__SSSE3__) || defined(__INTEL_COMPILER) +#ifdef TC_WINDOWS_DRIVER +extern __m128i _mm_shuffle_epi8 (__m128i a, __m128i b); +#else +#include +#endif +#endif + +#if defined(__SSE4_1__) || defined(__INTEL_COMPILER) +#ifdef TC_WINDOWS_DRIVER +extern int _mm_extract_epi32(__m128i src, const int ndx); +extern __m128i _mm_insert_epi32(__m128i dst, int s, const int ndx); +#else +#include +#endif +#endif + +#if (defined(__AES__) && defined(__PCLMUL__)) || defined(__INTEL_COMPILER) +#ifdef TC_WINDOWS_DRIVER +extern __m128i _mm_clmulepi64_si128(__m128i v1, __m128i v2, + const int imm8); +extern __m128i _mm_aeskeygenassist_si128(__m128i ckey, const int rcon); +extern __m128i _mm_aesimc_si128(__m128i v); +extern __m128i _mm_aesenc_si128(__m128i v, __m128i rkey); +extern __m128i _mm_aesenclast_si128(__m128i v, __m128i rkey); +extern __m128i _mm_aesdec_si128(__m128i v, __m128i rkey); +extern __m128i _mm_aesdeclast_si128(__m128i v, __m128i rkey); +#else +#include +#endif +#endif +#endif + +#if CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64 + +#define CRYPTOPP_CPUID_AVAILABLE + +#if defined(__cplusplus) +extern "C" { +#endif + +// these should not be used directly +extern int g_x86DetectionDone; +extern int g_hasSSSE3; +extern int g_hasAESNI; +extern int g_hasCLMUL; +extern int g_isP4; +extern uint32 g_cacheLineSize; +void DetectX86Features(); // must be called at the start of the program/driver +int CpuId(uint32 input, uint32 *output); + +#if CRYPTOPP_BOOL_X64 +#define HasSSE2() 1 +#define HasISSE() 1 +#define HasMMX() 1 +#else + +extern int g_hasSSE2; +extern int g_hasISSE; +extern int g_hasMMX; + +#define HasSSE2() g_hasSSE2 +#define HasISSE() g_hasISSE +#define HasMMX() g_hasMMX + +#endif + +#define HasSSSE3() g_hasSSSE3 +#define HasAESNI() g_hasAESNI +#define HasCLMUL() g_hasCLMUL +#define IsP4() g_isP4 +#define GetCacheLineSize() g_cacheLineSize + +#if defined(__cplusplus) +} +#endif + +#else + +#define GetCacheLineSize() CRYPTOPP_L1_CACHE_LINE_SIZE + +#endif + +#endif + +#ifdef CRYPTOPP_GENERATE_X64_MASM + #define AS1(x) x*newline* + #define AS2(x, y) x, y*newline* + #define AS3(x, y, z) x, y, z*newline* + #define ASS(x, y, a, b, c, d) x, y, a*64+b*16+c*4+d*newline* + #define ASL(x) label##x:*newline* + #define ASJ(x, y, z) x label##y*newline* + #define ASC(x, y) x label##y*newline* + #define AS_HEX(y) 0##y##h +#elif defined(_MSC_VER) || defined(__BORLANDC__) + #define CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY + #define AS1(x) __asm {x} + #define AS2(x, y) __asm {x, y} + #define AS3(x, y, z) __asm {x, y, z} + #define ASS(x, y, a, b, c, d) __asm {x, y, (a)*64+(b)*16+(c)*4+(d)} + #define ASL(x) __asm {label##x:} + #define ASJ(x, y, z) __asm {x label##y} + #define ASC(x, y) __asm {x label##y} + #define CRYPTOPP_NAKED __declspec(naked) + #define AS_HEX(y) 0x##y +#else + #define CRYPTOPP_GNU_STYLE_INLINE_ASSEMBLY + + #if defined(CRYPTOPP_CLANG_VERSION) || defined(CRYPTOPP_APPLE_CLANG_VERSION) + #define NEW_LINE "\n" + #define INTEL_PREFIX ".intel_syntax;" + #define INTEL_NOPREFIX ".intel_syntax;" + #define ATT_PREFIX ".att_syntax;" + #define ATT_NOPREFIX ".att_syntax;" + #else + #define NEW_LINE + #define INTEL_PREFIX ".intel_syntax prefix;" + #define INTEL_NOPREFIX ".intel_syntax noprefix;" + #define ATT_PREFIX ".att_syntax prefix;" + #define ATT_NOPREFIX ".att_syntax noprefix;" + #endif + + // define these in two steps to allow arguments to be expanded + #define GNU_AS1(x) #x ";" NEW_LINE + #define GNU_AS2(x, y) #x ", " #y ";" NEW_LINE + #define GNU_AS3(x, y, z) #x ", " #y ", " #z ";" NEW_LINE + #define GNU_ASL(x) "\n" #x ":" NEW_LINE + #define GNU_ASJ(x, y, z) #x " " #y #z ";" NEW_LINE + #define AS1(x) GNU_AS1(x) + #define AS2(x, y) GNU_AS2(x, y) + #define AS3(x, y, z) GNU_AS3(x, y, z) + #define ASS(x, y, a, b, c, d) #x ", " #y ", " #a "*64+" #b "*16+" #c "*4+" #d ";" + #define ASL(x) GNU_ASL(x) + #define ASJ(x, y, z) GNU_ASJ(x, y, z) + #define ASC(x, y) #x " " #y ";" + #define CRYPTOPP_NAKED + #define AS_HEX(y) 0x##y +#endif + +#define IF0(y) +#define IF1(y) y + +// Should be confined to GCC, but its used to help manage Clang 3.4 compiler error. +// Also see LLVM Bug 24232, http://llvm.org/bugs/show_bug.cgi?id=24232 . +#ifndef INTEL_PREFIX +#define INTEL_PREFIX +#endif +#ifndef INTEL_NOPREFIX +#define INTEL_NOPREFIX +#endif +#ifndef ATT_PREFIX +#define ATT_PREFIX +#endif +#ifndef ATT_NOPREFIX +#define ATT_NOPREFIX +#endif + +#ifdef CRYPTOPP_GENERATE_X64_MASM +#define ASM_MOD(x, y) ((x) MOD (y)) +#define XMMWORD_PTR XMMWORD PTR +#else +// GNU assembler doesn't seem to have mod operator +#define ASM_MOD(x, y) ((x)-((x)/(y))*(y)) +// GAS 2.15 doesn't support XMMWORD PTR. it seems necessary only for MASM +#define XMMWORD_PTR +#endif + +#if CRYPTOPP_BOOL_X86 + #define AS_REG_1 ecx + #define AS_REG_2 edx + #define AS_REG_3 esi + #define AS_REG_4 edi + #define AS_REG_5 eax + #define AS_REG_6 ebx + #define AS_REG_7 ebp + #define AS_REG_1d ecx + #define AS_REG_2d edx + #define AS_REG_3d esi + #define AS_REG_4d edi + #define AS_REG_5d eax + #define AS_REG_6d ebx + #define AS_REG_7d ebp + #define WORD_SZ 4 + #define WORD_REG(x) e##x + #define WORD_PTR DWORD PTR + #define AS_PUSH_IF86(x) AS1(push e##x) + #define AS_POP_IF86(x) AS1(pop e##x) + #define AS_JCXZ jecxz +#elif CRYPTOPP_BOOL_X32 + #define AS_REG_1 ecx + #define AS_REG_2 edx + #define AS_REG_3 r8d + #define AS_REG_4 r9d + #define AS_REG_5 eax + #define AS_REG_6 r10d + #define AS_REG_7 r11d + #define AS_REG_1d ecx + #define AS_REG_2d edx + #define AS_REG_3d r8d + #define AS_REG_4d r9d + #define AS_REG_5d eax + #define AS_REG_6d r10d + #define AS_REG_7d r11d + #define WORD_SZ 4 + #define WORD_REG(x) e##x + #define WORD_PTR DWORD PTR + #define AS_PUSH_IF86(x) AS1(push r##x) + #define AS_POP_IF86(x) AS1(pop r##x) + #define AS_JCXZ jecxz +#elif CRYPTOPP_BOOL_X64 + #ifdef CRYPTOPP_GENERATE_X64_MASM + #define AS_REG_1 rcx + #define AS_REG_2 rdx + #define AS_REG_3 r8 + #define AS_REG_4 r9 + #define AS_REG_5 rax + #define AS_REG_6 r10 + #define AS_REG_7 r11 + #define AS_REG_1d ecx + #define AS_REG_2d edx + #define AS_REG_3d r8d + #define AS_REG_4d r9d + #define AS_REG_5d eax + #define AS_REG_6d r10d + #define AS_REG_7d r11d + #else + #define AS_REG_1 rdi + #define AS_REG_2 rsi + #define AS_REG_3 rdx + #define AS_REG_4 rcx + #define AS_REG_5 r8 + #define AS_REG_6 r9 + #define AS_REG_7 r10 + #define AS_REG_1d edi + #define AS_REG_2d esi + #define AS_REG_3d edx + #define AS_REG_4d ecx + #define AS_REG_5d r8d + #define AS_REG_6d r9d + #define AS_REG_7d r10d + #endif + #define WORD_SZ 8 + #define WORD_REG(x) r##x + #define WORD_PTR QWORD PTR + #define AS_PUSH_IF86(x) + #define AS_POP_IF86(x) + #define AS_JCXZ jrcxz +#endif + +// helper macro for stream cipher output +#define AS_XMM_OUTPUT4(labelPrefix, inputPtr, outputPtr, x0, x1, x2, x3, t, p0, p1, p2, p3, increment)\ + AS2( test inputPtr, inputPtr)\ + ASC( jz, labelPrefix##3)\ + AS2( test inputPtr, 15)\ + ASC( jnz, labelPrefix##7)\ + AS2( pxor xmm##x0, [inputPtr+p0*16])\ + AS2( pxor xmm##x1, [inputPtr+p1*16])\ + AS2( pxor xmm##x2, [inputPtr+p2*16])\ + AS2( pxor xmm##x3, [inputPtr+p3*16])\ + AS2( add inputPtr, increment*16)\ + ASC( jmp, labelPrefix##3)\ + ASL(labelPrefix##7)\ + AS2( movdqu xmm##t, [inputPtr+p0*16])\ + AS2( pxor xmm##x0, xmm##t)\ + AS2( movdqu xmm##t, [inputPtr+p1*16])\ + AS2( pxor xmm##x1, xmm##t)\ + AS2( movdqu xmm##t, [inputPtr+p2*16])\ + AS2( pxor xmm##x2, xmm##t)\ + AS2( movdqu xmm##t, [inputPtr+p3*16])\ + AS2( pxor xmm##x3, xmm##t)\ + AS2( add inputPtr, increment*16)\ + ASL(labelPrefix##3)\ + AS2( test outputPtr, 15)\ + ASC( jnz, labelPrefix##8)\ + AS2( movdqa [outputPtr+p0*16], xmm##x0)\ + AS2( movdqa [outputPtr+p1*16], xmm##x1)\ + AS2( movdqa [outputPtr+p2*16], xmm##x2)\ + AS2( movdqa [outputPtr+p3*16], xmm##x3)\ + ASC( jmp, labelPrefix##9)\ + ASL(labelPrefix##8)\ + AS2( movdqu [outputPtr+p0*16], xmm##x0)\ + AS2( movdqu [outputPtr+p1*16], xmm##x1)\ + AS2( movdqu [outputPtr+p2*16], xmm##x2)\ + AS2( movdqu [outputPtr+p3*16], xmm##x3)\ + ASL(labelPrefix##9)\ + AS2( add outputPtr, increment*16) + + +#endif diff --git a/src/Driver/BuildDriver.cmd b/src/Driver/BuildDriver.cmd index 99fe554b..bfeee2db 100644 --- a/src/Driver/BuildDriver.cmd +++ b/src/Driver/BuildDriver.cmd @@ -1,166 +1,166 @@ -:: -:: Derived from source code of TrueCrypt 7.1a, which is -:: Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed -:: by the TrueCrypt License 3.0. -:: -:: Modifications and additions to the original source code (contained in this file) -:: and all other portions of this file are Copyright (c) 2013-2016 IDRIX -:: and are governed by the Apache License 2.0 the full text of which is -:: contained in the file License.txt included in VeraCrypt binary and source -:: code distribution packages. -:: - -:: Usage: BuildDriver <-build|-rebuild|-clean> <-release|-debug> <-x86|-x64> [dir2] ... - -@echo off -set TC_ARG_CMD=%~1 -shift -set TC_ARG_TYPE=%~1 -shift -set TC_ARG_ARCH=%~1 -shift - - -:: Windows Driver Kit build number - -set TC_WINDDK_BUILD=7600.16385.1 - - -:: Check for spaces in the current directory path - -cd | find " " >NUL: - -if %ERRORLEVEL% == 0 ( - echo BuildDriver.cmd: error: MS Build does not support building of projects stored in a path containing spaces. >&2 - exit /B 1 -) - - -:: Build options - -set TC_C_DEFINES=-D_WIN32 -DTC_WINDOWS_DRIVER -set TC_C_FLAGS=-nologo -I.. -set TC_C_WARNING_LEVEL=-W4 -set TC_C_DISABLED_WARNINGS=-wd4057 -wd4100 -wd4127 -wd4152 -wd4201 -wd4701 -wd4702 -wd4706 -set TC_LIBRARIAN_FLAGS=-nologo -set TC_LINKER_FLAGS=-nologo -set TC_TEST_SIGN=0 - - -:: Windows Driver Kit root - -set TC_WINDDK_ROOT=%SYSTEMDRIVE%\WinDDK\%TC_WINDDK_BUILD% -if exist "%TC_WINDDK_ROOT%\bin\setenv.bat" goto ddk_found - -set TC_WINDDK_ROOT=%WINDDK_ROOT%\%TC_WINDDK_BUILD% -if exist "%TC_WINDDK_ROOT%\bin\setenv.bat" goto ddk_found - -set TC_WINDDK_ROOT=%WINDDK_ROOT% -if exist "%TC_WINDDK_ROOT%\bin\setenv.bat" goto ddk_found - -echo BuildDriver.cmd: error: Windows Driver Development Kit not found in the default directory. Set WINDDK_ROOT environment variable to point to your Windows DDK installation directory. >&2 -exit /B 1 - -:ddk_found - - -:: CPU architecture - -if "%TC_ARG_ARCH%"=="-x64" ( - set TC_BUILD_ARCH=x64 WNET - set TC_BUILD_ARCH_DIR=amd64 - set TC_ARCH=x64 - set TC_ARCH_SUFFIX=-x64 - set TC_C_DISABLED_WARNINGS=%TC_C_DISABLED_WARNINGS% -wd4328 -wd4366 - set TC_LINKER_FLAGS=%TC_LINKER_FLAGS% -LTCG - if defined TC_KERNEL_TEST_CERTIFICATE_NAME set TC_TEST_SIGN=1 -) else ( - set TC_BUILD_ARCH=WXP - set TC_BUILD_ARCH_DIR=i386 - set TC_ARCH=x86 - set TC_ARCH_SUFFIX= -) - - -:: Build type - -if "%TC_ARG_TYPE%"=="-debug" ( - set TC_BUILD_TYPE=chk - set TC_C_DEFINES=%TC_C_DEFINES% -DDEBUG -D_DEBUG - set TC_BUILD_ALT_DIR=_driver_debug - set TC_COPY_DIR="..\Debug" -) else ( - set TC_BUILD_TYPE=fre - set TC_BUILD_ALT_DIR=_driver_release - set TC_COPY_DIR="..\Release" - set TC_TEST_SIGN=0 -) - - -:: WDK environment - -pushd . -call %TC_WINDDK_ROOT%\bin\setenv %TC_WINDDK_ROOT% %TC_BUILD_TYPE% %TC_BUILD_ARCH% no_oacr || exit /B %errorlevel% -popd - - -:: Build - -if "%TC_ARG_CMD%"=="-rebuild" (set TC_BUILD_OPTS=-c -Z) - -pushd . -:build_dirs - - if "%~1"=="" goto done - cd /D "%~1" || exit /B %errorlevel% - - if "%TC_ARG_CMD%"=="-clean" ( - rd /s /q obj%TC_BUILD_ALT_DIR%\%TC_BUILD_ARCH_DIR% 2>NUL: - rd /q obj%TC_BUILD_ALT_DIR% 2>NUL: - ) else ( - - set USER_C_FLAGS=%TC_C_FLAGS% %TC_C_DISABLED_WARNINGS% -FAcs -Fa%~1\obj%TC_BUILD_ALT_DIR%\%TC_BUILD_ARCH_DIR%\ - set MSC_WARNING_LEVEL=%TC_C_WARNING_LEVEL% - set C_DEFINES=%TC_C_DEFINES% - set RCOPTIONS=/I %MFC_INC_PATH% - set LIBRARIAN_FLAGS=%TC_LIBRARIAN_FLAGS% - set LINKER_FLAGS=%TC_LINKER_FLAGS% - set BUILD_ALT_DIR=%TC_BUILD_ALT_DIR% - - build %TC_BUILD_OPTS% -w -nmake /S -nmake /C 2>build_errors.log 1>&2 - - if errorlevel 1 ( - type build_errors.log - type build_errors_asm.log 2>NUL: - exit /B 1 - ) - del /q build_errors.log build_errors_asm.log build%BUILD_ALT_DIR%.* 2>NUL: - ) - - shift - -goto build_dirs -:done -popd - - -if "%TC_ARG_CMD%"=="-clean" exit /B 0 - -md "%TC_COPY_DIR%\Setup Files" >NUL: 2>NUL: -copy /B /Y obj%TC_BUILD_ALT_DIR%\%TC_BUILD_ARCH_DIR%\veracrypt.sys "%TC_COPY_DIR%\Setup Files\veracrypt%TC_ARCH_SUFFIX%.sys" >NUL: - -if errorlevel 1 ( - echo BuildDriver.cmd: error: Cannot copy target. >&2 - exit /B 1 -) - -if %TC_TEST_SIGN% equ 1 ( - signtool sign /s "%TC_KERNEL_TEST_CERTIFICATE_STORE%" /n "%TC_KERNEL_TEST_CERTIFICATE_NAME%" "%TC_COPY_DIR%\Setup Files\veracrypt%TC_ARCH_SUFFIX%.sys" >NUL: - - if errorlevel 1 ( - echo BuildDriver.cmd: error: Cannot test-sign target. >&2 - exit /B 1 - ) -) - -exit /B 0 +:: +:: Derived from source code of TrueCrypt 7.1a, which is +:: Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed +:: by the TrueCrypt License 3.0. +:: +:: Modifications and additions to the original source code (contained in this file) +:: and all other portions of this file are Copyright (c) 2013-2016 IDRIX +:: and are governed by the Apache License 2.0 the full text of which is +:: contained in the file License.txt included in VeraCrypt binary and source +:: code distribution packages. +:: + +:: Usage: BuildDriver <-build|-rebuild|-clean> <-release|-debug> <-x86|-x64> [dir2] ... + +@echo off +set TC_ARG_CMD=%~1 +shift +set TC_ARG_TYPE=%~1 +shift +set TC_ARG_ARCH=%~1 +shift + + +:: Windows Driver Kit build number + +set TC_WINDDK_BUILD=7600.16385.1 + + +:: Check for spaces in the current directory path + +cd | find " " >NUL: + +if %ERRORLEVEL% == 0 ( + echo BuildDriver.cmd: error: MS Build does not support building of projects stored in a path containing spaces. >&2 + exit /B 1 +) + + +:: Build options + +set TC_C_DEFINES=-D_WIN32 -DTC_WINDOWS_DRIVER +set TC_C_FLAGS=-nologo -I.. +set TC_C_WARNING_LEVEL=-W4 +set TC_C_DISABLED_WARNINGS=-wd4057 -wd4100 -wd4127 -wd4152 -wd4201 -wd4701 -wd4702 -wd4706 +set TC_LIBRARIAN_FLAGS=-nologo +set TC_LINKER_FLAGS=-nologo +set TC_TEST_SIGN=0 + + +:: Windows Driver Kit root + +set TC_WINDDK_ROOT=%SYSTEMDRIVE%\WinDDK\%TC_WINDDK_BUILD% +if exist "%TC_WINDDK_ROOT%\bin\setenv.bat" goto ddk_found + +set TC_WINDDK_ROOT=%WINDDK_ROOT%\%TC_WINDDK_BUILD% +if exist "%TC_WINDDK_ROOT%\bin\setenv.bat" goto ddk_found + +set TC_WINDDK_ROOT=%WINDDK_ROOT% +if exist "%TC_WINDDK_ROOT%\bin\setenv.bat" goto ddk_found + +echo BuildDriver.cmd: error: Windows Driver Development Kit not found in the default directory. Set WINDDK_ROOT environment variable to point to your Windows DDK installation directory. >&2 +exit /B 1 + +:ddk_found + + +:: CPU architecture + +if "%TC_ARG_ARCH%"=="-x64" ( + set TC_BUILD_ARCH=x64 WNET + set TC_BUILD_ARCH_DIR=amd64 + set TC_ARCH=x64 + set TC_ARCH_SUFFIX=-x64 + set TC_C_DISABLED_WARNINGS=%TC_C_DISABLED_WARNINGS% -wd4328 -wd4366 + set TC_LINKER_FLAGS=%TC_LINKER_FLAGS% -LTCG + if defined TC_KERNEL_TEST_CERTIFICATE_NAME set TC_TEST_SIGN=1 +) else ( + set TC_BUILD_ARCH=WXP + set TC_BUILD_ARCH_DIR=i386 + set TC_ARCH=x86 + set TC_ARCH_SUFFIX= +) + + +:: Build type + +if "%TC_ARG_TYPE%"=="-debug" ( + set TC_BUILD_TYPE=chk + set TC_C_DEFINES=%TC_C_DEFINES% -DDEBUG -D_DEBUG + set TC_BUILD_ALT_DIR=_driver_debug + set TC_COPY_DIR="..\Debug" +) else ( + set TC_BUILD_TYPE=fre + set TC_BUILD_ALT_DIR=_driver_release + set TC_COPY_DIR="..\Release" + set TC_TEST_SIGN=0 +) + + +:: WDK environment + +pushd . +call %TC_WINDDK_ROOT%\bin\setenv %TC_WINDDK_ROOT% %TC_BUILD_TYPE% %TC_BUILD_ARCH% no_oacr || exit /B %errorlevel% +popd + + +:: Build + +if "%TC_ARG_CMD%"=="-rebuild" (set TC_BUILD_OPTS=-c -Z) + +pushd . +:build_dirs + + if "%~1"=="" goto done + cd /D "%~1" || exit /B %errorlevel% + + if "%TC_ARG_CMD%"=="-clean" ( + rd /s /q obj%TC_BUILD_ALT_DIR%\%TC_BUILD_ARCH_DIR% 2>NUL: + rd /q obj%TC_BUILD_ALT_DIR% 2>NUL: + ) else ( + + set USER_C_FLAGS=%TC_C_FLAGS% %TC_C_DISABLED_WARNINGS% -FAcs -Fa%~1\obj%TC_BUILD_ALT_DIR%\%TC_BUILD_ARCH_DIR%\ + set MSC_WARNING_LEVEL=%TC_C_WARNING_LEVEL% + set C_DEFINES=%TC_C_DEFINES% + set RCOPTIONS=/I %MFC_INC_PATH% + set LIBRARIAN_FLAGS=%TC_LIBRARIAN_FLAGS% + set LINKER_FLAGS=%TC_LINKER_FLAGS% + set BUILD_ALT_DIR=%TC_BUILD_ALT_DIR% + + build %TC_BUILD_OPTS% -w -nmake /S -nmake /C 2>build_errors.log 1>&2 + + if errorlevel 1 ( + type build_errors.log + type build_errors_asm.log 2>NUL: + exit /B 1 + ) + del /q build_errors.log build_errors_asm.log build%BUILD_ALT_DIR%.* 2>NUL: + ) + + shift + +goto build_dirs +:done +popd + + +if "%TC_ARG_CMD%"=="-clean" exit /B 0 + +md "%TC_COPY_DIR%\Setup Files" >NUL: 2>NUL: +copy /B /Y obj%TC_BUILD_ALT_DIR%\%TC_BUILD_ARCH_DIR%\veracrypt.sys "%TC_COPY_DIR%\Setup Files\veracrypt%TC_ARCH_SUFFIX%.sys" >NUL: + +if errorlevel 1 ( + echo BuildDriver.cmd: error: Cannot copy target. >&2 + exit /B 1 +) + +if %TC_TEST_SIGN% equ 1 ( + signtool sign /s "%TC_KERNEL_TEST_CERTIFICATE_STORE%" /n "%TC_KERNEL_TEST_CERTIFICATE_NAME%" "%TC_COPY_DIR%\Setup Files\veracrypt%TC_ARCH_SUFFIX%.sys" >NUL: + + if errorlevel 1 ( + echo BuildDriver.cmd: error: Cannot test-sign target. >&2 + exit /B 1 + ) +) + +exit /B 0 diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c index a8752a5f..c090ee8c 100644 --- a/src/Driver/DriveFilter.c +++ b/src/Driver/DriveFilter.c @@ -1,2153 +1,2153 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "TCdefs.h" -#include -#include -#include -#include "Cache.h" -#include "Crc.h" -#include "Crypto.h" -#include "Apidrvr.h" -#include "EncryptedIoQueue.h" -#include "Common/Endian.h" -#include "Ntdriver.h" -#include "Ntvol.h" -#include "Volumes.h" -#include "VolumeFilter.h" -#include "Wipe.h" -#include "DriveFilter.h" -#include "Boot/Windows/BootCommon.h" - -static BOOL DeviceFilterActive = FALSE; - -BOOL BootArgsValid = FALSE; -BootArguments BootArgs; -static uint16 BootLoaderSegment; -static BOOL BootDriveSignatureValid = FALSE; - -static KMUTEX MountMutex; - -static volatile BOOL BootDriveFound = FALSE; -static DriveFilterExtension *BootDriveFilterExtension = NULL; -static LARGE_INTEGER BootDriveLength; -static byte BootLoaderFingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE]; - -static BOOL CrashDumpEnabled = FALSE; -static BOOL HibernationEnabled = FALSE; - -static BOOL LegacyHibernationDriverFilterActive = FALSE; -static byte *HibernationWriteBuffer = NULL; -static MDL *HibernationWriteBufferMdl = NULL; - -static uint32 HibernationPreventionCount = 0; - -static BootEncryptionSetupRequest SetupRequest; -static volatile BOOL SetupInProgress = FALSE; -PKTHREAD EncryptionSetupThread = NULL; -static volatile BOOL EncryptionSetupThreadAbortRequested; -static KSPIN_LOCK SetupStatusSpinLock; -static int64 SetupStatusEncryptedAreaEnd; -static BOOL TransformWaitingForIdle; -static NTSTATUS SetupResult; - -static WipeDecoySystemRequest WipeDecoyRequest; -static volatile BOOL DecoySystemWipeInProgress = FALSE; -static volatile BOOL DecoySystemWipeThreadAbortRequested; -static KSPIN_LOCK DecoySystemWipeStatusSpinLock; -static int64 DecoySystemWipedAreaEnd; -PKTHREAD DecoySystemWipeThread = NULL; -static NTSTATUS DecoySystemWipeResult; - - -NTSTATUS LoadBootArguments () -{ - NTSTATUS status = STATUS_UNSUCCESSFUL; - PHYSICAL_ADDRESS bootArgsAddr; - byte *mappedBootArgs; - uint16 bootLoaderSegment; - - KeInitializeMutex (&MountMutex, 0); - - for (bootLoaderSegment = TC_BOOT_LOADER_SEGMENT; - bootLoaderSegment >= TC_BOOT_LOADER_SEGMENT - 64 * 1024 / 16 && status != STATUS_SUCCESS; - bootLoaderSegment -= 32 * 1024 / 16) - { - bootArgsAddr.QuadPart = (bootLoaderSegment << 4) + TC_BOOT_LOADER_ARGS_OFFSET; - Dump ("Checking BootArguments at 0x%x\n", bootArgsAddr.LowPart); - - mappedBootArgs = MmMapIoSpace (bootArgsAddr, sizeof (BootArguments), MmCached); - if (!mappedBootArgs) - return STATUS_INSUFFICIENT_RESOURCES; - - if (TC_IS_BOOT_ARGUMENTS_SIGNATURE (mappedBootArgs)) - { - BootArguments *bootArguments = (BootArguments *) mappedBootArgs; - Dump ("BootArguments found at 0x%x\n", bootArgsAddr.LowPart); - - DumpMem (mappedBootArgs, sizeof (BootArguments)); - - if (bootArguments->BootLoaderVersion == VERSION_NUM - && bootArguments->BootArgumentsCrc32 != GetCrc32 ((byte *) bootArguments, (int) ((byte *) &bootArguments->BootArgumentsCrc32 - (byte *) bootArguments))) - { - Dump ("BootArguments CRC incorrect\n"); - TC_BUG_CHECK (STATUS_CRC_ERROR); - } - - // Sanity check: for valid boot argument, the password is less than 64 bytes long - if (bootArguments->BootPassword.Length <= MAX_PASSWORD) - { - BootLoaderSegment = bootLoaderSegment; - - BootArgs = *bootArguments; - BootArgsValid = TRUE; - burn (bootArguments, sizeof (*bootArguments)); - - BootDriveSignatureValid = TRUE; - - Dump ("BootLoaderVersion = %x\n", (int) BootArgs.BootLoaderVersion); - Dump ("HeaderSaltCrc32 = %x\n", (int) BootArgs.HeaderSaltCrc32); - Dump ("CryptoInfoOffset = %x\n", (int) BootArgs.CryptoInfoOffset); - Dump ("CryptoInfoLength = %d\n", (int) BootArgs.CryptoInfoLength); - Dump ("HiddenSystemPartitionStart = %I64u\n", BootArgs.HiddenSystemPartitionStart); - Dump ("DecoySystemPartitionStart = %I64u\n", BootArgs.DecoySystemPartitionStart); - Dump ("Flags = %x\n", BootArgs.Flags); - Dump ("BootDriveSignature = %x\n", BootArgs.BootDriveSignature); - Dump ("BootArgumentsCrc32 = %x\n", BootArgs.BootArgumentsCrc32); - - if (CacheBootPassword && BootArgs.BootPassword.Length > 0) - { - int pim = CacheBootPim? (int) (BootArgs.Flags >> 16) : 0; - AddPasswordToCache (&BootArgs.BootPassword, pim); - } - - // clear fingerprint - burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint)); - - status = STATUS_SUCCESS; - } - } - - MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments)); - } - - return status; -} - - -NTSTATUS DriveFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo) -{ - DriveFilterExtension *Extension; - NTSTATUS status; - PDEVICE_OBJECT filterDeviceObject = NULL; - PDEVICE_OBJECT attachedDeviceObject; - - Dump ("DriveFilterAddDevice pdo=%p\n", pdo); - - attachedDeviceObject = IoGetAttachedDeviceReference (pdo); - status = IoCreateDevice (driverObject, sizeof (DriveFilterExtension), NULL, attachedDeviceObject->DeviceType, 0, FALSE, &filterDeviceObject); - - ObDereferenceObject (attachedDeviceObject); - - if (!NT_SUCCESS (status)) - { - filterDeviceObject = NULL; - goto err; - } - - Extension = (DriveFilterExtension *) filterDeviceObject->DeviceExtension; - memset (Extension, 0, sizeof (DriveFilterExtension)); - - status = IoAttachDeviceToDeviceStackSafe (filterDeviceObject, pdo, &(Extension->LowerDeviceObject)); - if (!NT_SUCCESS (status)) - { - goto err; - } - - if (!Extension->LowerDeviceObject) - { - status = STATUS_DEVICE_REMOVED; - goto err; - } - - Extension->IsDriveFilterDevice = Extension->Queue.IsFilterDevice = TRUE; - Extension->DeviceObject = Extension->Queue.DeviceObject = filterDeviceObject; - Extension->Pdo = pdo; - - Extension->Queue.LowerDeviceObject = Extension->LowerDeviceObject; - IoInitializeRemoveLock (&Extension->Queue.RemoveLock, 'LRCV', 0, 0); - - Extension->ConfiguredEncryptedAreaStart = -1; - Extension->ConfiguredEncryptedAreaEnd = -1; - Extension->Queue.EncryptedAreaStart = -1; - Extension->Queue.EncryptedAreaEnd = -1; - Extension->Queue.EncryptedAreaEndUpdatePending = FALSE; - - filterDeviceObject->Flags |= Extension->LowerDeviceObject->Flags & (DO_DIRECT_IO | DO_BUFFERED_IO | DO_POWER_PAGABLE); - filterDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING; - - DeviceFilterActive = TRUE; - return status; - -err: - if (filterDeviceObject) - { - if (Extension->LowerDeviceObject) - IoDetachDevice (Extension->LowerDeviceObject); - - IoDeleteDevice (filterDeviceObject); - } - - return status; -} - - -static void DismountDrive (DriveFilterExtension *Extension, BOOL stopIoQueue) -{ - Dump ("Dismounting drive\n"); - ASSERT (Extension->DriveMounted); - - if (stopIoQueue && EncryptedIoQueueIsRunning (&Extension->Queue)) - EncryptedIoQueueStop (&Extension->Queue); - - crypto_close (Extension->Queue.CryptoInfo); - Extension->Queue.CryptoInfo = NULL; - - crypto_close (Extension->HeaderCryptoInfo); - Extension->HeaderCryptoInfo = NULL; - - Extension->DriveMounted = FALSE; -} - -static void ComputeBootLoaderFingerprint(PDEVICE_OBJECT LowerDeviceObject, byte* ioBuffer /* ioBuffer must be at least 512 bytes long */) -{ - NTSTATUS status; - LARGE_INTEGER offset; - WHIRLPOOL_CTX whirlpool; - sha512_ctx sha2; - ULONG bytesToRead, remainingBytes, bootloaderTotalSize = TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE; - - // clear fingerprint - burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint)); - - // compute Whirlpool+SHA512 fingerprint of bootloader including MBR - // we skip user configuration fields: - // TC_BOOT_SECTOR_PIM_VALUE_OFFSET = 400 - // TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET = 402 - // => TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE = 4 - // TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = 406 - // => TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH = 24 - // TC_BOOT_SECTOR_USER_CONFIG_OFFSET = 438 - // - // we have: TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE - - WHIRLPOOL_init (&whirlpool); - sha512_begin (&sha2); - // read the first 512 bytes - offset.QuadPart = 0; - - status = TCReadDevice (LowerDeviceObject, ioBuffer, offset, TC_SECTOR_SIZE_BIOS); - if (NT_SUCCESS (status)) - { - WHIRLPOOL_add (ioBuffer, TC_BOOT_SECTOR_PIM_VALUE_OFFSET * 8, &whirlpool); - WHIRLPOOL_add (ioBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)) * 8, &whirlpool); - WHIRLPOOL_add (ioBuffer + TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1, (TC_MAX_MBR_BOOT_CODE_SIZE - (TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1)) * 8, &whirlpool); - - sha512_hash (ioBuffer, TC_BOOT_SECTOR_PIM_VALUE_OFFSET, &sha2); - sha512_hash (ioBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)), &sha2); - sha512_hash (ioBuffer + TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1, (TC_MAX_MBR_BOOT_CODE_SIZE - (TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1)), &sha2); - - // we has the reste of the bootloader, 512 bytes at a time - offset.QuadPart = TC_SECTOR_SIZE_BIOS; - remainingBytes = bootloaderTotalSize - TC_SECTOR_SIZE_BIOS; - - while (NT_SUCCESS (status) && (remainingBytes > 0)) - { - bytesToRead = (remainingBytes >= TC_SECTOR_SIZE_BIOS)? TC_SECTOR_SIZE_BIOS : remainingBytes; - status = TCReadDevice (LowerDeviceObject, ioBuffer, offset, bytesToRead); - if (NT_SUCCESS (status)) - { - remainingBytes -= bytesToRead; - offset.QuadPart += bytesToRead; - WHIRLPOOL_add (ioBuffer, bytesToRead * 8, &whirlpool); - sha512_hash (ioBuffer, bytesToRead, &sha2); - } - else - { - Dump ("TCReadDevice error %x during ComputeBootLoaderFingerprint call\n", status); - break; - } - } - - if (NT_SUCCESS (status)) - { - WHIRLPOOL_finalize (&whirlpool, BootLoaderFingerprint); - sha512_end (&BootLoaderFingerprint [WHIRLPOOL_DIGESTSIZE], &sha2); - } - } - else - { - Dump ("TCReadDevice error %x during ComputeBootLoaderFingerprint call\n", status); - } -} - - -static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password, uint32 *headerSaltCrc32) -{ - BOOL hiddenVolume = (BootArgs.HiddenSystemPartitionStart != 0); - int64 hiddenHeaderOffset = BootArgs.HiddenSystemPartitionStart + TC_HIDDEN_VOLUME_HEADER_OFFSET; - NTSTATUS status; - LARGE_INTEGER offset; - char *header; - int pkcs5_prf = 0, pim = 0; - byte *mappedCryptoInfo = NULL; - - Dump ("MountDrive pdo=%p\n", Extension->Pdo); - ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL); - - // Check boot drive signature first (header CRC search could fail if a user restored the header to a non-boot drive) - if (BootDriveSignatureValid) - { - byte mbr[TC_SECTOR_SIZE_BIOS]; - - offset.QuadPart = 0; - status = TCReadDevice (Extension->LowerDeviceObject, mbr, offset, TC_SECTOR_SIZE_BIOS); - - if (NT_SUCCESS (status) && BootArgs.BootDriveSignature != *(uint32 *) (mbr + 0x1b8)) - return STATUS_UNSUCCESSFUL; - } - - header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); - if (!header) - return STATUS_INSUFFICIENT_RESOURCES; - - offset.QuadPart = hiddenVolume ? hiddenHeaderOffset : TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET; - Dump ("Reading volume header at %I64u\n", offset.QuadPart); - - status = TCReadDevice (Extension->LowerDeviceObject, header, offset, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); - if (!NT_SUCCESS (status)) - { - Dump ("TCReadDevice error %x\n", status); - goto ret; - } - - if (headerSaltCrc32) - { - uint32 saltCrc = GetCrc32 (header, PKCS5_SALT_SIZE); - - if (saltCrc != *headerSaltCrc32) - { - status = STATUS_UNSUCCESSFUL; - goto ret; - } - - Extension->VolumeHeaderSaltCrc32 = saltCrc; - } - - Extension->HeaderCryptoInfo = crypto_open(); - if (!Extension->HeaderCryptoInfo) - { - status = STATUS_INSUFFICIENT_RESOURCES; - goto ret; - } - - if (BootArgs.CryptoInfoLength > 0) - { - PHYSICAL_ADDRESS cryptoInfoAddress; - - cryptoInfoAddress.QuadPart = (BootLoaderSegment << 4) + BootArgs.CryptoInfoOffset; -#ifdef DEBUG - Dump ("Wiping memory %x %d\n", cryptoInfoAddress.LowPart, BootArgs.CryptoInfoLength); -#endif - mappedCryptoInfo = MmMapIoSpace (cryptoInfoAddress, BootArgs.CryptoInfoLength, MmCached); - if (mappedCryptoInfo) - { - /* Get the parameters used for booting to speed up driver startup and avoid testing irrelevant PRFs */ - BOOT_CRYPTO_HEADER* pBootCryptoInfo = (BOOT_CRYPTO_HEADER*) mappedCryptoInfo; - Hash* pHash = HashGet(pBootCryptoInfo->pkcs5); - if (pHash && pHash->SystemEncryption) - pkcs5_prf = pBootCryptoInfo->pkcs5; - } - } - - pim = (int) (BootArgs.Flags >> 16); - - if (ReadVolumeHeader (!hiddenVolume, header, password, pkcs5_prf, pim, FALSE, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0) - { - // Header decrypted - status = STATUS_SUCCESS; - Dump ("Header decrypted\n"); - - // calculate Fingerprint - ComputeBootLoaderFingerprint (Extension->LowerDeviceObject, header); - - if (Extension->Queue.CryptoInfo->hiddenVolume) - { - int64 hiddenPartitionOffset = BootArgs.HiddenSystemPartitionStart; - Dump ("Hidden volume start offset = %I64d\n", Extension->Queue.CryptoInfo->EncryptedAreaStart.Value + hiddenPartitionOffset); - - Extension->HiddenSystem = TRUE; - - Extension->Queue.RemapEncryptedArea = TRUE; - Extension->Queue.RemappedAreaOffset = hiddenPartitionOffset + Extension->Queue.CryptoInfo->EncryptedAreaStart.Value - BootArgs.DecoySystemPartitionStart; - Extension->Queue.RemappedAreaDataUnitOffset = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value / ENCRYPTION_DATA_UNIT_SIZE - BootArgs.DecoySystemPartitionStart / ENCRYPTION_DATA_UNIT_SIZE; - - Extension->Queue.CryptoInfo->EncryptedAreaStart.Value = BootArgs.DecoySystemPartitionStart; - - if (Extension->Queue.CryptoInfo->VolumeSize.Value > hiddenPartitionOffset - BootArgs.DecoySystemPartitionStart) - TC_THROW_FATAL_EXCEPTION; - - Dump ("RemappedAreaOffset = %I64d\n", Extension->Queue.RemappedAreaOffset); - Dump ("RemappedAreaDataUnitOffset = %I64d\n", Extension->Queue.RemappedAreaDataUnitOffset); - } - else - { - Extension->HiddenSystem = FALSE; - Extension->Queue.RemapEncryptedArea = FALSE; - } - - Extension->ConfiguredEncryptedAreaStart = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value; - Extension->ConfiguredEncryptedAreaEnd = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value + Extension->Queue.CryptoInfo->VolumeSize.Value - 1; - - Extension->Queue.EncryptedAreaStart = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value; - Extension->Queue.EncryptedAreaEnd = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value + Extension->Queue.CryptoInfo->EncryptedAreaLength.Value - 1; - - if (Extension->Queue.CryptoInfo->EncryptedAreaLength.Value == 0) - { - Extension->Queue.EncryptedAreaStart = -1; - Extension->Queue.EncryptedAreaEnd = -1; - } - - Dump ("Loaded: ConfiguredEncryptedAreaStart=%I64d (%I64d) ConfiguredEncryptedAreaEnd=%I64d (%I64d)\n", Extension->ConfiguredEncryptedAreaStart / 1024 / 1024, Extension->ConfiguredEncryptedAreaStart, Extension->ConfiguredEncryptedAreaEnd / 1024 / 1024, Extension->ConfiguredEncryptedAreaEnd); - Dump ("Loaded: EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d (%I64d)\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024, Extension->Queue.EncryptedAreaEnd); - - // Erase boot loader scheduled keys - if (mappedCryptoInfo) - { - burn (mappedCryptoInfo, BootArgs.CryptoInfoLength); - MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength); - BootArgs.CryptoInfoLength = 0; - } - - BootDriveFilterExtension = Extension; - BootDriveFound = Extension->BootDrive = Extension->DriveMounted = Extension->VolumeHeaderPresent = TRUE; - BootDriveFilterExtension->MagicNumber = TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER; - - burn (&BootArgs.BootPassword, sizeof (BootArgs.BootPassword)); - - { - STORAGE_DEVICE_NUMBER storageDeviceNumber; - status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber)); - - if (!NT_SUCCESS (status)) - { - Dump ("Failed to get drive number - error %x\n", status); - Extension->SystemStorageDeviceNumberValid = FALSE; - } - else - { - Extension->SystemStorageDeviceNumber = storageDeviceNumber.DeviceNumber; - Extension->SystemStorageDeviceNumberValid = TRUE; - } - } - - status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_GET_LENGTH_INFO, NULL, 0, &BootDriveLength, sizeof (BootDriveLength)); - - if (!NT_SUCCESS (status)) - { - Dump ("Failed to get drive length - error %x\n", status); - BootDriveLength.QuadPart = 0; - Extension->Queue.MaxReadAheadOffset.QuadPart = 0; - } - else - Extension->Queue.MaxReadAheadOffset = BootDriveLength; - - status = EncryptedIoQueueStart (&Extension->Queue); - if (!NT_SUCCESS (status)) - TC_BUG_CHECK (status); - - if (IsOSAtLeast (WIN_VISTA)) - { - CrashDumpEnabled = TRUE; - HibernationEnabled = TRUE; - } - else if (!LegacyHibernationDriverFilterActive) - StartLegacyHibernationDriverFilter(); - - // Hidden system hibernation is not supported if an extra boot partition is present as the system is not allowed to update the boot partition - if (IsHiddenSystemRunning() && (BootArgs.Flags & TC_BOOT_ARGS_FLAG_EXTRA_BOOT_PARTITION)) - { - CrashDumpEnabled = FALSE; - HibernationEnabled = FALSE; - } - } - else - { - Dump ("Header not decrypted\n"); - crypto_close (Extension->HeaderCryptoInfo); - Extension->HeaderCryptoInfo = NULL; - - status = STATUS_UNSUCCESSFUL; - } - -ret: - TCfree (header); - return status; -} - - -static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension) -{ - NTSTATUS status = STATUS_SUCCESS; - LARGE_INTEGER offset; - byte *header; - - header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); - if (!header) - return STATUS_INSUFFICIENT_RESOURCES; - - offset.QuadPart = TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET; - - status = TCReadDevice (Extension->LowerDeviceObject, header, offset, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); - if (!NT_SUCCESS (status)) - { - Dump ("TCReadDevice error %x", status); - goto ret; - } - - Dump ("Saving: ConfiguredEncryptedAreaStart=%I64d (%I64d) ConfiguredEncryptedAreaEnd=%I64d (%I64d)\n", Extension->ConfiguredEncryptedAreaStart / 1024 / 1024, Extension->ConfiguredEncryptedAreaStart, Extension->ConfiguredEncryptedAreaEnd / 1024 / 1024, Extension->ConfiguredEncryptedAreaEnd); - Dump ("Saving: EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d (%I64d)\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024, Extension->Queue.EncryptedAreaEnd); - - if (Extension->Queue.EncryptedAreaStart == -1 || Extension->Queue.EncryptedAreaEnd == -1 - || Extension->Queue.EncryptedAreaEnd <= Extension->Queue.EncryptedAreaStart) - { - if (SetupRequest.SetupMode == SetupDecryption) - { - memset (header, 0, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); - Extension->VolumeHeaderPresent = FALSE; - } - } - else - { - uint32 headerCrc32; - uint64 encryptedAreaLength = Extension->Queue.EncryptedAreaEnd + 1 - Extension->Queue.EncryptedAreaStart; - byte *fieldPos = header + TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH; - - DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, Extension->HeaderCryptoInfo); - - if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241) - { - Dump ("Header not decrypted"); - status = STATUS_UNKNOWN_REVISION; - goto ret; - } - - mputInt64 (fieldPos, encryptedAreaLength); - - headerCrc32 = GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC); - fieldPos = header + TC_HEADER_OFFSET_HEADER_CRC; - mputLong (fieldPos, headerCrc32); - - EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, Extension->HeaderCryptoInfo); - } - - status = TCWriteDevice (Extension->LowerDeviceObject, header, offset, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); - if (!NT_SUCCESS (status)) - { - Dump ("TCWriteDevice error %x", status); - goto ret; - } - -ret: - TCfree (header); - return status; -} - - -static NTSTATUS PassIrp (PDEVICE_OBJECT deviceObject, PIRP irp) -{ - IoSkipCurrentIrpStackLocation (irp); - return IoCallDriver (deviceObject, irp); -} - - -static NTSTATUS PassFilteredIrp (PDEVICE_OBJECT deviceObject, PIRP irp, PIO_COMPLETION_ROUTINE completionRoutine, PVOID completionRoutineArg) -{ - IoCopyCurrentIrpStackLocationToNext (irp); - - if (completionRoutine) - IoSetCompletionRoutine (irp, completionRoutine, completionRoutineArg, TRUE, TRUE, TRUE); - - return IoCallDriver (deviceObject, irp); -} - - -static NTSTATUS OnDeviceUsageNotificationCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP Irp, DriveFilterExtension *Extension) -{ - if (Irp->PendingReturned) - IoMarkIrpPending (Irp); - - if (!(Extension->LowerDeviceObject->Flags & DO_POWER_PAGABLE)) - filterDeviceObject->Flags &= ~DO_POWER_PAGABLE; - - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return STATUS_CONTINUE_COMPLETION; -} - - -static BOOL IsVolumeDevice (PDEVICE_OBJECT deviceObject) -{ - VOLUME_NUMBER volNumber; - VOLUME_DISK_EXTENTS extents[2]; - NTSTATUS extentStatus = SendDeviceIoControlRequest (deviceObject, IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS, NULL, 0, extents, sizeof (extents)); - - return NT_SUCCESS (SendDeviceIoControlRequest (deviceObject, IOCTL_VOLUME_SUPPORTS_ONLINE_OFFLINE, NULL, 0, NULL, 0)) - || NT_SUCCESS (SendDeviceIoControlRequest (deviceObject, IOCTL_VOLUME_IS_OFFLINE, NULL, 0, NULL, 0)) - || NT_SUCCESS (SendDeviceIoControlRequest (deviceObject, IOCTL_VOLUME_IS_IO_CAPABLE, NULL, 0, NULL, 0)) - || NT_SUCCESS (SendDeviceIoControlRequest (deviceObject, IOCTL_VOLUME_IS_PARTITION, NULL, 0, NULL, 0)) - || NT_SUCCESS (SendDeviceIoControlRequest (deviceObject, IOCTL_VOLUME_QUERY_VOLUME_NUMBER, NULL, 0, &volNumber, sizeof (volNumber))) - || NT_SUCCESS (extentStatus) || extentStatus == STATUS_BUFFER_OVERFLOW || extentStatus == STATUS_BUFFER_TOO_SMALL; -} - - -static void CheckDeviceTypeAndMount (DriveFilterExtension *filterExtension) -{ - if (BootArgsValid) - { - // Windows sometimes merges a removable drive PDO and its volume PDO to a single PDO having no volume interface (GUID_DEVINTERFACE_VOLUME). - // Therefore, we need to test whether the device supports volume IOCTLs. - if (VolumeClassFilterRegistered - && BootArgs.HiddenSystemPartitionStart != 0 - && IsVolumeDevice (filterExtension->LowerDeviceObject)) - { - Dump ("Drive and volume merged pdo=%p", filterExtension->Pdo); - - filterExtension->IsVolumeFilterDevice = TRUE; - filterExtension->IsDriveFilterDevice = FALSE; - } - else - { - NTSTATUS status = KeWaitForMutexObject (&MountMutex, Executive, KernelMode, FALSE, NULL); - if (!NT_SUCCESS (status)) - TC_BUG_CHECK (status); - - if (!BootDriveFound) - MountDrive (filterExtension, &BootArgs.BootPassword, &BootArgs.HeaderSaltCrc32); - - KeReleaseMutex (&MountMutex, FALSE); - } - } -} - - -static VOID MountDriveWorkItemRoutine (PDEVICE_OBJECT deviceObject, DriveFilterExtension *filterExtension) -{ - CheckDeviceTypeAndMount (filterExtension); - KeSetEvent (&filterExtension->MountWorkItemCompletedEvent, IO_NO_INCREMENT, FALSE); -} - - -static NTSTATUS OnStartDeviceCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP Irp, DriveFilterExtension *Extension) -{ - if (Irp->PendingReturned) - IoMarkIrpPending (Irp); - - if (Extension->LowerDeviceObject->Characteristics & FILE_REMOVABLE_MEDIA) - filterDeviceObject->Characteristics |= FILE_REMOVABLE_MEDIA; - - if (KeGetCurrentIrql() == PASSIVE_LEVEL) - { - CheckDeviceTypeAndMount (Extension); - } - else - { - PIO_WORKITEM workItem = IoAllocateWorkItem (filterDeviceObject); - if (!workItem) - { - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return STATUS_INSUFFICIENT_RESOURCES; - } - - KeInitializeEvent (&Extension->MountWorkItemCompletedEvent, SynchronizationEvent, FALSE); - IoQueueWorkItem (workItem, MountDriveWorkItemRoutine, DelayedWorkQueue, Extension); - - KeWaitForSingleObject (&Extension->MountWorkItemCompletedEvent, Executive, KernelMode, FALSE, NULL); - IoFreeWorkItem (workItem); - } - - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return STATUS_CONTINUE_COMPLETION; -} - - -static NTSTATUS DispatchPnp (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilterExtension *Extension, PIO_STACK_LOCATION irpSp) -{ - NTSTATUS status; - - status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); - if (!NT_SUCCESS (status)) - return TCCompleteIrp (Irp, status, 0); - - switch (irpSp->MinorFunction) - { - case IRP_MN_START_DEVICE: - Dump ("IRP_MN_START_DEVICE pdo=%p\n", Extension->Pdo); - return PassFilteredIrp (Extension->LowerDeviceObject, Irp, OnStartDeviceCompleted, Extension); - - - case IRP_MN_DEVICE_USAGE_NOTIFICATION: - Dump ("IRP_MN_DEVICE_USAGE_NOTIFICATION type=%d\n", (int) irpSp->Parameters.UsageNotification.Type); - - { - PDEVICE_OBJECT attachedDevice = IoGetAttachedDeviceReference (DeviceObject); - - if (attachedDevice == DeviceObject || (attachedDevice->Flags & DO_POWER_PAGABLE)) - DeviceObject->Flags |= DO_POWER_PAGABLE; - - ObDereferenceObject (attachedDevice); - } - - // Prevent creation of hibernation and crash dump files if required - if (irpSp->Parameters.UsageNotification.InPath - && ( - (irpSp->Parameters.UsageNotification.Type == DeviceUsageTypeDumpFile && !CrashDumpEnabled) - || (irpSp->Parameters.UsageNotification.Type == DeviceUsageTypeHibernation && !HibernationEnabled) - ) - ) - { - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - - if (irpSp->Parameters.UsageNotification.Type == DeviceUsageTypeHibernation) - ++HibernationPreventionCount; - - Dump ("Preventing dump type=%d\n", (int) irpSp->Parameters.UsageNotification.Type); - return TCCompleteIrp (Irp, STATUS_UNSUCCESSFUL, 0); - } - - return PassFilteredIrp (Extension->LowerDeviceObject, Irp, OnDeviceUsageNotificationCompleted, Extension); - - - case IRP_MN_REMOVE_DEVICE: - Dump ("IRP_MN_REMOVE_DEVICE pdo=%p\n", Extension->Pdo); - - IoReleaseRemoveLockAndWait (&Extension->Queue.RemoveLock, Irp); - status = PassIrp (Extension->LowerDeviceObject, Irp); - - IoDetachDevice (Extension->LowerDeviceObject); - - if (Extension->DriveMounted) - DismountDrive (Extension, TRUE); - - if (Extension->BootDrive) - { - BootDriveFound = FALSE; - BootDriveFilterExtension = NULL; - } - - IoDeleteDevice (DeviceObject); - return status; - - - default: - status = PassIrp (Extension->LowerDeviceObject, Irp); - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - } - return status; -} - - -static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilterExtension *Extension, PIO_STACK_LOCATION irpSp) -{ - NTSTATUS status; - Dump ("IRP_MJ_POWER minor=%d type=%d shutdown=%d\n", (int) irpSp->MinorFunction, (int) irpSp->Parameters.Power.Type, (int) irpSp->Parameters.Power.ShutdownType); - - if (SetupInProgress - && irpSp->MinorFunction == IRP_MN_SET_POWER - && irpSp->Parameters.Power.ShutdownType == PowerActionHibernate) - { - while (SendDeviceIoControlRequest (RootDeviceObject, TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP, NULL, 0, NULL, 0) == STATUS_INSUFFICIENT_RESOURCES); - } - -#if 0 // Dismount of the system drive is disabled until there is a way to do it without causing system errors (see the documentation for more info) - if (DriverShuttingDown - && Extension->BootDrive - && Extension->DriveMounted - && irpSp->MinorFunction == IRP_MN_SET_POWER - && irpSp->Parameters.Power.Type == DevicePowerState) - { - DismountDrive (Extension, TRUE); - } -#endif // 0 - - PoStartNextPowerIrp (Irp); - - status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); - if (!NT_SUCCESS (status)) - return TCCompleteIrp (Irp, status, 0); - - IoSkipCurrentIrpStackLocation (Irp); - status = PoCallDriver (Extension->LowerDeviceObject, Irp); - - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return status; -} - - -NTSTATUS DriveFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp) -{ - DriveFilterExtension *Extension = (DriveFilterExtension *) DeviceObject->DeviceExtension; - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); - NTSTATUS status; - - ASSERT (!Extension->bRootDevice && Extension->IsDriveFilterDevice); - - switch (irpSp->MajorFunction) - { - case IRP_MJ_READ: - case IRP_MJ_WRITE: - if (Extension->BootDrive) - { - status = EncryptedIoQueueAddIrp (&Extension->Queue, Irp); - - if (status != STATUS_PENDING) - TCCompleteDiskIrp (Irp, status, 0); - - return status; - } - break; - - case IRP_MJ_PNP: - return DispatchPnp (DeviceObject, Irp, Extension, irpSp); - - case IRP_MJ_POWER: - return DispatchPower (DeviceObject, Irp, Extension, irpSp); - } - - status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); - if (!NT_SUCCESS (status)) - return TCCompleteIrp (Irp, status, 0); - - status = PassIrp (Extension->LowerDeviceObject, Irp); - - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return status; -} - - -void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp) -{ - LARGE_INTEGER offset; - char *header; - ReopenBootVolumeHeaderRequest *request = (ReopenBootVolumeHeaderRequest *) irp->AssociatedIrp.SystemBuffer; - - irp->IoStatus.Information = 0; - - if (!IoIsSystemThread (PsGetCurrentThread()) && !UserCanAccessDriveDevice()) - { - irp->IoStatus.Status = STATUS_ACCESS_DENIED; - return; - } - - if (!ValidateIOBufferSize (irp, sizeof (ReopenBootVolumeHeaderRequest), ValidateInput)) - return; - - if (!BootDriveFound || !BootDriveFilterExtension || !BootDriveFilterExtension->DriveMounted || !BootDriveFilterExtension->HeaderCryptoInfo - || request->VolumePassword.Length > MAX_PASSWORD - || request->pkcs5_prf < 0 - || request->pkcs5_prf > LAST_PRF_ID - || request->pim < 0 - || request->pim > 65535 - ) - { - irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - goto wipe; - } - - header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); - if (!header) - { - irp->IoStatus.Status = STATUS_INSUFFICIENT_RESOURCES; - goto wipe; - } - - if (BootDriveFilterExtension->HiddenSystem) - offset.QuadPart = BootArgs.HiddenSystemPartitionStart + TC_HIDDEN_VOLUME_HEADER_OFFSET; - else - offset.QuadPart = TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET; - - irp->IoStatus.Status = TCReadDevice (BootDriveFilterExtension->LowerDeviceObject, header, offset, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); - if (!NT_SUCCESS (irp->IoStatus.Status)) - { - Dump ("TCReadDevice error %x\n", irp->IoStatus.Status); - goto ret; - } - - if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, request->pkcs5_prf, request->pim, FALSE, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0) - { - Dump ("Header reopened\n"); - ComputeBootLoaderFingerprint (BootDriveFilterExtension->LowerDeviceObject, header); - - BootDriveFilterExtension->Queue.CryptoInfo->header_creation_time = BootDriveFilterExtension->HeaderCryptoInfo->header_creation_time; - BootDriveFilterExtension->Queue.CryptoInfo->pkcs5 = BootDriveFilterExtension->HeaderCryptoInfo->pkcs5; - BootDriveFilterExtension->Queue.CryptoInfo->noIterations = BootDriveFilterExtension->HeaderCryptoInfo->noIterations; - BootDriveFilterExtension->Queue.CryptoInfo->volumePim = BootDriveFilterExtension->HeaderCryptoInfo->volumePim; - - irp->IoStatus.Status = STATUS_SUCCESS; - } - else - { - crypto_close (BootDriveFilterExtension->HeaderCryptoInfo); - BootDriveFilterExtension->HeaderCryptoInfo = NULL; - - Dump ("Header not reopened\n"); - irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - } - -ret: - TCfree (header); -wipe: - burn (request, sizeof (*request)); -} - - -// Legacy Windows XP/2003 hibernation dump filter - -typedef NTSTATUS (*HiberDriverWriteFunctionA) (ULONG arg0, PLARGE_INTEGER writeOffset, PMDL dataMdl, PVOID arg3); -typedef NTSTATUS (*HiberDriverWriteFunctionB) (PLARGE_INTEGER writeOffset, PMDL dataMdl); - -typedef struct -{ -#ifdef _WIN64 - byte FieldPad1[64]; - HiberDriverWriteFunctionB WriteFunctionB; - byte FieldPad2[56]; -#else - byte FieldPad1[48]; - HiberDriverWriteFunctionB WriteFunctionB; - byte FieldPad2[32]; -#endif - HiberDriverWriteFunctionA WriteFunctionA; - byte FieldPad3[24]; - LARGE_INTEGER PartitionStartOffset; -} HiberDriverContext; - -typedef NTSTATUS (*HiberDriverEntry) (PVOID arg0, HiberDriverContext *hiberDriverContext); - -typedef struct -{ - LIST_ENTRY ModuleList; -#ifdef _WIN64 - byte FieldPad1[32]; -#else - byte FieldPad1[16]; -#endif - PVOID ModuleBaseAddress; - HiberDriverEntry ModuleEntryAddress; -#ifdef _WIN64 - byte FieldPad2[24]; -#else - byte FieldPad2[12]; -#endif - UNICODE_STRING ModuleName; -} ModuleTableItem; - - -#define TC_MAX_HIBER_FILTER_COUNT 3 -static int LastHiberFilterNumber = 0; - -static HiberDriverEntry OriginalHiberDriverEntries[TC_MAX_HIBER_FILTER_COUNT]; -static HiberDriverWriteFunctionA OriginalHiberDriverWriteFunctionsA[TC_MAX_HIBER_FILTER_COUNT]; -static HiberDriverWriteFunctionB OriginalHiberDriverWriteFunctionsB[TC_MAX_HIBER_FILTER_COUNT]; - -static LARGE_INTEGER HiberPartitionOffset; - - -static NTSTATUS HiberDriverWriteFunctionFilter (int filterNumber, PLARGE_INTEGER writeOffset, PMDL dataMdl, BOOL writeB, ULONG arg0WriteA, PVOID arg3WriteA) -{ - MDL *encryptedDataMdl = dataMdl; - - if (writeOffset && dataMdl && BootDriveFilterExtension && BootDriveFilterExtension->DriveMounted) - { - ULONG dataLength = MmGetMdlByteCount (dataMdl); - - if (dataMdl->MappedSystemVa && dataLength > 0) - { - uint64 offset = HiberPartitionOffset.QuadPart + writeOffset->QuadPart; - uint64 intersectStart; - uint32 intersectLength; - - if (dataLength > TC_HIBERNATION_WRITE_BUFFER_SIZE) - TC_BUG_CHECK (STATUS_BUFFER_OVERFLOW); - - if ((dataLength & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) - TC_BUG_CHECK (STATUS_INVALID_PARAMETER); - - if ((offset & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) - TC_BUG_CHECK (STATUS_INVALID_PARAMETER); - - GetIntersection (offset, - dataLength, - BootDriveFilterExtension->Queue.EncryptedAreaStart, - BootDriveFilterExtension->Queue.EncryptedAreaEnd, - &intersectStart, - &intersectLength); - - if (intersectLength > 0) - { - UINT64_STRUCT dataUnit; - dataUnit.Value = intersectStart / ENCRYPTION_DATA_UNIT_SIZE; - - memcpy (HibernationWriteBuffer, dataMdl->MappedSystemVa, dataLength); - - if (BootDriveFilterExtension->Queue.RemapEncryptedArea) - dataUnit.Value += BootDriveFilterExtension->Queue.RemappedAreaDataUnitOffset; - - EncryptDataUnitsCurrentThread (HibernationWriteBuffer + (intersectStart - offset), - &dataUnit, - intersectLength / ENCRYPTION_DATA_UNIT_SIZE, - BootDriveFilterExtension->Queue.CryptoInfo); - - encryptedDataMdl = HibernationWriteBufferMdl; - MmInitializeMdl (encryptedDataMdl, HibernationWriteBuffer, dataLength); - encryptedDataMdl->MdlFlags = dataMdl->MdlFlags; - } - } - } - - if (writeB) - return (*OriginalHiberDriverWriteFunctionsB[filterNumber]) (writeOffset, encryptedDataMdl); - - return (*OriginalHiberDriverWriteFunctionsA[filterNumber]) (arg0WriteA, writeOffset, encryptedDataMdl, arg3WriteA); -} - - -static NTSTATUS HiberDriverWriteFunctionAFilter0 (ULONG arg0, PLARGE_INTEGER writeOffset, PMDL dataMdl, PVOID arg3) -{ - return HiberDriverWriteFunctionFilter (0, writeOffset, dataMdl, FALSE, arg0, arg3); -} - -static NTSTATUS HiberDriverWriteFunctionAFilter1 (ULONG arg0, PLARGE_INTEGER writeOffset, PMDL dataMdl, PVOID arg3) -{ - return HiberDriverWriteFunctionFilter (1, writeOffset, dataMdl, FALSE, arg0, arg3); -} - -static NTSTATUS HiberDriverWriteFunctionAFilter2 (ULONG arg0, PLARGE_INTEGER writeOffset, PMDL dataMdl, PVOID arg3) -{ - return HiberDriverWriteFunctionFilter (2, writeOffset, dataMdl, FALSE, arg0, arg3); -} - - -static NTSTATUS HiberDriverWriteFunctionBFilter0 (PLARGE_INTEGER writeOffset, PMDL dataMdl) -{ - return HiberDriverWriteFunctionFilter (0, writeOffset, dataMdl, TRUE, 0, NULL); -} - -static NTSTATUS HiberDriverWriteFunctionBFilter1 (PLARGE_INTEGER writeOffset, PMDL dataMdl) -{ - return HiberDriverWriteFunctionFilter (1, writeOffset, dataMdl, TRUE, 0, NULL); -} - -static NTSTATUS HiberDriverWriteFunctionBFilter2 (PLARGE_INTEGER writeOffset, PMDL dataMdl) -{ - return HiberDriverWriteFunctionFilter (2, writeOffset, dataMdl, TRUE, 0, NULL); -} - - -static NTSTATUS HiberDriverEntryFilter (int filterNumber, PVOID arg0, HiberDriverContext *hiberDriverContext) -{ - BOOL filterInstalled = FALSE; - NTSTATUS status; - - if (!OriginalHiberDriverEntries[filterNumber]) - return STATUS_UNSUCCESSFUL; - - status = (*OriginalHiberDriverEntries[filterNumber]) (arg0, hiberDriverContext); - - if (!NT_SUCCESS (status) || !hiberDriverContext) - return status; - - if (SetupInProgress) - TC_BUG_CHECK (STATUS_INVALID_PARAMETER); - - if (hiberDriverContext->WriteFunctionA) - { - Dump ("Filtering WriteFunctionA %d\n", filterNumber); - OriginalHiberDriverWriteFunctionsA[filterNumber] = hiberDriverContext->WriteFunctionA; - - switch (filterNumber) - { - case 0: hiberDriverContext->WriteFunctionA = HiberDriverWriteFunctionAFilter0; break; - case 1: hiberDriverContext->WriteFunctionA = HiberDriverWriteFunctionAFilter1; break; - case 2: hiberDriverContext->WriteFunctionA = HiberDriverWriteFunctionAFilter2; break; - default: TC_THROW_FATAL_EXCEPTION; - } - - filterInstalled = TRUE; - } - - if (hiberDriverContext->WriteFunctionB) - { - Dump ("Filtering WriteFunctionB %d\n", filterNumber); - OriginalHiberDriverWriteFunctionsB[filterNumber] = hiberDriverContext->WriteFunctionB; - - switch (filterNumber) - { - case 0: hiberDriverContext->WriteFunctionB = HiberDriverWriteFunctionBFilter0; break; - case 1: hiberDriverContext->WriteFunctionB = HiberDriverWriteFunctionBFilter1; break; - case 2: hiberDriverContext->WriteFunctionB = HiberDriverWriteFunctionBFilter2; break; - default: TC_THROW_FATAL_EXCEPTION; - } - - filterInstalled = TRUE; - } - - if (filterInstalled && hiberDriverContext->PartitionStartOffset.QuadPart != 0) - { - HiberPartitionOffset = hiberDriverContext->PartitionStartOffset; - - if (BootDriveFilterExtension->Queue.RemapEncryptedArea) - hiberDriverContext->PartitionStartOffset.QuadPart += BootDriveFilterExtension->Queue.RemappedAreaOffset; - } - - return STATUS_SUCCESS; -} - - -static NTSTATUS HiberDriverEntryFilter0 (PVOID arg0, HiberDriverContext *hiberDriverContext) -{ - return HiberDriverEntryFilter (0, arg0, hiberDriverContext); -} - - -static NTSTATUS HiberDriverEntryFilter1 (PVOID arg0, HiberDriverContext *hiberDriverContext) -{ - return HiberDriverEntryFilter (1, arg0, hiberDriverContext); -} - - -static NTSTATUS HiberDriverEntryFilter2 (PVOID arg0, HiberDriverContext *hiberDriverContext) -{ - return HiberDriverEntryFilter (2, arg0, hiberDriverContext); -} - - -static VOID LoadImageNotifyRoutine (PUNICODE_STRING fullImageName, HANDLE processId, PIMAGE_INFO imageInfo) -{ - ModuleTableItem *moduleItem; - LIST_ENTRY *listEntry; - KIRQL origIrql; - - if (!imageInfo || !imageInfo->SystemModeImage || !imageInfo->ImageBase || !TCDriverObject->DriverSection) - return; - - moduleItem = *(ModuleTableItem **) TCDriverObject->DriverSection; - if (!moduleItem || !moduleItem->ModuleList.Flink) - return; - - // Search loaded system modules for hibernation driver - origIrql = KeRaiseIrqlToDpcLevel(); - - for (listEntry = moduleItem->ModuleList.Flink->Blink; - listEntry && listEntry != TCDriverObject->DriverSection; - listEntry = listEntry->Flink) - { - moduleItem = CONTAINING_RECORD (listEntry, ModuleTableItem, ModuleList); - - if (moduleItem && imageInfo->ImageBase == moduleItem->ModuleBaseAddress) - { - if (moduleItem->ModuleName.Buffer && moduleItem->ModuleName.Length >= 5 * sizeof (wchar_t)) - { - if (memcmp (moduleItem->ModuleName.Buffer, L"hiber", 5 * sizeof (wchar_t)) == 0 - || memcmp (moduleItem->ModuleName.Buffer, L"Hiber", 5 * sizeof (wchar_t)) == 0 - || memcmp (moduleItem->ModuleName.Buffer, L"HIBER", 5 * sizeof (wchar_t)) == 0) - { - HiberDriverEntry filterEntry; - - switch (LastHiberFilterNumber) - { - case 0: filterEntry = HiberDriverEntryFilter0; break; - case 1: filterEntry = HiberDriverEntryFilter1; break; - case 2: filterEntry = HiberDriverEntryFilter2; break; - default: TC_THROW_FATAL_EXCEPTION; - } - - if (moduleItem->ModuleEntryAddress != filterEntry) - { - // Install filter - OriginalHiberDriverEntries[LastHiberFilterNumber] = moduleItem->ModuleEntryAddress; - moduleItem->ModuleEntryAddress = filterEntry; - - if (++LastHiberFilterNumber > TC_MAX_HIBER_FILTER_COUNT - 1) - LastHiberFilterNumber = 0; - } - } - } - break; - } - } - - KeLowerIrql (origIrql); -} - - -void StartLegacyHibernationDriverFilter () -{ - PHYSICAL_ADDRESS highestAcceptableWriteBufferAddr; - NTSTATUS status; - - ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL); - ASSERT (!IsOSAtLeast (WIN_VISTA)); - - if (!TCDriverObject->DriverSection || !*(ModuleTableItem **) TCDriverObject->DriverSection) - goto err; - - // All buffers required for hibernation must be allocated here -#ifdef _WIN64 - highestAcceptableWriteBufferAddr.QuadPart = 0x7FFffffFFFFULL; -#else - highestAcceptableWriteBufferAddr.QuadPart = 0xffffFFFFULL; -#endif - - HibernationWriteBuffer = MmAllocateContiguousMemory (TC_HIBERNATION_WRITE_BUFFER_SIZE, highestAcceptableWriteBufferAddr); - if (!HibernationWriteBuffer) - goto err; - - HibernationWriteBufferMdl = IoAllocateMdl (HibernationWriteBuffer, TC_HIBERNATION_WRITE_BUFFER_SIZE, FALSE, FALSE, NULL); - if (!HibernationWriteBufferMdl) - goto err; - - MmBuildMdlForNonPagedPool (HibernationWriteBufferMdl); - - status = PsSetLoadImageNotifyRoutine (LoadImageNotifyRoutine); - if (!NT_SUCCESS (status)) - goto err; - - LegacyHibernationDriverFilterActive = TRUE; - CrashDumpEnabled = FALSE; - HibernationEnabled = TRUE; - return; - -err: - LegacyHibernationDriverFilterActive = FALSE; - CrashDumpEnabled = FALSE; - HibernationEnabled = FALSE; - - if (HibernationWriteBufferMdl) - { - IoFreeMdl (HibernationWriteBufferMdl); - HibernationWriteBufferMdl = NULL; - } - - if (HibernationWriteBuffer) - { - MmFreeContiguousMemory (HibernationWriteBuffer); - HibernationWriteBuffer = NULL; - } -} - - -static VOID SetupThreadProc (PVOID threadArg) -{ - DriveFilterExtension *Extension = BootDriveFilterExtension; - - LARGE_INTEGER offset; - UINT64_STRUCT dataUnit; - ULONG setupBlockSize = TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE; - BOOL headerUpdateRequired = FALSE; - int64 bytesWrittenSinceHeaderUpdate = 0; - - byte *buffer = NULL; - byte *wipeBuffer = NULL; - byte wipeRandChars[TC_WIPE_RAND_CHAR_COUNT]; - byte wipeRandCharsUpdate[TC_WIPE_RAND_CHAR_COUNT]; - - KIRQL irql; - NTSTATUS status; - - // generate real random values for wipeRandChars and - // wipeRandCharsUpdate instead of relying on uninitialized stack memory - LARGE_INTEGER iSeed; - KeQuerySystemTime( &iSeed ); - if (KeGetCurrentIrql() < DISPATCH_LEVEL) - { - ULONG ulRandom; - ulRandom = RtlRandomEx( &iSeed.LowPart ); - memcpy (wipeRandChars, &ulRandom, TC_WIPE_RAND_CHAR_COUNT); - ulRandom = RtlRandomEx( &ulRandom ); - memcpy (wipeRandCharsUpdate, &ulRandom, TC_WIPE_RAND_CHAR_COUNT); - burn (&ulRandom, sizeof(ulRandom)); - } - else - { - byte digest[SHA512_DIGESTSIZE]; - sha512_ctx tctx; - sha512_begin (&tctx); - sha512_hash ((unsigned char *) &(iSeed.QuadPart), sizeof(iSeed.QuadPart), &tctx); - sha512_end (digest, &tctx); - - memcpy (wipeRandChars, digest, TC_WIPE_RAND_CHAR_COUNT); - memcpy (wipeRandCharsUpdate, &digest[SHA512_DIGESTSIZE - TC_WIPE_RAND_CHAR_COUNT], TC_WIPE_RAND_CHAR_COUNT); - - burn (digest, SHA512_DIGESTSIZE); - burn (&tctx, sizeof (tctx)); - } - - burn (&iSeed, sizeof(iSeed)); - - SetupResult = STATUS_UNSUCCESSFUL; - - // Make sure volume header can be updated - if (Extension->HeaderCryptoInfo == NULL) - { - SetupResult = STATUS_INVALID_PARAMETER; - goto ret; - } - - buffer = TCalloc (TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE); - if (!buffer) - { - SetupResult = STATUS_INSUFFICIENT_RESOURCES; - goto ret; - } - - if (SetupRequest.SetupMode == SetupEncryption && SetupRequest.WipeAlgorithm != TC_WIPE_NONE) - { - wipeBuffer = TCalloc (TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE); - if (!wipeBuffer) - { - SetupResult = STATUS_INSUFFICIENT_RESOURCES; - goto ret; - } - } - - while (!NT_SUCCESS (EncryptedIoQueueHoldWhenIdle (&Extension->Queue, 1000))) - { - if (EncryptionSetupThreadAbortRequested) - goto abort; - - TransformWaitingForIdle = TRUE; - } - TransformWaitingForIdle = FALSE; - - switch (SetupRequest.SetupMode) - { - case SetupEncryption: - Dump ("Encrypting...\n"); - if (Extension->Queue.EncryptedAreaStart == -1 || Extension->Queue.EncryptedAreaEnd == -1) - { - // Start encryption - Extension->Queue.EncryptedAreaStart = Extension->ConfiguredEncryptedAreaStart; - Extension->Queue.EncryptedAreaEnd = -1; - offset.QuadPart = Extension->ConfiguredEncryptedAreaStart; - } - else - { - // Resume aborted encryption - if (Extension->Queue.EncryptedAreaEnd == Extension->ConfiguredEncryptedAreaEnd) - goto err; - - offset.QuadPart = Extension->Queue.EncryptedAreaEnd + 1; - } - - break; - - case SetupDecryption: - Dump ("Decrypting...\n"); - if (Extension->Queue.EncryptedAreaStart == -1 || Extension->Queue.EncryptedAreaEnd == -1) - { - SetupResult = STATUS_SUCCESS; - goto abort; - } - - offset.QuadPart = Extension->Queue.EncryptedAreaEnd + 1; - break; - - default: - goto err; - } - - EncryptedIoQueueResumeFromHold (&Extension->Queue); - - Dump ("EncryptedAreaStart=%I64d\n", Extension->Queue.EncryptedAreaStart); - Dump ("EncryptedAreaEnd=%I64d\n", Extension->Queue.EncryptedAreaEnd); - Dump ("ConfiguredEncryptedAreaStart=%I64d\n", Extension->ConfiguredEncryptedAreaStart); - Dump ("ConfiguredEncryptedAreaEnd=%I64d\n", Extension->ConfiguredEncryptedAreaEnd); - Dump ("offset=%I64d\n", offset.QuadPart); - Dump ("EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024); - - while (!EncryptionSetupThreadAbortRequested) - { - if (SetupRequest.SetupMode == SetupEncryption) - { - if (offset.QuadPart + setupBlockSize > Extension->ConfiguredEncryptedAreaEnd + 1) - setupBlockSize = (ULONG) (Extension->ConfiguredEncryptedAreaEnd + 1 - offset.QuadPart); - - if (offset.QuadPart > Extension->ConfiguredEncryptedAreaEnd) - break; - } - else - { - if (offset.QuadPart - setupBlockSize < Extension->Queue.EncryptedAreaStart) - setupBlockSize = (ULONG) (offset.QuadPart - Extension->Queue.EncryptedAreaStart); - - offset.QuadPart -= setupBlockSize; - - if (setupBlockSize == 0 || offset.QuadPart < Extension->Queue.EncryptedAreaStart) - break; - } - - while (!NT_SUCCESS (EncryptedIoQueueHoldWhenIdle (&Extension->Queue, 500))) - { - if (EncryptionSetupThreadAbortRequested) - goto abort; - - TransformWaitingForIdle = TRUE; - } - TransformWaitingForIdle = FALSE; - - status = TCReadDevice (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize); - if (!NT_SUCCESS (status)) - { - Dump ("TCReadDevice error %x offset=%I64d\n", status, offset.QuadPart); - - if (SetupRequest.ZeroUnreadableSectors && SetupRequest.SetupMode == SetupEncryption) - { - // Zero unreadable sectors - uint64 zeroedSectorCount; - - status = ZeroUnreadableSectors (BootDriveFilterExtension->LowerDeviceObject, offset, setupBlockSize, &zeroedSectorCount); - if (!NT_SUCCESS (status)) - { - SetupResult = status; - goto err; - } - - // Retry read - status = TCReadDevice (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize); - if (!NT_SUCCESS (status)) - { - SetupResult = status; - goto err; - } - } - else if (SetupRequest.DiscardUnreadableEncryptedSectors && SetupRequest.SetupMode == SetupDecryption) - { - // Discard unreadable encrypted sectors - uint64 badSectorCount; - - status = ReadDeviceSkipUnreadableSectors (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize, &badSectorCount); - if (!NT_SUCCESS (status)) - { - SetupResult = status; - goto err; - } - } - else - { - SetupResult = status; - goto err; - } - } - - dataUnit.Value = offset.QuadPart / ENCRYPTION_DATA_UNIT_SIZE; - - if (SetupRequest.SetupMode == SetupEncryption) - { - EncryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo); - - if (SetupRequest.WipeAlgorithm != TC_WIPE_NONE) - { - byte wipePass; - int wipePassCount = GetWipePassCount (SetupRequest.WipeAlgorithm); - if (wipePassCount <= 0) - { - SetupResult = STATUS_INVALID_PARAMETER; - goto err; - } - - for (wipePass = 1; wipePass <= wipePassCount; ++wipePass) - { - if (!WipeBuffer (SetupRequest.WipeAlgorithm, wipeRandChars, wipePass, wipeBuffer, setupBlockSize)) - { - ULONG i; - for (i = 0; i < setupBlockSize; ++i) - { - wipeBuffer[i] = buffer[i] + wipePass; - } - - EncryptDataUnits (wipeBuffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo); - memcpy (wipeRandCharsUpdate, wipeBuffer, sizeof (wipeRandCharsUpdate)); - } - - status = TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, wipeBuffer, offset, setupBlockSize); - if (!NT_SUCCESS (status)) - { - // Undo failed write operation - DecryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo); - TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize); - - SetupResult = status; - goto err; - } - } - - memcpy (wipeRandChars, wipeRandCharsUpdate, sizeof (wipeRandCharsUpdate)); - } - } - else - { - DecryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo); - } - - status = TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize); - if (!NT_SUCCESS (status)) - { - Dump ("TCWriteDevice error %x\n", status); - - // Undo failed write operation - if (SetupRequest.SetupMode == SetupEncryption) - DecryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo); - else - EncryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo); - - TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize); - - SetupResult = status; - goto err; - } - - if (SetupRequest.SetupMode == SetupEncryption) - offset.QuadPart += setupBlockSize; - - Extension->Queue.EncryptedAreaEndUpdatePending = TRUE; - Extension->Queue.EncryptedAreaEnd = offset.QuadPart - 1; - Extension->Queue.EncryptedAreaEndUpdatePending = FALSE; - - headerUpdateRequired = TRUE; - - EncryptedIoQueueResumeFromHold (&Extension->Queue); - - KeAcquireSpinLock (&SetupStatusSpinLock, &irql); - SetupStatusEncryptedAreaEnd = Extension->Queue.EncryptedAreaEnd; - KeReleaseSpinLock (&SetupStatusSpinLock, irql); - - // Update volume header - bytesWrittenSinceHeaderUpdate += setupBlockSize; - if (bytesWrittenSinceHeaderUpdate >= TC_ENCRYPTION_SETUP_HEADER_UPDATE_THRESHOLD) - { - status = SaveDriveVolumeHeader (Extension); - ASSERT (NT_SUCCESS (status)); - if (NT_SUCCESS (status)) - { - headerUpdateRequired = FALSE; - bytesWrittenSinceHeaderUpdate = 0; - } - } - } - -abort: - SetupResult = STATUS_SUCCESS; -err: - - if (Extension->Queue.EncryptedAreaEnd == -1) - Extension->Queue.EncryptedAreaStart = -1; - - if (EncryptedIoQueueIsSuspended (&Extension->Queue)) - EncryptedIoQueueResumeFromHold (&Extension->Queue); - - if (SetupRequest.SetupMode == SetupDecryption && Extension->Queue.EncryptedAreaStart >= Extension->Queue.EncryptedAreaEnd) - { - while (!NT_SUCCESS (EncryptedIoQueueHoldWhenIdle (&Extension->Queue, 0))); - - Extension->ConfiguredEncryptedAreaStart = Extension->ConfiguredEncryptedAreaEnd = -1; - Extension->Queue.EncryptedAreaStart = Extension->Queue.EncryptedAreaEnd = -1; - - EncryptedIoQueueResumeFromHold (&Extension->Queue); - - headerUpdateRequired = TRUE; - } - - Dump ("Setup completed: EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d (%I64d)\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024, Extension->Queue.EncryptedAreaEnd); - - if (headerUpdateRequired) - { - status = SaveDriveVolumeHeader (Extension); - - if (!NT_SUCCESS (status) && NT_SUCCESS (SetupResult)) - SetupResult = status; - } - - if (SetupRequest.SetupMode == SetupDecryption && Extension->ConfiguredEncryptedAreaEnd == -1 && Extension->DriveMounted) - { - while (!RootDeviceControlMutexAcquireNoWait() && !EncryptionSetupThreadAbortRequested) - { - TCSleep (10); - } - - // Disable hibernation (resume would fail due to a change in the system memory map) - HibernationEnabled = FALSE; - - DismountDrive (Extension, FALSE); - - if (!EncryptionSetupThreadAbortRequested) - RootDeviceControlMutexRelease(); - } - -ret: - if (buffer) - { - burn (buffer, TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE); - TCfree (buffer); - } - if (wipeBuffer) - { - burn (wipeBuffer, TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE); - TCfree (wipeBuffer); - } - - burn (wipeRandChars, TC_WIPE_RAND_CHAR_COUNT); - burn (wipeRandCharsUpdate, TC_WIPE_RAND_CHAR_COUNT); - - SetupInProgress = FALSE; - PsTerminateSystemThread (SetupResult); -} - - -NTSTATUS StartBootEncryptionSetup (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp) -{ - NTSTATUS status; - - if (!UserCanAccessDriveDevice()) - return STATUS_ACCESS_DENIED; - - if (SetupInProgress || !BootDriveFound || !BootDriveFilterExtension - || !BootDriveFilterExtension->DriveMounted - || BootDriveFilterExtension->HiddenSystem - || irpSp->Parameters.DeviceIoControl.InputBufferLength < sizeof (BootEncryptionSetupRequest)) - return STATUS_INVALID_PARAMETER; - - if (EncryptionSetupThread) - AbortBootEncryptionSetup(); - - SetupRequest = *(BootEncryptionSetupRequest *) irp->AssociatedIrp.SystemBuffer; - - EncryptionSetupThreadAbortRequested = FALSE; - KeInitializeSpinLock (&SetupStatusSpinLock); - SetupStatusEncryptedAreaEnd = BootDriveFilterExtension ? BootDriveFilterExtension->Queue.EncryptedAreaEnd : -1; - - SetupInProgress = TRUE; - status = TCStartThread (SetupThreadProc, DeviceObject, &EncryptionSetupThread); - - if (!NT_SUCCESS (status)) - SetupInProgress = FALSE; - - return status; -} - - -void GetBootDriveVolumeProperties (PIRP irp, PIO_STACK_LOCATION irpSp) -{ - if (ValidateIOBufferSize (irp, sizeof (VOLUME_PROPERTIES_STRUCT), ValidateOutput)) - { - DriveFilterExtension *Extension = BootDriveFilterExtension; - VOLUME_PROPERTIES_STRUCT *prop = (VOLUME_PROPERTIES_STRUCT *) irp->AssociatedIrp.SystemBuffer; - memset (prop, 0, sizeof (*prop)); - - if (!BootDriveFound || !Extension || !Extension->DriveMounted) - { - irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - irp->IoStatus.Information = 0; - } - else - { - prop->hiddenVolume = Extension->Queue.CryptoInfo->hiddenVolume; - prop->diskLength = Extension->ConfiguredEncryptedAreaEnd + 1 - Extension->ConfiguredEncryptedAreaStart; - prop->ea = Extension->Queue.CryptoInfo->ea; - prop->mode = Extension->Queue.CryptoInfo->mode; - prop->pkcs5 = Extension->Queue.CryptoInfo->pkcs5; - prop->pkcs5Iterations = Extension->Queue.CryptoInfo->noIterations; - prop->volumePim = Extension->Queue.CryptoInfo->volumePim; -#if 0 - prop->volumeCreationTime = Extension->Queue.CryptoInfo->volume_creation_time; - prop->headerCreationTime = Extension->Queue.CryptoInfo->header_creation_time; -#endif - prop->volFormatVersion = Extension->Queue.CryptoInfo->LegacyVolume ? TC_VOLUME_FORMAT_VERSION_PRE_6_0 : TC_VOLUME_FORMAT_VERSION; - - prop->totalBytesRead = Extension->Queue.TotalBytesRead; - prop->totalBytesWritten = Extension->Queue.TotalBytesWritten; - - irp->IoStatus.Information = sizeof (VOLUME_PROPERTIES_STRUCT); - irp->IoStatus.Status = STATUS_SUCCESS; - } - } -} - - -void GetBootEncryptionStatus (PIRP irp, PIO_STACK_LOCATION irpSp) -{ - /* IMPORTANT: Do NOT add any potentially time-consuming operations to this function. */ - - if (ValidateIOBufferSize (irp, sizeof (BootEncryptionStatus), ValidateOutput)) - { - DriveFilterExtension *Extension = BootDriveFilterExtension; - BootEncryptionStatus *bootEncStatus = (BootEncryptionStatus *) irp->AssociatedIrp.SystemBuffer; - memset (bootEncStatus, 0, sizeof (*bootEncStatus)); - - if (BootArgsValid) - bootEncStatus->BootLoaderVersion = BootArgs.BootLoaderVersion; - - bootEncStatus->DeviceFilterActive = DeviceFilterActive; - bootEncStatus->SetupInProgress = SetupInProgress; - bootEncStatus->SetupMode = SetupRequest.SetupMode; - bootEncStatus->TransformWaitingForIdle = TransformWaitingForIdle; - - if (!BootDriveFound || !Extension || !Extension->DriveMounted) - { - bootEncStatus->DriveEncrypted = FALSE; - bootEncStatus->DriveMounted = FALSE; - bootEncStatus->VolumeHeaderPresent = FALSE; - } - else - { - bootEncStatus->DriveMounted = Extension->DriveMounted; - bootEncStatus->VolumeHeaderPresent = Extension->VolumeHeaderPresent; - bootEncStatus->DriveEncrypted = Extension->Queue.EncryptedAreaStart != -1; - bootEncStatus->BootDriveLength = BootDriveLength; - - bootEncStatus->ConfiguredEncryptedAreaStart = Extension->ConfiguredEncryptedAreaStart; - bootEncStatus->ConfiguredEncryptedAreaEnd = Extension->ConfiguredEncryptedAreaEnd; - bootEncStatus->EncryptedAreaStart = Extension->Queue.EncryptedAreaStart; - - if (SetupInProgress) - { - KIRQL irql; - KeAcquireSpinLock (&SetupStatusSpinLock, &irql); - bootEncStatus->EncryptedAreaEnd = SetupStatusEncryptedAreaEnd; - KeReleaseSpinLock (&SetupStatusSpinLock, irql); - } - else - bootEncStatus->EncryptedAreaEnd = Extension->Queue.EncryptedAreaEnd; - - bootEncStatus->VolumeHeaderSaltCrc32 = Extension->VolumeHeaderSaltCrc32; - bootEncStatus->HibernationPreventionCount = HibernationPreventionCount; - bootEncStatus->HiddenSysLeakProtectionCount = HiddenSysLeakProtectionCount; - - bootEncStatus->HiddenSystem = Extension->HiddenSystem; - - if (Extension->HiddenSystem) - bootEncStatus->HiddenSystemPartitionStart = BootArgs.HiddenSystemPartitionStart; - } - - irp->IoStatus.Information = sizeof (BootEncryptionStatus); - irp->IoStatus.Status = STATUS_SUCCESS; - } -} - - -void GetBootLoaderVersion (PIRP irp, PIO_STACK_LOCATION irpSp) -{ - if (ValidateIOBufferSize (irp, sizeof (uint16), ValidateOutput)) - { - if (BootArgsValid) - { - *(uint16 *) irp->AssociatedIrp.SystemBuffer = BootArgs.BootLoaderVersion; - irp->IoStatus.Information = sizeof (uint16); - irp->IoStatus.Status = STATUS_SUCCESS; - } - else - { - irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - irp->IoStatus.Information = 0; - } - } -} - -void GetBootLoaderFingerprint (PIRP irp, PIO_STACK_LOCATION irpSp) -{ - if (ValidateIOBufferSize (irp, sizeof (BootLoaderFingerprintRequest), ValidateOutput)) - { - irp->IoStatus.Information = 0; - if (BootArgsValid && BootDriveFound && BootDriveFilterExtension && BootDriveFilterExtension->DriveMounted && BootDriveFilterExtension->HeaderCryptoInfo) - { - BootLoaderFingerprintRequest *bootLoaderFingerprint = (BootLoaderFingerprintRequest *) irp->AssociatedIrp.SystemBuffer; - - /* compute the fingerprint again and check if it is the same as the one retrieved during boot */ - char *header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); - if (!header) - { - irp->IoStatus.Status = STATUS_INSUFFICIENT_RESOURCES; - } - else - { - memcpy (bootLoaderFingerprint->Fingerprint, BootLoaderFingerprint, sizeof (BootLoaderFingerprint)); - ComputeBootLoaderFingerprint (BootDriveFilterExtension->LowerDeviceObject, header); - - burn (header, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); - TCfree (header); - - if (0 == memcmp (bootLoaderFingerprint->Fingerprint, BootLoaderFingerprint, sizeof (BootLoaderFingerprint))) - { - irp->IoStatus.Information = sizeof (BootLoaderFingerprintRequest); - irp->IoStatus.Status = STATUS_SUCCESS; - } - else - { - /* fingerprint mismatch.*/ - irp->IoStatus.Status = STATUS_INVALID_IMAGE_HASH; - } - } - } - else - { - irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - } - } -} - -void GetBootEncryptionAlgorithmName (PIRP irp, PIO_STACK_LOCATION irpSp) -{ - if (ValidateIOBufferSize (irp, sizeof (GetBootEncryptionAlgorithmNameRequest), ValidateOutput)) - { - if (BootDriveFilterExtension && BootDriveFilterExtension->DriveMounted) - { - wchar_t BootEncryptionAlgorithmNameW[256]; - wchar_t BootPrfAlgorithmNameW[256]; - GetBootEncryptionAlgorithmNameRequest *request = (GetBootEncryptionAlgorithmNameRequest *) irp->AssociatedIrp.SystemBuffer; - EAGetName (BootEncryptionAlgorithmNameW, BootDriveFilterExtension->Queue.CryptoInfo->ea, 0); - HashGetName2 (BootPrfAlgorithmNameW, BootDriveFilterExtension->Queue.CryptoInfo->pkcs5); - - RtlStringCbPrintfA (request->BootEncryptionAlgorithmName, sizeof (request->BootEncryptionAlgorithmName), "%S", BootEncryptionAlgorithmNameW); - RtlStringCbPrintfA (request->BootPrfAlgorithmName, sizeof (request->BootPrfAlgorithmName), "%S", BootPrfAlgorithmNameW); - - irp->IoStatus.Information = sizeof (GetBootEncryptionAlgorithmNameRequest); - irp->IoStatus.Status = STATUS_SUCCESS; - } - else - { - irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - irp->IoStatus.Information = 0; - } - } -} - - -NTSTATUS GetSetupResult() -{ - return SetupResult; -} - - -BOOL IsBootDriveMounted () -{ - return BootDriveFilterExtension && BootDriveFilterExtension->DriveMounted; -} - - -BOOL IsBootEncryptionSetupInProgress () -{ - return SetupInProgress; -} - - -BOOL IsHiddenSystemRunning () -{ - return BootDriveFilterExtension && BootDriveFilterExtension->HiddenSystem; -} - - -DriveFilterExtension *GetBootDriveFilterExtension () -{ - return BootDriveFilterExtension; -} - - -CRYPTO_INFO *GetSystemDriveCryptoInfo () -{ - return BootDriveFilterExtension->Queue.CryptoInfo; -} - - -NTSTATUS AbortBootEncryptionSetup () -{ - if (!IoIsSystemThread (PsGetCurrentThread()) && !UserCanAccessDriveDevice()) - return STATUS_ACCESS_DENIED; - - if (EncryptionSetupThread) - { - EncryptionSetupThreadAbortRequested = TRUE; - - TCStopThread (EncryptionSetupThread, NULL); - EncryptionSetupThread = NULL; - } - - return STATUS_SUCCESS; -} - - -static VOID DecoySystemWipeThreadProc (PVOID threadArg) -{ - DriveFilterExtension *Extension = BootDriveFilterExtension; - - LARGE_INTEGER offset; - UINT64_STRUCT dataUnit; - ULONG wipeBlockSize = TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE; - - CRYPTO_INFO *wipeCryptoInfo = NULL; - byte *wipeBuffer = NULL; - byte *wipeRandBuffer = NULL; - byte wipeRandChars[TC_WIPE_RAND_CHAR_COUNT]; - int wipePass, wipePassCount; - int ea = Extension->Queue.CryptoInfo->ea; - - KIRQL irql; - NTSTATUS status; - - DecoySystemWipeResult = STATUS_UNSUCCESSFUL; - - wipeBuffer = TCalloc (TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE); - if (!wipeBuffer) - { - DecoySystemWipeResult = STATUS_INSUFFICIENT_RESOURCES; - goto ret; - } - - wipeRandBuffer = TCalloc (TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE); - if (!wipeRandBuffer) - { - DecoySystemWipeResult = STATUS_INSUFFICIENT_RESOURCES; - goto ret; - } - - wipeCryptoInfo = crypto_open(); - if (!wipeCryptoInfo) - { - DecoySystemWipeResult = STATUS_INSUFFICIENT_RESOURCES; - goto ret; - } - - wipeCryptoInfo->ea = ea; - wipeCryptoInfo->mode = Extension->Queue.CryptoInfo->mode; - - if (EAInit (ea, WipeDecoyRequest.WipeKey, wipeCryptoInfo->ks) != ERR_SUCCESS) - { - DecoySystemWipeResult = STATUS_INVALID_PARAMETER; - goto ret; - } - - memcpy (wipeCryptoInfo->k2, WipeDecoyRequest.WipeKey + EAGetKeySize (ea), EAGetKeySize (ea)); - - if (!EAInitMode (wipeCryptoInfo)) - { - DecoySystemWipeResult = STATUS_INVALID_PARAMETER; - goto err; - } - - EncryptDataUnits (wipeRandBuffer, &dataUnit, wipeBlockSize / ENCRYPTION_DATA_UNIT_SIZE, wipeCryptoInfo); - memcpy (wipeRandChars, wipeRandBuffer, sizeof (wipeRandChars)); - - burn (WipeDecoyRequest.WipeKey, sizeof (WipeDecoyRequest.WipeKey)); - - offset.QuadPart = Extension->ConfiguredEncryptedAreaStart; - - Dump ("Wiping decoy system: start offset = %I64d\n", offset.QuadPart); - - while (!DecoySystemWipeThreadAbortRequested) - { - if (offset.QuadPart + wipeBlockSize > Extension->ConfiguredEncryptedAreaEnd + 1) - wipeBlockSize = (ULONG) (Extension->ConfiguredEncryptedAreaEnd + 1 - offset.QuadPart); - - if (offset.QuadPart > Extension->ConfiguredEncryptedAreaEnd) - break; - - wipePassCount = GetWipePassCount (WipeDecoyRequest.WipeAlgorithm); - if (wipePassCount <= 0) - { - DecoySystemWipeResult = STATUS_INVALID_PARAMETER; - goto err; - } - - for (wipePass = 1; wipePass <= wipePassCount; ++wipePass) - { - if (!WipeBuffer (WipeDecoyRequest.WipeAlgorithm, wipeRandChars, wipePass, wipeBuffer, wipeBlockSize)) - { - dataUnit.Value = offset.QuadPart / ENCRYPTION_DATA_UNIT_SIZE; - EncryptDataUnits (wipeRandBuffer, &dataUnit, wipeBlockSize / ENCRYPTION_DATA_UNIT_SIZE, wipeCryptoInfo); - memcpy (wipeBuffer, wipeRandBuffer, wipeBlockSize); - } - - while (!NT_SUCCESS (EncryptedIoQueueHoldWhenIdle (&Extension->Queue, 500))) - { - if (DecoySystemWipeThreadAbortRequested) - goto abort; - } - - status = TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, wipeBuffer, offset, wipeBlockSize); - - if (!NT_SUCCESS (status)) - { - DecoySystemWipeResult = status; - goto err; - } - - EncryptedIoQueueResumeFromHold (&Extension->Queue); - } - - offset.QuadPart += wipeBlockSize; - - KeAcquireSpinLock (&DecoySystemWipeStatusSpinLock, &irql); - DecoySystemWipedAreaEnd = offset.QuadPart - 1; - KeReleaseSpinLock (&DecoySystemWipeStatusSpinLock, irql); - } - -abort: - DecoySystemWipeResult = STATUS_SUCCESS; -err: - - if (EncryptedIoQueueIsSuspended (&Extension->Queue)) - EncryptedIoQueueResumeFromHold (&Extension->Queue); - - Dump ("Wipe end: DecoySystemWipedAreaEnd=%I64d (%I64d)\n", DecoySystemWipedAreaEnd, DecoySystemWipedAreaEnd / 1024 / 1024); - -ret: - if (wipeCryptoInfo) - crypto_close (wipeCryptoInfo); - - if (wipeRandBuffer) - TCfree (wipeRandBuffer); - - if (wipeBuffer) - TCfree (wipeBuffer); - - DecoySystemWipeInProgress = FALSE; - PsTerminateSystemThread (DecoySystemWipeResult); -} - - -NTSTATUS StartDecoySystemWipe (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp) -{ - NTSTATUS status; - WipeDecoySystemRequest *request; - - if (!UserCanAccessDriveDevice()) - return STATUS_ACCESS_DENIED; - - if (!IsHiddenSystemRunning() - || irpSp->Parameters.DeviceIoControl.InputBufferLength < sizeof (WipeDecoySystemRequest)) - return STATUS_INVALID_PARAMETER; - - if (DecoySystemWipeInProgress) - return STATUS_SUCCESS; - - if (DecoySystemWipeThread) - AbortDecoySystemWipe(); - - request = (WipeDecoySystemRequest *) irp->AssociatedIrp.SystemBuffer; - WipeDecoyRequest = *request; - - burn (request->WipeKey, sizeof (request->WipeKey)); - - DecoySystemWipeThreadAbortRequested = FALSE; - KeInitializeSpinLock (&DecoySystemWipeStatusSpinLock); - DecoySystemWipedAreaEnd = BootDriveFilterExtension->ConfiguredEncryptedAreaStart; - - DecoySystemWipeInProgress = TRUE; - status = TCStartThread (DecoySystemWipeThreadProc, DeviceObject, &DecoySystemWipeThread); - - if (!NT_SUCCESS (status)) - DecoySystemWipeInProgress = FALSE; - - return status; -} - - -BOOL IsDecoySystemWipeInProgress() -{ - return DecoySystemWipeInProgress; -} - - -void GetDecoySystemWipeStatus (PIRP irp, PIO_STACK_LOCATION irpSp) -{ - if (ValidateIOBufferSize (irp, sizeof (DecoySystemWipeStatus), ValidateOutput)) - { - DecoySystemWipeStatus *wipeStatus = (DecoySystemWipeStatus *) irp->AssociatedIrp.SystemBuffer; - - if (!IsHiddenSystemRunning()) - { - irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - irp->IoStatus.Information = 0; - } - else - { - wipeStatus->WipeInProgress = DecoySystemWipeInProgress; - wipeStatus->WipeAlgorithm = WipeDecoyRequest.WipeAlgorithm; - - if (DecoySystemWipeInProgress) - { - KIRQL irql; - KeAcquireSpinLock (&DecoySystemWipeStatusSpinLock, &irql); - wipeStatus->WipedAreaEnd = DecoySystemWipedAreaEnd; - KeReleaseSpinLock (&DecoySystemWipeStatusSpinLock, irql); - } - else - wipeStatus->WipedAreaEnd = DecoySystemWipedAreaEnd; - - irp->IoStatus.Information = sizeof (DecoySystemWipeStatus); - irp->IoStatus.Status = STATUS_SUCCESS; - } - } -} - - -NTSTATUS GetDecoySystemWipeResult() -{ - return DecoySystemWipeResult; -} - - -NTSTATUS AbortDecoySystemWipe () -{ - if (!IoIsSystemThread (PsGetCurrentThread()) && !UserCanAccessDriveDevice()) - return STATUS_ACCESS_DENIED; - - if (DecoySystemWipeThread) - { - DecoySystemWipeThreadAbortRequested = TRUE; - - TCStopThread (DecoySystemWipeThread, NULL); - DecoySystemWipeThread = NULL; - } - - return STATUS_SUCCESS; -} - - -uint64 GetBootDriveLength () -{ - return BootDriveLength.QuadPart; -} - - -NTSTATUS WriteBootDriveSector (PIRP irp, PIO_STACK_LOCATION irpSp) -{ - WriteBootDriveSectorRequest *request; - - if (!UserCanAccessDriveDevice()) - return STATUS_ACCESS_DENIED; - - if (!BootDriveFilterExtension - || irpSp->Parameters.DeviceIoControl.InputBufferLength < sizeof (WriteBootDriveSectorRequest)) - return STATUS_INVALID_PARAMETER; - - request = (WriteBootDriveSectorRequest *) irp->AssociatedIrp.SystemBuffer; - return TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, request->Data, request->Offset, sizeof (request->Data)); -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "TCdefs.h" +#include +#include +#include +#include "Cache.h" +#include "Crc.h" +#include "Crypto.h" +#include "Apidrvr.h" +#include "EncryptedIoQueue.h" +#include "Common/Endian.h" +#include "Ntdriver.h" +#include "Ntvol.h" +#include "Volumes.h" +#include "VolumeFilter.h" +#include "Wipe.h" +#include "DriveFilter.h" +#include "Boot/Windows/BootCommon.h" + +static BOOL DeviceFilterActive = FALSE; + +BOOL BootArgsValid = FALSE; +BootArguments BootArgs; +static uint16 BootLoaderSegment; +static BOOL BootDriveSignatureValid = FALSE; + +static KMUTEX MountMutex; + +static volatile BOOL BootDriveFound = FALSE; +static DriveFilterExtension *BootDriveFilterExtension = NULL; +static LARGE_INTEGER BootDriveLength; +static byte BootLoaderFingerprint[WHIRLPOOL_DIGESTSIZE + SHA512_DIGESTSIZE]; + +static BOOL CrashDumpEnabled = FALSE; +static BOOL HibernationEnabled = FALSE; + +static BOOL LegacyHibernationDriverFilterActive = FALSE; +static byte *HibernationWriteBuffer = NULL; +static MDL *HibernationWriteBufferMdl = NULL; + +static uint32 HibernationPreventionCount = 0; + +static BootEncryptionSetupRequest SetupRequest; +static volatile BOOL SetupInProgress = FALSE; +PKTHREAD EncryptionSetupThread = NULL; +static volatile BOOL EncryptionSetupThreadAbortRequested; +static KSPIN_LOCK SetupStatusSpinLock; +static int64 SetupStatusEncryptedAreaEnd; +static BOOL TransformWaitingForIdle; +static NTSTATUS SetupResult; + +static WipeDecoySystemRequest WipeDecoyRequest; +static volatile BOOL DecoySystemWipeInProgress = FALSE; +static volatile BOOL DecoySystemWipeThreadAbortRequested; +static KSPIN_LOCK DecoySystemWipeStatusSpinLock; +static int64 DecoySystemWipedAreaEnd; +PKTHREAD DecoySystemWipeThread = NULL; +static NTSTATUS DecoySystemWipeResult; + + +NTSTATUS LoadBootArguments () +{ + NTSTATUS status = STATUS_UNSUCCESSFUL; + PHYSICAL_ADDRESS bootArgsAddr; + byte *mappedBootArgs; + uint16 bootLoaderSegment; + + KeInitializeMutex (&MountMutex, 0); + + for (bootLoaderSegment = TC_BOOT_LOADER_SEGMENT; + bootLoaderSegment >= TC_BOOT_LOADER_SEGMENT - 64 * 1024 / 16 && status != STATUS_SUCCESS; + bootLoaderSegment -= 32 * 1024 / 16) + { + bootArgsAddr.QuadPart = (bootLoaderSegment << 4) + TC_BOOT_LOADER_ARGS_OFFSET; + Dump ("Checking BootArguments at 0x%x\n", bootArgsAddr.LowPart); + + mappedBootArgs = MmMapIoSpace (bootArgsAddr, sizeof (BootArguments), MmCached); + if (!mappedBootArgs) + return STATUS_INSUFFICIENT_RESOURCES; + + if (TC_IS_BOOT_ARGUMENTS_SIGNATURE (mappedBootArgs)) + { + BootArguments *bootArguments = (BootArguments *) mappedBootArgs; + Dump ("BootArguments found at 0x%x\n", bootArgsAddr.LowPart); + + DumpMem (mappedBootArgs, sizeof (BootArguments)); + + if (bootArguments->BootLoaderVersion == VERSION_NUM + && bootArguments->BootArgumentsCrc32 != GetCrc32 ((byte *) bootArguments, (int) ((byte *) &bootArguments->BootArgumentsCrc32 - (byte *) bootArguments))) + { + Dump ("BootArguments CRC incorrect\n"); + TC_BUG_CHECK (STATUS_CRC_ERROR); + } + + // Sanity check: for valid boot argument, the password is less than 64 bytes long + if (bootArguments->BootPassword.Length <= MAX_PASSWORD) + { + BootLoaderSegment = bootLoaderSegment; + + BootArgs = *bootArguments; + BootArgsValid = TRUE; + burn (bootArguments, sizeof (*bootArguments)); + + BootDriveSignatureValid = TRUE; + + Dump ("BootLoaderVersion = %x\n", (int) BootArgs.BootLoaderVersion); + Dump ("HeaderSaltCrc32 = %x\n", (int) BootArgs.HeaderSaltCrc32); + Dump ("CryptoInfoOffset = %x\n", (int) BootArgs.CryptoInfoOffset); + Dump ("CryptoInfoLength = %d\n", (int) BootArgs.CryptoInfoLength); + Dump ("HiddenSystemPartitionStart = %I64u\n", BootArgs.HiddenSystemPartitionStart); + Dump ("DecoySystemPartitionStart = %I64u\n", BootArgs.DecoySystemPartitionStart); + Dump ("Flags = %x\n", BootArgs.Flags); + Dump ("BootDriveSignature = %x\n", BootArgs.BootDriveSignature); + Dump ("BootArgumentsCrc32 = %x\n", BootArgs.BootArgumentsCrc32); + + if (CacheBootPassword && BootArgs.BootPassword.Length > 0) + { + int pim = CacheBootPim? (int) (BootArgs.Flags >> 16) : 0; + AddPasswordToCache (&BootArgs.BootPassword, pim); + } + + // clear fingerprint + burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint)); + + status = STATUS_SUCCESS; + } + } + + MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments)); + } + + return status; +} + + +NTSTATUS DriveFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo) +{ + DriveFilterExtension *Extension; + NTSTATUS status; + PDEVICE_OBJECT filterDeviceObject = NULL; + PDEVICE_OBJECT attachedDeviceObject; + + Dump ("DriveFilterAddDevice pdo=%p\n", pdo); + + attachedDeviceObject = IoGetAttachedDeviceReference (pdo); + status = IoCreateDevice (driverObject, sizeof (DriveFilterExtension), NULL, attachedDeviceObject->DeviceType, 0, FALSE, &filterDeviceObject); + + ObDereferenceObject (attachedDeviceObject); + + if (!NT_SUCCESS (status)) + { + filterDeviceObject = NULL; + goto err; + } + + Extension = (DriveFilterExtension *) filterDeviceObject->DeviceExtension; + memset (Extension, 0, sizeof (DriveFilterExtension)); + + status = IoAttachDeviceToDeviceStackSafe (filterDeviceObject, pdo, &(Extension->LowerDeviceObject)); + if (!NT_SUCCESS (status)) + { + goto err; + } + + if (!Extension->LowerDeviceObject) + { + status = STATUS_DEVICE_REMOVED; + goto err; + } + + Extension->IsDriveFilterDevice = Extension->Queue.IsFilterDevice = TRUE; + Extension->DeviceObject = Extension->Queue.DeviceObject = filterDeviceObject; + Extension->Pdo = pdo; + + Extension->Queue.LowerDeviceObject = Extension->LowerDeviceObject; + IoInitializeRemoveLock (&Extension->Queue.RemoveLock, 'LRCV', 0, 0); + + Extension->ConfiguredEncryptedAreaStart = -1; + Extension->ConfiguredEncryptedAreaEnd = -1; + Extension->Queue.EncryptedAreaStart = -1; + Extension->Queue.EncryptedAreaEnd = -1; + Extension->Queue.EncryptedAreaEndUpdatePending = FALSE; + + filterDeviceObject->Flags |= Extension->LowerDeviceObject->Flags & (DO_DIRECT_IO | DO_BUFFERED_IO | DO_POWER_PAGABLE); + filterDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING; + + DeviceFilterActive = TRUE; + return status; + +err: + if (filterDeviceObject) + { + if (Extension->LowerDeviceObject) + IoDetachDevice (Extension->LowerDeviceObject); + + IoDeleteDevice (filterDeviceObject); + } + + return status; +} + + +static void DismountDrive (DriveFilterExtension *Extension, BOOL stopIoQueue) +{ + Dump ("Dismounting drive\n"); + ASSERT (Extension->DriveMounted); + + if (stopIoQueue && EncryptedIoQueueIsRunning (&Extension->Queue)) + EncryptedIoQueueStop (&Extension->Queue); + + crypto_close (Extension->Queue.CryptoInfo); + Extension->Queue.CryptoInfo = NULL; + + crypto_close (Extension->HeaderCryptoInfo); + Extension->HeaderCryptoInfo = NULL; + + Extension->DriveMounted = FALSE; +} + +static void ComputeBootLoaderFingerprint(PDEVICE_OBJECT LowerDeviceObject, byte* ioBuffer /* ioBuffer must be at least 512 bytes long */) +{ + NTSTATUS status; + LARGE_INTEGER offset; + WHIRLPOOL_CTX whirlpool; + sha512_ctx sha2; + ULONG bytesToRead, remainingBytes, bootloaderTotalSize = TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE; + + // clear fingerprint + burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint)); + + // compute Whirlpool+SHA512 fingerprint of bootloader including MBR + // we skip user configuration fields: + // TC_BOOT_SECTOR_PIM_VALUE_OFFSET = 400 + // TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET = 402 + // => TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE = 4 + // TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = 406 + // => TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH = 24 + // TC_BOOT_SECTOR_USER_CONFIG_OFFSET = 438 + // + // we have: TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE + + WHIRLPOOL_init (&whirlpool); + sha512_begin (&sha2); + // read the first 512 bytes + offset.QuadPart = 0; + + status = TCReadDevice (LowerDeviceObject, ioBuffer, offset, TC_SECTOR_SIZE_BIOS); + if (NT_SUCCESS (status)) + { + WHIRLPOOL_add (ioBuffer, TC_BOOT_SECTOR_PIM_VALUE_OFFSET * 8, &whirlpool); + WHIRLPOOL_add (ioBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)) * 8, &whirlpool); + WHIRLPOOL_add (ioBuffer + TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1, (TC_MAX_MBR_BOOT_CODE_SIZE - (TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1)) * 8, &whirlpool); + + sha512_hash (ioBuffer, TC_BOOT_SECTOR_PIM_VALUE_OFFSET, &sha2); + sha512_hash (ioBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, (TC_BOOT_SECTOR_USER_CONFIG_OFFSET - (TC_BOOT_SECTOR_USER_MESSAGE_OFFSET + TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH)), &sha2); + sha512_hash (ioBuffer + TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1, (TC_MAX_MBR_BOOT_CODE_SIZE - (TC_BOOT_SECTOR_USER_CONFIG_OFFSET + 1)), &sha2); + + // we has the reste of the bootloader, 512 bytes at a time + offset.QuadPart = TC_SECTOR_SIZE_BIOS; + remainingBytes = bootloaderTotalSize - TC_SECTOR_SIZE_BIOS; + + while (NT_SUCCESS (status) && (remainingBytes > 0)) + { + bytesToRead = (remainingBytes >= TC_SECTOR_SIZE_BIOS)? TC_SECTOR_SIZE_BIOS : remainingBytes; + status = TCReadDevice (LowerDeviceObject, ioBuffer, offset, bytesToRead); + if (NT_SUCCESS (status)) + { + remainingBytes -= bytesToRead; + offset.QuadPart += bytesToRead; + WHIRLPOOL_add (ioBuffer, bytesToRead * 8, &whirlpool); + sha512_hash (ioBuffer, bytesToRead, &sha2); + } + else + { + Dump ("TCReadDevice error %x during ComputeBootLoaderFingerprint call\n", status); + break; + } + } + + if (NT_SUCCESS (status)) + { + WHIRLPOOL_finalize (&whirlpool, BootLoaderFingerprint); + sha512_end (&BootLoaderFingerprint [WHIRLPOOL_DIGESTSIZE], &sha2); + } + } + else + { + Dump ("TCReadDevice error %x during ComputeBootLoaderFingerprint call\n", status); + } +} + + +static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password, uint32 *headerSaltCrc32) +{ + BOOL hiddenVolume = (BootArgs.HiddenSystemPartitionStart != 0); + int64 hiddenHeaderOffset = BootArgs.HiddenSystemPartitionStart + TC_HIDDEN_VOLUME_HEADER_OFFSET; + NTSTATUS status; + LARGE_INTEGER offset; + char *header; + int pkcs5_prf = 0, pim = 0; + byte *mappedCryptoInfo = NULL; + + Dump ("MountDrive pdo=%p\n", Extension->Pdo); + ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL); + + // Check boot drive signature first (header CRC search could fail if a user restored the header to a non-boot drive) + if (BootDriveSignatureValid) + { + byte mbr[TC_SECTOR_SIZE_BIOS]; + + offset.QuadPart = 0; + status = TCReadDevice (Extension->LowerDeviceObject, mbr, offset, TC_SECTOR_SIZE_BIOS); + + if (NT_SUCCESS (status) && BootArgs.BootDriveSignature != *(uint32 *) (mbr + 0x1b8)) + return STATUS_UNSUCCESSFUL; + } + + header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); + if (!header) + return STATUS_INSUFFICIENT_RESOURCES; + + offset.QuadPart = hiddenVolume ? hiddenHeaderOffset : TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET; + Dump ("Reading volume header at %I64u\n", offset.QuadPart); + + status = TCReadDevice (Extension->LowerDeviceObject, header, offset, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); + if (!NT_SUCCESS (status)) + { + Dump ("TCReadDevice error %x\n", status); + goto ret; + } + + if (headerSaltCrc32) + { + uint32 saltCrc = GetCrc32 (header, PKCS5_SALT_SIZE); + + if (saltCrc != *headerSaltCrc32) + { + status = STATUS_UNSUCCESSFUL; + goto ret; + } + + Extension->VolumeHeaderSaltCrc32 = saltCrc; + } + + Extension->HeaderCryptoInfo = crypto_open(); + if (!Extension->HeaderCryptoInfo) + { + status = STATUS_INSUFFICIENT_RESOURCES; + goto ret; + } + + if (BootArgs.CryptoInfoLength > 0) + { + PHYSICAL_ADDRESS cryptoInfoAddress; + + cryptoInfoAddress.QuadPart = (BootLoaderSegment << 4) + BootArgs.CryptoInfoOffset; +#ifdef DEBUG + Dump ("Wiping memory %x %d\n", cryptoInfoAddress.LowPart, BootArgs.CryptoInfoLength); +#endif + mappedCryptoInfo = MmMapIoSpace (cryptoInfoAddress, BootArgs.CryptoInfoLength, MmCached); + if (mappedCryptoInfo) + { + /* Get the parameters used for booting to speed up driver startup and avoid testing irrelevant PRFs */ + BOOT_CRYPTO_HEADER* pBootCryptoInfo = (BOOT_CRYPTO_HEADER*) mappedCryptoInfo; + Hash* pHash = HashGet(pBootCryptoInfo->pkcs5); + if (pHash && pHash->SystemEncryption) + pkcs5_prf = pBootCryptoInfo->pkcs5; + } + } + + pim = (int) (BootArgs.Flags >> 16); + + if (ReadVolumeHeader (!hiddenVolume, header, password, pkcs5_prf, pim, FALSE, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0) + { + // Header decrypted + status = STATUS_SUCCESS; + Dump ("Header decrypted\n"); + + // calculate Fingerprint + ComputeBootLoaderFingerprint (Extension->LowerDeviceObject, header); + + if (Extension->Queue.CryptoInfo->hiddenVolume) + { + int64 hiddenPartitionOffset = BootArgs.HiddenSystemPartitionStart; + Dump ("Hidden volume start offset = %I64d\n", Extension->Queue.CryptoInfo->EncryptedAreaStart.Value + hiddenPartitionOffset); + + Extension->HiddenSystem = TRUE; + + Extension->Queue.RemapEncryptedArea = TRUE; + Extension->Queue.RemappedAreaOffset = hiddenPartitionOffset + Extension->Queue.CryptoInfo->EncryptedAreaStart.Value - BootArgs.DecoySystemPartitionStart; + Extension->Queue.RemappedAreaDataUnitOffset = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value / ENCRYPTION_DATA_UNIT_SIZE - BootArgs.DecoySystemPartitionStart / ENCRYPTION_DATA_UNIT_SIZE; + + Extension->Queue.CryptoInfo->EncryptedAreaStart.Value = BootArgs.DecoySystemPartitionStart; + + if (Extension->Queue.CryptoInfo->VolumeSize.Value > hiddenPartitionOffset - BootArgs.DecoySystemPartitionStart) + TC_THROW_FATAL_EXCEPTION; + + Dump ("RemappedAreaOffset = %I64d\n", Extension->Queue.RemappedAreaOffset); + Dump ("RemappedAreaDataUnitOffset = %I64d\n", Extension->Queue.RemappedAreaDataUnitOffset); + } + else + { + Extension->HiddenSystem = FALSE; + Extension->Queue.RemapEncryptedArea = FALSE; + } + + Extension->ConfiguredEncryptedAreaStart = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value; + Extension->ConfiguredEncryptedAreaEnd = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value + Extension->Queue.CryptoInfo->VolumeSize.Value - 1; + + Extension->Queue.EncryptedAreaStart = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value; + Extension->Queue.EncryptedAreaEnd = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value + Extension->Queue.CryptoInfo->EncryptedAreaLength.Value - 1; + + if (Extension->Queue.CryptoInfo->EncryptedAreaLength.Value == 0) + { + Extension->Queue.EncryptedAreaStart = -1; + Extension->Queue.EncryptedAreaEnd = -1; + } + + Dump ("Loaded: ConfiguredEncryptedAreaStart=%I64d (%I64d) ConfiguredEncryptedAreaEnd=%I64d (%I64d)\n", Extension->ConfiguredEncryptedAreaStart / 1024 / 1024, Extension->ConfiguredEncryptedAreaStart, Extension->ConfiguredEncryptedAreaEnd / 1024 / 1024, Extension->ConfiguredEncryptedAreaEnd); + Dump ("Loaded: EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d (%I64d)\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024, Extension->Queue.EncryptedAreaEnd); + + // Erase boot loader scheduled keys + if (mappedCryptoInfo) + { + burn (mappedCryptoInfo, BootArgs.CryptoInfoLength); + MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength); + BootArgs.CryptoInfoLength = 0; + } + + BootDriveFilterExtension = Extension; + BootDriveFound = Extension->BootDrive = Extension->DriveMounted = Extension->VolumeHeaderPresent = TRUE; + BootDriveFilterExtension->MagicNumber = TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER; + + burn (&BootArgs.BootPassword, sizeof (BootArgs.BootPassword)); + + { + STORAGE_DEVICE_NUMBER storageDeviceNumber; + status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber)); + + if (!NT_SUCCESS (status)) + { + Dump ("Failed to get drive number - error %x\n", status); + Extension->SystemStorageDeviceNumberValid = FALSE; + } + else + { + Extension->SystemStorageDeviceNumber = storageDeviceNumber.DeviceNumber; + Extension->SystemStorageDeviceNumberValid = TRUE; + } + } + + status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_GET_LENGTH_INFO, NULL, 0, &BootDriveLength, sizeof (BootDriveLength)); + + if (!NT_SUCCESS (status)) + { + Dump ("Failed to get drive length - error %x\n", status); + BootDriveLength.QuadPart = 0; + Extension->Queue.MaxReadAheadOffset.QuadPart = 0; + } + else + Extension->Queue.MaxReadAheadOffset = BootDriveLength; + + status = EncryptedIoQueueStart (&Extension->Queue); + if (!NT_SUCCESS (status)) + TC_BUG_CHECK (status); + + if (IsOSAtLeast (WIN_VISTA)) + { + CrashDumpEnabled = TRUE; + HibernationEnabled = TRUE; + } + else if (!LegacyHibernationDriverFilterActive) + StartLegacyHibernationDriverFilter(); + + // Hidden system hibernation is not supported if an extra boot partition is present as the system is not allowed to update the boot partition + if (IsHiddenSystemRunning() && (BootArgs.Flags & TC_BOOT_ARGS_FLAG_EXTRA_BOOT_PARTITION)) + { + CrashDumpEnabled = FALSE; + HibernationEnabled = FALSE; + } + } + else + { + Dump ("Header not decrypted\n"); + crypto_close (Extension->HeaderCryptoInfo); + Extension->HeaderCryptoInfo = NULL; + + status = STATUS_UNSUCCESSFUL; + } + +ret: + TCfree (header); + return status; +} + + +static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension) +{ + NTSTATUS status = STATUS_SUCCESS; + LARGE_INTEGER offset; + byte *header; + + header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); + if (!header) + return STATUS_INSUFFICIENT_RESOURCES; + + offset.QuadPart = TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET; + + status = TCReadDevice (Extension->LowerDeviceObject, header, offset, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); + if (!NT_SUCCESS (status)) + { + Dump ("TCReadDevice error %x", status); + goto ret; + } + + Dump ("Saving: ConfiguredEncryptedAreaStart=%I64d (%I64d) ConfiguredEncryptedAreaEnd=%I64d (%I64d)\n", Extension->ConfiguredEncryptedAreaStart / 1024 / 1024, Extension->ConfiguredEncryptedAreaStart, Extension->ConfiguredEncryptedAreaEnd / 1024 / 1024, Extension->ConfiguredEncryptedAreaEnd); + Dump ("Saving: EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d (%I64d)\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024, Extension->Queue.EncryptedAreaEnd); + + if (Extension->Queue.EncryptedAreaStart == -1 || Extension->Queue.EncryptedAreaEnd == -1 + || Extension->Queue.EncryptedAreaEnd <= Extension->Queue.EncryptedAreaStart) + { + if (SetupRequest.SetupMode == SetupDecryption) + { + memset (header, 0, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); + Extension->VolumeHeaderPresent = FALSE; + } + } + else + { + uint32 headerCrc32; + uint64 encryptedAreaLength = Extension->Queue.EncryptedAreaEnd + 1 - Extension->Queue.EncryptedAreaStart; + byte *fieldPos = header + TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH; + + DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, Extension->HeaderCryptoInfo); + + if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241) + { + Dump ("Header not decrypted"); + status = STATUS_UNKNOWN_REVISION; + goto ret; + } + + mputInt64 (fieldPos, encryptedAreaLength); + + headerCrc32 = GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC); + fieldPos = header + TC_HEADER_OFFSET_HEADER_CRC; + mputLong (fieldPos, headerCrc32); + + EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, Extension->HeaderCryptoInfo); + } + + status = TCWriteDevice (Extension->LowerDeviceObject, header, offset, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); + if (!NT_SUCCESS (status)) + { + Dump ("TCWriteDevice error %x", status); + goto ret; + } + +ret: + TCfree (header); + return status; +} + + +static NTSTATUS PassIrp (PDEVICE_OBJECT deviceObject, PIRP irp) +{ + IoSkipCurrentIrpStackLocation (irp); + return IoCallDriver (deviceObject, irp); +} + + +static NTSTATUS PassFilteredIrp (PDEVICE_OBJECT deviceObject, PIRP irp, PIO_COMPLETION_ROUTINE completionRoutine, PVOID completionRoutineArg) +{ + IoCopyCurrentIrpStackLocationToNext (irp); + + if (completionRoutine) + IoSetCompletionRoutine (irp, completionRoutine, completionRoutineArg, TRUE, TRUE, TRUE); + + return IoCallDriver (deviceObject, irp); +} + + +static NTSTATUS OnDeviceUsageNotificationCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP Irp, DriveFilterExtension *Extension) +{ + if (Irp->PendingReturned) + IoMarkIrpPending (Irp); + + if (!(Extension->LowerDeviceObject->Flags & DO_POWER_PAGABLE)) + filterDeviceObject->Flags &= ~DO_POWER_PAGABLE; + + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return STATUS_CONTINUE_COMPLETION; +} + + +static BOOL IsVolumeDevice (PDEVICE_OBJECT deviceObject) +{ + VOLUME_NUMBER volNumber; + VOLUME_DISK_EXTENTS extents[2]; + NTSTATUS extentStatus = SendDeviceIoControlRequest (deviceObject, IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS, NULL, 0, extents, sizeof (extents)); + + return NT_SUCCESS (SendDeviceIoControlRequest (deviceObject, IOCTL_VOLUME_SUPPORTS_ONLINE_OFFLINE, NULL, 0, NULL, 0)) + || NT_SUCCESS (SendDeviceIoControlRequest (deviceObject, IOCTL_VOLUME_IS_OFFLINE, NULL, 0, NULL, 0)) + || NT_SUCCESS (SendDeviceIoControlRequest (deviceObject, IOCTL_VOLUME_IS_IO_CAPABLE, NULL, 0, NULL, 0)) + || NT_SUCCESS (SendDeviceIoControlRequest (deviceObject, IOCTL_VOLUME_IS_PARTITION, NULL, 0, NULL, 0)) + || NT_SUCCESS (SendDeviceIoControlRequest (deviceObject, IOCTL_VOLUME_QUERY_VOLUME_NUMBER, NULL, 0, &volNumber, sizeof (volNumber))) + || NT_SUCCESS (extentStatus) || extentStatus == STATUS_BUFFER_OVERFLOW || extentStatus == STATUS_BUFFER_TOO_SMALL; +} + + +static void CheckDeviceTypeAndMount (DriveFilterExtension *filterExtension) +{ + if (BootArgsValid) + { + // Windows sometimes merges a removable drive PDO and its volume PDO to a single PDO having no volume interface (GUID_DEVINTERFACE_VOLUME). + // Therefore, we need to test whether the device supports volume IOCTLs. + if (VolumeClassFilterRegistered + && BootArgs.HiddenSystemPartitionStart != 0 + && IsVolumeDevice (filterExtension->LowerDeviceObject)) + { + Dump ("Drive and volume merged pdo=%p", filterExtension->Pdo); + + filterExtension->IsVolumeFilterDevice = TRUE; + filterExtension->IsDriveFilterDevice = FALSE; + } + else + { + NTSTATUS status = KeWaitForMutexObject (&MountMutex, Executive, KernelMode, FALSE, NULL); + if (!NT_SUCCESS (status)) + TC_BUG_CHECK (status); + + if (!BootDriveFound) + MountDrive (filterExtension, &BootArgs.BootPassword, &BootArgs.HeaderSaltCrc32); + + KeReleaseMutex (&MountMutex, FALSE); + } + } +} + + +static VOID MountDriveWorkItemRoutine (PDEVICE_OBJECT deviceObject, DriveFilterExtension *filterExtension) +{ + CheckDeviceTypeAndMount (filterExtension); + KeSetEvent (&filterExtension->MountWorkItemCompletedEvent, IO_NO_INCREMENT, FALSE); +} + + +static NTSTATUS OnStartDeviceCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP Irp, DriveFilterExtension *Extension) +{ + if (Irp->PendingReturned) + IoMarkIrpPending (Irp); + + if (Extension->LowerDeviceObject->Characteristics & FILE_REMOVABLE_MEDIA) + filterDeviceObject->Characteristics |= FILE_REMOVABLE_MEDIA; + + if (KeGetCurrentIrql() == PASSIVE_LEVEL) + { + CheckDeviceTypeAndMount (Extension); + } + else + { + PIO_WORKITEM workItem = IoAllocateWorkItem (filterDeviceObject); + if (!workItem) + { + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return STATUS_INSUFFICIENT_RESOURCES; + } + + KeInitializeEvent (&Extension->MountWorkItemCompletedEvent, SynchronizationEvent, FALSE); + IoQueueWorkItem (workItem, MountDriveWorkItemRoutine, DelayedWorkQueue, Extension); + + KeWaitForSingleObject (&Extension->MountWorkItemCompletedEvent, Executive, KernelMode, FALSE, NULL); + IoFreeWorkItem (workItem); + } + + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return STATUS_CONTINUE_COMPLETION; +} + + +static NTSTATUS DispatchPnp (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilterExtension *Extension, PIO_STACK_LOCATION irpSp) +{ + NTSTATUS status; + + status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); + if (!NT_SUCCESS (status)) + return TCCompleteIrp (Irp, status, 0); + + switch (irpSp->MinorFunction) + { + case IRP_MN_START_DEVICE: + Dump ("IRP_MN_START_DEVICE pdo=%p\n", Extension->Pdo); + return PassFilteredIrp (Extension->LowerDeviceObject, Irp, OnStartDeviceCompleted, Extension); + + + case IRP_MN_DEVICE_USAGE_NOTIFICATION: + Dump ("IRP_MN_DEVICE_USAGE_NOTIFICATION type=%d\n", (int) irpSp->Parameters.UsageNotification.Type); + + { + PDEVICE_OBJECT attachedDevice = IoGetAttachedDeviceReference (DeviceObject); + + if (attachedDevice == DeviceObject || (attachedDevice->Flags & DO_POWER_PAGABLE)) + DeviceObject->Flags |= DO_POWER_PAGABLE; + + ObDereferenceObject (attachedDevice); + } + + // Prevent creation of hibernation and crash dump files if required + if (irpSp->Parameters.UsageNotification.InPath + && ( + (irpSp->Parameters.UsageNotification.Type == DeviceUsageTypeDumpFile && !CrashDumpEnabled) + || (irpSp->Parameters.UsageNotification.Type == DeviceUsageTypeHibernation && !HibernationEnabled) + ) + ) + { + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + + if (irpSp->Parameters.UsageNotification.Type == DeviceUsageTypeHibernation) + ++HibernationPreventionCount; + + Dump ("Preventing dump type=%d\n", (int) irpSp->Parameters.UsageNotification.Type); + return TCCompleteIrp (Irp, STATUS_UNSUCCESSFUL, 0); + } + + return PassFilteredIrp (Extension->LowerDeviceObject, Irp, OnDeviceUsageNotificationCompleted, Extension); + + + case IRP_MN_REMOVE_DEVICE: + Dump ("IRP_MN_REMOVE_DEVICE pdo=%p\n", Extension->Pdo); + + IoReleaseRemoveLockAndWait (&Extension->Queue.RemoveLock, Irp); + status = PassIrp (Extension->LowerDeviceObject, Irp); + + IoDetachDevice (Extension->LowerDeviceObject); + + if (Extension->DriveMounted) + DismountDrive (Extension, TRUE); + + if (Extension->BootDrive) + { + BootDriveFound = FALSE; + BootDriveFilterExtension = NULL; + } + + IoDeleteDevice (DeviceObject); + return status; + + + default: + status = PassIrp (Extension->LowerDeviceObject, Irp); + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + } + return status; +} + + +static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilterExtension *Extension, PIO_STACK_LOCATION irpSp) +{ + NTSTATUS status; + Dump ("IRP_MJ_POWER minor=%d type=%d shutdown=%d\n", (int) irpSp->MinorFunction, (int) irpSp->Parameters.Power.Type, (int) irpSp->Parameters.Power.ShutdownType); + + if (SetupInProgress + && irpSp->MinorFunction == IRP_MN_SET_POWER + && irpSp->Parameters.Power.ShutdownType == PowerActionHibernate) + { + while (SendDeviceIoControlRequest (RootDeviceObject, TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP, NULL, 0, NULL, 0) == STATUS_INSUFFICIENT_RESOURCES); + } + +#if 0 // Dismount of the system drive is disabled until there is a way to do it without causing system errors (see the documentation for more info) + if (DriverShuttingDown + && Extension->BootDrive + && Extension->DriveMounted + && irpSp->MinorFunction == IRP_MN_SET_POWER + && irpSp->Parameters.Power.Type == DevicePowerState) + { + DismountDrive (Extension, TRUE); + } +#endif // 0 + + PoStartNextPowerIrp (Irp); + + status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); + if (!NT_SUCCESS (status)) + return TCCompleteIrp (Irp, status, 0); + + IoSkipCurrentIrpStackLocation (Irp); + status = PoCallDriver (Extension->LowerDeviceObject, Irp); + + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return status; +} + + +NTSTATUS DriveFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp) +{ + DriveFilterExtension *Extension = (DriveFilterExtension *) DeviceObject->DeviceExtension; + PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); + NTSTATUS status; + + ASSERT (!Extension->bRootDevice && Extension->IsDriveFilterDevice); + + switch (irpSp->MajorFunction) + { + case IRP_MJ_READ: + case IRP_MJ_WRITE: + if (Extension->BootDrive) + { + status = EncryptedIoQueueAddIrp (&Extension->Queue, Irp); + + if (status != STATUS_PENDING) + TCCompleteDiskIrp (Irp, status, 0); + + return status; + } + break; + + case IRP_MJ_PNP: + return DispatchPnp (DeviceObject, Irp, Extension, irpSp); + + case IRP_MJ_POWER: + return DispatchPower (DeviceObject, Irp, Extension, irpSp); + } + + status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); + if (!NT_SUCCESS (status)) + return TCCompleteIrp (Irp, status, 0); + + status = PassIrp (Extension->LowerDeviceObject, Irp); + + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return status; +} + + +void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp) +{ + LARGE_INTEGER offset; + char *header; + ReopenBootVolumeHeaderRequest *request = (ReopenBootVolumeHeaderRequest *) irp->AssociatedIrp.SystemBuffer; + + irp->IoStatus.Information = 0; + + if (!IoIsSystemThread (PsGetCurrentThread()) && !UserCanAccessDriveDevice()) + { + irp->IoStatus.Status = STATUS_ACCESS_DENIED; + return; + } + + if (!ValidateIOBufferSize (irp, sizeof (ReopenBootVolumeHeaderRequest), ValidateInput)) + return; + + if (!BootDriveFound || !BootDriveFilterExtension || !BootDriveFilterExtension->DriveMounted || !BootDriveFilterExtension->HeaderCryptoInfo + || request->VolumePassword.Length > MAX_PASSWORD + || request->pkcs5_prf < 0 + || request->pkcs5_prf > LAST_PRF_ID + || request->pim < 0 + || request->pim > 65535 + ) + { + irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + goto wipe; + } + + header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); + if (!header) + { + irp->IoStatus.Status = STATUS_INSUFFICIENT_RESOURCES; + goto wipe; + } + + if (BootDriveFilterExtension->HiddenSystem) + offset.QuadPart = BootArgs.HiddenSystemPartitionStart + TC_HIDDEN_VOLUME_HEADER_OFFSET; + else + offset.QuadPart = TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET; + + irp->IoStatus.Status = TCReadDevice (BootDriveFilterExtension->LowerDeviceObject, header, offset, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); + if (!NT_SUCCESS (irp->IoStatus.Status)) + { + Dump ("TCReadDevice error %x\n", irp->IoStatus.Status); + goto ret; + } + + if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, request->pkcs5_prf, request->pim, FALSE, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0) + { + Dump ("Header reopened\n"); + ComputeBootLoaderFingerprint (BootDriveFilterExtension->LowerDeviceObject, header); + + BootDriveFilterExtension->Queue.CryptoInfo->header_creation_time = BootDriveFilterExtension->HeaderCryptoInfo->header_creation_time; + BootDriveFilterExtension->Queue.CryptoInfo->pkcs5 = BootDriveFilterExtension->HeaderCryptoInfo->pkcs5; + BootDriveFilterExtension->Queue.CryptoInfo->noIterations = BootDriveFilterExtension->HeaderCryptoInfo->noIterations; + BootDriveFilterExtension->Queue.CryptoInfo->volumePim = BootDriveFilterExtension->HeaderCryptoInfo->volumePim; + + irp->IoStatus.Status = STATUS_SUCCESS; + } + else + { + crypto_close (BootDriveFilterExtension->HeaderCryptoInfo); + BootDriveFilterExtension->HeaderCryptoInfo = NULL; + + Dump ("Header not reopened\n"); + irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + } + +ret: + TCfree (header); +wipe: + burn (request, sizeof (*request)); +} + + +// Legacy Windows XP/2003 hibernation dump filter + +typedef NTSTATUS (*HiberDriverWriteFunctionA) (ULONG arg0, PLARGE_INTEGER writeOffset, PMDL dataMdl, PVOID arg3); +typedef NTSTATUS (*HiberDriverWriteFunctionB) (PLARGE_INTEGER writeOffset, PMDL dataMdl); + +typedef struct +{ +#ifdef _WIN64 + byte FieldPad1[64]; + HiberDriverWriteFunctionB WriteFunctionB; + byte FieldPad2[56]; +#else + byte FieldPad1[48]; + HiberDriverWriteFunctionB WriteFunctionB; + byte FieldPad2[32]; +#endif + HiberDriverWriteFunctionA WriteFunctionA; + byte FieldPad3[24]; + LARGE_INTEGER PartitionStartOffset; +} HiberDriverContext; + +typedef NTSTATUS (*HiberDriverEntry) (PVOID arg0, HiberDriverContext *hiberDriverContext); + +typedef struct +{ + LIST_ENTRY ModuleList; +#ifdef _WIN64 + byte FieldPad1[32]; +#else + byte FieldPad1[16]; +#endif + PVOID ModuleBaseAddress; + HiberDriverEntry ModuleEntryAddress; +#ifdef _WIN64 + byte FieldPad2[24]; +#else + byte FieldPad2[12]; +#endif + UNICODE_STRING ModuleName; +} ModuleTableItem; + + +#define TC_MAX_HIBER_FILTER_COUNT 3 +static int LastHiberFilterNumber = 0; + +static HiberDriverEntry OriginalHiberDriverEntries[TC_MAX_HIBER_FILTER_COUNT]; +static HiberDriverWriteFunctionA OriginalHiberDriverWriteFunctionsA[TC_MAX_HIBER_FILTER_COUNT]; +static HiberDriverWriteFunctionB OriginalHiberDriverWriteFunctionsB[TC_MAX_HIBER_FILTER_COUNT]; + +static LARGE_INTEGER HiberPartitionOffset; + + +static NTSTATUS HiberDriverWriteFunctionFilter (int filterNumber, PLARGE_INTEGER writeOffset, PMDL dataMdl, BOOL writeB, ULONG arg0WriteA, PVOID arg3WriteA) +{ + MDL *encryptedDataMdl = dataMdl; + + if (writeOffset && dataMdl && BootDriveFilterExtension && BootDriveFilterExtension->DriveMounted) + { + ULONG dataLength = MmGetMdlByteCount (dataMdl); + + if (dataMdl->MappedSystemVa && dataLength > 0) + { + uint64 offset = HiberPartitionOffset.QuadPart + writeOffset->QuadPart; + uint64 intersectStart; + uint32 intersectLength; + + if (dataLength > TC_HIBERNATION_WRITE_BUFFER_SIZE) + TC_BUG_CHECK (STATUS_BUFFER_OVERFLOW); + + if ((dataLength & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) + TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + + if ((offset & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) + TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + + GetIntersection (offset, + dataLength, + BootDriveFilterExtension->Queue.EncryptedAreaStart, + BootDriveFilterExtension->Queue.EncryptedAreaEnd, + &intersectStart, + &intersectLength); + + if (intersectLength > 0) + { + UINT64_STRUCT dataUnit; + dataUnit.Value = intersectStart / ENCRYPTION_DATA_UNIT_SIZE; + + memcpy (HibernationWriteBuffer, dataMdl->MappedSystemVa, dataLength); + + if (BootDriveFilterExtension->Queue.RemapEncryptedArea) + dataUnit.Value += BootDriveFilterExtension->Queue.RemappedAreaDataUnitOffset; + + EncryptDataUnitsCurrentThread (HibernationWriteBuffer + (intersectStart - offset), + &dataUnit, + intersectLength / ENCRYPTION_DATA_UNIT_SIZE, + BootDriveFilterExtension->Queue.CryptoInfo); + + encryptedDataMdl = HibernationWriteBufferMdl; + MmInitializeMdl (encryptedDataMdl, HibernationWriteBuffer, dataLength); + encryptedDataMdl->MdlFlags = dataMdl->MdlFlags; + } + } + } + + if (writeB) + return (*OriginalHiberDriverWriteFunctionsB[filterNumber]) (writeOffset, encryptedDataMdl); + + return (*OriginalHiberDriverWriteFunctionsA[filterNumber]) (arg0WriteA, writeOffset, encryptedDataMdl, arg3WriteA); +} + + +static NTSTATUS HiberDriverWriteFunctionAFilter0 (ULONG arg0, PLARGE_INTEGER writeOffset, PMDL dataMdl, PVOID arg3) +{ + return HiberDriverWriteFunctionFilter (0, writeOffset, dataMdl, FALSE, arg0, arg3); +} + +static NTSTATUS HiberDriverWriteFunctionAFilter1 (ULONG arg0, PLARGE_INTEGER writeOffset, PMDL dataMdl, PVOID arg3) +{ + return HiberDriverWriteFunctionFilter (1, writeOffset, dataMdl, FALSE, arg0, arg3); +} + +static NTSTATUS HiberDriverWriteFunctionAFilter2 (ULONG arg0, PLARGE_INTEGER writeOffset, PMDL dataMdl, PVOID arg3) +{ + return HiberDriverWriteFunctionFilter (2, writeOffset, dataMdl, FALSE, arg0, arg3); +} + + +static NTSTATUS HiberDriverWriteFunctionBFilter0 (PLARGE_INTEGER writeOffset, PMDL dataMdl) +{ + return HiberDriverWriteFunctionFilter (0, writeOffset, dataMdl, TRUE, 0, NULL); +} + +static NTSTATUS HiberDriverWriteFunctionBFilter1 (PLARGE_INTEGER writeOffset, PMDL dataMdl) +{ + return HiberDriverWriteFunctionFilter (1, writeOffset, dataMdl, TRUE, 0, NULL); +} + +static NTSTATUS HiberDriverWriteFunctionBFilter2 (PLARGE_INTEGER writeOffset, PMDL dataMdl) +{ + return HiberDriverWriteFunctionFilter (2, writeOffset, dataMdl, TRUE, 0, NULL); +} + + +static NTSTATUS HiberDriverEntryFilter (int filterNumber, PVOID arg0, HiberDriverContext *hiberDriverContext) +{ + BOOL filterInstalled = FALSE; + NTSTATUS status; + + if (!OriginalHiberDriverEntries[filterNumber]) + return STATUS_UNSUCCESSFUL; + + status = (*OriginalHiberDriverEntries[filterNumber]) (arg0, hiberDriverContext); + + if (!NT_SUCCESS (status) || !hiberDriverContext) + return status; + + if (SetupInProgress) + TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + + if (hiberDriverContext->WriteFunctionA) + { + Dump ("Filtering WriteFunctionA %d\n", filterNumber); + OriginalHiberDriverWriteFunctionsA[filterNumber] = hiberDriverContext->WriteFunctionA; + + switch (filterNumber) + { + case 0: hiberDriverContext->WriteFunctionA = HiberDriverWriteFunctionAFilter0; break; + case 1: hiberDriverContext->WriteFunctionA = HiberDriverWriteFunctionAFilter1; break; + case 2: hiberDriverContext->WriteFunctionA = HiberDriverWriteFunctionAFilter2; break; + default: TC_THROW_FATAL_EXCEPTION; + } + + filterInstalled = TRUE; + } + + if (hiberDriverContext->WriteFunctionB) + { + Dump ("Filtering WriteFunctionB %d\n", filterNumber); + OriginalHiberDriverWriteFunctionsB[filterNumber] = hiberDriverContext->WriteFunctionB; + + switch (filterNumber) + { + case 0: hiberDriverContext->WriteFunctionB = HiberDriverWriteFunctionBFilter0; break; + case 1: hiberDriverContext->WriteFunctionB = HiberDriverWriteFunctionBFilter1; break; + case 2: hiberDriverContext->WriteFunctionB = HiberDriverWriteFunctionBFilter2; break; + default: TC_THROW_FATAL_EXCEPTION; + } + + filterInstalled = TRUE; + } + + if (filterInstalled && hiberDriverContext->PartitionStartOffset.QuadPart != 0) + { + HiberPartitionOffset = hiberDriverContext->PartitionStartOffset; + + if (BootDriveFilterExtension->Queue.RemapEncryptedArea) + hiberDriverContext->PartitionStartOffset.QuadPart += BootDriveFilterExtension->Queue.RemappedAreaOffset; + } + + return STATUS_SUCCESS; +} + + +static NTSTATUS HiberDriverEntryFilter0 (PVOID arg0, HiberDriverContext *hiberDriverContext) +{ + return HiberDriverEntryFilter (0, arg0, hiberDriverContext); +} + + +static NTSTATUS HiberDriverEntryFilter1 (PVOID arg0, HiberDriverContext *hiberDriverContext) +{ + return HiberDriverEntryFilter (1, arg0, hiberDriverContext); +} + + +static NTSTATUS HiberDriverEntryFilter2 (PVOID arg0, HiberDriverContext *hiberDriverContext) +{ + return HiberDriverEntryFilter (2, arg0, hiberDriverContext); +} + + +static VOID LoadImageNotifyRoutine (PUNICODE_STRING fullImageName, HANDLE processId, PIMAGE_INFO imageInfo) +{ + ModuleTableItem *moduleItem; + LIST_ENTRY *listEntry; + KIRQL origIrql; + + if (!imageInfo || !imageInfo->SystemModeImage || !imageInfo->ImageBase || !TCDriverObject->DriverSection) + return; + + moduleItem = *(ModuleTableItem **) TCDriverObject->DriverSection; + if (!moduleItem || !moduleItem->ModuleList.Flink) + return; + + // Search loaded system modules for hibernation driver + origIrql = KeRaiseIrqlToDpcLevel(); + + for (listEntry = moduleItem->ModuleList.Flink->Blink; + listEntry && listEntry != TCDriverObject->DriverSection; + listEntry = listEntry->Flink) + { + moduleItem = CONTAINING_RECORD (listEntry, ModuleTableItem, ModuleList); + + if (moduleItem && imageInfo->ImageBase == moduleItem->ModuleBaseAddress) + { + if (moduleItem->ModuleName.Buffer && moduleItem->ModuleName.Length >= 5 * sizeof (wchar_t)) + { + if (memcmp (moduleItem->ModuleName.Buffer, L"hiber", 5 * sizeof (wchar_t)) == 0 + || memcmp (moduleItem->ModuleName.Buffer, L"Hiber", 5 * sizeof (wchar_t)) == 0 + || memcmp (moduleItem->ModuleName.Buffer, L"HIBER", 5 * sizeof (wchar_t)) == 0) + { + HiberDriverEntry filterEntry; + + switch (LastHiberFilterNumber) + { + case 0: filterEntry = HiberDriverEntryFilter0; break; + case 1: filterEntry = HiberDriverEntryFilter1; break; + case 2: filterEntry = HiberDriverEntryFilter2; break; + default: TC_THROW_FATAL_EXCEPTION; + } + + if (moduleItem->ModuleEntryAddress != filterEntry) + { + // Install filter + OriginalHiberDriverEntries[LastHiberFilterNumber] = moduleItem->ModuleEntryAddress; + moduleItem->ModuleEntryAddress = filterEntry; + + if (++LastHiberFilterNumber > TC_MAX_HIBER_FILTER_COUNT - 1) + LastHiberFilterNumber = 0; + } + } + } + break; + } + } + + KeLowerIrql (origIrql); +} + + +void StartLegacyHibernationDriverFilter () +{ + PHYSICAL_ADDRESS highestAcceptableWriteBufferAddr; + NTSTATUS status; + + ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL); + ASSERT (!IsOSAtLeast (WIN_VISTA)); + + if (!TCDriverObject->DriverSection || !*(ModuleTableItem **) TCDriverObject->DriverSection) + goto err; + + // All buffers required for hibernation must be allocated here +#ifdef _WIN64 + highestAcceptableWriteBufferAddr.QuadPart = 0x7FFffffFFFFULL; +#else + highestAcceptableWriteBufferAddr.QuadPart = 0xffffFFFFULL; +#endif + + HibernationWriteBuffer = MmAllocateContiguousMemory (TC_HIBERNATION_WRITE_BUFFER_SIZE, highestAcceptableWriteBufferAddr); + if (!HibernationWriteBuffer) + goto err; + + HibernationWriteBufferMdl = IoAllocateMdl (HibernationWriteBuffer, TC_HIBERNATION_WRITE_BUFFER_SIZE, FALSE, FALSE, NULL); + if (!HibernationWriteBufferMdl) + goto err; + + MmBuildMdlForNonPagedPool (HibernationWriteBufferMdl); + + status = PsSetLoadImageNotifyRoutine (LoadImageNotifyRoutine); + if (!NT_SUCCESS (status)) + goto err; + + LegacyHibernationDriverFilterActive = TRUE; + CrashDumpEnabled = FALSE; + HibernationEnabled = TRUE; + return; + +err: + LegacyHibernationDriverFilterActive = FALSE; + CrashDumpEnabled = FALSE; + HibernationEnabled = FALSE; + + if (HibernationWriteBufferMdl) + { + IoFreeMdl (HibernationWriteBufferMdl); + HibernationWriteBufferMdl = NULL; + } + + if (HibernationWriteBuffer) + { + MmFreeContiguousMemory (HibernationWriteBuffer); + HibernationWriteBuffer = NULL; + } +} + + +static VOID SetupThreadProc (PVOID threadArg) +{ + DriveFilterExtension *Extension = BootDriveFilterExtension; + + LARGE_INTEGER offset; + UINT64_STRUCT dataUnit; + ULONG setupBlockSize = TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE; + BOOL headerUpdateRequired = FALSE; + int64 bytesWrittenSinceHeaderUpdate = 0; + + byte *buffer = NULL; + byte *wipeBuffer = NULL; + byte wipeRandChars[TC_WIPE_RAND_CHAR_COUNT]; + byte wipeRandCharsUpdate[TC_WIPE_RAND_CHAR_COUNT]; + + KIRQL irql; + NTSTATUS status; + + // generate real random values for wipeRandChars and + // wipeRandCharsUpdate instead of relying on uninitialized stack memory + LARGE_INTEGER iSeed; + KeQuerySystemTime( &iSeed ); + if (KeGetCurrentIrql() < DISPATCH_LEVEL) + { + ULONG ulRandom; + ulRandom = RtlRandomEx( &iSeed.LowPart ); + memcpy (wipeRandChars, &ulRandom, TC_WIPE_RAND_CHAR_COUNT); + ulRandom = RtlRandomEx( &ulRandom ); + memcpy (wipeRandCharsUpdate, &ulRandom, TC_WIPE_RAND_CHAR_COUNT); + burn (&ulRandom, sizeof(ulRandom)); + } + else + { + byte digest[SHA512_DIGESTSIZE]; + sha512_ctx tctx; + sha512_begin (&tctx); + sha512_hash ((unsigned char *) &(iSeed.QuadPart), sizeof(iSeed.QuadPart), &tctx); + sha512_end (digest, &tctx); + + memcpy (wipeRandChars, digest, TC_WIPE_RAND_CHAR_COUNT); + memcpy (wipeRandCharsUpdate, &digest[SHA512_DIGESTSIZE - TC_WIPE_RAND_CHAR_COUNT], TC_WIPE_RAND_CHAR_COUNT); + + burn (digest, SHA512_DIGESTSIZE); + burn (&tctx, sizeof (tctx)); + } + + burn (&iSeed, sizeof(iSeed)); + + SetupResult = STATUS_UNSUCCESSFUL; + + // Make sure volume header can be updated + if (Extension->HeaderCryptoInfo == NULL) + { + SetupResult = STATUS_INVALID_PARAMETER; + goto ret; + } + + buffer = TCalloc (TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE); + if (!buffer) + { + SetupResult = STATUS_INSUFFICIENT_RESOURCES; + goto ret; + } + + if (SetupRequest.SetupMode == SetupEncryption && SetupRequest.WipeAlgorithm != TC_WIPE_NONE) + { + wipeBuffer = TCalloc (TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE); + if (!wipeBuffer) + { + SetupResult = STATUS_INSUFFICIENT_RESOURCES; + goto ret; + } + } + + while (!NT_SUCCESS (EncryptedIoQueueHoldWhenIdle (&Extension->Queue, 1000))) + { + if (EncryptionSetupThreadAbortRequested) + goto abort; + + TransformWaitingForIdle = TRUE; + } + TransformWaitingForIdle = FALSE; + + switch (SetupRequest.SetupMode) + { + case SetupEncryption: + Dump ("Encrypting...\n"); + if (Extension->Queue.EncryptedAreaStart == -1 || Extension->Queue.EncryptedAreaEnd == -1) + { + // Start encryption + Extension->Queue.EncryptedAreaStart = Extension->ConfiguredEncryptedAreaStart; + Extension->Queue.EncryptedAreaEnd = -1; + offset.QuadPart = Extension->ConfiguredEncryptedAreaStart; + } + else + { + // Resume aborted encryption + if (Extension->Queue.EncryptedAreaEnd == Extension->ConfiguredEncryptedAreaEnd) + goto err; + + offset.QuadPart = Extension->Queue.EncryptedAreaEnd + 1; + } + + break; + + case SetupDecryption: + Dump ("Decrypting...\n"); + if (Extension->Queue.EncryptedAreaStart == -1 || Extension->Queue.EncryptedAreaEnd == -1) + { + SetupResult = STATUS_SUCCESS; + goto abort; + } + + offset.QuadPart = Extension->Queue.EncryptedAreaEnd + 1; + break; + + default: + goto err; + } + + EncryptedIoQueueResumeFromHold (&Extension->Queue); + + Dump ("EncryptedAreaStart=%I64d\n", Extension->Queue.EncryptedAreaStart); + Dump ("EncryptedAreaEnd=%I64d\n", Extension->Queue.EncryptedAreaEnd); + Dump ("ConfiguredEncryptedAreaStart=%I64d\n", Extension->ConfiguredEncryptedAreaStart); + Dump ("ConfiguredEncryptedAreaEnd=%I64d\n", Extension->ConfiguredEncryptedAreaEnd); + Dump ("offset=%I64d\n", offset.QuadPart); + Dump ("EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024); + + while (!EncryptionSetupThreadAbortRequested) + { + if (SetupRequest.SetupMode == SetupEncryption) + { + if (offset.QuadPart + setupBlockSize > Extension->ConfiguredEncryptedAreaEnd + 1) + setupBlockSize = (ULONG) (Extension->ConfiguredEncryptedAreaEnd + 1 - offset.QuadPart); + + if (offset.QuadPart > Extension->ConfiguredEncryptedAreaEnd) + break; + } + else + { + if (offset.QuadPart - setupBlockSize < Extension->Queue.EncryptedAreaStart) + setupBlockSize = (ULONG) (offset.QuadPart - Extension->Queue.EncryptedAreaStart); + + offset.QuadPart -= setupBlockSize; + + if (setupBlockSize == 0 || offset.QuadPart < Extension->Queue.EncryptedAreaStart) + break; + } + + while (!NT_SUCCESS (EncryptedIoQueueHoldWhenIdle (&Extension->Queue, 500))) + { + if (EncryptionSetupThreadAbortRequested) + goto abort; + + TransformWaitingForIdle = TRUE; + } + TransformWaitingForIdle = FALSE; + + status = TCReadDevice (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize); + if (!NT_SUCCESS (status)) + { + Dump ("TCReadDevice error %x offset=%I64d\n", status, offset.QuadPart); + + if (SetupRequest.ZeroUnreadableSectors && SetupRequest.SetupMode == SetupEncryption) + { + // Zero unreadable sectors + uint64 zeroedSectorCount; + + status = ZeroUnreadableSectors (BootDriveFilterExtension->LowerDeviceObject, offset, setupBlockSize, &zeroedSectorCount); + if (!NT_SUCCESS (status)) + { + SetupResult = status; + goto err; + } + + // Retry read + status = TCReadDevice (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize); + if (!NT_SUCCESS (status)) + { + SetupResult = status; + goto err; + } + } + else if (SetupRequest.DiscardUnreadableEncryptedSectors && SetupRequest.SetupMode == SetupDecryption) + { + // Discard unreadable encrypted sectors + uint64 badSectorCount; + + status = ReadDeviceSkipUnreadableSectors (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize, &badSectorCount); + if (!NT_SUCCESS (status)) + { + SetupResult = status; + goto err; + } + } + else + { + SetupResult = status; + goto err; + } + } + + dataUnit.Value = offset.QuadPart / ENCRYPTION_DATA_UNIT_SIZE; + + if (SetupRequest.SetupMode == SetupEncryption) + { + EncryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo); + + if (SetupRequest.WipeAlgorithm != TC_WIPE_NONE) + { + byte wipePass; + int wipePassCount = GetWipePassCount (SetupRequest.WipeAlgorithm); + if (wipePassCount <= 0) + { + SetupResult = STATUS_INVALID_PARAMETER; + goto err; + } + + for (wipePass = 1; wipePass <= wipePassCount; ++wipePass) + { + if (!WipeBuffer (SetupRequest.WipeAlgorithm, wipeRandChars, wipePass, wipeBuffer, setupBlockSize)) + { + ULONG i; + for (i = 0; i < setupBlockSize; ++i) + { + wipeBuffer[i] = buffer[i] + wipePass; + } + + EncryptDataUnits (wipeBuffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo); + memcpy (wipeRandCharsUpdate, wipeBuffer, sizeof (wipeRandCharsUpdate)); + } + + status = TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, wipeBuffer, offset, setupBlockSize); + if (!NT_SUCCESS (status)) + { + // Undo failed write operation + DecryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo); + TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize); + + SetupResult = status; + goto err; + } + } + + memcpy (wipeRandChars, wipeRandCharsUpdate, sizeof (wipeRandCharsUpdate)); + } + } + else + { + DecryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo); + } + + status = TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize); + if (!NT_SUCCESS (status)) + { + Dump ("TCWriteDevice error %x\n", status); + + // Undo failed write operation + if (SetupRequest.SetupMode == SetupEncryption) + DecryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo); + else + EncryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo); + + TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize); + + SetupResult = status; + goto err; + } + + if (SetupRequest.SetupMode == SetupEncryption) + offset.QuadPart += setupBlockSize; + + Extension->Queue.EncryptedAreaEndUpdatePending = TRUE; + Extension->Queue.EncryptedAreaEnd = offset.QuadPart - 1; + Extension->Queue.EncryptedAreaEndUpdatePending = FALSE; + + headerUpdateRequired = TRUE; + + EncryptedIoQueueResumeFromHold (&Extension->Queue); + + KeAcquireSpinLock (&SetupStatusSpinLock, &irql); + SetupStatusEncryptedAreaEnd = Extension->Queue.EncryptedAreaEnd; + KeReleaseSpinLock (&SetupStatusSpinLock, irql); + + // Update volume header + bytesWrittenSinceHeaderUpdate += setupBlockSize; + if (bytesWrittenSinceHeaderUpdate >= TC_ENCRYPTION_SETUP_HEADER_UPDATE_THRESHOLD) + { + status = SaveDriveVolumeHeader (Extension); + ASSERT (NT_SUCCESS (status)); + if (NT_SUCCESS (status)) + { + headerUpdateRequired = FALSE; + bytesWrittenSinceHeaderUpdate = 0; + } + } + } + +abort: + SetupResult = STATUS_SUCCESS; +err: + + if (Extension->Queue.EncryptedAreaEnd == -1) + Extension->Queue.EncryptedAreaStart = -1; + + if (EncryptedIoQueueIsSuspended (&Extension->Queue)) + EncryptedIoQueueResumeFromHold (&Extension->Queue); + + if (SetupRequest.SetupMode == SetupDecryption && Extension->Queue.EncryptedAreaStart >= Extension->Queue.EncryptedAreaEnd) + { + while (!NT_SUCCESS (EncryptedIoQueueHoldWhenIdle (&Extension->Queue, 0))); + + Extension->ConfiguredEncryptedAreaStart = Extension->ConfiguredEncryptedAreaEnd = -1; + Extension->Queue.EncryptedAreaStart = Extension->Queue.EncryptedAreaEnd = -1; + + EncryptedIoQueueResumeFromHold (&Extension->Queue); + + headerUpdateRequired = TRUE; + } + + Dump ("Setup completed: EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d (%I64d)\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024, Extension->Queue.EncryptedAreaEnd); + + if (headerUpdateRequired) + { + status = SaveDriveVolumeHeader (Extension); + + if (!NT_SUCCESS (status) && NT_SUCCESS (SetupResult)) + SetupResult = status; + } + + if (SetupRequest.SetupMode == SetupDecryption && Extension->ConfiguredEncryptedAreaEnd == -1 && Extension->DriveMounted) + { + while (!RootDeviceControlMutexAcquireNoWait() && !EncryptionSetupThreadAbortRequested) + { + TCSleep (10); + } + + // Disable hibernation (resume would fail due to a change in the system memory map) + HibernationEnabled = FALSE; + + DismountDrive (Extension, FALSE); + + if (!EncryptionSetupThreadAbortRequested) + RootDeviceControlMutexRelease(); + } + +ret: + if (buffer) + { + burn (buffer, TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE); + TCfree (buffer); + } + if (wipeBuffer) + { + burn (wipeBuffer, TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE); + TCfree (wipeBuffer); + } + + burn (wipeRandChars, TC_WIPE_RAND_CHAR_COUNT); + burn (wipeRandCharsUpdate, TC_WIPE_RAND_CHAR_COUNT); + + SetupInProgress = FALSE; + PsTerminateSystemThread (SetupResult); +} + + +NTSTATUS StartBootEncryptionSetup (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp) +{ + NTSTATUS status; + + if (!UserCanAccessDriveDevice()) + return STATUS_ACCESS_DENIED; + + if (SetupInProgress || !BootDriveFound || !BootDriveFilterExtension + || !BootDriveFilterExtension->DriveMounted + || BootDriveFilterExtension->HiddenSystem + || irpSp->Parameters.DeviceIoControl.InputBufferLength < sizeof (BootEncryptionSetupRequest)) + return STATUS_INVALID_PARAMETER; + + if (EncryptionSetupThread) + AbortBootEncryptionSetup(); + + SetupRequest = *(BootEncryptionSetupRequest *) irp->AssociatedIrp.SystemBuffer; + + EncryptionSetupThreadAbortRequested = FALSE; + KeInitializeSpinLock (&SetupStatusSpinLock); + SetupStatusEncryptedAreaEnd = BootDriveFilterExtension ? BootDriveFilterExtension->Queue.EncryptedAreaEnd : -1; + + SetupInProgress = TRUE; + status = TCStartThread (SetupThreadProc, DeviceObject, &EncryptionSetupThread); + + if (!NT_SUCCESS (status)) + SetupInProgress = FALSE; + + return status; +} + + +void GetBootDriveVolumeProperties (PIRP irp, PIO_STACK_LOCATION irpSp) +{ + if (ValidateIOBufferSize (irp, sizeof (VOLUME_PROPERTIES_STRUCT), ValidateOutput)) + { + DriveFilterExtension *Extension = BootDriveFilterExtension; + VOLUME_PROPERTIES_STRUCT *prop = (VOLUME_PROPERTIES_STRUCT *) irp->AssociatedIrp.SystemBuffer; + memset (prop, 0, sizeof (*prop)); + + if (!BootDriveFound || !Extension || !Extension->DriveMounted) + { + irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + irp->IoStatus.Information = 0; + } + else + { + prop->hiddenVolume = Extension->Queue.CryptoInfo->hiddenVolume; + prop->diskLength = Extension->ConfiguredEncryptedAreaEnd + 1 - Extension->ConfiguredEncryptedAreaStart; + prop->ea = Extension->Queue.CryptoInfo->ea; + prop->mode = Extension->Queue.CryptoInfo->mode; + prop->pkcs5 = Extension->Queue.CryptoInfo->pkcs5; + prop->pkcs5Iterations = Extension->Queue.CryptoInfo->noIterations; + prop->volumePim = Extension->Queue.CryptoInfo->volumePim; +#if 0 + prop->volumeCreationTime = Extension->Queue.CryptoInfo->volume_creation_time; + prop->headerCreationTime = Extension->Queue.CryptoInfo->header_creation_time; +#endif + prop->volFormatVersion = Extension->Queue.CryptoInfo->LegacyVolume ? TC_VOLUME_FORMAT_VERSION_PRE_6_0 : TC_VOLUME_FORMAT_VERSION; + + prop->totalBytesRead = Extension->Queue.TotalBytesRead; + prop->totalBytesWritten = Extension->Queue.TotalBytesWritten; + + irp->IoStatus.Information = sizeof (VOLUME_PROPERTIES_STRUCT); + irp->IoStatus.Status = STATUS_SUCCESS; + } + } +} + + +void GetBootEncryptionStatus (PIRP irp, PIO_STACK_LOCATION irpSp) +{ + /* IMPORTANT: Do NOT add any potentially time-consuming operations to this function. */ + + if (ValidateIOBufferSize (irp, sizeof (BootEncryptionStatus), ValidateOutput)) + { + DriveFilterExtension *Extension = BootDriveFilterExtension; + BootEncryptionStatus *bootEncStatus = (BootEncryptionStatus *) irp->AssociatedIrp.SystemBuffer; + memset (bootEncStatus, 0, sizeof (*bootEncStatus)); + + if (BootArgsValid) + bootEncStatus->BootLoaderVersion = BootArgs.BootLoaderVersion; + + bootEncStatus->DeviceFilterActive = DeviceFilterActive; + bootEncStatus->SetupInProgress = SetupInProgress; + bootEncStatus->SetupMode = SetupRequest.SetupMode; + bootEncStatus->TransformWaitingForIdle = TransformWaitingForIdle; + + if (!BootDriveFound || !Extension || !Extension->DriveMounted) + { + bootEncStatus->DriveEncrypted = FALSE; + bootEncStatus->DriveMounted = FALSE; + bootEncStatus->VolumeHeaderPresent = FALSE; + } + else + { + bootEncStatus->DriveMounted = Extension->DriveMounted; + bootEncStatus->VolumeHeaderPresent = Extension->VolumeHeaderPresent; + bootEncStatus->DriveEncrypted = Extension->Queue.EncryptedAreaStart != -1; + bootEncStatus->BootDriveLength = BootDriveLength; + + bootEncStatus->ConfiguredEncryptedAreaStart = Extension->ConfiguredEncryptedAreaStart; + bootEncStatus->ConfiguredEncryptedAreaEnd = Extension->ConfiguredEncryptedAreaEnd; + bootEncStatus->EncryptedAreaStart = Extension->Queue.EncryptedAreaStart; + + if (SetupInProgress) + { + KIRQL irql; + KeAcquireSpinLock (&SetupStatusSpinLock, &irql); + bootEncStatus->EncryptedAreaEnd = SetupStatusEncryptedAreaEnd; + KeReleaseSpinLock (&SetupStatusSpinLock, irql); + } + else + bootEncStatus->EncryptedAreaEnd = Extension->Queue.EncryptedAreaEnd; + + bootEncStatus->VolumeHeaderSaltCrc32 = Extension->VolumeHeaderSaltCrc32; + bootEncStatus->HibernationPreventionCount = HibernationPreventionCount; + bootEncStatus->HiddenSysLeakProtectionCount = HiddenSysLeakProtectionCount; + + bootEncStatus->HiddenSystem = Extension->HiddenSystem; + + if (Extension->HiddenSystem) + bootEncStatus->HiddenSystemPartitionStart = BootArgs.HiddenSystemPartitionStart; + } + + irp->IoStatus.Information = sizeof (BootEncryptionStatus); + irp->IoStatus.Status = STATUS_SUCCESS; + } +} + + +void GetBootLoaderVersion (PIRP irp, PIO_STACK_LOCATION irpSp) +{ + if (ValidateIOBufferSize (irp, sizeof (uint16), ValidateOutput)) + { + if (BootArgsValid) + { + *(uint16 *) irp->AssociatedIrp.SystemBuffer = BootArgs.BootLoaderVersion; + irp->IoStatus.Information = sizeof (uint16); + irp->IoStatus.Status = STATUS_SUCCESS; + } + else + { + irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + irp->IoStatus.Information = 0; + } + } +} + +void GetBootLoaderFingerprint (PIRP irp, PIO_STACK_LOCATION irpSp) +{ + if (ValidateIOBufferSize (irp, sizeof (BootLoaderFingerprintRequest), ValidateOutput)) + { + irp->IoStatus.Information = 0; + if (BootArgsValid && BootDriveFound && BootDriveFilterExtension && BootDriveFilterExtension->DriveMounted && BootDriveFilterExtension->HeaderCryptoInfo) + { + BootLoaderFingerprintRequest *bootLoaderFingerprint = (BootLoaderFingerprintRequest *) irp->AssociatedIrp.SystemBuffer; + + /* compute the fingerprint again and check if it is the same as the one retrieved during boot */ + char *header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); + if (!header) + { + irp->IoStatus.Status = STATUS_INSUFFICIENT_RESOURCES; + } + else + { + memcpy (bootLoaderFingerprint->Fingerprint, BootLoaderFingerprint, sizeof (BootLoaderFingerprint)); + ComputeBootLoaderFingerprint (BootDriveFilterExtension->LowerDeviceObject, header); + + burn (header, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); + TCfree (header); + + if (0 == memcmp (bootLoaderFingerprint->Fingerprint, BootLoaderFingerprint, sizeof (BootLoaderFingerprint))) + { + irp->IoStatus.Information = sizeof (BootLoaderFingerprintRequest); + irp->IoStatus.Status = STATUS_SUCCESS; + } + else + { + /* fingerprint mismatch.*/ + irp->IoStatus.Status = STATUS_INVALID_IMAGE_HASH; + } + } + } + else + { + irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + } + } +} + +void GetBootEncryptionAlgorithmName (PIRP irp, PIO_STACK_LOCATION irpSp) +{ + if (ValidateIOBufferSize (irp, sizeof (GetBootEncryptionAlgorithmNameRequest), ValidateOutput)) + { + if (BootDriveFilterExtension && BootDriveFilterExtension->DriveMounted) + { + wchar_t BootEncryptionAlgorithmNameW[256]; + wchar_t BootPrfAlgorithmNameW[256]; + GetBootEncryptionAlgorithmNameRequest *request = (GetBootEncryptionAlgorithmNameRequest *) irp->AssociatedIrp.SystemBuffer; + EAGetName (BootEncryptionAlgorithmNameW, BootDriveFilterExtension->Queue.CryptoInfo->ea, 0); + HashGetName2 (BootPrfAlgorithmNameW, BootDriveFilterExtension->Queue.CryptoInfo->pkcs5); + + RtlStringCbPrintfA (request->BootEncryptionAlgorithmName, sizeof (request->BootEncryptionAlgorithmName), "%S", BootEncryptionAlgorithmNameW); + RtlStringCbPrintfA (request->BootPrfAlgorithmName, sizeof (request->BootPrfAlgorithmName), "%S", BootPrfAlgorithmNameW); + + irp->IoStatus.Information = sizeof (GetBootEncryptionAlgorithmNameRequest); + irp->IoStatus.Status = STATUS_SUCCESS; + } + else + { + irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + irp->IoStatus.Information = 0; + } + } +} + + +NTSTATUS GetSetupResult() +{ + return SetupResult; +} + + +BOOL IsBootDriveMounted () +{ + return BootDriveFilterExtension && BootDriveFilterExtension->DriveMounted; +} + + +BOOL IsBootEncryptionSetupInProgress () +{ + return SetupInProgress; +} + + +BOOL IsHiddenSystemRunning () +{ + return BootDriveFilterExtension && BootDriveFilterExtension->HiddenSystem; +} + + +DriveFilterExtension *GetBootDriveFilterExtension () +{ + return BootDriveFilterExtension; +} + + +CRYPTO_INFO *GetSystemDriveCryptoInfo () +{ + return BootDriveFilterExtension->Queue.CryptoInfo; +} + + +NTSTATUS AbortBootEncryptionSetup () +{ + if (!IoIsSystemThread (PsGetCurrentThread()) && !UserCanAccessDriveDevice()) + return STATUS_ACCESS_DENIED; + + if (EncryptionSetupThread) + { + EncryptionSetupThreadAbortRequested = TRUE; + + TCStopThread (EncryptionSetupThread, NULL); + EncryptionSetupThread = NULL; + } + + return STATUS_SUCCESS; +} + + +static VOID DecoySystemWipeThreadProc (PVOID threadArg) +{ + DriveFilterExtension *Extension = BootDriveFilterExtension; + + LARGE_INTEGER offset; + UINT64_STRUCT dataUnit; + ULONG wipeBlockSize = TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE; + + CRYPTO_INFO *wipeCryptoInfo = NULL; + byte *wipeBuffer = NULL; + byte *wipeRandBuffer = NULL; + byte wipeRandChars[TC_WIPE_RAND_CHAR_COUNT]; + int wipePass, wipePassCount; + int ea = Extension->Queue.CryptoInfo->ea; + + KIRQL irql; + NTSTATUS status; + + DecoySystemWipeResult = STATUS_UNSUCCESSFUL; + + wipeBuffer = TCalloc (TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE); + if (!wipeBuffer) + { + DecoySystemWipeResult = STATUS_INSUFFICIENT_RESOURCES; + goto ret; + } + + wipeRandBuffer = TCalloc (TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE); + if (!wipeRandBuffer) + { + DecoySystemWipeResult = STATUS_INSUFFICIENT_RESOURCES; + goto ret; + } + + wipeCryptoInfo = crypto_open(); + if (!wipeCryptoInfo) + { + DecoySystemWipeResult = STATUS_INSUFFICIENT_RESOURCES; + goto ret; + } + + wipeCryptoInfo->ea = ea; + wipeCryptoInfo->mode = Extension->Queue.CryptoInfo->mode; + + if (EAInit (ea, WipeDecoyRequest.WipeKey, wipeCryptoInfo->ks) != ERR_SUCCESS) + { + DecoySystemWipeResult = STATUS_INVALID_PARAMETER; + goto ret; + } + + memcpy (wipeCryptoInfo->k2, WipeDecoyRequest.WipeKey + EAGetKeySize (ea), EAGetKeySize (ea)); + + if (!EAInitMode (wipeCryptoInfo)) + { + DecoySystemWipeResult = STATUS_INVALID_PARAMETER; + goto err; + } + + EncryptDataUnits (wipeRandBuffer, &dataUnit, wipeBlockSize / ENCRYPTION_DATA_UNIT_SIZE, wipeCryptoInfo); + memcpy (wipeRandChars, wipeRandBuffer, sizeof (wipeRandChars)); + + burn (WipeDecoyRequest.WipeKey, sizeof (WipeDecoyRequest.WipeKey)); + + offset.QuadPart = Extension->ConfiguredEncryptedAreaStart; + + Dump ("Wiping decoy system: start offset = %I64d\n", offset.QuadPart); + + while (!DecoySystemWipeThreadAbortRequested) + { + if (offset.QuadPart + wipeBlockSize > Extension->ConfiguredEncryptedAreaEnd + 1) + wipeBlockSize = (ULONG) (Extension->ConfiguredEncryptedAreaEnd + 1 - offset.QuadPart); + + if (offset.QuadPart > Extension->ConfiguredEncryptedAreaEnd) + break; + + wipePassCount = GetWipePassCount (WipeDecoyRequest.WipeAlgorithm); + if (wipePassCount <= 0) + { + DecoySystemWipeResult = STATUS_INVALID_PARAMETER; + goto err; + } + + for (wipePass = 1; wipePass <= wipePassCount; ++wipePass) + { + if (!WipeBuffer (WipeDecoyRequest.WipeAlgorithm, wipeRandChars, wipePass, wipeBuffer, wipeBlockSize)) + { + dataUnit.Value = offset.QuadPart / ENCRYPTION_DATA_UNIT_SIZE; + EncryptDataUnits (wipeRandBuffer, &dataUnit, wipeBlockSize / ENCRYPTION_DATA_UNIT_SIZE, wipeCryptoInfo); + memcpy (wipeBuffer, wipeRandBuffer, wipeBlockSize); + } + + while (!NT_SUCCESS (EncryptedIoQueueHoldWhenIdle (&Extension->Queue, 500))) + { + if (DecoySystemWipeThreadAbortRequested) + goto abort; + } + + status = TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, wipeBuffer, offset, wipeBlockSize); + + if (!NT_SUCCESS (status)) + { + DecoySystemWipeResult = status; + goto err; + } + + EncryptedIoQueueResumeFromHold (&Extension->Queue); + } + + offset.QuadPart += wipeBlockSize; + + KeAcquireSpinLock (&DecoySystemWipeStatusSpinLock, &irql); + DecoySystemWipedAreaEnd = offset.QuadPart - 1; + KeReleaseSpinLock (&DecoySystemWipeStatusSpinLock, irql); + } + +abort: + DecoySystemWipeResult = STATUS_SUCCESS; +err: + + if (EncryptedIoQueueIsSuspended (&Extension->Queue)) + EncryptedIoQueueResumeFromHold (&Extension->Queue); + + Dump ("Wipe end: DecoySystemWipedAreaEnd=%I64d (%I64d)\n", DecoySystemWipedAreaEnd, DecoySystemWipedAreaEnd / 1024 / 1024); + +ret: + if (wipeCryptoInfo) + crypto_close (wipeCryptoInfo); + + if (wipeRandBuffer) + TCfree (wipeRandBuffer); + + if (wipeBuffer) + TCfree (wipeBuffer); + + DecoySystemWipeInProgress = FALSE; + PsTerminateSystemThread (DecoySystemWipeResult); +} + + +NTSTATUS StartDecoySystemWipe (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp) +{ + NTSTATUS status; + WipeDecoySystemRequest *request; + + if (!UserCanAccessDriveDevice()) + return STATUS_ACCESS_DENIED; + + if (!IsHiddenSystemRunning() + || irpSp->Parameters.DeviceIoControl.InputBufferLength < sizeof (WipeDecoySystemRequest)) + return STATUS_INVALID_PARAMETER; + + if (DecoySystemWipeInProgress) + return STATUS_SUCCESS; + + if (DecoySystemWipeThread) + AbortDecoySystemWipe(); + + request = (WipeDecoySystemRequest *) irp->AssociatedIrp.SystemBuffer; + WipeDecoyRequest = *request; + + burn (request->WipeKey, sizeof (request->WipeKey)); + + DecoySystemWipeThreadAbortRequested = FALSE; + KeInitializeSpinLock (&DecoySystemWipeStatusSpinLock); + DecoySystemWipedAreaEnd = BootDriveFilterExtension->ConfiguredEncryptedAreaStart; + + DecoySystemWipeInProgress = TRUE; + status = TCStartThread (DecoySystemWipeThreadProc, DeviceObject, &DecoySystemWipeThread); + + if (!NT_SUCCESS (status)) + DecoySystemWipeInProgress = FALSE; + + return status; +} + + +BOOL IsDecoySystemWipeInProgress() +{ + return DecoySystemWipeInProgress; +} + + +void GetDecoySystemWipeStatus (PIRP irp, PIO_STACK_LOCATION irpSp) +{ + if (ValidateIOBufferSize (irp, sizeof (DecoySystemWipeStatus), ValidateOutput)) + { + DecoySystemWipeStatus *wipeStatus = (DecoySystemWipeStatus *) irp->AssociatedIrp.SystemBuffer; + + if (!IsHiddenSystemRunning()) + { + irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + irp->IoStatus.Information = 0; + } + else + { + wipeStatus->WipeInProgress = DecoySystemWipeInProgress; + wipeStatus->WipeAlgorithm = WipeDecoyRequest.WipeAlgorithm; + + if (DecoySystemWipeInProgress) + { + KIRQL irql; + KeAcquireSpinLock (&DecoySystemWipeStatusSpinLock, &irql); + wipeStatus->WipedAreaEnd = DecoySystemWipedAreaEnd; + KeReleaseSpinLock (&DecoySystemWipeStatusSpinLock, irql); + } + else + wipeStatus->WipedAreaEnd = DecoySystemWipedAreaEnd; + + irp->IoStatus.Information = sizeof (DecoySystemWipeStatus); + irp->IoStatus.Status = STATUS_SUCCESS; + } + } +} + + +NTSTATUS GetDecoySystemWipeResult() +{ + return DecoySystemWipeResult; +} + + +NTSTATUS AbortDecoySystemWipe () +{ + if (!IoIsSystemThread (PsGetCurrentThread()) && !UserCanAccessDriveDevice()) + return STATUS_ACCESS_DENIED; + + if (DecoySystemWipeThread) + { + DecoySystemWipeThreadAbortRequested = TRUE; + + TCStopThread (DecoySystemWipeThread, NULL); + DecoySystemWipeThread = NULL; + } + + return STATUS_SUCCESS; +} + + +uint64 GetBootDriveLength () +{ + return BootDriveLength.QuadPart; +} + + +NTSTATUS WriteBootDriveSector (PIRP irp, PIO_STACK_LOCATION irpSp) +{ + WriteBootDriveSectorRequest *request; + + if (!UserCanAccessDriveDevice()) + return STATUS_ACCESS_DENIED; + + if (!BootDriveFilterExtension + || irpSp->Parameters.DeviceIoControl.InputBufferLength < sizeof (WriteBootDriveSectorRequest)) + return STATUS_INVALID_PARAMETER; + + request = (WriteBootDriveSectorRequest *) irp->AssociatedIrp.SystemBuffer; + return TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, request->Data, request->Offset, sizeof (request->Data)); +} diff --git a/src/Driver/DriveFilter.h b/src/Driver/DriveFilter.h index 50dcabfd..e0c1bdff 100644 --- a/src/Driver/DriveFilter.h +++ b/src/Driver/DriveFilter.h @@ -1,90 +1,90 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_DRIVER_DRIVE_FILTER -#define TC_HEADER_DRIVER_DRIVE_FILTER - -#include "TCdefs.h" -#include "Boot/Windows/BootCommon.h" -#include "EncryptedIoQueue.h" - -typedef struct _DriveFilterExtension -{ - BOOL bRootDevice; - BOOL IsVolumeDevice; - BOOL IsDriveFilterDevice; - BOOL IsVolumeFilterDevice; - uint64 MagicNumber; - - PDEVICE_OBJECT DeviceObject; - PDEVICE_OBJECT LowerDeviceObject; - PDEVICE_OBJECT Pdo; - - ULONG SystemStorageDeviceNumber; - BOOL SystemStorageDeviceNumberValid; - - int64 ConfiguredEncryptedAreaStart; - int64 ConfiguredEncryptedAreaEnd; - - uint32 VolumeHeaderSaltCrc32; - EncryptedIoQueue Queue; - - BOOL BootDrive; - BOOL VolumeHeaderPresent; - BOOL DriveMounted; - - KEVENT MountWorkItemCompletedEvent; - - CRYPTO_INFO *HeaderCryptoInfo; - BOOL HiddenSystem; - -} DriveFilterExtension; - -#define TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER 0x5645524142455854 - -extern BOOL BootArgsValid; -extern BootArguments BootArgs; -extern PKTHREAD EncryptionSetupThread; -extern PKTHREAD DecoySystemWipeThread; - -NTSTATUS AbortBootEncryptionSetup (); -NTSTATUS DriveFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo); -NTSTATUS DriveFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp); -void GetBootDriveVolumeProperties (PIRP irp, PIO_STACK_LOCATION irpSp); -void GetBootEncryptionAlgorithmName (PIRP irp, PIO_STACK_LOCATION irpSp); -void GetBootEncryptionStatus (PIRP irp, PIO_STACK_LOCATION irpSp); -void GetBootLoaderVersion (PIRP irp, PIO_STACK_LOCATION irpSp); -void GetBootLoaderFingerprint (PIRP irp, PIO_STACK_LOCATION irpSp); -NTSTATUS GetSetupResult (); -DriveFilterExtension *GetBootDriveFilterExtension (); -CRYPTO_INFO *GetSystemDriveCryptoInfo (); -BOOL IsBootDriveMounted (); -BOOL IsBootEncryptionSetupInProgress (); -BOOL IsHiddenSystemRunning (); -NTSTATUS LoadBootArguments (); -static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension); -NTSTATUS StartBootEncryptionSetup (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp); -void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp); -NTSTATUS StartDecoySystemWipe (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp); -void StartLegacyHibernationDriverFilter (); -NTSTATUS AbortDecoySystemWipe (); -BOOL IsDecoySystemWipeInProgress(); -NTSTATUS GetDecoySystemWipeResult(); -void GetDecoySystemWipeStatus (PIRP irp, PIO_STACK_LOCATION irpSp); -uint64 GetBootDriveLength (); -NTSTATUS WriteBootDriveSector (PIRP irp, PIO_STACK_LOCATION irpSp); - -#define TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE (1536 * 1024) -#define TC_ENCRYPTION_SETUP_HEADER_UPDATE_THRESHOLD (64 * 1024 * 1024) -#define TC_HIBERNATION_WRITE_BUFFER_SIZE (128 * 1024) - -#endif // TC_HEADER_DRIVER_DRIVE_FILTER +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_DRIVER_DRIVE_FILTER +#define TC_HEADER_DRIVER_DRIVE_FILTER + +#include "TCdefs.h" +#include "Boot/Windows/BootCommon.h" +#include "EncryptedIoQueue.h" + +typedef struct _DriveFilterExtension +{ + BOOL bRootDevice; + BOOL IsVolumeDevice; + BOOL IsDriveFilterDevice; + BOOL IsVolumeFilterDevice; + uint64 MagicNumber; + + PDEVICE_OBJECT DeviceObject; + PDEVICE_OBJECT LowerDeviceObject; + PDEVICE_OBJECT Pdo; + + ULONG SystemStorageDeviceNumber; + BOOL SystemStorageDeviceNumberValid; + + int64 ConfiguredEncryptedAreaStart; + int64 ConfiguredEncryptedAreaEnd; + + uint32 VolumeHeaderSaltCrc32; + EncryptedIoQueue Queue; + + BOOL BootDrive; + BOOL VolumeHeaderPresent; + BOOL DriveMounted; + + KEVENT MountWorkItemCompletedEvent; + + CRYPTO_INFO *HeaderCryptoInfo; + BOOL HiddenSystem; + +} DriveFilterExtension; + +#define TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER 0x5645524142455854 + +extern BOOL BootArgsValid; +extern BootArguments BootArgs; +extern PKTHREAD EncryptionSetupThread; +extern PKTHREAD DecoySystemWipeThread; + +NTSTATUS AbortBootEncryptionSetup (); +NTSTATUS DriveFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo); +NTSTATUS DriveFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp); +void GetBootDriveVolumeProperties (PIRP irp, PIO_STACK_LOCATION irpSp); +void GetBootEncryptionAlgorithmName (PIRP irp, PIO_STACK_LOCATION irpSp); +void GetBootEncryptionStatus (PIRP irp, PIO_STACK_LOCATION irpSp); +void GetBootLoaderVersion (PIRP irp, PIO_STACK_LOCATION irpSp); +void GetBootLoaderFingerprint (PIRP irp, PIO_STACK_LOCATION irpSp); +NTSTATUS GetSetupResult (); +DriveFilterExtension *GetBootDriveFilterExtension (); +CRYPTO_INFO *GetSystemDriveCryptoInfo (); +BOOL IsBootDriveMounted (); +BOOL IsBootEncryptionSetupInProgress (); +BOOL IsHiddenSystemRunning (); +NTSTATUS LoadBootArguments (); +static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension); +NTSTATUS StartBootEncryptionSetup (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp); +void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp); +NTSTATUS StartDecoySystemWipe (PDEVICE_OBJECT DeviceObject, PIRP irp, PIO_STACK_LOCATION irpSp); +void StartLegacyHibernationDriverFilter (); +NTSTATUS AbortDecoySystemWipe (); +BOOL IsDecoySystemWipeInProgress(); +NTSTATUS GetDecoySystemWipeResult(); +void GetDecoySystemWipeStatus (PIRP irp, PIO_STACK_LOCATION irpSp); +uint64 GetBootDriveLength (); +NTSTATUS WriteBootDriveSector (PIRP irp, PIO_STACK_LOCATION irpSp); + +#define TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE (1536 * 1024) +#define TC_ENCRYPTION_SETUP_HEADER_UPDATE_THRESHOLD (64 * 1024 * 1024) +#define TC_HIBERNATION_WRITE_BUFFER_SIZE (128 * 1024) + +#endif // TC_HEADER_DRIVER_DRIVE_FILTER diff --git a/src/Driver/Driver.rc b/src/Driver/Driver.rc index d9591d51..51030c5c 100644 --- a/src/Driver/Driver.rc +++ b/src/Driver/Driver.rc @@ -1,101 +1,101 @@ -// Microsoft Visual C++ generated resource script. -// -#include "resource.h" - -#define APSTUDIO_READONLY_SYMBOLS -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 2 resource. -// -#include "afxres.h" - -///////////////////////////////////////////////////////////////////////////// -#undef APSTUDIO_READONLY_SYMBOLS - -///////////////////////////////////////////////////////////////////////////// -// English (U.S.) resources - -#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU) -#ifdef _WIN32 -LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US -#pragma code_page(1252) -#endif //_WIN32 - -///////////////////////////////////////////////////////////////////////////// -// -// Version -// - -VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,17,22,0 - PRODUCTVERSION 1,17,22,0 - FILEFLAGSMASK 0x17L -#ifdef _DEBUG - FILEFLAGS 0x1L -#else - FILEFLAGS 0x0L -#endif - FILEOS 0x4L - FILETYPE 0x3L - FILESUBTYPE 0x0L -BEGIN - BLOCK "StringFileInfo" - BEGIN - BLOCK "040904b0" - BEGIN - VALUE "CompanyName", "IDRIX" - VALUE "FileDescription", "VeraCrypt Driver" - VALUE "FileVersion", "1.17" - VALUE "LegalTrademarks", "VeraCrypt" - VALUE "OriginalFilename", "veracrypt.sys" - VALUE "ProductName", "VeraCrypt" - VALUE "ProductVersion", "1.17" - END - END - BLOCK "VarFileInfo" - BEGIN - VALUE "Translation", 0x409, 1200 - END -END - - -#ifdef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// TEXTINCLUDE -// - -1 TEXTINCLUDE -BEGIN - "resource.h\0" -END - -2 TEXTINCLUDE -BEGIN - "#include ""afxres.h""\r\n" - "\0" -END - -3 TEXTINCLUDE -BEGIN - "\r\n" - "\0" -END - -#endif // APSTUDIO_INVOKED - -#endif // English (U.S.) resources -///////////////////////////////////////////////////////////////////////////// - - - -#ifndef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 3 resource. -// - - -///////////////////////////////////////////////////////////////////////////// -#endif // not APSTUDIO_INVOKED - +// Microsoft Visual C++ generated resource script. +// +#include "resource.h" + +#define APSTUDIO_READONLY_SYMBOLS +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 2 resource. +// +#include "afxres.h" + +///////////////////////////////////////////////////////////////////////////// +#undef APSTUDIO_READONLY_SYMBOLS + +///////////////////////////////////////////////////////////////////////////// +// English (U.S.) resources + +#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU) +#ifdef _WIN32 +LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US +#pragma code_page(1252) +#endif //_WIN32 + +///////////////////////////////////////////////////////////////////////////// +// +// Version +// + +VS_VERSION_INFO VERSIONINFO + FILEVERSION 1,17,22,0 + PRODUCTVERSION 1,17,22,0 + FILEFLAGSMASK 0x17L +#ifdef _DEBUG + FILEFLAGS 0x1L +#else + FILEFLAGS 0x0L +#endif + FILEOS 0x4L + FILETYPE 0x3L + FILESUBTYPE 0x0L +BEGIN + BLOCK "StringFileInfo" + BEGIN + BLOCK "040904b0" + BEGIN + VALUE "CompanyName", "IDRIX" + VALUE "FileDescription", "VeraCrypt Driver" + VALUE "FileVersion", "1.17" + VALUE "LegalTrademarks", "VeraCrypt" + VALUE "OriginalFilename", "veracrypt.sys" + VALUE "ProductName", "VeraCrypt" + VALUE "ProductVersion", "1.17" + END + END + BLOCK "VarFileInfo" + BEGIN + VALUE "Translation", 0x409, 1200 + END +END + + +#ifdef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// TEXTINCLUDE +// + +1 TEXTINCLUDE +BEGIN + "resource.h\0" +END + +2 TEXTINCLUDE +BEGIN + "#include ""afxres.h""\r\n" + "\0" +END + +3 TEXTINCLUDE +BEGIN + "\r\n" + "\0" +END + +#endif // APSTUDIO_INVOKED + +#endif // English (U.S.) resources +///////////////////////////////////////////////////////////////////////////// + + + +#ifndef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 3 resource. +// + + +///////////////////////////////////////////////////////////////////////////// +#endif // not APSTUDIO_INVOKED + diff --git a/src/Driver/Driver.vcproj b/src/Driver/Driver.vcproj index 8d28d753..4c474c36 100644 --- a/src/Driver/Driver.vcproj +++ b/src/Driver/Driver.vcproj @@ -1,398 +1,398 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/Driver/DumpFilter.c b/src/Driver/DumpFilter.c index 16d1d37c..d67b1654 100644 --- a/src/Driver/DumpFilter.c +++ b/src/Driver/DumpFilter.c @@ -1,248 +1,248 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "DumpFilter.h" -#include "DriveFilter.h" -#include "Ntdriver.h" -#include "Tests.h" - -static DriveFilterExtension *BootDriveFilterExtension = NULL; -static LARGE_INTEGER DumpPartitionOffset; -static byte *WriteFilterBuffer = NULL; -static SIZE_T WriteFilterBufferSize; - - -NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZATION_DATA filterInitData) -{ - GetSystemDriveDumpConfigRequest dumpConfig; - PHYSICAL_ADDRESS highestAcceptableWriteBufferAddr; - STORAGE_DEVICE_NUMBER storageDeviceNumber; - PARTITION_INFORMATION partitionInfo; - LONG version; - NTSTATUS status; - - Dump ("DumpFilterEntry type=%d\n", filterExtension->DumpType); - - filterInitData->MajorVersion = DUMP_FILTER_MAJOR_VERSION; - filterInitData->MinorVersion = DUMP_FILTER_MINOR_VERSION; - filterInitData->Flags |= DUMP_FILTER_CRITICAL; - - // Check driver version of the main device - status = TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &version, sizeof (version)); - if (!NT_SUCCESS (status)) - goto err; - - if (version != VERSION_NUM) - { - status = STATUS_INVALID_PARAMETER; - goto err; - } - - // Get dump configuration from the main device - status = TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG, NULL, 0, &dumpConfig, sizeof (dumpConfig)); - if (!NT_SUCCESS (status)) - goto err; - - BootDriveFilterExtension = dumpConfig.BootDriveFilterExtension; - - if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER) - { - status = STATUS_CRC_ERROR; - goto err; - } - - // KeSaveFloatingPointState() may generate a bug check during crash dump -#if !defined (_WIN64) - if (filterExtension->DumpType == DumpTypeCrashdump) - dumpConfig.HwEncryptionEnabled = FALSE; -#endif - - EnableHwEncryption (dumpConfig.HwEncryptionEnabled); - - if (!AutoTestAlgorithms()) - { - status = STATUS_INVALID_PARAMETER; - goto err; - } - - // Check dump volume is located on the system drive - status = SendDeviceIoControlRequest (filterExtension->DeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber)); - if (!NT_SUCCESS (status)) - goto err; - - if (!BootDriveFilterExtension->SystemStorageDeviceNumberValid) - { - status = STATUS_INVALID_PARAMETER; - goto err; - } - - if (storageDeviceNumber.DeviceNumber != BootDriveFilterExtension->SystemStorageDeviceNumber) - { - status = STATUS_ACCESS_DENIED; - goto err; - } - - // Check dump volume is located within the scope of system encryption - status = SendDeviceIoControlRequest (filterExtension->DeviceObject, IOCTL_DISK_GET_PARTITION_INFO, NULL, 0, &partitionInfo, sizeof (partitionInfo)); - if (!NT_SUCCESS (status)) - goto err; - - DumpPartitionOffset = partitionInfo.StartingOffset; - - if (DumpPartitionOffset.QuadPart < BootDriveFilterExtension->ConfiguredEncryptedAreaStart - || DumpPartitionOffset.QuadPart > BootDriveFilterExtension->ConfiguredEncryptedAreaEnd) - { - status = STATUS_ACCESS_DENIED; - goto err; - } - - // Allocate buffer for encryption - if (filterInitData->MaxPagesPerWrite == 0) - { - status = STATUS_INVALID_PARAMETER; - goto err; - } - - WriteFilterBufferSize = filterInitData->MaxPagesPerWrite * PAGE_SIZE; - -#ifdef _WIN64 - highestAcceptableWriteBufferAddr.QuadPart = 0x7FFffffFFFFLL; -#else - highestAcceptableWriteBufferAddr.QuadPart = 0xffffFFFFLL; -#endif - - WriteFilterBuffer = MmAllocateContiguousMemory (WriteFilterBufferSize, highestAcceptableWriteBufferAddr); - if (!WriteFilterBuffer) - { - status = STATUS_INSUFFICIENT_RESOURCES; - goto err; - } - - filterInitData->DumpStart = DumpFilterStart; - filterInitData->DumpWrite = DumpFilterWrite; - filterInitData->DumpFinish = DumpFilterFinish; - filterInitData->DumpUnload = DumpFilterUnload; - - Dump ("Dump filter loaded type=%d\n", filterExtension->DumpType); - return STATUS_SUCCESS; - -err: - Dump ("DumpFilterEntry error %x\n", status); - return status; -} - - -static NTSTATUS DumpFilterStart (PFILTER_EXTENSION filterExtension) -{ - Dump ("DumpFilterStart type=%d\n", filterExtension->DumpType); - - if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER) - TC_BUG_CHECK (STATUS_CRC_ERROR); - - return BootDriveFilterExtension->DriveMounted ? STATUS_SUCCESS : STATUS_UNSUCCESSFUL; -} - - -static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEGER diskWriteOffset, PMDL writeMdl) -{ - ULONG dataLength = MmGetMdlByteCount (writeMdl); - uint64 offset = DumpPartitionOffset.QuadPart + diskWriteOffset->QuadPart; - uint64 intersectStart; - uint32 intersectLength; - PVOID writeBuffer; - CSHORT origMdlFlags; - - if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER) - TC_BUG_CHECK (STATUS_CRC_ERROR); - - if (BootDriveFilterExtension->Queue.EncryptedAreaEndUpdatePending) // Hibernation should always abort the setup thread - TC_BUG_CHECK (STATUS_INVALID_PARAMETER); - - if (BootDriveFilterExtension->Queue.EncryptedAreaStart == -1 || BootDriveFilterExtension->Queue.EncryptedAreaEnd == -1) - return STATUS_SUCCESS; - - if (dataLength > WriteFilterBufferSize) - TC_BUG_CHECK (STATUS_BUFFER_OVERFLOW); // Bug check is required as returning an error does not prevent data from being written to disk - - if ((dataLength & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) - TC_BUG_CHECK (STATUS_INVALID_PARAMETER); - - if ((offset & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) - TC_BUG_CHECK (STATUS_INVALID_PARAMETER); - - writeBuffer = MmGetSystemAddressForMdlSafe (writeMdl, HighPagePriority); - if (!writeBuffer) - TC_BUG_CHECK (STATUS_INSUFFICIENT_RESOURCES); - - memcpy (WriteFilterBuffer, writeBuffer, dataLength); - - GetIntersection (offset, - dataLength, - BootDriveFilterExtension->Queue.EncryptedAreaStart, - BootDriveFilterExtension->Queue.EncryptedAreaEnd, - &intersectStart, - &intersectLength); - - if (intersectLength > 0) - { - UINT64_STRUCT dataUnit; - dataUnit.Value = intersectStart / ENCRYPTION_DATA_UNIT_SIZE; - - if (BootDriveFilterExtension->Queue.RemapEncryptedArea) - { - diskWriteOffset->QuadPart += BootDriveFilterExtension->Queue.RemappedAreaOffset; - dataUnit.Value += BootDriveFilterExtension->Queue.RemappedAreaDataUnitOffset; - } - - EncryptDataUnitsCurrentThread (WriteFilterBuffer + (intersectStart - offset), - &dataUnit, - intersectLength / ENCRYPTION_DATA_UNIT_SIZE, - BootDriveFilterExtension->Queue.CryptoInfo); - } - - origMdlFlags = writeMdl->MdlFlags; - - MmInitializeMdl (writeMdl, WriteFilterBuffer, dataLength); - MmBuildMdlForNonPagedPool (writeMdl); - - // Instead of using MmGetSystemAddressForMdlSafe(), some buggy custom storage drivers may directly test MDL_MAPPED_TO_SYSTEM_VA flag, - // disregarding the fact that other MDL flags may be set by the system or a dump filter (e.g. MDL_SOURCE_IS_NONPAGED_POOL flag only). - // Therefore, to work around this issue, the original flags will be restored even if they do not match the new MDL. - // MS BitLocker also uses this hack/workaround (it should be safe to use until the MDL structure is changed). - - writeMdl->MdlFlags = origMdlFlags; - - return STATUS_SUCCESS; -} - - -static NTSTATUS DumpFilterFinish (PFILTER_EXTENSION filterExtension) -{ - Dump ("DumpFilterFinish type=%d\n", filterExtension->DumpType); - - return STATUS_SUCCESS; -} - - -static NTSTATUS DumpFilterUnload (PFILTER_EXTENSION filterExtension) -{ - Dump ("DumpFilterUnload type=%d\n", filterExtension->DumpType); - - if (WriteFilterBuffer) - { - memset (WriteFilterBuffer, 0, WriteFilterBufferSize); - MmFreeContiguousMemory (WriteFilterBuffer); - WriteFilterBuffer = NULL; - } - - return STATUS_SUCCESS; -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "DumpFilter.h" +#include "DriveFilter.h" +#include "Ntdriver.h" +#include "Tests.h" + +static DriveFilterExtension *BootDriveFilterExtension = NULL; +static LARGE_INTEGER DumpPartitionOffset; +static byte *WriteFilterBuffer = NULL; +static SIZE_T WriteFilterBufferSize; + + +NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZATION_DATA filterInitData) +{ + GetSystemDriveDumpConfigRequest dumpConfig; + PHYSICAL_ADDRESS highestAcceptableWriteBufferAddr; + STORAGE_DEVICE_NUMBER storageDeviceNumber; + PARTITION_INFORMATION partitionInfo; + LONG version; + NTSTATUS status; + + Dump ("DumpFilterEntry type=%d\n", filterExtension->DumpType); + + filterInitData->MajorVersion = DUMP_FILTER_MAJOR_VERSION; + filterInitData->MinorVersion = DUMP_FILTER_MINOR_VERSION; + filterInitData->Flags |= DUMP_FILTER_CRITICAL; + + // Check driver version of the main device + status = TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &version, sizeof (version)); + if (!NT_SUCCESS (status)) + goto err; + + if (version != VERSION_NUM) + { + status = STATUS_INVALID_PARAMETER; + goto err; + } + + // Get dump configuration from the main device + status = TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG, NULL, 0, &dumpConfig, sizeof (dumpConfig)); + if (!NT_SUCCESS (status)) + goto err; + + BootDriveFilterExtension = dumpConfig.BootDriveFilterExtension; + + if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER) + { + status = STATUS_CRC_ERROR; + goto err; + } + + // KeSaveFloatingPointState() may generate a bug check during crash dump +#if !defined (_WIN64) + if (filterExtension->DumpType == DumpTypeCrashdump) + dumpConfig.HwEncryptionEnabled = FALSE; +#endif + + EnableHwEncryption (dumpConfig.HwEncryptionEnabled); + + if (!AutoTestAlgorithms()) + { + status = STATUS_INVALID_PARAMETER; + goto err; + } + + // Check dump volume is located on the system drive + status = SendDeviceIoControlRequest (filterExtension->DeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber)); + if (!NT_SUCCESS (status)) + goto err; + + if (!BootDriveFilterExtension->SystemStorageDeviceNumberValid) + { + status = STATUS_INVALID_PARAMETER; + goto err; + } + + if (storageDeviceNumber.DeviceNumber != BootDriveFilterExtension->SystemStorageDeviceNumber) + { + status = STATUS_ACCESS_DENIED; + goto err; + } + + // Check dump volume is located within the scope of system encryption + status = SendDeviceIoControlRequest (filterExtension->DeviceObject, IOCTL_DISK_GET_PARTITION_INFO, NULL, 0, &partitionInfo, sizeof (partitionInfo)); + if (!NT_SUCCESS (status)) + goto err; + + DumpPartitionOffset = partitionInfo.StartingOffset; + + if (DumpPartitionOffset.QuadPart < BootDriveFilterExtension->ConfiguredEncryptedAreaStart + || DumpPartitionOffset.QuadPart > BootDriveFilterExtension->ConfiguredEncryptedAreaEnd) + { + status = STATUS_ACCESS_DENIED; + goto err; + } + + // Allocate buffer for encryption + if (filterInitData->MaxPagesPerWrite == 0) + { + status = STATUS_INVALID_PARAMETER; + goto err; + } + + WriteFilterBufferSize = filterInitData->MaxPagesPerWrite * PAGE_SIZE; + +#ifdef _WIN64 + highestAcceptableWriteBufferAddr.QuadPart = 0x7FFffffFFFFLL; +#else + highestAcceptableWriteBufferAddr.QuadPart = 0xffffFFFFLL; +#endif + + WriteFilterBuffer = MmAllocateContiguousMemory (WriteFilterBufferSize, highestAcceptableWriteBufferAddr); + if (!WriteFilterBuffer) + { + status = STATUS_INSUFFICIENT_RESOURCES; + goto err; + } + + filterInitData->DumpStart = DumpFilterStart; + filterInitData->DumpWrite = DumpFilterWrite; + filterInitData->DumpFinish = DumpFilterFinish; + filterInitData->DumpUnload = DumpFilterUnload; + + Dump ("Dump filter loaded type=%d\n", filterExtension->DumpType); + return STATUS_SUCCESS; + +err: + Dump ("DumpFilterEntry error %x\n", status); + return status; +} + + +static NTSTATUS DumpFilterStart (PFILTER_EXTENSION filterExtension) +{ + Dump ("DumpFilterStart type=%d\n", filterExtension->DumpType); + + if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER) + TC_BUG_CHECK (STATUS_CRC_ERROR); + + return BootDriveFilterExtension->DriveMounted ? STATUS_SUCCESS : STATUS_UNSUCCESSFUL; +} + + +static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEGER diskWriteOffset, PMDL writeMdl) +{ + ULONG dataLength = MmGetMdlByteCount (writeMdl); + uint64 offset = DumpPartitionOffset.QuadPart + diskWriteOffset->QuadPart; + uint64 intersectStart; + uint32 intersectLength; + PVOID writeBuffer; + CSHORT origMdlFlags; + + if (BootDriveFilterExtension->MagicNumber != TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER) + TC_BUG_CHECK (STATUS_CRC_ERROR); + + if (BootDriveFilterExtension->Queue.EncryptedAreaEndUpdatePending) // Hibernation should always abort the setup thread + TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + + if (BootDriveFilterExtension->Queue.EncryptedAreaStart == -1 || BootDriveFilterExtension->Queue.EncryptedAreaEnd == -1) + return STATUS_SUCCESS; + + if (dataLength > WriteFilterBufferSize) + TC_BUG_CHECK (STATUS_BUFFER_OVERFLOW); // Bug check is required as returning an error does not prevent data from being written to disk + + if ((dataLength & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) + TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + + if ((offset & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) + TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + + writeBuffer = MmGetSystemAddressForMdlSafe (writeMdl, HighPagePriority); + if (!writeBuffer) + TC_BUG_CHECK (STATUS_INSUFFICIENT_RESOURCES); + + memcpy (WriteFilterBuffer, writeBuffer, dataLength); + + GetIntersection (offset, + dataLength, + BootDriveFilterExtension->Queue.EncryptedAreaStart, + BootDriveFilterExtension->Queue.EncryptedAreaEnd, + &intersectStart, + &intersectLength); + + if (intersectLength > 0) + { + UINT64_STRUCT dataUnit; + dataUnit.Value = intersectStart / ENCRYPTION_DATA_UNIT_SIZE; + + if (BootDriveFilterExtension->Queue.RemapEncryptedArea) + { + diskWriteOffset->QuadPart += BootDriveFilterExtension->Queue.RemappedAreaOffset; + dataUnit.Value += BootDriveFilterExtension->Queue.RemappedAreaDataUnitOffset; + } + + EncryptDataUnitsCurrentThread (WriteFilterBuffer + (intersectStart - offset), + &dataUnit, + intersectLength / ENCRYPTION_DATA_UNIT_SIZE, + BootDriveFilterExtension->Queue.CryptoInfo); + } + + origMdlFlags = writeMdl->MdlFlags; + + MmInitializeMdl (writeMdl, WriteFilterBuffer, dataLength); + MmBuildMdlForNonPagedPool (writeMdl); + + // Instead of using MmGetSystemAddressForMdlSafe(), some buggy custom storage drivers may directly test MDL_MAPPED_TO_SYSTEM_VA flag, + // disregarding the fact that other MDL flags may be set by the system or a dump filter (e.g. MDL_SOURCE_IS_NONPAGED_POOL flag only). + // Therefore, to work around this issue, the original flags will be restored even if they do not match the new MDL. + // MS BitLocker also uses this hack/workaround (it should be safe to use until the MDL structure is changed). + + writeMdl->MdlFlags = origMdlFlags; + + return STATUS_SUCCESS; +} + + +static NTSTATUS DumpFilterFinish (PFILTER_EXTENSION filterExtension) +{ + Dump ("DumpFilterFinish type=%d\n", filterExtension->DumpType); + + return STATUS_SUCCESS; +} + + +static NTSTATUS DumpFilterUnload (PFILTER_EXTENSION filterExtension) +{ + Dump ("DumpFilterUnload type=%d\n", filterExtension->DumpType); + + if (WriteFilterBuffer) + { + memset (WriteFilterBuffer, 0, WriteFilterBufferSize); + MmFreeContiguousMemory (WriteFilterBuffer); + WriteFilterBuffer = NULL; + } + + return STATUS_SUCCESS; +} diff --git a/src/Driver/DumpFilter.h b/src/Driver/DumpFilter.h index f288107e..ea6599a5 100644 --- a/src/Driver/DumpFilter.h +++ b/src/Driver/DumpFilter.h @@ -1,25 +1,25 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_DRIVER_DUMP_FILTER -#define TC_HEADER_DRIVER_DUMP_FILTER - -#include "Tcdefs.h" -#include - -NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZATION_DATA filterInitData); -static NTSTATUS DumpFilterStart (PFILTER_EXTENSION filterExtension); -static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEGER diskWriteOffset, PMDL writeMdl); -static NTSTATUS DumpFilterFinish (PFILTER_EXTENSION filterExtension); -static NTSTATUS DumpFilterUnload (PFILTER_EXTENSION filterExtension); - -#endif // TC_HEADER_DRIVER_DUMP_FILTER +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_DRIVER_DUMP_FILTER +#define TC_HEADER_DRIVER_DUMP_FILTER + +#include "Tcdefs.h" +#include + +NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZATION_DATA filterInitData); +static NTSTATUS DumpFilterStart (PFILTER_EXTENSION filterExtension); +static NTSTATUS DumpFilterWrite (PFILTER_EXTENSION filterExtension, PLARGE_INTEGER diskWriteOffset, PMDL writeMdl); +static NTSTATUS DumpFilterFinish (PFILTER_EXTENSION filterExtension); +static NTSTATUS DumpFilterUnload (PFILTER_EXTENSION filterExtension); + +#endif // TC_HEADER_DRIVER_DUMP_FILTER diff --git a/src/Driver/EncryptedIoQueue.c b/src/Driver/EncryptedIoQueue.c index 1f57ad5c..637f8504 100644 --- a/src/Driver/EncryptedIoQueue.c +++ b/src/Driver/EncryptedIoQueue.c @@ -1,1049 +1,1049 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "TCdefs.h" -#include "Apidrvr.h" -#include "Ntdriver.h" -#include "DriveFilter.h" -#include "EncryptedIoQueue.h" -#include "EncryptionThreadPool.h" -#include "Volumes.h" -#include - - -static void AcquireBufferPoolMutex (EncryptedIoQueue *queue) -{ - NTSTATUS status; - - status = KeWaitForMutexObject (&queue->BufferPoolMutex, Executive, KernelMode, FALSE, NULL); - if (!NT_SUCCESS (status)) - TC_BUG_CHECK (status); -} - - -static void ReleaseBufferPoolMutex (EncryptedIoQueue *queue) -{ - KeReleaseMutex (&queue->BufferPoolMutex, FALSE); -} - - -static void *GetPoolBuffer (EncryptedIoQueue *queue, ULONG requestedSize) -{ - EncryptedIoQueueBuffer *buffer; - void *bufferAddress = NULL; - BOOL requestedSizePresentInPool = FALSE; - - while (TRUE) - { - AcquireBufferPoolMutex (queue); - - for (buffer = queue->FirstPoolBuffer; ; buffer = buffer->NextBuffer) - { - if (buffer && buffer->Size == requestedSize) - { - requestedSizePresentInPool = TRUE; - - if (!buffer->InUse) - { - // Reuse a free buffer - buffer->InUse = TRUE; - bufferAddress = buffer->Address; - break; - } - } - - if (!buffer || !buffer->NextBuffer) - { - EncryptedIoQueueBuffer *newBuffer; - - if (requestedSizePresentInPool && !queue->StartPending) - break; - - // Allocate a new buffer - newBuffer = TCalloc (sizeof (EncryptedIoQueueBuffer)); - if (!newBuffer) - { - bufferAddress = NULL; - break; - } - - bufferAddress = TCalloc (requestedSize); - if (bufferAddress) - { - newBuffer->NextBuffer = NULL; - newBuffer->Address = bufferAddress; - newBuffer->Size = requestedSize; - newBuffer->InUse = TRUE; - - if (!buffer) - queue->FirstPoolBuffer = newBuffer; - else - buffer->NextBuffer = newBuffer; - } - else - TCfree (newBuffer); - - break; - } - } - - ReleaseBufferPoolMutex (queue); - - if (bufferAddress || !requestedSizePresentInPool || queue->StartPending) - break; - - KeWaitForSingleObject (&queue->PoolBufferFreeEvent, Executive, KernelMode, FALSE, NULL); - } - - return bufferAddress; -} - - -static void ReleasePoolBuffer (EncryptedIoQueue *queue, void *address) -{ - EncryptedIoQueueBuffer *buffer; - AcquireBufferPoolMutex (queue); - - for (buffer = queue->FirstPoolBuffer; buffer != NULL; buffer = buffer->NextBuffer) - { - if (buffer->Address == address) - { - ASSERT (buffer->InUse); - - buffer->InUse = FALSE; - break; - } - } - - ReleaseBufferPoolMutex (queue); - KeSetEvent (&queue->PoolBufferFreeEvent, IO_DISK_INCREMENT, FALSE); -} - - -static void FreePoolBuffers (EncryptedIoQueue *queue) -{ - EncryptedIoQueueBuffer *buffer; - AcquireBufferPoolMutex (queue); - - for (buffer = queue->FirstPoolBuffer; buffer != NULL; ) - { - EncryptedIoQueueBuffer *nextBuffer = buffer->NextBuffer; - - ASSERT (!buffer->InUse || queue->StartPending); - - TCfree (buffer->Address); - TCfree (buffer); - - buffer = nextBuffer; - } - - queue->FirstPoolBuffer = NULL; - ReleaseBufferPoolMutex (queue); -} - - -static void DecrementOutstandingIoCount (EncryptedIoQueue *queue) -{ - if (InterlockedDecrement (&queue->OutstandingIoCount) == 0 && (queue->SuspendPending || queue->StopPending)) - KeSetEvent (&queue->NoOutstandingIoEvent, IO_DISK_INCREMENT, FALSE); -} - - -static void OnItemCompleted (EncryptedIoQueueItem *item, BOOL freeItem) -{ - DecrementOutstandingIoCount (item->Queue); - IoReleaseRemoveLock (&item->Queue->RemoveLock, item->OriginalIrp); - - if (NT_SUCCESS (item->Status)) - { - if (item->Write) - item->Queue->TotalBytesWritten += item->OriginalLength; - else - item->Queue->TotalBytesRead += item->OriginalLength; - } - - if (freeItem) - ReleasePoolBuffer (item->Queue, item); -} - - -static NTSTATUS CompleteOriginalIrp (EncryptedIoQueueItem *item, NTSTATUS status, ULONG_PTR information) -{ -#ifdef TC_TRACE_IO_QUEUE - Dump ("< %I64d [%I64d] %c status=%x info=%I64d\n", item->OriginalIrpOffset, GetElapsedTime (&item->Queue->LastPerformanceCounter), item->Write ? 'W' : 'R', status, (int64) information); -#endif - - TCCompleteDiskIrp (item->OriginalIrp, status, information); - - item->Status = status; - OnItemCompleted (item, TRUE); - - return status; -} - - -static void AcquireFragmentBuffer (EncryptedIoQueue *queue, byte *buffer) -{ - NTSTATUS status = STATUS_INVALID_PARAMETER; - - if (buffer == queue->FragmentBufferA) - { - status = KeWaitForSingleObject (&queue->FragmentBufferAFreeEvent, Executive, KernelMode, FALSE, NULL); - } - else if (buffer == queue->FragmentBufferB) - { - status = KeWaitForSingleObject (&queue->FragmentBufferBFreeEvent, Executive, KernelMode, FALSE, NULL); - } - - if (!NT_SUCCESS (status)) - TC_BUG_CHECK (status); -} - - -static void ReleaseFragmentBuffer (EncryptedIoQueue *queue, byte *buffer) -{ - if (buffer == queue->FragmentBufferA) - { - KeSetEvent (&queue->FragmentBufferAFreeEvent, IO_DISK_INCREMENT, FALSE); - } - else if (buffer == queue->FragmentBufferB) - { - KeSetEvent (&queue->FragmentBufferBFreeEvent, IO_DISK_INCREMENT, FALSE); - } - else - { - TC_BUG_CHECK (STATUS_INVALID_PARAMETER); - } -} - - -static VOID CompletionThreadProc (PVOID threadArg) -{ - EncryptedIoQueue *queue = (EncryptedIoQueue *) threadArg; - PLIST_ENTRY listEntry; - EncryptedIoRequest *request; - UINT64_STRUCT dataUnit; - - if (IsEncryptionThreadPoolRunning()) - KeSetPriorityThread (KeGetCurrentThread(), LOW_REALTIME_PRIORITY); - - while (!queue->ThreadExitRequested) - { - if (!NT_SUCCESS (KeWaitForSingleObject (&queue->CompletionThreadQueueNotEmptyEvent, Executive, KernelMode, FALSE, NULL))) - continue; - - if (queue->ThreadExitRequested) - break; - - while ((listEntry = ExInterlockedRemoveHeadList (&queue->CompletionThreadQueue, &queue->CompletionThreadQueueLock))) - { - request = CONTAINING_RECORD (listEntry, EncryptedIoRequest, CompletionListEntry); - - if (request->EncryptedLength > 0 && NT_SUCCESS (request->Item->Status)) - { - ASSERT (request->EncryptedOffset + request->EncryptedLength <= request->Offset.QuadPart + request->Length); - dataUnit.Value = (request->Offset.QuadPart + request->EncryptedOffset) / ENCRYPTION_DATA_UNIT_SIZE; - - if (queue->CryptoInfo->bPartitionInInactiveSysEncScope) - dataUnit.Value += queue->CryptoInfo->FirstDataUnitNo.Value; - else if (queue->RemapEncryptedArea) - dataUnit.Value += queue->RemappedAreaDataUnitOffset; - - DecryptDataUnits (request->Data + request->EncryptedOffset, &dataUnit, request->EncryptedLength / ENCRYPTION_DATA_UNIT_SIZE, queue->CryptoInfo); - } - - if (request->CompleteOriginalIrp) - { - CompleteOriginalIrp (request->Item, request->Item->Status, - NT_SUCCESS (request->Item->Status) ? request->Item->OriginalLength : 0); - } - - ReleasePoolBuffer (queue, request); - } - } - - PsTerminateSystemThread (STATUS_SUCCESS); -} - - -static NTSTATUS TCCachedRead (EncryptedIoQueue *queue, IO_STATUS_BLOCK *ioStatus, PVOID buffer, LARGE_INTEGER offset, ULONG length) -{ - queue->LastReadOffset = offset; - queue->LastReadLength = length; - - if (queue->ReadAheadBufferValid && queue->ReadAheadOffset.QuadPart == offset.QuadPart && queue->ReadAheadLength >= length) - { - memcpy (buffer, queue->ReadAheadBuffer, length); - - if (!queue->IsFilterDevice) - { - ioStatus->Information = length; - ioStatus->Status = STATUS_SUCCESS; - } - - return STATUS_SUCCESS; - } - - if (queue->IsFilterDevice) - return TCReadDevice (queue->LowerDeviceObject, buffer, offset, length); - - return ZwReadFile (queue->HostFileHandle, NULL, NULL, NULL, ioStatus, buffer, length, &offset, NULL); -} - - -static VOID IoThreadProc (PVOID threadArg) -{ - EncryptedIoQueue *queue = (EncryptedIoQueue *) threadArg; - PLIST_ENTRY listEntry; - EncryptedIoRequest *request; - - KeSetPriorityThread (KeGetCurrentThread(), LOW_REALTIME_PRIORITY); - - if (!queue->IsFilterDevice && queue->SecurityClientContext) - { -#ifdef DEBUG - NTSTATUS status = -#endif - SeImpersonateClientEx (queue->SecurityClientContext, NULL); - ASSERT (NT_SUCCESS (status)); - } - - while (!queue->ThreadExitRequested) - { - if (!NT_SUCCESS (KeWaitForSingleObject (&queue->IoThreadQueueNotEmptyEvent, Executive, KernelMode, FALSE, NULL))) - continue; - - if (queue->ThreadExitRequested) - break; - - while ((listEntry = ExInterlockedRemoveHeadList (&queue->IoThreadQueue, &queue->IoThreadQueueLock))) - { - InterlockedDecrement (&queue->IoThreadPendingRequestCount); - request = CONTAINING_RECORD (listEntry, EncryptedIoRequest, ListEntry); - -#ifdef TC_TRACE_IO_QUEUE - Dump ("%c %I64d [%I64d] roff=%I64d rlen=%d\n", request->Item->Write ? 'W' : 'R', request->Item->OriginalIrpOffset.QuadPart, GetElapsedTime (&queue->LastPerformanceCounter), request->Offset.QuadPart, request->Length); -#endif - - // Perform IO request if no preceding request of the item failed - if (NT_SUCCESS (request->Item->Status)) - { - if (queue->IsFilterDevice) - { - if (queue->RemapEncryptedArea && request->EncryptedLength > 0) - { - if (request->EncryptedLength != request->Length) - { - // Up to three subfragments may be required to handle a partially remapped fragment - int subFragment; - byte *subFragmentData = request->Data; - - for (subFragment = 0 ; subFragment < 3; ++subFragment) - { - LARGE_INTEGER subFragmentOffset; - ULONG subFragmentLength; - subFragmentOffset.QuadPart = request->Offset.QuadPart; - - switch (subFragment) - { - case 0: - subFragmentLength = (ULONG) request->EncryptedOffset; - break; - - case 1: - subFragmentOffset.QuadPart += request->EncryptedOffset + queue->RemappedAreaOffset; - subFragmentLength = request->EncryptedLength; - break; - - case 2: - subFragmentOffset.QuadPart += request->EncryptedOffset + request->EncryptedLength; - subFragmentLength = (ULONG) (request->Length - (request->EncryptedOffset + request->EncryptedLength)); - break; - } - - if (subFragmentLength > 0) - { - if (request->Item->Write) - request->Item->Status = TCWriteDevice (queue->LowerDeviceObject, subFragmentData, subFragmentOffset, subFragmentLength); - else - request->Item->Status = TCCachedRead (queue, NULL, subFragmentData, subFragmentOffset, subFragmentLength); - - subFragmentData += subFragmentLength; - } - } - } - else - { - // Remap the fragment - LARGE_INTEGER remappedOffset; - remappedOffset.QuadPart = request->Offset.QuadPart + queue->RemappedAreaOffset; - - if (request->Item->Write) - request->Item->Status = TCWriteDevice (queue->LowerDeviceObject, request->Data, remappedOffset, request->Length); - else - request->Item->Status = TCCachedRead (queue, NULL, request->Data, remappedOffset, request->Length); - } - } - else - { - if (request->Item->Write) - request->Item->Status = TCWriteDevice (queue->LowerDeviceObject, request->Data, request->Offset, request->Length); - else - request->Item->Status = TCCachedRead (queue, NULL, request->Data, request->Offset, request->Length); - } - } - else - { - IO_STATUS_BLOCK ioStatus; - - if (request->Item->Write) - request->Item->Status = ZwWriteFile (queue->HostFileHandle, NULL, NULL, NULL, &ioStatus, request->Data, request->Length, &request->Offset, NULL); - else - request->Item->Status = TCCachedRead (queue, &ioStatus, request->Data, request->Offset, request->Length); - - if (NT_SUCCESS (request->Item->Status) && ioStatus.Information != request->Length) - request->Item->Status = STATUS_END_OF_FILE; - } - } - - if (request->Item->Write) - { - queue->ReadAheadBufferValid = FALSE; - - ReleaseFragmentBuffer (queue, request->Data); - - if (request->CompleteOriginalIrp) - { - CompleteOriginalIrp (request->Item, request->Item->Status, - NT_SUCCESS (request->Item->Status) ? request->Item->OriginalLength : 0); - } - - ReleasePoolBuffer (queue, request); - } - else - { - BOOL readAhead = FALSE; - - if (NT_SUCCESS (request->Item->Status)) - memcpy (request->OrigDataBufferFragment, request->Data, request->Length); - - ReleaseFragmentBuffer (queue, request->Data); - request->Data = request->OrigDataBufferFragment; - - if (request->CompleteOriginalIrp - && queue->LastReadLength > 0 - && NT_SUCCESS (request->Item->Status) - && InterlockedExchangeAdd (&queue->IoThreadPendingRequestCount, 0) == 0) - { - readAhead = TRUE; - InterlockedIncrement (&queue->OutstandingIoCount); - } - - ExInterlockedInsertTailList (&queue->CompletionThreadQueue, &request->CompletionListEntry, &queue->CompletionThreadQueueLock); - KeSetEvent (&queue->CompletionThreadQueueNotEmptyEvent, IO_DISK_INCREMENT, FALSE); - - if (readAhead) - { - queue->ReadAheadBufferValid = FALSE; - queue->ReadAheadOffset.QuadPart = queue->LastReadOffset.QuadPart + queue->LastReadLength; - queue->ReadAheadLength = queue->LastReadLength; - - if (queue->ReadAheadOffset.QuadPart + queue->ReadAheadLength <= queue->MaxReadAheadOffset.QuadPart) - { -#ifdef TC_TRACE_IO_QUEUE - Dump ("A %I64d [%I64d] roff=%I64d rlen=%d\n", request->Item->OriginalIrpOffset.QuadPart, GetElapsedTime (&queue->LastPerformanceCounter), queue->ReadAheadOffset, queue->ReadAheadLength); -#endif - if (queue->IsFilterDevice) - { - queue->ReadAheadBufferValid = NT_SUCCESS (TCReadDevice (queue->LowerDeviceObject, queue->ReadAheadBuffer, queue->ReadAheadOffset, queue->ReadAheadLength)); - } - else - { - IO_STATUS_BLOCK ioStatus; - queue->ReadAheadBufferValid = NT_SUCCESS (ZwReadFile (queue->HostFileHandle, NULL, NULL, NULL, &ioStatus, queue->ReadAheadBuffer, queue->ReadAheadLength, &queue->ReadAheadOffset, NULL)); - queue->ReadAheadLength = (ULONG) ioStatus.Information; - } - } - - DecrementOutstandingIoCount (queue); - } - } - } - } - - PsTerminateSystemThread (STATUS_SUCCESS); -} - - -static VOID MainThreadProc (PVOID threadArg) -{ - EncryptedIoQueue *queue = (EncryptedIoQueue *) threadArg; - PLIST_ENTRY listEntry; - EncryptedIoQueueItem *item; - - LARGE_INTEGER fragmentOffset; - ULONG dataRemaining; - PUCHAR activeFragmentBuffer = queue->FragmentBufferA; - PUCHAR dataBuffer; - EncryptedIoRequest *request; - uint64 intersectStart; - uint32 intersectLength; - ULONGLONG addResult; - HRESULT hResult; - - if (IsEncryptionThreadPoolRunning()) - KeSetPriorityThread (KeGetCurrentThread(), LOW_REALTIME_PRIORITY); - - while (!queue->ThreadExitRequested) - { - if (!NT_SUCCESS (KeWaitForSingleObject (&queue->MainThreadQueueNotEmptyEvent, Executive, KernelMode, FALSE, NULL))) - continue; - - while ((listEntry = ExInterlockedRemoveHeadList (&queue->MainThreadQueue, &queue->MainThreadQueueLock))) - { - PIRP irp = CONTAINING_RECORD (listEntry, IRP, Tail.Overlay.ListEntry); - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (irp); - - if (queue->Suspended) - KeWaitForSingleObject (&queue->QueueResumedEvent, Executive, KernelMode, FALSE, NULL); - - item = GetPoolBuffer (queue, sizeof (EncryptedIoQueueItem)); - if (!item) - { - TCCompleteDiskIrp (irp, STATUS_INSUFFICIENT_RESOURCES, 0); - DecrementOutstandingIoCount (queue); - IoReleaseRemoveLock (&queue->RemoveLock, irp); - - continue; - } - - item->Queue = queue; - item->OriginalIrp = irp; - item->Status = STATUS_SUCCESS; - - IoSetCancelRoutine (irp, NULL); - if (irp->Cancel) - { - CompleteOriginalIrp (item, STATUS_CANCELLED, 0); - continue; - } - - switch (irpSp->MajorFunction) - { - case IRP_MJ_READ: - item->Write = FALSE; - item->OriginalOffset = irpSp->Parameters.Read.ByteOffset; - item->OriginalLength = irpSp->Parameters.Read.Length; - break; - - case IRP_MJ_WRITE: - item->Write = TRUE; - item->OriginalOffset = irpSp->Parameters.Write.ByteOffset; - item->OriginalLength = irpSp->Parameters.Write.Length; - break; - - default: - CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0); - continue; - } - -#ifdef TC_TRACE_IO_QUEUE - item->OriginalIrpOffset = item->OriginalOffset; -#endif - - // Handle misaligned read operations to work around a bug in Windows System Assessment Tool which does not follow FILE_FLAG_NO_BUFFERING requirements when benchmarking disk devices - if (queue->IsFilterDevice - && !item->Write - && item->OriginalLength > 0 - && (item->OriginalLength & (ENCRYPTION_DATA_UNIT_SIZE - 1)) == 0 - && (item->OriginalOffset.QuadPart & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) - { - byte *buffer; - ULONG alignedLength; - LARGE_INTEGER alignedOffset; - hResult = ULongAdd(item->OriginalLength, ENCRYPTION_DATA_UNIT_SIZE, &alignedLength); - if (hResult != S_OK) - { - CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0); - continue; - } - - alignedOffset.QuadPart = item->OriginalOffset.QuadPart & ~((LONGLONG) ENCRYPTION_DATA_UNIT_SIZE - 1); - - buffer = TCalloc (alignedLength); - if (!buffer) - { - CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0); - continue; - } - - item->Status = TCReadDevice (queue->LowerDeviceObject, buffer, alignedOffset, alignedLength); - - if (NT_SUCCESS (item->Status)) - { - UINT64_STRUCT dataUnit; - - dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, HighPagePriority); - if (!dataBuffer) - { - TCfree (buffer); - CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0); - continue; - } - - if (queue->EncryptedAreaStart != -1 && queue->EncryptedAreaEnd != -1) - { - GetIntersection (alignedOffset.QuadPart, alignedLength, queue->EncryptedAreaStart, queue->EncryptedAreaEnd, &intersectStart, &intersectLength); - if (intersectLength > 0) - { - dataUnit.Value = intersectStart / ENCRYPTION_DATA_UNIT_SIZE; - DecryptDataUnits (buffer + (intersectStart - alignedOffset.QuadPart), &dataUnit, intersectLength / ENCRYPTION_DATA_UNIT_SIZE, queue->CryptoInfo); - } - } - - memcpy (dataBuffer, buffer + (item->OriginalOffset.LowPart & (ENCRYPTION_DATA_UNIT_SIZE - 1)), item->OriginalLength); - } - - TCfree (buffer); - CompleteOriginalIrp (item, item->Status, NT_SUCCESS (item->Status) ? item->OriginalLength : 0); - continue; - } - - // Validate offset and length - if (item->OriginalLength == 0 - || (item->OriginalLength & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0 - || (item->OriginalOffset.QuadPart & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0 - || ( !queue->IsFilterDevice && - ( (S_OK != ULongLongAdd(item->OriginalOffset.QuadPart, item->OriginalLength, &addResult)) - || (addResult > (ULONGLONG) queue->VirtualDeviceLength) - ) - ) - ) - { - CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0); - continue; - } - -#ifdef TC_TRACE_IO_QUEUE - Dump ("Q %I64d [%I64d] %c len=%d\n", item->OriginalOffset.QuadPart, GetElapsedTime (&queue->LastPerformanceCounter), item->Write ? 'W' : 'R', item->OriginalLength); -#endif - - if (!queue->IsFilterDevice) - { - // Adjust the offset for host file or device - if (queue->CryptoInfo->hiddenVolume) - hResult = ULongLongAdd(item->OriginalOffset.QuadPart, queue->CryptoInfo->hiddenVolumeOffset, &addResult); - else - hResult = ULongLongAdd(item->OriginalOffset.QuadPart, queue->CryptoInfo->volDataAreaOffset, &addResult); - - if (hResult != S_OK) - { - CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0); - continue; - } - else - item->OriginalOffset.QuadPart = addResult; - - // Hidden volume protection - if (item->Write && queue->CryptoInfo->bProtectHiddenVolume) - { - // If there has already been a write operation denied in order to protect the - // hidden volume (since the volume mount time) - if (queue->CryptoInfo->bHiddenVolProtectionAction) - { - // Do not allow writing to this volume anymore. This is to fake a complete volume - // or system failure (otherwise certain kinds of inconsistency within the file - // system could indicate that this volume has used hidden volume protection). - CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0); - continue; - } - - // Verify that no byte is going to be written to the hidden volume area - if (RegionsOverlap ((unsigned __int64) item->OriginalOffset.QuadPart, - (unsigned __int64) item->OriginalOffset.QuadPart + item->OriginalLength - 1, - queue->CryptoInfo->hiddenVolumeOffset, - (unsigned __int64) queue->CryptoInfo->hiddenVolumeOffset + queue->CryptoInfo->hiddenVolumeProtectedSize - 1)) - { - Dump ("Hidden volume protection triggered: write %I64d-%I64d (protected %I64d-%I64d)\n", item->OriginalOffset.QuadPart, item->OriginalOffset.QuadPart + item->OriginalLength - 1, queue->CryptoInfo->hiddenVolumeOffset, queue->CryptoInfo->hiddenVolumeOffset + queue->CryptoInfo->hiddenVolumeProtectedSize - 1); - queue->CryptoInfo->bHiddenVolProtectionAction = TRUE; - - // Deny this write operation to prevent the hidden volume from being overwritten - CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0); - continue; - } - } - } - else if (item->Write - && RegionsOverlap (item->OriginalOffset.QuadPart, item->OriginalOffset.QuadPart + item->OriginalLength - 1, TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET, TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET + TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE - 1)) - { - // Prevent inappropriately designed software from damaging important data that may be out of sync with the backup on the Rescue Disk (such as the end of the encrypted area). - Dump ("Preventing write to the system encryption key data area\n"); - CompleteOriginalIrp (item, STATUS_MEDIA_WRITE_PROTECTED, 0); - continue; - } - else if (item->Write && IsHiddenSystemRunning() - && (RegionsOverlap (item->OriginalOffset.QuadPart, item->OriginalOffset.QuadPart + item->OriginalLength - 1, TC_SECTOR_SIZE_BIOS, TC_BOOT_LOADER_AREA_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS - 1) - || RegionsOverlap (item->OriginalOffset.QuadPart, item->OriginalOffset.QuadPart + item->OriginalLength - 1, GetBootDriveLength(), _I64_MAX))) - { - Dump ("Preventing write to boot loader or host protected area\n"); - CompleteOriginalIrp (item, STATUS_MEDIA_WRITE_PROTECTED, 0); - continue; - } - - dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, HighPagePriority); - - if (dataBuffer == NULL) - { - CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0); - continue; - } - - // Divide data block to fragments to enable efficient overlapping of encryption and IO operations - - dataRemaining = item->OriginalLength; - fragmentOffset = item->OriginalOffset; - - while (dataRemaining > 0) - { - BOOL isLastFragment = dataRemaining <= TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE; - - ULONG dataFragmentLength = isLastFragment ? dataRemaining : TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE; - activeFragmentBuffer = (activeFragmentBuffer == queue->FragmentBufferA ? queue->FragmentBufferB : queue->FragmentBufferA); - - InterlockedIncrement (&queue->IoThreadPendingRequestCount); - - // Create IO request - request = GetPoolBuffer (queue, sizeof (EncryptedIoRequest)); - if (!request) - { - CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0); - break; - } - request->Item = item; - request->CompleteOriginalIrp = isLastFragment; - request->Offset = fragmentOffset; - request->Data = activeFragmentBuffer; - request->OrigDataBufferFragment = dataBuffer; - request->Length = dataFragmentLength; - - if (queue->IsFilterDevice) - { - if (queue->EncryptedAreaStart == -1 || queue->EncryptedAreaEnd == -1) - { - request->EncryptedLength = 0; - } - else - { - // Get intersection of data fragment with encrypted area - GetIntersection (fragmentOffset.QuadPart, dataFragmentLength, queue->EncryptedAreaStart, queue->EncryptedAreaEnd, &intersectStart, &intersectLength); - - request->EncryptedOffset = intersectStart - fragmentOffset.QuadPart; - request->EncryptedLength = intersectLength; - } - } - else - { - request->EncryptedOffset = 0; - request->EncryptedLength = dataFragmentLength; - } - - AcquireFragmentBuffer (queue, activeFragmentBuffer); - - if (item->Write) - { - // Encrypt data - memcpy (activeFragmentBuffer, dataBuffer, dataFragmentLength); - - if (request->EncryptedLength > 0) - { - UINT64_STRUCT dataUnit; - ASSERT (request->EncryptedOffset + request->EncryptedLength <= request->Offset.QuadPart + request->Length); - - dataUnit.Value = (request->Offset.QuadPart + request->EncryptedOffset) / ENCRYPTION_DATA_UNIT_SIZE; - - if (queue->CryptoInfo->bPartitionInInactiveSysEncScope) - dataUnit.Value += queue->CryptoInfo->FirstDataUnitNo.Value; - else if (queue->RemapEncryptedArea) - dataUnit.Value += queue->RemappedAreaDataUnitOffset; - - EncryptDataUnits (activeFragmentBuffer + request->EncryptedOffset, &dataUnit, request->EncryptedLength / ENCRYPTION_DATA_UNIT_SIZE, queue->CryptoInfo); - } - } - - // Queue IO request - ExInterlockedInsertTailList (&queue->IoThreadQueue, &request->ListEntry, &queue->IoThreadQueueLock); - KeSetEvent (&queue->IoThreadQueueNotEmptyEvent, IO_DISK_INCREMENT, FALSE); - - if (isLastFragment) - break; - - dataRemaining -= TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE; - dataBuffer += TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE; - fragmentOffset.QuadPart += TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE; - } - } - } - - PsTerminateSystemThread (STATUS_SUCCESS); -} - - -NTSTATUS EncryptedIoQueueAddIrp (EncryptedIoQueue *queue, PIRP irp) -{ - NTSTATUS status; - - InterlockedIncrement (&queue->OutstandingIoCount); - if (queue->StopPending) - { - Dump ("STATUS_DEVICE_NOT_READY out=%d\n", queue->OutstandingIoCount); - status = STATUS_DEVICE_NOT_READY; - goto err; - } - - status = IoAcquireRemoveLock (&queue->RemoveLock, irp); - if (!NT_SUCCESS (status)) - goto err; - -#ifdef TC_TRACE_IO_QUEUE - { - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (irp); - Dump ("* %I64d [%I64d] %c len=%d out=%d\n", irpSp->MajorFunction == IRP_MJ_WRITE ? irpSp->Parameters.Write.ByteOffset : irpSp->Parameters.Read.ByteOffset, GetElapsedTime (&queue->LastPerformanceCounter), irpSp->MajorFunction == IRP_MJ_WRITE ? 'W' : 'R', irpSp->MajorFunction == IRP_MJ_WRITE ? irpSp->Parameters.Write.Length : irpSp->Parameters.Read.Length, queue->OutstandingIoCount); - } -#endif - - IoMarkIrpPending (irp); - - ExInterlockedInsertTailList (&queue->MainThreadQueue, &irp->Tail.Overlay.ListEntry, &queue->MainThreadQueueLock); - KeSetEvent (&queue->MainThreadQueueNotEmptyEvent, IO_DISK_INCREMENT, FALSE); - - return STATUS_PENDING; - -err: - DecrementOutstandingIoCount (queue); - return status; -} - - -NTSTATUS EncryptedIoQueueHoldWhenIdle (EncryptedIoQueue *queue, int64 timeout) -{ - NTSTATUS status; - ASSERT (!queue->Suspended); - - queue->SuspendPending = TRUE; - - while (TRUE) - { - while (InterlockedExchangeAdd (&queue->OutstandingIoCount, 0) > 0) - { - LARGE_INTEGER waitTimeout; - - waitTimeout.QuadPart = timeout * -10000; - status = KeWaitForSingleObject (&queue->NoOutstandingIoEvent, Executive, KernelMode, FALSE, timeout != 0 ? &waitTimeout : NULL); - - if (status == STATUS_TIMEOUT) - status = STATUS_UNSUCCESSFUL; - - if (!NT_SUCCESS (status)) - { - queue->SuspendPending = FALSE; - return status; - } - - TCSleep (1); - if (InterlockedExchangeAdd (&queue->OutstandingIoCount, 0) > 0) - { - queue->SuspendPending = FALSE; - return STATUS_UNSUCCESSFUL; - } - } - - KeClearEvent (&queue->QueueResumedEvent); - queue->Suspended = TRUE; - - if (InterlockedExchangeAdd (&queue->OutstandingIoCount, 0) == 0) - break; - - queue->Suspended = FALSE; - KeSetEvent (&queue->QueueResumedEvent, IO_DISK_INCREMENT, FALSE); - } - - queue->ReadAheadBufferValid = FALSE; - - queue->SuspendPending = FALSE; - return STATUS_SUCCESS; -} - - -BOOL EncryptedIoQueueIsSuspended (EncryptedIoQueue *queue) -{ - return queue->Suspended; -} - - -BOOL EncryptedIoQueueIsRunning (EncryptedIoQueue *queue) -{ - return !queue->StopPending; -} - - -NTSTATUS EncryptedIoQueueResumeFromHold (EncryptedIoQueue *queue) -{ - ASSERT (queue->Suspended); - - queue->Suspended = FALSE; - KeSetEvent (&queue->QueueResumedEvent, IO_DISK_INCREMENT, FALSE); - - return STATUS_SUCCESS; -} - - -NTSTATUS EncryptedIoQueueStart (EncryptedIoQueue *queue) -{ - NTSTATUS status; - EncryptedIoQueueBuffer *buffer; - int i; - - queue->StartPending = TRUE; - queue->ThreadExitRequested = FALSE; - - queue->OutstandingIoCount = 0; - queue->IoThreadPendingRequestCount = 0; - - queue->FirstPoolBuffer = NULL; - KeInitializeMutex (&queue->BufferPoolMutex, 0); - - KeInitializeEvent (&queue->NoOutstandingIoEvent, SynchronizationEvent, FALSE); - KeInitializeEvent (&queue->PoolBufferFreeEvent, SynchronizationEvent, FALSE); - KeInitializeEvent (&queue->QueueResumedEvent, SynchronizationEvent, FALSE); - - queue->FragmentBufferA = TCalloc (TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE); - if (!queue->FragmentBufferA) - goto noMemory; - - queue->FragmentBufferB = TCalloc (TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE); - if (!queue->FragmentBufferB) - goto noMemory; - - KeInitializeEvent (&queue->FragmentBufferAFreeEvent, SynchronizationEvent, TRUE); - KeInitializeEvent (&queue->FragmentBufferBFreeEvent, SynchronizationEvent, TRUE); - - queue->ReadAheadBufferValid = FALSE; - queue->ReadAheadBuffer = TCalloc (TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE); - if (!queue->ReadAheadBuffer) - goto noMemory; - - // Preallocate buffers - for (i = 0; i < TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT; ++i) - { - if (i < TC_ENC_IO_QUEUE_PREALLOCATED_ITEM_COUNT && !GetPoolBuffer (queue, sizeof (EncryptedIoQueueItem))) - goto noMemory; - - if (!GetPoolBuffer (queue, sizeof (EncryptedIoRequest))) - goto noMemory; - } - - for (buffer = queue->FirstPoolBuffer; buffer != NULL; buffer = buffer->NextBuffer) - { - buffer->InUse = FALSE; - } - - // Main thread - InitializeListHead (&queue->MainThreadQueue); - KeInitializeSpinLock (&queue->MainThreadQueueLock); - KeInitializeEvent (&queue->MainThreadQueueNotEmptyEvent, SynchronizationEvent, FALSE); - - status = TCStartThread (MainThreadProc, queue, &queue->MainThread); - if (!NT_SUCCESS (status)) - goto err; - - // IO thread - InitializeListHead (&queue->IoThreadQueue); - KeInitializeSpinLock (&queue->IoThreadQueueLock); - KeInitializeEvent (&queue->IoThreadQueueNotEmptyEvent, SynchronizationEvent, FALSE); - - status = TCStartThread (IoThreadProc, queue, &queue->IoThread); - if (!NT_SUCCESS (status)) - { - queue->ThreadExitRequested = TRUE; - TCStopThread (queue->MainThread, &queue->MainThreadQueueNotEmptyEvent); - goto err; - } - - // Completion thread - InitializeListHead (&queue->CompletionThreadQueue); - KeInitializeSpinLock (&queue->CompletionThreadQueueLock); - KeInitializeEvent (&queue->CompletionThreadQueueNotEmptyEvent, SynchronizationEvent, FALSE); - - status = TCStartThread (CompletionThreadProc, queue, &queue->CompletionThread); - if (!NT_SUCCESS (status)) - { - queue->ThreadExitRequested = TRUE; - TCStopThread (queue->MainThread, &queue->MainThreadQueueNotEmptyEvent); - TCStopThread (queue->IoThread, &queue->IoThreadQueueNotEmptyEvent); - goto err; - } - -#ifdef TC_TRACE_IO_QUEUE - GetElapsedTimeInit (&queue->LastPerformanceCounter); -#endif - - queue->StopPending = FALSE; - queue->StartPending = FALSE; - - Dump ("Queue started\n"); - return STATUS_SUCCESS; - -noMemory: - status = STATUS_INSUFFICIENT_RESOURCES; - -err: - if (queue->FragmentBufferA) - TCfree (queue->FragmentBufferA); - if (queue->FragmentBufferB) - TCfree (queue->FragmentBufferB); - if (queue->ReadAheadBuffer) - TCfree (queue->ReadAheadBuffer); - - FreePoolBuffers (queue); - - queue->StartPending = FALSE; - return status; -} - - -NTSTATUS EncryptedIoQueueStop (EncryptedIoQueue *queue) -{ - ASSERT (!queue->StopPending); - queue->StopPending = TRUE; - - while (InterlockedExchangeAdd (&queue->OutstandingIoCount, 0) > 0) - { - KeWaitForSingleObject (&queue->NoOutstandingIoEvent, Executive, KernelMode, FALSE, NULL); - } - - Dump ("Queue stopping out=%d\n", queue->OutstandingIoCount); - - queue->ThreadExitRequested = TRUE; - - TCStopThread (queue->MainThread, &queue->MainThreadQueueNotEmptyEvent); - TCStopThread (queue->IoThread, &queue->IoThreadQueueNotEmptyEvent); - TCStopThread (queue->CompletionThread, &queue->CompletionThreadQueueNotEmptyEvent); - - TCfree (queue->FragmentBufferA); - TCfree (queue->FragmentBufferB); - TCfree (queue->ReadAheadBuffer); - - FreePoolBuffers (queue); - - Dump ("Queue stopped out=%d\n", queue->OutstandingIoCount); - return STATUS_SUCCESS; -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "TCdefs.h" +#include "Apidrvr.h" +#include "Ntdriver.h" +#include "DriveFilter.h" +#include "EncryptedIoQueue.h" +#include "EncryptionThreadPool.h" +#include "Volumes.h" +#include + + +static void AcquireBufferPoolMutex (EncryptedIoQueue *queue) +{ + NTSTATUS status; + + status = KeWaitForMutexObject (&queue->BufferPoolMutex, Executive, KernelMode, FALSE, NULL); + if (!NT_SUCCESS (status)) + TC_BUG_CHECK (status); +} + + +static void ReleaseBufferPoolMutex (EncryptedIoQueue *queue) +{ + KeReleaseMutex (&queue->BufferPoolMutex, FALSE); +} + + +static void *GetPoolBuffer (EncryptedIoQueue *queue, ULONG requestedSize) +{ + EncryptedIoQueueBuffer *buffer; + void *bufferAddress = NULL; + BOOL requestedSizePresentInPool = FALSE; + + while (TRUE) + { + AcquireBufferPoolMutex (queue); + + for (buffer = queue->FirstPoolBuffer; ; buffer = buffer->NextBuffer) + { + if (buffer && buffer->Size == requestedSize) + { + requestedSizePresentInPool = TRUE; + + if (!buffer->InUse) + { + // Reuse a free buffer + buffer->InUse = TRUE; + bufferAddress = buffer->Address; + break; + } + } + + if (!buffer || !buffer->NextBuffer) + { + EncryptedIoQueueBuffer *newBuffer; + + if (requestedSizePresentInPool && !queue->StartPending) + break; + + // Allocate a new buffer + newBuffer = TCalloc (sizeof (EncryptedIoQueueBuffer)); + if (!newBuffer) + { + bufferAddress = NULL; + break; + } + + bufferAddress = TCalloc (requestedSize); + if (bufferAddress) + { + newBuffer->NextBuffer = NULL; + newBuffer->Address = bufferAddress; + newBuffer->Size = requestedSize; + newBuffer->InUse = TRUE; + + if (!buffer) + queue->FirstPoolBuffer = newBuffer; + else + buffer->NextBuffer = newBuffer; + } + else + TCfree (newBuffer); + + break; + } + } + + ReleaseBufferPoolMutex (queue); + + if (bufferAddress || !requestedSizePresentInPool || queue->StartPending) + break; + + KeWaitForSingleObject (&queue->PoolBufferFreeEvent, Executive, KernelMode, FALSE, NULL); + } + + return bufferAddress; +} + + +static void ReleasePoolBuffer (EncryptedIoQueue *queue, void *address) +{ + EncryptedIoQueueBuffer *buffer; + AcquireBufferPoolMutex (queue); + + for (buffer = queue->FirstPoolBuffer; buffer != NULL; buffer = buffer->NextBuffer) + { + if (buffer->Address == address) + { + ASSERT (buffer->InUse); + + buffer->InUse = FALSE; + break; + } + } + + ReleaseBufferPoolMutex (queue); + KeSetEvent (&queue->PoolBufferFreeEvent, IO_DISK_INCREMENT, FALSE); +} + + +static void FreePoolBuffers (EncryptedIoQueue *queue) +{ + EncryptedIoQueueBuffer *buffer; + AcquireBufferPoolMutex (queue); + + for (buffer = queue->FirstPoolBuffer; buffer != NULL; ) + { + EncryptedIoQueueBuffer *nextBuffer = buffer->NextBuffer; + + ASSERT (!buffer->InUse || queue->StartPending); + + TCfree (buffer->Address); + TCfree (buffer); + + buffer = nextBuffer; + } + + queue->FirstPoolBuffer = NULL; + ReleaseBufferPoolMutex (queue); +} + + +static void DecrementOutstandingIoCount (EncryptedIoQueue *queue) +{ + if (InterlockedDecrement (&queue->OutstandingIoCount) == 0 && (queue->SuspendPending || queue->StopPending)) + KeSetEvent (&queue->NoOutstandingIoEvent, IO_DISK_INCREMENT, FALSE); +} + + +static void OnItemCompleted (EncryptedIoQueueItem *item, BOOL freeItem) +{ + DecrementOutstandingIoCount (item->Queue); + IoReleaseRemoveLock (&item->Queue->RemoveLock, item->OriginalIrp); + + if (NT_SUCCESS (item->Status)) + { + if (item->Write) + item->Queue->TotalBytesWritten += item->OriginalLength; + else + item->Queue->TotalBytesRead += item->OriginalLength; + } + + if (freeItem) + ReleasePoolBuffer (item->Queue, item); +} + + +static NTSTATUS CompleteOriginalIrp (EncryptedIoQueueItem *item, NTSTATUS status, ULONG_PTR information) +{ +#ifdef TC_TRACE_IO_QUEUE + Dump ("< %I64d [%I64d] %c status=%x info=%I64d\n", item->OriginalIrpOffset, GetElapsedTime (&item->Queue->LastPerformanceCounter), item->Write ? 'W' : 'R', status, (int64) information); +#endif + + TCCompleteDiskIrp (item->OriginalIrp, status, information); + + item->Status = status; + OnItemCompleted (item, TRUE); + + return status; +} + + +static void AcquireFragmentBuffer (EncryptedIoQueue *queue, byte *buffer) +{ + NTSTATUS status = STATUS_INVALID_PARAMETER; + + if (buffer == queue->FragmentBufferA) + { + status = KeWaitForSingleObject (&queue->FragmentBufferAFreeEvent, Executive, KernelMode, FALSE, NULL); + } + else if (buffer == queue->FragmentBufferB) + { + status = KeWaitForSingleObject (&queue->FragmentBufferBFreeEvent, Executive, KernelMode, FALSE, NULL); + } + + if (!NT_SUCCESS (status)) + TC_BUG_CHECK (status); +} + + +static void ReleaseFragmentBuffer (EncryptedIoQueue *queue, byte *buffer) +{ + if (buffer == queue->FragmentBufferA) + { + KeSetEvent (&queue->FragmentBufferAFreeEvent, IO_DISK_INCREMENT, FALSE); + } + else if (buffer == queue->FragmentBufferB) + { + KeSetEvent (&queue->FragmentBufferBFreeEvent, IO_DISK_INCREMENT, FALSE); + } + else + { + TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + } +} + + +static VOID CompletionThreadProc (PVOID threadArg) +{ + EncryptedIoQueue *queue = (EncryptedIoQueue *) threadArg; + PLIST_ENTRY listEntry; + EncryptedIoRequest *request; + UINT64_STRUCT dataUnit; + + if (IsEncryptionThreadPoolRunning()) + KeSetPriorityThread (KeGetCurrentThread(), LOW_REALTIME_PRIORITY); + + while (!queue->ThreadExitRequested) + { + if (!NT_SUCCESS (KeWaitForSingleObject (&queue->CompletionThreadQueueNotEmptyEvent, Executive, KernelMode, FALSE, NULL))) + continue; + + if (queue->ThreadExitRequested) + break; + + while ((listEntry = ExInterlockedRemoveHeadList (&queue->CompletionThreadQueue, &queue->CompletionThreadQueueLock))) + { + request = CONTAINING_RECORD (listEntry, EncryptedIoRequest, CompletionListEntry); + + if (request->EncryptedLength > 0 && NT_SUCCESS (request->Item->Status)) + { + ASSERT (request->EncryptedOffset + request->EncryptedLength <= request->Offset.QuadPart + request->Length); + dataUnit.Value = (request->Offset.QuadPart + request->EncryptedOffset) / ENCRYPTION_DATA_UNIT_SIZE; + + if (queue->CryptoInfo->bPartitionInInactiveSysEncScope) + dataUnit.Value += queue->CryptoInfo->FirstDataUnitNo.Value; + else if (queue->RemapEncryptedArea) + dataUnit.Value += queue->RemappedAreaDataUnitOffset; + + DecryptDataUnits (request->Data + request->EncryptedOffset, &dataUnit, request->EncryptedLength / ENCRYPTION_DATA_UNIT_SIZE, queue->CryptoInfo); + } + + if (request->CompleteOriginalIrp) + { + CompleteOriginalIrp (request->Item, request->Item->Status, + NT_SUCCESS (request->Item->Status) ? request->Item->OriginalLength : 0); + } + + ReleasePoolBuffer (queue, request); + } + } + + PsTerminateSystemThread (STATUS_SUCCESS); +} + + +static NTSTATUS TCCachedRead (EncryptedIoQueue *queue, IO_STATUS_BLOCK *ioStatus, PVOID buffer, LARGE_INTEGER offset, ULONG length) +{ + queue->LastReadOffset = offset; + queue->LastReadLength = length; + + if (queue->ReadAheadBufferValid && queue->ReadAheadOffset.QuadPart == offset.QuadPart && queue->ReadAheadLength >= length) + { + memcpy (buffer, queue->ReadAheadBuffer, length); + + if (!queue->IsFilterDevice) + { + ioStatus->Information = length; + ioStatus->Status = STATUS_SUCCESS; + } + + return STATUS_SUCCESS; + } + + if (queue->IsFilterDevice) + return TCReadDevice (queue->LowerDeviceObject, buffer, offset, length); + + return ZwReadFile (queue->HostFileHandle, NULL, NULL, NULL, ioStatus, buffer, length, &offset, NULL); +} + + +static VOID IoThreadProc (PVOID threadArg) +{ + EncryptedIoQueue *queue = (EncryptedIoQueue *) threadArg; + PLIST_ENTRY listEntry; + EncryptedIoRequest *request; + + KeSetPriorityThread (KeGetCurrentThread(), LOW_REALTIME_PRIORITY); + + if (!queue->IsFilterDevice && queue->SecurityClientContext) + { +#ifdef DEBUG + NTSTATUS status = +#endif + SeImpersonateClientEx (queue->SecurityClientContext, NULL); + ASSERT (NT_SUCCESS (status)); + } + + while (!queue->ThreadExitRequested) + { + if (!NT_SUCCESS (KeWaitForSingleObject (&queue->IoThreadQueueNotEmptyEvent, Executive, KernelMode, FALSE, NULL))) + continue; + + if (queue->ThreadExitRequested) + break; + + while ((listEntry = ExInterlockedRemoveHeadList (&queue->IoThreadQueue, &queue->IoThreadQueueLock))) + { + InterlockedDecrement (&queue->IoThreadPendingRequestCount); + request = CONTAINING_RECORD (listEntry, EncryptedIoRequest, ListEntry); + +#ifdef TC_TRACE_IO_QUEUE + Dump ("%c %I64d [%I64d] roff=%I64d rlen=%d\n", request->Item->Write ? 'W' : 'R', request->Item->OriginalIrpOffset.QuadPart, GetElapsedTime (&queue->LastPerformanceCounter), request->Offset.QuadPart, request->Length); +#endif + + // Perform IO request if no preceding request of the item failed + if (NT_SUCCESS (request->Item->Status)) + { + if (queue->IsFilterDevice) + { + if (queue->RemapEncryptedArea && request->EncryptedLength > 0) + { + if (request->EncryptedLength != request->Length) + { + // Up to three subfragments may be required to handle a partially remapped fragment + int subFragment; + byte *subFragmentData = request->Data; + + for (subFragment = 0 ; subFragment < 3; ++subFragment) + { + LARGE_INTEGER subFragmentOffset; + ULONG subFragmentLength; + subFragmentOffset.QuadPart = request->Offset.QuadPart; + + switch (subFragment) + { + case 0: + subFragmentLength = (ULONG) request->EncryptedOffset; + break; + + case 1: + subFragmentOffset.QuadPart += request->EncryptedOffset + queue->RemappedAreaOffset; + subFragmentLength = request->EncryptedLength; + break; + + case 2: + subFragmentOffset.QuadPart += request->EncryptedOffset + request->EncryptedLength; + subFragmentLength = (ULONG) (request->Length - (request->EncryptedOffset + request->EncryptedLength)); + break; + } + + if (subFragmentLength > 0) + { + if (request->Item->Write) + request->Item->Status = TCWriteDevice (queue->LowerDeviceObject, subFragmentData, subFragmentOffset, subFragmentLength); + else + request->Item->Status = TCCachedRead (queue, NULL, subFragmentData, subFragmentOffset, subFragmentLength); + + subFragmentData += subFragmentLength; + } + } + } + else + { + // Remap the fragment + LARGE_INTEGER remappedOffset; + remappedOffset.QuadPart = request->Offset.QuadPart + queue->RemappedAreaOffset; + + if (request->Item->Write) + request->Item->Status = TCWriteDevice (queue->LowerDeviceObject, request->Data, remappedOffset, request->Length); + else + request->Item->Status = TCCachedRead (queue, NULL, request->Data, remappedOffset, request->Length); + } + } + else + { + if (request->Item->Write) + request->Item->Status = TCWriteDevice (queue->LowerDeviceObject, request->Data, request->Offset, request->Length); + else + request->Item->Status = TCCachedRead (queue, NULL, request->Data, request->Offset, request->Length); + } + } + else + { + IO_STATUS_BLOCK ioStatus; + + if (request->Item->Write) + request->Item->Status = ZwWriteFile (queue->HostFileHandle, NULL, NULL, NULL, &ioStatus, request->Data, request->Length, &request->Offset, NULL); + else + request->Item->Status = TCCachedRead (queue, &ioStatus, request->Data, request->Offset, request->Length); + + if (NT_SUCCESS (request->Item->Status) && ioStatus.Information != request->Length) + request->Item->Status = STATUS_END_OF_FILE; + } + } + + if (request->Item->Write) + { + queue->ReadAheadBufferValid = FALSE; + + ReleaseFragmentBuffer (queue, request->Data); + + if (request->CompleteOriginalIrp) + { + CompleteOriginalIrp (request->Item, request->Item->Status, + NT_SUCCESS (request->Item->Status) ? request->Item->OriginalLength : 0); + } + + ReleasePoolBuffer (queue, request); + } + else + { + BOOL readAhead = FALSE; + + if (NT_SUCCESS (request->Item->Status)) + memcpy (request->OrigDataBufferFragment, request->Data, request->Length); + + ReleaseFragmentBuffer (queue, request->Data); + request->Data = request->OrigDataBufferFragment; + + if (request->CompleteOriginalIrp + && queue->LastReadLength > 0 + && NT_SUCCESS (request->Item->Status) + && InterlockedExchangeAdd (&queue->IoThreadPendingRequestCount, 0) == 0) + { + readAhead = TRUE; + InterlockedIncrement (&queue->OutstandingIoCount); + } + + ExInterlockedInsertTailList (&queue->CompletionThreadQueue, &request->CompletionListEntry, &queue->CompletionThreadQueueLock); + KeSetEvent (&queue->CompletionThreadQueueNotEmptyEvent, IO_DISK_INCREMENT, FALSE); + + if (readAhead) + { + queue->ReadAheadBufferValid = FALSE; + queue->ReadAheadOffset.QuadPart = queue->LastReadOffset.QuadPart + queue->LastReadLength; + queue->ReadAheadLength = queue->LastReadLength; + + if (queue->ReadAheadOffset.QuadPart + queue->ReadAheadLength <= queue->MaxReadAheadOffset.QuadPart) + { +#ifdef TC_TRACE_IO_QUEUE + Dump ("A %I64d [%I64d] roff=%I64d rlen=%d\n", request->Item->OriginalIrpOffset.QuadPart, GetElapsedTime (&queue->LastPerformanceCounter), queue->ReadAheadOffset, queue->ReadAheadLength); +#endif + if (queue->IsFilterDevice) + { + queue->ReadAheadBufferValid = NT_SUCCESS (TCReadDevice (queue->LowerDeviceObject, queue->ReadAheadBuffer, queue->ReadAheadOffset, queue->ReadAheadLength)); + } + else + { + IO_STATUS_BLOCK ioStatus; + queue->ReadAheadBufferValid = NT_SUCCESS (ZwReadFile (queue->HostFileHandle, NULL, NULL, NULL, &ioStatus, queue->ReadAheadBuffer, queue->ReadAheadLength, &queue->ReadAheadOffset, NULL)); + queue->ReadAheadLength = (ULONG) ioStatus.Information; + } + } + + DecrementOutstandingIoCount (queue); + } + } + } + } + + PsTerminateSystemThread (STATUS_SUCCESS); +} + + +static VOID MainThreadProc (PVOID threadArg) +{ + EncryptedIoQueue *queue = (EncryptedIoQueue *) threadArg; + PLIST_ENTRY listEntry; + EncryptedIoQueueItem *item; + + LARGE_INTEGER fragmentOffset; + ULONG dataRemaining; + PUCHAR activeFragmentBuffer = queue->FragmentBufferA; + PUCHAR dataBuffer; + EncryptedIoRequest *request; + uint64 intersectStart; + uint32 intersectLength; + ULONGLONG addResult; + HRESULT hResult; + + if (IsEncryptionThreadPoolRunning()) + KeSetPriorityThread (KeGetCurrentThread(), LOW_REALTIME_PRIORITY); + + while (!queue->ThreadExitRequested) + { + if (!NT_SUCCESS (KeWaitForSingleObject (&queue->MainThreadQueueNotEmptyEvent, Executive, KernelMode, FALSE, NULL))) + continue; + + while ((listEntry = ExInterlockedRemoveHeadList (&queue->MainThreadQueue, &queue->MainThreadQueueLock))) + { + PIRP irp = CONTAINING_RECORD (listEntry, IRP, Tail.Overlay.ListEntry); + PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (irp); + + if (queue->Suspended) + KeWaitForSingleObject (&queue->QueueResumedEvent, Executive, KernelMode, FALSE, NULL); + + item = GetPoolBuffer (queue, sizeof (EncryptedIoQueueItem)); + if (!item) + { + TCCompleteDiskIrp (irp, STATUS_INSUFFICIENT_RESOURCES, 0); + DecrementOutstandingIoCount (queue); + IoReleaseRemoveLock (&queue->RemoveLock, irp); + + continue; + } + + item->Queue = queue; + item->OriginalIrp = irp; + item->Status = STATUS_SUCCESS; + + IoSetCancelRoutine (irp, NULL); + if (irp->Cancel) + { + CompleteOriginalIrp (item, STATUS_CANCELLED, 0); + continue; + } + + switch (irpSp->MajorFunction) + { + case IRP_MJ_READ: + item->Write = FALSE; + item->OriginalOffset = irpSp->Parameters.Read.ByteOffset; + item->OriginalLength = irpSp->Parameters.Read.Length; + break; + + case IRP_MJ_WRITE: + item->Write = TRUE; + item->OriginalOffset = irpSp->Parameters.Write.ByteOffset; + item->OriginalLength = irpSp->Parameters.Write.Length; + break; + + default: + CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0); + continue; + } + +#ifdef TC_TRACE_IO_QUEUE + item->OriginalIrpOffset = item->OriginalOffset; +#endif + + // Handle misaligned read operations to work around a bug in Windows System Assessment Tool which does not follow FILE_FLAG_NO_BUFFERING requirements when benchmarking disk devices + if (queue->IsFilterDevice + && !item->Write + && item->OriginalLength > 0 + && (item->OriginalLength & (ENCRYPTION_DATA_UNIT_SIZE - 1)) == 0 + && (item->OriginalOffset.QuadPart & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) + { + byte *buffer; + ULONG alignedLength; + LARGE_INTEGER alignedOffset; + hResult = ULongAdd(item->OriginalLength, ENCRYPTION_DATA_UNIT_SIZE, &alignedLength); + if (hResult != S_OK) + { + CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0); + continue; + } + + alignedOffset.QuadPart = item->OriginalOffset.QuadPart & ~((LONGLONG) ENCRYPTION_DATA_UNIT_SIZE - 1); + + buffer = TCalloc (alignedLength); + if (!buffer) + { + CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0); + continue; + } + + item->Status = TCReadDevice (queue->LowerDeviceObject, buffer, alignedOffset, alignedLength); + + if (NT_SUCCESS (item->Status)) + { + UINT64_STRUCT dataUnit; + + dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, HighPagePriority); + if (!dataBuffer) + { + TCfree (buffer); + CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0); + continue; + } + + if (queue->EncryptedAreaStart != -1 && queue->EncryptedAreaEnd != -1) + { + GetIntersection (alignedOffset.QuadPart, alignedLength, queue->EncryptedAreaStart, queue->EncryptedAreaEnd, &intersectStart, &intersectLength); + if (intersectLength > 0) + { + dataUnit.Value = intersectStart / ENCRYPTION_DATA_UNIT_SIZE; + DecryptDataUnits (buffer + (intersectStart - alignedOffset.QuadPart), &dataUnit, intersectLength / ENCRYPTION_DATA_UNIT_SIZE, queue->CryptoInfo); + } + } + + memcpy (dataBuffer, buffer + (item->OriginalOffset.LowPart & (ENCRYPTION_DATA_UNIT_SIZE - 1)), item->OriginalLength); + } + + TCfree (buffer); + CompleteOriginalIrp (item, item->Status, NT_SUCCESS (item->Status) ? item->OriginalLength : 0); + continue; + } + + // Validate offset and length + if (item->OriginalLength == 0 + || (item->OriginalLength & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0 + || (item->OriginalOffset.QuadPart & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0 + || ( !queue->IsFilterDevice && + ( (S_OK != ULongLongAdd(item->OriginalOffset.QuadPart, item->OriginalLength, &addResult)) + || (addResult > (ULONGLONG) queue->VirtualDeviceLength) + ) + ) + ) + { + CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0); + continue; + } + +#ifdef TC_TRACE_IO_QUEUE + Dump ("Q %I64d [%I64d] %c len=%d\n", item->OriginalOffset.QuadPart, GetElapsedTime (&queue->LastPerformanceCounter), item->Write ? 'W' : 'R', item->OriginalLength); +#endif + + if (!queue->IsFilterDevice) + { + // Adjust the offset for host file or device + if (queue->CryptoInfo->hiddenVolume) + hResult = ULongLongAdd(item->OriginalOffset.QuadPart, queue->CryptoInfo->hiddenVolumeOffset, &addResult); + else + hResult = ULongLongAdd(item->OriginalOffset.QuadPart, queue->CryptoInfo->volDataAreaOffset, &addResult); + + if (hResult != S_OK) + { + CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0); + continue; + } + else + item->OriginalOffset.QuadPart = addResult; + + // Hidden volume protection + if (item->Write && queue->CryptoInfo->bProtectHiddenVolume) + { + // If there has already been a write operation denied in order to protect the + // hidden volume (since the volume mount time) + if (queue->CryptoInfo->bHiddenVolProtectionAction) + { + // Do not allow writing to this volume anymore. This is to fake a complete volume + // or system failure (otherwise certain kinds of inconsistency within the file + // system could indicate that this volume has used hidden volume protection). + CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0); + continue; + } + + // Verify that no byte is going to be written to the hidden volume area + if (RegionsOverlap ((unsigned __int64) item->OriginalOffset.QuadPart, + (unsigned __int64) item->OriginalOffset.QuadPart + item->OriginalLength - 1, + queue->CryptoInfo->hiddenVolumeOffset, + (unsigned __int64) queue->CryptoInfo->hiddenVolumeOffset + queue->CryptoInfo->hiddenVolumeProtectedSize - 1)) + { + Dump ("Hidden volume protection triggered: write %I64d-%I64d (protected %I64d-%I64d)\n", item->OriginalOffset.QuadPart, item->OriginalOffset.QuadPart + item->OriginalLength - 1, queue->CryptoInfo->hiddenVolumeOffset, queue->CryptoInfo->hiddenVolumeOffset + queue->CryptoInfo->hiddenVolumeProtectedSize - 1); + queue->CryptoInfo->bHiddenVolProtectionAction = TRUE; + + // Deny this write operation to prevent the hidden volume from being overwritten + CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0); + continue; + } + } + } + else if (item->Write + && RegionsOverlap (item->OriginalOffset.QuadPart, item->OriginalOffset.QuadPart + item->OriginalLength - 1, TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET, TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET + TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE - 1)) + { + // Prevent inappropriately designed software from damaging important data that may be out of sync with the backup on the Rescue Disk (such as the end of the encrypted area). + Dump ("Preventing write to the system encryption key data area\n"); + CompleteOriginalIrp (item, STATUS_MEDIA_WRITE_PROTECTED, 0); + continue; + } + else if (item->Write && IsHiddenSystemRunning() + && (RegionsOverlap (item->OriginalOffset.QuadPart, item->OriginalOffset.QuadPart + item->OriginalLength - 1, TC_SECTOR_SIZE_BIOS, TC_BOOT_LOADER_AREA_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS - 1) + || RegionsOverlap (item->OriginalOffset.QuadPart, item->OriginalOffset.QuadPart + item->OriginalLength - 1, GetBootDriveLength(), _I64_MAX))) + { + Dump ("Preventing write to boot loader or host protected area\n"); + CompleteOriginalIrp (item, STATUS_MEDIA_WRITE_PROTECTED, 0); + continue; + } + + dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, HighPagePriority); + + if (dataBuffer == NULL) + { + CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0); + continue; + } + + // Divide data block to fragments to enable efficient overlapping of encryption and IO operations + + dataRemaining = item->OriginalLength; + fragmentOffset = item->OriginalOffset; + + while (dataRemaining > 0) + { + BOOL isLastFragment = dataRemaining <= TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE; + + ULONG dataFragmentLength = isLastFragment ? dataRemaining : TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE; + activeFragmentBuffer = (activeFragmentBuffer == queue->FragmentBufferA ? queue->FragmentBufferB : queue->FragmentBufferA); + + InterlockedIncrement (&queue->IoThreadPendingRequestCount); + + // Create IO request + request = GetPoolBuffer (queue, sizeof (EncryptedIoRequest)); + if (!request) + { + CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0); + break; + } + request->Item = item; + request->CompleteOriginalIrp = isLastFragment; + request->Offset = fragmentOffset; + request->Data = activeFragmentBuffer; + request->OrigDataBufferFragment = dataBuffer; + request->Length = dataFragmentLength; + + if (queue->IsFilterDevice) + { + if (queue->EncryptedAreaStart == -1 || queue->EncryptedAreaEnd == -1) + { + request->EncryptedLength = 0; + } + else + { + // Get intersection of data fragment with encrypted area + GetIntersection (fragmentOffset.QuadPart, dataFragmentLength, queue->EncryptedAreaStart, queue->EncryptedAreaEnd, &intersectStart, &intersectLength); + + request->EncryptedOffset = intersectStart - fragmentOffset.QuadPart; + request->EncryptedLength = intersectLength; + } + } + else + { + request->EncryptedOffset = 0; + request->EncryptedLength = dataFragmentLength; + } + + AcquireFragmentBuffer (queue, activeFragmentBuffer); + + if (item->Write) + { + // Encrypt data + memcpy (activeFragmentBuffer, dataBuffer, dataFragmentLength); + + if (request->EncryptedLength > 0) + { + UINT64_STRUCT dataUnit; + ASSERT (request->EncryptedOffset + request->EncryptedLength <= request->Offset.QuadPart + request->Length); + + dataUnit.Value = (request->Offset.QuadPart + request->EncryptedOffset) / ENCRYPTION_DATA_UNIT_SIZE; + + if (queue->CryptoInfo->bPartitionInInactiveSysEncScope) + dataUnit.Value += queue->CryptoInfo->FirstDataUnitNo.Value; + else if (queue->RemapEncryptedArea) + dataUnit.Value += queue->RemappedAreaDataUnitOffset; + + EncryptDataUnits (activeFragmentBuffer + request->EncryptedOffset, &dataUnit, request->EncryptedLength / ENCRYPTION_DATA_UNIT_SIZE, queue->CryptoInfo); + } + } + + // Queue IO request + ExInterlockedInsertTailList (&queue->IoThreadQueue, &request->ListEntry, &queue->IoThreadQueueLock); + KeSetEvent (&queue->IoThreadQueueNotEmptyEvent, IO_DISK_INCREMENT, FALSE); + + if (isLastFragment) + break; + + dataRemaining -= TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE; + dataBuffer += TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE; + fragmentOffset.QuadPart += TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE; + } + } + } + + PsTerminateSystemThread (STATUS_SUCCESS); +} + + +NTSTATUS EncryptedIoQueueAddIrp (EncryptedIoQueue *queue, PIRP irp) +{ + NTSTATUS status; + + InterlockedIncrement (&queue->OutstandingIoCount); + if (queue->StopPending) + { + Dump ("STATUS_DEVICE_NOT_READY out=%d\n", queue->OutstandingIoCount); + status = STATUS_DEVICE_NOT_READY; + goto err; + } + + status = IoAcquireRemoveLock (&queue->RemoveLock, irp); + if (!NT_SUCCESS (status)) + goto err; + +#ifdef TC_TRACE_IO_QUEUE + { + PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (irp); + Dump ("* %I64d [%I64d] %c len=%d out=%d\n", irpSp->MajorFunction == IRP_MJ_WRITE ? irpSp->Parameters.Write.ByteOffset : irpSp->Parameters.Read.ByteOffset, GetElapsedTime (&queue->LastPerformanceCounter), irpSp->MajorFunction == IRP_MJ_WRITE ? 'W' : 'R', irpSp->MajorFunction == IRP_MJ_WRITE ? irpSp->Parameters.Write.Length : irpSp->Parameters.Read.Length, queue->OutstandingIoCount); + } +#endif + + IoMarkIrpPending (irp); + + ExInterlockedInsertTailList (&queue->MainThreadQueue, &irp->Tail.Overlay.ListEntry, &queue->MainThreadQueueLock); + KeSetEvent (&queue->MainThreadQueueNotEmptyEvent, IO_DISK_INCREMENT, FALSE); + + return STATUS_PENDING; + +err: + DecrementOutstandingIoCount (queue); + return status; +} + + +NTSTATUS EncryptedIoQueueHoldWhenIdle (EncryptedIoQueue *queue, int64 timeout) +{ + NTSTATUS status; + ASSERT (!queue->Suspended); + + queue->SuspendPending = TRUE; + + while (TRUE) + { + while (InterlockedExchangeAdd (&queue->OutstandingIoCount, 0) > 0) + { + LARGE_INTEGER waitTimeout; + + waitTimeout.QuadPart = timeout * -10000; + status = KeWaitForSingleObject (&queue->NoOutstandingIoEvent, Executive, KernelMode, FALSE, timeout != 0 ? &waitTimeout : NULL); + + if (status == STATUS_TIMEOUT) + status = STATUS_UNSUCCESSFUL; + + if (!NT_SUCCESS (status)) + { + queue->SuspendPending = FALSE; + return status; + } + + TCSleep (1); + if (InterlockedExchangeAdd (&queue->OutstandingIoCount, 0) > 0) + { + queue->SuspendPending = FALSE; + return STATUS_UNSUCCESSFUL; + } + } + + KeClearEvent (&queue->QueueResumedEvent); + queue->Suspended = TRUE; + + if (InterlockedExchangeAdd (&queue->OutstandingIoCount, 0) == 0) + break; + + queue->Suspended = FALSE; + KeSetEvent (&queue->QueueResumedEvent, IO_DISK_INCREMENT, FALSE); + } + + queue->ReadAheadBufferValid = FALSE; + + queue->SuspendPending = FALSE; + return STATUS_SUCCESS; +} + + +BOOL EncryptedIoQueueIsSuspended (EncryptedIoQueue *queue) +{ + return queue->Suspended; +} + + +BOOL EncryptedIoQueueIsRunning (EncryptedIoQueue *queue) +{ + return !queue->StopPending; +} + + +NTSTATUS EncryptedIoQueueResumeFromHold (EncryptedIoQueue *queue) +{ + ASSERT (queue->Suspended); + + queue->Suspended = FALSE; + KeSetEvent (&queue->QueueResumedEvent, IO_DISK_INCREMENT, FALSE); + + return STATUS_SUCCESS; +} + + +NTSTATUS EncryptedIoQueueStart (EncryptedIoQueue *queue) +{ + NTSTATUS status; + EncryptedIoQueueBuffer *buffer; + int i; + + queue->StartPending = TRUE; + queue->ThreadExitRequested = FALSE; + + queue->OutstandingIoCount = 0; + queue->IoThreadPendingRequestCount = 0; + + queue->FirstPoolBuffer = NULL; + KeInitializeMutex (&queue->BufferPoolMutex, 0); + + KeInitializeEvent (&queue->NoOutstandingIoEvent, SynchronizationEvent, FALSE); + KeInitializeEvent (&queue->PoolBufferFreeEvent, SynchronizationEvent, FALSE); + KeInitializeEvent (&queue->QueueResumedEvent, SynchronizationEvent, FALSE); + + queue->FragmentBufferA = TCalloc (TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE); + if (!queue->FragmentBufferA) + goto noMemory; + + queue->FragmentBufferB = TCalloc (TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE); + if (!queue->FragmentBufferB) + goto noMemory; + + KeInitializeEvent (&queue->FragmentBufferAFreeEvent, SynchronizationEvent, TRUE); + KeInitializeEvent (&queue->FragmentBufferBFreeEvent, SynchronizationEvent, TRUE); + + queue->ReadAheadBufferValid = FALSE; + queue->ReadAheadBuffer = TCalloc (TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE); + if (!queue->ReadAheadBuffer) + goto noMemory; + + // Preallocate buffers + for (i = 0; i < TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT; ++i) + { + if (i < TC_ENC_IO_QUEUE_PREALLOCATED_ITEM_COUNT && !GetPoolBuffer (queue, sizeof (EncryptedIoQueueItem))) + goto noMemory; + + if (!GetPoolBuffer (queue, sizeof (EncryptedIoRequest))) + goto noMemory; + } + + for (buffer = queue->FirstPoolBuffer; buffer != NULL; buffer = buffer->NextBuffer) + { + buffer->InUse = FALSE; + } + + // Main thread + InitializeListHead (&queue->MainThreadQueue); + KeInitializeSpinLock (&queue->MainThreadQueueLock); + KeInitializeEvent (&queue->MainThreadQueueNotEmptyEvent, SynchronizationEvent, FALSE); + + status = TCStartThread (MainThreadProc, queue, &queue->MainThread); + if (!NT_SUCCESS (status)) + goto err; + + // IO thread + InitializeListHead (&queue->IoThreadQueue); + KeInitializeSpinLock (&queue->IoThreadQueueLock); + KeInitializeEvent (&queue->IoThreadQueueNotEmptyEvent, SynchronizationEvent, FALSE); + + status = TCStartThread (IoThreadProc, queue, &queue->IoThread); + if (!NT_SUCCESS (status)) + { + queue->ThreadExitRequested = TRUE; + TCStopThread (queue->MainThread, &queue->MainThreadQueueNotEmptyEvent); + goto err; + } + + // Completion thread + InitializeListHead (&queue->CompletionThreadQueue); + KeInitializeSpinLock (&queue->CompletionThreadQueueLock); + KeInitializeEvent (&queue->CompletionThreadQueueNotEmptyEvent, SynchronizationEvent, FALSE); + + status = TCStartThread (CompletionThreadProc, queue, &queue->CompletionThread); + if (!NT_SUCCESS (status)) + { + queue->ThreadExitRequested = TRUE; + TCStopThread (queue->MainThread, &queue->MainThreadQueueNotEmptyEvent); + TCStopThread (queue->IoThread, &queue->IoThreadQueueNotEmptyEvent); + goto err; + } + +#ifdef TC_TRACE_IO_QUEUE + GetElapsedTimeInit (&queue->LastPerformanceCounter); +#endif + + queue->StopPending = FALSE; + queue->StartPending = FALSE; + + Dump ("Queue started\n"); + return STATUS_SUCCESS; + +noMemory: + status = STATUS_INSUFFICIENT_RESOURCES; + +err: + if (queue->FragmentBufferA) + TCfree (queue->FragmentBufferA); + if (queue->FragmentBufferB) + TCfree (queue->FragmentBufferB); + if (queue->ReadAheadBuffer) + TCfree (queue->ReadAheadBuffer); + + FreePoolBuffers (queue); + + queue->StartPending = FALSE; + return status; +} + + +NTSTATUS EncryptedIoQueueStop (EncryptedIoQueue *queue) +{ + ASSERT (!queue->StopPending); + queue->StopPending = TRUE; + + while (InterlockedExchangeAdd (&queue->OutstandingIoCount, 0) > 0) + { + KeWaitForSingleObject (&queue->NoOutstandingIoEvent, Executive, KernelMode, FALSE, NULL); + } + + Dump ("Queue stopping out=%d\n", queue->OutstandingIoCount); + + queue->ThreadExitRequested = TRUE; + + TCStopThread (queue->MainThread, &queue->MainThreadQueueNotEmptyEvent); + TCStopThread (queue->IoThread, &queue->IoThreadQueueNotEmptyEvent); + TCStopThread (queue->CompletionThread, &queue->CompletionThreadQueueNotEmptyEvent); + + TCfree (queue->FragmentBufferA); + TCfree (queue->FragmentBufferB); + TCfree (queue->ReadAheadBuffer); + + FreePoolBuffers (queue); + + Dump ("Queue stopped out=%d\n", queue->OutstandingIoCount); + return STATUS_SUCCESS; +} diff --git a/src/Driver/EncryptedIoQueue.h b/src/Driver/EncryptedIoQueue.h index de9fce07..044009b7 100644 --- a/src/Driver/EncryptedIoQueue.h +++ b/src/Driver/EncryptedIoQueue.h @@ -1,165 +1,165 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_DRIVER_ENCRYPTED_IO_QUEUE -#define TC_HEADER_DRIVER_ENCRYPTED_IO_QUEUE - -#include "TCdefs.h" -#include "Apidrvr.h" - -#if 0 -# define TC_TRACE_IO_QUEUE -#endif - -#define TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE (256 * 1024) - -#define TC_ENC_IO_QUEUE_PREALLOCATED_ITEM_COUNT 8 -#define TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT 16 - - -typedef struct EncryptedIoQueueBufferStruct -{ - struct EncryptedIoQueueBufferStruct *NextBuffer; - - void *Address; - ULONG Size; - BOOL InUse; - -} EncryptedIoQueueBuffer; - - -typedef struct -{ - PDEVICE_OBJECT DeviceObject; - - KMUTEX BufferPoolMutex; - EncryptedIoQueueBuffer *FirstPoolBuffer; - - CRYPTO_INFO *CryptoInfo; - - // File-handle-based IO - HANDLE HostFileHandle; - int64 VirtualDeviceLength; - SECURITY_CLIENT_CONTEXT *SecurityClientContext; - - // Filter device - BOOL IsFilterDevice; - PDEVICE_OBJECT LowerDeviceObject; - int64 EncryptedAreaStart; - volatile int64 EncryptedAreaEnd; - volatile BOOL EncryptedAreaEndUpdatePending; - BOOL RemapEncryptedArea; - int64 RemappedAreaOffset; - int64 RemappedAreaDataUnitOffset; - IO_REMOVE_LOCK RemoveLock; - - // Main tread - PKTHREAD MainThread; - LIST_ENTRY MainThreadQueue; - KSPIN_LOCK MainThreadQueueLock; - KEVENT MainThreadQueueNotEmptyEvent; - - // IO thread - PKTHREAD IoThread; - LIST_ENTRY IoThreadQueue; - KSPIN_LOCK IoThreadQueueLock; - KEVENT IoThreadQueueNotEmptyEvent; - - // Completion thread - PKTHREAD CompletionThread; - LIST_ENTRY CompletionThreadQueue; - KSPIN_LOCK CompletionThreadQueueLock; - KEVENT CompletionThreadQueueNotEmptyEvent; - - // Fragment buffers - byte *FragmentBufferA; - byte *FragmentBufferB; - KEVENT FragmentBufferAFreeEvent; - KEVENT FragmentBufferBFreeEvent; - - // Read-ahead buffer - BOOL ReadAheadBufferValid; - LARGE_INTEGER LastReadOffset; - ULONG LastReadLength; - LARGE_INTEGER ReadAheadOffset; - ULONG ReadAheadLength; - byte *ReadAheadBuffer; - LARGE_INTEGER MaxReadAheadOffset; - - LONG OutstandingIoCount; - KEVENT NoOutstandingIoEvent; - LONG IoThreadPendingRequestCount; - - KEVENT PoolBufferFreeEvent; - - __int64 TotalBytesRead; - __int64 TotalBytesWritten; - - volatile BOOL StartPending; - volatile BOOL ThreadExitRequested; - - volatile BOOL Suspended; - volatile BOOL SuspendPending; - volatile BOOL StopPending; - - KEVENT QueueResumedEvent; - -#ifdef TC_TRACE_IO_QUEUE - LARGE_INTEGER LastPerformanceCounter; -#endif - -} EncryptedIoQueue; - - -typedef struct -{ - EncryptedIoQueue *Queue; - PIRP OriginalIrp; - BOOL Write; - ULONG OriginalLength; - LARGE_INTEGER OriginalOffset; - NTSTATUS Status; - -#ifdef TC_TRACE_IO_QUEUE - LARGE_INTEGER OriginalIrpOffset; -#endif - -} EncryptedIoQueueItem; - - -typedef struct -{ - EncryptedIoQueueItem *Item; - - BOOL CompleteOriginalIrp; - LARGE_INTEGER Offset; - ULONG Length; - int64 EncryptedOffset; - ULONG EncryptedLength; - byte *Data; - byte *OrigDataBufferFragment; - - LIST_ENTRY ListEntry; - LIST_ENTRY CompletionListEntry; -} EncryptedIoRequest; - - -NTSTATUS EncryptedIoQueueAddIrp (EncryptedIoQueue *queue, PIRP irp); -BOOL EncryptedIoQueueIsRunning (EncryptedIoQueue *queue); -BOOL EncryptedIoQueueIsSuspended (EncryptedIoQueue *queue); -NTSTATUS EncryptedIoQueueResumeFromHold (EncryptedIoQueue *queue); -NTSTATUS EncryptedIoQueueStart (EncryptedIoQueue *queue); -NTSTATUS EncryptedIoQueueStop (EncryptedIoQueue *queue); -NTSTATUS EncryptedIoQueueHoldWhenIdle (EncryptedIoQueue *queue, int64 timeout); - - -#endif // TC_HEADER_DRIVER_ENCRYPTED_IO_QUEUE +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_DRIVER_ENCRYPTED_IO_QUEUE +#define TC_HEADER_DRIVER_ENCRYPTED_IO_QUEUE + +#include "TCdefs.h" +#include "Apidrvr.h" + +#if 0 +# define TC_TRACE_IO_QUEUE +#endif + +#define TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE (256 * 1024) + +#define TC_ENC_IO_QUEUE_PREALLOCATED_ITEM_COUNT 8 +#define TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT 16 + + +typedef struct EncryptedIoQueueBufferStruct +{ + struct EncryptedIoQueueBufferStruct *NextBuffer; + + void *Address; + ULONG Size; + BOOL InUse; + +} EncryptedIoQueueBuffer; + + +typedef struct +{ + PDEVICE_OBJECT DeviceObject; + + KMUTEX BufferPoolMutex; + EncryptedIoQueueBuffer *FirstPoolBuffer; + + CRYPTO_INFO *CryptoInfo; + + // File-handle-based IO + HANDLE HostFileHandle; + int64 VirtualDeviceLength; + SECURITY_CLIENT_CONTEXT *SecurityClientContext; + + // Filter device + BOOL IsFilterDevice; + PDEVICE_OBJECT LowerDeviceObject; + int64 EncryptedAreaStart; + volatile int64 EncryptedAreaEnd; + volatile BOOL EncryptedAreaEndUpdatePending; + BOOL RemapEncryptedArea; + int64 RemappedAreaOffset; + int64 RemappedAreaDataUnitOffset; + IO_REMOVE_LOCK RemoveLock; + + // Main tread + PKTHREAD MainThread; + LIST_ENTRY MainThreadQueue; + KSPIN_LOCK MainThreadQueueLock; + KEVENT MainThreadQueueNotEmptyEvent; + + // IO thread + PKTHREAD IoThread; + LIST_ENTRY IoThreadQueue; + KSPIN_LOCK IoThreadQueueLock; + KEVENT IoThreadQueueNotEmptyEvent; + + // Completion thread + PKTHREAD CompletionThread; + LIST_ENTRY CompletionThreadQueue; + KSPIN_LOCK CompletionThreadQueueLock; + KEVENT CompletionThreadQueueNotEmptyEvent; + + // Fragment buffers + byte *FragmentBufferA; + byte *FragmentBufferB; + KEVENT FragmentBufferAFreeEvent; + KEVENT FragmentBufferBFreeEvent; + + // Read-ahead buffer + BOOL ReadAheadBufferValid; + LARGE_INTEGER LastReadOffset; + ULONG LastReadLength; + LARGE_INTEGER ReadAheadOffset; + ULONG ReadAheadLength; + byte *ReadAheadBuffer; + LARGE_INTEGER MaxReadAheadOffset; + + LONG OutstandingIoCount; + KEVENT NoOutstandingIoEvent; + LONG IoThreadPendingRequestCount; + + KEVENT PoolBufferFreeEvent; + + __int64 TotalBytesRead; + __int64 TotalBytesWritten; + + volatile BOOL StartPending; + volatile BOOL ThreadExitRequested; + + volatile BOOL Suspended; + volatile BOOL SuspendPending; + volatile BOOL StopPending; + + KEVENT QueueResumedEvent; + +#ifdef TC_TRACE_IO_QUEUE + LARGE_INTEGER LastPerformanceCounter; +#endif + +} EncryptedIoQueue; + + +typedef struct +{ + EncryptedIoQueue *Queue; + PIRP OriginalIrp; + BOOL Write; + ULONG OriginalLength; + LARGE_INTEGER OriginalOffset; + NTSTATUS Status; + +#ifdef TC_TRACE_IO_QUEUE + LARGE_INTEGER OriginalIrpOffset; +#endif + +} EncryptedIoQueueItem; + + +typedef struct +{ + EncryptedIoQueueItem *Item; + + BOOL CompleteOriginalIrp; + LARGE_INTEGER Offset; + ULONG Length; + int64 EncryptedOffset; + ULONG EncryptedLength; + byte *Data; + byte *OrigDataBufferFragment; + + LIST_ENTRY ListEntry; + LIST_ENTRY CompletionListEntry; +} EncryptedIoRequest; + + +NTSTATUS EncryptedIoQueueAddIrp (EncryptedIoQueue *queue, PIRP irp); +BOOL EncryptedIoQueueIsRunning (EncryptedIoQueue *queue); +BOOL EncryptedIoQueueIsSuspended (EncryptedIoQueue *queue); +NTSTATUS EncryptedIoQueueResumeFromHold (EncryptedIoQueue *queue); +NTSTATUS EncryptedIoQueueStart (EncryptedIoQueue *queue); +NTSTATUS EncryptedIoQueueStop (EncryptedIoQueue *queue); +NTSTATUS EncryptedIoQueueHoldWhenIdle (EncryptedIoQueue *queue, int64 timeout); + + +#endif // TC_HEADER_DRIVER_ENCRYPTED_IO_QUEUE diff --git a/src/Driver/Makefile b/src/Driver/Makefile index 53b9a3d6..5acbbd24 100644 --- a/src/Driver/Makefile +++ b/src/Driver/Makefile @@ -1 +1 @@ -!INCLUDE $(NTMAKEENV)\makefile.def +!INCLUDE $(NTMAKEENV)\makefile.def diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c index eeea7815..c771b3ce 100644 --- a/src/Driver/Ntdriver.c +++ b/src/Driver/Ntdriver.c @@ -1,3563 +1,3563 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "TCdefs.h" -#include -#include "Crypto.h" -#include "Fat.h" -#include "Tests.h" -#include "cpu.h" - -#include "Apidrvr.h" -#include "Boot/Windows/BootDefs.h" -#include "EncryptedIoQueue.h" -#include "EncryptionThreadPool.h" -#include "Ntdriver.h" -#include "Ntvol.h" -#include "DriveFilter.h" -#include "DumpFilter.h" -#include "Cache.h" -#include "Volumes.h" -#include "VolumeFilter.h" - -#include -#include -#include -#include -#include - -#include -#include - -/* Init section, which is thrown away as soon as DriverEntry returns */ -#pragma alloc_text(INIT,DriverEntry) -#pragma alloc_text(INIT,TCCreateRootDeviceObject) - -PDRIVER_OBJECT TCDriverObject; -PDEVICE_OBJECT RootDeviceObject = NULL; -static KMUTEX RootDeviceControlMutex; -BOOL DriverShuttingDown = FALSE; -BOOL SelfTestsPassed; -int LastUniqueVolumeId; -ULONG OsMajorVersion = 0; -ULONG OsMinorVersion; -BOOL DriverUnloadDisabled = FALSE; -BOOL PortableMode = FALSE; -BOOL VolumeClassFilterRegistered = FALSE; -BOOL CacheBootPassword = FALSE; -BOOL CacheBootPim = FALSE; -BOOL NonAdminSystemFavoritesAccessDisabled = FALSE; -static size_t EncryptionThreadPoolFreeCpuCountLimit = 0; -static BOOL SystemFavoriteVolumeDirty = FALSE; -static BOOL PagingFileCreationPrevented = FALSE; -static BOOL EnableExtendedIoctlSupport = FALSE; - -PDEVICE_OBJECT VirtualVolumeDeviceObjects[MAX_MOUNTED_VOLUME_DRIVE_NUMBER + 1]; - - -NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) -{ - PKEY_VALUE_PARTIAL_INFORMATION startKeyValue; - LONG version; - int i; - - Dump ("DriverEntry " TC_APP_NAME " " VERSION_STRING "\n"); - - DetectX86Features (); - - PsGetVersion (&OsMajorVersion, &OsMinorVersion, NULL, NULL); - - // Load dump filter if the main driver is already loaded - if (NT_SUCCESS (TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &version, sizeof (version)))) - return DumpFilterEntry ((PFILTER_EXTENSION) DriverObject, (PFILTER_INITIALIZATION_DATA) RegistryPath); - - TCDriverObject = DriverObject; - memset (VirtualVolumeDeviceObjects, 0, sizeof (VirtualVolumeDeviceObjects)); - - ReadRegistryConfigFlags (TRUE); - EncryptionThreadPoolStart (EncryptionThreadPoolFreeCpuCountLimit); - SelfTestsPassed = AutoTestAlgorithms(); - - // Enable device class filters and load boot arguments if the driver is set to start at system boot - - if (NT_SUCCESS (TCReadRegistryKey (RegistryPath, L"Start", &startKeyValue))) - { - if (startKeyValue->Type == REG_DWORD && *((uint32 *) startKeyValue->Data) == SERVICE_BOOT_START) - { - if (!SelfTestsPassed) - TC_BUG_CHECK (STATUS_INVALID_PARAMETER); - - LoadBootArguments(); - VolumeClassFilterRegistered = IsVolumeClassFilterRegistered(); - - DriverObject->DriverExtension->AddDevice = DriverAddDevice; - } - - TCfree (startKeyValue); - } - - for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; ++i) - { - DriverObject->MajorFunction[i] = TCDispatchQueueIRP; - } - - DriverObject->DriverUnload = TCUnloadDriver; - return TCCreateRootDeviceObject (DriverObject); -} - - -NTSTATUS DriverAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo) -{ -#ifdef DEBUG - char nameInfoBuffer[128]; - POBJECT_NAME_INFORMATION nameInfo = (POBJECT_NAME_INFORMATION) nameInfoBuffer; - ULONG nameInfoSize; - Dump ("AddDevice pdo=%p type=%x name=%ws\n", pdo, pdo->DeviceType, NT_SUCCESS (ObQueryNameString (pdo, nameInfo, sizeof (nameInfoBuffer), &nameInfoSize)) ? nameInfo->Name.Buffer : L"?"); -#endif - - if (VolumeClassFilterRegistered && BootArgsValid && BootArgs.HiddenSystemPartitionStart != 0) - { - PWSTR interfaceLinks = NULL; - if (NT_SUCCESS (IoGetDeviceInterfaces (&GUID_DEVINTERFACE_VOLUME, pdo, DEVICE_INTERFACE_INCLUDE_NONACTIVE, &interfaceLinks)) && interfaceLinks) - { - if (interfaceLinks[0] != UNICODE_NULL) - { - Dump ("Volume pdo=%p interface=%ws\n", pdo, interfaceLinks); - ExFreePool (interfaceLinks); - - return VolumeFilterAddDevice (driverObject, pdo); - } - - ExFreePool (interfaceLinks); - } - } - - return DriveFilterAddDevice (driverObject, pdo); -} - - -// Dumps a memory region to debug output -void DumpMemory (void *mem, int size) -{ - unsigned char str[20]; - unsigned char *m = mem; - int i,j; - - for (j = 0; j < size / 8; j++) - { - memset (str,0,sizeof str); - for (i = 0; i < 8; i++) - { - if (m[i] > ' ' && m[i] <= '~') - str[i]=m[i]; - else - str[i]='.'; - } - - Dump ("0x%08p %02x %02x %02x %02x %02x %02x %02x %02x %s\n", - m, m[0], m[1], m[2], m[3], m[4], m[5], m[6], m[7], str); - - m+=8; - } -} - - -BOOL ValidateIOBufferSize (PIRP irp, size_t requiredBufferSize, ValidateIOBufferSizeType type) -{ - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (irp); - BOOL input = (type == ValidateInput || type == ValidateInputOutput); - BOOL output = (type == ValidateOutput || type == ValidateInputOutput); - - if ((input && irpSp->Parameters.DeviceIoControl.InputBufferLength < requiredBufferSize) - || (output && irpSp->Parameters.DeviceIoControl.OutputBufferLength < requiredBufferSize)) - { - Dump ("STATUS_BUFFER_TOO_SMALL ioctl=0x%x,%d in=%d out=%d reqsize=%d insize=%d outsize=%d\n", (int) (irpSp->Parameters.DeviceIoControl.IoControlCode >> 16), (int) ((irpSp->Parameters.DeviceIoControl.IoControlCode & 0x1FFF) >> 2), input, output, requiredBufferSize, irpSp->Parameters.DeviceIoControl.InputBufferLength, irpSp->Parameters.DeviceIoControl.OutputBufferLength); - - irp->IoStatus.Status = STATUS_BUFFER_TOO_SMALL; - irp->IoStatus.Information = 0; - return FALSE; - } - - if (!input && output) - memset (irp->AssociatedIrp.SystemBuffer, 0, irpSp->Parameters.DeviceIoControl.OutputBufferLength); - - return TRUE; -} - - -PDEVICE_OBJECT GetVirtualVolumeDeviceObject (int driveNumber) -{ - if (driveNumber < MIN_MOUNTED_VOLUME_DRIVE_NUMBER || driveNumber > MAX_MOUNTED_VOLUME_DRIVE_NUMBER) - return NULL; - - return VirtualVolumeDeviceObjects[driveNumber]; -} - - -/* TCDispatchQueueIRP queues any IRP's so that they can be processed later - by the thread -- or in some cases handles them immediately! */ -NTSTATUS TCDispatchQueueIRP (PDEVICE_OBJECT DeviceObject, PIRP Irp) -{ - PEXTENSION Extension = (PEXTENSION) DeviceObject->DeviceExtension; - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); - NTSTATUS ntStatus; - -#ifdef _DEBUG - if (irpSp->MajorFunction == IRP_MJ_DEVICE_CONTROL && (Extension->bRootDevice || Extension->IsVolumeDevice)) - { - switch (irpSp->Parameters.DeviceIoControl.IoControlCode) - { - case TC_IOCTL_GET_MOUNTED_VOLUMES: - case TC_IOCTL_GET_PASSWORD_CACHE_STATUS: - case TC_IOCTL_GET_PORTABLE_MODE_STATUS: - case TC_IOCTL_SET_PORTABLE_MODE_STATUS: - case TC_IOCTL_OPEN_TEST: - case TC_IOCTL_GET_RESOLVED_SYMLINK: - case TC_IOCTL_GET_DEVICE_REFCOUNT: - case TC_IOCTL_GET_DRIVE_PARTITION_INFO: - case TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES: - case TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS: - case TC_IOCTL_GET_DECOY_SYSTEM_WIPE_STATUS: - case TC_IOCTL_GET_WARNING_FLAGS: - case TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING: - case IOCTL_DISK_CHECK_VERIFY: - break; - - default: - Dump ("%ls (0x%x %d)\n", - TCTranslateCode (irpSp->Parameters.DeviceIoControl.IoControlCode), - (int) (irpSp->Parameters.DeviceIoControl.IoControlCode >> 16), - (int) ((irpSp->Parameters.DeviceIoControl.IoControlCode & 0x1FFF) >> 2)); - } - } -#endif - - if (!Extension->bRootDevice) - { - // Drive filter IRP - if (Extension->IsDriveFilterDevice) - return DriveFilterDispatchIrp (DeviceObject, Irp); - - // Volume filter IRP - if (Extension->IsVolumeFilterDevice) - return VolumeFilterDispatchIrp (DeviceObject, Irp); - } - - switch (irpSp->MajorFunction) - { - case IRP_MJ_CLOSE: - case IRP_MJ_CREATE: - case IRP_MJ_CLEANUP: - return COMPLETE_IRP (DeviceObject, Irp, STATUS_SUCCESS, 0); - - case IRP_MJ_SHUTDOWN: - if (Extension->bRootDevice) - { - Dump ("Driver shutting down\n"); - DriverShuttingDown = TRUE; - - if (EncryptionSetupThread) - while (SendDeviceIoControlRequest (RootDeviceObject, TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP, NULL, 0, NULL, 0) == STATUS_INSUFFICIENT_RESOURCES); - - if (DecoySystemWipeThread) - while (SendDeviceIoControlRequest (RootDeviceObject, TC_IOCTL_ABORT_DECOY_SYSTEM_WIPE, NULL, 0, NULL, 0) == STATUS_INSUFFICIENT_RESOURCES); - - OnShutdownPending(); - } - - return COMPLETE_IRP (DeviceObject, Irp, STATUS_SUCCESS, 0); - - case IRP_MJ_FLUSH_BUFFERS: - case IRP_MJ_READ: - case IRP_MJ_WRITE: - case IRP_MJ_DEVICE_CONTROL: - - if (Extension->bRootDevice) - { - if (irpSp->MajorFunction == IRP_MJ_DEVICE_CONTROL) - { - NTSTATUS status = KeWaitForMutexObject (&RootDeviceControlMutex, Executive, KernelMode, FALSE, NULL); - if (!NT_SUCCESS (status)) - return status; - - status = ProcessMainDeviceControlIrp (DeviceObject, Extension, Irp); - - KeReleaseMutex (&RootDeviceControlMutex, FALSE); - return status; - } - break; - } - - if (Extension->bShuttingDown) - { - Dump ("Device %d shutting down: STATUS_DELETE_PENDING\n", Extension->nDosDriveNo); - return TCCompleteDiskIrp (Irp, STATUS_DELETE_PENDING, 0); - } - - if (Extension->bRemovable - && (DeviceObject->Flags & DO_VERIFY_VOLUME) - && !(irpSp->Flags & SL_OVERRIDE_VERIFY_VOLUME) - && irpSp->MajorFunction != IRP_MJ_FLUSH_BUFFERS) - { - Dump ("Removable device %d has DO_VERIFY_VOLUME flag: STATUS_DEVICE_NOT_READY\n", Extension->nDosDriveNo); - return TCCompleteDiskIrp (Irp, STATUS_DEVICE_NOT_READY, 0); - } - - switch (irpSp->MajorFunction) - { - case IRP_MJ_READ: - case IRP_MJ_WRITE: - ntStatus = EncryptedIoQueueAddIrp (&Extension->Queue, Irp); - - if (ntStatus != STATUS_PENDING) - TCCompleteDiskIrp (Irp, ntStatus, 0); - - return ntStatus; - - case IRP_MJ_DEVICE_CONTROL: - ntStatus = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); - if (!NT_SUCCESS (ntStatus)) - return TCCompleteIrp (Irp, ntStatus, 0); - - IoMarkIrpPending (Irp); - - ExInterlockedInsertTailList (&Extension->ListEntry, &Irp->Tail.Overlay.ListEntry, &Extension->ListSpinLock); - KeReleaseSemaphore (&Extension->RequestSemaphore, IO_DISK_INCREMENT, 1, FALSE); - - return STATUS_PENDING; - - case IRP_MJ_FLUSH_BUFFERS: - return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0); - } - - break; - - case IRP_MJ_PNP: - if (!Extension->bRootDevice - && Extension->IsVolumeDevice - && irpSp->MinorFunction == IRP_MN_DEVICE_USAGE_NOTIFICATION - && irpSp->Parameters.UsageNotification.Type == DeviceUsageTypePaging - && irpSp->Parameters.UsageNotification.InPath) - { - PagingFileCreationPrevented = TRUE; - return TCCompleteIrp (Irp, STATUS_UNSUCCESSFUL, 0); - } - break; - } - - return TCCompleteIrp (Irp, STATUS_INVALID_DEVICE_REQUEST, 0); -} - -NTSTATUS TCCreateRootDeviceObject (PDRIVER_OBJECT DriverObject) -{ - UNICODE_STRING Win32NameString, ntUnicodeString; - WCHAR dosname[32], ntname[32]; - PDEVICE_OBJECT DeviceObject; - NTSTATUS ntStatus; - BOOL *bRootExtension; - - Dump ("TCCreateRootDeviceObject BEGIN\n"); - ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL); - - RtlStringCbCopyW (dosname, sizeof(dosname),(LPWSTR) DOS_ROOT_PREFIX); - RtlStringCbCopyW (ntname, sizeof(ntname),(LPWSTR) NT_ROOT_PREFIX); - RtlInitUnicodeString (&ntUnicodeString, ntname); - RtlInitUnicodeString (&Win32NameString, dosname); - - Dump ("Creating root device nt=%ls dos=%ls\n", ntname, dosname); - - ntStatus = IoCreateDevice ( - DriverObject, - sizeof (BOOL), - &ntUnicodeString, - FILE_DEVICE_UNKNOWN, - FILE_DEVICE_SECURE_OPEN, - FALSE, - &DeviceObject); - - if (!NT_SUCCESS (ntStatus)) - { - Dump ("TCCreateRootDeviceObject NTSTATUS = 0x%08x END\n", ntStatus); - return ntStatus;/* Failed to create DeviceObject */ - } - - DeviceObject->Flags |= DO_DIRECT_IO; - DeviceObject->AlignmentRequirement = FILE_WORD_ALIGNMENT; - - /* Setup the device extension */ - bRootExtension = (BOOL *) DeviceObject->DeviceExtension; - *bRootExtension = TRUE; - - KeInitializeMutex (&RootDeviceControlMutex, 0); - - ntStatus = IoCreateSymbolicLink (&Win32NameString, &ntUnicodeString); - - if (!NT_SUCCESS (ntStatus)) - { - Dump ("TCCreateRootDeviceObject NTSTATUS = 0x%08x END\n", ntStatus); - IoDeleteDevice (DeviceObject); - return ntStatus; - } - - IoRegisterShutdownNotification (DeviceObject); - RootDeviceObject = DeviceObject; - - Dump ("TCCreateRootDeviceObject STATUS_SUCCESS END\n"); - return STATUS_SUCCESS; -} - -NTSTATUS TCCreateDeviceObject (PDRIVER_OBJECT DriverObject, - PDEVICE_OBJECT * ppDeviceObject, - MOUNT_STRUCT * mount) -{ - UNICODE_STRING ntUnicodeString; - WCHAR ntname[32]; - PEXTENSION Extension; - NTSTATUS ntStatus; - ULONG devChars = 0; -#if defined (DEBUG) - WCHAR dosname[32]; -#endif - - Dump ("TCCreateDeviceObject BEGIN\n"); - ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL); - - TCGetNTNameFromNumber (ntname, sizeof(ntname),mount->nDosDriveNo); - RtlInitUnicodeString (&ntUnicodeString, ntname); -#if defined (DEBUG) - TCGetDosNameFromNumber (dosname, sizeof(dosname),mount->nDosDriveNo, DeviceNamespaceDefault); -#endif - - devChars = FILE_DEVICE_SECURE_OPEN; - devChars |= mount->bMountReadOnly ? FILE_READ_ONLY_DEVICE : 0; - devChars |= mount->bMountRemovable ? FILE_REMOVABLE_MEDIA : 0; - - Dump ("Creating device nt=%ls dos=%ls\n", ntname, dosname); - - ntStatus = IoCreateDevice ( - DriverObject, /* Our Driver Object */ - sizeof (EXTENSION), /* Size of state information */ - &ntUnicodeString, /* Device name "\Device\Name" */ - FILE_DEVICE_DISK, /* Device type */ - devChars, /* Device characteristics */ - FALSE, /* Exclusive device */ - ppDeviceObject); /* Returned ptr to Device Object */ - - if (!NT_SUCCESS (ntStatus)) - { - Dump ("TCCreateDeviceObject NTSTATUS = 0x%08x END\n", ntStatus); - return ntStatus;/* Failed to create DeviceObject */ - } - /* Initialize device object and extension. */ - - (*ppDeviceObject)->Flags |= DO_DIRECT_IO; - (*ppDeviceObject)->StackSize += 6; // Reduce occurrence of NO_MORE_IRP_STACK_LOCATIONS bug check caused by buggy drivers - - /* Setup the device extension */ - Extension = (PEXTENSION) (*ppDeviceObject)->DeviceExtension; - memset (Extension, 0, sizeof (EXTENSION)); - - Extension->IsVolumeDevice = TRUE; - Extension->nDosDriveNo = mount->nDosDriveNo; - Extension->bRemovable = mount->bMountRemovable; - Extension->PartitionInInactiveSysEncScope = mount->bPartitionInInactiveSysEncScope; - Extension->SystemFavorite = mount->SystemFavorite; - - KeInitializeEvent (&Extension->keCreateEvent, SynchronizationEvent, FALSE); - KeInitializeSemaphore (&Extension->RequestSemaphore, 0L, MAXLONG); - KeInitializeSpinLock (&Extension->ListSpinLock); - InitializeListHead (&Extension->ListEntry); - IoInitializeRemoveLock (&Extension->Queue.RemoveLock, 'LRCV', 0, 0); - - VirtualVolumeDeviceObjects[mount->nDosDriveNo] = *ppDeviceObject; - - Dump ("TCCreateDeviceObject STATUS_SUCCESS END\n"); - - return STATUS_SUCCESS; -} - - -BOOL RootDeviceControlMutexAcquireNoWait () -{ - NTSTATUS status; - LARGE_INTEGER timeout; - timeout.QuadPart = 0; - - status = KeWaitForMutexObject (&RootDeviceControlMutex, Executive, KernelMode, FALSE, &timeout); - return NT_SUCCESS (status) && status != STATUS_TIMEOUT; -} - - -void RootDeviceControlMutexRelease () -{ - KeReleaseMutex (&RootDeviceControlMutex, FALSE); -} - - -NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, PIRP Irp) -{ - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); - - switch (irpSp->Parameters.DeviceIoControl.IoControlCode) - { - - case IOCTL_MOUNTDEV_QUERY_DEVICE_NAME: - if (!ValidateIOBufferSize (Irp, sizeof (MOUNTDEV_NAME), ValidateOutput)) - { - Irp->IoStatus.Information = sizeof (MOUNTDEV_NAME); - Irp->IoStatus.Status = STATUS_BUFFER_OVERFLOW; - } - else - { - ULONG outLength; - UNICODE_STRING ntUnicodeString; - WCHAR ntName[256]; - PMOUNTDEV_NAME outputBuffer = (PMOUNTDEV_NAME) Irp->AssociatedIrp.SystemBuffer; - - TCGetNTNameFromNumber (ntName, sizeof(ntName),Extension->nDosDriveNo); - RtlInitUnicodeString (&ntUnicodeString, ntName); - - outputBuffer->NameLength = ntUnicodeString.Length; - outLength = ntUnicodeString.Length + sizeof(USHORT); - - if (irpSp->Parameters.DeviceIoControl.OutputBufferLength < outLength) - { - Irp->IoStatus.Information = sizeof (MOUNTDEV_NAME); - Irp->IoStatus.Status = STATUS_BUFFER_OVERFLOW; - - break; - } - - RtlCopyMemory ((PCHAR)outputBuffer->Name,ntUnicodeString.Buffer, ntUnicodeString.Length); - - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = outLength; - - Dump ("name = %ls\n",ntName); - } - break; - - case IOCTL_MOUNTDEV_QUERY_UNIQUE_ID: - if (!ValidateIOBufferSize (Irp, sizeof (MOUNTDEV_UNIQUE_ID), ValidateOutput)) - { - Irp->IoStatus.Information = sizeof (MOUNTDEV_UNIQUE_ID); - Irp->IoStatus.Status = STATUS_BUFFER_OVERFLOW; - } - else - { - ULONG outLength; - UCHAR volId[128], tmp[] = { 0,0 }; - PMOUNTDEV_UNIQUE_ID outputBuffer = (PMOUNTDEV_UNIQUE_ID) Irp->AssociatedIrp.SystemBuffer; - - RtlStringCbCopyA (volId, sizeof(volId),TC_UNIQUE_ID_PREFIX); - tmp[0] = 'A' + (UCHAR) Extension->nDosDriveNo; - RtlStringCbCatA (volId, sizeof(volId),tmp); - - outputBuffer->UniqueIdLength = (USHORT) strlen (volId); - outLength = (ULONG) (strlen (volId) + sizeof (USHORT)); - - if (irpSp->Parameters.DeviceIoControl.OutputBufferLength < outLength) - { - Irp->IoStatus.Information = sizeof (MOUNTDEV_UNIQUE_ID); - Irp->IoStatus.Status = STATUS_BUFFER_OVERFLOW; - break; - } - - RtlCopyMemory ((PCHAR)outputBuffer->UniqueId, volId, strlen (volId)); - - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = outLength; - - Dump ("id = %s\n",volId); - } - break; - - case IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME: - { - ULONG outLength; - UNICODE_STRING ntUnicodeString; - WCHAR ntName[256]; - PMOUNTDEV_SUGGESTED_LINK_NAME outputBuffer = (PMOUNTDEV_SUGGESTED_LINK_NAME) Irp->AssociatedIrp.SystemBuffer; - - if (!ValidateIOBufferSize (Irp, sizeof (MOUNTDEV_SUGGESTED_LINK_NAME), ValidateOutput)) - { - Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - Irp->IoStatus.Information = 0; - break; - } - - TCGetDosNameFromNumber (ntName, sizeof(ntName),Extension->nDosDriveNo, DeviceNamespaceDefault); - RtlInitUnicodeString (&ntUnicodeString, ntName); - - outLength = FIELD_OFFSET(MOUNTDEV_SUGGESTED_LINK_NAME,Name) + ntUnicodeString.Length; - - outputBuffer->UseOnlyIfThereAreNoOtherLinks = FALSE; - outputBuffer->NameLength = ntUnicodeString.Length; - - if(irpSp->Parameters.DeviceIoControl.OutputBufferLength < outLength) - { - Irp->IoStatus.Information = sizeof (MOUNTDEV_SUGGESTED_LINK_NAME); - Irp->IoStatus.Status = STATUS_BUFFER_OVERFLOW; - break; - } - - RtlCopyMemory ((PCHAR)outputBuffer->Name,ntUnicodeString.Buffer, ntUnicodeString.Length); - - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = outLength; - - Dump ("link = %ls\n",ntName); - } - break; - - case IOCTL_DISK_GET_MEDIA_TYPES: - case IOCTL_DISK_GET_DRIVE_GEOMETRY: - /* Return the drive geometry for the disk. Note that we - return values which were made up to suit the disk size. */ - if (ValidateIOBufferSize (Irp, sizeof (DISK_GEOMETRY), ValidateOutput)) - { - PDISK_GEOMETRY outputBuffer = (PDISK_GEOMETRY) - Irp->AssociatedIrp.SystemBuffer; - - outputBuffer->MediaType = Extension->bRemovable ? RemovableMedia : FixedMedia; - outputBuffer->Cylinders.QuadPart = Extension->NumberOfCylinders; - outputBuffer->TracksPerCylinder = Extension->TracksPerCylinder; - outputBuffer->SectorsPerTrack = Extension->SectorsPerTrack; - outputBuffer->BytesPerSector = Extension->BytesPerSector; - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = sizeof (DISK_GEOMETRY); - } - break; - - case IOCTL_STORAGE_QUERY_PROPERTY: - if (EnableExtendedIoctlSupport) - { - if (ValidateIOBufferSize (Irp, sizeof (STORAGE_PROPERTY_QUERY), ValidateInput)) - { - PSTORAGE_PROPERTY_QUERY pStoragePropQuery = (PSTORAGE_PROPERTY_QUERY) Irp->AssociatedIrp.SystemBuffer; - STORAGE_QUERY_TYPE type = pStoragePropQuery->QueryType; - - /* return error if an unsupported type is encountered */ - Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST; - Irp->IoStatus.Information = 0; - - if ( (pStoragePropQuery->PropertyId == StorageAccessAlignmentProperty) - || (pStoragePropQuery->PropertyId == StorageDeviceProperty) - ) - { - if (type == PropertyExistsQuery) - { - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = 0; - } - else if (type == PropertyStandardQuery) - { - switch (pStoragePropQuery->PropertyId) - { - case StorageDeviceProperty: - { - if (ValidateIOBufferSize (Irp, sizeof (STORAGE_DEVICE_DESCRIPTOR), ValidateOutput)) - { - PSTORAGE_DEVICE_DESCRIPTOR outputBuffer = (PSTORAGE_DEVICE_DESCRIPTOR) Irp->AssociatedIrp.SystemBuffer; - - outputBuffer->Version = sizeof(STORAGE_DEVICE_DESCRIPTOR); - outputBuffer->Size = sizeof(STORAGE_DEVICE_DESCRIPTOR); - outputBuffer->DeviceType = FILE_DEVICE_DISK; - outputBuffer->RemovableMedia = Extension->bRemovable? TRUE : FALSE; - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = sizeof (STORAGE_DEVICE_DESCRIPTOR); - } - } - break; - case StorageAccessAlignmentProperty: - { - if (ValidateIOBufferSize (Irp, sizeof (STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR), ValidateOutput)) - { - PSTORAGE_ACCESS_ALIGNMENT_DESCRIPTOR outputBuffer = (PSTORAGE_ACCESS_ALIGNMENT_DESCRIPTOR) Irp->AssociatedIrp.SystemBuffer; - - outputBuffer->Version = sizeof(STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR); - outputBuffer->Size = sizeof(STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR); - outputBuffer->BytesPerLogicalSector = Extension->BytesPerSector; - outputBuffer->BytesPerPhysicalSector = Extension->HostBytesPerPhysicalSector; - outputBuffer->BytesOffsetForSectorAlignment = Extension->BytesOffsetForSectorAlignment; - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = sizeof (STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR); - } - } - break; - } - } - } - } - } - else - return TCCompleteIrp (Irp, STATUS_INVALID_DEVICE_REQUEST, 0); - - break; - - case IOCTL_DISK_GET_PARTITION_INFO: - if (ValidateIOBufferSize (Irp, sizeof (PARTITION_INFORMATION), ValidateOutput)) - { - PPARTITION_INFORMATION outputBuffer = (PPARTITION_INFORMATION) - Irp->AssociatedIrp.SystemBuffer; - - outputBuffer->PartitionType = Extension->PartitionType; - outputBuffer->BootIndicator = FALSE; - outputBuffer->RecognizedPartition = TRUE; - outputBuffer->RewritePartition = FALSE; - outputBuffer->StartingOffset.QuadPart = Extension->BytesPerSector; - outputBuffer->PartitionLength.QuadPart= Extension->DiskLength; - outputBuffer->HiddenSectors = 0; - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = sizeof (PARTITION_INFORMATION); - } - break; - - case IOCTL_DISK_GET_PARTITION_INFO_EX: - if (ValidateIOBufferSize (Irp, sizeof (PARTITION_INFORMATION_EX), ValidateOutput)) - { - PPARTITION_INFORMATION_EX outputBuffer = (PPARTITION_INFORMATION_EX) Irp->AssociatedIrp.SystemBuffer; - - outputBuffer->PartitionStyle = PARTITION_STYLE_MBR; - outputBuffer->RewritePartition = FALSE; - outputBuffer->StartingOffset.QuadPart = Extension->BytesPerSector; - outputBuffer->PartitionLength.QuadPart= Extension->DiskLength; - outputBuffer->Mbr.PartitionType = Extension->PartitionType; - outputBuffer->Mbr.BootIndicator = FALSE; - outputBuffer->Mbr.RecognizedPartition = TRUE; - outputBuffer->Mbr.HiddenSectors = 0; - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = sizeof (PARTITION_INFORMATION_EX); - } - break; - - case IOCTL_DISK_GET_DRIVE_LAYOUT: - if (ValidateIOBufferSize (Irp, sizeof (DRIVE_LAYOUT_INFORMATION), ValidateOutput)) - { - PDRIVE_LAYOUT_INFORMATION outputBuffer = (PDRIVE_LAYOUT_INFORMATION) - Irp->AssociatedIrp.SystemBuffer; - - outputBuffer->PartitionCount = 1; - outputBuffer->Signature = 0; - - outputBuffer->PartitionEntry->PartitionType = Extension->PartitionType; - outputBuffer->PartitionEntry->BootIndicator = FALSE; - outputBuffer->PartitionEntry->RecognizedPartition = TRUE; - outputBuffer->PartitionEntry->RewritePartition = FALSE; - outputBuffer->PartitionEntry->StartingOffset.QuadPart = Extension->BytesPerSector; - outputBuffer->PartitionEntry->PartitionLength.QuadPart = Extension->DiskLength; - outputBuffer->PartitionEntry->HiddenSectors = 0; - - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = sizeof (PARTITION_INFORMATION); - } - break; - - case IOCTL_DISK_GET_LENGTH_INFO: - if (!ValidateIOBufferSize (Irp, sizeof (GET_LENGTH_INFORMATION), ValidateOutput)) - { - Irp->IoStatus.Status = STATUS_BUFFER_OVERFLOW; - Irp->IoStatus.Information = sizeof (GET_LENGTH_INFORMATION); - } - else - { - PGET_LENGTH_INFORMATION outputBuffer = (PGET_LENGTH_INFORMATION) Irp->AssociatedIrp.SystemBuffer; - - outputBuffer->Length.QuadPart = Extension->DiskLength; - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = sizeof (GET_LENGTH_INFORMATION); - } - break; - - case IOCTL_DISK_VERIFY: - if (ValidateIOBufferSize (Irp, sizeof (VERIFY_INFORMATION), ValidateInput)) - { - HRESULT hResult; - ULONGLONG ullStartingOffset, ullNewOffset, ullEndOffset; - PVERIFY_INFORMATION pVerifyInformation; - pVerifyInformation = (PVERIFY_INFORMATION) Irp->AssociatedIrp.SystemBuffer; - - ullStartingOffset = (ULONGLONG) pVerifyInformation->StartingOffset.QuadPart; - hResult = ULongLongAdd(ullStartingOffset, - (ULONGLONG) Extension->cryptoInfo->hiddenVolume ? Extension->cryptoInfo->hiddenVolumeOffset : Extension->cryptoInfo->volDataAreaOffset, - &ullNewOffset); - if (hResult != S_OK) - Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - else if (S_OK != ULongLongAdd(ullStartingOffset, (ULONGLONG) pVerifyInformation->Length, &ullEndOffset)) - Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - else if (ullEndOffset > (ULONGLONG) Extension->DiskLength) - Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - else - { - IO_STATUS_BLOCK ioStatus; - PVOID buffer = TCalloc (max (pVerifyInformation->Length, PAGE_SIZE)); - - if (!buffer) - { - Irp->IoStatus.Status = STATUS_INSUFFICIENT_RESOURCES; - } - else - { - LARGE_INTEGER offset = pVerifyInformation->StartingOffset; - offset.QuadPart = ullNewOffset; - - Irp->IoStatus.Status = ZwReadFile (Extension->hDeviceFile, NULL, NULL, NULL, &ioStatus, buffer, pVerifyInformation->Length, &offset, NULL); - TCfree (buffer); - - if (NT_SUCCESS (Irp->IoStatus.Status) && ioStatus.Information != pVerifyInformation->Length) - Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - } - } - - Irp->IoStatus.Information = 0; - } - break; - - case IOCTL_DISK_CHECK_VERIFY: - case IOCTL_STORAGE_CHECK_VERIFY: - { - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = 0; - - if (irpSp->Parameters.DeviceIoControl.OutputBufferLength >= sizeof (ULONG)) - { - *((ULONG *) Irp->AssociatedIrp.SystemBuffer) = 0; - Irp->IoStatus.Information = sizeof (ULONG); - } - } - break; - - case IOCTL_DISK_IS_WRITABLE: - { - if (Extension->bReadOnly) - Irp->IoStatus.Status = STATUS_MEDIA_WRITE_PROTECTED; - else - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = 0; - - } - break; - - case IOCTL_VOLUME_ONLINE: - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = 0; - break; - - case IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS: - - // Vista's filesystem defragmenter fails if IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS does not succeed. - if (!(OsMajorVersion == 6 && OsMinorVersion == 0)) - { - Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST; - Irp->IoStatus.Information = 0; - } - else if (ValidateIOBufferSize (Irp, sizeof (VOLUME_DISK_EXTENTS), ValidateOutput)) - { - VOLUME_DISK_EXTENTS *extents = (VOLUME_DISK_EXTENTS *) Irp->AssociatedIrp.SystemBuffer; - - // No extent data can be returned as this is not a physical drive. - memset (extents, 0, sizeof (*extents)); - extents->NumberOfDiskExtents = 0; - - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = sizeof (*extents); - } - break; - - default: - return TCCompleteIrp (Irp, STATUS_INVALID_DEVICE_REQUEST, 0); - } - -#ifdef DEBUG - if (!NT_SUCCESS (Irp->IoStatus.Status)) - { - Dump ("IOCTL error 0x%08x (0x%x %d)\n", - Irp->IoStatus.Status, - (int) (irpSp->Parameters.DeviceIoControl.IoControlCode >> 16), - (int) ((irpSp->Parameters.DeviceIoControl.IoControlCode & 0x1FFF) >> 2)); - } -#endif - - return TCCompleteDiskIrp (Irp, Irp->IoStatus.Status, Irp->IoStatus.Information); -} - - -NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, PIRP Irp) -{ - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); - NTSTATUS ntStatus; - - switch (irpSp->Parameters.DeviceIoControl.IoControlCode) - { - case TC_IOCTL_GET_DRIVER_VERSION: - case TC_IOCTL_LEGACY_GET_DRIVER_VERSION: - if (ValidateIOBufferSize (Irp, sizeof (LONG), ValidateOutput)) - { - LONG tmp = VERSION_NUM; - memcpy (Irp->AssociatedIrp.SystemBuffer, &tmp, 4); - Irp->IoStatus.Information = sizeof (LONG); - Irp->IoStatus.Status = STATUS_SUCCESS; - } - break; - - case TC_IOCTL_GET_DEVICE_REFCOUNT: - if (ValidateIOBufferSize (Irp, sizeof (int), ValidateOutput)) - { - *(int *) Irp->AssociatedIrp.SystemBuffer = DeviceObject->ReferenceCount; - Irp->IoStatus.Information = sizeof (int); - Irp->IoStatus.Status = STATUS_SUCCESS; - } - break; - - case TC_IOCTL_IS_DRIVER_UNLOAD_DISABLED: - if (ValidateIOBufferSize (Irp, sizeof (int), ValidateOutput)) - { - LONG deviceObjectCount = 0; - - *(int *) Irp->AssociatedIrp.SystemBuffer = DriverUnloadDisabled; - - if (IoEnumerateDeviceObjectList (TCDriverObject, NULL, 0, &deviceObjectCount) == STATUS_BUFFER_TOO_SMALL && deviceObjectCount > 1) - *(int *) Irp->AssociatedIrp.SystemBuffer = TRUE; - - Irp->IoStatus.Information = sizeof (int); - Irp->IoStatus.Status = STATUS_SUCCESS; - } - break; - - case TC_IOCTL_IS_ANY_VOLUME_MOUNTED: - if (ValidateIOBufferSize (Irp, sizeof (int), ValidateOutput)) - { - int drive; - *(int *) Irp->AssociatedIrp.SystemBuffer = 0; - - for (drive = MIN_MOUNTED_VOLUME_DRIVE_NUMBER; drive <= MAX_MOUNTED_VOLUME_DRIVE_NUMBER; ++drive) - { - if (GetVirtualVolumeDeviceObject (drive)) - { - *(int *) Irp->AssociatedIrp.SystemBuffer = 1; - break; - } - } - - if (IsBootDriveMounted()) - *(int *) Irp->AssociatedIrp.SystemBuffer = 1; - - Irp->IoStatus.Information = sizeof (int); - Irp->IoStatus.Status = STATUS_SUCCESS; - } - break; - - case TC_IOCTL_OPEN_TEST: - { - OPEN_TEST_STRUCT *opentest = (OPEN_TEST_STRUCT *) Irp->AssociatedIrp.SystemBuffer; - OBJECT_ATTRIBUTES ObjectAttributes; - HANDLE NtFileHandle; - UNICODE_STRING FullFileName; - IO_STATUS_BLOCK IoStatus; - LARGE_INTEGER offset; - ACCESS_MASK access = FILE_READ_ATTRIBUTES; - - if (!ValidateIOBufferSize (Irp, sizeof (OPEN_TEST_STRUCT), ValidateInputOutput)) - break; - - EnsureNullTerminatedString (opentest->wszFileName, sizeof (opentest->wszFileName)); - RtlInitUnicodeString (&FullFileName, opentest->wszFileName); - - InitializeObjectAttributes (&ObjectAttributes, &FullFileName, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL); - - if (opentest->bDetectTCBootLoader || opentest->DetectFilesystem || opentest->bMatchVolumeID) - access |= FILE_READ_DATA; - - ntStatus = ZwCreateFile (&NtFileHandle, - SYNCHRONIZE | access, &ObjectAttributes, &IoStatus, NULL, - 0, FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_OPEN, FILE_SYNCHRONOUS_IO_NONALERT, NULL, 0); - - if (NT_SUCCESS (ntStatus)) - { - opentest->TCBootLoaderDetected = FALSE; - opentest->FilesystemDetected = FALSE; - opentest->VolumeIDMatched = FALSE; - - if (opentest->bDetectTCBootLoader || opentest->DetectFilesystem || opentest->bMatchVolumeID) - { - byte *readBuffer = TCalloc (TC_MAX_VOLUME_SECTOR_SIZE); - if (!readBuffer) - { - ntStatus = STATUS_INSUFFICIENT_RESOURCES; - } - else - { - if (opentest->bDetectTCBootLoader || opentest->DetectFilesystem) - { - // Determine if the first sector contains a portion of the VeraCrypt Boot Loader - - offset.QuadPart = 0; - - ntStatus = ZwReadFile (NtFileHandle, - NULL, - NULL, - NULL, - &IoStatus, - readBuffer, - TC_MAX_VOLUME_SECTOR_SIZE, - &offset, - NULL); - - if (NT_SUCCESS (ntStatus)) - { - size_t i; - - if (opentest->bDetectTCBootLoader && IoStatus.Information >= TC_SECTOR_SIZE_BIOS) - { - // Search for the string "VeraCrypt" - for (i = 0; i < TC_SECTOR_SIZE_BIOS - strlen (TC_APP_NAME); ++i) - { - if (memcmp (readBuffer + i, TC_APP_NAME, strlen (TC_APP_NAME)) == 0) - { - opentest->TCBootLoaderDetected = TRUE; - break; - } - } - } - - if (opentest->DetectFilesystem && IoStatus.Information >= sizeof (int64)) - { - switch (BE64 (*(uint64 *) readBuffer)) - { - case 0xEB52904E54465320: // NTFS - case 0xEB3C904D53444F53: // FAT16 - case 0xEB58904D53444F53: // FAT32 - case 0xEB76904558464154: // exFAT - - opentest->FilesystemDetected = TRUE; - break; - } - } - } - } - - if (opentest->bMatchVolumeID) - { - int volumeType; - BYTE volumeID[VOLUME_ID_SIZE]; - - // Go through all volume types (e.g., normal, hidden) - for (volumeType = TC_VOLUME_TYPE_NORMAL; - volumeType < TC_VOLUME_TYPE_COUNT; - volumeType++) - { - /* Read the volume header */ - switch (volumeType) - { - case TC_VOLUME_TYPE_NORMAL: - offset.QuadPart = TC_VOLUME_HEADER_OFFSET; - break; - - case TC_VOLUME_TYPE_HIDDEN: - - offset.QuadPart = TC_HIDDEN_VOLUME_HEADER_OFFSET; - break; - } - - ntStatus = ZwReadFile (NtFileHandle, - NULL, - NULL, - NULL, - &IoStatus, - readBuffer, - TC_MAX_VOLUME_SECTOR_SIZE, - &offset, - NULL); - - if (NT_SUCCESS (ntStatus)) - { - /* compute the ID of this volume: SHA-256 of the effective header */ - sha256 (volumeID, readBuffer, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - - if (0 == memcmp (volumeID, opentest->volumeID, VOLUME_ID_SIZE)) - { - opentest->VolumeIDMatched = TRUE; - break; - } - } - } - } - - TCfree (readBuffer); - } - } - - ZwClose (NtFileHandle); - Dump ("Open test on file %ls success.\n", opentest->wszFileName); - } - else - { -#if 0 - Dump ("Open test on file %ls failed NTSTATUS 0x%08x\n", opentest->wszFileName, ntStatus); -#endif - } - - Irp->IoStatus.Information = NT_SUCCESS (ntStatus) ? sizeof (OPEN_TEST_STRUCT) : 0; - Irp->IoStatus.Status = ntStatus; - } - break; - - case TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG: - { - GetSystemDriveConfigurationRequest *request = (GetSystemDriveConfigurationRequest *) Irp->AssociatedIrp.SystemBuffer; - OBJECT_ATTRIBUTES ObjectAttributes; - HANDLE NtFileHandle; - UNICODE_STRING FullFileName; - IO_STATUS_BLOCK IoStatus; - LARGE_INTEGER offset; - byte readBuffer [TC_SECTOR_SIZE_BIOS]; - - if (!ValidateIOBufferSize (Irp, sizeof (GetSystemDriveConfigurationRequest), ValidateInputOutput)) - break; - - EnsureNullTerminatedString (request->DevicePath, sizeof (request->DevicePath)); - RtlInitUnicodeString (&FullFileName, request->DevicePath); - - InitializeObjectAttributes (&ObjectAttributes, &FullFileName, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL); - - ntStatus = ZwCreateFile (&NtFileHandle, - SYNCHRONIZE | GENERIC_READ, &ObjectAttributes, &IoStatus, NULL, - FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_OPEN, FILE_SYNCHRONOUS_IO_NONALERT | FILE_RANDOM_ACCESS, NULL, 0); - - if (NT_SUCCESS (ntStatus)) - { - // Determine if the first sector contains a portion of the VeraCrypt Boot Loader - offset.QuadPart = 0; // MBR - - ntStatus = ZwReadFile (NtFileHandle, - NULL, - NULL, - NULL, - &IoStatus, - readBuffer, - sizeof(readBuffer), - &offset, - NULL); - - if (NT_SUCCESS (ntStatus)) - { - size_t i; - - // Check for dynamic drive - request->DriveIsDynamic = FALSE; - - if (readBuffer[510] == 0x55 && readBuffer[511] == 0xaa) - { - int i; - for (i = 0; i < 4; ++i) - { - if (readBuffer[446 + i * 16 + 4] == PARTITION_LDM) - { - request->DriveIsDynamic = TRUE; - break; - } - } - } - - request->BootLoaderVersion = 0; - request->Configuration = 0; - request->UserConfiguration = 0; - request->CustomUserMessage[0] = 0; - - // Search for the string "VeraCrypt" - for (i = 0; i < sizeof (readBuffer) - strlen (TC_APP_NAME); ++i) - { - if (memcmp (readBuffer + i, TC_APP_NAME, strlen (TC_APP_NAME)) == 0) - { - request->BootLoaderVersion = BE16 (*(uint16 *) (readBuffer + TC_BOOT_SECTOR_VERSION_OFFSET)); - request->Configuration = readBuffer[TC_BOOT_SECTOR_CONFIG_OFFSET]; - - if (request->BootLoaderVersion != 0 && request->BootLoaderVersion <= VERSION_NUM) - { - request->UserConfiguration = readBuffer[TC_BOOT_SECTOR_USER_CONFIG_OFFSET]; - memcpy (request->CustomUserMessage, readBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH); - } - break; - } - } - - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = sizeof (*request); - } - else - { - Irp->IoStatus.Status = ntStatus; - Irp->IoStatus.Information = 0; - } - - ZwClose (NtFileHandle); - - } - else - { - Irp->IoStatus.Status = ntStatus; - Irp->IoStatus.Information = 0; - } - } - break; - - case TC_IOCTL_WIPE_PASSWORD_CACHE: - WipeCache (); - - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = 0; - break; - - case TC_IOCTL_GET_PASSWORD_CACHE_STATUS: - Irp->IoStatus.Status = cacheEmpty ? STATUS_PIPE_EMPTY : STATUS_SUCCESS; - Irp->IoStatus.Information = 0; - break; - - case TC_IOCTL_SET_PORTABLE_MODE_STATUS: - if (!UserCanAccessDriveDevice()) - { - Irp->IoStatus.Status = STATUS_ACCESS_DENIED; - Irp->IoStatus.Information = 0; - } - else - { - PortableMode = TRUE; - Dump ("Setting portable mode\n"); - } - break; - - case TC_IOCTL_GET_PORTABLE_MODE_STATUS: - Irp->IoStatus.Status = PortableMode ? STATUS_SUCCESS : STATUS_PIPE_EMPTY; - Irp->IoStatus.Information = 0; - break; - - case TC_IOCTL_GET_MOUNTED_VOLUMES: - - if (ValidateIOBufferSize (Irp, sizeof (MOUNT_LIST_STRUCT), ValidateOutput)) - { - MOUNT_LIST_STRUCT *list = (MOUNT_LIST_STRUCT *) Irp->AssociatedIrp.SystemBuffer; - PDEVICE_OBJECT ListDevice; - int drive; - - list->ulMountedDrives = 0; - - for (drive = MIN_MOUNTED_VOLUME_DRIVE_NUMBER; drive <= MAX_MOUNTED_VOLUME_DRIVE_NUMBER; ++drive) - { - PEXTENSION ListExtension; - - ListDevice = GetVirtualVolumeDeviceObject (drive); - if (!ListDevice) - continue; - - ListExtension = (PEXTENSION) ListDevice->DeviceExtension; - if (IsVolumeAccessibleByCurrentUser (ListExtension)) - { - list->ulMountedDrives |= (1 << ListExtension->nDosDriveNo); - RtlStringCbCopyW (list->wszVolume[ListExtension->nDosDriveNo], sizeof(list->wszVolume[ListExtension->nDosDriveNo]),ListExtension->wszVolume); - RtlStringCbCopyW (list->wszLabel[ListExtension->nDosDriveNo], sizeof(list->wszLabel[ListExtension->nDosDriveNo]),ListExtension->wszLabel); - memcpy (list->volumeID[ListExtension->nDosDriveNo], ListExtension->volumeID, VOLUME_ID_SIZE); - list->diskLength[ListExtension->nDosDriveNo] = ListExtension->DiskLength; - list->ea[ListExtension->nDosDriveNo] = ListExtension->cryptoInfo->ea; - if (ListExtension->cryptoInfo->hiddenVolume) - list->volumeType[ListExtension->nDosDriveNo] = PROP_VOL_TYPE_HIDDEN; // Hidden volume - else if (ListExtension->cryptoInfo->bHiddenVolProtectionAction) - list->volumeType[ListExtension->nDosDriveNo] = PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED; // Normal/outer volume (hidden volume protected AND write already prevented) - else if (ListExtension->cryptoInfo->bProtectHiddenVolume) - list->volumeType[ListExtension->nDosDriveNo] = PROP_VOL_TYPE_OUTER; // Normal/outer volume (hidden volume protected) - else - list->volumeType[ListExtension->nDosDriveNo] = PROP_VOL_TYPE_NORMAL; // Normal volume - list->truecryptMode[ListExtension->nDosDriveNo] = ListExtension->cryptoInfo->bTrueCryptMode; - } - } - - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = sizeof (MOUNT_LIST_STRUCT); - } - break; - - case TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES: - if (ValidateIOBufferSize (Irp, sizeof (uint32), ValidateOutput)) - { - // Prevent the user from downgrading to versions lower than 5.0 by faking mounted volumes. - // The user could render the system unbootable by downgrading when boot encryption - // is active or being set up. - - memset (Irp->AssociatedIrp.SystemBuffer, 0, irpSp->Parameters.DeviceIoControl.OutputBufferLength); - *(uint32 *) Irp->AssociatedIrp.SystemBuffer = 0xffffFFFF; - - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = irpSp->Parameters.DeviceIoControl.OutputBufferLength; - } - break; - - case TC_IOCTL_GET_VOLUME_PROPERTIES: - if (ValidateIOBufferSize (Irp, sizeof (VOLUME_PROPERTIES_STRUCT), ValidateInputOutput)) - { - VOLUME_PROPERTIES_STRUCT *prop = (VOLUME_PROPERTIES_STRUCT *) Irp->AssociatedIrp.SystemBuffer; - PDEVICE_OBJECT ListDevice = GetVirtualVolumeDeviceObject (prop->driveNo); - - Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - Irp->IoStatus.Information = 0; - - if (ListDevice) - { - PEXTENSION ListExtension = (PEXTENSION) ListDevice->DeviceExtension; - if (IsVolumeAccessibleByCurrentUser (ListExtension)) - { - prop->uniqueId = ListExtension->UniqueVolumeId; - RtlStringCbCopyW (prop->wszVolume, sizeof(prop->wszVolume),ListExtension->wszVolume); - RtlStringCbCopyW (prop->wszLabel, sizeof(prop->wszLabel),ListExtension->wszLabel); - memcpy (prop->volumeID, ListExtension->volumeID, VOLUME_ID_SIZE); - prop->bDriverSetLabel = ListExtension->bDriverSetLabel; - prop->diskLength = ListExtension->DiskLength; - prop->ea = ListExtension->cryptoInfo->ea; - prop->mode = ListExtension->cryptoInfo->mode; - prop->pkcs5 = ListExtension->cryptoInfo->pkcs5; - prop->pkcs5Iterations = ListExtension->cryptoInfo->noIterations; - prop->volumePim = ListExtension->cryptoInfo->volumePim; -#if 0 - prop->volumeCreationTime = ListExtension->cryptoInfo->volume_creation_time; - prop->headerCreationTime = ListExtension->cryptoInfo->header_creation_time; -#endif - prop->volumeHeaderFlags = ListExtension->cryptoInfo->HeaderFlags; - prop->readOnly = ListExtension->bReadOnly; - prop->removable = ListExtension->bRemovable; - prop->partitionInInactiveSysEncScope = ListExtension->PartitionInInactiveSysEncScope; - prop->hiddenVolume = ListExtension->cryptoInfo->hiddenVolume; - - if (ListExtension->cryptoInfo->bProtectHiddenVolume) - prop->hiddenVolProtection = ListExtension->cryptoInfo->bHiddenVolProtectionAction ? HIDVOL_PROT_STATUS_ACTION_TAKEN : HIDVOL_PROT_STATUS_ACTIVE; - else - prop->hiddenVolProtection = HIDVOL_PROT_STATUS_NONE; - - prop->totalBytesRead = ListExtension->Queue.TotalBytesRead; - prop->totalBytesWritten = ListExtension->Queue.TotalBytesWritten; - - prop->volFormatVersion = ListExtension->cryptoInfo->LegacyVolume ? TC_VOLUME_FORMAT_VERSION_PRE_6_0 : TC_VOLUME_FORMAT_VERSION; - - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = sizeof (VOLUME_PROPERTIES_STRUCT); - } - } - } - break; - - case TC_IOCTL_GET_RESOLVED_SYMLINK: - if (ValidateIOBufferSize (Irp, sizeof (RESOLVE_SYMLINK_STRUCT), ValidateInputOutput)) - { - RESOLVE_SYMLINK_STRUCT *resolve = (RESOLVE_SYMLINK_STRUCT *) Irp->AssociatedIrp.SystemBuffer; - { - NTSTATUS ntStatus; - - EnsureNullTerminatedString (resolve->symLinkName, sizeof (resolve->symLinkName)); - - ntStatus = SymbolicLinkToTarget (resolve->symLinkName, - resolve->targetName, - sizeof (resolve->targetName)); - - Irp->IoStatus.Information = sizeof (RESOLVE_SYMLINK_STRUCT); - Irp->IoStatus.Status = ntStatus; - } - } - break; - - case TC_IOCTL_GET_DRIVE_PARTITION_INFO: - if (ValidateIOBufferSize (Irp, sizeof (DISK_PARTITION_INFO_STRUCT), ValidateInputOutput)) - { - DISK_PARTITION_INFO_STRUCT *info = (DISK_PARTITION_INFO_STRUCT *) Irp->AssociatedIrp.SystemBuffer; - { - PARTITION_INFORMATION_EX pi; - NTSTATUS ntStatus; - - EnsureNullTerminatedString (info->deviceName, sizeof (info->deviceName)); - - ntStatus = TCDeviceIoControl (info->deviceName, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &pi, sizeof (pi)); - if (NT_SUCCESS(ntStatus)) - { - memset (&info->partInfo, 0, sizeof (info->partInfo)); - - info->partInfo.PartitionLength = pi.PartitionLength; - info->partInfo.PartitionNumber = pi.PartitionNumber; - info->partInfo.StartingOffset = pi.StartingOffset; - - if (pi.PartitionStyle == PARTITION_STYLE_MBR) - { - info->partInfo.PartitionType = pi.Mbr.PartitionType; - info->partInfo.BootIndicator = pi.Mbr.BootIndicator; - } - - info->IsGPT = pi.PartitionStyle == PARTITION_STYLE_GPT; - } - else - { - // Windows 2000 does not support IOCTL_DISK_GET_PARTITION_INFO_EX - ntStatus = TCDeviceIoControl (info->deviceName, IOCTL_DISK_GET_PARTITION_INFO, NULL, 0, &info->partInfo, sizeof (info->partInfo)); - info->IsGPT = FALSE; - } - - if (!NT_SUCCESS (ntStatus)) - { - GET_LENGTH_INFORMATION lengthInfo; - ntStatus = TCDeviceIoControl (info->deviceName, IOCTL_DISK_GET_LENGTH_INFO, NULL, 0, &lengthInfo, sizeof (lengthInfo)); - - if (NT_SUCCESS (ntStatus)) - { - memset (&info->partInfo, 0, sizeof (info->partInfo)); - info->partInfo.PartitionLength = lengthInfo.Length; - } - } - - info->IsDynamic = FALSE; - - if (NT_SUCCESS (ntStatus) && OsMajorVersion >= 6) - { -# define IOCTL_VOLUME_IS_DYNAMIC CTL_CODE(IOCTL_VOLUME_BASE, 18, METHOD_BUFFERED, FILE_ANY_ACCESS) - if (!NT_SUCCESS (TCDeviceIoControl (info->deviceName, IOCTL_VOLUME_IS_DYNAMIC, NULL, 0, &info->IsDynamic, sizeof (info->IsDynamic)))) - info->IsDynamic = FALSE; - } - - Irp->IoStatus.Information = sizeof (DISK_PARTITION_INFO_STRUCT); - Irp->IoStatus.Status = ntStatus; - } - } - break; - - case TC_IOCTL_GET_DRIVE_GEOMETRY: - if (ValidateIOBufferSize (Irp, sizeof (DISK_GEOMETRY_STRUCT), ValidateInputOutput)) - { - DISK_GEOMETRY_STRUCT *g = (DISK_GEOMETRY_STRUCT *) Irp->AssociatedIrp.SystemBuffer; - { - NTSTATUS ntStatus; - - EnsureNullTerminatedString (g->deviceName, sizeof (g->deviceName)); - - ntStatus = TCDeviceIoControl (g->deviceName, - IOCTL_DISK_GET_DRIVE_GEOMETRY, - NULL, 0, &g->diskGeometry, sizeof (g->diskGeometry)); - - Irp->IoStatus.Information = sizeof (DISK_GEOMETRY_STRUCT); - Irp->IoStatus.Status = ntStatus; - } - } - break; - - case TC_IOCTL_PROBE_REAL_DRIVE_SIZE: - if (ValidateIOBufferSize (Irp, sizeof (ProbeRealDriveSizeRequest), ValidateInputOutput)) - { - ProbeRealDriveSizeRequest *request = (ProbeRealDriveSizeRequest *) Irp->AssociatedIrp.SystemBuffer; - NTSTATUS status; - UNICODE_STRING name; - PFILE_OBJECT fileObject; - PDEVICE_OBJECT deviceObject; - - EnsureNullTerminatedString (request->DeviceName, sizeof (request->DeviceName)); - - RtlInitUnicodeString (&name, request->DeviceName); - status = IoGetDeviceObjectPointer (&name, FILE_READ_ATTRIBUTES, &fileObject, &deviceObject); - if (!NT_SUCCESS (status)) - { - Irp->IoStatus.Information = 0; - Irp->IoStatus.Status = status; - break; - } - - status = ProbeRealDriveSize (deviceObject, &request->RealDriveSize); - ObDereferenceObject (fileObject); - - if (status == STATUS_TIMEOUT) - { - request->TimeOut = TRUE; - Irp->IoStatus.Information = sizeof (ProbeRealDriveSizeRequest); - Irp->IoStatus.Status = STATUS_SUCCESS; - } - else if (!NT_SUCCESS (status)) - { - Irp->IoStatus.Information = 0; - Irp->IoStatus.Status = status; - } - else - { - request->TimeOut = FALSE; - Irp->IoStatus.Information = sizeof (ProbeRealDriveSizeRequest); - Irp->IoStatus.Status = status; - } - } - break; - - case TC_IOCTL_MOUNT_VOLUME: - if (ValidateIOBufferSize (Irp, sizeof (MOUNT_STRUCT), ValidateInputOutput)) - { - MOUNT_STRUCT *mount = (MOUNT_STRUCT *) Irp->AssociatedIrp.SystemBuffer; - - if (mount->VolumePassword.Length > MAX_PASSWORD || mount->ProtectedHidVolPassword.Length > MAX_PASSWORD - || mount->pkcs5_prf < 0 || mount->pkcs5_prf > LAST_PRF_ID - || mount->VolumePim < -1 || mount->VolumePim == INT_MAX - || mount->ProtectedHidVolPkcs5Prf < 0 || mount->ProtectedHidVolPkcs5Prf > LAST_PRF_ID - || (mount->bTrueCryptMode != FALSE && mount->bTrueCryptMode != TRUE) - ) - { - Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - Irp->IoStatus.Information = 0; - break; - } - - EnsureNullTerminatedString (mount->wszVolume, sizeof (mount->wszVolume)); - EnsureNullTerminatedString (mount->wszLabel, sizeof (mount->wszLabel)); - - Irp->IoStatus.Information = sizeof (MOUNT_STRUCT); - Irp->IoStatus.Status = MountDevice (DeviceObject, mount); - - burn (&mount->VolumePassword, sizeof (mount->VolumePassword)); - burn (&mount->ProtectedHidVolPassword, sizeof (mount->ProtectedHidVolPassword)); - burn (&mount->pkcs5_prf, sizeof (mount->pkcs5_prf)); - burn (&mount->VolumePim, sizeof (mount->VolumePim)); - burn (&mount->bTrueCryptMode, sizeof (mount->bTrueCryptMode)); - burn (&mount->ProtectedHidVolPkcs5Prf, sizeof (mount->ProtectedHidVolPkcs5Prf)); - burn (&mount->ProtectedHidVolPim, sizeof (mount->ProtectedHidVolPim)); - } - break; - - case TC_IOCTL_DISMOUNT_VOLUME: - if (ValidateIOBufferSize (Irp, sizeof (UNMOUNT_STRUCT), ValidateInputOutput)) - { - UNMOUNT_STRUCT *unmount = (UNMOUNT_STRUCT *) Irp->AssociatedIrp.SystemBuffer; - PDEVICE_OBJECT ListDevice = GetVirtualVolumeDeviceObject (unmount->nDosDriveNo); - - unmount->nReturnCode = ERR_DRIVE_NOT_FOUND; - - if (ListDevice) - { - PEXTENSION ListExtension = (PEXTENSION) ListDevice->DeviceExtension; - - if (IsVolumeAccessibleByCurrentUser (ListExtension)) - unmount->nReturnCode = UnmountDevice (unmount, ListDevice, unmount->ignoreOpenFiles); - } - - Irp->IoStatus.Information = sizeof (UNMOUNT_STRUCT); - Irp->IoStatus.Status = STATUS_SUCCESS; - } - break; - - case TC_IOCTL_DISMOUNT_ALL_VOLUMES: - if (ValidateIOBufferSize (Irp, sizeof (UNMOUNT_STRUCT), ValidateInputOutput)) - { - UNMOUNT_STRUCT *unmount = (UNMOUNT_STRUCT *) Irp->AssociatedIrp.SystemBuffer; - - unmount->nReturnCode = UnmountAllDevices (unmount, unmount->ignoreOpenFiles); - - Irp->IoStatus.Information = sizeof (UNMOUNT_STRUCT); - Irp->IoStatus.Status = STATUS_SUCCESS; - } - break; - - case TC_IOCTL_BOOT_ENCRYPTION_SETUP: - Irp->IoStatus.Status = StartBootEncryptionSetup (DeviceObject, Irp, irpSp); - Irp->IoStatus.Information = 0; - break; - - case TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP: - Irp->IoStatus.Status = AbortBootEncryptionSetup(); - Irp->IoStatus.Information = 0; - break; - - case TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS: - GetBootEncryptionStatus (Irp, irpSp); - break; - - case TC_IOCTL_GET_BOOT_ENCRYPTION_SETUP_RESULT: - Irp->IoStatus.Information = 0; - Irp->IoStatus.Status = GetSetupResult(); - break; - - case TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES: - GetBootDriveVolumeProperties (Irp, irpSp); - break; - - case TC_IOCTL_GET_BOOT_LOADER_VERSION: - GetBootLoaderVersion (Irp, irpSp); - break; - - case TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER: - ReopenBootVolumeHeader (Irp, irpSp); - break; - - case VC_IOCTL_GET_BOOT_LOADER_FINGERPRINT: - GetBootLoaderFingerprint (Irp, irpSp); - break; - - case TC_IOCTL_GET_BOOT_ENCRYPTION_ALGORITHM_NAME: - GetBootEncryptionAlgorithmName (Irp, irpSp); - break; - - case TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING: - if (ValidateIOBufferSize (Irp, sizeof (int), ValidateOutput)) - { - *(int *) Irp->AssociatedIrp.SystemBuffer = IsHiddenSystemRunning() ? 1 : 0; - Irp->IoStatus.Information = sizeof (int); - Irp->IoStatus.Status = STATUS_SUCCESS; - } - break; - - case TC_IOCTL_START_DECOY_SYSTEM_WIPE: - Irp->IoStatus.Status = StartDecoySystemWipe (DeviceObject, Irp, irpSp); - Irp->IoStatus.Information = 0; - break; - - case TC_IOCTL_ABORT_DECOY_SYSTEM_WIPE: - Irp->IoStatus.Status = AbortDecoySystemWipe(); - Irp->IoStatus.Information = 0; - break; - - case TC_IOCTL_GET_DECOY_SYSTEM_WIPE_RESULT: - Irp->IoStatus.Status = GetDecoySystemWipeResult(); - Irp->IoStatus.Information = 0; - break; - - case TC_IOCTL_GET_DECOY_SYSTEM_WIPE_STATUS: - GetDecoySystemWipeStatus (Irp, irpSp); - break; - - case TC_IOCTL_WRITE_BOOT_DRIVE_SECTOR: - Irp->IoStatus.Status = WriteBootDriveSector (Irp, irpSp); - Irp->IoStatus.Information = 0; - break; - - case TC_IOCTL_GET_WARNING_FLAGS: - if (ValidateIOBufferSize (Irp, sizeof (GetWarningFlagsRequest), ValidateOutput)) - { - GetWarningFlagsRequest *flags = (GetWarningFlagsRequest *) Irp->AssociatedIrp.SystemBuffer; - - flags->PagingFileCreationPrevented = PagingFileCreationPrevented; - PagingFileCreationPrevented = FALSE; - flags->SystemFavoriteVolumeDirty = SystemFavoriteVolumeDirty; - SystemFavoriteVolumeDirty = FALSE; - - Irp->IoStatus.Information = sizeof (GetWarningFlagsRequest); - Irp->IoStatus.Status = STATUS_SUCCESS; - } - break; - - case TC_IOCTL_SET_SYSTEM_FAVORITE_VOLUME_DIRTY: - if (UserCanAccessDriveDevice()) - { - SystemFavoriteVolumeDirty = TRUE; - Irp->IoStatus.Status = STATUS_SUCCESS; - } - else - Irp->IoStatus.Status = STATUS_ACCESS_DENIED; - - Irp->IoStatus.Information = 0; - break; - - case TC_IOCTL_REREAD_DRIVER_CONFIG: - Irp->IoStatus.Status = ReadRegistryConfigFlags (FALSE); - Irp->IoStatus.Information = 0; - break; - - case TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG: - if ( (ValidateIOBufferSize (Irp, sizeof (GetSystemDriveDumpConfigRequest), ValidateOutput)) - && (Irp->RequestorMode == KernelMode) - ) - { - GetSystemDriveDumpConfigRequest *request = (GetSystemDriveDumpConfigRequest *) Irp->AssociatedIrp.SystemBuffer; - - request->BootDriveFilterExtension = GetBootDriveFilterExtension(); - if (IsBootDriveMounted() && request->BootDriveFilterExtension) - { - request->HwEncryptionEnabled = IsHwEncryptionEnabled(); - Irp->IoStatus.Status = STATUS_SUCCESS; - Irp->IoStatus.Information = sizeof (*request); - } - else - { - Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; - Irp->IoStatus.Information = 0; - } - } - break; - - default: - return TCCompleteIrp (Irp, STATUS_INVALID_DEVICE_REQUEST, 0); - } - - -#ifdef DEBUG - if (!NT_SUCCESS (Irp->IoStatus.Status)) - { - switch (irpSp->Parameters.DeviceIoControl.IoControlCode) - { - case TC_IOCTL_GET_MOUNTED_VOLUMES: - case TC_IOCTL_GET_PASSWORD_CACHE_STATUS: - case TC_IOCTL_GET_PORTABLE_MODE_STATUS: - case TC_IOCTL_SET_PORTABLE_MODE_STATUS: - case TC_IOCTL_OPEN_TEST: - case TC_IOCTL_GET_RESOLVED_SYMLINK: - case TC_IOCTL_GET_DRIVE_PARTITION_INFO: - case TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES: - case TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS: - case TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING: - break; - - default: - Dump ("IOCTL error 0x%08x\n", Irp->IoStatus.Status); - } - } -#endif - - return TCCompleteIrp (Irp, Irp->IoStatus.Status, Irp->IoStatus.Information); -} - - -NTSTATUS TCStartThread (PKSTART_ROUTINE threadProc, PVOID threadArg, PKTHREAD *kThread) -{ - return TCStartThreadInProcess (threadProc, threadArg, kThread, NULL); -} - - -NTSTATUS TCStartThreadInProcess (PKSTART_ROUTINE threadProc, PVOID threadArg, PKTHREAD *kThread, PEPROCESS process) -{ - NTSTATUS status; - HANDLE threadHandle; - HANDLE processHandle = NULL; - OBJECT_ATTRIBUTES threadObjAttributes; - - if (process) - { - status = ObOpenObjectByPointer (process, OBJ_KERNEL_HANDLE, NULL, 0, NULL, KernelMode, &processHandle); - if (!NT_SUCCESS (status)) - return status; - } - - InitializeObjectAttributes (&threadObjAttributes, NULL, OBJ_KERNEL_HANDLE, NULL, NULL); - - status = PsCreateSystemThread (&threadHandle, THREAD_ALL_ACCESS, &threadObjAttributes, processHandle, NULL, threadProc, threadArg); - if (!NT_SUCCESS (status)) - return status; - - status = ObReferenceObjectByHandle (threadHandle, THREAD_ALL_ACCESS, NULL, KernelMode, (PVOID *) kThread, NULL); - if (!NT_SUCCESS (status)) - { - ZwClose (threadHandle); - *kThread = NULL; - return status; - } - - if (processHandle) - ZwClose (processHandle); - - ZwClose (threadHandle); - return STATUS_SUCCESS; -} - - -void TCStopThread (PKTHREAD kThread, PKEVENT wakeUpEvent) -{ - if (wakeUpEvent) - KeSetEvent (wakeUpEvent, 0, FALSE); - - KeWaitForSingleObject (kThread, Executive, KernelMode, FALSE, NULL); - ObDereferenceObject (kThread); -} - - -NTSTATUS TCStartVolumeThread (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, MOUNT_STRUCT * mount) -{ - PTHREAD_BLOCK pThreadBlock = TCalloc (sizeof (THREAD_BLOCK)); - HANDLE hThread; - NTSTATUS ntStatus; - OBJECT_ATTRIBUTES threadObjAttributes; - SECURITY_QUALITY_OF_SERVICE qos; - - Dump ("Starting thread...\n"); - - if (pThreadBlock == NULL) - { - return STATUS_INSUFFICIENT_RESOURCES; - } - else - { - pThreadBlock->DeviceObject = DeviceObject; - pThreadBlock->mount = mount; - } - - qos.Length = sizeof (qos); - qos.ContextTrackingMode = SECURITY_STATIC_TRACKING; - qos.EffectiveOnly = TRUE; - qos.ImpersonationLevel = SecurityImpersonation; - - ntStatus = SeCreateClientSecurity (PsGetCurrentThread(), &qos, FALSE, &Extension->SecurityClientContext); - if (!NT_SUCCESS (ntStatus)) - goto ret; - - Extension->SecurityClientContextValid = TRUE; - - Extension->bThreadShouldQuit = FALSE; - - InitializeObjectAttributes (&threadObjAttributes, NULL, OBJ_KERNEL_HANDLE, NULL, NULL); - - ntStatus = PsCreateSystemThread (&hThread, - THREAD_ALL_ACCESS, - &threadObjAttributes, - NULL, - NULL, - VolumeThreadProc, - pThreadBlock); - - if (!NT_SUCCESS (ntStatus)) - { - Dump ("PsCreateSystemThread Failed END\n"); - goto ret; - } - - ntStatus = ObReferenceObjectByHandle (hThread, - THREAD_ALL_ACCESS, - NULL, - KernelMode, - &Extension->peThread, - NULL); - - ZwClose (hThread); - - if (!NT_SUCCESS (ntStatus)) - goto ret; - - Dump ("Waiting for thread to initialize...\n"); - - KeWaitForSingleObject (&Extension->keCreateEvent, - Executive, - KernelMode, - FALSE, - NULL); - - Dump ("Waiting completed! Thread returns 0x%08x\n", pThreadBlock->ntCreateStatus); - ntStatus = pThreadBlock->ntCreateStatus; - -ret: - TCfree (pThreadBlock); - return ntStatus; -} - -void TCStopVolumeThread (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension) -{ - NTSTATUS ntStatus; - - UNREFERENCED_PARAMETER (DeviceObject); /* Remove compiler warning */ - - Dump ("Signalling thread to quit...\n"); - - Extension->bThreadShouldQuit = TRUE; - - KeReleaseSemaphore (&Extension->RequestSemaphore, - 0, - 1, - TRUE); - - ntStatus = KeWaitForSingleObject (Extension->peThread, - Executive, - KernelMode, - FALSE, - NULL); - - ASSERT (NT_SUCCESS (ntStatus)); - - ObDereferenceObject (Extension->peThread); - Extension->peThread = NULL; - - Dump ("Thread exited\n"); -} - - -// Suspend current thread for a number of milliseconds -void TCSleep (int milliSeconds) -{ - PKTIMER timer = (PKTIMER) TCalloc (sizeof (KTIMER)); - LARGE_INTEGER duetime; - - if (!timer) - return; - - duetime.QuadPart = (__int64) milliSeconds * -10000; - KeInitializeTimerEx(timer, NotificationTimer); - KeSetTimerEx(timer, duetime, 0, NULL); - - KeWaitForSingleObject (timer, Executive, KernelMode, FALSE, NULL); - - TCfree (timer); -} - -BOOL IsDeviceName(wchar_t wszVolume[TC_MAX_PATH]) -{ - if ( (wszVolume[0] == '\\') - && (wszVolume[1] == 'D' || wszVolume[1] == 'd') - && (wszVolume[2] == 'E' || wszVolume[2] == 'e') - && (wszVolume[3] == 'V' || wszVolume[3] == 'v') - && (wszVolume[4] == 'I' || wszVolume[4] == 'i') - && (wszVolume[5] == 'C' || wszVolume[5] == 'c') - && (wszVolume[6] == 'E' || wszVolume[6] == 'e') - ) - { - return TRUE; - } - else - return FALSE; -} - -/* VolumeThreadProc does all the work of processing IRP's, and dispatching them - to either the ReadWrite function or the DeviceControl function */ -VOID VolumeThreadProc (PVOID Context) -{ - PTHREAD_BLOCK pThreadBlock = (PTHREAD_BLOCK) Context; - PDEVICE_OBJECT DeviceObject = pThreadBlock->DeviceObject; - PEXTENSION Extension = (PEXTENSION) DeviceObject->DeviceExtension; - BOOL bDevice; - - /* Set thread priority to lowest realtime level. */ - KeSetPriorityThread (KeGetCurrentThread (), LOW_REALTIME_PRIORITY); - - Dump ("Mount THREAD OPENING VOLUME BEGIN\n"); - - if ( !IsDeviceName (pThreadBlock->mount->wszVolume)) - { - RtlStringCbCopyW (pThreadBlock->wszMountVolume, sizeof(pThreadBlock->wszMountVolume),WIDE ("\\??\\")); - RtlStringCbCatW (pThreadBlock->wszMountVolume, sizeof(pThreadBlock->wszMountVolume),pThreadBlock->mount->wszVolume); - bDevice = FALSE; - } - else - { - pThreadBlock->wszMountVolume[0] = 0; - RtlStringCbCatW (pThreadBlock->wszMountVolume, sizeof(pThreadBlock->wszMountVolume),pThreadBlock->mount->wszVolume); - bDevice = TRUE; - } - - Dump ("Mount THREAD request for File %ls DriveNumber %d Device = %d\n", - pThreadBlock->wszMountVolume, pThreadBlock->mount->nDosDriveNo, bDevice); - - pThreadBlock->ntCreateStatus = TCOpenVolume (DeviceObject, - Extension, - pThreadBlock->mount, - pThreadBlock->wszMountVolume, - bDevice); - - if (!NT_SUCCESS (pThreadBlock->ntCreateStatus) || pThreadBlock->mount->nReturnCode != 0) - { - KeSetEvent (&Extension->keCreateEvent, 0, FALSE); - PsTerminateSystemThread (STATUS_SUCCESS); - } - - // Start IO queue - Extension->Queue.IsFilterDevice = FALSE; - Extension->Queue.DeviceObject = DeviceObject; - Extension->Queue.CryptoInfo = Extension->cryptoInfo; - Extension->Queue.HostFileHandle = Extension->hDeviceFile; - Extension->Queue.VirtualDeviceLength = Extension->DiskLength; - Extension->Queue.MaxReadAheadOffset.QuadPart = Extension->HostLength; - - if (Extension->SecurityClientContextValid) - Extension->Queue.SecurityClientContext = &Extension->SecurityClientContext; - else - Extension->Queue.SecurityClientContext = NULL; - - pThreadBlock->ntCreateStatus = EncryptedIoQueueStart (&Extension->Queue); - - if (!NT_SUCCESS (pThreadBlock->ntCreateStatus)) - { - TCCloseVolume (DeviceObject, Extension); - - pThreadBlock->mount->nReturnCode = ERR_OS_ERROR; - KeSetEvent (&Extension->keCreateEvent, 0, FALSE); - PsTerminateSystemThread (STATUS_SUCCESS); - } - - KeSetEvent (&Extension->keCreateEvent, 0, FALSE); - /* From this point on pThreadBlock cannot be used as it will have been released! */ - pThreadBlock = NULL; - - for (;;) - { - /* Wait for a request from the dispatch routines. */ - KeWaitForSingleObject ((PVOID) & Extension->RequestSemaphore, Executive, KernelMode, FALSE, NULL); - - for (;;) - { - PIO_STACK_LOCATION irpSp; - PLIST_ENTRY request; - PIRP irp; - - request = ExInterlockedRemoveHeadList (&Extension->ListEntry, &Extension->ListSpinLock); - if (request == NULL) - break; - - irp = CONTAINING_RECORD (request, IRP, Tail.Overlay.ListEntry); - irpSp = IoGetCurrentIrpStackLocation (irp); - - ASSERT (irpSp->MajorFunction == IRP_MJ_DEVICE_CONTROL); - - ProcessVolumeDeviceControlIrp (DeviceObject, Extension, irp); - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, irp); - } - - if (Extension->bThreadShouldQuit) - { - Dump ("Closing volume\n"); - EncryptedIoQueueStop (&Extension->Queue); - - TCCloseVolume (DeviceObject, Extension); - PsTerminateSystemThread (STATUS_SUCCESS); - } - } -} - -void TCGetNTNameFromNumber (LPWSTR ntname, int cbNtName, int nDriveNo) -{ - WCHAR tmp[2] = - {0, 0}; - int j = nDriveNo + (WCHAR) 'A'; - - tmp[0] = (short) j; - RtlStringCbCopyW (ntname, cbNtName,(LPWSTR) NT_MOUNT_PREFIX); - RtlStringCbCatW (ntname, cbNtName, tmp); -} - -void TCGetDosNameFromNumber (LPWSTR dosname,int cbDosName, int nDriveNo, DeviceNamespaceType namespaceType) -{ - WCHAR tmp[3] = - {0, ':', 0}; - int j = nDriveNo + (WCHAR) 'A'; - - tmp[0] = (short) j; - - if (DeviceNamespaceGlobal == namespaceType) - { - RtlStringCbCopyW (dosname, cbDosName, (LPWSTR) DOS_MOUNT_PREFIX_GLOBAL); - } - else - { - RtlStringCbCopyW (dosname, cbDosName, (LPWSTR) DOS_MOUNT_PREFIX_DEFAULT); - } - - RtlStringCbCatW (dosname, cbDosName, tmp); -} - -#ifdef _DEBUG -LPWSTR TCTranslateCode (ULONG ulCode) -{ - switch (ulCode) - { -#define TC_CASE_RET_NAME(CODE) case CODE : return L###CODE - - TC_CASE_RET_NAME (TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP); - TC_CASE_RET_NAME (TC_IOCTL_ABORT_DECOY_SYSTEM_WIPE); - TC_CASE_RET_NAME (TC_IOCTL_BOOT_ENCRYPTION_SETUP); - TC_CASE_RET_NAME (TC_IOCTL_DISMOUNT_ALL_VOLUMES); - TC_CASE_RET_NAME (TC_IOCTL_DISMOUNT_VOLUME); - TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES); - TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_ENCRYPTION_ALGORITHM_NAME); - TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_ENCRYPTION_SETUP_RESULT); - TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS); - TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_LOADER_VERSION); - TC_CASE_RET_NAME (TC_IOCTL_GET_DECOY_SYSTEM_WIPE_RESULT); - TC_CASE_RET_NAME (TC_IOCTL_GET_DECOY_SYSTEM_WIPE_STATUS); - TC_CASE_RET_NAME (TC_IOCTL_GET_DEVICE_REFCOUNT); - TC_CASE_RET_NAME (TC_IOCTL_GET_DRIVE_GEOMETRY); - TC_CASE_RET_NAME (TC_IOCTL_GET_DRIVE_PARTITION_INFO); - TC_CASE_RET_NAME (TC_IOCTL_GET_DRIVER_VERSION); - TC_CASE_RET_NAME (TC_IOCTL_GET_MOUNTED_VOLUMES); - TC_CASE_RET_NAME (TC_IOCTL_GET_PASSWORD_CACHE_STATUS); - TC_CASE_RET_NAME (TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG); - TC_CASE_RET_NAME (TC_IOCTL_GET_PORTABLE_MODE_STATUS); - TC_CASE_RET_NAME (TC_IOCTL_SET_PORTABLE_MODE_STATUS); - TC_CASE_RET_NAME (TC_IOCTL_GET_RESOLVED_SYMLINK); - TC_CASE_RET_NAME (TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG); - TC_CASE_RET_NAME (TC_IOCTL_GET_VOLUME_PROPERTIES); - TC_CASE_RET_NAME (TC_IOCTL_GET_WARNING_FLAGS); - TC_CASE_RET_NAME (TC_IOCTL_DISK_IS_WRITABLE); - TC_CASE_RET_NAME (TC_IOCTL_IS_ANY_VOLUME_MOUNTED); - TC_CASE_RET_NAME (TC_IOCTL_IS_DRIVER_UNLOAD_DISABLED); - TC_CASE_RET_NAME (TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING); - TC_CASE_RET_NAME (TC_IOCTL_MOUNT_VOLUME); - TC_CASE_RET_NAME (TC_IOCTL_OPEN_TEST); - TC_CASE_RET_NAME (TC_IOCTL_PROBE_REAL_DRIVE_SIZE); - TC_CASE_RET_NAME (TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER); - TC_CASE_RET_NAME (TC_IOCTL_REREAD_DRIVER_CONFIG); - TC_CASE_RET_NAME (TC_IOCTL_SET_SYSTEM_FAVORITE_VOLUME_DIRTY); - TC_CASE_RET_NAME (TC_IOCTL_START_DECOY_SYSTEM_WIPE); - TC_CASE_RET_NAME (TC_IOCTL_WIPE_PASSWORD_CACHE); - TC_CASE_RET_NAME (TC_IOCTL_WRITE_BOOT_DRIVE_SECTOR); - - TC_CASE_RET_NAME (IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS); - -#undef TC_CASE_RET_NAME - } - - if (ulCode == IOCTL_DISK_GET_DRIVE_GEOMETRY) - return (LPWSTR) _T ("IOCTL_DISK_GET_DRIVE_GEOMETRY"); - else if (ulCode == IOCTL_DISK_GET_DRIVE_GEOMETRY_EX) - return (LPWSTR) _T ("IOCTL_DISK_GET_DRIVE_GEOMETRY_EX"); - else if (ulCode == IOCTL_MOUNTDEV_QUERY_DEVICE_NAME) - return (LPWSTR) _T ("IOCTL_MOUNTDEV_QUERY_DEVICE_NAME"); - else if (ulCode == IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME) - return (LPWSTR) _T ("IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME"); - else if (ulCode == IOCTL_MOUNTDEV_QUERY_UNIQUE_ID) - return (LPWSTR) _T ("IOCTL_MOUNTDEV_QUERY_UNIQUE_ID"); - else if (ulCode == IOCTL_VOLUME_ONLINE) - return (LPWSTR) _T ("IOCTL_VOLUME_ONLINE"); - else if (ulCode == IOCTL_MOUNTDEV_LINK_CREATED) - return (LPWSTR) _T ("IOCTL_MOUNTDEV_LINK_CREATED"); - else if (ulCode == IOCTL_MOUNTDEV_LINK_DELETED) - return (LPWSTR) _T ("IOCTL_MOUNTDEV_LINK_DELETED"); - else if (ulCode == IOCTL_MOUNTMGR_QUERY_POINTS) - return (LPWSTR) _T ("IOCTL_MOUNTMGR_QUERY_POINTS"); - else if (ulCode == IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_CREATED) - return (LPWSTR) _T ("IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_CREATED"); - else if (ulCode == IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_DELETED) - return (LPWSTR) _T ("IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_DELETED"); - else if (ulCode == IOCTL_DISK_GET_LENGTH_INFO) - return (LPWSTR) _T ("IOCTL_DISK_GET_LENGTH_INFO"); - else if (ulCode == IOCTL_STORAGE_GET_DEVICE_NUMBER) - return (LPWSTR) _T ("IOCTL_STORAGE_GET_DEVICE_NUMBER"); - else if (ulCode == IOCTL_DISK_GET_PARTITION_INFO) - return (LPWSTR) _T ("IOCTL_DISK_GET_PARTITION_INFO"); - else if (ulCode == IOCTL_DISK_GET_PARTITION_INFO_EX) - return (LPWSTR) _T ("IOCTL_DISK_GET_PARTITION_INFO_EX"); - else if (ulCode == IOCTL_DISK_SET_PARTITION_INFO) - return (LPWSTR) _T ("IOCTL_DISK_SET_PARTITION_INFO"); - else if (ulCode == IOCTL_DISK_GET_DRIVE_LAYOUT) - return (LPWSTR) _T ("IOCTL_DISK_GET_DRIVE_LAYOUT"); - else if (ulCode == IOCTL_DISK_SET_DRIVE_LAYOUT_EX) - return (LPWSTR) _T ("IOCTL_DISK_SET_DRIVE_LAYOUT_EX"); - else if (ulCode == IOCTL_DISK_VERIFY) - return (LPWSTR) _T ("IOCTL_DISK_VERIFY"); - else if (ulCode == IOCTL_DISK_FORMAT_TRACKS) - return (LPWSTR) _T ("IOCTL_DISK_FORMAT_TRACKS"); - else if (ulCode == IOCTL_DISK_REASSIGN_BLOCKS) - return (LPWSTR) _T ("IOCTL_DISK_REASSIGN_BLOCKS"); - else if (ulCode == IOCTL_DISK_PERFORMANCE) - return (LPWSTR) _T ("IOCTL_DISK_PERFORMANCE"); - else if (ulCode == IOCTL_DISK_IS_WRITABLE) - return (LPWSTR) _T ("IOCTL_DISK_IS_WRITABLE"); - else if (ulCode == IOCTL_DISK_LOGGING) - return (LPWSTR) _T ("IOCTL_DISK_LOGGING"); - else if (ulCode == IOCTL_DISK_FORMAT_TRACKS_EX) - return (LPWSTR) _T ("IOCTL_DISK_FORMAT_TRACKS_EX"); - else if (ulCode == IOCTL_DISK_HISTOGRAM_STRUCTURE) - return (LPWSTR) _T ("IOCTL_DISK_HISTOGRAM_STRUCTURE"); - else if (ulCode == IOCTL_DISK_HISTOGRAM_DATA) - return (LPWSTR) _T ("IOCTL_DISK_HISTOGRAM_DATA"); - else if (ulCode == IOCTL_DISK_HISTOGRAM_RESET) - return (LPWSTR) _T ("IOCTL_DISK_HISTOGRAM_RESET"); - else if (ulCode == IOCTL_DISK_REQUEST_STRUCTURE) - return (LPWSTR) _T ("IOCTL_DISK_REQUEST_STRUCTURE"); - else if (ulCode == IOCTL_DISK_REQUEST_DATA) - return (LPWSTR) _T ("IOCTL_DISK_REQUEST_DATA"); - else if (ulCode == IOCTL_DISK_CONTROLLER_NUMBER) - return (LPWSTR) _T ("IOCTL_DISK_CONTROLLER_NUMBER"); - else if (ulCode == SMART_GET_VERSION) - return (LPWSTR) _T ("SMART_GET_VERSION"); - else if (ulCode == SMART_SEND_DRIVE_COMMAND) - return (LPWSTR) _T ("SMART_SEND_DRIVE_COMMAND"); - else if (ulCode == SMART_RCV_DRIVE_DATA) - return (LPWSTR) _T ("SMART_RCV_DRIVE_DATA"); - else if (ulCode == IOCTL_DISK_INTERNAL_SET_VERIFY) - return (LPWSTR) _T ("IOCTL_DISK_INTERNAL_SET_VERIFY"); - else if (ulCode == IOCTL_DISK_INTERNAL_CLEAR_VERIFY) - return (LPWSTR) _T ("IOCTL_DISK_INTERNAL_CLEAR_VERIFY"); - else if (ulCode == IOCTL_DISK_CHECK_VERIFY) - return (LPWSTR) _T ("IOCTL_DISK_CHECK_VERIFY"); - else if (ulCode == IOCTL_DISK_MEDIA_REMOVAL) - return (LPWSTR) _T ("IOCTL_DISK_MEDIA_REMOVAL"); - else if (ulCode == IOCTL_DISK_EJECT_MEDIA) - return (LPWSTR) _T ("IOCTL_DISK_EJECT_MEDIA"); - else if (ulCode == IOCTL_DISK_LOAD_MEDIA) - return (LPWSTR) _T ("IOCTL_DISK_LOAD_MEDIA"); - else if (ulCode == IOCTL_DISK_RESERVE) - return (LPWSTR) _T ("IOCTL_DISK_RESERVE"); - else if (ulCode == IOCTL_DISK_RELEASE) - return (LPWSTR) _T ("IOCTL_DISK_RELEASE"); - else if (ulCode == IOCTL_DISK_FIND_NEW_DEVICES) - return (LPWSTR) _T ("IOCTL_DISK_FIND_NEW_DEVICES"); - else if (ulCode == IOCTL_DISK_GET_MEDIA_TYPES) - return (LPWSTR) _T ("IOCTL_DISK_GET_MEDIA_TYPES"); - else if (ulCode == IOCTL_STORAGE_SET_HOTPLUG_INFO) - return (LPWSTR) _T ("IOCTL_STORAGE_SET_HOTPLUG_INFO"); - else if (ulCode == IRP_MJ_READ) - return (LPWSTR) _T ("IRP_MJ_READ"); - else if (ulCode == IRP_MJ_WRITE) - return (LPWSTR) _T ("IRP_MJ_WRITE"); - else if (ulCode == IRP_MJ_CREATE) - return (LPWSTR) _T ("IRP_MJ_CREATE"); - else if (ulCode == IRP_MJ_CLOSE) - return (LPWSTR) _T ("IRP_MJ_CLOSE"); - else if (ulCode == IRP_MJ_CLEANUP) - return (LPWSTR) _T ("IRP_MJ_CLEANUP"); - else if (ulCode == IRP_MJ_FLUSH_BUFFERS) - return (LPWSTR) _T ("IRP_MJ_FLUSH_BUFFERS"); - else if (ulCode == IRP_MJ_SHUTDOWN) - return (LPWSTR) _T ("IRP_MJ_SHUTDOWN"); - else if (ulCode == IRP_MJ_DEVICE_CONTROL) - return (LPWSTR) _T ("IRP_MJ_DEVICE_CONTROL"); - else - { - return (LPWSTR) _T ("IOCTL"); - } -} - -#endif - -void TCDeleteDeviceObject (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension) -{ - UNICODE_STRING Win32NameString; - NTSTATUS ntStatus; - - Dump ("TCDeleteDeviceObject BEGIN\n"); - - if (Extension->bRootDevice) - { - RtlInitUnicodeString (&Win32NameString, (LPWSTR) DOS_ROOT_PREFIX); - ntStatus = IoDeleteSymbolicLink (&Win32NameString); - if (!NT_SUCCESS (ntStatus)) - Dump ("IoDeleteSymbolicLink failed ntStatus = 0x%08x\n", ntStatus); - - RootDeviceObject = NULL; - } - else - { - if (Extension->peThread != NULL) - TCStopVolumeThread (DeviceObject, Extension); - - if (Extension->UserSid) - TCfree (Extension->UserSid); - - if (Extension->SecurityClientContextValid) - { - if (OsMajorVersion == 5 && OsMinorVersion == 0) - { - ObDereferenceObject (Extension->SecurityClientContext.ClientToken); - } - else - { - // Windows 2000 does not support PsDereferenceImpersonationToken() used by SeDeleteClientSecurity(). - // TODO: Use only SeDeleteClientSecurity() once support for Windows 2000 is dropped. - - VOID (*PsDereferenceImpersonationTokenD) (PACCESS_TOKEN ImpersonationToken); - UNICODE_STRING name; - RtlInitUnicodeString (&name, L"PsDereferenceImpersonationToken"); - - PsDereferenceImpersonationTokenD = MmGetSystemRoutineAddress (&name); - if (!PsDereferenceImpersonationTokenD) - TC_BUG_CHECK (STATUS_NOT_IMPLEMENTED); - -# define PsDereferencePrimaryToken -# define PsDereferenceImpersonationToken PsDereferenceImpersonationTokenD - - SeDeleteClientSecurity (&Extension->SecurityClientContext); - -# undef PsDereferencePrimaryToken -# undef PsDereferenceImpersonationToken - } - } - - VirtualVolumeDeviceObjects[Extension->nDosDriveNo] = NULL; - } - - IoDeleteDevice (DeviceObject); - - Dump ("TCDeleteDeviceObject END\n"); -} - - -VOID TCUnloadDriver (PDRIVER_OBJECT DriverObject) -{ - Dump ("TCUnloadDriver BEGIN\n"); - - OnShutdownPending(); - - if (IsBootDriveMounted()) - TC_BUG_CHECK (STATUS_INVALID_DEVICE_STATE); - - EncryptionThreadPoolStop(); - TCDeleteDeviceObject (RootDeviceObject, (PEXTENSION) RootDeviceObject->DeviceExtension); - - Dump ("TCUnloadDriver END\n"); -} - - -void OnShutdownPending () -{ - UNMOUNT_STRUCT unmount; - memset (&unmount, 0, sizeof (unmount)); - unmount.ignoreOpenFiles = TRUE; - - while (SendDeviceIoControlRequest (RootDeviceObject, TC_IOCTL_DISMOUNT_ALL_VOLUMES, &unmount, sizeof (unmount), &unmount, sizeof (unmount)) == STATUS_INSUFFICIENT_RESOURCES || unmount.HiddenVolumeProtectionTriggered) - unmount.HiddenVolumeProtectionTriggered = FALSE; - - while (SendDeviceIoControlRequest (RootDeviceObject, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0) == STATUS_INSUFFICIENT_RESOURCES); -} - - -NTSTATUS TCDeviceIoControl (PWSTR deviceName, ULONG IoControlCode, void *InputBuffer, ULONG InputBufferSize, void *OutputBuffer, ULONG OutputBufferSize) -{ - IO_STATUS_BLOCK ioStatusBlock; - NTSTATUS ntStatus; - PIRP irp; - PFILE_OBJECT fileObject; - PDEVICE_OBJECT deviceObject; - KEVENT event; - UNICODE_STRING name; - - RtlInitUnicodeString(&name, deviceName); - ntStatus = IoGetDeviceObjectPointer (&name, FILE_READ_ATTRIBUTES, &fileObject, &deviceObject); - - if (!NT_SUCCESS (ntStatus)) - return ntStatus; - - KeInitializeEvent(&event, NotificationEvent, FALSE); - - irp = IoBuildDeviceIoControlRequest (IoControlCode, - deviceObject, - InputBuffer, InputBufferSize, - OutputBuffer, OutputBufferSize, - FALSE, - &event, - &ioStatusBlock); - - if (irp == NULL) - { - Dump ("IRP allocation failed\n"); - ntStatus = STATUS_INSUFFICIENT_RESOURCES; - goto ret; - } - - IoGetNextIrpStackLocation (irp)->FileObject = fileObject; - - ntStatus = IoCallDriver (deviceObject, irp); - if (ntStatus == STATUS_PENDING) - { - KeWaitForSingleObject (&event, Executive, KernelMode, FALSE, NULL); - ntStatus = ioStatusBlock.Status; - } - -ret: - ObDereferenceObject (fileObject); - return ntStatus; -} - - -typedef struct -{ - PDEVICE_OBJECT deviceObject; ULONG ioControlCode; void *inputBuffer; int inputBufferSize; void *outputBuffer; int outputBufferSize; - NTSTATUS Status; - KEVENT WorkItemCompletedEvent; -} SendDeviceIoControlRequestWorkItemArgs; - - -static VOID SendDeviceIoControlRequestWorkItemRoutine (PDEVICE_OBJECT rootDeviceObject, SendDeviceIoControlRequestWorkItemArgs *arg) -{ - arg->Status = SendDeviceIoControlRequest (arg->deviceObject, arg->ioControlCode, arg->inputBuffer, arg->inputBufferSize, arg->outputBuffer, arg->outputBufferSize); - KeSetEvent (&arg->WorkItemCompletedEvent, IO_NO_INCREMENT, FALSE); -} - - -NTSTATUS SendDeviceIoControlRequest (PDEVICE_OBJECT deviceObject, ULONG ioControlCode, void *inputBuffer, int inputBufferSize, void *outputBuffer, int outputBufferSize) -{ - IO_STATUS_BLOCK ioStatusBlock; - NTSTATUS status; - PIRP irp; - KEVENT event; - - if (KeGetCurrentIrql() > APC_LEVEL) - { - SendDeviceIoControlRequestWorkItemArgs args; - - PIO_WORKITEM workItem = IoAllocateWorkItem (RootDeviceObject); - if (!workItem) - return STATUS_INSUFFICIENT_RESOURCES; - - args.deviceObject = deviceObject; - args.ioControlCode = ioControlCode; - args.inputBuffer = inputBuffer; - args.inputBufferSize = inputBufferSize; - args.outputBuffer = outputBuffer; - args.outputBufferSize = outputBufferSize; - - KeInitializeEvent (&args.WorkItemCompletedEvent, SynchronizationEvent, FALSE); - IoQueueWorkItem (workItem, SendDeviceIoControlRequestWorkItemRoutine, DelayedWorkQueue, &args); - - KeWaitForSingleObject (&args.WorkItemCompletedEvent, Executive, KernelMode, FALSE, NULL); - IoFreeWorkItem (workItem); - - return args.Status; - } - - KeInitializeEvent (&event, NotificationEvent, FALSE); - - irp = IoBuildDeviceIoControlRequest (ioControlCode, deviceObject, inputBuffer, inputBufferSize, - outputBuffer, outputBufferSize, FALSE, &event, &ioStatusBlock); - - if (!irp) - return STATUS_INSUFFICIENT_RESOURCES; - - ObReferenceObject (deviceObject); - - status = IoCallDriver (deviceObject, irp); - if (status == STATUS_PENDING) - { - KeWaitForSingleObject (&event, Executive, KernelMode, FALSE, NULL); - status = ioStatusBlock.Status; - } - - ObDereferenceObject (deviceObject); - return status; -} - - -NTSTATUS ProbeRealDriveSize (PDEVICE_OBJECT driveDeviceObject, LARGE_INTEGER *driveSize) -{ - NTSTATUS status; - LARGE_INTEGER sysLength; - LARGE_INTEGER offset; - byte *sectorBuffer; - ULONGLONG startTime; - - if (!UserCanAccessDriveDevice()) - return STATUS_ACCESS_DENIED; - - sectorBuffer = TCalloc (TC_SECTOR_SIZE_BIOS); - if (!sectorBuffer) - return STATUS_INSUFFICIENT_RESOURCES; - - status = SendDeviceIoControlRequest (driveDeviceObject, IOCTL_DISK_GET_LENGTH_INFO, - NULL, 0, &sysLength, sizeof (sysLength)); - - if (!NT_SUCCESS (status)) - { - Dump ("Failed to get drive size - error %x\n", status); - TCfree (sectorBuffer); - return status; - } - - startTime = KeQueryInterruptTime (); - for (offset.QuadPart = sysLength.QuadPart; ; offset.QuadPart += TC_SECTOR_SIZE_BIOS) - { - status = TCReadDevice (driveDeviceObject, sectorBuffer, offset, TC_SECTOR_SIZE_BIOS); - - if (NT_SUCCESS (status)) - status = TCWriteDevice (driveDeviceObject, sectorBuffer, offset, TC_SECTOR_SIZE_BIOS); - - if (!NT_SUCCESS (status)) - { - driveSize->QuadPart = offset.QuadPart; - Dump ("Real drive size = %I64d bytes (%I64d hidden)\n", driveSize->QuadPart, driveSize->QuadPart - sysLength.QuadPart); - TCfree (sectorBuffer); - return STATUS_SUCCESS; - } - - if (KeQueryInterruptTime() - startTime > 3ULL * 60 * 1000 * 1000 * 10) - { - // Abort if probing for more than 3 minutes - driveSize->QuadPart = sysLength.QuadPart; - TCfree (sectorBuffer); - return STATUS_TIMEOUT; - } - } -} - - -NTSTATUS TCOpenFsVolume (PEXTENSION Extension, PHANDLE volumeHandle, PFILE_OBJECT * fileObject) -{ - NTSTATUS ntStatus; - OBJECT_ATTRIBUTES objectAttributes; - UNICODE_STRING fullFileName; - IO_STATUS_BLOCK ioStatus; - WCHAR volumeName[TC_MAX_PATH]; - - TCGetNTNameFromNumber (volumeName, sizeof(volumeName),Extension->nDosDriveNo); - RtlInitUnicodeString (&fullFileName, volumeName); - InitializeObjectAttributes (&objectAttributes, &fullFileName, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL); - - ntStatus = ZwCreateFile (volumeHandle, - SYNCHRONIZE | GENERIC_READ, - &objectAttributes, - &ioStatus, - NULL, - FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_READ | FILE_SHARE_WRITE, - FILE_OPEN, - FILE_SYNCHRONOUS_IO_NONALERT, - NULL, - 0); - - Dump ("Volume %ls open NTSTATUS 0x%08x\n", volumeName, ntStatus); - - if (!NT_SUCCESS (ntStatus)) - return ntStatus; - - ntStatus = ObReferenceObjectByHandle (*volumeHandle, - FILE_READ_DATA, - NULL, - KernelMode, - fileObject, - NULL); - - if (!NT_SUCCESS (ntStatus)) - ZwClose (*volumeHandle); - - return ntStatus; -} - - -void TCCloseFsVolume (HANDLE volumeHandle, PFILE_OBJECT fileObject) -{ - ObDereferenceObject (fileObject); - ZwClose (volumeHandle); -} - - -static NTSTATUS TCReadWriteDevice (BOOL write, PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length) -{ - NTSTATUS status; - IO_STATUS_BLOCK ioStatusBlock; - PIRP irp; - KEVENT completionEvent; - - ASSERT (KeGetCurrentIrql() <= APC_LEVEL); - - KeInitializeEvent (&completionEvent, NotificationEvent, FALSE); - irp = IoBuildSynchronousFsdRequest (write ? IRP_MJ_WRITE : IRP_MJ_READ, deviceObject, buffer, length, &offset, &completionEvent, &ioStatusBlock); - if (!irp) - return STATUS_INSUFFICIENT_RESOURCES; - - ObReferenceObject (deviceObject); - status = IoCallDriver (deviceObject, irp); - - if (status == STATUS_PENDING) - { - status = KeWaitForSingleObject (&completionEvent, Executive, KernelMode, FALSE, NULL); - if (NT_SUCCESS (status)) - status = ioStatusBlock.Status; - } - - ObDereferenceObject (deviceObject); - return status; -} - - -NTSTATUS TCReadDevice (PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length) -{ - return TCReadWriteDevice (FALSE, deviceObject, buffer, offset, length); -} - - -NTSTATUS TCWriteDevice (PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length) -{ - return TCReadWriteDevice (TRUE, deviceObject, buffer, offset, length); -} - - -NTSTATUS TCFsctlCall (PFILE_OBJECT fileObject, LONG IoControlCode, - void *InputBuffer, int InputBufferSize, void *OutputBuffer, int OutputBufferSize) -{ - IO_STATUS_BLOCK ioStatusBlock; - NTSTATUS ntStatus; - PIRP irp; - KEVENT event; - PIO_STACK_LOCATION stack; - PDEVICE_OBJECT deviceObject = IoGetRelatedDeviceObject (fileObject); - - KeInitializeEvent(&event, NotificationEvent, FALSE); - - irp = IoBuildDeviceIoControlRequest (IoControlCode, - deviceObject, - InputBuffer, InputBufferSize, - OutputBuffer, OutputBufferSize, - FALSE, - &event, - &ioStatusBlock); - - if (irp == NULL) - return STATUS_INSUFFICIENT_RESOURCES; - - stack = IoGetNextIrpStackLocation(irp); - - stack->MajorFunction = IRP_MJ_FILE_SYSTEM_CONTROL; - stack->MinorFunction = IRP_MN_USER_FS_REQUEST; - stack->FileObject = fileObject; - - ntStatus = IoCallDriver (deviceObject, irp); - if (ntStatus == STATUS_PENDING) - { - KeWaitForSingleObject (&event, Executive, KernelMode, FALSE, NULL); - ntStatus = ioStatusBlock.Status; - } - - return ntStatus; -} - - -NTSTATUS CreateDriveLink (int nDosDriveNo) -{ - WCHAR dev[128], link[128]; - UNICODE_STRING deviceName, symLink; - NTSTATUS ntStatus; - - TCGetNTNameFromNumber (dev, sizeof(dev),nDosDriveNo); - TCGetDosNameFromNumber (link, sizeof(link),nDosDriveNo, DeviceNamespaceDefault); - - RtlInitUnicodeString (&deviceName, dev); - RtlInitUnicodeString (&symLink, link); - - ntStatus = IoCreateSymbolicLink (&symLink, &deviceName); - Dump ("IoCreateSymbolicLink returned %X\n", ntStatus); - return ntStatus; -} - - -NTSTATUS RemoveDriveLink (int nDosDriveNo) -{ - WCHAR link[256]; - UNICODE_STRING symLink; - NTSTATUS ntStatus; - - TCGetDosNameFromNumber (link, sizeof(link),nDosDriveNo, DeviceNamespaceDefault); - RtlInitUnicodeString (&symLink, link); - - ntStatus = IoDeleteSymbolicLink (&symLink); - Dump ("IoDeleteSymbolicLink returned %X\n", ntStatus); - return ntStatus; -} - - -NTSTATUS MountManagerMount (MOUNT_STRUCT *mount) -{ - NTSTATUS ntStatus; - WCHAR arrVolume[256]; - char buf[200]; - PMOUNTMGR_TARGET_NAME in = (PMOUNTMGR_TARGET_NAME) buf; - PMOUNTMGR_CREATE_POINT_INPUT point = (PMOUNTMGR_CREATE_POINT_INPUT) buf; - - TCGetNTNameFromNumber (arrVolume, sizeof(arrVolume),mount->nDosDriveNo); - in->DeviceNameLength = (USHORT) wcslen (arrVolume) * 2; - RtlStringCbCopyW(in->DeviceName, sizeof(buf) - sizeof(in->DeviceNameLength),arrVolume); - - ntStatus = TCDeviceIoControl (MOUNTMGR_DEVICE_NAME, IOCTL_MOUNTMGR_VOLUME_ARRIVAL_NOTIFICATION, - in, (ULONG) (sizeof (in->DeviceNameLength) + wcslen (arrVolume) * 2), 0, 0); - - memset (buf, 0, sizeof buf); - TCGetDosNameFromNumber ((PWSTR) &point[1], sizeof(buf) - sizeof(MOUNTMGR_CREATE_POINT_INPUT),mount->nDosDriveNo, DeviceNamespaceDefault); - - point->SymbolicLinkNameOffset = sizeof (MOUNTMGR_CREATE_POINT_INPUT); - point->SymbolicLinkNameLength = (USHORT) wcslen ((PWSTR) &point[1]) * 2; - - point->DeviceNameOffset = point->SymbolicLinkNameOffset + point->SymbolicLinkNameLength; - TCGetNTNameFromNumber ((PWSTR) (buf + point->DeviceNameOffset), sizeof(buf) - point->DeviceNameOffset,mount->nDosDriveNo); - point->DeviceNameLength = (USHORT) wcslen ((PWSTR) (buf + point->DeviceNameOffset)) * 2; - - ntStatus = TCDeviceIoControl (MOUNTMGR_DEVICE_NAME, IOCTL_MOUNTMGR_CREATE_POINT, point, - point->DeviceNameOffset + point->DeviceNameLength, 0, 0); - - return ntStatus; -} - - -NTSTATUS MountManagerUnmount (int nDosDriveNo) -{ - NTSTATUS ntStatus; - char buf[256], out[300]; - PMOUNTMGR_MOUNT_POINT in = (PMOUNTMGR_MOUNT_POINT) buf; - - memset (buf, 0, sizeof buf); - - TCGetDosNameFromNumber ((PWSTR) &in[1], sizeof(buf) - sizeof(MOUNTMGR_MOUNT_POINT),nDosDriveNo, DeviceNamespaceDefault); - - // Only symbolic link can be deleted with IOCTL_MOUNTMGR_DELETE_POINTS. If any other entry is specified, the mount manager will ignore subsequent IOCTL_MOUNTMGR_VOLUME_ARRIVAL_NOTIFICATION for the same volume ID. - in->SymbolicLinkNameOffset = sizeof (MOUNTMGR_MOUNT_POINT); - in->SymbolicLinkNameLength = (USHORT) wcslen ((PWCHAR) &in[1]) * 2; - - ntStatus = TCDeviceIoControl (MOUNTMGR_DEVICE_NAME, IOCTL_MOUNTMGR_DELETE_POINTS, - in, sizeof(MOUNTMGR_MOUNT_POINT) + in->SymbolicLinkNameLength, out, sizeof out); - - Dump ("IOCTL_MOUNTMGR_DELETE_POINTS returned 0x%08x\n", ntStatus); - - return ntStatus; -} - - -NTSTATUS MountDevice (PDEVICE_OBJECT DeviceObject, MOUNT_STRUCT *mount) -{ - PDEVICE_OBJECT NewDeviceObject; - NTSTATUS ntStatus; - - // Make sure the user is asking for a reasonable nDosDriveNo - if (mount->nDosDriveNo >= 0 && mount->nDosDriveNo <= 25 - && IsDriveLetterAvailable (mount->nDosDriveNo, DeviceNamespaceDefault) // drive letter must not exist both locally and globally - && IsDriveLetterAvailable (mount->nDosDriveNo, DeviceNamespaceGlobal) - ) - { - Dump ("Mount request looks valid\n"); - } - else - { - Dump ("WARNING: MOUNT DRIVE LETTER INVALID\n"); - mount->nReturnCode = ERR_DRIVE_NOT_FOUND; - return ERR_DRIVE_NOT_FOUND; - } - - if (!SelfTestsPassed) - { - mount->nReturnCode = ERR_SELF_TESTS_FAILED; - return ERR_SELF_TESTS_FAILED; - } - - ntStatus = TCCreateDeviceObject (DeviceObject->DriverObject, &NewDeviceObject, mount); - - if (!NT_SUCCESS (ntStatus)) - { - Dump ("Mount CREATE DEVICE ERROR, ntStatus = 0x%08x\n", ntStatus); - return ntStatus; - } - else - { - PEXTENSION NewExtension = (PEXTENSION) NewDeviceObject->DeviceExtension; - SECURITY_SUBJECT_CONTEXT subContext; - PACCESS_TOKEN accessToken; - - SeCaptureSubjectContext (&subContext); - SeLockSubjectContext(&subContext); - if (subContext.ClientToken && subContext.ImpersonationLevel >= SecurityImpersonation) - accessToken = subContext.ClientToken; - else - accessToken = subContext.PrimaryToken; - - if (!accessToken) - { - ntStatus = STATUS_INVALID_PARAMETER; - } - else - { - PTOKEN_USER tokenUser; - - ntStatus = SeQueryInformationToken (accessToken, TokenUser, &tokenUser); - if (NT_SUCCESS (ntStatus)) - { - ULONG sidLength = RtlLengthSid (tokenUser->User.Sid); - - NewExtension->UserSid = TCalloc (sidLength); - if (!NewExtension->UserSid) - ntStatus = STATUS_INSUFFICIENT_RESOURCES; - else - ntStatus = RtlCopySid (sidLength, NewExtension->UserSid, tokenUser->User.Sid); - - ExFreePool (tokenUser); // Documented in newer versions of WDK - } - } - - SeUnlockSubjectContext(&subContext); - SeReleaseSubjectContext (&subContext); - - if (NT_SUCCESS (ntStatus)) - ntStatus = TCStartVolumeThread (NewDeviceObject, NewExtension, mount); - - if (!NT_SUCCESS (ntStatus)) - { - Dump ("Mount FAILURE NT ERROR, ntStatus = 0x%08x\n", ntStatus); - TCDeleteDeviceObject (NewDeviceObject, NewExtension); - return ntStatus; - } - else - { - if (mount->nReturnCode == 0) - { - HANDLE volumeHandle; - PFILE_OBJECT volumeFileObject; - ULONG labelLen = (ULONG) wcslen (mount->wszLabel); - BOOL bIsNTFS = FALSE; - ULONG labelMaxLen, labelEffectiveLen; - - Dump ("Mount SUCCESS TC code = 0x%08x READ-ONLY = %d\n", mount->nReturnCode, NewExtension->bReadOnly); - - if (NewExtension->bReadOnly) - NewDeviceObject->Characteristics |= FILE_READ_ONLY_DEVICE; - - NewDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING; - - NewExtension->UniqueVolumeId = LastUniqueVolumeId++; - - // check again that the drive letter is available globally and locally - if ( !IsDriveLetterAvailable (mount->nDosDriveNo, DeviceNamespaceDefault) - || !IsDriveLetterAvailable (mount->nDosDriveNo, DeviceNamespaceGlobal) - ) - { - TCDeleteDeviceObject (NewDeviceObject, NewExtension); - mount->nReturnCode = ERR_DRIVE_NOT_FOUND; - return ERR_DRIVE_NOT_FOUND; - } - - if (mount->bMountManager) - MountManagerMount (mount); - - NewExtension->bMountManager = mount->bMountManager; - - // We create symbolic link even if mount manager is notified of - // arriving volume as it apparently sometimes fails to create the link - CreateDriveLink (mount->nDosDriveNo); - - mount->FilesystemDirty = FALSE; - - if (NT_SUCCESS (TCOpenFsVolume (NewExtension, &volumeHandle, &volumeFileObject))) - { - __try - { - ULONG fsStatus; - - if (NT_SUCCESS (TCFsctlCall (volumeFileObject, FSCTL_IS_VOLUME_DIRTY, NULL, 0, &fsStatus, sizeof (fsStatus))) - && (fsStatus & VOLUME_IS_DIRTY)) - { - mount->FilesystemDirty = TRUE; - } - } - __except (EXCEPTION_EXECUTE_HANDLER) - { - mount->FilesystemDirty = TRUE; - } - - // detect if the filesystem is NTFS or FAT - __try - { - NTFS_VOLUME_DATA_BUFFER ntfsData; - if (NT_SUCCESS (TCFsctlCall (volumeFileObject, FSCTL_GET_NTFS_VOLUME_DATA, NULL, 0, &ntfsData, sizeof (ntfsData)))) - { - bIsNTFS = TRUE; - } - } - __except (EXCEPTION_EXECUTE_HANDLER) - { - bIsNTFS = FALSE; - } - - NewExtension->bIsNTFS = bIsNTFS; - mount->bIsNTFS = bIsNTFS; - - if (labelLen > 0) - { - if (bIsNTFS) - labelMaxLen = 32; // NTFS maximum label length - else - labelMaxLen = 11; // FAT maximum label length - - // calculate label effective length - labelEffectiveLen = labelLen > labelMaxLen? labelMaxLen : labelLen; - - // correct the label in the device - memset (&NewExtension->wszLabel[labelEffectiveLen], 0, 33 - labelEffectiveLen); - memcpy (mount->wszLabel, NewExtension->wszLabel, 33); - - // set the volume label - __try - { - IO_STATUS_BLOCK ioblock; - ULONG labelInfoSize = sizeof(FILE_FS_LABEL_INFORMATION) + (labelEffectiveLen * sizeof(WCHAR)); - FILE_FS_LABEL_INFORMATION* labelInfo = (FILE_FS_LABEL_INFORMATION*) TCalloc (labelInfoSize); - labelInfo->VolumeLabelLength = labelEffectiveLen * sizeof(WCHAR); - memcpy (labelInfo->VolumeLabel, mount->wszLabel, labelInfo->VolumeLabelLength); - - if (STATUS_SUCCESS == ZwSetVolumeInformationFile (volumeHandle, &ioblock, labelInfo, labelInfoSize, FileFsLabelInformation)) - { - mount->bDriverSetLabel = TRUE; - NewExtension->bDriverSetLabel = TRUE; - } - - TCfree(labelInfo); - } - __except (EXCEPTION_EXECUTE_HANDLER) - { - - } - } - - TCCloseFsVolume (volumeHandle, volumeFileObject); - } - } - else - { - Dump ("Mount FAILURE TC code = 0x%08x\n", mount->nReturnCode); - TCDeleteDeviceObject (NewDeviceObject, NewExtension); - } - - return STATUS_SUCCESS; - } - } -} - -NTSTATUS UnmountDevice (UNMOUNT_STRUCT *unmountRequest, PDEVICE_OBJECT deviceObject, BOOL ignoreOpenFiles) -{ - PEXTENSION extension = deviceObject->DeviceExtension; - NTSTATUS ntStatus; - HANDLE volumeHandle; - PFILE_OBJECT volumeFileObject; - - Dump ("UnmountDevice %d\n", extension->nDosDriveNo); - - ntStatus = TCOpenFsVolume (extension, &volumeHandle, &volumeFileObject); - - if (NT_SUCCESS (ntStatus)) - { - int dismountRetry; - - // Dismounting a writable NTFS filesystem prevents the driver from being unloaded on Windows 7 - if (IsOSAtLeast (WIN_7) && !extension->bReadOnly) - { - NTFS_VOLUME_DATA_BUFFER ntfsData; - - if (NT_SUCCESS (TCFsctlCall (volumeFileObject, FSCTL_GET_NTFS_VOLUME_DATA, NULL, 0, &ntfsData, sizeof (ntfsData)))) - DriverUnloadDisabled = TRUE; - } - - // Lock volume - ntStatus = TCFsctlCall (volumeFileObject, FSCTL_LOCK_VOLUME, NULL, 0, NULL, 0); - Dump ("FSCTL_LOCK_VOLUME returned %X\n", ntStatus); - - if (!NT_SUCCESS (ntStatus) && !ignoreOpenFiles) - { - TCCloseFsVolume (volumeHandle, volumeFileObject); - return ERR_FILES_OPEN; - } - - // Dismount volume - for (dismountRetry = 0; dismountRetry < 200; ++dismountRetry) - { - ntStatus = TCFsctlCall (volumeFileObject, FSCTL_DISMOUNT_VOLUME, NULL, 0, NULL, 0); - Dump ("FSCTL_DISMOUNT_VOLUME returned %X\n", ntStatus); - - if (NT_SUCCESS (ntStatus) || ntStatus == STATUS_VOLUME_DISMOUNTED) - break; - - if (!ignoreOpenFiles) - { - TCCloseFsVolume (volumeHandle, volumeFileObject); - return ERR_FILES_OPEN; - } - - TCSleep (100); - } - } - else - { - // Volume cannot be opened => force dismount if allowed - if (!ignoreOpenFiles) - return ERR_FILES_OPEN; - else - volumeHandle = NULL; - } - - if (extension->bMountManager) - MountManagerUnmount (extension->nDosDriveNo); - - // We always remove symbolic link as mount manager might fail to do so - RemoveDriveLink (extension->nDosDriveNo); - - extension->bShuttingDown = TRUE; - - ntStatus = IoAcquireRemoveLock (&extension->Queue.RemoveLock, NULL); - ASSERT (NT_SUCCESS (ntStatus)); - IoReleaseRemoveLockAndWait (&extension->Queue.RemoveLock, NULL); - - if (volumeHandle != NULL) - TCCloseFsVolume (volumeHandle, volumeFileObject); - - if (unmountRequest) - { - PCRYPTO_INFO cryptoInfo = ((PEXTENSION) deviceObject->DeviceExtension)->cryptoInfo; - unmountRequest->HiddenVolumeProtectionTriggered = (cryptoInfo->bProtectHiddenVolume && cryptoInfo->bHiddenVolProtectionAction); - } - - TCDeleteDeviceObject (deviceObject, (PEXTENSION) deviceObject->DeviceExtension); - return 0; -} - - -static PDEVICE_OBJECT FindVolumeWithHighestUniqueId (int maxUniqueId) -{ - PDEVICE_OBJECT highestIdDevice = NULL; - int highestId = -1; - int drive; - - for (drive = MIN_MOUNTED_VOLUME_DRIVE_NUMBER; drive <= MAX_MOUNTED_VOLUME_DRIVE_NUMBER; ++drive) - { - PDEVICE_OBJECT device = GetVirtualVolumeDeviceObject (drive); - if (device) - { - PEXTENSION extension = (PEXTENSION) device->DeviceExtension; - if (extension->UniqueVolumeId > highestId && extension->UniqueVolumeId <= maxUniqueId) - { - highestId = extension->UniqueVolumeId; - highestIdDevice = device; - } - } - } - - return highestIdDevice; -} - - -NTSTATUS UnmountAllDevices (UNMOUNT_STRUCT *unmountRequest, BOOL ignoreOpenFiles) -{ - NTSTATUS status = 0; - PDEVICE_OBJECT ListDevice; - int maxUniqueId = LastUniqueVolumeId; - - Dump ("Unmounting all volumes\n"); - - if (unmountRequest) - unmountRequest->HiddenVolumeProtectionTriggered = FALSE; - - // Dismount volumes in the reverse order they were mounted to properly dismount nested volumes - while ((ListDevice = FindVolumeWithHighestUniqueId (maxUniqueId)) != NULL) - { - PEXTENSION ListExtension = (PEXTENSION) ListDevice->DeviceExtension; - maxUniqueId = ListExtension->UniqueVolumeId - 1; - - if (IsVolumeAccessibleByCurrentUser (ListExtension)) - { - NTSTATUS ntStatus; - - if (unmountRequest) - unmountRequest->nDosDriveNo = ListExtension->nDosDriveNo; - - ntStatus = UnmountDevice (unmountRequest, ListDevice, ignoreOpenFiles); - status = ntStatus == 0 ? status : ntStatus; - - if (unmountRequest && unmountRequest->HiddenVolumeProtectionTriggered) - break; - } - } - - return status; -} - -// Resolves symbolic link name to its target name -NTSTATUS SymbolicLinkToTarget (PWSTR symlinkName, PWSTR targetName, USHORT maxTargetNameLength) -{ - NTSTATUS ntStatus; - OBJECT_ATTRIBUTES objectAttributes; - UNICODE_STRING fullFileName; - HANDLE handle; - - RtlInitUnicodeString (&fullFileName, symlinkName); - InitializeObjectAttributes (&objectAttributes, &fullFileName, OBJ_KERNEL_HANDLE | OBJ_CASE_INSENSITIVE, NULL, NULL); - - ntStatus = ZwOpenSymbolicLinkObject (&handle, GENERIC_READ, &objectAttributes); - - if (NT_SUCCESS (ntStatus)) - { - UNICODE_STRING target; - target.Buffer = targetName; - target.Length = 0; - target.MaximumLength = maxTargetNameLength; - memset (targetName, 0, maxTargetNameLength); - - ntStatus = ZwQuerySymbolicLinkObject (handle, &target, NULL); - - ZwClose (handle); - } - - return ntStatus; -} - - -// Checks if two regions overlap (borders are parts of regions) -BOOL RegionsOverlap (unsigned __int64 start1, unsigned __int64 end1, unsigned __int64 start2, unsigned __int64 end2) -{ - return (start1 < start2) ? (end1 >= start2) : (start1 <= end2); -} - - -void GetIntersection (uint64 start1, uint32 length1, uint64 start2, uint64 end2, uint64 *intersectStart, uint32 *intersectLength) -{ - uint64 end1 = start1 + length1 - 1; - uint64 intersectEnd = (end1 <= end2) ? end1 : end2; - - *intersectStart = (start1 >= start2) ? start1 : start2; - *intersectLength = (uint32) ((*intersectStart > intersectEnd) ? 0 : intersectEnd + 1 - *intersectStart); - - if (*intersectLength == 0) - *intersectStart = start1; -} - - -BOOL IsAccessibleByUser (PUNICODE_STRING objectFileName, BOOL readOnly) -{ - OBJECT_ATTRIBUTES fileObjAttributes; - IO_STATUS_BLOCK ioStatusBlock; - HANDLE fileHandle; - NTSTATUS status; - - ASSERT (!IoIsSystemThread (PsGetCurrentThread())); - - InitializeObjectAttributes (&fileObjAttributes, objectFileName, OBJ_CASE_INSENSITIVE | OBJ_FORCE_ACCESS_CHECK | OBJ_KERNEL_HANDLE, NULL, NULL); - - status = ZwCreateFile (&fileHandle, - readOnly ? GENERIC_READ : GENERIC_READ | GENERIC_WRITE, - &fileObjAttributes, - &ioStatusBlock, - NULL, - FILE_ATTRIBUTE_NORMAL, - FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, - FILE_OPEN, - FILE_SYNCHRONOUS_IO_NONALERT, - NULL, - 0); - - if (NT_SUCCESS (status)) - { - ZwClose (fileHandle); - return TRUE; - } - - return FALSE; -} - - -BOOL UserCanAccessDriveDevice () -{ - UNICODE_STRING name; - RtlInitUnicodeString (&name, L"\\Device\\MountPointManager"); - - return IsAccessibleByUser (&name, FALSE); -} - -BOOL IsDriveLetterAvailable (int nDosDriveNo, DeviceNamespaceType namespaceType) -{ - OBJECT_ATTRIBUTES objectAttributes; - UNICODE_STRING objectName; - WCHAR link[128]; - HANDLE handle; - NTSTATUS ntStatus; - - TCGetDosNameFromNumber (link, sizeof(link),nDosDriveNo, namespaceType); - RtlInitUnicodeString (&objectName, link); - InitializeObjectAttributes (&objectAttributes, &objectName, OBJ_KERNEL_HANDLE | OBJ_CASE_INSENSITIVE, NULL, NULL); - - if (NT_SUCCESS (ntStatus = ZwOpenSymbolicLinkObject (&handle, GENERIC_READ, &objectAttributes))) - { - ZwClose (handle); - return FALSE; - } - - return (ntStatus == STATUS_OBJECT_NAME_NOT_FOUND)? TRUE : FALSE; -} - - -NTSTATUS TCCompleteIrp (PIRP irp, NTSTATUS status, ULONG_PTR information) -{ - irp->IoStatus.Status = status; - irp->IoStatus.Information = information; - IoCompleteRequest (irp, IO_NO_INCREMENT); - return status; -} - - -NTSTATUS TCCompleteDiskIrp (PIRP irp, NTSTATUS status, ULONG_PTR information) -{ - irp->IoStatus.Status = status; - irp->IoStatus.Information = information; - IoCompleteRequest (irp, NT_SUCCESS (status) ? IO_DISK_INCREMENT : IO_NO_INCREMENT); - return status; -} - - -size_t GetCpuCount () -{ - KAFFINITY activeCpuMap = KeQueryActiveProcessors(); - size_t mapSize = sizeof (activeCpuMap) * 8; - size_t cpuCount = 0; - - while (mapSize--) - { - if (activeCpuMap & 1) - ++cpuCount; - - activeCpuMap >>= 1; - } - - if (cpuCount == 0) - return 1; - - return cpuCount; -} - - -void EnsureNullTerminatedString (wchar_t *str, size_t maxSizeInBytes) -{ - ASSERT ((maxSizeInBytes & 1) == 0); - str[maxSizeInBytes / sizeof (wchar_t) - 1] = 0; -} - - -void *AllocateMemoryWithTimeout (size_t size, int retryDelay, int timeout) -{ - LARGE_INTEGER waitInterval; - waitInterval.QuadPart = retryDelay * -10000; - - ASSERT (KeGetCurrentIrql() <= APC_LEVEL); - ASSERT (retryDelay > 0 && retryDelay <= timeout); - - while (TRUE) - { - void *memory = TCalloc (size); - if (memory) - return memory; - - timeout -= retryDelay; - if (timeout <= 0) - break; - - KeDelayExecutionThread (KernelMode, FALSE, &waitInterval); - } - - return NULL; -} - - -NTSTATUS TCReadRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, PKEY_VALUE_PARTIAL_INFORMATION *keyData) -{ - OBJECT_ATTRIBUTES regObjAttribs; - HANDLE regKeyHandle; - NTSTATUS status; - UNICODE_STRING valName; - ULONG size = 0; - ULONG resultSize; - - InitializeObjectAttributes (®ObjAttribs, keyPath, OBJ_KERNEL_HANDLE | OBJ_CASE_INSENSITIVE, NULL, NULL); - status = ZwOpenKey (®KeyHandle, KEY_READ, ®ObjAttribs); - if (!NT_SUCCESS (status)) - return status; - - RtlInitUnicodeString (&valName, keyValueName); - status = ZwQueryValueKey (regKeyHandle, &valName, KeyValuePartialInformation, NULL, 0, &size); - - if (!NT_SUCCESS (status) && status != STATUS_BUFFER_OVERFLOW && status != STATUS_BUFFER_TOO_SMALL) - { - ZwClose (regKeyHandle); - return status; - } - - if (size == 0) - { - ZwClose (regKeyHandle); - return STATUS_NO_DATA_DETECTED; - } - - *keyData = (PKEY_VALUE_PARTIAL_INFORMATION) TCalloc (size); - if (!*keyData) - { - ZwClose (regKeyHandle); - return STATUS_INSUFFICIENT_RESOURCES; - } - - status = ZwQueryValueKey (regKeyHandle, &valName, KeyValuePartialInformation, *keyData, size, &resultSize); - - ZwClose (regKeyHandle); - return status; -} - - -NTSTATUS TCWriteRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, ULONG keyValueType, void *valueData, ULONG valueSize) -{ - OBJECT_ATTRIBUTES regObjAttribs; - HANDLE regKeyHandle; - NTSTATUS status; - UNICODE_STRING valName; - - InitializeObjectAttributes (®ObjAttribs, keyPath, OBJ_KERNEL_HANDLE | OBJ_CASE_INSENSITIVE, NULL, NULL); - status = ZwOpenKey (®KeyHandle, KEY_READ | KEY_WRITE, ®ObjAttribs); - if (!NT_SUCCESS (status)) - return status; - - RtlInitUnicodeString (&valName, keyValueName); - - status = ZwSetValueKey (regKeyHandle, &valName, 0, keyValueType, valueData, valueSize); - - ZwClose (regKeyHandle); - return status; -} - - -BOOL IsVolumeClassFilterRegistered () -{ - UNICODE_STRING name; - NTSTATUS status; - BOOL registered = FALSE; - - PKEY_VALUE_PARTIAL_INFORMATION data; - - RtlInitUnicodeString (&name, L"\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Class\\{71A27CDD-812A-11D0-BEC7-08002BE2092F}"); - status = TCReadRegistryKey (&name, L"UpperFilters", &data); - - if (NT_SUCCESS (status)) - { - if (data->Type == REG_MULTI_SZ && data->DataLength >= 9 * sizeof (wchar_t)) - { - // Search for the string "veracrypt" - ULONG i; - for (i = 0; i <= data->DataLength - 9 * sizeof (wchar_t); ++i) - { - if (memcmp (data->Data + i, L"veracrypt", 9 * sizeof (wchar_t)) == 0) - { - Dump ("Volume class filter active\n"); - registered = TRUE; - break; - } - } - } - - TCfree (data); - } - - return registered; -} - - -NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry) -{ - PKEY_VALUE_PARTIAL_INFORMATION data; - UNICODE_STRING name; - NTSTATUS status; - uint32 flags = 0; - - RtlInitUnicodeString (&name, L"\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Services\\veracrypt"); - status = TCReadRegistryKey (&name, TC_DRIVER_CONFIG_REG_VALUE_NAME, &data); - - if (NT_SUCCESS (status)) - { - if (data->Type == REG_DWORD) - { - flags = *(uint32 *) data->Data; - Dump ("Configuration flags = 0x%x\n", flags); - - if (driverEntry) - { - if (flags & (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD | TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES)) - CacheBootPassword = TRUE; - - if (flags & TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS) - NonAdminSystemFavoritesAccessDisabled = TRUE; - - if (flags & TC_DRIVER_CONFIG_CACHE_BOOT_PIM) - CacheBootPim = TRUE; - } - - EnableHwEncryption ((flags & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE); - - EnableExtendedIoctlSupport = (flags & TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL)? TRUE : FALSE; - } - else - status = STATUS_INVALID_PARAMETER; - - TCfree (data); - } - - if (driverEntry && NT_SUCCESS (TCReadRegistryKey (&name, TC_ENCRYPTION_FREE_CPU_COUNT_REG_VALUE_NAME, &data))) - { - if (data->Type == REG_DWORD) - EncryptionThreadPoolFreeCpuCountLimit = *(uint32 *) data->Data; - - TCfree (data); - } - - return status; -} - - -NTSTATUS WriteRegistryConfigFlags (uint32 flags) -{ - UNICODE_STRING name; - RtlInitUnicodeString (&name, L"\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Services\\veracrypt"); - - return TCWriteRegistryKey (&name, TC_DRIVER_CONFIG_REG_VALUE_NAME, REG_DWORD, &flags, sizeof (flags)); -} - - -NTSTATUS GetDeviceSectorSize (PDEVICE_OBJECT deviceObject, ULONG *bytesPerSector) -{ - NTSTATUS status; - DISK_GEOMETRY geometry; - - status = SendDeviceIoControlRequest (deviceObject, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &geometry, sizeof (geometry)); - - if (!NT_SUCCESS (status)) - return status; - - *bytesPerSector = geometry.BytesPerSector; - return STATUS_SUCCESS; -} - - -NTSTATUS ZeroUnreadableSectors (PDEVICE_OBJECT deviceObject, LARGE_INTEGER startOffset, ULONG size, uint64 *zeroedSectorCount) -{ - NTSTATUS status; - ULONG sectorSize; - ULONG sectorCount; - byte *sectorBuffer = NULL; - - *zeroedSectorCount = 0; - - status = GetDeviceSectorSize (deviceObject, §orSize); - if (!NT_SUCCESS (status)) - return status; - - sectorBuffer = TCalloc (sectorSize); - if (!sectorBuffer) - return STATUS_INSUFFICIENT_RESOURCES; - - for (sectorCount = size / sectorSize; sectorCount > 0; --sectorCount, startOffset.QuadPart += sectorSize) - { - status = TCReadDevice (deviceObject, sectorBuffer, startOffset, sectorSize); - if (!NT_SUCCESS (status)) - { - Dump ("Zeroing sector at %I64d\n", startOffset.QuadPart); - memset (sectorBuffer, 0, sectorSize); - - status = TCWriteDevice (deviceObject, sectorBuffer, startOffset, sectorSize); - if (!NT_SUCCESS (status)) - goto err; - - ++(*zeroedSectorCount); - } - } - - status = STATUS_SUCCESS; - -err: - if (sectorBuffer) - TCfree (sectorBuffer); - - return status; -} - - -NTSTATUS ReadDeviceSkipUnreadableSectors (PDEVICE_OBJECT deviceObject, byte *buffer, LARGE_INTEGER startOffset, ULONG size, uint64 *badSectorCount) -{ - NTSTATUS status; - ULONG sectorSize; - ULONG sectorCount; - - *badSectorCount = 0; - - status = GetDeviceSectorSize (deviceObject, §orSize); - if (!NT_SUCCESS (status)) - return status; - - for (sectorCount = size / sectorSize; sectorCount > 0; --sectorCount, startOffset.QuadPart += sectorSize, buffer += sectorSize) - { - status = TCReadDevice (deviceObject, buffer, startOffset, sectorSize); - if (!NT_SUCCESS (status)) - { - Dump ("Skipping bad sector at %I64d\n", startOffset.QuadPart); - memset (buffer, 0, sectorSize); - ++(*badSectorCount); - } - } - - return STATUS_SUCCESS; -} - - -BOOL IsVolumeAccessibleByCurrentUser (PEXTENSION volumeDeviceExtension) -{ - SECURITY_SUBJECT_CONTEXT subContext; - PACCESS_TOKEN accessToken; - PTOKEN_USER tokenUser; - BOOL result = FALSE; - - if (IoIsSystemThread (PsGetCurrentThread()) - || UserCanAccessDriveDevice() - || !volumeDeviceExtension->UserSid - || (volumeDeviceExtension->SystemFavorite && !NonAdminSystemFavoritesAccessDisabled)) - { - return TRUE; - } - - SeCaptureSubjectContext (&subContext); - SeLockSubjectContext(&subContext); - if (subContext.ClientToken && subContext.ImpersonationLevel >= SecurityImpersonation) - accessToken = subContext.ClientToken; - else - accessToken = subContext.PrimaryToken; - - if (!accessToken) - goto ret; - - if (SeTokenIsAdmin (accessToken)) - { - result = TRUE; - goto ret; - } - - if (!NT_SUCCESS (SeQueryInformationToken (accessToken, TokenUser, &tokenUser))) - goto ret; - - result = RtlEqualSid (volumeDeviceExtension->UserSid, tokenUser->User.Sid); - ExFreePool (tokenUser); // Documented in newer versions of WDK - -ret: - SeUnlockSubjectContext(&subContext); - SeReleaseSubjectContext (&subContext); - return result; -} - - -void GetElapsedTimeInit (LARGE_INTEGER *lastPerfCounter) -{ - *lastPerfCounter = KeQueryPerformanceCounter (NULL); -} - - -// Returns elapsed time in microseconds since last call -int64 GetElapsedTime (LARGE_INTEGER *lastPerfCounter) -{ - LARGE_INTEGER freq; - LARGE_INTEGER counter = KeQueryPerformanceCounter (&freq); - - int64 elapsed = (counter.QuadPart - lastPerfCounter->QuadPart) * 1000000LL / freq.QuadPart; - *lastPerfCounter = counter; - - return elapsed; -} - - -BOOL IsOSAtLeast (OSVersionEnum reqMinOS) -{ - /* When updating this function, update IsOSVersionAtLeast() in Dlgcode.c too. */ - - ULONG major = 0, minor = 0; - - ASSERT (OsMajorVersion != 0); - - switch (reqMinOS) - { - case WIN_2000: major = 5; minor = 0; break; - case WIN_XP: major = 5; minor = 1; break; - case WIN_SERVER_2003: major = 5; minor = 2; break; - case WIN_VISTA: major = 6; minor = 0; break; - case WIN_7: major = 6; minor = 1; break; - case WIN_8: major = 6; minor = 2; break; - case WIN_8_1: major = 6; minor = 3; break; - case WIN_10: major = 10; minor = 0; break; - - default: - TC_THROW_FATAL_EXCEPTION; - break; - } - - return ((OsMajorVersion << 16 | OsMinorVersion << 8) - >= (major << 16 | minor << 8)); -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "TCdefs.h" +#include +#include "Crypto.h" +#include "Fat.h" +#include "Tests.h" +#include "cpu.h" + +#include "Apidrvr.h" +#include "Boot/Windows/BootDefs.h" +#include "EncryptedIoQueue.h" +#include "EncryptionThreadPool.h" +#include "Ntdriver.h" +#include "Ntvol.h" +#include "DriveFilter.h" +#include "DumpFilter.h" +#include "Cache.h" +#include "Volumes.h" +#include "VolumeFilter.h" + +#include +#include +#include +#include +#include + +#include +#include + +/* Init section, which is thrown away as soon as DriverEntry returns */ +#pragma alloc_text(INIT,DriverEntry) +#pragma alloc_text(INIT,TCCreateRootDeviceObject) + +PDRIVER_OBJECT TCDriverObject; +PDEVICE_OBJECT RootDeviceObject = NULL; +static KMUTEX RootDeviceControlMutex; +BOOL DriverShuttingDown = FALSE; +BOOL SelfTestsPassed; +int LastUniqueVolumeId; +ULONG OsMajorVersion = 0; +ULONG OsMinorVersion; +BOOL DriverUnloadDisabled = FALSE; +BOOL PortableMode = FALSE; +BOOL VolumeClassFilterRegistered = FALSE; +BOOL CacheBootPassword = FALSE; +BOOL CacheBootPim = FALSE; +BOOL NonAdminSystemFavoritesAccessDisabled = FALSE; +static size_t EncryptionThreadPoolFreeCpuCountLimit = 0; +static BOOL SystemFavoriteVolumeDirty = FALSE; +static BOOL PagingFileCreationPrevented = FALSE; +static BOOL EnableExtendedIoctlSupport = FALSE; + +PDEVICE_OBJECT VirtualVolumeDeviceObjects[MAX_MOUNTED_VOLUME_DRIVE_NUMBER + 1]; + + +NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) +{ + PKEY_VALUE_PARTIAL_INFORMATION startKeyValue; + LONG version; + int i; + + Dump ("DriverEntry " TC_APP_NAME " " VERSION_STRING "\n"); + + DetectX86Features (); + + PsGetVersion (&OsMajorVersion, &OsMinorVersion, NULL, NULL); + + // Load dump filter if the main driver is already loaded + if (NT_SUCCESS (TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &version, sizeof (version)))) + return DumpFilterEntry ((PFILTER_EXTENSION) DriverObject, (PFILTER_INITIALIZATION_DATA) RegistryPath); + + TCDriverObject = DriverObject; + memset (VirtualVolumeDeviceObjects, 0, sizeof (VirtualVolumeDeviceObjects)); + + ReadRegistryConfigFlags (TRUE); + EncryptionThreadPoolStart (EncryptionThreadPoolFreeCpuCountLimit); + SelfTestsPassed = AutoTestAlgorithms(); + + // Enable device class filters and load boot arguments if the driver is set to start at system boot + + if (NT_SUCCESS (TCReadRegistryKey (RegistryPath, L"Start", &startKeyValue))) + { + if (startKeyValue->Type == REG_DWORD && *((uint32 *) startKeyValue->Data) == SERVICE_BOOT_START) + { + if (!SelfTestsPassed) + TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + + LoadBootArguments(); + VolumeClassFilterRegistered = IsVolumeClassFilterRegistered(); + + DriverObject->DriverExtension->AddDevice = DriverAddDevice; + } + + TCfree (startKeyValue); + } + + for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; ++i) + { + DriverObject->MajorFunction[i] = TCDispatchQueueIRP; + } + + DriverObject->DriverUnload = TCUnloadDriver; + return TCCreateRootDeviceObject (DriverObject); +} + + +NTSTATUS DriverAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo) +{ +#ifdef DEBUG + char nameInfoBuffer[128]; + POBJECT_NAME_INFORMATION nameInfo = (POBJECT_NAME_INFORMATION) nameInfoBuffer; + ULONG nameInfoSize; + Dump ("AddDevice pdo=%p type=%x name=%ws\n", pdo, pdo->DeviceType, NT_SUCCESS (ObQueryNameString (pdo, nameInfo, sizeof (nameInfoBuffer), &nameInfoSize)) ? nameInfo->Name.Buffer : L"?"); +#endif + + if (VolumeClassFilterRegistered && BootArgsValid && BootArgs.HiddenSystemPartitionStart != 0) + { + PWSTR interfaceLinks = NULL; + if (NT_SUCCESS (IoGetDeviceInterfaces (&GUID_DEVINTERFACE_VOLUME, pdo, DEVICE_INTERFACE_INCLUDE_NONACTIVE, &interfaceLinks)) && interfaceLinks) + { + if (interfaceLinks[0] != UNICODE_NULL) + { + Dump ("Volume pdo=%p interface=%ws\n", pdo, interfaceLinks); + ExFreePool (interfaceLinks); + + return VolumeFilterAddDevice (driverObject, pdo); + } + + ExFreePool (interfaceLinks); + } + } + + return DriveFilterAddDevice (driverObject, pdo); +} + + +// Dumps a memory region to debug output +void DumpMemory (void *mem, int size) +{ + unsigned char str[20]; + unsigned char *m = mem; + int i,j; + + for (j = 0; j < size / 8; j++) + { + memset (str,0,sizeof str); + for (i = 0; i < 8; i++) + { + if (m[i] > ' ' && m[i] <= '~') + str[i]=m[i]; + else + str[i]='.'; + } + + Dump ("0x%08p %02x %02x %02x %02x %02x %02x %02x %02x %s\n", + m, m[0], m[1], m[2], m[3], m[4], m[5], m[6], m[7], str); + + m+=8; + } +} + + +BOOL ValidateIOBufferSize (PIRP irp, size_t requiredBufferSize, ValidateIOBufferSizeType type) +{ + PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (irp); + BOOL input = (type == ValidateInput || type == ValidateInputOutput); + BOOL output = (type == ValidateOutput || type == ValidateInputOutput); + + if ((input && irpSp->Parameters.DeviceIoControl.InputBufferLength < requiredBufferSize) + || (output && irpSp->Parameters.DeviceIoControl.OutputBufferLength < requiredBufferSize)) + { + Dump ("STATUS_BUFFER_TOO_SMALL ioctl=0x%x,%d in=%d out=%d reqsize=%d insize=%d outsize=%d\n", (int) (irpSp->Parameters.DeviceIoControl.IoControlCode >> 16), (int) ((irpSp->Parameters.DeviceIoControl.IoControlCode & 0x1FFF) >> 2), input, output, requiredBufferSize, irpSp->Parameters.DeviceIoControl.InputBufferLength, irpSp->Parameters.DeviceIoControl.OutputBufferLength); + + irp->IoStatus.Status = STATUS_BUFFER_TOO_SMALL; + irp->IoStatus.Information = 0; + return FALSE; + } + + if (!input && output) + memset (irp->AssociatedIrp.SystemBuffer, 0, irpSp->Parameters.DeviceIoControl.OutputBufferLength); + + return TRUE; +} + + +PDEVICE_OBJECT GetVirtualVolumeDeviceObject (int driveNumber) +{ + if (driveNumber < MIN_MOUNTED_VOLUME_DRIVE_NUMBER || driveNumber > MAX_MOUNTED_VOLUME_DRIVE_NUMBER) + return NULL; + + return VirtualVolumeDeviceObjects[driveNumber]; +} + + +/* TCDispatchQueueIRP queues any IRP's so that they can be processed later + by the thread -- or in some cases handles them immediately! */ +NTSTATUS TCDispatchQueueIRP (PDEVICE_OBJECT DeviceObject, PIRP Irp) +{ + PEXTENSION Extension = (PEXTENSION) DeviceObject->DeviceExtension; + PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); + NTSTATUS ntStatus; + +#ifdef _DEBUG + if (irpSp->MajorFunction == IRP_MJ_DEVICE_CONTROL && (Extension->bRootDevice || Extension->IsVolumeDevice)) + { + switch (irpSp->Parameters.DeviceIoControl.IoControlCode) + { + case TC_IOCTL_GET_MOUNTED_VOLUMES: + case TC_IOCTL_GET_PASSWORD_CACHE_STATUS: + case TC_IOCTL_GET_PORTABLE_MODE_STATUS: + case TC_IOCTL_SET_PORTABLE_MODE_STATUS: + case TC_IOCTL_OPEN_TEST: + case TC_IOCTL_GET_RESOLVED_SYMLINK: + case TC_IOCTL_GET_DEVICE_REFCOUNT: + case TC_IOCTL_GET_DRIVE_PARTITION_INFO: + case TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES: + case TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS: + case TC_IOCTL_GET_DECOY_SYSTEM_WIPE_STATUS: + case TC_IOCTL_GET_WARNING_FLAGS: + case TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING: + case IOCTL_DISK_CHECK_VERIFY: + break; + + default: + Dump ("%ls (0x%x %d)\n", + TCTranslateCode (irpSp->Parameters.DeviceIoControl.IoControlCode), + (int) (irpSp->Parameters.DeviceIoControl.IoControlCode >> 16), + (int) ((irpSp->Parameters.DeviceIoControl.IoControlCode & 0x1FFF) >> 2)); + } + } +#endif + + if (!Extension->bRootDevice) + { + // Drive filter IRP + if (Extension->IsDriveFilterDevice) + return DriveFilterDispatchIrp (DeviceObject, Irp); + + // Volume filter IRP + if (Extension->IsVolumeFilterDevice) + return VolumeFilterDispatchIrp (DeviceObject, Irp); + } + + switch (irpSp->MajorFunction) + { + case IRP_MJ_CLOSE: + case IRP_MJ_CREATE: + case IRP_MJ_CLEANUP: + return COMPLETE_IRP (DeviceObject, Irp, STATUS_SUCCESS, 0); + + case IRP_MJ_SHUTDOWN: + if (Extension->bRootDevice) + { + Dump ("Driver shutting down\n"); + DriverShuttingDown = TRUE; + + if (EncryptionSetupThread) + while (SendDeviceIoControlRequest (RootDeviceObject, TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP, NULL, 0, NULL, 0) == STATUS_INSUFFICIENT_RESOURCES); + + if (DecoySystemWipeThread) + while (SendDeviceIoControlRequest (RootDeviceObject, TC_IOCTL_ABORT_DECOY_SYSTEM_WIPE, NULL, 0, NULL, 0) == STATUS_INSUFFICIENT_RESOURCES); + + OnShutdownPending(); + } + + return COMPLETE_IRP (DeviceObject, Irp, STATUS_SUCCESS, 0); + + case IRP_MJ_FLUSH_BUFFERS: + case IRP_MJ_READ: + case IRP_MJ_WRITE: + case IRP_MJ_DEVICE_CONTROL: + + if (Extension->bRootDevice) + { + if (irpSp->MajorFunction == IRP_MJ_DEVICE_CONTROL) + { + NTSTATUS status = KeWaitForMutexObject (&RootDeviceControlMutex, Executive, KernelMode, FALSE, NULL); + if (!NT_SUCCESS (status)) + return status; + + status = ProcessMainDeviceControlIrp (DeviceObject, Extension, Irp); + + KeReleaseMutex (&RootDeviceControlMutex, FALSE); + return status; + } + break; + } + + if (Extension->bShuttingDown) + { + Dump ("Device %d shutting down: STATUS_DELETE_PENDING\n", Extension->nDosDriveNo); + return TCCompleteDiskIrp (Irp, STATUS_DELETE_PENDING, 0); + } + + if (Extension->bRemovable + && (DeviceObject->Flags & DO_VERIFY_VOLUME) + && !(irpSp->Flags & SL_OVERRIDE_VERIFY_VOLUME) + && irpSp->MajorFunction != IRP_MJ_FLUSH_BUFFERS) + { + Dump ("Removable device %d has DO_VERIFY_VOLUME flag: STATUS_DEVICE_NOT_READY\n", Extension->nDosDriveNo); + return TCCompleteDiskIrp (Irp, STATUS_DEVICE_NOT_READY, 0); + } + + switch (irpSp->MajorFunction) + { + case IRP_MJ_READ: + case IRP_MJ_WRITE: + ntStatus = EncryptedIoQueueAddIrp (&Extension->Queue, Irp); + + if (ntStatus != STATUS_PENDING) + TCCompleteDiskIrp (Irp, ntStatus, 0); + + return ntStatus; + + case IRP_MJ_DEVICE_CONTROL: + ntStatus = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); + if (!NT_SUCCESS (ntStatus)) + return TCCompleteIrp (Irp, ntStatus, 0); + + IoMarkIrpPending (Irp); + + ExInterlockedInsertTailList (&Extension->ListEntry, &Irp->Tail.Overlay.ListEntry, &Extension->ListSpinLock); + KeReleaseSemaphore (&Extension->RequestSemaphore, IO_DISK_INCREMENT, 1, FALSE); + + return STATUS_PENDING; + + case IRP_MJ_FLUSH_BUFFERS: + return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0); + } + + break; + + case IRP_MJ_PNP: + if (!Extension->bRootDevice + && Extension->IsVolumeDevice + && irpSp->MinorFunction == IRP_MN_DEVICE_USAGE_NOTIFICATION + && irpSp->Parameters.UsageNotification.Type == DeviceUsageTypePaging + && irpSp->Parameters.UsageNotification.InPath) + { + PagingFileCreationPrevented = TRUE; + return TCCompleteIrp (Irp, STATUS_UNSUCCESSFUL, 0); + } + break; + } + + return TCCompleteIrp (Irp, STATUS_INVALID_DEVICE_REQUEST, 0); +} + +NTSTATUS TCCreateRootDeviceObject (PDRIVER_OBJECT DriverObject) +{ + UNICODE_STRING Win32NameString, ntUnicodeString; + WCHAR dosname[32], ntname[32]; + PDEVICE_OBJECT DeviceObject; + NTSTATUS ntStatus; + BOOL *bRootExtension; + + Dump ("TCCreateRootDeviceObject BEGIN\n"); + ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL); + + RtlStringCbCopyW (dosname, sizeof(dosname),(LPWSTR) DOS_ROOT_PREFIX); + RtlStringCbCopyW (ntname, sizeof(ntname),(LPWSTR) NT_ROOT_PREFIX); + RtlInitUnicodeString (&ntUnicodeString, ntname); + RtlInitUnicodeString (&Win32NameString, dosname); + + Dump ("Creating root device nt=%ls dos=%ls\n", ntname, dosname); + + ntStatus = IoCreateDevice ( + DriverObject, + sizeof (BOOL), + &ntUnicodeString, + FILE_DEVICE_UNKNOWN, + FILE_DEVICE_SECURE_OPEN, + FALSE, + &DeviceObject); + + if (!NT_SUCCESS (ntStatus)) + { + Dump ("TCCreateRootDeviceObject NTSTATUS = 0x%08x END\n", ntStatus); + return ntStatus;/* Failed to create DeviceObject */ + } + + DeviceObject->Flags |= DO_DIRECT_IO; + DeviceObject->AlignmentRequirement = FILE_WORD_ALIGNMENT; + + /* Setup the device extension */ + bRootExtension = (BOOL *) DeviceObject->DeviceExtension; + *bRootExtension = TRUE; + + KeInitializeMutex (&RootDeviceControlMutex, 0); + + ntStatus = IoCreateSymbolicLink (&Win32NameString, &ntUnicodeString); + + if (!NT_SUCCESS (ntStatus)) + { + Dump ("TCCreateRootDeviceObject NTSTATUS = 0x%08x END\n", ntStatus); + IoDeleteDevice (DeviceObject); + return ntStatus; + } + + IoRegisterShutdownNotification (DeviceObject); + RootDeviceObject = DeviceObject; + + Dump ("TCCreateRootDeviceObject STATUS_SUCCESS END\n"); + return STATUS_SUCCESS; +} + +NTSTATUS TCCreateDeviceObject (PDRIVER_OBJECT DriverObject, + PDEVICE_OBJECT * ppDeviceObject, + MOUNT_STRUCT * mount) +{ + UNICODE_STRING ntUnicodeString; + WCHAR ntname[32]; + PEXTENSION Extension; + NTSTATUS ntStatus; + ULONG devChars = 0; +#if defined (DEBUG) + WCHAR dosname[32]; +#endif + + Dump ("TCCreateDeviceObject BEGIN\n"); + ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL); + + TCGetNTNameFromNumber (ntname, sizeof(ntname),mount->nDosDriveNo); + RtlInitUnicodeString (&ntUnicodeString, ntname); +#if defined (DEBUG) + TCGetDosNameFromNumber (dosname, sizeof(dosname),mount->nDosDriveNo, DeviceNamespaceDefault); +#endif + + devChars = FILE_DEVICE_SECURE_OPEN; + devChars |= mount->bMountReadOnly ? FILE_READ_ONLY_DEVICE : 0; + devChars |= mount->bMountRemovable ? FILE_REMOVABLE_MEDIA : 0; + + Dump ("Creating device nt=%ls dos=%ls\n", ntname, dosname); + + ntStatus = IoCreateDevice ( + DriverObject, /* Our Driver Object */ + sizeof (EXTENSION), /* Size of state information */ + &ntUnicodeString, /* Device name "\Device\Name" */ + FILE_DEVICE_DISK, /* Device type */ + devChars, /* Device characteristics */ + FALSE, /* Exclusive device */ + ppDeviceObject); /* Returned ptr to Device Object */ + + if (!NT_SUCCESS (ntStatus)) + { + Dump ("TCCreateDeviceObject NTSTATUS = 0x%08x END\n", ntStatus); + return ntStatus;/* Failed to create DeviceObject */ + } + /* Initialize device object and extension. */ + + (*ppDeviceObject)->Flags |= DO_DIRECT_IO; + (*ppDeviceObject)->StackSize += 6; // Reduce occurrence of NO_MORE_IRP_STACK_LOCATIONS bug check caused by buggy drivers + + /* Setup the device extension */ + Extension = (PEXTENSION) (*ppDeviceObject)->DeviceExtension; + memset (Extension, 0, sizeof (EXTENSION)); + + Extension->IsVolumeDevice = TRUE; + Extension->nDosDriveNo = mount->nDosDriveNo; + Extension->bRemovable = mount->bMountRemovable; + Extension->PartitionInInactiveSysEncScope = mount->bPartitionInInactiveSysEncScope; + Extension->SystemFavorite = mount->SystemFavorite; + + KeInitializeEvent (&Extension->keCreateEvent, SynchronizationEvent, FALSE); + KeInitializeSemaphore (&Extension->RequestSemaphore, 0L, MAXLONG); + KeInitializeSpinLock (&Extension->ListSpinLock); + InitializeListHead (&Extension->ListEntry); + IoInitializeRemoveLock (&Extension->Queue.RemoveLock, 'LRCV', 0, 0); + + VirtualVolumeDeviceObjects[mount->nDosDriveNo] = *ppDeviceObject; + + Dump ("TCCreateDeviceObject STATUS_SUCCESS END\n"); + + return STATUS_SUCCESS; +} + + +BOOL RootDeviceControlMutexAcquireNoWait () +{ + NTSTATUS status; + LARGE_INTEGER timeout; + timeout.QuadPart = 0; + + status = KeWaitForMutexObject (&RootDeviceControlMutex, Executive, KernelMode, FALSE, &timeout); + return NT_SUCCESS (status) && status != STATUS_TIMEOUT; +} + + +void RootDeviceControlMutexRelease () +{ + KeReleaseMutex (&RootDeviceControlMutex, FALSE); +} + + +NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, PIRP Irp) +{ + PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); + + switch (irpSp->Parameters.DeviceIoControl.IoControlCode) + { + + case IOCTL_MOUNTDEV_QUERY_DEVICE_NAME: + if (!ValidateIOBufferSize (Irp, sizeof (MOUNTDEV_NAME), ValidateOutput)) + { + Irp->IoStatus.Information = sizeof (MOUNTDEV_NAME); + Irp->IoStatus.Status = STATUS_BUFFER_OVERFLOW; + } + else + { + ULONG outLength; + UNICODE_STRING ntUnicodeString; + WCHAR ntName[256]; + PMOUNTDEV_NAME outputBuffer = (PMOUNTDEV_NAME) Irp->AssociatedIrp.SystemBuffer; + + TCGetNTNameFromNumber (ntName, sizeof(ntName),Extension->nDosDriveNo); + RtlInitUnicodeString (&ntUnicodeString, ntName); + + outputBuffer->NameLength = ntUnicodeString.Length; + outLength = ntUnicodeString.Length + sizeof(USHORT); + + if (irpSp->Parameters.DeviceIoControl.OutputBufferLength < outLength) + { + Irp->IoStatus.Information = sizeof (MOUNTDEV_NAME); + Irp->IoStatus.Status = STATUS_BUFFER_OVERFLOW; + + break; + } + + RtlCopyMemory ((PCHAR)outputBuffer->Name,ntUnicodeString.Buffer, ntUnicodeString.Length); + + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = outLength; + + Dump ("name = %ls\n",ntName); + } + break; + + case IOCTL_MOUNTDEV_QUERY_UNIQUE_ID: + if (!ValidateIOBufferSize (Irp, sizeof (MOUNTDEV_UNIQUE_ID), ValidateOutput)) + { + Irp->IoStatus.Information = sizeof (MOUNTDEV_UNIQUE_ID); + Irp->IoStatus.Status = STATUS_BUFFER_OVERFLOW; + } + else + { + ULONG outLength; + UCHAR volId[128], tmp[] = { 0,0 }; + PMOUNTDEV_UNIQUE_ID outputBuffer = (PMOUNTDEV_UNIQUE_ID) Irp->AssociatedIrp.SystemBuffer; + + RtlStringCbCopyA (volId, sizeof(volId),TC_UNIQUE_ID_PREFIX); + tmp[0] = 'A' + (UCHAR) Extension->nDosDriveNo; + RtlStringCbCatA (volId, sizeof(volId),tmp); + + outputBuffer->UniqueIdLength = (USHORT) strlen (volId); + outLength = (ULONG) (strlen (volId) + sizeof (USHORT)); + + if (irpSp->Parameters.DeviceIoControl.OutputBufferLength < outLength) + { + Irp->IoStatus.Information = sizeof (MOUNTDEV_UNIQUE_ID); + Irp->IoStatus.Status = STATUS_BUFFER_OVERFLOW; + break; + } + + RtlCopyMemory ((PCHAR)outputBuffer->UniqueId, volId, strlen (volId)); + + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = outLength; + + Dump ("id = %s\n",volId); + } + break; + + case IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME: + { + ULONG outLength; + UNICODE_STRING ntUnicodeString; + WCHAR ntName[256]; + PMOUNTDEV_SUGGESTED_LINK_NAME outputBuffer = (PMOUNTDEV_SUGGESTED_LINK_NAME) Irp->AssociatedIrp.SystemBuffer; + + if (!ValidateIOBufferSize (Irp, sizeof (MOUNTDEV_SUGGESTED_LINK_NAME), ValidateOutput)) + { + Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + Irp->IoStatus.Information = 0; + break; + } + + TCGetDosNameFromNumber (ntName, sizeof(ntName),Extension->nDosDriveNo, DeviceNamespaceDefault); + RtlInitUnicodeString (&ntUnicodeString, ntName); + + outLength = FIELD_OFFSET(MOUNTDEV_SUGGESTED_LINK_NAME,Name) + ntUnicodeString.Length; + + outputBuffer->UseOnlyIfThereAreNoOtherLinks = FALSE; + outputBuffer->NameLength = ntUnicodeString.Length; + + if(irpSp->Parameters.DeviceIoControl.OutputBufferLength < outLength) + { + Irp->IoStatus.Information = sizeof (MOUNTDEV_SUGGESTED_LINK_NAME); + Irp->IoStatus.Status = STATUS_BUFFER_OVERFLOW; + break; + } + + RtlCopyMemory ((PCHAR)outputBuffer->Name,ntUnicodeString.Buffer, ntUnicodeString.Length); + + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = outLength; + + Dump ("link = %ls\n",ntName); + } + break; + + case IOCTL_DISK_GET_MEDIA_TYPES: + case IOCTL_DISK_GET_DRIVE_GEOMETRY: + /* Return the drive geometry for the disk. Note that we + return values which were made up to suit the disk size. */ + if (ValidateIOBufferSize (Irp, sizeof (DISK_GEOMETRY), ValidateOutput)) + { + PDISK_GEOMETRY outputBuffer = (PDISK_GEOMETRY) + Irp->AssociatedIrp.SystemBuffer; + + outputBuffer->MediaType = Extension->bRemovable ? RemovableMedia : FixedMedia; + outputBuffer->Cylinders.QuadPart = Extension->NumberOfCylinders; + outputBuffer->TracksPerCylinder = Extension->TracksPerCylinder; + outputBuffer->SectorsPerTrack = Extension->SectorsPerTrack; + outputBuffer->BytesPerSector = Extension->BytesPerSector; + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = sizeof (DISK_GEOMETRY); + } + break; + + case IOCTL_STORAGE_QUERY_PROPERTY: + if (EnableExtendedIoctlSupport) + { + if (ValidateIOBufferSize (Irp, sizeof (STORAGE_PROPERTY_QUERY), ValidateInput)) + { + PSTORAGE_PROPERTY_QUERY pStoragePropQuery = (PSTORAGE_PROPERTY_QUERY) Irp->AssociatedIrp.SystemBuffer; + STORAGE_QUERY_TYPE type = pStoragePropQuery->QueryType; + + /* return error if an unsupported type is encountered */ + Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST; + Irp->IoStatus.Information = 0; + + if ( (pStoragePropQuery->PropertyId == StorageAccessAlignmentProperty) + || (pStoragePropQuery->PropertyId == StorageDeviceProperty) + ) + { + if (type == PropertyExistsQuery) + { + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = 0; + } + else if (type == PropertyStandardQuery) + { + switch (pStoragePropQuery->PropertyId) + { + case StorageDeviceProperty: + { + if (ValidateIOBufferSize (Irp, sizeof (STORAGE_DEVICE_DESCRIPTOR), ValidateOutput)) + { + PSTORAGE_DEVICE_DESCRIPTOR outputBuffer = (PSTORAGE_DEVICE_DESCRIPTOR) Irp->AssociatedIrp.SystemBuffer; + + outputBuffer->Version = sizeof(STORAGE_DEVICE_DESCRIPTOR); + outputBuffer->Size = sizeof(STORAGE_DEVICE_DESCRIPTOR); + outputBuffer->DeviceType = FILE_DEVICE_DISK; + outputBuffer->RemovableMedia = Extension->bRemovable? TRUE : FALSE; + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = sizeof (STORAGE_DEVICE_DESCRIPTOR); + } + } + break; + case StorageAccessAlignmentProperty: + { + if (ValidateIOBufferSize (Irp, sizeof (STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR), ValidateOutput)) + { + PSTORAGE_ACCESS_ALIGNMENT_DESCRIPTOR outputBuffer = (PSTORAGE_ACCESS_ALIGNMENT_DESCRIPTOR) Irp->AssociatedIrp.SystemBuffer; + + outputBuffer->Version = sizeof(STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR); + outputBuffer->Size = sizeof(STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR); + outputBuffer->BytesPerLogicalSector = Extension->BytesPerSector; + outputBuffer->BytesPerPhysicalSector = Extension->HostBytesPerPhysicalSector; + outputBuffer->BytesOffsetForSectorAlignment = Extension->BytesOffsetForSectorAlignment; + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = sizeof (STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR); + } + } + break; + } + } + } + } + } + else + return TCCompleteIrp (Irp, STATUS_INVALID_DEVICE_REQUEST, 0); + + break; + + case IOCTL_DISK_GET_PARTITION_INFO: + if (ValidateIOBufferSize (Irp, sizeof (PARTITION_INFORMATION), ValidateOutput)) + { + PPARTITION_INFORMATION outputBuffer = (PPARTITION_INFORMATION) + Irp->AssociatedIrp.SystemBuffer; + + outputBuffer->PartitionType = Extension->PartitionType; + outputBuffer->BootIndicator = FALSE; + outputBuffer->RecognizedPartition = TRUE; + outputBuffer->RewritePartition = FALSE; + outputBuffer->StartingOffset.QuadPart = Extension->BytesPerSector; + outputBuffer->PartitionLength.QuadPart= Extension->DiskLength; + outputBuffer->HiddenSectors = 0; + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = sizeof (PARTITION_INFORMATION); + } + break; + + case IOCTL_DISK_GET_PARTITION_INFO_EX: + if (ValidateIOBufferSize (Irp, sizeof (PARTITION_INFORMATION_EX), ValidateOutput)) + { + PPARTITION_INFORMATION_EX outputBuffer = (PPARTITION_INFORMATION_EX) Irp->AssociatedIrp.SystemBuffer; + + outputBuffer->PartitionStyle = PARTITION_STYLE_MBR; + outputBuffer->RewritePartition = FALSE; + outputBuffer->StartingOffset.QuadPart = Extension->BytesPerSector; + outputBuffer->PartitionLength.QuadPart= Extension->DiskLength; + outputBuffer->Mbr.PartitionType = Extension->PartitionType; + outputBuffer->Mbr.BootIndicator = FALSE; + outputBuffer->Mbr.RecognizedPartition = TRUE; + outputBuffer->Mbr.HiddenSectors = 0; + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = sizeof (PARTITION_INFORMATION_EX); + } + break; + + case IOCTL_DISK_GET_DRIVE_LAYOUT: + if (ValidateIOBufferSize (Irp, sizeof (DRIVE_LAYOUT_INFORMATION), ValidateOutput)) + { + PDRIVE_LAYOUT_INFORMATION outputBuffer = (PDRIVE_LAYOUT_INFORMATION) + Irp->AssociatedIrp.SystemBuffer; + + outputBuffer->PartitionCount = 1; + outputBuffer->Signature = 0; + + outputBuffer->PartitionEntry->PartitionType = Extension->PartitionType; + outputBuffer->PartitionEntry->BootIndicator = FALSE; + outputBuffer->PartitionEntry->RecognizedPartition = TRUE; + outputBuffer->PartitionEntry->RewritePartition = FALSE; + outputBuffer->PartitionEntry->StartingOffset.QuadPart = Extension->BytesPerSector; + outputBuffer->PartitionEntry->PartitionLength.QuadPart = Extension->DiskLength; + outputBuffer->PartitionEntry->HiddenSectors = 0; + + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = sizeof (PARTITION_INFORMATION); + } + break; + + case IOCTL_DISK_GET_LENGTH_INFO: + if (!ValidateIOBufferSize (Irp, sizeof (GET_LENGTH_INFORMATION), ValidateOutput)) + { + Irp->IoStatus.Status = STATUS_BUFFER_OVERFLOW; + Irp->IoStatus.Information = sizeof (GET_LENGTH_INFORMATION); + } + else + { + PGET_LENGTH_INFORMATION outputBuffer = (PGET_LENGTH_INFORMATION) Irp->AssociatedIrp.SystemBuffer; + + outputBuffer->Length.QuadPart = Extension->DiskLength; + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = sizeof (GET_LENGTH_INFORMATION); + } + break; + + case IOCTL_DISK_VERIFY: + if (ValidateIOBufferSize (Irp, sizeof (VERIFY_INFORMATION), ValidateInput)) + { + HRESULT hResult; + ULONGLONG ullStartingOffset, ullNewOffset, ullEndOffset; + PVERIFY_INFORMATION pVerifyInformation; + pVerifyInformation = (PVERIFY_INFORMATION) Irp->AssociatedIrp.SystemBuffer; + + ullStartingOffset = (ULONGLONG) pVerifyInformation->StartingOffset.QuadPart; + hResult = ULongLongAdd(ullStartingOffset, + (ULONGLONG) Extension->cryptoInfo->hiddenVolume ? Extension->cryptoInfo->hiddenVolumeOffset : Extension->cryptoInfo->volDataAreaOffset, + &ullNewOffset); + if (hResult != S_OK) + Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + else if (S_OK != ULongLongAdd(ullStartingOffset, (ULONGLONG) pVerifyInformation->Length, &ullEndOffset)) + Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + else if (ullEndOffset > (ULONGLONG) Extension->DiskLength) + Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + else + { + IO_STATUS_BLOCK ioStatus; + PVOID buffer = TCalloc (max (pVerifyInformation->Length, PAGE_SIZE)); + + if (!buffer) + { + Irp->IoStatus.Status = STATUS_INSUFFICIENT_RESOURCES; + } + else + { + LARGE_INTEGER offset = pVerifyInformation->StartingOffset; + offset.QuadPart = ullNewOffset; + + Irp->IoStatus.Status = ZwReadFile (Extension->hDeviceFile, NULL, NULL, NULL, &ioStatus, buffer, pVerifyInformation->Length, &offset, NULL); + TCfree (buffer); + + if (NT_SUCCESS (Irp->IoStatus.Status) && ioStatus.Information != pVerifyInformation->Length) + Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + } + } + + Irp->IoStatus.Information = 0; + } + break; + + case IOCTL_DISK_CHECK_VERIFY: + case IOCTL_STORAGE_CHECK_VERIFY: + { + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = 0; + + if (irpSp->Parameters.DeviceIoControl.OutputBufferLength >= sizeof (ULONG)) + { + *((ULONG *) Irp->AssociatedIrp.SystemBuffer) = 0; + Irp->IoStatus.Information = sizeof (ULONG); + } + } + break; + + case IOCTL_DISK_IS_WRITABLE: + { + if (Extension->bReadOnly) + Irp->IoStatus.Status = STATUS_MEDIA_WRITE_PROTECTED; + else + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = 0; + + } + break; + + case IOCTL_VOLUME_ONLINE: + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = 0; + break; + + case IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS: + + // Vista's filesystem defragmenter fails if IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS does not succeed. + if (!(OsMajorVersion == 6 && OsMinorVersion == 0)) + { + Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST; + Irp->IoStatus.Information = 0; + } + else if (ValidateIOBufferSize (Irp, sizeof (VOLUME_DISK_EXTENTS), ValidateOutput)) + { + VOLUME_DISK_EXTENTS *extents = (VOLUME_DISK_EXTENTS *) Irp->AssociatedIrp.SystemBuffer; + + // No extent data can be returned as this is not a physical drive. + memset (extents, 0, sizeof (*extents)); + extents->NumberOfDiskExtents = 0; + + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = sizeof (*extents); + } + break; + + default: + return TCCompleteIrp (Irp, STATUS_INVALID_DEVICE_REQUEST, 0); + } + +#ifdef DEBUG + if (!NT_SUCCESS (Irp->IoStatus.Status)) + { + Dump ("IOCTL error 0x%08x (0x%x %d)\n", + Irp->IoStatus.Status, + (int) (irpSp->Parameters.DeviceIoControl.IoControlCode >> 16), + (int) ((irpSp->Parameters.DeviceIoControl.IoControlCode & 0x1FFF) >> 2)); + } +#endif + + return TCCompleteDiskIrp (Irp, Irp->IoStatus.Status, Irp->IoStatus.Information); +} + + +NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, PIRP Irp) +{ + PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); + NTSTATUS ntStatus; + + switch (irpSp->Parameters.DeviceIoControl.IoControlCode) + { + case TC_IOCTL_GET_DRIVER_VERSION: + case TC_IOCTL_LEGACY_GET_DRIVER_VERSION: + if (ValidateIOBufferSize (Irp, sizeof (LONG), ValidateOutput)) + { + LONG tmp = VERSION_NUM; + memcpy (Irp->AssociatedIrp.SystemBuffer, &tmp, 4); + Irp->IoStatus.Information = sizeof (LONG); + Irp->IoStatus.Status = STATUS_SUCCESS; + } + break; + + case TC_IOCTL_GET_DEVICE_REFCOUNT: + if (ValidateIOBufferSize (Irp, sizeof (int), ValidateOutput)) + { + *(int *) Irp->AssociatedIrp.SystemBuffer = DeviceObject->ReferenceCount; + Irp->IoStatus.Information = sizeof (int); + Irp->IoStatus.Status = STATUS_SUCCESS; + } + break; + + case TC_IOCTL_IS_DRIVER_UNLOAD_DISABLED: + if (ValidateIOBufferSize (Irp, sizeof (int), ValidateOutput)) + { + LONG deviceObjectCount = 0; + + *(int *) Irp->AssociatedIrp.SystemBuffer = DriverUnloadDisabled; + + if (IoEnumerateDeviceObjectList (TCDriverObject, NULL, 0, &deviceObjectCount) == STATUS_BUFFER_TOO_SMALL && deviceObjectCount > 1) + *(int *) Irp->AssociatedIrp.SystemBuffer = TRUE; + + Irp->IoStatus.Information = sizeof (int); + Irp->IoStatus.Status = STATUS_SUCCESS; + } + break; + + case TC_IOCTL_IS_ANY_VOLUME_MOUNTED: + if (ValidateIOBufferSize (Irp, sizeof (int), ValidateOutput)) + { + int drive; + *(int *) Irp->AssociatedIrp.SystemBuffer = 0; + + for (drive = MIN_MOUNTED_VOLUME_DRIVE_NUMBER; drive <= MAX_MOUNTED_VOLUME_DRIVE_NUMBER; ++drive) + { + if (GetVirtualVolumeDeviceObject (drive)) + { + *(int *) Irp->AssociatedIrp.SystemBuffer = 1; + break; + } + } + + if (IsBootDriveMounted()) + *(int *) Irp->AssociatedIrp.SystemBuffer = 1; + + Irp->IoStatus.Information = sizeof (int); + Irp->IoStatus.Status = STATUS_SUCCESS; + } + break; + + case TC_IOCTL_OPEN_TEST: + { + OPEN_TEST_STRUCT *opentest = (OPEN_TEST_STRUCT *) Irp->AssociatedIrp.SystemBuffer; + OBJECT_ATTRIBUTES ObjectAttributes; + HANDLE NtFileHandle; + UNICODE_STRING FullFileName; + IO_STATUS_BLOCK IoStatus; + LARGE_INTEGER offset; + ACCESS_MASK access = FILE_READ_ATTRIBUTES; + + if (!ValidateIOBufferSize (Irp, sizeof (OPEN_TEST_STRUCT), ValidateInputOutput)) + break; + + EnsureNullTerminatedString (opentest->wszFileName, sizeof (opentest->wszFileName)); + RtlInitUnicodeString (&FullFileName, opentest->wszFileName); + + InitializeObjectAttributes (&ObjectAttributes, &FullFileName, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL); + + if (opentest->bDetectTCBootLoader || opentest->DetectFilesystem || opentest->bMatchVolumeID) + access |= FILE_READ_DATA; + + ntStatus = ZwCreateFile (&NtFileHandle, + SYNCHRONIZE | access, &ObjectAttributes, &IoStatus, NULL, + 0, FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_OPEN, FILE_SYNCHRONOUS_IO_NONALERT, NULL, 0); + + if (NT_SUCCESS (ntStatus)) + { + opentest->TCBootLoaderDetected = FALSE; + opentest->FilesystemDetected = FALSE; + opentest->VolumeIDMatched = FALSE; + + if (opentest->bDetectTCBootLoader || opentest->DetectFilesystem || opentest->bMatchVolumeID) + { + byte *readBuffer = TCalloc (TC_MAX_VOLUME_SECTOR_SIZE); + if (!readBuffer) + { + ntStatus = STATUS_INSUFFICIENT_RESOURCES; + } + else + { + if (opentest->bDetectTCBootLoader || opentest->DetectFilesystem) + { + // Determine if the first sector contains a portion of the VeraCrypt Boot Loader + + offset.QuadPart = 0; + + ntStatus = ZwReadFile (NtFileHandle, + NULL, + NULL, + NULL, + &IoStatus, + readBuffer, + TC_MAX_VOLUME_SECTOR_SIZE, + &offset, + NULL); + + if (NT_SUCCESS (ntStatus)) + { + size_t i; + + if (opentest->bDetectTCBootLoader && IoStatus.Information >= TC_SECTOR_SIZE_BIOS) + { + // Search for the string "VeraCrypt" + for (i = 0; i < TC_SECTOR_SIZE_BIOS - strlen (TC_APP_NAME); ++i) + { + if (memcmp (readBuffer + i, TC_APP_NAME, strlen (TC_APP_NAME)) == 0) + { + opentest->TCBootLoaderDetected = TRUE; + break; + } + } + } + + if (opentest->DetectFilesystem && IoStatus.Information >= sizeof (int64)) + { + switch (BE64 (*(uint64 *) readBuffer)) + { + case 0xEB52904E54465320: // NTFS + case 0xEB3C904D53444F53: // FAT16 + case 0xEB58904D53444F53: // FAT32 + case 0xEB76904558464154: // exFAT + + opentest->FilesystemDetected = TRUE; + break; + } + } + } + } + + if (opentest->bMatchVolumeID) + { + int volumeType; + BYTE volumeID[VOLUME_ID_SIZE]; + + // Go through all volume types (e.g., normal, hidden) + for (volumeType = TC_VOLUME_TYPE_NORMAL; + volumeType < TC_VOLUME_TYPE_COUNT; + volumeType++) + { + /* Read the volume header */ + switch (volumeType) + { + case TC_VOLUME_TYPE_NORMAL: + offset.QuadPart = TC_VOLUME_HEADER_OFFSET; + break; + + case TC_VOLUME_TYPE_HIDDEN: + + offset.QuadPart = TC_HIDDEN_VOLUME_HEADER_OFFSET; + break; + } + + ntStatus = ZwReadFile (NtFileHandle, + NULL, + NULL, + NULL, + &IoStatus, + readBuffer, + TC_MAX_VOLUME_SECTOR_SIZE, + &offset, + NULL); + + if (NT_SUCCESS (ntStatus)) + { + /* compute the ID of this volume: SHA-256 of the effective header */ + sha256 (volumeID, readBuffer, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + + if (0 == memcmp (volumeID, opentest->volumeID, VOLUME_ID_SIZE)) + { + opentest->VolumeIDMatched = TRUE; + break; + } + } + } + } + + TCfree (readBuffer); + } + } + + ZwClose (NtFileHandle); + Dump ("Open test on file %ls success.\n", opentest->wszFileName); + } + else + { +#if 0 + Dump ("Open test on file %ls failed NTSTATUS 0x%08x\n", opentest->wszFileName, ntStatus); +#endif + } + + Irp->IoStatus.Information = NT_SUCCESS (ntStatus) ? sizeof (OPEN_TEST_STRUCT) : 0; + Irp->IoStatus.Status = ntStatus; + } + break; + + case TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG: + { + GetSystemDriveConfigurationRequest *request = (GetSystemDriveConfigurationRequest *) Irp->AssociatedIrp.SystemBuffer; + OBJECT_ATTRIBUTES ObjectAttributes; + HANDLE NtFileHandle; + UNICODE_STRING FullFileName; + IO_STATUS_BLOCK IoStatus; + LARGE_INTEGER offset; + byte readBuffer [TC_SECTOR_SIZE_BIOS]; + + if (!ValidateIOBufferSize (Irp, sizeof (GetSystemDriveConfigurationRequest), ValidateInputOutput)) + break; + + EnsureNullTerminatedString (request->DevicePath, sizeof (request->DevicePath)); + RtlInitUnicodeString (&FullFileName, request->DevicePath); + + InitializeObjectAttributes (&ObjectAttributes, &FullFileName, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL); + + ntStatus = ZwCreateFile (&NtFileHandle, + SYNCHRONIZE | GENERIC_READ, &ObjectAttributes, &IoStatus, NULL, + FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_OPEN, FILE_SYNCHRONOUS_IO_NONALERT | FILE_RANDOM_ACCESS, NULL, 0); + + if (NT_SUCCESS (ntStatus)) + { + // Determine if the first sector contains a portion of the VeraCrypt Boot Loader + offset.QuadPart = 0; // MBR + + ntStatus = ZwReadFile (NtFileHandle, + NULL, + NULL, + NULL, + &IoStatus, + readBuffer, + sizeof(readBuffer), + &offset, + NULL); + + if (NT_SUCCESS (ntStatus)) + { + size_t i; + + // Check for dynamic drive + request->DriveIsDynamic = FALSE; + + if (readBuffer[510] == 0x55 && readBuffer[511] == 0xaa) + { + int i; + for (i = 0; i < 4; ++i) + { + if (readBuffer[446 + i * 16 + 4] == PARTITION_LDM) + { + request->DriveIsDynamic = TRUE; + break; + } + } + } + + request->BootLoaderVersion = 0; + request->Configuration = 0; + request->UserConfiguration = 0; + request->CustomUserMessage[0] = 0; + + // Search for the string "VeraCrypt" + for (i = 0; i < sizeof (readBuffer) - strlen (TC_APP_NAME); ++i) + { + if (memcmp (readBuffer + i, TC_APP_NAME, strlen (TC_APP_NAME)) == 0) + { + request->BootLoaderVersion = BE16 (*(uint16 *) (readBuffer + TC_BOOT_SECTOR_VERSION_OFFSET)); + request->Configuration = readBuffer[TC_BOOT_SECTOR_CONFIG_OFFSET]; + + if (request->BootLoaderVersion != 0 && request->BootLoaderVersion <= VERSION_NUM) + { + request->UserConfiguration = readBuffer[TC_BOOT_SECTOR_USER_CONFIG_OFFSET]; + memcpy (request->CustomUserMessage, readBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH); + } + break; + } + } + + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = sizeof (*request); + } + else + { + Irp->IoStatus.Status = ntStatus; + Irp->IoStatus.Information = 0; + } + + ZwClose (NtFileHandle); + + } + else + { + Irp->IoStatus.Status = ntStatus; + Irp->IoStatus.Information = 0; + } + } + break; + + case TC_IOCTL_WIPE_PASSWORD_CACHE: + WipeCache (); + + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = 0; + break; + + case TC_IOCTL_GET_PASSWORD_CACHE_STATUS: + Irp->IoStatus.Status = cacheEmpty ? STATUS_PIPE_EMPTY : STATUS_SUCCESS; + Irp->IoStatus.Information = 0; + break; + + case TC_IOCTL_SET_PORTABLE_MODE_STATUS: + if (!UserCanAccessDriveDevice()) + { + Irp->IoStatus.Status = STATUS_ACCESS_DENIED; + Irp->IoStatus.Information = 0; + } + else + { + PortableMode = TRUE; + Dump ("Setting portable mode\n"); + } + break; + + case TC_IOCTL_GET_PORTABLE_MODE_STATUS: + Irp->IoStatus.Status = PortableMode ? STATUS_SUCCESS : STATUS_PIPE_EMPTY; + Irp->IoStatus.Information = 0; + break; + + case TC_IOCTL_GET_MOUNTED_VOLUMES: + + if (ValidateIOBufferSize (Irp, sizeof (MOUNT_LIST_STRUCT), ValidateOutput)) + { + MOUNT_LIST_STRUCT *list = (MOUNT_LIST_STRUCT *) Irp->AssociatedIrp.SystemBuffer; + PDEVICE_OBJECT ListDevice; + int drive; + + list->ulMountedDrives = 0; + + for (drive = MIN_MOUNTED_VOLUME_DRIVE_NUMBER; drive <= MAX_MOUNTED_VOLUME_DRIVE_NUMBER; ++drive) + { + PEXTENSION ListExtension; + + ListDevice = GetVirtualVolumeDeviceObject (drive); + if (!ListDevice) + continue; + + ListExtension = (PEXTENSION) ListDevice->DeviceExtension; + if (IsVolumeAccessibleByCurrentUser (ListExtension)) + { + list->ulMountedDrives |= (1 << ListExtension->nDosDriveNo); + RtlStringCbCopyW (list->wszVolume[ListExtension->nDosDriveNo], sizeof(list->wszVolume[ListExtension->nDosDriveNo]),ListExtension->wszVolume); + RtlStringCbCopyW (list->wszLabel[ListExtension->nDosDriveNo], sizeof(list->wszLabel[ListExtension->nDosDriveNo]),ListExtension->wszLabel); + memcpy (list->volumeID[ListExtension->nDosDriveNo], ListExtension->volumeID, VOLUME_ID_SIZE); + list->diskLength[ListExtension->nDosDriveNo] = ListExtension->DiskLength; + list->ea[ListExtension->nDosDriveNo] = ListExtension->cryptoInfo->ea; + if (ListExtension->cryptoInfo->hiddenVolume) + list->volumeType[ListExtension->nDosDriveNo] = PROP_VOL_TYPE_HIDDEN; // Hidden volume + else if (ListExtension->cryptoInfo->bHiddenVolProtectionAction) + list->volumeType[ListExtension->nDosDriveNo] = PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED; // Normal/outer volume (hidden volume protected AND write already prevented) + else if (ListExtension->cryptoInfo->bProtectHiddenVolume) + list->volumeType[ListExtension->nDosDriveNo] = PROP_VOL_TYPE_OUTER; // Normal/outer volume (hidden volume protected) + else + list->volumeType[ListExtension->nDosDriveNo] = PROP_VOL_TYPE_NORMAL; // Normal volume + list->truecryptMode[ListExtension->nDosDriveNo] = ListExtension->cryptoInfo->bTrueCryptMode; + } + } + + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = sizeof (MOUNT_LIST_STRUCT); + } + break; + + case TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES: + if (ValidateIOBufferSize (Irp, sizeof (uint32), ValidateOutput)) + { + // Prevent the user from downgrading to versions lower than 5.0 by faking mounted volumes. + // The user could render the system unbootable by downgrading when boot encryption + // is active or being set up. + + memset (Irp->AssociatedIrp.SystemBuffer, 0, irpSp->Parameters.DeviceIoControl.OutputBufferLength); + *(uint32 *) Irp->AssociatedIrp.SystemBuffer = 0xffffFFFF; + + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = irpSp->Parameters.DeviceIoControl.OutputBufferLength; + } + break; + + case TC_IOCTL_GET_VOLUME_PROPERTIES: + if (ValidateIOBufferSize (Irp, sizeof (VOLUME_PROPERTIES_STRUCT), ValidateInputOutput)) + { + VOLUME_PROPERTIES_STRUCT *prop = (VOLUME_PROPERTIES_STRUCT *) Irp->AssociatedIrp.SystemBuffer; + PDEVICE_OBJECT ListDevice = GetVirtualVolumeDeviceObject (prop->driveNo); + + Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + Irp->IoStatus.Information = 0; + + if (ListDevice) + { + PEXTENSION ListExtension = (PEXTENSION) ListDevice->DeviceExtension; + if (IsVolumeAccessibleByCurrentUser (ListExtension)) + { + prop->uniqueId = ListExtension->UniqueVolumeId; + RtlStringCbCopyW (prop->wszVolume, sizeof(prop->wszVolume),ListExtension->wszVolume); + RtlStringCbCopyW (prop->wszLabel, sizeof(prop->wszLabel),ListExtension->wszLabel); + memcpy (prop->volumeID, ListExtension->volumeID, VOLUME_ID_SIZE); + prop->bDriverSetLabel = ListExtension->bDriverSetLabel; + prop->diskLength = ListExtension->DiskLength; + prop->ea = ListExtension->cryptoInfo->ea; + prop->mode = ListExtension->cryptoInfo->mode; + prop->pkcs5 = ListExtension->cryptoInfo->pkcs5; + prop->pkcs5Iterations = ListExtension->cryptoInfo->noIterations; + prop->volumePim = ListExtension->cryptoInfo->volumePim; +#if 0 + prop->volumeCreationTime = ListExtension->cryptoInfo->volume_creation_time; + prop->headerCreationTime = ListExtension->cryptoInfo->header_creation_time; +#endif + prop->volumeHeaderFlags = ListExtension->cryptoInfo->HeaderFlags; + prop->readOnly = ListExtension->bReadOnly; + prop->removable = ListExtension->bRemovable; + prop->partitionInInactiveSysEncScope = ListExtension->PartitionInInactiveSysEncScope; + prop->hiddenVolume = ListExtension->cryptoInfo->hiddenVolume; + + if (ListExtension->cryptoInfo->bProtectHiddenVolume) + prop->hiddenVolProtection = ListExtension->cryptoInfo->bHiddenVolProtectionAction ? HIDVOL_PROT_STATUS_ACTION_TAKEN : HIDVOL_PROT_STATUS_ACTIVE; + else + prop->hiddenVolProtection = HIDVOL_PROT_STATUS_NONE; + + prop->totalBytesRead = ListExtension->Queue.TotalBytesRead; + prop->totalBytesWritten = ListExtension->Queue.TotalBytesWritten; + + prop->volFormatVersion = ListExtension->cryptoInfo->LegacyVolume ? TC_VOLUME_FORMAT_VERSION_PRE_6_0 : TC_VOLUME_FORMAT_VERSION; + + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = sizeof (VOLUME_PROPERTIES_STRUCT); + } + } + } + break; + + case TC_IOCTL_GET_RESOLVED_SYMLINK: + if (ValidateIOBufferSize (Irp, sizeof (RESOLVE_SYMLINK_STRUCT), ValidateInputOutput)) + { + RESOLVE_SYMLINK_STRUCT *resolve = (RESOLVE_SYMLINK_STRUCT *) Irp->AssociatedIrp.SystemBuffer; + { + NTSTATUS ntStatus; + + EnsureNullTerminatedString (resolve->symLinkName, sizeof (resolve->symLinkName)); + + ntStatus = SymbolicLinkToTarget (resolve->symLinkName, + resolve->targetName, + sizeof (resolve->targetName)); + + Irp->IoStatus.Information = sizeof (RESOLVE_SYMLINK_STRUCT); + Irp->IoStatus.Status = ntStatus; + } + } + break; + + case TC_IOCTL_GET_DRIVE_PARTITION_INFO: + if (ValidateIOBufferSize (Irp, sizeof (DISK_PARTITION_INFO_STRUCT), ValidateInputOutput)) + { + DISK_PARTITION_INFO_STRUCT *info = (DISK_PARTITION_INFO_STRUCT *) Irp->AssociatedIrp.SystemBuffer; + { + PARTITION_INFORMATION_EX pi; + NTSTATUS ntStatus; + + EnsureNullTerminatedString (info->deviceName, sizeof (info->deviceName)); + + ntStatus = TCDeviceIoControl (info->deviceName, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &pi, sizeof (pi)); + if (NT_SUCCESS(ntStatus)) + { + memset (&info->partInfo, 0, sizeof (info->partInfo)); + + info->partInfo.PartitionLength = pi.PartitionLength; + info->partInfo.PartitionNumber = pi.PartitionNumber; + info->partInfo.StartingOffset = pi.StartingOffset; + + if (pi.PartitionStyle == PARTITION_STYLE_MBR) + { + info->partInfo.PartitionType = pi.Mbr.PartitionType; + info->partInfo.BootIndicator = pi.Mbr.BootIndicator; + } + + info->IsGPT = pi.PartitionStyle == PARTITION_STYLE_GPT; + } + else + { + // Windows 2000 does not support IOCTL_DISK_GET_PARTITION_INFO_EX + ntStatus = TCDeviceIoControl (info->deviceName, IOCTL_DISK_GET_PARTITION_INFO, NULL, 0, &info->partInfo, sizeof (info->partInfo)); + info->IsGPT = FALSE; + } + + if (!NT_SUCCESS (ntStatus)) + { + GET_LENGTH_INFORMATION lengthInfo; + ntStatus = TCDeviceIoControl (info->deviceName, IOCTL_DISK_GET_LENGTH_INFO, NULL, 0, &lengthInfo, sizeof (lengthInfo)); + + if (NT_SUCCESS (ntStatus)) + { + memset (&info->partInfo, 0, sizeof (info->partInfo)); + info->partInfo.PartitionLength = lengthInfo.Length; + } + } + + info->IsDynamic = FALSE; + + if (NT_SUCCESS (ntStatus) && OsMajorVersion >= 6) + { +# define IOCTL_VOLUME_IS_DYNAMIC CTL_CODE(IOCTL_VOLUME_BASE, 18, METHOD_BUFFERED, FILE_ANY_ACCESS) + if (!NT_SUCCESS (TCDeviceIoControl (info->deviceName, IOCTL_VOLUME_IS_DYNAMIC, NULL, 0, &info->IsDynamic, sizeof (info->IsDynamic)))) + info->IsDynamic = FALSE; + } + + Irp->IoStatus.Information = sizeof (DISK_PARTITION_INFO_STRUCT); + Irp->IoStatus.Status = ntStatus; + } + } + break; + + case TC_IOCTL_GET_DRIVE_GEOMETRY: + if (ValidateIOBufferSize (Irp, sizeof (DISK_GEOMETRY_STRUCT), ValidateInputOutput)) + { + DISK_GEOMETRY_STRUCT *g = (DISK_GEOMETRY_STRUCT *) Irp->AssociatedIrp.SystemBuffer; + { + NTSTATUS ntStatus; + + EnsureNullTerminatedString (g->deviceName, sizeof (g->deviceName)); + + ntStatus = TCDeviceIoControl (g->deviceName, + IOCTL_DISK_GET_DRIVE_GEOMETRY, + NULL, 0, &g->diskGeometry, sizeof (g->diskGeometry)); + + Irp->IoStatus.Information = sizeof (DISK_GEOMETRY_STRUCT); + Irp->IoStatus.Status = ntStatus; + } + } + break; + + case TC_IOCTL_PROBE_REAL_DRIVE_SIZE: + if (ValidateIOBufferSize (Irp, sizeof (ProbeRealDriveSizeRequest), ValidateInputOutput)) + { + ProbeRealDriveSizeRequest *request = (ProbeRealDriveSizeRequest *) Irp->AssociatedIrp.SystemBuffer; + NTSTATUS status; + UNICODE_STRING name; + PFILE_OBJECT fileObject; + PDEVICE_OBJECT deviceObject; + + EnsureNullTerminatedString (request->DeviceName, sizeof (request->DeviceName)); + + RtlInitUnicodeString (&name, request->DeviceName); + status = IoGetDeviceObjectPointer (&name, FILE_READ_ATTRIBUTES, &fileObject, &deviceObject); + if (!NT_SUCCESS (status)) + { + Irp->IoStatus.Information = 0; + Irp->IoStatus.Status = status; + break; + } + + status = ProbeRealDriveSize (deviceObject, &request->RealDriveSize); + ObDereferenceObject (fileObject); + + if (status == STATUS_TIMEOUT) + { + request->TimeOut = TRUE; + Irp->IoStatus.Information = sizeof (ProbeRealDriveSizeRequest); + Irp->IoStatus.Status = STATUS_SUCCESS; + } + else if (!NT_SUCCESS (status)) + { + Irp->IoStatus.Information = 0; + Irp->IoStatus.Status = status; + } + else + { + request->TimeOut = FALSE; + Irp->IoStatus.Information = sizeof (ProbeRealDriveSizeRequest); + Irp->IoStatus.Status = status; + } + } + break; + + case TC_IOCTL_MOUNT_VOLUME: + if (ValidateIOBufferSize (Irp, sizeof (MOUNT_STRUCT), ValidateInputOutput)) + { + MOUNT_STRUCT *mount = (MOUNT_STRUCT *) Irp->AssociatedIrp.SystemBuffer; + + if (mount->VolumePassword.Length > MAX_PASSWORD || mount->ProtectedHidVolPassword.Length > MAX_PASSWORD + || mount->pkcs5_prf < 0 || mount->pkcs5_prf > LAST_PRF_ID + || mount->VolumePim < -1 || mount->VolumePim == INT_MAX + || mount->ProtectedHidVolPkcs5Prf < 0 || mount->ProtectedHidVolPkcs5Prf > LAST_PRF_ID + || (mount->bTrueCryptMode != FALSE && mount->bTrueCryptMode != TRUE) + ) + { + Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + Irp->IoStatus.Information = 0; + break; + } + + EnsureNullTerminatedString (mount->wszVolume, sizeof (mount->wszVolume)); + EnsureNullTerminatedString (mount->wszLabel, sizeof (mount->wszLabel)); + + Irp->IoStatus.Information = sizeof (MOUNT_STRUCT); + Irp->IoStatus.Status = MountDevice (DeviceObject, mount); + + burn (&mount->VolumePassword, sizeof (mount->VolumePassword)); + burn (&mount->ProtectedHidVolPassword, sizeof (mount->ProtectedHidVolPassword)); + burn (&mount->pkcs5_prf, sizeof (mount->pkcs5_prf)); + burn (&mount->VolumePim, sizeof (mount->VolumePim)); + burn (&mount->bTrueCryptMode, sizeof (mount->bTrueCryptMode)); + burn (&mount->ProtectedHidVolPkcs5Prf, sizeof (mount->ProtectedHidVolPkcs5Prf)); + burn (&mount->ProtectedHidVolPim, sizeof (mount->ProtectedHidVolPim)); + } + break; + + case TC_IOCTL_DISMOUNT_VOLUME: + if (ValidateIOBufferSize (Irp, sizeof (UNMOUNT_STRUCT), ValidateInputOutput)) + { + UNMOUNT_STRUCT *unmount = (UNMOUNT_STRUCT *) Irp->AssociatedIrp.SystemBuffer; + PDEVICE_OBJECT ListDevice = GetVirtualVolumeDeviceObject (unmount->nDosDriveNo); + + unmount->nReturnCode = ERR_DRIVE_NOT_FOUND; + + if (ListDevice) + { + PEXTENSION ListExtension = (PEXTENSION) ListDevice->DeviceExtension; + + if (IsVolumeAccessibleByCurrentUser (ListExtension)) + unmount->nReturnCode = UnmountDevice (unmount, ListDevice, unmount->ignoreOpenFiles); + } + + Irp->IoStatus.Information = sizeof (UNMOUNT_STRUCT); + Irp->IoStatus.Status = STATUS_SUCCESS; + } + break; + + case TC_IOCTL_DISMOUNT_ALL_VOLUMES: + if (ValidateIOBufferSize (Irp, sizeof (UNMOUNT_STRUCT), ValidateInputOutput)) + { + UNMOUNT_STRUCT *unmount = (UNMOUNT_STRUCT *) Irp->AssociatedIrp.SystemBuffer; + + unmount->nReturnCode = UnmountAllDevices (unmount, unmount->ignoreOpenFiles); + + Irp->IoStatus.Information = sizeof (UNMOUNT_STRUCT); + Irp->IoStatus.Status = STATUS_SUCCESS; + } + break; + + case TC_IOCTL_BOOT_ENCRYPTION_SETUP: + Irp->IoStatus.Status = StartBootEncryptionSetup (DeviceObject, Irp, irpSp); + Irp->IoStatus.Information = 0; + break; + + case TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP: + Irp->IoStatus.Status = AbortBootEncryptionSetup(); + Irp->IoStatus.Information = 0; + break; + + case TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS: + GetBootEncryptionStatus (Irp, irpSp); + break; + + case TC_IOCTL_GET_BOOT_ENCRYPTION_SETUP_RESULT: + Irp->IoStatus.Information = 0; + Irp->IoStatus.Status = GetSetupResult(); + break; + + case TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES: + GetBootDriveVolumeProperties (Irp, irpSp); + break; + + case TC_IOCTL_GET_BOOT_LOADER_VERSION: + GetBootLoaderVersion (Irp, irpSp); + break; + + case TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER: + ReopenBootVolumeHeader (Irp, irpSp); + break; + + case VC_IOCTL_GET_BOOT_LOADER_FINGERPRINT: + GetBootLoaderFingerprint (Irp, irpSp); + break; + + case TC_IOCTL_GET_BOOT_ENCRYPTION_ALGORITHM_NAME: + GetBootEncryptionAlgorithmName (Irp, irpSp); + break; + + case TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING: + if (ValidateIOBufferSize (Irp, sizeof (int), ValidateOutput)) + { + *(int *) Irp->AssociatedIrp.SystemBuffer = IsHiddenSystemRunning() ? 1 : 0; + Irp->IoStatus.Information = sizeof (int); + Irp->IoStatus.Status = STATUS_SUCCESS; + } + break; + + case TC_IOCTL_START_DECOY_SYSTEM_WIPE: + Irp->IoStatus.Status = StartDecoySystemWipe (DeviceObject, Irp, irpSp); + Irp->IoStatus.Information = 0; + break; + + case TC_IOCTL_ABORT_DECOY_SYSTEM_WIPE: + Irp->IoStatus.Status = AbortDecoySystemWipe(); + Irp->IoStatus.Information = 0; + break; + + case TC_IOCTL_GET_DECOY_SYSTEM_WIPE_RESULT: + Irp->IoStatus.Status = GetDecoySystemWipeResult(); + Irp->IoStatus.Information = 0; + break; + + case TC_IOCTL_GET_DECOY_SYSTEM_WIPE_STATUS: + GetDecoySystemWipeStatus (Irp, irpSp); + break; + + case TC_IOCTL_WRITE_BOOT_DRIVE_SECTOR: + Irp->IoStatus.Status = WriteBootDriveSector (Irp, irpSp); + Irp->IoStatus.Information = 0; + break; + + case TC_IOCTL_GET_WARNING_FLAGS: + if (ValidateIOBufferSize (Irp, sizeof (GetWarningFlagsRequest), ValidateOutput)) + { + GetWarningFlagsRequest *flags = (GetWarningFlagsRequest *) Irp->AssociatedIrp.SystemBuffer; + + flags->PagingFileCreationPrevented = PagingFileCreationPrevented; + PagingFileCreationPrevented = FALSE; + flags->SystemFavoriteVolumeDirty = SystemFavoriteVolumeDirty; + SystemFavoriteVolumeDirty = FALSE; + + Irp->IoStatus.Information = sizeof (GetWarningFlagsRequest); + Irp->IoStatus.Status = STATUS_SUCCESS; + } + break; + + case TC_IOCTL_SET_SYSTEM_FAVORITE_VOLUME_DIRTY: + if (UserCanAccessDriveDevice()) + { + SystemFavoriteVolumeDirty = TRUE; + Irp->IoStatus.Status = STATUS_SUCCESS; + } + else + Irp->IoStatus.Status = STATUS_ACCESS_DENIED; + + Irp->IoStatus.Information = 0; + break; + + case TC_IOCTL_REREAD_DRIVER_CONFIG: + Irp->IoStatus.Status = ReadRegistryConfigFlags (FALSE); + Irp->IoStatus.Information = 0; + break; + + case TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG: + if ( (ValidateIOBufferSize (Irp, sizeof (GetSystemDriveDumpConfigRequest), ValidateOutput)) + && (Irp->RequestorMode == KernelMode) + ) + { + GetSystemDriveDumpConfigRequest *request = (GetSystemDriveDumpConfigRequest *) Irp->AssociatedIrp.SystemBuffer; + + request->BootDriveFilterExtension = GetBootDriveFilterExtension(); + if (IsBootDriveMounted() && request->BootDriveFilterExtension) + { + request->HwEncryptionEnabled = IsHwEncryptionEnabled(); + Irp->IoStatus.Status = STATUS_SUCCESS; + Irp->IoStatus.Information = sizeof (*request); + } + else + { + Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; + Irp->IoStatus.Information = 0; + } + } + break; + + default: + return TCCompleteIrp (Irp, STATUS_INVALID_DEVICE_REQUEST, 0); + } + + +#ifdef DEBUG + if (!NT_SUCCESS (Irp->IoStatus.Status)) + { + switch (irpSp->Parameters.DeviceIoControl.IoControlCode) + { + case TC_IOCTL_GET_MOUNTED_VOLUMES: + case TC_IOCTL_GET_PASSWORD_CACHE_STATUS: + case TC_IOCTL_GET_PORTABLE_MODE_STATUS: + case TC_IOCTL_SET_PORTABLE_MODE_STATUS: + case TC_IOCTL_OPEN_TEST: + case TC_IOCTL_GET_RESOLVED_SYMLINK: + case TC_IOCTL_GET_DRIVE_PARTITION_INFO: + case TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES: + case TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS: + case TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING: + break; + + default: + Dump ("IOCTL error 0x%08x\n", Irp->IoStatus.Status); + } + } +#endif + + return TCCompleteIrp (Irp, Irp->IoStatus.Status, Irp->IoStatus.Information); +} + + +NTSTATUS TCStartThread (PKSTART_ROUTINE threadProc, PVOID threadArg, PKTHREAD *kThread) +{ + return TCStartThreadInProcess (threadProc, threadArg, kThread, NULL); +} + + +NTSTATUS TCStartThreadInProcess (PKSTART_ROUTINE threadProc, PVOID threadArg, PKTHREAD *kThread, PEPROCESS process) +{ + NTSTATUS status; + HANDLE threadHandle; + HANDLE processHandle = NULL; + OBJECT_ATTRIBUTES threadObjAttributes; + + if (process) + { + status = ObOpenObjectByPointer (process, OBJ_KERNEL_HANDLE, NULL, 0, NULL, KernelMode, &processHandle); + if (!NT_SUCCESS (status)) + return status; + } + + InitializeObjectAttributes (&threadObjAttributes, NULL, OBJ_KERNEL_HANDLE, NULL, NULL); + + status = PsCreateSystemThread (&threadHandle, THREAD_ALL_ACCESS, &threadObjAttributes, processHandle, NULL, threadProc, threadArg); + if (!NT_SUCCESS (status)) + return status; + + status = ObReferenceObjectByHandle (threadHandle, THREAD_ALL_ACCESS, NULL, KernelMode, (PVOID *) kThread, NULL); + if (!NT_SUCCESS (status)) + { + ZwClose (threadHandle); + *kThread = NULL; + return status; + } + + if (processHandle) + ZwClose (processHandle); + + ZwClose (threadHandle); + return STATUS_SUCCESS; +} + + +void TCStopThread (PKTHREAD kThread, PKEVENT wakeUpEvent) +{ + if (wakeUpEvent) + KeSetEvent (wakeUpEvent, 0, FALSE); + + KeWaitForSingleObject (kThread, Executive, KernelMode, FALSE, NULL); + ObDereferenceObject (kThread); +} + + +NTSTATUS TCStartVolumeThread (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, MOUNT_STRUCT * mount) +{ + PTHREAD_BLOCK pThreadBlock = TCalloc (sizeof (THREAD_BLOCK)); + HANDLE hThread; + NTSTATUS ntStatus; + OBJECT_ATTRIBUTES threadObjAttributes; + SECURITY_QUALITY_OF_SERVICE qos; + + Dump ("Starting thread...\n"); + + if (pThreadBlock == NULL) + { + return STATUS_INSUFFICIENT_RESOURCES; + } + else + { + pThreadBlock->DeviceObject = DeviceObject; + pThreadBlock->mount = mount; + } + + qos.Length = sizeof (qos); + qos.ContextTrackingMode = SECURITY_STATIC_TRACKING; + qos.EffectiveOnly = TRUE; + qos.ImpersonationLevel = SecurityImpersonation; + + ntStatus = SeCreateClientSecurity (PsGetCurrentThread(), &qos, FALSE, &Extension->SecurityClientContext); + if (!NT_SUCCESS (ntStatus)) + goto ret; + + Extension->SecurityClientContextValid = TRUE; + + Extension->bThreadShouldQuit = FALSE; + + InitializeObjectAttributes (&threadObjAttributes, NULL, OBJ_KERNEL_HANDLE, NULL, NULL); + + ntStatus = PsCreateSystemThread (&hThread, + THREAD_ALL_ACCESS, + &threadObjAttributes, + NULL, + NULL, + VolumeThreadProc, + pThreadBlock); + + if (!NT_SUCCESS (ntStatus)) + { + Dump ("PsCreateSystemThread Failed END\n"); + goto ret; + } + + ntStatus = ObReferenceObjectByHandle (hThread, + THREAD_ALL_ACCESS, + NULL, + KernelMode, + &Extension->peThread, + NULL); + + ZwClose (hThread); + + if (!NT_SUCCESS (ntStatus)) + goto ret; + + Dump ("Waiting for thread to initialize...\n"); + + KeWaitForSingleObject (&Extension->keCreateEvent, + Executive, + KernelMode, + FALSE, + NULL); + + Dump ("Waiting completed! Thread returns 0x%08x\n", pThreadBlock->ntCreateStatus); + ntStatus = pThreadBlock->ntCreateStatus; + +ret: + TCfree (pThreadBlock); + return ntStatus; +} + +void TCStopVolumeThread (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension) +{ + NTSTATUS ntStatus; + + UNREFERENCED_PARAMETER (DeviceObject); /* Remove compiler warning */ + + Dump ("Signalling thread to quit...\n"); + + Extension->bThreadShouldQuit = TRUE; + + KeReleaseSemaphore (&Extension->RequestSemaphore, + 0, + 1, + TRUE); + + ntStatus = KeWaitForSingleObject (Extension->peThread, + Executive, + KernelMode, + FALSE, + NULL); + + ASSERT (NT_SUCCESS (ntStatus)); + + ObDereferenceObject (Extension->peThread); + Extension->peThread = NULL; + + Dump ("Thread exited\n"); +} + + +// Suspend current thread for a number of milliseconds +void TCSleep (int milliSeconds) +{ + PKTIMER timer = (PKTIMER) TCalloc (sizeof (KTIMER)); + LARGE_INTEGER duetime; + + if (!timer) + return; + + duetime.QuadPart = (__int64) milliSeconds * -10000; + KeInitializeTimerEx(timer, NotificationTimer); + KeSetTimerEx(timer, duetime, 0, NULL); + + KeWaitForSingleObject (timer, Executive, KernelMode, FALSE, NULL); + + TCfree (timer); +} + +BOOL IsDeviceName(wchar_t wszVolume[TC_MAX_PATH]) +{ + if ( (wszVolume[0] == '\\') + && (wszVolume[1] == 'D' || wszVolume[1] == 'd') + && (wszVolume[2] == 'E' || wszVolume[2] == 'e') + && (wszVolume[3] == 'V' || wszVolume[3] == 'v') + && (wszVolume[4] == 'I' || wszVolume[4] == 'i') + && (wszVolume[5] == 'C' || wszVolume[5] == 'c') + && (wszVolume[6] == 'E' || wszVolume[6] == 'e') + ) + { + return TRUE; + } + else + return FALSE; +} + +/* VolumeThreadProc does all the work of processing IRP's, and dispatching them + to either the ReadWrite function or the DeviceControl function */ +VOID VolumeThreadProc (PVOID Context) +{ + PTHREAD_BLOCK pThreadBlock = (PTHREAD_BLOCK) Context; + PDEVICE_OBJECT DeviceObject = pThreadBlock->DeviceObject; + PEXTENSION Extension = (PEXTENSION) DeviceObject->DeviceExtension; + BOOL bDevice; + + /* Set thread priority to lowest realtime level. */ + KeSetPriorityThread (KeGetCurrentThread (), LOW_REALTIME_PRIORITY); + + Dump ("Mount THREAD OPENING VOLUME BEGIN\n"); + + if ( !IsDeviceName (pThreadBlock->mount->wszVolume)) + { + RtlStringCbCopyW (pThreadBlock->wszMountVolume, sizeof(pThreadBlock->wszMountVolume),WIDE ("\\??\\")); + RtlStringCbCatW (pThreadBlock->wszMountVolume, sizeof(pThreadBlock->wszMountVolume),pThreadBlock->mount->wszVolume); + bDevice = FALSE; + } + else + { + pThreadBlock->wszMountVolume[0] = 0; + RtlStringCbCatW (pThreadBlock->wszMountVolume, sizeof(pThreadBlock->wszMountVolume),pThreadBlock->mount->wszVolume); + bDevice = TRUE; + } + + Dump ("Mount THREAD request for File %ls DriveNumber %d Device = %d\n", + pThreadBlock->wszMountVolume, pThreadBlock->mount->nDosDriveNo, bDevice); + + pThreadBlock->ntCreateStatus = TCOpenVolume (DeviceObject, + Extension, + pThreadBlock->mount, + pThreadBlock->wszMountVolume, + bDevice); + + if (!NT_SUCCESS (pThreadBlock->ntCreateStatus) || pThreadBlock->mount->nReturnCode != 0) + { + KeSetEvent (&Extension->keCreateEvent, 0, FALSE); + PsTerminateSystemThread (STATUS_SUCCESS); + } + + // Start IO queue + Extension->Queue.IsFilterDevice = FALSE; + Extension->Queue.DeviceObject = DeviceObject; + Extension->Queue.CryptoInfo = Extension->cryptoInfo; + Extension->Queue.HostFileHandle = Extension->hDeviceFile; + Extension->Queue.VirtualDeviceLength = Extension->DiskLength; + Extension->Queue.MaxReadAheadOffset.QuadPart = Extension->HostLength; + + if (Extension->SecurityClientContextValid) + Extension->Queue.SecurityClientContext = &Extension->SecurityClientContext; + else + Extension->Queue.SecurityClientContext = NULL; + + pThreadBlock->ntCreateStatus = EncryptedIoQueueStart (&Extension->Queue); + + if (!NT_SUCCESS (pThreadBlock->ntCreateStatus)) + { + TCCloseVolume (DeviceObject, Extension); + + pThreadBlock->mount->nReturnCode = ERR_OS_ERROR; + KeSetEvent (&Extension->keCreateEvent, 0, FALSE); + PsTerminateSystemThread (STATUS_SUCCESS); + } + + KeSetEvent (&Extension->keCreateEvent, 0, FALSE); + /* From this point on pThreadBlock cannot be used as it will have been released! */ + pThreadBlock = NULL; + + for (;;) + { + /* Wait for a request from the dispatch routines. */ + KeWaitForSingleObject ((PVOID) & Extension->RequestSemaphore, Executive, KernelMode, FALSE, NULL); + + for (;;) + { + PIO_STACK_LOCATION irpSp; + PLIST_ENTRY request; + PIRP irp; + + request = ExInterlockedRemoveHeadList (&Extension->ListEntry, &Extension->ListSpinLock); + if (request == NULL) + break; + + irp = CONTAINING_RECORD (request, IRP, Tail.Overlay.ListEntry); + irpSp = IoGetCurrentIrpStackLocation (irp); + + ASSERT (irpSp->MajorFunction == IRP_MJ_DEVICE_CONTROL); + + ProcessVolumeDeviceControlIrp (DeviceObject, Extension, irp); + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, irp); + } + + if (Extension->bThreadShouldQuit) + { + Dump ("Closing volume\n"); + EncryptedIoQueueStop (&Extension->Queue); + + TCCloseVolume (DeviceObject, Extension); + PsTerminateSystemThread (STATUS_SUCCESS); + } + } +} + +void TCGetNTNameFromNumber (LPWSTR ntname, int cbNtName, int nDriveNo) +{ + WCHAR tmp[2] = + {0, 0}; + int j = nDriveNo + (WCHAR) 'A'; + + tmp[0] = (short) j; + RtlStringCbCopyW (ntname, cbNtName,(LPWSTR) NT_MOUNT_PREFIX); + RtlStringCbCatW (ntname, cbNtName, tmp); +} + +void TCGetDosNameFromNumber (LPWSTR dosname,int cbDosName, int nDriveNo, DeviceNamespaceType namespaceType) +{ + WCHAR tmp[3] = + {0, ':', 0}; + int j = nDriveNo + (WCHAR) 'A'; + + tmp[0] = (short) j; + + if (DeviceNamespaceGlobal == namespaceType) + { + RtlStringCbCopyW (dosname, cbDosName, (LPWSTR) DOS_MOUNT_PREFIX_GLOBAL); + } + else + { + RtlStringCbCopyW (dosname, cbDosName, (LPWSTR) DOS_MOUNT_PREFIX_DEFAULT); + } + + RtlStringCbCatW (dosname, cbDosName, tmp); +} + +#ifdef _DEBUG +LPWSTR TCTranslateCode (ULONG ulCode) +{ + switch (ulCode) + { +#define TC_CASE_RET_NAME(CODE) case CODE : return L###CODE + + TC_CASE_RET_NAME (TC_IOCTL_ABORT_BOOT_ENCRYPTION_SETUP); + TC_CASE_RET_NAME (TC_IOCTL_ABORT_DECOY_SYSTEM_WIPE); + TC_CASE_RET_NAME (TC_IOCTL_BOOT_ENCRYPTION_SETUP); + TC_CASE_RET_NAME (TC_IOCTL_DISMOUNT_ALL_VOLUMES); + TC_CASE_RET_NAME (TC_IOCTL_DISMOUNT_VOLUME); + TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES); + TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_ENCRYPTION_ALGORITHM_NAME); + TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_ENCRYPTION_SETUP_RESULT); + TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_ENCRYPTION_STATUS); + TC_CASE_RET_NAME (TC_IOCTL_GET_BOOT_LOADER_VERSION); + TC_CASE_RET_NAME (TC_IOCTL_GET_DECOY_SYSTEM_WIPE_RESULT); + TC_CASE_RET_NAME (TC_IOCTL_GET_DECOY_SYSTEM_WIPE_STATUS); + TC_CASE_RET_NAME (TC_IOCTL_GET_DEVICE_REFCOUNT); + TC_CASE_RET_NAME (TC_IOCTL_GET_DRIVE_GEOMETRY); + TC_CASE_RET_NAME (TC_IOCTL_GET_DRIVE_PARTITION_INFO); + TC_CASE_RET_NAME (TC_IOCTL_GET_DRIVER_VERSION); + TC_CASE_RET_NAME (TC_IOCTL_GET_MOUNTED_VOLUMES); + TC_CASE_RET_NAME (TC_IOCTL_GET_PASSWORD_CACHE_STATUS); + TC_CASE_RET_NAME (TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG); + TC_CASE_RET_NAME (TC_IOCTL_GET_PORTABLE_MODE_STATUS); + TC_CASE_RET_NAME (TC_IOCTL_SET_PORTABLE_MODE_STATUS); + TC_CASE_RET_NAME (TC_IOCTL_GET_RESOLVED_SYMLINK); + TC_CASE_RET_NAME (TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG); + TC_CASE_RET_NAME (TC_IOCTL_GET_VOLUME_PROPERTIES); + TC_CASE_RET_NAME (TC_IOCTL_GET_WARNING_FLAGS); + TC_CASE_RET_NAME (TC_IOCTL_DISK_IS_WRITABLE); + TC_CASE_RET_NAME (TC_IOCTL_IS_ANY_VOLUME_MOUNTED); + TC_CASE_RET_NAME (TC_IOCTL_IS_DRIVER_UNLOAD_DISABLED); + TC_CASE_RET_NAME (TC_IOCTL_IS_HIDDEN_SYSTEM_RUNNING); + TC_CASE_RET_NAME (TC_IOCTL_MOUNT_VOLUME); + TC_CASE_RET_NAME (TC_IOCTL_OPEN_TEST); + TC_CASE_RET_NAME (TC_IOCTL_PROBE_REAL_DRIVE_SIZE); + TC_CASE_RET_NAME (TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER); + TC_CASE_RET_NAME (TC_IOCTL_REREAD_DRIVER_CONFIG); + TC_CASE_RET_NAME (TC_IOCTL_SET_SYSTEM_FAVORITE_VOLUME_DIRTY); + TC_CASE_RET_NAME (TC_IOCTL_START_DECOY_SYSTEM_WIPE); + TC_CASE_RET_NAME (TC_IOCTL_WIPE_PASSWORD_CACHE); + TC_CASE_RET_NAME (TC_IOCTL_WRITE_BOOT_DRIVE_SECTOR); + + TC_CASE_RET_NAME (IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS); + +#undef TC_CASE_RET_NAME + } + + if (ulCode == IOCTL_DISK_GET_DRIVE_GEOMETRY) + return (LPWSTR) _T ("IOCTL_DISK_GET_DRIVE_GEOMETRY"); + else if (ulCode == IOCTL_DISK_GET_DRIVE_GEOMETRY_EX) + return (LPWSTR) _T ("IOCTL_DISK_GET_DRIVE_GEOMETRY_EX"); + else if (ulCode == IOCTL_MOUNTDEV_QUERY_DEVICE_NAME) + return (LPWSTR) _T ("IOCTL_MOUNTDEV_QUERY_DEVICE_NAME"); + else if (ulCode == IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME) + return (LPWSTR) _T ("IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME"); + else if (ulCode == IOCTL_MOUNTDEV_QUERY_UNIQUE_ID) + return (LPWSTR) _T ("IOCTL_MOUNTDEV_QUERY_UNIQUE_ID"); + else if (ulCode == IOCTL_VOLUME_ONLINE) + return (LPWSTR) _T ("IOCTL_VOLUME_ONLINE"); + else if (ulCode == IOCTL_MOUNTDEV_LINK_CREATED) + return (LPWSTR) _T ("IOCTL_MOUNTDEV_LINK_CREATED"); + else if (ulCode == IOCTL_MOUNTDEV_LINK_DELETED) + return (LPWSTR) _T ("IOCTL_MOUNTDEV_LINK_DELETED"); + else if (ulCode == IOCTL_MOUNTMGR_QUERY_POINTS) + return (LPWSTR) _T ("IOCTL_MOUNTMGR_QUERY_POINTS"); + else if (ulCode == IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_CREATED) + return (LPWSTR) _T ("IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_CREATED"); + else if (ulCode == IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_DELETED) + return (LPWSTR) _T ("IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_DELETED"); + else if (ulCode == IOCTL_DISK_GET_LENGTH_INFO) + return (LPWSTR) _T ("IOCTL_DISK_GET_LENGTH_INFO"); + else if (ulCode == IOCTL_STORAGE_GET_DEVICE_NUMBER) + return (LPWSTR) _T ("IOCTL_STORAGE_GET_DEVICE_NUMBER"); + else if (ulCode == IOCTL_DISK_GET_PARTITION_INFO) + return (LPWSTR) _T ("IOCTL_DISK_GET_PARTITION_INFO"); + else if (ulCode == IOCTL_DISK_GET_PARTITION_INFO_EX) + return (LPWSTR) _T ("IOCTL_DISK_GET_PARTITION_INFO_EX"); + else if (ulCode == IOCTL_DISK_SET_PARTITION_INFO) + return (LPWSTR) _T ("IOCTL_DISK_SET_PARTITION_INFO"); + else if (ulCode == IOCTL_DISK_GET_DRIVE_LAYOUT) + return (LPWSTR) _T ("IOCTL_DISK_GET_DRIVE_LAYOUT"); + else if (ulCode == IOCTL_DISK_SET_DRIVE_LAYOUT_EX) + return (LPWSTR) _T ("IOCTL_DISK_SET_DRIVE_LAYOUT_EX"); + else if (ulCode == IOCTL_DISK_VERIFY) + return (LPWSTR) _T ("IOCTL_DISK_VERIFY"); + else if (ulCode == IOCTL_DISK_FORMAT_TRACKS) + return (LPWSTR) _T ("IOCTL_DISK_FORMAT_TRACKS"); + else if (ulCode == IOCTL_DISK_REASSIGN_BLOCKS) + return (LPWSTR) _T ("IOCTL_DISK_REASSIGN_BLOCKS"); + else if (ulCode == IOCTL_DISK_PERFORMANCE) + return (LPWSTR) _T ("IOCTL_DISK_PERFORMANCE"); + else if (ulCode == IOCTL_DISK_IS_WRITABLE) + return (LPWSTR) _T ("IOCTL_DISK_IS_WRITABLE"); + else if (ulCode == IOCTL_DISK_LOGGING) + return (LPWSTR) _T ("IOCTL_DISK_LOGGING"); + else if (ulCode == IOCTL_DISK_FORMAT_TRACKS_EX) + return (LPWSTR) _T ("IOCTL_DISK_FORMAT_TRACKS_EX"); + else if (ulCode == IOCTL_DISK_HISTOGRAM_STRUCTURE) + return (LPWSTR) _T ("IOCTL_DISK_HISTOGRAM_STRUCTURE"); + else if (ulCode == IOCTL_DISK_HISTOGRAM_DATA) + return (LPWSTR) _T ("IOCTL_DISK_HISTOGRAM_DATA"); + else if (ulCode == IOCTL_DISK_HISTOGRAM_RESET) + return (LPWSTR) _T ("IOCTL_DISK_HISTOGRAM_RESET"); + else if (ulCode == IOCTL_DISK_REQUEST_STRUCTURE) + return (LPWSTR) _T ("IOCTL_DISK_REQUEST_STRUCTURE"); + else if (ulCode == IOCTL_DISK_REQUEST_DATA) + return (LPWSTR) _T ("IOCTL_DISK_REQUEST_DATA"); + else if (ulCode == IOCTL_DISK_CONTROLLER_NUMBER) + return (LPWSTR) _T ("IOCTL_DISK_CONTROLLER_NUMBER"); + else if (ulCode == SMART_GET_VERSION) + return (LPWSTR) _T ("SMART_GET_VERSION"); + else if (ulCode == SMART_SEND_DRIVE_COMMAND) + return (LPWSTR) _T ("SMART_SEND_DRIVE_COMMAND"); + else if (ulCode == SMART_RCV_DRIVE_DATA) + return (LPWSTR) _T ("SMART_RCV_DRIVE_DATA"); + else if (ulCode == IOCTL_DISK_INTERNAL_SET_VERIFY) + return (LPWSTR) _T ("IOCTL_DISK_INTERNAL_SET_VERIFY"); + else if (ulCode == IOCTL_DISK_INTERNAL_CLEAR_VERIFY) + return (LPWSTR) _T ("IOCTL_DISK_INTERNAL_CLEAR_VERIFY"); + else if (ulCode == IOCTL_DISK_CHECK_VERIFY) + return (LPWSTR) _T ("IOCTL_DISK_CHECK_VERIFY"); + else if (ulCode == IOCTL_DISK_MEDIA_REMOVAL) + return (LPWSTR) _T ("IOCTL_DISK_MEDIA_REMOVAL"); + else if (ulCode == IOCTL_DISK_EJECT_MEDIA) + return (LPWSTR) _T ("IOCTL_DISK_EJECT_MEDIA"); + else if (ulCode == IOCTL_DISK_LOAD_MEDIA) + return (LPWSTR) _T ("IOCTL_DISK_LOAD_MEDIA"); + else if (ulCode == IOCTL_DISK_RESERVE) + return (LPWSTR) _T ("IOCTL_DISK_RESERVE"); + else if (ulCode == IOCTL_DISK_RELEASE) + return (LPWSTR) _T ("IOCTL_DISK_RELEASE"); + else if (ulCode == IOCTL_DISK_FIND_NEW_DEVICES) + return (LPWSTR) _T ("IOCTL_DISK_FIND_NEW_DEVICES"); + else if (ulCode == IOCTL_DISK_GET_MEDIA_TYPES) + return (LPWSTR) _T ("IOCTL_DISK_GET_MEDIA_TYPES"); + else if (ulCode == IOCTL_STORAGE_SET_HOTPLUG_INFO) + return (LPWSTR) _T ("IOCTL_STORAGE_SET_HOTPLUG_INFO"); + else if (ulCode == IRP_MJ_READ) + return (LPWSTR) _T ("IRP_MJ_READ"); + else if (ulCode == IRP_MJ_WRITE) + return (LPWSTR) _T ("IRP_MJ_WRITE"); + else if (ulCode == IRP_MJ_CREATE) + return (LPWSTR) _T ("IRP_MJ_CREATE"); + else if (ulCode == IRP_MJ_CLOSE) + return (LPWSTR) _T ("IRP_MJ_CLOSE"); + else if (ulCode == IRP_MJ_CLEANUP) + return (LPWSTR) _T ("IRP_MJ_CLEANUP"); + else if (ulCode == IRP_MJ_FLUSH_BUFFERS) + return (LPWSTR) _T ("IRP_MJ_FLUSH_BUFFERS"); + else if (ulCode == IRP_MJ_SHUTDOWN) + return (LPWSTR) _T ("IRP_MJ_SHUTDOWN"); + else if (ulCode == IRP_MJ_DEVICE_CONTROL) + return (LPWSTR) _T ("IRP_MJ_DEVICE_CONTROL"); + else + { + return (LPWSTR) _T ("IOCTL"); + } +} + +#endif + +void TCDeleteDeviceObject (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension) +{ + UNICODE_STRING Win32NameString; + NTSTATUS ntStatus; + + Dump ("TCDeleteDeviceObject BEGIN\n"); + + if (Extension->bRootDevice) + { + RtlInitUnicodeString (&Win32NameString, (LPWSTR) DOS_ROOT_PREFIX); + ntStatus = IoDeleteSymbolicLink (&Win32NameString); + if (!NT_SUCCESS (ntStatus)) + Dump ("IoDeleteSymbolicLink failed ntStatus = 0x%08x\n", ntStatus); + + RootDeviceObject = NULL; + } + else + { + if (Extension->peThread != NULL) + TCStopVolumeThread (DeviceObject, Extension); + + if (Extension->UserSid) + TCfree (Extension->UserSid); + + if (Extension->SecurityClientContextValid) + { + if (OsMajorVersion == 5 && OsMinorVersion == 0) + { + ObDereferenceObject (Extension->SecurityClientContext.ClientToken); + } + else + { + // Windows 2000 does not support PsDereferenceImpersonationToken() used by SeDeleteClientSecurity(). + // TODO: Use only SeDeleteClientSecurity() once support for Windows 2000 is dropped. + + VOID (*PsDereferenceImpersonationTokenD) (PACCESS_TOKEN ImpersonationToken); + UNICODE_STRING name; + RtlInitUnicodeString (&name, L"PsDereferenceImpersonationToken"); + + PsDereferenceImpersonationTokenD = MmGetSystemRoutineAddress (&name); + if (!PsDereferenceImpersonationTokenD) + TC_BUG_CHECK (STATUS_NOT_IMPLEMENTED); + +# define PsDereferencePrimaryToken +# define PsDereferenceImpersonationToken PsDereferenceImpersonationTokenD + + SeDeleteClientSecurity (&Extension->SecurityClientContext); + +# undef PsDereferencePrimaryToken +# undef PsDereferenceImpersonationToken + } + } + + VirtualVolumeDeviceObjects[Extension->nDosDriveNo] = NULL; + } + + IoDeleteDevice (DeviceObject); + + Dump ("TCDeleteDeviceObject END\n"); +} + + +VOID TCUnloadDriver (PDRIVER_OBJECT DriverObject) +{ + Dump ("TCUnloadDriver BEGIN\n"); + + OnShutdownPending(); + + if (IsBootDriveMounted()) + TC_BUG_CHECK (STATUS_INVALID_DEVICE_STATE); + + EncryptionThreadPoolStop(); + TCDeleteDeviceObject (RootDeviceObject, (PEXTENSION) RootDeviceObject->DeviceExtension); + + Dump ("TCUnloadDriver END\n"); +} + + +void OnShutdownPending () +{ + UNMOUNT_STRUCT unmount; + memset (&unmount, 0, sizeof (unmount)); + unmount.ignoreOpenFiles = TRUE; + + while (SendDeviceIoControlRequest (RootDeviceObject, TC_IOCTL_DISMOUNT_ALL_VOLUMES, &unmount, sizeof (unmount), &unmount, sizeof (unmount)) == STATUS_INSUFFICIENT_RESOURCES || unmount.HiddenVolumeProtectionTriggered) + unmount.HiddenVolumeProtectionTriggered = FALSE; + + while (SendDeviceIoControlRequest (RootDeviceObject, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0) == STATUS_INSUFFICIENT_RESOURCES); +} + + +NTSTATUS TCDeviceIoControl (PWSTR deviceName, ULONG IoControlCode, void *InputBuffer, ULONG InputBufferSize, void *OutputBuffer, ULONG OutputBufferSize) +{ + IO_STATUS_BLOCK ioStatusBlock; + NTSTATUS ntStatus; + PIRP irp; + PFILE_OBJECT fileObject; + PDEVICE_OBJECT deviceObject; + KEVENT event; + UNICODE_STRING name; + + RtlInitUnicodeString(&name, deviceName); + ntStatus = IoGetDeviceObjectPointer (&name, FILE_READ_ATTRIBUTES, &fileObject, &deviceObject); + + if (!NT_SUCCESS (ntStatus)) + return ntStatus; + + KeInitializeEvent(&event, NotificationEvent, FALSE); + + irp = IoBuildDeviceIoControlRequest (IoControlCode, + deviceObject, + InputBuffer, InputBufferSize, + OutputBuffer, OutputBufferSize, + FALSE, + &event, + &ioStatusBlock); + + if (irp == NULL) + { + Dump ("IRP allocation failed\n"); + ntStatus = STATUS_INSUFFICIENT_RESOURCES; + goto ret; + } + + IoGetNextIrpStackLocation (irp)->FileObject = fileObject; + + ntStatus = IoCallDriver (deviceObject, irp); + if (ntStatus == STATUS_PENDING) + { + KeWaitForSingleObject (&event, Executive, KernelMode, FALSE, NULL); + ntStatus = ioStatusBlock.Status; + } + +ret: + ObDereferenceObject (fileObject); + return ntStatus; +} + + +typedef struct +{ + PDEVICE_OBJECT deviceObject; ULONG ioControlCode; void *inputBuffer; int inputBufferSize; void *outputBuffer; int outputBufferSize; + NTSTATUS Status; + KEVENT WorkItemCompletedEvent; +} SendDeviceIoControlRequestWorkItemArgs; + + +static VOID SendDeviceIoControlRequestWorkItemRoutine (PDEVICE_OBJECT rootDeviceObject, SendDeviceIoControlRequestWorkItemArgs *arg) +{ + arg->Status = SendDeviceIoControlRequest (arg->deviceObject, arg->ioControlCode, arg->inputBuffer, arg->inputBufferSize, arg->outputBuffer, arg->outputBufferSize); + KeSetEvent (&arg->WorkItemCompletedEvent, IO_NO_INCREMENT, FALSE); +} + + +NTSTATUS SendDeviceIoControlRequest (PDEVICE_OBJECT deviceObject, ULONG ioControlCode, void *inputBuffer, int inputBufferSize, void *outputBuffer, int outputBufferSize) +{ + IO_STATUS_BLOCK ioStatusBlock; + NTSTATUS status; + PIRP irp; + KEVENT event; + + if (KeGetCurrentIrql() > APC_LEVEL) + { + SendDeviceIoControlRequestWorkItemArgs args; + + PIO_WORKITEM workItem = IoAllocateWorkItem (RootDeviceObject); + if (!workItem) + return STATUS_INSUFFICIENT_RESOURCES; + + args.deviceObject = deviceObject; + args.ioControlCode = ioControlCode; + args.inputBuffer = inputBuffer; + args.inputBufferSize = inputBufferSize; + args.outputBuffer = outputBuffer; + args.outputBufferSize = outputBufferSize; + + KeInitializeEvent (&args.WorkItemCompletedEvent, SynchronizationEvent, FALSE); + IoQueueWorkItem (workItem, SendDeviceIoControlRequestWorkItemRoutine, DelayedWorkQueue, &args); + + KeWaitForSingleObject (&args.WorkItemCompletedEvent, Executive, KernelMode, FALSE, NULL); + IoFreeWorkItem (workItem); + + return args.Status; + } + + KeInitializeEvent (&event, NotificationEvent, FALSE); + + irp = IoBuildDeviceIoControlRequest (ioControlCode, deviceObject, inputBuffer, inputBufferSize, + outputBuffer, outputBufferSize, FALSE, &event, &ioStatusBlock); + + if (!irp) + return STATUS_INSUFFICIENT_RESOURCES; + + ObReferenceObject (deviceObject); + + status = IoCallDriver (deviceObject, irp); + if (status == STATUS_PENDING) + { + KeWaitForSingleObject (&event, Executive, KernelMode, FALSE, NULL); + status = ioStatusBlock.Status; + } + + ObDereferenceObject (deviceObject); + return status; +} + + +NTSTATUS ProbeRealDriveSize (PDEVICE_OBJECT driveDeviceObject, LARGE_INTEGER *driveSize) +{ + NTSTATUS status; + LARGE_INTEGER sysLength; + LARGE_INTEGER offset; + byte *sectorBuffer; + ULONGLONG startTime; + + if (!UserCanAccessDriveDevice()) + return STATUS_ACCESS_DENIED; + + sectorBuffer = TCalloc (TC_SECTOR_SIZE_BIOS); + if (!sectorBuffer) + return STATUS_INSUFFICIENT_RESOURCES; + + status = SendDeviceIoControlRequest (driveDeviceObject, IOCTL_DISK_GET_LENGTH_INFO, + NULL, 0, &sysLength, sizeof (sysLength)); + + if (!NT_SUCCESS (status)) + { + Dump ("Failed to get drive size - error %x\n", status); + TCfree (sectorBuffer); + return status; + } + + startTime = KeQueryInterruptTime (); + for (offset.QuadPart = sysLength.QuadPart; ; offset.QuadPart += TC_SECTOR_SIZE_BIOS) + { + status = TCReadDevice (driveDeviceObject, sectorBuffer, offset, TC_SECTOR_SIZE_BIOS); + + if (NT_SUCCESS (status)) + status = TCWriteDevice (driveDeviceObject, sectorBuffer, offset, TC_SECTOR_SIZE_BIOS); + + if (!NT_SUCCESS (status)) + { + driveSize->QuadPart = offset.QuadPart; + Dump ("Real drive size = %I64d bytes (%I64d hidden)\n", driveSize->QuadPart, driveSize->QuadPart - sysLength.QuadPart); + TCfree (sectorBuffer); + return STATUS_SUCCESS; + } + + if (KeQueryInterruptTime() - startTime > 3ULL * 60 * 1000 * 1000 * 10) + { + // Abort if probing for more than 3 minutes + driveSize->QuadPart = sysLength.QuadPart; + TCfree (sectorBuffer); + return STATUS_TIMEOUT; + } + } +} + + +NTSTATUS TCOpenFsVolume (PEXTENSION Extension, PHANDLE volumeHandle, PFILE_OBJECT * fileObject) +{ + NTSTATUS ntStatus; + OBJECT_ATTRIBUTES objectAttributes; + UNICODE_STRING fullFileName; + IO_STATUS_BLOCK ioStatus; + WCHAR volumeName[TC_MAX_PATH]; + + TCGetNTNameFromNumber (volumeName, sizeof(volumeName),Extension->nDosDriveNo); + RtlInitUnicodeString (&fullFileName, volumeName); + InitializeObjectAttributes (&objectAttributes, &fullFileName, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL); + + ntStatus = ZwCreateFile (volumeHandle, + SYNCHRONIZE | GENERIC_READ, + &objectAttributes, + &ioStatus, + NULL, + FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_READ | FILE_SHARE_WRITE, + FILE_OPEN, + FILE_SYNCHRONOUS_IO_NONALERT, + NULL, + 0); + + Dump ("Volume %ls open NTSTATUS 0x%08x\n", volumeName, ntStatus); + + if (!NT_SUCCESS (ntStatus)) + return ntStatus; + + ntStatus = ObReferenceObjectByHandle (*volumeHandle, + FILE_READ_DATA, + NULL, + KernelMode, + fileObject, + NULL); + + if (!NT_SUCCESS (ntStatus)) + ZwClose (*volumeHandle); + + return ntStatus; +} + + +void TCCloseFsVolume (HANDLE volumeHandle, PFILE_OBJECT fileObject) +{ + ObDereferenceObject (fileObject); + ZwClose (volumeHandle); +} + + +static NTSTATUS TCReadWriteDevice (BOOL write, PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length) +{ + NTSTATUS status; + IO_STATUS_BLOCK ioStatusBlock; + PIRP irp; + KEVENT completionEvent; + + ASSERT (KeGetCurrentIrql() <= APC_LEVEL); + + KeInitializeEvent (&completionEvent, NotificationEvent, FALSE); + irp = IoBuildSynchronousFsdRequest (write ? IRP_MJ_WRITE : IRP_MJ_READ, deviceObject, buffer, length, &offset, &completionEvent, &ioStatusBlock); + if (!irp) + return STATUS_INSUFFICIENT_RESOURCES; + + ObReferenceObject (deviceObject); + status = IoCallDriver (deviceObject, irp); + + if (status == STATUS_PENDING) + { + status = KeWaitForSingleObject (&completionEvent, Executive, KernelMode, FALSE, NULL); + if (NT_SUCCESS (status)) + status = ioStatusBlock.Status; + } + + ObDereferenceObject (deviceObject); + return status; +} + + +NTSTATUS TCReadDevice (PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length) +{ + return TCReadWriteDevice (FALSE, deviceObject, buffer, offset, length); +} + + +NTSTATUS TCWriteDevice (PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length) +{ + return TCReadWriteDevice (TRUE, deviceObject, buffer, offset, length); +} + + +NTSTATUS TCFsctlCall (PFILE_OBJECT fileObject, LONG IoControlCode, + void *InputBuffer, int InputBufferSize, void *OutputBuffer, int OutputBufferSize) +{ + IO_STATUS_BLOCK ioStatusBlock; + NTSTATUS ntStatus; + PIRP irp; + KEVENT event; + PIO_STACK_LOCATION stack; + PDEVICE_OBJECT deviceObject = IoGetRelatedDeviceObject (fileObject); + + KeInitializeEvent(&event, NotificationEvent, FALSE); + + irp = IoBuildDeviceIoControlRequest (IoControlCode, + deviceObject, + InputBuffer, InputBufferSize, + OutputBuffer, OutputBufferSize, + FALSE, + &event, + &ioStatusBlock); + + if (irp == NULL) + return STATUS_INSUFFICIENT_RESOURCES; + + stack = IoGetNextIrpStackLocation(irp); + + stack->MajorFunction = IRP_MJ_FILE_SYSTEM_CONTROL; + stack->MinorFunction = IRP_MN_USER_FS_REQUEST; + stack->FileObject = fileObject; + + ntStatus = IoCallDriver (deviceObject, irp); + if (ntStatus == STATUS_PENDING) + { + KeWaitForSingleObject (&event, Executive, KernelMode, FALSE, NULL); + ntStatus = ioStatusBlock.Status; + } + + return ntStatus; +} + + +NTSTATUS CreateDriveLink (int nDosDriveNo) +{ + WCHAR dev[128], link[128]; + UNICODE_STRING deviceName, symLink; + NTSTATUS ntStatus; + + TCGetNTNameFromNumber (dev, sizeof(dev),nDosDriveNo); + TCGetDosNameFromNumber (link, sizeof(link),nDosDriveNo, DeviceNamespaceDefault); + + RtlInitUnicodeString (&deviceName, dev); + RtlInitUnicodeString (&symLink, link); + + ntStatus = IoCreateSymbolicLink (&symLink, &deviceName); + Dump ("IoCreateSymbolicLink returned %X\n", ntStatus); + return ntStatus; +} + + +NTSTATUS RemoveDriveLink (int nDosDriveNo) +{ + WCHAR link[256]; + UNICODE_STRING symLink; + NTSTATUS ntStatus; + + TCGetDosNameFromNumber (link, sizeof(link),nDosDriveNo, DeviceNamespaceDefault); + RtlInitUnicodeString (&symLink, link); + + ntStatus = IoDeleteSymbolicLink (&symLink); + Dump ("IoDeleteSymbolicLink returned %X\n", ntStatus); + return ntStatus; +} + + +NTSTATUS MountManagerMount (MOUNT_STRUCT *mount) +{ + NTSTATUS ntStatus; + WCHAR arrVolume[256]; + char buf[200]; + PMOUNTMGR_TARGET_NAME in = (PMOUNTMGR_TARGET_NAME) buf; + PMOUNTMGR_CREATE_POINT_INPUT point = (PMOUNTMGR_CREATE_POINT_INPUT) buf; + + TCGetNTNameFromNumber (arrVolume, sizeof(arrVolume),mount->nDosDriveNo); + in->DeviceNameLength = (USHORT) wcslen (arrVolume) * 2; + RtlStringCbCopyW(in->DeviceName, sizeof(buf) - sizeof(in->DeviceNameLength),arrVolume); + + ntStatus = TCDeviceIoControl (MOUNTMGR_DEVICE_NAME, IOCTL_MOUNTMGR_VOLUME_ARRIVAL_NOTIFICATION, + in, (ULONG) (sizeof (in->DeviceNameLength) + wcslen (arrVolume) * 2), 0, 0); + + memset (buf, 0, sizeof buf); + TCGetDosNameFromNumber ((PWSTR) &point[1], sizeof(buf) - sizeof(MOUNTMGR_CREATE_POINT_INPUT),mount->nDosDriveNo, DeviceNamespaceDefault); + + point->SymbolicLinkNameOffset = sizeof (MOUNTMGR_CREATE_POINT_INPUT); + point->SymbolicLinkNameLength = (USHORT) wcslen ((PWSTR) &point[1]) * 2; + + point->DeviceNameOffset = point->SymbolicLinkNameOffset + point->SymbolicLinkNameLength; + TCGetNTNameFromNumber ((PWSTR) (buf + point->DeviceNameOffset), sizeof(buf) - point->DeviceNameOffset,mount->nDosDriveNo); + point->DeviceNameLength = (USHORT) wcslen ((PWSTR) (buf + point->DeviceNameOffset)) * 2; + + ntStatus = TCDeviceIoControl (MOUNTMGR_DEVICE_NAME, IOCTL_MOUNTMGR_CREATE_POINT, point, + point->DeviceNameOffset + point->DeviceNameLength, 0, 0); + + return ntStatus; +} + + +NTSTATUS MountManagerUnmount (int nDosDriveNo) +{ + NTSTATUS ntStatus; + char buf[256], out[300]; + PMOUNTMGR_MOUNT_POINT in = (PMOUNTMGR_MOUNT_POINT) buf; + + memset (buf, 0, sizeof buf); + + TCGetDosNameFromNumber ((PWSTR) &in[1], sizeof(buf) - sizeof(MOUNTMGR_MOUNT_POINT),nDosDriveNo, DeviceNamespaceDefault); + + // Only symbolic link can be deleted with IOCTL_MOUNTMGR_DELETE_POINTS. If any other entry is specified, the mount manager will ignore subsequent IOCTL_MOUNTMGR_VOLUME_ARRIVAL_NOTIFICATION for the same volume ID. + in->SymbolicLinkNameOffset = sizeof (MOUNTMGR_MOUNT_POINT); + in->SymbolicLinkNameLength = (USHORT) wcslen ((PWCHAR) &in[1]) * 2; + + ntStatus = TCDeviceIoControl (MOUNTMGR_DEVICE_NAME, IOCTL_MOUNTMGR_DELETE_POINTS, + in, sizeof(MOUNTMGR_MOUNT_POINT) + in->SymbolicLinkNameLength, out, sizeof out); + + Dump ("IOCTL_MOUNTMGR_DELETE_POINTS returned 0x%08x\n", ntStatus); + + return ntStatus; +} + + +NTSTATUS MountDevice (PDEVICE_OBJECT DeviceObject, MOUNT_STRUCT *mount) +{ + PDEVICE_OBJECT NewDeviceObject; + NTSTATUS ntStatus; + + // Make sure the user is asking for a reasonable nDosDriveNo + if (mount->nDosDriveNo >= 0 && mount->nDosDriveNo <= 25 + && IsDriveLetterAvailable (mount->nDosDriveNo, DeviceNamespaceDefault) // drive letter must not exist both locally and globally + && IsDriveLetterAvailable (mount->nDosDriveNo, DeviceNamespaceGlobal) + ) + { + Dump ("Mount request looks valid\n"); + } + else + { + Dump ("WARNING: MOUNT DRIVE LETTER INVALID\n"); + mount->nReturnCode = ERR_DRIVE_NOT_FOUND; + return ERR_DRIVE_NOT_FOUND; + } + + if (!SelfTestsPassed) + { + mount->nReturnCode = ERR_SELF_TESTS_FAILED; + return ERR_SELF_TESTS_FAILED; + } + + ntStatus = TCCreateDeviceObject (DeviceObject->DriverObject, &NewDeviceObject, mount); + + if (!NT_SUCCESS (ntStatus)) + { + Dump ("Mount CREATE DEVICE ERROR, ntStatus = 0x%08x\n", ntStatus); + return ntStatus; + } + else + { + PEXTENSION NewExtension = (PEXTENSION) NewDeviceObject->DeviceExtension; + SECURITY_SUBJECT_CONTEXT subContext; + PACCESS_TOKEN accessToken; + + SeCaptureSubjectContext (&subContext); + SeLockSubjectContext(&subContext); + if (subContext.ClientToken && subContext.ImpersonationLevel >= SecurityImpersonation) + accessToken = subContext.ClientToken; + else + accessToken = subContext.PrimaryToken; + + if (!accessToken) + { + ntStatus = STATUS_INVALID_PARAMETER; + } + else + { + PTOKEN_USER tokenUser; + + ntStatus = SeQueryInformationToken (accessToken, TokenUser, &tokenUser); + if (NT_SUCCESS (ntStatus)) + { + ULONG sidLength = RtlLengthSid (tokenUser->User.Sid); + + NewExtension->UserSid = TCalloc (sidLength); + if (!NewExtension->UserSid) + ntStatus = STATUS_INSUFFICIENT_RESOURCES; + else + ntStatus = RtlCopySid (sidLength, NewExtension->UserSid, tokenUser->User.Sid); + + ExFreePool (tokenUser); // Documented in newer versions of WDK + } + } + + SeUnlockSubjectContext(&subContext); + SeReleaseSubjectContext (&subContext); + + if (NT_SUCCESS (ntStatus)) + ntStatus = TCStartVolumeThread (NewDeviceObject, NewExtension, mount); + + if (!NT_SUCCESS (ntStatus)) + { + Dump ("Mount FAILURE NT ERROR, ntStatus = 0x%08x\n", ntStatus); + TCDeleteDeviceObject (NewDeviceObject, NewExtension); + return ntStatus; + } + else + { + if (mount->nReturnCode == 0) + { + HANDLE volumeHandle; + PFILE_OBJECT volumeFileObject; + ULONG labelLen = (ULONG) wcslen (mount->wszLabel); + BOOL bIsNTFS = FALSE; + ULONG labelMaxLen, labelEffectiveLen; + + Dump ("Mount SUCCESS TC code = 0x%08x READ-ONLY = %d\n", mount->nReturnCode, NewExtension->bReadOnly); + + if (NewExtension->bReadOnly) + NewDeviceObject->Characteristics |= FILE_READ_ONLY_DEVICE; + + NewDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING; + + NewExtension->UniqueVolumeId = LastUniqueVolumeId++; + + // check again that the drive letter is available globally and locally + if ( !IsDriveLetterAvailable (mount->nDosDriveNo, DeviceNamespaceDefault) + || !IsDriveLetterAvailable (mount->nDosDriveNo, DeviceNamespaceGlobal) + ) + { + TCDeleteDeviceObject (NewDeviceObject, NewExtension); + mount->nReturnCode = ERR_DRIVE_NOT_FOUND; + return ERR_DRIVE_NOT_FOUND; + } + + if (mount->bMountManager) + MountManagerMount (mount); + + NewExtension->bMountManager = mount->bMountManager; + + // We create symbolic link even if mount manager is notified of + // arriving volume as it apparently sometimes fails to create the link + CreateDriveLink (mount->nDosDriveNo); + + mount->FilesystemDirty = FALSE; + + if (NT_SUCCESS (TCOpenFsVolume (NewExtension, &volumeHandle, &volumeFileObject))) + { + __try + { + ULONG fsStatus; + + if (NT_SUCCESS (TCFsctlCall (volumeFileObject, FSCTL_IS_VOLUME_DIRTY, NULL, 0, &fsStatus, sizeof (fsStatus))) + && (fsStatus & VOLUME_IS_DIRTY)) + { + mount->FilesystemDirty = TRUE; + } + } + __except (EXCEPTION_EXECUTE_HANDLER) + { + mount->FilesystemDirty = TRUE; + } + + // detect if the filesystem is NTFS or FAT + __try + { + NTFS_VOLUME_DATA_BUFFER ntfsData; + if (NT_SUCCESS (TCFsctlCall (volumeFileObject, FSCTL_GET_NTFS_VOLUME_DATA, NULL, 0, &ntfsData, sizeof (ntfsData)))) + { + bIsNTFS = TRUE; + } + } + __except (EXCEPTION_EXECUTE_HANDLER) + { + bIsNTFS = FALSE; + } + + NewExtension->bIsNTFS = bIsNTFS; + mount->bIsNTFS = bIsNTFS; + + if (labelLen > 0) + { + if (bIsNTFS) + labelMaxLen = 32; // NTFS maximum label length + else + labelMaxLen = 11; // FAT maximum label length + + // calculate label effective length + labelEffectiveLen = labelLen > labelMaxLen? labelMaxLen : labelLen; + + // correct the label in the device + memset (&NewExtension->wszLabel[labelEffectiveLen], 0, 33 - labelEffectiveLen); + memcpy (mount->wszLabel, NewExtension->wszLabel, 33); + + // set the volume label + __try + { + IO_STATUS_BLOCK ioblock; + ULONG labelInfoSize = sizeof(FILE_FS_LABEL_INFORMATION) + (labelEffectiveLen * sizeof(WCHAR)); + FILE_FS_LABEL_INFORMATION* labelInfo = (FILE_FS_LABEL_INFORMATION*) TCalloc (labelInfoSize); + labelInfo->VolumeLabelLength = labelEffectiveLen * sizeof(WCHAR); + memcpy (labelInfo->VolumeLabel, mount->wszLabel, labelInfo->VolumeLabelLength); + + if (STATUS_SUCCESS == ZwSetVolumeInformationFile (volumeHandle, &ioblock, labelInfo, labelInfoSize, FileFsLabelInformation)) + { + mount->bDriverSetLabel = TRUE; + NewExtension->bDriverSetLabel = TRUE; + } + + TCfree(labelInfo); + } + __except (EXCEPTION_EXECUTE_HANDLER) + { + + } + } + + TCCloseFsVolume (volumeHandle, volumeFileObject); + } + } + else + { + Dump ("Mount FAILURE TC code = 0x%08x\n", mount->nReturnCode); + TCDeleteDeviceObject (NewDeviceObject, NewExtension); + } + + return STATUS_SUCCESS; + } + } +} + +NTSTATUS UnmountDevice (UNMOUNT_STRUCT *unmountRequest, PDEVICE_OBJECT deviceObject, BOOL ignoreOpenFiles) +{ + PEXTENSION extension = deviceObject->DeviceExtension; + NTSTATUS ntStatus; + HANDLE volumeHandle; + PFILE_OBJECT volumeFileObject; + + Dump ("UnmountDevice %d\n", extension->nDosDriveNo); + + ntStatus = TCOpenFsVolume (extension, &volumeHandle, &volumeFileObject); + + if (NT_SUCCESS (ntStatus)) + { + int dismountRetry; + + // Dismounting a writable NTFS filesystem prevents the driver from being unloaded on Windows 7 + if (IsOSAtLeast (WIN_7) && !extension->bReadOnly) + { + NTFS_VOLUME_DATA_BUFFER ntfsData; + + if (NT_SUCCESS (TCFsctlCall (volumeFileObject, FSCTL_GET_NTFS_VOLUME_DATA, NULL, 0, &ntfsData, sizeof (ntfsData)))) + DriverUnloadDisabled = TRUE; + } + + // Lock volume + ntStatus = TCFsctlCall (volumeFileObject, FSCTL_LOCK_VOLUME, NULL, 0, NULL, 0); + Dump ("FSCTL_LOCK_VOLUME returned %X\n", ntStatus); + + if (!NT_SUCCESS (ntStatus) && !ignoreOpenFiles) + { + TCCloseFsVolume (volumeHandle, volumeFileObject); + return ERR_FILES_OPEN; + } + + // Dismount volume + for (dismountRetry = 0; dismountRetry < 200; ++dismountRetry) + { + ntStatus = TCFsctlCall (volumeFileObject, FSCTL_DISMOUNT_VOLUME, NULL, 0, NULL, 0); + Dump ("FSCTL_DISMOUNT_VOLUME returned %X\n", ntStatus); + + if (NT_SUCCESS (ntStatus) || ntStatus == STATUS_VOLUME_DISMOUNTED) + break; + + if (!ignoreOpenFiles) + { + TCCloseFsVolume (volumeHandle, volumeFileObject); + return ERR_FILES_OPEN; + } + + TCSleep (100); + } + } + else + { + // Volume cannot be opened => force dismount if allowed + if (!ignoreOpenFiles) + return ERR_FILES_OPEN; + else + volumeHandle = NULL; + } + + if (extension->bMountManager) + MountManagerUnmount (extension->nDosDriveNo); + + // We always remove symbolic link as mount manager might fail to do so + RemoveDriveLink (extension->nDosDriveNo); + + extension->bShuttingDown = TRUE; + + ntStatus = IoAcquireRemoveLock (&extension->Queue.RemoveLock, NULL); + ASSERT (NT_SUCCESS (ntStatus)); + IoReleaseRemoveLockAndWait (&extension->Queue.RemoveLock, NULL); + + if (volumeHandle != NULL) + TCCloseFsVolume (volumeHandle, volumeFileObject); + + if (unmountRequest) + { + PCRYPTO_INFO cryptoInfo = ((PEXTENSION) deviceObject->DeviceExtension)->cryptoInfo; + unmountRequest->HiddenVolumeProtectionTriggered = (cryptoInfo->bProtectHiddenVolume && cryptoInfo->bHiddenVolProtectionAction); + } + + TCDeleteDeviceObject (deviceObject, (PEXTENSION) deviceObject->DeviceExtension); + return 0; +} + + +static PDEVICE_OBJECT FindVolumeWithHighestUniqueId (int maxUniqueId) +{ + PDEVICE_OBJECT highestIdDevice = NULL; + int highestId = -1; + int drive; + + for (drive = MIN_MOUNTED_VOLUME_DRIVE_NUMBER; drive <= MAX_MOUNTED_VOLUME_DRIVE_NUMBER; ++drive) + { + PDEVICE_OBJECT device = GetVirtualVolumeDeviceObject (drive); + if (device) + { + PEXTENSION extension = (PEXTENSION) device->DeviceExtension; + if (extension->UniqueVolumeId > highestId && extension->UniqueVolumeId <= maxUniqueId) + { + highestId = extension->UniqueVolumeId; + highestIdDevice = device; + } + } + } + + return highestIdDevice; +} + + +NTSTATUS UnmountAllDevices (UNMOUNT_STRUCT *unmountRequest, BOOL ignoreOpenFiles) +{ + NTSTATUS status = 0; + PDEVICE_OBJECT ListDevice; + int maxUniqueId = LastUniqueVolumeId; + + Dump ("Unmounting all volumes\n"); + + if (unmountRequest) + unmountRequest->HiddenVolumeProtectionTriggered = FALSE; + + // Dismount volumes in the reverse order they were mounted to properly dismount nested volumes + while ((ListDevice = FindVolumeWithHighestUniqueId (maxUniqueId)) != NULL) + { + PEXTENSION ListExtension = (PEXTENSION) ListDevice->DeviceExtension; + maxUniqueId = ListExtension->UniqueVolumeId - 1; + + if (IsVolumeAccessibleByCurrentUser (ListExtension)) + { + NTSTATUS ntStatus; + + if (unmountRequest) + unmountRequest->nDosDriveNo = ListExtension->nDosDriveNo; + + ntStatus = UnmountDevice (unmountRequest, ListDevice, ignoreOpenFiles); + status = ntStatus == 0 ? status : ntStatus; + + if (unmountRequest && unmountRequest->HiddenVolumeProtectionTriggered) + break; + } + } + + return status; +} + +// Resolves symbolic link name to its target name +NTSTATUS SymbolicLinkToTarget (PWSTR symlinkName, PWSTR targetName, USHORT maxTargetNameLength) +{ + NTSTATUS ntStatus; + OBJECT_ATTRIBUTES objectAttributes; + UNICODE_STRING fullFileName; + HANDLE handle; + + RtlInitUnicodeString (&fullFileName, symlinkName); + InitializeObjectAttributes (&objectAttributes, &fullFileName, OBJ_KERNEL_HANDLE | OBJ_CASE_INSENSITIVE, NULL, NULL); + + ntStatus = ZwOpenSymbolicLinkObject (&handle, GENERIC_READ, &objectAttributes); + + if (NT_SUCCESS (ntStatus)) + { + UNICODE_STRING target; + target.Buffer = targetName; + target.Length = 0; + target.MaximumLength = maxTargetNameLength; + memset (targetName, 0, maxTargetNameLength); + + ntStatus = ZwQuerySymbolicLinkObject (handle, &target, NULL); + + ZwClose (handle); + } + + return ntStatus; +} + + +// Checks if two regions overlap (borders are parts of regions) +BOOL RegionsOverlap (unsigned __int64 start1, unsigned __int64 end1, unsigned __int64 start2, unsigned __int64 end2) +{ + return (start1 < start2) ? (end1 >= start2) : (start1 <= end2); +} + + +void GetIntersection (uint64 start1, uint32 length1, uint64 start2, uint64 end2, uint64 *intersectStart, uint32 *intersectLength) +{ + uint64 end1 = start1 + length1 - 1; + uint64 intersectEnd = (end1 <= end2) ? end1 : end2; + + *intersectStart = (start1 >= start2) ? start1 : start2; + *intersectLength = (uint32) ((*intersectStart > intersectEnd) ? 0 : intersectEnd + 1 - *intersectStart); + + if (*intersectLength == 0) + *intersectStart = start1; +} + + +BOOL IsAccessibleByUser (PUNICODE_STRING objectFileName, BOOL readOnly) +{ + OBJECT_ATTRIBUTES fileObjAttributes; + IO_STATUS_BLOCK ioStatusBlock; + HANDLE fileHandle; + NTSTATUS status; + + ASSERT (!IoIsSystemThread (PsGetCurrentThread())); + + InitializeObjectAttributes (&fileObjAttributes, objectFileName, OBJ_CASE_INSENSITIVE | OBJ_FORCE_ACCESS_CHECK | OBJ_KERNEL_HANDLE, NULL, NULL); + + status = ZwCreateFile (&fileHandle, + readOnly ? GENERIC_READ : GENERIC_READ | GENERIC_WRITE, + &fileObjAttributes, + &ioStatusBlock, + NULL, + FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, + FILE_OPEN, + FILE_SYNCHRONOUS_IO_NONALERT, + NULL, + 0); + + if (NT_SUCCESS (status)) + { + ZwClose (fileHandle); + return TRUE; + } + + return FALSE; +} + + +BOOL UserCanAccessDriveDevice () +{ + UNICODE_STRING name; + RtlInitUnicodeString (&name, L"\\Device\\MountPointManager"); + + return IsAccessibleByUser (&name, FALSE); +} + +BOOL IsDriveLetterAvailable (int nDosDriveNo, DeviceNamespaceType namespaceType) +{ + OBJECT_ATTRIBUTES objectAttributes; + UNICODE_STRING objectName; + WCHAR link[128]; + HANDLE handle; + NTSTATUS ntStatus; + + TCGetDosNameFromNumber (link, sizeof(link),nDosDriveNo, namespaceType); + RtlInitUnicodeString (&objectName, link); + InitializeObjectAttributes (&objectAttributes, &objectName, OBJ_KERNEL_HANDLE | OBJ_CASE_INSENSITIVE, NULL, NULL); + + if (NT_SUCCESS (ntStatus = ZwOpenSymbolicLinkObject (&handle, GENERIC_READ, &objectAttributes))) + { + ZwClose (handle); + return FALSE; + } + + return (ntStatus == STATUS_OBJECT_NAME_NOT_FOUND)? TRUE : FALSE; +} + + +NTSTATUS TCCompleteIrp (PIRP irp, NTSTATUS status, ULONG_PTR information) +{ + irp->IoStatus.Status = status; + irp->IoStatus.Information = information; + IoCompleteRequest (irp, IO_NO_INCREMENT); + return status; +} + + +NTSTATUS TCCompleteDiskIrp (PIRP irp, NTSTATUS status, ULONG_PTR information) +{ + irp->IoStatus.Status = status; + irp->IoStatus.Information = information; + IoCompleteRequest (irp, NT_SUCCESS (status) ? IO_DISK_INCREMENT : IO_NO_INCREMENT); + return status; +} + + +size_t GetCpuCount () +{ + KAFFINITY activeCpuMap = KeQueryActiveProcessors(); + size_t mapSize = sizeof (activeCpuMap) * 8; + size_t cpuCount = 0; + + while (mapSize--) + { + if (activeCpuMap & 1) + ++cpuCount; + + activeCpuMap >>= 1; + } + + if (cpuCount == 0) + return 1; + + return cpuCount; +} + + +void EnsureNullTerminatedString (wchar_t *str, size_t maxSizeInBytes) +{ + ASSERT ((maxSizeInBytes & 1) == 0); + str[maxSizeInBytes / sizeof (wchar_t) - 1] = 0; +} + + +void *AllocateMemoryWithTimeout (size_t size, int retryDelay, int timeout) +{ + LARGE_INTEGER waitInterval; + waitInterval.QuadPart = retryDelay * -10000; + + ASSERT (KeGetCurrentIrql() <= APC_LEVEL); + ASSERT (retryDelay > 0 && retryDelay <= timeout); + + while (TRUE) + { + void *memory = TCalloc (size); + if (memory) + return memory; + + timeout -= retryDelay; + if (timeout <= 0) + break; + + KeDelayExecutionThread (KernelMode, FALSE, &waitInterval); + } + + return NULL; +} + + +NTSTATUS TCReadRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, PKEY_VALUE_PARTIAL_INFORMATION *keyData) +{ + OBJECT_ATTRIBUTES regObjAttribs; + HANDLE regKeyHandle; + NTSTATUS status; + UNICODE_STRING valName; + ULONG size = 0; + ULONG resultSize; + + InitializeObjectAttributes (®ObjAttribs, keyPath, OBJ_KERNEL_HANDLE | OBJ_CASE_INSENSITIVE, NULL, NULL); + status = ZwOpenKey (®KeyHandle, KEY_READ, ®ObjAttribs); + if (!NT_SUCCESS (status)) + return status; + + RtlInitUnicodeString (&valName, keyValueName); + status = ZwQueryValueKey (regKeyHandle, &valName, KeyValuePartialInformation, NULL, 0, &size); + + if (!NT_SUCCESS (status) && status != STATUS_BUFFER_OVERFLOW && status != STATUS_BUFFER_TOO_SMALL) + { + ZwClose (regKeyHandle); + return status; + } + + if (size == 0) + { + ZwClose (regKeyHandle); + return STATUS_NO_DATA_DETECTED; + } + + *keyData = (PKEY_VALUE_PARTIAL_INFORMATION) TCalloc (size); + if (!*keyData) + { + ZwClose (regKeyHandle); + return STATUS_INSUFFICIENT_RESOURCES; + } + + status = ZwQueryValueKey (regKeyHandle, &valName, KeyValuePartialInformation, *keyData, size, &resultSize); + + ZwClose (regKeyHandle); + return status; +} + + +NTSTATUS TCWriteRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, ULONG keyValueType, void *valueData, ULONG valueSize) +{ + OBJECT_ATTRIBUTES regObjAttribs; + HANDLE regKeyHandle; + NTSTATUS status; + UNICODE_STRING valName; + + InitializeObjectAttributes (®ObjAttribs, keyPath, OBJ_KERNEL_HANDLE | OBJ_CASE_INSENSITIVE, NULL, NULL); + status = ZwOpenKey (®KeyHandle, KEY_READ | KEY_WRITE, ®ObjAttribs); + if (!NT_SUCCESS (status)) + return status; + + RtlInitUnicodeString (&valName, keyValueName); + + status = ZwSetValueKey (regKeyHandle, &valName, 0, keyValueType, valueData, valueSize); + + ZwClose (regKeyHandle); + return status; +} + + +BOOL IsVolumeClassFilterRegistered () +{ + UNICODE_STRING name; + NTSTATUS status; + BOOL registered = FALSE; + + PKEY_VALUE_PARTIAL_INFORMATION data; + + RtlInitUnicodeString (&name, L"\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Class\\{71A27CDD-812A-11D0-BEC7-08002BE2092F}"); + status = TCReadRegistryKey (&name, L"UpperFilters", &data); + + if (NT_SUCCESS (status)) + { + if (data->Type == REG_MULTI_SZ && data->DataLength >= 9 * sizeof (wchar_t)) + { + // Search for the string "veracrypt" + ULONG i; + for (i = 0; i <= data->DataLength - 9 * sizeof (wchar_t); ++i) + { + if (memcmp (data->Data + i, L"veracrypt", 9 * sizeof (wchar_t)) == 0) + { + Dump ("Volume class filter active\n"); + registered = TRUE; + break; + } + } + } + + TCfree (data); + } + + return registered; +} + + +NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry) +{ + PKEY_VALUE_PARTIAL_INFORMATION data; + UNICODE_STRING name; + NTSTATUS status; + uint32 flags = 0; + + RtlInitUnicodeString (&name, L"\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Services\\veracrypt"); + status = TCReadRegistryKey (&name, TC_DRIVER_CONFIG_REG_VALUE_NAME, &data); + + if (NT_SUCCESS (status)) + { + if (data->Type == REG_DWORD) + { + flags = *(uint32 *) data->Data; + Dump ("Configuration flags = 0x%x\n", flags); + + if (driverEntry) + { + if (flags & (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD | TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES)) + CacheBootPassword = TRUE; + + if (flags & TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS) + NonAdminSystemFavoritesAccessDisabled = TRUE; + + if (flags & TC_DRIVER_CONFIG_CACHE_BOOT_PIM) + CacheBootPim = TRUE; + } + + EnableHwEncryption ((flags & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE); + + EnableExtendedIoctlSupport = (flags & TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL)? TRUE : FALSE; + } + else + status = STATUS_INVALID_PARAMETER; + + TCfree (data); + } + + if (driverEntry && NT_SUCCESS (TCReadRegistryKey (&name, TC_ENCRYPTION_FREE_CPU_COUNT_REG_VALUE_NAME, &data))) + { + if (data->Type == REG_DWORD) + EncryptionThreadPoolFreeCpuCountLimit = *(uint32 *) data->Data; + + TCfree (data); + } + + return status; +} + + +NTSTATUS WriteRegistryConfigFlags (uint32 flags) +{ + UNICODE_STRING name; + RtlInitUnicodeString (&name, L"\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Services\\veracrypt"); + + return TCWriteRegistryKey (&name, TC_DRIVER_CONFIG_REG_VALUE_NAME, REG_DWORD, &flags, sizeof (flags)); +} + + +NTSTATUS GetDeviceSectorSize (PDEVICE_OBJECT deviceObject, ULONG *bytesPerSector) +{ + NTSTATUS status; + DISK_GEOMETRY geometry; + + status = SendDeviceIoControlRequest (deviceObject, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &geometry, sizeof (geometry)); + + if (!NT_SUCCESS (status)) + return status; + + *bytesPerSector = geometry.BytesPerSector; + return STATUS_SUCCESS; +} + + +NTSTATUS ZeroUnreadableSectors (PDEVICE_OBJECT deviceObject, LARGE_INTEGER startOffset, ULONG size, uint64 *zeroedSectorCount) +{ + NTSTATUS status; + ULONG sectorSize; + ULONG sectorCount; + byte *sectorBuffer = NULL; + + *zeroedSectorCount = 0; + + status = GetDeviceSectorSize (deviceObject, §orSize); + if (!NT_SUCCESS (status)) + return status; + + sectorBuffer = TCalloc (sectorSize); + if (!sectorBuffer) + return STATUS_INSUFFICIENT_RESOURCES; + + for (sectorCount = size / sectorSize; sectorCount > 0; --sectorCount, startOffset.QuadPart += sectorSize) + { + status = TCReadDevice (deviceObject, sectorBuffer, startOffset, sectorSize); + if (!NT_SUCCESS (status)) + { + Dump ("Zeroing sector at %I64d\n", startOffset.QuadPart); + memset (sectorBuffer, 0, sectorSize); + + status = TCWriteDevice (deviceObject, sectorBuffer, startOffset, sectorSize); + if (!NT_SUCCESS (status)) + goto err; + + ++(*zeroedSectorCount); + } + } + + status = STATUS_SUCCESS; + +err: + if (sectorBuffer) + TCfree (sectorBuffer); + + return status; +} + + +NTSTATUS ReadDeviceSkipUnreadableSectors (PDEVICE_OBJECT deviceObject, byte *buffer, LARGE_INTEGER startOffset, ULONG size, uint64 *badSectorCount) +{ + NTSTATUS status; + ULONG sectorSize; + ULONG sectorCount; + + *badSectorCount = 0; + + status = GetDeviceSectorSize (deviceObject, §orSize); + if (!NT_SUCCESS (status)) + return status; + + for (sectorCount = size / sectorSize; sectorCount > 0; --sectorCount, startOffset.QuadPart += sectorSize, buffer += sectorSize) + { + status = TCReadDevice (deviceObject, buffer, startOffset, sectorSize); + if (!NT_SUCCESS (status)) + { + Dump ("Skipping bad sector at %I64d\n", startOffset.QuadPart); + memset (buffer, 0, sectorSize); + ++(*badSectorCount); + } + } + + return STATUS_SUCCESS; +} + + +BOOL IsVolumeAccessibleByCurrentUser (PEXTENSION volumeDeviceExtension) +{ + SECURITY_SUBJECT_CONTEXT subContext; + PACCESS_TOKEN accessToken; + PTOKEN_USER tokenUser; + BOOL result = FALSE; + + if (IoIsSystemThread (PsGetCurrentThread()) + || UserCanAccessDriveDevice() + || !volumeDeviceExtension->UserSid + || (volumeDeviceExtension->SystemFavorite && !NonAdminSystemFavoritesAccessDisabled)) + { + return TRUE; + } + + SeCaptureSubjectContext (&subContext); + SeLockSubjectContext(&subContext); + if (subContext.ClientToken && subContext.ImpersonationLevel >= SecurityImpersonation) + accessToken = subContext.ClientToken; + else + accessToken = subContext.PrimaryToken; + + if (!accessToken) + goto ret; + + if (SeTokenIsAdmin (accessToken)) + { + result = TRUE; + goto ret; + } + + if (!NT_SUCCESS (SeQueryInformationToken (accessToken, TokenUser, &tokenUser))) + goto ret; + + result = RtlEqualSid (volumeDeviceExtension->UserSid, tokenUser->User.Sid); + ExFreePool (tokenUser); // Documented in newer versions of WDK + +ret: + SeUnlockSubjectContext(&subContext); + SeReleaseSubjectContext (&subContext); + return result; +} + + +void GetElapsedTimeInit (LARGE_INTEGER *lastPerfCounter) +{ + *lastPerfCounter = KeQueryPerformanceCounter (NULL); +} + + +// Returns elapsed time in microseconds since last call +int64 GetElapsedTime (LARGE_INTEGER *lastPerfCounter) +{ + LARGE_INTEGER freq; + LARGE_INTEGER counter = KeQueryPerformanceCounter (&freq); + + int64 elapsed = (counter.QuadPart - lastPerfCounter->QuadPart) * 1000000LL / freq.QuadPart; + *lastPerfCounter = counter; + + return elapsed; +} + + +BOOL IsOSAtLeast (OSVersionEnum reqMinOS) +{ + /* When updating this function, update IsOSVersionAtLeast() in Dlgcode.c too. */ + + ULONG major = 0, minor = 0; + + ASSERT (OsMajorVersion != 0); + + switch (reqMinOS) + { + case WIN_2000: major = 5; minor = 0; break; + case WIN_XP: major = 5; minor = 1; break; + case WIN_SERVER_2003: major = 5; minor = 2; break; + case WIN_VISTA: major = 6; minor = 0; break; + case WIN_7: major = 6; minor = 1; break; + case WIN_8: major = 6; minor = 2; break; + case WIN_8_1: major = 6; minor = 3; break; + case WIN_10: major = 10; minor = 0; break; + + default: + TC_THROW_FATAL_EXCEPTION; + break; + } + + return ((OsMajorVersion << 16 | OsMinorVersion << 8) + >= (major << 16 | minor << 8)); +} diff --git a/src/Driver/Ntdriver.h b/src/Driver/Ntdriver.h index 59634760..d5d548e8 100644 --- a/src/Driver/Ntdriver.h +++ b/src/Driver/Ntdriver.h @@ -1,189 +1,189 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifndef TC_HEADER_NTDRIVER -#define TC_HEADER_NTDRIVER - -#include "Common.h" -#include "EncryptedIoQueue.h" - -/* This structure is used to start new threads */ -typedef struct _THREAD_BLOCK_ -{ - PDEVICE_OBJECT DeviceObject; - NTSTATUS ntCreateStatus; - WCHAR wszMountVolume[TC_MAX_PATH + 8]; - MOUNT_STRUCT *mount; -} THREAD_BLOCK, *PTHREAD_BLOCK; - - -/* This structure is allocated for non-root devices! WARNING: bRootDevice - must be the first member of the structure! */ -typedef struct EXTENSION -{ - BOOL bRootDevice; /* Is this the root device ? which the user-mode apps talk to */ - BOOL IsVolumeDevice; - BOOL IsDriveFilterDevice; - BOOL IsVolumeFilterDevice; - - int UniqueVolumeId; - int nDosDriveNo; /* Drive number this extension is mounted against */ - - BOOL bShuttingDown; /* Is the driver shutting down ? */ - BOOL bThreadShouldQuit; /* Instruct per device worker thread to quit */ - PETHREAD peThread; /* Thread handle */ - KEVENT keCreateEvent; /* Device creation event */ - KSPIN_LOCK ListSpinLock; /* IRP spinlock */ - LIST_ENTRY ListEntry; /* IRP listentry */ - KSEMAPHORE RequestSemaphore; /* IRP list request Semaphore */ - - HANDLE hDeviceFile; /* Device handle for this device */ - PFILE_OBJECT pfoDeviceFile; /* Device fileobject for this device */ - PDEVICE_OBJECT pFsdDevice; /* lower level device handle */ - - CRYPTO_INFO *cryptoInfo; /* Cryptographic and other information for this device */ - - __int64 HostLength; - __int64 DiskLength; /* The length of the disk referred to by this device */ - __int64 NumberOfCylinders; /* Partition info */ - ULONG TracksPerCylinder; /* Partition info */ - ULONG SectorsPerTrack; /* Partition info */ - ULONG BytesPerSector; /* Partition info */ - UCHAR PartitionType; /* Partition info */ - - uint32 HostBytesPerSector; - uint32 HostBytesPerPhysicalSector; - ULONG BytesOffsetForSectorAlignment; - - KEVENT keVolumeEvent; /* Event structure used when setting up a device */ - - EncryptedIoQueue Queue; - - BOOL bReadOnly; /* Is this device read-only ? */ - BOOL bRemovable; /* Is this device removable media ? */ - BOOL PartitionInInactiveSysEncScope; - BOOL bRawDevice; /* Is this a raw-partition or raw-floppy device ? */ - BOOL bMountManager; /* Mount manager knows about volume */ - BOOL SystemFavorite; - - WCHAR wszVolume[TC_MAX_PATH]; /* DONT change this size without also changing MOUNT_LIST_STRUCT! */ - WCHAR wszLabel[33]; - BOOL bIsNTFS; - BOOL bDriverSetLabel; - - unsigned char volumeID[VOLUME_ID_SIZE]; - - LARGE_INTEGER fileCreationTime; - LARGE_INTEGER fileLastAccessTime; - LARGE_INTEGER fileLastWriteTime; - LARGE_INTEGER fileLastChangeTime; - BOOL bTimeStampValid; - - PSID UserSid; - BOOL SecurityClientContextValid; - SECURITY_CLIENT_CONTEXT SecurityClientContext; - -} EXTENSION, *PEXTENSION; - - -typedef enum -{ - ValidateInput, - ValidateOutput, - ValidateInputOutput -} ValidateIOBufferSizeType; - -typedef enum -{ - DeviceNamespaceDefault, - DeviceNamespaceGlobal, -} DeviceNamespaceType; - -extern PDRIVER_OBJECT TCDriverObject; -extern PDEVICE_OBJECT RootDeviceObject; -extern BOOL DriverShuttingDown; -extern ULONG OsMajorVersion; -extern ULONG OsMinorVersion; -extern BOOL VolumeClassFilterRegistered; -extern BOOL CacheBootPassword; -extern BOOL CacheBootPim; - -/* Helper macro returning x seconds in units of 100 nanoseconds */ -#define WAIT_SECONDS(x) ((x)*10000000) - -NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath); -NTSTATUS DriverAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo); -void DumpMemory (void *memory, int size); -BOOL IsAccessibleByUser (PUNICODE_STRING objectFileName, BOOL readOnly); -NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, PIRP Irp); -NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, PIRP Irp); -NTSTATUS SendDeviceIoControlRequest (PDEVICE_OBJECT deviceObject, ULONG ioControlCode, void *inputBuffer, int inputBufferSize, void *outputBuffer, int outputBufferSize); -NTSTATUS TCDispatchQueueIRP (PDEVICE_OBJECT DeviceObject, PIRP Irp); -NTSTATUS TCCreateRootDeviceObject (PDRIVER_OBJECT DriverObject); -NTSTATUS TCCreateDeviceObject (PDRIVER_OBJECT DriverObject, PDEVICE_OBJECT * ppDeviceObject, MOUNT_STRUCT * mount); -NTSTATUS TCReadDevice (PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length); -NTSTATUS TCWriteDevice (PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length); -NTSTATUS TCStartThread (PKSTART_ROUTINE threadProc, PVOID threadArg, PKTHREAD *kThread); -NTSTATUS TCStartThreadInProcess (PKSTART_ROUTINE threadProc, PVOID threadArg, PKTHREAD *kThread, PEPROCESS process); -NTSTATUS TCStartVolumeThread (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, MOUNT_STRUCT * mount); -void TCStopThread (PKTHREAD kThread, PKEVENT wakeUpEvent); -void TCStopVolumeThread (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension); -VOID VolumeThreadProc (PVOID Context); -void TCSleep (int milliSeconds); -void TCGetNTNameFromNumber (LPWSTR ntname, int cbNtName, int nDriveNo); -void TCGetDosNameFromNumber (LPWSTR dosname, int cbDosName, int nDriveNo, DeviceNamespaceType namespaceType); -LPWSTR TCTranslateCode (ULONG ulCode); -void TCDeleteDeviceObject (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension); -VOID TCUnloadDriver (PDRIVER_OBJECT DriverObject); -void OnShutdownPending (); -NTSTATUS TCDeviceIoControl (PWSTR deviceName, ULONG IoControlCode, void *InputBuffer, ULONG InputBufferSize, void *OutputBuffer, ULONG OutputBufferSize); -NTSTATUS TCOpenFsVolume (PEXTENSION Extension, PHANDLE volumeHandle, PFILE_OBJECT * fileObject); -void TCCloseFsVolume (HANDLE volumeHandle, PFILE_OBJECT fileObject); -NTSTATUS TCFsctlCall (PFILE_OBJECT fileObject, LONG IoControlCode, void *InputBuffer, int InputBufferSize, void *OutputBuffer, int OutputBufferSize); -NTSTATUS CreateDriveLink (int nDosDriveNo); -NTSTATUS RemoveDriveLink (int nDosDriveNo); -NTSTATUS MountManagerMount (MOUNT_STRUCT *mount); -NTSTATUS MountManagerUnmount (int nDosDriveNo); -NTSTATUS MountDevice (PDEVICE_OBJECT deviceObject, MOUNT_STRUCT *mount); -NTSTATUS UnmountDevice (UNMOUNT_STRUCT *unmountRequest, PDEVICE_OBJECT deviceObject, BOOL ignoreOpenFiles); -NTSTATUS UnmountAllDevices (UNMOUNT_STRUCT *unmountRequest, BOOL ignoreOpenFiles); -NTSTATUS SymbolicLinkToTarget (PWSTR symlinkName, PWSTR targetName, USHORT maxTargetNameLength); -BOOL RootDeviceControlMutexAcquireNoWait (); -void RootDeviceControlMutexRelease (); -BOOL RegionsOverlap (unsigned __int64 start1, unsigned __int64 end1, unsigned __int64 start2, unsigned __int64 end2); -void GetIntersection (uint64 start1, uint32 length1, uint64 start2, uint64 end2, uint64 *intersectStart, uint32 *intersectLength); -NTSTATUS TCCompleteIrp (PIRP irp, NTSTATUS status, ULONG_PTR information); -NTSTATUS TCCompleteDiskIrp (PIRP irp, NTSTATUS status, ULONG_PTR information); -NTSTATUS ProbeRealDriveSize (PDEVICE_OBJECT driveDeviceObject, LARGE_INTEGER *driveSize); -BOOL UserCanAccessDriveDevice (); -size_t GetCpuCount (); -void EnsureNullTerminatedString (wchar_t *str, size_t maxSizeInBytes); -void *AllocateMemoryWithTimeout (size_t size, int retryDelay, int timeout); -BOOL IsDriveLetterAvailable (int nDosDriveNo, DeviceNamespaceType namespaceType); -NTSTATUS TCReadRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, PKEY_VALUE_PARTIAL_INFORMATION *keyData); -NTSTATUS TCWriteRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, ULONG keyValueType, void *valueData, ULONG valueSize); -BOOL IsVolumeClassFilterRegistered (); -NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry); -NTSTATUS WriteRegistryConfigFlags (uint32 flags); -BOOL ValidateIOBufferSize (PIRP irp, size_t requiredBufferSize, ValidateIOBufferSizeType type); -NTSTATUS GetDeviceSectorSize (PDEVICE_OBJECT deviceObject, ULONG *bytesPerSector); -NTSTATUS ZeroUnreadableSectors (PDEVICE_OBJECT deviceObject, LARGE_INTEGER startOffset, ULONG size, uint64 *zeroedSectorCount); -NTSTATUS ReadDeviceSkipUnreadableSectors (PDEVICE_OBJECT deviceObject, byte *buffer, LARGE_INTEGER startOffset, ULONG size, uint64 *badSectorCount); -BOOL IsVolumeAccessibleByCurrentUser (PEXTENSION volumeDeviceExtension); -void GetElapsedTimeInit (LARGE_INTEGER *lastPerfCounter); -int64 GetElapsedTime (LARGE_INTEGER *lastPerfCounter); -BOOL IsOSAtLeast (OSVersionEnum reqMinOS); - -#define TC_BUG_CHECK(status) KeBugCheckEx (SECURITY_SYSTEM, __LINE__, (ULONG_PTR) status, 0, 'VC') - -#endif // TC_HEADER_NTDRIVER +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifndef TC_HEADER_NTDRIVER +#define TC_HEADER_NTDRIVER + +#include "Common.h" +#include "EncryptedIoQueue.h" + +/* This structure is used to start new threads */ +typedef struct _THREAD_BLOCK_ +{ + PDEVICE_OBJECT DeviceObject; + NTSTATUS ntCreateStatus; + WCHAR wszMountVolume[TC_MAX_PATH + 8]; + MOUNT_STRUCT *mount; +} THREAD_BLOCK, *PTHREAD_BLOCK; + + +/* This structure is allocated for non-root devices! WARNING: bRootDevice + must be the first member of the structure! */ +typedef struct EXTENSION +{ + BOOL bRootDevice; /* Is this the root device ? which the user-mode apps talk to */ + BOOL IsVolumeDevice; + BOOL IsDriveFilterDevice; + BOOL IsVolumeFilterDevice; + + int UniqueVolumeId; + int nDosDriveNo; /* Drive number this extension is mounted against */ + + BOOL bShuttingDown; /* Is the driver shutting down ? */ + BOOL bThreadShouldQuit; /* Instruct per device worker thread to quit */ + PETHREAD peThread; /* Thread handle */ + KEVENT keCreateEvent; /* Device creation event */ + KSPIN_LOCK ListSpinLock; /* IRP spinlock */ + LIST_ENTRY ListEntry; /* IRP listentry */ + KSEMAPHORE RequestSemaphore; /* IRP list request Semaphore */ + + HANDLE hDeviceFile; /* Device handle for this device */ + PFILE_OBJECT pfoDeviceFile; /* Device fileobject for this device */ + PDEVICE_OBJECT pFsdDevice; /* lower level device handle */ + + CRYPTO_INFO *cryptoInfo; /* Cryptographic and other information for this device */ + + __int64 HostLength; + __int64 DiskLength; /* The length of the disk referred to by this device */ + __int64 NumberOfCylinders; /* Partition info */ + ULONG TracksPerCylinder; /* Partition info */ + ULONG SectorsPerTrack; /* Partition info */ + ULONG BytesPerSector; /* Partition info */ + UCHAR PartitionType; /* Partition info */ + + uint32 HostBytesPerSector; + uint32 HostBytesPerPhysicalSector; + ULONG BytesOffsetForSectorAlignment; + + KEVENT keVolumeEvent; /* Event structure used when setting up a device */ + + EncryptedIoQueue Queue; + + BOOL bReadOnly; /* Is this device read-only ? */ + BOOL bRemovable; /* Is this device removable media ? */ + BOOL PartitionInInactiveSysEncScope; + BOOL bRawDevice; /* Is this a raw-partition or raw-floppy device ? */ + BOOL bMountManager; /* Mount manager knows about volume */ + BOOL SystemFavorite; + + WCHAR wszVolume[TC_MAX_PATH]; /* DONT change this size without also changing MOUNT_LIST_STRUCT! */ + WCHAR wszLabel[33]; + BOOL bIsNTFS; + BOOL bDriverSetLabel; + + unsigned char volumeID[VOLUME_ID_SIZE]; + + LARGE_INTEGER fileCreationTime; + LARGE_INTEGER fileLastAccessTime; + LARGE_INTEGER fileLastWriteTime; + LARGE_INTEGER fileLastChangeTime; + BOOL bTimeStampValid; + + PSID UserSid; + BOOL SecurityClientContextValid; + SECURITY_CLIENT_CONTEXT SecurityClientContext; + +} EXTENSION, *PEXTENSION; + + +typedef enum +{ + ValidateInput, + ValidateOutput, + ValidateInputOutput +} ValidateIOBufferSizeType; + +typedef enum +{ + DeviceNamespaceDefault, + DeviceNamespaceGlobal, +} DeviceNamespaceType; + +extern PDRIVER_OBJECT TCDriverObject; +extern PDEVICE_OBJECT RootDeviceObject; +extern BOOL DriverShuttingDown; +extern ULONG OsMajorVersion; +extern ULONG OsMinorVersion; +extern BOOL VolumeClassFilterRegistered; +extern BOOL CacheBootPassword; +extern BOOL CacheBootPim; + +/* Helper macro returning x seconds in units of 100 nanoseconds */ +#define WAIT_SECONDS(x) ((x)*10000000) + +NTSTATUS DriverEntry (PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath); +NTSTATUS DriverAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo); +void DumpMemory (void *memory, int size); +BOOL IsAccessibleByUser (PUNICODE_STRING objectFileName, BOOL readOnly); +NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, PIRP Irp); +NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, PIRP Irp); +NTSTATUS SendDeviceIoControlRequest (PDEVICE_OBJECT deviceObject, ULONG ioControlCode, void *inputBuffer, int inputBufferSize, void *outputBuffer, int outputBufferSize); +NTSTATUS TCDispatchQueueIRP (PDEVICE_OBJECT DeviceObject, PIRP Irp); +NTSTATUS TCCreateRootDeviceObject (PDRIVER_OBJECT DriverObject); +NTSTATUS TCCreateDeviceObject (PDRIVER_OBJECT DriverObject, PDEVICE_OBJECT * ppDeviceObject, MOUNT_STRUCT * mount); +NTSTATUS TCReadDevice (PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length); +NTSTATUS TCWriteDevice (PDEVICE_OBJECT deviceObject, PVOID buffer, LARGE_INTEGER offset, ULONG length); +NTSTATUS TCStartThread (PKSTART_ROUTINE threadProc, PVOID threadArg, PKTHREAD *kThread); +NTSTATUS TCStartThreadInProcess (PKSTART_ROUTINE threadProc, PVOID threadArg, PKTHREAD *kThread, PEPROCESS process); +NTSTATUS TCStartVolumeThread (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension, MOUNT_STRUCT * mount); +void TCStopThread (PKTHREAD kThread, PKEVENT wakeUpEvent); +void TCStopVolumeThread (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension); +VOID VolumeThreadProc (PVOID Context); +void TCSleep (int milliSeconds); +void TCGetNTNameFromNumber (LPWSTR ntname, int cbNtName, int nDriveNo); +void TCGetDosNameFromNumber (LPWSTR dosname, int cbDosName, int nDriveNo, DeviceNamespaceType namespaceType); +LPWSTR TCTranslateCode (ULONG ulCode); +void TCDeleteDeviceObject (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension); +VOID TCUnloadDriver (PDRIVER_OBJECT DriverObject); +void OnShutdownPending (); +NTSTATUS TCDeviceIoControl (PWSTR deviceName, ULONG IoControlCode, void *InputBuffer, ULONG InputBufferSize, void *OutputBuffer, ULONG OutputBufferSize); +NTSTATUS TCOpenFsVolume (PEXTENSION Extension, PHANDLE volumeHandle, PFILE_OBJECT * fileObject); +void TCCloseFsVolume (HANDLE volumeHandle, PFILE_OBJECT fileObject); +NTSTATUS TCFsctlCall (PFILE_OBJECT fileObject, LONG IoControlCode, void *InputBuffer, int InputBufferSize, void *OutputBuffer, int OutputBufferSize); +NTSTATUS CreateDriveLink (int nDosDriveNo); +NTSTATUS RemoveDriveLink (int nDosDriveNo); +NTSTATUS MountManagerMount (MOUNT_STRUCT *mount); +NTSTATUS MountManagerUnmount (int nDosDriveNo); +NTSTATUS MountDevice (PDEVICE_OBJECT deviceObject, MOUNT_STRUCT *mount); +NTSTATUS UnmountDevice (UNMOUNT_STRUCT *unmountRequest, PDEVICE_OBJECT deviceObject, BOOL ignoreOpenFiles); +NTSTATUS UnmountAllDevices (UNMOUNT_STRUCT *unmountRequest, BOOL ignoreOpenFiles); +NTSTATUS SymbolicLinkToTarget (PWSTR symlinkName, PWSTR targetName, USHORT maxTargetNameLength); +BOOL RootDeviceControlMutexAcquireNoWait (); +void RootDeviceControlMutexRelease (); +BOOL RegionsOverlap (unsigned __int64 start1, unsigned __int64 end1, unsigned __int64 start2, unsigned __int64 end2); +void GetIntersection (uint64 start1, uint32 length1, uint64 start2, uint64 end2, uint64 *intersectStart, uint32 *intersectLength); +NTSTATUS TCCompleteIrp (PIRP irp, NTSTATUS status, ULONG_PTR information); +NTSTATUS TCCompleteDiskIrp (PIRP irp, NTSTATUS status, ULONG_PTR information); +NTSTATUS ProbeRealDriveSize (PDEVICE_OBJECT driveDeviceObject, LARGE_INTEGER *driveSize); +BOOL UserCanAccessDriveDevice (); +size_t GetCpuCount (); +void EnsureNullTerminatedString (wchar_t *str, size_t maxSizeInBytes); +void *AllocateMemoryWithTimeout (size_t size, int retryDelay, int timeout); +BOOL IsDriveLetterAvailable (int nDosDriveNo, DeviceNamespaceType namespaceType); +NTSTATUS TCReadRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, PKEY_VALUE_PARTIAL_INFORMATION *keyData); +NTSTATUS TCWriteRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, ULONG keyValueType, void *valueData, ULONG valueSize); +BOOL IsVolumeClassFilterRegistered (); +NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry); +NTSTATUS WriteRegistryConfigFlags (uint32 flags); +BOOL ValidateIOBufferSize (PIRP irp, size_t requiredBufferSize, ValidateIOBufferSizeType type); +NTSTATUS GetDeviceSectorSize (PDEVICE_OBJECT deviceObject, ULONG *bytesPerSector); +NTSTATUS ZeroUnreadableSectors (PDEVICE_OBJECT deviceObject, LARGE_INTEGER startOffset, ULONG size, uint64 *zeroedSectorCount); +NTSTATUS ReadDeviceSkipUnreadableSectors (PDEVICE_OBJECT deviceObject, byte *buffer, LARGE_INTEGER startOffset, ULONG size, uint64 *badSectorCount); +BOOL IsVolumeAccessibleByCurrentUser (PEXTENSION volumeDeviceExtension); +void GetElapsedTimeInit (LARGE_INTEGER *lastPerfCounter); +int64 GetElapsedTime (LARGE_INTEGER *lastPerfCounter); +BOOL IsOSAtLeast (OSVersionEnum reqMinOS); + +#define TC_BUG_CHECK(status) KeBugCheckEx (SECURITY_SYSTEM, __LINE__, (ULONG_PTR) status, 0, 'VC') + +#endif // TC_HEADER_NTDRIVER diff --git a/src/Driver/Ntvol.c b/src/Driver/Ntvol.c index 4f35323b..34ee2dbb 100644 --- a/src/Driver/Ntvol.c +++ b/src/Driver/Ntvol.c @@ -1,900 +1,900 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "TCdefs.h" -#include -#include "Crypto.h" -#include "Volumes.h" - -#include "Apidrvr.h" -#include "DriveFilter.h" -#include "Ntdriver.h" -#include "Ntvol.h" -#include "VolumeFilter.h" - -#include "Boot/Windows/BootCommon.h" - -#include "Cache.h" - -#if 0 && _DEBUG -#define EXTRA_INFO 1 -#endif - -#pragma warning( disable : 4127 ) - -#include - -volatile BOOL ProbingHostDeviceForWrite = FALSE; - - -NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, - PEXTENSION Extension, - MOUNT_STRUCT *mount, - PWSTR pwszMountVolume, - BOOL bRawDevice) -{ - FILE_STANDARD_INFORMATION FileStandardInfo; - FILE_BASIC_INFORMATION FileBasicInfo; - OBJECT_ATTRIBUTES oaFileAttributes; - UNICODE_STRING FullFileName; - IO_STATUS_BLOCK IoStatusBlock; - PCRYPTO_INFO cryptoInfoPtr = NULL; - PCRYPTO_INFO tmpCryptoInfo = NULL; - LARGE_INTEGER lDiskLength; - __int64 partitionStartingOffset = 0; - int volumeType; - char *readBuffer = 0; - NTSTATUS ntStatus = 0; - BOOL forceAccessCheck = (!bRawDevice && !(OsMajorVersion == 5 &&OsMinorVersion == 0)); // Windows 2000 does not support OBJ_FORCE_ACCESS_CHECK attribute - BOOL disableBuffering = TRUE; - BOOL exclusiveAccess = mount->bExclusiveAccess; - - Extension->pfoDeviceFile = NULL; - Extension->hDeviceFile = NULL; - Extension->bTimeStampValid = FALSE; - - RtlInitUnicodeString (&FullFileName, pwszMountVolume); - InitializeObjectAttributes (&oaFileAttributes, &FullFileName, OBJ_CASE_INSENSITIVE | (forceAccessCheck ? OBJ_FORCE_ACCESS_CHECK : 0) | OBJ_KERNEL_HANDLE, NULL, NULL); - KeInitializeEvent (&Extension->keVolumeEvent, NotificationEvent, FALSE); - - if (Extension->SecurityClientContextValid) - { - ntStatus = SeImpersonateClientEx (&Extension->SecurityClientContext, NULL); - if (!NT_SUCCESS (ntStatus)) - goto error; - } - - mount->VolumeMountedReadOnlyAfterDeviceWriteProtected = FALSE; - - // If we are opening a device, query its size first - if (bRawDevice) - { - PARTITION_INFORMATION pi; - PARTITION_INFORMATION_EX pix; - LARGE_INTEGER diskLengthInfo; - DISK_GEOMETRY dg; - STORAGE_PROPERTY_QUERY storagePropertyQuery = {0}; - STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR storageDescriptor = {0}; - - ntStatus = IoGetDeviceObjectPointer (&FullFileName, - FILE_READ_DATA | FILE_READ_ATTRIBUTES, - &Extension->pfoDeviceFile, - &Extension->pFsdDevice); - - if (!NT_SUCCESS (ntStatus)) - goto error; - - ntStatus = TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_DRIVE_GEOMETRY, (char *) &dg, sizeof (dg)); - if (!NT_SUCCESS (ntStatus)) - goto error; - - lDiskLength.QuadPart = dg.Cylinders.QuadPart * dg.SectorsPerTrack * dg.TracksPerCylinder * dg.BytesPerSector; - Extension->HostBytesPerSector = dg.BytesPerSector; - - storagePropertyQuery.PropertyId = StorageAccessAlignmentProperty; - storagePropertyQuery.QueryType = PropertyStandardQuery; - - /* IOCTL_STORAGE_QUERY_PROPERTY supported only on Vista and above */ - if (NT_SUCCESS (TCSendHostDeviceIoControlRequestEx (DeviceObject, Extension, IOCTL_STORAGE_QUERY_PROPERTY, - (char*) &storagePropertyQuery, sizeof(storagePropertyQuery), - (char *) &storageDescriptor, sizeof (storageDescriptor)))) - { - Extension->HostBytesPerPhysicalSector = storageDescriptor.BytesPerPhysicalSector; - } - else - { - Extension->HostBytesPerPhysicalSector = dg.BytesPerSector; - } - - // Drive geometry is used only when IOCTL_DISK_GET_PARTITION_INFO fails - if (NT_SUCCESS (TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_PARTITION_INFO_EX, (char *) &pix, sizeof (pix)))) - { - lDiskLength.QuadPart = pix.PartitionLength.QuadPart; - partitionStartingOffset = pix.StartingOffset.QuadPart; - } - // Windows 2000 does not support IOCTL_DISK_GET_PARTITION_INFO_EX - else if (NT_SUCCESS (TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_PARTITION_INFO, (char *) &pi, sizeof (pi)))) - { - lDiskLength.QuadPart = pi.PartitionLength.QuadPart; - partitionStartingOffset = pi.StartingOffset.QuadPart; - } - else if (NT_SUCCESS (TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_LENGTH_INFO, &diskLengthInfo, sizeof (diskLengthInfo)))) - { - lDiskLength = diskLengthInfo; - } - - ProbingHostDeviceForWrite = TRUE; - - if (!mount->bMountReadOnly - && TCSendHostDeviceIoControlRequest (DeviceObject, Extension, - IsHiddenSystemRunning() ? TC_IOCTL_DISK_IS_WRITABLE : IOCTL_DISK_IS_WRITABLE, NULL, 0) == STATUS_MEDIA_WRITE_PROTECTED) - { - mount->bMountReadOnly = TRUE; - DeviceObject->Characteristics |= FILE_READ_ONLY_DEVICE; - mount->VolumeMountedReadOnlyAfterDeviceWriteProtected = TRUE; - } - - ProbingHostDeviceForWrite = FALSE; - - // Some Windows tools (e.g. diskmgmt, diskpart, vssadmin) fail or experience timeouts when there is a raw device - // open for exclusive access. Therefore, exclusive access is used only for file-hosted volumes. - // Applications requiring a consistent device image need to acquire exclusive write access first. This is prevented - // when a device-hosted volume is mounted. - - exclusiveAccess = FALSE; - } - else - { - // Limit the maximum required buffer size - if (mount->BytesPerSector > 128 * BYTES_PER_KB) - { - ntStatus = STATUS_INVALID_PARAMETER; - goto error; - } - - Extension->HostBytesPerSector = mount->BytesPerSector; - Extension->HostBytesPerPhysicalSector = mount->BytesPerPhysicalSector; - - if (Extension->HostBytesPerSector != TC_SECTOR_SIZE_FILE_HOSTED_VOLUME) - disableBuffering = FALSE; - } - - // Open the volume hosting file/device - if (!mount->bMountReadOnly) - { - ntStatus = ZwCreateFile (&Extension->hDeviceFile, - GENERIC_READ | GENERIC_WRITE | SYNCHRONIZE, - &oaFileAttributes, - &IoStatusBlock, - NULL, - FILE_ATTRIBUTE_NORMAL | - FILE_ATTRIBUTE_SYSTEM, - exclusiveAccess ? 0 : FILE_SHARE_READ | FILE_SHARE_WRITE, - FILE_OPEN, - FILE_RANDOM_ACCESS | - FILE_WRITE_THROUGH | - (disableBuffering ? FILE_NO_INTERMEDIATE_BUFFERING : 0) | - FILE_SYNCHRONOUS_IO_NONALERT, - NULL, - 0); - } - - /* 26-4-99 NT for some partitions returns this code, it is really a access denied */ - if (ntStatus == 0xc000001b) - ntStatus = STATUS_ACCESS_DENIED; - - mount->VolumeMountedReadOnlyAfterAccessDenied = FALSE; - - if (mount->bMountReadOnly || ntStatus == STATUS_ACCESS_DENIED) - { - ntStatus = ZwCreateFile (&Extension->hDeviceFile, - GENERIC_READ | SYNCHRONIZE, - &oaFileAttributes, - &IoStatusBlock, - NULL, - FILE_ATTRIBUTE_NORMAL | - FILE_ATTRIBUTE_SYSTEM, - exclusiveAccess ? FILE_SHARE_READ : FILE_SHARE_READ | FILE_SHARE_WRITE, - FILE_OPEN, - FILE_RANDOM_ACCESS | - FILE_WRITE_THROUGH | - (disableBuffering ? FILE_NO_INTERMEDIATE_BUFFERING : 0) | - FILE_SYNCHRONOUS_IO_NONALERT, - NULL, - 0); - - if (NT_SUCCESS (ntStatus) && !mount->bMountReadOnly) - mount->VolumeMountedReadOnlyAfterAccessDenied = TRUE; - - Extension->bReadOnly = TRUE; - DeviceObject->Characteristics |= FILE_READ_ONLY_DEVICE; - } - else - Extension->bReadOnly = FALSE; - - /* 26-4-99 NT for some partitions returns this code, it is really a - access denied */ - if (ntStatus == 0xc000001b) - { - /* Partitions which return this code can still be opened with - FILE_SHARE_READ but this causes NT problems elsewhere in - particular if you do FILE_SHARE_READ NT will die later if - anyone even tries to open the partition (or file for that - matter...) */ - ntStatus = STATUS_SHARING_VIOLATION; - } - - if (!NT_SUCCESS (ntStatus)) - { - goto error; - } - - // If we have opened a file, query its size now - if (bRawDevice == FALSE) - { - ntStatus = ZwQueryInformationFile (Extension->hDeviceFile, - &IoStatusBlock, - &FileBasicInfo, - sizeof (FileBasicInfo), - FileBasicInformation); - - if (NT_SUCCESS (ntStatus)) - { - if (mount->bPreserveTimestamp) - { - Extension->fileCreationTime = FileBasicInfo.CreationTime; - Extension->fileLastAccessTime = FileBasicInfo.LastAccessTime; - Extension->fileLastWriteTime = FileBasicInfo.LastWriteTime; - Extension->fileLastChangeTime = FileBasicInfo.ChangeTime; - Extension->bTimeStampValid = TRUE; - } - - ntStatus = ZwQueryInformationFile (Extension->hDeviceFile, - &IoStatusBlock, - &FileStandardInfo, - sizeof (FileStandardInfo), - FileStandardInformation); - } - - if (!NT_SUCCESS (ntStatus)) - { - Dump ("ZwQueryInformationFile failed while opening file: NTSTATUS 0x%08x\n", - ntStatus); - goto error; - } - - lDiskLength.QuadPart = FileStandardInfo.EndOfFile.QuadPart; - - if (FileBasicInfo.FileAttributes & FILE_ATTRIBUTE_COMPRESSED) - { - Dump ("File \"%ls\" is marked as compressed - not supported!\n", pwszMountVolume); - mount->nReturnCode = ERR_COMPRESSION_NOT_SUPPORTED; - ntStatus = STATUS_SUCCESS; - goto error; - } - - ntStatus = ObReferenceObjectByHandle (Extension->hDeviceFile, - FILE_ALL_ACCESS, - *IoFileObjectType, - KernelMode, - &Extension->pfoDeviceFile, - 0); - - if (!NT_SUCCESS (ntStatus)) - { - goto error; - } - - /* Get the FSD device for the file (probably either NTFS or FAT) */ - Extension->pFsdDevice = IoGetRelatedDeviceObject (Extension->pfoDeviceFile); - } - else - { - // Try to gain "raw" access to the partition in case there is a live filesystem on it (otherwise, - // the NTFS driver guards hidden sectors and prevents mounting using a backup header e.g. after the user - // accidentally quick-formats a dismounted partition-hosted TrueCrypt volume as NTFS). - - PFILE_OBJECT pfoTmpDeviceFile = NULL; - - if (NT_SUCCESS (ObReferenceObjectByHandle (Extension->hDeviceFile, FILE_ALL_ACCESS, *IoFileObjectType, KernelMode, &pfoTmpDeviceFile, NULL)) - && pfoTmpDeviceFile != NULL) - { - TCFsctlCall (pfoTmpDeviceFile, FSCTL_ALLOW_EXTENDED_DASD_IO, NULL, 0, NULL, 0); - ObDereferenceObject (pfoTmpDeviceFile); - } - } - - // Check volume size - if (lDiskLength.QuadPart < TC_MIN_VOLUME_SIZE_LEGACY || lDiskLength.QuadPart > TC_MAX_VOLUME_SIZE) - { - mount->nReturnCode = ERR_VOL_SIZE_WRONG; - ntStatus = STATUS_SUCCESS; - goto error; - } - - Extension->DiskLength = lDiskLength.QuadPart; - Extension->HostLength = lDiskLength.QuadPart; - - readBuffer = TCalloc (max (max (TC_VOLUME_HEADER_EFFECTIVE_SIZE, PAGE_SIZE), Extension->HostBytesPerSector)); - if (readBuffer == NULL) - { - ntStatus = STATUS_INSUFFICIENT_RESOURCES; - goto error; - } - - // Go through all volume types (e.g., normal, hidden) - for (volumeType = TC_VOLUME_TYPE_NORMAL; - volumeType < TC_VOLUME_TYPE_COUNT; - volumeType++) - { - Dump ("Trying to open volume type %d\n", volumeType); - - /* Read the volume header */ - - if (!mount->bPartitionInInactiveSysEncScope - || (mount->bPartitionInInactiveSysEncScope && volumeType == TC_VOLUME_TYPE_HIDDEN)) - { - // Header of a volume that is not within the scope of system encryption, or - // header of a system hidden volume (containing a hidden OS) - - LARGE_INTEGER headerOffset; - - if (mount->UseBackupHeader && lDiskLength.QuadPart <= TC_TOTAL_VOLUME_HEADERS_SIZE) - continue; - - switch (volumeType) - { - case TC_VOLUME_TYPE_NORMAL: - headerOffset.QuadPart = mount->UseBackupHeader ? lDiskLength.QuadPart - TC_VOLUME_HEADER_GROUP_SIZE : TC_VOLUME_HEADER_OFFSET; - break; - - case TC_VOLUME_TYPE_HIDDEN: - if (lDiskLength.QuadPart <= TC_VOLUME_HEADER_GROUP_SIZE) - continue; - - headerOffset.QuadPart = mount->UseBackupHeader ? lDiskLength.QuadPart - TC_HIDDEN_VOLUME_HEADER_OFFSET : TC_HIDDEN_VOLUME_HEADER_OFFSET; - break; - } - - Dump ("Reading volume header at %I64d\n", headerOffset.QuadPart); - - ntStatus = ZwReadFile (Extension->hDeviceFile, - NULL, - NULL, - NULL, - &IoStatusBlock, - readBuffer, - bRawDevice ? max (TC_VOLUME_HEADER_EFFECTIVE_SIZE, Extension->HostBytesPerSector) : TC_VOLUME_HEADER_EFFECTIVE_SIZE, - &headerOffset, - NULL); - } - else - { - // Header of a partition that is within the scope of system encryption - - WCHAR parentDrivePath [47+1] = {0}; - HANDLE hParentDeviceFile = NULL; - UNICODE_STRING FullParentPath; - OBJECT_ATTRIBUTES oaParentFileAttributes; - LARGE_INTEGER parentKeyDataOffset; - - RtlStringCbPrintfW (parentDrivePath, - sizeof (parentDrivePath), - WIDE ("\\Device\\Harddisk%d\\Partition0"), - mount->nPartitionInInactiveSysEncScopeDriveNo); - - Dump ("Mounting partition within scope of system encryption (reading key data from: %ls)\n", parentDrivePath); - - RtlInitUnicodeString (&FullParentPath, parentDrivePath); - InitializeObjectAttributes (&oaParentFileAttributes, &FullParentPath, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL); - - ntStatus = ZwCreateFile (&hParentDeviceFile, - GENERIC_READ | SYNCHRONIZE, - &oaParentFileAttributes, - &IoStatusBlock, - NULL, - FILE_ATTRIBUTE_NORMAL | - FILE_ATTRIBUTE_SYSTEM, - FILE_SHARE_READ | FILE_SHARE_WRITE, - FILE_OPEN, - FILE_RANDOM_ACCESS | - FILE_WRITE_THROUGH | - FILE_NO_INTERMEDIATE_BUFFERING | - FILE_SYNCHRONOUS_IO_NONALERT, - NULL, - 0); - - if (!NT_SUCCESS (ntStatus)) - { - if (hParentDeviceFile != NULL) - ZwClose (hParentDeviceFile); - - Dump ("Cannot open %ls\n", parentDrivePath); - - goto error; - } - - parentKeyDataOffset.QuadPart = TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET; - - ntStatus = ZwReadFile (hParentDeviceFile, - NULL, - NULL, - NULL, - &IoStatusBlock, - readBuffer, - max (TC_VOLUME_HEADER_EFFECTIVE_SIZE, Extension->HostBytesPerSector), - &parentKeyDataOffset, - NULL); - - if (hParentDeviceFile != NULL) - ZwClose (hParentDeviceFile); - } - - if (!NT_SUCCESS (ntStatus) && ntStatus != STATUS_END_OF_FILE) - { - Dump ("Read failed: NTSTATUS 0x%08x\n", ntStatus); - goto error; - } - - if (ntStatus == STATUS_END_OF_FILE || IoStatusBlock.Information < TC_VOLUME_HEADER_EFFECTIVE_SIZE) - { - Dump ("Read didn't read enough data\n"); - - // If FSCTL_ALLOW_EXTENDED_DASD_IO failed and there is a live filesystem on the partition, then the - // filesystem driver may report EOF when we are reading hidden sectors (when the filesystem is - // shorter than the partition). This can happen for example after the user quick-formats a dismounted - // partition-hosted TrueCrypt volume and then tries to mount the volume using the embedded backup header. - memset (readBuffer, 0, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - } - - /* Attempt to recognize the volume (decrypt the header) */ - - ReadVolumeHeaderRecoveryMode = mount->RecoveryMode; - - if ((volumeType == TC_VOLUME_TYPE_HIDDEN) && mount->bProtectHiddenVolume) - { - mount->nReturnCode = ReadVolumeHeaderWCache ( - FALSE, - mount->bCache, - mount->bCachePim, - readBuffer, - &mount->ProtectedHidVolPassword, - mount->ProtectedHidVolPkcs5Prf, - mount->ProtectedHidVolPim, - mount->bTrueCryptMode, - &tmpCryptoInfo); - } - else - { - mount->nReturnCode = ReadVolumeHeaderWCache ( - mount->bPartitionInInactiveSysEncScope && volumeType == TC_VOLUME_TYPE_NORMAL, - mount->bCache, - mount->bCachePim, - readBuffer, - &mount->VolumePassword, - mount->pkcs5_prf, - mount->VolumePim, - mount->bTrueCryptMode, - &Extension->cryptoInfo); - } - - ReadVolumeHeaderRecoveryMode = FALSE; - - if (mount->nReturnCode == 0 || mount->nReturnCode == ERR_CIPHER_INIT_WEAK_KEY) - { - /* Volume header successfully decrypted */ - - if (!Extension->cryptoInfo) - { - /* should never happen */ - mount->nReturnCode = ERR_OUTOFMEMORY; - ntStatus = STATUS_SUCCESS; - goto error; - } - - Dump ("Volume header decrypted\n"); - Dump ("Required program version = %x\n", (int) Extension->cryptoInfo->RequiredProgramVersion); - Dump ("Legacy volume = %d\n", (int) Extension->cryptoInfo->LegacyVolume); - - if (IsHiddenSystemRunning() && !Extension->cryptoInfo->hiddenVolume) - { - Extension->bReadOnly = mount->bMountReadOnly = TRUE; - HiddenSysLeakProtectionCount++; - } - - Extension->cryptoInfo->bProtectHiddenVolume = FALSE; - Extension->cryptoInfo->bHiddenVolProtectionAction = FALSE; - - Extension->cryptoInfo->bPartitionInInactiveSysEncScope = mount->bPartitionInInactiveSysEncScope; - - /* compute the ID of this volume: SHA-512 of the effective header */ - sha256 (Extension->volumeID, readBuffer, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - - if (volumeType == TC_VOLUME_TYPE_NORMAL) - { - if (mount->bPartitionInInactiveSysEncScope) - { - if (Extension->cryptoInfo->EncryptedAreaStart.Value > (unsigned __int64) partitionStartingOffset - || Extension->cryptoInfo->EncryptedAreaStart.Value + Extension->cryptoInfo->VolumeSize.Value <= (unsigned __int64) partitionStartingOffset) - { - // The partition is not within the key scope of system encryption - mount->nReturnCode = ERR_PASSWORD_WRONG; - ntStatus = STATUS_SUCCESS; - goto error; - } - - if (Extension->cryptoInfo->EncryptedAreaLength.Value != Extension->cryptoInfo->VolumeSize.Value) - { - // Partial encryption is not supported for volumes mounted as regular - mount->nReturnCode = ERR_ENCRYPTION_NOT_COMPLETED; - ntStatus = STATUS_SUCCESS; - goto error; - } - } - else if (Extension->cryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) - { - if (Extension->cryptoInfo->EncryptedAreaLength.Value != Extension->cryptoInfo->VolumeSize.Value) - { - // Non-system in-place encryption process has not been completed on this volume - mount->nReturnCode = ERR_NONSYS_INPLACE_ENC_INCOMPLETE; - ntStatus = STATUS_SUCCESS; - goto error; - } - } - } - - Extension->cryptoInfo->FirstDataUnitNo.Value = 0; - - if (Extension->cryptoInfo->hiddenVolume && IsHiddenSystemRunning()) - { - // Prevent mount of a hidden system partition if the system hosted on it is currently running - if (memcmp (Extension->cryptoInfo->master_keydata, GetSystemDriveCryptoInfo()->master_keydata, EAGetKeySize (Extension->cryptoInfo->ea)) == 0) - { - mount->nReturnCode = ERR_VOL_ALREADY_MOUNTED; - ntStatus = STATUS_SUCCESS; - goto error; - } - } - - switch (volumeType) - { - case TC_VOLUME_TYPE_NORMAL: - - Extension->cryptoInfo->hiddenVolume = FALSE; - - if (mount->bPartitionInInactiveSysEncScope) - { - Extension->cryptoInfo->volDataAreaOffset = 0; - Extension->DiskLength = lDiskLength.QuadPart; - Extension->cryptoInfo->FirstDataUnitNo.Value = partitionStartingOffset / ENCRYPTION_DATA_UNIT_SIZE; - } - else if (Extension->cryptoInfo->LegacyVolume) - { - Extension->cryptoInfo->volDataAreaOffset = TC_VOLUME_HEADER_SIZE_LEGACY; - Extension->DiskLength = lDiskLength.QuadPart - TC_VOLUME_HEADER_SIZE_LEGACY; - } - else - { - Extension->cryptoInfo->volDataAreaOffset = Extension->cryptoInfo->EncryptedAreaStart.Value; - Extension->DiskLength = Extension->cryptoInfo->VolumeSize.Value; - } - - break; - - case TC_VOLUME_TYPE_HIDDEN: - - cryptoInfoPtr = mount->bProtectHiddenVolume ? tmpCryptoInfo : Extension->cryptoInfo; - - Extension->cryptoInfo->hiddenVolumeOffset = cryptoInfoPtr->EncryptedAreaStart.Value; - - Dump ("Hidden volume offset = %I64d\n", Extension->cryptoInfo->hiddenVolumeOffset); - Dump ("Hidden volume size = %I64d\n", cryptoInfoPtr->hiddenVolumeSize); - Dump ("Hidden volume end = %I64d\n", Extension->cryptoInfo->hiddenVolumeOffset + cryptoInfoPtr->hiddenVolumeSize - 1); - - // Validate the offset - if (Extension->cryptoInfo->hiddenVolumeOffset % ENCRYPTION_DATA_UNIT_SIZE != 0) - { - mount->nReturnCode = ERR_VOL_SIZE_WRONG; - ntStatus = STATUS_SUCCESS; - goto error; - } - - // If we are supposed to actually mount the hidden volume (not just to protect it) - if (!mount->bProtectHiddenVolume) - { - Extension->DiskLength = cryptoInfoPtr->hiddenVolumeSize; - Extension->cryptoInfo->hiddenVolume = TRUE; - Extension->cryptoInfo->volDataAreaOffset = Extension->cryptoInfo->hiddenVolumeOffset; - } - else - { - // Hidden volume protection - Extension->cryptoInfo->hiddenVolume = FALSE; - Extension->cryptoInfo->bProtectHiddenVolume = TRUE; - - Extension->cryptoInfo->hiddenVolumeProtectedSize = tmpCryptoInfo->hiddenVolumeSize; - - Dump ("Hidden volume protection active: %I64d-%I64d (%I64d)\n", Extension->cryptoInfo->hiddenVolumeOffset, Extension->cryptoInfo->hiddenVolumeProtectedSize + Extension->cryptoInfo->hiddenVolumeOffset - 1, Extension->cryptoInfo->hiddenVolumeProtectedSize); - } - - break; - } - - Dump ("Volume data offset = %I64d\n", Extension->cryptoInfo->volDataAreaOffset); - Dump ("Volume data size = %I64d\n", Extension->DiskLength); - Dump ("Volume data end = %I64d\n", Extension->cryptoInfo->volDataAreaOffset + Extension->DiskLength - 1); - - if (Extension->DiskLength == 0) - { - Dump ("Incorrect volume size\n"); - continue; - } - - // If this is a hidden volume, make sure we are supposed to actually - // mount it (i.e. not just to protect it) - if (volumeType == TC_VOLUME_TYPE_NORMAL || !mount->bProtectHiddenVolume) - { - // Validate sector size - if (bRawDevice && Extension->cryptoInfo->SectorSize != Extension->HostBytesPerSector) - { - mount->nReturnCode = ERR_PARAMETER_INCORRECT; - ntStatus = STATUS_SUCCESS; - goto error; - } - - // Calculate virtual volume geometry - Extension->TracksPerCylinder = 1; - Extension->SectorsPerTrack = 1; - Extension->BytesPerSector = Extension->cryptoInfo->SectorSize; - Extension->NumberOfCylinders = Extension->DiskLength / Extension->BytesPerSector; - Extension->PartitionType = 0; - - Extension->bRawDevice = bRawDevice; - - memset (Extension->wszVolume, 0, sizeof (Extension->wszVolume)); - if (wcsstr (pwszMountVolume, WIDE ("\\??\\UNC\\")) == pwszMountVolume) - { - /* UNC path */ - RtlStringCbPrintfW (Extension->wszVolume, - sizeof (Extension->wszVolume), - WIDE ("\\??\\\\%s"), - pwszMountVolume + 7); - } - else - { - RtlStringCbCopyW (Extension->wszVolume, sizeof(Extension->wszVolume),pwszMountVolume); - } - - memset (Extension->wszLabel, 0, sizeof (Extension->wszLabel)); - RtlStringCbCopyW (Extension->wszLabel, sizeof(Extension->wszLabel), mount->wszLabel); - } - - // If we are to protect a hidden volume we cannot exit yet, for we must also - // decrypt the hidden volume header. - if (!(volumeType == TC_VOLUME_TYPE_NORMAL && mount->bProtectHiddenVolume)) - { - TCfree (readBuffer); - - if (tmpCryptoInfo != NULL) - { - crypto_close (tmpCryptoInfo); - tmpCryptoInfo = NULL; - } - - return STATUS_SUCCESS; - } - } - else if ((mount->bProtectHiddenVolume && volumeType == TC_VOLUME_TYPE_NORMAL) - || mount->nReturnCode != ERR_PASSWORD_WRONG) - { - /* If we are not supposed to protect a hidden volume, the only error that is - tolerated is ERR_PASSWORD_WRONG (to allow mounting a possible hidden volume). - - If we _are_ supposed to protect a hidden volume, we do not tolerate any error - (both volume headers must be successfully decrypted). */ - - break; - } - } - - /* Failed due to some non-OS reason so we drop through and return NT - SUCCESS then nReturnCode is checked later in user-mode */ - - if (mount->nReturnCode == ERR_OUTOFMEMORY) - ntStatus = STATUS_INSUFFICIENT_RESOURCES; - else - ntStatus = STATUS_SUCCESS; - -error: - if (mount->nReturnCode == ERR_SUCCESS) - mount->nReturnCode = ERR_PASSWORD_WRONG; - - if (tmpCryptoInfo != NULL) - { - crypto_close (tmpCryptoInfo); - tmpCryptoInfo = NULL; - } - - if (Extension->cryptoInfo) - { - crypto_close (Extension->cryptoInfo); - Extension->cryptoInfo = NULL; - } - - if (Extension->bTimeStampValid) - { - RestoreTimeStamp (Extension); - } - - /* Close the hDeviceFile */ - if (Extension->hDeviceFile != NULL) - ZwClose (Extension->hDeviceFile); - - /* The cryptoInfo pointer is deallocated if the readheader routines - fail so there is no need to deallocate here */ - - /* Dereference the user-mode file object */ - if (Extension->pfoDeviceFile != NULL) - ObDereferenceObject (Extension->pfoDeviceFile); - - /* Free the tmp IO buffers */ - if (readBuffer != NULL) - TCfree (readBuffer); - - return ntStatus; -} - -void TCCloseVolume (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension) -{ - UNREFERENCED_PARAMETER (DeviceObject); /* Remove compiler warning */ - - if (Extension->hDeviceFile != NULL) - { - if (Extension->bRawDevice == FALSE - && Extension->bTimeStampValid) - { - RestoreTimeStamp (Extension); - } - ZwClose (Extension->hDeviceFile); - } - ObDereferenceObject (Extension->pfoDeviceFile); - if (Extension->cryptoInfo) - { - crypto_close (Extension->cryptoInfo); - Extension->cryptoInfo = NULL; - } -} - - -NTSTATUS TCSendHostDeviceIoControlRequestEx (PDEVICE_OBJECT DeviceObject, - PEXTENSION Extension, - ULONG IoControlCode, - void *InputBuffer, - ULONG InputBufferSize, - void *OutputBuffer, - ULONG OutputBufferSize) -{ - IO_STATUS_BLOCK IoStatusBlock; - NTSTATUS ntStatus; - PIRP Irp; - - UNREFERENCED_PARAMETER(DeviceObject); /* Remove compiler warning */ - - KeClearEvent (&Extension->keVolumeEvent); - - Irp = IoBuildDeviceIoControlRequest (IoControlCode, - Extension->pFsdDevice, - InputBuffer, InputBufferSize, - OutputBuffer, OutputBufferSize, - FALSE, - &Extension->keVolumeEvent, - &IoStatusBlock); - - if (Irp == NULL) - { - Dump ("IRP allocation failed\n"); - return STATUS_INSUFFICIENT_RESOURCES; - } - - // Disk device may be used by filesystem driver which needs file object - IoGetNextIrpStackLocation (Irp) -> FileObject = Extension->pfoDeviceFile; - - ntStatus = IoCallDriver (Extension->pFsdDevice, Irp); - if (ntStatus == STATUS_PENDING) - { - KeWaitForSingleObject (&Extension->keVolumeEvent, Executive, KernelMode, FALSE, NULL); - ntStatus = IoStatusBlock.Status; - } - - return ntStatus; -} - -NTSTATUS TCSendHostDeviceIoControlRequest (PDEVICE_OBJECT DeviceObject, - PEXTENSION Extension, - ULONG IoControlCode, - void *OutputBuffer, - ULONG OutputBufferSize) -{ - return TCSendHostDeviceIoControlRequestEx (DeviceObject, Extension, IoControlCode, NULL, 0, OutputBuffer, OutputBufferSize); -} - -NTSTATUS COMPLETE_IRP (PDEVICE_OBJECT DeviceObject, - PIRP Irp, - NTSTATUS IrpStatus, - ULONG_PTR IrpInformation) -{ - Irp->IoStatus.Status = IrpStatus; - Irp->IoStatus.Information = IrpInformation; - - UNREFERENCED_PARAMETER (DeviceObject); /* Remove compiler warning */ - -#if EXTRA_INFO - if (!NT_SUCCESS (IrpStatus)) - { - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); - Dump ("COMPLETE_IRP FAILING IRP %ls Flags 0x%08x vpb 0x%08x NTSTATUS 0x%08x\n", TCTranslateCode (irpSp->MajorFunction), - (ULONG) DeviceObject->Flags, (ULONG) DeviceObject->Vpb->Flags, IrpStatus); - } - else - { - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); - Dump ("COMPLETE_IRP SUCCESS IRP %ls Flags 0x%08x vpb 0x%08x NTSTATUS 0x%08x\n", TCTranslateCode (irpSp->MajorFunction), - (ULONG) DeviceObject->Flags, (ULONG) DeviceObject->Vpb->Flags, IrpStatus); - } -#endif - IoCompleteRequest (Irp, IO_NO_INCREMENT); - return IrpStatus; -} - - -static void RestoreTimeStamp (PEXTENSION Extension) -{ - NTSTATUS ntStatus; - FILE_BASIC_INFORMATION FileBasicInfo; - IO_STATUS_BLOCK IoStatusBlock; - - if (Extension->hDeviceFile != NULL - && Extension->bRawDevice == FALSE - && Extension->bReadOnly == FALSE - && Extension->bTimeStampValid) - { - ntStatus = ZwQueryInformationFile (Extension->hDeviceFile, - &IoStatusBlock, - &FileBasicInfo, - sizeof (FileBasicInfo), - FileBasicInformation); - - if (!NT_SUCCESS (ntStatus)) - { - Dump ("ZwQueryInformationFile failed in RestoreTimeStamp: NTSTATUS 0x%08x\n", - ntStatus); - } - else - { - FileBasicInfo.CreationTime = Extension->fileCreationTime; - FileBasicInfo.LastAccessTime = Extension->fileLastAccessTime; - FileBasicInfo.LastWriteTime = Extension->fileLastWriteTime; - FileBasicInfo.ChangeTime = Extension->fileLastChangeTime; - - ntStatus = ZwSetInformationFile( - Extension->hDeviceFile, - &IoStatusBlock, - &FileBasicInfo, - sizeof (FileBasicInfo), - FileBasicInformation); - - if (!NT_SUCCESS (ntStatus)) - Dump ("ZwSetInformationFile failed in RestoreTimeStamp: NTSTATUS 0x%08x\n",ntStatus); - } - } -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "TCdefs.h" +#include +#include "Crypto.h" +#include "Volumes.h" + +#include "Apidrvr.h" +#include "DriveFilter.h" +#include "Ntdriver.h" +#include "Ntvol.h" +#include "VolumeFilter.h" + +#include "Boot/Windows/BootCommon.h" + +#include "Cache.h" + +#if 0 && _DEBUG +#define EXTRA_INFO 1 +#endif + +#pragma warning( disable : 4127 ) + +#include + +volatile BOOL ProbingHostDeviceForWrite = FALSE; + + +NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject, + PEXTENSION Extension, + MOUNT_STRUCT *mount, + PWSTR pwszMountVolume, + BOOL bRawDevice) +{ + FILE_STANDARD_INFORMATION FileStandardInfo; + FILE_BASIC_INFORMATION FileBasicInfo; + OBJECT_ATTRIBUTES oaFileAttributes; + UNICODE_STRING FullFileName; + IO_STATUS_BLOCK IoStatusBlock; + PCRYPTO_INFO cryptoInfoPtr = NULL; + PCRYPTO_INFO tmpCryptoInfo = NULL; + LARGE_INTEGER lDiskLength; + __int64 partitionStartingOffset = 0; + int volumeType; + char *readBuffer = 0; + NTSTATUS ntStatus = 0; + BOOL forceAccessCheck = (!bRawDevice && !(OsMajorVersion == 5 &&OsMinorVersion == 0)); // Windows 2000 does not support OBJ_FORCE_ACCESS_CHECK attribute + BOOL disableBuffering = TRUE; + BOOL exclusiveAccess = mount->bExclusiveAccess; + + Extension->pfoDeviceFile = NULL; + Extension->hDeviceFile = NULL; + Extension->bTimeStampValid = FALSE; + + RtlInitUnicodeString (&FullFileName, pwszMountVolume); + InitializeObjectAttributes (&oaFileAttributes, &FullFileName, OBJ_CASE_INSENSITIVE | (forceAccessCheck ? OBJ_FORCE_ACCESS_CHECK : 0) | OBJ_KERNEL_HANDLE, NULL, NULL); + KeInitializeEvent (&Extension->keVolumeEvent, NotificationEvent, FALSE); + + if (Extension->SecurityClientContextValid) + { + ntStatus = SeImpersonateClientEx (&Extension->SecurityClientContext, NULL); + if (!NT_SUCCESS (ntStatus)) + goto error; + } + + mount->VolumeMountedReadOnlyAfterDeviceWriteProtected = FALSE; + + // If we are opening a device, query its size first + if (bRawDevice) + { + PARTITION_INFORMATION pi; + PARTITION_INFORMATION_EX pix; + LARGE_INTEGER diskLengthInfo; + DISK_GEOMETRY dg; + STORAGE_PROPERTY_QUERY storagePropertyQuery = {0}; + STORAGE_ACCESS_ALIGNMENT_DESCRIPTOR storageDescriptor = {0}; + + ntStatus = IoGetDeviceObjectPointer (&FullFileName, + FILE_READ_DATA | FILE_READ_ATTRIBUTES, + &Extension->pfoDeviceFile, + &Extension->pFsdDevice); + + if (!NT_SUCCESS (ntStatus)) + goto error; + + ntStatus = TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_DRIVE_GEOMETRY, (char *) &dg, sizeof (dg)); + if (!NT_SUCCESS (ntStatus)) + goto error; + + lDiskLength.QuadPart = dg.Cylinders.QuadPart * dg.SectorsPerTrack * dg.TracksPerCylinder * dg.BytesPerSector; + Extension->HostBytesPerSector = dg.BytesPerSector; + + storagePropertyQuery.PropertyId = StorageAccessAlignmentProperty; + storagePropertyQuery.QueryType = PropertyStandardQuery; + + /* IOCTL_STORAGE_QUERY_PROPERTY supported only on Vista and above */ + if (NT_SUCCESS (TCSendHostDeviceIoControlRequestEx (DeviceObject, Extension, IOCTL_STORAGE_QUERY_PROPERTY, + (char*) &storagePropertyQuery, sizeof(storagePropertyQuery), + (char *) &storageDescriptor, sizeof (storageDescriptor)))) + { + Extension->HostBytesPerPhysicalSector = storageDescriptor.BytesPerPhysicalSector; + } + else + { + Extension->HostBytesPerPhysicalSector = dg.BytesPerSector; + } + + // Drive geometry is used only when IOCTL_DISK_GET_PARTITION_INFO fails + if (NT_SUCCESS (TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_PARTITION_INFO_EX, (char *) &pix, sizeof (pix)))) + { + lDiskLength.QuadPart = pix.PartitionLength.QuadPart; + partitionStartingOffset = pix.StartingOffset.QuadPart; + } + // Windows 2000 does not support IOCTL_DISK_GET_PARTITION_INFO_EX + else if (NT_SUCCESS (TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_PARTITION_INFO, (char *) &pi, sizeof (pi)))) + { + lDiskLength.QuadPart = pi.PartitionLength.QuadPart; + partitionStartingOffset = pi.StartingOffset.QuadPart; + } + else if (NT_SUCCESS (TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_LENGTH_INFO, &diskLengthInfo, sizeof (diskLengthInfo)))) + { + lDiskLength = diskLengthInfo; + } + + ProbingHostDeviceForWrite = TRUE; + + if (!mount->bMountReadOnly + && TCSendHostDeviceIoControlRequest (DeviceObject, Extension, + IsHiddenSystemRunning() ? TC_IOCTL_DISK_IS_WRITABLE : IOCTL_DISK_IS_WRITABLE, NULL, 0) == STATUS_MEDIA_WRITE_PROTECTED) + { + mount->bMountReadOnly = TRUE; + DeviceObject->Characteristics |= FILE_READ_ONLY_DEVICE; + mount->VolumeMountedReadOnlyAfterDeviceWriteProtected = TRUE; + } + + ProbingHostDeviceForWrite = FALSE; + + // Some Windows tools (e.g. diskmgmt, diskpart, vssadmin) fail or experience timeouts when there is a raw device + // open for exclusive access. Therefore, exclusive access is used only for file-hosted volumes. + // Applications requiring a consistent device image need to acquire exclusive write access first. This is prevented + // when a device-hosted volume is mounted. + + exclusiveAccess = FALSE; + } + else + { + // Limit the maximum required buffer size + if (mount->BytesPerSector > 128 * BYTES_PER_KB) + { + ntStatus = STATUS_INVALID_PARAMETER; + goto error; + } + + Extension->HostBytesPerSector = mount->BytesPerSector; + Extension->HostBytesPerPhysicalSector = mount->BytesPerPhysicalSector; + + if (Extension->HostBytesPerSector != TC_SECTOR_SIZE_FILE_HOSTED_VOLUME) + disableBuffering = FALSE; + } + + // Open the volume hosting file/device + if (!mount->bMountReadOnly) + { + ntStatus = ZwCreateFile (&Extension->hDeviceFile, + GENERIC_READ | GENERIC_WRITE | SYNCHRONIZE, + &oaFileAttributes, + &IoStatusBlock, + NULL, + FILE_ATTRIBUTE_NORMAL | + FILE_ATTRIBUTE_SYSTEM, + exclusiveAccess ? 0 : FILE_SHARE_READ | FILE_SHARE_WRITE, + FILE_OPEN, + FILE_RANDOM_ACCESS | + FILE_WRITE_THROUGH | + (disableBuffering ? FILE_NO_INTERMEDIATE_BUFFERING : 0) | + FILE_SYNCHRONOUS_IO_NONALERT, + NULL, + 0); + } + + /* 26-4-99 NT for some partitions returns this code, it is really a access denied */ + if (ntStatus == 0xc000001b) + ntStatus = STATUS_ACCESS_DENIED; + + mount->VolumeMountedReadOnlyAfterAccessDenied = FALSE; + + if (mount->bMountReadOnly || ntStatus == STATUS_ACCESS_DENIED) + { + ntStatus = ZwCreateFile (&Extension->hDeviceFile, + GENERIC_READ | SYNCHRONIZE, + &oaFileAttributes, + &IoStatusBlock, + NULL, + FILE_ATTRIBUTE_NORMAL | + FILE_ATTRIBUTE_SYSTEM, + exclusiveAccess ? FILE_SHARE_READ : FILE_SHARE_READ | FILE_SHARE_WRITE, + FILE_OPEN, + FILE_RANDOM_ACCESS | + FILE_WRITE_THROUGH | + (disableBuffering ? FILE_NO_INTERMEDIATE_BUFFERING : 0) | + FILE_SYNCHRONOUS_IO_NONALERT, + NULL, + 0); + + if (NT_SUCCESS (ntStatus) && !mount->bMountReadOnly) + mount->VolumeMountedReadOnlyAfterAccessDenied = TRUE; + + Extension->bReadOnly = TRUE; + DeviceObject->Characteristics |= FILE_READ_ONLY_DEVICE; + } + else + Extension->bReadOnly = FALSE; + + /* 26-4-99 NT for some partitions returns this code, it is really a + access denied */ + if (ntStatus == 0xc000001b) + { + /* Partitions which return this code can still be opened with + FILE_SHARE_READ but this causes NT problems elsewhere in + particular if you do FILE_SHARE_READ NT will die later if + anyone even tries to open the partition (or file for that + matter...) */ + ntStatus = STATUS_SHARING_VIOLATION; + } + + if (!NT_SUCCESS (ntStatus)) + { + goto error; + } + + // If we have opened a file, query its size now + if (bRawDevice == FALSE) + { + ntStatus = ZwQueryInformationFile (Extension->hDeviceFile, + &IoStatusBlock, + &FileBasicInfo, + sizeof (FileBasicInfo), + FileBasicInformation); + + if (NT_SUCCESS (ntStatus)) + { + if (mount->bPreserveTimestamp) + { + Extension->fileCreationTime = FileBasicInfo.CreationTime; + Extension->fileLastAccessTime = FileBasicInfo.LastAccessTime; + Extension->fileLastWriteTime = FileBasicInfo.LastWriteTime; + Extension->fileLastChangeTime = FileBasicInfo.ChangeTime; + Extension->bTimeStampValid = TRUE; + } + + ntStatus = ZwQueryInformationFile (Extension->hDeviceFile, + &IoStatusBlock, + &FileStandardInfo, + sizeof (FileStandardInfo), + FileStandardInformation); + } + + if (!NT_SUCCESS (ntStatus)) + { + Dump ("ZwQueryInformationFile failed while opening file: NTSTATUS 0x%08x\n", + ntStatus); + goto error; + } + + lDiskLength.QuadPart = FileStandardInfo.EndOfFile.QuadPart; + + if (FileBasicInfo.FileAttributes & FILE_ATTRIBUTE_COMPRESSED) + { + Dump ("File \"%ls\" is marked as compressed - not supported!\n", pwszMountVolume); + mount->nReturnCode = ERR_COMPRESSION_NOT_SUPPORTED; + ntStatus = STATUS_SUCCESS; + goto error; + } + + ntStatus = ObReferenceObjectByHandle (Extension->hDeviceFile, + FILE_ALL_ACCESS, + *IoFileObjectType, + KernelMode, + &Extension->pfoDeviceFile, + 0); + + if (!NT_SUCCESS (ntStatus)) + { + goto error; + } + + /* Get the FSD device for the file (probably either NTFS or FAT) */ + Extension->pFsdDevice = IoGetRelatedDeviceObject (Extension->pfoDeviceFile); + } + else + { + // Try to gain "raw" access to the partition in case there is a live filesystem on it (otherwise, + // the NTFS driver guards hidden sectors and prevents mounting using a backup header e.g. after the user + // accidentally quick-formats a dismounted partition-hosted TrueCrypt volume as NTFS). + + PFILE_OBJECT pfoTmpDeviceFile = NULL; + + if (NT_SUCCESS (ObReferenceObjectByHandle (Extension->hDeviceFile, FILE_ALL_ACCESS, *IoFileObjectType, KernelMode, &pfoTmpDeviceFile, NULL)) + && pfoTmpDeviceFile != NULL) + { + TCFsctlCall (pfoTmpDeviceFile, FSCTL_ALLOW_EXTENDED_DASD_IO, NULL, 0, NULL, 0); + ObDereferenceObject (pfoTmpDeviceFile); + } + } + + // Check volume size + if (lDiskLength.QuadPart < TC_MIN_VOLUME_SIZE_LEGACY || lDiskLength.QuadPart > TC_MAX_VOLUME_SIZE) + { + mount->nReturnCode = ERR_VOL_SIZE_WRONG; + ntStatus = STATUS_SUCCESS; + goto error; + } + + Extension->DiskLength = lDiskLength.QuadPart; + Extension->HostLength = lDiskLength.QuadPart; + + readBuffer = TCalloc (max (max (TC_VOLUME_HEADER_EFFECTIVE_SIZE, PAGE_SIZE), Extension->HostBytesPerSector)); + if (readBuffer == NULL) + { + ntStatus = STATUS_INSUFFICIENT_RESOURCES; + goto error; + } + + // Go through all volume types (e.g., normal, hidden) + for (volumeType = TC_VOLUME_TYPE_NORMAL; + volumeType < TC_VOLUME_TYPE_COUNT; + volumeType++) + { + Dump ("Trying to open volume type %d\n", volumeType); + + /* Read the volume header */ + + if (!mount->bPartitionInInactiveSysEncScope + || (mount->bPartitionInInactiveSysEncScope && volumeType == TC_VOLUME_TYPE_HIDDEN)) + { + // Header of a volume that is not within the scope of system encryption, or + // header of a system hidden volume (containing a hidden OS) + + LARGE_INTEGER headerOffset; + + if (mount->UseBackupHeader && lDiskLength.QuadPart <= TC_TOTAL_VOLUME_HEADERS_SIZE) + continue; + + switch (volumeType) + { + case TC_VOLUME_TYPE_NORMAL: + headerOffset.QuadPart = mount->UseBackupHeader ? lDiskLength.QuadPart - TC_VOLUME_HEADER_GROUP_SIZE : TC_VOLUME_HEADER_OFFSET; + break; + + case TC_VOLUME_TYPE_HIDDEN: + if (lDiskLength.QuadPart <= TC_VOLUME_HEADER_GROUP_SIZE) + continue; + + headerOffset.QuadPart = mount->UseBackupHeader ? lDiskLength.QuadPart - TC_HIDDEN_VOLUME_HEADER_OFFSET : TC_HIDDEN_VOLUME_HEADER_OFFSET; + break; + } + + Dump ("Reading volume header at %I64d\n", headerOffset.QuadPart); + + ntStatus = ZwReadFile (Extension->hDeviceFile, + NULL, + NULL, + NULL, + &IoStatusBlock, + readBuffer, + bRawDevice ? max (TC_VOLUME_HEADER_EFFECTIVE_SIZE, Extension->HostBytesPerSector) : TC_VOLUME_HEADER_EFFECTIVE_SIZE, + &headerOffset, + NULL); + } + else + { + // Header of a partition that is within the scope of system encryption + + WCHAR parentDrivePath [47+1] = {0}; + HANDLE hParentDeviceFile = NULL; + UNICODE_STRING FullParentPath; + OBJECT_ATTRIBUTES oaParentFileAttributes; + LARGE_INTEGER parentKeyDataOffset; + + RtlStringCbPrintfW (parentDrivePath, + sizeof (parentDrivePath), + WIDE ("\\Device\\Harddisk%d\\Partition0"), + mount->nPartitionInInactiveSysEncScopeDriveNo); + + Dump ("Mounting partition within scope of system encryption (reading key data from: %ls)\n", parentDrivePath); + + RtlInitUnicodeString (&FullParentPath, parentDrivePath); + InitializeObjectAttributes (&oaParentFileAttributes, &FullParentPath, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL); + + ntStatus = ZwCreateFile (&hParentDeviceFile, + GENERIC_READ | SYNCHRONIZE, + &oaParentFileAttributes, + &IoStatusBlock, + NULL, + FILE_ATTRIBUTE_NORMAL | + FILE_ATTRIBUTE_SYSTEM, + FILE_SHARE_READ | FILE_SHARE_WRITE, + FILE_OPEN, + FILE_RANDOM_ACCESS | + FILE_WRITE_THROUGH | + FILE_NO_INTERMEDIATE_BUFFERING | + FILE_SYNCHRONOUS_IO_NONALERT, + NULL, + 0); + + if (!NT_SUCCESS (ntStatus)) + { + if (hParentDeviceFile != NULL) + ZwClose (hParentDeviceFile); + + Dump ("Cannot open %ls\n", parentDrivePath); + + goto error; + } + + parentKeyDataOffset.QuadPart = TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET; + + ntStatus = ZwReadFile (hParentDeviceFile, + NULL, + NULL, + NULL, + &IoStatusBlock, + readBuffer, + max (TC_VOLUME_HEADER_EFFECTIVE_SIZE, Extension->HostBytesPerSector), + &parentKeyDataOffset, + NULL); + + if (hParentDeviceFile != NULL) + ZwClose (hParentDeviceFile); + } + + if (!NT_SUCCESS (ntStatus) && ntStatus != STATUS_END_OF_FILE) + { + Dump ("Read failed: NTSTATUS 0x%08x\n", ntStatus); + goto error; + } + + if (ntStatus == STATUS_END_OF_FILE || IoStatusBlock.Information < TC_VOLUME_HEADER_EFFECTIVE_SIZE) + { + Dump ("Read didn't read enough data\n"); + + // If FSCTL_ALLOW_EXTENDED_DASD_IO failed and there is a live filesystem on the partition, then the + // filesystem driver may report EOF when we are reading hidden sectors (when the filesystem is + // shorter than the partition). This can happen for example after the user quick-formats a dismounted + // partition-hosted TrueCrypt volume and then tries to mount the volume using the embedded backup header. + memset (readBuffer, 0, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + } + + /* Attempt to recognize the volume (decrypt the header) */ + + ReadVolumeHeaderRecoveryMode = mount->RecoveryMode; + + if ((volumeType == TC_VOLUME_TYPE_HIDDEN) && mount->bProtectHiddenVolume) + { + mount->nReturnCode = ReadVolumeHeaderWCache ( + FALSE, + mount->bCache, + mount->bCachePim, + readBuffer, + &mount->ProtectedHidVolPassword, + mount->ProtectedHidVolPkcs5Prf, + mount->ProtectedHidVolPim, + mount->bTrueCryptMode, + &tmpCryptoInfo); + } + else + { + mount->nReturnCode = ReadVolumeHeaderWCache ( + mount->bPartitionInInactiveSysEncScope && volumeType == TC_VOLUME_TYPE_NORMAL, + mount->bCache, + mount->bCachePim, + readBuffer, + &mount->VolumePassword, + mount->pkcs5_prf, + mount->VolumePim, + mount->bTrueCryptMode, + &Extension->cryptoInfo); + } + + ReadVolumeHeaderRecoveryMode = FALSE; + + if (mount->nReturnCode == 0 || mount->nReturnCode == ERR_CIPHER_INIT_WEAK_KEY) + { + /* Volume header successfully decrypted */ + + if (!Extension->cryptoInfo) + { + /* should never happen */ + mount->nReturnCode = ERR_OUTOFMEMORY; + ntStatus = STATUS_SUCCESS; + goto error; + } + + Dump ("Volume header decrypted\n"); + Dump ("Required program version = %x\n", (int) Extension->cryptoInfo->RequiredProgramVersion); + Dump ("Legacy volume = %d\n", (int) Extension->cryptoInfo->LegacyVolume); + + if (IsHiddenSystemRunning() && !Extension->cryptoInfo->hiddenVolume) + { + Extension->bReadOnly = mount->bMountReadOnly = TRUE; + HiddenSysLeakProtectionCount++; + } + + Extension->cryptoInfo->bProtectHiddenVolume = FALSE; + Extension->cryptoInfo->bHiddenVolProtectionAction = FALSE; + + Extension->cryptoInfo->bPartitionInInactiveSysEncScope = mount->bPartitionInInactiveSysEncScope; + + /* compute the ID of this volume: SHA-512 of the effective header */ + sha256 (Extension->volumeID, readBuffer, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + + if (volumeType == TC_VOLUME_TYPE_NORMAL) + { + if (mount->bPartitionInInactiveSysEncScope) + { + if (Extension->cryptoInfo->EncryptedAreaStart.Value > (unsigned __int64) partitionStartingOffset + || Extension->cryptoInfo->EncryptedAreaStart.Value + Extension->cryptoInfo->VolumeSize.Value <= (unsigned __int64) partitionStartingOffset) + { + // The partition is not within the key scope of system encryption + mount->nReturnCode = ERR_PASSWORD_WRONG; + ntStatus = STATUS_SUCCESS; + goto error; + } + + if (Extension->cryptoInfo->EncryptedAreaLength.Value != Extension->cryptoInfo->VolumeSize.Value) + { + // Partial encryption is not supported for volumes mounted as regular + mount->nReturnCode = ERR_ENCRYPTION_NOT_COMPLETED; + ntStatus = STATUS_SUCCESS; + goto error; + } + } + else if (Extension->cryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) + { + if (Extension->cryptoInfo->EncryptedAreaLength.Value != Extension->cryptoInfo->VolumeSize.Value) + { + // Non-system in-place encryption process has not been completed on this volume + mount->nReturnCode = ERR_NONSYS_INPLACE_ENC_INCOMPLETE; + ntStatus = STATUS_SUCCESS; + goto error; + } + } + } + + Extension->cryptoInfo->FirstDataUnitNo.Value = 0; + + if (Extension->cryptoInfo->hiddenVolume && IsHiddenSystemRunning()) + { + // Prevent mount of a hidden system partition if the system hosted on it is currently running + if (memcmp (Extension->cryptoInfo->master_keydata, GetSystemDriveCryptoInfo()->master_keydata, EAGetKeySize (Extension->cryptoInfo->ea)) == 0) + { + mount->nReturnCode = ERR_VOL_ALREADY_MOUNTED; + ntStatus = STATUS_SUCCESS; + goto error; + } + } + + switch (volumeType) + { + case TC_VOLUME_TYPE_NORMAL: + + Extension->cryptoInfo->hiddenVolume = FALSE; + + if (mount->bPartitionInInactiveSysEncScope) + { + Extension->cryptoInfo->volDataAreaOffset = 0; + Extension->DiskLength = lDiskLength.QuadPart; + Extension->cryptoInfo->FirstDataUnitNo.Value = partitionStartingOffset / ENCRYPTION_DATA_UNIT_SIZE; + } + else if (Extension->cryptoInfo->LegacyVolume) + { + Extension->cryptoInfo->volDataAreaOffset = TC_VOLUME_HEADER_SIZE_LEGACY; + Extension->DiskLength = lDiskLength.QuadPart - TC_VOLUME_HEADER_SIZE_LEGACY; + } + else + { + Extension->cryptoInfo->volDataAreaOffset = Extension->cryptoInfo->EncryptedAreaStart.Value; + Extension->DiskLength = Extension->cryptoInfo->VolumeSize.Value; + } + + break; + + case TC_VOLUME_TYPE_HIDDEN: + + cryptoInfoPtr = mount->bProtectHiddenVolume ? tmpCryptoInfo : Extension->cryptoInfo; + + Extension->cryptoInfo->hiddenVolumeOffset = cryptoInfoPtr->EncryptedAreaStart.Value; + + Dump ("Hidden volume offset = %I64d\n", Extension->cryptoInfo->hiddenVolumeOffset); + Dump ("Hidden volume size = %I64d\n", cryptoInfoPtr->hiddenVolumeSize); + Dump ("Hidden volume end = %I64d\n", Extension->cryptoInfo->hiddenVolumeOffset + cryptoInfoPtr->hiddenVolumeSize - 1); + + // Validate the offset + if (Extension->cryptoInfo->hiddenVolumeOffset % ENCRYPTION_DATA_UNIT_SIZE != 0) + { + mount->nReturnCode = ERR_VOL_SIZE_WRONG; + ntStatus = STATUS_SUCCESS; + goto error; + } + + // If we are supposed to actually mount the hidden volume (not just to protect it) + if (!mount->bProtectHiddenVolume) + { + Extension->DiskLength = cryptoInfoPtr->hiddenVolumeSize; + Extension->cryptoInfo->hiddenVolume = TRUE; + Extension->cryptoInfo->volDataAreaOffset = Extension->cryptoInfo->hiddenVolumeOffset; + } + else + { + // Hidden volume protection + Extension->cryptoInfo->hiddenVolume = FALSE; + Extension->cryptoInfo->bProtectHiddenVolume = TRUE; + + Extension->cryptoInfo->hiddenVolumeProtectedSize = tmpCryptoInfo->hiddenVolumeSize; + + Dump ("Hidden volume protection active: %I64d-%I64d (%I64d)\n", Extension->cryptoInfo->hiddenVolumeOffset, Extension->cryptoInfo->hiddenVolumeProtectedSize + Extension->cryptoInfo->hiddenVolumeOffset - 1, Extension->cryptoInfo->hiddenVolumeProtectedSize); + } + + break; + } + + Dump ("Volume data offset = %I64d\n", Extension->cryptoInfo->volDataAreaOffset); + Dump ("Volume data size = %I64d\n", Extension->DiskLength); + Dump ("Volume data end = %I64d\n", Extension->cryptoInfo->volDataAreaOffset + Extension->DiskLength - 1); + + if (Extension->DiskLength == 0) + { + Dump ("Incorrect volume size\n"); + continue; + } + + // If this is a hidden volume, make sure we are supposed to actually + // mount it (i.e. not just to protect it) + if (volumeType == TC_VOLUME_TYPE_NORMAL || !mount->bProtectHiddenVolume) + { + // Validate sector size + if (bRawDevice && Extension->cryptoInfo->SectorSize != Extension->HostBytesPerSector) + { + mount->nReturnCode = ERR_PARAMETER_INCORRECT; + ntStatus = STATUS_SUCCESS; + goto error; + } + + // Calculate virtual volume geometry + Extension->TracksPerCylinder = 1; + Extension->SectorsPerTrack = 1; + Extension->BytesPerSector = Extension->cryptoInfo->SectorSize; + Extension->NumberOfCylinders = Extension->DiskLength / Extension->BytesPerSector; + Extension->PartitionType = 0; + + Extension->bRawDevice = bRawDevice; + + memset (Extension->wszVolume, 0, sizeof (Extension->wszVolume)); + if (wcsstr (pwszMountVolume, WIDE ("\\??\\UNC\\")) == pwszMountVolume) + { + /* UNC path */ + RtlStringCbPrintfW (Extension->wszVolume, + sizeof (Extension->wszVolume), + WIDE ("\\??\\\\%s"), + pwszMountVolume + 7); + } + else + { + RtlStringCbCopyW (Extension->wszVolume, sizeof(Extension->wszVolume),pwszMountVolume); + } + + memset (Extension->wszLabel, 0, sizeof (Extension->wszLabel)); + RtlStringCbCopyW (Extension->wszLabel, sizeof(Extension->wszLabel), mount->wszLabel); + } + + // If we are to protect a hidden volume we cannot exit yet, for we must also + // decrypt the hidden volume header. + if (!(volumeType == TC_VOLUME_TYPE_NORMAL && mount->bProtectHiddenVolume)) + { + TCfree (readBuffer); + + if (tmpCryptoInfo != NULL) + { + crypto_close (tmpCryptoInfo); + tmpCryptoInfo = NULL; + } + + return STATUS_SUCCESS; + } + } + else if ((mount->bProtectHiddenVolume && volumeType == TC_VOLUME_TYPE_NORMAL) + || mount->nReturnCode != ERR_PASSWORD_WRONG) + { + /* If we are not supposed to protect a hidden volume, the only error that is + tolerated is ERR_PASSWORD_WRONG (to allow mounting a possible hidden volume). + + If we _are_ supposed to protect a hidden volume, we do not tolerate any error + (both volume headers must be successfully decrypted). */ + + break; + } + } + + /* Failed due to some non-OS reason so we drop through and return NT + SUCCESS then nReturnCode is checked later in user-mode */ + + if (mount->nReturnCode == ERR_OUTOFMEMORY) + ntStatus = STATUS_INSUFFICIENT_RESOURCES; + else + ntStatus = STATUS_SUCCESS; + +error: + if (mount->nReturnCode == ERR_SUCCESS) + mount->nReturnCode = ERR_PASSWORD_WRONG; + + if (tmpCryptoInfo != NULL) + { + crypto_close (tmpCryptoInfo); + tmpCryptoInfo = NULL; + } + + if (Extension->cryptoInfo) + { + crypto_close (Extension->cryptoInfo); + Extension->cryptoInfo = NULL; + } + + if (Extension->bTimeStampValid) + { + RestoreTimeStamp (Extension); + } + + /* Close the hDeviceFile */ + if (Extension->hDeviceFile != NULL) + ZwClose (Extension->hDeviceFile); + + /* The cryptoInfo pointer is deallocated if the readheader routines + fail so there is no need to deallocate here */ + + /* Dereference the user-mode file object */ + if (Extension->pfoDeviceFile != NULL) + ObDereferenceObject (Extension->pfoDeviceFile); + + /* Free the tmp IO buffers */ + if (readBuffer != NULL) + TCfree (readBuffer); + + return ntStatus; +} + +void TCCloseVolume (PDEVICE_OBJECT DeviceObject, PEXTENSION Extension) +{ + UNREFERENCED_PARAMETER (DeviceObject); /* Remove compiler warning */ + + if (Extension->hDeviceFile != NULL) + { + if (Extension->bRawDevice == FALSE + && Extension->bTimeStampValid) + { + RestoreTimeStamp (Extension); + } + ZwClose (Extension->hDeviceFile); + } + ObDereferenceObject (Extension->pfoDeviceFile); + if (Extension->cryptoInfo) + { + crypto_close (Extension->cryptoInfo); + Extension->cryptoInfo = NULL; + } +} + + +NTSTATUS TCSendHostDeviceIoControlRequestEx (PDEVICE_OBJECT DeviceObject, + PEXTENSION Extension, + ULONG IoControlCode, + void *InputBuffer, + ULONG InputBufferSize, + void *OutputBuffer, + ULONG OutputBufferSize) +{ + IO_STATUS_BLOCK IoStatusBlock; + NTSTATUS ntStatus; + PIRP Irp; + + UNREFERENCED_PARAMETER(DeviceObject); /* Remove compiler warning */ + + KeClearEvent (&Extension->keVolumeEvent); + + Irp = IoBuildDeviceIoControlRequest (IoControlCode, + Extension->pFsdDevice, + InputBuffer, InputBufferSize, + OutputBuffer, OutputBufferSize, + FALSE, + &Extension->keVolumeEvent, + &IoStatusBlock); + + if (Irp == NULL) + { + Dump ("IRP allocation failed\n"); + return STATUS_INSUFFICIENT_RESOURCES; + } + + // Disk device may be used by filesystem driver which needs file object + IoGetNextIrpStackLocation (Irp) -> FileObject = Extension->pfoDeviceFile; + + ntStatus = IoCallDriver (Extension->pFsdDevice, Irp); + if (ntStatus == STATUS_PENDING) + { + KeWaitForSingleObject (&Extension->keVolumeEvent, Executive, KernelMode, FALSE, NULL); + ntStatus = IoStatusBlock.Status; + } + + return ntStatus; +} + +NTSTATUS TCSendHostDeviceIoControlRequest (PDEVICE_OBJECT DeviceObject, + PEXTENSION Extension, + ULONG IoControlCode, + void *OutputBuffer, + ULONG OutputBufferSize) +{ + return TCSendHostDeviceIoControlRequestEx (DeviceObject, Extension, IoControlCode, NULL, 0, OutputBuffer, OutputBufferSize); +} + +NTSTATUS COMPLETE_IRP (PDEVICE_OBJECT DeviceObject, + PIRP Irp, + NTSTATUS IrpStatus, + ULONG_PTR IrpInformation) +{ + Irp->IoStatus.Status = IrpStatus; + Irp->IoStatus.Information = IrpInformation; + + UNREFERENCED_PARAMETER (DeviceObject); /* Remove compiler warning */ + +#if EXTRA_INFO + if (!NT_SUCCESS (IrpStatus)) + { + PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); + Dump ("COMPLETE_IRP FAILING IRP %ls Flags 0x%08x vpb 0x%08x NTSTATUS 0x%08x\n", TCTranslateCode (irpSp->MajorFunction), + (ULONG) DeviceObject->Flags, (ULONG) DeviceObject->Vpb->Flags, IrpStatus); + } + else + { + PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); + Dump ("COMPLETE_IRP SUCCESS IRP %ls Flags 0x%08x vpb 0x%08x NTSTATUS 0x%08x\n", TCTranslateCode (irpSp->MajorFunction), + (ULONG) DeviceObject->Flags, (ULONG) DeviceObject->Vpb->Flags, IrpStatus); + } +#endif + IoCompleteRequest (Irp, IO_NO_INCREMENT); + return IrpStatus; +} + + +static void RestoreTimeStamp (PEXTENSION Extension) +{ + NTSTATUS ntStatus; + FILE_BASIC_INFORMATION FileBasicInfo; + IO_STATUS_BLOCK IoStatusBlock; + + if (Extension->hDeviceFile != NULL + && Extension->bRawDevice == FALSE + && Extension->bReadOnly == FALSE + && Extension->bTimeStampValid) + { + ntStatus = ZwQueryInformationFile (Extension->hDeviceFile, + &IoStatusBlock, + &FileBasicInfo, + sizeof (FileBasicInfo), + FileBasicInformation); + + if (!NT_SUCCESS (ntStatus)) + { + Dump ("ZwQueryInformationFile failed in RestoreTimeStamp: NTSTATUS 0x%08x\n", + ntStatus); + } + else + { + FileBasicInfo.CreationTime = Extension->fileCreationTime; + FileBasicInfo.LastAccessTime = Extension->fileLastAccessTime; + FileBasicInfo.LastWriteTime = Extension->fileLastWriteTime; + FileBasicInfo.ChangeTime = Extension->fileLastChangeTime; + + ntStatus = ZwSetInformationFile( + Extension->hDeviceFile, + &IoStatusBlock, + &FileBasicInfo, + sizeof (FileBasicInfo), + FileBasicInformation); + + if (!NT_SUCCESS (ntStatus)) + Dump ("ZwSetInformationFile failed in RestoreTimeStamp: NTSTATUS 0x%08x\n",ntStatus); + } + } +} diff --git a/src/Driver/Ntvol.h b/src/Driver/Ntvol.h index 4a496a73..912c02b0 100644 --- a/src/Driver/Ntvol.h +++ b/src/Driver/Ntvol.h @@ -1,22 +1,22 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -extern volatile BOOL ProbingHostDeviceForWrite; - -NTSTATUS TCOpenVolume ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension , MOUNT_STRUCT *mount , PWSTR pwszMountVolume , BOOL bRawDevice ); -void TCCloseVolume ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension ); -NTSTATUS TCCompletion ( PDEVICE_OBJECT DeviceObject , PIRP Irp , PVOID pUserBuffer ); -static NTSTATUS TCSendHostDeviceIoControlRequest ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension , ULONG IoControlCode , void *OutputBuffer , ULONG OutputBufferSize ); -static NTSTATUS TCSendHostDeviceIoControlRequestEx ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension , ULONG IoControlCode , void *InputBuffer , ULONG InputBufferSize , void *OutputBuffer , ULONG OutputBufferSize ); -NTSTATUS COMPLETE_IRP ( PDEVICE_OBJECT DeviceObject , PIRP Irp , NTSTATUS IrpStatus , ULONG_PTR IrpInformation ); -static void RestoreTimeStamp ( PEXTENSION Extension ); +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +extern volatile BOOL ProbingHostDeviceForWrite; + +NTSTATUS TCOpenVolume ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension , MOUNT_STRUCT *mount , PWSTR pwszMountVolume , BOOL bRawDevice ); +void TCCloseVolume ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension ); +NTSTATUS TCCompletion ( PDEVICE_OBJECT DeviceObject , PIRP Irp , PVOID pUserBuffer ); +static NTSTATUS TCSendHostDeviceIoControlRequest ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension , ULONG IoControlCode , void *OutputBuffer , ULONG OutputBufferSize ); +static NTSTATUS TCSendHostDeviceIoControlRequestEx ( PDEVICE_OBJECT DeviceObject , PEXTENSION Extension , ULONG IoControlCode , void *InputBuffer , ULONG InputBufferSize , void *OutputBuffer , ULONG OutputBufferSize ); +NTSTATUS COMPLETE_IRP ( PDEVICE_OBJECT DeviceObject , PIRP Irp , NTSTATUS IrpStatus , ULONG_PTR IrpInformation ); +static void RestoreTimeStamp ( PEXTENSION Extension ); diff --git a/src/Driver/Resource.h b/src/Driver/Resource.h index effd8044..a3e73646 100644 --- a/src/Driver/Resource.h +++ b/src/Driver/Resource.h @@ -1,16 +1,16 @@ -//{{NO_DEPENDENCIES}} -// Microsoft Visual C++ generated include file. -// Used by Driver.rc -// - -// Next default values for new objects -// -#ifdef APSTUDIO_INVOKED -#ifndef APSTUDIO_READONLY_SYMBOLS -#define _APS_NO_MFC 1 -#define _APS_NEXT_RESOURCE_VALUE 101 -#define _APS_NEXT_COMMAND_VALUE 40001 -#define _APS_NEXT_CONTROL_VALUE 1001 -#define _APS_NEXT_SYMED_VALUE 101 -#endif -#endif +//{{NO_DEPENDENCIES}} +// Microsoft Visual C++ generated include file. +// Used by Driver.rc +// + +// Next default values for new objects +// +#ifdef APSTUDIO_INVOKED +#ifndef APSTUDIO_READONLY_SYMBOLS +#define _APS_NO_MFC 1 +#define _APS_NEXT_RESOURCE_VALUE 101 +#define _APS_NEXT_COMMAND_VALUE 40001 +#define _APS_NEXT_CONTROL_VALUE 1001 +#define _APS_NEXT_SYMED_VALUE 101 +#endif +#endif diff --git a/src/Driver/Sources b/src/Driver/Sources index 592c2dc6..8e8aef2d 100644 --- a/src/Driver/Sources +++ b/src/Driver/Sources @@ -1,21 +1,21 @@ -TARGETNAME=veracrypt -TARGETTYPE=DRIVER - -USER_C_FLAGS=$(USER_C_FLAGS) -D_UNICODE -LINKER_FLAGS=$(LINKER_FLAGS) -map - -INCLUDES = ../Common;../Crypto - -SOURCES = \ - DriveFilter.c \ - DumpFilter.c \ - EncryptedIoQueue.c \ - Ntdriver.c \ - Ntvol.c \ - VolumeFilter.c \ - Driver.rc - -TARGETLIBS = \ - $(SDK_LIB_PATH)/uuid.lib \ - ../Common/obj$(BUILD_ALT_DIR)/*/Common.lib \ - ../Crypto/obj$(BUILD_ALT_DIR)/*/Crypto.lib +TARGETNAME=veracrypt +TARGETTYPE=DRIVER + +USER_C_FLAGS=$(USER_C_FLAGS) -D_UNICODE +LINKER_FLAGS=$(LINKER_FLAGS) -map + +INCLUDES = ../Common;../Crypto + +SOURCES = \ + DriveFilter.c \ + DumpFilter.c \ + EncryptedIoQueue.c \ + Ntdriver.c \ + Ntvol.c \ + VolumeFilter.c \ + Driver.rc + +TARGETLIBS = \ + $(SDK_LIB_PATH)/uuid.lib \ + ../Common/obj$(BUILD_ALT_DIR)/*/Common.lib \ + ../Crypto/obj$(BUILD_ALT_DIR)/*/Crypto.lib diff --git a/src/Driver/VolumeFilter.c b/src/Driver/VolumeFilter.c index 78b2d7b9..8cb675f6 100644 --- a/src/Driver/VolumeFilter.c +++ b/src/Driver/VolumeFilter.c @@ -1,299 +1,299 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "TCdefs.h" -#include "Ntdriver.h" -#include "Ntvol.h" -#include "DriveFilter.h" -#include "VolumeFilter.h" - -typedef DriveFilterExtension VolumeFilterExtension; - -// Number of times the filter driver answered that an unencrypted volume -// is read-only (or mounted an outer/normal TrueCrypt volume as read only) -uint32 HiddenSysLeakProtectionCount = 0; - - -NTSTATUS VolumeFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo) -{ - VolumeFilterExtension *Extension; - NTSTATUS status; - PDEVICE_OBJECT filterDeviceObject = NULL; - PDEVICE_OBJECT attachedDeviceObject; - - Dump ("VolumeFilterAddDevice pdo=%p\n", pdo); - - attachedDeviceObject = IoGetAttachedDeviceReference (pdo); - status = IoCreateDevice (driverObject, sizeof (VolumeFilterExtension), NULL, attachedDeviceObject->DeviceType, 0, FALSE, &filterDeviceObject); - - ObDereferenceObject (attachedDeviceObject); - - if (!NT_SUCCESS (status)) - { - filterDeviceObject = NULL; - goto err; - } - - Extension = (VolumeFilterExtension *) filterDeviceObject->DeviceExtension; - memset (Extension, 0, sizeof (VolumeFilterExtension)); - - status = IoAttachDeviceToDeviceStackSafe (filterDeviceObject, pdo, &(Extension->LowerDeviceObject)); - if (status != STATUS_SUCCESS) - { - goto err; - } - - if (!Extension->LowerDeviceObject) - { - status = STATUS_DEVICE_REMOVED; - goto err; - } - - Extension->IsVolumeFilterDevice = TRUE; - Extension->DeviceObject = filterDeviceObject; - Extension->Pdo = pdo; - - IoInitializeRemoveLock (&Extension->Queue.RemoveLock, 'LRCV', 0, 0); - - filterDeviceObject->Flags |= Extension->LowerDeviceObject->Flags & (DO_DIRECT_IO | DO_BUFFERED_IO | DO_POWER_PAGABLE); - filterDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING; - - return status; - -err: - if (filterDeviceObject) - { - if (Extension->LowerDeviceObject) - IoDetachDevice (Extension->LowerDeviceObject); - - IoDeleteDevice (filterDeviceObject); - } - - return status; -} - - -static NTSTATUS PassIrp (PDEVICE_OBJECT deviceObject, PIRP irp) -{ - IoSkipCurrentIrpStackLocation (irp); - return IoCallDriver (deviceObject, irp); -} - - -static NTSTATUS PassFilteredIrp (PDEVICE_OBJECT deviceObject, PIRP irp, PIO_COMPLETION_ROUTINE completionRoutine, PVOID completionRoutineArg) -{ - IoCopyCurrentIrpStackLocationToNext (irp); - - if (completionRoutine) - IoSetCompletionRoutine (irp, completionRoutine, completionRoutineArg, TRUE, TRUE, TRUE); - - return IoCallDriver (deviceObject, irp); -} - - -static NTSTATUS OnDeviceUsageNotificationCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP Irp, VolumeFilterExtension *Extension) -{ - if (Irp->PendingReturned) - IoMarkIrpPending (Irp); - - if (!(Extension->LowerDeviceObject->Flags & DO_POWER_PAGABLE)) - filterDeviceObject->Flags &= ~DO_POWER_PAGABLE; - - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return STATUS_CONTINUE_COMPLETION; -} - - -static NTSTATUS OnStartDeviceCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP Irp, VolumeFilterExtension *Extension) -{ - if (Irp->PendingReturned) - IoMarkIrpPending (Irp); - - if (Extension->LowerDeviceObject->Characteristics & FILE_REMOVABLE_MEDIA) - filterDeviceObject->Characteristics |= FILE_REMOVABLE_MEDIA; - - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return STATUS_CONTINUE_COMPLETION; -} - - -static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp) -{ - NTSTATUS status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); - if (!NT_SUCCESS (status)) - return TCCompleteIrp (Irp, status, 0); - - if (IsHiddenSystemRunning()) - { - switch (irpSp->Parameters.DeviceIoControl.IoControlCode) - { - case IOCTL_DISK_IS_WRITABLE: - { - // All volumes except the system volume must be read-only - - DriveFilterExtension *bootDriveExtension = GetBootDriveFilterExtension(); - STORAGE_DEVICE_NUMBER storageDeviceNumber; - - if (!bootDriveExtension->SystemStorageDeviceNumberValid) - TC_BUG_CHECK (STATUS_INVALID_PARAMETER); - - status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber)); - - if (NT_SUCCESS (status) && bootDriveExtension->SystemStorageDeviceNumber == storageDeviceNumber.DeviceNumber) - { - PARTITION_INFORMATION_EX partition; - status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &partition, sizeof (partition)); - - if (NT_SUCCESS (status) && partition.StartingOffset.QuadPart == bootDriveExtension->ConfiguredEncryptedAreaStart) - { - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0); - } - } - - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - - ++HiddenSysLeakProtectionCount; - return TCCompleteDiskIrp (Irp, STATUS_MEDIA_WRITE_PROTECTED, 0); - } - - case TC_IOCTL_DISK_IS_WRITABLE: - Dump ("TC_IOCTL_DISK_IS_WRITABLE pdo=%p\n", Extension->Pdo); - - if (!ProbingHostDeviceForWrite) - break; - - // Probe the real state of the device as the user is mounting a TrueCrypt volume. - - // Volume filter may be attached to a merged drive+volume PDO. First test if TC_IOCTL_DISK_IS_WRITABLE works for the underlying device. - status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, TC_IOCTL_DISK_IS_WRITABLE, NULL, 0, NULL, 0); - - if (NT_SUCCESS (status) || status == STATUS_MEDIA_WRITE_PROTECTED) - { - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return TCCompleteDiskIrp (Irp, status, 0); - } - - status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_IS_WRITABLE, NULL, 0, NULL, 0); - - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return TCCompleteDiskIrp (Irp, status, 0); - - case IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES: - - // Filter IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES to enable potential future use of hidden systems on drives that use the trim operation but not wear-leveling (if any appear in future). The documentation forbids users to create hidden volumes/systems on drives that use wear-leveling and consequently also on drives that use trim (as trim is used only by drives that use wear-leveling, as of 2010). - - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0); - } - } - - status = PassIrp (Extension->LowerDeviceObject, Irp); - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return status; -} - - -static NTSTATUS DispatchPnp (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp) -{ - NTSTATUS status; - - status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); - if (!NT_SUCCESS (status)) - return TCCompleteIrp (Irp, status, 0); - - switch (irpSp->MinorFunction) - { - case IRP_MN_START_DEVICE: - Dump ("IRP_MN_START_DEVICE volume pdo=%p\n", Extension->Pdo); - return PassFilteredIrp (Extension->LowerDeviceObject, Irp, OnStartDeviceCompleted, Extension); - - case IRP_MN_DEVICE_USAGE_NOTIFICATION: - { - PDEVICE_OBJECT attachedDevice = IoGetAttachedDeviceReference (DeviceObject); - - if (attachedDevice == DeviceObject || (attachedDevice->Flags & DO_POWER_PAGABLE)) - DeviceObject->Flags |= DO_POWER_PAGABLE; - - ObDereferenceObject (attachedDevice); - } - - return PassFilteredIrp (Extension->LowerDeviceObject, Irp, OnDeviceUsageNotificationCompleted, Extension); - - - case IRP_MN_REMOVE_DEVICE: - Dump ("IRP_MN_REMOVE_DEVICE volume pdo=%p\n", Extension->Pdo); - - IoReleaseRemoveLockAndWait (&Extension->Queue.RemoveLock, Irp); - status = PassIrp (Extension->LowerDeviceObject, Irp); - - IoDetachDevice (Extension->LowerDeviceObject); - - IoDeleteDevice (DeviceObject); - return status; - - default: - status = PassIrp (Extension->LowerDeviceObject, Irp); - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - } - - return status; -} - - -static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp) -{ - NTSTATUS status; - PoStartNextPowerIrp (Irp); - - status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); - if (!NT_SUCCESS (status)) - return TCCompleteIrp (Irp, status, 0); - - IoSkipCurrentIrpStackLocation (Irp); - status = PoCallDriver (Extension->LowerDeviceObject, Irp); - - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return status; -} - - -NTSTATUS VolumeFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp) -{ - VolumeFilterExtension *Extension = (VolumeFilterExtension *) DeviceObject->DeviceExtension; - PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); - NTSTATUS status; - - ASSERT (!Extension->bRootDevice && Extension->IsVolumeFilterDevice); - - switch (irpSp->MajorFunction) - { - case IRP_MJ_DEVICE_CONTROL: - return DispatchControl (DeviceObject, Irp, Extension, irpSp); - - case IRP_MJ_PNP: - return DispatchPnp (DeviceObject, Irp, Extension, irpSp); - - case IRP_MJ_POWER: - return DispatchPower (DeviceObject, Irp, Extension, irpSp); - - default: - status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); - if (!NT_SUCCESS (status)) - return TCCompleteIrp (Irp, status, 0); - - status = PassIrp (Extension->LowerDeviceObject, Irp); - - IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); - return status; - } -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "TCdefs.h" +#include "Ntdriver.h" +#include "Ntvol.h" +#include "DriveFilter.h" +#include "VolumeFilter.h" + +typedef DriveFilterExtension VolumeFilterExtension; + +// Number of times the filter driver answered that an unencrypted volume +// is read-only (or mounted an outer/normal TrueCrypt volume as read only) +uint32 HiddenSysLeakProtectionCount = 0; + + +NTSTATUS VolumeFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo) +{ + VolumeFilterExtension *Extension; + NTSTATUS status; + PDEVICE_OBJECT filterDeviceObject = NULL; + PDEVICE_OBJECT attachedDeviceObject; + + Dump ("VolumeFilterAddDevice pdo=%p\n", pdo); + + attachedDeviceObject = IoGetAttachedDeviceReference (pdo); + status = IoCreateDevice (driverObject, sizeof (VolumeFilterExtension), NULL, attachedDeviceObject->DeviceType, 0, FALSE, &filterDeviceObject); + + ObDereferenceObject (attachedDeviceObject); + + if (!NT_SUCCESS (status)) + { + filterDeviceObject = NULL; + goto err; + } + + Extension = (VolumeFilterExtension *) filterDeviceObject->DeviceExtension; + memset (Extension, 0, sizeof (VolumeFilterExtension)); + + status = IoAttachDeviceToDeviceStackSafe (filterDeviceObject, pdo, &(Extension->LowerDeviceObject)); + if (status != STATUS_SUCCESS) + { + goto err; + } + + if (!Extension->LowerDeviceObject) + { + status = STATUS_DEVICE_REMOVED; + goto err; + } + + Extension->IsVolumeFilterDevice = TRUE; + Extension->DeviceObject = filterDeviceObject; + Extension->Pdo = pdo; + + IoInitializeRemoveLock (&Extension->Queue.RemoveLock, 'LRCV', 0, 0); + + filterDeviceObject->Flags |= Extension->LowerDeviceObject->Flags & (DO_DIRECT_IO | DO_BUFFERED_IO | DO_POWER_PAGABLE); + filterDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING; + + return status; + +err: + if (filterDeviceObject) + { + if (Extension->LowerDeviceObject) + IoDetachDevice (Extension->LowerDeviceObject); + + IoDeleteDevice (filterDeviceObject); + } + + return status; +} + + +static NTSTATUS PassIrp (PDEVICE_OBJECT deviceObject, PIRP irp) +{ + IoSkipCurrentIrpStackLocation (irp); + return IoCallDriver (deviceObject, irp); +} + + +static NTSTATUS PassFilteredIrp (PDEVICE_OBJECT deviceObject, PIRP irp, PIO_COMPLETION_ROUTINE completionRoutine, PVOID completionRoutineArg) +{ + IoCopyCurrentIrpStackLocationToNext (irp); + + if (completionRoutine) + IoSetCompletionRoutine (irp, completionRoutine, completionRoutineArg, TRUE, TRUE, TRUE); + + return IoCallDriver (deviceObject, irp); +} + + +static NTSTATUS OnDeviceUsageNotificationCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP Irp, VolumeFilterExtension *Extension) +{ + if (Irp->PendingReturned) + IoMarkIrpPending (Irp); + + if (!(Extension->LowerDeviceObject->Flags & DO_POWER_PAGABLE)) + filterDeviceObject->Flags &= ~DO_POWER_PAGABLE; + + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return STATUS_CONTINUE_COMPLETION; +} + + +static NTSTATUS OnStartDeviceCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP Irp, VolumeFilterExtension *Extension) +{ + if (Irp->PendingReturned) + IoMarkIrpPending (Irp); + + if (Extension->LowerDeviceObject->Characteristics & FILE_REMOVABLE_MEDIA) + filterDeviceObject->Characteristics |= FILE_REMOVABLE_MEDIA; + + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return STATUS_CONTINUE_COMPLETION; +} + + +static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp) +{ + NTSTATUS status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); + if (!NT_SUCCESS (status)) + return TCCompleteIrp (Irp, status, 0); + + if (IsHiddenSystemRunning()) + { + switch (irpSp->Parameters.DeviceIoControl.IoControlCode) + { + case IOCTL_DISK_IS_WRITABLE: + { + // All volumes except the system volume must be read-only + + DriveFilterExtension *bootDriveExtension = GetBootDriveFilterExtension(); + STORAGE_DEVICE_NUMBER storageDeviceNumber; + + if (!bootDriveExtension->SystemStorageDeviceNumberValid) + TC_BUG_CHECK (STATUS_INVALID_PARAMETER); + + status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber)); + + if (NT_SUCCESS (status) && bootDriveExtension->SystemStorageDeviceNumber == storageDeviceNumber.DeviceNumber) + { + PARTITION_INFORMATION_EX partition; + status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &partition, sizeof (partition)); + + if (NT_SUCCESS (status) && partition.StartingOffset.QuadPart == bootDriveExtension->ConfiguredEncryptedAreaStart) + { + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0); + } + } + + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + + ++HiddenSysLeakProtectionCount; + return TCCompleteDiskIrp (Irp, STATUS_MEDIA_WRITE_PROTECTED, 0); + } + + case TC_IOCTL_DISK_IS_WRITABLE: + Dump ("TC_IOCTL_DISK_IS_WRITABLE pdo=%p\n", Extension->Pdo); + + if (!ProbingHostDeviceForWrite) + break; + + // Probe the real state of the device as the user is mounting a TrueCrypt volume. + + // Volume filter may be attached to a merged drive+volume PDO. First test if TC_IOCTL_DISK_IS_WRITABLE works for the underlying device. + status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, TC_IOCTL_DISK_IS_WRITABLE, NULL, 0, NULL, 0); + + if (NT_SUCCESS (status) || status == STATUS_MEDIA_WRITE_PROTECTED) + { + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return TCCompleteDiskIrp (Irp, status, 0); + } + + status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_IS_WRITABLE, NULL, 0, NULL, 0); + + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return TCCompleteDiskIrp (Irp, status, 0); + + case IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES: + + // Filter IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES to enable potential future use of hidden systems on drives that use the trim operation but not wear-leveling (if any appear in future). The documentation forbids users to create hidden volumes/systems on drives that use wear-leveling and consequently also on drives that use trim (as trim is used only by drives that use wear-leveling, as of 2010). + + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0); + } + } + + status = PassIrp (Extension->LowerDeviceObject, Irp); + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return status; +} + + +static NTSTATUS DispatchPnp (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp) +{ + NTSTATUS status; + + status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); + if (!NT_SUCCESS (status)) + return TCCompleteIrp (Irp, status, 0); + + switch (irpSp->MinorFunction) + { + case IRP_MN_START_DEVICE: + Dump ("IRP_MN_START_DEVICE volume pdo=%p\n", Extension->Pdo); + return PassFilteredIrp (Extension->LowerDeviceObject, Irp, OnStartDeviceCompleted, Extension); + + case IRP_MN_DEVICE_USAGE_NOTIFICATION: + { + PDEVICE_OBJECT attachedDevice = IoGetAttachedDeviceReference (DeviceObject); + + if (attachedDevice == DeviceObject || (attachedDevice->Flags & DO_POWER_PAGABLE)) + DeviceObject->Flags |= DO_POWER_PAGABLE; + + ObDereferenceObject (attachedDevice); + } + + return PassFilteredIrp (Extension->LowerDeviceObject, Irp, OnDeviceUsageNotificationCompleted, Extension); + + + case IRP_MN_REMOVE_DEVICE: + Dump ("IRP_MN_REMOVE_DEVICE volume pdo=%p\n", Extension->Pdo); + + IoReleaseRemoveLockAndWait (&Extension->Queue.RemoveLock, Irp); + status = PassIrp (Extension->LowerDeviceObject, Irp); + + IoDetachDevice (Extension->LowerDeviceObject); + + IoDeleteDevice (DeviceObject); + return status; + + default: + status = PassIrp (Extension->LowerDeviceObject, Irp); + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + } + + return status; +} + + +static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp) +{ + NTSTATUS status; + PoStartNextPowerIrp (Irp); + + status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); + if (!NT_SUCCESS (status)) + return TCCompleteIrp (Irp, status, 0); + + IoSkipCurrentIrpStackLocation (Irp); + status = PoCallDriver (Extension->LowerDeviceObject, Irp); + + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return status; +} + + +NTSTATUS VolumeFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp) +{ + VolumeFilterExtension *Extension = (VolumeFilterExtension *) DeviceObject->DeviceExtension; + PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp); + NTSTATUS status; + + ASSERT (!Extension->bRootDevice && Extension->IsVolumeFilterDevice); + + switch (irpSp->MajorFunction) + { + case IRP_MJ_DEVICE_CONTROL: + return DispatchControl (DeviceObject, Irp, Extension, irpSp); + + case IRP_MJ_PNP: + return DispatchPnp (DeviceObject, Irp, Extension, irpSp); + + case IRP_MJ_POWER: + return DispatchPower (DeviceObject, Irp, Extension, irpSp); + + default: + status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp); + if (!NT_SUCCESS (status)) + return TCCompleteIrp (Irp, status, 0); + + status = PassIrp (Extension->LowerDeviceObject, Irp); + + IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp); + return status; + } +} diff --git a/src/Driver/VolumeFilter.h b/src/Driver/VolumeFilter.h index ace7627a..be0cbd0b 100644 --- a/src/Driver/VolumeFilter.h +++ b/src/Driver/VolumeFilter.h @@ -1,23 +1,23 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_DRIVER_VOLUME_FILTER -#define TC_HEADER_DRIVER_VOLUME_FILTER - -#include "TCdefs.h" - -extern uint32 HiddenSysLeakProtectionCount; - -NTSTATUS VolumeFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo); -NTSTATUS VolumeFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp); - -#endif // TC_HEADER_DRIVER_VOLUME_FILTER +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_DRIVER_VOLUME_FILTER +#define TC_HEADER_DRIVER_VOLUME_FILTER + +#include "TCdefs.h" + +extern uint32 HiddenSysLeakProtectionCount; + +NTSTATUS VolumeFilterAddDevice (PDRIVER_OBJECT driverObject, PDEVICE_OBJECT pdo); +NTSTATUS VolumeFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp); + +#endif // TC_HEADER_DRIVER_VOLUME_FILTER diff --git a/src/ExpandVolume/DlgExpandVolume.cpp b/src/ExpandVolume/DlgExpandVolume.cpp index 0a24c2c2..e08721b3 100644 --- a/src/ExpandVolume/DlgExpandVolume.cpp +++ b/src/ExpandVolume/DlgExpandVolume.cpp @@ -1,777 +1,777 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' and also from the source code of extcv, which is Copyright (c) 2009-2010 Kih-Oskh - or Copyright (c) 2012-2013 Josef Schneider - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" - -#include -#include -#include -#include -#include -#include -#include -#include - -#include "Apidrvr.h" -#include "Volumes.h" -#include "Crypto.h" -#include "Dlgcode.h" -#include "Language.h" -#include "Pkcs5.h" -#include "Random.h" -// #include "../Mount/Mount.h" - -#include "../Common/Dictionary.h" -#include "../Common/Common.h" -#include "../Common/Resource.h" -#include "../Common/SecurityToken.h" -#include "../Common/Progress.h" - -#include "ExpandVolume.h" -#include "Resource.h" - -// TO DO: display sector sizes different than 512 bytes -#define SECTOR_SIZE_MSG 512 - -#define TIMER_ID_RANDVIEW 0xff -#define TIMER_INTERVAL_RANDVIEW 50 - -// see definition of enum EV_FileSystem -const wchar_t * szFileSystemStr[4] = {L"RAW",L"FAT",L"NTFS",L"EXFAT"}; - -// prototypes for internal functions -BOOL CALLBACK ExpandVolSizeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); -BOOL CALLBACK ExpandVolProgressDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); - -namespace VeraCryptExpander -{ -/* defined in WinMain.c, referenced by ExpandVolumeWizard() */ -int ExtcvAskVolumePassword (HWND hwndDlg, const wchar_t* fileName, Password *password, int *pkcs5, int *pim, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions); -} - - -int GetSpaceString(wchar_t *dest, size_t cbDest, uint64 size, BOOL bDevice) -{ - const wchar_t * szFmtBytes = L"%.0lf %s"; - const wchar_t * szFmtOther = L"%.2lf %s"; - const wchar_t * SuffixStr[] = {L"Byte", L"KB", L"MB", L"GB", L"TB"}; - const uint64 Muliplier[] = {1, BYTES_PER_KB, BYTES_PER_MB, BYTES_PER_GB, BYTES_PER_TB}; - const int nMaxSuffix = sizeof(Muliplier)/sizeof(uint64) - 1; - int i; - - for (i=1; i<=nMaxSuffix && size>Muliplier[i]; i++) ; - - --i; - - if (bDevice) { - wchar_t szTemp[512]; - - if (StringCbPrintfW(szTemp, sizeof(szTemp),i?szFmtOther:szFmtBytes, size/(double)Muliplier[i], SuffixStr[i]) < 0 ) - return -1; - - return StringCbPrintfW(dest, cbDest, L"%I64u sectors (%s)", size/SECTOR_SIZE_MSG , szTemp); - } - - return StringCbPrintfW(dest, cbDest,i?szFmtOther:szFmtBytes, size/(double)Muliplier[i], SuffixStr[i]); -} - -void SetCurrentVolSize(HWND hwndDlg, uint64 size) -{ - const uint64 Muliplier[] = {BYTES_PER_KB, BYTES_PER_MB, BYTES_PER_GB, BYTES_PER_TB}; - const int IdRadioBtn[] = {IDC_KB, IDC_MB, IDC_GB, IDC_TB}; - const int nMaxSuffix = sizeof(Muliplier)/sizeof(uint64) - 1; - int i; - wchar_t szTemp[256]; - - for (i=1; i<=nMaxSuffix && size>Muliplier[i]; i++) ; - - --i; - - SendDlgItemMessage (hwndDlg, IdRadioBtn[i], BM_SETCHECK, BST_CHECKED, 0); - StringCbPrintfW(szTemp,sizeof(szTemp),L"%I64u",size/Muliplier[i]); - SetWindowText (GetDlgItem (hwndDlg, IDC_SIZEBOX), szTemp); -} - -uint64 GetSizeBoxMultiplier(HWND hwndDlg) -{ - const uint64 Muliplier[] = {BYTES_PER_KB, BYTES_PER_MB, BYTES_PER_GB, BYTES_PER_TB}; - const int IdRadioBtn[] = {IDC_KB, IDC_MB, IDC_GB, IDC_TB}; - const int nMaxSuffix = sizeof(Muliplier)/sizeof(uint64) - 1; - int i; - - for (i=nMaxSuffix; i>0 && !IsButtonChecked (GetDlgItem (hwndDlg, IdRadioBtn[i])); --i) ; - - return Muliplier[i]; -} - -BOOL CALLBACK ExpandVolSizeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - static EXPAND_VOL_THREAD_PARAMS *pVolExpandParam; - - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - wchar_t szTemp[4096]; - - pVolExpandParam = (EXPAND_VOL_THREAD_PARAMS*)lParam; - - EnableWindow (GetDlgItem (hwndDlg, IDC_SIZEBOX), !pVolExpandParam->bIsDevice); - EnableWindow (GetDlgItem (hwndDlg, IDC_KB), !pVolExpandParam->bIsDevice); - EnableWindow (GetDlgItem (hwndDlg, IDC_MB), !pVolExpandParam->bIsDevice); - EnableWindow (GetDlgItem (hwndDlg, IDC_GB), !pVolExpandParam->bIsDevice); - EnableWindow (GetDlgItem (hwndDlg, IDC_TB), !pVolExpandParam->bIsDevice); - - EnableWindow (GetDlgItem (hwndDlg, IDC_INIT_NEWSPACE), - !(pVolExpandParam->bIsLegacy && pVolExpandParam->bIsDevice)); - SendDlgItemMessage (hwndDlg, IDC_INIT_NEWSPACE, BM_SETCHECK, - pVolExpandParam->bInitFreeSpace ? BST_CHECKED : BST_UNCHECKED, 0); - - if (!pVolExpandParam->bIsDevice) - SetCurrentVolSize(hwndDlg,pVolExpandParam->oldSize); - - SendMessage (GetDlgItem (hwndDlg, IDC_BOX_HELP), WM_SETFONT, (WPARAM) hBoldFont, (LPARAM) TRUE); - - GetSpaceString(szTemp,sizeof(szTemp),pVolExpandParam->oldSize,pVolExpandParam->bIsDevice); - - SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_OLDSIZE), szTemp); - SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_NAME), pVolExpandParam->szVolumeName); - SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_FILE_SYSTEM), szFileSystemStr[pVolExpandParam->FileSystem]); - - if (pVolExpandParam->bIsDevice) - { - GetSpaceString(szTemp,sizeof(szTemp),pVolExpandParam->newSize,TRUE); - } - else - { - wchar_t szHostFreeStr[256]; - - SetWindowText (GetDlgItem (hwndDlg, IDT_NEW_SIZE), L""); - GetSpaceString(szHostFreeStr,sizeof(szHostFreeStr),pVolExpandParam->hostSizeFree,FALSE); - StringCbPrintfW (szTemp,sizeof(szTemp),L"%s available on host drive", szHostFreeStr); - } - - SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_NEWSIZE), szTemp); - - // set help text - if (pVolExpandParam->bIsDevice) - { - StringCbPrintfW (szTemp,sizeof(szTemp),L"This is a device-based VeraCrypt volume.\n\nThe new volume size will be choosen automatically as the size of the host device."); - if (pVolExpandParam->bIsLegacy) - StringCbCatW(szTemp,sizeof(szTemp),L" Note: filling the new space with random data is not supported for legacy volumes."); - } - else - { - StringCbPrintfW (szTemp, sizeof(szTemp),L"Please specify the new size of the VeraCrypt volume (must be at least %I64u KB larger than the current size).",TC_MINVAL_FS_EXPAND/1024); - } - SetWindowText (GetDlgItem (hwndDlg, IDC_BOX_HELP), szTemp); - - } - return 0; - - - case WM_COMMAND: - if (lw == IDCANCEL) - { - EndDialog (hwndDlg, lw); - return 1; - } - - if (lw == IDOK) - { - wchar_t szTemp[4096]; - - pVolExpandParam->bInitFreeSpace = IsButtonChecked (GetDlgItem (hwndDlg, IDC_INIT_NEWSPACE)); - if (!pVolExpandParam->bIsDevice) // for devices new size is set by calling function - { - GetWindowText (GetDlgItem (hwndDlg, IDC_SIZEBOX), szTemp, ARRAYSIZE (szTemp)); - pVolExpandParam->newSize = _wtoi64(szTemp) * GetSizeBoxMultiplier(hwndDlg); - } - - EndDialog (hwndDlg, lw); - return 1; - } - - return 0; - } - - return 0; -} - - -extern "C" void AddProgressDlgStatus(HWND hwndDlg, const wchar_t* szText) -{ - HWND hwndCtrl; - - hwndCtrl = GetDlgItem (hwndDlg,IDC_BOX_STATUS); - SendMessage(hwndCtrl,EM_REPLACESEL,FALSE,(LPARAM)szText); - SendMessage(hwndCtrl,EM_SCROLLCARET,0,0); -} - - -extern "C" void SetProgressDlgStatus(HWND hwndDlg, const wchar_t* szText) -{ - HWND hwndCtrl; - - hwndCtrl = GetDlgItem (hwndDlg,IDC_BOX_STATUS); - SendMessage(hwndCtrl,EM_SETSEL,0,-1); - SendMessage(hwndCtrl,EM_REPLACESEL,FALSE,(LPARAM)szText); - SendMessage(hwndCtrl,EM_SCROLLCARET,0,0); -} - - -BOOL CALLBACK ExpandVolProgressDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - static EXPAND_VOL_THREAD_PARAMS *pProgressDlgParam; - static BOOL bVolTransformStarted = FALSE; - static BOOL showRandPool = TRUE; - static unsigned char randPool[16]; - static unsigned char maskRandPool [16]; - static BOOL bUseMask = FALSE; - static DWORD mouseEntropyGathered = 0xFFFFFFFF; - static DWORD mouseEventsInitialCount = 0; - /* max value of entropy needed to fill all random pool = 8 * RNG_POOL_SIZE = 2560 bits */ - static const DWORD maxEntropyLevel = RNG_POOL_SIZE * 8; - static HWND hEntropyBar = NULL; - - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - wchar_t szOldHostSize[512], szNewHostSize[512]; - HCRYPTPROV hRngProv; - - pProgressDlgParam = (EXPAND_VOL_THREAD_PARAMS*)lParam; - bVolTransformStarted = FALSE; - showRandPool = FALSE; - - hCurPage = hwndDlg; - nPbar = IDC_PROGRESS_BAR; - - VirtualLock (randPool, sizeof(randPool)); - VirtualLock (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); - VirtualLock (maskRandPool, sizeof(maskRandPool)); - - mouseEntropyGathered = 0xFFFFFFFF; - mouseEventsInitialCount = 0; - bUseMask = FALSE; - if (CryptAcquireContext (&hRngProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) - { - if (CryptGenRandom (hRngProv, sizeof (maskRandPool), maskRandPool)) - bUseMask = TRUE; - CryptReleaseContext (hRngProv, 0); - } - - GetSpaceString(szOldHostSize,sizeof(szOldHostSize),pProgressDlgParam->oldSize,pProgressDlgParam->bIsDevice); - GetSpaceString(szNewHostSize,sizeof(szNewHostSize),pProgressDlgParam->newSize,pProgressDlgParam->bIsDevice); - - SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_OLDSIZE), szOldHostSize); - SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_NEWSIZE), szNewHostSize); - SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_NAME), pProgressDlgParam->szVolumeName); - SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_FILE_SYSTEM), szFileSystemStr[pProgressDlgParam->FileSystem]); - SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_INITSPACE), pProgressDlgParam->bInitFreeSpace?L"Yes":L"No"); - - SendMessage (GetDlgItem (hwndDlg, IDC_BOX_STATUS), WM_SETFONT, (WPARAM) hBoldFont, (LPARAM) TRUE); - - SendMessage (GetDlgItem (hwndDlg, IDC_RANDOM_BYTES), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); - - // set status text - if ( !pProgressDlgParam->bInitFreeSpace && pProgressDlgParam->bIsLegacy ) - { - showRandPool = FALSE; - EnableWindow (GetDlgItem (hwndDlg, IDC_DISPLAY_POOL_CONTENTS), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_RANDOM_BYTES), FALSE); - SetDlgItemText(hwndDlg, IDC_BOX_STATUS, L"Click 'Continue' to expand the volume."); - } - else - { - SetDlgItemText(hwndDlg, IDC_BOX_STATUS, L"IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click 'Continue' to expand the volume."); - } - - SendMessage (GetDlgItem (hwndDlg, IDC_DISPLAY_POOL_CONTENTS), BM_SETCHECK, BST_UNCHECKED, 0); - hEntropyBar = GetDlgItem (hwndDlg, IDC_ENTROPY_BAR); - SendMessage (hEntropyBar, PBM_SETRANGE32, 0, maxEntropyLevel); - SendMessage (hEntropyBar, PBM_SETSTEP, 1, 0); - SetTimer (hwndDlg, TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL); - } - return 0; - case TC_APPMSG_VOL_TRANSFORM_THREAD_ENDED: - { - int nStatus = (int)lParam; - - NormalCursor (); - if (nStatus != 0) - { - if ( nStatus != ERR_USER_ABORT ) - AddProgressDlgStatus (hwndDlg, L"Error: volume expansion failed."); - else - AddProgressDlgStatus (hwndDlg, L"Error: operation aborted by user."); - } - else - { - AddProgressDlgStatus (hwndDlg, L"Finished. Volume successfully expanded."); - } - - SetWindowText (GetDlgItem (hwndDlg, IDOK), L"Exit"); - EnableWindow (GetDlgItem (hwndDlg, IDOK), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), FALSE); - } - return 1; - - case WM_TIMER: - - switch (wParam) - { - case TIMER_ID_RANDVIEW: - { - wchar_t szRndPool[64] = {0}; - DWORD mouseEventsCounter; - - RandpeekBytes (hwndDlg, randPool, sizeof (randPool),&mouseEventsCounter); - - ProcessEntropyEstimate (hEntropyBar, &mouseEventsInitialCount, mouseEventsCounter, maxEntropyLevel, &mouseEntropyGathered); - - if (showRandPool) - StringCbPrintfW (szRndPool, sizeof(szRndPool), L"%08X%08X%08X%08X", - *((DWORD*) (randPool + 12)), *((DWORD*) (randPool + 8)), *((DWORD*) (randPool + 4)), *((DWORD*) (randPool))); - else if (bUseMask) - { - for (int i = 0; i < 16; i++) - { - wchar_t tmp2[3]; - unsigned char tmpByte = randPool[i] ^ maskRandPool[i]; - tmp2[0] = (wchar_t) (((tmpByte >> 4) % 6) + L'*'); - tmp2[1] = (wchar_t) (((tmpByte & 0x0F) % 6) + L'*'); - tmp2[2] = 0; - StringCbCatW (szRndPool, sizeof(szRndPool), tmp2); - } - } - else - { - wmemset (szRndPool, L'*', 32); - } - - SetWindowText (GetDlgItem (hwndDlg, IDC_RANDOM_BYTES), szRndPool); - - burn (randPool, sizeof(randPool)); - burn (szRndPool, sizeof(szRndPool)); - } - return 1; - } - return 0; - - case WM_COMMAND: - if (lw == IDC_DISPLAY_POOL_CONTENTS) - { - showRandPool = IsButtonChecked (GetDlgItem (hwndDlg, IDC_DISPLAY_POOL_CONTENTS)); - return 1; - } - if (lw == IDCANCEL) - { - if (bVolTransformStarted) - { - if (MessageBoxW (hwndDlg, L"Warning: Volume expansion is in progress!\n\nStopping now may result in a damaged volume.\n\nDo you really want to cancel?", lpszTitle, YES_NO|MB_ICONQUESTION|MB_DEFBUTTON2) == IDNO) - return 1; - - // tell the volume transform thread to terminate - bVolTransformThreadCancel = TRUE; - } - EndDialog (hwndDlg, lw); - return 1; - } - - if (lw == IDOK) - { - if (bVolTransformStarted) - { - // TransformThreadFunction finished -> OK button is now exit - EndDialog (hwndDlg, lw); - } - else - { - showRandPool = FALSE; - KillTimer (hwndDlg, TIMER_ID_RANDVIEW); - EnableWindow (GetDlgItem (hwndDlg, IDC_DISPLAY_POOL_CONTENTS), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDOK), FALSE); - SetProgressDlgStatus (hwndDlg, L"Starting volume expansion ...\r\n"); - bVolTransformStarted = TRUE; - pProgressDlgParam->hwndDlg = hwndDlg; - if ( _beginthread (volTransformThreadFunction, 0, pProgressDlgParam) == -1L ) - { - handleError (hwndDlg, ERR_OS_ERROR, SRC_POS); - EndDialog (hwndDlg, lw); - } - WaitCursor(); - } - return 1; - } - - return 0; - - case WM_NCDESTROY: - burn (randPool, sizeof (randPool)); - burn (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); - burn (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); - burn (maskRandPool, sizeof(maskRandPool)); - return 0; - } - - return 0; -} - - -typedef struct -{ - OpenVolumeContext *context; - const wchar_t *volumePath; - Password *password; - int pkcs5_prf; - int pim; - BOOL truecryptMode; - BOOL write; - BOOL preserveTimestamps; - BOOL useBackupHeader; - int* nStatus; -} OpenVolumeThreadParam; - -void CALLBACK OpenVolumeWaitThreadProc(void* pArg, HWND hwndDlg) -{ - OpenVolumeThreadParam* pThreadParam = (OpenVolumeThreadParam*) pArg; - - *(pThreadParam)->nStatus = OpenVolume(pThreadParam->context, pThreadParam->volumePath, pThreadParam->password, pThreadParam->pkcs5_prf, - pThreadParam->pim, pThreadParam->truecryptMode, pThreadParam->write, pThreadParam->preserveTimestamps, pThreadParam->useBackupHeader); -} - -/* - ExpandVolumeWizard - - Expands a trucrypt volume (wizard for user interface) - - Parameters: - - hwndDlg : HWND - [in] handle to parent window (if any) - - szVolume : char * - [in] Pointer to a string with the volume name (e.g. '\Device\Harddisk0\Partition1' or 'C:\topsecret.tc') - - Return value: - - none - -*/ -void ExpandVolumeWizard (HWND hwndDlg, wchar_t *lpszVolume) -{ - int nStatus = ERR_OS_ERROR; - wchar_t szTmp[4096]; - Password VolumePassword; - int VolumePkcs5 = 0, VolumePim = -1; - uint64 hostSize, volSize, hostSizeFree, maxSizeFS; - BOOL bIsDevice, bIsLegacy; - DWORD dwError; - int driveNo; - enum EV_FileSystem volFSType; - wchar_t rootPath[] = L"A:\\"; - - switch (IsSystemDevicePath (lpszVolume, hwndDlg, TRUE)) - { - case 1: - case 2: - MessageBoxW (hwndDlg, L"A VeraCrypt system volume can't be expanded.", lpszTitle, MB_OK|MB_ICONEXCLAMATION); - goto ret; - } - - EnableElevatedCursorChange (hwndDlg); - WaitCursor(); - - if (IsMountedVolume (lpszVolume)) - { - Warning ("DISMOUNT_FIRST", hwndDlg); - goto ret; - } - - if (Randinit() != ERR_SUCCESS) { - if (CryptoAPILastError == ERROR_SUCCESS) - nStatus = ERR_RAND_INIT_FAILED; - else - nStatus = ERR_CAPI_INIT_FAILED; - goto error; - } - - NormalCursor(); - - // Ask the user if there is a hidden volume - char *volTypeChoices[] = {0, "DOES_VOLUME_CONTAIN_HIDDEN", "VOLUME_CONTAINS_HIDDEN", "VOLUME_DOES_NOT_CONTAIN_HIDDEN", "IDCANCEL", 0}; - switch (AskMultiChoice ((void **) volTypeChoices, FALSE, hwndDlg)) - { - case 1: - MessageBoxW (hwndDlg, L"An outer volume containing a hidden volume can't be expanded, because this destroys the hidden volume.", lpszTitle, MB_OK|MB_ICONEXCLAMATION); - goto ret; - - case 2: - break; - - default: - nStatus = ERR_SUCCESS; - goto ret; - } - - WaitCursor(); - - nStatus = QueryVolumeInfo(hwndDlg,lpszVolume,&hostSizeFree,&maxSizeFS); - - if (nStatus!=ERR_SUCCESS) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - NormalCursor(); - - while (TRUE) - { - OpenVolumeContext expandVol; - BOOL truecryptMode = FALSE; - - if (!VeraCryptExpander::ExtcvAskVolumePassword (hwndDlg, lpszVolume, &VolumePassword, &VolumePkcs5, &VolumePim, &truecryptMode, "ENTER_NORMAL_VOL_PASSWORD", FALSE)) - { - goto ret; - } - - EnableElevatedCursorChange (hwndDlg); - WaitCursor(); - - if (KeyFilesEnable && FirstKeyFile) - KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, lpszVolume); - - WaitCursor (); - - OpenVolumeThreadParam threadParam; - threadParam.context = &expandVol; - threadParam.volumePath = lpszVolume; - threadParam.password = &VolumePassword; - threadParam.pkcs5_prf = VolumePkcs5; - threadParam.pim = VolumePim; - threadParam.truecryptMode = FALSE; - threadParam.write = FALSE; - threadParam.preserveTimestamps = bPreserveTimestamp; - threadParam.useBackupHeader = FALSE; - threadParam.nStatus = &nStatus; - - ShowWaitDialog (hwndDlg, TRUE, OpenVolumeWaitThreadProc, &threadParam); - - NormalCursor (); - - dwError = GetLastError(); - - if (nStatus == ERR_SUCCESS) - { - bIsDevice = expandVol.IsDevice; - bIsLegacy = expandVol.CryptoInfo->LegacyVolume; - hostSize = expandVol.HostSize; - VolumePkcs5 = expandVol.CryptoInfo->pkcs5; - if ( bIsLegacy ) - { - if ( bIsDevice ) - volSize = 0; // updated later - else - volSize = hostSize; - } - else - { - volSize = GetVolumeSizeByDataAreaSize (expandVol.CryptoInfo->VolumeSize.Value, bIsLegacy); - } - CloseVolume (&expandVol); - break; - } - else if (nStatus != ERR_PASSWORD_WRONG) - { - SetLastError (dwError); - goto error; - } - - NormalCursor(); - - handleError (hwndDlg, nStatus, SRC_POS); - } - - WaitCursor(); - - // auto mount the volume to check the file system type - nStatus=MountVolTemp(hwndDlg, lpszVolume, &driveNo, &VolumePassword, VolumePkcs5, VolumePim); - - if (nStatus != ERR_SUCCESS) - goto error; - - rootPath[0] += driveNo; - - if ( !GetFileSystemType(rootPath,&volFSType) ) - volFSType = EV_FS_TYPE_RAW; - - if ( bIsLegacy && bIsDevice && volFSType == EV_FS_TYPE_NTFS ) - { - uint64 NumberOfSectors; - DWORD BytesPerSector; - - if ( !GetNtfsNumberOfSectors(rootPath, &NumberOfSectors, &BytesPerSector) ) - nStatus = ERR_OS_ERROR; - - // NTFS reported size does not include boot sector copy at volume end - volSize = ( NumberOfSectors + 1 ) * BytesPerSector; - } - - UnmountVolume (hwndDlg, driveNo, TRUE); - - NormalCursor(); - - if (nStatus != ERR_SUCCESS) - goto error; - - if ( bIsDevice && bIsLegacy && volFSType != EV_FS_TYPE_NTFS ) - { - MessageBoxW (hwndDlg, - L"Expanding a device hosted legacy volume with no NTFS file system\n" - L"is unsupported.\n" - L"Note that expanding the VeraCrypt volume itself is not neccessary\n" - L"for legacy volumes.\n", - lpszTitle, MB_OK|MB_ICONEXCLAMATION); - goto ret; - } - - // check if there is enough free space on host device/drive to expand the volume - if ( (bIsDevice && hostSize < volSize + TC_MINVAL_FS_EXPAND) || (!bIsDevice && hostSizeFree < TC_MINVAL_FS_EXPAND) ) - { - MessageBoxW (hwndDlg, L"Not enough free space to expand the volume", lpszTitle, MB_OK|MB_ICONEXCLAMATION); - goto ret; - } - - if (!bIsDevice && hostSize != volSize ) { - // there is some junk data at the end of the volume - if (MessageBoxW (hwndDlg, L"Warning: The container file is larger than the VeraCrypt volume area. The data after the VeraCrypt volume area will be overwritten.\n\nDo you want to continue?", lpszTitle, YES_NO|MB_ICONQUESTION|MB_DEFBUTTON2) == IDNO) - goto ret; - } - - switch (volFSType) - { - case EV_FS_TYPE_NTFS: - break; - case EV_FS_TYPE_FAT: - if (MessageBoxW (hwndDlg,L"Warning: The VeraCrypt volume contains a FAT file system!\n\nOnly the VeraCrypt volume itself will be expanded, but not the file system.\n\nDo you want to continue?", - lpszTitle, YES_NO|MB_ICONQUESTION|MB_DEFBUTTON2) == IDNO) - goto ret; - break; - case EV_FS_TYPE_EXFAT: - if (MessageBoxW (hwndDlg,L"Warning: The VeraCrypt volume contains an exFAT file system!\n\nOnly the VeraCrypt volume itself will be expanded, but not the file system.\n\nDo you want to continue?", - lpszTitle, YES_NO|MB_ICONQUESTION|MB_DEFBUTTON2) == IDNO) - goto ret; - break; - default: - if (MessageBoxW (hwndDlg,L"Warning: The VeraCrypt volume contains an unknown or no file system!\n\nOnly the VeraCrypt volume itself will be expanded, the file system remains unchanged.\n\nDo you want to continue?", - lpszTitle, YES_NO|MB_ICONQUESTION|MB_DEFBUTTON2) == IDNO) - goto ret; - } - - EXPAND_VOL_THREAD_PARAMS VolExpandParam; - - VolExpandParam.bInitFreeSpace = (bIsLegacy && bIsDevice) ? FALSE:TRUE; - VolExpandParam.szVolumeName = lpszVolume; - VolExpandParam.FileSystem = volFSType; - VolExpandParam.pVolumePassword = &VolumePassword; - VolExpandParam.VolumePkcs5 = VolumePkcs5; - VolExpandParam.VolumePim = VolumePim; - VolExpandParam.bIsDevice = bIsDevice; - VolExpandParam.bIsLegacy = bIsLegacy; - VolExpandParam.oldSize = bIsDevice ? volSize : hostSize; - VolExpandParam.newSize = hostSize; - VolExpandParam.hostSizeFree = hostSizeFree; - - while (1) - { - uint64 newVolumeSize; - - if (IDCANCEL == DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_SIZE_DIALOG), hwndDlg, - (DLGPROC) ExpandVolSizeDlgProc, (LPARAM) &VolExpandParam)) - { - goto ret; - } - - newVolumeSize = VolExpandParam.newSize; - - if ( !bIsDevice ) - { - if ( newVolumeSize < hostSize + TC_MINVAL_FS_EXPAND) - { - StringCbPrintfW(szTmp,sizeof(szTmp),L"New volume size too small, must be at least %I64u kB larger than the current size.",TC_MINVAL_FS_EXPAND/BYTES_PER_KB); - MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_OK | MB_ICONEXCLAMATION ); - continue; - } - - if ( newVolumeSize - hostSize > hostSizeFree ) - { - StringCbPrintfW(szTmp,sizeof(szTmp),L"New volume size too large, not enough space on host drive."); - MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_OK | MB_ICONEXCLAMATION ); - continue; - } - - if ( newVolumeSize>maxSizeFS ) - { - StringCbPrintfW(szTmp,sizeof(szTmp),L"Maximum file size of %I64u MB on host drive exceeded.",maxSizeFS/BYTES_PER_MB); - MessageBoxW (hwndDlg, L"!\n",lpszTitle, MB_OK | MB_ICONEXCLAMATION ); - continue; - } - } - - if ( newVolumeSize > TC_MAX_VOLUME_SIZE ) - { - // note: current limit TC_MAX_VOLUME_SIZE is 1 PetaByte - StringCbPrintfW(szTmp,sizeof(szTmp),L"Maximum VeraCrypt volume size of %I64u TB exceeded!\n",TC_MAX_VOLUME_SIZE/BYTES_PER_TB); - MessageBoxW (hwndDlg, szTmp,lpszTitle, MB_OK | MB_ICONEXCLAMATION ); - if (bIsDevice) - break; // TODO: ask to limit volume size to TC_MAX_VOLUME_SIZE - continue; - } - - break; - } - - VolExpandParam.oldSize = volSize; - - // start progress dialog - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_EXPAND_PROGRESS_DLG), hwndDlg, - (DLGPROC) ExpandVolProgressDlgProc, (LPARAM) &VolExpandParam ); - -ret: - nStatus = ERR_SUCCESS; - -error: - - if (nStatus != 0) - handleError (hwndDlg, nStatus, SRC_POS); - - burn (&VolumePassword, sizeof (VolumePassword)); - - RestoreDefaultKeyFilesParam(); - RandStop (FALSE); - NormalCursor(); - - return; -} - + or Copyright (c) 2012-2013 Josef Schneider + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "Apidrvr.h" +#include "Volumes.h" +#include "Crypto.h" +#include "Dlgcode.h" +#include "Language.h" +#include "Pkcs5.h" +#include "Random.h" +// #include "../Mount/Mount.h" + +#include "../Common/Dictionary.h" +#include "../Common/Common.h" +#include "../Common/Resource.h" +#include "../Common/SecurityToken.h" +#include "../Common/Progress.h" + +#include "ExpandVolume.h" +#include "Resource.h" + +// TO DO: display sector sizes different than 512 bytes +#define SECTOR_SIZE_MSG 512 + +#define TIMER_ID_RANDVIEW 0xff +#define TIMER_INTERVAL_RANDVIEW 50 + +// see definition of enum EV_FileSystem +const wchar_t * szFileSystemStr[4] = {L"RAW",L"FAT",L"NTFS",L"EXFAT"}; + +// prototypes for internal functions +BOOL CALLBACK ExpandVolSizeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); +BOOL CALLBACK ExpandVolProgressDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); + +namespace VeraCryptExpander +{ +/* defined in WinMain.c, referenced by ExpandVolumeWizard() */ +int ExtcvAskVolumePassword (HWND hwndDlg, const wchar_t* fileName, Password *password, int *pkcs5, int *pim, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions); +} + + +int GetSpaceString(wchar_t *dest, size_t cbDest, uint64 size, BOOL bDevice) +{ + const wchar_t * szFmtBytes = L"%.0lf %s"; + const wchar_t * szFmtOther = L"%.2lf %s"; + const wchar_t * SuffixStr[] = {L"Byte", L"KB", L"MB", L"GB", L"TB"}; + const uint64 Muliplier[] = {1, BYTES_PER_KB, BYTES_PER_MB, BYTES_PER_GB, BYTES_PER_TB}; + const int nMaxSuffix = sizeof(Muliplier)/sizeof(uint64) - 1; + int i; + + for (i=1; i<=nMaxSuffix && size>Muliplier[i]; i++) ; + + --i; + + if (bDevice) { + wchar_t szTemp[512]; + + if (StringCbPrintfW(szTemp, sizeof(szTemp),i?szFmtOther:szFmtBytes, size/(double)Muliplier[i], SuffixStr[i]) < 0 ) + return -1; + + return StringCbPrintfW(dest, cbDest, L"%I64u sectors (%s)", size/SECTOR_SIZE_MSG , szTemp); + } + + return StringCbPrintfW(dest, cbDest,i?szFmtOther:szFmtBytes, size/(double)Muliplier[i], SuffixStr[i]); +} + +void SetCurrentVolSize(HWND hwndDlg, uint64 size) +{ + const uint64 Muliplier[] = {BYTES_PER_KB, BYTES_PER_MB, BYTES_PER_GB, BYTES_PER_TB}; + const int IdRadioBtn[] = {IDC_KB, IDC_MB, IDC_GB, IDC_TB}; + const int nMaxSuffix = sizeof(Muliplier)/sizeof(uint64) - 1; + int i; + wchar_t szTemp[256]; + + for (i=1; i<=nMaxSuffix && size>Muliplier[i]; i++) ; + + --i; + + SendDlgItemMessage (hwndDlg, IdRadioBtn[i], BM_SETCHECK, BST_CHECKED, 0); + StringCbPrintfW(szTemp,sizeof(szTemp),L"%I64u",size/Muliplier[i]); + SetWindowText (GetDlgItem (hwndDlg, IDC_SIZEBOX), szTemp); +} + +uint64 GetSizeBoxMultiplier(HWND hwndDlg) +{ + const uint64 Muliplier[] = {BYTES_PER_KB, BYTES_PER_MB, BYTES_PER_GB, BYTES_PER_TB}; + const int IdRadioBtn[] = {IDC_KB, IDC_MB, IDC_GB, IDC_TB}; + const int nMaxSuffix = sizeof(Muliplier)/sizeof(uint64) - 1; + int i; + + for (i=nMaxSuffix; i>0 && !IsButtonChecked (GetDlgItem (hwndDlg, IdRadioBtn[i])); --i) ; + + return Muliplier[i]; +} + +BOOL CALLBACK ExpandVolSizeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + static EXPAND_VOL_THREAD_PARAMS *pVolExpandParam; + + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + wchar_t szTemp[4096]; + + pVolExpandParam = (EXPAND_VOL_THREAD_PARAMS*)lParam; + + EnableWindow (GetDlgItem (hwndDlg, IDC_SIZEBOX), !pVolExpandParam->bIsDevice); + EnableWindow (GetDlgItem (hwndDlg, IDC_KB), !pVolExpandParam->bIsDevice); + EnableWindow (GetDlgItem (hwndDlg, IDC_MB), !pVolExpandParam->bIsDevice); + EnableWindow (GetDlgItem (hwndDlg, IDC_GB), !pVolExpandParam->bIsDevice); + EnableWindow (GetDlgItem (hwndDlg, IDC_TB), !pVolExpandParam->bIsDevice); + + EnableWindow (GetDlgItem (hwndDlg, IDC_INIT_NEWSPACE), + !(pVolExpandParam->bIsLegacy && pVolExpandParam->bIsDevice)); + SendDlgItemMessage (hwndDlg, IDC_INIT_NEWSPACE, BM_SETCHECK, + pVolExpandParam->bInitFreeSpace ? BST_CHECKED : BST_UNCHECKED, 0); + + if (!pVolExpandParam->bIsDevice) + SetCurrentVolSize(hwndDlg,pVolExpandParam->oldSize); + + SendMessage (GetDlgItem (hwndDlg, IDC_BOX_HELP), WM_SETFONT, (WPARAM) hBoldFont, (LPARAM) TRUE); + + GetSpaceString(szTemp,sizeof(szTemp),pVolExpandParam->oldSize,pVolExpandParam->bIsDevice); + + SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_OLDSIZE), szTemp); + SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_NAME), pVolExpandParam->szVolumeName); + SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_FILE_SYSTEM), szFileSystemStr[pVolExpandParam->FileSystem]); + + if (pVolExpandParam->bIsDevice) + { + GetSpaceString(szTemp,sizeof(szTemp),pVolExpandParam->newSize,TRUE); + } + else + { + wchar_t szHostFreeStr[256]; + + SetWindowText (GetDlgItem (hwndDlg, IDT_NEW_SIZE), L""); + GetSpaceString(szHostFreeStr,sizeof(szHostFreeStr),pVolExpandParam->hostSizeFree,FALSE); + StringCbPrintfW (szTemp,sizeof(szTemp),L"%s available on host drive", szHostFreeStr); + } + + SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_NEWSIZE), szTemp); + + // set help text + if (pVolExpandParam->bIsDevice) + { + StringCbPrintfW (szTemp,sizeof(szTemp),L"This is a device-based VeraCrypt volume.\n\nThe new volume size will be choosen automatically as the size of the host device."); + if (pVolExpandParam->bIsLegacy) + StringCbCatW(szTemp,sizeof(szTemp),L" Note: filling the new space with random data is not supported for legacy volumes."); + } + else + { + StringCbPrintfW (szTemp, sizeof(szTemp),L"Please specify the new size of the VeraCrypt volume (must be at least %I64u KB larger than the current size).",TC_MINVAL_FS_EXPAND/1024); + } + SetWindowText (GetDlgItem (hwndDlg, IDC_BOX_HELP), szTemp); + + } + return 0; + + + case WM_COMMAND: + if (lw == IDCANCEL) + { + EndDialog (hwndDlg, lw); + return 1; + } + + if (lw == IDOK) + { + wchar_t szTemp[4096]; + + pVolExpandParam->bInitFreeSpace = IsButtonChecked (GetDlgItem (hwndDlg, IDC_INIT_NEWSPACE)); + if (!pVolExpandParam->bIsDevice) // for devices new size is set by calling function + { + GetWindowText (GetDlgItem (hwndDlg, IDC_SIZEBOX), szTemp, ARRAYSIZE (szTemp)); + pVolExpandParam->newSize = _wtoi64(szTemp) * GetSizeBoxMultiplier(hwndDlg); + } + + EndDialog (hwndDlg, lw); + return 1; + } + + return 0; + } + + return 0; +} + + +extern "C" void AddProgressDlgStatus(HWND hwndDlg, const wchar_t* szText) +{ + HWND hwndCtrl; + + hwndCtrl = GetDlgItem (hwndDlg,IDC_BOX_STATUS); + SendMessage(hwndCtrl,EM_REPLACESEL,FALSE,(LPARAM)szText); + SendMessage(hwndCtrl,EM_SCROLLCARET,0,0); +} + + +extern "C" void SetProgressDlgStatus(HWND hwndDlg, const wchar_t* szText) +{ + HWND hwndCtrl; + + hwndCtrl = GetDlgItem (hwndDlg,IDC_BOX_STATUS); + SendMessage(hwndCtrl,EM_SETSEL,0,-1); + SendMessage(hwndCtrl,EM_REPLACESEL,FALSE,(LPARAM)szText); + SendMessage(hwndCtrl,EM_SCROLLCARET,0,0); +} + + +BOOL CALLBACK ExpandVolProgressDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + static EXPAND_VOL_THREAD_PARAMS *pProgressDlgParam; + static BOOL bVolTransformStarted = FALSE; + static BOOL showRandPool = TRUE; + static unsigned char randPool[16]; + static unsigned char maskRandPool [16]; + static BOOL bUseMask = FALSE; + static DWORD mouseEntropyGathered = 0xFFFFFFFF; + static DWORD mouseEventsInitialCount = 0; + /* max value of entropy needed to fill all random pool = 8 * RNG_POOL_SIZE = 2560 bits */ + static const DWORD maxEntropyLevel = RNG_POOL_SIZE * 8; + static HWND hEntropyBar = NULL; + + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + wchar_t szOldHostSize[512], szNewHostSize[512]; + HCRYPTPROV hRngProv; + + pProgressDlgParam = (EXPAND_VOL_THREAD_PARAMS*)lParam; + bVolTransformStarted = FALSE; + showRandPool = FALSE; + + hCurPage = hwndDlg; + nPbar = IDC_PROGRESS_BAR; + + VirtualLock (randPool, sizeof(randPool)); + VirtualLock (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); + VirtualLock (maskRandPool, sizeof(maskRandPool)); + + mouseEntropyGathered = 0xFFFFFFFF; + mouseEventsInitialCount = 0; + bUseMask = FALSE; + if (CryptAcquireContext (&hRngProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) + { + if (CryptGenRandom (hRngProv, sizeof (maskRandPool), maskRandPool)) + bUseMask = TRUE; + CryptReleaseContext (hRngProv, 0); + } + + GetSpaceString(szOldHostSize,sizeof(szOldHostSize),pProgressDlgParam->oldSize,pProgressDlgParam->bIsDevice); + GetSpaceString(szNewHostSize,sizeof(szNewHostSize),pProgressDlgParam->newSize,pProgressDlgParam->bIsDevice); + + SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_OLDSIZE), szOldHostSize); + SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_NEWSIZE), szNewHostSize); + SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_NAME), pProgressDlgParam->szVolumeName); + SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_FILE_SYSTEM), szFileSystemStr[pProgressDlgParam->FileSystem]); + SetWindowText (GetDlgItem (hwndDlg, IDC_EXPAND_VOLUME_INITSPACE), pProgressDlgParam->bInitFreeSpace?L"Yes":L"No"); + + SendMessage (GetDlgItem (hwndDlg, IDC_BOX_STATUS), WM_SETFONT, (WPARAM) hBoldFont, (LPARAM) TRUE); + + SendMessage (GetDlgItem (hwndDlg, IDC_RANDOM_BYTES), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); + + // set status text + if ( !pProgressDlgParam->bInitFreeSpace && pProgressDlgParam->bIsLegacy ) + { + showRandPool = FALSE; + EnableWindow (GetDlgItem (hwndDlg, IDC_DISPLAY_POOL_CONTENTS), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_RANDOM_BYTES), FALSE); + SetDlgItemText(hwndDlg, IDC_BOX_STATUS, L"Click 'Continue' to expand the volume."); + } + else + { + SetDlgItemText(hwndDlg, IDC_BOX_STATUS, L"IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click 'Continue' to expand the volume."); + } + + SendMessage (GetDlgItem (hwndDlg, IDC_DISPLAY_POOL_CONTENTS), BM_SETCHECK, BST_UNCHECKED, 0); + hEntropyBar = GetDlgItem (hwndDlg, IDC_ENTROPY_BAR); + SendMessage (hEntropyBar, PBM_SETRANGE32, 0, maxEntropyLevel); + SendMessage (hEntropyBar, PBM_SETSTEP, 1, 0); + SetTimer (hwndDlg, TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL); + } + return 0; + case TC_APPMSG_VOL_TRANSFORM_THREAD_ENDED: + { + int nStatus = (int)lParam; + + NormalCursor (); + if (nStatus != 0) + { + if ( nStatus != ERR_USER_ABORT ) + AddProgressDlgStatus (hwndDlg, L"Error: volume expansion failed."); + else + AddProgressDlgStatus (hwndDlg, L"Error: operation aborted by user."); + } + else + { + AddProgressDlgStatus (hwndDlg, L"Finished. Volume successfully expanded."); + } + + SetWindowText (GetDlgItem (hwndDlg, IDOK), L"Exit"); + EnableWindow (GetDlgItem (hwndDlg, IDOK), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), FALSE); + } + return 1; + + case WM_TIMER: + + switch (wParam) + { + case TIMER_ID_RANDVIEW: + { + wchar_t szRndPool[64] = {0}; + DWORD mouseEventsCounter; + + RandpeekBytes (hwndDlg, randPool, sizeof (randPool),&mouseEventsCounter); + + ProcessEntropyEstimate (hEntropyBar, &mouseEventsInitialCount, mouseEventsCounter, maxEntropyLevel, &mouseEntropyGathered); + + if (showRandPool) + StringCbPrintfW (szRndPool, sizeof(szRndPool), L"%08X%08X%08X%08X", + *((DWORD*) (randPool + 12)), *((DWORD*) (randPool + 8)), *((DWORD*) (randPool + 4)), *((DWORD*) (randPool))); + else if (bUseMask) + { + for (int i = 0; i < 16; i++) + { + wchar_t tmp2[3]; + unsigned char tmpByte = randPool[i] ^ maskRandPool[i]; + tmp2[0] = (wchar_t) (((tmpByte >> 4) % 6) + L'*'); + tmp2[1] = (wchar_t) (((tmpByte & 0x0F) % 6) + L'*'); + tmp2[2] = 0; + StringCbCatW (szRndPool, sizeof(szRndPool), tmp2); + } + } + else + { + wmemset (szRndPool, L'*', 32); + } + + SetWindowText (GetDlgItem (hwndDlg, IDC_RANDOM_BYTES), szRndPool); + + burn (randPool, sizeof(randPool)); + burn (szRndPool, sizeof(szRndPool)); + } + return 1; + } + return 0; + + case WM_COMMAND: + if (lw == IDC_DISPLAY_POOL_CONTENTS) + { + showRandPool = IsButtonChecked (GetDlgItem (hwndDlg, IDC_DISPLAY_POOL_CONTENTS)); + return 1; + } + if (lw == IDCANCEL) + { + if (bVolTransformStarted) + { + if (MessageBoxW (hwndDlg, L"Warning: Volume expansion is in progress!\n\nStopping now may result in a damaged volume.\n\nDo you really want to cancel?", lpszTitle, YES_NO|MB_ICONQUESTION|MB_DEFBUTTON2) == IDNO) + return 1; + + // tell the volume transform thread to terminate + bVolTransformThreadCancel = TRUE; + } + EndDialog (hwndDlg, lw); + return 1; + } + + if (lw == IDOK) + { + if (bVolTransformStarted) + { + // TransformThreadFunction finished -> OK button is now exit + EndDialog (hwndDlg, lw); + } + else + { + showRandPool = FALSE; + KillTimer (hwndDlg, TIMER_ID_RANDVIEW); + EnableWindow (GetDlgItem (hwndDlg, IDC_DISPLAY_POOL_CONTENTS), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDOK), FALSE); + SetProgressDlgStatus (hwndDlg, L"Starting volume expansion ...\r\n"); + bVolTransformStarted = TRUE; + pProgressDlgParam->hwndDlg = hwndDlg; + if ( _beginthread (volTransformThreadFunction, 0, pProgressDlgParam) == -1L ) + { + handleError (hwndDlg, ERR_OS_ERROR, SRC_POS); + EndDialog (hwndDlg, lw); + } + WaitCursor(); + } + return 1; + } + + return 0; + + case WM_NCDESTROY: + burn (randPool, sizeof (randPool)); + burn (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); + burn (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); + burn (maskRandPool, sizeof(maskRandPool)); + return 0; + } + + return 0; +} + + +typedef struct +{ + OpenVolumeContext *context; + const wchar_t *volumePath; + Password *password; + int pkcs5_prf; + int pim; + BOOL truecryptMode; + BOOL write; + BOOL preserveTimestamps; + BOOL useBackupHeader; + int* nStatus; +} OpenVolumeThreadParam; + +void CALLBACK OpenVolumeWaitThreadProc(void* pArg, HWND hwndDlg) +{ + OpenVolumeThreadParam* pThreadParam = (OpenVolumeThreadParam*) pArg; + + *(pThreadParam)->nStatus = OpenVolume(pThreadParam->context, pThreadParam->volumePath, pThreadParam->password, pThreadParam->pkcs5_prf, + pThreadParam->pim, pThreadParam->truecryptMode, pThreadParam->write, pThreadParam->preserveTimestamps, pThreadParam->useBackupHeader); +} + +/* + ExpandVolumeWizard + + Expands a trucrypt volume (wizard for user interface) + + Parameters: + + hwndDlg : HWND + [in] handle to parent window (if any) + + szVolume : char * + [in] Pointer to a string with the volume name (e.g. '\Device\Harddisk0\Partition1' or 'C:\topsecret.tc') + + Return value: + + none + +*/ +void ExpandVolumeWizard (HWND hwndDlg, wchar_t *lpszVolume) +{ + int nStatus = ERR_OS_ERROR; + wchar_t szTmp[4096]; + Password VolumePassword; + int VolumePkcs5 = 0, VolumePim = -1; + uint64 hostSize, volSize, hostSizeFree, maxSizeFS; + BOOL bIsDevice, bIsLegacy; + DWORD dwError; + int driveNo; + enum EV_FileSystem volFSType; + wchar_t rootPath[] = L"A:\\"; + + switch (IsSystemDevicePath (lpszVolume, hwndDlg, TRUE)) + { + case 1: + case 2: + MessageBoxW (hwndDlg, L"A VeraCrypt system volume can't be expanded.", lpszTitle, MB_OK|MB_ICONEXCLAMATION); + goto ret; + } + + EnableElevatedCursorChange (hwndDlg); + WaitCursor(); + + if (IsMountedVolume (lpszVolume)) + { + Warning ("DISMOUNT_FIRST", hwndDlg); + goto ret; + } + + if (Randinit() != ERR_SUCCESS) { + if (CryptoAPILastError == ERROR_SUCCESS) + nStatus = ERR_RAND_INIT_FAILED; + else + nStatus = ERR_CAPI_INIT_FAILED; + goto error; + } + + NormalCursor(); + + // Ask the user if there is a hidden volume + char *volTypeChoices[] = {0, "DOES_VOLUME_CONTAIN_HIDDEN", "VOLUME_CONTAINS_HIDDEN", "VOLUME_DOES_NOT_CONTAIN_HIDDEN", "IDCANCEL", 0}; + switch (AskMultiChoice ((void **) volTypeChoices, FALSE, hwndDlg)) + { + case 1: + MessageBoxW (hwndDlg, L"An outer volume containing a hidden volume can't be expanded, because this destroys the hidden volume.", lpszTitle, MB_OK|MB_ICONEXCLAMATION); + goto ret; + + case 2: + break; + + default: + nStatus = ERR_SUCCESS; + goto ret; + } + + WaitCursor(); + + nStatus = QueryVolumeInfo(hwndDlg,lpszVolume,&hostSizeFree,&maxSizeFS); + + if (nStatus!=ERR_SUCCESS) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + NormalCursor(); + + while (TRUE) + { + OpenVolumeContext expandVol; + BOOL truecryptMode = FALSE; + + if (!VeraCryptExpander::ExtcvAskVolumePassword (hwndDlg, lpszVolume, &VolumePassword, &VolumePkcs5, &VolumePim, &truecryptMode, "ENTER_NORMAL_VOL_PASSWORD", FALSE)) + { + goto ret; + } + + EnableElevatedCursorChange (hwndDlg); + WaitCursor(); + + if (KeyFilesEnable && FirstKeyFile) + KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, lpszVolume); + + WaitCursor (); + + OpenVolumeThreadParam threadParam; + threadParam.context = &expandVol; + threadParam.volumePath = lpszVolume; + threadParam.password = &VolumePassword; + threadParam.pkcs5_prf = VolumePkcs5; + threadParam.pim = VolumePim; + threadParam.truecryptMode = FALSE; + threadParam.write = FALSE; + threadParam.preserveTimestamps = bPreserveTimestamp; + threadParam.useBackupHeader = FALSE; + threadParam.nStatus = &nStatus; + + ShowWaitDialog (hwndDlg, TRUE, OpenVolumeWaitThreadProc, &threadParam); + + NormalCursor (); + + dwError = GetLastError(); + + if (nStatus == ERR_SUCCESS) + { + bIsDevice = expandVol.IsDevice; + bIsLegacy = expandVol.CryptoInfo->LegacyVolume; + hostSize = expandVol.HostSize; + VolumePkcs5 = expandVol.CryptoInfo->pkcs5; + if ( bIsLegacy ) + { + if ( bIsDevice ) + volSize = 0; // updated later + else + volSize = hostSize; + } + else + { + volSize = GetVolumeSizeByDataAreaSize (expandVol.CryptoInfo->VolumeSize.Value, bIsLegacy); + } + CloseVolume (&expandVol); + break; + } + else if (nStatus != ERR_PASSWORD_WRONG) + { + SetLastError (dwError); + goto error; + } + + NormalCursor(); + + handleError (hwndDlg, nStatus, SRC_POS); + } + + WaitCursor(); + + // auto mount the volume to check the file system type + nStatus=MountVolTemp(hwndDlg, lpszVolume, &driveNo, &VolumePassword, VolumePkcs5, VolumePim); + + if (nStatus != ERR_SUCCESS) + goto error; + + rootPath[0] += driveNo; + + if ( !GetFileSystemType(rootPath,&volFSType) ) + volFSType = EV_FS_TYPE_RAW; + + if ( bIsLegacy && bIsDevice && volFSType == EV_FS_TYPE_NTFS ) + { + uint64 NumberOfSectors; + DWORD BytesPerSector; + + if ( !GetNtfsNumberOfSectors(rootPath, &NumberOfSectors, &BytesPerSector) ) + nStatus = ERR_OS_ERROR; + + // NTFS reported size does not include boot sector copy at volume end + volSize = ( NumberOfSectors + 1 ) * BytesPerSector; + } + + UnmountVolume (hwndDlg, driveNo, TRUE); + + NormalCursor(); + + if (nStatus != ERR_SUCCESS) + goto error; + + if ( bIsDevice && bIsLegacy && volFSType != EV_FS_TYPE_NTFS ) + { + MessageBoxW (hwndDlg, + L"Expanding a device hosted legacy volume with no NTFS file system\n" + L"is unsupported.\n" + L"Note that expanding the VeraCrypt volume itself is not neccessary\n" + L"for legacy volumes.\n", + lpszTitle, MB_OK|MB_ICONEXCLAMATION); + goto ret; + } + + // check if there is enough free space on host device/drive to expand the volume + if ( (bIsDevice && hostSize < volSize + TC_MINVAL_FS_EXPAND) || (!bIsDevice && hostSizeFree < TC_MINVAL_FS_EXPAND) ) + { + MessageBoxW (hwndDlg, L"Not enough free space to expand the volume", lpszTitle, MB_OK|MB_ICONEXCLAMATION); + goto ret; + } + + if (!bIsDevice && hostSize != volSize ) { + // there is some junk data at the end of the volume + if (MessageBoxW (hwndDlg, L"Warning: The container file is larger than the VeraCrypt volume area. The data after the VeraCrypt volume area will be overwritten.\n\nDo you want to continue?", lpszTitle, YES_NO|MB_ICONQUESTION|MB_DEFBUTTON2) == IDNO) + goto ret; + } + + switch (volFSType) + { + case EV_FS_TYPE_NTFS: + break; + case EV_FS_TYPE_FAT: + if (MessageBoxW (hwndDlg,L"Warning: The VeraCrypt volume contains a FAT file system!\n\nOnly the VeraCrypt volume itself will be expanded, but not the file system.\n\nDo you want to continue?", + lpszTitle, YES_NO|MB_ICONQUESTION|MB_DEFBUTTON2) == IDNO) + goto ret; + break; + case EV_FS_TYPE_EXFAT: + if (MessageBoxW (hwndDlg,L"Warning: The VeraCrypt volume contains an exFAT file system!\n\nOnly the VeraCrypt volume itself will be expanded, but not the file system.\n\nDo you want to continue?", + lpszTitle, YES_NO|MB_ICONQUESTION|MB_DEFBUTTON2) == IDNO) + goto ret; + break; + default: + if (MessageBoxW (hwndDlg,L"Warning: The VeraCrypt volume contains an unknown or no file system!\n\nOnly the VeraCrypt volume itself will be expanded, the file system remains unchanged.\n\nDo you want to continue?", + lpszTitle, YES_NO|MB_ICONQUESTION|MB_DEFBUTTON2) == IDNO) + goto ret; + } + + EXPAND_VOL_THREAD_PARAMS VolExpandParam; + + VolExpandParam.bInitFreeSpace = (bIsLegacy && bIsDevice) ? FALSE:TRUE; + VolExpandParam.szVolumeName = lpszVolume; + VolExpandParam.FileSystem = volFSType; + VolExpandParam.pVolumePassword = &VolumePassword; + VolExpandParam.VolumePkcs5 = VolumePkcs5; + VolExpandParam.VolumePim = VolumePim; + VolExpandParam.bIsDevice = bIsDevice; + VolExpandParam.bIsLegacy = bIsLegacy; + VolExpandParam.oldSize = bIsDevice ? volSize : hostSize; + VolExpandParam.newSize = hostSize; + VolExpandParam.hostSizeFree = hostSizeFree; + + while (1) + { + uint64 newVolumeSize; + + if (IDCANCEL == DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_SIZE_DIALOG), hwndDlg, + (DLGPROC) ExpandVolSizeDlgProc, (LPARAM) &VolExpandParam)) + { + goto ret; + } + + newVolumeSize = VolExpandParam.newSize; + + if ( !bIsDevice ) + { + if ( newVolumeSize < hostSize + TC_MINVAL_FS_EXPAND) + { + StringCbPrintfW(szTmp,sizeof(szTmp),L"New volume size too small, must be at least %I64u kB larger than the current size.",TC_MINVAL_FS_EXPAND/BYTES_PER_KB); + MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_OK | MB_ICONEXCLAMATION ); + continue; + } + + if ( newVolumeSize - hostSize > hostSizeFree ) + { + StringCbPrintfW(szTmp,sizeof(szTmp),L"New volume size too large, not enough space on host drive."); + MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_OK | MB_ICONEXCLAMATION ); + continue; + } + + if ( newVolumeSize>maxSizeFS ) + { + StringCbPrintfW(szTmp,sizeof(szTmp),L"Maximum file size of %I64u MB on host drive exceeded.",maxSizeFS/BYTES_PER_MB); + MessageBoxW (hwndDlg, L"!\n",lpszTitle, MB_OK | MB_ICONEXCLAMATION ); + continue; + } + } + + if ( newVolumeSize > TC_MAX_VOLUME_SIZE ) + { + // note: current limit TC_MAX_VOLUME_SIZE is 1 PetaByte + StringCbPrintfW(szTmp,sizeof(szTmp),L"Maximum VeraCrypt volume size of %I64u TB exceeded!\n",TC_MAX_VOLUME_SIZE/BYTES_PER_TB); + MessageBoxW (hwndDlg, szTmp,lpszTitle, MB_OK | MB_ICONEXCLAMATION ); + if (bIsDevice) + break; // TODO: ask to limit volume size to TC_MAX_VOLUME_SIZE + continue; + } + + break; + } + + VolExpandParam.oldSize = volSize; + + // start progress dialog + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_EXPAND_PROGRESS_DLG), hwndDlg, + (DLGPROC) ExpandVolProgressDlgProc, (LPARAM) &VolExpandParam ); + +ret: + nStatus = ERR_SUCCESS; + +error: + + if (nStatus != 0) + handleError (hwndDlg, nStatus, SRC_POS); + + burn (&VolumePassword, sizeof (VolumePassword)); + + RestoreDefaultKeyFilesParam(); + RandStop (FALSE); + NormalCursor(); + + return; +} + diff --git a/src/ExpandVolume/ExpandVolume.c b/src/ExpandVolume/ExpandVolume.c index 0206efbc..9deb3af4 100644 --- a/src/ExpandVolume/ExpandVolume.c +++ b/src/ExpandVolume/ExpandVolume.c @@ -1,17 +1,17 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' and also from the source code of extcv, which is Copyright (c) 2009-2010 Kih-Oskh - or Copyright (c) 2012-2013 Josef Schneider - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source + or Copyright (c) 2012-2013 Josef Schneider + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source code distribution packages. */ #include "Tcdefs.h" @@ -38,8 +38,8 @@ #include "ExpandVolume.h" #include "Resource.h" -#ifndef SRC_POS -#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) +#ifndef SRC_POS +#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) #endif #define DEBUG_EXPAND_VOLUME @@ -595,9 +595,9 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas if (Randinit ()) { - if (CryptoAPILastError == ERROR_SUCCESS) - nStatus = ERR_RAND_INIT_FAILED; - else + if (CryptoAPILastError == ERROR_SUCCESS) + nStatus = ERR_RAND_INIT_FAILED; + else nStatus = ERR_CAPI_INIT_FAILED; goto error; } @@ -868,9 +868,9 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas LARGE_INTEGER offset; WipeAlgorithmId wipeAlgorithm = TC_WIPE_35_GUTMANN; - if ( !RandgetBytes (hwndDlg, wipeRandChars, TC_WIPE_RAND_CHAR_COUNT, TRUE) - || !RandgetBytes (hwndDlg, wipeRandCharsUpdate, TC_WIPE_RAND_CHAR_COUNT, TRUE) - ) + if ( !RandgetBytes (hwndDlg, wipeRandChars, TC_WIPE_RAND_CHAR_COUNT, TRUE) + || !RandgetBytes (hwndDlg, wipeRandCharsUpdate, TC_WIPE_RAND_CHAR_COUNT, TRUE) + ) { nStatus = ERR_OS_ERROR; goto error; diff --git a/src/ExpandVolume/ExpandVolume.rc b/src/ExpandVolume/ExpandVolume.rc index 897b75b1..31f71d95 100644 --- a/src/ExpandVolume/ExpandVolume.rc +++ b/src/ExpandVolume/ExpandVolume.rc @@ -1,298 +1,298 @@ -// Microsoft Visual C++ generated resource script. -// -#include "resource.h" - -#define APSTUDIO_READONLY_SYMBOLS -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 2 resource. -// -#include "afxres.h" -#include "..\\common\\resource.h" - -///////////////////////////////////////////////////////////////////////////// -#undef APSTUDIO_READONLY_SYMBOLS - -///////////////////////////////////////////////////////////////////////////// -// English (U.S.) resources - -#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU) -#ifdef _WIN32 -LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US -#pragma code_page(1252) -#endif //_WIN32 - -///////////////////////////////////////////////////////////////////////////// -// -// Dialog -// - -IDD_SIZE_DIALOG DIALOGEX 0, 0, 376, 271 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt Expander" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - EDITTEXT IDC_SIZEBOX,30,102,109,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER - CONTROL "&KB",IDC_KB,"Button",BS_AUTORADIOBUTTON | WS_GROUP | WS_TABSTOP,169,105,38,10 - CONTROL "&MB",IDC_MB,"Button",BS_AUTORADIOBUTTON,209,105,38,10 - CONTROL "&GB",IDC_GB,"Button",BS_AUTORADIOBUTTON,248,105,38,10 - CONTROL "&TB",IDC_TB,"Button",BS_AUTORADIOBUTTON,288,105,38,10 - CONTROL "Fill new space with random data",IDC_INIT_NEWSPACE, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,30,127,118,10 - DEFPUSHBUTTON "Continue",IDOK,15,238,84,18 - PUSHBUTTON "Cancel",IDCANCEL,277,238,84,18 - LTEXT "Help Text",IDC_BOX_HELP,15,165,346,58,0,WS_EX_CLIENTEDGE - GROUPBOX "Enter new volume size",IDC_STATIC,15,83,346,63 - RTEXT "Current size: ",IDT_CURRENT_SIZE,27,42,46,8 - CONTROL "",IDC_EXPAND_VOLUME_OLDSIZE,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,80,42,275,8,WS_EX_TRANSPARENT - RTEXT "New size: ",IDT_NEW_SIZE,28,54,45,8 - LTEXT "",IDC_EXPAND_VOLUME_NEWSIZE,80,54,275,8,0,WS_EX_TRANSPARENT - RTEXT "Volume: ",IDT_VOL_NAME,31,18,42,8 - GROUPBOX "",IDC_STATIC,15,9,346,59 - CONTROL "",IDC_EXPAND_VOLUME_NAME,"Static",SS_SIMPLE | WS_GROUP,80,18,275,8,WS_EX_TRANSPARENT - RTEXT "File system: ",IDT_FILE_SYS,31,30,42,8 - CONTROL "",IDC_EXPAND_FILE_SYSTEM,"Static",SS_SIMPLE | WS_GROUP,80,30,275,8,WS_EX_TRANSPARENT -END - -IDD_MOUNT_DLG DIALOGEX 0, 0, 376, 271 -STYLE DS_SETFONT | DS_SETFOREGROUND | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt Expander" -MENU IDR_MENU -CLASS "VeraCryptCustomDlg" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - COMBOBOX IDC_VOLUME,56,192,212,74,CBS_DROPDOWN | CBS_AUTOHSCROLL | WS_VSCROLL | WS_TABSTOP - PUSHBUTTON "Select &File...",IDC_SELECT_FILE,276,192,84,14 - PUSHBUTTON "Select D&evice...",IDC_SELECT_DEVICE,276,211,84,14 - DEFPUSHBUTTON "Mount",IDOK,8,243,84,18,WS_GROUP - PUSHBUTTON "E&xit",IDC_EXIT,284,243,84,18,WS_GROUP - CONTROL 112,IDC_LOGO,"Static",SS_BITMAP | SS_NOTIFY | WS_BORDER,16,192,27,31 - GROUPBOX "Volume",IDT_VOLUME,8,179,360,53 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,1,0,373,147 - GROUPBOX "",IDC_STATIC,282,238,88,24 - GROUPBOX "",IDC_STATIC,6,238,88,24 - GROUPBOX "",IDC_STATIC,1,147,373,123,BS_CENTER - LTEXT "1. Select the VeraCrypt volume to be expanded\n2. Click the 'Mount' button",IDC_STATIC,15,156,293,21 - LTEXT "Static",IDC_INFOEXPAND,8,6,361,134,SS_NOPREFIX | SS_SUNKEN,WS_EX_STATICEDGE -END - -IDD_PASSWORD_DLG DIALOGEX 0, 0, 322, 107 -STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_VISIBLE | WS_CAPTION -CAPTION "Enter VeraCrypt Volume Password" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - EDITTEXT IDC_PASSWORD,69,8,166,14,ES_PASSWORD | ES_AUTOHSCROLL - COMBOBOX IDC_PKCS5_PRF_ID,69,26,86,90,CBS_DROPDOWNLIST | WS_TABSTOP - CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,159,28,76,10 - EDITTEXT IDC_PIM,69,43,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE - CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,49,97,10 - CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,62,153,10 - CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,75,83,10 - CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,88,83,11 - PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,171,86,64,14 - PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,243,86,64,14 - DEFPUSHBUTTON "OK",IDOK,243,8,64,14 - PUSHBUTTON "Cancel",IDCANCEL,243,25,64,14 - RTEXT "Password:",IDT_PASSWORD,0,10,65,13 - RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,27,65,13 - RTEXT "Volume PIM:",IDT_PIM,0,46,65,13,NOT WS_VISIBLE - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,115,46,189,8,NOT WS_VISIBLE -END - -IDD_EXPAND_PROGRESS_DLG DIALOGEX 0, 0, 376, 283 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt Expander" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - RTEXT "Current size: ",IDT_CURRENT_SIZE,27,40,46,8 - CONTROL "",IDC_EXPAND_VOLUME_OLDSIZE,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,80,40,275,8,WS_EX_TRANSPARENT - RTEXT "New size: ",IDT_NEW_SIZE,28,52,45,8 - LTEXT "",IDC_EXPAND_VOLUME_NEWSIZE,80,52,275,8,0,WS_EX_TRANSPARENT - CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,22,96,332,12 - RTEXT "",IDC_TIMEREMAIN,275,114,42,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE - RTEXT "",IDC_WRITESPEED,178,114,42,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE - LTEXT "",IDC_BYTESWRITTEN,77,114,39,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE - RTEXT "Done",IDT_DONE,53,115,22,8 - RTEXT "Speed",IDT_SPEED,142,115,34,8 - RTEXT "Left",IDT_LEFT,248,115,25,8 - GROUPBOX "",IDC_STATIC,15,84,346,49 - RTEXT "Volume: ",IDT_VOL_NAME,31,16,42,8 - GROUPBOX "",IDC_STATIC,15,7,346,72 - CONTROL "",IDC_EXPAND_VOLUME_NAME,"Static",SS_SIMPLE | WS_GROUP,80,16,275,8,WS_EX_TRANSPARENT - DEFPUSHBUTTON "Continue",IDOK,15,247,84,18 - PUSHBUTTON "Cancel",IDCANCEL,277,247,84,18 - EDITTEXT IDC_BOX_STATUS,15,176,346,66,ES_MULTILINE | ES_AUTOVSCROLL | ES_READONLY | ES_WANTRETURN | WS_VSCROLL - CONTROL "",IDC_EXPAND_VOLUME_INITSPACE,"Static",SS_SIMPLE | WS_GROUP,80,64,275,8,WS_EX_TRANSPARENT - RTEXT "Fill new space: ",IDT_INIT_SPACE,20,64,53,8 - RTEXT "File system: ",IDT_FILE_SYS,31,28,42,8 - CONTROL "",IDC_EXPAND_FILE_SYSTEM,"Static",SS_SIMPLE | WS_GROUP,80,28,275,8,WS_EX_TRANSPARENT - RTEXT "Random Pool: ",IDT_RANDOM_POOL2,20,144,53,8 - CONTROL "",IDC_RANDOM_BYTES,"Static",SS_SIMPLE | WS_GROUP,80,144,149,8,WS_EX_TRANSPARENT - CONTROL "Display pool content",IDC_DISPLAY_POOL_CONTENTS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,236,142,125,12 - GROUPBOX "Randomness Collected From Mouse Movements",IDT_ENTROPY_BAR,20,156,214,18 - CONTROL "",IDC_ENTROPY_BAR,"msctls_progress32",WS_BORDER,31,165,193,6 -END - - -///////////////////////////////////////////////////////////////////////////// -// -// DESIGNINFO -// - -#ifdef APSTUDIO_INVOKED -GUIDELINES DESIGNINFO -BEGIN - IDD_SIZE_DIALOG, DIALOG - BEGIN - LEFTMARGIN, 15 - RIGHTMARGIN, 361 - VERTGUIDE, 30 - TOPMARGIN, 14 - BOTTOMMARGIN, 256 - END - - IDD_MOUNT_DLG, DIALOG - BEGIN - RIGHTMARGIN, 369 - VERTGUIDE, 8 - BOTTOMMARGIN, 269 - END - - IDD_PASSWORD_DLG, DIALOG - BEGIN - BOTTOMMARGIN, 102 - END - - IDD_EXPAND_PROGRESS_DLG, DIALOG - BEGIN - RIGHTMARGIN, 361 - VERTGUIDE, 15 - VERTGUIDE, 73 - VERTGUIDE, 80 - VERTGUIDE, 355 - TOPMARGIN, 9 - BOTTOMMARGIN, 268 - HORZGUIDE, 176 - END -END -#endif // APSTUDIO_INVOKED - - -///////////////////////////////////////////////////////////////////////////// -// -// HEADER -// - -IDR_MOUNT_RSRC_HEADER HEADER "resource.h" - -///////////////////////////////////////////////////////////////////////////// -// -// Version -// - -VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,17,22,0 - PRODUCTVERSION 1,17,22,0 - FILEFLAGSMASK 0x17L -#ifdef _DEBUG - FILEFLAGS 0x1L -#else - FILEFLAGS 0x0L -#endif - FILEOS 0x4L - FILETYPE 0x1L - FILESUBTYPE 0x0L -BEGIN - BLOCK "StringFileInfo" - BEGIN - BLOCK "040904b0" - BEGIN - VALUE "CompanyName", "IDRIX" - VALUE "FileDescription", "VeraCrypt Expander" - VALUE "FileVersion", "1.17" - VALUE "LegalTrademarks", "VeraCrypt" - VALUE "OriginalFilename", "VeraCryptExpander.exe" - VALUE "ProductName", "VeraCrypt" - VALUE "ProductVersion", "1.17" - END - END - BLOCK "VarFileInfo" - BEGIN - VALUE "Translation", 0x409, 1200 - END -END - - -#ifdef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// TEXTINCLUDE -// - -1 TEXTINCLUDE -BEGIN - "resource.h\0" -END - -2 TEXTINCLUDE -BEGIN - "#include ""afxres.h""\r\n" - "#include ""..\\\\common\\\\resource.h""\r\n" - "\0" -END - -3 TEXTINCLUDE -BEGIN - "#include ""..\\\\common\\\\common.rc""\r\n" - "\0" -END - -#endif // APSTUDIO_INVOKED - - -///////////////////////////////////////////////////////////////////////////// -// -// Bitmap -// - -IDB_LOGO_96DPI BITMAP "Logo_96dpi.bmp" -IDB_LOGO_288DPI BITMAP "Logo_288dpi.bmp" - -///////////////////////////////////////////////////////////////////////////// -// -// Menu -// - -IDR_MENU MENUEX -BEGIN - MENUITEM "About", IDM_ABOUT,MFT_STRING,MFS_ENABLED - MENUITEM "Homepage", IDM_HOMEPAGE,MFT_STRING | MFT_RIGHTJUSTIFY,MFS_ENABLED -END - - -///////////////////////////////////////////////////////////////////////////// -// -// String Table -// - -STRINGTABLE -BEGIN - IDS_UACSTRING "VeraCrypt Expander" -END - -#endif // English (U.S.) resources -///////////////////////////////////////////////////////////////////////////// - - - -#ifndef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 3 resource. -// -#include "..\\common\\common.rc" - -///////////////////////////////////////////////////////////////////////////// -#endif // not APSTUDIO_INVOKED - +// Microsoft Visual C++ generated resource script. +// +#include "resource.h" + +#define APSTUDIO_READONLY_SYMBOLS +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 2 resource. +// +#include "afxres.h" +#include "..\\common\\resource.h" + +///////////////////////////////////////////////////////////////////////////// +#undef APSTUDIO_READONLY_SYMBOLS + +///////////////////////////////////////////////////////////////////////////// +// English (U.S.) resources + +#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU) +#ifdef _WIN32 +LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US +#pragma code_page(1252) +#endif //_WIN32 + +///////////////////////////////////////////////////////////////////////////// +// +// Dialog +// + +IDD_SIZE_DIALOG DIALOGEX 0, 0, 376, 271 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt Expander" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + EDITTEXT IDC_SIZEBOX,30,102,109,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER + CONTROL "&KB",IDC_KB,"Button",BS_AUTORADIOBUTTON | WS_GROUP | WS_TABSTOP,169,105,38,10 + CONTROL "&MB",IDC_MB,"Button",BS_AUTORADIOBUTTON,209,105,38,10 + CONTROL "&GB",IDC_GB,"Button",BS_AUTORADIOBUTTON,248,105,38,10 + CONTROL "&TB",IDC_TB,"Button",BS_AUTORADIOBUTTON,288,105,38,10 + CONTROL "Fill new space with random data",IDC_INIT_NEWSPACE, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,30,127,118,10 + DEFPUSHBUTTON "Continue",IDOK,15,238,84,18 + PUSHBUTTON "Cancel",IDCANCEL,277,238,84,18 + LTEXT "Help Text",IDC_BOX_HELP,15,165,346,58,0,WS_EX_CLIENTEDGE + GROUPBOX "Enter new volume size",IDC_STATIC,15,83,346,63 + RTEXT "Current size: ",IDT_CURRENT_SIZE,27,42,46,8 + CONTROL "",IDC_EXPAND_VOLUME_OLDSIZE,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,80,42,275,8,WS_EX_TRANSPARENT + RTEXT "New size: ",IDT_NEW_SIZE,28,54,45,8 + LTEXT "",IDC_EXPAND_VOLUME_NEWSIZE,80,54,275,8,0,WS_EX_TRANSPARENT + RTEXT "Volume: ",IDT_VOL_NAME,31,18,42,8 + GROUPBOX "",IDC_STATIC,15,9,346,59 + CONTROL "",IDC_EXPAND_VOLUME_NAME,"Static",SS_SIMPLE | WS_GROUP,80,18,275,8,WS_EX_TRANSPARENT + RTEXT "File system: ",IDT_FILE_SYS,31,30,42,8 + CONTROL "",IDC_EXPAND_FILE_SYSTEM,"Static",SS_SIMPLE | WS_GROUP,80,30,275,8,WS_EX_TRANSPARENT +END + +IDD_MOUNT_DLG DIALOGEX 0, 0, 376, 271 +STYLE DS_SETFONT | DS_SETFOREGROUND | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt Expander" +MENU IDR_MENU +CLASS "VeraCryptCustomDlg" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + COMBOBOX IDC_VOLUME,56,192,212,74,CBS_DROPDOWN | CBS_AUTOHSCROLL | WS_VSCROLL | WS_TABSTOP + PUSHBUTTON "Select &File...",IDC_SELECT_FILE,276,192,84,14 + PUSHBUTTON "Select D&evice...",IDC_SELECT_DEVICE,276,211,84,14 + DEFPUSHBUTTON "Mount",IDOK,8,243,84,18,WS_GROUP + PUSHBUTTON "E&xit",IDC_EXIT,284,243,84,18,WS_GROUP + CONTROL 112,IDC_LOGO,"Static",SS_BITMAP | SS_NOTIFY | WS_BORDER,16,192,27,31 + GROUPBOX "Volume",IDT_VOLUME,8,179,360,53 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,1,0,373,147 + GROUPBOX "",IDC_STATIC,282,238,88,24 + GROUPBOX "",IDC_STATIC,6,238,88,24 + GROUPBOX "",IDC_STATIC,1,147,373,123,BS_CENTER + LTEXT "1. Select the VeraCrypt volume to be expanded\n2. Click the 'Mount' button",IDC_STATIC,15,156,293,21 + LTEXT "Static",IDC_INFOEXPAND,8,6,361,134,SS_NOPREFIX | SS_SUNKEN,WS_EX_STATICEDGE +END + +IDD_PASSWORD_DLG DIALOGEX 0, 0, 322, 107 +STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_VISIBLE | WS_CAPTION +CAPTION "Enter VeraCrypt Volume Password" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + EDITTEXT IDC_PASSWORD,69,8,166,14,ES_PASSWORD | ES_AUTOHSCROLL + COMBOBOX IDC_PKCS5_PRF_ID,69,26,86,90,CBS_DROPDOWNLIST | WS_TABSTOP + CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,159,28,76,10 + EDITTEXT IDC_PIM,69,43,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE + CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,49,97,10 + CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,62,153,10 + CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,75,83,10 + CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,88,83,11 + PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,171,86,64,14 + PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,243,86,64,14 + DEFPUSHBUTTON "OK",IDOK,243,8,64,14 + PUSHBUTTON "Cancel",IDCANCEL,243,25,64,14 + RTEXT "Password:",IDT_PASSWORD,0,10,65,13 + RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,27,65,13 + RTEXT "Volume PIM:",IDT_PIM,0,46,65,13,NOT WS_VISIBLE + LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,115,46,189,8,NOT WS_VISIBLE +END + +IDD_EXPAND_PROGRESS_DLG DIALOGEX 0, 0, 376, 283 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt Expander" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + RTEXT "Current size: ",IDT_CURRENT_SIZE,27,40,46,8 + CONTROL "",IDC_EXPAND_VOLUME_OLDSIZE,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,80,40,275,8,WS_EX_TRANSPARENT + RTEXT "New size: ",IDT_NEW_SIZE,28,52,45,8 + LTEXT "",IDC_EXPAND_VOLUME_NEWSIZE,80,52,275,8,0,WS_EX_TRANSPARENT + CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,22,96,332,12 + RTEXT "",IDC_TIMEREMAIN,275,114,42,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE + RTEXT "",IDC_WRITESPEED,178,114,42,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE + LTEXT "",IDC_BYTESWRITTEN,77,114,39,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE + RTEXT "Done",IDT_DONE,53,115,22,8 + RTEXT "Speed",IDT_SPEED,142,115,34,8 + RTEXT "Left",IDT_LEFT,248,115,25,8 + GROUPBOX "",IDC_STATIC,15,84,346,49 + RTEXT "Volume: ",IDT_VOL_NAME,31,16,42,8 + GROUPBOX "",IDC_STATIC,15,7,346,72 + CONTROL "",IDC_EXPAND_VOLUME_NAME,"Static",SS_SIMPLE | WS_GROUP,80,16,275,8,WS_EX_TRANSPARENT + DEFPUSHBUTTON "Continue",IDOK,15,247,84,18 + PUSHBUTTON "Cancel",IDCANCEL,277,247,84,18 + EDITTEXT IDC_BOX_STATUS,15,176,346,66,ES_MULTILINE | ES_AUTOVSCROLL | ES_READONLY | ES_WANTRETURN | WS_VSCROLL + CONTROL "",IDC_EXPAND_VOLUME_INITSPACE,"Static",SS_SIMPLE | WS_GROUP,80,64,275,8,WS_EX_TRANSPARENT + RTEXT "Fill new space: ",IDT_INIT_SPACE,20,64,53,8 + RTEXT "File system: ",IDT_FILE_SYS,31,28,42,8 + CONTROL "",IDC_EXPAND_FILE_SYSTEM,"Static",SS_SIMPLE | WS_GROUP,80,28,275,8,WS_EX_TRANSPARENT + RTEXT "Random Pool: ",IDT_RANDOM_POOL2,20,144,53,8 + CONTROL "",IDC_RANDOM_BYTES,"Static",SS_SIMPLE | WS_GROUP,80,144,149,8,WS_EX_TRANSPARENT + CONTROL "Display pool content",IDC_DISPLAY_POOL_CONTENTS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,236,142,125,12 + GROUPBOX "Randomness Collected From Mouse Movements",IDT_ENTROPY_BAR,20,156,214,18 + CONTROL "",IDC_ENTROPY_BAR,"msctls_progress32",WS_BORDER,31,165,193,6 +END + + +///////////////////////////////////////////////////////////////////////////// +// +// DESIGNINFO +// + +#ifdef APSTUDIO_INVOKED +GUIDELINES DESIGNINFO +BEGIN + IDD_SIZE_DIALOG, DIALOG + BEGIN + LEFTMARGIN, 15 + RIGHTMARGIN, 361 + VERTGUIDE, 30 + TOPMARGIN, 14 + BOTTOMMARGIN, 256 + END + + IDD_MOUNT_DLG, DIALOG + BEGIN + RIGHTMARGIN, 369 + VERTGUIDE, 8 + BOTTOMMARGIN, 269 + END + + IDD_PASSWORD_DLG, DIALOG + BEGIN + BOTTOMMARGIN, 102 + END + + IDD_EXPAND_PROGRESS_DLG, DIALOG + BEGIN + RIGHTMARGIN, 361 + VERTGUIDE, 15 + VERTGUIDE, 73 + VERTGUIDE, 80 + VERTGUIDE, 355 + TOPMARGIN, 9 + BOTTOMMARGIN, 268 + HORZGUIDE, 176 + END +END +#endif // APSTUDIO_INVOKED + + +///////////////////////////////////////////////////////////////////////////// +// +// HEADER +// + +IDR_MOUNT_RSRC_HEADER HEADER "resource.h" + +///////////////////////////////////////////////////////////////////////////// +// +// Version +// + +VS_VERSION_INFO VERSIONINFO + FILEVERSION 1,17,22,0 + PRODUCTVERSION 1,17,22,0 + FILEFLAGSMASK 0x17L +#ifdef _DEBUG + FILEFLAGS 0x1L +#else + FILEFLAGS 0x0L +#endif + FILEOS 0x4L + FILETYPE 0x1L + FILESUBTYPE 0x0L +BEGIN + BLOCK "StringFileInfo" + BEGIN + BLOCK "040904b0" + BEGIN + VALUE "CompanyName", "IDRIX" + VALUE "FileDescription", "VeraCrypt Expander" + VALUE "FileVersion", "1.17" + VALUE "LegalTrademarks", "VeraCrypt" + VALUE "OriginalFilename", "VeraCryptExpander.exe" + VALUE "ProductName", "VeraCrypt" + VALUE "ProductVersion", "1.17" + END + END + BLOCK "VarFileInfo" + BEGIN + VALUE "Translation", 0x409, 1200 + END +END + + +#ifdef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// TEXTINCLUDE +// + +1 TEXTINCLUDE +BEGIN + "resource.h\0" +END + +2 TEXTINCLUDE +BEGIN + "#include ""afxres.h""\r\n" + "#include ""..\\\\common\\\\resource.h""\r\n" + "\0" +END + +3 TEXTINCLUDE +BEGIN + "#include ""..\\\\common\\\\common.rc""\r\n" + "\0" +END + +#endif // APSTUDIO_INVOKED + + +///////////////////////////////////////////////////////////////////////////// +// +// Bitmap +// + +IDB_LOGO_96DPI BITMAP "Logo_96dpi.bmp" +IDB_LOGO_288DPI BITMAP "Logo_288dpi.bmp" + +///////////////////////////////////////////////////////////////////////////// +// +// Menu +// + +IDR_MENU MENUEX +BEGIN + MENUITEM "About", IDM_ABOUT,MFT_STRING,MFS_ENABLED + MENUITEM "Homepage", IDM_HOMEPAGE,MFT_STRING | MFT_RIGHTJUSTIFY,MFS_ENABLED +END + + +///////////////////////////////////////////////////////////////////////////// +// +// String Table +// + +STRINGTABLE +BEGIN + IDS_UACSTRING "VeraCrypt Expander" +END + +#endif // English (U.S.) resources +///////////////////////////////////////////////////////////////////////////// + + + +#ifndef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 3 resource. +// +#include "..\\common\\common.rc" + +///////////////////////////////////////////////////////////////////////////// +#endif // not APSTUDIO_INVOKED + diff --git a/src/ExpandVolume/ExpandVolume.vcproj b/src/ExpandVolume/ExpandVolume.vcproj index 4ca6c9d9..37b6f461 100644 --- a/src/ExpandVolume/ExpandVolume.vcproj +++ b/src/ExpandVolume/ExpandVolume.vcproj @@ -1,977 +1,977 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/ExpandVolume/InitDataArea.c b/src/ExpandVolume/InitDataArea.c index 43c7a312..4e6417be 100644 --- a/src/ExpandVolume/InitDataArea.c +++ b/src/ExpandVolume/InitDataArea.c @@ -1,17 +1,17 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' and also from the source code of extcv, which is Copyright (c) 2009-2010 Kih-Oskh - or Copyright (c) 2012-2013 Josef Schneider - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source + or Copyright (c) 2012-2013 Josef Schneider + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source code distribution packages. */ #include @@ -32,8 +32,8 @@ #include "InitDataArea.h" -#ifndef SRC_POS -#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) +#ifndef SRC_POS +#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) #endif int FormatWriteBufferSize = 1024 * 1024; diff --git a/src/ExpandVolume/InitDataArea.h b/src/ExpandVolume/InitDataArea.h index 7650d00c..35c6bbd5 100644 --- a/src/ExpandVolume/InitDataArea.h +++ b/src/ExpandVolume/InitDataArea.h @@ -1,15 +1,15 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0, and also derived from source code of extcv which - is Copyright (c) 2009-2010 by Kih-Oskh or Copyright (c) 2012-2013 Josef Schneider - - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0, and also derived from source code of extcv which + is Copyright (c) 2009-2010 by Kih-Oskh or Copyright (c) 2012-2013 Josef Schneider + + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ #ifndef TC_HEADER_InitDataArea diff --git a/src/ExpandVolume/WinMain.cpp b/src/ExpandVolume/WinMain.cpp index fb9d52af..630fc79d 100644 --- a/src/ExpandVolume/WinMain.cpp +++ b/src/ExpandVolume/WinMain.cpp @@ -1,17 +1,17 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' and also from the source code of extcv, which is Copyright (c) 2009-2010 Kih-Oskh - or Copyright (c) 2012-2013 Josef Schneider - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source + or Copyright (c) 2012-2013 Josef Schneider + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source code distribution packages. */ #include "Tcdefs.h" @@ -383,32 +383,32 @@ static char *PasswordDialogTitleStringId; /* Except in response to the WM_INITDIALOG message, the dialog box procedure should return nonzero if it processes the message, and zero if it does not. - see DialogProc */ -BOOL CALLBACK ExtcvPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - static Password *szXPwd; - static int *pkcs5; - static int *pim; - static BOOL* truecryptMode; - - switch (msg) - { - case WM_INITDIALOG: - { - int i, nIndex; - szXPwd = ((PasswordDlgParam *) lParam) -> password; - pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5; - pim = ((PasswordDlgParam *) lParam) -> pim; - truecryptMode = ((PasswordDlgParam *) lParam) -> truecryptMode; - LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG"); - DragAcceptFiles (hwndDlg, TRUE); - - if (PasswordDialogTitleStringId) - { - SetWindowTextW (hwndDlg, GetString (PasswordDialogTitleStringId)); - } - else if (wcslen (PasswordDlgVolume) > 0) - { +BOOL CALLBACK ExtcvPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + static Password *szXPwd; + static int *pkcs5; + static int *pim; + static BOOL* truecryptMode; + + switch (msg) + { + case WM_INITDIALOG: + { + int i, nIndex; + szXPwd = ((PasswordDlgParam *) lParam) -> password; + pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5; + pim = ((PasswordDlgParam *) lParam) -> pim; + truecryptMode = ((PasswordDlgParam *) lParam) -> truecryptMode; + LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG"); + DragAcceptFiles (hwndDlg, TRUE); + + if (PasswordDialogTitleStringId) + { + SetWindowTextW (hwndDlg, GetString (PasswordDialogTitleStringId)); + } + else if (wcslen (PasswordDlgVolume) > 0) + { wchar_t s[1024]; const int maxVisibleLen = 40; @@ -420,359 +420,359 @@ BOOL CALLBACK ExtcvPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARA else StringCbPrintfW (s, sizeof(s), GetString ("ENTER_PASSWORD_FOR"), PasswordDlgVolume); - SetWindowTextW (hwndDlg, s); - } - - /* Populate the PRF algorithms list */ - HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); - SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); - - nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); - - for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) - { - nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); - } - - /* make autodetection the default */ - SendMessage (hComboBox, CB_SETCURSEL, 0, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_CACHE), BM_SETCHECK, bCacheInDriver ? BST_CHECKED:BST_UNCHECKED, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_PIM), EM_LIMITTEXT, MAX_PIM, 0); - - SetPim (hwndDlg, IDC_PIM, *pim); - - /* make PIM field visible if a PIM value has been explicitely specified */ - if (*pim > 0) - { - ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); - } - - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); - - mountOptions.PartitionInInactiveSysEncScope = bPrebootPasswordDlgMode; - - if (bPrebootPasswordDlgMode) - { - SendMessage (hwndDlg, TC_APPMSG_PREBOOT_PASSWORD_MODE, 0, 0); - } - - if (PasswordDialogDisableMountOptions) - { - EnableWindow (GetDlgItem (hwndDlg, IDC_CACHE), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_OPTIONS), FALSE); - } - - /* No support for mounting TrueCrypt volumes */ - SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE); - - if (!SetForegroundWindow (hwndDlg) && (FavoriteMountOnArrivalInProgress)) - { - SetWindowPos (hwndDlg, HWND_TOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); - - FLASHWINFO flash; - flash.cbSize = sizeof (flash); - flash.dwFlags = FLASHW_ALL | FLASHW_TIMERNOFG; - flash.dwTimeout = 0; - flash.hwnd = hwndDlg; - flash.uCount = 0; - - FlashWindowEx (&flash); - - SetWindowPos (hwndDlg, HWND_NOTOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); - } - } - return 0; - - case TC_APPMSG_PREBOOT_PASSWORD_MODE: - { - /* No support for mounting TrueCrypt system partition */ - SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE); - - /* Repopulate the PRF algorithms list with algorithms that support system encryption */ - HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); - SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); - - int i, nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); - - for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) - { - if (HashForSystemEncryption(i)) - { - nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); - } - } - - /* make autodetection the default */ - SendMessage (hComboBox, CB_SETCURSEL, 0, 0); - - ToBootPwdField (hwndDlg, IDC_PASSWORD); - - // Attempt to wipe the password stored in the input field buffer - wchar_t tmp[MAX_PASSWORD+1]; - wmemset (tmp, L'X', MAX_PASSWORD); - tmp [MAX_PASSWORD] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), L""); - - StringCbPrintfW (OrigKeyboardLayout, sizeof(OrigKeyboardLayout),L"%08X", (DWORD) GetKeyboardLayout (NULL) & 0xFFFF); - - DWORD keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); - - if (keybLayout != 0x00000409 && keybLayout != 0x04090409) - { - Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - if (SetTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0) - { - Error ("CANNOT_SET_TIMER", hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - if (GetCheckBox (hwndDlg, IDC_SHOW_PASSWORD)) - { - // simulate hiding password - SetCheckBox (hwndDlg, IDC_SHOW_PASSWORD, FALSE); - - HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD, IDC_PASSWORD, IDC_PIM); - } - - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), FALSE); - - SetPim (hwndDlg, IDC_PIM, *pim); - - bPrebootPasswordDlgMode = TRUE; - } - return 1; - - case WM_TIMER: - switch (wParam) - { - case TIMER_ID_KEYB_LAYOUT_GUARD: - if (bPrebootPasswordDlgMode) - { - DWORD keybLayout = (DWORD) GetKeyboardLayout (NULL); - - if (keybLayout != 0x00000409 && keybLayout != 0x04090409) - { - // Keyboard layout is not standard US - - // Attempt to wipe the password stored in the input field buffer - wchar_t tmp[MAX_PASSWORD+1]; - wmemset (tmp, L'X', MAX_PASSWORD); - tmp [MAX_PASSWORD] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), L""); - - keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); - - if (keybLayout != 0x00000409 && keybLayout != 0x04090409) - { - KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); - Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - wchar_t szTmp [4096]; - StringCbCopyW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_CHANGE_PREVENTED")); - StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); - StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION")); - MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); - } - } - return 1; - } - return 0; - - case WM_COMMAND: - - if (lw == IDC_MOUNT_OPTIONS) - { - DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg, - (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions); - - if (!bPrebootPasswordDlgMode && mountOptions.PartitionInInactiveSysEncScope) - SendMessage (hwndDlg, TC_APPMSG_PREBOOT_PASSWORD_MODE, 0, 0); - - return 1; - } - - if (lw == IDC_PIM_ENABLE) - { - ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); - - SetFocus (GetDlgItem (hwndDlg, IDC_PIM)); - return 1; - } - - if (lw == IDC_SHOW_PASSWORD) - { - HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD, IDC_PASSWORD, IDC_PIM); - return 1; - } - - if (lw == IDC_KEY_FILES) - { - KeyFilesDlgParam param; - param.EnableKeyFiles = KeyFilesEnable; - param.FirstKeyFile = FirstKeyFile; - - if (IDOK == DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, - (DLGPROC) KeyFilesDlgProc, (LPARAM) ¶m)) - { - KeyFilesEnable = param.EnableKeyFiles; - FirstKeyFile = param.FirstKeyFile; - - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); - } - - return 1; - } - - if (lw == IDC_KEYFILES_ENABLE) - { - KeyFilesEnable = GetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE); - - return 1; - } - - if (lw == IDCANCEL || lw == IDOK) - { - wchar_t tmp[MAX_PASSWORD+1]; - - if (lw == IDOK) - { - if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles) - KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, PasswordDlgVolume); - - if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, MAX_PASSWORD + 1, TRUE)) - szXPwd->Length = strlen ((char *) szXPwd->Text); - else - return 1; - - bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE)); - *pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); - *truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); - - *pim = GetPim (hwndDlg, IDC_PIM); - - /* SHA-256 is not supported by TrueCrypt */ - if ( (*truecryptMode) - && ((*pkcs5 == SHA256) || (mountOptions.ProtectHiddenVolume && mountOptions.ProtectedHidVolPkcs5Prf == SHA256)) - ) - { - Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); - return 1; - } - - if ( (*truecryptMode) - && (*pim != 0) - ) - { - Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); - return 1; - } - } - - // Attempt to wipe password stored in the input field buffer - wmemset (tmp, L'X', MAX_PASSWORD); - tmp[MAX_PASSWORD] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), tmp); - - if (hidVolProtKeyFilesParam.FirstKeyFile != NULL) - { - KeyFileRemoveAll (&hidVolProtKeyFilesParam.FirstKeyFile); - hidVolProtKeyFilesParam.EnableKeyFiles = FALSE; - } - - if (bPrebootPasswordDlgMode) - { - KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); - - // Restore the original keyboard layout - if (LoadKeyboardLayout (OrigKeyboardLayout, KLF_ACTIVATE | KLF_SUBSTITUTE_OK) == NULL) - Warning ("CANNOT_RESTORE_KEYBOARD_LAYOUT", hwndDlg); - } - - EndDialog (hwndDlg, lw); - return 1; - } - return 0; - - case WM_CONTEXTMENU: - { - RECT buttonRect; - GetWindowRect (GetDlgItem (hwndDlg, IDC_KEY_FILES), &buttonRect); - - if (LOWORD (lParam) >= buttonRect.left && LOWORD (lParam) <= buttonRect.right - && HIWORD (lParam) >= buttonRect.top && HIWORD (lParam) <= buttonRect.bottom) - { - // The "Keyfiles" button has been right-clicked - - KeyFilesDlgParam param; - param.EnableKeyFiles = KeyFilesEnable; - param.FirstKeyFile = FirstKeyFile; - - POINT popupPos; - popupPos.x = buttonRect.left + 2; - popupPos.y = buttonRect.top + 2; - - if (KeyfilesPopupMenu (hwndDlg, popupPos, ¶m)) - { - KeyFilesEnable = param.EnableKeyFiles; - FirstKeyFile = param.FirstKeyFile; - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); - } - } - } - break; - - case WM_DROPFILES: - { - HDROP hdrop = (HDROP) wParam; - int i = 0, count = DragQueryFile (hdrop, 0xFFFFFFFF, NULL, 0); - - while (count-- > 0) - { - KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); - if (kf) - { - DragQueryFile (hdrop, i++, kf->FileName, ARRAYSIZE (kf->FileName)); - FirstKeyFile = KeyFileAdd (FirstKeyFile, kf); - KeyFilesEnable = TRUE; - } - } - - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); - DragFinish (hdrop); - } - return 1; - } - - return 0; + SetWindowTextW (hwndDlg, s); + } + + /* Populate the PRF algorithms list */ + HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + + nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); + + for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) + { + nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); + } + + /* make autodetection the default */ + SendMessage (hComboBox, CB_SETCURSEL, 0, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_CACHE), BM_SETCHECK, bCacheInDriver ? BST_CHECKED:BST_UNCHECKED, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_PIM), EM_LIMITTEXT, MAX_PIM, 0); + + SetPim (hwndDlg, IDC_PIM, *pim); + + /* make PIM field visible if a PIM value has been explicitely specified */ + if (*pim > 0) + { + ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); + } + + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); + + mountOptions.PartitionInInactiveSysEncScope = bPrebootPasswordDlgMode; + + if (bPrebootPasswordDlgMode) + { + SendMessage (hwndDlg, TC_APPMSG_PREBOOT_PASSWORD_MODE, 0, 0); + } + + if (PasswordDialogDisableMountOptions) + { + EnableWindow (GetDlgItem (hwndDlg, IDC_CACHE), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_OPTIONS), FALSE); + } + + /* No support for mounting TrueCrypt volumes */ + SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE); + + if (!SetForegroundWindow (hwndDlg) && (FavoriteMountOnArrivalInProgress)) + { + SetWindowPos (hwndDlg, HWND_TOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); + + FLASHWINFO flash; + flash.cbSize = sizeof (flash); + flash.dwFlags = FLASHW_ALL | FLASHW_TIMERNOFG; + flash.dwTimeout = 0; + flash.hwnd = hwndDlg; + flash.uCount = 0; + + FlashWindowEx (&flash); + + SetWindowPos (hwndDlg, HWND_NOTOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); + } + } + return 0; + + case TC_APPMSG_PREBOOT_PASSWORD_MODE: + { + /* No support for mounting TrueCrypt system partition */ + SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE); + + /* Repopulate the PRF algorithms list with algorithms that support system encryption */ + HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + + int i, nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); + + for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) + { + if (HashForSystemEncryption(i)) + { + nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); + } + } + + /* make autodetection the default */ + SendMessage (hComboBox, CB_SETCURSEL, 0, 0); + + ToBootPwdField (hwndDlg, IDC_PASSWORD); + + // Attempt to wipe the password stored in the input field buffer + wchar_t tmp[MAX_PASSWORD+1]; + wmemset (tmp, L'X', MAX_PASSWORD); + tmp [MAX_PASSWORD] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), L""); + + StringCbPrintfW (OrigKeyboardLayout, sizeof(OrigKeyboardLayout),L"%08X", (DWORD) GetKeyboardLayout (NULL) & 0xFFFF); + + DWORD keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); + + if (keybLayout != 0x00000409 && keybLayout != 0x04090409) + { + Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + if (SetTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0) + { + Error ("CANNOT_SET_TIMER", hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + if (GetCheckBox (hwndDlg, IDC_SHOW_PASSWORD)) + { + // simulate hiding password + SetCheckBox (hwndDlg, IDC_SHOW_PASSWORD, FALSE); + + HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD, IDC_PASSWORD, IDC_PIM); + } + + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), FALSE); + + SetPim (hwndDlg, IDC_PIM, *pim); + + bPrebootPasswordDlgMode = TRUE; + } + return 1; + + case WM_TIMER: + switch (wParam) + { + case TIMER_ID_KEYB_LAYOUT_GUARD: + if (bPrebootPasswordDlgMode) + { + DWORD keybLayout = (DWORD) GetKeyboardLayout (NULL); + + if (keybLayout != 0x00000409 && keybLayout != 0x04090409) + { + // Keyboard layout is not standard US + + // Attempt to wipe the password stored in the input field buffer + wchar_t tmp[MAX_PASSWORD+1]; + wmemset (tmp, L'X', MAX_PASSWORD); + tmp [MAX_PASSWORD] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), L""); + + keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); + + if (keybLayout != 0x00000409 && keybLayout != 0x04090409) + { + KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); + Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + wchar_t szTmp [4096]; + StringCbCopyW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_CHANGE_PREVENTED")); + StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); + StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION")); + MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); + } + } + return 1; + } + return 0; + + case WM_COMMAND: + + if (lw == IDC_MOUNT_OPTIONS) + { + DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg, + (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions); + + if (!bPrebootPasswordDlgMode && mountOptions.PartitionInInactiveSysEncScope) + SendMessage (hwndDlg, TC_APPMSG_PREBOOT_PASSWORD_MODE, 0, 0); + + return 1; + } + + if (lw == IDC_PIM_ENABLE) + { + ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); + + SetFocus (GetDlgItem (hwndDlg, IDC_PIM)); + return 1; + } + + if (lw == IDC_SHOW_PASSWORD) + { + HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD, IDC_PASSWORD, IDC_PIM); + return 1; + } + + if (lw == IDC_KEY_FILES) + { + KeyFilesDlgParam param; + param.EnableKeyFiles = KeyFilesEnable; + param.FirstKeyFile = FirstKeyFile; + + if (IDOK == DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, + (DLGPROC) KeyFilesDlgProc, (LPARAM) ¶m)) + { + KeyFilesEnable = param.EnableKeyFiles; + FirstKeyFile = param.FirstKeyFile; + + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); + } + + return 1; + } + + if (lw == IDC_KEYFILES_ENABLE) + { + KeyFilesEnable = GetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE); + + return 1; + } + + if (lw == IDCANCEL || lw == IDOK) + { + wchar_t tmp[MAX_PASSWORD+1]; + + if (lw == IDOK) + { + if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles) + KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, PasswordDlgVolume); + + if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, MAX_PASSWORD + 1, TRUE)) + szXPwd->Length = strlen ((char *) szXPwd->Text); + else + return 1; + + bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE)); + *pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); + *truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); + + *pim = GetPim (hwndDlg, IDC_PIM); + + /* SHA-256 is not supported by TrueCrypt */ + if ( (*truecryptMode) + && ((*pkcs5 == SHA256) || (mountOptions.ProtectHiddenVolume && mountOptions.ProtectedHidVolPkcs5Prf == SHA256)) + ) + { + Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); + return 1; + } + + if ( (*truecryptMode) + && (*pim != 0) + ) + { + Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); + return 1; + } + } + + // Attempt to wipe password stored in the input field buffer + wmemset (tmp, L'X', MAX_PASSWORD); + tmp[MAX_PASSWORD] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), tmp); + + if (hidVolProtKeyFilesParam.FirstKeyFile != NULL) + { + KeyFileRemoveAll (&hidVolProtKeyFilesParam.FirstKeyFile); + hidVolProtKeyFilesParam.EnableKeyFiles = FALSE; + } + + if (bPrebootPasswordDlgMode) + { + KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); + + // Restore the original keyboard layout + if (LoadKeyboardLayout (OrigKeyboardLayout, KLF_ACTIVATE | KLF_SUBSTITUTE_OK) == NULL) + Warning ("CANNOT_RESTORE_KEYBOARD_LAYOUT", hwndDlg); + } + + EndDialog (hwndDlg, lw); + return 1; + } + return 0; + + case WM_CONTEXTMENU: + { + RECT buttonRect; + GetWindowRect (GetDlgItem (hwndDlg, IDC_KEY_FILES), &buttonRect); + + if (LOWORD (lParam) >= buttonRect.left && LOWORD (lParam) <= buttonRect.right + && HIWORD (lParam) >= buttonRect.top && HIWORD (lParam) <= buttonRect.bottom) + { + // The "Keyfiles" button has been right-clicked + + KeyFilesDlgParam param; + param.EnableKeyFiles = KeyFilesEnable; + param.FirstKeyFile = FirstKeyFile; + + POINT popupPos; + popupPos.x = buttonRect.left + 2; + popupPos.y = buttonRect.top + 2; + + if (KeyfilesPopupMenu (hwndDlg, popupPos, ¶m)) + { + KeyFilesEnable = param.EnableKeyFiles; + FirstKeyFile = param.FirstKeyFile; + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); + } + } + } + break; + + case WM_DROPFILES: + { + HDROP hdrop = (HDROP) wParam; + int i = 0, count = DragQueryFile (hdrop, 0xFFFFFFFF, NULL, 0); + + while (count-- > 0) + { + KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); + if (kf) + { + DragQueryFile (hdrop, i++, kf->FileName, ARRAYSIZE (kf->FileName)); + FirstKeyFile = KeyFileAdd (FirstKeyFile, kf); + KeyFilesEnable = TRUE; + } + } + + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); + DragFinish (hdrop); + } + return 1; + } + + return 0; } void SaveSettings (HWND hwndDlg) @@ -792,36 +792,36 @@ int RestoreVolumeHeader (HWND hwndDlg, char *lpszVolume) return 0; } -int ExtcvAskVolumePassword (HWND hwndDlg, const wchar_t* fileName, Password *password, int *pkcs5, int *pim, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions) -{ - int result; - PasswordDlgParam dlgParam; - - PasswordDialogTitleStringId = titleStringId; - PasswordDialogDisableMountOptions = !enableMountOptions; - - dlgParam.password = password; - dlgParam.pkcs5 = pkcs5; - dlgParam.pim = pim; - dlgParam.truecryptMode = truecryptMode; - - StringCbCopyW (PasswordDlgVolume, sizeof(PasswordDlgVolume), fileName); - - result = DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_PASSWORD_DLG), hwndDlg, - (DLGPROC) ExtcvPasswordDlgProc, (LPARAM) &dlgParam); - - if (result != IDOK) - { - password->Length = 0; - *pkcs5 = 0; - *pim = 0; - *truecryptMode = FALSE; - burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); - burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); - } - - return result == IDOK; +int ExtcvAskVolumePassword (HWND hwndDlg, const wchar_t* fileName, Password *password, int *pkcs5, int *pim, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions) +{ + int result; + PasswordDlgParam dlgParam; + + PasswordDialogTitleStringId = titleStringId; + PasswordDialogDisableMountOptions = !enableMountOptions; + + dlgParam.password = password; + dlgParam.pkcs5 = pkcs5; + dlgParam.pim = pim; + dlgParam.truecryptMode = truecryptMode; + + StringCbCopyW (PasswordDlgVolume, sizeof(PasswordDlgVolume), fileName); + + result = DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_PASSWORD_DLG), hwndDlg, + (DLGPROC) ExtcvPasswordDlgProc, (LPARAM) &dlgParam); + + if (result != IDOK) + { + password->Length = 0; + *pkcs5 = 0; + *pim = 0; + *truecryptMode = FALSE; + burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); + burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); + } + + return result == IDOK; } // GUI actions @@ -839,7 +839,7 @@ static BOOL SelectContainer (HWND hwndDlg) static BOOL SelectPartition (HWND hwndDlg) { - RawDevicesDlgParam param; + RawDevicesDlgParam param; param.pszFileName = szFileName; int nResult = DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_RAWDEVICES_DLG), hwndDlg, (DLGPROC) RawDevicesDlgProc, (LPARAM) & param); diff --git a/src/ExpandVolume/resource.h b/src/ExpandVolume/resource.h index 741e78ac..42b9f2b4 100644 --- a/src/ExpandVolume/resource.h +++ b/src/ExpandVolume/resource.h @@ -1,147 +1,147 @@ -//{{NO_DEPENDENCIES}} -// Microsoft Visual C++ generated include file. -// Used by ExpandVolume.rc -// -#define IDD_MOUNT_DLG 101 -#define IDD_PASSWORD_DLG 104 -#define IDR_MENU 106 -#define IDD_EXPAND_PROGRESS_DLG 106 -#define IDR_MOUNT_RSRC_HEADER 109 -#define IDS_UACSTRING 110 -#define IDB_LOGO_288DPI 111 -#define IDB_LOGO_96DPI 112 -#define IDD_SIZE_DIALOG 117 -#define IDC_BOX_HELP 1003 -#define IDC_CACHE 1005 -#define IDC_NO_HISTORY 1006 -#define IDC_DRIVELIST 1007 -#define IDC_SPACE_LEFT 1009 -#define IDC_KB 1011 -#define IDC_MB 1013 -#define IDC_PROGRESS_BAR 1014 -#define IDC_GB 1015 -#define IDC_TB 1016 -#define IDC_EXPAND_VOLUME_OLDSIZE 1017 -#define IDC_EXPAND_VOLUME_NEWSIZE 1019 -#define IDC_EXPAND_VOLUME_NAME 1020 -#define IDC_EXPAND_VOLUME_INITSPACE 1021 -#define IDC_EXPAND_FILE_SYSTEM 1022 -#define IDC_RANDOM_BYTES 1023 -#define IDC_BYTESWRITTEN 1024 -#define IDC_WRITESPEED 1025 -#define IDC_MOUNT_OPTIONS 1026 -#define IDC_TIMEREMAIN 1027 -#define IDC_KEY_FILES 1030 -#define IDC_VOLUME 1033 -#define IDC_PASSWORD 1034 -#define IDC_SELECT_DEVICE 1036 -#define IDC_CREATE_VOLUME 1037 -#define IDC_VOLUME_TOOLS 1038 -#define IDC_SIZEBOX 1038 -#define IDC_WIPE_CACHE 1039 -#define IDC_MOUNTALL 1040 -#define IDC_SELECT_FILE 1042 -#define IDC_VOLUME_PROPERTIES 1044 -#define IDT_RANDOM_POOL 1047 -#define IDT_VOL_NAME 1047 -#define IDT_HEADER_KEY 1048 -#define IDT_CURRENT_SIZE 1048 -#define IDT_VOLUME 1049 -#define IDT_MASTER_KEY 1049 -#define IDT_NEW_SIZE 1049 -#define IDT_PASSWORD 1050 -#define IDT_DONE 1050 -#define IDT_SPEED 1051 -#define IDT_LEFT 1052 -#define IDT_INIT_SPACE 1053 -#define IDT_FILE_SYS 1054 -#define IDT_INIT_SPACE2 1055 -#define IDT_RANDOM_POOL2 1055 -#define IDC_EXIT 1060 -#define IDC_UNMOUNTALL 1063 -#define IDC_SHOW_PASSWORD 1094 -#define IDC_LOGO 1095 -#define IDC_SIZEDLG_TITLE 1111 -#define IDC_INIT_NEWSPACE 1112 -#define IDC_INFOEXPAND 1113 -#define IDC_BOX_STATUS 1114 -#define IDC_TRUECRYPT_MODE 1140 -#define IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT 1141 -#define IDT_OLD_PIM 1142 -#define IDC_OLD_PIM 1143 -#define IDC_OLD_PIM_HELP 1144 -#define ID_HOMEPAGE 1145 -#define IDM_HELP 40001 -#define IDM_ABOUT 40002 -#define IDM_UNMOUNT_VOLUME 40003 -#define IDM_CLEAR_HISTORY 40004 -#define IDM_FORUMS 40005 -#define IDM_BENCHMARK 40006 -#define IDM_TRAVELER 40007 -#define IDM_MOUNT_VOLUME_OPTIONS 40008 -#define IDM_FAQ 40009 -#define IDM_REFRESH_DRIVE_LETTERS 40010 -#define IDM_DEFAULT_KEYFILES 40011 -#define IDM_WEBSITE 40012 -#define IDM_MOUNTALL 40013 -#define IDM_UNMOUNTALL 40014 -#define IDM_MOUNT_VOLUME 40015 -#define IDM_CHANGE_PASSWORD 40016 -#define IDM_VOLUME_WIZARD 40017 -#define IDM_CREATE_VOLUME 40018 -#define IDM_WIPE_CACHE 40019 -#define IDM_PREFERENCES 40020 -#define IDM_LICENSE 40021 -#define IDM_SELECT_FILE 40022 -#define IDM_SELECT_DEVICE 40023 -#define IDM_VOLUME_PROPERTIES 40024 -#define IDM_LANGUAGE 40025 -#define IDM_MOUNT_FAVORITE_VOLUMES 40026 -#define IDM_SAVE_FAVORITE_VOLUMES 40027 -#define IDM_BACKUP_VOL_HEADER 40028 -#define IDM_RESTORE_VOL_HEADER 40029 -#define IDM_HOTKEY_SETTINGS 40030 -#define IDM_TC_DOWNLOADS 40031 -#define IDM_NEWS 40032 -#define IDM_BUGREPORT 40033 -#define IDM_CONTACT 40034 -#define IDM_VERSION_HISTORY 40035 -#define IDM_HOMEPAGE 40036 -#define IDM_TEST_VECTORS 40037 -#define IDM_ADD_REMOVE_VOL_KEYFILES 40038 -#define IDM_REMOVE_ALL_KEYFILES_FROM_VOL 40039 -#define IDM_GENERATE_KEYFILE 40040 -#define IDM_CHANGE_HEADER_KEY_DERIV_ALGO 40041 -#define IDM_KEYFILE_GENERATOR 40042 -#define IDM_SET_DEFAULT_KEYFILES 40043 -#define IDM_ONLINE_TUTORIAL 40044 -#define IDM_ONLINE_HELP 40045 -#define IDM_DONATIONS 40046 -#define IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO 40047 -#define IDM_CHANGE_SYS_PASSWORD 40048 -#define IDM_CREATE_RESCUE_DISK 40049 -#define IDM_PERMANENTLY_DECRYPT_SYS 40050 -#define IDM_VERIFY_RESCUE_DISK 40051 -#define IDM_SYSTEM_ENCRYPTION_STATUS 40052 -#define IDM_ENCRYPT_SYSTEM_DEVICE 40053 -#define IDM_SYSENC_RESUME 40054 -#define IDM_MOUNT_SYSENC_PART_WITHOUT_PBA 40055 -#define IDM_CREATE_HIDDEN_OS 40056 -#define IDM_TOKEN_PREFERENCES 40057 -#define IDM_CLOSE_ALL_TOKEN_SESSIONS 40058 -#define IDM_SYS_ENC_SETTINGS 40059 -#define IDM_SYSENC_SETTINGS 40060 -#define IDM_RESUME_INTERRUPTED_PROC 40061 -#define IDM_MANAGE_TOKEN_KEYFILES 40062 - -// Next default values for new objects -// -#ifdef APSTUDIO_INVOKED -#ifndef APSTUDIO_READONLY_SYMBOLS -#define _APS_NO_MFC 1 -#define _APS_NEXT_RESOURCE_VALUE 120 -#define _APS_NEXT_COMMAND_VALUE 40064 -#define _APS_NEXT_CONTROL_VALUE 1146 -#define _APS_NEXT_SYMED_VALUE 101 -#endif -#endif +//{{NO_DEPENDENCIES}} +// Microsoft Visual C++ generated include file. +// Used by ExpandVolume.rc +// +#define IDD_MOUNT_DLG 101 +#define IDD_PASSWORD_DLG 104 +#define IDR_MENU 106 +#define IDD_EXPAND_PROGRESS_DLG 106 +#define IDR_MOUNT_RSRC_HEADER 109 +#define IDS_UACSTRING 110 +#define IDB_LOGO_288DPI 111 +#define IDB_LOGO_96DPI 112 +#define IDD_SIZE_DIALOG 117 +#define IDC_BOX_HELP 1003 +#define IDC_CACHE 1005 +#define IDC_NO_HISTORY 1006 +#define IDC_DRIVELIST 1007 +#define IDC_SPACE_LEFT 1009 +#define IDC_KB 1011 +#define IDC_MB 1013 +#define IDC_PROGRESS_BAR 1014 +#define IDC_GB 1015 +#define IDC_TB 1016 +#define IDC_EXPAND_VOLUME_OLDSIZE 1017 +#define IDC_EXPAND_VOLUME_NEWSIZE 1019 +#define IDC_EXPAND_VOLUME_NAME 1020 +#define IDC_EXPAND_VOLUME_INITSPACE 1021 +#define IDC_EXPAND_FILE_SYSTEM 1022 +#define IDC_RANDOM_BYTES 1023 +#define IDC_BYTESWRITTEN 1024 +#define IDC_WRITESPEED 1025 +#define IDC_MOUNT_OPTIONS 1026 +#define IDC_TIMEREMAIN 1027 +#define IDC_KEY_FILES 1030 +#define IDC_VOLUME 1033 +#define IDC_PASSWORD 1034 +#define IDC_SELECT_DEVICE 1036 +#define IDC_CREATE_VOLUME 1037 +#define IDC_VOLUME_TOOLS 1038 +#define IDC_SIZEBOX 1038 +#define IDC_WIPE_CACHE 1039 +#define IDC_MOUNTALL 1040 +#define IDC_SELECT_FILE 1042 +#define IDC_VOLUME_PROPERTIES 1044 +#define IDT_RANDOM_POOL 1047 +#define IDT_VOL_NAME 1047 +#define IDT_HEADER_KEY 1048 +#define IDT_CURRENT_SIZE 1048 +#define IDT_VOLUME 1049 +#define IDT_MASTER_KEY 1049 +#define IDT_NEW_SIZE 1049 +#define IDT_PASSWORD 1050 +#define IDT_DONE 1050 +#define IDT_SPEED 1051 +#define IDT_LEFT 1052 +#define IDT_INIT_SPACE 1053 +#define IDT_FILE_SYS 1054 +#define IDT_INIT_SPACE2 1055 +#define IDT_RANDOM_POOL2 1055 +#define IDC_EXIT 1060 +#define IDC_UNMOUNTALL 1063 +#define IDC_SHOW_PASSWORD 1094 +#define IDC_LOGO 1095 +#define IDC_SIZEDLG_TITLE 1111 +#define IDC_INIT_NEWSPACE 1112 +#define IDC_INFOEXPAND 1113 +#define IDC_BOX_STATUS 1114 +#define IDC_TRUECRYPT_MODE 1140 +#define IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT 1141 +#define IDT_OLD_PIM 1142 +#define IDC_OLD_PIM 1143 +#define IDC_OLD_PIM_HELP 1144 +#define ID_HOMEPAGE 1145 +#define IDM_HELP 40001 +#define IDM_ABOUT 40002 +#define IDM_UNMOUNT_VOLUME 40003 +#define IDM_CLEAR_HISTORY 40004 +#define IDM_FORUMS 40005 +#define IDM_BENCHMARK 40006 +#define IDM_TRAVELER 40007 +#define IDM_MOUNT_VOLUME_OPTIONS 40008 +#define IDM_FAQ 40009 +#define IDM_REFRESH_DRIVE_LETTERS 40010 +#define IDM_DEFAULT_KEYFILES 40011 +#define IDM_WEBSITE 40012 +#define IDM_MOUNTALL 40013 +#define IDM_UNMOUNTALL 40014 +#define IDM_MOUNT_VOLUME 40015 +#define IDM_CHANGE_PASSWORD 40016 +#define IDM_VOLUME_WIZARD 40017 +#define IDM_CREATE_VOLUME 40018 +#define IDM_WIPE_CACHE 40019 +#define IDM_PREFERENCES 40020 +#define IDM_LICENSE 40021 +#define IDM_SELECT_FILE 40022 +#define IDM_SELECT_DEVICE 40023 +#define IDM_VOLUME_PROPERTIES 40024 +#define IDM_LANGUAGE 40025 +#define IDM_MOUNT_FAVORITE_VOLUMES 40026 +#define IDM_SAVE_FAVORITE_VOLUMES 40027 +#define IDM_BACKUP_VOL_HEADER 40028 +#define IDM_RESTORE_VOL_HEADER 40029 +#define IDM_HOTKEY_SETTINGS 40030 +#define IDM_TC_DOWNLOADS 40031 +#define IDM_NEWS 40032 +#define IDM_BUGREPORT 40033 +#define IDM_CONTACT 40034 +#define IDM_VERSION_HISTORY 40035 +#define IDM_HOMEPAGE 40036 +#define IDM_TEST_VECTORS 40037 +#define IDM_ADD_REMOVE_VOL_KEYFILES 40038 +#define IDM_REMOVE_ALL_KEYFILES_FROM_VOL 40039 +#define IDM_GENERATE_KEYFILE 40040 +#define IDM_CHANGE_HEADER_KEY_DERIV_ALGO 40041 +#define IDM_KEYFILE_GENERATOR 40042 +#define IDM_SET_DEFAULT_KEYFILES 40043 +#define IDM_ONLINE_TUTORIAL 40044 +#define IDM_ONLINE_HELP 40045 +#define IDM_DONATIONS 40046 +#define IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO 40047 +#define IDM_CHANGE_SYS_PASSWORD 40048 +#define IDM_CREATE_RESCUE_DISK 40049 +#define IDM_PERMANENTLY_DECRYPT_SYS 40050 +#define IDM_VERIFY_RESCUE_DISK 40051 +#define IDM_SYSTEM_ENCRYPTION_STATUS 40052 +#define IDM_ENCRYPT_SYSTEM_DEVICE 40053 +#define IDM_SYSENC_RESUME 40054 +#define IDM_MOUNT_SYSENC_PART_WITHOUT_PBA 40055 +#define IDM_CREATE_HIDDEN_OS 40056 +#define IDM_TOKEN_PREFERENCES 40057 +#define IDM_CLOSE_ALL_TOKEN_SESSIONS 40058 +#define IDM_SYS_ENC_SETTINGS 40059 +#define IDM_SYSENC_SETTINGS 40060 +#define IDM_RESUME_INTERRUPTED_PROC 40061 +#define IDM_MANAGE_TOKEN_KEYFILES 40062 + +// Next default values for new objects +// +#ifdef APSTUDIO_INVOKED +#ifndef APSTUDIO_READONLY_SYMBOLS +#define _APS_NO_MFC 1 +#define _APS_NEXT_RESOURCE_VALUE 120 +#define _APS_NEXT_COMMAND_VALUE 40064 +#define _APS_NEXT_CONTROL_VALUE 1146 +#define _APS_NEXT_SYMED_VALUE 101 +#endif +#endif diff --git a/src/Format/Format.manifest b/src/Format/Format.manifest index 255a867e..5d4cb896 100644 --- a/src/Format/Format.manifest +++ b/src/Format/Format.manifest @@ -1,33 +1,33 @@ - - - - - - - - - - - - true - - - - - - - - - - - - - + + + + + + + + + + + + true + + + + + + + + + + + + + \ No newline at end of file diff --git a/src/Format/Format.rc b/src/Format/Format.rc index 9e13a29b..1f2cc41d 100644 --- a/src/Format/Format.rc +++ b/src/Format/Format.rc @@ -1,747 +1,747 @@ -// Microsoft Visual C++ generated resource script. -// -#include "resource.h" - -#define APSTUDIO_READONLY_SYMBOLS -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 2 resource. -// -#include "afxres.h" -#include "..\\common\\resource.h" - -///////////////////////////////////////////////////////////////////////////// -#undef APSTUDIO_READONLY_SYMBOLS - -///////////////////////////////////////////////////////////////////////////// -// English (U.S.) resources - -#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU) -#ifdef _WIN32 -LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US -#pragma code_page(1252) -#endif //_WIN32 - -///////////////////////////////////////////////////////////////////////////// -// -// Version -// - -VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,17,22,0 - PRODUCTVERSION 1,17,22,0 - FILEFLAGSMASK 0x17L -#ifdef _DEBUG - FILEFLAGS 0x1L -#else - FILEFLAGS 0x0L -#endif - FILEOS 0x4L - FILETYPE 0x1L - FILESUBTYPE 0x0L -BEGIN - BLOCK "StringFileInfo" - BEGIN - BLOCK "040904b0" - BEGIN - VALUE "CompanyName", "IDRIX" - VALUE "FileDescription", "VeraCrypt Format" - VALUE "FileVersion", "1.17" - VALUE "LegalTrademarks", "VeraCrypt" - VALUE "OriginalFilename", "VeraCrypt Format.exe" - VALUE "ProductName", "VeraCrypt" - VALUE "ProductVersion", "1.17" - END - END - BLOCK "VarFileInfo" - BEGIN - VALUE "Translation", 0x409, 1200 - END -END - - -///////////////////////////////////////////////////////////////////////////// -// -// HEADER -// - -IDR_FORMAT_RSRC_HEADER HEADER "resource.h" - -///////////////////////////////////////////////////////////////////////////// -// -// TYPELIB -// - -IDR_FORMAT_TLB TYPELIB "Format.tlb" - -///////////////////////////////////////////////////////////////////////////// -// -// Dialog -// - -IDD_VOL_CREATION_WIZARD_DLG DIALOGEX 0, 0, 400, 229 -STYLE DS_SETFONT | DS_SETFOREGROUND | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt Volume Creation Wizard" -CLASS "VeraCryptCustomDlg" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - PUSHBUTTON "&Help",IDHELP,176,209,50,14 - PUSHBUTTON "",IDC_PREV,235,209,50,14 - DEFPUSHBUTTON "",IDC_NEXT,285,209,50,14 - PUSHBUTTON "Cancel",IDCANCEL,343,209,50,14 - LTEXT "",IDC_BOX_TITLE,160,8,233,17 - GROUPBOX "",IDC_STATIC,4,0,392,203 - CONTROL 116,IDC_BITMAP_WIZARD,"Static",SS_BITMAP | SS_SUNKEN,10,9,137,169 - LTEXT "",IDC_POS_BOX,160,24,231,172 -END - -IDD_CIPHER_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - COMBOBOX IDC_COMBO_BOX,7,23,137,126,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP - PUSHBUTTON "&Test",IDC_CIPHER_TEST,149,22,59,14 - PUSHBUTTON "&Benchmark",IDC_BENCHMARK,149,100,59,14 - COMBOBOX IDC_COMBO_BOX_HASH_ALGO,7,137,83,126,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP - LTEXT "",IDC_BOX_HELP,7,40,205,58 - GROUPBOX "Encryption Algorithm",IDT_ENCRYPTION_ALGO,0,10,217,111 - GROUPBOX "Hash Algorithm",IDT_HASH_ALGO,0,124,217,35 - LTEXT "More information",IDC_LINK_MORE_INFO_ABOUT_CIPHER,7,102,135,10,SS_NOTIFY - LTEXT "Information on hash algorithms",IDC_LINK_HASH_INFO,97,139,115,8,SS_NOTIFY -END - -IDD_PASSWORD_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - EDITTEXT IDC_PASSWORD,53,3,170,14,ES_PASSWORD | ES_AUTOHSCROLL - EDITTEXT IDC_VERIFY,53,19,170,14,ES_PASSWORD | ES_AUTOHSCROLL - CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,53,35,95,10 - PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,152,36,71,14,WS_DISABLED - CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,53,45,95,11,WS_EX_TRANSPARENT - CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,53,56,97,10 - RTEXT "Password:",IDT_PASSWORD,1,6,50,8 - RTEXT "&Confirm:",IDT_CONFIRM,1,23,50,8 - LTEXT "",IDC_BOX_HELP,0,71,225,97 -END - -IDD_SIZE_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - EDITTEXT IDC_SIZEBOX,0,22,71,14,ES_AUTOHSCROLL | ES_NUMBER - CONTROL "&KB",IDC_KB,"Button",BS_AUTORADIOBUTTON | WS_GROUP | WS_TABSTOP,80,25,27,10 - CONTROL "&MB",IDC_MB,"Button",BS_AUTORADIOBUTTON,115,25,27,10 - CONTROL "&GB",IDC_GB,"Button",BS_AUTORADIOBUTTON,150,25,27,10 - LTEXT "",IDC_BOX_HELP,0,84,214,75 - LTEXT "",IDC_SPACE_LEFT,0,44,214,33 - CONTROL "&TB",IDC_TB,"Button",BS_AUTORADIOBUTTON,185,25,27,10 -END - -IDD_VOLUME_LOCATION_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - COMBOBOX IDC_COMBO_BOX,0,9,148,80,CBS_DROPDOWN | CBS_AUTOHSCROLL | WS_VSCROLL | WS_TABSTOP - CONTROL "&Never save history",IDC_NO_HISTORY,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,3,28,213,10 - PUSHBUTTON "",IDC_SELECT_VOLUME_LOCATION,155,9,62,14 - LTEXT "",IDC_BOX_HELP,0,42,219,125 -END - -IDD_FORMAT_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - COMBOBOX IDC_FILESYS,43,13,36,90,CBS_DROPDOWNLIST | WS_TABSTOP - COMBOBOX IDC_CLUSTERSIZE,112,13,42,90,CBS_DROPDOWNLIST | WS_TABSTOP - CONTROL "Quick Format",IDC_QUICKFORMAT,"Button",BS_AUTOCHECKBOX | BS_MULTILINE | WS_TABSTOP,163,11,60,18 - CONTROL "",IDC_SHOW_KEYS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,214,38,9,8 - PUSHBUTTON "Abort",IDC_ABORT_BUTTON,169,75,50,14 - RTEXT "Header Key: ",IDT_HEADER_KEY,2,47,54,8 - CONTROL "",IDC_HEADER_KEY,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,57,46,163,8,WS_EX_TRANSPARENT - RTEXT "Master Key: ",IDT_MASTER_KEY,2,55,54,8 - LTEXT "",IDC_DISK_KEY,57,54,163,8,0,WS_EX_TRANSPARENT - RTEXT "Cluster ",IDT_CLUSTER,80,15,32,8 - LTEXT "",IDC_BOX_HELP,1,112,224,40 - GROUPBOX "Options",IDT_FORMAT_OPTIONS,0,3,225,29 - CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,6,76,158,12 - RTEXT "",IDC_TIMEREMAIN,177,93,42,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE - RTEXT "",IDC_WRITESPEED,106,93,42,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE - LTEXT "",IDC_BYTESWRITTEN,29,93,39,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE - RTEXT "Done",IDT_DONE,5,94,22,8 - RTEXT "Speed",IDT_SPEED,70,94,34,8 - RTEXT "Left",IDT_LEFT,150,94,25,8 - GROUPBOX "",IDC_STATIC,0,67,225,41 - RTEXT "Filesystem ",IDT_FILESYSTEM,1,15,41,8,0,WS_EX_RIGHT - RTEXT "Random Pool: ",IDT_RANDOM_POOL,2,39,54,8 - GROUPBOX "",IDC_STATIC,0,32,225,35 - CONTROL "",IDC_RANDOM_BYTES,"Static",SS_SIMPLE | WS_GROUP,57,38,155,8,WS_EX_TRANSPARENT - GROUPBOX "Randomness Collected From Mouse Movements",IDT_ENTROPY_BAR,0,153,224,18 - CONTROL "",IDC_ENTROPY_BAR,"msctls_progress32",WS_BORDER,11,162,202,6 -END - -IDD_INTRO_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "Create an encrypted file container",IDC_FILE_CONTAINER, - "Button",BS_AUTORADIOBUTTON,0,7,217,10 - LTEXT "More information",IDC_MORE_INFO_ON_CONTAINERS,16,40,165,10,SS_NOTIFY - CONTROL "Encrypt a non-system partition/drive",IDC_NONSYS_DEVICE, - "Button",BS_AUTORADIOBUTTON,0,53,217,10 - CONTROL "Encrypt the system partition or entire system drive",IDC_SYS_DEVICE, - "Button",BS_AUTORADIOBUTTON,0,89,217,10 - LTEXT "More information about system encryption",IDC_MORE_INFO_ON_SYS_ENCRYPTION,16,153,190,10,SS_NOTIFY - LTEXT "Creates a virtual encrypted disk within a file. Recommended for inexperienced users.",IDT_FILE_CONTAINER,16,20,205,16 - LTEXT "Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume.",IDT_NON_SYS_DEVICE,16,66,205,20 - LTEXT "Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system.",IDT_SYS_DEVICE,16,102,205,47 -END - -IDD_INFO_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - LTEXT "",IDC_BOX_HELP,0,10,225,155 -END - -IDD_HIDVOL_HOST_FILL_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - LTEXT "",IDC_BOX_HELP,0,6,226,138 - PUSHBUTTON "Open Outer Volume",IDC_OPEN_OUTER_VOLUME,0,146,85,14 -END - -IDD_HIDDEN_VOL_WIZARD_MODE_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "Normal mode",IDC_HIDVOL_WIZ_MODE_FULL,"Button",BS_AUTORADIOBUTTON,0,7,217,10 - CONTROL "Direct mode",IDC_HIDVOL_WIZ_MODE_DIRECT,"Button",BS_AUTORADIOBUTTON,0,87,217,10 - LTEXT "",IDC_BOX_HELP,16,20,205,63 - LTEXT "",IDC_BOX_HELP2,16,101,205,59 -END - -IDD_PASSWORD_ENTRY_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - EDITTEXT IDC_PASSWORD_DIRECT,50,2,173,14,ES_PASSWORD | ES_AUTOHSCROLL - COMBOBOX IDC_PKCS5_PRF_ID,50,17,104,90,CBS_DROPDOWNLIST | WS_TABSTOP - EDITTEXT IDC_PIM,50,32,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,96,34,127,8,NOT WS_VISIBLE - CONTROL "&Display password",IDC_SHOW_PASSWORD_SINGLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,50,46,84,11,WS_EX_TRANSPARENT - CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,50,57,94,11 - PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,149,54,74,14 - LTEXT "",IDC_BOX_HELP,0,74,225,94 - RTEXT "Password:",IDT_PASSWORD,0,6,48,8 - RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,19,48,8 - RTEXT "Volume PIM:",IDT_PIM,0,35,48,8,NOT WS_VISIBLE - CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,50,35,97,10 -END - -IDD_VOLUME_TYPE_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "Standard VeraCrypt volume",IDC_STD_VOL,"Button",BS_AUTORADIOBUTTON,0,7,212,10 - CONTROL "Hi&dden VeraCrypt volume ",IDC_HIDDEN_VOL,"Button",BS_AUTORADIOBUTTON,0,68,212,10 - LTEXT "More information about hidden volumes",IDC_HIDDEN_VOL_HELP,16,151,205,10,SS_NOTIFY - LTEXT "",IDC_BOX_HELP_NORMAL_VOL,16,20,205,41 - LTEXT "",IDC_BOX_HELP,16,83,205,62 -END - -IDD_SYSENC_SPAN_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "Encrypt the Windows system partition",IDC_SYS_PARTITION, - "Button",BS_AUTORADIOBUTTON,0,7,212,10 - CONTROL "Encrypt the whole drive",IDC_WHOLE_SYS_DRIVE,"Button",BS_AUTORADIOBUTTON,0,53,212,10 - LTEXT "Select this option to encrypt the partition where the currently running Windows operating system is installed.",IDT_SYS_PARTITION,16,20,205,32 - LTEXT "",IDT_WHOLE_SYS_DRIVE,16,70,205,95 -END - -IDD_SYSENC_RESCUE_DISK_CREATION_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - EDITTEXT IDC_RESCUE_DISK_ISO_PATH,0,159,163,13,ES_AUTOHSCROLL - PUSHBUTTON "Bro&wse...",IDC_BROWSE,166,158,59,14 - LTEXT "",IDT_RESCUE_DISK_INFO,0,1,225,137 - CONTROL "Skip Rescue Disk verification",IDC_SKIP_RESCUE_VERIFICATION, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,0,145,106,10 -END - -IDD_SYSENC_COLLECTING_RANDOM_DATA_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - CONTROL "Display pool content",IDC_DISPLAY_POOL_CONTENTS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,1,98,122,10 - CONTROL "",IDC_SYS_POOL_CONTENTS,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,8,14,205,72,WS_EX_TRANSPARENT - LTEXT "IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue.",IDT_COLLECTING_RANDOM_DATA_NOTE,1,112,224,40 - GROUPBOX "Current pool content (partial)",IDT_PARTIAL_POOL_CONTENTS,0,5,222,88 - GROUPBOX "Randomness Collected From Mouse Movements",IDT_ENTROPY_BAR,0,154,224,18 - CONTROL "",IDC_ENTROPY_BAR,"msctls_progress32",WS_BORDER,11,163,202,6 -END - -IDD_SYSENC_MULTI_BOOT_MODE_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "Single-boot",IDC_SINGLE_BOOT,"Button",BS_AUTORADIOBUTTON,0,7,212,10 - CONTROL "Multi-boot",IDC_MULTI_BOOT,"Button",BS_AUTORADIOBUTTON,0,53,217,10 - LTEXT "Select this option if there is only one operating system installed on this computer (even if it has multiple users).",IDT_SINGLE_BOOT,16,20,205,32 - LTEXT "Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X",IDT_MULTI_BOOT,16,66,205,72 -END - -IDD_SYSENC_RESCUE_DISK_BURN_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - LTEXT "Download CD/DVD recording software",IDC_DOWNLOAD_CD_BURN_SOFTWARE,0,136,217,10,SS_NOTIFY - LTEXT "",IDT_RESCUE_DISK_BURN_INFO,0,4,225,128 -END - -IDD_SYSENC_WIPE_MODE_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - COMBOBOX IDC_WIPE_MODE,61,0,127,90,CBS_DROPDOWNLIST | WS_TABSTOP - RTEXT "Wipe mode:",IDT_WIPE_MODE,0,2,59,8,0,WS_EX_RIGHT - LTEXT "",IDT_WIPE_MODE_INFO,0,19,225,128 -END - -IDD_INPLACE_ENCRYPTION_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - COMBOBOX IDC_WIPE_MODE,67,13,125,90,CBS_DROPDOWNLIST | WS_TABSTOP - PUSHBUTTON "&Pause",IDC_PAUSE,169,40,50,14 - LTEXT "More information",IDC_MORE_INFO_SYS_ENCRYPTION,1,150,202,10,SS_NOTIFY - LTEXT "",IDC_BYTESWRITTEN,29,58,39,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE - RTEXT "",IDC_WRITESPEED,103,58,46,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE - RTEXT "",IDC_TIMEREMAIN,177,58,42,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE - RTEXT "Wipe mode:",IDT_WIPE_MODE,6,15,59,8,0,WS_EX_RIGHT - CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,6,41,158,12 - RTEXT "Done",IDT_DONE,5,59,22,8 - RTEXT "Status",IDT_STATUS,72,59,29,8 - RTEXT "Left",IDT_LEFT,151,59,24,8 - LTEXT "",IDC_BOX_HELP,1,77,224,70 - GROUPBOX "Options",IDT_FORMAT_OPTIONS,0,3,225,29 - GROUPBOX "",IDC_STATIC,0,32,225,41 -END - -IDD_SYSENC_KEYS_GEN_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - CONTROL "Display generated keys (their portions)",IDC_DISPLAY_KEYS, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,1,94,216,10 - CONTROL "",IDC_HEADER_KEY,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,57,71,163,8,WS_EX_TRANSPARENT - LTEXT "",IDC_DISK_KEY,57,79,163,8,0,WS_EX_TRANSPARENT - LTEXT "The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue.",IDT_SYSENC_KEYS_GEN_INFO,1,23,224,41 - RTEXT "Header Key: ",IDT_HEADER_KEY,2,72,54,8 - RTEXT "Master Key: ",IDT_MASTER_KEY,2,80,54,8 - GROUPBOX "",-1,0,65,225,26 -END - -IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "",IDC_CHOICE1,"Button",BS_AUTORADIOBUTTON,0,7,212,10 - CONTROL "",IDC_CHOICE2,"Button",BS_AUTORADIOBUTTON,0,17,217,10 - LTEXT "",IDC_BOX_HELP,1,34,220,112 -END - -IDD_SYSENC_DRIVE_ANALYSIS_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - LTEXT "",IDT_SYSENC_DRIVE_ANALYSIS_INFO,2,10,215,88 - CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,1,115,216,12 - LTEXT "Progress:",IDT_PROGRESS,2,104,57,8 -END - -IDD_SYSENC_TYPE_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "Normal",IDC_SYSENC_NORMAL,"Button",BS_AUTORADIOBUTTON,0,7,212,10 - CONTROL "Hi&dden",IDC_SYSENC_HIDDEN,"Button",BS_AUTORADIOBUTTON,0,53,212,10 - LTEXT "More information",IDC_HIDDEN_SYSENC_INFO_LINK,16,148,205,10,SS_NOTIFY - LTEXT "",IDC_BOX_HELP_SYSENC_NORMAL,16,20,205,25 - LTEXT "",IDC_BOX_HELP,16,67,205,72 -END - -IDD_SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - LTEXT "More information",IDC_HIDDEN_SYSENC_INFO_LINK,0,150,217,10,SS_NOTIFY - LTEXT "",IDC_BOX_HELP,0,2,225,142 -END - -IDD_DEVICE_WIPE_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - PUSHBUTTON "Abort",IDC_ABORT_BUTTON,169,48,50,14 - LTEXT "",IDC_BYTESWRITTEN,29,66,39,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE - RTEXT "",IDC_WRITESPEED,103,66,46,11,SS_CENTERIMAGE | NOT WS_VISIBLE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE - RTEXT "",IDC_TIMEREMAIN,177,66,42,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE - RTEXT "Wipe mode:",IDT_WIPE_MODE,6,22,59,8,0,WS_EX_RIGHT - CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,6,49,158,12 - RTEXT "Done",IDT_DONE,5,67,22,8 - RTEXT "Pass",IDT_PASS,72,67,29,8,NOT WS_VISIBLE - RTEXT "Left",IDT_LEFT,151,67,24,8 - LTEXT "",IDC_BOX_HELP,1,86,224,80 - GROUPBOX "",IDT_FORMAT_OPTIONS,0,10,225,29 - GROUPBOX "",IDC_STATIC,0,40,225,42 - LTEXT "",IDC_WIPE_MODE,67,21,125,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_STATICEDGE -END - -IDD_DEVICE_WIPE_MODE_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - COMBOBOX IDC_WIPE_MODE,61,9,127,90,CBS_DROPDOWNLIST | WS_TABSTOP - RTEXT "Wipe mode:",IDT_WIPE_MODE,0,11,59,8,0,WS_EX_RIGHT - LTEXT "",IDT_WIPE_MODE_INFO,0,29,225,122 -END - -IDD_DEVICE_TRANSFORM_MODE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "Create encrypted volume and format it",IDC_DEVICE_TRANSFORM_MODE_FORMAT, - "Button",BS_AUTORADIOBUTTON,0,8,217,10 - CONTROL "Encrypt partition in place",IDC_DEVICE_TRANSFORM_MODE_INPLACE, - "Button",BS_AUTORADIOBUTTON,0,98,217,10 - LTEXT "",IDC_BOX_HELP,16,21,205,74 - LTEXT "",IDC_BOX_HELP2,16,112,205,53 -END - -IDD_EXPANDED_LIST_SELECT_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - LTEXT "",IDC_BOX_HELP,0,107,225,58 - LISTBOX IDC_LIST_BOX,0,3,222,100,LBS_NOINTEGRALHEIGHT | LBS_DISABLENOSCROLL | WS_VSCROLL -END - -IDD_DRIVE_LETTER_SELECTION_PAGE DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - LTEXT "",IDC_BOX_HELP,0,40,225,118 - COMBOBOX IDC_DRIVE_LETTER_LIST,94,15,38,69,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP - RTEXT "Drive letter:",IDT_DRIVE_LETTER,5,17,86,8 -END - -IDD_PIM_PAGE_DLG DIALOGEX 0, 0, 226, 172 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - EDITTEXT IDC_PIM,53,0,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER - LTEXT "",IDC_BOX_HELP,0,32,225,126 - RTEXT "Volume PIM:",IDT_PIM,1,3,50,8 - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,97,3,126,8 - LTEXT "Information on PIM",IDC_LINK_PIM_INFO,0,161,213,8,SS_NOTIFY - CONTROL "Display PIM",IDC_SHOW_PIM,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,53,17,150,10 -END - - -#ifdef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// TEXTINCLUDE -// - -1 TEXTINCLUDE -BEGIN - "resource.h\0" -END - -2 TEXTINCLUDE -BEGIN - "#include ""afxres.h""\r\n" - "#include ""..\\\\common\\\\resource.h""\r\n" - "\0" -END - -3 TEXTINCLUDE -BEGIN - "#include ""..\\\\common\\\\common.rc""\r\n" - "\0" -END - -#endif // APSTUDIO_INVOKED - - -///////////////////////////////////////////////////////////////////////////// -// -// DESIGNINFO -// - -#ifdef APSTUDIO_INVOKED -GUIDELINES DESIGNINFO -BEGIN - IDD_VOL_CREATION_WIZARD_DLG, DIALOG - BEGIN - RIGHTMARGIN, 393 - TOPMARGIN, 1 - BOTTOMMARGIN, 227 - HORZGUIDE, 216 - END - - IDD_CIPHER_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 223 - BOTTOMMARGIN, 161 - END - - IDD_PASSWORD_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 223 - BOTTOMMARGIN, 143 - END - - IDD_SIZE_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 223 - BOTTOMMARGIN, 165 - END - - IDD_VOLUME_LOCATION_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 223 - BOTTOMMARGIN, 167 - END - - IDD_FORMAT_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 217 - BOTTOMMARGIN, 153 - HORZGUIDE, 80 - HORZGUIDE, 96 - END - - IDD_INTRO_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_INFO_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_HIDVOL_HOST_FILL_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_HIDDEN_VOL_WIZARD_MODE_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_PASSWORD_ENTRY_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 223 - BOTTOMMARGIN, 143 - END - - IDD_VOLUME_TYPE_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_SYSENC_SPAN_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_SYSENC_RESCUE_DISK_CREATION_DLG, DIALOG - BEGIN - RIGHTMARGIN, 223 - BOTTOMMARGIN, 167 - END - - IDD_SYSENC_COLLECTING_RANDOM_DATA_DLG, DIALOG - BEGIN - RIGHTMARGIN, 217 - BOTTOMMARGIN, 153 - HORZGUIDE, 80 - HORZGUIDE, 96 - END - - IDD_SYSENC_MULTI_BOOT_MODE_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_SYSENC_RESCUE_DISK_BURN_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 223 - BOTTOMMARGIN, 167 - END - - IDD_SYSENC_WIPE_MODE_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_INPLACE_ENCRYPTION_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 217 - BOTTOMMARGIN, 166 - HORZGUIDE, 80 - HORZGUIDE, 96 - END - - IDD_SYSENC_KEYS_GEN_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 217 - BOTTOMMARGIN, 153 - HORZGUIDE, 80 - HORZGUIDE, 96 - END - - IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_SYSENC_DRIVE_ANALYSIS_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 217 - BOTTOMMARGIN, 153 - HORZGUIDE, 80 - HORZGUIDE, 96 - END - - IDD_SYSENC_TYPE_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 223 - BOTTOMMARGIN, 167 - END - - IDD_DEVICE_WIPE_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 217 - BOTTOMMARGIN, 166 - HORZGUIDE, 80 - HORZGUIDE, 96 - END - - IDD_DEVICE_WIPE_MODE_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_DEVICE_TRANSFORM_MODE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_EXPANDED_LIST_SELECT_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_DRIVE_LETTER_SELECTION_PAGE, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 219 - TOPMARGIN, 7 - BOTTOMMARGIN, 165 - END - - IDD_PIM_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 223 - BOTTOMMARGIN, 171 - END -END -#endif // APSTUDIO_INVOKED - - -///////////////////////////////////////////////////////////////////////////// -// -// Bitmap -// - -IDB_WIZARD BITMAP "VeraCrypt_wizard.bmp" - -///////////////////////////////////////////////////////////////////////////// -// -// String Table -// - -STRINGTABLE -BEGIN - IDS_UACSTRING_FMT "VeraCrypt" -END - -#endif // English (U.S.) resources -///////////////////////////////////////////////////////////////////////////// - - - -#ifndef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 3 resource. -// -#include "..\\common\\common.rc" - -///////////////////////////////////////////////////////////////////////////// -#endif // not APSTUDIO_INVOKED - +// Microsoft Visual C++ generated resource script. +// +#include "resource.h" + +#define APSTUDIO_READONLY_SYMBOLS +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 2 resource. +// +#include "afxres.h" +#include "..\\common\\resource.h" + +///////////////////////////////////////////////////////////////////////////// +#undef APSTUDIO_READONLY_SYMBOLS + +///////////////////////////////////////////////////////////////////////////// +// English (U.S.) resources + +#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU) +#ifdef _WIN32 +LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US +#pragma code_page(1252) +#endif //_WIN32 + +///////////////////////////////////////////////////////////////////////////// +// +// Version +// + +VS_VERSION_INFO VERSIONINFO + FILEVERSION 1,17,22,0 + PRODUCTVERSION 1,17,22,0 + FILEFLAGSMASK 0x17L +#ifdef _DEBUG + FILEFLAGS 0x1L +#else + FILEFLAGS 0x0L +#endif + FILEOS 0x4L + FILETYPE 0x1L + FILESUBTYPE 0x0L +BEGIN + BLOCK "StringFileInfo" + BEGIN + BLOCK "040904b0" + BEGIN + VALUE "CompanyName", "IDRIX" + VALUE "FileDescription", "VeraCrypt Format" + VALUE "FileVersion", "1.17" + VALUE "LegalTrademarks", "VeraCrypt" + VALUE "OriginalFilename", "VeraCrypt Format.exe" + VALUE "ProductName", "VeraCrypt" + VALUE "ProductVersion", "1.17" + END + END + BLOCK "VarFileInfo" + BEGIN + VALUE "Translation", 0x409, 1200 + END +END + + +///////////////////////////////////////////////////////////////////////////// +// +// HEADER +// + +IDR_FORMAT_RSRC_HEADER HEADER "resource.h" + +///////////////////////////////////////////////////////////////////////////// +// +// TYPELIB +// + +IDR_FORMAT_TLB TYPELIB "Format.tlb" + +///////////////////////////////////////////////////////////////////////////// +// +// Dialog +// + +IDD_VOL_CREATION_WIZARD_DLG DIALOGEX 0, 0, 400, 229 +STYLE DS_SETFONT | DS_SETFOREGROUND | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt Volume Creation Wizard" +CLASS "VeraCryptCustomDlg" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + PUSHBUTTON "&Help",IDHELP,176,209,50,14 + PUSHBUTTON "",IDC_PREV,235,209,50,14 + DEFPUSHBUTTON "",IDC_NEXT,285,209,50,14 + PUSHBUTTON "Cancel",IDCANCEL,343,209,50,14 + LTEXT "",IDC_BOX_TITLE,160,8,233,17 + GROUPBOX "",IDC_STATIC,4,0,392,203 + CONTROL 116,IDC_BITMAP_WIZARD,"Static",SS_BITMAP | SS_SUNKEN,10,9,137,169 + LTEXT "",IDC_POS_BOX,160,24,231,172 +END + +IDD_CIPHER_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + COMBOBOX IDC_COMBO_BOX,7,23,137,126,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP + PUSHBUTTON "&Test",IDC_CIPHER_TEST,149,22,59,14 + PUSHBUTTON "&Benchmark",IDC_BENCHMARK,149,100,59,14 + COMBOBOX IDC_COMBO_BOX_HASH_ALGO,7,137,83,126,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP + LTEXT "",IDC_BOX_HELP,7,40,205,58 + GROUPBOX "Encryption Algorithm",IDT_ENCRYPTION_ALGO,0,10,217,111 + GROUPBOX "Hash Algorithm",IDT_HASH_ALGO,0,124,217,35 + LTEXT "More information",IDC_LINK_MORE_INFO_ABOUT_CIPHER,7,102,135,10,SS_NOTIFY + LTEXT "Information on hash algorithms",IDC_LINK_HASH_INFO,97,139,115,8,SS_NOTIFY +END + +IDD_PASSWORD_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + EDITTEXT IDC_PASSWORD,53,3,170,14,ES_PASSWORD | ES_AUTOHSCROLL + EDITTEXT IDC_VERIFY,53,19,170,14,ES_PASSWORD | ES_AUTOHSCROLL + CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,53,35,95,10 + PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,152,36,71,14,WS_DISABLED + CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,53,45,95,11,WS_EX_TRANSPARENT + CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,53,56,97,10 + RTEXT "Password:",IDT_PASSWORD,1,6,50,8 + RTEXT "&Confirm:",IDT_CONFIRM,1,23,50,8 + LTEXT "",IDC_BOX_HELP,0,71,225,97 +END + +IDD_SIZE_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + EDITTEXT IDC_SIZEBOX,0,22,71,14,ES_AUTOHSCROLL | ES_NUMBER + CONTROL "&KB",IDC_KB,"Button",BS_AUTORADIOBUTTON | WS_GROUP | WS_TABSTOP,80,25,27,10 + CONTROL "&MB",IDC_MB,"Button",BS_AUTORADIOBUTTON,115,25,27,10 + CONTROL "&GB",IDC_GB,"Button",BS_AUTORADIOBUTTON,150,25,27,10 + LTEXT "",IDC_BOX_HELP,0,84,214,75 + LTEXT "",IDC_SPACE_LEFT,0,44,214,33 + CONTROL "&TB",IDC_TB,"Button",BS_AUTORADIOBUTTON,185,25,27,10 +END + +IDD_VOLUME_LOCATION_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + COMBOBOX IDC_COMBO_BOX,0,9,148,80,CBS_DROPDOWN | CBS_AUTOHSCROLL | WS_VSCROLL | WS_TABSTOP + CONTROL "&Never save history",IDC_NO_HISTORY,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,3,28,213,10 + PUSHBUTTON "",IDC_SELECT_VOLUME_LOCATION,155,9,62,14 + LTEXT "",IDC_BOX_HELP,0,42,219,125 +END + +IDD_FORMAT_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + COMBOBOX IDC_FILESYS,43,13,36,90,CBS_DROPDOWNLIST | WS_TABSTOP + COMBOBOX IDC_CLUSTERSIZE,112,13,42,90,CBS_DROPDOWNLIST | WS_TABSTOP + CONTROL "Quick Format",IDC_QUICKFORMAT,"Button",BS_AUTOCHECKBOX | BS_MULTILINE | WS_TABSTOP,163,11,60,18 + CONTROL "",IDC_SHOW_KEYS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,214,38,9,8 + PUSHBUTTON "Abort",IDC_ABORT_BUTTON,169,75,50,14 + RTEXT "Header Key: ",IDT_HEADER_KEY,2,47,54,8 + CONTROL "",IDC_HEADER_KEY,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,57,46,163,8,WS_EX_TRANSPARENT + RTEXT "Master Key: ",IDT_MASTER_KEY,2,55,54,8 + LTEXT "",IDC_DISK_KEY,57,54,163,8,0,WS_EX_TRANSPARENT + RTEXT "Cluster ",IDT_CLUSTER,80,15,32,8 + LTEXT "",IDC_BOX_HELP,1,112,224,40 + GROUPBOX "Options",IDT_FORMAT_OPTIONS,0,3,225,29 + CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,6,76,158,12 + RTEXT "",IDC_TIMEREMAIN,177,93,42,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE + RTEXT "",IDC_WRITESPEED,106,93,42,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE + LTEXT "",IDC_BYTESWRITTEN,29,93,39,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE + RTEXT "Done",IDT_DONE,5,94,22,8 + RTEXT "Speed",IDT_SPEED,70,94,34,8 + RTEXT "Left",IDT_LEFT,150,94,25,8 + GROUPBOX "",IDC_STATIC,0,67,225,41 + RTEXT "Filesystem ",IDT_FILESYSTEM,1,15,41,8,0,WS_EX_RIGHT + RTEXT "Random Pool: ",IDT_RANDOM_POOL,2,39,54,8 + GROUPBOX "",IDC_STATIC,0,32,225,35 + CONTROL "",IDC_RANDOM_BYTES,"Static",SS_SIMPLE | WS_GROUP,57,38,155,8,WS_EX_TRANSPARENT + GROUPBOX "Randomness Collected From Mouse Movements",IDT_ENTROPY_BAR,0,153,224,18 + CONTROL "",IDC_ENTROPY_BAR,"msctls_progress32",WS_BORDER,11,162,202,6 +END + +IDD_INTRO_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "Create an encrypted file container",IDC_FILE_CONTAINER, + "Button",BS_AUTORADIOBUTTON,0,7,217,10 + LTEXT "More information",IDC_MORE_INFO_ON_CONTAINERS,16,40,165,10,SS_NOTIFY + CONTROL "Encrypt a non-system partition/drive",IDC_NONSYS_DEVICE, + "Button",BS_AUTORADIOBUTTON,0,53,217,10 + CONTROL "Encrypt the system partition or entire system drive",IDC_SYS_DEVICE, + "Button",BS_AUTORADIOBUTTON,0,89,217,10 + LTEXT "More information about system encryption",IDC_MORE_INFO_ON_SYS_ENCRYPTION,16,153,190,10,SS_NOTIFY + LTEXT "Creates a virtual encrypted disk within a file. Recommended for inexperienced users.",IDT_FILE_CONTAINER,16,20,205,16 + LTEXT "Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume.",IDT_NON_SYS_DEVICE,16,66,205,20 + LTEXT "Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system.",IDT_SYS_DEVICE,16,102,205,47 +END + +IDD_INFO_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + LTEXT "",IDC_BOX_HELP,0,10,225,155 +END + +IDD_HIDVOL_HOST_FILL_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + LTEXT "",IDC_BOX_HELP,0,6,226,138 + PUSHBUTTON "Open Outer Volume",IDC_OPEN_OUTER_VOLUME,0,146,85,14 +END + +IDD_HIDDEN_VOL_WIZARD_MODE_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "Normal mode",IDC_HIDVOL_WIZ_MODE_FULL,"Button",BS_AUTORADIOBUTTON,0,7,217,10 + CONTROL "Direct mode",IDC_HIDVOL_WIZ_MODE_DIRECT,"Button",BS_AUTORADIOBUTTON,0,87,217,10 + LTEXT "",IDC_BOX_HELP,16,20,205,63 + LTEXT "",IDC_BOX_HELP2,16,101,205,59 +END + +IDD_PASSWORD_ENTRY_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + EDITTEXT IDC_PASSWORD_DIRECT,50,2,173,14,ES_PASSWORD | ES_AUTOHSCROLL + COMBOBOX IDC_PKCS5_PRF_ID,50,17,104,90,CBS_DROPDOWNLIST | WS_TABSTOP + EDITTEXT IDC_PIM,50,32,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE + LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,96,34,127,8,NOT WS_VISIBLE + CONTROL "&Display password",IDC_SHOW_PASSWORD_SINGLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,50,46,84,11,WS_EX_TRANSPARENT + CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,50,57,94,11 + PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,149,54,74,14 + LTEXT "",IDC_BOX_HELP,0,74,225,94 + RTEXT "Password:",IDT_PASSWORD,0,6,48,8 + RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,19,48,8 + RTEXT "Volume PIM:",IDT_PIM,0,35,48,8,NOT WS_VISIBLE + CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,50,35,97,10 +END + +IDD_VOLUME_TYPE_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "Standard VeraCrypt volume",IDC_STD_VOL,"Button",BS_AUTORADIOBUTTON,0,7,212,10 + CONTROL "Hi&dden VeraCrypt volume ",IDC_HIDDEN_VOL,"Button",BS_AUTORADIOBUTTON,0,68,212,10 + LTEXT "More information about hidden volumes",IDC_HIDDEN_VOL_HELP,16,151,205,10,SS_NOTIFY + LTEXT "",IDC_BOX_HELP_NORMAL_VOL,16,20,205,41 + LTEXT "",IDC_BOX_HELP,16,83,205,62 +END + +IDD_SYSENC_SPAN_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "Encrypt the Windows system partition",IDC_SYS_PARTITION, + "Button",BS_AUTORADIOBUTTON,0,7,212,10 + CONTROL "Encrypt the whole drive",IDC_WHOLE_SYS_DRIVE,"Button",BS_AUTORADIOBUTTON,0,53,212,10 + LTEXT "Select this option to encrypt the partition where the currently running Windows operating system is installed.",IDT_SYS_PARTITION,16,20,205,32 + LTEXT "",IDT_WHOLE_SYS_DRIVE,16,70,205,95 +END + +IDD_SYSENC_RESCUE_DISK_CREATION_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + EDITTEXT IDC_RESCUE_DISK_ISO_PATH,0,159,163,13,ES_AUTOHSCROLL + PUSHBUTTON "Bro&wse...",IDC_BROWSE,166,158,59,14 + LTEXT "",IDT_RESCUE_DISK_INFO,0,1,225,137 + CONTROL "Skip Rescue Disk verification",IDC_SKIP_RESCUE_VERIFICATION, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,0,145,106,10 +END + +IDD_SYSENC_COLLECTING_RANDOM_DATA_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + CONTROL "Display pool content",IDC_DISPLAY_POOL_CONTENTS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,1,98,122,10 + CONTROL "",IDC_SYS_POOL_CONTENTS,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,8,14,205,72,WS_EX_TRANSPARENT + LTEXT "IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue.",IDT_COLLECTING_RANDOM_DATA_NOTE,1,112,224,40 + GROUPBOX "Current pool content (partial)",IDT_PARTIAL_POOL_CONTENTS,0,5,222,88 + GROUPBOX "Randomness Collected From Mouse Movements",IDT_ENTROPY_BAR,0,154,224,18 + CONTROL "",IDC_ENTROPY_BAR,"msctls_progress32",WS_BORDER,11,163,202,6 +END + +IDD_SYSENC_MULTI_BOOT_MODE_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "Single-boot",IDC_SINGLE_BOOT,"Button",BS_AUTORADIOBUTTON,0,7,212,10 + CONTROL "Multi-boot",IDC_MULTI_BOOT,"Button",BS_AUTORADIOBUTTON,0,53,217,10 + LTEXT "Select this option if there is only one operating system installed on this computer (even if it has multiple users).",IDT_SINGLE_BOOT,16,20,205,32 + LTEXT "Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X",IDT_MULTI_BOOT,16,66,205,72 +END + +IDD_SYSENC_RESCUE_DISK_BURN_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + LTEXT "Download CD/DVD recording software",IDC_DOWNLOAD_CD_BURN_SOFTWARE,0,136,217,10,SS_NOTIFY + LTEXT "",IDT_RESCUE_DISK_BURN_INFO,0,4,225,128 +END + +IDD_SYSENC_WIPE_MODE_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + COMBOBOX IDC_WIPE_MODE,61,0,127,90,CBS_DROPDOWNLIST | WS_TABSTOP + RTEXT "Wipe mode:",IDT_WIPE_MODE,0,2,59,8,0,WS_EX_RIGHT + LTEXT "",IDT_WIPE_MODE_INFO,0,19,225,128 +END + +IDD_INPLACE_ENCRYPTION_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + COMBOBOX IDC_WIPE_MODE,67,13,125,90,CBS_DROPDOWNLIST | WS_TABSTOP + PUSHBUTTON "&Pause",IDC_PAUSE,169,40,50,14 + LTEXT "More information",IDC_MORE_INFO_SYS_ENCRYPTION,1,150,202,10,SS_NOTIFY + LTEXT "",IDC_BYTESWRITTEN,29,58,39,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE + RTEXT "",IDC_WRITESPEED,103,58,46,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE + RTEXT "",IDC_TIMEREMAIN,177,58,42,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE + RTEXT "Wipe mode:",IDT_WIPE_MODE,6,15,59,8,0,WS_EX_RIGHT + CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,6,41,158,12 + RTEXT "Done",IDT_DONE,5,59,22,8 + RTEXT "Status",IDT_STATUS,72,59,29,8 + RTEXT "Left",IDT_LEFT,151,59,24,8 + LTEXT "",IDC_BOX_HELP,1,77,224,70 + GROUPBOX "Options",IDT_FORMAT_OPTIONS,0,3,225,29 + GROUPBOX "",IDC_STATIC,0,32,225,41 +END + +IDD_SYSENC_KEYS_GEN_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + CONTROL "Display generated keys (their portions)",IDC_DISPLAY_KEYS, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,1,94,216,10 + CONTROL "",IDC_HEADER_KEY,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,57,71,163,8,WS_EX_TRANSPARENT + LTEXT "",IDC_DISK_KEY,57,79,163,8,0,WS_EX_TRANSPARENT + LTEXT "The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue.",IDT_SYSENC_KEYS_GEN_INFO,1,23,224,41 + RTEXT "Header Key: ",IDT_HEADER_KEY,2,72,54,8 + RTEXT "Master Key: ",IDT_MASTER_KEY,2,80,54,8 + GROUPBOX "",-1,0,65,225,26 +END + +IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "",IDC_CHOICE1,"Button",BS_AUTORADIOBUTTON,0,7,212,10 + CONTROL "",IDC_CHOICE2,"Button",BS_AUTORADIOBUTTON,0,17,217,10 + LTEXT "",IDC_BOX_HELP,1,34,220,112 +END + +IDD_SYSENC_DRIVE_ANALYSIS_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + LTEXT "",IDT_SYSENC_DRIVE_ANALYSIS_INFO,2,10,215,88 + CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,1,115,216,12 + LTEXT "Progress:",IDT_PROGRESS,2,104,57,8 +END + +IDD_SYSENC_TYPE_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "Normal",IDC_SYSENC_NORMAL,"Button",BS_AUTORADIOBUTTON,0,7,212,10 + CONTROL "Hi&dden",IDC_SYSENC_HIDDEN,"Button",BS_AUTORADIOBUTTON,0,53,212,10 + LTEXT "More information",IDC_HIDDEN_SYSENC_INFO_LINK,16,148,205,10,SS_NOTIFY + LTEXT "",IDC_BOX_HELP_SYSENC_NORMAL,16,20,205,25 + LTEXT "",IDC_BOX_HELP,16,67,205,72 +END + +IDD_SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + LTEXT "More information",IDC_HIDDEN_SYSENC_INFO_LINK,0,150,217,10,SS_NOTIFY + LTEXT "",IDC_BOX_HELP,0,2,225,142 +END + +IDD_DEVICE_WIPE_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + PUSHBUTTON "Abort",IDC_ABORT_BUTTON,169,48,50,14 + LTEXT "",IDC_BYTESWRITTEN,29,66,39,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE + RTEXT "",IDC_WRITESPEED,103,66,46,11,SS_CENTERIMAGE | NOT WS_VISIBLE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE + RTEXT "",IDC_TIMEREMAIN,177,66,42,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_RIGHT | WS_EX_STATICEDGE + RTEXT "Wipe mode:",IDT_WIPE_MODE,6,22,59,8,0,WS_EX_RIGHT + CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,6,49,158,12 + RTEXT "Done",IDT_DONE,5,67,22,8 + RTEXT "Pass",IDT_PASS,72,67,29,8,NOT WS_VISIBLE + RTEXT "Left",IDT_LEFT,151,67,24,8 + LTEXT "",IDC_BOX_HELP,1,86,224,80 + GROUPBOX "",IDT_FORMAT_OPTIONS,0,10,225,29 + GROUPBOX "",IDC_STATIC,0,40,225,42 + LTEXT "",IDC_WIPE_MODE,67,21,125,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_STATICEDGE +END + +IDD_DEVICE_WIPE_MODE_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + COMBOBOX IDC_WIPE_MODE,61,9,127,90,CBS_DROPDOWNLIST | WS_TABSTOP + RTEXT "Wipe mode:",IDT_WIPE_MODE,0,11,59,8,0,WS_EX_RIGHT + LTEXT "",IDT_WIPE_MODE_INFO,0,29,225,122 +END + +IDD_DEVICE_TRANSFORM_MODE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "Create encrypted volume and format it",IDC_DEVICE_TRANSFORM_MODE_FORMAT, + "Button",BS_AUTORADIOBUTTON,0,8,217,10 + CONTROL "Encrypt partition in place",IDC_DEVICE_TRANSFORM_MODE_INPLACE, + "Button",BS_AUTORADIOBUTTON,0,98,217,10 + LTEXT "",IDC_BOX_HELP,16,21,205,74 + LTEXT "",IDC_BOX_HELP2,16,112,205,53 +END + +IDD_EXPANDED_LIST_SELECT_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + LTEXT "",IDC_BOX_HELP,0,107,225,58 + LISTBOX IDC_LIST_BOX,0,3,222,100,LBS_NOINTEGRALHEIGHT | LBS_DISABLENOSCROLL | WS_VSCROLL +END + +IDD_DRIVE_LETTER_SELECTION_PAGE DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + LTEXT "",IDC_BOX_HELP,0,40,225,118 + COMBOBOX IDC_DRIVE_LETTER_LIST,94,15,38,69,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP + RTEXT "Drive letter:",IDT_DRIVE_LETTER,5,17,86,8 +END + +IDD_PIM_PAGE_DLG DIALOGEX 0, 0, 226, 172 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + EDITTEXT IDC_PIM,53,0,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER + LTEXT "",IDC_BOX_HELP,0,32,225,126 + RTEXT "Volume PIM:",IDT_PIM,1,3,50,8 + LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,97,3,126,8 + LTEXT "Information on PIM",IDC_LINK_PIM_INFO,0,161,213,8,SS_NOTIFY + CONTROL "Display PIM",IDC_SHOW_PIM,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,53,17,150,10 +END + + +#ifdef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// TEXTINCLUDE +// + +1 TEXTINCLUDE +BEGIN + "resource.h\0" +END + +2 TEXTINCLUDE +BEGIN + "#include ""afxres.h""\r\n" + "#include ""..\\\\common\\\\resource.h""\r\n" + "\0" +END + +3 TEXTINCLUDE +BEGIN + "#include ""..\\\\common\\\\common.rc""\r\n" + "\0" +END + +#endif // APSTUDIO_INVOKED + + +///////////////////////////////////////////////////////////////////////////// +// +// DESIGNINFO +// + +#ifdef APSTUDIO_INVOKED +GUIDELINES DESIGNINFO +BEGIN + IDD_VOL_CREATION_WIZARD_DLG, DIALOG + BEGIN + RIGHTMARGIN, 393 + TOPMARGIN, 1 + BOTTOMMARGIN, 227 + HORZGUIDE, 216 + END + + IDD_CIPHER_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 223 + BOTTOMMARGIN, 161 + END + + IDD_PASSWORD_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 223 + BOTTOMMARGIN, 143 + END + + IDD_SIZE_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 223 + BOTTOMMARGIN, 165 + END + + IDD_VOLUME_LOCATION_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 223 + BOTTOMMARGIN, 167 + END + + IDD_FORMAT_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 217 + BOTTOMMARGIN, 153 + HORZGUIDE, 80 + HORZGUIDE, 96 + END + + IDD_INTRO_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_INFO_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_HIDVOL_HOST_FILL_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_HIDDEN_VOL_WIZARD_MODE_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_PASSWORD_ENTRY_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 223 + BOTTOMMARGIN, 143 + END + + IDD_VOLUME_TYPE_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_SYSENC_SPAN_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_SYSENC_RESCUE_DISK_CREATION_DLG, DIALOG + BEGIN + RIGHTMARGIN, 223 + BOTTOMMARGIN, 167 + END + + IDD_SYSENC_COLLECTING_RANDOM_DATA_DLG, DIALOG + BEGIN + RIGHTMARGIN, 217 + BOTTOMMARGIN, 153 + HORZGUIDE, 80 + HORZGUIDE, 96 + END + + IDD_SYSENC_MULTI_BOOT_MODE_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_SYSENC_RESCUE_DISK_BURN_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 223 + BOTTOMMARGIN, 167 + END + + IDD_SYSENC_WIPE_MODE_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_INPLACE_ENCRYPTION_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 217 + BOTTOMMARGIN, 166 + HORZGUIDE, 80 + HORZGUIDE, 96 + END + + IDD_SYSENC_KEYS_GEN_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 217 + BOTTOMMARGIN, 153 + HORZGUIDE, 80 + HORZGUIDE, 96 + END + + IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_SYSENC_DRIVE_ANALYSIS_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 217 + BOTTOMMARGIN, 153 + HORZGUIDE, 80 + HORZGUIDE, 96 + END + + IDD_SYSENC_TYPE_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 223 + BOTTOMMARGIN, 167 + END + + IDD_DEVICE_WIPE_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 217 + BOTTOMMARGIN, 166 + HORZGUIDE, 80 + HORZGUIDE, 96 + END + + IDD_DEVICE_WIPE_MODE_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_DEVICE_TRANSFORM_MODE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_EXPANDED_LIST_SELECT_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_DRIVE_LETTER_SELECTION_PAGE, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 219 + TOPMARGIN, 7 + BOTTOMMARGIN, 165 + END + + IDD_PIM_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 223 + BOTTOMMARGIN, 171 + END +END +#endif // APSTUDIO_INVOKED + + +///////////////////////////////////////////////////////////////////////////// +// +// Bitmap +// + +IDB_WIZARD BITMAP "VeraCrypt_wizard.bmp" + +///////////////////////////////////////////////////////////////////////////// +// +// String Table +// + +STRINGTABLE +BEGIN + IDS_UACSTRING_FMT "VeraCrypt" +END + +#endif // English (U.S.) resources +///////////////////////////////////////////////////////////////////////////// + + + +#ifndef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 3 resource. +// +#include "..\\common\\common.rc" + +///////////////////////////////////////////////////////////////////////////// +#endif // not APSTUDIO_INVOKED + diff --git a/src/Format/Format.vcproj b/src/Format/Format.vcproj index b8747baf..9fa108bc 100644 --- a/src/Format/Format.vcproj +++ b/src/Format/Format.vcproj @@ -1,1028 +1,1028 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/Format/FormatCom.cpp b/src/Format/FormatCom.cpp index 2dd5fa79..8ba2372f 100644 --- a/src/Format/FormatCom.cpp +++ b/src/Format/FormatCom.cpp @@ -1,248 +1,248 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include -#include -#include -#include -#include "BaseCom.h" -#include "BootEncryption.h" -#include "Dlgcode.h" -#include "Format.h" -#include "Progress.h" -#include "TcFormat.h" -#include "FormatCom.h" -#include "FormatCom_h.h" -#include "FormatCom_i.c" - -using namespace VeraCrypt; - -static volatile LONG ObjectCount = 0; - -class TrueCryptFormatCom : public ITrueCryptFormatCom -{ - -public: - TrueCryptFormatCom (DWORD messageThreadId) : RefCount (0), - MessageThreadId (messageThreadId), - CallBack (NULL) - { - InterlockedIncrement (&ObjectCount); - } - - virtual ~TrueCryptFormatCom () - { - if (InterlockedDecrement (&ObjectCount) == 0) - PostThreadMessage (MessageThreadId, WM_APP, 0, 0); - } - - virtual ULONG STDMETHODCALLTYPE AddRef () - { - return InterlockedIncrement (&RefCount); - } - - virtual ULONG STDMETHODCALLTYPE Release () - { - if (!InterlockedDecrement (&RefCount)) - { - delete this; - return 0; - } - - return RefCount; - } - - virtual HRESULT STDMETHODCALLTYPE QueryInterface (REFIID riid, void **ppvObject) - { - if (riid == IID_IUnknown || riid == IID_ITrueCryptFormatCom) - *ppvObject = this; - else - { - *ppvObject = NULL; - return E_NOINTERFACE; - } - - AddRef (); - return S_OK; - } - - virtual DWORD STDMETHODCALLTYPE CallDriver (DWORD ioctl, BSTR input, BSTR *output) - { - return BaseCom::CallDriver (ioctl, input, output); - } - - virtual DWORD STDMETHODCALLTYPE CopyFile (BSTR sourceFile, BSTR destinationFile) - { - return BaseCom::CopyFile (sourceFile, destinationFile); - } - - virtual DWORD STDMETHODCALLTYPE DeleteFile (BSTR file) - { - return BaseCom::DeleteFile (file); - } - - virtual BOOL STDMETHODCALLTYPE FormatNtfs (int driveNo, int clusterSize) - { - return ::FormatNtfs (driveNo, clusterSize); - } - - virtual int STDMETHODCALLTYPE AnalyzeHiddenVolumeHost ( - LONG_PTR hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *nbrFreeClusters) - { - return ::AnalyzeHiddenVolumeHost ( - (HWND) hwndDlg, driveNo, hiddenVolHostSize, realClusterSize, nbrFreeClusters); - } - - virtual DWORD STDMETHODCALLTYPE ReadWriteFile (BOOL write, BOOL device, BSTR filePath, BSTR *bufferBstr, unsigned __int64 offset, unsigned __int32 size, DWORD *sizeDone) - { - return BaseCom::ReadWriteFile (write, device, filePath, bufferBstr, offset, size, sizeDone); - } - - virtual DWORD STDMETHODCALLTYPE RegisterFilterDriver (BOOL registerDriver, int filterType) - { - return BaseCom::RegisterFilterDriver (registerDriver, filterType); - } - - virtual DWORD STDMETHODCALLTYPE RegisterSystemFavoritesService (BOOL registerService) - { - return BaseCom::RegisterSystemFavoritesService (registerService); - } - - virtual DWORD STDMETHODCALLTYPE SetDriverServiceStartType (DWORD startType) - { - return BaseCom::SetDriverServiceStartType (startType); - } - - virtual BOOL STDMETHODCALLTYPE IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly) - { - return BaseCom::IsPagingFileActive (checkNonWindowsPartitionsOnly); - } - - virtual DWORD STDMETHODCALLTYPE WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value) - { - return BaseCom::WriteLocalMachineRegistryDwordValue (keyPath, valueName, value); - } - - virtual BOOL STDMETHODCALLTYPE FormatFs (int driveNo, int clusterSize, int fsType) - { - return ::FormatFs (driveNo, clusterSize, fsType); - } - -protected: - DWORD MessageThreadId; - LONG RefCount; - ITrueCryptFormatCom *CallBack; -}; - - -extern "C" BOOL ComServerFormat () -{ - SetProcessShutdownParameters (0x100, 0); - - TrueCryptFactory factory (GetCurrentThreadId ()); - DWORD cookie; - - if (IsUacSupported ()) - UacElevated = TRUE; - - if (CoRegisterClassObject (CLSID_TrueCryptFormatCom, (LPUNKNOWN) &factory, - CLSCTX_LOCAL_SERVER, REGCLS_SINGLEUSE, &cookie) != S_OK) - return FALSE; - - MSG msg; - while (int r = GetMessageW (&msg, NULL, 0, 0)) - { - if (r == -1) - return FALSE; - - TranslateMessage (&msg); - DispatchMessageW (&msg); - - if (msg.message == WM_APP - && ObjectCount < 1 - && !factory.IsServerLocked ()) - break; - } - CoRevokeClassObject (cookie); - - return TRUE; -} - - -static BOOL ComGetInstance (HWND hWnd, ITrueCryptFormatCom **tcServer) -{ - return ComGetInstanceBase (hWnd, CLSID_TrueCryptFormatCom, IID_ITrueCryptFormatCom, (void **) tcServer); -} - - -ITrueCryptFormatCom *GetElevatedInstance (HWND parent) -{ - ITrueCryptFormatCom *instance; - - if (!ComGetInstance (parent, &instance)) - throw UserAbort (SRC_POS); - - return instance; -} - - -extern "C" int UacFormatNtfs (HWND hWnd, int driveNo, int clusterSize) -{ - CComPtr tc; - int r; - - CoInitialize (NULL); - - if (ComGetInstance (hWnd, &tc)) - r = tc->FormatNtfs (driveNo, clusterSize); - else - r = 0; - - CoUninitialize (); - - return r; -} - -extern "C" int UacFormatFs (HWND hWnd, int driveNo, int clusterSize, int fsType) -{ - CComPtr tc; - int r; - - CoInitialize (NULL); - - if (ComGetInstance (hWnd, &tc)) - r = tc->FormatFs (driveNo, clusterSize, fsType); - else - r = 0; - - CoUninitialize (); - - return r; -} - - -extern "C" int UacAnalyzeHiddenVolumeHost (HWND hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *nbrFreeClusters) -{ - CComPtr tc; - int r; - - CoInitialize (NULL); - - if (ComGetInstance (hwndDlg, &tc)) - r = tc->AnalyzeHiddenVolumeHost ((LONG_PTR) hwndDlg, driveNo, hiddenVolHostSize, realClusterSize, nbrFreeClusters); - else - r = 0; - - CoUninitialize (); - - return r; -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include +#include +#include +#include +#include "BaseCom.h" +#include "BootEncryption.h" +#include "Dlgcode.h" +#include "Format.h" +#include "Progress.h" +#include "TcFormat.h" +#include "FormatCom.h" +#include "FormatCom_h.h" +#include "FormatCom_i.c" + +using namespace VeraCrypt; + +static volatile LONG ObjectCount = 0; + +class TrueCryptFormatCom : public ITrueCryptFormatCom +{ + +public: + TrueCryptFormatCom (DWORD messageThreadId) : RefCount (0), + MessageThreadId (messageThreadId), + CallBack (NULL) + { + InterlockedIncrement (&ObjectCount); + } + + virtual ~TrueCryptFormatCom () + { + if (InterlockedDecrement (&ObjectCount) == 0) + PostThreadMessage (MessageThreadId, WM_APP, 0, 0); + } + + virtual ULONG STDMETHODCALLTYPE AddRef () + { + return InterlockedIncrement (&RefCount); + } + + virtual ULONG STDMETHODCALLTYPE Release () + { + if (!InterlockedDecrement (&RefCount)) + { + delete this; + return 0; + } + + return RefCount; + } + + virtual HRESULT STDMETHODCALLTYPE QueryInterface (REFIID riid, void **ppvObject) + { + if (riid == IID_IUnknown || riid == IID_ITrueCryptFormatCom) + *ppvObject = this; + else + { + *ppvObject = NULL; + return E_NOINTERFACE; + } + + AddRef (); + return S_OK; + } + + virtual DWORD STDMETHODCALLTYPE CallDriver (DWORD ioctl, BSTR input, BSTR *output) + { + return BaseCom::CallDriver (ioctl, input, output); + } + + virtual DWORD STDMETHODCALLTYPE CopyFile (BSTR sourceFile, BSTR destinationFile) + { + return BaseCom::CopyFile (sourceFile, destinationFile); + } + + virtual DWORD STDMETHODCALLTYPE DeleteFile (BSTR file) + { + return BaseCom::DeleteFile (file); + } + + virtual BOOL STDMETHODCALLTYPE FormatNtfs (int driveNo, int clusterSize) + { + return ::FormatNtfs (driveNo, clusterSize); + } + + virtual int STDMETHODCALLTYPE AnalyzeHiddenVolumeHost ( + LONG_PTR hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *nbrFreeClusters) + { + return ::AnalyzeHiddenVolumeHost ( + (HWND) hwndDlg, driveNo, hiddenVolHostSize, realClusterSize, nbrFreeClusters); + } + + virtual DWORD STDMETHODCALLTYPE ReadWriteFile (BOOL write, BOOL device, BSTR filePath, BSTR *bufferBstr, unsigned __int64 offset, unsigned __int32 size, DWORD *sizeDone) + { + return BaseCom::ReadWriteFile (write, device, filePath, bufferBstr, offset, size, sizeDone); + } + + virtual DWORD STDMETHODCALLTYPE RegisterFilterDriver (BOOL registerDriver, int filterType) + { + return BaseCom::RegisterFilterDriver (registerDriver, filterType); + } + + virtual DWORD STDMETHODCALLTYPE RegisterSystemFavoritesService (BOOL registerService) + { + return BaseCom::RegisterSystemFavoritesService (registerService); + } + + virtual DWORD STDMETHODCALLTYPE SetDriverServiceStartType (DWORD startType) + { + return BaseCom::SetDriverServiceStartType (startType); + } + + virtual BOOL STDMETHODCALLTYPE IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly) + { + return BaseCom::IsPagingFileActive (checkNonWindowsPartitionsOnly); + } + + virtual DWORD STDMETHODCALLTYPE WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value) + { + return BaseCom::WriteLocalMachineRegistryDwordValue (keyPath, valueName, value); + } + + virtual BOOL STDMETHODCALLTYPE FormatFs (int driveNo, int clusterSize, int fsType) + { + return ::FormatFs (driveNo, clusterSize, fsType); + } + +protected: + DWORD MessageThreadId; + LONG RefCount; + ITrueCryptFormatCom *CallBack; +}; + + +extern "C" BOOL ComServerFormat () +{ + SetProcessShutdownParameters (0x100, 0); + + TrueCryptFactory factory (GetCurrentThreadId ()); + DWORD cookie; + + if (IsUacSupported ()) + UacElevated = TRUE; + + if (CoRegisterClassObject (CLSID_TrueCryptFormatCom, (LPUNKNOWN) &factory, + CLSCTX_LOCAL_SERVER, REGCLS_SINGLEUSE, &cookie) != S_OK) + return FALSE; + + MSG msg; + while (int r = GetMessageW (&msg, NULL, 0, 0)) + { + if (r == -1) + return FALSE; + + TranslateMessage (&msg); + DispatchMessageW (&msg); + + if (msg.message == WM_APP + && ObjectCount < 1 + && !factory.IsServerLocked ()) + break; + } + CoRevokeClassObject (cookie); + + return TRUE; +} + + +static BOOL ComGetInstance (HWND hWnd, ITrueCryptFormatCom **tcServer) +{ + return ComGetInstanceBase (hWnd, CLSID_TrueCryptFormatCom, IID_ITrueCryptFormatCom, (void **) tcServer); +} + + +ITrueCryptFormatCom *GetElevatedInstance (HWND parent) +{ + ITrueCryptFormatCom *instance; + + if (!ComGetInstance (parent, &instance)) + throw UserAbort (SRC_POS); + + return instance; +} + + +extern "C" int UacFormatNtfs (HWND hWnd, int driveNo, int clusterSize) +{ + CComPtr tc; + int r; + + CoInitialize (NULL); + + if (ComGetInstance (hWnd, &tc)) + r = tc->FormatNtfs (driveNo, clusterSize); + else + r = 0; + + CoUninitialize (); + + return r; +} + +extern "C" int UacFormatFs (HWND hWnd, int driveNo, int clusterSize, int fsType) +{ + CComPtr tc; + int r; + + CoInitialize (NULL); + + if (ComGetInstance (hWnd, &tc)) + r = tc->FormatFs (driveNo, clusterSize, fsType); + else + r = 0; + + CoUninitialize (); + + return r; +} + + +extern "C" int UacAnalyzeHiddenVolumeHost (HWND hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *nbrFreeClusters) +{ + CComPtr tc; + int r; + + CoInitialize (NULL); + + if (ComGetInstance (hwndDlg, &tc)) + r = tc->AnalyzeHiddenVolumeHost ((LONG_PTR) hwndDlg, driveNo, hiddenVolHostSize, realClusterSize, nbrFreeClusters); + else + r = 0; + + CoUninitialize (); + + return r; +} diff --git a/src/Format/FormatCom.h b/src/Format/FormatCom.h index e79cd9cc..3d545b20 100644 --- a/src/Format/FormatCom.h +++ b/src/Format/FormatCom.h @@ -1,37 +1,37 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_FORMAT_COM -#define TC_HEADER_FORMAT_COM - -#include - -#ifdef __cplusplus - -#include "FormatCom_h.h" -ITrueCryptFormatCom *GetElevatedInstance (HWND parent); - -extern "C" { -#endif - -BOOL ComServerFormat (); -int UacFormatNtfs (HWND hWnd, int driveNo, int clusterSize); -int UacFormatFs (HWND hWnd, int driveNo, int clusterSize, int fsType); -int UacAnalyzeHiddenVolumeHost (HWND hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *nbrFreeClusters); -int UacFormatVolume (char *cvolumePath , BOOL bDevice , unsigned __int64 size , unsigned __int64 hiddenVolHostSize , Password *password , int cipher , int pkcs5 , BOOL quickFormat, BOOL sparseFileSwitch, int fileSystem , int clusterSize, HWND hwndDlg , BOOL hiddenVol , int *realClusterSize); -BOOL UacUpdateProgressBar (__int64 nSecNo, BOOL *bVolTransformThreadCancel); - -#ifdef __cplusplus -} -#endif - +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_FORMAT_COM +#define TC_HEADER_FORMAT_COM + +#include + +#ifdef __cplusplus + +#include "FormatCom_h.h" +ITrueCryptFormatCom *GetElevatedInstance (HWND parent); + +extern "C" { +#endif + +BOOL ComServerFormat (); +int UacFormatNtfs (HWND hWnd, int driveNo, int clusterSize); +int UacFormatFs (HWND hWnd, int driveNo, int clusterSize, int fsType); +int UacAnalyzeHiddenVolumeHost (HWND hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *nbrFreeClusters); +int UacFormatVolume (char *cvolumePath , BOOL bDevice , unsigned __int64 size , unsigned __int64 hiddenVolHostSize , Password *password , int cipher , int pkcs5 , BOOL quickFormat, BOOL sparseFileSwitch, int fileSystem , int clusterSize, HWND hwndDlg , BOOL hiddenVol , int *realClusterSize); +BOOL UacUpdateProgressBar (__int64 nSecNo, BOOL *bVolTransformThreadCancel); + +#ifdef __cplusplus +} +#endif + #endif // TC_HEADER_FORMAT_COM \ No newline at end of file diff --git a/src/Format/FormatCom.idl b/src/Format/FormatCom.idl index 5579d28d..764663b1 100644 --- a/src/Format/FormatCom.idl +++ b/src/Format/FormatCom.idl @@ -1,53 +1,53 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -import "wtypes.idl"; -import "..\Common\Password.h"; - -[ - uuid(56327DDA-F1A7-4e13-B128-520D129BDEF6), - helpstring("VeraCrypt Format UAC Support Library"), - version(2.5) // Update ComSetup.cpp when changing version number -] -library TrueCryptFormatCom -{ - [ - uuid(7AB357D9-A17F-466e-BCD6-F49E97C218D8), - object, - oleautomation, - helpstring("VeraCrypt Format UAC Support Interface") - ] - interface ITrueCryptFormatCom : IUnknown - { - int AnalyzeHiddenVolumeHost (LONG_PTR hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *nbrFreeClusters); - DWORD CallDriver (DWORD ioctl, BSTR input, BSTR *output); - DWORD CopyFile (BSTR sourceFile, BSTR destinationFile); - DWORD DeleteFile (BSTR file); - BOOL FormatNtfs (int driveNo, int clusterSize); - BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly); - DWORD ReadWriteFile (BOOL write, BOOL device, BSTR filePath, BSTR *bufferBstr, unsigned __int64 offset, unsigned __int32 size, DWORD *sizeDone); - DWORD RegisterFilterDriver (BOOL registerDriver, int filterType); - DWORD RegisterSystemFavoritesService (BOOL registerService); - DWORD SetDriverServiceStartType (DWORD startType); - DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value); - BOOL FormatFs (int driveNo, int clusterSize, int fsType); - }; - - [ - uuid(A96D3797-9F31-49f4-A0CE-9657392CF789), - helpstring("VeraCrypt Format UAC Support Coclass") - ] - coclass TrueCryptFormatCom - { - [default] interface ITrueCryptFormatCom; - } -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +import "wtypes.idl"; +import "..\Common\Password.h"; + +[ + uuid(56327DDA-F1A7-4e13-B128-520D129BDEF6), + helpstring("VeraCrypt Format UAC Support Library"), + version(2.5) // Update ComSetup.cpp when changing version number +] +library TrueCryptFormatCom +{ + [ + uuid(7AB357D9-A17F-466e-BCD6-F49E97C218D8), + object, + oleautomation, + helpstring("VeraCrypt Format UAC Support Interface") + ] + interface ITrueCryptFormatCom : IUnknown + { + int AnalyzeHiddenVolumeHost (LONG_PTR hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *nbrFreeClusters); + DWORD CallDriver (DWORD ioctl, BSTR input, BSTR *output); + DWORD CopyFile (BSTR sourceFile, BSTR destinationFile); + DWORD DeleteFile (BSTR file); + BOOL FormatNtfs (int driveNo, int clusterSize); + BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly); + DWORD ReadWriteFile (BOOL write, BOOL device, BSTR filePath, BSTR *bufferBstr, unsigned __int64 offset, unsigned __int32 size, DWORD *sizeDone); + DWORD RegisterFilterDriver (BOOL registerDriver, int filterType); + DWORD RegisterSystemFavoritesService (BOOL registerService); + DWORD SetDriverServiceStartType (DWORD startType); + DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value); + BOOL FormatFs (int driveNo, int clusterSize, int fsType); + }; + + [ + uuid(A96D3797-9F31-49f4-A0CE-9657392CF789), + helpstring("VeraCrypt Format UAC Support Coclass") + ] + coclass TrueCryptFormatCom + { + [default] interface ITrueCryptFormatCom; + } +} diff --git a/src/Format/InPlace.c b/src/Format/InPlace.c index 720b9466..ff7fed1b 100644 --- a/src/Format/InPlace.c +++ b/src/Format/InPlace.c @@ -1,2293 +1,2293 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - - -/* In this file, _WIN32_WINNT is defined as 0x0600 to make filesystem shrink available (Vista -or later). _WIN32_WINNT cannot be defined as 0x0600 for the entire user-space projects -because it breaks the main font app when the app is running on XP (likely an MS bug). -IMPORTANT: Due to this issue, functions in this file must not directly interact with GUI. */ -#define TC_LOCAL_WIN32_WINNT_OVERRIDE 1 -#if (_WIN32_WINNT < 0x0600) -# undef _WIN32_WINNT -# define _WIN32_WINNT 0x0600 -#endif - - -#include -#include -#include -#include - -#include "Tcdefs.h" -#include "Platform/Finally.h" - -#include "Common.h" -#include "Crc.h" -#include "Dlgcode.h" -#include "Language.h" -#include "Tcformat.h" -#include "Volumes.h" - -#include "InPlace.h" - -#include - -using namespace std; -using namespace VeraCrypt; - -#if TC_VOLUME_DATA_OFFSET != 131072 -# error TC_VOLUME_DATA_OFFSET != 131072 -#endif - -#if TC_VOLUME_HEADER_EFFECTIVE_SIZE != 512 -# error TC_VOLUME_HEADER_EFFECTIVE_SIZE != 512 -#endif - -#if TC_TOTAL_VOLUME_HEADERS_SIZE != 262144 -# error TC_TOTAL_VOLUME_HEADERS_SIZE != 262144 -#endif - -#define TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE (2048 * BYTES_PER_KB) -#define TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE (2 * TC_MAX_VOLUME_SECTOR_SIZE) -#define TC_NTFS_CONCEAL_CONSTANT 0xFF -#define TC_NONSYS_INPLACE_ENC_HEADER_UPDATE_INTERVAL (64 * BYTES_PER_MB) -#define TC_NONSYS_INPLACE_ENC_MIN_VOL_SIZE (TC_TOTAL_VOLUME_HEADERS_SIZE + TC_MIN_NTFS_FS_SIZE * 2) - - -// If the returned value is greater than 0, it is the desired volume size in NTFS sectors (not in bytes) -// after shrinking has been performed. If there's any error, returns -1. -static __int64 NewFileSysSizeAfterShrink (HANDLE dev, const wchar_t *devicePath, int64 *totalClusterCount, DWORD *bytesPerCluster, BOOL silent) -{ - NTFS_VOLUME_DATA_BUFFER ntfsVolData; - DWORD nBytesReturned; - __int64 fileSysSize, desiredNbrSectors; - - // Filesystem size and sector size - - if (!DeviceIoControl (dev, - FSCTL_GET_NTFS_VOLUME_DATA, - NULL, - 0, - (LPVOID) &ntfsVolData, - sizeof (ntfsVolData), - &nBytesReturned, - NULL)) - { - if (!silent) - handleWin32Error (MainDlg, SRC_POS); - - return -1; - } - - if ( (ntfsVolData.NumberSectors.QuadPart <= 0) - || (ntfsVolData.NumberSectors.QuadPart > (INT64_MAX / (__int64) ntfsVolData.BytesPerSector)) // overflow test - ) - { - SetLastError (ERROR_INTERNAL_ERROR); - if (!silent) - handleWin32Error (MainDlg, SRC_POS); - - return -1; - } - - fileSysSize = ntfsVolData.NumberSectors.QuadPart * ntfsVolData.BytesPerSector; - - desiredNbrSectors = (fileSysSize - TC_TOTAL_VOLUME_HEADERS_SIZE) / ntfsVolData.BytesPerSector; - - if (desiredNbrSectors <= 0) - return -1; - - if (totalClusterCount) - *totalClusterCount = ntfsVolData.TotalClusters.QuadPart; - if (bytesPerCluster) - *bytesPerCluster = ntfsVolData.BytesPerCluster; - - return desiredNbrSectors; -} - - -BOOL CheckRequirementsForNonSysInPlaceEnc (HWND hwndDlg, const wchar_t *devicePath, BOOL silent) -{ - NTFS_VOLUME_DATA_BUFFER ntfsVolData; - DWORD nBytesReturned; - HANDLE dev; - WCHAR szFileSysName [256]; - WCHAR devPath [MAX_PATH]; - WCHAR dosDev [TC_MAX_PATH] = {0}; - WCHAR devName [MAX_PATH] = {0}; - int driveLetterNo = -1; - WCHAR szRootPath[4] = {0, L':', L'\\', 0}; - __int64 deviceSize; - int partitionNumber = -1, driveNumber = -1; - - - /* ---------- Checks that do not require admin rights ----------- */ - - - /* Operating system */ - - if (CurrentOSMajor < 6) - { - if (!silent) - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "OS_NOT_SUPPORTED_FOR_NONSYS_INPLACE_ENC", FALSE); - - return FALSE; - } - - - /* Volume type (must be a partition or a dynamic volume) */ - - if (swscanf (devicePath, L"\\Device\\HarddiskVolume%d", &partitionNumber) != 1 - && swscanf (devicePath, L"\\Device\\Harddisk%d\\Partition%d", &driveNumber, &partitionNumber) != 2) - { - if (!silent) - Error ("INPLACE_ENC_INVALID_PATH", hwndDlg); - - return FALSE; - } - - if (partitionNumber == 0) - { - if (!silent) - Warning ("RAW_DEV_NOT_SUPPORTED_FOR_INPLACE_ENC", hwndDlg); - - return FALSE; - } - - - /* Admin rights */ - - if (!IsAdmin()) - { - // We rely on the wizard process to call us only when the whole wizard process has been elevated (so UAC - // status can be ignored). In case the IsAdmin() detection somehow fails, we allow the user to continue. - - if (!silent) - Warning ("ADMIN_PRIVILEGES_WARN_DEVICES", hwndDlg); - } - - - /* ---------- Checks that may require admin rights ----------- */ - - - /* Access to the partition */ - - StringCbCopyW (devPath, sizeof(devPath), devicePath); - - driveLetterNo = GetDiskDeviceDriveLetter (devPath); - - if (driveLetterNo >= 0) - szRootPath[0] = (wchar_t) driveLetterNo + L'A'; - - if (FakeDosNameForDevice (devicePath, dosDev, sizeof(dosDev), devName, sizeof(devName),FALSE) != 0) - { - if (!silent) - { - handleWin32Error (hwndDlg, SRC_POS); - Error ("INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL", hwndDlg); - } - return FALSE; - } - - dev = OpenPartitionVolume (hwndDlg, devName, - FALSE, // Do not require exclusive access - TRUE, // Require shared access (must be TRUE; otherwise, volume properties will not be possible to obtain) - FALSE, // Do not ask the user to confirm shared access (if exclusive fails) - FALSE, // Do not append alternative instructions how to encrypt the data (to applicable error messages) - silent); // Silent mode - - if (dev == INVALID_HANDLE_VALUE) - return FALSE; - - - /* File system type */ - - GetVolumeInformation (szRootPath, NULL, 0, NULL, NULL, NULL, szFileSysName, ARRAYSIZE (szFileSysName)); - - if (wcsncmp (szFileSysName, L"NTFS", 4)) - { - // The previous filesystem type detection method failed (or it's not NTFS) -- try an alternative method - - if (!DeviceIoControl (dev, - FSCTL_GET_NTFS_VOLUME_DATA, - NULL, - 0, - (LPVOID) &ntfsVolData, - sizeof (ntfsVolData), - &nBytesReturned, - NULL)) - { - if (!silent) - { - // The filesystem is not NTFS or the filesystem type could not be determined (or the NTFS filesystem - // is dismounted). - - if (IsDeviceMounted (devName)) - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "ONLY_NTFS_SUPPORTED_FOR_NONSYS_INPLACE_ENC", FALSE); - else - Warning ("ONLY_MOUNTED_VOL_SUPPORTED_FOR_NONSYS_INPLACE_ENC", hwndDlg); - } - - CloseHandle (dev); - return FALSE; - } - } - - - /* Attempt to determine whether the filesystem can be safely shrunk */ - - if (NewFileSysSizeAfterShrink (dev, devicePath, NULL, NULL, silent) == -1) - { - // Cannot determine whether shrinking is required - if (!silent) - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL_ALT", TRUE); - - CloseHandle (dev); - return FALSE; - } - - - /* Partition size */ - - deviceSize = GetDeviceSize (devicePath); - if (deviceSize < 0) - { - // Cannot determine the size of the partition - if (!silent) - Error ("INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL", hwndDlg); - - CloseHandle (dev); - return FALSE; - } - - if (deviceSize < TC_NONSYS_INPLACE_ENC_MIN_VOL_SIZE) - { - // The partition is too small - if (!silent) - { - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "PARTITION_TOO_SMALL_FOR_NONSYS_INPLACE_ENC", FALSE); - } - - CloseHandle (dev); - return FALSE; - } - - - /* Free space on the filesystem */ - - if (!DeviceIoControl (dev, - FSCTL_GET_NTFS_VOLUME_DATA, - NULL, - 0, - (LPVOID) &ntfsVolData, - sizeof (ntfsVolData), - &nBytesReturned, - NULL)) - { - if (!silent) - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL", TRUE); - - CloseHandle (dev); - return FALSE; - } - - if (ntfsVolData.FreeClusters.QuadPart * ntfsVolData.BytesPerCluster < TC_TOTAL_VOLUME_HEADERS_SIZE) - { - if (!silent) - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "NOT_ENOUGH_FREE_FILESYS_SPACE_FOR_SHRINK", TRUE); - - CloseHandle (dev); - return FALSE; - } - - - /* Filesystem sector size */ - - if (ntfsVolData.BytesPerSector > TC_MAX_VOLUME_SECTOR_SIZE - || ntfsVolData.BytesPerSector % ENCRYPTION_DATA_UNIT_SIZE != 0) - { - if (!silent) - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "SECTOR_SIZE_UNSUPPORTED", TRUE); - - CloseHandle (dev); - return FALSE; - } - - - CloseHandle (dev); - return TRUE; -} - -BOOL CheckRequirementsForNonSysInPlaceDec (HWND hwndDlg, const wchar_t *devicePath, BOOL silent) -{ - int partitionNumber = -1, driveNumber = -1; - - /* ---------- Checks that do not require admin rights ----------- */ - - /* Volume type (must be a partition or a dynamic volume) */ - if ((swscanf (devicePath, L"\\Device\\HarddiskVolume%d", &partitionNumber) != 1 - && swscanf (devicePath, L"\\Device\\Harddisk%d\\Partition%d", &driveNumber, &partitionNumber) != 2) - || partitionNumber == 0) - { - if (!silent) - Error ("INPLACE_ENC_INVALID_PATH", hwndDlg); - - return FALSE; - } - - - /* Admin rights */ - if (!IsAdmin()) - { - // We rely on the wizard process to call us only when the whole wizard process has been elevated (so UAC - // status can be ignored). In case the IsAdmin() detection somehow fails, we allow the user to continue. - - if (!silent) - Warning ("ADMIN_PRIVILEGES_WARN_DEVICES", hwndDlg); - } - - - /* ---------- Checks that may require admin rights ----------- */ - - // [Currently none] - - return TRUE; -} - - -int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, volatile HANDLE *outHandle, WipeAlgorithmId wipeAlgorithm) -{ - SHRINK_VOLUME_INFORMATION shrinkVolInfo; - signed __int64 sizeToShrinkTo; - int nStatus = ERR_SUCCESS; - PCRYPTO_INFO cryptoInfo = NULL; - PCRYPTO_INFO cryptoInfo2 = NULL; - HANDLE dev = INVALID_HANDLE_VALUE; - DWORD dwError; - char *header; - WCHAR dosDev[TC_MAX_PATH] = {0}; - WCHAR devName[MAX_PATH] = {0}; - int driveLetter = -1; - WCHAR deviceName[MAX_PATH]; - uint64 dataAreaSize; - __int64 deviceSize; - LARGE_INTEGER offset; - DWORD dwResult; - HWND hwndDlg = volParams->hwndDlg; - - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PREPARING); - - - if (!CheckRequirementsForNonSysInPlaceEnc (hwndDlg, volParams->volumePath, FALSE)) - return ERR_DONT_REPORT; - - - header = (char *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); - if (!header) - return ERR_OUTOFMEMORY; - - VirtualLock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - - deviceSize = GetDeviceSize (volParams->volumePath); - if (deviceSize < 0) - { - // Cannot determine the size of the partition - nStatus = ERR_PARAMETER_INCORRECT; - goto closing_seq; - } - - if (deviceSize < TC_NONSYS_INPLACE_ENC_MIN_VOL_SIZE) - { - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "PARTITION_TOO_SMALL_FOR_NONSYS_INPLACE_ENC", TRUE); - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - - dataAreaSize = GetVolumeDataAreaSize (volParams->hiddenVol, deviceSize); - - StringCchCopyW (deviceName, ARRAYSIZE(deviceName), volParams->volumePath); - - driveLetter = GetDiskDeviceDriveLetter (deviceName); - - - if (FakeDosNameForDevice (volParams->volumePath, dosDev, sizeof(dosDev),devName, sizeof(devName),FALSE) != 0) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - if (IsDeviceMounted (devName)) - { - dev = OpenPartitionVolume (hwndDlg, devName, - FALSE, // Do not require exclusive access (must be FALSE; otherwise, it will not be possible to dismount the volume or obtain its properties and FSCTL_ALLOW_EXTENDED_DASD_IO will fail too) - TRUE, // Require shared access (must be TRUE; otherwise, it will not be possible to dismount the volume or obtain its properties and FSCTL_ALLOW_EXTENDED_DASD_IO will fail too) - FALSE, // Do not ask the user to confirm shared access (if exclusive fails) - FALSE, // Do not append alternative instructions how to encrypt the data (to applicable error messages) - FALSE); // Non-silent mode - - if (dev == INVALID_HANDLE_VALUE) - { - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - } - else - { - // The volume is not mounted so we can't work with the filesystem. - Error ("ONLY_MOUNTED_VOL_SUPPORTED_FOR_NONSYS_INPLACE_ENC", hwndDlg); - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - - - /* Gain "raw" access to the partition (the NTFS driver guards hidden sectors). */ - - if (!DeviceIoControl (dev, - FSCTL_ALLOW_EXTENDED_DASD_IO, - NULL, - 0, - NULL, - 0, - &dwResult, - NULL)) - { - handleWin32Error (MainDlg, SRC_POS); - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL_ALT", TRUE); - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - - - - /* Shrink the filesystem */ - - int64 totalClusterCount; - DWORD bytesPerCluster; - - sizeToShrinkTo = NewFileSysSizeAfterShrink (dev, volParams->volumePath, &totalClusterCount, &bytesPerCluster, FALSE); - - if (sizeToShrinkTo == -1) - { - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL_ALT", TRUE); - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_RESIZING); - - memset (&shrinkVolInfo, 0, sizeof (shrinkVolInfo)); - - shrinkVolInfo.ShrinkRequestType = ShrinkPrepare; - shrinkVolInfo.NewNumberOfSectors = sizeToShrinkTo; - - if (!DeviceIoControl (dev, - FSCTL_SHRINK_VOLUME, - (LPVOID) &shrinkVolInfo, - sizeof (shrinkVolInfo), - NULL, - 0, - &dwResult, - NULL)) - { - handleWin32Error (hwndDlg, SRC_POS); - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "CANNOT_RESIZE_FILESYS", TRUE); - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - - BOOL clustersMovedBeforeVolumeEnd = FALSE; - - while (true) - { - shrinkVolInfo.ShrinkRequestType = ShrinkCommit; - shrinkVolInfo.NewNumberOfSectors = 0; - - if (!DeviceIoControl (dev, FSCTL_SHRINK_VOLUME, &shrinkVolInfo, sizeof (shrinkVolInfo), NULL, 0, &dwResult, NULL)) - { - // If there are any occupied clusters beyond the new desired end of the volume, the call fails with - // ERROR_ACCESS_DENIED (STATUS_ALREADY_COMMITTED). - if (GetLastError () == ERROR_ACCESS_DENIED) - { - if (!clustersMovedBeforeVolumeEnd) - { - if (MoveClustersBeforeThreshold (dev, deviceName, totalClusterCount - (bytesPerCluster > TC_TOTAL_VOLUME_HEADERS_SIZE ? 1 : TC_TOTAL_VOLUME_HEADERS_SIZE / bytesPerCluster))) - { - clustersMovedBeforeVolumeEnd = TRUE; - continue; - } - - handleWin32Error (hwndDlg, SRC_POS); - } - } - else - handleWin32Error (hwndDlg, SRC_POS); - - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "CANNOT_RESIZE_FILESYS", TRUE); - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - - break; - } - - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PREPARING); - - - /* Gain exclusive access to the volume */ - - nStatus = DismountFileSystem (hwndDlg, dev, - driveLetter, - TRUE, - TRUE, - FALSE); - - if (nStatus != ERR_SUCCESS) - { - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - - - - /* Create header backup on the partition. Until the volume is fully encrypted, the backup header will provide - us with the master key, encrypted range, and other data for pause/resume operations. We cannot create the - primary header until the entire partition is encrypted (because we encrypt backwards and the primary header - area is occuppied by data until the very end of the process). */ - - // Prepare the backup header - for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_HEADER_WIPE_PASSES); wipePass++) - { - nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, - header, - volParams->ea, - FIRST_MODE_OF_OPERATION_ID, - volParams->password, - volParams->pkcs5, - volParams->pim, - wipePass == 0 ? NULL : (char *) cryptoInfo->master_keydata, - &cryptoInfo, - dataAreaSize, - 0, - TC_VOLUME_DATA_OFFSET + dataAreaSize, // Start of the encrypted area = the first byte of the backup heeader (encrypting from the end) - 0, // No data is encrypted yet - 0, - volParams->headerFlags | TC_HEADER_FLAG_NONSYS_INPLACE_ENC, - volParams->sectorSize, - wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_HEADER_WIPE_PASSES - 1)); - - if (nStatus != 0) - goto closing_seq; - - offset.QuadPart = TC_VOLUME_DATA_OFFSET + dataAreaSize; - - if (!SetFilePointerEx (dev, offset, NULL, FILE_BEGIN)) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - // Write the backup header to the partition - if (!WriteEffectiveVolumeHeader (TRUE, dev, (byte *) header)) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - // Fill the reserved sectors of the backup header area with random data - nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, dataAreaSize, FALSE, TRUE); - - if (nStatus != ERR_SUCCESS) - goto closing_seq; - } - - - /* Now we will try to decrypt the backup header to verify it has been correctly written. */ - - nStatus = OpenBackupHeader (dev, volParams->volumePath, volParams->password, volParams->pkcs5, volParams->pim, &cryptoInfo2, NULL, deviceSize); - - if (nStatus != ERR_SUCCESS - || cryptoInfo->EncryptedAreaStart.Value != cryptoInfo2->EncryptedAreaStart.Value - || cryptoInfo2->EncryptedAreaStart.Value == 0) - { - if (nStatus == ERR_SUCCESS) - nStatus = ERR_PARAMETER_INCORRECT; - - goto closing_seq; - } - - // The backup header is valid so we know we should be able to safely resume in-place encryption - // of this partition even if the system/app crashes. - - - - /* Conceal the NTFS filesystem (by performing an easy-to-undo modification). This will prevent Windows - and apps from interfering with the volume until it has been fully encrypted. */ - - nStatus = ConcealNTFS (dev); - - if (nStatus != ERR_SUCCESS) - goto closing_seq; - - - - // /* If a drive letter is assigned to the device, remove it (so that users do not try to open it, which - //would cause Windows to ask them if they want to format the volume and other dangerous things). */ - - //if (driveLetter >= 0) - //{ - // char rootPath[] = { driveLetter + 'A', ':', '\\', 0 }; - - // // Try to remove the assigned drive letter - // if (DeleteVolumeMountPoint (rootPath)) - // driveLetter = -1; - //} - - - - /* Update config files and app data */ - - // In the config file, increase the number of partitions where in-place encryption is in progress - - SaveNonSysInPlaceEncSettings (1, wipeAlgorithm, FALSE); - - - // Add the wizard to the system startup sequence if appropriate - - if (!IsNonInstallMode ()) - ManageStartupSeqWiz (FALSE, L"/prinplace"); - - - nStatus = ERR_SUCCESS; - - -closing_seq: - - dwError = GetLastError(); - - if (cryptoInfo != NULL) - { - crypto_close (cryptoInfo); - cryptoInfo = NULL; - } - - if (cryptoInfo2 != NULL) - { - crypto_close (cryptoInfo2); - cryptoInfo2 = NULL; - } - - burn (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - VirtualUnlock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - TCfree (header); - - if (dosDev[0]) - RemoveFakeDosName (volParams->volumePath, dosDev); - - *outHandle = dev; - - if (nStatus != ERR_SUCCESS) - SetLastError (dwError); - - return nStatus; -} - - -int EncryptPartitionInPlaceResume (HANDLE dev, - volatile FORMAT_VOL_PARAMETERS *volParams, - WipeAlgorithmId wipeAlgorithm, - volatile BOOL *bTryToCorrectReadErrors) -{ - PCRYPTO_INFO masterCryptoInfo = NULL, headerCryptoInfo = NULL, tmpCryptoInfo = NULL; - UINT64_STRUCT unitNo; - char *buf = NULL, *header = NULL; - byte *wipeBuffer = NULL; - byte wipeRandChars [TC_WIPE_RAND_CHAR_COUNT]; - byte wipeRandCharsUpdate [TC_WIPE_RAND_CHAR_COUNT]; - WCHAR dosDev[TC_MAX_PATH] = {0}; - WCHAR devName[MAX_PATH] = {0}; - WCHAR deviceName[MAX_PATH]; - int nStatus = ERR_SUCCESS; - __int64 deviceSize; - uint64 remainingBytes, lastHeaderUpdateDistance = 0, zeroedSectorCount = 0; - uint32 workChunkSize; - DWORD dwError, dwResult; - BOOL bPause = FALSE, bEncryptedAreaSizeChanged = FALSE; - LARGE_INTEGER offset; - int sectorSize; - int i; - DWORD n; - WCHAR *devicePath = volParams->volumePath; - Password *password = volParams->password; - int pkcs5_prf = volParams->pkcs5; - int pim = volParams->pim; - DISK_GEOMETRY driveGeometry; - HWND hwndDlg = volParams->hwndDlg; - - - bInPlaceEncNonSysResumed = TRUE; - - buf = (char *) TCalloc (TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); - if (!buf) - { - nStatus = ERR_OUTOFMEMORY; - goto closing_seq; - } - - header = (char *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); - if (!header) - { - nStatus = ERR_OUTOFMEMORY; - goto closing_seq; - } - - VirtualLock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - - if (wipeAlgorithm != TC_WIPE_NONE) - { - wipeBuffer = (byte *) TCalloc (TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); - if (!wipeBuffer) - { - nStatus = ERR_OUTOFMEMORY; - goto closing_seq; - } - } - - headerCryptoInfo = crypto_open(); - - if (headerCryptoInfo == NULL) - { - nStatus = ERR_OUTOFMEMORY; - goto closing_seq; - } - - deviceSize = GetDeviceSize (devicePath); - if (deviceSize < 0) - { - // Cannot determine the size of the partition - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - if (dev == INVALID_HANDLE_VALUE) - { - StringCchCopyW (deviceName, ARRAYSIZE(deviceName), devicePath); - - if (FakeDosNameForDevice (deviceName, dosDev, sizeof(dosDev),devName, sizeof(devName),FALSE) != 0) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - dev = OpenPartitionVolume (hwndDlg, devName, - FALSE, // Do not require exclusive access - FALSE, // Do not require shared access - TRUE, // Ask the user to confirm shared access (if exclusive fails) - FALSE, // Do not append alternative instructions how to encrypt the data (to applicable error messages) - FALSE); // Non-silent mode - - if (dev == INVALID_HANDLE_VALUE) - { - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - } - - // This should never be needed, but is still performed for extra safety (without checking the result) - DeviceIoControl (dev, - FSCTL_ALLOW_EXTENDED_DASD_IO, - NULL, - 0, - NULL, - 0, - &dwResult, - NULL); - - - if (!DeviceIoControl (dev, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &driveGeometry, sizeof (driveGeometry), &dwResult, NULL)) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - sectorSize = driveGeometry.BytesPerSector; - - - nStatus = OpenBackupHeader (dev, devicePath, password, pkcs5_prf, pim, &masterCryptoInfo, headerCryptoInfo, deviceSize); - - if (nStatus != ERR_SUCCESS) - goto closing_seq; - - - - remainingBytes = masterCryptoInfo->VolumeSize.Value - masterCryptoInfo->EncryptedAreaLength.Value; - - lastHeaderUpdateDistance = 0; - - - ExportProgressStats (masterCryptoInfo->EncryptedAreaLength.Value, masterCryptoInfo->VolumeSize.Value); - - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_ENCRYPTING); - - bFirstNonSysInPlaceEncResumeDone = TRUE; - - - /* The in-place encryption core */ - - while (remainingBytes > 0) - { - workChunkSize = (uint32) min (remainingBytes, TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); - - if (workChunkSize % ENCRYPTION_DATA_UNIT_SIZE != 0) - { - nStatus = ERR_PARAMETER_INCORRECT; - goto closing_seq; - } - - unitNo.Value = (remainingBytes - workChunkSize + TC_VOLUME_DATA_OFFSET) / ENCRYPTION_DATA_UNIT_SIZE; - - - // Read the plaintext into RAM - -inplace_enc_read: - - offset.QuadPart = masterCryptoInfo->EncryptedAreaStart.Value - workChunkSize - TC_VOLUME_DATA_OFFSET; - - if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - if (ReadFile (dev, buf, workChunkSize, &n, NULL) == 0) - { - // Read error - - DWORD dwTmpErr = GetLastError (); - - if (IsDiskReadError (dwTmpErr) && !bVolTransformThreadCancel) - { - // Physical defect or data corruption - - if (!*bTryToCorrectReadErrors) - { - *bTryToCorrectReadErrors = (AskWarnYesNo ("ENABLE_BAD_SECTOR_ZEROING", hwndDlg) == IDYES); - } - - if (*bTryToCorrectReadErrors) - { - // Try to correct the read errors physically - - offset.QuadPart = masterCryptoInfo->EncryptedAreaStart.Value - workChunkSize - TC_VOLUME_DATA_OFFSET; - - nStatus = ZeroUnreadableSectors (dev, offset, workChunkSize, sectorSize, &zeroedSectorCount); - - if (nStatus != ERR_SUCCESS) - { - // Due to write errors, we can't correct the read errors - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - goto inplace_enc_read; - } - } - - SetLastError (dwTmpErr); // Preserve the original error code - - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - if (remainingBytes - workChunkSize < TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE) - { - // We reached the inital portion of the filesystem, which we had concealed (in order to prevent - // Windows from interfering with the volume). Now we need to undo that modification. - - for (i = 0; i < TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE - (remainingBytes - workChunkSize); i++) - buf[i] ^= TC_NTFS_CONCEAL_CONSTANT; - } - - - // Encrypt the plaintext in RAM - - EncryptDataUnits ((byte *) buf, &unitNo, workChunkSize / ENCRYPTION_DATA_UNIT_SIZE, masterCryptoInfo); - - - // If enabled, wipe the area to which we will write the ciphertext - - if (wipeAlgorithm != TC_WIPE_NONE) - { - byte wipePass; - int wipePassCount = GetWipePassCount (wipeAlgorithm); - - if (wipePassCount <= 0) - { - SetLastError (ERROR_INVALID_PARAMETER); - nStatus = ERR_PARAMETER_INCORRECT; - goto closing_seq; - } - - offset.QuadPart = masterCryptoInfo->EncryptedAreaStart.Value - workChunkSize; - - for (wipePass = 1; wipePass <= wipePassCount; ++wipePass) - { - if (!WipeBuffer (wipeAlgorithm, wipeRandChars, wipePass, wipeBuffer, workChunkSize)) - { - ULONG i; - for (i = 0; i < workChunkSize; ++i) - { - wipeBuffer[i] = buf[i] + wipePass; - } - - EncryptDataUnits (wipeBuffer, &unitNo, workChunkSize / ENCRYPTION_DATA_UNIT_SIZE, masterCryptoInfo); - memcpy (wipeRandCharsUpdate, wipeBuffer, sizeof (wipeRandCharsUpdate)); - } - - if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0 - || WriteFile (dev, wipeBuffer, workChunkSize, &n, NULL) == 0) - { - // Write error - dwError = GetLastError(); - - // Undo failed write operation - if (workChunkSize > TC_VOLUME_DATA_OFFSET && SetFilePointerEx (dev, offset, NULL, FILE_BEGIN)) - { - DecryptDataUnits ((byte *) buf, &unitNo, workChunkSize / ENCRYPTION_DATA_UNIT_SIZE, masterCryptoInfo); - WriteFile (dev, buf + TC_VOLUME_DATA_OFFSET, workChunkSize - TC_VOLUME_DATA_OFFSET, &n, NULL); - } - - SetLastError (dwError); - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - } - - memcpy (wipeRandChars, wipeRandCharsUpdate, sizeof (wipeRandCharsUpdate)); - } - - - // Write the ciphertext - - offset.QuadPart = masterCryptoInfo->EncryptedAreaStart.Value - workChunkSize; - - if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - if (WriteFile (dev, buf, workChunkSize, &n, NULL) == 0) - { - // Write error - dwError = GetLastError(); - - // Undo failed write operation - if (workChunkSize > TC_VOLUME_DATA_OFFSET && SetFilePointerEx (dev, offset, NULL, FILE_BEGIN)) - { - DecryptDataUnits ((byte *) buf, &unitNo, workChunkSize / ENCRYPTION_DATA_UNIT_SIZE, masterCryptoInfo); - WriteFile (dev, buf + TC_VOLUME_DATA_OFFSET, workChunkSize - TC_VOLUME_DATA_OFFSET, &n, NULL); - } - - SetLastError (dwError); - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - - masterCryptoInfo->EncryptedAreaStart.Value -= workChunkSize; - masterCryptoInfo->EncryptedAreaLength.Value += workChunkSize; - - remainingBytes -= workChunkSize; - lastHeaderUpdateDistance += workChunkSize; - - bEncryptedAreaSizeChanged = TRUE; - - if (lastHeaderUpdateDistance >= TC_NONSYS_INPLACE_ENC_HEADER_UPDATE_INTERVAL) - { - nStatus = FastVolumeHeaderUpdate (dev, headerCryptoInfo, masterCryptoInfo, deviceSize); - - if (nStatus != ERR_SUCCESS) - goto closing_seq; - - lastHeaderUpdateDistance = 0; - } - - ExportProgressStats (masterCryptoInfo->EncryptedAreaLength.Value, masterCryptoInfo->VolumeSize.Value); - - if (bVolTransformThreadCancel) - { - bPause = TRUE; - break; - } - } - - nStatus = FastVolumeHeaderUpdate (dev, headerCryptoInfo, masterCryptoInfo, deviceSize); - - - if (nStatus != ERR_SUCCESS) - goto closing_seq; - - - if (!bPause) - { - /* The data area has been fully encrypted; create and write the primary volume header */ - - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_FINALIZING); - - for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_HEADER_WIPE_PASSES); wipePass++) - { - nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, - header, - headerCryptoInfo->ea, - headerCryptoInfo->mode, - password, - masterCryptoInfo->pkcs5, - pim, - (char *) masterCryptoInfo->master_keydata, - &tmpCryptoInfo, - masterCryptoInfo->VolumeSize.Value, - 0, - masterCryptoInfo->EncryptedAreaStart.Value, - masterCryptoInfo->EncryptedAreaLength.Value, - masterCryptoInfo->RequiredProgramVersion, - masterCryptoInfo->HeaderFlags | TC_HEADER_FLAG_NONSYS_INPLACE_ENC, - masterCryptoInfo->SectorSize, - wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_HEADER_WIPE_PASSES - 1)); - - if (nStatus != ERR_SUCCESS) - goto closing_seq; - - - offset.QuadPart = TC_VOLUME_HEADER_OFFSET; - - if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0 - || !WriteEffectiveVolumeHeader (TRUE, dev, (byte *) header)) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - // Fill the reserved sectors of the header area with random data - nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, headerCryptoInfo, masterCryptoInfo->VolumeSize.Value, TRUE, FALSE); - - if (nStatus != ERR_SUCCESS) - goto closing_seq; - } - - // Update the configuration files - - SaveNonSysInPlaceEncSettings (-1, wipeAlgorithm, FALSE); - - - - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_FINISHED); - - nStatus = ERR_SUCCESS; - } - else - { - // The process has been paused by the user or aborted by the wizard (e.g. on app exit) - - nStatus = ERR_USER_ABORT; - - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PAUSED); - } - - -closing_seq: - - dwError = GetLastError(); - - if (bEncryptedAreaSizeChanged - && dev != INVALID_HANDLE_VALUE - && masterCryptoInfo != NULL - && headerCryptoInfo != NULL - && deviceSize > 0) - { - // Execution of the core loop may have been interrupted due to an error or user action without updating the header - FastVolumeHeaderUpdate (dev, headerCryptoInfo, masterCryptoInfo, deviceSize); - } - - if (masterCryptoInfo != NULL) - { - crypto_close (masterCryptoInfo); - masterCryptoInfo = NULL; - } - - if (headerCryptoInfo != NULL) - { - crypto_close (headerCryptoInfo); - headerCryptoInfo = NULL; - } - - if (tmpCryptoInfo != NULL) - { - crypto_close (tmpCryptoInfo); - tmpCryptoInfo = NULL; - } - - if (dosDev[0]) - RemoveFakeDosName (devicePath, dosDev); - - if (dev != INVALID_HANDLE_VALUE) - { - CloseHandle (dev); - dev = INVALID_HANDLE_VALUE; - } - - if (buf != NULL) - TCfree (buf); - - if (header != NULL) - { - burn (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - VirtualUnlock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - TCfree (header); - } - - if (wipeBuffer != NULL) - TCfree (wipeBuffer); - - if (zeroedSectorCount > 0) - { - wchar_t msg[30000] = {0}; - wchar_t sizeStr[500] = {0}; - - GetSizeString (zeroedSectorCount * sectorSize, sizeStr, sizeof(sizeStr)); - - StringCbPrintfW (msg, sizeof(msg), - GetString ("ZEROED_BAD_SECTOR_COUNT"), - zeroedSectorCount, - sizeStr); - - WarningDirect (msg, hwndDlg); - } - - if (nStatus != ERR_SUCCESS && nStatus != ERR_USER_ABORT) - SetLastError (dwError); - - return nStatus; -} - -int DecryptPartitionInPlace (volatile FORMAT_VOL_PARAMETERS *volParams, volatile BOOL *DiscardUnreadableEncryptedSectors) -{ - HANDLE dev = INVALID_HANDLE_VALUE; - PCRYPTO_INFO masterCryptoInfo = NULL, headerCryptoInfo = NULL; - UINT64_STRUCT unitNo; - char *buf = NULL; - byte *tmpSectorBuf = NULL; - WCHAR dosDev[TC_MAX_PATH] = {0}; - WCHAR devName[MAX_PATH] = {0}; - WCHAR deviceName[MAX_PATH]; - int nStatus = ERR_SUCCESS; - __int64 deviceSize; - uint64 remainingBytes, workChunkStartByteOffset, lastHeaderUpdateDistance = 0, skippedBadSectorCount = 0; - uint32 workChunkSize; - DWORD dwError, dwResult; - BOOL bPause = FALSE, bEncryptedAreaSizeChanged = FALSE; - LARGE_INTEGER offset; - int sectorSize; - int i; - DWORD n; - WCHAR *devicePath = volParams->volumePath; - Password *password = volParams->password; - HWND hwndDlg = volParams->hwndDlg; - int pkcs5_prf = volParams->pkcs5; - int pim = volParams->pim; - DISK_GEOMETRY driveGeometry; - - - buf = (char *) TCalloc (TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); - if (!buf) - { - nStatus = ERR_OUTOFMEMORY; - goto closing_seq; - } - - headerCryptoInfo = crypto_open(); - - if (headerCryptoInfo == NULL) - { - nStatus = ERR_OUTOFMEMORY; - goto closing_seq; - } - - deviceSize = GetDeviceSize (devicePath); - if (deviceSize < 0) - { - // Cannot determine the size of the partition - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - - // The wizard should have dismounted the TC volume if it was mounted, but for extra safety we will check this again. - if (IsMountedVolume (devicePath)) - { - int driveLetter = GetMountedVolumeDriveNo (devicePath); - - if (driveLetter == -1 - || !UnmountVolume (hwndDlg, driveLetter, TRUE)) - { - handleWin32Error (hwndDlg, SRC_POS); - AbortProcess ("CANT_DISMOUNT_VOLUME"); - } - } - - - StringCchCopyW (deviceName, ARRAYSIZE(deviceName), devicePath); - - if (FakeDosNameForDevice (deviceName, dosDev, sizeof(dosDev), devName, sizeof(devName), FALSE) != 0) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - dev = OpenPartitionVolume (hwndDlg, devName, - TRUE, // Require exclusive access - FALSE, // Do not require shared access - TRUE, // Ask the user to confirm shared access (if exclusive fails) - FALSE, // Do not append alternative instructions how to encrypt the data (to applicable error messages) - FALSE); // Non-silent mode - - if (dev == INVALID_HANDLE_VALUE) - { - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - - - - // This should never be needed, but is still performed for extra safety (without checking the result) - DeviceIoControl (dev, - FSCTL_ALLOW_EXTENDED_DASD_IO, - NULL, - 0, - NULL, - 0, - &dwResult, - NULL); - - - if (!DeviceIoControl (dev, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &driveGeometry, sizeof (driveGeometry), &dwResult, NULL)) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - if ( (driveGeometry.BytesPerSector == 0) - || (driveGeometry.BytesPerSector > TC_MAX_VOLUME_SECTOR_SIZE) - || (driveGeometry.BytesPerSector % ENCRYPTION_DATA_UNIT_SIZE != 0) - ) - { - Error ("SECTOR_SIZE_UNSUPPORTED", hwndDlg); - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - - sectorSize = driveGeometry.BytesPerSector; - - - tmpSectorBuf = (byte *) TCalloc (sectorSize); - if (!tmpSectorBuf) - { - nStatus = ERR_OUTOFMEMORY; - goto closing_seq; - } - - - nStatus = OpenBackupHeader (dev, devicePath, password, pkcs5_prf, pim, &masterCryptoInfo, headerCryptoInfo, deviceSize); - - if (nStatus != ERR_SUCCESS) - goto closing_seq; - - - if (masterCryptoInfo->LegacyVolume) - { - Error ("NONSYS_INPLACE_DECRYPTION_BAD_VOL_FORMAT", hwndDlg); - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - - if (masterCryptoInfo->hiddenVolume) - { - Error ("NONSYS_INPLACE_DECRYPTION_CANT_DECRYPT_HID_VOL", hwndDlg); - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - - if (!bInPlaceEncNonSysResumed - && masterCryptoInfo->VolumeSize.Value == masterCryptoInfo->EncryptedAreaLength.Value) - { - /* Decryption started (not resumed) */ - - if ((masterCryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) == 0) - { - // The volume has not been encrypted in-place so it may contain a hidden volume. - // Ask the user to confirm it does not. - - char *tmpStr[] = {0, - "CONFIRM_VOL_CONTAINS_NO_HIDDEN_VOL", - "VOL_CONTAINS_NO_HIDDEN_VOL", - "VOL_CONTAINS_A_HIDDEN_VOL", - 0}; - - switch (AskMultiChoice ((void **) tmpStr, FALSE, hwndDlg)) - { - case 1: - // NOP - break; - case 2: - default: - // Cancel - nStatus = ERR_DONT_REPORT; - goto closing_seq; - } - } - - // Update config files and app data - - // In the config file, increase the number of partitions where in-place decryption is in progress - SaveNonSysInPlaceEncSettings (1, TC_WIPE_NONE, TRUE); - - // Add the wizard to the system startup sequence if appropriate - if (!IsNonInstallMode ()) - ManageStartupSeqWiz (FALSE, L"/prinplace"); - } - - - - bInPlaceEncNonSysResumed = TRUE; - bFirstNonSysInPlaceEncResumeDone = TRUE; - - - remainingBytes = masterCryptoInfo->EncryptedAreaLength.Value; - - lastHeaderUpdateDistance = 0; - - - ExportProgressStats (masterCryptoInfo->EncryptedAreaLength.Value, masterCryptoInfo->VolumeSize.Value); - - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_DECRYPTING); - - - - /* The in-place decryption core */ - - while (remainingBytes > 0) - { - workChunkSize = (uint32) min (remainingBytes, TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); - - if (workChunkSize % ENCRYPTION_DATA_UNIT_SIZE != 0) - { - nStatus = ERR_PARAMETER_INCORRECT; - goto closing_seq; - } - - workChunkStartByteOffset = masterCryptoInfo->EncryptedAreaStart.Value; - - unitNo.Value = workChunkStartByteOffset / ENCRYPTION_DATA_UNIT_SIZE; - - - // Read the ciphertext into RAM - - offset.QuadPart = workChunkStartByteOffset; - - if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - if (ReadFile (dev, buf, workChunkSize, &n, NULL) == 0) - { - // Read error - - DWORD dwTmpErr = GetLastError (); - - if (IsDiskReadError (dwTmpErr) && !bVolTransformThreadCancel) - { - // Physical defect or data corruption - - if (!*DiscardUnreadableEncryptedSectors) - { - *DiscardUnreadableEncryptedSectors = (AskWarnYesNo ("DISCARD_UNREADABLE_ENCRYPTED_SECTORS", hwndDlg) == IDYES); - } - - if (*DiscardUnreadableEncryptedSectors) - { - // Read the work chunk again, but this time each sector individually and skiping each bad sector - - LARGE_INTEGER tmpSectorOffset; - uint64 tmpSectorCount; - uint64 tmpBufOffset = 0; - DWORD tmpNbrReadBytes = 0; - - tmpSectorOffset.QuadPart = offset.QuadPart; - - for (tmpSectorCount = workChunkSize / sectorSize; tmpSectorCount > 0; --tmpSectorCount) - { - if (SetFilePointerEx (dev, tmpSectorOffset, NULL, FILE_BEGIN) == 0) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - if (ReadFile (dev, tmpSectorBuf, sectorSize, &tmpNbrReadBytes, NULL) == 0 - || tmpNbrReadBytes != (DWORD) sectorSize) - { - // Read error - - // Clear the buffer so the content of each unreadable sector is replaced with decrypted all-zero blocks (producing pseudorandom data) - memset (tmpSectorBuf, 0, sectorSize); - - skippedBadSectorCount++; - } - - memcpy (buf + tmpBufOffset, tmpSectorBuf, sectorSize); - - tmpSectorOffset.QuadPart += sectorSize; - tmpBufOffset += sectorSize; - } - } - else - { - SetLastError (dwTmpErr); // Preserve the original error code - - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - } - else - { - SetLastError (dwTmpErr); // Preserve the original error code - - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - } - - // Decrypt the ciphertext in RAM - - DecryptDataUnits ((byte *) buf, &unitNo, workChunkSize / ENCRYPTION_DATA_UNIT_SIZE, masterCryptoInfo); - - - - // Conceal initial portion of the filesystem - - if (workChunkStartByteOffset - TC_VOLUME_DATA_OFFSET < TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE) - { - // We are decrypting the initial TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE bytes of the filesystem. We will - // conceal this portion to prevent Windows and applications from interfering with the volume. - - for (i = 0; i < min (TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE, workChunkStartByteOffset - TC_VOLUME_DATA_OFFSET + workChunkSize); i++) - buf[i] ^= TC_NTFS_CONCEAL_CONSTANT; - } - - - // Write the plaintext - - offset.QuadPart = workChunkStartByteOffset - TC_VOLUME_DATA_OFFSET; - - if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - if (WriteFile (dev, buf, workChunkSize, &n, NULL) == 0) - { - // Write error - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - - masterCryptoInfo->EncryptedAreaStart.Value += workChunkSize; - masterCryptoInfo->EncryptedAreaLength.Value -= workChunkSize; - - remainingBytes -= workChunkSize; - lastHeaderUpdateDistance += workChunkSize; - - bEncryptedAreaSizeChanged = TRUE; - - if (lastHeaderUpdateDistance >= TC_NONSYS_INPLACE_ENC_HEADER_UPDATE_INTERVAL) - { - nStatus = FastVolumeHeaderUpdate (dev, headerCryptoInfo, masterCryptoInfo, deviceSize); - - if (nStatus != ERR_SUCCESS) - { - // Possible write error - goto closing_seq; - } - - lastHeaderUpdateDistance = 0; - } - - ExportProgressStats (masterCryptoInfo->EncryptedAreaLength.Value, masterCryptoInfo->VolumeSize.Value); - - if (bVolTransformThreadCancel) - { - bPause = TRUE; - break; - } - } - - nStatus = FastVolumeHeaderUpdate (dev, headerCryptoInfo, masterCryptoInfo, deviceSize); - - - if (nStatus != ERR_SUCCESS) - { - // Possible write error - goto closing_seq; - } - - - if (!bPause) - { - /* Volume has been fully decrypted. */ - - - // Prevent attempts to update volume header during the closing sequence - bEncryptedAreaSizeChanged = FALSE; - - - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_FINALIZING); - - - - /* Undo concealing of the filesystem */ - - nStatus = ConcealNTFS (dev); - - if (nStatus != ERR_SUCCESS) - goto closing_seq; - - - - /* Ovewrite the backup header and the remaining ciphertext with all-zero blocks (the primary header was overwritten with the decrypted data). */ - - memset (tmpSectorBuf, 0, sectorSize); - - for (offset.QuadPart = masterCryptoInfo->VolumeSize.Value; - offset.QuadPart <= deviceSize - sectorSize; - offset.QuadPart += sectorSize) - { - if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - if (WriteFile (dev, tmpSectorBuf, sectorSize, &n, NULL) == 0) - { - // Write error - dwError = GetLastError(); - - SetLastError (dwError); - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - } - - - - /* Update the configuration files */ - - SaveNonSysInPlaceEncSettings (-1, TC_WIPE_NONE, TRUE); - - - - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_FINISHED); - - nStatus = ERR_SUCCESS; - - } - else - { - // The process has been paused by the user or aborted by the wizard (e.g. on app exit) - - nStatus = ERR_USER_ABORT; - - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PAUSED); - } - - if (dev != INVALID_HANDLE_VALUE) - { - CloseHandle (dev); - dev = INVALID_HANDLE_VALUE; - } - - -closing_seq: - - dwError = GetLastError(); - - if (bEncryptedAreaSizeChanged - && dev != INVALID_HANDLE_VALUE - && masterCryptoInfo != NULL - && headerCryptoInfo != NULL - && deviceSize > 0) - { - // Execution of the core loop may have been interrupted due to an error or user action without updating the header - FastVolumeHeaderUpdate (dev, headerCryptoInfo, masterCryptoInfo, deviceSize); - } - - if (dev != INVALID_HANDLE_VALUE) - { - CloseHandle (dev); - dev = INVALID_HANDLE_VALUE; - } - - if (masterCryptoInfo != NULL) - { - crypto_close (masterCryptoInfo); - masterCryptoInfo = NULL; - } - - if (headerCryptoInfo != NULL) - { - crypto_close (headerCryptoInfo); - headerCryptoInfo = NULL; - } - - if (dosDev[0]) - RemoveFakeDosName (devicePath, dosDev); - - if (buf != NULL) - { - TCfree (buf); - buf = NULL; - } - - if (tmpSectorBuf != NULL) - { - TCfree (tmpSectorBuf); - tmpSectorBuf = NULL; - } - - if (skippedBadSectorCount > 0) - { - wchar_t msg[30000] = {0}; - wchar_t sizeStr[500] = {0}; - - GetSizeString (skippedBadSectorCount * sectorSize, sizeStr, sizeof(sizeStr)); - - StringCbPrintfW (msg, sizeof(msg), - GetString ("SKIPPED_BAD_SECTOR_COUNT"), - skippedBadSectorCount, - sizeStr); - - WarningDirect (msg, hwndDlg); - } - - if (nStatus != ERR_SUCCESS && nStatus != ERR_USER_ABORT) - SetLastError (dwError); - - return nStatus; -} - -int FastVolumeHeaderUpdate (HANDLE dev, CRYPTO_INFO *headerCryptoInfo, CRYPTO_INFO *masterCryptoInfo, __int64 deviceSize) -{ - LARGE_INTEGER offset; - DWORD n; - int nStatus = ERR_SUCCESS; - byte *header; - DWORD dwError; - uint32 headerCrc32; - byte *fieldPos; - - header = (byte *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); - - if (!header) - return ERR_OUTOFMEMORY; - - VirtualLock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - - - fieldPos = (byte *) header + TC_HEADER_OFFSET_ENCRYPTED_AREA_START; - - offset.QuadPart = deviceSize - TC_VOLUME_HEADER_GROUP_SIZE; - - if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0 - || !ReadEffectiveVolumeHeader (TRUE, dev, header, &n) || n < TC_VOLUME_HEADER_EFFECTIVE_SIZE) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - - DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, headerCryptoInfo); - - if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241) - { - nStatus = ERR_PARAMETER_INCORRECT; - goto closing_seq; - } - - mputInt64 (fieldPos, (masterCryptoInfo->EncryptedAreaStart.Value)); - mputInt64 (fieldPos, (masterCryptoInfo->EncryptedAreaLength.Value)); - - // We need to ensure the TC_HEADER_FLAG_NONSYS_INPLACE_ENC flag bit is set, because if volumes created by TC-format - // were decrypted in place, it would be possible to mount them partially encrypted and it wouldn't be possible - // to resume interrupted decryption after the wizard exits. - masterCryptoInfo->HeaderFlags |= TC_HEADER_FLAG_NONSYS_INPLACE_ENC; - fieldPos = (byte *) header + TC_HEADER_OFFSET_FLAGS; - mputLong (fieldPos, (masterCryptoInfo->HeaderFlags)); - - - headerCrc32 = GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC); - fieldPos = (byte *) header + TC_HEADER_OFFSET_HEADER_CRC; - mputLong (fieldPos, headerCrc32); - - EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, headerCryptoInfo); - - - if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0 - || !WriteEffectiveVolumeHeader (TRUE, dev, header)) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - -closing_seq: - - dwError = GetLastError(); - - burn (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - VirtualUnlock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - TCfree (header); - - if (nStatus != ERR_SUCCESS) - SetLastError (dwError); - - return nStatus; -} - - -static HANDLE OpenPartitionVolume (HWND hwndDlg, const wchar_t *devName, - BOOL bExclusiveRequired, - BOOL bSharedRequired, - BOOL bSharedRequiresConfirmation, - BOOL bShowAlternativeSteps, - BOOL bSilent) -{ - HANDLE dev = INVALID_HANDLE_VALUE; - int retryCount = 0; - - if (bExclusiveRequired) - bSharedRequired = FALSE; - - if (bExclusiveRequired || !bSharedRequired) - { - // Exclusive access - // Note that when exclusive access is denied, it is worth retrying (usually succeeds after a few tries). - while (dev == INVALID_HANDLE_VALUE && retryCount++ < EXCL_ACCESS_MAX_AUTO_RETRIES) - { - dev = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_FLAG_WRITE_THROUGH, NULL); - - if (retryCount > 1) - Sleep (EXCL_ACCESS_AUTO_RETRY_DELAY); - } - } - - if (dev == INVALID_HANDLE_VALUE) - { - if (bExclusiveRequired) - { - if (!bSilent) - { - handleWin32Error (hwndDlg, SRC_POS); - - if (bShowAlternativeSteps) - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL_ALT", TRUE); - else - Error ("INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL", hwndDlg); - } - return INVALID_HANDLE_VALUE; - } - - // Shared mode - dev = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_FLAG_WRITE_THROUGH, NULL); - if (dev != INVALID_HANDLE_VALUE) - { - if (bSharedRequiresConfirmation - && !bSilent - && AskWarnNoYes ("DEVICE_IN_USE_INPLACE_ENC", hwndDlg) == IDNO) - { - CloseHandle (dev); - return INVALID_HANDLE_VALUE; - } - } - else - { - if (!bSilent) - { - handleWin32Error (MainDlg, SRC_POS); - - if (bShowAlternativeSteps) - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL_ALT", TRUE); - else - Error ("INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL", hwndDlg); - } - return INVALID_HANDLE_VALUE; - } - } - - return dev; -} - - -static int DismountFileSystem (HWND hwndDlg, HANDLE dev, - int driveLetter, - BOOL bForcedAllowed, - BOOL bForcedRequiresConfirmation, - BOOL bSilent) -{ - int attempt; - BOOL bResult; - DWORD dwResult; - - CloseVolumeExplorerWindows (MainDlg, driveLetter); - - attempt = UNMOUNT_MAX_AUTO_RETRIES * 10; - - while (!(bResult = DeviceIoControl (dev, FSCTL_LOCK_VOLUME, NULL, 0, NULL, 0, &dwResult, NULL)) - && attempt > 0) - { - Sleep (UNMOUNT_AUTO_RETRY_DELAY); - attempt--; - } - - if (!bResult) - { - if (!bForcedAllowed) - { - if (!bSilent) - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_LOCK_OR_DISMOUNT_FILESYS", TRUE); - - return ERR_DONT_REPORT; - } - - if (bForcedRequiresConfirmation - && !bSilent - && AskWarnYesNo ("VOL_LOCK_FAILED_OFFER_FORCED_DISMOUNT", hwndDlg) == IDNO) - { - return ERR_DONT_REPORT; - } - } - - // Dismount the volume - - attempt = UNMOUNT_MAX_AUTO_RETRIES * 10; - - while (!(bResult = DeviceIoControl (dev, FSCTL_DISMOUNT_VOLUME, NULL, 0, NULL, 0, &dwResult, NULL)) - && attempt > 0) - { - Sleep (UNMOUNT_AUTO_RETRY_DELAY); - attempt--; - } - - if (!bResult) - { - if (!bSilent) - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_LOCK_OR_DISMOUNT_FILESYS", TRUE); - - return ERR_DONT_REPORT; - } - - return ERR_SUCCESS; -} - - -// Easy-to-undo modification applied to conceal the NTFS filesystem (to prevent Windows and apps from -// interfering with it until the volume has been fully encrypted). Note that this function will precisely -// undo any modifications it made to the filesystem automatically if an error occurs when writing (including -// physical drive defects). -static int ConcealNTFS (HANDLE dev) -{ - char buf [TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE]; - DWORD nbrBytesProcessed, nbrBytesProcessed2; - int i; - LARGE_INTEGER offset; - DWORD dwError; - - offset.QuadPart = 0; - - if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) - return ERR_OS_ERROR; - - if (ReadFile (dev, buf, TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE, &nbrBytesProcessed, NULL) == 0) - return ERR_OS_ERROR; - - for (i = 0; i < TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE; i++) - buf[i] ^= TC_NTFS_CONCEAL_CONSTANT; - - offset.QuadPart = 0; - - if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) - return ERR_OS_ERROR; - - if (WriteFile (dev, buf, TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE, &nbrBytesProcessed, NULL) == 0) - { - // One or more of the sectors is/are probably damaged and cause write errors. - // We must undo the modifications we made. - - dwError = GetLastError(); - - for (i = 0; i < TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE; i++) - buf[i] ^= TC_NTFS_CONCEAL_CONSTANT; - - offset.QuadPart = 0; - - do - { - Sleep (1); - } - while (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0 - || WriteFile (dev, buf, TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE, &nbrBytesProcessed2, NULL) == 0); - - SetLastError (dwError); - - return ERR_OS_ERROR; - } - - return ERR_SUCCESS; -} - - -void ShowInPlaceEncErrMsgWAltSteps (HWND hwndDlg, char *iniStrId, BOOL bErr) -{ - wchar_t msg[30000]; - - StringCbCopyW (msg, sizeof(msg), GetString (iniStrId)); - - StringCbCatW (msg, sizeof(msg), L"\n\n\n"); - StringCbCatW (msg, sizeof(msg), GetString ("INPLACE_ENC_ALTERNATIVE_STEPS")); - - if (bErr) - ErrorDirect (msg, hwndDlg); - else - WarningDirect (msg, hwndDlg); -} - - -static void ExportProgressStats (__int64 bytesDone, __int64 totalSize) -{ - NonSysInplaceEncBytesDone = bytesDone; - NonSysInplaceEncTotalSize = totalSize; -} - - -void SetNonSysInplaceEncUIStatus (int nonSysInplaceEncStatus) -{ - NonSysInplaceEncStatus = nonSysInplaceEncStatus; -} - - -BOOL SaveNonSysInPlaceEncSettings (int delta, WipeAlgorithmId newWipeAlgorithm, BOOL bDecrypt) -{ - int count; - char str[32]; - WipeAlgorithmId savedWipeAlgorithm = TC_WIPE_NONE; - - if (delta == 0) - return TRUE; - - count = LoadNonSysInPlaceEncSettings (&savedWipeAlgorithm) + delta; - - if (count < 1) - { - RemoveNonSysInPlaceEncNotifications(); - return TRUE; - } - else if (!bDecrypt) - { - if (newWipeAlgorithm != TC_WIPE_NONE) - { - StringCbPrintfA (str, sizeof(str), "%d", (int) newWipeAlgorithm); - - SaveBufferToFile (str, GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE), (DWORD) strlen(str), FALSE, FALSE); - } - else if (FileExists (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE))) - { - _wremove (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE)); - } - } - - StringCbPrintfA (str, sizeof(str), "%d", count); - - return SaveBufferToFile (str, GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC), (DWORD) strlen(str), FALSE, FALSE); -} - - -// Repairs damaged sectors (i.e. those with read errors) by zeroing them. -// Note that this operating fails if there are any write errors. -int ZeroUnreadableSectors (HANDLE dev, LARGE_INTEGER startOffset, int64 size, int sectorSize, uint64 *zeroedSectorCount) -{ - int nStatus; - DWORD n; - int64 sectorCount; - LARGE_INTEGER workOffset; - byte *sectorBuffer = NULL; - DWORD dwError; - - workOffset.QuadPart = startOffset.QuadPart; - - sectorBuffer = (byte *) TCalloc (sectorSize); - - if (!sectorBuffer) - return ERR_OUTOFMEMORY; - - if (SetFilePointerEx (dev, startOffset, NULL, FILE_BEGIN) == 0) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - - for (sectorCount = size / sectorSize; sectorCount > 0; --sectorCount) - { - if (ReadFile (dev, sectorBuffer, sectorSize, &n, NULL) == 0) - { - memset (sectorBuffer, 0, sectorSize); - - if (SetFilePointerEx (dev, workOffset, NULL, FILE_BEGIN) == 0) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - if (WriteFile (dev, sectorBuffer, sectorSize, &n, NULL) == 0) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - ++(*zeroedSectorCount); - } - - workOffset.QuadPart += n; - } - - nStatus = ERR_SUCCESS; - -closing_seq: - - dwError = GetLastError(); - - if (sectorBuffer != NULL) - TCfree (sectorBuffer); - - if (nStatus != ERR_SUCCESS) - SetLastError (dwError); - - return nStatus; -} - - -static int OpenBackupHeader (HANDLE dev, const wchar_t *devicePath, Password *password, int pkcs5, int pim, PCRYPTO_INFO *retMasterCryptoInfo, CRYPTO_INFO *headerCryptoInfo, __int64 deviceSize) -{ - LARGE_INTEGER offset; - DWORD n; - int nStatus = ERR_SUCCESS; - char *header; - DWORD dwError; - - header = (char *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); - if (!header) - return ERR_OUTOFMEMORY; - - VirtualLock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - - - - offset.QuadPart = deviceSize - TC_VOLUME_HEADER_GROUP_SIZE; - - if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0 - || !ReadEffectiveVolumeHeader (TRUE, dev, (byte *) header, &n) || n < TC_VOLUME_HEADER_EFFECTIVE_SIZE) - { - nStatus = ERR_OS_ERROR; - goto closing_seq; - } - - - nStatus = ReadVolumeHeader (FALSE, header, password, pkcs5, pim, FALSE, retMasterCryptoInfo, headerCryptoInfo); - if (nStatus != ERR_SUCCESS) - goto closing_seq; - - -closing_seq: - - dwError = GetLastError(); - - burn (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - VirtualUnlock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); - TCfree (header); - - dwError = GetLastError(); - - if (nStatus != ERR_SUCCESS) - SetLastError (dwError); - - return nStatus; -} - - -static BOOL GetFreeClusterBeforeThreshold (HANDLE volumeHandle, int64 *freeCluster, int64 clusterThreshold) -{ - const int bitmapSize = 65536; - byte bitmapBuffer[bitmapSize + sizeof (VOLUME_BITMAP_BUFFER)]; - VOLUME_BITMAP_BUFFER *bitmap = (VOLUME_BITMAP_BUFFER *) bitmapBuffer; - STARTING_LCN_INPUT_BUFFER startLcn; - startLcn.StartingLcn.QuadPart = 0; - - DWORD bytesReturned; - while (DeviceIoControl (volumeHandle, FSCTL_GET_VOLUME_BITMAP, &startLcn, sizeof (startLcn), &bitmapBuffer, sizeof (bitmapBuffer), &bytesReturned, NULL) - || GetLastError() == ERROR_MORE_DATA) - { - for (int64 bitmapIndex = 0; bitmapIndex < min (bitmapSize, (bitmap->BitmapSize.QuadPart / 8)); ++bitmapIndex) - { - if (bitmap->StartingLcn.QuadPart + bitmapIndex * 8 >= clusterThreshold) - goto err; - - if (bitmap->Buffer[bitmapIndex] != 0xff) - { - for (int bit = 0; bit < 8; ++bit) - { - if ((bitmap->Buffer[bitmapIndex] & (1 << bit)) == 0) - { - *freeCluster = bitmap->StartingLcn.QuadPart + bitmapIndex * 8 + bit; - - if (*freeCluster >= clusterThreshold) - goto err; - - return TRUE; - } - } - } - } - - startLcn.StartingLcn.QuadPart += min (bitmapSize * 8, bitmap->BitmapSize.QuadPart); - } - -err: - SetLastError (ERROR_DISK_FULL); - return FALSE; -} - - -static BOOL MoveClustersBeforeThresholdInDir (HANDLE volumeHandle, const wstring &directory, int64 clusterThreshold) -{ - WIN32_FIND_DATAW findData; - - HANDLE findHandle = FindFirstFileW (((directory.size() <= 3 ? L"" : L"\\\\?\\") + directory + L"\\*").c_str(), &findData); - if (findHandle == INVALID_HANDLE_VALUE) - return TRUE; // Error ignored - - finally_do_arg (HANDLE, findHandle, { FindClose (finally_arg); }); - - // Find all files and directories - do - { - if (findData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) - { - wstring subDir = findData.cFileName; - - if (subDir == L"." || subDir == L"..") - continue; - - if (!MoveClustersBeforeThresholdInDir (volumeHandle, directory + L"\\" + subDir, clusterThreshold)) - return FALSE; - } - - DWORD access = FILE_READ_ATTRIBUTES; - - if (findData.dwFileAttributes & FILE_ATTRIBUTE_ENCRYPTED) - access = FILE_READ_DATA; - - HANDLE fsObject = CreateFileW ((directory + L"\\" + findData.cFileName).c_str(), access, FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, NULL); - if (fsObject == INVALID_HANDLE_VALUE) - continue; - - finally_do_arg (HANDLE, fsObject, { CloseHandle (finally_arg); }); - - STARTING_VCN_INPUT_BUFFER startVcn; - startVcn.StartingVcn.QuadPart = 0; - RETRIEVAL_POINTERS_BUFFER retPointers; - DWORD bytesReturned; - - // Find clusters allocated beyond the threshold - while (DeviceIoControl (fsObject, FSCTL_GET_RETRIEVAL_POINTERS, &startVcn, sizeof (startVcn), &retPointers, sizeof (retPointers), &bytesReturned, NULL) - || GetLastError() == ERROR_MORE_DATA) - { - if (retPointers.ExtentCount == 0) - break; - - if (retPointers.Extents[0].Lcn.QuadPart != -1) - { - int64 extentStartCluster = retPointers.Extents[0].Lcn.QuadPart; - int64 extentLen = retPointers.Extents[0].NextVcn.QuadPart - retPointers.StartingVcn.QuadPart; - int64 extentEndCluster = extentStartCluster + extentLen - 1; - - if (extentEndCluster >= clusterThreshold) - { - // Move clusters before the threshold - for (int64 movedCluster = max (extentStartCluster, clusterThreshold); movedCluster <= extentEndCluster; ++movedCluster) - { - for (int retry = 0; ; ++retry) - { - MOVE_FILE_DATA moveData; - - if (GetFreeClusterBeforeThreshold (volumeHandle, &moveData.StartingLcn.QuadPart, clusterThreshold)) - { - moveData.FileHandle = fsObject; - moveData.StartingVcn.QuadPart = movedCluster - extentStartCluster + retPointers.StartingVcn.QuadPart; - moveData.ClusterCount = 1; - - if (DeviceIoControl (volumeHandle, FSCTL_MOVE_FILE, &moveData, sizeof (moveData), NULL, 0, &bytesReturned, NULL)) - break; - } - - if (retry > 600) - return FALSE; - - // There are possible race conditions as we work on a live filesystem - Sleep (100); - } - } - } - } - - startVcn.StartingVcn = retPointers.Extents[0].NextVcn; - } - - } while (FindNextFileW (findHandle, &findData)); - - return TRUE; -} - - -BOOL MoveClustersBeforeThreshold (HANDLE volumeHandle, PWSTR volumeDevicePath, int64 clusterThreshold) -{ - int drive = GetDiskDeviceDriveLetter (volumeDevicePath); - if (drive == -1) - { - SetLastError (ERROR_INVALID_PARAMETER); - return FALSE; - } - - wstring volumeRoot = L"X:"; - volumeRoot[0] = L'A' + (wchar_t) drive; - - return MoveClustersBeforeThresholdInDir (volumeHandle, volumeRoot, clusterThreshold); -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + + +/* In this file, _WIN32_WINNT is defined as 0x0600 to make filesystem shrink available (Vista +or later). _WIN32_WINNT cannot be defined as 0x0600 for the entire user-space projects +because it breaks the main font app when the app is running on XP (likely an MS bug). +IMPORTANT: Due to this issue, functions in this file must not directly interact with GUI. */ +#define TC_LOCAL_WIN32_WINNT_OVERRIDE 1 +#if (_WIN32_WINNT < 0x0600) +# undef _WIN32_WINNT +# define _WIN32_WINNT 0x0600 +#endif + + +#include +#include +#include +#include + +#include "Tcdefs.h" +#include "Platform/Finally.h" + +#include "Common.h" +#include "Crc.h" +#include "Dlgcode.h" +#include "Language.h" +#include "Tcformat.h" +#include "Volumes.h" + +#include "InPlace.h" + +#include + +using namespace std; +using namespace VeraCrypt; + +#if TC_VOLUME_DATA_OFFSET != 131072 +# error TC_VOLUME_DATA_OFFSET != 131072 +#endif + +#if TC_VOLUME_HEADER_EFFECTIVE_SIZE != 512 +# error TC_VOLUME_HEADER_EFFECTIVE_SIZE != 512 +#endif + +#if TC_TOTAL_VOLUME_HEADERS_SIZE != 262144 +# error TC_TOTAL_VOLUME_HEADERS_SIZE != 262144 +#endif + +#define TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE (2048 * BYTES_PER_KB) +#define TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE (2 * TC_MAX_VOLUME_SECTOR_SIZE) +#define TC_NTFS_CONCEAL_CONSTANT 0xFF +#define TC_NONSYS_INPLACE_ENC_HEADER_UPDATE_INTERVAL (64 * BYTES_PER_MB) +#define TC_NONSYS_INPLACE_ENC_MIN_VOL_SIZE (TC_TOTAL_VOLUME_HEADERS_SIZE + TC_MIN_NTFS_FS_SIZE * 2) + + +// If the returned value is greater than 0, it is the desired volume size in NTFS sectors (not in bytes) +// after shrinking has been performed. If there's any error, returns -1. +static __int64 NewFileSysSizeAfterShrink (HANDLE dev, const wchar_t *devicePath, int64 *totalClusterCount, DWORD *bytesPerCluster, BOOL silent) +{ + NTFS_VOLUME_DATA_BUFFER ntfsVolData; + DWORD nBytesReturned; + __int64 fileSysSize, desiredNbrSectors; + + // Filesystem size and sector size + + if (!DeviceIoControl (dev, + FSCTL_GET_NTFS_VOLUME_DATA, + NULL, + 0, + (LPVOID) &ntfsVolData, + sizeof (ntfsVolData), + &nBytesReturned, + NULL)) + { + if (!silent) + handleWin32Error (MainDlg, SRC_POS); + + return -1; + } + + if ( (ntfsVolData.NumberSectors.QuadPart <= 0) + || (ntfsVolData.NumberSectors.QuadPart > (INT64_MAX / (__int64) ntfsVolData.BytesPerSector)) // overflow test + ) + { + SetLastError (ERROR_INTERNAL_ERROR); + if (!silent) + handleWin32Error (MainDlg, SRC_POS); + + return -1; + } + + fileSysSize = ntfsVolData.NumberSectors.QuadPart * ntfsVolData.BytesPerSector; + + desiredNbrSectors = (fileSysSize - TC_TOTAL_VOLUME_HEADERS_SIZE) / ntfsVolData.BytesPerSector; + + if (desiredNbrSectors <= 0) + return -1; + + if (totalClusterCount) + *totalClusterCount = ntfsVolData.TotalClusters.QuadPart; + if (bytesPerCluster) + *bytesPerCluster = ntfsVolData.BytesPerCluster; + + return desiredNbrSectors; +} + + +BOOL CheckRequirementsForNonSysInPlaceEnc (HWND hwndDlg, const wchar_t *devicePath, BOOL silent) +{ + NTFS_VOLUME_DATA_BUFFER ntfsVolData; + DWORD nBytesReturned; + HANDLE dev; + WCHAR szFileSysName [256]; + WCHAR devPath [MAX_PATH]; + WCHAR dosDev [TC_MAX_PATH] = {0}; + WCHAR devName [MAX_PATH] = {0}; + int driveLetterNo = -1; + WCHAR szRootPath[4] = {0, L':', L'\\', 0}; + __int64 deviceSize; + int partitionNumber = -1, driveNumber = -1; + + + /* ---------- Checks that do not require admin rights ----------- */ + + + /* Operating system */ + + if (CurrentOSMajor < 6) + { + if (!silent) + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "OS_NOT_SUPPORTED_FOR_NONSYS_INPLACE_ENC", FALSE); + + return FALSE; + } + + + /* Volume type (must be a partition or a dynamic volume) */ + + if (swscanf (devicePath, L"\\Device\\HarddiskVolume%d", &partitionNumber) != 1 + && swscanf (devicePath, L"\\Device\\Harddisk%d\\Partition%d", &driveNumber, &partitionNumber) != 2) + { + if (!silent) + Error ("INPLACE_ENC_INVALID_PATH", hwndDlg); + + return FALSE; + } + + if (partitionNumber == 0) + { + if (!silent) + Warning ("RAW_DEV_NOT_SUPPORTED_FOR_INPLACE_ENC", hwndDlg); + + return FALSE; + } + + + /* Admin rights */ + + if (!IsAdmin()) + { + // We rely on the wizard process to call us only when the whole wizard process has been elevated (so UAC + // status can be ignored). In case the IsAdmin() detection somehow fails, we allow the user to continue. + + if (!silent) + Warning ("ADMIN_PRIVILEGES_WARN_DEVICES", hwndDlg); + } + + + /* ---------- Checks that may require admin rights ----------- */ + + + /* Access to the partition */ + + StringCbCopyW (devPath, sizeof(devPath), devicePath); + + driveLetterNo = GetDiskDeviceDriveLetter (devPath); + + if (driveLetterNo >= 0) + szRootPath[0] = (wchar_t) driveLetterNo + L'A'; + + if (FakeDosNameForDevice (devicePath, dosDev, sizeof(dosDev), devName, sizeof(devName),FALSE) != 0) + { + if (!silent) + { + handleWin32Error (hwndDlg, SRC_POS); + Error ("INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL", hwndDlg); + } + return FALSE; + } + + dev = OpenPartitionVolume (hwndDlg, devName, + FALSE, // Do not require exclusive access + TRUE, // Require shared access (must be TRUE; otherwise, volume properties will not be possible to obtain) + FALSE, // Do not ask the user to confirm shared access (if exclusive fails) + FALSE, // Do not append alternative instructions how to encrypt the data (to applicable error messages) + silent); // Silent mode + + if (dev == INVALID_HANDLE_VALUE) + return FALSE; + + + /* File system type */ + + GetVolumeInformation (szRootPath, NULL, 0, NULL, NULL, NULL, szFileSysName, ARRAYSIZE (szFileSysName)); + + if (wcsncmp (szFileSysName, L"NTFS", 4)) + { + // The previous filesystem type detection method failed (or it's not NTFS) -- try an alternative method + + if (!DeviceIoControl (dev, + FSCTL_GET_NTFS_VOLUME_DATA, + NULL, + 0, + (LPVOID) &ntfsVolData, + sizeof (ntfsVolData), + &nBytesReturned, + NULL)) + { + if (!silent) + { + // The filesystem is not NTFS or the filesystem type could not be determined (or the NTFS filesystem + // is dismounted). + + if (IsDeviceMounted (devName)) + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "ONLY_NTFS_SUPPORTED_FOR_NONSYS_INPLACE_ENC", FALSE); + else + Warning ("ONLY_MOUNTED_VOL_SUPPORTED_FOR_NONSYS_INPLACE_ENC", hwndDlg); + } + + CloseHandle (dev); + return FALSE; + } + } + + + /* Attempt to determine whether the filesystem can be safely shrunk */ + + if (NewFileSysSizeAfterShrink (dev, devicePath, NULL, NULL, silent) == -1) + { + // Cannot determine whether shrinking is required + if (!silent) + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL_ALT", TRUE); + + CloseHandle (dev); + return FALSE; + } + + + /* Partition size */ + + deviceSize = GetDeviceSize (devicePath); + if (deviceSize < 0) + { + // Cannot determine the size of the partition + if (!silent) + Error ("INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL", hwndDlg); + + CloseHandle (dev); + return FALSE; + } + + if (deviceSize < TC_NONSYS_INPLACE_ENC_MIN_VOL_SIZE) + { + // The partition is too small + if (!silent) + { + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "PARTITION_TOO_SMALL_FOR_NONSYS_INPLACE_ENC", FALSE); + } + + CloseHandle (dev); + return FALSE; + } + + + /* Free space on the filesystem */ + + if (!DeviceIoControl (dev, + FSCTL_GET_NTFS_VOLUME_DATA, + NULL, + 0, + (LPVOID) &ntfsVolData, + sizeof (ntfsVolData), + &nBytesReturned, + NULL)) + { + if (!silent) + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL", TRUE); + + CloseHandle (dev); + return FALSE; + } + + if (ntfsVolData.FreeClusters.QuadPart * ntfsVolData.BytesPerCluster < TC_TOTAL_VOLUME_HEADERS_SIZE) + { + if (!silent) + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "NOT_ENOUGH_FREE_FILESYS_SPACE_FOR_SHRINK", TRUE); + + CloseHandle (dev); + return FALSE; + } + + + /* Filesystem sector size */ + + if (ntfsVolData.BytesPerSector > TC_MAX_VOLUME_SECTOR_SIZE + || ntfsVolData.BytesPerSector % ENCRYPTION_DATA_UNIT_SIZE != 0) + { + if (!silent) + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "SECTOR_SIZE_UNSUPPORTED", TRUE); + + CloseHandle (dev); + return FALSE; + } + + + CloseHandle (dev); + return TRUE; +} + +BOOL CheckRequirementsForNonSysInPlaceDec (HWND hwndDlg, const wchar_t *devicePath, BOOL silent) +{ + int partitionNumber = -1, driveNumber = -1; + + /* ---------- Checks that do not require admin rights ----------- */ + + /* Volume type (must be a partition or a dynamic volume) */ + if ((swscanf (devicePath, L"\\Device\\HarddiskVolume%d", &partitionNumber) != 1 + && swscanf (devicePath, L"\\Device\\Harddisk%d\\Partition%d", &driveNumber, &partitionNumber) != 2) + || partitionNumber == 0) + { + if (!silent) + Error ("INPLACE_ENC_INVALID_PATH", hwndDlg); + + return FALSE; + } + + + /* Admin rights */ + if (!IsAdmin()) + { + // We rely on the wizard process to call us only when the whole wizard process has been elevated (so UAC + // status can be ignored). In case the IsAdmin() detection somehow fails, we allow the user to continue. + + if (!silent) + Warning ("ADMIN_PRIVILEGES_WARN_DEVICES", hwndDlg); + } + + + /* ---------- Checks that may require admin rights ----------- */ + + // [Currently none] + + return TRUE; +} + + +int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, volatile HANDLE *outHandle, WipeAlgorithmId wipeAlgorithm) +{ + SHRINK_VOLUME_INFORMATION shrinkVolInfo; + signed __int64 sizeToShrinkTo; + int nStatus = ERR_SUCCESS; + PCRYPTO_INFO cryptoInfo = NULL; + PCRYPTO_INFO cryptoInfo2 = NULL; + HANDLE dev = INVALID_HANDLE_VALUE; + DWORD dwError; + char *header; + WCHAR dosDev[TC_MAX_PATH] = {0}; + WCHAR devName[MAX_PATH] = {0}; + int driveLetter = -1; + WCHAR deviceName[MAX_PATH]; + uint64 dataAreaSize; + __int64 deviceSize; + LARGE_INTEGER offset; + DWORD dwResult; + HWND hwndDlg = volParams->hwndDlg; + + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PREPARING); + + + if (!CheckRequirementsForNonSysInPlaceEnc (hwndDlg, volParams->volumePath, FALSE)) + return ERR_DONT_REPORT; + + + header = (char *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); + if (!header) + return ERR_OUTOFMEMORY; + + VirtualLock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + + deviceSize = GetDeviceSize (volParams->volumePath); + if (deviceSize < 0) + { + // Cannot determine the size of the partition + nStatus = ERR_PARAMETER_INCORRECT; + goto closing_seq; + } + + if (deviceSize < TC_NONSYS_INPLACE_ENC_MIN_VOL_SIZE) + { + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "PARTITION_TOO_SMALL_FOR_NONSYS_INPLACE_ENC", TRUE); + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + + dataAreaSize = GetVolumeDataAreaSize (volParams->hiddenVol, deviceSize); + + StringCchCopyW (deviceName, ARRAYSIZE(deviceName), volParams->volumePath); + + driveLetter = GetDiskDeviceDriveLetter (deviceName); + + + if (FakeDosNameForDevice (volParams->volumePath, dosDev, sizeof(dosDev),devName, sizeof(devName),FALSE) != 0) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + if (IsDeviceMounted (devName)) + { + dev = OpenPartitionVolume (hwndDlg, devName, + FALSE, // Do not require exclusive access (must be FALSE; otherwise, it will not be possible to dismount the volume or obtain its properties and FSCTL_ALLOW_EXTENDED_DASD_IO will fail too) + TRUE, // Require shared access (must be TRUE; otherwise, it will not be possible to dismount the volume or obtain its properties and FSCTL_ALLOW_EXTENDED_DASD_IO will fail too) + FALSE, // Do not ask the user to confirm shared access (if exclusive fails) + FALSE, // Do not append alternative instructions how to encrypt the data (to applicable error messages) + FALSE); // Non-silent mode + + if (dev == INVALID_HANDLE_VALUE) + { + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + } + else + { + // The volume is not mounted so we can't work with the filesystem. + Error ("ONLY_MOUNTED_VOL_SUPPORTED_FOR_NONSYS_INPLACE_ENC", hwndDlg); + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + + + /* Gain "raw" access to the partition (the NTFS driver guards hidden sectors). */ + + if (!DeviceIoControl (dev, + FSCTL_ALLOW_EXTENDED_DASD_IO, + NULL, + 0, + NULL, + 0, + &dwResult, + NULL)) + { + handleWin32Error (MainDlg, SRC_POS); + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL_ALT", TRUE); + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + + + + /* Shrink the filesystem */ + + int64 totalClusterCount; + DWORD bytesPerCluster; + + sizeToShrinkTo = NewFileSysSizeAfterShrink (dev, volParams->volumePath, &totalClusterCount, &bytesPerCluster, FALSE); + + if (sizeToShrinkTo == -1) + { + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL_ALT", TRUE); + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_RESIZING); + + memset (&shrinkVolInfo, 0, sizeof (shrinkVolInfo)); + + shrinkVolInfo.ShrinkRequestType = ShrinkPrepare; + shrinkVolInfo.NewNumberOfSectors = sizeToShrinkTo; + + if (!DeviceIoControl (dev, + FSCTL_SHRINK_VOLUME, + (LPVOID) &shrinkVolInfo, + sizeof (shrinkVolInfo), + NULL, + 0, + &dwResult, + NULL)) + { + handleWin32Error (hwndDlg, SRC_POS); + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "CANNOT_RESIZE_FILESYS", TRUE); + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + + BOOL clustersMovedBeforeVolumeEnd = FALSE; + + while (true) + { + shrinkVolInfo.ShrinkRequestType = ShrinkCommit; + shrinkVolInfo.NewNumberOfSectors = 0; + + if (!DeviceIoControl (dev, FSCTL_SHRINK_VOLUME, &shrinkVolInfo, sizeof (shrinkVolInfo), NULL, 0, &dwResult, NULL)) + { + // If there are any occupied clusters beyond the new desired end of the volume, the call fails with + // ERROR_ACCESS_DENIED (STATUS_ALREADY_COMMITTED). + if (GetLastError () == ERROR_ACCESS_DENIED) + { + if (!clustersMovedBeforeVolumeEnd) + { + if (MoveClustersBeforeThreshold (dev, deviceName, totalClusterCount - (bytesPerCluster > TC_TOTAL_VOLUME_HEADERS_SIZE ? 1 : TC_TOTAL_VOLUME_HEADERS_SIZE / bytesPerCluster))) + { + clustersMovedBeforeVolumeEnd = TRUE; + continue; + } + + handleWin32Error (hwndDlg, SRC_POS); + } + } + else + handleWin32Error (hwndDlg, SRC_POS); + + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "CANNOT_RESIZE_FILESYS", TRUE); + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + + break; + } + + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PREPARING); + + + /* Gain exclusive access to the volume */ + + nStatus = DismountFileSystem (hwndDlg, dev, + driveLetter, + TRUE, + TRUE, + FALSE); + + if (nStatus != ERR_SUCCESS) + { + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + + + + /* Create header backup on the partition. Until the volume is fully encrypted, the backup header will provide + us with the master key, encrypted range, and other data for pause/resume operations. We cannot create the + primary header until the entire partition is encrypted (because we encrypt backwards and the primary header + area is occuppied by data until the very end of the process). */ + + // Prepare the backup header + for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_HEADER_WIPE_PASSES); wipePass++) + { + nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, + header, + volParams->ea, + FIRST_MODE_OF_OPERATION_ID, + volParams->password, + volParams->pkcs5, + volParams->pim, + wipePass == 0 ? NULL : (char *) cryptoInfo->master_keydata, + &cryptoInfo, + dataAreaSize, + 0, + TC_VOLUME_DATA_OFFSET + dataAreaSize, // Start of the encrypted area = the first byte of the backup heeader (encrypting from the end) + 0, // No data is encrypted yet + 0, + volParams->headerFlags | TC_HEADER_FLAG_NONSYS_INPLACE_ENC, + volParams->sectorSize, + wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_HEADER_WIPE_PASSES - 1)); + + if (nStatus != 0) + goto closing_seq; + + offset.QuadPart = TC_VOLUME_DATA_OFFSET + dataAreaSize; + + if (!SetFilePointerEx (dev, offset, NULL, FILE_BEGIN)) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + // Write the backup header to the partition + if (!WriteEffectiveVolumeHeader (TRUE, dev, (byte *) header)) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + // Fill the reserved sectors of the backup header area with random data + nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, dataAreaSize, FALSE, TRUE); + + if (nStatus != ERR_SUCCESS) + goto closing_seq; + } + + + /* Now we will try to decrypt the backup header to verify it has been correctly written. */ + + nStatus = OpenBackupHeader (dev, volParams->volumePath, volParams->password, volParams->pkcs5, volParams->pim, &cryptoInfo2, NULL, deviceSize); + + if (nStatus != ERR_SUCCESS + || cryptoInfo->EncryptedAreaStart.Value != cryptoInfo2->EncryptedAreaStart.Value + || cryptoInfo2->EncryptedAreaStart.Value == 0) + { + if (nStatus == ERR_SUCCESS) + nStatus = ERR_PARAMETER_INCORRECT; + + goto closing_seq; + } + + // The backup header is valid so we know we should be able to safely resume in-place encryption + // of this partition even if the system/app crashes. + + + + /* Conceal the NTFS filesystem (by performing an easy-to-undo modification). This will prevent Windows + and apps from interfering with the volume until it has been fully encrypted. */ + + nStatus = ConcealNTFS (dev); + + if (nStatus != ERR_SUCCESS) + goto closing_seq; + + + + // /* If a drive letter is assigned to the device, remove it (so that users do not try to open it, which + //would cause Windows to ask them if they want to format the volume and other dangerous things). */ + + //if (driveLetter >= 0) + //{ + // char rootPath[] = { driveLetter + 'A', ':', '\\', 0 }; + + // // Try to remove the assigned drive letter + // if (DeleteVolumeMountPoint (rootPath)) + // driveLetter = -1; + //} + + + + /* Update config files and app data */ + + // In the config file, increase the number of partitions where in-place encryption is in progress + + SaveNonSysInPlaceEncSettings (1, wipeAlgorithm, FALSE); + + + // Add the wizard to the system startup sequence if appropriate + + if (!IsNonInstallMode ()) + ManageStartupSeqWiz (FALSE, L"/prinplace"); + + + nStatus = ERR_SUCCESS; + + +closing_seq: + + dwError = GetLastError(); + + if (cryptoInfo != NULL) + { + crypto_close (cryptoInfo); + cryptoInfo = NULL; + } + + if (cryptoInfo2 != NULL) + { + crypto_close (cryptoInfo2); + cryptoInfo2 = NULL; + } + + burn (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + VirtualUnlock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + TCfree (header); + + if (dosDev[0]) + RemoveFakeDosName (volParams->volumePath, dosDev); + + *outHandle = dev; + + if (nStatus != ERR_SUCCESS) + SetLastError (dwError); + + return nStatus; +} + + +int EncryptPartitionInPlaceResume (HANDLE dev, + volatile FORMAT_VOL_PARAMETERS *volParams, + WipeAlgorithmId wipeAlgorithm, + volatile BOOL *bTryToCorrectReadErrors) +{ + PCRYPTO_INFO masterCryptoInfo = NULL, headerCryptoInfo = NULL, tmpCryptoInfo = NULL; + UINT64_STRUCT unitNo; + char *buf = NULL, *header = NULL; + byte *wipeBuffer = NULL; + byte wipeRandChars [TC_WIPE_RAND_CHAR_COUNT]; + byte wipeRandCharsUpdate [TC_WIPE_RAND_CHAR_COUNT]; + WCHAR dosDev[TC_MAX_PATH] = {0}; + WCHAR devName[MAX_PATH] = {0}; + WCHAR deviceName[MAX_PATH]; + int nStatus = ERR_SUCCESS; + __int64 deviceSize; + uint64 remainingBytes, lastHeaderUpdateDistance = 0, zeroedSectorCount = 0; + uint32 workChunkSize; + DWORD dwError, dwResult; + BOOL bPause = FALSE, bEncryptedAreaSizeChanged = FALSE; + LARGE_INTEGER offset; + int sectorSize; + int i; + DWORD n; + WCHAR *devicePath = volParams->volumePath; + Password *password = volParams->password; + int pkcs5_prf = volParams->pkcs5; + int pim = volParams->pim; + DISK_GEOMETRY driveGeometry; + HWND hwndDlg = volParams->hwndDlg; + + + bInPlaceEncNonSysResumed = TRUE; + + buf = (char *) TCalloc (TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); + if (!buf) + { + nStatus = ERR_OUTOFMEMORY; + goto closing_seq; + } + + header = (char *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); + if (!header) + { + nStatus = ERR_OUTOFMEMORY; + goto closing_seq; + } + + VirtualLock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + + if (wipeAlgorithm != TC_WIPE_NONE) + { + wipeBuffer = (byte *) TCalloc (TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); + if (!wipeBuffer) + { + nStatus = ERR_OUTOFMEMORY; + goto closing_seq; + } + } + + headerCryptoInfo = crypto_open(); + + if (headerCryptoInfo == NULL) + { + nStatus = ERR_OUTOFMEMORY; + goto closing_seq; + } + + deviceSize = GetDeviceSize (devicePath); + if (deviceSize < 0) + { + // Cannot determine the size of the partition + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + if (dev == INVALID_HANDLE_VALUE) + { + StringCchCopyW (deviceName, ARRAYSIZE(deviceName), devicePath); + + if (FakeDosNameForDevice (deviceName, dosDev, sizeof(dosDev),devName, sizeof(devName),FALSE) != 0) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + dev = OpenPartitionVolume (hwndDlg, devName, + FALSE, // Do not require exclusive access + FALSE, // Do not require shared access + TRUE, // Ask the user to confirm shared access (if exclusive fails) + FALSE, // Do not append alternative instructions how to encrypt the data (to applicable error messages) + FALSE); // Non-silent mode + + if (dev == INVALID_HANDLE_VALUE) + { + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + } + + // This should never be needed, but is still performed for extra safety (without checking the result) + DeviceIoControl (dev, + FSCTL_ALLOW_EXTENDED_DASD_IO, + NULL, + 0, + NULL, + 0, + &dwResult, + NULL); + + + if (!DeviceIoControl (dev, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &driveGeometry, sizeof (driveGeometry), &dwResult, NULL)) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + sectorSize = driveGeometry.BytesPerSector; + + + nStatus = OpenBackupHeader (dev, devicePath, password, pkcs5_prf, pim, &masterCryptoInfo, headerCryptoInfo, deviceSize); + + if (nStatus != ERR_SUCCESS) + goto closing_seq; + + + + remainingBytes = masterCryptoInfo->VolumeSize.Value - masterCryptoInfo->EncryptedAreaLength.Value; + + lastHeaderUpdateDistance = 0; + + + ExportProgressStats (masterCryptoInfo->EncryptedAreaLength.Value, masterCryptoInfo->VolumeSize.Value); + + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_ENCRYPTING); + + bFirstNonSysInPlaceEncResumeDone = TRUE; + + + /* The in-place encryption core */ + + while (remainingBytes > 0) + { + workChunkSize = (uint32) min (remainingBytes, TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); + + if (workChunkSize % ENCRYPTION_DATA_UNIT_SIZE != 0) + { + nStatus = ERR_PARAMETER_INCORRECT; + goto closing_seq; + } + + unitNo.Value = (remainingBytes - workChunkSize + TC_VOLUME_DATA_OFFSET) / ENCRYPTION_DATA_UNIT_SIZE; + + + // Read the plaintext into RAM + +inplace_enc_read: + + offset.QuadPart = masterCryptoInfo->EncryptedAreaStart.Value - workChunkSize - TC_VOLUME_DATA_OFFSET; + + if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + if (ReadFile (dev, buf, workChunkSize, &n, NULL) == 0) + { + // Read error + + DWORD dwTmpErr = GetLastError (); + + if (IsDiskReadError (dwTmpErr) && !bVolTransformThreadCancel) + { + // Physical defect or data corruption + + if (!*bTryToCorrectReadErrors) + { + *bTryToCorrectReadErrors = (AskWarnYesNo ("ENABLE_BAD_SECTOR_ZEROING", hwndDlg) == IDYES); + } + + if (*bTryToCorrectReadErrors) + { + // Try to correct the read errors physically + + offset.QuadPart = masterCryptoInfo->EncryptedAreaStart.Value - workChunkSize - TC_VOLUME_DATA_OFFSET; + + nStatus = ZeroUnreadableSectors (dev, offset, workChunkSize, sectorSize, &zeroedSectorCount); + + if (nStatus != ERR_SUCCESS) + { + // Due to write errors, we can't correct the read errors + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + goto inplace_enc_read; + } + } + + SetLastError (dwTmpErr); // Preserve the original error code + + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + if (remainingBytes - workChunkSize < TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE) + { + // We reached the inital portion of the filesystem, which we had concealed (in order to prevent + // Windows from interfering with the volume). Now we need to undo that modification. + + for (i = 0; i < TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE - (remainingBytes - workChunkSize); i++) + buf[i] ^= TC_NTFS_CONCEAL_CONSTANT; + } + + + // Encrypt the plaintext in RAM + + EncryptDataUnits ((byte *) buf, &unitNo, workChunkSize / ENCRYPTION_DATA_UNIT_SIZE, masterCryptoInfo); + + + // If enabled, wipe the area to which we will write the ciphertext + + if (wipeAlgorithm != TC_WIPE_NONE) + { + byte wipePass; + int wipePassCount = GetWipePassCount (wipeAlgorithm); + + if (wipePassCount <= 0) + { + SetLastError (ERROR_INVALID_PARAMETER); + nStatus = ERR_PARAMETER_INCORRECT; + goto closing_seq; + } + + offset.QuadPart = masterCryptoInfo->EncryptedAreaStart.Value - workChunkSize; + + for (wipePass = 1; wipePass <= wipePassCount; ++wipePass) + { + if (!WipeBuffer (wipeAlgorithm, wipeRandChars, wipePass, wipeBuffer, workChunkSize)) + { + ULONG i; + for (i = 0; i < workChunkSize; ++i) + { + wipeBuffer[i] = buf[i] + wipePass; + } + + EncryptDataUnits (wipeBuffer, &unitNo, workChunkSize / ENCRYPTION_DATA_UNIT_SIZE, masterCryptoInfo); + memcpy (wipeRandCharsUpdate, wipeBuffer, sizeof (wipeRandCharsUpdate)); + } + + if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0 + || WriteFile (dev, wipeBuffer, workChunkSize, &n, NULL) == 0) + { + // Write error + dwError = GetLastError(); + + // Undo failed write operation + if (workChunkSize > TC_VOLUME_DATA_OFFSET && SetFilePointerEx (dev, offset, NULL, FILE_BEGIN)) + { + DecryptDataUnits ((byte *) buf, &unitNo, workChunkSize / ENCRYPTION_DATA_UNIT_SIZE, masterCryptoInfo); + WriteFile (dev, buf + TC_VOLUME_DATA_OFFSET, workChunkSize - TC_VOLUME_DATA_OFFSET, &n, NULL); + } + + SetLastError (dwError); + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + } + + memcpy (wipeRandChars, wipeRandCharsUpdate, sizeof (wipeRandCharsUpdate)); + } + + + // Write the ciphertext + + offset.QuadPart = masterCryptoInfo->EncryptedAreaStart.Value - workChunkSize; + + if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + if (WriteFile (dev, buf, workChunkSize, &n, NULL) == 0) + { + // Write error + dwError = GetLastError(); + + // Undo failed write operation + if (workChunkSize > TC_VOLUME_DATA_OFFSET && SetFilePointerEx (dev, offset, NULL, FILE_BEGIN)) + { + DecryptDataUnits ((byte *) buf, &unitNo, workChunkSize / ENCRYPTION_DATA_UNIT_SIZE, masterCryptoInfo); + WriteFile (dev, buf + TC_VOLUME_DATA_OFFSET, workChunkSize - TC_VOLUME_DATA_OFFSET, &n, NULL); + } + + SetLastError (dwError); + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + + masterCryptoInfo->EncryptedAreaStart.Value -= workChunkSize; + masterCryptoInfo->EncryptedAreaLength.Value += workChunkSize; + + remainingBytes -= workChunkSize; + lastHeaderUpdateDistance += workChunkSize; + + bEncryptedAreaSizeChanged = TRUE; + + if (lastHeaderUpdateDistance >= TC_NONSYS_INPLACE_ENC_HEADER_UPDATE_INTERVAL) + { + nStatus = FastVolumeHeaderUpdate (dev, headerCryptoInfo, masterCryptoInfo, deviceSize); + + if (nStatus != ERR_SUCCESS) + goto closing_seq; + + lastHeaderUpdateDistance = 0; + } + + ExportProgressStats (masterCryptoInfo->EncryptedAreaLength.Value, masterCryptoInfo->VolumeSize.Value); + + if (bVolTransformThreadCancel) + { + bPause = TRUE; + break; + } + } + + nStatus = FastVolumeHeaderUpdate (dev, headerCryptoInfo, masterCryptoInfo, deviceSize); + + + if (nStatus != ERR_SUCCESS) + goto closing_seq; + + + if (!bPause) + { + /* The data area has been fully encrypted; create and write the primary volume header */ + + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_FINALIZING); + + for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_HEADER_WIPE_PASSES); wipePass++) + { + nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, + header, + headerCryptoInfo->ea, + headerCryptoInfo->mode, + password, + masterCryptoInfo->pkcs5, + pim, + (char *) masterCryptoInfo->master_keydata, + &tmpCryptoInfo, + masterCryptoInfo->VolumeSize.Value, + 0, + masterCryptoInfo->EncryptedAreaStart.Value, + masterCryptoInfo->EncryptedAreaLength.Value, + masterCryptoInfo->RequiredProgramVersion, + masterCryptoInfo->HeaderFlags | TC_HEADER_FLAG_NONSYS_INPLACE_ENC, + masterCryptoInfo->SectorSize, + wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_HEADER_WIPE_PASSES - 1)); + + if (nStatus != ERR_SUCCESS) + goto closing_seq; + + + offset.QuadPart = TC_VOLUME_HEADER_OFFSET; + + if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0 + || !WriteEffectiveVolumeHeader (TRUE, dev, (byte *) header)) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + // Fill the reserved sectors of the header area with random data + nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, headerCryptoInfo, masterCryptoInfo->VolumeSize.Value, TRUE, FALSE); + + if (nStatus != ERR_SUCCESS) + goto closing_seq; + } + + // Update the configuration files + + SaveNonSysInPlaceEncSettings (-1, wipeAlgorithm, FALSE); + + + + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_FINISHED); + + nStatus = ERR_SUCCESS; + } + else + { + // The process has been paused by the user or aborted by the wizard (e.g. on app exit) + + nStatus = ERR_USER_ABORT; + + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PAUSED); + } + + +closing_seq: + + dwError = GetLastError(); + + if (bEncryptedAreaSizeChanged + && dev != INVALID_HANDLE_VALUE + && masterCryptoInfo != NULL + && headerCryptoInfo != NULL + && deviceSize > 0) + { + // Execution of the core loop may have been interrupted due to an error or user action without updating the header + FastVolumeHeaderUpdate (dev, headerCryptoInfo, masterCryptoInfo, deviceSize); + } + + if (masterCryptoInfo != NULL) + { + crypto_close (masterCryptoInfo); + masterCryptoInfo = NULL; + } + + if (headerCryptoInfo != NULL) + { + crypto_close (headerCryptoInfo); + headerCryptoInfo = NULL; + } + + if (tmpCryptoInfo != NULL) + { + crypto_close (tmpCryptoInfo); + tmpCryptoInfo = NULL; + } + + if (dosDev[0]) + RemoveFakeDosName (devicePath, dosDev); + + if (dev != INVALID_HANDLE_VALUE) + { + CloseHandle (dev); + dev = INVALID_HANDLE_VALUE; + } + + if (buf != NULL) + TCfree (buf); + + if (header != NULL) + { + burn (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + VirtualUnlock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + TCfree (header); + } + + if (wipeBuffer != NULL) + TCfree (wipeBuffer); + + if (zeroedSectorCount > 0) + { + wchar_t msg[30000] = {0}; + wchar_t sizeStr[500] = {0}; + + GetSizeString (zeroedSectorCount * sectorSize, sizeStr, sizeof(sizeStr)); + + StringCbPrintfW (msg, sizeof(msg), + GetString ("ZEROED_BAD_SECTOR_COUNT"), + zeroedSectorCount, + sizeStr); + + WarningDirect (msg, hwndDlg); + } + + if (nStatus != ERR_SUCCESS && nStatus != ERR_USER_ABORT) + SetLastError (dwError); + + return nStatus; +} + +int DecryptPartitionInPlace (volatile FORMAT_VOL_PARAMETERS *volParams, volatile BOOL *DiscardUnreadableEncryptedSectors) +{ + HANDLE dev = INVALID_HANDLE_VALUE; + PCRYPTO_INFO masterCryptoInfo = NULL, headerCryptoInfo = NULL; + UINT64_STRUCT unitNo; + char *buf = NULL; + byte *tmpSectorBuf = NULL; + WCHAR dosDev[TC_MAX_PATH] = {0}; + WCHAR devName[MAX_PATH] = {0}; + WCHAR deviceName[MAX_PATH]; + int nStatus = ERR_SUCCESS; + __int64 deviceSize; + uint64 remainingBytes, workChunkStartByteOffset, lastHeaderUpdateDistance = 0, skippedBadSectorCount = 0; + uint32 workChunkSize; + DWORD dwError, dwResult; + BOOL bPause = FALSE, bEncryptedAreaSizeChanged = FALSE; + LARGE_INTEGER offset; + int sectorSize; + int i; + DWORD n; + WCHAR *devicePath = volParams->volumePath; + Password *password = volParams->password; + HWND hwndDlg = volParams->hwndDlg; + int pkcs5_prf = volParams->pkcs5; + int pim = volParams->pim; + DISK_GEOMETRY driveGeometry; + + + buf = (char *) TCalloc (TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); + if (!buf) + { + nStatus = ERR_OUTOFMEMORY; + goto closing_seq; + } + + headerCryptoInfo = crypto_open(); + + if (headerCryptoInfo == NULL) + { + nStatus = ERR_OUTOFMEMORY; + goto closing_seq; + } + + deviceSize = GetDeviceSize (devicePath); + if (deviceSize < 0) + { + // Cannot determine the size of the partition + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + + // The wizard should have dismounted the TC volume if it was mounted, but for extra safety we will check this again. + if (IsMountedVolume (devicePath)) + { + int driveLetter = GetMountedVolumeDriveNo (devicePath); + + if (driveLetter == -1 + || !UnmountVolume (hwndDlg, driveLetter, TRUE)) + { + handleWin32Error (hwndDlg, SRC_POS); + AbortProcess ("CANT_DISMOUNT_VOLUME"); + } + } + + + StringCchCopyW (deviceName, ARRAYSIZE(deviceName), devicePath); + + if (FakeDosNameForDevice (deviceName, dosDev, sizeof(dosDev), devName, sizeof(devName), FALSE) != 0) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + dev = OpenPartitionVolume (hwndDlg, devName, + TRUE, // Require exclusive access + FALSE, // Do not require shared access + TRUE, // Ask the user to confirm shared access (if exclusive fails) + FALSE, // Do not append alternative instructions how to encrypt the data (to applicable error messages) + FALSE); // Non-silent mode + + if (dev == INVALID_HANDLE_VALUE) + { + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + + + + // This should never be needed, but is still performed for extra safety (without checking the result) + DeviceIoControl (dev, + FSCTL_ALLOW_EXTENDED_DASD_IO, + NULL, + 0, + NULL, + 0, + &dwResult, + NULL); + + + if (!DeviceIoControl (dev, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &driveGeometry, sizeof (driveGeometry), &dwResult, NULL)) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + if ( (driveGeometry.BytesPerSector == 0) + || (driveGeometry.BytesPerSector > TC_MAX_VOLUME_SECTOR_SIZE) + || (driveGeometry.BytesPerSector % ENCRYPTION_DATA_UNIT_SIZE != 0) + ) + { + Error ("SECTOR_SIZE_UNSUPPORTED", hwndDlg); + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + + sectorSize = driveGeometry.BytesPerSector; + + + tmpSectorBuf = (byte *) TCalloc (sectorSize); + if (!tmpSectorBuf) + { + nStatus = ERR_OUTOFMEMORY; + goto closing_seq; + } + + + nStatus = OpenBackupHeader (dev, devicePath, password, pkcs5_prf, pim, &masterCryptoInfo, headerCryptoInfo, deviceSize); + + if (nStatus != ERR_SUCCESS) + goto closing_seq; + + + if (masterCryptoInfo->LegacyVolume) + { + Error ("NONSYS_INPLACE_DECRYPTION_BAD_VOL_FORMAT", hwndDlg); + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + + if (masterCryptoInfo->hiddenVolume) + { + Error ("NONSYS_INPLACE_DECRYPTION_CANT_DECRYPT_HID_VOL", hwndDlg); + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + + if (!bInPlaceEncNonSysResumed + && masterCryptoInfo->VolumeSize.Value == masterCryptoInfo->EncryptedAreaLength.Value) + { + /* Decryption started (not resumed) */ + + if ((masterCryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) == 0) + { + // The volume has not been encrypted in-place so it may contain a hidden volume. + // Ask the user to confirm it does not. + + char *tmpStr[] = {0, + "CONFIRM_VOL_CONTAINS_NO_HIDDEN_VOL", + "VOL_CONTAINS_NO_HIDDEN_VOL", + "VOL_CONTAINS_A_HIDDEN_VOL", + 0}; + + switch (AskMultiChoice ((void **) tmpStr, FALSE, hwndDlg)) + { + case 1: + // NOP + break; + case 2: + default: + // Cancel + nStatus = ERR_DONT_REPORT; + goto closing_seq; + } + } + + // Update config files and app data + + // In the config file, increase the number of partitions where in-place decryption is in progress + SaveNonSysInPlaceEncSettings (1, TC_WIPE_NONE, TRUE); + + // Add the wizard to the system startup sequence if appropriate + if (!IsNonInstallMode ()) + ManageStartupSeqWiz (FALSE, L"/prinplace"); + } + + + + bInPlaceEncNonSysResumed = TRUE; + bFirstNonSysInPlaceEncResumeDone = TRUE; + + + remainingBytes = masterCryptoInfo->EncryptedAreaLength.Value; + + lastHeaderUpdateDistance = 0; + + + ExportProgressStats (masterCryptoInfo->EncryptedAreaLength.Value, masterCryptoInfo->VolumeSize.Value); + + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_DECRYPTING); + + + + /* The in-place decryption core */ + + while (remainingBytes > 0) + { + workChunkSize = (uint32) min (remainingBytes, TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); + + if (workChunkSize % ENCRYPTION_DATA_UNIT_SIZE != 0) + { + nStatus = ERR_PARAMETER_INCORRECT; + goto closing_seq; + } + + workChunkStartByteOffset = masterCryptoInfo->EncryptedAreaStart.Value; + + unitNo.Value = workChunkStartByteOffset / ENCRYPTION_DATA_UNIT_SIZE; + + + // Read the ciphertext into RAM + + offset.QuadPart = workChunkStartByteOffset; + + if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + if (ReadFile (dev, buf, workChunkSize, &n, NULL) == 0) + { + // Read error + + DWORD dwTmpErr = GetLastError (); + + if (IsDiskReadError (dwTmpErr) && !bVolTransformThreadCancel) + { + // Physical defect or data corruption + + if (!*DiscardUnreadableEncryptedSectors) + { + *DiscardUnreadableEncryptedSectors = (AskWarnYesNo ("DISCARD_UNREADABLE_ENCRYPTED_SECTORS", hwndDlg) == IDYES); + } + + if (*DiscardUnreadableEncryptedSectors) + { + // Read the work chunk again, but this time each sector individually and skiping each bad sector + + LARGE_INTEGER tmpSectorOffset; + uint64 tmpSectorCount; + uint64 tmpBufOffset = 0; + DWORD tmpNbrReadBytes = 0; + + tmpSectorOffset.QuadPart = offset.QuadPart; + + for (tmpSectorCount = workChunkSize / sectorSize; tmpSectorCount > 0; --tmpSectorCount) + { + if (SetFilePointerEx (dev, tmpSectorOffset, NULL, FILE_BEGIN) == 0) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + if (ReadFile (dev, tmpSectorBuf, sectorSize, &tmpNbrReadBytes, NULL) == 0 + || tmpNbrReadBytes != (DWORD) sectorSize) + { + // Read error + + // Clear the buffer so the content of each unreadable sector is replaced with decrypted all-zero blocks (producing pseudorandom data) + memset (tmpSectorBuf, 0, sectorSize); + + skippedBadSectorCount++; + } + + memcpy (buf + tmpBufOffset, tmpSectorBuf, sectorSize); + + tmpSectorOffset.QuadPart += sectorSize; + tmpBufOffset += sectorSize; + } + } + else + { + SetLastError (dwTmpErr); // Preserve the original error code + + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + } + else + { + SetLastError (dwTmpErr); // Preserve the original error code + + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + } + + // Decrypt the ciphertext in RAM + + DecryptDataUnits ((byte *) buf, &unitNo, workChunkSize / ENCRYPTION_DATA_UNIT_SIZE, masterCryptoInfo); + + + + // Conceal initial portion of the filesystem + + if (workChunkStartByteOffset - TC_VOLUME_DATA_OFFSET < TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE) + { + // We are decrypting the initial TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE bytes of the filesystem. We will + // conceal this portion to prevent Windows and applications from interfering with the volume. + + for (i = 0; i < min (TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE, workChunkStartByteOffset - TC_VOLUME_DATA_OFFSET + workChunkSize); i++) + buf[i] ^= TC_NTFS_CONCEAL_CONSTANT; + } + + + // Write the plaintext + + offset.QuadPart = workChunkStartByteOffset - TC_VOLUME_DATA_OFFSET; + + if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + if (WriteFile (dev, buf, workChunkSize, &n, NULL) == 0) + { + // Write error + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + + masterCryptoInfo->EncryptedAreaStart.Value += workChunkSize; + masterCryptoInfo->EncryptedAreaLength.Value -= workChunkSize; + + remainingBytes -= workChunkSize; + lastHeaderUpdateDistance += workChunkSize; + + bEncryptedAreaSizeChanged = TRUE; + + if (lastHeaderUpdateDistance >= TC_NONSYS_INPLACE_ENC_HEADER_UPDATE_INTERVAL) + { + nStatus = FastVolumeHeaderUpdate (dev, headerCryptoInfo, masterCryptoInfo, deviceSize); + + if (nStatus != ERR_SUCCESS) + { + // Possible write error + goto closing_seq; + } + + lastHeaderUpdateDistance = 0; + } + + ExportProgressStats (masterCryptoInfo->EncryptedAreaLength.Value, masterCryptoInfo->VolumeSize.Value); + + if (bVolTransformThreadCancel) + { + bPause = TRUE; + break; + } + } + + nStatus = FastVolumeHeaderUpdate (dev, headerCryptoInfo, masterCryptoInfo, deviceSize); + + + if (nStatus != ERR_SUCCESS) + { + // Possible write error + goto closing_seq; + } + + + if (!bPause) + { + /* Volume has been fully decrypted. */ + + + // Prevent attempts to update volume header during the closing sequence + bEncryptedAreaSizeChanged = FALSE; + + + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_FINALIZING); + + + + /* Undo concealing of the filesystem */ + + nStatus = ConcealNTFS (dev); + + if (nStatus != ERR_SUCCESS) + goto closing_seq; + + + + /* Ovewrite the backup header and the remaining ciphertext with all-zero blocks (the primary header was overwritten with the decrypted data). */ + + memset (tmpSectorBuf, 0, sectorSize); + + for (offset.QuadPart = masterCryptoInfo->VolumeSize.Value; + offset.QuadPart <= deviceSize - sectorSize; + offset.QuadPart += sectorSize) + { + if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + if (WriteFile (dev, tmpSectorBuf, sectorSize, &n, NULL) == 0) + { + // Write error + dwError = GetLastError(); + + SetLastError (dwError); + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + } + + + + /* Update the configuration files */ + + SaveNonSysInPlaceEncSettings (-1, TC_WIPE_NONE, TRUE); + + + + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_FINISHED); + + nStatus = ERR_SUCCESS; + + } + else + { + // The process has been paused by the user or aborted by the wizard (e.g. on app exit) + + nStatus = ERR_USER_ABORT; + + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PAUSED); + } + + if (dev != INVALID_HANDLE_VALUE) + { + CloseHandle (dev); + dev = INVALID_HANDLE_VALUE; + } + + +closing_seq: + + dwError = GetLastError(); + + if (bEncryptedAreaSizeChanged + && dev != INVALID_HANDLE_VALUE + && masterCryptoInfo != NULL + && headerCryptoInfo != NULL + && deviceSize > 0) + { + // Execution of the core loop may have been interrupted due to an error or user action without updating the header + FastVolumeHeaderUpdate (dev, headerCryptoInfo, masterCryptoInfo, deviceSize); + } + + if (dev != INVALID_HANDLE_VALUE) + { + CloseHandle (dev); + dev = INVALID_HANDLE_VALUE; + } + + if (masterCryptoInfo != NULL) + { + crypto_close (masterCryptoInfo); + masterCryptoInfo = NULL; + } + + if (headerCryptoInfo != NULL) + { + crypto_close (headerCryptoInfo); + headerCryptoInfo = NULL; + } + + if (dosDev[0]) + RemoveFakeDosName (devicePath, dosDev); + + if (buf != NULL) + { + TCfree (buf); + buf = NULL; + } + + if (tmpSectorBuf != NULL) + { + TCfree (tmpSectorBuf); + tmpSectorBuf = NULL; + } + + if (skippedBadSectorCount > 0) + { + wchar_t msg[30000] = {0}; + wchar_t sizeStr[500] = {0}; + + GetSizeString (skippedBadSectorCount * sectorSize, sizeStr, sizeof(sizeStr)); + + StringCbPrintfW (msg, sizeof(msg), + GetString ("SKIPPED_BAD_SECTOR_COUNT"), + skippedBadSectorCount, + sizeStr); + + WarningDirect (msg, hwndDlg); + } + + if (nStatus != ERR_SUCCESS && nStatus != ERR_USER_ABORT) + SetLastError (dwError); + + return nStatus; +} + +int FastVolumeHeaderUpdate (HANDLE dev, CRYPTO_INFO *headerCryptoInfo, CRYPTO_INFO *masterCryptoInfo, __int64 deviceSize) +{ + LARGE_INTEGER offset; + DWORD n; + int nStatus = ERR_SUCCESS; + byte *header; + DWORD dwError; + uint32 headerCrc32; + byte *fieldPos; + + header = (byte *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); + + if (!header) + return ERR_OUTOFMEMORY; + + VirtualLock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + + + fieldPos = (byte *) header + TC_HEADER_OFFSET_ENCRYPTED_AREA_START; + + offset.QuadPart = deviceSize - TC_VOLUME_HEADER_GROUP_SIZE; + + if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0 + || !ReadEffectiveVolumeHeader (TRUE, dev, header, &n) || n < TC_VOLUME_HEADER_EFFECTIVE_SIZE) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + + DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, headerCryptoInfo); + + if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241) + { + nStatus = ERR_PARAMETER_INCORRECT; + goto closing_seq; + } + + mputInt64 (fieldPos, (masterCryptoInfo->EncryptedAreaStart.Value)); + mputInt64 (fieldPos, (masterCryptoInfo->EncryptedAreaLength.Value)); + + // We need to ensure the TC_HEADER_FLAG_NONSYS_INPLACE_ENC flag bit is set, because if volumes created by TC-format + // were decrypted in place, it would be possible to mount them partially encrypted and it wouldn't be possible + // to resume interrupted decryption after the wizard exits. + masterCryptoInfo->HeaderFlags |= TC_HEADER_FLAG_NONSYS_INPLACE_ENC; + fieldPos = (byte *) header + TC_HEADER_OFFSET_FLAGS; + mputLong (fieldPos, (masterCryptoInfo->HeaderFlags)); + + + headerCrc32 = GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC); + fieldPos = (byte *) header + TC_HEADER_OFFSET_HEADER_CRC; + mputLong (fieldPos, headerCrc32); + + EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, headerCryptoInfo); + + + if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0 + || !WriteEffectiveVolumeHeader (TRUE, dev, header)) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + +closing_seq: + + dwError = GetLastError(); + + burn (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + VirtualUnlock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + TCfree (header); + + if (nStatus != ERR_SUCCESS) + SetLastError (dwError); + + return nStatus; +} + + +static HANDLE OpenPartitionVolume (HWND hwndDlg, const wchar_t *devName, + BOOL bExclusiveRequired, + BOOL bSharedRequired, + BOOL bSharedRequiresConfirmation, + BOOL bShowAlternativeSteps, + BOOL bSilent) +{ + HANDLE dev = INVALID_HANDLE_VALUE; + int retryCount = 0; + + if (bExclusiveRequired) + bSharedRequired = FALSE; + + if (bExclusiveRequired || !bSharedRequired) + { + // Exclusive access + // Note that when exclusive access is denied, it is worth retrying (usually succeeds after a few tries). + while (dev == INVALID_HANDLE_VALUE && retryCount++ < EXCL_ACCESS_MAX_AUTO_RETRIES) + { + dev = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_FLAG_WRITE_THROUGH, NULL); + + if (retryCount > 1) + Sleep (EXCL_ACCESS_AUTO_RETRY_DELAY); + } + } + + if (dev == INVALID_HANDLE_VALUE) + { + if (bExclusiveRequired) + { + if (!bSilent) + { + handleWin32Error (hwndDlg, SRC_POS); + + if (bShowAlternativeSteps) + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL_ALT", TRUE); + else + Error ("INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL", hwndDlg); + } + return INVALID_HANDLE_VALUE; + } + + // Shared mode + dev = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_FLAG_WRITE_THROUGH, NULL); + if (dev != INVALID_HANDLE_VALUE) + { + if (bSharedRequiresConfirmation + && !bSilent + && AskWarnNoYes ("DEVICE_IN_USE_INPLACE_ENC", hwndDlg) == IDNO) + { + CloseHandle (dev); + return INVALID_HANDLE_VALUE; + } + } + else + { + if (!bSilent) + { + handleWin32Error (MainDlg, SRC_POS); + + if (bShowAlternativeSteps) + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL_ALT", TRUE); + else + Error ("INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL", hwndDlg); + } + return INVALID_HANDLE_VALUE; + } + } + + return dev; +} + + +static int DismountFileSystem (HWND hwndDlg, HANDLE dev, + int driveLetter, + BOOL bForcedAllowed, + BOOL bForcedRequiresConfirmation, + BOOL bSilent) +{ + int attempt; + BOOL bResult; + DWORD dwResult; + + CloseVolumeExplorerWindows (MainDlg, driveLetter); + + attempt = UNMOUNT_MAX_AUTO_RETRIES * 10; + + while (!(bResult = DeviceIoControl (dev, FSCTL_LOCK_VOLUME, NULL, 0, NULL, 0, &dwResult, NULL)) + && attempt > 0) + { + Sleep (UNMOUNT_AUTO_RETRY_DELAY); + attempt--; + } + + if (!bResult) + { + if (!bForcedAllowed) + { + if (!bSilent) + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_LOCK_OR_DISMOUNT_FILESYS", TRUE); + + return ERR_DONT_REPORT; + } + + if (bForcedRequiresConfirmation + && !bSilent + && AskWarnYesNo ("VOL_LOCK_FAILED_OFFER_FORCED_DISMOUNT", hwndDlg) == IDNO) + { + return ERR_DONT_REPORT; + } + } + + // Dismount the volume + + attempt = UNMOUNT_MAX_AUTO_RETRIES * 10; + + while (!(bResult = DeviceIoControl (dev, FSCTL_DISMOUNT_VOLUME, NULL, 0, NULL, 0, &dwResult, NULL)) + && attempt > 0) + { + Sleep (UNMOUNT_AUTO_RETRY_DELAY); + attempt--; + } + + if (!bResult) + { + if (!bSilent) + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_CANT_LOCK_OR_DISMOUNT_FILESYS", TRUE); + + return ERR_DONT_REPORT; + } + + return ERR_SUCCESS; +} + + +// Easy-to-undo modification applied to conceal the NTFS filesystem (to prevent Windows and apps from +// interfering with it until the volume has been fully encrypted). Note that this function will precisely +// undo any modifications it made to the filesystem automatically if an error occurs when writing (including +// physical drive defects). +static int ConcealNTFS (HANDLE dev) +{ + char buf [TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE]; + DWORD nbrBytesProcessed, nbrBytesProcessed2; + int i; + LARGE_INTEGER offset; + DWORD dwError; + + offset.QuadPart = 0; + + if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) + return ERR_OS_ERROR; + + if (ReadFile (dev, buf, TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE, &nbrBytesProcessed, NULL) == 0) + return ERR_OS_ERROR; + + for (i = 0; i < TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE; i++) + buf[i] ^= TC_NTFS_CONCEAL_CONSTANT; + + offset.QuadPart = 0; + + if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0) + return ERR_OS_ERROR; + + if (WriteFile (dev, buf, TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE, &nbrBytesProcessed, NULL) == 0) + { + // One or more of the sectors is/are probably damaged and cause write errors. + // We must undo the modifications we made. + + dwError = GetLastError(); + + for (i = 0; i < TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE; i++) + buf[i] ^= TC_NTFS_CONCEAL_CONSTANT; + + offset.QuadPart = 0; + + do + { + Sleep (1); + } + while (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0 + || WriteFile (dev, buf, TC_INITIAL_NTFS_CONCEAL_PORTION_SIZE, &nbrBytesProcessed2, NULL) == 0); + + SetLastError (dwError); + + return ERR_OS_ERROR; + } + + return ERR_SUCCESS; +} + + +void ShowInPlaceEncErrMsgWAltSteps (HWND hwndDlg, char *iniStrId, BOOL bErr) +{ + wchar_t msg[30000]; + + StringCbCopyW (msg, sizeof(msg), GetString (iniStrId)); + + StringCbCatW (msg, sizeof(msg), L"\n\n\n"); + StringCbCatW (msg, sizeof(msg), GetString ("INPLACE_ENC_ALTERNATIVE_STEPS")); + + if (bErr) + ErrorDirect (msg, hwndDlg); + else + WarningDirect (msg, hwndDlg); +} + + +static void ExportProgressStats (__int64 bytesDone, __int64 totalSize) +{ + NonSysInplaceEncBytesDone = bytesDone; + NonSysInplaceEncTotalSize = totalSize; +} + + +void SetNonSysInplaceEncUIStatus (int nonSysInplaceEncStatus) +{ + NonSysInplaceEncStatus = nonSysInplaceEncStatus; +} + + +BOOL SaveNonSysInPlaceEncSettings (int delta, WipeAlgorithmId newWipeAlgorithm, BOOL bDecrypt) +{ + int count; + char str[32]; + WipeAlgorithmId savedWipeAlgorithm = TC_WIPE_NONE; + + if (delta == 0) + return TRUE; + + count = LoadNonSysInPlaceEncSettings (&savedWipeAlgorithm) + delta; + + if (count < 1) + { + RemoveNonSysInPlaceEncNotifications(); + return TRUE; + } + else if (!bDecrypt) + { + if (newWipeAlgorithm != TC_WIPE_NONE) + { + StringCbPrintfA (str, sizeof(str), "%d", (int) newWipeAlgorithm); + + SaveBufferToFile (str, GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE), (DWORD) strlen(str), FALSE, FALSE); + } + else if (FileExists (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE))) + { + _wremove (GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE)); + } + } + + StringCbPrintfA (str, sizeof(str), "%d", count); + + return SaveBufferToFile (str, GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC), (DWORD) strlen(str), FALSE, FALSE); +} + + +// Repairs damaged sectors (i.e. those with read errors) by zeroing them. +// Note that this operating fails if there are any write errors. +int ZeroUnreadableSectors (HANDLE dev, LARGE_INTEGER startOffset, int64 size, int sectorSize, uint64 *zeroedSectorCount) +{ + int nStatus; + DWORD n; + int64 sectorCount; + LARGE_INTEGER workOffset; + byte *sectorBuffer = NULL; + DWORD dwError; + + workOffset.QuadPart = startOffset.QuadPart; + + sectorBuffer = (byte *) TCalloc (sectorSize); + + if (!sectorBuffer) + return ERR_OUTOFMEMORY; + + if (SetFilePointerEx (dev, startOffset, NULL, FILE_BEGIN) == 0) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + + for (sectorCount = size / sectorSize; sectorCount > 0; --sectorCount) + { + if (ReadFile (dev, sectorBuffer, sectorSize, &n, NULL) == 0) + { + memset (sectorBuffer, 0, sectorSize); + + if (SetFilePointerEx (dev, workOffset, NULL, FILE_BEGIN) == 0) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + if (WriteFile (dev, sectorBuffer, sectorSize, &n, NULL) == 0) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + ++(*zeroedSectorCount); + } + + workOffset.QuadPart += n; + } + + nStatus = ERR_SUCCESS; + +closing_seq: + + dwError = GetLastError(); + + if (sectorBuffer != NULL) + TCfree (sectorBuffer); + + if (nStatus != ERR_SUCCESS) + SetLastError (dwError); + + return nStatus; +} + + +static int OpenBackupHeader (HANDLE dev, const wchar_t *devicePath, Password *password, int pkcs5, int pim, PCRYPTO_INFO *retMasterCryptoInfo, CRYPTO_INFO *headerCryptoInfo, __int64 deviceSize) +{ + LARGE_INTEGER offset; + DWORD n; + int nStatus = ERR_SUCCESS; + char *header; + DWORD dwError; + + header = (char *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); + if (!header) + return ERR_OUTOFMEMORY; + + VirtualLock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + + + + offset.QuadPart = deviceSize - TC_VOLUME_HEADER_GROUP_SIZE; + + if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0 + || !ReadEffectiveVolumeHeader (TRUE, dev, (byte *) header, &n) || n < TC_VOLUME_HEADER_EFFECTIVE_SIZE) + { + nStatus = ERR_OS_ERROR; + goto closing_seq; + } + + + nStatus = ReadVolumeHeader (FALSE, header, password, pkcs5, pim, FALSE, retMasterCryptoInfo, headerCryptoInfo); + if (nStatus != ERR_SUCCESS) + goto closing_seq; + + +closing_seq: + + dwError = GetLastError(); + + burn (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + VirtualUnlock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); + TCfree (header); + + dwError = GetLastError(); + + if (nStatus != ERR_SUCCESS) + SetLastError (dwError); + + return nStatus; +} + + +static BOOL GetFreeClusterBeforeThreshold (HANDLE volumeHandle, int64 *freeCluster, int64 clusterThreshold) +{ + const int bitmapSize = 65536; + byte bitmapBuffer[bitmapSize + sizeof (VOLUME_BITMAP_BUFFER)]; + VOLUME_BITMAP_BUFFER *bitmap = (VOLUME_BITMAP_BUFFER *) bitmapBuffer; + STARTING_LCN_INPUT_BUFFER startLcn; + startLcn.StartingLcn.QuadPart = 0; + + DWORD bytesReturned; + while (DeviceIoControl (volumeHandle, FSCTL_GET_VOLUME_BITMAP, &startLcn, sizeof (startLcn), &bitmapBuffer, sizeof (bitmapBuffer), &bytesReturned, NULL) + || GetLastError() == ERROR_MORE_DATA) + { + for (int64 bitmapIndex = 0; bitmapIndex < min (bitmapSize, (bitmap->BitmapSize.QuadPart / 8)); ++bitmapIndex) + { + if (bitmap->StartingLcn.QuadPart + bitmapIndex * 8 >= clusterThreshold) + goto err; + + if (bitmap->Buffer[bitmapIndex] != 0xff) + { + for (int bit = 0; bit < 8; ++bit) + { + if ((bitmap->Buffer[bitmapIndex] & (1 << bit)) == 0) + { + *freeCluster = bitmap->StartingLcn.QuadPart + bitmapIndex * 8 + bit; + + if (*freeCluster >= clusterThreshold) + goto err; + + return TRUE; + } + } + } + } + + startLcn.StartingLcn.QuadPart += min (bitmapSize * 8, bitmap->BitmapSize.QuadPart); + } + +err: + SetLastError (ERROR_DISK_FULL); + return FALSE; +} + + +static BOOL MoveClustersBeforeThresholdInDir (HANDLE volumeHandle, const wstring &directory, int64 clusterThreshold) +{ + WIN32_FIND_DATAW findData; + + HANDLE findHandle = FindFirstFileW (((directory.size() <= 3 ? L"" : L"\\\\?\\") + directory + L"\\*").c_str(), &findData); + if (findHandle == INVALID_HANDLE_VALUE) + return TRUE; // Error ignored + + finally_do_arg (HANDLE, findHandle, { FindClose (finally_arg); }); + + // Find all files and directories + do + { + if (findData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) + { + wstring subDir = findData.cFileName; + + if (subDir == L"." || subDir == L"..") + continue; + + if (!MoveClustersBeforeThresholdInDir (volumeHandle, directory + L"\\" + subDir, clusterThreshold)) + return FALSE; + } + + DWORD access = FILE_READ_ATTRIBUTES; + + if (findData.dwFileAttributes & FILE_ATTRIBUTE_ENCRYPTED) + access = FILE_READ_DATA; + + HANDLE fsObject = CreateFileW ((directory + L"\\" + findData.cFileName).c_str(), access, FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, NULL); + if (fsObject == INVALID_HANDLE_VALUE) + continue; + + finally_do_arg (HANDLE, fsObject, { CloseHandle (finally_arg); }); + + STARTING_VCN_INPUT_BUFFER startVcn; + startVcn.StartingVcn.QuadPart = 0; + RETRIEVAL_POINTERS_BUFFER retPointers; + DWORD bytesReturned; + + // Find clusters allocated beyond the threshold + while (DeviceIoControl (fsObject, FSCTL_GET_RETRIEVAL_POINTERS, &startVcn, sizeof (startVcn), &retPointers, sizeof (retPointers), &bytesReturned, NULL) + || GetLastError() == ERROR_MORE_DATA) + { + if (retPointers.ExtentCount == 0) + break; + + if (retPointers.Extents[0].Lcn.QuadPart != -1) + { + int64 extentStartCluster = retPointers.Extents[0].Lcn.QuadPart; + int64 extentLen = retPointers.Extents[0].NextVcn.QuadPart - retPointers.StartingVcn.QuadPart; + int64 extentEndCluster = extentStartCluster + extentLen - 1; + + if (extentEndCluster >= clusterThreshold) + { + // Move clusters before the threshold + for (int64 movedCluster = max (extentStartCluster, clusterThreshold); movedCluster <= extentEndCluster; ++movedCluster) + { + for (int retry = 0; ; ++retry) + { + MOVE_FILE_DATA moveData; + + if (GetFreeClusterBeforeThreshold (volumeHandle, &moveData.StartingLcn.QuadPart, clusterThreshold)) + { + moveData.FileHandle = fsObject; + moveData.StartingVcn.QuadPart = movedCluster - extentStartCluster + retPointers.StartingVcn.QuadPart; + moveData.ClusterCount = 1; + + if (DeviceIoControl (volumeHandle, FSCTL_MOVE_FILE, &moveData, sizeof (moveData), NULL, 0, &bytesReturned, NULL)) + break; + } + + if (retry > 600) + return FALSE; + + // There are possible race conditions as we work on a live filesystem + Sleep (100); + } + } + } + } + + startVcn.StartingVcn = retPointers.Extents[0].NextVcn; + } + + } while (FindNextFileW (findHandle, &findData)); + + return TRUE; +} + + +BOOL MoveClustersBeforeThreshold (HANDLE volumeHandle, PWSTR volumeDevicePath, int64 clusterThreshold) +{ + int drive = GetDiskDeviceDriveLetter (volumeDevicePath); + if (drive == -1) + { + SetLastError (ERROR_INVALID_PARAMETER); + return FALSE; + } + + wstring volumeRoot = L"X:"; + volumeRoot[0] = L'A' + (wchar_t) drive; + + return MoveClustersBeforeThresholdInDir (volumeHandle, volumeRoot, clusterThreshold); +} diff --git a/src/Format/InPlace.h b/src/Format/InPlace.h index 63673d9d..75cb9e94 100644 --- a/src/Format/InPlace.h +++ b/src/Format/InPlace.h @@ -1,52 +1,52 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifdef __cplusplus -extern "C" { -#endif - -#include "Format.h" - -enum nonsys_inplace_enc_status -{ - NONSYS_INPLACE_ENC_STATUS_NONE = 0, - NONSYS_INPLACE_ENC_STATUS_PREPARING, - NONSYS_INPLACE_ENC_STATUS_RESIZING, - NONSYS_INPLACE_ENC_STATUS_ENCRYPTING, - NONSYS_INPLACE_ENC_STATUS_DECRYPTING, - NONSYS_INPLACE_ENC_STATUS_FINALIZING, - NONSYS_INPLACE_ENC_STATUS_PAUSED, - NONSYS_INPLACE_ENC_STATUS_FINISHED, - NONSYS_INPLACE_ENC_STATUS_ERROR -}; - -BOOL CheckRequirementsForNonSysInPlaceEnc (HWND hwndDlg, const wchar_t *devicePath, BOOL silent); -BOOL CheckRequirementsForNonSysInPlaceDec (HWND hwndDlg, const wchar_t *devicePath, BOOL silent); -int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, volatile HANDLE *outHandle, WipeAlgorithmId wipeAlgorithm); -int EncryptPartitionInPlaceResume (HANDLE dev, volatile FORMAT_VOL_PARAMETERS *volParams, WipeAlgorithmId wipeAlgorithm, volatile BOOL *bTryToCorrectReadErrors); -int DecryptPartitionInPlace (volatile FORMAT_VOL_PARAMETERS *volParams, volatile BOOL *DiscardUnreadableEncryptedSectors); -void ShowInPlaceEncErrMsgWAltSteps (HWND hwndDlg, char *iniStrId, BOOL bErr); -void SetNonSysInplaceEncUIStatus (int nonSysInplaceEncStatus); -int FastVolumeHeaderUpdate (HANDLE dev, CRYPTO_INFO *headerCryptoInfo, CRYPTO_INFO *masterCryptoInfo, __int64 deviceSize); - -static HANDLE OpenPartitionVolume (HWND hwndDlg, const wchar_t *devName, BOOL bExclusiveRequired, BOOL bSharedRequired, BOOL bSharedRequiresConfirmation, BOOL bShowAlternativeSteps, BOOL bSilent); -static int DismountFileSystem (HWND hwndDlg, HANDLE dev, int driveLetter, BOOL bForcedAllowed, BOOL bForcedRequiresConfirmation, BOOL bSilent); -static int ConcealNTFS (HANDLE dev); -BOOL SaveNonSysInPlaceEncSettings (int delta, WipeAlgorithmId wipeAlgorithm, BOOL bDecrypting); -static void ExportProgressStats (__int64 bytesDone, __int64 totalSize); -int ZeroUnreadableSectors (HANDLE dev, LARGE_INTEGER startOffset, int64 size, int sectorSize, uint64 *zeroedSectorCount); -static int OpenBackupHeader (HANDLE dev, const wchar_t *devicePath, Password *password, int pkcs5, int pim, PCRYPTO_INFO *retCryptoInfo, CRYPTO_INFO *headerCryptoInfo, __int64 deviceSize); -BOOL MoveClustersBeforeThreshold (HANDLE volumeHandle, PWSTR volumeDevicePath, int64 clusterThreshold); - -#ifdef __cplusplus -} -#endif +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifdef __cplusplus +extern "C" { +#endif + +#include "Format.h" + +enum nonsys_inplace_enc_status +{ + NONSYS_INPLACE_ENC_STATUS_NONE = 0, + NONSYS_INPLACE_ENC_STATUS_PREPARING, + NONSYS_INPLACE_ENC_STATUS_RESIZING, + NONSYS_INPLACE_ENC_STATUS_ENCRYPTING, + NONSYS_INPLACE_ENC_STATUS_DECRYPTING, + NONSYS_INPLACE_ENC_STATUS_FINALIZING, + NONSYS_INPLACE_ENC_STATUS_PAUSED, + NONSYS_INPLACE_ENC_STATUS_FINISHED, + NONSYS_INPLACE_ENC_STATUS_ERROR +}; + +BOOL CheckRequirementsForNonSysInPlaceEnc (HWND hwndDlg, const wchar_t *devicePath, BOOL silent); +BOOL CheckRequirementsForNonSysInPlaceDec (HWND hwndDlg, const wchar_t *devicePath, BOOL silent); +int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, volatile HANDLE *outHandle, WipeAlgorithmId wipeAlgorithm); +int EncryptPartitionInPlaceResume (HANDLE dev, volatile FORMAT_VOL_PARAMETERS *volParams, WipeAlgorithmId wipeAlgorithm, volatile BOOL *bTryToCorrectReadErrors); +int DecryptPartitionInPlace (volatile FORMAT_VOL_PARAMETERS *volParams, volatile BOOL *DiscardUnreadableEncryptedSectors); +void ShowInPlaceEncErrMsgWAltSteps (HWND hwndDlg, char *iniStrId, BOOL bErr); +void SetNonSysInplaceEncUIStatus (int nonSysInplaceEncStatus); +int FastVolumeHeaderUpdate (HANDLE dev, CRYPTO_INFO *headerCryptoInfo, CRYPTO_INFO *masterCryptoInfo, __int64 deviceSize); + +static HANDLE OpenPartitionVolume (HWND hwndDlg, const wchar_t *devName, BOOL bExclusiveRequired, BOOL bSharedRequired, BOOL bSharedRequiresConfirmation, BOOL bShowAlternativeSteps, BOOL bSilent); +static int DismountFileSystem (HWND hwndDlg, HANDLE dev, int driveLetter, BOOL bForcedAllowed, BOOL bForcedRequiresConfirmation, BOOL bSilent); +static int ConcealNTFS (HANDLE dev); +BOOL SaveNonSysInPlaceEncSettings (int delta, WipeAlgorithmId wipeAlgorithm, BOOL bDecrypting); +static void ExportProgressStats (__int64 bytesDone, __int64 totalSize); +int ZeroUnreadableSectors (HANDLE dev, LARGE_INTEGER startOffset, int64 size, int sectorSize, uint64 *zeroedSectorCount); +static int OpenBackupHeader (HANDLE dev, const wchar_t *devicePath, Password *password, int pkcs5, int pim, PCRYPTO_INFO *retCryptoInfo, CRYPTO_INFO *headerCryptoInfo, __int64 deviceSize); +BOOL MoveClustersBeforeThreshold (HANDLE volumeHandle, PWSTR volumeDevicePath, int64 clusterThreshold); + +#ifdef __cplusplus +} +#endif diff --git a/src/Format/Resource.h b/src/Format/Resource.h index 6f0fdb1b..c407a7f6 100644 --- a/src/Format/Resource.h +++ b/src/Format/Resource.h @@ -1,159 +1,159 @@ -//{{NO_DEPENDENCIES}} -// Microsoft Visual C++ generated include file. -// Used by Format.rc -// -#define IDR_FORMAT_TLB 1 -#define IDD_VOL_CREATION_WIZARD_DLG 101 -#define IDD_CIPHER_PAGE_DLG 102 -#define IDD_SIZE_PAGE_DLG 103 -#define IDD_PASSWORD_PAGE_DLG 104 -#define IDD_VOLUME_LOCATION_PAGE_DLG 105 -#define IDD_FORMAT_PAGE_DLG 106 -#define IDD_INTRO_PAGE_DLG 107 -#define IDD_INFO_PAGE_DLG 108 -#define IDD_HIDVOL_HOST_FILL_PAGE_DLG 109 -#define IDD_HIDDEN_VOL_WIZARD_MODE_PAGE_DLG 110 -#define IDD_PASSWORD_ENTRY_PAGE_DLG 111 -#define IDS_UACSTRING_FMT 112 -#define IDD_VOLUME_TYPE_PAGE_DLG 113 -#define IDR_FORMAT_RSRC_HEADER 114 -#define IDD_SYSENC_SPAN_PAGE_DLG 115 -#define IDB_WIZARD 116 -#define IDD_SYSENC_RESCUE_DISK_CREATION_DLG 117 -#define IDD_SYSENC_COLLECTING_RANDOM_DATA_DLG 118 -#define IDD_SYSENC_MULTI_BOOT_MODE_PAGE_DLG 119 -#define IDD_SYSENC_RESCUE_DISK_BURN_PAGE_DLG 120 -#define IDD_SYSENC_WIPE_MODE_PAGE_DLG 121 -#define IDD_INPLACE_ENCRYPTION_PAGE_DLG 122 -#define IDD_SYSENC_KEYS_GEN_PAGE_DLG 123 -#define IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG 124 -#define IDD_SYSENC_DRIVE_ANALYSIS_PAGE_DLG 125 -#define IDD_SYSENC_TYPE_PAGE_DLG 126 -#define IDD_SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_DLG 127 -#define IDD_DEVICE_WIPE_PAGE_DLG 128 -#define IDD_DEVICE_WIPE_MODE_PAGE_DLG 129 -#define IDD_DEVICE_TRANSFORM_MODE_DLG 130 -#define IDD_EXPANDED_LIST_SELECT_PAGE_DLG 131 -#define IDD_DRIVE_LETTER_SELECTION_PAGE 132 -#define IDD_PIM_PAGE_DLG 133 -#define IDC_BOX_TITLE 1000 -#define IDC_RESCUE_DISK_ISO_PATH 1001 -#define IDC_COMBO_BOX 1002 -#define IDC_BOX_HELP 1003 -#define IDC_PASSWORD 1004 -#define IDC_BROWSE 1005 -#define IDC_BOX_HELP2 1006 -#define IDC_COMBO_BOX_HASH 1007 -#define IDC_COMBO_BOX_HASH_ALGO 1008 -#define IDC_SPACE_LEFT 1009 -#define IDC_VERIFY 1010 -#define IDC_KB 1011 -#define IDC_NO_HISTORY 1012 -#define IDC_MB 1013 -#define IDC_PROGRESS_BAR 1014 -#define IDC_GB 1015 -#define IDC_ABORT_BUTTON 1016 -#define IDC_HEADER_KEY 1017 -#define IDC_LIST_BOX 1018 -#define IDC_DISK_KEY 1019 -#define IDC_RANDOM_BYTES 1020 -#define IDC_CIPHER_TEST 1021 -#define IDC_BENCHMARK 1022 -#define IDC_QUICKFORMAT 1023 -#define IDC_BYTESWRITTEN 1024 -#define IDC_WRITESPEED 1025 -#define IDC_KEY_FILES 1026 -#define IDC_TIMEREMAIN 1027 -#define IDC_CLUSTERSIZE 1028 -#define IDC_FILESYS 1029 -#define IDC_SHOW_KEYS 1030 -#define IDC_STD_VOL 1031 -#define IDC_HIDDEN_VOL 1032 -#define IDC_HIDDEN_VOL_HELP 1033 -#define IDC_OPEN_OUTER_VOLUME 1034 -#define IDC_HIDVOL_WIZ_MODE_FULL 1035 -#define IDC_HIDVOL_WIZ_MODE_DIRECT 1036 -#define IDC_PASSWORD_DIRECT 1037 -#define IDC_SIZEBOX 1038 -#define IDC_SELECT_VOLUME_LOCATION 1039 -#define IDC_NEXT 1040 -#define IDC_PREV 1041 -#define IDT_ENCRYPTION_ALGO 1042 -#define IDT_HASH_ALGO 1043 -#define IDT_FORMAT_OPTIONS 1044 -#define IDT_FILESYSTEM 1045 -#define IDT_CLUSTER 1046 -#define IDT_RANDOM_POOL 1047 -#define IDT_HEADER_KEY 1048 -#define IDT_MASTER_KEY 1049 -#define IDT_DONE 1050 -#define IDT_SPEED 1051 -#define IDT_LEFT 1052 -#define IDT_CONFIRM 1053 -#define IDT_PASSWORD 1054 -#define IDC_SHOW_PASSWORD_SINGLE 1055 -#define IDC_SHOW_PASSWORD 1056 -#define IDC_LINK_MORE_INFO_ABOUT_CIPHER 1057 -#define IDC_LINK_HASH_INFO 1058 -#define IDC_POS_BOX 1059 -#define IDC_BITMAP_WIZARD 1060 -#define IDC_FILE_CONTAINER 1061 -#define IDC_NONSYS_DEVICE 1062 -#define IDC_SYS_DEVICE 1063 -#define IDT_FILE_CONTAINER 1064 -#define IDT_NON_SYS_DEVICE 1065 -#define IDT_SYS_DEVICE 1066 -#define IDC_WHOLE_SYS_DRIVE 1067 -#define IDC_SYS_PARTITION 1068 -#define IDT_WHOLE_SYS_DRIVE 1069 -#define IDT_SYS_PARTITION 1070 -#define IDT_RESCUE_DISK_INFO 1071 -#define IDC_MORE_INFO 1072 -#define IDC_MORE_INFO_ON_SYS_ENCRYPTION 1073 -#define IDT_COLLECTING_RANDOM_DATA_NOTE 1074 -#define IDC_MORE_INFO_ON_CONTAINERS 1075 -#define IDC_SINGLE_BOOT 1076 -#define IDC_MULTI_BOOT 1077 -#define IDT_MULTI_BOOT 1078 -#define IDT_SINGLE_BOOT 1079 -#define IDC_SYS_POOL_CONTENTS 1080 -#define IDT_PARTIAL_POOL_CONTENTS 1081 -#define IDC_DOWNLOAD_CD_BURN_SOFTWARE 1082 -#define IDT_RESCUE_DISK_BURN_INFO 1083 -#define IDT_WIPE_MODE_INFO 1084 -#define IDC_WIPE_MODE 1085 -#define IDC_SELECT 1086 -#define IDT_SYSENC_KEYS_GEN_INFO 1087 -#define IDC_DISPLAY_KEYS 1088 -#define IDC_PAUSE 1089 -#define IDT_WIPE_MODE 1090 -#define IDC_MORE_INFO_SYS_ENCRYPTION 1091 -#define IDC_BOX_HELP_NORMAL_VOL 1092 -#define IDT_STATUS 1093 -#define IDT_PROGRESS 1094 -#define IDT_SYSENC_DRIVE_ANALYSIS_INFO 1095 -#define IDC_SYSENC_NORMAL 1096 -#define IDC_SYSENC_HIDDEN 1097 -#define IDC_BOX_HELP_SYSENC_NORMAL 1098 -#define IDC_HIDDEN_SYSENC_INFO_LINK 1099 -#define IDT_PASS 1100 -#define IDC_DEVICE_TRANSFORM_MODE_FORMAT 1101 -#define IDC_DEVICE_TRANSFORM_MODE_INPLACE 1102 -#define IDC_DRIVE_LETTER_LIST 1103 -#define IDT_DRIVE_LETTER 1104 -#define IDC_LINK_PIM_INFO 1105 -#define IDC_SHOW_PIM 1106 -#define IDC_TB 1107 -#define IDC_SKIP_RESCUE_VERIFICATION 1108 - -// Next default values for new objects -// -#ifdef APSTUDIO_INVOKED -#ifndef APSTUDIO_READONLY_SYMBOLS -#define _APS_NO_MFC 1 -#define _APS_NEXT_RESOURCE_VALUE 134 -#define _APS_NEXT_COMMAND_VALUE 40001 -#define _APS_NEXT_CONTROL_VALUE 1109 -#define _APS_NEXT_SYMED_VALUE 101 -#endif -#endif +//{{NO_DEPENDENCIES}} +// Microsoft Visual C++ generated include file. +// Used by Format.rc +// +#define IDR_FORMAT_TLB 1 +#define IDD_VOL_CREATION_WIZARD_DLG 101 +#define IDD_CIPHER_PAGE_DLG 102 +#define IDD_SIZE_PAGE_DLG 103 +#define IDD_PASSWORD_PAGE_DLG 104 +#define IDD_VOLUME_LOCATION_PAGE_DLG 105 +#define IDD_FORMAT_PAGE_DLG 106 +#define IDD_INTRO_PAGE_DLG 107 +#define IDD_INFO_PAGE_DLG 108 +#define IDD_HIDVOL_HOST_FILL_PAGE_DLG 109 +#define IDD_HIDDEN_VOL_WIZARD_MODE_PAGE_DLG 110 +#define IDD_PASSWORD_ENTRY_PAGE_DLG 111 +#define IDS_UACSTRING_FMT 112 +#define IDD_VOLUME_TYPE_PAGE_DLG 113 +#define IDR_FORMAT_RSRC_HEADER 114 +#define IDD_SYSENC_SPAN_PAGE_DLG 115 +#define IDB_WIZARD 116 +#define IDD_SYSENC_RESCUE_DISK_CREATION_DLG 117 +#define IDD_SYSENC_COLLECTING_RANDOM_DATA_DLG 118 +#define IDD_SYSENC_MULTI_BOOT_MODE_PAGE_DLG 119 +#define IDD_SYSENC_RESCUE_DISK_BURN_PAGE_DLG 120 +#define IDD_SYSENC_WIPE_MODE_PAGE_DLG 121 +#define IDD_INPLACE_ENCRYPTION_PAGE_DLG 122 +#define IDD_SYSENC_KEYS_GEN_PAGE_DLG 123 +#define IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG 124 +#define IDD_SYSENC_DRIVE_ANALYSIS_PAGE_DLG 125 +#define IDD_SYSENC_TYPE_PAGE_DLG 126 +#define IDD_SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_DLG 127 +#define IDD_DEVICE_WIPE_PAGE_DLG 128 +#define IDD_DEVICE_WIPE_MODE_PAGE_DLG 129 +#define IDD_DEVICE_TRANSFORM_MODE_DLG 130 +#define IDD_EXPANDED_LIST_SELECT_PAGE_DLG 131 +#define IDD_DRIVE_LETTER_SELECTION_PAGE 132 +#define IDD_PIM_PAGE_DLG 133 +#define IDC_BOX_TITLE 1000 +#define IDC_RESCUE_DISK_ISO_PATH 1001 +#define IDC_COMBO_BOX 1002 +#define IDC_BOX_HELP 1003 +#define IDC_PASSWORD 1004 +#define IDC_BROWSE 1005 +#define IDC_BOX_HELP2 1006 +#define IDC_COMBO_BOX_HASH 1007 +#define IDC_COMBO_BOX_HASH_ALGO 1008 +#define IDC_SPACE_LEFT 1009 +#define IDC_VERIFY 1010 +#define IDC_KB 1011 +#define IDC_NO_HISTORY 1012 +#define IDC_MB 1013 +#define IDC_PROGRESS_BAR 1014 +#define IDC_GB 1015 +#define IDC_ABORT_BUTTON 1016 +#define IDC_HEADER_KEY 1017 +#define IDC_LIST_BOX 1018 +#define IDC_DISK_KEY 1019 +#define IDC_RANDOM_BYTES 1020 +#define IDC_CIPHER_TEST 1021 +#define IDC_BENCHMARK 1022 +#define IDC_QUICKFORMAT 1023 +#define IDC_BYTESWRITTEN 1024 +#define IDC_WRITESPEED 1025 +#define IDC_KEY_FILES 1026 +#define IDC_TIMEREMAIN 1027 +#define IDC_CLUSTERSIZE 1028 +#define IDC_FILESYS 1029 +#define IDC_SHOW_KEYS 1030 +#define IDC_STD_VOL 1031 +#define IDC_HIDDEN_VOL 1032 +#define IDC_HIDDEN_VOL_HELP 1033 +#define IDC_OPEN_OUTER_VOLUME 1034 +#define IDC_HIDVOL_WIZ_MODE_FULL 1035 +#define IDC_HIDVOL_WIZ_MODE_DIRECT 1036 +#define IDC_PASSWORD_DIRECT 1037 +#define IDC_SIZEBOX 1038 +#define IDC_SELECT_VOLUME_LOCATION 1039 +#define IDC_NEXT 1040 +#define IDC_PREV 1041 +#define IDT_ENCRYPTION_ALGO 1042 +#define IDT_HASH_ALGO 1043 +#define IDT_FORMAT_OPTIONS 1044 +#define IDT_FILESYSTEM 1045 +#define IDT_CLUSTER 1046 +#define IDT_RANDOM_POOL 1047 +#define IDT_HEADER_KEY 1048 +#define IDT_MASTER_KEY 1049 +#define IDT_DONE 1050 +#define IDT_SPEED 1051 +#define IDT_LEFT 1052 +#define IDT_CONFIRM 1053 +#define IDT_PASSWORD 1054 +#define IDC_SHOW_PASSWORD_SINGLE 1055 +#define IDC_SHOW_PASSWORD 1056 +#define IDC_LINK_MORE_INFO_ABOUT_CIPHER 1057 +#define IDC_LINK_HASH_INFO 1058 +#define IDC_POS_BOX 1059 +#define IDC_BITMAP_WIZARD 1060 +#define IDC_FILE_CONTAINER 1061 +#define IDC_NONSYS_DEVICE 1062 +#define IDC_SYS_DEVICE 1063 +#define IDT_FILE_CONTAINER 1064 +#define IDT_NON_SYS_DEVICE 1065 +#define IDT_SYS_DEVICE 1066 +#define IDC_WHOLE_SYS_DRIVE 1067 +#define IDC_SYS_PARTITION 1068 +#define IDT_WHOLE_SYS_DRIVE 1069 +#define IDT_SYS_PARTITION 1070 +#define IDT_RESCUE_DISK_INFO 1071 +#define IDC_MORE_INFO 1072 +#define IDC_MORE_INFO_ON_SYS_ENCRYPTION 1073 +#define IDT_COLLECTING_RANDOM_DATA_NOTE 1074 +#define IDC_MORE_INFO_ON_CONTAINERS 1075 +#define IDC_SINGLE_BOOT 1076 +#define IDC_MULTI_BOOT 1077 +#define IDT_MULTI_BOOT 1078 +#define IDT_SINGLE_BOOT 1079 +#define IDC_SYS_POOL_CONTENTS 1080 +#define IDT_PARTIAL_POOL_CONTENTS 1081 +#define IDC_DOWNLOAD_CD_BURN_SOFTWARE 1082 +#define IDT_RESCUE_DISK_BURN_INFO 1083 +#define IDT_WIPE_MODE_INFO 1084 +#define IDC_WIPE_MODE 1085 +#define IDC_SELECT 1086 +#define IDT_SYSENC_KEYS_GEN_INFO 1087 +#define IDC_DISPLAY_KEYS 1088 +#define IDC_PAUSE 1089 +#define IDT_WIPE_MODE 1090 +#define IDC_MORE_INFO_SYS_ENCRYPTION 1091 +#define IDC_BOX_HELP_NORMAL_VOL 1092 +#define IDT_STATUS 1093 +#define IDT_PROGRESS 1094 +#define IDT_SYSENC_DRIVE_ANALYSIS_INFO 1095 +#define IDC_SYSENC_NORMAL 1096 +#define IDC_SYSENC_HIDDEN 1097 +#define IDC_BOX_HELP_SYSENC_NORMAL 1098 +#define IDC_HIDDEN_SYSENC_INFO_LINK 1099 +#define IDT_PASS 1100 +#define IDC_DEVICE_TRANSFORM_MODE_FORMAT 1101 +#define IDC_DEVICE_TRANSFORM_MODE_INPLACE 1102 +#define IDC_DRIVE_LETTER_LIST 1103 +#define IDT_DRIVE_LETTER 1104 +#define IDC_LINK_PIM_INFO 1105 +#define IDC_SHOW_PIM 1106 +#define IDC_TB 1107 +#define IDC_SKIP_RESCUE_VERIFICATION 1108 + +// Next default values for new objects +// +#ifdef APSTUDIO_INVOKED +#ifndef APSTUDIO_READONLY_SYMBOLS +#define _APS_NO_MFC 1 +#define _APS_NEXT_RESOURCE_VALUE 134 +#define _APS_NEXT_COMMAND_VALUE 40001 +#define _APS_NEXT_CONTROL_VALUE 1109 +#define _APS_NEXT_SYMED_VALUE 101 +#endif +#endif diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c index a4372533..2065cb5f 100644 --- a/src/Format/Tcformat.c +++ b/src/Format/Tcformat.c @@ -1,10233 +1,10233 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" - -#include -#include -#include -#include -#include -#include -#include - -#include "Crypto.h" -#include "cpu.h" -#include "Apidrvr.h" -#include "Dlgcode.h" -#include "Language.h" -#include "Combo.h" -#include "Registry.h" -#include "Boot/Windows/BootDefs.h" -#include "Common/Common.h" -#include "Common/BootEncryption.h" -#include "Common/Dictionary.h" -#include "Common/Endian.h" -#include "Common/resource.h" -#include "Common/Pkcs5.h" -#include "Platform/Finally.h" -#include "Platform/ForEach.h" -#include "Random.h" -#include "Fat.h" -#include "InPlace.h" -#include "Resource.h" -#include "TcFormat.h" -#include "Format.h" -#include "FormatCom.h" -#include "Password.h" -#include "Progress.h" -#include "Tests.h" -#include "Cmdline.h" -#include "Volumes.h" -#include "Wipe.h" -#include "Xml.h" - -#include - -using namespace VeraCrypt; - -enum wizard_pages -{ - /* IMPORTANT: IF YOU ADD/REMOVE/MOVE ANY PAGES THAT ARE RELATED TO SYSTEM ENCRYPTION, - REVISE THE 'DECOY_OS_INSTRUCTIONS_PORTION_??' STRINGS! */ - - INTRO_PAGE, - SYSENC_TYPE_PAGE, - SYSENC_HIDDEN_OS_REQ_CHECK_PAGE, - SYSENC_SPAN_PAGE, - SYSENC_PRE_DRIVE_ANALYSIS_PAGE, - SYSENC_DRIVE_ANALYSIS_PAGE, - SYSENC_MULTI_BOOT_MODE_PAGE, - SYSENC_MULTI_BOOT_SYS_EQ_BOOT_PAGE, - SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_PAGE, - SYSENC_MULTI_BOOT_ADJACENT_SYS_PAGE, - SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE, - SYSENC_MULTI_BOOT_OUTCOME_PAGE, - VOLUME_TYPE_PAGE, - HIDDEN_VOL_WIZARD_MODE_PAGE, - VOLUME_LOCATION_PAGE, - DEVICE_TRANSFORM_MODE_PAGE, - HIDDEN_VOL_HOST_PRE_CIPHER_PAGE, - HIDDEN_VOL_PRE_CIPHER_PAGE, - CIPHER_PAGE, - SIZE_PAGE, - HIDDEN_VOL_HOST_PASSWORD_PAGE, - PASSWORD_PAGE, - PIM_PAGE, - FILESYS_PAGE, - SYSENC_COLLECTING_RANDOM_DATA_PAGE, - SYSENC_KEYS_GEN_PAGE, - SYSENC_RESCUE_DISK_CREATION_PAGE, - SYSENC_RESCUE_DISK_BURN_PAGE, - SYSENC_RESCUE_DISK_VERIFIED_PAGE, - SYSENC_WIPE_MODE_PAGE, - SYSENC_PRETEST_INFO_PAGE, - SYSENC_PRETEST_RESULT_PAGE, - SYSENC_ENCRYPTION_PAGE, - NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE, - NONSYS_INPLACE_ENC_RESUME_PARTITION_SEL_PAGE, - NONSYS_INPLACE_ENC_RAND_DATA_PAGE, - NONSYS_INPLACE_ENC_WIPE_MODE_PAGE, - NONSYS_INPLACE_ENC_TRANSFORM_PAGE, - NONSYS_INPLACE_ENC_TRANSFORM_FINISHED_PAGE, - NONSYS_INPLACE_DEC_TRANSFORM_FINISHED_DRIVE_LETTER_PAGE, - FORMAT_PAGE, - FORMAT_FINISHED_PAGE, - SYSENC_HIDDEN_OS_INITIAL_INFO_PAGE, - SYSENC_HIDDEN_OS_WIPE_INFO_PAGE, - DEVICE_WIPE_MODE_PAGE, - DEVICE_WIPE_PAGE -}; - -#define TIMER_INTERVAL_RANDVIEW 30 -#define TIMER_INTERVAL_SYSENC_PROGRESS 30 -#define TIMER_INTERVAL_NONSYS_INPLACE_ENC_PROGRESS 30 -#define TIMER_INTERVAL_SYSENC_DRIVE_ANALYSIS_PROGRESS 100 -#define TIMER_INTERVAL_WIPE_PROGRESS 30 -#define TIMER_INTERVAL_KEYB_LAYOUT_GUARD 10 - -enum sys_encryption_cmd_line_switches -{ - SYSENC_COMMAND_NONE = 0, - SYSENC_COMMAND_RESUME, - SYSENC_COMMAND_STARTUP_SEQ_RESUME, - SYSENC_COMMAND_ENCRYPT, - SYSENC_COMMAND_DECRYPT, - SYSENC_COMMAND_CREATE_HIDDEN_OS, - SYSENC_COMMAND_CREATE_HIDDEN_OS_ELEV -}; - -typedef struct -{ - int NumberOfSysDrives; // Number of drives that contain an operating system. -1: unknown, 1: one, 2: two or more - int MultipleSystemsOnDrive; // Multiple systems are installed on the drive where the currently running system resides. -1: unknown, 0: no, 1: yes - int BootLoaderLocation; // Boot loader (boot manager) installed in: 1: MBR/1st cylinder, 0: partition/bootsector: -1: unknown - int BootLoaderBrand; // -1: unknown, 0: Microsoft Windows, 1: any non-Windows boot manager/loader - int SystemOnBootDrive; // If the currently running operating system is installed on the boot drive. -1: unknown, 0: no, 1: yes -} SYSENC_MULTIBOOT_CFG; - -#define SYSENC_PAUSE_RETRY_INTERVAL 100 -#define SYSENC_PAUSE_RETRIES 200 - -// Expected duration of system drive analysis, in ms -#define SYSENC_DRIVE_ANALYSIS_ETA (4*60000) - -BootEncryption *BootEncObj = NULL; -BootEncryptionStatus BootEncStatus; - -HWND hCurPage = NULL; /* Handle to current wizard page */ -int nCurPageNo = -1; /* The current wizard page */ -int nLastPageNo = -1; -volatile int WizardMode = DEFAULT_VOL_CREATION_WIZARD_MODE; /* IMPORTANT: Never change this value directly -- always use ChangeWizardMode() instead. */ -volatile BOOL bHiddenOS = FALSE; /* If TRUE, we are performing or (or supposed to perform) actions relating to an operating system installed in a hidden volume (i.e., encrypting a decoy OS partition or creating the outer/hidden volume for the hidden OS). To determine or set the phase of the process, call ChangeHiddenOSCreationPhase() and DetermineHiddenOSCreationPhase()) */ -BOOL bDirectSysEncMode = FALSE; -BOOL bDirectSysEncModeCommand = SYSENC_COMMAND_NONE; -BOOL DirectDeviceEncMode = FALSE; -BOOL DirectNonSysInplaceDecStartMode = FALSE; -BOOL DirectNonSysInplaceEncResumeMode = FALSE; -BOOL DirectNonSysInplaceDecResumeMode = FALSE; -BOOL DirectPromptNonSysInplaceEncResumeMode = FALSE; -BOOL DirectCreationMode = FALSE; - -volatile BOOL bInPlaceEncNonSys = FALSE; /* If TRUE, existing data on a non-system partition/volume are to be encrypted (or decrypted if bInPlaceDecNonSys is TRUE) in place (for system encryption, this flag is ignored) */ -volatile BOOL bInPlaceDecNonSys = FALSE; /* If TRUE, existing data on a non-system partition/volume are to be decrypted in place (for system encryption, this flag is ignored) */ -volatile BOOL bInPlaceEncNonSysResumed = FALSE; /* If TRUE, the wizard is supposed to resume (or has resumed) process of non-system in-place encryption/decryption. */ -volatile BOOL bFirstNonSysInPlaceEncResumeDone = FALSE; -__int64 NonSysInplaceEncBytesDone = 0; -__int64 NonSysInplaceEncTotalSize = 0; -BOOL bDeviceTransformModeChoiceMade = FALSE; /* TRUE if the user has at least once manually selected the 'in-place' or 'format' option (on the 'device transform mode' page). */ -int nNeedToStoreFilesOver4GB = 0; /* Whether the user wants to be able to store files larger than 4GB on the volume: -1 = Undecided or error, 0 = No, 1 = Yes */ -int nVolumeEA = 1; /* Default encryption algorithm */ -BOOL bSystemEncryptionInProgress = FALSE; /* TRUE when encrypting/decrypting the system partition/drive (FALSE when paused). */ -BOOL bWholeSysDrive = FALSE; /* Whether to encrypt the entire system drive or just the system partition. */ -static BOOL bSystemEncryptionStatusChanged = FALSE; /* TRUE if this instance changed the value of SystemEncryptionStatus (it's set to FALSE each time the system encryption settings are saved to the config file). This value is to be treated as protected -- only the wizard can change this value (others may only read it). */ -volatile BOOL bSysEncDriveAnalysisInProgress = FALSE; -volatile BOOL bSysEncDriveAnalysisTimeOutOccurred = FALSE; -int SysEncDetectHiddenSectors = -1; /* Whether the user wants us to detect and encrypt the Host Protect Area (if any): -1 = Undecided or error, 0 = No, 1 = Yes */ -int SysEncDriveAnalysisStart; -BOOL bDontVerifyRescueDisk = FALSE; -BOOL bFirstSysEncResumeDone = FALSE; -int nMultiBoot = 0; /* The number of operating systems installed on the computer, according to the user. 0: undetermined, 1: one, 2: two or more */ -volatile BOOL bHiddenVol = FALSE; /* If true, we are (or will be) creating a hidden volume. */ -volatile BOOL bHiddenVolHost = FALSE; /* If true, we are (or will be) creating the host volume (called "outer") for a hidden volume. */ -volatile BOOL bHiddenVolDirect = FALSE; /* If true, the wizard omits creating a host volume in the course of the process of hidden volume creation. */ -volatile BOOL bHiddenVolFinished = FALSE; -int hiddenVolHostDriveNo = -1; /* Drive letter for the volume intended to host a hidden volume. */ -BOOL bRemovableHostDevice = FALSE; /* TRUE when creating a device/partition-hosted volume on a removable device. State undefined when creating file-hosted volumes. */ -int realClusterSize; /* Parameter used when determining the maximum possible size of a hidden volume. */ -int hash_algo = DEFAULT_HASH_ALGORITHM; /* Which PRF to use in header key derivation (PKCS #5) and in the RNG. */ -unsigned __int64 nUIVolumeSize = 0; /* The volume size. Important: This value is not in bytes. It has to be multiplied by nMultiplier. Do not use this value when actually creating the volume (it may chop off sector size, if it is not a multiple of 1024 bytes). */ -unsigned __int64 nVolumeSize = 0; /* The volume size, in bytes. */ -unsigned __int64 nHiddenVolHostSize = 0; /* Size of the hidden volume host, in bytes */ -__int64 nMaximumHiddenVolSize = 0; /* Maximum possible size of the hidden volume, in bytes */ -__int64 nbrFreeClusters = 0; -__int64 nMultiplier = BYTES_PER_MB; /* Size selection multiplier. */ -wchar_t szFileName[TC_MAX_PATH+1]; /* The file selected by the user */ -wchar_t szDiskFile[TC_MAX_PATH+1]; /* Fully qualified name derived from szFileName */ -wchar_t szRescueDiskISO[TC_MAX_PATH+1]; /* The filename and path to the Rescue Disk ISO file to be burned (for boot encryption) */ -BOOL bDeviceWipeInProgress = FALSE; -volatile BOOL bTryToCorrectReadErrors = FALSE; -volatile BOOL DiscardUnreadableEncryptedSectors = FALSE; - -volatile BOOL bVolTransformThreadCancel = FALSE; /* TRUE if the user cancels/pauses volume encryption/format */ -volatile BOOL bVolTransformThreadRunning = FALSE; /* Is the volume encryption/format thread running */ -volatile BOOL bVolTransformThreadToRun = FALSE; /* TRUE if the Format/Encrypt button has been clicked and we are proceeding towards launching the thread. */ - -volatile BOOL bConfirmQuit = FALSE; /* If TRUE, the user is asked to confirm exit when he clicks the X icon, Exit, etc. */ -volatile BOOL bConfirmQuitSysEncPretest = FALSE; - -BOOL bDevice = FALSE; /* Is this a partition volume ? */ - -BOOL showKeys = FALSE; -volatile HWND hMasterKey = NULL; /* Text box showing hex dump of the master key */ -volatile HWND hHeaderKey = NULL; /* Text box showing hex dump of the header key */ -volatile HWND hRandPool = NULL; /* Text box showing hex dump of the random pool */ -volatile HWND hRandPoolSys = NULL; /* Text box showing hex dump of the random pool for system encryption */ -volatile HWND hPasswordInputField = NULL; /* Password input field */ -volatile HWND hVerifyPasswordInputField = NULL; /* Verify-password input field */ - -HBITMAP hbmWizardBitmapRescaled = NULL; - -wchar_t OrigKeyboardLayout [8+1] = L"00000409"; -BOOL bKeyboardLayoutChanged = FALSE; /* TRUE if the keyboard layout was changed to the standard US keyboard layout (from any other layout). */ -BOOL bKeybLayoutAltKeyWarningShown = FALSE; /* TRUE if the user has been informed that it is not possible to type characters by pressing keys while the right Alt key is held down. */ - -#ifndef _DEBUG - BOOL bWarnDeviceFormatAdvanced = TRUE; -#else - BOOL bWarnDeviceFormatAdvanced = FALSE; -#endif - -BOOL bWarnOuterVolSuitableFileSys = TRUE; - -Password volumePassword; /* User password */ -char szVerify[MAX_PASSWORD + 1]; /* Tmp password buffer */ -char szRawPassword[MAX_PASSWORD + 1]; /* Password before keyfile was applied to it */ - -int volumePim = 0; - -BOOL bHistoryCmdLine = FALSE; /* History control is always disabled */ -BOOL ComServerMode = FALSE; - - -Password CmdVolumePassword = {0}; /* Password passed from command line */ -int CmdVolumeEA = 0; -int CmdVolumePkcs5 = 0; -int CmdVolumePim = 0; -int CmdVolumeFilesystem = FILESYS_NONE; -unsigned __int64 CmdVolumeFileSize = 0; -BOOL CmdSparseFileSwitch = FALSE; - -BOOL bForceOperation = FALSE; - -BOOL bOperationSuccess = FALSE; - -BOOL bGuiMode = TRUE; - -int nPbar = 0; /* Control ID of progress bar:- for format code */ - -wchar_t HeaderKeyGUIView [KEY_GUI_VIEW_SIZE]; -wchar_t MasterKeyGUIView [KEY_GUI_VIEW_SIZE]; - -#define RANDPOOL_DISPLAY_COLUMNS 15 -#define RANDPOOL_DISPLAY_ROWS 8 -#define RANDPOOL_DISPLAY_BYTE_PORTION (RANDPOOL_DISPLAY_COLUMNS * RANDPOOL_DISPLAY_ROWS) -#define RANDPOOL_DISPLAY_SIZE (RANDPOOL_DISPLAY_BYTE_PORTION * 3 + RANDPOOL_DISPLAY_ROWS + 2) -unsigned char randPool [RANDPOOL_DISPLAY_BYTE_PORTION]; -unsigned char lastRandPool [RANDPOOL_DISPLAY_BYTE_PORTION]; -static unsigned char maskRandPool [RANDPOOL_DISPLAY_BYTE_PORTION]; -static BOOL bUseMask = FALSE; -static DWORD mouseEntropyGathered = 0xFFFFFFFF; -static DWORD mouseEventsInitialCount = 0; -/* max value of entropy needed to fill all random pool = 8 * RNG_POOL_SIZE = 2560 bits */ -static const DWORD maxEntropyLevel = RNG_POOL_SIZE * 8; -static HWND hEntropyBar = NULL; -wchar_t outRandPoolDispBuffer [RANDPOOL_DISPLAY_SIZE]; -BOOL bDisplayPoolContents = TRUE; - -volatile BOOL bSparseFileSwitch = FALSE; -volatile BOOL quickFormat = FALSE; /* WARNING: Meaning of this variable depends on bSparseFileSwitch. If bSparseFileSwitch is TRUE, this variable represents the sparse file flag. */ -volatile int fileSystem = FILESYS_NONE; -volatile int clusterSize = 0; - -SYSENC_MULTIBOOT_CFG SysEncMultiBootCfg; -wchar_t SysEncMultiBootCfgOutcome [4096] = {L'N',L'/',L'A',0}; -volatile int NonSysInplaceEncStatus = NONSYS_INPLACE_ENC_STATUS_NONE; - -vector DeferredNonSysInPlaceEncDevices; - -// specific definitions and implementation for support of resume operation -// in wait dialog mechanism - -void CALLBACK ResumeInPlaceEncWaitThreadProc(void* pArg, HWND hwndDlg) -{ - wchar_t szDevicePath[MAX_PATH] = {0}; - RawDevicesDlgParam param; - param.devices = GetAvailableHostDevices (false, true, false); - param.pszFileName = szDevicePath; - - DeferredNonSysInPlaceEncDevices.clear(); - - if ((IDOK == DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_RAWDEVICES_DLG), hwndDlg, - (DLGPROC) RawDevicesDlgProc, (LPARAM) ¶m)) && wcslen(szDevicePath)) - { - foreach (const HostDevice &device, param.devices) - { - if (device.Path == szDevicePath) - { - OpenVolumeContext volume; - int status = OpenVolume (&volume, device.Path.c_str(), &volumePassword, hash_algo, volumePim, FALSE, FALSE, FALSE, TRUE); - - if ( status == ERR_SUCCESS) - { - if ((volume.CryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) != 0 - && volume.CryptoInfo->EncryptedAreaLength.Value != volume.CryptoInfo->VolumeSize.Value) - { - DeferredNonSysInPlaceEncDevices.push_back (device); - } - else if (volume.CryptoInfo->EncryptedAreaLength.Value == volume.CryptoInfo->VolumeSize.Value) - { - WCHAR szMsg[1024]; - StringCbPrintfW(szMsg, sizeof(szMsg), GetString ("SELECTED_PARTITION_ALREADY_INPLACE_ENC"), - volume.CryptoInfo->HeaderFlags); - ErrorDirect(szMsg, hwndDlg); - } - else - { - WCHAR szMsg[1024]; - StringCbPrintfW(szMsg, sizeof(szMsg), GetString ("SELECTED_PARTITION_NOT_INPLACE_ENC"), - volume.CryptoInfo->HeaderFlags); - ErrorDirect(szMsg, hwndDlg); - } - - CloseVolume (&volume); - } - else - { - handleError(hwndDlg, status, SRC_POS); - } - - break; - } - } - } - else - { - foreach (const HostDevice &device, param.devices) - { - if ( !device.ContainsSystem - && (device.IsPartition || device.DynamicVolume || device.IsVirtualPartition || device.Partitions.empty()) - ) - { - - OpenVolumeContext volume; - - if (OpenVolume (&volume, device.Path.c_str(), &volumePassword, hash_algo, volumePim, FALSE, FALSE, FALSE, TRUE) == ERR_SUCCESS) - { - if ((volume.CryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) != 0 - && volume.CryptoInfo->EncryptedAreaLength.Value != volume.CryptoInfo->VolumeSize.Value) - { - DeferredNonSysInPlaceEncDevices.push_back (device); - } - - CloseVolume (&volume); - } - } - } - } -} - - -static BOOL ElevateWholeWizardProcess (wstring arguments) -{ - wchar_t modPath[MAX_PATH]; - - if (IsAdmin()) - return TRUE; - - if (!IsUacSupported()) - return IsAdmin(); - - GetModuleFileName (NULL, modPath, ARRAYSIZE (modPath)); - - while (true) - { - if ((int)ShellExecute (MainDlg, L"runas", modPath, (wstring(L"/q UAC ") + arguments).c_str(), NULL, SW_SHOWNORMAL) > 32) - { - exit (0); - } - else - { - if (IDRETRY == ErrorRetryCancel ("UAC_INIT_ERROR", MainDlg)) - continue; - return FALSE; - } - } -} - -static void WipePasswordsAndKeyfiles (void) -{ - wchar_t tmp[MAX_PASSWORD+1]; - - // Attempt to wipe passwords stored in the input field buffers - wmemset (tmp, L'X', MAX_PASSWORD); - tmp [MAX_PASSWORD] = 0; - SetWindowText (hPasswordInputField, tmp); - SetWindowText (hVerifyPasswordInputField, tmp); - - burn (&szVerify[0], sizeof (szVerify)); - burn (&volumePassword, sizeof (volumePassword)); - burn (&szRawPassword[0], sizeof (szRawPassword)); - burn (&volumePim, sizeof (volumePim)); - burn (&CmdVolumePassword, sizeof (CmdVolumePassword)); - burn (&CmdVolumePim, sizeof (CmdVolumePim)); - - SetWindowText (hPasswordInputField, L""); - SetWindowText (hVerifyPasswordInputField, L""); - - KeyFileRemoveAll (&FirstKeyFile); - KeyFileRemoveAll (&defaultKeyFilesParam.FirstKeyFile); -} - -static void localcleanup (void) -{ - wchar_t tmp[RANDPOOL_DISPLAY_SIZE+1]; - - // System encryption - - if (WizardMode == WIZARD_MODE_SYS_DEVICE - && InstanceHasSysEncMutex ()) - { - try - { - BootEncStatus = BootEncObj->GetStatus(); - - if (BootEncStatus.SetupInProgress) - { - BootEncObj->AbortSetup (); - } - } - catch (...) - { - // NOP - } - } - - // Mon-system in-place encryption - - if (bInPlaceEncNonSys && (bVolTransformThreadRunning || bVolTransformThreadToRun)) - { - NonSysInplaceEncPause (); - } - - CloseNonSysInplaceEncMutex (); - - - // Device wipe - - if (bDeviceWipeInProgress) - WipeAbort(); - - - WipePasswordsAndKeyfiles (); - - RandStop (TRUE); - - burn (HeaderKeyGUIView, sizeof(HeaderKeyGUIView)); - burn (MasterKeyGUIView, sizeof(MasterKeyGUIView)); - burn (randPool, sizeof(randPool)); - burn (lastRandPool, sizeof(lastRandPool)); - burn (outRandPoolDispBuffer, sizeof(outRandPoolDispBuffer)); - burn (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); - burn (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); - burn (maskRandPool, sizeof(maskRandPool)); - burn (szFileName, sizeof(szFileName)); - burn (szDiskFile, sizeof(szDiskFile)); - - // Attempt to wipe the GUI fields showing portions of randpool, of the master and header keys - wmemset (tmp, L'X', ARRAYSIZE(tmp)); - tmp [ARRAYSIZE(tmp)-1] = 0; - SetWindowText (hRandPool, tmp); - SetWindowText (hRandPoolSys, tmp); - SetWindowText (hMasterKey, tmp); - SetWindowText (hHeaderKey, tmp); - - UnregisterRedTick (hInst); - - // Delete buffered bitmaps (if any) - if (hbmWizardBitmapRescaled != NULL) - { - DeleteObject ((HGDIOBJ) hbmWizardBitmapRescaled); - hbmWizardBitmapRescaled = NULL; - } - - // Cleanup common code resources - cleanup (); - - if (BootEncObj != NULL) - { - delete BootEncObj; - BootEncObj = NULL; - } -} - -static BOOL CALLBACK BroadcastSysEncCfgUpdateCallb (HWND hwnd, LPARAM lParam) -{ - LONG_PTR userDataVal = GetWindowLongPtrW (hwnd, GWLP_USERDATA); - if ((userDataVal == (LONG_PTR) 'VERA') || (userDataVal == (LONG_PTR) 'TRUE')) // Prior to 1.0e, 'TRUE' was used for VeraCrypt dialogs - { - wchar_t name[1024] = { 0 }; - GetWindowText (hwnd, name, ARRAYSIZE (name) - 1); - if (hwnd != MainDlg && wcsstr (name, L"VeraCrypt")) - { - PostMessage (hwnd, TC_APPMSG_SYSENC_CONFIG_UPDATE, 0, 0); - } - } - return TRUE; -} - -static BOOL BroadcastSysEncCfgUpdate (void) -{ - BOOL bSuccess = FALSE; - EnumWindows (BroadcastSysEncCfgUpdateCallb, (LPARAM) &bSuccess); - return bSuccess; -} - -// IMPORTANT: This function may be called only by Format (other modules can only _read_ the system encryption config). -// Returns TRUE if successful (otherwise FALSE) -static BOOL SaveSysEncSettings (HWND hwndDlg) -{ - FILE *f; - - if (!bSystemEncryptionStatusChanged) - return TRUE; - - if (hwndDlg == NULL && MainDlg != NULL) - hwndDlg = MainDlg; - - if (!CreateSysEncMutex ()) - return FALSE; // Only one instance that has the mutex can modify the system encryption settings - - if (SystemEncryptionStatus == SYSENC_STATUS_NONE) - { - if (_wremove (GetConfigPath (TC_APPD_FILENAME_SYSTEM_ENCRYPTION)) != 0) - { - Error ("CANNOT_SAVE_SYS_ENCRYPTION_SETTINGS", hwndDlg); - return FALSE; - } - - bSystemEncryptionStatusChanged = FALSE; - BroadcastSysEncCfgUpdate (); - return TRUE; - } - - f = _wfopen (GetConfigPath (TC_APPD_FILENAME_SYSTEM_ENCRYPTION), L"w,ccs=UTF-8"); - if (f == NULL) - { - Error ("CANNOT_SAVE_SYS_ENCRYPTION_SETTINGS", hwndDlg); - handleWin32Error (hwndDlg, SRC_POS); - return FALSE; - } - - if (XmlWriteHeader (f) < 0 - - || fputws (L"\n\t", f) < 0 - - || fwprintf (f, L"\n\t\t%d", SystemEncryptionStatus) < 0 - - || fwprintf (f, L"\n\t\t%d", (int) nWipeMode) < 0 - - || fputws (L"\n\t", f) < 0 - - || XmlWriteFooter (f) < 0) - { - handleWin32Error (hwndDlg, SRC_POS); - fclose (f); - Error ("CANNOT_SAVE_SYS_ENCRYPTION_SETTINGS", hwndDlg); - return FALSE; - } - - TCFlushFile (f); - - fclose (f); - - bSystemEncryptionStatusChanged = FALSE; - BroadcastSysEncCfgUpdate (); - - return TRUE; -} - -// WARNING: This function may take a long time to finish -static unsigned int DetermineHiddenOSCreationPhase (void) -{ - unsigned int phase = TC_HIDDEN_OS_CREATION_PHASE_NONE; - - try - { - phase = BootEncObj->GetHiddenOSCreationPhase(); - } - catch (Exception &e) - { - e.Show (MainDlg); - AbortProcess("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS"); - } - - return phase; -} - -// IMPORTANT: This function may be called only by Format (other modules can only _read_ the status). -// Returns TRUE if successful (otherwise FALSE) -static BOOL ChangeHiddenOSCreationPhase (int newPhase) -{ - if (!CreateSysEncMutex ()) - { - Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); - return FALSE; - } - - try - { - BootEncObj->SetHiddenOSCreationPhase (newPhase); - } - catch (Exception &e) - { - e.Show (MainDlg); - return FALSE; - } - - //// The contents of the following items might be inappropriate after a change of the phase - //szFileName[0] = 0; - //szDiskFile[0] = 0; - //nUIVolumeSize = 0; - //nVolumeSize = 0; - - return TRUE; -} - -// IMPORTANT: This function may be called only by Format (other modules can only _read_ the system encryption status). -// Returns TRUE if successful (otherwise FALSE) -static BOOL ChangeSystemEncryptionStatus (int newStatus) -{ - if (!CreateSysEncMutex ()) - { - Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); - return FALSE; // Only one instance that has the mutex can modify the system encryption settings - } - - SystemEncryptionStatus = newStatus; - bSystemEncryptionStatusChanged = TRUE; - - if (newStatus == SYSENC_STATUS_ENCRYPTING) - { - // If the user has created a hidden OS and now is creating a decoy OS, we must wipe the hidden OS - // config area in the MBR. - WipeHiddenOSCreationConfig(); - } - - if (newStatus == SYSENC_STATUS_NONE && !IsHiddenOSRunning()) - { - if (DetermineHiddenOSCreationPhase() != TC_HIDDEN_OS_CREATION_PHASE_NONE - && !ChangeHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_NONE)) - return FALSE; - - WipeHiddenOSCreationConfig(); - } - - if (!SaveSysEncSettings (MainDlg)) - { - return FALSE; - } - - return TRUE; -} - -// If the return code of this function is ignored and newWizardMode == WIZARD_MODE_SYS_DEVICE, then this function -// may be called only after CreateSysEncMutex() returns TRUE. It returns TRUE if successful (otherwise FALSE). -static BOOL ChangeWizardMode (int newWizardMode) -{ - if (WizardMode != newWizardMode) - { - if (WizardMode == WIZARD_MODE_SYS_DEVICE || newWizardMode == WIZARD_MODE_SYS_DEVICE) - { - if (newWizardMode == WIZARD_MODE_SYS_DEVICE) - { - if (!CreateSysEncMutex ()) - { - Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); - return FALSE; - } - } - - // If the previous mode was different, the password may have been typed using a different - // keyboard layout (which might confuse the user and cause other problems if system encryption - // was or will be involved). - WipePasswordsAndKeyfiles(); - } - - if (newWizardMode != WIZARD_MODE_NONSYS_DEVICE) - { - bInPlaceEncNonSys = FALSE; - bInPlaceDecNonSys = FALSE; - } - - if (newWizardMode == WIZARD_MODE_NONSYS_DEVICE && !IsAdmin() && IsUacSupported()) - { - if (!ElevateWholeWizardProcess (L"/e")) - return FALSE; - } - - // The contents of the following items may be inappropriate after a change of mode - if (! (bInPlaceDecNonSys && !bInPlaceEncNonSysResumed)) // If we are starting (but not resuming) decryption of non-system volume, we actually need szFileName as it contains the command line param. - szFileName[0] = 0; - szDiskFile[0] = 0; - nUIVolumeSize = 0; - nVolumeSize = 0; - - WizardMode = newWizardMode; - } - - bDevice = (WizardMode != WIZARD_MODE_FILE_CONTAINER); - - if (newWizardMode != WIZARD_MODE_SYS_DEVICE - && !bHiddenOS) - { - CloseSysEncMutex (); - } - - return TRUE; -} - -// Determines whether the wizard directly affects system encryption in any way. -// Note, for example, that when the user enters a password for a hidden volume that is to host a hidden OS, -// WizardMode is NOT set to WIZARD_MODE_SYS_DEVICE. The keyboard layout, however, has to be US. That's why -// this function has to be called instead of checking the value of WizardMode. -static BOOL SysEncInEffect (void) -{ - return (WizardMode == WIZARD_MODE_SYS_DEVICE - || CreatingHiddenSysVol()); -} - -static BOOL CreatingHiddenSysVol (void) -{ - return (bHiddenOS - && bHiddenVol && !bHiddenVolHost); -} - -static void LoadSettingsAndCheckModified (HWND hwndDlg, BOOL bOnlyCheckModified, BOOL* pbSettingsModified, BOOL* pbHistoryModified) -{ - if (!bOnlyCheckModified) - EnableHwEncryption ((ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE); - - WipeAlgorithmId savedWipeAlgorithm = TC_WIPE_NONE; - - if (!bOnlyCheckModified) - LoadSysEncSettings (); - - if (!bOnlyCheckModified && LoadNonSysInPlaceEncSettings (&savedWipeAlgorithm) != 0) - bInPlaceEncNonSysPending = TRUE; - - if (!bOnlyCheckModified) - defaultKeyFilesParam.EnableKeyFiles = FALSE; - - ConfigReadCompareInt ("StartOnLogon", FALSE, &bStartOnLogon, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("HiddenSectorDetectionStatus", 0, &HiddenSectorDetectionStatus, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("ShowDisconnectedNetworkDrives", FALSE, &bShowDisconnectedNetworkDrives, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("HideWaitingDialog", FALSE, &bHideWaitingDialog, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("SaveVolumeHistory", FALSE, &bHistory, bOnlyCheckModified, pbSettingsModified); - - { - char szTmp[MAX_PATH] = {0}; - WideCharToMultiByte (CP_UTF8, 0, SecurityTokenLibraryPath, -1, szTmp, MAX_PATH, NULL, NULL); - ConfigReadCompareString ("SecurityTokenLibrary", "", szTmp, sizeof (szTmp) - 1, bOnlyCheckModified, pbSettingsModified); - MultiByteToWideChar (CP_UTF8, 0, szTmp, -1, SecurityTokenLibraryPath, ARRAYSIZE (SecurityTokenLibraryPath)); - - if (!bOnlyCheckModified && SecurityTokenLibraryPath[0]) - InitSecurityTokenLibrary(hwndDlg); - } - - if (bOnlyCheckModified) - { - char langid[6] = {0}; - if (!IsNonInstallMode ()) - { - ConfigReadString ("Language", "", langid, sizeof (langid)); - // when installed, if no preferred language set by user, English is selected default - if (langid [0] == 0) - StringCbCopyA (langid, sizeof(langid), "en"); - - if (pbSettingsModified && strcmp (langid, GetPreferredLangId ())) - *pbSettingsModified = TRUE; - } - else - { - StringCbCopyA (langid, sizeof(langid), GetPreferredLangId ()); - ConfigReadCompareString ("Language", "", langid, sizeof (langid), TRUE, pbSettingsModified); - } - } - - if (hwndDlg != NULL) - { - LoadCombo (GetDlgItem (hwndDlg, IDC_COMBO_BOX), bHistory, bOnlyCheckModified, pbHistoryModified); - return; - } - - if (bHistoryCmdLine) - return; -} - -static void LoadSettings (HWND hwndDlg) -{ - LoadSettingsAndCheckModified (hwndDlg, FALSE, NULL, NULL); -} - -static void SaveSettings (HWND hwndDlg) -{ - WaitCursor (); - - // Check first if modifications ocurred before writing to the settings and history files - // This avoids leaking information about VeraCrypt usage when user only mount volumes without changing setttings or history - BOOL bSettingsChanged = FALSE; - BOOL bHistoryChanged = FALSE; - - LoadSettingsAndCheckModified (hwndDlg, TRUE, &bSettingsChanged, &bHistoryChanged); - - if (bHistoryChanged && hwndDlg != NULL) - DumpCombo (GetDlgItem (hwndDlg, IDC_COMBO_BOX), !bHistory); - - if (bSettingsChanged) - { - ConfigWriteBegin (); - - ConfigWriteInt ("StartOnLogon", bStartOnLogon); - ConfigWriteInt ("HiddenSectorDetectionStatus", HiddenSectorDetectionStatus); - ConfigWriteInt ("SaveVolumeHistory", bHistory); - ConfigWriteStringW ("SecurityTokenLibrary", SecurityTokenLibraryPath[0] ? SecurityTokenLibraryPath : L""); - - ConfigWriteString ("Language", GetPreferredLangId ()); - - ConfigWriteEnd (hwndDlg); - } - - NormalCursor (); -} - -// WARNING: This function does NOT cause immediate application exit (use e.g. return 1 after calling it -// from a DialogProc function). -static void EndMainDlg (HWND hwndDlg) -{ - if (nCurPageNo == VOLUME_LOCATION_PAGE) - { - if (IsWindow(GetDlgItem(hCurPage, IDC_NO_HISTORY))) - bHistory = !IsButtonChecked (GetDlgItem (hCurPage, IDC_NO_HISTORY)); - - MoveEditToCombo (GetDlgItem (hCurPage, IDC_COMBO_BOX), bHistory); - SaveSettings (hCurPage); - } - else - { - SaveSettings (NULL); - } - - SaveSysEncSettings (hwndDlg); - - if (!bHistory) - CleanLastVisitedMRU (); - - EndDialog (hwndDlg, 0); -} - -// Returns TRUE if system encryption or decryption had been or is in progress and has not been completed -static BOOL SysEncryptionOrDecryptionRequired (void) -{ - /* If you update this function, revise SysEncryptionOrDecryptionRequired() in Mount.c as well. */ - - static BootEncryptionStatus locBootEncStatus; - - try - { - locBootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - return (SystemEncryptionStatus == SYSENC_STATUS_ENCRYPTING - || SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING - || - ( - locBootEncStatus.DriveMounted - && - ( - locBootEncStatus.ConfiguredEncryptedAreaStart != locBootEncStatus.EncryptedAreaStart - || locBootEncStatus.ConfiguredEncryptedAreaEnd != locBootEncStatus.EncryptedAreaEnd - ) - ) - ); -} - -// Returns TRUE if the system partition/drive is completely encrypted -static BOOL SysDriveOrPartitionFullyEncrypted (BOOL bSilent) -{ - /* If you update this function, revise SysDriveOrPartitionFullyEncrypted() in Mount.c as well. */ - - static BootEncryptionStatus locBootEncStatus; - - try - { - locBootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - if (!bSilent) - e.Show (MainDlg); - } - - return (!locBootEncStatus.SetupInProgress - && locBootEncStatus.ConfiguredEncryptedAreaEnd != 0 - && locBootEncStatus.ConfiguredEncryptedAreaEnd != -1 - && locBootEncStatus.ConfiguredEncryptedAreaStart == locBootEncStatus.EncryptedAreaStart - && locBootEncStatus.ConfiguredEncryptedAreaEnd == locBootEncStatus.EncryptedAreaEnd); -} - -// This functions is to be used when the wizard mode needs to be changed to WIZARD_MODE_SYS_DEVICE. -// If the function fails to switch the mode, it returns FALSE (otherwise TRUE). -BOOL SwitchWizardToSysEncMode (void) -{ - WaitCursor (); - - try - { - BootEncStatus = BootEncObj->GetStatus(); - bWholeSysDrive = BootEncObj->SystemPartitionCoversWholeDrive(); - } - catch (Exception &e) - { - e.Show (MainDlg); - Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); - NormalCursor (); - return FALSE; - } - - // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption - if (!CreateSysEncMutex ()) - { - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); - NormalCursor (); - return FALSE; - } - - // User-mode app may have crashed and its mutex may have gotten lost, so we need to check the driver status too - if (BootEncStatus.SetupInProgress) - { - if (AskWarnYesNo ("SYSTEM_ENCRYPTION_RESUME_PROMPT", MainDlg) == IDYES) - { - if (SystemEncryptionStatus != SYSENC_STATUS_ENCRYPTING - && SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING) - { - // The config file with status was lost or not written correctly - if (!ResolveUnknownSysEncDirection ()) - { - CloseSysEncMutex (); - NormalCursor (); - return FALSE; - } - } - - bDirectSysEncMode = TRUE; - ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); - LoadPage (MainDlg, SYSENC_ENCRYPTION_PAGE); - NormalCursor (); - return TRUE; - } - else - { - CloseSysEncMutex (); - Error ("SYS_ENCRYPTION_OR_DECRYPTION_IN_PROGRESS", MainDlg); - NormalCursor (); - return FALSE; - } - } - - if (BootEncStatus.DriveMounted - || BootEncStatus.DriveEncrypted - || SysEncryptionOrDecryptionRequired ()) - { - - if (!SysDriveOrPartitionFullyEncrypted (FALSE) - && AskWarnYesNo ("SYSTEM_ENCRYPTION_RESUME_PROMPT", MainDlg) == IDYES) - { - if (SystemEncryptionStatus == SYSENC_STATUS_NONE) - { - // If the config file with status was lost or not written correctly, we - // don't know whether to encrypt or decrypt (but we know that encryption or - // decryption is required). Ask the user to select encryption, decryption, - // or cancel - if (!ResolveUnknownSysEncDirection ()) - { - CloseSysEncMutex (); - NormalCursor (); - return FALSE; - } - } - - bDirectSysEncMode = TRUE; - ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); - LoadPage (MainDlg, SYSENC_ENCRYPTION_PAGE); - NormalCursor (); - return TRUE; - } - else - { - CloseSysEncMutex (); - Error ("SETUP_FAILED_BOOT_DRIVE_ENCRYPTED", MainDlg); - NormalCursor (); - return FALSE; - } - } - else - { - // Check compliance with requirements for boot encryption - - if (!IsAdmin()) - { - if (!IsUacSupported()) - { - Warning ("ADMIN_PRIVILEGES_WARN_DEVICES", MainDlg); - } - } - - try - { - BootEncObj->CheckRequirements (); - } - catch (Exception &e) - { - CloseSysEncMutex (); - e.Show (MainDlg); - NormalCursor (); - return FALSE; - } - - if (!ChangeWizardMode (WIZARD_MODE_SYS_DEVICE)) - { - NormalCursor (); - return FALSE; - } - - if (bSysDriveSelected || bSysPartitionSelected) - { - // The user selected the non-sys-device wizard mode but then selected a system device - - bWholeSysDrive = (bSysDriveSelected && !bSysPartitionSelected); - - bSysDriveSelected = FALSE; - bSysPartitionSelected = FALSE; - - try - { - if (!bHiddenVol) - { - if (bWholeSysDrive && !BootEncObj->SystemPartitionCoversWholeDrive()) - { - if (BootEncObj->SystemDriveContainsNonStandardPartitions()) - { - if (AskWarnYesNoString ((wstring (GetString ("SYSDRIVE_NON_STANDARD_PARTITIONS")) + L"\n\n" + GetString ("ASK_ENCRYPT_PARTITION_INSTEAD_OF_DRIVE")).c_str(), MainDlg) == IDYES) - bWholeSysDrive = FALSE; - } - - if (!IsOSAtLeast (WIN_VISTA) && bWholeSysDrive) - { - if (BootEncObj->SystemDriveContainsExtendedPartition()) - { - bWholeSysDrive = FALSE; - - Error ("WDE_UNSUPPORTED_FOR_EXTENDED_PARTITIONS", MainDlg); - - if (AskYesNo ("ASK_ENCRYPT_PARTITION_INSTEAD_OF_DRIVE", MainDlg) == IDNO) - { - ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE); - return FALSE; - } - } - else - Warning ("WDE_EXTENDED_PARTITIONS_WARNING", MainDlg); - } - } - else if (BootEncObj->SystemPartitionCoversWholeDrive() - && !bWholeSysDrive) - bWholeSysDrive = (AskYesNo ("WHOLE_SYC_DEVICE_RECOM", MainDlg) == IDYES); - } - - } - catch (Exception &e) - { - e.Show (MainDlg); - return FALSE; - } - - if (!bHiddenVol) - { - // Skip SYSENC_SPAN_PAGE and SYSENC_TYPE_PAGE as the user already made the choice - LoadPage (MainDlg, bWholeSysDrive ? SYSENC_PRE_DRIVE_ANALYSIS_PAGE : SYSENC_MULTI_BOOT_MODE_PAGE); - } - else - { - // The user selected the non-sys-device wizard mode but then selected a system device. - // In addition, he selected the hidden volume mode. - - if (bWholeSysDrive) - Warning ("HIDDEN_OS_PRECLUDES_SINGLE_KEY_WDE", MainDlg); - - bWholeSysDrive = FALSE; - - LoadPage (MainDlg, SYSENC_TYPE_PAGE); - } - } - else - LoadPage (MainDlg, SYSENC_TYPE_PAGE); - - NormalCursor (); - return TRUE; - } -} - -void SwitchWizardToFileContainerMode (void) -{ - ChangeWizardMode (WIZARD_MODE_FILE_CONTAINER); - - LoadPage (MainDlg, VOLUME_LOCATION_PAGE); - - NormalCursor (); -} - -void SwitchWizardToNonSysDeviceMode (void) -{ - ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE); - - LoadPage (MainDlg, VOLUME_TYPE_PAGE); - - NormalCursor (); -} - -BOOL SwitchWizardToHiddenOSMode (void) -{ - if (SwitchWizardToSysEncMode()) - { - if (nCurPageNo != SYSENC_ENCRYPTION_PAGE) // If the user did not manually choose to resume encryption or decryption of the system partition/drive - { - bHiddenOS = TRUE; - bHiddenVol = TRUE; - bHiddenVolHost = TRUE; - bHiddenVolDirect = FALSE; - bWholeSysDrive = FALSE; - bInPlaceEncNonSys = FALSE; - bInPlaceDecNonSys = FALSE; - - if (bDirectSysEncModeCommand == SYSENC_COMMAND_CREATE_HIDDEN_OS_ELEV) - { - // Some of the requirements for hidden OS should have already been checked by the wizard process - // that launched us (in order to elevate), but we must recheck them. Otherwise, an advanced user - // could bypass the checks by using the undocumented CLI switch. Moreover, some requirements - // can be checked only at this point (when we are elevated). - try - { - BootEncObj->CheckRequirementsHiddenOS (); - - BootEncObj->InitialSecurityChecksForHiddenOS (); - } - catch (Exception &e) - { - e.Show (MainDlg); - return FALSE; - } - - LoadPage (MainDlg, SYSENC_MULTI_BOOT_MODE_PAGE); - } - else - LoadPage (MainDlg, SYSENC_HIDDEN_OS_REQ_CHECK_PAGE); - - NormalCursor (); - } - else - return TRUE; - } - else - return FALSE; - - return TRUE; -} - -void SwitchWizardToNonSysInplaceEncResumeMode (BOOL bDecrypt) -{ - if (!IsAdmin() && IsUacSupported()) - { - if (!ElevateWholeWizardProcess (bDecrypt ? L"/resumeinplacedec" : L"/zinplace")) - AbortProcessSilent (); - } - - if (!IsAdmin()) - AbortProcess("ADMIN_PRIVILEGES_WARN_DEVICES"); - - CreateNonSysInplaceEncMutex (); - - bInPlaceEncNonSys = TRUE; - bInPlaceDecNonSys = bDecrypt; - bInPlaceEncNonSysResumed = TRUE; - - ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE); - - LoadPage (MainDlg, NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE); -} - -void SwitchWizardToNonSysInplaceDecStartMode (wchar_t *volPath) -{ - if (!IsAdmin() && IsUacSupported()) - { - if (!ElevateWholeWizardProcess ((wstring (L"/inplacedec \"") + volPath + L"\"").c_str())) - AbortProcessSilent (); - } - - if (!IsAdmin()) - AbortProcess("ADMIN_PRIVILEGES_WARN_DEVICES"); - - if (!CheckRequirementsForNonSysInPlaceDec (MainDlg, volPath, FALSE)) - AbortProcessSilent (); - - CreateNonSysInplaceEncMutex (); - - bInPlaceEncNonSys = TRUE; - bInPlaceDecNonSys = TRUE; - bInPlaceEncNonSysResumed = FALSE; - - ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE); - - LoadPage (MainDlg, NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE); -} - -// Use this function e.g. if the config file with the system encryption settings was lost or not written -// correctly, and we don't know whether to encrypt or decrypt (but we know that encryption or decryption -// is required). Returns FALSE if failed or cancelled. -static BOOL ResolveUnknownSysEncDirection (void) -{ - if (CreateSysEncMutex ()) - { - if (SystemEncryptionStatus != SYSENC_STATUS_ENCRYPTING - && SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING) - { - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (MainDlg); - Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); - return FALSE; - } - - if (BootEncStatus.SetupInProgress) - { - return ChangeSystemEncryptionStatus ( - (BootEncStatus.SetupMode != SetupDecryption) ? SYSENC_STATUS_ENCRYPTING : SYSENC_STATUS_DECRYPTING); - } - else - { - // Ask the user to select encryption, decryption, or cancel - - char *tmpStr[] = {0, - !BootEncStatus.DriveEncrypted ? "CHOOSE_ENCRYPT_OR_DECRYPT_FINALIZE_DECRYPT_NOTE" : "CHOOSE_ENCRYPT_OR_DECRYPT", - "ENCRYPT", - "DECRYPT", - "IDCANCEL", - 0}; - - switch (AskMultiChoice ((void **) tmpStr, FALSE, MainDlg)) - { - case 1: - return ChangeSystemEncryptionStatus (SYSENC_STATUS_ENCRYPTING); - case 2: - return ChangeSystemEncryptionStatus (SYSENC_STATUS_DECRYPTING); - default: - return FALSE; - } - } - } - else - return TRUE; - } - else - { - Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); - return FALSE; - } -} - -// This function should be used to resolve inconsistencies that might lead to a deadlock (inability to encrypt or -// decrypt the system partition/drive and to uninstall TrueCrypt). The function removes the system encryption key -// data ("volume header"), the TrueCrypt boot loader, restores the original system loader (if available), -// unregisters the boot driver, etc. Note that if the system partition/drive is encrypted, it will start decrypting -// it in the background (therefore, it should be used when the system partition/drive is not encrypted, ideally). -// Exceptions are handled and errors are reported within the function. Returns TRUE if successful. -static BOOL ForceRemoveSysEnc (void) -{ - if (CreateSysEncMutex ()) // If no other instance is currently taking care of system encryption - { - BootEncryptionStatus locBootEncStatus; - - try - { - locBootEncStatus = BootEncObj->GetStatus(); - - if (locBootEncStatus.SetupInProgress) - BootEncObj->AbortSetupWait (); - - locBootEncStatus = BootEncObj->GetStatus(); - - if (locBootEncStatus.DriveMounted) - { - // Remove the header - BootEncObj->StartDecryption (DiscardUnreadableEncryptedSectors); - locBootEncStatus = BootEncObj->GetStatus(); - - while (locBootEncStatus.SetupInProgress) - { - Sleep (100); - locBootEncStatus = BootEncObj->GetStatus(); - } - - BootEncObj->CheckEncryptionSetupResult (); - } - - Sleep (50); - } - catch (Exception &e) - { - e.Show (MainDlg); - return FALSE; - } - - try - { - locBootEncStatus = BootEncObj->GetStatus(); - - if (!locBootEncStatus.DriveMounted) - BootEncObj->Deinstall (true); - } - catch (Exception &e) - { - e.Show (MainDlg); - return FALSE; - } - - return TRUE; - } - else - return FALSE; -} - -// Returns 0 if there's an error. -__int64 GetSystemPartitionSize (void) -{ - try - { - return BootEncObj->GetSystemDriveConfiguration().SystemPartition.Info.PartitionLength.QuadPart; - } - catch (Exception &e) - { - e.Show (MainDlg); - return 0; - } -} - -void ComboSelChangeEA (HWND hwndDlg) -{ - int nIndex = (int) SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0); - - if (nIndex == CB_ERR) - { - SetWindowText (GetDlgItem (hwndDlg, IDC_BOX_HELP), L""); - } - else - { - wchar_t name[100]; - wchar_t auxLine[4096]; - wchar_t hyperLink[256] = { 0 }; - int cipherIDs[5]; - int i, cnt = 0; - - nIndex = (int) SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0); - EAGetName (name, nIndex, 0); - - if (wcscmp (name, L"AES") == 0) - { - StringCbPrintfW (hyperLink, sizeof(hyperLink) / 2, GetString ("MORE_INFO_ABOUT"), name); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("AES_HELP")); - } - else if (wcscmp (name, L"Serpent") == 0) - { - StringCbPrintfW (hyperLink, sizeof(hyperLink) / 2, GetString ("MORE_INFO_ABOUT"), name); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SERPENT_HELP")); - } - else if (wcscmp (name, L"Twofish") == 0) - { - StringCbPrintfW (hyperLink, sizeof(hyperLink) / 2, GetString ("MORE_INFO_ABOUT"), name); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("TWOFISH_HELP")); - } - else if (EAGetCipherCount (nIndex) > 1) - { - // Cascade - cipherIDs[cnt++] = i = EAGetLastCipher(nIndex); - while (i = EAGetPreviousCipher(nIndex, i)) - { - cipherIDs[cnt] = i; - cnt++; - } - - switch (cnt) // Number of ciphers in the cascade - { - case 2: - StringCbPrintfW (auxLine, sizeof(auxLine), GetString ("TWO_LAYER_CASCADE_HELP"), - CipherGetName (cipherIDs[1]), - CipherGetKeySize (cipherIDs[1])*8, - CipherGetName (cipherIDs[0]), - CipherGetKeySize (cipherIDs[0])*8); - break; - - case 3: - StringCbPrintfW (auxLine, sizeof(auxLine), GetString ("THREE_LAYER_CASCADE_HELP"), - CipherGetName (cipherIDs[2]), - CipherGetKeySize (cipherIDs[2])*8, - CipherGetName (cipherIDs[1]), - CipherGetKeySize (cipherIDs[1])*8, - CipherGetName (cipherIDs[0]), - CipherGetKeySize (cipherIDs[0])*8); - break; - } - - StringCbCopyW (hyperLink, sizeof(hyperLink), GetString ("IDC_LINK_MORE_INFO_ABOUT_CIPHER")); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), auxLine); - } - else - { - // No info available for this encryption algorithm - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), L""); - } - - - // Update hyperlink - SetWindowTextW (GetDlgItem (hwndDlg, IDC_LINK_MORE_INFO_ABOUT_CIPHER), hyperLink); - AccommodateTextField (hwndDlg, IDC_LINK_MORE_INFO_ABOUT_CIPHER, FALSE, hUserUnderlineFont); - } -} - -static void VerifySizeAndUpdate (HWND hwndDlg, BOOL bUpdate) -{ - BOOL bEnable = TRUE; - wchar_t szTmp[50]; - __int64 lTmp; - __int64 i; - static unsigned __int64 nLastVolumeSize = 0; - - GetWindowText (GetDlgItem (hwndDlg, IDC_SIZEBOX), szTmp, ARRAYSIZE (szTmp)); - - for (i = 0; i < (__int64) wcslen (szTmp); i++) - { - if (szTmp[i] >= L'0' && szTmp[i] <= L'9') - continue; - else - { - bEnable = FALSE; - break; - } - } - - if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_KB))) - nMultiplier = BYTES_PER_KB; - else if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_MB))) - nMultiplier = BYTES_PER_MB; - else if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_GB))) - nMultiplier = BYTES_PER_GB; - else - nMultiplier = BYTES_PER_TB; - - if (bDevice && !(bHiddenVol && !bHiddenVolHost)) // If raw device but not a hidden volume - { - lTmp = nVolumeSize; - i = 1; - } - else - { - i = nMultiplier; - lTmp = _wtoi64 (szTmp); - - DWORD sectorSize = GetFormatSectorSize(); - uint32 sectorSizeRem = (lTmp * nMultiplier) % sectorSize; - - if (sectorSizeRem != 0) - lTmp = (lTmp * nMultiplier + (sectorSize - sectorSizeRem)) / nMultiplier; - } - - if (bEnable) - { - if (lTmp * i < (bHiddenVolHost ? TC_MIN_HIDDEN_VOLUME_HOST_SIZE : (bHiddenVol ? TC_MIN_HIDDEN_VOLUME_SIZE : TC_MIN_VOLUME_SIZE))) - bEnable = FALSE; - - if (!bHiddenVolHost && bHiddenVol) - { - if (lTmp * i > nMaximumHiddenVolSize) - bEnable = FALSE; - } - else - { - if (lTmp * i > (bHiddenVolHost ? TC_MAX_HIDDEN_VOLUME_HOST_SIZE : TC_MAX_VOLUME_SIZE)) - bEnable = FALSE; - } - } - - if (bUpdate) - { - nUIVolumeSize = lTmp; - - if (!bDevice || (bHiddenVol && !bHiddenVolHost)) // Update only if it's not a raw device or if it's a hidden volume - nVolumeSize = i * lTmp; - } - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), bEnable); - - if (nVolumeSize != nLastVolumeSize) - { - // Change of volume size may make some file systems allowed or disallowed, so the default filesystem must - // be reselected. - fileSystem = FILESYS_NONE; - nLastVolumeSize = nVolumeSize; - } -} - -static void UpdateWizardModeControls (HWND hwndDlg, int setWizardMode) -{ - SendMessage (GetDlgItem (hwndDlg, IDC_FILE_CONTAINER), - BM_SETCHECK, - setWizardMode == WIZARD_MODE_FILE_CONTAINER ? BST_CHECKED : BST_UNCHECKED, - 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_NONSYS_DEVICE), - BM_SETCHECK, - setWizardMode == WIZARD_MODE_NONSYS_DEVICE ? BST_CHECKED : BST_UNCHECKED, - 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_SYS_DEVICE), - BM_SETCHECK, - setWizardMode == WIZARD_MODE_SYS_DEVICE ? BST_CHECKED : BST_UNCHECKED, - 0); -} - -static int GetSelectedWizardMode (HWND hwndDlg) -{ - if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_FILE_CONTAINER))) - return WIZARD_MODE_FILE_CONTAINER; - - if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_NONSYS_DEVICE))) - return WIZARD_MODE_NONSYS_DEVICE; - - if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_SYS_DEVICE))) - return WIZARD_MODE_SYS_DEVICE; - - return DEFAULT_VOL_CREATION_WIZARD_MODE; -} - -static void RefreshMultiBootControls (HWND hwndDlg) -{ -#ifdef DEBUG - if (nMultiBoot == 0) - nMultiBoot = 1; -#endif - - SendMessage (GetDlgItem (hwndDlg, IDC_SINGLE_BOOT), - BM_SETCHECK, - nMultiBoot == 1 ? BST_CHECKED : BST_UNCHECKED, - 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_MULTI_BOOT), - BM_SETCHECK, - nMultiBoot > 1 ? BST_CHECKED : BST_UNCHECKED, - 0); -} - -// -1 = Undecided or error, 0 = No, 1 = Yes -static int Get2RadButtonPageAnswer (void) -{ - if (IsButtonChecked (GetDlgItem (hCurPage, IDC_CHOICE1))) - return 1; - - if (IsButtonChecked (GetDlgItem (hCurPage, IDC_CHOICE2))) - return 0; - - return -1; -} - -// 0 = No, 1 = Yes -static void Update2RadButtonPage (int answer) -{ - SendMessage (GetDlgItem (hCurPage, IDC_CHOICE1), - BM_SETCHECK, - answer == 1 ? BST_CHECKED : BST_UNCHECKED, - 0); - - SendMessage (GetDlgItem (hCurPage, IDC_CHOICE2), - BM_SETCHECK, - answer == 0 ? BST_CHECKED : BST_UNCHECKED, - 0); -} - -// -1 = Undecided, 0 = No, 1 = Yes -static void Init2RadButtonPageYesNo (int answer) -{ - SetWindowTextW (GetDlgItem (hCurPage, IDC_CHOICE1), GetString ("UISTR_YES")); - SetWindowTextW (GetDlgItem (hCurPage, IDC_CHOICE2), GetString ("UISTR_NO")); - - SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); - - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), answer >= 0); - EnableWindow (GetDlgItem (MainDlg, IDC_PREV), TRUE); - - Update2RadButtonPage (answer); -} - -static void UpdateSysEncProgressBar (void) -{ - BootEncryptionStatus locBootEncStatus; - - try - { - locBootEncStatus = BootEncObj->GetStatus(); - } - catch (...) - { - return; - } - - if (locBootEncStatus.EncryptedAreaEnd == -1 - || locBootEncStatus.EncryptedAreaStart == -1) - { - UpdateProgressBarProc (0); - } - else - { - UpdateProgressBarProc (locBootEncStatus.EncryptedAreaEnd - locBootEncStatus.EncryptedAreaStart + 1); - - if (locBootEncStatus.SetupInProgress) - { - wchar_t tmpStr[100]; - - // Status - - if (locBootEncStatus.TransformWaitingForIdle) - StringCbCopyW (tmpStr, sizeof(tmpStr), GetString ("PROGRESS_STATUS_WAITING")); - else - StringCbCopyW (tmpStr, sizeof(tmpStr), GetString (SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING ? "PROGRESS_STATUS_DECRYPTING" : "PROGRESS_STATUS_ENCRYPTING")); - - StringCbCatW (tmpStr, sizeof(tmpStr), L" "); - - SetWindowTextW (GetDlgItem (hCurPage, IDC_WRITESPEED), tmpStr); - } - } -} - -static void InitSysEncProgressBar (void) -{ - BootEncryptionStatus locBootEncStatus; - - try - { - locBootEncStatus = BootEncObj->GetStatus(); - } - catch (...) - { - return; - } - - if (locBootEncStatus.ConfiguredEncryptedAreaEnd == -1 - || locBootEncStatus.ConfiguredEncryptedAreaStart == -1) - return; - - InitProgressBar (locBootEncStatus.ConfiguredEncryptedAreaEnd - - locBootEncStatus.ConfiguredEncryptedAreaStart + 1, - (locBootEncStatus.EncryptedAreaEnd == locBootEncStatus.EncryptedAreaStart || locBootEncStatus.EncryptedAreaEnd == -1) ? - 0 : locBootEncStatus.EncryptedAreaEnd - locBootEncStatus.EncryptedAreaStart + 1, - SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING, - TRUE, - TRUE, - TRUE); -} - -static void UpdateSysEncControls (void) -{ - BootEncryptionStatus locBootEncStatus; - - try - { - locBootEncStatus = BootEncObj->GetStatus(); - } - catch (...) - { - return; - } - - EnableWindow (GetDlgItem (hCurPage, IDC_WIPE_MODE), - !locBootEncStatus.SetupInProgress - && SystemEncryptionStatus == SYSENC_STATUS_ENCRYPTING); - - SetWindowTextW (GetDlgItem (hCurPage, IDC_PAUSE), - GetString (locBootEncStatus.SetupInProgress ? "IDC_PAUSE" : "RESUME")); - - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), !locBootEncStatus.SetupInProgress && !bFirstSysEncResumeDone); - - if (!locBootEncStatus.SetupInProgress) - { - wchar_t tmpStr[100]; - - StringCbCopyW (tmpStr, sizeof(tmpStr), GetString ((SysDriveOrPartitionFullyEncrypted (TRUE) || !locBootEncStatus.DriveMounted) ? - "PROGRESS_STATUS_FINISHED" : "PROGRESS_STATUS_PAUSED")); - StringCbCatW (tmpStr, sizeof(tmpStr), L" "); - - // Status - SetWindowTextW (GetDlgItem (hCurPage, IDC_WRITESPEED), tmpStr); - - if (SysDriveOrPartitionFullyEncrypted (TRUE) || SystemEncryptionStatus == SYSENC_STATUS_NONE) - { - StringCbCopyW (tmpStr, sizeof(tmpStr), GetString ("PROCESSED_PORTION_100_PERCENT")); - StringCbCatW (tmpStr, sizeof(tmpStr), L" "); - - SetWindowTextW (GetDlgItem (hCurPage, IDC_BYTESWRITTEN), tmpStr); - } - - SetWindowText (GetDlgItem (hCurPage, IDC_TIMEREMAIN), L" "); - } -} - -static void SysEncPause (void) -{ - BootEncryptionStatus locBootEncStatus; - - if (CreateSysEncMutex ()) - { - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), FALSE); - - try - { - locBootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (MainDlg); - Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); - return; - } - - if (!locBootEncStatus.SetupInProgress) - { - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); - return; - } - - WaitCursor (); - - try - { - int attempts = SYSENC_PAUSE_RETRIES; - - BootEncObj->AbortSetup (); - - locBootEncStatus = BootEncObj->GetStatus(); - - while (locBootEncStatus.SetupInProgress && attempts > 0) - { - Sleep (SYSENC_PAUSE_RETRY_INTERVAL); - attempts--; - locBootEncStatus = BootEncObj->GetStatus(); - } - - if (!locBootEncStatus.SetupInProgress) - BootEncObj->CheckEncryptionSetupResult (); - - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - NormalCursor (); - - if (locBootEncStatus.SetupInProgress) - { - SetTimer (MainDlg, TIMER_ID_SYSENC_PROGRESS, TIMER_INTERVAL_SYSENC_PROGRESS, NULL); - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); - Error ("FAILED_TO_INTERRUPT_SYSTEM_ENCRYPTION", MainDlg); - return; - } - - UpdateSysEncControls (); - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); - } - else - Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); -} - - -static void SysEncResume (void) -{ - BootEncryptionStatus locBootEncStatus; - - if (CreateSysEncMutex ()) - { - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), FALSE); - - try - { - locBootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (MainDlg); - Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); - return; - } - - if (locBootEncStatus.SetupInProgress) - { - // Prevent the OS from entering Sleep mode when idle - SetThreadExecutionState (ES_CONTINUOUS | ES_SYSTEM_REQUIRED); - - bSystemEncryptionInProgress = TRUE; - UpdateSysEncControls (); - SetTimer (MainDlg, TIMER_ID_SYSENC_PROGRESS, TIMER_INTERVAL_SYSENC_PROGRESS, NULL); - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); - return; - } - - bVolTransformThreadCancel = FALSE; - bSystemEncryptionInProgress = FALSE; - WaitCursor (); - - try - { - switch (SystemEncryptionStatus) - { - case SYSENC_STATUS_ENCRYPTING: - - BootEncObj->StartEncryption (nWipeMode, bTryToCorrectReadErrors ? true : false); - break; - - case SYSENC_STATUS_DECRYPTING: - - if (locBootEncStatus.DriveMounted) // If the drive is not encrypted we will just deinstall - BootEncObj->StartDecryption (DiscardUnreadableEncryptedSectors); - - break; - } - - bSystemEncryptionInProgress = TRUE; - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - NormalCursor (); - - if (!bSystemEncryptionInProgress) - { - // Allow the OS to enter Sleep mode when idle - SetThreadExecutionState (ES_CONTINUOUS); - - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); - Error ("FAILED_TO_RESUME_SYSTEM_ENCRYPTION", MainDlg); - return; - } - - // Prevent the OS from entering Sleep mode when idle - SetThreadExecutionState (ES_CONTINUOUS | ES_SYSTEM_REQUIRED); - - bFirstSysEncResumeDone = TRUE; - InitSysEncProgressBar (); - UpdateSysEncProgressBar (); - UpdateSysEncControls (); - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); - SetTimer (MainDlg, TIMER_ID_SYSENC_PROGRESS, TIMER_INTERVAL_SYSENC_PROGRESS, NULL); - } - else - Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); -} - - -static BOOL GetDevicePathForHiddenOS (void) -{ - BOOL tmpbDevice = FALSE; - - try - { - StringCbCopyW (szFileName, sizeof(szFileName), BootEncObj->GetPartitionForHiddenOS().DevicePath.c_str()); - - CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szFileName, &tmpbDevice); - } - catch (Exception &e) - { - e.Show (MainDlg); - return FALSE; - } - - return (szFileName[0] != 0 - && szDiskFile[0] != 0 - && tmpbDevice); -} - - -// Returns TRUE if there is unallocated space greater than 64 MB (max possible slack space size) between the -// boot partition and the first partition behind it. If there's none or if an error occurs, returns FALSE. -static BOOL CheckGapBetweenSysAndHiddenOS (void) -{ - try - { - SystemDriveConfiguration sysDriveCfg = BootEncObj->GetSystemDriveConfiguration(); - - return (sysDriveCfg.SystemPartition.Info.StartingOffset.QuadPart - + sysDriveCfg.SystemPartition.Info.PartitionLength.QuadPart - + 64 * BYTES_PER_MB - + 128 * BYTES_PER_KB - <= BootEncObj->GetPartitionForHiddenOS().Info.StartingOffset.QuadPart); - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - return FALSE; -} - - -static void NonSysInplaceEncPause (void) -{ - bVolTransformThreadCancel = TRUE; - - WaitCursor (); - - int waitThreshold = 100; // Do not block GUI events for more than 10 seconds. IMPORTANT: This prevents deadlocks when the thread calls us back e.g. to update GUI! - - while (bVolTransformThreadRunning || bVolTransformThreadToRun) - { - MSG guiMsg; - - bVolTransformThreadCancel = TRUE; - - if (waitThreshold <= 0) - { - while (PeekMessageW (&guiMsg, NULL, 0, 0, PM_REMOVE) != 0) - { - DispatchMessageW (&guiMsg); - } - } - else - waitThreshold--; - - Sleep (100); - } -} - - -static void NonSysInplaceEncResume (void) -{ - if (bVolTransformThreadRunning || bVolTransformThreadToRun || bVolTransformThreadCancel) - return; - - if (!bInPlaceEncNonSysResumed - && !FinalPreTransformPrompts ()) - { - return; - } - - CreateNonSysInplaceEncMutex (); - - bFirstNonSysInPlaceEncResumeDone = TRUE; - - SetTimer (MainDlg, TIMER_ID_NONSYS_INPLACE_ENC_PROGRESS, TIMER_INTERVAL_NONSYS_INPLACE_ENC_PROGRESS, NULL); - - bVolTransformThreadCancel = FALSE; - bVolTransformThreadToRun = TRUE; - - UpdateNonSysInPlaceEncControls (); - - LastDialogId = "NONSYS_INPLACE_ENC_IN_PROGRESS"; - - _beginthread (volTransformThreadFunction, 0, MainDlg); - - return; -} - - -void ShowNonSysInPlaceEncUIStatus (void) -{ - wchar_t nonSysInplaceEncUIStatus [300] = {0}; - - switch (NonSysInplaceEncStatus) - { - case NONSYS_INPLACE_ENC_STATUS_PAUSED: - StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_PAUSED")); - break; - case NONSYS_INPLACE_ENC_STATUS_PREPARING: - StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_PREPARING")); - break; - case NONSYS_INPLACE_ENC_STATUS_RESIZING: - StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_RESIZING")); - break; - case NONSYS_INPLACE_ENC_STATUS_ENCRYPTING: - StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_ENCRYPTING")); - break; - case NONSYS_INPLACE_ENC_STATUS_DECRYPTING: - StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_DECRYPTING")); - break; - case NONSYS_INPLACE_ENC_STATUS_FINALIZING: - StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_FINALIZING")); - break; - case NONSYS_INPLACE_ENC_STATUS_FINISHED: - StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_FINISHED")); - break; - case NONSYS_INPLACE_ENC_STATUS_ERROR: - StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_ERROR")); - break; - } - - StringCbCatW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), L" "); - - SetWindowTextW (GetDlgItem (hCurPage, IDC_WRITESPEED), nonSysInplaceEncUIStatus); -} - - -void UpdateNonSysInPlaceEncControls (void) -{ - // Reduce flickering by updating a GUI element only when a relevant change affects it - static BOOL lastbVolTransformThreadRunning = !bVolTransformThreadRunning; - static BOOL lastbVolTransformThreadToRun = !bVolTransformThreadToRun; - static BOOL lastbInPlaceEncNonSysResumed = !bInPlaceEncNonSysResumed; - - EnableWindow (GetDlgItem (hCurPage, IDC_WIPE_MODE), !(bVolTransformThreadRunning || bVolTransformThreadToRun) && !bInPlaceDecNonSys); - - if (lastbVolTransformThreadRunning != bVolTransformThreadRunning - || lastbVolTransformThreadToRun != bVolTransformThreadToRun) - { - SetWindowTextW (GetDlgItem (hCurPage, IDC_PAUSE), - GetString ((bVolTransformThreadRunning || bVolTransformThreadToRun) ? "IDC_PAUSE" : "RESUME")); - - lastbVolTransformThreadRunning = bVolTransformThreadRunning; - lastbVolTransformThreadToRun = bVolTransformThreadToRun; - } - - if (lastbInPlaceEncNonSysResumed != bInPlaceEncNonSysResumed) - { - SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString (bInPlaceEncNonSysResumed ? "DEFER" : "CANCEL")); - lastbInPlaceEncNonSysResumed = bInPlaceEncNonSysResumed; - } - - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), bFirstNonSysInPlaceEncResumeDone - && NonSysInplaceEncStatus != NONSYS_INPLACE_ENC_STATUS_FINALIZING - && NonSysInplaceEncStatus != NONSYS_INPLACE_ENC_STATUS_FINISHED); - - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), !(bVolTransformThreadRunning || bVolTransformThreadToRun) && !bFirstNonSysInPlaceEncResumeDone); - EnableWindow (GetDlgItem (MainDlg, IDC_PREV), !(bVolTransformThreadRunning || bVolTransformThreadToRun) && !bInPlaceEncNonSysResumed); - EnableWindow (GetDlgItem (MainDlg, IDCANCEL), - !(bVolTransformThreadToRun - || NonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_PREPARING - || NonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_RESIZING - || NonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_FINALIZING - || NonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_FINISHED)); - - if (bVolTransformThreadRunning || bVolTransformThreadToRun) - { - switch (NonSysInplaceEncStatus) - { - case NONSYS_INPLACE_ENC_STATUS_PREPARING: - case NONSYS_INPLACE_ENC_STATUS_RESIZING: - case NONSYS_INPLACE_ENC_STATUS_FINALIZING: - ArrowWaitCursor (); - break; - - case NONSYS_INPLACE_ENC_STATUS_ENCRYPTING: - NormalCursor (); - break; - - default: - NormalCursor (); - break; - } - - if (bVolTransformThreadCancel) - WaitCursor (); - } - else - { - NormalCursor (); - - if (bInPlaceEncNonSysResumed) - { - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PAUSED); - } - else - SetWindowText (GetDlgItem (hCurPage, IDC_WRITESPEED), L" "); - - SetWindowText (GetDlgItem (hCurPage, IDC_TIMEREMAIN), L" "); - } - - ShowNonSysInPlaceEncUIStatus (); - - UpdateNonSysInplaceEncProgressBar (); -} - - -static void UpdateNonSysInplaceEncProgressBar (void) -{ - static int lastNonSysInplaceEncStatus = NONSYS_INPLACE_ENC_STATUS_NONE; - int nonSysInplaceEncStatus = NonSysInplaceEncStatus; - __int64 totalSize = NonSysInplaceEncTotalSize; - - if (bVolTransformThreadRunning - && (nonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_ENCRYPTING - || nonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_DECRYPTING - || nonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_FINALIZING - || nonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_FINISHED)) - { - if (lastNonSysInplaceEncStatus != nonSysInplaceEncStatus - && (nonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_ENCRYPTING || nonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_DECRYPTING)) - { - InitNonSysInplaceEncProgressBar (); - } - else - { - if (totalSize <= 0 && nVolumeSize > 0) - totalSize = nVolumeSize; - - if (totalSize > 0) - UpdateProgressBarProc (NonSysInplaceEncBytesDone); - } - } - - ShowNonSysInPlaceEncUIStatus (); - - lastNonSysInplaceEncStatus = nonSysInplaceEncStatus; -} - - -static void InitNonSysInplaceEncProgressBar (void) -{ - __int64 totalSize = NonSysInplaceEncTotalSize; - - if (totalSize <= 0) - { - if (nVolumeSize <= 0) - return; - - totalSize = nVolumeSize; - } - - InitProgressBar (totalSize, - NonSysInplaceEncBytesDone, - bInPlaceDecNonSys, - TRUE, - TRUE, - TRUE); -} - - -void DisplayRandPool (HWND hwndDlg, HWND hPoolDisplay, BOOL bShow) -{ - wchar_t tmp[4]; - unsigned char tmpByte; - int col, row; - static BOOL bRandPoolDispAscii = FALSE; - DWORD mouseEventsCounter; - - RandpeekBytes (hwndDlg, randPool, sizeof (randPool), &mouseEventsCounter); - - ProcessEntropyEstimate (hEntropyBar, &mouseEventsInitialCount, mouseEventsCounter, maxEntropyLevel, &mouseEntropyGathered); - - if (memcmp (lastRandPool, randPool, sizeof(lastRandPool)) != 0) - { - outRandPoolDispBuffer[0] = 0; - - for (row = 0; row < RANDPOOL_DISPLAY_ROWS; row++) - { - for (col = 0; col < RANDPOOL_DISPLAY_COLUMNS; col++) - { - if (bShow) - { - tmpByte = randPool[row * RANDPOOL_DISPLAY_COLUMNS + col]; - - StringCbPrintfW (tmp, sizeof(tmp), bRandPoolDispAscii ? ((tmpByte >= 32 && tmpByte < 255 && tmpByte != L'&') ? L" %c " : L" . ") : L"%02X ", tmpByte); - } - else if (bUseMask) - { - /* use mask to compute a randomized ASCII representation */ - tmpByte = (randPool[row * RANDPOOL_DISPLAY_COLUMNS + col] - - lastRandPool[row * RANDPOOL_DISPLAY_COLUMNS + col]) ^ maskRandPool [row * RANDPOOL_DISPLAY_COLUMNS + col]; - tmp[0] = (wchar_t) (((tmpByte >> 4) % 6) + L'*'); - tmp[1] = (wchar_t) (((tmpByte & 0x0F) % 6) + L'*'); - tmp[2] = L' '; - tmp[3] = 0; - } - else - { - StringCbCopyW (tmp, sizeof(tmp), L"** "); - } - - - StringCbCatW (outRandPoolDispBuffer, sizeof(outRandPoolDispBuffer), tmp); - } - StringCbCatW (outRandPoolDispBuffer, sizeof(outRandPoolDispBuffer), L"\n"); - } - SetWindowText (hPoolDisplay, outRandPoolDispBuffer); - - memcpy (lastRandPool, randPool, sizeof(lastRandPool)); - } -} - - -void DisplayPortionsOfKeys (HWND headerKeyHandle, HWND masterKeyHandle, wchar_t *headerKeyStr, wchar_t *masterKeyStr, BOOL hideKeys) -{ - const wchar_t *hiddenKey = L"******************************** "; - - SetWindowTextW (headerKeyHandle, hideKeys ? hiddenKey : (std::wstring (headerKeyStr) + GetString ("TRIPLE_DOT_GLYPH_ELLIPSIS")).c_str()); - SetWindowTextW (masterKeyHandle, hideKeys ? hiddenKey : (std::wstring (masterKeyStr) + GetString ("TRIPLE_DOT_GLYPH_ELLIPSIS")).c_str()); -} - - -static void WipeAbort (void) -{ - EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), FALSE); - - if (bHiddenOS && IsHiddenOSRunning()) - { - /* Decoy system partition wipe */ - - DecoySystemWipeStatus decoySysPartitionWipeStatus; - - try - { - decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); - } - catch (Exception &e) - { - e.Show (MainDlg); - EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); - return; - } - - if (!decoySysPartitionWipeStatus.WipeInProgress) - { - EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); - return; - } - - WaitCursor (); - - try - { - int attempts = SYSENC_PAUSE_RETRIES; - - BootEncObj->AbortDecoyOSWipe (); - - decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); - - while (decoySysPartitionWipeStatus.WipeInProgress && attempts > 0) - { - Sleep (SYSENC_PAUSE_RETRY_INTERVAL); - attempts--; - decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); - } - - if (!decoySysPartitionWipeStatus.WipeInProgress) - BootEncObj->CheckDecoyOSWipeResult (); - - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - NormalCursor (); - - if (decoySysPartitionWipeStatus.WipeInProgress) - { - SetTimer (MainDlg, TIMER_ID_WIPE_PROGRESS, TIMER_INTERVAL_WIPE_PROGRESS, NULL); - EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); - Error ("FAILED_TO_INTERRUPT_WIPING", MainDlg); - return; - } - } - else - { - /* Regular device wipe (not decoy system partition wipe) */ - } - - UpdateWipeControls (); - EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); -} - - -static void WipeStart (void) -{ - if (bHiddenOS && IsHiddenOSRunning()) - { - /* Decoy system partition wipe */ - - EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), FALSE); - - bDeviceWipeInProgress = FALSE; - WaitCursor (); - - try - { - BootEncObj->StartDecoyOSWipe (nWipeMode); - - bDeviceWipeInProgress = TRUE; - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - NormalCursor (); - - if (!bDeviceWipeInProgress) - { - EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); - Error ("FAILED_TO_START_WIPING", MainDlg); - return; - } - } - else - { - /* Regular device wipe (not decoy system partition wipe) */ - } - - InitWipeProgressBar (); - UpdateWipeProgressBar (); - UpdateWipeControls (); - EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); - SetTimer (MainDlg, TIMER_ID_WIPE_PROGRESS, TIMER_INTERVAL_WIPE_PROGRESS, NULL); -} - - -static void UpdateWipeProgressBar (void) -{ - if (bHiddenOS && IsHiddenOSRunning()) - { - /* Decoy system partition wipe */ - - DecoySystemWipeStatus decoySysPartitionWipeStatus; - - try - { - decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); - BootEncStatus = BootEncObj->GetStatus(); - } - catch (...) - { - return; - } - - if (decoySysPartitionWipeStatus.WipedAreaEnd == -1) - UpdateProgressBarProc (0); - else - UpdateProgressBarProc (decoySysPartitionWipeStatus.WipedAreaEnd - BootEncStatus.ConfiguredEncryptedAreaStart + 1); - } - else - { - /* Regular device wipe (not decoy system partition wipe) */ - } -} - - -static void InitWipeProgressBar (void) -{ - if (bHiddenOS && IsHiddenOSRunning()) - { - /* Decoy system partition wipe */ - - DecoySystemWipeStatus decoySysPartitionWipeStatus; - - try - { - decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); - BootEncStatus = BootEncObj->GetStatus(); - } - catch (...) - { - return; - } - - if (BootEncStatus.ConfiguredEncryptedAreaEnd == -1 - || BootEncStatus.ConfiguredEncryptedAreaStart == -1) - return; - - InitProgressBar (BootEncStatus.ConfiguredEncryptedAreaEnd - BootEncStatus.ConfiguredEncryptedAreaStart + 1, - (decoySysPartitionWipeStatus.WipedAreaEnd == BootEncStatus.ConfiguredEncryptedAreaStart || decoySysPartitionWipeStatus.WipedAreaEnd == -1) ? - 0 : decoySysPartitionWipeStatus.WipedAreaEnd - BootEncStatus.ConfiguredEncryptedAreaStart + 1, - FALSE, - TRUE, - FALSE, - TRUE); - } - else - { - /* Regular device wipe (not decoy system partition wipe) */ - } -} - - -static void UpdateWipeControls (void) -{ - if (bHiddenOS && IsHiddenOSRunning()) - { - /* Decoy system partition wipe */ - - DecoySystemWipeStatus decoySysPartitionWipeStatus; - - try - { - decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); - BootEncStatus = BootEncObj->GetStatus(); - } - catch (...) - { - return; - } - - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), !decoySysPartitionWipeStatus.WipeInProgress); - } - else - { - /* Regular device wipe (not decoy system partition wipe) */ - - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), bDeviceWipeInProgress); - - if (!bDeviceWipeInProgress) - { - SetWindowText (GetDlgItem (hCurPage, IDC_TIMEREMAIN), L" "); - } - } - - EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), bDeviceWipeInProgress); - EnableWindow (GetDlgItem (MainDlg, IDC_PREV), !bDeviceWipeInProgress); - - bConfirmQuit = bDeviceWipeInProgress; -} - - - -static void __cdecl sysEncDriveAnalysisThread (void *hwndDlgArg) -{ - // Mark the detection process as 'in progress' - HiddenSectorDetectionStatus = 1; - SaveSettings (NULL); - BroadcastSysEncCfgUpdate (); - - try - { - BootEncObj->ProbeRealSystemDriveSize (); - bSysEncDriveAnalysisTimeOutOccurred = FALSE; - } - catch (TimeOut &) - { - bSysEncDriveAnalysisTimeOutOccurred = TRUE; - } - catch (Exception &e) - { - // There was a problem but the system did not freeze. Mark the detection process as completed. - HiddenSectorDetectionStatus = 0; - SaveSettings (NULL); - BroadcastSysEncCfgUpdate (); - - e.Show (NULL); - EndMainDlg (MainDlg); - exit(0); - } - - // Mark the detection process as completed - HiddenSectorDetectionStatus = 0; - SaveSettings (NULL); - BroadcastSysEncCfgUpdate (); - - // This artificial delay prevents user confusion on systems where the analysis ends almost instantly - Sleep (3000); - - bSysEncDriveAnalysisInProgress = FALSE; -} - -static void __cdecl volTransformThreadFunction (void *hwndDlgArg) -{ - int nStatus; - DWORD dwWin32FormatError; - BOOL bHidden; - HWND hwndDlg = (HWND) hwndDlgArg; - volatile FORMAT_VOL_PARAMETERS *volParams = (FORMAT_VOL_PARAMETERS *) malloc (sizeof(FORMAT_VOL_PARAMETERS)); - - if (volParams == NULL) - AbortProcess ("ERR_MEM_ALLOC"); - - VirtualLock ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS)); - - bOperationSuccess = FALSE; - - if (bGuiMode) - { - bVolTransformThreadRunning = TRUE; - bVolTransformThreadToRun = FALSE; - } - - // Check administrator privileges - if (!IsAdmin () && !IsUacSupported ()) - { - if (fileSystem == FILESYS_NTFS || fileSystem == FILESYS_EXFAT) - { - if (Silent || (MessageBoxW (hwndDlg, GetString ("ADMIN_PRIVILEGES_WARN_NTFS"), lpszTitle, MB_OKCANCEL|MB_ICONWARNING|MB_DEFBUTTON2) == IDCANCEL)) - goto cancel; - } - if (bDevice) - { - if (Silent || (MessageBoxW (hwndDlg, GetString ("ADMIN_PRIVILEGES_WARN_DEVICES"), lpszTitle, MB_OKCANCEL|MB_ICONWARNING|MB_DEFBUTTON2) == IDCANCEL)) - goto cancel; - } - } - - if (!bInPlaceEncNonSys) - { - if (!bDevice) - { - int x = _waccess (szDiskFile, 06); - if (x == 0 || errno != ENOENT) - { - wchar_t szTmp[512]; - - if (!bForceOperation && !((bHiddenVol && !bHiddenVolHost) && errno != EACCES)) // Only ask ask for permission to overwrite an existing volume if we're not creating a hidden volume - { - StringCbPrintfW (szTmp, sizeof szTmp, - GetString (errno == EACCES ? "READONLYPROMPT" : "OVERWRITEPROMPT"), - szDiskFile); - - x = Silent? IDNO : MessageBoxW (hwndDlg, szTmp, lpszTitle, YES_NO|MB_ICONWARNING|MB_DEFBUTTON2); - - if (x != IDYES) - goto cancel; - } - } - - if (_waccess (szDiskFile, 06) != 0) - { - if (errno == EACCES) - { - if (_wchmod (szDiskFile, _S_IREAD | _S_IWRITE) != 0) - { - if (!Silent) MessageBoxW (hwndDlg, GetString ("ACCESSMODEFAIL"), lpszTitle, ICON_HAND); - goto cancel; - } - } - } - - } - else - { - // Partition / device / dynamic volume - - if (!FinalPreTransformPrompts ()) - goto cancel; - } - } - - // Prevent the OS from entering Sleep mode when idle - SetThreadExecutionState (ES_CONTINUOUS | ES_SYSTEM_REQUIRED); - - bHidden = bHiddenVol && !bHiddenVolHost; - - volParams->bDevice = bDevice; - volParams->hiddenVol = bHidden; - volParams->volumePath = szDiskFile; - volParams->size = nVolumeSize; - volParams->hiddenVolHostSize = nHiddenVolHostSize; - volParams->ea = nVolumeEA; - volParams->pkcs5 = hash_algo; - volParams->headerFlags = (CreatingHiddenSysVol() ? TC_HEADER_FLAG_ENCRYPTED_SYSTEM : 0); - volParams->fileSystem = fileSystem; - volParams->clusterSize = clusterSize; - volParams->sparseFileSwitch = bSparseFileSwitch; - volParams->quickFormat = quickFormat; - volParams->sectorSize = GetFormatSectorSize(); - volParams->realClusterSize = &realClusterSize; - volParams->password = &volumePassword; - volParams->pim = volumePim; - volParams->hwndDlg = hwndDlg; - volParams->bForceOperation = bForceOperation; - volParams->bGuiMode = bGuiMode; - - if (bInPlaceDecNonSys) - { - // In-place decryption of non-system volume - - if (!bInPlaceEncNonSysResumed) - DiscardUnreadableEncryptedSectors = FALSE; - - nStatus = DecryptPartitionInPlace (volParams, &DiscardUnreadableEncryptedSectors); - } - else if (bInPlaceEncNonSys) - { - // In-place encryption of non-system volume - - HANDLE hPartition = INVALID_HANDLE_VALUE; - - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PREPARING); - - if (!bInPlaceEncNonSysResumed) - { - bTryToCorrectReadErrors = FALSE; - - nStatus = EncryptPartitionInPlaceBegin (volParams, &hPartition, nWipeMode); - - if (nStatus == ERR_SUCCESS) - { - nStatus = EncryptPartitionInPlaceResume (hPartition, volParams, nWipeMode, &bTryToCorrectReadErrors); - } - else if (hPartition != INVALID_HANDLE_VALUE) - { - CloseHandle (hPartition); - hPartition = INVALID_HANDLE_VALUE; - } - } - else - { - nStatus = EncryptPartitionInPlaceResume (INVALID_HANDLE_VALUE, volParams, nWipeMode, &bTryToCorrectReadErrors); - } - } - else - { - // Format-encryption - - if (hwndDlg && bGuiMode) InitProgressBar (GetVolumeDataAreaSize (bHidden, nVolumeSize), 0, FALSE, FALSE, FALSE, TRUE); - - nStatus = TCFormatVolume (volParams); - } - - // Allow the OS to enter Sleep mode when idle - SetThreadExecutionState (ES_CONTINUOUS); - - if (nStatus == ERR_OUTOFMEMORY) - { - AbortProcess ("OUTOFMEMORY"); - } - - if (bInPlaceEncNonSys - && nStatus == ERR_USER_ABORT - && NonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_FINISHED) - { - // Ignore user abort if non-system in-place encryption/decryption successfully finished - nStatus = ERR_SUCCESS; - } - - - dwWin32FormatError = GetLastError (); - - if (bHiddenVolHost && (!bGuiMode || !bVolTransformThreadCancel) && nStatus == 0) - { - /* Auto mount the newly created hidden volume host */ - switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, hash_algo, volumePim, FALSE)) - { - case ERR_NO_FREE_DRIVES: - if (!Silent) MessageBoxW (hwndDlg, GetString ("NO_FREE_DRIVE_FOR_OUTER_VOL"), lpszTitle, ICON_HAND); - if (bGuiMode) bVolTransformThreadCancel = TRUE; - break; - case ERR_VOL_MOUNT_FAILED: - case ERR_PASSWORD_WRONG: - if (!Silent) MessageBoxW (hwndDlg, GetString ("CANT_MOUNT_OUTER_VOL"), lpszTitle, ICON_HAND); - if (bGuiMode) bVolTransformThreadCancel = TRUE; - break; - } - } - - SetLastError (dwWin32FormatError); - - if ((bVolTransformThreadCancel || nStatus == ERR_USER_ABORT) - && !(bInPlaceEncNonSys && NonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_FINISHED)) // Ignore user abort if non-system in-place encryption/decryption successfully finished. - { - if (!bDevice && !(bHiddenVol && !bHiddenVolHost)) // If we're not creating a hidden volume and if it's a file container - { - _wremove (szDiskFile); // Delete the container - } - - goto cancel; - } - - if (nStatus != ERR_USER_ABORT) - { - if (nStatus != 0) - { - /* An error occurred */ - - wchar_t szMsg[8192]; - - handleError (hwndDlg, nStatus, SRC_POS); - - if (bInPlaceEncNonSys) - { - if (bInPlaceEncNonSysResumed) - { - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PAUSED); - Error ("INPLACE_ENC_GENERIC_ERR_RESUME", hwndDlg); - } - else - { - SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_ERROR); - - if (bInPlaceDecNonSys) - Error ("INPLACE_DEC_GENERIC_ERR", hwndDlg); - else - ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_GENERIC_ERR_ALT_STEPS", TRUE); - } - } - else if (!Silent && !(bHiddenVolHost && hiddenVolHostDriveNo < 0)) // If the error was not that the hidden volume host could not be mounted (this error has already been reported to the user) - { - StringCbPrintfW (szMsg, sizeof(szMsg), GetString ("CREATE_FAILED"), szDiskFile); - MessageBoxW (hwndDlg, szMsg, lpszTitle, ICON_HAND); - } - - if (!bDevice && !(bHiddenVol && !bHiddenVolHost)) // If we're not creating a hidden volume and if it's a file container - { - _wremove (szDiskFile); // Delete the container - } - - goto cancel; - } - else - { - /* Volume successfully created */ - - RestoreDefaultKeyFilesParam (); - - PimEnable = FALSE; - - bOperationSuccess = TRUE; - - if (bDevice && !bInPlaceEncNonSys) - { - // Handle assigned drive letter (if any) - - HandleOldAssignedDriveLetter (); - } - - if (!bHiddenVolHost) - { - if (bHiddenVol) - { - bHiddenVolFinished = TRUE; - - if (!bHiddenOS) - Warning ("HIDVOL_FORMAT_FINISHED_HELP", hwndDlg); - } - else if (bInPlaceEncNonSys) - { - if (!bInPlaceDecNonSys) - { - Warning ("NONSYS_INPLACE_ENC_FINISHED_INFO", hwndDlg); - - HandleOldAssignedDriveLetter (); - } - else - { - // NOP - Final steps for in-place decryption are handled with the TC_APPMSG_NONSYS_INPLACE_ENC_FINISHED message. - } - } - else - { - Info("FORMAT_FINISHED_INFO", hwndDlg); - - if (bSparseFileSwitch && quickFormat) - Warning("SPARSE_FILE_SIZE_NOTE", hwndDlg); - } - } - else - { - /* We've just created an outer volume (to host a hidden volume within) */ - - bHiddenVolHost = FALSE; - bHiddenVolFinished = FALSE; - nHiddenVolHostSize = nVolumeSize; - - // Clear the outer volume password - burn(&szVerify[0], sizeof (szVerify)); - burn(&szRawPassword[0], sizeof (szRawPassword)); - - if (!Silent) MessageBeep (MB_OK); - } - - if (!bInPlaceEncNonSys && hwndDlg && bGuiMode) - SetTimer (hwndDlg, TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL); - - - // volParams is ensured to be non NULL at this stage - burn ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS)); - VirtualUnlock ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS)); - free ((LPVOID) volParams); - volParams = NULL; - - if (bGuiMode) - { - bVolTransformThreadRunning = FALSE; - bVolTransformThreadCancel = FALSE; - } - - if (hwndDlg && bGuiMode) PostMessage (hwndDlg, bInPlaceEncNonSys ? TC_APPMSG_NONSYS_INPLACE_ENC_FINISHED : TC_APPMSG_FORMAT_FINISHED, 0, 0); - - LastDialogId = "FORMAT_FINISHED"; - if (bGuiMode) _endthread (); - } - } - -cancel: - - LastDialogId = (bInPlaceEncNonSys ? "NONSYS_INPLACE_ENC_CANCELED" : "FORMAT_CANCELED"); - - if (!bInPlaceEncNonSys && hwndDlg && bGuiMode) - SetTimer (hwndDlg, TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL); - - if (volParams != NULL) - { - burn ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS)); - VirtualUnlock ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS)); - free ((LPVOID) volParams); - volParams = NULL; - } - - if (bGuiMode) - { - bVolTransformThreadRunning = FALSE; - bVolTransformThreadCancel = FALSE; - } - - // Allow the OS to enter Sleep mode when idle - SetThreadExecutionState (ES_CONTINUOUS); - - if (hwndDlg) PostMessage (hwndDlg, TC_APPMSG_VOL_TRANSFORM_THREAD_ENDED, 0, 0); - - if (bHiddenVolHost && hiddenVolHostDriveNo < -1 && !bVolTransformThreadCancel) // If hidden volume host could not be mounted - AbortProcessSilent (); - - if (bGuiMode) _endthread (); -} - -static void LoadPage (HWND hwndDlg, int nPageNo) -{ - RECT rD, rW; - - nLastPageNo = nCurPageNo; - - if (hCurPage != NULL) - { - // WARNING: nCurPageNo must be set to a non-existent ID here before wiping the password fields below in - // this function, etc. Otherwise, such actions (SetWindowText) would invoke the EN_CHANGE handlers, which - // would, if keyfiles were applied, e.g. use strlen() on a buffer full of random data, in most cases - // not null-terminated. - nCurPageNo = -1; - - - // Place here any actions that need to be performed at the latest possible time when leaving a wizard page - // (i.e. right before "destroying" the page). Also, code that needs to be executed both on IDC_NEXT and - // on IDC_PREV can be placed here so as to avoid code doubling. - - switch (nLastPageNo) - { - case PASSWORD_PAGE: - { - wchar_t tmp[MAX_PASSWORD+1]; - - // Attempt to wipe passwords stored in the input field buffers. This is performed here (and - // not in the IDC_PREV or IDC_NEXT sections) in order to prevent certain race conditions - // when keyfiles are used. - wmemset (tmp, 'X', MAX_PASSWORD); - tmp [MAX_PASSWORD] = 0; - SetWindowText (hPasswordInputField, tmp); - SetWindowText (hVerifyPasswordInputField, tmp); - } - break; - } - - DestroyWindow (hCurPage); - hCurPage = NULL; - } - - // This prevents the mouse pointer from remaining as the "hand" cursor when the user presses Enter - // while hovering over a hyperlink. - bHyperLinkBeingTracked = FALSE; - NormalCursor(); - - GetWindowRect (GetDlgItem (hwndDlg, IDC_POS_BOX), &rW); - - - nCurPageNo = nPageNo; - - - switch (nPageNo) - { - case INTRO_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INTRO_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case SYSENC_TYPE_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_TYPE_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case SYSENC_HIDDEN_OS_REQ_CHECK_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case SYSENC_SPAN_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_SPAN_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case SYSENC_PRE_DRIVE_ANALYSIS_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case SYSENC_DRIVE_ANALYSIS_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_DRIVE_ANALYSIS_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case SYSENC_MULTI_BOOT_MODE_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_MULTI_BOOT_MODE_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case SYSENC_MULTI_BOOT_SYS_EQ_BOOT_PAGE: - case SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_PAGE: - case SYSENC_MULTI_BOOT_ADJACENT_SYS_PAGE: - case SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case SYSENC_MULTI_BOOT_OUTCOME_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case VOLUME_TYPE_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_VOLUME_TYPE_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case HIDDEN_VOL_WIZARD_MODE_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_HIDDEN_VOL_WIZARD_MODE_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case VOLUME_LOCATION_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_VOLUME_LOCATION_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - - EnableWindow (GetDlgItem(hCurPage, IDC_NO_HISTORY), !bHistoryCmdLine); - - EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), - GetWindowTextLength (GetDlgItem (hCurPage, IDC_COMBO_BOX)) > 0); - - break; - - case DEVICE_TRANSFORM_MODE_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_DEVICE_TRANSFORM_MODE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case HIDDEN_VOL_HOST_PRE_CIPHER_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case HIDDEN_VOL_PRE_CIPHER_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case CIPHER_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_CIPHER_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case SIZE_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SIZE_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case HIDDEN_VOL_HOST_PASSWORD_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PASSWORD_ENTRY_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case PASSWORD_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PASSWORD_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case PIM_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PIM_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case FILESYS_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case SYSENC_COLLECTING_RANDOM_DATA_PAGE: - case NONSYS_INPLACE_ENC_RAND_DATA_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_COLLECTING_RANDOM_DATA_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case SYSENC_KEYS_GEN_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_KEYS_GEN_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case SYSENC_RESCUE_DISK_CREATION_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_RESCUE_DISK_CREATION_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case SYSENC_RESCUE_DISK_BURN_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_RESCUE_DISK_BURN_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case SYSENC_RESCUE_DISK_VERIFIED_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case SYSENC_WIPE_MODE_PAGE: - case NONSYS_INPLACE_ENC_WIPE_MODE_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_WIPE_MODE_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case SYSENC_PRETEST_INFO_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case SYSENC_PRETEST_RESULT_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case SYSENC_ENCRYPTION_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INPLACE_ENCRYPTION_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PASSWORD_ENTRY_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case NONSYS_INPLACE_ENC_RESUME_PARTITION_SEL_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_EXPANDED_LIST_SELECT_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case NONSYS_INPLACE_ENC_TRANSFORM_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INPLACE_ENCRYPTION_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case NONSYS_INPLACE_ENC_TRANSFORM_FINISHED_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case NONSYS_INPLACE_DEC_TRANSFORM_FINISHED_DRIVE_LETTER_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_DRIVE_LETTER_SELECTION_PAGE), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case FORMAT_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_FORMAT_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - case FORMAT_FINISHED_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW ((bHiddenVol && !bHiddenVolHost && !bHiddenVolFinished) ? IDD_HIDVOL_HOST_FILL_PAGE_DLG : IDD_INFO_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case SYSENC_HIDDEN_OS_INITIAL_INFO_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, (DLGPROC) PageDialogProc); - break; - - case SYSENC_HIDDEN_OS_WIPE_INFO_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, (DLGPROC) PageDialogProc); - break; - - case DEVICE_WIPE_MODE_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_DEVICE_WIPE_MODE_PAGE_DLG), hwndDlg, (DLGPROC) PageDialogProc); - break; - - case DEVICE_WIPE_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_DEVICE_WIPE_PAGE_DLG), hwndDlg, (DLGPROC) PageDialogProc); - break; - } - - rD.left = 162; - rD.top = 25; - rD.right = 0; - rD.bottom = 0; - MapDialogRect (hwndDlg, &rD); - - if (hCurPage != NULL) - { - MoveWindow (hCurPage, rD.left, rD.top, rW.right - rW.left, rW.bottom - rW.top, TRUE); - ShowWindow (hCurPage, SW_SHOWNORMAL); - - // Place here any message boxes that need to be displayed as soon as a new page is displayed. This - // ensures that the page is fully rendered (otherwise it would remain blank, until the message box - // is closed). - switch (nPageNo) - { - case PASSWORD_PAGE: - - CheckCapsLock (hwndDlg, FALSE); - - if (CreatingHiddenSysVol()) - Warning ("PASSWORD_HIDDEN_OS_NOTE", MainDlg); - - break; - - case CIPHER_PAGE: - - if (CreatingHiddenSysVol()) - Warning ("HIDDEN_OS_PRE_CIPHER_WARNING", MainDlg); - - break; - } - } -} - - -__int64 PrintFreeSpace (HWND hwndTextBox, wchar_t *lpszDrive, PLARGE_INTEGER lDiskFree) -{ - char *nResourceString; - __int64 nMultiplier; - wchar_t szTmp2[256]; - - if (lDiskFree->QuadPart < BYTES_PER_KB) - nMultiplier = 1; - else if (lDiskFree->QuadPart < BYTES_PER_MB) - nMultiplier = BYTES_PER_KB; - else if (lDiskFree->QuadPart < BYTES_PER_GB) - nMultiplier = BYTES_PER_MB; - else if (lDiskFree->QuadPart < BYTES_PER_TB) - nMultiplier = BYTES_PER_GB; - else - nMultiplier = BYTES_PER_TB; - - if (nMultiplier == 1) - { - if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume - nResourceString = "MAX_HIDVOL_SIZE_BYTES"; - else if (bDevice) - nResourceString = "DEVICE_FREE_BYTES"; - else - nResourceString = "DISK_FREE_BYTES"; - } - else if (nMultiplier == BYTES_PER_KB) - { - if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume - nResourceString = "MAX_HIDVOL_SIZE_KB"; - else if (bDevice) - nResourceString = "DEVICE_FREE_KB"; - else - nResourceString = "DISK_FREE_KB"; - } - else if (nMultiplier == BYTES_PER_MB) - { - if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume - nResourceString = "MAX_HIDVOL_SIZE_MB"; - else if (bDevice) - nResourceString = "DEVICE_FREE_MB"; - else - nResourceString = "DISK_FREE_MB"; - } - else if (nMultiplier == BYTES_PER_GB) - { - if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume - nResourceString = "MAX_HIDVOL_SIZE_GB"; - else if (bDevice) - nResourceString = "DEVICE_FREE_GB"; - else - nResourceString = "DISK_FREE_GB"; - } - else - { - if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume - nResourceString = "MAX_HIDVOL_SIZE_TB"; - else if (bDevice) - nResourceString = "DEVICE_FREE_TB"; - else - nResourceString = "DISK_FREE_TB"; - } - - if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume - { - StringCbPrintfW (szTmp2, sizeof szTmp2, GetString (nResourceString), ((double) lDiskFree->QuadPart) / nMultiplier); - SetWindowTextW (GetDlgItem (hwndTextBox, IDC_SIZEBOX), szTmp2); - } - else if (lpszDrive) - StringCbPrintfW (szTmp2, sizeof szTmp2, GetString (nResourceString), lpszDrive, ((double) lDiskFree->QuadPart) / nMultiplier); - else - szTmp2 [0] = 0; - - SetWindowTextW (hwndTextBox, szTmp2); - - if (lDiskFree->QuadPart % (__int64) BYTES_PER_MB != 0) - nMultiplier = BYTES_PER_KB; - - return nMultiplier; -} - -void DisplaySizingErrorText (HWND hwndTextBox) -{ - wchar_t szTmp[1024]; - - if (translateWin32Error (szTmp, sizeof (szTmp) / sizeof(szTmp[0]))) - { - wchar_t szTmp2[1024]; - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s\n%s", GetString ("CANNOT_CALC_SPACE"), szTmp); - SetWindowTextW (hwndTextBox, szTmp2); - } - else - { - SetWindowText (hwndTextBox, L""); - } -} - -void EnableDisableFileNext (HWND hComboBox, HWND hMainButton) -{ - int nIndex = (int) SendMessage (hComboBox, CB_GETCURSEL, 0, 0); - if (bHistory && nIndex == CB_ERR) - { - EnableWindow (hMainButton, FALSE); - SetFocus (hComboBox); - } - else - { - EnableWindow (hMainButton, TRUE); - SetFocus (hMainButton); - } -} - -// Returns TRUE if the file is a sparse file. If it's not a sparse file or in case of any error, returns FALSE. -BOOL IsSparseFile (HWND hwndDlg) -{ - HANDLE hFile; - BY_HANDLE_FILE_INFORMATION bhFileInfo; - - FILETIME ftLastAccessTime; - BOOL bTimeStampValid = FALSE; - - BOOL retCode = FALSE; - - hFile = CreateFile (szFileName, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (hFile == INVALID_HANDLE_VALUE) - { - MessageBoxW (hwndDlg, GetString ("CANT_ACCESS_VOL"), lpszTitle, ICON_HAND); - return FALSE; - } - - if (bPreserveTimestamp) - { - if (GetFileTime (hFile, NULL, &ftLastAccessTime, NULL) == 0) - bTimeStampValid = FALSE; - else - bTimeStampValid = TRUE; - } - - bhFileInfo.dwFileAttributes = 0; - - GetFileInformationByHandle(hFile, &bhFileInfo); - - retCode = bhFileInfo.dwFileAttributes & FILE_ATTRIBUTE_SPARSE_FILE; - - if (bTimeStampValid) - SetFileTime (hFile, NULL, &ftLastAccessTime, NULL); - - CloseHandle (hFile); - return retCode; -} - - -// Note: GetFileVolSize is not to be used for devices (only for file-hosted volumes) -BOOL GetFileVolSize (HWND hwndDlg, unsigned __int64 *size) -{ - LARGE_INTEGER fileSize; - HANDLE hFile; - - FILETIME ftLastAccessTime; - BOOL bTimeStampValid = FALSE; - - hFile = CreateFile (szFileName, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (hFile == INVALID_HANDLE_VALUE) - { - MessageBoxW (hwndDlg, GetString ("CANT_ACCESS_VOL"), lpszTitle, ICON_HAND); - return FALSE; - } - - if (bPreserveTimestamp) - { - if (GetFileTime (hFile, NULL, &ftLastAccessTime, NULL) == 0) - bTimeStampValid = FALSE; - else - bTimeStampValid = TRUE; - } - - if (GetFileSizeEx(hFile, &fileSize) == 0) - { - MessageBoxW (hwndDlg, GetString ("CANT_GET_VOLSIZE"), lpszTitle, ICON_HAND); - - if (bTimeStampValid) - SetFileTime (hFile, NULL, &ftLastAccessTime, NULL); - - CloseHandle (hFile); - return FALSE; - } - - if (bTimeStampValid) - SetFileTime (hFile, NULL, &ftLastAccessTime, NULL); - - CloseHandle (hFile); - *size = fileSize.QuadPart; - return TRUE; -} - - -BOOL QueryFreeSpace (HWND hwndDlg, HWND hwndTextBox, BOOL display) -{ - if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume - { - LARGE_INTEGER lDiskFree; - - lDiskFree.QuadPart = nMaximumHiddenVolSize; - - if (display) - PrintFreeSpace (hwndTextBox, NULL, &lDiskFree); - - return TRUE; - } - else if (bDevice == FALSE) - { - wchar_t root[TC_MAX_PATH]; - ULARGE_INTEGER free; - - if (!GetVolumePathName (szFileName, root, ARRAYSIZE (root))) - { - handleWin32Error (hwndDlg, SRC_POS); - return FALSE; - } - - if (!GetDiskFreeSpaceEx (root, &free, 0, 0)) - { - if (display) - DisplaySizingErrorText (hwndTextBox); - - return FALSE; - } - else - { - LARGE_INTEGER lDiskFree; - lDiskFree.QuadPart = free.QuadPart; - - if (display) - PrintFreeSpace (hwndTextBox, root, &lDiskFree); - - return TRUE; - } - } - else - { - DISK_GEOMETRY driveInfo; - PARTITION_INFORMATION diskInfo; - BOOL piValid = FALSE; - BOOL gValid = FALSE; - - // Query partition size - piValid = GetPartitionInfo (szDiskFile, &diskInfo); - gValid = GetDriveGeometry (szDiskFile, &driveInfo); - - if (!piValid && !gValid) - { - if (display) - DisplaySizingErrorText (hwndTextBox); - - return FALSE; - } - - DWORD sectorSize = GetFormatSectorSize(); - - if (sectorSize < TC_MIN_VOLUME_SECTOR_SIZE - || sectorSize > TC_MAX_VOLUME_SECTOR_SIZE - || sectorSize % ENCRYPTION_DATA_UNIT_SIZE != 0) - { - Error ("SECTOR_SIZE_UNSUPPORTED", hwndDlg); - return FALSE; - } - - if (piValid) - { - nVolumeSize = diskInfo.PartitionLength.QuadPart; - - if(display) - nMultiplier = PrintFreeSpace (hwndTextBox, szDiskFile, &diskInfo.PartitionLength); - - nUIVolumeSize = diskInfo.PartitionLength.QuadPart / nMultiplier; - - if (nVolumeSize == 0) - { - if (display) - SetWindowTextW (hwndTextBox, GetString ("EXT_PARTITION")); - - return FALSE; - } - } - else - { - LARGE_INTEGER lDiskFree; - - // Drive geometry info is used only when GetPartitionInfo() fails - lDiskFree.QuadPart = driveInfo.Cylinders.QuadPart * driveInfo.BytesPerSector * - driveInfo.SectorsPerTrack * driveInfo.TracksPerCylinder; - - nVolumeSize = lDiskFree.QuadPart; - - if (display) - nMultiplier = PrintFreeSpace (hwndTextBox, szDiskFile, &lDiskFree); - - nUIVolumeSize = lDiskFree.QuadPart / nMultiplier; - } - - return TRUE; - } -} - - -static BOOL FinalPreTransformPrompts (void) -{ - int x; - wchar_t szTmp[4096]; - int driveNo; - WCHAR deviceName[MAX_PATH]; - - StringCbCopyW (deviceName, sizeof(deviceName), szFileName); - - driveNo = GetDiskDeviceDriveLetter (deviceName); - - if (!bForceOperation && !(bHiddenVol && !bHiddenVolHost)) // Do not ask for permission to overwrite an existing volume if we're creating a hidden volume within it - { - wchar_t drive[128]; - wchar_t volumeLabel[128]; - wchar_t *type; - BOOL bTmpIsPartition = FALSE; - - type = GetPathType (szFileName, !bInPlaceEncNonSys, &bTmpIsPartition); - - if (driveNo != -1) - { - if (!GetDriveLabel (driveNo, volumeLabel, sizeof (volumeLabel))) - volumeLabel[0] = 0; - - StringCbPrintfW (drive, sizeof (drive), volumeLabel[0] ? L" (%hc: '%s')" : L" (%hc:%s)", 'A' + driveNo, volumeLabel[0] ? volumeLabel : L""); - } - else - { - drive[0] = 0; - volumeLabel[0] = 0; - } - - if (bHiddenOS && bHiddenVolHost) - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("OVERWRITEPROMPT_DEVICE_HIDDEN_OS_PARTITION"), szFileName, drive); - else - StringCbPrintfW (szTmp, sizeof(szTmp), GetString (bInPlaceEncNonSys ? (bInPlaceDecNonSys ? "NONSYS_INPLACE_DEC_CONFIRM" : "NONSYS_INPLACE_ENC_CONFIRM") : "OVERWRITEPROMPT_DEVICE"), type, szFileName, drive); - - if (bInPlaceEncNonSys) - x = AskWarnYesNoString (szTmp, MainDlg); - else - x = AskWarnNoYesString (szTmp, MainDlg); - - if (x != IDYES) - return FALSE; - - - if (driveNo != -1 && bTmpIsPartition && !bInPlaceEncNonSys) - { - float percentFreeSpace = 100.0; - __int64 occupiedBytes = 0; - - // Do a second check. If we find that the partition contains more than 1GB of data or more than 12% - // of its space is occupied, we will display an extra warning, however, this time it won't be a Yes/No - // dialog box (because users often ignore such dialog boxes). - - if (GetStatsFreeSpaceOnPartition (szFileName, &percentFreeSpace, &occupiedBytes, TRUE) != -1) - { - if (occupiedBytes > BYTES_PER_GB && percentFreeSpace < 99.99 // "percentFreeSpace < 99.99" is needed because an NTFS filesystem larger than several terabytes can have more than 1GB of data in use, even if there are no files stored on it. - || percentFreeSpace < 88) // A 24-MB NTFS filesystem has 11.5% of space in use even if there are no files stored on it. - { - wchar_t tmpMcMsg [8000]; - wchar_t tmpMcOption1 [500]; - wchar_t tmpMcOptionCancel [50]; - - StringCbCopyW (tmpMcMsg, sizeof(tmpMcMsg), GetString("OVERWRITEPROMPT_DEVICE_SECOND_WARNING_LOTS_OF_DATA")); - StringCbCopyW (tmpMcOption1, sizeof(tmpMcOption1), GetString("ERASE_FILES_BY_CREATING_VOLUME")); - StringCbCopyW (tmpMcOptionCancel, sizeof(tmpMcOptionCancel), GetString("CANCEL")); - - StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), L"\n\n"); - StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), GetString("DRIVE_LETTER_ITEM")); - StringCbPrintfW (szTmp, sizeof (szTmp), L"%hc:", 'A' + driveNo); - StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), szTmp); - - StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), L"\n"); - StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), GetString("LABEL_ITEM")); - StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), volumeLabel[0] != 0 ? volumeLabel : GetString("NOT_APPLICABLE_OR_NOT_AVAILABLE")); - - StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), L"\n"); - StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), GetString("SIZE_ITEM")); - GetSizeString (nVolumeSize, szTmp, sizeof(szTmp)); - StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), szTmp); - - StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), L"\n"); - StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), GetString("PATH_ITEM")); - StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), deviceName); - - wchar_t *tmpStr[] = {L"", tmpMcMsg, tmpMcOption1, tmpMcOptionCancel, 0}; - switch (AskMultiChoice ((void **) tmpStr, TRUE, MainDlg)) - { - case 1: - // Proceed - - // NOP - break; - - default: - return FALSE; - } - } - } - } - } - return TRUE; -} - -void UpdateLastDialogId (void) -{ - static char PageDebugId[128]; - - StringCbPrintfA (PageDebugId, sizeof(PageDebugId), "FORMAT_PAGE_%d", nCurPageNo); - LastDialogId = PageDebugId; -} - - -void HandleOldAssignedDriveLetter (void) -{ - if (bDevice) - { - // Handle assigned drive letter (if any) - - WCHAR deviceName[MAX_PATH]; - int driveLetter = -1; - - StringCbCopyW (deviceName, sizeof(deviceName), szDiskFile); - driveLetter = GetDiskDeviceDriveLetter (deviceName); - - if (!Silent && !bHiddenVolHost - && !bHiddenOS - && driveLetter >= 0) - { - wchar_t rootPath[] = { (wchar_t) driveLetter + L'A', L':', L'\\', 0 }; - wchar_t szTmp[8192]; - - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("AFTER_FORMAT_DRIVE_LETTER_WARN"), rootPath[0], rootPath[0], rootPath[0], rootPath[0]); - MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING); - } - } -} - - -// Returns TRUE if it makes sense to ask the user whether he wants to store files larger than 4GB in the volume. -static BOOL FileSize4GBLimitQuestionNeeded (void) -{ - uint64 dataAreaSize = GetVolumeDataAreaSize (bHiddenVol && !bHiddenVolHost, nVolumeSize); - - return (dataAreaSize > 4 * BYTES_PER_GB + TC_MIN_FAT_FS_SIZE - && dataAreaSize <= TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize()); -} - - -/* Except in response to the WM_INITDIALOG message, the dialog box procedure - should return nonzero if it processes the message, and zero if it does - not. - see DialogProc */ -BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - WORD hw = HIWORD (wParam); - static BOOL PimValueChangedWarning = FALSE; - - hCurPage = hwndDlg; - - switch (uMsg) - { - case WM_INITDIALOG: - PimValueChangedWarning = FALSE; - LocalizeDialog (hwndDlg, "IDD_VOL_CREATION_WIZARD_DLG"); - - burn (randPool, sizeof(randPool)); - burn (lastRandPool, sizeof(lastRandPool)); - burn (maskRandPool, sizeof (maskRandPool)); - - UpdateLastDialogId (); - - switch (nCurPageNo) - { - case INTRO_PAGE: - - SendMessage (GetDlgItem (hwndDlg, IDC_FILE_CONTAINER), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - SendMessage (GetDlgItem (hwndDlg, IDC_NONSYS_DEVICE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - SendMessage (GetDlgItem (hwndDlg, IDC_SYS_DEVICE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("INTRO_TITLE")); - - ToHyperlink (hwndDlg, IDC_MORE_INFO_ON_CONTAINERS); - ToHyperlink (hwndDlg, IDC_MORE_INFO_ON_SYS_ENCRYPTION); - - EnableWindow (GetDlgItem (hwndDlg, IDC_STD_VOL), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_HIDDEN_VOL), TRUE); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - - UpdateWizardModeControls (hwndDlg, WizardMode); - break; - - case SYSENC_TYPE_PAGE: - - bHiddenVolHost = bHiddenVol = bHiddenOS; - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_TYPE_PAGE_TITLE")); - - SendMessage (GetDlgItem (hwndDlg, IDC_SYSENC_HIDDEN), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - SendMessage (GetDlgItem (hwndDlg, IDC_SYSENC_NORMAL), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - - CheckButton (GetDlgItem (hwndDlg, bHiddenOS ? IDC_SYSENC_HIDDEN : IDC_SYSENC_NORMAL)); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_HIDDEN_TYPE_HELP")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP_SYSENC_NORMAL), GetString ("SYSENC_NORMAL_TYPE_HELP")); - - ToHyperlink (hwndDlg, IDC_HIDDEN_SYSENC_INFO_LINK); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), !bDirectSysEncMode); - - SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); - break; - - case SYSENC_HIDDEN_OS_REQ_CHECK_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_HELP")); - SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); - - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (MainDlg, IDC_PREV), bDirectSysEncModeCommand != SYSENC_COMMAND_CREATE_HIDDEN_OS && bDirectSysEncModeCommand != SYSENC_COMMAND_CREATE_HIDDEN_OS_ELEV); - - ToHyperlink (hwndDlg, IDC_HIDDEN_SYSENC_INFO_LINK); - break; - - case SYSENC_SPAN_PAGE: - - SendMessage (GetDlgItem (hwndDlg, IDC_WHOLE_SYS_DRIVE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - SendMessage (GetDlgItem (hwndDlg, IDC_SYS_PARTITION), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYS_ENCRYPTION_SPAN_TITLE")); - - SetWindowTextW (GetDlgItem (hwndDlg, IDT_WHOLE_SYS_DRIVE), GetString ("SYS_ENCRYPTION_SPAN_WHOLE_SYS_DRIVE_HELP")); - - CheckButton (GetDlgItem (hwndDlg, bWholeSysDrive ? IDC_WHOLE_SYS_DRIVE : IDC_SYS_PARTITION)); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - break; - - - case SYSENC_PRE_DRIVE_ANALYSIS_PAGE: - - Init2RadButtonPageYesNo (SysEncDetectHiddenSectors); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_PRE_DRIVE_ANALYSIS_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_PRE_DRIVE_ANALYSIS_HELP")); - break; - - - case SYSENC_DRIVE_ANALYSIS_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_DRIVE_ANALYSIS_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDT_SYSENC_DRIVE_ANALYSIS_INFO), GetString ("SYSENC_DRIVE_ANALYSIS_INFO")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), FALSE); - EnableWindow (GetDlgItem (MainDlg, IDC_PREV), FALSE); - EnableWindow (GetDlgItem (MainDlg, IDCANCEL), FALSE); - - LoadSettings (hwndDlg); - - if (HiddenSectorDetectionStatus == 1) - { - // Detection of hidden sectors was already in progress but it did not finish successfully. - // Ask the user if he wants to try again (to prevent repeated system freezing, etc.) - - char *tmpStr[] = {0, "HIDDEN_SECTOR_DETECTION_FAILED_PREVIOUSLY", "SKIP_HIDDEN_SECTOR_DETECTION", "RETRY_HIDDEN_SECTOR_DETECTION", "IDC_EXIT", 0}; - switch (AskMultiChoice ((void **) tmpStr, FALSE, MainDlg)) - { - case 1: - // Do not try again - LoadPage (MainDlg, SYSENC_DRIVE_ANALYSIS_PAGE + 1); - return 0; - - case 2: - // Try again - break; - - default: - EndMainDlg (MainDlg); - return 0; - } - } - - SetTimer (MainDlg, TIMER_ID_SYSENC_DRIVE_ANALYSIS_PROGRESS, TIMER_INTERVAL_SYSENC_DRIVE_ANALYSIS_PROGRESS, NULL); - bSysEncDriveAnalysisInProgress = TRUE; - ArrowWaitCursor (); - SysEncDriveAnalysisStart = GetTickCount (); - InitProgressBar (SYSENC_DRIVE_ANALYSIS_ETA, 0, FALSE, FALSE, FALSE, TRUE); - - _beginthread (sysEncDriveAnalysisThread, 0, hwndDlg); - - break; - - - case SYSENC_MULTI_BOOT_MODE_PAGE: - - SendMessage (GetDlgItem (hwndDlg, IDC_SINGLE_BOOT), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - SendMessage (GetDlgItem (hwndDlg, IDC_MULTI_BOOT), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYS_MULTI_BOOT_MODE_TITLE")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); - - RefreshMultiBootControls (hwndDlg); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), nMultiBoot > 0); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); - break; - - - case SYSENC_MULTI_BOOT_SYS_EQ_BOOT_PAGE: - - Init2RadButtonPageYesNo (SysEncMultiBootCfg.SystemOnBootDrive); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_MULTI_BOOT_SYS_EQ_BOOT_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_MULTI_BOOT_SYS_EQ_BOOT_HELP")); - break; - - - case SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_PAGE: - - SetWindowTextW (GetDlgItem (hCurPage, IDC_CHOICE1), GetString ("DIGIT_ONE")); - SetWindowTextW (GetDlgItem (hCurPage, IDC_CHOICE2), GetString ("TWO_OR_MORE")); - - SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); - - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), SysEncMultiBootCfg.NumberOfSysDrives > 0); - EnableWindow (GetDlgItem (MainDlg, IDC_PREV), TRUE); - - if (SysEncMultiBootCfg.NumberOfSysDrives == 2) - Update2RadButtonPage (0); // 2 or more drives contain an OS - else if (SysEncMultiBootCfg.NumberOfSysDrives == 1) - Update2RadButtonPage (1); // Only 1 drive contains an OS - else - Update2RadButtonPage (-1); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_HELP")); - break; - - - case SYSENC_MULTI_BOOT_ADJACENT_SYS_PAGE: - - Init2RadButtonPageYesNo (SysEncMultiBootCfg.MultipleSystemsOnDrive); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_MULTI_BOOT_ADJACENT_SYS_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_MULTI_BOOT_ADJACENT_SYS_HELP")); - break; - - - case SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE: - - Init2RadButtonPageYesNo (SysEncMultiBootCfg.BootLoaderBrand); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_HELP")); - break; - - - case SYSENC_MULTI_BOOT_OUTCOME_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_MULTI_BOOT_OUTCOME_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), SysEncMultiBootCfgOutcome); - SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (MainDlg, IDC_PREV), TRUE); - break; - - - case VOLUME_TYPE_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("VOLUME_TYPE_TITLE")); - - SendMessage (GetDlgItem (hwndDlg, IDC_HIDDEN_VOL), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - SendMessage (GetDlgItem (hwndDlg, IDC_STD_VOL), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - - CheckButton (GetDlgItem (hwndDlg, bHiddenVol ? IDC_HIDDEN_VOL : IDC_STD_VOL)); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("HIDDEN_VOLUME_TYPE_HELP")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP_NORMAL_VOL), GetString ("NORMAL_VOLUME_TYPE_HELP")); - - ToHyperlink (hwndDlg, IDC_HIDDEN_VOL_HELP); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - - SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); - break; - - case HIDDEN_VOL_WIZARD_MODE_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("HIDDEN_VOL_WIZARD_MODE_TITLE")); - - SendMessage (GetDlgItem (hwndDlg, IDC_HIDVOL_WIZ_MODE_DIRECT), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - SendMessage (GetDlgItem (hwndDlg, IDC_HIDVOL_WIZ_MODE_FULL), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - - CheckButton (GetDlgItem (hwndDlg, bHiddenVolDirect ? IDC_HIDVOL_WIZ_MODE_DIRECT : IDC_HIDVOL_WIZ_MODE_FULL)); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("HIDDEN_VOL_WIZARD_MODE_NORMAL_HELP")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP2), GetString ("HIDDEN_VOL_WIZARD_MODE_DIRECT_HELP")); - - EnableWindow (GetDlgItem (hwndDlg, IDC_HIDVOL_WIZ_MODE_DIRECT), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_HIDVOL_WIZ_MODE_FULL), TRUE); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - - break; - - case VOLUME_LOCATION_PAGE: - { - char *nID; - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_SELECT_VOLUME_LOCATION), - GetString (bDevice ? "IDC_SELECT_DEVICE" : "IDC_SELECT_FILE")); - - if (bHiddenVolDirect && bHiddenVolHost) - { - nID = "FILE_HELP_HIDDEN_HOST_VOL_DIRECT"; - } - else - { - if (bDevice) - nID = bHiddenVolHost ? "DEVICE_HELP_HIDDEN_HOST_VOL" : "DEVICE_HELP"; - else - nID = bHiddenVolHost ? "FILE_HELP_HIDDEN_HOST_VOL" : "FILE_HELP"; - } - - SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_RESETCONTENT, 0, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_LIMITTEXT, TC_MAX_PATH, 0); - - LoadCombo (GetDlgItem (hwndDlg, IDC_COMBO_BOX), bHistory, FALSE, NULL); - - SendMessage (GetDlgItem (hwndDlg, IDC_NO_HISTORY), BM_SETCHECK, bHistory ? BST_UNCHECKED : BST_CHECKED, 0); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("FILE_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (nID)); - - SetFocus (GetDlgItem (hwndDlg, IDC_COMBO_BOX)); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - - AddComboItem (GetDlgItem (hwndDlg, IDC_COMBO_BOX), szFileName, bHistory); - - EnableDisableFileNext (GetDlgItem (hwndDlg, IDC_COMBO_BOX), - GetDlgItem (GetParent (hwndDlg), IDC_NEXT)); - - } - break; - - case DEVICE_TRANSFORM_MODE_PAGE: - - if (!bDeviceTransformModeChoiceMade && !bInPlaceEncNonSys) - { - // The user has not chosen whether to perform in-place encryption or format yet. - // We will preselect in-place encryption if the requirements are met and if the - // filesystem does not appear empty. - - WaitCursor(); - - if (CheckRequirementsForNonSysInPlaceEnc (hwndDlg, szDiskFile, TRUE)) - { - bInPlaceEncNonSys = (FileSystemAppearsEmpty (szDiskFile) == 0); - } - } - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("DEVICE_TRANSFORM_MODE_PAGE_TITLE")); - - SendMessage (GetDlgItem (hwndDlg, IDC_DEVICE_TRANSFORM_MODE_INPLACE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - SendMessage (GetDlgItem (hwndDlg, IDC_DEVICE_TRANSFORM_MODE_FORMAT), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("DEVICE_TRANSFORM_MODE_PAGE_FORMAT_HELP")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP2), GetString ("DEVICE_TRANSFORM_MODE_PAGE_INPLACE_HELP")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - - CheckButton (GetDlgItem (hwndDlg, bInPlaceEncNonSys ? IDC_DEVICE_TRANSFORM_MODE_INPLACE : IDC_DEVICE_TRANSFORM_MODE_FORMAT)); - - NormalCursor(); - - break; - - case HIDDEN_VOL_HOST_PRE_CIPHER_PAGE: - { - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("HIDVOL_HOST_PRE_CIPHER_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bHiddenOS ? "HIDVOL_HOST_PRE_CIPHER_HELP_SYSENC" : "HIDVOL_HOST_PRE_CIPHER_HELP")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - - if (bHiddenOS) - { - if (!GetDevicePathForHiddenOS()) - AbortProcess ("INVALID_PATH"); - } - } - break; - - case HIDDEN_VOL_PRE_CIPHER_PAGE: - { - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("HIDVOL_PRE_CIPHER_TITLE")); - - if (bHiddenOS) - { - // Verify whether the clone of the OS fits in the hidden volume (the hidden - // volume is to host a hidden OS). - if (nMaximumHiddenVolSize - TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE_HIGH < GetSystemPartitionSize()) - { - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("HIDDEN_VOLUME_TOO_SMALL_FOR_OS_CLONE")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("EXIT")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - - bConfirmQuit = FALSE; - bConfirmQuitSysEncPretest = FALSE; - } - else - { - // The hidden volume must be as large as the system partition - nVolumeSize = GetSystemPartitionSize() + TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE_HIGH; - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("HIDDEN_OS_PRE_CIPHER_HELP")); - } - } - else - { - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("HIDVOL_PRE_CIPHER_HELP")); - } - } - break; - - case CIPHER_PAGE: - { - int ea, hid; - wchar_t buf[100]; - - // Encryption algorithms - - SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_RESETCONTENT, 0, 0); - - if (bHiddenVol) - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVolHost ? "CIPHER_HIDVOL_HOST_TITLE" : "CIPHER_HIDVOL_TITLE")); - else - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("CIPHER_TITLE")); - - for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea)) - { - if (EAIsFormatEnabled (ea)) - AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX), EAGetName (buf, ea, 1), ea); - } - - SelectAlgo (GetDlgItem (hwndDlg, IDC_COMBO_BOX), &nVolumeEA); - ComboSelChangeEA (hwndDlg); - SetFocus (GetDlgItem (hwndDlg, IDC_COMBO_BOX)); - - ToHyperlink (hwndDlg, IDC_LINK_MORE_INFO_ABOUT_CIPHER); - - // Hash algorithms - - if (SysEncInEffect ()) - { - hash_algo = DEFAULT_HASH_ALGORITHM_BOOT; - RandSetHashFunction (hash_algo); - - for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) - { - // For now, we keep RIPEMD160 for system encryption - if (((hid == RIPEMD160) || !HashIsDeprecated (hid)) && HashForSystemEncryption (hid)) - AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), HashGetName(hid), hid); - } - } - else - { - hash_algo = RandGetHashFunction(); - for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) - { - if (!HashIsDeprecated (hid)) - AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), HashGetName(hid), hid); - } - } - - SelectAlgo (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), &hash_algo); - - ToHyperlink (hwndDlg, IDC_LINK_HASH_INFO); - - // Wizard buttons - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - } - break; - - case SIZE_PAGE: - { - wchar_t str[1000]; - - if (bHiddenVolHost) - { - StringCbCopyW (str, sizeof(str), GetString ("SIZE_HELP_HIDDEN_HOST_VOL")); - } - else - { - StringCbCopyW (str, sizeof(str), GetString (bHiddenVol ? "SIZE_HELP_HIDDEN_VOL" : "SIZE_HELP")); - } - - if (bDevice && !(bHiddenVol && !bHiddenVolHost)) // If raw device but not a hidden volume - { - StringCbPrintfW (str, sizeof str, L"%s%s", - GetString ((bHiddenOS && bHiddenVol) ? "SIZE_PARTITION_HIDDEN_SYSENC_HELP" : "SIZE_PARTITION_HELP"), - (bHiddenVolHost && !bHiddenOS) ? GetString ("SIZE_PARTITION_HIDDEN_VOL_HELP") : L""); - } - - SendMessage (GetDlgItem (hwndDlg, IDC_SPACE_LEFT), WM_SETFONT, (WPARAM) hBoldFont, (LPARAM) TRUE); - SendMessage (GetDlgItem (hwndDlg, IDC_SIZEBOX), EM_LIMITTEXT, 12, 0); - - if(!QueryFreeSpace (hwndDlg, GetDlgItem (hwndDlg, IDC_SPACE_LEFT), TRUE)) - { - nUIVolumeSize=0; - nVolumeSize=0; - SetWindowTextW (GetDlgItem (hwndDlg, IDC_SIZEBOX), GetString ("UNKNOWN")); - EnableWindow (GetDlgItem (hwndDlg, IDC_SIZEBOX), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_KB), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_MB), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_GB), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_TB), FALSE); - } - else if (bDevice && !(bHiddenVol && !bHiddenVolHost)) // If raw device but not a hidden volume - { - EnableWindow (GetDlgItem (hwndDlg, IDC_SIZEBOX), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_KB), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_MB), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_GB), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_TB), FALSE); - } - else - { - EnableWindow (GetDlgItem (hwndDlg, IDC_SIZEBOX), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_KB), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_MB), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_GB), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_TB), TRUE); - } - - SendMessage (GetDlgItem (hwndDlg, IDC_KB), BM_SETCHECK, BST_UNCHECKED, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_MB), BM_SETCHECK, BST_UNCHECKED, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_GB), BM_SETCHECK, BST_UNCHECKED, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_TB), BM_SETCHECK, BST_UNCHECKED, 0); - - switch (nMultiplier) - { - case BYTES_PER_KB: - SendMessage (GetDlgItem (hwndDlg, IDC_KB), BM_SETCHECK, BST_CHECKED, 0); - break; - case BYTES_PER_MB: - SendMessage (GetDlgItem (hwndDlg, IDC_MB), BM_SETCHECK, BST_CHECKED, 0); - break; - case BYTES_PER_GB: - SendMessage (GetDlgItem (hwndDlg, IDC_GB), BM_SETCHECK, BST_CHECKED, 0); - break; - case BYTES_PER_TB: - SendMessage (GetDlgItem (hwndDlg, IDC_TB), BM_SETCHECK, BST_CHECKED, 0); - break; - } - - if (nUIVolumeSize != 0) - { - wchar_t szTmp[32]; - StringCbPrintfW (szTmp, sizeof(szTmp), L"%I64u", nUIVolumeSize); - SetWindowText (GetDlgItem (hwndDlg, IDC_SIZEBOX), szTmp); - } - - SetFocus (GetDlgItem (hwndDlg, IDC_SIZEBOX)); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), str); - - if (bHiddenVol) - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVolHost ? "SIZE_HIDVOL_HOST_TITLE" : "SIZE_HIDVOL_TITLE")); - else - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SIZE_TITLE")); - - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - - VerifySizeAndUpdate (hwndDlg, FALSE); - } - break; - - case HIDDEN_VOL_HOST_PASSWORD_PAGE: - case NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE: - { - /* Populate the PRF algorithms list */ - int nIndex, i; - HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); - SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); - - nIndex = (int) SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); - - for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) - { - nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); - } - - /* make autodetection the default */ - SendMessage (hComboBox, CB_SETCURSEL, 0, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT), EM_LIMITTEXT, MAX_PASSWORD, 0); - - SetPassword (hwndDlg, IDC_PASSWORD_DIRECT, szRawPassword); - - SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT)); - - SendMessage (GetDlgItem (hwndDlg, IDC_PIM), EM_LIMITTEXT, MAX_PIM, 0); - SetPim (hwndDlg, IDC_PIM, volumePim); - - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_ENABLE), PimEnable? SW_HIDE : SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), PimEnable? SW_SHOW : SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), PimEnable? SW_SHOW : SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), PimEnable? SW_SHOW : SW_HIDE); - - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bInPlaceEncNonSys ? (bInPlaceEncNonSysResumed ? "NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE_HELP" : "NONSYS_INPLACE_DEC_PASSWORD_PAGE_HELP") : "PASSWORD_HIDDENVOL_HOST_DIRECT_HELP")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bInPlaceEncNonSys ? "PASSWORD" : "PASSWORD_HIDVOL_HOST_TITLE")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), !bInPlaceEncNonSys); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - } - - break; - - case PASSWORD_PAGE: - { - wchar_t str[1000]; - - hPasswordInputField = GetDlgItem (hwndDlg, IDC_PASSWORD); - hVerifyPasswordInputField = GetDlgItem (hwndDlg, IDC_VERIFY); - - if (SysEncInEffect ()) - { - ToBootPwdField (hwndDlg, IDC_PASSWORD); - ToBootPwdField (hwndDlg, IDC_VERIFY); - - StringCbPrintfW (OrigKeyboardLayout, sizeof(OrigKeyboardLayout), L"%08X", (DWORD) GetKeyboardLayout (NULL) & 0xFFFF); - - if ((DWORD) GetKeyboardLayout (NULL) != 0x00000409 && (DWORD) GetKeyboardLayout (NULL) != 0x04090409) - { - DWORD keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); - - if (keybLayout != 0x00000409 && keybLayout != 0x04090409) - { - Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", MainDlg); - EndMainDlg (MainDlg); - return 1; - } - bKeyboardLayoutChanged = TRUE; - } - - - if (SetTimer (MainDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0) - { - Error ("CANNOT_SET_TIMER", MainDlg); - EndMainDlg (MainDlg); - return 1; - } - } - - if (bHiddenVolHost) - { - StringCbCopyW (str, sizeof(str), GetString (bHiddenOS ? "PASSWORD_SYSENC_OUTERVOL_HELP" : "PASSWORD_HIDDENVOL_HOST_HELP")); - } - else if (bHiddenVol) - { - StringCbPrintfW (str, sizeof str, L"%s%s", - GetString (bHiddenOS ? "PASSWORD_HIDDEN_OS_HELP" : "PASSWORD_HIDDENVOL_HELP"), - GetString ("PASSWORD_HELP")); - } - else - { - StringCbCopyW (str, sizeof(str), GetString ("PASSWORD_HELP")); - } - - SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_VERIFY), EM_LIMITTEXT, MAX_PASSWORD, 0); - - SetPassword (hwndDlg, IDC_PASSWORD, szRawPassword); - SetPassword (hwndDlg, IDC_VERIFY, szVerify); - - SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD)); - - SetCheckBox (hwndDlg, IDC_PIM_ENABLE, PimEnable); - - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable && !SysEncInEffect()); - EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), KeyFilesEnable); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), str); - - if (CreatingHiddenSysVol()) - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PASSWORD_HIDDEN_OS_TITLE")); - else if (bHiddenVol) - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVolHost ? "PASSWORD_HIDVOL_HOST_TITLE" : "PASSWORD_HIDVOL_TITLE")); - else if (WizardMode == WIZARD_MODE_SYS_DEVICE) - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PASSWORD")); - else - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PASSWORD_TITLE")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - - VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (GetParent (hwndDlg), IDC_NEXT), - GetDlgItem (hwndDlg, IDC_PASSWORD), - GetDlgItem (hwndDlg, IDC_VERIFY), - NULL, - NULL, - KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect()); - volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); - - } - break; - - case PIM_PAGE: - { - SendMessage (GetDlgItem (hwndDlg, IDC_PIM), EM_LIMITTEXT, SysEncInEffect()? MAX_BOOT_PIM: MAX_PIM, 0); - if (volumePim > 0) - { - SetPim (hwndDlg, IDC_PIM, volumePim); - - PimValueChangedWarning = TRUE; - SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, GetString (SysEncInEffect ()? "PIM_SYSENC_CHANGE_WARNING" : "PIM_CHANGE_WARNING")); - } - - SetFocus (GetDlgItem (hwndDlg, IDC_PIM)); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (SysEncInEffect ()? "PIM_SYSENC_HELP" : "PIM_HELP")); - - ToHyperlink (hwndDlg, IDC_LINK_PIM_INFO); - - if (CreatingHiddenSysVol()) - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PIM_HIDDEN_OS_TITLE")); - else if (bHiddenVol) - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVolHost ? "PIM_HIDVOL_HOST_TITLE" : "PIM_HIDVOL_TITLE")); - else if (WizardMode == WIZARD_MODE_SYS_DEVICE) - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PIM")); - else - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PIM_TITLE")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - } - break; - - case FILESYS_PAGE: - { - wchar_t szTmp[8192]; - - Init2RadButtonPageYesNo (nNeedToStoreFilesOver4GB); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("FILESYS_PAGE_TITLE")); - - StringCbCopyW (szTmp, sizeof(szTmp), GetString ("FILESYS_PAGE_HELP_QUESTION")); - - if (bHiddenVolHost) - StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); - else - { - StringCbCatW (szTmp, sizeof(szTmp), L"\n\n\n"); - StringCbCatW (szTmp, sizeof(szTmp), GetString ("NOTE_BEGINNING")); - } - - StringCbCatW (szTmp, sizeof(szTmp), GetString ("FILESYS_PAGE_HELP_EXPLANATION")); - - if (bHiddenVolHost) - { - StringCbCatW (szTmp, sizeof(szTmp), L" "); - StringCbCatW (szTmp, sizeof(szTmp), GetString ("FILESYS_PAGE_HELP_EXPLANATION_HIDVOL")); - } - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), szTmp); - } - break; - - case SYSENC_COLLECTING_RANDOM_DATA_PAGE: - case NONSYS_INPLACE_ENC_RAND_DATA_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("COLLECTING_RANDOM_DATA_TITLE")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - - mouseEntropyGathered = 0xFFFFFFFF; - mouseEventsInitialCount = 0; - bUseMask = FALSE; - { - HCRYPTPROV hRngProv; - if (CryptAcquireContext (&hRngProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) - { - if (CryptGenRandom (hRngProv, sizeof (maskRandPool), maskRandPool)) - bUseMask = TRUE; - CryptReleaseContext (hRngProv, 0); - } - } - - SetTimer (GetParent (hwndDlg), TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL); - - hRandPoolSys = GetDlgItem (hwndDlg, IDC_SYS_POOL_CONTENTS); - hEntropyBar = GetDlgItem (hwndDlg, IDC_ENTROPY_BAR); - SendMessage (hEntropyBar, PBM_SETRANGE32, 0, maxEntropyLevel); - SendMessage (hEntropyBar, PBM_SETSTEP, 1, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_SYS_POOL_CONTENTS), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); - - SendMessage (GetDlgItem (hwndDlg, IDC_DISPLAY_POOL_CONTENTS), BM_SETCHECK, showKeys ? BST_CHECKED : BST_UNCHECKED, 0); - - DisplayRandPool (hwndDlg, hRandPoolSys, showKeys); - - break; - - case SYSENC_KEYS_GEN_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("KEYS_GEN_TITLE")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - - hMasterKey = GetDlgItem (hwndDlg, IDC_DISK_KEY); - hHeaderKey = GetDlgItem (hwndDlg, IDC_HEADER_KEY); - - SendMessage (GetDlgItem (hwndDlg, IDC_DISK_KEY), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); - SendMessage (GetDlgItem (hwndDlg, IDC_HEADER_KEY), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); - - SendMessage (GetDlgItem (hwndDlg, IDC_DISPLAY_KEYS), BM_SETCHECK, showKeys ? BST_CHECKED : BST_UNCHECKED, 0); - - DisplayPortionsOfKeys (hHeaderKey, hMasterKey, HeaderKeyGUIView, MasterKeyGUIView, !showKeys); - - break; - - case SYSENC_RESCUE_DISK_CREATION_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("RESCUE_DISK")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (hwndDlg, IDT_RESCUE_DISK_INFO), GetString ("RESCUE_DISK_INFO")); - SetDlgItemText (hwndDlg, IDC_RESCUE_DISK_ISO_PATH, szRescueDiskISO); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), (GetWindowTextLength (GetDlgItem (hwndDlg, IDC_RESCUE_DISK_ISO_PATH)) > 1)); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - SetCheckBox (hCurPage, IDC_SKIP_RESCUE_VERIFICATION, bDontVerifyRescueDisk); - - break; - - case SYSENC_RESCUE_DISK_BURN_PAGE: - { - wchar_t szTmp[8192]; - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bDontVerifyRescueDisk ? "RESCUE_DISK_CREATED_TITLE" : "RESCUE_DISK_RECORDING_TITLE")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - - StringCbPrintfW (szTmp, sizeof szTmp, - GetString (bDontVerifyRescueDisk ? "RESCUE_DISK_BURN_INFO_NO_CHECK" : "RESCUE_DISK_BURN_INFO"), - szRescueDiskISO, IsWindowsIsoBurnerAvailable() ? L"" : GetString ("RESCUE_DISK_BURN_INFO_NONWIN_ISO_BURNER")); - - SetWindowTextW (GetDlgItem (hwndDlg, IDT_RESCUE_DISK_BURN_INFO), szTmp); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - - /* The 'Back' button must be disabled now because the user could burn a Rescue Disk, then go back, and - generate a different master key, which would cause the Rescue Disk verification to fail (the result - would be confusion and bug reports). */ - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - - if (IsWindowsIsoBurnerAvailable()) - SetWindowTextW (GetDlgItem (hwndDlg, IDC_DOWNLOAD_CD_BURN_SOFTWARE), GetString ("LAUNCH_WIN_ISOBURN")); - - ToHyperlink (hwndDlg, IDC_DOWNLOAD_CD_BURN_SOFTWARE); - - if (IsWindowsIsoBurnerAvailable() && !bDontVerifyRescueDisk) - LaunchWindowsIsoBurner (hwndDlg, szRescueDiskISO); - } - break; - - case SYSENC_RESCUE_DISK_VERIFIED_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("RESCUE_DISK_DISK_VERIFIED_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("RESCUE_DISK_VERIFIED_INFO")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - - // Rescue Disk has been verified, no need to go back - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - - // Prevent losing the burned rescue disk by inadvertent exit - bConfirmQuit = TRUE; - - break; - - case SYSENC_WIPE_MODE_PAGE: - case NONSYS_INPLACE_ENC_WIPE_MODE_PAGE: - { - if (nWipeMode == TC_WIPE_1_RAND) - nWipeMode = TC_WIPE_NONE; - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("WIPE_MODE_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDT_WIPE_MODE_INFO), GetString ("INPLACE_ENC_WIPE_MODE_INFO")); - - PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), - SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING && !bInPlaceEncNonSys, - TRUE, - FALSE); - - SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - } - break; - - case SYSENC_PRETEST_INFO_PAGE: - - if (bHiddenOS) - { - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("HIDDEN_OS_CREATION_PREINFO_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("HIDDEN_OS_CREATION_PREINFO_HELP")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("START")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - } - else - { - wchar_t finalMsg[8024] = {0}; - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYS_ENCRYPTION_PRETEST_TITLE")); - - try - { - StringCbPrintfW (finalMsg, sizeof(finalMsg), - GetString ("SYS_ENCRYPTION_PRETEST_INFO"), - BootEncObj->GetSystemDriveConfiguration().DriveNumber); - } - catch (Exception &e) - { - e.Show (hwndDlg); - EndMainDlg (MainDlg); - return 0; - } - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), finalMsg); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("TEST")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - } - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - - break; - - case SYSENC_PRETEST_RESULT_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYS_ENCRYPTION_PRETEST_RESULT_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYS_ENCRYPTION_PRETEST_RESULT_INFO")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("ENCRYPT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("DEFER")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); - - break; - - case SYSENC_ENCRYPTION_PAGE: - - if (CreateSysEncMutex ()) - { - try - { - BootEncStatus = BootEncObj->GetStatus(); - bSystemEncryptionInProgress = BootEncStatus.SetupInProgress; - } - catch (Exception &e) - { - e.Show (hwndDlg); - Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); - EndMainDlg (MainDlg); - return 0; - } - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), - GetString (SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING ? "ENCRYPTION" : "DECRYPTION")); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_ENCRYPTION_PAGE_INFO")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("DEFER")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), - GetString (SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING ? "ENCRYPT" : "DECRYPT")); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_PAUSE), - GetString (bSystemEncryptionInProgress ? "IDC_PAUSE" : "RESUME")); - - EnableWindow (GetDlgItem (hwndDlg, IDC_PAUSE), BootEncStatus.DriveEncrypted); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), !BootEncStatus.SetupInProgress); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE); - - ToHyperlink (hwndDlg, IDC_MORE_INFO_SYS_ENCRYPTION); - - if (SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING) - { - nWipeMode = TC_WIPE_NONE; - EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDT_WIPE_MODE), FALSE); - PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), TRUE, TRUE, FALSE); - SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode); - } - else - { - EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_MODE), !bSystemEncryptionInProgress); - PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, TRUE, FALSE); - SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode); - } - - PostMessage (hwndDlg, TC_APPMSG_PERFORM_POST_SYSENC_WMINIT_TASKS, 0, 0); - } - else - { - Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); - EndMainDlg (MainDlg); - return 0; - } - return 0; - - case NONSYS_INPLACE_ENC_RESUME_PARTITION_SEL_PAGE: - - { - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("FILE_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("NONSYS_INPLACE_ENC_RESUME_VOL_SELECT_HELP")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); - - foreach (const HostDevice &device, DeferredNonSysInPlaceEncDevices) - { - SendMessage (GetDlgItem (hwndDlg, IDC_LIST_BOX), LB_ADDSTRING, 0, (LPARAM) device.Path.c_str()); - } - - // Deselect all - SendMessage (GetDlgItem (hwndDlg, IDC_LIST_BOX), LB_SETCURSEL, (WPARAM) -1, 0); - } - - break; - - case NONSYS_INPLACE_ENC_TRANSFORM_PAGE: - - if (bInPlaceEncNonSysResumed) - { - WipeAlgorithmId savedWipeAlgorithm = TC_WIPE_NONE; - - if (LoadNonSysInPlaceEncSettings (&savedWipeAlgorithm) != 0) - nWipeMode = savedWipeAlgorithm; - } - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bInPlaceDecNonSys ? "DECRYPTION" : "ENCRYPTION")); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bInPlaceDecNonSys ? "NONSYS_INPLACE_DEC_DECRYPTION_PAGE_INFO" : "NONSYS_INPLACE_ENC_ENCRYPTION_PAGE_INFO")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString (bInPlaceEncNonSysResumed ? "DEFER" : "CANCEL")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString (bInPlaceEncNonSysResumed ? "RESUME" : (bInPlaceDecNonSys ? "DECRYPT" : "ENCRYPT"))); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_PAUSE), GetString ("IDC_PAUSE")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), !bInPlaceEncNonSysResumed && !bInPlaceDecNonSys); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PAUSE), FALSE); - - ShowWindow (GetDlgItem (hwndDlg, IDC_MORE_INFO_SYS_ENCRYPTION), SW_HIDE); - - if (bInPlaceDecNonSys) - { - ShowWindow(GetDlgItem(hwndDlg, IDT_FORMAT_OPTIONS), SW_HIDE); - ShowWindow(GetDlgItem(hwndDlg, IDT_WIPE_MODE), SW_HIDE); - ShowWindow(GetDlgItem(hwndDlg, IDC_WIPE_MODE), SW_HIDE); - } - else - { - EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_MODE), TRUE); - PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, TRUE, FALSE); - SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode); - } - - break; - - case NONSYS_INPLACE_ENC_TRANSFORM_FINISHED_PAGE: - - bConfirmQuit = FALSE; - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bInPlaceDecNonSys ? "NONSYS_INPLACE_DEC_FINISHED_TITLE" : "NONSYS_INPLACE_ENC_FINISHED_TITLE")); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bInPlaceDecNonSys ? "NONSYS_INPLACE_DEC_FINISHED_INFO" : "NONSYS_INPLACE_ENC_FINISHED_INFO")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("FINALIZE")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("EXIT")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), FALSE); - - break; - - case NONSYS_INPLACE_DEC_TRANSFORM_FINISHED_DRIVE_LETTER_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("NONSYS_INPLACE_DEC_FINISHED_TITLE")); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("NONSYS_INPLACE_DEC_FINISHED_DRIVE_LETTER_SEL_INFO")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("FINALIZE")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); - - // The Cancel button and the X button must be disabled to prevent the user from forgetting to assign a drive letter to the partition by closing - // the window accidentally or clicking Cancel. The user is forced to click Finish to assign at least the pre-selected free drive letter. - // This is critical because inexperienced users would not know how to access data on the decrypted volume without a drive letter. - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), FALSE); - DisableCloseButton (MainDlg); - bConfirmQuit = TRUE; // Alt-F4 will still work but the user will be prompted to confirm the action. - - // Decryption of non-system volume finished, no drive letter is assigned to the decrypted volume, and free drive letters are available. - // This is critical because inexperienced users would not know how to access data on the decrypted volume. We cannot allow exit - // until a drive letter is freed up and assigned to the decrypted volume. - - while (GetFirstAvailableDrive () == -1) - { - Error ("NONSYS_INPLACE_DEC_FINISHED_NO_DRIVE_LETTER_AVAILABLE", hwndDlg); - } - - // Populate the combobox with free drive letters - { - DWORD dwUsedDrives = GetUsedLogicalDrives(); - wchar_t szDriveLetter[] = {L' ', L':', 0 }; - int i; - - for (i = 0; i < 26; i++) - { - if (!(dwUsedDrives & 1 << i)) - { - // Add - szDriveLetter [0] = (wchar_t) (i + L'A'); - AddComboPair (GetDlgItem (hCurPage, IDC_DRIVE_LETTER_LIST), szDriveLetter, i); - } - } - } - SendMessage (GetDlgItem (hwndDlg, IDC_DRIVE_LETTER_LIST), CB_SETCURSEL, 0, 0); - break; - - case FORMAT_PAGE: - { - BOOL bNTFSallowed = FALSE; - BOOL bFATallowed = FALSE; - BOOL bEXFATallowed = FALSE; - BOOL bNoFSallowed = FALSE; - HCRYPTPROV hRngProv; - - mouseEntropyGathered = 0xFFFFFFFF; - mouseEventsInitialCount = 0; - bUseMask = FALSE; - if (CryptAcquireContext (&hRngProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) - { - if (CryptGenRandom (hRngProv, sizeof (maskRandPool), maskRandPool)) - bUseMask = TRUE; - CryptReleaseContext (hRngProv, 0); - } - - SetTimer (GetParent (hwndDlg), TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL); - - hMasterKey = GetDlgItem (hwndDlg, IDC_DISK_KEY); - hHeaderKey = GetDlgItem (hwndDlg, IDC_HEADER_KEY); - hRandPool = GetDlgItem (hwndDlg, IDC_RANDOM_BYTES); - hEntropyBar = GetDlgItem (hwndDlg, IDC_ENTROPY_BAR); - SendMessage (hEntropyBar, PBM_SETRANGE32, 0, maxEntropyLevel); - SendMessage (hEntropyBar, PBM_SETSTEP, 1, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_RANDOM_BYTES), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); - SendMessage (GetDlgItem (hwndDlg, IDC_DISK_KEY), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); - SendMessage (GetDlgItem (hwndDlg, IDC_HEADER_KEY), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), - GetString (bHiddenVolHost ? "FORMAT_HIDVOL_HOST_HELP" : "FORMAT_HELP")); - - if (bHiddenVol) - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVolHost ? "FORMAT_HIDVOL_HOST_TITLE" : "FORMAT_HIDVOL_TITLE")); - else - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("FORMAT_TITLE")); - - /* Quick/Dynamic */ - - if (bHiddenVol) - { - quickFormat = !bHiddenVolHost; - bSparseFileSwitch = FALSE; - - SetCheckBox (hwndDlg, IDC_QUICKFORMAT, quickFormat); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_QUICKFORMAT), GetString ((bDevice || !bHiddenVolHost) ? "IDC_QUICKFORMAT" : "SPARSE_FILE")); - EnableWindow (GetDlgItem (hwndDlg, IDC_QUICKFORMAT), bDevice && bHiddenVolHost); - } - else - { - if (bDevice) - { - bSparseFileSwitch = FALSE; - SetWindowTextW (GetDlgItem (hwndDlg, IDC_QUICKFORMAT), GetString("IDC_QUICKFORMAT")); - EnableWindow (GetDlgItem (hwndDlg, IDC_QUICKFORMAT), TRUE); - } - else - { - wchar_t root[TC_MAX_PATH]; - DWORD fileSystemFlags = 0; - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_QUICKFORMAT), GetString("SPARSE_FILE")); - - /* Check if the host file system supports sparse files */ - - if (GetVolumePathName (szFileName, root, array_capacity (root))) - { - GetVolumeInformation (root, NULL, 0, NULL, NULL, &fileSystemFlags, NULL, 0); - bSparseFileSwitch = fileSystemFlags & FILE_SUPPORTS_SPARSE_FILES; - } - else - bSparseFileSwitch = FALSE; - - EnableWindow (GetDlgItem (hwndDlg, IDC_QUICKFORMAT), bSparseFileSwitch); - } - } - - SendMessage (GetDlgItem (hwndDlg, IDC_SHOW_KEYS), BM_SETCHECK, showKeys ? BST_CHECKED : BST_UNCHECKED, 0); - SetWindowText (GetDlgItem (hwndDlg, IDC_RANDOM_BYTES), showKeys ? L"" : L"******************************** "); - SetWindowText (GetDlgItem (hwndDlg, IDC_HEADER_KEY), showKeys ? L"" : L"******************************** "); - SetWindowText (GetDlgItem (hwndDlg, IDC_DISK_KEY), showKeys ? L"" : L"******************************** "); - - SendMessage (GetDlgItem (hwndDlg, IDC_CLUSTERSIZE), CB_RESETCONTENT, 0, 0); - AddComboPair (GetDlgItem (hwndDlg, IDC_CLUSTERSIZE), GetString ("DEFAULT"), 0); - - for (int i = 1; i <= 128; i *= 2) - { - wstringstream s; - DWORD size = GetFormatSectorSize() * i; - - if (size > TC_MAX_FAT_CLUSTER_SIZE) - break; - - if (size == 512) - s << L"0.5"; - else - s << size / BYTES_PER_KB; - - s << L" " << GetString ("KB"); - - AddComboPair (GetDlgItem (hwndDlg, IDC_CLUSTERSIZE), s.str().c_str(), i); - } - - SendMessage (GetDlgItem (hwndDlg, IDC_CLUSTERSIZE), CB_SETCURSEL, 0, 0); - - EnableWindow (GetDlgItem (hwndDlg, IDC_CLUSTERSIZE), TRUE); - - /* Filesystems */ - - bNTFSallowed = FALSE; - bFATallowed = FALSE; - bNoFSallowed = FALSE; - - SendMessage (GetDlgItem (hwndDlg, IDC_FILESYS), CB_RESETCONTENT, 0, 0); - - EnableWindow (GetDlgItem (hwndDlg, IDC_FILESYS), TRUE); - - uint64 dataAreaSize = GetVolumeDataAreaSize (bHiddenVol && !bHiddenVolHost, nVolumeSize); - - if (!CreatingHiddenSysVol()) - { - if (dataAreaSize >= TC_MIN_NTFS_FS_SIZE && dataAreaSize <= TC_MAX_NTFS_FS_SIZE) - { - AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), L"NTFS", FILESYS_NTFS); - bNTFSallowed = TRUE; - } - - if (dataAreaSize >= TC_MIN_FAT_FS_SIZE && dataAreaSize <= TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize()) - { - AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), L"FAT", FILESYS_FAT); - bFATallowed = TRUE; - } - - //exFAT support added starting from Vista SP1 - if (IsOSVersionAtLeast (WIN_VISTA, 1) && dataAreaSize >= TC_MIN_EXFAT_FS_SIZE && dataAreaSize <= TC_MAX_EXFAT_FS_SIZE) - { - AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), L"exFAT", FILESYS_EXFAT); - bEXFATallowed = TRUE; - } - } - else - { - // We're creating a hidden volume for a hidden OS, so we don't need to format it with - // any filesystem (the entire OS will be copied to the hidden volume sector by sector). - EnableWindow (GetDlgItem (hwndDlg, IDC_FILESYS), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_CLUSTERSIZE), FALSE); - } - - if (!bHiddenVolHost) - { - AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), GetString ("NONE"), FILESYS_NONE); - bNoFSallowed = TRUE; - } - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - - if (fileSystem == FILESYS_NONE) // If no file system has been previously selected - { - // Set default file system - - if (bFATallowed && !(nNeedToStoreFilesOver4GB == 1 && (bNTFSallowed || bEXFATallowed))) - fileSystem = FILESYS_FAT; - else if (bEXFATallowed) - fileSystem = FILESYS_EXFAT; - else if (bNTFSallowed) - fileSystem = FILESYS_NTFS; - else if (bNoFSallowed) - fileSystem = FILESYS_NONE; - else - { - AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), L"---", 0); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); - } - } - - SendMessage (GetDlgItem (hwndDlg, IDC_FILESYS), CB_SETCURSEL, 0, 0); - SelectAlgo (GetDlgItem (hwndDlg, IDC_FILESYS), (int *) &fileSystem); - - EnableWindow (GetDlgItem (hwndDlg, IDC_ABORT_BUTTON), FALSE); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("FORMAT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - - SetFocus (GetDlgItem (GetParent (hwndDlg), IDC_NEXT)); - } - break; - - case FORMAT_FINISHED_PAGE: - { - if (!bHiddenVolHost && bHiddenVol && !bHiddenVolFinished) - { - wchar_t msg[4096]; - - nNeedToStoreFilesOver4GB = -1; - - if (bHiddenOS) - { - wchar_t szMaxRecomOuterVolFillSize[100]; - - __int64 maxRecomOuterVolFillSize = 0; - - // Determine the maximum recommended total size of files that can be copied to the outer volume - // while leaving enough space for the hidden volume, which must contain a clone of the OS - - maxRecomOuterVolFillSize = nVolumeSize - GetSystemPartitionSize(); - - // -50% reserve for filesystem "peculiarities" - maxRecomOuterVolFillSize /= 2; - - StringCbPrintfW (szMaxRecomOuterVolFillSize, sizeof(szMaxRecomOuterVolFillSize), L"%I64d %s", maxRecomOuterVolFillSize / BYTES_PER_MB, GetString ("MB")); - - StringCbPrintfW (msg, sizeof(msg), GetString ("HIDVOL_HOST_FILLING_HELP_SYSENC"), hiddenVolHostDriveNo + 'A', szMaxRecomOuterVolFillSize); - } - else - StringCbPrintfW (msg, sizeof(msg), GetString ("HIDVOL_HOST_FILLING_HELP"), hiddenVolHostDriveNo + 'A'); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), msg); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("HIDVOL_HOST_FILLING_TITLE")); - } - else - { - if (bHiddenOS) - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_HIDDEN_VOL_FORMAT_FINISHED_HELP")); - else - { - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bInPlaceEncNonSys ? "NONSYS_INPLACE_ENC_FINISHED_INFO" : "FORMAT_FINISHED_HELP")); - bConfirmQuit = FALSE; - } - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVol ? "HIDVOL_FORMAT_FINISHED_TITLE" : "FORMAT_FINISHED_TITLE")); - } - - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), (!bHiddenVol || bHiddenVolFinished) && !bHiddenOS && !bInPlaceEncNonSys); - - if ((!bHiddenVol || bHiddenVolFinished) && !bHiddenOS) - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("EXIT")); - } - break; - - case SYSENC_HIDDEN_OS_INITIAL_INFO_PAGE: - - if (!IsHiddenOSRunning() || !bHiddenOS) - { - ReportUnexpectedState (SRC_POS); - EndMainDlg (MainDlg); - return 0; - } - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_HIDDEN_OS_INITIAL_INFO_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("FIRST_HIDDEN_OS_BOOT_INFO")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("DEFER")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); - break; - - case SYSENC_HIDDEN_OS_WIPE_INFO_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_HIDDEN_OS_WIPE_INFO_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_HIDDEN_OS_WIPE_INFO")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - - break; - - case DEVICE_WIPE_MODE_PAGE: - - if (nWipeMode == TC_WIPE_NONE) - nWipeMode = TC_WIPE_1_RAND; - - if (bHiddenOS && IsHiddenOSRunning()) - { - // Decoy system partition wipe - - WipeAbort(); // In case the GUI previously crashed and the driver is still wiping - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); - } - else - { - // Regular device wipe (not decoy system partition wipe) - - // Title bar - SetWindowText (MainDlg, _T(TC_APP_NAME)); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - } - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("WIPE_MODE_TITLE")); - SetWindowTextW (GetDlgItem (hwndDlg, IDT_WIPE_MODE_INFO), GetString ("WIPE_MODE_INFO")); - - PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, FALSE, TRUE); - - SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); - - break; - - case DEVICE_WIPE_PAGE: - - if (bHiddenOS && IsHiddenOSRunning()) - { - // Decoy system partition wipe - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("DEVICE_WIPE_PAGE_INFO_HIDDEN_OS")); - } - else - { - // Regular device wipe (not decoy system partition wipe) - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("DEVICE_WIPE_PAGE_INFO")); - } - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("DEVICE_WIPE_PAGE_TITLE")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("WIPE")); - SetWindowTextW (GetDlgItem (hCurPage, IDC_WIPE_MODE), (wstring (L" ") + GetWipeModeName (nWipeMode)).c_str()); - - EnableWindow (GetDlgItem (hwndDlg, IDC_ABORT_BUTTON), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - - break; - } - return 0; - - case WM_HELP: - OpenPageHelp (GetParent (hwndDlg), nCurPageNo); - return 1; - - case TC_APPMSG_PERFORM_POST_SYSENC_WMINIT_TASKS: - AfterSysEncProgressWMInitTasks (hwndDlg); - return 1; - - case WM_CTLCOLORSTATIC: - { - if (PimValueChangedWarning && ((HWND)lParam == GetDlgItem(hwndDlg, IDC_PIM_HELP)) ) - { - // we're about to draw the static - // set the text colour in (HDC)lParam - SetBkMode((HDC)wParam,TRANSPARENT); - SetTextColor((HDC)wParam, RGB(255,0,0)); - // NOTE: per documentation as pointed out by selbie, GetSolidBrush would leak a GDI handle. - return (BOOL)GetSysColorBrush(COLOR_MENU); - } - } - return 0; - - case WM_COMMAND: - - if (nCurPageNo == INTRO_PAGE) - { - switch (lw) - { - case IDC_FILE_CONTAINER: - UpdateWizardModeControls (hwndDlg, WIZARD_MODE_FILE_CONTAINER); - return 1; - - case IDC_NONSYS_DEVICE: - UpdateWizardModeControls (hwndDlg, WIZARD_MODE_NONSYS_DEVICE); - return 1; - - case IDC_SYS_DEVICE: - UpdateWizardModeControls (hwndDlg, WIZARD_MODE_SYS_DEVICE); - return 1; - - case IDC_MORE_INFO_ON_CONTAINERS: - Applink ("introcontainer", TRUE, ""); - return 1; - - case IDC_MORE_INFO_ON_SYS_ENCRYPTION: - Applink ("introsysenc", TRUE, ""); - return 1; - } - } - - if (nCurPageNo == SYSENC_TYPE_PAGE) - { - switch (lw) - { - case IDC_SYSENC_HIDDEN: - bHiddenOS = TRUE; - bHiddenVol = TRUE; - bHiddenVolHost = TRUE; - return 1; - - case IDC_SYSENC_NORMAL: - bHiddenOS = FALSE; - bHiddenVol = FALSE; - bHiddenVolHost = FALSE; - return 1; - - case IDC_HIDDEN_SYSENC_INFO_LINK: - Applink ("hiddensysenc", TRUE, ""); - return 1; - } - } - - if (nCurPageNo == SYSENC_HIDDEN_OS_REQ_CHECK_PAGE && lw == IDC_HIDDEN_SYSENC_INFO_LINK) - { - Applink ("hiddensysenc", TRUE, ""); - return 1; - } - - if (nCurPageNo == SYSENC_SPAN_PAGE) - { - switch (lw) - { - case IDC_WHOLE_SYS_DRIVE: - bWholeSysDrive = TRUE; - return 1; - case IDC_SYS_PARTITION: - bWholeSysDrive = FALSE; - return 1; - } - - } - - if (nCurPageNo == SYSENC_MULTI_BOOT_MODE_PAGE) - { - switch (lw) - { - case IDC_SINGLE_BOOT: - nMultiBoot = 1; - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - return 1; - case IDC_MULTI_BOOT: - nMultiBoot = 2; - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - return 1; - } - } - - // Dual choice pages - switch (nCurPageNo) - { - case SYSENC_MULTI_BOOT_SYS_EQ_BOOT_PAGE: - case SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_PAGE: - case SYSENC_MULTI_BOOT_ADJACENT_SYS_PAGE: - case SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE: - case SYSENC_PRE_DRIVE_ANALYSIS_PAGE: - - if (lw == IDC_CHOICE1 || lw == IDC_CHOICE2) - { - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - return 1; - } - break; - } - - if (nCurPageNo == FILESYS_PAGE && (lw == IDC_CHOICE1 || lw == IDC_CHOICE2)) - { - if (bWarnOuterVolSuitableFileSys && lw == IDC_CHOICE1 && bHiddenVolHost) - { - wchar_t szTmp [4096]; - - bWarnOuterVolSuitableFileSys = FALSE; // Do not show this warning anymore (this also prevents potential endless repetition due to some race conditions) - - StringCbCopyW (szTmp, sizeof(szTmp), GetString ("FILESYS_PAGE_HELP_EXPLANATION_HIDVOL")); - StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); - StringCbCatW (szTmp, sizeof(szTmp), GetString ("FILESYS_PAGE_HELP_EXPLANATION_HIDVOL_CONFIRM")); - - if (MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON2) == IDNO) - { - nNeedToStoreFilesOver4GB = 0; - Init2RadButtonPageYesNo (nNeedToStoreFilesOver4GB); - } - } - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - return 1; - } - - if (lw == IDC_HIDDEN_VOL && nCurPageNo == VOLUME_TYPE_PAGE) - { - bHiddenVol = TRUE; - bHiddenVolHost = TRUE; - bInPlaceEncNonSys = FALSE; - return 1; - } - - if (lw == IDC_STD_VOL && nCurPageNo == VOLUME_TYPE_PAGE) - { - bHiddenVol = FALSE; - bHiddenVolHost = FALSE; - return 1; - } - - if (nCurPageNo == SYSENC_ENCRYPTION_PAGE) - { - BootEncryptionStatus locBootEncStatus; - - switch (lw) - { - case IDC_PAUSE: - try - { - locBootEncStatus = BootEncObj->GetStatus(); - - if (locBootEncStatus.SetupInProgress) - SysEncPause (); - else - SysEncResume (); - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - return 1; - - case IDC_WIPE_MODE: - if (hw == CBN_SELCHANGE) - { - nWipeMode = (WipeAlgorithmId) SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE), - CB_GETITEMDATA, - SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0), - 0); - - return 1; - } - break; - - case IDC_MORE_INFO_SYS_ENCRYPTION: - Applink ("sysencprogressinfo", TRUE, ""); - return 1; - } - } - - if (bInPlaceEncNonSys) - { - switch (nCurPageNo) - { - case NONSYS_INPLACE_ENC_RESUME_PARTITION_SEL_PAGE: - - if (lw == IDC_LIST_BOX - && (hw == LBN_SELCHANGE || hw == LBN_DBLCLK)) - { - BOOL tmpbDevice = FALSE; - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); - - int selPartitionItemId = (int) SendMessage (GetDlgItem (hwndDlg, IDC_LIST_BOX), LB_GETCURSEL, 0, 0); - - if (selPartitionItemId == LB_ERR) - { - // Deselect all - SendMessage (GetDlgItem (hwndDlg, IDC_LIST_BOX), LB_SETCURSEL, (WPARAM) -1, 0); - - SetFocus (GetDlgItem (MainDlg, IDC_NEXT)); - return 1; - } - - SetFocus (GetDlgItem (MainDlg, IDC_NEXT)); - - StringCbCopyW (szFileName, sizeof(szFileName), DeferredNonSysInPlaceEncDevices [selPartitionItemId].Path.c_str()); - CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szFileName, &tmpbDevice); - - nVolumeSize = GetDeviceSize (szDiskFile); - if (nVolumeSize == -1) - { - handleWin32Error (MainDlg, SRC_POS); - return 1; - } - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - - return 1; - } - break; - - case NONSYS_INPLACE_ENC_TRANSFORM_PAGE: - { - switch (lw) - { - case IDC_PAUSE: - - // Pause/resume non-system in-place encryption - - if (bVolTransformThreadRunning || bVolTransformThreadToRun) - { - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), FALSE); - NonSysInplaceEncPause (); - } - else - NonSysInplaceEncResume (); - - return 1; - - case IDC_WIPE_MODE: - if (hw == CBN_SELCHANGE) - { - nWipeMode = (WipeAlgorithmId) SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE), - CB_GETITEMDATA, - SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0), - 0); - - return 1; - } - break; - } - } - break; - } - } - - - if (lw == IDC_OPEN_OUTER_VOLUME && nCurPageNo == FORMAT_FINISHED_PAGE) - { - OpenVolumeExplorerWindow (hiddenVolHostDriveNo); - return 1; - } - - if (lw == IDC_HIDDEN_VOL_HELP && nCurPageNo == VOLUME_TYPE_PAGE) - { - Applink ("hiddenvolume", TRUE, ""); - return 1; - } - - if (lw == IDC_ABORT_BUTTON && nCurPageNo == FORMAT_PAGE) - { - if (MessageBoxW (hwndDlg, GetString ("FORMAT_ABORT"), lpszTitle, MB_YESNO | MB_ICONQUESTION | MB_DEFBUTTON2 ) == IDYES) - bVolTransformThreadCancel = TRUE; - return 1; - } - - if (lw == IDC_CIPHER_TEST && nCurPageNo == CIPHER_PAGE) - { - LPARAM nIndex; - int c; - - nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0); - nVolumeEA = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0); - - for (c = EAGetLastCipher (nVolumeEA); c != 0; c = EAGetPreviousCipher (nVolumeEA, c)) - { - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_CIPHER_TEST_DLG), - GetParent (hwndDlg), (DLGPROC) CipherTestDialogProc, (LPARAM) c); - } - return 1; - } - - if (lw == IDC_BENCHMARK && nCurPageNo == CIPHER_PAGE) - { - // Reduce CPU load - bFastPollEnabled = FALSE; - bRandmixEnabled = FALSE; - - DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_BENCHMARK_DLG), hwndDlg, - (DLGPROC) BenchmarkDlgProc, (LPARAM) NULL); - - bFastPollEnabled = TRUE; - bRandmixEnabled = TRUE; - - return 1; - } - - if (lw == IDC_LINK_MORE_INFO_ABOUT_CIPHER && nCurPageNo == CIPHER_PAGE) - { - wchar_t name[100]; - - int nIndex = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0); - nIndex = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0); - EAGetName (name, nIndex, 0); - - if (wcscmp (name, L"AES") == 0) - Applink ("aes", FALSE, ""); - else if (wcscmp (name, L"Serpent") == 0) - Applink ("serpent", FALSE, ""); - else if (wcscmp (name, L"Twofish") == 0) - Applink ("twofish", FALSE, ""); - else if (EAGetCipherCount (nIndex) > 1) - Applink ("cascades", TRUE, ""); - - return 1; - } - - if (lw == IDC_LINK_HASH_INFO && nCurPageNo == CIPHER_PAGE) - { - Applink ("hashalgorithms", TRUE, ""); - return 1; - } - - if (lw == IDC_LINK_PIM_INFO && nCurPageNo == PIM_PAGE) - { - Applink ("pim", TRUE, ""); - return 1; - } - - if (hw == CBN_EDITCHANGE && nCurPageNo == VOLUME_LOCATION_PAGE) - { - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), - GetWindowTextLength (GetDlgItem (hCurPage, IDC_COMBO_BOX)) > 0); - - bDeviceTransformModeChoiceMade = FALSE; - bInPlaceEncNonSys = FALSE; - - return 1; - } - - if (hw == CBN_SELCHANGE && nCurPageNo == VOLUME_LOCATION_PAGE) - { - LPARAM nIndex; - - nIndex = MoveEditToCombo ((HWND) lParam, bHistory); - nIndex = UpdateComboOrder (GetDlgItem (hwndDlg, IDC_COMBO_BOX)); - - if (nIndex != CB_ERR) - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - else - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); - - bDeviceTransformModeChoiceMade = FALSE; - bInPlaceEncNonSys = FALSE; - - return 1; - } - - if (hw == EN_CHANGE && nCurPageNo == SIZE_PAGE) - { - VerifySizeAndUpdate (hwndDlg, FALSE); - return 1; - } - - if (hw == EN_CHANGE && nCurPageNo == PASSWORD_PAGE) - { - VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (GetParent (hwndDlg), IDC_NEXT), - GetDlgItem (hwndDlg, IDC_PASSWORD), - GetDlgItem (hwndDlg, IDC_VERIFY), - NULL, - NULL, - KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect()); - volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); - - return 1; - } - - if (hw == EN_CHANGE && nCurPageNo == PIM_PAGE) - { - if (lw == IDC_PIM) - { - if(GetPim (hwndDlg, IDC_PIM) != 0) - { - PimValueChangedWarning = TRUE; - SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, GetString (SysEncInEffect ()? "PIM_SYSENC_CHANGE_WARNING" : "PIM_CHANGE_WARNING")); - } - else - { - PimValueChangedWarning = FALSE; - SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, (wchar_t *) GetDictionaryValueByInt (IDC_PIM_HELP)); - } - } - - return 1; - } - - if (lw == IDC_SHOW_PASSWORD && nCurPageNo == PASSWORD_PAGE) - { - HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD, IDC_PASSWORD, IDC_VERIFY); - return 1; - } - - if (lw == IDC_SHOW_PIM && nCurPageNo == PIM_PAGE) - { - HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PIM, IDC_PIM, 0); - return 1; - } - - if (lw == IDC_PIM_ENABLE) - { - PimEnable = GetCheckBox (hwndDlg, IDC_PIM_ENABLE); - if (!PimEnable) - volumePim = 0; - if (nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE - || nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE - ) - { - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_ENABLE), PimEnable? SW_HIDE : SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), PimEnable? SW_SHOW : SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), PimEnable? SW_SHOW : SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), PimEnable? SW_SHOW : SW_HIDE); - if (PimEnable) - { - SetFocus (GetDlgItem (hwndDlg, IDC_PIM)); - } - } - return 1; - } - - if (nCurPageNo == PASSWORD_PAGE - || nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE - || nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) - { - if (lw == IDC_KEY_FILES) - { - if (SysEncInEffect()) - { - Warning ("KEYFILES_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", MainDlg); - return 1; - } - - KeyFilesDlgParam param; - param.EnableKeyFiles = KeyFilesEnable; - param.FirstKeyFile = FirstKeyFile; - - if (IDOK == DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, - (DLGPROC) KeyFilesDlgProc, (LPARAM) ¶m)) - { - KeyFilesEnable = param.EnableKeyFiles; - FirstKeyFile = param.FirstKeyFile; - - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); - - if (nCurPageNo != HIDDEN_VOL_HOST_PASSWORD_PAGE && nCurPageNo != NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) - EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), KeyFilesEnable); - - if (nCurPageNo != HIDDEN_VOL_HOST_PASSWORD_PAGE && nCurPageNo != NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) - { - VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (GetParent (hwndDlg), IDC_NEXT), - GetDlgItem (hCurPage, IDC_PASSWORD), - GetDlgItem (hCurPage, IDC_VERIFY), - volumePassword.Text, szVerify, KeyFilesEnable && FirstKeyFile!=NULL); - } - } - - return 1; - } - - if (lw == IDC_KEYFILES_ENABLE) - { - KeyFilesEnable = GetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE); - - if (nCurPageNo != HIDDEN_VOL_HOST_PASSWORD_PAGE && nCurPageNo != NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) - { - EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), KeyFilesEnable); - - VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (GetParent (hwndDlg), IDC_NEXT), - GetDlgItem (hCurPage, IDC_PASSWORD), - GetDlgItem (hCurPage, IDC_VERIFY), - volumePassword.Text, szVerify, KeyFilesEnable && FirstKeyFile!=NULL); - } - - return 1; - } - } - - if (nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE - || nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) - { - if (hw == EN_CHANGE) - { - GetPassword (hCurPage, IDC_PASSWORD_DIRECT, (char*) volumePassword.Text, MAX_PASSWORD + 1, FALSE); - volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); - return 1; - } - - if (lw == IDC_SHOW_PASSWORD_SINGLE) - { - HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD_SINGLE, IDC_PASSWORD_DIRECT, IDC_PIM); - return 1; - } - } - - if ((lw == IDC_KB || lw == IDC_MB || lw == IDC_GB || lw == IDC_TB) && nCurPageNo == SIZE_PAGE) - { - SendMessage (GetDlgItem (hwndDlg, IDC_KB), BM_SETCHECK, BST_UNCHECKED, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_MB), BM_SETCHECK, BST_UNCHECKED, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_GB), BM_SETCHECK, BST_UNCHECKED, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_TB), BM_SETCHECK, BST_UNCHECKED, 0); - - switch (lw) - { - case IDC_KB: - SendMessage (GetDlgItem (hwndDlg, IDC_KB), BM_SETCHECK, BST_CHECKED, 0); - break; - case IDC_MB: - SendMessage (GetDlgItem (hwndDlg, IDC_MB), BM_SETCHECK, BST_CHECKED, 0); - break; - case IDC_GB: - SendMessage (GetDlgItem (hwndDlg, IDC_GB), BM_SETCHECK, BST_CHECKED, 0); - break; - case IDC_TB: - SendMessage (GetDlgItem (hwndDlg, IDC_TB), BM_SETCHECK, BST_CHECKED, 0); - break; - } - - VerifySizeAndUpdate (hwndDlg, FALSE); - return 1; - } - - if (lw == IDC_HIDVOL_WIZ_MODE_DIRECT && nCurPageNo == HIDDEN_VOL_WIZARD_MODE_PAGE) - { - bHiddenVolDirect = TRUE; - return 1; - } - - if (lw == IDC_HIDVOL_WIZ_MODE_FULL && nCurPageNo == HIDDEN_VOL_WIZARD_MODE_PAGE) - { - bHiddenVolDirect = FALSE; - return 1; - } - - if (lw == IDC_SELECT_VOLUME_LOCATION && nCurPageNo == VOLUME_LOCATION_PAGE) - { - if (!bDevice) - { - // Select file - - if (BrowseFiles (hwndDlg, "OPEN_TITLE", szFileName, bHistory, !bHiddenVolDirect, NULL) == FALSE) - return 1; - - AddComboItem (GetDlgItem (hwndDlg, IDC_COMBO_BOX), szFileName, bHistory); - - EnableDisableFileNext (GetDlgItem (hwndDlg, IDC_COMBO_BOX), - GetDlgItem (GetParent (hwndDlg), IDC_NEXT)); - - return 1; - } - else - { - // Select device - RawDevicesDlgParam param; - param.pszFileName = szFileName; - INT_PTR nResult = DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_RAWDEVICES_DLG), GetParent (hwndDlg), - (DLGPROC) RawDevicesDlgProc, (LPARAM) & param); - - // Check administrator privileges - if (!wcsstr (szFileName, L"Floppy") && !IsAdmin() && !IsUacSupported ()) - MessageBoxW (hwndDlg, GetString ("ADMIN_PRIVILEGES_WARN_DEVICES"), lpszTitle, MB_OK|MB_ICONWARNING); - - if (nResult == IDOK && wcslen (szFileName) > 0) - { - AddComboItem (GetDlgItem (hwndDlg, IDC_COMBO_BOX), szFileName, bHistory); - - EnableDisableFileNext (GetDlgItem (hwndDlg, IDC_COMBO_BOX), - GetDlgItem (GetParent (hwndDlg), IDC_NEXT)); - - bDeviceTransformModeChoiceMade = FALSE; - bInPlaceEncNonSys = FALSE; - } - return 1; - } - } - - if (nCurPageNo == DEVICE_TRANSFORM_MODE_PAGE) - { - switch (lw) - { - case IDC_DEVICE_TRANSFORM_MODE_FORMAT: - - bInPlaceEncNonSys = FALSE; - bDeviceTransformModeChoiceMade = TRUE; - - return 1; - - case IDC_DEVICE_TRANSFORM_MODE_INPLACE: - - bInPlaceEncNonSys = TRUE; - bDeviceTransformModeChoiceMade = TRUE; - - bHiddenVol = FALSE; - bHiddenVolDirect = FALSE; - bHiddenVolHost = FALSE; - bSparseFileSwitch = FALSE; - quickFormat = FALSE; - - return 1; - } - } - - if (lw == IDC_HIDVOL_WIZ_MODE_FULL && nCurPageNo == HIDDEN_VOL_WIZARD_MODE_PAGE) - { - bHiddenVolDirect = FALSE; - return 1; - } - - if (hw == CBN_SELCHANGE && nCurPageNo == CIPHER_PAGE) - { - switch (lw) - { - case IDC_COMBO_BOX: - ComboSelChangeEA (hwndDlg); - break; - - case IDC_COMBO_BOX_HASH_ALGO: - if (SysEncInEffect ()) - { - HWND hHashAlgoItem = GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO); - int selectedAlgo = (int) SendMessage (hHashAlgoItem, CB_GETITEMDATA, SendMessage (hHashAlgoItem, CB_GETCURSEL, 0, 0), 0); - if (!HashForSystemEncryption(selectedAlgo)) - { - hash_algo = DEFAULT_HASH_ALGORITHM_BOOT; - RandSetHashFunction (DEFAULT_HASH_ALGORITHM_BOOT); - Info ("ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", MainDlg); - SelectAlgo (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), &hash_algo); - } - } - break; - } - return 1; - - } - - if (lw == IDC_QUICKFORMAT && IsButtonChecked (GetDlgItem (hCurPage, IDC_QUICKFORMAT))) - { - if (bSparseFileSwitch) - { - if (AskWarnYesNo("CONFIRM_SPARSE_FILE", MainDlg) == IDNO) - SetCheckBox (hwndDlg, IDC_QUICKFORMAT, FALSE); - } - else - { - if (AskWarnYesNo("WARN_QUICK_FORMAT", MainDlg) == IDNO) - SetCheckBox (hwndDlg, IDC_QUICKFORMAT, FALSE); - } - return 1; - } - - if (lw == IDC_FILESYS && hw == CBN_SELCHANGE) - { - fileSystem = (int) SendMessage (GetDlgItem (hCurPage, IDC_FILESYS), CB_GETITEMDATA, - SendMessage (GetDlgItem (hCurPage, IDC_FILESYS), CB_GETCURSEL, 0, 0) , 0); - - return 1; - } - - if (lw == IDC_SHOW_KEYS && nCurPageNo == FORMAT_PAGE) - { - showKeys = IsButtonChecked (GetDlgItem (hCurPage, IDC_SHOW_KEYS)); - - SetWindowText (GetDlgItem (hCurPage, IDC_RANDOM_BYTES), showKeys ? L" " : L"******************************** "); - SetWindowText (GetDlgItem (hCurPage, IDC_HEADER_KEY), showKeys ? L"" : L"******************************** "); - SetWindowText (GetDlgItem (hCurPage, IDC_DISK_KEY), showKeys ? L"" : L"******************************** "); - return 1; - } - - if (lw == IDC_DISPLAY_POOL_CONTENTS - && (nCurPageNo == SYSENC_COLLECTING_RANDOM_DATA_PAGE || nCurPageNo == NONSYS_INPLACE_ENC_RAND_DATA_PAGE)) - { - showKeys = IsButtonChecked (GetDlgItem (hCurPage, IDC_DISPLAY_POOL_CONTENTS)); - DisplayRandPool (hwndDlg, hRandPoolSys, showKeys); - - return 1; - } - - if (lw == IDC_DISPLAY_KEYS && nCurPageNo == SYSENC_KEYS_GEN_PAGE) - { - showKeys = IsButtonChecked (GetDlgItem (hCurPage, IDC_DISPLAY_KEYS)); - - DisplayPortionsOfKeys (GetDlgItem (hwndDlg, IDC_HEADER_KEY), GetDlgItem (hwndDlg, IDC_DISK_KEY), HeaderKeyGUIView, MasterKeyGUIView, !showKeys); - return 1; - } - - if (nCurPageNo == SYSENC_RESCUE_DISK_CREATION_PAGE) - { - if (lw == IDC_BROWSE) - { - wchar_t tmpszRescueDiskISO [TC_MAX_PATH+1]; - - if (!BrowseFiles (hwndDlg, "OPEN_TITLE", tmpszRescueDiskISO, FALSE, TRUE, NULL)) - return 1; - - StringCbCopyW (szRescueDiskISO, sizeof(szRescueDiskISO), tmpszRescueDiskISO); - - SetDlgItemText (hwndDlg, IDC_RESCUE_DISK_ISO_PATH, szRescueDiskISO); - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), (GetWindowTextLength (GetDlgItem (hwndDlg, IDC_RESCUE_DISK_ISO_PATH)) > 1)); - return 1; - } - - if ( hw == EN_CHANGE ) - { - GetDlgItemText (hwndDlg, IDC_RESCUE_DISK_ISO_PATH, szRescueDiskISO, sizeof(szRescueDiskISO)); - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), (GetWindowTextLength (GetDlgItem (hwndDlg, IDC_RESCUE_DISK_ISO_PATH)) > 1)); - return 1; - } - } - - if (nCurPageNo == SYSENC_RESCUE_DISK_BURN_PAGE && lw == IDC_DOWNLOAD_CD_BURN_SOFTWARE) - { - if (IsWindowsIsoBurnerAvailable()) - LaunchWindowsIsoBurner (hwndDlg, szRescueDiskISO); - else - Applink ("isoburning", TRUE, ""); - - return 1; - } - - if ((nCurPageNo == SYSENC_WIPE_MODE_PAGE - || nCurPageNo == NONSYS_INPLACE_ENC_WIPE_MODE_PAGE - || nCurPageNo == DEVICE_WIPE_MODE_PAGE) - && hw == CBN_SELCHANGE) - { - nWipeMode = (WipeAlgorithmId) SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE), - CB_GETITEMDATA, - SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0), - 0); - - return 1; - } - - if (nCurPageNo == DEVICE_WIPE_PAGE) - { - switch (lw) - { - case IDC_ABORT_BUTTON: - - if (AskWarnNoYes ("CONFIRM_WIPE_ABORT", MainDlg) == IDYES) - WipeAbort(); - - return 1; - } - } - - if (lw == IDC_NO_HISTORY) - { - if (!(bHistory = !IsButtonChecked (GetDlgItem (hCurPage, IDC_NO_HISTORY)))) - ClearHistory (GetDlgItem (hCurPage, IDC_COMBO_BOX)); - - return 1; - } - - return 0; - } - - return 0; -} - -/* Except in response to the WM_INITDIALOG and WM_ENDSESSION messages, the dialog box procedure - should return nonzero if it processes the message, and zero if it does not. - see DialogProc */ -BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - - int nNewPageNo = nCurPageNo; - - switch (uMsg) - { - case WM_INITDIALOG: - { - MainDlg = hwndDlg; - InitDialog (hwndDlg); - LocalizeDialog (hwndDlg, "IDD_VOL_CREATION_WIZARD_DLG"); - - if (IsTrueCryptInstallerRunning()) - AbortProcess ("TC_INSTALLER_IS_RUNNING"); - - // Resize the bitmap if the user has a non-default DPI - if (ScreenDPI != USER_DEFAULT_SCREEN_DPI) - { - hbmWizardBitmapRescaled = RenderBitmap (MAKEINTRESOURCE (IDB_WIZARD), - GetDlgItem (hwndDlg, IDC_BITMAP_WIZARD), - 0, 0, 0, 0, FALSE, FALSE); - } - - LoadSettings (hwndDlg); - - LoadDefaultKeyFilesParam (); - RestoreDefaultKeyFilesParam (); - - SysEncMultiBootCfg.NumberOfSysDrives = -1; - SysEncMultiBootCfg.MultipleSystemsOnDrive = -1; - SysEncMultiBootCfg.BootLoaderLocation = -1; - SysEncMultiBootCfg.BootLoaderBrand = -1; - SysEncMultiBootCfg.SystemOnBootDrive = -1; - - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (hwndDlg); - Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); - EndMainDlg (MainDlg); - return 0; - } - - SendMessageW (GetDlgItem (hwndDlg, IDC_BOX_TITLE), WM_SETFONT, (WPARAM) hTitleFont, (LPARAM) TRUE); - SetWindowTextW (hwndDlg, lpszTitle); - - ExtractCommandLine (hwndDlg, (wchar_t *) lParam); - - if (ComServerMode) - { - InitDialog (hwndDlg); - - if (!ComServerFormat ()) - { - handleWin32Error (hwndDlg, SRC_POS); - exit (1); - } - exit (0); - } - - if (DirectCreationMode) - { - wchar_t root[TC_MAX_PATH]; - DWORD fileSystemFlags = 0; - uint64 dataAreaSize; - wchar_t szFileSystemNameBuffer[256]; - ULARGE_INTEGER free; - - showKeys = FALSE; - bGuiMode = FALSE; - - if (CmdVolumePassword.Length == 0) - AbortProcess ("ERR_PASSWORD_MISSING"); - - if (CmdVolumeFileSize == 0) - AbortProcess ("ERR_SIZE_MISSING"); - - CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szFileName, &bDevice); - - if (bDevice) - AbortProcess ("ERR_DEVICE_CLI_CREATE_NOT_SUPPORTED"); - - volumePassword = CmdVolumePassword; - volumePim = CmdVolumePim; - - if (CmdVolumeEA > 0) - nVolumeEA = CmdVolumeEA; - - if (CmdVolumePkcs5 > 0) - hash_algo = CmdVolumePkcs5; - - if (CmdVolumeFilesystem > 0) - fileSystem = CmdVolumeFilesystem; - else - fileSystem = FILESYS_NTFS; - - nVolumeSize = CmdVolumeFileSize; - - // correct volume size to be multiple of sector size - if (bDevice && !(bHiddenVol && !bHiddenVolHost)) // If raw device but not a hidden volume - { - // do nothing. no correction is needed - } - else - { - unsigned __int64 sectorSize = (unsigned __int64) GetFormatSectorSize(); - unsigned __int64 sectorSizeRem = nVolumeSize % sectorSize; - - if (sectorSizeRem != 0) - nVolumeSize = nVolumeSize + (sectorSize - sectorSizeRem); - } - - if (nVolumeSize < (bHiddenVolHost ? TC_MIN_HIDDEN_VOLUME_HOST_SIZE : (bHiddenVol ? TC_MIN_HIDDEN_VOLUME_SIZE : TC_MIN_VOLUME_SIZE))) - AbortProcess ("ERR_VOLUME_SIZE_TOO_SMALL"); - - if ( ((!bHiddenVolHost && bHiddenVol) && (nVolumeSize > nMaximumHiddenVolSize)) - || (nVolumeSize > (bHiddenVolHost ? TC_MAX_HIDDEN_VOLUME_HOST_SIZE : TC_MAX_VOLUME_SIZE)) - ) - { - AbortProcess ("ERR_VOLUME_SIZE_TOO_BIG"); - } - - if (!GetVolumePathName (szFileName, root, array_capacity (root))) - { - handleWin32Error (hwndDlg, SRC_POS); - exit (1); - } - - if (CmdSparseFileSwitch) - { - /* Check if the host file system supports sparse files */ - GetVolumeInformation (root, NULL, 0, NULL, NULL, &fileSystemFlags, NULL, 0); - bSparseFileSwitch = fileSystemFlags & FILE_SUPPORTS_SPARSE_FILES; - - if (!bSparseFileSwitch) - { - AbortProcess ("ERR_DYNAMIC_NOT_SUPPORTED"); - } - } - - quickFormat = TRUE; - - if (!GetDiskFreeSpaceEx (root, &free, 0, 0)) - { - wchar_t szTmp[1024]; - - if (translateWin32Error (szTmp, sizeof (szTmp) / sizeof(szTmp[0]))) - { - wchar_t szTmp2[1024]; - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s\n%s", GetString ("CANNOT_CALC_SPACE"), szTmp); - AbortProcessDirect (szTmp2); - } - else - { - handleWin32Error (hwndDlg, SRC_POS); - } - - exit (1); - } - else - { - if (!bSparseFileSwitch && (nVolumeSize > free.QuadPart)) - { - AbortProcess ("ERR_CONTAINER_SIZE_TOO_BIG"); - } - } - - dataAreaSize = GetVolumeDataAreaSize (bHiddenVol && !bHiddenVolHost, nVolumeSize); - - if ( (fileSystem == FILESYS_NTFS) && - (dataAreaSize < TC_MIN_NTFS_FS_SIZE || dataAreaSize > TC_MAX_NTFS_FS_SIZE) - ) - { - AbortProcess ("ERR_NTFS_INVALID_VOLUME_SIZE"); - } - - if ( (fileSystem == FILESYS_EXFAT) && - (dataAreaSize < TC_MIN_EXFAT_FS_SIZE || dataAreaSize > TC_MAX_EXFAT_FS_SIZE) - ) - { - AbortProcess ("ERR_EXFAT_INVALID_VOLUME_SIZE"); - } - - if ( (fileSystem == FILESYS_FAT) && - (dataAreaSize < TC_MIN_FAT_FS_SIZE || dataAreaSize > (TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize())) - ) - { - AbortProcess ("ERR_FAT_INVALID_VOLUME_SIZE"); - } - - /* Verify that the volume would not be too large for the host file system */ - if (GetVolumePathName (szDiskFile, root, ARRAYSIZE (root)) - && GetVolumeInformation (root, NULL, 0, NULL, NULL, NULL, szFileSystemNameBuffer, ARRAYSIZE(szFileSystemNameBuffer)) - && !wcsncmp (szFileSystemNameBuffer, L"FAT32", 5)) - { - // The host file system is FAT32 - if (nVolumeSize >= 4 * BYTES_PER_GB) - { - AbortProcess ("VOLUME_TOO_LARGE_FOR_FAT32"); - } - } - - /* Verify that the volume would not be too large for the operating system */ - if (!IsOSAtLeast (WIN_VISTA) - && nVolumeSize > 2 * BYTES_PER_TB) - { - AbortProcess ("VOLUME_TOO_LARGE_FOR_WINXP"); - } - - if (volumePassword.Length > 0) - { - // Check password length (check also done for outer volume which is not the case in TrueCrypt). - if (!CheckPasswordLength (NULL, volumePassword.Length, volumePim, FALSE, Silent, Silent)) - { - exit (1); - } - } - - volTransformThreadFunction (hwndDlg); - - exit (bOperationSuccess? 0 : 1); - } - - SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, szRescueDiskISO); - StringCbCatW (szRescueDiskISO, sizeof(szRescueDiskISO), L"\\VeraCrypt Rescue Disk.iso"); - - if (IsOSAtLeast (WIN_VISTA)) - { - // Availability of in-place encryption (which is pre-selected by default whenever - // possible) makes partition-hosted volume creation safer. - bWarnDeviceFormatAdvanced = FALSE; - } - -#ifdef _DEBUG - // For faster testing - strcpy (szVerify, "q"); - strcpy (szRawPassword, "q"); -#endif - - PostMessage (hwndDlg, TC_APPMSG_PERFORM_POST_WMINIT_TASKS, 0, 0); - } - return 0; - - case WM_SYSCOMMAND: - if (lw == IDC_ABOUT) - { - DialogBoxW (hInst, MAKEINTRESOURCEW (IDD_ABOUT_DLG), hwndDlg, (DLGPROC) AboutDlgProc); - return 1; - } - return 0; - - case WM_TIMER: - - switch (wParam) - { - case TIMER_ID_RANDVIEW: - - if (WizardMode == WIZARD_MODE_SYS_DEVICE - || bInPlaceEncNonSys) - { - DisplayRandPool (hwndDlg, hRandPoolSys, showKeys); - } - else - { - int partialLen = 16; - wchar_t tmp2[43]; - int i; - DWORD mouseEventsCounter; - - RandpeekBytes (hwndDlg, randPool, partialLen, &mouseEventsCounter); - - ProcessEntropyEstimate (hEntropyBar, &mouseEventsInitialCount, mouseEventsCounter, maxEntropyLevel, &mouseEntropyGathered); - - tmp2[0] = 0; - - for (i = 0; i < partialLen; i++) - { - wchar_t tmp3[3]; - if (showKeys) - { - StringCbPrintfW (tmp3, sizeof(tmp3), L"%02X", (int) randPool[i]); - } - else if (bUseMask) - { - unsigned char tmpByte = randPool[i] ^ maskRandPool[i]; - tmp3[0] = (wchar_t) (((tmpByte >> 4) % 6) + L'*'); - tmp3[1] = (wchar_t) (((tmpByte & 0x0F) % 6) + L'*'); - tmp3[2] = 0; - } - else - StringCbCopyW (tmp3, sizeof (tmp3), L"**"); - StringCbCatW (tmp2, sizeof(tmp2), tmp3); - } - - tmp2[32] = 0; - - SetWindowTextW (GetDlgItem (hCurPage, IDC_RANDOM_BYTES), (wstring (tmp2) + GetString ("TRIPLE_DOT_GLYPH_ELLIPSIS")).c_str()); - - burn (randPool, partialLen); - burn (tmp2, sizeof(tmp2)); - } - return 1; - - case TIMER_ID_SYSENC_PROGRESS: - { - // Manage system encryption/decryption and update related GUI - - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - KillTimer (MainDlg, TIMER_ID_SYSENC_PROGRESS); - - try - { - BootEncObj->AbortSetup (); - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - - e.Show (hwndDlg); - Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); - EndMainDlg (MainDlg); - return 1; - } - - if (BootEncStatus.SetupInProgress) - UpdateSysEncProgressBar (); - - if (bSystemEncryptionInProgress != BootEncStatus.SetupInProgress) - { - bSystemEncryptionInProgress = BootEncStatus.SetupInProgress; - - UpdateSysEncProgressBar (); - UpdateSysEncControls (); - - if (!bSystemEncryptionInProgress) - { - // The driver stopped encrypting/decrypting - - // Allow the OS to enter Sleep mode when idle - SetThreadExecutionState (ES_CONTINUOUS); - - KillTimer (hwndDlg, TIMER_ID_SYSENC_PROGRESS); - - UpdateLastDialogId (); - - try - { - if (BootEncStatus.DriveMounted) // If we had been really encrypting/decrypting (not just proceeding to deinstall) - BootEncObj->CheckEncryptionSetupResult(); - } - catch (SystemException &e) - { - if (!bTryToCorrectReadErrors - && SystemEncryptionStatus == SYSENC_STATUS_ENCRYPTING - && (IsDiskReadError (e.ErrorCode))) - { - bTryToCorrectReadErrors = (AskWarnYesNo ("ENABLE_BAD_SECTOR_ZEROING", MainDlg) == IDYES); - - if (bTryToCorrectReadErrors) - { - SysEncResume(); - return 1; - } - } - else if (!DiscardUnreadableEncryptedSectors - && SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING - && (IsDiskReadError (e.ErrorCode))) - { - DiscardUnreadableEncryptedSectors = (AskWarnYesNo ("DISCARD_UNREADABLE_ENCRYPTED_SECTORS", MainDlg) == IDYES); - - if (DiscardUnreadableEncryptedSectors) - { - SysEncResume(); - return 1; - } - } - - e.Show (hwndDlg); - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - - switch (SystemEncryptionStatus) - { - case SYSENC_STATUS_ENCRYPTING: - - if (BootEncStatus.ConfiguredEncryptedAreaStart == BootEncStatus.EncryptedAreaStart - && BootEncStatus.ConfiguredEncryptedAreaEnd == BootEncStatus.EncryptedAreaEnd) - { - // The partition/drive has been fully encrypted - - ManageStartupSeqWiz (TRUE, L""); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_NEXT), GetString ("FINALIZE")); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), FALSE); - EnableWindow (GetDlgItem (hCurPage, IDC_WIPE_MODE), FALSE); - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), FALSE); - - WipeHiddenOSCreationConfig(); // For extra conservative security - - ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); - - Info ("SYSTEM_ENCRYPTION_FINISHED", MainDlg); - return 1; - } - break; - - case SYSENC_STATUS_DECRYPTING: - - if (!BootEncStatus.DriveEncrypted) - { - // The partition/drive has been fully decrypted - - try - { - // Finalize the process - BootEncObj->Deinstall (); - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - - ManageStartupSeqWiz (TRUE, L""); - ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_NEXT), GetString ("FINALIZE")); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), FALSE); - EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), FALSE); - - Info ("SYSTEM_DECRYPTION_FINISHED", MainDlg); - - // Reboot is required to enable uninstallation and hibernation - if (AskWarnYesNo ("CONFIRM_RESTART", MainDlg) == IDYES) - { - EndMainDlg (MainDlg); - - try - { - BootEncObj->RestartComputer(); - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - } - - return 1; - } - break; - } - } - } - } - return 1; - - case TIMER_ID_NONSYS_INPLACE_ENC_PROGRESS: - - if (bInPlaceEncNonSys) - { - // Non-system in-place encryption - - if (!bVolTransformThreadRunning && !bVolTransformThreadToRun) - { - KillTimer (hwndDlg, TIMER_ID_NONSYS_INPLACE_ENC_PROGRESS); - - UpdateLastDialogId (); - } - - UpdateNonSysInPlaceEncControls (); - } - return 1; - - case TIMER_ID_KEYB_LAYOUT_GUARD: - if (SysEncInEffect ()) - { - DWORD keybLayout = (DWORD) GetKeyboardLayout (NULL); - - /* Watch the keyboard layout */ - - if (keybLayout != 0x00000409 && keybLayout != 0x04090409) - { - // Keyboard layout is not standard US - - WipePasswordsAndKeyfiles (); - - SetPassword (hCurPage, IDC_PASSWORD, szRawPassword); - SetPassword (hCurPage, IDC_VERIFY, szVerify); - - keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); - - if (keybLayout != 0x00000409 && keybLayout != 0x04090409) - { - KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); - Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", MainDlg); - EndMainDlg (MainDlg); - return 1; - } - - bKeyboardLayoutChanged = TRUE; - - wchar_t szTmp [4096]; - StringCbCopyW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_CHANGE_PREVENTED")); - StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); - StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION")); - MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); - } - - /* Watch the right Alt key (which is used to enter various characters on non-US keyboards) */ - - if (bKeyboardLayoutChanged && !bKeybLayoutAltKeyWarningShown) - { - if (GetAsyncKeyState (VK_RMENU) < 0) - { - bKeybLayoutAltKeyWarningShown = TRUE; - - wchar_t szTmp [4096]; - StringCbCopyW (szTmp, sizeof(szTmp), GetString ("ALT_KEY_CHARS_NOT_FOR_SYS_ENCRYPTION")); - StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); - StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION")); - MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONINFORMATION | MB_SETFOREGROUND | MB_TOPMOST); - } - } - } - return 1; - - case TIMER_ID_SYSENC_DRIVE_ANALYSIS_PROGRESS: - - if (bSysEncDriveAnalysisInProgress) - { - UpdateProgressBarProc (GetTickCount() - SysEncDriveAnalysisStart); - - if (GetTickCount() - SysEncDriveAnalysisStart > SYSENC_DRIVE_ANALYSIS_ETA) - { - // It's taking longer than expected -- reinit the progress bar - SysEncDriveAnalysisStart = GetTickCount (); - InitProgressBar (SYSENC_DRIVE_ANALYSIS_ETA, 0, FALSE, FALSE, FALSE, TRUE); - } - - ArrowWaitCursor (); - } - else - { - KillTimer (hwndDlg, TIMER_ID_SYSENC_DRIVE_ANALYSIS_PROGRESS); - UpdateProgressBarProc (SYSENC_DRIVE_ANALYSIS_ETA); - Sleep (1500); // User-friendly GUI - - if (bSysEncDriveAnalysisTimeOutOccurred) - Warning ("SYS_DRIVE_SIZE_PROBE_TIMEOUT", MainDlg); - - LoadPage (hwndDlg, SYSENC_DRIVE_ANALYSIS_PAGE + 1); - } - return 1; - - case TIMER_ID_WIPE_PROGRESS: - - // Manage device wipe and update related GUI - - if (bHiddenOS && IsHiddenOSRunning()) - { - // Decoy system partition wipe - - DecoySystemWipeStatus decoySysPartitionWipeStatus; - - try - { - decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - KillTimer (MainDlg, TIMER_ID_WIPE_PROGRESS); - - try - { - BootEncObj->AbortDecoyOSWipe (); - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - - e.Show (hwndDlg); - EndMainDlg (MainDlg); - return 1; - } - - if (decoySysPartitionWipeStatus.WipeInProgress) - { - ArrowWaitCursor (); - - UpdateWipeProgressBar (); - } - - if (bDeviceWipeInProgress != decoySysPartitionWipeStatus.WipeInProgress) - { - bDeviceWipeInProgress = decoySysPartitionWipeStatus.WipeInProgress; - - UpdateWipeProgressBar (); - UpdateWipeControls (); - - if (!bDeviceWipeInProgress) - { - // The driver stopped wiping - - KillTimer (hwndDlg, TIMER_ID_WIPE_PROGRESS); - UpdateLastDialogId (); - - try - { - BootEncObj->CheckDecoyOSWipeResult(); - } - catch (Exception &e) - { - e.Show (hwndDlg); - AbortProcessSilent(); - } - - if (BootEncStatus.ConfiguredEncryptedAreaEnd == decoySysPartitionWipeStatus.WipedAreaEnd) - { - // Decoy system partition has been fully wiped - - ChangeHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_WIPED); - - SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("EXIT")); - EnableWindow (GetDlgItem (MainDlg, IDCANCEL), TRUE); - EnableWindow (GetDlgItem (MainDlg, IDC_PREV), FALSE); - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), FALSE); - EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), FALSE); - - Info ("WIPE_FINISHED_DECOY_SYSTEM_PARTITION", MainDlg); - - TextInfoDialogBox (TC_TBXID_DECOY_OS_INSTRUCTIONS); - - if (BootEncObj->GetSystemDriveConfiguration().ExtraBootPartitionPresent) - Warning ("DECOY_OS_VERSION_WARNING", MainDlg); - - return 1; - } - } - } - } - else - { - // Regular device wipe (not decoy system partition wipe) - - //Info ("WIPE_FINISHED"); - } - return 1; - } - - return 0; - - - case TC_APPMSG_PERFORM_POST_WMINIT_TASKS: - - AfterWMInitTasks (hwndDlg); - return 1; - - case TC_APPMSG_FORMAT_FINISHED: - { - wchar_t tmp[RNG_POOL_SIZE*2+1]; - - EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDHELP), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), TRUE); - SetFocus (GetDlgItem (hwndDlg, IDC_NEXT)); - - if (nCurPageNo == FORMAT_PAGE) - KillTimer (hwndDlg, TIMER_ID_RANDVIEW); - - // Attempt to wipe the GUI fields showing portions of randpool, of the master and header keys - wmemset (tmp, 'X', ARRAYSIZE(tmp)); - tmp [ARRAYSIZE(tmp)-1] = 0; - SetWindowText (hRandPool, tmp); - SetWindowText (hMasterKey, tmp); - SetWindowText (hHeaderKey, tmp); - - LoadPage (hwndDlg, FORMAT_FINISHED_PAGE); - } - return 1; - - case TC_APPMSG_NONSYS_INPLACE_ENC_FINISHED: - - // A partition has just been fully encrypted in place - - KillTimer (hwndDlg, TIMER_ID_NONSYS_INPLACE_ENC_PROGRESS); - - if (bInPlaceDecNonSys) - { - // Decryption of non-system volume finished and free drive letters are available. Check if a drive letter is assigned to the decrypted volume. - - WCHAR deviceName[MAX_PATH + 1]; - - StringCbCopyW (deviceName, sizeof(deviceName), szDiskFile); - - if (GetDiskDeviceDriveLetter (deviceName) < 0) - { - // No drive letter is assigned to the device - MessageBeep (MB_OK); - LoadPage (hwndDlg, NONSYS_INPLACE_DEC_TRANSFORM_FINISHED_DRIVE_LETTER_PAGE); - return 1; - } - else - { - Info ("NONSYS_INPLACE_DEC_FINISHED_INFO", hwndDlg); - } - } - - LoadPage (hwndDlg, NONSYS_INPLACE_ENC_TRANSFORM_FINISHED_PAGE); - return 1; - - case TC_APPMSG_VOL_TRANSFORM_THREAD_ENDED: - - if (bInPlaceEncNonSys) - { - // In-place encryption was interrupted/paused (did not finish) - - KillTimer (hwndDlg, TIMER_ID_NONSYS_INPLACE_ENC_PROGRESS); - - UpdateNonSysInPlaceEncControls (); - } - else - { - // Format has been aborted (did not finish) - - EnableWindow (GetDlgItem (hCurPage, IDC_QUICKFORMAT), (bDevice || bSparseFileSwitch) && !(bHiddenVol && !bHiddenVolHost)); - EnableWindow (GetDlgItem (hCurPage, IDC_FILESYS), TRUE); - EnableWindow (GetDlgItem (hCurPage, IDC_CLUSTERSIZE), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDHELP), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), TRUE); - EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), TRUE); - SendMessage (GetDlgItem (hCurPage, IDC_PROGRESS_BAR), PBM_SETPOS, 0, 0L); - SetFocus (GetDlgItem (hwndDlg, IDC_NEXT)); - } - - NormalCursor (); - return 1; - - case WM_HELP: - - OpenPageHelp (hwndDlg, nCurPageNo); - return 1; - - case TC_APPMSG_FORMAT_USER_QUIT: - - if (nCurPageNo == NONSYS_INPLACE_ENC_TRANSFORM_PAGE - && (bVolTransformThreadRunning || bVolTransformThreadToRun || bInPlaceEncNonSysResumed)) - { - // Non-system encryption in progress - if (AskNoYes ("NONSYS_INPLACE_ENC_DEFER_CONFIRM", hwndDlg) == IDYES) - { - NonSysInplaceEncPause (); - - EndMainDlg (hwndDlg); - return 1; - } - else - return 1; // Disallow close - } - else if (bVolTransformThreadRunning || bVolTransformThreadToRun) - { - // Format (non-in-place encryption) in progress - if (AskNoYes ("FORMAT_ABORT", hwndDlg) == IDYES) - { - bVolTransformThreadCancel = TRUE; - - EndMainDlg (hwndDlg); - return 1; - } - else - return 1; // Disallow close - } - else if ((nCurPageNo == SYSENC_ENCRYPTION_PAGE || nCurPageNo == SYSENC_PRETEST_RESULT_PAGE) - && SystemEncryptionStatus != SYSENC_STATUS_NONE - && InstanceHasSysEncMutex ()) - { - // System encryption/decryption in progress - - if (AskYesNo (SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING ? - "SYSTEM_DECRYPTION_DEFER_CONFIRM" : "SYSTEM_ENCRYPTION_DEFER_CONFIRM", MainDlg) == IDYES) - { - if (nCurPageNo == SYSENC_PRETEST_RESULT_PAGE) - TextInfoDialogBox (TC_TBXID_SYS_ENC_RESCUE_DISK); - - try - { - BootEncStatus = BootEncObj->GetStatus(); - - if (BootEncStatus.SetupInProgress) - { - BootEncObj->AbortSetupWait (); - Sleep (200); - BootEncStatus = BootEncObj->GetStatus(); - } - - if (!BootEncStatus.SetupInProgress) - { - EndMainDlg (MainDlg); - return 1; - } - else - { - Error ("FAILED_TO_INTERRUPT_SYSTEM_ENCRYPTION", MainDlg); - return 1; // Disallow close - } - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - return 1; // Disallow close - } - else - return 1; // Disallow close - } - else if (bConfirmQuitSysEncPretest) - { - if (AskWarnNoYes (bHiddenOS ? "CONFIRM_CANCEL_HIDDEN_OS_CREATION" : "CONFIRM_CANCEL_SYS_ENC_PRETEST", MainDlg) == IDNO) - return 1; // Disallow close - } - else if (bConfirmQuit) - { - if (AskWarnNoYes ("CONFIRM_EXIT_UNIVERSAL", MainDlg) == IDNO) - return 1; // Disallow close - } - - if (hiddenVolHostDriveNo > -1) - { - CloseVolumeExplorerWindows (hwndDlg, hiddenVolHostDriveNo); - UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE); - } - - EndMainDlg (hwndDlg); - return 1; - - - case WM_COMMAND: - - if (lw == IDHELP) - { - OpenPageHelp (hwndDlg, nCurPageNo); - return 1; - } - else if (lw == IDCANCEL) - { - PostMessage (hwndDlg, TC_APPMSG_FORMAT_USER_QUIT, 0, 0); - return 1; - } - else if (lw == IDC_NEXT) - { - if (nCurPageNo == INTRO_PAGE) - { - switch (GetSelectedWizardMode (hCurPage)) - { - case WIZARD_MODE_FILE_CONTAINER: - - if (CurrentOSMajor >= 6 && IsUacSupported() && IsAdmin() && !IsBuiltInAdmin() && !IsNonInstallMode()) - { - static bool warningConfirmed = false; - if (!warningConfirmed) - { - if (AskWarnYesNo ("CONTAINER_ADMIN_WARNING", MainDlg) == IDYES) - exit (0); - - warningConfirmed = true; - } - } - - WaitCursor (); - CloseSysEncMutex (); - ChangeWizardMode (WIZARD_MODE_FILE_CONTAINER); - bHiddenOS = FALSE; - bInPlaceEncNonSys = FALSE; - nNewPageNo = VOLUME_TYPE_PAGE - 1; // Skip irrelevant pages - break; - - case WIZARD_MODE_NONSYS_DEVICE: - - WaitCursor (); - CloseSysEncMutex (); - - if (!ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE)) - { - NormalCursor (); - return 1; - } - - bHiddenOS = FALSE; - nNewPageNo = VOLUME_TYPE_PAGE - 1; // Skip irrelevant pages - break; - - case WIZARD_MODE_SYS_DEVICE: - - WaitCursor (); - bHiddenVol = FALSE; - bInPlaceEncNonSys = FALSE; - SwitchWizardToSysEncMode (); - return 1; - } - } - else if (nCurPageNo == SYSENC_TYPE_PAGE) - { - if (bHiddenOS) - { - bWholeSysDrive = FALSE; - bHiddenVolDirect = FALSE; - } - - if (!bHiddenOS) - nNewPageNo = SYSENC_SPAN_PAGE - 1; // Skip irrelevant pages - } - else if (nCurPageNo == SYSENC_HIDDEN_OS_REQ_CHECK_PAGE) - { - WaitCursor (); - try - { - BootEncObj->CheckRequirementsHiddenOS (); - - if (CheckGapBetweenSysAndHiddenOS ()) - Warning ("GAP_BETWEEN_SYS_AND_HIDDEN_OS_PARTITION", MainDlg); - } - catch (Exception &e) - { - e.Show (hwndDlg); - NormalCursor (); - return 1; - } - - if (AskWarnYesNo ("DECOY_OS_REINSTALL_WARNING", MainDlg) == IDNO) - { - NormalCursor (); - return 1; - } - - WarningDirect ((wstring (GetString ("HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO")) - + L"\n\n" - + GetString ("HIDDEN_OS_WRITE_PROTECTION_EXPLANATION")).c_str(), MainDlg); - - if (!IsAdmin() && IsUacSupported()) - { - // If UAC elevation is needed, we need to elevate the complete wizard process here, because - // we will need to switch to the non-sys-device mode, which requires the whole wizard process - // to have admin rights. - - CloseSysEncMutex (); - - if (!ElevateWholeWizardProcess (L"/r")) - { - // Failed to obtain admin rights - - NormalCursor (); - - if (!CreateSysEncMutex ()) - AbortProcess ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE"); - - return 1; - } - } - - // This check requires admin rights - try - { - BootEncObj->InitialSecurityChecksForHiddenOS (); - } - catch (Exception &e) - { - e.Show (hwndDlg); - EndMainDlg (MainDlg); // Some of the checks need the wizard to be restarted (results are cached until exit and the checks would fail even if the issues were rectified). - return 1; - } - - nNewPageNo = SYSENC_MULTI_BOOT_MODE_PAGE - 1; // Skip irrelevant pages - } - else if (nCurPageNo == SYSENC_SPAN_PAGE) - { - try - { - if (bWholeSysDrive && !BootEncObj->SystemPartitionCoversWholeDrive()) - { - if (BootEncObj->SystemDriveContainsNonStandardPartitions()) - { - if (AskWarnYesNoString ((wstring (GetString ("SYSDRIVE_NON_STANDARD_PARTITIONS")) + L"\n\n" + GetString ("ASK_ENCRYPT_PARTITION_INSTEAD_OF_DRIVE")).c_str(), MainDlg) == IDYES) - bWholeSysDrive = FALSE; - } - - if (!IsOSAtLeast (WIN_VISTA) && bWholeSysDrive) - { - if (BootEncObj->SystemDriveContainsExtendedPartition()) - { - Error ("WDE_UNSUPPORTED_FOR_EXTENDED_PARTITIONS", MainDlg); - - if (AskYesNo ("ASK_ENCRYPT_PARTITION_INSTEAD_OF_DRIVE", MainDlg) == IDNO) - return 1; - - bWholeSysDrive = FALSE; - } - else - Warning ("WDE_EXTENDED_PARTITIONS_WARNING", hwndDlg); - } - } - - if (!bWholeSysDrive && BootEncObj->SystemPartitionCoversWholeDrive()) - bWholeSysDrive = (AskYesNo ("WHOLE_SYC_DEVICE_RECOM", hwndDlg) == IDYES); - } - catch (Exception &e) - { - e.Show (hwndDlg); - NormalCursor (); - return 1; - } - - if (!bWholeSysDrive) - nNewPageNo = SYSENC_MULTI_BOOT_MODE_PAGE - 1; // Skip irrelevant pages - } - else if (nCurPageNo == SYSENC_PRE_DRIVE_ANALYSIS_PAGE) - { - if ((SysEncDetectHiddenSectors = Get2RadButtonPageAnswer()) != 1) - { - // Skip drive analysis - nNewPageNo = SYSENC_DRIVE_ANALYSIS_PAGE; - - // If the user had already searched for hidden sectors, we must clear (invalidate) the - // result because now he changed his mind and no longer wishes to encrypt the hidden sectors. - try - { - BootEncObj->InvalidateCachedSysDriveProperties (); - } - catch (Exception &e) - { - e.Show (MainDlg); - EndMainDlg (MainDlg); - exit(0); - } - } - } - else if (nCurPageNo == SYSENC_MULTI_BOOT_MODE_PAGE) - { - if (nMultiBoot > 1) - { - // Multi-boot - - if (AskWarnNoYes ("MULTI_BOOT_FOR_ADVANCED_ONLY", hwndDlg) == IDNO) - return 1; - - if (bHiddenOS) - { - if (AskWarnNoYes ("HIDDEN_OS_MULTI_BOOT", hwndDlg) == IDNO) - { - Error ("UNSUPPORTED_HIDDEN_OS_MULTI_BOOT_CFG", hwndDlg); - return 1; - } - } - } - - if (bHiddenOS) - { - if (IsOSAtLeast (WIN_7) - && BootEncObj->GetSystemDriveConfiguration().ExtraBootPartitionPresent - && AskWarnYesNo ("CONFIRM_HIDDEN_OS_EXTRA_BOOT_PARTITION", hwndDlg) == IDNO) - { - TextInfoDialogBox (TC_TBXID_EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS); - NormalCursor (); - return 1; - } - - if (AskWarnYesNo ("DECOY_OS_REQUIREMENTS", hwndDlg) == IDNO) - { - NormalCursor (); - return 1; - } - - if (!ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE)) - { - NormalCursor (); - return 1; - } - - // Skip irrelevant pages - nNewPageNo = HIDDEN_VOL_HOST_PRE_CIPHER_PAGE - 1; - } - else if (nMultiBoot <= 1) - { - // Single-boot (not creating a hidden OS) - - // Skip irrelevant pages - nNewPageNo = CIPHER_PAGE - 1; - } - } - else if (nCurPageNo == SYSENC_MULTI_BOOT_SYS_EQ_BOOT_PAGE) - { - SysEncMultiBootCfg.SystemOnBootDrive = Get2RadButtonPageAnswer (); - - if (!SysEncMultiBootCfg.SystemOnBootDrive) - { - Error ("SYS_PARTITION_MUST_BE_ON_BOOT_DRIVE", hwndDlg); - EndMainDlg (MainDlg); - return 1; - } - } - else if (nCurPageNo == SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_PAGE) - { - if (Get2RadButtonPageAnswer () == 0) - { - // 2 or more drives contain an OS - - SysEncMultiBootCfg.NumberOfSysDrives = 2; - } - else if (Get2RadButtonPageAnswer () == 1) - { - // Only 1 drive contains an OS - - SysEncMultiBootCfg.NumberOfSysDrives = 1; - - if (bWholeSysDrive) - { - // Whole-system-drive encryption is currently not supported if the drive contains - // more than one system - Error ("WDE_UNSUPPORTED_FOR_MULTIPLE_SYSTEMS_ON_ONE_DRIVE", hwndDlg); - return 1; - } - - // Ask whether there is a non-Windows boot loader in the MBR - nNewPageNo = SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE - 1; - } - } - else if (nCurPageNo == SYSENC_MULTI_BOOT_ADJACENT_SYS_PAGE) - { - SysEncMultiBootCfg.MultipleSystemsOnDrive = Get2RadButtonPageAnswer (); - - if (SysEncMultiBootCfg.MultipleSystemsOnDrive && bWholeSysDrive) - { - // Whole-system-drive encryption is currently not supported if the drive contains - // more than one system - Error ("WDE_UNSUPPORTED_FOR_MULTIPLE_SYSTEMS_ON_ONE_DRIVE", hwndDlg); - return 1; - } - } - - else if (nCurPageNo == SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE) - { - SysEncMultiBootCfg.BootLoaderBrand = Get2RadButtonPageAnswer (); - - if (SysEncMultiBootCfg.BootLoaderBrand) - { - // A non-Windows boot manager in the MBR - Error ("CUSTOM_BOOT_MANAGERS_IN_MBR_UNSUPPORTED", hwndDlg); - EndMainDlg (MainDlg); - return 1; - } - else - { - // Either a standard Windows boot manager or no boot manager - wcscpy_s (SysEncMultiBootCfgOutcome, sizeof(SysEncMultiBootCfgOutcome) / 2, GetString ("WINDOWS_BOOT_LOADER_HINTS")); - } - } - - else if (nCurPageNo == SYSENC_MULTI_BOOT_OUTCOME_PAGE) - { - if (bHiddenOS) - { - if (!ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE)) - { - NormalCursor (); - return 1; - } - - nNewPageNo = HIDDEN_VOL_HOST_PRE_CIPHER_PAGE - 1; // Skip irrelevant pages - } - else - nNewPageNo = CIPHER_PAGE - 1; // Skip irrelevant pages - } - - else if (nCurPageNo == VOLUME_TYPE_PAGE) - { - if (IsButtonChecked (GetDlgItem (hCurPage, IDC_HIDDEN_VOL))) - { - if (!IsAdmin() && !IsUacSupported () - && IDNO == MessageBoxW (hwndDlg, GetString ("ADMIN_PRIVILEGES_WARN_HIDVOL"), - lpszTitle, MB_ICONWARNING|MB_YESNO|MB_DEFBUTTON2)) - { - return 1; - } - else - { - bHiddenVol = TRUE; - bHiddenVolHost = TRUE; - bInPlaceEncNonSys = FALSE; - } - } - else - { - bHiddenVol = FALSE; - bHiddenVolHost = FALSE; - bHiddenVolDirect = FALSE; - nNewPageNo = VOLUME_LOCATION_PAGE - 1; // Skip the hidden volume creation wizard mode selection - } - } - - else if (nCurPageNo == HIDDEN_VOL_WIZARD_MODE_PAGE) - { - if (IsButtonChecked (GetDlgItem (hCurPage, IDC_HIDVOL_WIZ_MODE_DIRECT))) - bHiddenVolDirect = TRUE; - else - { - if (IsHiddenOSRunning()) - { - WarningDirect ((wstring (GetString ("HIDDEN_VOL_CREATION_UNDER_HIDDEN_OS_HOWTO")) - + L"\n\n" - + GetString ("NOTE_BEGINNING") - + GetString ("HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO") - + L" " - + GetString ("HIDDEN_OS_WRITE_PROTECTION_EXPLANATION")).c_str(), hwndDlg); - NormalCursor (); - return 1; - } - - bHiddenVolDirect = FALSE; - } - } - - else if (nCurPageNo == VOLUME_LOCATION_PAGE) - { - BOOL tmpbDevice; - - WaitCursor(); - - GetWindowTextW (GetDlgItem (hCurPage, IDC_COMBO_BOX), szFileName, ARRAYSIZE (szFileName)); - RelativePath2Absolute (szFileName); - CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szFileName, &tmpbDevice); - - if (tmpbDevice != bDevice) - { - if (bDevice) - { - // Not a valid device path - Error ("CANNOT_CALC_SPACE", hwndDlg); - NormalCursor (); - return 1; - } - else - { - if (AskWarnYesNo ("DEVICE_SELECTED_IN_NON_DEVICE_MODE", hwndDlg) == IDNO) - { - NormalCursor (); - return 1; - } - - SwitchWizardToNonSysDeviceMode (); - NormalCursor (); - return 1; - } - } - - MoveEditToCombo (GetDlgItem (hCurPage, IDC_COMBO_BOX), bHistory); - - if (IsMountedVolume (szDiskFile)) - { - Error ("ALREADY_MOUNTED", hwndDlg); - NormalCursor (); - return 1; - } - - if (bDevice) - { - switch (IsSystemDevicePath (szDiskFile, hCurPage, TRUE)) - { - case 1: - case 2: - case 3: - if (AskYesNo ("CONFIRM_SYSTEM_ENCRYPTION_MODE", hwndDlg) == IDNO) - { - NormalCursor (); - return 1; - } - szFileName[0] = 0; - szDiskFile[0] = 0; - SwitchWizardToSysEncMode (); - NormalCursor (); - return 1; - - case -1: - // In some environments (such as PE), the system volume is not located on a hard drive. - // Therefore, we must interpret this return code as "Not a system device path" (otherwise, - // non-system devices could not be TC-formatted in such environments). Note that this is - // rather safe, because bReliableRequired is set to TRUE. - - // NOP - break; - } - } - else - { - if (CheckFileExtension(szFileName) - && AskWarnNoYes ("EXE_FILE_EXTENSION_CONFIRM", hwndDlg) == IDNO) - { - NormalCursor (); - return 1; - } - } - - bHistory = !IsButtonChecked (GetDlgItem (hCurPage, IDC_NO_HISTORY)); - - SaveSettings (hCurPage); - - if (bHiddenVolDirect && bHiddenVolHost) - { - nNewPageNo = HIDDEN_VOL_HOST_PASSWORD_PAGE - 1; - - if (bDevice) - { - if(!QueryFreeSpace (hwndDlg, GetDlgItem (hwndDlg, IDC_SPACE_LEFT), FALSE)) - { - MessageBoxW (hwndDlg, GetString ("CANT_GET_VOLSIZE"), lpszTitle, ICON_HAND); - NormalCursor (); - return 1; - } - else - nHiddenVolHostSize = nVolumeSize; - } - else - { - if (!GetFileVolSize (hwndDlg, &nHiddenVolHostSize)) - { - NormalCursor (); - return 1; - } - else if (IsSparseFile (hwndDlg)) - { - // Hidden volumes must not be created within sparse file containers - Warning ("HIDDEN_VOL_HOST_SPARSE", hwndDlg); - NormalCursor (); - return 1; - } - } - } - else - { - if (!bHiddenVol && !bDevice) - nNewPageNo = CIPHER_PAGE - 1; - else if (bHiddenVol) - nNewPageNo = (bHiddenVolHost ? HIDDEN_VOL_HOST_PRE_CIPHER_PAGE : HIDDEN_VOL_PRE_CIPHER_PAGE) - 1; - } - } - - else if (nCurPageNo == DEVICE_TRANSFORM_MODE_PAGE) - { - if (bInPlaceEncNonSys) - { - // Check requirements for non-system in-place encryption - - if (!CheckRequirementsForNonSysInPlaceEnc (hwndDlg, szDiskFile, FALSE)) - { - return 1; - } - - // We are going to skip the Size page so we must get the size here - nVolumeSize = GetDeviceSize (szDiskFile); - - if (nVolumeSize == -1) - { - handleWin32Error (MainDlg, SRC_POS); - return 1; - } - - if (AskWarnYesNo ("NONSYS_INPLACE_ENC_CONFIRM_BACKUP", hwndDlg) == IDNO) - return 1; - } - nNewPageNo = CIPHER_PAGE - 1; - } - - else if (nCurPageNo == HIDDEN_VOL_HOST_PRE_CIPHER_PAGE) - { - if (bHiddenVolHost) - nNewPageNo = CIPHER_PAGE - 1; // Skip the info on the hiddem volume - } - - else if (nCurPageNo == CIPHER_PAGE) - { - LPARAM nIndex; - nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0); - nVolumeEA = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0); - - if (SysEncInEffect () - && EAGetCipherCount (nVolumeEA) > 1) // Cascade? - { - if (AskWarnNoYes ("CONFIRM_CASCADE_FOR_SYS_ENCRYPTION", hwndDlg) == IDNO) - return 1; - - if (!bHiddenOS) - Info ("NOTE_CASCADE_FOR_SYS_ENCRYPTION", hwndDlg); - } - - nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX_HASH_ALGO), CB_GETCURSEL, 0, 0); - hash_algo = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX_HASH_ALGO), CB_GETITEMDATA, nIndex, 0); - - RandSetHashFunction (hash_algo); - - if (SysEncInEffect () || bInPlaceEncNonSys) - nNewPageNo = PASSWORD_PAGE - 1; // Skip irrelevant pages - } - - else if (nCurPageNo == SIZE_PAGE) - { - wchar_t szFileSystemNameBuffer[256]; - - VerifySizeAndUpdate (hCurPage, TRUE); - - if (!bDevice) - { - /* Verify that the volume would not be too large for the host file system */ - - wchar_t root[TC_MAX_PATH]; - - if (GetVolumePathName (szDiskFile, root, ARRAYSIZE (root)) - && GetVolumeInformation (root, NULL, 0, NULL, NULL, NULL, szFileSystemNameBuffer, ARRAYSIZE(szFileSystemNameBuffer)) - && !wcsncmp (szFileSystemNameBuffer, L"FAT32", 5)) - { - // The host file system is FAT32 - if (nUIVolumeSize * nMultiplier >= 4 * BYTES_PER_GB) - { - Error ("VOLUME_TOO_LARGE_FOR_FAT32", hwndDlg); - return 1; - } - } - - /* Verify that the volume would not be too large for the operating system */ - - if (!IsOSAtLeast (WIN_VISTA) - && nUIVolumeSize * nMultiplier > 2 * BYTES_PER_TB) - { - Warning ("VOLUME_TOO_LARGE_FOR_WINXP", hwndDlg); - } - } - - if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume - { - /* Ask for confirmation if the hidden volume is too large for the user to be - able to write much more data to the outer volume. */ - - if (((double) nUIVolumeSize / (nMaximumHiddenVolSize / nMultiplier)) > 0.85) // 85% - { - if (AskWarnNoYes ("FREE_SPACE_FOR_WRITING_TO_OUTER_VOLUME", hwndDlg) == IDNO) - return 1; - } - } - - if (!(bHiddenVolDirect && bHiddenVolHost)) - nNewPageNo = PASSWORD_PAGE - 1; - } - - else if (nCurPageNo == PASSWORD_PAGE) - { - VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (MainDlg, IDC_NEXT), - GetDlgItem (hCurPage, IDC_PASSWORD), - GetDlgItem (hCurPage, IDC_VERIFY), - volumePassword.Text, - szVerify, - KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect()); - - volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); - - if (volumePassword.Length > 0) - { - // Password character encoding - if (SysEncInEffect () && !CheckPasswordCharEncoding (GetDlgItem (hCurPage, IDC_PASSWORD), NULL)) - { - Error ("UNSUPPORTED_CHARS_IN_PWD", hwndDlg); - return 1; - } - // Check password length (check also done for outer volume which is not the case in TrueCrypt). - else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, 0, SysEncInEffect(), FALSE, FALSE)) - { - return 1; - } - } - - // Store the password in case we need to restore it after keyfile is applied to it - if (!GetPassword (hCurPage, IDC_PASSWORD, szRawPassword, sizeof (szRawPassword), TRUE)) - return 1; - - if (!SysEncInEffect ()) - { - if (KeyFilesEnable) - { - WaitCursor (); - - if (!KeyFilesApply (hwndDlg, &volumePassword, FirstKeyFile, NULL)) - { - NormalCursor (); - return 1; - } - - NormalCursor (); - } - - } - else - { - KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); - - if (bKeyboardLayoutChanged) - { - // Restore the original keyboard layout - if (LoadKeyboardLayout (OrigKeyboardLayout, KLF_ACTIVATE | KLF_SUBSTITUTE_OK) == NULL) - Warning ("CANNOT_RESTORE_KEYBOARD_LAYOUT", hwndDlg); - else - bKeyboardLayoutChanged = FALSE; - } - - } - - if (!PimEnable) - { - // PIM not activated. Skip PIM page - nNewPageNo = PIM_PAGE; - volumePim = 0; - - if (SysEncInEffect ()) - { - nNewPageNo = SYSENC_COLLECTING_RANDOM_DATA_PAGE - 1; // Skip irrelevant pages - } - - if (bInPlaceEncNonSys) - { - nNewPageNo = NONSYS_INPLACE_ENC_RAND_DATA_PAGE - 1; // Skip irrelevant pages - } - else if (WizardMode != WIZARD_MODE_SYS_DEVICE - && !FileSize4GBLimitQuestionNeeded () - || CreatingHiddenSysVol()) // If we're creating a hidden volume for a hidden OS, we don't need to format it with any filesystem (the entire OS will be copied to the hidden volume sector by sector). - { - nNewPageNo = FORMAT_PAGE - 1; // Skip irrelevant pages - } - - } - } - - else if (nCurPageNo == PIM_PAGE) - { - volumePim = GetPim (hCurPage, IDC_PIM); - - if (!SysEncInEffect() && (volumePim > MAX_PIM_VALUE)) - { - SetFocus (GetDlgItem(hCurPage, IDC_PIM)); - Error ("PIM_TOO_BIG", hwndDlg); - return 1; - } - - if (volumePassword.Length > 0) - { - // Password character encoding - if (SysEncInEffect() && (volumePim > MAX_BOOT_PIM_VALUE)) - { - SetFocus (GetDlgItem(hCurPage, IDC_PIM)); - Error ("PIM_SYSENC_TOO_BIG", hwndDlg); - return 1; - } - // Check password length (check also done for outer volume which is not the case in TrueCrypt). - else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, volumePim, SysEncInEffect(), TRUE, FALSE)) - { - return 1; - } - } - - if (SysEncInEffect ()) - { - - nNewPageNo = SYSENC_COLLECTING_RANDOM_DATA_PAGE - 1; // Skip irrelevant pages - } - - if (bInPlaceEncNonSys) - { - nNewPageNo = NONSYS_INPLACE_ENC_RAND_DATA_PAGE - 1; // Skip irrelevant pages - } - else if (WizardMode != WIZARD_MODE_SYS_DEVICE - && !FileSize4GBLimitQuestionNeeded () - || CreatingHiddenSysVol()) // If we're creating a hidden volume for a hidden OS, we don't need to format it with any filesystem (the entire OS will be copied to the hidden volume sector by sector). - { - nNewPageNo = FORMAT_PAGE - 1; // Skip irrelevant pages - } - } - - else if (nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE - || nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) - { - WaitCursor (); - - if (!GetPassword (hCurPage, IDC_PASSWORD_DIRECT, (char*) volumePassword.Text, MAX_PASSWORD + 1, TRUE)) - { - NormalCursor (); - return 1; - } - volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); - - hash_algo = (int) SendMessage (GetDlgItem (hCurPage, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hCurPage, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); - - volumePim = GetPim (hCurPage, IDC_PIM); - - // Store the password in case we need to restore it after keyfile is applied to it - if (!GetPassword (hCurPage, IDC_PASSWORD_DIRECT, szRawPassword, sizeof (szRawPassword), TRUE)) - { - NormalCursor (); - return 1; - } - - if (KeyFilesEnable) - { - KeyFilesApply (hwndDlg, &volumePassword, FirstKeyFile, NULL); - } - - if (!bInPlaceEncNonSys) - { - - /* Mount the volume which is to host the new hidden volume as read only */ - - if (hiddenVolHostDriveNo >= 0) // If the hidden volume host is currently mounted (e.g. after previous unsuccessful dismount attempt) - { - BOOL tmp_result; - - // Dismount the hidden volume host (in order to remount it as read-only subsequently) - while (!(tmp_result = UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE))) - { - if (MessageBoxW (hwndDlg, GetString ("CANT_DISMOUNT_OUTER_VOL"), lpszTitle, MB_RETRYCANCEL) != IDRETRY) - { - // Cancel - NormalCursor(); - return 1; - } - } - if (tmp_result) // If dismounted - hiddenVolHostDriveNo = -1; - } - - if (hiddenVolHostDriveNo < 0) // If the hidden volume host is not mounted - { - int retCode; - - // Mount the hidden volume host as read-only (to ensure consistent and secure - // results of the volume bitmap scanning) - switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, hash_algo, volumePim, TRUE)) - { - case ERR_NO_FREE_DRIVES: - NormalCursor (); - MessageBoxW (hwndDlg, GetString ("NO_FREE_DRIVE_FOR_OUTER_VOL"), lpszTitle, ICON_HAND); - return 1; - case ERR_VOL_MOUNT_FAILED: - case ERR_PASSWORD_WRONG: - NormalCursor (); - return 1; - case 0: - - /* Hidden volume host successfully mounted as read-only */ - - WaitCursor (); - - // Verify that the outer volume contains a suitable file system, retrieve cluster size, and - // scan the volume bitmap - if (!IsAdmin () && IsUacSupported ()) - retCode = UacAnalyzeHiddenVolumeHost (hwndDlg, &hiddenVolHostDriveNo, GetVolumeDataAreaSize (FALSE, nHiddenVolHostSize), &realClusterSize, &nbrFreeClusters); - else - retCode = AnalyzeHiddenVolumeHost (hwndDlg, &hiddenVolHostDriveNo, GetVolumeDataAreaSize (FALSE, nHiddenVolHostSize), &realClusterSize, &nbrFreeClusters); - - switch (retCode) - { - case -1: // Fatal error - CloseVolumeExplorerWindows (hwndDlg, hiddenVolHostDriveNo); - - if (UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE)) - hiddenVolHostDriveNo = -1; - - AbortProcessSilent (); - break; - - case 0: // Unsupported file system (or other non-fatal error which has already been reported) - if (bHiddenVolDirect) - { - CloseVolumeExplorerWindows (hwndDlg, hiddenVolHostDriveNo); - - if (UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE)) - hiddenVolHostDriveNo = -1; - } - NormalCursor (); - return 1; - - case 1: - - // Determine the maximum possible size of the hidden volume - if (DetermineMaxHiddenVolSize (hwndDlg) < 1) - { - // Non-fatal error while determining maximum possible size of the hidden volume - NormalCursor(); - return 1; - } - else - { - BOOL tmp_result; - - /* Maximum possible size of the hidden volume successfully determined */ - - // Dismount the hidden volume host - while (!(tmp_result = UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE))) - { - if (MessageBoxW (hwndDlg, GetString ("CANT_DISMOUNT_OUTER_VOL"), lpszTitle, MB_RETRYCANCEL) != IDRETRY) - { - // Cancel - NormalCursor(); - return 1; - } - } - - if (tmp_result) // If dismounted - { - hiddenVolHostDriveNo = -1; - - bHiddenVolHost = FALSE; - bHiddenVolFinished = FALSE; - - // Clear the outer volume password - WipePasswordsAndKeyfiles (); - - RestoreDefaultKeyFilesParam (); - - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), TRUE); - NormalCursor (); - - nNewPageNo = HIDDEN_VOL_HOST_PRE_CIPHER_PAGE; - } - } - break; - } - break; - } - } - } - else if (bInPlaceEncNonSysResumed) - { - /* Scan all available partitions to discover all partitions where non-system in-place - encryption/decryption has been interrupted. */ - - BOOL tmpbDevice; - - NormalCursor (); - - ShowWaitDialog (hwndDlg, TRUE, ResumeInPlaceEncWaitThreadProc, NULL); - - WaitCursor(); - - if (DeferredNonSysInPlaceEncDevices.empty()) - { - Warning ("FOUND_NO_PARTITION_W_DEFERRED_INPLACE_ENC", hwndDlg); - - NormalCursor(); - return 1; - } - else if (DeferredNonSysInPlaceEncDevices.size() == 1) - { - CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), DeferredNonSysInPlaceEncDevices.front().Path.c_str(), &tmpbDevice); - - nVolumeSize = GetDeviceSize (szDiskFile); - if (nVolumeSize == -1) - { - handleWin32Error (MainDlg, SRC_POS); - NormalCursor(); - return 1; - } - - nNewPageNo = NONSYS_INPLACE_ENC_TRANSFORM_PAGE - 1; // Skip irrelevant pages - } - - NormalCursor(); - } - else - { - /* Try to mount the non-system volume to decrypt in place (the process has not started yet, we are NOT trying to resume it). - We will try to mount it using the backup header, which we require to work (i.e. be non-damaged) before we start writing - to the volume (the primary header will be overwritten by decrypted data soon after the decryption process begins, so the - backup header will contain the only copy of the master key). */ - - int driveNo = -1; - - // The volume may already be mounted. We need to dismount it first in order to verify the supplied password/keyfile(s) is/are correct. - if (IsMountedVolume (szFileName)) - { - driveNo = GetMountedVolumeDriveNo (szFileName); - - if (driveNo == -1 - || !UnmountVolume (hwndDlg, driveNo, TRUE)) - { - handleWin32Error (MainDlg, SRC_POS); - AbortProcess ("CANT_DISMOUNT_VOLUME"); - } - } - - driveNo = GetLastAvailableDrive (); - - if (driveNo < 0) - AbortProcess ("NO_FREE_DRIVES"); - - MountOptions mountOptions; - ZeroMemory (&mountOptions, sizeof (mountOptions)); - - mountOptions.UseBackupHeader = FALSE; // This must be FALSE at this point because otherwise we wouldn't be able to detect a legacy volume - mountOptions.ReadOnly = TRUE; - mountOptions.Removable = ConfigReadInt ("MountVolumesRemovable", FALSE); - - // Check that it is not a hidden or legacy volume - - if (MountVolume (hwndDlg, driveNo, szFileName, &volumePassword, hash_algo, volumePim, FALSE, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1) - { - NormalCursor(); - return 1; - } - - { - DWORD dwResult; - VOLUME_PROPERTIES_STRUCT volProp; - - memset (&volProp, 0, sizeof(volProp)); - volProp.driveNo = driveNo; - if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &volProp, sizeof (volProp), &volProp, sizeof (volProp), &dwResult, NULL) || dwResult == 0) - { - handleWin32Error (hwndDlg, SRC_POS); - UnmountVolume (hwndDlg, driveNo, TRUE); - AbortProcess ("CANT_GET_VOL_INFO"); - } - - if (volProp.volFormatVersion == TC_VOLUME_FORMAT_VERSION_PRE_6_0) - { - UnmountVolume (hwndDlg, driveNo, TRUE); - AbortProcess ("NONSYS_INPLACE_DECRYPTION_BAD_VOL_FORMAT"); - } - - if (volProp.hiddenVolume) - { - UnmountVolume (hwndDlg, driveNo, TRUE); - AbortProcess ("NONSYS_INPLACE_DECRYPTION_CANT_DECRYPT_HID_VOL"); - } - } - - // Remount the volume using the backup header to verify it is working - - if (!UnmountVolume (hwndDlg, driveNo, TRUE)) - { - handleWin32Error (MainDlg, SRC_POS); - AbortProcess ("CANT_DISMOUNT_VOLUME"); - } - - mountOptions.UseBackupHeader = TRUE; // This must be TRUE at this point (we won't be using the regular header, which will be lost soon after the decryption process starts) - - if (MountVolume (hwndDlg, driveNo, szFileName, &volumePassword, hash_algo, volumePim, FALSE, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1) - { - NormalCursor(); - return 1; - } - - if (!UnmountVolume (hwndDlg, driveNo, TRUE)) - { - handleWin32Error (MainDlg, SRC_POS); - AbortProcess ("CANT_DISMOUNT_VOLUME"); - } - - BOOL tmpbDevice; - - CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szFileName, &tmpbDevice); - - nVolumeSize = GetDeviceSize (szDiskFile); - if (nVolumeSize == -1) - { - handleWin32Error (MainDlg, SRC_POS); - AbortProcessSilent (); - } - - nNewPageNo = NONSYS_INPLACE_ENC_TRANSFORM_PAGE - 1; // Skip irrelevant pages - NormalCursor(); - } - } - - else if (nCurPageNo == FILESYS_PAGE) - { - if (!bHiddenVol && IsHiddenOSRunning() && Get2RadButtonPageAnswer() == 1) - { - // The user wants to store files larger than 4GB on the non-hidden volume about to be created and a hidden OS is running - - WarningDirect ((wstring (GetString ("CANNOT_SATISFY_OVER_4G_FILE_SIZE_REQ")) - + L" " - + GetString ("CANNOT_CREATE_NON_HIDDEN_NTFS_VOLUMES_UNDER_HIDDEN_OS") - + L"\n\n" - + GetString ("NOTE_BEGINNING") - + GetString ("HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO") - + L" " - + GetString ("HIDDEN_OS_WRITE_PROTECTION_EXPLANATION")).c_str(), hwndDlg); - - return 1; - } - - if (nNeedToStoreFilesOver4GB != Get2RadButtonPageAnswer()) - fileSystem = FILESYS_NONE; // The user may have gone back and changed the answer, so default file system must be reselected - - nNeedToStoreFilesOver4GB = Get2RadButtonPageAnswer(); - - nNewPageNo = FORMAT_PAGE - 1; // Skip irrelevant pages - } - - else if (nCurPageNo == SYSENC_COLLECTING_RANDOM_DATA_PAGE - || nCurPageNo == NONSYS_INPLACE_ENC_RAND_DATA_PAGE) - { - wchar_t tmp[RANDPOOL_DISPLAY_SIZE+1]; - - if (!bInPlaceEncNonSys) - { - /* Generate master key and other related data (except the rescue disk) for system encryption. */ - - try - { - WaitCursor(); - BootEncObj->PrepareInstallation (!bWholeSysDrive, volumePassword, nVolumeEA, FIRST_MODE_OF_OPERATION_ID, hash_algo, volumePim, L""); - } - catch (Exception &e) - { - e.Show (hwndDlg); - NormalCursor (); - return 1; - } - } - - KillTimer (hwndDlg, TIMER_ID_RANDVIEW); - - // Attempt to wipe the GUI field showing portions of randpool - wmemset (tmp, L'X', ARRAYSIZE(tmp)); - tmp [ARRAYSIZE(tmp)-1] = 0; - SetWindowText (hRandPoolSys, tmp); - - NormalCursor (); - } - - else if (nCurPageNo == SYSENC_KEYS_GEN_PAGE) - { - wchar_t tmp[KEY_GUI_VIEW_SIZE+1]; - - // Attempt to wipe the GUI fields showing portions of the master and header keys - wmemset (tmp, L'X', ARRAYSIZE(tmp)); - tmp [ARRAYSIZE(tmp)-1] = 0; - SetWindowText (hMasterKey, tmp); - SetWindowText (hHeaderKey, tmp); - } - - else if (nCurPageNo == SYSENC_RESCUE_DISK_CREATION_PAGE) - { - /* Generate rescue disk for boot encryption */ - - GetWindowText (GetDlgItem (hCurPage, IDC_RESCUE_DISK_ISO_PATH), szRescueDiskISO, ARRAYSIZE (szRescueDiskISO)); - - bDontVerifyRescueDisk = GetCheckBox (hCurPage, IDC_SKIP_RESCUE_VERIFICATION); - - try - { - WaitCursor(); - BootEncObj->CreateRescueIsoImage (true, szRescueDiskISO); - - } - catch (Exception &e) - { - e.Show (hwndDlg); - NormalCursor (); - return 1; - } - -retryCDDriveCheck: - if (!bDontVerifyRescueDisk && !BootEncObj->IsCDRecorderPresent()) - { - char *multiChoiceStr[] = { 0, "CD_BURNER_NOT_PRESENT", - "CD_BURNER_NOT_PRESENT_WILL_STORE_ISO", - "CD_BURNER_NOT_PRESENT_WILL_CONNECT_LATER", - "CD_BURNER_NOT_PRESENT_CONNECTED_NOW", - 0 }; - - switch (AskMultiChoice ((void **) multiChoiceStr, FALSE, hwndDlg)) - { - case 1: - wchar_t msg[8192]; - StringCchPrintfW (msg, array_capacity (msg), GetString ("CD_BURNER_NOT_PRESENT_WILL_STORE_ISO_INFO"), szRescueDiskISO); - WarningDirect (msg, hwndDlg); - - Warning ("RESCUE_DISK_BURN_NO_CHECK_WARN", hwndDlg); - bDontVerifyRescueDisk = TRUE; - nNewPageNo = SYSENC_RESCUE_DISK_VERIFIED_PAGE; - break; - - case 2: - AbortProcessSilent(); - - case 3: - break; - - default: - goto retryCDDriveCheck; - } - } - - if (IsWindowsIsoBurnerAvailable() && !bDontVerifyRescueDisk) - Info ("RESCUE_DISK_WIN_ISOBURN_PRELAUNCH_NOTE", hwndDlg); - - NormalCursor (); - } - - else if (nCurPageNo == SYSENC_RESCUE_DISK_BURN_PAGE) - { - if (!bDontVerifyRescueDisk) - { - /* Verify that the rescue disk has been written correctly */ - - try - { - WaitCursor(); - if (!BootEncObj->VerifyRescueDisk ()) - { - wchar_t szTmp[8000]; - - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("RESCUE_DISK_CHECK_FAILED"), - IsWindowsIsoBurnerAvailable () ? L"" : GetString ("RESCUE_DISK_CHECK_FAILED_SENTENCE_APPENDIX")); - - ErrorDirect (szTmp, hwndDlg); - - NormalCursor (); -#ifndef _DEBUG - return 1; -#endif - } - } - catch (Exception &e) - { - e.Show (hwndDlg); - NormalCursor (); - return 1; - } - NormalCursor (); - } - else - { - Warning ("RESCUE_DISK_BURN_NO_CHECK_WARN", hwndDlg); - nNewPageNo = SYSENC_RESCUE_DISK_VERIFIED_PAGE; // Skip irrelevant pages - } - } - - else if (nCurPageNo == SYSENC_WIPE_MODE_PAGE - || nCurPageNo == NONSYS_INPLACE_ENC_WIPE_MODE_PAGE) - { - if (nWipeMode > 0 - && AskWarnYesNo ("WIPE_MODE_WARN", hwndDlg) == IDNO) - return 1; - } - - else if (nCurPageNo == SYSENC_PRETEST_INFO_PAGE) - { - if (LocalizationActive - && AskWarnYesNo ("PREBOOT_NOT_LOCALIZED", hwndDlg) == IDNO) - return 1; - - bConfirmQuitSysEncPretest = TRUE; - - if (!bHiddenOS) // This text is not tailored to hidden OS - TextInfoDialogBox (TC_TBXID_SYS_ENCRYPTION_PRETEST); - - if (AskWarnYesNo ("CONFIRM_RESTART", hwndDlg) == IDNO) - return 1; - - /* Install the pre-boot authentication component and initiate the system encryption pretest. - If we are creating a hidden OS, pretest is omitted and OS cloning will follow. */ - - try - { - WaitCursor(); - -#if 0 - // Make sure the Rescue Disk is not in the drive - while (BootEncObj->VerifyRescueDisk ()) - { - Error ("REMOVE_RESCUE_DISK_FROM_DRIVE"); - } -#endif - - BootEncObj->Install (bHiddenOS ? true : false); - } - catch (Exception &e) - { - e.Show (hwndDlg); - Error (bHiddenOS ? "CANNOT_INITIATE_HIDDEN_OS_CREATION" : "CANNOT_INITIATE_SYS_ENCRYPTION_PRETEST", hwndDlg); - NormalCursor (); - return 1; - } - - - /* Add the main TrueCrypt app to the system startup sequence (the TrueCrypt Background Task), which - we need e.g. for notifications about prevented hibernation, about hidden OS leak protection, about - inconsistent hidden OS installs (TrueCrypt upgraded in the decoy system but not in the hidden one), etc. - Note that this must be done before calling ChangeSystemEncryptionStatus(), which broadcasts the change, - so that the main app (if it's running with different cached settings) will not overwrite our new - settings when it exits. */ - bStartOnLogon = TRUE; - SaveSettings (NULL); - ManageStartupSeq (); - - - if (bHiddenOS) - { - /* When we are going to create a hidden OS, the system encryption status is set - to SYSENC_STATUS_PRETEST (not to any special hidden-OS status), in case the XML - configuration file and its properties somehow leaks somewhere outside the system - partition (which will be wiped later on) indicating that a hidden OS has been created - on the computer. Instead, we update our raw config flags in the master boot record - (which is also altered when our boot loader is installed). */ - - if (!ChangeSystemEncryptionStatus (SYSENC_STATUS_PRETEST) - || !ChangeHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_CLONING)) - { - ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); - Error ("CANNOT_INITIATE_HIDDEN_OS_CREATION", hwndDlg); - NormalCursor (); - return 1; - } - } - else if (!ChangeSystemEncryptionStatus (SYSENC_STATUS_PRETEST)) - { - Error ("CANNOT_INITIATE_SYS_ENCRYPTION_PRETEST", hwndDlg); - NormalCursor (); - return 1; - } - - // Add the wizard to the system startup sequence - ManageStartupSeqWiz (FALSE, L"/acsysenc"); - - EndMainDlg (MainDlg); - - try - { - BootEncObj->RestartComputer (); - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - - return 1; - } - - else if (nCurPageNo == SYSENC_PRETEST_RESULT_PAGE) - { - TextInfoDialogBox (TC_TBXID_SYS_ENC_RESCUE_DISK); - - // Begin the actual encryption process - - ChangeSystemEncryptionStatus (SYSENC_STATUS_ENCRYPTING); - } - - else if (nCurPageNo == SYSENC_ENCRYPTION_PAGE - && CreateSysEncMutex ()) - { - // The 'Next' button functions as Finish or Resume - - if (SystemEncryptionStatus != SYSENC_STATUS_NONE) - { - try - { - // Resume - SysEncResume (); - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - } - else - { - // Finish - PostMessage (hwndDlg, TC_APPMSG_FORMAT_USER_QUIT, 0, 0); - } - - return 1; - } - else if (nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PARTITION_SEL_PAGE) - { - nNewPageNo = NONSYS_INPLACE_ENC_TRANSFORM_PAGE - 1; // Skip irrelevant pages - } - else if (nCurPageNo == NONSYS_INPLACE_ENC_TRANSFORM_PAGE) - { - /* In-place encryption start (the 'Next' button has been clicked) */ - if (bInPlaceDecNonSys - && !bInPlaceEncNonSysResumed - && AskWarnYesNo ("NONSYS_INPLACE_ENC_CONFIRM_BACKUP", hwndDlg) == IDNO) - { - // Cancel - return 1; - } - - NonSysInplaceEncResume (); - return 1; - } - else if (nCurPageNo == NONSYS_INPLACE_ENC_TRANSFORM_FINISHED_PAGE) - { - PostMessage (hwndDlg, TC_APPMSG_FORMAT_USER_QUIT, 0, 0); - return 1; - } - else if (nCurPageNo == NONSYS_INPLACE_DEC_TRANSFORM_FINISHED_DRIVE_LETTER_PAGE) - { - BOOL bDrvLetterAssignResult = FALSE; - - int tmpDriveLetter = (int) SendMessage (GetDlgItem (hCurPage, IDC_DRIVE_LETTER_LIST), - CB_GETITEMDATA, - SendMessage (GetDlgItem (hCurPage, IDC_DRIVE_LETTER_LIST), CB_GETCURSEL, 0, 0), - 0); - - if (tmpDriveLetter < 0) - tmpDriveLetter = GetFirstAvailableDrive (); - - do - { - wchar_t szDriveLetter[] = {L'A', L':', 0 }; - wchar_t rootPath[] = {L'A', L':', L'\\', 0 }; - wchar_t uniqVolName[MAX_PATH+1] = { 0 }; - - rootPath[0] += (wchar_t) tmpDriveLetter; - szDriveLetter[0] += (wchar_t) tmpDriveLetter; - - if (DefineDosDevice (DDD_RAW_TARGET_PATH, szDriveLetter, szDiskFile)) - { - bDrvLetterAssignResult = GetVolumeNameForVolumeMountPoint (rootPath, uniqVolName, MAX_PATH); - - DefineDosDevice (DDD_RAW_TARGET_PATH|DDD_REMOVE_DEFINITION|DDD_EXACT_MATCH_ON_REMOVE, - szDriveLetter, - szDiskFile); - - if (bDrvLetterAssignResult) - { - if (SetVolumeMountPoint (rootPath, uniqVolName) == 0) - bDrvLetterAssignResult = FALSE; - } - } - - if (!bDrvLetterAssignResult) - { - if (AskErrYesNo ("ERR_CANNOT_ASSIGN_DRIVE_LETTER_NONSYS_DEC", hwndDlg) == IDNO) - break; - } - - } while (bDrvLetterAssignResult == FALSE); - - bConfirmQuit = FALSE; - - PostMessage (hwndDlg, TC_APPMSG_FORMAT_USER_QUIT, 0, 0); - return 1; - } - else if (nCurPageNo == FORMAT_PAGE) - { - /* Format start (the 'Next' button has been clicked on the Format page) */ - - if (bVolTransformThreadRunning || bVolTransformThreadToRun) - return 1; - - bVolTransformThreadCancel = FALSE; - - bVolTransformThreadToRun = TRUE; - - fileSystem = (int) SendMessage (GetDlgItem (hCurPage, IDC_FILESYS), CB_GETITEMDATA, - SendMessage (GetDlgItem (hCurPage, IDC_FILESYS), CB_GETCURSEL, 0, 0) , 0); - - clusterSize = (int) SendMessage (GetDlgItem (hCurPage, IDC_CLUSTERSIZE), CB_GETITEMDATA, - SendMessage (GetDlgItem (hCurPage, IDC_CLUSTERSIZE), CB_GETCURSEL, 0, 0) , 0); - - quickFormat = IsButtonChecked (GetDlgItem (hCurPage, IDC_QUICKFORMAT)); - - - if (!bHiddenVol && IsHiddenOSRunning()) - { - // Creating a non-hidden volume under a hidden OS - - if (fileSystem == FILESYS_NTFS || fileSystem == FILESYS_EXFAT) - { - WarningDirect ((wstring (GetString ("CANNOT_CREATE_NON_HIDDEN_NTFS_VOLUMES_UNDER_HIDDEN_OS")) - + L"\n\n" - + GetString ("NOTE_BEGINNING") - + GetString ("HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO") - + L" " - + GetString ("HIDDEN_OS_WRITE_PROTECTION_EXPLANATION")).c_str(), hwndDlg); - - if (GetVolumeDataAreaSize (FALSE, nVolumeSize) <= TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize() - && AskYesNo("OFFER_FAT_FORMAT_ALTERNATIVE", hwndDlg) == IDYES) - { - fileSystem = FILESYS_FAT; - SelectAlgo (GetDlgItem (hCurPage, IDC_FILESYS), (int *) &fileSystem); - } - else - { - if (GetVolumeDataAreaSize (FALSE, nVolumeSize) > TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize()) - Info ("FAT_NOT_AVAILABLE_FOR_SO_LARGE_VOLUME", hwndDlg); - - bVolTransformThreadToRun = FALSE; - return 1; - } - } - } - - if (bHiddenVolHost) - { - hiddenVolHostDriveNo = -1; - nMaximumHiddenVolSize = 0; - - if (fileSystem == FILESYS_NTFS || fileSystem == FILESYS_EXFAT) - { - if (bHiddenOS && (fileSystem == FILESYS_NTFS) - && (double) nVolumeSize / GetSystemPartitionSize() < MIN_HIDDENOS_DECOY_PARTITION_SIZE_RATIO_NTFS) - { - Error("OUTER_VOLUME_TOO_SMALL_FOR_HIDDEN_OS_NTFS", hwndDlg); - - if (GetVolumeDataAreaSize (FALSE, nVolumeSize) <= TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize() - && AskYesNo("OFFER_FAT_FORMAT_ALTERNATIVE", hwndDlg) == IDYES) - { - fileSystem = FILESYS_FAT; - SelectAlgo (GetDlgItem (hCurPage, IDC_FILESYS), (int *) &fileSystem); - } - else - { - if (GetVolumeDataAreaSize (FALSE, nVolumeSize) > TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize()) - Info ("FAT_NOT_AVAILABLE_FOR_SO_LARGE_VOLUME", hwndDlg); - - bVolTransformThreadToRun = FALSE; - return 1; - } - } - - if (fileSystem == FILESYS_NTFS || fileSystem == FILESYS_EXFAT) // The file system may have been changed in the previous block - { - if (nCurrentOS == WIN_2000) - { - Error("HIDDEN_VOL_HOST_UNSUPPORTED_FILESYS_WIN2000", hwndDlg); - bVolTransformThreadToRun = FALSE; - return 1; - } - else if ((fileSystem == FILESYS_NTFS) && (GetVolumeDataAreaSize (FALSE, nVolumeSize) <= TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize()) - && AskYesNo("HIDDEN_VOL_HOST_NTFS_ASK", hwndDlg) == IDNO) - { - bVolTransformThreadToRun = FALSE; - return 1; - } - } - } - } - else if (bHiddenVol) - { - // Hidden volume is always quick-formatted (if, however, the meaning of quickFormat is - // whether to create a sparse file, it must be set to FALSE). - quickFormat = !bSparseFileSwitch; - } - - - if (fileSystem == FILESYS_FAT - && nNeedToStoreFilesOver4GB == 1 - && AskWarnNoYes("CONFIRM_FAT_FOR_FILES_OVER_4GB", hwndDlg) == IDNO) - { - bVolTransformThreadToRun = FALSE; - return 1; - } - - EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDHELP), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), FALSE); - EnableWindow (GetDlgItem (hCurPage, IDC_QUICKFORMAT), FALSE); - EnableWindow (GetDlgItem (hCurPage, IDC_CLUSTERSIZE), FALSE); - EnableWindow (GetDlgItem (hCurPage, IDC_FILESYS), FALSE); - EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); - SetFocus (GetDlgItem (hCurPage, IDC_ABORT_BUTTON)); - - // Increase cluster size if it's too small for this volume size (causes size of - // free space to be 0). Note that the below constant 0x2000000 is based on - // results of tests performed under Windows XP. - if (fileSystem == FILESYS_FAT && clusterSize > 0) - { - BOOL fixed = FALSE; - while (clusterSize < 128 - && nVolumeSize / (clusterSize * GetFormatSectorSize()) > 0x2000000) - { - clusterSize *= 2; - fixed = TRUE; - } - if (fixed) - MessageBoxW (hwndDlg, GetString ("CLUSTER_TOO_SMALL"), lpszTitle, MB_ICONWARNING); - } - - LastDialogId = "FORMAT_IN_PROGRESS"; - ArrowWaitCursor (); - _beginthread (volTransformThreadFunction, 0, MainDlg); - - return 1; - } - - else if (nCurPageNo == FORMAT_FINISHED_PAGE) - { - if (!bHiddenVol || bHiddenVolFinished) - { - /* Wizard loop restart */ - - if (bHiddenOS) - { - if (!ChangeWizardMode (WIZARD_MODE_SYS_DEVICE)) - return 1; - - // Hidden volume for hidden OS has been created. Now we will prepare our boot loader - // that will handle the OS cloning. - try - { - WaitCursor(); - - BootEncObj->PrepareHiddenOSCreation (nVolumeEA, FIRST_MODE_OF_OPERATION_ID, hash_algo); - } - catch (Exception &e) - { - e.Show (MainDlg); - NormalCursor(); - return 1; - } - - bHiddenVol = FALSE; - - LoadPage (hwndDlg, SYSENC_PRETEST_INFO_PAGE); - } - else - LoadPage (hwndDlg, INTRO_PAGE); - - SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); - bHiddenVolFinished = FALSE; - WipePasswordsAndKeyfiles (); - - return 1; - } - else - { - /* We're going to scan the bitmap of the hidden volume host (in the non-Direct hidden volume wizard mode) */ - int retCode; - WaitCursor (); - - if (hiddenVolHostDriveNo != -1) // If the hidden volume host is mounted - { - BOOL tmp_result; - - // Dismount the hidden volume host (in order to remount it as read-only subsequently) - CloseVolumeExplorerWindows (hwndDlg, hiddenVolHostDriveNo); - while (!(tmp_result = UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE))) - { - if (MessageBoxW (hwndDlg, GetString ("CANT_DISMOUNT_OUTER_VOL"), lpszTitle, MB_RETRYCANCEL | MB_ICONERROR | MB_SETFOREGROUND) != IDRETRY) - { - // Cancel - NormalCursor(); - return 1; - } - } - if (tmp_result) // If dismounted - hiddenVolHostDriveNo = -1; - } - - if (hiddenVolHostDriveNo < 0) // If the hidden volume host is not mounted - { - // Remount the hidden volume host as read-only (to ensure consistent and secure - // results of the volume bitmap scanning) - switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, hash_algo, volumePim, TRUE)) - { - case ERR_NO_FREE_DRIVES: - MessageBoxW (hwndDlg, GetString ("NO_FREE_DRIVE_FOR_OUTER_VOL"), lpszTitle, ICON_HAND); - NormalCursor (); - return 1; - - case ERR_VOL_MOUNT_FAILED: - case ERR_PASSWORD_WRONG: - NormalCursor (); - return 1; - - case 0: - - /* Hidden volume host successfully mounted as read-only */ - - // Verify that the outer volume contains a suitable file system, retrieve cluster size, and - // scan the volume bitmap - if (!IsAdmin () && IsUacSupported ()) - retCode = UacAnalyzeHiddenVolumeHost (hwndDlg, &hiddenVolHostDriveNo, GetVolumeDataAreaSize (FALSE, nHiddenVolHostSize), &realClusterSize, &nbrFreeClusters); - else - retCode = AnalyzeHiddenVolumeHost (hwndDlg, &hiddenVolHostDriveNo, GetVolumeDataAreaSize (FALSE, nHiddenVolHostSize), &realClusterSize, &nbrFreeClusters); - - switch (retCode) - { - case -1: // Fatal error - CloseVolumeExplorerWindows (hwndDlg, hiddenVolHostDriveNo); - - if (UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE)) - hiddenVolHostDriveNo = -1; - - AbortProcessSilent (); - break; - - case 0: // Unsupported file system (or other non-fatal error which has already been reported) - NormalCursor (); - return 1; - - case 1: // Success - { - BOOL tmp_result; - - // Determine the maximum possible size of the hidden volume - if (DetermineMaxHiddenVolSize (hwndDlg) < 1) - { - NormalCursor (); - goto ovf_end; - } - - /* Maximum possible size of the hidden volume successfully determined */ - - // Dismount the hidden volume host - while (!(tmp_result = UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE))) - { - if (MessageBoxW (hwndDlg, GetString ("CANT_DISMOUNT_OUTER_VOL"), lpszTitle, MB_RETRYCANCEL) != IDRETRY) - { - // Cancel - NormalCursor (); - goto ovf_end; - } - } - - // Prevent having to recreate the outer volume due to inadvertent exit - bConfirmQuit = TRUE; - - hiddenVolHostDriveNo = -1; - - nNewPageNo = HIDDEN_VOL_HOST_PRE_CIPHER_PAGE; - - // Clear the outer volume password - WipePasswordsAndKeyfiles (); - - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), TRUE); - NormalCursor (); - - } - break; - } - break; - } - } - } - } - - else if (nCurPageNo == DEVICE_WIPE_PAGE) - { - if (AskWarnOkCancel (bHiddenOS && IsHiddenOSRunning() ? "CONFIRM_WIPE_START_DECOY_SYS_PARTITION" : "CONFIRM_WIPE_START", hwndDlg) == IDOK) - { - WipeStart (); - ArrowWaitCursor(); - } - return 1; - } - - LoadPage (hwndDlg, nNewPageNo + 1); -ovf_end: - return 1; - } - else if (lw == IDC_PREV) - { - if (nCurPageNo == SYSENC_SPAN_PAGE) - { - // Skip irrelevant pages when going back - if (!bHiddenOS) - nNewPageNo = SYSENC_TYPE_PAGE + 1; - } - if (nCurPageNo == SYSENC_MULTI_BOOT_MODE_PAGE) - { - // Skip the drive analysis page(s) or other irrelevant pages when going back - if (bHiddenOS) - nNewPageNo = SYSENC_HIDDEN_OS_REQ_CHECK_PAGE + 1; - else if (bWholeSysDrive) - nNewPageNo = SYSENC_PRE_DRIVE_ANALYSIS_PAGE + 1; - else - nNewPageNo = SYSENC_SPAN_PAGE + 1; - } - else if (nCurPageNo == SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE) - { - if (SysEncMultiBootCfg.NumberOfSysDrives == 1) - { - // We can skip SYSENC_MULTI_BOOT_ADJACENT_SYS_PAGE (it is implied that there are multiple systems on the drive) - nNewPageNo = SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_PAGE + 1; - } - } - else if (nCurPageNo == HIDDEN_VOL_HOST_PRE_CIPHER_PAGE) - { - if (bHiddenOS) - { - if (!ChangeWizardMode (WIZARD_MODE_SYS_DEVICE)) - { - NormalCursor (); - return 1; - } - - // Skip irrelevant pages. - // Note that we're ignoring nMultiBoot here, as the multi-boot question pages are skipped - // when creating a hidden OS (only a single message box is displayed with requirements). - nNewPageNo = SYSENC_MULTI_BOOT_MODE_PAGE + 1; - } - else - { - nNewPageNo = VOLUME_LOCATION_PAGE + 1; - } - } - else if (nCurPageNo == HIDDEN_VOL_WIZARD_MODE_PAGE) - { - if (IsButtonChecked (GetDlgItem (hCurPage, IDC_HIDVOL_WIZ_MODE_DIRECT))) - bHiddenVolDirect = TRUE; - else - bHiddenVolDirect = FALSE; - } - else if (nCurPageNo == VOLUME_TYPE_PAGE) - { - if (WizardMode != WIZARD_MODE_SYS_DEVICE) - nNewPageNo = INTRO_PAGE + 1; // Skip irrelevant pages - } - else if (nCurPageNo == VOLUME_LOCATION_PAGE) - { - BOOL tmpbDevice; - - GetWindowText (GetDlgItem (hCurPage, IDC_COMBO_BOX), szFileName, ARRAYSIZE (szFileName)); - CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szFileName, &tmpbDevice); - - if (tmpbDevice == bDevice) - { - MoveEditToCombo (GetDlgItem (hCurPage, IDC_COMBO_BOX), bHistory); - SaveSettings (hCurPage); - } - - if (!bHiddenVol) - nNewPageNo = VOLUME_TYPE_PAGE + 1; // Skip the hidden volume creation wizard mode selection - } - - else if (nCurPageNo == CIPHER_PAGE) - { - LPARAM nIndex; - nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0); - nVolumeEA = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0); - - nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX_HASH_ALGO), CB_GETCURSEL, 0, 0); - hash_algo = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX_HASH_ALGO), CB_GETITEMDATA, nIndex, 0); - - RandSetHashFunction (hash_algo); - - if (WizardMode == WIZARD_MODE_SYS_DEVICE) - { - if (nMultiBoot > 1) - nNewPageNo = SYSENC_MULTI_BOOT_OUTCOME_PAGE + 1; // Skip irrelevant pages - else - nNewPageNo = SYSENC_MULTI_BOOT_MODE_PAGE + 1; // Skip irrelevant pages - } - else if (!bHiddenVol) - nNewPageNo = (bDevice ? DEVICE_TRANSFORM_MODE_PAGE : VOLUME_LOCATION_PAGE) + 1; - else if (bHiddenVolHost) - nNewPageNo = HIDDEN_VOL_HOST_PRE_CIPHER_PAGE + 1; // Skip the info on the hidden volume - } - - else if (nCurPageNo == SIZE_PAGE) - { - VerifySizeAndUpdate (hCurPage, TRUE); - } - - else if (nCurPageNo == FILESYS_PAGE) - { - if (nNeedToStoreFilesOver4GB != Get2RadButtonPageAnswer()) - fileSystem = FILESYS_NONE; // The user may have gone back and changed the answer, so default file system must be reselected - - nNeedToStoreFilesOver4GB = Get2RadButtonPageAnswer(); - - nNewPageNo = (PimEnable? PIM_PAGE : PASSWORD_PAGE) + 1; // Skip PIM page if it is not enabled - } - - else if (nCurPageNo == PASSWORD_PAGE) - { - // Store the password in case we need to restore it after keyfile is applied to it - GetPassword (hCurPage, IDC_PASSWORD, szRawPassword, sizeof (szRawPassword), FALSE); - - VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (MainDlg, IDC_NEXT), - GetDlgItem (hCurPage, IDC_PASSWORD), - GetDlgItem (hCurPage, IDC_VERIFY), - volumePassword.Text, - szVerify, - KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect ()); - - volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); - - - nNewPageNo = SIZE_PAGE + 1; // Skip the hidden volume host password page - - if (SysEncInEffect ()) - { - nNewPageNo = CIPHER_PAGE + 1; // Skip irrelevant pages - - KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); - - if (bKeyboardLayoutChanged) - { - // Restore the original keyboard layout - if (LoadKeyboardLayout (OrigKeyboardLayout, KLF_ACTIVATE | KLF_SUBSTITUTE_OK) == NULL) - Warning ("CANNOT_RESTORE_KEYBOARD_LAYOUT", hwndDlg); - else - bKeyboardLayoutChanged = FALSE; - } - } - else if (bInPlaceEncNonSys) - nNewPageNo = CIPHER_PAGE + 1; - } - - else if (nCurPageNo == PIM_PAGE) - { - volumePim = GetPim (hCurPage, IDC_PIM); - } - - else if (nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE - || nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) - { - // Store the password in case we need to restore it after keyfile is applied to it - GetPassword (hCurPage, IDC_PASSWORD_DIRECT, szRawPassword, MAX_PASSWORD + 1, FALSE); - - memcpy (volumePassword.Text, szRawPassword, MAX_PASSWORD + 1); - volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); - - if (!bInPlaceEncNonSys) - nNewPageNo = VOLUME_LOCATION_PAGE + 1; - } - - else if (nCurPageNo == SYSENC_COLLECTING_RANDOM_DATA_PAGE - || nCurPageNo == NONSYS_INPLACE_ENC_RAND_DATA_PAGE) - { - wchar_t tmp[RANDPOOL_DISPLAY_SIZE+1]; - - KillTimer (hwndDlg, TIMER_ID_RANDVIEW); - - // Attempt to wipe the GUI field showing portions of randpool - wmemset (tmp, L'X', ARRAYSIZE(tmp)); - tmp [ARRAYSIZE(tmp)-1] = 0; - SetWindowText (hRandPoolSys, tmp); - - nNewPageNo = (PimEnable? PIM_PAGE : PASSWORD_PAGE) + 1; // Skip irrelevant pages - } - - else if (nCurPageNo == SYSENC_KEYS_GEN_PAGE) - { - wchar_t tmp[KEY_GUI_VIEW_SIZE+1]; - - // Attempt to wipe the GUI fields showing portions of the master and header keys - wmemset (tmp, L'X', ARRAYSIZE(tmp)); - tmp [ARRAYSIZE(tmp)-1] = 0; - SetWindowText (hMasterKey, tmp); - SetWindowText (hHeaderKey, tmp); - } - - else if (nCurPageNo == SYSENC_WIPE_MODE_PAGE) - { - if (bDontVerifyRescueDisk) - nNewPageNo = SYSENC_RESCUE_DISK_VERIFIED_PAGE; // Skip irrelevant pages - } - - else if (nCurPageNo == FORMAT_PAGE) - { - wchar_t tmp[RNG_POOL_SIZE*2+1]; - - KillTimer (hwndDlg, TIMER_ID_RANDVIEW); - - // Attempt to wipe the GUI fields showing portions of randpool, of the master and header keys - wmemset (tmp, L'X', ARRAYSIZE(tmp)); - tmp [ARRAYSIZE(tmp)-1] = 0; - SetWindowText (hRandPool, tmp); - SetWindowText (hMasterKey, tmp); - SetWindowText (hHeaderKey, tmp); - - if (WizardMode != WIZARD_MODE_SYS_DEVICE) - { - // Skip irrelevant pages - - if (FileSize4GBLimitQuestionNeeded () - && !CreatingHiddenSysVol() // If we're creating a hidden volume for a hidden OS, we don't need to format it with any filesystem (the entire OS will be copied to the hidden volume sector by sector). - && !bInPlaceEncNonSys) - { - nNewPageNo = FILESYS_PAGE + 1; - } - else - nNewPageNo = (PimEnable? PIM_PAGE : PASSWORD_PAGE) + 1; - } - } - - LoadPage (hwndDlg, nNewPageNo - 1); - - return 1; - } - - return 0; - - case WM_ENDSESSION: - EndMainDlg (MainDlg); - localcleanup (); - return 0; - - case WM_CLOSE: - PostMessage (hwndDlg, TC_APPMSG_FORMAT_USER_QUIT, 0, 0); - return 1; - } - - return 0; -} - -void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine) -{ - wchar_t **lpszCommandLineArgs = NULL; /* Array of command line arguments */ - int nNoCommandLineArgs; /* The number of arguments in the array */ - - if (_wcsicmp (lpszCommandLine, L"-Embedding") == 0) - { - ComServerMode = TRUE; - return; - } - - /* Extract command line arguments */ - nNoCommandLineArgs = Win32CommandLine (&lpszCommandLineArgs); - if (nNoCommandLineArgs > 0) - { - int i; - - for (i = 0; i < nNoCommandLineArgs; i++) - { - enum - { - OptionHistory, - OptionNoIsoCheck, - OptionQuit, - OptionTokenLib, - CommandResumeSysEncLogOn, - CommandResumeSysEnc, - CommandDecryptSysEnc, - CommandEncDev, - CommandHiddenSys, - CommandResumeNonSysInplaceLogOn, - CommandResumeHiddenSys, - CommandSysEnc, - CommandInplaceDec, - CommandResumeInplaceDec, - CommandResumeInplace, - OptionEncryption, - OptionFilesystem, - OptionPkcs5, - OptionPassword, - OptionPim, - OptionSize, - OptionCreate, - OptionSilent, - OptionDynamic, - OptionForce, - }; - - argument args[]= - { - // Public - { OptionHistory, L"/history", L"/h", FALSE }, - { OptionNoIsoCheck, L"/noisocheck", L"/n", FALSE }, - { OptionTokenLib, L"/tokenlib", NULL, FALSE }, - { OptionQuit, L"/quit", L"/q", FALSE }, - { OptionEncryption, L"/encryption", NULL , FALSE }, - { OptionFilesystem, L"/filesystem", NULL , FALSE }, - { OptionPkcs5, L"/hash", NULL , FALSE }, - { OptionPassword, L"/password", NULL, FALSE }, - { OptionPim, L"/pim", NULL, FALSE }, - { OptionSize, L"/size", NULL, FALSE }, - { OptionCreate, L"/create", NULL, FALSE }, - { OptionSilent, L"/silent", NULL, FALSE }, - { OptionDynamic, L"/dynamic", NULL, FALSE }, - { OptionForce, L"/force", NULL, FALSE }, - - // Internal - { CommandResumeSysEncLogOn, L"/acsysenc", L"/a", TRUE }, - { CommandResumeSysEnc, L"/csysenc", L"/c", TRUE }, - { CommandDecryptSysEnc, L"/dsysenc", L"/d", TRUE }, - { CommandEncDev, L"/encdev", L"/e", TRUE }, - { CommandHiddenSys, L"/isysenc", L"/i", TRUE }, - { CommandResumeNonSysInplaceLogOn, L"/prinplace", L"/p", TRUE }, - { CommandResumeHiddenSys, L"/risysenc", L"/r", TRUE }, - { CommandSysEnc, L"/sysenc", L"/s", TRUE }, - { CommandInplaceDec, L"/inplacedec", NULL, TRUE }, - { CommandResumeInplaceDec, L"/resumeinplacedec",NULL, TRUE }, - { CommandResumeInplace, L"/zinplace", L"/z", TRUE } - }; - - argumentspec as; - - int x; - - if (lpszCommandLineArgs[i] == NULL) - continue; - - as.args = args; - as.arg_cnt = sizeof(args)/ sizeof(args[0]); - - x = GetArgumentID (&as, lpszCommandLineArgs[i]); - - switch (x) - { - case OptionCreate: - { - DirectCreationMode = TRUE; - - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, - szFileName, ARRAYSIZE (szFileName))) - { - RelativePath2Absolute (szFileName); - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - break; - case OptionEncryption: - { - wchar_t szTmp[64] = {0}; - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, - &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) - { - CmdVolumeEA = EAGetByName (szTmp); - if (CmdVolumeEA == 0) - AbortProcess ("COMMAND_LINE_ERROR"); - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - break; - case OptionFilesystem: - { - wchar_t szTmp[8] = {0}; - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, - &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) - { - if (_wcsicmp(szTmp, L"NONE") == 0) - CmdVolumeFilesystem = FILESYS_NONE; - else if (_wcsicmp(szTmp, L"FAT32") == 0 || _wcsicmp(szTmp, L"FAT") == 0) - CmdVolumeFilesystem = FILESYS_FAT; - else if (_wcsicmp(szTmp, L"NTFS") == 0) - CmdVolumeFilesystem = FILESYS_NTFS; - else if (IsOSVersionAtLeast (WIN_VISTA, 1) && _wcsicmp(szTmp, L"EXFAT") == 0) - CmdVolumeFilesystem = FILESYS_EXFAT; - else - { - AbortProcess ("COMMAND_LINE_ERROR"); - } - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - break; - case OptionPassword: - { - wchar_t szTmp[MAX_PASSWORD + 1]; - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, - szTmp, ARRAYSIZE (szTmp))) - { - int iLen = WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, (LPSTR) CmdVolumePassword.Text, MAX_PASSWORD + 1, NULL, NULL); - burn (szTmp, sizeof (szTmp)); - if (iLen > 0) - CmdVolumePassword.Length = (unsigned __int32) (iLen - 1); - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - break; - case OptionPkcs5: - { - wchar_t szTmp[32] = {0}; - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, - &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) - { - if (_wcsicmp(szTmp, L"sha512") == 0 || _wcsicmp(szTmp, L"sha-512") == 0) - CmdVolumePkcs5 = SHA512; - else if (_wcsicmp(szTmp, L"whirlpool") == 0) - CmdVolumePkcs5 = WHIRLPOOL; - else if (_wcsicmp(szTmp, L"sha256") == 0 || _wcsicmp(szTmp, L"sha-256") == 0) - CmdVolumePkcs5 = SHA256; - else if (_wcsicmp(szTmp, L"ripemd160") == 0 || _wcsicmp(szTmp, L"ripemd-160") == 0) - CmdVolumePkcs5 = RIPEMD160; - else - { - CmdVolumePkcs5 = 0; - AbortProcess ("COMMAND_LINE_ERROR"); - } - - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - break; - - case OptionPim: - { - wchar_t szTmp[32] = {0}; - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, - &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) - { - wchar_t* endPtr = NULL; - CmdVolumePim = (int) wcstol(szTmp, &endPtr, 0); - if (CmdVolumePim < 0 || CmdVolumePim > MAX_PIM_VALUE || endPtr == szTmp || *endPtr != L'\0') - { - CmdVolumePim = 0; - AbortProcess ("COMMAND_LINE_ERROR"); - } - - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - break; - case OptionSilent: - Silent = TRUE; - break; - case OptionDynamic: - CmdSparseFileSwitch = TRUE; - break; - case OptionForce: - bForceOperation = TRUE; - break; - case OptionSize: - { - wchar_t szTmp[32] = {0}; - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, - &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp)) - && (wcslen (szTmp) >= 2) - ) - { - /* size can be expressed in bytes or with suffixes K, M,G or T - * to indicate the unit to use - */ - unsigned __int64 multiplier; - wchar_t* endPtr = NULL; - wchar_t lastChar = szTmp [wcslen (szTmp) - 1]; - if (lastChar >= L'0' && lastChar <= L'9') - multiplier = 1; - else if (lastChar == L'K' || lastChar == L'k') - multiplier = BYTES_PER_KB; - else if (lastChar == L'M' || lastChar == L'm') - multiplier = BYTES_PER_MB; - else if (lastChar == L'G' || lastChar == L'g') - multiplier = BYTES_PER_GB; - else if (lastChar == L'T' || lastChar == L't') - multiplier = BYTES_PER_TB; - else - AbortProcess ("COMMAND_LINE_ERROR"); - - if (multiplier != 1) - szTmp [wcslen (szTmp) - 1] = 0; - - CmdVolumeFileSize = _wcstoui64(szTmp, &endPtr, 0); - if (CmdVolumeFileSize == 0 || CmdVolumeFileSize == _UI64_MAX - || endPtr == szTmp || *endPtr != L'\0') - { - AbortProcess ("COMMAND_LINE_ERROR"); - } - - CmdVolumeFileSize *= multiplier; - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - break; - case CommandSysEnc: - // Encrypt system partition/drive (passed by Mount if system encryption hasn't started or to reverse decryption) - - // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption - if (CreateSysEncMutex ()) - { - bDirectSysEncMode = TRUE; - bDirectSysEncModeCommand = SYSENC_COMMAND_ENCRYPT; - ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); - } - else - { - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); - exit(0); - } - - break; - - case CommandDecryptSysEnc: - // Decrypt system partition/drive (passed by Mount, also to reverse encryption in progress, when paused) - - // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption - if (CreateSysEncMutex ()) - { - bDirectSysEncMode = TRUE; - bDirectSysEncModeCommand = SYSENC_COMMAND_DECRYPT; - ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); - } - else - { - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); - exit(0); - } - break; - - case CommandHiddenSys: - // Create a hidden operating system (passed by Mount when the user selects System -> Create Hidden Operating System) - - // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption - if (CreateSysEncMutex ()) - { - bDirectSysEncMode = TRUE; - bDirectSysEncModeCommand = SYSENC_COMMAND_CREATE_HIDDEN_OS; - ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); - } - else - { - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); - exit(0); - } - - break; - - case CommandResumeHiddenSys: - // Resume process of creation of a hidden operating system (passed by Wizard when the user needs to UAC-elevate the whole wizard process) - - // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption - if (CreateSysEncMutex ()) - { - bDirectSysEncMode = TRUE; - bDirectSysEncModeCommand = SYSENC_COMMAND_CREATE_HIDDEN_OS_ELEV; - ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); - } - else - { - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); - exit(0); - } - - break; - - case CommandResumeSysEnc: - // Resume previous system-encryption operation (passed by Mount) e.g. encryption, decryption, or pretest - - // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption - if (CreateSysEncMutex ()) - { - bDirectSysEncMode = TRUE; - bDirectSysEncModeCommand = SYSENC_COMMAND_RESUME; - ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); - } - else - { - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); - exit(0); - } - break; - - case CommandResumeSysEncLogOn: - // Same as csysenc but passed only by the system (from the startup sequence) - - // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption - if (CreateSysEncMutex ()) - { - bDirectSysEncMode = TRUE; - bDirectSysEncModeCommand = SYSENC_COMMAND_STARTUP_SEQ_RESUME; - ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); - } - else - { - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); - exit(0); - } - break; - - case CommandEncDev: - // Resume process of creation of a non-sys-device-hosted volume (passed by Wizard when the user needs to UAC-elevate) - DirectDeviceEncMode = TRUE; - break; - - case CommandInplaceDec: - // Start (not resume) decrypting the specified non-system volume in place - { - wchar_t szTmp [TC_MAX_PATH + 8000] = {0}; - - GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp)); - - if (wcslen (szTmp) < 1) - { - // No valid volume path specified as command-line parameter - AbortProcess ("ERR_PARAMETER_INCORRECT"); - } - - memset (szFileName, 0, sizeof (szFileName)); - StringCbCopyW (szFileName, sizeof (szFileName), szTmp); - DirectNonSysInplaceDecStartMode = TRUE; - } - break; - - case CommandResumeInplace: - // Resume interrupted process of non-system in-place encryption of a partition - DirectNonSysInplaceEncResumeMode = TRUE; - break; - - case CommandResumeInplaceDec: - // Resume interrupted process of non-system in-place decryption of a partition - DirectNonSysInplaceDecResumeMode = TRUE; - break; - - case CommandResumeNonSysInplaceLogOn: - // Ask the user whether to resume interrupted process of non-system in-place encryption of a partition - // This switch is passed only by the system (from the startup sequence). - DirectPromptNonSysInplaceEncResumeMode = TRUE; - break; - - case OptionNoIsoCheck: - bDontVerifyRescueDisk = TRUE; - break; - - case OptionHistory: - { - wchar_t szTmp[8] = {0}; - bHistory = bHistoryCmdLine = TRUE; - - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, - szTmp, ARRAYSIZE (szTmp))) - { - if (!_wcsicmp(szTmp,L"y") || !_wcsicmp(szTmp,L"yes")) - { - bHistory = TRUE; - } - - else if (!_wcsicmp(szTmp,L"n") || !_wcsicmp(szTmp,L"no")) - { - bHistory = FALSE; - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - } - break; - - case OptionTokenLib: - if (GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, SecurityTokenLibraryPath, ARRAYSIZE (SecurityTokenLibraryPath)) == HAS_ARGUMENT) - InitSecurityTokenLibrary(hwndDlg); - else - AbortProcess ("COMMAND_LINE_ERROR"); - - break; - - case OptionQuit: - { - // Used to indicate non-install elevation - wchar_t szTmp[32]; - if (GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp)) != HAS_ARGUMENT) - AbortProcess ("COMMAND_LINE_ERROR"); - } - break; - - default: - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_COMMANDHELP_DLG), hwndDlg, (DLGPROC) - CommandHelpDlgProc, (LPARAM) &as); - - exit(0); - } - } - } - - /* Free up the command line arguments */ - while (--nNoCommandLineArgs >= 0) - { - free (lpszCommandLineArgs[nNoCommandLineArgs]); - } - - if (lpszCommandLineArgs) - free (lpszCommandLineArgs); -} - - -int DetermineMaxHiddenVolSize (HWND hwndDlg) -{ - __int64 nbrReserveBytes; - - if (nbrFreeClusters * realClusterSize < TC_MIN_HIDDEN_VOLUME_SIZE) - { - MessageBoxW (hwndDlg, GetString ("NO_SPACE_FOR_HIDDEN_VOL"), lpszTitle, ICON_HAND); - UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE); - AbortProcessSilent (); - } - - // Add a reserve (in case the user mounts the outer volume and creates new files - // on it by accident or OS writes some new data behind his or her back, such as - // System Restore etc.) - nbrReserveBytes = GetVolumeDataAreaSize (FALSE, nHiddenVolHostSize) / 200; - if (nbrReserveBytes > BYTES_PER_MB * 10) - nbrReserveBytes = BYTES_PER_MB * 10; - - // Compute the final value - - nMaximumHiddenVolSize = nbrFreeClusters * realClusterSize - TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE - nbrReserveBytes; - nMaximumHiddenVolSize -= nMaximumHiddenVolSize % realClusterSize; // Must be a multiple of the sector size - - if (nMaximumHiddenVolSize < TC_MIN_HIDDEN_VOLUME_SIZE) - { - MessageBoxW (hwndDlg, GetString ("NO_SPACE_FOR_HIDDEN_VOL"), lpszTitle, ICON_HAND); - UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE); - AbortProcessSilent (); - } - - // Prepare the hidden volume size parameters - if (nMaximumHiddenVolSize < BYTES_PER_MB) - nMultiplier = BYTES_PER_KB; - else if (nMaximumHiddenVolSize < BYTES_PER_GB) - nMultiplier = BYTES_PER_MB; - else if (nMaximumHiddenVolSize < BYTES_PER_TB) - nMultiplier = BYTES_PER_GB; - else - nMultiplier = BYTES_PER_TB; - - nUIVolumeSize = 0; // Set the initial value for the hidden volume size input field to the max - nVolumeSize = nUIVolumeSize * nMultiplier; // Chop off possible remainder - - return 1; -} - - -// Tests whether the file system of the given volume is suitable to host a hidden volume, -// retrieves the cluster size, and scans the volume cluster bitmap. In addition, checks -// the TrueCrypt volume format version and the type of volume. -int AnalyzeHiddenVolumeHost (HWND hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *pnbrFreeClusters) -{ - HANDLE hDevice; - DWORD bytesReturned; - DWORD dwSectorsPerCluster, dwBytesPerSector, dwNumberOfFreeClusters, dwTotalNumberOfClusters; - DWORD dwResult; - int result; - wchar_t szFileSystemNameBuffer[256]; - wchar_t tmpPath[7] = {L'\\',L'\\',L'.',L'\\',(wchar_t) *driveNo + L'A',L':',0}; - wchar_t szRootPathName[4] = {(wchar_t) *driveNo + L'A', L':', L'\\', 0}; - BYTE readBuffer[TC_MAX_VOLUME_SECTOR_SIZE * 2]; - LARGE_INTEGER offset, offsetNew; - VOLUME_PROPERTIES_STRUCT volProp; - - memset (&volProp, 0, sizeof(volProp)); - volProp.driveNo = *driveNo; - if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &volProp, sizeof (volProp), &volProp, sizeof (volProp), &dwResult, NULL) || dwResult == 0) - { - handleWin32Error (hwndDlg, SRC_POS); - Error ("CANT_ACCESS_OUTER_VOL", hwndDlg); - goto efsf_error; - } - - if (volProp.volFormatVersion < TC_VOLUME_FORMAT_VERSION) - { - // We do not support creating hidden volumes within volumes created by TrueCrypt 5.1a or earlier. - Error ("ERR_VOL_FORMAT_BAD", hwndDlg); - return 0; - } - - if (volProp.hiddenVolume) - { - // The user entered a password for a hidden volume - Error ("ERR_HIDDEN_NOT_NORMAL_VOLUME", hwndDlg); - return 0; - } - - if (volProp.volumeHeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC - || volProp.volumeHeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM) - { - Warning ("ERR_HIDDEN_VOL_HOST_ENCRYPTED_INPLACE", hwndDlg); - return 0; - } - - hDevice = CreateFile (tmpPath, GENERIC_READ, FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (hDevice == INVALID_HANDLE_VALUE) - { - MessageBoxW (hwndDlg, GetString ("CANT_ACCESS_OUTER_VOL"), lpszTitle, ICON_HAND); - goto efsf_error; - } - - offset.QuadPart = 0; - - if (SetFilePointerEx (hDevice, offset, &offsetNew, FILE_BEGIN) == 0) - { - handleWin32Error (hwndDlg, SRC_POS); - goto efs_error; - } - - result = ReadFile (hDevice, &readBuffer, TC_MAX_VOLUME_SECTOR_SIZE, &bytesReturned, NULL); - - if (result == 0) - { - handleWin32Error (hwndDlg, SRC_POS); - MessageBoxW (hwndDlg, GetString ("CANT_ACCESS_OUTER_VOL"), lpszTitle, ICON_HAND); - goto efs_error; - } - - CloseHandle (hDevice); - hDevice = INVALID_HANDLE_VALUE; - - // Determine file system type - - GetVolumeInformation(szRootPathName, NULL, 0, NULL, NULL, NULL, szFileSystemNameBuffer, ARRAYSIZE(szFileSystemNameBuffer)); - - // The Windows API sometimes fails to indentify the file system correctly so we're using "raw" analysis too. - if (!wcsncmp (szFileSystemNameBuffer, L"FAT", 3) - || (readBuffer[0x36] == 'F' && readBuffer[0x37] == 'A' && readBuffer[0x38] == 'T') - || (readBuffer[0x52] == 'F' && readBuffer[0x53] == 'A' && readBuffer[0x54] == 'T')) - { - // FAT12/FAT16/FAT32 - - // Retrieve the cluster size - *realClusterSize = ((int) readBuffer[0xb] + ((int) readBuffer[0xc] << 8)) * (int) readBuffer[0xd]; - - // Get the map of the clusters that are free and in use on the outer volume. - // The map will be scanned to determine the size of the uninterrupted block of free - // space (provided there is any) whose end is aligned with the end of the volume. - // The value will then be used to determine the maximum possible size of the hidden volume. - - return ScanVolClusterBitmap (hwndDlg, - driveNo, - hiddenVolHostSize / *realClusterSize, - pnbrFreeClusters); - } - else if (!wcsncmp (szFileSystemNameBuffer, L"NTFS", 4) || !_wcsnicmp (szFileSystemNameBuffer, L"exFAT", 5)) - { - // NTFS - bool bIsNtfs = (0 == wcsncmp (szFileSystemNameBuffer, L"NTFS", 4)); - - if (nCurrentOS == WIN_2000) - { - Error("HIDDEN_VOL_HOST_UNSUPPORTED_FILESYS_WIN2000", hwndDlg); - return 0; - } - - if (bIsNtfs && bHiddenVolDirect && GetVolumeDataAreaSize (FALSE, hiddenVolHostSize) <= TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize()) - Info ("HIDDEN_VOL_HOST_NTFS", hwndDlg); - - if (!GetDiskFreeSpace(szRootPathName, - &dwSectorsPerCluster, - &dwBytesPerSector, - &dwNumberOfFreeClusters, - &dwTotalNumberOfClusters)) - { - handleWin32Error (hwndDlg, SRC_POS); - Error ("CANT_GET_OUTER_VOL_INFO", hwndDlg); - return -1; - }; - - *realClusterSize = dwBytesPerSector * dwSectorsPerCluster; - - // Get the map of the clusters that are free and in use on the outer volume. - // The map will be scanned to determine the size of the uninterrupted block of free - // space (provided there is any) whose end is aligned with the end of the volume. - // The value will then be used to determine the maximum possible size of the hidden volume. - - return ScanVolClusterBitmap (hwndDlg, - driveNo, - hiddenVolHostSize / *realClusterSize, - pnbrFreeClusters); - } - else - { - // Unsupported file system - - Error ((nCurrentOS == WIN_2000) ? "HIDDEN_VOL_HOST_UNSUPPORTED_FILESYS_WIN2000" : "HIDDEN_VOL_HOST_UNSUPPORTED_FILESYS", hwndDlg); - return 0; - } - -efs_error: - CloseHandle (hDevice); - -efsf_error: - CloseVolumeExplorerWindows (hwndDlg, *driveNo); - - return -1; -} - - -// Mounts a volume within which the user intends to create a hidden volume -int MountHiddenVolHost (HWND hwndDlg, wchar_t *volumePath, int *driveNo, Password *password, int pkcs5_prf, int pim, BOOL bReadOnly) -{ - MountOptions mountOptions; - ZeroMemory (&mountOptions, sizeof (mountOptions)); - - *driveNo = GetLastAvailableDrive (); - - if (*driveNo == -1) - { - *driveNo = -2; - return ERR_NO_FREE_DRIVES; - } - - mountOptions.ReadOnly = bReadOnly; - mountOptions.Removable = ConfigReadInt ("MountVolumesRemovable", FALSE); - mountOptions.ProtectHiddenVolume = FALSE; - mountOptions.PreserveTimestamp = bPreserveTimestamp; - mountOptions.PartitionInInactiveSysEncScope = FALSE; - mountOptions.UseBackupHeader = FALSE; - - if (MountVolume (hwndDlg, *driveNo, volumePath, password, pkcs5_prf, pim, FALSE, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1) - { - *driveNo = -3; - return ERR_VOL_MOUNT_FAILED; - } - return 0; -} - - -/* Gets the map of the clusters that are free and in use on a volume that is to host - a hidden volume. The map is scanned to determine the size of the uninterrupted - area of free space (provided there is any) whose end is aligned with the end - of the volume. The value will then be used to determine the maximum possible size - of the hidden volume. */ -int ScanVolClusterBitmap (HWND hwndDlg, int *driveNo, __int64 nbrClusters, __int64 *nbrFreeClusters) -{ - PVOLUME_BITMAP_BUFFER lpOutBuffer; - STARTING_LCN_INPUT_BUFFER lpInBuffer; - - HANDLE hDevice; - DWORD lBytesReturned; - BYTE rmnd; - wchar_t tmpPath[7] = {L'\\',L'\\',L'.',L'\\', (wchar_t) *driveNo + L'A', L':', 0}; - - DWORD bufLen; - __int64 bitmapCnt; - - hDevice = CreateFile (tmpPath, GENERIC_READ, FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); - - if (hDevice == INVALID_HANDLE_VALUE) - { - MessageBoxW (hwndDlg, GetString ("CANT_ACCESS_OUTER_VOL"), lpszTitle, ICON_HAND); - goto vcmf_error; - } - - bufLen = (DWORD) (nbrClusters / 8 + 2 * sizeof(LARGE_INTEGER)); - bufLen += 100000 + bufLen/10; // Add reserve - - lpOutBuffer = (PVOLUME_BITMAP_BUFFER) malloc (bufLen); - - if (lpOutBuffer == NULL) - { - MessageBoxW (hwndDlg, GetString ("ERR_MEM_ALLOC"), lpszTitle, ICON_HAND); - goto vcm_error; - } - - lpInBuffer.StartingLcn.QuadPart = 0; - - if ( !DeviceIoControl (hDevice, - FSCTL_GET_VOLUME_BITMAP, - &lpInBuffer, - sizeof(lpInBuffer), - lpOutBuffer, - bufLen, - &lBytesReturned, - NULL)) - { - handleWin32Error (hwndDlg, SRC_POS); - MessageBoxW (hwndDlg, GetString ("CANT_GET_CLUSTER_BITMAP"), lpszTitle, ICON_HAND); - - goto vcm_error; - } - - rmnd = (BYTE) (lpOutBuffer->BitmapSize.QuadPart % 8); - - if ((rmnd != 0) - && ((lpOutBuffer->Buffer[lpOutBuffer->BitmapSize.QuadPart / 8] & ((1 << rmnd)-1) ) != 0)) - { - *nbrFreeClusters = 0; - } - else - { - *nbrFreeClusters = lpOutBuffer->BitmapSize.QuadPart; - bitmapCnt = lpOutBuffer->BitmapSize.QuadPart / 8; - - // Scan the bitmap from the end - while (--bitmapCnt >= 0) - { - if (lpOutBuffer->Buffer[bitmapCnt] != 0) - { - // There might be up to 7 extra free clusters in this byte of the bitmap. - // These are ignored because there is always a cluster reserve added anyway. - *nbrFreeClusters = lpOutBuffer->BitmapSize.QuadPart - ((bitmapCnt + 1) * 8); - break; - } - } - } - - CloseHandle (hDevice); - free(lpOutBuffer); - return 1; - -vcm_error: - CloseHandle (hDevice); - if (lpOutBuffer) free(lpOutBuffer); - -vcmf_error: - return -1; -} - - -// Wipe the hidden OS config flag bits in the MBR -static BOOL WipeHiddenOSCreationConfig (void) -{ - if (!IsHiddenOSRunning()) - { - try - { - WaitCursor(); - finally_do ({ NormalCursor(); }); - - BootEncObj->WipeHiddenOSCreationConfig(); - } - catch (Exception &e) - { - e.Show (MainDlg); - return FALSE; - } - } - - return TRUE; -} - - -// Tasks that need to be performed after the WM_INITDIALOG message for the SYSENC_ENCRYPTION_PAGE dialog is -// handled should be done here (otherwise the UAC prompt causes the GUI to be only half-rendered). -static void AfterSysEncProgressWMInitTasks (HWND hwndDlg) -{ - try - { - switch (SystemEncryptionStatus) - { - case SYSENC_STATUS_ENCRYPTING: - - if (BootEncStatus.ConfiguredEncryptedAreaStart == BootEncStatus.EncryptedAreaStart - && BootEncStatus.ConfiguredEncryptedAreaEnd == BootEncStatus.EncryptedAreaEnd) - { - // The partition/drive had been fully encrypted - - ManageStartupSeqWiz (TRUE, L""); - WipeHiddenOSCreationConfig(); // For extra conservative security - ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); - - Info ("SYSTEM_ENCRYPTION_FINISHED", hwndDlg); - EndMainDlg (MainDlg); - return; - } - else - { - SysEncResume (); - } - - break; - - case SYSENC_STATUS_DECRYPTING: - SysEncResume (); - break; - - default: - - // Unexpected mode here -- fix the inconsistency - - ManageStartupSeqWiz (TRUE, L""); - ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); - EndMainDlg (MainDlg); - InconsistencyResolved (SRC_POS); - return; - } - } - catch (Exception &e) - { - e.Show (hwndDlg); - EndMainDlg (MainDlg); - return; - } - - InitSysEncProgressBar (); - - UpdateSysEncProgressBar (); - - UpdateSysEncControls (); -} - - -// Tasks that need to be performed after the WM_INITDIALOG message is handled must be done here. -// For example, any tasks that may invoke the UAC prompt (otherwise the UAC dialog box would not be on top). -static void AfterWMInitTasks (HWND hwndDlg) -{ - // Note that if bDirectSysEncModeCommand is not SYSENC_COMMAND_NONE, we already have the mutex. - - // SYSENC_COMMAND_DECRYPT has the highest priority because it also performs uninstallation (restores the - // original contents of the first drive cylinder, etc.) so it must be attempted regardless of the phase - // or content of configuration files. - if (bDirectSysEncModeCommand == SYSENC_COMMAND_DECRYPT) - { - if (IsHiddenOSRunning()) - { - Warning ("CANNOT_DECRYPT_HIDDEN_OS", hwndDlg); - AbortProcessSilent(); - } - - // Add the wizard to the system startup sequence - ManageStartupSeqWiz (FALSE, L"/acsysenc"); - - ChangeSystemEncryptionStatus (SYSENC_STATUS_DECRYPTING); - LoadPage (hwndDlg, SYSENC_ENCRYPTION_PAGE); - return; - } - - - if (SystemEncryptionStatus == SYSENC_STATUS_ENCRYPTING - || SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING) - { - try - { - BootEncStatus = BootEncObj->GetStatus(); - - if (!BootEncStatus.DriveMounted) - { - if (!BootEncStatus.DeviceFilterActive) - { - // This is an inconsistent state. SystemEncryptionStatus should never be SYSENC_STATUS_ENCRYPTING - // or SYSENC_STATUS_DECRYPTING when the drive filter is not active. Possible causes: 1) corrupted - // or stale config file, 2) corrupted system - - // Fix the inconsistency - ManageStartupSeqWiz (TRUE, L""); - ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); - EndMainDlg (MainDlg); - InconsistencyResolved (SRC_POS); - return; - } - else if (bDirectSysEncMode) - { - // This is an inconsistent state. We have a direct system encryption command, - // SystemEncryptionStatus is SYSENC_STATUS_ENCRYPTING or SYSENC_STATUS_DECRYPTING, the - // system drive is not 'mounted' and drive filter is active. Possible causes: 1) The drive had - // been decrypted in the pre-boot environment. 2) The OS is not located on the lowest partition, - // the drive is to be fully encrypted, but the user rebooted before encryption reached the - // system partition and then pressed Esc in the boot loader screen. 3) Corrupted or stale config - // file. 4) Damaged system. - - Warning ("SYSTEM_ENCRYPTION_SCHEDULED_BUT_PBA_FAILED", hwndDlg); - EndMainDlg (MainDlg); - return; - } - } - } - catch (Exception &e) - { - e.Show (MainDlg); - } - } - - - if (SystemEncryptionStatus != SYSENC_STATUS_PRETEST) - { - // Handle system encryption command line arguments (if we're not in the Pretest phase). - // Note that if bDirectSysEncModeCommand is not SYSENC_COMMAND_NONE, we already have the mutex. - // Also note that SYSENC_COMMAND_DECRYPT is handled above. - - switch (bDirectSysEncModeCommand) - { - case SYSENC_COMMAND_RESUME: - case SYSENC_COMMAND_STARTUP_SEQ_RESUME: - - if (bDirectSysEncModeCommand == SYSENC_COMMAND_STARTUP_SEQ_RESUME - && AskWarnYesNo ("SYSTEM_ENCRYPTION_RESUME_PROMPT", hwndDlg) == IDNO) - { - EndMainDlg (MainDlg); - return; - } - - if (SysEncryptionOrDecryptionRequired ()) - { - if (SystemEncryptionStatus != SYSENC_STATUS_ENCRYPTING - && SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING) - { - // If the config file with status was lost or not written correctly, we - // don't know whether to encrypt or decrypt (but we know that encryption or - // decryption is required). Ask the user to select encryption, decryption, - // or cancel - if (!ResolveUnknownSysEncDirection ()) - { - EndMainDlg (MainDlg); - return; - } - } - - LoadPage (hwndDlg, SYSENC_ENCRYPTION_PAGE); - return; - } - else - { - // Nothing to resume - Warning ("NO_SYS_ENC_PROCESS_TO_RESUME", hwndDlg); - EndMainDlg (MainDlg); - - return; - } - break; - - case SYSENC_COMMAND_ENCRYPT: - - if (SysDriveOrPartitionFullyEncrypted (FALSE)) - { - Info ("SYS_PARTITION_OR_DRIVE_APPEARS_FULLY_ENCRYPTED", hwndDlg); - EndMainDlg (MainDlg); - return; - } - - if (SysEncryptionOrDecryptionRequired ()) - { - // System partition/drive encryption process already initiated but is incomplete. - // If we were encrypting, resume the process directly. If we were decrypting, reverse - // the process and start encrypting. - - ChangeSystemEncryptionStatus (SYSENC_STATUS_ENCRYPTING); - LoadPage (hwndDlg, SYSENC_ENCRYPTION_PAGE); - return; - } - else - { - // Initiate the Pretest preparation phase - if (!SwitchWizardToSysEncMode ()) - { - bDirectSysEncMode = FALSE; - EndMainDlg (MainDlg); - } - return; - } - - break; - - case SYSENC_COMMAND_CREATE_HIDDEN_OS_ELEV: - case SYSENC_COMMAND_CREATE_HIDDEN_OS: - - if (!SwitchWizardToHiddenOSMode ()) - { - bDirectSysEncMode = FALSE; - EndMainDlg (MainDlg); - } - return; - } - } - - - if (!bDirectSysEncMode - || bDirectSysEncMode && SystemEncryptionStatus == SYSENC_STATUS_NONE) - { - // Handle system encryption cases where the wizard did not start even though it - // was added to the startup sequence, as well as other weird cases and "leftovers" - - if (SystemEncryptionStatus != SYSENC_STATUS_NONE - && SystemEncryptionStatus != SYSENC_STATUS_PRETEST - && SysEncryptionOrDecryptionRequired ()) - { - // System encryption/decryption had been in progress and did not finish - - if (CreateSysEncMutex ()) // If no other instance is currently taking care of system encryption - { - if (AskWarnYesNo ("SYSTEM_ENCRYPTION_RESUME_PROMPT", hwndDlg) == IDYES) - { - bDirectSysEncMode = TRUE; - ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); - LoadPage (hwndDlg, SYSENC_ENCRYPTION_PAGE); - return; - } - else - CloseSysEncMutex (); - } - } - - else if (SystemEncryptionStatus == SYSENC_STATUS_PRETEST) - { - // System pretest had been in progress but we were not launched during the startup seq - - if (CreateSysEncMutex ()) // If no other instance is currently taking care of system encryption - { - // The pretest has "priority handling" - bDirectSysEncMode = TRUE; - ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); - - /* Do not return yet -- the principal pretest handler is below. */ - } - } - - else if ((SystemEncryptionStatus == SYSENC_STATUS_NONE || SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING) - && !BootEncStatus.DriveEncrypted - && (BootEncStatus.DriveMounted || BootEncStatus.VolumeHeaderPresent)) - { - // The pretest may have been in progress but we can't be sure (it is not in the config file). - // Another possibility is that the user had finished decrypting the drive, but the config file - // was not correctly updated. In both cases the best thing we can do is remove the header and - // deinstall. Otherwise, the result might be some kind of deadlock. - - if (CreateSysEncMutex ()) // If no other instance is currently taking care of system encryption - { - WaitCursor (); - - ForceRemoveSysEnc(); - - InconsistencyResolved (SRC_POS); - - NormalCursor(); - CloseSysEncMutex (); - } - } - } - - if (bDirectSysEncMode && CreateSysEncMutex ()) - { - // We were launched either by Mount or by the system (startup sequence). Most of such cases should have - // been handled above already. Here we handle only the pretest phase (which can also be a hidden OS - // creation phase actually) and possible inconsistencies. - - switch (SystemEncryptionStatus) - { - case SYSENC_STATUS_PRETEST: - { - unsigned int hiddenOSCreationPhase = DetermineHiddenOSCreationPhase(); - - bHiddenOS = (hiddenOSCreationPhase != TC_HIDDEN_OS_CREATION_PHASE_NONE); - - // Evaluate the results of the system encryption pretest (or of the hidden OS creation process) - - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (hwndDlg); - Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", hwndDlg); - EndMainDlg (MainDlg); - return; - } - - if (BootEncStatus.DriveMounted) - { - /* Pretest successful or hidden OS has been booted during the process of hidden OS creation. */ - - switch (hiddenOSCreationPhase) - { - case TC_HIDDEN_OS_CREATION_PHASE_NONE: - - // Pretest successful (or the hidden OS has been booted for the first time since the user started installing a new decoy OS) - - if (IsHiddenOSRunning()) - { - // The hidden OS has been booted for the first time since the user started installing a - // new decoy OS (presumably, our MBR config flags have been erased). - - // As for things we are responsible for, the process of hidden OS creation is completed - // (the rest is up to the user). - - ManageStartupSeqWiz (TRUE, L""); - ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); - - EndMainDlg (MainDlg); - - return; - } - - // Pretest successful (no hidden operating system involved) - - LoadPage (hwndDlg, SYSENC_PRETEST_RESULT_PAGE); - return; - - case TC_HIDDEN_OS_CREATION_PHASE_WIPING: - - // Hidden OS has been booted when we are supposed to wipe the original OS - - LoadPage (hwndDlg, SYSENC_HIDDEN_OS_INITIAL_INFO_PAGE); - return; - - case TC_HIDDEN_OS_CREATION_PHASE_WIPED: - - // Hidden OS has been booted and the original OS wiped. Now the user is required to install a new, decoy, OS. - - TextInfoDialogBox (TC_TBXID_DECOY_OS_INSTRUCTIONS); - - EndMainDlg (MainDlg); - return; - - default: - - // Unexpected/unknown status - ReportUnexpectedState (SRC_POS); - EndMainDlg (MainDlg); - return; - } - } - else - { - BOOL bAnswerTerminate = FALSE, bAnswerRetry = FALSE; - - /* Pretest failed - or hidden OS cloning has been interrupted (and non-hidden OS is running) - or wiping of the original OS has not been started (and non-hidden OS is running) */ - - if (hiddenOSCreationPhase == TC_HIDDEN_OS_CREATION_PHASE_NONE) - { - // Pretest failed (no hidden operating system involved) - - if (AskWarnYesNo ("BOOT_PRETEST_FAILED_RETRY", hwndDlg) == IDYES) - { - // User wants to retry the pretest - bAnswerTerminate = FALSE; - bAnswerRetry = TRUE; - } - else - { - // User doesn't want to retry the pretest - bAnswerTerminate = TRUE; - bAnswerRetry = FALSE; - } - } - else - { - // Hidden OS cloning was interrupted or wiping of the original OS has not been started - - char *tmpStr[] = {0, - hiddenOSCreationPhase == TC_HIDDEN_OS_CREATION_PHASE_WIPING ? "OS_WIPING_NOT_FINISHED_ASK" : "HIDDEN_OS_CREATION_NOT_FINISHED_ASK", - "HIDDEN_OS_CREATION_NOT_FINISHED_CHOICE_RETRY", - "HIDDEN_OS_CREATION_NOT_FINISHED_CHOICE_TERMINATE", - "HIDDEN_OS_CREATION_NOT_FINISHED_CHOICE_ASK_LATER", - 0}; - - switch (AskMultiChoice ((void **) tmpStr, FALSE, hwndDlg)) - { - case 1: - // User wants to restart and continue/retry - bAnswerTerminate = FALSE; - bAnswerRetry = TRUE; - break; - - case 2: - // User doesn't want to retry but wants to terminate the entire process of hidden OS creation - bAnswerTerminate = TRUE; - bAnswerRetry = FALSE; - break; - - default: - // User doesn't want to do anything now - bAnswerTerminate = FALSE; - bAnswerRetry = FALSE; - } - } - - - if (bAnswerRetry) - { - // User wants to restart and retry the pretest (or hidden OS creation) - - // We re-register the driver for boot because the user may have selected - // "Last Known Good Configuration" from the Windows boot menu. - // Note that we need to do this even when creating a hidden OS (because - // the hidden OS needs our boot driver and it will be a clone of this OS). - try - { - BootEncObj->RegisterBootDriver (bHiddenOS ? true : false); - } - catch (Exception &e) - { - e.Show (NULL); - } - - if (AskWarnYesNo ("CONFIRM_RESTART", hwndDlg) == IDYES) - { - EndMainDlg (MainDlg); - - try - { - BootEncObj->RestartComputer (); - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - - return; - } - - EndMainDlg (MainDlg); - return; - } - else if (bAnswerTerminate) - { - // User doesn't want to retry pretest (or OS cloning), but to terminate the entire process - - try - { - BootEncObj->Deinstall (true); - } - catch (Exception &e) - { - e.Show (hwndDlg); - AbortProcessSilent(); - } - - ManageStartupSeqWiz (TRUE, L""); - ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); - EndMainDlg (MainDlg); - return; - } - else - { - // User doesn't want to take any action now - - AbortProcessSilent(); - } - } - } - break; - - default: - - // Unexpected progress status -- fix the inconsistency - - ManageStartupSeqWiz (TRUE, L""); - ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); - EndMainDlg (MainDlg); - InconsistencyResolved (SRC_POS); - return; - } - } - else - { - if (DirectDeviceEncMode) - { - SwitchWizardToNonSysDeviceMode(); - return; - } - - if (DirectPromptNonSysInplaceEncResumeMode - && !bInPlaceEncNonSysPending) - { - // This instance of the wizard has been launched via the system startup sequence to prompt for resume of - // a non-system in-place encryption/decryption process. However, no config file indicates that any such process - // has been interrupted. This inconsistency may occur, for example, when the process is finished - // but the wizard is not removed from the startup sequence because system encryption is in progress. - // Therefore, we remove it from the startup sequence now if possible. - - if (!IsNonInstallMode () && SystemEncryptionStatus == SYSENC_STATUS_NONE) - ManageStartupSeqWiz (TRUE, L""); - - AbortProcessSilent (); - } - - BOOL bDecrypt = FALSE; - - if (DirectNonSysInplaceDecStartMode) - { - SwitchWizardToNonSysInplaceDecStartMode (szFileName); - return; - } - else if (DirectNonSysInplaceEncResumeMode || DirectNonSysInplaceDecResumeMode) - { - SwitchWizardToNonSysInplaceEncResumeMode (DirectNonSysInplaceDecResumeMode); - return; - } - else if (DirectPromptNonSysInplaceEncResumeMode) - { - if (NonSysInplaceEncInProgressElsewhere ()) - AbortProcessSilent (); - - if (AskNonSysInPlaceEncryptionResume(hwndDlg, &bDecrypt) == IDYES) - SwitchWizardToNonSysInplaceEncResumeMode(bDecrypt); - else - AbortProcessSilent (); - - return; - } - else if (bInPlaceEncNonSysPending - && !NonSysInplaceEncInProgressElsewhere () - && AskNonSysInPlaceEncryptionResume(hwndDlg, &bDecrypt) == IDYES) - { - SwitchWizardToNonSysInplaceEncResumeMode(bDecrypt); - return; - } - - LoadPage (hwndDlg, INTRO_PAGE); - } -} - -int WINAPI wWinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, wchar_t *lpszCommandLine, int nCmdShow) -{ - int status; - atexit (localcleanup); - - VirtualLock (&volumePassword, sizeof(volumePassword)); - VirtualLock (szVerify, sizeof(szVerify)); - VirtualLock (szRawPassword, sizeof(szRawPassword)); - VirtualLock (&volumePim, sizeof(volumePim)); - VirtualLock (&CmdVolumePassword, sizeof (CmdVolumePassword)); - - VirtualLock (MasterKeyGUIView, sizeof(MasterKeyGUIView)); - VirtualLock (HeaderKeyGUIView, sizeof(HeaderKeyGUIView)); - - VirtualLock (randPool, sizeof(randPool)); - VirtualLock (lastRandPool, sizeof(lastRandPool)); - VirtualLock (outRandPoolDispBuffer, sizeof(outRandPoolDispBuffer)); - VirtualLock (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); - VirtualLock (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); - VirtualLock (maskRandPool, sizeof(maskRandPool)); - - VirtualLock (&szFileName, sizeof(szFileName)); - VirtualLock (&szDiskFile, sizeof(szDiskFile)); - - DetectX86Features (); - - try - { - BootEncObj = new BootEncryption (NULL); - } - catch (Exception &e) - { - e.Show (NULL); - } - - if (BootEncObj == NULL) - AbortProcess ("INIT_SYS_ENC"); - - InitApp (hInstance, lpszCommandLine); - - // Write block size greater than 64 KB causes a performance drop when writing to files on XP/Vista - if (!IsOSAtLeast (WIN_7)) - FormatWriteBufferSize = 64 * 1024; - -#if TC_MAX_VOLUME_SECTOR_SIZE > 64 * 1024 -#error TC_MAX_VOLUME_SECTOR_SIZE > 64 * 1024 -#endif - - nPbar = IDC_PROGRESS_BAR; - - if (Randinit ()) - { - DWORD dwLastError = GetLastError (); - wchar_t szTmp[4096]; - if (CryptoAPILastError == ERROR_SUCCESS) - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("INIT_RAND"), SRC_POS, dwLastError); - else - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CAPI_RAND"), SRC_POS, CryptoAPILastError); - AbortProcessDirect (szTmp); - } - - RegisterRedTick(hInstance); - - /* Allocate, dup, then store away the application title */ - lpszTitle = GetString ("IDD_VOL_CREATION_WIZARD_DLG"); - - status = DriverAttach (); - if (status != 0) - { - if (status == ERR_OS_ERROR) - handleWin32Error (NULL, SRC_POS); - else - handleError (NULL, status, SRC_POS); - - AbortProcess ("NODRIVER"); - } - - if (!AutoTestAlgorithms()) - AbortProcess ("ERR_SELF_TESTS_FAILED"); - - /* Create the main dialog box */ - DialogBoxParamW (hInstance, MAKEINTRESOURCEW (IDD_VOL_CREATION_WIZARD_DLG), NULL, (DLGPROC) MainDialogProc, - (LPARAM)lpszCommandLine); - - FinalizeApp (); - return 0; -} - - -static DWORD GetFormatSectorSize () -{ - if (!bDevice) - return TC_SECTOR_SIZE_FILE_HOSTED_VOLUME; - - DISK_GEOMETRY geometry; - - if (!GetDriveGeometry (szDiskFile, &geometry)) - { - handleWin32Error (MainDlg, SRC_POS); - AbortProcessSilent(); - } - - return geometry.BytesPerSector; -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" + +#include +#include +#include +#include +#include +#include +#include + +#include "Crypto.h" +#include "cpu.h" +#include "Apidrvr.h" +#include "Dlgcode.h" +#include "Language.h" +#include "Combo.h" +#include "Registry.h" +#include "Boot/Windows/BootDefs.h" +#include "Common/Common.h" +#include "Common/BootEncryption.h" +#include "Common/Dictionary.h" +#include "Common/Endian.h" +#include "Common/resource.h" +#include "Common/Pkcs5.h" +#include "Platform/Finally.h" +#include "Platform/ForEach.h" +#include "Random.h" +#include "Fat.h" +#include "InPlace.h" +#include "Resource.h" +#include "TcFormat.h" +#include "Format.h" +#include "FormatCom.h" +#include "Password.h" +#include "Progress.h" +#include "Tests.h" +#include "Cmdline.h" +#include "Volumes.h" +#include "Wipe.h" +#include "Xml.h" + +#include + +using namespace VeraCrypt; + +enum wizard_pages +{ + /* IMPORTANT: IF YOU ADD/REMOVE/MOVE ANY PAGES THAT ARE RELATED TO SYSTEM ENCRYPTION, + REVISE THE 'DECOY_OS_INSTRUCTIONS_PORTION_??' STRINGS! */ + + INTRO_PAGE, + SYSENC_TYPE_PAGE, + SYSENC_HIDDEN_OS_REQ_CHECK_PAGE, + SYSENC_SPAN_PAGE, + SYSENC_PRE_DRIVE_ANALYSIS_PAGE, + SYSENC_DRIVE_ANALYSIS_PAGE, + SYSENC_MULTI_BOOT_MODE_PAGE, + SYSENC_MULTI_BOOT_SYS_EQ_BOOT_PAGE, + SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_PAGE, + SYSENC_MULTI_BOOT_ADJACENT_SYS_PAGE, + SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE, + SYSENC_MULTI_BOOT_OUTCOME_PAGE, + VOLUME_TYPE_PAGE, + HIDDEN_VOL_WIZARD_MODE_PAGE, + VOLUME_LOCATION_PAGE, + DEVICE_TRANSFORM_MODE_PAGE, + HIDDEN_VOL_HOST_PRE_CIPHER_PAGE, + HIDDEN_VOL_PRE_CIPHER_PAGE, + CIPHER_PAGE, + SIZE_PAGE, + HIDDEN_VOL_HOST_PASSWORD_PAGE, + PASSWORD_PAGE, + PIM_PAGE, + FILESYS_PAGE, + SYSENC_COLLECTING_RANDOM_DATA_PAGE, + SYSENC_KEYS_GEN_PAGE, + SYSENC_RESCUE_DISK_CREATION_PAGE, + SYSENC_RESCUE_DISK_BURN_PAGE, + SYSENC_RESCUE_DISK_VERIFIED_PAGE, + SYSENC_WIPE_MODE_PAGE, + SYSENC_PRETEST_INFO_PAGE, + SYSENC_PRETEST_RESULT_PAGE, + SYSENC_ENCRYPTION_PAGE, + NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE, + NONSYS_INPLACE_ENC_RESUME_PARTITION_SEL_PAGE, + NONSYS_INPLACE_ENC_RAND_DATA_PAGE, + NONSYS_INPLACE_ENC_WIPE_MODE_PAGE, + NONSYS_INPLACE_ENC_TRANSFORM_PAGE, + NONSYS_INPLACE_ENC_TRANSFORM_FINISHED_PAGE, + NONSYS_INPLACE_DEC_TRANSFORM_FINISHED_DRIVE_LETTER_PAGE, + FORMAT_PAGE, + FORMAT_FINISHED_PAGE, + SYSENC_HIDDEN_OS_INITIAL_INFO_PAGE, + SYSENC_HIDDEN_OS_WIPE_INFO_PAGE, + DEVICE_WIPE_MODE_PAGE, + DEVICE_WIPE_PAGE +}; + +#define TIMER_INTERVAL_RANDVIEW 30 +#define TIMER_INTERVAL_SYSENC_PROGRESS 30 +#define TIMER_INTERVAL_NONSYS_INPLACE_ENC_PROGRESS 30 +#define TIMER_INTERVAL_SYSENC_DRIVE_ANALYSIS_PROGRESS 100 +#define TIMER_INTERVAL_WIPE_PROGRESS 30 +#define TIMER_INTERVAL_KEYB_LAYOUT_GUARD 10 + +enum sys_encryption_cmd_line_switches +{ + SYSENC_COMMAND_NONE = 0, + SYSENC_COMMAND_RESUME, + SYSENC_COMMAND_STARTUP_SEQ_RESUME, + SYSENC_COMMAND_ENCRYPT, + SYSENC_COMMAND_DECRYPT, + SYSENC_COMMAND_CREATE_HIDDEN_OS, + SYSENC_COMMAND_CREATE_HIDDEN_OS_ELEV +}; + +typedef struct +{ + int NumberOfSysDrives; // Number of drives that contain an operating system. -1: unknown, 1: one, 2: two or more + int MultipleSystemsOnDrive; // Multiple systems are installed on the drive where the currently running system resides. -1: unknown, 0: no, 1: yes + int BootLoaderLocation; // Boot loader (boot manager) installed in: 1: MBR/1st cylinder, 0: partition/bootsector: -1: unknown + int BootLoaderBrand; // -1: unknown, 0: Microsoft Windows, 1: any non-Windows boot manager/loader + int SystemOnBootDrive; // If the currently running operating system is installed on the boot drive. -1: unknown, 0: no, 1: yes +} SYSENC_MULTIBOOT_CFG; + +#define SYSENC_PAUSE_RETRY_INTERVAL 100 +#define SYSENC_PAUSE_RETRIES 200 + +// Expected duration of system drive analysis, in ms +#define SYSENC_DRIVE_ANALYSIS_ETA (4*60000) + +BootEncryption *BootEncObj = NULL; +BootEncryptionStatus BootEncStatus; + +HWND hCurPage = NULL; /* Handle to current wizard page */ +int nCurPageNo = -1; /* The current wizard page */ +int nLastPageNo = -1; +volatile int WizardMode = DEFAULT_VOL_CREATION_WIZARD_MODE; /* IMPORTANT: Never change this value directly -- always use ChangeWizardMode() instead. */ +volatile BOOL bHiddenOS = FALSE; /* If TRUE, we are performing or (or supposed to perform) actions relating to an operating system installed in a hidden volume (i.e., encrypting a decoy OS partition or creating the outer/hidden volume for the hidden OS). To determine or set the phase of the process, call ChangeHiddenOSCreationPhase() and DetermineHiddenOSCreationPhase()) */ +BOOL bDirectSysEncMode = FALSE; +BOOL bDirectSysEncModeCommand = SYSENC_COMMAND_NONE; +BOOL DirectDeviceEncMode = FALSE; +BOOL DirectNonSysInplaceDecStartMode = FALSE; +BOOL DirectNonSysInplaceEncResumeMode = FALSE; +BOOL DirectNonSysInplaceDecResumeMode = FALSE; +BOOL DirectPromptNonSysInplaceEncResumeMode = FALSE; +BOOL DirectCreationMode = FALSE; + +volatile BOOL bInPlaceEncNonSys = FALSE; /* If TRUE, existing data on a non-system partition/volume are to be encrypted (or decrypted if bInPlaceDecNonSys is TRUE) in place (for system encryption, this flag is ignored) */ +volatile BOOL bInPlaceDecNonSys = FALSE; /* If TRUE, existing data on a non-system partition/volume are to be decrypted in place (for system encryption, this flag is ignored) */ +volatile BOOL bInPlaceEncNonSysResumed = FALSE; /* If TRUE, the wizard is supposed to resume (or has resumed) process of non-system in-place encryption/decryption. */ +volatile BOOL bFirstNonSysInPlaceEncResumeDone = FALSE; +__int64 NonSysInplaceEncBytesDone = 0; +__int64 NonSysInplaceEncTotalSize = 0; +BOOL bDeviceTransformModeChoiceMade = FALSE; /* TRUE if the user has at least once manually selected the 'in-place' or 'format' option (on the 'device transform mode' page). */ +int nNeedToStoreFilesOver4GB = 0; /* Whether the user wants to be able to store files larger than 4GB on the volume: -1 = Undecided or error, 0 = No, 1 = Yes */ +int nVolumeEA = 1; /* Default encryption algorithm */ +BOOL bSystemEncryptionInProgress = FALSE; /* TRUE when encrypting/decrypting the system partition/drive (FALSE when paused). */ +BOOL bWholeSysDrive = FALSE; /* Whether to encrypt the entire system drive or just the system partition. */ +static BOOL bSystemEncryptionStatusChanged = FALSE; /* TRUE if this instance changed the value of SystemEncryptionStatus (it's set to FALSE each time the system encryption settings are saved to the config file). This value is to be treated as protected -- only the wizard can change this value (others may only read it). */ +volatile BOOL bSysEncDriveAnalysisInProgress = FALSE; +volatile BOOL bSysEncDriveAnalysisTimeOutOccurred = FALSE; +int SysEncDetectHiddenSectors = -1; /* Whether the user wants us to detect and encrypt the Host Protect Area (if any): -1 = Undecided or error, 0 = No, 1 = Yes */ +int SysEncDriveAnalysisStart; +BOOL bDontVerifyRescueDisk = FALSE; +BOOL bFirstSysEncResumeDone = FALSE; +int nMultiBoot = 0; /* The number of operating systems installed on the computer, according to the user. 0: undetermined, 1: one, 2: two or more */ +volatile BOOL bHiddenVol = FALSE; /* If true, we are (or will be) creating a hidden volume. */ +volatile BOOL bHiddenVolHost = FALSE; /* If true, we are (or will be) creating the host volume (called "outer") for a hidden volume. */ +volatile BOOL bHiddenVolDirect = FALSE; /* If true, the wizard omits creating a host volume in the course of the process of hidden volume creation. */ +volatile BOOL bHiddenVolFinished = FALSE; +int hiddenVolHostDriveNo = -1; /* Drive letter for the volume intended to host a hidden volume. */ +BOOL bRemovableHostDevice = FALSE; /* TRUE when creating a device/partition-hosted volume on a removable device. State undefined when creating file-hosted volumes. */ +int realClusterSize; /* Parameter used when determining the maximum possible size of a hidden volume. */ +int hash_algo = DEFAULT_HASH_ALGORITHM; /* Which PRF to use in header key derivation (PKCS #5) and in the RNG. */ +unsigned __int64 nUIVolumeSize = 0; /* The volume size. Important: This value is not in bytes. It has to be multiplied by nMultiplier. Do not use this value when actually creating the volume (it may chop off sector size, if it is not a multiple of 1024 bytes). */ +unsigned __int64 nVolumeSize = 0; /* The volume size, in bytes. */ +unsigned __int64 nHiddenVolHostSize = 0; /* Size of the hidden volume host, in bytes */ +__int64 nMaximumHiddenVolSize = 0; /* Maximum possible size of the hidden volume, in bytes */ +__int64 nbrFreeClusters = 0; +__int64 nMultiplier = BYTES_PER_MB; /* Size selection multiplier. */ +wchar_t szFileName[TC_MAX_PATH+1]; /* The file selected by the user */ +wchar_t szDiskFile[TC_MAX_PATH+1]; /* Fully qualified name derived from szFileName */ +wchar_t szRescueDiskISO[TC_MAX_PATH+1]; /* The filename and path to the Rescue Disk ISO file to be burned (for boot encryption) */ +BOOL bDeviceWipeInProgress = FALSE; +volatile BOOL bTryToCorrectReadErrors = FALSE; +volatile BOOL DiscardUnreadableEncryptedSectors = FALSE; + +volatile BOOL bVolTransformThreadCancel = FALSE; /* TRUE if the user cancels/pauses volume encryption/format */ +volatile BOOL bVolTransformThreadRunning = FALSE; /* Is the volume encryption/format thread running */ +volatile BOOL bVolTransformThreadToRun = FALSE; /* TRUE if the Format/Encrypt button has been clicked and we are proceeding towards launching the thread. */ + +volatile BOOL bConfirmQuit = FALSE; /* If TRUE, the user is asked to confirm exit when he clicks the X icon, Exit, etc. */ +volatile BOOL bConfirmQuitSysEncPretest = FALSE; + +BOOL bDevice = FALSE; /* Is this a partition volume ? */ + +BOOL showKeys = FALSE; +volatile HWND hMasterKey = NULL; /* Text box showing hex dump of the master key */ +volatile HWND hHeaderKey = NULL; /* Text box showing hex dump of the header key */ +volatile HWND hRandPool = NULL; /* Text box showing hex dump of the random pool */ +volatile HWND hRandPoolSys = NULL; /* Text box showing hex dump of the random pool for system encryption */ +volatile HWND hPasswordInputField = NULL; /* Password input field */ +volatile HWND hVerifyPasswordInputField = NULL; /* Verify-password input field */ + +HBITMAP hbmWizardBitmapRescaled = NULL; + +wchar_t OrigKeyboardLayout [8+1] = L"00000409"; +BOOL bKeyboardLayoutChanged = FALSE; /* TRUE if the keyboard layout was changed to the standard US keyboard layout (from any other layout). */ +BOOL bKeybLayoutAltKeyWarningShown = FALSE; /* TRUE if the user has been informed that it is not possible to type characters by pressing keys while the right Alt key is held down. */ + +#ifndef _DEBUG + BOOL bWarnDeviceFormatAdvanced = TRUE; +#else + BOOL bWarnDeviceFormatAdvanced = FALSE; +#endif + +BOOL bWarnOuterVolSuitableFileSys = TRUE; + +Password volumePassword; /* User password */ +char szVerify[MAX_PASSWORD + 1]; /* Tmp password buffer */ +char szRawPassword[MAX_PASSWORD + 1]; /* Password before keyfile was applied to it */ + +int volumePim = 0; + +BOOL bHistoryCmdLine = FALSE; /* History control is always disabled */ +BOOL ComServerMode = FALSE; + + +Password CmdVolumePassword = {0}; /* Password passed from command line */ +int CmdVolumeEA = 0; +int CmdVolumePkcs5 = 0; +int CmdVolumePim = 0; +int CmdVolumeFilesystem = FILESYS_NONE; +unsigned __int64 CmdVolumeFileSize = 0; +BOOL CmdSparseFileSwitch = FALSE; + +BOOL bForceOperation = FALSE; + +BOOL bOperationSuccess = FALSE; + +BOOL bGuiMode = TRUE; + +int nPbar = 0; /* Control ID of progress bar:- for format code */ + +wchar_t HeaderKeyGUIView [KEY_GUI_VIEW_SIZE]; +wchar_t MasterKeyGUIView [KEY_GUI_VIEW_SIZE]; + +#define RANDPOOL_DISPLAY_COLUMNS 15 +#define RANDPOOL_DISPLAY_ROWS 8 +#define RANDPOOL_DISPLAY_BYTE_PORTION (RANDPOOL_DISPLAY_COLUMNS * RANDPOOL_DISPLAY_ROWS) +#define RANDPOOL_DISPLAY_SIZE (RANDPOOL_DISPLAY_BYTE_PORTION * 3 + RANDPOOL_DISPLAY_ROWS + 2) +unsigned char randPool [RANDPOOL_DISPLAY_BYTE_PORTION]; +unsigned char lastRandPool [RANDPOOL_DISPLAY_BYTE_PORTION]; +static unsigned char maskRandPool [RANDPOOL_DISPLAY_BYTE_PORTION]; +static BOOL bUseMask = FALSE; +static DWORD mouseEntropyGathered = 0xFFFFFFFF; +static DWORD mouseEventsInitialCount = 0; +/* max value of entropy needed to fill all random pool = 8 * RNG_POOL_SIZE = 2560 bits */ +static const DWORD maxEntropyLevel = RNG_POOL_SIZE * 8; +static HWND hEntropyBar = NULL; +wchar_t outRandPoolDispBuffer [RANDPOOL_DISPLAY_SIZE]; +BOOL bDisplayPoolContents = TRUE; + +volatile BOOL bSparseFileSwitch = FALSE; +volatile BOOL quickFormat = FALSE; /* WARNING: Meaning of this variable depends on bSparseFileSwitch. If bSparseFileSwitch is TRUE, this variable represents the sparse file flag. */ +volatile int fileSystem = FILESYS_NONE; +volatile int clusterSize = 0; + +SYSENC_MULTIBOOT_CFG SysEncMultiBootCfg; +wchar_t SysEncMultiBootCfgOutcome [4096] = {L'N',L'/',L'A',0}; +volatile int NonSysInplaceEncStatus = NONSYS_INPLACE_ENC_STATUS_NONE; + +vector DeferredNonSysInPlaceEncDevices; + +// specific definitions and implementation for support of resume operation +// in wait dialog mechanism + +void CALLBACK ResumeInPlaceEncWaitThreadProc(void* pArg, HWND hwndDlg) +{ + wchar_t szDevicePath[MAX_PATH] = {0}; + RawDevicesDlgParam param; + param.devices = GetAvailableHostDevices (false, true, false); + param.pszFileName = szDevicePath; + + DeferredNonSysInPlaceEncDevices.clear(); + + if ((IDOK == DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_RAWDEVICES_DLG), hwndDlg, + (DLGPROC) RawDevicesDlgProc, (LPARAM) ¶m)) && wcslen(szDevicePath)) + { + foreach (const HostDevice &device, param.devices) + { + if (device.Path == szDevicePath) + { + OpenVolumeContext volume; + int status = OpenVolume (&volume, device.Path.c_str(), &volumePassword, hash_algo, volumePim, FALSE, FALSE, FALSE, TRUE); + + if ( status == ERR_SUCCESS) + { + if ((volume.CryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) != 0 + && volume.CryptoInfo->EncryptedAreaLength.Value != volume.CryptoInfo->VolumeSize.Value) + { + DeferredNonSysInPlaceEncDevices.push_back (device); + } + else if (volume.CryptoInfo->EncryptedAreaLength.Value == volume.CryptoInfo->VolumeSize.Value) + { + WCHAR szMsg[1024]; + StringCbPrintfW(szMsg, sizeof(szMsg), GetString ("SELECTED_PARTITION_ALREADY_INPLACE_ENC"), + volume.CryptoInfo->HeaderFlags); + ErrorDirect(szMsg, hwndDlg); + } + else + { + WCHAR szMsg[1024]; + StringCbPrintfW(szMsg, sizeof(szMsg), GetString ("SELECTED_PARTITION_NOT_INPLACE_ENC"), + volume.CryptoInfo->HeaderFlags); + ErrorDirect(szMsg, hwndDlg); + } + + CloseVolume (&volume); + } + else + { + handleError(hwndDlg, status, SRC_POS); + } + + break; + } + } + } + else + { + foreach (const HostDevice &device, param.devices) + { + if ( !device.ContainsSystem + && (device.IsPartition || device.DynamicVolume || device.IsVirtualPartition || device.Partitions.empty()) + ) + { + + OpenVolumeContext volume; + + if (OpenVolume (&volume, device.Path.c_str(), &volumePassword, hash_algo, volumePim, FALSE, FALSE, FALSE, TRUE) == ERR_SUCCESS) + { + if ((volume.CryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) != 0 + && volume.CryptoInfo->EncryptedAreaLength.Value != volume.CryptoInfo->VolumeSize.Value) + { + DeferredNonSysInPlaceEncDevices.push_back (device); + } + + CloseVolume (&volume); + } + } + } + } +} + + +static BOOL ElevateWholeWizardProcess (wstring arguments) +{ + wchar_t modPath[MAX_PATH]; + + if (IsAdmin()) + return TRUE; + + if (!IsUacSupported()) + return IsAdmin(); + + GetModuleFileName (NULL, modPath, ARRAYSIZE (modPath)); + + while (true) + { + if ((int)ShellExecute (MainDlg, L"runas", modPath, (wstring(L"/q UAC ") + arguments).c_str(), NULL, SW_SHOWNORMAL) > 32) + { + exit (0); + } + else + { + if (IDRETRY == ErrorRetryCancel ("UAC_INIT_ERROR", MainDlg)) + continue; + return FALSE; + } + } +} + +static void WipePasswordsAndKeyfiles (void) +{ + wchar_t tmp[MAX_PASSWORD+1]; + + // Attempt to wipe passwords stored in the input field buffers + wmemset (tmp, L'X', MAX_PASSWORD); + tmp [MAX_PASSWORD] = 0; + SetWindowText (hPasswordInputField, tmp); + SetWindowText (hVerifyPasswordInputField, tmp); + + burn (&szVerify[0], sizeof (szVerify)); + burn (&volumePassword, sizeof (volumePassword)); + burn (&szRawPassword[0], sizeof (szRawPassword)); + burn (&volumePim, sizeof (volumePim)); + burn (&CmdVolumePassword, sizeof (CmdVolumePassword)); + burn (&CmdVolumePim, sizeof (CmdVolumePim)); + + SetWindowText (hPasswordInputField, L""); + SetWindowText (hVerifyPasswordInputField, L""); + + KeyFileRemoveAll (&FirstKeyFile); + KeyFileRemoveAll (&defaultKeyFilesParam.FirstKeyFile); +} + +static void localcleanup (void) +{ + wchar_t tmp[RANDPOOL_DISPLAY_SIZE+1]; + + // System encryption + + if (WizardMode == WIZARD_MODE_SYS_DEVICE + && InstanceHasSysEncMutex ()) + { + try + { + BootEncStatus = BootEncObj->GetStatus(); + + if (BootEncStatus.SetupInProgress) + { + BootEncObj->AbortSetup (); + } + } + catch (...) + { + // NOP + } + } + + // Mon-system in-place encryption + + if (bInPlaceEncNonSys && (bVolTransformThreadRunning || bVolTransformThreadToRun)) + { + NonSysInplaceEncPause (); + } + + CloseNonSysInplaceEncMutex (); + + + // Device wipe + + if (bDeviceWipeInProgress) + WipeAbort(); + + + WipePasswordsAndKeyfiles (); + + RandStop (TRUE); + + burn (HeaderKeyGUIView, sizeof(HeaderKeyGUIView)); + burn (MasterKeyGUIView, sizeof(MasterKeyGUIView)); + burn (randPool, sizeof(randPool)); + burn (lastRandPool, sizeof(lastRandPool)); + burn (outRandPoolDispBuffer, sizeof(outRandPoolDispBuffer)); + burn (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); + burn (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); + burn (maskRandPool, sizeof(maskRandPool)); + burn (szFileName, sizeof(szFileName)); + burn (szDiskFile, sizeof(szDiskFile)); + + // Attempt to wipe the GUI fields showing portions of randpool, of the master and header keys + wmemset (tmp, L'X', ARRAYSIZE(tmp)); + tmp [ARRAYSIZE(tmp)-1] = 0; + SetWindowText (hRandPool, tmp); + SetWindowText (hRandPoolSys, tmp); + SetWindowText (hMasterKey, tmp); + SetWindowText (hHeaderKey, tmp); + + UnregisterRedTick (hInst); + + // Delete buffered bitmaps (if any) + if (hbmWizardBitmapRescaled != NULL) + { + DeleteObject ((HGDIOBJ) hbmWizardBitmapRescaled); + hbmWizardBitmapRescaled = NULL; + } + + // Cleanup common code resources + cleanup (); + + if (BootEncObj != NULL) + { + delete BootEncObj; + BootEncObj = NULL; + } +} + +static BOOL CALLBACK BroadcastSysEncCfgUpdateCallb (HWND hwnd, LPARAM lParam) +{ + LONG_PTR userDataVal = GetWindowLongPtrW (hwnd, GWLP_USERDATA); + if ((userDataVal == (LONG_PTR) 'VERA') || (userDataVal == (LONG_PTR) 'TRUE')) // Prior to 1.0e, 'TRUE' was used for VeraCrypt dialogs + { + wchar_t name[1024] = { 0 }; + GetWindowText (hwnd, name, ARRAYSIZE (name) - 1); + if (hwnd != MainDlg && wcsstr (name, L"VeraCrypt")) + { + PostMessage (hwnd, TC_APPMSG_SYSENC_CONFIG_UPDATE, 0, 0); + } + } + return TRUE; +} + +static BOOL BroadcastSysEncCfgUpdate (void) +{ + BOOL bSuccess = FALSE; + EnumWindows (BroadcastSysEncCfgUpdateCallb, (LPARAM) &bSuccess); + return bSuccess; +} + +// IMPORTANT: This function may be called only by Format (other modules can only _read_ the system encryption config). +// Returns TRUE if successful (otherwise FALSE) +static BOOL SaveSysEncSettings (HWND hwndDlg) +{ + FILE *f; + + if (!bSystemEncryptionStatusChanged) + return TRUE; + + if (hwndDlg == NULL && MainDlg != NULL) + hwndDlg = MainDlg; + + if (!CreateSysEncMutex ()) + return FALSE; // Only one instance that has the mutex can modify the system encryption settings + + if (SystemEncryptionStatus == SYSENC_STATUS_NONE) + { + if (_wremove (GetConfigPath (TC_APPD_FILENAME_SYSTEM_ENCRYPTION)) != 0) + { + Error ("CANNOT_SAVE_SYS_ENCRYPTION_SETTINGS", hwndDlg); + return FALSE; + } + + bSystemEncryptionStatusChanged = FALSE; + BroadcastSysEncCfgUpdate (); + return TRUE; + } + + f = _wfopen (GetConfigPath (TC_APPD_FILENAME_SYSTEM_ENCRYPTION), L"w,ccs=UTF-8"); + if (f == NULL) + { + Error ("CANNOT_SAVE_SYS_ENCRYPTION_SETTINGS", hwndDlg); + handleWin32Error (hwndDlg, SRC_POS); + return FALSE; + } + + if (XmlWriteHeader (f) < 0 + + || fputws (L"\n\t", f) < 0 + + || fwprintf (f, L"\n\t\t%d", SystemEncryptionStatus) < 0 + + || fwprintf (f, L"\n\t\t%d", (int) nWipeMode) < 0 + + || fputws (L"\n\t", f) < 0 + + || XmlWriteFooter (f) < 0) + { + handleWin32Error (hwndDlg, SRC_POS); + fclose (f); + Error ("CANNOT_SAVE_SYS_ENCRYPTION_SETTINGS", hwndDlg); + return FALSE; + } + + TCFlushFile (f); + + fclose (f); + + bSystemEncryptionStatusChanged = FALSE; + BroadcastSysEncCfgUpdate (); + + return TRUE; +} + +// WARNING: This function may take a long time to finish +static unsigned int DetermineHiddenOSCreationPhase (void) +{ + unsigned int phase = TC_HIDDEN_OS_CREATION_PHASE_NONE; + + try + { + phase = BootEncObj->GetHiddenOSCreationPhase(); + } + catch (Exception &e) + { + e.Show (MainDlg); + AbortProcess("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS"); + } + + return phase; +} + +// IMPORTANT: This function may be called only by Format (other modules can only _read_ the status). +// Returns TRUE if successful (otherwise FALSE) +static BOOL ChangeHiddenOSCreationPhase (int newPhase) +{ + if (!CreateSysEncMutex ()) + { + Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); + return FALSE; + } + + try + { + BootEncObj->SetHiddenOSCreationPhase (newPhase); + } + catch (Exception &e) + { + e.Show (MainDlg); + return FALSE; + } + + //// The contents of the following items might be inappropriate after a change of the phase + //szFileName[0] = 0; + //szDiskFile[0] = 0; + //nUIVolumeSize = 0; + //nVolumeSize = 0; + + return TRUE; +} + +// IMPORTANT: This function may be called only by Format (other modules can only _read_ the system encryption status). +// Returns TRUE if successful (otherwise FALSE) +static BOOL ChangeSystemEncryptionStatus (int newStatus) +{ + if (!CreateSysEncMutex ()) + { + Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); + return FALSE; // Only one instance that has the mutex can modify the system encryption settings + } + + SystemEncryptionStatus = newStatus; + bSystemEncryptionStatusChanged = TRUE; + + if (newStatus == SYSENC_STATUS_ENCRYPTING) + { + // If the user has created a hidden OS and now is creating a decoy OS, we must wipe the hidden OS + // config area in the MBR. + WipeHiddenOSCreationConfig(); + } + + if (newStatus == SYSENC_STATUS_NONE && !IsHiddenOSRunning()) + { + if (DetermineHiddenOSCreationPhase() != TC_HIDDEN_OS_CREATION_PHASE_NONE + && !ChangeHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_NONE)) + return FALSE; + + WipeHiddenOSCreationConfig(); + } + + if (!SaveSysEncSettings (MainDlg)) + { + return FALSE; + } + + return TRUE; +} + +// If the return code of this function is ignored and newWizardMode == WIZARD_MODE_SYS_DEVICE, then this function +// may be called only after CreateSysEncMutex() returns TRUE. It returns TRUE if successful (otherwise FALSE). +static BOOL ChangeWizardMode (int newWizardMode) +{ + if (WizardMode != newWizardMode) + { + if (WizardMode == WIZARD_MODE_SYS_DEVICE || newWizardMode == WIZARD_MODE_SYS_DEVICE) + { + if (newWizardMode == WIZARD_MODE_SYS_DEVICE) + { + if (!CreateSysEncMutex ()) + { + Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); + return FALSE; + } + } + + // If the previous mode was different, the password may have been typed using a different + // keyboard layout (which might confuse the user and cause other problems if system encryption + // was or will be involved). + WipePasswordsAndKeyfiles(); + } + + if (newWizardMode != WIZARD_MODE_NONSYS_DEVICE) + { + bInPlaceEncNonSys = FALSE; + bInPlaceDecNonSys = FALSE; + } + + if (newWizardMode == WIZARD_MODE_NONSYS_DEVICE && !IsAdmin() && IsUacSupported()) + { + if (!ElevateWholeWizardProcess (L"/e")) + return FALSE; + } + + // The contents of the following items may be inappropriate after a change of mode + if (! (bInPlaceDecNonSys && !bInPlaceEncNonSysResumed)) // If we are starting (but not resuming) decryption of non-system volume, we actually need szFileName as it contains the command line param. + szFileName[0] = 0; + szDiskFile[0] = 0; + nUIVolumeSize = 0; + nVolumeSize = 0; + + WizardMode = newWizardMode; + } + + bDevice = (WizardMode != WIZARD_MODE_FILE_CONTAINER); + + if (newWizardMode != WIZARD_MODE_SYS_DEVICE + && !bHiddenOS) + { + CloseSysEncMutex (); + } + + return TRUE; +} + +// Determines whether the wizard directly affects system encryption in any way. +// Note, for example, that when the user enters a password for a hidden volume that is to host a hidden OS, +// WizardMode is NOT set to WIZARD_MODE_SYS_DEVICE. The keyboard layout, however, has to be US. That's why +// this function has to be called instead of checking the value of WizardMode. +static BOOL SysEncInEffect (void) +{ + return (WizardMode == WIZARD_MODE_SYS_DEVICE + || CreatingHiddenSysVol()); +} + +static BOOL CreatingHiddenSysVol (void) +{ + return (bHiddenOS + && bHiddenVol && !bHiddenVolHost); +} + +static void LoadSettingsAndCheckModified (HWND hwndDlg, BOOL bOnlyCheckModified, BOOL* pbSettingsModified, BOOL* pbHistoryModified) +{ + if (!bOnlyCheckModified) + EnableHwEncryption ((ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE); + + WipeAlgorithmId savedWipeAlgorithm = TC_WIPE_NONE; + + if (!bOnlyCheckModified) + LoadSysEncSettings (); + + if (!bOnlyCheckModified && LoadNonSysInPlaceEncSettings (&savedWipeAlgorithm) != 0) + bInPlaceEncNonSysPending = TRUE; + + if (!bOnlyCheckModified) + defaultKeyFilesParam.EnableKeyFiles = FALSE; + + ConfigReadCompareInt ("StartOnLogon", FALSE, &bStartOnLogon, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("HiddenSectorDetectionStatus", 0, &HiddenSectorDetectionStatus, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("ShowDisconnectedNetworkDrives", FALSE, &bShowDisconnectedNetworkDrives, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("HideWaitingDialog", FALSE, &bHideWaitingDialog, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("SaveVolumeHistory", FALSE, &bHistory, bOnlyCheckModified, pbSettingsModified); + + { + char szTmp[MAX_PATH] = {0}; + WideCharToMultiByte (CP_UTF8, 0, SecurityTokenLibraryPath, -1, szTmp, MAX_PATH, NULL, NULL); + ConfigReadCompareString ("SecurityTokenLibrary", "", szTmp, sizeof (szTmp) - 1, bOnlyCheckModified, pbSettingsModified); + MultiByteToWideChar (CP_UTF8, 0, szTmp, -1, SecurityTokenLibraryPath, ARRAYSIZE (SecurityTokenLibraryPath)); + + if (!bOnlyCheckModified && SecurityTokenLibraryPath[0]) + InitSecurityTokenLibrary(hwndDlg); + } + + if (bOnlyCheckModified) + { + char langid[6] = {0}; + if (!IsNonInstallMode ()) + { + ConfigReadString ("Language", "", langid, sizeof (langid)); + // when installed, if no preferred language set by user, English is selected default + if (langid [0] == 0) + StringCbCopyA (langid, sizeof(langid), "en"); + + if (pbSettingsModified && strcmp (langid, GetPreferredLangId ())) + *pbSettingsModified = TRUE; + } + else + { + StringCbCopyA (langid, sizeof(langid), GetPreferredLangId ()); + ConfigReadCompareString ("Language", "", langid, sizeof (langid), TRUE, pbSettingsModified); + } + } + + if (hwndDlg != NULL) + { + LoadCombo (GetDlgItem (hwndDlg, IDC_COMBO_BOX), bHistory, bOnlyCheckModified, pbHistoryModified); + return; + } + + if (bHistoryCmdLine) + return; +} + +static void LoadSettings (HWND hwndDlg) +{ + LoadSettingsAndCheckModified (hwndDlg, FALSE, NULL, NULL); +} + +static void SaveSettings (HWND hwndDlg) +{ + WaitCursor (); + + // Check first if modifications ocurred before writing to the settings and history files + // This avoids leaking information about VeraCrypt usage when user only mount volumes without changing setttings or history + BOOL bSettingsChanged = FALSE; + BOOL bHistoryChanged = FALSE; + + LoadSettingsAndCheckModified (hwndDlg, TRUE, &bSettingsChanged, &bHistoryChanged); + + if (bHistoryChanged && hwndDlg != NULL) + DumpCombo (GetDlgItem (hwndDlg, IDC_COMBO_BOX), !bHistory); + + if (bSettingsChanged) + { + ConfigWriteBegin (); + + ConfigWriteInt ("StartOnLogon", bStartOnLogon); + ConfigWriteInt ("HiddenSectorDetectionStatus", HiddenSectorDetectionStatus); + ConfigWriteInt ("SaveVolumeHistory", bHistory); + ConfigWriteStringW ("SecurityTokenLibrary", SecurityTokenLibraryPath[0] ? SecurityTokenLibraryPath : L""); + + ConfigWriteString ("Language", GetPreferredLangId ()); + + ConfigWriteEnd (hwndDlg); + } + + NormalCursor (); +} + +// WARNING: This function does NOT cause immediate application exit (use e.g. return 1 after calling it +// from a DialogProc function). +static void EndMainDlg (HWND hwndDlg) +{ + if (nCurPageNo == VOLUME_LOCATION_PAGE) + { + if (IsWindow(GetDlgItem(hCurPage, IDC_NO_HISTORY))) + bHistory = !IsButtonChecked (GetDlgItem (hCurPage, IDC_NO_HISTORY)); + + MoveEditToCombo (GetDlgItem (hCurPage, IDC_COMBO_BOX), bHistory); + SaveSettings (hCurPage); + } + else + { + SaveSettings (NULL); + } + + SaveSysEncSettings (hwndDlg); + + if (!bHistory) + CleanLastVisitedMRU (); + + EndDialog (hwndDlg, 0); +} + +// Returns TRUE if system encryption or decryption had been or is in progress and has not been completed +static BOOL SysEncryptionOrDecryptionRequired (void) +{ + /* If you update this function, revise SysEncryptionOrDecryptionRequired() in Mount.c as well. */ + + static BootEncryptionStatus locBootEncStatus; + + try + { + locBootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + return (SystemEncryptionStatus == SYSENC_STATUS_ENCRYPTING + || SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING + || + ( + locBootEncStatus.DriveMounted + && + ( + locBootEncStatus.ConfiguredEncryptedAreaStart != locBootEncStatus.EncryptedAreaStart + || locBootEncStatus.ConfiguredEncryptedAreaEnd != locBootEncStatus.EncryptedAreaEnd + ) + ) + ); +} + +// Returns TRUE if the system partition/drive is completely encrypted +static BOOL SysDriveOrPartitionFullyEncrypted (BOOL bSilent) +{ + /* If you update this function, revise SysDriveOrPartitionFullyEncrypted() in Mount.c as well. */ + + static BootEncryptionStatus locBootEncStatus; + + try + { + locBootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + if (!bSilent) + e.Show (MainDlg); + } + + return (!locBootEncStatus.SetupInProgress + && locBootEncStatus.ConfiguredEncryptedAreaEnd != 0 + && locBootEncStatus.ConfiguredEncryptedAreaEnd != -1 + && locBootEncStatus.ConfiguredEncryptedAreaStart == locBootEncStatus.EncryptedAreaStart + && locBootEncStatus.ConfiguredEncryptedAreaEnd == locBootEncStatus.EncryptedAreaEnd); +} + +// This functions is to be used when the wizard mode needs to be changed to WIZARD_MODE_SYS_DEVICE. +// If the function fails to switch the mode, it returns FALSE (otherwise TRUE). +BOOL SwitchWizardToSysEncMode (void) +{ + WaitCursor (); + + try + { + BootEncStatus = BootEncObj->GetStatus(); + bWholeSysDrive = BootEncObj->SystemPartitionCoversWholeDrive(); + } + catch (Exception &e) + { + e.Show (MainDlg); + Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); + NormalCursor (); + return FALSE; + } + + // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption + if (!CreateSysEncMutex ()) + { + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); + NormalCursor (); + return FALSE; + } + + // User-mode app may have crashed and its mutex may have gotten lost, so we need to check the driver status too + if (BootEncStatus.SetupInProgress) + { + if (AskWarnYesNo ("SYSTEM_ENCRYPTION_RESUME_PROMPT", MainDlg) == IDYES) + { + if (SystemEncryptionStatus != SYSENC_STATUS_ENCRYPTING + && SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING) + { + // The config file with status was lost or not written correctly + if (!ResolveUnknownSysEncDirection ()) + { + CloseSysEncMutex (); + NormalCursor (); + return FALSE; + } + } + + bDirectSysEncMode = TRUE; + ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); + LoadPage (MainDlg, SYSENC_ENCRYPTION_PAGE); + NormalCursor (); + return TRUE; + } + else + { + CloseSysEncMutex (); + Error ("SYS_ENCRYPTION_OR_DECRYPTION_IN_PROGRESS", MainDlg); + NormalCursor (); + return FALSE; + } + } + + if (BootEncStatus.DriveMounted + || BootEncStatus.DriveEncrypted + || SysEncryptionOrDecryptionRequired ()) + { + + if (!SysDriveOrPartitionFullyEncrypted (FALSE) + && AskWarnYesNo ("SYSTEM_ENCRYPTION_RESUME_PROMPT", MainDlg) == IDYES) + { + if (SystemEncryptionStatus == SYSENC_STATUS_NONE) + { + // If the config file with status was lost or not written correctly, we + // don't know whether to encrypt or decrypt (but we know that encryption or + // decryption is required). Ask the user to select encryption, decryption, + // or cancel + if (!ResolveUnknownSysEncDirection ()) + { + CloseSysEncMutex (); + NormalCursor (); + return FALSE; + } + } + + bDirectSysEncMode = TRUE; + ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); + LoadPage (MainDlg, SYSENC_ENCRYPTION_PAGE); + NormalCursor (); + return TRUE; + } + else + { + CloseSysEncMutex (); + Error ("SETUP_FAILED_BOOT_DRIVE_ENCRYPTED", MainDlg); + NormalCursor (); + return FALSE; + } + } + else + { + // Check compliance with requirements for boot encryption + + if (!IsAdmin()) + { + if (!IsUacSupported()) + { + Warning ("ADMIN_PRIVILEGES_WARN_DEVICES", MainDlg); + } + } + + try + { + BootEncObj->CheckRequirements (); + } + catch (Exception &e) + { + CloseSysEncMutex (); + e.Show (MainDlg); + NormalCursor (); + return FALSE; + } + + if (!ChangeWizardMode (WIZARD_MODE_SYS_DEVICE)) + { + NormalCursor (); + return FALSE; + } + + if (bSysDriveSelected || bSysPartitionSelected) + { + // The user selected the non-sys-device wizard mode but then selected a system device + + bWholeSysDrive = (bSysDriveSelected && !bSysPartitionSelected); + + bSysDriveSelected = FALSE; + bSysPartitionSelected = FALSE; + + try + { + if (!bHiddenVol) + { + if (bWholeSysDrive && !BootEncObj->SystemPartitionCoversWholeDrive()) + { + if (BootEncObj->SystemDriveContainsNonStandardPartitions()) + { + if (AskWarnYesNoString ((wstring (GetString ("SYSDRIVE_NON_STANDARD_PARTITIONS")) + L"\n\n" + GetString ("ASK_ENCRYPT_PARTITION_INSTEAD_OF_DRIVE")).c_str(), MainDlg) == IDYES) + bWholeSysDrive = FALSE; + } + + if (!IsOSAtLeast (WIN_VISTA) && bWholeSysDrive) + { + if (BootEncObj->SystemDriveContainsExtendedPartition()) + { + bWholeSysDrive = FALSE; + + Error ("WDE_UNSUPPORTED_FOR_EXTENDED_PARTITIONS", MainDlg); + + if (AskYesNo ("ASK_ENCRYPT_PARTITION_INSTEAD_OF_DRIVE", MainDlg) == IDNO) + { + ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE); + return FALSE; + } + } + else + Warning ("WDE_EXTENDED_PARTITIONS_WARNING", MainDlg); + } + } + else if (BootEncObj->SystemPartitionCoversWholeDrive() + && !bWholeSysDrive) + bWholeSysDrive = (AskYesNo ("WHOLE_SYC_DEVICE_RECOM", MainDlg) == IDYES); + } + + } + catch (Exception &e) + { + e.Show (MainDlg); + return FALSE; + } + + if (!bHiddenVol) + { + // Skip SYSENC_SPAN_PAGE and SYSENC_TYPE_PAGE as the user already made the choice + LoadPage (MainDlg, bWholeSysDrive ? SYSENC_PRE_DRIVE_ANALYSIS_PAGE : SYSENC_MULTI_BOOT_MODE_PAGE); + } + else + { + // The user selected the non-sys-device wizard mode but then selected a system device. + // In addition, he selected the hidden volume mode. + + if (bWholeSysDrive) + Warning ("HIDDEN_OS_PRECLUDES_SINGLE_KEY_WDE", MainDlg); + + bWholeSysDrive = FALSE; + + LoadPage (MainDlg, SYSENC_TYPE_PAGE); + } + } + else + LoadPage (MainDlg, SYSENC_TYPE_PAGE); + + NormalCursor (); + return TRUE; + } +} + +void SwitchWizardToFileContainerMode (void) +{ + ChangeWizardMode (WIZARD_MODE_FILE_CONTAINER); + + LoadPage (MainDlg, VOLUME_LOCATION_PAGE); + + NormalCursor (); +} + +void SwitchWizardToNonSysDeviceMode (void) +{ + ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE); + + LoadPage (MainDlg, VOLUME_TYPE_PAGE); + + NormalCursor (); +} + +BOOL SwitchWizardToHiddenOSMode (void) +{ + if (SwitchWizardToSysEncMode()) + { + if (nCurPageNo != SYSENC_ENCRYPTION_PAGE) // If the user did not manually choose to resume encryption or decryption of the system partition/drive + { + bHiddenOS = TRUE; + bHiddenVol = TRUE; + bHiddenVolHost = TRUE; + bHiddenVolDirect = FALSE; + bWholeSysDrive = FALSE; + bInPlaceEncNonSys = FALSE; + bInPlaceDecNonSys = FALSE; + + if (bDirectSysEncModeCommand == SYSENC_COMMAND_CREATE_HIDDEN_OS_ELEV) + { + // Some of the requirements for hidden OS should have already been checked by the wizard process + // that launched us (in order to elevate), but we must recheck them. Otherwise, an advanced user + // could bypass the checks by using the undocumented CLI switch. Moreover, some requirements + // can be checked only at this point (when we are elevated). + try + { + BootEncObj->CheckRequirementsHiddenOS (); + + BootEncObj->InitialSecurityChecksForHiddenOS (); + } + catch (Exception &e) + { + e.Show (MainDlg); + return FALSE; + } + + LoadPage (MainDlg, SYSENC_MULTI_BOOT_MODE_PAGE); + } + else + LoadPage (MainDlg, SYSENC_HIDDEN_OS_REQ_CHECK_PAGE); + + NormalCursor (); + } + else + return TRUE; + } + else + return FALSE; + + return TRUE; +} + +void SwitchWizardToNonSysInplaceEncResumeMode (BOOL bDecrypt) +{ + if (!IsAdmin() && IsUacSupported()) + { + if (!ElevateWholeWizardProcess (bDecrypt ? L"/resumeinplacedec" : L"/zinplace")) + AbortProcessSilent (); + } + + if (!IsAdmin()) + AbortProcess("ADMIN_PRIVILEGES_WARN_DEVICES"); + + CreateNonSysInplaceEncMutex (); + + bInPlaceEncNonSys = TRUE; + bInPlaceDecNonSys = bDecrypt; + bInPlaceEncNonSysResumed = TRUE; + + ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE); + + LoadPage (MainDlg, NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE); +} + +void SwitchWizardToNonSysInplaceDecStartMode (wchar_t *volPath) +{ + if (!IsAdmin() && IsUacSupported()) + { + if (!ElevateWholeWizardProcess ((wstring (L"/inplacedec \"") + volPath + L"\"").c_str())) + AbortProcessSilent (); + } + + if (!IsAdmin()) + AbortProcess("ADMIN_PRIVILEGES_WARN_DEVICES"); + + if (!CheckRequirementsForNonSysInPlaceDec (MainDlg, volPath, FALSE)) + AbortProcessSilent (); + + CreateNonSysInplaceEncMutex (); + + bInPlaceEncNonSys = TRUE; + bInPlaceDecNonSys = TRUE; + bInPlaceEncNonSysResumed = FALSE; + + ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE); + + LoadPage (MainDlg, NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE); +} + +// Use this function e.g. if the config file with the system encryption settings was lost or not written +// correctly, and we don't know whether to encrypt or decrypt (but we know that encryption or decryption +// is required). Returns FALSE if failed or cancelled. +static BOOL ResolveUnknownSysEncDirection (void) +{ + if (CreateSysEncMutex ()) + { + if (SystemEncryptionStatus != SYSENC_STATUS_ENCRYPTING + && SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING) + { + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (MainDlg); + Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); + return FALSE; + } + + if (BootEncStatus.SetupInProgress) + { + return ChangeSystemEncryptionStatus ( + (BootEncStatus.SetupMode != SetupDecryption) ? SYSENC_STATUS_ENCRYPTING : SYSENC_STATUS_DECRYPTING); + } + else + { + // Ask the user to select encryption, decryption, or cancel + + char *tmpStr[] = {0, + !BootEncStatus.DriveEncrypted ? "CHOOSE_ENCRYPT_OR_DECRYPT_FINALIZE_DECRYPT_NOTE" : "CHOOSE_ENCRYPT_OR_DECRYPT", + "ENCRYPT", + "DECRYPT", + "IDCANCEL", + 0}; + + switch (AskMultiChoice ((void **) tmpStr, FALSE, MainDlg)) + { + case 1: + return ChangeSystemEncryptionStatus (SYSENC_STATUS_ENCRYPTING); + case 2: + return ChangeSystemEncryptionStatus (SYSENC_STATUS_DECRYPTING); + default: + return FALSE; + } + } + } + else + return TRUE; + } + else + { + Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); + return FALSE; + } +} + +// This function should be used to resolve inconsistencies that might lead to a deadlock (inability to encrypt or +// decrypt the system partition/drive and to uninstall TrueCrypt). The function removes the system encryption key +// data ("volume header"), the TrueCrypt boot loader, restores the original system loader (if available), +// unregisters the boot driver, etc. Note that if the system partition/drive is encrypted, it will start decrypting +// it in the background (therefore, it should be used when the system partition/drive is not encrypted, ideally). +// Exceptions are handled and errors are reported within the function. Returns TRUE if successful. +static BOOL ForceRemoveSysEnc (void) +{ + if (CreateSysEncMutex ()) // If no other instance is currently taking care of system encryption + { + BootEncryptionStatus locBootEncStatus; + + try + { + locBootEncStatus = BootEncObj->GetStatus(); + + if (locBootEncStatus.SetupInProgress) + BootEncObj->AbortSetupWait (); + + locBootEncStatus = BootEncObj->GetStatus(); + + if (locBootEncStatus.DriveMounted) + { + // Remove the header + BootEncObj->StartDecryption (DiscardUnreadableEncryptedSectors); + locBootEncStatus = BootEncObj->GetStatus(); + + while (locBootEncStatus.SetupInProgress) + { + Sleep (100); + locBootEncStatus = BootEncObj->GetStatus(); + } + + BootEncObj->CheckEncryptionSetupResult (); + } + + Sleep (50); + } + catch (Exception &e) + { + e.Show (MainDlg); + return FALSE; + } + + try + { + locBootEncStatus = BootEncObj->GetStatus(); + + if (!locBootEncStatus.DriveMounted) + BootEncObj->Deinstall (true); + } + catch (Exception &e) + { + e.Show (MainDlg); + return FALSE; + } + + return TRUE; + } + else + return FALSE; +} + +// Returns 0 if there's an error. +__int64 GetSystemPartitionSize (void) +{ + try + { + return BootEncObj->GetSystemDriveConfiguration().SystemPartition.Info.PartitionLength.QuadPart; + } + catch (Exception &e) + { + e.Show (MainDlg); + return 0; + } +} + +void ComboSelChangeEA (HWND hwndDlg) +{ + int nIndex = (int) SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0); + + if (nIndex == CB_ERR) + { + SetWindowText (GetDlgItem (hwndDlg, IDC_BOX_HELP), L""); + } + else + { + wchar_t name[100]; + wchar_t auxLine[4096]; + wchar_t hyperLink[256] = { 0 }; + int cipherIDs[5]; + int i, cnt = 0; + + nIndex = (int) SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0); + EAGetName (name, nIndex, 0); + + if (wcscmp (name, L"AES") == 0) + { + StringCbPrintfW (hyperLink, sizeof(hyperLink) / 2, GetString ("MORE_INFO_ABOUT"), name); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("AES_HELP")); + } + else if (wcscmp (name, L"Serpent") == 0) + { + StringCbPrintfW (hyperLink, sizeof(hyperLink) / 2, GetString ("MORE_INFO_ABOUT"), name); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SERPENT_HELP")); + } + else if (wcscmp (name, L"Twofish") == 0) + { + StringCbPrintfW (hyperLink, sizeof(hyperLink) / 2, GetString ("MORE_INFO_ABOUT"), name); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("TWOFISH_HELP")); + } + else if (EAGetCipherCount (nIndex) > 1) + { + // Cascade + cipherIDs[cnt++] = i = EAGetLastCipher(nIndex); + while (i = EAGetPreviousCipher(nIndex, i)) + { + cipherIDs[cnt] = i; + cnt++; + } + + switch (cnt) // Number of ciphers in the cascade + { + case 2: + StringCbPrintfW (auxLine, sizeof(auxLine), GetString ("TWO_LAYER_CASCADE_HELP"), + CipherGetName (cipherIDs[1]), + CipherGetKeySize (cipherIDs[1])*8, + CipherGetName (cipherIDs[0]), + CipherGetKeySize (cipherIDs[0])*8); + break; + + case 3: + StringCbPrintfW (auxLine, sizeof(auxLine), GetString ("THREE_LAYER_CASCADE_HELP"), + CipherGetName (cipherIDs[2]), + CipherGetKeySize (cipherIDs[2])*8, + CipherGetName (cipherIDs[1]), + CipherGetKeySize (cipherIDs[1])*8, + CipherGetName (cipherIDs[0]), + CipherGetKeySize (cipherIDs[0])*8); + break; + } + + StringCbCopyW (hyperLink, sizeof(hyperLink), GetString ("IDC_LINK_MORE_INFO_ABOUT_CIPHER")); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), auxLine); + } + else + { + // No info available for this encryption algorithm + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), L""); + } + + + // Update hyperlink + SetWindowTextW (GetDlgItem (hwndDlg, IDC_LINK_MORE_INFO_ABOUT_CIPHER), hyperLink); + AccommodateTextField (hwndDlg, IDC_LINK_MORE_INFO_ABOUT_CIPHER, FALSE, hUserUnderlineFont); + } +} + +static void VerifySizeAndUpdate (HWND hwndDlg, BOOL bUpdate) +{ + BOOL bEnable = TRUE; + wchar_t szTmp[50]; + __int64 lTmp; + __int64 i; + static unsigned __int64 nLastVolumeSize = 0; + + GetWindowText (GetDlgItem (hwndDlg, IDC_SIZEBOX), szTmp, ARRAYSIZE (szTmp)); + + for (i = 0; i < (__int64) wcslen (szTmp); i++) + { + if (szTmp[i] >= L'0' && szTmp[i] <= L'9') + continue; + else + { + bEnable = FALSE; + break; + } + } + + if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_KB))) + nMultiplier = BYTES_PER_KB; + else if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_MB))) + nMultiplier = BYTES_PER_MB; + else if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_GB))) + nMultiplier = BYTES_PER_GB; + else + nMultiplier = BYTES_PER_TB; + + if (bDevice && !(bHiddenVol && !bHiddenVolHost)) // If raw device but not a hidden volume + { + lTmp = nVolumeSize; + i = 1; + } + else + { + i = nMultiplier; + lTmp = _wtoi64 (szTmp); + + DWORD sectorSize = GetFormatSectorSize(); + uint32 sectorSizeRem = (lTmp * nMultiplier) % sectorSize; + + if (sectorSizeRem != 0) + lTmp = (lTmp * nMultiplier + (sectorSize - sectorSizeRem)) / nMultiplier; + } + + if (bEnable) + { + if (lTmp * i < (bHiddenVolHost ? TC_MIN_HIDDEN_VOLUME_HOST_SIZE : (bHiddenVol ? TC_MIN_HIDDEN_VOLUME_SIZE : TC_MIN_VOLUME_SIZE))) + bEnable = FALSE; + + if (!bHiddenVolHost && bHiddenVol) + { + if (lTmp * i > nMaximumHiddenVolSize) + bEnable = FALSE; + } + else + { + if (lTmp * i > (bHiddenVolHost ? TC_MAX_HIDDEN_VOLUME_HOST_SIZE : TC_MAX_VOLUME_SIZE)) + bEnable = FALSE; + } + } + + if (bUpdate) + { + nUIVolumeSize = lTmp; + + if (!bDevice || (bHiddenVol && !bHiddenVolHost)) // Update only if it's not a raw device or if it's a hidden volume + nVolumeSize = i * lTmp; + } + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), bEnable); + + if (nVolumeSize != nLastVolumeSize) + { + // Change of volume size may make some file systems allowed or disallowed, so the default filesystem must + // be reselected. + fileSystem = FILESYS_NONE; + nLastVolumeSize = nVolumeSize; + } +} + +static void UpdateWizardModeControls (HWND hwndDlg, int setWizardMode) +{ + SendMessage (GetDlgItem (hwndDlg, IDC_FILE_CONTAINER), + BM_SETCHECK, + setWizardMode == WIZARD_MODE_FILE_CONTAINER ? BST_CHECKED : BST_UNCHECKED, + 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_NONSYS_DEVICE), + BM_SETCHECK, + setWizardMode == WIZARD_MODE_NONSYS_DEVICE ? BST_CHECKED : BST_UNCHECKED, + 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_SYS_DEVICE), + BM_SETCHECK, + setWizardMode == WIZARD_MODE_SYS_DEVICE ? BST_CHECKED : BST_UNCHECKED, + 0); +} + +static int GetSelectedWizardMode (HWND hwndDlg) +{ + if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_FILE_CONTAINER))) + return WIZARD_MODE_FILE_CONTAINER; + + if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_NONSYS_DEVICE))) + return WIZARD_MODE_NONSYS_DEVICE; + + if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_SYS_DEVICE))) + return WIZARD_MODE_SYS_DEVICE; + + return DEFAULT_VOL_CREATION_WIZARD_MODE; +} + +static void RefreshMultiBootControls (HWND hwndDlg) +{ +#ifdef DEBUG + if (nMultiBoot == 0) + nMultiBoot = 1; +#endif + + SendMessage (GetDlgItem (hwndDlg, IDC_SINGLE_BOOT), + BM_SETCHECK, + nMultiBoot == 1 ? BST_CHECKED : BST_UNCHECKED, + 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_MULTI_BOOT), + BM_SETCHECK, + nMultiBoot > 1 ? BST_CHECKED : BST_UNCHECKED, + 0); +} + +// -1 = Undecided or error, 0 = No, 1 = Yes +static int Get2RadButtonPageAnswer (void) +{ + if (IsButtonChecked (GetDlgItem (hCurPage, IDC_CHOICE1))) + return 1; + + if (IsButtonChecked (GetDlgItem (hCurPage, IDC_CHOICE2))) + return 0; + + return -1; +} + +// 0 = No, 1 = Yes +static void Update2RadButtonPage (int answer) +{ + SendMessage (GetDlgItem (hCurPage, IDC_CHOICE1), + BM_SETCHECK, + answer == 1 ? BST_CHECKED : BST_UNCHECKED, + 0); + + SendMessage (GetDlgItem (hCurPage, IDC_CHOICE2), + BM_SETCHECK, + answer == 0 ? BST_CHECKED : BST_UNCHECKED, + 0); +} + +// -1 = Undecided, 0 = No, 1 = Yes +static void Init2RadButtonPageYesNo (int answer) +{ + SetWindowTextW (GetDlgItem (hCurPage, IDC_CHOICE1), GetString ("UISTR_YES")); + SetWindowTextW (GetDlgItem (hCurPage, IDC_CHOICE2), GetString ("UISTR_NO")); + + SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); + + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), answer >= 0); + EnableWindow (GetDlgItem (MainDlg, IDC_PREV), TRUE); + + Update2RadButtonPage (answer); +} + +static void UpdateSysEncProgressBar (void) +{ + BootEncryptionStatus locBootEncStatus; + + try + { + locBootEncStatus = BootEncObj->GetStatus(); + } + catch (...) + { + return; + } + + if (locBootEncStatus.EncryptedAreaEnd == -1 + || locBootEncStatus.EncryptedAreaStart == -1) + { + UpdateProgressBarProc (0); + } + else + { + UpdateProgressBarProc (locBootEncStatus.EncryptedAreaEnd - locBootEncStatus.EncryptedAreaStart + 1); + + if (locBootEncStatus.SetupInProgress) + { + wchar_t tmpStr[100]; + + // Status + + if (locBootEncStatus.TransformWaitingForIdle) + StringCbCopyW (tmpStr, sizeof(tmpStr), GetString ("PROGRESS_STATUS_WAITING")); + else + StringCbCopyW (tmpStr, sizeof(tmpStr), GetString (SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING ? "PROGRESS_STATUS_DECRYPTING" : "PROGRESS_STATUS_ENCRYPTING")); + + StringCbCatW (tmpStr, sizeof(tmpStr), L" "); + + SetWindowTextW (GetDlgItem (hCurPage, IDC_WRITESPEED), tmpStr); + } + } +} + +static void InitSysEncProgressBar (void) +{ + BootEncryptionStatus locBootEncStatus; + + try + { + locBootEncStatus = BootEncObj->GetStatus(); + } + catch (...) + { + return; + } + + if (locBootEncStatus.ConfiguredEncryptedAreaEnd == -1 + || locBootEncStatus.ConfiguredEncryptedAreaStart == -1) + return; + + InitProgressBar (locBootEncStatus.ConfiguredEncryptedAreaEnd + - locBootEncStatus.ConfiguredEncryptedAreaStart + 1, + (locBootEncStatus.EncryptedAreaEnd == locBootEncStatus.EncryptedAreaStart || locBootEncStatus.EncryptedAreaEnd == -1) ? + 0 : locBootEncStatus.EncryptedAreaEnd - locBootEncStatus.EncryptedAreaStart + 1, + SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING, + TRUE, + TRUE, + TRUE); +} + +static void UpdateSysEncControls (void) +{ + BootEncryptionStatus locBootEncStatus; + + try + { + locBootEncStatus = BootEncObj->GetStatus(); + } + catch (...) + { + return; + } + + EnableWindow (GetDlgItem (hCurPage, IDC_WIPE_MODE), + !locBootEncStatus.SetupInProgress + && SystemEncryptionStatus == SYSENC_STATUS_ENCRYPTING); + + SetWindowTextW (GetDlgItem (hCurPage, IDC_PAUSE), + GetString (locBootEncStatus.SetupInProgress ? "IDC_PAUSE" : "RESUME")); + + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), !locBootEncStatus.SetupInProgress && !bFirstSysEncResumeDone); + + if (!locBootEncStatus.SetupInProgress) + { + wchar_t tmpStr[100]; + + StringCbCopyW (tmpStr, sizeof(tmpStr), GetString ((SysDriveOrPartitionFullyEncrypted (TRUE) || !locBootEncStatus.DriveMounted) ? + "PROGRESS_STATUS_FINISHED" : "PROGRESS_STATUS_PAUSED")); + StringCbCatW (tmpStr, sizeof(tmpStr), L" "); + + // Status + SetWindowTextW (GetDlgItem (hCurPage, IDC_WRITESPEED), tmpStr); + + if (SysDriveOrPartitionFullyEncrypted (TRUE) || SystemEncryptionStatus == SYSENC_STATUS_NONE) + { + StringCbCopyW (tmpStr, sizeof(tmpStr), GetString ("PROCESSED_PORTION_100_PERCENT")); + StringCbCatW (tmpStr, sizeof(tmpStr), L" "); + + SetWindowTextW (GetDlgItem (hCurPage, IDC_BYTESWRITTEN), tmpStr); + } + + SetWindowText (GetDlgItem (hCurPage, IDC_TIMEREMAIN), L" "); + } +} + +static void SysEncPause (void) +{ + BootEncryptionStatus locBootEncStatus; + + if (CreateSysEncMutex ()) + { + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), FALSE); + + try + { + locBootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (MainDlg); + Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); + return; + } + + if (!locBootEncStatus.SetupInProgress) + { + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); + return; + } + + WaitCursor (); + + try + { + int attempts = SYSENC_PAUSE_RETRIES; + + BootEncObj->AbortSetup (); + + locBootEncStatus = BootEncObj->GetStatus(); + + while (locBootEncStatus.SetupInProgress && attempts > 0) + { + Sleep (SYSENC_PAUSE_RETRY_INTERVAL); + attempts--; + locBootEncStatus = BootEncObj->GetStatus(); + } + + if (!locBootEncStatus.SetupInProgress) + BootEncObj->CheckEncryptionSetupResult (); + + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + NormalCursor (); + + if (locBootEncStatus.SetupInProgress) + { + SetTimer (MainDlg, TIMER_ID_SYSENC_PROGRESS, TIMER_INTERVAL_SYSENC_PROGRESS, NULL); + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); + Error ("FAILED_TO_INTERRUPT_SYSTEM_ENCRYPTION", MainDlg); + return; + } + + UpdateSysEncControls (); + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); + } + else + Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); +} + + +static void SysEncResume (void) +{ + BootEncryptionStatus locBootEncStatus; + + if (CreateSysEncMutex ()) + { + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), FALSE); + + try + { + locBootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (MainDlg); + Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); + return; + } + + if (locBootEncStatus.SetupInProgress) + { + // Prevent the OS from entering Sleep mode when idle + SetThreadExecutionState (ES_CONTINUOUS | ES_SYSTEM_REQUIRED); + + bSystemEncryptionInProgress = TRUE; + UpdateSysEncControls (); + SetTimer (MainDlg, TIMER_ID_SYSENC_PROGRESS, TIMER_INTERVAL_SYSENC_PROGRESS, NULL); + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); + return; + } + + bVolTransformThreadCancel = FALSE; + bSystemEncryptionInProgress = FALSE; + WaitCursor (); + + try + { + switch (SystemEncryptionStatus) + { + case SYSENC_STATUS_ENCRYPTING: + + BootEncObj->StartEncryption (nWipeMode, bTryToCorrectReadErrors ? true : false); + break; + + case SYSENC_STATUS_DECRYPTING: + + if (locBootEncStatus.DriveMounted) // If the drive is not encrypted we will just deinstall + BootEncObj->StartDecryption (DiscardUnreadableEncryptedSectors); + + break; + } + + bSystemEncryptionInProgress = TRUE; + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + NormalCursor (); + + if (!bSystemEncryptionInProgress) + { + // Allow the OS to enter Sleep mode when idle + SetThreadExecutionState (ES_CONTINUOUS); + + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); + Error ("FAILED_TO_RESUME_SYSTEM_ENCRYPTION", MainDlg); + return; + } + + // Prevent the OS from entering Sleep mode when idle + SetThreadExecutionState (ES_CONTINUOUS | ES_SYSTEM_REQUIRED); + + bFirstSysEncResumeDone = TRUE; + InitSysEncProgressBar (); + UpdateSysEncProgressBar (); + UpdateSysEncControls (); + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), TRUE); + SetTimer (MainDlg, TIMER_ID_SYSENC_PROGRESS, TIMER_INTERVAL_SYSENC_PROGRESS, NULL); + } + else + Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); +} + + +static BOOL GetDevicePathForHiddenOS (void) +{ + BOOL tmpbDevice = FALSE; + + try + { + StringCbCopyW (szFileName, sizeof(szFileName), BootEncObj->GetPartitionForHiddenOS().DevicePath.c_str()); + + CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szFileName, &tmpbDevice); + } + catch (Exception &e) + { + e.Show (MainDlg); + return FALSE; + } + + return (szFileName[0] != 0 + && szDiskFile[0] != 0 + && tmpbDevice); +} + + +// Returns TRUE if there is unallocated space greater than 64 MB (max possible slack space size) between the +// boot partition and the first partition behind it. If there's none or if an error occurs, returns FALSE. +static BOOL CheckGapBetweenSysAndHiddenOS (void) +{ + try + { + SystemDriveConfiguration sysDriveCfg = BootEncObj->GetSystemDriveConfiguration(); + + return (sysDriveCfg.SystemPartition.Info.StartingOffset.QuadPart + + sysDriveCfg.SystemPartition.Info.PartitionLength.QuadPart + + 64 * BYTES_PER_MB + + 128 * BYTES_PER_KB + <= BootEncObj->GetPartitionForHiddenOS().Info.StartingOffset.QuadPart); + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + return FALSE; +} + + +static void NonSysInplaceEncPause (void) +{ + bVolTransformThreadCancel = TRUE; + + WaitCursor (); + + int waitThreshold = 100; // Do not block GUI events for more than 10 seconds. IMPORTANT: This prevents deadlocks when the thread calls us back e.g. to update GUI! + + while (bVolTransformThreadRunning || bVolTransformThreadToRun) + { + MSG guiMsg; + + bVolTransformThreadCancel = TRUE; + + if (waitThreshold <= 0) + { + while (PeekMessageW (&guiMsg, NULL, 0, 0, PM_REMOVE) != 0) + { + DispatchMessageW (&guiMsg); + } + } + else + waitThreshold--; + + Sleep (100); + } +} + + +static void NonSysInplaceEncResume (void) +{ + if (bVolTransformThreadRunning || bVolTransformThreadToRun || bVolTransformThreadCancel) + return; + + if (!bInPlaceEncNonSysResumed + && !FinalPreTransformPrompts ()) + { + return; + } + + CreateNonSysInplaceEncMutex (); + + bFirstNonSysInPlaceEncResumeDone = TRUE; + + SetTimer (MainDlg, TIMER_ID_NONSYS_INPLACE_ENC_PROGRESS, TIMER_INTERVAL_NONSYS_INPLACE_ENC_PROGRESS, NULL); + + bVolTransformThreadCancel = FALSE; + bVolTransformThreadToRun = TRUE; + + UpdateNonSysInPlaceEncControls (); + + LastDialogId = "NONSYS_INPLACE_ENC_IN_PROGRESS"; + + _beginthread (volTransformThreadFunction, 0, MainDlg); + + return; +} + + +void ShowNonSysInPlaceEncUIStatus (void) +{ + wchar_t nonSysInplaceEncUIStatus [300] = {0}; + + switch (NonSysInplaceEncStatus) + { + case NONSYS_INPLACE_ENC_STATUS_PAUSED: + StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_PAUSED")); + break; + case NONSYS_INPLACE_ENC_STATUS_PREPARING: + StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_PREPARING")); + break; + case NONSYS_INPLACE_ENC_STATUS_RESIZING: + StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_RESIZING")); + break; + case NONSYS_INPLACE_ENC_STATUS_ENCRYPTING: + StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_ENCRYPTING")); + break; + case NONSYS_INPLACE_ENC_STATUS_DECRYPTING: + StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_DECRYPTING")); + break; + case NONSYS_INPLACE_ENC_STATUS_FINALIZING: + StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_FINALIZING")); + break; + case NONSYS_INPLACE_ENC_STATUS_FINISHED: + StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_FINISHED")); + break; + case NONSYS_INPLACE_ENC_STATUS_ERROR: + StringCbCopyW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), GetString ("PROGRESS_STATUS_ERROR")); + break; + } + + StringCbCatW (nonSysInplaceEncUIStatus, sizeof(nonSysInplaceEncUIStatus), L" "); + + SetWindowTextW (GetDlgItem (hCurPage, IDC_WRITESPEED), nonSysInplaceEncUIStatus); +} + + +void UpdateNonSysInPlaceEncControls (void) +{ + // Reduce flickering by updating a GUI element only when a relevant change affects it + static BOOL lastbVolTransformThreadRunning = !bVolTransformThreadRunning; + static BOOL lastbVolTransformThreadToRun = !bVolTransformThreadToRun; + static BOOL lastbInPlaceEncNonSysResumed = !bInPlaceEncNonSysResumed; + + EnableWindow (GetDlgItem (hCurPage, IDC_WIPE_MODE), !(bVolTransformThreadRunning || bVolTransformThreadToRun) && !bInPlaceDecNonSys); + + if (lastbVolTransformThreadRunning != bVolTransformThreadRunning + || lastbVolTransformThreadToRun != bVolTransformThreadToRun) + { + SetWindowTextW (GetDlgItem (hCurPage, IDC_PAUSE), + GetString ((bVolTransformThreadRunning || bVolTransformThreadToRun) ? "IDC_PAUSE" : "RESUME")); + + lastbVolTransformThreadRunning = bVolTransformThreadRunning; + lastbVolTransformThreadToRun = bVolTransformThreadToRun; + } + + if (lastbInPlaceEncNonSysResumed != bInPlaceEncNonSysResumed) + { + SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString (bInPlaceEncNonSysResumed ? "DEFER" : "CANCEL")); + lastbInPlaceEncNonSysResumed = bInPlaceEncNonSysResumed; + } + + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), bFirstNonSysInPlaceEncResumeDone + && NonSysInplaceEncStatus != NONSYS_INPLACE_ENC_STATUS_FINALIZING + && NonSysInplaceEncStatus != NONSYS_INPLACE_ENC_STATUS_FINISHED); + + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), !(bVolTransformThreadRunning || bVolTransformThreadToRun) && !bFirstNonSysInPlaceEncResumeDone); + EnableWindow (GetDlgItem (MainDlg, IDC_PREV), !(bVolTransformThreadRunning || bVolTransformThreadToRun) && !bInPlaceEncNonSysResumed); + EnableWindow (GetDlgItem (MainDlg, IDCANCEL), + !(bVolTransformThreadToRun + || NonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_PREPARING + || NonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_RESIZING + || NonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_FINALIZING + || NonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_FINISHED)); + + if (bVolTransformThreadRunning || bVolTransformThreadToRun) + { + switch (NonSysInplaceEncStatus) + { + case NONSYS_INPLACE_ENC_STATUS_PREPARING: + case NONSYS_INPLACE_ENC_STATUS_RESIZING: + case NONSYS_INPLACE_ENC_STATUS_FINALIZING: + ArrowWaitCursor (); + break; + + case NONSYS_INPLACE_ENC_STATUS_ENCRYPTING: + NormalCursor (); + break; + + default: + NormalCursor (); + break; + } + + if (bVolTransformThreadCancel) + WaitCursor (); + } + else + { + NormalCursor (); + + if (bInPlaceEncNonSysResumed) + { + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PAUSED); + } + else + SetWindowText (GetDlgItem (hCurPage, IDC_WRITESPEED), L" "); + + SetWindowText (GetDlgItem (hCurPage, IDC_TIMEREMAIN), L" "); + } + + ShowNonSysInPlaceEncUIStatus (); + + UpdateNonSysInplaceEncProgressBar (); +} + + +static void UpdateNonSysInplaceEncProgressBar (void) +{ + static int lastNonSysInplaceEncStatus = NONSYS_INPLACE_ENC_STATUS_NONE; + int nonSysInplaceEncStatus = NonSysInplaceEncStatus; + __int64 totalSize = NonSysInplaceEncTotalSize; + + if (bVolTransformThreadRunning + && (nonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_ENCRYPTING + || nonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_DECRYPTING + || nonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_FINALIZING + || nonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_FINISHED)) + { + if (lastNonSysInplaceEncStatus != nonSysInplaceEncStatus + && (nonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_ENCRYPTING || nonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_DECRYPTING)) + { + InitNonSysInplaceEncProgressBar (); + } + else + { + if (totalSize <= 0 && nVolumeSize > 0) + totalSize = nVolumeSize; + + if (totalSize > 0) + UpdateProgressBarProc (NonSysInplaceEncBytesDone); + } + } + + ShowNonSysInPlaceEncUIStatus (); + + lastNonSysInplaceEncStatus = nonSysInplaceEncStatus; +} + + +static void InitNonSysInplaceEncProgressBar (void) +{ + __int64 totalSize = NonSysInplaceEncTotalSize; + + if (totalSize <= 0) + { + if (nVolumeSize <= 0) + return; + + totalSize = nVolumeSize; + } + + InitProgressBar (totalSize, + NonSysInplaceEncBytesDone, + bInPlaceDecNonSys, + TRUE, + TRUE, + TRUE); +} + + +void DisplayRandPool (HWND hwndDlg, HWND hPoolDisplay, BOOL bShow) +{ + wchar_t tmp[4]; + unsigned char tmpByte; + int col, row; + static BOOL bRandPoolDispAscii = FALSE; + DWORD mouseEventsCounter; + + RandpeekBytes (hwndDlg, randPool, sizeof (randPool), &mouseEventsCounter); + + ProcessEntropyEstimate (hEntropyBar, &mouseEventsInitialCount, mouseEventsCounter, maxEntropyLevel, &mouseEntropyGathered); + + if (memcmp (lastRandPool, randPool, sizeof(lastRandPool)) != 0) + { + outRandPoolDispBuffer[0] = 0; + + for (row = 0; row < RANDPOOL_DISPLAY_ROWS; row++) + { + for (col = 0; col < RANDPOOL_DISPLAY_COLUMNS; col++) + { + if (bShow) + { + tmpByte = randPool[row * RANDPOOL_DISPLAY_COLUMNS + col]; + + StringCbPrintfW (tmp, sizeof(tmp), bRandPoolDispAscii ? ((tmpByte >= 32 && tmpByte < 255 && tmpByte != L'&') ? L" %c " : L" . ") : L"%02X ", tmpByte); + } + else if (bUseMask) + { + /* use mask to compute a randomized ASCII representation */ + tmpByte = (randPool[row * RANDPOOL_DISPLAY_COLUMNS + col] - + lastRandPool[row * RANDPOOL_DISPLAY_COLUMNS + col]) ^ maskRandPool [row * RANDPOOL_DISPLAY_COLUMNS + col]; + tmp[0] = (wchar_t) (((tmpByte >> 4) % 6) + L'*'); + tmp[1] = (wchar_t) (((tmpByte & 0x0F) % 6) + L'*'); + tmp[2] = L' '; + tmp[3] = 0; + } + else + { + StringCbCopyW (tmp, sizeof(tmp), L"** "); + } + + + StringCbCatW (outRandPoolDispBuffer, sizeof(outRandPoolDispBuffer), tmp); + } + StringCbCatW (outRandPoolDispBuffer, sizeof(outRandPoolDispBuffer), L"\n"); + } + SetWindowText (hPoolDisplay, outRandPoolDispBuffer); + + memcpy (lastRandPool, randPool, sizeof(lastRandPool)); + } +} + + +void DisplayPortionsOfKeys (HWND headerKeyHandle, HWND masterKeyHandle, wchar_t *headerKeyStr, wchar_t *masterKeyStr, BOOL hideKeys) +{ + const wchar_t *hiddenKey = L"******************************** "; + + SetWindowTextW (headerKeyHandle, hideKeys ? hiddenKey : (std::wstring (headerKeyStr) + GetString ("TRIPLE_DOT_GLYPH_ELLIPSIS")).c_str()); + SetWindowTextW (masterKeyHandle, hideKeys ? hiddenKey : (std::wstring (masterKeyStr) + GetString ("TRIPLE_DOT_GLYPH_ELLIPSIS")).c_str()); +} + + +static void WipeAbort (void) +{ + EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), FALSE); + + if (bHiddenOS && IsHiddenOSRunning()) + { + /* Decoy system partition wipe */ + + DecoySystemWipeStatus decoySysPartitionWipeStatus; + + try + { + decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); + } + catch (Exception &e) + { + e.Show (MainDlg); + EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); + return; + } + + if (!decoySysPartitionWipeStatus.WipeInProgress) + { + EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); + return; + } + + WaitCursor (); + + try + { + int attempts = SYSENC_PAUSE_RETRIES; + + BootEncObj->AbortDecoyOSWipe (); + + decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); + + while (decoySysPartitionWipeStatus.WipeInProgress && attempts > 0) + { + Sleep (SYSENC_PAUSE_RETRY_INTERVAL); + attempts--; + decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); + } + + if (!decoySysPartitionWipeStatus.WipeInProgress) + BootEncObj->CheckDecoyOSWipeResult (); + + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + NormalCursor (); + + if (decoySysPartitionWipeStatus.WipeInProgress) + { + SetTimer (MainDlg, TIMER_ID_WIPE_PROGRESS, TIMER_INTERVAL_WIPE_PROGRESS, NULL); + EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); + Error ("FAILED_TO_INTERRUPT_WIPING", MainDlg); + return; + } + } + else + { + /* Regular device wipe (not decoy system partition wipe) */ + } + + UpdateWipeControls (); + EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); +} + + +static void WipeStart (void) +{ + if (bHiddenOS && IsHiddenOSRunning()) + { + /* Decoy system partition wipe */ + + EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), FALSE); + + bDeviceWipeInProgress = FALSE; + WaitCursor (); + + try + { + BootEncObj->StartDecoyOSWipe (nWipeMode); + + bDeviceWipeInProgress = TRUE; + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + NormalCursor (); + + if (!bDeviceWipeInProgress) + { + EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); + Error ("FAILED_TO_START_WIPING", MainDlg); + return; + } + } + else + { + /* Regular device wipe (not decoy system partition wipe) */ + } + + InitWipeProgressBar (); + UpdateWipeProgressBar (); + UpdateWipeControls (); + EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); + SetTimer (MainDlg, TIMER_ID_WIPE_PROGRESS, TIMER_INTERVAL_WIPE_PROGRESS, NULL); +} + + +static void UpdateWipeProgressBar (void) +{ + if (bHiddenOS && IsHiddenOSRunning()) + { + /* Decoy system partition wipe */ + + DecoySystemWipeStatus decoySysPartitionWipeStatus; + + try + { + decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); + BootEncStatus = BootEncObj->GetStatus(); + } + catch (...) + { + return; + } + + if (decoySysPartitionWipeStatus.WipedAreaEnd == -1) + UpdateProgressBarProc (0); + else + UpdateProgressBarProc (decoySysPartitionWipeStatus.WipedAreaEnd - BootEncStatus.ConfiguredEncryptedAreaStart + 1); + } + else + { + /* Regular device wipe (not decoy system partition wipe) */ + } +} + + +static void InitWipeProgressBar (void) +{ + if (bHiddenOS && IsHiddenOSRunning()) + { + /* Decoy system partition wipe */ + + DecoySystemWipeStatus decoySysPartitionWipeStatus; + + try + { + decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); + BootEncStatus = BootEncObj->GetStatus(); + } + catch (...) + { + return; + } + + if (BootEncStatus.ConfiguredEncryptedAreaEnd == -1 + || BootEncStatus.ConfiguredEncryptedAreaStart == -1) + return; + + InitProgressBar (BootEncStatus.ConfiguredEncryptedAreaEnd - BootEncStatus.ConfiguredEncryptedAreaStart + 1, + (decoySysPartitionWipeStatus.WipedAreaEnd == BootEncStatus.ConfiguredEncryptedAreaStart || decoySysPartitionWipeStatus.WipedAreaEnd == -1) ? + 0 : decoySysPartitionWipeStatus.WipedAreaEnd - BootEncStatus.ConfiguredEncryptedAreaStart + 1, + FALSE, + TRUE, + FALSE, + TRUE); + } + else + { + /* Regular device wipe (not decoy system partition wipe) */ + } +} + + +static void UpdateWipeControls (void) +{ + if (bHiddenOS && IsHiddenOSRunning()) + { + /* Decoy system partition wipe */ + + DecoySystemWipeStatus decoySysPartitionWipeStatus; + + try + { + decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); + BootEncStatus = BootEncObj->GetStatus(); + } + catch (...) + { + return; + } + + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), !decoySysPartitionWipeStatus.WipeInProgress); + } + else + { + /* Regular device wipe (not decoy system partition wipe) */ + + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), bDeviceWipeInProgress); + + if (!bDeviceWipeInProgress) + { + SetWindowText (GetDlgItem (hCurPage, IDC_TIMEREMAIN), L" "); + } + } + + EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), bDeviceWipeInProgress); + EnableWindow (GetDlgItem (MainDlg, IDC_PREV), !bDeviceWipeInProgress); + + bConfirmQuit = bDeviceWipeInProgress; +} + + + +static void __cdecl sysEncDriveAnalysisThread (void *hwndDlgArg) +{ + // Mark the detection process as 'in progress' + HiddenSectorDetectionStatus = 1; + SaveSettings (NULL); + BroadcastSysEncCfgUpdate (); + + try + { + BootEncObj->ProbeRealSystemDriveSize (); + bSysEncDriveAnalysisTimeOutOccurred = FALSE; + } + catch (TimeOut &) + { + bSysEncDriveAnalysisTimeOutOccurred = TRUE; + } + catch (Exception &e) + { + // There was a problem but the system did not freeze. Mark the detection process as completed. + HiddenSectorDetectionStatus = 0; + SaveSettings (NULL); + BroadcastSysEncCfgUpdate (); + + e.Show (NULL); + EndMainDlg (MainDlg); + exit(0); + } + + // Mark the detection process as completed + HiddenSectorDetectionStatus = 0; + SaveSettings (NULL); + BroadcastSysEncCfgUpdate (); + + // This artificial delay prevents user confusion on systems where the analysis ends almost instantly + Sleep (3000); + + bSysEncDriveAnalysisInProgress = FALSE; +} + +static void __cdecl volTransformThreadFunction (void *hwndDlgArg) +{ + int nStatus; + DWORD dwWin32FormatError; + BOOL bHidden; + HWND hwndDlg = (HWND) hwndDlgArg; + volatile FORMAT_VOL_PARAMETERS *volParams = (FORMAT_VOL_PARAMETERS *) malloc (sizeof(FORMAT_VOL_PARAMETERS)); + + if (volParams == NULL) + AbortProcess ("ERR_MEM_ALLOC"); + + VirtualLock ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS)); + + bOperationSuccess = FALSE; + + if (bGuiMode) + { + bVolTransformThreadRunning = TRUE; + bVolTransformThreadToRun = FALSE; + } + + // Check administrator privileges + if (!IsAdmin () && !IsUacSupported ()) + { + if (fileSystem == FILESYS_NTFS || fileSystem == FILESYS_EXFAT) + { + if (Silent || (MessageBoxW (hwndDlg, GetString ("ADMIN_PRIVILEGES_WARN_NTFS"), lpszTitle, MB_OKCANCEL|MB_ICONWARNING|MB_DEFBUTTON2) == IDCANCEL)) + goto cancel; + } + if (bDevice) + { + if (Silent || (MessageBoxW (hwndDlg, GetString ("ADMIN_PRIVILEGES_WARN_DEVICES"), lpszTitle, MB_OKCANCEL|MB_ICONWARNING|MB_DEFBUTTON2) == IDCANCEL)) + goto cancel; + } + } + + if (!bInPlaceEncNonSys) + { + if (!bDevice) + { + int x = _waccess (szDiskFile, 06); + if (x == 0 || errno != ENOENT) + { + wchar_t szTmp[512]; + + if (!bForceOperation && !((bHiddenVol && !bHiddenVolHost) && errno != EACCES)) // Only ask ask for permission to overwrite an existing volume if we're not creating a hidden volume + { + StringCbPrintfW (szTmp, sizeof szTmp, + GetString (errno == EACCES ? "READONLYPROMPT" : "OVERWRITEPROMPT"), + szDiskFile); + + x = Silent? IDNO : MessageBoxW (hwndDlg, szTmp, lpszTitle, YES_NO|MB_ICONWARNING|MB_DEFBUTTON2); + + if (x != IDYES) + goto cancel; + } + } + + if (_waccess (szDiskFile, 06) != 0) + { + if (errno == EACCES) + { + if (_wchmod (szDiskFile, _S_IREAD | _S_IWRITE) != 0) + { + if (!Silent) MessageBoxW (hwndDlg, GetString ("ACCESSMODEFAIL"), lpszTitle, ICON_HAND); + goto cancel; + } + } + } + + } + else + { + // Partition / device / dynamic volume + + if (!FinalPreTransformPrompts ()) + goto cancel; + } + } + + // Prevent the OS from entering Sleep mode when idle + SetThreadExecutionState (ES_CONTINUOUS | ES_SYSTEM_REQUIRED); + + bHidden = bHiddenVol && !bHiddenVolHost; + + volParams->bDevice = bDevice; + volParams->hiddenVol = bHidden; + volParams->volumePath = szDiskFile; + volParams->size = nVolumeSize; + volParams->hiddenVolHostSize = nHiddenVolHostSize; + volParams->ea = nVolumeEA; + volParams->pkcs5 = hash_algo; + volParams->headerFlags = (CreatingHiddenSysVol() ? TC_HEADER_FLAG_ENCRYPTED_SYSTEM : 0); + volParams->fileSystem = fileSystem; + volParams->clusterSize = clusterSize; + volParams->sparseFileSwitch = bSparseFileSwitch; + volParams->quickFormat = quickFormat; + volParams->sectorSize = GetFormatSectorSize(); + volParams->realClusterSize = &realClusterSize; + volParams->password = &volumePassword; + volParams->pim = volumePim; + volParams->hwndDlg = hwndDlg; + volParams->bForceOperation = bForceOperation; + volParams->bGuiMode = bGuiMode; + + if (bInPlaceDecNonSys) + { + // In-place decryption of non-system volume + + if (!bInPlaceEncNonSysResumed) + DiscardUnreadableEncryptedSectors = FALSE; + + nStatus = DecryptPartitionInPlace (volParams, &DiscardUnreadableEncryptedSectors); + } + else if (bInPlaceEncNonSys) + { + // In-place encryption of non-system volume + + HANDLE hPartition = INVALID_HANDLE_VALUE; + + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PREPARING); + + if (!bInPlaceEncNonSysResumed) + { + bTryToCorrectReadErrors = FALSE; + + nStatus = EncryptPartitionInPlaceBegin (volParams, &hPartition, nWipeMode); + + if (nStatus == ERR_SUCCESS) + { + nStatus = EncryptPartitionInPlaceResume (hPartition, volParams, nWipeMode, &bTryToCorrectReadErrors); + } + else if (hPartition != INVALID_HANDLE_VALUE) + { + CloseHandle (hPartition); + hPartition = INVALID_HANDLE_VALUE; + } + } + else + { + nStatus = EncryptPartitionInPlaceResume (INVALID_HANDLE_VALUE, volParams, nWipeMode, &bTryToCorrectReadErrors); + } + } + else + { + // Format-encryption + + if (hwndDlg && bGuiMode) InitProgressBar (GetVolumeDataAreaSize (bHidden, nVolumeSize), 0, FALSE, FALSE, FALSE, TRUE); + + nStatus = TCFormatVolume (volParams); + } + + // Allow the OS to enter Sleep mode when idle + SetThreadExecutionState (ES_CONTINUOUS); + + if (nStatus == ERR_OUTOFMEMORY) + { + AbortProcess ("OUTOFMEMORY"); + } + + if (bInPlaceEncNonSys + && nStatus == ERR_USER_ABORT + && NonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_FINISHED) + { + // Ignore user abort if non-system in-place encryption/decryption successfully finished + nStatus = ERR_SUCCESS; + } + + + dwWin32FormatError = GetLastError (); + + if (bHiddenVolHost && (!bGuiMode || !bVolTransformThreadCancel) && nStatus == 0) + { + /* Auto mount the newly created hidden volume host */ + switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, hash_algo, volumePim, FALSE)) + { + case ERR_NO_FREE_DRIVES: + if (!Silent) MessageBoxW (hwndDlg, GetString ("NO_FREE_DRIVE_FOR_OUTER_VOL"), lpszTitle, ICON_HAND); + if (bGuiMode) bVolTransformThreadCancel = TRUE; + break; + case ERR_VOL_MOUNT_FAILED: + case ERR_PASSWORD_WRONG: + if (!Silent) MessageBoxW (hwndDlg, GetString ("CANT_MOUNT_OUTER_VOL"), lpszTitle, ICON_HAND); + if (bGuiMode) bVolTransformThreadCancel = TRUE; + break; + } + } + + SetLastError (dwWin32FormatError); + + if ((bVolTransformThreadCancel || nStatus == ERR_USER_ABORT) + && !(bInPlaceEncNonSys && NonSysInplaceEncStatus == NONSYS_INPLACE_ENC_STATUS_FINISHED)) // Ignore user abort if non-system in-place encryption/decryption successfully finished. + { + if (!bDevice && !(bHiddenVol && !bHiddenVolHost)) // If we're not creating a hidden volume and if it's a file container + { + _wremove (szDiskFile); // Delete the container + } + + goto cancel; + } + + if (nStatus != ERR_USER_ABORT) + { + if (nStatus != 0) + { + /* An error occurred */ + + wchar_t szMsg[8192]; + + handleError (hwndDlg, nStatus, SRC_POS); + + if (bInPlaceEncNonSys) + { + if (bInPlaceEncNonSysResumed) + { + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_PAUSED); + Error ("INPLACE_ENC_GENERIC_ERR_RESUME", hwndDlg); + } + else + { + SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_ERROR); + + if (bInPlaceDecNonSys) + Error ("INPLACE_DEC_GENERIC_ERR", hwndDlg); + else + ShowInPlaceEncErrMsgWAltSteps (hwndDlg, "INPLACE_ENC_GENERIC_ERR_ALT_STEPS", TRUE); + } + } + else if (!Silent && !(bHiddenVolHost && hiddenVolHostDriveNo < 0)) // If the error was not that the hidden volume host could not be mounted (this error has already been reported to the user) + { + StringCbPrintfW (szMsg, sizeof(szMsg), GetString ("CREATE_FAILED"), szDiskFile); + MessageBoxW (hwndDlg, szMsg, lpszTitle, ICON_HAND); + } + + if (!bDevice && !(bHiddenVol && !bHiddenVolHost)) // If we're not creating a hidden volume and if it's a file container + { + _wremove (szDiskFile); // Delete the container + } + + goto cancel; + } + else + { + /* Volume successfully created */ + + RestoreDefaultKeyFilesParam (); + + PimEnable = FALSE; + + bOperationSuccess = TRUE; + + if (bDevice && !bInPlaceEncNonSys) + { + // Handle assigned drive letter (if any) + + HandleOldAssignedDriveLetter (); + } + + if (!bHiddenVolHost) + { + if (bHiddenVol) + { + bHiddenVolFinished = TRUE; + + if (!bHiddenOS) + Warning ("HIDVOL_FORMAT_FINISHED_HELP", hwndDlg); + } + else if (bInPlaceEncNonSys) + { + if (!bInPlaceDecNonSys) + { + Warning ("NONSYS_INPLACE_ENC_FINISHED_INFO", hwndDlg); + + HandleOldAssignedDriveLetter (); + } + else + { + // NOP - Final steps for in-place decryption are handled with the TC_APPMSG_NONSYS_INPLACE_ENC_FINISHED message. + } + } + else + { + Info("FORMAT_FINISHED_INFO", hwndDlg); + + if (bSparseFileSwitch && quickFormat) + Warning("SPARSE_FILE_SIZE_NOTE", hwndDlg); + } + } + else + { + /* We've just created an outer volume (to host a hidden volume within) */ + + bHiddenVolHost = FALSE; + bHiddenVolFinished = FALSE; + nHiddenVolHostSize = nVolumeSize; + + // Clear the outer volume password + burn(&szVerify[0], sizeof (szVerify)); + burn(&szRawPassword[0], sizeof (szRawPassword)); + + if (!Silent) MessageBeep (MB_OK); + } + + if (!bInPlaceEncNonSys && hwndDlg && bGuiMode) + SetTimer (hwndDlg, TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL); + + + // volParams is ensured to be non NULL at this stage + burn ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS)); + VirtualUnlock ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS)); + free ((LPVOID) volParams); + volParams = NULL; + + if (bGuiMode) + { + bVolTransformThreadRunning = FALSE; + bVolTransformThreadCancel = FALSE; + } + + if (hwndDlg && bGuiMode) PostMessage (hwndDlg, bInPlaceEncNonSys ? TC_APPMSG_NONSYS_INPLACE_ENC_FINISHED : TC_APPMSG_FORMAT_FINISHED, 0, 0); + + LastDialogId = "FORMAT_FINISHED"; + if (bGuiMode) _endthread (); + } + } + +cancel: + + LastDialogId = (bInPlaceEncNonSys ? "NONSYS_INPLACE_ENC_CANCELED" : "FORMAT_CANCELED"); + + if (!bInPlaceEncNonSys && hwndDlg && bGuiMode) + SetTimer (hwndDlg, TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL); + + if (volParams != NULL) + { + burn ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS)); + VirtualUnlock ((LPVOID) volParams, sizeof(FORMAT_VOL_PARAMETERS)); + free ((LPVOID) volParams); + volParams = NULL; + } + + if (bGuiMode) + { + bVolTransformThreadRunning = FALSE; + bVolTransformThreadCancel = FALSE; + } + + // Allow the OS to enter Sleep mode when idle + SetThreadExecutionState (ES_CONTINUOUS); + + if (hwndDlg) PostMessage (hwndDlg, TC_APPMSG_VOL_TRANSFORM_THREAD_ENDED, 0, 0); + + if (bHiddenVolHost && hiddenVolHostDriveNo < -1 && !bVolTransformThreadCancel) // If hidden volume host could not be mounted + AbortProcessSilent (); + + if (bGuiMode) _endthread (); +} + +static void LoadPage (HWND hwndDlg, int nPageNo) +{ + RECT rD, rW; + + nLastPageNo = nCurPageNo; + + if (hCurPage != NULL) + { + // WARNING: nCurPageNo must be set to a non-existent ID here before wiping the password fields below in + // this function, etc. Otherwise, such actions (SetWindowText) would invoke the EN_CHANGE handlers, which + // would, if keyfiles were applied, e.g. use strlen() on a buffer full of random data, in most cases + // not null-terminated. + nCurPageNo = -1; + + + // Place here any actions that need to be performed at the latest possible time when leaving a wizard page + // (i.e. right before "destroying" the page). Also, code that needs to be executed both on IDC_NEXT and + // on IDC_PREV can be placed here so as to avoid code doubling. + + switch (nLastPageNo) + { + case PASSWORD_PAGE: + { + wchar_t tmp[MAX_PASSWORD+1]; + + // Attempt to wipe passwords stored in the input field buffers. This is performed here (and + // not in the IDC_PREV or IDC_NEXT sections) in order to prevent certain race conditions + // when keyfiles are used. + wmemset (tmp, 'X', MAX_PASSWORD); + tmp [MAX_PASSWORD] = 0; + SetWindowText (hPasswordInputField, tmp); + SetWindowText (hVerifyPasswordInputField, tmp); + } + break; + } + + DestroyWindow (hCurPage); + hCurPage = NULL; + } + + // This prevents the mouse pointer from remaining as the "hand" cursor when the user presses Enter + // while hovering over a hyperlink. + bHyperLinkBeingTracked = FALSE; + NormalCursor(); + + GetWindowRect (GetDlgItem (hwndDlg, IDC_POS_BOX), &rW); + + + nCurPageNo = nPageNo; + + + switch (nPageNo) + { + case INTRO_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INTRO_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case SYSENC_TYPE_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_TYPE_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case SYSENC_HIDDEN_OS_REQ_CHECK_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case SYSENC_SPAN_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_SPAN_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case SYSENC_PRE_DRIVE_ANALYSIS_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case SYSENC_DRIVE_ANALYSIS_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_DRIVE_ANALYSIS_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case SYSENC_MULTI_BOOT_MODE_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_MULTI_BOOT_MODE_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case SYSENC_MULTI_BOOT_SYS_EQ_BOOT_PAGE: + case SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_PAGE: + case SYSENC_MULTI_BOOT_ADJACENT_SYS_PAGE: + case SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case SYSENC_MULTI_BOOT_OUTCOME_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case VOLUME_TYPE_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_VOLUME_TYPE_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case HIDDEN_VOL_WIZARD_MODE_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_HIDDEN_VOL_WIZARD_MODE_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case VOLUME_LOCATION_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_VOLUME_LOCATION_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + + EnableWindow (GetDlgItem(hCurPage, IDC_NO_HISTORY), !bHistoryCmdLine); + + EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), + GetWindowTextLength (GetDlgItem (hCurPage, IDC_COMBO_BOX)) > 0); + + break; + + case DEVICE_TRANSFORM_MODE_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_DEVICE_TRANSFORM_MODE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case HIDDEN_VOL_HOST_PRE_CIPHER_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case HIDDEN_VOL_PRE_CIPHER_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case CIPHER_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_CIPHER_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case SIZE_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SIZE_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case HIDDEN_VOL_HOST_PASSWORD_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PASSWORD_ENTRY_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case PASSWORD_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PASSWORD_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case PIM_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PIM_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case FILESYS_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case SYSENC_COLLECTING_RANDOM_DATA_PAGE: + case NONSYS_INPLACE_ENC_RAND_DATA_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_COLLECTING_RANDOM_DATA_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case SYSENC_KEYS_GEN_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_KEYS_GEN_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case SYSENC_RESCUE_DISK_CREATION_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_RESCUE_DISK_CREATION_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case SYSENC_RESCUE_DISK_BURN_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_RESCUE_DISK_BURN_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case SYSENC_RESCUE_DISK_VERIFIED_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case SYSENC_WIPE_MODE_PAGE: + case NONSYS_INPLACE_ENC_WIPE_MODE_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_WIPE_MODE_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case SYSENC_PRETEST_INFO_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case SYSENC_PRETEST_RESULT_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case SYSENC_ENCRYPTION_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INPLACE_ENCRYPTION_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PASSWORD_ENTRY_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case NONSYS_INPLACE_ENC_RESUME_PARTITION_SEL_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_EXPANDED_LIST_SELECT_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case NONSYS_INPLACE_ENC_TRANSFORM_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INPLACE_ENCRYPTION_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case NONSYS_INPLACE_ENC_TRANSFORM_FINISHED_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case NONSYS_INPLACE_DEC_TRANSFORM_FINISHED_DRIVE_LETTER_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_DRIVE_LETTER_SELECTION_PAGE), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case FORMAT_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_FORMAT_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + case FORMAT_FINISHED_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW ((bHiddenVol && !bHiddenVolHost && !bHiddenVolFinished) ? IDD_HIDVOL_HOST_FILL_PAGE_DLG : IDD_INFO_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case SYSENC_HIDDEN_OS_INITIAL_INFO_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, (DLGPROC) PageDialogProc); + break; + + case SYSENC_HIDDEN_OS_WIPE_INFO_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INFO_PAGE_DLG), hwndDlg, (DLGPROC) PageDialogProc); + break; + + case DEVICE_WIPE_MODE_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_DEVICE_WIPE_MODE_PAGE_DLG), hwndDlg, (DLGPROC) PageDialogProc); + break; + + case DEVICE_WIPE_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_DEVICE_WIPE_PAGE_DLG), hwndDlg, (DLGPROC) PageDialogProc); + break; + } + + rD.left = 162; + rD.top = 25; + rD.right = 0; + rD.bottom = 0; + MapDialogRect (hwndDlg, &rD); + + if (hCurPage != NULL) + { + MoveWindow (hCurPage, rD.left, rD.top, rW.right - rW.left, rW.bottom - rW.top, TRUE); + ShowWindow (hCurPage, SW_SHOWNORMAL); + + // Place here any message boxes that need to be displayed as soon as a new page is displayed. This + // ensures that the page is fully rendered (otherwise it would remain blank, until the message box + // is closed). + switch (nPageNo) + { + case PASSWORD_PAGE: + + CheckCapsLock (hwndDlg, FALSE); + + if (CreatingHiddenSysVol()) + Warning ("PASSWORD_HIDDEN_OS_NOTE", MainDlg); + + break; + + case CIPHER_PAGE: + + if (CreatingHiddenSysVol()) + Warning ("HIDDEN_OS_PRE_CIPHER_WARNING", MainDlg); + + break; + } + } +} + + +__int64 PrintFreeSpace (HWND hwndTextBox, wchar_t *lpszDrive, PLARGE_INTEGER lDiskFree) +{ + char *nResourceString; + __int64 nMultiplier; + wchar_t szTmp2[256]; + + if (lDiskFree->QuadPart < BYTES_PER_KB) + nMultiplier = 1; + else if (lDiskFree->QuadPart < BYTES_PER_MB) + nMultiplier = BYTES_PER_KB; + else if (lDiskFree->QuadPart < BYTES_PER_GB) + nMultiplier = BYTES_PER_MB; + else if (lDiskFree->QuadPart < BYTES_PER_TB) + nMultiplier = BYTES_PER_GB; + else + nMultiplier = BYTES_PER_TB; + + if (nMultiplier == 1) + { + if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume + nResourceString = "MAX_HIDVOL_SIZE_BYTES"; + else if (bDevice) + nResourceString = "DEVICE_FREE_BYTES"; + else + nResourceString = "DISK_FREE_BYTES"; + } + else if (nMultiplier == BYTES_PER_KB) + { + if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume + nResourceString = "MAX_HIDVOL_SIZE_KB"; + else if (bDevice) + nResourceString = "DEVICE_FREE_KB"; + else + nResourceString = "DISK_FREE_KB"; + } + else if (nMultiplier == BYTES_PER_MB) + { + if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume + nResourceString = "MAX_HIDVOL_SIZE_MB"; + else if (bDevice) + nResourceString = "DEVICE_FREE_MB"; + else + nResourceString = "DISK_FREE_MB"; + } + else if (nMultiplier == BYTES_PER_GB) + { + if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume + nResourceString = "MAX_HIDVOL_SIZE_GB"; + else if (bDevice) + nResourceString = "DEVICE_FREE_GB"; + else + nResourceString = "DISK_FREE_GB"; + } + else + { + if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume + nResourceString = "MAX_HIDVOL_SIZE_TB"; + else if (bDevice) + nResourceString = "DEVICE_FREE_TB"; + else + nResourceString = "DISK_FREE_TB"; + } + + if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume + { + StringCbPrintfW (szTmp2, sizeof szTmp2, GetString (nResourceString), ((double) lDiskFree->QuadPart) / nMultiplier); + SetWindowTextW (GetDlgItem (hwndTextBox, IDC_SIZEBOX), szTmp2); + } + else if (lpszDrive) + StringCbPrintfW (szTmp2, sizeof szTmp2, GetString (nResourceString), lpszDrive, ((double) lDiskFree->QuadPart) / nMultiplier); + else + szTmp2 [0] = 0; + + SetWindowTextW (hwndTextBox, szTmp2); + + if (lDiskFree->QuadPart % (__int64) BYTES_PER_MB != 0) + nMultiplier = BYTES_PER_KB; + + return nMultiplier; +} + +void DisplaySizingErrorText (HWND hwndTextBox) +{ + wchar_t szTmp[1024]; + + if (translateWin32Error (szTmp, sizeof (szTmp) / sizeof(szTmp[0]))) + { + wchar_t szTmp2[1024]; + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s\n%s", GetString ("CANNOT_CALC_SPACE"), szTmp); + SetWindowTextW (hwndTextBox, szTmp2); + } + else + { + SetWindowText (hwndTextBox, L""); + } +} + +void EnableDisableFileNext (HWND hComboBox, HWND hMainButton) +{ + int nIndex = (int) SendMessage (hComboBox, CB_GETCURSEL, 0, 0); + if (bHistory && nIndex == CB_ERR) + { + EnableWindow (hMainButton, FALSE); + SetFocus (hComboBox); + } + else + { + EnableWindow (hMainButton, TRUE); + SetFocus (hMainButton); + } +} + +// Returns TRUE if the file is a sparse file. If it's not a sparse file or in case of any error, returns FALSE. +BOOL IsSparseFile (HWND hwndDlg) +{ + HANDLE hFile; + BY_HANDLE_FILE_INFORMATION bhFileInfo; + + FILETIME ftLastAccessTime; + BOOL bTimeStampValid = FALSE; + + BOOL retCode = FALSE; + + hFile = CreateFile (szFileName, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (hFile == INVALID_HANDLE_VALUE) + { + MessageBoxW (hwndDlg, GetString ("CANT_ACCESS_VOL"), lpszTitle, ICON_HAND); + return FALSE; + } + + if (bPreserveTimestamp) + { + if (GetFileTime (hFile, NULL, &ftLastAccessTime, NULL) == 0) + bTimeStampValid = FALSE; + else + bTimeStampValid = TRUE; + } + + bhFileInfo.dwFileAttributes = 0; + + GetFileInformationByHandle(hFile, &bhFileInfo); + + retCode = bhFileInfo.dwFileAttributes & FILE_ATTRIBUTE_SPARSE_FILE; + + if (bTimeStampValid) + SetFileTime (hFile, NULL, &ftLastAccessTime, NULL); + + CloseHandle (hFile); + return retCode; +} + + +// Note: GetFileVolSize is not to be used for devices (only for file-hosted volumes) +BOOL GetFileVolSize (HWND hwndDlg, unsigned __int64 *size) +{ + LARGE_INTEGER fileSize; + HANDLE hFile; + + FILETIME ftLastAccessTime; + BOOL bTimeStampValid = FALSE; + + hFile = CreateFile (szFileName, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (hFile == INVALID_HANDLE_VALUE) + { + MessageBoxW (hwndDlg, GetString ("CANT_ACCESS_VOL"), lpszTitle, ICON_HAND); + return FALSE; + } + + if (bPreserveTimestamp) + { + if (GetFileTime (hFile, NULL, &ftLastAccessTime, NULL) == 0) + bTimeStampValid = FALSE; + else + bTimeStampValid = TRUE; + } + + if (GetFileSizeEx(hFile, &fileSize) == 0) + { + MessageBoxW (hwndDlg, GetString ("CANT_GET_VOLSIZE"), lpszTitle, ICON_HAND); + + if (bTimeStampValid) + SetFileTime (hFile, NULL, &ftLastAccessTime, NULL); + + CloseHandle (hFile); + return FALSE; + } + + if (bTimeStampValid) + SetFileTime (hFile, NULL, &ftLastAccessTime, NULL); + + CloseHandle (hFile); + *size = fileSize.QuadPart; + return TRUE; +} + + +BOOL QueryFreeSpace (HWND hwndDlg, HWND hwndTextBox, BOOL display) +{ + if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume + { + LARGE_INTEGER lDiskFree; + + lDiskFree.QuadPart = nMaximumHiddenVolSize; + + if (display) + PrintFreeSpace (hwndTextBox, NULL, &lDiskFree); + + return TRUE; + } + else if (bDevice == FALSE) + { + wchar_t root[TC_MAX_PATH]; + ULARGE_INTEGER free; + + if (!GetVolumePathName (szFileName, root, ARRAYSIZE (root))) + { + handleWin32Error (hwndDlg, SRC_POS); + return FALSE; + } + + if (!GetDiskFreeSpaceEx (root, &free, 0, 0)) + { + if (display) + DisplaySizingErrorText (hwndTextBox); + + return FALSE; + } + else + { + LARGE_INTEGER lDiskFree; + lDiskFree.QuadPart = free.QuadPart; + + if (display) + PrintFreeSpace (hwndTextBox, root, &lDiskFree); + + return TRUE; + } + } + else + { + DISK_GEOMETRY driveInfo; + PARTITION_INFORMATION diskInfo; + BOOL piValid = FALSE; + BOOL gValid = FALSE; + + // Query partition size + piValid = GetPartitionInfo (szDiskFile, &diskInfo); + gValid = GetDriveGeometry (szDiskFile, &driveInfo); + + if (!piValid && !gValid) + { + if (display) + DisplaySizingErrorText (hwndTextBox); + + return FALSE; + } + + DWORD sectorSize = GetFormatSectorSize(); + + if (sectorSize < TC_MIN_VOLUME_SECTOR_SIZE + || sectorSize > TC_MAX_VOLUME_SECTOR_SIZE + || sectorSize % ENCRYPTION_DATA_UNIT_SIZE != 0) + { + Error ("SECTOR_SIZE_UNSUPPORTED", hwndDlg); + return FALSE; + } + + if (piValid) + { + nVolumeSize = diskInfo.PartitionLength.QuadPart; + + if(display) + nMultiplier = PrintFreeSpace (hwndTextBox, szDiskFile, &diskInfo.PartitionLength); + + nUIVolumeSize = diskInfo.PartitionLength.QuadPart / nMultiplier; + + if (nVolumeSize == 0) + { + if (display) + SetWindowTextW (hwndTextBox, GetString ("EXT_PARTITION")); + + return FALSE; + } + } + else + { + LARGE_INTEGER lDiskFree; + + // Drive geometry info is used only when GetPartitionInfo() fails + lDiskFree.QuadPart = driveInfo.Cylinders.QuadPart * driveInfo.BytesPerSector * + driveInfo.SectorsPerTrack * driveInfo.TracksPerCylinder; + + nVolumeSize = lDiskFree.QuadPart; + + if (display) + nMultiplier = PrintFreeSpace (hwndTextBox, szDiskFile, &lDiskFree); + + nUIVolumeSize = lDiskFree.QuadPart / nMultiplier; + } + + return TRUE; + } +} + + +static BOOL FinalPreTransformPrompts (void) +{ + int x; + wchar_t szTmp[4096]; + int driveNo; + WCHAR deviceName[MAX_PATH]; + + StringCbCopyW (deviceName, sizeof(deviceName), szFileName); + + driveNo = GetDiskDeviceDriveLetter (deviceName); + + if (!bForceOperation && !(bHiddenVol && !bHiddenVolHost)) // Do not ask for permission to overwrite an existing volume if we're creating a hidden volume within it + { + wchar_t drive[128]; + wchar_t volumeLabel[128]; + wchar_t *type; + BOOL bTmpIsPartition = FALSE; + + type = GetPathType (szFileName, !bInPlaceEncNonSys, &bTmpIsPartition); + + if (driveNo != -1) + { + if (!GetDriveLabel (driveNo, volumeLabel, sizeof (volumeLabel))) + volumeLabel[0] = 0; + + StringCbPrintfW (drive, sizeof (drive), volumeLabel[0] ? L" (%hc: '%s')" : L" (%hc:%s)", 'A' + driveNo, volumeLabel[0] ? volumeLabel : L""); + } + else + { + drive[0] = 0; + volumeLabel[0] = 0; + } + + if (bHiddenOS && bHiddenVolHost) + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("OVERWRITEPROMPT_DEVICE_HIDDEN_OS_PARTITION"), szFileName, drive); + else + StringCbPrintfW (szTmp, sizeof(szTmp), GetString (bInPlaceEncNonSys ? (bInPlaceDecNonSys ? "NONSYS_INPLACE_DEC_CONFIRM" : "NONSYS_INPLACE_ENC_CONFIRM") : "OVERWRITEPROMPT_DEVICE"), type, szFileName, drive); + + if (bInPlaceEncNonSys) + x = AskWarnYesNoString (szTmp, MainDlg); + else + x = AskWarnNoYesString (szTmp, MainDlg); + + if (x != IDYES) + return FALSE; + + + if (driveNo != -1 && bTmpIsPartition && !bInPlaceEncNonSys) + { + float percentFreeSpace = 100.0; + __int64 occupiedBytes = 0; + + // Do a second check. If we find that the partition contains more than 1GB of data or more than 12% + // of its space is occupied, we will display an extra warning, however, this time it won't be a Yes/No + // dialog box (because users often ignore such dialog boxes). + + if (GetStatsFreeSpaceOnPartition (szFileName, &percentFreeSpace, &occupiedBytes, TRUE) != -1) + { + if (occupiedBytes > BYTES_PER_GB && percentFreeSpace < 99.99 // "percentFreeSpace < 99.99" is needed because an NTFS filesystem larger than several terabytes can have more than 1GB of data in use, even if there are no files stored on it. + || percentFreeSpace < 88) // A 24-MB NTFS filesystem has 11.5% of space in use even if there are no files stored on it. + { + wchar_t tmpMcMsg [8000]; + wchar_t tmpMcOption1 [500]; + wchar_t tmpMcOptionCancel [50]; + + StringCbCopyW (tmpMcMsg, sizeof(tmpMcMsg), GetString("OVERWRITEPROMPT_DEVICE_SECOND_WARNING_LOTS_OF_DATA")); + StringCbCopyW (tmpMcOption1, sizeof(tmpMcOption1), GetString("ERASE_FILES_BY_CREATING_VOLUME")); + StringCbCopyW (tmpMcOptionCancel, sizeof(tmpMcOptionCancel), GetString("CANCEL")); + + StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), L"\n\n"); + StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), GetString("DRIVE_LETTER_ITEM")); + StringCbPrintfW (szTmp, sizeof (szTmp), L"%hc:", 'A' + driveNo); + StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), szTmp); + + StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), L"\n"); + StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), GetString("LABEL_ITEM")); + StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), volumeLabel[0] != 0 ? volumeLabel : GetString("NOT_APPLICABLE_OR_NOT_AVAILABLE")); + + StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), L"\n"); + StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), GetString("SIZE_ITEM")); + GetSizeString (nVolumeSize, szTmp, sizeof(szTmp)); + StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), szTmp); + + StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), L"\n"); + StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), GetString("PATH_ITEM")); + StringCbCatW (tmpMcMsg, sizeof(tmpMcMsg), deviceName); + + wchar_t *tmpStr[] = {L"", tmpMcMsg, tmpMcOption1, tmpMcOptionCancel, 0}; + switch (AskMultiChoice ((void **) tmpStr, TRUE, MainDlg)) + { + case 1: + // Proceed + + // NOP + break; + + default: + return FALSE; + } + } + } + } + } + return TRUE; +} + +void UpdateLastDialogId (void) +{ + static char PageDebugId[128]; + + StringCbPrintfA (PageDebugId, sizeof(PageDebugId), "FORMAT_PAGE_%d", nCurPageNo); + LastDialogId = PageDebugId; +} + + +void HandleOldAssignedDriveLetter (void) +{ + if (bDevice) + { + // Handle assigned drive letter (if any) + + WCHAR deviceName[MAX_PATH]; + int driveLetter = -1; + + StringCbCopyW (deviceName, sizeof(deviceName), szDiskFile); + driveLetter = GetDiskDeviceDriveLetter (deviceName); + + if (!Silent && !bHiddenVolHost + && !bHiddenOS + && driveLetter >= 0) + { + wchar_t rootPath[] = { (wchar_t) driveLetter + L'A', L':', L'\\', 0 }; + wchar_t szTmp[8192]; + + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("AFTER_FORMAT_DRIVE_LETTER_WARN"), rootPath[0], rootPath[0], rootPath[0], rootPath[0]); + MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING); + } + } +} + + +// Returns TRUE if it makes sense to ask the user whether he wants to store files larger than 4GB in the volume. +static BOOL FileSize4GBLimitQuestionNeeded (void) +{ + uint64 dataAreaSize = GetVolumeDataAreaSize (bHiddenVol && !bHiddenVolHost, nVolumeSize); + + return (dataAreaSize > 4 * BYTES_PER_GB + TC_MIN_FAT_FS_SIZE + && dataAreaSize <= TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize()); +} + + +/* Except in response to the WM_INITDIALOG message, the dialog box procedure + should return nonzero if it processes the message, and zero if it does + not. - see DialogProc */ +BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + WORD hw = HIWORD (wParam); + static BOOL PimValueChangedWarning = FALSE; + + hCurPage = hwndDlg; + + switch (uMsg) + { + case WM_INITDIALOG: + PimValueChangedWarning = FALSE; + LocalizeDialog (hwndDlg, "IDD_VOL_CREATION_WIZARD_DLG"); + + burn (randPool, sizeof(randPool)); + burn (lastRandPool, sizeof(lastRandPool)); + burn (maskRandPool, sizeof (maskRandPool)); + + UpdateLastDialogId (); + + switch (nCurPageNo) + { + case INTRO_PAGE: + + SendMessage (GetDlgItem (hwndDlg, IDC_FILE_CONTAINER), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + SendMessage (GetDlgItem (hwndDlg, IDC_NONSYS_DEVICE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + SendMessage (GetDlgItem (hwndDlg, IDC_SYS_DEVICE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("INTRO_TITLE")); + + ToHyperlink (hwndDlg, IDC_MORE_INFO_ON_CONTAINERS); + ToHyperlink (hwndDlg, IDC_MORE_INFO_ON_SYS_ENCRYPTION); + + EnableWindow (GetDlgItem (hwndDlg, IDC_STD_VOL), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_HIDDEN_VOL), TRUE); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + + UpdateWizardModeControls (hwndDlg, WizardMode); + break; + + case SYSENC_TYPE_PAGE: + + bHiddenVolHost = bHiddenVol = bHiddenOS; + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_TYPE_PAGE_TITLE")); + + SendMessage (GetDlgItem (hwndDlg, IDC_SYSENC_HIDDEN), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + SendMessage (GetDlgItem (hwndDlg, IDC_SYSENC_NORMAL), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + + CheckButton (GetDlgItem (hwndDlg, bHiddenOS ? IDC_SYSENC_HIDDEN : IDC_SYSENC_NORMAL)); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_HIDDEN_TYPE_HELP")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP_SYSENC_NORMAL), GetString ("SYSENC_NORMAL_TYPE_HELP")); + + ToHyperlink (hwndDlg, IDC_HIDDEN_SYSENC_INFO_LINK); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), !bDirectSysEncMode); + + SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); + break; + + case SYSENC_HIDDEN_OS_REQ_CHECK_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_HELP")); + SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); + + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (MainDlg, IDC_PREV), bDirectSysEncModeCommand != SYSENC_COMMAND_CREATE_HIDDEN_OS && bDirectSysEncModeCommand != SYSENC_COMMAND_CREATE_HIDDEN_OS_ELEV); + + ToHyperlink (hwndDlg, IDC_HIDDEN_SYSENC_INFO_LINK); + break; + + case SYSENC_SPAN_PAGE: + + SendMessage (GetDlgItem (hwndDlg, IDC_WHOLE_SYS_DRIVE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + SendMessage (GetDlgItem (hwndDlg, IDC_SYS_PARTITION), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYS_ENCRYPTION_SPAN_TITLE")); + + SetWindowTextW (GetDlgItem (hwndDlg, IDT_WHOLE_SYS_DRIVE), GetString ("SYS_ENCRYPTION_SPAN_WHOLE_SYS_DRIVE_HELP")); + + CheckButton (GetDlgItem (hwndDlg, bWholeSysDrive ? IDC_WHOLE_SYS_DRIVE : IDC_SYS_PARTITION)); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + break; + + + case SYSENC_PRE_DRIVE_ANALYSIS_PAGE: + + Init2RadButtonPageYesNo (SysEncDetectHiddenSectors); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_PRE_DRIVE_ANALYSIS_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_PRE_DRIVE_ANALYSIS_HELP")); + break; + + + case SYSENC_DRIVE_ANALYSIS_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_DRIVE_ANALYSIS_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDT_SYSENC_DRIVE_ANALYSIS_INFO), GetString ("SYSENC_DRIVE_ANALYSIS_INFO")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), FALSE); + EnableWindow (GetDlgItem (MainDlg, IDC_PREV), FALSE); + EnableWindow (GetDlgItem (MainDlg, IDCANCEL), FALSE); + + LoadSettings (hwndDlg); + + if (HiddenSectorDetectionStatus == 1) + { + // Detection of hidden sectors was already in progress but it did not finish successfully. + // Ask the user if he wants to try again (to prevent repeated system freezing, etc.) + + char *tmpStr[] = {0, "HIDDEN_SECTOR_DETECTION_FAILED_PREVIOUSLY", "SKIP_HIDDEN_SECTOR_DETECTION", "RETRY_HIDDEN_SECTOR_DETECTION", "IDC_EXIT", 0}; + switch (AskMultiChoice ((void **) tmpStr, FALSE, MainDlg)) + { + case 1: + // Do not try again + LoadPage (MainDlg, SYSENC_DRIVE_ANALYSIS_PAGE + 1); + return 0; + + case 2: + // Try again + break; + + default: + EndMainDlg (MainDlg); + return 0; + } + } + + SetTimer (MainDlg, TIMER_ID_SYSENC_DRIVE_ANALYSIS_PROGRESS, TIMER_INTERVAL_SYSENC_DRIVE_ANALYSIS_PROGRESS, NULL); + bSysEncDriveAnalysisInProgress = TRUE; + ArrowWaitCursor (); + SysEncDriveAnalysisStart = GetTickCount (); + InitProgressBar (SYSENC_DRIVE_ANALYSIS_ETA, 0, FALSE, FALSE, FALSE, TRUE); + + _beginthread (sysEncDriveAnalysisThread, 0, hwndDlg); + + break; + + + case SYSENC_MULTI_BOOT_MODE_PAGE: + + SendMessage (GetDlgItem (hwndDlg, IDC_SINGLE_BOOT), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + SendMessage (GetDlgItem (hwndDlg, IDC_MULTI_BOOT), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYS_MULTI_BOOT_MODE_TITLE")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); + + RefreshMultiBootControls (hwndDlg); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), nMultiBoot > 0); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); + break; + + + case SYSENC_MULTI_BOOT_SYS_EQ_BOOT_PAGE: + + Init2RadButtonPageYesNo (SysEncMultiBootCfg.SystemOnBootDrive); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_MULTI_BOOT_SYS_EQ_BOOT_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_MULTI_BOOT_SYS_EQ_BOOT_HELP")); + break; + + + case SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_PAGE: + + SetWindowTextW (GetDlgItem (hCurPage, IDC_CHOICE1), GetString ("DIGIT_ONE")); + SetWindowTextW (GetDlgItem (hCurPage, IDC_CHOICE2), GetString ("TWO_OR_MORE")); + + SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); + + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), SysEncMultiBootCfg.NumberOfSysDrives > 0); + EnableWindow (GetDlgItem (MainDlg, IDC_PREV), TRUE); + + if (SysEncMultiBootCfg.NumberOfSysDrives == 2) + Update2RadButtonPage (0); // 2 or more drives contain an OS + else if (SysEncMultiBootCfg.NumberOfSysDrives == 1) + Update2RadButtonPage (1); // Only 1 drive contains an OS + else + Update2RadButtonPage (-1); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_HELP")); + break; + + + case SYSENC_MULTI_BOOT_ADJACENT_SYS_PAGE: + + Init2RadButtonPageYesNo (SysEncMultiBootCfg.MultipleSystemsOnDrive); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_MULTI_BOOT_ADJACENT_SYS_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_MULTI_BOOT_ADJACENT_SYS_HELP")); + break; + + + case SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE: + + Init2RadButtonPageYesNo (SysEncMultiBootCfg.BootLoaderBrand); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_HELP")); + break; + + + case SYSENC_MULTI_BOOT_OUTCOME_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_MULTI_BOOT_OUTCOME_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), SysEncMultiBootCfgOutcome); + SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (MainDlg, IDC_PREV), TRUE); + break; + + + case VOLUME_TYPE_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("VOLUME_TYPE_TITLE")); + + SendMessage (GetDlgItem (hwndDlg, IDC_HIDDEN_VOL), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + SendMessage (GetDlgItem (hwndDlg, IDC_STD_VOL), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + + CheckButton (GetDlgItem (hwndDlg, bHiddenVol ? IDC_HIDDEN_VOL : IDC_STD_VOL)); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("HIDDEN_VOLUME_TYPE_HELP")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP_NORMAL_VOL), GetString ("NORMAL_VOLUME_TYPE_HELP")); + + ToHyperlink (hwndDlg, IDC_HIDDEN_VOL_HELP); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + + SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); + break; + + case HIDDEN_VOL_WIZARD_MODE_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("HIDDEN_VOL_WIZARD_MODE_TITLE")); + + SendMessage (GetDlgItem (hwndDlg, IDC_HIDVOL_WIZ_MODE_DIRECT), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + SendMessage (GetDlgItem (hwndDlg, IDC_HIDVOL_WIZ_MODE_FULL), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + + CheckButton (GetDlgItem (hwndDlg, bHiddenVolDirect ? IDC_HIDVOL_WIZ_MODE_DIRECT : IDC_HIDVOL_WIZ_MODE_FULL)); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("HIDDEN_VOL_WIZARD_MODE_NORMAL_HELP")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP2), GetString ("HIDDEN_VOL_WIZARD_MODE_DIRECT_HELP")); + + EnableWindow (GetDlgItem (hwndDlg, IDC_HIDVOL_WIZ_MODE_DIRECT), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_HIDVOL_WIZ_MODE_FULL), TRUE); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + + break; + + case VOLUME_LOCATION_PAGE: + { + char *nID; + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_SELECT_VOLUME_LOCATION), + GetString (bDevice ? "IDC_SELECT_DEVICE" : "IDC_SELECT_FILE")); + + if (bHiddenVolDirect && bHiddenVolHost) + { + nID = "FILE_HELP_HIDDEN_HOST_VOL_DIRECT"; + } + else + { + if (bDevice) + nID = bHiddenVolHost ? "DEVICE_HELP_HIDDEN_HOST_VOL" : "DEVICE_HELP"; + else + nID = bHiddenVolHost ? "FILE_HELP_HIDDEN_HOST_VOL" : "FILE_HELP"; + } + + SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_RESETCONTENT, 0, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_LIMITTEXT, TC_MAX_PATH, 0); + + LoadCombo (GetDlgItem (hwndDlg, IDC_COMBO_BOX), bHistory, FALSE, NULL); + + SendMessage (GetDlgItem (hwndDlg, IDC_NO_HISTORY), BM_SETCHECK, bHistory ? BST_UNCHECKED : BST_CHECKED, 0); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("FILE_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (nID)); + + SetFocus (GetDlgItem (hwndDlg, IDC_COMBO_BOX)); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + + AddComboItem (GetDlgItem (hwndDlg, IDC_COMBO_BOX), szFileName, bHistory); + + EnableDisableFileNext (GetDlgItem (hwndDlg, IDC_COMBO_BOX), + GetDlgItem (GetParent (hwndDlg), IDC_NEXT)); + + } + break; + + case DEVICE_TRANSFORM_MODE_PAGE: + + if (!bDeviceTransformModeChoiceMade && !bInPlaceEncNonSys) + { + // The user has not chosen whether to perform in-place encryption or format yet. + // We will preselect in-place encryption if the requirements are met and if the + // filesystem does not appear empty. + + WaitCursor(); + + if (CheckRequirementsForNonSysInPlaceEnc (hwndDlg, szDiskFile, TRUE)) + { + bInPlaceEncNonSys = (FileSystemAppearsEmpty (szDiskFile) == 0); + } + } + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("DEVICE_TRANSFORM_MODE_PAGE_TITLE")); + + SendMessage (GetDlgItem (hwndDlg, IDC_DEVICE_TRANSFORM_MODE_INPLACE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + SendMessage (GetDlgItem (hwndDlg, IDC_DEVICE_TRANSFORM_MODE_FORMAT), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("DEVICE_TRANSFORM_MODE_PAGE_FORMAT_HELP")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP2), GetString ("DEVICE_TRANSFORM_MODE_PAGE_INPLACE_HELP")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + + CheckButton (GetDlgItem (hwndDlg, bInPlaceEncNonSys ? IDC_DEVICE_TRANSFORM_MODE_INPLACE : IDC_DEVICE_TRANSFORM_MODE_FORMAT)); + + NormalCursor(); + + break; + + case HIDDEN_VOL_HOST_PRE_CIPHER_PAGE: + { + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("HIDVOL_HOST_PRE_CIPHER_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bHiddenOS ? "HIDVOL_HOST_PRE_CIPHER_HELP_SYSENC" : "HIDVOL_HOST_PRE_CIPHER_HELP")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + + if (bHiddenOS) + { + if (!GetDevicePathForHiddenOS()) + AbortProcess ("INVALID_PATH"); + } + } + break; + + case HIDDEN_VOL_PRE_CIPHER_PAGE: + { + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("HIDVOL_PRE_CIPHER_TITLE")); + + if (bHiddenOS) + { + // Verify whether the clone of the OS fits in the hidden volume (the hidden + // volume is to host a hidden OS). + if (nMaximumHiddenVolSize - TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE_HIGH < GetSystemPartitionSize()) + { + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("HIDDEN_VOLUME_TOO_SMALL_FOR_OS_CLONE")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("EXIT")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + + bConfirmQuit = FALSE; + bConfirmQuitSysEncPretest = FALSE; + } + else + { + // The hidden volume must be as large as the system partition + nVolumeSize = GetSystemPartitionSize() + TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE_HIGH; + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("HIDDEN_OS_PRE_CIPHER_HELP")); + } + } + else + { + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("HIDVOL_PRE_CIPHER_HELP")); + } + } + break; + + case CIPHER_PAGE: + { + int ea, hid; + wchar_t buf[100]; + + // Encryption algorithms + + SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_RESETCONTENT, 0, 0); + + if (bHiddenVol) + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVolHost ? "CIPHER_HIDVOL_HOST_TITLE" : "CIPHER_HIDVOL_TITLE")); + else + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("CIPHER_TITLE")); + + for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea)) + { + if (EAIsFormatEnabled (ea)) + AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX), EAGetName (buf, ea, 1), ea); + } + + SelectAlgo (GetDlgItem (hwndDlg, IDC_COMBO_BOX), &nVolumeEA); + ComboSelChangeEA (hwndDlg); + SetFocus (GetDlgItem (hwndDlg, IDC_COMBO_BOX)); + + ToHyperlink (hwndDlg, IDC_LINK_MORE_INFO_ABOUT_CIPHER); + + // Hash algorithms + + if (SysEncInEffect ()) + { + hash_algo = DEFAULT_HASH_ALGORITHM_BOOT; + RandSetHashFunction (hash_algo); + + for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) + { + // For now, we keep RIPEMD160 for system encryption + if (((hid == RIPEMD160) || !HashIsDeprecated (hid)) && HashForSystemEncryption (hid)) + AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), HashGetName(hid), hid); + } + } + else + { + hash_algo = RandGetHashFunction(); + for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++) + { + if (!HashIsDeprecated (hid)) + AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), HashGetName(hid), hid); + } + } + + SelectAlgo (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), &hash_algo); + + ToHyperlink (hwndDlg, IDC_LINK_HASH_INFO); + + // Wizard buttons + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + } + break; + + case SIZE_PAGE: + { + wchar_t str[1000]; + + if (bHiddenVolHost) + { + StringCbCopyW (str, sizeof(str), GetString ("SIZE_HELP_HIDDEN_HOST_VOL")); + } + else + { + StringCbCopyW (str, sizeof(str), GetString (bHiddenVol ? "SIZE_HELP_HIDDEN_VOL" : "SIZE_HELP")); + } + + if (bDevice && !(bHiddenVol && !bHiddenVolHost)) // If raw device but not a hidden volume + { + StringCbPrintfW (str, sizeof str, L"%s%s", + GetString ((bHiddenOS && bHiddenVol) ? "SIZE_PARTITION_HIDDEN_SYSENC_HELP" : "SIZE_PARTITION_HELP"), + (bHiddenVolHost && !bHiddenOS) ? GetString ("SIZE_PARTITION_HIDDEN_VOL_HELP") : L""); + } + + SendMessage (GetDlgItem (hwndDlg, IDC_SPACE_LEFT), WM_SETFONT, (WPARAM) hBoldFont, (LPARAM) TRUE); + SendMessage (GetDlgItem (hwndDlg, IDC_SIZEBOX), EM_LIMITTEXT, 12, 0); + + if(!QueryFreeSpace (hwndDlg, GetDlgItem (hwndDlg, IDC_SPACE_LEFT), TRUE)) + { + nUIVolumeSize=0; + nVolumeSize=0; + SetWindowTextW (GetDlgItem (hwndDlg, IDC_SIZEBOX), GetString ("UNKNOWN")); + EnableWindow (GetDlgItem (hwndDlg, IDC_SIZEBOX), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_KB), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_MB), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_GB), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_TB), FALSE); + } + else if (bDevice && !(bHiddenVol && !bHiddenVolHost)) // If raw device but not a hidden volume + { + EnableWindow (GetDlgItem (hwndDlg, IDC_SIZEBOX), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_KB), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_MB), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_GB), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_TB), FALSE); + } + else + { + EnableWindow (GetDlgItem (hwndDlg, IDC_SIZEBOX), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_KB), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_MB), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_GB), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_TB), TRUE); + } + + SendMessage (GetDlgItem (hwndDlg, IDC_KB), BM_SETCHECK, BST_UNCHECKED, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_MB), BM_SETCHECK, BST_UNCHECKED, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_GB), BM_SETCHECK, BST_UNCHECKED, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_TB), BM_SETCHECK, BST_UNCHECKED, 0); + + switch (nMultiplier) + { + case BYTES_PER_KB: + SendMessage (GetDlgItem (hwndDlg, IDC_KB), BM_SETCHECK, BST_CHECKED, 0); + break; + case BYTES_PER_MB: + SendMessage (GetDlgItem (hwndDlg, IDC_MB), BM_SETCHECK, BST_CHECKED, 0); + break; + case BYTES_PER_GB: + SendMessage (GetDlgItem (hwndDlg, IDC_GB), BM_SETCHECK, BST_CHECKED, 0); + break; + case BYTES_PER_TB: + SendMessage (GetDlgItem (hwndDlg, IDC_TB), BM_SETCHECK, BST_CHECKED, 0); + break; + } + + if (nUIVolumeSize != 0) + { + wchar_t szTmp[32]; + StringCbPrintfW (szTmp, sizeof(szTmp), L"%I64u", nUIVolumeSize); + SetWindowText (GetDlgItem (hwndDlg, IDC_SIZEBOX), szTmp); + } + + SetFocus (GetDlgItem (hwndDlg, IDC_SIZEBOX)); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), str); + + if (bHiddenVol) + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVolHost ? "SIZE_HIDVOL_HOST_TITLE" : "SIZE_HIDVOL_TITLE")); + else + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SIZE_TITLE")); + + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + + VerifySizeAndUpdate (hwndDlg, FALSE); + } + break; + + case HIDDEN_VOL_HOST_PASSWORD_PAGE: + case NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE: + { + /* Populate the PRF algorithms list */ + int nIndex, i; + HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + + nIndex = (int) SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); + + for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) + { + nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); + } + + /* make autodetection the default */ + SendMessage (hComboBox, CB_SETCURSEL, 0, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT), EM_LIMITTEXT, MAX_PASSWORD, 0); + + SetPassword (hwndDlg, IDC_PASSWORD_DIRECT, szRawPassword); + + SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT)); + + SendMessage (GetDlgItem (hwndDlg, IDC_PIM), EM_LIMITTEXT, MAX_PIM, 0); + SetPim (hwndDlg, IDC_PIM, volumePim); + + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_ENABLE), PimEnable? SW_HIDE : SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), PimEnable? SW_SHOW : SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), PimEnable? SW_SHOW : SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), PimEnable? SW_SHOW : SW_HIDE); + + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bInPlaceEncNonSys ? (bInPlaceEncNonSysResumed ? "NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE_HELP" : "NONSYS_INPLACE_DEC_PASSWORD_PAGE_HELP") : "PASSWORD_HIDDENVOL_HOST_DIRECT_HELP")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bInPlaceEncNonSys ? "PASSWORD" : "PASSWORD_HIDVOL_HOST_TITLE")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), !bInPlaceEncNonSys); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + } + + break; + + case PASSWORD_PAGE: + { + wchar_t str[1000]; + + hPasswordInputField = GetDlgItem (hwndDlg, IDC_PASSWORD); + hVerifyPasswordInputField = GetDlgItem (hwndDlg, IDC_VERIFY); + + if (SysEncInEffect ()) + { + ToBootPwdField (hwndDlg, IDC_PASSWORD); + ToBootPwdField (hwndDlg, IDC_VERIFY); + + StringCbPrintfW (OrigKeyboardLayout, sizeof(OrigKeyboardLayout), L"%08X", (DWORD) GetKeyboardLayout (NULL) & 0xFFFF); + + if ((DWORD) GetKeyboardLayout (NULL) != 0x00000409 && (DWORD) GetKeyboardLayout (NULL) != 0x04090409) + { + DWORD keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); + + if (keybLayout != 0x00000409 && keybLayout != 0x04090409) + { + Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", MainDlg); + EndMainDlg (MainDlg); + return 1; + } + bKeyboardLayoutChanged = TRUE; + } + + + if (SetTimer (MainDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0) + { + Error ("CANNOT_SET_TIMER", MainDlg); + EndMainDlg (MainDlg); + return 1; + } + } + + if (bHiddenVolHost) + { + StringCbCopyW (str, sizeof(str), GetString (bHiddenOS ? "PASSWORD_SYSENC_OUTERVOL_HELP" : "PASSWORD_HIDDENVOL_HOST_HELP")); + } + else if (bHiddenVol) + { + StringCbPrintfW (str, sizeof str, L"%s%s", + GetString (bHiddenOS ? "PASSWORD_HIDDEN_OS_HELP" : "PASSWORD_HIDDENVOL_HELP"), + GetString ("PASSWORD_HELP")); + } + else + { + StringCbCopyW (str, sizeof(str), GetString ("PASSWORD_HELP")); + } + + SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_VERIFY), EM_LIMITTEXT, MAX_PASSWORD, 0); + + SetPassword (hwndDlg, IDC_PASSWORD, szRawPassword); + SetPassword (hwndDlg, IDC_VERIFY, szVerify); + + SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD)); + + SetCheckBox (hwndDlg, IDC_PIM_ENABLE, PimEnable); + + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable && !SysEncInEffect()); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), KeyFilesEnable); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), str); + + if (CreatingHiddenSysVol()) + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PASSWORD_HIDDEN_OS_TITLE")); + else if (bHiddenVol) + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVolHost ? "PASSWORD_HIDVOL_HOST_TITLE" : "PASSWORD_HIDVOL_TITLE")); + else if (WizardMode == WIZARD_MODE_SYS_DEVICE) + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PASSWORD")); + else + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PASSWORD_TITLE")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + + VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (GetParent (hwndDlg), IDC_NEXT), + GetDlgItem (hwndDlg, IDC_PASSWORD), + GetDlgItem (hwndDlg, IDC_VERIFY), + NULL, + NULL, + KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect()); + volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); + + } + break; + + case PIM_PAGE: + { + SendMessage (GetDlgItem (hwndDlg, IDC_PIM), EM_LIMITTEXT, SysEncInEffect()? MAX_BOOT_PIM: MAX_PIM, 0); + if (volumePim > 0) + { + SetPim (hwndDlg, IDC_PIM, volumePim); + + PimValueChangedWarning = TRUE; + SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, GetString (SysEncInEffect ()? "PIM_SYSENC_CHANGE_WARNING" : "PIM_CHANGE_WARNING")); + } + + SetFocus (GetDlgItem (hwndDlg, IDC_PIM)); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (SysEncInEffect ()? "PIM_SYSENC_HELP" : "PIM_HELP")); + + ToHyperlink (hwndDlg, IDC_LINK_PIM_INFO); + + if (CreatingHiddenSysVol()) + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PIM_HIDDEN_OS_TITLE")); + else if (bHiddenVol) + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVolHost ? "PIM_HIDVOL_HOST_TITLE" : "PIM_HIDVOL_TITLE")); + else if (WizardMode == WIZARD_MODE_SYS_DEVICE) + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PIM")); + else + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PIM_TITLE")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + } + break; + + case FILESYS_PAGE: + { + wchar_t szTmp[8192]; + + Init2RadButtonPageYesNo (nNeedToStoreFilesOver4GB); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("FILESYS_PAGE_TITLE")); + + StringCbCopyW (szTmp, sizeof(szTmp), GetString ("FILESYS_PAGE_HELP_QUESTION")); + + if (bHiddenVolHost) + StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); + else + { + StringCbCatW (szTmp, sizeof(szTmp), L"\n\n\n"); + StringCbCatW (szTmp, sizeof(szTmp), GetString ("NOTE_BEGINNING")); + } + + StringCbCatW (szTmp, sizeof(szTmp), GetString ("FILESYS_PAGE_HELP_EXPLANATION")); + + if (bHiddenVolHost) + { + StringCbCatW (szTmp, sizeof(szTmp), L" "); + StringCbCatW (szTmp, sizeof(szTmp), GetString ("FILESYS_PAGE_HELP_EXPLANATION_HIDVOL")); + } + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), szTmp); + } + break; + + case SYSENC_COLLECTING_RANDOM_DATA_PAGE: + case NONSYS_INPLACE_ENC_RAND_DATA_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("COLLECTING_RANDOM_DATA_TITLE")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + + mouseEntropyGathered = 0xFFFFFFFF; + mouseEventsInitialCount = 0; + bUseMask = FALSE; + { + HCRYPTPROV hRngProv; + if (CryptAcquireContext (&hRngProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) + { + if (CryptGenRandom (hRngProv, sizeof (maskRandPool), maskRandPool)) + bUseMask = TRUE; + CryptReleaseContext (hRngProv, 0); + } + } + + SetTimer (GetParent (hwndDlg), TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL); + + hRandPoolSys = GetDlgItem (hwndDlg, IDC_SYS_POOL_CONTENTS); + hEntropyBar = GetDlgItem (hwndDlg, IDC_ENTROPY_BAR); + SendMessage (hEntropyBar, PBM_SETRANGE32, 0, maxEntropyLevel); + SendMessage (hEntropyBar, PBM_SETSTEP, 1, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_SYS_POOL_CONTENTS), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); + + SendMessage (GetDlgItem (hwndDlg, IDC_DISPLAY_POOL_CONTENTS), BM_SETCHECK, showKeys ? BST_CHECKED : BST_UNCHECKED, 0); + + DisplayRandPool (hwndDlg, hRandPoolSys, showKeys); + + break; + + case SYSENC_KEYS_GEN_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("KEYS_GEN_TITLE")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + + hMasterKey = GetDlgItem (hwndDlg, IDC_DISK_KEY); + hHeaderKey = GetDlgItem (hwndDlg, IDC_HEADER_KEY); + + SendMessage (GetDlgItem (hwndDlg, IDC_DISK_KEY), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); + SendMessage (GetDlgItem (hwndDlg, IDC_HEADER_KEY), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); + + SendMessage (GetDlgItem (hwndDlg, IDC_DISPLAY_KEYS), BM_SETCHECK, showKeys ? BST_CHECKED : BST_UNCHECKED, 0); + + DisplayPortionsOfKeys (hHeaderKey, hMasterKey, HeaderKeyGUIView, MasterKeyGUIView, !showKeys); + + break; + + case SYSENC_RESCUE_DISK_CREATION_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("RESCUE_DISK")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (hwndDlg, IDT_RESCUE_DISK_INFO), GetString ("RESCUE_DISK_INFO")); + SetDlgItemText (hwndDlg, IDC_RESCUE_DISK_ISO_PATH, szRescueDiskISO); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), (GetWindowTextLength (GetDlgItem (hwndDlg, IDC_RESCUE_DISK_ISO_PATH)) > 1)); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + SetCheckBox (hCurPage, IDC_SKIP_RESCUE_VERIFICATION, bDontVerifyRescueDisk); + + break; + + case SYSENC_RESCUE_DISK_BURN_PAGE: + { + wchar_t szTmp[8192]; + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bDontVerifyRescueDisk ? "RESCUE_DISK_CREATED_TITLE" : "RESCUE_DISK_RECORDING_TITLE")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + + StringCbPrintfW (szTmp, sizeof szTmp, + GetString (bDontVerifyRescueDisk ? "RESCUE_DISK_BURN_INFO_NO_CHECK" : "RESCUE_DISK_BURN_INFO"), + szRescueDiskISO, IsWindowsIsoBurnerAvailable() ? L"" : GetString ("RESCUE_DISK_BURN_INFO_NONWIN_ISO_BURNER")); + + SetWindowTextW (GetDlgItem (hwndDlg, IDT_RESCUE_DISK_BURN_INFO), szTmp); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + + /* The 'Back' button must be disabled now because the user could burn a Rescue Disk, then go back, and + generate a different master key, which would cause the Rescue Disk verification to fail (the result + would be confusion and bug reports). */ + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + + if (IsWindowsIsoBurnerAvailable()) + SetWindowTextW (GetDlgItem (hwndDlg, IDC_DOWNLOAD_CD_BURN_SOFTWARE), GetString ("LAUNCH_WIN_ISOBURN")); + + ToHyperlink (hwndDlg, IDC_DOWNLOAD_CD_BURN_SOFTWARE); + + if (IsWindowsIsoBurnerAvailable() && !bDontVerifyRescueDisk) + LaunchWindowsIsoBurner (hwndDlg, szRescueDiskISO); + } + break; + + case SYSENC_RESCUE_DISK_VERIFIED_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("RESCUE_DISK_DISK_VERIFIED_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("RESCUE_DISK_VERIFIED_INFO")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + + // Rescue Disk has been verified, no need to go back + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + + // Prevent losing the burned rescue disk by inadvertent exit + bConfirmQuit = TRUE; + + break; + + case SYSENC_WIPE_MODE_PAGE: + case NONSYS_INPLACE_ENC_WIPE_MODE_PAGE: + { + if (nWipeMode == TC_WIPE_1_RAND) + nWipeMode = TC_WIPE_NONE; + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("WIPE_MODE_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDT_WIPE_MODE_INFO), GetString ("INPLACE_ENC_WIPE_MODE_INFO")); + + PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), + SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING && !bInPlaceEncNonSys, + TRUE, + FALSE); + + SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + } + break; + + case SYSENC_PRETEST_INFO_PAGE: + + if (bHiddenOS) + { + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("HIDDEN_OS_CREATION_PREINFO_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("HIDDEN_OS_CREATION_PREINFO_HELP")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("START")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + } + else + { + wchar_t finalMsg[8024] = {0}; + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYS_ENCRYPTION_PRETEST_TITLE")); + + try + { + StringCbPrintfW (finalMsg, sizeof(finalMsg), + GetString ("SYS_ENCRYPTION_PRETEST_INFO"), + BootEncObj->GetSystemDriveConfiguration().DriveNumber); + } + catch (Exception &e) + { + e.Show (hwndDlg); + EndMainDlg (MainDlg); + return 0; + } + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), finalMsg); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("TEST")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + } + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + + break; + + case SYSENC_PRETEST_RESULT_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYS_ENCRYPTION_PRETEST_RESULT_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYS_ENCRYPTION_PRETEST_RESULT_INFO")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("ENCRYPT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("DEFER")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); + + break; + + case SYSENC_ENCRYPTION_PAGE: + + if (CreateSysEncMutex ()) + { + try + { + BootEncStatus = BootEncObj->GetStatus(); + bSystemEncryptionInProgress = BootEncStatus.SetupInProgress; + } + catch (Exception &e) + { + e.Show (hwndDlg); + Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); + EndMainDlg (MainDlg); + return 0; + } + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), + GetString (SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING ? "ENCRYPTION" : "DECRYPTION")); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_ENCRYPTION_PAGE_INFO")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("DEFER")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), + GetString (SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING ? "ENCRYPT" : "DECRYPT")); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_PAUSE), + GetString (bSystemEncryptionInProgress ? "IDC_PAUSE" : "RESUME")); + + EnableWindow (GetDlgItem (hwndDlg, IDC_PAUSE), BootEncStatus.DriveEncrypted); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), !BootEncStatus.SetupInProgress); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE); + + ToHyperlink (hwndDlg, IDC_MORE_INFO_SYS_ENCRYPTION); + + if (SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING) + { + nWipeMode = TC_WIPE_NONE; + EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDT_WIPE_MODE), FALSE); + PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), TRUE, TRUE, FALSE); + SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode); + } + else + { + EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_MODE), !bSystemEncryptionInProgress); + PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, TRUE, FALSE); + SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode); + } + + PostMessage (hwndDlg, TC_APPMSG_PERFORM_POST_SYSENC_WMINIT_TASKS, 0, 0); + } + else + { + Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg); + EndMainDlg (MainDlg); + return 0; + } + return 0; + + case NONSYS_INPLACE_ENC_RESUME_PARTITION_SEL_PAGE: + + { + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("FILE_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("NONSYS_INPLACE_ENC_RESUME_VOL_SELECT_HELP")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); + + foreach (const HostDevice &device, DeferredNonSysInPlaceEncDevices) + { + SendMessage (GetDlgItem (hwndDlg, IDC_LIST_BOX), LB_ADDSTRING, 0, (LPARAM) device.Path.c_str()); + } + + // Deselect all + SendMessage (GetDlgItem (hwndDlg, IDC_LIST_BOX), LB_SETCURSEL, (WPARAM) -1, 0); + } + + break; + + case NONSYS_INPLACE_ENC_TRANSFORM_PAGE: + + if (bInPlaceEncNonSysResumed) + { + WipeAlgorithmId savedWipeAlgorithm = TC_WIPE_NONE; + + if (LoadNonSysInPlaceEncSettings (&savedWipeAlgorithm) != 0) + nWipeMode = savedWipeAlgorithm; + } + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bInPlaceDecNonSys ? "DECRYPTION" : "ENCRYPTION")); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bInPlaceDecNonSys ? "NONSYS_INPLACE_DEC_DECRYPTION_PAGE_INFO" : "NONSYS_INPLACE_ENC_ENCRYPTION_PAGE_INFO")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString (bInPlaceEncNonSysResumed ? "DEFER" : "CANCEL")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString (bInPlaceEncNonSysResumed ? "RESUME" : (bInPlaceDecNonSys ? "DECRYPT" : "ENCRYPT"))); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_PAUSE), GetString ("IDC_PAUSE")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), !bInPlaceEncNonSysResumed && !bInPlaceDecNonSys); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PAUSE), FALSE); + + ShowWindow (GetDlgItem (hwndDlg, IDC_MORE_INFO_SYS_ENCRYPTION), SW_HIDE); + + if (bInPlaceDecNonSys) + { + ShowWindow(GetDlgItem(hwndDlg, IDT_FORMAT_OPTIONS), SW_HIDE); + ShowWindow(GetDlgItem(hwndDlg, IDT_WIPE_MODE), SW_HIDE); + ShowWindow(GetDlgItem(hwndDlg, IDC_WIPE_MODE), SW_HIDE); + } + else + { + EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_MODE), TRUE); + PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, TRUE, FALSE); + SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode); + } + + break; + + case NONSYS_INPLACE_ENC_TRANSFORM_FINISHED_PAGE: + + bConfirmQuit = FALSE; + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bInPlaceDecNonSys ? "NONSYS_INPLACE_DEC_FINISHED_TITLE" : "NONSYS_INPLACE_ENC_FINISHED_TITLE")); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bInPlaceDecNonSys ? "NONSYS_INPLACE_DEC_FINISHED_INFO" : "NONSYS_INPLACE_ENC_FINISHED_INFO")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("FINALIZE")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("EXIT")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), FALSE); + + break; + + case NONSYS_INPLACE_DEC_TRANSFORM_FINISHED_DRIVE_LETTER_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("NONSYS_INPLACE_DEC_FINISHED_TITLE")); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("NONSYS_INPLACE_DEC_FINISHED_DRIVE_LETTER_SEL_INFO")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("FINALIZE")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); + + // The Cancel button and the X button must be disabled to prevent the user from forgetting to assign a drive letter to the partition by closing + // the window accidentally or clicking Cancel. The user is forced to click Finish to assign at least the pre-selected free drive letter. + // This is critical because inexperienced users would not know how to access data on the decrypted volume without a drive letter. + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), FALSE); + DisableCloseButton (MainDlg); + bConfirmQuit = TRUE; // Alt-F4 will still work but the user will be prompted to confirm the action. + + // Decryption of non-system volume finished, no drive letter is assigned to the decrypted volume, and free drive letters are available. + // This is critical because inexperienced users would not know how to access data on the decrypted volume. We cannot allow exit + // until a drive letter is freed up and assigned to the decrypted volume. + + while (GetFirstAvailableDrive () == -1) + { + Error ("NONSYS_INPLACE_DEC_FINISHED_NO_DRIVE_LETTER_AVAILABLE", hwndDlg); + } + + // Populate the combobox with free drive letters + { + DWORD dwUsedDrives = GetUsedLogicalDrives(); + wchar_t szDriveLetter[] = {L' ', L':', 0 }; + int i; + + for (i = 0; i < 26; i++) + { + if (!(dwUsedDrives & 1 << i)) + { + // Add + szDriveLetter [0] = (wchar_t) (i + L'A'); + AddComboPair (GetDlgItem (hCurPage, IDC_DRIVE_LETTER_LIST), szDriveLetter, i); + } + } + } + SendMessage (GetDlgItem (hwndDlg, IDC_DRIVE_LETTER_LIST), CB_SETCURSEL, 0, 0); + break; + + case FORMAT_PAGE: + { + BOOL bNTFSallowed = FALSE; + BOOL bFATallowed = FALSE; + BOOL bEXFATallowed = FALSE; + BOOL bNoFSallowed = FALSE; + HCRYPTPROV hRngProv; + + mouseEntropyGathered = 0xFFFFFFFF; + mouseEventsInitialCount = 0; + bUseMask = FALSE; + if (CryptAcquireContext (&hRngProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) + { + if (CryptGenRandom (hRngProv, sizeof (maskRandPool), maskRandPool)) + bUseMask = TRUE; + CryptReleaseContext (hRngProv, 0); + } + + SetTimer (GetParent (hwndDlg), TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL); + + hMasterKey = GetDlgItem (hwndDlg, IDC_DISK_KEY); + hHeaderKey = GetDlgItem (hwndDlg, IDC_HEADER_KEY); + hRandPool = GetDlgItem (hwndDlg, IDC_RANDOM_BYTES); + hEntropyBar = GetDlgItem (hwndDlg, IDC_ENTROPY_BAR); + SendMessage (hEntropyBar, PBM_SETRANGE32, 0, maxEntropyLevel); + SendMessage (hEntropyBar, PBM_SETSTEP, 1, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_RANDOM_BYTES), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); + SendMessage (GetDlgItem (hwndDlg, IDC_DISK_KEY), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); + SendMessage (GetDlgItem (hwndDlg, IDC_HEADER_KEY), WM_SETFONT, (WPARAM) hFixedDigitFont, (LPARAM) TRUE); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), + GetString (bHiddenVolHost ? "FORMAT_HIDVOL_HOST_HELP" : "FORMAT_HELP")); + + if (bHiddenVol) + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVolHost ? "FORMAT_HIDVOL_HOST_TITLE" : "FORMAT_HIDVOL_TITLE")); + else + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("FORMAT_TITLE")); + + /* Quick/Dynamic */ + + if (bHiddenVol) + { + quickFormat = !bHiddenVolHost; + bSparseFileSwitch = FALSE; + + SetCheckBox (hwndDlg, IDC_QUICKFORMAT, quickFormat); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_QUICKFORMAT), GetString ((bDevice || !bHiddenVolHost) ? "IDC_QUICKFORMAT" : "SPARSE_FILE")); + EnableWindow (GetDlgItem (hwndDlg, IDC_QUICKFORMAT), bDevice && bHiddenVolHost); + } + else + { + if (bDevice) + { + bSparseFileSwitch = FALSE; + SetWindowTextW (GetDlgItem (hwndDlg, IDC_QUICKFORMAT), GetString("IDC_QUICKFORMAT")); + EnableWindow (GetDlgItem (hwndDlg, IDC_QUICKFORMAT), TRUE); + } + else + { + wchar_t root[TC_MAX_PATH]; + DWORD fileSystemFlags = 0; + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_QUICKFORMAT), GetString("SPARSE_FILE")); + + /* Check if the host file system supports sparse files */ + + if (GetVolumePathName (szFileName, root, array_capacity (root))) + { + GetVolumeInformation (root, NULL, 0, NULL, NULL, &fileSystemFlags, NULL, 0); + bSparseFileSwitch = fileSystemFlags & FILE_SUPPORTS_SPARSE_FILES; + } + else + bSparseFileSwitch = FALSE; + + EnableWindow (GetDlgItem (hwndDlg, IDC_QUICKFORMAT), bSparseFileSwitch); + } + } + + SendMessage (GetDlgItem (hwndDlg, IDC_SHOW_KEYS), BM_SETCHECK, showKeys ? BST_CHECKED : BST_UNCHECKED, 0); + SetWindowText (GetDlgItem (hwndDlg, IDC_RANDOM_BYTES), showKeys ? L"" : L"******************************** "); + SetWindowText (GetDlgItem (hwndDlg, IDC_HEADER_KEY), showKeys ? L"" : L"******************************** "); + SetWindowText (GetDlgItem (hwndDlg, IDC_DISK_KEY), showKeys ? L"" : L"******************************** "); + + SendMessage (GetDlgItem (hwndDlg, IDC_CLUSTERSIZE), CB_RESETCONTENT, 0, 0); + AddComboPair (GetDlgItem (hwndDlg, IDC_CLUSTERSIZE), GetString ("DEFAULT"), 0); + + for (int i = 1; i <= 128; i *= 2) + { + wstringstream s; + DWORD size = GetFormatSectorSize() * i; + + if (size > TC_MAX_FAT_CLUSTER_SIZE) + break; + + if (size == 512) + s << L"0.5"; + else + s << size / BYTES_PER_KB; + + s << L" " << GetString ("KB"); + + AddComboPair (GetDlgItem (hwndDlg, IDC_CLUSTERSIZE), s.str().c_str(), i); + } + + SendMessage (GetDlgItem (hwndDlg, IDC_CLUSTERSIZE), CB_SETCURSEL, 0, 0); + + EnableWindow (GetDlgItem (hwndDlg, IDC_CLUSTERSIZE), TRUE); + + /* Filesystems */ + + bNTFSallowed = FALSE; + bFATallowed = FALSE; + bNoFSallowed = FALSE; + + SendMessage (GetDlgItem (hwndDlg, IDC_FILESYS), CB_RESETCONTENT, 0, 0); + + EnableWindow (GetDlgItem (hwndDlg, IDC_FILESYS), TRUE); + + uint64 dataAreaSize = GetVolumeDataAreaSize (bHiddenVol && !bHiddenVolHost, nVolumeSize); + + if (!CreatingHiddenSysVol()) + { + if (dataAreaSize >= TC_MIN_NTFS_FS_SIZE && dataAreaSize <= TC_MAX_NTFS_FS_SIZE) + { + AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), L"NTFS", FILESYS_NTFS); + bNTFSallowed = TRUE; + } + + if (dataAreaSize >= TC_MIN_FAT_FS_SIZE && dataAreaSize <= TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize()) + { + AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), L"FAT", FILESYS_FAT); + bFATallowed = TRUE; + } + + //exFAT support added starting from Vista SP1 + if (IsOSVersionAtLeast (WIN_VISTA, 1) && dataAreaSize >= TC_MIN_EXFAT_FS_SIZE && dataAreaSize <= TC_MAX_EXFAT_FS_SIZE) + { + AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), L"exFAT", FILESYS_EXFAT); + bEXFATallowed = TRUE; + } + } + else + { + // We're creating a hidden volume for a hidden OS, so we don't need to format it with + // any filesystem (the entire OS will be copied to the hidden volume sector by sector). + EnableWindow (GetDlgItem (hwndDlg, IDC_FILESYS), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_CLUSTERSIZE), FALSE); + } + + if (!bHiddenVolHost) + { + AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), GetString ("NONE"), FILESYS_NONE); + bNoFSallowed = TRUE; + } + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + + if (fileSystem == FILESYS_NONE) // If no file system has been previously selected + { + // Set default file system + + if (bFATallowed && !(nNeedToStoreFilesOver4GB == 1 && (bNTFSallowed || bEXFATallowed))) + fileSystem = FILESYS_FAT; + else if (bEXFATallowed) + fileSystem = FILESYS_EXFAT; + else if (bNTFSallowed) + fileSystem = FILESYS_NTFS; + else if (bNoFSallowed) + fileSystem = FILESYS_NONE; + else + { + AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), L"---", 0); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); + } + } + + SendMessage (GetDlgItem (hwndDlg, IDC_FILESYS), CB_SETCURSEL, 0, 0); + SelectAlgo (GetDlgItem (hwndDlg, IDC_FILESYS), (int *) &fileSystem); + + EnableWindow (GetDlgItem (hwndDlg, IDC_ABORT_BUTTON), FALSE); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("FORMAT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + + SetFocus (GetDlgItem (GetParent (hwndDlg), IDC_NEXT)); + } + break; + + case FORMAT_FINISHED_PAGE: + { + if (!bHiddenVolHost && bHiddenVol && !bHiddenVolFinished) + { + wchar_t msg[4096]; + + nNeedToStoreFilesOver4GB = -1; + + if (bHiddenOS) + { + wchar_t szMaxRecomOuterVolFillSize[100]; + + __int64 maxRecomOuterVolFillSize = 0; + + // Determine the maximum recommended total size of files that can be copied to the outer volume + // while leaving enough space for the hidden volume, which must contain a clone of the OS + + maxRecomOuterVolFillSize = nVolumeSize - GetSystemPartitionSize(); + + // -50% reserve for filesystem "peculiarities" + maxRecomOuterVolFillSize /= 2; + + StringCbPrintfW (szMaxRecomOuterVolFillSize, sizeof(szMaxRecomOuterVolFillSize), L"%I64d %s", maxRecomOuterVolFillSize / BYTES_PER_MB, GetString ("MB")); + + StringCbPrintfW (msg, sizeof(msg), GetString ("HIDVOL_HOST_FILLING_HELP_SYSENC"), hiddenVolHostDriveNo + 'A', szMaxRecomOuterVolFillSize); + } + else + StringCbPrintfW (msg, sizeof(msg), GetString ("HIDVOL_HOST_FILLING_HELP"), hiddenVolHostDriveNo + 'A'); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), msg); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("HIDVOL_HOST_FILLING_TITLE")); + } + else + { + if (bHiddenOS) + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_HIDDEN_VOL_FORMAT_FINISHED_HELP")); + else + { + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bInPlaceEncNonSys ? "NONSYS_INPLACE_ENC_FINISHED_INFO" : "FORMAT_FINISHED_HELP")); + bConfirmQuit = FALSE; + } + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVol ? "HIDVOL_FORMAT_FINISHED_TITLE" : "FORMAT_FINISHED_TITLE")); + } + + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), (!bHiddenVol || bHiddenVolFinished) && !bHiddenOS && !bInPlaceEncNonSys); + + if ((!bHiddenVol || bHiddenVolFinished) && !bHiddenOS) + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("EXIT")); + } + break; + + case SYSENC_HIDDEN_OS_INITIAL_INFO_PAGE: + + if (!IsHiddenOSRunning() || !bHiddenOS) + { + ReportUnexpectedState (SRC_POS); + EndMainDlg (MainDlg); + return 0; + } + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_HIDDEN_OS_INITIAL_INFO_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("FIRST_HIDDEN_OS_BOOT_INFO")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("DEFER")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); + break; + + case SYSENC_HIDDEN_OS_WIPE_INFO_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_HIDDEN_OS_WIPE_INFO_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_HIDDEN_OS_WIPE_INFO")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + + break; + + case DEVICE_WIPE_MODE_PAGE: + + if (nWipeMode == TC_WIPE_NONE) + nWipeMode = TC_WIPE_1_RAND; + + if (bHiddenOS && IsHiddenOSRunning()) + { + // Decoy system partition wipe + + WipeAbort(); // In case the GUI previously crashed and the driver is still wiping + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); + } + else + { + // Regular device wipe (not decoy system partition wipe) + + // Title bar + SetWindowText (MainDlg, _T(TC_APP_NAME)); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + } + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("WIPE_MODE_TITLE")); + SetWindowTextW (GetDlgItem (hwndDlg, IDT_WIPE_MODE_INFO), GetString ("WIPE_MODE_INFO")); + + PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, FALSE, TRUE); + + SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); + + break; + + case DEVICE_WIPE_PAGE: + + if (bHiddenOS && IsHiddenOSRunning()) + { + // Decoy system partition wipe + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("DEVICE_WIPE_PAGE_INFO_HIDDEN_OS")); + } + else + { + // Regular device wipe (not decoy system partition wipe) + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("DEVICE_WIPE_PAGE_INFO")); + } + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("DEVICE_WIPE_PAGE_TITLE")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("WIPE")); + SetWindowTextW (GetDlgItem (hCurPage, IDC_WIPE_MODE), (wstring (L" ") + GetWipeModeName (nWipeMode)).c_str()); + + EnableWindow (GetDlgItem (hwndDlg, IDC_ABORT_BUTTON), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + + break; + } + return 0; + + case WM_HELP: + OpenPageHelp (GetParent (hwndDlg), nCurPageNo); + return 1; + + case TC_APPMSG_PERFORM_POST_SYSENC_WMINIT_TASKS: + AfterSysEncProgressWMInitTasks (hwndDlg); + return 1; + + case WM_CTLCOLORSTATIC: + { + if (PimValueChangedWarning && ((HWND)lParam == GetDlgItem(hwndDlg, IDC_PIM_HELP)) ) + { + // we're about to draw the static + // set the text colour in (HDC)lParam + SetBkMode((HDC)wParam,TRANSPARENT); + SetTextColor((HDC)wParam, RGB(255,0,0)); + // NOTE: per documentation as pointed out by selbie, GetSolidBrush would leak a GDI handle. + return (BOOL)GetSysColorBrush(COLOR_MENU); + } + } + return 0; + + case WM_COMMAND: + + if (nCurPageNo == INTRO_PAGE) + { + switch (lw) + { + case IDC_FILE_CONTAINER: + UpdateWizardModeControls (hwndDlg, WIZARD_MODE_FILE_CONTAINER); + return 1; + + case IDC_NONSYS_DEVICE: + UpdateWizardModeControls (hwndDlg, WIZARD_MODE_NONSYS_DEVICE); + return 1; + + case IDC_SYS_DEVICE: + UpdateWizardModeControls (hwndDlg, WIZARD_MODE_SYS_DEVICE); + return 1; + + case IDC_MORE_INFO_ON_CONTAINERS: + Applink ("introcontainer", TRUE, ""); + return 1; + + case IDC_MORE_INFO_ON_SYS_ENCRYPTION: + Applink ("introsysenc", TRUE, ""); + return 1; + } + } + + if (nCurPageNo == SYSENC_TYPE_PAGE) + { + switch (lw) + { + case IDC_SYSENC_HIDDEN: + bHiddenOS = TRUE; + bHiddenVol = TRUE; + bHiddenVolHost = TRUE; + return 1; + + case IDC_SYSENC_NORMAL: + bHiddenOS = FALSE; + bHiddenVol = FALSE; + bHiddenVolHost = FALSE; + return 1; + + case IDC_HIDDEN_SYSENC_INFO_LINK: + Applink ("hiddensysenc", TRUE, ""); + return 1; + } + } + + if (nCurPageNo == SYSENC_HIDDEN_OS_REQ_CHECK_PAGE && lw == IDC_HIDDEN_SYSENC_INFO_LINK) + { + Applink ("hiddensysenc", TRUE, ""); + return 1; + } + + if (nCurPageNo == SYSENC_SPAN_PAGE) + { + switch (lw) + { + case IDC_WHOLE_SYS_DRIVE: + bWholeSysDrive = TRUE; + return 1; + case IDC_SYS_PARTITION: + bWholeSysDrive = FALSE; + return 1; + } + + } + + if (nCurPageNo == SYSENC_MULTI_BOOT_MODE_PAGE) + { + switch (lw) + { + case IDC_SINGLE_BOOT: + nMultiBoot = 1; + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + return 1; + case IDC_MULTI_BOOT: + nMultiBoot = 2; + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + return 1; + } + } + + // Dual choice pages + switch (nCurPageNo) + { + case SYSENC_MULTI_BOOT_SYS_EQ_BOOT_PAGE: + case SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_PAGE: + case SYSENC_MULTI_BOOT_ADJACENT_SYS_PAGE: + case SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE: + case SYSENC_PRE_DRIVE_ANALYSIS_PAGE: + + if (lw == IDC_CHOICE1 || lw == IDC_CHOICE2) + { + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + return 1; + } + break; + } + + if (nCurPageNo == FILESYS_PAGE && (lw == IDC_CHOICE1 || lw == IDC_CHOICE2)) + { + if (bWarnOuterVolSuitableFileSys && lw == IDC_CHOICE1 && bHiddenVolHost) + { + wchar_t szTmp [4096]; + + bWarnOuterVolSuitableFileSys = FALSE; // Do not show this warning anymore (this also prevents potential endless repetition due to some race conditions) + + StringCbCopyW (szTmp, sizeof(szTmp), GetString ("FILESYS_PAGE_HELP_EXPLANATION_HIDVOL")); + StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); + StringCbCatW (szTmp, sizeof(szTmp), GetString ("FILESYS_PAGE_HELP_EXPLANATION_HIDVOL_CONFIRM")); + + if (MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING | MB_YESNO | MB_DEFBUTTON2) == IDNO) + { + nNeedToStoreFilesOver4GB = 0; + Init2RadButtonPageYesNo (nNeedToStoreFilesOver4GB); + } + } + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + return 1; + } + + if (lw == IDC_HIDDEN_VOL && nCurPageNo == VOLUME_TYPE_PAGE) + { + bHiddenVol = TRUE; + bHiddenVolHost = TRUE; + bInPlaceEncNonSys = FALSE; + return 1; + } + + if (lw == IDC_STD_VOL && nCurPageNo == VOLUME_TYPE_PAGE) + { + bHiddenVol = FALSE; + bHiddenVolHost = FALSE; + return 1; + } + + if (nCurPageNo == SYSENC_ENCRYPTION_PAGE) + { + BootEncryptionStatus locBootEncStatus; + + switch (lw) + { + case IDC_PAUSE: + try + { + locBootEncStatus = BootEncObj->GetStatus(); + + if (locBootEncStatus.SetupInProgress) + SysEncPause (); + else + SysEncResume (); + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + return 1; + + case IDC_WIPE_MODE: + if (hw == CBN_SELCHANGE) + { + nWipeMode = (WipeAlgorithmId) SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE), + CB_GETITEMDATA, + SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0), + 0); + + return 1; + } + break; + + case IDC_MORE_INFO_SYS_ENCRYPTION: + Applink ("sysencprogressinfo", TRUE, ""); + return 1; + } + } + + if (bInPlaceEncNonSys) + { + switch (nCurPageNo) + { + case NONSYS_INPLACE_ENC_RESUME_PARTITION_SEL_PAGE: + + if (lw == IDC_LIST_BOX + && (hw == LBN_SELCHANGE || hw == LBN_DBLCLK)) + { + BOOL tmpbDevice = FALSE; + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); + + int selPartitionItemId = (int) SendMessage (GetDlgItem (hwndDlg, IDC_LIST_BOX), LB_GETCURSEL, 0, 0); + + if (selPartitionItemId == LB_ERR) + { + // Deselect all + SendMessage (GetDlgItem (hwndDlg, IDC_LIST_BOX), LB_SETCURSEL, (WPARAM) -1, 0); + + SetFocus (GetDlgItem (MainDlg, IDC_NEXT)); + return 1; + } + + SetFocus (GetDlgItem (MainDlg, IDC_NEXT)); + + StringCbCopyW (szFileName, sizeof(szFileName), DeferredNonSysInPlaceEncDevices [selPartitionItemId].Path.c_str()); + CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szFileName, &tmpbDevice); + + nVolumeSize = GetDeviceSize (szDiskFile); + if (nVolumeSize == -1) + { + handleWin32Error (MainDlg, SRC_POS); + return 1; + } + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + + return 1; + } + break; + + case NONSYS_INPLACE_ENC_TRANSFORM_PAGE: + { + switch (lw) + { + case IDC_PAUSE: + + // Pause/resume non-system in-place encryption + + if (bVolTransformThreadRunning || bVolTransformThreadToRun) + { + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), FALSE); + NonSysInplaceEncPause (); + } + else + NonSysInplaceEncResume (); + + return 1; + + case IDC_WIPE_MODE: + if (hw == CBN_SELCHANGE) + { + nWipeMode = (WipeAlgorithmId) SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE), + CB_GETITEMDATA, + SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0), + 0); + + return 1; + } + break; + } + } + break; + } + } + + + if (lw == IDC_OPEN_OUTER_VOLUME && nCurPageNo == FORMAT_FINISHED_PAGE) + { + OpenVolumeExplorerWindow (hiddenVolHostDriveNo); + return 1; + } + + if (lw == IDC_HIDDEN_VOL_HELP && nCurPageNo == VOLUME_TYPE_PAGE) + { + Applink ("hiddenvolume", TRUE, ""); + return 1; + } + + if (lw == IDC_ABORT_BUTTON && nCurPageNo == FORMAT_PAGE) + { + if (MessageBoxW (hwndDlg, GetString ("FORMAT_ABORT"), lpszTitle, MB_YESNO | MB_ICONQUESTION | MB_DEFBUTTON2 ) == IDYES) + bVolTransformThreadCancel = TRUE; + return 1; + } + + if (lw == IDC_CIPHER_TEST && nCurPageNo == CIPHER_PAGE) + { + LPARAM nIndex; + int c; + + nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0); + nVolumeEA = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0); + + for (c = EAGetLastCipher (nVolumeEA); c != 0; c = EAGetPreviousCipher (nVolumeEA, c)) + { + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_CIPHER_TEST_DLG), + GetParent (hwndDlg), (DLGPROC) CipherTestDialogProc, (LPARAM) c); + } + return 1; + } + + if (lw == IDC_BENCHMARK && nCurPageNo == CIPHER_PAGE) + { + // Reduce CPU load + bFastPollEnabled = FALSE; + bRandmixEnabled = FALSE; + + DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_BENCHMARK_DLG), hwndDlg, + (DLGPROC) BenchmarkDlgProc, (LPARAM) NULL); + + bFastPollEnabled = TRUE; + bRandmixEnabled = TRUE; + + return 1; + } + + if (lw == IDC_LINK_MORE_INFO_ABOUT_CIPHER && nCurPageNo == CIPHER_PAGE) + { + wchar_t name[100]; + + int nIndex = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0); + nIndex = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0); + EAGetName (name, nIndex, 0); + + if (wcscmp (name, L"AES") == 0) + Applink ("aes", FALSE, ""); + else if (wcscmp (name, L"Serpent") == 0) + Applink ("serpent", FALSE, ""); + else if (wcscmp (name, L"Twofish") == 0) + Applink ("twofish", FALSE, ""); + else if (EAGetCipherCount (nIndex) > 1) + Applink ("cascades", TRUE, ""); + + return 1; + } + + if (lw == IDC_LINK_HASH_INFO && nCurPageNo == CIPHER_PAGE) + { + Applink ("hashalgorithms", TRUE, ""); + return 1; + } + + if (lw == IDC_LINK_PIM_INFO && nCurPageNo == PIM_PAGE) + { + Applink ("pim", TRUE, ""); + return 1; + } + + if (hw == CBN_EDITCHANGE && nCurPageNo == VOLUME_LOCATION_PAGE) + { + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), + GetWindowTextLength (GetDlgItem (hCurPage, IDC_COMBO_BOX)) > 0); + + bDeviceTransformModeChoiceMade = FALSE; + bInPlaceEncNonSys = FALSE; + + return 1; + } + + if (hw == CBN_SELCHANGE && nCurPageNo == VOLUME_LOCATION_PAGE) + { + LPARAM nIndex; + + nIndex = MoveEditToCombo ((HWND) lParam, bHistory); + nIndex = UpdateComboOrder (GetDlgItem (hwndDlg, IDC_COMBO_BOX)); + + if (nIndex != CB_ERR) + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + else + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); + + bDeviceTransformModeChoiceMade = FALSE; + bInPlaceEncNonSys = FALSE; + + return 1; + } + + if (hw == EN_CHANGE && nCurPageNo == SIZE_PAGE) + { + VerifySizeAndUpdate (hwndDlg, FALSE); + return 1; + } + + if (hw == EN_CHANGE && nCurPageNo == PASSWORD_PAGE) + { + VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (GetParent (hwndDlg), IDC_NEXT), + GetDlgItem (hwndDlg, IDC_PASSWORD), + GetDlgItem (hwndDlg, IDC_VERIFY), + NULL, + NULL, + KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect()); + volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); + + return 1; + } + + if (hw == EN_CHANGE && nCurPageNo == PIM_PAGE) + { + if (lw == IDC_PIM) + { + if(GetPim (hwndDlg, IDC_PIM) != 0) + { + PimValueChangedWarning = TRUE; + SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, GetString (SysEncInEffect ()? "PIM_SYSENC_CHANGE_WARNING" : "PIM_CHANGE_WARNING")); + } + else + { + PimValueChangedWarning = FALSE; + SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, (wchar_t *) GetDictionaryValueByInt (IDC_PIM_HELP)); + } + } + + return 1; + } + + if (lw == IDC_SHOW_PASSWORD && nCurPageNo == PASSWORD_PAGE) + { + HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD, IDC_PASSWORD, IDC_VERIFY); + return 1; + } + + if (lw == IDC_SHOW_PIM && nCurPageNo == PIM_PAGE) + { + HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PIM, IDC_PIM, 0); + return 1; + } + + if (lw == IDC_PIM_ENABLE) + { + PimEnable = GetCheckBox (hwndDlg, IDC_PIM_ENABLE); + if (!PimEnable) + volumePim = 0; + if (nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE + || nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE + ) + { + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_ENABLE), PimEnable? SW_HIDE : SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), PimEnable? SW_SHOW : SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), PimEnable? SW_SHOW : SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), PimEnable? SW_SHOW : SW_HIDE); + if (PimEnable) + { + SetFocus (GetDlgItem (hwndDlg, IDC_PIM)); + } + } + return 1; + } + + if (nCurPageNo == PASSWORD_PAGE + || nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE + || nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) + { + if (lw == IDC_KEY_FILES) + { + if (SysEncInEffect()) + { + Warning ("KEYFILES_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", MainDlg); + return 1; + } + + KeyFilesDlgParam param; + param.EnableKeyFiles = KeyFilesEnable; + param.FirstKeyFile = FirstKeyFile; + + if (IDOK == DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, + (DLGPROC) KeyFilesDlgProc, (LPARAM) ¶m)) + { + KeyFilesEnable = param.EnableKeyFiles; + FirstKeyFile = param.FirstKeyFile; + + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); + + if (nCurPageNo != HIDDEN_VOL_HOST_PASSWORD_PAGE && nCurPageNo != NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) + EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), KeyFilesEnable); + + if (nCurPageNo != HIDDEN_VOL_HOST_PASSWORD_PAGE && nCurPageNo != NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) + { + VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (GetParent (hwndDlg), IDC_NEXT), + GetDlgItem (hCurPage, IDC_PASSWORD), + GetDlgItem (hCurPage, IDC_VERIFY), + volumePassword.Text, szVerify, KeyFilesEnable && FirstKeyFile!=NULL); + } + } + + return 1; + } + + if (lw == IDC_KEYFILES_ENABLE) + { + KeyFilesEnable = GetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE); + + if (nCurPageNo != HIDDEN_VOL_HOST_PASSWORD_PAGE && nCurPageNo != NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) + { + EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), KeyFilesEnable); + + VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (GetParent (hwndDlg), IDC_NEXT), + GetDlgItem (hCurPage, IDC_PASSWORD), + GetDlgItem (hCurPage, IDC_VERIFY), + volumePassword.Text, szVerify, KeyFilesEnable && FirstKeyFile!=NULL); + } + + return 1; + } + } + + if (nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE + || nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) + { + if (hw == EN_CHANGE) + { + GetPassword (hCurPage, IDC_PASSWORD_DIRECT, (char*) volumePassword.Text, MAX_PASSWORD + 1, FALSE); + volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); + return 1; + } + + if (lw == IDC_SHOW_PASSWORD_SINGLE) + { + HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD_SINGLE, IDC_PASSWORD_DIRECT, IDC_PIM); + return 1; + } + } + + if ((lw == IDC_KB || lw == IDC_MB || lw == IDC_GB || lw == IDC_TB) && nCurPageNo == SIZE_PAGE) + { + SendMessage (GetDlgItem (hwndDlg, IDC_KB), BM_SETCHECK, BST_UNCHECKED, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_MB), BM_SETCHECK, BST_UNCHECKED, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_GB), BM_SETCHECK, BST_UNCHECKED, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_TB), BM_SETCHECK, BST_UNCHECKED, 0); + + switch (lw) + { + case IDC_KB: + SendMessage (GetDlgItem (hwndDlg, IDC_KB), BM_SETCHECK, BST_CHECKED, 0); + break; + case IDC_MB: + SendMessage (GetDlgItem (hwndDlg, IDC_MB), BM_SETCHECK, BST_CHECKED, 0); + break; + case IDC_GB: + SendMessage (GetDlgItem (hwndDlg, IDC_GB), BM_SETCHECK, BST_CHECKED, 0); + break; + case IDC_TB: + SendMessage (GetDlgItem (hwndDlg, IDC_TB), BM_SETCHECK, BST_CHECKED, 0); + break; + } + + VerifySizeAndUpdate (hwndDlg, FALSE); + return 1; + } + + if (lw == IDC_HIDVOL_WIZ_MODE_DIRECT && nCurPageNo == HIDDEN_VOL_WIZARD_MODE_PAGE) + { + bHiddenVolDirect = TRUE; + return 1; + } + + if (lw == IDC_HIDVOL_WIZ_MODE_FULL && nCurPageNo == HIDDEN_VOL_WIZARD_MODE_PAGE) + { + bHiddenVolDirect = FALSE; + return 1; + } + + if (lw == IDC_SELECT_VOLUME_LOCATION && nCurPageNo == VOLUME_LOCATION_PAGE) + { + if (!bDevice) + { + // Select file + + if (BrowseFiles (hwndDlg, "OPEN_TITLE", szFileName, bHistory, !bHiddenVolDirect, NULL) == FALSE) + return 1; + + AddComboItem (GetDlgItem (hwndDlg, IDC_COMBO_BOX), szFileName, bHistory); + + EnableDisableFileNext (GetDlgItem (hwndDlg, IDC_COMBO_BOX), + GetDlgItem (GetParent (hwndDlg), IDC_NEXT)); + + return 1; + } + else + { + // Select device + RawDevicesDlgParam param; + param.pszFileName = szFileName; + INT_PTR nResult = DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_RAWDEVICES_DLG), GetParent (hwndDlg), + (DLGPROC) RawDevicesDlgProc, (LPARAM) & param); + + // Check administrator privileges + if (!wcsstr (szFileName, L"Floppy") && !IsAdmin() && !IsUacSupported ()) + MessageBoxW (hwndDlg, GetString ("ADMIN_PRIVILEGES_WARN_DEVICES"), lpszTitle, MB_OK|MB_ICONWARNING); + + if (nResult == IDOK && wcslen (szFileName) > 0) + { + AddComboItem (GetDlgItem (hwndDlg, IDC_COMBO_BOX), szFileName, bHistory); + + EnableDisableFileNext (GetDlgItem (hwndDlg, IDC_COMBO_BOX), + GetDlgItem (GetParent (hwndDlg), IDC_NEXT)); + + bDeviceTransformModeChoiceMade = FALSE; + bInPlaceEncNonSys = FALSE; + } + return 1; + } + } + + if (nCurPageNo == DEVICE_TRANSFORM_MODE_PAGE) + { + switch (lw) + { + case IDC_DEVICE_TRANSFORM_MODE_FORMAT: + + bInPlaceEncNonSys = FALSE; + bDeviceTransformModeChoiceMade = TRUE; + + return 1; + + case IDC_DEVICE_TRANSFORM_MODE_INPLACE: + + bInPlaceEncNonSys = TRUE; + bDeviceTransformModeChoiceMade = TRUE; + + bHiddenVol = FALSE; + bHiddenVolDirect = FALSE; + bHiddenVolHost = FALSE; + bSparseFileSwitch = FALSE; + quickFormat = FALSE; + + return 1; + } + } + + if (lw == IDC_HIDVOL_WIZ_MODE_FULL && nCurPageNo == HIDDEN_VOL_WIZARD_MODE_PAGE) + { + bHiddenVolDirect = FALSE; + return 1; + } + + if (hw == CBN_SELCHANGE && nCurPageNo == CIPHER_PAGE) + { + switch (lw) + { + case IDC_COMBO_BOX: + ComboSelChangeEA (hwndDlg); + break; + + case IDC_COMBO_BOX_HASH_ALGO: + if (SysEncInEffect ()) + { + HWND hHashAlgoItem = GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO); + int selectedAlgo = (int) SendMessage (hHashAlgoItem, CB_GETITEMDATA, SendMessage (hHashAlgoItem, CB_GETCURSEL, 0, 0), 0); + if (!HashForSystemEncryption(selectedAlgo)) + { + hash_algo = DEFAULT_HASH_ALGORITHM_BOOT; + RandSetHashFunction (DEFAULT_HASH_ALGORITHM_BOOT); + Info ("ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", MainDlg); + SelectAlgo (GetDlgItem (hwndDlg, IDC_COMBO_BOX_HASH_ALGO), &hash_algo); + } + } + break; + } + return 1; + + } + + if (lw == IDC_QUICKFORMAT && IsButtonChecked (GetDlgItem (hCurPage, IDC_QUICKFORMAT))) + { + if (bSparseFileSwitch) + { + if (AskWarnYesNo("CONFIRM_SPARSE_FILE", MainDlg) == IDNO) + SetCheckBox (hwndDlg, IDC_QUICKFORMAT, FALSE); + } + else + { + if (AskWarnYesNo("WARN_QUICK_FORMAT", MainDlg) == IDNO) + SetCheckBox (hwndDlg, IDC_QUICKFORMAT, FALSE); + } + return 1; + } + + if (lw == IDC_FILESYS && hw == CBN_SELCHANGE) + { + fileSystem = (int) SendMessage (GetDlgItem (hCurPage, IDC_FILESYS), CB_GETITEMDATA, + SendMessage (GetDlgItem (hCurPage, IDC_FILESYS), CB_GETCURSEL, 0, 0) , 0); + + return 1; + } + + if (lw == IDC_SHOW_KEYS && nCurPageNo == FORMAT_PAGE) + { + showKeys = IsButtonChecked (GetDlgItem (hCurPage, IDC_SHOW_KEYS)); + + SetWindowText (GetDlgItem (hCurPage, IDC_RANDOM_BYTES), showKeys ? L" " : L"******************************** "); + SetWindowText (GetDlgItem (hCurPage, IDC_HEADER_KEY), showKeys ? L"" : L"******************************** "); + SetWindowText (GetDlgItem (hCurPage, IDC_DISK_KEY), showKeys ? L"" : L"******************************** "); + return 1; + } + + if (lw == IDC_DISPLAY_POOL_CONTENTS + && (nCurPageNo == SYSENC_COLLECTING_RANDOM_DATA_PAGE || nCurPageNo == NONSYS_INPLACE_ENC_RAND_DATA_PAGE)) + { + showKeys = IsButtonChecked (GetDlgItem (hCurPage, IDC_DISPLAY_POOL_CONTENTS)); + DisplayRandPool (hwndDlg, hRandPoolSys, showKeys); + + return 1; + } + + if (lw == IDC_DISPLAY_KEYS && nCurPageNo == SYSENC_KEYS_GEN_PAGE) + { + showKeys = IsButtonChecked (GetDlgItem (hCurPage, IDC_DISPLAY_KEYS)); + + DisplayPortionsOfKeys (GetDlgItem (hwndDlg, IDC_HEADER_KEY), GetDlgItem (hwndDlg, IDC_DISK_KEY), HeaderKeyGUIView, MasterKeyGUIView, !showKeys); + return 1; + } + + if (nCurPageNo == SYSENC_RESCUE_DISK_CREATION_PAGE) + { + if (lw == IDC_BROWSE) + { + wchar_t tmpszRescueDiskISO [TC_MAX_PATH+1]; + + if (!BrowseFiles (hwndDlg, "OPEN_TITLE", tmpszRescueDiskISO, FALSE, TRUE, NULL)) + return 1; + + StringCbCopyW (szRescueDiskISO, sizeof(szRescueDiskISO), tmpszRescueDiskISO); + + SetDlgItemText (hwndDlg, IDC_RESCUE_DISK_ISO_PATH, szRescueDiskISO); + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), (GetWindowTextLength (GetDlgItem (hwndDlg, IDC_RESCUE_DISK_ISO_PATH)) > 1)); + return 1; + } + + if ( hw == EN_CHANGE ) + { + GetDlgItemText (hwndDlg, IDC_RESCUE_DISK_ISO_PATH, szRescueDiskISO, sizeof(szRescueDiskISO)); + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), (GetWindowTextLength (GetDlgItem (hwndDlg, IDC_RESCUE_DISK_ISO_PATH)) > 1)); + return 1; + } + } + + if (nCurPageNo == SYSENC_RESCUE_DISK_BURN_PAGE && lw == IDC_DOWNLOAD_CD_BURN_SOFTWARE) + { + if (IsWindowsIsoBurnerAvailable()) + LaunchWindowsIsoBurner (hwndDlg, szRescueDiskISO); + else + Applink ("isoburning", TRUE, ""); + + return 1; + } + + if ((nCurPageNo == SYSENC_WIPE_MODE_PAGE + || nCurPageNo == NONSYS_INPLACE_ENC_WIPE_MODE_PAGE + || nCurPageNo == DEVICE_WIPE_MODE_PAGE) + && hw == CBN_SELCHANGE) + { + nWipeMode = (WipeAlgorithmId) SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE), + CB_GETITEMDATA, + SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0), + 0); + + return 1; + } + + if (nCurPageNo == DEVICE_WIPE_PAGE) + { + switch (lw) + { + case IDC_ABORT_BUTTON: + + if (AskWarnNoYes ("CONFIRM_WIPE_ABORT", MainDlg) == IDYES) + WipeAbort(); + + return 1; + } + } + + if (lw == IDC_NO_HISTORY) + { + if (!(bHistory = !IsButtonChecked (GetDlgItem (hCurPage, IDC_NO_HISTORY)))) + ClearHistory (GetDlgItem (hCurPage, IDC_COMBO_BOX)); + + return 1; + } + + return 0; + } + + return 0; +} + +/* Except in response to the WM_INITDIALOG and WM_ENDSESSION messages, the dialog box procedure + should return nonzero if it processes the message, and zero if it does not. - see DialogProc */ +BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + + int nNewPageNo = nCurPageNo; + + switch (uMsg) + { + case WM_INITDIALOG: + { + MainDlg = hwndDlg; + InitDialog (hwndDlg); + LocalizeDialog (hwndDlg, "IDD_VOL_CREATION_WIZARD_DLG"); + + if (IsTrueCryptInstallerRunning()) + AbortProcess ("TC_INSTALLER_IS_RUNNING"); + + // Resize the bitmap if the user has a non-default DPI + if (ScreenDPI != USER_DEFAULT_SCREEN_DPI) + { + hbmWizardBitmapRescaled = RenderBitmap (MAKEINTRESOURCE (IDB_WIZARD), + GetDlgItem (hwndDlg, IDC_BITMAP_WIZARD), + 0, 0, 0, 0, FALSE, FALSE); + } + + LoadSettings (hwndDlg); + + LoadDefaultKeyFilesParam (); + RestoreDefaultKeyFilesParam (); + + SysEncMultiBootCfg.NumberOfSysDrives = -1; + SysEncMultiBootCfg.MultipleSystemsOnDrive = -1; + SysEncMultiBootCfg.BootLoaderLocation = -1; + SysEncMultiBootCfg.BootLoaderBrand = -1; + SysEncMultiBootCfg.SystemOnBootDrive = -1; + + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (hwndDlg); + Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); + EndMainDlg (MainDlg); + return 0; + } + + SendMessageW (GetDlgItem (hwndDlg, IDC_BOX_TITLE), WM_SETFONT, (WPARAM) hTitleFont, (LPARAM) TRUE); + SetWindowTextW (hwndDlg, lpszTitle); + + ExtractCommandLine (hwndDlg, (wchar_t *) lParam); + + if (ComServerMode) + { + InitDialog (hwndDlg); + + if (!ComServerFormat ()) + { + handleWin32Error (hwndDlg, SRC_POS); + exit (1); + } + exit (0); + } + + if (DirectCreationMode) + { + wchar_t root[TC_MAX_PATH]; + DWORD fileSystemFlags = 0; + uint64 dataAreaSize; + wchar_t szFileSystemNameBuffer[256]; + ULARGE_INTEGER free; + + showKeys = FALSE; + bGuiMode = FALSE; + + if (CmdVolumePassword.Length == 0) + AbortProcess ("ERR_PASSWORD_MISSING"); + + if (CmdVolumeFileSize == 0) + AbortProcess ("ERR_SIZE_MISSING"); + + CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szFileName, &bDevice); + + if (bDevice) + AbortProcess ("ERR_DEVICE_CLI_CREATE_NOT_SUPPORTED"); + + volumePassword = CmdVolumePassword; + volumePim = CmdVolumePim; + + if (CmdVolumeEA > 0) + nVolumeEA = CmdVolumeEA; + + if (CmdVolumePkcs5 > 0) + hash_algo = CmdVolumePkcs5; + + if (CmdVolumeFilesystem > 0) + fileSystem = CmdVolumeFilesystem; + else + fileSystem = FILESYS_NTFS; + + nVolumeSize = CmdVolumeFileSize; + + // correct volume size to be multiple of sector size + if (bDevice && !(bHiddenVol && !bHiddenVolHost)) // If raw device but not a hidden volume + { + // do nothing. no correction is needed + } + else + { + unsigned __int64 sectorSize = (unsigned __int64) GetFormatSectorSize(); + unsigned __int64 sectorSizeRem = nVolumeSize % sectorSize; + + if (sectorSizeRem != 0) + nVolumeSize = nVolumeSize + (sectorSize - sectorSizeRem); + } + + if (nVolumeSize < (bHiddenVolHost ? TC_MIN_HIDDEN_VOLUME_HOST_SIZE : (bHiddenVol ? TC_MIN_HIDDEN_VOLUME_SIZE : TC_MIN_VOLUME_SIZE))) + AbortProcess ("ERR_VOLUME_SIZE_TOO_SMALL"); + + if ( ((!bHiddenVolHost && bHiddenVol) && (nVolumeSize > nMaximumHiddenVolSize)) + || (nVolumeSize > (bHiddenVolHost ? TC_MAX_HIDDEN_VOLUME_HOST_SIZE : TC_MAX_VOLUME_SIZE)) + ) + { + AbortProcess ("ERR_VOLUME_SIZE_TOO_BIG"); + } + + if (!GetVolumePathName (szFileName, root, array_capacity (root))) + { + handleWin32Error (hwndDlg, SRC_POS); + exit (1); + } + + if (CmdSparseFileSwitch) + { + /* Check if the host file system supports sparse files */ + GetVolumeInformation (root, NULL, 0, NULL, NULL, &fileSystemFlags, NULL, 0); + bSparseFileSwitch = fileSystemFlags & FILE_SUPPORTS_SPARSE_FILES; + + if (!bSparseFileSwitch) + { + AbortProcess ("ERR_DYNAMIC_NOT_SUPPORTED"); + } + } + + quickFormat = TRUE; + + if (!GetDiskFreeSpaceEx (root, &free, 0, 0)) + { + wchar_t szTmp[1024]; + + if (translateWin32Error (szTmp, sizeof (szTmp) / sizeof(szTmp[0]))) + { + wchar_t szTmp2[1024]; + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s\n%s", GetString ("CANNOT_CALC_SPACE"), szTmp); + AbortProcessDirect (szTmp2); + } + else + { + handleWin32Error (hwndDlg, SRC_POS); + } + + exit (1); + } + else + { + if (!bSparseFileSwitch && (nVolumeSize > free.QuadPart)) + { + AbortProcess ("ERR_CONTAINER_SIZE_TOO_BIG"); + } + } + + dataAreaSize = GetVolumeDataAreaSize (bHiddenVol && !bHiddenVolHost, nVolumeSize); + + if ( (fileSystem == FILESYS_NTFS) && + (dataAreaSize < TC_MIN_NTFS_FS_SIZE || dataAreaSize > TC_MAX_NTFS_FS_SIZE) + ) + { + AbortProcess ("ERR_NTFS_INVALID_VOLUME_SIZE"); + } + + if ( (fileSystem == FILESYS_EXFAT) && + (dataAreaSize < TC_MIN_EXFAT_FS_SIZE || dataAreaSize > TC_MAX_EXFAT_FS_SIZE) + ) + { + AbortProcess ("ERR_EXFAT_INVALID_VOLUME_SIZE"); + } + + if ( (fileSystem == FILESYS_FAT) && + (dataAreaSize < TC_MIN_FAT_FS_SIZE || dataAreaSize > (TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize())) + ) + { + AbortProcess ("ERR_FAT_INVALID_VOLUME_SIZE"); + } + + /* Verify that the volume would not be too large for the host file system */ + if (GetVolumePathName (szDiskFile, root, ARRAYSIZE (root)) + && GetVolumeInformation (root, NULL, 0, NULL, NULL, NULL, szFileSystemNameBuffer, ARRAYSIZE(szFileSystemNameBuffer)) + && !wcsncmp (szFileSystemNameBuffer, L"FAT32", 5)) + { + // The host file system is FAT32 + if (nVolumeSize >= 4 * BYTES_PER_GB) + { + AbortProcess ("VOLUME_TOO_LARGE_FOR_FAT32"); + } + } + + /* Verify that the volume would not be too large for the operating system */ + if (!IsOSAtLeast (WIN_VISTA) + && nVolumeSize > 2 * BYTES_PER_TB) + { + AbortProcess ("VOLUME_TOO_LARGE_FOR_WINXP"); + } + + if (volumePassword.Length > 0) + { + // Check password length (check also done for outer volume which is not the case in TrueCrypt). + if (!CheckPasswordLength (NULL, volumePassword.Length, volumePim, FALSE, Silent, Silent)) + { + exit (1); + } + } + + volTransformThreadFunction (hwndDlg); + + exit (bOperationSuccess? 0 : 1); + } + + SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, szRescueDiskISO); + StringCbCatW (szRescueDiskISO, sizeof(szRescueDiskISO), L"\\VeraCrypt Rescue Disk.iso"); + + if (IsOSAtLeast (WIN_VISTA)) + { + // Availability of in-place encryption (which is pre-selected by default whenever + // possible) makes partition-hosted volume creation safer. + bWarnDeviceFormatAdvanced = FALSE; + } + +#ifdef _DEBUG + // For faster testing + strcpy (szVerify, "q"); + strcpy (szRawPassword, "q"); +#endif + + PostMessage (hwndDlg, TC_APPMSG_PERFORM_POST_WMINIT_TASKS, 0, 0); + } + return 0; + + case WM_SYSCOMMAND: + if (lw == IDC_ABOUT) + { + DialogBoxW (hInst, MAKEINTRESOURCEW (IDD_ABOUT_DLG), hwndDlg, (DLGPROC) AboutDlgProc); + return 1; + } + return 0; + + case WM_TIMER: + + switch (wParam) + { + case TIMER_ID_RANDVIEW: + + if (WizardMode == WIZARD_MODE_SYS_DEVICE + || bInPlaceEncNonSys) + { + DisplayRandPool (hwndDlg, hRandPoolSys, showKeys); + } + else + { + int partialLen = 16; + wchar_t tmp2[43]; + int i; + DWORD mouseEventsCounter; + + RandpeekBytes (hwndDlg, randPool, partialLen, &mouseEventsCounter); + + ProcessEntropyEstimate (hEntropyBar, &mouseEventsInitialCount, mouseEventsCounter, maxEntropyLevel, &mouseEntropyGathered); + + tmp2[0] = 0; + + for (i = 0; i < partialLen; i++) + { + wchar_t tmp3[3]; + if (showKeys) + { + StringCbPrintfW (tmp3, sizeof(tmp3), L"%02X", (int) randPool[i]); + } + else if (bUseMask) + { + unsigned char tmpByte = randPool[i] ^ maskRandPool[i]; + tmp3[0] = (wchar_t) (((tmpByte >> 4) % 6) + L'*'); + tmp3[1] = (wchar_t) (((tmpByte & 0x0F) % 6) + L'*'); + tmp3[2] = 0; + } + else + StringCbCopyW (tmp3, sizeof (tmp3), L"**"); + StringCbCatW (tmp2, sizeof(tmp2), tmp3); + } + + tmp2[32] = 0; + + SetWindowTextW (GetDlgItem (hCurPage, IDC_RANDOM_BYTES), (wstring (tmp2) + GetString ("TRIPLE_DOT_GLYPH_ELLIPSIS")).c_str()); + + burn (randPool, partialLen); + burn (tmp2, sizeof(tmp2)); + } + return 1; + + case TIMER_ID_SYSENC_PROGRESS: + { + // Manage system encryption/decryption and update related GUI + + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + KillTimer (MainDlg, TIMER_ID_SYSENC_PROGRESS); + + try + { + BootEncObj->AbortSetup (); + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + + e.Show (hwndDlg); + Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg); + EndMainDlg (MainDlg); + return 1; + } + + if (BootEncStatus.SetupInProgress) + UpdateSysEncProgressBar (); + + if (bSystemEncryptionInProgress != BootEncStatus.SetupInProgress) + { + bSystemEncryptionInProgress = BootEncStatus.SetupInProgress; + + UpdateSysEncProgressBar (); + UpdateSysEncControls (); + + if (!bSystemEncryptionInProgress) + { + // The driver stopped encrypting/decrypting + + // Allow the OS to enter Sleep mode when idle + SetThreadExecutionState (ES_CONTINUOUS); + + KillTimer (hwndDlg, TIMER_ID_SYSENC_PROGRESS); + + UpdateLastDialogId (); + + try + { + if (BootEncStatus.DriveMounted) // If we had been really encrypting/decrypting (not just proceeding to deinstall) + BootEncObj->CheckEncryptionSetupResult(); + } + catch (SystemException &e) + { + if (!bTryToCorrectReadErrors + && SystemEncryptionStatus == SYSENC_STATUS_ENCRYPTING + && (IsDiskReadError (e.ErrorCode))) + { + bTryToCorrectReadErrors = (AskWarnYesNo ("ENABLE_BAD_SECTOR_ZEROING", MainDlg) == IDYES); + + if (bTryToCorrectReadErrors) + { + SysEncResume(); + return 1; + } + } + else if (!DiscardUnreadableEncryptedSectors + && SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING + && (IsDiskReadError (e.ErrorCode))) + { + DiscardUnreadableEncryptedSectors = (AskWarnYesNo ("DISCARD_UNREADABLE_ENCRYPTED_SECTORS", MainDlg) == IDYES); + + if (DiscardUnreadableEncryptedSectors) + { + SysEncResume(); + return 1; + } + } + + e.Show (hwndDlg); + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + + switch (SystemEncryptionStatus) + { + case SYSENC_STATUS_ENCRYPTING: + + if (BootEncStatus.ConfiguredEncryptedAreaStart == BootEncStatus.EncryptedAreaStart + && BootEncStatus.ConfiguredEncryptedAreaEnd == BootEncStatus.EncryptedAreaEnd) + { + // The partition/drive has been fully encrypted + + ManageStartupSeqWiz (TRUE, L""); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_NEXT), GetString ("FINALIZE")); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), FALSE); + EnableWindow (GetDlgItem (hCurPage, IDC_WIPE_MODE), FALSE); + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), FALSE); + + WipeHiddenOSCreationConfig(); // For extra conservative security + + ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); + + Info ("SYSTEM_ENCRYPTION_FINISHED", MainDlg); + return 1; + } + break; + + case SYSENC_STATUS_DECRYPTING: + + if (!BootEncStatus.DriveEncrypted) + { + // The partition/drive has been fully decrypted + + try + { + // Finalize the process + BootEncObj->Deinstall (); + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + + ManageStartupSeqWiz (TRUE, L""); + ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_NEXT), GetString ("FINALIZE")); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), FALSE); + EnableWindow (GetDlgItem (hCurPage, IDC_PAUSE), FALSE); + + Info ("SYSTEM_DECRYPTION_FINISHED", MainDlg); + + // Reboot is required to enable uninstallation and hibernation + if (AskWarnYesNo ("CONFIRM_RESTART", MainDlg) == IDYES) + { + EndMainDlg (MainDlg); + + try + { + BootEncObj->RestartComputer(); + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + } + + return 1; + } + break; + } + } + } + } + return 1; + + case TIMER_ID_NONSYS_INPLACE_ENC_PROGRESS: + + if (bInPlaceEncNonSys) + { + // Non-system in-place encryption + + if (!bVolTransformThreadRunning && !bVolTransformThreadToRun) + { + KillTimer (hwndDlg, TIMER_ID_NONSYS_INPLACE_ENC_PROGRESS); + + UpdateLastDialogId (); + } + + UpdateNonSysInPlaceEncControls (); + } + return 1; + + case TIMER_ID_KEYB_LAYOUT_GUARD: + if (SysEncInEffect ()) + { + DWORD keybLayout = (DWORD) GetKeyboardLayout (NULL); + + /* Watch the keyboard layout */ + + if (keybLayout != 0x00000409 && keybLayout != 0x04090409) + { + // Keyboard layout is not standard US + + WipePasswordsAndKeyfiles (); + + SetPassword (hCurPage, IDC_PASSWORD, szRawPassword); + SetPassword (hCurPage, IDC_VERIFY, szVerify); + + keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); + + if (keybLayout != 0x00000409 && keybLayout != 0x04090409) + { + KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); + Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", MainDlg); + EndMainDlg (MainDlg); + return 1; + } + + bKeyboardLayoutChanged = TRUE; + + wchar_t szTmp [4096]; + StringCbCopyW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_CHANGE_PREVENTED")); + StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); + StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION")); + MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); + } + + /* Watch the right Alt key (which is used to enter various characters on non-US keyboards) */ + + if (bKeyboardLayoutChanged && !bKeybLayoutAltKeyWarningShown) + { + if (GetAsyncKeyState (VK_RMENU) < 0) + { + bKeybLayoutAltKeyWarningShown = TRUE; + + wchar_t szTmp [4096]; + StringCbCopyW (szTmp, sizeof(szTmp), GetString ("ALT_KEY_CHARS_NOT_FOR_SYS_ENCRYPTION")); + StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); + StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION")); + MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONINFORMATION | MB_SETFOREGROUND | MB_TOPMOST); + } + } + } + return 1; + + case TIMER_ID_SYSENC_DRIVE_ANALYSIS_PROGRESS: + + if (bSysEncDriveAnalysisInProgress) + { + UpdateProgressBarProc (GetTickCount() - SysEncDriveAnalysisStart); + + if (GetTickCount() - SysEncDriveAnalysisStart > SYSENC_DRIVE_ANALYSIS_ETA) + { + // It's taking longer than expected -- reinit the progress bar + SysEncDriveAnalysisStart = GetTickCount (); + InitProgressBar (SYSENC_DRIVE_ANALYSIS_ETA, 0, FALSE, FALSE, FALSE, TRUE); + } + + ArrowWaitCursor (); + } + else + { + KillTimer (hwndDlg, TIMER_ID_SYSENC_DRIVE_ANALYSIS_PROGRESS); + UpdateProgressBarProc (SYSENC_DRIVE_ANALYSIS_ETA); + Sleep (1500); // User-friendly GUI + + if (bSysEncDriveAnalysisTimeOutOccurred) + Warning ("SYS_DRIVE_SIZE_PROBE_TIMEOUT", MainDlg); + + LoadPage (hwndDlg, SYSENC_DRIVE_ANALYSIS_PAGE + 1); + } + return 1; + + case TIMER_ID_WIPE_PROGRESS: + + // Manage device wipe and update related GUI + + if (bHiddenOS && IsHiddenOSRunning()) + { + // Decoy system partition wipe + + DecoySystemWipeStatus decoySysPartitionWipeStatus; + + try + { + decoySysPartitionWipeStatus = BootEncObj->GetDecoyOSWipeStatus(); + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + KillTimer (MainDlg, TIMER_ID_WIPE_PROGRESS); + + try + { + BootEncObj->AbortDecoyOSWipe (); + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + + e.Show (hwndDlg); + EndMainDlg (MainDlg); + return 1; + } + + if (decoySysPartitionWipeStatus.WipeInProgress) + { + ArrowWaitCursor (); + + UpdateWipeProgressBar (); + } + + if (bDeviceWipeInProgress != decoySysPartitionWipeStatus.WipeInProgress) + { + bDeviceWipeInProgress = decoySysPartitionWipeStatus.WipeInProgress; + + UpdateWipeProgressBar (); + UpdateWipeControls (); + + if (!bDeviceWipeInProgress) + { + // The driver stopped wiping + + KillTimer (hwndDlg, TIMER_ID_WIPE_PROGRESS); + UpdateLastDialogId (); + + try + { + BootEncObj->CheckDecoyOSWipeResult(); + } + catch (Exception &e) + { + e.Show (hwndDlg); + AbortProcessSilent(); + } + + if (BootEncStatus.ConfiguredEncryptedAreaEnd == decoySysPartitionWipeStatus.WipedAreaEnd) + { + // Decoy system partition has been fully wiped + + ChangeHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_WIPED); + + SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("EXIT")); + EnableWindow (GetDlgItem (MainDlg, IDCANCEL), TRUE); + EnableWindow (GetDlgItem (MainDlg, IDC_PREV), FALSE); + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), FALSE); + EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), FALSE); + + Info ("WIPE_FINISHED_DECOY_SYSTEM_PARTITION", MainDlg); + + TextInfoDialogBox (TC_TBXID_DECOY_OS_INSTRUCTIONS); + + if (BootEncObj->GetSystemDriveConfiguration().ExtraBootPartitionPresent) + Warning ("DECOY_OS_VERSION_WARNING", MainDlg); + + return 1; + } + } + } + } + else + { + // Regular device wipe (not decoy system partition wipe) + + //Info ("WIPE_FINISHED"); + } + return 1; + } + + return 0; + + + case TC_APPMSG_PERFORM_POST_WMINIT_TASKS: + + AfterWMInitTasks (hwndDlg); + return 1; + + case TC_APPMSG_FORMAT_FINISHED: + { + wchar_t tmp[RNG_POOL_SIZE*2+1]; + + EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDHELP), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), TRUE); + SetFocus (GetDlgItem (hwndDlg, IDC_NEXT)); + + if (nCurPageNo == FORMAT_PAGE) + KillTimer (hwndDlg, TIMER_ID_RANDVIEW); + + // Attempt to wipe the GUI fields showing portions of randpool, of the master and header keys + wmemset (tmp, 'X', ARRAYSIZE(tmp)); + tmp [ARRAYSIZE(tmp)-1] = 0; + SetWindowText (hRandPool, tmp); + SetWindowText (hMasterKey, tmp); + SetWindowText (hHeaderKey, tmp); + + LoadPage (hwndDlg, FORMAT_FINISHED_PAGE); + } + return 1; + + case TC_APPMSG_NONSYS_INPLACE_ENC_FINISHED: + + // A partition has just been fully encrypted in place + + KillTimer (hwndDlg, TIMER_ID_NONSYS_INPLACE_ENC_PROGRESS); + + if (bInPlaceDecNonSys) + { + // Decryption of non-system volume finished and free drive letters are available. Check if a drive letter is assigned to the decrypted volume. + + WCHAR deviceName[MAX_PATH + 1]; + + StringCbCopyW (deviceName, sizeof(deviceName), szDiskFile); + + if (GetDiskDeviceDriveLetter (deviceName) < 0) + { + // No drive letter is assigned to the device + MessageBeep (MB_OK); + LoadPage (hwndDlg, NONSYS_INPLACE_DEC_TRANSFORM_FINISHED_DRIVE_LETTER_PAGE); + return 1; + } + else + { + Info ("NONSYS_INPLACE_DEC_FINISHED_INFO", hwndDlg); + } + } + + LoadPage (hwndDlg, NONSYS_INPLACE_ENC_TRANSFORM_FINISHED_PAGE); + return 1; + + case TC_APPMSG_VOL_TRANSFORM_THREAD_ENDED: + + if (bInPlaceEncNonSys) + { + // In-place encryption was interrupted/paused (did not finish) + + KillTimer (hwndDlg, TIMER_ID_NONSYS_INPLACE_ENC_PROGRESS); + + UpdateNonSysInPlaceEncControls (); + } + else + { + // Format has been aborted (did not finish) + + EnableWindow (GetDlgItem (hCurPage, IDC_QUICKFORMAT), (bDevice || bSparseFileSwitch) && !(bHiddenVol && !bHiddenVolHost)); + EnableWindow (GetDlgItem (hCurPage, IDC_FILESYS), TRUE); + EnableWindow (GetDlgItem (hCurPage, IDC_CLUSTERSIZE), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDHELP), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), TRUE); + EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), TRUE); + SendMessage (GetDlgItem (hCurPage, IDC_PROGRESS_BAR), PBM_SETPOS, 0, 0L); + SetFocus (GetDlgItem (hwndDlg, IDC_NEXT)); + } + + NormalCursor (); + return 1; + + case WM_HELP: + + OpenPageHelp (hwndDlg, nCurPageNo); + return 1; + + case TC_APPMSG_FORMAT_USER_QUIT: + + if (nCurPageNo == NONSYS_INPLACE_ENC_TRANSFORM_PAGE + && (bVolTransformThreadRunning || bVolTransformThreadToRun || bInPlaceEncNonSysResumed)) + { + // Non-system encryption in progress + if (AskNoYes ("NONSYS_INPLACE_ENC_DEFER_CONFIRM", hwndDlg) == IDYES) + { + NonSysInplaceEncPause (); + + EndMainDlg (hwndDlg); + return 1; + } + else + return 1; // Disallow close + } + else if (bVolTransformThreadRunning || bVolTransformThreadToRun) + { + // Format (non-in-place encryption) in progress + if (AskNoYes ("FORMAT_ABORT", hwndDlg) == IDYES) + { + bVolTransformThreadCancel = TRUE; + + EndMainDlg (hwndDlg); + return 1; + } + else + return 1; // Disallow close + } + else if ((nCurPageNo == SYSENC_ENCRYPTION_PAGE || nCurPageNo == SYSENC_PRETEST_RESULT_PAGE) + && SystemEncryptionStatus != SYSENC_STATUS_NONE + && InstanceHasSysEncMutex ()) + { + // System encryption/decryption in progress + + if (AskYesNo (SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING ? + "SYSTEM_DECRYPTION_DEFER_CONFIRM" : "SYSTEM_ENCRYPTION_DEFER_CONFIRM", MainDlg) == IDYES) + { + if (nCurPageNo == SYSENC_PRETEST_RESULT_PAGE) + TextInfoDialogBox (TC_TBXID_SYS_ENC_RESCUE_DISK); + + try + { + BootEncStatus = BootEncObj->GetStatus(); + + if (BootEncStatus.SetupInProgress) + { + BootEncObj->AbortSetupWait (); + Sleep (200); + BootEncStatus = BootEncObj->GetStatus(); + } + + if (!BootEncStatus.SetupInProgress) + { + EndMainDlg (MainDlg); + return 1; + } + else + { + Error ("FAILED_TO_INTERRUPT_SYSTEM_ENCRYPTION", MainDlg); + return 1; // Disallow close + } + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + return 1; // Disallow close + } + else + return 1; // Disallow close + } + else if (bConfirmQuitSysEncPretest) + { + if (AskWarnNoYes (bHiddenOS ? "CONFIRM_CANCEL_HIDDEN_OS_CREATION" : "CONFIRM_CANCEL_SYS_ENC_PRETEST", MainDlg) == IDNO) + return 1; // Disallow close + } + else if (bConfirmQuit) + { + if (AskWarnNoYes ("CONFIRM_EXIT_UNIVERSAL", MainDlg) == IDNO) + return 1; // Disallow close + } + + if (hiddenVolHostDriveNo > -1) + { + CloseVolumeExplorerWindows (hwndDlg, hiddenVolHostDriveNo); + UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE); + } + + EndMainDlg (hwndDlg); + return 1; + + + case WM_COMMAND: + + if (lw == IDHELP) + { + OpenPageHelp (hwndDlg, nCurPageNo); + return 1; + } + else if (lw == IDCANCEL) + { + PostMessage (hwndDlg, TC_APPMSG_FORMAT_USER_QUIT, 0, 0); + return 1; + } + else if (lw == IDC_NEXT) + { + if (nCurPageNo == INTRO_PAGE) + { + switch (GetSelectedWizardMode (hCurPage)) + { + case WIZARD_MODE_FILE_CONTAINER: + + if (CurrentOSMajor >= 6 && IsUacSupported() && IsAdmin() && !IsBuiltInAdmin() && !IsNonInstallMode()) + { + static bool warningConfirmed = false; + if (!warningConfirmed) + { + if (AskWarnYesNo ("CONTAINER_ADMIN_WARNING", MainDlg) == IDYES) + exit (0); + + warningConfirmed = true; + } + } + + WaitCursor (); + CloseSysEncMutex (); + ChangeWizardMode (WIZARD_MODE_FILE_CONTAINER); + bHiddenOS = FALSE; + bInPlaceEncNonSys = FALSE; + nNewPageNo = VOLUME_TYPE_PAGE - 1; // Skip irrelevant pages + break; + + case WIZARD_MODE_NONSYS_DEVICE: + + WaitCursor (); + CloseSysEncMutex (); + + if (!ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE)) + { + NormalCursor (); + return 1; + } + + bHiddenOS = FALSE; + nNewPageNo = VOLUME_TYPE_PAGE - 1; // Skip irrelevant pages + break; + + case WIZARD_MODE_SYS_DEVICE: + + WaitCursor (); + bHiddenVol = FALSE; + bInPlaceEncNonSys = FALSE; + SwitchWizardToSysEncMode (); + return 1; + } + } + else if (nCurPageNo == SYSENC_TYPE_PAGE) + { + if (bHiddenOS) + { + bWholeSysDrive = FALSE; + bHiddenVolDirect = FALSE; + } + + if (!bHiddenOS) + nNewPageNo = SYSENC_SPAN_PAGE - 1; // Skip irrelevant pages + } + else if (nCurPageNo == SYSENC_HIDDEN_OS_REQ_CHECK_PAGE) + { + WaitCursor (); + try + { + BootEncObj->CheckRequirementsHiddenOS (); + + if (CheckGapBetweenSysAndHiddenOS ()) + Warning ("GAP_BETWEEN_SYS_AND_HIDDEN_OS_PARTITION", MainDlg); + } + catch (Exception &e) + { + e.Show (hwndDlg); + NormalCursor (); + return 1; + } + + if (AskWarnYesNo ("DECOY_OS_REINSTALL_WARNING", MainDlg) == IDNO) + { + NormalCursor (); + return 1; + } + + WarningDirect ((wstring (GetString ("HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO")) + + L"\n\n" + + GetString ("HIDDEN_OS_WRITE_PROTECTION_EXPLANATION")).c_str(), MainDlg); + + if (!IsAdmin() && IsUacSupported()) + { + // If UAC elevation is needed, we need to elevate the complete wizard process here, because + // we will need to switch to the non-sys-device mode, which requires the whole wizard process + // to have admin rights. + + CloseSysEncMutex (); + + if (!ElevateWholeWizardProcess (L"/r")) + { + // Failed to obtain admin rights + + NormalCursor (); + + if (!CreateSysEncMutex ()) + AbortProcess ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE"); + + return 1; + } + } + + // This check requires admin rights + try + { + BootEncObj->InitialSecurityChecksForHiddenOS (); + } + catch (Exception &e) + { + e.Show (hwndDlg); + EndMainDlg (MainDlg); // Some of the checks need the wizard to be restarted (results are cached until exit and the checks would fail even if the issues were rectified). + return 1; + } + + nNewPageNo = SYSENC_MULTI_BOOT_MODE_PAGE - 1; // Skip irrelevant pages + } + else if (nCurPageNo == SYSENC_SPAN_PAGE) + { + try + { + if (bWholeSysDrive && !BootEncObj->SystemPartitionCoversWholeDrive()) + { + if (BootEncObj->SystemDriveContainsNonStandardPartitions()) + { + if (AskWarnYesNoString ((wstring (GetString ("SYSDRIVE_NON_STANDARD_PARTITIONS")) + L"\n\n" + GetString ("ASK_ENCRYPT_PARTITION_INSTEAD_OF_DRIVE")).c_str(), MainDlg) == IDYES) + bWholeSysDrive = FALSE; + } + + if (!IsOSAtLeast (WIN_VISTA) && bWholeSysDrive) + { + if (BootEncObj->SystemDriveContainsExtendedPartition()) + { + Error ("WDE_UNSUPPORTED_FOR_EXTENDED_PARTITIONS", MainDlg); + + if (AskYesNo ("ASK_ENCRYPT_PARTITION_INSTEAD_OF_DRIVE", MainDlg) == IDNO) + return 1; + + bWholeSysDrive = FALSE; + } + else + Warning ("WDE_EXTENDED_PARTITIONS_WARNING", hwndDlg); + } + } + + if (!bWholeSysDrive && BootEncObj->SystemPartitionCoversWholeDrive()) + bWholeSysDrive = (AskYesNo ("WHOLE_SYC_DEVICE_RECOM", hwndDlg) == IDYES); + } + catch (Exception &e) + { + e.Show (hwndDlg); + NormalCursor (); + return 1; + } + + if (!bWholeSysDrive) + nNewPageNo = SYSENC_MULTI_BOOT_MODE_PAGE - 1; // Skip irrelevant pages + } + else if (nCurPageNo == SYSENC_PRE_DRIVE_ANALYSIS_PAGE) + { + if ((SysEncDetectHiddenSectors = Get2RadButtonPageAnswer()) != 1) + { + // Skip drive analysis + nNewPageNo = SYSENC_DRIVE_ANALYSIS_PAGE; + + // If the user had already searched for hidden sectors, we must clear (invalidate) the + // result because now he changed his mind and no longer wishes to encrypt the hidden sectors. + try + { + BootEncObj->InvalidateCachedSysDriveProperties (); + } + catch (Exception &e) + { + e.Show (MainDlg); + EndMainDlg (MainDlg); + exit(0); + } + } + } + else if (nCurPageNo == SYSENC_MULTI_BOOT_MODE_PAGE) + { + if (nMultiBoot > 1) + { + // Multi-boot + + if (AskWarnNoYes ("MULTI_BOOT_FOR_ADVANCED_ONLY", hwndDlg) == IDNO) + return 1; + + if (bHiddenOS) + { + if (AskWarnNoYes ("HIDDEN_OS_MULTI_BOOT", hwndDlg) == IDNO) + { + Error ("UNSUPPORTED_HIDDEN_OS_MULTI_BOOT_CFG", hwndDlg); + return 1; + } + } + } + + if (bHiddenOS) + { + if (IsOSAtLeast (WIN_7) + && BootEncObj->GetSystemDriveConfiguration().ExtraBootPartitionPresent + && AskWarnYesNo ("CONFIRM_HIDDEN_OS_EXTRA_BOOT_PARTITION", hwndDlg) == IDNO) + { + TextInfoDialogBox (TC_TBXID_EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS); + NormalCursor (); + return 1; + } + + if (AskWarnYesNo ("DECOY_OS_REQUIREMENTS", hwndDlg) == IDNO) + { + NormalCursor (); + return 1; + } + + if (!ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE)) + { + NormalCursor (); + return 1; + } + + // Skip irrelevant pages + nNewPageNo = HIDDEN_VOL_HOST_PRE_CIPHER_PAGE - 1; + } + else if (nMultiBoot <= 1) + { + // Single-boot (not creating a hidden OS) + + // Skip irrelevant pages + nNewPageNo = CIPHER_PAGE - 1; + } + } + else if (nCurPageNo == SYSENC_MULTI_BOOT_SYS_EQ_BOOT_PAGE) + { + SysEncMultiBootCfg.SystemOnBootDrive = Get2RadButtonPageAnswer (); + + if (!SysEncMultiBootCfg.SystemOnBootDrive) + { + Error ("SYS_PARTITION_MUST_BE_ON_BOOT_DRIVE", hwndDlg); + EndMainDlg (MainDlg); + return 1; + } + } + else if (nCurPageNo == SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_PAGE) + { + if (Get2RadButtonPageAnswer () == 0) + { + // 2 or more drives contain an OS + + SysEncMultiBootCfg.NumberOfSysDrives = 2; + } + else if (Get2RadButtonPageAnswer () == 1) + { + // Only 1 drive contains an OS + + SysEncMultiBootCfg.NumberOfSysDrives = 1; + + if (bWholeSysDrive) + { + // Whole-system-drive encryption is currently not supported if the drive contains + // more than one system + Error ("WDE_UNSUPPORTED_FOR_MULTIPLE_SYSTEMS_ON_ONE_DRIVE", hwndDlg); + return 1; + } + + // Ask whether there is a non-Windows boot loader in the MBR + nNewPageNo = SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE - 1; + } + } + else if (nCurPageNo == SYSENC_MULTI_BOOT_ADJACENT_SYS_PAGE) + { + SysEncMultiBootCfg.MultipleSystemsOnDrive = Get2RadButtonPageAnswer (); + + if (SysEncMultiBootCfg.MultipleSystemsOnDrive && bWholeSysDrive) + { + // Whole-system-drive encryption is currently not supported if the drive contains + // more than one system + Error ("WDE_UNSUPPORTED_FOR_MULTIPLE_SYSTEMS_ON_ONE_DRIVE", hwndDlg); + return 1; + } + } + + else if (nCurPageNo == SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE) + { + SysEncMultiBootCfg.BootLoaderBrand = Get2RadButtonPageAnswer (); + + if (SysEncMultiBootCfg.BootLoaderBrand) + { + // A non-Windows boot manager in the MBR + Error ("CUSTOM_BOOT_MANAGERS_IN_MBR_UNSUPPORTED", hwndDlg); + EndMainDlg (MainDlg); + return 1; + } + else + { + // Either a standard Windows boot manager or no boot manager + wcscpy_s (SysEncMultiBootCfgOutcome, sizeof(SysEncMultiBootCfgOutcome) / 2, GetString ("WINDOWS_BOOT_LOADER_HINTS")); + } + } + + else if (nCurPageNo == SYSENC_MULTI_BOOT_OUTCOME_PAGE) + { + if (bHiddenOS) + { + if (!ChangeWizardMode (WIZARD_MODE_NONSYS_DEVICE)) + { + NormalCursor (); + return 1; + } + + nNewPageNo = HIDDEN_VOL_HOST_PRE_CIPHER_PAGE - 1; // Skip irrelevant pages + } + else + nNewPageNo = CIPHER_PAGE - 1; // Skip irrelevant pages + } + + else if (nCurPageNo == VOLUME_TYPE_PAGE) + { + if (IsButtonChecked (GetDlgItem (hCurPage, IDC_HIDDEN_VOL))) + { + if (!IsAdmin() && !IsUacSupported () + && IDNO == MessageBoxW (hwndDlg, GetString ("ADMIN_PRIVILEGES_WARN_HIDVOL"), + lpszTitle, MB_ICONWARNING|MB_YESNO|MB_DEFBUTTON2)) + { + return 1; + } + else + { + bHiddenVol = TRUE; + bHiddenVolHost = TRUE; + bInPlaceEncNonSys = FALSE; + } + } + else + { + bHiddenVol = FALSE; + bHiddenVolHost = FALSE; + bHiddenVolDirect = FALSE; + nNewPageNo = VOLUME_LOCATION_PAGE - 1; // Skip the hidden volume creation wizard mode selection + } + } + + else if (nCurPageNo == HIDDEN_VOL_WIZARD_MODE_PAGE) + { + if (IsButtonChecked (GetDlgItem (hCurPage, IDC_HIDVOL_WIZ_MODE_DIRECT))) + bHiddenVolDirect = TRUE; + else + { + if (IsHiddenOSRunning()) + { + WarningDirect ((wstring (GetString ("HIDDEN_VOL_CREATION_UNDER_HIDDEN_OS_HOWTO")) + + L"\n\n" + + GetString ("NOTE_BEGINNING") + + GetString ("HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO") + + L" " + + GetString ("HIDDEN_OS_WRITE_PROTECTION_EXPLANATION")).c_str(), hwndDlg); + NormalCursor (); + return 1; + } + + bHiddenVolDirect = FALSE; + } + } + + else if (nCurPageNo == VOLUME_LOCATION_PAGE) + { + BOOL tmpbDevice; + + WaitCursor(); + + GetWindowTextW (GetDlgItem (hCurPage, IDC_COMBO_BOX), szFileName, ARRAYSIZE (szFileName)); + RelativePath2Absolute (szFileName); + CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szFileName, &tmpbDevice); + + if (tmpbDevice != bDevice) + { + if (bDevice) + { + // Not a valid device path + Error ("CANNOT_CALC_SPACE", hwndDlg); + NormalCursor (); + return 1; + } + else + { + if (AskWarnYesNo ("DEVICE_SELECTED_IN_NON_DEVICE_MODE", hwndDlg) == IDNO) + { + NormalCursor (); + return 1; + } + + SwitchWizardToNonSysDeviceMode (); + NormalCursor (); + return 1; + } + } + + MoveEditToCombo (GetDlgItem (hCurPage, IDC_COMBO_BOX), bHistory); + + if (IsMountedVolume (szDiskFile)) + { + Error ("ALREADY_MOUNTED", hwndDlg); + NormalCursor (); + return 1; + } + + if (bDevice) + { + switch (IsSystemDevicePath (szDiskFile, hCurPage, TRUE)) + { + case 1: + case 2: + case 3: + if (AskYesNo ("CONFIRM_SYSTEM_ENCRYPTION_MODE", hwndDlg) == IDNO) + { + NormalCursor (); + return 1; + } + szFileName[0] = 0; + szDiskFile[0] = 0; + SwitchWizardToSysEncMode (); + NormalCursor (); + return 1; + + case -1: + // In some environments (such as PE), the system volume is not located on a hard drive. + // Therefore, we must interpret this return code as "Not a system device path" (otherwise, + // non-system devices could not be TC-formatted in such environments). Note that this is + // rather safe, because bReliableRequired is set to TRUE. + + // NOP + break; + } + } + else + { + if (CheckFileExtension(szFileName) + && AskWarnNoYes ("EXE_FILE_EXTENSION_CONFIRM", hwndDlg) == IDNO) + { + NormalCursor (); + return 1; + } + } + + bHistory = !IsButtonChecked (GetDlgItem (hCurPage, IDC_NO_HISTORY)); + + SaveSettings (hCurPage); + + if (bHiddenVolDirect && bHiddenVolHost) + { + nNewPageNo = HIDDEN_VOL_HOST_PASSWORD_PAGE - 1; + + if (bDevice) + { + if(!QueryFreeSpace (hwndDlg, GetDlgItem (hwndDlg, IDC_SPACE_LEFT), FALSE)) + { + MessageBoxW (hwndDlg, GetString ("CANT_GET_VOLSIZE"), lpszTitle, ICON_HAND); + NormalCursor (); + return 1; + } + else + nHiddenVolHostSize = nVolumeSize; + } + else + { + if (!GetFileVolSize (hwndDlg, &nHiddenVolHostSize)) + { + NormalCursor (); + return 1; + } + else if (IsSparseFile (hwndDlg)) + { + // Hidden volumes must not be created within sparse file containers + Warning ("HIDDEN_VOL_HOST_SPARSE", hwndDlg); + NormalCursor (); + return 1; + } + } + } + else + { + if (!bHiddenVol && !bDevice) + nNewPageNo = CIPHER_PAGE - 1; + else if (bHiddenVol) + nNewPageNo = (bHiddenVolHost ? HIDDEN_VOL_HOST_PRE_CIPHER_PAGE : HIDDEN_VOL_PRE_CIPHER_PAGE) - 1; + } + } + + else if (nCurPageNo == DEVICE_TRANSFORM_MODE_PAGE) + { + if (bInPlaceEncNonSys) + { + // Check requirements for non-system in-place encryption + + if (!CheckRequirementsForNonSysInPlaceEnc (hwndDlg, szDiskFile, FALSE)) + { + return 1; + } + + // We are going to skip the Size page so we must get the size here + nVolumeSize = GetDeviceSize (szDiskFile); + + if (nVolumeSize == -1) + { + handleWin32Error (MainDlg, SRC_POS); + return 1; + } + + if (AskWarnYesNo ("NONSYS_INPLACE_ENC_CONFIRM_BACKUP", hwndDlg) == IDNO) + return 1; + } + nNewPageNo = CIPHER_PAGE - 1; + } + + else if (nCurPageNo == HIDDEN_VOL_HOST_PRE_CIPHER_PAGE) + { + if (bHiddenVolHost) + nNewPageNo = CIPHER_PAGE - 1; // Skip the info on the hiddem volume + } + + else if (nCurPageNo == CIPHER_PAGE) + { + LPARAM nIndex; + nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0); + nVolumeEA = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0); + + if (SysEncInEffect () + && EAGetCipherCount (nVolumeEA) > 1) // Cascade? + { + if (AskWarnNoYes ("CONFIRM_CASCADE_FOR_SYS_ENCRYPTION", hwndDlg) == IDNO) + return 1; + + if (!bHiddenOS) + Info ("NOTE_CASCADE_FOR_SYS_ENCRYPTION", hwndDlg); + } + + nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX_HASH_ALGO), CB_GETCURSEL, 0, 0); + hash_algo = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX_HASH_ALGO), CB_GETITEMDATA, nIndex, 0); + + RandSetHashFunction (hash_algo); + + if (SysEncInEffect () || bInPlaceEncNonSys) + nNewPageNo = PASSWORD_PAGE - 1; // Skip irrelevant pages + } + + else if (nCurPageNo == SIZE_PAGE) + { + wchar_t szFileSystemNameBuffer[256]; + + VerifySizeAndUpdate (hCurPage, TRUE); + + if (!bDevice) + { + /* Verify that the volume would not be too large for the host file system */ + + wchar_t root[TC_MAX_PATH]; + + if (GetVolumePathName (szDiskFile, root, ARRAYSIZE (root)) + && GetVolumeInformation (root, NULL, 0, NULL, NULL, NULL, szFileSystemNameBuffer, ARRAYSIZE(szFileSystemNameBuffer)) + && !wcsncmp (szFileSystemNameBuffer, L"FAT32", 5)) + { + // The host file system is FAT32 + if (nUIVolumeSize * nMultiplier >= 4 * BYTES_PER_GB) + { + Error ("VOLUME_TOO_LARGE_FOR_FAT32", hwndDlg); + return 1; + } + } + + /* Verify that the volume would not be too large for the operating system */ + + if (!IsOSAtLeast (WIN_VISTA) + && nUIVolumeSize * nMultiplier > 2 * BYTES_PER_TB) + { + Warning ("VOLUME_TOO_LARGE_FOR_WINXP", hwndDlg); + } + } + + if (bHiddenVol && !bHiddenVolHost) // If it's a hidden volume + { + /* Ask for confirmation if the hidden volume is too large for the user to be + able to write much more data to the outer volume. */ + + if (((double) nUIVolumeSize / (nMaximumHiddenVolSize / nMultiplier)) > 0.85) // 85% + { + if (AskWarnNoYes ("FREE_SPACE_FOR_WRITING_TO_OUTER_VOLUME", hwndDlg) == IDNO) + return 1; + } + } + + if (!(bHiddenVolDirect && bHiddenVolHost)) + nNewPageNo = PASSWORD_PAGE - 1; + } + + else if (nCurPageNo == PASSWORD_PAGE) + { + VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (MainDlg, IDC_NEXT), + GetDlgItem (hCurPage, IDC_PASSWORD), + GetDlgItem (hCurPage, IDC_VERIFY), + volumePassword.Text, + szVerify, + KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect()); + + volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); + + if (volumePassword.Length > 0) + { + // Password character encoding + if (SysEncInEffect () && !CheckPasswordCharEncoding (GetDlgItem (hCurPage, IDC_PASSWORD), NULL)) + { + Error ("UNSUPPORTED_CHARS_IN_PWD", hwndDlg); + return 1; + } + // Check password length (check also done for outer volume which is not the case in TrueCrypt). + else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, 0, SysEncInEffect(), FALSE, FALSE)) + { + return 1; + } + } + + // Store the password in case we need to restore it after keyfile is applied to it + if (!GetPassword (hCurPage, IDC_PASSWORD, szRawPassword, sizeof (szRawPassword), TRUE)) + return 1; + + if (!SysEncInEffect ()) + { + if (KeyFilesEnable) + { + WaitCursor (); + + if (!KeyFilesApply (hwndDlg, &volumePassword, FirstKeyFile, NULL)) + { + NormalCursor (); + return 1; + } + + NormalCursor (); + } + + } + else + { + KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); + + if (bKeyboardLayoutChanged) + { + // Restore the original keyboard layout + if (LoadKeyboardLayout (OrigKeyboardLayout, KLF_ACTIVATE | KLF_SUBSTITUTE_OK) == NULL) + Warning ("CANNOT_RESTORE_KEYBOARD_LAYOUT", hwndDlg); + else + bKeyboardLayoutChanged = FALSE; + } + + } + + if (!PimEnable) + { + // PIM not activated. Skip PIM page + nNewPageNo = PIM_PAGE; + volumePim = 0; + + if (SysEncInEffect ()) + { + nNewPageNo = SYSENC_COLLECTING_RANDOM_DATA_PAGE - 1; // Skip irrelevant pages + } + + if (bInPlaceEncNonSys) + { + nNewPageNo = NONSYS_INPLACE_ENC_RAND_DATA_PAGE - 1; // Skip irrelevant pages + } + else if (WizardMode != WIZARD_MODE_SYS_DEVICE + && !FileSize4GBLimitQuestionNeeded () + || CreatingHiddenSysVol()) // If we're creating a hidden volume for a hidden OS, we don't need to format it with any filesystem (the entire OS will be copied to the hidden volume sector by sector). + { + nNewPageNo = FORMAT_PAGE - 1; // Skip irrelevant pages + } + + } + } + + else if (nCurPageNo == PIM_PAGE) + { + volumePim = GetPim (hCurPage, IDC_PIM); + + if (!SysEncInEffect() && (volumePim > MAX_PIM_VALUE)) + { + SetFocus (GetDlgItem(hCurPage, IDC_PIM)); + Error ("PIM_TOO_BIG", hwndDlg); + return 1; + } + + if (volumePassword.Length > 0) + { + // Password character encoding + if (SysEncInEffect() && (volumePim > MAX_BOOT_PIM_VALUE)) + { + SetFocus (GetDlgItem(hCurPage, IDC_PIM)); + Error ("PIM_SYSENC_TOO_BIG", hwndDlg); + return 1; + } + // Check password length (check also done for outer volume which is not the case in TrueCrypt). + else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, volumePim, SysEncInEffect(), TRUE, FALSE)) + { + return 1; + } + } + + if (SysEncInEffect ()) + { + + nNewPageNo = SYSENC_COLLECTING_RANDOM_DATA_PAGE - 1; // Skip irrelevant pages + } + + if (bInPlaceEncNonSys) + { + nNewPageNo = NONSYS_INPLACE_ENC_RAND_DATA_PAGE - 1; // Skip irrelevant pages + } + else if (WizardMode != WIZARD_MODE_SYS_DEVICE + && !FileSize4GBLimitQuestionNeeded () + || CreatingHiddenSysVol()) // If we're creating a hidden volume for a hidden OS, we don't need to format it with any filesystem (the entire OS will be copied to the hidden volume sector by sector). + { + nNewPageNo = FORMAT_PAGE - 1; // Skip irrelevant pages + } + } + + else if (nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE + || nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) + { + WaitCursor (); + + if (!GetPassword (hCurPage, IDC_PASSWORD_DIRECT, (char*) volumePassword.Text, MAX_PASSWORD + 1, TRUE)) + { + NormalCursor (); + return 1; + } + volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); + + hash_algo = (int) SendMessage (GetDlgItem (hCurPage, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hCurPage, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); + + volumePim = GetPim (hCurPage, IDC_PIM); + + // Store the password in case we need to restore it after keyfile is applied to it + if (!GetPassword (hCurPage, IDC_PASSWORD_DIRECT, szRawPassword, sizeof (szRawPassword), TRUE)) + { + NormalCursor (); + return 1; + } + + if (KeyFilesEnable) + { + KeyFilesApply (hwndDlg, &volumePassword, FirstKeyFile, NULL); + } + + if (!bInPlaceEncNonSys) + { + + /* Mount the volume which is to host the new hidden volume as read only */ + + if (hiddenVolHostDriveNo >= 0) // If the hidden volume host is currently mounted (e.g. after previous unsuccessful dismount attempt) + { + BOOL tmp_result; + + // Dismount the hidden volume host (in order to remount it as read-only subsequently) + while (!(tmp_result = UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE))) + { + if (MessageBoxW (hwndDlg, GetString ("CANT_DISMOUNT_OUTER_VOL"), lpszTitle, MB_RETRYCANCEL) != IDRETRY) + { + // Cancel + NormalCursor(); + return 1; + } + } + if (tmp_result) // If dismounted + hiddenVolHostDriveNo = -1; + } + + if (hiddenVolHostDriveNo < 0) // If the hidden volume host is not mounted + { + int retCode; + + // Mount the hidden volume host as read-only (to ensure consistent and secure + // results of the volume bitmap scanning) + switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, hash_algo, volumePim, TRUE)) + { + case ERR_NO_FREE_DRIVES: + NormalCursor (); + MessageBoxW (hwndDlg, GetString ("NO_FREE_DRIVE_FOR_OUTER_VOL"), lpszTitle, ICON_HAND); + return 1; + case ERR_VOL_MOUNT_FAILED: + case ERR_PASSWORD_WRONG: + NormalCursor (); + return 1; + case 0: + + /* Hidden volume host successfully mounted as read-only */ + + WaitCursor (); + + // Verify that the outer volume contains a suitable file system, retrieve cluster size, and + // scan the volume bitmap + if (!IsAdmin () && IsUacSupported ()) + retCode = UacAnalyzeHiddenVolumeHost (hwndDlg, &hiddenVolHostDriveNo, GetVolumeDataAreaSize (FALSE, nHiddenVolHostSize), &realClusterSize, &nbrFreeClusters); + else + retCode = AnalyzeHiddenVolumeHost (hwndDlg, &hiddenVolHostDriveNo, GetVolumeDataAreaSize (FALSE, nHiddenVolHostSize), &realClusterSize, &nbrFreeClusters); + + switch (retCode) + { + case -1: // Fatal error + CloseVolumeExplorerWindows (hwndDlg, hiddenVolHostDriveNo); + + if (UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE)) + hiddenVolHostDriveNo = -1; + + AbortProcessSilent (); + break; + + case 0: // Unsupported file system (or other non-fatal error which has already been reported) + if (bHiddenVolDirect) + { + CloseVolumeExplorerWindows (hwndDlg, hiddenVolHostDriveNo); + + if (UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE)) + hiddenVolHostDriveNo = -1; + } + NormalCursor (); + return 1; + + case 1: + + // Determine the maximum possible size of the hidden volume + if (DetermineMaxHiddenVolSize (hwndDlg) < 1) + { + // Non-fatal error while determining maximum possible size of the hidden volume + NormalCursor(); + return 1; + } + else + { + BOOL tmp_result; + + /* Maximum possible size of the hidden volume successfully determined */ + + // Dismount the hidden volume host + while (!(tmp_result = UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE))) + { + if (MessageBoxW (hwndDlg, GetString ("CANT_DISMOUNT_OUTER_VOL"), lpszTitle, MB_RETRYCANCEL) != IDRETRY) + { + // Cancel + NormalCursor(); + return 1; + } + } + + if (tmp_result) // If dismounted + { + hiddenVolHostDriveNo = -1; + + bHiddenVolHost = FALSE; + bHiddenVolFinished = FALSE; + + // Clear the outer volume password + WipePasswordsAndKeyfiles (); + + RestoreDefaultKeyFilesParam (); + + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), TRUE); + NormalCursor (); + + nNewPageNo = HIDDEN_VOL_HOST_PRE_CIPHER_PAGE; + } + } + break; + } + break; + } + } + } + else if (bInPlaceEncNonSysResumed) + { + /* Scan all available partitions to discover all partitions where non-system in-place + encryption/decryption has been interrupted. */ + + BOOL tmpbDevice; + + NormalCursor (); + + ShowWaitDialog (hwndDlg, TRUE, ResumeInPlaceEncWaitThreadProc, NULL); + + WaitCursor(); + + if (DeferredNonSysInPlaceEncDevices.empty()) + { + Warning ("FOUND_NO_PARTITION_W_DEFERRED_INPLACE_ENC", hwndDlg); + + NormalCursor(); + return 1; + } + else if (DeferredNonSysInPlaceEncDevices.size() == 1) + { + CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), DeferredNonSysInPlaceEncDevices.front().Path.c_str(), &tmpbDevice); + + nVolumeSize = GetDeviceSize (szDiskFile); + if (nVolumeSize == -1) + { + handleWin32Error (MainDlg, SRC_POS); + NormalCursor(); + return 1; + } + + nNewPageNo = NONSYS_INPLACE_ENC_TRANSFORM_PAGE - 1; // Skip irrelevant pages + } + + NormalCursor(); + } + else + { + /* Try to mount the non-system volume to decrypt in place (the process has not started yet, we are NOT trying to resume it). + We will try to mount it using the backup header, which we require to work (i.e. be non-damaged) before we start writing + to the volume (the primary header will be overwritten by decrypted data soon after the decryption process begins, so the + backup header will contain the only copy of the master key). */ + + int driveNo = -1; + + // The volume may already be mounted. We need to dismount it first in order to verify the supplied password/keyfile(s) is/are correct. + if (IsMountedVolume (szFileName)) + { + driveNo = GetMountedVolumeDriveNo (szFileName); + + if (driveNo == -1 + || !UnmountVolume (hwndDlg, driveNo, TRUE)) + { + handleWin32Error (MainDlg, SRC_POS); + AbortProcess ("CANT_DISMOUNT_VOLUME"); + } + } + + driveNo = GetLastAvailableDrive (); + + if (driveNo < 0) + AbortProcess ("NO_FREE_DRIVES"); + + MountOptions mountOptions; + ZeroMemory (&mountOptions, sizeof (mountOptions)); + + mountOptions.UseBackupHeader = FALSE; // This must be FALSE at this point because otherwise we wouldn't be able to detect a legacy volume + mountOptions.ReadOnly = TRUE; + mountOptions.Removable = ConfigReadInt ("MountVolumesRemovable", FALSE); + + // Check that it is not a hidden or legacy volume + + if (MountVolume (hwndDlg, driveNo, szFileName, &volumePassword, hash_algo, volumePim, FALSE, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1) + { + NormalCursor(); + return 1; + } + + { + DWORD dwResult; + VOLUME_PROPERTIES_STRUCT volProp; + + memset (&volProp, 0, sizeof(volProp)); + volProp.driveNo = driveNo; + if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &volProp, sizeof (volProp), &volProp, sizeof (volProp), &dwResult, NULL) || dwResult == 0) + { + handleWin32Error (hwndDlg, SRC_POS); + UnmountVolume (hwndDlg, driveNo, TRUE); + AbortProcess ("CANT_GET_VOL_INFO"); + } + + if (volProp.volFormatVersion == TC_VOLUME_FORMAT_VERSION_PRE_6_0) + { + UnmountVolume (hwndDlg, driveNo, TRUE); + AbortProcess ("NONSYS_INPLACE_DECRYPTION_BAD_VOL_FORMAT"); + } + + if (volProp.hiddenVolume) + { + UnmountVolume (hwndDlg, driveNo, TRUE); + AbortProcess ("NONSYS_INPLACE_DECRYPTION_CANT_DECRYPT_HID_VOL"); + } + } + + // Remount the volume using the backup header to verify it is working + + if (!UnmountVolume (hwndDlg, driveNo, TRUE)) + { + handleWin32Error (MainDlg, SRC_POS); + AbortProcess ("CANT_DISMOUNT_VOLUME"); + } + + mountOptions.UseBackupHeader = TRUE; // This must be TRUE at this point (we won't be using the regular header, which will be lost soon after the decryption process starts) + + if (MountVolume (hwndDlg, driveNo, szFileName, &volumePassword, hash_algo, volumePim, FALSE, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1) + { + NormalCursor(); + return 1; + } + + if (!UnmountVolume (hwndDlg, driveNo, TRUE)) + { + handleWin32Error (MainDlg, SRC_POS); + AbortProcess ("CANT_DISMOUNT_VOLUME"); + } + + BOOL tmpbDevice; + + CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szFileName, &tmpbDevice); + + nVolumeSize = GetDeviceSize (szDiskFile); + if (nVolumeSize == -1) + { + handleWin32Error (MainDlg, SRC_POS); + AbortProcessSilent (); + } + + nNewPageNo = NONSYS_INPLACE_ENC_TRANSFORM_PAGE - 1; // Skip irrelevant pages + NormalCursor(); + } + } + + else if (nCurPageNo == FILESYS_PAGE) + { + if (!bHiddenVol && IsHiddenOSRunning() && Get2RadButtonPageAnswer() == 1) + { + // The user wants to store files larger than 4GB on the non-hidden volume about to be created and a hidden OS is running + + WarningDirect ((wstring (GetString ("CANNOT_SATISFY_OVER_4G_FILE_SIZE_REQ")) + + L" " + + GetString ("CANNOT_CREATE_NON_HIDDEN_NTFS_VOLUMES_UNDER_HIDDEN_OS") + + L"\n\n" + + GetString ("NOTE_BEGINNING") + + GetString ("HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO") + + L" " + + GetString ("HIDDEN_OS_WRITE_PROTECTION_EXPLANATION")).c_str(), hwndDlg); + + return 1; + } + + if (nNeedToStoreFilesOver4GB != Get2RadButtonPageAnswer()) + fileSystem = FILESYS_NONE; // The user may have gone back and changed the answer, so default file system must be reselected + + nNeedToStoreFilesOver4GB = Get2RadButtonPageAnswer(); + + nNewPageNo = FORMAT_PAGE - 1; // Skip irrelevant pages + } + + else if (nCurPageNo == SYSENC_COLLECTING_RANDOM_DATA_PAGE + || nCurPageNo == NONSYS_INPLACE_ENC_RAND_DATA_PAGE) + { + wchar_t tmp[RANDPOOL_DISPLAY_SIZE+1]; + + if (!bInPlaceEncNonSys) + { + /* Generate master key and other related data (except the rescue disk) for system encryption. */ + + try + { + WaitCursor(); + BootEncObj->PrepareInstallation (!bWholeSysDrive, volumePassword, nVolumeEA, FIRST_MODE_OF_OPERATION_ID, hash_algo, volumePim, L""); + } + catch (Exception &e) + { + e.Show (hwndDlg); + NormalCursor (); + return 1; + } + } + + KillTimer (hwndDlg, TIMER_ID_RANDVIEW); + + // Attempt to wipe the GUI field showing portions of randpool + wmemset (tmp, L'X', ARRAYSIZE(tmp)); + tmp [ARRAYSIZE(tmp)-1] = 0; + SetWindowText (hRandPoolSys, tmp); + + NormalCursor (); + } + + else if (nCurPageNo == SYSENC_KEYS_GEN_PAGE) + { + wchar_t tmp[KEY_GUI_VIEW_SIZE+1]; + + // Attempt to wipe the GUI fields showing portions of the master and header keys + wmemset (tmp, L'X', ARRAYSIZE(tmp)); + tmp [ARRAYSIZE(tmp)-1] = 0; + SetWindowText (hMasterKey, tmp); + SetWindowText (hHeaderKey, tmp); + } + + else if (nCurPageNo == SYSENC_RESCUE_DISK_CREATION_PAGE) + { + /* Generate rescue disk for boot encryption */ + + GetWindowText (GetDlgItem (hCurPage, IDC_RESCUE_DISK_ISO_PATH), szRescueDiskISO, ARRAYSIZE (szRescueDiskISO)); + + bDontVerifyRescueDisk = GetCheckBox (hCurPage, IDC_SKIP_RESCUE_VERIFICATION); + + try + { + WaitCursor(); + BootEncObj->CreateRescueIsoImage (true, szRescueDiskISO); + + } + catch (Exception &e) + { + e.Show (hwndDlg); + NormalCursor (); + return 1; + } + +retryCDDriveCheck: + if (!bDontVerifyRescueDisk && !BootEncObj->IsCDRecorderPresent()) + { + char *multiChoiceStr[] = { 0, "CD_BURNER_NOT_PRESENT", + "CD_BURNER_NOT_PRESENT_WILL_STORE_ISO", + "CD_BURNER_NOT_PRESENT_WILL_CONNECT_LATER", + "CD_BURNER_NOT_PRESENT_CONNECTED_NOW", + 0 }; + + switch (AskMultiChoice ((void **) multiChoiceStr, FALSE, hwndDlg)) + { + case 1: + wchar_t msg[8192]; + StringCchPrintfW (msg, array_capacity (msg), GetString ("CD_BURNER_NOT_PRESENT_WILL_STORE_ISO_INFO"), szRescueDiskISO); + WarningDirect (msg, hwndDlg); + + Warning ("RESCUE_DISK_BURN_NO_CHECK_WARN", hwndDlg); + bDontVerifyRescueDisk = TRUE; + nNewPageNo = SYSENC_RESCUE_DISK_VERIFIED_PAGE; + break; + + case 2: + AbortProcessSilent(); + + case 3: + break; + + default: + goto retryCDDriveCheck; + } + } + + if (IsWindowsIsoBurnerAvailable() && !bDontVerifyRescueDisk) + Info ("RESCUE_DISK_WIN_ISOBURN_PRELAUNCH_NOTE", hwndDlg); + + NormalCursor (); + } + + else if (nCurPageNo == SYSENC_RESCUE_DISK_BURN_PAGE) + { + if (!bDontVerifyRescueDisk) + { + /* Verify that the rescue disk has been written correctly */ + + try + { + WaitCursor(); + if (!BootEncObj->VerifyRescueDisk ()) + { + wchar_t szTmp[8000]; + + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("RESCUE_DISK_CHECK_FAILED"), + IsWindowsIsoBurnerAvailable () ? L"" : GetString ("RESCUE_DISK_CHECK_FAILED_SENTENCE_APPENDIX")); + + ErrorDirect (szTmp, hwndDlg); + + NormalCursor (); +#ifndef _DEBUG + return 1; +#endif + } + } + catch (Exception &e) + { + e.Show (hwndDlg); + NormalCursor (); + return 1; + } + NormalCursor (); + } + else + { + Warning ("RESCUE_DISK_BURN_NO_CHECK_WARN", hwndDlg); + nNewPageNo = SYSENC_RESCUE_DISK_VERIFIED_PAGE; // Skip irrelevant pages + } + } + + else if (nCurPageNo == SYSENC_WIPE_MODE_PAGE + || nCurPageNo == NONSYS_INPLACE_ENC_WIPE_MODE_PAGE) + { + if (nWipeMode > 0 + && AskWarnYesNo ("WIPE_MODE_WARN", hwndDlg) == IDNO) + return 1; + } + + else if (nCurPageNo == SYSENC_PRETEST_INFO_PAGE) + { + if (LocalizationActive + && AskWarnYesNo ("PREBOOT_NOT_LOCALIZED", hwndDlg) == IDNO) + return 1; + + bConfirmQuitSysEncPretest = TRUE; + + if (!bHiddenOS) // This text is not tailored to hidden OS + TextInfoDialogBox (TC_TBXID_SYS_ENCRYPTION_PRETEST); + + if (AskWarnYesNo ("CONFIRM_RESTART", hwndDlg) == IDNO) + return 1; + + /* Install the pre-boot authentication component and initiate the system encryption pretest. + If we are creating a hidden OS, pretest is omitted and OS cloning will follow. */ + + try + { + WaitCursor(); + +#if 0 + // Make sure the Rescue Disk is not in the drive + while (BootEncObj->VerifyRescueDisk ()) + { + Error ("REMOVE_RESCUE_DISK_FROM_DRIVE"); + } +#endif + + BootEncObj->Install (bHiddenOS ? true : false); + } + catch (Exception &e) + { + e.Show (hwndDlg); + Error (bHiddenOS ? "CANNOT_INITIATE_HIDDEN_OS_CREATION" : "CANNOT_INITIATE_SYS_ENCRYPTION_PRETEST", hwndDlg); + NormalCursor (); + return 1; + } + + + /* Add the main TrueCrypt app to the system startup sequence (the TrueCrypt Background Task), which + we need e.g. for notifications about prevented hibernation, about hidden OS leak protection, about + inconsistent hidden OS installs (TrueCrypt upgraded in the decoy system but not in the hidden one), etc. + Note that this must be done before calling ChangeSystemEncryptionStatus(), which broadcasts the change, + so that the main app (if it's running with different cached settings) will not overwrite our new + settings when it exits. */ + bStartOnLogon = TRUE; + SaveSettings (NULL); + ManageStartupSeq (); + + + if (bHiddenOS) + { + /* When we are going to create a hidden OS, the system encryption status is set + to SYSENC_STATUS_PRETEST (not to any special hidden-OS status), in case the XML + configuration file and its properties somehow leaks somewhere outside the system + partition (which will be wiped later on) indicating that a hidden OS has been created + on the computer. Instead, we update our raw config flags in the master boot record + (which is also altered when our boot loader is installed). */ + + if (!ChangeSystemEncryptionStatus (SYSENC_STATUS_PRETEST) + || !ChangeHiddenOSCreationPhase (TC_HIDDEN_OS_CREATION_PHASE_CLONING)) + { + ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); + Error ("CANNOT_INITIATE_HIDDEN_OS_CREATION", hwndDlg); + NormalCursor (); + return 1; + } + } + else if (!ChangeSystemEncryptionStatus (SYSENC_STATUS_PRETEST)) + { + Error ("CANNOT_INITIATE_SYS_ENCRYPTION_PRETEST", hwndDlg); + NormalCursor (); + return 1; + } + + // Add the wizard to the system startup sequence + ManageStartupSeqWiz (FALSE, L"/acsysenc"); + + EndMainDlg (MainDlg); + + try + { + BootEncObj->RestartComputer (); + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + + return 1; + } + + else if (nCurPageNo == SYSENC_PRETEST_RESULT_PAGE) + { + TextInfoDialogBox (TC_TBXID_SYS_ENC_RESCUE_DISK); + + // Begin the actual encryption process + + ChangeSystemEncryptionStatus (SYSENC_STATUS_ENCRYPTING); + } + + else if (nCurPageNo == SYSENC_ENCRYPTION_PAGE + && CreateSysEncMutex ()) + { + // The 'Next' button functions as Finish or Resume + + if (SystemEncryptionStatus != SYSENC_STATUS_NONE) + { + try + { + // Resume + SysEncResume (); + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + } + else + { + // Finish + PostMessage (hwndDlg, TC_APPMSG_FORMAT_USER_QUIT, 0, 0); + } + + return 1; + } + else if (nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PARTITION_SEL_PAGE) + { + nNewPageNo = NONSYS_INPLACE_ENC_TRANSFORM_PAGE - 1; // Skip irrelevant pages + } + else if (nCurPageNo == NONSYS_INPLACE_ENC_TRANSFORM_PAGE) + { + /* In-place encryption start (the 'Next' button has been clicked) */ + if (bInPlaceDecNonSys + && !bInPlaceEncNonSysResumed + && AskWarnYesNo ("NONSYS_INPLACE_ENC_CONFIRM_BACKUP", hwndDlg) == IDNO) + { + // Cancel + return 1; + } + + NonSysInplaceEncResume (); + return 1; + } + else if (nCurPageNo == NONSYS_INPLACE_ENC_TRANSFORM_FINISHED_PAGE) + { + PostMessage (hwndDlg, TC_APPMSG_FORMAT_USER_QUIT, 0, 0); + return 1; + } + else if (nCurPageNo == NONSYS_INPLACE_DEC_TRANSFORM_FINISHED_DRIVE_LETTER_PAGE) + { + BOOL bDrvLetterAssignResult = FALSE; + + int tmpDriveLetter = (int) SendMessage (GetDlgItem (hCurPage, IDC_DRIVE_LETTER_LIST), + CB_GETITEMDATA, + SendMessage (GetDlgItem (hCurPage, IDC_DRIVE_LETTER_LIST), CB_GETCURSEL, 0, 0), + 0); + + if (tmpDriveLetter < 0) + tmpDriveLetter = GetFirstAvailableDrive (); + + do + { + wchar_t szDriveLetter[] = {L'A', L':', 0 }; + wchar_t rootPath[] = {L'A', L':', L'\\', 0 }; + wchar_t uniqVolName[MAX_PATH+1] = { 0 }; + + rootPath[0] += (wchar_t) tmpDriveLetter; + szDriveLetter[0] += (wchar_t) tmpDriveLetter; + + if (DefineDosDevice (DDD_RAW_TARGET_PATH, szDriveLetter, szDiskFile)) + { + bDrvLetterAssignResult = GetVolumeNameForVolumeMountPoint (rootPath, uniqVolName, MAX_PATH); + + DefineDosDevice (DDD_RAW_TARGET_PATH|DDD_REMOVE_DEFINITION|DDD_EXACT_MATCH_ON_REMOVE, + szDriveLetter, + szDiskFile); + + if (bDrvLetterAssignResult) + { + if (SetVolumeMountPoint (rootPath, uniqVolName) == 0) + bDrvLetterAssignResult = FALSE; + } + } + + if (!bDrvLetterAssignResult) + { + if (AskErrYesNo ("ERR_CANNOT_ASSIGN_DRIVE_LETTER_NONSYS_DEC", hwndDlg) == IDNO) + break; + } + + } while (bDrvLetterAssignResult == FALSE); + + bConfirmQuit = FALSE; + + PostMessage (hwndDlg, TC_APPMSG_FORMAT_USER_QUIT, 0, 0); + return 1; + } + else if (nCurPageNo == FORMAT_PAGE) + { + /* Format start (the 'Next' button has been clicked on the Format page) */ + + if (bVolTransformThreadRunning || bVolTransformThreadToRun) + return 1; + + bVolTransformThreadCancel = FALSE; + + bVolTransformThreadToRun = TRUE; + + fileSystem = (int) SendMessage (GetDlgItem (hCurPage, IDC_FILESYS), CB_GETITEMDATA, + SendMessage (GetDlgItem (hCurPage, IDC_FILESYS), CB_GETCURSEL, 0, 0) , 0); + + clusterSize = (int) SendMessage (GetDlgItem (hCurPage, IDC_CLUSTERSIZE), CB_GETITEMDATA, + SendMessage (GetDlgItem (hCurPage, IDC_CLUSTERSIZE), CB_GETCURSEL, 0, 0) , 0); + + quickFormat = IsButtonChecked (GetDlgItem (hCurPage, IDC_QUICKFORMAT)); + + + if (!bHiddenVol && IsHiddenOSRunning()) + { + // Creating a non-hidden volume under a hidden OS + + if (fileSystem == FILESYS_NTFS || fileSystem == FILESYS_EXFAT) + { + WarningDirect ((wstring (GetString ("CANNOT_CREATE_NON_HIDDEN_NTFS_VOLUMES_UNDER_HIDDEN_OS")) + + L"\n\n" + + GetString ("NOTE_BEGINNING") + + GetString ("HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO") + + L" " + + GetString ("HIDDEN_OS_WRITE_PROTECTION_EXPLANATION")).c_str(), hwndDlg); + + if (GetVolumeDataAreaSize (FALSE, nVolumeSize) <= TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize() + && AskYesNo("OFFER_FAT_FORMAT_ALTERNATIVE", hwndDlg) == IDYES) + { + fileSystem = FILESYS_FAT; + SelectAlgo (GetDlgItem (hCurPage, IDC_FILESYS), (int *) &fileSystem); + } + else + { + if (GetVolumeDataAreaSize (FALSE, nVolumeSize) > TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize()) + Info ("FAT_NOT_AVAILABLE_FOR_SO_LARGE_VOLUME", hwndDlg); + + bVolTransformThreadToRun = FALSE; + return 1; + } + } + } + + if (bHiddenVolHost) + { + hiddenVolHostDriveNo = -1; + nMaximumHiddenVolSize = 0; + + if (fileSystem == FILESYS_NTFS || fileSystem == FILESYS_EXFAT) + { + if (bHiddenOS && (fileSystem == FILESYS_NTFS) + && (double) nVolumeSize / GetSystemPartitionSize() < MIN_HIDDENOS_DECOY_PARTITION_SIZE_RATIO_NTFS) + { + Error("OUTER_VOLUME_TOO_SMALL_FOR_HIDDEN_OS_NTFS", hwndDlg); + + if (GetVolumeDataAreaSize (FALSE, nVolumeSize) <= TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize() + && AskYesNo("OFFER_FAT_FORMAT_ALTERNATIVE", hwndDlg) == IDYES) + { + fileSystem = FILESYS_FAT; + SelectAlgo (GetDlgItem (hCurPage, IDC_FILESYS), (int *) &fileSystem); + } + else + { + if (GetVolumeDataAreaSize (FALSE, nVolumeSize) > TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize()) + Info ("FAT_NOT_AVAILABLE_FOR_SO_LARGE_VOLUME", hwndDlg); + + bVolTransformThreadToRun = FALSE; + return 1; + } + } + + if (fileSystem == FILESYS_NTFS || fileSystem == FILESYS_EXFAT) // The file system may have been changed in the previous block + { + if (nCurrentOS == WIN_2000) + { + Error("HIDDEN_VOL_HOST_UNSUPPORTED_FILESYS_WIN2000", hwndDlg); + bVolTransformThreadToRun = FALSE; + return 1; + } + else if ((fileSystem == FILESYS_NTFS) && (GetVolumeDataAreaSize (FALSE, nVolumeSize) <= TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize()) + && AskYesNo("HIDDEN_VOL_HOST_NTFS_ASK", hwndDlg) == IDNO) + { + bVolTransformThreadToRun = FALSE; + return 1; + } + } + } + } + else if (bHiddenVol) + { + // Hidden volume is always quick-formatted (if, however, the meaning of quickFormat is + // whether to create a sparse file, it must be set to FALSE). + quickFormat = !bSparseFileSwitch; + } + + + if (fileSystem == FILESYS_FAT + && nNeedToStoreFilesOver4GB == 1 + && AskWarnNoYes("CONFIRM_FAT_FOR_FILES_OVER_4GB", hwndDlg) == IDNO) + { + bVolTransformThreadToRun = FALSE; + return 1; + } + + EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDHELP), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), FALSE); + EnableWindow (GetDlgItem (hCurPage, IDC_QUICKFORMAT), FALSE); + EnableWindow (GetDlgItem (hCurPage, IDC_CLUSTERSIZE), FALSE); + EnableWindow (GetDlgItem (hCurPage, IDC_FILESYS), FALSE); + EnableWindow (GetDlgItem (hCurPage, IDC_ABORT_BUTTON), TRUE); + SetFocus (GetDlgItem (hCurPage, IDC_ABORT_BUTTON)); + + // Increase cluster size if it's too small for this volume size (causes size of + // free space to be 0). Note that the below constant 0x2000000 is based on + // results of tests performed under Windows XP. + if (fileSystem == FILESYS_FAT && clusterSize > 0) + { + BOOL fixed = FALSE; + while (clusterSize < 128 + && nVolumeSize / (clusterSize * GetFormatSectorSize()) > 0x2000000) + { + clusterSize *= 2; + fixed = TRUE; + } + if (fixed) + MessageBoxW (hwndDlg, GetString ("CLUSTER_TOO_SMALL"), lpszTitle, MB_ICONWARNING); + } + + LastDialogId = "FORMAT_IN_PROGRESS"; + ArrowWaitCursor (); + _beginthread (volTransformThreadFunction, 0, MainDlg); + + return 1; + } + + else if (nCurPageNo == FORMAT_FINISHED_PAGE) + { + if (!bHiddenVol || bHiddenVolFinished) + { + /* Wizard loop restart */ + + if (bHiddenOS) + { + if (!ChangeWizardMode (WIZARD_MODE_SYS_DEVICE)) + return 1; + + // Hidden volume for hidden OS has been created. Now we will prepare our boot loader + // that will handle the OS cloning. + try + { + WaitCursor(); + + BootEncObj->PrepareHiddenOSCreation (nVolumeEA, FIRST_MODE_OF_OPERATION_ID, hash_algo); + } + catch (Exception &e) + { + e.Show (MainDlg); + NormalCursor(); + return 1; + } + + bHiddenVol = FALSE; + + LoadPage (hwndDlg, SYSENC_PRETEST_INFO_PAGE); + } + else + LoadPage (hwndDlg, INTRO_PAGE); + + SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL")); + bHiddenVolFinished = FALSE; + WipePasswordsAndKeyfiles (); + + return 1; + } + else + { + /* We're going to scan the bitmap of the hidden volume host (in the non-Direct hidden volume wizard mode) */ + int retCode; + WaitCursor (); + + if (hiddenVolHostDriveNo != -1) // If the hidden volume host is mounted + { + BOOL tmp_result; + + // Dismount the hidden volume host (in order to remount it as read-only subsequently) + CloseVolumeExplorerWindows (hwndDlg, hiddenVolHostDriveNo); + while (!(tmp_result = UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE))) + { + if (MessageBoxW (hwndDlg, GetString ("CANT_DISMOUNT_OUTER_VOL"), lpszTitle, MB_RETRYCANCEL | MB_ICONERROR | MB_SETFOREGROUND) != IDRETRY) + { + // Cancel + NormalCursor(); + return 1; + } + } + if (tmp_result) // If dismounted + hiddenVolHostDriveNo = -1; + } + + if (hiddenVolHostDriveNo < 0) // If the hidden volume host is not mounted + { + // Remount the hidden volume host as read-only (to ensure consistent and secure + // results of the volume bitmap scanning) + switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, hash_algo, volumePim, TRUE)) + { + case ERR_NO_FREE_DRIVES: + MessageBoxW (hwndDlg, GetString ("NO_FREE_DRIVE_FOR_OUTER_VOL"), lpszTitle, ICON_HAND); + NormalCursor (); + return 1; + + case ERR_VOL_MOUNT_FAILED: + case ERR_PASSWORD_WRONG: + NormalCursor (); + return 1; + + case 0: + + /* Hidden volume host successfully mounted as read-only */ + + // Verify that the outer volume contains a suitable file system, retrieve cluster size, and + // scan the volume bitmap + if (!IsAdmin () && IsUacSupported ()) + retCode = UacAnalyzeHiddenVolumeHost (hwndDlg, &hiddenVolHostDriveNo, GetVolumeDataAreaSize (FALSE, nHiddenVolHostSize), &realClusterSize, &nbrFreeClusters); + else + retCode = AnalyzeHiddenVolumeHost (hwndDlg, &hiddenVolHostDriveNo, GetVolumeDataAreaSize (FALSE, nHiddenVolHostSize), &realClusterSize, &nbrFreeClusters); + + switch (retCode) + { + case -1: // Fatal error + CloseVolumeExplorerWindows (hwndDlg, hiddenVolHostDriveNo); + + if (UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE)) + hiddenVolHostDriveNo = -1; + + AbortProcessSilent (); + break; + + case 0: // Unsupported file system (or other non-fatal error which has already been reported) + NormalCursor (); + return 1; + + case 1: // Success + { + BOOL tmp_result; + + // Determine the maximum possible size of the hidden volume + if (DetermineMaxHiddenVolSize (hwndDlg) < 1) + { + NormalCursor (); + goto ovf_end; + } + + /* Maximum possible size of the hidden volume successfully determined */ + + // Dismount the hidden volume host + while (!(tmp_result = UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE))) + { + if (MessageBoxW (hwndDlg, GetString ("CANT_DISMOUNT_OUTER_VOL"), lpszTitle, MB_RETRYCANCEL) != IDRETRY) + { + // Cancel + NormalCursor (); + goto ovf_end; + } + } + + // Prevent having to recreate the outer volume due to inadvertent exit + bConfirmQuit = TRUE; + + hiddenVolHostDriveNo = -1; + + nNewPageNo = HIDDEN_VOL_HOST_PRE_CIPHER_PAGE; + + // Clear the outer volume password + WipePasswordsAndKeyfiles (); + + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), TRUE); + NormalCursor (); + + } + break; + } + break; + } + } + } + } + + else if (nCurPageNo == DEVICE_WIPE_PAGE) + { + if (AskWarnOkCancel (bHiddenOS && IsHiddenOSRunning() ? "CONFIRM_WIPE_START_DECOY_SYS_PARTITION" : "CONFIRM_WIPE_START", hwndDlg) == IDOK) + { + WipeStart (); + ArrowWaitCursor(); + } + return 1; + } + + LoadPage (hwndDlg, nNewPageNo + 1); +ovf_end: + return 1; + } + else if (lw == IDC_PREV) + { + if (nCurPageNo == SYSENC_SPAN_PAGE) + { + // Skip irrelevant pages when going back + if (!bHiddenOS) + nNewPageNo = SYSENC_TYPE_PAGE + 1; + } + if (nCurPageNo == SYSENC_MULTI_BOOT_MODE_PAGE) + { + // Skip the drive analysis page(s) or other irrelevant pages when going back + if (bHiddenOS) + nNewPageNo = SYSENC_HIDDEN_OS_REQ_CHECK_PAGE + 1; + else if (bWholeSysDrive) + nNewPageNo = SYSENC_PRE_DRIVE_ANALYSIS_PAGE + 1; + else + nNewPageNo = SYSENC_SPAN_PAGE + 1; + } + else if (nCurPageNo == SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_PAGE) + { + if (SysEncMultiBootCfg.NumberOfSysDrives == 1) + { + // We can skip SYSENC_MULTI_BOOT_ADJACENT_SYS_PAGE (it is implied that there are multiple systems on the drive) + nNewPageNo = SYSENC_MULTI_BOOT_NBR_SYS_DRIVES_PAGE + 1; + } + } + else if (nCurPageNo == HIDDEN_VOL_HOST_PRE_CIPHER_PAGE) + { + if (bHiddenOS) + { + if (!ChangeWizardMode (WIZARD_MODE_SYS_DEVICE)) + { + NormalCursor (); + return 1; + } + + // Skip irrelevant pages. + // Note that we're ignoring nMultiBoot here, as the multi-boot question pages are skipped + // when creating a hidden OS (only a single message box is displayed with requirements). + nNewPageNo = SYSENC_MULTI_BOOT_MODE_PAGE + 1; + } + else + { + nNewPageNo = VOLUME_LOCATION_PAGE + 1; + } + } + else if (nCurPageNo == HIDDEN_VOL_WIZARD_MODE_PAGE) + { + if (IsButtonChecked (GetDlgItem (hCurPage, IDC_HIDVOL_WIZ_MODE_DIRECT))) + bHiddenVolDirect = TRUE; + else + bHiddenVolDirect = FALSE; + } + else if (nCurPageNo == VOLUME_TYPE_PAGE) + { + if (WizardMode != WIZARD_MODE_SYS_DEVICE) + nNewPageNo = INTRO_PAGE + 1; // Skip irrelevant pages + } + else if (nCurPageNo == VOLUME_LOCATION_PAGE) + { + BOOL tmpbDevice; + + GetWindowText (GetDlgItem (hCurPage, IDC_COMBO_BOX), szFileName, ARRAYSIZE (szFileName)); + CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szFileName, &tmpbDevice); + + if (tmpbDevice == bDevice) + { + MoveEditToCombo (GetDlgItem (hCurPage, IDC_COMBO_BOX), bHistory); + SaveSettings (hCurPage); + } + + if (!bHiddenVol) + nNewPageNo = VOLUME_TYPE_PAGE + 1; // Skip the hidden volume creation wizard mode selection + } + + else if (nCurPageNo == CIPHER_PAGE) + { + LPARAM nIndex; + nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0); + nVolumeEA = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0); + + nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX_HASH_ALGO), CB_GETCURSEL, 0, 0); + hash_algo = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX_HASH_ALGO), CB_GETITEMDATA, nIndex, 0); + + RandSetHashFunction (hash_algo); + + if (WizardMode == WIZARD_MODE_SYS_DEVICE) + { + if (nMultiBoot > 1) + nNewPageNo = SYSENC_MULTI_BOOT_OUTCOME_PAGE + 1; // Skip irrelevant pages + else + nNewPageNo = SYSENC_MULTI_BOOT_MODE_PAGE + 1; // Skip irrelevant pages + } + else if (!bHiddenVol) + nNewPageNo = (bDevice ? DEVICE_TRANSFORM_MODE_PAGE : VOLUME_LOCATION_PAGE) + 1; + else if (bHiddenVolHost) + nNewPageNo = HIDDEN_VOL_HOST_PRE_CIPHER_PAGE + 1; // Skip the info on the hidden volume + } + + else if (nCurPageNo == SIZE_PAGE) + { + VerifySizeAndUpdate (hCurPage, TRUE); + } + + else if (nCurPageNo == FILESYS_PAGE) + { + if (nNeedToStoreFilesOver4GB != Get2RadButtonPageAnswer()) + fileSystem = FILESYS_NONE; // The user may have gone back and changed the answer, so default file system must be reselected + + nNeedToStoreFilesOver4GB = Get2RadButtonPageAnswer(); + + nNewPageNo = (PimEnable? PIM_PAGE : PASSWORD_PAGE) + 1; // Skip PIM page if it is not enabled + } + + else if (nCurPageNo == PASSWORD_PAGE) + { + // Store the password in case we need to restore it after keyfile is applied to it + GetPassword (hCurPage, IDC_PASSWORD, szRawPassword, sizeof (szRawPassword), FALSE); + + VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (MainDlg, IDC_NEXT), + GetDlgItem (hCurPage, IDC_PASSWORD), + GetDlgItem (hCurPage, IDC_VERIFY), + volumePassword.Text, + szVerify, + KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect ()); + + volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); + + + nNewPageNo = SIZE_PAGE + 1; // Skip the hidden volume host password page + + if (SysEncInEffect ()) + { + nNewPageNo = CIPHER_PAGE + 1; // Skip irrelevant pages + + KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); + + if (bKeyboardLayoutChanged) + { + // Restore the original keyboard layout + if (LoadKeyboardLayout (OrigKeyboardLayout, KLF_ACTIVATE | KLF_SUBSTITUTE_OK) == NULL) + Warning ("CANNOT_RESTORE_KEYBOARD_LAYOUT", hwndDlg); + else + bKeyboardLayoutChanged = FALSE; + } + } + else if (bInPlaceEncNonSys) + nNewPageNo = CIPHER_PAGE + 1; + } + + else if (nCurPageNo == PIM_PAGE) + { + volumePim = GetPim (hCurPage, IDC_PIM); + } + + else if (nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE + || nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) + { + // Store the password in case we need to restore it after keyfile is applied to it + GetPassword (hCurPage, IDC_PASSWORD_DIRECT, szRawPassword, MAX_PASSWORD + 1, FALSE); + + memcpy (volumePassword.Text, szRawPassword, MAX_PASSWORD + 1); + volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); + + if (!bInPlaceEncNonSys) + nNewPageNo = VOLUME_LOCATION_PAGE + 1; + } + + else if (nCurPageNo == SYSENC_COLLECTING_RANDOM_DATA_PAGE + || nCurPageNo == NONSYS_INPLACE_ENC_RAND_DATA_PAGE) + { + wchar_t tmp[RANDPOOL_DISPLAY_SIZE+1]; + + KillTimer (hwndDlg, TIMER_ID_RANDVIEW); + + // Attempt to wipe the GUI field showing portions of randpool + wmemset (tmp, L'X', ARRAYSIZE(tmp)); + tmp [ARRAYSIZE(tmp)-1] = 0; + SetWindowText (hRandPoolSys, tmp); + + nNewPageNo = (PimEnable? PIM_PAGE : PASSWORD_PAGE) + 1; // Skip irrelevant pages + } + + else if (nCurPageNo == SYSENC_KEYS_GEN_PAGE) + { + wchar_t tmp[KEY_GUI_VIEW_SIZE+1]; + + // Attempt to wipe the GUI fields showing portions of the master and header keys + wmemset (tmp, L'X', ARRAYSIZE(tmp)); + tmp [ARRAYSIZE(tmp)-1] = 0; + SetWindowText (hMasterKey, tmp); + SetWindowText (hHeaderKey, tmp); + } + + else if (nCurPageNo == SYSENC_WIPE_MODE_PAGE) + { + if (bDontVerifyRescueDisk) + nNewPageNo = SYSENC_RESCUE_DISK_VERIFIED_PAGE; // Skip irrelevant pages + } + + else if (nCurPageNo == FORMAT_PAGE) + { + wchar_t tmp[RNG_POOL_SIZE*2+1]; + + KillTimer (hwndDlg, TIMER_ID_RANDVIEW); + + // Attempt to wipe the GUI fields showing portions of randpool, of the master and header keys + wmemset (tmp, L'X', ARRAYSIZE(tmp)); + tmp [ARRAYSIZE(tmp)-1] = 0; + SetWindowText (hRandPool, tmp); + SetWindowText (hMasterKey, tmp); + SetWindowText (hHeaderKey, tmp); + + if (WizardMode != WIZARD_MODE_SYS_DEVICE) + { + // Skip irrelevant pages + + if (FileSize4GBLimitQuestionNeeded () + && !CreatingHiddenSysVol() // If we're creating a hidden volume for a hidden OS, we don't need to format it with any filesystem (the entire OS will be copied to the hidden volume sector by sector). + && !bInPlaceEncNonSys) + { + nNewPageNo = FILESYS_PAGE + 1; + } + else + nNewPageNo = (PimEnable? PIM_PAGE : PASSWORD_PAGE) + 1; + } + } + + LoadPage (hwndDlg, nNewPageNo - 1); + + return 1; + } + + return 0; + + case WM_ENDSESSION: + EndMainDlg (MainDlg); + localcleanup (); + return 0; + + case WM_CLOSE: + PostMessage (hwndDlg, TC_APPMSG_FORMAT_USER_QUIT, 0, 0); + return 1; + } + + return 0; +} + +void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine) +{ + wchar_t **lpszCommandLineArgs = NULL; /* Array of command line arguments */ + int nNoCommandLineArgs; /* The number of arguments in the array */ + + if (_wcsicmp (lpszCommandLine, L"-Embedding") == 0) + { + ComServerMode = TRUE; + return; + } + + /* Extract command line arguments */ + nNoCommandLineArgs = Win32CommandLine (&lpszCommandLineArgs); + if (nNoCommandLineArgs > 0) + { + int i; + + for (i = 0; i < nNoCommandLineArgs; i++) + { + enum + { + OptionHistory, + OptionNoIsoCheck, + OptionQuit, + OptionTokenLib, + CommandResumeSysEncLogOn, + CommandResumeSysEnc, + CommandDecryptSysEnc, + CommandEncDev, + CommandHiddenSys, + CommandResumeNonSysInplaceLogOn, + CommandResumeHiddenSys, + CommandSysEnc, + CommandInplaceDec, + CommandResumeInplaceDec, + CommandResumeInplace, + OptionEncryption, + OptionFilesystem, + OptionPkcs5, + OptionPassword, + OptionPim, + OptionSize, + OptionCreate, + OptionSilent, + OptionDynamic, + OptionForce, + }; + + argument args[]= + { + // Public + { OptionHistory, L"/history", L"/h", FALSE }, + { OptionNoIsoCheck, L"/noisocheck", L"/n", FALSE }, + { OptionTokenLib, L"/tokenlib", NULL, FALSE }, + { OptionQuit, L"/quit", L"/q", FALSE }, + { OptionEncryption, L"/encryption", NULL , FALSE }, + { OptionFilesystem, L"/filesystem", NULL , FALSE }, + { OptionPkcs5, L"/hash", NULL , FALSE }, + { OptionPassword, L"/password", NULL, FALSE }, + { OptionPim, L"/pim", NULL, FALSE }, + { OptionSize, L"/size", NULL, FALSE }, + { OptionCreate, L"/create", NULL, FALSE }, + { OptionSilent, L"/silent", NULL, FALSE }, + { OptionDynamic, L"/dynamic", NULL, FALSE }, + { OptionForce, L"/force", NULL, FALSE }, + + // Internal + { CommandResumeSysEncLogOn, L"/acsysenc", L"/a", TRUE }, + { CommandResumeSysEnc, L"/csysenc", L"/c", TRUE }, + { CommandDecryptSysEnc, L"/dsysenc", L"/d", TRUE }, + { CommandEncDev, L"/encdev", L"/e", TRUE }, + { CommandHiddenSys, L"/isysenc", L"/i", TRUE }, + { CommandResumeNonSysInplaceLogOn, L"/prinplace", L"/p", TRUE }, + { CommandResumeHiddenSys, L"/risysenc", L"/r", TRUE }, + { CommandSysEnc, L"/sysenc", L"/s", TRUE }, + { CommandInplaceDec, L"/inplacedec", NULL, TRUE }, + { CommandResumeInplaceDec, L"/resumeinplacedec",NULL, TRUE }, + { CommandResumeInplace, L"/zinplace", L"/z", TRUE } + }; + + argumentspec as; + + int x; + + if (lpszCommandLineArgs[i] == NULL) + continue; + + as.args = args; + as.arg_cnt = sizeof(args)/ sizeof(args[0]); + + x = GetArgumentID (&as, lpszCommandLineArgs[i]); + + switch (x) + { + case OptionCreate: + { + DirectCreationMode = TRUE; + + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, + szFileName, ARRAYSIZE (szFileName))) + { + RelativePath2Absolute (szFileName); + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + break; + case OptionEncryption: + { + wchar_t szTmp[64] = {0}; + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, + &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) + { + CmdVolumeEA = EAGetByName (szTmp); + if (CmdVolumeEA == 0) + AbortProcess ("COMMAND_LINE_ERROR"); + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + break; + case OptionFilesystem: + { + wchar_t szTmp[8] = {0}; + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, + &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) + { + if (_wcsicmp(szTmp, L"NONE") == 0) + CmdVolumeFilesystem = FILESYS_NONE; + else if (_wcsicmp(szTmp, L"FAT32") == 0 || _wcsicmp(szTmp, L"FAT") == 0) + CmdVolumeFilesystem = FILESYS_FAT; + else if (_wcsicmp(szTmp, L"NTFS") == 0) + CmdVolumeFilesystem = FILESYS_NTFS; + else if (IsOSVersionAtLeast (WIN_VISTA, 1) && _wcsicmp(szTmp, L"EXFAT") == 0) + CmdVolumeFilesystem = FILESYS_EXFAT; + else + { + AbortProcess ("COMMAND_LINE_ERROR"); + } + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + break; + case OptionPassword: + { + wchar_t szTmp[MAX_PASSWORD + 1]; + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, + szTmp, ARRAYSIZE (szTmp))) + { + int iLen = WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, (LPSTR) CmdVolumePassword.Text, MAX_PASSWORD + 1, NULL, NULL); + burn (szTmp, sizeof (szTmp)); + if (iLen > 0) + CmdVolumePassword.Length = (unsigned __int32) (iLen - 1); + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + break; + case OptionPkcs5: + { + wchar_t szTmp[32] = {0}; + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, + &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) + { + if (_wcsicmp(szTmp, L"sha512") == 0 || _wcsicmp(szTmp, L"sha-512") == 0) + CmdVolumePkcs5 = SHA512; + else if (_wcsicmp(szTmp, L"whirlpool") == 0) + CmdVolumePkcs5 = WHIRLPOOL; + else if (_wcsicmp(szTmp, L"sha256") == 0 || _wcsicmp(szTmp, L"sha-256") == 0) + CmdVolumePkcs5 = SHA256; + else if (_wcsicmp(szTmp, L"ripemd160") == 0 || _wcsicmp(szTmp, L"ripemd-160") == 0) + CmdVolumePkcs5 = RIPEMD160; + else + { + CmdVolumePkcs5 = 0; + AbortProcess ("COMMAND_LINE_ERROR"); + } + + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + break; + + case OptionPim: + { + wchar_t szTmp[32] = {0}; + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, + &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) + { + wchar_t* endPtr = NULL; + CmdVolumePim = (int) wcstol(szTmp, &endPtr, 0); + if (CmdVolumePim < 0 || CmdVolumePim > MAX_PIM_VALUE || endPtr == szTmp || *endPtr != L'\0') + { + CmdVolumePim = 0; + AbortProcess ("COMMAND_LINE_ERROR"); + } + + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + break; + case OptionSilent: + Silent = TRUE; + break; + case OptionDynamic: + CmdSparseFileSwitch = TRUE; + break; + case OptionForce: + bForceOperation = TRUE; + break; + case OptionSize: + { + wchar_t szTmp[32] = {0}; + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, + &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp)) + && (wcslen (szTmp) >= 2) + ) + { + /* size can be expressed in bytes or with suffixes K, M,G or T + * to indicate the unit to use + */ + unsigned __int64 multiplier; + wchar_t* endPtr = NULL; + wchar_t lastChar = szTmp [wcslen (szTmp) - 1]; + if (lastChar >= L'0' && lastChar <= L'9') + multiplier = 1; + else if (lastChar == L'K' || lastChar == L'k') + multiplier = BYTES_PER_KB; + else if (lastChar == L'M' || lastChar == L'm') + multiplier = BYTES_PER_MB; + else if (lastChar == L'G' || lastChar == L'g') + multiplier = BYTES_PER_GB; + else if (lastChar == L'T' || lastChar == L't') + multiplier = BYTES_PER_TB; + else + AbortProcess ("COMMAND_LINE_ERROR"); + + if (multiplier != 1) + szTmp [wcslen (szTmp) - 1] = 0; + + CmdVolumeFileSize = _wcstoui64(szTmp, &endPtr, 0); + if (CmdVolumeFileSize == 0 || CmdVolumeFileSize == _UI64_MAX + || endPtr == szTmp || *endPtr != L'\0') + { + AbortProcess ("COMMAND_LINE_ERROR"); + } + + CmdVolumeFileSize *= multiplier; + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + break; + case CommandSysEnc: + // Encrypt system partition/drive (passed by Mount if system encryption hasn't started or to reverse decryption) + + // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption + if (CreateSysEncMutex ()) + { + bDirectSysEncMode = TRUE; + bDirectSysEncModeCommand = SYSENC_COMMAND_ENCRYPT; + ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); + } + else + { + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); + exit(0); + } + + break; + + case CommandDecryptSysEnc: + // Decrypt system partition/drive (passed by Mount, also to reverse encryption in progress, when paused) + + // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption + if (CreateSysEncMutex ()) + { + bDirectSysEncMode = TRUE; + bDirectSysEncModeCommand = SYSENC_COMMAND_DECRYPT; + ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); + } + else + { + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); + exit(0); + } + break; + + case CommandHiddenSys: + // Create a hidden operating system (passed by Mount when the user selects System -> Create Hidden Operating System) + + // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption + if (CreateSysEncMutex ()) + { + bDirectSysEncMode = TRUE; + bDirectSysEncModeCommand = SYSENC_COMMAND_CREATE_HIDDEN_OS; + ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); + } + else + { + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); + exit(0); + } + + break; + + case CommandResumeHiddenSys: + // Resume process of creation of a hidden operating system (passed by Wizard when the user needs to UAC-elevate the whole wizard process) + + // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption + if (CreateSysEncMutex ()) + { + bDirectSysEncMode = TRUE; + bDirectSysEncModeCommand = SYSENC_COMMAND_CREATE_HIDDEN_OS_ELEV; + ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); + } + else + { + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); + exit(0); + } + + break; + + case CommandResumeSysEnc: + // Resume previous system-encryption operation (passed by Mount) e.g. encryption, decryption, or pretest + + // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption + if (CreateSysEncMutex ()) + { + bDirectSysEncMode = TRUE; + bDirectSysEncModeCommand = SYSENC_COMMAND_RESUME; + ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); + } + else + { + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); + exit(0); + } + break; + + case CommandResumeSysEncLogOn: + // Same as csysenc but passed only by the system (from the startup sequence) + + // From now on, we should be the only instance of the TC wizard allowed to deal with system encryption + if (CreateSysEncMutex ()) + { + bDirectSysEncMode = TRUE; + bDirectSysEncModeCommand = SYSENC_COMMAND_STARTUP_SEQ_RESUME; + ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); + } + else + { + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); + exit(0); + } + break; + + case CommandEncDev: + // Resume process of creation of a non-sys-device-hosted volume (passed by Wizard when the user needs to UAC-elevate) + DirectDeviceEncMode = TRUE; + break; + + case CommandInplaceDec: + // Start (not resume) decrypting the specified non-system volume in place + { + wchar_t szTmp [TC_MAX_PATH + 8000] = {0}; + + GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp)); + + if (wcslen (szTmp) < 1) + { + // No valid volume path specified as command-line parameter + AbortProcess ("ERR_PARAMETER_INCORRECT"); + } + + memset (szFileName, 0, sizeof (szFileName)); + StringCbCopyW (szFileName, sizeof (szFileName), szTmp); + DirectNonSysInplaceDecStartMode = TRUE; + } + break; + + case CommandResumeInplace: + // Resume interrupted process of non-system in-place encryption of a partition + DirectNonSysInplaceEncResumeMode = TRUE; + break; + + case CommandResumeInplaceDec: + // Resume interrupted process of non-system in-place decryption of a partition + DirectNonSysInplaceDecResumeMode = TRUE; + break; + + case CommandResumeNonSysInplaceLogOn: + // Ask the user whether to resume interrupted process of non-system in-place encryption of a partition + // This switch is passed only by the system (from the startup sequence). + DirectPromptNonSysInplaceEncResumeMode = TRUE; + break; + + case OptionNoIsoCheck: + bDontVerifyRescueDisk = TRUE; + break; + + case OptionHistory: + { + wchar_t szTmp[8] = {0}; + bHistory = bHistoryCmdLine = TRUE; + + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, + szTmp, ARRAYSIZE (szTmp))) + { + if (!_wcsicmp(szTmp,L"y") || !_wcsicmp(szTmp,L"yes")) + { + bHistory = TRUE; + } + + else if (!_wcsicmp(szTmp,L"n") || !_wcsicmp(szTmp,L"no")) + { + bHistory = FALSE; + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + } + break; + + case OptionTokenLib: + if (GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, SecurityTokenLibraryPath, ARRAYSIZE (SecurityTokenLibraryPath)) == HAS_ARGUMENT) + InitSecurityTokenLibrary(hwndDlg); + else + AbortProcess ("COMMAND_LINE_ERROR"); + + break; + + case OptionQuit: + { + // Used to indicate non-install elevation + wchar_t szTmp[32]; + if (GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp)) != HAS_ARGUMENT) + AbortProcess ("COMMAND_LINE_ERROR"); + } + break; + + default: + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_COMMANDHELP_DLG), hwndDlg, (DLGPROC) + CommandHelpDlgProc, (LPARAM) &as); + + exit(0); + } + } + } + + /* Free up the command line arguments */ + while (--nNoCommandLineArgs >= 0) + { + free (lpszCommandLineArgs[nNoCommandLineArgs]); + } + + if (lpszCommandLineArgs) + free (lpszCommandLineArgs); +} + + +int DetermineMaxHiddenVolSize (HWND hwndDlg) +{ + __int64 nbrReserveBytes; + + if (nbrFreeClusters * realClusterSize < TC_MIN_HIDDEN_VOLUME_SIZE) + { + MessageBoxW (hwndDlg, GetString ("NO_SPACE_FOR_HIDDEN_VOL"), lpszTitle, ICON_HAND); + UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE); + AbortProcessSilent (); + } + + // Add a reserve (in case the user mounts the outer volume and creates new files + // on it by accident or OS writes some new data behind his or her back, such as + // System Restore etc.) + nbrReserveBytes = GetVolumeDataAreaSize (FALSE, nHiddenVolHostSize) / 200; + if (nbrReserveBytes > BYTES_PER_MB * 10) + nbrReserveBytes = BYTES_PER_MB * 10; + + // Compute the final value + + nMaximumHiddenVolSize = nbrFreeClusters * realClusterSize - TC_HIDDEN_VOLUME_HOST_FS_RESERVED_END_AREA_SIZE - nbrReserveBytes; + nMaximumHiddenVolSize -= nMaximumHiddenVolSize % realClusterSize; // Must be a multiple of the sector size + + if (nMaximumHiddenVolSize < TC_MIN_HIDDEN_VOLUME_SIZE) + { + MessageBoxW (hwndDlg, GetString ("NO_SPACE_FOR_HIDDEN_VOL"), lpszTitle, ICON_HAND); + UnmountVolume (hwndDlg, hiddenVolHostDriveNo, TRUE); + AbortProcessSilent (); + } + + // Prepare the hidden volume size parameters + if (nMaximumHiddenVolSize < BYTES_PER_MB) + nMultiplier = BYTES_PER_KB; + else if (nMaximumHiddenVolSize < BYTES_PER_GB) + nMultiplier = BYTES_PER_MB; + else if (nMaximumHiddenVolSize < BYTES_PER_TB) + nMultiplier = BYTES_PER_GB; + else + nMultiplier = BYTES_PER_TB; + + nUIVolumeSize = 0; // Set the initial value for the hidden volume size input field to the max + nVolumeSize = nUIVolumeSize * nMultiplier; // Chop off possible remainder + + return 1; +} + + +// Tests whether the file system of the given volume is suitable to host a hidden volume, +// retrieves the cluster size, and scans the volume cluster bitmap. In addition, checks +// the TrueCrypt volume format version and the type of volume. +int AnalyzeHiddenVolumeHost (HWND hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *pnbrFreeClusters) +{ + HANDLE hDevice; + DWORD bytesReturned; + DWORD dwSectorsPerCluster, dwBytesPerSector, dwNumberOfFreeClusters, dwTotalNumberOfClusters; + DWORD dwResult; + int result; + wchar_t szFileSystemNameBuffer[256]; + wchar_t tmpPath[7] = {L'\\',L'\\',L'.',L'\\',(wchar_t) *driveNo + L'A',L':',0}; + wchar_t szRootPathName[4] = {(wchar_t) *driveNo + L'A', L':', L'\\', 0}; + BYTE readBuffer[TC_MAX_VOLUME_SECTOR_SIZE * 2]; + LARGE_INTEGER offset, offsetNew; + VOLUME_PROPERTIES_STRUCT volProp; + + memset (&volProp, 0, sizeof(volProp)); + volProp.driveNo = *driveNo; + if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &volProp, sizeof (volProp), &volProp, sizeof (volProp), &dwResult, NULL) || dwResult == 0) + { + handleWin32Error (hwndDlg, SRC_POS); + Error ("CANT_ACCESS_OUTER_VOL", hwndDlg); + goto efsf_error; + } + + if (volProp.volFormatVersion < TC_VOLUME_FORMAT_VERSION) + { + // We do not support creating hidden volumes within volumes created by TrueCrypt 5.1a or earlier. + Error ("ERR_VOL_FORMAT_BAD", hwndDlg); + return 0; + } + + if (volProp.hiddenVolume) + { + // The user entered a password for a hidden volume + Error ("ERR_HIDDEN_NOT_NORMAL_VOLUME", hwndDlg); + return 0; + } + + if (volProp.volumeHeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC + || volProp.volumeHeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM) + { + Warning ("ERR_HIDDEN_VOL_HOST_ENCRYPTED_INPLACE", hwndDlg); + return 0; + } + + hDevice = CreateFile (tmpPath, GENERIC_READ, FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (hDevice == INVALID_HANDLE_VALUE) + { + MessageBoxW (hwndDlg, GetString ("CANT_ACCESS_OUTER_VOL"), lpszTitle, ICON_HAND); + goto efsf_error; + } + + offset.QuadPart = 0; + + if (SetFilePointerEx (hDevice, offset, &offsetNew, FILE_BEGIN) == 0) + { + handleWin32Error (hwndDlg, SRC_POS); + goto efs_error; + } + + result = ReadFile (hDevice, &readBuffer, TC_MAX_VOLUME_SECTOR_SIZE, &bytesReturned, NULL); + + if (result == 0) + { + handleWin32Error (hwndDlg, SRC_POS); + MessageBoxW (hwndDlg, GetString ("CANT_ACCESS_OUTER_VOL"), lpszTitle, ICON_HAND); + goto efs_error; + } + + CloseHandle (hDevice); + hDevice = INVALID_HANDLE_VALUE; + + // Determine file system type + + GetVolumeInformation(szRootPathName, NULL, 0, NULL, NULL, NULL, szFileSystemNameBuffer, ARRAYSIZE(szFileSystemNameBuffer)); + + // The Windows API sometimes fails to indentify the file system correctly so we're using "raw" analysis too. + if (!wcsncmp (szFileSystemNameBuffer, L"FAT", 3) + || (readBuffer[0x36] == 'F' && readBuffer[0x37] == 'A' && readBuffer[0x38] == 'T') + || (readBuffer[0x52] == 'F' && readBuffer[0x53] == 'A' && readBuffer[0x54] == 'T')) + { + // FAT12/FAT16/FAT32 + + // Retrieve the cluster size + *realClusterSize = ((int) readBuffer[0xb] + ((int) readBuffer[0xc] << 8)) * (int) readBuffer[0xd]; + + // Get the map of the clusters that are free and in use on the outer volume. + // The map will be scanned to determine the size of the uninterrupted block of free + // space (provided there is any) whose end is aligned with the end of the volume. + // The value will then be used to determine the maximum possible size of the hidden volume. + + return ScanVolClusterBitmap (hwndDlg, + driveNo, + hiddenVolHostSize / *realClusterSize, + pnbrFreeClusters); + } + else if (!wcsncmp (szFileSystemNameBuffer, L"NTFS", 4) || !_wcsnicmp (szFileSystemNameBuffer, L"exFAT", 5)) + { + // NTFS + bool bIsNtfs = (0 == wcsncmp (szFileSystemNameBuffer, L"NTFS", 4)); + + if (nCurrentOS == WIN_2000) + { + Error("HIDDEN_VOL_HOST_UNSUPPORTED_FILESYS_WIN2000", hwndDlg); + return 0; + } + + if (bIsNtfs && bHiddenVolDirect && GetVolumeDataAreaSize (FALSE, hiddenVolHostSize) <= TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize()) + Info ("HIDDEN_VOL_HOST_NTFS", hwndDlg); + + if (!GetDiskFreeSpace(szRootPathName, + &dwSectorsPerCluster, + &dwBytesPerSector, + &dwNumberOfFreeClusters, + &dwTotalNumberOfClusters)) + { + handleWin32Error (hwndDlg, SRC_POS); + Error ("CANT_GET_OUTER_VOL_INFO", hwndDlg); + return -1; + }; + + *realClusterSize = dwBytesPerSector * dwSectorsPerCluster; + + // Get the map of the clusters that are free and in use on the outer volume. + // The map will be scanned to determine the size of the uninterrupted block of free + // space (provided there is any) whose end is aligned with the end of the volume. + // The value will then be used to determine the maximum possible size of the hidden volume. + + return ScanVolClusterBitmap (hwndDlg, + driveNo, + hiddenVolHostSize / *realClusterSize, + pnbrFreeClusters); + } + else + { + // Unsupported file system + + Error ((nCurrentOS == WIN_2000) ? "HIDDEN_VOL_HOST_UNSUPPORTED_FILESYS_WIN2000" : "HIDDEN_VOL_HOST_UNSUPPORTED_FILESYS", hwndDlg); + return 0; + } + +efs_error: + CloseHandle (hDevice); + +efsf_error: + CloseVolumeExplorerWindows (hwndDlg, *driveNo); + + return -1; +} + + +// Mounts a volume within which the user intends to create a hidden volume +int MountHiddenVolHost (HWND hwndDlg, wchar_t *volumePath, int *driveNo, Password *password, int pkcs5_prf, int pim, BOOL bReadOnly) +{ + MountOptions mountOptions; + ZeroMemory (&mountOptions, sizeof (mountOptions)); + + *driveNo = GetLastAvailableDrive (); + + if (*driveNo == -1) + { + *driveNo = -2; + return ERR_NO_FREE_DRIVES; + } + + mountOptions.ReadOnly = bReadOnly; + mountOptions.Removable = ConfigReadInt ("MountVolumesRemovable", FALSE); + mountOptions.ProtectHiddenVolume = FALSE; + mountOptions.PreserveTimestamp = bPreserveTimestamp; + mountOptions.PartitionInInactiveSysEncScope = FALSE; + mountOptions.UseBackupHeader = FALSE; + + if (MountVolume (hwndDlg, *driveNo, volumePath, password, pkcs5_prf, pim, FALSE, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1) + { + *driveNo = -3; + return ERR_VOL_MOUNT_FAILED; + } + return 0; +} + + +/* Gets the map of the clusters that are free and in use on a volume that is to host + a hidden volume. The map is scanned to determine the size of the uninterrupted + area of free space (provided there is any) whose end is aligned with the end + of the volume. The value will then be used to determine the maximum possible size + of the hidden volume. */ +int ScanVolClusterBitmap (HWND hwndDlg, int *driveNo, __int64 nbrClusters, __int64 *nbrFreeClusters) +{ + PVOLUME_BITMAP_BUFFER lpOutBuffer; + STARTING_LCN_INPUT_BUFFER lpInBuffer; + + HANDLE hDevice; + DWORD lBytesReturned; + BYTE rmnd; + wchar_t tmpPath[7] = {L'\\',L'\\',L'.',L'\\', (wchar_t) *driveNo + L'A', L':', 0}; + + DWORD bufLen; + __int64 bitmapCnt; + + hDevice = CreateFile (tmpPath, GENERIC_READ, FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); + + if (hDevice == INVALID_HANDLE_VALUE) + { + MessageBoxW (hwndDlg, GetString ("CANT_ACCESS_OUTER_VOL"), lpszTitle, ICON_HAND); + goto vcmf_error; + } + + bufLen = (DWORD) (nbrClusters / 8 + 2 * sizeof(LARGE_INTEGER)); + bufLen += 100000 + bufLen/10; // Add reserve + + lpOutBuffer = (PVOLUME_BITMAP_BUFFER) malloc (bufLen); + + if (lpOutBuffer == NULL) + { + MessageBoxW (hwndDlg, GetString ("ERR_MEM_ALLOC"), lpszTitle, ICON_HAND); + goto vcm_error; + } + + lpInBuffer.StartingLcn.QuadPart = 0; + + if ( !DeviceIoControl (hDevice, + FSCTL_GET_VOLUME_BITMAP, + &lpInBuffer, + sizeof(lpInBuffer), + lpOutBuffer, + bufLen, + &lBytesReturned, + NULL)) + { + handleWin32Error (hwndDlg, SRC_POS); + MessageBoxW (hwndDlg, GetString ("CANT_GET_CLUSTER_BITMAP"), lpszTitle, ICON_HAND); + + goto vcm_error; + } + + rmnd = (BYTE) (lpOutBuffer->BitmapSize.QuadPart % 8); + + if ((rmnd != 0) + && ((lpOutBuffer->Buffer[lpOutBuffer->BitmapSize.QuadPart / 8] & ((1 << rmnd)-1) ) != 0)) + { + *nbrFreeClusters = 0; + } + else + { + *nbrFreeClusters = lpOutBuffer->BitmapSize.QuadPart; + bitmapCnt = lpOutBuffer->BitmapSize.QuadPart / 8; + + // Scan the bitmap from the end + while (--bitmapCnt >= 0) + { + if (lpOutBuffer->Buffer[bitmapCnt] != 0) + { + // There might be up to 7 extra free clusters in this byte of the bitmap. + // These are ignored because there is always a cluster reserve added anyway. + *nbrFreeClusters = lpOutBuffer->BitmapSize.QuadPart - ((bitmapCnt + 1) * 8); + break; + } + } + } + + CloseHandle (hDevice); + free(lpOutBuffer); + return 1; + +vcm_error: + CloseHandle (hDevice); + if (lpOutBuffer) free(lpOutBuffer); + +vcmf_error: + return -1; +} + + +// Wipe the hidden OS config flag bits in the MBR +static BOOL WipeHiddenOSCreationConfig (void) +{ + if (!IsHiddenOSRunning()) + { + try + { + WaitCursor(); + finally_do ({ NormalCursor(); }); + + BootEncObj->WipeHiddenOSCreationConfig(); + } + catch (Exception &e) + { + e.Show (MainDlg); + return FALSE; + } + } + + return TRUE; +} + + +// Tasks that need to be performed after the WM_INITDIALOG message for the SYSENC_ENCRYPTION_PAGE dialog is +// handled should be done here (otherwise the UAC prompt causes the GUI to be only half-rendered). +static void AfterSysEncProgressWMInitTasks (HWND hwndDlg) +{ + try + { + switch (SystemEncryptionStatus) + { + case SYSENC_STATUS_ENCRYPTING: + + if (BootEncStatus.ConfiguredEncryptedAreaStart == BootEncStatus.EncryptedAreaStart + && BootEncStatus.ConfiguredEncryptedAreaEnd == BootEncStatus.EncryptedAreaEnd) + { + // The partition/drive had been fully encrypted + + ManageStartupSeqWiz (TRUE, L""); + WipeHiddenOSCreationConfig(); // For extra conservative security + ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); + + Info ("SYSTEM_ENCRYPTION_FINISHED", hwndDlg); + EndMainDlg (MainDlg); + return; + } + else + { + SysEncResume (); + } + + break; + + case SYSENC_STATUS_DECRYPTING: + SysEncResume (); + break; + + default: + + // Unexpected mode here -- fix the inconsistency + + ManageStartupSeqWiz (TRUE, L""); + ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); + EndMainDlg (MainDlg); + InconsistencyResolved (SRC_POS); + return; + } + } + catch (Exception &e) + { + e.Show (hwndDlg); + EndMainDlg (MainDlg); + return; + } + + InitSysEncProgressBar (); + + UpdateSysEncProgressBar (); + + UpdateSysEncControls (); +} + + +// Tasks that need to be performed after the WM_INITDIALOG message is handled must be done here. +// For example, any tasks that may invoke the UAC prompt (otherwise the UAC dialog box would not be on top). +static void AfterWMInitTasks (HWND hwndDlg) +{ + // Note that if bDirectSysEncModeCommand is not SYSENC_COMMAND_NONE, we already have the mutex. + + // SYSENC_COMMAND_DECRYPT has the highest priority because it also performs uninstallation (restores the + // original contents of the first drive cylinder, etc.) so it must be attempted regardless of the phase + // or content of configuration files. + if (bDirectSysEncModeCommand == SYSENC_COMMAND_DECRYPT) + { + if (IsHiddenOSRunning()) + { + Warning ("CANNOT_DECRYPT_HIDDEN_OS", hwndDlg); + AbortProcessSilent(); + } + + // Add the wizard to the system startup sequence + ManageStartupSeqWiz (FALSE, L"/acsysenc"); + + ChangeSystemEncryptionStatus (SYSENC_STATUS_DECRYPTING); + LoadPage (hwndDlg, SYSENC_ENCRYPTION_PAGE); + return; + } + + + if (SystemEncryptionStatus == SYSENC_STATUS_ENCRYPTING + || SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING) + { + try + { + BootEncStatus = BootEncObj->GetStatus(); + + if (!BootEncStatus.DriveMounted) + { + if (!BootEncStatus.DeviceFilterActive) + { + // This is an inconsistent state. SystemEncryptionStatus should never be SYSENC_STATUS_ENCRYPTING + // or SYSENC_STATUS_DECRYPTING when the drive filter is not active. Possible causes: 1) corrupted + // or stale config file, 2) corrupted system + + // Fix the inconsistency + ManageStartupSeqWiz (TRUE, L""); + ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); + EndMainDlg (MainDlg); + InconsistencyResolved (SRC_POS); + return; + } + else if (bDirectSysEncMode) + { + // This is an inconsistent state. We have a direct system encryption command, + // SystemEncryptionStatus is SYSENC_STATUS_ENCRYPTING or SYSENC_STATUS_DECRYPTING, the + // system drive is not 'mounted' and drive filter is active. Possible causes: 1) The drive had + // been decrypted in the pre-boot environment. 2) The OS is not located on the lowest partition, + // the drive is to be fully encrypted, but the user rebooted before encryption reached the + // system partition and then pressed Esc in the boot loader screen. 3) Corrupted or stale config + // file. 4) Damaged system. + + Warning ("SYSTEM_ENCRYPTION_SCHEDULED_BUT_PBA_FAILED", hwndDlg); + EndMainDlg (MainDlg); + return; + } + } + } + catch (Exception &e) + { + e.Show (MainDlg); + } + } + + + if (SystemEncryptionStatus != SYSENC_STATUS_PRETEST) + { + // Handle system encryption command line arguments (if we're not in the Pretest phase). + // Note that if bDirectSysEncModeCommand is not SYSENC_COMMAND_NONE, we already have the mutex. + // Also note that SYSENC_COMMAND_DECRYPT is handled above. + + switch (bDirectSysEncModeCommand) + { + case SYSENC_COMMAND_RESUME: + case SYSENC_COMMAND_STARTUP_SEQ_RESUME: + + if (bDirectSysEncModeCommand == SYSENC_COMMAND_STARTUP_SEQ_RESUME + && AskWarnYesNo ("SYSTEM_ENCRYPTION_RESUME_PROMPT", hwndDlg) == IDNO) + { + EndMainDlg (MainDlg); + return; + } + + if (SysEncryptionOrDecryptionRequired ()) + { + if (SystemEncryptionStatus != SYSENC_STATUS_ENCRYPTING + && SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING) + { + // If the config file with status was lost or not written correctly, we + // don't know whether to encrypt or decrypt (but we know that encryption or + // decryption is required). Ask the user to select encryption, decryption, + // or cancel + if (!ResolveUnknownSysEncDirection ()) + { + EndMainDlg (MainDlg); + return; + } + } + + LoadPage (hwndDlg, SYSENC_ENCRYPTION_PAGE); + return; + } + else + { + // Nothing to resume + Warning ("NO_SYS_ENC_PROCESS_TO_RESUME", hwndDlg); + EndMainDlg (MainDlg); + + return; + } + break; + + case SYSENC_COMMAND_ENCRYPT: + + if (SysDriveOrPartitionFullyEncrypted (FALSE)) + { + Info ("SYS_PARTITION_OR_DRIVE_APPEARS_FULLY_ENCRYPTED", hwndDlg); + EndMainDlg (MainDlg); + return; + } + + if (SysEncryptionOrDecryptionRequired ()) + { + // System partition/drive encryption process already initiated but is incomplete. + // If we were encrypting, resume the process directly. If we were decrypting, reverse + // the process and start encrypting. + + ChangeSystemEncryptionStatus (SYSENC_STATUS_ENCRYPTING); + LoadPage (hwndDlg, SYSENC_ENCRYPTION_PAGE); + return; + } + else + { + // Initiate the Pretest preparation phase + if (!SwitchWizardToSysEncMode ()) + { + bDirectSysEncMode = FALSE; + EndMainDlg (MainDlg); + } + return; + } + + break; + + case SYSENC_COMMAND_CREATE_HIDDEN_OS_ELEV: + case SYSENC_COMMAND_CREATE_HIDDEN_OS: + + if (!SwitchWizardToHiddenOSMode ()) + { + bDirectSysEncMode = FALSE; + EndMainDlg (MainDlg); + } + return; + } + } + + + if (!bDirectSysEncMode + || bDirectSysEncMode && SystemEncryptionStatus == SYSENC_STATUS_NONE) + { + // Handle system encryption cases where the wizard did not start even though it + // was added to the startup sequence, as well as other weird cases and "leftovers" + + if (SystemEncryptionStatus != SYSENC_STATUS_NONE + && SystemEncryptionStatus != SYSENC_STATUS_PRETEST + && SysEncryptionOrDecryptionRequired ()) + { + // System encryption/decryption had been in progress and did not finish + + if (CreateSysEncMutex ()) // If no other instance is currently taking care of system encryption + { + if (AskWarnYesNo ("SYSTEM_ENCRYPTION_RESUME_PROMPT", hwndDlg) == IDYES) + { + bDirectSysEncMode = TRUE; + ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); + LoadPage (hwndDlg, SYSENC_ENCRYPTION_PAGE); + return; + } + else + CloseSysEncMutex (); + } + } + + else if (SystemEncryptionStatus == SYSENC_STATUS_PRETEST) + { + // System pretest had been in progress but we were not launched during the startup seq + + if (CreateSysEncMutex ()) // If no other instance is currently taking care of system encryption + { + // The pretest has "priority handling" + bDirectSysEncMode = TRUE; + ChangeWizardMode (WIZARD_MODE_SYS_DEVICE); + + /* Do not return yet -- the principal pretest handler is below. */ + } + } + + else if ((SystemEncryptionStatus == SYSENC_STATUS_NONE || SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING) + && !BootEncStatus.DriveEncrypted + && (BootEncStatus.DriveMounted || BootEncStatus.VolumeHeaderPresent)) + { + // The pretest may have been in progress but we can't be sure (it is not in the config file). + // Another possibility is that the user had finished decrypting the drive, but the config file + // was not correctly updated. In both cases the best thing we can do is remove the header and + // deinstall. Otherwise, the result might be some kind of deadlock. + + if (CreateSysEncMutex ()) // If no other instance is currently taking care of system encryption + { + WaitCursor (); + + ForceRemoveSysEnc(); + + InconsistencyResolved (SRC_POS); + + NormalCursor(); + CloseSysEncMutex (); + } + } + } + + if (bDirectSysEncMode && CreateSysEncMutex ()) + { + // We were launched either by Mount or by the system (startup sequence). Most of such cases should have + // been handled above already. Here we handle only the pretest phase (which can also be a hidden OS + // creation phase actually) and possible inconsistencies. + + switch (SystemEncryptionStatus) + { + case SYSENC_STATUS_PRETEST: + { + unsigned int hiddenOSCreationPhase = DetermineHiddenOSCreationPhase(); + + bHiddenOS = (hiddenOSCreationPhase != TC_HIDDEN_OS_CREATION_PHASE_NONE); + + // Evaluate the results of the system encryption pretest (or of the hidden OS creation process) + + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (hwndDlg); + Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", hwndDlg); + EndMainDlg (MainDlg); + return; + } + + if (BootEncStatus.DriveMounted) + { + /* Pretest successful or hidden OS has been booted during the process of hidden OS creation. */ + + switch (hiddenOSCreationPhase) + { + case TC_HIDDEN_OS_CREATION_PHASE_NONE: + + // Pretest successful (or the hidden OS has been booted for the first time since the user started installing a new decoy OS) + + if (IsHiddenOSRunning()) + { + // The hidden OS has been booted for the first time since the user started installing a + // new decoy OS (presumably, our MBR config flags have been erased). + + // As for things we are responsible for, the process of hidden OS creation is completed + // (the rest is up to the user). + + ManageStartupSeqWiz (TRUE, L""); + ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); + + EndMainDlg (MainDlg); + + return; + } + + // Pretest successful (no hidden operating system involved) + + LoadPage (hwndDlg, SYSENC_PRETEST_RESULT_PAGE); + return; + + case TC_HIDDEN_OS_CREATION_PHASE_WIPING: + + // Hidden OS has been booted when we are supposed to wipe the original OS + + LoadPage (hwndDlg, SYSENC_HIDDEN_OS_INITIAL_INFO_PAGE); + return; + + case TC_HIDDEN_OS_CREATION_PHASE_WIPED: + + // Hidden OS has been booted and the original OS wiped. Now the user is required to install a new, decoy, OS. + + TextInfoDialogBox (TC_TBXID_DECOY_OS_INSTRUCTIONS); + + EndMainDlg (MainDlg); + return; + + default: + + // Unexpected/unknown status + ReportUnexpectedState (SRC_POS); + EndMainDlg (MainDlg); + return; + } + } + else + { + BOOL bAnswerTerminate = FALSE, bAnswerRetry = FALSE; + + /* Pretest failed + or hidden OS cloning has been interrupted (and non-hidden OS is running) + or wiping of the original OS has not been started (and non-hidden OS is running) */ + + if (hiddenOSCreationPhase == TC_HIDDEN_OS_CREATION_PHASE_NONE) + { + // Pretest failed (no hidden operating system involved) + + if (AskWarnYesNo ("BOOT_PRETEST_FAILED_RETRY", hwndDlg) == IDYES) + { + // User wants to retry the pretest + bAnswerTerminate = FALSE; + bAnswerRetry = TRUE; + } + else + { + // User doesn't want to retry the pretest + bAnswerTerminate = TRUE; + bAnswerRetry = FALSE; + } + } + else + { + // Hidden OS cloning was interrupted or wiping of the original OS has not been started + + char *tmpStr[] = {0, + hiddenOSCreationPhase == TC_HIDDEN_OS_CREATION_PHASE_WIPING ? "OS_WIPING_NOT_FINISHED_ASK" : "HIDDEN_OS_CREATION_NOT_FINISHED_ASK", + "HIDDEN_OS_CREATION_NOT_FINISHED_CHOICE_RETRY", + "HIDDEN_OS_CREATION_NOT_FINISHED_CHOICE_TERMINATE", + "HIDDEN_OS_CREATION_NOT_FINISHED_CHOICE_ASK_LATER", + 0}; + + switch (AskMultiChoice ((void **) tmpStr, FALSE, hwndDlg)) + { + case 1: + // User wants to restart and continue/retry + bAnswerTerminate = FALSE; + bAnswerRetry = TRUE; + break; + + case 2: + // User doesn't want to retry but wants to terminate the entire process of hidden OS creation + bAnswerTerminate = TRUE; + bAnswerRetry = FALSE; + break; + + default: + // User doesn't want to do anything now + bAnswerTerminate = FALSE; + bAnswerRetry = FALSE; + } + } + + + if (bAnswerRetry) + { + // User wants to restart and retry the pretest (or hidden OS creation) + + // We re-register the driver for boot because the user may have selected + // "Last Known Good Configuration" from the Windows boot menu. + // Note that we need to do this even when creating a hidden OS (because + // the hidden OS needs our boot driver and it will be a clone of this OS). + try + { + BootEncObj->RegisterBootDriver (bHiddenOS ? true : false); + } + catch (Exception &e) + { + e.Show (NULL); + } + + if (AskWarnYesNo ("CONFIRM_RESTART", hwndDlg) == IDYES) + { + EndMainDlg (MainDlg); + + try + { + BootEncObj->RestartComputer (); + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + + return; + } + + EndMainDlg (MainDlg); + return; + } + else if (bAnswerTerminate) + { + // User doesn't want to retry pretest (or OS cloning), but to terminate the entire process + + try + { + BootEncObj->Deinstall (true); + } + catch (Exception &e) + { + e.Show (hwndDlg); + AbortProcessSilent(); + } + + ManageStartupSeqWiz (TRUE, L""); + ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); + EndMainDlg (MainDlg); + return; + } + else + { + // User doesn't want to take any action now + + AbortProcessSilent(); + } + } + } + break; + + default: + + // Unexpected progress status -- fix the inconsistency + + ManageStartupSeqWiz (TRUE, L""); + ChangeSystemEncryptionStatus (SYSENC_STATUS_NONE); + EndMainDlg (MainDlg); + InconsistencyResolved (SRC_POS); + return; + } + } + else + { + if (DirectDeviceEncMode) + { + SwitchWizardToNonSysDeviceMode(); + return; + } + + if (DirectPromptNonSysInplaceEncResumeMode + && !bInPlaceEncNonSysPending) + { + // This instance of the wizard has been launched via the system startup sequence to prompt for resume of + // a non-system in-place encryption/decryption process. However, no config file indicates that any such process + // has been interrupted. This inconsistency may occur, for example, when the process is finished + // but the wizard is not removed from the startup sequence because system encryption is in progress. + // Therefore, we remove it from the startup sequence now if possible. + + if (!IsNonInstallMode () && SystemEncryptionStatus == SYSENC_STATUS_NONE) + ManageStartupSeqWiz (TRUE, L""); + + AbortProcessSilent (); + } + + BOOL bDecrypt = FALSE; + + if (DirectNonSysInplaceDecStartMode) + { + SwitchWizardToNonSysInplaceDecStartMode (szFileName); + return; + } + else if (DirectNonSysInplaceEncResumeMode || DirectNonSysInplaceDecResumeMode) + { + SwitchWizardToNonSysInplaceEncResumeMode (DirectNonSysInplaceDecResumeMode); + return; + } + else if (DirectPromptNonSysInplaceEncResumeMode) + { + if (NonSysInplaceEncInProgressElsewhere ()) + AbortProcessSilent (); + + if (AskNonSysInPlaceEncryptionResume(hwndDlg, &bDecrypt) == IDYES) + SwitchWizardToNonSysInplaceEncResumeMode(bDecrypt); + else + AbortProcessSilent (); + + return; + } + else if (bInPlaceEncNonSysPending + && !NonSysInplaceEncInProgressElsewhere () + && AskNonSysInPlaceEncryptionResume(hwndDlg, &bDecrypt) == IDYES) + { + SwitchWizardToNonSysInplaceEncResumeMode(bDecrypt); + return; + } + + LoadPage (hwndDlg, INTRO_PAGE); + } +} + +int WINAPI wWinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, wchar_t *lpszCommandLine, int nCmdShow) +{ + int status; + atexit (localcleanup); + + VirtualLock (&volumePassword, sizeof(volumePassword)); + VirtualLock (szVerify, sizeof(szVerify)); + VirtualLock (szRawPassword, sizeof(szRawPassword)); + VirtualLock (&volumePim, sizeof(volumePim)); + VirtualLock (&CmdVolumePassword, sizeof (CmdVolumePassword)); + + VirtualLock (MasterKeyGUIView, sizeof(MasterKeyGUIView)); + VirtualLock (HeaderKeyGUIView, sizeof(HeaderKeyGUIView)); + + VirtualLock (randPool, sizeof(randPool)); + VirtualLock (lastRandPool, sizeof(lastRandPool)); + VirtualLock (outRandPoolDispBuffer, sizeof(outRandPoolDispBuffer)); + VirtualLock (&mouseEntropyGathered, sizeof(mouseEntropyGathered)); + VirtualLock (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount)); + VirtualLock (maskRandPool, sizeof(maskRandPool)); + + VirtualLock (&szFileName, sizeof(szFileName)); + VirtualLock (&szDiskFile, sizeof(szDiskFile)); + + DetectX86Features (); + + try + { + BootEncObj = new BootEncryption (NULL); + } + catch (Exception &e) + { + e.Show (NULL); + } + + if (BootEncObj == NULL) + AbortProcess ("INIT_SYS_ENC"); + + InitApp (hInstance, lpszCommandLine); + + // Write block size greater than 64 KB causes a performance drop when writing to files on XP/Vista + if (!IsOSAtLeast (WIN_7)) + FormatWriteBufferSize = 64 * 1024; + +#if TC_MAX_VOLUME_SECTOR_SIZE > 64 * 1024 +#error TC_MAX_VOLUME_SECTOR_SIZE > 64 * 1024 +#endif + + nPbar = IDC_PROGRESS_BAR; + + if (Randinit ()) + { + DWORD dwLastError = GetLastError (); + wchar_t szTmp[4096]; + if (CryptoAPILastError == ERROR_SUCCESS) + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("INIT_RAND"), SRC_POS, dwLastError); + else + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CAPI_RAND"), SRC_POS, CryptoAPILastError); + AbortProcessDirect (szTmp); + } + + RegisterRedTick(hInstance); + + /* Allocate, dup, then store away the application title */ + lpszTitle = GetString ("IDD_VOL_CREATION_WIZARD_DLG"); + + status = DriverAttach (); + if (status != 0) + { + if (status == ERR_OS_ERROR) + handleWin32Error (NULL, SRC_POS); + else + handleError (NULL, status, SRC_POS); + + AbortProcess ("NODRIVER"); + } + + if (!AutoTestAlgorithms()) + AbortProcess ("ERR_SELF_TESTS_FAILED"); + + /* Create the main dialog box */ + DialogBoxParamW (hInstance, MAKEINTRESOURCEW (IDD_VOL_CREATION_WIZARD_DLG), NULL, (DLGPROC) MainDialogProc, + (LPARAM)lpszCommandLine); + + FinalizeApp (); + return 0; +} + + +static DWORD GetFormatSectorSize () +{ + if (!bDevice) + return TC_SECTOR_SIZE_FILE_HOSTED_VOLUME; + + DISK_GEOMETRY geometry; + + if (!GetDriveGeometry (szDiskFile, &geometry)) + { + handleWin32Error (MainDlg, SRC_POS); + AbortProcessSilent(); + } + + return geometry.BytesPerSector; +} diff --git a/src/Format/Tcformat.h b/src/Format/Tcformat.h index e6d64a08..c45e6916 100644 --- a/src/Format/Tcformat.h +++ b/src/Format/Tcformat.h @@ -1,109 +1,109 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Common/Common.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#define NBR_KEY_BYTES_TO_DISPLAY 16 -#define KEY_GUI_VIEW_SIZE 64 // Max characters of the key hex dump to display - -enum timer_ids -{ - TIMER_ID_RANDVIEW = 0xff, - TIMER_ID_SYSENC_PROGRESS, - TIMER_ID_NONSYS_INPLACE_ENC_PROGRESS, - TIMER_ID_WIPE_PROGRESS, - TIMER_ID_SYSENC_DRIVE_ANALYSIS_PROGRESS, - TIMER_ID_KEYB_LAYOUT_GUARD -}; - -static void localcleanup ( void ); -static void LoadSettings ( HWND hwndDlg ); -static void SaveSettings ( HWND hwndDlg ); -static void EndMainDlg ( HWND hwndDlg ); -void ComboSelChangeEA ( HWND hwndDlg ); -static void VerifySizeAndUpdate ( HWND hwndDlg , BOOL bUpdate ); -static void __cdecl sysEncDriveAnalysisThread (void *hwndDlgArg); -static void __cdecl volTransformThreadFunction ( void *hwndDlg ); -static void LoadPage ( HWND hwndDlg , int nPageNo ); -__int64 PrintFreeSpace ( HWND hwndTextBox , wchar_t *lpszDrive , PLARGE_INTEGER lDiskFree ); -void DisplaySizingErrorText ( HWND hwndTextBox ); -void EnableDisableFileNext ( HWND hComboBox , HWND hMainButton ); -BOOL QueryFreeSpace ( HWND hwndDlg , HWND hwndTextBox , BOOL display ); -static BOOL FinalPreTransformPrompts (void); -void UpdateLastDialogId (void); -void HandleOldAssignedDriveLetter (void); -void AddCipher ( HWND hComboBox , char *lpszCipher , int nCipher ); -BOOL CALLBACK PageDialogProc ( HWND hwndDlg , UINT uMsg , WPARAM wParam , LPARAM lParam ); -BOOL CALLBACK MainDialogProc ( HWND hwndDlg , UINT uMsg , WPARAM wParam , LPARAM lParam ); -void ExtractCommandLine ( HWND hwndDlg , wchar_t *lpszCommandLine ); -void DisplayRandPool (HWND hwndDlg, HWND hPoolDisplay, BOOL bShow); -void DisplayPortionsOfKeys (HWND headerKeyHandle, HWND masterKeyHandle, wchar_t *headerKeyStr, wchar_t *masterKeyStr, BOOL hideKeys); -int DetermineMaxHiddenVolSize (HWND hwndDlg); -BOOL IsSparseFile (HWND hwndDlg); -BOOL GetFileVolSize (HWND hwndDlg, unsigned __int64 *size); -BOOL SwitchWizardToSysEncMode (void); -void SwitchWizardToFileContainerMode (void); -static BOOL ResolveUnknownSysEncDirection (void); -static BOOL WipeHiddenOSCreationConfig (void); -static void AfterWMInitTasks (HWND hwndDlg); -static void AfterSysEncProgressWMInitTasks (HWND hwndDlg); -static void InitSysEncProgressBar (void); -static void InitNonSysInplaceEncProgressBar (void); -static void UpdateNonSysInplaceEncProgressBar (void); -static BOOL SysEncInEffect (void); -static BOOL CreatingHiddenSysVol(void); -static void NonSysInplaceEncPause (void); -static void NonSysInplaceEncResume (void); -void ShowNonSysInPlaceEncUIStatus (void); -void UpdateNonSysInPlaceEncControls (void); -int MountHiddenVolHost ( HWND hwndDlg, wchar_t *volumePath, int *driveNo, Password *password, int pkcs5_prf, int pim, BOOL bReadOnly ); -int AnalyzeHiddenVolumeHost (HWND hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *pnbrFreeClusters); -int ScanVolClusterBitmap ( HWND hwndDlg, int *driveNo, __int64 nbrClusters, __int64 *nbrFreeClusters); -static void WipeStart (void); -static void WipeAbort (void); -static void UpdateWipeProgressBar (void); -static void InitWipeProgressBar (void); -static void UpdateWipeControls (void); -static DWORD GetFormatSectorSize (); - -extern BOOL showKeys; -extern volatile HWND hMasterKey; -extern volatile HWND hHeaderKey; -extern volatile BOOL bHiddenVolHost; -extern volatile BOOL bHiddenVolDirect; -extern BOOL bRemovableHostDevice; -extern BOOL bWarnDeviceFormatAdvanced; -extern HWND hCurPage; -extern HWND hProgressBar; -extern volatile BOOL bVolTransformThreadCancel; -extern volatile BOOL bInPlaceEncNonSysResumed; -extern volatile BOOL bFirstNonSysInPlaceEncResumeDone; -extern volatile BOOL bInPlaceEncNonSys; -extern volatile BOOL bInPlaceDecNonSys; -extern __int64 NonSysInplaceEncBytesDone; -extern __int64 NonSysInplaceEncTotalSize; -extern int nPbar; -extern volatile int WizardMode; -extern volatile BOOL bInPlaceEncNonSysResumed; - -extern wchar_t HeaderKeyGUIView [KEY_GUI_VIEW_SIZE]; -extern wchar_t MasterKeyGUIView [KEY_GUI_VIEW_SIZE]; -extern volatile int NonSysInplaceEncStatus; - -#ifdef __cplusplus -} -#endif +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Common/Common.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#define NBR_KEY_BYTES_TO_DISPLAY 16 +#define KEY_GUI_VIEW_SIZE 64 // Max characters of the key hex dump to display + +enum timer_ids +{ + TIMER_ID_RANDVIEW = 0xff, + TIMER_ID_SYSENC_PROGRESS, + TIMER_ID_NONSYS_INPLACE_ENC_PROGRESS, + TIMER_ID_WIPE_PROGRESS, + TIMER_ID_SYSENC_DRIVE_ANALYSIS_PROGRESS, + TIMER_ID_KEYB_LAYOUT_GUARD +}; + +static void localcleanup ( void ); +static void LoadSettings ( HWND hwndDlg ); +static void SaveSettings ( HWND hwndDlg ); +static void EndMainDlg ( HWND hwndDlg ); +void ComboSelChangeEA ( HWND hwndDlg ); +static void VerifySizeAndUpdate ( HWND hwndDlg , BOOL bUpdate ); +static void __cdecl sysEncDriveAnalysisThread (void *hwndDlgArg); +static void __cdecl volTransformThreadFunction ( void *hwndDlg ); +static void LoadPage ( HWND hwndDlg , int nPageNo ); +__int64 PrintFreeSpace ( HWND hwndTextBox , wchar_t *lpszDrive , PLARGE_INTEGER lDiskFree ); +void DisplaySizingErrorText ( HWND hwndTextBox ); +void EnableDisableFileNext ( HWND hComboBox , HWND hMainButton ); +BOOL QueryFreeSpace ( HWND hwndDlg , HWND hwndTextBox , BOOL display ); +static BOOL FinalPreTransformPrompts (void); +void UpdateLastDialogId (void); +void HandleOldAssignedDriveLetter (void); +void AddCipher ( HWND hComboBox , char *lpszCipher , int nCipher ); +BOOL CALLBACK PageDialogProc ( HWND hwndDlg , UINT uMsg , WPARAM wParam , LPARAM lParam ); +BOOL CALLBACK MainDialogProc ( HWND hwndDlg , UINT uMsg , WPARAM wParam , LPARAM lParam ); +void ExtractCommandLine ( HWND hwndDlg , wchar_t *lpszCommandLine ); +void DisplayRandPool (HWND hwndDlg, HWND hPoolDisplay, BOOL bShow); +void DisplayPortionsOfKeys (HWND headerKeyHandle, HWND masterKeyHandle, wchar_t *headerKeyStr, wchar_t *masterKeyStr, BOOL hideKeys); +int DetermineMaxHiddenVolSize (HWND hwndDlg); +BOOL IsSparseFile (HWND hwndDlg); +BOOL GetFileVolSize (HWND hwndDlg, unsigned __int64 *size); +BOOL SwitchWizardToSysEncMode (void); +void SwitchWizardToFileContainerMode (void); +static BOOL ResolveUnknownSysEncDirection (void); +static BOOL WipeHiddenOSCreationConfig (void); +static void AfterWMInitTasks (HWND hwndDlg); +static void AfterSysEncProgressWMInitTasks (HWND hwndDlg); +static void InitSysEncProgressBar (void); +static void InitNonSysInplaceEncProgressBar (void); +static void UpdateNonSysInplaceEncProgressBar (void); +static BOOL SysEncInEffect (void); +static BOOL CreatingHiddenSysVol(void); +static void NonSysInplaceEncPause (void); +static void NonSysInplaceEncResume (void); +void ShowNonSysInPlaceEncUIStatus (void); +void UpdateNonSysInPlaceEncControls (void); +int MountHiddenVolHost ( HWND hwndDlg, wchar_t *volumePath, int *driveNo, Password *password, int pkcs5_prf, int pim, BOOL bReadOnly ); +int AnalyzeHiddenVolumeHost (HWND hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *pnbrFreeClusters); +int ScanVolClusterBitmap ( HWND hwndDlg, int *driveNo, __int64 nbrClusters, __int64 *nbrFreeClusters); +static void WipeStart (void); +static void WipeAbort (void); +static void UpdateWipeProgressBar (void); +static void InitWipeProgressBar (void); +static void UpdateWipeControls (void); +static DWORD GetFormatSectorSize (); + +extern BOOL showKeys; +extern volatile HWND hMasterKey; +extern volatile HWND hHeaderKey; +extern volatile BOOL bHiddenVolHost; +extern volatile BOOL bHiddenVolDirect; +extern BOOL bRemovableHostDevice; +extern BOOL bWarnDeviceFormatAdvanced; +extern HWND hCurPage; +extern HWND hProgressBar; +extern volatile BOOL bVolTransformThreadCancel; +extern volatile BOOL bInPlaceEncNonSysResumed; +extern volatile BOOL bFirstNonSysInPlaceEncResumeDone; +extern volatile BOOL bInPlaceEncNonSys; +extern volatile BOOL bInPlaceDecNonSys; +extern __int64 NonSysInplaceEncBytesDone; +extern __int64 NonSysInplaceEncTotalSize; +extern int nPbar; +extern volatile int WizardMode; +extern volatile BOOL bInPlaceEncNonSysResumed; + +extern wchar_t HeaderKeyGUIView [KEY_GUI_VIEW_SIZE]; +extern wchar_t MasterKeyGUIView [KEY_GUI_VIEW_SIZE]; +extern volatile int NonSysInplaceEncStatus; + +#ifdef __cplusplus +} +#endif diff --git a/src/License.html b/src/License.html index e2c48145..c839cd05 100644 --- a/src/License.html +++ b/src/License.html @@ -1,179 +1,179 @@ - - - - -VeraCrypt License - - - -VeraCrypt License
-
-Software distributed under this license is distributed on an "AS IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE SOFTWARE, NOR ANY PART(S) THEREOF.
-
-VeraCrypt is governed by the TrueCrypt License version 3.0, a verbatim copy of this version of the TrueCrypt License can be found below. -
-This license does not grant you rights to use any contributors' name, logo, or trademarks, including IDRIX, VeraCrypt and all derivative names. For example, the following names are not allowed: VeraCrypt, VeraCrypt+, VeraCrypt Professional, iVeraCrypt, etc. Nor any other names confusingly similar to the name VeraCrypt (e.g., Vera-Crypt, Vera Crypt, VerKrypt, etc). -
- ____________________________________________________________
-
-TrueCrypt License Version 3.0
-
-Software distributed under this license is distributed on an "AS IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE SOFTWARE, NOR ANY PART(S) THEREOF.
-
-
I. Definitions
-
1. "This Product" means the work (including, but not limited to, source code, graphics, texts, and accompanying files) made available under and governed by this version of this license ("License"), as may be indicated by, but is not limited to, copyright notice(s) attached to or included in the work.
-
2. "You" means (and "Your" refers to) an individual or a legal entity (e.g., a non-profit organization, commercial organization, government agency, etc.) exercising permissions granted by this License.
-
3. "Modification" means (and "modify" refers to) any alteration of This Product, including, but not limited to, addition to or deletion from the substance or structure of This Product, translation into another language, repackaging, alteration or removal of any file included with This Product, and addition of any new files to This Product.
-
-4. "Your Product" means This Product modified by You, or any work You derive from (or base on) any part of This Product. In addition, "Your Product" means any work in which You include any (modified or unmodified) portion of This Product. However, if the work in which you include it is an aggregate software distribution (such as an operating system distribution or a cover CD-ROM of a magazine) containing multiple separate products, then the term "Your Product" includes only those products (in the aggregate software distribution) that use, include, or depend on a modified or unmodified version of This Product (and the term "Your Product" does not include the whole aggregate software distribution). For the purposes of this License, a product suite consisting of two or more products is considered a single product (operating system distributions and cover media of magazines are not considered product suites).
-
5. "Distribution" means (and "distribute" refers to), regardless of means or methods, conveyance, transfer, providing, or making available of This/Your Product or portions thereof to third parties (including, but not limited to, making This/Your Product, or portions thereof, available for download to third parties, whether or not any third party has downloaded the product, or any portion thereof, made available for download).
-

-
II. Use, Copying, and Distribution of This Product
-
-1. Provided that You comply with all applicable terms and conditions of this License, You may make copies of This Product (unmodified) and distribute copies of This Product (unmodified) that are not included in another product forming Your Product (except as permitted under Chapter III). Note: For terms and conditions for copying and distribution of modified versions of This Product, see Chapter III.
-
2. Provided that You comply with all applicable terms and conditions of this License, You may use This Product freely (see also Chapter III) on any number of computers/systems for non-commercial and/or commercial purposes.
-

-
III. Modification, Derivation, and Inclusion in Other Products
-
-1. If all conditions specified in the following paragraphs in this Chapter (III) are met (for exceptions, see Section III.2) and if You comply with all other applicable terms and conditions of this License, You may modify This Product (thus forming Your Product), derive new works from This Product or portions thereof (thus forming Your Product), include This Product or portions thereof in another product (thus forming Your Product, unless defined otherwise in Chapter I), and You may use (for non-commercial and/or commercial purposes), copy, and/or distribute Your Product.
-
-
    -
  1. The name of Your Product (or of Your modified version of This Product) must not contain the name TrueCrypt (for example, the following names are not allowed: TrueCrypt, TrueCrypt+, TrueCrypt Professional, iTrueCrypt, etc.) nor any other names confusingly similar to the name TrueCrypt (e.g., True-Crypt, True Crypt, TruKrypt, etc.)
    -
    - All occurrences of the name TrueCrypt that could reasonably be considered to identify Your Product must be removed from Your Product and from any associated materials. Logo(s) included in (or attached to) Your Product (and in/to associated materials) must not incorporate and must not be confusingly similar to any of the TrueCrypt logos (including, but not limited to, the non-textual logo consisting primarily of a key in stylized form) or portion(s) thereof. All graphics contained in This Product (logos, icons, etc.) must be removed from Your Product (or from Your modified version of This Product) and from any associated materials.
    -
    -
  2. -
  3. The following phrases must be removed from Your Product and from any associated materials, except the text of this License: "A TrueCrypt Foundation Release", "Released by TrueCrypt Foundation", "This is a TrueCrypt Foundation release."
    -
    -
  4. -
  5. Phrase "Based on TrueCrypt, freely available at http://www.truecrypt.org/" must be displayed by Your Product (if technically feasible) and contained in its documentation. Alternatively, if This Product or its portion You included in Your Product constitutes only a minor portion of Your Product, phrase "Portions of this product are based in part on TrueCrypt, freely available at http://www.truecrypt.org/" may be displayed instead. In each of the cases mentioned above in this paragraph, "http://www.truecrypt.org/" must be a hyperlink (if technically feasible) pointing to http://www.truecrypt.org/ and You may freely choose the location within the user interface (if there is any) of Your Product (e.g., an "About" window, etc.) and the way in which Your Product will display the respective phrase.
    -
    - Your Product (and any associated materials, e.g., the documentation, the content of the official web site of Your Product, etc.) must not present any Internet address containing the domain name truecrypt.org (or any domain name that forwards to the domain name truecrypt.org) in a manner that might suggest that it is where information about Your Product may be obtained or where bugs found in Your Product may be reported or where support for Your Product may be available or otherwise attempt to indicate that the domain name truecrypt.org is associated with Your Product.
    -
    -
  6. -
  7. The complete source code of Your Product must be freely and publicly available (for exceptions, see Section III.2) at least until You cease to distribute Your Product. This condition can be met in one or both of the following ways: (i) You include the complete source code of Your Product with every copy of Your Product that You make and distribute and You make all such copies of Your Product available to the general public free of charge, and/or (ii) You include information (valid and correct at least until You cease to distribute Your Product) about where the complete source code of Your Product can be obtained free of charge (e.g., an Internet address) or for a reasonable reproduction fee with every copy of Your Product that You make and distribute and, if there is a web site officially associated with Your Product, You include the aforementioned information about the source code on a freely and publicly accessible web page to which such web site links via an easily viewable hyperlink (at least until You cease to distribute Your Product).
    -
    -The source code of Your Product must not be deliberately obfuscated and it must not be in an intermediate form (e.g., the output of a preprocessor). Source code means the preferred form in which a programmer would usually modify the program.
    -
    - Portions of the source code of Your Product not contained in This Product (e.g., portions added by You in creating Your Product, whether created by You or by third parties) must be available under license(s) that (however, see also Subsection III.1.e) allow(s) anyone to modify and derive new works from the portions of the source code that are not contained in This Product and to use, copy, and redistribute such modifications and/or derivative works. The license(s) must be perpetual, non-exclusive, royalty-free, no-charge, and worldwide, and must not invalidate, weaken, restrict, interpret, amend, modify, interfere with or otherwise affect any part, term, provision, or clause of this License. The text(s) of the license(s) must be included with every copy of Your Product that You make and distribute.

    -
  8. -
  9. You must not change the license terms of This Product in any way (adding any new terms is considered changing the license terms even if the original terms are retained), which means, e.g., that no part of This Product may be put under another license. You must keep intact all the legal notices contained in the source code files. You must include the following items with every copy of Your Product that You make and distribute: a clear and conspicuous notice stating that Your Product or portion(s) thereof is/are governed by this version of the TrueCrypt License, a verbatim copy of this version of the TrueCrypt License (as contained herein), a clear and conspicuous notice containing information about where the included copy of the License can be found, and an appropriate copyright notice.
    -
  10. -
-2. You are not obligated to comply with Subsection III.1.d if Your Product is not distributed (i.e., Your Product is available only to You).
-
-
-
- IV. Disclaimer of Liability, Disclaimer of Warranty, Indemnification
-
- You expressly acknowledge and agree to the following:
-
- 1. IN NO EVENT WILL ANY (CO)AUTHOR OF THIS PRODUCT, OR ANY APPLICABLE INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY WHO MAY COPY AND/OR (RE)DISTRIBUTE THIS PRODUCT OR PORTIONS THEREOF, AS MAY BE PERMITTED HEREIN, BE LIABLE TO YOU OR TO ANY OTHER PARTY FOR ANY DAMAGES, INCLUDING, BUT NOT LIMITED TO, ANY DIRECT, INDIRECT, GENERAL, SPECIAL, INCIDENTAL, PUNITIVE, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, CORRUPTION OR LOSS OF DATA, ANY LOSSES SUSTAINED BY YOU OR THIRD PARTIES, A FAILURE OF THIS PRODUCT TO OPERATE WITH ANY OTHER PRODUCT, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR BUSINESS INTERRUPTION), WHETHER IN CONTRACT, STRICT LIABILITY, TORT (INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE) OR OTHERWISE, ARISING OUT OF THE USE, COPYING, MODIFICATION, OR (RE)DISTRIBUTION OF THIS PRODUCT (OR A PORTION THEREOF) OR OF YOUR PRODUCT (OR A PORTION THEREOF), OR INABILITY TO USE THIS PRODUCT (OR A PORTION THEREOF), EVEN IF SUCH DAMAGES (OR THE POSSIBILITY OF SUCH DAMAGES) ARE/WERE PREDICTABLE OR KNOWN TO ANY (CO)AUTHOR, INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY.
-
- 2. THIS PRODUCT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THIS PRODUCT IS WITH YOU. SHOULD THIS PRODUCT PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.
-
- 3. THIS PRODUCT MAY INCORPORATE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS THAT ARE REGULATED (E.G., SUBJECT TO EXPORT/IMPORT CONTROL REGULATIONS) OR ILLEGAL IN SOME COUNTRIES. IT IS SOLELY YOUR RESPONSIBILITY TO VERIFY THAT IT IS LEGAL TO IMPORT AND/OR (RE)EXPORT AND/OR USE THIS PRODUCT (OR PORTIONS THEREOF) IN COUNTRIES WHERE YOU INTEND TO USE IT AND/OR TO WHICH YOU INTEND TO IMPORT IT AND/OR FROM WHICH YOU INTEND TO EXPORT IT, AND IT IS SOLELY YOUR RESPONSIBILITY TO COMPLY WITH ANY APPLICABLE REGULATIONS, RESTRICTIONS, AND LAWS.
-
-4. YOU SHALL INDEMNIFY, DEFEND AND HOLD ALL (CO)AUTHORS OF THIS PRODUCT, AND APPLICABLE INTELLECTUAL-PROPERTY OWNERS, HARMLESS FROM AND AGAINST ANY AND ALL LIABILITY, DAMAGES, LOSSES, SETTLEMENTS, PENALTIES, FINES, COSTS, EXPENSES (INCLUDING REASONABLE ATTORNEYS' FEES), DEMANDS, CAUSES OF ACTION, CLAIMS, ACTIONS, PROCEEDINGS, AND SUITS, DIRECTLY RELATED TO OR ARISING OUT OF YOUR USE, INABILITY TO USE, COPYING, (RE)DISTRIBUTION, IMPORT AND/OR (RE)EXPORT OF THIS PRODUCT (OR PORTIONS THEREOF) AND/OR YOUR BREACH OF ANY TERM OF THIS LICENSE.
-
-
-
- V. Trademarks
-
- This License does not grant permission to use trademarks associated with (or applying to) This Product, except for fair use as defined by applicable law and except for use expressly permitted or required by this License. Any attempt otherwise to use trademarks associated with (or applying to) This Product automatically and immediately terminates Your rights under This License and may constitute trademark infringement (which may be prosecuted).
-
-
-
- VI. General Terms and Conditions, Miscellaneous Provisions
-
- 1. ANYONE WHO USES AND/OR COPIES AND/OR MODIFIES AND/OR CREATES DERIVATIVE WORKS OF AND/OR (RE)DISTRIBUTES THIS PRODUCT, OR ANY PORTION(S) THEREOF, IS, BY SUCH ACTION(S), AGREEING TO BE BOUND BY AND ACCEPTING ALL TERMS AND CONDITIONS OF THIS LICENSE (AND THE RESPONSIBILITIES AND OBLIGATIONS CONTAINED IN THIS LICENSE). IF YOU DO NOT ACCEPT (AND AGREE TO BE BOUND BY) ALL TERMS AND CONDITIONS OF THIS LICENSE, DO NOT USE, COPY, MODIFY, CREATE DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY PORTION(S) THEREOF.
-
-2. YOU MAY NOT USE, MODIFY, COPY, CREATE DERIVATIVE WORKS OF, (RE)DISTRIBUTE, OR SUBLICENSE THIS PRODUCT, OR PORTION(S) THEREOF, EXCEPT AS EXPRESSLY PROVIDED IN THIS LICENSE (EVEN IF APPLICABLE LAW GIVES YOU MORE RIGHTS). ANY ATTEMPT (EVEN IF PERMITTED BY APPLICABLE LAW) OTHERWISE TO USE, MODIFY, COPY, CREATE DERIVATIVE WORKS OF, (RE)DISTRIBUTE, OR SUBLICENSE THIS PRODUCT, OR PORTION(S) THEREOF, AUTOMATICALLY AND IMMEDIATELY TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN CONSTITUTE COPYRIGHT INFRINGEMENT (WHICH MAY BE PROSECUTED). ANY CONDITIONS AND RESTRICTIONS CONTAINED IN THIS LICENSE ARE ALSO LIMITATIONS ON THE SCOPE OF THIS LICENSE AND ALSO DEFINE THE SCOPE OF YOUR RIGHTS UNDER THIS LICENSE. YOUR FAILURE TO COMPLY WITH THE TERMS AND CONDITIONS OF THIS LICENSE OR FAILURE TO PERFORM ANY APPLICABLE OBLIGATION IMPOSED BY THIS LICENSE AUTOMATICALLY AND IMMEDIATELY TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN CAUSE OR BE CONSIDERED COPYRIGHT INFRINGEMENT (WHICH MAY BE PROSECUTED). NOTHING IN THIS LICENSE SHALL IMPLY OR BE CONSTRUED AS A PROMISE, OBLIGATION, OR COVENANT NOT TO SUE FOR COPYRIGHT OR TRADEMARK INFRINGEMENT IF YOU DO NOT COMPLY WITH THE TERMS AND CONDITIONS OF THIS LICENSE.
-
- 3. This License does not constitute or imply a waiver of any intellectual property rights except as may be otherwise expressly provided in this License. This License does not transfer, assign, or convey any intellectual property rights (e.g., it does not transfer ownership of copyrights or trademarks).
-
-4. Subject to the terms and conditions of this License, You may allow a third party to use Your copy of This Product (or a copy that You make and distribute, or Your Product) provided that the third party explicitly accepts and agrees to be bound by all terms and conditions of this License and the third party is not prohibited from using This Product (or portions thereof) by this License (see, e.g., Section VI.7) or by applicable law. However, You are not obligated to ensure that the third party accepts (and agrees to be bound by all terms of) this License if You distribute only the self-extracting package (containing This Product) that does not allow the user to install (nor extract) the files contained in the package until he or she accepts and agrees to be bound by all terms and conditions of this License.
-
- 5. Without specific prior written permission from the authors of This Product (or from their common representative), You must not use the name of This Product, the names of the authors of This Product, or the names of the legal entities (or informal groups) of which the authors were/are members/employees, to endorse or promote Your Product or any work in which You include a modified or unmodified version of This Product, or to endorse or promote You or Your affiliates, or in a way that might suggest that Your Product (or any work in which You include a modified or unmodified version of This Product), You, or Your affiliates is/are endorsed by one or more authors of This Product, or in a way that might suggest that one or more authors of This Product is/are affiliated with You (or Your affiliates) or directly participated in the creation of Your Product or of any work in which You include a modified or unmodified version of This Product.
-
-6. IF YOU ARE NOT SURE WHETHER YOU UNDERSTAND ALL PARTS OF THIS LICENSE OR IF YOU ARE NOT SURE WHETHER YOU CAN COMPLY WITH ALL TERMS AND CONDITIONS OF THIS LICENSE, YOU MUST NOT USE, COPY, MODIFY, CREATE DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY PORTION(S) OF IT. YOU SHOULD CONSULT WITH A LAWYER.
-
- 7. IF (IN RELEVANT CONTEXT) ANY PROVISION OF CHAPTER IV OF THIS LICENSE IS UNENFORCEABLE, INVALID, OR PROHIBITED UNDER APPLICABLE LAW IN YOUR JURISDICTION, YOU HAVE NO RIGHTS UNDER THIS LICENSE AND YOU MUST NOT USE, COPY, MODIFY, CREATE DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY PORTION(S) THEREOF.
-
- 8. Except as otherwise provided in this License, if any provision of this License, or a portion thereof, is found to be invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of this License, and such invalid or unenforceable provision shall be construed to reflect the original intent of the provision and shall be enforced to the maximum extent permitted by applicable law so as to effect the original intent of the provision as closely as possible.
-
- ____________________________________________________________
-

-Third-Party Licenses
-
-This Product contains components that were created by third parties and that are governed by third-party licenses, which are contained hereinafter (separated by lines consisting of underscores). Each of the third-party licenses applies only to (portions of) the source code file(s) in which the third-party license is contained or in which it is explicitly referenced, and to compiled or otherwise processed forms of such source code. None of the third-party licenses applies to This Product as a whole, even when it uses terms such as "product", "program", or any other equivalent terms/phrases. This Product as a whole is governed by the TrueCrypt License (see above). Some of the third-party components have been modified by the authors of This Product. Unless otherwise stated, such modifications and additions are governed by the TrueCrypt License (see above). Note: Unless otherwise stated, graphics and files that are not part of the source code are governed by the TrueCrypt License.
-
- ____________________________________________________________
-
-
- License agreement for Encryption for the Masses.
-
- Copyright (C) 1998-2000 Paul Le Roux. All Rights Reserved.
-
- This product can be copied and distributed free of charge, including source code.
-
- You may modify this product and source code, and distribute such modifications, and you may derive new works based on this product, provided that:
-
- 1. Any product which is simply derived from this product cannot be called E4M, or Encryption for the Masses.
-
- 2. If you use any of the source code in your product, and your product is distributed with source code, you must include this notice with those portions of this source code that you use.
-
- Or,
-
- If your product is distributed in binary form only, you must display on any packaging, and marketing materials which reference your product, a notice which states:
-
- "This product uses components written by Paul Le Roux <pleroux@swprofessionals.com>"
-
- 3. If you use any of the source code originally by Eric Young, you must in addition follow his terms and conditions.
-
- 4. Nothing requires that you accept this License, as you have not signed it. However, nothing else grants you permission to modify or distribute the product or its derivative works.
-
- These actions are prohibited by law if you do not accept this License.
-
- 5. If any of these license terms is found to be to broad in scope, and declared invalid by any court or legal process, you agree that all other terms shall not be so affected, and shall remain valid and enforceable.
-
- 6. THIS PROGRAM IS DISTRIBUTED FREE OF CHARGE, THEREFORE THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. UNLESS OTHERWISE STATED THE PROGRAM IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
- 7. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM, INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS, EVEN IF SUCH HOLDER OR OTHER PARTY HAD PREVIOUSLY BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
- ____________________________________________________________
-
- Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. All rights reserved.
-
- LICENSE TERMS
-
-The free distribution and use of this software is allowed (with or without changes) provided that:
-
    -
  1. source code distributions include the above copyright notice, this list of conditions and the following disclaimer;
    -
  2. -
  3. binary distributions include the above copyright notice, this list of conditions and the following disclaimer in their documentation;
    -
  4. -
  5. the name of the copyright holder is not used to endorse products built using this software without specific written permission.
  6. -
- DISCLAIMER
-
- This software is provided 'as is' with no explicit or implied warranties in respect of its properties, including, but not limited to, correctness and/or fitness for purpose.
- ____________________________________________________________
-
- Copyright (C) 2002-2004 Mark Adler, all rights reserved
- version 1.8, 9 Jan 2004
-
- This software is provided 'as-is', without any express or implied warranty. In no event will the author be held liable for any damages arising from the use of this software.
-
-Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:
-
    -
  1. The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required.
  2. -
  3. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.
  4. -
  5. This notice may not be removed or altered from any source distribution.
  6. -
-____________________________________________________________
- - + + + + +VeraCrypt License + + + +VeraCrypt License
+
+Software distributed under this license is distributed on an "AS IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE SOFTWARE, NOR ANY PART(S) THEREOF.
+
+VeraCrypt is governed by the TrueCrypt License version 3.0, a verbatim copy of this version of the TrueCrypt License can be found below. +
+This license does not grant you rights to use any contributors' name, logo, or trademarks, including IDRIX, VeraCrypt and all derivative names. For example, the following names are not allowed: VeraCrypt, VeraCrypt+, VeraCrypt Professional, iVeraCrypt, etc. Nor any other names confusingly similar to the name VeraCrypt (e.g., Vera-Crypt, Vera Crypt, VerKrypt, etc). +
+ ____________________________________________________________
+
+TrueCrypt License Version 3.0
+
+Software distributed under this license is distributed on an "AS IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE SOFTWARE, NOR ANY PART(S) THEREOF.
+
+
I. Definitions
+
1. "This Product" means the work (including, but not limited to, source code, graphics, texts, and accompanying files) made available under and governed by this version of this license ("License"), as may be indicated by, but is not limited to, copyright notice(s) attached to or included in the work.
+
2. "You" means (and "Your" refers to) an individual or a legal entity (e.g., a non-profit organization, commercial organization, government agency, etc.) exercising permissions granted by this License.
+
3. "Modification" means (and "modify" refers to) any alteration of This Product, including, but not limited to, addition to or deletion from the substance or structure of This Product, translation into another language, repackaging, alteration or removal of any file included with This Product, and addition of any new files to This Product.
+
+4. "Your Product" means This Product modified by You, or any work You derive from (or base on) any part of This Product. In addition, "Your Product" means any work in which You include any (modified or unmodified) portion of This Product. However, if the work in which you include it is an aggregate software distribution (such as an operating system distribution or a cover CD-ROM of a magazine) containing multiple separate products, then the term "Your Product" includes only those products (in the aggregate software distribution) that use, include, or depend on a modified or unmodified version of This Product (and the term "Your Product" does not include the whole aggregate software distribution). For the purposes of this License, a product suite consisting of two or more products is considered a single product (operating system distributions and cover media of magazines are not considered product suites).
+
5. "Distribution" means (and "distribute" refers to), regardless of means or methods, conveyance, transfer, providing, or making available of This/Your Product or portions thereof to third parties (including, but not limited to, making This/Your Product, or portions thereof, available for download to third parties, whether or not any third party has downloaded the product, or any portion thereof, made available for download).
+

+
II. Use, Copying, and Distribution of This Product
+
+1. Provided that You comply with all applicable terms and conditions of this License, You may make copies of This Product (unmodified) and distribute copies of This Product (unmodified) that are not included in another product forming Your Product (except as permitted under Chapter III). Note: For terms and conditions for copying and distribution of modified versions of This Product, see Chapter III.
+
2. Provided that You comply with all applicable terms and conditions of this License, You may use This Product freely (see also Chapter III) on any number of computers/systems for non-commercial and/or commercial purposes.
+

+
III. Modification, Derivation, and Inclusion in Other Products
+
+1. If all conditions specified in the following paragraphs in this Chapter (III) are met (for exceptions, see Section III.2) and if You comply with all other applicable terms and conditions of this License, You may modify This Product (thus forming Your Product), derive new works from This Product or portions thereof (thus forming Your Product), include This Product or portions thereof in another product (thus forming Your Product, unless defined otherwise in Chapter I), and You may use (for non-commercial and/or commercial purposes), copy, and/or distribute Your Product.
+
+
    +
  1. The name of Your Product (or of Your modified version of This Product) must not contain the name TrueCrypt (for example, the following names are not allowed: TrueCrypt, TrueCrypt+, TrueCrypt Professional, iTrueCrypt, etc.) nor any other names confusingly similar to the name TrueCrypt (e.g., True-Crypt, True Crypt, TruKrypt, etc.)
    +
    + All occurrences of the name TrueCrypt that could reasonably be considered to identify Your Product must be removed from Your Product and from any associated materials. Logo(s) included in (or attached to) Your Product (and in/to associated materials) must not incorporate and must not be confusingly similar to any of the TrueCrypt logos (including, but not limited to, the non-textual logo consisting primarily of a key in stylized form) or portion(s) thereof. All graphics contained in This Product (logos, icons, etc.) must be removed from Your Product (or from Your modified version of This Product) and from any associated materials.
    +
    +
  2. +
  3. The following phrases must be removed from Your Product and from any associated materials, except the text of this License: "A TrueCrypt Foundation Release", "Released by TrueCrypt Foundation", "This is a TrueCrypt Foundation release."
    +
    +
  4. +
  5. Phrase "Based on TrueCrypt, freely available at http://www.truecrypt.org/" must be displayed by Your Product (if technically feasible) and contained in its documentation. Alternatively, if This Product or its portion You included in Your Product constitutes only a minor portion of Your Product, phrase "Portions of this product are based in part on TrueCrypt, freely available at http://www.truecrypt.org/" may be displayed instead. In each of the cases mentioned above in this paragraph, "http://www.truecrypt.org/" must be a hyperlink (if technically feasible) pointing to http://www.truecrypt.org/ and You may freely choose the location within the user interface (if there is any) of Your Product (e.g., an "About" window, etc.) and the way in which Your Product will display the respective phrase.
    +
    + Your Product (and any associated materials, e.g., the documentation, the content of the official web site of Your Product, etc.) must not present any Internet address containing the domain name truecrypt.org (or any domain name that forwards to the domain name truecrypt.org) in a manner that might suggest that it is where information about Your Product may be obtained or where bugs found in Your Product may be reported or where support for Your Product may be available or otherwise attempt to indicate that the domain name truecrypt.org is associated with Your Product.
    +
    +
  6. +
  7. The complete source code of Your Product must be freely and publicly available (for exceptions, see Section III.2) at least until You cease to distribute Your Product. This condition can be met in one or both of the following ways: (i) You include the complete source code of Your Product with every copy of Your Product that You make and distribute and You make all such copies of Your Product available to the general public free of charge, and/or (ii) You include information (valid and correct at least until You cease to distribute Your Product) about where the complete source code of Your Product can be obtained free of charge (e.g., an Internet address) or for a reasonable reproduction fee with every copy of Your Product that You make and distribute and, if there is a web site officially associated with Your Product, You include the aforementioned information about the source code on a freely and publicly accessible web page to which such web site links via an easily viewable hyperlink (at least until You cease to distribute Your Product).
    +
    +The source code of Your Product must not be deliberately obfuscated and it must not be in an intermediate form (e.g., the output of a preprocessor). Source code means the preferred form in which a programmer would usually modify the program.
    +
    + Portions of the source code of Your Product not contained in This Product (e.g., portions added by You in creating Your Product, whether created by You or by third parties) must be available under license(s) that (however, see also Subsection III.1.e) allow(s) anyone to modify and derive new works from the portions of the source code that are not contained in This Product and to use, copy, and redistribute such modifications and/or derivative works. The license(s) must be perpetual, non-exclusive, royalty-free, no-charge, and worldwide, and must not invalidate, weaken, restrict, interpret, amend, modify, interfere with or otherwise affect any part, term, provision, or clause of this License. The text(s) of the license(s) must be included with every copy of Your Product that You make and distribute.

    +
  8. +
  9. You must not change the license terms of This Product in any way (adding any new terms is considered changing the license terms even if the original terms are retained), which means, e.g., that no part of This Product may be put under another license. You must keep intact all the legal notices contained in the source code files. You must include the following items with every copy of Your Product that You make and distribute: a clear and conspicuous notice stating that Your Product or portion(s) thereof is/are governed by this version of the TrueCrypt License, a verbatim copy of this version of the TrueCrypt License (as contained herein), a clear and conspicuous notice containing information about where the included copy of the License can be found, and an appropriate copyright notice.
    +
  10. +
+2. You are not obligated to comply with Subsection III.1.d if Your Product is not distributed (i.e., Your Product is available only to You).
+
+
+
+ IV. Disclaimer of Liability, Disclaimer of Warranty, Indemnification
+
+ You expressly acknowledge and agree to the following:
+
+ 1. IN NO EVENT WILL ANY (CO)AUTHOR OF THIS PRODUCT, OR ANY APPLICABLE INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY WHO MAY COPY AND/OR (RE)DISTRIBUTE THIS PRODUCT OR PORTIONS THEREOF, AS MAY BE PERMITTED HEREIN, BE LIABLE TO YOU OR TO ANY OTHER PARTY FOR ANY DAMAGES, INCLUDING, BUT NOT LIMITED TO, ANY DIRECT, INDIRECT, GENERAL, SPECIAL, INCIDENTAL, PUNITIVE, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, CORRUPTION OR LOSS OF DATA, ANY LOSSES SUSTAINED BY YOU OR THIRD PARTIES, A FAILURE OF THIS PRODUCT TO OPERATE WITH ANY OTHER PRODUCT, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR BUSINESS INTERRUPTION), WHETHER IN CONTRACT, STRICT LIABILITY, TORT (INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE) OR OTHERWISE, ARISING OUT OF THE USE, COPYING, MODIFICATION, OR (RE)DISTRIBUTION OF THIS PRODUCT (OR A PORTION THEREOF) OR OF YOUR PRODUCT (OR A PORTION THEREOF), OR INABILITY TO USE THIS PRODUCT (OR A PORTION THEREOF), EVEN IF SUCH DAMAGES (OR THE POSSIBILITY OF SUCH DAMAGES) ARE/WERE PREDICTABLE OR KNOWN TO ANY (CO)AUTHOR, INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY.
+
+ 2. THIS PRODUCT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THIS PRODUCT IS WITH YOU. SHOULD THIS PRODUCT PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.
+
+ 3. THIS PRODUCT MAY INCORPORATE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS THAT ARE REGULATED (E.G., SUBJECT TO EXPORT/IMPORT CONTROL REGULATIONS) OR ILLEGAL IN SOME COUNTRIES. IT IS SOLELY YOUR RESPONSIBILITY TO VERIFY THAT IT IS LEGAL TO IMPORT AND/OR (RE)EXPORT AND/OR USE THIS PRODUCT (OR PORTIONS THEREOF) IN COUNTRIES WHERE YOU INTEND TO USE IT AND/OR TO WHICH YOU INTEND TO IMPORT IT AND/OR FROM WHICH YOU INTEND TO EXPORT IT, AND IT IS SOLELY YOUR RESPONSIBILITY TO COMPLY WITH ANY APPLICABLE REGULATIONS, RESTRICTIONS, AND LAWS.
+
+4. YOU SHALL INDEMNIFY, DEFEND AND HOLD ALL (CO)AUTHORS OF THIS PRODUCT, AND APPLICABLE INTELLECTUAL-PROPERTY OWNERS, HARMLESS FROM AND AGAINST ANY AND ALL LIABILITY, DAMAGES, LOSSES, SETTLEMENTS, PENALTIES, FINES, COSTS, EXPENSES (INCLUDING REASONABLE ATTORNEYS' FEES), DEMANDS, CAUSES OF ACTION, CLAIMS, ACTIONS, PROCEEDINGS, AND SUITS, DIRECTLY RELATED TO OR ARISING OUT OF YOUR USE, INABILITY TO USE, COPYING, (RE)DISTRIBUTION, IMPORT AND/OR (RE)EXPORT OF THIS PRODUCT (OR PORTIONS THEREOF) AND/OR YOUR BREACH OF ANY TERM OF THIS LICENSE.
+
+
+
+ V. Trademarks
+
+ This License does not grant permission to use trademarks associated with (or applying to) This Product, except for fair use as defined by applicable law and except for use expressly permitted or required by this License. Any attempt otherwise to use trademarks associated with (or applying to) This Product automatically and immediately terminates Your rights under This License and may constitute trademark infringement (which may be prosecuted).
+
+
+
+ VI. General Terms and Conditions, Miscellaneous Provisions
+
+ 1. ANYONE WHO USES AND/OR COPIES AND/OR MODIFIES AND/OR CREATES DERIVATIVE WORKS OF AND/OR (RE)DISTRIBUTES THIS PRODUCT, OR ANY PORTION(S) THEREOF, IS, BY SUCH ACTION(S), AGREEING TO BE BOUND BY AND ACCEPTING ALL TERMS AND CONDITIONS OF THIS LICENSE (AND THE RESPONSIBILITIES AND OBLIGATIONS CONTAINED IN THIS LICENSE). IF YOU DO NOT ACCEPT (AND AGREE TO BE BOUND BY) ALL TERMS AND CONDITIONS OF THIS LICENSE, DO NOT USE, COPY, MODIFY, CREATE DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY PORTION(S) THEREOF.
+
+2. YOU MAY NOT USE, MODIFY, COPY, CREATE DERIVATIVE WORKS OF, (RE)DISTRIBUTE, OR SUBLICENSE THIS PRODUCT, OR PORTION(S) THEREOF, EXCEPT AS EXPRESSLY PROVIDED IN THIS LICENSE (EVEN IF APPLICABLE LAW GIVES YOU MORE RIGHTS). ANY ATTEMPT (EVEN IF PERMITTED BY APPLICABLE LAW) OTHERWISE TO USE, MODIFY, COPY, CREATE DERIVATIVE WORKS OF, (RE)DISTRIBUTE, OR SUBLICENSE THIS PRODUCT, OR PORTION(S) THEREOF, AUTOMATICALLY AND IMMEDIATELY TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN CONSTITUTE COPYRIGHT INFRINGEMENT (WHICH MAY BE PROSECUTED). ANY CONDITIONS AND RESTRICTIONS CONTAINED IN THIS LICENSE ARE ALSO LIMITATIONS ON THE SCOPE OF THIS LICENSE AND ALSO DEFINE THE SCOPE OF YOUR RIGHTS UNDER THIS LICENSE. YOUR FAILURE TO COMPLY WITH THE TERMS AND CONDITIONS OF THIS LICENSE OR FAILURE TO PERFORM ANY APPLICABLE OBLIGATION IMPOSED BY THIS LICENSE AUTOMATICALLY AND IMMEDIATELY TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN CAUSE OR BE CONSIDERED COPYRIGHT INFRINGEMENT (WHICH MAY BE PROSECUTED). NOTHING IN THIS LICENSE SHALL IMPLY OR BE CONSTRUED AS A PROMISE, OBLIGATION, OR COVENANT NOT TO SUE FOR COPYRIGHT OR TRADEMARK INFRINGEMENT IF YOU DO NOT COMPLY WITH THE TERMS AND CONDITIONS OF THIS LICENSE.
+
+ 3. This License does not constitute or imply a waiver of any intellectual property rights except as may be otherwise expressly provided in this License. This License does not transfer, assign, or convey any intellectual property rights (e.g., it does not transfer ownership of copyrights or trademarks).
+
+4. Subject to the terms and conditions of this License, You may allow a third party to use Your copy of This Product (or a copy that You make and distribute, or Your Product) provided that the third party explicitly accepts and agrees to be bound by all terms and conditions of this License and the third party is not prohibited from using This Product (or portions thereof) by this License (see, e.g., Section VI.7) or by applicable law. However, You are not obligated to ensure that the third party accepts (and agrees to be bound by all terms of) this License if You distribute only the self-extracting package (containing This Product) that does not allow the user to install (nor extract) the files contained in the package until he or she accepts and agrees to be bound by all terms and conditions of this License.
+
+ 5. Without specific prior written permission from the authors of This Product (or from their common representative), You must not use the name of This Product, the names of the authors of This Product, or the names of the legal entities (or informal groups) of which the authors were/are members/employees, to endorse or promote Your Product or any work in which You include a modified or unmodified version of This Product, or to endorse or promote You or Your affiliates, or in a way that might suggest that Your Product (or any work in which You include a modified or unmodified version of This Product), You, or Your affiliates is/are endorsed by one or more authors of This Product, or in a way that might suggest that one or more authors of This Product is/are affiliated with You (or Your affiliates) or directly participated in the creation of Your Product or of any work in which You include a modified or unmodified version of This Product.
+
+6. IF YOU ARE NOT SURE WHETHER YOU UNDERSTAND ALL PARTS OF THIS LICENSE OR IF YOU ARE NOT SURE WHETHER YOU CAN COMPLY WITH ALL TERMS AND CONDITIONS OF THIS LICENSE, YOU MUST NOT USE, COPY, MODIFY, CREATE DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY PORTION(S) OF IT. YOU SHOULD CONSULT WITH A LAWYER.
+
+ 7. IF (IN RELEVANT CONTEXT) ANY PROVISION OF CHAPTER IV OF THIS LICENSE IS UNENFORCEABLE, INVALID, OR PROHIBITED UNDER APPLICABLE LAW IN YOUR JURISDICTION, YOU HAVE NO RIGHTS UNDER THIS LICENSE AND YOU MUST NOT USE, COPY, MODIFY, CREATE DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY PORTION(S) THEREOF.
+
+ 8. Except as otherwise provided in this License, if any provision of this License, or a portion thereof, is found to be invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of this License, and such invalid or unenforceable provision shall be construed to reflect the original intent of the provision and shall be enforced to the maximum extent permitted by applicable law so as to effect the original intent of the provision as closely as possible.
+
+ ____________________________________________________________
+

+Third-Party Licenses
+
+This Product contains components that were created by third parties and that are governed by third-party licenses, which are contained hereinafter (separated by lines consisting of underscores). Each of the third-party licenses applies only to (portions of) the source code file(s) in which the third-party license is contained or in which it is explicitly referenced, and to compiled or otherwise processed forms of such source code. None of the third-party licenses applies to This Product as a whole, even when it uses terms such as "product", "program", or any other equivalent terms/phrases. This Product as a whole is governed by the TrueCrypt License (see above). Some of the third-party components have been modified by the authors of This Product. Unless otherwise stated, such modifications and additions are governed by the TrueCrypt License (see above). Note: Unless otherwise stated, graphics and files that are not part of the source code are governed by the TrueCrypt License.
+
+ ____________________________________________________________
+
+
+ License agreement for Encryption for the Masses.
+
+ Copyright (C) 1998-2000 Paul Le Roux. All Rights Reserved.
+
+ This product can be copied and distributed free of charge, including source code.
+
+ You may modify this product and source code, and distribute such modifications, and you may derive new works based on this product, provided that:
+
+ 1. Any product which is simply derived from this product cannot be called E4M, or Encryption for the Masses.
+
+ 2. If you use any of the source code in your product, and your product is distributed with source code, you must include this notice with those portions of this source code that you use.
+
+ Or,
+
+ If your product is distributed in binary form only, you must display on any packaging, and marketing materials which reference your product, a notice which states:
+
+ "This product uses components written by Paul Le Roux <pleroux@swprofessionals.com>"
+
+ 3. If you use any of the source code originally by Eric Young, you must in addition follow his terms and conditions.
+
+ 4. Nothing requires that you accept this License, as you have not signed it. However, nothing else grants you permission to modify or distribute the product or its derivative works.
+
+ These actions are prohibited by law if you do not accept this License.
+
+ 5. If any of these license terms is found to be to broad in scope, and declared invalid by any court or legal process, you agree that all other terms shall not be so affected, and shall remain valid and enforceable.
+
+ 6. THIS PROGRAM IS DISTRIBUTED FREE OF CHARGE, THEREFORE THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. UNLESS OTHERWISE STATED THE PROGRAM IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 7. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM, INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS, EVEN IF SUCH HOLDER OR OTHER PARTY HAD PREVIOUSLY BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+ ____________________________________________________________
+
+ Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. All rights reserved.
+
+ LICENSE TERMS
+
+The free distribution and use of this software is allowed (with or without changes) provided that:
+
    +
  1. source code distributions include the above copyright notice, this list of conditions and the following disclaimer;
    +
  2. +
  3. binary distributions include the above copyright notice, this list of conditions and the following disclaimer in their documentation;
    +
  4. +
  5. the name of the copyright holder is not used to endorse products built using this software without specific written permission.
  6. +
+ DISCLAIMER
+
+ This software is provided 'as is' with no explicit or implied warranties in respect of its properties, including, but not limited to, correctness and/or fitness for purpose.
+ ____________________________________________________________
+
+ Copyright (C) 2002-2004 Mark Adler, all rights reserved
+ version 1.8, 9 Jan 2004
+
+ This software is provided 'as-is', without any express or implied warranty. In no event will the author be held liable for any damages arising from the use of this software.
+
+Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:
+
    +
  1. The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required.
  2. +
  3. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.
  4. +
  5. This notice may not be removed or altered from any source distribution.
  6. +
+____________________________________________________________
+ + diff --git a/src/License.txt b/src/License.txt index c174ef1b..44c0c657 100644 --- a/src/License.txt +++ b/src/License.txt @@ -1,702 +1,702 @@ -VeraCrypt License -Software distributed under this license is distributed on an "AS -IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND -DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO -USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE -SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE -BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT -ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE -SOFTWARE, NOR ANY PART(S) THEREOF. - -VeraCrypt is multi-licensed under Apache License 2.0 and -the TrueCrypt License version 3.0, a verbatim copy of both -licenses can be found below. - -This license does not grant you rights to use any -contributors' name, logo, or trademarks, including IDRIX, -VeraCrypt and all derivative names. -For example, the following names are not allowed: VeraCrypt, -VeraCrypt+, VeraCrypt Professional, iVeraCrypt, etc. Nor any -other names confusingly similar to the name VeraCrypt (e.g., -Vera-Crypt, Vera Crypt, VerKrypt, etc.) -____________________________________________________________ - - Apache License - Version 2.0, January 2004 - https://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. -____________________________________________________________ - -TrueCrypt License Version 3.0 - -Software distributed under this license is distributed on an "AS -IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND -DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO -USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE -SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE -BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT -ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE -SOFTWARE, NOR ANY PART(S) THEREOF. - - -I. Definitions - -1. "This Product" means the work (including, but not limited to, -source code, graphics, texts, and accompanying files) made -available under and governed by this version of this license -("License"), as may be indicated by, but is not limited to, -copyright notice(s) attached to or included in the work. - -2. "You" means (and "Your" refers to) an individual or a legal -entity (e.g., a non-profit organization, commercial -organization, government agency, etc.) exercising permissions -granted by this License. - -3. "Modification" means (and "modify" refers to) any alteration -of This Product, including, but not limited to, addition to or -deletion from the substance or structure of This Product, -translation into another language, repackaging, alteration or -removal of any file included with This Product, and addition of -any new files to This Product. - -4. "Your Product" means This Product modified by You, or any -work You derive from (or base on) any part of This Product. In -addition, "Your Product" means any work in which You include any -(modified or unmodified) portion of This Product. However, if -the work in which you include it is an aggregate software -distribution (such as an operating system distribution or a -cover CD-ROM of a magazine) containing multiple separate -products, then the term "Your Product" includes only those -products (in the aggregate software distribution) that use, -include, or depend on a modified or unmodified version of This -Product (and the term "Your Product" does not include the whole -aggregate software distribution). For the purposes of this -License, a product suite consisting of two or more products is -considered a single product (operating system distributions and -cover media of magazines are not considered product suites). - -5. "Distribution" means (and "distribute" refers to), regardless -of means or methods, conveyance, transfer, providing, or making -available of This/Your Product or portions thereof to third -parties (including, but not limited to, making This/Your -Product, or portions thereof, available for download to third -parties, whether or not any third party has downloaded the -product, or any portion thereof, made available for download). - - - -II. Use, Copying, and Distribution of This Product - -1. Provided that You comply with all applicable terms and -conditions of this License, You may make copies of This Product -(unmodified) and distribute copies of This Product (unmodified) -that are not included in another product forming Your Product -(except as permitted under Chapter III). Note: For terms and -conditions for copying and distribution of modified versions of -This Product, see Chapter III. - -2. Provided that You comply with all applicable terms and -conditions of this License, You may use This Product freely (see -also Chapter III) on any number of computers/systems for non- -commercial and/or commercial purposes. - - - -III. Modification, Derivation, and Inclusion in Other Products - -1. If all conditions specified in the following paragraphs in -this Chapter (III) are met (for exceptions, see Section III.2) -and if You comply with all other applicable terms and conditions -of this License, You may modify This Product (thus forming Your -Product), derive new works from This Product or portions thereof -(thus forming Your Product), include This Product or portions -thereof in another product (thus forming Your Product, unless -defined otherwise in Chapter I), and You may use (for non- -commercial and/or commercial purposes), copy, and/or distribute -Your Product. - - a. The name of Your Product (or of Your modified version of - This Product) must not contain the name TrueCrypt (for - example, the following names are not allowed: TrueCrypt, - TrueCrypt+, TrueCrypt Professional, iTrueCrypt, etc.) nor - any other names confusingly similar to the name TrueCrypt - (e.g., True-Crypt, True Crypt, TruKrypt, etc.) - - All occurrences of the name TrueCrypt that could reasonably - be considered to identify Your Product must be removed from - Your Product and from any associated materials. Logo(s) - included in (or attached to) Your Product (and in/to - associated materials) must not incorporate and must not be - confusingly similar to any of the TrueCrypt logos - (including, but not limited to, the non-textual logo - consisting primarily of a key in stylized form) or - portion(s) thereof. All graphics contained in This Product - (logos, icons, etc.) must be removed from Your Product (or - from Your modified version of This Product) and from any - associated materials. - - b. The following phrases must be removed from Your Product - and from any associated materials, except the text of this - License: "A TrueCrypt Foundation Release", "Released by - TrueCrypt Foundation", "This is a TrueCrypt Foundation - release." - - c. Phrase "Based on TrueCrypt, freely available at - http://www.truecrypt.org/" must be displayed by Your Product - (if technically feasible) and contained in its - documentation. Alternatively, if This Product or its portion - You included in Your Product constitutes only a minor - portion of Your Product, phrase "Portions of this product - are based in part on TrueCrypt, freely available at - http://www.truecrypt.org/" may be displayed instead. In each - of the cases mentioned above in this paragraph, - "http://www.truecrypt.org/" must be a hyperlink (if - technically feasible) pointing to http://www.truecrypt.org/ - and You may freely choose the location within the user - interface (if there is any) of Your Product (e.g., an - "About" window, etc.) and the way in which Your Product will - display the respective phrase. - - Your Product (and any associated materials, e.g., the - documentation, the content of the official web site of Your - Product, etc.) must not present any Internet address - containing the domain name truecrypt.org (or any domain name - that forwards to the domain name truecrypt.org) in a manner - that might suggest that it is where information about Your - Product may be obtained or where bugs found in Your Product - may be reported or where support for Your Product may be - available or otherwise attempt to indicate that the domain - name truecrypt.org is associated with Your Product. - - d. The complete source code of Your Product must be freely - and publicly available (for exceptions, see Section III.2) - at least until You cease to distribute Your Product. This - condition can be met in one or both of the following ways: - (i) You include the complete source code of Your Product - with every copy of Your Product that You make and distribute - and You make all such copies of Your Product available to - the general public free of charge, and/or (ii) You include - information (valid and correct at least until You cease to - distribute Your Product) about where the complete source - code of Your Product can be obtained free of charge (e.g., - an Internet address) or for a reasonable reproduction fee - with every copy of Your Product that You make and distribute - and, if there is a web site officially associated with Your - Product, You include the aforementioned information about - the source code on a freely and publicly accessible web - page to which such web site links via an easily viewable - hyperlink (at least until You cease to distribute Your - Product). - - The source code of Your Product must not be deliberately - obfuscated and it must not be in an intermediate form (e.g., - the output of a preprocessor). Source code means the - preferred form in which a programmer would usually modify - the program. - - Portions of the source code of Your Product not contained in - This Product (e.g., portions added by You in creating Your - Product, whether created by You or by third parties) must be - available under license(s) that (however, see also - Subsection III.1.e) allow(s) anyone to modify and derive new - works from the portions of the source code that are not - contained in This Product and to use, copy, and redistribute - such modifications and/or derivative works. The license(s) - must be perpetual, non-exclusive, royalty-free, no-charge, - and worldwide, and must not invalidate, weaken, restrict, - interpret, amend, modify, interfere with or otherwise affect - any part, term, provision, or clause of this License. The - text(s) of the license(s) must be included with every copy - of Your Product that You make and distribute. - - e. You must not change the license terms of This Product in - any way (adding any new terms is considered changing the - license terms even if the original terms are retained), - which means, e.g., that no part of This Product may be put - under another license. You must keep intact all the legal - notices contained in the source code files. You must include - the following items with every copy of Your Product that You - make and distribute: a clear and conspicuous notice stating - that Your Product or portion(s) thereof is/are governed by - this version of the TrueCrypt License, a verbatim copy of - this version of the TrueCrypt License (as contained herein), - a clear and conspicuous notice containing information about - where the included copy of the License can be found, and an - appropriate copyright notice. - - -2. You are not obligated to comply with Subsection III.1.d if -Your Product is not distributed (i.e., Your Product is available -only to You). - - - -IV. Disclaimer of Liability, Disclaimer of Warranty, -Indemnification - -You expressly acknowledge and agree to the following: - -1. IN NO EVENT WILL ANY (CO)AUTHOR OF THIS PRODUCT, OR ANY -APPLICABLE INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY WHO -MAY COPY AND/OR (RE)DISTRIBUTE THIS PRODUCT OR PORTIONS THEREOF, -AS MAY BE PERMITTED HEREIN, BE LIABLE TO YOU OR TO ANY OTHER -PARTY FOR ANY DAMAGES, INCLUDING, BUT NOT LIMITED TO, ANY -DIRECT, INDIRECT, GENERAL, SPECIAL, INCIDENTAL, PUNITIVE, -EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED -TO, CORRUPTION OR LOSS OF DATA, ANY LOSSES SUSTAINED BY YOU OR -THIRD PARTIES, A FAILURE OF THIS PRODUCT TO OPERATE WITH ANY -OTHER PRODUCT, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR -BUSINESS INTERRUPTION), WHETHER IN CONTRACT, STRICT LIABILITY, -TORT (INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE) OR OTHERWISE, -ARISING OUT OF THE USE, COPYING, MODIFICATION, OR -(RE)DISTRIBUTION OF THIS PRODUCT (OR A PORTION THEREOF) OR OF -YOUR PRODUCT (OR A PORTION THEREOF), OR INABILITY TO USE THIS -PRODUCT (OR A PORTION THEREOF), EVEN IF SUCH DAMAGES (OR THE -POSSIBILITY OF SUCH DAMAGES) ARE/WERE PREDICTABLE OR KNOWN TO -ANY (CO)AUTHOR, INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY. - -2. THIS PRODUCT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY -KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT -LIMITED TO, THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A -PARTICULAR PURPOSE, AND NON-INFRINGEMENT. THE ENTIRE RISK AS TO -THE QUALITY AND PERFORMANCE OF THIS PRODUCT IS WITH YOU. SHOULD -THIS PRODUCT PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL -NECESSARY SERVICING, REPAIR, OR CORRECTION. - -3. THIS PRODUCT MAY INCORPORATE IMPLEMENTATIONS OF CRYPTOGRAPHIC -ALGORITHMS THAT ARE REGULATED (E.G., SUBJECT TO EXPORT/IMPORT -CONTROL REGULATIONS) OR ILLEGAL IN SOME COUNTRIES. IT IS SOLELY -YOUR RESPONSIBILITY TO VERIFY THAT IT IS LEGAL TO IMPORT AND/OR -(RE)EXPORT AND/OR USE THIS PRODUCT (OR PORTIONS THEREOF) IN -COUNTRIES WHERE YOU INTEND TO USE IT AND/OR TO WHICH YOU INTEND -TO IMPORT IT AND/OR FROM WHICH YOU INTEND TO EXPORT IT, AND IT -IS SOLELY YOUR RESPONSIBILITY TO COMPLY WITH ANY APPLICABLE -REGULATIONS, RESTRICTIONS, AND LAWS. - -4. YOU SHALL INDEMNIFY, DEFEND AND HOLD ALL (CO)AUTHORS OF THIS -PRODUCT, AND APPLICABLE INTELLECTUAL-PROPERTY OWNERS, HARMLESS -FROM AND AGAINST ANY AND ALL LIABILITY, DAMAGES, LOSSES, -SETTLEMENTS, PENALTIES, FINES, COSTS, EXPENSES (INCLUDING -REASONABLE ATTORNEYS' FEES), DEMANDS, CAUSES OF ACTION, CLAIMS, -ACTIONS, PROCEEDINGS, AND SUITS, DIRECTLY RELATED TO OR ARISING -OUT OF YOUR USE, INABILITY TO USE, COPYING, (RE)DISTRIBUTION, -IMPORT AND/OR (RE)EXPORT OF THIS PRODUCT (OR PORTIONS THEREOF) -AND/OR YOUR BREACH OF ANY TERM OF THIS LICENSE. - - - -V. Trademarks - -This License does not grant permission to use trademarks -associated with (or applying to) This Product, except for fair -use as defined by applicable law and except for use expressly -permitted or required by this License. Any attempt otherwise to -use trademarks associated with (or applying to) This Product -automatically and immediately terminates Your rights under This -License and may constitute trademark infringement (which may be -prosecuted). - - - -VI. General Terms and Conditions, Miscellaneous Provisions - -1. ANYONE WHO USES AND/OR COPIES AND/OR MODIFIES AND/OR CREATES -DERIVATIVE WORKS OF AND/OR (RE)DISTRIBUTES THIS PRODUCT, OR ANY -PORTION(S) THEREOF, IS, BY SUCH ACTION(S), AGREEING TO BE BOUND -BY AND ACCEPTING ALL TERMS AND CONDITIONS OF THIS LICENSE (AND -THE RESPONSIBILITIES AND OBLIGATIONS CONTAINED IN THIS LICENSE). -IF YOU DO NOT ACCEPT (AND AGREE TO BE BOUND BY) ALL TERMS AND -CONDITIONS OF THIS LICENSE, DO NOT USE, COPY, MODIFY, CREATE -DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY -PORTION(S) THEREOF. - -2. YOU MAY NOT USE, MODIFY, COPY, CREATE DERIVATIVE WORKS OF, -(RE)DISTRIBUTE, OR SUBLICENSE THIS PRODUCT, OR PORTION(S) -THEREOF, EXCEPT AS EXPRESSLY PROVIDED IN THIS LICENSE (EVEN IF -APPLICABLE LAW GIVES YOU MORE RIGHTS). ANY ATTEMPT (EVEN IF -PERMITTED BY APPLICABLE LAW) OTHERWISE TO USE, MODIFY, COPY, -CREATE DERIVATIVE WORKS OF, (RE)DISTRIBUTE, OR SUBLICENSE THIS -PRODUCT, OR PORTION(S) THEREOF, AUTOMATICALLY AND IMMEDIATELY -TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN CONSTITUTE -COPYRIGHT INFRINGEMENT (WHICH MAY BE PROSECUTED). ANY CONDITIONS -AND RESTRICTIONS CONTAINED IN THIS LICENSE ARE ALSO LIMITATIONS -ON THE SCOPE OF THIS LICENSE AND ALSO DEFINE THE SCOPE OF YOUR -RIGHTS UNDER THIS LICENSE. YOUR FAILURE TO COMPLY WITH THE TERMS -AND CONDITIONS OF THIS LICENSE OR FAILURE TO PERFORM ANY -APPLICABLE OBLIGATION IMPOSED BY THIS LICENSE AUTOMATICALLY AND -IMMEDIATELY TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN -CAUSE OR BE CONSIDERED COPYRIGHT INFRINGEMENT (WHICH MAY BE -PROSECUTED). NOTHING IN THIS LICENSE SHALL IMPLY OR BE CONSTRUED -AS A PROMISE, OBLIGATION, OR COVENANT NOT TO SUE FOR COPYRIGHT -OR TRADEMARK INFRINGEMENT IF YOU DO NOT COMPLY WITH THE TERMS -AND CONDITIONS OF THIS LICENSE. - -3. This License does not constitute or imply a waiver of any -intellectual property rights except as may be otherwise -expressly provided in this License. This License does not -transfer, assign, or convey any intellectual property rights -(e.g., it does not transfer ownership of copyrights or -trademarks). - -4. Subject to the terms and conditions of this License, You may -allow a third party to use Your copy of This Product (or a copy -that You make and distribute, or Your Product) provided that the -third party explicitly accepts and agrees to be bound by all -terms and conditions of this License and the third party is not -prohibited from using This Product (or portions thereof) by this -License (see, e.g., Section VI.7) or by applicable law. However, -You are not obligated to ensure that the third party accepts -(and agrees to be bound by all terms of) this License if You -distribute only the self-extracting package (containing This -Product) that does not allow the user to install (nor extract) -the files contained in the package until he or she accepts and -agrees to be bound by all terms and conditions of this License. - -5. Without specific prior written permission from the authors of -This Product (or from their common representative), You must not -use the name of This Product, the names of the authors of This -Product, or the names of the legal entities (or informal groups) -of which the authors were/are members/employees, to endorse or -promote Your Product or any work in which You include a modified -or unmodified version of This Product, or to endorse or promote -You or Your affiliates, or in a way that might suggest that Your -Product (or any work in which You include a modified or -unmodified version of This Product), You, or Your affiliates -is/are endorsed by one or more authors of This Product, or in a -way that might suggest that one or more authors of This Product -is/are affiliated with You (or Your affiliates) or directly -participated in the creation of Your Product or of any work in -which You include a modified or unmodified version of This -Product. - -6. IF YOU ARE NOT SURE WHETHER YOU UNDERSTAND ALL PARTS OF THIS -LICENSE OR IF YOU ARE NOT SURE WHETHER YOU CAN COMPLY WITH ALL -TERMS AND CONDITIONS OF THIS LICENSE, YOU MUST NOT USE, COPY, -MODIFY, CREATE DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS -PRODUCT, NOR ANY PORTION(S) OF IT. YOU SHOULD CONSULT WITH A -LAWYER. - -7. IF (IN RELEVANT CONTEXT) ANY PROVISION OF CHAPTER IV OF THIS -LICENSE IS UNENFORCEABLE, INVALID, OR PROHIBITED UNDER -APPLICABLE LAW IN YOUR JURISDICTION, YOU HAVE NO RIGHTS UNDER -THIS LICENSE AND YOU MUST NOT USE, COPY, MODIFY, CREATE -DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY -PORTION(S) THEREOF. - -8. Except as otherwise provided in this License, if any -provision of this License, or a portion thereof, is found to be -invalid or unenforceable under applicable law, it shall not -affect the validity or enforceability of the remainder of this -License, and such invalid or unenforceable provision shall be -construed to reflect the original intent of the provision and -shall be enforced to the maximum extent permitted by applicable -law so as to effect the original intent of the provision as -closely as possible. - -____________________________________________________________ - - -Third-Party Licenses - -This Product contains components that were created by third -parties and that are governed by third-party licenses, which are -contained hereinafter (separated by lines consisting of -underscores). Each of the third-party licenses applies only to -(portions of) the source code file(s) in which the third-party -license is contained or in which it is explicitly referenced, -and to compiled or otherwise processed forms of such source -code. None of the third-party licenses applies to This Product -as a whole, even when it uses terms such as "product", -"program", or any other equivalent terms/phrases. This Product -as a whole is governed by the TrueCrypt License (see above). -Some of the third-party components have been modified by the -authors of This Product. Unless otherwise stated, such -modifications and additions are governed by the TrueCrypt -License (see above). Note: Unless otherwise stated, graphics and -files that are not part of the source code are governed by the -TrueCrypt License. - -____________________________________________________________ - -License agreement for Encryption for the Masses. - -Copyright (C) 1998-2000 Paul Le Roux. All Rights Reserved. - -This product can be copied and distributed free of charge, -including source code. - -You may modify this product and source code, and distribute such -modifications, and you may derive new works based on this -product, provided that: - -1. Any product which is simply derived from this product cannot -be called E4M, or Encryption for the Masses. - -2. If you use any of the source code in your product, and your -product is distributed with source code, you must include this -notice with those portions of this source code that you use. - -Or, - -If your product is distributed in binary form only, you must -display on any packaging, and marketing materials which -reference your product, a notice which states: - -"This product uses components written by Paul Le Roux -" - -3. If you use any of the source code originally by Eric Young, -you must in addition follow his terms and conditions. - -4. Nothing requires that you accept this License, as you have -not signed it. However, nothing else grants you permission to -modify or distribute the product or its derivative works. - -These actions are prohibited by law if you do not accept this -License. - -5. If any of these license terms is found to be to broad in -scope, and declared invalid by any court or legal process, you -agree that all other terms shall not be so affected, and shall -remain valid and enforceable. - -6. THIS PROGRAM IS DISTRIBUTED FREE OF CHARGE, THEREFORE THERE -IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY -APPLICABLE LAW. UNLESS OTHERWISE STATED THE PROGRAM IS PROVIDED -"AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR -IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE -ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS -WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE -COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - -7. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN -WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY -MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE -LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, -INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR -INABILITY TO USE THE PROGRAM, INCLUDING BUT NOT LIMITED TO LOSS -OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH -ANY OTHER PROGRAMS, EVEN IF SUCH HOLDER OR OTHER PARTY HAD -PREVIOUSLY BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. -____________________________________________________________ - -Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. -All rights reserved. - -LICENSE TERMS - -The free distribution and use of this software is allowed (with -or without changes) provided that: - - 1. source code distributions include the above copyright - notice, this list of conditions and the following - disclaimer; - - 2. binary distributions include the above copyright notice, - this list of conditions and the following disclaimer in - their documentation; - - 3. the name of the copyright holder is not used to endorse - products built using this software without specific written - permission. - -DISCLAIMER - -This software is provided 'as is' with no explicit or implied -warranties in respect of its properties, including, but not -limited to, correctness and/or fitness for purpose. -____________________________________________________________ - -Copyright (C) 2002-2004 Mark Adler, all rights reserved -version 1.8, 9 Jan 2004 - -This software is provided 'as-is', without any express or -implied warranty. In no event will the author be held liable -for any damages arising from the use of this software. - -Permission is granted to anyone to use this software for any -purpose, including commercial applications, and to alter it and -redistribute it freely, subject to the following restrictions: - -1. The origin of this software must not be misrepresented; you - must not claim that you wrote the original software. If you - use this software in a product, an acknowledgment in the - product documentation would be appreciated but is not - required. -2. Altered source versions must be plainly marked as such, and - must not be misrepresented as being the original software. -3. This notice may not be removed or altered from any source - distribution. -____________________________________________________________ +VeraCrypt License +Software distributed under this license is distributed on an "AS +IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND +DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO +USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE +SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE +BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT +ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE +SOFTWARE, NOR ANY PART(S) THEREOF. + +VeraCrypt is multi-licensed under Apache License 2.0 and +the TrueCrypt License version 3.0, a verbatim copy of both +licenses can be found below. + +This license does not grant you rights to use any +contributors' name, logo, or trademarks, including IDRIX, +VeraCrypt and all derivative names. +For example, the following names are not allowed: VeraCrypt, +VeraCrypt+, VeraCrypt Professional, iVeraCrypt, etc. Nor any +other names confusingly similar to the name VeraCrypt (e.g., +Vera-Crypt, Vera Crypt, VerKrypt, etc.) +____________________________________________________________ + + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + +1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + +2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + +3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + +4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + +5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + +6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + +8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. +____________________________________________________________ + +TrueCrypt License Version 3.0 + +Software distributed under this license is distributed on an "AS +IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND +DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO +USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE +SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE +BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT +ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE +SOFTWARE, NOR ANY PART(S) THEREOF. + + +I. Definitions + +1. "This Product" means the work (including, but not limited to, +source code, graphics, texts, and accompanying files) made +available under and governed by this version of this license +("License"), as may be indicated by, but is not limited to, +copyright notice(s) attached to or included in the work. + +2. "You" means (and "Your" refers to) an individual or a legal +entity (e.g., a non-profit organization, commercial +organization, government agency, etc.) exercising permissions +granted by this License. + +3. "Modification" means (and "modify" refers to) any alteration +of This Product, including, but not limited to, addition to or +deletion from the substance or structure of This Product, +translation into another language, repackaging, alteration or +removal of any file included with This Product, and addition of +any new files to This Product. + +4. "Your Product" means This Product modified by You, or any +work You derive from (or base on) any part of This Product. In +addition, "Your Product" means any work in which You include any +(modified or unmodified) portion of This Product. However, if +the work in which you include it is an aggregate software +distribution (such as an operating system distribution or a +cover CD-ROM of a magazine) containing multiple separate +products, then the term "Your Product" includes only those +products (in the aggregate software distribution) that use, +include, or depend on a modified or unmodified version of This +Product (and the term "Your Product" does not include the whole +aggregate software distribution). For the purposes of this +License, a product suite consisting of two or more products is +considered a single product (operating system distributions and +cover media of magazines are not considered product suites). + +5. "Distribution" means (and "distribute" refers to), regardless +of means or methods, conveyance, transfer, providing, or making +available of This/Your Product or portions thereof to third +parties (including, but not limited to, making This/Your +Product, or portions thereof, available for download to third +parties, whether or not any third party has downloaded the +product, or any portion thereof, made available for download). + + + +II. Use, Copying, and Distribution of This Product + +1. Provided that You comply with all applicable terms and +conditions of this License, You may make copies of This Product +(unmodified) and distribute copies of This Product (unmodified) +that are not included in another product forming Your Product +(except as permitted under Chapter III). Note: For terms and +conditions for copying and distribution of modified versions of +This Product, see Chapter III. + +2. Provided that You comply with all applicable terms and +conditions of this License, You may use This Product freely (see +also Chapter III) on any number of computers/systems for non- +commercial and/or commercial purposes. + + + +III. Modification, Derivation, and Inclusion in Other Products + +1. If all conditions specified in the following paragraphs in +this Chapter (III) are met (for exceptions, see Section III.2) +and if You comply with all other applicable terms and conditions +of this License, You may modify This Product (thus forming Your +Product), derive new works from This Product or portions thereof +(thus forming Your Product), include This Product or portions +thereof in another product (thus forming Your Product, unless +defined otherwise in Chapter I), and You may use (for non- +commercial and/or commercial purposes), copy, and/or distribute +Your Product. + + a. The name of Your Product (or of Your modified version of + This Product) must not contain the name TrueCrypt (for + example, the following names are not allowed: TrueCrypt, + TrueCrypt+, TrueCrypt Professional, iTrueCrypt, etc.) nor + any other names confusingly similar to the name TrueCrypt + (e.g., True-Crypt, True Crypt, TruKrypt, etc.) + + All occurrences of the name TrueCrypt that could reasonably + be considered to identify Your Product must be removed from + Your Product and from any associated materials. Logo(s) + included in (or attached to) Your Product (and in/to + associated materials) must not incorporate and must not be + confusingly similar to any of the TrueCrypt logos + (including, but not limited to, the non-textual logo + consisting primarily of a key in stylized form) or + portion(s) thereof. All graphics contained in This Product + (logos, icons, etc.) must be removed from Your Product (or + from Your modified version of This Product) and from any + associated materials. + + b. The following phrases must be removed from Your Product + and from any associated materials, except the text of this + License: "A TrueCrypt Foundation Release", "Released by + TrueCrypt Foundation", "This is a TrueCrypt Foundation + release." + + c. Phrase "Based on TrueCrypt, freely available at + http://www.truecrypt.org/" must be displayed by Your Product + (if technically feasible) and contained in its + documentation. Alternatively, if This Product or its portion + You included in Your Product constitutes only a minor + portion of Your Product, phrase "Portions of this product + are based in part on TrueCrypt, freely available at + http://www.truecrypt.org/" may be displayed instead. In each + of the cases mentioned above in this paragraph, + "http://www.truecrypt.org/" must be a hyperlink (if + technically feasible) pointing to http://www.truecrypt.org/ + and You may freely choose the location within the user + interface (if there is any) of Your Product (e.g., an + "About" window, etc.) and the way in which Your Product will + display the respective phrase. + + Your Product (and any associated materials, e.g., the + documentation, the content of the official web site of Your + Product, etc.) must not present any Internet address + containing the domain name truecrypt.org (or any domain name + that forwards to the domain name truecrypt.org) in a manner + that might suggest that it is where information about Your + Product may be obtained or where bugs found in Your Product + may be reported or where support for Your Product may be + available or otherwise attempt to indicate that the domain + name truecrypt.org is associated with Your Product. + + d. The complete source code of Your Product must be freely + and publicly available (for exceptions, see Section III.2) + at least until You cease to distribute Your Product. This + condition can be met in one or both of the following ways: + (i) You include the complete source code of Your Product + with every copy of Your Product that You make and distribute + and You make all such copies of Your Product available to + the general public free of charge, and/or (ii) You include + information (valid and correct at least until You cease to + distribute Your Product) about where the complete source + code of Your Product can be obtained free of charge (e.g., + an Internet address) or for a reasonable reproduction fee + with every copy of Your Product that You make and distribute + and, if there is a web site officially associated with Your + Product, You include the aforementioned information about + the source code on a freely and publicly accessible web + page to which such web site links via an easily viewable + hyperlink (at least until You cease to distribute Your + Product). + + The source code of Your Product must not be deliberately + obfuscated and it must not be in an intermediate form (e.g., + the output of a preprocessor). Source code means the + preferred form in which a programmer would usually modify + the program. + + Portions of the source code of Your Product not contained in + This Product (e.g., portions added by You in creating Your + Product, whether created by You or by third parties) must be + available under license(s) that (however, see also + Subsection III.1.e) allow(s) anyone to modify and derive new + works from the portions of the source code that are not + contained in This Product and to use, copy, and redistribute + such modifications and/or derivative works. The license(s) + must be perpetual, non-exclusive, royalty-free, no-charge, + and worldwide, and must not invalidate, weaken, restrict, + interpret, amend, modify, interfere with or otherwise affect + any part, term, provision, or clause of this License. The + text(s) of the license(s) must be included with every copy + of Your Product that You make and distribute. + + e. You must not change the license terms of This Product in + any way (adding any new terms is considered changing the + license terms even if the original terms are retained), + which means, e.g., that no part of This Product may be put + under another license. You must keep intact all the legal + notices contained in the source code files. You must include + the following items with every copy of Your Product that You + make and distribute: a clear and conspicuous notice stating + that Your Product or portion(s) thereof is/are governed by + this version of the TrueCrypt License, a verbatim copy of + this version of the TrueCrypt License (as contained herein), + a clear and conspicuous notice containing information about + where the included copy of the License can be found, and an + appropriate copyright notice. + + +2. You are not obligated to comply with Subsection III.1.d if +Your Product is not distributed (i.e., Your Product is available +only to You). + + + +IV. Disclaimer of Liability, Disclaimer of Warranty, +Indemnification + +You expressly acknowledge and agree to the following: + +1. IN NO EVENT WILL ANY (CO)AUTHOR OF THIS PRODUCT, OR ANY +APPLICABLE INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY WHO +MAY COPY AND/OR (RE)DISTRIBUTE THIS PRODUCT OR PORTIONS THEREOF, +AS MAY BE PERMITTED HEREIN, BE LIABLE TO YOU OR TO ANY OTHER +PARTY FOR ANY DAMAGES, INCLUDING, BUT NOT LIMITED TO, ANY +DIRECT, INDIRECT, GENERAL, SPECIAL, INCIDENTAL, PUNITIVE, +EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +TO, CORRUPTION OR LOSS OF DATA, ANY LOSSES SUSTAINED BY YOU OR +THIRD PARTIES, A FAILURE OF THIS PRODUCT TO OPERATE WITH ANY +OTHER PRODUCT, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR +BUSINESS INTERRUPTION), WHETHER IN CONTRACT, STRICT LIABILITY, +TORT (INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE) OR OTHERWISE, +ARISING OUT OF THE USE, COPYING, MODIFICATION, OR +(RE)DISTRIBUTION OF THIS PRODUCT (OR A PORTION THEREOF) OR OF +YOUR PRODUCT (OR A PORTION THEREOF), OR INABILITY TO USE THIS +PRODUCT (OR A PORTION THEREOF), EVEN IF SUCH DAMAGES (OR THE +POSSIBILITY OF SUCH DAMAGES) ARE/WERE PREDICTABLE OR KNOWN TO +ANY (CO)AUTHOR, INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY. + +2. THIS PRODUCT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY +KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT +LIMITED TO, THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A +PARTICULAR PURPOSE, AND NON-INFRINGEMENT. THE ENTIRE RISK AS TO +THE QUALITY AND PERFORMANCE OF THIS PRODUCT IS WITH YOU. SHOULD +THIS PRODUCT PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL +NECESSARY SERVICING, REPAIR, OR CORRECTION. + +3. THIS PRODUCT MAY INCORPORATE IMPLEMENTATIONS OF CRYPTOGRAPHIC +ALGORITHMS THAT ARE REGULATED (E.G., SUBJECT TO EXPORT/IMPORT +CONTROL REGULATIONS) OR ILLEGAL IN SOME COUNTRIES. IT IS SOLELY +YOUR RESPONSIBILITY TO VERIFY THAT IT IS LEGAL TO IMPORT AND/OR +(RE)EXPORT AND/OR USE THIS PRODUCT (OR PORTIONS THEREOF) IN +COUNTRIES WHERE YOU INTEND TO USE IT AND/OR TO WHICH YOU INTEND +TO IMPORT IT AND/OR FROM WHICH YOU INTEND TO EXPORT IT, AND IT +IS SOLELY YOUR RESPONSIBILITY TO COMPLY WITH ANY APPLICABLE +REGULATIONS, RESTRICTIONS, AND LAWS. + +4. YOU SHALL INDEMNIFY, DEFEND AND HOLD ALL (CO)AUTHORS OF THIS +PRODUCT, AND APPLICABLE INTELLECTUAL-PROPERTY OWNERS, HARMLESS +FROM AND AGAINST ANY AND ALL LIABILITY, DAMAGES, LOSSES, +SETTLEMENTS, PENALTIES, FINES, COSTS, EXPENSES (INCLUDING +REASONABLE ATTORNEYS' FEES), DEMANDS, CAUSES OF ACTION, CLAIMS, +ACTIONS, PROCEEDINGS, AND SUITS, DIRECTLY RELATED TO OR ARISING +OUT OF YOUR USE, INABILITY TO USE, COPYING, (RE)DISTRIBUTION, +IMPORT AND/OR (RE)EXPORT OF THIS PRODUCT (OR PORTIONS THEREOF) +AND/OR YOUR BREACH OF ANY TERM OF THIS LICENSE. + + + +V. Trademarks + +This License does not grant permission to use trademarks +associated with (or applying to) This Product, except for fair +use as defined by applicable law and except for use expressly +permitted or required by this License. Any attempt otherwise to +use trademarks associated with (or applying to) This Product +automatically and immediately terminates Your rights under This +License and may constitute trademark infringement (which may be +prosecuted). + + + +VI. General Terms and Conditions, Miscellaneous Provisions + +1. ANYONE WHO USES AND/OR COPIES AND/OR MODIFIES AND/OR CREATES +DERIVATIVE WORKS OF AND/OR (RE)DISTRIBUTES THIS PRODUCT, OR ANY +PORTION(S) THEREOF, IS, BY SUCH ACTION(S), AGREEING TO BE BOUND +BY AND ACCEPTING ALL TERMS AND CONDITIONS OF THIS LICENSE (AND +THE RESPONSIBILITIES AND OBLIGATIONS CONTAINED IN THIS LICENSE). +IF YOU DO NOT ACCEPT (AND AGREE TO BE BOUND BY) ALL TERMS AND +CONDITIONS OF THIS LICENSE, DO NOT USE, COPY, MODIFY, CREATE +DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY +PORTION(S) THEREOF. + +2. YOU MAY NOT USE, MODIFY, COPY, CREATE DERIVATIVE WORKS OF, +(RE)DISTRIBUTE, OR SUBLICENSE THIS PRODUCT, OR PORTION(S) +THEREOF, EXCEPT AS EXPRESSLY PROVIDED IN THIS LICENSE (EVEN IF +APPLICABLE LAW GIVES YOU MORE RIGHTS). ANY ATTEMPT (EVEN IF +PERMITTED BY APPLICABLE LAW) OTHERWISE TO USE, MODIFY, COPY, +CREATE DERIVATIVE WORKS OF, (RE)DISTRIBUTE, OR SUBLICENSE THIS +PRODUCT, OR PORTION(S) THEREOF, AUTOMATICALLY AND IMMEDIATELY +TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN CONSTITUTE +COPYRIGHT INFRINGEMENT (WHICH MAY BE PROSECUTED). ANY CONDITIONS +AND RESTRICTIONS CONTAINED IN THIS LICENSE ARE ALSO LIMITATIONS +ON THE SCOPE OF THIS LICENSE AND ALSO DEFINE THE SCOPE OF YOUR +RIGHTS UNDER THIS LICENSE. YOUR FAILURE TO COMPLY WITH THE TERMS +AND CONDITIONS OF THIS LICENSE OR FAILURE TO PERFORM ANY +APPLICABLE OBLIGATION IMPOSED BY THIS LICENSE AUTOMATICALLY AND +IMMEDIATELY TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN +CAUSE OR BE CONSIDERED COPYRIGHT INFRINGEMENT (WHICH MAY BE +PROSECUTED). NOTHING IN THIS LICENSE SHALL IMPLY OR BE CONSTRUED +AS A PROMISE, OBLIGATION, OR COVENANT NOT TO SUE FOR COPYRIGHT +OR TRADEMARK INFRINGEMENT IF YOU DO NOT COMPLY WITH THE TERMS +AND CONDITIONS OF THIS LICENSE. + +3. This License does not constitute or imply a waiver of any +intellectual property rights except as may be otherwise +expressly provided in this License. This License does not +transfer, assign, or convey any intellectual property rights +(e.g., it does not transfer ownership of copyrights or +trademarks). + +4. Subject to the terms and conditions of this License, You may +allow a third party to use Your copy of This Product (or a copy +that You make and distribute, or Your Product) provided that the +third party explicitly accepts and agrees to be bound by all +terms and conditions of this License and the third party is not +prohibited from using This Product (or portions thereof) by this +License (see, e.g., Section VI.7) or by applicable law. However, +You are not obligated to ensure that the third party accepts +(and agrees to be bound by all terms of) this License if You +distribute only the self-extracting package (containing This +Product) that does not allow the user to install (nor extract) +the files contained in the package until he or she accepts and +agrees to be bound by all terms and conditions of this License. + +5. Without specific prior written permission from the authors of +This Product (or from their common representative), You must not +use the name of This Product, the names of the authors of This +Product, or the names of the legal entities (or informal groups) +of which the authors were/are members/employees, to endorse or +promote Your Product or any work in which You include a modified +or unmodified version of This Product, or to endorse or promote +You or Your affiliates, or in a way that might suggest that Your +Product (or any work in which You include a modified or +unmodified version of This Product), You, or Your affiliates +is/are endorsed by one or more authors of This Product, or in a +way that might suggest that one or more authors of This Product +is/are affiliated with You (or Your affiliates) or directly +participated in the creation of Your Product or of any work in +which You include a modified or unmodified version of This +Product. + +6. IF YOU ARE NOT SURE WHETHER YOU UNDERSTAND ALL PARTS OF THIS +LICENSE OR IF YOU ARE NOT SURE WHETHER YOU CAN COMPLY WITH ALL +TERMS AND CONDITIONS OF THIS LICENSE, YOU MUST NOT USE, COPY, +MODIFY, CREATE DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS +PRODUCT, NOR ANY PORTION(S) OF IT. YOU SHOULD CONSULT WITH A +LAWYER. + +7. IF (IN RELEVANT CONTEXT) ANY PROVISION OF CHAPTER IV OF THIS +LICENSE IS UNENFORCEABLE, INVALID, OR PROHIBITED UNDER +APPLICABLE LAW IN YOUR JURISDICTION, YOU HAVE NO RIGHTS UNDER +THIS LICENSE AND YOU MUST NOT USE, COPY, MODIFY, CREATE +DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY +PORTION(S) THEREOF. + +8. Except as otherwise provided in this License, if any +provision of this License, or a portion thereof, is found to be +invalid or unenforceable under applicable law, it shall not +affect the validity or enforceability of the remainder of this +License, and such invalid or unenforceable provision shall be +construed to reflect the original intent of the provision and +shall be enforced to the maximum extent permitted by applicable +law so as to effect the original intent of the provision as +closely as possible. + +____________________________________________________________ + + +Third-Party Licenses + +This Product contains components that were created by third +parties and that are governed by third-party licenses, which are +contained hereinafter (separated by lines consisting of +underscores). Each of the third-party licenses applies only to +(portions of) the source code file(s) in which the third-party +license is contained or in which it is explicitly referenced, +and to compiled or otherwise processed forms of such source +code. None of the third-party licenses applies to This Product +as a whole, even when it uses terms such as "product", +"program", or any other equivalent terms/phrases. This Product +as a whole is governed by the TrueCrypt License (see above). +Some of the third-party components have been modified by the +authors of This Product. Unless otherwise stated, such +modifications and additions are governed by the TrueCrypt +License (see above). Note: Unless otherwise stated, graphics and +files that are not part of the source code are governed by the +TrueCrypt License. + +____________________________________________________________ + +License agreement for Encryption for the Masses. + +Copyright (C) 1998-2000 Paul Le Roux. All Rights Reserved. + +This product can be copied and distributed free of charge, +including source code. + +You may modify this product and source code, and distribute such +modifications, and you may derive new works based on this +product, provided that: + +1. Any product which is simply derived from this product cannot +be called E4M, or Encryption for the Masses. + +2. If you use any of the source code in your product, and your +product is distributed with source code, you must include this +notice with those portions of this source code that you use. + +Or, + +If your product is distributed in binary form only, you must +display on any packaging, and marketing materials which +reference your product, a notice which states: + +"This product uses components written by Paul Le Roux +" + +3. If you use any of the source code originally by Eric Young, +you must in addition follow his terms and conditions. + +4. Nothing requires that you accept this License, as you have +not signed it. However, nothing else grants you permission to +modify or distribute the product or its derivative works. + +These actions are prohibited by law if you do not accept this +License. + +5. If any of these license terms is found to be to broad in +scope, and declared invalid by any court or legal process, you +agree that all other terms shall not be so affected, and shall +remain valid and enforceable. + +6. THIS PROGRAM IS DISTRIBUTED FREE OF CHARGE, THEREFORE THERE +IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. UNLESS OTHERWISE STATED THE PROGRAM IS PROVIDED +"AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR +IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE +ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS +WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE +COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + +7. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN +WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY +MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE +LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, +INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR +INABILITY TO USE THE PROGRAM, INCLUDING BUT NOT LIMITED TO LOSS +OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH +ANY OTHER PROGRAMS, EVEN IF SUCH HOLDER OR OTHER PARTY HAD +PREVIOUSLY BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. +____________________________________________________________ + +Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. +All rights reserved. + +LICENSE TERMS + +The free distribution and use of this software is allowed (with +or without changes) provided that: + + 1. source code distributions include the above copyright + notice, this list of conditions and the following + disclaimer; + + 2. binary distributions include the above copyright notice, + this list of conditions and the following disclaimer in + their documentation; + + 3. the name of the copyright holder is not used to endorse + products built using this software without specific written + permission. + +DISCLAIMER + +This software is provided 'as is' with no explicit or implied +warranties in respect of its properties, including, but not +limited to, correctness and/or fitness for purpose. +____________________________________________________________ + +Copyright (C) 2002-2004 Mark Adler, all rights reserved +version 1.8, 9 Jan 2004 + +This software is provided 'as-is', without any express or +implied warranty. In no event will the author be held liable +for any damages arising from the use of this software. + +Permission is granted to anyone to use this software for any +purpose, including commercial applications, and to alter it and +redistribute it freely, subject to the following restrictions: + +1. The origin of this software must not be misrepresented; you + must not claim that you wrote the original software. If you + use this software in a product, an acknowledgment in the + product documentation would be appreciated but is not + required. +2. Altered source versions must be plainly marked as such, and + must not be misrepresented as being the original software. +3. This notice may not be removed or altered from any source + distribution. +____________________________________________________________ diff --git a/src/Main/Forms/Forms.cpp b/src/Main/Forms/Forms.cpp index ee8455bf..3f0fcc9e 100644 --- a/src/Main/Forms/Forms.cpp +++ b/src/Main/Forms/Forms.cpp @@ -1,3525 +1,3525 @@ -/////////////////////////////////////////////////////////////////////////// -// C++ code generated with wxFormBuilder (version Jun 5 2014) -// http://www.wxformbuilder.org/ -// -// PLEASE DO "NOT" EDIT THIS FILE! -/////////////////////////////////////////////////////////////////////////// - -#include "System.h" - -#include "Forms.h" - -/////////////////////////////////////////////////////////////////////////// -using namespace VeraCrypt; - -MainFrameBase::MainFrameBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxFrame( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxSize( -1,496 ), wxDefaultSize ); - - MainMenuBar = new wxMenuBar( 0 ); - VolumesMenu = new wxMenu(); - wxMenuItem* CreateNewVolumeMenuItem; - CreateNewVolumeMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Create New Volume...") ) , wxEmptyString, wxITEM_NORMAL ); - VolumesMenu->Append( CreateNewVolumeMenuItem ); - - VolumesMenu->AppendSeparator(); - - MountVolumeMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Mount Volume") ) , wxEmptyString, wxITEM_NORMAL ); - VolumesMenu->Append( MountVolumeMenuItem ); - - wxMenuItem* AutoMountDevicesMenuItem; - AutoMountDevicesMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Auto-Mount All Device-Hosted Volumes") ) , wxEmptyString, wxITEM_NORMAL ); - VolumesMenu->Append( AutoMountDevicesMenuItem ); - - VolumesMenu->AppendSeparator(); - - DismountVolumeMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Dismount Volume") ) , wxEmptyString, wxITEM_NORMAL ); - VolumesMenu->Append( DismountVolumeMenuItem ); - - DismountAllMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Dismount All Mounted Volumes") ) , wxEmptyString, wxITEM_NORMAL ); - VolumesMenu->Append( DismountAllMenuItem ); - - VolumesMenu->AppendSeparator(); - - wxMenuItem* ChangePasswordMenuItem; - ChangePasswordMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Change Volume Password...") ) , wxEmptyString, wxITEM_NORMAL ); - VolumesMenu->Append( ChangePasswordMenuItem ); - - wxMenuItem* ChangePkcs5PrfMenuItem; - ChangePkcs5PrfMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Change Header Key Derivation Algorithm...") ) , wxEmptyString, wxITEM_NORMAL ); - VolumesMenu->Append( ChangePkcs5PrfMenuItem ); - - wxMenuItem* ChangeKeyfilesMenuItem; - ChangeKeyfilesMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Add/Remove Keyfiles to/from Volume...") ) , wxEmptyString, wxITEM_NORMAL ); - VolumesMenu->Append( ChangeKeyfilesMenuItem ); - - wxMenuItem* RemoveKeyfilesMenuItem; - RemoveKeyfilesMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Remove All Keyfiles from Volume...") ) , wxEmptyString, wxITEM_NORMAL ); - VolumesMenu->Append( RemoveKeyfilesMenuItem ); - - VolumesMenu->AppendSeparator(); - - VolumePropertiesMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Volume Properties...") ) , wxEmptyString, wxITEM_NORMAL ); - VolumesMenu->Append( VolumePropertiesMenuItem ); - - MainMenuBar->Append( VolumesMenu, _("&Volumes") ); - - FavoritesMenu = new wxMenu(); - AddToFavoritesMenuItem = new wxMenuItem( FavoritesMenu, wxID_ANY, wxString( _("Add Selected Volume to Favorites...") ) , wxEmptyString, wxITEM_NORMAL ); - FavoritesMenu->Append( AddToFavoritesMenuItem ); - - AddAllMountedToFavoritesMenuItem = new wxMenuItem( FavoritesMenu, wxID_ANY, wxString( _("Add All Mounted Volumes to Favorites...") ) , wxEmptyString, wxITEM_NORMAL ); - FavoritesMenu->Append( AddAllMountedToFavoritesMenuItem ); - - wxMenuItem* OrganizeFavoritesMenuItem; - OrganizeFavoritesMenuItem = new wxMenuItem( FavoritesMenu, wxID_ANY, wxString( _("Organize Favorite Volumes...") ) , wxEmptyString, wxITEM_NORMAL ); - FavoritesMenu->Append( OrganizeFavoritesMenuItem ); - - FavoritesMenu->AppendSeparator(); - - wxMenuItem* MountAllFavoritesMenuItem; - MountAllFavoritesMenuItem = new wxMenuItem( FavoritesMenu, wxID_ANY, wxString( _("Mount Favorite Volumes") ) , wxEmptyString, wxITEM_NORMAL ); - FavoritesMenu->Append( MountAllFavoritesMenuItem ); - - FavoritesMenu->AppendSeparator(); - - MainMenuBar->Append( FavoritesMenu, _("&Favorites") ); - - ToolsMenu = new wxMenu(); - wxMenuItem* BenchmarkMenuItem; - BenchmarkMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Benchmark...") ) , wxEmptyString, wxITEM_NORMAL ); - ToolsMenu->Append( BenchmarkMenuItem ); - - wxMenuItem* EncryptionTestMenuItem; - EncryptionTestMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Test Vectors...") ) , wxEmptyString, wxITEM_NORMAL ); - ToolsMenu->Append( EncryptionTestMenuItem ); - - ToolsMenu->AppendSeparator(); - - wxMenuItem* VolumeCreationWizardMenuItem; - VolumeCreationWizardMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Volume Creation Wizard") ) , wxEmptyString, wxITEM_NORMAL ); - ToolsMenu->Append( VolumeCreationWizardMenuItem ); - - ToolsMenu->AppendSeparator(); - - BackupVolumeHeadersMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Backup Volume Header...") ) , wxEmptyString, wxITEM_NORMAL ); - ToolsMenu->Append( BackupVolumeHeadersMenuItem ); - - RestoreVolumeHeaderMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Restore Volume Header...") ) , wxEmptyString, wxITEM_NORMAL ); - ToolsMenu->Append( RestoreVolumeHeaderMenuItem ); - - ToolsMenu->AppendSeparator(); - - wxMenuItem* CreateKeyfileMenuItem; - CreateKeyfileMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Keyfile Generator") ) , wxEmptyString, wxITEM_NORMAL ); - ToolsMenu->Append( CreateKeyfileMenuItem ); - - wxMenuItem* ManageSecurityTokenKeyfilesMenuItem; - ManageSecurityTokenKeyfilesMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Manage Security Token Keyfiles...") ) , wxEmptyString, wxITEM_NORMAL ); - ToolsMenu->Append( ManageSecurityTokenKeyfilesMenuItem ); - - wxMenuItem* CloseAllSecurityTokenSessionsMenuItem; - CloseAllSecurityTokenSessionsMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Close All Security Token Sessions") ) , wxEmptyString, wxITEM_NORMAL ); - ToolsMenu->Append( CloseAllSecurityTokenSessionsMenuItem ); - - ToolsMenu->AppendSeparator(); - - WipeCachedPasswordsMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Wipe Cached Passwords") ) , wxEmptyString, wxITEM_NORMAL ); - ToolsMenu->Append( WipeCachedPasswordsMenuItem ); - - MainMenuBar->Append( ToolsMenu, _("T&ools") ); - - SettingsMenu = new wxMenu(); - HotkeysMenuItem = new wxMenuItem( SettingsMenu, wxID_ANY, wxString( _("Hotkeys...") ) , wxEmptyString, wxITEM_NORMAL ); - SettingsMenu->Append( HotkeysMenuItem ); - - wxMenuItem* DefaultKeyfilesMenuItem; - DefaultKeyfilesMenuItem = new wxMenuItem( SettingsMenu, wxID_ANY, wxString( _("Default Keyfiles...") ) , wxEmptyString, wxITEM_NORMAL ); - SettingsMenu->Append( DefaultKeyfilesMenuItem ); - - wxMenuItem* DefaultMountParametersMenuItem; - DefaultMountParametersMenuItem = new wxMenuItem( SettingsMenu, wxID_ANY, wxString( _("Default Mount Parameters...") ) , wxEmptyString, wxITEM_NORMAL ); - SettingsMenu->Append( DefaultMountParametersMenuItem ); - - wxMenuItem* SecurityTokenPreferencesMenuItem; - SecurityTokenPreferencesMenuItem = new wxMenuItem( SettingsMenu, wxID_ANY, wxString( _("Security Tokens...") ) , wxEmptyString, wxITEM_NORMAL ); - SettingsMenu->Append( SecurityTokenPreferencesMenuItem ); - - SettingsMenu->AppendSeparator(); - - PreferencesMenuItem = new wxMenuItem( SettingsMenu, wxID_PREFERENCES, wxString( _("&Preferences...") ) , wxEmptyString, wxITEM_NORMAL ); - SettingsMenu->Append( PreferencesMenuItem ); - - MainMenuBar->Append( SettingsMenu, _("Settin&gs") ); - - HelpMenu = new wxMenu(); - wxMenuItem* UserGuideMenuItem; - UserGuideMenuItem = new wxMenuItem( HelpMenu, wxID_HELP, wxString( _("User's Guide") ) , wxEmptyString, wxITEM_NORMAL ); - HelpMenu->Append( UserGuideMenuItem ); - - wxMenuItem* OnlineHelpMenuItem; - OnlineHelpMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Online Help") ) , wxEmptyString, wxITEM_NORMAL ); - HelpMenu->Append( OnlineHelpMenuItem ); - - wxMenuItem* BeginnersTutorialMenuItem; - BeginnersTutorialMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Beginner's Tutorial") ) , wxEmptyString, wxITEM_NORMAL ); - HelpMenu->Append( BeginnersTutorialMenuItem ); - - wxMenuItem* FaqMenuItem; - FaqMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Frequently Asked Questions") ) , wxEmptyString, wxITEM_NORMAL ); - HelpMenu->Append( FaqMenuItem ); - - HelpMenu->AppendSeparator(); - - wxMenuItem* WebsiteMenuItem; - WebsiteMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("VeraCrypt Website") ) , wxEmptyString, wxITEM_NORMAL ); - HelpMenu->Append( WebsiteMenuItem ); - - wxMenuItem* DownloadsMenuItem; - DownloadsMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Downloads") ) , wxEmptyString, wxITEM_NORMAL ); - HelpMenu->Append( DownloadsMenuItem ); - - wxMenuItem* NewsMenuItem; - NewsMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("News") ) , wxEmptyString, wxITEM_NORMAL ); - HelpMenu->Append( NewsMenuItem ); - - wxMenuItem* VersionHistoryMenuItem; - VersionHistoryMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Version History") ) , wxEmptyString, wxITEM_NORMAL ); - HelpMenu->Append( VersionHistoryMenuItem ); - - HelpMenu->AppendSeparator(); - - wxMenuItem* DonateMenuItem; - DonateMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Donate") ) , wxEmptyString, wxITEM_NORMAL ); - HelpMenu->Append( DonateMenuItem ); - - wxMenuItem* ContactMenuItem; - ContactMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Contact") ) , wxEmptyString, wxITEM_NORMAL ); - HelpMenu->Append( ContactMenuItem ); - - wxMenuItem* LegalNoticesMenuItem; - LegalNoticesMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Legal Notices") ) , wxEmptyString, wxITEM_NORMAL ); - HelpMenu->Append( LegalNoticesMenuItem ); - - wxMenuItem* AboutMenuItem; - AboutMenuItem = new wxMenuItem( HelpMenu, wxID_ABOUT, wxString( _("About") ) , wxEmptyString, wxITEM_NORMAL ); - HelpMenu->Append( AboutMenuItem ); - - MainMenuBar->Append( HelpMenu, _("&Help") ); - - this->SetMenuBar( MainMenuBar ); - - wxBoxSizer* bSizer1; - bSizer1 = new wxBoxSizer( wxVERTICAL ); - - MainPanel = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - wxBoxSizer* bSizer2; - bSizer2 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer48; - bSizer48 = new wxBoxSizer( wxVERTICAL ); - - wxStaticBoxSizer* sbSizer1; - sbSizer1 = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); - - SlotListCtrl = new wxListCtrl( MainPanel, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_SINGLE_SEL|wxLC_VRULES|wxSUNKEN_BORDER ); - sbSizer1->Add( SlotListCtrl, 1, wxALL|wxEXPAND, 5 ); - - - bSizer48->Add( sbSizer1, 1, wxEXPAND, 5 ); - - LowStaticBoxSizer = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); - - HigherButtonSizer = new wxBoxSizer( wxVERTICAL ); - - - LowStaticBoxSizer->Add( HigherButtonSizer, 0, wxEXPAND|wxTOP, 2 ); - - wxGridSizer* gSizer1; - gSizer1 = new wxGridSizer( 1, 3, 0, 0 ); - - wxBoxSizer* bSizer17; - bSizer17 = new wxBoxSizer( wxVERTICAL ); - - bSizer17->SetMinSize( wxSize( 138,34 ) ); - CreateVolumeButton = new wxButton( MainPanel, wxID_ANY, _("&Create Volume"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer17->Add( CreateVolumeButton, 1, wxALL|wxEXPAND, 5 ); - - - gSizer1->Add( bSizer17, 0, 0, 5 ); - - wxBoxSizer* bSizer18; - bSizer18 = new wxBoxSizer( wxVERTICAL ); - - bSizer18->SetMinSize( wxSize( 138,34 ) ); - VolumePropertiesButton = new wxButton( MainPanel, wxID_ANY, _("&Volume Properties..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer18->Add( VolumePropertiesButton, 1, wxALL|wxALIGN_CENTER_HORIZONTAL|wxEXPAND, 5 ); - - - gSizer1->Add( bSizer18, 0, wxALIGN_CENTER_HORIZONTAL, 5 ); - - wxBoxSizer* bSizer19; - bSizer19 = new wxBoxSizer( wxVERTICAL ); - - bSizer19->SetMinSize( wxSize( 138,34 ) ); - WipeCacheButton = new wxButton( MainPanel, wxID_ANY, _("&Wipe Cache"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer19->Add( WipeCacheButton, 1, wxALL|wxALIGN_RIGHT|wxEXPAND, 5 ); - - - gSizer1->Add( bSizer19, 0, wxALIGN_RIGHT, 5 ); - - - LowStaticBoxSizer->Add( gSizer1, 0, wxEXPAND|wxRIGHT|wxLEFT, 5 ); - - - LowStaticBoxSizer->Add( 0, 0, 0, 0, 5 ); - - VolumeStaticBoxSizer = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, _("Volume") ), wxVERTICAL ); - - VolumeGridBagSizer = new wxGridBagSizer( 0, 0 ); - VolumeGridBagSizer->SetFlexibleDirection( wxBOTH ); - VolumeGridBagSizer->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); - - LogoBitmap = new wxStaticBitmap( MainPanel, wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, wxSUNKEN_BORDER ); - LogoBitmap->SetMinSize( wxSize( 42,52 ) ); - - VolumeGridBagSizer->Add( LogoBitmap, wxGBPosition( 0, 0 ), wxGBSpan( 2, 1 ), wxALIGN_CENTER_VERTICAL|wxALL, 5 ); - - VolumePathComboBox = new wxComboBox( MainPanel, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0, NULL, wxCB_DROPDOWN ); - VolumeGridBagSizer->Add( VolumePathComboBox, wxGBPosition( 0, 1 ), wxGBSpan( 1, 2 ), wxEXPAND|wxALL, 5 ); - - wxBoxSizer* bSizer191; - bSizer191 = new wxBoxSizer( wxVERTICAL ); - - bSizer191->SetMinSize( wxSize( 138,34 ) ); - SelectFileButton = new wxButton( MainPanel, wxID_ANY, _("Select &File..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer191->Add( SelectFileButton, 1, wxALL|wxEXPAND, 5 ); - - - VolumeGridBagSizer->Add( bSizer191, wxGBPosition( 0, 3 ), wxGBSpan( 1, 1 ), wxEXPAND, 5 ); - - NoHistoryCheckBox = new wxCheckBox( MainPanel, wxID_ANY, _("&Never save history"), wxDefaultPosition, wxDefaultSize, 0 ); - VolumeGridBagSizer->Add( NoHistoryCheckBox, wxGBPosition( 1, 1 ), wxGBSpan( 1, 1 ), wxBOTTOM|wxRIGHT|wxLEFT, 5 ); - - wxBoxSizer* bSizer20; - bSizer20 = new wxBoxSizer( wxVERTICAL ); - - bSizer20->SetMinSize( wxSize( 138,34 ) ); - VolumeToolsButton = new wxButton( MainPanel, wxID_ANY, _("Volume &Tools..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer20->Add( VolumeToolsButton, 1, wxALL|wxEXPAND, 5 ); - - - VolumeGridBagSizer->Add( bSizer20, wxGBPosition( 1, 2 ), wxGBSpan( 1, 1 ), wxALIGN_RIGHT, 5 ); - - wxBoxSizer* bSizer21; - bSizer21 = new wxBoxSizer( wxVERTICAL ); - - bSizer21->SetMinSize( wxSize( 138,34 ) ); - SelectDeviceButton = new wxButton( MainPanel, wxID_ANY, _("Select D&evice..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer21->Add( SelectDeviceButton, 1, wxEXPAND|wxALL, 5 ); - - - VolumeGridBagSizer->Add( bSizer21, wxGBPosition( 1, 3 ), wxGBSpan( 1, 1 ), wxEXPAND, 5 ); - - - VolumeGridBagSizer->AddGrowableCol( 1 ); - VolumeGridBagSizer->AddGrowableRow( 0 ); - - VolumeStaticBoxSizer->Add( VolumeGridBagSizer, 1, wxEXPAND|wxALL, 4 ); - - - LowStaticBoxSizer->Add( VolumeStaticBoxSizer, 1, wxEXPAND, 5 ); - - - LowStaticBoxSizer->Add( 0, 0, 0, 0, 5 ); - - wxGridSizer* gSizer2; - gSizer2 = new wxGridSizer( 1, 4, 0, 0 ); - - wxStaticBoxSizer* sbSizer4; - sbSizer4 = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); - - sbSizer4->SetMinSize( wxSize( 139,-1 ) ); - VolumeButton = new wxButton( MainPanel, wxID_ANY, _("&Mount"), wxDefaultPosition, wxDefaultSize, 0 ); - VolumeButton->SetDefault(); - VolumeButton->SetMinSize( wxSize( -1,32 ) ); - - sbSizer4->Add( VolumeButton, 1, wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP, 2 ); - - - gSizer2->Add( sbSizer4, 1, wxEXPAND, 0 ); - - wxStaticBoxSizer* sbSizer41; - sbSizer41 = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); - - MountAllDevicesButton = new wxButton( MainPanel, wxID_ANY, _("&Auto-Mount Devices"), wxDefaultPosition, wxDefaultSize, 0 ); - MountAllDevicesButton->SetMinSize( wxSize( -1,32 ) ); - - sbSizer41->Add( MountAllDevicesButton, 1, wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP, 2 ); - - - gSizer2->Add( sbSizer41, 1, wxALIGN_CENTER_HORIZONTAL|wxEXPAND, 5 ); - - wxStaticBoxSizer* sbSizer42; - sbSizer42 = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); - - DismountAllButton = new wxButton( MainPanel, wxID_ANY, _("Di&smount All"), wxDefaultPosition, wxDefaultSize, 0 ); - DismountAllButton->SetMinSize( wxSize( -1,32 ) ); - - sbSizer42->Add( DismountAllButton, 1, wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP, 2 ); - - - gSizer2->Add( sbSizer42, 1, wxALIGN_CENTER_HORIZONTAL|wxEXPAND, 5 ); - - wxStaticBoxSizer* sbSizer43; - sbSizer43 = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); - - ExitButton = new wxButton( MainPanel, wxID_ANY, _("E&xit"), wxDefaultPosition, wxDefaultSize, 0 ); - ExitButton->SetMinSize( wxSize( -1,32 ) ); - - sbSizer43->Add( ExitButton, 1, wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP, 2 ); - - - gSizer2->Add( sbSizer43, 1, wxALIGN_RIGHT|wxEXPAND, 5 ); - - - LowStaticBoxSizer->Add( gSizer2, 0, wxEXPAND, 5 ); - - - bSizer48->Add( LowStaticBoxSizer, 0, wxEXPAND, 5 ); - - - bSizer2->Add( bSizer48, 1, wxEXPAND, 5 ); - - - MainPanel->SetSizer( bSizer2 ); - MainPanel->Layout(); - bSizer2->Fit( MainPanel ); - bSizer1->Add( MainPanel, 1, wxEXPAND, 0 ); - - - this->SetSizer( bSizer1 ); - this->Layout(); - bSizer1->Fit( this ); - - this->Centre( wxBOTH ); - - // Connect Events - this->Connect( wxEVT_ACTIVATE, wxActivateEventHandler( MainFrameBase::OnActivate ) ); - this->Connect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( MainFrameBase::OnClose ) ); - this->Connect( CreateNewVolumeMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCreateVolumeButtonClick ) ); - this->Connect( MountVolumeMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnMountVolumeMenuItemSelected ) ); - this->Connect( AutoMountDevicesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnMountAllDevicesButtonClick ) ); - this->Connect( DismountVolumeMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDismountVolumeMenuItemSelected ) ); - this->Connect( DismountAllMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDismountAllButtonClick ) ); - this->Connect( ChangePasswordMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnChangePasswordMenuItemSelected ) ); - this->Connect( ChangePkcs5PrfMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnChangePkcs5PrfMenuItemSelected ) ); - this->Connect( ChangeKeyfilesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnChangeKeyfilesMenuItemSelected ) ); - this->Connect( RemoveKeyfilesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnRemoveKeyfilesMenuItemSelected ) ); - this->Connect( VolumePropertiesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnVolumePropertiesButtonClick ) ); - this->Connect( AddToFavoritesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnAddToFavoritesMenuItemSelected ) ); - this->Connect( AddAllMountedToFavoritesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnAddAllMountedToFavoritesMenuItemSelected ) ); - this->Connect( OrganizeFavoritesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnOrganizeFavoritesMenuItemSelected ) ); - this->Connect( MountAllFavoritesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnMountAllFavoritesMenuItemSelected ) ); - this->Connect( BenchmarkMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnBenchmarkMenuItemSelected ) ); - this->Connect( EncryptionTestMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnEncryptionTestMenuItemSelected ) ); - this->Connect( VolumeCreationWizardMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCreateVolumeButtonClick ) ); - this->Connect( BackupVolumeHeadersMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnBackupVolumeHeadersMenuItemSelected ) ); - this->Connect( RestoreVolumeHeaderMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnRestoreVolumeHeaderMenuItemSelected ) ); - this->Connect( CreateKeyfileMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCreateKeyfileMenuItemSelected ) ); - this->Connect( ManageSecurityTokenKeyfilesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnManageSecurityTokenKeyfilesMenuItemSelected ) ); - this->Connect( CloseAllSecurityTokenSessionsMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCloseAllSecurityTokenSessionsMenuItemSelected ) ); - this->Connect( WipeCachedPasswordsMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnWipeCacheButtonClick ) ); - this->Connect( HotkeysMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnHotkeysMenuItemSelected ) ); - this->Connect( DefaultKeyfilesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDefaultKeyfilesMenuItemSelected ) ); - this->Connect( DefaultMountParametersMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDefaultMountParametersMenuItemSelected ) ); - this->Connect( SecurityTokenPreferencesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnSecurityTokenPreferencesMenuItemSelected ) ); - this->Connect( PreferencesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnPreferencesMenuItemSelected ) ); - this->Connect( UserGuideMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnUserGuideMenuItemSelected ) ); - this->Connect( OnlineHelpMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnOnlineHelpMenuItemSelected ) ); - this->Connect( BeginnersTutorialMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnBeginnersTutorialMenuItemSelected ) ); - this->Connect( FaqMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnFaqMenuItemSelected ) ); - this->Connect( WebsiteMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnWebsiteMenuItemSelected ) ); - this->Connect( DownloadsMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDownloadsMenuItemSelected ) ); - this->Connect( NewsMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnNewsMenuItemSelected ) ); - this->Connect( VersionHistoryMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnVersionHistoryMenuItemSelected ) ); - this->Connect( DonateMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDonateMenuItemSelected ) ); - this->Connect( ContactMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnContactMenuItemSelected ) ); - this->Connect( LegalNoticesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnLegalNoticesMenuItemSelected ) ); - this->Connect( AboutMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnAboutMenuItemSelected ) ); - SlotListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_ACTIVATED, wxListEventHandler( MainFrameBase::OnListItemActivated ), NULL, this ); - SlotListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( MainFrameBase::OnListItemDeselected ), NULL, this ); - SlotListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_RIGHT_CLICK, wxListEventHandler( MainFrameBase::OnListItemRightClick ), NULL, this ); - SlotListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( MainFrameBase::OnListItemSelected ), NULL, this ); - CreateVolumeButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnCreateVolumeButtonClick ), NULL, this ); - VolumePropertiesButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnVolumePropertiesButtonClick ), NULL, this ); - WipeCacheButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnWipeCacheButtonClick ), NULL, this ); - LogoBitmap->Connect( wxEVT_LEFT_DOWN, wxMouseEventHandler( MainFrameBase::OnLogoBitmapClick ), NULL, this ); - SelectFileButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnSelectFileButtonClick ), NULL, this ); - NoHistoryCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MainFrameBase::OnNoHistoryCheckBoxClick ), NULL, this ); - VolumeToolsButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnVolumeToolsButtonClick ), NULL, this ); - SelectDeviceButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnSelectDeviceButtonClick ), NULL, this ); - VolumeButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnVolumeButtonClick ), NULL, this ); - MountAllDevicesButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnMountAllDevicesButtonClick ), NULL, this ); - DismountAllButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnDismountAllButtonClick ), NULL, this ); - ExitButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnExitButtonClick ), NULL, this ); -} - -MainFrameBase::~MainFrameBase() -{ - // Disconnect Events - this->Disconnect( wxEVT_ACTIVATE, wxActivateEventHandler( MainFrameBase::OnActivate ) ); - this->Disconnect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( MainFrameBase::OnClose ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCreateVolumeButtonClick ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnMountVolumeMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnMountAllDevicesButtonClick ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDismountVolumeMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDismountAllButtonClick ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnChangePasswordMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnChangePkcs5PrfMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnChangeKeyfilesMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnRemoveKeyfilesMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnVolumePropertiesButtonClick ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnAddToFavoritesMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnAddAllMountedToFavoritesMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnOrganizeFavoritesMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnMountAllFavoritesMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnBenchmarkMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnEncryptionTestMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCreateVolumeButtonClick ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnBackupVolumeHeadersMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnRestoreVolumeHeaderMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCreateKeyfileMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnManageSecurityTokenKeyfilesMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCloseAllSecurityTokenSessionsMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnWipeCacheButtonClick ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnHotkeysMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDefaultKeyfilesMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDefaultMountParametersMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnSecurityTokenPreferencesMenuItemSelected ) ); - this->Disconnect( wxID_PREFERENCES, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnPreferencesMenuItemSelected ) ); - this->Disconnect( wxID_HELP, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnUserGuideMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnOnlineHelpMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnBeginnersTutorialMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnFaqMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnWebsiteMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDownloadsMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnNewsMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnVersionHistoryMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDonateMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnContactMenuItemSelected ) ); - this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnLegalNoticesMenuItemSelected ) ); - this->Disconnect( wxID_ABOUT, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnAboutMenuItemSelected ) ); - SlotListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_ACTIVATED, wxListEventHandler( MainFrameBase::OnListItemActivated ), NULL, this ); - SlotListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( MainFrameBase::OnListItemDeselected ), NULL, this ); - SlotListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_RIGHT_CLICK, wxListEventHandler( MainFrameBase::OnListItemRightClick ), NULL, this ); - SlotListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( MainFrameBase::OnListItemSelected ), NULL, this ); - CreateVolumeButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnCreateVolumeButtonClick ), NULL, this ); - VolumePropertiesButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnVolumePropertiesButtonClick ), NULL, this ); - WipeCacheButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnWipeCacheButtonClick ), NULL, this ); - LogoBitmap->Disconnect( wxEVT_LEFT_DOWN, wxMouseEventHandler( MainFrameBase::OnLogoBitmapClick ), NULL, this ); - SelectFileButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnSelectFileButtonClick ), NULL, this ); - NoHistoryCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MainFrameBase::OnNoHistoryCheckBoxClick ), NULL, this ); - VolumeToolsButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnVolumeToolsButtonClick ), NULL, this ); - SelectDeviceButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnSelectDeviceButtonClick ), NULL, this ); - VolumeButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnVolumeButtonClick ), NULL, this ); - MountAllDevicesButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnMountAllDevicesButtonClick ), NULL, this ); - DismountAllButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnDismountAllButtonClick ), NULL, this ); - ExitButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnExitButtonClick ), NULL, this ); - -} - -WizardFrameBase::WizardFrameBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxFrame( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxSize( 800,500 ), wxDefaultSize ); - - MainSizer = new wxBoxSizer( wxVERTICAL ); - - MainPanel = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - wxBoxSizer* bSizer63; - bSizer63 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer64; - bSizer64 = new wxBoxSizer( wxVERTICAL ); - - wxStaticBoxSizer* sbSizer27; - sbSizer27 = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxHORIZONTAL ); - - WizardBitmap = new wxStaticBitmap( MainPanel, wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer27->Add( WizardBitmap, 0, wxALL|wxEXPAND, 5 ); - - wxBoxSizer* bSizer66; - bSizer66 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer126; - bSizer126 = new wxBoxSizer( wxHORIZONTAL ); - - PageTitleStaticText = new wxStaticText( MainPanel, wxID_ANY, _("Page Title"), wxDefaultPosition, wxDefaultSize, 0 ); - PageTitleStaticText->Wrap( -1 ); - PageTitleStaticText->SetFont( wxFont( 16, 70, 90, 90, false, wxT("Times New Roman") ) ); - - bSizer126->Add( PageTitleStaticText, 0, wxALL, 5 ); - - - bSizer66->Add( bSizer126, 0, wxLEFT, 5 ); - - PageSizer = new wxBoxSizer( wxVERTICAL ); - - - bSizer66->Add( PageSizer, 1, wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - - sbSizer27->Add( bSizer66, 1, wxEXPAND|wxLEFT, 5 ); - - - bSizer64->Add( sbSizer27, 1, wxEXPAND|wxRIGHT|wxLEFT, 5 ); - - wxBoxSizer* bSizer70; - bSizer70 = new wxBoxSizer( wxHORIZONTAL ); - - - bSizer70->Add( 0, 0, 1, wxEXPAND, 5 ); - - HelpButton = new wxButton( MainPanel, wxID_HELP, _("&Help"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer70->Add( HelpButton, 0, wxALL|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL, 5 ); - - - bSizer70->Add( 0, 0, 0, wxLEFT|wxALIGN_RIGHT, 5 ); - - PreviousButton = new wxButton( MainPanel, wxID_ANY, _("< &Prev"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer70->Add( PreviousButton, 0, wxTOP|wxBOTTOM|wxLEFT|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL, 5 ); - - NextButton = new wxButton( MainPanel, wxID_ANY, _("&Next >"), wxDefaultPosition, wxDefaultSize, 0|wxWANTS_CHARS ); - NextButton->SetDefault(); - bSizer70->Add( NextButton, 0, wxTOP|wxBOTTOM|wxRIGHT|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL, 5 ); - - - bSizer70->Add( 0, 0, 0, wxLEFT|wxALIGN_RIGHT, 5 ); - - CancelButton = new wxButton( MainPanel, wxID_CANCEL, _("Cancel"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer70->Add( CancelButton, 0, wxALL|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL, 5 ); - - - bSizer64->Add( bSizer70, 0, wxEXPAND|wxALIGN_RIGHT|wxALL, 5 ); - - - bSizer63->Add( bSizer64, 1, wxEXPAND, 5 ); - - - MainPanel->SetSizer( bSizer63 ); - MainPanel->Layout(); - bSizer63->Fit( MainPanel ); - MainSizer->Add( MainPanel, 1, wxEXPAND, 5 ); - - - this->SetSizer( MainSizer ); - this->Layout(); - MainSizer->Fit( this ); - - // Connect Events - this->Connect( wxEVT_ACTIVATE, wxActivateEventHandler( WizardFrameBase::OnActivate ) ); - this->Connect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( WizardFrameBase::OnClose ) ); - MainPanel->Connect( wxEVT_MOTION, wxMouseEventHandler( WizardFrameBase::OnMouseMotion ), NULL, this ); - HelpButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnHelpButtonClick ), NULL, this ); - PreviousButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnPreviousButtonClick ), NULL, this ); - NextButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnNextButtonClick ), NULL, this ); - CancelButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnCancelButtonClick ), NULL, this ); -} - -WizardFrameBase::~WizardFrameBase() -{ - // Disconnect Events - this->Disconnect( wxEVT_ACTIVATE, wxActivateEventHandler( WizardFrameBase::OnActivate ) ); - this->Disconnect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( WizardFrameBase::OnClose ) ); - MainPanel->Disconnect( wxEVT_MOTION, wxMouseEventHandler( WizardFrameBase::OnMouseMotion ), NULL, this ); - HelpButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnHelpButtonClick ), NULL, this ); - PreviousButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnPreviousButtonClick ), NULL, this ); - NextButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnNextButtonClick ), NULL, this ); - CancelButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnCancelButtonClick ), NULL, this ); - -} - -AboutDialogBase::AboutDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - - wxBoxSizer* bSizer116; - bSizer116 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer117; - bSizer117 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer120; - bSizer120 = new wxBoxSizer( wxVERTICAL ); - - bSizer120->SetMinSize( wxSize( -1,78 ) ); - m_panel14 = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - m_panel14->SetBackgroundColour( wxColour( 10, 108, 206 ) ); - - wxBoxSizer* bSizer121; - bSizer121 = new wxBoxSizer( wxVERTICAL ); - - - bSizer121->Add( 0, 0, 1, wxEXPAND|wxALL, 5 ); - - wxBoxSizer* bSizer122; - bSizer122 = new wxBoxSizer( wxVERTICAL ); - - LogoBitmap = new wxStaticBitmap( m_panel14, wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 ); - bSizer122->Add( LogoBitmap, 0, wxALL, 10 ); - - - bSizer121->Add( bSizer122, 0, wxEXPAND|wxLEFT, 8 ); - - - m_panel14->SetSizer( bSizer121 ); - m_panel14->Layout(); - bSizer121->Fit( m_panel14 ); - bSizer120->Add( m_panel14, 1, wxEXPAND, 5 ); - - - bSizer117->Add( bSizer120, 0, wxEXPAND, 5 ); - - wxBoxSizer* bSizer118; - bSizer118 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer123; - bSizer123 = new wxBoxSizer( wxVERTICAL ); - - VersionStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - VersionStaticText->Wrap( -1 ); - bSizer123->Add( VersionStaticText, 0, wxTOP|wxRIGHT|wxLEFT, 5 ); - - - bSizer123->Add( 0, 0, 0, wxTOP, 3 ); - - CopyrightStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - CopyrightStaticText->Wrap( -1 ); - bSizer123->Add( CopyrightStaticText, 0, wxBOTTOM|wxRIGHT|wxLEFT, 5 ); - - - bSizer123->Add( 0, 0, 0, wxTOP, 3 ); - - WebsiteHyperlink = new wxHyperlinkCtrl( this, wxID_ANY, wxEmptyString, wxT("."), wxDefaultPosition, wxDefaultSize, wxHL_DEFAULT_STYLE ); - - WebsiteHyperlink->SetHoverColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - WebsiteHyperlink->SetNormalColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - WebsiteHyperlink->SetVisitedColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - bSizer123->Add( WebsiteHyperlink, 0, wxALL, 5 ); - - - bSizer118->Add( bSizer123, 1, wxEXPAND|wxLEFT, 5 ); - - - bSizer117->Add( bSizer118, 1, wxALL|wxEXPAND, 15 ); - - m_staticline3 = new wxStaticLine( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLI_HORIZONTAL ); - bSizer117->Add( m_staticline3, 0, wxEXPAND|wxBOTTOM, 5 ); - - CreditsTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_MULTILINE|wxTE_READONLY|wxSUNKEN_BORDER ); - bSizer117->Add( CreditsTextCtrl, 0, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 10 ); - - - bSizer117->Add( 0, 0, 0, wxTOP, 5 ); - - m_staticline4 = new wxStaticLine( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLI_HORIZONTAL ); - bSizer117->Add( m_staticline4, 0, wxEXPAND|wxTOP|wxBOTTOM, 3 ); - - m_staticline5 = new wxStaticLine( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLI_HORIZONTAL ); - bSizer117->Add( m_staticline5, 0, wxEXPAND|wxBOTTOM, 5 ); - - wxBoxSizer* bSizer119; - bSizer119 = new wxBoxSizer( wxHORIZONTAL ); - - - bSizer119->Add( 0, 0, 1, wxEXPAND|wxALL, 5 ); - - wxButton* OKButton; - OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); - OKButton->SetDefault(); - bSizer119->Add( OKButton, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - - bSizer119->Add( 0, 0, 0, wxLEFT, 5 ); - - - bSizer117->Add( bSizer119, 0, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 6 ); - - - bSizer116->Add( bSizer117, 1, wxEXPAND, 5 ); - - - this->SetSizer( bSizer116 ); - this->Layout(); - bSizer116->Fit( this ); - - // Connect Events - WebsiteHyperlink->Connect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( AboutDialogBase::OnWebsiteHyperlinkClick ), NULL, this ); -} - -AboutDialogBase::~AboutDialogBase() -{ - // Disconnect Events - WebsiteHyperlink->Disconnect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( AboutDialogBase::OnWebsiteHyperlinkClick ), NULL, this ); - -} - -BenchmarkDialogBase::BenchmarkDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - - wxBoxSizer* bSizer153; - bSizer153 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer154; - bSizer154 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer155; - bSizer155 = new wxBoxSizer( wxHORIZONTAL ); - - wxStaticText* m_staticText54; - m_staticText54 = new wxStaticText( this, wxID_ANY, _("Buffer Size:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText54->Wrap( -1 ); - bSizer155->Add( m_staticText54, 0, wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - wxArrayString BufferSizeChoiceChoices; - BufferSizeChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, BufferSizeChoiceChoices, 0 ); - BufferSizeChoice->SetSelection( 0 ); - bSizer155->Add( BufferSizeChoice, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - - bSizer154->Add( bSizer155, 0, wxEXPAND, 5 ); - - wxStaticLine* m_staticline6; - m_staticline6 = new wxStaticLine( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLI_HORIZONTAL ); - bSizer154->Add( m_staticline6, 0, wxEXPAND | wxALL, 5 ); - - wxBoxSizer* bSizer156; - bSizer156 = new wxBoxSizer( wxHORIZONTAL ); - - BenchmarkListCtrl = new wxListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxSUNKEN_BORDER ); - bSizer156->Add( BenchmarkListCtrl, 1, wxALL|wxEXPAND, 5 ); - - RightSizer = new wxBoxSizer( wxVERTICAL ); - - BenchmarkButton = new wxButton( this, wxID_OK, _("Benchmark"), wxDefaultPosition, wxDefaultSize, 0 ); - BenchmarkButton->SetDefault(); - RightSizer->Add( BenchmarkButton, 0, wxALL|wxEXPAND, 5 ); - - wxButton* CancelButton; - CancelButton = new wxButton( this, wxID_CANCEL, _("Close"), wxDefaultPosition, wxDefaultSize, 0 ); - RightSizer->Add( CancelButton, 0, wxALL|wxEXPAND, 5 ); - - - RightSizer->Add( 0, 0, 0, wxEXPAND|wxTOP|wxBOTTOM, 5 ); - - BenchmarkNoteStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - BenchmarkNoteStaticText->Wrap( -1 ); - RightSizer->Add( BenchmarkNoteStaticText, 1, wxALL|wxEXPAND, 5 ); - - - bSizer156->Add( RightSizer, 0, wxEXPAND, 5 ); - - - bSizer154->Add( bSizer156, 1, wxEXPAND, 5 ); - - - bSizer153->Add( bSizer154, 1, wxEXPAND|wxALL, 5 ); - - - this->SetSizer( bSizer153 ); - this->Layout(); - bSizer153->Fit( this ); - - // Connect Events - BenchmarkButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( BenchmarkDialogBase::OnBenchmarkButtonClick ), NULL, this ); -} - -BenchmarkDialogBase::~BenchmarkDialogBase() -{ - // Disconnect Events - BenchmarkButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( BenchmarkDialogBase::OnBenchmarkButtonClick ), NULL, this ); - -} - -ChangePasswordDialogBase::ChangePasswordDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - this->SetExtraStyle( GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY ); - - wxBoxSizer* bSizer30; - bSizer30 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer31; - bSizer31 = new wxBoxSizer( wxHORIZONTAL ); - - wxBoxSizer* bSizer32; - bSizer32 = new wxBoxSizer( wxVERTICAL ); - - CurrentSizer = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Current") ), wxVERTICAL ); - - CurrentPasswordPanelSizer = new wxBoxSizer( wxVERTICAL ); - - - CurrentSizer->Add( CurrentPasswordPanelSizer, 0, wxALIGN_LEFT, 5 ); - - - bSizer32->Add( CurrentSizer, 0, wxEXPAND, 5 ); - - NewSizer = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("New") ), wxVERTICAL ); - - NewPasswordPanelSizer = new wxBoxSizer( wxVERTICAL ); - - - NewSizer->Add( NewPasswordPanelSizer, 0, wxALIGN_LEFT, 5 ); - - - bSizer32->Add( NewSizer, 0, wxTOP|wxEXPAND, 5 ); - - - bSizer31->Add( bSizer32, 1, wxEXPAND|wxALL, 5 ); - - wxBoxSizer* bSizer33; - bSizer33 = new wxBoxSizer( wxVERTICAL ); - - OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); - OKButton->SetDefault(); - bSizer33->Add( OKButton, 0, wxALL|wxEXPAND, 5 ); - - CancelButton = new wxButton( this, wxID_CANCEL, _("Cancel"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer33->Add( CancelButton, 0, wxALL|wxEXPAND, 5 ); - - - bSizer31->Add( bSizer33, 0, 0, 5 ); - - - bSizer30->Add( bSizer31, 1, wxEXPAND|wxALL, 5 ); - - - this->SetSizer( bSizer30 ); - this->Layout(); - bSizer30->Fit( this ); - - // Connect Events - OKButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( ChangePasswordDialogBase::OnOKButtonClick ), NULL, this ); -} - -ChangePasswordDialogBase::~ChangePasswordDialogBase() -{ - // Disconnect Events - OKButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( ChangePasswordDialogBase::OnOKButtonClick ), NULL, this ); - -} - -DeviceSelectionDialogBase::DeviceSelectionDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxSize( -1,-1 ), wxDefaultSize ); - this->SetExtraStyle( GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY ); - - wxBoxSizer* bSizer3; - bSizer3 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer4; - bSizer4 = new wxBoxSizer( wxVERTICAL ); - - DeviceListCtrl = new wxListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_SINGLE_SEL|wxLC_VRULES|wxSUNKEN_BORDER ); - bSizer4->Add( DeviceListCtrl, 1, wxALL|wxEXPAND, 5 ); - - StdButtons = new wxStdDialogButtonSizer(); - StdButtonsOK = new wxButton( this, wxID_OK ); - StdButtons->AddButton( StdButtonsOK ); - StdButtonsCancel = new wxButton( this, wxID_CANCEL ); - StdButtons->AddButton( StdButtonsCancel ); - StdButtons->Realize(); - - bSizer4->Add( StdButtons, 0, wxEXPAND|wxALL, 5 ); - - - bSizer3->Add( bSizer4, 1, wxEXPAND|wxALL, 5 ); - - - this->SetSizer( bSizer3 ); - this->Layout(); - bSizer3->Fit( this ); - - this->Centre( wxBOTH ); - - // Connect Events - DeviceListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_ACTIVATED, wxListEventHandler( DeviceSelectionDialogBase::OnListItemActivated ), NULL, this ); - DeviceListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( DeviceSelectionDialogBase::OnListItemDeselected ), NULL, this ); - DeviceListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( DeviceSelectionDialogBase::OnListItemSelected ), NULL, this ); -} - -DeviceSelectionDialogBase::~DeviceSelectionDialogBase() -{ - // Disconnect Events - DeviceListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_ACTIVATED, wxListEventHandler( DeviceSelectionDialogBase::OnListItemActivated ), NULL, this ); - DeviceListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( DeviceSelectionDialogBase::OnListItemDeselected ), NULL, this ); - DeviceListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( DeviceSelectionDialogBase::OnListItemSelected ), NULL, this ); - -} - -EncryptionTestDialogBase::EncryptionTestDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - - wxBoxSizer* bSizer132; - bSizer132 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer133; - bSizer133 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer134; - bSizer134 = new wxBoxSizer( wxHORIZONTAL ); - - wxStaticText* m_staticText41; - m_staticText41 = new wxStaticText( this, wxID_ANY, _("Encryption algorithm:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText41->Wrap( -1 ); - bSizer134->Add( m_staticText41, 0, wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - wxArrayString EncryptionAlgorithmChoiceChoices; - EncryptionAlgorithmChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, EncryptionAlgorithmChoiceChoices, 0 ); - EncryptionAlgorithmChoice->SetSelection( 0 ); - bSizer134->Add( EncryptionAlgorithmChoice, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - XtsModeCheckBox = new wxCheckBox( this, wxID_ANY, _("XTS mode"), wxDefaultPosition, wxDefaultSize, 0 ); - XtsModeCheckBox->SetValue(true); - bSizer134->Add( XtsModeCheckBox, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - - bSizer133->Add( bSizer134, 0, wxALIGN_CENTER_HORIZONTAL, 5 ); - - wxStaticBoxSizer* sbSizer38; - sbSizer38 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Key (hexadecimal)") ), wxVERTICAL ); - - KeyTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - KeyTextCtrl->SetMaxLength( 0 ); - KeyTextCtrl->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier") ) ); - - sbSizer38->Add( KeyTextCtrl, 1, wxALL|wxEXPAND, 5 ); - - wxBoxSizer* bSizer135; - bSizer135 = new wxBoxSizer( wxHORIZONTAL ); - - wxStaticText* m_staticText43; - m_staticText43 = new wxStaticText( this, wxID_ANY, _("Key size:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText43->Wrap( -1 ); - bSizer135->Add( m_staticText43, 0, wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT|wxLEFT, 5 ); - - KeySizeStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - KeySizeStaticText->Wrap( -1 ); - bSizer135->Add( KeySizeStaticText, 0, wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT, 5 ); - - - sbSizer38->Add( bSizer135, 0, wxEXPAND, 5 ); - - - bSizer133->Add( sbSizer38, 0, wxEXPAND|wxALL, 5 ); - - wxStaticBoxSizer* sbSizer39; - sbSizer39 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("XTS mode") ), wxVERTICAL ); - - wxStaticText* m_staticText45; - m_staticText45 = new wxStaticText( this, wxID_ANY, _("Secondary key (hexadecimal)"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText45->Wrap( -1 ); - sbSizer39->Add( m_staticText45, 0, wxTOP|wxRIGHT|wxLEFT, 5 ); - - SecondaryKeyTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - SecondaryKeyTextCtrl->SetMaxLength( 0 ); - SecondaryKeyTextCtrl->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier") ) ); - - sbSizer39->Add( SecondaryKeyTextCtrl, 0, wxEXPAND|wxALL, 5 ); - - wxStaticText* m_staticText46; - m_staticText46 = new wxStaticText( this, wxID_ANY, _("Data unit number (64-bit, data unit size is 512 bytes)"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText46->Wrap( -1 ); - sbSizer39->Add( m_staticText46, 0, wxTOP|wxRIGHT|wxLEFT, 5 ); - - DataUnitNumberTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - DataUnitNumberTextCtrl->SetMaxLength( 0 ); - sbSizer39->Add( DataUnitNumberTextCtrl, 0, wxALL, 5 ); - - wxStaticText* m_staticText47; - m_staticText47 = new wxStaticText( this, wxID_ANY, _("Block number:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText47->Wrap( -1 ); - sbSizer39->Add( m_staticText47, 0, wxTOP|wxRIGHT|wxLEFT, 5 ); - - BlockNumberTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - BlockNumberTextCtrl->SetMaxLength( 0 ); - sbSizer39->Add( BlockNumberTextCtrl, 0, wxALL, 5 ); - - - bSizer133->Add( sbSizer39, 1, wxEXPAND|wxALL, 5 ); - - wxStaticBoxSizer* sbSizer40; - sbSizer40 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Plaintext (hexadecimal)") ), wxVERTICAL ); - - PlainTextTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - PlainTextTextCtrl->SetMaxLength( 0 ); - PlainTextTextCtrl->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier") ) ); - - sbSizer40->Add( PlainTextTextCtrl, 0, wxALL|wxEXPAND, 5 ); - - - bSizer133->Add( sbSizer40, 0, wxEXPAND|wxALL, 5 ); - - wxStaticBoxSizer* sbSizer41; - sbSizer41 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Ciphertext (hexadecimal)") ), wxVERTICAL ); - - CipherTextTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - CipherTextTextCtrl->SetMaxLength( 0 ); - CipherTextTextCtrl->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier") ) ); - - sbSizer41->Add( CipherTextTextCtrl, 0, wxALL|wxEXPAND, 5 ); - - - bSizer133->Add( sbSizer41, 0, wxEXPAND|wxALL, 5 ); - - wxBoxSizer* bSizer136; - bSizer136 = new wxBoxSizer( wxHORIZONTAL ); - - EncryptButton = new wxButton( this, wxID_ANY, _("&Encrypt"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer136->Add( EncryptButton, 0, wxALL, 5 ); - - DecryptButton = new wxButton( this, wxID_ANY, _("&Decrypt"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer136->Add( DecryptButton, 0, wxALL, 5 ); - - AutoTestAllButton = new wxButton( this, wxID_ANY, _("&Auto-Test All"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer136->Add( AutoTestAllButton, 0, wxALL, 5 ); - - ResetButton = new wxButton( this, wxID_ANY, _("&Reset"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer136->Add( ResetButton, 0, wxALL, 5 ); - - CloseButton = new wxButton( this, wxID_CANCEL, _("Close"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer136->Add( CloseButton, 0, wxALL, 5 ); - - - bSizer133->Add( bSizer136, 0, wxEXPAND, 5 ); - - - bSizer132->Add( bSizer133, 1, wxEXPAND|wxALL, 5 ); - - - this->SetSizer( bSizer132 ); - this->Layout(); - bSizer132->Fit( this ); - - // Connect Events - EncryptionAlgorithmChoice->Connect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( EncryptionTestDialogBase::OnEncryptionAlgorithmSelected ), NULL, this ); - XtsModeCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnXtsModeCheckBoxClick ), NULL, this ); - EncryptButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnEncryptButtonClick ), NULL, this ); - DecryptButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnDecryptButtonClick ), NULL, this ); - AutoTestAllButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnAutoTestAllButtonClick ), NULL, this ); - ResetButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnResetButtonClick ), NULL, this ); -} - -EncryptionTestDialogBase::~EncryptionTestDialogBase() -{ - // Disconnect Events - EncryptionAlgorithmChoice->Disconnect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( EncryptionTestDialogBase::OnEncryptionAlgorithmSelected ), NULL, this ); - XtsModeCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnXtsModeCheckBoxClick ), NULL, this ); - EncryptButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnEncryptButtonClick ), NULL, this ); - DecryptButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnDecryptButtonClick ), NULL, this ); - AutoTestAllButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnAutoTestAllButtonClick ), NULL, this ); - ResetButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnResetButtonClick ), NULL, this ); - -} - -FavoriteVolumesDialogBase::FavoriteVolumesDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - - wxBoxSizer* bSizer57; - bSizer57 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer60; - bSizer60 = new wxBoxSizer( wxHORIZONTAL ); - - wxBoxSizer* bSizer58; - bSizer58 = new wxBoxSizer( wxVERTICAL ); - - FavoritesListCtrl = new wxListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VRULES|wxSUNKEN_BORDER ); - bSizer58->Add( FavoritesListCtrl, 1, wxALL|wxEXPAND, 5 ); - - wxGridSizer* gSizer5; - gSizer5 = new wxGridSizer( 1, 4, 0, 0 ); - - MoveUpButton = new wxButton( this, wxID_ANY, _("Move &Up"), wxDefaultPosition, wxDefaultSize, 0 ); - gSizer5->Add( MoveUpButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxRIGHT, 5 ); - - MoveDownButton = new wxButton( this, wxID_ANY, _("Move &Down"), wxDefaultPosition, wxDefaultSize, 0 ); - gSizer5->Add( MoveDownButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxRIGHT, 5 ); - - RemoveButton = new wxButton( this, wxID_ANY, _("&Remove"), wxDefaultPosition, wxDefaultSize, 0 ); - gSizer5->Add( RemoveButton, 0, wxALIGN_RIGHT|wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - RemoveAllButton = new wxButton( this, wxID_ANY, _("Remove &All"), wxDefaultPosition, wxDefaultSize, 0 ); - gSizer5->Add( RemoveAllButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - - bSizer58->Add( gSizer5, 0, wxEXPAND|wxRIGHT|wxLEFT, 5 ); - - wxFlexGridSizer* fgSizer4; - fgSizer4 = new wxFlexGridSizer( 1, 5, 0, 0 ); - fgSizer4->AddGrowableCol( 2 ); - fgSizer4->SetFlexibleDirection( wxBOTH ); - fgSizer4->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); - - - fgSizer4->Add( 0, 0, 1, wxEXPAND, 5 ); - - - bSizer58->Add( fgSizer4, 0, wxEXPAND, 5 ); - - - bSizer60->Add( bSizer58, 1, wxEXPAND, 5 ); - - wxBoxSizer* bSizer59; - bSizer59 = new wxBoxSizer( wxVERTICAL ); - - OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); - OKButton->SetDefault(); - bSizer59->Add( OKButton, 0, wxALL, 5 ); - - CancelButton = new wxButton( this, wxID_CANCEL, _("Cancel"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer59->Add( CancelButton, 0, wxALL, 5 ); - - - bSizer60->Add( bSizer59, 0, wxEXPAND, 5 ); - - - bSizer57->Add( bSizer60, 1, wxEXPAND|wxALL, 5 ); - - - this->SetSizer( bSizer57 ); - this->Layout(); - bSizer57->Fit( this ); - - // Connect Events - FavoritesListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( FavoriteVolumesDialogBase::OnListItemDeselected ), NULL, this ); - FavoritesListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( FavoriteVolumesDialogBase::OnListItemSelected ), NULL, this ); - MoveUpButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnMoveUpButtonClick ), NULL, this ); - MoveDownButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnMoveDownButtonClick ), NULL, this ); - RemoveButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnRemoveButtonClick ), NULL, this ); - RemoveAllButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnRemoveAllButtonClick ), NULL, this ); - OKButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnOKButtonClick ), NULL, this ); -} - -FavoriteVolumesDialogBase::~FavoriteVolumesDialogBase() -{ - // Disconnect Events - FavoritesListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( FavoriteVolumesDialogBase::OnListItemDeselected ), NULL, this ); - FavoritesListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( FavoriteVolumesDialogBase::OnListItemSelected ), NULL, this ); - MoveUpButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnMoveUpButtonClick ), NULL, this ); - MoveDownButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnMoveDownButtonClick ), NULL, this ); - RemoveButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnRemoveButtonClick ), NULL, this ); - RemoveAllButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnRemoveAllButtonClick ), NULL, this ); - OKButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnOKButtonClick ), NULL, this ); - -} - -KeyfilesDialogBase::KeyfilesDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - this->SetExtraStyle( GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY ); - - wxBoxSizer* bSizer26; - bSizer26 = new wxBoxSizer( wxVERTICAL ); - - UpperSizer = new wxBoxSizer( wxHORIZONTAL ); - - PanelSizer = new wxBoxSizer( wxVERTICAL ); - - - UpperSizer->Add( PanelSizer, 1, wxEXPAND, 5 ); - - wxBoxSizer* bSizer22; - bSizer22 = new wxBoxSizer( wxVERTICAL ); - - OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); - OKButton->SetDefault(); - bSizer22->Add( OKButton, 0, wxALL|wxEXPAND, 5 ); - - CancelButton = new wxButton( this, wxID_CANCEL, _("Cancel"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer22->Add( CancelButton, 0, wxALL|wxEXPAND, 5 ); - - WarningStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - WarningStaticText->Wrap( -1 ); - bSizer22->Add( WarningStaticText, 1, wxALL|wxEXPAND, 5 ); - - - UpperSizer->Add( bSizer22, 0, wxEXPAND, 5 ); - - - bSizer26->Add( UpperSizer, 1, wxTOP|wxRIGHT|wxLEFT, 5 ); - - wxBoxSizer* bSizer23; - bSizer23 = new wxBoxSizer( wxVERTICAL ); - - KeyfilesNoteSizer = new wxBoxSizer( wxVERTICAL ); - - wxStaticLine* m_staticline1; - m_staticline1 = new wxStaticLine( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLI_HORIZONTAL ); - KeyfilesNoteSizer->Add( m_staticline1, 0, wxEXPAND | wxALL, 5 ); - - KeyfilesNoteStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - KeyfilesNoteStaticText->Wrap( -1 ); - KeyfilesNoteSizer->Add( KeyfilesNoteStaticText, 0, wxALL|wxEXPAND, 5 ); - - wxStaticLine* m_staticline2; - m_staticline2 = new wxStaticLine( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLI_HORIZONTAL ); - KeyfilesNoteSizer->Add( m_staticline2, 0, wxEXPAND | wxALL, 5 ); - - - bSizer23->Add( KeyfilesNoteSizer, 1, wxEXPAND, 5 ); - - wxFlexGridSizer* fgSizer2; - fgSizer2 = new wxFlexGridSizer( 1, 2, 0, 0 ); - fgSizer2->AddGrowableCol( 0 ); - fgSizer2->SetFlexibleDirection( wxBOTH ); - fgSizer2->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); - - KeyfilesHyperlink = new wxHyperlinkCtrl( this, wxID_ANY, _("More information on keyfiles"), wxEmptyString, wxDefaultPosition, wxDefaultSize, wxHL_DEFAULT_STYLE ); - - KeyfilesHyperlink->SetHoverColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - KeyfilesHyperlink->SetNormalColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - KeyfilesHyperlink->SetVisitedColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - fgSizer2->Add( KeyfilesHyperlink, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - CreateKeyfileButtton = new wxButton( this, wxID_ANY, _("&Generate Random Keyfile..."), wxDefaultPosition, wxDefaultSize, 0 ); - fgSizer2->Add( CreateKeyfileButtton, 0, wxALL, 5 ); - - - bSizer23->Add( fgSizer2, 0, wxEXPAND, 5 ); - - - bSizer26->Add( bSizer23, 0, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 5 ); - - - this->SetSizer( bSizer26 ); - this->Layout(); - bSizer26->Fit( this ); - - // Connect Events - KeyfilesHyperlink->Connect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( KeyfilesDialogBase::OnKeyfilesHyperlinkClick ), NULL, this ); - CreateKeyfileButtton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesDialogBase::OnCreateKeyfileButttonClick ), NULL, this ); -} - -KeyfilesDialogBase::~KeyfilesDialogBase() -{ - // Disconnect Events - KeyfilesHyperlink->Disconnect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( KeyfilesDialogBase::OnKeyfilesHyperlinkClick ), NULL, this ); - CreateKeyfileButtton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesDialogBase::OnCreateKeyfileButttonClick ), NULL, this ); - -} - -KeyfileGeneratorDialogBase::KeyfileGeneratorDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - - MainSizer = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer144; - bSizer144 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer145; - bSizer145 = new wxBoxSizer( wxHORIZONTAL ); - - - bSizer145->Add( 0, 0, 1, wxEXPAND, 5 ); - - wxStaticText* m_staticText49; - m_staticText49 = new wxStaticText( this, wxID_ANY, _("Mixing PRF:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText49->Wrap( -1 ); - bSizer145->Add( m_staticText49, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - wxArrayString HashChoiceChoices; - HashChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, HashChoiceChoices, 0 ); - HashChoice->SetSelection( 0 ); - bSizer145->Add( HashChoice, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - - bSizer145->Add( 0, 0, 1, wxEXPAND, 5 ); - - - bSizer144->Add( bSizer145, 0, wxEXPAND, 5 ); - - wxStaticBoxSizer* sbSizer43; - sbSizer43 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, wxEmptyString ), wxVERTICAL ); - - wxBoxSizer* bSizer147; - bSizer147 = new wxBoxSizer( wxHORIZONTAL ); - - wxStaticText* m_staticText52; - m_staticText52 = new wxStaticText( this, wxID_ANY, _("Random Pool:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText52->Wrap( -1 ); - bSizer147->Add( m_staticText52, 0, wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL, 5 ); - - RandomPoolStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - RandomPoolStaticText->Wrap( -1 ); - RandomPoolStaticText->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier New") ) ); - - bSizer147->Add( RandomPoolStaticText, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - ShowRandomPoolCheckBox = new wxCheckBox( this, wxID_ANY, _("Show"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer147->Add( ShowRandomPoolCheckBox, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - - sbSizer43->Add( bSizer147, 0, wxEXPAND|wxTOP, 5 ); - - - sbSizer43->Add( 0, 0, 1, wxEXPAND, 5 ); - - wxStaticBoxSizer* sbSizer45; - sbSizer45 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Randomness Collected From Mouse Movements") ), wxVERTICAL ); - - CollectedEntropy = new wxGauge( this, wxID_ANY, 2560, wxDefaultPosition, wxDefaultSize, wxGA_HORIZONTAL|wxGA_SMOOTH ); - CollectedEntropy->SetValue( 0 ); - sbSizer45->Add( CollectedEntropy, 1, wxALL|wxEXPAND, 5 ); - - - sbSizer43->Add( sbSizer45, 0, wxBOTTOM|wxEXPAND|wxTOP, 5 ); - - - sbSizer43->Add( 0, 0, 1, wxEXPAND, 5 ); - - MouseStaticText = new wxStaticText( this, wxID_ANY, _("IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile."), wxDefaultPosition, wxDefaultSize, 0 ); - MouseStaticText->Wrap( -1 ); - sbSizer43->Add( MouseStaticText, 0, wxALL|wxALIGN_CENTER_HORIZONTAL, 5 ); - - - sbSizer43->Add( 0, 0, 1, wxEXPAND, 5 ); - - - bSizer144->Add( sbSizer43, 1, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 5 ); - - wxBoxSizer* bSizer162; - bSizer162 = new wxBoxSizer( wxVERTICAL ); - - wxFlexGridSizer* fgSizer8; - fgSizer8 = new wxFlexGridSizer( 3, 3, 0, 0 ); - fgSizer8->AddGrowableCol( 2 ); - fgSizer8->SetFlexibleDirection( wxBOTH ); - fgSizer8->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); - - m_staticText60 = new wxStaticText( this, wxID_ANY, _("Number of keyfiles:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText60->Wrap( -1 ); - fgSizer8->Add( m_staticText60, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); - - NumberOfKeyfiles = new wxSpinCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxSP_ARROW_KEYS, 1, 9999999, 1 ); - fgSizer8->Add( NumberOfKeyfiles, 0, wxALL, 5 ); - - m_panel18 = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - fgSizer8->Add( m_panel18, 1, wxEXPAND | wxALL, 5 ); - - m_staticText63 = new wxStaticText( this, wxID_ANY, _("Keyfiles size (in Bytes):"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText63->Wrap( -1 ); - fgSizer8->Add( m_staticText63, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); - - KeyfilesSize = new wxSpinCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxSP_ARROW_KEYS, 64, 1048576, 64 ); - fgSizer8->Add( KeyfilesSize, 0, wxALL, 5 ); - - RandomSizeCheckBox = new wxCheckBox( this, wxID_ANY, _("Random size (64 <-> 1048576)"), wxDefaultPosition, wxDefaultSize, 0 ); - fgSizer8->Add( RandomSizeCheckBox, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); - - m_staticText65 = new wxStaticText( this, wxID_ANY, _("Keyfiles base name:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText65->Wrap( -1 ); - fgSizer8->Add( m_staticText65, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); - - KeyfilesBaseName = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - fgSizer8->Add( KeyfilesBaseName, 0, wxALL, 5 ); - - m_panel19 = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - fgSizer8->Add( m_panel19, 1, wxEXPAND | wxALL, 5 ); - - - bSizer162->Add( fgSizer8, 1, wxEXPAND, 5 ); - - - bSizer144->Add( bSizer162, 0, wxALL|wxEXPAND, 5 ); - - wxBoxSizer* bSizer146; - bSizer146 = new wxBoxSizer( wxHORIZONTAL ); - - GenerateButton = new wxButton( this, wxID_ANY, _("Generate and Save Keyfile..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer146->Add( GenerateButton, 0, wxALL, 5 ); - - - bSizer146->Add( 0, 0, 1, wxEXPAND, 5 ); - - wxButton* m_button61; - m_button61 = new wxButton( this, wxID_CANCEL, _("Close"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer146->Add( m_button61, 0, wxALL, 5 ); - - - bSizer144->Add( bSizer146, 0, wxEXPAND, 5 ); - - - MainSizer->Add( bSizer144, 1, wxEXPAND|wxALL, 5 ); - - - this->SetSizer( MainSizer ); - this->Layout(); - MainSizer->Fit( this ); - - // Connect Events - this->Connect( wxEVT_MOTION, wxMouseEventHandler( KeyfileGeneratorDialogBase::OnMouseMotion ) ); - HashChoice->Connect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnHashSelected ), NULL, this ); - ShowRandomPoolCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnShowRandomPoolCheckBoxClicked ), NULL, this ); - RandomSizeCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnRandomSizeCheckBoxClicked ), NULL, this ); - GenerateButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnGenerateButtonClick ), NULL, this ); -} - -KeyfileGeneratorDialogBase::~KeyfileGeneratorDialogBase() -{ - // Disconnect Events - this->Disconnect( wxEVT_MOTION, wxMouseEventHandler( KeyfileGeneratorDialogBase::OnMouseMotion ) ); - HashChoice->Disconnect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnHashSelected ), NULL, this ); - ShowRandomPoolCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnShowRandomPoolCheckBoxClicked ), NULL, this ); - RandomSizeCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnRandomSizeCheckBoxClicked ), NULL, this ); - GenerateButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnGenerateButtonClick ), NULL, this ); - -} - -LegalNoticesDialogBase::LegalNoticesDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - - wxBoxSizer* bSizer114; - bSizer114 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer115; - bSizer115 = new wxBoxSizer( wxVERTICAL ); - - LegalNoticesTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_MULTILINE|wxTE_READONLY ); - bSizer115->Add( LegalNoticesTextCtrl, 1, wxALL|wxEXPAND, 5 ); - - wxButton* OKButton; - OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); - OKButton->SetDefault(); - bSizer115->Add( OKButton, 0, wxALL|wxALIGN_CENTER_HORIZONTAL, 5 ); - - - bSizer114->Add( bSizer115, 1, wxEXPAND|wxALL, 5 ); - - - this->SetSizer( bSizer114 ); - this->Layout(); - bSizer114->Fit( this ); -} - -LegalNoticesDialogBase::~LegalNoticesDialogBase() -{ -} - -MountOptionsDialogBase::MountOptionsDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - this->SetExtraStyle( GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY ); - - MainSizer = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer19; - bSizer19 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer14; - bSizer14 = new wxBoxSizer( wxHORIZONTAL ); - - PasswordSizer = new wxBoxSizer( wxVERTICAL ); - - - bSizer14->Add( PasswordSizer, 1, wxEXPAND, 5 ); - - wxBoxSizer* bSizer9; - bSizer9 = new wxBoxSizer( wxVERTICAL ); - - OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); - OKButton->SetDefault(); - bSizer9->Add( OKButton, 0, wxALL|wxEXPAND, 5 ); - - CancelButton = new wxButton( this, wxID_CANCEL, _("Cancel"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer9->Add( CancelButton, 0, wxALL|wxEXPAND, 5 ); - - - bSizer9->Add( 0, 0, 1, wxTOP|wxEXPAND, 5 ); - - OptionsButton = new wxButton( this, wxID_ANY, _("Op&tions"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer9->Add( OptionsButton, 0, wxALL|wxEXPAND, 5 ); - - - bSizer14->Add( bSizer9, 0, wxEXPAND, 5 ); - - - bSizer19->Add( bSizer14, 0, wxEXPAND|wxALL, 5 ); - - wxBoxSizer* bSizer6; - bSizer6 = new wxBoxSizer( wxVERTICAL ); - - OptionsPanel = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - OptionsSizer = new wxStaticBoxSizer( new wxStaticBox( OptionsPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); - - - OptionsSizer->Add( 0, 0, 0, wxTOP, 5 ); - - ReadOnlyCheckBox = new wxCheckBox( OptionsPanel, wxID_ANY, _("Mount volume as &read-only"), wxDefaultPosition, wxDefaultSize, 0 ); - OptionsSizer->Add( ReadOnlyCheckBox, 0, wxALL, 5 ); - - RemovableCheckBox = new wxCheckBox( OptionsPanel, wxID_ANY, _("Mount volume as removable &medium"), wxDefaultPosition, wxDefaultSize, 0 ); - OptionsSizer->Add( RemovableCheckBox, 0, wxALL, 5 ); - - PartitionInSystemEncryptionScopeCheckBox = new wxCheckBox( OptionsPanel, wxID_ANY, _("Mount partition &using system encryption (preboot authentication)"), wxDefaultPosition, wxDefaultSize, 0 ); - OptionsSizer->Add( PartitionInSystemEncryptionScopeCheckBox, 0, wxALL, 5 ); - - ProtectionSizer = new wxStaticBoxSizer( new wxStaticBox( OptionsPanel, wxID_ANY, _("Hidden Volume Protection") ), wxVERTICAL ); - - ProtectionCheckBox = new wxCheckBox( OptionsPanel, wxID_ANY, _("&Protect hidden volume when mounting outer volume"), wxDefaultPosition, wxDefaultSize, 0 ); - ProtectionSizer->Add( ProtectionCheckBox, 0, wxALL, 5 ); - - ProtectionPasswordSizer = new wxBoxSizer( wxVERTICAL ); - - - ProtectionSizer->Add( ProtectionPasswordSizer, 1, wxEXPAND|wxLEFT, 5 ); - - ProtectionHyperlinkCtrl = new wxHyperlinkCtrl( OptionsPanel, wxID_ANY, _("What is hidden volume protection?"), wxEmptyString, wxDefaultPosition, wxDefaultSize, wxHL_DEFAULT_STYLE ); - - ProtectionHyperlinkCtrl->SetHoverColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - ProtectionHyperlinkCtrl->SetNormalColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - ProtectionHyperlinkCtrl->SetVisitedColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - ProtectionSizer->Add( ProtectionHyperlinkCtrl, 0, wxALL, 5 ); - - - OptionsSizer->Add( ProtectionSizer, 1, wxEXPAND|wxALL, 5 ); - - FilesystemSizer = new wxBoxSizer( wxVERTICAL ); - - m_panel8 = new wxPanel( OptionsPanel, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - wxStaticBoxSizer* sbSizer28; - sbSizer28 = new wxStaticBoxSizer( new wxStaticBox( m_panel8, wxID_ANY, _("Filesystem") ), wxVERTICAL ); - - wxBoxSizer* bSizer54; - bSizer54 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer55; - bSizer55 = new wxBoxSizer( wxVERTICAL ); - - NoFilesystemCheckBox = new wxCheckBox( m_panel8, wxID_ANY, _("Do ¬ mount"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer55->Add( NoFilesystemCheckBox, 0, wxTOP|wxRIGHT|wxLEFT, 5 ); - - - bSizer54->Add( bSizer55, 1, wxEXPAND, 5 ); - - FilesystemOptionsSizer = new wxGridBagSizer( 0, 0 ); - FilesystemOptionsSizer->SetFlexibleDirection( wxBOTH ); - FilesystemOptionsSizer->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); - FilesystemOptionsSizer->SetEmptyCellSize( wxSize( 0,0 ) ); - - FilesystemSpacer = new wxBoxSizer( wxVERTICAL ); - - - FilesystemOptionsSizer->Add( FilesystemSpacer, wxGBPosition( 0, 0 ), wxGBSpan( 1, 1 ), wxEXPAND|wxTOP, 5 ); - - MountPointTextCtrlStaticText = new wxStaticText( m_panel8, wxID_ANY, _("Mount at directory:"), wxDefaultPosition, wxDefaultSize, 0 ); - MountPointTextCtrlStaticText->Wrap( -1 ); - FilesystemOptionsSizer->Add( MountPointTextCtrlStaticText, wxGBPosition( 1, 0 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - MountPointTextCtrl = new wxTextCtrl( m_panel8, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - MountPointTextCtrl->SetMaxLength( 0 ); - FilesystemOptionsSizer->Add( MountPointTextCtrl, wxGBPosition( 1, 1 ), wxGBSpan( 1, 1 ), wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND, 5 ); - - MountPointButton = new wxButton( m_panel8, wxID_ANY, _("Se&lect..."), wxDefaultPosition, wxDefaultSize, 0 ); - FilesystemOptionsSizer->Add( MountPointButton, wxGBPosition( 1, 2 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxRIGHT|wxLEFT, 5 ); - - FilesystemOptionsStaticText = new wxStaticText( m_panel8, wxID_ANY, _("Mount options:"), wxDefaultPosition, wxDefaultSize, 0 ); - FilesystemOptionsStaticText->Wrap( -1 ); - FilesystemOptionsSizer->Add( FilesystemOptionsStaticText, wxGBPosition( 2, 0 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxLEFT, 5 ); - - FilesystemOptionsTextCtrl = new wxTextCtrl( m_panel8, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - FilesystemOptionsTextCtrl->SetMaxLength( 0 ); - FilesystemOptionsSizer->Add( FilesystemOptionsTextCtrl, wxGBPosition( 2, 1 ), wxGBSpan( 1, 2 ), wxALIGN_CENTER_VERTICAL|wxEXPAND|wxTOP|wxRIGHT|wxLEFT, 5 ); - - - FilesystemOptionsSizer->AddGrowableCol( 1 ); - - bSizer54->Add( FilesystemOptionsSizer, 0, wxEXPAND, 5 ); - - - sbSizer28->Add( bSizer54, 0, wxEXPAND|wxBOTTOM, 5 ); - - - m_panel8->SetSizer( sbSizer28 ); - m_panel8->Layout(); - sbSizer28->Fit( m_panel8 ); - FilesystemSizer->Add( m_panel8, 0, wxEXPAND | wxALL, 5 ); - - - OptionsSizer->Add( FilesystemSizer, 0, wxEXPAND, 5 ); - - - OptionsPanel->SetSizer( OptionsSizer ); - OptionsPanel->Layout(); - OptionsSizer->Fit( OptionsPanel ); - bSizer6->Add( OptionsPanel, 1, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 5 ); - - - bSizer19->Add( bSizer6, 0, wxEXPAND, 5 ); - - - MainSizer->Add( bSizer19, 1, wxEXPAND, 5 ); - - - this->SetSizer( MainSizer ); - this->Layout(); - MainSizer->Fit( this ); - - this->Centre( wxBOTH ); - - // Connect Events - this->Connect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( MountOptionsDialogBase::OnInitDialog ) ); - OKButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnOKButtonClick ), NULL, this ); - OptionsButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnOptionsButtonClick ), NULL, this ); - ReadOnlyCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnReadOnlyCheckBoxClick ), NULL, this ); - ProtectionCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnProtectionCheckBoxClick ), NULL, this ); - ProtectionHyperlinkCtrl->Connect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( MountOptionsDialogBase::OnProtectionHyperlinkClick ), NULL, this ); - NoFilesystemCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnNoFilesystemCheckBoxClick ), NULL, this ); - MountPointButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnMountPointButtonClick ), NULL, this ); -} - -MountOptionsDialogBase::~MountOptionsDialogBase() -{ - // Disconnect Events - this->Disconnect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( MountOptionsDialogBase::OnInitDialog ) ); - OKButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnOKButtonClick ), NULL, this ); - OptionsButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnOptionsButtonClick ), NULL, this ); - ReadOnlyCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnReadOnlyCheckBoxClick ), NULL, this ); - ProtectionCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnProtectionCheckBoxClick ), NULL, this ); - ProtectionHyperlinkCtrl->Disconnect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( MountOptionsDialogBase::OnProtectionHyperlinkClick ), NULL, this ); - NoFilesystemCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnNoFilesystemCheckBoxClick ), NULL, this ); - MountPointButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnMountPointButtonClick ), NULL, this ); - -} - -NewSecurityTokenKeyfileDialogBase::NewSecurityTokenKeyfileDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - - wxBoxSizer* bSizer143; - bSizer143 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer144; - bSizer144 = new wxBoxSizer( wxVERTICAL ); - - wxStaticBoxSizer* sbSizer42; - sbSizer42 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, wxEmptyString ), wxVERTICAL ); - - wxFlexGridSizer* fgSizer7; - fgSizer7 = new wxFlexGridSizer( 2, 2, 0, 0 ); - fgSizer7->SetFlexibleDirection( wxBOTH ); - fgSizer7->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); - - wxStaticText* m_staticText47; - m_staticText47 = new wxStaticText( this, wxID_ANY, _("Security token:"), wxDefaultPosition, wxDefaultSize, wxALIGN_RIGHT ); - m_staticText47->Wrap( -1 ); - fgSizer7->Add( m_staticText47, 0, wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - wxArrayString SecurityTokenChoiceChoices; - SecurityTokenChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, SecurityTokenChoiceChoices, 0 ); - SecurityTokenChoice->SetSelection( 0 ); - fgSizer7->Add( SecurityTokenChoice, 0, wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND, 5 ); - - wxStaticText* m_staticText48; - m_staticText48 = new wxStaticText( this, wxID_ANY, _("Keyfile name:"), wxDefaultPosition, wxDefaultSize, wxALIGN_RIGHT ); - m_staticText48->Wrap( -1 ); - fgSizer7->Add( m_staticText48, 0, wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - KeyfileNameTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - KeyfileNameTextCtrl->SetMaxLength( 0 ); - fgSizer7->Add( KeyfileNameTextCtrl, 0, wxALIGN_CENTER_VERTICAL|wxEXPAND|wxALL, 5 ); - - - sbSizer42->Add( fgSizer7, 1, wxEXPAND|wxTOP, 5 ); - - - bSizer144->Add( sbSizer42, 1, wxEXPAND|wxALL, 5 ); - - StdButtons = new wxStdDialogButtonSizer(); - StdButtonsOK = new wxButton( this, wxID_OK ); - StdButtons->AddButton( StdButtonsOK ); - StdButtonsCancel = new wxButton( this, wxID_CANCEL ); - StdButtons->AddButton( StdButtonsCancel ); - StdButtons->Realize(); - - bSizer144->Add( StdButtons, 0, wxALIGN_RIGHT|wxALL, 5 ); - - - bSizer143->Add( bSizer144, 1, wxEXPAND|wxALL, 5 ); - - - this->SetSizer( bSizer143 ); - this->Layout(); - bSizer143->Fit( this ); - - // Connect Events - KeyfileNameTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( NewSecurityTokenKeyfileDialogBase::OnKeyfileNameChanged ), NULL, this ); -} - -NewSecurityTokenKeyfileDialogBase::~NewSecurityTokenKeyfileDialogBase() -{ - // Disconnect Events - KeyfileNameTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( NewSecurityTokenKeyfileDialogBase::OnKeyfileNameChanged ), NULL, this ); - -} - -PreferencesDialogBase::PreferencesDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - this->SetExtraStyle( GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY ); - - wxBoxSizer* bSizer32; - bSizer32 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer41; - bSizer41 = new wxBoxSizer( wxVERTICAL ); - - PreferencesNotebook = new wxNotebook( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, 0 ); - SecurityPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - wxBoxSizer* bSizer44; - bSizer44 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer33; - bSizer33 = new wxBoxSizer( wxVERTICAL ); - - AutoDismountSizer = new wxStaticBoxSizer( new wxStaticBox( SecurityPage, wxID_ANY, _("Auto-Dismount") ), wxVERTICAL ); - - wxStaticBoxSizer* sbSizer13; - sbSizer13 = new wxStaticBoxSizer( new wxStaticBox( SecurityPage, wxID_ANY, _("Dismount All Volumes When") ), wxVERTICAL ); - - DismountOnLogOffCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("User logs off"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer13->Add( DismountOnLogOffCheckBox, 0, wxALL, 5 ); - - DismountOnScreenSaverCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("Screen saver is launched"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer13->Add( DismountOnScreenSaverCheckBox, 0, wxALL, 5 ); - - DismountOnPowerSavingCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("System is entering power saving mode"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer13->Add( DismountOnPowerSavingCheckBox, 0, wxALL, 5 ); - - - AutoDismountSizer->Add( sbSizer13, 0, wxEXPAND|wxALL, 5 ); - - wxBoxSizer* bSizer34; - bSizer34 = new wxBoxSizer( wxHORIZONTAL ); - - DismountOnInactivityCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("Auto-dismount volume after no data has been read/written to it for"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer34->Add( DismountOnInactivityCheckBox, 0, wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL, 5 ); - - DismountOnInactivitySpinCtrl = new wxSpinCtrl( SecurityPage, wxID_ANY, wxT("1"), wxDefaultPosition, wxSize( -1,-1 ), wxSP_ARROW_KEYS, 1, 9999, 1 ); - DismountOnInactivitySpinCtrl->SetMinSize( wxSize( 60,-1 ) ); - - bSizer34->Add( DismountOnInactivitySpinCtrl, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); - - wxStaticText* m_staticText5; - m_staticText5 = new wxStaticText( SecurityPage, wxID_ANY, _("minutes"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText5->Wrap( -1 ); - bSizer34->Add( m_staticText5, 1, wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxRIGHT, 5 ); - - - AutoDismountSizer->Add( bSizer34, 0, wxEXPAND, 5 ); - - ForceAutoDismountCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("Force auto-dismount even if volume contains open files or directories"), wxDefaultPosition, wxDefaultSize, 0 ); - AutoDismountSizer->Add( ForceAutoDismountCheckBox, 0, wxALL, 5 ); - - - bSizer33->Add( AutoDismountSizer, 0, wxEXPAND|wxALL, 5 ); - - FilesystemSecuritySizer = new wxStaticBoxSizer( new wxStaticBox( SecurityPage, wxID_ANY, _("Filesystem") ), wxVERTICAL ); - - PreserveTimestampsCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("Preserve modification timestamp of file containers"), wxDefaultPosition, wxDefaultSize, 0 ); - FilesystemSecuritySizer->Add( PreserveTimestampsCheckBox, 0, wxALL, 5 ); - - - bSizer33->Add( FilesystemSecuritySizer, 0, wxEXPAND|wxALL, 5 ); - - wxStaticBoxSizer* sbSizer14; - sbSizer14 = new wxStaticBoxSizer( new wxStaticBox( SecurityPage, wxID_ANY, _("Password Cache") ), wxVERTICAL ); - - WipeCacheOnCloseCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("Wipe after VeraCrypt window has been closed"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer14->Add( WipeCacheOnCloseCheckBox, 0, wxALL, 5 ); - - WipeCacheOnAutoDismountCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("Wipe after volume has been auto-dismounted"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer14->Add( WipeCacheOnAutoDismountCheckBox, 0, wxALL, 5 ); - - - bSizer33->Add( sbSizer14, 0, wxEXPAND|wxALL, 5 ); - - - bSizer44->Add( bSizer33, 1, wxEXPAND|wxALL, 5 ); - - - SecurityPage->SetSizer( bSizer44 ); - SecurityPage->Layout(); - bSizer44->Fit( SecurityPage ); - PreferencesNotebook->AddPage( SecurityPage, _("Security"), true ); - DefaultMountOptionsPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - wxBoxSizer* bSizer46; - bSizer46 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer35; - bSizer35 = new wxBoxSizer( wxVERTICAL ); - - wxStaticBoxSizer* sbSizer15; - sbSizer15 = new wxStaticBoxSizer( new wxStaticBox( DefaultMountOptionsPage, wxID_ANY, _("Default Mount Options") ), wxVERTICAL ); - - MountReadOnlyCheckBox = new wxCheckBox( DefaultMountOptionsPage, wxID_ANY, _("Mount volumes as read-only"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer15->Add( MountReadOnlyCheckBox, 0, wxALL, 5 ); - - MountRemovableCheckBox = new wxCheckBox( DefaultMountOptionsPage, wxID_ANY, _("Mount volumes as removable media"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer15->Add( MountRemovableCheckBox, 0, wxALL, 5 ); - - CachePasswordsCheckBox = new wxCheckBox( DefaultMountOptionsPage, wxID_ANY, _("Cache passwords in memory"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer15->Add( CachePasswordsCheckBox, 0, wxALL, 5 ); - - TrueCryptModeCheckBox = new wxCheckBox( DefaultMountOptionsPage, wxID_ANY, _("TrueCrypt Mode"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer15->Add( TrueCryptModeCheckBox, 0, wxALL, 5 ); - - wxBoxSizer* bSizer163; - bSizer163 = new wxBoxSizer( wxHORIZONTAL ); - - Pkcs5PrfStaticText = new wxStaticText( DefaultMountOptionsPage, wxID_ANY, _("PKCS5-PRF:"), wxDefaultPosition, wxDefaultSize, 0 ); - Pkcs5PrfStaticText->Wrap( -1 ); - bSizer163->Add( Pkcs5PrfStaticText, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); - - wxArrayString Pkcs5PrfChoiceChoices; - Pkcs5PrfChoice = new wxChoice( DefaultMountOptionsPage, wxID_ANY, wxDefaultPosition, wxDefaultSize, Pkcs5PrfChoiceChoices, 0 ); - Pkcs5PrfChoice->SetSelection( 0 ); - bSizer163->Add( Pkcs5PrfChoice, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); - - - sbSizer15->Add( bSizer163, 0, wxEXPAND, 5 ); - - - bSizer35->Add( sbSizer15, 0, wxEXPAND|wxALL, 5 ); - - FilesystemSizer = new wxStaticBoxSizer( new wxStaticBox( DefaultMountOptionsPage, wxID_ANY, _("Filesystem") ), wxVERTICAL ); - - wxFlexGridSizer* fgSizer3; - fgSizer3 = new wxFlexGridSizer( 1, 2, 0, 0 ); - fgSizer3->AddGrowableCol( 1 ); - fgSizer3->SetFlexibleDirection( wxBOTH ); - fgSizer3->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); - - wxStaticText* m_staticText6; - m_staticText6 = new wxStaticText( DefaultMountOptionsPage, wxID_ANY, _("Mount options:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText6->Wrap( -1 ); - fgSizer3->Add( m_staticText6, 0, wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT, 5 ); - - FilesystemOptionsTextCtrl = new wxTextCtrl( DefaultMountOptionsPage, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - FilesystemOptionsTextCtrl->SetMaxLength( 0 ); - fgSizer3->Add( FilesystemOptionsTextCtrl, 0, wxALL|wxEXPAND|wxALIGN_CENTER_VERTICAL, 5 ); - - - FilesystemSizer->Add( fgSizer3, 1, wxEXPAND, 5 ); - - - bSizer35->Add( FilesystemSizer, 0, wxEXPAND|wxALL, 5 ); - - - bSizer46->Add( bSizer35, 1, wxEXPAND|wxALL, 5 ); - - - DefaultMountOptionsPage->SetSizer( bSizer46 ); - DefaultMountOptionsPage->Layout(); - bSizer46->Fit( DefaultMountOptionsPage ); - PreferencesNotebook->AddPage( DefaultMountOptionsPage, _("Mount Options"), false ); - BackgroundTaskPanel = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - wxBoxSizer* bSizer61; - bSizer61 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer62; - bSizer62 = new wxBoxSizer( wxVERTICAL ); - - wxStaticBoxSizer* sbSizer18; - sbSizer18 = new wxStaticBoxSizer( new wxStaticBox( BackgroundTaskPanel, wxID_ANY, _("VeraCrypt Background Task") ), wxVERTICAL ); - - BackgroundTaskEnabledCheckBox = new wxCheckBox( BackgroundTaskPanel, wxID_ANY, _("Enabled"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer18->Add( BackgroundTaskEnabledCheckBox, 0, wxALL, 5 ); - - CloseBackgroundTaskOnNoVolumesCheckBox = new wxCheckBox( BackgroundTaskPanel, wxID_ANY, _("Exit when there are no mounted volumes"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer18->Add( CloseBackgroundTaskOnNoVolumesCheckBox, 0, wxALL, 5 ); - - wxStaticBoxSizer* sbSizer26; - sbSizer26 = new wxStaticBoxSizer( new wxStaticBox( BackgroundTaskPanel, wxID_ANY, _("Task Icon Menu Items") ), wxVERTICAL ); - - BackgroundTaskMenuMountItemsEnabledCheckBox = new wxCheckBox( BackgroundTaskPanel, wxID_ANY, _("Mount Favorite Volumes"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer26->Add( BackgroundTaskMenuMountItemsEnabledCheckBox, 0, wxALL, 5 ); - - BackgroundTaskMenuOpenItemsEnabledCheckBox = new wxCheckBox( BackgroundTaskPanel, wxID_ANY, _("Open Mounted Volumes"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer26->Add( BackgroundTaskMenuOpenItemsEnabledCheckBox, 0, wxALL, 5 ); - - BackgroundTaskMenuDismountItemsEnabledCheckBox = new wxCheckBox( BackgroundTaskPanel, wxID_ANY, _("Dismount Mounted Volumes"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer26->Add( BackgroundTaskMenuDismountItemsEnabledCheckBox, 0, wxALL, 5 ); - - - sbSizer18->Add( sbSizer26, 1, wxEXPAND|wxALL, 5 ); - - - bSizer62->Add( sbSizer18, 0, wxEXPAND|wxALL, 5 ); - - - bSizer61->Add( bSizer62, 1, wxEXPAND|wxALL, 5 ); - - - BackgroundTaskPanel->SetSizer( bSizer61 ); - BackgroundTaskPanel->Layout(); - bSizer61->Fit( BackgroundTaskPanel ); - PreferencesNotebook->AddPage( BackgroundTaskPanel, _("Background Task"), false ); - SystemIntegrationPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - wxBoxSizer* bSizer49; - bSizer49 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer37; - bSizer37 = new wxBoxSizer( wxVERTICAL ); - - LogOnSizer = new wxStaticBoxSizer( new wxStaticBox( SystemIntegrationPage, wxID_ANY, _("Actions to Perform when User Logs On") ), wxVERTICAL ); - - StartOnLogonCheckBox = new wxCheckBox( SystemIntegrationPage, wxID_ANY, _("Start VeraCrypt Background Task"), wxDefaultPosition, wxDefaultSize, 0 ); - LogOnSizer->Add( StartOnLogonCheckBox, 0, wxALL, 5 ); - - MountFavoritesOnLogonCheckBox = new wxCheckBox( SystemIntegrationPage, wxID_ANY, _("Mount favorite volumes"), wxDefaultPosition, wxDefaultSize, 0 ); - LogOnSizer->Add( MountFavoritesOnLogonCheckBox, 0, wxALL, 5 ); - - MountDevicesOnLogonCheckBox = new wxCheckBox( SystemIntegrationPage, wxID_ANY, _("Mount all device-hosted VeraCrypt volumes"), wxDefaultPosition, wxDefaultSize, 0 ); - LogOnSizer->Add( MountDevicesOnLogonCheckBox, 0, wxALL, 5 ); - - - bSizer37->Add( LogOnSizer, 0, wxALL|wxEXPAND, 5 ); - - ExplorerSizer = new wxStaticBoxSizer( new wxStaticBox( SystemIntegrationPage, wxID_ANY, _("Filesystem Explorer") ), wxVERTICAL ); - - OpenExplorerWindowAfterMountCheckBox = new wxCheckBox( SystemIntegrationPage, wxID_ANY, _("Open Explorer window for successfully mounted volume"), wxDefaultPosition, wxDefaultSize, 0 ); - ExplorerSizer->Add( OpenExplorerWindowAfterMountCheckBox, 0, wxALL, 5 ); - - CloseExplorerWindowsOnDismountCheckBox = new wxCheckBox( SystemIntegrationPage, wxID_ANY, _("Close all Explorer windows of volume being dismounted"), wxDefaultPosition, wxDefaultSize, 0 ); - ExplorerSizer->Add( CloseExplorerWindowsOnDismountCheckBox, 0, wxALL, 5 ); - - - bSizer37->Add( ExplorerSizer, 0, wxEXPAND|wxALL, 5 ); - - KernelServicesSizer = new wxStaticBoxSizer( new wxStaticBox( SystemIntegrationPage, wxID_ANY, _("Kernel Services") ), wxVERTICAL ); - - NoKernelCryptoCheckBox = new wxCheckBox( SystemIntegrationPage, wxID_ANY, _("Do not use kernel cryptographic services"), wxDefaultPosition, wxDefaultSize, 0 ); - KernelServicesSizer->Add( NoKernelCryptoCheckBox, 0, wxALL, 5 ); - - - bSizer37->Add( KernelServicesSizer, 0, wxEXPAND|wxALL, 5 ); - - - bSizer49->Add( bSizer37, 1, wxEXPAND|wxALL, 5 ); - - - SystemIntegrationPage->SetSizer( bSizer49 ); - SystemIntegrationPage->Layout(); - bSizer49->Fit( SystemIntegrationPage ); - PreferencesNotebook->AddPage( SystemIntegrationPage, _("System Integration"), false ); - PerformanceOptionsPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - wxBoxSizer* bSizer151; - bSizer151 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer152; - bSizer152 = new wxBoxSizer( wxVERTICAL ); - - wxStaticBoxSizer* sbSizer44; - sbSizer44 = new wxStaticBoxSizer( new wxStaticBox( PerformanceOptionsPage, wxID_ANY, _("Hardware Acceleration") ), wxVERTICAL ); - - wxBoxSizer* bSizer158; - bSizer158 = new wxBoxSizer( wxHORIZONTAL ); - - wxStaticText* m_staticText57; - m_staticText57 = new wxStaticText( PerformanceOptionsPage, wxID_ANY, _("Processor (CPU) in this computer supports hardware acceleration for AES:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText57->Wrap( -1 ); - bSizer158->Add( m_staticText57, 0, wxALL, 5 ); - - AesHwCpuSupportedStaticText = new wxStaticText( PerformanceOptionsPage, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0|wxSUNKEN_BORDER ); - AesHwCpuSupportedStaticText->Wrap( -1 ); - bSizer158->Add( AesHwCpuSupportedStaticText, 0, wxALL, 5 ); - - - sbSizer44->Add( bSizer158, 1, wxEXPAND, 5 ); - - - sbSizer44->Add( 0, 0, 0, wxBOTTOM, 5 ); - - NoHardwareCryptoCheckBox = new wxCheckBox( PerformanceOptionsPage, wxID_ANY, _("Do not accelerate AES encryption/decryption by using the AES instructions of the processor"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer44->Add( NoHardwareCryptoCheckBox, 0, wxALL, 5 ); - - - bSizer152->Add( sbSizer44, 0, wxEXPAND|wxALL, 5 ); - - - bSizer151->Add( bSizer152, 1, wxALL|wxEXPAND, 5 ); - - - PerformanceOptionsPage->SetSizer( bSizer151 ); - PerformanceOptionsPage->Layout(); - bSizer151->Fit( PerformanceOptionsPage ); - PreferencesNotebook->AddPage( PerformanceOptionsPage, _("Performance"), false ); - DefaultKeyfilesPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - wxBoxSizer* bSizer40; - bSizer40 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer43; - bSizer43 = new wxBoxSizer( wxVERTICAL ); - - wxStaticBoxSizer* bSizer42; - bSizer42 = new wxStaticBoxSizer( new wxStaticBox( DefaultKeyfilesPage, wxID_ANY, _("Default Keyfiles") ), wxVERTICAL ); - - DefaultKeyfilesSizer = new wxBoxSizer( wxVERTICAL ); - - - bSizer42->Add( DefaultKeyfilesSizer, 1, wxEXPAND, 5 ); - - - bSizer43->Add( bSizer42, 1, wxEXPAND|wxALL, 5 ); - - UseKeyfilesCheckBox = new wxCheckBox( DefaultKeyfilesPage, wxID_ANY, _("Use keyfiles by default"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer43->Add( UseKeyfilesCheckBox, 0, wxALL, 5 ); - - - bSizer40->Add( bSizer43, 1, wxEXPAND|wxALL, 5 ); - - - DefaultKeyfilesPage->SetSizer( bSizer40 ); - DefaultKeyfilesPage->Layout(); - bSizer40->Fit( DefaultKeyfilesPage ); - PreferencesNotebook->AddPage( DefaultKeyfilesPage, _("Keyfiles"), false ); - SecurityTokensPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - wxBoxSizer* bSizer127; - bSizer127 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer128; - bSizer128 = new wxBoxSizer( wxVERTICAL ); - - wxStaticBoxSizer* sbSizer36; - sbSizer36 = new wxStaticBoxSizer( new wxStaticBox( SecurityTokensPage, wxID_ANY, _("PKCS #11 Library Path") ), wxVERTICAL ); - - wxBoxSizer* bSizer129; - bSizer129 = new wxBoxSizer( wxHORIZONTAL ); - - Pkcs11ModulePathTextCtrl = new wxTextCtrl( SecurityTokensPage, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - Pkcs11ModulePathTextCtrl->SetMaxLength( 0 ); - bSizer129->Add( Pkcs11ModulePathTextCtrl, 1, wxALL, 5 ); - - SelectPkcs11ModuleButton = new wxButton( SecurityTokensPage, wxID_ANY, _("Select &Library..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer129->Add( SelectPkcs11ModuleButton, 0, wxALL, 5 ); - - - sbSizer36->Add( bSizer129, 1, wxEXPAND, 5 ); - - - bSizer128->Add( sbSizer36, 0, wxEXPAND|wxALL, 5 ); - - wxStaticBoxSizer* sbSizer37; - sbSizer37 = new wxStaticBoxSizer( new wxStaticBox( SecurityTokensPage, wxID_ANY, _("Security Options") ), wxVERTICAL ); - - CloseSecurityTokenSessionsAfterMountCheckBox = new wxCheckBox( SecurityTokensPage, wxID_ANY, _("&Close token session (log out) after a volume is successfully mounted"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer37->Add( CloseSecurityTokenSessionsAfterMountCheckBox, 0, wxALL, 5 ); - - - bSizer128->Add( sbSizer37, 0, wxEXPAND|wxALL, 5 ); - - - bSizer127->Add( bSizer128, 1, wxEXPAND|wxALL, 5 ); - - - SecurityTokensPage->SetSizer( bSizer127 ); - SecurityTokensPage->Layout(); - bSizer127->Fit( SecurityTokensPage ); - PreferencesNotebook->AddPage( SecurityTokensPage, _("Security Tokens"), false ); - HotkeysPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); - wxBoxSizer* bSizer51; - bSizer51 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer38; - bSizer38 = new wxBoxSizer( wxVERTICAL ); - - wxStaticBoxSizer* sbSizer21; - sbSizer21 = new wxStaticBoxSizer( new wxStaticBox( HotkeysPage, wxID_ANY, _("System-Wide Hotkeys") ), wxVERTICAL ); - - HotkeyListCtrl = new wxListCtrl( HotkeysPage, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_SINGLE_SEL|wxLC_VRULES|wxSUNKEN_BORDER ); - sbSizer21->Add( HotkeyListCtrl, 1, wxALL|wxEXPAND, 5 ); - - wxStaticBoxSizer* sbSizer23; - sbSizer23 = new wxStaticBoxSizer( new wxStaticBox( HotkeysPage, wxID_ANY, _("Shortcut") ), wxVERTICAL ); - - wxFlexGridSizer* fgSizer4; - fgSizer4 = new wxFlexGridSizer( 2, 3, 0, 0 ); - fgSizer4->SetFlexibleDirection( wxBOTH ); - fgSizer4->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); - - wxStaticText* m_staticText10; - m_staticText10 = new wxStaticText( HotkeysPage, wxID_ANY, _("Key to assign:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText10->Wrap( -1 ); - fgSizer4->Add( m_staticText10, 0, wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - HotkeyTextCtrl = new wxTextCtrl( HotkeysPage, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - HotkeyTextCtrl->SetMaxLength( 0 ); - fgSizer4->Add( HotkeyTextCtrl, 0, wxALL|wxEXPAND|wxALIGN_CENTER_VERTICAL, 5 ); - - AssignHotkeyButton = new wxButton( HotkeysPage, wxID_ANY, _("Assign"), wxDefaultPosition, wxDefaultSize, 0 ); - fgSizer4->Add( AssignHotkeyButton, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - - fgSizer4->Add( 0, 0, 1, wxEXPAND, 5 ); - - wxGridSizer* gSizer4; - gSizer4 = new wxGridSizer( 1, 4, 0, 0 ); - - HotkeyControlCheckBox = new wxCheckBox( HotkeysPage, wxID_ANY, _("Control"), wxDefaultPosition, wxDefaultSize, 0 ); - gSizer4->Add( HotkeyControlCheckBox, 0, wxALL, 5 ); - - HotkeyShiftCheckBox = new wxCheckBox( HotkeysPage, wxID_ANY, _("Shift"), wxDefaultPosition, wxDefaultSize, 0 ); - gSizer4->Add( HotkeyShiftCheckBox, 0, wxALL, 5 ); - - HotkeyAltCheckBox = new wxCheckBox( HotkeysPage, wxID_ANY, _("Alt"), wxDefaultPosition, wxDefaultSize, 0 ); - gSizer4->Add( HotkeyAltCheckBox, 0, wxALL, 5 ); - - HotkeyWinCheckBox = new wxCheckBox( HotkeysPage, wxID_ANY, _("Win"), wxDefaultPosition, wxDefaultSize, 0 ); - gSizer4->Add( HotkeyWinCheckBox, 0, wxALL, 5 ); - - - fgSizer4->Add( gSizer4, 1, wxEXPAND, 5 ); - - RemoveHotkeyButton = new wxButton( HotkeysPage, wxID_ANY, _("Remove"), wxDefaultPosition, wxDefaultSize, 0 ); - fgSizer4->Add( RemoveHotkeyButton, 1, wxALL, 5 ); - - - sbSizer23->Add( fgSizer4, 1, wxALIGN_RIGHT, 5 ); - - - sbSizer21->Add( sbSizer23, 0, wxEXPAND|wxALL, 5 ); - - wxStaticBoxSizer* sbSizer24; - sbSizer24 = new wxStaticBoxSizer( new wxStaticBox( HotkeysPage, wxID_ANY, _("Options") ), wxVERTICAL ); - - BeepAfterHotkeyMountDismountCheckBox = new wxCheckBox( HotkeysPage, wxID_ANY, _("Play system notification sound after mount/dismount"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer24->Add( BeepAfterHotkeyMountDismountCheckBox, 0, wxALL, 5 ); - - DisplayMessageAfterHotkeyDismountCheckBox = new wxCheckBox( HotkeysPage, wxID_ANY, _("Display confirmation message box after dismount"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer24->Add( DisplayMessageAfterHotkeyDismountCheckBox, 0, wxALL, 5 ); - - - sbSizer21->Add( sbSizer24, 0, wxEXPAND|wxALL, 5 ); - - - bSizer38->Add( sbSizer21, 1, wxEXPAND|wxALL, 5 ); - - - bSizer51->Add( bSizer38, 1, wxEXPAND|wxALL, 5 ); - - - HotkeysPage->SetSizer( bSizer51 ); - HotkeysPage->Layout(); - bSizer51->Fit( HotkeysPage ); - PreferencesNotebook->AddPage( HotkeysPage, _("Hotkeys"), false ); - - bSizer41->Add( PreferencesNotebook, 1, wxEXPAND | wxALL, 5 ); - - StdButtons = new wxStdDialogButtonSizer(); - StdButtonsOK = new wxButton( this, wxID_OK ); - StdButtons->AddButton( StdButtonsOK ); - StdButtonsCancel = new wxButton( this, wxID_CANCEL ); - StdButtons->AddButton( StdButtonsCancel ); - StdButtons->Realize(); - - bSizer41->Add( StdButtons, 0, wxEXPAND|wxALL, 5 ); - - - bSizer32->Add( bSizer41, 1, wxEXPAND|wxALL, 5 ); - - - this->SetSizer( bSizer32 ); - this->Layout(); - bSizer32->Fit( this ); - - // Connect Events - this->Connect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( PreferencesDialogBase::OnClose ) ); - DismountOnScreenSaverCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnDismountOnScreenSaverCheckBoxClick ), NULL, this ); - DismountOnPowerSavingCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnDismountOnPowerSavingCheckBoxClick ), NULL, this ); - ForceAutoDismountCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnForceAutoDismountCheckBoxClick ), NULL, this ); - PreserveTimestampsCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnPreserveTimestampsCheckBoxClick ), NULL, this ); - BackgroundTaskEnabledCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnBackgroundTaskEnabledCheckBoxClick ), NULL, this ); - NoKernelCryptoCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnNoKernelCryptoCheckBoxClick ), NULL, this ); - NoHardwareCryptoCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnNoHardwareCryptoCheckBoxClick ), NULL, this ); - SelectPkcs11ModuleButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnSelectPkcs11ModuleButtonClick ), NULL, this ); - HotkeyListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( PreferencesDialogBase::OnHotkeyListItemDeselected ), NULL, this ); - HotkeyListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( PreferencesDialogBase::OnHotkeyListItemSelected ), NULL, this ); - AssignHotkeyButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnAssignHotkeyButtonClick ), NULL, this ); - RemoveHotkeyButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnRemoveHotkeyButtonClick ), NULL, this ); - StdButtonsCancel->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnCancelButtonClick ), NULL, this ); - StdButtonsOK->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnOKButtonClick ), NULL, this ); -} - -PreferencesDialogBase::~PreferencesDialogBase() -{ - // Disconnect Events - this->Disconnect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( PreferencesDialogBase::OnClose ) ); - DismountOnScreenSaverCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnDismountOnScreenSaverCheckBoxClick ), NULL, this ); - DismountOnPowerSavingCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnDismountOnPowerSavingCheckBoxClick ), NULL, this ); - ForceAutoDismountCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnForceAutoDismountCheckBoxClick ), NULL, this ); - PreserveTimestampsCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnPreserveTimestampsCheckBoxClick ), NULL, this ); - BackgroundTaskEnabledCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnBackgroundTaskEnabledCheckBoxClick ), NULL, this ); - NoKernelCryptoCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnNoKernelCryptoCheckBoxClick ), NULL, this ); - NoHardwareCryptoCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnNoHardwareCryptoCheckBoxClick ), NULL, this ); - SelectPkcs11ModuleButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnSelectPkcs11ModuleButtonClick ), NULL, this ); - HotkeyListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( PreferencesDialogBase::OnHotkeyListItemDeselected ), NULL, this ); - HotkeyListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( PreferencesDialogBase::OnHotkeyListItemSelected ), NULL, this ); - AssignHotkeyButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnAssignHotkeyButtonClick ), NULL, this ); - RemoveHotkeyButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnRemoveHotkeyButtonClick ), NULL, this ); - StdButtonsCancel->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnCancelButtonClick ), NULL, this ); - StdButtonsOK->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnOKButtonClick ), NULL, this ); - -} - -RandomPoolEnrichmentDialogBase::RandomPoolEnrichmentDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - - MainSizer = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer144; - bSizer144 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer145; - bSizer145 = new wxBoxSizer( wxHORIZONTAL ); - - - bSizer145->Add( 0, 0, 1, wxEXPAND, 5 ); - - wxStaticText* m_staticText49; - m_staticText49 = new wxStaticText( this, wxID_ANY, _("Mixing PRF:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText49->Wrap( -1 ); - bSizer145->Add( m_staticText49, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - wxArrayString HashChoiceChoices; - HashChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, HashChoiceChoices, 0 ); - HashChoice->SetSelection( 0 ); - bSizer145->Add( HashChoice, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - - bSizer145->Add( 0, 0, 1, wxEXPAND, 5 ); - - - bSizer144->Add( bSizer145, 0, wxEXPAND, 5 ); - - wxStaticBoxSizer* sbSizer43; - sbSizer43 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, wxEmptyString ), wxVERTICAL ); - - wxBoxSizer* bSizer147; - bSizer147 = new wxBoxSizer( wxHORIZONTAL ); - - wxStaticText* m_staticText52; - m_staticText52 = new wxStaticText( this, wxID_ANY, _("Random Pool:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText52->Wrap( -1 ); - bSizer147->Add( m_staticText52, 0, wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL, 5 ); - - RandomPoolStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - RandomPoolStaticText->Wrap( -1 ); - RandomPoolStaticText->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier New") ) ); - - bSizer147->Add( RandomPoolStaticText, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - ShowRandomPoolCheckBox = new wxCheckBox( this, wxID_ANY, _("Show"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer147->Add( ShowRandomPoolCheckBox, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - - sbSizer43->Add( bSizer147, 0, wxEXPAND|wxTOP, 5 ); - - - sbSizer43->Add( 0, 0, 1, wxEXPAND, 5 ); - - wxStaticBoxSizer* sbSizer45; - sbSizer45 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Randomness Collected From Mouse Movements") ), wxVERTICAL ); - - CollectedEntropy = new wxGauge( this, wxID_ANY, 2560, wxDefaultPosition, wxDefaultSize, wxGA_HORIZONTAL|wxGA_SMOOTH ); - CollectedEntropy->SetValue( 0 ); - sbSizer45->Add( CollectedEntropy, 0, wxALL|wxEXPAND, 5 ); - - - sbSizer43->Add( sbSizer45, 0, wxBOTTOM|wxEXPAND|wxTOP, 5 ); - - - sbSizer43->Add( 0, 0, 1, wxEXPAND, 5 ); - - MouseStaticText = new wxStaticText( this, wxID_ANY, _("IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'."), wxDefaultPosition, wxDefaultSize, 0 ); - MouseStaticText->Wrap( -1 ); - sbSizer43->Add( MouseStaticText, 0, wxALL|wxALIGN_CENTER_HORIZONTAL, 5 ); - - - sbSizer43->Add( 0, 0, 1, wxEXPAND, 5 ); - - - bSizer144->Add( sbSizer43, 1, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 5 ); - - wxBoxSizer* bSizer146; - bSizer146 = new wxBoxSizer( wxHORIZONTAL ); - - - bSizer146->Add( 0, 0, 1, wxEXPAND, 5 ); - - ContinueButton = new wxButton( this, wxID_OK, _("&Continue"), wxDefaultPosition, wxDefaultSize, 0 ); - ContinueButton->SetDefault(); - bSizer146->Add( ContinueButton, 0, wxALL, 5 ); - - - bSizer146->Add( 0, 0, 1, wxEXPAND, 5 ); - - - bSizer144->Add( bSizer146, 0, wxEXPAND, 5 ); - - - MainSizer->Add( bSizer144, 1, wxEXPAND|wxALL, 5 ); - - - this->SetSizer( MainSizer ); - this->Layout(); - MainSizer->Fit( this ); - - this->Centre( wxBOTH ); - - // Connect Events - this->Connect( wxEVT_MOTION, wxMouseEventHandler( RandomPoolEnrichmentDialogBase::OnMouseMotion ) ); - HashChoice->Connect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( RandomPoolEnrichmentDialogBase::OnHashSelected ), NULL, this ); - ShowRandomPoolCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( RandomPoolEnrichmentDialogBase::OnShowRandomPoolCheckBoxClicked ), NULL, this ); -} - -RandomPoolEnrichmentDialogBase::~RandomPoolEnrichmentDialogBase() -{ - // Disconnect Events - this->Disconnect( wxEVT_MOTION, wxMouseEventHandler( RandomPoolEnrichmentDialogBase::OnMouseMotion ) ); - HashChoice->Disconnect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( RandomPoolEnrichmentDialogBase::OnHashSelected ), NULL, this ); - ShowRandomPoolCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( RandomPoolEnrichmentDialogBase::OnShowRandomPoolCheckBoxClicked ), NULL, this ); - -} - -SecurityTokenKeyfilesDialogBase::SecurityTokenKeyfilesDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxSize( -1,-1 ), wxDefaultSize ); - this->SetExtraStyle( GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY ); - - wxBoxSizer* bSizer3; - bSizer3 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer138; - bSizer138 = new wxBoxSizer( wxHORIZONTAL ); - - wxBoxSizer* bSizer142; - bSizer142 = new wxBoxSizer( wxVERTICAL ); - - SecurityTokenKeyfileListCtrl = new wxListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VRULES|wxSUNKEN_BORDER ); - bSizer142->Add( SecurityTokenKeyfileListCtrl, 1, wxALL|wxEXPAND, 5 ); - - wxBoxSizer* bSizer141; - bSizer141 = new wxBoxSizer( wxHORIZONTAL ); - - ExportButton = new wxButton( this, wxID_ANY, _("&Export..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer141->Add( ExportButton, 0, wxALL, 5 ); - - DeleteButton = new wxButton( this, wxID_ANY, _("&Delete"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer141->Add( DeleteButton, 0, wxALL, 5 ); - - - bSizer141->Add( 0, 0, 1, wxEXPAND|wxLEFT, 5 ); - - ImportButton = new wxButton( this, wxID_ANY, _("&Import Keyfile to Token..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer141->Add( ImportButton, 0, wxALL, 5 ); - - - bSizer142->Add( bSizer141, 0, wxEXPAND, 5 ); - - - bSizer138->Add( bSizer142, 1, wxEXPAND, 5 ); - - wxBoxSizer* bSizer139; - bSizer139 = new wxBoxSizer( wxVERTICAL ); - - OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); - OKButton->SetDefault(); - bSizer139->Add( OKButton, 0, wxALL, 5 ); - - CancelButton = new wxButton( this, wxID_CANCEL, _("Cancel"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer139->Add( CancelButton, 0, wxALL, 5 ); - - - bSizer138->Add( bSizer139, 0, wxEXPAND, 5 ); - - - bSizer3->Add( bSizer138, 1, wxEXPAND|wxALL, 5 ); - - - this->SetSizer( bSizer3 ); - this->Layout(); - bSizer3->Fit( this ); - - // Connect Events - SecurityTokenKeyfileListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_ACTIVATED, wxListEventHandler( SecurityTokenKeyfilesDialogBase::OnListItemActivated ), NULL, this ); - SecurityTokenKeyfileListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( SecurityTokenKeyfilesDialogBase::OnListItemDeselected ), NULL, this ); - SecurityTokenKeyfileListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( SecurityTokenKeyfilesDialogBase::OnListItemSelected ), NULL, this ); - ExportButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnExportButtonClick ), NULL, this ); - DeleteButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnDeleteButtonClick ), NULL, this ); - ImportButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnImportButtonClick ), NULL, this ); - OKButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnOKButtonClick ), NULL, this ); -} - -SecurityTokenKeyfilesDialogBase::~SecurityTokenKeyfilesDialogBase() -{ - // Disconnect Events - SecurityTokenKeyfileListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_ACTIVATED, wxListEventHandler( SecurityTokenKeyfilesDialogBase::OnListItemActivated ), NULL, this ); - SecurityTokenKeyfileListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( SecurityTokenKeyfilesDialogBase::OnListItemDeselected ), NULL, this ); - SecurityTokenKeyfileListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( SecurityTokenKeyfilesDialogBase::OnListItemSelected ), NULL, this ); - ExportButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnExportButtonClick ), NULL, this ); - DeleteButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnDeleteButtonClick ), NULL, this ); - ImportButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnImportButtonClick ), NULL, this ); - OKButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnOKButtonClick ), NULL, this ); - -} - -VolumePropertiesDialogBase::VolumePropertiesDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - - wxBoxSizer* bSizer49; - bSizer49 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer50; - bSizer50 = new wxBoxSizer( wxVERTICAL ); - - PropertiesListCtrl = new wxListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VRULES|wxSUNKEN_BORDER ); - bSizer50->Add( PropertiesListCtrl, 1, wxALL|wxEXPAND, 5 ); - - StdButtons = new wxStdDialogButtonSizer(); - StdButtonsOK = new wxButton( this, wxID_OK ); - StdButtons->AddButton( StdButtonsOK ); - StdButtons->Realize(); - - bSizer50->Add( StdButtons, 0, wxALL|wxALIGN_CENTER_HORIZONTAL, 5 ); - - - bSizer49->Add( bSizer50, 1, wxEXPAND|wxALL, 5 ); - - - this->SetSizer( bSizer49 ); - this->Layout(); - bSizer49->Fit( this ); -} - -VolumePropertiesDialogBase::~VolumePropertiesDialogBase() -{ -} - -EncryptionOptionsWizardPageBase::EncryptionOptionsWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) -{ - wxBoxSizer* bSizer93; - bSizer93 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer94; - bSizer94 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer95; - bSizer95 = new wxBoxSizer( wxVERTICAL ); - - wxStaticBoxSizer* sbSizer29; - sbSizer29 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Encryption Algorithm") ), wxVERTICAL ); - - wxBoxSizer* bSizer96; - bSizer96 = new wxBoxSizer( wxHORIZONTAL ); - - wxArrayString EncryptionAlgorithmChoiceChoices; - EncryptionAlgorithmChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, EncryptionAlgorithmChoiceChoices, 0 ); - EncryptionAlgorithmChoice->SetSelection( 0 ); - bSizer96->Add( EncryptionAlgorithmChoice, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - TestButton = new wxButton( this, wxID_ANY, _("&Test"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer96->Add( TestButton, 0, wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND, 5 ); - - - sbSizer29->Add( bSizer96, 0, wxEXPAND, 5 ); - - EncryptionAlgorithmStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - EncryptionAlgorithmStaticText->Wrap( -1 ); - sbSizer29->Add( EncryptionAlgorithmStaticText, 1, wxALL|wxEXPAND, 5 ); - - wxBoxSizer* bSizer97; - bSizer97 = new wxBoxSizer( wxHORIZONTAL ); - - EncryptionAlgorithmHyperlink = new wxHyperlinkCtrl( this, wxID_ANY, _("More information"), wxEmptyString, wxDefaultPosition, wxDefaultSize, wxHL_DEFAULT_STYLE ); - - EncryptionAlgorithmHyperlink->SetHoverColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - EncryptionAlgorithmHyperlink->SetNormalColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - EncryptionAlgorithmHyperlink->SetVisitedColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - bSizer97->Add( EncryptionAlgorithmHyperlink, 0, wxALL, 5 ); - - - bSizer97->Add( 0, 0, 1, wxEXPAND, 5 ); - - BenchmarkButton = new wxButton( this, wxID_ANY, _("&Benchmark"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer97->Add( BenchmarkButton, 0, wxALL, 5 ); - - - sbSizer29->Add( bSizer97, 0, wxEXPAND, 5 ); - - - bSizer95->Add( sbSizer29, 1, wxEXPAND|wxALL, 5 ); - - wxStaticBoxSizer* sbSizer30; - sbSizer30 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Hash Algorithm") ), wxHORIZONTAL ); - - wxArrayString HashChoiceChoices; - HashChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, HashChoiceChoices, 0 ); - HashChoice->SetSelection( 0 ); - sbSizer30->Add( HashChoice, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - HashHyperlink = new wxHyperlinkCtrl( this, wxID_ANY, _("Information on hash algorithms"), wxEmptyString, wxDefaultPosition, wxDefaultSize, wxHL_DEFAULT_STYLE ); - - HashHyperlink->SetHoverColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - HashHyperlink->SetNormalColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - HashHyperlink->SetVisitedColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); - sbSizer30->Add( HashHyperlink, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - - bSizer95->Add( sbSizer30, 0, wxEXPAND|wxALL, 5 ); - - - bSizer94->Add( bSizer95, 1, wxEXPAND, 5 ); - - - bSizer93->Add( bSizer94, 1, wxEXPAND, 5 ); - - - this->SetSizer( bSizer93 ); - this->Layout(); - bSizer93->Fit( this ); - - // Connect Events - EncryptionAlgorithmChoice->Connect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( EncryptionOptionsWizardPageBase::OnEncryptionAlgorithmSelected ), NULL, this ); - TestButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionOptionsWizardPageBase::OnTestButtonClick ), NULL, this ); - EncryptionAlgorithmHyperlink->Connect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( EncryptionOptionsWizardPageBase::OnEncryptionAlgorithmHyperlinkClick ), NULL, this ); - BenchmarkButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionOptionsWizardPageBase::OnBenchmarkButtonClick ), NULL, this ); - HashHyperlink->Connect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( EncryptionOptionsWizardPageBase::OnHashHyperlinkClick ), NULL, this ); -} - -EncryptionOptionsWizardPageBase::~EncryptionOptionsWizardPageBase() -{ - // Disconnect Events - EncryptionAlgorithmChoice->Disconnect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( EncryptionOptionsWizardPageBase::OnEncryptionAlgorithmSelected ), NULL, this ); - TestButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionOptionsWizardPageBase::OnTestButtonClick ), NULL, this ); - EncryptionAlgorithmHyperlink->Disconnect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( EncryptionOptionsWizardPageBase::OnEncryptionAlgorithmHyperlinkClick ), NULL, this ); - BenchmarkButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionOptionsWizardPageBase::OnBenchmarkButtonClick ), NULL, this ); - HashHyperlink->Disconnect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( EncryptionOptionsWizardPageBase::OnHashHyperlinkClick ), NULL, this ); - -} - -InfoWizardPageBase::InfoWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) -{ - wxBoxSizer* bSizer71; - bSizer71 = new wxBoxSizer( wxVERTICAL ); - - InfoPageSizer = new wxBoxSizer( wxVERTICAL ); - - InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - InfoStaticText->Wrap( -1 ); - InfoPageSizer->Add( InfoStaticText, 1, wxALL|wxEXPAND, 5 ); - - - bSizer71->Add( InfoPageSizer, 1, wxEXPAND, 5 ); - - - this->SetSizer( bSizer71 ); - this->Layout(); - bSizer71->Fit( this ); -} - -InfoWizardPageBase::~InfoWizardPageBase() -{ -} - -KeyfilesPanelBase::KeyfilesPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style ) -{ - this->SetMinSize( wxSize( 500,300 ) ); - - wxBoxSizer* bSizer19; - bSizer19 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer20; - bSizer20 = new wxBoxSizer( wxHORIZONTAL ); - - wxBoxSizer* bSizer21; - bSizer21 = new wxBoxSizer( wxVERTICAL ); - - KeyfilesListCtrl = new wxListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxSUNKEN_BORDER ); - bSizer21->Add( KeyfilesListCtrl, 1, wxEXPAND|wxALL, 5 ); - - wxBoxSizer* bSizer137; - bSizer137 = new wxBoxSizer( wxHORIZONTAL ); - - AddFilesButton = new wxButton( this, wxID_ANY, _("Add &Files..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer137->Add( AddFilesButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - AddDirectoryButton = new wxButton( this, wxID_ANY, _("Add &Path..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer137->Add( AddDirectoryButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - AddSecurityTokenSignatureButton = new wxButton( this, wxID_ANY, _("Add &Token Files..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer137->Add( AddSecurityTokenSignatureButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - RemoveButton = new wxButton( this, wxID_ANY, _("&Remove"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer137->Add( RemoveButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - RemoveAllButton = new wxButton( this, wxID_ANY, _("Remove &All"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer137->Add( RemoveAllButton, 0, wxEXPAND|wxALL, 5 ); - - - bSizer21->Add( bSizer137, 0, wxEXPAND, 5 ); - - - bSizer20->Add( bSizer21, 1, wxEXPAND, 5 ); - - - bSizer19->Add( bSizer20, 1, wxEXPAND, 5 ); - - - this->SetSizer( bSizer19 ); - this->Layout(); - bSizer19->Fit( this ); - - // Connect Events - KeyfilesListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( KeyfilesPanelBase::OnListItemDeselected ), NULL, this ); - KeyfilesListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( KeyfilesPanelBase::OnListItemSelected ), NULL, this ); - KeyfilesListCtrl->Connect( wxEVT_SIZE, wxSizeEventHandler( KeyfilesPanelBase::OnListSizeChanged ), NULL, this ); - AddFilesButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnAddFilesButtonClick ), NULL, this ); - AddDirectoryButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnAddDirectoryButtonClick ), NULL, this ); - AddSecurityTokenSignatureButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnAddSecurityTokenSignatureButtonClick ), NULL, this ); - RemoveButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnRemoveButtonClick ), NULL, this ); - RemoveAllButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnRemoveAllButtonClick ), NULL, this ); -} - -KeyfilesPanelBase::~KeyfilesPanelBase() -{ - // Disconnect Events - KeyfilesListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( KeyfilesPanelBase::OnListItemDeselected ), NULL, this ); - KeyfilesListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( KeyfilesPanelBase::OnListItemSelected ), NULL, this ); - KeyfilesListCtrl->Disconnect( wxEVT_SIZE, wxSizeEventHandler( KeyfilesPanelBase::OnListSizeChanged ), NULL, this ); - AddFilesButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnAddFilesButtonClick ), NULL, this ); - AddDirectoryButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnAddDirectoryButtonClick ), NULL, this ); - AddSecurityTokenSignatureButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnAddSecurityTokenSignatureButtonClick ), NULL, this ); - RemoveButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnRemoveButtonClick ), NULL, this ); - RemoveAllButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnRemoveAllButtonClick ), NULL, this ); - -} - -ProgressWizardPageBase::ProgressWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) -{ - wxBoxSizer* bSizer81; - bSizer81 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer82; - bSizer82 = new wxBoxSizer( wxVERTICAL ); - - ProgressSizer = new wxBoxSizer( wxHORIZONTAL ); - - ProgressGauge = new wxGauge( this, wxID_ANY, 100, wxDefaultPosition, wxSize( -1,-1 ), wxGA_HORIZONTAL|wxGA_SMOOTH ); - ProgressGauge->SetValue( 0 ); - ProgressSizer->Add( ProgressGauge, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - AbortButton = new wxButton( this, wxID_ANY, _("&Abort"), wxDefaultPosition, wxDefaultSize, 0 ); - AbortButton->Enable( false ); - - ProgressSizer->Add( AbortButton, 0, wxTOP|wxBOTTOM|wxRIGHT|wxALIGN_CENTER_VERTICAL, 5 ); - - - bSizer82->Add( ProgressSizer, 0, wxEXPAND, 5 ); - - InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - InfoStaticText->Wrap( -1 ); - bSizer82->Add( InfoStaticText, 0, wxALL|wxEXPAND, 5 ); - - - bSizer81->Add( bSizer82, 0, wxEXPAND, 5 ); - - - this->SetSizer( bSizer81 ); - this->Layout(); - bSizer81->Fit( this ); - - // Connect Events - AbortButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( ProgressWizardPageBase::OnAbortButtonClick ), NULL, this ); -} - -ProgressWizardPageBase::~ProgressWizardPageBase() -{ - // Disconnect Events - AbortButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( ProgressWizardPageBase::OnAbortButtonClick ), NULL, this ); - -} - -SelectDirectoryWizardPageBase::SelectDirectoryWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) -{ - this->SetMinSize( wxSize( 200,65 ) ); - - wxBoxSizer* bSizer68; - bSizer68 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer69; - bSizer69 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer70; - bSizer70 = new wxBoxSizer( wxHORIZONTAL ); - - DirectoryTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - DirectoryTextCtrl->SetMaxLength( 0 ); - bSizer70->Add( DirectoryTextCtrl, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - BrowseButton = new wxButton( this, wxID_ANY, _("&Browse..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer70->Add( BrowseButton, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - - bSizer69->Add( bSizer70, 0, wxEXPAND, 5 ); - - InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - InfoStaticText->Wrap( 300 ); - bSizer69->Add( InfoStaticText, 1, wxALL|wxEXPAND, 5 ); - - - bSizer68->Add( bSizer69, 1, wxEXPAND, 5 ); - - - this->SetSizer( bSizer68 ); - this->Layout(); - bSizer68->Fit( this ); - - // Connect Events - DirectoryTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( SelectDirectoryWizardPageBase::OnDirectoryTextChanged ), NULL, this ); - BrowseButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SelectDirectoryWizardPageBase::OnBrowseButtonClick ), NULL, this ); -} - -SelectDirectoryWizardPageBase::~SelectDirectoryWizardPageBase() -{ - // Disconnect Events - DirectoryTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( SelectDirectoryWizardPageBase::OnDirectoryTextChanged ), NULL, this ); - BrowseButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SelectDirectoryWizardPageBase::OnBrowseButtonClick ), NULL, this ); - -} - -SingleChoiceWizardPageBase::SingleChoiceWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) -{ - wxBoxSizer* bSizer71; - bSizer71 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer77; - bSizer77 = new wxBoxSizer( wxVERTICAL ); - - - bSizer77->Add( 0, 0, 0, wxEXPAND|wxTOP, 5 ); - - OuterChoicesSizer = new wxBoxSizer( wxVERTICAL ); - - ChoicesSizer = new wxBoxSizer( wxVERTICAL ); - - - OuterChoicesSizer->Add( ChoicesSizer, 0, wxEXPAND, 5 ); - - - bSizer77->Add( OuterChoicesSizer, 0, wxEXPAND, 5 ); - - InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - InfoStaticText->Wrap( -1 ); - bSizer77->Add( InfoStaticText, 1, wxALL|wxEXPAND, 5 ); - - - bSizer71->Add( bSizer77, 1, wxEXPAND, 5 ); - - - this->SetSizer( bSizer71 ); - this->Layout(); - bSizer71->Fit( this ); -} - -SingleChoiceWizardPageBase::~SingleChoiceWizardPageBase() -{ -} - -VolumeCreationProgressWizardPageBase::VolumeCreationProgressWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) -{ - wxBoxSizer* bSizer104; - bSizer104 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer105; - bSizer105 = new wxBoxSizer( wxVERTICAL ); - - wxStaticBoxSizer* sbSizer31; - sbSizer31 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, wxEmptyString ), wxVERTICAL ); - - KeySamplesUpperSizer = new wxBoxSizer( wxVERTICAL ); - - KeySamplesUpperInnerSizer = new wxBoxSizer( wxVERTICAL ); - - - KeySamplesUpperSizer->Add( KeySamplesUpperInnerSizer, 1, wxEXPAND|wxTOP, 3 ); - - - sbSizer31->Add( KeySamplesUpperSizer, 1, wxEXPAND, 30 ); - - wxFlexGridSizer* fgSizer5; - fgSizer5 = new wxFlexGridSizer( 3, 2, 0, 0 ); - fgSizer5->SetFlexibleDirection( wxBOTH ); - fgSizer5->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); - - wxStaticText* m_staticText25; - m_staticText25 = new wxStaticText( this, wxID_ANY, _("Random Pool:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText25->Wrap( -1 ); - fgSizer5->Add( m_staticText25, 0, wxALL|wxALIGN_RIGHT|wxALIGN_BOTTOM, 5 ); - - wxBoxSizer* bSizer126; - bSizer126 = new wxBoxSizer( wxHORIZONTAL ); - - RandomPoolSampleStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - RandomPoolSampleStaticText->Wrap( -1 ); - RandomPoolSampleStaticText->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier New") ) ); - - bSizer126->Add( RandomPoolSampleStaticText, 0, wxEXPAND|wxTOP|wxRIGHT|wxALIGN_BOTTOM, 7 ); - - DisplayKeysCheckBox = new wxCheckBox( this, wxID_ANY, _("Show"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer126->Add( DisplayKeysCheckBox, 0, wxEXPAND|wxRIGHT, 5 ); - - - fgSizer5->Add( bSizer126, 1, wxEXPAND|wxALIGN_BOTTOM, 5 ); - - wxStaticText* m_staticText28; - m_staticText28 = new wxStaticText( this, wxID_ANY, _("Header Key:"), wxDefaultPosition, wxSize( -1,-1 ), 0 ); - m_staticText28->Wrap( -1 ); - fgSizer5->Add( m_staticText28, 0, wxALIGN_RIGHT|wxBOTTOM|wxRIGHT|wxLEFT|wxALIGN_BOTTOM, 5 ); - - HeaderKeySampleStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - HeaderKeySampleStaticText->Wrap( -1 ); - HeaderKeySampleStaticText->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier New") ) ); - - fgSizer5->Add( HeaderKeySampleStaticText, 0, wxALIGN_BOTTOM|wxEXPAND|wxTOP|wxRIGHT, 2 ); - - wxStaticText* m_staticText29; - m_staticText29 = new wxStaticText( this, wxID_ANY, _("Master Key:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText29->Wrap( -1 ); - fgSizer5->Add( m_staticText29, 0, wxALIGN_RIGHT|wxBOTTOM|wxRIGHT|wxLEFT|wxALIGN_BOTTOM, 5 ); - - MasterKeySampleStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - MasterKeySampleStaticText->Wrap( -1 ); - MasterKeySampleStaticText->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier New") ) ); - - fgSizer5->Add( MasterKeySampleStaticText, 0, wxEXPAND|wxALIGN_BOTTOM|wxTOP|wxRIGHT, 2 ); - - - sbSizer31->Add( fgSizer5, 0, wxEXPAND, 5 ); - - - bSizer105->Add( sbSizer31, 0, wxALL|wxEXPAND, 5 ); - - wxStaticBoxSizer* sbSizer45; - sbSizer45 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Randomness Collected From Mouse Movements") ), wxVERTICAL ); - - CollectedEntropy = new wxGauge( this, wxID_ANY, 2560, wxDefaultPosition, wxDefaultSize, wxGA_HORIZONTAL|wxGA_SMOOTH ); - CollectedEntropy->SetValue( 0 ); - sbSizer45->Add( CollectedEntropy, 0, wxALL|wxEXPAND, 5 ); - - - bSizer105->Add( sbSizer45, 0, wxEXPAND|wxLEFT|wxRIGHT, 5 ); - - wxStaticBoxSizer* sbSizer32; - sbSizer32 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, wxEmptyString ), wxVERTICAL ); - - wxBoxSizer* bSizer106; - bSizer106 = new wxBoxSizer( wxHORIZONTAL ); - - ProgressGauge = new wxGauge( this, wxID_ANY, 100, wxDefaultPosition, wxDefaultSize, wxGA_HORIZONTAL|wxGA_SMOOTH ); - bSizer106->Add( ProgressGauge, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - AbortButton = new wxButton( this, wxID_ANY, _("Abort"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer106->Add( AbortButton, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); - - - sbSizer32->Add( bSizer106, 0, wxEXPAND, 5 ); - - wxGridSizer* gSizer6; - gSizer6 = new wxGridSizer( 1, 3, 0, 0 ); - - wxBoxSizer* bSizer108; - bSizer108 = new wxBoxSizer( wxHORIZONTAL ); - - m_staticText31 = new wxStaticText( this, wxID_ANY, _("Done"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText31->Wrap( -1 ); - bSizer108->Add( m_staticText31, 0, wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - m_panel12 = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxSize( -1,-1 ), wxSUNKEN_BORDER ); - wxBoxSizer* bSizer115; - bSizer115 = new wxBoxSizer( wxHORIZONTAL ); - - SizeDoneStaticText = new wxStaticText( m_panel12, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxALIGN_RIGHT|wxST_NO_AUTORESIZE ); - SizeDoneStaticText->Wrap( -1 ); - bSizer115->Add( SizeDoneStaticText, 1, wxALIGN_CENTER_VERTICAL|wxEXPAND|wxALL, 3 ); - - - m_panel12->SetSizer( bSizer115 ); - m_panel12->Layout(); - bSizer115->Fit( m_panel12 ); - bSizer108->Add( m_panel12, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL|wxALL, 5 ); - - - gSizer6->Add( bSizer108, 1, wxALIGN_CENTER_VERTICAL|wxEXPAND, 5 ); - - wxBoxSizer* bSizer1081; - bSizer1081 = new wxBoxSizer( wxHORIZONTAL ); - - m_staticText311 = new wxStaticText( this, wxID_ANY, _("Speed"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText311->Wrap( -1 ); - bSizer1081->Add( m_staticText311, 0, wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - m_panel121 = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxSUNKEN_BORDER ); - wxBoxSizer* bSizer1151; - bSizer1151 = new wxBoxSizer( wxHORIZONTAL ); - - SpeedStaticText = new wxStaticText( m_panel121, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxALIGN_RIGHT|wxST_NO_AUTORESIZE ); - SpeedStaticText->Wrap( -1 ); - bSizer1151->Add( SpeedStaticText, 1, wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND, 3 ); - - - m_panel121->SetSizer( bSizer1151 ); - m_panel121->Layout(); - bSizer1151->Fit( m_panel121 ); - bSizer1081->Add( m_panel121, 1, wxALL|wxEXPAND|wxALIGN_CENTER_VERTICAL, 5 ); - - - gSizer6->Add( bSizer1081, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL|wxALIGN_CENTER_HORIZONTAL, 5 ); - - wxBoxSizer* bSizer1082; - bSizer1082 = new wxBoxSizer( wxHORIZONTAL ); - - m_staticText312 = new wxStaticText( this, wxID_ANY, _("Left"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText312->Wrap( -1 ); - bSizer1082->Add( m_staticText312, 0, wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - m_panel122 = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxSUNKEN_BORDER|wxTAB_TRAVERSAL ); - wxBoxSizer* bSizer1152; - bSizer1152 = new wxBoxSizer( wxHORIZONTAL ); - - TimeLeftStaticText = new wxStaticText( m_panel122, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxALIGN_RIGHT|wxST_NO_AUTORESIZE ); - TimeLeftStaticText->Wrap( -1 ); - bSizer1152->Add( TimeLeftStaticText, 1, wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND, 3 ); - - - m_panel122->SetSizer( bSizer1152 ); - m_panel122->Layout(); - bSizer1152->Fit( m_panel122 ); - bSizer1082->Add( m_panel122, 1, wxALL|wxEXPAND, 5 ); - - - gSizer6->Add( bSizer1082, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT, 5 ); - - - sbSizer32->Add( gSizer6, 0, wxEXPAND|wxTOP, 2 ); - - - bSizer105->Add( sbSizer32, 0, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 5 ); - - InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - InfoStaticText->Wrap( -1 ); - bSizer105->Add( InfoStaticText, 0, wxBOTTOM|wxLEFT|wxRIGHT, 5 ); - - - bSizer104->Add( bSizer105, 1, wxEXPAND, 5 ); - - - this->SetSizer( bSizer104 ); - this->Layout(); - bSizer104->Fit( this ); - - // Connect Events - DisplayKeysCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumeCreationProgressWizardPageBase::OnDisplayKeysCheckBoxClick ), NULL, this ); - AbortButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumeCreationProgressWizardPageBase::OnAbortButtonClick ), NULL, this ); -} - -VolumeCreationProgressWizardPageBase::~VolumeCreationProgressWizardPageBase() -{ - // Disconnect Events - DisplayKeysCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumeCreationProgressWizardPageBase::OnDisplayKeysCheckBoxClick ), NULL, this ); - AbortButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumeCreationProgressWizardPageBase::OnAbortButtonClick ), NULL, this ); - -} - -VolumeLocationWizardPageBase::VolumeLocationWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) -{ - wxBoxSizer* bSizer86; - bSizer86 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer87; - bSizer87 = new wxBoxSizer( wxVERTICAL ); - - - bSizer87->Add( 0, 0, 0, wxEXPAND|wxTOP, 5 ); - - wxBoxSizer* bSizer88; - bSizer88 = new wxBoxSizer( wxHORIZONTAL ); - - wxBoxSizer* bSizer89; - bSizer89 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer126; - bSizer126 = new wxBoxSizer( wxHORIZONTAL ); - - VolumePathComboBox = new wxComboBox( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0, NULL, wxCB_DROPDOWN ); - bSizer126->Add( VolumePathComboBox, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); - - wxBoxSizer* bSizer90; - bSizer90 = new wxBoxSizer( wxVERTICAL ); - - SelectFileButton = new wxButton( this, wxID_ANY, _("Select &File..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer90->Add( SelectFileButton, 0, wxALL|wxEXPAND, 5 ); - - SelectDeviceButton = new wxButton( this, wxID_ANY, _("Select D&evice..."), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer90->Add( SelectDeviceButton, 0, wxALL|wxEXPAND, 5 ); - - - bSizer126->Add( bSizer90, 0, wxALIGN_CENTER_VERTICAL, 5 ); - - - bSizer89->Add( bSizer126, 0, wxEXPAND, 5 ); - - wxBoxSizer* bSizer91; - bSizer91 = new wxBoxSizer( wxHORIZONTAL ); - - - bSizer91->Add( 0, 0, 0, wxLEFT, 5 ); - - NoHistoryCheckBox = new wxCheckBox( this, wxID_ANY, _("&Never save history"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer91->Add( NoHistoryCheckBox, 0, wxALL|wxEXPAND, 5 ); - - - bSizer89->Add( bSizer91, 0, wxEXPAND, 5 ); - - - bSizer88->Add( bSizer89, 1, wxEXPAND, 5 ); - - - bSizer87->Add( bSizer88, 0, wxEXPAND, 5 ); - - - bSizer87->Add( 0, 0, 0, wxEXPAND|wxBOTTOM, 5 ); - - InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - InfoStaticText->Wrap( -1 ); - bSizer87->Add( InfoStaticText, 0, wxALL|wxEXPAND, 5 ); - - - bSizer86->Add( bSizer87, 1, wxEXPAND, 5 ); - - - this->SetSizer( bSizer86 ); - this->Layout(); - bSizer86->Fit( this ); - - // Connect Events - VolumePathComboBox->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnVolumePathTextChanged ), NULL, this ); - SelectFileButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnSelectFileButtonClick ), NULL, this ); - SelectDeviceButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnSelectDeviceButtonClick ), NULL, this ); - NoHistoryCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnNoHistoryCheckBoxClick ), NULL, this ); -} - -VolumeLocationWizardPageBase::~VolumeLocationWizardPageBase() -{ - // Disconnect Events - VolumePathComboBox->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnVolumePathTextChanged ), NULL, this ); - SelectFileButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnSelectFileButtonClick ), NULL, this ); - SelectDeviceButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnSelectDeviceButtonClick ), NULL, this ); - NoHistoryCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnNoHistoryCheckBoxClick ), NULL, this ); - -} - -VolumeFormatOptionsWizardPageBase::VolumeFormatOptionsWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) -{ - wxBoxSizer* bSizer124; - bSizer124 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer125; - bSizer125 = new wxBoxSizer( wxVERTICAL ); - - wxStaticBoxSizer* sbSizer33; - sbSizer33 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Filesystem Options") ), wxVERTICAL ); - - wxFlexGridSizer* fgSizer6; - fgSizer6 = new wxFlexGridSizer( 2, 2, 0, 0 ); - fgSizer6->SetFlexibleDirection( wxBOTH ); - fgSizer6->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); - - m_staticText43 = new wxStaticText( this, wxID_ANY, _("Filesystem type:"), wxDefaultPosition, wxDefaultSize, 0 ); - m_staticText43->Wrap( -1 ); - fgSizer6->Add( m_staticText43, 0, wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT, 5 ); - - wxArrayString FilesystemTypeChoiceChoices; - FilesystemTypeChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, FilesystemTypeChoiceChoices, 0 ); - FilesystemTypeChoice->SetSelection( 0 ); - fgSizer6->Add( FilesystemTypeChoice, 0, wxALL, 5 ); - - - sbSizer33->Add( fgSizer6, 1, wxEXPAND, 5 ); - - - bSizer125->Add( sbSizer33, 0, wxEXPAND|wxALL, 5 ); - - wxStaticBoxSizer* sbSizer34; - sbSizer34 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Volume Format Options") ), wxVERTICAL ); - - QuickFormatCheckBox = new wxCheckBox( this, wxID_ANY, _("Quick format"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer34->Add( QuickFormatCheckBox, 0, wxALL, 5 ); - - - bSizer125->Add( sbSizer34, 0, wxEXPAND|wxALL, 5 ); - - - bSizer125->Add( 0, 0, 1, wxEXPAND|wxTOP|wxBOTTOM, 5 ); - - InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - InfoStaticText->Wrap( -1 ); - bSizer125->Add( InfoStaticText, 0, wxALL, 5 ); - - - bSizer124->Add( bSizer125, 0, wxEXPAND, 5 ); - - - this->SetSizer( bSizer124 ); - this->Layout(); - bSizer124->Fit( this ); - - // Connect Events - FilesystemTypeChoice->Connect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( VolumeFormatOptionsWizardPageBase::OnFilesystemTypeSelected ), NULL, this ); - QuickFormatCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumeFormatOptionsWizardPageBase::OnQuickFormatCheckBoxClick ), NULL, this ); -} - -VolumeFormatOptionsWizardPageBase::~VolumeFormatOptionsWizardPageBase() -{ - // Disconnect Events - FilesystemTypeChoice->Disconnect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( VolumeFormatOptionsWizardPageBase::OnFilesystemTypeSelected ), NULL, this ); - QuickFormatCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumeFormatOptionsWizardPageBase::OnQuickFormatCheckBoxClick ), NULL, this ); - -} - -VolumePasswordPanelBase::VolumePasswordPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style ) -{ - wxBoxSizer* bSizer7; - bSizer7 = new wxBoxSizer( wxVERTICAL ); - - GridBagSizer = new wxGridBagSizer( 0, 0 ); - GridBagSizer->SetFlexibleDirection( wxBOTH ); - GridBagSizer->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); - GridBagSizer->SetEmptyCellSize( wxSize( 0,0 ) ); - - PasswordStaticText = new wxStaticText( this, wxID_ANY, _("Password:"), wxDefaultPosition, wxDefaultSize, 0 ); - PasswordStaticText->Wrap( -1 ); - GridBagSizer->Add( PasswordStaticText, wxGBPosition( 1, 0 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxBOTTOM|wxRIGHT, 5 ); - - PasswordTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_PASSWORD ); - PasswordTextCtrl->SetMaxLength( 1 ); - PasswordTextCtrl->SetMinSize( wxSize( 232,-1 ) ); - - GridBagSizer->Add( PasswordTextCtrl, wxGBPosition( 1, 1 ), wxGBSpan( 1, 2 ), wxBOTTOM|wxALIGN_CENTER_VERTICAL|wxEXPAND, 5 ); - - ConfirmPasswordStaticText = new wxStaticText( this, wxID_ANY, _("Confirm password:"), wxDefaultPosition, wxDefaultSize, 0 ); - ConfirmPasswordStaticText->Wrap( -1 ); - GridBagSizer->Add( ConfirmPasswordStaticText, wxGBPosition( 2, 0 ), wxGBSpan( 1, 1 ), wxBOTTOM|wxRIGHT|wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT, 5 ); - - ConfirmPasswordTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_PASSWORD ); - ConfirmPasswordTextCtrl->SetMaxLength( 1 ); - ConfirmPasswordTextCtrl->SetMinSize( wxSize( 232,-1 ) ); - - GridBagSizer->Add( ConfirmPasswordTextCtrl, wxGBPosition( 2, 1 ), wxGBSpan( 1, 2 ), wxBOTTOM|wxALIGN_CENTER_VERTICAL|wxEXPAND, 5 ); - - VolumePimStaticText = new wxStaticText( this, wxID_ANY, _("Volume PIM:"), wxDefaultPosition, wxDefaultSize, 0 ); - VolumePimStaticText->Wrap( -1 ); - GridBagSizer->Add( VolumePimStaticText, wxGBPosition( 3, 0 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxBOTTOM|wxRIGHT, 5 ); - - VolumePimTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_PASSWORD ); - VolumePimTextCtrl->SetMaxLength( 7 ); - GridBagSizer->Add( VolumePimTextCtrl, wxGBPosition( 3, 1 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxEXPAND, 5 ); - - VolumePimHelpStaticText = new wxStaticText( this, wxID_ANY, _("(Empty or 0 for default iterations)"), wxDefaultPosition, wxDefaultSize, 0 ); - VolumePimHelpStaticText->Wrap( -1 ); - GridBagSizer->Add( VolumePimHelpStaticText, wxGBPosition( 3, 2 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxBOTTOM|wxLEFT|wxRIGHT, 5 ); - - PimCheckBox = new wxCheckBox( this, wxID_ANY, _("Use PIM"), wxDefaultPosition, wxDefaultSize, 0 ); - GridBagSizer->Add( PimCheckBox, wxGBPosition( 4, 1 ), wxGBSpan( 1, 2 ), wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL, 5 ); - - CacheCheckBox = new wxCheckBox( this, wxID_ANY, _("Cach&e passwords and keyfiles in memory "), wxDefaultPosition, wxDefaultSize, 0 ); - GridBagSizer->Add( CacheCheckBox, wxGBPosition( 5, 1 ), wxGBSpan( 1, 2 ), wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL, 5 ); - - DisplayPasswordCheckBox = new wxCheckBox( this, wxID_ANY, _("&Display password"), wxDefaultPosition, wxDefaultSize, 0 ); - GridBagSizer->Add( DisplayPasswordCheckBox, wxGBPosition( 6, 1 ), wxGBSpan( 1, 2 ), wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL, 5 ); - - UseKeyfilesCheckBox = new wxCheckBox( this, wxID_ANY, _("U&se keyfiles"), wxDefaultPosition, wxDefaultSize, 0 ); - GridBagSizer->Add( UseKeyfilesCheckBox, wxGBPosition( 7, 1 ), wxGBSpan( 1, 1 ), wxTOP|wxRIGHT|wxLEFT, 5 ); - - KeyfilesButton = new wxButton( this, wxID_ANY, _("&Keyfiles..."), wxDefaultPosition, wxDefaultSize, 0 ); - GridBagSizer->Add( KeyfilesButton, wxGBPosition( 7, 2 ), wxGBSpan( 1, 1 ), wxALIGN_RIGHT|wxALIGN_BOTTOM|wxLEFT, 5 ); - - Pkcs5PrfSizer = new wxBoxSizer( wxVERTICAL ); - - - GridBagSizer->Add( Pkcs5PrfSizer, wxGBPosition( 8, 1 ), wxGBSpan( 1, 1 ), wxEXPAND|wxTOP|wxBOTTOM, 5 ); - - Pkcs5PrfStaticText = new wxStaticText( this, wxID_ANY, _("PKCS-5 PRF:"), wxDefaultPosition, wxDefaultSize, 0 ); - Pkcs5PrfStaticText->Wrap( -1 ); - GridBagSizer->Add( Pkcs5PrfStaticText, wxGBPosition( 9, 0 ), wxGBSpan( 1, 1 ), wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL|wxRIGHT, 5 ); - - wxString Pkcs5PrfChoiceChoices[] = { _("Unchanged") }; - int Pkcs5PrfChoiceNChoices = sizeof( Pkcs5PrfChoiceChoices ) / sizeof( wxString ); - Pkcs5PrfChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, Pkcs5PrfChoiceNChoices, Pkcs5PrfChoiceChoices, 0 ); - Pkcs5PrfChoice->SetSelection( 0 ); - GridBagSizer->Add( Pkcs5PrfChoice, wxGBPosition( 9, 1 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxLEFT, 5 ); - - TrueCryptModeCheckBox = new wxCheckBox( this, wxID_ANY, _("TrueCrypt Mode"), wxDefaultPosition, wxDefaultSize, 0 ); - GridBagSizer->Add( TrueCryptModeCheckBox, wxGBPosition( 9, 2 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxLEFT, 5 ); - - HeaderWipeCountText = new wxStaticText( this, wxID_ANY, _("Header Wipe:"), wxDefaultPosition, wxDefaultSize, 0 ); - HeaderWipeCountText->Wrap( -1 ); - GridBagSizer->Add( HeaderWipeCountText, wxGBPosition( 10, 0 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxRIGHT, 5 ); - - wxString HeaderWipeCountChoices[] = { _("1-pass"), _("3-pass"), _("7-pass"), _("35-pass"), _("256-pass") }; - int HeaderWipeCountNChoices = sizeof( HeaderWipeCountChoices ) / sizeof( wxString ); - HeaderWipeCount = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, HeaderWipeCountNChoices, HeaderWipeCountChoices, 0 ); - HeaderWipeCount->SetSelection( 1 ); - GridBagSizer->Add( HeaderWipeCount, wxGBPosition( 10, 1 ), wxGBSpan( 1, 1 ), wxALL, 5 ); - - PasswordPlaceholderSizer = new wxBoxSizer( wxVERTICAL ); - - - GridBagSizer->Add( PasswordPlaceholderSizer, wxGBPosition( 11, 1 ), wxGBSpan( 1, 2 ), wxTOP|wxEXPAND, 5 ); - - - GridBagSizer->AddGrowableCol( 1 ); - - bSizer7->Add( GridBagSizer, 1, wxALL|wxEXPAND, 5 ); - - - this->SetSizer( bSizer7 ); - this->Layout(); - bSizer7->Fit( this ); - - // Connect Events - PasswordTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePasswordPanelBase::OnTextChanged ), NULL, this ); - ConfirmPasswordTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePasswordPanelBase::OnTextChanged ), NULL, this ); - VolumePimTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePasswordPanelBase::OnPimChanged ), NULL, this ); - PimCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnUsePimCheckBoxClick ), NULL, this ); - DisplayPasswordCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnDisplayPasswordCheckBoxClick ), NULL, this ); - UseKeyfilesCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnUseKeyfilesCheckBoxClick ), NULL, this ); - KeyfilesButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnKeyfilesButtonClick ), NULL, this ); - KeyfilesButton->Connect( wxEVT_RIGHT_DOWN, wxMouseEventHandler( VolumePasswordPanelBase::OnKeyfilesButtonRightDown ), NULL, this ); - KeyfilesButton->Connect( wxEVT_RIGHT_UP, wxMouseEventHandler( VolumePasswordPanelBase::OnKeyfilesButtonRightClick ), NULL, this ); - TrueCryptModeCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnTrueCryptModeChecked ), NULL, this ); -} - -VolumePasswordPanelBase::~VolumePasswordPanelBase() -{ - // Disconnect Events - PasswordTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePasswordPanelBase::OnTextChanged ), NULL, this ); - ConfirmPasswordTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePasswordPanelBase::OnTextChanged ), NULL, this ); - VolumePimTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePasswordPanelBase::OnPimChanged ), NULL, this ); - PimCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnUsePimCheckBoxClick ), NULL, this ); - DisplayPasswordCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnDisplayPasswordCheckBoxClick ), NULL, this ); - UseKeyfilesCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnUseKeyfilesCheckBoxClick ), NULL, this ); - KeyfilesButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnKeyfilesButtonClick ), NULL, this ); - KeyfilesButton->Disconnect( wxEVT_RIGHT_DOWN, wxMouseEventHandler( VolumePasswordPanelBase::OnKeyfilesButtonRightDown ), NULL, this ); - KeyfilesButton->Disconnect( wxEVT_RIGHT_UP, wxMouseEventHandler( VolumePasswordPanelBase::OnKeyfilesButtonRightClick ), NULL, this ); - TrueCryptModeCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnTrueCryptModeChecked ), NULL, this ); - -} - -VolumePasswordWizardPageBase::VolumePasswordWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) -{ - wxBoxSizer* bSizer101; - bSizer101 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer102; - bSizer102 = new wxBoxSizer( wxVERTICAL ); - - PasswordPanelSizer = new wxBoxSizer( wxVERTICAL ); - - - bSizer102->Add( PasswordPanelSizer, 0, wxEXPAND, 5 ); - - InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - InfoStaticText->Wrap( -1 ); - bSizer102->Add( InfoStaticText, 0, wxALL|wxEXPAND, 5 ); - - - bSizer101->Add( bSizer102, 1, wxEXPAND, 5 ); - - - this->SetSizer( bSizer101 ); - this->Layout(); - bSizer101->Fit( this ); -} - -VolumePasswordWizardPageBase::~VolumePasswordWizardPageBase() -{ -} - -VolumePimWizardPageBase::VolumePimWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) -{ - wxBoxSizer* bSizer101; - bSizer101 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer102; - bSizer102 = new wxBoxSizer( wxVERTICAL ); - - PimPanelSizer = new wxBoxSizer( wxVERTICAL ); - - PimSizer = new wxBoxSizer( wxHORIZONTAL ); - - VolumePimStaticText = new wxStaticText( this, wxID_ANY, _("Volume PIM:"), wxDefaultPosition, wxDefaultSize, 0 ); - VolumePimStaticText->Wrap( -1 ); - PimSizer->Add( VolumePimStaticText, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); - - VolumePimTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_PASSWORD ); - VolumePimTextCtrl->SetMaxLength( 7 ); - PimSizer->Add( VolumePimTextCtrl, 0, wxALL, 5 ); - - VolumePimHelpStaticText = new wxStaticText( this, wxID_ANY, _("(Empty or 0 for default iterations)"), wxDefaultPosition, wxDefaultSize, 0 ); - VolumePimHelpStaticText->Wrap( -1 ); - PimSizer->Add( VolumePimHelpStaticText, 1, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); - - - PimPanelSizer->Add( PimSizer, 1, wxEXPAND, 5 ); - - wxBoxSizer* bSizer166; - bSizer166 = new wxBoxSizer( wxHORIZONTAL ); - - DisplayPimCheckBox = new wxCheckBox( this, wxID_ANY, _("&Display PIM"), wxDefaultPosition, wxDefaultSize, 0 ); - bSizer166->Add( DisplayPimCheckBox, 1, wxALL|wxEXPAND, 5 ); - - - PimPanelSizer->Add( bSizer166, 1, wxEXPAND, 5 ); - - - bSizer102->Add( PimPanelSizer, 0, wxEXPAND, 5 ); - - InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - InfoStaticText->Wrap( -1 ); - bSizer102->Add( InfoStaticText, 0, wxALL|wxEXPAND, 5 ); - - - bSizer101->Add( bSizer102, 1, wxEXPAND, 5 ); - - - this->SetSizer( bSizer101 ); - this->Layout(); - bSizer101->Fit( this ); - - // Connect Events - VolumePimTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePimWizardPageBase::OnPimChanged ), NULL, this ); - DisplayPimCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePimWizardPageBase::OnDisplayPimCheckBoxClick ), NULL, this ); -} - -VolumePimWizardPageBase::~VolumePimWizardPageBase() -{ - // Disconnect Events - VolumePimTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePimWizardPageBase::OnPimChanged ), NULL, this ); - DisplayPimCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePimWizardPageBase::OnDisplayPimCheckBoxClick ), NULL, this ); - -} - -VolumeSizeWizardPageBase::VolumeSizeWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) -{ - wxBoxSizer* bSizer98; - bSizer98 = new wxBoxSizer( wxVERTICAL ); - - wxBoxSizer* bSizer99; - bSizer99 = new wxBoxSizer( wxVERTICAL ); - - - bSizer99->Add( 0, 0, 0, wxEXPAND|wxTOP|wxBOTTOM, 5 ); - - wxBoxSizer* bSizer100; - bSizer100 = new wxBoxSizer( wxHORIZONTAL ); - - VolumeSizeTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - VolumeSizeTextCtrl->SetMaxLength( 0 ); - bSizer100->Add( VolumeSizeTextCtrl, 0, wxALL, 5 ); - - wxArrayString VolumeSizePrefixChoiceChoices; - VolumeSizePrefixChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, VolumeSizePrefixChoiceChoices, 0 ); - VolumeSizePrefixChoice->SetSelection( 0 ); - bSizer100->Add( VolumeSizePrefixChoice, 0, wxALL, 5 ); - - - bSizer99->Add( bSizer100, 0, wxEXPAND, 5 ); - - - bSizer99->Add( 0, 0, 0, wxEXPAND|wxTOP|wxBOTTOM, 5 ); - - FreeSpaceStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - FreeSpaceStaticText->Wrap( -1 ); - bSizer99->Add( FreeSpaceStaticText, 0, wxALL|wxEXPAND, 5 ); - - - bSizer99->Add( 0, 0, 0, wxEXPAND|wxTOP|wxBOTTOM, 5 ); - - InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); - InfoStaticText->Wrap( -1 ); - bSizer99->Add( InfoStaticText, 0, wxALL|wxEXPAND, 5 ); - - - bSizer98->Add( bSizer99, 0, wxEXPAND, 5 ); - - - this->SetSizer( bSizer98 ); - this->Layout(); - bSizer98->Fit( this ); - - // Connect Events - VolumeSizeTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumeSizeWizardPageBase::OnVolumeSizeTextChanged ), NULL, this ); - VolumeSizePrefixChoice->Connect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( VolumeSizeWizardPageBase::OnVolumeSizePrefixSelected ), NULL, this ); -} - -VolumeSizeWizardPageBase::~VolumeSizeWizardPageBase() -{ - // Disconnect Events - VolumeSizeTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumeSizeWizardPageBase::OnVolumeSizeTextChanged ), NULL, this ); - VolumeSizePrefixChoice->Disconnect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( VolumeSizeWizardPageBase::OnVolumeSizePrefixSelected ), NULL, this ); - -} - -WaitDialogBase::WaitDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) -{ - this->SetSizeHints( wxDefaultSize, wxDefaultSize ); - - wxBoxSizer* bSizer160; - bSizer160 = new wxBoxSizer( wxVERTICAL ); - - WaitStaticText = new wxStaticText( this, wxID_ANY, _("MyLabel"), wxDefaultPosition, wxDefaultSize, wxALIGN_CENTRE ); - WaitStaticText->Wrap( -1 ); - bSizer160->Add( WaitStaticText, 0, wxALIGN_CENTER_HORIZONTAL|wxALL|wxEXPAND, 5 ); - - WaitProgessBar = new wxGauge( this, wxID_ANY, 100, wxDefaultPosition, wxDefaultSize, wxGA_HORIZONTAL|wxGA_SMOOTH ); - WaitProgessBar->SetValue( 0 ); - bSizer160->Add( WaitProgessBar, 0, wxALL|wxEXPAND, 5 ); - - - this->SetSizer( bSizer160 ); - this->Layout(); - bSizer160->Fit( this ); - - this->Centre( wxBOTH ); - - // Connect Events - this->Connect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( WaitDialogBase::OnWaitDialogClose ) ); - this->Connect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( WaitDialogBase::OnWaitDialogInit ) ); -} - -WaitDialogBase::~WaitDialogBase() -{ - // Disconnect Events - this->Disconnect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( WaitDialogBase::OnWaitDialogClose ) ); - this->Disconnect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( WaitDialogBase::OnWaitDialogInit ) ); - -} +/////////////////////////////////////////////////////////////////////////// +// C++ code generated with wxFormBuilder (version Jun 5 2014) +// http://www.wxformbuilder.org/ +// +// PLEASE DO "NOT" EDIT THIS FILE! +/////////////////////////////////////////////////////////////////////////// + +#include "System.h" + +#include "Forms.h" + +/////////////////////////////////////////////////////////////////////////// +using namespace VeraCrypt; + +MainFrameBase::MainFrameBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxFrame( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxSize( -1,496 ), wxDefaultSize ); + + MainMenuBar = new wxMenuBar( 0 ); + VolumesMenu = new wxMenu(); + wxMenuItem* CreateNewVolumeMenuItem; + CreateNewVolumeMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Create New Volume...") ) , wxEmptyString, wxITEM_NORMAL ); + VolumesMenu->Append( CreateNewVolumeMenuItem ); + + VolumesMenu->AppendSeparator(); + + MountVolumeMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Mount Volume") ) , wxEmptyString, wxITEM_NORMAL ); + VolumesMenu->Append( MountVolumeMenuItem ); + + wxMenuItem* AutoMountDevicesMenuItem; + AutoMountDevicesMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Auto-Mount All Device-Hosted Volumes") ) , wxEmptyString, wxITEM_NORMAL ); + VolumesMenu->Append( AutoMountDevicesMenuItem ); + + VolumesMenu->AppendSeparator(); + + DismountVolumeMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Dismount Volume") ) , wxEmptyString, wxITEM_NORMAL ); + VolumesMenu->Append( DismountVolumeMenuItem ); + + DismountAllMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Dismount All Mounted Volumes") ) , wxEmptyString, wxITEM_NORMAL ); + VolumesMenu->Append( DismountAllMenuItem ); + + VolumesMenu->AppendSeparator(); + + wxMenuItem* ChangePasswordMenuItem; + ChangePasswordMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Change Volume Password...") ) , wxEmptyString, wxITEM_NORMAL ); + VolumesMenu->Append( ChangePasswordMenuItem ); + + wxMenuItem* ChangePkcs5PrfMenuItem; + ChangePkcs5PrfMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Change Header Key Derivation Algorithm...") ) , wxEmptyString, wxITEM_NORMAL ); + VolumesMenu->Append( ChangePkcs5PrfMenuItem ); + + wxMenuItem* ChangeKeyfilesMenuItem; + ChangeKeyfilesMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Add/Remove Keyfiles to/from Volume...") ) , wxEmptyString, wxITEM_NORMAL ); + VolumesMenu->Append( ChangeKeyfilesMenuItem ); + + wxMenuItem* RemoveKeyfilesMenuItem; + RemoveKeyfilesMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Remove All Keyfiles from Volume...") ) , wxEmptyString, wxITEM_NORMAL ); + VolumesMenu->Append( RemoveKeyfilesMenuItem ); + + VolumesMenu->AppendSeparator(); + + VolumePropertiesMenuItem = new wxMenuItem( VolumesMenu, wxID_ANY, wxString( _("Volume Properties...") ) , wxEmptyString, wxITEM_NORMAL ); + VolumesMenu->Append( VolumePropertiesMenuItem ); + + MainMenuBar->Append( VolumesMenu, _("&Volumes") ); + + FavoritesMenu = new wxMenu(); + AddToFavoritesMenuItem = new wxMenuItem( FavoritesMenu, wxID_ANY, wxString( _("Add Selected Volume to Favorites...") ) , wxEmptyString, wxITEM_NORMAL ); + FavoritesMenu->Append( AddToFavoritesMenuItem ); + + AddAllMountedToFavoritesMenuItem = new wxMenuItem( FavoritesMenu, wxID_ANY, wxString( _("Add All Mounted Volumes to Favorites...") ) , wxEmptyString, wxITEM_NORMAL ); + FavoritesMenu->Append( AddAllMountedToFavoritesMenuItem ); + + wxMenuItem* OrganizeFavoritesMenuItem; + OrganizeFavoritesMenuItem = new wxMenuItem( FavoritesMenu, wxID_ANY, wxString( _("Organize Favorite Volumes...") ) , wxEmptyString, wxITEM_NORMAL ); + FavoritesMenu->Append( OrganizeFavoritesMenuItem ); + + FavoritesMenu->AppendSeparator(); + + wxMenuItem* MountAllFavoritesMenuItem; + MountAllFavoritesMenuItem = new wxMenuItem( FavoritesMenu, wxID_ANY, wxString( _("Mount Favorite Volumes") ) , wxEmptyString, wxITEM_NORMAL ); + FavoritesMenu->Append( MountAllFavoritesMenuItem ); + + FavoritesMenu->AppendSeparator(); + + MainMenuBar->Append( FavoritesMenu, _("&Favorites") ); + + ToolsMenu = new wxMenu(); + wxMenuItem* BenchmarkMenuItem; + BenchmarkMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Benchmark...") ) , wxEmptyString, wxITEM_NORMAL ); + ToolsMenu->Append( BenchmarkMenuItem ); + + wxMenuItem* EncryptionTestMenuItem; + EncryptionTestMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Test Vectors...") ) , wxEmptyString, wxITEM_NORMAL ); + ToolsMenu->Append( EncryptionTestMenuItem ); + + ToolsMenu->AppendSeparator(); + + wxMenuItem* VolumeCreationWizardMenuItem; + VolumeCreationWizardMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Volume Creation Wizard") ) , wxEmptyString, wxITEM_NORMAL ); + ToolsMenu->Append( VolumeCreationWizardMenuItem ); + + ToolsMenu->AppendSeparator(); + + BackupVolumeHeadersMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Backup Volume Header...") ) , wxEmptyString, wxITEM_NORMAL ); + ToolsMenu->Append( BackupVolumeHeadersMenuItem ); + + RestoreVolumeHeaderMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Restore Volume Header...") ) , wxEmptyString, wxITEM_NORMAL ); + ToolsMenu->Append( RestoreVolumeHeaderMenuItem ); + + ToolsMenu->AppendSeparator(); + + wxMenuItem* CreateKeyfileMenuItem; + CreateKeyfileMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Keyfile Generator") ) , wxEmptyString, wxITEM_NORMAL ); + ToolsMenu->Append( CreateKeyfileMenuItem ); + + wxMenuItem* ManageSecurityTokenKeyfilesMenuItem; + ManageSecurityTokenKeyfilesMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Manage Security Token Keyfiles...") ) , wxEmptyString, wxITEM_NORMAL ); + ToolsMenu->Append( ManageSecurityTokenKeyfilesMenuItem ); + + wxMenuItem* CloseAllSecurityTokenSessionsMenuItem; + CloseAllSecurityTokenSessionsMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Close All Security Token Sessions") ) , wxEmptyString, wxITEM_NORMAL ); + ToolsMenu->Append( CloseAllSecurityTokenSessionsMenuItem ); + + ToolsMenu->AppendSeparator(); + + WipeCachedPasswordsMenuItem = new wxMenuItem( ToolsMenu, wxID_ANY, wxString( _("Wipe Cached Passwords") ) , wxEmptyString, wxITEM_NORMAL ); + ToolsMenu->Append( WipeCachedPasswordsMenuItem ); + + MainMenuBar->Append( ToolsMenu, _("T&ools") ); + + SettingsMenu = new wxMenu(); + HotkeysMenuItem = new wxMenuItem( SettingsMenu, wxID_ANY, wxString( _("Hotkeys...") ) , wxEmptyString, wxITEM_NORMAL ); + SettingsMenu->Append( HotkeysMenuItem ); + + wxMenuItem* DefaultKeyfilesMenuItem; + DefaultKeyfilesMenuItem = new wxMenuItem( SettingsMenu, wxID_ANY, wxString( _("Default Keyfiles...") ) , wxEmptyString, wxITEM_NORMAL ); + SettingsMenu->Append( DefaultKeyfilesMenuItem ); + + wxMenuItem* DefaultMountParametersMenuItem; + DefaultMountParametersMenuItem = new wxMenuItem( SettingsMenu, wxID_ANY, wxString( _("Default Mount Parameters...") ) , wxEmptyString, wxITEM_NORMAL ); + SettingsMenu->Append( DefaultMountParametersMenuItem ); + + wxMenuItem* SecurityTokenPreferencesMenuItem; + SecurityTokenPreferencesMenuItem = new wxMenuItem( SettingsMenu, wxID_ANY, wxString( _("Security Tokens...") ) , wxEmptyString, wxITEM_NORMAL ); + SettingsMenu->Append( SecurityTokenPreferencesMenuItem ); + + SettingsMenu->AppendSeparator(); + + PreferencesMenuItem = new wxMenuItem( SettingsMenu, wxID_PREFERENCES, wxString( _("&Preferences...") ) , wxEmptyString, wxITEM_NORMAL ); + SettingsMenu->Append( PreferencesMenuItem ); + + MainMenuBar->Append( SettingsMenu, _("Settin&gs") ); + + HelpMenu = new wxMenu(); + wxMenuItem* UserGuideMenuItem; + UserGuideMenuItem = new wxMenuItem( HelpMenu, wxID_HELP, wxString( _("User's Guide") ) , wxEmptyString, wxITEM_NORMAL ); + HelpMenu->Append( UserGuideMenuItem ); + + wxMenuItem* OnlineHelpMenuItem; + OnlineHelpMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Online Help") ) , wxEmptyString, wxITEM_NORMAL ); + HelpMenu->Append( OnlineHelpMenuItem ); + + wxMenuItem* BeginnersTutorialMenuItem; + BeginnersTutorialMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Beginner's Tutorial") ) , wxEmptyString, wxITEM_NORMAL ); + HelpMenu->Append( BeginnersTutorialMenuItem ); + + wxMenuItem* FaqMenuItem; + FaqMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Frequently Asked Questions") ) , wxEmptyString, wxITEM_NORMAL ); + HelpMenu->Append( FaqMenuItem ); + + HelpMenu->AppendSeparator(); + + wxMenuItem* WebsiteMenuItem; + WebsiteMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("VeraCrypt Website") ) , wxEmptyString, wxITEM_NORMAL ); + HelpMenu->Append( WebsiteMenuItem ); + + wxMenuItem* DownloadsMenuItem; + DownloadsMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Downloads") ) , wxEmptyString, wxITEM_NORMAL ); + HelpMenu->Append( DownloadsMenuItem ); + + wxMenuItem* NewsMenuItem; + NewsMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("News") ) , wxEmptyString, wxITEM_NORMAL ); + HelpMenu->Append( NewsMenuItem ); + + wxMenuItem* VersionHistoryMenuItem; + VersionHistoryMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Version History") ) , wxEmptyString, wxITEM_NORMAL ); + HelpMenu->Append( VersionHistoryMenuItem ); + + HelpMenu->AppendSeparator(); + + wxMenuItem* DonateMenuItem; + DonateMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Donate") ) , wxEmptyString, wxITEM_NORMAL ); + HelpMenu->Append( DonateMenuItem ); + + wxMenuItem* ContactMenuItem; + ContactMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Contact") ) , wxEmptyString, wxITEM_NORMAL ); + HelpMenu->Append( ContactMenuItem ); + + wxMenuItem* LegalNoticesMenuItem; + LegalNoticesMenuItem = new wxMenuItem( HelpMenu, wxID_ANY, wxString( _("Legal Notices") ) , wxEmptyString, wxITEM_NORMAL ); + HelpMenu->Append( LegalNoticesMenuItem ); + + wxMenuItem* AboutMenuItem; + AboutMenuItem = new wxMenuItem( HelpMenu, wxID_ABOUT, wxString( _("About") ) , wxEmptyString, wxITEM_NORMAL ); + HelpMenu->Append( AboutMenuItem ); + + MainMenuBar->Append( HelpMenu, _("&Help") ); + + this->SetMenuBar( MainMenuBar ); + + wxBoxSizer* bSizer1; + bSizer1 = new wxBoxSizer( wxVERTICAL ); + + MainPanel = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + wxBoxSizer* bSizer2; + bSizer2 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer48; + bSizer48 = new wxBoxSizer( wxVERTICAL ); + + wxStaticBoxSizer* sbSizer1; + sbSizer1 = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); + + SlotListCtrl = new wxListCtrl( MainPanel, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_SINGLE_SEL|wxLC_VRULES|wxSUNKEN_BORDER ); + sbSizer1->Add( SlotListCtrl, 1, wxALL|wxEXPAND, 5 ); + + + bSizer48->Add( sbSizer1, 1, wxEXPAND, 5 ); + + LowStaticBoxSizer = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); + + HigherButtonSizer = new wxBoxSizer( wxVERTICAL ); + + + LowStaticBoxSizer->Add( HigherButtonSizer, 0, wxEXPAND|wxTOP, 2 ); + + wxGridSizer* gSizer1; + gSizer1 = new wxGridSizer( 1, 3, 0, 0 ); + + wxBoxSizer* bSizer17; + bSizer17 = new wxBoxSizer( wxVERTICAL ); + + bSizer17->SetMinSize( wxSize( 138,34 ) ); + CreateVolumeButton = new wxButton( MainPanel, wxID_ANY, _("&Create Volume"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer17->Add( CreateVolumeButton, 1, wxALL|wxEXPAND, 5 ); + + + gSizer1->Add( bSizer17, 0, 0, 5 ); + + wxBoxSizer* bSizer18; + bSizer18 = new wxBoxSizer( wxVERTICAL ); + + bSizer18->SetMinSize( wxSize( 138,34 ) ); + VolumePropertiesButton = new wxButton( MainPanel, wxID_ANY, _("&Volume Properties..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer18->Add( VolumePropertiesButton, 1, wxALL|wxALIGN_CENTER_HORIZONTAL|wxEXPAND, 5 ); + + + gSizer1->Add( bSizer18, 0, wxALIGN_CENTER_HORIZONTAL, 5 ); + + wxBoxSizer* bSizer19; + bSizer19 = new wxBoxSizer( wxVERTICAL ); + + bSizer19->SetMinSize( wxSize( 138,34 ) ); + WipeCacheButton = new wxButton( MainPanel, wxID_ANY, _("&Wipe Cache"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer19->Add( WipeCacheButton, 1, wxALL|wxALIGN_RIGHT|wxEXPAND, 5 ); + + + gSizer1->Add( bSizer19, 0, wxALIGN_RIGHT, 5 ); + + + LowStaticBoxSizer->Add( gSizer1, 0, wxEXPAND|wxRIGHT|wxLEFT, 5 ); + + + LowStaticBoxSizer->Add( 0, 0, 0, 0, 5 ); + + VolumeStaticBoxSizer = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, _("Volume") ), wxVERTICAL ); + + VolumeGridBagSizer = new wxGridBagSizer( 0, 0 ); + VolumeGridBagSizer->SetFlexibleDirection( wxBOTH ); + VolumeGridBagSizer->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); + + LogoBitmap = new wxStaticBitmap( MainPanel, wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, wxSUNKEN_BORDER ); + LogoBitmap->SetMinSize( wxSize( 42,52 ) ); + + VolumeGridBagSizer->Add( LogoBitmap, wxGBPosition( 0, 0 ), wxGBSpan( 2, 1 ), wxALIGN_CENTER_VERTICAL|wxALL, 5 ); + + VolumePathComboBox = new wxComboBox( MainPanel, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0, NULL, wxCB_DROPDOWN ); + VolumeGridBagSizer->Add( VolumePathComboBox, wxGBPosition( 0, 1 ), wxGBSpan( 1, 2 ), wxEXPAND|wxALL, 5 ); + + wxBoxSizer* bSizer191; + bSizer191 = new wxBoxSizer( wxVERTICAL ); + + bSizer191->SetMinSize( wxSize( 138,34 ) ); + SelectFileButton = new wxButton( MainPanel, wxID_ANY, _("Select &File..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer191->Add( SelectFileButton, 1, wxALL|wxEXPAND, 5 ); + + + VolumeGridBagSizer->Add( bSizer191, wxGBPosition( 0, 3 ), wxGBSpan( 1, 1 ), wxEXPAND, 5 ); + + NoHistoryCheckBox = new wxCheckBox( MainPanel, wxID_ANY, _("&Never save history"), wxDefaultPosition, wxDefaultSize, 0 ); + VolumeGridBagSizer->Add( NoHistoryCheckBox, wxGBPosition( 1, 1 ), wxGBSpan( 1, 1 ), wxBOTTOM|wxRIGHT|wxLEFT, 5 ); + + wxBoxSizer* bSizer20; + bSizer20 = new wxBoxSizer( wxVERTICAL ); + + bSizer20->SetMinSize( wxSize( 138,34 ) ); + VolumeToolsButton = new wxButton( MainPanel, wxID_ANY, _("Volume &Tools..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer20->Add( VolumeToolsButton, 1, wxALL|wxEXPAND, 5 ); + + + VolumeGridBagSizer->Add( bSizer20, wxGBPosition( 1, 2 ), wxGBSpan( 1, 1 ), wxALIGN_RIGHT, 5 ); + + wxBoxSizer* bSizer21; + bSizer21 = new wxBoxSizer( wxVERTICAL ); + + bSizer21->SetMinSize( wxSize( 138,34 ) ); + SelectDeviceButton = new wxButton( MainPanel, wxID_ANY, _("Select D&evice..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer21->Add( SelectDeviceButton, 1, wxEXPAND|wxALL, 5 ); + + + VolumeGridBagSizer->Add( bSizer21, wxGBPosition( 1, 3 ), wxGBSpan( 1, 1 ), wxEXPAND, 5 ); + + + VolumeGridBagSizer->AddGrowableCol( 1 ); + VolumeGridBagSizer->AddGrowableRow( 0 ); + + VolumeStaticBoxSizer->Add( VolumeGridBagSizer, 1, wxEXPAND|wxALL, 4 ); + + + LowStaticBoxSizer->Add( VolumeStaticBoxSizer, 1, wxEXPAND, 5 ); + + + LowStaticBoxSizer->Add( 0, 0, 0, 0, 5 ); + + wxGridSizer* gSizer2; + gSizer2 = new wxGridSizer( 1, 4, 0, 0 ); + + wxStaticBoxSizer* sbSizer4; + sbSizer4 = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); + + sbSizer4->SetMinSize( wxSize( 139,-1 ) ); + VolumeButton = new wxButton( MainPanel, wxID_ANY, _("&Mount"), wxDefaultPosition, wxDefaultSize, 0 ); + VolumeButton->SetDefault(); + VolumeButton->SetMinSize( wxSize( -1,32 ) ); + + sbSizer4->Add( VolumeButton, 1, wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP, 2 ); + + + gSizer2->Add( sbSizer4, 1, wxEXPAND, 0 ); + + wxStaticBoxSizer* sbSizer41; + sbSizer41 = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); + + MountAllDevicesButton = new wxButton( MainPanel, wxID_ANY, _("&Auto-Mount Devices"), wxDefaultPosition, wxDefaultSize, 0 ); + MountAllDevicesButton->SetMinSize( wxSize( -1,32 ) ); + + sbSizer41->Add( MountAllDevicesButton, 1, wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP, 2 ); + + + gSizer2->Add( sbSizer41, 1, wxALIGN_CENTER_HORIZONTAL|wxEXPAND, 5 ); + + wxStaticBoxSizer* sbSizer42; + sbSizer42 = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); + + DismountAllButton = new wxButton( MainPanel, wxID_ANY, _("Di&smount All"), wxDefaultPosition, wxDefaultSize, 0 ); + DismountAllButton->SetMinSize( wxSize( -1,32 ) ); + + sbSizer42->Add( DismountAllButton, 1, wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP, 2 ); + + + gSizer2->Add( sbSizer42, 1, wxALIGN_CENTER_HORIZONTAL|wxEXPAND, 5 ); + + wxStaticBoxSizer* sbSizer43; + sbSizer43 = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); + + ExitButton = new wxButton( MainPanel, wxID_ANY, _("E&xit"), wxDefaultPosition, wxDefaultSize, 0 ); + ExitButton->SetMinSize( wxSize( -1,32 ) ); + + sbSizer43->Add( ExitButton, 1, wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP, 2 ); + + + gSizer2->Add( sbSizer43, 1, wxALIGN_RIGHT|wxEXPAND, 5 ); + + + LowStaticBoxSizer->Add( gSizer2, 0, wxEXPAND, 5 ); + + + bSizer48->Add( LowStaticBoxSizer, 0, wxEXPAND, 5 ); + + + bSizer2->Add( bSizer48, 1, wxEXPAND, 5 ); + + + MainPanel->SetSizer( bSizer2 ); + MainPanel->Layout(); + bSizer2->Fit( MainPanel ); + bSizer1->Add( MainPanel, 1, wxEXPAND, 0 ); + + + this->SetSizer( bSizer1 ); + this->Layout(); + bSizer1->Fit( this ); + + this->Centre( wxBOTH ); + + // Connect Events + this->Connect( wxEVT_ACTIVATE, wxActivateEventHandler( MainFrameBase::OnActivate ) ); + this->Connect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( MainFrameBase::OnClose ) ); + this->Connect( CreateNewVolumeMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCreateVolumeButtonClick ) ); + this->Connect( MountVolumeMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnMountVolumeMenuItemSelected ) ); + this->Connect( AutoMountDevicesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnMountAllDevicesButtonClick ) ); + this->Connect( DismountVolumeMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDismountVolumeMenuItemSelected ) ); + this->Connect( DismountAllMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDismountAllButtonClick ) ); + this->Connect( ChangePasswordMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnChangePasswordMenuItemSelected ) ); + this->Connect( ChangePkcs5PrfMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnChangePkcs5PrfMenuItemSelected ) ); + this->Connect( ChangeKeyfilesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnChangeKeyfilesMenuItemSelected ) ); + this->Connect( RemoveKeyfilesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnRemoveKeyfilesMenuItemSelected ) ); + this->Connect( VolumePropertiesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnVolumePropertiesButtonClick ) ); + this->Connect( AddToFavoritesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnAddToFavoritesMenuItemSelected ) ); + this->Connect( AddAllMountedToFavoritesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnAddAllMountedToFavoritesMenuItemSelected ) ); + this->Connect( OrganizeFavoritesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnOrganizeFavoritesMenuItemSelected ) ); + this->Connect( MountAllFavoritesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnMountAllFavoritesMenuItemSelected ) ); + this->Connect( BenchmarkMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnBenchmarkMenuItemSelected ) ); + this->Connect( EncryptionTestMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnEncryptionTestMenuItemSelected ) ); + this->Connect( VolumeCreationWizardMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCreateVolumeButtonClick ) ); + this->Connect( BackupVolumeHeadersMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnBackupVolumeHeadersMenuItemSelected ) ); + this->Connect( RestoreVolumeHeaderMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnRestoreVolumeHeaderMenuItemSelected ) ); + this->Connect( CreateKeyfileMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCreateKeyfileMenuItemSelected ) ); + this->Connect( ManageSecurityTokenKeyfilesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnManageSecurityTokenKeyfilesMenuItemSelected ) ); + this->Connect( CloseAllSecurityTokenSessionsMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCloseAllSecurityTokenSessionsMenuItemSelected ) ); + this->Connect( WipeCachedPasswordsMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnWipeCacheButtonClick ) ); + this->Connect( HotkeysMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnHotkeysMenuItemSelected ) ); + this->Connect( DefaultKeyfilesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDefaultKeyfilesMenuItemSelected ) ); + this->Connect( DefaultMountParametersMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDefaultMountParametersMenuItemSelected ) ); + this->Connect( SecurityTokenPreferencesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnSecurityTokenPreferencesMenuItemSelected ) ); + this->Connect( PreferencesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnPreferencesMenuItemSelected ) ); + this->Connect( UserGuideMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnUserGuideMenuItemSelected ) ); + this->Connect( OnlineHelpMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnOnlineHelpMenuItemSelected ) ); + this->Connect( BeginnersTutorialMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnBeginnersTutorialMenuItemSelected ) ); + this->Connect( FaqMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnFaqMenuItemSelected ) ); + this->Connect( WebsiteMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnWebsiteMenuItemSelected ) ); + this->Connect( DownloadsMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDownloadsMenuItemSelected ) ); + this->Connect( NewsMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnNewsMenuItemSelected ) ); + this->Connect( VersionHistoryMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnVersionHistoryMenuItemSelected ) ); + this->Connect( DonateMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDonateMenuItemSelected ) ); + this->Connect( ContactMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnContactMenuItemSelected ) ); + this->Connect( LegalNoticesMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnLegalNoticesMenuItemSelected ) ); + this->Connect( AboutMenuItem->GetId(), wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnAboutMenuItemSelected ) ); + SlotListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_ACTIVATED, wxListEventHandler( MainFrameBase::OnListItemActivated ), NULL, this ); + SlotListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( MainFrameBase::OnListItemDeselected ), NULL, this ); + SlotListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_RIGHT_CLICK, wxListEventHandler( MainFrameBase::OnListItemRightClick ), NULL, this ); + SlotListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( MainFrameBase::OnListItemSelected ), NULL, this ); + CreateVolumeButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnCreateVolumeButtonClick ), NULL, this ); + VolumePropertiesButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnVolumePropertiesButtonClick ), NULL, this ); + WipeCacheButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnWipeCacheButtonClick ), NULL, this ); + LogoBitmap->Connect( wxEVT_LEFT_DOWN, wxMouseEventHandler( MainFrameBase::OnLogoBitmapClick ), NULL, this ); + SelectFileButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnSelectFileButtonClick ), NULL, this ); + NoHistoryCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MainFrameBase::OnNoHistoryCheckBoxClick ), NULL, this ); + VolumeToolsButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnVolumeToolsButtonClick ), NULL, this ); + SelectDeviceButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnSelectDeviceButtonClick ), NULL, this ); + VolumeButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnVolumeButtonClick ), NULL, this ); + MountAllDevicesButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnMountAllDevicesButtonClick ), NULL, this ); + DismountAllButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnDismountAllButtonClick ), NULL, this ); + ExitButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnExitButtonClick ), NULL, this ); +} + +MainFrameBase::~MainFrameBase() +{ + // Disconnect Events + this->Disconnect( wxEVT_ACTIVATE, wxActivateEventHandler( MainFrameBase::OnActivate ) ); + this->Disconnect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( MainFrameBase::OnClose ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCreateVolumeButtonClick ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnMountVolumeMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnMountAllDevicesButtonClick ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDismountVolumeMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDismountAllButtonClick ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnChangePasswordMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnChangePkcs5PrfMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnChangeKeyfilesMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnRemoveKeyfilesMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnVolumePropertiesButtonClick ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnAddToFavoritesMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnAddAllMountedToFavoritesMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnOrganizeFavoritesMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnMountAllFavoritesMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnBenchmarkMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnEncryptionTestMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCreateVolumeButtonClick ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnBackupVolumeHeadersMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnRestoreVolumeHeaderMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCreateKeyfileMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnManageSecurityTokenKeyfilesMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnCloseAllSecurityTokenSessionsMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnWipeCacheButtonClick ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnHotkeysMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDefaultKeyfilesMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDefaultMountParametersMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnSecurityTokenPreferencesMenuItemSelected ) ); + this->Disconnect( wxID_PREFERENCES, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnPreferencesMenuItemSelected ) ); + this->Disconnect( wxID_HELP, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnUserGuideMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnOnlineHelpMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnBeginnersTutorialMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnFaqMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnWebsiteMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDownloadsMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnNewsMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnVersionHistoryMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnDonateMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnContactMenuItemSelected ) ); + this->Disconnect( wxID_ANY, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnLegalNoticesMenuItemSelected ) ); + this->Disconnect( wxID_ABOUT, wxEVT_COMMAND_MENU_SELECTED, wxCommandEventHandler( MainFrameBase::OnAboutMenuItemSelected ) ); + SlotListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_ACTIVATED, wxListEventHandler( MainFrameBase::OnListItemActivated ), NULL, this ); + SlotListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( MainFrameBase::OnListItemDeselected ), NULL, this ); + SlotListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_RIGHT_CLICK, wxListEventHandler( MainFrameBase::OnListItemRightClick ), NULL, this ); + SlotListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( MainFrameBase::OnListItemSelected ), NULL, this ); + CreateVolumeButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnCreateVolumeButtonClick ), NULL, this ); + VolumePropertiesButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnVolumePropertiesButtonClick ), NULL, this ); + WipeCacheButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnWipeCacheButtonClick ), NULL, this ); + LogoBitmap->Disconnect( wxEVT_LEFT_DOWN, wxMouseEventHandler( MainFrameBase::OnLogoBitmapClick ), NULL, this ); + SelectFileButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnSelectFileButtonClick ), NULL, this ); + NoHistoryCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MainFrameBase::OnNoHistoryCheckBoxClick ), NULL, this ); + VolumeToolsButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnVolumeToolsButtonClick ), NULL, this ); + SelectDeviceButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnSelectDeviceButtonClick ), NULL, this ); + VolumeButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnVolumeButtonClick ), NULL, this ); + MountAllDevicesButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnMountAllDevicesButtonClick ), NULL, this ); + DismountAllButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnDismountAllButtonClick ), NULL, this ); + ExitButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MainFrameBase::OnExitButtonClick ), NULL, this ); + +} + +WizardFrameBase::WizardFrameBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxFrame( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxSize( 800,500 ), wxDefaultSize ); + + MainSizer = new wxBoxSizer( wxVERTICAL ); + + MainPanel = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + wxBoxSizer* bSizer63; + bSizer63 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer64; + bSizer64 = new wxBoxSizer( wxVERTICAL ); + + wxStaticBoxSizer* sbSizer27; + sbSizer27 = new wxStaticBoxSizer( new wxStaticBox( MainPanel, wxID_ANY, wxEmptyString ), wxHORIZONTAL ); + + WizardBitmap = new wxStaticBitmap( MainPanel, wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer27->Add( WizardBitmap, 0, wxALL|wxEXPAND, 5 ); + + wxBoxSizer* bSizer66; + bSizer66 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer126; + bSizer126 = new wxBoxSizer( wxHORIZONTAL ); + + PageTitleStaticText = new wxStaticText( MainPanel, wxID_ANY, _("Page Title"), wxDefaultPosition, wxDefaultSize, 0 ); + PageTitleStaticText->Wrap( -1 ); + PageTitleStaticText->SetFont( wxFont( 16, 70, 90, 90, false, wxT("Times New Roman") ) ); + + bSizer126->Add( PageTitleStaticText, 0, wxALL, 5 ); + + + bSizer66->Add( bSizer126, 0, wxLEFT, 5 ); + + PageSizer = new wxBoxSizer( wxVERTICAL ); + + + bSizer66->Add( PageSizer, 1, wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + + sbSizer27->Add( bSizer66, 1, wxEXPAND|wxLEFT, 5 ); + + + bSizer64->Add( sbSizer27, 1, wxEXPAND|wxRIGHT|wxLEFT, 5 ); + + wxBoxSizer* bSizer70; + bSizer70 = new wxBoxSizer( wxHORIZONTAL ); + + + bSizer70->Add( 0, 0, 1, wxEXPAND, 5 ); + + HelpButton = new wxButton( MainPanel, wxID_HELP, _("&Help"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer70->Add( HelpButton, 0, wxALL|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL, 5 ); + + + bSizer70->Add( 0, 0, 0, wxLEFT|wxALIGN_RIGHT, 5 ); + + PreviousButton = new wxButton( MainPanel, wxID_ANY, _("< &Prev"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer70->Add( PreviousButton, 0, wxTOP|wxBOTTOM|wxLEFT|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL, 5 ); + + NextButton = new wxButton( MainPanel, wxID_ANY, _("&Next >"), wxDefaultPosition, wxDefaultSize, 0|wxWANTS_CHARS ); + NextButton->SetDefault(); + bSizer70->Add( NextButton, 0, wxTOP|wxBOTTOM|wxRIGHT|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL, 5 ); + + + bSizer70->Add( 0, 0, 0, wxLEFT|wxALIGN_RIGHT, 5 ); + + CancelButton = new wxButton( MainPanel, wxID_CANCEL, _("Cancel"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer70->Add( CancelButton, 0, wxALL|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL, 5 ); + + + bSizer64->Add( bSizer70, 0, wxEXPAND|wxALIGN_RIGHT|wxALL, 5 ); + + + bSizer63->Add( bSizer64, 1, wxEXPAND, 5 ); + + + MainPanel->SetSizer( bSizer63 ); + MainPanel->Layout(); + bSizer63->Fit( MainPanel ); + MainSizer->Add( MainPanel, 1, wxEXPAND, 5 ); + + + this->SetSizer( MainSizer ); + this->Layout(); + MainSizer->Fit( this ); + + // Connect Events + this->Connect( wxEVT_ACTIVATE, wxActivateEventHandler( WizardFrameBase::OnActivate ) ); + this->Connect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( WizardFrameBase::OnClose ) ); + MainPanel->Connect( wxEVT_MOTION, wxMouseEventHandler( WizardFrameBase::OnMouseMotion ), NULL, this ); + HelpButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnHelpButtonClick ), NULL, this ); + PreviousButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnPreviousButtonClick ), NULL, this ); + NextButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnNextButtonClick ), NULL, this ); + CancelButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnCancelButtonClick ), NULL, this ); +} + +WizardFrameBase::~WizardFrameBase() +{ + // Disconnect Events + this->Disconnect( wxEVT_ACTIVATE, wxActivateEventHandler( WizardFrameBase::OnActivate ) ); + this->Disconnect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( WizardFrameBase::OnClose ) ); + MainPanel->Disconnect( wxEVT_MOTION, wxMouseEventHandler( WizardFrameBase::OnMouseMotion ), NULL, this ); + HelpButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnHelpButtonClick ), NULL, this ); + PreviousButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnPreviousButtonClick ), NULL, this ); + NextButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnNextButtonClick ), NULL, this ); + CancelButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( WizardFrameBase::OnCancelButtonClick ), NULL, this ); + +} + +AboutDialogBase::AboutDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + + wxBoxSizer* bSizer116; + bSizer116 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer117; + bSizer117 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer120; + bSizer120 = new wxBoxSizer( wxVERTICAL ); + + bSizer120->SetMinSize( wxSize( -1,78 ) ); + m_panel14 = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + m_panel14->SetBackgroundColour( wxColour( 10, 108, 206 ) ); + + wxBoxSizer* bSizer121; + bSizer121 = new wxBoxSizer( wxVERTICAL ); + + + bSizer121->Add( 0, 0, 1, wxEXPAND|wxALL, 5 ); + + wxBoxSizer* bSizer122; + bSizer122 = new wxBoxSizer( wxVERTICAL ); + + LogoBitmap = new wxStaticBitmap( m_panel14, wxID_ANY, wxNullBitmap, wxDefaultPosition, wxDefaultSize, 0 ); + bSizer122->Add( LogoBitmap, 0, wxALL, 10 ); + + + bSizer121->Add( bSizer122, 0, wxEXPAND|wxLEFT, 8 ); + + + m_panel14->SetSizer( bSizer121 ); + m_panel14->Layout(); + bSizer121->Fit( m_panel14 ); + bSizer120->Add( m_panel14, 1, wxEXPAND, 5 ); + + + bSizer117->Add( bSizer120, 0, wxEXPAND, 5 ); + + wxBoxSizer* bSizer118; + bSizer118 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer123; + bSizer123 = new wxBoxSizer( wxVERTICAL ); + + VersionStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + VersionStaticText->Wrap( -1 ); + bSizer123->Add( VersionStaticText, 0, wxTOP|wxRIGHT|wxLEFT, 5 ); + + + bSizer123->Add( 0, 0, 0, wxTOP, 3 ); + + CopyrightStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + CopyrightStaticText->Wrap( -1 ); + bSizer123->Add( CopyrightStaticText, 0, wxBOTTOM|wxRIGHT|wxLEFT, 5 ); + + + bSizer123->Add( 0, 0, 0, wxTOP, 3 ); + + WebsiteHyperlink = new wxHyperlinkCtrl( this, wxID_ANY, wxEmptyString, wxT("."), wxDefaultPosition, wxDefaultSize, wxHL_DEFAULT_STYLE ); + + WebsiteHyperlink->SetHoverColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + WebsiteHyperlink->SetNormalColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + WebsiteHyperlink->SetVisitedColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + bSizer123->Add( WebsiteHyperlink, 0, wxALL, 5 ); + + + bSizer118->Add( bSizer123, 1, wxEXPAND|wxLEFT, 5 ); + + + bSizer117->Add( bSizer118, 1, wxALL|wxEXPAND, 15 ); + + m_staticline3 = new wxStaticLine( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLI_HORIZONTAL ); + bSizer117->Add( m_staticline3, 0, wxEXPAND|wxBOTTOM, 5 ); + + CreditsTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_MULTILINE|wxTE_READONLY|wxSUNKEN_BORDER ); + bSizer117->Add( CreditsTextCtrl, 0, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 10 ); + + + bSizer117->Add( 0, 0, 0, wxTOP, 5 ); + + m_staticline4 = new wxStaticLine( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLI_HORIZONTAL ); + bSizer117->Add( m_staticline4, 0, wxEXPAND|wxTOP|wxBOTTOM, 3 ); + + m_staticline5 = new wxStaticLine( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLI_HORIZONTAL ); + bSizer117->Add( m_staticline5, 0, wxEXPAND|wxBOTTOM, 5 ); + + wxBoxSizer* bSizer119; + bSizer119 = new wxBoxSizer( wxHORIZONTAL ); + + + bSizer119->Add( 0, 0, 1, wxEXPAND|wxALL, 5 ); + + wxButton* OKButton; + OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); + OKButton->SetDefault(); + bSizer119->Add( OKButton, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + + bSizer119->Add( 0, 0, 0, wxLEFT, 5 ); + + + bSizer117->Add( bSizer119, 0, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 6 ); + + + bSizer116->Add( bSizer117, 1, wxEXPAND, 5 ); + + + this->SetSizer( bSizer116 ); + this->Layout(); + bSizer116->Fit( this ); + + // Connect Events + WebsiteHyperlink->Connect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( AboutDialogBase::OnWebsiteHyperlinkClick ), NULL, this ); +} + +AboutDialogBase::~AboutDialogBase() +{ + // Disconnect Events + WebsiteHyperlink->Disconnect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( AboutDialogBase::OnWebsiteHyperlinkClick ), NULL, this ); + +} + +BenchmarkDialogBase::BenchmarkDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + + wxBoxSizer* bSizer153; + bSizer153 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer154; + bSizer154 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer155; + bSizer155 = new wxBoxSizer( wxHORIZONTAL ); + + wxStaticText* m_staticText54; + m_staticText54 = new wxStaticText( this, wxID_ANY, _("Buffer Size:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText54->Wrap( -1 ); + bSizer155->Add( m_staticText54, 0, wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + wxArrayString BufferSizeChoiceChoices; + BufferSizeChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, BufferSizeChoiceChoices, 0 ); + BufferSizeChoice->SetSelection( 0 ); + bSizer155->Add( BufferSizeChoice, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + + bSizer154->Add( bSizer155, 0, wxEXPAND, 5 ); + + wxStaticLine* m_staticline6; + m_staticline6 = new wxStaticLine( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLI_HORIZONTAL ); + bSizer154->Add( m_staticline6, 0, wxEXPAND | wxALL, 5 ); + + wxBoxSizer* bSizer156; + bSizer156 = new wxBoxSizer( wxHORIZONTAL ); + + BenchmarkListCtrl = new wxListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxSUNKEN_BORDER ); + bSizer156->Add( BenchmarkListCtrl, 1, wxALL|wxEXPAND, 5 ); + + RightSizer = new wxBoxSizer( wxVERTICAL ); + + BenchmarkButton = new wxButton( this, wxID_OK, _("Benchmark"), wxDefaultPosition, wxDefaultSize, 0 ); + BenchmarkButton->SetDefault(); + RightSizer->Add( BenchmarkButton, 0, wxALL|wxEXPAND, 5 ); + + wxButton* CancelButton; + CancelButton = new wxButton( this, wxID_CANCEL, _("Close"), wxDefaultPosition, wxDefaultSize, 0 ); + RightSizer->Add( CancelButton, 0, wxALL|wxEXPAND, 5 ); + + + RightSizer->Add( 0, 0, 0, wxEXPAND|wxTOP|wxBOTTOM, 5 ); + + BenchmarkNoteStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + BenchmarkNoteStaticText->Wrap( -1 ); + RightSizer->Add( BenchmarkNoteStaticText, 1, wxALL|wxEXPAND, 5 ); + + + bSizer156->Add( RightSizer, 0, wxEXPAND, 5 ); + + + bSizer154->Add( bSizer156, 1, wxEXPAND, 5 ); + + + bSizer153->Add( bSizer154, 1, wxEXPAND|wxALL, 5 ); + + + this->SetSizer( bSizer153 ); + this->Layout(); + bSizer153->Fit( this ); + + // Connect Events + BenchmarkButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( BenchmarkDialogBase::OnBenchmarkButtonClick ), NULL, this ); +} + +BenchmarkDialogBase::~BenchmarkDialogBase() +{ + // Disconnect Events + BenchmarkButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( BenchmarkDialogBase::OnBenchmarkButtonClick ), NULL, this ); + +} + +ChangePasswordDialogBase::ChangePasswordDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + this->SetExtraStyle( GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY ); + + wxBoxSizer* bSizer30; + bSizer30 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer31; + bSizer31 = new wxBoxSizer( wxHORIZONTAL ); + + wxBoxSizer* bSizer32; + bSizer32 = new wxBoxSizer( wxVERTICAL ); + + CurrentSizer = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Current") ), wxVERTICAL ); + + CurrentPasswordPanelSizer = new wxBoxSizer( wxVERTICAL ); + + + CurrentSizer->Add( CurrentPasswordPanelSizer, 0, wxALIGN_LEFT, 5 ); + + + bSizer32->Add( CurrentSizer, 0, wxEXPAND, 5 ); + + NewSizer = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("New") ), wxVERTICAL ); + + NewPasswordPanelSizer = new wxBoxSizer( wxVERTICAL ); + + + NewSizer->Add( NewPasswordPanelSizer, 0, wxALIGN_LEFT, 5 ); + + + bSizer32->Add( NewSizer, 0, wxTOP|wxEXPAND, 5 ); + + + bSizer31->Add( bSizer32, 1, wxEXPAND|wxALL, 5 ); + + wxBoxSizer* bSizer33; + bSizer33 = new wxBoxSizer( wxVERTICAL ); + + OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); + OKButton->SetDefault(); + bSizer33->Add( OKButton, 0, wxALL|wxEXPAND, 5 ); + + CancelButton = new wxButton( this, wxID_CANCEL, _("Cancel"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer33->Add( CancelButton, 0, wxALL|wxEXPAND, 5 ); + + + bSizer31->Add( bSizer33, 0, 0, 5 ); + + + bSizer30->Add( bSizer31, 1, wxEXPAND|wxALL, 5 ); + + + this->SetSizer( bSizer30 ); + this->Layout(); + bSizer30->Fit( this ); + + // Connect Events + OKButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( ChangePasswordDialogBase::OnOKButtonClick ), NULL, this ); +} + +ChangePasswordDialogBase::~ChangePasswordDialogBase() +{ + // Disconnect Events + OKButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( ChangePasswordDialogBase::OnOKButtonClick ), NULL, this ); + +} + +DeviceSelectionDialogBase::DeviceSelectionDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxSize( -1,-1 ), wxDefaultSize ); + this->SetExtraStyle( GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY ); + + wxBoxSizer* bSizer3; + bSizer3 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer4; + bSizer4 = new wxBoxSizer( wxVERTICAL ); + + DeviceListCtrl = new wxListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_SINGLE_SEL|wxLC_VRULES|wxSUNKEN_BORDER ); + bSizer4->Add( DeviceListCtrl, 1, wxALL|wxEXPAND, 5 ); + + StdButtons = new wxStdDialogButtonSizer(); + StdButtonsOK = new wxButton( this, wxID_OK ); + StdButtons->AddButton( StdButtonsOK ); + StdButtonsCancel = new wxButton( this, wxID_CANCEL ); + StdButtons->AddButton( StdButtonsCancel ); + StdButtons->Realize(); + + bSizer4->Add( StdButtons, 0, wxEXPAND|wxALL, 5 ); + + + bSizer3->Add( bSizer4, 1, wxEXPAND|wxALL, 5 ); + + + this->SetSizer( bSizer3 ); + this->Layout(); + bSizer3->Fit( this ); + + this->Centre( wxBOTH ); + + // Connect Events + DeviceListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_ACTIVATED, wxListEventHandler( DeviceSelectionDialogBase::OnListItemActivated ), NULL, this ); + DeviceListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( DeviceSelectionDialogBase::OnListItemDeselected ), NULL, this ); + DeviceListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( DeviceSelectionDialogBase::OnListItemSelected ), NULL, this ); +} + +DeviceSelectionDialogBase::~DeviceSelectionDialogBase() +{ + // Disconnect Events + DeviceListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_ACTIVATED, wxListEventHandler( DeviceSelectionDialogBase::OnListItemActivated ), NULL, this ); + DeviceListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( DeviceSelectionDialogBase::OnListItemDeselected ), NULL, this ); + DeviceListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( DeviceSelectionDialogBase::OnListItemSelected ), NULL, this ); + +} + +EncryptionTestDialogBase::EncryptionTestDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + + wxBoxSizer* bSizer132; + bSizer132 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer133; + bSizer133 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer134; + bSizer134 = new wxBoxSizer( wxHORIZONTAL ); + + wxStaticText* m_staticText41; + m_staticText41 = new wxStaticText( this, wxID_ANY, _("Encryption algorithm:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText41->Wrap( -1 ); + bSizer134->Add( m_staticText41, 0, wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + wxArrayString EncryptionAlgorithmChoiceChoices; + EncryptionAlgorithmChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, EncryptionAlgorithmChoiceChoices, 0 ); + EncryptionAlgorithmChoice->SetSelection( 0 ); + bSizer134->Add( EncryptionAlgorithmChoice, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + XtsModeCheckBox = new wxCheckBox( this, wxID_ANY, _("XTS mode"), wxDefaultPosition, wxDefaultSize, 0 ); + XtsModeCheckBox->SetValue(true); + bSizer134->Add( XtsModeCheckBox, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + + bSizer133->Add( bSizer134, 0, wxALIGN_CENTER_HORIZONTAL, 5 ); + + wxStaticBoxSizer* sbSizer38; + sbSizer38 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Key (hexadecimal)") ), wxVERTICAL ); + + KeyTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + KeyTextCtrl->SetMaxLength( 0 ); + KeyTextCtrl->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier") ) ); + + sbSizer38->Add( KeyTextCtrl, 1, wxALL|wxEXPAND, 5 ); + + wxBoxSizer* bSizer135; + bSizer135 = new wxBoxSizer( wxHORIZONTAL ); + + wxStaticText* m_staticText43; + m_staticText43 = new wxStaticText( this, wxID_ANY, _("Key size:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText43->Wrap( -1 ); + bSizer135->Add( m_staticText43, 0, wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT|wxLEFT, 5 ); + + KeySizeStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + KeySizeStaticText->Wrap( -1 ); + bSizer135->Add( KeySizeStaticText, 0, wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT, 5 ); + + + sbSizer38->Add( bSizer135, 0, wxEXPAND, 5 ); + + + bSizer133->Add( sbSizer38, 0, wxEXPAND|wxALL, 5 ); + + wxStaticBoxSizer* sbSizer39; + sbSizer39 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("XTS mode") ), wxVERTICAL ); + + wxStaticText* m_staticText45; + m_staticText45 = new wxStaticText( this, wxID_ANY, _("Secondary key (hexadecimal)"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText45->Wrap( -1 ); + sbSizer39->Add( m_staticText45, 0, wxTOP|wxRIGHT|wxLEFT, 5 ); + + SecondaryKeyTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + SecondaryKeyTextCtrl->SetMaxLength( 0 ); + SecondaryKeyTextCtrl->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier") ) ); + + sbSizer39->Add( SecondaryKeyTextCtrl, 0, wxEXPAND|wxALL, 5 ); + + wxStaticText* m_staticText46; + m_staticText46 = new wxStaticText( this, wxID_ANY, _("Data unit number (64-bit, data unit size is 512 bytes)"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText46->Wrap( -1 ); + sbSizer39->Add( m_staticText46, 0, wxTOP|wxRIGHT|wxLEFT, 5 ); + + DataUnitNumberTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + DataUnitNumberTextCtrl->SetMaxLength( 0 ); + sbSizer39->Add( DataUnitNumberTextCtrl, 0, wxALL, 5 ); + + wxStaticText* m_staticText47; + m_staticText47 = new wxStaticText( this, wxID_ANY, _("Block number:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText47->Wrap( -1 ); + sbSizer39->Add( m_staticText47, 0, wxTOP|wxRIGHT|wxLEFT, 5 ); + + BlockNumberTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + BlockNumberTextCtrl->SetMaxLength( 0 ); + sbSizer39->Add( BlockNumberTextCtrl, 0, wxALL, 5 ); + + + bSizer133->Add( sbSizer39, 1, wxEXPAND|wxALL, 5 ); + + wxStaticBoxSizer* sbSizer40; + sbSizer40 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Plaintext (hexadecimal)") ), wxVERTICAL ); + + PlainTextTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + PlainTextTextCtrl->SetMaxLength( 0 ); + PlainTextTextCtrl->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier") ) ); + + sbSizer40->Add( PlainTextTextCtrl, 0, wxALL|wxEXPAND, 5 ); + + + bSizer133->Add( sbSizer40, 0, wxEXPAND|wxALL, 5 ); + + wxStaticBoxSizer* sbSizer41; + sbSizer41 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Ciphertext (hexadecimal)") ), wxVERTICAL ); + + CipherTextTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + CipherTextTextCtrl->SetMaxLength( 0 ); + CipherTextTextCtrl->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier") ) ); + + sbSizer41->Add( CipherTextTextCtrl, 0, wxALL|wxEXPAND, 5 ); + + + bSizer133->Add( sbSizer41, 0, wxEXPAND|wxALL, 5 ); + + wxBoxSizer* bSizer136; + bSizer136 = new wxBoxSizer( wxHORIZONTAL ); + + EncryptButton = new wxButton( this, wxID_ANY, _("&Encrypt"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer136->Add( EncryptButton, 0, wxALL, 5 ); + + DecryptButton = new wxButton( this, wxID_ANY, _("&Decrypt"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer136->Add( DecryptButton, 0, wxALL, 5 ); + + AutoTestAllButton = new wxButton( this, wxID_ANY, _("&Auto-Test All"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer136->Add( AutoTestAllButton, 0, wxALL, 5 ); + + ResetButton = new wxButton( this, wxID_ANY, _("&Reset"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer136->Add( ResetButton, 0, wxALL, 5 ); + + CloseButton = new wxButton( this, wxID_CANCEL, _("Close"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer136->Add( CloseButton, 0, wxALL, 5 ); + + + bSizer133->Add( bSizer136, 0, wxEXPAND, 5 ); + + + bSizer132->Add( bSizer133, 1, wxEXPAND|wxALL, 5 ); + + + this->SetSizer( bSizer132 ); + this->Layout(); + bSizer132->Fit( this ); + + // Connect Events + EncryptionAlgorithmChoice->Connect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( EncryptionTestDialogBase::OnEncryptionAlgorithmSelected ), NULL, this ); + XtsModeCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnXtsModeCheckBoxClick ), NULL, this ); + EncryptButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnEncryptButtonClick ), NULL, this ); + DecryptButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnDecryptButtonClick ), NULL, this ); + AutoTestAllButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnAutoTestAllButtonClick ), NULL, this ); + ResetButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnResetButtonClick ), NULL, this ); +} + +EncryptionTestDialogBase::~EncryptionTestDialogBase() +{ + // Disconnect Events + EncryptionAlgorithmChoice->Disconnect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( EncryptionTestDialogBase::OnEncryptionAlgorithmSelected ), NULL, this ); + XtsModeCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnXtsModeCheckBoxClick ), NULL, this ); + EncryptButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnEncryptButtonClick ), NULL, this ); + DecryptButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnDecryptButtonClick ), NULL, this ); + AutoTestAllButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnAutoTestAllButtonClick ), NULL, this ); + ResetButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionTestDialogBase::OnResetButtonClick ), NULL, this ); + +} + +FavoriteVolumesDialogBase::FavoriteVolumesDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + + wxBoxSizer* bSizer57; + bSizer57 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer60; + bSizer60 = new wxBoxSizer( wxHORIZONTAL ); + + wxBoxSizer* bSizer58; + bSizer58 = new wxBoxSizer( wxVERTICAL ); + + FavoritesListCtrl = new wxListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VRULES|wxSUNKEN_BORDER ); + bSizer58->Add( FavoritesListCtrl, 1, wxALL|wxEXPAND, 5 ); + + wxGridSizer* gSizer5; + gSizer5 = new wxGridSizer( 1, 4, 0, 0 ); + + MoveUpButton = new wxButton( this, wxID_ANY, _("Move &Up"), wxDefaultPosition, wxDefaultSize, 0 ); + gSizer5->Add( MoveUpButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxRIGHT, 5 ); + + MoveDownButton = new wxButton( this, wxID_ANY, _("Move &Down"), wxDefaultPosition, wxDefaultSize, 0 ); + gSizer5->Add( MoveDownButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxRIGHT, 5 ); + + RemoveButton = new wxButton( this, wxID_ANY, _("&Remove"), wxDefaultPosition, wxDefaultSize, 0 ); + gSizer5->Add( RemoveButton, 0, wxALIGN_RIGHT|wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + RemoveAllButton = new wxButton( this, wxID_ANY, _("Remove &All"), wxDefaultPosition, wxDefaultSize, 0 ); + gSizer5->Add( RemoveAllButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + + bSizer58->Add( gSizer5, 0, wxEXPAND|wxRIGHT|wxLEFT, 5 ); + + wxFlexGridSizer* fgSizer4; + fgSizer4 = new wxFlexGridSizer( 1, 5, 0, 0 ); + fgSizer4->AddGrowableCol( 2 ); + fgSizer4->SetFlexibleDirection( wxBOTH ); + fgSizer4->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); + + + fgSizer4->Add( 0, 0, 1, wxEXPAND, 5 ); + + + bSizer58->Add( fgSizer4, 0, wxEXPAND, 5 ); + + + bSizer60->Add( bSizer58, 1, wxEXPAND, 5 ); + + wxBoxSizer* bSizer59; + bSizer59 = new wxBoxSizer( wxVERTICAL ); + + OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); + OKButton->SetDefault(); + bSizer59->Add( OKButton, 0, wxALL, 5 ); + + CancelButton = new wxButton( this, wxID_CANCEL, _("Cancel"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer59->Add( CancelButton, 0, wxALL, 5 ); + + + bSizer60->Add( bSizer59, 0, wxEXPAND, 5 ); + + + bSizer57->Add( bSizer60, 1, wxEXPAND|wxALL, 5 ); + + + this->SetSizer( bSizer57 ); + this->Layout(); + bSizer57->Fit( this ); + + // Connect Events + FavoritesListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( FavoriteVolumesDialogBase::OnListItemDeselected ), NULL, this ); + FavoritesListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( FavoriteVolumesDialogBase::OnListItemSelected ), NULL, this ); + MoveUpButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnMoveUpButtonClick ), NULL, this ); + MoveDownButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnMoveDownButtonClick ), NULL, this ); + RemoveButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnRemoveButtonClick ), NULL, this ); + RemoveAllButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnRemoveAllButtonClick ), NULL, this ); + OKButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnOKButtonClick ), NULL, this ); +} + +FavoriteVolumesDialogBase::~FavoriteVolumesDialogBase() +{ + // Disconnect Events + FavoritesListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( FavoriteVolumesDialogBase::OnListItemDeselected ), NULL, this ); + FavoritesListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( FavoriteVolumesDialogBase::OnListItemSelected ), NULL, this ); + MoveUpButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnMoveUpButtonClick ), NULL, this ); + MoveDownButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnMoveDownButtonClick ), NULL, this ); + RemoveButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnRemoveButtonClick ), NULL, this ); + RemoveAllButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnRemoveAllButtonClick ), NULL, this ); + OKButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( FavoriteVolumesDialogBase::OnOKButtonClick ), NULL, this ); + +} + +KeyfilesDialogBase::KeyfilesDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + this->SetExtraStyle( GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY ); + + wxBoxSizer* bSizer26; + bSizer26 = new wxBoxSizer( wxVERTICAL ); + + UpperSizer = new wxBoxSizer( wxHORIZONTAL ); + + PanelSizer = new wxBoxSizer( wxVERTICAL ); + + + UpperSizer->Add( PanelSizer, 1, wxEXPAND, 5 ); + + wxBoxSizer* bSizer22; + bSizer22 = new wxBoxSizer( wxVERTICAL ); + + OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); + OKButton->SetDefault(); + bSizer22->Add( OKButton, 0, wxALL|wxEXPAND, 5 ); + + CancelButton = new wxButton( this, wxID_CANCEL, _("Cancel"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer22->Add( CancelButton, 0, wxALL|wxEXPAND, 5 ); + + WarningStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + WarningStaticText->Wrap( -1 ); + bSizer22->Add( WarningStaticText, 1, wxALL|wxEXPAND, 5 ); + + + UpperSizer->Add( bSizer22, 0, wxEXPAND, 5 ); + + + bSizer26->Add( UpperSizer, 1, wxTOP|wxRIGHT|wxLEFT, 5 ); + + wxBoxSizer* bSizer23; + bSizer23 = new wxBoxSizer( wxVERTICAL ); + + KeyfilesNoteSizer = new wxBoxSizer( wxVERTICAL ); + + wxStaticLine* m_staticline1; + m_staticline1 = new wxStaticLine( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLI_HORIZONTAL ); + KeyfilesNoteSizer->Add( m_staticline1, 0, wxEXPAND | wxALL, 5 ); + + KeyfilesNoteStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + KeyfilesNoteStaticText->Wrap( -1 ); + KeyfilesNoteSizer->Add( KeyfilesNoteStaticText, 0, wxALL|wxEXPAND, 5 ); + + wxStaticLine* m_staticline2; + m_staticline2 = new wxStaticLine( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLI_HORIZONTAL ); + KeyfilesNoteSizer->Add( m_staticline2, 0, wxEXPAND | wxALL, 5 ); + + + bSizer23->Add( KeyfilesNoteSizer, 1, wxEXPAND, 5 ); + + wxFlexGridSizer* fgSizer2; + fgSizer2 = new wxFlexGridSizer( 1, 2, 0, 0 ); + fgSizer2->AddGrowableCol( 0 ); + fgSizer2->SetFlexibleDirection( wxBOTH ); + fgSizer2->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); + + KeyfilesHyperlink = new wxHyperlinkCtrl( this, wxID_ANY, _("More information on keyfiles"), wxEmptyString, wxDefaultPosition, wxDefaultSize, wxHL_DEFAULT_STYLE ); + + KeyfilesHyperlink->SetHoverColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + KeyfilesHyperlink->SetNormalColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + KeyfilesHyperlink->SetVisitedColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + fgSizer2->Add( KeyfilesHyperlink, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + CreateKeyfileButtton = new wxButton( this, wxID_ANY, _("&Generate Random Keyfile..."), wxDefaultPosition, wxDefaultSize, 0 ); + fgSizer2->Add( CreateKeyfileButtton, 0, wxALL, 5 ); + + + bSizer23->Add( fgSizer2, 0, wxEXPAND, 5 ); + + + bSizer26->Add( bSizer23, 0, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 5 ); + + + this->SetSizer( bSizer26 ); + this->Layout(); + bSizer26->Fit( this ); + + // Connect Events + KeyfilesHyperlink->Connect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( KeyfilesDialogBase::OnKeyfilesHyperlinkClick ), NULL, this ); + CreateKeyfileButtton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesDialogBase::OnCreateKeyfileButttonClick ), NULL, this ); +} + +KeyfilesDialogBase::~KeyfilesDialogBase() +{ + // Disconnect Events + KeyfilesHyperlink->Disconnect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( KeyfilesDialogBase::OnKeyfilesHyperlinkClick ), NULL, this ); + CreateKeyfileButtton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesDialogBase::OnCreateKeyfileButttonClick ), NULL, this ); + +} + +KeyfileGeneratorDialogBase::KeyfileGeneratorDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + + MainSizer = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer144; + bSizer144 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer145; + bSizer145 = new wxBoxSizer( wxHORIZONTAL ); + + + bSizer145->Add( 0, 0, 1, wxEXPAND, 5 ); + + wxStaticText* m_staticText49; + m_staticText49 = new wxStaticText( this, wxID_ANY, _("Mixing PRF:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText49->Wrap( -1 ); + bSizer145->Add( m_staticText49, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + wxArrayString HashChoiceChoices; + HashChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, HashChoiceChoices, 0 ); + HashChoice->SetSelection( 0 ); + bSizer145->Add( HashChoice, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + + bSizer145->Add( 0, 0, 1, wxEXPAND, 5 ); + + + bSizer144->Add( bSizer145, 0, wxEXPAND, 5 ); + + wxStaticBoxSizer* sbSizer43; + sbSizer43 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, wxEmptyString ), wxVERTICAL ); + + wxBoxSizer* bSizer147; + bSizer147 = new wxBoxSizer( wxHORIZONTAL ); + + wxStaticText* m_staticText52; + m_staticText52 = new wxStaticText( this, wxID_ANY, _("Random Pool:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText52->Wrap( -1 ); + bSizer147->Add( m_staticText52, 0, wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL, 5 ); + + RandomPoolStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + RandomPoolStaticText->Wrap( -1 ); + RandomPoolStaticText->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier New") ) ); + + bSizer147->Add( RandomPoolStaticText, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + ShowRandomPoolCheckBox = new wxCheckBox( this, wxID_ANY, _("Show"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer147->Add( ShowRandomPoolCheckBox, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + + sbSizer43->Add( bSizer147, 0, wxEXPAND|wxTOP, 5 ); + + + sbSizer43->Add( 0, 0, 1, wxEXPAND, 5 ); + + wxStaticBoxSizer* sbSizer45; + sbSizer45 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Randomness Collected From Mouse Movements") ), wxVERTICAL ); + + CollectedEntropy = new wxGauge( this, wxID_ANY, 2560, wxDefaultPosition, wxDefaultSize, wxGA_HORIZONTAL|wxGA_SMOOTH ); + CollectedEntropy->SetValue( 0 ); + sbSizer45->Add( CollectedEntropy, 1, wxALL|wxEXPAND, 5 ); + + + sbSizer43->Add( sbSizer45, 0, wxBOTTOM|wxEXPAND|wxTOP, 5 ); + + + sbSizer43->Add( 0, 0, 1, wxEXPAND, 5 ); + + MouseStaticText = new wxStaticText( this, wxID_ANY, _("IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile."), wxDefaultPosition, wxDefaultSize, 0 ); + MouseStaticText->Wrap( -1 ); + sbSizer43->Add( MouseStaticText, 0, wxALL|wxALIGN_CENTER_HORIZONTAL, 5 ); + + + sbSizer43->Add( 0, 0, 1, wxEXPAND, 5 ); + + + bSizer144->Add( sbSizer43, 1, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 5 ); + + wxBoxSizer* bSizer162; + bSizer162 = new wxBoxSizer( wxVERTICAL ); + + wxFlexGridSizer* fgSizer8; + fgSizer8 = new wxFlexGridSizer( 3, 3, 0, 0 ); + fgSizer8->AddGrowableCol( 2 ); + fgSizer8->SetFlexibleDirection( wxBOTH ); + fgSizer8->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); + + m_staticText60 = new wxStaticText( this, wxID_ANY, _("Number of keyfiles:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText60->Wrap( -1 ); + fgSizer8->Add( m_staticText60, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); + + NumberOfKeyfiles = new wxSpinCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxSP_ARROW_KEYS, 1, 9999999, 1 ); + fgSizer8->Add( NumberOfKeyfiles, 0, wxALL, 5 ); + + m_panel18 = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + fgSizer8->Add( m_panel18, 1, wxEXPAND | wxALL, 5 ); + + m_staticText63 = new wxStaticText( this, wxID_ANY, _("Keyfiles size (in Bytes):"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText63->Wrap( -1 ); + fgSizer8->Add( m_staticText63, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); + + KeyfilesSize = new wxSpinCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxSP_ARROW_KEYS, 64, 1048576, 64 ); + fgSizer8->Add( KeyfilesSize, 0, wxALL, 5 ); + + RandomSizeCheckBox = new wxCheckBox( this, wxID_ANY, _("Random size (64 <-> 1048576)"), wxDefaultPosition, wxDefaultSize, 0 ); + fgSizer8->Add( RandomSizeCheckBox, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); + + m_staticText65 = new wxStaticText( this, wxID_ANY, _("Keyfiles base name:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText65->Wrap( -1 ); + fgSizer8->Add( m_staticText65, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); + + KeyfilesBaseName = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + fgSizer8->Add( KeyfilesBaseName, 0, wxALL, 5 ); + + m_panel19 = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + fgSizer8->Add( m_panel19, 1, wxEXPAND | wxALL, 5 ); + + + bSizer162->Add( fgSizer8, 1, wxEXPAND, 5 ); + + + bSizer144->Add( bSizer162, 0, wxALL|wxEXPAND, 5 ); + + wxBoxSizer* bSizer146; + bSizer146 = new wxBoxSizer( wxHORIZONTAL ); + + GenerateButton = new wxButton( this, wxID_ANY, _("Generate and Save Keyfile..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer146->Add( GenerateButton, 0, wxALL, 5 ); + + + bSizer146->Add( 0, 0, 1, wxEXPAND, 5 ); + + wxButton* m_button61; + m_button61 = new wxButton( this, wxID_CANCEL, _("Close"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer146->Add( m_button61, 0, wxALL, 5 ); + + + bSizer144->Add( bSizer146, 0, wxEXPAND, 5 ); + + + MainSizer->Add( bSizer144, 1, wxEXPAND|wxALL, 5 ); + + + this->SetSizer( MainSizer ); + this->Layout(); + MainSizer->Fit( this ); + + // Connect Events + this->Connect( wxEVT_MOTION, wxMouseEventHandler( KeyfileGeneratorDialogBase::OnMouseMotion ) ); + HashChoice->Connect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnHashSelected ), NULL, this ); + ShowRandomPoolCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnShowRandomPoolCheckBoxClicked ), NULL, this ); + RandomSizeCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnRandomSizeCheckBoxClicked ), NULL, this ); + GenerateButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnGenerateButtonClick ), NULL, this ); +} + +KeyfileGeneratorDialogBase::~KeyfileGeneratorDialogBase() +{ + // Disconnect Events + this->Disconnect( wxEVT_MOTION, wxMouseEventHandler( KeyfileGeneratorDialogBase::OnMouseMotion ) ); + HashChoice->Disconnect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnHashSelected ), NULL, this ); + ShowRandomPoolCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnShowRandomPoolCheckBoxClicked ), NULL, this ); + RandomSizeCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnRandomSizeCheckBoxClicked ), NULL, this ); + GenerateButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfileGeneratorDialogBase::OnGenerateButtonClick ), NULL, this ); + +} + +LegalNoticesDialogBase::LegalNoticesDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + + wxBoxSizer* bSizer114; + bSizer114 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer115; + bSizer115 = new wxBoxSizer( wxVERTICAL ); + + LegalNoticesTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_MULTILINE|wxTE_READONLY ); + bSizer115->Add( LegalNoticesTextCtrl, 1, wxALL|wxEXPAND, 5 ); + + wxButton* OKButton; + OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); + OKButton->SetDefault(); + bSizer115->Add( OKButton, 0, wxALL|wxALIGN_CENTER_HORIZONTAL, 5 ); + + + bSizer114->Add( bSizer115, 1, wxEXPAND|wxALL, 5 ); + + + this->SetSizer( bSizer114 ); + this->Layout(); + bSizer114->Fit( this ); +} + +LegalNoticesDialogBase::~LegalNoticesDialogBase() +{ +} + +MountOptionsDialogBase::MountOptionsDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + this->SetExtraStyle( GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY ); + + MainSizer = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer19; + bSizer19 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer14; + bSizer14 = new wxBoxSizer( wxHORIZONTAL ); + + PasswordSizer = new wxBoxSizer( wxVERTICAL ); + + + bSizer14->Add( PasswordSizer, 1, wxEXPAND, 5 ); + + wxBoxSizer* bSizer9; + bSizer9 = new wxBoxSizer( wxVERTICAL ); + + OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); + OKButton->SetDefault(); + bSizer9->Add( OKButton, 0, wxALL|wxEXPAND, 5 ); + + CancelButton = new wxButton( this, wxID_CANCEL, _("Cancel"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer9->Add( CancelButton, 0, wxALL|wxEXPAND, 5 ); + + + bSizer9->Add( 0, 0, 1, wxTOP|wxEXPAND, 5 ); + + OptionsButton = new wxButton( this, wxID_ANY, _("Op&tions"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer9->Add( OptionsButton, 0, wxALL|wxEXPAND, 5 ); + + + bSizer14->Add( bSizer9, 0, wxEXPAND, 5 ); + + + bSizer19->Add( bSizer14, 0, wxEXPAND|wxALL, 5 ); + + wxBoxSizer* bSizer6; + bSizer6 = new wxBoxSizer( wxVERTICAL ); + + OptionsPanel = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + OptionsSizer = new wxStaticBoxSizer( new wxStaticBox( OptionsPanel, wxID_ANY, wxEmptyString ), wxVERTICAL ); + + + OptionsSizer->Add( 0, 0, 0, wxTOP, 5 ); + + ReadOnlyCheckBox = new wxCheckBox( OptionsPanel, wxID_ANY, _("Mount volume as &read-only"), wxDefaultPosition, wxDefaultSize, 0 ); + OptionsSizer->Add( ReadOnlyCheckBox, 0, wxALL, 5 ); + + RemovableCheckBox = new wxCheckBox( OptionsPanel, wxID_ANY, _("Mount volume as removable &medium"), wxDefaultPosition, wxDefaultSize, 0 ); + OptionsSizer->Add( RemovableCheckBox, 0, wxALL, 5 ); + + PartitionInSystemEncryptionScopeCheckBox = new wxCheckBox( OptionsPanel, wxID_ANY, _("Mount partition &using system encryption (preboot authentication)"), wxDefaultPosition, wxDefaultSize, 0 ); + OptionsSizer->Add( PartitionInSystemEncryptionScopeCheckBox, 0, wxALL, 5 ); + + ProtectionSizer = new wxStaticBoxSizer( new wxStaticBox( OptionsPanel, wxID_ANY, _("Hidden Volume Protection") ), wxVERTICAL ); + + ProtectionCheckBox = new wxCheckBox( OptionsPanel, wxID_ANY, _("&Protect hidden volume when mounting outer volume"), wxDefaultPosition, wxDefaultSize, 0 ); + ProtectionSizer->Add( ProtectionCheckBox, 0, wxALL, 5 ); + + ProtectionPasswordSizer = new wxBoxSizer( wxVERTICAL ); + + + ProtectionSizer->Add( ProtectionPasswordSizer, 1, wxEXPAND|wxLEFT, 5 ); + + ProtectionHyperlinkCtrl = new wxHyperlinkCtrl( OptionsPanel, wxID_ANY, _("What is hidden volume protection?"), wxEmptyString, wxDefaultPosition, wxDefaultSize, wxHL_DEFAULT_STYLE ); + + ProtectionHyperlinkCtrl->SetHoverColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + ProtectionHyperlinkCtrl->SetNormalColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + ProtectionHyperlinkCtrl->SetVisitedColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + ProtectionSizer->Add( ProtectionHyperlinkCtrl, 0, wxALL, 5 ); + + + OptionsSizer->Add( ProtectionSizer, 1, wxEXPAND|wxALL, 5 ); + + FilesystemSizer = new wxBoxSizer( wxVERTICAL ); + + m_panel8 = new wxPanel( OptionsPanel, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + wxStaticBoxSizer* sbSizer28; + sbSizer28 = new wxStaticBoxSizer( new wxStaticBox( m_panel8, wxID_ANY, _("Filesystem") ), wxVERTICAL ); + + wxBoxSizer* bSizer54; + bSizer54 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer55; + bSizer55 = new wxBoxSizer( wxVERTICAL ); + + NoFilesystemCheckBox = new wxCheckBox( m_panel8, wxID_ANY, _("Do ¬ mount"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer55->Add( NoFilesystemCheckBox, 0, wxTOP|wxRIGHT|wxLEFT, 5 ); + + + bSizer54->Add( bSizer55, 1, wxEXPAND, 5 ); + + FilesystemOptionsSizer = new wxGridBagSizer( 0, 0 ); + FilesystemOptionsSizer->SetFlexibleDirection( wxBOTH ); + FilesystemOptionsSizer->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); + FilesystemOptionsSizer->SetEmptyCellSize( wxSize( 0,0 ) ); + + FilesystemSpacer = new wxBoxSizer( wxVERTICAL ); + + + FilesystemOptionsSizer->Add( FilesystemSpacer, wxGBPosition( 0, 0 ), wxGBSpan( 1, 1 ), wxEXPAND|wxTOP, 5 ); + + MountPointTextCtrlStaticText = new wxStaticText( m_panel8, wxID_ANY, _("Mount at directory:"), wxDefaultPosition, wxDefaultSize, 0 ); + MountPointTextCtrlStaticText->Wrap( -1 ); + FilesystemOptionsSizer->Add( MountPointTextCtrlStaticText, wxGBPosition( 1, 0 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + MountPointTextCtrl = new wxTextCtrl( m_panel8, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + MountPointTextCtrl->SetMaxLength( 0 ); + FilesystemOptionsSizer->Add( MountPointTextCtrl, wxGBPosition( 1, 1 ), wxGBSpan( 1, 1 ), wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND, 5 ); + + MountPointButton = new wxButton( m_panel8, wxID_ANY, _("Se&lect..."), wxDefaultPosition, wxDefaultSize, 0 ); + FilesystemOptionsSizer->Add( MountPointButton, wxGBPosition( 1, 2 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxRIGHT|wxLEFT, 5 ); + + FilesystemOptionsStaticText = new wxStaticText( m_panel8, wxID_ANY, _("Mount options:"), wxDefaultPosition, wxDefaultSize, 0 ); + FilesystemOptionsStaticText->Wrap( -1 ); + FilesystemOptionsSizer->Add( FilesystemOptionsStaticText, wxGBPosition( 2, 0 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxLEFT, 5 ); + + FilesystemOptionsTextCtrl = new wxTextCtrl( m_panel8, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + FilesystemOptionsTextCtrl->SetMaxLength( 0 ); + FilesystemOptionsSizer->Add( FilesystemOptionsTextCtrl, wxGBPosition( 2, 1 ), wxGBSpan( 1, 2 ), wxALIGN_CENTER_VERTICAL|wxEXPAND|wxTOP|wxRIGHT|wxLEFT, 5 ); + + + FilesystemOptionsSizer->AddGrowableCol( 1 ); + + bSizer54->Add( FilesystemOptionsSizer, 0, wxEXPAND, 5 ); + + + sbSizer28->Add( bSizer54, 0, wxEXPAND|wxBOTTOM, 5 ); + + + m_panel8->SetSizer( sbSizer28 ); + m_panel8->Layout(); + sbSizer28->Fit( m_panel8 ); + FilesystemSizer->Add( m_panel8, 0, wxEXPAND | wxALL, 5 ); + + + OptionsSizer->Add( FilesystemSizer, 0, wxEXPAND, 5 ); + + + OptionsPanel->SetSizer( OptionsSizer ); + OptionsPanel->Layout(); + OptionsSizer->Fit( OptionsPanel ); + bSizer6->Add( OptionsPanel, 1, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 5 ); + + + bSizer19->Add( bSizer6, 0, wxEXPAND, 5 ); + + + MainSizer->Add( bSizer19, 1, wxEXPAND, 5 ); + + + this->SetSizer( MainSizer ); + this->Layout(); + MainSizer->Fit( this ); + + this->Centre( wxBOTH ); + + // Connect Events + this->Connect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( MountOptionsDialogBase::OnInitDialog ) ); + OKButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnOKButtonClick ), NULL, this ); + OptionsButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnOptionsButtonClick ), NULL, this ); + ReadOnlyCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnReadOnlyCheckBoxClick ), NULL, this ); + ProtectionCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnProtectionCheckBoxClick ), NULL, this ); + ProtectionHyperlinkCtrl->Connect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( MountOptionsDialogBase::OnProtectionHyperlinkClick ), NULL, this ); + NoFilesystemCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnNoFilesystemCheckBoxClick ), NULL, this ); + MountPointButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnMountPointButtonClick ), NULL, this ); +} + +MountOptionsDialogBase::~MountOptionsDialogBase() +{ + // Disconnect Events + this->Disconnect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( MountOptionsDialogBase::OnInitDialog ) ); + OKButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnOKButtonClick ), NULL, this ); + OptionsButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnOptionsButtonClick ), NULL, this ); + ReadOnlyCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnReadOnlyCheckBoxClick ), NULL, this ); + ProtectionCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnProtectionCheckBoxClick ), NULL, this ); + ProtectionHyperlinkCtrl->Disconnect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( MountOptionsDialogBase::OnProtectionHyperlinkClick ), NULL, this ); + NoFilesystemCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnNoFilesystemCheckBoxClick ), NULL, this ); + MountPointButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( MountOptionsDialogBase::OnMountPointButtonClick ), NULL, this ); + +} + +NewSecurityTokenKeyfileDialogBase::NewSecurityTokenKeyfileDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + + wxBoxSizer* bSizer143; + bSizer143 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer144; + bSizer144 = new wxBoxSizer( wxVERTICAL ); + + wxStaticBoxSizer* sbSizer42; + sbSizer42 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, wxEmptyString ), wxVERTICAL ); + + wxFlexGridSizer* fgSizer7; + fgSizer7 = new wxFlexGridSizer( 2, 2, 0, 0 ); + fgSizer7->SetFlexibleDirection( wxBOTH ); + fgSizer7->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); + + wxStaticText* m_staticText47; + m_staticText47 = new wxStaticText( this, wxID_ANY, _("Security token:"), wxDefaultPosition, wxDefaultSize, wxALIGN_RIGHT ); + m_staticText47->Wrap( -1 ); + fgSizer7->Add( m_staticText47, 0, wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + wxArrayString SecurityTokenChoiceChoices; + SecurityTokenChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, SecurityTokenChoiceChoices, 0 ); + SecurityTokenChoice->SetSelection( 0 ); + fgSizer7->Add( SecurityTokenChoice, 0, wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND, 5 ); + + wxStaticText* m_staticText48; + m_staticText48 = new wxStaticText( this, wxID_ANY, _("Keyfile name:"), wxDefaultPosition, wxDefaultSize, wxALIGN_RIGHT ); + m_staticText48->Wrap( -1 ); + fgSizer7->Add( m_staticText48, 0, wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + KeyfileNameTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + KeyfileNameTextCtrl->SetMaxLength( 0 ); + fgSizer7->Add( KeyfileNameTextCtrl, 0, wxALIGN_CENTER_VERTICAL|wxEXPAND|wxALL, 5 ); + + + sbSizer42->Add( fgSizer7, 1, wxEXPAND|wxTOP, 5 ); + + + bSizer144->Add( sbSizer42, 1, wxEXPAND|wxALL, 5 ); + + StdButtons = new wxStdDialogButtonSizer(); + StdButtonsOK = new wxButton( this, wxID_OK ); + StdButtons->AddButton( StdButtonsOK ); + StdButtonsCancel = new wxButton( this, wxID_CANCEL ); + StdButtons->AddButton( StdButtonsCancel ); + StdButtons->Realize(); + + bSizer144->Add( StdButtons, 0, wxALIGN_RIGHT|wxALL, 5 ); + + + bSizer143->Add( bSizer144, 1, wxEXPAND|wxALL, 5 ); + + + this->SetSizer( bSizer143 ); + this->Layout(); + bSizer143->Fit( this ); + + // Connect Events + KeyfileNameTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( NewSecurityTokenKeyfileDialogBase::OnKeyfileNameChanged ), NULL, this ); +} + +NewSecurityTokenKeyfileDialogBase::~NewSecurityTokenKeyfileDialogBase() +{ + // Disconnect Events + KeyfileNameTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( NewSecurityTokenKeyfileDialogBase::OnKeyfileNameChanged ), NULL, this ); + +} + +PreferencesDialogBase::PreferencesDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + this->SetExtraStyle( GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY ); + + wxBoxSizer* bSizer32; + bSizer32 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer41; + bSizer41 = new wxBoxSizer( wxVERTICAL ); + + PreferencesNotebook = new wxNotebook( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, 0 ); + SecurityPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + wxBoxSizer* bSizer44; + bSizer44 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer33; + bSizer33 = new wxBoxSizer( wxVERTICAL ); + + AutoDismountSizer = new wxStaticBoxSizer( new wxStaticBox( SecurityPage, wxID_ANY, _("Auto-Dismount") ), wxVERTICAL ); + + wxStaticBoxSizer* sbSizer13; + sbSizer13 = new wxStaticBoxSizer( new wxStaticBox( SecurityPage, wxID_ANY, _("Dismount All Volumes When") ), wxVERTICAL ); + + DismountOnLogOffCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("User logs off"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer13->Add( DismountOnLogOffCheckBox, 0, wxALL, 5 ); + + DismountOnScreenSaverCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("Screen saver is launched"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer13->Add( DismountOnScreenSaverCheckBox, 0, wxALL, 5 ); + + DismountOnPowerSavingCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("System is entering power saving mode"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer13->Add( DismountOnPowerSavingCheckBox, 0, wxALL, 5 ); + + + AutoDismountSizer->Add( sbSizer13, 0, wxEXPAND|wxALL, 5 ); + + wxBoxSizer* bSizer34; + bSizer34 = new wxBoxSizer( wxHORIZONTAL ); + + DismountOnInactivityCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("Auto-dismount volume after no data has been read/written to it for"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer34->Add( DismountOnInactivityCheckBox, 0, wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL, 5 ); + + DismountOnInactivitySpinCtrl = new wxSpinCtrl( SecurityPage, wxID_ANY, wxT("1"), wxDefaultPosition, wxSize( -1,-1 ), wxSP_ARROW_KEYS, 1, 9999, 1 ); + DismountOnInactivitySpinCtrl->SetMinSize( wxSize( 60,-1 ) ); + + bSizer34->Add( DismountOnInactivitySpinCtrl, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); + + wxStaticText* m_staticText5; + m_staticText5 = new wxStaticText( SecurityPage, wxID_ANY, _("minutes"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText5->Wrap( -1 ); + bSizer34->Add( m_staticText5, 1, wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxRIGHT, 5 ); + + + AutoDismountSizer->Add( bSizer34, 0, wxEXPAND, 5 ); + + ForceAutoDismountCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("Force auto-dismount even if volume contains open files or directories"), wxDefaultPosition, wxDefaultSize, 0 ); + AutoDismountSizer->Add( ForceAutoDismountCheckBox, 0, wxALL, 5 ); + + + bSizer33->Add( AutoDismountSizer, 0, wxEXPAND|wxALL, 5 ); + + FilesystemSecuritySizer = new wxStaticBoxSizer( new wxStaticBox( SecurityPage, wxID_ANY, _("Filesystem") ), wxVERTICAL ); + + PreserveTimestampsCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("Preserve modification timestamp of file containers"), wxDefaultPosition, wxDefaultSize, 0 ); + FilesystemSecuritySizer->Add( PreserveTimestampsCheckBox, 0, wxALL, 5 ); + + + bSizer33->Add( FilesystemSecuritySizer, 0, wxEXPAND|wxALL, 5 ); + + wxStaticBoxSizer* sbSizer14; + sbSizer14 = new wxStaticBoxSizer( new wxStaticBox( SecurityPage, wxID_ANY, _("Password Cache") ), wxVERTICAL ); + + WipeCacheOnCloseCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("Wipe after VeraCrypt window has been closed"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer14->Add( WipeCacheOnCloseCheckBox, 0, wxALL, 5 ); + + WipeCacheOnAutoDismountCheckBox = new wxCheckBox( SecurityPage, wxID_ANY, _("Wipe after volume has been auto-dismounted"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer14->Add( WipeCacheOnAutoDismountCheckBox, 0, wxALL, 5 ); + + + bSizer33->Add( sbSizer14, 0, wxEXPAND|wxALL, 5 ); + + + bSizer44->Add( bSizer33, 1, wxEXPAND|wxALL, 5 ); + + + SecurityPage->SetSizer( bSizer44 ); + SecurityPage->Layout(); + bSizer44->Fit( SecurityPage ); + PreferencesNotebook->AddPage( SecurityPage, _("Security"), true ); + DefaultMountOptionsPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + wxBoxSizer* bSizer46; + bSizer46 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer35; + bSizer35 = new wxBoxSizer( wxVERTICAL ); + + wxStaticBoxSizer* sbSizer15; + sbSizer15 = new wxStaticBoxSizer( new wxStaticBox( DefaultMountOptionsPage, wxID_ANY, _("Default Mount Options") ), wxVERTICAL ); + + MountReadOnlyCheckBox = new wxCheckBox( DefaultMountOptionsPage, wxID_ANY, _("Mount volumes as read-only"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer15->Add( MountReadOnlyCheckBox, 0, wxALL, 5 ); + + MountRemovableCheckBox = new wxCheckBox( DefaultMountOptionsPage, wxID_ANY, _("Mount volumes as removable media"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer15->Add( MountRemovableCheckBox, 0, wxALL, 5 ); + + CachePasswordsCheckBox = new wxCheckBox( DefaultMountOptionsPage, wxID_ANY, _("Cache passwords in memory"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer15->Add( CachePasswordsCheckBox, 0, wxALL, 5 ); + + TrueCryptModeCheckBox = new wxCheckBox( DefaultMountOptionsPage, wxID_ANY, _("TrueCrypt Mode"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer15->Add( TrueCryptModeCheckBox, 0, wxALL, 5 ); + + wxBoxSizer* bSizer163; + bSizer163 = new wxBoxSizer( wxHORIZONTAL ); + + Pkcs5PrfStaticText = new wxStaticText( DefaultMountOptionsPage, wxID_ANY, _("PKCS5-PRF:"), wxDefaultPosition, wxDefaultSize, 0 ); + Pkcs5PrfStaticText->Wrap( -1 ); + bSizer163->Add( Pkcs5PrfStaticText, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); + + wxArrayString Pkcs5PrfChoiceChoices; + Pkcs5PrfChoice = new wxChoice( DefaultMountOptionsPage, wxID_ANY, wxDefaultPosition, wxDefaultSize, Pkcs5PrfChoiceChoices, 0 ); + Pkcs5PrfChoice->SetSelection( 0 ); + bSizer163->Add( Pkcs5PrfChoice, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); + + + sbSizer15->Add( bSizer163, 0, wxEXPAND, 5 ); + + + bSizer35->Add( sbSizer15, 0, wxEXPAND|wxALL, 5 ); + + FilesystemSizer = new wxStaticBoxSizer( new wxStaticBox( DefaultMountOptionsPage, wxID_ANY, _("Filesystem") ), wxVERTICAL ); + + wxFlexGridSizer* fgSizer3; + fgSizer3 = new wxFlexGridSizer( 1, 2, 0, 0 ); + fgSizer3->AddGrowableCol( 1 ); + fgSizer3->SetFlexibleDirection( wxBOTH ); + fgSizer3->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); + + wxStaticText* m_staticText6; + m_staticText6 = new wxStaticText( DefaultMountOptionsPage, wxID_ANY, _("Mount options:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText6->Wrap( -1 ); + fgSizer3->Add( m_staticText6, 0, wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT, 5 ); + + FilesystemOptionsTextCtrl = new wxTextCtrl( DefaultMountOptionsPage, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + FilesystemOptionsTextCtrl->SetMaxLength( 0 ); + fgSizer3->Add( FilesystemOptionsTextCtrl, 0, wxALL|wxEXPAND|wxALIGN_CENTER_VERTICAL, 5 ); + + + FilesystemSizer->Add( fgSizer3, 1, wxEXPAND, 5 ); + + + bSizer35->Add( FilesystemSizer, 0, wxEXPAND|wxALL, 5 ); + + + bSizer46->Add( bSizer35, 1, wxEXPAND|wxALL, 5 ); + + + DefaultMountOptionsPage->SetSizer( bSizer46 ); + DefaultMountOptionsPage->Layout(); + bSizer46->Fit( DefaultMountOptionsPage ); + PreferencesNotebook->AddPage( DefaultMountOptionsPage, _("Mount Options"), false ); + BackgroundTaskPanel = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + wxBoxSizer* bSizer61; + bSizer61 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer62; + bSizer62 = new wxBoxSizer( wxVERTICAL ); + + wxStaticBoxSizer* sbSizer18; + sbSizer18 = new wxStaticBoxSizer( new wxStaticBox( BackgroundTaskPanel, wxID_ANY, _("VeraCrypt Background Task") ), wxVERTICAL ); + + BackgroundTaskEnabledCheckBox = new wxCheckBox( BackgroundTaskPanel, wxID_ANY, _("Enabled"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer18->Add( BackgroundTaskEnabledCheckBox, 0, wxALL, 5 ); + + CloseBackgroundTaskOnNoVolumesCheckBox = new wxCheckBox( BackgroundTaskPanel, wxID_ANY, _("Exit when there are no mounted volumes"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer18->Add( CloseBackgroundTaskOnNoVolumesCheckBox, 0, wxALL, 5 ); + + wxStaticBoxSizer* sbSizer26; + sbSizer26 = new wxStaticBoxSizer( new wxStaticBox( BackgroundTaskPanel, wxID_ANY, _("Task Icon Menu Items") ), wxVERTICAL ); + + BackgroundTaskMenuMountItemsEnabledCheckBox = new wxCheckBox( BackgroundTaskPanel, wxID_ANY, _("Mount Favorite Volumes"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer26->Add( BackgroundTaskMenuMountItemsEnabledCheckBox, 0, wxALL, 5 ); + + BackgroundTaskMenuOpenItemsEnabledCheckBox = new wxCheckBox( BackgroundTaskPanel, wxID_ANY, _("Open Mounted Volumes"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer26->Add( BackgroundTaskMenuOpenItemsEnabledCheckBox, 0, wxALL, 5 ); + + BackgroundTaskMenuDismountItemsEnabledCheckBox = new wxCheckBox( BackgroundTaskPanel, wxID_ANY, _("Dismount Mounted Volumes"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer26->Add( BackgroundTaskMenuDismountItemsEnabledCheckBox, 0, wxALL, 5 ); + + + sbSizer18->Add( sbSizer26, 1, wxEXPAND|wxALL, 5 ); + + + bSizer62->Add( sbSizer18, 0, wxEXPAND|wxALL, 5 ); + + + bSizer61->Add( bSizer62, 1, wxEXPAND|wxALL, 5 ); + + + BackgroundTaskPanel->SetSizer( bSizer61 ); + BackgroundTaskPanel->Layout(); + bSizer61->Fit( BackgroundTaskPanel ); + PreferencesNotebook->AddPage( BackgroundTaskPanel, _("Background Task"), false ); + SystemIntegrationPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + wxBoxSizer* bSizer49; + bSizer49 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer37; + bSizer37 = new wxBoxSizer( wxVERTICAL ); + + LogOnSizer = new wxStaticBoxSizer( new wxStaticBox( SystemIntegrationPage, wxID_ANY, _("Actions to Perform when User Logs On") ), wxVERTICAL ); + + StartOnLogonCheckBox = new wxCheckBox( SystemIntegrationPage, wxID_ANY, _("Start VeraCrypt Background Task"), wxDefaultPosition, wxDefaultSize, 0 ); + LogOnSizer->Add( StartOnLogonCheckBox, 0, wxALL, 5 ); + + MountFavoritesOnLogonCheckBox = new wxCheckBox( SystemIntegrationPage, wxID_ANY, _("Mount favorite volumes"), wxDefaultPosition, wxDefaultSize, 0 ); + LogOnSizer->Add( MountFavoritesOnLogonCheckBox, 0, wxALL, 5 ); + + MountDevicesOnLogonCheckBox = new wxCheckBox( SystemIntegrationPage, wxID_ANY, _("Mount all device-hosted VeraCrypt volumes"), wxDefaultPosition, wxDefaultSize, 0 ); + LogOnSizer->Add( MountDevicesOnLogonCheckBox, 0, wxALL, 5 ); + + + bSizer37->Add( LogOnSizer, 0, wxALL|wxEXPAND, 5 ); + + ExplorerSizer = new wxStaticBoxSizer( new wxStaticBox( SystemIntegrationPage, wxID_ANY, _("Filesystem Explorer") ), wxVERTICAL ); + + OpenExplorerWindowAfterMountCheckBox = new wxCheckBox( SystemIntegrationPage, wxID_ANY, _("Open Explorer window for successfully mounted volume"), wxDefaultPosition, wxDefaultSize, 0 ); + ExplorerSizer->Add( OpenExplorerWindowAfterMountCheckBox, 0, wxALL, 5 ); + + CloseExplorerWindowsOnDismountCheckBox = new wxCheckBox( SystemIntegrationPage, wxID_ANY, _("Close all Explorer windows of volume being dismounted"), wxDefaultPosition, wxDefaultSize, 0 ); + ExplorerSizer->Add( CloseExplorerWindowsOnDismountCheckBox, 0, wxALL, 5 ); + + + bSizer37->Add( ExplorerSizer, 0, wxEXPAND|wxALL, 5 ); + + KernelServicesSizer = new wxStaticBoxSizer( new wxStaticBox( SystemIntegrationPage, wxID_ANY, _("Kernel Services") ), wxVERTICAL ); + + NoKernelCryptoCheckBox = new wxCheckBox( SystemIntegrationPage, wxID_ANY, _("Do not use kernel cryptographic services"), wxDefaultPosition, wxDefaultSize, 0 ); + KernelServicesSizer->Add( NoKernelCryptoCheckBox, 0, wxALL, 5 ); + + + bSizer37->Add( KernelServicesSizer, 0, wxEXPAND|wxALL, 5 ); + + + bSizer49->Add( bSizer37, 1, wxEXPAND|wxALL, 5 ); + + + SystemIntegrationPage->SetSizer( bSizer49 ); + SystemIntegrationPage->Layout(); + bSizer49->Fit( SystemIntegrationPage ); + PreferencesNotebook->AddPage( SystemIntegrationPage, _("System Integration"), false ); + PerformanceOptionsPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + wxBoxSizer* bSizer151; + bSizer151 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer152; + bSizer152 = new wxBoxSizer( wxVERTICAL ); + + wxStaticBoxSizer* sbSizer44; + sbSizer44 = new wxStaticBoxSizer( new wxStaticBox( PerformanceOptionsPage, wxID_ANY, _("Hardware Acceleration") ), wxVERTICAL ); + + wxBoxSizer* bSizer158; + bSizer158 = new wxBoxSizer( wxHORIZONTAL ); + + wxStaticText* m_staticText57; + m_staticText57 = new wxStaticText( PerformanceOptionsPage, wxID_ANY, _("Processor (CPU) in this computer supports hardware acceleration for AES:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText57->Wrap( -1 ); + bSizer158->Add( m_staticText57, 0, wxALL, 5 ); + + AesHwCpuSupportedStaticText = new wxStaticText( PerformanceOptionsPage, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0|wxSUNKEN_BORDER ); + AesHwCpuSupportedStaticText->Wrap( -1 ); + bSizer158->Add( AesHwCpuSupportedStaticText, 0, wxALL, 5 ); + + + sbSizer44->Add( bSizer158, 1, wxEXPAND, 5 ); + + + sbSizer44->Add( 0, 0, 0, wxBOTTOM, 5 ); + + NoHardwareCryptoCheckBox = new wxCheckBox( PerformanceOptionsPage, wxID_ANY, _("Do not accelerate AES encryption/decryption by using the AES instructions of the processor"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer44->Add( NoHardwareCryptoCheckBox, 0, wxALL, 5 ); + + + bSizer152->Add( sbSizer44, 0, wxEXPAND|wxALL, 5 ); + + + bSizer151->Add( bSizer152, 1, wxALL|wxEXPAND, 5 ); + + + PerformanceOptionsPage->SetSizer( bSizer151 ); + PerformanceOptionsPage->Layout(); + bSizer151->Fit( PerformanceOptionsPage ); + PreferencesNotebook->AddPage( PerformanceOptionsPage, _("Performance"), false ); + DefaultKeyfilesPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + wxBoxSizer* bSizer40; + bSizer40 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer43; + bSizer43 = new wxBoxSizer( wxVERTICAL ); + + wxStaticBoxSizer* bSizer42; + bSizer42 = new wxStaticBoxSizer( new wxStaticBox( DefaultKeyfilesPage, wxID_ANY, _("Default Keyfiles") ), wxVERTICAL ); + + DefaultKeyfilesSizer = new wxBoxSizer( wxVERTICAL ); + + + bSizer42->Add( DefaultKeyfilesSizer, 1, wxEXPAND, 5 ); + + + bSizer43->Add( bSizer42, 1, wxEXPAND|wxALL, 5 ); + + UseKeyfilesCheckBox = new wxCheckBox( DefaultKeyfilesPage, wxID_ANY, _("Use keyfiles by default"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer43->Add( UseKeyfilesCheckBox, 0, wxALL, 5 ); + + + bSizer40->Add( bSizer43, 1, wxEXPAND|wxALL, 5 ); + + + DefaultKeyfilesPage->SetSizer( bSizer40 ); + DefaultKeyfilesPage->Layout(); + bSizer40->Fit( DefaultKeyfilesPage ); + PreferencesNotebook->AddPage( DefaultKeyfilesPage, _("Keyfiles"), false ); + SecurityTokensPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + wxBoxSizer* bSizer127; + bSizer127 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer128; + bSizer128 = new wxBoxSizer( wxVERTICAL ); + + wxStaticBoxSizer* sbSizer36; + sbSizer36 = new wxStaticBoxSizer( new wxStaticBox( SecurityTokensPage, wxID_ANY, _("PKCS #11 Library Path") ), wxVERTICAL ); + + wxBoxSizer* bSizer129; + bSizer129 = new wxBoxSizer( wxHORIZONTAL ); + + Pkcs11ModulePathTextCtrl = new wxTextCtrl( SecurityTokensPage, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + Pkcs11ModulePathTextCtrl->SetMaxLength( 0 ); + bSizer129->Add( Pkcs11ModulePathTextCtrl, 1, wxALL, 5 ); + + SelectPkcs11ModuleButton = new wxButton( SecurityTokensPage, wxID_ANY, _("Select &Library..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer129->Add( SelectPkcs11ModuleButton, 0, wxALL, 5 ); + + + sbSizer36->Add( bSizer129, 1, wxEXPAND, 5 ); + + + bSizer128->Add( sbSizer36, 0, wxEXPAND|wxALL, 5 ); + + wxStaticBoxSizer* sbSizer37; + sbSizer37 = new wxStaticBoxSizer( new wxStaticBox( SecurityTokensPage, wxID_ANY, _("Security Options") ), wxVERTICAL ); + + CloseSecurityTokenSessionsAfterMountCheckBox = new wxCheckBox( SecurityTokensPage, wxID_ANY, _("&Close token session (log out) after a volume is successfully mounted"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer37->Add( CloseSecurityTokenSessionsAfterMountCheckBox, 0, wxALL, 5 ); + + + bSizer128->Add( sbSizer37, 0, wxEXPAND|wxALL, 5 ); + + + bSizer127->Add( bSizer128, 1, wxEXPAND|wxALL, 5 ); + + + SecurityTokensPage->SetSizer( bSizer127 ); + SecurityTokensPage->Layout(); + bSizer127->Fit( SecurityTokensPage ); + PreferencesNotebook->AddPage( SecurityTokensPage, _("Security Tokens"), false ); + HotkeysPage = new wxPanel( PreferencesNotebook, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxTAB_TRAVERSAL ); + wxBoxSizer* bSizer51; + bSizer51 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer38; + bSizer38 = new wxBoxSizer( wxVERTICAL ); + + wxStaticBoxSizer* sbSizer21; + sbSizer21 = new wxStaticBoxSizer( new wxStaticBox( HotkeysPage, wxID_ANY, _("System-Wide Hotkeys") ), wxVERTICAL ); + + HotkeyListCtrl = new wxListCtrl( HotkeysPage, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_SINGLE_SEL|wxLC_VRULES|wxSUNKEN_BORDER ); + sbSizer21->Add( HotkeyListCtrl, 1, wxALL|wxEXPAND, 5 ); + + wxStaticBoxSizer* sbSizer23; + sbSizer23 = new wxStaticBoxSizer( new wxStaticBox( HotkeysPage, wxID_ANY, _("Shortcut") ), wxVERTICAL ); + + wxFlexGridSizer* fgSizer4; + fgSizer4 = new wxFlexGridSizer( 2, 3, 0, 0 ); + fgSizer4->SetFlexibleDirection( wxBOTH ); + fgSizer4->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); + + wxStaticText* m_staticText10; + m_staticText10 = new wxStaticText( HotkeysPage, wxID_ANY, _("Key to assign:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText10->Wrap( -1 ); + fgSizer4->Add( m_staticText10, 0, wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + HotkeyTextCtrl = new wxTextCtrl( HotkeysPage, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + HotkeyTextCtrl->SetMaxLength( 0 ); + fgSizer4->Add( HotkeyTextCtrl, 0, wxALL|wxEXPAND|wxALIGN_CENTER_VERTICAL, 5 ); + + AssignHotkeyButton = new wxButton( HotkeysPage, wxID_ANY, _("Assign"), wxDefaultPosition, wxDefaultSize, 0 ); + fgSizer4->Add( AssignHotkeyButton, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + + fgSizer4->Add( 0, 0, 1, wxEXPAND, 5 ); + + wxGridSizer* gSizer4; + gSizer4 = new wxGridSizer( 1, 4, 0, 0 ); + + HotkeyControlCheckBox = new wxCheckBox( HotkeysPage, wxID_ANY, _("Control"), wxDefaultPosition, wxDefaultSize, 0 ); + gSizer4->Add( HotkeyControlCheckBox, 0, wxALL, 5 ); + + HotkeyShiftCheckBox = new wxCheckBox( HotkeysPage, wxID_ANY, _("Shift"), wxDefaultPosition, wxDefaultSize, 0 ); + gSizer4->Add( HotkeyShiftCheckBox, 0, wxALL, 5 ); + + HotkeyAltCheckBox = new wxCheckBox( HotkeysPage, wxID_ANY, _("Alt"), wxDefaultPosition, wxDefaultSize, 0 ); + gSizer4->Add( HotkeyAltCheckBox, 0, wxALL, 5 ); + + HotkeyWinCheckBox = new wxCheckBox( HotkeysPage, wxID_ANY, _("Win"), wxDefaultPosition, wxDefaultSize, 0 ); + gSizer4->Add( HotkeyWinCheckBox, 0, wxALL, 5 ); + + + fgSizer4->Add( gSizer4, 1, wxEXPAND, 5 ); + + RemoveHotkeyButton = new wxButton( HotkeysPage, wxID_ANY, _("Remove"), wxDefaultPosition, wxDefaultSize, 0 ); + fgSizer4->Add( RemoveHotkeyButton, 1, wxALL, 5 ); + + + sbSizer23->Add( fgSizer4, 1, wxALIGN_RIGHT, 5 ); + + + sbSizer21->Add( sbSizer23, 0, wxEXPAND|wxALL, 5 ); + + wxStaticBoxSizer* sbSizer24; + sbSizer24 = new wxStaticBoxSizer( new wxStaticBox( HotkeysPage, wxID_ANY, _("Options") ), wxVERTICAL ); + + BeepAfterHotkeyMountDismountCheckBox = new wxCheckBox( HotkeysPage, wxID_ANY, _("Play system notification sound after mount/dismount"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer24->Add( BeepAfterHotkeyMountDismountCheckBox, 0, wxALL, 5 ); + + DisplayMessageAfterHotkeyDismountCheckBox = new wxCheckBox( HotkeysPage, wxID_ANY, _("Display confirmation message box after dismount"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer24->Add( DisplayMessageAfterHotkeyDismountCheckBox, 0, wxALL, 5 ); + + + sbSizer21->Add( sbSizer24, 0, wxEXPAND|wxALL, 5 ); + + + bSizer38->Add( sbSizer21, 1, wxEXPAND|wxALL, 5 ); + + + bSizer51->Add( bSizer38, 1, wxEXPAND|wxALL, 5 ); + + + HotkeysPage->SetSizer( bSizer51 ); + HotkeysPage->Layout(); + bSizer51->Fit( HotkeysPage ); + PreferencesNotebook->AddPage( HotkeysPage, _("Hotkeys"), false ); + + bSizer41->Add( PreferencesNotebook, 1, wxEXPAND | wxALL, 5 ); + + StdButtons = new wxStdDialogButtonSizer(); + StdButtonsOK = new wxButton( this, wxID_OK ); + StdButtons->AddButton( StdButtonsOK ); + StdButtonsCancel = new wxButton( this, wxID_CANCEL ); + StdButtons->AddButton( StdButtonsCancel ); + StdButtons->Realize(); + + bSizer41->Add( StdButtons, 0, wxEXPAND|wxALL, 5 ); + + + bSizer32->Add( bSizer41, 1, wxEXPAND|wxALL, 5 ); + + + this->SetSizer( bSizer32 ); + this->Layout(); + bSizer32->Fit( this ); + + // Connect Events + this->Connect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( PreferencesDialogBase::OnClose ) ); + DismountOnScreenSaverCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnDismountOnScreenSaverCheckBoxClick ), NULL, this ); + DismountOnPowerSavingCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnDismountOnPowerSavingCheckBoxClick ), NULL, this ); + ForceAutoDismountCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnForceAutoDismountCheckBoxClick ), NULL, this ); + PreserveTimestampsCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnPreserveTimestampsCheckBoxClick ), NULL, this ); + BackgroundTaskEnabledCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnBackgroundTaskEnabledCheckBoxClick ), NULL, this ); + NoKernelCryptoCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnNoKernelCryptoCheckBoxClick ), NULL, this ); + NoHardwareCryptoCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnNoHardwareCryptoCheckBoxClick ), NULL, this ); + SelectPkcs11ModuleButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnSelectPkcs11ModuleButtonClick ), NULL, this ); + HotkeyListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( PreferencesDialogBase::OnHotkeyListItemDeselected ), NULL, this ); + HotkeyListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( PreferencesDialogBase::OnHotkeyListItemSelected ), NULL, this ); + AssignHotkeyButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnAssignHotkeyButtonClick ), NULL, this ); + RemoveHotkeyButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnRemoveHotkeyButtonClick ), NULL, this ); + StdButtonsCancel->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnCancelButtonClick ), NULL, this ); + StdButtonsOK->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnOKButtonClick ), NULL, this ); +} + +PreferencesDialogBase::~PreferencesDialogBase() +{ + // Disconnect Events + this->Disconnect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( PreferencesDialogBase::OnClose ) ); + DismountOnScreenSaverCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnDismountOnScreenSaverCheckBoxClick ), NULL, this ); + DismountOnPowerSavingCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnDismountOnPowerSavingCheckBoxClick ), NULL, this ); + ForceAutoDismountCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnForceAutoDismountCheckBoxClick ), NULL, this ); + PreserveTimestampsCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnPreserveTimestampsCheckBoxClick ), NULL, this ); + BackgroundTaskEnabledCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnBackgroundTaskEnabledCheckBoxClick ), NULL, this ); + NoKernelCryptoCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnNoKernelCryptoCheckBoxClick ), NULL, this ); + NoHardwareCryptoCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnNoHardwareCryptoCheckBoxClick ), NULL, this ); + SelectPkcs11ModuleButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnSelectPkcs11ModuleButtonClick ), NULL, this ); + HotkeyListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( PreferencesDialogBase::OnHotkeyListItemDeselected ), NULL, this ); + HotkeyListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( PreferencesDialogBase::OnHotkeyListItemSelected ), NULL, this ); + AssignHotkeyButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnAssignHotkeyButtonClick ), NULL, this ); + RemoveHotkeyButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnRemoveHotkeyButtonClick ), NULL, this ); + StdButtonsCancel->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnCancelButtonClick ), NULL, this ); + StdButtonsOK->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( PreferencesDialogBase::OnOKButtonClick ), NULL, this ); + +} + +RandomPoolEnrichmentDialogBase::RandomPoolEnrichmentDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + + MainSizer = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer144; + bSizer144 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer145; + bSizer145 = new wxBoxSizer( wxHORIZONTAL ); + + + bSizer145->Add( 0, 0, 1, wxEXPAND, 5 ); + + wxStaticText* m_staticText49; + m_staticText49 = new wxStaticText( this, wxID_ANY, _("Mixing PRF:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText49->Wrap( -1 ); + bSizer145->Add( m_staticText49, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + wxArrayString HashChoiceChoices; + HashChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, HashChoiceChoices, 0 ); + HashChoice->SetSelection( 0 ); + bSizer145->Add( HashChoice, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + + bSizer145->Add( 0, 0, 1, wxEXPAND, 5 ); + + + bSizer144->Add( bSizer145, 0, wxEXPAND, 5 ); + + wxStaticBoxSizer* sbSizer43; + sbSizer43 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, wxEmptyString ), wxVERTICAL ); + + wxBoxSizer* bSizer147; + bSizer147 = new wxBoxSizer( wxHORIZONTAL ); + + wxStaticText* m_staticText52; + m_staticText52 = new wxStaticText( this, wxID_ANY, _("Random Pool:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText52->Wrap( -1 ); + bSizer147->Add( m_staticText52, 0, wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL, 5 ); + + RandomPoolStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + RandomPoolStaticText->Wrap( -1 ); + RandomPoolStaticText->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier New") ) ); + + bSizer147->Add( RandomPoolStaticText, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + ShowRandomPoolCheckBox = new wxCheckBox( this, wxID_ANY, _("Show"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer147->Add( ShowRandomPoolCheckBox, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + + sbSizer43->Add( bSizer147, 0, wxEXPAND|wxTOP, 5 ); + + + sbSizer43->Add( 0, 0, 1, wxEXPAND, 5 ); + + wxStaticBoxSizer* sbSizer45; + sbSizer45 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Randomness Collected From Mouse Movements") ), wxVERTICAL ); + + CollectedEntropy = new wxGauge( this, wxID_ANY, 2560, wxDefaultPosition, wxDefaultSize, wxGA_HORIZONTAL|wxGA_SMOOTH ); + CollectedEntropy->SetValue( 0 ); + sbSizer45->Add( CollectedEntropy, 0, wxALL|wxEXPAND, 5 ); + + + sbSizer43->Add( sbSizer45, 0, wxBOTTOM|wxEXPAND|wxTOP, 5 ); + + + sbSizer43->Add( 0, 0, 1, wxEXPAND, 5 ); + + MouseStaticText = new wxStaticText( this, wxID_ANY, _("IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'."), wxDefaultPosition, wxDefaultSize, 0 ); + MouseStaticText->Wrap( -1 ); + sbSizer43->Add( MouseStaticText, 0, wxALL|wxALIGN_CENTER_HORIZONTAL, 5 ); + + + sbSizer43->Add( 0, 0, 1, wxEXPAND, 5 ); + + + bSizer144->Add( sbSizer43, 1, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 5 ); + + wxBoxSizer* bSizer146; + bSizer146 = new wxBoxSizer( wxHORIZONTAL ); + + + bSizer146->Add( 0, 0, 1, wxEXPAND, 5 ); + + ContinueButton = new wxButton( this, wxID_OK, _("&Continue"), wxDefaultPosition, wxDefaultSize, 0 ); + ContinueButton->SetDefault(); + bSizer146->Add( ContinueButton, 0, wxALL, 5 ); + + + bSizer146->Add( 0, 0, 1, wxEXPAND, 5 ); + + + bSizer144->Add( bSizer146, 0, wxEXPAND, 5 ); + + + MainSizer->Add( bSizer144, 1, wxEXPAND|wxALL, 5 ); + + + this->SetSizer( MainSizer ); + this->Layout(); + MainSizer->Fit( this ); + + this->Centre( wxBOTH ); + + // Connect Events + this->Connect( wxEVT_MOTION, wxMouseEventHandler( RandomPoolEnrichmentDialogBase::OnMouseMotion ) ); + HashChoice->Connect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( RandomPoolEnrichmentDialogBase::OnHashSelected ), NULL, this ); + ShowRandomPoolCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( RandomPoolEnrichmentDialogBase::OnShowRandomPoolCheckBoxClicked ), NULL, this ); +} + +RandomPoolEnrichmentDialogBase::~RandomPoolEnrichmentDialogBase() +{ + // Disconnect Events + this->Disconnect( wxEVT_MOTION, wxMouseEventHandler( RandomPoolEnrichmentDialogBase::OnMouseMotion ) ); + HashChoice->Disconnect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( RandomPoolEnrichmentDialogBase::OnHashSelected ), NULL, this ); + ShowRandomPoolCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( RandomPoolEnrichmentDialogBase::OnShowRandomPoolCheckBoxClicked ), NULL, this ); + +} + +SecurityTokenKeyfilesDialogBase::SecurityTokenKeyfilesDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxSize( -1,-1 ), wxDefaultSize ); + this->SetExtraStyle( GetExtraStyle() | wxWS_EX_VALIDATE_RECURSIVELY ); + + wxBoxSizer* bSizer3; + bSizer3 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer138; + bSizer138 = new wxBoxSizer( wxHORIZONTAL ); + + wxBoxSizer* bSizer142; + bSizer142 = new wxBoxSizer( wxVERTICAL ); + + SecurityTokenKeyfileListCtrl = new wxListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VRULES|wxSUNKEN_BORDER ); + bSizer142->Add( SecurityTokenKeyfileListCtrl, 1, wxALL|wxEXPAND, 5 ); + + wxBoxSizer* bSizer141; + bSizer141 = new wxBoxSizer( wxHORIZONTAL ); + + ExportButton = new wxButton( this, wxID_ANY, _("&Export..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer141->Add( ExportButton, 0, wxALL, 5 ); + + DeleteButton = new wxButton( this, wxID_ANY, _("&Delete"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer141->Add( DeleteButton, 0, wxALL, 5 ); + + + bSizer141->Add( 0, 0, 1, wxEXPAND|wxLEFT, 5 ); + + ImportButton = new wxButton( this, wxID_ANY, _("&Import Keyfile to Token..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer141->Add( ImportButton, 0, wxALL, 5 ); + + + bSizer142->Add( bSizer141, 0, wxEXPAND, 5 ); + + + bSizer138->Add( bSizer142, 1, wxEXPAND, 5 ); + + wxBoxSizer* bSizer139; + bSizer139 = new wxBoxSizer( wxVERTICAL ); + + OKButton = new wxButton( this, wxID_OK, _("OK"), wxDefaultPosition, wxDefaultSize, 0 ); + OKButton->SetDefault(); + bSizer139->Add( OKButton, 0, wxALL, 5 ); + + CancelButton = new wxButton( this, wxID_CANCEL, _("Cancel"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer139->Add( CancelButton, 0, wxALL, 5 ); + + + bSizer138->Add( bSizer139, 0, wxEXPAND, 5 ); + + + bSizer3->Add( bSizer138, 1, wxEXPAND|wxALL, 5 ); + + + this->SetSizer( bSizer3 ); + this->Layout(); + bSizer3->Fit( this ); + + // Connect Events + SecurityTokenKeyfileListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_ACTIVATED, wxListEventHandler( SecurityTokenKeyfilesDialogBase::OnListItemActivated ), NULL, this ); + SecurityTokenKeyfileListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( SecurityTokenKeyfilesDialogBase::OnListItemDeselected ), NULL, this ); + SecurityTokenKeyfileListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( SecurityTokenKeyfilesDialogBase::OnListItemSelected ), NULL, this ); + ExportButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnExportButtonClick ), NULL, this ); + DeleteButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnDeleteButtonClick ), NULL, this ); + ImportButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnImportButtonClick ), NULL, this ); + OKButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnOKButtonClick ), NULL, this ); +} + +SecurityTokenKeyfilesDialogBase::~SecurityTokenKeyfilesDialogBase() +{ + // Disconnect Events + SecurityTokenKeyfileListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_ACTIVATED, wxListEventHandler( SecurityTokenKeyfilesDialogBase::OnListItemActivated ), NULL, this ); + SecurityTokenKeyfileListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( SecurityTokenKeyfilesDialogBase::OnListItemDeselected ), NULL, this ); + SecurityTokenKeyfileListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( SecurityTokenKeyfilesDialogBase::OnListItemSelected ), NULL, this ); + ExportButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnExportButtonClick ), NULL, this ); + DeleteButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnDeleteButtonClick ), NULL, this ); + ImportButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnImportButtonClick ), NULL, this ); + OKButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SecurityTokenKeyfilesDialogBase::OnOKButtonClick ), NULL, this ); + +} + +VolumePropertiesDialogBase::VolumePropertiesDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + + wxBoxSizer* bSizer49; + bSizer49 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer50; + bSizer50 = new wxBoxSizer( wxVERTICAL ); + + PropertiesListCtrl = new wxListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VRULES|wxSUNKEN_BORDER ); + bSizer50->Add( PropertiesListCtrl, 1, wxALL|wxEXPAND, 5 ); + + StdButtons = new wxStdDialogButtonSizer(); + StdButtonsOK = new wxButton( this, wxID_OK ); + StdButtons->AddButton( StdButtonsOK ); + StdButtons->Realize(); + + bSizer50->Add( StdButtons, 0, wxALL|wxALIGN_CENTER_HORIZONTAL, 5 ); + + + bSizer49->Add( bSizer50, 1, wxEXPAND|wxALL, 5 ); + + + this->SetSizer( bSizer49 ); + this->Layout(); + bSizer49->Fit( this ); +} + +VolumePropertiesDialogBase::~VolumePropertiesDialogBase() +{ +} + +EncryptionOptionsWizardPageBase::EncryptionOptionsWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) +{ + wxBoxSizer* bSizer93; + bSizer93 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer94; + bSizer94 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer95; + bSizer95 = new wxBoxSizer( wxVERTICAL ); + + wxStaticBoxSizer* sbSizer29; + sbSizer29 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Encryption Algorithm") ), wxVERTICAL ); + + wxBoxSizer* bSizer96; + bSizer96 = new wxBoxSizer( wxHORIZONTAL ); + + wxArrayString EncryptionAlgorithmChoiceChoices; + EncryptionAlgorithmChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, EncryptionAlgorithmChoiceChoices, 0 ); + EncryptionAlgorithmChoice->SetSelection( 0 ); + bSizer96->Add( EncryptionAlgorithmChoice, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + TestButton = new wxButton( this, wxID_ANY, _("&Test"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer96->Add( TestButton, 0, wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND, 5 ); + + + sbSizer29->Add( bSizer96, 0, wxEXPAND, 5 ); + + EncryptionAlgorithmStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + EncryptionAlgorithmStaticText->Wrap( -1 ); + sbSizer29->Add( EncryptionAlgorithmStaticText, 1, wxALL|wxEXPAND, 5 ); + + wxBoxSizer* bSizer97; + bSizer97 = new wxBoxSizer( wxHORIZONTAL ); + + EncryptionAlgorithmHyperlink = new wxHyperlinkCtrl( this, wxID_ANY, _("More information"), wxEmptyString, wxDefaultPosition, wxDefaultSize, wxHL_DEFAULT_STYLE ); + + EncryptionAlgorithmHyperlink->SetHoverColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + EncryptionAlgorithmHyperlink->SetNormalColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + EncryptionAlgorithmHyperlink->SetVisitedColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + bSizer97->Add( EncryptionAlgorithmHyperlink, 0, wxALL, 5 ); + + + bSizer97->Add( 0, 0, 1, wxEXPAND, 5 ); + + BenchmarkButton = new wxButton( this, wxID_ANY, _("&Benchmark"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer97->Add( BenchmarkButton, 0, wxALL, 5 ); + + + sbSizer29->Add( bSizer97, 0, wxEXPAND, 5 ); + + + bSizer95->Add( sbSizer29, 1, wxEXPAND|wxALL, 5 ); + + wxStaticBoxSizer* sbSizer30; + sbSizer30 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Hash Algorithm") ), wxHORIZONTAL ); + + wxArrayString HashChoiceChoices; + HashChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, HashChoiceChoices, 0 ); + HashChoice->SetSelection( 0 ); + sbSizer30->Add( HashChoice, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + HashHyperlink = new wxHyperlinkCtrl( this, wxID_ANY, _("Information on hash algorithms"), wxEmptyString, wxDefaultPosition, wxDefaultSize, wxHL_DEFAULT_STYLE ); + + HashHyperlink->SetHoverColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + HashHyperlink->SetNormalColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + HashHyperlink->SetVisitedColour( wxSystemSettings::GetColour( wxSYS_COLOUR_WINDOWTEXT ) ); + sbSizer30->Add( HashHyperlink, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + + bSizer95->Add( sbSizer30, 0, wxEXPAND|wxALL, 5 ); + + + bSizer94->Add( bSizer95, 1, wxEXPAND, 5 ); + + + bSizer93->Add( bSizer94, 1, wxEXPAND, 5 ); + + + this->SetSizer( bSizer93 ); + this->Layout(); + bSizer93->Fit( this ); + + // Connect Events + EncryptionAlgorithmChoice->Connect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( EncryptionOptionsWizardPageBase::OnEncryptionAlgorithmSelected ), NULL, this ); + TestButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionOptionsWizardPageBase::OnTestButtonClick ), NULL, this ); + EncryptionAlgorithmHyperlink->Connect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( EncryptionOptionsWizardPageBase::OnEncryptionAlgorithmHyperlinkClick ), NULL, this ); + BenchmarkButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionOptionsWizardPageBase::OnBenchmarkButtonClick ), NULL, this ); + HashHyperlink->Connect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( EncryptionOptionsWizardPageBase::OnHashHyperlinkClick ), NULL, this ); +} + +EncryptionOptionsWizardPageBase::~EncryptionOptionsWizardPageBase() +{ + // Disconnect Events + EncryptionAlgorithmChoice->Disconnect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( EncryptionOptionsWizardPageBase::OnEncryptionAlgorithmSelected ), NULL, this ); + TestButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionOptionsWizardPageBase::OnTestButtonClick ), NULL, this ); + EncryptionAlgorithmHyperlink->Disconnect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( EncryptionOptionsWizardPageBase::OnEncryptionAlgorithmHyperlinkClick ), NULL, this ); + BenchmarkButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( EncryptionOptionsWizardPageBase::OnBenchmarkButtonClick ), NULL, this ); + HashHyperlink->Disconnect( wxEVT_COMMAND_HYPERLINK, wxHyperlinkEventHandler( EncryptionOptionsWizardPageBase::OnHashHyperlinkClick ), NULL, this ); + +} + +InfoWizardPageBase::InfoWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) +{ + wxBoxSizer* bSizer71; + bSizer71 = new wxBoxSizer( wxVERTICAL ); + + InfoPageSizer = new wxBoxSizer( wxVERTICAL ); + + InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + InfoStaticText->Wrap( -1 ); + InfoPageSizer->Add( InfoStaticText, 1, wxALL|wxEXPAND, 5 ); + + + bSizer71->Add( InfoPageSizer, 1, wxEXPAND, 5 ); + + + this->SetSizer( bSizer71 ); + this->Layout(); + bSizer71->Fit( this ); +} + +InfoWizardPageBase::~InfoWizardPageBase() +{ +} + +KeyfilesPanelBase::KeyfilesPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style ) +{ + this->SetMinSize( wxSize( 500,300 ) ); + + wxBoxSizer* bSizer19; + bSizer19 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer20; + bSizer20 = new wxBoxSizer( wxHORIZONTAL ); + + wxBoxSizer* bSizer21; + bSizer21 = new wxBoxSizer( wxVERTICAL ); + + KeyfilesListCtrl = new wxListCtrl( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxLC_NO_SORT_HEADER|wxLC_REPORT|wxSUNKEN_BORDER ); + bSizer21->Add( KeyfilesListCtrl, 1, wxEXPAND|wxALL, 5 ); + + wxBoxSizer* bSizer137; + bSizer137 = new wxBoxSizer( wxHORIZONTAL ); + + AddFilesButton = new wxButton( this, wxID_ANY, _("Add &Files..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer137->Add( AddFilesButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + AddDirectoryButton = new wxButton( this, wxID_ANY, _("Add &Path..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer137->Add( AddDirectoryButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + AddSecurityTokenSignatureButton = new wxButton( this, wxID_ANY, _("Add &Token Files..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer137->Add( AddSecurityTokenSignatureButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + RemoveButton = new wxButton( this, wxID_ANY, _("&Remove"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer137->Add( RemoveButton, 0, wxEXPAND|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + RemoveAllButton = new wxButton( this, wxID_ANY, _("Remove &All"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer137->Add( RemoveAllButton, 0, wxEXPAND|wxALL, 5 ); + + + bSizer21->Add( bSizer137, 0, wxEXPAND, 5 ); + + + bSizer20->Add( bSizer21, 1, wxEXPAND, 5 ); + + + bSizer19->Add( bSizer20, 1, wxEXPAND, 5 ); + + + this->SetSizer( bSizer19 ); + this->Layout(); + bSizer19->Fit( this ); + + // Connect Events + KeyfilesListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( KeyfilesPanelBase::OnListItemDeselected ), NULL, this ); + KeyfilesListCtrl->Connect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( KeyfilesPanelBase::OnListItemSelected ), NULL, this ); + KeyfilesListCtrl->Connect( wxEVT_SIZE, wxSizeEventHandler( KeyfilesPanelBase::OnListSizeChanged ), NULL, this ); + AddFilesButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnAddFilesButtonClick ), NULL, this ); + AddDirectoryButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnAddDirectoryButtonClick ), NULL, this ); + AddSecurityTokenSignatureButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnAddSecurityTokenSignatureButtonClick ), NULL, this ); + RemoveButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnRemoveButtonClick ), NULL, this ); + RemoveAllButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnRemoveAllButtonClick ), NULL, this ); +} + +KeyfilesPanelBase::~KeyfilesPanelBase() +{ + // Disconnect Events + KeyfilesListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_DESELECTED, wxListEventHandler( KeyfilesPanelBase::OnListItemDeselected ), NULL, this ); + KeyfilesListCtrl->Disconnect( wxEVT_COMMAND_LIST_ITEM_SELECTED, wxListEventHandler( KeyfilesPanelBase::OnListItemSelected ), NULL, this ); + KeyfilesListCtrl->Disconnect( wxEVT_SIZE, wxSizeEventHandler( KeyfilesPanelBase::OnListSizeChanged ), NULL, this ); + AddFilesButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnAddFilesButtonClick ), NULL, this ); + AddDirectoryButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnAddDirectoryButtonClick ), NULL, this ); + AddSecurityTokenSignatureButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnAddSecurityTokenSignatureButtonClick ), NULL, this ); + RemoveButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnRemoveButtonClick ), NULL, this ); + RemoveAllButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( KeyfilesPanelBase::OnRemoveAllButtonClick ), NULL, this ); + +} + +ProgressWizardPageBase::ProgressWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) +{ + wxBoxSizer* bSizer81; + bSizer81 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer82; + bSizer82 = new wxBoxSizer( wxVERTICAL ); + + ProgressSizer = new wxBoxSizer( wxHORIZONTAL ); + + ProgressGauge = new wxGauge( this, wxID_ANY, 100, wxDefaultPosition, wxSize( -1,-1 ), wxGA_HORIZONTAL|wxGA_SMOOTH ); + ProgressGauge->SetValue( 0 ); + ProgressSizer->Add( ProgressGauge, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + AbortButton = new wxButton( this, wxID_ANY, _("&Abort"), wxDefaultPosition, wxDefaultSize, 0 ); + AbortButton->Enable( false ); + + ProgressSizer->Add( AbortButton, 0, wxTOP|wxBOTTOM|wxRIGHT|wxALIGN_CENTER_VERTICAL, 5 ); + + + bSizer82->Add( ProgressSizer, 0, wxEXPAND, 5 ); + + InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + InfoStaticText->Wrap( -1 ); + bSizer82->Add( InfoStaticText, 0, wxALL|wxEXPAND, 5 ); + + + bSizer81->Add( bSizer82, 0, wxEXPAND, 5 ); + + + this->SetSizer( bSizer81 ); + this->Layout(); + bSizer81->Fit( this ); + + // Connect Events + AbortButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( ProgressWizardPageBase::OnAbortButtonClick ), NULL, this ); +} + +ProgressWizardPageBase::~ProgressWizardPageBase() +{ + // Disconnect Events + AbortButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( ProgressWizardPageBase::OnAbortButtonClick ), NULL, this ); + +} + +SelectDirectoryWizardPageBase::SelectDirectoryWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) +{ + this->SetMinSize( wxSize( 200,65 ) ); + + wxBoxSizer* bSizer68; + bSizer68 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer69; + bSizer69 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer70; + bSizer70 = new wxBoxSizer( wxHORIZONTAL ); + + DirectoryTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + DirectoryTextCtrl->SetMaxLength( 0 ); + bSizer70->Add( DirectoryTextCtrl, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + BrowseButton = new wxButton( this, wxID_ANY, _("&Browse..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer70->Add( BrowseButton, 0, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + + bSizer69->Add( bSizer70, 0, wxEXPAND, 5 ); + + InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + InfoStaticText->Wrap( 300 ); + bSizer69->Add( InfoStaticText, 1, wxALL|wxEXPAND, 5 ); + + + bSizer68->Add( bSizer69, 1, wxEXPAND, 5 ); + + + this->SetSizer( bSizer68 ); + this->Layout(); + bSizer68->Fit( this ); + + // Connect Events + DirectoryTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( SelectDirectoryWizardPageBase::OnDirectoryTextChanged ), NULL, this ); + BrowseButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SelectDirectoryWizardPageBase::OnBrowseButtonClick ), NULL, this ); +} + +SelectDirectoryWizardPageBase::~SelectDirectoryWizardPageBase() +{ + // Disconnect Events + DirectoryTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( SelectDirectoryWizardPageBase::OnDirectoryTextChanged ), NULL, this ); + BrowseButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( SelectDirectoryWizardPageBase::OnBrowseButtonClick ), NULL, this ); + +} + +SingleChoiceWizardPageBase::SingleChoiceWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) +{ + wxBoxSizer* bSizer71; + bSizer71 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer77; + bSizer77 = new wxBoxSizer( wxVERTICAL ); + + + bSizer77->Add( 0, 0, 0, wxEXPAND|wxTOP, 5 ); + + OuterChoicesSizer = new wxBoxSizer( wxVERTICAL ); + + ChoicesSizer = new wxBoxSizer( wxVERTICAL ); + + + OuterChoicesSizer->Add( ChoicesSizer, 0, wxEXPAND, 5 ); + + + bSizer77->Add( OuterChoicesSizer, 0, wxEXPAND, 5 ); + + InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + InfoStaticText->Wrap( -1 ); + bSizer77->Add( InfoStaticText, 1, wxALL|wxEXPAND, 5 ); + + + bSizer71->Add( bSizer77, 1, wxEXPAND, 5 ); + + + this->SetSizer( bSizer71 ); + this->Layout(); + bSizer71->Fit( this ); +} + +SingleChoiceWizardPageBase::~SingleChoiceWizardPageBase() +{ +} + +VolumeCreationProgressWizardPageBase::VolumeCreationProgressWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) +{ + wxBoxSizer* bSizer104; + bSizer104 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer105; + bSizer105 = new wxBoxSizer( wxVERTICAL ); + + wxStaticBoxSizer* sbSizer31; + sbSizer31 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, wxEmptyString ), wxVERTICAL ); + + KeySamplesUpperSizer = new wxBoxSizer( wxVERTICAL ); + + KeySamplesUpperInnerSizer = new wxBoxSizer( wxVERTICAL ); + + + KeySamplesUpperSizer->Add( KeySamplesUpperInnerSizer, 1, wxEXPAND|wxTOP, 3 ); + + + sbSizer31->Add( KeySamplesUpperSizer, 1, wxEXPAND, 30 ); + + wxFlexGridSizer* fgSizer5; + fgSizer5 = new wxFlexGridSizer( 3, 2, 0, 0 ); + fgSizer5->SetFlexibleDirection( wxBOTH ); + fgSizer5->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); + + wxStaticText* m_staticText25; + m_staticText25 = new wxStaticText( this, wxID_ANY, _("Random Pool:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText25->Wrap( -1 ); + fgSizer5->Add( m_staticText25, 0, wxALL|wxALIGN_RIGHT|wxALIGN_BOTTOM, 5 ); + + wxBoxSizer* bSizer126; + bSizer126 = new wxBoxSizer( wxHORIZONTAL ); + + RandomPoolSampleStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + RandomPoolSampleStaticText->Wrap( -1 ); + RandomPoolSampleStaticText->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier New") ) ); + + bSizer126->Add( RandomPoolSampleStaticText, 0, wxEXPAND|wxTOP|wxRIGHT|wxALIGN_BOTTOM, 7 ); + + DisplayKeysCheckBox = new wxCheckBox( this, wxID_ANY, _("Show"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer126->Add( DisplayKeysCheckBox, 0, wxEXPAND|wxRIGHT, 5 ); + + + fgSizer5->Add( bSizer126, 1, wxEXPAND|wxALIGN_BOTTOM, 5 ); + + wxStaticText* m_staticText28; + m_staticText28 = new wxStaticText( this, wxID_ANY, _("Header Key:"), wxDefaultPosition, wxSize( -1,-1 ), 0 ); + m_staticText28->Wrap( -1 ); + fgSizer5->Add( m_staticText28, 0, wxALIGN_RIGHT|wxBOTTOM|wxRIGHT|wxLEFT|wxALIGN_BOTTOM, 5 ); + + HeaderKeySampleStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + HeaderKeySampleStaticText->Wrap( -1 ); + HeaderKeySampleStaticText->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier New") ) ); + + fgSizer5->Add( HeaderKeySampleStaticText, 0, wxALIGN_BOTTOM|wxEXPAND|wxTOP|wxRIGHT, 2 ); + + wxStaticText* m_staticText29; + m_staticText29 = new wxStaticText( this, wxID_ANY, _("Master Key:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText29->Wrap( -1 ); + fgSizer5->Add( m_staticText29, 0, wxALIGN_RIGHT|wxBOTTOM|wxRIGHT|wxLEFT|wxALIGN_BOTTOM, 5 ); + + MasterKeySampleStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + MasterKeySampleStaticText->Wrap( -1 ); + MasterKeySampleStaticText->SetFont( wxFont( wxNORMAL_FONT->GetPointSize(), 70, 90, 90, false, wxT("Courier New") ) ); + + fgSizer5->Add( MasterKeySampleStaticText, 0, wxEXPAND|wxALIGN_BOTTOM|wxTOP|wxRIGHT, 2 ); + + + sbSizer31->Add( fgSizer5, 0, wxEXPAND, 5 ); + + + bSizer105->Add( sbSizer31, 0, wxALL|wxEXPAND, 5 ); + + wxStaticBoxSizer* sbSizer45; + sbSizer45 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Randomness Collected From Mouse Movements") ), wxVERTICAL ); + + CollectedEntropy = new wxGauge( this, wxID_ANY, 2560, wxDefaultPosition, wxDefaultSize, wxGA_HORIZONTAL|wxGA_SMOOTH ); + CollectedEntropy->SetValue( 0 ); + sbSizer45->Add( CollectedEntropy, 0, wxALL|wxEXPAND, 5 ); + + + bSizer105->Add( sbSizer45, 0, wxEXPAND|wxLEFT|wxRIGHT, 5 ); + + wxStaticBoxSizer* sbSizer32; + sbSizer32 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, wxEmptyString ), wxVERTICAL ); + + wxBoxSizer* bSizer106; + bSizer106 = new wxBoxSizer( wxHORIZONTAL ); + + ProgressGauge = new wxGauge( this, wxID_ANY, 100, wxDefaultPosition, wxDefaultSize, wxGA_HORIZONTAL|wxGA_SMOOTH ); + bSizer106->Add( ProgressGauge, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + AbortButton = new wxButton( this, wxID_ANY, _("Abort"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer106->Add( AbortButton, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); + + + sbSizer32->Add( bSizer106, 0, wxEXPAND, 5 ); + + wxGridSizer* gSizer6; + gSizer6 = new wxGridSizer( 1, 3, 0, 0 ); + + wxBoxSizer* bSizer108; + bSizer108 = new wxBoxSizer( wxHORIZONTAL ); + + m_staticText31 = new wxStaticText( this, wxID_ANY, _("Done"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText31->Wrap( -1 ); + bSizer108->Add( m_staticText31, 0, wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + m_panel12 = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxSize( -1,-1 ), wxSUNKEN_BORDER ); + wxBoxSizer* bSizer115; + bSizer115 = new wxBoxSizer( wxHORIZONTAL ); + + SizeDoneStaticText = new wxStaticText( m_panel12, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxALIGN_RIGHT|wxST_NO_AUTORESIZE ); + SizeDoneStaticText->Wrap( -1 ); + bSizer115->Add( SizeDoneStaticText, 1, wxALIGN_CENTER_VERTICAL|wxEXPAND|wxALL, 3 ); + + + m_panel12->SetSizer( bSizer115 ); + m_panel12->Layout(); + bSizer115->Fit( m_panel12 ); + bSizer108->Add( m_panel12, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL|wxALL, 5 ); + + + gSizer6->Add( bSizer108, 1, wxALIGN_CENTER_VERTICAL|wxEXPAND, 5 ); + + wxBoxSizer* bSizer1081; + bSizer1081 = new wxBoxSizer( wxHORIZONTAL ); + + m_staticText311 = new wxStaticText( this, wxID_ANY, _("Speed"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText311->Wrap( -1 ); + bSizer1081->Add( m_staticText311, 0, wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + m_panel121 = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxSUNKEN_BORDER ); + wxBoxSizer* bSizer1151; + bSizer1151 = new wxBoxSizer( wxHORIZONTAL ); + + SpeedStaticText = new wxStaticText( m_panel121, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxALIGN_RIGHT|wxST_NO_AUTORESIZE ); + SpeedStaticText->Wrap( -1 ); + bSizer1151->Add( SpeedStaticText, 1, wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND, 3 ); + + + m_panel121->SetSizer( bSizer1151 ); + m_panel121->Layout(); + bSizer1151->Fit( m_panel121 ); + bSizer1081->Add( m_panel121, 1, wxALL|wxEXPAND|wxALIGN_CENTER_VERTICAL, 5 ); + + + gSizer6->Add( bSizer1081, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL|wxALIGN_CENTER_HORIZONTAL, 5 ); + + wxBoxSizer* bSizer1082; + bSizer1082 = new wxBoxSizer( wxHORIZONTAL ); + + m_staticText312 = new wxStaticText( this, wxID_ANY, _("Left"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText312->Wrap( -1 ); + bSizer1082->Add( m_staticText312, 0, wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + m_panel122 = new wxPanel( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, wxSUNKEN_BORDER|wxTAB_TRAVERSAL ); + wxBoxSizer* bSizer1152; + bSizer1152 = new wxBoxSizer( wxHORIZONTAL ); + + TimeLeftStaticText = new wxStaticText( m_panel122, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxALIGN_RIGHT|wxST_NO_AUTORESIZE ); + TimeLeftStaticText->Wrap( -1 ); + bSizer1152->Add( TimeLeftStaticText, 1, wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND, 3 ); + + + m_panel122->SetSizer( bSizer1152 ); + m_panel122->Layout(); + bSizer1152->Fit( m_panel122 ); + bSizer1082->Add( m_panel122, 1, wxALL|wxEXPAND, 5 ); + + + gSizer6->Add( bSizer1082, 1, wxEXPAND|wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT, 5 ); + + + sbSizer32->Add( gSizer6, 0, wxEXPAND|wxTOP, 2 ); + + + bSizer105->Add( sbSizer32, 0, wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT, 5 ); + + InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + InfoStaticText->Wrap( -1 ); + bSizer105->Add( InfoStaticText, 0, wxBOTTOM|wxLEFT|wxRIGHT, 5 ); + + + bSizer104->Add( bSizer105, 1, wxEXPAND, 5 ); + + + this->SetSizer( bSizer104 ); + this->Layout(); + bSizer104->Fit( this ); + + // Connect Events + DisplayKeysCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumeCreationProgressWizardPageBase::OnDisplayKeysCheckBoxClick ), NULL, this ); + AbortButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumeCreationProgressWizardPageBase::OnAbortButtonClick ), NULL, this ); +} + +VolumeCreationProgressWizardPageBase::~VolumeCreationProgressWizardPageBase() +{ + // Disconnect Events + DisplayKeysCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumeCreationProgressWizardPageBase::OnDisplayKeysCheckBoxClick ), NULL, this ); + AbortButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumeCreationProgressWizardPageBase::OnAbortButtonClick ), NULL, this ); + +} + +VolumeLocationWizardPageBase::VolumeLocationWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) +{ + wxBoxSizer* bSizer86; + bSizer86 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer87; + bSizer87 = new wxBoxSizer( wxVERTICAL ); + + + bSizer87->Add( 0, 0, 0, wxEXPAND|wxTOP, 5 ); + + wxBoxSizer* bSizer88; + bSizer88 = new wxBoxSizer( wxHORIZONTAL ); + + wxBoxSizer* bSizer89; + bSizer89 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer126; + bSizer126 = new wxBoxSizer( wxHORIZONTAL ); + + VolumePathComboBox = new wxComboBox( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0, NULL, wxCB_DROPDOWN ); + bSizer126->Add( VolumePathComboBox, 1, wxALL|wxALIGN_CENTER_VERTICAL, 5 ); + + wxBoxSizer* bSizer90; + bSizer90 = new wxBoxSizer( wxVERTICAL ); + + SelectFileButton = new wxButton( this, wxID_ANY, _("Select &File..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer90->Add( SelectFileButton, 0, wxALL|wxEXPAND, 5 ); + + SelectDeviceButton = new wxButton( this, wxID_ANY, _("Select D&evice..."), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer90->Add( SelectDeviceButton, 0, wxALL|wxEXPAND, 5 ); + + + bSizer126->Add( bSizer90, 0, wxALIGN_CENTER_VERTICAL, 5 ); + + + bSizer89->Add( bSizer126, 0, wxEXPAND, 5 ); + + wxBoxSizer* bSizer91; + bSizer91 = new wxBoxSizer( wxHORIZONTAL ); + + + bSizer91->Add( 0, 0, 0, wxLEFT, 5 ); + + NoHistoryCheckBox = new wxCheckBox( this, wxID_ANY, _("&Never save history"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer91->Add( NoHistoryCheckBox, 0, wxALL|wxEXPAND, 5 ); + + + bSizer89->Add( bSizer91, 0, wxEXPAND, 5 ); + + + bSizer88->Add( bSizer89, 1, wxEXPAND, 5 ); + + + bSizer87->Add( bSizer88, 0, wxEXPAND, 5 ); + + + bSizer87->Add( 0, 0, 0, wxEXPAND|wxBOTTOM, 5 ); + + InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + InfoStaticText->Wrap( -1 ); + bSizer87->Add( InfoStaticText, 0, wxALL|wxEXPAND, 5 ); + + + bSizer86->Add( bSizer87, 1, wxEXPAND, 5 ); + + + this->SetSizer( bSizer86 ); + this->Layout(); + bSizer86->Fit( this ); + + // Connect Events + VolumePathComboBox->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnVolumePathTextChanged ), NULL, this ); + SelectFileButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnSelectFileButtonClick ), NULL, this ); + SelectDeviceButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnSelectDeviceButtonClick ), NULL, this ); + NoHistoryCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnNoHistoryCheckBoxClick ), NULL, this ); +} + +VolumeLocationWizardPageBase::~VolumeLocationWizardPageBase() +{ + // Disconnect Events + VolumePathComboBox->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnVolumePathTextChanged ), NULL, this ); + SelectFileButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnSelectFileButtonClick ), NULL, this ); + SelectDeviceButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnSelectDeviceButtonClick ), NULL, this ); + NoHistoryCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumeLocationWizardPageBase::OnNoHistoryCheckBoxClick ), NULL, this ); + +} + +VolumeFormatOptionsWizardPageBase::VolumeFormatOptionsWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) +{ + wxBoxSizer* bSizer124; + bSizer124 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer125; + bSizer125 = new wxBoxSizer( wxVERTICAL ); + + wxStaticBoxSizer* sbSizer33; + sbSizer33 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Filesystem Options") ), wxVERTICAL ); + + wxFlexGridSizer* fgSizer6; + fgSizer6 = new wxFlexGridSizer( 2, 2, 0, 0 ); + fgSizer6->SetFlexibleDirection( wxBOTH ); + fgSizer6->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); + + m_staticText43 = new wxStaticText( this, wxID_ANY, _("Filesystem type:"), wxDefaultPosition, wxDefaultSize, 0 ); + m_staticText43->Wrap( -1 ); + fgSizer6->Add( m_staticText43, 0, wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT, 5 ); + + wxArrayString FilesystemTypeChoiceChoices; + FilesystemTypeChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, FilesystemTypeChoiceChoices, 0 ); + FilesystemTypeChoice->SetSelection( 0 ); + fgSizer6->Add( FilesystemTypeChoice, 0, wxALL, 5 ); + + + sbSizer33->Add( fgSizer6, 1, wxEXPAND, 5 ); + + + bSizer125->Add( sbSizer33, 0, wxEXPAND|wxALL, 5 ); + + wxStaticBoxSizer* sbSizer34; + sbSizer34 = new wxStaticBoxSizer( new wxStaticBox( this, wxID_ANY, _("Volume Format Options") ), wxVERTICAL ); + + QuickFormatCheckBox = new wxCheckBox( this, wxID_ANY, _("Quick format"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer34->Add( QuickFormatCheckBox, 0, wxALL, 5 ); + + + bSizer125->Add( sbSizer34, 0, wxEXPAND|wxALL, 5 ); + + + bSizer125->Add( 0, 0, 1, wxEXPAND|wxTOP|wxBOTTOM, 5 ); + + InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + InfoStaticText->Wrap( -1 ); + bSizer125->Add( InfoStaticText, 0, wxALL, 5 ); + + + bSizer124->Add( bSizer125, 0, wxEXPAND, 5 ); + + + this->SetSizer( bSizer124 ); + this->Layout(); + bSizer124->Fit( this ); + + // Connect Events + FilesystemTypeChoice->Connect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( VolumeFormatOptionsWizardPageBase::OnFilesystemTypeSelected ), NULL, this ); + QuickFormatCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumeFormatOptionsWizardPageBase::OnQuickFormatCheckBoxClick ), NULL, this ); +} + +VolumeFormatOptionsWizardPageBase::~VolumeFormatOptionsWizardPageBase() +{ + // Disconnect Events + FilesystemTypeChoice->Disconnect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( VolumeFormatOptionsWizardPageBase::OnFilesystemTypeSelected ), NULL, this ); + QuickFormatCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumeFormatOptionsWizardPageBase::OnQuickFormatCheckBoxClick ), NULL, this ); + +} + +VolumePasswordPanelBase::VolumePasswordPanelBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : wxPanel( parent, id, pos, size, style ) +{ + wxBoxSizer* bSizer7; + bSizer7 = new wxBoxSizer( wxVERTICAL ); + + GridBagSizer = new wxGridBagSizer( 0, 0 ); + GridBagSizer->SetFlexibleDirection( wxBOTH ); + GridBagSizer->SetNonFlexibleGrowMode( wxFLEX_GROWMODE_SPECIFIED ); + GridBagSizer->SetEmptyCellSize( wxSize( 0,0 ) ); + + PasswordStaticText = new wxStaticText( this, wxID_ANY, _("Password:"), wxDefaultPosition, wxDefaultSize, 0 ); + PasswordStaticText->Wrap( -1 ); + GridBagSizer->Add( PasswordStaticText, wxGBPosition( 1, 0 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxBOTTOM|wxRIGHT, 5 ); + + PasswordTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_PASSWORD ); + PasswordTextCtrl->SetMaxLength( 1 ); + PasswordTextCtrl->SetMinSize( wxSize( 232,-1 ) ); + + GridBagSizer->Add( PasswordTextCtrl, wxGBPosition( 1, 1 ), wxGBSpan( 1, 2 ), wxBOTTOM|wxALIGN_CENTER_VERTICAL|wxEXPAND, 5 ); + + ConfirmPasswordStaticText = new wxStaticText( this, wxID_ANY, _("Confirm password:"), wxDefaultPosition, wxDefaultSize, 0 ); + ConfirmPasswordStaticText->Wrap( -1 ); + GridBagSizer->Add( ConfirmPasswordStaticText, wxGBPosition( 2, 0 ), wxGBSpan( 1, 1 ), wxBOTTOM|wxRIGHT|wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT, 5 ); + + ConfirmPasswordTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_PASSWORD ); + ConfirmPasswordTextCtrl->SetMaxLength( 1 ); + ConfirmPasswordTextCtrl->SetMinSize( wxSize( 232,-1 ) ); + + GridBagSizer->Add( ConfirmPasswordTextCtrl, wxGBPosition( 2, 1 ), wxGBSpan( 1, 2 ), wxBOTTOM|wxALIGN_CENTER_VERTICAL|wxEXPAND, 5 ); + + VolumePimStaticText = new wxStaticText( this, wxID_ANY, _("Volume PIM:"), wxDefaultPosition, wxDefaultSize, 0 ); + VolumePimStaticText->Wrap( -1 ); + GridBagSizer->Add( VolumePimStaticText, wxGBPosition( 3, 0 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxBOTTOM|wxRIGHT, 5 ); + + VolumePimTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_PASSWORD ); + VolumePimTextCtrl->SetMaxLength( 7 ); + GridBagSizer->Add( VolumePimTextCtrl, wxGBPosition( 3, 1 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxEXPAND, 5 ); + + VolumePimHelpStaticText = new wxStaticText( this, wxID_ANY, _("(Empty or 0 for default iterations)"), wxDefaultPosition, wxDefaultSize, 0 ); + VolumePimHelpStaticText->Wrap( -1 ); + GridBagSizer->Add( VolumePimHelpStaticText, wxGBPosition( 3, 2 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxBOTTOM|wxLEFT|wxRIGHT, 5 ); + + PimCheckBox = new wxCheckBox( this, wxID_ANY, _("Use PIM"), wxDefaultPosition, wxDefaultSize, 0 ); + GridBagSizer->Add( PimCheckBox, wxGBPosition( 4, 1 ), wxGBSpan( 1, 2 ), wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL, 5 ); + + CacheCheckBox = new wxCheckBox( this, wxID_ANY, _("Cach&e passwords and keyfiles in memory "), wxDefaultPosition, wxDefaultSize, 0 ); + GridBagSizer->Add( CacheCheckBox, wxGBPosition( 5, 1 ), wxGBSpan( 1, 2 ), wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL, 5 ); + + DisplayPasswordCheckBox = new wxCheckBox( this, wxID_ANY, _("&Display password"), wxDefaultPosition, wxDefaultSize, 0 ); + GridBagSizer->Add( DisplayPasswordCheckBox, wxGBPosition( 6, 1 ), wxGBSpan( 1, 2 ), wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL, 5 ); + + UseKeyfilesCheckBox = new wxCheckBox( this, wxID_ANY, _("U&se keyfiles"), wxDefaultPosition, wxDefaultSize, 0 ); + GridBagSizer->Add( UseKeyfilesCheckBox, wxGBPosition( 7, 1 ), wxGBSpan( 1, 1 ), wxTOP|wxRIGHT|wxLEFT, 5 ); + + KeyfilesButton = new wxButton( this, wxID_ANY, _("&Keyfiles..."), wxDefaultPosition, wxDefaultSize, 0 ); + GridBagSizer->Add( KeyfilesButton, wxGBPosition( 7, 2 ), wxGBSpan( 1, 1 ), wxALIGN_RIGHT|wxALIGN_BOTTOM|wxLEFT, 5 ); + + Pkcs5PrfSizer = new wxBoxSizer( wxVERTICAL ); + + + GridBagSizer->Add( Pkcs5PrfSizer, wxGBPosition( 8, 1 ), wxGBSpan( 1, 1 ), wxEXPAND|wxTOP|wxBOTTOM, 5 ); + + Pkcs5PrfStaticText = new wxStaticText( this, wxID_ANY, _("PKCS-5 PRF:"), wxDefaultPosition, wxDefaultSize, 0 ); + Pkcs5PrfStaticText->Wrap( -1 ); + GridBagSizer->Add( Pkcs5PrfStaticText, wxGBPosition( 9, 0 ), wxGBSpan( 1, 1 ), wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL|wxRIGHT, 5 ); + + wxString Pkcs5PrfChoiceChoices[] = { _("Unchanged") }; + int Pkcs5PrfChoiceNChoices = sizeof( Pkcs5PrfChoiceChoices ) / sizeof( wxString ); + Pkcs5PrfChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, Pkcs5PrfChoiceNChoices, Pkcs5PrfChoiceChoices, 0 ); + Pkcs5PrfChoice->SetSelection( 0 ); + GridBagSizer->Add( Pkcs5PrfChoice, wxGBPosition( 9, 1 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxLEFT, 5 ); + + TrueCryptModeCheckBox = new wxCheckBox( this, wxID_ANY, _("TrueCrypt Mode"), wxDefaultPosition, wxDefaultSize, 0 ); + GridBagSizer->Add( TrueCryptModeCheckBox, wxGBPosition( 9, 2 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxLEFT, 5 ); + + HeaderWipeCountText = new wxStaticText( this, wxID_ANY, _("Header Wipe:"), wxDefaultPosition, wxDefaultSize, 0 ); + HeaderWipeCountText->Wrap( -1 ); + GridBagSizer->Add( HeaderWipeCountText, wxGBPosition( 10, 0 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxRIGHT, 5 ); + + wxString HeaderWipeCountChoices[] = { _("1-pass"), _("3-pass"), _("7-pass"), _("35-pass"), _("256-pass") }; + int HeaderWipeCountNChoices = sizeof( HeaderWipeCountChoices ) / sizeof( wxString ); + HeaderWipeCount = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, HeaderWipeCountNChoices, HeaderWipeCountChoices, 0 ); + HeaderWipeCount->SetSelection( 1 ); + GridBagSizer->Add( HeaderWipeCount, wxGBPosition( 10, 1 ), wxGBSpan( 1, 1 ), wxALL, 5 ); + + PasswordPlaceholderSizer = new wxBoxSizer( wxVERTICAL ); + + + GridBagSizer->Add( PasswordPlaceholderSizer, wxGBPosition( 11, 1 ), wxGBSpan( 1, 2 ), wxTOP|wxEXPAND, 5 ); + + + GridBagSizer->AddGrowableCol( 1 ); + + bSizer7->Add( GridBagSizer, 1, wxALL|wxEXPAND, 5 ); + + + this->SetSizer( bSizer7 ); + this->Layout(); + bSizer7->Fit( this ); + + // Connect Events + PasswordTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePasswordPanelBase::OnTextChanged ), NULL, this ); + ConfirmPasswordTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePasswordPanelBase::OnTextChanged ), NULL, this ); + VolumePimTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePasswordPanelBase::OnPimChanged ), NULL, this ); + PimCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnUsePimCheckBoxClick ), NULL, this ); + DisplayPasswordCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnDisplayPasswordCheckBoxClick ), NULL, this ); + UseKeyfilesCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnUseKeyfilesCheckBoxClick ), NULL, this ); + KeyfilesButton->Connect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnKeyfilesButtonClick ), NULL, this ); + KeyfilesButton->Connect( wxEVT_RIGHT_DOWN, wxMouseEventHandler( VolumePasswordPanelBase::OnKeyfilesButtonRightDown ), NULL, this ); + KeyfilesButton->Connect( wxEVT_RIGHT_UP, wxMouseEventHandler( VolumePasswordPanelBase::OnKeyfilesButtonRightClick ), NULL, this ); + TrueCryptModeCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnTrueCryptModeChecked ), NULL, this ); +} + +VolumePasswordPanelBase::~VolumePasswordPanelBase() +{ + // Disconnect Events + PasswordTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePasswordPanelBase::OnTextChanged ), NULL, this ); + ConfirmPasswordTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePasswordPanelBase::OnTextChanged ), NULL, this ); + VolumePimTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePasswordPanelBase::OnPimChanged ), NULL, this ); + PimCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnUsePimCheckBoxClick ), NULL, this ); + DisplayPasswordCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnDisplayPasswordCheckBoxClick ), NULL, this ); + UseKeyfilesCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnUseKeyfilesCheckBoxClick ), NULL, this ); + KeyfilesButton->Disconnect( wxEVT_COMMAND_BUTTON_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnKeyfilesButtonClick ), NULL, this ); + KeyfilesButton->Disconnect( wxEVT_RIGHT_DOWN, wxMouseEventHandler( VolumePasswordPanelBase::OnKeyfilesButtonRightDown ), NULL, this ); + KeyfilesButton->Disconnect( wxEVT_RIGHT_UP, wxMouseEventHandler( VolumePasswordPanelBase::OnKeyfilesButtonRightClick ), NULL, this ); + TrueCryptModeCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePasswordPanelBase::OnTrueCryptModeChecked ), NULL, this ); + +} + +VolumePasswordWizardPageBase::VolumePasswordWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) +{ + wxBoxSizer* bSizer101; + bSizer101 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer102; + bSizer102 = new wxBoxSizer( wxVERTICAL ); + + PasswordPanelSizer = new wxBoxSizer( wxVERTICAL ); + + + bSizer102->Add( PasswordPanelSizer, 0, wxEXPAND, 5 ); + + InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + InfoStaticText->Wrap( -1 ); + bSizer102->Add( InfoStaticText, 0, wxALL|wxEXPAND, 5 ); + + + bSizer101->Add( bSizer102, 1, wxEXPAND, 5 ); + + + this->SetSizer( bSizer101 ); + this->Layout(); + bSizer101->Fit( this ); +} + +VolumePasswordWizardPageBase::~VolumePasswordWizardPageBase() +{ +} + +VolumePimWizardPageBase::VolumePimWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) +{ + wxBoxSizer* bSizer101; + bSizer101 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer102; + bSizer102 = new wxBoxSizer( wxVERTICAL ); + + PimPanelSizer = new wxBoxSizer( wxVERTICAL ); + + PimSizer = new wxBoxSizer( wxHORIZONTAL ); + + VolumePimStaticText = new wxStaticText( this, wxID_ANY, _("Volume PIM:"), wxDefaultPosition, wxDefaultSize, 0 ); + VolumePimStaticText->Wrap( -1 ); + PimSizer->Add( VolumePimStaticText, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); + + VolumePimTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_PASSWORD ); + VolumePimTextCtrl->SetMaxLength( 7 ); + PimSizer->Add( VolumePimTextCtrl, 0, wxALL, 5 ); + + VolumePimHelpStaticText = new wxStaticText( this, wxID_ANY, _("(Empty or 0 for default iterations)"), wxDefaultPosition, wxDefaultSize, 0 ); + VolumePimHelpStaticText->Wrap( -1 ); + PimSizer->Add( VolumePimHelpStaticText, 1, wxALIGN_CENTER_VERTICAL|wxALL, 5 ); + + + PimPanelSizer->Add( PimSizer, 1, wxEXPAND, 5 ); + + wxBoxSizer* bSizer166; + bSizer166 = new wxBoxSizer( wxHORIZONTAL ); + + DisplayPimCheckBox = new wxCheckBox( this, wxID_ANY, _("&Display PIM"), wxDefaultPosition, wxDefaultSize, 0 ); + bSizer166->Add( DisplayPimCheckBox, 1, wxALL|wxEXPAND, 5 ); + + + PimPanelSizer->Add( bSizer166, 1, wxEXPAND, 5 ); + + + bSizer102->Add( PimPanelSizer, 0, wxEXPAND, 5 ); + + InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + InfoStaticText->Wrap( -1 ); + bSizer102->Add( InfoStaticText, 0, wxALL|wxEXPAND, 5 ); + + + bSizer101->Add( bSizer102, 1, wxEXPAND, 5 ); + + + this->SetSizer( bSizer101 ); + this->Layout(); + bSizer101->Fit( this ); + + // Connect Events + VolumePimTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePimWizardPageBase::OnPimChanged ), NULL, this ); + DisplayPimCheckBox->Connect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePimWizardPageBase::OnDisplayPimCheckBoxClick ), NULL, this ); +} + +VolumePimWizardPageBase::~VolumePimWizardPageBase() +{ + // Disconnect Events + VolumePimTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumePimWizardPageBase::OnPimChanged ), NULL, this ); + DisplayPimCheckBox->Disconnect( wxEVT_COMMAND_CHECKBOX_CLICKED, wxCommandEventHandler( VolumePimWizardPageBase::OnDisplayPimCheckBoxClick ), NULL, this ); + +} + +VolumeSizeWizardPageBase::VolumeSizeWizardPageBase( wxWindow* parent, wxWindowID id, const wxPoint& pos, const wxSize& size, long style ) : WizardPage( parent, id, pos, size, style ) +{ + wxBoxSizer* bSizer98; + bSizer98 = new wxBoxSizer( wxVERTICAL ); + + wxBoxSizer* bSizer99; + bSizer99 = new wxBoxSizer( wxVERTICAL ); + + + bSizer99->Add( 0, 0, 0, wxEXPAND|wxTOP|wxBOTTOM, 5 ); + + wxBoxSizer* bSizer100; + bSizer100 = new wxBoxSizer( wxHORIZONTAL ); + + VolumeSizeTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + VolumeSizeTextCtrl->SetMaxLength( 0 ); + bSizer100->Add( VolumeSizeTextCtrl, 0, wxALL, 5 ); + + wxArrayString VolumeSizePrefixChoiceChoices; + VolumeSizePrefixChoice = new wxChoice( this, wxID_ANY, wxDefaultPosition, wxDefaultSize, VolumeSizePrefixChoiceChoices, 0 ); + VolumeSizePrefixChoice->SetSelection( 0 ); + bSizer100->Add( VolumeSizePrefixChoice, 0, wxALL, 5 ); + + + bSizer99->Add( bSizer100, 0, wxEXPAND, 5 ); + + + bSizer99->Add( 0, 0, 0, wxEXPAND|wxTOP|wxBOTTOM, 5 ); + + FreeSpaceStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + FreeSpaceStaticText->Wrap( -1 ); + bSizer99->Add( FreeSpaceStaticText, 0, wxALL|wxEXPAND, 5 ); + + + bSizer99->Add( 0, 0, 0, wxEXPAND|wxTOP|wxBOTTOM, 5 ); + + InfoStaticText = new wxStaticText( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, 0 ); + InfoStaticText->Wrap( -1 ); + bSizer99->Add( InfoStaticText, 0, wxALL|wxEXPAND, 5 ); + + + bSizer98->Add( bSizer99, 0, wxEXPAND, 5 ); + + + this->SetSizer( bSizer98 ); + this->Layout(); + bSizer98->Fit( this ); + + // Connect Events + VolumeSizeTextCtrl->Connect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumeSizeWizardPageBase::OnVolumeSizeTextChanged ), NULL, this ); + VolumeSizePrefixChoice->Connect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( VolumeSizeWizardPageBase::OnVolumeSizePrefixSelected ), NULL, this ); +} + +VolumeSizeWizardPageBase::~VolumeSizeWizardPageBase() +{ + // Disconnect Events + VolumeSizeTextCtrl->Disconnect( wxEVT_COMMAND_TEXT_UPDATED, wxCommandEventHandler( VolumeSizeWizardPageBase::OnVolumeSizeTextChanged ), NULL, this ); + VolumeSizePrefixChoice->Disconnect( wxEVT_COMMAND_CHOICE_SELECTED, wxCommandEventHandler( VolumeSizeWizardPageBase::OnVolumeSizePrefixSelected ), NULL, this ); + +} + +WaitDialogBase::WaitDialogBase( wxWindow* parent, wxWindowID id, const wxString& title, const wxPoint& pos, const wxSize& size, long style ) : wxDialog( parent, id, title, pos, size, style ) +{ + this->SetSizeHints( wxDefaultSize, wxDefaultSize ); + + wxBoxSizer* bSizer160; + bSizer160 = new wxBoxSizer( wxVERTICAL ); + + WaitStaticText = new wxStaticText( this, wxID_ANY, _("MyLabel"), wxDefaultPosition, wxDefaultSize, wxALIGN_CENTRE ); + WaitStaticText->Wrap( -1 ); + bSizer160->Add( WaitStaticText, 0, wxALIGN_CENTER_HORIZONTAL|wxALL|wxEXPAND, 5 ); + + WaitProgessBar = new wxGauge( this, wxID_ANY, 100, wxDefaultPosition, wxDefaultSize, wxGA_HORIZONTAL|wxGA_SMOOTH ); + WaitProgessBar->SetValue( 0 ); + bSizer160->Add( WaitProgessBar, 0, wxALL|wxEXPAND, 5 ); + + + this->SetSizer( bSizer160 ); + this->Layout(); + bSizer160->Fit( this ); + + this->Centre( wxBOTH ); + + // Connect Events + this->Connect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( WaitDialogBase::OnWaitDialogClose ) ); + this->Connect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( WaitDialogBase::OnWaitDialogInit ) ); +} + +WaitDialogBase::~WaitDialogBase() +{ + // Disconnect Events + this->Disconnect( wxEVT_CLOSE_WINDOW, wxCloseEventHandler( WaitDialogBase::OnWaitDialogClose ) ); + this->Disconnect( wxEVT_INIT_DIALOG, wxInitDialogEventHandler( WaitDialogBase::OnWaitDialogInit ) ); + +} diff --git a/src/Main/Forms/Forms.h b/src/Main/Forms/Forms.h index 5a3e8646..fd558e94 100644 --- a/src/Main/Forms/Forms.h +++ b/src/Main/Forms/Forms.h @@ -1,1097 +1,1097 @@ -/////////////////////////////////////////////////////////////////////////// -// C++ code generated with wxFormBuilder (version Jun 5 2014) -// http://www.wxformbuilder.org/ -// -// PLEASE DO "NOT" EDIT THIS FILE! -/////////////////////////////////////////////////////////////////////////// - -#ifndef __FORMS_H__ -#define __FORMS_H__ - -#include -#include -#include -class WizardPage; - -#include "WizardPage.h" -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -/////////////////////////////////////////////////////////////////////////// - -namespace VeraCrypt -{ - /////////////////////////////////////////////////////////////////////////////// - /// Class MainFrameBase - /////////////////////////////////////////////////////////////////////////////// - class MainFrameBase : public wxFrame - { - private: - - protected: - wxMenuBar* MainMenuBar; - wxMenu* VolumesMenu; - wxMenuItem* MountVolumeMenuItem; - wxMenuItem* DismountVolumeMenuItem; - wxMenuItem* DismountAllMenuItem; - wxMenuItem* VolumePropertiesMenuItem; - wxMenu* FavoritesMenu; - wxMenuItem* AddToFavoritesMenuItem; - wxMenuItem* AddAllMountedToFavoritesMenuItem; - wxMenu* ToolsMenu; - wxMenuItem* BackupVolumeHeadersMenuItem; - wxMenuItem* RestoreVolumeHeaderMenuItem; - wxMenuItem* WipeCachedPasswordsMenuItem; - wxMenu* SettingsMenu; - wxMenuItem* HotkeysMenuItem; - wxMenuItem* PreferencesMenuItem; - wxMenu* HelpMenu; - wxPanel* MainPanel; - wxListCtrl* SlotListCtrl; - wxStaticBoxSizer* LowStaticBoxSizer; - wxBoxSizer* HigherButtonSizer; - wxButton* CreateVolumeButton; - wxButton* VolumePropertiesButton; - wxButton* WipeCacheButton; - wxStaticBoxSizer* VolumeStaticBoxSizer; - wxGridBagSizer* VolumeGridBagSizer; - wxStaticBitmap* LogoBitmap; - wxComboBox* VolumePathComboBox; - wxButton* SelectFileButton; - wxCheckBox* NoHistoryCheckBox; - wxButton* VolumeToolsButton; - wxButton* SelectDeviceButton; - wxButton* VolumeButton; - wxButton* MountAllDevicesButton; - wxButton* DismountAllButton; - wxButton* ExitButton; - - // Virtual event handlers, overide them in your derived class - virtual void OnActivate( wxActivateEvent& event ) { event.Skip(); } - virtual void OnClose( wxCloseEvent& event ) { event.Skip(); } - virtual void OnCreateVolumeButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnMountVolumeMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnMountAllDevicesButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnDismountVolumeMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnDismountAllButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnChangePasswordMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnChangePkcs5PrfMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnChangeKeyfilesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnRemoveKeyfilesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnVolumePropertiesButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnAddToFavoritesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnAddAllMountedToFavoritesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnOrganizeFavoritesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnMountAllFavoritesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnBenchmarkMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnEncryptionTestMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnBackupVolumeHeadersMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnRestoreVolumeHeaderMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnCreateKeyfileMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnManageSecurityTokenKeyfilesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnCloseAllSecurityTokenSessionsMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnWipeCacheButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnHotkeysMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnDefaultKeyfilesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnDefaultMountParametersMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnSecurityTokenPreferencesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnPreferencesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnUserGuideMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnOnlineHelpMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnBeginnersTutorialMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnFaqMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnWebsiteMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnDownloadsMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnNewsMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnVersionHistoryMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnDonateMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnContactMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnLegalNoticesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnAboutMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnListItemActivated( wxListEvent& event ) { event.Skip(); } - virtual void OnListItemDeselected( wxListEvent& event ) { event.Skip(); } - virtual void OnListItemRightClick( wxListEvent& event ) { event.Skip(); } - virtual void OnListItemSelected( wxListEvent& event ) { event.Skip(); } - virtual void OnLogoBitmapClick( wxMouseEvent& event ) { event.Skip(); } - virtual void OnSelectFileButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnNoHistoryCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnVolumeToolsButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnSelectDeviceButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnVolumeButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnExitButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - MainFrameBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("VeraCrypt"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxCAPTION|wxCLOSE_BOX|wxMINIMIZE_BOX|wxSYSTEM_MENU|wxTAB_TRAVERSAL ); - - ~MainFrameBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class WizardFrameBase - /////////////////////////////////////////////////////////////////////////////// - class WizardFrameBase : public wxFrame - { - private: - - protected: - wxBoxSizer* MainSizer; - wxPanel* MainPanel; - wxStaticBitmap* WizardBitmap; - wxStaticText* PageTitleStaticText; - wxBoxSizer* PageSizer; - wxButton* HelpButton; - wxButton* PreviousButton; - wxButton* NextButton; - wxButton* CancelButton; - - // Virtual event handlers, overide them in your derived class - virtual void OnActivate( wxActivateEvent& event ) { event.Skip(); } - virtual void OnClose( wxCloseEvent& event ) { event.Skip(); } - virtual void OnMouseMotion( wxMouseEvent& event ) { event.Skip(); } - virtual void OnHelpButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnPreviousButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnNextButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnCancelButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - WizardFrameBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = wxEmptyString, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxCAPTION|wxCLOSE_BOX|wxMINIMIZE_BOX|wxSYSTEM_MENU|wxTAB_TRAVERSAL ); - - ~WizardFrameBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class AboutDialogBase - /////////////////////////////////////////////////////////////////////////////// - class AboutDialogBase : public wxDialog - { - private: - - protected: - wxPanel* m_panel14; - wxStaticBitmap* LogoBitmap; - wxStaticText* VersionStaticText; - wxStaticText* CopyrightStaticText; - wxHyperlinkCtrl* WebsiteHyperlink; - wxStaticLine* m_staticline3; - wxTextCtrl* CreditsTextCtrl; - wxStaticLine* m_staticline4; - wxStaticLine* m_staticline5; - - // Virtual event handlers, overide them in your derived class - virtual void OnWebsiteHyperlinkClick( wxHyperlinkEvent& event ) { event.Skip(); } - - - public: - - AboutDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = wxEmptyString, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); - ~AboutDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class BenchmarkDialogBase - /////////////////////////////////////////////////////////////////////////////// - class BenchmarkDialogBase : public wxDialog - { - private: - - protected: - wxChoice* BufferSizeChoice; - wxListCtrl* BenchmarkListCtrl; - wxBoxSizer* RightSizer; - wxButton* BenchmarkButton; - wxStaticText* BenchmarkNoteStaticText; - - // Virtual event handlers, overide them in your derived class - virtual void OnBenchmarkButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - BenchmarkDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("VeraCrypt - Encryption Algorithm Benchmark"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); - ~BenchmarkDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class ChangePasswordDialogBase - /////////////////////////////////////////////////////////////////////////////// - class ChangePasswordDialogBase : public wxDialog - { - private: - - protected: - wxStaticBoxSizer* CurrentSizer; - wxBoxSizer* CurrentPasswordPanelSizer; - wxStaticBoxSizer* NewSizer; - wxBoxSizer* NewPasswordPanelSizer; - wxButton* OKButton; - wxButton* CancelButton; - - // Virtual event handlers, overide them in your derived class - virtual void OnOKButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - ChangePasswordDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = wxEmptyString, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); - ~ChangePasswordDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class DeviceSelectionDialogBase - /////////////////////////////////////////////////////////////////////////////// - class DeviceSelectionDialogBase : public wxDialog - { - private: - - protected: - wxListCtrl* DeviceListCtrl; - wxStdDialogButtonSizer* StdButtons; - wxButton* StdButtonsOK; - wxButton* StdButtonsCancel; - - // Virtual event handlers, overide them in your derived class - virtual void OnListItemActivated( wxListEvent& event ) { event.Skip(); } - virtual void OnListItemDeselected( wxListEvent& event ) { event.Skip(); } - virtual void OnListItemSelected( wxListEvent& event ) { event.Skip(); } - - - public: - - DeviceSelectionDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Select a Partition or Device"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxDEFAULT_DIALOG_STYLE ); - ~DeviceSelectionDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class EncryptionTestDialogBase - /////////////////////////////////////////////////////////////////////////////// - class EncryptionTestDialogBase : public wxDialog - { - private: - - protected: - wxChoice* EncryptionAlgorithmChoice; - wxCheckBox* XtsModeCheckBox; - wxTextCtrl* KeyTextCtrl; - wxStaticText* KeySizeStaticText; - wxTextCtrl* SecondaryKeyTextCtrl; - wxTextCtrl* DataUnitNumberTextCtrl; - wxTextCtrl* BlockNumberTextCtrl; - wxTextCtrl* PlainTextTextCtrl; - wxTextCtrl* CipherTextTextCtrl; - wxButton* EncryptButton; - wxButton* DecryptButton; - wxButton* AutoTestAllButton; - wxButton* ResetButton; - wxButton* CloseButton; - - // Virtual event handlers, overide them in your derived class - virtual void OnEncryptionAlgorithmSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnXtsModeCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnEncryptButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnDecryptButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnAutoTestAllButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnResetButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - EncryptionTestDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("VeraCrypt - Test Vectors"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); - ~EncryptionTestDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class FavoriteVolumesDialogBase - /////////////////////////////////////////////////////////////////////////////// - class FavoriteVolumesDialogBase : public wxDialog - { - private: - - protected: - wxListCtrl* FavoritesListCtrl; - wxButton* MoveUpButton; - wxButton* MoveDownButton; - wxButton* RemoveButton; - wxButton* RemoveAllButton; - wxButton* OKButton; - wxButton* CancelButton; - - // Virtual event handlers, overide them in your derived class - virtual void OnListItemDeselected( wxListEvent& event ) { event.Skip(); } - virtual void OnListItemSelected( wxListEvent& event ) { event.Skip(); } - virtual void OnMoveUpButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnMoveDownButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnRemoveButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnRemoveAllButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnOKButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - FavoriteVolumesDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Favorite Volumes"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); - ~FavoriteVolumesDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class KeyfilesDialogBase - /////////////////////////////////////////////////////////////////////////////// - class KeyfilesDialogBase : public wxDialog - { - private: - - protected: - wxBoxSizer* UpperSizer; - wxBoxSizer* PanelSizer; - wxButton* OKButton; - wxButton* CancelButton; - wxStaticText* WarningStaticText; - wxBoxSizer* KeyfilesNoteSizer; - wxStaticText* KeyfilesNoteStaticText; - wxHyperlinkCtrl* KeyfilesHyperlink; - wxButton* CreateKeyfileButtton; - - // Virtual event handlers, overide them in your derived class - virtual void OnKeyfilesHyperlinkClick( wxHyperlinkEvent& event ) { event.Skip(); } - virtual void OnCreateKeyfileButttonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - KeyfilesDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Select Keyfiles"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); - ~KeyfilesDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class KeyfileGeneratorDialogBase - /////////////////////////////////////////////////////////////////////////////// - class KeyfileGeneratorDialogBase : public wxDialog - { - private: - - protected: - wxBoxSizer* MainSizer; - wxChoice* HashChoice; - wxStaticText* RandomPoolStaticText; - wxCheckBox* ShowRandomPoolCheckBox; - wxGauge* CollectedEntropy; - wxStaticText* MouseStaticText; - wxStaticText* m_staticText60; - wxSpinCtrl* NumberOfKeyfiles; - wxPanel* m_panel18; - wxStaticText* m_staticText63; - wxSpinCtrl* KeyfilesSize; - wxCheckBox* RandomSizeCheckBox; - wxStaticText* m_staticText65; - wxTextCtrl* KeyfilesBaseName; - wxPanel* m_panel19; - wxButton* GenerateButton; - - // Virtual event handlers, overide them in your derived class - virtual void OnMouseMotion( wxMouseEvent& event ) { event.Skip(); } - virtual void OnHashSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnShowRandomPoolCheckBoxClicked( wxCommandEvent& event ) { event.Skip(); } - virtual void OnRandomSizeCheckBoxClicked( wxCommandEvent& event ) { event.Skip(); } - virtual void OnGenerateButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - KeyfileGeneratorDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = wxEmptyString, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); - ~KeyfileGeneratorDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class LegalNoticesDialogBase - /////////////////////////////////////////////////////////////////////////////// - class LegalNoticesDialogBase : public wxDialog - { - private: - - protected: - wxTextCtrl* LegalNoticesTextCtrl; - - public: - - LegalNoticesDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("VeraCrypt - Legal Notices"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); - ~LegalNoticesDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class MountOptionsDialogBase - /////////////////////////////////////////////////////////////////////////////// - class MountOptionsDialogBase : public wxDialog - { - private: - - protected: - wxBoxSizer* MainSizer; - wxBoxSizer* PasswordSizer; - wxButton* OKButton; - wxButton* CancelButton; - wxButton* OptionsButton; - wxPanel* OptionsPanel; - wxStaticBoxSizer* OptionsSizer; - wxCheckBox* ReadOnlyCheckBox; - wxCheckBox* RemovableCheckBox; - wxCheckBox* PartitionInSystemEncryptionScopeCheckBox; - wxStaticBoxSizer* ProtectionSizer; - wxCheckBox* ProtectionCheckBox; - wxBoxSizer* ProtectionPasswordSizer; - wxHyperlinkCtrl* ProtectionHyperlinkCtrl; - wxBoxSizer* FilesystemSizer; - wxPanel* m_panel8; - wxCheckBox* NoFilesystemCheckBox; - wxGridBagSizer* FilesystemOptionsSizer; - wxBoxSizer* FilesystemSpacer; - wxStaticText* MountPointTextCtrlStaticText; - wxTextCtrl* MountPointTextCtrl; - wxButton* MountPointButton; - wxStaticText* FilesystemOptionsStaticText; - wxTextCtrl* FilesystemOptionsTextCtrl; - - // Virtual event handlers, overide them in your derived class - virtual void OnInitDialog( wxInitDialogEvent& event ) { event.Skip(); } - virtual void OnOKButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnOptionsButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnReadOnlyCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnProtectionCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnProtectionHyperlinkClick( wxHyperlinkEvent& event ) { event.Skip(); } - virtual void OnNoFilesystemCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnMountPointButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - MountOptionsDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Enter VeraCrypt Volume Password"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxDEFAULT_DIALOG_STYLE ); - ~MountOptionsDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class NewSecurityTokenKeyfileDialogBase - /////////////////////////////////////////////////////////////////////////////// - class NewSecurityTokenKeyfileDialogBase : public wxDialog - { - private: - - protected: - wxChoice* SecurityTokenChoice; - wxTextCtrl* KeyfileNameTextCtrl; - wxStdDialogButtonSizer* StdButtons; - wxButton* StdButtonsOK; - wxButton* StdButtonsCancel; - - // Virtual event handlers, overide them in your derived class - virtual void OnKeyfileNameChanged( wxCommandEvent& event ) { event.Skip(); } - - - public: - - NewSecurityTokenKeyfileDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("New Security Token Keyfile Properties"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); - ~NewSecurityTokenKeyfileDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class PreferencesDialogBase - /////////////////////////////////////////////////////////////////////////////// - class PreferencesDialogBase : public wxDialog - { - private: - - protected: - wxNotebook* PreferencesNotebook; - wxPanel* SecurityPage; - wxStaticBoxSizer* AutoDismountSizer; - wxCheckBox* DismountOnLogOffCheckBox; - wxCheckBox* DismountOnScreenSaverCheckBox; - wxCheckBox* DismountOnPowerSavingCheckBox; - wxCheckBox* DismountOnInactivityCheckBox; - wxSpinCtrl* DismountOnInactivitySpinCtrl; - wxCheckBox* ForceAutoDismountCheckBox; - wxStaticBoxSizer* FilesystemSecuritySizer; - wxCheckBox* PreserveTimestampsCheckBox; - wxCheckBox* WipeCacheOnCloseCheckBox; - wxCheckBox* WipeCacheOnAutoDismountCheckBox; - wxCheckBox* MountReadOnlyCheckBox; - wxCheckBox* MountRemovableCheckBox; - wxCheckBox* CachePasswordsCheckBox; - wxCheckBox* TrueCryptModeCheckBox; - wxStaticText* Pkcs5PrfStaticText; - wxChoice* Pkcs5PrfChoice; - wxStaticBoxSizer* FilesystemSizer; - wxTextCtrl* FilesystemOptionsTextCtrl; - wxPanel* BackgroundTaskPanel; - wxCheckBox* BackgroundTaskEnabledCheckBox; - wxCheckBox* CloseBackgroundTaskOnNoVolumesCheckBox; - wxCheckBox* BackgroundTaskMenuMountItemsEnabledCheckBox; - wxCheckBox* BackgroundTaskMenuOpenItemsEnabledCheckBox; - wxCheckBox* BackgroundTaskMenuDismountItemsEnabledCheckBox; - wxPanel* SystemIntegrationPage; - wxStaticBoxSizer* LogOnSizer; - wxCheckBox* StartOnLogonCheckBox; - wxCheckBox* MountFavoritesOnLogonCheckBox; - wxCheckBox* MountDevicesOnLogonCheckBox; - wxStaticBoxSizer* ExplorerSizer; - wxCheckBox* OpenExplorerWindowAfterMountCheckBox; - wxCheckBox* CloseExplorerWindowsOnDismountCheckBox; - wxStaticBoxSizer* KernelServicesSizer; - wxCheckBox* NoKernelCryptoCheckBox; - wxPanel* PerformanceOptionsPage; - wxStaticText* AesHwCpuSupportedStaticText; - wxCheckBox* NoHardwareCryptoCheckBox; - wxBoxSizer* DefaultKeyfilesSizer; - wxCheckBox* UseKeyfilesCheckBox; - wxTextCtrl* Pkcs11ModulePathTextCtrl; - wxButton* SelectPkcs11ModuleButton; - wxCheckBox* CloseSecurityTokenSessionsAfterMountCheckBox; - wxListCtrl* HotkeyListCtrl; - wxTextCtrl* HotkeyTextCtrl; - wxButton* AssignHotkeyButton; - wxCheckBox* HotkeyControlCheckBox; - wxCheckBox* HotkeyShiftCheckBox; - wxCheckBox* HotkeyAltCheckBox; - wxCheckBox* HotkeyWinCheckBox; - wxButton* RemoveHotkeyButton; - wxCheckBox* BeepAfterHotkeyMountDismountCheckBox; - wxCheckBox* DisplayMessageAfterHotkeyDismountCheckBox; - wxStdDialogButtonSizer* StdButtons; - wxButton* StdButtonsOK; - wxButton* StdButtonsCancel; - - // Virtual event handlers, overide them in your derived class - virtual void OnClose( wxCloseEvent& event ) { event.Skip(); } - virtual void OnDismountOnScreenSaverCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnDismountOnPowerSavingCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnForceAutoDismountCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnPreserveTimestampsCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnBackgroundTaskEnabledCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnNoKernelCryptoCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnNoHardwareCryptoCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnSelectPkcs11ModuleButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnHotkeyListItemDeselected( wxListEvent& event ) { event.Skip(); } - virtual void OnHotkeyListItemSelected( wxListEvent& event ) { event.Skip(); } - virtual void OnAssignHotkeyButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnRemoveHotkeyButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnCancelButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnOKButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - wxPanel* DefaultMountOptionsPage; - wxPanel* DefaultKeyfilesPage; - wxPanel* SecurityTokensPage; - wxPanel* HotkeysPage; - - PreferencesDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Preferences"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); - ~PreferencesDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class RandomPoolEnrichmentDialogBase - /////////////////////////////////////////////////////////////////////////////// - class RandomPoolEnrichmentDialogBase : public wxDialog - { - private: - - protected: - wxBoxSizer* MainSizer; - wxChoice* HashChoice; - wxStaticText* RandomPoolStaticText; - wxCheckBox* ShowRandomPoolCheckBox; - wxGauge* CollectedEntropy; - wxStaticText* MouseStaticText; - wxButton* ContinueButton; - - // Virtual event handlers, overide them in your derived class - virtual void OnMouseMotion( wxMouseEvent& event ) { event.Skip(); } - virtual void OnHashSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnShowRandomPoolCheckBoxClicked( wxCommandEvent& event ) { event.Skip(); } - - - public: - - RandomPoolEnrichmentDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("VeraCrypt - Random Pool Enrichment"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); - ~RandomPoolEnrichmentDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class SecurityTokenKeyfilesDialogBase - /////////////////////////////////////////////////////////////////////////////// - class SecurityTokenKeyfilesDialogBase : public wxDialog - { - private: - - protected: - wxListCtrl* SecurityTokenKeyfileListCtrl; - wxButton* ExportButton; - wxButton* DeleteButton; - wxButton* ImportButton; - wxButton* OKButton; - wxButton* CancelButton; - - // Virtual event handlers, overide them in your derived class - virtual void OnListItemActivated( wxListEvent& event ) { event.Skip(); } - virtual void OnListItemDeselected( wxListEvent& event ) { event.Skip(); } - virtual void OnListItemSelected( wxListEvent& event ) { event.Skip(); } - virtual void OnExportButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnDeleteButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnImportButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnOKButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - SecurityTokenKeyfilesDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Security Token Keyfiles"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxDEFAULT_DIALOG_STYLE ); - ~SecurityTokenKeyfilesDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class VolumePropertiesDialogBase - /////////////////////////////////////////////////////////////////////////////// - class VolumePropertiesDialogBase : public wxDialog - { - private: - - protected: - wxListCtrl* PropertiesListCtrl; - wxStdDialogButtonSizer* StdButtons; - wxButton* StdButtonsOK; - - public: - - VolumePropertiesDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Volume Properties"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); - ~VolumePropertiesDialogBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class EncryptionOptionsWizardPageBase - /////////////////////////////////////////////////////////////////////////////// - class EncryptionOptionsWizardPageBase : public WizardPage - { - private: - - protected: - wxChoice* EncryptionAlgorithmChoice; - wxButton* TestButton; - wxStaticText* EncryptionAlgorithmStaticText; - wxHyperlinkCtrl* EncryptionAlgorithmHyperlink; - wxButton* BenchmarkButton; - wxChoice* HashChoice; - wxHyperlinkCtrl* HashHyperlink; - - // Virtual event handlers, overide them in your derived class - virtual void OnEncryptionAlgorithmSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnTestButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnEncryptionAlgorithmHyperlinkClick( wxHyperlinkEvent& event ) { event.Skip(); } - virtual void OnBenchmarkButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnHashHyperlinkClick( wxHyperlinkEvent& event ) { event.Skip(); } - - - public: - - EncryptionOptionsWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); - ~EncryptionOptionsWizardPageBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class InfoWizardPageBase - /////////////////////////////////////////////////////////////////////////////// - class InfoWizardPageBase : public WizardPage - { - private: - - protected: - wxBoxSizer* InfoPageSizer; - wxStaticText* InfoStaticText; - - public: - - InfoWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); - ~InfoWizardPageBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class KeyfilesPanelBase - /////////////////////////////////////////////////////////////////////////////// - class KeyfilesPanelBase : public wxPanel - { - private: - - protected: - wxListCtrl* KeyfilesListCtrl; - wxButton* AddFilesButton; - wxButton* AddDirectoryButton; - wxButton* AddSecurityTokenSignatureButton; - wxButton* RemoveButton; - wxButton* RemoveAllButton; - - // Virtual event handlers, overide them in your derived class - virtual void OnListItemDeselected( wxListEvent& event ) { event.Skip(); } - virtual void OnListItemSelected( wxListEvent& event ) { event.Skip(); } - virtual void OnListSizeChanged( wxSizeEvent& event ) { event.Skip(); } - virtual void OnAddFilesButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnAddDirectoryButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnAddSecurityTokenSignatureButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnRemoveButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnRemoveAllButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - KeyfilesPanelBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); - ~KeyfilesPanelBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class ProgressWizardPageBase - /////////////////////////////////////////////////////////////////////////////// - class ProgressWizardPageBase : public WizardPage - { - private: - - protected: - wxBoxSizer* ProgressSizer; - wxGauge* ProgressGauge; - wxButton* AbortButton; - wxStaticText* InfoStaticText; - - // Virtual event handlers, overide them in your derived class - virtual void OnAbortButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - ProgressWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); - ~ProgressWizardPageBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class SelectDirectoryWizardPageBase - /////////////////////////////////////////////////////////////////////////////// - class SelectDirectoryWizardPageBase : public WizardPage - { - private: - - protected: - wxTextCtrl* DirectoryTextCtrl; - wxButton* BrowseButton; - wxStaticText* InfoStaticText; - - // Virtual event handlers, overide them in your derived class - virtual void OnDirectoryTextChanged( wxCommandEvent& event ) { event.Skip(); } - virtual void OnBrowseButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - SelectDirectoryWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); - ~SelectDirectoryWizardPageBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class SingleChoiceWizardPageBase - /////////////////////////////////////////////////////////////////////////////// - class SingleChoiceWizardPageBase : public WizardPage - { - private: - - protected: - wxBoxSizer* OuterChoicesSizer; - wxBoxSizer* ChoicesSizer; - wxStaticText* InfoStaticText; - - public: - - SingleChoiceWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); - ~SingleChoiceWizardPageBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class VolumeCreationProgressWizardPageBase - /////////////////////////////////////////////////////////////////////////////// - class VolumeCreationProgressWizardPageBase : public WizardPage - { - private: - - protected: - wxBoxSizer* KeySamplesUpperSizer; - wxBoxSizer* KeySamplesUpperInnerSizer; - wxStaticText* RandomPoolSampleStaticText; - wxCheckBox* DisplayKeysCheckBox; - wxStaticText* HeaderKeySampleStaticText; - wxStaticText* MasterKeySampleStaticText; - wxGauge* CollectedEntropy; - wxGauge* ProgressGauge; - wxButton* AbortButton; - wxStaticText* m_staticText31; - wxPanel* m_panel12; - wxStaticText* SizeDoneStaticText; - wxStaticText* m_staticText311; - wxPanel* m_panel121; - wxStaticText* SpeedStaticText; - wxStaticText* m_staticText312; - wxPanel* m_panel122; - wxStaticText* TimeLeftStaticText; - wxStaticText* InfoStaticText; - - // Virtual event handlers, overide them in your derived class - virtual void OnDisplayKeysCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnAbortButtonClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - VolumeCreationProgressWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); - ~VolumeCreationProgressWizardPageBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class VolumeLocationWizardPageBase - /////////////////////////////////////////////////////////////////////////////// - class VolumeLocationWizardPageBase : public WizardPage - { - private: - - protected: - wxComboBox* VolumePathComboBox; - wxButton* SelectFileButton; - wxButton* SelectDeviceButton; - wxCheckBox* NoHistoryCheckBox; - wxStaticText* InfoStaticText; - - // Virtual event handlers, overide them in your derived class - virtual void OnVolumePathTextChanged( wxCommandEvent& event ) { event.Skip(); } - virtual void OnSelectFileButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnSelectDeviceButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnNoHistoryCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - VolumeLocationWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); - ~VolumeLocationWizardPageBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class VolumeFormatOptionsWizardPageBase - /////////////////////////////////////////////////////////////////////////////// - class VolumeFormatOptionsWizardPageBase : public WizardPage - { - private: - - protected: - wxStaticText* m_staticText43; - wxChoice* FilesystemTypeChoice; - wxCheckBox* QuickFormatCheckBox; - wxStaticText* InfoStaticText; - - // Virtual event handlers, overide them in your derived class - virtual void OnFilesystemTypeSelected( wxCommandEvent& event ) { event.Skip(); } - virtual void OnQuickFormatCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - VolumeFormatOptionsWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); - ~VolumeFormatOptionsWizardPageBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class VolumePasswordPanelBase - /////////////////////////////////////////////////////////////////////////////// - class VolumePasswordPanelBase : public wxPanel - { - private: - - protected: - wxGridBagSizer* GridBagSizer; - wxStaticText* PasswordStaticText; - wxTextCtrl* PasswordTextCtrl; - wxStaticText* ConfirmPasswordStaticText; - wxTextCtrl* ConfirmPasswordTextCtrl; - wxStaticText* VolumePimStaticText; - wxTextCtrl* VolumePimTextCtrl; - wxStaticText* VolumePimHelpStaticText; - wxCheckBox* PimCheckBox; - wxCheckBox* CacheCheckBox; - wxCheckBox* DisplayPasswordCheckBox; - wxCheckBox* UseKeyfilesCheckBox; - wxButton* KeyfilesButton; - wxBoxSizer* Pkcs5PrfSizer; - wxStaticText* Pkcs5PrfStaticText; - wxChoice* Pkcs5PrfChoice; - wxCheckBox* TrueCryptModeCheckBox; - wxStaticText* HeaderWipeCountText; - wxChoice* HeaderWipeCount; - wxBoxSizer* PasswordPlaceholderSizer; - - // Virtual event handlers, overide them in your derived class - virtual void OnTextChanged( wxCommandEvent& event ) { event.Skip(); } - virtual void OnPimChanged( wxCommandEvent& event ) { event.Skip(); } - virtual void OnUsePimCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnDisplayPasswordCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnUseKeyfilesCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnKeyfilesButtonClick( wxCommandEvent& event ) { event.Skip(); } - virtual void OnKeyfilesButtonRightDown( wxMouseEvent& event ) { event.Skip(); } - virtual void OnKeyfilesButtonRightClick( wxMouseEvent& event ) { event.Skip(); } - virtual void OnTrueCryptModeChecked( wxCommandEvent& event ) { event.Skip(); } - - - public: - - VolumePasswordPanelBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); - ~VolumePasswordPanelBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class VolumePasswordWizardPageBase - /////////////////////////////////////////////////////////////////////////////// - class VolumePasswordWizardPageBase : public WizardPage - { - private: - - protected: - wxBoxSizer* PasswordPanelSizer; - wxStaticText* InfoStaticText; - - public: - - VolumePasswordWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); - ~VolumePasswordWizardPageBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class VolumePimWizardPageBase - /////////////////////////////////////////////////////////////////////////////// - class VolumePimWizardPageBase : public WizardPage - { - private: - - protected: - wxBoxSizer* PimPanelSizer; - wxBoxSizer* PimSizer; - wxStaticText* VolumePimStaticText; - wxTextCtrl* VolumePimTextCtrl; - wxStaticText* VolumePimHelpStaticText; - wxCheckBox* DisplayPimCheckBox; - wxStaticText* InfoStaticText; - - // Virtual event handlers, overide them in your derived class - virtual void OnPimChanged( wxCommandEvent& event ) { event.Skip(); } - virtual void OnDisplayPimCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } - - - public: - - VolumePimWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); - ~VolumePimWizardPageBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class VolumeSizeWizardPageBase - /////////////////////////////////////////////////////////////////////////////// - class VolumeSizeWizardPageBase : public WizardPage - { - private: - - protected: - wxTextCtrl* VolumeSizeTextCtrl; - wxChoice* VolumeSizePrefixChoice; - wxStaticText* FreeSpaceStaticText; - wxStaticText* InfoStaticText; - - // Virtual event handlers, overide them in your derived class - virtual void OnVolumeSizeTextChanged( wxCommandEvent& event ) { event.Skip(); } - virtual void OnVolumeSizePrefixSelected( wxCommandEvent& event ) { event.Skip(); } - - - public: - - VolumeSizeWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); - ~VolumeSizeWizardPageBase(); - - }; - - /////////////////////////////////////////////////////////////////////////////// - /// Class WaitDialogBase - /////////////////////////////////////////////////////////////////////////////// - class WaitDialogBase : public wxDialog - { - private: - - protected: - wxStaticText* WaitStaticText; - wxGauge* WaitProgessBar; - - // Virtual event handlers, overide them in your derived class - virtual void OnWaitDialogClose( wxCloseEvent& event ) { event.Skip(); } - virtual void OnWaitDialogInit( wxInitDialogEvent& event ) { event.Skip(); } - - - public: - - WaitDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("VeraCrypt"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxCAPTION ); - ~WaitDialogBase(); - - }; - -} // namespace VeraCrypt - -#endif //__FORMS_H__ +/////////////////////////////////////////////////////////////////////////// +// C++ code generated with wxFormBuilder (version Jun 5 2014) +// http://www.wxformbuilder.org/ +// +// PLEASE DO "NOT" EDIT THIS FILE! +/////////////////////////////////////////////////////////////////////////// + +#ifndef __FORMS_H__ +#define __FORMS_H__ + +#include +#include +#include +class WizardPage; + +#include "WizardPage.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/////////////////////////////////////////////////////////////////////////// + +namespace VeraCrypt +{ + /////////////////////////////////////////////////////////////////////////////// + /// Class MainFrameBase + /////////////////////////////////////////////////////////////////////////////// + class MainFrameBase : public wxFrame + { + private: + + protected: + wxMenuBar* MainMenuBar; + wxMenu* VolumesMenu; + wxMenuItem* MountVolumeMenuItem; + wxMenuItem* DismountVolumeMenuItem; + wxMenuItem* DismountAllMenuItem; + wxMenuItem* VolumePropertiesMenuItem; + wxMenu* FavoritesMenu; + wxMenuItem* AddToFavoritesMenuItem; + wxMenuItem* AddAllMountedToFavoritesMenuItem; + wxMenu* ToolsMenu; + wxMenuItem* BackupVolumeHeadersMenuItem; + wxMenuItem* RestoreVolumeHeaderMenuItem; + wxMenuItem* WipeCachedPasswordsMenuItem; + wxMenu* SettingsMenu; + wxMenuItem* HotkeysMenuItem; + wxMenuItem* PreferencesMenuItem; + wxMenu* HelpMenu; + wxPanel* MainPanel; + wxListCtrl* SlotListCtrl; + wxStaticBoxSizer* LowStaticBoxSizer; + wxBoxSizer* HigherButtonSizer; + wxButton* CreateVolumeButton; + wxButton* VolumePropertiesButton; + wxButton* WipeCacheButton; + wxStaticBoxSizer* VolumeStaticBoxSizer; + wxGridBagSizer* VolumeGridBagSizer; + wxStaticBitmap* LogoBitmap; + wxComboBox* VolumePathComboBox; + wxButton* SelectFileButton; + wxCheckBox* NoHistoryCheckBox; + wxButton* VolumeToolsButton; + wxButton* SelectDeviceButton; + wxButton* VolumeButton; + wxButton* MountAllDevicesButton; + wxButton* DismountAllButton; + wxButton* ExitButton; + + // Virtual event handlers, overide them in your derived class + virtual void OnActivate( wxActivateEvent& event ) { event.Skip(); } + virtual void OnClose( wxCloseEvent& event ) { event.Skip(); } + virtual void OnCreateVolumeButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnMountVolumeMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnMountAllDevicesButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnDismountVolumeMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnDismountAllButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnChangePasswordMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnChangePkcs5PrfMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnChangeKeyfilesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnRemoveKeyfilesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnVolumePropertiesButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnAddToFavoritesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnAddAllMountedToFavoritesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnOrganizeFavoritesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnMountAllFavoritesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnBenchmarkMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnEncryptionTestMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnBackupVolumeHeadersMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnRestoreVolumeHeaderMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnCreateKeyfileMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnManageSecurityTokenKeyfilesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnCloseAllSecurityTokenSessionsMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnWipeCacheButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnHotkeysMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnDefaultKeyfilesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnDefaultMountParametersMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnSecurityTokenPreferencesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnPreferencesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnUserGuideMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnOnlineHelpMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnBeginnersTutorialMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnFaqMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnWebsiteMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnDownloadsMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnNewsMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnVersionHistoryMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnDonateMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnContactMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnLegalNoticesMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnAboutMenuItemSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnListItemActivated( wxListEvent& event ) { event.Skip(); } + virtual void OnListItemDeselected( wxListEvent& event ) { event.Skip(); } + virtual void OnListItemRightClick( wxListEvent& event ) { event.Skip(); } + virtual void OnListItemSelected( wxListEvent& event ) { event.Skip(); } + virtual void OnLogoBitmapClick( wxMouseEvent& event ) { event.Skip(); } + virtual void OnSelectFileButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnNoHistoryCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnVolumeToolsButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnSelectDeviceButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnVolumeButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnExitButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + MainFrameBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("VeraCrypt"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxCAPTION|wxCLOSE_BOX|wxMINIMIZE_BOX|wxSYSTEM_MENU|wxTAB_TRAVERSAL ); + + ~MainFrameBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class WizardFrameBase + /////////////////////////////////////////////////////////////////////////////// + class WizardFrameBase : public wxFrame + { + private: + + protected: + wxBoxSizer* MainSizer; + wxPanel* MainPanel; + wxStaticBitmap* WizardBitmap; + wxStaticText* PageTitleStaticText; + wxBoxSizer* PageSizer; + wxButton* HelpButton; + wxButton* PreviousButton; + wxButton* NextButton; + wxButton* CancelButton; + + // Virtual event handlers, overide them in your derived class + virtual void OnActivate( wxActivateEvent& event ) { event.Skip(); } + virtual void OnClose( wxCloseEvent& event ) { event.Skip(); } + virtual void OnMouseMotion( wxMouseEvent& event ) { event.Skip(); } + virtual void OnHelpButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnPreviousButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnNextButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnCancelButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + WizardFrameBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = wxEmptyString, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxCAPTION|wxCLOSE_BOX|wxMINIMIZE_BOX|wxSYSTEM_MENU|wxTAB_TRAVERSAL ); + + ~WizardFrameBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class AboutDialogBase + /////////////////////////////////////////////////////////////////////////////// + class AboutDialogBase : public wxDialog + { + private: + + protected: + wxPanel* m_panel14; + wxStaticBitmap* LogoBitmap; + wxStaticText* VersionStaticText; + wxStaticText* CopyrightStaticText; + wxHyperlinkCtrl* WebsiteHyperlink; + wxStaticLine* m_staticline3; + wxTextCtrl* CreditsTextCtrl; + wxStaticLine* m_staticline4; + wxStaticLine* m_staticline5; + + // Virtual event handlers, overide them in your derived class + virtual void OnWebsiteHyperlinkClick( wxHyperlinkEvent& event ) { event.Skip(); } + + + public: + + AboutDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = wxEmptyString, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); + ~AboutDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class BenchmarkDialogBase + /////////////////////////////////////////////////////////////////////////////// + class BenchmarkDialogBase : public wxDialog + { + private: + + protected: + wxChoice* BufferSizeChoice; + wxListCtrl* BenchmarkListCtrl; + wxBoxSizer* RightSizer; + wxButton* BenchmarkButton; + wxStaticText* BenchmarkNoteStaticText; + + // Virtual event handlers, overide them in your derived class + virtual void OnBenchmarkButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + BenchmarkDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("VeraCrypt - Encryption Algorithm Benchmark"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); + ~BenchmarkDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class ChangePasswordDialogBase + /////////////////////////////////////////////////////////////////////////////// + class ChangePasswordDialogBase : public wxDialog + { + private: + + protected: + wxStaticBoxSizer* CurrentSizer; + wxBoxSizer* CurrentPasswordPanelSizer; + wxStaticBoxSizer* NewSizer; + wxBoxSizer* NewPasswordPanelSizer; + wxButton* OKButton; + wxButton* CancelButton; + + // Virtual event handlers, overide them in your derived class + virtual void OnOKButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + ChangePasswordDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = wxEmptyString, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); + ~ChangePasswordDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class DeviceSelectionDialogBase + /////////////////////////////////////////////////////////////////////////////// + class DeviceSelectionDialogBase : public wxDialog + { + private: + + protected: + wxListCtrl* DeviceListCtrl; + wxStdDialogButtonSizer* StdButtons; + wxButton* StdButtonsOK; + wxButton* StdButtonsCancel; + + // Virtual event handlers, overide them in your derived class + virtual void OnListItemActivated( wxListEvent& event ) { event.Skip(); } + virtual void OnListItemDeselected( wxListEvent& event ) { event.Skip(); } + virtual void OnListItemSelected( wxListEvent& event ) { event.Skip(); } + + + public: + + DeviceSelectionDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Select a Partition or Device"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxDEFAULT_DIALOG_STYLE ); + ~DeviceSelectionDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class EncryptionTestDialogBase + /////////////////////////////////////////////////////////////////////////////// + class EncryptionTestDialogBase : public wxDialog + { + private: + + protected: + wxChoice* EncryptionAlgorithmChoice; + wxCheckBox* XtsModeCheckBox; + wxTextCtrl* KeyTextCtrl; + wxStaticText* KeySizeStaticText; + wxTextCtrl* SecondaryKeyTextCtrl; + wxTextCtrl* DataUnitNumberTextCtrl; + wxTextCtrl* BlockNumberTextCtrl; + wxTextCtrl* PlainTextTextCtrl; + wxTextCtrl* CipherTextTextCtrl; + wxButton* EncryptButton; + wxButton* DecryptButton; + wxButton* AutoTestAllButton; + wxButton* ResetButton; + wxButton* CloseButton; + + // Virtual event handlers, overide them in your derived class + virtual void OnEncryptionAlgorithmSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnXtsModeCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnEncryptButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnDecryptButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnAutoTestAllButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnResetButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + EncryptionTestDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("VeraCrypt - Test Vectors"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); + ~EncryptionTestDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class FavoriteVolumesDialogBase + /////////////////////////////////////////////////////////////////////////////// + class FavoriteVolumesDialogBase : public wxDialog + { + private: + + protected: + wxListCtrl* FavoritesListCtrl; + wxButton* MoveUpButton; + wxButton* MoveDownButton; + wxButton* RemoveButton; + wxButton* RemoveAllButton; + wxButton* OKButton; + wxButton* CancelButton; + + // Virtual event handlers, overide them in your derived class + virtual void OnListItemDeselected( wxListEvent& event ) { event.Skip(); } + virtual void OnListItemSelected( wxListEvent& event ) { event.Skip(); } + virtual void OnMoveUpButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnMoveDownButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnRemoveButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnRemoveAllButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnOKButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + FavoriteVolumesDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Favorite Volumes"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); + ~FavoriteVolumesDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class KeyfilesDialogBase + /////////////////////////////////////////////////////////////////////////////// + class KeyfilesDialogBase : public wxDialog + { + private: + + protected: + wxBoxSizer* UpperSizer; + wxBoxSizer* PanelSizer; + wxButton* OKButton; + wxButton* CancelButton; + wxStaticText* WarningStaticText; + wxBoxSizer* KeyfilesNoteSizer; + wxStaticText* KeyfilesNoteStaticText; + wxHyperlinkCtrl* KeyfilesHyperlink; + wxButton* CreateKeyfileButtton; + + // Virtual event handlers, overide them in your derived class + virtual void OnKeyfilesHyperlinkClick( wxHyperlinkEvent& event ) { event.Skip(); } + virtual void OnCreateKeyfileButttonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + KeyfilesDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Select Keyfiles"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); + ~KeyfilesDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class KeyfileGeneratorDialogBase + /////////////////////////////////////////////////////////////////////////////// + class KeyfileGeneratorDialogBase : public wxDialog + { + private: + + protected: + wxBoxSizer* MainSizer; + wxChoice* HashChoice; + wxStaticText* RandomPoolStaticText; + wxCheckBox* ShowRandomPoolCheckBox; + wxGauge* CollectedEntropy; + wxStaticText* MouseStaticText; + wxStaticText* m_staticText60; + wxSpinCtrl* NumberOfKeyfiles; + wxPanel* m_panel18; + wxStaticText* m_staticText63; + wxSpinCtrl* KeyfilesSize; + wxCheckBox* RandomSizeCheckBox; + wxStaticText* m_staticText65; + wxTextCtrl* KeyfilesBaseName; + wxPanel* m_panel19; + wxButton* GenerateButton; + + // Virtual event handlers, overide them in your derived class + virtual void OnMouseMotion( wxMouseEvent& event ) { event.Skip(); } + virtual void OnHashSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnShowRandomPoolCheckBoxClicked( wxCommandEvent& event ) { event.Skip(); } + virtual void OnRandomSizeCheckBoxClicked( wxCommandEvent& event ) { event.Skip(); } + virtual void OnGenerateButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + KeyfileGeneratorDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = wxEmptyString, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); + ~KeyfileGeneratorDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class LegalNoticesDialogBase + /////////////////////////////////////////////////////////////////////////////// + class LegalNoticesDialogBase : public wxDialog + { + private: + + protected: + wxTextCtrl* LegalNoticesTextCtrl; + + public: + + LegalNoticesDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("VeraCrypt - Legal Notices"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); + ~LegalNoticesDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class MountOptionsDialogBase + /////////////////////////////////////////////////////////////////////////////// + class MountOptionsDialogBase : public wxDialog + { + private: + + protected: + wxBoxSizer* MainSizer; + wxBoxSizer* PasswordSizer; + wxButton* OKButton; + wxButton* CancelButton; + wxButton* OptionsButton; + wxPanel* OptionsPanel; + wxStaticBoxSizer* OptionsSizer; + wxCheckBox* ReadOnlyCheckBox; + wxCheckBox* RemovableCheckBox; + wxCheckBox* PartitionInSystemEncryptionScopeCheckBox; + wxStaticBoxSizer* ProtectionSizer; + wxCheckBox* ProtectionCheckBox; + wxBoxSizer* ProtectionPasswordSizer; + wxHyperlinkCtrl* ProtectionHyperlinkCtrl; + wxBoxSizer* FilesystemSizer; + wxPanel* m_panel8; + wxCheckBox* NoFilesystemCheckBox; + wxGridBagSizer* FilesystemOptionsSizer; + wxBoxSizer* FilesystemSpacer; + wxStaticText* MountPointTextCtrlStaticText; + wxTextCtrl* MountPointTextCtrl; + wxButton* MountPointButton; + wxStaticText* FilesystemOptionsStaticText; + wxTextCtrl* FilesystemOptionsTextCtrl; + + // Virtual event handlers, overide them in your derived class + virtual void OnInitDialog( wxInitDialogEvent& event ) { event.Skip(); } + virtual void OnOKButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnOptionsButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnReadOnlyCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnProtectionCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnProtectionHyperlinkClick( wxHyperlinkEvent& event ) { event.Skip(); } + virtual void OnNoFilesystemCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnMountPointButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + MountOptionsDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Enter VeraCrypt Volume Password"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxDEFAULT_DIALOG_STYLE ); + ~MountOptionsDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class NewSecurityTokenKeyfileDialogBase + /////////////////////////////////////////////////////////////////////////////// + class NewSecurityTokenKeyfileDialogBase : public wxDialog + { + private: + + protected: + wxChoice* SecurityTokenChoice; + wxTextCtrl* KeyfileNameTextCtrl; + wxStdDialogButtonSizer* StdButtons; + wxButton* StdButtonsOK; + wxButton* StdButtonsCancel; + + // Virtual event handlers, overide them in your derived class + virtual void OnKeyfileNameChanged( wxCommandEvent& event ) { event.Skip(); } + + + public: + + NewSecurityTokenKeyfileDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("New Security Token Keyfile Properties"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); + ~NewSecurityTokenKeyfileDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class PreferencesDialogBase + /////////////////////////////////////////////////////////////////////////////// + class PreferencesDialogBase : public wxDialog + { + private: + + protected: + wxNotebook* PreferencesNotebook; + wxPanel* SecurityPage; + wxStaticBoxSizer* AutoDismountSizer; + wxCheckBox* DismountOnLogOffCheckBox; + wxCheckBox* DismountOnScreenSaverCheckBox; + wxCheckBox* DismountOnPowerSavingCheckBox; + wxCheckBox* DismountOnInactivityCheckBox; + wxSpinCtrl* DismountOnInactivitySpinCtrl; + wxCheckBox* ForceAutoDismountCheckBox; + wxStaticBoxSizer* FilesystemSecuritySizer; + wxCheckBox* PreserveTimestampsCheckBox; + wxCheckBox* WipeCacheOnCloseCheckBox; + wxCheckBox* WipeCacheOnAutoDismountCheckBox; + wxCheckBox* MountReadOnlyCheckBox; + wxCheckBox* MountRemovableCheckBox; + wxCheckBox* CachePasswordsCheckBox; + wxCheckBox* TrueCryptModeCheckBox; + wxStaticText* Pkcs5PrfStaticText; + wxChoice* Pkcs5PrfChoice; + wxStaticBoxSizer* FilesystemSizer; + wxTextCtrl* FilesystemOptionsTextCtrl; + wxPanel* BackgroundTaskPanel; + wxCheckBox* BackgroundTaskEnabledCheckBox; + wxCheckBox* CloseBackgroundTaskOnNoVolumesCheckBox; + wxCheckBox* BackgroundTaskMenuMountItemsEnabledCheckBox; + wxCheckBox* BackgroundTaskMenuOpenItemsEnabledCheckBox; + wxCheckBox* BackgroundTaskMenuDismountItemsEnabledCheckBox; + wxPanel* SystemIntegrationPage; + wxStaticBoxSizer* LogOnSizer; + wxCheckBox* StartOnLogonCheckBox; + wxCheckBox* MountFavoritesOnLogonCheckBox; + wxCheckBox* MountDevicesOnLogonCheckBox; + wxStaticBoxSizer* ExplorerSizer; + wxCheckBox* OpenExplorerWindowAfterMountCheckBox; + wxCheckBox* CloseExplorerWindowsOnDismountCheckBox; + wxStaticBoxSizer* KernelServicesSizer; + wxCheckBox* NoKernelCryptoCheckBox; + wxPanel* PerformanceOptionsPage; + wxStaticText* AesHwCpuSupportedStaticText; + wxCheckBox* NoHardwareCryptoCheckBox; + wxBoxSizer* DefaultKeyfilesSizer; + wxCheckBox* UseKeyfilesCheckBox; + wxTextCtrl* Pkcs11ModulePathTextCtrl; + wxButton* SelectPkcs11ModuleButton; + wxCheckBox* CloseSecurityTokenSessionsAfterMountCheckBox; + wxListCtrl* HotkeyListCtrl; + wxTextCtrl* HotkeyTextCtrl; + wxButton* AssignHotkeyButton; + wxCheckBox* HotkeyControlCheckBox; + wxCheckBox* HotkeyShiftCheckBox; + wxCheckBox* HotkeyAltCheckBox; + wxCheckBox* HotkeyWinCheckBox; + wxButton* RemoveHotkeyButton; + wxCheckBox* BeepAfterHotkeyMountDismountCheckBox; + wxCheckBox* DisplayMessageAfterHotkeyDismountCheckBox; + wxStdDialogButtonSizer* StdButtons; + wxButton* StdButtonsOK; + wxButton* StdButtonsCancel; + + // Virtual event handlers, overide them in your derived class + virtual void OnClose( wxCloseEvent& event ) { event.Skip(); } + virtual void OnDismountOnScreenSaverCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnDismountOnPowerSavingCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnForceAutoDismountCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnPreserveTimestampsCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnBackgroundTaskEnabledCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnNoKernelCryptoCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnNoHardwareCryptoCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnSelectPkcs11ModuleButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnHotkeyListItemDeselected( wxListEvent& event ) { event.Skip(); } + virtual void OnHotkeyListItemSelected( wxListEvent& event ) { event.Skip(); } + virtual void OnAssignHotkeyButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnRemoveHotkeyButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnCancelButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnOKButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + wxPanel* DefaultMountOptionsPage; + wxPanel* DefaultKeyfilesPage; + wxPanel* SecurityTokensPage; + wxPanel* HotkeysPage; + + PreferencesDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Preferences"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); + ~PreferencesDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class RandomPoolEnrichmentDialogBase + /////////////////////////////////////////////////////////////////////////////// + class RandomPoolEnrichmentDialogBase : public wxDialog + { + private: + + protected: + wxBoxSizer* MainSizer; + wxChoice* HashChoice; + wxStaticText* RandomPoolStaticText; + wxCheckBox* ShowRandomPoolCheckBox; + wxGauge* CollectedEntropy; + wxStaticText* MouseStaticText; + wxButton* ContinueButton; + + // Virtual event handlers, overide them in your derived class + virtual void OnMouseMotion( wxMouseEvent& event ) { event.Skip(); } + virtual void OnHashSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnShowRandomPoolCheckBoxClicked( wxCommandEvent& event ) { event.Skip(); } + + + public: + + RandomPoolEnrichmentDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("VeraCrypt - Random Pool Enrichment"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); + ~RandomPoolEnrichmentDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class SecurityTokenKeyfilesDialogBase + /////////////////////////////////////////////////////////////////////////////// + class SecurityTokenKeyfilesDialogBase : public wxDialog + { + private: + + protected: + wxListCtrl* SecurityTokenKeyfileListCtrl; + wxButton* ExportButton; + wxButton* DeleteButton; + wxButton* ImportButton; + wxButton* OKButton; + wxButton* CancelButton; + + // Virtual event handlers, overide them in your derived class + virtual void OnListItemActivated( wxListEvent& event ) { event.Skip(); } + virtual void OnListItemDeselected( wxListEvent& event ) { event.Skip(); } + virtual void OnListItemSelected( wxListEvent& event ) { event.Skip(); } + virtual void OnExportButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnDeleteButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnImportButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnOKButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + SecurityTokenKeyfilesDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Security Token Keyfiles"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxDEFAULT_DIALOG_STYLE ); + ~SecurityTokenKeyfilesDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class VolumePropertiesDialogBase + /////////////////////////////////////////////////////////////////////////////// + class VolumePropertiesDialogBase : public wxDialog + { + private: + + protected: + wxListCtrl* PropertiesListCtrl; + wxStdDialogButtonSizer* StdButtons; + wxButton* StdButtonsOK; + + public: + + VolumePropertiesDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("Volume Properties"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxDefaultSize, long style = wxDEFAULT_DIALOG_STYLE ); + ~VolumePropertiesDialogBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class EncryptionOptionsWizardPageBase + /////////////////////////////////////////////////////////////////////////////// + class EncryptionOptionsWizardPageBase : public WizardPage + { + private: + + protected: + wxChoice* EncryptionAlgorithmChoice; + wxButton* TestButton; + wxStaticText* EncryptionAlgorithmStaticText; + wxHyperlinkCtrl* EncryptionAlgorithmHyperlink; + wxButton* BenchmarkButton; + wxChoice* HashChoice; + wxHyperlinkCtrl* HashHyperlink; + + // Virtual event handlers, overide them in your derived class + virtual void OnEncryptionAlgorithmSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnTestButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnEncryptionAlgorithmHyperlinkClick( wxHyperlinkEvent& event ) { event.Skip(); } + virtual void OnBenchmarkButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnHashHyperlinkClick( wxHyperlinkEvent& event ) { event.Skip(); } + + + public: + + EncryptionOptionsWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); + ~EncryptionOptionsWizardPageBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class InfoWizardPageBase + /////////////////////////////////////////////////////////////////////////////// + class InfoWizardPageBase : public WizardPage + { + private: + + protected: + wxBoxSizer* InfoPageSizer; + wxStaticText* InfoStaticText; + + public: + + InfoWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); + ~InfoWizardPageBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class KeyfilesPanelBase + /////////////////////////////////////////////////////////////////////////////// + class KeyfilesPanelBase : public wxPanel + { + private: + + protected: + wxListCtrl* KeyfilesListCtrl; + wxButton* AddFilesButton; + wxButton* AddDirectoryButton; + wxButton* AddSecurityTokenSignatureButton; + wxButton* RemoveButton; + wxButton* RemoveAllButton; + + // Virtual event handlers, overide them in your derived class + virtual void OnListItemDeselected( wxListEvent& event ) { event.Skip(); } + virtual void OnListItemSelected( wxListEvent& event ) { event.Skip(); } + virtual void OnListSizeChanged( wxSizeEvent& event ) { event.Skip(); } + virtual void OnAddFilesButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnAddDirectoryButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnAddSecurityTokenSignatureButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnRemoveButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnRemoveAllButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + KeyfilesPanelBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); + ~KeyfilesPanelBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class ProgressWizardPageBase + /////////////////////////////////////////////////////////////////////////////// + class ProgressWizardPageBase : public WizardPage + { + private: + + protected: + wxBoxSizer* ProgressSizer; + wxGauge* ProgressGauge; + wxButton* AbortButton; + wxStaticText* InfoStaticText; + + // Virtual event handlers, overide them in your derived class + virtual void OnAbortButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + ProgressWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); + ~ProgressWizardPageBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class SelectDirectoryWizardPageBase + /////////////////////////////////////////////////////////////////////////////// + class SelectDirectoryWizardPageBase : public WizardPage + { + private: + + protected: + wxTextCtrl* DirectoryTextCtrl; + wxButton* BrowseButton; + wxStaticText* InfoStaticText; + + // Virtual event handlers, overide them in your derived class + virtual void OnDirectoryTextChanged( wxCommandEvent& event ) { event.Skip(); } + virtual void OnBrowseButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + SelectDirectoryWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); + ~SelectDirectoryWizardPageBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class SingleChoiceWizardPageBase + /////////////////////////////////////////////////////////////////////////////// + class SingleChoiceWizardPageBase : public WizardPage + { + private: + + protected: + wxBoxSizer* OuterChoicesSizer; + wxBoxSizer* ChoicesSizer; + wxStaticText* InfoStaticText; + + public: + + SingleChoiceWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); + ~SingleChoiceWizardPageBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class VolumeCreationProgressWizardPageBase + /////////////////////////////////////////////////////////////////////////////// + class VolumeCreationProgressWizardPageBase : public WizardPage + { + private: + + protected: + wxBoxSizer* KeySamplesUpperSizer; + wxBoxSizer* KeySamplesUpperInnerSizer; + wxStaticText* RandomPoolSampleStaticText; + wxCheckBox* DisplayKeysCheckBox; + wxStaticText* HeaderKeySampleStaticText; + wxStaticText* MasterKeySampleStaticText; + wxGauge* CollectedEntropy; + wxGauge* ProgressGauge; + wxButton* AbortButton; + wxStaticText* m_staticText31; + wxPanel* m_panel12; + wxStaticText* SizeDoneStaticText; + wxStaticText* m_staticText311; + wxPanel* m_panel121; + wxStaticText* SpeedStaticText; + wxStaticText* m_staticText312; + wxPanel* m_panel122; + wxStaticText* TimeLeftStaticText; + wxStaticText* InfoStaticText; + + // Virtual event handlers, overide them in your derived class + virtual void OnDisplayKeysCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnAbortButtonClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + VolumeCreationProgressWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); + ~VolumeCreationProgressWizardPageBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class VolumeLocationWizardPageBase + /////////////////////////////////////////////////////////////////////////////// + class VolumeLocationWizardPageBase : public WizardPage + { + private: + + protected: + wxComboBox* VolumePathComboBox; + wxButton* SelectFileButton; + wxButton* SelectDeviceButton; + wxCheckBox* NoHistoryCheckBox; + wxStaticText* InfoStaticText; + + // Virtual event handlers, overide them in your derived class + virtual void OnVolumePathTextChanged( wxCommandEvent& event ) { event.Skip(); } + virtual void OnSelectFileButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnSelectDeviceButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnNoHistoryCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + VolumeLocationWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); + ~VolumeLocationWizardPageBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class VolumeFormatOptionsWizardPageBase + /////////////////////////////////////////////////////////////////////////////// + class VolumeFormatOptionsWizardPageBase : public WizardPage + { + private: + + protected: + wxStaticText* m_staticText43; + wxChoice* FilesystemTypeChoice; + wxCheckBox* QuickFormatCheckBox; + wxStaticText* InfoStaticText; + + // Virtual event handlers, overide them in your derived class + virtual void OnFilesystemTypeSelected( wxCommandEvent& event ) { event.Skip(); } + virtual void OnQuickFormatCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + VolumeFormatOptionsWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); + ~VolumeFormatOptionsWizardPageBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class VolumePasswordPanelBase + /////////////////////////////////////////////////////////////////////////////// + class VolumePasswordPanelBase : public wxPanel + { + private: + + protected: + wxGridBagSizer* GridBagSizer; + wxStaticText* PasswordStaticText; + wxTextCtrl* PasswordTextCtrl; + wxStaticText* ConfirmPasswordStaticText; + wxTextCtrl* ConfirmPasswordTextCtrl; + wxStaticText* VolumePimStaticText; + wxTextCtrl* VolumePimTextCtrl; + wxStaticText* VolumePimHelpStaticText; + wxCheckBox* PimCheckBox; + wxCheckBox* CacheCheckBox; + wxCheckBox* DisplayPasswordCheckBox; + wxCheckBox* UseKeyfilesCheckBox; + wxButton* KeyfilesButton; + wxBoxSizer* Pkcs5PrfSizer; + wxStaticText* Pkcs5PrfStaticText; + wxChoice* Pkcs5PrfChoice; + wxCheckBox* TrueCryptModeCheckBox; + wxStaticText* HeaderWipeCountText; + wxChoice* HeaderWipeCount; + wxBoxSizer* PasswordPlaceholderSizer; + + // Virtual event handlers, overide them in your derived class + virtual void OnTextChanged( wxCommandEvent& event ) { event.Skip(); } + virtual void OnPimChanged( wxCommandEvent& event ) { event.Skip(); } + virtual void OnUsePimCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnDisplayPasswordCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnUseKeyfilesCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnKeyfilesButtonClick( wxCommandEvent& event ) { event.Skip(); } + virtual void OnKeyfilesButtonRightDown( wxMouseEvent& event ) { event.Skip(); } + virtual void OnKeyfilesButtonRightClick( wxMouseEvent& event ) { event.Skip(); } + virtual void OnTrueCryptModeChecked( wxCommandEvent& event ) { event.Skip(); } + + + public: + + VolumePasswordPanelBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); + ~VolumePasswordPanelBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class VolumePasswordWizardPageBase + /////////////////////////////////////////////////////////////////////////////// + class VolumePasswordWizardPageBase : public WizardPage + { + private: + + protected: + wxBoxSizer* PasswordPanelSizer; + wxStaticText* InfoStaticText; + + public: + + VolumePasswordWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); + ~VolumePasswordWizardPageBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class VolumePimWizardPageBase + /////////////////////////////////////////////////////////////////////////////// + class VolumePimWizardPageBase : public WizardPage + { + private: + + protected: + wxBoxSizer* PimPanelSizer; + wxBoxSizer* PimSizer; + wxStaticText* VolumePimStaticText; + wxTextCtrl* VolumePimTextCtrl; + wxStaticText* VolumePimHelpStaticText; + wxCheckBox* DisplayPimCheckBox; + wxStaticText* InfoStaticText; + + // Virtual event handlers, overide them in your derived class + virtual void OnPimChanged( wxCommandEvent& event ) { event.Skip(); } + virtual void OnDisplayPimCheckBoxClick( wxCommandEvent& event ) { event.Skip(); } + + + public: + + VolumePimWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); + ~VolumePimWizardPageBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class VolumeSizeWizardPageBase + /////////////////////////////////////////////////////////////////////////////// + class VolumeSizeWizardPageBase : public WizardPage + { + private: + + protected: + wxTextCtrl* VolumeSizeTextCtrl; + wxChoice* VolumeSizePrefixChoice; + wxStaticText* FreeSpaceStaticText; + wxStaticText* InfoStaticText; + + // Virtual event handlers, overide them in your derived class + virtual void OnVolumeSizeTextChanged( wxCommandEvent& event ) { event.Skip(); } + virtual void OnVolumeSizePrefixSelected( wxCommandEvent& event ) { event.Skip(); } + + + public: + + VolumeSizeWizardPageBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxTAB_TRAVERSAL ); + ~VolumeSizeWizardPageBase(); + + }; + + /////////////////////////////////////////////////////////////////////////////// + /// Class WaitDialogBase + /////////////////////////////////////////////////////////////////////////////// + class WaitDialogBase : public wxDialog + { + private: + + protected: + wxStaticText* WaitStaticText; + wxGauge* WaitProgessBar; + + // Virtual event handlers, overide them in your derived class + virtual void OnWaitDialogClose( wxCloseEvent& event ) { event.Skip(); } + virtual void OnWaitDialogInit( wxInitDialogEvent& event ) { event.Skip(); } + + + public: + + WaitDialogBase( wxWindow* parent, wxWindowID id = wxID_ANY, const wxString& title = _("VeraCrypt"), const wxPoint& pos = wxDefaultPosition, const wxSize& size = wxSize( -1,-1 ), long style = wxCAPTION ); + ~WaitDialogBase(); + + }; + +} // namespace VeraCrypt + +#endif //__FORMS_H__ diff --git a/src/Main/Forms/TrueCrypt.fbp b/src/Main/Forms/TrueCrypt.fbp index b71d80d1..a74a2a5b 100644 --- a/src/Main/Forms/TrueCrypt.fbp +++ b/src/Main/Forms/TrueCrypt.fbp @@ -1,28738 +1,28738 @@ - - - - - - C++ - 1 - source_name - 0 - 0 - res - UTF-8 - connect - Forms - 1000 - none - 1 - VeraCrypt - "VeraCrypt" - . - #include "System.h" - 1 - 1 - 1 - 1 - UI - 1 - 0 - - 0 - wxAUI_MGR_DEFAULT - - wxBOTH - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - -1,496 - MainFrameBase - - -1,-1 - wxCAPTION|wxCLOSE_BOX|wxMINIMIZE_BOX|wxSYSTEM_MENU - - VeraCrypt - - - - wxTAB_TRAVERSAL - 1 - OnActivate - - - - - - - - - OnClose - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1 - 1 - - - 0 - wxID_ANY - MainMenuBar - - - MainMenuBar - protected - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - &Volumes - VolumesMenu - protected - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Create New Volume... - CreateNewVolumeMenuItem - none - - - OnCreateVolumeButtonClick - - - - m_separator1 - none - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Mount Volume - MountVolumeMenuItem - protected - - - OnMountVolumeMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Auto-Mount All Device-Hosted Volumes - AutoMountDevicesMenuItem - none - - - OnMountAllDevicesButtonClick - - - - m_separator2 - none - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Dismount Volume - DismountVolumeMenuItem - protected - - - OnDismountVolumeMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Dismount All Mounted Volumes - DismountAllMenuItem - protected - - - OnDismountAllButtonClick - - - - m_separator3 - none - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Change Volume Password... - ChangePasswordMenuItem - none - - - OnChangePasswordMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Change Header Key Derivation Algorithm... - ChangePkcs5PrfMenuItem - none - - - OnChangePkcs5PrfMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Add/Remove Keyfiles to/from Volume... - ChangeKeyfilesMenuItem - none - - - OnChangeKeyfilesMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Remove All Keyfiles from Volume... - RemoveKeyfilesMenuItem - none - - - OnRemoveKeyfilesMenuItemSelected - - - - m_separator4 - none - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Volume Properties... - VolumePropertiesMenuItem - protected - - - OnVolumePropertiesButtonClick - - - - - &Favorites - FavoritesMenu - protected - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Add Selected Volume to Favorites... - AddToFavoritesMenuItem - protected - - - OnAddToFavoritesMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Add All Mounted Volumes to Favorites... - AddAllMountedToFavoritesMenuItem - protected - - - OnAddAllMountedToFavoritesMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Organize Favorite Volumes... - OrganizeFavoritesMenuItem - none - - - OnOrganizeFavoritesMenuItemSelected - - - - m_separator5 - none - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Mount Favorite Volumes - MountAllFavoritesMenuItem - none - - - OnMountAllFavoritesMenuItemSelected - - - - m_separator6 - none - - - - T&ools - ToolsMenu - protected - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Benchmark... - BenchmarkMenuItem - none - - - OnBenchmarkMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Test Vectors... - EncryptionTestMenuItem - none - - - OnEncryptionTestMenuItemSelected - - - - m_separator7 - none - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Volume Creation Wizard - VolumeCreationWizardMenuItem - none - - - OnCreateVolumeButtonClick - - - - m_separator8 - none - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Backup Volume Header... - BackupVolumeHeadersMenuItem - protected - - - OnBackupVolumeHeadersMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Restore Volume Header... - RestoreVolumeHeaderMenuItem - protected - - - OnRestoreVolumeHeaderMenuItemSelected - - - - m_separator9 - none - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Keyfile Generator - CreateKeyfileMenuItem - none - - - OnCreateKeyfileMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Manage Security Token Keyfiles... - ManageSecurityTokenKeyfilesMenuItem - none - - - OnManageSecurityTokenKeyfilesMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Close All Security Token Sessions - CloseAllSecurityTokenSessionsMenuItem - none - - - OnCloseAllSecurityTokenSessionsMenuItemSelected - - - - m_separator10 - none - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Wipe Cached Passwords - WipeCachedPasswordsMenuItem - protected - - - OnWipeCacheButtonClick - - - - - Settin&gs - SettingsMenu - protected - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Hotkeys... - HotkeysMenuItem - protected - - - OnHotkeysMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Default Keyfiles... - DefaultKeyfilesMenuItem - none - - - OnDefaultKeyfilesMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Default Mount Parameters... - DefaultMountParametersMenuItem - none - - - OnDefaultMountParametersMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Security Tokens... - SecurityTokenPreferencesMenuItem - none - - - OnSecurityTokenPreferencesMenuItemSelected - - - - m_separator11 - none - - - - 0 - 1 - - wxID_PREFERENCES - wxITEM_NORMAL - &Preferences... - PreferencesMenuItem - protected - - - OnPreferencesMenuItemSelected - - - - - &Help - HelpMenu - protected - - - 0 - 1 - - wxID_HELP - wxITEM_NORMAL - User's Guide - UserGuideMenuItem - none - - - OnUserGuideMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Online Help - OnlineHelpMenuItem - none - - - OnOnlineHelpMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Beginner's Tutorial - BeginnersTutorialMenuItem - none - - - OnBeginnersTutorialMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Frequently Asked Questions - FaqMenuItem - none - - - OnFaqMenuItemSelected - - - - m_separator12 - none - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - VeraCrypt Website - WebsiteMenuItem - none - - - OnWebsiteMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Downloads - DownloadsMenuItem - none - - - OnDownloadsMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - News - NewsMenuItem - none - - - OnNewsMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Version History - VersionHistoryMenuItem - none - - - OnVersionHistoryMenuItemSelected - - - - m_separator13 - none - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Donate - DonateMenuItem - none - - - OnDonateMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Contact - ContactMenuItem - none - - - OnContactMenuItemSelected - - - - - 0 - 1 - - wxID_ANY - wxITEM_NORMAL - Legal Notices - LegalNoticesMenuItem - none - - - OnLegalNoticesMenuItemSelected - - - - - 0 - 1 - - wxID_ABOUT - wxITEM_NORMAL - About - AboutMenuItem - none - - - OnAboutMenuItemSelected - - - - - - - bSizer1 - wxVERTICAL - none - - 0 - wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - MainPanel - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer2 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - bSizer48 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - wxID_ANY - - - sbSizer1 - wxVERTICAL - none - - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - SlotListCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_SINGLE_SEL|wxLC_VRULES - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - wxSUNKEN_BORDER - - - - - - - - - - - - - - - - - - - - - - - - OnListItemActivated - OnListItemDeselected - - - OnListItemRightClick - OnListItemSelected - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - wxID_ANY - - - LowStaticBoxSizer - wxVERTICAL - protected - - - 2 - wxEXPAND|wxTOP - 0 - - - HigherButtonSizer - wxVERTICAL - protected - - - - 5 - wxEXPAND|wxRIGHT|wxLEFT - 0 - - 3 - 0 - - gSizer1 - none - 1 - 0 - - 5 - - 0 - - 138,34 - bSizer17 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Create Volume - - 0 - - - 0 - -1,-1 - 1 - CreateVolumeButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnCreateVolumeButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_CENTER_HORIZONTAL - 0 - - 138,34 - bSizer18 - wxVERTICAL - none - - 5 - wxALL|wxALIGN_CENTER_HORIZONTAL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Volume Properties... - - 0 - - - 0 - -1,-1 - 1 - VolumePropertiesButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnVolumePropertiesButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_RIGHT - 0 - - 138,34 - bSizer19 - wxVERTICAL - none - - 5 - wxALL|wxALIGN_RIGHT|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Wipe Cache - - 0 - - - 0 - -1,-1 - 1 - WipeCacheButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnWipeCacheButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - - 0 - - 0 - protected - 0 - - - - 5 - wxEXPAND - 1 - - wxID_ANY - Volume - - VolumeStaticBoxSizer - wxVERTICAL - protected - - - 4 - wxEXPAND|wxALL - 1 - - - wxBOTH - 1 - 0 - 0 - - VolumeGridBagSizer - wxFLEX_GROWMODE_SPECIFIED - protected - 0 - - 5 - 1 - 0 - wxALIGN_CENTER_VERTICAL|wxALL - 0 - 2 - - 1 - 1 - 1 - 1 - - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - 42,52 - 1 - LogoBitmap - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxSUNKEN_BORDER - - - - - - - - - OnLogoBitmapClick - - - - - - - - - - - - - - - - - - 5 - 2 - 1 - wxEXPAND|wxALL - 0 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - VolumePathComboBox - 1 - - - protected - 1 - - Resizable - -1 - 1 - - wxCB_DROPDOWN - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 3 - wxEXPAND - 0 - 1 - - 138,34 - bSizer191 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Select &File... - - 0 - - - 0 - -1,-1 - 1 - SelectFileButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnSelectFileButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 1 - wxBOTTOM|wxRIGHT|wxLEFT - 1 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Never save history - - 0 - - - 0 - - 1 - NoHistoryCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnNoHistoryCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 2 - wxALIGN_RIGHT - 1 - 1 - - 138,34 - bSizer20 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Volume &Tools... - - 0 - - - 0 - -1,-1 - 1 - VolumeToolsButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnVolumeToolsButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 3 - wxEXPAND - 1 - 1 - - 138,34 - bSizer21 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Select D&evice... - - 0 - - - 0 - -1,-1 - 1 - SelectDeviceButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnSelectDeviceButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - - 0 - - 0 - protected - 0 - - - - 5 - wxEXPAND - 0 - - 4 - 0 - - gSizer2 - none - 1 - 0 - - 0 - wxEXPAND - 1 - - wxID_ANY - - 139,-1 - sbSizer4 - wxVERTICAL - none - - - 2 - wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Mount - - 0 - - - 0 - -1,32 - 1 - VolumeButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnVolumeButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_CENTER_HORIZONTAL|wxEXPAND - 1 - - wxID_ANY - - -1,-1 - sbSizer41 - wxVERTICAL - none - - - 2 - wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Auto-Mount Devices - - 0 - - - 0 - -1,32 - 1 - MountAllDevicesButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnMountAllDevicesButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_CENTER_HORIZONTAL|wxEXPAND - 1 - - wxID_ANY - - -1,-1 - sbSizer42 - wxVERTICAL - none - - - 2 - wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Di&smount All - - 0 - - - 0 - -1,32 - 1 - DismountAllButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnDismountAllButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_RIGHT|wxEXPAND - 1 - - wxID_ANY - - -1,-1 - sbSizer43 - wxVERTICAL - none - - - 2 - wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - E&xit - - 0 - - - 0 - -1,32 - 1 - ExitButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnExitButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - 800,500 - WizardFrameBase - - -1,-1 - wxCAPTION|wxCLOSE_BOX|wxMINIMIZE_BOX|wxSYSTEM_MENU - - - - - - wxTAB_TRAVERSAL - 1 - OnActivate - - - - - - - - - OnClose - - - - - - - - - - - - - - - - - - - - - - - - - - - - MainSizer - wxVERTICAL - protected - - 5 - wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - MainPanel - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - OnMouseMotion - - - - - - - - - - - - bSizer63 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - bSizer64 - wxVERTICAL - none - - 5 - wxEXPAND|wxRIGHT|wxLEFT - 1 - - wxID_ANY - - - sbSizer27 - wxHORIZONTAL - none - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - WizardBitmap - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxLEFT - 1 - - - bSizer66 - wxVERTICAL - none - - 5 - wxLEFT - 0 - - - bSizer126 - wxHORIZONTAL - none - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - Times New Roman,90,90,16,70,0 - 0 - 0 - wxID_ANY - Page Title - - 0 - - - 0 - - 1 - PageTitleStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxTOP|wxBOTTOM|wxLEFT - 1 - - - PageSizer - wxVERTICAL - protected - - - - - - - - 5 - wxEXPAND|wxALIGN_RIGHT|wxALL - 0 - - - bSizer70 - wxHORIZONTAL - none - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - 5 - wxALL|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_HELP - &Help - - 0 - - - 0 - - 1 - HelpButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnHelpButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxLEFT|wxALIGN_RIGHT - 0 - - 0 - protected - 0 - - - - 5 - wxTOP|wxBOTTOM|wxLEFT|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - < &Prev - - 0 - - - 0 - - 1 - PreviousButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnPreviousButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxTOP|wxBOTTOM|wxRIGHT|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Next > - - 0 - - - 0 - - 1 - NextButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - wxWANTS_CHARS - OnNextButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxLEFT|wxALIGN_RIGHT - 0 - - 0 - protected - 0 - - - - 5 - wxALL|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_CANCEL - Cancel - - 0 - - - 0 - - 1 - CancelButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnCancelButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - AboutDialogBase - - - wxDEFAULT_DIALOG_STYLE - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer116 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - bSizer117 - wxVERTICAL - none - - 5 - wxEXPAND - 0 - - -1,78 - bSizer120 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - 10,108,206 - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - m_panel14 - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer121 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - 0 - protected - 0 - - - - 8 - wxEXPAND|wxLEFT - 0 - - - bSizer122 - wxVERTICAL - none - - 10 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - LogoBitmap - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 15 - wxALL|wxEXPAND - 1 - - - bSizer118 - wxVERTICAL - none - - 5 - wxEXPAND|wxLEFT - 1 - - - bSizer123 - wxVERTICAL - none - - 5 - wxTOP|wxRIGHT|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - VersionStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 3 - wxTOP - 0 - - 0 - protected - 0 - - - - 5 - wxBOTTOM|wxRIGHT|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - CopyrightStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 3 - wxTOP - 0 - - 0 - protected - 0 - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxSYS_COLOUR_WINDOWTEXT - wxID_ANY - - - 0 - - - 0 - - 1 - WebsiteHyperlink - wxSYS_COLOUR_WINDOWTEXT - 1 - - - protected - 1 - - Resizable - 1 - - wxHL_DEFAULT_STYLE - - 0 - - . - wxSYS_COLOUR_WINDOWTEXT - - - - - - - OnWebsiteHyperlinkClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxBOTTOM - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - m_staticline3 - 1 - - - protected - 1 - - Resizable - 1 - - wxLI_HORIZONTAL - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 10 - wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - - 0 - - 1 - CreditsTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxTE_MULTILINE|wxTE_READONLY - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - wxSUNKEN_BORDER - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxTOP - 0 - - 0 - protected - 0 - - - - 3 - wxEXPAND|wxTOP|wxBOTTOM - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - m_staticline4 - 1 - - - protected - 1 - - Resizable - 1 - - wxLI_HORIZONTAL - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxBOTTOM - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - m_staticline5 - 1 - - - protected - 1 - - Resizable - 1 - - wxLI_HORIZONTAL - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 6 - wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT - 0 - - - bSizer119 - wxHORIZONTAL - none - - 5 - wxEXPAND|wxALL - 1 - - 0 - protected - 0 - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_OK - OK - - 0 - - - 0 - - 1 - OKButton - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxLEFT - 0 - - 0 - protected - 0 - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - BenchmarkDialogBase - - - wxDEFAULT_DIALOG_STYLE - - VeraCrypt - Encryption Algorithm Benchmark - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer153 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer154 - wxVERTICAL - none - - 5 - wxEXPAND - 0 - - - bSizer155 - wxHORIZONTAL - none - - 5 - wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Buffer Size: - - 0 - - - 0 - - 1 - m_staticText54 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - BufferSizeChoice - 1 - - - protected - 1 - - Resizable - 0 - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND | wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - m_staticline6 - 1 - - - none - 1 - - Resizable - 1 - - wxLI_HORIZONTAL - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - - bSizer156 - wxHORIZONTAL - none - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - BenchmarkListCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxLC_NO_SORT_HEADER|wxLC_REPORT - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - wxSUNKEN_BORDER - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - - RightSizer - wxVERTICAL - protected - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_OK - Benchmark - - 0 - - - 0 - - 1 - BenchmarkButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnBenchmarkButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_CANCEL - Close - - 0 - - - 0 - - 1 - CancelButton - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxTOP|wxBOTTOM - 0 - - 0 - protected - 0 - - - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - -1,-1 - - 0 - - 1 - BenchmarkNoteStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - ChangePasswordDialogBase - - - wxDEFAULT_DIALOG_STYLE - - - - wxWS_EX_VALIDATE_RECURSIVELY - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer30 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer31 - wxHORIZONTAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer32 - wxVERTICAL - none - - 5 - wxEXPAND - 0 - - wxID_ANY - Current - - CurrentSizer - wxVERTICAL - protected - - - 5 - wxALIGN_LEFT - 0 - - - CurrentPasswordPanelSizer - wxVERTICAL - protected - - - - - - 5 - wxTOP|wxEXPAND - 0 - - wxID_ANY - New - - NewSizer - wxVERTICAL - protected - - - 5 - wxALIGN_LEFT - 0 - - - NewPasswordPanelSizer - wxVERTICAL - protected - - - - - - - - 5 - - 0 - - - bSizer33 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_OK - OK - - 0 - - - 0 - - 1 - OKButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnOKButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_CANCEL - Cancel - - 0 - - - 0 - - 1 - CancelButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - wxBOTH - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - -1,-1 - DeviceSelectionDialogBase - - -1,-1 - wxDEFAULT_DIALOG_STYLE - - Select a Partition or Device - - wxWS_EX_VALIDATE_RECURSIVELY - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer3 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer4 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - DeviceListCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_SINGLE_SEL|wxLC_VRULES - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - wxSUNKEN_BORDER - - - - - - - - - - - - - - - - - - - - - - - - OnListItemActivated - OnListItemDeselected - - - - OnListItemSelected - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - 0 - 1 - 0 - 0 - 0 - 1 - 0 - 0 - - StdButtons - protected - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - EncryptionTestDialogBase - - - wxDEFAULT_DIALOG_STYLE - - VeraCrypt - Test Vectors - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer132 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer133 - wxVERTICAL - none - - 5 - wxALIGN_CENTER_HORIZONTAL - 0 - - - bSizer134 - wxHORIZONTAL - none - - 5 - wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Encryption algorithm: - - 0 - - - 0 - - 1 - m_staticText41 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - EncryptionAlgorithmChoice - 1 - - - protected - 1 - - Resizable - 0 - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnEncryptionAlgorithmSelected - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - XTS mode - - 0 - - - 0 - - 1 - XtsModeCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnXtsModeCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Key (hexadecimal) - - sbSizer38 - wxVERTICAL - none - - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - Courier,90,90,-1,70,0 - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - KeyTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - - bSizer135 - wxHORIZONTAL - none - - 5 - wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Key size: - - 0 - - - 0 - - 1 - m_staticText43 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - KeySizeStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 1 - - wxID_ANY - XTS mode - - sbSizer39 - wxVERTICAL - none - - - 5 - wxTOP|wxRIGHT|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Secondary key (hexadecimal) - - 0 - - - 0 - - 1 - m_staticText45 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - Courier,90,90,-1,70,0 - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - SecondaryKeyTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxTOP|wxRIGHT|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Data unit number (64-bit, data unit size is 512 bytes) - - 0 - - - 0 - - 1 - m_staticText46 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - DataUnitNumberTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxTOP|wxRIGHT|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Block number: - - 0 - - - 0 - - 1 - m_staticText47 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - BlockNumberTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Plaintext (hexadecimal) - - sbSizer40 - wxVERTICAL - none - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - Courier,90,90,-1,70,0 - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - PlainTextTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Ciphertext (hexadecimal) - - sbSizer41 - wxVERTICAL - none - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - Courier,90,90,-1,70,0 - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - CipherTextTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - - bSizer136 - wxHORIZONTAL - none - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Encrypt - - 0 - - - 0 - - 1 - EncryptButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnEncryptButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Decrypt - - 0 - - - 0 - - 1 - DecryptButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnDecryptButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Auto-Test All - - 0 - - - 0 - - 1 - AutoTestAllButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnAutoTestAllButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Reset - - 0 - - - 0 - - 1 - ResetButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnResetButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_CANCEL - Close - - 0 - - - 0 - - 1 - CloseButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - FavoriteVolumesDialogBase - - - wxDEFAULT_DIALOG_STYLE - - Favorite Volumes - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer57 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer60 - wxHORIZONTAL - none - - 5 - wxEXPAND - 1 - - - bSizer58 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - FavoritesListCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VRULES - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - wxSUNKEN_BORDER - - - - - - - - - - - - - - - - - - - - - - - - - OnListItemDeselected - - - - OnListItemSelected - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxRIGHT|wxLEFT - 0 - - 4 - 0 - - gSizer5 - none - 1 - 0 - - 5 - wxEXPAND|wxTOP|wxBOTTOM|wxRIGHT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Move &Up - - 0 - - - 0 - - 1 - MoveUpButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnMoveUpButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxTOP|wxBOTTOM|wxRIGHT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Move &Down - - 0 - - - 0 - - 1 - MoveDownButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnMoveDownButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_RIGHT|wxEXPAND|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Remove - - 0 - - - 0 - - 1 - RemoveButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnRemoveButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Remove &All - - 0 - - - 0 - - 1 - RemoveAllButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnRemoveAllButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - 5 - wxBOTH - 2 - - 0 - - fgSizer4 - wxFLEX_GROWMODE_SPECIFIED - none - 1 - 0 - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - - - - - 5 - wxEXPAND - 0 - - - bSizer59 - wxVERTICAL - none - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_OK - OK - - 0 - - - 0 - - 1 - OKButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnOKButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_CANCEL - Cancel - - 0 - - - 0 - - 1 - CancelButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - KeyfilesDialogBase - - - wxDEFAULT_DIALOG_STYLE - - Select Keyfiles - - wxWS_EX_VALIDATE_RECURSIVELY - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer26 - wxVERTICAL - none - - 5 - wxTOP|wxRIGHT|wxLEFT - 1 - - - UpperSizer - wxHORIZONTAL - protected - - 5 - wxEXPAND - 1 - - - PanelSizer - wxVERTICAL - protected - - - - 5 - wxEXPAND - 0 - - - bSizer22 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_OK - OK - - 0 - - - 0 - - 1 - OKButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_CANCEL - Cancel - - 0 - - - 0 - - 1 - CancelButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - WarningStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT - 0 - - - bSizer23 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - KeyfilesNoteSizer - wxVERTICAL - protected - - 5 - wxEXPAND | wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - m_staticline1 - 1 - - - none - 1 - - Resizable - 1 - - wxLI_HORIZONTAL - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - -1,-1 - - 0 - - 1 - KeyfilesNoteStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND | wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - m_staticline2 - 1 - - - none - 1 - - Resizable - 1 - - wxLI_HORIZONTAL - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - 2 - wxBOTH - 0 - - 0 - - fgSizer2 - wxFLEX_GROWMODE_SPECIFIED - none - 1 - 0 - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxSYS_COLOUR_WINDOWTEXT - wxID_ANY - More information on keyfiles - - 0 - - - 0 - - 1 - KeyfilesHyperlink - wxSYS_COLOUR_WINDOWTEXT - 1 - - - protected - 1 - - Resizable - 1 - - wxHL_DEFAULT_STYLE - - 0 - - - wxSYS_COLOUR_WINDOWTEXT - - - - - - - OnKeyfilesHyperlinkClick - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Generate Random Keyfile... - - 0 - - - 0 - - 1 - CreateKeyfileButtton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnCreateKeyfileButttonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - KeyfileGeneratorDialogBase - - - wxDEFAULT_DIALOG_STYLE - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - OnMouseMotion - - - - - - - - - - - - MainSizer - wxVERTICAL - protected - - 5 - wxEXPAND|wxALL - 1 - - - bSizer144 - wxVERTICAL - none - - 5 - wxEXPAND - 0 - - - bSizer145 - wxHORIZONTAL - none - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Mixing PRF: - - 0 - - - 0 - - 1 - m_staticText49 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - HashChoice - 1 - - - protected - 1 - - Resizable - 0 - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnHashSelected - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - - - 5 - wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT - 1 - - wxID_ANY - - - sbSizer43 - wxVERTICAL - none - - - 5 - wxEXPAND|wxTOP - 0 - - - bSizer147 - wxHORIZONTAL - none - - 5 - wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Random Pool: - - 0 - - - 0 - - 1 - m_staticText52 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - Courier New,90,90,-1,70,0 - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - RandomPoolStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Show - - 0 - - - 0 - - 1 - ShowRandomPoolCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnShowRandomPoolCheckBoxClicked - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - 5 - wxBOTTOM|wxEXPAND|wxTOP - 0 - - wxID_ANY - Randomness Collected From Mouse Movements - - sbSizer45 - wxVERTICAL - none - - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - CollectedEntropy - 1 - - - protected - 1 - - 2560 - Resizable - 1 - - wxGA_HORIZONTAL|wxGA_SMOOTH - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - 5 - wxALL|wxALIGN_CENTER_HORIZONTAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. - - 0 - - - 0 - - 1 - MouseStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - - - 5 - wxALL|wxEXPAND - 1 - - - bSizer162 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - 3 - wxBOTH - 2 - - 0 - - fgSizer8 - wxFLEX_GROWMODE_SPECIFIED - none - 3 - 0 - - 5 - wxALIGN_CENTER_VERTICAL|wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Number of keyfiles: - - 0 - - - 0 - - 1 - m_staticText60 - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - 1 - 9999999 - - 0 - - 1 - - 0 - - 1 - NumberOfKeyfiles - 1 - - - protected - 1 - - Resizable - 1 - - wxSP_ARROW_KEYS - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND | wxALL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - m_panel18 - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_CENTER_VERTICAL|wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Keyfiles size (in Bytes): - - 0 - - - 0 - - 1 - m_staticText63 - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - 64 - 1048576 - - 0 - - 64 - - 0 - - 1 - KeyfilesSize - 1 - - - protected - 1 - - Resizable - 1 - - wxSP_ARROW_KEYS - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_CENTER_VERTICAL|wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Random size (64 <-> 1048576) - - 0 - - - 0 - - 1 - RandomSizeCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnRandomSizeCheckBoxClicked - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_CENTER_VERTICAL|wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Keyfiles base name: - - 0 - - - 0 - - 1 - m_staticText65 - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - - 0 - - 1 - KeyfilesBaseName - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND | wxALL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - m_panel19 - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - - bSizer146 - wxHORIZONTAL - none - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Generate and Save Keyfile... - - 0 - - - 0 - - 1 - GenerateButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnGenerateButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_CANCEL - Close - - 0 - - - 0 - - 1 - m_button61 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - LegalNoticesDialogBase - - - wxDEFAULT_DIALOG_STYLE - - VeraCrypt - Legal Notices - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer114 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer115 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - - 0 - - 1 - LegalNoticesTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxTE_MULTILINE|wxTE_READONLY - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_HORIZONTAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_OK - OK - - 0 - - - 0 - - 1 - OKButton - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - wxBOTH - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - MountOptionsDialogBase - - -1,-1 - wxDEFAULT_DIALOG_STYLE - - Enter VeraCrypt Volume Password - - wxWS_EX_VALIDATE_RECURSIVELY - - - - - - - - - - - - - - - - - - OnInitDialog - - - - - - - - - - - - - - - - - - - - - - - MainSizer - wxVERTICAL - protected - - 5 - wxEXPAND - 1 - - - bSizer19 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 0 - - - bSizer14 - wxHORIZONTAL - none - - 5 - wxEXPAND - 1 - - - PasswordSizer - wxVERTICAL - protected - - - - 5 - wxEXPAND - 0 - - - bSizer9 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_OK - OK - - 0 - - - 0 - - 1 - OKButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnOKButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_CANCEL - Cancel - - 0 - - - 0 - - 1 - CancelButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxTOP|wxEXPAND - 1 - - 0 - protected - 0 - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Op&tions - - 0 - - - 0 - - 1 - OptionsButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnOptionsButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - - bSizer6 - wxVERTICAL - none - - 5 - wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - OptionsPanel - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - wxID_ANY - - - OptionsSizer - wxVERTICAL - protected - - - 5 - wxTOP - 0 - - 0 - protected - 0 - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Mount volume as &read-only - - 0 - - - 0 - - 1 - ReadOnlyCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnReadOnlyCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Mount volume as removable &medium - - 0 - - - 0 - - 1 - RemovableCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Mount partition &using system encryption (preboot authentication) - - 0 - - - 0 - - 1 - PartitionInSystemEncryptionScopeCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 1 - - wxID_ANY - Hidden Volume Protection - - ProtectionSizer - wxVERTICAL - protected - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Protect hidden volume when mounting outer volume - - 0 - - - 0 - - 1 - ProtectionCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnProtectionCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxLEFT - 1 - - - ProtectionPasswordSizer - wxVERTICAL - protected - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxSYS_COLOUR_WINDOWTEXT - wxID_ANY - What is hidden volume protection? - - 0 - - - 0 - - 1 - ProtectionHyperlinkCtrl - wxSYS_COLOUR_WINDOWTEXT - 1 - - - protected - 1 - - Resizable - 1 - - wxHL_DEFAULT_STYLE - - 0 - - - wxSYS_COLOUR_WINDOWTEXT - - - - - - - OnProtectionHyperlinkClick - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - - FilesystemSizer - wxVERTICAL - protected - - 5 - wxEXPAND | wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - m_panel8 - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - wxID_ANY - Filesystem - - sbSizer28 - wxVERTICAL - none - - - 5 - wxEXPAND|wxBOTTOM - 0 - - - bSizer54 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - bSizer55 - wxVERTICAL - none - - 5 - wxTOP|wxRIGHT|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Do &not mount - - 0 - - - 0 - - 1 - NoFilesystemCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnNoFilesystemCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - 0,0 - wxBOTH - 1 - - 0 - - FilesystemOptionsSizer - wxFLEX_GROWMODE_SPECIFIED - protected - 0 - - 5 - 1 - 0 - wxEXPAND|wxTOP - 0 - 1 - - - FilesystemSpacer - wxVERTICAL - protected - - - - 5 - 1 - 0 - wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT - 1 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Mount at directory: - - 0 - - - 0 - - 1 - MountPointTextCtrlStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 1 - wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND - 1 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - MountPointTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 2 - wxALIGN_CENTER_VERTICAL|wxRIGHT|wxLEFT - 1 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Se&lect... - - 0 - - - 0 - - 1 - MountPointButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnMountPointButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 0 - wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxLEFT - 2 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Mount options: - - 0 - - - 0 - - 1 - FilesystemOptionsStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 2 - 1 - wxALIGN_CENTER_VERTICAL|wxEXPAND|wxTOP|wxRIGHT|wxLEFT - 2 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - FilesystemOptionsTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - NewSecurityTokenKeyfileDialogBase - - - wxDEFAULT_DIALOG_STYLE - - New Security Token Keyfile Properties - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer143 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer144 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - wxID_ANY - - - sbSizer42 - wxVERTICAL - none - - - 5 - wxEXPAND|wxTOP - 1 - - 2 - wxBOTH - - - 0 - - fgSizer7 - wxFLEX_GROWMODE_SPECIFIED - none - 2 - 0 - - 5 - wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Security token: - - 0 - - - 0 - - 1 - m_staticText47 - 1 - - - none - 1 - - Resizable - 1 - - wxALIGN_RIGHT - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - SecurityTokenChoice - 1 - - - protected - 1 - - Resizable - 0 - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Keyfile name: - - 0 - - - 0 - - 1 - m_staticText48 - 1 - - - none - 1 - - Resizable - 1 - - wxALIGN_RIGHT - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_CENTER_VERTICAL|wxEXPAND|wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - KeyfileNameTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - OnKeyfileNameChanged - - - - - - - - - - - - 5 - wxALIGN_RIGHT|wxALL - 0 - - 0 - 1 - 0 - 0 - 0 - 1 - 0 - 0 - - StdButtons - protected - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - PreferencesDialogBase - - - wxDEFAULT_DIALOG_STYLE - - Preferences - - wxWS_EX_VALIDATE_RECURSIVELY - - - - - - - - - - - - OnClose - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer32 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer41 - wxVERTICAL - none - - 5 - wxEXPAND | wxALL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - PreferencesNotebook - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Security - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - SecurityPage - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer44 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer33 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Auto-Dismount - - AutoDismountSizer - wxVERTICAL - protected - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Dismount All Volumes When - - sbSizer13 - wxVERTICAL - none - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - User logs off - - 0 - - - 0 - - 1 - DismountOnLogOffCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Screen saver is launched - - 0 - - - 0 - - 1 - DismountOnScreenSaverCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnDismountOnScreenSaverCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - System is entering power saving mode - - 0 - - - 0 - - 1 - DismountOnPowerSavingCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnDismountOnPowerSavingCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - - bSizer34 - wxHORIZONTAL - none - - 5 - wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Auto-dismount volume after no data has been read/written to it for - - 0 - - - 0 - - 1 - DismountOnInactivityCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_CENTER_VERTICAL|wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - 1 - 9999 - - 0 - - 1 - - 0 - 60,-1 - 1 - DismountOnInactivitySpinCtrl - 1 - - - protected - 1 - - Resizable - 1 - -1,-1 - wxSP_ARROW_KEYS - - 0 - - 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxRIGHT - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - minutes - - 0 - - - 0 - - 1 - m_staticText5 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Force auto-dismount even if volume contains open files or directories - - 0 - - - 0 - - 1 - ForceAutoDismountCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnForceAutoDismountCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Filesystem - - FilesystemSecuritySizer - wxVERTICAL - protected - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Preserve modification timestamp of file containers - - 0 - - - 0 - - 1 - PreserveTimestampsCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnPreserveTimestampsCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Password Cache - - sbSizer14 - wxVERTICAL - none - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Wipe after VeraCrypt window has been closed - - 0 - - - 0 - - 1 - WipeCacheOnCloseCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Wipe after volume has been auto-dismounted - - 0 - - - 0 - - 1 - WipeCacheOnAutoDismountCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Mount Options - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - DefaultMountOptionsPage - 1 - - - public - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer46 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer35 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Default Mount Options - - sbSizer15 - wxVERTICAL - none - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Mount volumes as read-only - - 0 - - - 0 - - 1 - MountReadOnlyCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Mount volumes as removable media - - 0 - - - 0 - - 1 - MountRemovableCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Cache passwords in memory - - 0 - - - 0 - - 1 - CachePasswordsCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - TrueCrypt Mode - - 0 - - - 0 - - 1 - TrueCryptModeCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - - bSizer163 - wxHORIZONTAL - none - - 5 - wxALIGN_CENTER_VERTICAL|wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - PKCS5-PRF: - - 0 - - - 0 - - 1 - Pkcs5PrfStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_CENTER_VERTICAL|wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - Pkcs5PrfChoice - 1 - - - protected - 1 - - Resizable - 0 - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Filesystem - - FilesystemSizer - wxVERTICAL - protected - - - 5 - wxEXPAND - 1 - - 2 - wxBOTH - 1 - - 0 - - fgSizer3 - wxFLEX_GROWMODE_SPECIFIED - none - 1 - 0 - - 5 - wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Mount options: - - 0 - - - 0 - - 1 - m_staticText6 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - FilesystemOptionsTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Background Task - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - BackgroundTaskPanel - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer61 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer62 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - VeraCrypt Background Task - - sbSizer18 - wxVERTICAL - none - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Enabled - - 0 - - - 0 - - 1 - BackgroundTaskEnabledCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnBackgroundTaskEnabledCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Exit when there are no mounted volumes - - 0 - - - 0 - - 1 - CloseBackgroundTaskOnNoVolumesCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 1 - - wxID_ANY - Task Icon Menu Items - - sbSizer26 - wxVERTICAL - none - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Mount Favorite Volumes - - 0 - - - 0 - - 1 - BackgroundTaskMenuMountItemsEnabledCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Open Mounted Volumes - - 0 - - - 0 - - 1 - BackgroundTaskMenuOpenItemsEnabledCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Dismount Mounted Volumes - - 0 - - - 0 - - 1 - BackgroundTaskMenuDismountItemsEnabledCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - System Integration - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - SystemIntegrationPage - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer49 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer37 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 0 - - wxID_ANY - Actions to Perform when User Logs On - - LogOnSizer - wxVERTICAL - protected - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Start VeraCrypt Background Task - - 0 - - - 0 - - 1 - StartOnLogonCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Mount favorite volumes - - 0 - - - 0 - - 1 - MountFavoritesOnLogonCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Mount all device-hosted VeraCrypt volumes - - 0 - - - 0 - - 1 - MountDevicesOnLogonCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Filesystem Explorer - - ExplorerSizer - wxVERTICAL - protected - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Open Explorer window for successfully mounted volume - - 0 - - - 0 - - 1 - OpenExplorerWindowAfterMountCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Close all Explorer windows of volume being dismounted - - 0 - - - 0 - - 1 - CloseExplorerWindowsOnDismountCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Kernel Services - - KernelServicesSizer - wxVERTICAL - protected - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Do not use kernel cryptographic services - - 0 - - - 0 - - 1 - NoKernelCryptoCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnNoKernelCryptoCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Performance - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - PerformanceOptionsPage - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer151 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 1 - - - bSizer152 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Hardware Acceleration - - sbSizer44 - wxVERTICAL - none - - - 5 - wxEXPAND - 1 - - - bSizer158 - wxHORIZONTAL - none - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Processor (CPU) in this computer supports hardware acceleration for AES: - - 0 - - - 0 - - 1 - m_staticText57 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - AesHwCpuSupportedStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - wxSUNKEN_BORDER - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxBOTTOM - 0 - - 0 - protected - 0 - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Do not accelerate AES encryption/decryption by using the AES instructions of the processor - - 0 - - - 0 - - 1 - NoHardwareCryptoCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnNoHardwareCryptoCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Keyfiles - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - DefaultKeyfilesPage - 1 - - - public - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer40 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer43 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - wxID_ANY - Default Keyfiles - - bSizer42 - wxVERTICAL - none - - - 5 - wxEXPAND - 1 - - - DefaultKeyfilesSizer - wxVERTICAL - protected - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Use keyfiles by default - - 0 - - - 0 - - 1 - UseKeyfilesCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Security Tokens - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - SecurityTokensPage - 1 - - - public - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer127 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer128 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - PKCS #11 Library Path - - sbSizer36 - wxVERTICAL - none - - - 5 - wxEXPAND - 1 - - - bSizer129 - wxHORIZONTAL - none - - 5 - wxALL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - Pkcs11ModulePathTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Select &Library... - - 0 - - - 0 - - 1 - SelectPkcs11ModuleButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnSelectPkcs11ModuleButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Security Options - - sbSizer37 - wxVERTICAL - none - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Close token session (log out) after a volume is successfully mounted - - 0 - - - 0 - - 1 - CloseSecurityTokenSessionsAfterMountCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Hotkeys - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - HotkeysPage - 1 - - - public - 1 - - Resizable - 1 - - - 0 - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer51 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer38 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - wxID_ANY - System-Wide Hotkeys - - sbSizer21 - wxVERTICAL - none - - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - HotkeyListCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_SINGLE_SEL|wxLC_VRULES - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - wxSUNKEN_BORDER - - - - - - - - - - - - - - - - - - - - - - - - - OnHotkeyListItemDeselected - - - - OnHotkeyListItemSelected - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Shortcut - - sbSizer23 - wxVERTICAL - none - - - 5 - wxALIGN_RIGHT - 1 - - 3 - wxBOTH - - - 0 - - fgSizer4 - wxFLEX_GROWMODE_SPECIFIED - none - 2 - 0 - - 5 - wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Key to assign: - - 0 - - - 0 - - 1 - m_staticText10 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - HotkeyTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Assign - - 0 - - - 0 - - 1 - AssignHotkeyButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnAssignHotkeyButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - 5 - wxEXPAND - 1 - - 4 - 0 - - gSizer4 - none - 1 - 0 - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Control - - 0 - - - 0 - - 1 - HotkeyControlCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Shift - - 0 - - - 0 - - 1 - HotkeyShiftCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Alt - - 0 - - - 0 - - 1 - HotkeyAltCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Win - - 0 - - - 0 - - 1 - HotkeyWinCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Remove - - 0 - - - 0 - - 1 - RemoveHotkeyButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnRemoveHotkeyButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Options - - sbSizer24 - wxVERTICAL - none - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Play system notification sound after mount/dismount - - 0 - - - 0 - - 1 - BeepAfterHotkeyMountDismountCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Display confirmation message box after dismount - - 0 - - - 0 - - 1 - DisplayMessageAfterHotkeyDismountCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - 0 - 1 - 0 - 0 - 0 - 1 - 0 - 0 - - StdButtons - protected - - OnCancelButtonClick - - - - OnOKButtonClick - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - wxBOTH - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - RandomPoolEnrichmentDialogBase - - - wxDEFAULT_DIALOG_STYLE - - VeraCrypt - Random Pool Enrichment - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - OnMouseMotion - - - - - - - - - - - - MainSizer - wxVERTICAL - protected - - 5 - wxEXPAND|wxALL - 1 - - - bSizer144 - wxVERTICAL - none - - 5 - wxEXPAND - 0 - - - bSizer145 - wxHORIZONTAL - none - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Mixing PRF: - - 0 - - - 0 - - 1 - m_staticText49 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - HashChoice - 1 - - - protected - 1 - - Resizable - 0 - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnHashSelected - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - - - 5 - wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT - 1 - - wxID_ANY - - - sbSizer43 - wxVERTICAL - none - - - 5 - wxEXPAND|wxTOP - 0 - - - bSizer147 - wxHORIZONTAL - none - - 5 - wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Random Pool: - - 0 - - - 0 - - 1 - m_staticText52 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - Courier New,90,90,-1,70,0 - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - RandomPoolStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Show - - 0 - - - 0 - - 1 - ShowRandomPoolCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnShowRandomPoolCheckBoxClicked - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - 5 - wxBOTTOM|wxEXPAND|wxTOP - 0 - - wxID_ANY - Randomness Collected From Mouse Movements - - sbSizer45 - wxVERTICAL - none - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - CollectedEntropy - 1 - - - protected - 1 - - 2560 - Resizable - 1 - - wxGA_HORIZONTAL|wxGA_SMOOTH - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - 5 - wxALL|wxALIGN_CENTER_HORIZONTAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. - - 0 - - - 0 - - 1 - MouseStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - - - 5 - wxEXPAND - 0 - - - bSizer146 - wxHORIZONTAL - none - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_OK - &Continue - - 0 - - - 0 - - 1 - ContinueButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - -1,-1 - SecurityTokenKeyfilesDialogBase - - -1,-1 - wxDEFAULT_DIALOG_STYLE - - Security Token Keyfiles - - wxWS_EX_VALIDATE_RECURSIVELY - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer3 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer138 - wxHORIZONTAL - none - - 5 - wxEXPAND - 1 - - - bSizer142 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - SecurityTokenKeyfileListCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VRULES - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - wxSUNKEN_BORDER - - - - - - - - - - - - - - - - - - - - - - - - OnListItemActivated - OnListItemDeselected - - - - OnListItemSelected - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - - bSizer141 - wxHORIZONTAL - none - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Export... - - 0 - - - 0 - - 1 - ExportButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnExportButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Delete - - 0 - - - 0 - - 1 - DeleteButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnDeleteButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxLEFT - 1 - - 0 - protected - 0 - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Import Keyfile to Token... - - 0 - - - 0 - - 1 - ImportButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnImportButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - - bSizer139 - wxVERTICAL - none - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_OK - OK - - 0 - - - 0 - - 1 - OKButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnOKButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_CANCEL - Cancel - - 0 - - - 0 - - 1 - CancelButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - VolumePropertiesDialogBase - - - wxDEFAULT_DIALOG_STYLE - - Volume Properties - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer49 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - - bSizer50 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - PropertiesListCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VRULES - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - wxSUNKEN_BORDER - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_HORIZONTAL - 0 - - 0 - 0 - 0 - 0 - 0 - 1 - 0 - 0 - - StdButtons - protected - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - 1 - 1 - impl_virtual - - - 0 - wxID_ANY - - - EncryptionOptionsWizardPageBase - - -1,-1 - WizardPage; WizardPage.h - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer93 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - bSizer94 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - bSizer95 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - wxID_ANY - Encryption Algorithm - - sbSizer29 - wxVERTICAL - none - - - 5 - wxEXPAND - 0 - - - bSizer96 - wxHORIZONTAL - none - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - EncryptionAlgorithmChoice - 1 - - - protected - 1 - - Resizable - 0 - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnEncryptionAlgorithmSelected - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Test - - 0 - - - 0 - - 1 - TestButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnTestButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - EncryptionAlgorithmStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - - bSizer97 - wxHORIZONTAL - none - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxSYS_COLOUR_WINDOWTEXT - wxID_ANY - More information - - 0 - - - 0 - - 1 - EncryptionAlgorithmHyperlink - wxSYS_COLOUR_WINDOWTEXT - 1 - - - protected - 1 - - Resizable - 1 - - wxHL_DEFAULT_STYLE - - 0 - - - wxSYS_COLOUR_WINDOWTEXT - - - - - - - OnEncryptionAlgorithmHyperlinkClick - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - 0 - protected - 0 - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Benchmark - - 0 - - - 0 - - 1 - BenchmarkButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnBenchmarkButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Hash Algorithm - - sbSizer30 - wxHORIZONTAL - none - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - HashChoice - 1 - - - protected - 1 - - Resizable - 0 - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxSYS_COLOUR_WINDOWTEXT - wxID_ANY - Information on hash algorithms - - 0 - - - 0 - - 1 - HashHyperlink - wxSYS_COLOUR_WINDOWTEXT - 1 - - - protected - 1 - - Resizable - 1 - - wxHL_DEFAULT_STYLE - - 0 - - - wxSYS_COLOUR_WINDOWTEXT - - - - - - - OnHashHyperlinkClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - 1 - 1 - impl_virtual - - - 0 - wxID_ANY - - - InfoWizardPageBase - - -1,-1 - WizardPage; WizardPage.h - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer71 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - InfoPageSizer - wxVERTICAL - protected - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - InfoStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - 1 - 1 - impl_virtual - - - 0 - wxID_ANY - - 500,300 - KeyfilesPanelBase - - -1,-1 - - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer19 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - bSizer20 - wxHORIZONTAL - none - - 5 - wxEXPAND - 1 - - - bSizer21 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - KeyfilesListCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxLC_NO_SORT_HEADER|wxLC_REPORT - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - wxSUNKEN_BORDER - - - - - - - - - - - - - - - - - - - - - - - - - OnListItemDeselected - - - - OnListItemSelected - - - - - - - - - - - - - OnListSizeChanged - - - - - 5 - wxEXPAND - 0 - - - bSizer137 - wxHORIZONTAL - none - - 5 - wxEXPAND|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Add &Files... - - 0 - - - 0 - - 1 - AddFilesButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnAddFilesButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Add &Path... - - 0 - - - 0 - - 1 - AddDirectoryButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnAddDirectoryButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Add &Token Files... - - 0 - - - 0 - - 1 - AddSecurityTokenSignatureButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnAddSecurityTokenSignatureButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Remove - - 0 - - - 0 - - 1 - RemoveButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnRemoveButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Remove &All - - 0 - - - 0 - - 1 - RemoveAllButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnRemoveAllButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - 1 - 1 - impl_virtual - - - 0 - wxID_ANY - - - ProgressWizardPageBase - - -1,-1 - WizardPage; WizardPage.h - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer81 - wxVERTICAL - none - - 5 - wxEXPAND - 0 - - - bSizer82 - wxVERTICAL - none - - 5 - wxEXPAND - 0 - - - ProgressSizer - wxHORIZONTAL - protected - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - -1,-1 - 1 - ProgressGauge - 1 - - - protected - 1 - - 100 - Resizable - 1 - -1,-1 - wxGA_HORIZONTAL|wxGA_SMOOTH - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxTOP|wxBOTTOM|wxRIGHT|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 0 - - 1 - - 0 - 0 - wxID_ANY - &Abort - - 0 - - - 0 - - 1 - AbortButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnAbortButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - InfoStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - 1 - 1 - impl_virtual - - - 0 - wxID_ANY - - 200,65 - SelectDirectoryWizardPageBase - - -1,-1 - WizardPage; WizardPage.h - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer68 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - bSizer69 - wxVERTICAL - none - - 5 - wxEXPAND - 0 - - - bSizer70 - wxHORIZONTAL - none - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - DirectoryTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - OnDirectoryTextChanged - - - - - - - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Browse... - - 0 - - - 0 - - 1 - BrowseButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnBrowseButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - InfoStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - 300 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - 1 - 1 - impl_virtual - - - 0 - wxID_ANY - - - SingleChoiceWizardPageBase - - -1,-1 - WizardPage; WizardPage.h - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer71 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - bSizer77 - wxVERTICAL - none - - 5 - wxEXPAND|wxTOP - 0 - - 0 - protected - 0 - - - - 5 - wxEXPAND - 0 - - - OuterChoicesSizer - wxVERTICAL - protected - - 5 - wxEXPAND - 0 - - - ChoicesSizer - wxVERTICAL - protected - - - - - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - InfoStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - 1 - 1 - impl_virtual - - - 0 - wxID_ANY - - - VolumeCreationProgressWizardPageBase - - -1,-1 - WizardPage; WizardPage.h - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer104 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - bSizer105 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 0 - - wxID_ANY - - - sbSizer31 - wxVERTICAL - none - - - 30 - wxEXPAND - 1 - - - KeySamplesUpperSizer - wxVERTICAL - protected - - 3 - wxEXPAND|wxTOP - 1 - - - KeySamplesUpperInnerSizer - wxVERTICAL - protected - - - - - - 5 - wxEXPAND - 0 - - 2 - wxBOTH - - - 0 - - fgSizer5 - wxFLEX_GROWMODE_SPECIFIED - none - 3 - 0 - - 5 - wxALL|wxALIGN_RIGHT|wxALIGN_BOTTOM - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Random Pool: - - 0 - - - 0 - - 1 - m_staticText25 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALIGN_BOTTOM - 1 - - - bSizer126 - wxHORIZONTAL - none - - 7 - wxEXPAND|wxTOP|wxRIGHT|wxALIGN_BOTTOM - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - Courier New,90,90,-1,70,0 - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - RandomPoolSampleStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxRIGHT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Show - - 0 - - - 0 - - 1 - DisplayKeysCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnDisplayKeysCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_RIGHT|wxBOTTOM|wxRIGHT|wxLEFT|wxALIGN_BOTTOM - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Header Key: - - 0 - - - 0 - - 1 - m_staticText28 - 1 - - - none - 1 - - Resizable - 1 - -1,-1 - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 2 - wxALIGN_BOTTOM|wxEXPAND|wxTOP|wxRIGHT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - Courier New,90,90,-1,70,0 - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - HeaderKeySampleStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_RIGHT|wxBOTTOM|wxRIGHT|wxLEFT|wxALIGN_BOTTOM - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Master Key: - - 0 - - - 0 - - 1 - m_staticText29 - 1 - - - none - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 2 - wxEXPAND|wxALIGN_BOTTOM|wxTOP|wxRIGHT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - Courier New,90,90,-1,70,0 - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - MasterKeySampleStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxLEFT|wxRIGHT - 0 - - wxID_ANY - Randomness Collected From Mouse Movements - - sbSizer45 - wxVERTICAL - none - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - CollectedEntropy - 1 - - - protected - 1 - - 2560 - Resizable - 1 - - wxGA_HORIZONTAL|wxGA_SMOOTH - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT - 0 - - wxID_ANY - - - sbSizer32 - wxVERTICAL - none - - - 5 - wxEXPAND - 0 - - - bSizer106 - wxHORIZONTAL - none - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - -1,-1 - 1 - ProgressGauge - 1 - - - protected - 1 - - 100 - Resizable - 1 - - wxGA_HORIZONTAL|wxGA_SMOOTH - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALIGN_CENTER_VERTICAL|wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Abort - - 0 - - - 0 - - 1 - AbortButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnAbortButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2 - wxEXPAND|wxTOP - 0 - - 3 - 0 - - gSizer6 - none - 1 - 0 - - 5 - wxALIGN_CENTER_VERTICAL|wxEXPAND - 1 - - - bSizer108 - wxHORIZONTAL - none - - 5 - wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Done - - 0 - - - 0 - - 1 - m_staticText31 - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALIGN_CENTER_VERTICAL|wxALL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - -1,-1 - 1 - m_panel12 - 1 - - - protected - 1 - - Resizable - 1 - -1,-1 - - 0 - - - - wxSUNKEN_BORDER - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer115 - wxHORIZONTAL - none - - 3 - wxALIGN_CENTER_VERTICAL|wxEXPAND|wxALL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - SizeDoneStaticText - 1 - - - protected - 1 - - Resizable - 1 - - wxALIGN_RIGHT|wxST_NO_AUTORESIZE - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALIGN_CENTER_VERTICAL|wxALIGN_CENTER_HORIZONTAL - 1 - - - bSizer1081 - wxHORIZONTAL - none - - 5 - wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Speed - - 0 - - - 0 - - 1 - m_staticText311 - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND|wxALIGN_CENTER_VERTICAL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - m_panel121 - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxSUNKEN_BORDER - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer1151 - wxHORIZONTAL - none - - 3 - wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - SpeedStaticText - 1 - - - protected - 1 - - Resizable - 1 - - wxALIGN_RIGHT|wxST_NO_AUTORESIZE - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT - 1 - - - bSizer1082 - wxHORIZONTAL - none - - 5 - wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Left - - 0 - - - 0 - - 1 - m_staticText312 - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - m_panel122 - 1 - - - protected - 1 - - Resizable - 1 - - - 0 - - - - wxSUNKEN_BORDER|wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer1152 - wxHORIZONTAL - none - - 3 - wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - TimeLeftStaticText - 1 - - - protected - 1 - - Resizable - 1 - - wxALIGN_RIGHT|wxST_NO_AUTORESIZE - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxBOTTOM|wxLEFT|wxRIGHT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - InfoStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - 1 - 1 - impl_virtual - - - 0 - wxID_ANY - - - VolumeLocationWizardPageBase - - -1,-1 - WizardPage; WizardPage.h - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer86 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - bSizer87 - wxVERTICAL - none - - 5 - wxEXPAND|wxTOP - 0 - - 0 - protected - 0 - - - - 5 - wxEXPAND - 0 - - - bSizer88 - wxHORIZONTAL - none - - 5 - wxEXPAND - 1 - - - bSizer89 - wxVERTICAL - none - - 5 - wxEXPAND - 0 - - - bSizer126 - wxHORIZONTAL - none - - 5 - wxALL|wxALIGN_CENTER_VERTICAL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - -1,-1 - 1 - VolumePathComboBox - 1 - - - protected - 1 - - Resizable - -1 - 1 - - wxCB_DROPDOWN - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - OnVolumePathTextChanged - - - - - - 5 - wxALIGN_CENTER_VERTICAL - 0 - - - bSizer90 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Select &File... - - 0 - - - 0 - -1,-1 - 1 - SelectFileButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnSelectFileButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Select D&evice... - - 0 - - - 0 - -1,-1 - 1 - SelectDeviceButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnSelectDeviceButtonClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 0 - - - bSizer91 - wxHORIZONTAL - none - - 5 - wxLEFT - 0 - - 0 - protected - 0 - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Never save history - - 0 - - - 0 - - 1 - NoHistoryCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnNoHistoryCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxBOTTOM - 0 - - 0 - protected - 0 - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - InfoStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - 1 - 1 - impl_virtual - - - 0 - wxID_ANY - - - VolumeFormatOptionsWizardPageBase - - -1,-1 - WizardPage; WizardPage.h - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer124 - wxVERTICAL - none - - 5 - wxEXPAND - 0 - - - bSizer125 - wxVERTICAL - none - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Filesystem Options - - sbSizer33 - wxVERTICAL - none - - - 5 - wxEXPAND - 1 - - 2 - wxBOTH - - - 0 - - fgSizer6 - wxFLEX_GROWMODE_SPECIFIED - none - 2 - 0 - - 5 - wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Filesystem type: - - 0 - - - 0 - - 1 - m_staticText43 - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - FilesystemTypeChoice - 1 - - - protected - 1 - - Resizable - 0 - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnFilesystemTypeSelected - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxALL - 0 - - wxID_ANY - Volume Format Options - - sbSizer34 - wxVERTICAL - none - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Quick format - - 0 - - - 0 - - 1 - QuickFormatCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnQuickFormatCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxTOP|wxBOTTOM - 1 - - 0 - protected - 0 - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - InfoStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - 1 - 1 - impl_virtual - - - 0 - wxID_ANY - - - VolumePasswordPanelBase - - -1,-1 - - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer7 - wxVERTICAL - none - - 5 - wxALL|wxEXPAND - 1 - - 0,0 - wxBOTH - 1 - - 0 - - GridBagSizer - wxFLEX_GROWMODE_SPECIFIED - protected - 0 - - 5 - 1 - 0 - wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxBOTTOM|wxRIGHT - 1 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Password: - - 0 - - - 0 - - 1 - PasswordStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 2 - 1 - wxBOTTOM|wxALIGN_CENTER_VERTICAL|wxEXPAND - 1 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 1 - - 0 - 232,-1 - 1 - PasswordTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxTE_PASSWORD - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - OnTextChanged - - - - - - - - 5 - 1 - 0 - wxBOTTOM|wxRIGHT|wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT - 2 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Confirm password: - - 0 - - - 0 - - 1 - ConfirmPasswordStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 2 - 1 - wxBOTTOM|wxALIGN_CENTER_VERTICAL|wxEXPAND - 2 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 1 - - 0 - 232,-1 - 1 - ConfirmPasswordTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxTE_PASSWORD - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - OnTextChanged - - - - - - - - 5 - 1 - 0 - wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxBOTTOM|wxRIGHT - 3 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Volume PIM: - - 0 - - - 0 - - 1 - VolumePimStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 1 - wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxEXPAND - 3 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 7 - - 0 - - 1 - VolumePimTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxTE_PASSWORD - - 0 - - - wxFILTER_NUMERIC - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - OnPimChanged - - - - - - - - 5 - 1 - 2 - wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxBOTTOM|wxLEFT|wxRIGHT - 3 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - (Empty or 0 for default iterations) - - 0 - - - 0 - - 1 - VolumePimHelpStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 2 - 1 - wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL - 4 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Use PIM - - 0 - - - 0 - - 1 - PimCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnUsePimCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 2 - 1 - wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL - 5 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Cach&e passwords and keyfiles in memory - - 0 - - - 0 - - 1 - CacheCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 2 - 1 - wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL - 6 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Display password - - 0 - - - 0 - - 1 - DisplayPasswordCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnDisplayPasswordCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 1 - wxTOP|wxRIGHT|wxLEFT - 7 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - U&se keyfiles - - 0 - - - 0 - - 1 - UseKeyfilesCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnUseKeyfilesCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 2 - wxALIGN_RIGHT|wxALIGN_BOTTOM|wxLEFT - 7 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Keyfiles... - - 0 - - - 0 - - 1 - KeyfilesButton - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - OnKeyfilesButtonClick - - - - - - - - - - - - - - - - - - - OnKeyfilesButtonRightDown - OnKeyfilesButtonRightClick - - - - - - - 5 - 1 - 1 - wxEXPAND|wxTOP|wxBOTTOM - 8 - 1 - - - Pkcs5PrfSizer - wxVERTICAL - protected - - - - 5 - 1 - 0 - wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL|wxRIGHT - 9 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - PKCS-5 PRF: - - 0 - - - 0 - - 1 - Pkcs5PrfStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 1 - wxALIGN_CENTER_VERTICAL|wxLEFT - 9 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - "Unchanged" - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - -1,-1 - - 0 - -1,-1 - 1 - Pkcs5PrfChoice - 1 - - - protected - 1 - - Resizable - 0 - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 2 - wxALIGN_CENTER_VERTICAL|wxLEFT - 9 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - TrueCrypt Mode - - 0 - - - 0 - - 1 - TrueCryptModeCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnTrueCryptModeChecked - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 0 - wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxRIGHT - 10 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Header Wipe: - - 0 - - - 0 - - 1 - HeaderWipeCountText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 1 - 1 - wxALL - 10 - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - "1-pass" "3-pass" "7-pass" "35-pass" "256-pass" - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - HeaderWipeCount - 1 - - - protected - 1 - - Resizable - 1 - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - 2 - 1 - wxTOP|wxEXPAND - 11 - 1 - - - PasswordPlaceholderSizer - wxVERTICAL - protected - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - 1 - 1 - impl_virtual - - - 0 - wxID_ANY - - - VolumePasswordWizardPageBase - - -1,-1 - WizardPage; WizardPage.h - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer101 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - bSizer102 - wxVERTICAL - none - - 5 - wxEXPAND - 0 - - - PasswordPanelSizer - wxVERTICAL - protected - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - InfoStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - 1 - 1 - impl_virtual - - - 0 - wxID_ANY - - - VolumePimWizardPageBase - - -1,-1 - WizardPage; WizardPage.h - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer101 - wxVERTICAL - none - - 5 - wxEXPAND - 1 - - - bSizer102 - wxVERTICAL - none - - 5 - wxEXPAND - 0 - - - PimPanelSizer - wxVERTICAL - protected - - 5 - wxEXPAND - 1 - - - PimSizer - wxHORIZONTAL - protected - - 5 - wxALIGN_CENTER_VERTICAL|wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - Volume PIM: - - 0 - - - 0 - - 1 - VolumePimStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 7 - - 0 - - 1 - VolumePimTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - wxTE_PASSWORD - - 0 - - - wxFILTER_NUMERIC - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - OnPimChanged - - - - - - - - 5 - wxALIGN_CENTER_VERTICAL|wxALL - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - (Empty or 0 for default iterations) - - 0 - - - 0 - - 1 - VolumePimHelpStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND - 1 - - - bSizer166 - wxHORIZONTAL - none - - 5 - wxALL|wxEXPAND - 1 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - &Display PIM - - 0 - - - 0 - - 1 - DisplayPimCheckBox - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnDisplayPimCheckBoxClick - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - InfoStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - - 1 - 1 - impl_virtual - - - 0 - wxID_ANY - - - VolumeSizeWizardPageBase - - -1,-1 - WizardPage; WizardPage.h - - - - wxTAB_TRAVERSAL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - bSizer98 - wxVERTICAL - none - - 5 - wxEXPAND - 0 - - - bSizer99 - wxVERTICAL - none - - 5 - wxEXPAND|wxTOP|wxBOTTOM - 0 - - 0 - protected - 0 - - - - 5 - wxEXPAND - 0 - - - bSizer100 - wxHORIZONTAL - none - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - 0 - - 0 - - 1 - VolumeSizeTextCtrl - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - - - - - - - - - - - - - - - - - - - - - - - OnVolumeSizeTextChanged - - - - - - - - 5 - wxALL - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - VolumeSizePrefixChoice - 1 - - - protected - 1 - - Resizable - 0 - 1 - - - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - - - - - OnVolumeSizePrefixSelected - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxTOP|wxBOTTOM - 0 - - 0 - protected - 0 - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - FreeSpaceStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxEXPAND|wxTOP|wxBOTTOM - 0 - - 0 - protected - 0 - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - - 0 - - - 0 - - 1 - InfoStaticText - 1 - - - protected - 1 - - Resizable - 1 - - - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 0 - wxAUI_MGR_DEFAULT - - wxBOTH - - 1 - 1 - impl_virtual - - - - 0 - wxID_ANY - - - WaitDialogBase - - -1,-1 - wxCAPTION - - VeraCrypt - - - - - - - - - - - - - - OnWaitDialogClose - - - - - - OnWaitDialogInit - - - - - - - - - - - - - - - - - - - - - - - bSizer160 - wxVERTICAL - none - - 5 - wxALIGN_CENTER_HORIZONTAL|wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - MyLabel - - 0 - - - 0 - - 1 - WaitStaticText - 1 - - - protected - 1 - - Resizable - 1 - - wxALIGN_CENTRE - - 0 - - - - - -1 - - - - - - - - - - - - - - - - - - - - - - - - - - - 5 - wxALL|wxEXPAND - 0 - - 1 - 1 - 1 - 1 - - - - - - - - 1 - 0 - 1 - - 1 - 0 - Dock - 0 - Left - 1 - - 1 - - 0 - 0 - wxID_ANY - - 0 - - - 0 - - 1 - WaitProgessBar - 1 - - - protected - 1 - - 100 - Resizable - 1 - - wxGA_HORIZONTAL|wxGA_SMOOTH - - 0 - - - wxFILTER_NONE - wxDefaultValidator - - 0 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + C++ + 1 + source_name + 0 + 0 + res + UTF-8 + connect + Forms + 1000 + none + 1 + VeraCrypt + "VeraCrypt" + . + #include "System.h" + 1 + 1 + 1 + 1 + UI + 1 + 0 + + 0 + wxAUI_MGR_DEFAULT + + wxBOTH + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + -1,496 + MainFrameBase + + -1,-1 + wxCAPTION|wxCLOSE_BOX|wxMINIMIZE_BOX|wxSYSTEM_MENU + + VeraCrypt + + + + wxTAB_TRAVERSAL + 1 + OnActivate + + + + + + + + + OnClose + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 1 + 1 + + + 0 + wxID_ANY + MainMenuBar + + + MainMenuBar + protected + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + &Volumes + VolumesMenu + protected + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Create New Volume... + CreateNewVolumeMenuItem + none + + + OnCreateVolumeButtonClick + + + + m_separator1 + none + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Mount Volume + MountVolumeMenuItem + protected + + + OnMountVolumeMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Auto-Mount All Device-Hosted Volumes + AutoMountDevicesMenuItem + none + + + OnMountAllDevicesButtonClick + + + + m_separator2 + none + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Dismount Volume + DismountVolumeMenuItem + protected + + + OnDismountVolumeMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Dismount All Mounted Volumes + DismountAllMenuItem + protected + + + OnDismountAllButtonClick + + + + m_separator3 + none + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Change Volume Password... + ChangePasswordMenuItem + none + + + OnChangePasswordMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Change Header Key Derivation Algorithm... + ChangePkcs5PrfMenuItem + none + + + OnChangePkcs5PrfMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Add/Remove Keyfiles to/from Volume... + ChangeKeyfilesMenuItem + none + + + OnChangeKeyfilesMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Remove All Keyfiles from Volume... + RemoveKeyfilesMenuItem + none + + + OnRemoveKeyfilesMenuItemSelected + + + + m_separator4 + none + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Volume Properties... + VolumePropertiesMenuItem + protected + + + OnVolumePropertiesButtonClick + + + + + &Favorites + FavoritesMenu + protected + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Add Selected Volume to Favorites... + AddToFavoritesMenuItem + protected + + + OnAddToFavoritesMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Add All Mounted Volumes to Favorites... + AddAllMountedToFavoritesMenuItem + protected + + + OnAddAllMountedToFavoritesMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Organize Favorite Volumes... + OrganizeFavoritesMenuItem + none + + + OnOrganizeFavoritesMenuItemSelected + + + + m_separator5 + none + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Mount Favorite Volumes + MountAllFavoritesMenuItem + none + + + OnMountAllFavoritesMenuItemSelected + + + + m_separator6 + none + + + + T&ools + ToolsMenu + protected + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Benchmark... + BenchmarkMenuItem + none + + + OnBenchmarkMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Test Vectors... + EncryptionTestMenuItem + none + + + OnEncryptionTestMenuItemSelected + + + + m_separator7 + none + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Volume Creation Wizard + VolumeCreationWizardMenuItem + none + + + OnCreateVolumeButtonClick + + + + m_separator8 + none + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Backup Volume Header... + BackupVolumeHeadersMenuItem + protected + + + OnBackupVolumeHeadersMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Restore Volume Header... + RestoreVolumeHeaderMenuItem + protected + + + OnRestoreVolumeHeaderMenuItemSelected + + + + m_separator9 + none + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Keyfile Generator + CreateKeyfileMenuItem + none + + + OnCreateKeyfileMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Manage Security Token Keyfiles... + ManageSecurityTokenKeyfilesMenuItem + none + + + OnManageSecurityTokenKeyfilesMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Close All Security Token Sessions + CloseAllSecurityTokenSessionsMenuItem + none + + + OnCloseAllSecurityTokenSessionsMenuItemSelected + + + + m_separator10 + none + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Wipe Cached Passwords + WipeCachedPasswordsMenuItem + protected + + + OnWipeCacheButtonClick + + + + + Settin&gs + SettingsMenu + protected + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Hotkeys... + HotkeysMenuItem + protected + + + OnHotkeysMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Default Keyfiles... + DefaultKeyfilesMenuItem + none + + + OnDefaultKeyfilesMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Default Mount Parameters... + DefaultMountParametersMenuItem + none + + + OnDefaultMountParametersMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Security Tokens... + SecurityTokenPreferencesMenuItem + none + + + OnSecurityTokenPreferencesMenuItemSelected + + + + m_separator11 + none + + + + 0 + 1 + + wxID_PREFERENCES + wxITEM_NORMAL + &Preferences... + PreferencesMenuItem + protected + + + OnPreferencesMenuItemSelected + + + + + &Help + HelpMenu + protected + + + 0 + 1 + + wxID_HELP + wxITEM_NORMAL + User's Guide + UserGuideMenuItem + none + + + OnUserGuideMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Online Help + OnlineHelpMenuItem + none + + + OnOnlineHelpMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Beginner's Tutorial + BeginnersTutorialMenuItem + none + + + OnBeginnersTutorialMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Frequently Asked Questions + FaqMenuItem + none + + + OnFaqMenuItemSelected + + + + m_separator12 + none + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + VeraCrypt Website + WebsiteMenuItem + none + + + OnWebsiteMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Downloads + DownloadsMenuItem + none + + + OnDownloadsMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + News + NewsMenuItem + none + + + OnNewsMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Version History + VersionHistoryMenuItem + none + + + OnVersionHistoryMenuItemSelected + + + + m_separator13 + none + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Donate + DonateMenuItem + none + + + OnDonateMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Contact + ContactMenuItem + none + + + OnContactMenuItemSelected + + + + + 0 + 1 + + wxID_ANY + wxITEM_NORMAL + Legal Notices + LegalNoticesMenuItem + none + + + OnLegalNoticesMenuItemSelected + + + + + 0 + 1 + + wxID_ABOUT + wxITEM_NORMAL + About + AboutMenuItem + none + + + OnAboutMenuItemSelected + + + + + + + bSizer1 + wxVERTICAL + none + + 0 + wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + MainPanel + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer2 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + bSizer48 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + wxID_ANY + + + sbSizer1 + wxVERTICAL + none + + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + SlotListCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_SINGLE_SEL|wxLC_VRULES + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + wxSUNKEN_BORDER + + + + + + + + + + + + + + + + + + + + + + + + OnListItemActivated + OnListItemDeselected + + + OnListItemRightClick + OnListItemSelected + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + wxID_ANY + + + LowStaticBoxSizer + wxVERTICAL + protected + + + 2 + wxEXPAND|wxTOP + 0 + + + HigherButtonSizer + wxVERTICAL + protected + + + + 5 + wxEXPAND|wxRIGHT|wxLEFT + 0 + + 3 + 0 + + gSizer1 + none + 1 + 0 + + 5 + + 0 + + 138,34 + bSizer17 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Create Volume + + 0 + + + 0 + -1,-1 + 1 + CreateVolumeButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnCreateVolumeButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_CENTER_HORIZONTAL + 0 + + 138,34 + bSizer18 + wxVERTICAL + none + + 5 + wxALL|wxALIGN_CENTER_HORIZONTAL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Volume Properties... + + 0 + + + 0 + -1,-1 + 1 + VolumePropertiesButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnVolumePropertiesButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_RIGHT + 0 + + 138,34 + bSizer19 + wxVERTICAL + none + + 5 + wxALL|wxALIGN_RIGHT|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Wipe Cache + + 0 + + + 0 + -1,-1 + 1 + WipeCacheButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnWipeCacheButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + + 0 + + 0 + protected + 0 + + + + 5 + wxEXPAND + 1 + + wxID_ANY + Volume + + VolumeStaticBoxSizer + wxVERTICAL + protected + + + 4 + wxEXPAND|wxALL + 1 + + + wxBOTH + 1 + 0 + 0 + + VolumeGridBagSizer + wxFLEX_GROWMODE_SPECIFIED + protected + 0 + + 5 + 1 + 0 + wxALIGN_CENTER_VERTICAL|wxALL + 0 + 2 + + 1 + 1 + 1 + 1 + + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + 42,52 + 1 + LogoBitmap + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxSUNKEN_BORDER + + + + + + + + + OnLogoBitmapClick + + + + + + + + + + + + + + + + + + 5 + 2 + 1 + wxEXPAND|wxALL + 0 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + VolumePathComboBox + 1 + + + protected + 1 + + Resizable + -1 + 1 + + wxCB_DROPDOWN + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 3 + wxEXPAND + 0 + 1 + + 138,34 + bSizer191 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Select &File... + + 0 + + + 0 + -1,-1 + 1 + SelectFileButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnSelectFileButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 1 + wxBOTTOM|wxRIGHT|wxLEFT + 1 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Never save history + + 0 + + + 0 + + 1 + NoHistoryCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnNoHistoryCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 2 + wxALIGN_RIGHT + 1 + 1 + + 138,34 + bSizer20 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Volume &Tools... + + 0 + + + 0 + -1,-1 + 1 + VolumeToolsButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnVolumeToolsButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 3 + wxEXPAND + 1 + 1 + + 138,34 + bSizer21 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Select D&evice... + + 0 + + + 0 + -1,-1 + 1 + SelectDeviceButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnSelectDeviceButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + + 0 + + 0 + protected + 0 + + + + 5 + wxEXPAND + 0 + + 4 + 0 + + gSizer2 + none + 1 + 0 + + 0 + wxEXPAND + 1 + + wxID_ANY + + 139,-1 + sbSizer4 + wxVERTICAL + none + + + 2 + wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Mount + + 0 + + + 0 + -1,32 + 1 + VolumeButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnVolumeButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_CENTER_HORIZONTAL|wxEXPAND + 1 + + wxID_ANY + + -1,-1 + sbSizer41 + wxVERTICAL + none + + + 2 + wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Auto-Mount Devices + + 0 + + + 0 + -1,32 + 1 + MountAllDevicesButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnMountAllDevicesButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_CENTER_HORIZONTAL|wxEXPAND + 1 + + wxID_ANY + + -1,-1 + sbSizer42 + wxVERTICAL + none + + + 2 + wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Di&smount All + + 0 + + + 0 + -1,32 + 1 + DismountAllButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnDismountAllButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_RIGHT|wxEXPAND + 1 + + wxID_ANY + + -1,-1 + sbSizer43 + wxVERTICAL + none + + + 2 + wxALIGN_CENTER_HORIZONTAL|wxEXPAND|wxTOP + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + E&xit + + 0 + + + 0 + -1,32 + 1 + ExitButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnExitButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + 800,500 + WizardFrameBase + + -1,-1 + wxCAPTION|wxCLOSE_BOX|wxMINIMIZE_BOX|wxSYSTEM_MENU + + + + + + wxTAB_TRAVERSAL + 1 + OnActivate + + + + + + + + + OnClose + + + + + + + + + + + + + + + + + + + + + + + + + + + + MainSizer + wxVERTICAL + protected + + 5 + wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + MainPanel + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + OnMouseMotion + + + + + + + + + + + + bSizer63 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + bSizer64 + wxVERTICAL + none + + 5 + wxEXPAND|wxRIGHT|wxLEFT + 1 + + wxID_ANY + + + sbSizer27 + wxHORIZONTAL + none + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + WizardBitmap + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxLEFT + 1 + + + bSizer66 + wxVERTICAL + none + + 5 + wxLEFT + 0 + + + bSizer126 + wxHORIZONTAL + none + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + Times New Roman,90,90,16,70,0 + 0 + 0 + wxID_ANY + Page Title + + 0 + + + 0 + + 1 + PageTitleStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxTOP|wxBOTTOM|wxLEFT + 1 + + + PageSizer + wxVERTICAL + protected + + + + + + + + 5 + wxEXPAND|wxALIGN_RIGHT|wxALL + 0 + + + bSizer70 + wxHORIZONTAL + none + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + 5 + wxALL|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_HELP + &Help + + 0 + + + 0 + + 1 + HelpButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnHelpButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxLEFT|wxALIGN_RIGHT + 0 + + 0 + protected + 0 + + + + 5 + wxTOP|wxBOTTOM|wxLEFT|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + < &Prev + + 0 + + + 0 + + 1 + PreviousButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnPreviousButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxTOP|wxBOTTOM|wxRIGHT|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Next > + + 0 + + + 0 + + 1 + NextButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + wxWANTS_CHARS + OnNextButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxLEFT|wxALIGN_RIGHT + 0 + + 0 + protected + 0 + + + + 5 + wxALL|wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_CANCEL + Cancel + + 0 + + + 0 + + 1 + CancelButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnCancelButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + AboutDialogBase + + + wxDEFAULT_DIALOG_STYLE + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer116 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + bSizer117 + wxVERTICAL + none + + 5 + wxEXPAND + 0 + + -1,78 + bSizer120 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + 10,108,206 + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + m_panel14 + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer121 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + 0 + protected + 0 + + + + 8 + wxEXPAND|wxLEFT + 0 + + + bSizer122 + wxVERTICAL + none + + 10 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + LogoBitmap + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 15 + wxALL|wxEXPAND + 1 + + + bSizer118 + wxVERTICAL + none + + 5 + wxEXPAND|wxLEFT + 1 + + + bSizer123 + wxVERTICAL + none + + 5 + wxTOP|wxRIGHT|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + VersionStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 3 + wxTOP + 0 + + 0 + protected + 0 + + + + 5 + wxBOTTOM|wxRIGHT|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + CopyrightStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 3 + wxTOP + 0 + + 0 + protected + 0 + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxSYS_COLOUR_WINDOWTEXT + wxID_ANY + + + 0 + + + 0 + + 1 + WebsiteHyperlink + wxSYS_COLOUR_WINDOWTEXT + 1 + + + protected + 1 + + Resizable + 1 + + wxHL_DEFAULT_STYLE + + 0 + + . + wxSYS_COLOUR_WINDOWTEXT + + + + + + + OnWebsiteHyperlinkClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxBOTTOM + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + m_staticline3 + 1 + + + protected + 1 + + Resizable + 1 + + wxLI_HORIZONTAL + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 10 + wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + + 0 + + 1 + CreditsTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxTE_MULTILINE|wxTE_READONLY + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + wxSUNKEN_BORDER + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxTOP + 0 + + 0 + protected + 0 + + + + 3 + wxEXPAND|wxTOP|wxBOTTOM + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + m_staticline4 + 1 + + + protected + 1 + + Resizable + 1 + + wxLI_HORIZONTAL + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxBOTTOM + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + m_staticline5 + 1 + + + protected + 1 + + Resizable + 1 + + wxLI_HORIZONTAL + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 6 + wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT + 0 + + + bSizer119 + wxHORIZONTAL + none + + 5 + wxEXPAND|wxALL + 1 + + 0 + protected + 0 + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_OK + OK + + 0 + + + 0 + + 1 + OKButton + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxLEFT + 0 + + 0 + protected + 0 + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + BenchmarkDialogBase + + + wxDEFAULT_DIALOG_STYLE + + VeraCrypt - Encryption Algorithm Benchmark + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer153 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer154 + wxVERTICAL + none + + 5 + wxEXPAND + 0 + + + bSizer155 + wxHORIZONTAL + none + + 5 + wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Buffer Size: + + 0 + + + 0 + + 1 + m_staticText54 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + BufferSizeChoice + 1 + + + protected + 1 + + Resizable + 0 + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND | wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + m_staticline6 + 1 + + + none + 1 + + Resizable + 1 + + wxLI_HORIZONTAL + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + + bSizer156 + wxHORIZONTAL + none + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + BenchmarkListCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxLC_NO_SORT_HEADER|wxLC_REPORT + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + wxSUNKEN_BORDER + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + + RightSizer + wxVERTICAL + protected + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_OK + Benchmark + + 0 + + + 0 + + 1 + BenchmarkButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnBenchmarkButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_CANCEL + Close + + 0 + + + 0 + + 1 + CancelButton + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxTOP|wxBOTTOM + 0 + + 0 + protected + 0 + + + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + -1,-1 + + 0 + + 1 + BenchmarkNoteStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + ChangePasswordDialogBase + + + wxDEFAULT_DIALOG_STYLE + + + + wxWS_EX_VALIDATE_RECURSIVELY + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer30 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer31 + wxHORIZONTAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer32 + wxVERTICAL + none + + 5 + wxEXPAND + 0 + + wxID_ANY + Current + + CurrentSizer + wxVERTICAL + protected + + + 5 + wxALIGN_LEFT + 0 + + + CurrentPasswordPanelSizer + wxVERTICAL + protected + + + + + + 5 + wxTOP|wxEXPAND + 0 + + wxID_ANY + New + + NewSizer + wxVERTICAL + protected + + + 5 + wxALIGN_LEFT + 0 + + + NewPasswordPanelSizer + wxVERTICAL + protected + + + + + + + + 5 + + 0 + + + bSizer33 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_OK + OK + + 0 + + + 0 + + 1 + OKButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnOKButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_CANCEL + Cancel + + 0 + + + 0 + + 1 + CancelButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + wxBOTH + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + -1,-1 + DeviceSelectionDialogBase + + -1,-1 + wxDEFAULT_DIALOG_STYLE + + Select a Partition or Device + + wxWS_EX_VALIDATE_RECURSIVELY + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer3 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer4 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + DeviceListCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_SINGLE_SEL|wxLC_VRULES + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + wxSUNKEN_BORDER + + + + + + + + + + + + + + + + + + + + + + + + OnListItemActivated + OnListItemDeselected + + + + OnListItemSelected + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + 0 + 1 + 0 + 0 + 0 + 1 + 0 + 0 + + StdButtons + protected + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + EncryptionTestDialogBase + + + wxDEFAULT_DIALOG_STYLE + + VeraCrypt - Test Vectors + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer132 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer133 + wxVERTICAL + none + + 5 + wxALIGN_CENTER_HORIZONTAL + 0 + + + bSizer134 + wxHORIZONTAL + none + + 5 + wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Encryption algorithm: + + 0 + + + 0 + + 1 + m_staticText41 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + EncryptionAlgorithmChoice + 1 + + + protected + 1 + + Resizable + 0 + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnEncryptionAlgorithmSelected + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + XTS mode + + 0 + + + 0 + + 1 + XtsModeCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnXtsModeCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Key (hexadecimal) + + sbSizer38 + wxVERTICAL + none + + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + Courier,90,90,-1,70,0 + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + KeyTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + + bSizer135 + wxHORIZONTAL + none + + 5 + wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Key size: + + 0 + + + 0 + + 1 + m_staticText43 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxRIGHT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + KeySizeStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 1 + + wxID_ANY + XTS mode + + sbSizer39 + wxVERTICAL + none + + + 5 + wxTOP|wxRIGHT|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Secondary key (hexadecimal) + + 0 + + + 0 + + 1 + m_staticText45 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + Courier,90,90,-1,70,0 + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + SecondaryKeyTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxTOP|wxRIGHT|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Data unit number (64-bit, data unit size is 512 bytes) + + 0 + + + 0 + + 1 + m_staticText46 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + DataUnitNumberTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxTOP|wxRIGHT|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Block number: + + 0 + + + 0 + + 1 + m_staticText47 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + BlockNumberTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Plaintext (hexadecimal) + + sbSizer40 + wxVERTICAL + none + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + Courier,90,90,-1,70,0 + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + PlainTextTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Ciphertext (hexadecimal) + + sbSizer41 + wxVERTICAL + none + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + Courier,90,90,-1,70,0 + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + CipherTextTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + + bSizer136 + wxHORIZONTAL + none + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Encrypt + + 0 + + + 0 + + 1 + EncryptButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnEncryptButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Decrypt + + 0 + + + 0 + + 1 + DecryptButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnDecryptButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Auto-Test All + + 0 + + + 0 + + 1 + AutoTestAllButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnAutoTestAllButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Reset + + 0 + + + 0 + + 1 + ResetButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnResetButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_CANCEL + Close + + 0 + + + 0 + + 1 + CloseButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + FavoriteVolumesDialogBase + + + wxDEFAULT_DIALOG_STYLE + + Favorite Volumes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer57 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer60 + wxHORIZONTAL + none + + 5 + wxEXPAND + 1 + + + bSizer58 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + FavoritesListCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VRULES + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + wxSUNKEN_BORDER + + + + + + + + + + + + + + + + + + + + + + + + + OnListItemDeselected + + + + OnListItemSelected + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxRIGHT|wxLEFT + 0 + + 4 + 0 + + gSizer5 + none + 1 + 0 + + 5 + wxEXPAND|wxTOP|wxBOTTOM|wxRIGHT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Move &Up + + 0 + + + 0 + + 1 + MoveUpButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnMoveUpButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxTOP|wxBOTTOM|wxRIGHT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Move &Down + + 0 + + + 0 + + 1 + MoveDownButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnMoveDownButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_RIGHT|wxEXPAND|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Remove + + 0 + + + 0 + + 1 + RemoveButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnRemoveButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Remove &All + + 0 + + + 0 + + 1 + RemoveAllButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnRemoveAllButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + 5 + wxBOTH + 2 + + 0 + + fgSizer4 + wxFLEX_GROWMODE_SPECIFIED + none + 1 + 0 + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + + + + + 5 + wxEXPAND + 0 + + + bSizer59 + wxVERTICAL + none + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_OK + OK + + 0 + + + 0 + + 1 + OKButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnOKButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_CANCEL + Cancel + + 0 + + + 0 + + 1 + CancelButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + KeyfilesDialogBase + + + wxDEFAULT_DIALOG_STYLE + + Select Keyfiles + + wxWS_EX_VALIDATE_RECURSIVELY + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer26 + wxVERTICAL + none + + 5 + wxTOP|wxRIGHT|wxLEFT + 1 + + + UpperSizer + wxHORIZONTAL + protected + + 5 + wxEXPAND + 1 + + + PanelSizer + wxVERTICAL + protected + + + + 5 + wxEXPAND + 0 + + + bSizer22 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_OK + OK + + 0 + + + 0 + + 1 + OKButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_CANCEL + Cancel + + 0 + + + 0 + + 1 + CancelButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + WarningStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT + 0 + + + bSizer23 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + KeyfilesNoteSizer + wxVERTICAL + protected + + 5 + wxEXPAND | wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + m_staticline1 + 1 + + + none + 1 + + Resizable + 1 + + wxLI_HORIZONTAL + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + -1,-1 + + 0 + + 1 + KeyfilesNoteStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND | wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + m_staticline2 + 1 + + + none + 1 + + Resizable + 1 + + wxLI_HORIZONTAL + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + 2 + wxBOTH + 0 + + 0 + + fgSizer2 + wxFLEX_GROWMODE_SPECIFIED + none + 1 + 0 + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxSYS_COLOUR_WINDOWTEXT + wxID_ANY + More information on keyfiles + + 0 + + + 0 + + 1 + KeyfilesHyperlink + wxSYS_COLOUR_WINDOWTEXT + 1 + + + protected + 1 + + Resizable + 1 + + wxHL_DEFAULT_STYLE + + 0 + + + wxSYS_COLOUR_WINDOWTEXT + + + + + + + OnKeyfilesHyperlinkClick + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Generate Random Keyfile... + + 0 + + + 0 + + 1 + CreateKeyfileButtton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnCreateKeyfileButttonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + KeyfileGeneratorDialogBase + + + wxDEFAULT_DIALOG_STYLE + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OnMouseMotion + + + + + + + + + + + + MainSizer + wxVERTICAL + protected + + 5 + wxEXPAND|wxALL + 1 + + + bSizer144 + wxVERTICAL + none + + 5 + wxEXPAND + 0 + + + bSizer145 + wxHORIZONTAL + none + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Mixing PRF: + + 0 + + + 0 + + 1 + m_staticText49 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + HashChoice + 1 + + + protected + 1 + + Resizable + 0 + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnHashSelected + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + + + 5 + wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT + 1 + + wxID_ANY + + + sbSizer43 + wxVERTICAL + none + + + 5 + wxEXPAND|wxTOP + 0 + + + bSizer147 + wxHORIZONTAL + none + + 5 + wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Random Pool: + + 0 + + + 0 + + 1 + m_staticText52 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + Courier New,90,90,-1,70,0 + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + RandomPoolStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Show + + 0 + + + 0 + + 1 + ShowRandomPoolCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnShowRandomPoolCheckBoxClicked + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + 5 + wxBOTTOM|wxEXPAND|wxTOP + 0 + + wxID_ANY + Randomness Collected From Mouse Movements + + sbSizer45 + wxVERTICAL + none + + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + CollectedEntropy + 1 + + + protected + 1 + + 2560 + Resizable + 1 + + wxGA_HORIZONTAL|wxGA_SMOOTH + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + 5 + wxALL|wxALIGN_CENTER_HORIZONTAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the keyfile. + + 0 + + + 0 + + 1 + MouseStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + + + 5 + wxALL|wxEXPAND + 1 + + + bSizer162 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + 3 + wxBOTH + 2 + + 0 + + fgSizer8 + wxFLEX_GROWMODE_SPECIFIED + none + 3 + 0 + + 5 + wxALIGN_CENTER_VERTICAL|wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Number of keyfiles: + + 0 + + + 0 + + 1 + m_staticText60 + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + 1 + 9999999 + + 0 + + 1 + + 0 + + 1 + NumberOfKeyfiles + 1 + + + protected + 1 + + Resizable + 1 + + wxSP_ARROW_KEYS + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND | wxALL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + m_panel18 + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_CENTER_VERTICAL|wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Keyfiles size (in Bytes): + + 0 + + + 0 + + 1 + m_staticText63 + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + 64 + 1048576 + + 0 + + 64 + + 0 + + 1 + KeyfilesSize + 1 + + + protected + 1 + + Resizable + 1 + + wxSP_ARROW_KEYS + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_CENTER_VERTICAL|wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Random size (64 <-> 1048576) + + 0 + + + 0 + + 1 + RandomSizeCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnRandomSizeCheckBoxClicked + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_CENTER_VERTICAL|wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Keyfiles base name: + + 0 + + + 0 + + 1 + m_staticText65 + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + + 0 + + 1 + KeyfilesBaseName + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND | wxALL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + m_panel19 + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + + bSizer146 + wxHORIZONTAL + none + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Generate and Save Keyfile... + + 0 + + + 0 + + 1 + GenerateButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnGenerateButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_CANCEL + Close + + 0 + + + 0 + + 1 + m_button61 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + LegalNoticesDialogBase + + + wxDEFAULT_DIALOG_STYLE + + VeraCrypt - Legal Notices + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer114 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer115 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + + 0 + + 1 + LegalNoticesTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxTE_MULTILINE|wxTE_READONLY + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_HORIZONTAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_OK + OK + + 0 + + + 0 + + 1 + OKButton + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + wxBOTH + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + MountOptionsDialogBase + + -1,-1 + wxDEFAULT_DIALOG_STYLE + + Enter VeraCrypt Volume Password + + wxWS_EX_VALIDATE_RECURSIVELY + + + + + + + + + + + + + + + + + + OnInitDialog + + + + + + + + + + + + + + + + + + + + + + + MainSizer + wxVERTICAL + protected + + 5 + wxEXPAND + 1 + + + bSizer19 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 0 + + + bSizer14 + wxHORIZONTAL + none + + 5 + wxEXPAND + 1 + + + PasswordSizer + wxVERTICAL + protected + + + + 5 + wxEXPAND + 0 + + + bSizer9 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_OK + OK + + 0 + + + 0 + + 1 + OKButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnOKButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_CANCEL + Cancel + + 0 + + + 0 + + 1 + CancelButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxTOP|wxEXPAND + 1 + + 0 + protected + 0 + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Op&tions + + 0 + + + 0 + + 1 + OptionsButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnOptionsButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + + bSizer6 + wxVERTICAL + none + + 5 + wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + OptionsPanel + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + wxID_ANY + + + OptionsSizer + wxVERTICAL + protected + + + 5 + wxTOP + 0 + + 0 + protected + 0 + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Mount volume as &read-only + + 0 + + + 0 + + 1 + ReadOnlyCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnReadOnlyCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Mount volume as removable &medium + + 0 + + + 0 + + 1 + RemovableCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Mount partition &using system encryption (preboot authentication) + + 0 + + + 0 + + 1 + PartitionInSystemEncryptionScopeCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 1 + + wxID_ANY + Hidden Volume Protection + + ProtectionSizer + wxVERTICAL + protected + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Protect hidden volume when mounting outer volume + + 0 + + + 0 + + 1 + ProtectionCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnProtectionCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxLEFT + 1 + + + ProtectionPasswordSizer + wxVERTICAL + protected + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxSYS_COLOUR_WINDOWTEXT + wxID_ANY + What is hidden volume protection? + + 0 + + + 0 + + 1 + ProtectionHyperlinkCtrl + wxSYS_COLOUR_WINDOWTEXT + 1 + + + protected + 1 + + Resizable + 1 + + wxHL_DEFAULT_STYLE + + 0 + + + wxSYS_COLOUR_WINDOWTEXT + + + + + + + OnProtectionHyperlinkClick + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + + FilesystemSizer + wxVERTICAL + protected + + 5 + wxEXPAND | wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + m_panel8 + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + wxID_ANY + Filesystem + + sbSizer28 + wxVERTICAL + none + + + 5 + wxEXPAND|wxBOTTOM + 0 + + + bSizer54 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + bSizer55 + wxVERTICAL + none + + 5 + wxTOP|wxRIGHT|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Do &not mount + + 0 + + + 0 + + 1 + NoFilesystemCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnNoFilesystemCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + 0,0 + wxBOTH + 1 + + 0 + + FilesystemOptionsSizer + wxFLEX_GROWMODE_SPECIFIED + protected + 0 + + 5 + 1 + 0 + wxEXPAND|wxTOP + 0 + 1 + + + FilesystemSpacer + wxVERTICAL + protected + + + + 5 + 1 + 0 + wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT + 1 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Mount at directory: + + 0 + + + 0 + + 1 + MountPointTextCtrlStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 1 + wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND + 1 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + MountPointTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 2 + wxALIGN_CENTER_VERTICAL|wxRIGHT|wxLEFT + 1 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Se&lect... + + 0 + + + 0 + + 1 + MountPointButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnMountPointButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 0 + wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxLEFT + 2 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Mount options: + + 0 + + + 0 + + 1 + FilesystemOptionsStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 2 + 1 + wxALIGN_CENTER_VERTICAL|wxEXPAND|wxTOP|wxRIGHT|wxLEFT + 2 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + FilesystemOptionsTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + NewSecurityTokenKeyfileDialogBase + + + wxDEFAULT_DIALOG_STYLE + + New Security Token Keyfile Properties + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer143 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer144 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + wxID_ANY + + + sbSizer42 + wxVERTICAL + none + + + 5 + wxEXPAND|wxTOP + 1 + + 2 + wxBOTH + + + 0 + + fgSizer7 + wxFLEX_GROWMODE_SPECIFIED + none + 2 + 0 + + 5 + wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Security token: + + 0 + + + 0 + + 1 + m_staticText47 + 1 + + + none + 1 + + Resizable + 1 + + wxALIGN_RIGHT + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + SecurityTokenChoice + 1 + + + protected + 1 + + Resizable + 0 + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Keyfile name: + + 0 + + + 0 + + 1 + m_staticText48 + 1 + + + none + 1 + + Resizable + 1 + + wxALIGN_RIGHT + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_CENTER_VERTICAL|wxEXPAND|wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + KeyfileNameTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + OnKeyfileNameChanged + + + + + + + + + + + + 5 + wxALIGN_RIGHT|wxALL + 0 + + 0 + 1 + 0 + 0 + 0 + 1 + 0 + 0 + + StdButtons + protected + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + PreferencesDialogBase + + + wxDEFAULT_DIALOG_STYLE + + Preferences + + wxWS_EX_VALIDATE_RECURSIVELY + + + + + + + + + + + + OnClose + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer32 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer41 + wxVERTICAL + none + + 5 + wxEXPAND | wxALL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + PreferencesNotebook + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Security + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + SecurityPage + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer44 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer33 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Auto-Dismount + + AutoDismountSizer + wxVERTICAL + protected + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Dismount All Volumes When + + sbSizer13 + wxVERTICAL + none + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + User logs off + + 0 + + + 0 + + 1 + DismountOnLogOffCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Screen saver is launched + + 0 + + + 0 + + 1 + DismountOnScreenSaverCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnDismountOnScreenSaverCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + System is entering power saving mode + + 0 + + + 0 + + 1 + DismountOnPowerSavingCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnDismountOnPowerSavingCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + + bSizer34 + wxHORIZONTAL + none + + 5 + wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Auto-dismount volume after no data has been read/written to it for + + 0 + + + 0 + + 1 + DismountOnInactivityCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_CENTER_VERTICAL|wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + 1 + 9999 + + 0 + + 1 + + 0 + 60,-1 + 1 + DismountOnInactivitySpinCtrl + 1 + + + protected + 1 + + Resizable + 1 + -1,-1 + wxSP_ARROW_KEYS + + 0 + + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxRIGHT + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + minutes + + 0 + + + 0 + + 1 + m_staticText5 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Force auto-dismount even if volume contains open files or directories + + 0 + + + 0 + + 1 + ForceAutoDismountCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnForceAutoDismountCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Filesystem + + FilesystemSecuritySizer + wxVERTICAL + protected + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Preserve modification timestamp of file containers + + 0 + + + 0 + + 1 + PreserveTimestampsCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnPreserveTimestampsCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Password Cache + + sbSizer14 + wxVERTICAL + none + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Wipe after VeraCrypt window has been closed + + 0 + + + 0 + + 1 + WipeCacheOnCloseCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Wipe after volume has been auto-dismounted + + 0 + + + 0 + + 1 + WipeCacheOnAutoDismountCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Mount Options + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + DefaultMountOptionsPage + 1 + + + public + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer46 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer35 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Default Mount Options + + sbSizer15 + wxVERTICAL + none + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Mount volumes as read-only + + 0 + + + 0 + + 1 + MountReadOnlyCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Mount volumes as removable media + + 0 + + + 0 + + 1 + MountRemovableCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Cache passwords in memory + + 0 + + + 0 + + 1 + CachePasswordsCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + TrueCrypt Mode + + 0 + + + 0 + + 1 + TrueCryptModeCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + + bSizer163 + wxHORIZONTAL + none + + 5 + wxALIGN_CENTER_VERTICAL|wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + PKCS5-PRF: + + 0 + + + 0 + + 1 + Pkcs5PrfStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_CENTER_VERTICAL|wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + Pkcs5PrfChoice + 1 + + + protected + 1 + + Resizable + 0 + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Filesystem + + FilesystemSizer + wxVERTICAL + protected + + + 5 + wxEXPAND + 1 + + 2 + wxBOTH + 1 + + 0 + + fgSizer3 + wxFLEX_GROWMODE_SPECIFIED + none + 1 + 0 + + 5 + wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Mount options: + + 0 + + + 0 + + 1 + m_staticText6 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + FilesystemOptionsTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Background Task + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + BackgroundTaskPanel + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer61 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer62 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + VeraCrypt Background Task + + sbSizer18 + wxVERTICAL + none + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Enabled + + 0 + + + 0 + + 1 + BackgroundTaskEnabledCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnBackgroundTaskEnabledCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Exit when there are no mounted volumes + + 0 + + + 0 + + 1 + CloseBackgroundTaskOnNoVolumesCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 1 + + wxID_ANY + Task Icon Menu Items + + sbSizer26 + wxVERTICAL + none + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Mount Favorite Volumes + + 0 + + + 0 + + 1 + BackgroundTaskMenuMountItemsEnabledCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Open Mounted Volumes + + 0 + + + 0 + + 1 + BackgroundTaskMenuOpenItemsEnabledCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Dismount Mounted Volumes + + 0 + + + 0 + + 1 + BackgroundTaskMenuDismountItemsEnabledCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + System Integration + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + SystemIntegrationPage + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer49 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer37 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 0 + + wxID_ANY + Actions to Perform when User Logs On + + LogOnSizer + wxVERTICAL + protected + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Start VeraCrypt Background Task + + 0 + + + 0 + + 1 + StartOnLogonCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Mount favorite volumes + + 0 + + + 0 + + 1 + MountFavoritesOnLogonCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Mount all device-hosted VeraCrypt volumes + + 0 + + + 0 + + 1 + MountDevicesOnLogonCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Filesystem Explorer + + ExplorerSizer + wxVERTICAL + protected + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Open Explorer window for successfully mounted volume + + 0 + + + 0 + + 1 + OpenExplorerWindowAfterMountCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Close all Explorer windows of volume being dismounted + + 0 + + + 0 + + 1 + CloseExplorerWindowsOnDismountCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Kernel Services + + KernelServicesSizer + wxVERTICAL + protected + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Do not use kernel cryptographic services + + 0 + + + 0 + + 1 + NoKernelCryptoCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnNoKernelCryptoCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Performance + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + PerformanceOptionsPage + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer151 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 1 + + + bSizer152 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Hardware Acceleration + + sbSizer44 + wxVERTICAL + none + + + 5 + wxEXPAND + 1 + + + bSizer158 + wxHORIZONTAL + none + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Processor (CPU) in this computer supports hardware acceleration for AES: + + 0 + + + 0 + + 1 + m_staticText57 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + AesHwCpuSupportedStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + wxSUNKEN_BORDER + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxBOTTOM + 0 + + 0 + protected + 0 + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Do not accelerate AES encryption/decryption by using the AES instructions of the processor + + 0 + + + 0 + + 1 + NoHardwareCryptoCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnNoHardwareCryptoCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Keyfiles + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + DefaultKeyfilesPage + 1 + + + public + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer40 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer43 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + wxID_ANY + Default Keyfiles + + bSizer42 + wxVERTICAL + none + + + 5 + wxEXPAND + 1 + + + DefaultKeyfilesSizer + wxVERTICAL + protected + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Use keyfiles by default + + 0 + + + 0 + + 1 + UseKeyfilesCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Security Tokens + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + SecurityTokensPage + 1 + + + public + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer127 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer128 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + PKCS #11 Library Path + + sbSizer36 + wxVERTICAL + none + + + 5 + wxEXPAND + 1 + + + bSizer129 + wxHORIZONTAL + none + + 5 + wxALL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + Pkcs11ModulePathTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Select &Library... + + 0 + + + 0 + + 1 + SelectPkcs11ModuleButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnSelectPkcs11ModuleButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Security Options + + sbSizer37 + wxVERTICAL + none + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Close token session (log out) after a volume is successfully mounted + + 0 + + + 0 + + 1 + CloseSecurityTokenSessionsAfterMountCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Hotkeys + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + HotkeysPage + 1 + + + public + 1 + + Resizable + 1 + + + 0 + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer51 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer38 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + wxID_ANY + System-Wide Hotkeys + + sbSizer21 + wxVERTICAL + none + + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + HotkeyListCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_SINGLE_SEL|wxLC_VRULES + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + wxSUNKEN_BORDER + + + + + + + + + + + + + + + + + + + + + + + + + OnHotkeyListItemDeselected + + + + OnHotkeyListItemSelected + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Shortcut + + sbSizer23 + wxVERTICAL + none + + + 5 + wxALIGN_RIGHT + 1 + + 3 + wxBOTH + + + 0 + + fgSizer4 + wxFLEX_GROWMODE_SPECIFIED + none + 2 + 0 + + 5 + wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Key to assign: + + 0 + + + 0 + + 1 + m_staticText10 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + HotkeyTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Assign + + 0 + + + 0 + + 1 + AssignHotkeyButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnAssignHotkeyButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + 5 + wxEXPAND + 1 + + 4 + 0 + + gSizer4 + none + 1 + 0 + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Control + + 0 + + + 0 + + 1 + HotkeyControlCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Shift + + 0 + + + 0 + + 1 + HotkeyShiftCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Alt + + 0 + + + 0 + + 1 + HotkeyAltCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Win + + 0 + + + 0 + + 1 + HotkeyWinCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Remove + + 0 + + + 0 + + 1 + RemoveHotkeyButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnRemoveHotkeyButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Options + + sbSizer24 + wxVERTICAL + none + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Play system notification sound after mount/dismount + + 0 + + + 0 + + 1 + BeepAfterHotkeyMountDismountCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Display confirmation message box after dismount + + 0 + + + 0 + + 1 + DisplayMessageAfterHotkeyDismountCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + 0 + 1 + 0 + 0 + 0 + 1 + 0 + 0 + + StdButtons + protected + + OnCancelButtonClick + + + + OnOKButtonClick + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + wxBOTH + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + RandomPoolEnrichmentDialogBase + + + wxDEFAULT_DIALOG_STYLE + + VeraCrypt - Random Pool Enrichment + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OnMouseMotion + + + + + + + + + + + + MainSizer + wxVERTICAL + protected + + 5 + wxEXPAND|wxALL + 1 + + + bSizer144 + wxVERTICAL + none + + 5 + wxEXPAND + 0 + + + bSizer145 + wxHORIZONTAL + none + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Mixing PRF: + + 0 + + + 0 + + 1 + m_staticText49 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + HashChoice + 1 + + + protected + 1 + + Resizable + 0 + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnHashSelected + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + + + 5 + wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT + 1 + + wxID_ANY + + + sbSizer43 + wxVERTICAL + none + + + 5 + wxEXPAND|wxTOP + 0 + + + bSizer147 + wxHORIZONTAL + none + + 5 + wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Random Pool: + + 0 + + + 0 + + 1 + m_staticText52 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + Courier New,90,90,-1,70,0 + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + RandomPoolStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Show + + 0 + + + 0 + + 1 + ShowRandomPoolCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnShowRandomPoolCheckBoxClicked + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + 5 + wxBOTTOM|wxEXPAND|wxTOP + 0 + + wxID_ANY + Randomness Collected From Mouse Movements + + sbSizer45 + wxVERTICAL + none + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + CollectedEntropy + 1 + + + protected + 1 + + 2560 + Resizable + 1 + + wxGA_HORIZONTAL|wxGA_SMOOTH + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + 5 + wxALL|wxALIGN_CENTER_HORIZONTAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases security. When done, click 'Continue'. + + 0 + + + 0 + + 1 + MouseStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + + + 5 + wxEXPAND + 0 + + + bSizer146 + wxHORIZONTAL + none + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_OK + &Continue + + 0 + + + 0 + + 1 + ContinueButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + -1,-1 + SecurityTokenKeyfilesDialogBase + + -1,-1 + wxDEFAULT_DIALOG_STYLE + + Security Token Keyfiles + + wxWS_EX_VALIDATE_RECURSIVELY + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer3 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer138 + wxHORIZONTAL + none + + 5 + wxEXPAND + 1 + + + bSizer142 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + SecurityTokenKeyfileListCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VRULES + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + wxSUNKEN_BORDER + + + + + + + + + + + + + + + + + + + + + + + + OnListItemActivated + OnListItemDeselected + + + + OnListItemSelected + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + + bSizer141 + wxHORIZONTAL + none + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Export... + + 0 + + + 0 + + 1 + ExportButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnExportButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Delete + + 0 + + + 0 + + 1 + DeleteButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnDeleteButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxLEFT + 1 + + 0 + protected + 0 + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Import Keyfile to Token... + + 0 + + + 0 + + 1 + ImportButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnImportButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + + bSizer139 + wxVERTICAL + none + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_OK + OK + + 0 + + + 0 + + 1 + OKButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnOKButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_CANCEL + Cancel + + 0 + + + 0 + + 1 + CancelButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + VolumePropertiesDialogBase + + + wxDEFAULT_DIALOG_STYLE + + Volume Properties + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer49 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + + bSizer50 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + PropertiesListCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxLC_NO_SORT_HEADER|wxLC_REPORT|wxLC_VRULES + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + wxSUNKEN_BORDER + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_HORIZONTAL + 0 + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + + StdButtons + protected + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + 1 + 1 + impl_virtual + + + 0 + wxID_ANY + + + EncryptionOptionsWizardPageBase + + -1,-1 + WizardPage; WizardPage.h + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer93 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + bSizer94 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + bSizer95 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + wxID_ANY + Encryption Algorithm + + sbSizer29 + wxVERTICAL + none + + + 5 + wxEXPAND + 0 + + + bSizer96 + wxHORIZONTAL + none + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + EncryptionAlgorithmChoice + 1 + + + protected + 1 + + Resizable + 0 + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnEncryptionAlgorithmSelected + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Test + + 0 + + + 0 + + 1 + TestButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnTestButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + EncryptionAlgorithmStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + + bSizer97 + wxHORIZONTAL + none + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxSYS_COLOUR_WINDOWTEXT + wxID_ANY + More information + + 0 + + + 0 + + 1 + EncryptionAlgorithmHyperlink + wxSYS_COLOUR_WINDOWTEXT + 1 + + + protected + 1 + + Resizable + 1 + + wxHL_DEFAULT_STYLE + + 0 + + + wxSYS_COLOUR_WINDOWTEXT + + + + + + + OnEncryptionAlgorithmHyperlinkClick + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + 0 + protected + 0 + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Benchmark + + 0 + + + 0 + + 1 + BenchmarkButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnBenchmarkButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Hash Algorithm + + sbSizer30 + wxHORIZONTAL + none + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + HashChoice + 1 + + + protected + 1 + + Resizable + 0 + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxSYS_COLOUR_WINDOWTEXT + wxID_ANY + Information on hash algorithms + + 0 + + + 0 + + 1 + HashHyperlink + wxSYS_COLOUR_WINDOWTEXT + 1 + + + protected + 1 + + Resizable + 1 + + wxHL_DEFAULT_STYLE + + 0 + + + wxSYS_COLOUR_WINDOWTEXT + + + + + + + OnHashHyperlinkClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + 1 + 1 + impl_virtual + + + 0 + wxID_ANY + + + InfoWizardPageBase + + -1,-1 + WizardPage; WizardPage.h + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer71 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + InfoPageSizer + wxVERTICAL + protected + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + InfoStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + 1 + 1 + impl_virtual + + + 0 + wxID_ANY + + 500,300 + KeyfilesPanelBase + + -1,-1 + + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer19 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + bSizer20 + wxHORIZONTAL + none + + 5 + wxEXPAND + 1 + + + bSizer21 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + KeyfilesListCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxLC_NO_SORT_HEADER|wxLC_REPORT + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + wxSUNKEN_BORDER + + + + + + + + + + + + + + + + + + + + + + + + + OnListItemDeselected + + + + OnListItemSelected + + + + + + + + + + + + + OnListSizeChanged + + + + + 5 + wxEXPAND + 0 + + + bSizer137 + wxHORIZONTAL + none + + 5 + wxEXPAND|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Add &Files... + + 0 + + + 0 + + 1 + AddFilesButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnAddFilesButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Add &Path... + + 0 + + + 0 + + 1 + AddDirectoryButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnAddDirectoryButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Add &Token Files... + + 0 + + + 0 + + 1 + AddSecurityTokenSignatureButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnAddSecurityTokenSignatureButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Remove + + 0 + + + 0 + + 1 + RemoveButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnRemoveButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Remove &All + + 0 + + + 0 + + 1 + RemoveAllButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnRemoveAllButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + 1 + 1 + impl_virtual + + + 0 + wxID_ANY + + + ProgressWizardPageBase + + -1,-1 + WizardPage; WizardPage.h + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer81 + wxVERTICAL + none + + 5 + wxEXPAND + 0 + + + bSizer82 + wxVERTICAL + none + + 5 + wxEXPAND + 0 + + + ProgressSizer + wxHORIZONTAL + protected + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + -1,-1 + 1 + ProgressGauge + 1 + + + protected + 1 + + 100 + Resizable + 1 + -1,-1 + wxGA_HORIZONTAL|wxGA_SMOOTH + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxTOP|wxBOTTOM|wxRIGHT|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 0 + + 1 + + 0 + 0 + wxID_ANY + &Abort + + 0 + + + 0 + + 1 + AbortButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnAbortButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + InfoStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + 1 + 1 + impl_virtual + + + 0 + wxID_ANY + + 200,65 + SelectDirectoryWizardPageBase + + -1,-1 + WizardPage; WizardPage.h + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer68 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + bSizer69 + wxVERTICAL + none + + 5 + wxEXPAND + 0 + + + bSizer70 + wxHORIZONTAL + none + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + DirectoryTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + OnDirectoryTextChanged + + + + + + + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Browse... + + 0 + + + 0 + + 1 + BrowseButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnBrowseButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + InfoStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + 300 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + 1 + 1 + impl_virtual + + + 0 + wxID_ANY + + + SingleChoiceWizardPageBase + + -1,-1 + WizardPage; WizardPage.h + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer71 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + bSizer77 + wxVERTICAL + none + + 5 + wxEXPAND|wxTOP + 0 + + 0 + protected + 0 + + + + 5 + wxEXPAND + 0 + + + OuterChoicesSizer + wxVERTICAL + protected + + 5 + wxEXPAND + 0 + + + ChoicesSizer + wxVERTICAL + protected + + + + + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + InfoStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + 1 + 1 + impl_virtual + + + 0 + wxID_ANY + + + VolumeCreationProgressWizardPageBase + + -1,-1 + WizardPage; WizardPage.h + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer104 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + bSizer105 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 0 + + wxID_ANY + + + sbSizer31 + wxVERTICAL + none + + + 30 + wxEXPAND + 1 + + + KeySamplesUpperSizer + wxVERTICAL + protected + + 3 + wxEXPAND|wxTOP + 1 + + + KeySamplesUpperInnerSizer + wxVERTICAL + protected + + + + + + 5 + wxEXPAND + 0 + + 2 + wxBOTH + + + 0 + + fgSizer5 + wxFLEX_GROWMODE_SPECIFIED + none + 3 + 0 + + 5 + wxALL|wxALIGN_RIGHT|wxALIGN_BOTTOM + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Random Pool: + + 0 + + + 0 + + 1 + m_staticText25 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALIGN_BOTTOM + 1 + + + bSizer126 + wxHORIZONTAL + none + + 7 + wxEXPAND|wxTOP|wxRIGHT|wxALIGN_BOTTOM + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + Courier New,90,90,-1,70,0 + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + RandomPoolSampleStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxRIGHT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Show + + 0 + + + 0 + + 1 + DisplayKeysCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnDisplayKeysCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_RIGHT|wxBOTTOM|wxRIGHT|wxLEFT|wxALIGN_BOTTOM + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Header Key: + + 0 + + + 0 + + 1 + m_staticText28 + 1 + + + none + 1 + + Resizable + 1 + -1,-1 + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 2 + wxALIGN_BOTTOM|wxEXPAND|wxTOP|wxRIGHT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + Courier New,90,90,-1,70,0 + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + HeaderKeySampleStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_RIGHT|wxBOTTOM|wxRIGHT|wxLEFT|wxALIGN_BOTTOM + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Master Key: + + 0 + + + 0 + + 1 + m_staticText29 + 1 + + + none + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 2 + wxEXPAND|wxALIGN_BOTTOM|wxTOP|wxRIGHT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + Courier New,90,90,-1,70,0 + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + MasterKeySampleStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxLEFT|wxRIGHT + 0 + + wxID_ANY + Randomness Collected From Mouse Movements + + sbSizer45 + wxVERTICAL + none + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + CollectedEntropy + 1 + + + protected + 1 + + 2560 + Resizable + 1 + + wxGA_HORIZONTAL|wxGA_SMOOTH + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxBOTTOM|wxRIGHT|wxLEFT + 0 + + wxID_ANY + + + sbSizer32 + wxVERTICAL + none + + + 5 + wxEXPAND + 0 + + + bSizer106 + wxHORIZONTAL + none + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + -1,-1 + 1 + ProgressGauge + 1 + + + protected + 1 + + 100 + Resizable + 1 + + wxGA_HORIZONTAL|wxGA_SMOOTH + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALIGN_CENTER_VERTICAL|wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Abort + + 0 + + + 0 + + 1 + AbortButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnAbortButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 2 + wxEXPAND|wxTOP + 0 + + 3 + 0 + + gSizer6 + none + 1 + 0 + + 5 + wxALIGN_CENTER_VERTICAL|wxEXPAND + 1 + + + bSizer108 + wxHORIZONTAL + none + + 5 + wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Done + + 0 + + + 0 + + 1 + m_staticText31 + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALIGN_CENTER_VERTICAL|wxALL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + -1,-1 + 1 + m_panel12 + 1 + + + protected + 1 + + Resizable + 1 + -1,-1 + + 0 + + + + wxSUNKEN_BORDER + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer115 + wxHORIZONTAL + none + + 3 + wxALIGN_CENTER_VERTICAL|wxEXPAND|wxALL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + SizeDoneStaticText + 1 + + + protected + 1 + + Resizable + 1 + + wxALIGN_RIGHT|wxST_NO_AUTORESIZE + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALIGN_CENTER_VERTICAL|wxALIGN_CENTER_HORIZONTAL + 1 + + + bSizer1081 + wxHORIZONTAL + none + + 5 + wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Speed + + 0 + + + 0 + + 1 + m_staticText311 + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND|wxALIGN_CENTER_VERTICAL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + m_panel121 + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxSUNKEN_BORDER + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer1151 + wxHORIZONTAL + none + + 3 + wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + SpeedStaticText + 1 + + + protected + 1 + + Resizable + 1 + + wxALIGN_RIGHT|wxST_NO_AUTORESIZE + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT + 1 + + + bSizer1082 + wxHORIZONTAL + none + + 5 + wxALIGN_CENTER_VERTICAL|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Left + + 0 + + + 0 + + 1 + m_staticText312 + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + m_panel122 + 1 + + + protected + 1 + + Resizable + 1 + + + 0 + + + + wxSUNKEN_BORDER|wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer1152 + wxHORIZONTAL + none + + 3 + wxALL|wxALIGN_CENTER_VERTICAL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + TimeLeftStaticText + 1 + + + protected + 1 + + Resizable + 1 + + wxALIGN_RIGHT|wxST_NO_AUTORESIZE + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxBOTTOM|wxLEFT|wxRIGHT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + InfoStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + 1 + 1 + impl_virtual + + + 0 + wxID_ANY + + + VolumeLocationWizardPageBase + + -1,-1 + WizardPage; WizardPage.h + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer86 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + bSizer87 + wxVERTICAL + none + + 5 + wxEXPAND|wxTOP + 0 + + 0 + protected + 0 + + + + 5 + wxEXPAND + 0 + + + bSizer88 + wxHORIZONTAL + none + + 5 + wxEXPAND + 1 + + + bSizer89 + wxVERTICAL + none + + 5 + wxEXPAND + 0 + + + bSizer126 + wxHORIZONTAL + none + + 5 + wxALL|wxALIGN_CENTER_VERTICAL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + -1,-1 + 1 + VolumePathComboBox + 1 + + + protected + 1 + + Resizable + -1 + 1 + + wxCB_DROPDOWN + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OnVolumePathTextChanged + + + + + + 5 + wxALIGN_CENTER_VERTICAL + 0 + + + bSizer90 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Select &File... + + 0 + + + 0 + -1,-1 + 1 + SelectFileButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnSelectFileButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Select D&evice... + + 0 + + + 0 + -1,-1 + 1 + SelectDeviceButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnSelectDeviceButtonClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 0 + + + bSizer91 + wxHORIZONTAL + none + + 5 + wxLEFT + 0 + + 0 + protected + 0 + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Never save history + + 0 + + + 0 + + 1 + NoHistoryCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnNoHistoryCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxBOTTOM + 0 + + 0 + protected + 0 + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + InfoStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + 1 + 1 + impl_virtual + + + 0 + wxID_ANY + + + VolumeFormatOptionsWizardPageBase + + -1,-1 + WizardPage; WizardPage.h + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer124 + wxVERTICAL + none + + 5 + wxEXPAND + 0 + + + bSizer125 + wxVERTICAL + none + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Filesystem Options + + sbSizer33 + wxVERTICAL + none + + + 5 + wxEXPAND + 1 + + 2 + wxBOTH + + + 0 + + fgSizer6 + wxFLEX_GROWMODE_SPECIFIED + none + 2 + 0 + + 5 + wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxTOP|wxBOTTOM|wxLEFT + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Filesystem type: + + 0 + + + 0 + + 1 + m_staticText43 + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + FilesystemTypeChoice + 1 + + + protected + 1 + + Resizable + 0 + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnFilesystemTypeSelected + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxALL + 0 + + wxID_ANY + Volume Format Options + + sbSizer34 + wxVERTICAL + none + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Quick format + + 0 + + + 0 + + 1 + QuickFormatCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnQuickFormatCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxTOP|wxBOTTOM + 1 + + 0 + protected + 0 + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + InfoStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + 1 + 1 + impl_virtual + + + 0 + wxID_ANY + + + VolumePasswordPanelBase + + -1,-1 + + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer7 + wxVERTICAL + none + + 5 + wxALL|wxEXPAND + 1 + + 0,0 + wxBOTH + 1 + + 0 + + GridBagSizer + wxFLEX_GROWMODE_SPECIFIED + protected + 0 + + 5 + 1 + 0 + wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxBOTTOM|wxRIGHT + 1 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Password: + + 0 + + + 0 + + 1 + PasswordStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 2 + 1 + wxBOTTOM|wxALIGN_CENTER_VERTICAL|wxEXPAND + 1 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 1 + + 0 + 232,-1 + 1 + PasswordTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxTE_PASSWORD + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + OnTextChanged + + + + + + + + 5 + 1 + 0 + wxBOTTOM|wxRIGHT|wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT + 2 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Confirm password: + + 0 + + + 0 + + 1 + ConfirmPasswordStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 2 + 1 + wxBOTTOM|wxALIGN_CENTER_VERTICAL|wxEXPAND + 2 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 1 + + 0 + 232,-1 + 1 + ConfirmPasswordTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxTE_PASSWORD + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + OnTextChanged + + + + + + + + 5 + 1 + 0 + wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxBOTTOM|wxRIGHT + 3 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Volume PIM: + + 0 + + + 0 + + 1 + VolumePimStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 1 + wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxEXPAND + 3 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 7 + + 0 + + 1 + VolumePimTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxTE_PASSWORD + + 0 + + + wxFILTER_NUMERIC + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + OnPimChanged + + + + + + + + 5 + 1 + 2 + wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxBOTTOM|wxLEFT|wxRIGHT + 3 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + (Empty or 0 for default iterations) + + 0 + + + 0 + + 1 + VolumePimHelpStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 2 + 1 + wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL + 4 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Use PIM + + 0 + + + 0 + + 1 + PimCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnUsePimCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 2 + 1 + wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL + 5 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Cach&e passwords and keyfiles in memory + + 0 + + + 0 + + 1 + CacheCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 2 + 1 + wxTOP|wxBOTTOM|wxLEFT|wxALIGN_CENTER_VERTICAL + 6 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Display password + + 0 + + + 0 + + 1 + DisplayPasswordCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnDisplayPasswordCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 1 + wxTOP|wxRIGHT|wxLEFT + 7 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + U&se keyfiles + + 0 + + + 0 + + 1 + UseKeyfilesCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnUseKeyfilesCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 2 + wxALIGN_RIGHT|wxALIGN_BOTTOM|wxLEFT + 7 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Keyfiles... + + 0 + + + 0 + + 1 + KeyfilesButton + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + OnKeyfilesButtonClick + + + + + + + + + + + + + + + + + + + OnKeyfilesButtonRightDown + OnKeyfilesButtonRightClick + + + + + + + 5 + 1 + 1 + wxEXPAND|wxTOP|wxBOTTOM + 8 + 1 + + + Pkcs5PrfSizer + wxVERTICAL + protected + + + + 5 + 1 + 0 + wxALIGN_RIGHT|wxALIGN_CENTER_VERTICAL|wxRIGHT + 9 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + PKCS-5 PRF: + + 0 + + + 0 + + 1 + Pkcs5PrfStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 1 + wxALIGN_CENTER_VERTICAL|wxLEFT + 9 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + "Unchanged" + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + -1,-1 + + 0 + -1,-1 + 1 + Pkcs5PrfChoice + 1 + + + protected + 1 + + Resizable + 0 + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 2 + wxALIGN_CENTER_VERTICAL|wxLEFT + 9 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + TrueCrypt Mode + + 0 + + + 0 + + 1 + TrueCryptModeCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnTrueCryptModeChecked + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 0 + wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxRIGHT + 10 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Header Wipe: + + 0 + + + 0 + + 1 + HeaderWipeCountText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 1 + 1 + wxALL + 10 + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + "1-pass" "3-pass" "7-pass" "35-pass" "256-pass" + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + HeaderWipeCount + 1 + + + protected + 1 + + Resizable + 1 + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + 2 + 1 + wxTOP|wxEXPAND + 11 + 1 + + + PasswordPlaceholderSizer + wxVERTICAL + protected + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + 1 + 1 + impl_virtual + + + 0 + wxID_ANY + + + VolumePasswordWizardPageBase + + -1,-1 + WizardPage; WizardPage.h + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer101 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + bSizer102 + wxVERTICAL + none + + 5 + wxEXPAND + 0 + + + PasswordPanelSizer + wxVERTICAL + protected + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + InfoStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + 1 + 1 + impl_virtual + + + 0 + wxID_ANY + + + VolumePimWizardPageBase + + -1,-1 + WizardPage; WizardPage.h + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer101 + wxVERTICAL + none + + 5 + wxEXPAND + 1 + + + bSizer102 + wxVERTICAL + none + + 5 + wxEXPAND + 0 + + + PimPanelSizer + wxVERTICAL + protected + + 5 + wxEXPAND + 1 + + + PimSizer + wxHORIZONTAL + protected + + 5 + wxALIGN_CENTER_VERTICAL|wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + Volume PIM: + + 0 + + + 0 + + 1 + VolumePimStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 7 + + 0 + + 1 + VolumePimTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + wxTE_PASSWORD + + 0 + + + wxFILTER_NUMERIC + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + OnPimChanged + + + + + + + + 5 + wxALIGN_CENTER_VERTICAL|wxALL + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + (Empty or 0 for default iterations) + + 0 + + + 0 + + 1 + VolumePimHelpStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND + 1 + + + bSizer166 + wxHORIZONTAL + none + + 5 + wxALL|wxEXPAND + 1 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + &Display PIM + + 0 + + + 0 + + 1 + DisplayPimCheckBox + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnDisplayPimCheckBoxClick + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + InfoStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + + 1 + 1 + impl_virtual + + + 0 + wxID_ANY + + + VolumeSizeWizardPageBase + + -1,-1 + WizardPage; WizardPage.h + + + + wxTAB_TRAVERSAL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + bSizer98 + wxVERTICAL + none + + 5 + wxEXPAND + 0 + + + bSizer99 + wxVERTICAL + none + + 5 + wxEXPAND|wxTOP|wxBOTTOM + 0 + + 0 + protected + 0 + + + + 5 + wxEXPAND + 0 + + + bSizer100 + wxHORIZONTAL + none + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + 0 + + 0 + + 1 + VolumeSizeTextCtrl + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + + + + + + + + + + + + + + + + + + + + + + + OnVolumeSizeTextChanged + + + + + + + + 5 + wxALL + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + VolumeSizePrefixChoice + 1 + + + protected + 1 + + Resizable + 0 + 1 + + + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + + + + + OnVolumeSizePrefixSelected + + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxTOP|wxBOTTOM + 0 + + 0 + protected + 0 + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + FreeSpaceStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxEXPAND|wxTOP|wxBOTTOM + 0 + + 0 + protected + 0 + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + + 0 + + + 0 + + 1 + InfoStaticText + 1 + + + protected + 1 + + Resizable + 1 + + + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + wxAUI_MGR_DEFAULT + + wxBOTH + + 1 + 1 + impl_virtual + + + + 0 + wxID_ANY + + + WaitDialogBase + + -1,-1 + wxCAPTION + + VeraCrypt + + + + + + + + + + + + + + OnWaitDialogClose + + + + + + OnWaitDialogInit + + + + + + + + + + + + + + + + + + + + + + + bSizer160 + wxVERTICAL + none + + 5 + wxALIGN_CENTER_HORIZONTAL|wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + MyLabel + + 0 + + + 0 + + 1 + WaitStaticText + 1 + + + protected + 1 + + Resizable + 1 + + wxALIGN_CENTRE + + 0 + + + + + -1 + + + + + + + + + + + + + + + + + + + + + + + + + + + 5 + wxALL|wxEXPAND + 0 + + 1 + 1 + 1 + 1 + + + + + + + + 1 + 0 + 1 + + 1 + 0 + Dock + 0 + Left + 1 + + 1 + + 0 + 0 + wxID_ANY + + 0 + + + 0 + + 1 + WaitProgessBar + 1 + + + protected + 1 + + 100 + Resizable + 1 + + wxGA_HORIZONTAL|wxGA_SMOOTH + + 0 + + + wxFILTER_NONE + wxDefaultValidator + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/Mount/Favorites.cpp b/src/Mount/Favorites.cpp index 10eb6486..77127c27 100644 --- a/src/Mount/Favorites.cpp +++ b/src/Mount/Favorites.cpp @@ -1,1024 +1,1024 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Tcdefs.h" -#include "Platform/Finally.h" -#include "Platform/ForEach.h" -#include "BootEncryption.h" -#include "Dlgcode.h" -#include "Language.h" -#include "Mount.h" -#include "Common/Resource.h" -#include "Resource.h" -#include "Xml.h" -#include "Favorites.h" - -using namespace std; - -namespace VeraCrypt -{ - vector FavoriteVolumes; - vector SystemFavoriteVolumes; - list FavoritesOnArrivalMountRequired; - list FavoritesMountedOnArrivalStillConnected; - HMENU FavoriteVolumesMenu; - - - BOOL AddMountedVolumeToFavorites (HWND hwndDlg, int driveNo, bool systemFavorites) - { - VOLUME_PROPERTIES_STRUCT prop; - DWORD bytesReturned; - - memset (&prop, 0, sizeof (prop)); - prop.driveNo = driveNo; - - if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &bytesReturned, NULL)) - { - handleWin32Error (hwndDlg, SRC_POS); - return FALSE; - } - - FavoriteVolume favorite; - favorite.MountPoint = L"X:\\"; - favorite.MountPoint[0] = (wchar_t) (prop.driveNo + L'A'); - - favorite.Path = prop.wszVolume; - if (favorite.Path.find (L"\\??\\") == 0) - favorite.Path = favorite.Path.substr (4); - - if (wcslen (prop.wszLabel)) - { - favorite.Label = prop.wszLabel; - favorite.UseLabelInExplorer = true; - } - - if (IsVolumeDeviceHosted (favorite.Path.c_str())) - { - // Get GUID path - wstring volumeDevPath = favorite.Path; - - wchar_t resolvedVolumeDevPath[TC_MAX_PATH]; - if (ResolveSymbolicLink (volumeDevPath.c_str(), resolvedVolumeDevPath, sizeof(resolvedVolumeDevPath))) - volumeDevPath = resolvedVolumeDevPath; - - wchar_t volumeName[TC_MAX_PATH]; - HANDLE find = FindFirstVolume (volumeName, ARRAYSIZE (volumeName)); - - if (find != INVALID_HANDLE_VALUE) - { - do - { - wchar_t findVolumeDevPath[TC_MAX_PATH]; - wstring vn = volumeName; - - if (QueryDosDevice (vn.substr (4, vn.size() - 5).c_str(), findVolumeDevPath, ARRAYSIZE (findVolumeDevPath)) != 0 - && volumeDevPath == findVolumeDevPath) - { - favorite.VolumePathId = volumeName; - break; - } - - } while (FindNextVolume (find, volumeName, ARRAYSIZE (volumeName))); - - FindVolumeClose (find); - } - } - - favorite.ReadOnly = prop.readOnly ? true : false; - favorite.Removable = prop.removable ? true : false; - favorite.SystemEncryption = prop.partitionInInactiveSysEncScope ? true : false; - favorite.OpenExplorerWindow = (bExplore == TRUE); - favorite.Pim = prop.volumePim; - memcpy (favorite.VolumeID, prop.volumeID, VOLUME_ID_SIZE); - - if (favorite.VolumePathId.empty() - && IsVolumeDeviceHosted (favorite.Path.c_str()) - && favorite.Path.find (L"\\\\?\\Volume{") != 0) - { - Warning (favorite.Path.find (L"\\Partition0") == wstring::npos ? "FAVORITE_ADD_PARTITION_TYPE_WARNING" : "FAVORITE_ADD_DRIVE_DEV_WARNING", hwndDlg); - } - - return OrganizeFavoriteVolumes (hwndDlg, systemFavorites, favorite); - } - - - static BOOL CALLBACK FavoriteVolumesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) - { - /* This dialog is used both for System Favorites and non-system Favorites. - - The following options have different meaning in System Favorites mode: - - IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT => MOUNT_SYSTEM_FAVORITES_ON_BOOT - IDC_FAVORITE_DISABLE_HOTKEY => DISABLE_NONADMIN_SYS_FAVORITES_ACCESS - - */ - - WORD lw = LOWORD (wParam); - WORD hw = HIWORD (wParam); - static bool SystemFavoritesMode; - static vector Favorites; - static int SelectedItem; - static HWND FavoriteListControl; - - switch (msg) - { - case WM_INITDIALOG: - { - try - { - FavoriteListControl = GetDlgItem (hwndDlg, IDC_FAVORITE_VOLUMES_LIST); - - FavoriteVolumesDlgProcArguments *args = (FavoriteVolumesDlgProcArguments *) lParam; - SystemFavoritesMode = args->SystemFavorites; - - LocalizeDialog (hwndDlg, SystemFavoritesMode ? "SYSTEM_FAVORITES_DLG_TITLE" : "IDD_FAVORITE_VOLUMES"); - - if (SystemFavoritesMode) - { - RECT rec; - - BootEncryptionStatus bootEncStatus = BootEncryption (hwndDlg).GetStatus(); - - if (!bootEncStatus.DriveMounted) - throw ErrorException ("SYS_FAVORITES_REQUIRE_PBA", SRC_POS); - - ShowWindow (GetDlgItem(hwndDlg, IDC_FAVORITE_MOUNT_ON_LOGON), SW_HIDE); - ShowWindow (GetDlgItem(hwndDlg, IDC_FAVORITE_MOUNT_ON_ARRIVAL), SW_HIDE); - - // MOUNT_SYSTEM_FAVORITES_ON_BOOT - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT), GetString ("MOUNT_SYSTEM_FAVORITES_ON_BOOT")); - - // DISABLE_NONADMIN_SYS_FAVORITES_ACCESS - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY), GetString ("DISABLE_NONADMIN_SYS_FAVORITES_ACCESS")); - - // Group box - - GetClientRect (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), &rec); - - SetWindowPos (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), 0, 0, 0, - rec.right, - rec.bottom - CompensateYDPI (95), - SWP_NOMOVE | SWP_NOZORDER); - - InvalidateRect (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), NULL, TRUE); - } - else - { - ShowWindow (GetDlgItem(hwndDlg, IDC_FAV_VOL_OPTIONS_GLOBAL_SETTINGS_BOX), SW_HIDE); - } - - Favorites.clear(); - - LVCOLUMNW column; - SendMessageW (FavoriteListControl, LVM_SETEXTENDEDLISTVIEWSTYLE, 0, LVS_EX_FULLROWSELECT); - - memset (&column, 0, sizeof (column)); - column.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; - column.pszText = GetString ("DRIVE"); - column.cx = CompensateXDPI (38); - column.fmt = LVCFMT_CENTER; - SendMessageW (FavoriteListControl, LVM_INSERTCOLUMNW, 1, (LPARAM) &column); - - ++column.iSubItem; - column.fmt = LVCFMT_LEFT; - column.pszText = GetString ("LABEL"); - column.cx = CompensateXDPI (160); - SendMessageW (FavoriteListControl, LVM_INSERTCOLUMNW, 2, (LPARAM) &column); - - ++column.iSubItem; - column.fmt = LVCFMT_LEFT; - column.pszText = GetString ("VOLUME"); - column.cx = CompensateXDPI (330); - SendMessageW (FavoriteListControl, LVM_INSERTCOLUMNW, 3, (LPARAM) &column); - - SetControls (hwndDlg, FavoriteVolume(), SystemFavoritesMode, false); - - if (SystemFavoritesMode) - LoadFavoriteVolumes (Favorites, true); - else - Favorites = FavoriteVolumes; - - if (args->AddFavoriteVolume) - Favorites.push_back (args->NewFavoriteVolume); - - FillListControl (FavoriteListControl, Favorites); - - SelectedItem = -1; - - if (args->AddFavoriteVolume) - { - ListView_SetItemState (FavoriteListControl, Favorites.size() - 1, LVIS_SELECTED, LVIS_SELECTED); - ListView_EnsureVisible (FavoriteListControl, Favorites.size() - 1, FALSE); - } - - if (SystemFavoritesMode) - SetDlgItemTextW (hwndDlg, IDC_FAVORITES_HELP_LINK, GetString ("SYS_FAVORITES_HELP_LINK")); - - ToHyperlink (hwndDlg, IDC_FAVORITES_HELP_LINK); - } - catch (Exception &e) - { - e.Show (hwndDlg); - EndDialog (hwndDlg, IDCLOSE); - } - } - return 1; - - case WM_COMMAND: - - switch (lw) - { - case IDOK: - - /* Global System Favorites settings */ - - if (SystemFavoritesMode) - { - BootEncryption BootEncObj (NULL); - - if (BootEncObj.GetStatus().DriveMounted) - { - try - { - uint32 reqConfig = IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT) ? TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES : 0; - if (reqConfig != (ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES)) - BootEncObj.RegisterSystemFavoritesService (reqConfig ? TRUE : FALSE); - - SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS, IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY)); - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - } - } - - /* (System) Favorites list */ - - if (SelectedItem != -1 && !Favorites.empty()) - SetFavoriteVolume (hwndDlg, Favorites[SelectedItem], SystemFavoritesMode); - - if (SaveFavoriteVolumes (hwndDlg, Favorites, SystemFavoritesMode)) - { - if (!SystemFavoritesMode) - { - bMountFavoritesOnLogon = FALSE; - - foreach (const FavoriteVolume &favorite, Favorites) - { - if (favorite.MountOnLogOn) - { - bMountFavoritesOnLogon = TRUE; - break; - } - } - - if (!bEnableBkgTask || bCloseBkgTaskWhenNoVolumes || IsNonInstallMode()) - { - foreach (const FavoriteVolume favorite, Favorites) - { - if (favorite.MountOnArrival) - { - Warning ("FAVORITE_ARRIVAL_MOUNT_BACKGROUND_TASK_ERR", hwndDlg); - break; - } - } - } - - FavoriteVolumes = Favorites; - - ManageStartupSeq(); - SaveSettings (hwndDlg); - } - else - SystemFavoriteVolumes = Favorites; - - OnFavoriteVolumesUpdated(); - LoadDriveLetters (hwndDlg, GetDlgItem (MainDlg, IDC_DRIVELIST), 0); - - EndDialog (hwndDlg, IDOK); - } - - return 1; - - case IDCANCEL: - EndDialog (hwndDlg, IDCLOSE); - return 1; - - case IDC_FAVORITE_MOVE_DOWN: - if (SelectedItem != -1 && Favorites.size() > (size_t) SelectedItem + 1) - { - swap (Favorites[SelectedItem], Favorites[SelectedItem + 1]); - - FillListControl (FavoriteListControl, Favorites); - ++SelectedItem; - ListView_SetItemState (FavoriteListControl, SelectedItem, LVIS_SELECTED, LVIS_SELECTED); - ListView_EnsureVisible (FavoriteListControl, SelectedItem, FALSE); - } - return 1; - - case IDC_FAVORITE_MOVE_UP: - if (SelectedItem > 0) - { - swap (Favorites[SelectedItem], Favorites[SelectedItem - 1]); - - FillListControl (FavoriteListControl, Favorites); - --SelectedItem; - ListView_SetItemState (FavoriteListControl, SelectedItem, LVIS_SELECTED, LVIS_SELECTED); - ListView_EnsureVisible (FavoriteListControl, SelectedItem, FALSE); - } - return 1; - - case IDC_FAVORITE_REMOVE: - if (SelectedItem != -1) - { - Favorites.erase (Favorites.begin() + SelectedItem); - FillListControl (GetDlgItem (hwndDlg, IDC_FAVORITE_VOLUMES_LIST), Favorites); - SetControls (hwndDlg, FavoriteVolume(), SystemFavoritesMode, false); - SelectedItem = -1; - } - return 1; - - - case IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT: // Note that this option means "MOUNT_SYSTEM_FAVORITES_ON_BOOT" when SystemFavoritesMode is true - if (SystemFavoritesMode) - { - // MOUNT_SYSTEM_FAVORITES_ON_BOOT - - if (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT)) - { - WarningDirect ((wstring (GetString ("SYS_FAVORITES_KEYBOARD_WARNING")) + L"\n\n" + GetString ("BOOT_PASSWORD_CACHE_KEYBOARD_WARNING")).c_str(), hwndDlg); - - if (!IsServerOS() && !IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY)) - Info ("SYS_FAVORITES_ADMIN_ONLY_INFO", hwndDlg); - } - } - return 1; - - case IDC_FAVORITE_DISABLE_HOTKEY: // Note that this option means "DISABLE_NONADMIN_SYS_FAVORITES_ACCESS" when SystemFavoritesMode is true - if (SystemFavoritesMode) - { - // DISABLE_NONADMIN_SYS_FAVORITES_ACCESS - - if (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY)) - WarningDirect ((wstring (GetString ("SYS_FAVORITES_ADMIN_ONLY_WARNING")) + L"\n\n" + GetString ("SETTING_REQUIRES_REBOOT")).c_str(), hwndDlg); - else - Warning ("SETTING_REQUIRES_REBOOT", hwndDlg); - } - return 1; - - case IDC_FAVORITES_HELP_LINK: - Applink (SystemFavoritesMode ? "sysfavorites" : "favorites", TRUE, ""); - return 1; - case IDC_SHOW_PIM: - HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PIM, IDC_PIM, 0); - return 1; - - case IDC_PIM: - if (hw == EN_CHANGE) - { - int pim = GetPim (hwndDlg, IDC_PIM); - if (pim > (SystemFavoritesMode? MAX_BOOT_PIM_VALUE: MAX_PIM_VALUE)) - { - SetDlgItemText (hwndDlg, IDC_PIM, L""); - SetFocus (GetDlgItem(hwndDlg, IDC_PIM)); - Warning (SystemFavoritesMode? "PIM_SYSENC_TOO_BIG": "PIM_TOO_BIG", hwndDlg); - return 1; - } - } - break; - } - - return 0; - - case WM_NOTIFY: - if (((LPNMHDR) lParam)->code == LVN_ITEMCHANGED) - { - static bool reentry = false; - if (reentry) - break; - - reentry = true; - - if (SelectedItem != -1) - { - SetFavoriteVolume (hwndDlg, Favorites[SelectedItem], SystemFavoritesMode); - FillListControlSubItems (FavoriteListControl, SelectedItem, Favorites[SelectedItem]); - } - - SelectedItem = ListView_GetNextItem (GetDlgItem (hwndDlg, IDC_FAVORITE_VOLUMES_LIST), -1, LVIS_SELECTED); - - if (SelectedItem != -1) - SetControls (hwndDlg, Favorites[SelectedItem], SystemFavoritesMode); - else - SetControls (hwndDlg, FavoriteVolume(), SystemFavoritesMode, false); - - reentry = false; - return 1; - } - break; - - case WM_CLOSE: - EndDialog (hwndDlg, IDCLOSE); - return 1; - case WM_CTLCOLORSTATIC: - { - HDC hdc = (HDC) wParam; - HWND hw = (HWND) lParam; - if (hw == GetDlgItem(hwndDlg, IDC_FAVORITE_VOLUME_ID)) - { - // This the favorite ID field. Make its background like normal edit - HBRUSH hbr = GetSysColorBrush (COLOR_WINDOW); - ::SelectObject(hdc, hbr); - return (BOOL) hbr; - } - } - break; - } - - return 0; - } - - - static void FillFavoriteVolumesMenu () - { - while (DeleteMenu (FavoriteVolumesMenu, 7, MF_BYPOSITION)) { } - - if (FavoriteVolumes.empty()) - return; - - AppendMenu (FavoriteVolumesMenu, MF_SEPARATOR, 0, L""); - - int i = 0; - foreach (const FavoriteVolume &favorite, FavoriteVolumes) - { - UINT flags = MF_STRING; - - if (favorite.DisconnectedDevice) - flags |= MF_GRAYED; - - wstring menuText = favorite.Path; - if (favorite.DisconnectedDevice) - menuText = favorite.Label.empty() ? wstring (L"(") + GetString ("FAVORITE_DISCONNECTED_DEV") + L")" : L""; - - if (!favorite.Label.empty()) - { - if (favorite.DisconnectedDevice) - menuText = favorite.Label + L" " + menuText; - else - menuText = favorite.Label; - } - - AppendMenuW (FavoriteVolumesMenu, flags, TC_FAVORITE_MENU_CMD_ID_OFFSET + i++, - (menuText + L"\t" + favorite.MountPoint.substr (0, 2)).c_str()); - } - } - - - static void FillListControl (HWND favoriteListControl, vector &favorites) - { - SendMessage (favoriteListControl, LVM_DELETEALLITEMS, 0, 0); - - int line = 0; - foreach (const FavoriteVolume favorite, favorites) - { - ListItemAdd (favoriteListControl, line, (wchar_t *) favorite.MountPoint.substr (0, 2).c_str()); - FillListControlSubItems (favoriteListControl, line++, favorite); - } - } - - - static void FillListControlSubItems (HWND FavoriteListControl, int line, const FavoriteVolume &favorite) - { - ListSubItemSet (FavoriteListControl, line, 1, (wchar_t *) favorite.Label.c_str()); - - if (favorite.DisconnectedDevice) - ListSubItemSet (FavoriteListControl, line, 2, (wchar_t *) (wstring (L"(") + GetString ("FAVORITE_DISCONNECTED_DEV") + L")").c_str()); - else - ListSubItemSet (FavoriteListControl, line, 2, (wchar_t *) favorite.Path.c_str()); - } - - - wstring GetFavoriteVolumeLabel (const wstring &volumePath, bool& useInExplorer) - { - foreach (const FavoriteVolume &favorite, FavoriteVolumes) - { - if (favorite.Path == volumePath) - { - useInExplorer = favorite.UseLabelInExplorer; - return favorite.Label; - } - } - - foreach (const FavoriteVolume &favorite, SystemFavoriteVolumes) - { - if (favorite.Path == volumePath) - { - useInExplorer = favorite.UseLabelInExplorer; - return favorite.Label; - } - } - - useInExplorer = false; - return wstring(); - } - - - void LoadFavoriteVolumes () - { - LoadFavoriteVolumes (FavoriteVolumes, false); - - try - { - LoadFavoriteVolumes (SystemFavoriteVolumes, true, true); - } - catch (...) { } // Ignore errors as SystemFavoriteVolumes list is used only for resolving volume paths to labels - - OnFavoriteVolumesUpdated(); - } - - - void LoadFavoriteVolumes (vector &favorites, bool systemFavorites, bool noUacElevation) - { - favorites.clear(); - wstring favoritesFilePath = systemFavorites ? GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false) : GetConfigPath (TC_APPD_FILENAME_FAVORITE_VOLUMES); - - if (systemFavorites && !IsAdmin() && !noUacElevation) - { - favoritesFilePath = GetConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES); - - try - { - BootEncryption bootEnc (MainDlg); - bootEnc.CopyFileAdmin (GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false).c_str(), favoritesFilePath.c_str()); - } - catch (SystemException &e) - { - if (e.ErrorCode == ERROR_FILE_NOT_FOUND) - return; - - throw; - } - } - - DWORD size; - char *favoritesXml = LoadFile (favoritesFilePath.c_str(), &size); - - if (systemFavorites && !IsAdmin() && !noUacElevation) - DeleteFile (GetConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES)); - - char *xml = favoritesXml; - char mountPoint[MAX_PATH], volume[MAX_PATH]; - - if (xml == NULL) - return; - - while (xml = XmlFindElement (xml, "volume")) - { - FavoriteVolume favorite; - - XmlGetAttributeText (xml, "mountpoint", mountPoint, sizeof (mountPoint)); - favorite.MountPoint = Utf8StringToWide (mountPoint); - - XmlGetNodeText (xml, volume, sizeof (volume)); - favorite.Path = Utf8StringToWide (volume); - - char label[1024]; - - XmlGetAttributeText (xml, "ID", label, sizeof (label)); - if (strlen (label) == (2*VOLUME_ID_SIZE)) - { - std::vector arr; - if (HexWideStringToArray (Utf8StringToWide (label).c_str(), arr) && arr.size() == VOLUME_ID_SIZE) - { - memcpy (favorite.VolumeID, &arr[0], VOLUME_ID_SIZE); - } - } - - XmlGetAttributeText (xml, "label", label, sizeof (label)); - favorite.Label = Utf8StringToWide (label); - - XmlGetAttributeText (xml, "pim", label, sizeof (label)); - if (strlen(label) == 0) - { - /* support old attribute name before it was changed to PIM*/ - XmlGetAttributeText (xml, "pin", label, sizeof (label)); - } - favorite.Pim = strtol (label, NULL, 10); - if (favorite.Pim < 0 || favorite.Pim > (systemFavorites? MAX_BOOT_PIM_VALUE : MAX_PIM_VALUE)) - favorite.Pim = 0; - - char boolVal[2]; - XmlGetAttributeText (xml, "readonly", boolVal, sizeof (boolVal)); - if (boolVal[0]) - favorite.ReadOnly = (boolVal[0] == '1'); - - XmlGetAttributeText (xml, "removable", boolVal, sizeof (boolVal)); - if (boolVal[0]) - favorite.Removable = (boolVal[0] == '1'); - - XmlGetAttributeText (xml, "system", boolVal, sizeof (boolVal)); - if (boolVal[0]) - favorite.SystemEncryption = (boolVal[0] == '1'); - - XmlGetAttributeText (xml, "noHotKeyMount", boolVal, sizeof (boolVal)); - if (boolVal[0]) - favorite.DisableHotkeyMount = (boolVal[0] == '1'); - - XmlGetAttributeText (xml, "openExplorerWindow", boolVal, sizeof (boolVal)); - if (boolVal[0]) - favorite.OpenExplorerWindow = (boolVal[0] == '1'); - - XmlGetAttributeText (xml, "mountOnArrival", boolVal, sizeof (boolVal)); - if (boolVal[0]) - favorite.MountOnArrival = (boolVal[0] == '1'); - - XmlGetAttributeText (xml, "mountOnLogOn", boolVal, sizeof (boolVal)); - if (boolVal[0]) - favorite.MountOnLogOn = (boolVal[0] == '1'); - - XmlGetAttributeText (xml, "useLabelInExplorer", boolVal, sizeof (boolVal)); - if (boolVal[0]) - favorite.UseLabelInExplorer = (boolVal[0] == '1') && !favorite.ReadOnly; - - XmlGetAttributeText (xml, "useVolumeID", boolVal, sizeof (boolVal)); - if (boolVal[0]) - favorite.UseVolumeID = (boolVal[0] == '1') && !IsRepeatedByteArray (0, favorite.VolumeID, sizeof (favorite.VolumeID)); - - if (favorite.Path.find (L"\\\\?\\Volume{") == 0 && favorite.Path.rfind (L"}\\") == favorite.Path.size() - 2) - { - wstring resolvedPath = VolumeGuidPathToDevicePath (favorite.Path); - if (!resolvedPath.empty()) - { - favorite.DisconnectedDevice = false; - favorite.VolumePathId = favorite.Path; - favorite.Path = resolvedPath; - } - else - favorite.DisconnectedDevice = true; - } - - favorites.push_back (favorite); - xml++; - } - - free (favoritesXml); - } - - - static void OnFavoriteVolumesUpdated () - { - FillFavoriteVolumesMenu(); - - FavoritesOnArrivalMountRequired.clear(); - - foreach (const FavoriteVolume favorite, FavoriteVolumes) - { - if (favorite.MountOnArrival) - { - FavoritesOnArrivalMountRequired.push_back (favorite); - - if (IsMountedVolume (favorite.Path.c_str())) - { - bool present = false; - - foreach (const FavoriteVolume favoriteConnected, FavoritesMountedOnArrivalStillConnected) - { - if (favorite.Path == favoriteConnected.Path) - { - present = true; - break; - } - } - - if (!present) - FavoritesMountedOnArrivalStillConnected.push_back (favorite); - } - } - } - } - - - BOOL OrganizeFavoriteVolumes (HWND hwndDlg, bool systemFavorites, const FavoriteVolume &newFavorite) - { - FavoriteVolumesDlgProcArguments args; - args.SystemFavorites = systemFavorites; - - if (!newFavorite.Path.empty()) - { - args.AddFavoriteVolume = true; - args.NewFavoriteVolume = newFavorite; - } - else - args.AddFavoriteVolume = false; - - return DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_FAVORITE_VOLUMES), hwndDlg, (DLGPROC) FavoriteVolumesDlgProc, (LPARAM) &args) == IDOK; - } - - - bool SaveFavoriteVolumes (HWND hwndDlg, const vector &favorites, bool systemFavorites) - { - FILE *f; - int cnt = 0; - - f = _wfopen (GetConfigPath (systemFavorites ? TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES : TC_APPD_FILENAME_FAVORITE_VOLUMES), L"w,ccs=UTF-8"); - if (f == NULL) - { - handleWin32Error (MainDlg, SRC_POS); - return false; - } - - XmlWriteHeader (f); - fputws (L"\n\t", f); - - foreach (const FavoriteVolume &favorite, favorites) - { - wchar_t tq[2048]; - - if (systemFavorites && favorite.Path.find (L"\\\\") == 0 && favorite.Path.find (L"Volume{") == wstring::npos) - Warning ("SYSTEM_FAVORITE_NETWORK_PATH_ERR", hwndDlg); - - XmlQuoteTextW (!favorite.VolumePathId.empty() ? favorite.VolumePathId.c_str() : favorite.Path.c_str(), tq, ARRAYSIZE (tq)); - - wstring s = L"\n\t\t 0) - s += L" pim=\"" + IntToWideString(favorite.Pim) + L"\""; - - if (favorite.ReadOnly) - s += L" readonly=\"1\""; - - if (favorite.Removable) - s += L" removable=\"1\""; - - if (favorite.SystemEncryption) - s += L" system=\"1\""; - - if (favorite.MountOnArrival) - s += L" mountOnArrival=\"1\""; - - if (favorite.MountOnLogOn) - s += L" mountOnLogOn=\"1\""; - - if (favorite.DisableHotkeyMount) - s += L" noHotKeyMount=\"1\""; - - if (favorite.OpenExplorerWindow) - s += L" openExplorerWindow=\"1\""; - - if (favorite.UseLabelInExplorer && !favorite.ReadOnly) - s += L" useLabelInExplorer=\"1\""; - - if (favorite.UseVolumeID && !IsRepeatedByteArray (0, favorite.VolumeID, sizeof (favorite.VolumeID))) - s += L" useVolumeID=\"1\""; - - s += L">" + wstring (tq) + L""; - - fwprintf (f, L"%ws", s.c_str()); - cnt++; - } - - fputws (L"\n\t", f); - XmlWriteFooter (f); - - if (!CheckFileStreamWriteErrors (hwndDlg, f, systemFavorites ? TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES : TC_APPD_FILENAME_FAVORITE_VOLUMES)) - { - fclose (f); - return false; - } - - fclose (f); - - BootEncryption bootEnc (MainDlg); - - if (systemFavorites) - { - finally_do ({ _wremove (GetConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES)); }); - - try - { - bootEnc.DeleteFileAdmin (GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false).c_str()); - } - catch (UserAbort&) { return false; } - catch (...) { } - - try - { - if (cnt != 0) - { - bootEnc.CopyFileAdmin (GetConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES), GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false).c_str()); - - if (!(ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES)) - Info ("SYS_FAVORITE_VOLUMES_SAVED", hwndDlg); - } - } - catch (Exception &e) - { - e.Show (NULL); - } - } - - if (cnt == 0) - { - if (systemFavorites) - { - try - { - bootEnc.DeleteFileAdmin (GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false).c_str()); - } - catch (...) { } - } - else - _wremove (GetConfigPath (TC_APPD_FILENAME_FAVORITE_VOLUMES)); - } - - return true; - } - - - static void SetControls (HWND hwndDlg, const FavoriteVolume &favorite, bool systemFavoritesMode, bool enable) - { - BOOL bIsDevice = favorite.DisconnectedDevice || IsVolumeDeviceHosted (favorite.Path.c_str()) || !enable; - if (favorite.Pim > 0) - { - wchar_t szTmp[MAX_PIM + 1]; - StringCbPrintfW (szTmp, sizeof(szTmp), L"%d", favorite.Pim); - SetDlgItemText (hwndDlg, IDC_PIM, szTmp); - } - else - SetDlgItemText (hwndDlg, IDC_PIM, L""); - SetDlgItemTextW (hwndDlg, IDC_FAVORITE_LABEL, favorite.Label.c_str()); - SetCheckBox (hwndDlg, IDC_FAVORITE_USE_LABEL_IN_EXPLORER, favorite.UseLabelInExplorer); - SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_ON_LOGON, favorite.MountOnLogOn); - SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_ON_ARRIVAL, favorite.MountOnArrival); - SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_READONLY, favorite.ReadOnly); - SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_REMOVABLE, favorite.Removable); - SetCheckBox (hwndDlg, IDC_FAVORITE_USE_VOLUME_ID, favorite.UseVolumeID && bIsDevice); - - if (IsRepeatedByteArray (0, favorite.VolumeID, sizeof (favorite.VolumeID)) || !bIsDevice) - { - SetDlgItemText (hwndDlg, IDC_FAVORITE_VOLUME_ID, L""); - } - else - SetDlgItemText (hwndDlg, IDC_FAVORITE_VOLUME_ID, ArrayToHexWideString (favorite.VolumeID, sizeof (favorite.VolumeID)).c_str()); - - if (systemFavoritesMode) - { - uint32 driverConfig = ReadDriverConfigurationFlags(); - - // MOUNT_SYSTEM_FAVORITES_ON_BOOT - CheckDlgButton (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT, (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES) ? BST_CHECKED : BST_UNCHECKED); - - // DISABLE_NONADMIN_SYS_FAVORITES_ACCESS - CheckDlgButton (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY, (driverConfig & TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS) ? BST_CHECKED : BST_UNCHECKED); - } - else - { - SetCheckBox (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT, favorite.OpenExplorerWindow); - SetCheckBox (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY, favorite.DisableHotkeyMount); - } - - EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOVE_UP), enable); - EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOVE_DOWN), enable); - EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_REMOVE), enable); - EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), enable); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), enable); - EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PIM), enable); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), enable); - EnableWindow (GetDlgItem (hwndDlg, IDT_FAVORITE_LABEL), enable); - EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_LABEL), enable); - EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_USE_LABEL_IN_EXPLORER), enable); - EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOUNT_ON_LOGON), enable && !systemFavoritesMode); - EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOUNT_ON_ARRIVAL), enable && !systemFavoritesMode); - EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOUNT_READONLY), enable); - EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOUNT_REMOVABLE), enable); - EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT), enable || systemFavoritesMode); - EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY), enable || systemFavoritesMode); - EnableWindow (GetDlgItem (hwndDlg, IDT_VOLUME_ID), enable && bIsDevice); - EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_VOLUME_ID), enable && bIsDevice); - EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_USE_VOLUME_ID), enable && bIsDevice && !IsRepeatedByteArray (0, favorite.VolumeID, sizeof (favorite.VolumeID))); - - ShowWindow (GetDlgItem (hwndDlg, IDT_VOLUME_ID), bIsDevice? SW_SHOW : SW_HIDE); - ShowWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_VOLUME_ID), bIsDevice? SW_SHOW : SW_HIDE); - ShowWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_USE_VOLUME_ID), bIsDevice? SW_SHOW : SW_HIDE); - - // Group box - RECT boxRect, checkRect, labelRect; - - GetWindowRect (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), &boxRect); - GetWindowRect (GetDlgItem (hwndDlg, IDC_FAVORITE_USE_VOLUME_ID), &checkRect); - GetWindowRect (GetDlgItem (hwndDlg, IDT_VOLUME_ID), &labelRect); - - if (!bIsDevice && (boxRect.top < checkRect.top)) - { - POINT pt = {boxRect.left, checkRect.bottom}; - ScreenToClient (hwndDlg, &pt); - SetWindowPos (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), 0, pt.x, pt.y, - boxRect.right - boxRect.left, - boxRect.bottom - checkRect.bottom, - SWP_NOZORDER); - - InvalidateRect (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), NULL, TRUE); - } - - if (bIsDevice && (boxRect.top >= checkRect.top)) - { - POINT pt = {boxRect.left, labelRect.top - CompensateYDPI (10)}; - ScreenToClient (hwndDlg, &pt); - SetWindowPos (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), 0, pt.x, pt.y, - boxRect.right - boxRect.left, - boxRect.bottom - labelRect.top + CompensateYDPI (10), - SWP_NOZORDER); - - InvalidateRect (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), NULL, TRUE); - } - } - - - static void SetFavoriteVolume (HWND hwndDlg, FavoriteVolume &favorite, bool systemFavoritesMode) - { - wchar_t label[1024]; - if (GetDlgItemTextW (hwndDlg, IDC_FAVORITE_LABEL, label, ARRAYSIZE (label)) != 0) - { - favorite.Label = label; - - for (size_t i = 0; i < favorite.Label.size(); ++i) - { - if (favorite.Label[i] == L'"') - favorite.Label.at (i) = L'\''; - } - } - else - favorite.Label.clear(); - - favorite.Pim = GetPim (hwndDlg, IDC_PIM); - favorite.UseLabelInExplorer = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_USE_LABEL_IN_EXPLORER) != 0); - favorite.UseVolumeID = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_USE_VOLUME_ID) != 0); - - favorite.ReadOnly = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_READONLY) != 0); - favorite.Removable = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_REMOVABLE) != 0); - - if (!systemFavoritesMode) - { - favorite.MountOnLogOn = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_ON_LOGON) != 0); - favorite.MountOnArrival = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_ON_ARRIVAL) != 0); - favorite.DisableHotkeyMount = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY) != 0); - favorite.OpenExplorerWindow = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT) != 0); - } - - if (favorite.VolumePathId.empty() - && IsVolumeDeviceHosted (favorite.Path.c_str()) - && favorite.Path.find (L"\\\\?\\Volume{") != 0) - { - bool partition = (favorite.Path.find (L"\\Partition0") == wstring::npos); - - if (!favorite.Label.empty()) - { - ErrorDirect ((GetString (partition ? "FAVORITE_LABEL_PARTITION_TYPE_ERR" : "FAVORITE_LABEL_DEVICE_PATH_ERR") + wstring (L"\n\n") + favorite.Path).c_str(), hwndDlg); - favorite.Label.clear(); - } - - if (favorite.MountOnArrival) - { - ErrorDirect ((GetString (partition ? "FAVORITE_ARRIVAL_MOUNT_PARTITION_TYPE_ERR" : "FAVORITE_ARRIVAL_MOUNT_DEVICE_PATH_ERR") + wstring (L"\n\n") + favorite.Path).c_str(), hwndDlg); - favorite.MountOnArrival = false; - } - } - - if (favorite.MountOnArrival && favorite.Path.find (L"\\\\") == 0 && favorite.Path.find (L"Volume{") == wstring::npos) - { - Error ("FAVORITE_ARRIVAL_MOUNT_NETWORK_PATH_ERR", hwndDlg); - favorite.MountOnArrival = false; - } - } - - - void UpdateDeviceHostedFavoriteVolumes () - { - try - { - LoadFavoriteVolumes(); - } - catch (Exception &e) - { - e.Show (MainDlg); - } - } -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Tcdefs.h" +#include "Platform/Finally.h" +#include "Platform/ForEach.h" +#include "BootEncryption.h" +#include "Dlgcode.h" +#include "Language.h" +#include "Mount.h" +#include "Common/Resource.h" +#include "Resource.h" +#include "Xml.h" +#include "Favorites.h" + +using namespace std; + +namespace VeraCrypt +{ + vector FavoriteVolumes; + vector SystemFavoriteVolumes; + list FavoritesOnArrivalMountRequired; + list FavoritesMountedOnArrivalStillConnected; + HMENU FavoriteVolumesMenu; + + + BOOL AddMountedVolumeToFavorites (HWND hwndDlg, int driveNo, bool systemFavorites) + { + VOLUME_PROPERTIES_STRUCT prop; + DWORD bytesReturned; + + memset (&prop, 0, sizeof (prop)); + prop.driveNo = driveNo; + + if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &bytesReturned, NULL)) + { + handleWin32Error (hwndDlg, SRC_POS); + return FALSE; + } + + FavoriteVolume favorite; + favorite.MountPoint = L"X:\\"; + favorite.MountPoint[0] = (wchar_t) (prop.driveNo + L'A'); + + favorite.Path = prop.wszVolume; + if (favorite.Path.find (L"\\??\\") == 0) + favorite.Path = favorite.Path.substr (4); + + if (wcslen (prop.wszLabel)) + { + favorite.Label = prop.wszLabel; + favorite.UseLabelInExplorer = true; + } + + if (IsVolumeDeviceHosted (favorite.Path.c_str())) + { + // Get GUID path + wstring volumeDevPath = favorite.Path; + + wchar_t resolvedVolumeDevPath[TC_MAX_PATH]; + if (ResolveSymbolicLink (volumeDevPath.c_str(), resolvedVolumeDevPath, sizeof(resolvedVolumeDevPath))) + volumeDevPath = resolvedVolumeDevPath; + + wchar_t volumeName[TC_MAX_PATH]; + HANDLE find = FindFirstVolume (volumeName, ARRAYSIZE (volumeName)); + + if (find != INVALID_HANDLE_VALUE) + { + do + { + wchar_t findVolumeDevPath[TC_MAX_PATH]; + wstring vn = volumeName; + + if (QueryDosDevice (vn.substr (4, vn.size() - 5).c_str(), findVolumeDevPath, ARRAYSIZE (findVolumeDevPath)) != 0 + && volumeDevPath == findVolumeDevPath) + { + favorite.VolumePathId = volumeName; + break; + } + + } while (FindNextVolume (find, volumeName, ARRAYSIZE (volumeName))); + + FindVolumeClose (find); + } + } + + favorite.ReadOnly = prop.readOnly ? true : false; + favorite.Removable = prop.removable ? true : false; + favorite.SystemEncryption = prop.partitionInInactiveSysEncScope ? true : false; + favorite.OpenExplorerWindow = (bExplore == TRUE); + favorite.Pim = prop.volumePim; + memcpy (favorite.VolumeID, prop.volumeID, VOLUME_ID_SIZE); + + if (favorite.VolumePathId.empty() + && IsVolumeDeviceHosted (favorite.Path.c_str()) + && favorite.Path.find (L"\\\\?\\Volume{") != 0) + { + Warning (favorite.Path.find (L"\\Partition0") == wstring::npos ? "FAVORITE_ADD_PARTITION_TYPE_WARNING" : "FAVORITE_ADD_DRIVE_DEV_WARNING", hwndDlg); + } + + return OrganizeFavoriteVolumes (hwndDlg, systemFavorites, favorite); + } + + + static BOOL CALLBACK FavoriteVolumesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) + { + /* This dialog is used both for System Favorites and non-system Favorites. + + The following options have different meaning in System Favorites mode: + + IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT => MOUNT_SYSTEM_FAVORITES_ON_BOOT + IDC_FAVORITE_DISABLE_HOTKEY => DISABLE_NONADMIN_SYS_FAVORITES_ACCESS + + */ + + WORD lw = LOWORD (wParam); + WORD hw = HIWORD (wParam); + static bool SystemFavoritesMode; + static vector Favorites; + static int SelectedItem; + static HWND FavoriteListControl; + + switch (msg) + { + case WM_INITDIALOG: + { + try + { + FavoriteListControl = GetDlgItem (hwndDlg, IDC_FAVORITE_VOLUMES_LIST); + + FavoriteVolumesDlgProcArguments *args = (FavoriteVolumesDlgProcArguments *) lParam; + SystemFavoritesMode = args->SystemFavorites; + + LocalizeDialog (hwndDlg, SystemFavoritesMode ? "SYSTEM_FAVORITES_DLG_TITLE" : "IDD_FAVORITE_VOLUMES"); + + if (SystemFavoritesMode) + { + RECT rec; + + BootEncryptionStatus bootEncStatus = BootEncryption (hwndDlg).GetStatus(); + + if (!bootEncStatus.DriveMounted) + throw ErrorException ("SYS_FAVORITES_REQUIRE_PBA", SRC_POS); + + ShowWindow (GetDlgItem(hwndDlg, IDC_FAVORITE_MOUNT_ON_LOGON), SW_HIDE); + ShowWindow (GetDlgItem(hwndDlg, IDC_FAVORITE_MOUNT_ON_ARRIVAL), SW_HIDE); + + // MOUNT_SYSTEM_FAVORITES_ON_BOOT + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT), GetString ("MOUNT_SYSTEM_FAVORITES_ON_BOOT")); + + // DISABLE_NONADMIN_SYS_FAVORITES_ACCESS + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY), GetString ("DISABLE_NONADMIN_SYS_FAVORITES_ACCESS")); + + // Group box + + GetClientRect (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), &rec); + + SetWindowPos (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), 0, 0, 0, + rec.right, + rec.bottom - CompensateYDPI (95), + SWP_NOMOVE | SWP_NOZORDER); + + InvalidateRect (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), NULL, TRUE); + } + else + { + ShowWindow (GetDlgItem(hwndDlg, IDC_FAV_VOL_OPTIONS_GLOBAL_SETTINGS_BOX), SW_HIDE); + } + + Favorites.clear(); + + LVCOLUMNW column; + SendMessageW (FavoriteListControl, LVM_SETEXTENDEDLISTVIEWSTYLE, 0, LVS_EX_FULLROWSELECT); + + memset (&column, 0, sizeof (column)); + column.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; + column.pszText = GetString ("DRIVE"); + column.cx = CompensateXDPI (38); + column.fmt = LVCFMT_CENTER; + SendMessageW (FavoriteListControl, LVM_INSERTCOLUMNW, 1, (LPARAM) &column); + + ++column.iSubItem; + column.fmt = LVCFMT_LEFT; + column.pszText = GetString ("LABEL"); + column.cx = CompensateXDPI (160); + SendMessageW (FavoriteListControl, LVM_INSERTCOLUMNW, 2, (LPARAM) &column); + + ++column.iSubItem; + column.fmt = LVCFMT_LEFT; + column.pszText = GetString ("VOLUME"); + column.cx = CompensateXDPI (330); + SendMessageW (FavoriteListControl, LVM_INSERTCOLUMNW, 3, (LPARAM) &column); + + SetControls (hwndDlg, FavoriteVolume(), SystemFavoritesMode, false); + + if (SystemFavoritesMode) + LoadFavoriteVolumes (Favorites, true); + else + Favorites = FavoriteVolumes; + + if (args->AddFavoriteVolume) + Favorites.push_back (args->NewFavoriteVolume); + + FillListControl (FavoriteListControl, Favorites); + + SelectedItem = -1; + + if (args->AddFavoriteVolume) + { + ListView_SetItemState (FavoriteListControl, Favorites.size() - 1, LVIS_SELECTED, LVIS_SELECTED); + ListView_EnsureVisible (FavoriteListControl, Favorites.size() - 1, FALSE); + } + + if (SystemFavoritesMode) + SetDlgItemTextW (hwndDlg, IDC_FAVORITES_HELP_LINK, GetString ("SYS_FAVORITES_HELP_LINK")); + + ToHyperlink (hwndDlg, IDC_FAVORITES_HELP_LINK); + } + catch (Exception &e) + { + e.Show (hwndDlg); + EndDialog (hwndDlg, IDCLOSE); + } + } + return 1; + + case WM_COMMAND: + + switch (lw) + { + case IDOK: + + /* Global System Favorites settings */ + + if (SystemFavoritesMode) + { + BootEncryption BootEncObj (NULL); + + if (BootEncObj.GetStatus().DriveMounted) + { + try + { + uint32 reqConfig = IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT) ? TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES : 0; + if (reqConfig != (ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES)) + BootEncObj.RegisterSystemFavoritesService (reqConfig ? TRUE : FALSE); + + SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS, IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY)); + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + } + } + + /* (System) Favorites list */ + + if (SelectedItem != -1 && !Favorites.empty()) + SetFavoriteVolume (hwndDlg, Favorites[SelectedItem], SystemFavoritesMode); + + if (SaveFavoriteVolumes (hwndDlg, Favorites, SystemFavoritesMode)) + { + if (!SystemFavoritesMode) + { + bMountFavoritesOnLogon = FALSE; + + foreach (const FavoriteVolume &favorite, Favorites) + { + if (favorite.MountOnLogOn) + { + bMountFavoritesOnLogon = TRUE; + break; + } + } + + if (!bEnableBkgTask || bCloseBkgTaskWhenNoVolumes || IsNonInstallMode()) + { + foreach (const FavoriteVolume favorite, Favorites) + { + if (favorite.MountOnArrival) + { + Warning ("FAVORITE_ARRIVAL_MOUNT_BACKGROUND_TASK_ERR", hwndDlg); + break; + } + } + } + + FavoriteVolumes = Favorites; + + ManageStartupSeq(); + SaveSettings (hwndDlg); + } + else + SystemFavoriteVolumes = Favorites; + + OnFavoriteVolumesUpdated(); + LoadDriveLetters (hwndDlg, GetDlgItem (MainDlg, IDC_DRIVELIST), 0); + + EndDialog (hwndDlg, IDOK); + } + + return 1; + + case IDCANCEL: + EndDialog (hwndDlg, IDCLOSE); + return 1; + + case IDC_FAVORITE_MOVE_DOWN: + if (SelectedItem != -1 && Favorites.size() > (size_t) SelectedItem + 1) + { + swap (Favorites[SelectedItem], Favorites[SelectedItem + 1]); + + FillListControl (FavoriteListControl, Favorites); + ++SelectedItem; + ListView_SetItemState (FavoriteListControl, SelectedItem, LVIS_SELECTED, LVIS_SELECTED); + ListView_EnsureVisible (FavoriteListControl, SelectedItem, FALSE); + } + return 1; + + case IDC_FAVORITE_MOVE_UP: + if (SelectedItem > 0) + { + swap (Favorites[SelectedItem], Favorites[SelectedItem - 1]); + + FillListControl (FavoriteListControl, Favorites); + --SelectedItem; + ListView_SetItemState (FavoriteListControl, SelectedItem, LVIS_SELECTED, LVIS_SELECTED); + ListView_EnsureVisible (FavoriteListControl, SelectedItem, FALSE); + } + return 1; + + case IDC_FAVORITE_REMOVE: + if (SelectedItem != -1) + { + Favorites.erase (Favorites.begin() + SelectedItem); + FillListControl (GetDlgItem (hwndDlg, IDC_FAVORITE_VOLUMES_LIST), Favorites); + SetControls (hwndDlg, FavoriteVolume(), SystemFavoritesMode, false); + SelectedItem = -1; + } + return 1; + + + case IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT: // Note that this option means "MOUNT_SYSTEM_FAVORITES_ON_BOOT" when SystemFavoritesMode is true + if (SystemFavoritesMode) + { + // MOUNT_SYSTEM_FAVORITES_ON_BOOT + + if (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT)) + { + WarningDirect ((wstring (GetString ("SYS_FAVORITES_KEYBOARD_WARNING")) + L"\n\n" + GetString ("BOOT_PASSWORD_CACHE_KEYBOARD_WARNING")).c_str(), hwndDlg); + + if (!IsServerOS() && !IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY)) + Info ("SYS_FAVORITES_ADMIN_ONLY_INFO", hwndDlg); + } + } + return 1; + + case IDC_FAVORITE_DISABLE_HOTKEY: // Note that this option means "DISABLE_NONADMIN_SYS_FAVORITES_ACCESS" when SystemFavoritesMode is true + if (SystemFavoritesMode) + { + // DISABLE_NONADMIN_SYS_FAVORITES_ACCESS + + if (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY)) + WarningDirect ((wstring (GetString ("SYS_FAVORITES_ADMIN_ONLY_WARNING")) + L"\n\n" + GetString ("SETTING_REQUIRES_REBOOT")).c_str(), hwndDlg); + else + Warning ("SETTING_REQUIRES_REBOOT", hwndDlg); + } + return 1; + + case IDC_FAVORITES_HELP_LINK: + Applink (SystemFavoritesMode ? "sysfavorites" : "favorites", TRUE, ""); + return 1; + case IDC_SHOW_PIM: + HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PIM, IDC_PIM, 0); + return 1; + + case IDC_PIM: + if (hw == EN_CHANGE) + { + int pim = GetPim (hwndDlg, IDC_PIM); + if (pim > (SystemFavoritesMode? MAX_BOOT_PIM_VALUE: MAX_PIM_VALUE)) + { + SetDlgItemText (hwndDlg, IDC_PIM, L""); + SetFocus (GetDlgItem(hwndDlg, IDC_PIM)); + Warning (SystemFavoritesMode? "PIM_SYSENC_TOO_BIG": "PIM_TOO_BIG", hwndDlg); + return 1; + } + } + break; + } + + return 0; + + case WM_NOTIFY: + if (((LPNMHDR) lParam)->code == LVN_ITEMCHANGED) + { + static bool reentry = false; + if (reentry) + break; + + reentry = true; + + if (SelectedItem != -1) + { + SetFavoriteVolume (hwndDlg, Favorites[SelectedItem], SystemFavoritesMode); + FillListControlSubItems (FavoriteListControl, SelectedItem, Favorites[SelectedItem]); + } + + SelectedItem = ListView_GetNextItem (GetDlgItem (hwndDlg, IDC_FAVORITE_VOLUMES_LIST), -1, LVIS_SELECTED); + + if (SelectedItem != -1) + SetControls (hwndDlg, Favorites[SelectedItem], SystemFavoritesMode); + else + SetControls (hwndDlg, FavoriteVolume(), SystemFavoritesMode, false); + + reentry = false; + return 1; + } + break; + + case WM_CLOSE: + EndDialog (hwndDlg, IDCLOSE); + return 1; + case WM_CTLCOLORSTATIC: + { + HDC hdc = (HDC) wParam; + HWND hw = (HWND) lParam; + if (hw == GetDlgItem(hwndDlg, IDC_FAVORITE_VOLUME_ID)) + { + // This the favorite ID field. Make its background like normal edit + HBRUSH hbr = GetSysColorBrush (COLOR_WINDOW); + ::SelectObject(hdc, hbr); + return (BOOL) hbr; + } + } + break; + } + + return 0; + } + + + static void FillFavoriteVolumesMenu () + { + while (DeleteMenu (FavoriteVolumesMenu, 7, MF_BYPOSITION)) { } + + if (FavoriteVolumes.empty()) + return; + + AppendMenu (FavoriteVolumesMenu, MF_SEPARATOR, 0, L""); + + int i = 0; + foreach (const FavoriteVolume &favorite, FavoriteVolumes) + { + UINT flags = MF_STRING; + + if (favorite.DisconnectedDevice) + flags |= MF_GRAYED; + + wstring menuText = favorite.Path; + if (favorite.DisconnectedDevice) + menuText = favorite.Label.empty() ? wstring (L"(") + GetString ("FAVORITE_DISCONNECTED_DEV") + L")" : L""; + + if (!favorite.Label.empty()) + { + if (favorite.DisconnectedDevice) + menuText = favorite.Label + L" " + menuText; + else + menuText = favorite.Label; + } + + AppendMenuW (FavoriteVolumesMenu, flags, TC_FAVORITE_MENU_CMD_ID_OFFSET + i++, + (menuText + L"\t" + favorite.MountPoint.substr (0, 2)).c_str()); + } + } + + + static void FillListControl (HWND favoriteListControl, vector &favorites) + { + SendMessage (favoriteListControl, LVM_DELETEALLITEMS, 0, 0); + + int line = 0; + foreach (const FavoriteVolume favorite, favorites) + { + ListItemAdd (favoriteListControl, line, (wchar_t *) favorite.MountPoint.substr (0, 2).c_str()); + FillListControlSubItems (favoriteListControl, line++, favorite); + } + } + + + static void FillListControlSubItems (HWND FavoriteListControl, int line, const FavoriteVolume &favorite) + { + ListSubItemSet (FavoriteListControl, line, 1, (wchar_t *) favorite.Label.c_str()); + + if (favorite.DisconnectedDevice) + ListSubItemSet (FavoriteListControl, line, 2, (wchar_t *) (wstring (L"(") + GetString ("FAVORITE_DISCONNECTED_DEV") + L")").c_str()); + else + ListSubItemSet (FavoriteListControl, line, 2, (wchar_t *) favorite.Path.c_str()); + } + + + wstring GetFavoriteVolumeLabel (const wstring &volumePath, bool& useInExplorer) + { + foreach (const FavoriteVolume &favorite, FavoriteVolumes) + { + if (favorite.Path == volumePath) + { + useInExplorer = favorite.UseLabelInExplorer; + return favorite.Label; + } + } + + foreach (const FavoriteVolume &favorite, SystemFavoriteVolumes) + { + if (favorite.Path == volumePath) + { + useInExplorer = favorite.UseLabelInExplorer; + return favorite.Label; + } + } + + useInExplorer = false; + return wstring(); + } + + + void LoadFavoriteVolumes () + { + LoadFavoriteVolumes (FavoriteVolumes, false); + + try + { + LoadFavoriteVolumes (SystemFavoriteVolumes, true, true); + } + catch (...) { } // Ignore errors as SystemFavoriteVolumes list is used only for resolving volume paths to labels + + OnFavoriteVolumesUpdated(); + } + + + void LoadFavoriteVolumes (vector &favorites, bool systemFavorites, bool noUacElevation) + { + favorites.clear(); + wstring favoritesFilePath = systemFavorites ? GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false) : GetConfigPath (TC_APPD_FILENAME_FAVORITE_VOLUMES); + + if (systemFavorites && !IsAdmin() && !noUacElevation) + { + favoritesFilePath = GetConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES); + + try + { + BootEncryption bootEnc (MainDlg); + bootEnc.CopyFileAdmin (GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false).c_str(), favoritesFilePath.c_str()); + } + catch (SystemException &e) + { + if (e.ErrorCode == ERROR_FILE_NOT_FOUND) + return; + + throw; + } + } + + DWORD size; + char *favoritesXml = LoadFile (favoritesFilePath.c_str(), &size); + + if (systemFavorites && !IsAdmin() && !noUacElevation) + DeleteFile (GetConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES)); + + char *xml = favoritesXml; + char mountPoint[MAX_PATH], volume[MAX_PATH]; + + if (xml == NULL) + return; + + while (xml = XmlFindElement (xml, "volume")) + { + FavoriteVolume favorite; + + XmlGetAttributeText (xml, "mountpoint", mountPoint, sizeof (mountPoint)); + favorite.MountPoint = Utf8StringToWide (mountPoint); + + XmlGetNodeText (xml, volume, sizeof (volume)); + favorite.Path = Utf8StringToWide (volume); + + char label[1024]; + + XmlGetAttributeText (xml, "ID", label, sizeof (label)); + if (strlen (label) == (2*VOLUME_ID_SIZE)) + { + std::vector arr; + if (HexWideStringToArray (Utf8StringToWide (label).c_str(), arr) && arr.size() == VOLUME_ID_SIZE) + { + memcpy (favorite.VolumeID, &arr[0], VOLUME_ID_SIZE); + } + } + + XmlGetAttributeText (xml, "label", label, sizeof (label)); + favorite.Label = Utf8StringToWide (label); + + XmlGetAttributeText (xml, "pim", label, sizeof (label)); + if (strlen(label) == 0) + { + /* support old attribute name before it was changed to PIM*/ + XmlGetAttributeText (xml, "pin", label, sizeof (label)); + } + favorite.Pim = strtol (label, NULL, 10); + if (favorite.Pim < 0 || favorite.Pim > (systemFavorites? MAX_BOOT_PIM_VALUE : MAX_PIM_VALUE)) + favorite.Pim = 0; + + char boolVal[2]; + XmlGetAttributeText (xml, "readonly", boolVal, sizeof (boolVal)); + if (boolVal[0]) + favorite.ReadOnly = (boolVal[0] == '1'); + + XmlGetAttributeText (xml, "removable", boolVal, sizeof (boolVal)); + if (boolVal[0]) + favorite.Removable = (boolVal[0] == '1'); + + XmlGetAttributeText (xml, "system", boolVal, sizeof (boolVal)); + if (boolVal[0]) + favorite.SystemEncryption = (boolVal[0] == '1'); + + XmlGetAttributeText (xml, "noHotKeyMount", boolVal, sizeof (boolVal)); + if (boolVal[0]) + favorite.DisableHotkeyMount = (boolVal[0] == '1'); + + XmlGetAttributeText (xml, "openExplorerWindow", boolVal, sizeof (boolVal)); + if (boolVal[0]) + favorite.OpenExplorerWindow = (boolVal[0] == '1'); + + XmlGetAttributeText (xml, "mountOnArrival", boolVal, sizeof (boolVal)); + if (boolVal[0]) + favorite.MountOnArrival = (boolVal[0] == '1'); + + XmlGetAttributeText (xml, "mountOnLogOn", boolVal, sizeof (boolVal)); + if (boolVal[0]) + favorite.MountOnLogOn = (boolVal[0] == '1'); + + XmlGetAttributeText (xml, "useLabelInExplorer", boolVal, sizeof (boolVal)); + if (boolVal[0]) + favorite.UseLabelInExplorer = (boolVal[0] == '1') && !favorite.ReadOnly; + + XmlGetAttributeText (xml, "useVolumeID", boolVal, sizeof (boolVal)); + if (boolVal[0]) + favorite.UseVolumeID = (boolVal[0] == '1') && !IsRepeatedByteArray (0, favorite.VolumeID, sizeof (favorite.VolumeID)); + + if (favorite.Path.find (L"\\\\?\\Volume{") == 0 && favorite.Path.rfind (L"}\\") == favorite.Path.size() - 2) + { + wstring resolvedPath = VolumeGuidPathToDevicePath (favorite.Path); + if (!resolvedPath.empty()) + { + favorite.DisconnectedDevice = false; + favorite.VolumePathId = favorite.Path; + favorite.Path = resolvedPath; + } + else + favorite.DisconnectedDevice = true; + } + + favorites.push_back (favorite); + xml++; + } + + free (favoritesXml); + } + + + static void OnFavoriteVolumesUpdated () + { + FillFavoriteVolumesMenu(); + + FavoritesOnArrivalMountRequired.clear(); + + foreach (const FavoriteVolume favorite, FavoriteVolumes) + { + if (favorite.MountOnArrival) + { + FavoritesOnArrivalMountRequired.push_back (favorite); + + if (IsMountedVolume (favorite.Path.c_str())) + { + bool present = false; + + foreach (const FavoriteVolume favoriteConnected, FavoritesMountedOnArrivalStillConnected) + { + if (favorite.Path == favoriteConnected.Path) + { + present = true; + break; + } + } + + if (!present) + FavoritesMountedOnArrivalStillConnected.push_back (favorite); + } + } + } + } + + + BOOL OrganizeFavoriteVolumes (HWND hwndDlg, bool systemFavorites, const FavoriteVolume &newFavorite) + { + FavoriteVolumesDlgProcArguments args; + args.SystemFavorites = systemFavorites; + + if (!newFavorite.Path.empty()) + { + args.AddFavoriteVolume = true; + args.NewFavoriteVolume = newFavorite; + } + else + args.AddFavoriteVolume = false; + + return DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_FAVORITE_VOLUMES), hwndDlg, (DLGPROC) FavoriteVolumesDlgProc, (LPARAM) &args) == IDOK; + } + + + bool SaveFavoriteVolumes (HWND hwndDlg, const vector &favorites, bool systemFavorites) + { + FILE *f; + int cnt = 0; + + f = _wfopen (GetConfigPath (systemFavorites ? TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES : TC_APPD_FILENAME_FAVORITE_VOLUMES), L"w,ccs=UTF-8"); + if (f == NULL) + { + handleWin32Error (MainDlg, SRC_POS); + return false; + } + + XmlWriteHeader (f); + fputws (L"\n\t", f); + + foreach (const FavoriteVolume &favorite, favorites) + { + wchar_t tq[2048]; + + if (systemFavorites && favorite.Path.find (L"\\\\") == 0 && favorite.Path.find (L"Volume{") == wstring::npos) + Warning ("SYSTEM_FAVORITE_NETWORK_PATH_ERR", hwndDlg); + + XmlQuoteTextW (!favorite.VolumePathId.empty() ? favorite.VolumePathId.c_str() : favorite.Path.c_str(), tq, ARRAYSIZE (tq)); + + wstring s = L"\n\t\t 0) + s += L" pim=\"" + IntToWideString(favorite.Pim) + L"\""; + + if (favorite.ReadOnly) + s += L" readonly=\"1\""; + + if (favorite.Removable) + s += L" removable=\"1\""; + + if (favorite.SystemEncryption) + s += L" system=\"1\""; + + if (favorite.MountOnArrival) + s += L" mountOnArrival=\"1\""; + + if (favorite.MountOnLogOn) + s += L" mountOnLogOn=\"1\""; + + if (favorite.DisableHotkeyMount) + s += L" noHotKeyMount=\"1\""; + + if (favorite.OpenExplorerWindow) + s += L" openExplorerWindow=\"1\""; + + if (favorite.UseLabelInExplorer && !favorite.ReadOnly) + s += L" useLabelInExplorer=\"1\""; + + if (favorite.UseVolumeID && !IsRepeatedByteArray (0, favorite.VolumeID, sizeof (favorite.VolumeID))) + s += L" useVolumeID=\"1\""; + + s += L">" + wstring (tq) + L""; + + fwprintf (f, L"%ws", s.c_str()); + cnt++; + } + + fputws (L"\n\t", f); + XmlWriteFooter (f); + + if (!CheckFileStreamWriteErrors (hwndDlg, f, systemFavorites ? TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES : TC_APPD_FILENAME_FAVORITE_VOLUMES)) + { + fclose (f); + return false; + } + + fclose (f); + + BootEncryption bootEnc (MainDlg); + + if (systemFavorites) + { + finally_do ({ _wremove (GetConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES)); }); + + try + { + bootEnc.DeleteFileAdmin (GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false).c_str()); + } + catch (UserAbort&) { return false; } + catch (...) { } + + try + { + if (cnt != 0) + { + bootEnc.CopyFileAdmin (GetConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES), GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false).c_str()); + + if (!(ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES)) + Info ("SYS_FAVORITE_VOLUMES_SAVED", hwndDlg); + } + } + catch (Exception &e) + { + e.Show (NULL); + } + } + + if (cnt == 0) + { + if (systemFavorites) + { + try + { + bootEnc.DeleteFileAdmin (GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false).c_str()); + } + catch (...) { } + } + else + _wremove (GetConfigPath (TC_APPD_FILENAME_FAVORITE_VOLUMES)); + } + + return true; + } + + + static void SetControls (HWND hwndDlg, const FavoriteVolume &favorite, bool systemFavoritesMode, bool enable) + { + BOOL bIsDevice = favorite.DisconnectedDevice || IsVolumeDeviceHosted (favorite.Path.c_str()) || !enable; + if (favorite.Pim > 0) + { + wchar_t szTmp[MAX_PIM + 1]; + StringCbPrintfW (szTmp, sizeof(szTmp), L"%d", favorite.Pim); + SetDlgItemText (hwndDlg, IDC_PIM, szTmp); + } + else + SetDlgItemText (hwndDlg, IDC_PIM, L""); + SetDlgItemTextW (hwndDlg, IDC_FAVORITE_LABEL, favorite.Label.c_str()); + SetCheckBox (hwndDlg, IDC_FAVORITE_USE_LABEL_IN_EXPLORER, favorite.UseLabelInExplorer); + SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_ON_LOGON, favorite.MountOnLogOn); + SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_ON_ARRIVAL, favorite.MountOnArrival); + SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_READONLY, favorite.ReadOnly); + SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_REMOVABLE, favorite.Removable); + SetCheckBox (hwndDlg, IDC_FAVORITE_USE_VOLUME_ID, favorite.UseVolumeID && bIsDevice); + + if (IsRepeatedByteArray (0, favorite.VolumeID, sizeof (favorite.VolumeID)) || !bIsDevice) + { + SetDlgItemText (hwndDlg, IDC_FAVORITE_VOLUME_ID, L""); + } + else + SetDlgItemText (hwndDlg, IDC_FAVORITE_VOLUME_ID, ArrayToHexWideString (favorite.VolumeID, sizeof (favorite.VolumeID)).c_str()); + + if (systemFavoritesMode) + { + uint32 driverConfig = ReadDriverConfigurationFlags(); + + // MOUNT_SYSTEM_FAVORITES_ON_BOOT + CheckDlgButton (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT, (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES) ? BST_CHECKED : BST_UNCHECKED); + + // DISABLE_NONADMIN_SYS_FAVORITES_ACCESS + CheckDlgButton (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY, (driverConfig & TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS) ? BST_CHECKED : BST_UNCHECKED); + } + else + { + SetCheckBox (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT, favorite.OpenExplorerWindow); + SetCheckBox (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY, favorite.DisableHotkeyMount); + } + + EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOVE_UP), enable); + EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOVE_DOWN), enable); + EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_REMOVE), enable); + EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), enable); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), enable); + EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PIM), enable); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), enable); + EnableWindow (GetDlgItem (hwndDlg, IDT_FAVORITE_LABEL), enable); + EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_LABEL), enable); + EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_USE_LABEL_IN_EXPLORER), enable); + EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOUNT_ON_LOGON), enable && !systemFavoritesMode); + EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOUNT_ON_ARRIVAL), enable && !systemFavoritesMode); + EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOUNT_READONLY), enable); + EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOUNT_REMOVABLE), enable); + EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT), enable || systemFavoritesMode); + EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY), enable || systemFavoritesMode); + EnableWindow (GetDlgItem (hwndDlg, IDT_VOLUME_ID), enable && bIsDevice); + EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_VOLUME_ID), enable && bIsDevice); + EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_USE_VOLUME_ID), enable && bIsDevice && !IsRepeatedByteArray (0, favorite.VolumeID, sizeof (favorite.VolumeID))); + + ShowWindow (GetDlgItem (hwndDlg, IDT_VOLUME_ID), bIsDevice? SW_SHOW : SW_HIDE); + ShowWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_VOLUME_ID), bIsDevice? SW_SHOW : SW_HIDE); + ShowWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_USE_VOLUME_ID), bIsDevice? SW_SHOW : SW_HIDE); + + // Group box + RECT boxRect, checkRect, labelRect; + + GetWindowRect (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), &boxRect); + GetWindowRect (GetDlgItem (hwndDlg, IDC_FAVORITE_USE_VOLUME_ID), &checkRect); + GetWindowRect (GetDlgItem (hwndDlg, IDT_VOLUME_ID), &labelRect); + + if (!bIsDevice && (boxRect.top < checkRect.top)) + { + POINT pt = {boxRect.left, checkRect.bottom}; + ScreenToClient (hwndDlg, &pt); + SetWindowPos (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), 0, pt.x, pt.y, + boxRect.right - boxRect.left, + boxRect.bottom - checkRect.bottom, + SWP_NOZORDER); + + InvalidateRect (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), NULL, TRUE); + } + + if (bIsDevice && (boxRect.top >= checkRect.top)) + { + POINT pt = {boxRect.left, labelRect.top - CompensateYDPI (10)}; + ScreenToClient (hwndDlg, &pt); + SetWindowPos (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), 0, pt.x, pt.y, + boxRect.right - boxRect.left, + boxRect.bottom - labelRect.top + CompensateYDPI (10), + SWP_NOZORDER); + + InvalidateRect (GetDlgItem (hwndDlg, IDC_FAV_VOL_OPTIONS_GROUP_BOX), NULL, TRUE); + } + } + + + static void SetFavoriteVolume (HWND hwndDlg, FavoriteVolume &favorite, bool systemFavoritesMode) + { + wchar_t label[1024]; + if (GetDlgItemTextW (hwndDlg, IDC_FAVORITE_LABEL, label, ARRAYSIZE (label)) != 0) + { + favorite.Label = label; + + for (size_t i = 0; i < favorite.Label.size(); ++i) + { + if (favorite.Label[i] == L'"') + favorite.Label.at (i) = L'\''; + } + } + else + favorite.Label.clear(); + + favorite.Pim = GetPim (hwndDlg, IDC_PIM); + favorite.UseLabelInExplorer = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_USE_LABEL_IN_EXPLORER) != 0); + favorite.UseVolumeID = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_USE_VOLUME_ID) != 0); + + favorite.ReadOnly = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_READONLY) != 0); + favorite.Removable = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_REMOVABLE) != 0); + + if (!systemFavoritesMode) + { + favorite.MountOnLogOn = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_ON_LOGON) != 0); + favorite.MountOnArrival = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_ON_ARRIVAL) != 0); + favorite.DisableHotkeyMount = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY) != 0); + favorite.OpenExplorerWindow = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT) != 0); + } + + if (favorite.VolumePathId.empty() + && IsVolumeDeviceHosted (favorite.Path.c_str()) + && favorite.Path.find (L"\\\\?\\Volume{") != 0) + { + bool partition = (favorite.Path.find (L"\\Partition0") == wstring::npos); + + if (!favorite.Label.empty()) + { + ErrorDirect ((GetString (partition ? "FAVORITE_LABEL_PARTITION_TYPE_ERR" : "FAVORITE_LABEL_DEVICE_PATH_ERR") + wstring (L"\n\n") + favorite.Path).c_str(), hwndDlg); + favorite.Label.clear(); + } + + if (favorite.MountOnArrival) + { + ErrorDirect ((GetString (partition ? "FAVORITE_ARRIVAL_MOUNT_PARTITION_TYPE_ERR" : "FAVORITE_ARRIVAL_MOUNT_DEVICE_PATH_ERR") + wstring (L"\n\n") + favorite.Path).c_str(), hwndDlg); + favorite.MountOnArrival = false; + } + } + + if (favorite.MountOnArrival && favorite.Path.find (L"\\\\") == 0 && favorite.Path.find (L"Volume{") == wstring::npos) + { + Error ("FAVORITE_ARRIVAL_MOUNT_NETWORK_PATH_ERR", hwndDlg); + favorite.MountOnArrival = false; + } + } + + + void UpdateDeviceHostedFavoriteVolumes () + { + try + { + LoadFavoriteVolumes(); + } + catch (Exception &e) + { + e.Show (MainDlg); + } + } +} diff --git a/src/Mount/Favorites.h b/src/Mount/Favorites.h index 84ab2a25..3c8b1c9b 100644 --- a/src/Mount/Favorites.h +++ b/src/Mount/Favorites.h @@ -1,87 +1,87 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_Mount_FavoriteVolumes -#define TC_HEADER_Mount_FavoriteVolumes - -#include - -namespace VeraCrypt -{ - struct FavoriteVolume - { - FavoriteVolume() - : - Pim (0), - DisableHotkeyMount (false), - DisconnectedDevice (false), - MountOnLogOn (false), - MountOnArrival (false), - OpenExplorerWindow (false), - ReadOnly (false), - Removable (false), - SystemEncryption (false), - UseLabelInExplorer (false), - UseVolumeID (false) - { - memset (VolumeID, 0, VOLUME_ID_SIZE); - } - - wstring Path; - wstring MountPoint; - wstring VolumePathId; - wstring Label; - int Pim; - BYTE VolumeID[VOLUME_ID_SIZE]; - - bool DisableHotkeyMount; - bool DisconnectedDevice; - bool MountOnLogOn; - bool MountOnArrival; - bool OpenExplorerWindow; - bool ReadOnly; - bool Removable; - bool SystemEncryption; - bool UseLabelInExplorer; - bool UseVolumeID; - }; - - struct FavoriteVolumesDlgProcArguments - { - bool SystemFavorites; - bool AddFavoriteVolume; - FavoriteVolume NewFavoriteVolume; - }; - - extern vector FavoriteVolumes; - extern vector SystemFavoriteVolumes; - extern list FavoritesOnArrivalMountRequired; - extern list FavoritesMountedOnArrivalStillConnected; - extern HMENU FavoriteVolumesMenu; - - BOOL AddMountedVolumeToFavorites (HWND hwndDlg, int driveNo, bool systemFavorites); - static BOOL CALLBACK FavoriteVolumesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); - static void FillFavoriteVolumesMenu (); - static void FillListControl (HWND favoriteListControl, vector &favorites); - static void FillListControlSubItems (HWND favoriteListControl, int line, const FavoriteVolume &favorite); - wstring GetFavoriteVolumeLabel (const wstring &volumePath, bool& useInExplorer); - void LoadFavoriteVolumes (); - void LoadFavoriteVolumes (vector &favorites, bool systemFavorites, bool noUacElevation = false); - static void OnFavoriteVolumesUpdated (); - BOOL OrganizeFavoriteVolumes (HWND hwndDlg, bool systemFavorites, const FavoriteVolume &newFavorite = FavoriteVolume()); - bool SaveFavoriteVolumes (HWND hwndDlg, const vector &favorites, bool systemFavorites); - static void SetControls (HWND hwndDlg, const FavoriteVolume &favorite, bool systemFavoritesMode, bool enable = true); - static void SetFavoriteVolume (HWND hwndDlg, FavoriteVolume &favorite, bool systemFavoritesMode); - void UpdateDeviceHostedFavoriteVolumes (); -} - -#endif // TC_HEADER_Mount_FavoriteVolumes +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_Mount_FavoriteVolumes +#define TC_HEADER_Mount_FavoriteVolumes + +#include + +namespace VeraCrypt +{ + struct FavoriteVolume + { + FavoriteVolume() + : + Pim (0), + DisableHotkeyMount (false), + DisconnectedDevice (false), + MountOnLogOn (false), + MountOnArrival (false), + OpenExplorerWindow (false), + ReadOnly (false), + Removable (false), + SystemEncryption (false), + UseLabelInExplorer (false), + UseVolumeID (false) + { + memset (VolumeID, 0, VOLUME_ID_SIZE); + } + + wstring Path; + wstring MountPoint; + wstring VolumePathId; + wstring Label; + int Pim; + BYTE VolumeID[VOLUME_ID_SIZE]; + + bool DisableHotkeyMount; + bool DisconnectedDevice; + bool MountOnLogOn; + bool MountOnArrival; + bool OpenExplorerWindow; + bool ReadOnly; + bool Removable; + bool SystemEncryption; + bool UseLabelInExplorer; + bool UseVolumeID; + }; + + struct FavoriteVolumesDlgProcArguments + { + bool SystemFavorites; + bool AddFavoriteVolume; + FavoriteVolume NewFavoriteVolume; + }; + + extern vector FavoriteVolumes; + extern vector SystemFavoriteVolumes; + extern list FavoritesOnArrivalMountRequired; + extern list FavoritesMountedOnArrivalStillConnected; + extern HMENU FavoriteVolumesMenu; + + BOOL AddMountedVolumeToFavorites (HWND hwndDlg, int driveNo, bool systemFavorites); + static BOOL CALLBACK FavoriteVolumesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); + static void FillFavoriteVolumesMenu (); + static void FillListControl (HWND favoriteListControl, vector &favorites); + static void FillListControlSubItems (HWND favoriteListControl, int line, const FavoriteVolume &favorite); + wstring GetFavoriteVolumeLabel (const wstring &volumePath, bool& useInExplorer); + void LoadFavoriteVolumes (); + void LoadFavoriteVolumes (vector &favorites, bool systemFavorites, bool noUacElevation = false); + static void OnFavoriteVolumesUpdated (); + BOOL OrganizeFavoriteVolumes (HWND hwndDlg, bool systemFavorites, const FavoriteVolume &newFavorite = FavoriteVolume()); + bool SaveFavoriteVolumes (HWND hwndDlg, const vector &favorites, bool systemFavorites); + static void SetControls (HWND hwndDlg, const FavoriteVolume &favorite, bool systemFavoritesMode, bool enable = true); + static void SetFavoriteVolume (HWND hwndDlg, FavoriteVolume &favorite, bool systemFavoritesMode); + void UpdateDeviceHostedFavoriteVolumes (); +} + +#endif // TC_HEADER_Mount_FavoriteVolumes diff --git a/src/Mount/Hotkeys.c b/src/Mount/Hotkeys.c index 59fa1093..0403c634 100644 --- a/src/Mount/Hotkeys.c +++ b/src/Mount/Hotkeys.c @@ -1,611 +1,611 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include -#include "Dlgcode.h" -#include "Hotkeys.h" -#include "Language.h" -#include "Mount.h" -#include "Resource.h" - -#include - -#ifndef SRC_POS -#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) -#endif - -#define MAX_KEY_COMB_NAME_LEN 260 - -TCHOTKEY Hotkeys [NBR_HOTKEYS]; -static TCHOTKEY tmpHotkeys [NBR_HOTKEYS]; - -static int nSelectedHotkeyId; -static UINT currentVKeyCode; -static BYTE vkeysDown[256]; - - -static void ScanAndProcessKey (UINT *vKeyCode, wchar_t *keyName) -{ - UINT vKey; - *vKeyCode = 0; - - for (vKey = 0; vKey <= 0xFF; vKey++) - { - if (GetAsyncKeyState (vKey) < 0) - { - if (!vkeysDown [vKey]) - { - vkeysDown [vKey] = 1; - if (GetKeyName (vKey, keyName)) // If the key is allowed and its name has been resolved - *vKeyCode = vKey; - } - } - else - vkeysDown [vKey] = 0; - } -} - - -/* Returns TRUE if the key is allowed and its name is resolved. */ -BOOL GetKeyName (UINT vKey, wchar_t *keyName) -{ - BOOL result = TRUE; - - if (vKey >= 0x30 && vKey <= 0x5a) - { - // ASCII characters - StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%hc", (char) vKey); - } - else if (vKey >= 0xE9 && vKey <= 0xF5) - { - // OEM-specific - StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM-%d", vKey); - - // mapping taken from: - // http://www.hotkeynet.com/ref/keynames.html - // https://mojoware.googlecode.com/svn-history/r3/trunk/mojo_engine/cKeyboard.cpp - // http://www.screenio.com/gui_screenio/gs_htmlhelp_subweb/download/SIMKEYS.cob - // - // These values seem to come from Nokia/Ericsson mobile device keys - - switch (vKey) - { - case 0xE9: // OEMReset = 0xE9 - StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMReset)"); - break; - case 0xEA: // OEMJump = 0xEA - StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMJump)"); - break; - case 0xEB: // OEMPA1 = 0xEB - StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMPA1)"); - break; - case 0xEC: // OEMPA2 = 0xEC - StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMPA2)"); - break; - case 0xED: // OEMPA3 = 0xED - StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMPA3)"); - break; - case 0xEE: // OEMWSCtrl = 0xEE - StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMWSCtrl)"); - break; - case 0xEF: // OEMCUSel = 0xEF - StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMCUSel)"); - break; - case 0xF0: // OEMATTN = 0xF0 - StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMATTN)"); - break; - case 0xF1: // OEMFinish = 0xF1 - StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMFinish)"); - break; - case 0xF2: // OEMCopy = 0xF2 - StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMCopy)"); - break; - case 0xF3: // OEMAuto = 0xF3 - StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMAuto)"); - break; - case 0xF4: // OEMENLW = 0xF4 - StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMENLW)"); - break; - case 0xF5: // OEMBackTab = 0xF5 - StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMBackTab)"); - break; - } - } - else if (vKey >= VK_F1 && vKey <= VK_F24) - { - // F1-F24 - StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"F%d", vKey - VK_F1 + 1); - } - else if (vKey >= VK_NUMPAD0 && vKey <= VK_NUMPAD9) - { - // Numpad numbers - StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s %d", GetString ("VK_NUMPAD"), vKey - VK_NUMPAD0); - } - else - { - switch (vKey) - { - case VK_MULTIPLY: StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s *", GetString ("VK_NUMPAD")); break; - case VK_ADD: StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s +", GetString ("VK_NUMPAD")); break; - case VK_SEPARATOR: StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s Separator", GetString ("VK_NUMPAD")); break; - case VK_SUBTRACT: StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s -", GetString ("VK_NUMPAD")); break; - case VK_DECIMAL: StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s .", GetString ("VK_NUMPAD")); break; - case VK_DIVIDE: StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s /", GetString ("VK_NUMPAD")); break; - case VK_OEM_1: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 1 (';')"); break; - case VK_OEM_PLUS: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"+"); break; - case VK_OEM_COMMA: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L","); break; - case VK_OEM_MINUS: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"-"); break; - case VK_OEM_PERIOD: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"."); break; - case VK_OEM_2: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 2 ('/')"); break; - case VK_OEM_3: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 3 (`)"); break; - case VK_OEM_4: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 4 ('[')"); break; - case VK_OEM_5: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 5 ('\\')"); break; - case VK_OEM_6: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 6 (']')"); break; - case VK_OEM_7: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 7 (')"); break; - case VK_OEM_8: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 8"); break; - case VK_OEM_AX: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM AX"); break; - case VK_OEM_102: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 102"); break; - case VK_ICO_HELP: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"ICO_HELP"); break; - case VK_ICO_00: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"ICO_00"); break; - case VK_ICO_CLEAR: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"ICO_CLEAR"); break; - case VK_ATTN: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"Attn"); break; - case VK_CRSEL: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"CrSel"); break; - case VK_EXSEL: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"ExSel"); break; - case VK_EREOF: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"Erase EOF"); break; - case VK_PA1: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"PA1"); break; - case VK_OEM_CLEAR: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM Clear"); break; - - case 0: - case 1: - case 0xFF: - result = FALSE; - break; - - default: - { - char key[16]; - wchar_t *desc; - StringCbPrintfA (key, sizeof(key),"VKEY_%02X", vKey); - desc = GetString (key); - if (desc == UnknownString) - result = FALSE; - else - StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, desc); - } - } - } - return result; -} - - -static BOOL ShortcutInUse (UINT vKeyCode, UINT modifiers, TCHOTKEY hotkeys[]) -{ - int i; - - for (i = 0; i < NBR_HOTKEYS; i++) - { - if (hotkeys[i].vKeyCode == vKeyCode && hotkeys[i].vKeyModifiers == modifiers) - return TRUE; - } - return FALSE; -} - - -void UnregisterAllHotkeys (HWND hwndDlg, TCHOTKEY hotkeys[]) -{ - int i; - - for (i = 0; i < NBR_HOTKEYS; i++) - { - if (hotkeys[i].vKeyCode != 0) - UnregisterHotKey (hwndDlg, i); - - } -} - - -BOOL RegisterAllHotkeys (HWND hwndDlg, TCHOTKEY hotkeys[]) -{ - BOOL result = TRUE; - int i; - - for (i = 0; i < NBR_HOTKEYS; i++) - { - if (hotkeys[i].vKeyCode != 0 - && !RegisterHotKey (hwndDlg, i, hotkeys[i].vKeyModifiers, hotkeys[i].vKeyCode)) - result = FALSE; - } - - return result; -} - - -static void DisplayHotkeyList (HWND hwndDlg) -{ - LVITEMW item; - HWND hList = GetDlgItem (hwndDlg, IDC_HOTKEY_LIST); - int i; - wchar_t ShortcutMod [MAX_KEY_COMB_NAME_LEN]; - wchar_t ShortcutFinal [MAX_KEY_COMB_NAME_LEN*2]; - wchar_t Shortcut [MAX_KEY_COMB_NAME_LEN]; - - SendMessage (hList, LVM_DELETEALLITEMS,0, (LPARAM)&item); - - for (i = 0; i < NBR_HOTKEYS; i++) - { - memset (&item,0,sizeof(item)); - item.mask = LVIF_TEXT; - item.iItem = i; - item.iSubItem = 0; - - switch (i) - { - - case HK_AUTOMOUNT_DEVICES: - item.pszText = GetString ("HK_AUTOMOUNT_DEVICES"); - break; - - case HK_DISMOUNT_ALL: - item.pszText = GetString ("HK_DISMOUNT_ALL"); - break; - - case HK_WIPE_CACHE: - item.pszText = GetString ("HK_WIPE_CACHE"); - break; - - case HK_DISMOUNT_ALL_AND_WIPE: - item.pszText = GetString ("HK_DISMOUNT_ALL_AND_WIPE"); - break; - - case HK_FORCE_DISMOUNT_ALL_AND_WIPE: - item.pszText = GetString ("HK_FORCE_DISMOUNT_ALL_AND_WIPE"); - break; - - case HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT: - item.pszText = GetString ("HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT"); - break; - - case HK_MOUNT_FAVORITE_VOLUMES: - item.pszText = GetString ("HK_MOUNT_FAVORITE_VOLUMES"); - break; - - case HK_SHOW_HIDE_MAIN_WINDOW: - item.pszText = GetString ("HK_SHOW_HIDE_MAIN_WINDOW"); - break; - - case HK_CLOSE_SECURITY_TOKEN_SESSIONS: - item.pszText = GetString ("IDM_CLOSE_ALL_TOKEN_SESSIONS"); - break; - - default: - item.pszText = L"[?]"; - } - - SendMessageW (hList,LVM_INSERTITEMW,0,(LPARAM)&item); - - item.iSubItem = 1; - Shortcut[0] = 0; - ShortcutMod[0] = 0; - - if (GetKeyName (tmpHotkeys[i].vKeyCode, Shortcut)) - { - if (tmpHotkeys[i].vKeyModifiers & MOD_CONTROL) - { - StringCbCatW (ShortcutMod, sizeof(ShortcutMod),GetString ("VK_CONTROL")); - StringCbCatW (ShortcutMod, sizeof(ShortcutMod),L"+"); - } - - if (tmpHotkeys[i].vKeyModifiers & MOD_SHIFT) - { - StringCbCatW (ShortcutMod, sizeof(ShortcutMod),GetString ("VK_SHIFT")); - StringCbCatW (ShortcutMod, sizeof(ShortcutMod),L"+"); - } - - if (tmpHotkeys[i].vKeyModifiers & MOD_ALT) - { - StringCbCatW (ShortcutMod, sizeof(ShortcutMod),GetString ("VK_ALT")); - StringCbCatW (ShortcutMod, sizeof(ShortcutMod),L"+"); - } - - if (tmpHotkeys[i].vKeyModifiers & MOD_WIN) - { - StringCbCatW (ShortcutMod, sizeof(ShortcutMod),GetString ("VK_WIN")); - StringCbCatW (ShortcutMod, sizeof(ShortcutMod),L"+"); - } - - StringCbPrintfW (ShortcutFinal, sizeof(ShortcutFinal), L"%s%s", ShortcutMod, Shortcut); - item.pszText = ShortcutFinal; - } - else - item.pszText = L""; - - SendMessageW (hList, LVM_SETITEMW, 0, (LPARAM)&item); - } -} - - - -BOOL CALLBACK HotkeysDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - WORD hw = HIWORD (wParam); - static BOOL bKeyScanOn; - static BOOL bTPlaySoundOnSuccessfulHkDismount; - static BOOL bTDisplayBalloonOnSuccessfulHkDismount; - - switch (msg) - { - case WM_INITDIALOG: - { - LVCOLUMNW col; - HWND hList = GetDlgItem (hwndDlg, IDC_HOTKEY_LIST); - - bKeyScanOn = FALSE; - nSelectedHotkeyId = -1; - currentVKeyCode = 0; - memcpy (tmpHotkeys, Hotkeys, sizeof(tmpHotkeys)); - memset (vkeysDown, 0, sizeof(vkeysDown)); - - SendMessageW (hList,LVM_SETEXTENDEDLISTVIEWSTYLE,0, - LVS_EX_FULLROWSELECT|LVS_EX_HEADERDRAGDROP|LVS_EX_LABELTIP - ); - - memset (&col,0,sizeof(col)); - col.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; - col.pszText = GetString ("ACTION"); - col.cx = CompensateXDPI (341); - col.fmt = LVCFMT_LEFT; - SendMessageW (hList,LVM_INSERTCOLUMNW,0,(LPARAM)&col); - - col.pszText = GetString ("SHORTCUT"); - col.cx = CompensateXDPI (190); - col.fmt = LVCFMT_LEFT; - SendMessageW (hList,LVM_INSERTCOLUMNW,1,(LPARAM)&col); - - LocalizeDialog (hwndDlg, "IDD_HOTKEYS_DLG"); - - SetCheckBox (hwndDlg, IDC_HK_MOD_CTRL, TRUE); - SetCheckBox (hwndDlg, IDC_HK_MOD_SHIFT, FALSE); - SetCheckBox (hwndDlg, IDC_HK_MOD_ALT, TRUE); - SetCheckBox (hwndDlg, IDC_HK_MOD_WIN, FALSE); - - SetCheckBox (hwndDlg, IDC_HK_DISMOUNT_PLAY_SOUND, bPlaySoundOnSuccessfulHkDismount); - SetCheckBox (hwndDlg, IDC_HK_DISMOUNT_BALLOON_TOOLTIP, bDisplayBalloonOnSuccessfulHkDismount); - - bTPlaySoundOnSuccessfulHkDismount = bPlaySoundOnSuccessfulHkDismount; - bTDisplayBalloonOnSuccessfulHkDismount = bDisplayBalloonOnSuccessfulHkDismount; - - EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_ASSIGN), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_REMOVE), FALSE); - - DisplayHotkeyList(hwndDlg); - - if (SetTimer (hwndDlg, 0xfe, 10, NULL) == 0) - { - Error ("CANNOT_SET_TIMER", MainDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - return 1; - } - - case WM_TIMER: - { - if ((nSelectedHotkeyId > -1) && (GetFocus () == GetDlgItem (hwndDlg, IDC_HOTKEY_KEY))) - { - wchar_t keyName [MAX_KEY_COMB_NAME_LEN]; - UINT tmpVKeyCode; - - keyName[0] = 0; - - ScanAndProcessKey (&tmpVKeyCode, &keyName[0]); - - if (keyName[0] != 0) - { - currentVKeyCode = tmpVKeyCode; - SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), keyName); - EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_ASSIGN), TRUE); - } - else if ((currentVKeyCode != 0) && GetKeyName (currentVKeyCode, keyName)) - { - SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), keyName); - } - } - return 1; - } - - case WM_NOTIFY: - if (wParam == IDC_HOTKEY_LIST) - { - if (((LPNMHDR) lParam)->code == LVN_ITEMACTIVATE - || ((LPNMHDR) lParam)->code == LVN_ITEMCHANGED && (((LPNMLISTVIEW) lParam)->uNewState & LVIS_FOCUSED)) - { - LVITEM item; - memset(&item,0,sizeof(item)); - nSelectedHotkeyId = ((LPNMLISTVIEW) lParam)->iItem; - currentVKeyCode = 0; - memset (vkeysDown, 0, sizeof(vkeysDown)); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), GetString ("PRESS_A_KEY_TO_ASSIGN")); - - EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_REMOVE), (tmpHotkeys[nSelectedHotkeyId].vKeyCode > 0)); - - EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_ASSIGN), FALSE); - bKeyScanOn = TRUE; - return 1; - } - } - - return 0; - - case WM_COMMAND: - if (lw == IDC_HOTKEY_KEY && hw == EN_CHANGE) - { - if (!bKeyScanOn && nSelectedHotkeyId < 0 && GetWindowTextLengthW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY))) - SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), L""); - } - - if (lw == IDC_HOTKEY_ASSIGN) - { - BOOL bOwnActiveShortcut = FALSE; - - if (nSelectedHotkeyId >= 0 && currentVKeyCode != 0) - { - UINT modifiers = 0; - if (GetCheckBox (hwndDlg, IDC_HK_MOD_CTRL)) - modifiers = MOD_CONTROL; - - if (GetCheckBox (hwndDlg, IDC_HK_MOD_ALT)) - modifiers |= MOD_ALT; - - if (GetCheckBox (hwndDlg, IDC_HK_MOD_SHIFT)) - modifiers |= MOD_SHIFT; - - if (GetCheckBox (hwndDlg, IDC_HK_MOD_WIN)) - modifiers |= MOD_WIN; - - // Check if it's not already assigned - if (ShortcutInUse (currentVKeyCode, modifiers, tmpHotkeys)) - { - Error ("SHORTCUT_ALREADY_IN_USE", hwndDlg); - return 1; - } - - // Check for reserved system keys - switch (currentVKeyCode) - { - case VK_F1: - case VK_F12: - /* F1 is help and F12 is reserved for use by the debugger at all times */ - if (modifiers == 0) - { - Error ("CANNOT_USE_RESERVED_KEY", hwndDlg); - return 1; - } - break; - } - - bOwnActiveShortcut = ShortcutInUse (currentVKeyCode, modifiers, Hotkeys); - - // Test if the shortcut can be assigned without errors - if (!bOwnActiveShortcut - && !RegisterHotKey (hwndDlg, nSelectedHotkeyId, modifiers, currentVKeyCode)) - { - handleWin32Error(hwndDlg, SRC_POS); - return 1; - } - else - { - if (!bOwnActiveShortcut && !UnregisterHotKey (hwndDlg, nSelectedHotkeyId)) - handleWin32Error(hwndDlg, SRC_POS); - - tmpHotkeys[nSelectedHotkeyId].vKeyCode = currentVKeyCode; - tmpHotkeys[nSelectedHotkeyId].vKeyModifiers = modifiers; - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), L""); - EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_ASSIGN), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_REMOVE), FALSE); - nSelectedHotkeyId = -1; - bKeyScanOn = FALSE; - currentVKeyCode = 0; - memset (vkeysDown, 0, sizeof(vkeysDown)); - } - } - DisplayHotkeyList(hwndDlg); - return 1; - } - - if (lw == IDC_HOTKEY_REMOVE) - { - if (nSelectedHotkeyId >= 0) - { - tmpHotkeys[nSelectedHotkeyId].vKeyCode = 0; - tmpHotkeys[nSelectedHotkeyId].vKeyModifiers = 0; - SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), L""); - EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_ASSIGN), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_REMOVE), FALSE); - nSelectedHotkeyId = -1; - bKeyScanOn = FALSE; - currentVKeyCode = 0; - memset (vkeysDown, 0, sizeof(vkeysDown)); - DisplayHotkeyList(hwndDlg); - } - return 1; - } - - if (lw == IDC_RESET_HOTKEYS) - { - int i; - - for (i = 0; i < NBR_HOTKEYS; i++) - { - tmpHotkeys[i].vKeyCode = 0; - tmpHotkeys[i].vKeyModifiers = 0; - } - SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), L""); - EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_ASSIGN), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_REMOVE), FALSE); - nSelectedHotkeyId = -1; - bKeyScanOn = FALSE; - currentVKeyCode = 0; - memset (vkeysDown, 0, sizeof(vkeysDown)); - DisplayHotkeyList(hwndDlg); - return 1; - } - - if (lw == IDC_HK_DISMOUNT_PLAY_SOUND) - { - bTPlaySoundOnSuccessfulHkDismount = GetCheckBox (hwndDlg, IDC_HK_DISMOUNT_PLAY_SOUND); - } - - if (lw == IDC_HK_DISMOUNT_BALLOON_TOOLTIP) - { - bTDisplayBalloonOnSuccessfulHkDismount = GetCheckBox (hwndDlg, IDC_HK_DISMOUNT_BALLOON_TOOLTIP); - } - - if (lw == IDCANCEL || lw == IDCLOSE) - { - KillTimer (hwndDlg, 0xfe); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - if (lw == IDOK) - { - HWND hwndMainDlg = hwndDlg; - - while (GetParent (hwndMainDlg) != NULL) - { - hwndMainDlg = GetParent (hwndMainDlg); - } - UnregisterAllHotkeys (hwndMainDlg, Hotkeys); - memcpy (Hotkeys, tmpHotkeys, sizeof(Hotkeys)); - RegisterAllHotkeys (hwndMainDlg, Hotkeys); - KillTimer (hwndDlg, 0xfe); - bPlaySoundOnSuccessfulHkDismount = bTPlaySoundOnSuccessfulHkDismount; - bDisplayBalloonOnSuccessfulHkDismount = bTDisplayBalloonOnSuccessfulHkDismount; - - SaveSettings (hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - return 0; - - case WM_CLOSE: - - KillTimer (hwndDlg, 0xfe); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - return 0; -} - - +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include +#include "Dlgcode.h" +#include "Hotkeys.h" +#include "Language.h" +#include "Mount.h" +#include "Resource.h" + +#include + +#ifndef SRC_POS +#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) +#endif + +#define MAX_KEY_COMB_NAME_LEN 260 + +TCHOTKEY Hotkeys [NBR_HOTKEYS]; +static TCHOTKEY tmpHotkeys [NBR_HOTKEYS]; + +static int nSelectedHotkeyId; +static UINT currentVKeyCode; +static BYTE vkeysDown[256]; + + +static void ScanAndProcessKey (UINT *vKeyCode, wchar_t *keyName) +{ + UINT vKey; + *vKeyCode = 0; + + for (vKey = 0; vKey <= 0xFF; vKey++) + { + if (GetAsyncKeyState (vKey) < 0) + { + if (!vkeysDown [vKey]) + { + vkeysDown [vKey] = 1; + if (GetKeyName (vKey, keyName)) // If the key is allowed and its name has been resolved + *vKeyCode = vKey; + } + } + else + vkeysDown [vKey] = 0; + } +} + + +/* Returns TRUE if the key is allowed and its name is resolved. */ +BOOL GetKeyName (UINT vKey, wchar_t *keyName) +{ + BOOL result = TRUE; + + if (vKey >= 0x30 && vKey <= 0x5a) + { + // ASCII characters + StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%hc", (char) vKey); + } + else if (vKey >= 0xE9 && vKey <= 0xF5) + { + // OEM-specific + StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM-%d", vKey); + + // mapping taken from: + // http://www.hotkeynet.com/ref/keynames.html + // https://mojoware.googlecode.com/svn-history/r3/trunk/mojo_engine/cKeyboard.cpp + // http://www.screenio.com/gui_screenio/gs_htmlhelp_subweb/download/SIMKEYS.cob + // + // These values seem to come from Nokia/Ericsson mobile device keys + + switch (vKey) + { + case 0xE9: // OEMReset = 0xE9 + StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMReset)"); + break; + case 0xEA: // OEMJump = 0xEA + StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMJump)"); + break; + case 0xEB: // OEMPA1 = 0xEB + StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMPA1)"); + break; + case 0xEC: // OEMPA2 = 0xEC + StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMPA2)"); + break; + case 0xED: // OEMPA3 = 0xED + StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMPA3)"); + break; + case 0xEE: // OEMWSCtrl = 0xEE + StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMWSCtrl)"); + break; + case 0xEF: // OEMCUSel = 0xEF + StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMCUSel)"); + break; + case 0xF0: // OEMATTN = 0xF0 + StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMATTN)"); + break; + case 0xF1: // OEMFinish = 0xF1 + StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMFinish)"); + break; + case 0xF2: // OEMCopy = 0xF2 + StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMCopy)"); + break; + case 0xF3: // OEMAuto = 0xF3 + StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMAuto)"); + break; + case 0xF4: // OEMENLW = 0xF4 + StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMENLW)"); + break; + case 0xF5: // OEMBackTab = 0xF5 + StringCbCatW (keyName, MAX_KEY_COMB_NAME_LEN, L" (OEMBackTab)"); + break; + } + } + else if (vKey >= VK_F1 && vKey <= VK_F24) + { + // F1-F24 + StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"F%d", vKey - VK_F1 + 1); + } + else if (vKey >= VK_NUMPAD0 && vKey <= VK_NUMPAD9) + { + // Numpad numbers + StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s %d", GetString ("VK_NUMPAD"), vKey - VK_NUMPAD0); + } + else + { + switch (vKey) + { + case VK_MULTIPLY: StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s *", GetString ("VK_NUMPAD")); break; + case VK_ADD: StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s +", GetString ("VK_NUMPAD")); break; + case VK_SEPARATOR: StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s Separator", GetString ("VK_NUMPAD")); break; + case VK_SUBTRACT: StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s -", GetString ("VK_NUMPAD")); break; + case VK_DECIMAL: StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s .", GetString ("VK_NUMPAD")); break; + case VK_DIVIDE: StringCbPrintfW (keyName, MAX_KEY_COMB_NAME_LEN, L"%s /", GetString ("VK_NUMPAD")); break; + case VK_OEM_1: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 1 (';')"); break; + case VK_OEM_PLUS: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"+"); break; + case VK_OEM_COMMA: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L","); break; + case VK_OEM_MINUS: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"-"); break; + case VK_OEM_PERIOD: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"."); break; + case VK_OEM_2: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 2 ('/')"); break; + case VK_OEM_3: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 3 (`)"); break; + case VK_OEM_4: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 4 ('[')"); break; + case VK_OEM_5: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 5 ('\\')"); break; + case VK_OEM_6: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 6 (']')"); break; + case VK_OEM_7: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 7 (')"); break; + case VK_OEM_8: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 8"); break; + case VK_OEM_AX: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM AX"); break; + case VK_OEM_102: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM 102"); break; + case VK_ICO_HELP: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"ICO_HELP"); break; + case VK_ICO_00: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"ICO_00"); break; + case VK_ICO_CLEAR: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"ICO_CLEAR"); break; + case VK_ATTN: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"Attn"); break; + case VK_CRSEL: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"CrSel"); break; + case VK_EXSEL: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"ExSel"); break; + case VK_EREOF: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"Erase EOF"); break; + case VK_PA1: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"PA1"); break; + case VK_OEM_CLEAR: StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, L"OEM Clear"); break; + + case 0: + case 1: + case 0xFF: + result = FALSE; + break; + + default: + { + char key[16]; + wchar_t *desc; + StringCbPrintfA (key, sizeof(key),"VKEY_%02X", vKey); + desc = GetString (key); + if (desc == UnknownString) + result = FALSE; + else + StringCbCopyW (keyName, MAX_KEY_COMB_NAME_LEN, desc); + } + } + } + return result; +} + + +static BOOL ShortcutInUse (UINT vKeyCode, UINT modifiers, TCHOTKEY hotkeys[]) +{ + int i; + + for (i = 0; i < NBR_HOTKEYS; i++) + { + if (hotkeys[i].vKeyCode == vKeyCode && hotkeys[i].vKeyModifiers == modifiers) + return TRUE; + } + return FALSE; +} + + +void UnregisterAllHotkeys (HWND hwndDlg, TCHOTKEY hotkeys[]) +{ + int i; + + for (i = 0; i < NBR_HOTKEYS; i++) + { + if (hotkeys[i].vKeyCode != 0) + UnregisterHotKey (hwndDlg, i); + + } +} + + +BOOL RegisterAllHotkeys (HWND hwndDlg, TCHOTKEY hotkeys[]) +{ + BOOL result = TRUE; + int i; + + for (i = 0; i < NBR_HOTKEYS; i++) + { + if (hotkeys[i].vKeyCode != 0 + && !RegisterHotKey (hwndDlg, i, hotkeys[i].vKeyModifiers, hotkeys[i].vKeyCode)) + result = FALSE; + } + + return result; +} + + +static void DisplayHotkeyList (HWND hwndDlg) +{ + LVITEMW item; + HWND hList = GetDlgItem (hwndDlg, IDC_HOTKEY_LIST); + int i; + wchar_t ShortcutMod [MAX_KEY_COMB_NAME_LEN]; + wchar_t ShortcutFinal [MAX_KEY_COMB_NAME_LEN*2]; + wchar_t Shortcut [MAX_KEY_COMB_NAME_LEN]; + + SendMessage (hList, LVM_DELETEALLITEMS,0, (LPARAM)&item); + + for (i = 0; i < NBR_HOTKEYS; i++) + { + memset (&item,0,sizeof(item)); + item.mask = LVIF_TEXT; + item.iItem = i; + item.iSubItem = 0; + + switch (i) + { + + case HK_AUTOMOUNT_DEVICES: + item.pszText = GetString ("HK_AUTOMOUNT_DEVICES"); + break; + + case HK_DISMOUNT_ALL: + item.pszText = GetString ("HK_DISMOUNT_ALL"); + break; + + case HK_WIPE_CACHE: + item.pszText = GetString ("HK_WIPE_CACHE"); + break; + + case HK_DISMOUNT_ALL_AND_WIPE: + item.pszText = GetString ("HK_DISMOUNT_ALL_AND_WIPE"); + break; + + case HK_FORCE_DISMOUNT_ALL_AND_WIPE: + item.pszText = GetString ("HK_FORCE_DISMOUNT_ALL_AND_WIPE"); + break; + + case HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT: + item.pszText = GetString ("HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT"); + break; + + case HK_MOUNT_FAVORITE_VOLUMES: + item.pszText = GetString ("HK_MOUNT_FAVORITE_VOLUMES"); + break; + + case HK_SHOW_HIDE_MAIN_WINDOW: + item.pszText = GetString ("HK_SHOW_HIDE_MAIN_WINDOW"); + break; + + case HK_CLOSE_SECURITY_TOKEN_SESSIONS: + item.pszText = GetString ("IDM_CLOSE_ALL_TOKEN_SESSIONS"); + break; + + default: + item.pszText = L"[?]"; + } + + SendMessageW (hList,LVM_INSERTITEMW,0,(LPARAM)&item); + + item.iSubItem = 1; + Shortcut[0] = 0; + ShortcutMod[0] = 0; + + if (GetKeyName (tmpHotkeys[i].vKeyCode, Shortcut)) + { + if (tmpHotkeys[i].vKeyModifiers & MOD_CONTROL) + { + StringCbCatW (ShortcutMod, sizeof(ShortcutMod),GetString ("VK_CONTROL")); + StringCbCatW (ShortcutMod, sizeof(ShortcutMod),L"+"); + } + + if (tmpHotkeys[i].vKeyModifiers & MOD_SHIFT) + { + StringCbCatW (ShortcutMod, sizeof(ShortcutMod),GetString ("VK_SHIFT")); + StringCbCatW (ShortcutMod, sizeof(ShortcutMod),L"+"); + } + + if (tmpHotkeys[i].vKeyModifiers & MOD_ALT) + { + StringCbCatW (ShortcutMod, sizeof(ShortcutMod),GetString ("VK_ALT")); + StringCbCatW (ShortcutMod, sizeof(ShortcutMod),L"+"); + } + + if (tmpHotkeys[i].vKeyModifiers & MOD_WIN) + { + StringCbCatW (ShortcutMod, sizeof(ShortcutMod),GetString ("VK_WIN")); + StringCbCatW (ShortcutMod, sizeof(ShortcutMod),L"+"); + } + + StringCbPrintfW (ShortcutFinal, sizeof(ShortcutFinal), L"%s%s", ShortcutMod, Shortcut); + item.pszText = ShortcutFinal; + } + else + item.pszText = L""; + + SendMessageW (hList, LVM_SETITEMW, 0, (LPARAM)&item); + } +} + + + +BOOL CALLBACK HotkeysDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + WORD hw = HIWORD (wParam); + static BOOL bKeyScanOn; + static BOOL bTPlaySoundOnSuccessfulHkDismount; + static BOOL bTDisplayBalloonOnSuccessfulHkDismount; + + switch (msg) + { + case WM_INITDIALOG: + { + LVCOLUMNW col; + HWND hList = GetDlgItem (hwndDlg, IDC_HOTKEY_LIST); + + bKeyScanOn = FALSE; + nSelectedHotkeyId = -1; + currentVKeyCode = 0; + memcpy (tmpHotkeys, Hotkeys, sizeof(tmpHotkeys)); + memset (vkeysDown, 0, sizeof(vkeysDown)); + + SendMessageW (hList,LVM_SETEXTENDEDLISTVIEWSTYLE,0, + LVS_EX_FULLROWSELECT|LVS_EX_HEADERDRAGDROP|LVS_EX_LABELTIP + ); + + memset (&col,0,sizeof(col)); + col.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; + col.pszText = GetString ("ACTION"); + col.cx = CompensateXDPI (341); + col.fmt = LVCFMT_LEFT; + SendMessageW (hList,LVM_INSERTCOLUMNW,0,(LPARAM)&col); + + col.pszText = GetString ("SHORTCUT"); + col.cx = CompensateXDPI (190); + col.fmt = LVCFMT_LEFT; + SendMessageW (hList,LVM_INSERTCOLUMNW,1,(LPARAM)&col); + + LocalizeDialog (hwndDlg, "IDD_HOTKEYS_DLG"); + + SetCheckBox (hwndDlg, IDC_HK_MOD_CTRL, TRUE); + SetCheckBox (hwndDlg, IDC_HK_MOD_SHIFT, FALSE); + SetCheckBox (hwndDlg, IDC_HK_MOD_ALT, TRUE); + SetCheckBox (hwndDlg, IDC_HK_MOD_WIN, FALSE); + + SetCheckBox (hwndDlg, IDC_HK_DISMOUNT_PLAY_SOUND, bPlaySoundOnSuccessfulHkDismount); + SetCheckBox (hwndDlg, IDC_HK_DISMOUNT_BALLOON_TOOLTIP, bDisplayBalloonOnSuccessfulHkDismount); + + bTPlaySoundOnSuccessfulHkDismount = bPlaySoundOnSuccessfulHkDismount; + bTDisplayBalloonOnSuccessfulHkDismount = bDisplayBalloonOnSuccessfulHkDismount; + + EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_ASSIGN), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_REMOVE), FALSE); + + DisplayHotkeyList(hwndDlg); + + if (SetTimer (hwndDlg, 0xfe, 10, NULL) == 0) + { + Error ("CANNOT_SET_TIMER", MainDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + return 1; + } + + case WM_TIMER: + { + if ((nSelectedHotkeyId > -1) && (GetFocus () == GetDlgItem (hwndDlg, IDC_HOTKEY_KEY))) + { + wchar_t keyName [MAX_KEY_COMB_NAME_LEN]; + UINT tmpVKeyCode; + + keyName[0] = 0; + + ScanAndProcessKey (&tmpVKeyCode, &keyName[0]); + + if (keyName[0] != 0) + { + currentVKeyCode = tmpVKeyCode; + SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), keyName); + EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_ASSIGN), TRUE); + } + else if ((currentVKeyCode != 0) && GetKeyName (currentVKeyCode, keyName)) + { + SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), keyName); + } + } + return 1; + } + + case WM_NOTIFY: + if (wParam == IDC_HOTKEY_LIST) + { + if (((LPNMHDR) lParam)->code == LVN_ITEMACTIVATE + || ((LPNMHDR) lParam)->code == LVN_ITEMCHANGED && (((LPNMLISTVIEW) lParam)->uNewState & LVIS_FOCUSED)) + { + LVITEM item; + memset(&item,0,sizeof(item)); + nSelectedHotkeyId = ((LPNMLISTVIEW) lParam)->iItem; + currentVKeyCode = 0; + memset (vkeysDown, 0, sizeof(vkeysDown)); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), GetString ("PRESS_A_KEY_TO_ASSIGN")); + + EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_REMOVE), (tmpHotkeys[nSelectedHotkeyId].vKeyCode > 0)); + + EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_ASSIGN), FALSE); + bKeyScanOn = TRUE; + return 1; + } + } + + return 0; + + case WM_COMMAND: + if (lw == IDC_HOTKEY_KEY && hw == EN_CHANGE) + { + if (!bKeyScanOn && nSelectedHotkeyId < 0 && GetWindowTextLengthW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY))) + SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), L""); + } + + if (lw == IDC_HOTKEY_ASSIGN) + { + BOOL bOwnActiveShortcut = FALSE; + + if (nSelectedHotkeyId >= 0 && currentVKeyCode != 0) + { + UINT modifiers = 0; + if (GetCheckBox (hwndDlg, IDC_HK_MOD_CTRL)) + modifiers = MOD_CONTROL; + + if (GetCheckBox (hwndDlg, IDC_HK_MOD_ALT)) + modifiers |= MOD_ALT; + + if (GetCheckBox (hwndDlg, IDC_HK_MOD_SHIFT)) + modifiers |= MOD_SHIFT; + + if (GetCheckBox (hwndDlg, IDC_HK_MOD_WIN)) + modifiers |= MOD_WIN; + + // Check if it's not already assigned + if (ShortcutInUse (currentVKeyCode, modifiers, tmpHotkeys)) + { + Error ("SHORTCUT_ALREADY_IN_USE", hwndDlg); + return 1; + } + + // Check for reserved system keys + switch (currentVKeyCode) + { + case VK_F1: + case VK_F12: + /* F1 is help and F12 is reserved for use by the debugger at all times */ + if (modifiers == 0) + { + Error ("CANNOT_USE_RESERVED_KEY", hwndDlg); + return 1; + } + break; + } + + bOwnActiveShortcut = ShortcutInUse (currentVKeyCode, modifiers, Hotkeys); + + // Test if the shortcut can be assigned without errors + if (!bOwnActiveShortcut + && !RegisterHotKey (hwndDlg, nSelectedHotkeyId, modifiers, currentVKeyCode)) + { + handleWin32Error(hwndDlg, SRC_POS); + return 1; + } + else + { + if (!bOwnActiveShortcut && !UnregisterHotKey (hwndDlg, nSelectedHotkeyId)) + handleWin32Error(hwndDlg, SRC_POS); + + tmpHotkeys[nSelectedHotkeyId].vKeyCode = currentVKeyCode; + tmpHotkeys[nSelectedHotkeyId].vKeyModifiers = modifiers; + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), L""); + EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_ASSIGN), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_REMOVE), FALSE); + nSelectedHotkeyId = -1; + bKeyScanOn = FALSE; + currentVKeyCode = 0; + memset (vkeysDown, 0, sizeof(vkeysDown)); + } + } + DisplayHotkeyList(hwndDlg); + return 1; + } + + if (lw == IDC_HOTKEY_REMOVE) + { + if (nSelectedHotkeyId >= 0) + { + tmpHotkeys[nSelectedHotkeyId].vKeyCode = 0; + tmpHotkeys[nSelectedHotkeyId].vKeyModifiers = 0; + SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), L""); + EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_ASSIGN), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_REMOVE), FALSE); + nSelectedHotkeyId = -1; + bKeyScanOn = FALSE; + currentVKeyCode = 0; + memset (vkeysDown, 0, sizeof(vkeysDown)); + DisplayHotkeyList(hwndDlg); + } + return 1; + } + + if (lw == IDC_RESET_HOTKEYS) + { + int i; + + for (i = 0; i < NBR_HOTKEYS; i++) + { + tmpHotkeys[i].vKeyCode = 0; + tmpHotkeys[i].vKeyModifiers = 0; + } + SetWindowTextW (GetDlgItem (hwndDlg, IDC_HOTKEY_KEY), L""); + EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_ASSIGN), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_HOTKEY_REMOVE), FALSE); + nSelectedHotkeyId = -1; + bKeyScanOn = FALSE; + currentVKeyCode = 0; + memset (vkeysDown, 0, sizeof(vkeysDown)); + DisplayHotkeyList(hwndDlg); + return 1; + } + + if (lw == IDC_HK_DISMOUNT_PLAY_SOUND) + { + bTPlaySoundOnSuccessfulHkDismount = GetCheckBox (hwndDlg, IDC_HK_DISMOUNT_PLAY_SOUND); + } + + if (lw == IDC_HK_DISMOUNT_BALLOON_TOOLTIP) + { + bTDisplayBalloonOnSuccessfulHkDismount = GetCheckBox (hwndDlg, IDC_HK_DISMOUNT_BALLOON_TOOLTIP); + } + + if (lw == IDCANCEL || lw == IDCLOSE) + { + KillTimer (hwndDlg, 0xfe); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + if (lw == IDOK) + { + HWND hwndMainDlg = hwndDlg; + + while (GetParent (hwndMainDlg) != NULL) + { + hwndMainDlg = GetParent (hwndMainDlg); + } + UnregisterAllHotkeys (hwndMainDlg, Hotkeys); + memcpy (Hotkeys, tmpHotkeys, sizeof(Hotkeys)); + RegisterAllHotkeys (hwndMainDlg, Hotkeys); + KillTimer (hwndDlg, 0xfe); + bPlaySoundOnSuccessfulHkDismount = bTPlaySoundOnSuccessfulHkDismount; + bDisplayBalloonOnSuccessfulHkDismount = bTDisplayBalloonOnSuccessfulHkDismount; + + SaveSettings (hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + return 0; + + case WM_CLOSE: + + KillTimer (hwndDlg, 0xfe); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + return 0; +} + + diff --git a/src/Mount/Hotkeys.h b/src/Mount/Hotkeys.h index 8a6d44b6..167ddc54 100644 --- a/src/Mount/Hotkeys.h +++ b/src/Mount/Hotkeys.h @@ -1,52 +1,52 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifdef __cplusplus -extern "C" { -#endif - -enum -{ - /* When adding/removing hot keys, update the following functions in Mount.c: - DisplayHotkeyList() - SaveSettings() - LoadSettings() - HandleHotKey() */ - - HK_AUTOMOUNT_DEVICES = 0, - HK_CLOSE_SECURITY_TOKEN_SESSIONS, - HK_DISMOUNT_ALL, - HK_DISMOUNT_ALL_AND_WIPE, - HK_FORCE_DISMOUNT_ALL_AND_WIPE, - HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT, - HK_MOUNT_FAVORITE_VOLUMES, - HK_SHOW_HIDE_MAIN_WINDOW, - HK_WIPE_CACHE, - NBR_HOTKEYS -}; - -typedef struct -{ - UINT vKeyCode; - UINT vKeyModifiers; -} TCHOTKEY; - -extern TCHOTKEY Hotkeys [NBR_HOTKEYS]; - -BOOL CALLBACK HotkeysDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); -BOOL GetKeyName (UINT vKey, wchar_t *keyName); -void UnregisterAllHotkeys (HWND hwndDlg, TCHOTKEY hotkeys[]); -BOOL RegisterAllHotkeys (HWND hwndDlg, TCHOTKEY hotkeys[]); - -#ifdef __cplusplus -} -#endif +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifdef __cplusplus +extern "C" { +#endif + +enum +{ + /* When adding/removing hot keys, update the following functions in Mount.c: + DisplayHotkeyList() + SaveSettings() + LoadSettings() + HandleHotKey() */ + + HK_AUTOMOUNT_DEVICES = 0, + HK_CLOSE_SECURITY_TOKEN_SESSIONS, + HK_DISMOUNT_ALL, + HK_DISMOUNT_ALL_AND_WIPE, + HK_FORCE_DISMOUNT_ALL_AND_WIPE, + HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT, + HK_MOUNT_FAVORITE_VOLUMES, + HK_SHOW_HIDE_MAIN_WINDOW, + HK_WIPE_CACHE, + NBR_HOTKEYS +}; + +typedef struct +{ + UINT vKeyCode; + UINT vKeyModifiers; +} TCHOTKEY; + +extern TCHOTKEY Hotkeys [NBR_HOTKEYS]; + +BOOL CALLBACK HotkeysDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); +BOOL GetKeyName (UINT vKey, wchar_t *keyName); +void UnregisterAllHotkeys (HWND hwndDlg, TCHOTKEY hotkeys[]); +BOOL RegisterAllHotkeys (HWND hwndDlg, TCHOTKEY hotkeys[]); + +#ifdef __cplusplus +} +#endif diff --git a/src/Mount/MainCom.cpp b/src/Mount/MainCom.cpp index 738b243d..6955897d 100644 --- a/src/Mount/MainCom.cpp +++ b/src/Mount/MainCom.cpp @@ -1,294 +1,294 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include -#include -#include -#include "BaseCom.h" -#include "BootEncryption.h" -#include "Dlgcode.h" -#include "MainCom.h" -#include "MainCom_h.h" -#include "MainCom_i.c" -#include "Mount.h" -#include "Password.h" - -using namespace VeraCrypt; - -static volatile LONG ObjectCount = 0; - -class TrueCryptMainCom : public ITrueCryptMainCom -{ - -public: - TrueCryptMainCom (DWORD messageThreadId) : RefCount (0), MessageThreadId (messageThreadId) - { - InterlockedIncrement (&ObjectCount); - } - - virtual ~TrueCryptMainCom () - { - if (InterlockedDecrement (&ObjectCount) == 0) - PostThreadMessage (MessageThreadId, WM_APP, 0, 0); - } - - virtual ULONG STDMETHODCALLTYPE AddRef () - { - return InterlockedIncrement (&RefCount); - } - - virtual ULONG STDMETHODCALLTYPE Release () - { - if (!InterlockedDecrement (&RefCount)) - { - delete this; - return 0; - } - - return RefCount; - } - - virtual HRESULT STDMETHODCALLTYPE QueryInterface (REFIID riid, void **ppvObject) - { - if (riid == IID_IUnknown || riid == IID_ITrueCryptMainCom) - *ppvObject = this; - else - { - *ppvObject = NULL; - return E_NOINTERFACE; - } - - AddRef (); - return S_OK; - } - - virtual void STDMETHODCALLTYPE AnalyzeKernelMiniDump (LONG_PTR hwndDlg) - { - // Do nothing - MainDlg = (HWND) hwndDlg; - } - - virtual int STDMETHODCALLTYPE BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume) - { - MainDlg = (HWND) hwndDlg; - return ::BackupVolumeHeader ((HWND) hwndDlg, bRequireConfirmation, lpszVolume); - } - - virtual int STDMETHODCALLTYPE RestoreVolumeHeader (LONG_PTR hwndDlg, BSTR lpszVolume) - { - MainDlg = (HWND) hwndDlg; - return ::RestoreVolumeHeader ((HWND) hwndDlg, lpszVolume); - } - - virtual DWORD STDMETHODCALLTYPE CallDriver (DWORD ioctl, BSTR input, BSTR *output) - { - return BaseCom::CallDriver (ioctl, input, output); - } - - virtual int STDMETHODCALLTYPE ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd) - { - MainDlg = (HWND) hWnd; - return ::ChangePwd (volumePath, oldPassword, 0, 0, FALSE, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd); - } - - virtual DWORD STDMETHODCALLTYPE CopyFile (BSTR sourceFile, BSTR destinationFile) - { - return BaseCom::CopyFile (sourceFile, destinationFile); - } - - virtual DWORD STDMETHODCALLTYPE DeleteFile (BSTR file) - { - return BaseCom::DeleteFile (file); - } - - virtual BOOL STDMETHODCALLTYPE IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly) - { - return BaseCom::IsPagingFileActive (checkNonWindowsPartitionsOnly); - } - - virtual DWORD STDMETHODCALLTYPE ReadWriteFile (BOOL write, BOOL device, BSTR filePath, BSTR *bufferBstr, unsigned __int64 offset, unsigned __int32 size, DWORD *sizeDone) - { - return BaseCom::ReadWriteFile (write, device, filePath, bufferBstr, offset, size, sizeDone); - } - - virtual DWORD STDMETHODCALLTYPE RegisterFilterDriver (BOOL registerDriver, int filterType) - { - return BaseCom::RegisterFilterDriver (registerDriver, filterType); - } - - virtual DWORD STDMETHODCALLTYPE RegisterSystemFavoritesService (BOOL registerService) - { - return BaseCom::RegisterSystemFavoritesService (registerService); - } - - virtual DWORD STDMETHODCALLTYPE SetDriverServiceStartType (DWORD startType) - { - return BaseCom::SetDriverServiceStartType (startType); - } - - virtual DWORD STDMETHODCALLTYPE WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value) - { - return BaseCom::WriteLocalMachineRegistryDwordValue (keyPath, valueName, value); - } - - virtual int STDMETHODCALLTYPE ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd) - { - MainDlg = (HWND) hWnd; - return ::ChangePwd (volumePath, oldPassword, old_pkcs5, 0, FALSE, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd); - } - - virtual int STDMETHODCALLTYPE ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd) - { - MainDlg = (HWND) hWnd; - return ::ChangePwd (volumePath, oldPassword, old_pkcs5, 0, truecryptMode, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd); - } - - virtual int STDMETHODCALLTYPE ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, LONG_PTR hWnd) - { - MainDlg = (HWND) hWnd; - return ::ChangePwd (volumePath, oldPassword, old_pkcs5, old_pim, truecryptMode, newPassword, pkcs5, pim, wipePassCount, (HWND) hWnd); - } - -protected: - DWORD MessageThreadId; - LONG RefCount; -}; - - -extern "C" BOOL ComServerMain () -{ - SetProcessShutdownParameters (0x100, 0); - - TrueCryptFactory factory (GetCurrentThreadId ()); - DWORD cookie; - - if (IsUacSupported ()) - UacElevated = TRUE; - - if (CoRegisterClassObject (CLSID_TrueCryptMainCom, (LPUNKNOWN) &factory, - CLSCTX_LOCAL_SERVER, REGCLS_SINGLEUSE, &cookie) != S_OK) - return FALSE; - - MSG msg; - while (int r = GetMessageW (&msg, NULL, 0, 0)) - { - if (r == -1) - return FALSE; - - TranslateMessage (&msg); - DispatchMessageW (&msg); - - if (msg.message == WM_APP - && ObjectCount < 1 - && !factory.IsServerLocked ()) - break; - } - CoRevokeClassObject (cookie); - - return TRUE; -} - - -static BOOL ComGetInstance (HWND hWnd, ITrueCryptMainCom **tcServer) -{ - return ComGetInstanceBase (hWnd, CLSID_TrueCryptMainCom, IID_ITrueCryptMainCom, (void **) tcServer); -} - - -ITrueCryptMainCom *GetElevatedInstance (HWND parent) -{ - ITrueCryptMainCom *instance; - - if (!ComGetInstance (parent, &instance)) - throw UserAbort (SRC_POS); - - return instance; -} - - -extern "C" int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, wchar_t *lpszVolume) -{ - CComPtr tc; - int r; - - CoInitialize (NULL); - - if (ComGetInstance (hwndDlg, &tc)) - { - CComBSTR volumeBstr; - BSTR bstr = W2BSTR(lpszVolume); - if (bstr) - { - volumeBstr.Attach (bstr); - r = tc->BackupVolumeHeader ((LONG_PTR) hwndDlg, bRequireConfirmation, volumeBstr); - } - else - r = ERR_OUTOFMEMORY; - } - else - r = -1; - - CoUninitialize (); - - return r; -} - - -extern "C" int UacRestoreVolumeHeader (HWND hwndDlg, wchar_t *lpszVolume) -{ - CComPtr tc; - int r; - - CoInitialize (NULL); - - if (ComGetInstance (hwndDlg, &tc)) - { - CComBSTR volumeBstr; - BSTR bstr = W2BSTR(lpszVolume); - if (bstr) - { - volumeBstr.Attach (bstr); - r = tc->RestoreVolumeHeader ((LONG_PTR) hwndDlg, volumeBstr); - } - else - r = ERR_OUTOFMEMORY; - } - else - r = -1; - - CoUninitialize (); - - return r; -} - - -extern "C" int UacChangePwd (wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg) -{ - CComPtr tc; - int r; - - CoInitialize (NULL); - - if (ComGetInstance (hwndDlg, &tc)) - { - CComBSTR bstrVolume (lpszVolume); - WaitCursor (); - r = tc->ChangePasswordEx3 (bstrVolume, oldPassword, old_pkcs5, old_pim, truecryptMode, newPassword, pkcs5, pim, wipePassCount, (LONG_PTR) hwndDlg); - NormalCursor (); - } - else - r = -1; - - CoUninitialize (); - - return r; -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include +#include +#include +#include "BaseCom.h" +#include "BootEncryption.h" +#include "Dlgcode.h" +#include "MainCom.h" +#include "MainCom_h.h" +#include "MainCom_i.c" +#include "Mount.h" +#include "Password.h" + +using namespace VeraCrypt; + +static volatile LONG ObjectCount = 0; + +class TrueCryptMainCom : public ITrueCryptMainCom +{ + +public: + TrueCryptMainCom (DWORD messageThreadId) : RefCount (0), MessageThreadId (messageThreadId) + { + InterlockedIncrement (&ObjectCount); + } + + virtual ~TrueCryptMainCom () + { + if (InterlockedDecrement (&ObjectCount) == 0) + PostThreadMessage (MessageThreadId, WM_APP, 0, 0); + } + + virtual ULONG STDMETHODCALLTYPE AddRef () + { + return InterlockedIncrement (&RefCount); + } + + virtual ULONG STDMETHODCALLTYPE Release () + { + if (!InterlockedDecrement (&RefCount)) + { + delete this; + return 0; + } + + return RefCount; + } + + virtual HRESULT STDMETHODCALLTYPE QueryInterface (REFIID riid, void **ppvObject) + { + if (riid == IID_IUnknown || riid == IID_ITrueCryptMainCom) + *ppvObject = this; + else + { + *ppvObject = NULL; + return E_NOINTERFACE; + } + + AddRef (); + return S_OK; + } + + virtual void STDMETHODCALLTYPE AnalyzeKernelMiniDump (LONG_PTR hwndDlg) + { + // Do nothing + MainDlg = (HWND) hwndDlg; + } + + virtual int STDMETHODCALLTYPE BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume) + { + MainDlg = (HWND) hwndDlg; + return ::BackupVolumeHeader ((HWND) hwndDlg, bRequireConfirmation, lpszVolume); + } + + virtual int STDMETHODCALLTYPE RestoreVolumeHeader (LONG_PTR hwndDlg, BSTR lpszVolume) + { + MainDlg = (HWND) hwndDlg; + return ::RestoreVolumeHeader ((HWND) hwndDlg, lpszVolume); + } + + virtual DWORD STDMETHODCALLTYPE CallDriver (DWORD ioctl, BSTR input, BSTR *output) + { + return BaseCom::CallDriver (ioctl, input, output); + } + + virtual int STDMETHODCALLTYPE ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd) + { + MainDlg = (HWND) hWnd; + return ::ChangePwd (volumePath, oldPassword, 0, 0, FALSE, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd); + } + + virtual DWORD STDMETHODCALLTYPE CopyFile (BSTR sourceFile, BSTR destinationFile) + { + return BaseCom::CopyFile (sourceFile, destinationFile); + } + + virtual DWORD STDMETHODCALLTYPE DeleteFile (BSTR file) + { + return BaseCom::DeleteFile (file); + } + + virtual BOOL STDMETHODCALLTYPE IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly) + { + return BaseCom::IsPagingFileActive (checkNonWindowsPartitionsOnly); + } + + virtual DWORD STDMETHODCALLTYPE ReadWriteFile (BOOL write, BOOL device, BSTR filePath, BSTR *bufferBstr, unsigned __int64 offset, unsigned __int32 size, DWORD *sizeDone) + { + return BaseCom::ReadWriteFile (write, device, filePath, bufferBstr, offset, size, sizeDone); + } + + virtual DWORD STDMETHODCALLTYPE RegisterFilterDriver (BOOL registerDriver, int filterType) + { + return BaseCom::RegisterFilterDriver (registerDriver, filterType); + } + + virtual DWORD STDMETHODCALLTYPE RegisterSystemFavoritesService (BOOL registerService) + { + return BaseCom::RegisterSystemFavoritesService (registerService); + } + + virtual DWORD STDMETHODCALLTYPE SetDriverServiceStartType (DWORD startType) + { + return BaseCom::SetDriverServiceStartType (startType); + } + + virtual DWORD STDMETHODCALLTYPE WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value) + { + return BaseCom::WriteLocalMachineRegistryDwordValue (keyPath, valueName, value); + } + + virtual int STDMETHODCALLTYPE ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd) + { + MainDlg = (HWND) hWnd; + return ::ChangePwd (volumePath, oldPassword, old_pkcs5, 0, FALSE, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd); + } + + virtual int STDMETHODCALLTYPE ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd) + { + MainDlg = (HWND) hWnd; + return ::ChangePwd (volumePath, oldPassword, old_pkcs5, 0, truecryptMode, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd); + } + + virtual int STDMETHODCALLTYPE ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, LONG_PTR hWnd) + { + MainDlg = (HWND) hWnd; + return ::ChangePwd (volumePath, oldPassword, old_pkcs5, old_pim, truecryptMode, newPassword, pkcs5, pim, wipePassCount, (HWND) hWnd); + } + +protected: + DWORD MessageThreadId; + LONG RefCount; +}; + + +extern "C" BOOL ComServerMain () +{ + SetProcessShutdownParameters (0x100, 0); + + TrueCryptFactory factory (GetCurrentThreadId ()); + DWORD cookie; + + if (IsUacSupported ()) + UacElevated = TRUE; + + if (CoRegisterClassObject (CLSID_TrueCryptMainCom, (LPUNKNOWN) &factory, + CLSCTX_LOCAL_SERVER, REGCLS_SINGLEUSE, &cookie) != S_OK) + return FALSE; + + MSG msg; + while (int r = GetMessageW (&msg, NULL, 0, 0)) + { + if (r == -1) + return FALSE; + + TranslateMessage (&msg); + DispatchMessageW (&msg); + + if (msg.message == WM_APP + && ObjectCount < 1 + && !factory.IsServerLocked ()) + break; + } + CoRevokeClassObject (cookie); + + return TRUE; +} + + +static BOOL ComGetInstance (HWND hWnd, ITrueCryptMainCom **tcServer) +{ + return ComGetInstanceBase (hWnd, CLSID_TrueCryptMainCom, IID_ITrueCryptMainCom, (void **) tcServer); +} + + +ITrueCryptMainCom *GetElevatedInstance (HWND parent) +{ + ITrueCryptMainCom *instance; + + if (!ComGetInstance (parent, &instance)) + throw UserAbort (SRC_POS); + + return instance; +} + + +extern "C" int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, wchar_t *lpszVolume) +{ + CComPtr tc; + int r; + + CoInitialize (NULL); + + if (ComGetInstance (hwndDlg, &tc)) + { + CComBSTR volumeBstr; + BSTR bstr = W2BSTR(lpszVolume); + if (bstr) + { + volumeBstr.Attach (bstr); + r = tc->BackupVolumeHeader ((LONG_PTR) hwndDlg, bRequireConfirmation, volumeBstr); + } + else + r = ERR_OUTOFMEMORY; + } + else + r = -1; + + CoUninitialize (); + + return r; +} + + +extern "C" int UacRestoreVolumeHeader (HWND hwndDlg, wchar_t *lpszVolume) +{ + CComPtr tc; + int r; + + CoInitialize (NULL); + + if (ComGetInstance (hwndDlg, &tc)) + { + CComBSTR volumeBstr; + BSTR bstr = W2BSTR(lpszVolume); + if (bstr) + { + volumeBstr.Attach (bstr); + r = tc->RestoreVolumeHeader ((LONG_PTR) hwndDlg, volumeBstr); + } + else + r = ERR_OUTOFMEMORY; + } + else + r = -1; + + CoUninitialize (); + + return r; +} + + +extern "C" int UacChangePwd (wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg) +{ + CComPtr tc; + int r; + + CoInitialize (NULL); + + if (ComGetInstance (hwndDlg, &tc)) + { + CComBSTR bstrVolume (lpszVolume); + WaitCursor (); + r = tc->ChangePasswordEx3 (bstrVolume, oldPassword, old_pkcs5, old_pim, truecryptMode, newPassword, pkcs5, pim, wipePassCount, (LONG_PTR) hwndDlg); + NormalCursor (); + } + else + r = -1; + + CoUninitialize (); + + return r; +} diff --git a/src/Mount/MainCom.h b/src/Mount/MainCom.h index 9fad2870..5bd8e222 100644 --- a/src/Mount/MainCom.h +++ b/src/Mount/MainCom.h @@ -1,35 +1,35 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#ifndef TC_HEADER_MAIN_COM -#define TC_HEADER_MAIN_COM - -#include - -#ifdef __cplusplus - -#include "MainCom_h.h" -ITrueCryptMainCom *GetElevatedInstance (HWND parent); - -extern "C" { -#endif - -BOOL ComServerMain (); -int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, wchar_t *lpszVolume); -int UacRestoreVolumeHeader (HWND hwndDlg, wchar_t *lpszVolume); -int UacChangePwd (wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg); - -#ifdef __cplusplus -} -#endif - -#endif // TC_HEADER_MAIN_COM +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#ifndef TC_HEADER_MAIN_COM +#define TC_HEADER_MAIN_COM + +#include + +#ifdef __cplusplus + +#include "MainCom_h.h" +ITrueCryptMainCom *GetElevatedInstance (HWND parent); + +extern "C" { +#endif + +BOOL ComServerMain (); +int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, wchar_t *lpszVolume); +int UacRestoreVolumeHeader (HWND hwndDlg, wchar_t *lpszVolume); +int UacChangePwd (wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg); + +#ifdef __cplusplus +} +#endif + +#endif // TC_HEADER_MAIN_COM diff --git a/src/Mount/MainCom.idl b/src/Mount/MainCom.idl index 4e268a53..4999dba5 100644 --- a/src/Mount/MainCom.idl +++ b/src/Mount/MainCom.idl @@ -1,57 +1,57 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -import "wtypes.idl"; -import "..\Common\Password.h"; - -[ - uuid(9ACF6176-5FC4-4690-A025-B3306A50EB6A), - helpstring("VeraCrypt Main UAC Support Library"), - version(2.7) // Update ComSetup.cpp when changing version number -] -library TrueCryptMainCom -{ - [ - uuid(C786E27C-2801-482c-B45D-D4357B270A29), - object, - oleautomation, - helpstring("VeraCrypt Main UAC Support Interface") - ] - interface ITrueCryptMainCom : IUnknown - { - void AnalyzeKernelMiniDump (LONG_PTR hwndDlg); - int BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume); - DWORD CallDriver (DWORD ioctl, BSTR input, BSTR *output); - int ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd); - DWORD CopyFile (BSTR sourceFile, BSTR destinationFile); - DWORD DeleteFile (BSTR file); - BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly); - DWORD ReadWriteFile (BOOL write, BOOL device, BSTR filePath, BSTR *bufferBstr, unsigned __int64 offset, unsigned __int32 size, DWORD *sizeDone); - DWORD RegisterFilterDriver (BOOL registerDriver, int filterType); - DWORD RegisterSystemFavoritesService (BOOL registerService); - int RestoreVolumeHeader (LONG_PTR hwndDlg, BSTR lpszVolume); - DWORD SetDriverServiceStartType (DWORD startType); - DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value); - int ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd); - int ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd); - int ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, LONG_PTR hWnd); - }; - - [ - uuid(FE8B3B95-C80C-41f7-830F-FBA271C26F7E), - helpstring("VeraCrypt Main UAC Support Coclass") - ] - coclass TrueCryptMainCom - { - [default] interface ITrueCryptMainCom; - } -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +import "wtypes.idl"; +import "..\Common\Password.h"; + +[ + uuid(9ACF6176-5FC4-4690-A025-B3306A50EB6A), + helpstring("VeraCrypt Main UAC Support Library"), + version(2.7) // Update ComSetup.cpp when changing version number +] +library TrueCryptMainCom +{ + [ + uuid(C786E27C-2801-482c-B45D-D4357B270A29), + object, + oleautomation, + helpstring("VeraCrypt Main UAC Support Interface") + ] + interface ITrueCryptMainCom : IUnknown + { + void AnalyzeKernelMiniDump (LONG_PTR hwndDlg); + int BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume); + DWORD CallDriver (DWORD ioctl, BSTR input, BSTR *output); + int ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd); + DWORD CopyFile (BSTR sourceFile, BSTR destinationFile); + DWORD DeleteFile (BSTR file); + BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly); + DWORD ReadWriteFile (BOOL write, BOOL device, BSTR filePath, BSTR *bufferBstr, unsigned __int64 offset, unsigned __int32 size, DWORD *sizeDone); + DWORD RegisterFilterDriver (BOOL registerDriver, int filterType); + DWORD RegisterSystemFavoritesService (BOOL registerService); + int RestoreVolumeHeader (LONG_PTR hwndDlg, BSTR lpszVolume); + DWORD SetDriverServiceStartType (DWORD startType); + DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value); + int ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd); + int ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd); + int ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, LONG_PTR hWnd); + }; + + [ + uuid(FE8B3B95-C80C-41f7-830F-FBA271C26F7E), + helpstring("VeraCrypt Main UAC Support Coclass") + ] + coclass TrueCryptMainCom + { + [default] interface ITrueCryptMainCom; + } +} diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index 5bcaddad..ef665a5a 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -1,11024 +1,11024 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" -#include "cpu.h" - -#include -#include -#include -#include -#include -#include -#include -#include - -#include "Apidrvr.h" -#include "BootEncryption.h" -#include "Cmdline.h" -#include "Crypto.h" -#include "Dlgcode.h" -#include "Combo.h" -#include "Favorites.h" -#include "Hotkeys.h" -#include "Keyfiles.h" -#include "Language.h" -#include "MainCom.h" -#include "Mount.h" -#include "Pkcs5.h" -#include "Random.h" -#include "Registry.h" -#include "Resource.h" -#include "Password.h" -#include "Xml.h" -#include "../Boot/Windows/BootCommon.h" -#include "../Common/Dictionary.h" -#include "../Common/Common.h" -#include "../Common/Resource.h" -#include "../Common/SecurityToken.h" -#include "../Platform/Finally.h" -#include "../Platform/ForEach.h" - -#include - -#include - -typedef BOOL (WINAPI *WTSREGISTERSESSIONNOTIFICATION)(HWND, DWORD); -typedef BOOL (WINAPI *WTSUNREGISTERSESSIONNOTIFICATION)(HWND); - -using namespace VeraCrypt; - -enum timer_ids -{ - TIMER_ID_MAIN = 0xff, - TIMER_ID_KEYB_LAYOUT_GUARD -}; - -enum hidden_os_read_only_notif_mode -{ - TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_NONE = 0, - TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_COMPACT, - TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_DISABLED -}; - -#define TIMER_INTERVAL_MAIN 500 -#define TIMER_INTERVAL_KEYB_LAYOUT_GUARD 10 - -BootEncryption *BootEncObj = NULL; -BootEncryptionStatus BootEncStatus; -BootEncryptionStatus RecentBootEncStatus; - -BOOL bExplore = FALSE; /* Display explorer window after mount */ -BOOL bBeep = FALSE; /* Donot beep after mount */ -wchar_t szFileName[TC_MAX_PATH+1]; /* Volume to mount */ -wchar_t szDriveLetter[3]; /* Drive Letter to mount */ -wchar_t commandLineDrive = 0; -BOOL bCacheInDriver = FALSE; /* Cache any passwords we see */ -BOOL bCacheInDriverDefault = FALSE; -BOOL bCacheDuringMultipleMount = FALSE; -BOOL bCmdCacheDuringMultipleMount = FALSE; -BOOL bIncludePimInCache = FALSE; -BOOL bTryEmptyPasswordWhenKeyfileUsed = FALSE; -BOOL bCmdTryEmptyPasswordWhenKeyfileUsed = FALSE; -BOOL bCmdTryEmptyPasswordWhenKeyfileUsedValid = FALSE; -BOOL bHistoryCmdLine = FALSE; /* History control is always disabled */ -BOOL bUseDifferentTrayIconIfVolMounted = TRUE; -BOOL bCloseDismountedWindows=TRUE; /* Close all open explorer windows of dismounted volume */ -BOOL bWipeCacheOnExit = FALSE; /* Wipe password from chace on exit */ -BOOL bWipeCacheOnAutoDismount = TRUE; -BOOL bEnableBkgTask = FALSE; -BOOL bCloseBkgTaskWhenNoVolumes = FALSE; -BOOL bDismountOnLogOff = TRUE; -BOOL bDismountOnSessionLocked = TRUE; -BOOL bDismountOnScreenSaver = TRUE; -BOOL bDismountOnPowerSaving = FALSE; -BOOL bForceAutoDismount = TRUE; -BOOL bForceMount = FALSE; /* Mount volume even if host file/device already in use */ -BOOL bForceUnmount = FALSE; /* Unmount volume even if it cannot be locked */ -BOOL bWipe = FALSE; /* Wipe driver passwords */ -BOOL bAuto = FALSE; /* Do everything without user input */ -BOOL LogOn = FALSE; -BOOL bAutoMountDevices = FALSE; /* Auto-mount devices */ -BOOL bAutoMountFavorites = FALSE; -BOOL bPlaySoundOnSuccessfulHkDismount = TRUE; -BOOL bDisplayBalloonOnSuccessfulHkDismount = TRUE; -BOOL bHibernationPreventionNotified = FALSE; /* TRUE if the user has been notified that hibernation was prevented (system encryption) during the session. */ -BOOL bHiddenSysLeakProtNotifiedDuringSession = FALSE; /* TRUE if the user has been notified during the session that unencrypted filesystems and non-hidden TrueCrypt volumes are mounted as read-only under hidden OS. */ -BOOL CloseSecurityTokenSessionsAfterMount = FALSE; - -BOOL Quit = FALSE; /* Exit after processing command line */ -BOOL ComServerMode = FALSE; -BOOL ServiceMode = FALSE; -BOOL UsePreferences = TRUE; - -int HiddenSysLeakProtectionNotificationStatus = TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_NONE; -int MaxVolumeIdleTime = -120; -int nCurrentShowType = 0; /* current display mode, mount, unmount etc */ -int nSelectedDriveIndex = -1; /* Item number of selected drive */ - -int cmdUnmountDrive = -2; /* Volume drive letter to unmount (-1 = all) */ -Password VolumePassword; /* Password used for mounting volumes */ -Password CmdVolumePassword; /* Password passed from command line */ -char CmdTokenPin [SecurityToken::MaxPasswordLength + 1] = {0}; -int VolumePkcs5 = 0; -int CmdVolumePkcs5 = 0; -int VolumePim = -1; -int CmdVolumePim = -1; -int DefaultVolumePkcs5 = 0; -BOOL VolumeTrueCryptMode = FALSE; -BOOL CmdVolumeTrueCryptMode = FALSE; -BOOL DefaultVolumeTrueCryptMode = FALSE; -BOOL CmdVolumePasswordValid = FALSE; -MountOptions CmdMountOptions; -BOOL CmdMountOptionsValid = FALSE; -MountOptions mountOptions; -MountOptions defaultMountOptions; -KeyFile *FirstCmdKeyFile; - -HBITMAP hbmLogoBitmapRescaled = NULL; -wchar_t OrigKeyboardLayout [8+1] = L"00000409"; -BOOL bKeyboardLayoutChanged = FALSE; /* TRUE if the keyboard layout was changed to the standard US keyboard layout (from any other layout). */ -BOOL bKeybLayoutAltKeyWarningShown = FALSE; /* TRUE if the user has been informed that it is not possible to type characters by pressing keys while the right Alt key is held down. */ - -static KeyFilesDlgParam hidVolProtKeyFilesParam; - -static MOUNT_LIST_STRUCT LastKnownMountList; -VOLUME_NOTIFICATIONS_LIST VolumeNotificationsList; -static DWORD LastKnownLogicalDrives; - -static HANDLE TaskBarIconMutex = NULL; -static BOOL MainWindowHidden = FALSE; -static int pwdChangeDlgMode = PCDM_CHANGE_PASSWORD; -static int bSysEncPwdChangeDlgMode = FALSE; -static int bPrebootPasswordDlgMode = FALSE; -static int NoCmdLineArgs; -static BOOL CmdLineVolumeSpecified; -static int LastDriveListVolumeColumnWidth; -// WTS handling -static HMODULE hWtsLib = NULL; -static WTSREGISTERSESSIONNOTIFICATION fnWtsRegisterSessionNotification = NULL; -static WTSUNREGISTERSESSIONNOTIFICATION fnWtsUnRegisterSessionNotification = NULL; - -static void RegisterWtsNotification(HWND hWnd) -{ - if (!hWtsLib) - { - wchar_t dllPath[MAX_PATH]; - if (GetSystemDirectory(dllPath, MAX_PATH)) - StringCbCatW(dllPath, sizeof(dllPath), L"\\wtsapi32.dll"); - else - StringCbCopyW(dllPath, sizeof(dllPath), L"c:\\Windows\\System32\\wtsapi32.dll"); - - hWtsLib = LoadLibrary(dllPath); - if (hWtsLib) - { - fnWtsRegisterSessionNotification = (WTSREGISTERSESSIONNOTIFICATION) GetProcAddress(hWtsLib, "WTSRegisterSessionNotification" ); - fnWtsUnRegisterSessionNotification = (WTSUNREGISTERSESSIONNOTIFICATION) GetProcAddress(hWtsLib, "WTSUnRegisterSessionNotification" ); - if ( !fnWtsRegisterSessionNotification - || !fnWtsUnRegisterSessionNotification - || !fnWtsRegisterSessionNotification( hWnd, NOTIFY_FOR_THIS_SESSION ) - ) - { - fnWtsRegisterSessionNotification = NULL; - fnWtsUnRegisterSessionNotification = NULL; - FreeLibrary(hWtsLib); - hWtsLib = NULL; - } - } - } -} - -static void UnregisterWtsNotification(HWND hWnd) -{ - if (hWtsLib && fnWtsUnRegisterSessionNotification) - { - fnWtsUnRegisterSessionNotification(hWnd); - FreeLibrary(hWtsLib); - hWtsLib = NULL; - fnWtsRegisterSessionNotification = NULL; - fnWtsUnRegisterSessionNotification = NULL; - } -} - -static void localcleanup (void) -{ - // Wipe command line - char *c = GetCommandLineA (); - wchar_t *wc = GetCommandLineW (); - burn(c, strlen (c)); - burn(wc, wcslen (wc) * sizeof (wchar_t)); - - /* Delete buffered bitmaps (if any) */ - if (hbmLogoBitmapRescaled != NULL) - { - DeleteObject ((HGDIOBJ) hbmLogoBitmapRescaled); - hbmLogoBitmapRescaled = NULL; - } - - /* These items should have already been cleared by the functions that used them, but we're going to - clear them for extra security. */ - burn (&VolumePassword, sizeof (VolumePassword)); - burn (&CmdVolumePassword, sizeof (CmdVolumePassword)); - burn (&VolumePkcs5, sizeof (VolumePkcs5)); - burn (&CmdVolumePkcs5, sizeof (CmdVolumePkcs5)); - burn (&VolumePim, sizeof (VolumePim)); - burn (&CmdVolumePim, sizeof (CmdVolumePim)); - burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); - burn (&CmdVolumeTrueCryptMode, sizeof (CmdVolumeTrueCryptMode)); - burn (&mountOptions, sizeof (mountOptions)); - burn (&defaultMountOptions, sizeof (defaultMountOptions)); - burn (szFileName, sizeof(szFileName)); - burn (&CmdTokenPin, sizeof (CmdTokenPin)); - - /* Cleanup common code resources */ - cleanup (); - - if (BootEncObj != NULL) - { - delete BootEncObj; - BootEncObj = NULL; - } - - RandStop (TRUE); -} - -void RefreshMainDlg (HWND hwndDlg) -{ - int drive = (wchar_t) (HIWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST)))); - - MoveEditToCombo (GetDlgItem (hwndDlg, IDC_VOLUME), bHistory); - LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), drive); - EnableDisableButtons (hwndDlg); -} - -void EndMainDlg (HWND hwndDlg) -{ - MoveEditToCombo (GetDlgItem (hwndDlg, IDC_VOLUME), bHistory); - - if (UsePreferences) - SaveSettings (hwndDlg); - - if (bWipeCacheOnExit) - { - DWORD dwResult; - DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); - } - - if (!bHistory) - { - SetWindowText (GetDlgItem (hwndDlg, IDC_VOLUME), L""); - ClearHistory (GetDlgItem (hwndDlg, IDC_VOLUME)); - } - - if (TaskBarIconMutex != NULL) - { - MainWindowHidden = TRUE; - ShowWindow (hwndDlg, SW_HIDE); - } - else - { - KillTimer (hwndDlg, TIMER_ID_MAIN); - TaskBarIconRemove (hwndDlg); - UnregisterWtsNotification(hwndDlg); - EndDialog (hwndDlg, 0); - } -} - -static void InitMainDialog (HWND hwndDlg) -{ - MENUITEMINFOW info; - char *popupTexts[] = {"MENU_VOLUMES", "MENU_SYSTEM_ENCRYPTION", "MENU_FAVORITES", "MENU_TOOLS", "MENU_SETTINGS", "MENU_HELP", "MENU_WEBSITE", 0}; - wchar_t *str; - int i; - - /* Call the common dialog init code */ - InitDialog (hwndDlg); - LocalizeDialog (hwndDlg, NULL); - - SetWindowLongPtrW (hwndDlg, DWLP_USER, (LONG_PTR) (IsAdmin() ? TC_MAIN_WINDOW_FLAG_ADMIN_PRIVILEGES : 0)); - - DragAcceptFiles (hwndDlg, TRUE); - - SendMessageW (GetDlgItem (hwndDlg, IDC_VOLUME), CB_LIMITTEXT, TC_MAX_PATH, 0); - SetWindowTextW (hwndDlg, (IsAdmin() && !IsBuiltInAdmin() && IsUacSupported() && !IsNonInstallMode()) ? (wstring (lpszTitle) + L" [" + GetString ("ADMINISTRATOR") + L"]").c_str() : lpszTitle); - - // Help file name - InitHelpFileName(); - - // Localize menu strings - for (i = 40001; str = (wchar_t *)GetDictionaryValueByInt (i); i++) - { - info.cbSize = sizeof (info); - info.fMask = MIIM_TYPE; - info.fType = MFT_STRING; - info.dwTypeData = str; - info.cch = (UINT) wcslen (str); - - SetMenuItemInfoW (GetMenu (hwndDlg), i, FALSE, &info); - } - - for (i = 0; popupTexts[i] != 0; i++) - { - str = GetString (popupTexts[i]); - - info.cbSize = sizeof (info); - info.fMask = MIIM_TYPE; - - if (strcmp (popupTexts[i], "MENU_WEBSITE") == 0) - info.fType = MFT_STRING | MFT_RIGHTJUSTIFY; - else - info.fType = MFT_STRING; - - if (strcmp (popupTexts[i], "MENU_FAVORITES") == 0) - FavoriteVolumesMenu = GetSubMenu (GetMenu (hwndDlg), i); - - info.dwTypeData = str; - info.cch = (UINT) wcslen (str); - - SetMenuItemInfoW (GetMenu (hwndDlg), i, TRUE, &info); - } - - // Disable menu item for changing system header key derivation algorithm until it's implemented - EnableMenuItem (GetMenu (hwndDlg), IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO, MF_GRAYED); - - try - { - LoadFavoriteVolumes(); - } - catch (Exception &e) - { - e.Show (NULL); - } - - // Resize the logo bitmap if the user has a non-default DPI - if (ScreenDPI != USER_DEFAULT_SCREEN_DPI - && hbmLogoBitmapRescaled == NULL) // If not re-called (e.g. after language pack change) - { - hbmLogoBitmapRescaled = RenderBitmap (MAKEINTRESOURCE (IDB_LOGO_288DPI), - GetDlgItem (hwndDlg, IDC_LOGO), - 0, 0, 0, 0, FALSE, TRUE); - } - - BuildTree (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST)); - - if (*szDriveLetter != 0) - { - SelectItem (GetDlgItem (hwndDlg, IDC_DRIVELIST), *szDriveLetter); - - if(nSelectedDriveIndex > SendMessage (GetDlgItem (hwndDlg, IDC_DRIVELIST), LVM_GETITEMCOUNT, 0, 0)/2) - SendMessage(GetDlgItem (hwndDlg, IDC_DRIVELIST), LVM_SCROLL, 0, 10000); - } - else - { - SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM) GetDlgItem (hwndDlg, IDC_DRIVELIST), 1L); - } - - SendMessage (GetDlgItem (hwndDlg, IDC_NO_HISTORY), BM_SETCHECK, bHistory ? BST_UNCHECKED : BST_CHECKED, 0); - EnableDisableButtons (hwndDlg); -} - -void EnableDisableButtons (HWND hwndDlg) -{ - HWND hOKButton = GetDlgItem (hwndDlg, IDOK); - WORD x; - - x = LOWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))); - - EnableMenuItem (GetMenu (hwndDlg), IDM_MOUNT_VOLUME, MF_ENABLED); - EnableMenuItem (GetMenu (hwndDlg), IDM_MOUNT_VOLUME_OPTIONS, MF_ENABLED); - EnableMenuItem (GetMenu (hwndDlg), IDM_BACKUP_VOL_HEADER, MF_ENABLED); - EnableMenuItem (GetMenu (hwndDlg), IDM_RESTORE_VOL_HEADER, MF_ENABLED); - EnableMenuItem (GetMenu (hwndDlg), IDM_CHANGE_PASSWORD, MF_ENABLED); - EnableWindow (hOKButton, TRUE); - - switch (x) - { - case TC_MLIST_ITEM_NONSYS_VOL: - { - SetWindowTextW (hOKButton, GetString ("UNMOUNT_BUTTON")); - EnableWindow (hOKButton, TRUE); - EnableMenuItem (GetMenu (hwndDlg), IDM_UNMOUNT_VOLUME, MF_ENABLED); - - EnableWindow (GetDlgItem (hwndDlg, IDC_VOLUME_PROPERTIES), TRUE); - EnableMenuItem (GetMenu (hwndDlg), IDM_VOLUME_PROPERTIES, MF_ENABLED); - } - break; - - case TC_MLIST_ITEM_SYS_PARTITION: - case TC_MLIST_ITEM_SYS_DRIVE: - EnableWindow (hOKButton, FALSE); - SetWindowTextW (hOKButton, GetString ("MOUNT_BUTTON")); - EnableWindow (GetDlgItem (hwndDlg, IDC_VOLUME_PROPERTIES), TRUE); - EnableMenuItem (GetMenu (hwndDlg), IDM_UNMOUNT_VOLUME, MF_GRAYED); - break; - - case TC_MLIST_ITEM_FREE: - default: - SetWindowTextW (hOKButton, GetString ("MOUNT_BUTTON")); - EnableWindow (GetDlgItem (hwndDlg, IDC_VOLUME_PROPERTIES), FALSE); - EnableMenuItem (GetMenu (hwndDlg), IDM_VOLUME_PROPERTIES, MF_GRAYED); - EnableMenuItem (GetMenu (hwndDlg), IDM_UNMOUNT_VOLUME, MF_GRAYED); - } - - EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_CACHE), !IsPasswordCacheEmpty()); - EnableMenuItem (GetMenu (hwndDlg), IDM_WIPE_CACHE, IsPasswordCacheEmpty() ? MF_GRAYED:MF_ENABLED); - EnableMenuItem (GetMenu (hwndDlg), IDM_CLEAR_HISTORY, IsComboEmpty (GetDlgItem (hwndDlg, IDC_VOLUME)) ? MF_GRAYED:MF_ENABLED); -} - -BOOL VolumeSelected (HWND hwndDlg) -{ - return (GetWindowTextLength (GetDlgItem (hwndDlg, IDC_VOLUME)) > 0); -} - -void GetVolumePath (HWND hwndDlg, LPWSTR szPath, int nMaxCount) -{ - GetWindowText (GetDlgItem (hwndDlg, IDC_VOLUME), szPath, nMaxCount); - CorrectFileName (szPath); -} - -/* Returns TRUE if the last partition/drive selected via the Select Device dialog box was the system -partition/drive and if it is encrypted. - WARNING: This function is very fast but not always reliable (for example, if the user manually types - a device path before Select Device is invoked during the session; after the Select Device dialog - has been invoked at least once, the correct system device paths are cached). Therefore, it must NOT - be used before performing any dangerous operations (such as header backup restore or formatting a - supposedly non-system device) -- instead use IsSystemDevicePath(path, hwndDlg, TRUE) for such - purposes. This function can be used only for preliminary GUI checks requiring very fast responses. */ -BOOL ActiveSysEncDeviceSelected (void) -{ - try - { - BootEncStatus = BootEncObj->GetStatus(); - - if (BootEncStatus.DriveEncrypted) - { - int retCode = 0; - - GetVolumePath (MainDlg, szFileName, ARRAYSIZE (szFileName)); - - retCode = IsSystemDevicePath (szFileName, MainDlg, FALSE); - - return (WholeSysDriveEncryption(FALSE) ? (retCode == 2 || retCode == 1) : (retCode == 1)); - } - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - return FALSE; -} - -// When a function does not require the affected volume to be dismounted, there may be cases where we have two valid -// paths selected in the main window and we cannot be sure which of them the user really intends to apply the function to. -// This function asks the user to explicitly select either the volume path specified in the input field below the main -// drive list (whether mounted or not), or the path to the volume selected in the main drive list. If, however, both -// of the GUI elements contain the same volume (or one of them does not contain any path), this function does not -// ask the user and returns the volume path directly (no selection ambiguity). -// If driveNoPtr is not NULL, and the volume is mounted, its drive letter is returned in *driveNoPtr (if no valid drive -// letter is resolved, -1 is stored instead). -static wstring ResolveAmbiguousSelection (HWND hwndDlg, int *driveNoPtr) -{ - LPARAM selectedDrive = GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST)); - - wchar_t volPathInputField [TC_MAX_PATH]; - - wchar_t volPathDriveListW [TC_MAX_PATH]; - wstring volPathDriveListStr; - - wstring retPath; - - VOLUME_PROPERTIES_STRUCT prop; - DWORD dwResult; - - BOOL useInputField = TRUE; - - memset (&prop, 0, sizeof(prop)); - - BOOL ambig = (LOWORD (selectedDrive) != TC_MLIST_ITEM_FREE && LOWORD (selectedDrive) != 0xffff && HIWORD (selectedDrive) != 0xffff - && VolumeSelected (MainDlg)); - - if (VolumeSelected (MainDlg)) - { - // volPathInputField will contain the volume path (if any) from the input field below the drive list - GetVolumePath (MainDlg, volPathInputField, ARRAYSIZE (volPathInputField)); - - if (!ambig) - retPath = (wstring) volPathInputField; - } - - if (LOWORD (selectedDrive) != TC_MLIST_ITEM_FREE && LOWORD (selectedDrive) != 0xffff && HIWORD (selectedDrive) != 0xffff) - { - // A volume is selected in the main drive list. - - switch (LOWORD (selectedDrive)) - { - case TC_MLIST_ITEM_NONSYS_VOL: - prop.driveNo = HIWORD (selectedDrive) - L'A'; - - if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &dwResult, NULL) || dwResult == 0) - { - // The driver did not return any path for this drive letter (the volume may have been dismounted). - - // Return whatever is in the input field below the drive list (even if empty) - return ((wstring) volPathInputField); - } - - // volPathDriveListWStr will contain the volume path selected in the main drive list - volPathDriveListStr = (wstring) prop.wszVolume; - break; - - case TC_MLIST_ITEM_SYS_PARTITION: - - GetSysDevicePaths (MainDlg); - - if (bCachedSysDevicePathsValid) - { - volPathDriveListStr = (wstring) SysPartitionDevicePath; - } - - break; - - case TC_MLIST_ITEM_SYS_DRIVE: - - GetSysDevicePaths (MainDlg); - - if (bCachedSysDevicePathsValid) - { - volPathDriveListStr = (wstring) SysDriveDevicePath; - } - - break; - } - - if (!ambig) - { - useInputField = FALSE; - retPath = volPathDriveListStr; - } - } - - if (ambig) - { - /* We have two paths. Compare them and if they don't match, ask the user to select one of them. Otherwise, return the path without asking. */ - - if (wmemcmp (volPathDriveListStr.c_str (), L"\\??\\", 4) == 0) - { - // The volume path starts with "\\??\\" which is used for file-hosted containers. We're going to strip this prefix. - - volPathDriveListStr = (wstring) (volPathDriveListStr.c_str () + 4); - } - - StringCbCopyW (volPathDriveListW, sizeof(volPathDriveListW), volPathDriveListStr.c_str ()); - - if (wcscmp (((wmemcmp (volPathDriveListW, L"\\??\\", 4) == 0) ? volPathDriveListW + 4 : volPathDriveListW), volPathInputField) != 0) - { - // The path selected in the input field is different from the path to the volume selected - // in the drive lettter list. We have to resolve possible ambiguity. - - wchar_t *tmp[] = {L"", L"", L"", L"", L"", 0}; - const int maxVolPathLen = 80; - - if (volPathDriveListStr.length () > maxVolPathLen) - { - // Ellipsis (path too long) - volPathDriveListStr = wstring (L"...") + volPathDriveListStr.substr (volPathDriveListStr.length () - maxVolPathLen, maxVolPathLen); - } - - wstring volPathInputFieldWStr (volPathInputField); - - if (volPathInputFieldWStr.length () > maxVolPathLen) - { - // Ellipsis (path too long) - volPathInputFieldWStr = wstring (L"...") + volPathInputFieldWStr.substr (volPathInputFieldWStr.length () - maxVolPathLen, maxVolPathLen); - } - - tmp[1] = GetString ("AMBIGUOUS_VOL_SELECTION"); - tmp[2] = (wchar_t *) volPathDriveListStr.c_str(); - tmp[3] = (wchar_t *) volPathInputFieldWStr.c_str(); - tmp[4] = GetString ("IDCANCEL"); - - switch (AskMultiChoice ((void **) tmp, FALSE, hwndDlg)) - { - case 1: - retPath = volPathDriveListStr; - break; - - case 2: - retPath = (wstring) volPathInputField; - break; - - default: - if (driveNoPtr != NULL) - *driveNoPtr = -1; - - return wstring (L""); - } - } - else - { - // Both selected paths are the same - retPath = (wstring) volPathInputField; - } - } - - if (driveNoPtr != NULL) - *driveNoPtr = GetMountedVolumeDriveNo ((wchar_t *) retPath.c_str ()); - - - if (wmemcmp (retPath.c_str (), L"\\??\\", 4) == 0) - { - // The selected volume path starts with "\\??\\" which is used for file-hosted containers. We're going to strip this prefix. - - retPath = (wstring) (retPath.c_str () + 4); - } - - return retPath; -} - -void LoadSettingsAndCheckModified (HWND hwndDlg, BOOL bOnlyCheckModified, BOOL* pbSettingsModified, BOOL* pbHistoryModified) -{ - char langid[6] = {0}; - if (!bOnlyCheckModified) - EnableHwEncryption ((ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE); - - WipeAlgorithmId savedWipeAlgorithm = TC_WIPE_NONE; - - if (!bOnlyCheckModified) - LoadSysEncSettings (); - - if (!bOnlyCheckModified && LoadNonSysInPlaceEncSettings (&savedWipeAlgorithm) != 0) - bInPlaceEncNonSysPending = TRUE; - - // If the config file has already been loaded during this session - if (ConfigBuffer != NULL) - { - free (ConfigBuffer); - ConfigBuffer = NULL; - } - - // Options - ConfigReadCompareInt ("OpenExplorerWindowAfterMount", FALSE, &bExplore, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("UseDifferentTrayIconIfVolumesMounted", TRUE, &bUseDifferentTrayIconIfVolMounted, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("SaveVolumeHistory", FALSE, &bHistory, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("CachePasswords", FALSE, &bCacheInDriverDefault, bOnlyCheckModified, pbSettingsModified); - if (!bOnlyCheckModified) - bCacheInDriver = bCacheInDriverDefault; - - ConfigReadCompareInt ("CachePasswordDuringMultipleMount", FALSE, &bCacheDuringMultipleMount, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("WipePasswordCacheOnExit", FALSE, &bWipeCacheOnExit, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("WipeCacheOnAutoDismount", TRUE, &bWipeCacheOnAutoDismount, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("IncludePimInCache", FALSE, &bIncludePimInCache, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("TryEmptyPasswordWhenKeyfileUsed",FALSE, &bTryEmptyPasswordWhenKeyfileUsed, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("StartOnLogon", FALSE, &bStartOnLogon, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("MountDevicesOnLogon", FALSE, &bMountDevicesOnLogon, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("MountFavoritesOnLogon", FALSE, &bMountFavoritesOnLogon, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("EnableBackgroundTask", TRUE, &bEnableBkgTask, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("CloseBackgroundTaskOnNoVolumes", FALSE, &bCloseBkgTaskWhenNoVolumes, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("DismountOnLogOff", !(IsServerOS() && IsAdmin()), &bDismountOnLogOff, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("DismountOnSessionLocked", FALSE, &bDismountOnSessionLocked, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("DismountOnPowerSaving", FALSE, &bDismountOnPowerSaving, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("DismountOnScreenSaver", FALSE, &bDismountOnScreenSaver, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("ForceAutoDismount", TRUE, &bForceAutoDismount, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("MaxVolumeIdleTime", -60, &MaxVolumeIdleTime, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("HiddenSectorDetectionStatus", 0, &HiddenSectorDetectionStatus, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("UseKeyfiles", FALSE, &defaultKeyFilesParam.EnableKeyFiles, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("PreserveTimestamps", TRUE, &defaultMountOptions.PreserveTimestamp, bOnlyCheckModified, pbSettingsModified); - if (!bOnlyCheckModified) - bPreserveTimestamp = defaultMountOptions.PreserveTimestamp; - - ConfigReadCompareInt ("ShowDisconnectedNetworkDrives", FALSE, &bShowDisconnectedNetworkDrives, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("HideWaitingDialog", FALSE, &bHideWaitingDialog, bOnlyCheckModified, pbSettingsModified); - - ConfigReadCompareInt ("MountVolumesRemovable", FALSE, &defaultMountOptions.Removable, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("MountVolumesReadOnly", FALSE, &defaultMountOptions.ReadOnly, bOnlyCheckModified, pbSettingsModified); - - if (!bOnlyCheckModified) - { - defaultMountOptions.ProtectHiddenVolume = FALSE; - defaultMountOptions.ProtectedHidVolPkcs5Prf = 0; - defaultMountOptions.ProtectedHidVolPim = 0; - defaultMountOptions.PartitionInInactiveSysEncScope = FALSE; - defaultMountOptions.RecoveryMode = FALSE; - defaultMountOptions.UseBackupHeader = FALSE; - - mountOptions = defaultMountOptions; - } - - ConfigReadCompareInt ("CloseSecurityTokenSessionsAfterMount", 0, &CloseSecurityTokenSessionsAfterMount, bOnlyCheckModified, pbSettingsModified); - - if (IsHiddenOSRunning()) - ConfigReadCompareInt ("HiddenSystemLeakProtNotifStatus", TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_NONE, &HiddenSysLeakProtectionNotificationStatus, bOnlyCheckModified, pbSettingsModified); - - // Drive letter - command line arg overrides registry - if (!bOnlyCheckModified && bHistory && szDriveLetter[0] == 0) - { - char szTmp[3] = {0}; - ConfigReadString ("LastSelectedDrive", "", szTmp, sizeof (szTmp)); - MultiByteToWideChar (CP_UTF8, 0, szTmp, -1, szDriveLetter, ARRAYSIZE (szDriveLetter)); - } - if (bHistory && pbSettingsModified) - { - // only check for last drive modification if history enabled - char szTmp[32] = {0}; - LPARAM lLetter; - lLetter = GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST)); - if (LOWORD (lLetter) != 0xffff) - StringCbPrintfA (szTmp, sizeof(szTmp), "%lc:", (wchar_t) HIWORD (lLetter)); - - ConfigReadCompareString ("LastSelectedDrive", "", szTmp, sizeof (szTmp), bOnlyCheckModified, pbSettingsModified); - } - - { - char szTmp[MAX_PATH]; - WideCharToMultiByte (CP_UTF8, 0, SecurityTokenLibraryPath, -1, szTmp, MAX_PATH, NULL, NULL); - ConfigReadCompareString ("SecurityTokenLibrary", "", szTmp, sizeof (szTmp) - 1, bOnlyCheckModified, pbSettingsModified); - MultiByteToWideChar (CP_UTF8, 0, szTmp, -1, SecurityTokenLibraryPath, ARRAYSIZE (SecurityTokenLibraryPath)); - if (!bOnlyCheckModified && SecurityTokenLibraryPath[0]) - { - InitSecurityTokenLibrary(hwndDlg); - } - } - - // Hotkeys - ConfigReadCompareInt ("PlaySoundOnHotkeyMountDismount", TRUE, &bPlaySoundOnSuccessfulHkDismount, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("DisplayMsgBoxOnHotkeyDismount", TRUE, &bDisplayBalloonOnSuccessfulHkDismount, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyModAutoMountDevices", 0, (int*) &Hotkeys [HK_AUTOMOUNT_DEVICES].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyCodeAutoMountDevices", 0, (int*) &Hotkeys [HK_AUTOMOUNT_DEVICES].vKeyCode, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyModDismountAll", 0, (int*) &Hotkeys [HK_DISMOUNT_ALL].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyCodeDismountAll", 0, (int*) &Hotkeys [HK_DISMOUNT_ALL].vKeyCode, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyModWipeCache", 0, (int*) &Hotkeys [HK_WIPE_CACHE].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyCodeWipeCache", 0, (int*) &Hotkeys [HK_WIPE_CACHE].vKeyCode, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyModDismountAllWipe", 0, (int*) &Hotkeys [HK_DISMOUNT_ALL_AND_WIPE].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyCodeDismountAllWipe", 0, (int*) &Hotkeys [HK_DISMOUNT_ALL_AND_WIPE].vKeyCode, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyModForceDismountAllWipe", 0, (int*) &Hotkeys [HK_FORCE_DISMOUNT_ALL_AND_WIPE].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyCodeForceDismountAllWipe", 0, (int*) &Hotkeys [HK_FORCE_DISMOUNT_ALL_AND_WIPE].vKeyCode, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyModForceDismountAllWipeExit", 0, (int*) &Hotkeys [HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyCodeForceDismountAllWipeExit", 0, (int*) &Hotkeys [HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT].vKeyCode, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyModMountFavoriteVolumes", 0, (int*) &Hotkeys [HK_MOUNT_FAVORITE_VOLUMES].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyCodeMountFavoriteVolumes", 0, (int*) &Hotkeys [HK_MOUNT_FAVORITE_VOLUMES].vKeyCode, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyModShowHideMainWindow", 0, (int*) &Hotkeys [HK_SHOW_HIDE_MAIN_WINDOW].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyCodeShowHideMainWindow", 0, (int*) &Hotkeys [HK_SHOW_HIDE_MAIN_WINDOW].vKeyCode, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyModCloseSecurityTokenSessions", 0, (int*) &Hotkeys [HK_CLOSE_SECURITY_TOKEN_SESSIONS].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("HotkeyCodeCloseSecurityTokenSessions", 0, (int*) &Hotkeys [HK_CLOSE_SECURITY_TOKEN_SESSIONS].vKeyCode, bOnlyCheckModified, pbSettingsModified); - - // History - if (bHistoryCmdLine != TRUE) - { - LoadCombo (GetDlgItem (MainDlg, IDC_VOLUME), bHistory, bOnlyCheckModified, pbHistoryModified); - if (!bOnlyCheckModified && CmdLineVolumeSpecified) - SetWindowText (GetDlgItem (MainDlg, IDC_VOLUME), szFileName); - } - - // Mount Options - ConfigReadCompareInt ("DefaultPRF", 0, &DefaultVolumePkcs5, bOnlyCheckModified, pbSettingsModified); - ConfigReadCompareInt ("DefaultTrueCryptMode", FALSE, &DefaultVolumeTrueCryptMode, bOnlyCheckModified, pbSettingsModified); - - if (bOnlyCheckModified) - { - if (!IsNonInstallMode ()) - { - ConfigReadString ("Language", "", langid, sizeof (langid)); - // when installed, if no preferred language set by user, English is set default - // - if (langid [0] == 0) - StringCbCopyA (langid, sizeof(langid), "en"); - - if (pbSettingsModified && strcmp (langid, GetPreferredLangId ())) - *pbSettingsModified = TRUE; - } - else - { - StringCbCopyA (langid, sizeof(langid), GetPreferredLangId ()); - ConfigReadCompareString ("Language", "", langid, sizeof (langid), TRUE, pbSettingsModified); - } - } - - if (DefaultVolumePkcs5 < 0 || DefaultVolumePkcs5 > LAST_PRF_ID) - DefaultVolumePkcs5 = 0; - if (DefaultVolumeTrueCryptMode != TRUE && DefaultVolumeTrueCryptMode != FALSE) - DefaultVolumeTrueCryptMode = FALSE; - -} - -void LoadSettings ( HWND hwndDlg ) -{ - LoadSettingsAndCheckModified (hwndDlg, FALSE, NULL, NULL); -} - -void SaveSettings (HWND hwndDlg) -{ - WaitCursor (); - - // Check first if modifications ocurred before writing to the settings and history files - // This avoids leaking information about VeraCrypt usage when user only mount volumes without changing setttings or history - BOOL bSettingsChanged = FALSE; - BOOL bHistoryChanged = FALSE; - - LoadSettingsAndCheckModified (hwndDlg, TRUE, &bSettingsChanged, &bHistoryChanged); - - if (bSettingsChanged) - { - char szTmp[32] = {0}; - LPARAM lLetter; - - // Options - ConfigWriteBegin (); - - ConfigWriteInt ("OpenExplorerWindowAfterMount", bExplore); - ConfigWriteInt ("UseDifferentTrayIconIfVolumesMounted", bUseDifferentTrayIconIfVolMounted); - ConfigWriteInt ("SaveVolumeHistory", bHistory); - - ConfigWriteInt ("CachePasswords", bCacheInDriverDefault); - ConfigWriteInt ("CachePasswordDuringMultipleMount", bCacheDuringMultipleMount); - ConfigWriteInt ("WipePasswordCacheOnExit", bWipeCacheOnExit); - ConfigWriteInt ("WipeCacheOnAutoDismount", bWipeCacheOnAutoDismount); - - ConfigWriteInt ("IncludePimInCache", bIncludePimInCache); - - ConfigWriteInt ("TryEmptyPasswordWhenKeyfileUsed", bTryEmptyPasswordWhenKeyfileUsed); - - ConfigWriteInt ("StartOnLogon", bStartOnLogon); - ConfigWriteInt ("MountDevicesOnLogon", bMountDevicesOnLogon); - ConfigWriteInt ("MountFavoritesOnLogon", bMountFavoritesOnLogon); - - ConfigWriteInt ("MountVolumesReadOnly", defaultMountOptions.ReadOnly); - ConfigWriteInt ("MountVolumesRemovable", defaultMountOptions.Removable); - ConfigWriteInt ("PreserveTimestamps", defaultMountOptions.PreserveTimestamp); - ConfigWriteInt ("ShowDisconnectedNetworkDrives",bShowDisconnectedNetworkDrives); - ConfigWriteInt ("HideWaitingDialog", bHideWaitingDialog); - - ConfigWriteInt ("EnableBackgroundTask", bEnableBkgTask); - ConfigWriteInt ("CloseBackgroundTaskOnNoVolumes", bCloseBkgTaskWhenNoVolumes); - - ConfigWriteInt ("DismountOnLogOff", bDismountOnLogOff); - ConfigWriteInt ("DismountOnSessionLocked", bDismountOnSessionLocked); - ConfigWriteInt ("DismountOnPowerSaving", bDismountOnPowerSaving); - ConfigWriteInt ("DismountOnScreenSaver", bDismountOnScreenSaver); - ConfigWriteInt ("ForceAutoDismount", bForceAutoDismount); - ConfigWriteInt ("MaxVolumeIdleTime", MaxVolumeIdleTime); - - ConfigWriteInt ("HiddenSectorDetectionStatus", HiddenSectorDetectionStatus); - - ConfigWriteInt ("UseKeyfiles", defaultKeyFilesParam.EnableKeyFiles); - - if (IsHiddenOSRunning()) - ConfigWriteInt ("HiddenSystemLeakProtNotifStatus", HiddenSysLeakProtectionNotificationStatus); - - // save last selected drive only when history enabled - if (bHistory) - { - // Drive Letter - lLetter = GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST)); - if (LOWORD (lLetter) != 0xffff) - StringCbPrintfA (szTmp, sizeof(szTmp), "%lc:", (wchar_t) HIWORD (lLetter)); - ConfigWriteString ("LastSelectedDrive", szTmp); - } - - ConfigWriteInt ("CloseSecurityTokenSessionsAfterMount", CloseSecurityTokenSessionsAfterMount); - - // Hotkeys - ConfigWriteInt ("HotkeyModAutoMountDevices", Hotkeys[HK_AUTOMOUNT_DEVICES].vKeyModifiers); - ConfigWriteInt ("HotkeyCodeAutoMountDevices", Hotkeys[HK_AUTOMOUNT_DEVICES].vKeyCode); - ConfigWriteInt ("HotkeyModDismountAll", Hotkeys[HK_DISMOUNT_ALL].vKeyModifiers); - ConfigWriteInt ("HotkeyCodeDismountAll", Hotkeys[HK_DISMOUNT_ALL].vKeyCode); - ConfigWriteInt ("HotkeyModWipeCache", Hotkeys[HK_WIPE_CACHE].vKeyModifiers); - ConfigWriteInt ("HotkeyCodeWipeCache", Hotkeys[HK_WIPE_CACHE].vKeyCode); - ConfigWriteInt ("HotkeyModDismountAllWipe", Hotkeys[HK_DISMOUNT_ALL_AND_WIPE].vKeyModifiers); - ConfigWriteInt ("HotkeyCodeDismountAllWipe", Hotkeys[HK_DISMOUNT_ALL_AND_WIPE].vKeyCode); - ConfigWriteInt ("HotkeyModForceDismountAllWipe", Hotkeys[HK_FORCE_DISMOUNT_ALL_AND_WIPE].vKeyModifiers); - ConfigWriteInt ("HotkeyCodeForceDismountAllWipe", Hotkeys[HK_FORCE_DISMOUNT_ALL_AND_WIPE].vKeyCode); - ConfigWriteInt ("HotkeyModForceDismountAllWipeExit", Hotkeys[HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT].vKeyModifiers); - ConfigWriteInt ("HotkeyCodeForceDismountAllWipeExit", Hotkeys[HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT].vKeyCode); - ConfigWriteInt ("HotkeyModMountFavoriteVolumes", Hotkeys[HK_MOUNT_FAVORITE_VOLUMES].vKeyModifiers); - ConfigWriteInt ("HotkeyCodeMountFavoriteVolumes", Hotkeys[HK_MOUNT_FAVORITE_VOLUMES].vKeyCode); - ConfigWriteInt ("HotkeyModShowHideMainWindow", Hotkeys[HK_SHOW_HIDE_MAIN_WINDOW].vKeyModifiers); - ConfigWriteInt ("HotkeyCodeShowHideMainWindow", Hotkeys[HK_SHOW_HIDE_MAIN_WINDOW].vKeyCode); - ConfigWriteInt ("HotkeyModCloseSecurityTokenSessions", Hotkeys[HK_CLOSE_SECURITY_TOKEN_SESSIONS].vKeyModifiers); - ConfigWriteInt ("HotkeyCodeCloseSecurityTokenSessions", Hotkeys[HK_CLOSE_SECURITY_TOKEN_SESSIONS].vKeyCode); - ConfigWriteInt ("PlaySoundOnHotkeyMountDismount", bPlaySoundOnSuccessfulHkDismount); - ConfigWriteInt ("DisplayMsgBoxOnHotkeyDismount", bDisplayBalloonOnSuccessfulHkDismount); - - // Language - ConfigWriteString ("Language", GetPreferredLangId ()); - - // PKCS#11 Library Path - ConfigWriteStringW ("SecurityTokenLibrary", SecurityTokenLibraryPath[0] ? SecurityTokenLibraryPath : L""); - - // Mount Options - ConfigWriteInt ("DefaultPRF", DefaultVolumePkcs5); - ConfigWriteInt ("DefaultTrueCryptMode", DefaultVolumeTrueCryptMode); - - ConfigWriteEnd (hwndDlg); - } - - if (bHistoryChanged) - { - // History - DumpCombo (GetDlgItem (MainDlg, IDC_VOLUME), IsButtonChecked (GetDlgItem (MainDlg, IDC_NO_HISTORY))); - } - - NormalCursor (); -} - -// Returns TRUE if system encryption or decryption had been or is in progress and has not been completed -static BOOL SysEncryptionOrDecryptionRequired (void) -{ - /* If you update this function, revise SysEncryptionOrDecryptionRequired() in Tcformat.c as well. */ - - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - return (SystemEncryptionStatus == SYSENC_STATUS_ENCRYPTING - || SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING - || - ( - BootEncStatus.DriveMounted - && - ( - BootEncStatus.ConfiguredEncryptedAreaStart != BootEncStatus.EncryptedAreaStart - || BootEncStatus.ConfiguredEncryptedAreaEnd != BootEncStatus.EncryptedAreaEnd - ) - ) - ); -} - -// Returns TRUE if the system partition/drive is completely encrypted -static BOOL SysDriveOrPartitionFullyEncrypted (BOOL bSilent) -{ - /* If you update this function, revise SysDriveOrPartitionFullyEncrypted() in Tcformat.c as well. */ - - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - if (!bSilent) - e.Show (MainDlg); - } - - return (!BootEncStatus.SetupInProgress - && BootEncStatus.ConfiguredEncryptedAreaEnd != 0 - && BootEncStatus.ConfiguredEncryptedAreaEnd != -1 - && BootEncStatus.ConfiguredEncryptedAreaStart == BootEncStatus.EncryptedAreaStart - && BootEncStatus.ConfiguredEncryptedAreaEnd == BootEncStatus.EncryptedAreaEnd); -} - -// Returns TRUE if the system partition/drive is being filtered by the TrueCrypt driver and the key data -// was successfully decrypted (the device is fully ready to be encrypted or decrypted). Note that this -// function does not examine whether the system device is encrypted or not (or to what extent). -static BOOL SysEncDeviceActive (BOOL bSilent) -{ - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - if (!bSilent) - e.Show (MainDlg); - - return FALSE; - } - - return (BootEncStatus.DriveMounted); -} - -// Returns TRUE if the entire system drive (as opposed to the system partition only) of the currently running OS is (or is to be) encrypted -BOOL WholeSysDriveEncryption (BOOL bSilent) -{ - try - { - BootEncStatus = BootEncObj->GetStatus(); - - if (BootEncStatus.BootDriveLength.QuadPart < 1) // paranoid check - return FALSE; - else - return (BootEncStatus.ConfiguredEncryptedAreaStart == TC_BOOT_LOADER_AREA_SIZE - && BootEncStatus.ConfiguredEncryptedAreaEnd >= BootEncStatus.BootDriveLength.QuadPart - 1); - } - catch (Exception &e) - { - if (!bSilent) - e.Show (MainDlg); - - return FALSE; - } -} - -// Returns the size of the system drive/partition (if encrypted) in bytes -unsigned __int64 GetSysEncDeviceSize (BOOL bSilent) -{ - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - if (!bSilent) - e.Show (MainDlg); - return 1; - } - - if ( BootEncStatus.ConfiguredEncryptedAreaEnd < 0 - || BootEncStatus.ConfiguredEncryptedAreaStart < 0 - || BootEncStatus.ConfiguredEncryptedAreaEnd < BootEncStatus.ConfiguredEncryptedAreaStart - ) - return 1; // we return 1 to avoid devision by zero - else - return ((unsigned __int64)(BootEncStatus.ConfiguredEncryptedAreaEnd - BootEncStatus.ConfiguredEncryptedAreaStart)) + 1; -} - -// Returns the current size of the encrypted area of the system drive/partition in bytes -unsigned __int64 GetSysEncDeviceEncryptedPartSize (BOOL bSilent) -{ - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - if (!bSilent) - e.Show (MainDlg); - return 0; - } - - if ( BootEncStatus.EncryptedAreaEnd < 0 - || BootEncStatus.EncryptedAreaStart < 0 - || BootEncStatus.EncryptedAreaEnd < BootEncStatus.EncryptedAreaStart - ) - return 0; - else - return ((unsigned __int64)(BootEncStatus.EncryptedAreaEnd - BootEncStatus.EncryptedAreaStart)) + 1; -} - - -static void PopulateSysEncContextMenu (HMENU popup, BOOL bToolsOnly) -{ - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - if (!bToolsOnly && !IsHiddenOSRunning()) - { - if (SysEncryptionOrDecryptionRequired ()) - { - if (!BootEncStatus.SetupInProgress) - AppendMenuW (popup, MF_STRING, IDM_SYSENC_RESUME, GetString ("IDM_SYSENC_RESUME")); - - if (SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING) - AppendMenuW (popup, MF_STRING, IDM_PERMANENTLY_DECRYPT_SYS, GetString ("PERMANENTLY_DECRYPT")); - - AppendMenuW (popup, MF_STRING, IDM_ENCRYPT_SYSTEM_DEVICE, GetString ("ENCRYPT")); - AppendMenu (popup, MF_SEPARATOR, 0, L""); - } - } - - AppendMenuW (popup, MF_STRING, IDM_CHANGE_SYS_PASSWORD, GetString ("IDM_CHANGE_SYS_PASSWORD")); - // AppendMenuW (popup, MF_STRING, IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO, GetString ("IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO")); - - AppendMenu (popup, MF_SEPARATOR, 0, L""); - AppendMenuW (popup, MF_STRING, IDM_SYS_ENC_SETTINGS, GetString ("IDM_SYS_ENC_SETTINGS")); - - if (!IsHiddenOSRunning()) - { - AppendMenu (popup, MF_SEPARATOR, 0, L""); - AppendMenuW (popup, MF_STRING, IDM_CREATE_RESCUE_DISK, GetString ("IDM_CREATE_RESCUE_DISK")); - AppendMenuW (popup, MF_STRING, IDM_VERIFY_RESCUE_DISK, GetString ("IDM_VERIFY_RESCUE_DISK")); - AppendMenuW (popup, MF_STRING, IDM_VERIFY_RESCUE_DISK_ISO, GetString ("IDM_VERIFY_RESCUE_DISK_ISO")); - } - - if (!bToolsOnly) - { - if (SysDriveOrPartitionFullyEncrypted (FALSE) && !IsHiddenOSRunning()) - { - AppendMenu (popup, MF_SEPARATOR, 0, L""); - AppendMenuW (popup, MF_STRING, IDM_PERMANENTLY_DECRYPT_SYS, GetString ("PERMANENTLY_DECRYPT")); - } - AppendMenu (popup, MF_SEPARATOR, 0, L""); - AppendMenuW (popup, MF_STRING, IDM_VOLUME_PROPERTIES, GetString ("IDPM_PROPERTIES")); - } -} - - -// WARNING: This function may take a long time to complete. To prevent data corruption, it MUST be called before -// mounting a partition (as a regular volume) that is within key scope of system encryption. -// Returns TRUE if the partition can be mounted as a partition within key scope of inactive system encryption. -// If devicePath is empty, the currently selected partition in the GUI is checked. -BOOL CheckSysEncMountWithoutPBA (HWND hwndDlg, const wchar_t *devicePath, BOOL quiet) -{ - BOOL tmpbDevice; - wchar_t szDevicePath [TC_MAX_PATH+1]; - wchar_t szDiskFile [TC_MAX_PATH+1]; - - if (wcslen (devicePath) < 2) - { - GetVolumePath (MainDlg, szDevicePath, ARRAYSIZE (szDevicePath)); - CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szDevicePath, &tmpbDevice); - - if (!tmpbDevice) - { - if (!quiet) - Warning ("NO_SYSENC_PARTITION_SELECTED", hwndDlg); - - return FALSE; - } - - if (LOWORD (GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST))) != TC_MLIST_ITEM_FREE) - { - if (!quiet) - Warning ("SELECT_FREE_DRIVE", hwndDlg); - - return FALSE; - } - } - else - StringCbCopyW (szDevicePath, sizeof(szDevicePath), devicePath); - - wchar_t *partionPortion = wcsrchr (szDevicePath, L'\\'); - - if (!partionPortion - || !_wcsicmp (partionPortion, L"\\Partition0")) - { - // Only partitions are supported (not whole drives) - if (!quiet) - Warning ("NO_SYSENC_PARTITION_SELECTED", hwndDlg); - - return FALSE; - } - - try - { - BootEncStatus = BootEncObj->GetStatus(); - - if (BootEncStatus.DriveMounted) - { - int retCode = 0; - int driveNo; - wchar_t parentDrivePath [TC_MAX_PATH+1]; - - if (swscanf (szDevicePath, L"\\Device\\Harddisk%d\\Partition", &driveNo) != 1) - { - if (!quiet) - Error ("INVALID_PATH", hwndDlg); - - return FALSE; - } - - StringCbPrintfW (parentDrivePath, - sizeof (parentDrivePath), - L"\\Device\\Harddisk%d\\Partition0", - driveNo); - - WaitCursor (); - - // This is critical (re-mounting a mounted system volume as a normal volume could cause data corruption) - // so we force the slower but reliable method - retCode = IsSystemDevicePath (parentDrivePath, MainDlg, TRUE); - - NormalCursor(); - - if (retCode != 2) - return TRUE; - else - { - // The partition is located on active system drive - - if (!quiet) - Warning ("MOUNT_WITHOUT_PBA_VOL_ON_ACTIVE_SYSENC_DRIVE", hwndDlg); - - return FALSE; - } - } - else - return TRUE; - } - catch (Exception &e) - { - NormalCursor(); - e.Show (hwndDlg); - } - - return FALSE; -} - - -// Returns TRUE if the host drive of the specified partition contains a portion of the TrueCrypt Boot Loader -// and if the drive is not within key scope of active system encryption (e.g. the system drive of the running OS). -// If bPrebootPasswordDlgMode is TRUE, this function returns FALSE (because the check would be redundant). -BOOL TCBootLoaderOnInactiveSysEncDrive (wchar_t *szDevicePath) -{ - try - { - int driveNo; - wchar_t parentDrivePath [TC_MAX_PATH+1]; - - if (bPrebootPasswordDlgMode) - return FALSE; - - - if (swscanf (szDevicePath, L"\\Device\\Harddisk%d\\Partition", &driveNo) != 1) - return FALSE; - - StringCbPrintfW (parentDrivePath, - sizeof (parentDrivePath), - L"\\Device\\Harddisk%d\\Partition0", - driveNo); - - BootEncStatus = BootEncObj->GetStatus(); - - if (BootEncStatus.DriveMounted - && IsSystemDevicePath (parentDrivePath, MainDlg, FALSE) == 2) - { - // The partition is within key scope of active system encryption - return FALSE; - } - - return ((BOOL) BootEncObj->IsBootLoaderOnDrive (parentDrivePath)); - } - catch (...) - { - return FALSE; - } - -} - - -BOOL SelectItem (HWND hTree, wchar_t nLetter) -{ - if (nLetter == 0) - { - // The caller specified an invalid drive letter (typically because it is unknown). - // Find out which drive letter is currently selected in the list and use it. - nLetter = (wchar_t) (HIWORD (GetSelectedLong (hTree))); - } - - int i; - LVITEM item; - - for (i = 0; i < ListView_GetItemCount(hTree); i++) - { - memset(&item, 0, sizeof(LVITEM)); - item.mask = LVIF_PARAM; - item.iItem = i; - - if (ListView_GetItem (hTree, &item) == FALSE) - return FALSE; - else - { - if (HIWORD (item.lParam) == nLetter) - { - memset(&item, 0, sizeof(LVITEM)); - item.state = LVIS_FOCUSED|LVIS_SELECTED; - item.stateMask = LVIS_FOCUSED|LVIS_SELECTED; - item.mask = LVIF_STATE; - item.iItem = i; - SendMessage(hTree, LVM_SETITEMSTATE, i, (LPARAM) &item); - return TRUE; - } - } - } - - return TRUE; -} - - -static void LaunchVolCreationWizard (HWND hwndDlg, const wchar_t *arg) -{ - wchar_t t[TC_MAX_PATH + 1024] = {L'"',0}; - wchar_t *tmp; - - GetModuleFileName (NULL, t+1, ARRAYSIZE(t)-1); - - tmp = wcsrchr (t, L'\\'); - if (tmp) - { - STARTUPINFO si; - PROCESS_INFORMATION pi; - wchar_t formatExeName[64]; - wchar_t* suffix = NULL; - ZeroMemory (&si, sizeof (si)); - - StringCbCopyW (formatExeName, sizeof (formatExeName), L"\\VeraCrypt Format"); - - // check if there is a suffix in VeraCrypt file name - // in order to use the same for "VeraCrypt Format" - suffix = wcsrchr (tmp + 1, L'-'); - if (suffix) - { - StringCbCatW (formatExeName, sizeof (formatExeName), suffix); - StringCbCatW (formatExeName, sizeof (formatExeName), L"\""); - } - else - StringCbCatW (formatExeName, sizeof (formatExeName), L".exe\""); - - *tmp = 0; - StringCbCatW (t, sizeof(t), formatExeName); - - if (!FileExists(t)) - Error ("VOL_CREATION_WIZARD_NOT_FOUND", hwndDlg); // Display a user-friendly error message and advise what to do - - if (wcslen (arg) > 0) - { - StringCbCatW (t, sizeof(t), L" "); - StringCbCatW (t, sizeof(t), arg); - } - - if (!CreateProcess (NULL, (LPWSTR) t, NULL, NULL, FALSE, NORMAL_PRIORITY_CLASS, NULL, NULL, &si, &pi)) - { - handleWin32Error (hwndDlg, SRC_POS); - } - else - { - CloseHandle (pi.hProcess); - CloseHandle (pi.hThread); - } - } -} - -static void LaunchVolExpander (HWND hwndDlg) -{ - wchar_t t[TC_MAX_PATH + TC_MAX_PATH] = {L'"',0}; - wchar_t *tmp; - - GetModuleFileName (NULL, t+1, ARRAYSIZE(t)-1); - - tmp = wcsrchr (t, L'\\'); - if (tmp) - { - wchar_t expanderExeName[64]; - wchar_t* suffix = NULL; - - StringCbCopyW (expanderExeName, sizeof (expanderExeName), L"\\VeraCryptExpander"); - - // check if there is a suffix in VeraCrypt file name - // in order to use the same for "VeraCrypt Format" - suffix = wcsrchr (tmp + 1, L'-'); - if (suffix) - { - StringCbCatW (expanderExeName, sizeof (expanderExeName), suffix); - StringCbCatW (expanderExeName, sizeof (expanderExeName), L"\""); - } - else - StringCbCatW (expanderExeName, sizeof (expanderExeName), L".exe\""); - - *tmp = 0; - StringCbCatW (t, sizeof(t), expanderExeName); - - if (!FileExists(t)) - Error ("VOL_EXPANDER_NOT_FOUND", hwndDlg); // Display a user-friendly error message and advise what to do - else if (((int)ShellExecuteW (NULL, (!IsAdmin() && IsUacSupported()) ? L"runas" : L"open", t, NULL, NULL, SW_SHOW)) <= 32) - { - handleWin32Error (hwndDlg, SRC_POS); - } - } -} - - -// Fills drive list -// drive>0 = update only the corresponding drive subitems -void LoadDriveLetters (HWND hwndDlg, HWND hTree, int drive) -{ - // Remember the top-most visible item - int lastTopMostVisibleItem = ListView_GetTopIndex (hTree); - - wchar_t *szDriveLetters[]= - {L"A:", L"B:", L"C:", L"D:", - L"E:", L"F:", L"G:", L"H:", L"I:", L"J:", L"K:", - L"L:", L"M:", L"N:", L"O:", L"P:", L"Q:", L"R:", - L"S:", L"T:", L"U:", L"V:", L"W:", L"X:", L"Y:", - L"Z:"}; - - DWORD dwResult; - BOOL bResult; - DWORD dwUsedDrives; - MOUNT_LIST_STRUCT driver; - VOLUME_PROPERTIES_STRUCT propSysEnc; - wchar_t sysDriveLetter = 0; - - BOOL bSysEnc = FALSE; - BOOL bWholeSysDriveEncryption = FALSE; - - LVITEM listItem; - int item = 0; - char i; - - try - { - BootEncStatus = BootEncObj->GetStatus(); - if (bSysEnc = BootEncStatus.DriveMounted) - { - BootEncObj->GetVolumeProperties (&propSysEnc); - } - } - catch (...) - { - bSysEnc = FALSE; - } - - ZeroMemory (&driver, sizeof (driver)); - bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &driver, - sizeof (driver), &driver, sizeof (driver), &dwResult, - NULL); - memcpy (&LastKnownMountList, &driver, sizeof (driver)); - - if (bResult == FALSE) - { - KillTimer (MainDlg, TIMER_ID_MAIN); - handleWin32Error (hTree, SRC_POS); - AbortProcessSilent(); - } - - LastKnownLogicalDrives = dwUsedDrives = GetUsedLogicalDrives (); - if (dwUsedDrives == 0) - Warning ("DRIVELETTERS", hwndDlg); - - if(drive == 0) - ListView_DeleteAllItems(hTree); - - if (bSysEnc) - { - bWholeSysDriveEncryption = WholeSysDriveEncryption (TRUE); - - sysDriveLetter = GetSystemDriveLetter (); - } - - /* System drive */ - - if (bWholeSysDriveEncryption) - { - int curDrive = 0; - - if (drive > 0) - { - LVITEM tmp; - memset(&tmp, 0, sizeof(LVITEM)); - tmp.mask = LVIF_PARAM; - tmp.iItem = item; - if (ListView_GetItem (hTree, &tmp)) - curDrive = HIWORD(tmp.lParam); - } - - { - wchar_t szTmp[1024]; - wchar_t szTmpW[1024]; - - memset(&listItem, 0, sizeof(listItem)); - - listItem.mask = LVIF_TEXT | LVIF_IMAGE | LVIF_PARAM; - listItem.iImage = 2; - listItem.iItem = item++; - - listItem.pszText = szTmp; - szTmp[0] = L' '; - szTmp[1] = 0; - - listItem.lParam = MAKELONG (TC_MLIST_ITEM_SYS_DRIVE, ENC_SYSDRIVE_PSEUDO_DRIVE_LETTER); - - if(drive == 0) - ListView_InsertItem (hTree, &listItem); - else - ListView_SetItem (hTree, &listItem); - - listItem.mask=LVIF_TEXT; - - // Fully encrypted - if (SysDriveOrPartitionFullyEncrypted (TRUE)) - { - StringCbCopyW (szTmpW, sizeof(szTmpW), GetString ("SYSTEM_DRIVE")); - } - else - { - // Partially encrypted - - if (BootEncStatus.SetupInProgress) - { - // Currently encrypting/decrypting - - if (BootEncStatus.SetupMode != SetupDecryption) - { - StringCbPrintfW (szTmpW, - sizeof szTmpW, - GetString ("SYSTEM_DRIVE_ENCRYPTING"), - (double) GetSysEncDeviceEncryptedPartSize (TRUE) / (double) GetSysEncDeviceSize (TRUE) * 100.0); - } - else - { - StringCbPrintfW (szTmpW, - sizeof szTmpW, - GetString ("SYSTEM_DRIVE_DECRYPTING"), - 100.0 - ((double) GetSysEncDeviceEncryptedPartSize (TRUE) / (double) GetSysEncDeviceSize (TRUE) * 100.0)); - } - } - else - { - StringCbPrintfW (szTmpW, - sizeof szTmpW, - GetString ("SYSTEM_DRIVE_PARTIALLY_ENCRYPTED"), - (double) GetSysEncDeviceEncryptedPartSize (TRUE) / (double) GetSysEncDeviceSize (TRUE) * 100.0); - } - } - - ListSubItemSet (hTree, listItem.iItem, 1, szTmpW); - - GetSizeString (GetSysEncDeviceSize(TRUE), szTmpW, sizeof(szTmpW)); - ListSubItemSet (hTree, listItem.iItem, 2, szTmpW); - - if (propSysEnc.ea >= EAGetFirst() && propSysEnc.ea <= EAGetCount()) - { - EAGetName (szTmp, propSysEnc.ea, 1); - } - else - { - szTmp[0] = L'?'; - szTmp[1] = 0; - } - listItem.iSubItem = 3; - ListView_SetItem (hTree, &listItem); - - ListSubItemSet (hTree, listItem.iItem, 4, GetString (IsHiddenOSRunning() ? "HIDDEN" : "SYSTEM_VOLUME_TYPE_ADJECTIVE")); - } - } - - /* Drive letters */ - - for (i = 0; i < 26; i++) - { - int curDrive = 0; - - BOOL bSysEncPartition = (bSysEnc && !bWholeSysDriveEncryption && sysDriveLetter == *((wchar_t *) szDriveLetters[i])); - - if (drive > 0) - { - LVITEM tmp; - memset(&tmp, 0, sizeof(LVITEM)); - tmp.mask = LVIF_PARAM; - tmp.iItem = item; - if (ListView_GetItem (hTree, &tmp)) - curDrive = HIWORD(tmp.lParam); - } - - if (driver.ulMountedDrives & (1 << i) - || bSysEncPartition) - { - wchar_t szTmp[1024]; - wchar_t szTmpW[1024]; - wchar_t *ws; - - memset(&listItem, 0, sizeof(listItem)); - - listItem.mask = LVIF_TEXT | LVIF_IMAGE | LVIF_PARAM; - listItem.iImage = bSysEncPartition ? 2 : 1; - listItem.iItem = item++; - - if (drive > 0 && drive != curDrive) - continue; - - listItem.lParam = MAKELONG ( - bSysEncPartition ? TC_MLIST_ITEM_SYS_PARTITION : TC_MLIST_ITEM_NONSYS_VOL, - i + L'A'); - - listItem.pszText = szDriveLetters[i]; - - if (drive == 0) - ListView_InsertItem (hTree, &listItem); - else - ListView_SetItem (hTree, &listItem); - - listItem.mask=LVIF_TEXT; - listItem.pszText = szTmp; - - if (bSysEncPartition) - { - // Fully encrypted - if (SysDriveOrPartitionFullyEncrypted (TRUE)) - { - StringCbCopyW (szTmpW, sizeof(szTmpW), GetString (IsHiddenOSRunning() ? "HIDDEN_SYSTEM_PARTITION" : "SYSTEM_PARTITION")); - } - else - { - // Partially encrypted - - if (BootEncStatus.SetupInProgress) - { - // Currently encrypting/decrypting - - if (BootEncStatus.SetupMode != SetupDecryption) - { - StringCbPrintfW (szTmpW, - sizeof szTmpW, - GetString ("SYSTEM_PARTITION_ENCRYPTING"), - (double) GetSysEncDeviceEncryptedPartSize (TRUE) / (double) GetSysEncDeviceSize (TRUE) * 100.0); - } - else - { - StringCbPrintfW (szTmpW, - sizeof szTmpW, - GetString ("SYSTEM_PARTITION_DECRYPTING"), - 100.0 - ((double) GetSysEncDeviceEncryptedPartSize (TRUE) / (double) GetSysEncDeviceSize (TRUE) * 100.0)); - } - } - else - { - StringCbPrintfW (szTmpW, - sizeof szTmpW, - GetString ("SYSTEM_PARTITION_PARTIALLY_ENCRYPTED"), - (double) GetSysEncDeviceEncryptedPartSize (TRUE) / (double) GetSysEncDeviceSize (TRUE) * 100.0); - } - } - - ListSubItemSet (hTree, listItem.iItem, 1, szTmpW); - } - else - { - wchar_t *path = driver.wszVolume[i]; - - if (wmemcmp (path, L"\\??\\", 4) == 0) - path += 4; - - listItem.iSubItem = 1; - - // first check label used for mounting. If empty, look for it in favorites. - bool useInExplorer = false; - wstring label = (wchar_t *) driver.wszLabel[i]; - if (label.empty()) - label = GetFavoriteVolumeLabel (path, useInExplorer); - if (!label.empty()) - ListSubItemSet (hTree, listItem.iItem, 1, (wchar_t *) label.c_str()); - else - ListSubItemSet (hTree, listItem.iItem, 1, (wchar_t *) FitPathInGfxWidth (hTree, hUserFont, ListView_GetColumnWidth (hTree, 1) - GetTextGfxWidth (hTree, L"___", hUserFont), path).c_str()); - } - - GetSizeString (bSysEncPartition ? GetSysEncDeviceSize(TRUE) : driver.diskLength[i], szTmpW, sizeof(szTmpW)); - ListSubItemSet (hTree, listItem.iItem, 2, szTmpW); - - EAGetName (szTmp, bSysEncPartition ? propSysEnc.ea : driver.ea[i], 1); - listItem.iSubItem = 3; - ListView_SetItem (hTree, &listItem); - - if (bSysEncPartition) - { - ws = GetString (IsHiddenOSRunning() ? "HIDDEN" : "SYSTEM_VOLUME_TYPE_ADJECTIVE"); - VolumeNotificationsList.bHidVolDamagePrevReported[i] = FALSE; - ListSubItemSet (hTree, listItem.iItem, 4, ws); - } - else - { - switch (driver.volumeType[i]) - { - case PROP_VOL_TYPE_NORMAL: - ws = GetString ("NORMAL"); - break; - case PROP_VOL_TYPE_HIDDEN: - ws = GetString ("HIDDEN"); - break; - case PROP_VOL_TYPE_OUTER: - ws = GetString ("OUTER"); // Normal/outer volume (hidden volume protected) - break; - case PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED: - ws = GetString ("OUTER_VOL_WRITE_PREVENTED"); // Normal/outer volume (hidden volume protected AND write denied) - break; - default: - ws = L"?"; - } - - if (driver.truecryptMode[i]) - { - StringCbPrintfW (szTmpW, sizeof(szTmpW), L"TrueCrypt-%s", ws); - ListSubItemSet (hTree, listItem.iItem, 4, szTmpW); - } - else - ListSubItemSet (hTree, listItem.iItem, 4, ws); - - if (driver.volumeType[i] == PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED) // Normal/outer volume (hidden volume protected AND write denied) - { - if (!VolumeNotificationsList.bHidVolDamagePrevReported[i]) - { - wchar_t szTmp[4096]; - - VolumeNotificationsList.bHidVolDamagePrevReported[i] = TRUE; - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("DAMAGE_TO_HIDDEN_VOLUME_PREVENTED"), i+L'A'); - SetForegroundWindow (GetParent(hTree)); - MessageBoxW (GetParent(hTree), szTmp, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); - } - } - else - { - VolumeNotificationsList.bHidVolDamagePrevReported[i] = FALSE; - } - } - } - else - { - VolumeNotificationsList.bHidVolDamagePrevReported[i] = FALSE; - - if (!(dwUsedDrives & 1 << i)) - { - if(drive > 0 && drive != HIWORD (GetSelectedLong (hTree))) - { - item++; - continue; - } - - memset(&listItem,0,sizeof(listItem)); - - listItem.mask = LVIF_TEXT | LVIF_IMAGE | LVIF_PARAM; - listItem.iImage = 0; - listItem.iItem = item++; - listItem.pszText = szDriveLetters[i]; - listItem.lParam = MAKELONG (TC_MLIST_ITEM_FREE, i + 'A'); - - if(drive == 0) - ListView_InsertItem (hTree, &listItem); - else - ListView_SetItem (hTree, &listItem); - - listItem.mask=LVIF_TEXT; - listItem.pszText = L""; - listItem.iSubItem = 1; - ListView_SetItem (hTree, &listItem); - listItem.iSubItem = 2; - ListView_SetItem (hTree, &listItem); - listItem.iSubItem = 3; - ListView_SetItem (hTree, &listItem); - listItem.iSubItem = 4; - ListView_SetItem (hTree, &listItem); - - } - } - } - - // Restore the original scroll position (the topmost item that was visible when we were called) and the - // last selected item. - SetListScrollHPos (hTree, lastTopMostVisibleItem); - SelectItem (hTree, 0); -} - -static void PasswordChangeEnable (HWND hwndDlg, int button, int passwordId, BOOL keyFilesEnabled, - int newPasswordId, int newVerifyId, BOOL newKeyFilesEnabled) -{ - char password[MAX_PASSWORD + 1]; - char newPassword[MAX_PASSWORD + 1]; - char newVerify[MAX_PASSWORD + 1]; - wchar_t tmp[MAX_PASSWORD + 1]; - BOOL bEnable = TRUE; - int passwordUtf8Len, newPasswordUtf8Len, newVerifyUtf8Len; - - GetWindowText (GetDlgItem (hwndDlg, passwordId), tmp, ARRAYSIZE (tmp)); - passwordUtf8Len = WideCharToMultiByte (CP_UTF8, 0, tmp, -1, password, sizeof (password), NULL, NULL); - - if (pwdChangeDlgMode == PCDM_CHANGE_PKCS5_PRF) - newKeyFilesEnabled = keyFilesEnabled; - - switch (pwdChangeDlgMode) - { - case PCDM_REMOVE_ALL_KEYFILES_FROM_VOL: - case PCDM_ADD_REMOVE_VOL_KEYFILES: - case PCDM_CHANGE_PKCS5_PRF: - memcpy (newPassword, password, sizeof (newPassword)); - memcpy (newVerify, password, sizeof (newVerify)); - newPasswordUtf8Len = passwordUtf8Len; - newVerifyUtf8Len = passwordUtf8Len; - break; - - default: - GetWindowText (GetDlgItem (hwndDlg, newPasswordId), tmp, ARRAYSIZE (tmp)); - newPasswordUtf8Len = WideCharToMultiByte (CP_UTF8, 0, tmp, -1, newPassword, sizeof (newPassword), NULL, NULL); - GetWindowText (GetDlgItem (hwndDlg, newVerifyId), tmp, ARRAYSIZE (tmp)); - newVerifyUtf8Len = WideCharToMultiByte (CP_UTF8, 0, tmp, -1, newVerify, sizeof (newVerify), NULL, NULL); - - } - - if (passwordUtf8Len <= 0 || (!keyFilesEnabled && ((passwordUtf8Len - 1) < MIN_PASSWORD))) - bEnable = FALSE; - else if (strcmp (newPassword, newVerify) != 0) - bEnable = FALSE; - else if ((newPasswordUtf8Len <= 0) || (!newKeyFilesEnabled && ((newPasswordUtf8Len - 1) < MIN_PASSWORD))) - bEnable = FALSE; - - burn (password, sizeof (password)); - burn (newPassword, sizeof (newPassword)); - burn (newVerify, sizeof (newVerify)); - burn (tmp, sizeof (tmp)); - - EnableWindow (GetDlgItem (hwndDlg, button), bEnable); -} - -// implementation for support of change password operation in wait dialog mechanism - -typedef struct -{ - Password *oldPassword; - int old_pkcs5; - int old_pim; - Password *newPassword; - int pkcs5; - int pim; - int wipePassCount; - BOOL truecryptMode; - int* pnStatus; -} ChangePwdThreadParam; - -void CALLBACK ChangePwdWaitThreadProc(void* pArg, HWND hwndDlg) -{ - ChangePwdThreadParam* pThreadParam = (ChangePwdThreadParam*) pArg; - - if (bSysEncPwdChangeDlgMode) - { - // System - - try - { - VOLUME_PROPERTIES_STRUCT properties; - BootEncObj->GetVolumeProperties(&properties); - pThreadParam->old_pkcs5 = properties.pkcs5; - } - catch(...) - {} - - pThreadParam->pkcs5 = 0; // PKCS-5 PRF unchanged (currently we can't change PRF of system encryption) - - try - { - *pThreadParam->pnStatus = BootEncObj->ChangePassword (pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pim, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pim, pThreadParam->wipePassCount, hwndDlg); - } - catch (Exception &e) - { - e.Show (hwndDlg); - *(pThreadParam->pnStatus) = ERR_OS_ERROR; - } - } - else - { - // Non-system - - *pThreadParam->pnStatus = ChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pim, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pim, pThreadParam->wipePassCount, hwndDlg); - - if (*pThreadParam->pnStatus == ERR_OS_ERROR - && GetLastError () == ERROR_ACCESS_DENIED - && IsUacSupported () - && IsVolumeDeviceHosted (szFileName)) - { - *pThreadParam->pnStatus = UacChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pim, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pim, pThreadParam->wipePassCount, hwndDlg); - } - } -} - -// implementation for support of backup header operation in wait dialog mechanism - -typedef struct -{ - BOOL bRequireConfirmation; - wchar_t *lpszVolume; - size_t cchVolume; - int* iResult; -} BackupHeaderThreadParam; - -void CALLBACK BackupHeaderWaitThreadProc(void* pArg, HWND hwndDlg) -{ - BackupHeaderThreadParam* pThreadParam = (BackupHeaderThreadParam*) pArg; - - if (TranslateVolumeID (hwndDlg, pThreadParam->lpszVolume, pThreadParam->cchVolume)) - { - if (!IsAdmin () && IsUacSupported () && IsVolumeDeviceHosted (pThreadParam->lpszVolume)) - *(pThreadParam->iResult) = UacBackupVolumeHeader (hwndDlg, pThreadParam->bRequireConfirmation, pThreadParam->lpszVolume); - else - *(pThreadParam->iResult) = BackupVolumeHeader (hwndDlg, pThreadParam->bRequireConfirmation, pThreadParam->lpszVolume); - } - else - *(pThreadParam->iResult) = ERR_OS_ERROR; -} - -// implementation for support of restoring header operation in wait dialog mechanism - -typedef struct -{ - wchar_t *lpszVolume; - size_t cchVolume; - int* iResult; -} RestoreHeaderThreadParam; - -void CALLBACK RestoreHeaderWaitThreadProc(void* pArg, HWND hwndDlg) -{ - RestoreHeaderThreadParam* pThreadParam = (RestoreHeaderThreadParam*) pArg; - - if (TranslateVolumeID (hwndDlg, pThreadParam->lpszVolume, pThreadParam->cchVolume)) - { - if (!IsAdmin () && IsUacSupported () && IsVolumeDeviceHosted (pThreadParam->lpszVolume)) - *(pThreadParam->iResult) = UacRestoreVolumeHeader (hwndDlg, pThreadParam->lpszVolume); - else - *(pThreadParam->iResult) = RestoreVolumeHeader (hwndDlg, pThreadParam->lpszVolume); - } - else - *(pThreadParam->iResult) = ERR_OS_ERROR; -} - -/* Except in response to the WM_INITDIALOG message, the dialog box procedure - should return nonzero if it processes the message, and zero if it does - not. - see DialogProc */ -BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - static KeyFilesDlgParam newKeyFilesParam; - static BOOL PimValueChangedWarning = FALSE; - static int* NewPimValuePtr = NULL; - - WORD lw = LOWORD (wParam); - WORD hw = HIWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - LPARAM nIndex, nSelectedIndex = 0; - HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID); - int i; - WipeAlgorithmId headerWipeMode = TC_WIPE_3_DOD_5220; - int EffectiveVolumePkcs5 = CmdVolumePkcs5; - BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode; - int EffectiveVolumePim = CmdVolumePim; - - /* Priority is given to command line parameters - * Default values used only when nothing specified in command line - */ - if (EffectiveVolumePkcs5 == 0) - EffectiveVolumePkcs5 = DefaultVolumePkcs5; - if (!EffectiveVolumeTrueCryptMode) - EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode; - - NewPimValuePtr = (int*) lParam; - - PimValueChangedWarning = FALSE; - - ZeroMemory (&newKeyFilesParam, sizeof (newKeyFilesParam)); - if (NewPimValuePtr) - { - /* we are in the case of a volume. Store its name to use it in the key file dialog - * this will help avoid using the current container file as a key file - */ - StringCbCopyW (newKeyFilesParam.VolumeFileName, sizeof (newKeyFilesParam.VolumeFileName), szFileName); - } - - SetWindowTextW (hwndDlg, GetString ("IDD_PASSWORDCHANGE_DLG")); - LocalizeDialog (hwndDlg, "IDD_PASSWORDCHANGE_DLG"); - - SendMessage (GetDlgItem (hwndDlg, IDC_OLD_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_VERIFY), EM_LIMITTEXT, MAX_PASSWORD, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_OLD_PIM), EM_LIMITTEXT, MAX_PIM, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_PIM), EM_LIMITTEXT, MAX_PIM, 0); - EnableWindow (GetDlgItem (hwndDlg, IDOK), FALSE); - - SetCheckBox (hwndDlg, IDC_ENABLE_KEYFILES, KeyFilesEnable); - EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), TRUE); - - /* Add PRF algorithm list for current password */ - SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); - - nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); - - for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) - { - nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); - if (i == EffectiveVolumePkcs5) - { - nSelectedIndex = nIndex; - } - } - - SendMessage (hComboBox, CB_SETCURSEL, nSelectedIndex, 0); - - /* check TrueCrypt Mode if it was set as default*/ - SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, EffectiveVolumeTrueCryptMode); - - /* set default PIM if set in the command line*/ - if (EffectiveVolumePim > 0) - { - SetCheckBox (hwndDlg, IDC_PIM_ENABLE, TRUE); - ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDT_OLD_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_OLD_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_OLD_PIM_HELP), SW_SHOW); - SetPim (hwndDlg, IDC_OLD_PIM, EffectiveVolumePim); - } - - /* Add PRF algorithm list for new password */ - hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); - SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); - - nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("UNCHANGED")); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); - - for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) - { - if (!HashIsDeprecated (i)) - { - nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); - } - } - - SendMessage (hComboBox, CB_SETCURSEL, 0, 0); - - PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, FALSE, TRUE); - SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &headerWipeMode); - - switch (pwdChangeDlgMode) - { - case PCDM_CHANGE_PKCS5_PRF: - SetWindowTextW (hwndDlg, GetString ("IDD_PCDM_CHANGE_PKCS5_PRF")); - LocalizeDialog (hwndDlg, "IDD_PCDM_CHANGE_PKCS5_PRF"); - EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_PIM_ENABLE), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE); - break; - - case PCDM_ADD_REMOVE_VOL_KEYFILES: - SetWindowTextW (hwndDlg, GetString ("IDD_PCDM_ADD_REMOVE_VOL_KEYFILES")); - LocalizeDialog (hwndDlg, "IDD_PCDM_ADD_REMOVE_VOL_KEYFILES"); - newKeyFilesParam.EnableKeyFiles = TRUE; - EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_PIM_ENABLE), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PKCS5_PRF), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), FALSE); - break; - - case PCDM_REMOVE_ALL_KEYFILES_FROM_VOL: - newKeyFilesParam.EnableKeyFiles = FALSE; - SetWindowTextW (hwndDlg, GetString ("IDD_PCDM_REMOVE_ALL_KEYFILES_FROM_VOL")); - LocalizeDialog (hwndDlg, "IDD_PCDM_REMOVE_ALL_KEYFILES_FROM_VOL"); - KeyFilesEnable = TRUE; - SetCheckBox (hwndDlg, IDC_ENABLE_KEYFILES, TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_KEYFILES), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_PIM_ENABLE), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PKCS5_PRF), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), FALSE); - break; - - case PCDM_CHANGE_PASSWORD: - default: - // NOP - break; - }; - - if (bSysEncPwdChangeDlgMode) - { - /* No support for changing the password of TrueCrypt system partition */ - SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE); - - ToBootPwdField (hwndDlg, IDC_PASSWORD); - ToBootPwdField (hwndDlg, IDC_VERIFY); - ToBootPwdField (hwndDlg, IDC_OLD_PASSWORD); - - if ((DWORD) GetKeyboardLayout (NULL) != 0x00000409 && (DWORD) GetKeyboardLayout (NULL) != 0x04090409) - { - DWORD keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); - - if (keybLayout != 0x00000409 && keybLayout != 0x04090409) - { - Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 0; - } - - bKeyboardLayoutChanged = TRUE; - } - - - /* for system encryption, we can't change the PRF */ - EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PKCS5_PRF), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), FALSE); - - if (SetTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0) - { - Error ("CANNOT_SET_TIMER", hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 0; - } - - newKeyFilesParam.EnableKeyFiles = FALSE; - KeyFilesEnable = FALSE; - SetCheckBox (hwndDlg, IDC_ENABLE_KEYFILES, FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_KEYFILES), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE); - } - - CheckCapsLock (hwndDlg, FALSE); - - return 0; - } - - case WM_TIMER: - switch (wParam) - { - case TIMER_ID_KEYB_LAYOUT_GUARD: - if (bSysEncPwdChangeDlgMode) - { - DWORD keybLayout = (DWORD) GetKeyboardLayout (NULL); - - /* Watch the keyboard layout */ - - if (keybLayout != 0x00000409 && keybLayout != 0x04090409) - { - // Keyboard layout is not standard US - - // Attempt to wipe passwords stored in the input field buffers - wchar_t tmp[MAX_PASSWORD+1]; - wmemset (tmp, L'X', MAX_PASSWORD); - tmp [MAX_PASSWORD] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_OLD_PASSWORD), tmp); - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); - SetWindowText (GetDlgItem (hwndDlg, IDC_VERIFY), tmp); - - SetWindowText (GetDlgItem (hwndDlg, IDC_OLD_PASSWORD), L""); - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), L""); - SetWindowText (GetDlgItem (hwndDlg, IDC_VERIFY), L""); - - keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); - - if (keybLayout != 0x00000409 && keybLayout != 0x04090409) - { - KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); - Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - bKeyboardLayoutChanged = TRUE; - - wchar_t szTmp [4096]; - StringCbCopyW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_CHANGE_PREVENTED")); - StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); - StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION")); - MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); - } - - - /* Watch the right Alt key (which is used to enter various characters on non-US keyboards) */ - - if (bKeyboardLayoutChanged && !bKeybLayoutAltKeyWarningShown) - { - if (GetAsyncKeyState (VK_RMENU) < 0) - { - bKeybLayoutAltKeyWarningShown = TRUE; - - wchar_t szTmp [4096]; - StringCbCopyW (szTmp, sizeof(szTmp), GetString ("ALT_KEY_CHARS_NOT_FOR_SYS_ENCRYPTION")); - StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); - StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION")); - MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONINFORMATION | MB_SETFOREGROUND | MB_TOPMOST); - } - } - } - return 1; - } - return 0; - - case WM_CTLCOLORSTATIC: - { - if (PimValueChangedWarning && ((HWND)lParam == GetDlgItem(hwndDlg, IDC_PIM_HELP)) ) - { - // we're about to draw the static - // set the text colour in (HDC)lParam - SetBkMode((HDC)wParam,TRANSPARENT); - SetTextColor((HDC)wParam, RGB(255,0,0)); - // NOTE: per documentation as pointed out by selbie, GetSolidBrush would leak a GDI handle. - return (BOOL)GetSysColorBrush(COLOR_MENU); - } - } - return 0; - - case WM_COMMAND: - if (lw == IDCANCEL) - { - // Attempt to wipe passwords stored in the input field buffers - wchar_t tmp[MAX_PASSWORD+1]; - wmemset (tmp, L'X', MAX_PASSWORD); - tmp[MAX_PASSWORD] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); - SetWindowText (GetDlgItem (hwndDlg, IDC_OLD_PASSWORD), tmp); - SetWindowText (GetDlgItem (hwndDlg, IDC_VERIFY), tmp); - RestoreDefaultKeyFilesParam (); - - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - if (hw == EN_CHANGE) - { - PasswordChangeEnable (hwndDlg, IDOK, - IDC_OLD_PASSWORD, - KeyFilesEnable && FirstKeyFile != NULL, - IDC_PASSWORD, IDC_VERIFY, - newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL); - - if ((lw == IDC_OLD_PIM) && IsWindowEnabled (GetDlgItem (hwndDlg, IDC_PIM))) - { - wchar_t tmp[MAX_PIM+1] = {0}; - GetDlgItemText (hwndDlg, IDC_OLD_PIM, tmp, MAX_PIM + 1); - SetDlgItemText (hwndDlg, IDC_PIM, tmp); - } - - if (lw == IDC_PIM) - { - if(GetPim (hwndDlg, IDC_OLD_PIM) != GetPim (hwndDlg, IDC_PIM)) - { - PimValueChangedWarning = TRUE; - SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, GetString (bSysEncPwdChangeDlgMode? "PIM_SYSENC_CHANGE_WARNING" : "PIM_CHANGE_WARNING")); - } - else - { - PimValueChangedWarning = FALSE; - SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, (wchar_t *) GetDictionaryValueByInt (IDC_PIM_HELP)); - } - } - - return 1; - } - - if (lw == IDC_PIM_ENABLE) - { - ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDT_OLD_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_OLD_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_OLD_PIM_HELP), SW_SHOW); - - // check also the "Use PIM" for the new password if it is enabled - if (IsWindowEnabled (GetDlgItem (hwndDlg, IDC_NEW_PIM_ENABLE))) - { - SetCheckBox (hwndDlg, IDC_NEW_PIM_ENABLE, TRUE); - - ShowWindow (GetDlgItem (hwndDlg, IDC_NEW_PIM_ENABLE), SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); - } - - SetFocus (GetDlgItem (hwndDlg, IDC_OLD_PIM)); - - return 1; - } - - if (lw == IDC_NEW_PIM_ENABLE) - { - ShowWindow (GetDlgItem (hwndDlg, IDC_NEW_PIM_ENABLE), SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); - - SetFocus (GetDlgItem (hwndDlg, IDC_PIM)); - - return 1; - } - - if (lw == IDC_KEYFILES) - { - if (bSysEncPwdChangeDlgMode) - { - Warning ("KEYFILES_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", hwndDlg); - return 1; - } - - KeyFilesDlgParam param; - param.EnableKeyFiles = KeyFilesEnable; - param.FirstKeyFile = FirstKeyFile; - - if (IDOK == DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, - (DLGPROC) KeyFilesDlgProc, (LPARAM) ¶m)) - { - KeyFilesEnable = param.EnableKeyFiles; - FirstKeyFile = param.FirstKeyFile; - - SetCheckBox (hwndDlg, IDC_ENABLE_KEYFILES, KeyFilesEnable); - } - - PasswordChangeEnable (hwndDlg, IDOK, - IDC_OLD_PASSWORD, - KeyFilesEnable && FirstKeyFile != NULL, - IDC_PASSWORD, IDC_VERIFY, - newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL); - - return 1; - } - - - if (lw == IDC_NEW_KEYFILES) - { - if (bSysEncPwdChangeDlgMode) - { - Warning ("KEYFILES_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", hwndDlg); - return 1; - } - - if (IDOK == DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, - (DLGPROC) KeyFilesDlgProc, (LPARAM) &newKeyFilesParam)) - { - SetCheckBox (hwndDlg, IDC_ENABLE_NEW_KEYFILES, newKeyFilesParam.EnableKeyFiles); - - VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (hwndDlg, IDOK), GetDlgItem (hwndDlg, IDC_PASSWORD), - GetDlgItem (hwndDlg, IDC_VERIFY), NULL, NULL, - newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL); - } - - PasswordChangeEnable (hwndDlg, IDOK, - IDC_OLD_PASSWORD, - KeyFilesEnable && FirstKeyFile != NULL, - IDC_PASSWORD, IDC_VERIFY, - newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL); - - return 1; - } - - if (lw == IDC_ENABLE_KEYFILES) - { - KeyFilesEnable = GetCheckBox (hwndDlg, IDC_ENABLE_KEYFILES); - - PasswordChangeEnable (hwndDlg, IDOK, - IDC_OLD_PASSWORD, - KeyFilesEnable && FirstKeyFile != NULL, - IDC_PASSWORD, IDC_VERIFY, - newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL); - - return 1; - } - - if (lw == IDC_ENABLE_NEW_KEYFILES) - { - newKeyFilesParam.EnableKeyFiles = GetCheckBox (hwndDlg, IDC_ENABLE_NEW_KEYFILES); - - PasswordChangeEnable (hwndDlg, IDOK, - IDC_OLD_PASSWORD, - KeyFilesEnable && FirstKeyFile != NULL, - IDC_PASSWORD, IDC_VERIFY, - newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL); - - return 1; - } - - if (hw == CBN_SELCHANGE) - { - switch (lw) - { - case IDC_PKCS5_PRF_ID: - if (bSysEncPwdChangeDlgMode) - { - int new_hash_algo_id = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, - SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); - - if (new_hash_algo_id != 0 && !HashForSystemEncryption(new_hash_algo_id)) - { - int new_hash_algo_id = DEFAULT_HASH_ALGORITHM_BOOT; - Info ("ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", hwndDlg); - SelectAlgo (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), &new_hash_algo_id); - } - } - break; - } - return 1; - - } - - if (lw == IDC_TRUECRYPT_MODE) - { - BOOL bEnablePim = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE) ? FALSE: TRUE; - EnableWindow (GetDlgItem (hwndDlg, IDT_OLD_PIM), bEnablePim); - EnableWindow (GetDlgItem (hwndDlg, IDC_OLD_PIM), bEnablePim); - EnableWindow (GetDlgItem (hwndDlg, IDC_OLD_PIM_HELP), bEnablePim); - } - - if (lw == IDC_SHOW_PASSWORD_CHPWD_ORI) - { - HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_ORI, IDC_OLD_PASSWORD, IDC_OLD_PIM); - return 1; - } - - if (lw == IDC_SHOW_PASSWORD_CHPWD_NEW) - { - HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW, IDC_PASSWORD, IDC_VERIFY); - HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW, IDC_PIM, 0); - return 1; - } - - if (lw == IDOK) - { - HWND hParent = GetParent (hwndDlg); - Password oldPassword; - Password newPassword; - WipeAlgorithmId headerWiperMode = (WipeAlgorithmId) SendMessage ( - GetDlgItem (hwndDlg, IDC_WIPE_MODE), - CB_GETITEMDATA, - SendMessage (GetDlgItem (hwndDlg, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0), - 0); - int nStatus; - int old_pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), CB_GETITEMDATA, - SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), CB_GETCURSEL, 0, 0), 0); - int pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, - SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); - BOOL truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); - - int old_pim = GetPim (hwndDlg, IDC_OLD_PIM); - int pim = GetPim (hwndDlg, IDC_PIM); - - if (truecryptMode && (old_pkcs5 == SHA256)) - { - Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); - return 1; - } - else if (truecryptMode && (old_pim != 0)) - { - Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); - return 1; - } - - if (bSysEncPwdChangeDlgMode && !CheckPasswordCharEncoding (GetDlgItem (hwndDlg, IDC_PASSWORD), NULL)) - { - Error ("UNSUPPORTED_CHARS_IN_PWD", hwndDlg); - return 1; - } - - if (bSysEncPwdChangeDlgMode && (pim > MAX_BOOT_PIM_VALUE)) - { - SetFocus (GetDlgItem(hwndDlg, IDC_PIM)); - Error ("PIM_SYSENC_TOO_BIG", hwndDlg); - return 1; - } - - if (!bSysEncPwdChangeDlgMode && (pim > MAX_PIM_VALUE)) - { - SetFocus (GetDlgItem(hwndDlg, IDC_PIM)); - Error ("PIM_TOO_BIG", hwndDlg); - return 1; - } - - if (pwdChangeDlgMode == PCDM_CHANGE_PKCS5_PRF) - { - newKeyFilesParam.EnableKeyFiles = KeyFilesEnable; - } - else if (!(newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL) - && pwdChangeDlgMode == PCDM_CHANGE_PASSWORD) - { - if (!CheckPasswordLength (hwndDlg, GetWindowTextLength(GetDlgItem (hwndDlg, IDC_PASSWORD)), pim, bSysEncPwdChangeDlgMode, FALSE, FALSE)) - return 1; - } - - GetVolumePath (hParent, szFileName, ARRAYSIZE (szFileName)); - - if (GetPassword (hwndDlg, IDC_OLD_PASSWORD, (LPSTR) oldPassword.Text, sizeof (oldPassword.Text), TRUE)) - oldPassword.Length = (unsigned __int32) strlen ((char *) oldPassword.Text); - else - { - return 1; - } - - switch (pwdChangeDlgMode) - { - case PCDM_REMOVE_ALL_KEYFILES_FROM_VOL: - case PCDM_ADD_REMOVE_VOL_KEYFILES: - case PCDM_CHANGE_PKCS5_PRF: - memcpy (newPassword.Text, oldPassword.Text, sizeof (newPassword.Text)); - newPassword.Length = (unsigned __int32) strlen ((char *) oldPassword.Text); - pim = old_pim; - break; - - default: - if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) newPassword.Text, sizeof (newPassword.Text), TRUE)) - newPassword.Length = (unsigned __int32) strlen ((char *) newPassword.Text); - else - return 1; - } - - WaitCursor (); - - if (KeyFilesEnable) - KeyFilesApply (hwndDlg, &oldPassword, FirstKeyFile, szFileName); - - if (newKeyFilesParam.EnableKeyFiles) - { - if (!KeyFilesApply (hwndDlg, &newPassword, pwdChangeDlgMode == PCDM_CHANGE_PKCS5_PRF ? FirstKeyFile : newKeyFilesParam.FirstKeyFile, szFileName)) - { - nStatus = ERR_DONT_REPORT; - goto err; - } - } - - ChangePwdThreadParam changePwdParam; - changePwdParam.oldPassword = &oldPassword; - changePwdParam.old_pkcs5 = old_pkcs5; - changePwdParam.old_pim = old_pim; - changePwdParam.newPassword = &newPassword; - changePwdParam.pkcs5 = pkcs5; - changePwdParam.pim = pim; - changePwdParam.wipePassCount = GetWipePassCount(headerWiperMode); - changePwdParam.pnStatus = &nStatus; - changePwdParam.truecryptMode = truecryptMode; - - ShowWaitDialog(hwndDlg, TRUE, ChangePwdWaitThreadProc, &changePwdParam); - -err: - // notify the caller in case the PIM has changed - if (NewPimValuePtr) - { - if (pim != old_pim) - *NewPimValuePtr = pim; - else - *NewPimValuePtr = -1; - } - - burn (&oldPassword, sizeof (oldPassword)); - burn (&newPassword, sizeof (newPassword)); - burn (&old_pim, sizeof(old_pim)); - burn (&pim, sizeof(pim)); - - NormalCursor (); - - if (nStatus == 0) - { - // Attempt to wipe passwords stored in the input field buffers - wchar_t tmp[MAX_PASSWORD+1]; - wmemset (tmp, L'X', MAX_PASSWORD); - tmp[MAX_PASSWORD] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); - SetWindowText (GetDlgItem (hwndDlg, IDC_OLD_PASSWORD), tmp); - SetWindowText (GetDlgItem (hwndDlg, IDC_VERIFY), tmp); - - KeyFileRemoveAll (&newKeyFilesParam.FirstKeyFile); - RestoreDefaultKeyFilesParam (); - - if (bSysEncPwdChangeDlgMode) - { - KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); - } - - EndDialog (hwndDlg, IDOK); - } - return 1; - } - return 0; - } - - return 0; -} - -static wchar_t PasswordDlgVolume[MAX_PATH + 1]; -static BOOL PasswordDialogDisableMountOptions; -static char *PasswordDialogTitleStringId; - -/* Except in response to the WM_INITDIALOG message, the dialog box procedure - should return nonzero if it processes the message, and zero if it does - not. - see DialogProc */ -BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - static Password *szXPwd; - static int *pkcs5; - static int *pim; - static BOOL* truecryptMode; - - switch (msg) - { - case WM_INITDIALOG: - { - int i, nIndex, defaultPrfIndex = 0; - szXPwd = ((PasswordDlgParam *) lParam) -> password; - pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5; - pim = ((PasswordDlgParam *) lParam) -> pim; - truecryptMode = ((PasswordDlgParam *) lParam) -> truecryptMode; - LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG"); - DragAcceptFiles (hwndDlg, TRUE); - - if (PasswordDialogTitleStringId) - { - SetWindowTextW (hwndDlg, GetString (PasswordDialogTitleStringId)); - } - else if (wcslen (PasswordDlgVolume) > 0) - { - wchar_t s[1024]; - RECT rect; - GetWindowRect (hwndDlg, &rect); - - bool useInExplorer = false; - wstring label = GetFavoriteVolumeLabel (PasswordDlgVolume, useInExplorer); - if (!label.empty()) - { - StringCbPrintfW (s, sizeof(s), GetString ("ENTER_PASSWORD_FOR_LABEL"), label.c_str()); - if (useInExplorer) - StringCbCopyW (mountOptions.Label, sizeof (mountOptions.Label), label.c_str()); - } - else - { - StringCbPrintfW (s, sizeof(s), GetString ("ENTER_PASSWORD_FOR"), L"___"); - StringCbPrintfW (s, sizeof(s), GetString ("ENTER_PASSWORD_FOR"), FitPathInGfxWidth (hwndDlg, WindowTitleBarFont, rect.right - rect.left - GetTextGfxWidth (hwndDlg, s, WindowTitleBarFont), PasswordDlgVolume).c_str()); - } - - SetWindowTextW (hwndDlg, s); - } - - /* Populate the PRF algorithms list */ - HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); - SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); - - nIndex = (int) SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); - - for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) - { - nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); - if (*pkcs5 && (*pkcs5 == i)) - defaultPrfIndex = nIndex; - } - - /* make autodetection the default unless a specific PRF was specified in the command line */ - SendMessage (hComboBox, CB_SETCURSEL, defaultPrfIndex, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_CACHE), BM_SETCHECK, bCacheInDriver ? BST_CHECKED:BST_UNCHECKED, 0); - SendMessage (GetDlgItem (hwndDlg, IDC_PIM), EM_LIMITTEXT, MAX_PIM, 0); - - SetPim (hwndDlg, IDC_PIM, *pim); - - /* make PIM field visible if a PIM value has been explicitely specified */ - if (*pim > 0) - { - SetCheckBox (hwndDlg, IDC_PIM_ENABLE, TRUE); - ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); - } - - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); - - mountOptions.PartitionInInactiveSysEncScope = bPrebootPasswordDlgMode; - - if (bPrebootPasswordDlgMode) - { - SendMessage (hwndDlg, TC_APPMSG_PREBOOT_PASSWORD_MODE, 0, 0); - } - - if (PasswordDialogDisableMountOptions) - { - EnableWindow (GetDlgItem (hwndDlg, IDC_CACHE), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_OPTIONS), FALSE); - /* Disable TrueCrypt mode option in case of backup/restore header operation */ - SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE); - } - else if (*truecryptMode) - { - /* Check TrueCryptMode if it is enabled on the command line */ - SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, TRUE); - } - - if (!SetForegroundWindow (hwndDlg) && (FavoriteMountOnArrivalInProgress || LogOn)) - { - SetWindowPos (hwndDlg, HWND_TOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); - - FLASHWINFO flash; - flash.cbSize = sizeof (flash); - flash.dwFlags = FLASHW_ALL | FLASHW_TIMERNOFG; - flash.dwTimeout = 0; - flash.hwnd = hwndDlg; - flash.uCount = 0; - - FlashWindowEx (&flash); - - SetWindowPos (hwndDlg, HWND_NOTOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); - } - } - return 0; - - case TC_APPMSG_PREBOOT_PASSWORD_MODE: - { - /* Repopulate the PRF algorithms list with algorithms that support system encryption */ - HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); - SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); - - int i, defaultPrfIndex = 0, nIndex = (int) SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); - - for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) - { - if (HashForSystemEncryption(i)) - { - nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); - if (*pkcs5 && (*pkcs5 == i)) - defaultPrfIndex = nIndex; - } - } - - /* make autodetection the default unless a specific PRF was specified in the command line */ - SendMessage (hComboBox, CB_SETCURSEL, defaultPrfIndex, 0); - - ToBootPwdField (hwndDlg, IDC_PASSWORD); - - // Attempt to wipe the password stored in the input field buffer - wchar_t tmp[MAX_PASSWORD+1]; - wmemset (tmp, L'X', MAX_PASSWORD); - tmp [MAX_PASSWORD] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), L""); - - StringCbPrintfW (OrigKeyboardLayout, sizeof(OrigKeyboardLayout),L"%08X", (DWORD) GetKeyboardLayout (NULL) & 0xFFFF); - - DWORD keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); - - if (keybLayout != 0x00000409 && keybLayout != 0x04090409) - { - Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - if (SetTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0) - { - Error ("CANNOT_SET_TIMER", hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - if (GetCheckBox (hwndDlg, IDC_SHOW_PASSWORD)) - { - // simulate hiding password - SetCheckBox (hwndDlg, IDC_SHOW_PASSWORD, FALSE); - - HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD, IDC_PASSWORD, IDC_PIM); - } - - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), FALSE); - - SetPim (hwndDlg, IDC_PIM, *pim); - - bPrebootPasswordDlgMode = TRUE; - } - return 1; - - case WM_TIMER: - switch (wParam) - { - case TIMER_ID_KEYB_LAYOUT_GUARD: - if (bPrebootPasswordDlgMode) - { - DWORD keybLayout = (DWORD) GetKeyboardLayout (NULL); - - if (keybLayout != 0x00000409 && keybLayout != 0x04090409) - { - // Keyboard layout is not standard US - - // Attempt to wipe the password stored in the input field buffer - wchar_t tmp[MAX_PASSWORD+1]; - wmemset (tmp, L'X', MAX_PASSWORD); - tmp [MAX_PASSWORD] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), L""); - - keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); - - if (keybLayout != 0x00000409 && keybLayout != 0x04090409) - { - KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); - Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - wchar_t szTmp [4096]; - StringCbCopyW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_CHANGE_PREVENTED")); - StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); - StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION")); - MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); - } - } - return 1; - } - return 0; - - case WM_COMMAND: - - if (lw == IDC_MOUNT_OPTIONS) - { - /* Use default PRF specified by the user if any */ - if (mountOptions.ProtectedHidVolPkcs5Prf == 0) - mountOptions.ProtectedHidVolPkcs5Prf = *pkcs5; - if (mountOptions.ProtectedHidVolPim == 0) - mountOptions.ProtectedHidVolPim = *pim; - DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg, - (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions); - - if (!bPrebootPasswordDlgMode && mountOptions.PartitionInInactiveSysEncScope) - SendMessage (hwndDlg, TC_APPMSG_PREBOOT_PASSWORD_MODE, 0, 0); - - return 1; - } - - if (lw == IDC_PIM_ENABLE) - { - ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); - - SetFocus (GetDlgItem (hwndDlg, IDC_PIM)); - return 1; - } - - if (lw == IDC_SHOW_PASSWORD) - { - HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD, IDC_PASSWORD, IDC_PIM); - return 1; - } - - if (lw == IDC_TRUECRYPT_MODE) - { - BOOL bEnablePim = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE) ? FALSE: TRUE; - EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), bEnablePim); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), bEnablePim); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), bEnablePim); - } - - if (lw == IDC_KEY_FILES) - { - KeyFilesDlgParam param; - param.EnableKeyFiles = KeyFilesEnable; - param.FirstKeyFile = FirstKeyFile; - - if (IDOK == DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, - (DLGPROC) KeyFilesDlgProc, (LPARAM) ¶m)) - { - KeyFilesEnable = param.EnableKeyFiles; - FirstKeyFile = param.FirstKeyFile; - - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); - } - - return 1; - } - - if (lw == IDC_KEYFILES_ENABLE) - { - KeyFilesEnable = GetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE); - - return 1; - } - - if (lw == IDCANCEL || lw == IDOK) - { - wchar_t tmp[MAX_PASSWORD+1]; - - if (lw == IDOK) - { - if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles) - KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, wcslen (PasswordDlgVolume) > 0 ? PasswordDlgVolume : NULL); - - if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, MAX_PASSWORD + 1, TRUE)) - szXPwd->Length = (unsigned __int32) strlen ((char *) szXPwd->Text); - else - return 1; - - bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE)); - *pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); - *truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); - - *pim = GetPim (hwndDlg, IDC_PIM); - - /* SHA-256 is not supported by TrueCrypt */ - if ( (*truecryptMode) - && ((*pkcs5 == SHA256) || (mountOptions.ProtectHiddenVolume && mountOptions.ProtectedHidVolPkcs5Prf == SHA256)) - ) - { - Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); - return 1; - } - - if ( (*truecryptMode) - && (*pim != 0) - ) - { - Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); - return 1; - } - } - - // Attempt to wipe password stored in the input field buffer - wmemset (tmp, L'X', MAX_PASSWORD); - tmp[MAX_PASSWORD] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), tmp); - - if (hidVolProtKeyFilesParam.FirstKeyFile != NULL) - { - KeyFileRemoveAll (&hidVolProtKeyFilesParam.FirstKeyFile); - hidVolProtKeyFilesParam.EnableKeyFiles = FALSE; - } - - if (bPrebootPasswordDlgMode) - { - KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); - - // Restore the original keyboard layout - if (LoadKeyboardLayout (OrigKeyboardLayout, KLF_ACTIVATE | KLF_SUBSTITUTE_OK) == NULL) - Warning ("CANNOT_RESTORE_KEYBOARD_LAYOUT", hwndDlg); - } - - EndDialog (hwndDlg, lw); - return 1; - } - return 0; - - case WM_CONTEXTMENU: - { - RECT buttonRect; - GetWindowRect (GetDlgItem (hwndDlg, IDC_KEY_FILES), &buttonRect); - - if (LOWORD (lParam) >= buttonRect.left && LOWORD (lParam) <= buttonRect.right - && HIWORD (lParam) >= buttonRect.top && HIWORD (lParam) <= buttonRect.bottom) - { - // The "Keyfiles" button has been right-clicked - - KeyFilesDlgParam param; - param.EnableKeyFiles = KeyFilesEnable; - param.FirstKeyFile = FirstKeyFile; - - POINT popupPos; - popupPos.x = buttonRect.left + 2; - popupPos.y = buttonRect.top + 2; - - if (KeyfilesPopupMenu (hwndDlg, popupPos, ¶m)) - { - KeyFilesEnable = param.EnableKeyFiles; - FirstKeyFile = param.FirstKeyFile; - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); - } - } - } - break; - - case WM_DROPFILES: - { - HDROP hdrop = (HDROP) wParam; - int i = 0, count = DragQueryFile (hdrop, 0xFFFFFFFF, NULL, 0); - - while (count-- > 0) - { - KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); - if (kf) - { - DragQueryFile (hdrop, i++, kf->FileName, ARRAYSIZE (kf->FileName)); - FirstKeyFile = KeyFileAdd (FirstKeyFile, kf); - KeyFilesEnable = TRUE; - } - } - - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); - DragFinish (hdrop); - } - return 1; - } - - return 0; -} - -static void PreferencesDlgEnableButtons (HWND hwndDlg) -{ - BOOL back = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_BKG_TASK_ENABLE)); - BOOL idle = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE)); - BOOL installed = !IsNonInstallMode(); - BOOL wtsEnabled = (hWtsLib != NULL) ? TRUE : FALSE; - - EnableWindow (GetDlgItem (hwndDlg, IDC_CLOSE_BKG_TASK_WHEN_NOVOL), back && installed); - EnableWindow (GetDlgItem (hwndDlg, IDT_LOGON), installed); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_LOGON_START), back && installed); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_LOGON_MOUNT_DEVICES), installed); - EnableWindow (GetDlgItem (hwndDlg, IDT_AUTO_DISMOUNT), back); - EnableWindow (GetDlgItem (hwndDlg, IDT_AUTO_DISMOUNT_ON), back); - EnableWindow (GetDlgItem (hwndDlg, IDT_MINUTES), back); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_LOGOFF), back); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SESSION_LOCKED), back && wtsEnabled); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_POWERSAVING), back); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SCREENSAVER), back); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE), back); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE_TIME), back && idle); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_FORCE_AUTO_DISMOUNT), back); -} - -BOOL CALLBACK PreferencesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - static BOOL PreferencesDialogActive = FALSE; - static HWND ActivePreferencesDialogWindow; - - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - if (PreferencesDialogActive) - { - ShowWindow (ActivePreferencesDialogWindow, SW_SHOW); - SetForegroundWindow (ActivePreferencesDialogWindow); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - ActivePreferencesDialogWindow = hwndDlg; - PreferencesDialogActive = TRUE; - - LocalizeDialog (hwndDlg, "IDD_PREFERENCES_DLG"); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_OPEN_EXPLORER), BM_SETCHECK, - bExplore ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_USE_DIFF_TRAY_ICON_IF_VOL_MOUNTED), BM_SETCHECK, - bUseDifferentTrayIconIfVolMounted ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PRESERVE_TIMESTAMPS), BM_SETCHECK, - defaultMountOptions.PreserveTimestamp ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_SHOW_DISCONNECTED_NETWORK_DRIVES), BM_SETCHECK, - bShowDisconnectedNetworkDrives ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_HIDE_WAITING_DIALOG), BM_SETCHECK, - bHideWaitingDialog ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT), BM_SETCHECK, - bCacheDuringMultipleMount ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_WIPE_CACHE_ON_EXIT), BM_SETCHECK, - bWipeCacheOnExit ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_WIPE_CACHE_ON_AUTODISMOUNT), BM_SETCHECK, - bWipeCacheOnAutoDismount ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PASSWORDS), BM_SETCHECK, - bCacheInDriver ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PIM), BM_SETCHECK, - bIncludePimInCache? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_MOUNT_READONLY), BM_SETCHECK, - defaultMountOptions.ReadOnly ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_MOUNT_REMOVABLE), BM_SETCHECK, - defaultMountOptions.Removable ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_LOGON_START), BM_SETCHECK, - bStartOnLogon ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_LOGON_MOUNT_DEVICES), BM_SETCHECK, - bMountDevicesOnLogon ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_BKG_TASK_ENABLE), BM_SETCHECK, - bEnableBkgTask ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_CLOSE_BKG_TASK_WHEN_NOVOL), BM_SETCHECK, - bCloseBkgTaskWhenNoVolumes || IsNonInstallMode() ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_LOGOFF), BM_SETCHECK, - bDismountOnLogOff ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SESSION_LOCKED), BM_SETCHECK, - bDismountOnSessionLocked ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_POWERSAVING), BM_SETCHECK, - bDismountOnPowerSaving ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SCREENSAVER), BM_SETCHECK, - bDismountOnScreenSaver ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_FORCE_AUTO_DISMOUNT), BM_SETCHECK, - bForceAutoDismount ? BST_CHECKED:BST_UNCHECKED, 0); - - SendMessage (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE), BM_SETCHECK, - MaxVolumeIdleTime > 0 ? BST_CHECKED:BST_UNCHECKED, 0); - - SetDlgItemInt (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE_TIME, abs (MaxVolumeIdleTime), FALSE); - - PreferencesDlgEnableButtons (hwndDlg); - } - return 0; - - case WM_COMMAND: - - if (lw == IDC_PREF_BKG_TASK_ENABLE && !IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_BKG_TASK_ENABLE))) - { - if (AskWarnNoYes ("CONFIRM_BACKGROUND_TASK_DISABLED", hwndDlg) == IDNO) - SetCheckBox (hwndDlg, IDC_PREF_BKG_TASK_ENABLE, TRUE); - } - - // Forced dismount disabled warning - if (lw == IDC_PREF_DISMOUNT_INACTIVE - || lw == IDC_PREF_DISMOUNT_LOGOFF - || lw == IDC_PREF_DISMOUNT_SESSION_LOCKED - || lw == IDC_PREF_DISMOUNT_POWERSAVING - || lw == IDC_PREF_DISMOUNT_SCREENSAVER - || lw == IDC_PREF_FORCE_AUTO_DISMOUNT) - { - BOOL i = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE)); - BOOL l = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_LOGOFF)); - BOOL sl = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SESSION_LOCKED)); - BOOL p = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_POWERSAVING)); - BOOL s = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SCREENSAVER)); - BOOL q = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_FORCE_AUTO_DISMOUNT)); - - if (!q) - { - if (lw == IDC_PREF_FORCE_AUTO_DISMOUNT && (i || l || sl || p || s)) - { - if (AskWarnNoYes ("CONFIRM_NO_FORCED_AUTODISMOUNT", hwndDlg) == IDNO) - SetCheckBox (hwndDlg, IDC_PREF_FORCE_AUTO_DISMOUNT, TRUE); - } - else if ((lw == IDC_PREF_DISMOUNT_INACTIVE && i - || lw == IDC_PREF_DISMOUNT_LOGOFF && l - || lw == IDC_PREF_DISMOUNT_SESSION_LOCKED && sl - || lw == IDC_PREF_DISMOUNT_POWERSAVING && p - || lw == IDC_PREF_DISMOUNT_SCREENSAVER && s)) - Warning ("WARN_PREF_AUTO_DISMOUNT", hwndDlg); - } - - if (p && lw == IDC_PREF_DISMOUNT_POWERSAVING) - Warning ("WARN_PREF_AUTO_DISMOUNT_ON_POWER", hwndDlg); - } - - if (lw == IDCANCEL) - { - PreferencesDialogActive = FALSE; - EndDialog (hwndDlg, lw); - return 1; - } - - if (lw == IDOK) - { - WaitCursor (); - - bExplore = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_OPEN_EXPLORER)); - bUseDifferentTrayIconIfVolMounted = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_USE_DIFF_TRAY_ICON_IF_VOL_MOUNTED)); - bPreserveTimestamp = defaultMountOptions.PreserveTimestamp = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PRESERVE_TIMESTAMPS)); - bShowDisconnectedNetworkDrives = IsButtonChecked (GetDlgItem (hwndDlg, IDC_SHOW_DISCONNECTED_NETWORK_DRIVES)); - bHideWaitingDialog = IsButtonChecked (GetDlgItem (hwndDlg, IDC_HIDE_WAITING_DIALOG)); - bCacheDuringMultipleMount = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT)); - bWipeCacheOnExit = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_WIPE_CACHE_ON_EXIT)); - bWipeCacheOnAutoDismount = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_WIPE_CACHE_ON_AUTODISMOUNT)); - bCacheInDriverDefault = bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PASSWORDS)); - bIncludePimInCache = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PIM)); - defaultMountOptions.ReadOnly = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_MOUNT_READONLY)); - defaultMountOptions.Removable = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_MOUNT_REMOVABLE)); - bEnableBkgTask = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_BKG_TASK_ENABLE)); - bCloseBkgTaskWhenNoVolumes = IsNonInstallMode() ? bCloseBkgTaskWhenNoVolumes : IsButtonChecked (GetDlgItem (hwndDlg, IDC_CLOSE_BKG_TASK_WHEN_NOVOL)); - bDismountOnLogOff = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_LOGOFF)); - bDismountOnSessionLocked = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SESSION_LOCKED)); - bDismountOnPowerSaving = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_POWERSAVING)); - bDismountOnScreenSaver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SCREENSAVER)); - bForceAutoDismount = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_FORCE_AUTO_DISMOUNT)); - MaxVolumeIdleTime = GetDlgItemInt (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE_TIME, NULL, FALSE) - * (IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE)) ? 1 : -1); - bStartOnLogon = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_LOGON_START)); - bMountDevicesOnLogon = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_LOGON_MOUNT_DEVICES)); - - ManageStartupSeq (); - - SaveSettings (hwndDlg); - - NormalCursor (); - - PreferencesDialogActive = FALSE; - EndDialog (hwndDlg, lw); - return 1; - } - - if (lw == IDC_MORE_SETTINGS) - { - HMENU popup = CreatePopupMenu (); - if (popup) - { - AppendMenuW (popup, MF_STRING, IDM_LANGUAGE, GetString ("IDM_LANGUAGE")); - AppendMenuW (popup, MF_STRING, IDM_HOTKEY_SETTINGS, GetString ("IDM_HOTKEY_SETTINGS")); - AppendMenuW (popup, MF_STRING, IDM_PERFORMANCE_SETTINGS, GetString ("IDM_PERFORMANCE_SETTINGS")); - AppendMenuW (popup, MF_STRING, IDM_SYSENC_SETTINGS, GetString ("IDM_SYSENC_SETTINGS")); - AppendMenuW (popup, MF_STRING, IDM_SYS_FAVORITES_SETTINGS, GetString ("IDM_SYS_FAVORITES_SETTINGS")); - AppendMenuW (popup, MF_STRING, IDM_DEFAULT_KEYFILES, GetString ("IDM_DEFAULT_KEYFILES")); - AppendMenuW (popup, MF_STRING, IDM_DEFAULT_MOUNT_PARAMETERS, GetString ("IDM_DEFAULT_MOUNT_PARAMETERS")); - AppendMenuW (popup, MF_STRING, IDM_TOKEN_PREFERENCES, GetString ("IDM_TOKEN_PREFERENCES")); - - RECT rect; - GetWindowRect (GetDlgItem (hwndDlg, IDC_MORE_SETTINGS), &rect); - - int menuItem = TrackPopupMenu (popup, TPM_RETURNCMD | TPM_LEFTBUTTON, rect.left + 2, rect.top + 2, 0, hwndDlg, NULL); - DestroyMenu (popup); - - SendMessage (MainDlg, WM_COMMAND, menuItem, NULL); - return 1; - } - else - return 0; - } - - if (HIWORD (wParam) == BN_CLICKED) - { - PreferencesDlgEnableButtons (hwndDlg); - return 1; - } - - return 0; - } - - return 0; -} - - -BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - static MountOptions *mountOptions; - - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - BOOL protect; - - mountOptions = (MountOptions *) lParam; - - LocalizeDialog (hwndDlg, "IDD_MOUNT_OPTIONS"); - - SendDlgItemMessage (hwndDlg, IDC_MOUNT_READONLY, BM_SETCHECK, - mountOptions->ReadOnly ? BST_CHECKED : BST_UNCHECKED, 0); - SendDlgItemMessage (hwndDlg, IDC_MOUNT_REMOVABLE, BM_SETCHECK, - mountOptions->Removable ? BST_CHECKED : BST_UNCHECKED, 0); - SendDlgItemMessage (hwndDlg, IDC_PROTECT_HIDDEN_VOL, BM_SETCHECK, - mountOptions->ProtectHiddenVolume ? BST_CHECKED : BST_UNCHECKED, 0); - - SendDlgItemMessage (hwndDlg, IDC_PROTECT_HIDDEN_VOL, BM_SETCHECK, - mountOptions->ProtectHiddenVolume ? BST_CHECKED : BST_UNCHECKED, 0); - - mountOptions->PartitionInInactiveSysEncScope = bPrebootPasswordDlgMode; - - SendDlgItemMessage (hwndDlg, IDC_MOUNT_SYSENC_PART_WITHOUT_PBA, BM_SETCHECK, - bPrebootPasswordDlgMode ? BST_CHECKED : BST_UNCHECKED, 0); - - SendDlgItemMessage (hwndDlg, IDC_USE_EMBEDDED_HEADER_BAK, BM_SETCHECK, - mountOptions->UseBackupHeader ? BST_CHECKED : BST_UNCHECKED, 0); - - EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_SYSENC_PART_WITHOUT_PBA), !bPrebootPasswordDlgMode); - - SetDlgItemTextW (hwndDlg, IDC_VOLUME_LABEL, mountOptions->Label); - SendDlgItemMessage (hwndDlg, IDC_VOLUME_LABEL, EM_LIMITTEXT, 32, 0); // 32 is the maximum possible length for a drive label in Windows - - /* Add PRF algorithm list for hidden volume password */ - HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); - SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); - - int i, nSelectedIndex = 0, nIndex = (int) SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); - - for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) - { - nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); - /* if a PRF was selected previously, select it */ - if (i == mountOptions->ProtectedHidVolPkcs5Prf) - nSelectedIndex = nIndex; - } - - SendMessage (hComboBox, CB_SETCURSEL, nSelectedIndex, 0); - - protect = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL)); - - EnableWindow (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL), !IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY))); - EnableWindow (GetDlgItem (hwndDlg, IDT_HIDDEN_VOL_PROTECTION), !IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY))); - EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_MO), protect); - EnableWindow (GetDlgItem (hwndDlg, IDT_HIDDEN_PROT_PASSWD), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_HIDVOL_PROT), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT), protect); - EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), protect); - EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), protect); - - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT, hidVolProtKeyFilesParam.EnableKeyFiles); - - SendDlgItemMessage (hwndDlg, IDC_PASSWORD_PROT_HIDVOL, EM_LIMITTEXT, MAX_PASSWORD, 0); - SendDlgItemMessage (hwndDlg, IDC_PIM, EM_LIMITTEXT, MAX_PIM, 0); - - if (mountOptions->ProtectedHidVolPassword.Length > 0) - { - wchar_t szTmp[MAX_PASSWORD + 1]; - if (0 == MultiByteToWideChar (CP_UTF8, 0, (LPSTR) mountOptions->ProtectedHidVolPassword.Text, -1, szTmp, MAX_PASSWORD + 1)) - szTmp [0] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), szTmp); - burn (szTmp, sizeof (szTmp)); - } - - SetPim (hwndDlg, IDC_PIM, mountOptions->ProtectedHidVolPim); - - /* make PIM field visible if a PIM value has been explicitely specified */ - if (mountOptions->ProtectedHidVolPim > 0) - { - SetCheckBox (hwndDlg, IDC_PIM_ENABLE, TRUE); - ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); - } - - ToHyperlink (hwndDlg, IDC_LINK_HIDVOL_PROTECTION_INFO); - - } - return 0; - - case WM_CONTEXTMENU: - { - RECT buttonRect; - GetWindowRect (GetDlgItem (hwndDlg, IDC_KEYFILES_HIDVOL_PROT), &buttonRect); - - if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL)) - && LOWORD (lParam) >= buttonRect.left && LOWORD (lParam) <= buttonRect.right - && HIWORD (lParam) >= buttonRect.top && HIWORD (lParam) <= buttonRect.bottom) - { - // The "Keyfiles" button has been right-clicked - - POINT popupPos; - popupPos.x = buttonRect.left + 2; - popupPos.y = buttonRect.top + 2; - - if (KeyfilesPopupMenu (hwndDlg, popupPos, &hidVolProtKeyFilesParam)) - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT, hidVolProtKeyFilesParam.EnableKeyFiles); - } - } - break; - - case WM_COMMAND: - - if (lw == IDC_KEYFILES_HIDVOL_PROT) - { - if (IDOK == DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, - (DLGPROC) KeyFilesDlgProc, (LPARAM) &hidVolProtKeyFilesParam)) - { - SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT, hidVolProtKeyFilesParam.EnableKeyFiles); - } - } - - if (lw == IDC_KEYFILES_ENABLE_HIDVOL_PROT) - { - hidVolProtKeyFilesParam.EnableKeyFiles = GetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT); - - return 0; - } - - if (lw == IDC_SHOW_PASSWORD_MO) - { - HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD_MO, IDC_PASSWORD_PROT_HIDVOL, IDC_PIM); - return 1; - } - - if (lw == IDC_PIM_ENABLE) - { - ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); - ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); - ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); - - SetFocus (GetDlgItem (hwndDlg, IDC_PIM)); - return 1; - } - - if (lw == IDC_LINK_HIDVOL_PROTECTION_INFO) - { - Applink ("hiddenvolprotection", TRUE, ""); - } - - if (lw == IDCANCEL) - { - wchar_t tmp[MAX_PASSWORD+1]; - - // Cleanup - wmemset (tmp, L'X', MAX_PASSWORD); - tmp[MAX_PASSWORD] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), tmp); - - EndDialog (hwndDlg, lw); - return 1; - } - - if (lw == IDOK) - { - wchar_t tmp[MAX_PASSWORD+1]; - - mountOptions->ReadOnly = IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY)); - mountOptions->Removable = IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_REMOVABLE)); - mountOptions->ProtectHiddenVolume = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL)); - mountOptions->PartitionInInactiveSysEncScope = IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_SYSENC_PART_WITHOUT_PBA)); - mountOptions->UseBackupHeader = IsButtonChecked (GetDlgItem (hwndDlg, IDC_USE_EMBEDDED_HEADER_BAK)); - - GetDlgItemTextW (hwndDlg, IDC_VOLUME_LABEL, mountOptions->Label, sizeof (mountOptions->Label) /sizeof (wchar_t)); - - if (mountOptions->ProtectHiddenVolume) - { - GetPassword (hwndDlg, IDC_PASSWORD_PROT_HIDVOL, - (LPSTR) mountOptions->ProtectedHidVolPassword.Text, MAX_PASSWORD + 1, - FALSE); - - mountOptions->ProtectedHidVolPassword.Length = (unsigned __int32) strlen ((char *) mountOptions->ProtectedHidVolPassword.Text); - - mountOptions->ProtectedHidVolPkcs5Prf = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, - SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); - - mountOptions->ProtectedHidVolPim = GetPim (hwndDlg, IDC_PIM); - } - - // Cleanup - wmemset (tmp, L'X', MAX_PASSWORD); - tmp[MAX_PASSWORD] = 0; - SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), tmp); - - if ((mountOptions->ProtectHiddenVolume && !bEnableBkgTask) - && (AskWarnYesNo ("HIDVOL_PROT_BKG_TASK_WARNING", hwndDlg) == IDYES)) - { - bEnableBkgTask = TRUE; - TaskBarIconAdd (MainDlg); - } - - EndDialog (hwndDlg, lw); - return 1; - } - - if (lw == IDC_MOUNT_READONLY || lw == IDC_PROTECT_HIDDEN_VOL) - { - BOOL protect; - - if (lw == IDC_MOUNT_READONLY) - { - SendDlgItemMessage (hwndDlg, IDC_PROTECT_HIDDEN_VOL, BM_SETCHECK, BST_UNCHECKED, 0); - EnableWindow (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL), !IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY))); - EnableWindow (GetDlgItem (hwndDlg, IDT_HIDDEN_VOL_PROTECTION), !IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY))); - } - - protect = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL)); - - EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), protect); - EnableWindow (GetDlgItem (hwndDlg, IDT_HIDDEN_PROT_PASSWD), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_MO), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_HIDVOL_PROT), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT), protect); - EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), protect); - EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), protect); - EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), protect); - - return 1; - } - - return 0; - } - - return 0; -} - - -// Returns the block size (in bits) of the cipher with which the volume mounted as the -// specified drive letter is encrypted. In case of a cascade of ciphers with different -// block sizes the function returns the smallest block size. -int GetCipherBlockSizeByDriveNo (int nDosDriveNo) -{ - VOLUME_PROPERTIES_STRUCT prop; - DWORD dwResult; - - int blockSize = 0, cipherID; - - memset (&prop, 0, sizeof(prop)); - prop.driveNo = nDosDriveNo; - - if (DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &dwResult, NULL)) - { - if ( (prop.driveNo == nDosDriveNo) - && (prop.ea >= EAGetFirst() && prop.ea <= EAGetCount()) - ) - { - for (cipherID = EAGetLastCipher (prop.ea); - cipherID != 0; - cipherID = EAGetPreviousCipher (prop.ea, cipherID)) - { - if (blockSize > 0) - blockSize = min (blockSize, CipherGetBlockSize (cipherID) * 8); - else - blockSize = CipherGetBlockSize (cipherID) * 8; - } - } - } - - return blockSize; -} - - -// Returns the mode of operation in which the volume mounted as the specified drive letter is encrypted. -int GetModeOfOperationByDriveNo (int nDosDriveNo) -{ - VOLUME_PROPERTIES_STRUCT prop; - DWORD dwResult; - - memset (&prop, 0, sizeof(prop)); - prop.driveNo = nDosDriveNo; - - if (DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &dwResult, NULL)) - { - if ( (prop.driveNo == nDosDriveNo) - && (prop.ea >= EAGetFirst() && prop.ea <= EAGetCount()) - && (prop.mode >= FIRST_MODE_OF_OPERATION_ID && prop.mode < MODE_ENUM_END_ID) - ) - { - return prop.mode; - } - } - - return 0; -} - -void DisplayVolumePropertiesListContextMenu (HWND hwndDlg, LPARAM lParam) -{ - /* Volume Properties list context menu */ - DWORD mPos; - int menuItem; - HWND hList = GetDlgItem (hwndDlg, IDC_VOLUME_PROPERTIES_LIST); - int hItem = ListView_GetSelectionMark (hList); - - SetFocus (hList); - - if (hItem >= 0) - { - HMENU popup = CreatePopupMenu (); - AppendMenuW (popup, MF_STRING, IDPM_COPY_VALUE_TO_CLIPBOARD, GetString ("IDPM_COPY_VALUE_TO_CLIPBOARD")); - - if (lParam) - { - mPos=GetMessagePos(); - } - else - { - POINT pt = {0}; - if (ListView_GetItemPosition (hList, hItem, &pt)) - { - pt.x += 2 + ::GetSystemMetrics(SM_CXICON); - pt.y += 2; - } - ClientToScreen (hList, &pt); - mPos = MAKELONG (pt.x, pt.y); - } - - menuItem = TrackPopupMenu (popup, - TPM_RETURNCMD | TPM_LEFTBUTTON, - GET_X_LPARAM(mPos), - GET_Y_LPARAM(mPos), - 0, - hwndDlg, - NULL); - - DestroyMenu (popup); - - switch (menuItem) - { - case IDPM_COPY_VALUE_TO_CLIPBOARD: - { - wchar_t valueText[256] = {0}; - ListView_GetItemText (hList, hItem, 1, valueText, ARRAYSIZE (valueText)); - CopyTextToClipboard (valueText); - } - break; - } - } -} - - -BOOL CALLBACK VolumePropertiesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - BOOL bSysEnc = (BOOL) lParam; - BOOL bSysEncWholeDrive = FALSE; - WORD lw = LOWORD (wParam); - int i = 0; - - switch (msg) - { - case WM_INITDIALOG: - { - VOLUME_PROPERTIES_STRUCT prop; - DWORD dwResult; - - LVCOLUMNW lvCol; - HWND list = GetDlgItem (hwndDlg, IDC_VOLUME_PROPERTIES_LIST); - wchar_t szTmp[1024]; - wchar_t sw[1024]; - wchar_t *s; - - if (bSysEnc) - { - try - { - BootEncStatus = BootEncObj->GetStatus(); - bSysEncWholeDrive = WholeSysDriveEncryption(FALSE); - } - catch (Exception &e) - { - e.Show (MainDlg); - return 0; - } - - if (!BootEncStatus.DriveEncrypted && !BootEncStatus.DriveMounted) - return 0; - } - else - { - switch (LOWORD (GetSelectedLong (GetDlgItem (GetParent(hwndDlg), IDC_DRIVELIST)))) - { - case TC_MLIST_ITEM_FREE: - - // No mounted volume - EndDialog (hwndDlg, IDOK); - return 0; - - case TC_MLIST_ITEM_NONSYS_VOL: - // NOP - break; - - case TC_MLIST_ITEM_SYS_DRIVE: - // Encrypted system drive - bSysEnc = TRUE; - bSysEncWholeDrive = TRUE; - break; - - case TC_MLIST_ITEM_SYS_PARTITION: - // Encrypted system partition - bSysEnc = TRUE; - bSysEncWholeDrive = FALSE; - break; - } - } - - LocalizeDialog (hwndDlg, "IDD_VOLUME_PROPERTIES"); - - SendMessage (list,LVM_SETEXTENDEDLISTVIEWSTYLE, 0, - LVS_EX_FULLROWSELECT - |LVS_EX_HEADERDRAGDROP - |LVS_EX_LABELTIP - ); - - memset (&lvCol,0,sizeof(lvCol)); - lvCol.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; - lvCol.pszText = GetString ("VALUE"); - lvCol.cx = CompensateXDPI (208); - lvCol.fmt = LVCFMT_LEFT; - SendMessage (list,LVM_INSERTCOLUMNW,0,(LPARAM)&lvCol); - - lvCol.pszText = GetString ("PROPERTY"); - lvCol.cx = CompensateXDPI (192); - lvCol.fmt = LVCFMT_LEFT; - SendMessage (list,LVM_INSERTCOLUMNW,0,(LPARAM)&lvCol); - - memset (&prop, 0, sizeof(prop)); - prop.driveNo = HIWORD (GetSelectedLong (GetDlgItem (GetParent(hwndDlg), IDC_DRIVELIST))) - L'A'; - - if (bSysEnc) - { - try - { - BootEncStatus = BootEncObj->GetStatus(); - if (!BootEncStatus.DriveEncrypted && !BootEncStatus.DriveMounted) - return 0; - - BootEncObj->GetVolumeProperties (&prop); - } - catch (Exception &e) - { - e.Show (MainDlg); - return 0; - } - } - else - { - if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &dwResult, NULL) || dwResult == 0) - return 0; - } - - // Location - ListItemAdd (list, i, GetString ("LOCATION")); - if (bSysEnc) - ListSubItemSet (list, i++, 1, GetString (bSysEncWholeDrive ? "SYSTEM_DRIVE" : IsHiddenOSRunning() ? "HIDDEN_SYSTEM_PARTITION" : "SYSTEM_PARTITION")); - else - ListSubItemSet (list, i++, 1, (wchar_t *) (prop.wszVolume[1] != L'?' ? prop.wszVolume : prop.wszVolume + 4)); - - if (!bSysEnc && IsVolumeDeviceHosted ((wchar_t *) (prop.wszVolume[1] != L'?' ? prop.wszVolume : prop.wszVolume + 4))) - { - // Volume ID - std::wstring hexID = ArrayToHexWideString (prop.volumeID, sizeof (prop.volumeID)); - ListItemAdd (list, i, GetString ("VOLUME_ID")); - - ListSubItemSet (list, i++, 1, hexID.c_str()); - } - - - // Size - ListItemAdd (list, i, GetString ("SIZE")); - StringCbPrintfW (sw, sizeof(sw), L"%I64u %s", prop.diskLength, GetString ("BYTES")); - ListSubItemSet (list, i++, 1, sw); - - // Type - ListItemAdd (list, i, GetString ("TYPE")); - if (bSysEnc) - ListSubItemSet (list, i++, 1, GetString (IsHiddenOSRunning() ? "TYPE_HIDDEN_SYSTEM_ADJECTIVE" : "SYSTEM_VOLUME_TYPE_ADJECTIVE")); - else - { - bool truecryptMode = prop.pkcs5Iterations == get_pkcs5_iteration_count(prop.pkcs5, 0, TRUE, prop.partitionInInactiveSysEncScope); - s = prop.hiddenVolume ? GetString ("HIDDEN") : - (prop.hiddenVolProtection != HIDVOL_PROT_STATUS_NONE ? GetString ("OUTER") : GetString ("NORMAL")); - - if (truecryptMode) - { - StringCbPrintfW (sw, sizeof(sw), L"TrueCrypt - %s", s); - ListSubItemSet (list, i++, 1, sw); - } - else - ListSubItemSet (list, i++, 1, s); - } - - if (!bSysEnc) - { - // Write protection - ListItemAdd (list, i, GetString ("READ_ONLY")); - - if (prop.readOnly || prop.hiddenVolProtection == HIDVOL_PROT_STATUS_ACTION_TAKEN) - s = GetString ("UISTR_YES"); - else - s = GetString ("UISTR_NO"); - - ListSubItemSet (list, i++, 1, s); - - // Hidden Volume Protection - ListItemAdd (list, i, GetString ("HIDDEN_VOL_PROTECTION")); - if (prop.hiddenVolume) - s = GetString ("NOT_APPLICABLE_OR_NOT_AVAILABLE"); - else if (prop.hiddenVolProtection == HIDVOL_PROT_STATUS_NONE) - s = GetString ("UISTR_NO"); - else if (prop.hiddenVolProtection == HIDVOL_PROT_STATUS_ACTIVE) - s = GetString ("UISTR_YES"); - else if (prop.hiddenVolProtection == HIDVOL_PROT_STATUS_ACTION_TAKEN) - s = GetString ("HID_VOL_DAMAGE_PREVENTED"); - - ListSubItemSet (list, i++, 1, s); - } - - // Encryption algorithm - ListItemAdd (list, i, GetString ("ENCRYPTION_ALGORITHM")); - - if (prop.ea < EAGetFirst() || prop.ea > EAGetCount ()) - { - ListSubItemSet (list, i, 1, L"?"); - return 1; - } - - EAGetName (szTmp, prop.ea, 1); - ListSubItemSet (list, i++, 1, szTmp); - - // Key size(s) - { - wchar_t name[128]; - int size = EAGetKeySize (prop.ea); - EAGetName (name, prop.ea, 1); - - // Primary key - ListItemAdd (list, i, GetString ("KEY_SIZE")); - StringCbPrintfW (sw, sizeof(sw), L"%d %s", size * 8, GetString ("BITS")); - ListSubItemSet (list, i++, 1, sw); - - if (wcscmp (EAGetModeName (prop.ea, prop.mode, TRUE), L"XTS") == 0) - { - // Secondary key (XTS) - - ListItemAdd (list, i, GetString ("SECONDARY_KEY_SIZE_XTS")); - ListSubItemSet (list, i++, 1, sw); - } - } - - // Block size - ListItemAdd (list, i, GetString ("BLOCK_SIZE")); - - StringCbPrintfW (sw, sizeof(sw), L"%d ", CipherGetBlockSize (EAGetFirstCipher(prop.ea))*8); - StringCbCatW (sw, sizeof(sw), GetString ("BITS")); - ListSubItemSet (list, i++, 1, sw); - - // Mode - ListItemAdd (list, i, GetString ("MODE_OF_OPERATION")); - ListSubItemSet (list, i++, 1, EAGetModeName (prop.ea, prop.mode, TRUE)); - - // PKCS 5 PRF - ListItemAdd (list, i, GetString ("PKCS5_PRF")); - if (prop.volumePim == 0) - ListSubItemSet (list, i++, 1, get_pkcs5_prf_name (prop.pkcs5)); - else - { - StringCbPrintfW (szTmp, sizeof(szTmp), L"%s (Dynamic)", get_pkcs5_prf_name (prop.pkcs5)); - ListSubItemSet (list, i++, 1, szTmp); - } - -#if 0 - // PCKS 5 iterations - ListItemAdd (list, i, GetString ("PKCS5_ITERATIONS")); - sprintf (szTmp, "%d", prop.pkcs5Iterations); - ListSubItemSet (list, i++, 1, szTmp); -#endif - -#if 0 - { - // Legacy - - FILETIME ft, curFt; - LARGE_INTEGER ft64, curFt64; - SYSTEMTIME st; - wchar_t date[128]; - memset (date, 0, sizeof (date)); - - // Volume date - ListItemAdd (list, i, GetString ("VOLUME_CREATE_DATE")); - *(unsigned __int64 *)(&ft) = prop.volumeCreationTime; - FileTimeToSystemTime (&ft, &st); - GetDateFormatW (LOCALE_USER_DEFAULT, 0, &st, 0, sw, sizeof (sw)/2); - swprintf (date, L"%s ", sw); - GetTimeFormatW (LOCALE_USER_DEFAULT, 0, &st, 0, sw, sizeof (sw)/2); - wcscat (date, sw); - ListSubItemSet (list, i++, 1, date); - - // Header date - ListItemAdd (list, i, GetString ("VOLUME_HEADER_DATE")); - *(unsigned __int64 *)(&ft) = prop.headerCreationTime; - FileTimeToSystemTime (&ft, &st); - GetDateFormatW (LOCALE_USER_DEFAULT, 0, &st, 0, sw, sizeof (sw)/2); - swprintf (date, L"%s ", sw); - GetTimeFormatW (LOCALE_USER_DEFAULT, 0, &st, 0, sw, sizeof (sw)/2); - wcscat (date, sw); - - GetLocalTime (&st); - SystemTimeToFileTime (&st, &curFt); - curFt64.HighPart = curFt.dwHighDateTime; - curFt64.LowPart = curFt.dwLowDateTime; - ft64.HighPart = ft.dwHighDateTime; - ft64.LowPart = ft.dwLowDateTime; - swprintf (date + wcslen (date), GetString ("VOLUME_HEADER_DAYS") - , (curFt64.QuadPart - ft64.QuadPart)/(24LL*3600*10000000)); - ListSubItemSet (list, i++, 1, date); - } -#endif // 0 - - if (!bSysEnc || IsHiddenOSRunning()) - { - // Volume format version - ListItemAdd (list, i, GetString ("VOLUME_FORMAT_VERSION")); - StringCbPrintfW (szTmp, sizeof(szTmp), L"%d", prop.volFormatVersion); - ListSubItemSet (list, i++, 1, szTmp); - - // Backup header - ListItemAdd (list, i, GetString ("BACKUP_HEADER")); - ListSubItemSet (list, i++, 1, GetString (prop.volFormatVersion > 1 ? "UISTR_YES" : "UISTR_NO")); - } - - // Total data read - ListItemAdd (list, i, GetString ("TOTAL_DATA_READ")); - GetSizeString (prop.totalBytesRead, sw, sizeof(sw)); - ListSubItemSet (list, i++, 1, sw); - - // Total data written - ListItemAdd (list, i, GetString ("TOTAL_DATA_WRITTEN")); - GetSizeString (prop.totalBytesWritten, sw, sizeof(sw)); - ListSubItemSet (list, i++, 1, sw); - - if (bSysEnc) - { - // TrueCrypt Boot Loader version - ListItemAdd (list, i, GetString ("VC_BOOT_LOADER_VERSION")); - ListSubItemSet (list, i++, 1, GetUserFriendlyVersionString (BootEncStatus.BootLoaderVersion).c_str()); - - // Encrypted portion - ListItemAdd (list, i, GetString ("ENCRYPTED_PORTION")); - if (GetSysEncDeviceEncryptedPartSize (FALSE) == GetSysEncDeviceSize (FALSE)) - ListSubItemSet (list, i++, 1, GetString ("ENCRYPTED_PORTION_FULLY_ENCRYPTED")); - else if (GetSysEncDeviceEncryptedPartSize (FALSE) <= 1) - ListSubItemSet (list, i++, 1, GetString ("ENCRYPTED_PORTION_NOT_ENCRYPTED")); - else - { - - StringCbPrintfW (sw, - sizeof sw, - GetString ("PROCESSED_PORTION_X_PERCENT"), - (double) GetSysEncDeviceEncryptedPartSize (FALSE) / (double) GetSysEncDeviceSize (FALSE) * 100.0); - - ListSubItemSet (list, i++, 1, sw); - } - } - - return 0; - } - - case WM_NOTIFY: - - if(wParam == IDC_VOLUME_PROPERTIES_LIST) - { - /* Right click */ - - switch (((NM_LISTVIEW *) lParam)->hdr.code) - { - case NM_RCLICK: - case LVN_BEGINRDRAG: - /* If the mouse was moving while the right mouse button is pressed, popup menu would - not open, because drag&drop operation would be initiated. Therefore, we're handling - RMB drag-and-drop operations as well. */ - { - - DisplayVolumePropertiesListContextMenu (hwndDlg, lParam); - - return 1; - } - } - } - return 0; - - case WM_CONTEXTMENU: - { - HWND hList = GetDlgItem (hwndDlg, IDC_VOLUME_PROPERTIES_LIST); - // only handle if it is coming from keyboard and if the drive - // list has focus. The other cases are handled elsewhere - if ( (-1 == GET_X_LPARAM(lParam)) - && (-1 == GET_Y_LPARAM(lParam)) - && (GetFocus () == hList) - ) - { - DisplayVolumePropertiesListContextMenu (hwndDlg, NULL); - } - } - return 0; - - case WM_COMMAND: - if (lw == IDOK) - { - EndDialog (hwndDlg, lw); - return 1; - } - return 0; - - case WM_CLOSE: - EndDialog (hwndDlg, lw); - return 1; - } - - return 0; -} - - -BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - static BOOL bAutoRunWarningDisplayed = FALSE; - - switch (msg) - { - case WM_INITDIALOG: - { - WCHAR i; - int index; - WCHAR drive[] = { 0, L':', 0 }; - - LocalizeDialog (hwndDlg, "IDD_TRAVELER_DLG"); - - SendDlgItemMessage (hwndDlg, IDC_COPY_WIZARD, BM_SETCHECK, - BST_CHECKED, 0); - - SendDlgItemMessage (hwndDlg, IDC_COPY_EXPANDER, BM_SETCHECK, - BST_CHECKED, 0); - - SendDlgItemMessage (hwndDlg, IDC_TRAVEL_OPEN_EXPLORER, BM_SETCHECK, - BST_CHECKED, 0); - - SendDlgItemMessage (hwndDlg, IDC_AUTORUN_DISABLE, BM_SETCHECK, - BST_CHECKED, 0); - - SendDlgItemMessage (hwndDlg, IDC_DRIVELIST, CB_RESETCONTENT, 0, 0); - - index = (int) SendDlgItemMessageW (hwndDlg, IDC_DRIVELIST, CB_ADDSTRING, 0, (LPARAM) GetString ("FIRST_AVAILABLE")); - SendDlgItemMessage (hwndDlg, IDC_DRIVELIST, CB_SETITEMDATA, index, (LPARAM) 0); - - for (i = L'A'; i <= L'Z'; i++) - { - if (i == L'C') - continue; - drive[0] = i; - index = (int) SendDlgItemMessageW (hwndDlg, IDC_DRIVELIST, CB_ADDSTRING, 0, (LPARAM) drive); - SendDlgItemMessageW (hwndDlg, IDC_DRIVELIST, CB_SETITEMDATA, index, (LPARAM) i); - } - - SendDlgItemMessageW (hwndDlg, IDC_DRIVELIST, CB_SETCURSEL, 0, 0); - - return 0; - } - - case WM_CTLCOLORSTATIC: - { - HDC hdc = (HDC) wParam; - HWND hw = (HWND) lParam; - if (hw == GetDlgItem(hwndDlg, IDC_DIRECTORY)) - { - // This the directory field. Make its background like normal edit - HBRUSH hbr = GetSysColorBrush (COLOR_WINDOW); - ::SelectObject(hdc, hbr); - return (BOOL) hbr; - } - } - return 0; - - case WM_COMMAND: - - if (HIWORD (wParam) == BN_CLICKED - && (lw == IDC_AUTORUN_DISABLE || lw == IDC_AUTORUN_MOUNT || lw == IDC_AUTORUN_START )) - { - BOOL enabled = IsButtonChecked (GetDlgItem (hwndDlg, IDC_AUTORUN_MOUNT)); - - EnableWindow (GetDlgItem (hwndDlg, IDC_BROWSE_FILES), enabled); - EnableWindow (GetDlgItem (hwndDlg, IDC_VOLUME_NAME), enabled); - EnableWindow (GetDlgItem (hwndDlg, IDC_TRAVEL_OPEN_EXPLORER), enabled); - EnableWindow (GetDlgItem (hwndDlg, IDC_TRAV_CACHE_PASSWORDS), enabled); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PIM), enabled); - EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY), enabled); - EnableWindow (GetDlgItem (hwndDlg, IDC_DRIVELIST), enabled); - EnableWindow (GetDlgItem (hwndDlg, IDT_TRAVELER_MOUNT), enabled); - EnableWindow (GetDlgItem (hwndDlg, IDT_MOUNT_LETTER), enabled); - EnableWindow (GetDlgItem (hwndDlg, IDT_MOUNT_SETTINGS), enabled); - - if (!bAutoRunWarningDisplayed - && (lw == IDC_AUTORUN_MOUNT || lw == IDC_AUTORUN_START)) - { - bAutoRunWarningDisplayed = TRUE; - Warning ("AUTORUN_MAY_NOT_ALWAYS_WORK", hwndDlg); - } - - return 1; - } - - if (lw == IDC_BROWSE_FILES) - { - wchar_t dstDir[MAX_PATH]; - wchar_t volName[MAX_PATH] = { 0 }; - - GetDlgItemText (hwndDlg, IDC_DIRECTORY, dstDir, ARRAYSIZE (dstDir)); - - if (BrowseFilesInDir (hwndDlg, "OPEN_TITLE", dstDir, volName, bHistory, FALSE, NULL)) - SetDlgItemText (hwndDlg, IDC_VOLUME_NAME, wcschr (volName, L'\\') + 1); - - return 1; - } - - if (lw == IDC_BROWSE_DIRS) - { - wchar_t dstPath[MAX_PATH * 2]; - GetDlgItemText (hwndDlg, IDC_DIRECTORY, dstPath, ARRAYSIZE (dstPath)); - - if (BrowseDirectories (hwndDlg, "SELECT_DEST_DIR", dstPath)) - SetDlgItemText (hwndDlg, IDC_DIRECTORY, dstPath); - - return 1; - } - - if (lw == IDCANCEL || lw == IDCLOSE) - { - EndDialog (hwndDlg, lw); - return 1; - } - - if (lw == IDC_CREATE) - { - - BOOL copyWizard, copyExpander, bExplore, bCacheInDriver, bIncludePimInCache, bAutoRun, bAutoMount, bMountReadOnly; - WCHAR dstDir[MAX_PATH + 1]; - WCHAR srcPath[1024 + MAX_PATH + 1]; - WCHAR dstPath[2*MAX_PATH + 1]; - WCHAR appDir[1024]; - WCHAR volName[MAX_PATH + 2]; - int drive; - WCHAR* ptr; - - GetDlgItemTextW (hwndDlg, IDC_DIRECTORY, dstDir, array_capacity (dstDir)); - volName[0] = 0; - GetDlgItemTextW (hwndDlg, IDC_VOLUME_NAME, volName + 1, (array_capacity (volName)) - 1); - - drive = (int) SendDlgItemMessage (hwndDlg, IDC_DRIVELIST, CB_GETCURSEL, 0, 0); - drive = (int) SendDlgItemMessage (hwndDlg, IDC_DRIVELIST, CB_GETITEMDATA, drive, 0); - - copyWizard = IsButtonChecked (GetDlgItem (hwndDlg, IDC_COPY_WIZARD)); - copyExpander = IsButtonChecked (GetDlgItem (hwndDlg, IDC_COPY_EXPANDER)); - bExplore = IsButtonChecked (GetDlgItem (hwndDlg, IDC_TRAVEL_OPEN_EXPLORER)); - bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_TRAV_CACHE_PASSWORDS)); - bIncludePimInCache = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PIM)); - bMountReadOnly = IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY)); - bAutoRun = !IsButtonChecked (GetDlgItem (hwndDlg, IDC_AUTORUN_DISABLE)); - bAutoMount = IsButtonChecked (GetDlgItem (hwndDlg, IDC_AUTORUN_MOUNT)); - - if (dstDir[0] == 0) - { - SetFocus (GetDlgItem (hwndDlg, IDC_DIRECTORY)); - MessageBoxW (hwndDlg, GetString ("NO_PATH_SELECTED"), lpszTitle, MB_ICONEXCLAMATION); - return 1; - } - - - if (bAutoMount && volName[1] == 0) - { - SetFocus (GetDlgItem (hwndDlg, IDC_VOLUME_NAME)); - MessageBoxW (hwndDlg, GetString ("NO_FILE_SELECTED"), lpszTitle, MB_ICONEXCLAMATION); - return 1; - } - - if (volName[1] != 0) - { - volName[0] = L'"'; - StringCbCatW (volName, sizeof(volName), L"\""); - } - - GetModuleFileNameW (NULL, appDir, array_capacity (appDir)); - if (ptr = wcsrchr (appDir, L'\\')) - ptr[0] = 0; - - WaitCursor (); - - StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt", dstDir); - if (!CreateDirectoryW (dstPath, NULL)) - { - handleWin32Error (hwndDlg, SRC_POS); - goto stop; - } - - // Main app 32-bit - if (Is64BitOs () && !IsNonInstallMode ()) - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt-x86.exe", appDir); - else - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt.exe", appDir); - StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCrypt.exe", dstDir); - if (!TCCopyFile (srcPath, dstPath)) - { - handleWin32Error (hwndDlg, SRC_POS); - goto stop; - } - - // Main app 64-bit - if (Is64BitOs () && !IsNonInstallMode ()) - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt.exe", appDir); - else - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt-x64.exe", appDir); - StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCrypt-x64.exe", dstDir); - if (!TCCopyFile (srcPath, dstPath)) - { - handleWin32Error (hwndDlg, SRC_POS); - goto stop; - } - - // Wizard - if (copyWizard) - { - // Wizard 32-bit - if (Is64BitOs () && !IsNonInstallMode ()) - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt Format-x86.exe", appDir); - else - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt Format.exe", appDir); - StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCrypt Format.exe", dstDir); - if (!TCCopyFile (srcPath, dstPath)) - { - handleWin32Error (hwndDlg, SRC_POS); - goto stop; - } - - // Wizard 64-bit - if (Is64BitOs () && !IsNonInstallMode ()) - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt Format.exe", appDir); - else - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt Format-x64.exe", appDir); - StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCrypt Format-x64.exe", dstDir); - if (!TCCopyFile (srcPath, dstPath)) - { - handleWin32Error (hwndDlg, SRC_POS); - goto stop; - } - } - - // Expander - if (copyExpander) - { - // Expander 32-bit - if (Is64BitOs () && !IsNonInstallMode ()) - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCryptExpander-x86.exe", appDir); - else - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCryptExpander.exe", appDir); - StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCryptExpander.exe", dstDir); - if (!TCCopyFile (srcPath, dstPath)) - { - handleWin32Error (hwndDlg, SRC_POS); - goto stop; - } - - // Expander 64-bit - if (Is64BitOs () && !IsNonInstallMode ()) - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCryptExpander.exe", appDir); - else - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCryptExpander-x64.exe", appDir); - StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCryptExpander-x64.exe", dstDir); - if (!TCCopyFile (srcPath, dstPath)) - { - handleWin32Error (hwndDlg, SRC_POS); - goto stop; - } - } - - // Driver - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\veracrypt.sys", appDir); - StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\veracrypt.sys", dstDir); - if (!TCCopyFile (srcPath, dstPath)) - { - handleWin32Error (hwndDlg, SRC_POS); - goto stop; - } - - // Driver x64 - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\veracrypt-x64.sys", appDir); - StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\veracrypt-x64.sys", dstDir); - if (!TCCopyFile (srcPath, dstPath)) - { - handleWin32Error (hwndDlg, SRC_POS); - goto stop; - } - - if (strcmp (GetPreferredLangId (), "en") != 0) - { - // Language pack - StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\Language.%hs.xml", appDir, GetPreferredLangId ()); - StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\Language.%hs.xml", dstDir, GetPreferredLangId ()); - TCCopyFile (srcPath, dstPath); - } - - // AutoRun - StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\autorun.inf", dstDir); - DeleteFileW (dstPath); - if (bAutoRun) - { - FILE *af; - wchar_t autoMount[2*MAX_PATH + 2]; - wchar_t driveLetter[] = { L' ', L'/', L'l', L' ', (wchar_t) drive, 0 }; - - af = _wfopen (dstPath, L"w,ccs=UNICODE"); - - if (af == NULL) - { - MessageBoxW (hwndDlg, GetString ("CANT_CREATE_AUTORUN"), lpszTitle, MB_ICONERROR); - goto stop; - } - - StringCbPrintfW (autoMount, sizeof(autoMount), L"VeraCrypt\\VeraCrypt.exe /q background%s%s%s%s /m rm /v %s", - drive > 0 ? driveLetter : L"", - bExplore ? L" /e" : L"", - bCacheInDriver ? (bIncludePimInCache? L" /c p" : L" /c y") : L"", - bMountReadOnly ? L" /m ro" : L"", - volName); - - fwprintf (af, L"[autorun]\nlabel=%s\nicon=VeraCrypt\\VeraCrypt.exe\n", GetString ("TC_TRAVELER_DISK")); - fwprintf (af, L"action=%s\n", bAutoMount ? GetString ("MOUNT_TC_VOLUME") : GetString ("IDC_PREF_LOGON_START")); - fwprintf (af, L"open=%s\n", bAutoMount ? autoMount : L"VeraCrypt\\VeraCrypt.exe"); - fwprintf (af, L"shell\\start=%s\nshell\\start\\command=VeraCrypt\\VeraCrypt.exe\n", GetString ("IDC_PREF_LOGON_START")); - fwprintf (af, L"shell\\dismount=%s\nshell\\dismount\\command=VeraCrypt\\VeraCrypt.exe /q /d\n", GetString ("DISMOUNT_ALL_TC_VOLUMES")); - - CheckFileStreamWriteErrors (hwndDlg, af, dstPath); - fclose (af); - } - MessageBoxW (hwndDlg, GetString ("TRAVELER_DISK_CREATED"), lpszTitle, MB_ICONINFORMATION); - -stop: - NormalCursor (); - return 1; - } - return 0; - } - - return 0; -} - -void BuildTree (HWND hwndDlg, HWND hTree) -{ - HIMAGELIST hList; - HBITMAP hBitmap, hBitmapMask; - LVCOLUMNW lvCol; - - ListView_DeleteColumn (hTree,0); - ListView_DeleteColumn (hTree,0); - ListView_DeleteColumn (hTree,0); - ListView_DeleteColumn (hTree,0); - ListView_DeleteColumn (hTree,0); - ListView_DeleteColumn (hTree,0); - - SendMessage(hTree,LVM_SETEXTENDEDLISTVIEWSTYLE,0, - LVS_EX_FULLROWSELECT - |LVS_EX_HEADERDRAGDROP - ); - - memset(&lvCol,0,sizeof(lvCol)); - - lvCol.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; - lvCol.pszText = GetString ("DRIVE"); - lvCol.cx = CompensateXDPI (38); - lvCol.fmt = LVCFMT_COL_HAS_IMAGES|LVCFMT_LEFT ; - SendMessage (hTree,LVM_INSERTCOLUMNW,0,(LPARAM)&lvCol); - - lvCol.pszText = GetString ("VOLUME"); - lvCol.cx = CompensateXDPI (200); - lvCol.fmt = LVCFMT_LEFT; - SendMessage (hTree,LVM_INSERTCOLUMNW,1,(LPARAM)&lvCol); - LastDriveListVolumeColumnWidth = ListView_GetColumnWidth (hTree, 1); - - lvCol.pszText = GetString ("SIZE"); - lvCol.cx = CompensateXDPI (55); - lvCol.fmt = LVCFMT_RIGHT; - SendMessage (hTree,LVM_INSERTCOLUMNW,2,(LPARAM)&lvCol); - - lvCol.pszText = GetString ("ENCRYPTION_ALGORITHM_LV"); - lvCol.cx = CompensateXDPI (123); - lvCol.fmt = LVCFMT_LEFT; - SendMessage (hTree,LVM_INSERTCOLUMNW,3,(LPARAM)&lvCol); - - lvCol.pszText = GetString ("TYPE"); - lvCol.cx = CompensateXDPI (100); - lvCol.fmt = LVCFMT_LEFT; - SendMessage (hTree,LVM_INSERTCOLUMNW,4,(LPARAM)&lvCol); - - // Regular drive icon - - hBitmap = LoadBitmap (hInst, MAKEINTRESOURCE (IDB_DRIVEICON)); - if (hBitmap == NULL) - return; - hBitmapMask = LoadBitmap (hInst, MAKEINTRESOURCE (IDB_DRIVEICON_MASK)); - - hList = CreateImageList (16, 12, ILC_COLOR8|ILC_MASK, 2, 2); - if (AddBitmapToImageList (hList, hBitmap, hBitmapMask) == -1) - { - DeleteObject (hBitmap); - DeleteObject (hBitmapMask); - return; - } - else - { - DeleteObject (hBitmap); - DeleteObject (hBitmapMask); - } - - // System drive icon - - hBitmap = LoadBitmap (hInst, MAKEINTRESOURCE (IDB_SYS_DRIVEICON)); - if (hBitmap == NULL) - return; - hBitmapMask = LoadBitmap (hInst, MAKEINTRESOURCE (IDB_SYS_DRIVEICON_MASK)); - - if (AddBitmapToImageList (hList, hBitmap, hBitmapMask) == -1) - { - DeleteObject (hBitmap); - DeleteObject (hBitmapMask); - return; - } - else - { - DeleteObject (hBitmap); - DeleteObject (hBitmapMask); - } - - ListView_SetImageList (hTree, hList, LVSIL_NORMAL); - ListView_SetImageList (hTree, hList, LVSIL_SMALL); - - LoadDriveLetters (hwndDlg, hTree, 0); -} - -LPARAM GetSelectedLong (HWND hTree) -{ - int hItem = ListView_GetSelectionMark (hTree); - LVITEM item; - - if (nSelectedDriveIndex >= 0) - hItem = nSelectedDriveIndex; - - memset(&item, 0, sizeof(LVITEM)); - item.mask = LVIF_PARAM; - item.iItem = hItem; - - if ( (ListView_GetItemCount (hTree) < 1) - || (ListView_GetItem (hTree, &item) == FALSE) - ) - return MAKELONG (0xffff, 0xffff); - else - return item.lParam; -} - -LPARAM GetItemLong (HWND hTree, int itemNo) -{ - LVITEM item; - - memset(&item, 0, sizeof(LVITEM)); - item.mask = LVIF_PARAM; - item.iItem = itemNo; - - if (ListView_GetItem (hTree, &item) == FALSE) - return MAKELONG (0xffff, 0xffff); - else - return item.lParam; -} - -static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, int *pim, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions) -{ - INT_PTR result; - PasswordDlgParam dlgParam; - - PasswordDialogTitleStringId = titleStringId; - PasswordDialogDisableMountOptions = !enableMountOptions; - - dlgParam.password = password; - dlgParam.pkcs5 = pkcs5; - dlgParam.pim = pim; - dlgParam.truecryptMode = truecryptMode; - - result = DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_PASSWORD_DLG), hwndDlg, - (DLGPROC) PasswordDlgProc, (LPARAM) &dlgParam); - - if (result != IDOK) - { - password->Length = 0; - *pkcs5 = 0; - *pim = -1; - *truecryptMode = FALSE; - burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); - burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); - } - - return result == IDOK; -} - -// GUI actions - -static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim) -{ - BOOL status = FALSE; - wchar_t fileName[MAX_PATH]; - int mounted = 0, EffectiveVolumePkcs5 = CmdVolumePkcs5; - BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode; - int EffectiveVolumePim = (pim < 0)? CmdVolumePim : pim; - BOOL bEffectiveCacheDuringMultipleMount = bCmdCacheDuringMultipleMount? TRUE: bCacheDuringMultipleMount; - BOOL bEffectiveTryEmptyPasswordWhenKeyfileUsed = bCmdTryEmptyPasswordWhenKeyfileUsedValid? bCmdTryEmptyPasswordWhenKeyfileUsed : bTryEmptyPasswordWhenKeyfileUsed; - BOOL bUseCmdVolumePassword = CmdVolumePasswordValid && ((CmdVolumePassword.Length > 0) || (KeyFilesEnable && FirstKeyFile)); - - /* Priority is given to command line parameters - * Default values used only when nothing specified in command line - */ - if (EffectiveVolumePkcs5 == 0) - EffectiveVolumePkcs5 = DefaultVolumePkcs5; - if (!EffectiveVolumeTrueCryptMode) - EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode; - - bPrebootPasswordDlgMode = mountOptions.PartitionInInactiveSysEncScope; - - if (nDosDriveNo == -1) - nDosDriveNo = HIWORD (GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST))) - L'A'; - - if (!MultipleMountOperationInProgress) - { - VolumePassword.Length = 0; - VolumePkcs5 = 0; - VolumeTrueCryptMode = FALSE; - VolumePim = -1; - } - - if (szFileName == NULL) - { - GetVolumePath (hwndDlg, fileName, ARRAYSIZE (fileName)); - } - else - StringCchCopyW (fileName, ARRAYSIZE (fileName), szFileName); - - if (wcslen(fileName) == 0) - { - status = FALSE; - goto ret; - } - - if (!TranslateVolumeID (hwndDlg, fileName, ARRAYSIZE (fileName))) - { - status = FALSE; - goto ret; - } - - szFileName = fileName; - - if (IsMountedVolume (szFileName)) - { - Warning ("VOL_ALREADY_MOUNTED", hwndDlg); - status = FALSE; - goto ret; - } - - if (!VolumePathExists (szFileName)) - { - if (!MultipleMountOperationInProgress) - handleWin32Error (hwndDlg, SRC_POS); - - status = FALSE; - goto ret; - } - - ResetWrongPwdRetryCount (); - - WaitCursor (); - - if (!bUseCmdVolumePassword) - { - // First try cached passwords and if they fail ask user for a new one - // try TrueCrypt mode first since it is quick, only if no custom pim specified - if (EffectiveVolumePim <= 0) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); - if (!mounted) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); - - // If keyfiles are enabled, test empty password first - if (!mounted && KeyFilesEnable && FirstKeyFile && bEffectiveTryEmptyPasswordWhenKeyfileUsed) - { - Password emptyPassword; - emptyPassword.Length = 0; - - KeyFilesApply (hwndDlg, &emptyPassword, FirstKeyFile, szFileName); - // try TrueCrypt mode first since it is quick, only if no custom pim specified - if (EffectiveVolumePim <= 0) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); - if (!mounted) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); - - burn (&emptyPassword, sizeof (emptyPassword)); - } - } - - // Test password and/or keyfiles used for the previous volume - if (!mounted && bEffectiveCacheDuringMultipleMount && MultipleMountOperationInProgress && VolumePassword.Length != 0) - { - // try TrueCrypt mode first as it is quick, only if no custom pim specified - if (EffectiveVolumePim <= 0) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); - if (!mounted) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); - } - - NormalCursor (); - - if (mounted) - { - - // Check for problematic file extensions (exe, dll, sys) - if (CheckFileExtension(szFileName)) - Warning ("EXE_FILE_EXTENSION_MOUNT_WARNING", hwndDlg); - } - - while (mounted == 0) - { - if (bUseCmdVolumePassword) - { - VolumePassword = CmdVolumePassword; - VolumePkcs5 = EffectiveVolumePkcs5; - VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode; - VolumePim = EffectiveVolumePim; - } - else if (!Silent) - { - int GuiPkcs5 = EffectiveVolumePkcs5; - BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode; - int GuiPim = EffectiveVolumePim; - StringCbCopyW (PasswordDlgVolume, sizeof(PasswordDlgVolume), szFileName); - - if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &GuiTrueCryptMode, NULL, TRUE)) - goto ret; - else - { - VolumePkcs5 = GuiPkcs5; - VolumeTrueCryptMode = GuiTrueCryptMode; - VolumePim = GuiPim; - burn (&GuiPkcs5, sizeof(GuiPkcs5)); - burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode)); - burn (&GuiPim, sizeof(GuiPim)); - } - } - - WaitCursor (); - - if (KeyFilesEnable) - KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, szFileName); - - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, !Silent); - NormalCursor (); - - // Check for problematic file extensions (exe, dll, sys) - if (mounted > 0 && CheckFileExtension (szFileName)) - Warning ("EXE_FILE_EXTENSION_MOUNT_WARNING", hwndDlg); - - if (!MultipleMountOperationInProgress) - { - burn (&VolumePassword, sizeof (VolumePassword)); - burn (&VolumePkcs5, sizeof (VolumePkcs5)); - burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); - burn (&VolumePim, sizeof (VolumePim)); - } - - burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); - burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); - - if (CmdVolumePassword.Length > 0 || Silent) - break; - } - - if (mounted > 0) - { - status = TRUE; - - if (bBeep) - MessageBeep (0xFFFFFFFF); - - RefreshMainDlg(MainDlg); - - if (bExplore) - { - WaitCursor(); - OpenVolumeExplorerWindow (nDosDriveNo); - NormalCursor(); - } - - if (mountOptions.ProtectHiddenVolume) - Info ("HIDVOL_PROT_WARN_AFTER_MOUNT", hwndDlg); - } - -ret: - if (!MultipleMountOperationInProgress) - { - burn (&VolumePassword, sizeof (VolumePassword)); - burn (&VolumePkcs5, sizeof (VolumePkcs5)); - burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); - burn (&VolumePim, sizeof (VolumePim)); - } - - burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); - burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); - - RestoreDefaultKeyFilesParam (); - - if (UsePreferences) - bCacheInDriver = bCacheInDriverDefault; - - if (status && CloseSecurityTokenSessionsAfterMount && !MultipleMountOperationInProgress) - SecurityToken::CloseAllSessions(); - - return status; -} - - -static BOOL Dismount (HWND hwndDlg, int nDosDriveNo) -{ - BOOL status = FALSE; - WaitCursor (); - - if (nDosDriveNo == -2) - nDosDriveNo = (char) (HIWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) - L'A'); - - if (bCloseDismountedWindows) - { - CloseVolumeExplorerWindows (hwndDlg, nDosDriveNo); - } - - if (UnmountVolume (hwndDlg, nDosDriveNo, bForceUnmount)) - { - status = TRUE; - - if (bBeep) - MessageBeep (0xFFFFFFFF); - RefreshMainDlg (hwndDlg); - - if (nCurrentOS == WIN_2000 && RemoteSession && !IsAdmin ()) - LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), 0); - } - - NormalCursor (); - return status; -} - -void __cdecl mountThreadFunction (void *hwndDlgArg) -{ - HWND hwndDlg =(HWND) hwndDlgArg; - BOOL bIsForeground = (GetForegroundWindow () == hwndDlg)? TRUE : FALSE; - // Disable parent dialog during processing to avoid user interaction - EnableWindow(hwndDlg, FALSE); - finally_do_arg2 (HWND, hwndDlg, BOOL, bIsForeground, { EnableWindow(finally_arg, TRUE); if (finally_arg2) BringToForeground (finally_arg); bPrebootPasswordDlgMode = FALSE;}); - - Mount (hwndDlg, -1, 0, -1); -} - -typedef struct -{ - UNMOUNT_STRUCT* punmount; - BOOL interact; - int dismountMaxRetries; - int dismountAutoRetryDelay; - BOOL* pbResult; - DWORD* pdwResult; - DWORD dwLastError; - BOOL bReturn; -} DismountAllThreadParam; - -void CALLBACK DismountAllThreadProc(void* pArg, HWND hwndDlg) -{ - DismountAllThreadParam* pThreadParam = (DismountAllThreadParam*) pArg; - UNMOUNT_STRUCT* punmount = pThreadParam->punmount; - BOOL* pbResult = pThreadParam->pbResult; - DWORD* pdwResult = pThreadParam->pdwResult; - int dismountMaxRetries = pThreadParam->dismountMaxRetries; - int dismountAutoRetryDelay = pThreadParam->dismountAutoRetryDelay; - - do - { - *pbResult = DeviceIoControl (hDriver, TC_IOCTL_DISMOUNT_ALL_VOLUMES, punmount, - sizeof (UNMOUNT_STRUCT), punmount, sizeof (UNMOUNT_STRUCT), pdwResult, NULL); - - if ( punmount->nDosDriveNo < 0 || punmount->nDosDriveNo > 25 - || (punmount->ignoreOpenFiles != TRUE && punmount->ignoreOpenFiles != FALSE) - || (punmount->HiddenVolumeProtectionTriggered != TRUE && punmount->HiddenVolumeProtectionTriggered != FALSE) - || (punmount->nReturnCode < 0) - ) - { - if (*pbResult) - SetLastError (ERROR_INTERNAL_ERROR); - *pbResult = FALSE; - } - - if (*pbResult == FALSE) - { - NormalCursor(); - handleWin32Error (hwndDlg, SRC_POS); - pThreadParam->dwLastError = GetLastError (); - pThreadParam->bReturn = FALSE; - return; - } - - if (punmount->nReturnCode == ERR_SUCCESS - && punmount->HiddenVolumeProtectionTriggered - && !VolumeNotificationsList.bHidVolDamagePrevReported [punmount->nDosDriveNo] - && pThreadParam->interact - && !Silent) - { - wchar_t msg[4096]; - - VolumeNotificationsList.bHidVolDamagePrevReported [punmount->nDosDriveNo] = TRUE; - - StringCbPrintfW (msg, sizeof(msg), GetString ("DAMAGE_TO_HIDDEN_VOLUME_PREVENTED"), punmount->nDosDriveNo + L'A'); - SetForegroundWindow (hwndDlg); - MessageBoxW (hwndDlg, msg, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); - - punmount->HiddenVolumeProtectionTriggered = FALSE; - continue; - } - - if (punmount->nReturnCode == ERR_FILES_OPEN) - Sleep (dismountAutoRetryDelay); - else - break; - - } while (--dismountMaxRetries > 0); - - pThreadParam->dwLastError = GetLastError (); - pThreadParam->bReturn = TRUE; -} - -static BOOL DismountAll (HWND hwndDlg, BOOL forceUnmount, BOOL interact, int dismountMaxRetries, int dismountAutoRetryDelay) -{ - BOOL status = TRUE; - MOUNT_LIST_STRUCT mountList = {0}; - DWORD dwResult; - UNMOUNT_STRUCT unmount = {0}; - BOOL bResult; - MOUNT_LIST_STRUCT prevMountList = {0}; - int i; - DismountAllThreadParam dismountAllThreadParam; - -retry: - WaitCursor(); - - DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mountList, sizeof (mountList), &mountList, sizeof (mountList), &dwResult, NULL); - - if (mountList.ulMountedDrives == 0) - { - NormalCursor(); - return TRUE; - } - - BroadcastDeviceChange (DBT_DEVICEREMOVEPENDING, 0, mountList.ulMountedDrives); - - memcpy (&prevMountList, &mountList, sizeof (mountList)); - - for (i = 0; i < 26; i++) - { - if (mountList.ulMountedDrives & (1 << i)) - { - if (bCloseDismountedWindows) - CloseVolumeExplorerWindows (hwndDlg, i); - } - } - - unmount.nDosDriveNo = 0; - unmount.ignoreOpenFiles = forceUnmount; - - dismountAllThreadParam.punmount = &unmount; - dismountAllThreadParam.interact = interact; - dismountAllThreadParam.dismountMaxRetries = dismountMaxRetries; - dismountAllThreadParam.dismountAutoRetryDelay = dismountAutoRetryDelay; - dismountAllThreadParam.pbResult = &bResult; - dismountAllThreadParam.pdwResult = &dwResult; - dismountAllThreadParam.dwLastError = ERROR_SUCCESS; - dismountAllThreadParam.bReturn = TRUE; - - if (interact && !Silent) - { - - ShowWaitDialog (hwndDlg, FALSE, DismountAllThreadProc, &dismountAllThreadParam); - } - else - DismountAllThreadProc (&dismountAllThreadParam, hwndDlg); - - SetLastError (dismountAllThreadParam.dwLastError); - - if (!dismountAllThreadParam.bReturn) - return FALSE; - - memset (&mountList, 0, sizeof (mountList)); - DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mountList, sizeof (mountList), &mountList, sizeof (mountList), &dwResult, NULL); - - // remove any custom label from registry - for (i = 0; i < 26; i++) - { - if ((prevMountList.ulMountedDrives & (1 << i)) && (!(mountList.ulMountedDrives & (1 << i))) && wcslen (prevMountList.wszLabel[i])) - { - UpdateDriveCustomLabel (i, prevMountList.wszLabel[i], FALSE); - } - } - - BroadcastDeviceChange (DBT_DEVICEREMOVECOMPLETE, 0, prevMountList.ulMountedDrives & ~mountList.ulMountedDrives); - - RefreshMainDlg (hwndDlg); - - if (nCurrentOS == WIN_2000 && RemoteSession && !IsAdmin ()) - LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), 0); - - NormalCursor(); - - if (unmount.nReturnCode != 0) - { - if (forceUnmount) - status = FALSE; - - if (unmount.nReturnCode == ERR_FILES_OPEN) - { - if (interact && IDYES == AskWarnYesNoTopmost ("UNMOUNTALL_LOCK_FAILED", hwndDlg)) - { - forceUnmount = TRUE; - goto retry; - } - - if (IsOSAtLeast (WIN_7)) - { - // Undo SHCNE_DRIVEREMOVED - DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, NULL, 0, &mountList, sizeof (mountList), &dwResult, NULL); - - for (i = 0; i < 26; i++) - { - if (mountList.ulMountedDrives & (1 << i)) - { - wchar_t root[] = { (wchar_t) i + L'A', L':', L'\\', 0 }; - SHChangeNotify (SHCNE_DRIVEADD, SHCNF_PATH, root, NULL); - } - } - } - - return FALSE; - } - - if (interact) - MessageBoxW (hwndDlg, GetString ("UNMOUNT_FAILED"), lpszTitle, MB_ICONERROR); - } - else - { - if (bBeep) - MessageBeep (0xFFFFFFFF); - } - - return status; -} - -static BOOL MountAllDevicesThreadCode (HWND hwndDlg, BOOL bPasswordPrompt) -{ - HWND driveList = GetDlgItem (MainDlg, IDC_DRIVELIST); - int selDrive = ListView_GetSelectionMark (driveList); - BOOL shared = FALSE, status = FALSE, bHeaderBakRetry = FALSE; - int mountedVolCount = 0; - vector devices; - int EffectiveVolumePkcs5 = CmdVolumePkcs5; - BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode; - - /* Priority is given to command line parameters - * Default values used only when nothing specified in command line - */ - if (EffectiveVolumePkcs5 == 0) - EffectiveVolumePkcs5 = DefaultVolumePkcs5; - if (!EffectiveVolumeTrueCryptMode) - EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode; - - VolumePassword.Length = 0; - mountOptions = defaultMountOptions; - bPrebootPasswordDlgMode = FALSE; - VolumePim = -1; - - if (selDrive == -1) - selDrive = 0; - - ResetWrongPwdRetryCount (); - - MultipleMountOperationInProgress = TRUE; - - do - { - if (!bHeaderBakRetry) - { - if (!CmdVolumePasswordValid && bPasswordPrompt) - { - int GuiPkcs5 = EffectiveVolumePkcs5; - BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode; - int GuiPim = CmdVolumePim; - PasswordDlgVolume[0] = '\0'; - if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &GuiTrueCryptMode, NULL, TRUE)) - goto ret; - else - { - VolumePkcs5 = GuiPkcs5; - VolumeTrueCryptMode = GuiTrueCryptMode; - VolumePim = GuiPim; - burn (&GuiPkcs5, sizeof(GuiPkcs5)); - burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode)); - burn (&GuiPim, sizeof(GuiPim)); - } - } - else if (CmdVolumePasswordValid) - { - bPasswordPrompt = FALSE; - VolumePassword = CmdVolumePassword; - VolumePkcs5 = EffectiveVolumePkcs5; - VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode; - VolumePim = CmdVolumePim; - } - - WaitCursor(); - - if (FirstCmdKeyFile) - KeyFilesApply (hwndDlg, &VolumePassword, FirstCmdKeyFile, NULL); - else if (KeyFilesEnable) - KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, NULL); - - } - - if (devices.empty()) - devices = GetAvailableHostDevices (true, false, true, true); - foreach (const HostDevice &drive, devices) - { - vector partitions = drive.Partitions; - partitions.insert (partitions.begin(), drive); - - foreach (const HostDevice &device, partitions) - { - wchar_t szFileName[TC_MAX_PATH]; - StringCbCopyW (szFileName, sizeof (szFileName), device.Path.c_str()); - BOOL mounted = IsMountedVolume (szFileName); - - // Skip other partitions of the disk if partition0 (whole disk) is mounted - if (!device.IsPartition && mounted) - break; - - if (device.Floppy) - break; - - if (device.HasUnencryptedFilesystem && !mountOptions.UseBackupHeader && !bHeaderBakRetry) - continue; - - if (!mounted) - { - int nDosDriveNo; - int driveAItem = -1, driveBItem = -1; - - while (LOWORD (GetItemLong (driveList, selDrive)) != 0xffff) - { - if(LOWORD (GetItemLong (driveList, selDrive)) != TC_MLIST_ITEM_FREE) - { - selDrive++; - continue; - } - nDosDriveNo = HIWORD(GetItemLong (driveList, selDrive)) - L'A'; - - /* don't use drives A: and B: for now until no other free drive found */ - if (nDosDriveNo == 0) - { - driveAItem = selDrive; - selDrive++; - continue; - } - if (nDosDriveNo == 1) - { - driveBItem = selDrive; - selDrive++; - continue; - } - break; - } - - if (LOWORD (GetItemLong (driveList, selDrive)) == 0xffff) - { - /* use A: or B: if available as a last resort */ - if (driveAItem >= 0) - { - nDosDriveNo = 0; - selDrive = driveAItem; - } - else if (driveBItem >= 0) - { - nDosDriveNo = 1; - selDrive = driveBItem; - } - else - goto ret; - } - - // First try user password then cached passwords - if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, TRUE, FALSE)) > 0 - || ((VolumePassword.Length > 0) && ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, TRUE, FALSE)) > 0))) - { - // A volume has been successfully mounted - - ResetWrongPwdRetryCount (); - - if (mounted == 2) - shared = TRUE; - - LoadDriveLetters (hwndDlg, driveList, (HIWORD (GetItemLong (GetDlgItem (MainDlg, IDC_DRIVELIST), selDrive)))); - selDrive++; - - if (bExplore) - { - WaitCursor(); - OpenVolumeExplorerWindow (nDosDriveNo); - NormalCursor(); - } - - if (bBeep) - MessageBeep (0xFFFFFFFF); - - status = TRUE; - - mountedVolCount++; - - // Skip other partitions of the disk if partition0 (whole disk) has been mounted - if (!device.IsPartition) - break; - } - } - } - } - - if (mountedVolCount < 1) - { - // Failed to mount any volume - - IncreaseWrongPwdRetryCount (1); - - if (WrongPwdRetryCountOverLimit () - && !mountOptions.UseBackupHeader - && !bHeaderBakRetry) - { - // Retry using embedded header backup (if any) - mountOptions.UseBackupHeader = TRUE; - bHeaderBakRetry = TRUE; - } - else if (bHeaderBakRetry) - { - mountOptions.UseBackupHeader = defaultMountOptions.UseBackupHeader; - bHeaderBakRetry = FALSE; - } - - if (!Silent && !bHeaderBakRetry) - { - WCHAR szTmp[4096]; - - StringCbPrintfW (szTmp, sizeof(szTmp), GetString (KeyFilesEnable || FirstCmdKeyFile ? "PASSWORD_OR_KEYFILE_WRONG_AUTOMOUNT" : "PASSWORD_WRONG_AUTOMOUNT")); - if (CheckCapsLock (hwndDlg, TRUE)) - StringCbCatW (szTmp, sizeof(szTmp), GetString ("PASSWORD_WRONG_CAPSLOCK_ON")); - - MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONWARNING); - } - } - else if (bHeaderBakRetry) - { - // We have successfully mounted a volume using the header backup embedded in the volume (the header is damaged) - mountOptions.UseBackupHeader = defaultMountOptions.UseBackupHeader; - bHeaderBakRetry = FALSE; - - if (!Silent) - Warning ("HEADER_DAMAGED_AUTO_USED_HEADER_BAK", hwndDlg); - } - - if (!bHeaderBakRetry) - { - burn (&VolumePassword, sizeof (VolumePassword)); - burn (&VolumePkcs5, sizeof (VolumePkcs5)); - burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); - burn (&VolumePim, sizeof (VolumePim)); - burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); - burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); - } - - } while (bPasswordPrompt && mountedVolCount < 1); - - /* One or more volumes successfully mounted */ - - ResetWrongPwdRetryCount (); - - if (shared) - Warning ("DEVICE_IN_USE_INFO", hwndDlg); - - if (mountOptions.ProtectHiddenVolume) - { - if (mountedVolCount > 1) - Info ("HIDVOL_PROT_WARN_AFTER_MOUNT_PLURAL", hwndDlg); - else if (mountedVolCount == 1) - Info ("HIDVOL_PROT_WARN_AFTER_MOUNT", hwndDlg); - } - - if (status && CloseSecurityTokenSessionsAfterMount) - SecurityToken::CloseAllSessions(); - -ret: - MultipleMountOperationInProgress = FALSE; - - burn (&VolumePassword, sizeof (VolumePassword)); - burn (&VolumePkcs5, sizeof (VolumePkcs5)); - burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); - burn (&VolumePim, sizeof (VolumePim)); - burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); - burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); - - mountOptions.UseBackupHeader = defaultMountOptions.UseBackupHeader; - - RestoreDefaultKeyFilesParam (); - - if (UsePreferences) - bCacheInDriver = bCacheInDriverDefault; - - EnableDisableButtons (MainDlg); - - NormalCursor(); - - return status; -} - -typedef struct -{ - BOOL bPasswordPrompt; - BOOL bRet; -} MountAllDevicesThreadParam; - -void CALLBACK mountAllDevicesThreadProc(void* pArg, HWND hwndDlg) -{ - MountAllDevicesThreadParam* threadParam =(MountAllDevicesThreadParam*) pArg; - BOOL bPasswordPrompt = threadParam->bPasswordPrompt; - - threadParam->bRet = MountAllDevicesThreadCode (hwndDlg, bPasswordPrompt); -} - -static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt) -{ - MountAllDevicesThreadParam param; - param.bPasswordPrompt = bPasswordPrompt; - param.bRet = FALSE; - - ShowWaitDialog (hwndDlg, FALSE, mountAllDevicesThreadProc, ¶m); - - return param.bRet; -} - -static void ChangePassword (HWND hwndDlg) -{ - INT_PTR result; - int newPimValue = -1; - - GetVolumePath (hwndDlg, szFileName, ARRAYSIZE (szFileName)); - - if (!TranslateVolumeID (hwndDlg, szFileName, ARRAYSIZE (szFileName))) - { - return; - } - - if (IsMountedVolume (szFileName)) - { - Warning (pwdChangeDlgMode == PCDM_CHANGE_PKCS5_PRF ? "MOUNTED_NO_PKCS5_PRF_CHANGE" : "MOUNTED_NOPWCHANGE", hwndDlg); - return; - } - - if (!VolumePathExists (szFileName)) - { - handleWin32Error (hwndDlg, SRC_POS); - return; - } - - bSysEncPwdChangeDlgMode = FALSE; - - result = DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_PASSWORDCHANGE_DLG), hwndDlg, - (DLGPROC) PasswordChangeDlgProc, (LPARAM) &newPimValue); - - if (result == IDOK) - { - switch (pwdChangeDlgMode) - { - case PCDM_CHANGE_PKCS5_PRF: - Info ("PKCS5_PRF_CHANGED", hwndDlg); - break; - - case PCDM_ADD_REMOVE_VOL_KEYFILES: - case PCDM_REMOVE_ALL_KEYFILES_FROM_VOL: - Info ("KEYFILE_CHANGED", hwndDlg); - break; - - case PCDM_CHANGE_PASSWORD: - default: - { - Info ("PASSWORD_CHANGED", hwndDlg); - if (newPimValue != -1) - { - // update the encoded volue in favorite XML if found - bool bFavoriteFound = false; - for (vector ::iterator favorite = FavoriteVolumes.begin(); - favorite != FavoriteVolumes.end(); favorite++) - { - if (favorite->Path == szFileName) - { - bFavoriteFound = true; - favorite->Pim = newPimValue; - SaveFavoriteVolumes (hwndDlg, FavoriteVolumes, false); - break; - } - } - - if (!bFavoriteFound) - { - for (vector ::iterator favorite = SystemFavoriteVolumes.begin(); - favorite != SystemFavoriteVolumes.end(); favorite++) - { - if (favorite->Path == szFileName) - { - bFavoriteFound = true; - favorite->Pim = newPimValue; - - if (AskYesNo("FAVORITE_PIM_CHANGED", hwndDlg) == IDYES) - { - SaveFavoriteVolumes (hwndDlg, SystemFavoriteVolumes, true); - } - break; - } - } - } - } - } - } - } -} - -// Change password of the system partition/drive -static void ChangeSysEncPassword (HWND hwndDlg, BOOL bOnlyChangeKDF) -{ - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - if (!BootEncStatus.DriveEncrypted - && !BootEncStatus.DriveMounted - && !BootEncStatus.VolumeHeaderPresent - && !SysEncryptionOrDecryptionRequired ()) - { - Warning ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg); - return; - } - - if (SysEncryptionOrDecryptionRequired () - || BootEncStatus.SetupInProgress) - { - Warning ("SYSTEM_ENCRYPTION_NOT_COMPLETED", hwndDlg); - return; - } - - if (CreateSysEncMutex ()) // If no instance of the wizard is currently taking care of system encryption - { - StringCbPrintfW (OrigKeyboardLayout, sizeof(OrigKeyboardLayout), L"%08X", (DWORD) GetKeyboardLayout (NULL) & 0xFFFF); - - bSysEncPwdChangeDlgMode = TRUE; - - if (bOnlyChangeKDF) - pwdChangeDlgMode = PCDM_CHANGE_PKCS5_PRF; - else - pwdChangeDlgMode = PCDM_CHANGE_PASSWORD; - - - INT_PTR result = DialogBoxW (hInst, MAKEINTRESOURCEW (IDD_PASSWORDCHANGE_DLG), hwndDlg, (DLGPROC) PasswordChangeDlgProc); - - bSysEncPwdChangeDlgMode = FALSE; - - if (bKeyboardLayoutChanged) - { - // Restore the original keyboard layout - if (LoadKeyboardLayout (OrigKeyboardLayout, KLF_ACTIVATE | KLF_SUBSTITUTE_OK) == NULL) - Warning ("CANNOT_RESTORE_KEYBOARD_LAYOUT", hwndDlg); - else - bKeyboardLayoutChanged = FALSE; - } - - bKeybLayoutAltKeyWarningShown = FALSE; - - if (result == IDOK) - { - switch (pwdChangeDlgMode) - { - case PCDM_CHANGE_PKCS5_PRF: - Info ("PKCS5_PRF_CHANGED", hwndDlg); - - if (!IsHiddenOSRunning()) - { - if (AskWarnYesNo ("SYS_HKD_ALGO_CHANGED_ASK_RESCUE_DISK", hwndDlg) == IDYES) - CreateRescueDisk (hwndDlg); - } - - break; - - case PCDM_ADD_REMOVE_VOL_KEYFILES: - case PCDM_REMOVE_ALL_KEYFILES_FROM_VOL: - // NOP - Keyfiles are not supported for system encryption - break; - - case PCDM_CHANGE_PASSWORD: - default: - Info ("PASSWORD_CHANGED", hwndDlg); - - if (!IsHiddenOSRunning()) - { - if (AskWarnYesNo ("SYS_PASSWORD_CHANGED_ASK_RESCUE_DISK", hwndDlg) == IDYES) - CreateRescueDisk (hwndDlg); - } - } - } - - CloseSysEncMutex (); - } - else - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); -} - -// Initiates or resumes encryption of the system partition/drive -static void EncryptSystemDevice (HWND hwndDlg) -{ - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - if (!BootEncStatus.DriveEncrypted - && !BootEncStatus.DriveMounted - && !SysEncryptionOrDecryptionRequired ()) - { - // System partition/drive is not encrypted (nothing to resume). Initiate the process. - - if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption - { - LaunchVolCreationWizard (hwndDlg, L"/sysenc"); - } - else - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); - - return; - } - else if (SysEncryptionOrDecryptionRequired ()) - { - // System partition/drive encryption already initiated but is incomplete -- attempt to resume the process. - // Note that this also covers the pretest phase and paused decryption (reverses decrypting and starts encrypting) - - if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption - { - LaunchVolCreationWizard (hwndDlg, L"/sysenc"); - } - else - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); - } - else if (SysDriveOrPartitionFullyEncrypted (FALSE)) - { - // System partition/drive appears to be fully encrypted - Info ("SYS_PARTITION_OR_DRIVE_APPEARS_FULLY_ENCRYPTED", hwndDlg); - return; - } -} - -// Initiates decryption of the system partition/drive -static void DecryptSystemDevice (HWND hwndDlg) -{ - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - if (!BootEncStatus.DriveEncrypted - && !BootEncStatus.DriveMounted - && !BootEncStatus.DeviceFilterActive - && !BootEncStatus.VolumeHeaderPresent - && !SysEncryptionOrDecryptionRequired ()) - { - Warning ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg); - return; - } - - if (IsHiddenOSRunning()) - { - Warning ("CANNOT_DECRYPT_HIDDEN_OS", hwndDlg); - return; - } - - if (AskNoYes ("CONFIRM_DECRYPT_SYS_DEVICE", hwndDlg) == IDNO) - return; - - if (AskWarnNoYes ("CONFIRM_DECRYPT_SYS_DEVICE_CAUTION", hwndDlg) == IDNO) - return; - - if (CreateSysEncMutex ()) // If no instance of the wizard is currently taking care of system encryption - { - try - { - // User-mode app may have crashed and its mutex may have gotten lost, so we need to check the driver status too - if (BootEncStatus.SetupInProgress) - { - int attempts = 20; - - BootEncObj->AbortSetup (); - while (BootEncStatus.SetupInProgress && attempts > 0) - { - Sleep (100); - BootEncStatus = BootEncObj->GetStatus(); - attempts--; - WaitCursor(); - } - } - } - catch (Exception &e) - { - e.Show (MainDlg); - } - NormalCursor (); - - if (BootEncStatus.SetupInProgress) - { - CloseSysEncMutex (); - Error ("SYS_ENCRYPTION_OR_DECRYPTION_IN_PROGRESS", hwndDlg); - return; - } - - CloseSysEncMutex (); - LaunchVolCreationWizard (hwndDlg, L"/dsysenc"); - } - else - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); -} - -// Initiates the process of creation of a hidden operating system -static void CreateHiddenOS (HWND hwndDlg) -{ - - // Display brief information as to what a hidden operating system is and what it's good for. This needs to be - // done, because if the system partition/drive is currently encrypted, the wizard will not display any - // such information, but will exit (displaying only an error meessage). - Info("HIDDEN_OS_PREINFO", hwndDlg); - - LaunchVolCreationWizard (hwndDlg, L"/isysenc"); -} - -static void DecryptNonSysDevice (HWND hwndDlg, BOOL bResolveAmbiguousSelection, BOOL bUseDriveListSel) -{ - wstring scPath; - - if (bResolveAmbiguousSelection) - { - scPath = ResolveAmbiguousSelection (hwndDlg, NULL); - - if (scPath.empty ()) - { - // The user selected Cancel - return; - } - } - else if (bUseDriveListSel) - { - // Decrypt mounted volume selected in the main drive list - - LPARAM lLetter = GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST)); - - if (LOWORD (lLetter) != 0xffff) - { - VOLUME_PROPERTIES_STRUCT prop; - DWORD bytesReturned; - - memset (&prop, 0, sizeof (prop)); - prop.driveNo = (wchar_t) HIWORD (lLetter) - L'A'; - - if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &bytesReturned, NULL)) - { - handleWin32Error (MainDlg, SRC_POS); - return; - } - - scPath = prop.wszVolume; - } - else - return; - } - else - { - // Decrypt volume specified in the input field below the main drive list - - wchar_t volPath [TC_MAX_PATH]; - - GetVolumePath (MainDlg, volPath, ARRAYSIZE (volPath)); - - scPath = volPath; - } - - if (scPath.empty ()) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - return; - } - - WaitCursor(); - - switch (IsSystemDevicePath (scPath.c_str (), MainDlg, TRUE)) - { - case 1: - case 2: - // The user wants to decrypt the system partition/drive. Divert to the appropriate function. - - NormalCursor (); - - DecryptSystemDevice (hwndDlg); - return; - } - - WaitCursor(); - - // Make sure the user is not attempting to decrypt a partition on an entirely encrypted system drive. - if (IsNonSysPartitionOnSysDrive (scPath.c_str ()) == 1) - { - if (WholeSysDriveEncryption (TRUE)) - { - // The system drive is entirely encrypted and the encrypted OS is running - - NormalCursor (); - - Warning ("CANT_DECRYPT_PARTITION_ON_ENTIRELY_ENCRYPTED_SYS_DRIVE", hwndDlg); - return; - } - } - else if (TCBootLoaderOnInactiveSysEncDrive ((wchar_t *) scPath.c_str ())) - { - // The system drive MAY be entirely encrypted (external access without PBA) and the potentially encrypted OS is not running - - NormalCursor (); - - Warning ("CANT_DECRYPT_PARTITION_ON_ENTIRELY_ENCRYPTED_SYS_DRIVE_UNSURE", hwndDlg); - - // We allow the user to continue as we don't know if the drive is really an encrypted system drive. - // If it is, the user has been warned and he will not be able to start decrypting, because the - // format wizard will not enable (nor will it allow the user to enable) the mount option for - // external without-PBA access (the user will receive the 'Incorrect password' error message). - } - - NormalCursor (); - - - if (AskNoYesString ((wstring (GetString ("CONFIRM_DECRYPT_NON_SYS_DEVICE")) + L"\n\n" + scPath).c_str(), hwndDlg) == IDNO) - return; - - if (AskWarnNoYes ("CONFIRM_DECRYPT_NON_SYS_DEVICE_CAUTION", hwndDlg) == IDNO) - return; - - LaunchVolCreationWizard (hwndDlg, (wstring (L"/inplacedec \"") + scPath + L"\"").c_str ()); -} - -// Blindly attempts (without any checks) to instruct the wizard to resume whatever system encryption process -// had been interrupted or not started but scheduled or exptected to start. -static void ResumeInterruptedSysEncProcess (HWND hwndDlg) -{ - if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption - { - LaunchVolCreationWizard (MainDlg, L"/csysenc"); - } - else - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); -} - -void CreateRescueDisk (HWND hwndDlg) -{ - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - if (IsHiddenOSRunning()) - { - Warning ("CANNOT_CREATE_RESCUE_DISK_ON_HIDDEN_OS", hwndDlg); - return; - } - - if (!BootEncStatus.DriveEncrypted - && !BootEncStatus.DriveMounted - && !BootEncStatus.VolumeHeaderPresent - && !SysEncryptionOrDecryptionRequired ()) - { - Warning ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg); - return; - } - - if (SysEncryptionOrDecryptionRequired () - || BootEncStatus.SetupInProgress) - { - Warning ("SYSTEM_ENCRYPTION_NOT_COMPLETED", hwndDlg); - return; - } - - if (CreateSysEncMutex ()) // If no instance of the wizard is currently taking care of system encryption - { - try - { - wchar_t szTmp [8096]; - wchar_t szRescueDiskISO [TC_MAX_PATH+1]; - - if (AskOkCancel ("RESCUE_DISK_NON_WIZARD_CREATION_SELECT_PATH", hwndDlg) != IDOK) - { - CloseSysEncMutex (); - return; - } - - wchar_t initialDir[MAX_PATH]; - SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, initialDir); - - if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, TRUE, NULL, L"VeraCrypt Rescue Disk.iso", L"iso")) - { - CloseSysEncMutex (); - return; - } - - WaitCursor(); - BootEncObj->CreateRescueIsoImage (false, szRescueDiskISO); - - StringCbPrintfW (szTmp, sizeof szTmp, - GetString (IsWindowsIsoBurnerAvailable() ? "RESCUE_DISK_NON_WIZARD_CREATION_WIN_ISOBURN" : "RESCUE_DISK_NON_WIZARD_CREATION_BURN"), - szRescueDiskISO); - - if (IsWindowsIsoBurnerAvailable()) - { - if (AskYesNoString (szTmp, hwndDlg) == IDYES) - LaunchWindowsIsoBurner (MainDlg, szRescueDiskISO); - } - else - InfoDirect (szTmp, hwndDlg); - } - catch (Exception &e) - { - e.Show (hwndDlg); - Error ("ERROR_CREATING_RESCUE_DISK", hwndDlg); - } - CloseSysEncMutex (); - - NormalCursor (); - } - else - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); -} - -static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile) -{ - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - if (!BootEncStatus.DriveEncrypted - && !BootEncStatus.DriveMounted - && !BootEncStatus.VolumeHeaderPresent - && !SysEncryptionOrDecryptionRequired ()) - { - Warning ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg); - return; - } - - if (SysEncryptionOrDecryptionRequired () - || BootEncStatus.SetupInProgress) - { - Warning ("SYSTEM_ENCRYPTION_NOT_COMPLETED", hwndDlg); - return; - } - - if (CreateSysEncMutex ()) // If no instance of the wizard is currently taking care of system encryption - { - try - { - if (!checkIsoFile && (AskOkCancel ("RESCUE_DISK_NON_WIZARD_CHECK_INSERT", hwndDlg) != IDOK)) - { - CloseSysEncMutex (); - return; - } - - // Create a temporary up-to-date rescue disk image in RAM (with it the CD/DVD content will be compared) - BootEncObj->CreateRescueIsoImage (false, L""); - - - if (checkIsoFile) - { - wchar_t szRescueDiskISO [TC_MAX_PATH+1]; - wchar_t initialDir[MAX_PATH]; - SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, initialDir); - - if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, FALSE, NULL, L"VeraCrypt Rescue Disk.iso", L"iso")) - { - CloseSysEncMutex (); - return; - } - - WaitCursor(); - if (!BootEncObj->VerifyRescueDiskIsoImage (szRescueDiskISO)) - Error ("RESCUE_DISK_ISO_IMAGE_CHECK_FAILED", hwndDlg); - else - Info ("RESCUE_DISK_ISO_IMAGE_CHECK_PASSED", hwndDlg); - } - else - { - WaitCursor(); - if (!BootEncObj->VerifyRescueDisk ()) - Error ("RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg); - else - Info ("RESCUE_DISK_NON_WIZARD_CHECK_PASSED", hwndDlg); - } - } - catch (Exception &e) - { - e.Show (MainDlg); - Error ("RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg); - } - CloseSysEncMutex (); - - NormalCursor (); - } - else - Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); -} - -static void ShowSystemEncryptionStatus (HWND hwndDlg) -{ - try - { - BootEncStatus = BootEncObj->GetStatus(); - } - catch (Exception &e) - { - e.Show (MainDlg); - } - - if (GetAsyncKeyState (VK_SHIFT) < 0 && GetAsyncKeyState (VK_CONTROL) < 0) - { - // Ctrl+Shift held (for debugging purposes) - - DebugMsgBox ("Debugging information for system encryption:\n\nDeviceFilterActive: %d\nBootLoaderVersion: %x\nSetupInProgress: %d\nSetupMode: %d\nVolumeHeaderPresent: %d\nDriveMounted: %d\nDriveEncrypted: %d\n" - "HiddenSystem: %d\nHiddenSystemPartitionStart: %I64d\n" - "ConfiguredEncryptedAreaStart: %I64d\nConfiguredEncryptedAreaEnd: %I64d\nEncryptedAreaStart: %I64d\nEncryptedAreaEnd: %I64d\nEncrypted: %I64d%%", - BootEncStatus.DeviceFilterActive, - BootEncStatus.BootLoaderVersion, - BootEncStatus.SetupInProgress, - BootEncStatus.SetupMode, - BootEncStatus.VolumeHeaderPresent, - BootEncStatus.DriveMounted, - BootEncStatus.DriveEncrypted, - BootEncStatus.HiddenSystem ? 1 : 0, - BootEncStatus.HiddenSystemPartitionStart, - BootEncStatus.ConfiguredEncryptedAreaStart, - BootEncStatus.ConfiguredEncryptedAreaEnd, - BootEncStatus.EncryptedAreaStart, - BootEncStatus.EncryptedAreaEnd, - !BootEncStatus.DriveEncrypted ? 0 : (BootEncStatus.EncryptedAreaEnd + 1 - BootEncStatus.EncryptedAreaStart) * 100I64 / (BootEncStatus.ConfiguredEncryptedAreaEnd + 1 - BootEncStatus.ConfiguredEncryptedAreaStart)); - } - - if (!BootEncStatus.DriveEncrypted && !BootEncStatus.DriveMounted) - { - Info ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg); - return; - } - - DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_VOLUME_PROPERTIES), hwndDlg, - (DLGPROC) VolumePropertiesDlgProc, (LPARAM) TRUE); - -} - -static void ResumeInterruptedNonSysInplaceEncProcess (BOOL bDecrypt) -{ - // IMPORTANT: This function must not check any config files! Otherwise, if a config file was lost or corrupt, - // the user would not be able resume encryption and the data on the volume would be inaccessible. - - LaunchVolCreationWizard (MainDlg, bDecrypt? L"/resumeinplacedec" : L"/zinplace"); -} - -BOOL SelectContainer (HWND hwndDlg) -{ - if (BrowseFiles (hwndDlg, "OPEN_VOL_TITLE", szFileName, bHistory, FALSE, NULL) == FALSE) - return FALSE; - - AddComboItem (GetDlgItem (hwndDlg, IDC_VOLUME), szFileName, bHistory); - EnableDisableButtons (hwndDlg); - SetFocus (GetDlgItem (hwndDlg, IDC_DRIVELIST)); - return TRUE; -} - -BOOL SelectPartition (HWND hwndDlg) -{ - RawDevicesDlgParam param; - param.pszFileName = szFileName; - INT_PTR nResult = DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_RAWDEVICES_DLG), hwndDlg, - (DLGPROC) RawDevicesDlgProc, (LPARAM) & param); - if (nResult == IDOK) - { - AddComboItem (GetDlgItem (hwndDlg, IDC_VOLUME), szFileName, bHistory); - EnableDisableButtons (hwndDlg); - SetFocus (GetDlgItem (hwndDlg, IDC_DRIVELIST)); - return TRUE; - } - - return FALSE; -} - -static void WipeCache (HWND hwndDlg, BOOL silent) -{ - DWORD dwResult; - BOOL bResult; - - bResult = DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); - if (hwndDlg == NULL) - return; - - if (bResult == FALSE) - handleWin32Error (hwndDlg, SRC_POS); - else - { - EnableDisableButtons (hwndDlg); - - if (!silent) - InfoBalloon ("PASSWORD_CACHE_WIPED_SHORT", "PASSWORD_CACHE_WIPED", hwndDlg); - } -} - -static void Benchmark (HWND hwndDlg) -{ - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_BENCHMARK_DLG), hwndDlg, - (DLGPROC) BenchmarkDlgProc, (LPARAM) NULL); -} - - -static BOOL CheckMountList (HWND hwndDlg, BOOL bForceTaskBarUpdate) -{ - MOUNT_LIST_STRUCT current; - static BootEncryptionStatus newBootEncStatus; - static BOOL lastbUseDifferentTrayIconIfVolMounted = bUseDifferentTrayIconIfVolMounted; - static uint32 lastUlMountedDrives = 0; - - GetMountList (¤t); - - if ((bForceTaskBarUpdate || current.ulMountedDrives != lastUlMountedDrives || bUseDifferentTrayIconIfVolMounted != lastbUseDifferentTrayIconIfVolMounted) - && TaskBarIconMutex != NULL) - { - lastUlMountedDrives = current.ulMountedDrives; - lastbUseDifferentTrayIconIfVolMounted = bUseDifferentTrayIconIfVolMounted; - - TaskBarIconChange (MainDlg, current.ulMountedDrives != 0 && bUseDifferentTrayIconIfVolMounted ? IDI_TRUECRYPT_MOUNTED_ICON : IDI_TRUECRYPT_ICON); - } - - if (bForceTaskBarUpdate) - { - return TRUE; - } - - if (LastKnownLogicalDrives != GetUsedLogicalDrives() - || memcmp (&LastKnownMountList, ¤t, sizeof (current)) != 0) - { - wchar_t selDrive; - - WaitCursor (); - LastKnownMountList = current; - - selDrive = (wchar_t) HIWORD (GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST))); - LoadDriveLetters (hwndDlg, GetDlgItem (MainDlg, IDC_DRIVELIST), 0); - NormalCursor (); - - if (selDrive != ((wchar_t) 0xFFFF) && (current.ulMountedDrives & (1 << (selDrive - L'A'))) == 0 && !IsDriveAvailable (selDrive - L'A')) - { - nSelectedDriveIndex = -1; - return FALSE; - } - - if (selDrive != ((wchar_t) 0xFFFF)) - SelectItem (GetDlgItem (MainDlg, IDC_DRIVELIST),selDrive); - } - - try - { - newBootEncStatus = BootEncObj->GetStatus(); - - if (newBootEncStatus.SetupInProgress != RecentBootEncStatus.SetupInProgress - || newBootEncStatus.EncryptedAreaEnd != RecentBootEncStatus.EncryptedAreaEnd - || newBootEncStatus.DriveEncrypted != RecentBootEncStatus.DriveEncrypted - || newBootEncStatus.DriveMounted != RecentBootEncStatus.DriveMounted - || newBootEncStatus.SetupMode != RecentBootEncStatus.SetupMode - || newBootEncStatus.EncryptedAreaStart != RecentBootEncStatus.EncryptedAreaStart) - { - /* System encryption status change */ - - wchar_t selDrive; - int driveLetterToRefresh; - - if (RecentBootEncStatus.DriveMounted == newBootEncStatus.DriveMounted) // If an icon (and whole new line) for a system device isn't to be added/removed - { - // Partial refresh - if (WholeSysDriveEncryption (TRUE)) - { - // System drive (not just partition) - driveLetterToRefresh = ENC_SYSDRIVE_PSEUDO_DRIVE_LETTER; - } - else - { - // System partition - driveLetterToRefresh = GetSystemDriveLetter (); - } - } - else - { - // Full rebuild of the mount list - driveLetterToRefresh = 0; - } - - selDrive = (wchar_t) HIWORD (GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST))); - LoadDriveLetters (hwndDlg, GetDlgItem (MainDlg, IDC_DRIVELIST), driveLetterToRefresh); - - RecentBootEncStatus = newBootEncStatus; - - if (selDrive != ((wchar_t) 0xFFFF) && (current.ulMountedDrives & (1 << (selDrive - L'A'))) == 0 && !IsDriveAvailable (selDrive - L'A')) - { - nSelectedDriveIndex = -1; - } - - if (selDrive != ((wchar_t) 0xFFFF)) - { - SelectItem (GetDlgItem (MainDlg, IDC_DRIVELIST),selDrive); - } - } - - /* Miscellaneous notifications */ - - // Hibernation prevention notifications - if (newBootEncStatus.HibernationPreventionCount != RecentBootEncStatus.HibernationPreventionCount - && !bHibernationPreventionNotified) - { - bHibernationPreventionNotified = TRUE; - RecentBootEncStatus.HibernationPreventionCount = newBootEncStatus.HibernationPreventionCount; - - if (IsHiddenOSRunning() && BootEncObj->GetSystemDriveConfiguration().ExtraBootPartitionPresent) - WarningTopMost ("HIDDEN_OS_HIBERNATION_PREVENTED", hwndDlg); - else - WarningTopMost ("SYS_ENC_HIBERNATION_PREVENTED", hwndDlg); - } - - // Write mode prevention (hidden OS leak protection) - if (IsHiddenOSRunning()) - { - if (newBootEncStatus.HiddenSysLeakProtectionCount != RecentBootEncStatus.HiddenSysLeakProtectionCount - && !bHiddenSysLeakProtNotifiedDuringSession) - { - bHiddenSysLeakProtNotifiedDuringSession = TRUE; - - switch (HiddenSysLeakProtectionNotificationStatus) - { - case TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_COMPACT: - { - char *tmp[] = {0, "HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO", "SHOW_MORE_INFORMATION", "DO_NOT_SHOW_THIS_AGAIN", "CONTINUE", 0}; - switch (AskMultiChoice ((void **) tmp, FALSE, hwndDlg)) - { - case 1: - InfoDirect ((wstring (GetString ("HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO")) - + L"\n\n" - + GetString ("HIDDEN_OS_WRITE_PROTECTION_EXPLANATION") - + L"\n\n\n" - + GetString ("DECOY_TO_HIDDEN_OS_DATA_TRANSFER_HOWTO")).c_str(), hwndDlg); - break; - - case 2: - // No more warnings will be shown - if (ConfigBuffer == NULL) - { - // We need to load the config file because it is not done automatically when - // launched from the sys startup sequence (and SaveSettings would start by _loading_ - // the settings to cache). - LoadSettings (MainDlg); - } - HiddenSysLeakProtectionNotificationStatus = TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_DISABLED; - SaveSettings (MainDlg); - break; - - default: - // NOP - break; - } - } - break; - - case TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_DISABLED: - // NOP - break; - - case TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_NONE: - default: - { - // First time warning -- include technical explanation - InfoDirect ((wstring (GetString ("HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO")) - + L"\n\n" - + GetString ("HIDDEN_OS_WRITE_PROTECTION_EXPLANATION") - + L"\n\n\n" - + GetString ("DECOY_TO_HIDDEN_OS_DATA_TRANSFER_HOWTO")).c_str(), hwndDlg); - - // Further warnings will not include the explanation (and will allow disabling) - - if (ConfigBuffer == NULL) - { - // We need to load the config file because it is not done automatically when - // launched from the sys startup sequence (and SaveSettings would start by _loading_ - // the settings to cache). - LoadSettings (MainDlg); - } - HiddenSysLeakProtectionNotificationStatus = TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_COMPACT; - SaveSettings (MainDlg); - } - break; - } - } - } - } - catch (...) - { - // NOP - } - - return TRUE; -} - - -void DisplayDriveListContextMenu (HWND hwndDlg, LPARAM lParam) -{ - /* Drive list context menu */ - DWORD mPos; - int menuItem; - HMENU popup = CreatePopupMenu (); - HWND hList = GetDlgItem (hwndDlg, IDC_DRIVELIST); - - SetFocus (hList); - - switch (LOWORD (GetSelectedLong (hList))) - { - case TC_MLIST_ITEM_FREE: - - // No mounted volume at this drive letter - - AppendMenuW (popup, MF_STRING, IDM_MOUNT_VOLUME, GetString ("IDM_MOUNT_VOLUME")); - AppendMenu (popup, MF_SEPARATOR, 0, L""); - AppendMenuW (popup, MF_STRING, IDPM_SELECT_FILE_AND_MOUNT, GetString ("SELECT_FILE_AND_MOUNT")); - AppendMenuW (popup, MF_STRING, IDPM_SELECT_DEVICE_AND_MOUNT, GetString ("SELECT_DEVICE_AND_MOUNT")); - break; - - case TC_MLIST_ITEM_NONSYS_VOL: - - // There's a mounted non-system volume at this drive letter - - AppendMenuW (popup, MF_STRING, IDM_UNMOUNT_VOLUME, GetString ("DISMOUNT")); - AppendMenuW (popup, MF_STRING, IDPM_OPEN_VOLUME, GetString ("OPEN")); - AppendMenu (popup, MF_SEPARATOR, 0, L""); - AppendMenuW (popup, MF_STRING, IDPM_CHECK_FILESYS, GetString ("IDPM_CHECK_FILESYS")); - AppendMenuW (popup, MF_STRING, IDPM_REPAIR_FILESYS, GetString ("IDPM_REPAIR_FILESYS")); - AppendMenu (popup, MF_SEPARATOR, 0, L""); - AppendMenuW (popup, MF_STRING, IDPM_ADD_TO_FAVORITES, GetString ("IDPM_ADD_TO_FAVORITES")); - AppendMenuW (popup, MF_STRING, IDPM_ADD_TO_SYSTEM_FAVORITES, GetString ("IDPM_ADD_TO_SYSTEM_FAVORITES")); - AppendMenu (popup, MF_SEPARATOR, 0, L""); - AppendMenuW (popup, MF_STRING, IDM_DECRYPT_NONSYS_VOL, GetString ("IDM_DECRYPT_NONSYS_VOL")); - AppendMenu (popup, MF_SEPARATOR, 0, L""); - AppendMenuW (popup, MF_STRING, IDM_VOLUME_PROPERTIES, GetString ("IDPM_PROPERTIES")); - break; - - case TC_MLIST_ITEM_SYS_PARTITION: - case TC_MLIST_ITEM_SYS_DRIVE: - - // System partition/drive - - PopulateSysEncContextMenu (popup, FALSE); - break; - } - - if (lParam) - { - mPos=GetMessagePos(); - } - else - { - POINT pt = {0}; - if (ListView_GetItemPosition (hList, nSelectedDriveIndex, &pt)) - { - pt.x += 2 + ::GetSystemMetrics(SM_CXICON); - pt.y += 2; - } - ClientToScreen (hList, &pt); - mPos = MAKELONG (pt.x, pt.y); - } - - menuItem = TrackPopupMenu (popup, - TPM_RETURNCMD | TPM_LEFTBUTTON, - GET_X_LPARAM(mPos), - GET_Y_LPARAM(mPos), - 0, - hwndDlg, - NULL); - - DestroyMenu (popup); - - switch (menuItem) - { - case IDPM_SELECT_FILE_AND_MOUNT: - if (SelectContainer (hwndDlg)) - MountSelectedVolume (hwndDlg, FALSE); - break; - - case IDPM_SELECT_DEVICE_AND_MOUNT: - if (SelectPartition (hwndDlg)) - MountSelectedVolume (hwndDlg, FALSE); - break; - - case IDPM_CHECK_FILESYS: - case IDPM_REPAIR_FILESYS: - { - LPARAM lLetter = GetSelectedLong (hList); - - if (LOWORD (lLetter) != 0xffff) - CheckFilesystem (hwndDlg, (wchar_t) HIWORD (lLetter) - L'A', menuItem == IDPM_REPAIR_FILESYS); - } - break; - - case IDM_UNMOUNT_VOLUME: - if (CheckMountList (hwndDlg, FALSE)) - Dismount (hwndDlg, -2); - break; - - case IDM_DECRYPT_NONSYS_VOL: - if (CheckMountList (hwndDlg, FALSE)) - DecryptNonSysDevice (hwndDlg, FALSE, TRUE); - break; - - case IDPM_OPEN_VOLUME: - { - LPARAM state; - if (lParam) - nSelectedDriveIndex = ((LPNMITEMACTIVATE)lParam)->iItem; - else - nSelectedDriveIndex = ListView_GetSelectionMark (hList); - state = GetItemLong (hList, nSelectedDriveIndex ); - - WaitCursor (); - OpenVolumeExplorerWindow (HIWORD(state) - L'A'); - NormalCursor (); - } - break; - - case IDM_VOLUME_PROPERTIES: - DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_VOLUME_PROPERTIES), hwndDlg, - (DLGPROC) VolumePropertiesDlgProc, (LPARAM) FALSE); - break; - - case IDM_MOUNT_VOLUME: - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - mountOptions = defaultMountOptions; - bPrebootPasswordDlgMode = FALSE; - - if (CheckMountList (hwndDlg, FALSE)) - _beginthread(mountThreadFunction, 0, hwndDlg); - } - break; - - case IDPM_ADD_TO_FAVORITES: - case IDPM_ADD_TO_SYSTEM_FAVORITES: - { - LPARAM selectedDrive = GetSelectedLong (hList); - - if (LOWORD (selectedDrive) == TC_MLIST_ITEM_NONSYS_VOL) - AddMountedVolumeToFavorites (hwndDlg, HIWORD (selectedDrive) - L'A', menuItem == IDPM_ADD_TO_SYSTEM_FAVORITES); - } - break; - - default: - SendMessage (MainDlg, WM_COMMAND, menuItem, NULL); - break; - } -} - - -/* Except in response to the WM_INITDIALOG and WM_ENDSESSION messages, the dialog box procedure - should return nonzero if it processes a message, and zero if it does not. */ -BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) -{ - static UINT taskBarCreatedMsg; - WORD lw = LOWORD (wParam); - WORD hw = HIWORD (wParam); - - switch (uMsg) - { - case WM_HOTKEY: - - HandleHotKey (hwndDlg, wParam); - return 1; - - case WM_INITDIALOG: - { - int exitCode = 0; - - MainDlg = hwndDlg; - - if (IsTrueCryptInstallerRunning()) - AbortProcess ("TC_INSTALLER_IS_RUNNING"); - - // Set critical default options in case UsePreferences is false - bPreserveTimestamp = defaultMountOptions.PreserveTimestamp = TRUE; - bShowDisconnectedNetworkDrives = FALSE; - bHideWaitingDialog = FALSE; - - ResetWrongPwdRetryCount (); - - ExtractCommandLine (hwndDlg, (wchar_t *) lParam); - - try - { - BootEncObj->SetParentWindow (hwndDlg); - BootEncStatus = BootEncObj->GetStatus(); - RecentBootEncStatus = BootEncStatus; - } - catch (...) - { - // NOP - } - - if (UsePreferences) - { - // General preferences - LoadSettings (hwndDlg); - - // Keyfiles - LoadDefaultKeyFilesParam (); - RestoreDefaultKeyFilesParam (); - } - - if (ComServerMode) - { - InitDialog (hwndDlg); - - if (!ComServerMain ()) - { - handleWin32Error (hwndDlg, SRC_POS); - exit (1); - } - exit (0); - } - - if (CmdMountOptionsValid) - mountOptions = CmdMountOptions; - - InitMainDialog (hwndDlg); - - try - { - if (IsHiddenOSRunning()) - { - uint32 driverConfig = ReadDriverConfigurationFlags(); - if (BootEncObj->GetInstalledBootLoaderVersion() != VERSION_NUM) - Warning ("UPDATE_TC_IN_HIDDEN_OS_TOO", hwndDlg); - if ( !(driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION) - && !BootEncObj->CheckBootloaderFingerprint ()) - Warning ("BOOT_LOADER_FINGERPRINT_CHECK_FAILED", hwndDlg); - } - else if (SysDriveOrPartitionFullyEncrypted (TRUE)) - { - uint32 driverConfig = ReadDriverConfigurationFlags(); - if (BootEncObj->GetInstalledBootLoaderVersion() != VERSION_NUM) - { - Warning ("BOOT_LOADER_VERSION_DIFFERENT_FROM_DRIVER_VERSION", hwndDlg); - } - if ( !(driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION) - && !BootEncObj->CheckBootloaderFingerprint ()) - Warning ("BOOT_LOADER_FINGERPRINT_CHECK_FAILED", hwndDlg); - } - } - catch (...) { } - - // Automount - if (bAuto || (Quit && szFileName[0] != 0)) - { - // No drive letter specified on command line - if (commandLineDrive == 0) - szDriveLetter[0] = (wchar_t) GetFirstAvailableDrive () + L'A'; - - if (bAutoMountDevices) - { - defaultMountOptions = mountOptions; - if (FirstCmdKeyFile) - { - KeyFilesEnable = defaultKeyFilesParam.EnableKeyFiles = TRUE; - KeyFileCloneAll (FirstCmdKeyFile, &FirstKeyFile); - KeyFileCloneAll (FirstCmdKeyFile, &defaultKeyFilesParam.FirstKeyFile); - } - - if (!MountAllDevices (hwndDlg, !Silent && !CmdVolumePasswordValid && IsPasswordCacheEmpty())) - exitCode = 1; - } - - if (bAutoMountFavorites) - { - defaultMountOptions = mountOptions; - if (FirstCmdKeyFile) - { - KeyFilesEnable = defaultKeyFilesParam.EnableKeyFiles = TRUE; - KeyFileCloneAll (FirstCmdKeyFile, &FirstKeyFile); - KeyFileCloneAll (FirstCmdKeyFile, &defaultKeyFilesParam.FirstKeyFile); - } - - if (!MountFavoriteVolumes (hwndDlg, FALSE, LogOn)) - exitCode = 1; - } - - if (szFileName[0] != 0 && !TranslateVolumeID (hwndDlg, szFileName, ARRAYSIZE (szFileName))) - { - exitCode = 1; - } - else if (szFileName[0] != 0 && !IsMountedVolume (szFileName)) - { - BOOL mounted = FALSE; - int EffectiveVolumePkcs5 = CmdVolumePkcs5; - BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode; - BOOL bEffectiveTryEmptyPasswordWhenKeyfileUsed = bCmdTryEmptyPasswordWhenKeyfileUsedValid? bCmdTryEmptyPasswordWhenKeyfileUsed : bTryEmptyPasswordWhenKeyfileUsed; - - if (!VolumePathExists (szFileName)) - { - handleWin32Error (hwndDlg, SRC_POS); - } - else - { - /* Priority is given to command line parameters - * Default values used only when nothing specified in command line - */ - if (EffectiveVolumePkcs5 == 0) - EffectiveVolumePkcs5 = DefaultVolumePkcs5; - if (!EffectiveVolumeTrueCryptMode) - EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode; - - // Command line password or keyfiles - if (CmdVolumePassword.Length != 0 || (FirstCmdKeyFile && (CmdVolumePasswordValid || bEffectiveTryEmptyPasswordWhenKeyfileUsed))) - { - BOOL reportBadPasswd = CmdVolumePassword.Length > 0; - - if (FirstCmdKeyFile) - KeyFilesApplyWithPin (hwndDlg, &CmdVolumePassword, CmdTokenPin, FirstCmdKeyFile, szFileName); - - mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', - szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, - &mountOptions, Silent, reportBadPasswd); - - burn (&CmdVolumePassword, sizeof (CmdVolumePassword)); - } - else - { - // Cached password - mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, NULL, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); - } - - if (FirstCmdKeyFile) - { - KeyFileRemoveAll (&FirstKeyFile); - FirstKeyFile = FirstCmdKeyFile; - KeyFilesEnable = TRUE; - } - - // Ask user for password - while (!mounted && !Silent) - { - int GuiPkcs5 = EffectiveVolumePkcs5; - int GuiPim = CmdVolumePim; - BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode; - VolumePassword.Length = 0; - - StringCbCopyW (PasswordDlgVolume, sizeof(PasswordDlgVolume),szFileName); - if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &GuiTrueCryptMode, NULL, TRUE)) - break; - else - { - VolumePkcs5 = GuiPkcs5; - VolumePim = GuiPim; - VolumeTrueCryptMode = GuiTrueCryptMode; - burn (&GuiPkcs5, sizeof(GuiPkcs5)); - burn (&GuiPim, sizeof(GuiPim)); - burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode)); - } - - WaitCursor (); - - if (KeyFilesEnable && FirstKeyFile) - KeyFilesApplyWithPin (hwndDlg, &VolumePassword, CmdTokenPin, FirstKeyFile, szFileName); - - mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, FALSE, TRUE); - - burn (&VolumePassword, sizeof (VolumePassword)); - burn (&VolumePkcs5, sizeof (VolumePkcs5)); - burn (&VolumePim, sizeof (VolumePim)); - burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); - burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); - burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); - - NormalCursor (); - } - } - - if (UsePreferences) - { - RestoreDefaultKeyFilesParam (); - bCacheInDriver = bCacheInDriverDefault; - } - - if (mounted > 0) - { - if (bBeep) - MessageBeep (0xFFFFFFFF); - - if (bExplore) - OpenVolumeExplorerWindow (szDriveLetter[0] - L'A'); - - RefreshMainDlg(hwndDlg); - - if(!Silent) - { - // Check for problematic file extensions (exe, dll, sys) - if (CheckFileExtension (szFileName)) - Warning ("EXE_FILE_EXTENSION_MOUNT_WARNING", hwndDlg); - } - } - else - exitCode = 1; - } - else if (bExplore && GetMountedVolumeDriveNo (szFileName) != -1) - OpenVolumeExplorerWindow (GetMountedVolumeDriveNo (szFileName)); - else if (szFileName[0] != 0 && IsMountedVolume (szFileName)) - Warning ("VOL_ALREADY_MOUNTED", hwndDlg); - - if (!Quit) - RefreshMainDlg(hwndDlg); - } - - // Wipe cache - if (bWipe) - WipeCache (hwndDlg, Silent); - - // Wipe command line password - if (CmdVolumePassword.Length != 0) - { - burn (&CmdVolumePassword, sizeof (CmdVolumePassword)); - CmdVolumePassword.Length = 0; - } - - // Wipe command line keyfiles - if (FirstCmdKeyFile) - { - if (defaultKeyFilesParam.FirstKeyFile) - KeyFileRemoveAll (&defaultKeyFilesParam.FirstKeyFile); - - defaultKeyFilesParam.EnableKeyFiles = FALSE; - - if (!Quit) - { - LoadSettings (hwndDlg); - LoadDefaultKeyFilesParam (); - RestoreDefaultKeyFilesParam (); - } - } - - // Dismount - if (cmdUnmountDrive >= 0) - { - MOUNT_LIST_STRUCT mountList; - DWORD bytesReturned; - - if (DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, NULL, 0, &mountList, sizeof (mountList), &bytesReturned, NULL) - && (mountList.ulMountedDrives & (1 << cmdUnmountDrive)) == 0) - { - Error ("NO_VOLUME_MOUNTED_TO_DRIVE", hwndDlg); - exitCode = 1; - } - else if (!Dismount (hwndDlg, cmdUnmountDrive)) - exitCode = 1; - } - else if (cmdUnmountDrive == -1) - { - if (!DismountAll (hwndDlg, bForceUnmount, !Silent, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY)) - exitCode = 1; - } - - // TaskBar icon - if (bEnableBkgTask) - TaskBarIconAdd (hwndDlg); - - // Quit - if (Quit) - { - if (TaskBarIconMutex == NULL) - exit (exitCode); - - MainWindowHidden = TRUE; - - LoadSettings (hwndDlg); - LoadDefaultKeyFilesParam (); - RestoreDefaultKeyFilesParam (); - - if (!bEnableBkgTask) - { - if (TaskBarIconMutex) - TaskBarIconRemove (hwndDlg); - exit (exitCode); - } - } - - // No command line arguments or only /volume => bring active instance - // to foreground if available - if (NoCmdLineArgs == 0 || (CmdLineVolumeSpecified && NoCmdLineArgs <= 2)) - { - HWND h = hwndDlg; - EnumWindows (FindTCWindowEnum, (LPARAM) &h); - - if (h != hwndDlg - && (!IsAdmin() || (GetWindowLongPtrW (h, DWLP_USER) & TC_MAIN_WINDOW_FLAG_ADMIN_PRIVILEGES) != 0)) - { - if (CmdLineVolumeSpecified) - { - COPYDATASTRUCT cd; - memcpy (&cd.dwData, WM_COPY_SET_VOLUME_NAME, 4); - cd.lpData = szFileName; - cd.cbData = (DWORD) ((wcslen (szFileName) + 1) * sizeof (wchar_t)); - - SendMessage (h, WM_COPYDATA, (WPARAM)hwndDlg, (LPARAM)&cd); - } - - SendMessage (h, TC_APPMSG_MOUNT_SHOW_WINDOW, 0, 0); - - ShowWindow (h, SW_SHOW); - SetForegroundWindow (h); - - if (TaskBarIconMutex == NULL) - exit (0); - } - } - - HookMouseWheel (hwndDlg, IDC_VOLUME); - - // Register hot keys - if (!RegisterAllHotkeys (hwndDlg, Hotkeys) - && TaskBarIconMutex != NULL) // Warn only if we are the first instance of TrueCrypt - Warning("HOTKEY_REGISTRATION_ERROR", hwndDlg); - - Silent = FALSE; - - GetMountList (&LastKnownMountList); - SetTimer (hwndDlg, TIMER_ID_MAIN, TIMER_INTERVAL_MAIN, NULL); - - taskBarCreatedMsg = RegisterWindowMessage (L"TaskbarCreated"); - - AllowMessageInUIPI (taskBarCreatedMsg); - - SetFocus (GetDlgItem (hwndDlg, IDC_DRIVELIST)); - - /* Check system encryption status */ - - if (!Quit) // Do not care about system encryption or in-place encryption if we were launched from the system startup sequence (the wizard was added to it too). - { - if (SysEncryptionOrDecryptionRequired ()) - { - if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption - { - // We shouldn't block the mutex at this point - - if (SystemEncryptionStatus == SYSENC_STATUS_PRETEST - || AskWarnYesNo ("SYSTEM_ENCRYPTION_RESUME_PROMPT", hwndDlg) == IDYES) - { - // The wizard was not launched during the system startup seq, or the user may have forgotten - // to resume the encryption/decryption process. - - - LaunchVolCreationWizard (hwndDlg, L"/csysenc"); - } - } - } - - if (bInPlaceEncNonSysPending && !NonSysInplaceEncInProgressElsewhere()) - { - BOOL bDecrypt = FALSE; - if (AskNonSysInPlaceEncryptionResume(hwndDlg, &bDecrypt) == IDYES) - ResumeInterruptedNonSysInplaceEncProcess (bDecrypt); - } - } - - if (TaskBarIconMutex != NULL) - RegisterWtsNotification(hwndDlg); - DoPostInstallTasks (hwndDlg); - ResetCurrentDirectory (); - } - return 0; - - case WM_MOUSEWHEEL: - return HandleDriveListMouseWheelEvent (uMsg, wParam, lParam, FALSE); - - case WM_CONTEXTMENU: - { - HWND hList = GetDlgItem (hwndDlg, IDC_DRIVELIST); - // only handle if it is coming from keyboard and if the drive - // list has focus. The other cases are handled elsewhere - if ( (-1 == GET_X_LPARAM(lParam)) - && (-1 == GET_Y_LPARAM(lParam)) - && (GetFocus () == hList) - ) - { - INT item = ListView_GetSelectionMark (hList); - if (item >= 0) - { - nSelectedDriveIndex = item; - DisplayDriveListContextMenu (hwndDlg, NULL); - } - } - } - break; - - case WM_WINDOWPOSCHANGING: - if (MainWindowHidden) - { - // Prevent window from being shown - PWINDOWPOS wp = (PWINDOWPOS)lParam; - wp->flags &= ~SWP_SHOWWINDOW; - return 0; - } - return 1; - - case WM_SYSCOMMAND: - if (lw == IDC_ABOUT) - { - DialogBoxW (hInst, MAKEINTRESOURCEW (IDD_ABOUT_DLG), hwndDlg, (DLGPROC) AboutDlgProc); - return 1; - } - return 0; - - case WM_HELP: - OpenPageHelp (hwndDlg, 0); - return 1; - - case WM_WTSSESSION_CHANGE: - if (TaskBarIconMutex != NULL) - { - if (bDismountOnSessionLocked && ((WTS_SESSION_LOCK == wParam) || (WTS_CONSOLE_DISCONNECT == wParam) || (WTS_REMOTE_DISCONNECT == wParam))) - { - // Auto-dismount when session is locked - DWORD dwResult; - - if (bWipeCacheOnAutoDismount) - { - DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); - SecurityToken::CloseAllSessions(); - } - - DismountAll (hwndDlg, bForceAutoDismount, TRUE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY); - } - } - return 0; - - case WM_ENDSESSION: - if (TaskBarIconMutex != NULL) - { - if (bDismountOnLogOff) - { - // Auto-dismount when user logs off - DWORD dwResult; - - if (bWipeCacheOnAutoDismount) - DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); - - DismountAll (hwndDlg, bForceAutoDismount, FALSE, 1, 0); - } - - TaskBarIconRemove (hwndDlg); - UnregisterWtsNotification(hwndDlg); - } - EndMainDlg (hwndDlg); - localcleanup (); - return 0; - - case WM_POWERBROADCAST: - if (wParam == PBT_APMSUSPEND - && TaskBarIconMutex != NULL && bDismountOnPowerSaving) - { - // Auto-dismount when entering power-saving mode - DWORD dwResult; - - if (bWipeCacheOnAutoDismount) - { - DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); - SecurityToken::CloseAllSessions(); - } - - DismountAll (hwndDlg, bForceAutoDismount, TRUE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY); - } - return 0; - - case WM_TIMER: - { - // Check mount list and update GUI if needed - CheckMountList (hwndDlg, FALSE); - - // Cache status - if (IsPasswordCacheEmpty() == IsWindowEnabled (GetDlgItem (hwndDlg, IDC_WIPE_CACHE))) - EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_CACHE), !IsPasswordCacheEmpty()); - - // Check driver warning flags - DWORD bytesOut; - GetWarningFlagsRequest warnings; - if (DeviceIoControl (hDriver, TC_IOCTL_GET_WARNING_FLAGS, NULL, 0, &warnings, sizeof (warnings), &bytesOut, NULL)) - { - if (warnings.SystemFavoriteVolumeDirty) - WarningTopMost ("SYS_FAVORITE_VOLUME_DIRTY", hwndDlg); - - if (warnings.PagingFileCreationPrevented) - WarningTopMost ("PAGING_FILE_CREATION_PREVENTED", hwndDlg); - } - - if (TaskBarIconMutex != NULL) - { - - // Idle auto-dismount - if (MaxVolumeIdleTime > 0) - DismountIdleVolumes (); - - // Screen saver auto-dismount - if (bDismountOnScreenSaver) - { - static BOOL previousState = FALSE; - BOOL running = FALSE; - SystemParametersInfo (SPI_GETSCREENSAVERRUNNING, 0, &running, 0); - - if (running && !previousState) - { - DWORD dwResult; - previousState = TRUE; - - if (bWipeCacheOnAutoDismount) - { - DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); - SecurityToken::CloseAllSessions(); - } - - DismountAll (hwndDlg, bForceAutoDismount, FALSE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY); - } - else - { - previousState = running; - } - } - - // Auto-mount favorite volumes on arrival -#if TIMER_INTERVAL_MAIN != 500 -#error TIMER_INTERVAL_MAIN != 500 -#endif - static int favoritesAutoMountTimerDivisor = 0; - if ((++favoritesAutoMountTimerDivisor & 1) && !FavoritesOnArrivalMountRequired.empty()) - { - static bool reentry = false; - if (reentry) - break; - - reentry = true; - - foreach (FavoriteVolume favorite, FavoritesOnArrivalMountRequired) - { - if (favorite.UseVolumeID) - { - if (IsMountedVolumeID (favorite.VolumeID)) - continue; - - std::wstring volDevPath = FindDeviceByVolumeID (favorite.VolumeID); - if (volDevPath.length() > 0) - { - favorite.Path = volDevPath; - favorite.DisconnectedDevice = false; - } - else - continue; - } - else if (!favorite.VolumePathId.empty()) - { - if (IsMountedVolume (favorite.Path.c_str())) - continue; - - wchar_t volDevPath[TC_MAX_PATH]; - if (QueryDosDevice (favorite.VolumePathId.substr (4, favorite.VolumePathId.size() - 5).c_str(), volDevPath, TC_MAX_PATH) == 0) - continue; - - favorite.DisconnectedDevice = false; - } - else if (favorite.Path.find (L"\\\\?\\Volume{") == 0) - { - wstring resolvedPath = VolumeGuidPathToDevicePath (favorite.Path); - if (resolvedPath.empty()) - continue; - - favorite.DisconnectedDevice = false; - favorite.VolumePathId = favorite.Path; - favorite.Path = resolvedPath; - } - - if (IsMountedVolume (favorite.Path.c_str())) - continue; - - if (!IsVolumeDeviceHosted (favorite.Path.c_str())) - { - if (!FileExists (favorite.Path.c_str())) - continue; - } - else if (favorite.VolumePathId.empty()) - continue; - - bool mountedAndNotDisconnected = false; - foreach (FavoriteVolume mountedFavorite, FavoritesMountedOnArrivalStillConnected) - { - if (favorite.Path == mountedFavorite.Path) - { - mountedAndNotDisconnected = true; - break; - } - } - - if (!mountedAndNotDisconnected) - { - FavoriteMountOnArrivalInProgress = TRUE; - MountFavoriteVolumes (hwndDlg, FALSE, FALSE, FALSE, favorite); - FavoriteMountOnArrivalInProgress = FALSE; - - FavoritesMountedOnArrivalStillConnected.push_back (favorite); - } - } - - bool deleted; - for (list ::iterator favorite = FavoritesMountedOnArrivalStillConnected.begin(); - favorite != FavoritesMountedOnArrivalStillConnected.end(); - deleted ? favorite : ++favorite) - { - deleted = false; - - if (IsMountedVolume (favorite->Path.c_str())) - continue; - - if (!IsVolumeDeviceHosted (favorite->Path.c_str())) - { - if (FileExists (favorite->Path.c_str())) - continue; - } - - wchar_t volDevPath[TC_MAX_PATH]; - if (favorite->VolumePathId.size() > 5 - && QueryDosDevice (favorite->VolumePathId.substr (4, favorite->VolumePathId.size() - 5).c_str(), volDevPath, TC_MAX_PATH) != 0) - { - continue; - } - - // set DisconnectedDevice field on FavoritesOnArrivalMountRequired element - foreach (FavoriteVolume onArrivalFavorite, FavoritesOnArrivalMountRequired) - { - if (onArrivalFavorite.Path == favorite->Path) - { - onArrivalFavorite.DisconnectedDevice = true; - break; - } - } - - favorite = FavoritesMountedOnArrivalStillConnected.erase (favorite); - deleted = true; - } - - reentry = false; - } - } - - // Exit background process in non-install mode or if no volume mounted - // and no other instance active - if (LastKnownMountList.ulMountedDrives == 0 - && MainWindowHidden -#ifndef _DEBUG - && (bCloseBkgTaskWhenNoVolumes || IsNonInstallMode ()) - && !SysEncDeviceActive (TRUE) -#endif - && GetDriverRefCount () < 2) - { - TaskBarIconRemove (hwndDlg); - UnregisterWtsNotification(hwndDlg); - EndMainDlg (hwndDlg); - } - } - return 1; - - case TC_APPMSG_TASKBAR_ICON: - { - switch (lParam) - { - case WM_LBUTTONDOWN: - SetForegroundWindow (hwndDlg); - MainWindowHidden = FALSE; - ShowWindow (hwndDlg, SW_SHOW); - ShowWindow (hwndDlg, SW_RESTORE); - return 1; - - case WM_RBUTTONUP: - { - POINT pos; - HMENU popup = CreatePopupMenu (); - int sel, i, n; - - if (MainWindowHidden) - { - AppendMenuW (popup, MF_STRING, IDM_SHOW_HIDE, GetString ("SHOW_TC")); - AppendMenu (popup, MF_SEPARATOR, 0, L""); - } - else if (bEnableBkgTask - && (!(LastKnownMountList.ulMountedDrives == 0 - && (bCloseBkgTaskWhenNoVolumes || IsNonInstallMode ()) - && !SysEncDeviceActive (TRUE) - && GetDriverRefCount () < 2))) - { - AppendMenuW (popup, MF_STRING, IDM_SHOW_HIDE, GetString ("HIDE_TC")); - AppendMenu (popup, MF_SEPARATOR, 0, L""); - } - AppendMenuW (popup, MF_STRING, IDM_MOUNTALL, GetString ("IDC_MOUNTALL")); - AppendMenuW (popup, MF_STRING, IDM_MOUNT_FAVORITE_VOLUMES, GetString ("IDM_MOUNT_FAVORITE_VOLUMES")); - AppendMenuW (popup, MF_STRING, IDM_UNMOUNTALL, GetString ("IDC_UNMOUNTALL")); - AppendMenu (popup, MF_SEPARATOR, 0, L""); - - for (n = 0; n < 2; n++) - { - for (i = 0; i < 26; i++) - { - if (LastKnownMountList.ulMountedDrives & (1 << i)) - { - wchar_t s[1024]; - wchar_t *vol = (wchar_t *) LastKnownMountList.wszVolume[i]; - - if (wcsstr (vol, L"\\??\\")) vol += 4; - - // first check label used for mounting. If empty, look for it in favorites. - bool useInExplorer = false; - wstring label = (wchar_t *) LastKnownMountList.wszLabel[i]; - if (label.empty()) - label = GetFavoriteVolumeLabel (vol, useInExplorer); - - StringCbPrintfW (s, sizeof(s), L"%s %c: (%s)", - GetString (n==0 ? "OPEN" : "DISMOUNT"), - i + L'A', - label.empty() ? vol : label.c_str()); - AppendMenuW (popup, MF_STRING, n*26 + TRAYICON_MENU_DRIVE_OFFSET + i, s); - } - } - if (LastKnownMountList.ulMountedDrives != 0) - AppendMenu (popup, MF_SEPARATOR, 0, L""); - } - - AppendMenuW (popup, MF_STRING, IDM_HELP, GetString ("MENU_HELP")); - AppendMenuW (popup, MF_STRING, IDM_HOMEPAGE_SYSTRAY, GetString ("HOMEPAGE")); - AppendMenuW (popup, MF_STRING, IDM_PREFERENCES, GetString ("IDM_PREFERENCES")); - AppendMenuW (popup, MF_STRING, IDM_ABOUT, GetString ("IDM_ABOUT")); - AppendMenu (popup, MF_SEPARATOR, 0, L""); - AppendMenuW (popup, MF_STRING, IDCANCEL, GetString ("EXIT")); - - GetCursorPos (&pos); - - SetForegroundWindow(hwndDlg); - - sel = TrackPopupMenu (popup, - TPM_RETURNCMD | TPM_LEFTALIGN | TPM_BOTTOMALIGN | TPM_RIGHTBUTTON, - pos.x, - pos.y, - 0, - hwndDlg, - NULL); - - if (sel >= TRAYICON_MENU_DRIVE_OFFSET && sel < TRAYICON_MENU_DRIVE_OFFSET + 26) - { - OpenVolumeExplorerWindow (sel - TRAYICON_MENU_DRIVE_OFFSET); - } - else if (sel >= TRAYICON_MENU_DRIVE_OFFSET + 26 && sel < TRAYICON_MENU_DRIVE_OFFSET + 26*2) - { - if (CheckMountList (hwndDlg, FALSE)) - { - if (Dismount (hwndDlg, sel - TRAYICON_MENU_DRIVE_OFFSET - 26)) - { - wchar_t txt [2048]; - StringCbPrintfW (txt, sizeof(txt), GetString ("VOLUME_MOUNTED_AS_DRIVE_LETTER_X_DISMOUNTED"), sel - TRAYICON_MENU_DRIVE_OFFSET - 26 + L'A'); - - InfoBalloonDirect (GetString ("SUCCESSFULLY_DISMOUNTED"), txt, hwndDlg); - } - } - } - else if (sel == IDM_SHOW_HIDE) - { - ChangeMainWindowVisibility (); - } - else if (sel == IDM_HOMEPAGE_SYSTRAY) - { - Applink ("home", TRUE, ""); - } - else if (sel == IDCANCEL) - { - if ((LastKnownMountList.ulMountedDrives == 0 - && !SysEncDeviceActive (TRUE)) - || AskWarnNoYes ("CONFIRM_EXIT", hwndDlg) == IDYES) - { - // Close all other TC windows - EnumWindows (CloseTCWindowsEnum, 0); - - TaskBarIconRemove (hwndDlg); - UnregisterWtsNotification(hwndDlg); - SendMessage (hwndDlg, WM_COMMAND, sel, 0); - } - } - else - { - SendMessage (hwndDlg, WM_COMMAND, sel, 0); - } - - PostMessage(hwndDlg, WM_NULL, 0, 0); - DestroyMenu (popup); - } - return 1; - } - } - - return 0; - - case TC_APPMSG_CLOSE_BKG_TASK: - if (TaskBarIconMutex != NULL) - TaskBarIconRemove (hwndDlg); - UnregisterWtsNotification(hwndDlg); - - return 1; - - case TC_APPMSG_SYSENC_CONFIG_UPDATE: - LoadSysEncSettings (); - - // The wizard added VeraCrypt.exe to the system startup sequence or performed other operations that - // require us to update our cached settings. - LoadSettings (hwndDlg); - - return 1; - - case WM_DEVICECHANGE: - if (!IgnoreWmDeviceChange && wParam != DBT_DEVICEARRIVAL) - { - // Check if any host device has been removed and force dismount of volumes accordingly - PDEV_BROADCAST_HDR hdr = (PDEV_BROADCAST_HDR) lParam; - int m; - - GetMountList (&LastKnownMountList); - - if (wParam == DBT_DEVICEREMOVECOMPLETE && hdr->dbch_devicetype == DBT_DEVTYP_VOLUME) - { - // File-hosted volumes - PDEV_BROADCAST_VOLUME vol = (PDEV_BROADCAST_VOLUME) lParam; - int i; - - for (i = 0; i < 26; i++) - { - if ((vol->dbcv_unitmask & (1 << i)) && !(GetUsedLogicalDrives() & (1 << i))) - { - for (m = 0; m < 26; m++) - { - if (LastKnownMountList.ulMountedDrives & (1 << m)) - { - wchar_t *vol = (wchar_t *) LastKnownMountList.wszVolume[m]; - - if (wcsstr (vol, L"\\??\\") == vol) - vol += 4; - - if (vol[1] == L':' && i == (vol[0] - (vol[0] <= L'Z' ? L'A' : L'a'))) - { - UnmountVolume (hwndDlg, m, TRUE); - WarningBalloon ("HOST_DEVICE_REMOVAL_DISMOUNT_WARN_TITLE", "HOST_DEVICE_REMOVAL_DISMOUNT_WARN", hwndDlg); - } - } - } - } - } - } - - // Device-hosted volumes - for (m = 0; m < 26; m++) - { - if (LastKnownMountList.ulMountedDrives & (1 << m)) - { - wchar_t *vol = (wchar_t *) LastKnownMountList.wszVolume[m]; - - if (wcsstr (vol, L"\\??\\") == vol) - vol += 4; - - if (IsVolumeDeviceHosted (vol)) - { - OPEN_TEST_STRUCT ots = {0}; - - if (!OpenDevice (vol, &ots, FALSE, FALSE, NULL)) - { - UnmountVolume (hwndDlg, m, TRUE); - WarningBalloon ("HOST_DEVICE_REMOVAL_DISMOUNT_WARN_TITLE", "HOST_DEVICE_REMOVAL_DISMOUNT_WARN", hwndDlg); - } - } - } - } - - // Favorite volumes - UpdateDeviceHostedFavoriteVolumes(); - - return 1; - } - return 0; - - case WM_NOTIFY: - - if(wParam == IDC_DRIVELIST) - { - if (((LPNMHDR) lParam)->code == NM_CUSTOMDRAW) - { - int width = ListView_GetColumnWidth (GetDlgItem (hwndDlg, IDC_DRIVELIST), 1); - if (width != LastDriveListVolumeColumnWidth) - { - LastDriveListVolumeColumnWidth = width; - LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), 0); - } - return 0; - } - - /* Single click within drive list */ - if (((LPNMHDR) lParam)->code == LVN_ITEMCHANGED && (((LPNMLISTVIEW) lParam)->uNewState & LVIS_FOCUSED )) - { - nSelectedDriveIndex = ((LPNMLISTVIEW) lParam)->iItem; - EnableDisableButtons (hwndDlg); - return 1; - } - - /* Double click within drive list */ - if (((LPNMHDR) lParam)->code == LVN_ITEMACTIVATE) - { - LPARAM state = GetItemLong (GetDlgItem (hwndDlg, IDC_DRIVELIST), ((LPNMITEMACTIVATE)lParam)->iItem ); - nSelectedDriveIndex = ((LPNMITEMACTIVATE)lParam)->iItem; - if (LOWORD(state) == TC_MLIST_ITEM_NONSYS_VOL || LOWORD(state) == TC_MLIST_ITEM_SYS_PARTITION) - { - // Open explorer window for mounted volume - WaitCursor (); - OpenVolumeExplorerWindow (HIWORD(state) - L'A'); - NormalCursor (); - } - else if (LOWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) == TC_MLIST_ITEM_FREE) - { - mountOptions = defaultMountOptions; - bPrebootPasswordDlgMode = FALSE; - - if (GetAsyncKeyState (VK_CONTROL) < 0) - { - /* Priority is given to command line parameters - * Default values used only when nothing specified in command line - */ - if (CmdVolumePkcs5 == 0) - mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5; - else - mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5; - mountOptions.ProtectedHidVolPim = CmdVolumePim; - - if (IDCANCEL == DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg, - (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions)) - return 1; - - if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles) - { - wchar_t selectedVolume [TC_MAX_PATH + 1]; - GetVolumePath (hwndDlg, selectedVolume, ARRAYSIZE (selectedVolume)); - KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, selectedVolume); - } - } - - if (CheckMountList (hwndDlg, FALSE)) - _beginthread(mountThreadFunction, 0, hwndDlg); - } - return 1; - } - - /* Right click and drag&drop operations */ - - switch (((NM_LISTVIEW *) lParam)->hdr.code) - { - case NM_RCLICK: - case LVN_BEGINRDRAG: - /* If the mouse was moving while the right mouse button is pressed, popup menu would - not open, because drag&drop operation would be initiated. Therefore, we're handling - RMB drag-and-drop operations as well. */ - { - - DisplayDriveListContextMenu (hwndDlg, lParam); - - return 1; - } - } - } - return 0; - - case WM_ERASEBKGND: - return 0; - - case WM_COMMAND: - - if (lw == IDCANCEL || lw == IDC_EXIT) - { - EndMainDlg (hwndDlg); - return 1; - } - - if (lw == IDHELP || lw == IDM_HELP) - { - OpenPageHelp (hwndDlg, 0); - return 1; - } - - if (lw == IDM_ABOUT || lw == IDC_LOGO) - { - DialogBoxW (hInst, MAKEINTRESOURCEW (IDD_ABOUT_DLG), hwndDlg, (DLGPROC) AboutDlgProc); - return 1; - } - - if (lw == IDOK && LOWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) == TC_MLIST_ITEM_NONSYS_VOL - || lw == IDM_UNMOUNT_VOLUME) - { - if (lw == IDM_UNMOUNT_VOLUME && LOWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) != TC_MLIST_ITEM_NONSYS_VOL) - { - Warning ("SELECT_A_MOUNTED_VOLUME", hwndDlg); - return 1; - } - - if (CheckMountList (hwndDlg, FALSE)) - Dismount (hwndDlg, -2); - return 1; - } - - if ((lw == IDOK || lw == IDM_MOUNT_VOLUME || lw == IDM_MOUNT_VOLUME_OPTIONS || lw == IDC_MOUNTALL || lw == IDM_MOUNTALL) - && LOWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) == 0xffff) - { - MessageBoxW (hwndDlg, GetString ("SELECT_FREE_DRIVE"), L"VeraCrypt", MB_ICONEXCLAMATION); - return 1; - } - - if ((lw == IDOK || lw == IDM_MOUNT_VOLUME || lw == IDM_MOUNT_VOLUME_OPTIONS)) - { - MountSelectedVolume (hwndDlg, lw == IDM_MOUNT_VOLUME_OPTIONS); - return 1; - } - - if (lw == IDC_UNMOUNTALL || lw == IDM_UNMOUNTALL) - { - if (DismountAll (hwndDlg, bForceUnmount, TRUE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY) - && lw == IDM_UNMOUNTALL) // If initiated via the systray menu - { - InfoBalloon ("SUCCESSFULLY_DISMOUNTED", "MOUNTED_VOLUMES_DISMOUNTED", hwndDlg); - } - - return 1; - } - - if (lw == IDC_MOUNTALL || lw == IDM_MOUNTALL) - { - // If Shift key is down and the password cache isn't empty, bypass password prompt - MountAllDevices (hwndDlg, !(GetAsyncKeyState (VK_SHIFT) < 0 && !IsPasswordCacheEmpty())); - return 1; - } - - if (lw == IDC_SELECT_FILE || lw == IDM_SELECT_FILE) - { - SelectContainer (hwndDlg); - return 1; - } - - if (lw == IDC_SELECT_DEVICE || lw == IDM_SELECT_DEVICE) - { - SelectPartition (hwndDlg); - return 1; - } - - // System Encryption menu - switch (lw) - { - case IDM_ENCRYPT_SYSTEM_DEVICE: - EncryptSystemDevice (hwndDlg); - break; - case IDM_PERMANENTLY_DECRYPT_SYS: - DecryptSystemDevice (hwndDlg); - break; - case IDM_CREATE_HIDDEN_OS: - CreateHiddenOS (hwndDlg); - break; - case IDM_SYSENC_RESUME: - ResumeInterruptedSysEncProcess (hwndDlg); - break; - case IDM_SYSTEM_ENCRYPTION_STATUS: - ShowSystemEncryptionStatus (hwndDlg); - break; - case IDM_CHANGE_SYS_PASSWORD: - ChangeSysEncPassword (hwndDlg, FALSE); - break; - case IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO: - ChangeSysEncPassword (hwndDlg, TRUE); - break; - case IDM_CREATE_RESCUE_DISK: - CreateRescueDisk (hwndDlg); - break; - case IDM_VERIFY_RESCUE_DISK: - VerifyRescueDisk (hwndDlg, false); - break; - case IDM_VERIFY_RESCUE_DISK_ISO: - VerifyRescueDisk (hwndDlg, true); - break; - case IDM_MOUNT_SYSENC_PART_WITHOUT_PBA: - - if (CheckSysEncMountWithoutPBA (hwndDlg, L"", FALSE)) - { - mountOptions = defaultMountOptions; - mountOptions.PartitionInInactiveSysEncScope = TRUE; - bPrebootPasswordDlgMode = TRUE; - - if (CheckMountList (hwndDlg, FALSE)) - _beginthread(mountThreadFunction, 0, hwndDlg); - } - break; - } - - if (lw == IDC_VOLUME_TOOLS) - { - /* Volume Tools popup menu */ - - int menuItem; - wchar_t volPath[TC_MAX_PATH]; /* Volume to mount */ - HMENU popup = CreatePopupMenu (); - RECT rect; - - if (ActiveSysEncDeviceSelected ()) - { - PopulateSysEncContextMenu (popup, TRUE); - } - else - { - AppendMenuW (popup, MF_STRING, IDM_CHANGE_PASSWORD, GetString ("IDM_CHANGE_PASSWORD")); - AppendMenuW (popup, MF_STRING, IDM_CHANGE_HEADER_KEY_DERIV_ALGO, GetString ("IDM_CHANGE_HEADER_KEY_DERIV_ALGO")); - AppendMenu (popup, MF_SEPARATOR, 0, L""); - AppendMenuW (popup, MF_STRING, IDM_ADD_REMOVE_VOL_KEYFILES, GetString ("IDM_ADD_REMOVE_VOL_KEYFILES")); - AppendMenuW (popup, MF_STRING, IDM_REMOVE_ALL_KEYFILES_FROM_VOL, GetString ("IDM_REMOVE_ALL_KEYFILES_FROM_VOL")); - AppendMenu (popup, MF_SEPARATOR, 0, L""); - AppendMenuW (popup, MF_STRING, IDM_DECRYPT_NONSYS_VOL, GetString ("IDM_DECRYPT_NONSYS_VOL")); - AppendMenu (popup, MF_SEPARATOR, 0, NULL); - AppendMenuW (popup, MF_STRING, IDM_BACKUP_VOL_HEADER, GetString ("IDM_BACKUP_VOL_HEADER")); - AppendMenuW (popup, MF_STRING, IDM_RESTORE_VOL_HEADER, GetString ("IDM_RESTORE_VOL_HEADER")); - } - - GetWindowRect (GetDlgItem (hwndDlg, IDC_VOLUME_TOOLS), &rect); - - menuItem = TrackPopupMenu (popup, - TPM_RETURNCMD | TPM_LEFTBUTTON, - rect.left + 2, - rect.top + 2, - 0, - hwndDlg, - NULL); - - DestroyMenu (popup); - - switch (menuItem) - { - case IDM_DECRYPT_NONSYS_VOL: - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - DecryptNonSysDevice (hwndDlg, TRUE, FALSE); - } - break; - - case IDM_CHANGE_PASSWORD: - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - pwdChangeDlgMode = PCDM_CHANGE_PASSWORD; - ChangePassword (hwndDlg); - } - break; - - case IDM_CHANGE_HEADER_KEY_DERIV_ALGO: - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - pwdChangeDlgMode = PCDM_CHANGE_PKCS5_PRF; - ChangePassword (hwndDlg); - } - break; - - case IDM_ADD_REMOVE_VOL_KEYFILES: - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - pwdChangeDlgMode = PCDM_ADD_REMOVE_VOL_KEYFILES; - ChangePassword (hwndDlg); - } - break; - - case IDM_REMOVE_ALL_KEYFILES_FROM_VOL: - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - pwdChangeDlgMode = PCDM_REMOVE_ALL_KEYFILES_FROM_VOL; - ChangePassword (hwndDlg); - } - break; - - case IDM_BACKUP_VOL_HEADER: - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - GetVolumePath (hwndDlg, volPath, ARRAYSIZE (volPath)); - - WaitCursor (); - - int iStatus = 0; - BackupHeaderThreadParam threadParam; - threadParam.bRequireConfirmation = TRUE; - threadParam.lpszVolume = volPath; - threadParam.cchVolume = ARRAYSIZE (volPath); - threadParam.iResult = &iStatus; - - ShowWaitDialog (hwndDlg, TRUE, BackupHeaderWaitThreadProc, &threadParam); - - NormalCursor (); - } - break; - - case IDM_RESTORE_VOL_HEADER: - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - GetVolumePath (hwndDlg, volPath, ARRAYSIZE (volPath)); - - WaitCursor (); - - int iStatus = 0; - RestoreHeaderThreadParam threadParam; - threadParam.lpszVolume = volPath; - threadParam.cchVolume = ARRAYSIZE (volPath); - threadParam.iResult = &iStatus; - - ShowWaitDialog(hwndDlg, TRUE, RestoreHeaderWaitThreadProc, &threadParam); - - NormalCursor (); - } - break; - - default: - SendMessage (MainDlg, WM_COMMAND, menuItem, NULL); - break; - } - return 1; - } - - if (lw == IDM_DECRYPT_NONSYS_VOL) - { - LPARAM selectedDrive = GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST)); - - if (LOWORD (selectedDrive) == TC_MLIST_ITEM_FREE && !VolumeSelected (MainDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - DecryptNonSysDevice (hwndDlg, TRUE, FALSE); - } - - return 1; - } - - if (lw == IDM_CHANGE_PASSWORD) - { - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - if (ActiveSysEncDeviceSelected ()) - { - ChangeSysEncPassword (hwndDlg, FALSE); - } - else - { - pwdChangeDlgMode = PCDM_CHANGE_PASSWORD; - ChangePassword (hwndDlg); - } - } - return 1; - } - - if (lw == IDM_CHANGE_HEADER_KEY_DERIV_ALGO) - { - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - if (ActiveSysEncDeviceSelected ()) - { - ChangeSysEncPassword (hwndDlg, TRUE); - } - else - { - pwdChangeDlgMode = PCDM_CHANGE_PKCS5_PRF; - ChangePassword (hwndDlg); - } - } - return 1; - } - - if (lw == IDC_WIPE_CACHE || lw == IDM_WIPE_CACHE) - { - WipeCache (hwndDlg, FALSE); - return 1; - } - - if (lw == IDM_CLEAR_HISTORY) - { - ClearHistory (GetDlgItem (hwndDlg, IDC_VOLUME)); - EnableDisableButtons (hwndDlg); - return 1; - } - - if (lw == IDC_CREATE_VOLUME || lw == IDM_CREATE_VOLUME || lw == IDM_VOLUME_WIZARD) - { - LaunchVolCreationWizard (hwndDlg, L""); - return 1; - } - - if (lw == IDM_VOLUME_EXPANDER) - { - LaunchVolExpander (hwndDlg); - return 1; - } - - if (lw == IDM_ADD_REMOVE_VOL_KEYFILES) - { - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - pwdChangeDlgMode = PCDM_ADD_REMOVE_VOL_KEYFILES; - ChangePassword (hwndDlg); - } - return 1; - } - - if (lw == IDM_REMOVE_ALL_KEYFILES_FROM_VOL) - { - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - pwdChangeDlgMode = PCDM_REMOVE_ALL_KEYFILES_FROM_VOL; - ChangePassword (hwndDlg); - } - return 1; - } - - if (lw == IDM_MANAGE_TOKEN_KEYFILES) - { - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_TOKEN_KEYFILES), hwndDlg, (DLGPROC) SecurityTokenKeyfileDlgProc, NULL); - return 1; - } - - if (lw == IDM_CLOSE_ALL_TOKEN_SESSIONS) - { - { - WaitCursor(); - finally_do ({ NormalCursor(); }); - - SecurityToken::CloseAllSessions(); - } - - InfoBalloon (NULL, "ALL_TOKEN_SESSIONS_CLOSED", hwndDlg); - - return 1; - } - - if (lw == IDM_KEYFILE_GENERATOR) - { - DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_KEYFILE_GENERATOR), hwndDlg, - (DLGPROC) KeyfileGeneratorDlgProc, (LPARAM) 0); - - return 1; - } - - if (lw == IDM_DONATE) - { - Applink ("donate", TRUE, ""); - return 1; - } - - if (lw == IDM_LICENSE) - { - TextInfoDialogBox (TC_TBXID_LEGAL_NOTICES); - return 1; - } - - if (lw == IDM_WEBSITE) - { - Applink ("website", TRUE, ""); - return 1; - } - else if (lw == IDM_HOMEPAGE) - { - Applink ("homepage", TRUE, ""); - return 1; - } - else if (lw == IDM_ONLINE_TUTORIAL) - { - Applink ("tutorial", TRUE, ""); - return 1; - } - else if (lw == IDM_ONLINE_HELP) - { - OpenOnlineHelp (); - return 1; - } - else if (lw == IDM_FAQ) - { - Applink ("faq", TRUE, ""); - return 1; - } - else if (lw == IDM_TC_DOWNLOADS) - { - Applink ("downloads", TRUE, ""); - return 1; - } - else if (lw == IDM_NEWS) - { - Applink ("news", TRUE, ""); - return 1; - } - else if (lw == IDM_VERSION_HISTORY) - { - Applink ("history", TRUE, ""); - return 1; - } - else if (lw == IDM_CONTACT) - { - Applink ("contact", FALSE, ""); - return 1; - } - - if (lw == IDM_PREFERENCES) - { - if (IDOK == DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_PREFERENCES_DLG), hwndDlg, - (DLGPROC) PreferencesDlgProc, (LPARAM) 0)) - { - if (bEnableBkgTask) - { - TaskBarIconAdd (hwndDlg); - RegisterWtsNotification(hwndDlg); - } - else - { - TaskBarIconRemove (hwndDlg); - UnregisterWtsNotification(hwndDlg); - if (MainWindowHidden) - EndMainDlg (hwndDlg); - } - } - return 1; - } - - if (lw == IDM_HOTKEY_SETTINGS) - { - DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_HOTKEYS_DLG), hwndDlg, - (DLGPROC) HotkeysDlgProc, (LPARAM) 0); - return 1; - } - - if (lw == IDM_PERFORMANCE_SETTINGS) - { - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_PERFORMANCE_SETTINGS), hwndDlg, (DLGPROC) PerformanceSettingsDlgProc, 0); - return 1; - } - - if (lw == IDM_DEFAULT_KEYFILES) - { - KeyfileDefaultsDlg (hwndDlg); - return 1; - } - - if (lw == IDM_DEFAULT_MOUNT_PARAMETERS) - { - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_DEFAULT_MOUNT_PARAMETERS), hwndDlg, (DLGPROC) DefaultMountParametersDlgProc, 0); - return 1; - } - - if (lw == IDM_ADD_VOLUME_TO_FAVORITES || lw == IDM_ADD_VOLUME_TO_SYSTEM_FAVORITES) - { - LPARAM selectedDrive = GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST)); - - wchar_t volPathLower[TC_MAX_PATH]; - - // volPathLower will contain the volume path (if any) from the input field below the drive list - GetVolumePath (hwndDlg, volPathLower, ARRAYSIZE (volPathLower)); - - if (LOWORD (selectedDrive) != TC_MLIST_ITEM_NONSYS_VOL - && !(VolumeSelected (hwndDlg) && IsMountedVolume (volPathLower))) - { - Warning ("SELECT_A_MOUNTED_VOLUME", hwndDlg); - - return 1; - } - - int driveNo; - - if (VolumeSelected (hwndDlg) - && IsMountedVolume (volPathLower)) - { - TranslateVolumeID (hwndDlg, volPathLower, ARRAYSIZE (volPathLower)); - - if (LOWORD (selectedDrive) != TC_MLIST_ITEM_NONSYS_VOL) - { - driveNo = GetMountedVolumeDriveNo (volPathLower); - } - else - { - /* We need to resolve selection ambiguity. Two different mounted volumes are currently - selected (one in the drive letter list and the other in the input field below the list). */ - - VOLUME_PROPERTIES_STRUCT prop; - DWORD dwResult; - - memset (&prop, 0, sizeof(prop)); - prop.driveNo = HIWORD (selectedDrive) - L'A'; - - if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &dwResult, NULL) || dwResult == 0) - { - Warning ("SELECT_A_MOUNTED_VOLUME", hwndDlg); - return 1; - } - - // volPathHigher will contain the volume path selected in the main drive list - wstring volPathHigher (prop.wszVolume); - - if (wcscmp (((wmemcmp (prop.wszVolume, L"\\??\\", 4) == 0) ? (wchar_t *) prop.wszVolume + 4 : prop.wszVolume), volPathLower) != 0) - { - // The path selected in the input field is different from the path to the volume selected - // in the drive lettter list. We have to resolve possible ambiguity. - - wchar_t *tmp[] = {L"", L"", L"", L"", L"", 0}; - const int maxVolPathLen = 80; - - if (volPathHigher.length () > maxVolPathLen) - { - volPathHigher = wstring (L"...") + volPathHigher.substr (volPathHigher.length () - maxVolPathLen, maxVolPathLen); - } - - wstring volPathLowerWStr (volPathLower); - - if (volPathLowerWStr.length () > maxVolPathLen) - { - volPathLowerWStr = wstring (L"...") + volPathLowerWStr.substr (volPathLowerWStr.length () - maxVolPathLen, maxVolPathLen); - } - - tmp[1] = GetString ("AMBIGUOUS_VOL_SELECTION"); - tmp[2] = (wchar_t *) volPathHigher.c_str(); - tmp[3] = (wchar_t *) volPathLowerWStr.c_str(); - tmp[4] = GetString ("IDCANCEL"); - - switch (AskMultiChoice ((void **) tmp, FALSE, hwndDlg)) - { - case 1: - driveNo = HIWORD (selectedDrive) - L'A'; - break; - - case 2: - driveNo = GetMountedVolumeDriveNo (volPathLower); - break; - - default: - return 1; - } - } - else - { - driveNo = HIWORD (selectedDrive) - L'A'; - } - } - } - else - { - driveNo = HIWORD (selectedDrive) - L'A'; - } - - AddMountedVolumeToFavorites (hwndDlg, driveNo, lw == IDM_ADD_VOLUME_TO_SYSTEM_FAVORITES); - - return 1; - } - - if (lw == IDM_ORGANIZE_FAVORITES || lw == IDM_ORGANIZE_SYSTEM_FAVORITES) - { - OrganizeFavoriteVolumes (hwndDlg, lw == IDM_ORGANIZE_SYSTEM_FAVORITES); - return 1; - } - - if (lw == IDM_TOKEN_PREFERENCES) - { - SecurityTokenPreferencesDialog (hwndDlg); - return 1; - } - - if (lw == IDM_SYSENC_SETTINGS || lw == IDM_SYS_ENC_SETTINGS) - { - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_SETTINGS), hwndDlg, (DLGPROC) BootLoaderPreferencesDlgProc, 0); - return 1; - } - - if (lw == IDM_SYS_FAVORITES_SETTINGS) - { - OrganizeFavoriteVolumes (hwndDlg, true); - return 1; - } - - if (lw == IDM_BENCHMARK) - { - Benchmark (hwndDlg); - return 1; - } - - if (lw == IDM_TRAVELER) - { - DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_TRAVELER_DLG), hwndDlg, - (DLGPROC) TravelerDlgProc, (LPARAM) 0); - return 1; - } - - if (lw == IDM_BACKUP_VOL_HEADER) - { - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - wchar_t volPath[TC_MAX_PATH]; /* Volume to mount */ - - GetVolumePath (hwndDlg, volPath, ARRAYSIZE (volPath)); - - WaitCursor (); - - int iStatus = 0; - BackupHeaderThreadParam threadParam; - threadParam.bRequireConfirmation = TRUE; - threadParam.lpszVolume = volPath; - threadParam.cchVolume = ARRAYSIZE (volPath); - threadParam.iResult = &iStatus; - - ShowWaitDialog (hwndDlg, TRUE, BackupHeaderWaitThreadProc, &threadParam); - - NormalCursor (); - } - return 1; - } - - if (lw == IDM_RESTORE_VOL_HEADER) - { - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else - { - wchar_t volPath[TC_MAX_PATH]; /* Volume to mount */ - - GetVolumePath (hwndDlg, volPath, ARRAYSIZE (volPath)); - - WaitCursor (); - - int iStatus = 0; - RestoreHeaderThreadParam threadParam; - threadParam.lpszVolume = volPath; - threadParam.cchVolume = ARRAYSIZE (volPath); - threadParam.iResult = &iStatus; - - ShowWaitDialog(hwndDlg, TRUE, RestoreHeaderWaitThreadProc, &threadParam); - - NormalCursor (); - } - return 1; - } - - if (lw == IDM_LANGUAGE) - { - BOOL p; - if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_LANGUAGE), hwndDlg, - (DLGPROC) LanguageDlgProc, (LPARAM) 0) == IDOK) - { - LoadLanguageFile (); - SaveSettings (hwndDlg); - - p = LocalizationActive; - LocalizationActive = TRUE; - InitMainDialog (hwndDlg); - InvalidateRect (hwndDlg, NULL, FALSE); - LocalizationActive = p; - DrawMenuBar (hwndDlg); - } - return 1; - } - - if (lw == IDM_TEST_VECTORS) - { - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_CIPHER_TEST_DLG), hwndDlg, (DLGPROC) CipherTestDialogProc, (LPARAM) 1); - return 1; - } - - if (lw == IDM_REFRESH_DRIVE_LETTERS) - { - DWORD driveMap = GetUsedLogicalDrives (); - - WaitCursor (); - - if (!(nCurrentOS == WIN_2000 && RemoteSession)) - { - BroadcastDeviceChange (DBT_DEVICEREMOVECOMPLETE, 0, ~driveMap); - Sleep (100); - BroadcastDeviceChange (DBT_DEVICEARRIVAL, 0, driveMap); - } - - LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), 0); - - if (nSelectedDriveIndex >= 0) - { - SelectItem (GetDlgItem (hwndDlg, IDC_DRIVELIST), - (wchar_t) HIWORD (GetItemLong (GetDlgItem (hwndDlg, IDC_DRIVELIST), nSelectedDriveIndex))); - } - - NormalCursor (); - return 1; - } - - if (lw == IDM_MOUNT_FAVORITE_VOLUMES) - { - _beginthread(mountFavoriteVolumeThreadFunction, 0, NULL); - return 1; - } - - if (lw == IDM_RESUME_INTERRUPTED_PROC) - { - // Ask the user to select encryption, decryption, or cancel - BOOL bDecrypt = FALSE; - char *tmpStr[] = {0, - "CHOOSE_ENCRYPT_OR_DECRYPT", - "ENCRYPT", - "DECRYPT", - "IDCANCEL", - 0}; - - switch (AskMultiChoice ((void **) tmpStr, FALSE, hwndDlg)) - { - case 1: - bDecrypt = FALSE; - break; - case 2: - bDecrypt = TRUE; - break; - default: - return 1; - } - ResumeInterruptedNonSysInplaceEncProcess (bDecrypt); - return 1; - } - - if (lw == IDC_VOLUME_PROPERTIES || lw == IDM_VOLUME_PROPERTIES) - { - DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_VOLUME_PROPERTIES), hwndDlg, - (DLGPROC) VolumePropertiesDlgProc, (LPARAM) 0); - return 1; - } - - if (lw == IDC_VOLUME && hw == CBN_EDITCHANGE) - { - EnableDisableButtons (hwndDlg); - return 1; - } - - if (lw == IDC_VOLUME && hw == CBN_SELCHANGE) - { - UpdateComboOrder (GetDlgItem (hwndDlg, IDC_VOLUME)); - MoveEditToCombo ((HWND) lParam, bHistory); - PostMessage (hwndDlg, TC_APPMSG_MOUNT_ENABLE_DISABLE_CONTROLS, 0, 0); - return 1; - } - - if (lw == IDC_NO_HISTORY) - { - if (!(bHistory = !IsButtonChecked (GetDlgItem (hwndDlg, IDC_NO_HISTORY)))) - ClearHistory (GetDlgItem (hwndDlg, IDC_VOLUME)); - - return 1; - } - - if (lw >= TC_FAVORITE_MENU_CMD_ID_OFFSET && lw < TC_FAVORITE_MENU_CMD_ID_OFFSET_END) - { - size_t favoriteIndex = lw - TC_FAVORITE_MENU_CMD_ID_OFFSET; - - if (favoriteIndex < FavoriteVolumes.size()) - { - if ((FavoriteVolumes[favoriteIndex].UseVolumeID && IsMountedVolumeID (FavoriteVolumes[favoriteIndex].VolumeID)) - || (!FavoriteVolumes[favoriteIndex].UseVolumeID && IsMountedVolume (FavoriteVolumes[favoriteIndex].Path.c_str())) - ) - { - std::wstring volName; - WaitCursor(); - if (FavoriteVolumes[favoriteIndex].UseVolumeID) - volName = FindDeviceByVolumeID (FavoriteVolumes[favoriteIndex].VolumeID); - else - volName = FavoriteVolumes[favoriteIndex].Path; - OpenVolumeExplorerWindow (GetMountedVolumeDriveNo ((wchar_t*) FavoriteVolumes[favoriteIndex].Path.c_str())); - NormalCursor(); - } - else - { - mountFavoriteVolumeThreadParam* pParam = (mountFavoriteVolumeThreadParam*) calloc(1, sizeof(mountFavoriteVolumeThreadParam)); - pParam->systemFavorites = FALSE; - pParam->logOnMount = FALSE; - pParam->hotKeyMount = FALSE; - pParam->favoriteVolumeToMount = &FavoriteVolumes[favoriteIndex]; - - _beginthread(mountFavoriteVolumeThreadFunction, 0, pParam); - } - } - - return 1; - } - - return 0; - - case WM_DROPFILES: - { - HDROP hdrop = (HDROP) wParam; - DragQueryFile (hdrop, 0, szFileName, ARRAYSIZE (szFileName)); - DragFinish (hdrop); - - AddComboItem (GetDlgItem (hwndDlg, IDC_VOLUME), szFileName, bHistory); - EnableDisableButtons (hwndDlg); - SetFocus (GetDlgItem (hwndDlg, IDC_DRIVELIST)); - } - return 1; - - case TC_APPMSG_MOUNT_ENABLE_DISABLE_CONTROLS: - EnableDisableButtons (hwndDlg); - return 1; - - case TC_APPMSG_MOUNT_SHOW_WINDOW: - MainWindowHidden = FALSE; - ShowWindow (hwndDlg, SW_SHOW); - ShowWindow (hwndDlg, SW_RESTORE); - return 1; - - case WM_COPYDATA: - { - PCOPYDATASTRUCT cd = (PCOPYDATASTRUCT)lParam; - if (memcmp (&cd->dwData, WM_COPY_SET_VOLUME_NAME, 4) == 0) - { - if (cd->cbData > 0) - { - ((wchar_t *) cd->lpData)[(cd->cbData / sizeof (wchar_t)) - 1] = 0; - AddComboItem (GetDlgItem (hwndDlg, IDC_VOLUME), (wchar_t *)cd->lpData, bHistory); - } - - EnableDisableButtons (hwndDlg); - SetFocus (GetDlgItem (hwndDlg, IDC_DRIVELIST)); - } - } - return 1; - - case WM_CLOSE: - EndMainDlg (hwndDlg); - return 1; - - case WM_INITMENUPOPUP: - { - // disable "Set Header Key Derivation Algorithm" entry in "Volumes" menu - // "Volumes" menu is the first (index 0) submenu of the main menu - if ((HMENU) wParam == GetSubMenu (GetMenu (hwndDlg), 0)) - { - if (ActiveSysEncDeviceSelected ()) - EnableMenuItem (GetMenu (hwndDlg), IDM_CHANGE_HEADER_KEY_DERIV_ALGO, MF_GRAYED); - else - EnableMenuItem (GetMenu (hwndDlg), IDM_CHANGE_HEADER_KEY_DERIV_ALGO, MF_ENABLED); - } - } - return 1; - - default: - // Recreate tray icon if Explorer restarted - if (taskBarCreatedMsg != 0 && uMsg == taskBarCreatedMsg && TaskBarIconMutex != NULL) - { - TaskBarIconRemove (hwndDlg); - TaskBarIconAdd (hwndDlg); - CheckMountList(hwndDlg, TRUE); - return 1; - } - } - - return 0; -} - -void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine) -{ - wchar_t **lpszCommandLineArgs = NULL; /* Array of command line arguments */ - int nNoCommandLineArgs; /* The number of arguments in the array */ - wchar_t tmpPath[MAX_PATH * 2]; - - /* Defaults */ - mountOptions.PreserveTimestamp = TRUE; - - if (_wcsicmp (lpszCommandLine, L"-Embedding") == 0) - { - ComServerMode = TRUE; - return; - } - - /* Extract command line arguments */ - NoCmdLineArgs = nNoCommandLineArgs = Win32CommandLine (&lpszCommandLineArgs); - - if (nNoCommandLineArgs > 0) - { - int i; - - for (i = 0; i < nNoCommandLineArgs; i++) - { - enum - { - OptionAuto, - OptionBeep, - OptionCache, - CommandDismount, - OptionExplore, - OptionForce, - CommandHelp, - OptionHistory, - OptionKeyfile, - OptionLetter, - OptionMountOption, - OptionPassword, - OptionQuit, - OptionSilent, - OptionTokenLib, - OptionTokenPin, - OptionVolume, - CommandWipeCache, - OptionPkcs5, - OptionTrueCryptMode, - OptionPim, - OptionTryEmptyPassword, - OptionNoWaitDlg, - }; - - argument args[]= - { - { OptionAuto, L"/auto", L"/a", FALSE }, - { OptionBeep, L"/beep", L"/b", FALSE }, - { OptionCache, L"/cache", L"/c", FALSE }, - { CommandDismount, L"/dismount", L"/d", FALSE }, - { OptionExplore, L"/explore", L"/e", FALSE }, - { OptionForce, L"/force", L"/f", FALSE }, - { OptionPkcs5, L"/hash", NULL , FALSE }, - { CommandHelp, L"/help", L"/?", FALSE }, - { OptionHistory, L"/history", L"/h", FALSE }, - { OptionKeyfile, L"/keyfile", L"/k", FALSE }, - { OptionLetter, L"/letter", L"/l", FALSE }, - { OptionMountOption, L"/mountoption", L"/m", FALSE }, - { OptionPassword, L"/password", L"/p", FALSE }, - { OptionPim, L"/pim", NULL, FALSE }, - { OptionQuit, L"/quit", L"/q", FALSE }, - { OptionSilent, L"/silent", L"/s", FALSE }, - { OptionTokenLib, L"/tokenlib", NULL, FALSE }, - { OptionTokenPin, L"/tokenpin", NULL, FALSE }, - { OptionTrueCryptMode, L"/truecrypt", L"/tc", FALSE }, - { OptionVolume, L"/volume", L"/v", FALSE }, - { CommandWipeCache, L"/wipecache", L"/w", FALSE }, - { OptionTryEmptyPassword, L"/tryemptypass", NULL, FALSE }, - { OptionNoWaitDlg, L"/nowaitdlg", NULL, FALSE }, - }; - - argumentspec as; - - as.args = args; - as.arg_cnt = sizeof(args)/ sizeof(args[0]); - - switch (GetArgumentID (&as, lpszCommandLineArgs[i])) - { - case OptionAuto: - { - wchar_t szTmp[32] = {0}; - bAuto = TRUE; - - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, - &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) - { - if (!_wcsicmp (szTmp, L"devices")) - bAutoMountDevices = TRUE; - else if (!_wcsicmp (szTmp, L"favorites")) - bAutoMountFavorites = TRUE; - else if (!_wcsicmp (szTmp, L"logon")) - LogOn = TRUE; - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - } - break; - - case OptionBeep: - bBeep = TRUE; - break; - - case OptionTryEmptyPassword: - { - wchar_t szTmp[16] = {0}; - bCmdTryEmptyPasswordWhenKeyfileUsed = TRUE; - bCmdTryEmptyPasswordWhenKeyfileUsedValid = TRUE; - - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, - szTmp, ARRAYSIZE (szTmp))) - { - if (!_wcsicmp(szTmp,L"n") || !_wcsicmp(szTmp,L"no")) - bCmdTryEmptyPasswordWhenKeyfileUsed = FALSE; - else if (!_wcsicmp(szTmp,L"y") || !_wcsicmp(szTmp,L"yes")) - bCmdTryEmptyPasswordWhenKeyfileUsed = TRUE; - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - } - break; - - case OptionNoWaitDlg: - { - wchar_t szTmp[16] = {0}; - bCmdHideWaitingDialog = TRUE; - bCmdHideWaitingDialogValid = TRUE; - - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, - szTmp, ARRAYSIZE (szTmp))) - { - if (!_wcsicmp(szTmp,L"n") || !_wcsicmp(szTmp,L"no")) - bCmdHideWaitingDialog = FALSE; - else if (!_wcsicmp(szTmp,L"y") || !_wcsicmp(szTmp,L"yes")) - bCmdHideWaitingDialog = TRUE; - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - } - break; - - case OptionCache: - { - wchar_t szTmp[16] = {0}; - bCacheInDriver = TRUE; - bIncludePimInCache = FALSE; - - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, - szTmp, ARRAYSIZE (szTmp))) - { - if (!_wcsicmp(szTmp,L"n") || !_wcsicmp(szTmp,L"no")) - bCacheInDriver = FALSE; - else if (!_wcsicmp(szTmp,L"y") || !_wcsicmp(szTmp,L"yes")) - bCacheInDriver = TRUE; - else if (!_wcsicmp(szTmp,L"p") || !_wcsicmp(szTmp,L"pim")) - { - bCacheInDriver = TRUE; - bIncludePimInCache = TRUE; - } - else if (!_wcsicmp(szTmp,L"f") || !_wcsicmp(szTmp,L"favorites")) - { - bCacheInDriver = FALSE; - bCmdCacheDuringMultipleMount = TRUE; - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - } - break; - - case CommandDismount: - - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, - szDriveLetter, ARRAYSIZE (szDriveLetter))) - { - if ( (wcslen(szDriveLetter) == 1) - || (wcslen(szDriveLetter) == 2 && szDriveLetter[1] == L':') - ) - { - cmdUnmountDrive = towupper(szDriveLetter[0]) - L'A'; - if ((cmdUnmountDrive < 0) || (cmdUnmountDrive > (L'Z' - L'A'))) - AbortProcess ("BAD_DRIVE_LETTER"); - } - else - AbortProcess ("BAD_DRIVE_LETTER"); - - } - else - cmdUnmountDrive = -1; - - break; - - case OptionExplore: - bExplore = TRUE; - break; - - case OptionForce: - bForceMount = TRUE; - bForceUnmount = TRUE; - break; - - case OptionKeyfile: - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, - nNoCommandLineArgs, tmpPath, ARRAYSIZE (tmpPath))) - { - KeyFile *kf; - RelativePath2Absolute (tmpPath); - kf = (KeyFile *) malloc (sizeof (KeyFile)); - if (kf) - { - StringCchCopyW (kf->FileName, ARRAYSIZE(kf->FileName), tmpPath); - FirstCmdKeyFile = KeyFileAdd (FirstCmdKeyFile, kf); - } - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - - break; - - case OptionLetter: - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, - szDriveLetter, ARRAYSIZE (szDriveLetter))) - { - if ( (wcslen(szDriveLetter) == 1) - || (wcslen(szDriveLetter) == 2 && szDriveLetter[1] == L':') - ) - { - commandLineDrive = *szDriveLetter = (wchar_t) towupper (*szDriveLetter); - - if (commandLineDrive < L'A' || commandLineDrive > L'Z') - AbortProcess ("BAD_DRIVE_LETTER"); - } - else - AbortProcess ("BAD_DRIVE_LETTER"); - } - else - AbortProcess ("BAD_DRIVE_LETTER"); - - break; - - case OptionHistory: - { - wchar_t szTmp[8] = {0}; - bHistory = bHistoryCmdLine = TRUE; - - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, - szTmp, ARRAYSIZE (szTmp))) - { - if (!_wcsicmp(szTmp,L"n") || !_wcsicmp(szTmp,L"no")) - bHistory = FALSE; - else if (!_wcsicmp(szTmp,L"y") || !_wcsicmp(szTmp,L"yes")) - bHistory = TRUE; - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - } - break; - - case OptionMountOption: - { - wchar_t szTmp[64] = {0}; - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, - &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) - { - if (!_wcsicmp (szTmp, L"ro") || !_wcsicmp (szTmp, L"readonly")) - mountOptions.ReadOnly = TRUE; - - else if (!_wcsicmp (szTmp, L"rm") || !_wcsicmp (szTmp, L"removable")) - mountOptions.Removable = TRUE; - - else if (!_wcsicmp (szTmp, L"ts") || !_wcsicmp (szTmp, L"timestamp")) - mountOptions.PreserveTimestamp = FALSE; - - else if (!_wcsicmp (szTmp, L"sm") || !_wcsicmp (szTmp, L"system")) - mountOptions.PartitionInInactiveSysEncScope = bPrebootPasswordDlgMode = TRUE; - - else if (!_wcsicmp (szTmp, L"bk") || !_wcsicmp (szTmp, L"headerbak")) - mountOptions.UseBackupHeader = TRUE; - - else if (!_wcsicmp (szTmp, L"recovery")) - mountOptions.RecoveryMode = TRUE; - else if ((wcslen(szTmp) > 6) && (wcslen(szTmp) <= 38) && !_wcsnicmp (szTmp, L"label=", 6)) - { - // get the label - StringCbCopyW (mountOptions.Label, sizeof (mountOptions.Label), &szTmp[6]); - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - - CmdMountOptions = mountOptions; - CmdMountOptionsValid = TRUE; - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - break; - - case OptionPassword: - { - wchar_t szTmp[MAX_PASSWORD + 1]; - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, - szTmp, ARRAYSIZE (szTmp))) - { - int iLen = WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, (char*) CmdVolumePassword.Text, MAX_PASSWORD + 1, NULL, NULL); - burn (szTmp, sizeof (szTmp)); - if (iLen > 0) - { - CmdVolumePassword.Length = (unsigned __int32) (iLen - 1); - CmdVolumePasswordValid = TRUE; - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - break; - - case OptionVolume: - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, - nNoCommandLineArgs, szFileName, ARRAYSIZE (szFileName))) - { - RelativePath2Absolute (szFileName); - AddComboItem (GetDlgItem (hwndDlg, IDC_VOLUME), szFileName, bHistory); - CmdLineVolumeSpecified = TRUE; - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - break; - - case OptionQuit: - { - wchar_t szTmp[32] = {0}; - - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, - &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) - { - if (!_wcsicmp (szTmp, L"UAC")) // Used to indicate non-install elevation - break; - - else if (!_wcsicmp (szTmp, L"preferences")) - { - Quit = TRUE; - UsePreferences = TRUE; - break; - } - - else if (!_wcsicmp (szTmp, L"background")) - bEnableBkgTask = TRUE; - - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - - Quit = TRUE; - UsePreferences = FALSE; - } - break; - - case OptionSilent: - Silent = TRUE; - break; - - case OptionTokenLib: - if (GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, SecurityTokenLibraryPath, ARRAYSIZE (SecurityTokenLibraryPath)) == HAS_ARGUMENT) - InitSecurityTokenLibrary(hwndDlg); - else - AbortProcess ("COMMAND_LINE_ERROR"); - - break; - - case OptionTokenPin: - { - wchar_t szTmp[SecurityToken::MaxPasswordLength + 1] = {0}; - if (GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp)) == HAS_ARGUMENT) - { - if (0 == WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, CmdTokenPin, array_capacity (CmdTokenPin), nullptr, nullptr)) - AbortProcess ("COMMAND_LINE_ERROR"); - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - - break; - - case CommandWipeCache: - bWipe = TRUE; - break; - - case CommandHelp: - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_COMMANDHELP_DLG), hwndDlg, (DLGPROC) - CommandHelpDlgProc, (LPARAM) &as); - exit(0); - break; - - case OptionPkcs5: - { - wchar_t szTmp[32] = {0}; - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, - &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) - { - if (_wcsicmp(szTmp, L"sha512") == 0 || _wcsicmp(szTmp, L"sha-512") == 0) - CmdVolumePkcs5 = SHA512; - else if (_wcsicmp(szTmp, L"whirlpool") == 0) - CmdVolumePkcs5 = WHIRLPOOL; - else if (_wcsicmp(szTmp, L"sha256") == 0 || _wcsicmp(szTmp, L"sha-256") == 0) - CmdVolumePkcs5 = SHA256; - else if (_wcsicmp(szTmp, L"ripemd160") == 0 || _wcsicmp(szTmp, L"ripemd-160") == 0) - CmdVolumePkcs5 = RIPEMD160; - else - { - CmdVolumePkcs5 = 0; - AbortProcess ("COMMAND_LINE_ERROR"); - } - - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - break; - - case OptionPim: - { - wchar_t szTmp[32] = {0}; - if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, - &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) - { - wchar_t* endPtr = NULL; - CmdVolumePim = (int) wcstol(szTmp, &endPtr, 0); - if (CmdVolumePim < 0 || CmdVolumePim > MAX_PIM_VALUE || endPtr == szTmp || *endPtr != L'\0') - { - CmdVolumePim = 0; - AbortProcess ("COMMAND_LINE_ERROR"); - } - - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - break; - - case OptionTrueCryptMode: - CmdVolumeTrueCryptMode = TRUE; - break; - - // no option = file name if there is only one argument - default: - { - if (nNoCommandLineArgs == 1) - { - StringCbCopyW (szFileName, array_capacity (szFileName), lpszCommandLineArgs[i]); - RelativePath2Absolute (szFileName); - - CmdLineVolumeSpecified = TRUE; - AddComboItem (GetDlgItem (hwndDlg, IDC_VOLUME), szFileName, bHistory); - } - else - AbortProcess ("COMMAND_LINE_ERROR"); - } - } - } - } - - /* Free up the command line arguments */ - while (--nNoCommandLineArgs >= 0) - { - free (lpszCommandLineArgs[nNoCommandLineArgs]); - } - - if (lpszCommandLineArgs) - free (lpszCommandLineArgs); -} - - -static SERVICE_STATUS SystemFavoritesServiceStatus; -static SERVICE_STATUS_HANDLE SystemFavoritesServiceStatusHandle; - -static void SystemFavoritesServiceLogMessage (const wstring &errorMessage, WORD wType) -{ - HANDLE eventSource = RegisterEventSource (NULL, TC_SYSTEM_FAVORITES_SERVICE_NAME); - - if (eventSource) - { - LPCTSTR strings[] = { TC_SYSTEM_FAVORITES_SERVICE_NAME, errorMessage.c_str() }; - ReportEvent (eventSource, wType, 0, 0xC0000000 + wType, NULL, array_capacity (strings), 0, strings, NULL); - - DeregisterEventSource (eventSource); - } -} - -static void SystemFavoritesServiceLogError (const wstring &errorMessage) -{ - SystemFavoritesServiceLogMessage (errorMessage, EVENTLOG_ERROR_TYPE); -} - -static void SystemFavoritesServiceLogWarning (const wstring &warningMessage) -{ - SystemFavoritesServiceLogMessage (warningMessage, EVENTLOG_WARNING_TYPE); -} - -static void SystemFavoritesServiceLogInfo (const wstring &infoMessage) -{ - SystemFavoritesServiceLogMessage (infoMessage, EVENTLOG_INFORMATION_TYPE); -} - - -static void SystemFavoritesServiceSetStatus (DWORD status, DWORD waitHint = 0) -{ - SystemFavoritesServiceStatus.dwCurrentState = status; - SystemFavoritesServiceStatus.dwWaitHint = waitHint; - SystemFavoritesServiceStatus.dwWin32ExitCode = NO_ERROR; - - SetServiceStatus (SystemFavoritesServiceStatusHandle, &SystemFavoritesServiceStatus); -} - - -static VOID WINAPI SystemFavoritesServiceCtrlHandler (DWORD control) -{ - if (control == SERVICE_CONTROL_STOP) - SystemFavoritesServiceSetStatus (SERVICE_STOP_PENDING); - else - SystemFavoritesServiceSetStatus (SystemFavoritesServiceStatus.dwCurrentState); -} - - -static VOID WINAPI SystemFavoritesServiceMain (DWORD argc, LPTSTR *argv) -{ - BOOL status = FALSE; - memset (&SystemFavoritesServiceStatus, 0, sizeof (SystemFavoritesServiceStatus)); - SystemFavoritesServiceStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS; - - SystemFavoritesServiceStatusHandle = RegisterServiceCtrlHandler (TC_SYSTEM_FAVORITES_SERVICE_NAME, SystemFavoritesServiceCtrlHandler); - if (!SystemFavoritesServiceStatusHandle) - return; - - SystemFavoritesServiceSetStatus (SERVICE_START_PENDING, 120000); - - SystemFavoritesServiceLogInfo (wstring (L"Starting System Favorites mounting process")); - - try - { - status = MountFavoriteVolumes (NULL, TRUE); - } - catch (...) { } - - if (status) - { - SystemFavoritesServiceLogInfo (wstring (L"System Favorites mounting process finished")); - } - else - { - SystemFavoritesServiceLogError (wstring (L"System Favorites mounting process failed.")); - } - - SystemFavoritesServiceSetStatus (SERVICE_RUNNING); - SystemFavoritesServiceSetStatus (SERVICE_STOPPED); -} - - -static BOOL StartSystemFavoritesService () -{ - ServiceMode = TRUE; - Silent = TRUE; - DeviceChangeBroadcastDisabled = TRUE; - bShowDisconnectedNetworkDrives = TRUE; - bHideWaitingDialog = TRUE; - - InitOSVersionInfo(); - - if (DriverAttach() != ERR_SUCCESS) - return FALSE; - - SERVICE_TABLE_ENTRY serviceTable[2]; - serviceTable[0].lpServiceName = TC_SYSTEM_FAVORITES_SERVICE_NAME; - serviceTable[0].lpServiceProc = SystemFavoritesServiceMain; - - serviceTable[1].lpServiceName = NULL; - serviceTable[1].lpServiceProc = NULL; - - BOOL result = StartServiceCtrlDispatcher (serviceTable); - - if (!(ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD)) - WipeCache (NULL, TRUE); - - return result; -} - -#ifndef VCEXPANDER -int WINAPI wWinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, wchar_t *lpszCommandLine, int nCmdShow) -{ - int argc; - LPWSTR *argv = CommandLineToArgvW (GetCommandLineW(), &argc); - - if (argv && argc == 2 && wstring (TC_SYSTEM_FAVORITES_SERVICE_CMDLINE_OPTION) == argv[1]) - return StartSystemFavoritesService() ? 0 : 1; - - int status; - atexit (localcleanup); - SetProcessShutdownParameters (0x100, 0); - - VirtualLock (&VolumePassword, sizeof (VolumePassword)); - VirtualLock (&CmdVolumePassword, sizeof (CmdVolumePassword)); - VirtualLock (&mountOptions, sizeof (mountOptions)); - VirtualLock (&defaultMountOptions, sizeof (defaultMountOptions)); - VirtualLock (&szFileName, sizeof(szFileName)); - VirtualLock (&CmdTokenPin, sizeof (CmdTokenPin)); - - DetectX86Features (); - - try - { - BootEncObj = new BootEncryption (NULL); - } - catch (Exception &e) - { - e.Show (NULL); - } - - if (BootEncObj == NULL) - AbortProcess ("INIT_SYS_ENC"); - - InitApp (hInstance, lpszCommandLine); - - RegisterRedTick(hInstance); - - /* Allocate, dup, then store away the application title */ - lpszTitle = L"VeraCrypt"; - - status = DriverAttach (); - if (status != 0) - { - if (status == ERR_OS_ERROR) - handleWin32Error (NULL, SRC_POS); - else - handleError (NULL, status, SRC_POS); - - AbortProcess ("NODRIVER"); - } - - /* Create the main dialog box */ - DialogBoxParamW (hInstance, MAKEINTRESOURCEW (IDD_MOUNT_DLG), NULL, (DLGPROC) MainDialogProc, - (LPARAM) lpszCommandLine); - - FinalizeApp (); - /* Terminate */ - return 0; -} -#endif - - -BOOL TaskBarIconAdd (HWND hwnd) -{ - NOTIFYICONDATAW tnid; - - ZeroMemory (&tnid, sizeof (tnid)); - - // Only one icon may be created - if (TaskBarIconMutex != NULL) return TRUE; - - TaskBarIconMutex = CreateMutex (NULL, TRUE, L"VeraCryptTaskBarIcon"); - if (TaskBarIconMutex == NULL || GetLastError () == ERROR_ALREADY_EXISTS) - { - if (TaskBarIconMutex != NULL) - { - CloseHandle(TaskBarIconMutex); - TaskBarIconMutex = NULL; - } - return FALSE; - } - - tnid.cbSize = sizeof (NOTIFYICONDATAW); - tnid.hWnd = hwnd; - tnid.uID = IDI_TRUECRYPT_ICON; - tnid.uFlags = NIF_MESSAGE | NIF_ICON | NIF_TIP; - tnid.uCallbackMessage = TC_APPMSG_TASKBAR_ICON; - tnid.hIcon = (HICON) LoadImage (hInst, MAKEINTRESOURCE (IDI_TRUECRYPT_ICON), - IMAGE_ICON, - ScreenDPI >= 120 ? 0 : 16, - ScreenDPI >= 120 ? 0 : 16, - (ScreenDPI >= 120 ? LR_DEFAULTSIZE : 0) - | LR_SHARED - | (nCurrentOS != WIN_2000 ? LR_DEFAULTCOLOR : LR_VGACOLOR)); // Windows 2000 cannot display more than 16 fixed colors in notification tray - - StringCbCopyW (tnid.szTip, sizeof(tnid.szTip), L"VeraCrypt"); - - return Shell_NotifyIconW (NIM_ADD, &tnid); -} - - -BOOL TaskBarIconRemove (HWND hwnd) -{ - if (TaskBarIconMutex != NULL) - { - NOTIFYICONDATA tnid; - BOOL res; - - ZeroMemory (&tnid, sizeof (tnid)); - tnid.cbSize = sizeof(NOTIFYICONDATA); - tnid.hWnd = hwnd; - tnid.uID = IDI_TRUECRYPT_ICON; - - res = Shell_NotifyIcon (NIM_DELETE, &tnid); - if (TaskBarIconMutex) - { - CloseHandle (TaskBarIconMutex); - TaskBarIconMutex = NULL; - } - return res; - } - else - return FALSE; -} - - -BOOL TaskBarIconChange (HWND hwnd, int iconId) -{ - if (TaskBarIconMutex == NULL) - return FALSE; - - NOTIFYICONDATA tnid; - - ZeroMemory (&tnid, sizeof (tnid)); - - tnid.cbSize = sizeof (tnid); - tnid.hWnd = hwnd; - tnid.uID = IDI_TRUECRYPT_ICON; - tnid.uFlags = NIF_ICON; - tnid.hIcon = (HICON) LoadImage (hInst, MAKEINTRESOURCE (iconId), - IMAGE_ICON, - ScreenDPI >= 120 ? 0 : 16, - ScreenDPI >= 120 ? 0 : 16, - (ScreenDPI >= 120 ? LR_DEFAULTSIZE : 0) - | LR_SHARED - | (nCurrentOS != WIN_2000 ? LR_DEFAULTCOLOR : LR_VGACOLOR)); // Windows 2000 cannot display more than 16 fixed colors in notification tray - - return Shell_NotifyIcon (NIM_MODIFY, &tnid); -} - - -void DismountIdleVolumes () -{ - static DWORD lastMinTickCount; - static int InactivityTime[26]; - static unsigned __int64 LastRead[26], LastWritten[26]; - static int LastId[26]; - - VOLUME_PROPERTIES_STRUCT prop; - DWORD dwResult; - BOOL bResult; - int i; - - if (GetTickCount() > lastMinTickCount && GetTickCount() - lastMinTickCount < 60 * 1000) - return; - - lastMinTickCount = GetTickCount(); - - for (i = 0; i < 26; i++) - { - if (LastKnownMountList.ulMountedDrives & (1 << i)) - { - memset (&prop, 0, sizeof(prop)); - prop.driveNo = i; - - bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, - sizeof (prop), &prop, sizeof (prop), &dwResult, NULL); - - if ( bResult - && ( (prop.driveNo == i) && prop.uniqueId >= 0 - && prop.ea >= EAGetFirst() && prop.ea <= EAGetCount() - && prop.mode >= FIRST_MODE_OF_OPERATION_ID && prop.mode <= LAST_MODE_OF_OPERATION - && prop.pkcs5 >= FIRST_PRF_ID && prop.pkcs5 <= LAST_PRF_ID - && prop.pkcs5Iterations > 0 - && prop.hiddenVolProtection >= 0 && prop.volFormatVersion >= 0 - && prop.volumePim >= 0 - ) - ) - { - if (LastRead[i] == prop.totalBytesRead - && LastWritten[i] == prop.totalBytesWritten - && LastId[i] == prop.uniqueId) - { - if (++InactivityTime[i] >= MaxVolumeIdleTime) - { - BroadcastDeviceChange (DBT_DEVICEREMOVEPENDING, i, 0); - - if (bCloseDismountedWindows && CloseVolumeExplorerWindows (MainDlg, i)) - Sleep (250); - - if (DriverUnmountVolume (MainDlg, i, bForceAutoDismount) == 0) - { - InactivityTime[i] = 0; - BroadcastDeviceChange (DBT_DEVICEREMOVECOMPLETE, i, 0); - - if (bWipeCacheOnAutoDismount) - { - DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); - SecurityToken::CloseAllSessions(); - } - } - } - } - else - { - InactivityTime[i] = 0; - LastRead[i] = prop.totalBytesRead; - LastWritten[i] = prop.totalBytesWritten; - LastId[i] = prop.uniqueId; - } - } - } - } -} - -static BOOL MountFavoriteVolumeBase (HWND hwnd, const FavoriteVolume &favorite, BOOL& lastbExplore, BOOL& userForcedReadOnly, BOOL systemFavorites, BOOL logOnMount, BOOL hotKeyMount, const FavoriteVolume &favoriteVolumeToMount) -{ - BOOL status = TRUE; - int drive; - std::wstring effectiveVolumePath; - drive = towupper (favorite.MountPoint[0]) - L'A'; - - if ((drive < MIN_MOUNTED_VOLUME_DRIVE_NUMBER) || (drive > MAX_MOUNTED_VOLUME_DRIVE_NUMBER)) - { - if (!systemFavorites) - Error ("DRIVE_LETTER_UNAVAILABLE", MainDlg); - else if (ServiceMode && systemFavorites) - { - SystemFavoritesServiceLogError (wstring (L"The drive letter ") + (wchar_t) (drive + L'A') + wstring (L" used by favorite \"") + favorite.Path + L"\" is invalid.\nThis system favorite will not be mounted"); - } - return FALSE; - } - - mountOptions.ReadOnly = favorite.ReadOnly || userForcedReadOnly; - mountOptions.Removable = favorite.Removable; - if (favorite.UseLabelInExplorer && !favorite.Label.empty()) - StringCbCopyW (mountOptions.Label, sizeof (mountOptions.Label), favorite.Label.c_str()); - else - ZeroMemory (mountOptions.Label, sizeof (mountOptions.Label)); - - if (favorite.UseVolumeID && !IsRepeatedByteArray (0, favorite.VolumeID, sizeof (favorite.VolumeID))) - { - effectiveVolumePath = FindDeviceByVolumeID (favorite.VolumeID); - } - else - effectiveVolumePath = favorite.Path; - - if (favorite.SystemEncryption) - { - mountOptions.PartitionInInactiveSysEncScope = TRUE; - bPrebootPasswordDlgMode = TRUE; - } - else - { - mountOptions.PartitionInInactiveSysEncScope = FALSE; - bPrebootPasswordDlgMode = FALSE; - } - - if ((LastKnownMountList.ulMountedDrives & (1 << drive)) == 0) - { - MountVolumesAsSystemFavorite = systemFavorites; - - wstring mountPoint = (wchar_t) (drive + L'A') + wstring (L":\\"); - wchar_t prevVolumeAtMountPoint[MAX_PATH] = { 0 }; - - if (systemFavorites) - { - // Partitions of new drives are assigned free drive letters by Windows on boot. Make sure this does not prevent system favorite volumes - // from being mounted. Each partition (using the same drive letter as a system favorite volume) is assigned another free drive letter. - - if (GetVolumeNameForVolumeMountPoint (mountPoint.c_str(), prevVolumeAtMountPoint, ARRAYSIZE (prevVolumeAtMountPoint))) - DeleteVolumeMountPoint (mountPoint.c_str()); - else - prevVolumeAtMountPoint[0] = 0; - } - - lastbExplore = bExplore; - - bExplore = (BOOL) favorite.OpenExplorerWindow; - - if (!systemFavorites - && !logOnMount - && !hotKeyMount - && !favoriteVolumeToMount.Path.empty() - && GetAsyncKeyState (VK_CONTROL) < 0) - { - /* Priority is given to command line parameters - * Default values used only when nothing specified in command line - */ - if (CmdVolumePkcs5 == 0) - mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5; - else - mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5; - mountOptions.ProtectedHidVolPim = CmdVolumePim; - if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwnd, (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions) == IDCANCEL) - { - status = FALSE; - goto skipMount; - } - } - - BOOL prevReadOnly = mountOptions.ReadOnly; - - if (ServiceMode) - SystemFavoritesServiceLogInfo (wstring (L"Mounting system favorite \"") + effectiveVolumePath + L"\""); - - status = Mount (hwnd, drive, (wchar_t *) effectiveVolumePath.c_str(), favorite.Pim); - - if (ServiceMode) - { - // Update the service status to avoid being killed - SystemFavoritesServiceStatus.dwCheckPoint++; - SystemFavoritesServiceSetStatus (SERVICE_START_PENDING, 120000); - - if (status) - { - SystemFavoritesServiceLogInfo (wstring (L"Favorite \"") + effectiveVolumePath + wstring (L"\" mounted successfully as ") + (wchar_t) (drive + L'A') + L":"); - } - else - { - SystemFavoritesServiceLogError (wstring (L"Favorite \"") + effectiveVolumePath + L"\" failed to mount"); - } - } - - if (status && mountOptions.ReadOnly != prevReadOnly) - userForcedReadOnly = mountOptions.ReadOnly; - -skipMount: - bExplore = lastbExplore; - - if (systemFavorites && prevVolumeAtMountPoint[0]) - { - if (status) - { - int freeDrive = GetFirstAvailableDrive(); - if (freeDrive != -1) - { - mountPoint[0] = (wchar_t) (freeDrive + L'A'); - SetVolumeMountPoint (mountPoint.c_str(), prevVolumeAtMountPoint); - } - } - else - SetVolumeMountPoint (mountPoint.c_str(), prevVolumeAtMountPoint); - } - - LoadDriveLetters (MainDlg, GetDlgItem (MainDlg, IDC_DRIVELIST), 0); - - MountVolumesAsSystemFavorite = FALSE; - - if (ServiceMode && LastMountedVolumeDirty) - { - DWORD bytesOut; - DeviceIoControl (hDriver, TC_IOCTL_SET_SYSTEM_FAVORITE_VOLUME_DIRTY, NULL, 0, NULL, 0, &bytesOut, NULL); - - SystemFavoritesServiceLogError (wstring (L"The filesystem of the volume mounted as ") + (wchar_t) (drive + L'A') + L": was not cleanly dismounted and needs to be checked for errors."); - } - } - else if (!systemFavorites && !favoriteVolumeToMount.Path.empty()) - Error ("DRIVE_LETTER_UNAVAILABLE", MainDlg); - else if (ServiceMode && systemFavorites) - { - SystemFavoritesServiceLogError (wstring (L"The drive letter ") + (wchar_t) (drive + L'A') + wstring (L" used by favorite \"") + effectiveVolumePath + L"\" is already taken.\nThis system favorite will not be mounted"); - } - - return status; -} - - -BOOL MountFavoriteVolumes (HWND hwnd, BOOL systemFavorites, BOOL logOnMount, BOOL hotKeyMount, const FavoriteVolume &favoriteVolumeToMount) -{ - BOOL bRet = TRUE, status = TRUE; - BOOL lastbExplore; - BOOL userForcedReadOnly = FALSE; - - if (ServiceMode) - { - // in service case, intialize some global variable here. - LastKnownMountList.ulMountedDrives = 0; - LoadDriveLetters (MainDlg, GetDlgItem (MainDlg, IDC_DRIVELIST), 0); - } - - mountOptions = defaultMountOptions; - - VolumePassword.Length = 0; - MultipleMountOperationInProgress = (favoriteVolumeToMount.Path.empty() || FavoriteMountOnArrivalInProgress); - - vector favorites, skippedSystemFavorites; - - if (systemFavorites) - { - try - { - if (ServiceMode) - SystemFavoritesServiceLogInfo (wstring (L"Reading System Favorites XML file")); - LoadFavoriteVolumes (favorites, true); - - if (ServiceMode) - { - wchar_t szTmp[32]; - StringCbPrintf (szTmp, sizeof(szTmp), L"%d", (int) favorites.size()); - SystemFavoritesServiceLogInfo (wstring (L"Loaded ") + szTmp + wstring (L" favorites from the file")); - - /* correct set the connected state of the system favorites */ - for (vector ::iterator favorite = favorites.begin(); - favorite != favorites.end(); favorite++) - { - if (favorite->UseVolumeID) - { - std::wstring path = FindDeviceByVolumeID (favorite->VolumeID); - if (path.empty ()) - { - favorite->DisconnectedDevice = true; - } - else - { - favorite->DisconnectedDevice = false; - favorite->Path = path; - favorite->UseVolumeID = false; /* force the use of real path to avoid calling FindDeviceByVolumeID again */ - } - } - } - } - } - catch (...) - { - if (ServiceMode) - SystemFavoritesServiceLogError (wstring (L"An error occured while reading System Favorites XML file")); - return false; - } - } - else if (!favoriteVolumeToMount.Path.empty()) - favorites.push_back (favoriteVolumeToMount); - else - favorites = FavoriteVolumes; - - foreach (const FavoriteVolume &favorite, favorites) - { - if (ServiceMode && systemFavorites && favorite.DisconnectedDevice) - { - skippedSystemFavorites.push_back (favorite); - if (favorite.UseVolumeID) - SystemFavoritesServiceLogWarning (wstring (L"Favorite \"ID:") + ArrayToHexWideString (favorite.VolumeID, sizeof (favorite.VolumeID)) + L"\" is disconnected. It will be ignored."); - else - SystemFavoritesServiceLogWarning (wstring (L"Favorite \"") + favorite.Path + L"\" is disconnected. It will be ignored."); - } - - if (favorite.DisconnectedDevice - || (logOnMount && !favorite.MountOnLogOn) - || (hotKeyMount && favorite.DisableHotkeyMount)) - { - continue; - } - - status = MountFavoriteVolumeBase (hwnd, favorite, lastbExplore, userForcedReadOnly, systemFavorites, logOnMount, hotKeyMount, favoriteVolumeToMount); - if (!status) - bRet = FALSE; - } - - if (systemFavorites && ServiceMode && !skippedSystemFavorites.empty()) - { - // Some drives need more time to initialize correctly. - // We retry 4 times after sleeping 5 seconds - int retryCounter = 0; - size_t remainingFavorites = skippedSystemFavorites.size(); - while ((remainingFavorites > 0) && (retryCounter++ < 4)) - { - Sleep (5000); - - SystemFavoritesServiceLogInfo (wstring (L"Trying to mount skipped system favorites")); - - // Update the service status to avoid being killed - SystemFavoritesServiceStatus.dwCheckPoint++; - SystemFavoritesServiceSetStatus (SERVICE_START_PENDING, 120000); - - for (vector ::iterator favorite = skippedSystemFavorites.begin(); - favorite != skippedSystemFavorites.end(); favorite++) - { - if (favorite->DisconnectedDevice) - { - // check if the favorite is here and get its path - wstring resolvedPath; - if (favorite->UseVolumeID) - { - resolvedPath = FindDeviceByVolumeID (favorite->VolumeID); - } - else - resolvedPath = VolumeGuidPathToDevicePath (favorite->Path); - if (!resolvedPath.empty()) - { - favorite->DisconnectedDevice = false; - favorite->VolumePathId = favorite->Path; - favorite->Path = resolvedPath; - - remainingFavorites--; - - // favorite OK. - if (favorite->UseVolumeID) - SystemFavoritesServiceLogInfo (wstring (L"Favorite \"ID:") + ArrayToHexWideString (favorite->VolumeID, sizeof (favorite->VolumeID)) + L"\" is connected. Performing mount."); - else - SystemFavoritesServiceLogInfo (wstring (L"Favorite \"") + favorite->VolumePathId + L"\" is connected. Performing mount."); - - status = MountFavoriteVolumeBase (hwnd, *favorite, lastbExplore, userForcedReadOnly, systemFavorites, logOnMount, hotKeyMount, favoriteVolumeToMount); - if (!status) - bRet = FALSE; - } - } - } - - if (remainingFavorites == 0) - SystemFavoritesServiceLogInfo (wstring (L"All skipped system favorites have been processed")); - else - { - wchar_t szTmp[32]; - StringCbPrintfW (szTmp, sizeof(szTmp), L"%d", (int) remainingFavorites); - SystemFavoritesServiceLogWarning (wstring (L"Number of unprocessed system favorites is ") + szTmp); - } - } - } - - MultipleMountOperationInProgress = FALSE; - burn (&VolumePassword, sizeof (VolumePassword)); - burn (&VolumePkcs5, sizeof (VolumePkcs5)); - burn (&VolumePim, sizeof (VolumePim)); - burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); - - if (bRet && CloseSecurityTokenSessionsAfterMount) - SecurityToken::CloseAllSessions(); - - return bRet; -} - -void CALLBACK mountFavoriteVolumeCallbackFunction (void *pArg, HWND hwnd) -{ - mountFavoriteVolumeThreadParam* pParam = (mountFavoriteVolumeThreadParam*) pArg; - - if (pParam) - { - if (pParam->favoriteVolumeToMount) - MountFavoriteVolumes (hwnd, pParam->systemFavorites, pParam->logOnMount, pParam->hotKeyMount, *(pParam->favoriteVolumeToMount)); - else - MountFavoriteVolumes (hwnd, pParam->systemFavorites, pParam->logOnMount, pParam->hotKeyMount); - - free (pParam); - } - else - MountFavoriteVolumes (hwnd); -} - -void __cdecl mountFavoriteVolumeThreadFunction (void *pArg) -{ - ShowWaitDialog (MainDlg, FALSE, mountFavoriteVolumeCallbackFunction, pArg); -} - -static void SaveDefaultKeyFilesParam (HWND hwnd) -{ - if (defaultKeyFilesParam.FirstKeyFile == NULL) - { - /* No keyfiles selected */ - _wremove (GetConfigPath (TC_APPD_FILENAME_DEFAULT_KEYFILES)); - } - else - { - FILE *f; - KeyFile *kf = FirstKeyFile; - - f = _wfopen (GetConfigPath (TC_APPD_FILENAME_DEFAULT_KEYFILES), L"w,ccs=UTF-8"); - if (f == NULL) - { - handleWin32Error (MainDlg, SRC_POS); - return; - } - - XmlWriteHeader (f); - - fputws (L"\n\t", f); - - while (kf != NULL) - { - wchar_t q[TC_MAX_PATH * 2]; - - XmlQuoteTextW (kf->FileName, q, ARRAYSIZE (q)); - fwprintf (f, L"\n\t\t%s", q); - - kf = kf->Next; - } - - fputws (L"\n\t", f); - - XmlWriteFooter (f); - - CheckFileStreamWriteErrors (hwnd, f, TC_APPD_FILENAME_DEFAULT_KEYFILES); - fclose (f); - return; - } -} - - -static void KeyfileDefaultsDlg (HWND hwndDlg) -{ - KeyFilesDlgParam param; - - param.EnableKeyFiles = defaultKeyFilesParam.EnableKeyFiles; - param.FirstKeyFile = defaultKeyFilesParam.FirstKeyFile; - - if (DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, - (DLGPROC) KeyFilesDlgProc, (LPARAM) ¶m) == IDOK) - { - if (!param.EnableKeyFiles || AskWarnYesNo ("CONFIRM_SAVE_DEFAULT_KEYFILES", hwndDlg) == IDYES) - { - KeyFileRemoveAll (&defaultKeyFilesParam.FirstKeyFile); - defaultKeyFilesParam.EnableKeyFiles = param.EnableKeyFiles; - defaultKeyFilesParam.FirstKeyFile = param.FirstKeyFile; - - RestoreDefaultKeyFilesParam (); - SaveDefaultKeyFilesParam (hwndDlg); - } - } -} - - -static void HandleHotKey (HWND hwndDlg, WPARAM wParam) -{ - DWORD dwResult; - BOOL success = TRUE; - - switch (wParam) - { - case HK_AUTOMOUNT_DEVICES: - MountAllDevices (hwndDlg, TRUE); - break; - - case HK_DISMOUNT_ALL: - case HK_DISMOUNT_ALL_AND_WIPE: - - if (wParam == HK_DISMOUNT_ALL_AND_WIPE) - WipeCache (hwndDlg, TRUE); - - if (DismountAll (hwndDlg, FALSE, TRUE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY)) - { - if (bDisplayBalloonOnSuccessfulHkDismount) - InfoBalloon ("SUCCESSFULLY_DISMOUNTED", (wParam == HK_DISMOUNT_ALL_AND_WIPE ? "VOLUMES_DISMOUNTED_CACHE_WIPED" : "MOUNTED_VOLUMES_DISMOUNTED"), hwndDlg); - - if (bPlaySoundOnSuccessfulHkDismount) - MessageBeep (0xFFFFFFFF); - } - - break; - - case HK_WIPE_CACHE: - WipeCache (hwndDlg, FALSE); - - break; - - case HK_FORCE_DISMOUNT_ALL_AND_WIPE: - success = DismountAll (hwndDlg, TRUE, FALSE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY); - success &= DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); - if (success) - { - if (bDisplayBalloonOnSuccessfulHkDismount) - InfoBalloon ("SUCCESSFULLY_DISMOUNTED", "VOLUMES_DISMOUNTED_CACHE_WIPED", hwndDlg); - - if (bPlaySoundOnSuccessfulHkDismount) - MessageBeep (0xFFFFFFFF); - } - break; - - case HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT: - success = DismountAll (hwndDlg, TRUE, FALSE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY); - success &= DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); - if (success) - { - if (bDisplayBalloonOnSuccessfulHkDismount) - InfoBalloon ("SUCCESSFULLY_DISMOUNTED", "VOLUMES_DISMOUNTED_CACHE_WIPED", hwndDlg); - - if (bPlaySoundOnSuccessfulHkDismount) - MessageBeep (0xFFFFFFFF); - } - TaskBarIconRemove (hwndDlg); - UnregisterWtsNotification(hwndDlg); - EndMainDlg (hwndDlg); - break; - - case HK_MOUNT_FAVORITE_VOLUMES: - { - mountFavoriteVolumeThreadParam* pParam = (mountFavoriteVolumeThreadParam*) calloc(1, sizeof(mountFavoriteVolumeThreadParam)); - pParam->systemFavorites = FALSE; - pParam->logOnMount = FALSE; - pParam->hotKeyMount = TRUE; - pParam->favoriteVolumeToMount = NULL; - - _beginthread(mountFavoriteVolumeThreadFunction, 0, pParam); - } - break; - - case HK_SHOW_HIDE_MAIN_WINDOW: - ChangeMainWindowVisibility (); - break; - - case HK_CLOSE_SECURITY_TOKEN_SESSIONS: - SecurityToken::CloseAllSessions(); - - InfoBalloon (NULL, "ALL_TOKEN_SESSIONS_CLOSED", hwndDlg); - - break; - } -} - - -void ChangeMainWindowVisibility () -{ - MainWindowHidden = !MainWindowHidden; - - if (!MainWindowHidden) - SetForegroundWindow (MainDlg); - - ShowWindow (MainDlg, !MainWindowHidden ? SW_SHOW : SW_HIDE); - - if (!MainWindowHidden) - ShowWindow (MainDlg, SW_RESTORE); -} - - -int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const wchar_t *lpszVolume) -{ - int nStatus = ERR_OS_ERROR; - wchar_t szTmp[4096]; - int fBackup = -1; - OpenVolumeContext volume; - OpenVolumeContext hiddenVolume; - Password hiddenVolPassword; - int hiddenVolPkcs5 = 0, hiddenVolPim = 0; - byte temporaryKey[MASTER_KEYDATA_SIZE]; - byte originalK2[MASTER_KEYDATA_SIZE]; - int EffectiveVolumePkcs5 = CmdVolumePkcs5; - int EffectiveVolumePim = CmdVolumePim; - - /* Priority is given to command line parameters - * Default values used only when nothing specified in command line - */ - if (EffectiveVolumePkcs5 == 0) - EffectiveVolumePkcs5 = DefaultVolumePkcs5; - - if (!lpszVolume) - { - nStatus = ERR_OUTOFMEMORY; - handleError (hwndDlg, nStatus, SRC_POS); - return nStatus; - } - - volume.VolumeIsOpen = FALSE; - hiddenVolume.VolumeIsOpen = FALSE; - - switch (IsSystemDevicePath (lpszVolume, hwndDlg, TRUE)) - { - case 1: - case 2: - if (AskErrNoYes ("BACKUP_HEADER_NOT_FOR_SYS_DEVICE", hwndDlg) == IDYES) - CreateRescueDisk (hwndDlg); - - return 0; - } - - if (IsMountedVolume (lpszVolume)) - { - Warning ("DISMOUNT_FIRST", hwndDlg); - goto ret; - } - - if (!VolumePathExists (lpszVolume)) - { - handleWin32Error (hwndDlg, SRC_POS); - goto ret; - } - - Info ("EXTERNAL_VOL_HEADER_BAK_FIRST_INFO", hwndDlg); - - - WaitCursor(); - - // Open both types of volumes - for (int type = TC_VOLUME_TYPE_NORMAL; type <= TC_VOLUME_TYPE_HIDDEN; ++type) - { - OpenVolumeContext *askVol = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolume : &volume); - Password *askPassword = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolPassword : &VolumePassword); - int* askPkcs5 = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolPkcs5 : &VolumePkcs5); - int* askPim = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolPim : &VolumePim); - - while (TRUE) - { - int GuiPkcs5 = ((EffectiveVolumePkcs5 > 0) && (*askPkcs5 == 0))? EffectiveVolumePkcs5 : *askPkcs5; - int GuiPim = ((EffectiveVolumePim > 0) && (*askPim <= 0))? EffectiveVolumePim : *askPim; - if (!AskVolumePassword (hwndDlg, askPassword, &GuiPkcs5, &GuiPim, &VolumeTrueCryptMode, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE)) - { - nStatus = ERR_SUCCESS; - goto ret; - } - else - { - *askPkcs5 = GuiPkcs5; - *askPim = GuiPim; - burn (&GuiPkcs5, sizeof (GuiPkcs5)); - burn (&GuiPim, sizeof (GuiPim)); - } - - WaitCursor(); - - if (KeyFilesEnable && FirstKeyFile) - KeyFilesApply (hwndDlg, askPassword, FirstKeyFile, lpszVolume); - - nStatus = OpenVolume (askVol, lpszVolume, askPassword, *askPkcs5, *askPim, VolumeTrueCryptMode, FALSE, bPreserveTimestamp, FALSE); - - NormalCursor(); - - if (nStatus == ERR_SUCCESS) - { - if ((type == TC_VOLUME_TYPE_NORMAL && askVol->CryptoInfo->hiddenVolume) - || (type == TC_VOLUME_TYPE_HIDDEN && !askVol->CryptoInfo->hiddenVolume)) - { - CloseVolume (askVol); - handleError (hwndDlg, ERR_PASSWORD_WRONG, SRC_POS); - continue; - } - - RandSetHashFunction (askVol->CryptoInfo->pkcs5); - - if (type == TC_VOLUME_TYPE_NORMAL) - { - // Ask the user if there is a hidden volume - char *volTypeChoices[] = {0, "DOES_VOLUME_CONTAIN_HIDDEN", "VOLUME_CONTAINS_HIDDEN", "VOLUME_DOES_NOT_CONTAIN_HIDDEN", "IDCANCEL", 0}; - switch (AskMultiChoice ((void **) volTypeChoices, FALSE, hwndDlg)) - { - case 1: - break; - case 2: - goto noHidden; - - default: - nStatus = ERR_SUCCESS; - goto ret; - } - } - - break; - } - - if (nStatus != ERR_PASSWORD_WRONG) - goto error; - - handleError (hwndDlg, nStatus, SRC_POS); - } - } -noHidden: - - if (hiddenVolume.VolumeIsOpen && volume.CryptoInfo->LegacyVolume != hiddenVolume.CryptoInfo->LegacyVolume) - { - nStatus = ERR_PARAMETER_INCORRECT; - goto error; - } - - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CONFIRM_VOL_HEADER_BAK"), lpszVolume); - - if (bRequireConfirmation - && (MessageBoxW (hwndDlg, szTmp, lpszTitle, YES_NO|MB_ICONQUESTION|MB_DEFBUTTON1) == IDNO)) - goto ret; - - /* Select backup file */ - if (!BrowseFiles (hwndDlg, "OPEN_TITLE", szFileName, bHistory, TRUE, NULL)) - goto ret; - - /* Conceive the backup file */ - if ((fBackup = _wopen(szFileName, _O_CREAT|_O_TRUNC|_O_WRONLY|_O_BINARY, _S_IREAD|_S_IWRITE)) == -1) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - // Backup headers - - byte backup[TC_VOLUME_HEADER_GROUP_SIZE]; - - bool legacyVolume = volume.CryptoInfo->LegacyVolume ? true : false; - int backupFileSize = legacyVolume ? TC_VOLUME_HEADER_SIZE_LEGACY * 2 : TC_VOLUME_HEADER_GROUP_SIZE; - - // Fill backup buffer with random data - memcpy (originalK2, volume.CryptoInfo->k2, sizeof (volume.CryptoInfo->k2)); - - if (Randinit() != ERR_SUCCESS) - { - if (CryptoAPILastError == ERROR_SUCCESS) - nStatus = ERR_RAND_INIT_FAILED; - else - nStatus = ERR_CAPI_INIT_FAILED; - goto error; - } - - /* force the display of the random enriching dialog */ - SetRandomPoolEnrichedByUserStatus (FALSE); - - NormalCursor(); - UserEnrichRandomPool (hwndDlg); - WaitCursor(); - - // Temporary keys - if (!RandgetBytes (hwndDlg, temporaryKey, EAGetKeySize (volume.CryptoInfo->ea), TRUE) - || !RandgetBytes (hwndDlg, volume.CryptoInfo->k2, sizeof (volume.CryptoInfo->k2), FALSE)) - { - nStatus = ERR_PARAMETER_INCORRECT; - goto error; - } - - if (EAInit (volume.CryptoInfo->ea, temporaryKey, volume.CryptoInfo->ks) != ERR_SUCCESS || !EAInitMode (volume.CryptoInfo)) - { - nStatus = ERR_PARAMETER_INCORRECT; - goto error; - } - - EncryptBuffer (backup, backupFileSize, volume.CryptoInfo); - - memcpy (volume.CryptoInfo->k2, originalK2, sizeof (volume.CryptoInfo->k2)); - if (EAInit (volume.CryptoInfo->ea, volume.CryptoInfo->master_keydata, volume.CryptoInfo->ks) != ERR_SUCCESS || !EAInitMode (volume.CryptoInfo)) - { - nStatus = ERR_PARAMETER_INCORRECT; - goto error; - } - - // Store header encrypted with a new key - nStatus = ReEncryptVolumeHeader (hwndDlg, (char *) backup, FALSE, volume.CryptoInfo, &VolumePassword, VolumePim, FALSE); - if (nStatus != ERR_SUCCESS) - goto error; - - if (hiddenVolume.VolumeIsOpen) - { - nStatus = ReEncryptVolumeHeader (hwndDlg, (char *) backup + (legacyVolume ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE), - FALSE, hiddenVolume.CryptoInfo, &hiddenVolPassword, hiddenVolPim, FALSE); - - if (nStatus != ERR_SUCCESS) - goto error; - } - - if (_write (fBackup, backup, backupFileSize) == -1) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - /* Backup has been successfully created */ - Warning("VOL_HEADER_BACKED_UP", hwndDlg); - -ret: - nStatus = ERR_SUCCESS; - -error: - DWORD dwError = GetLastError (); - - CloseVolume (&volume); - CloseVolume (&hiddenVolume); - - if (fBackup != -1) - _close (fBackup); - - SetLastError (dwError); - if (nStatus != 0) - handleError (hwndDlg, nStatus, SRC_POS); - - burn (&VolumePassword, sizeof (VolumePassword)); - burn (&VolumePkcs5, sizeof (VolumePkcs5)); - burn (&VolumePim, sizeof (VolumePim)); - burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); - burn (&hiddenVolPassword, sizeof (hiddenVolPassword)); - burn (temporaryKey, sizeof (temporaryKey)); - burn (originalK2, sizeof (originalK2)); - - RestoreDefaultKeyFilesParam(); - RandStop (FALSE); - NormalCursor(); - - return nStatus; -} - - -int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume) -{ - int nDosLinkCreated = -1, nStatus = ERR_OS_ERROR; - wchar_t szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH]; - wchar_t szFileName[TC_MAX_PATH]; - wchar_t szDosDevice[TC_MAX_PATH]; - void *dev = INVALID_HANDLE_VALUE; - DWORD dwError; - BOOL bDevice; - unsigned __int64 hostSize = 0; - FILETIME ftCreationTime; - FILETIME ftLastWriteTime; - FILETIME ftLastAccessTime; - wchar_t szTmp[4096]; - BOOL bTimeStampValid = FALSE; - HANDLE fBackup = INVALID_HANDLE_VALUE; - LARGE_INTEGER headerOffset; - CRYPTO_INFO *restoredCryptoInfo = NULL; - int EffectiveVolumePkcs5 = CmdVolumePkcs5; - int EffectiveVolumePim = CmdVolumePim; - - /* Priority is given to command line parameters - * Default values used only when nothing specified in command line - */ - if (EffectiveVolumePkcs5 == 0) - EffectiveVolumePkcs5 = DefaultVolumePkcs5; - - if (!lpszVolume) - { - nStatus = ERR_OUTOFMEMORY; - handleError (hwndDlg, nStatus, SRC_POS); - return nStatus; - } - - switch (IsSystemDevicePath (lpszVolume, hwndDlg, TRUE)) - { - case 1: - case 2: - if (AskErrNoYes ("RESTORE_HEADER_NOT_FOR_SYS_DEVICE", hwndDlg) == IDYES) - CreateRescueDisk (hwndDlg); - - return 0; - - case -1: - // In some environments (such as PE), the system volume is not located on a hard drive. - // Therefore, we must interpret this return code as "Not a system device path" (otherwise, - // it would not be possible to restore headers on non-system devices in such environments). - // Note that this is rather safe, because bReliableRequired is set to TRUE. - - // NOP - break; - } - - if (IsMountedVolume (lpszVolume)) - { - Warning ("DISMOUNT_FIRST", hwndDlg); - return 0; - } - - if (!VolumePathExists (lpszVolume)) - { - handleWin32Error (hwndDlg, SRC_POS); - return 0; - } - - BOOL restoreInternalBackup; - - // Ask the user to select the type of backup (internal/external) - char *volTypeChoices[] = {0, "HEADER_RESTORE_EXTERNAL_INTERNAL", "HEADER_RESTORE_INTERNAL", "HEADER_RESTORE_EXTERNAL", "IDCANCEL", 0}; - switch (AskMultiChoice ((void **) volTypeChoices, FALSE, hwndDlg)) - { - case 1: - restoreInternalBackup = TRUE; - break; - case 2: - restoreInternalBackup = FALSE; - break; - default: - return 0; - } - - OpenVolumeContext volume; - volume.VolumeIsOpen = FALSE; - - /* force the display of the random enriching dialog */ - SetRandomPoolEnrichedByUserStatus (FALSE); - - WaitCursor(); - - if (restoreInternalBackup) - { - // Restore header from the internal backup - - // Open the volume using backup header - while (TRUE) - { - int GuiPkcs5 = ((EffectiveVolumePkcs5 > 0) && (VolumePkcs5 == 0))? EffectiveVolumePkcs5 : VolumePkcs5; - int GuiPim = ((EffectiveVolumePim > 0) && (VolumePim <= 0))? EffectiveVolumePim : VolumePim; - StringCbCopyW (PasswordDlgVolume, sizeof(PasswordDlgVolume), lpszVolume); - if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &VolumeTrueCryptMode, NULL, FALSE)) - { - nStatus = ERR_SUCCESS; - goto ret; - } - else - { - VolumePkcs5 = GuiPkcs5; - VolumePim = GuiPim; - burn (&GuiPkcs5, sizeof (GuiPkcs5)); - burn (&GuiPim, sizeof (GuiPim)); - } - - WaitCursor(); - - if (KeyFilesEnable && FirstKeyFile) - KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, lpszVolume); - - nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode,TRUE, bPreserveTimestamp, TRUE); - - NormalCursor(); - - if (nStatus == ERR_SUCCESS) - break; - - if (nStatus != ERR_PASSWORD_WRONG) - goto error; - - handleError (hwndDlg, nStatus, SRC_POS); - } - - if (volume.CryptoInfo->LegacyVolume) - { - Error ("VOLUME_HAS_NO_BACKUP_HEADER", hwndDlg); - nStatus = ERROR_SUCCESS; - goto error; - } - - // Create a new header with a new salt - char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; - - nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, volume.CryptoInfo, &VolumePassword, VolumePim, FALSE); - if (nStatus != 0) - goto error; - - headerOffset.QuadPart = volume.CryptoInfo->hiddenVolume ? TC_HIDDEN_VOLUME_HEADER_OFFSET : TC_VOLUME_HEADER_OFFSET; - if (!SetFilePointerEx (volume.HostFileHandle, headerOffset, NULL, FILE_BEGIN)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - if (!WriteEffectiveVolumeHeader (volume.IsDevice, volume.HostFileHandle, (byte *) buffer)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - } - else - { - // Restore header from an external backup - - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CONFIRM_VOL_HEADER_RESTORE"), lpszVolume); - - if (MessageBoxW (hwndDlg, szTmp, lpszTitle, YES_NO|MB_ICONWARNING|MB_DEFBUTTON2) == IDNO) - { - nStatus = ERR_SUCCESS; - goto ret; - } - - /* Select backup file */ - if (!BrowseFiles (hwndDlg, "OPEN_TITLE", szFileName, bHistory, FALSE, NULL)) - { - nStatus = ERR_SUCCESS; - goto ret; - } - - /* Open the backup file */ - fBackup = CreateFile (szFileName, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL); - if (fBackup == INVALID_HANDLE_VALUE) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - // Determine size of the backup file - LARGE_INTEGER backupSize; - if (!GetFileSizeEx (fBackup, &backupSize)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), lpszVolume, &bDevice); - - if (bDevice == FALSE) - StringCbCopyW (szCFDevice, sizeof(szCFDevice), szDiskFile); - else - { - nDosLinkCreated = FakeDosNameForDevice (szDiskFile, szDosDevice, sizeof(szDosDevice),szCFDevice, sizeof(szCFDevice),FALSE); - if (nDosLinkCreated != 0) - goto error; - } - - // Open the volume - dev = CreateFile (szCFDevice, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL); - - if (dev == INVALID_HANDLE_VALUE) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - // Determine volume host size - if (bDevice) - { - PARTITION_INFORMATION diskInfo; - DWORD dwResult; - BOOL bResult; - - bResult = GetPartitionInfo (lpszVolume, &diskInfo); - - if (bResult) - { - hostSize = diskInfo.PartitionLength.QuadPart; - } - else - { - DISK_GEOMETRY driveInfo; - - bResult = DeviceIoControl (dev, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, - &driveInfo, sizeof (driveInfo), &dwResult, NULL); - - if (!bResult) - goto error; - - hostSize = driveInfo.Cylinders.QuadPart * driveInfo.BytesPerSector * - driveInfo.SectorsPerTrack * driveInfo.TracksPerCylinder; - } - - if (hostSize == 0) - { - nStatus = ERR_VOL_SIZE_WRONG; - goto error; - } - } - else - { - LARGE_INTEGER fileSize; - if (!GetFileSizeEx (dev, &fileSize)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - hostSize = fileSize.QuadPart; - } - - if (!bDevice && bPreserveTimestamp) - { - /* Remember the container modification/creation date and time. */ - - if (GetFileTime ((HANDLE) dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime) == 0) - bTimeStampValid = FALSE; - else - bTimeStampValid = TRUE; - } - - /* Read the volume header from the backup file */ - char buffer[TC_VOLUME_HEADER_GROUP_SIZE]; - - DWORD bytesRead; - if (!ReadFile (fBackup, buffer, sizeof (buffer), &bytesRead, NULL)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - if (bytesRead != backupSize.QuadPart) - { - nStatus = ERR_VOL_SIZE_WRONG; - goto error; - } - - LARGE_INTEGER headerOffset; - LARGE_INTEGER headerBackupOffset; - bool legacyBackup; - int headerOffsetBackupFile; - - // Determine the format of the backup file - switch (backupSize.QuadPart) - { - case TC_VOLUME_HEADER_GROUP_SIZE: - legacyBackup = false; - break; - - case TC_VOLUME_HEADER_SIZE_LEGACY * 2: - legacyBackup = true; - break; - - default: - Error ("HEADER_BACKUP_SIZE_INCORRECT", hwndDlg); - nStatus = ERR_SUCCESS; - goto error; - } - - // Open the header - while (TRUE) - { - int GuiPkcs5 = ((EffectiveVolumePkcs5 > 0) && (VolumePkcs5 == 0))? EffectiveVolumePkcs5 : VolumePkcs5; - int GuiPim = ((EffectiveVolumePim > 0) && (VolumePim <= 0))? EffectiveVolumePim : VolumePim; - if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &VolumeTrueCryptMode, "ENTER_HEADER_BACKUP_PASSWORD", FALSE)) - { - nStatus = ERR_SUCCESS; - goto ret; - } - else - { - VolumePkcs5 = GuiPkcs5; - VolumePim = GuiPim; - burn (&GuiPkcs5, sizeof (GuiPkcs5)); - burn (&GuiPim, sizeof (GuiPim)); - } - - if (KeyFilesEnable && FirstKeyFile) - KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, bDevice? NULL : lpszVolume); - - // Decrypt volume header - headerOffsetBackupFile = 0; - for (int type = TC_VOLUME_TYPE_NORMAL; type <= TC_VOLUME_TYPE_HIDDEN; ++type) - { - if (type == TC_VOLUME_TYPE_HIDDEN) - headerOffsetBackupFile += (legacyBackup ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE); - - nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, &restoredCryptoInfo, NULL); - if (nStatus == ERR_SUCCESS) - break; - } - - if (nStatus == ERR_SUCCESS) - break; - - if (nStatus != ERR_PASSWORD_WRONG) - goto error; - - handleError (hwndDlg, nStatus, SRC_POS); - } - - BOOL hiddenVol = restoredCryptoInfo->hiddenVolume; - - if (legacyBackup) - { - headerOffset.QuadPart = hiddenVol ? hostSize - TC_HIDDEN_VOLUME_HEADER_OFFSET_LEGACY : TC_VOLUME_HEADER_OFFSET; - } - else - { - headerOffset.QuadPart = hiddenVol ? TC_HIDDEN_VOLUME_HEADER_OFFSET : TC_VOLUME_HEADER_OFFSET; - headerBackupOffset.QuadPart = hiddenVol ? hostSize - TC_VOLUME_HEADER_SIZE : hostSize - TC_VOLUME_HEADER_GROUP_SIZE; - } - - WaitCursor(); - - // Restore header encrypted with a new key - nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, restoredCryptoInfo, &VolumePassword, VolumePim, FALSE); - if (nStatus != ERR_SUCCESS) - goto error; - - if (!SetFilePointerEx (dev, headerOffset, NULL, FILE_BEGIN)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - if (!WriteEffectiveVolumeHeader (bDevice, dev, (byte *) buffer)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - if (!restoredCryptoInfo->LegacyVolume) - { - // Restore backup header encrypted with a new key - nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, restoredCryptoInfo, &VolumePassword, VolumePim, FALSE); - if (nStatus != ERR_SUCCESS) - goto error; - - if (!SetFilePointerEx (dev, headerBackupOffset, NULL, FILE_BEGIN)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - - if (!WriteEffectiveVolumeHeader (bDevice, dev, (byte *) buffer)) - { - nStatus = ERR_OS_ERROR; - goto error; - } - } - } - - - /* Volume header has been successfully restored */ - - Info("VOL_HEADER_RESTORED", hwndDlg); -ret: - nStatus = ERR_SUCCESS; - -error: - dwError = GetLastError (); - NormalCursor(); - - if (restoreInternalBackup) - { - CloseVolume (&volume); - } - else - { - if (restoredCryptoInfo) - crypto_close (restoredCryptoInfo); - - if (bTimeStampValid) - SetFileTime (dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime); - - if (dev != INVALID_HANDLE_VALUE) - CloseHandle (dev); - - if (fBackup != INVALID_HANDLE_VALUE) - CloseHandle (fBackup); - - if (nDosLinkCreated == 0) - RemoveFakeDosName (szDiskFile, szDosDevice); - } - - SetLastError (dwError); - if (nStatus != 0) - handleError (hwndDlg, nStatus, SRC_POS); - - burn (&VolumePassword, sizeof (VolumePassword)); - burn (&VolumePkcs5, sizeof (VolumePkcs5)); - burn (&VolumePim, sizeof (VolumePim)); - burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); - RestoreDefaultKeyFilesParam(); - RandStop (FALSE); - NormalCursor(); - - return nStatus; -} - - -void SetDriverConfigurationFlag (uint32 flag, BOOL state) -{ - BootEncObj->SetDriverConfigurationFlag (flag, state ? true : false); -} - - -static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - LocalizeDialog (hwndDlg, "IDD_PERFORMANCE_SETTINGS"); - - uint32 driverConfig = ReadDriverConfigurationFlags(); - CheckDlgButton (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION, (driverConfig & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? BST_UNCHECKED : BST_CHECKED); - CheckDlgButton (hwndDlg, IDC_ENABLE_EXTENDED_IOCTL_SUPPORT, (driverConfig & TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL) ? BST_CHECKED : BST_UNCHECKED); - - SYSTEM_INFO sysInfo; - GetSystemInfo (&sysInfo); - - HWND freeCpuCombo = GetDlgItem (hwndDlg, IDC_ENCRYPTION_FREE_CPU_COUNT); - uint32 encryptionFreeCpuCount = ReadEncryptionThreadPoolFreeCpuCountLimit(); - - if (encryptionFreeCpuCount > sysInfo.dwNumberOfProcessors - 1) - encryptionFreeCpuCount = sysInfo.dwNumberOfProcessors - 1; - - for (uint32 i = 1; i < sysInfo.dwNumberOfProcessors; ++i) - { - wstringstream s; - s << i; - AddComboPair (freeCpuCombo, s.str().c_str(), i); - } - - if (sysInfo.dwNumberOfProcessors < 2 || encryptionFreeCpuCount == 0) - EnableWindow (freeCpuCombo, FALSE); - - if (sysInfo.dwNumberOfProcessors < 2) - EnableWindow (GetDlgItem (hwndDlg, IDC_LIMIT_ENC_THREAD_POOL), FALSE); - - if (encryptionFreeCpuCount != 0) - { - CheckDlgButton (hwndDlg, IDC_LIMIT_ENC_THREAD_POOL, BST_CHECKED); - SendMessage (freeCpuCombo, CB_SETCURSEL, encryptionFreeCpuCount - 1, 0); - } - - SetWindowTextW (GetDlgItem (hwndDlg, IDT_LIMIT_ENC_THREAD_POOL_NOTE), GetString("LIMIT_ENC_THREAD_POOL_NOTE")); - - SetDlgItemTextW (hwndDlg, IDC_HW_AES_SUPPORTED_BY_CPU, (wstring (L" ") + (GetString (is_aes_hw_cpu_supported() ? "UISTR_YES" : "UISTR_NO"))).c_str()); - - ToHyperlink (hwndDlg, IDC_MORE_INFO_ON_HW_ACCELERATION); - ToHyperlink (hwndDlg, IDC_MORE_INFO_ON_THREAD_BASED_PARALLELIZATION); - } - return 0; - - case WM_COMMAND: - - switch (lw) - { - case IDCANCEL: - EndDialog (hwndDlg, lw); - return 1; - - case IDOK: - { - if (IsNonInstallMode()) - { - Error ("FEATURE_REQUIRES_INSTALLATION", hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - BOOL disableHW = !IsDlgButtonChecked (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION); - BOOL enableExtendedIOCTL = IsDlgButtonChecked (hwndDlg, IDC_ENABLE_EXTENDED_IOCTL_SUPPORT); - - try - { - VOLUME_PROPERTIES_STRUCT prop; - try - { - BootEncStatus = BootEncObj->GetStatus(); - BootEncObj->GetVolumeProperties (&prop); - } - catch (...) - { - BootEncStatus.DriveMounted = false; - } - - if (BootEncStatus.DriveMounted) - { - byte userConfig; - string customUserMessage; - uint16 bootLoaderVersion; - - BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion); - - if (bootLoaderVersion != VERSION_NUM) - Warning ("BOOT_LOADER_VERSION_INCORRECT_PREFERENCES", hwndDlg); - - if (disableHW) - userConfig |= TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION; - else - userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION; - - BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim); - } - - SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION, disableHW); - SetDriverConfigurationFlag (TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL, enableExtendedIOCTL); - - DWORD bytesReturned; - if (!DeviceIoControl (hDriver, TC_IOCTL_REREAD_DRIVER_CONFIG, NULL, 0, NULL, 0, &bytesReturned, NULL)) - handleWin32Error (hwndDlg, SRC_POS); - - EnableHwEncryption (!disableHW); - - uint32 cpuFreeCount = 0; - if (IsDlgButtonChecked (hwndDlg, IDC_LIMIT_ENC_THREAD_POOL)) - { - LRESULT cpuFreeItem = SendMessage (GetDlgItem (hwndDlg, IDC_ENCRYPTION_FREE_CPU_COUNT), CB_GETCURSEL, 0, 0); - if (cpuFreeItem != CB_ERR) - cpuFreeCount = (uint32) (cpuFreeItem + 1); - } - - if (ReadEncryptionThreadPoolFreeCpuCountLimit() != cpuFreeCount) - { - BootEncObj->WriteLocalMachineRegistryDwordValue (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", TC_ENCRYPTION_FREE_CPU_COUNT_REG_VALUE_NAME, cpuFreeCount); - Warning ("SETTING_REQUIRES_REBOOT", hwndDlg); - } - - EndDialog (hwndDlg, lw); - return 1; - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - } - return 1; - - case IDC_ENABLE_HARDWARE_ENCRYPTION: - if (!IsDlgButtonChecked (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION) - && AskWarnYesNo ("CONFIRM_SETTING_DEGRADES_PERFORMANCE", hwndDlg) == IDNO) - { - CheckDlgButton (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION, BST_CHECKED); - } - return 1; - - case IDC_LIMIT_ENC_THREAD_POOL: - if (IsDlgButtonChecked (hwndDlg, IDC_LIMIT_ENC_THREAD_POOL) - && AskWarnYesNo ("CONFIRM_SETTING_DEGRADES_PERFORMANCE", hwndDlg) == IDNO) - { - CheckDlgButton (hwndDlg, IDC_LIMIT_ENC_THREAD_POOL, BST_UNCHECKED); - } - else - { - SendMessage (GetDlgItem (hwndDlg, IDC_ENCRYPTION_FREE_CPU_COUNT), CB_SETCURSEL, 0, 0); - Warning ("SETTING_REQUIRES_REBOOT", hwndDlg); // Warn the user before he thinks about benchmarking - } - - EnableWindow (GetDlgItem (hwndDlg, IDC_ENCRYPTION_FREE_CPU_COUNT), IsDlgButtonChecked (hwndDlg, IDC_LIMIT_ENC_THREAD_POOL)); - return 1; - - case IDC_BENCHMARK: - Benchmark (hwndDlg); - return 1; - - case IDC_MORE_INFO_ON_HW_ACCELERATION: - Applink ("hwacceleration", TRUE, ""); - return 1; - - case IDC_MORE_INFO_ON_THREAD_BASED_PARALLELIZATION: - Applink ("parallelization", TRUE, ""); - return 1; - } - - return 0; - } - - return 0; -} - - -static BOOL CALLBACK SecurityTokenPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - LocalizeDialog (hwndDlg, "IDD_TOKEN_PREFERENCES"); - SetDlgItemText (hwndDlg, IDC_PKCS11_MODULE, SecurityTokenLibraryPath); - CheckDlgButton (hwndDlg, IDC_CLOSE_TOKEN_SESSION_AFTER_MOUNT, CloseSecurityTokenSessionsAfterMount ? BST_CHECKED : BST_UNCHECKED); - - SetWindowTextW (GetDlgItem (hwndDlg, IDT_PKCS11_LIB_HELP), GetString("PKCS11_LIB_LOCATION_HELP")); - - return 0; - - case WM_COMMAND: - - switch (lw) - { - case IDCANCEL: - EndDialog (hwndDlg, lw); - return 1; - - case IDOK: - { - wchar_t securityTokenLibraryPath[MAX_PATH]; - GetDlgItemText (hwndDlg, IDC_PKCS11_MODULE, securityTokenLibraryPath, ARRAYSIZE (securityTokenLibraryPath)); - - if (securityTokenLibraryPath[0] == 0) - { - try - { - SecurityToken::CloseLibrary(); - } - catch (...) { } - - SecurityTokenLibraryPath[0] = 0; - } - else - { - wchar_t prevSecurityTokenLibraryPath[MAX_PATH]; - StringCbCopyW (prevSecurityTokenLibraryPath, sizeof(prevSecurityTokenLibraryPath), SecurityTokenLibraryPath); - StringCbCopyW (SecurityTokenLibraryPath, sizeof(SecurityTokenLibraryPath), securityTokenLibraryPath); - - if (!InitSecurityTokenLibrary(hwndDlg)) - { - StringCbCopyW (SecurityTokenLibraryPath, sizeof(SecurityTokenLibraryPath), prevSecurityTokenLibraryPath); - return 1; - } - } - - CloseSecurityTokenSessionsAfterMount = (IsDlgButtonChecked (hwndDlg, IDC_CLOSE_TOKEN_SESSION_AFTER_MOUNT) == BST_CHECKED); - - WaitCursor (); - SaveSettings (hwndDlg); - NormalCursor (); - - EndDialog (hwndDlg, lw); - return 1; - } - - case IDC_AUTO_DETECT_PKCS11_MODULE: - { - wchar_t systemDir[MAX_PATH]; - GetSystemDirectory (systemDir, ARRAYSIZE (systemDir)); - WIN32_FIND_DATA findData; - bool found = false; - - WaitCursor(); - - HANDLE find = FindFirstFile ((wstring (systemDir) + L"\\*.dll").c_str(), &findData); - while (!found && find != INVALID_HANDLE_VALUE) - { - wstring dllPathname = wstring (systemDir) + L"\\" + findData.cFileName; - DWORD fileSize; - - char *file = LoadFile (dllPathname.c_str(), &fileSize); - if (file) - { - const char *functionName = "C_GetFunctionList"; - size_t strLen = strlen (functionName); - - if (fileSize > strLen) - { - for (size_t i = 0; i < fileSize - strLen; ++i) - { - if (memcmp (file + i, functionName, strLen) == 0) - { - HMODULE module = LoadLibrary (dllPathname.c_str()); - if (module) - { - if (GetProcAddress (module, functionName)) - { - SetDlgItemText (hwndDlg, IDC_PKCS11_MODULE, dllPathname.c_str()); - found = true; - - FreeLibrary (module); - break; - } - - FreeLibrary (module); - } - } - } - } - - free (file); - } - - if (!FindNextFile (find, &findData)) - break; - } - - if (find != INVALID_HANDLE_VALUE) - FindClose (find); - - NormalCursor(); - - if (!found) - Warning ("PKCS11_MODULE_AUTO_DETECTION_FAILED", hwndDlg); - - return 1; - } - - case IDC_SELECT_PKCS11_MODULE: - { - wchar_t securityTokenLibraryPath[MAX_PATH]; - wchar_t systemDir[MAX_PATH]; - wchar_t browseFilter[1024]; - - Info ("SELECT_PKCS11_MODULE_HELP", hwndDlg); - - StringCbPrintfW (browseFilter, sizeof(browseFilter), L"%ls (*.dll)%c*.dll%c%c", GetString ("DLL_FILES"), 0, 0, 0); - GetSystemDirectory (systemDir, ARRAYSIZE (systemDir)); - - if (BrowseFilesInDir (hwndDlg, "SELECT_PKCS11_MODULE", systemDir, securityTokenLibraryPath, TRUE, FALSE, browseFilter)) - SetDlgItemText (hwndDlg, IDC_PKCS11_MODULE, securityTokenLibraryPath); - return 1; - } - } - return 0; - } - - return 0; -} - -static BOOL CALLBACK DefaultMountParametersDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - LocalizeDialog (hwndDlg, "IDD_DEFAULT_MOUNT_PARAMETERS"); - - SendMessage (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), BM_SETCHECK, - DefaultVolumeTrueCryptMode ? BST_CHECKED:BST_UNCHECKED, 0); - - /* Populate the PRF algorithms list */ - int i, nIndex, defaultPrfIndex = 0; - HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); - SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); - - nIndex = (int) SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); - - for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) - { - nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); - SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); - if (DefaultVolumePkcs5 && (DefaultVolumePkcs5 == i)) - defaultPrfIndex = nIndex; - } - - /* make autodetection the default unless a specific PRF was specified in the command line */ - SendMessage (hComboBox, CB_SETCURSEL, defaultPrfIndex, 0); - - return 0; - } - - case WM_COMMAND: - - switch (lw) - { - case IDCANCEL: - EndDialog (hwndDlg, lw); - return 1; - - case IDOK: - { - int pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); - BOOL truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); - /* SHA-256 is not supported by TrueCrypt */ - if ( (truecryptMode) - && (pkcs5 == SHA256) - ) - { - Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); - } - else - { - WaitCursor (); - DefaultVolumeTrueCryptMode = truecryptMode; - DefaultVolumePkcs5 = pkcs5; - - SaveSettings (hwndDlg); - - NormalCursor (); - EndDialog (hwndDlg, lw); - } - return 1; - } - - } - return 0; - } - - return 0; -} - -void SecurityTokenPreferencesDialog (HWND hwndDlg) -{ - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_TOKEN_PREFERENCES), hwndDlg, (DLGPROC) SecurityTokenPreferencesDlgProc, 0); -} - - -static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - { - if (!BootEncObj->GetStatus().DriveMounted) - { - Warning ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - try - { - LocalizeDialog (hwndDlg, "IDD_SYSENC_SETTINGS"); - - uint32 driverConfig = ReadDriverConfigurationFlags(); - byte userConfig; - string customUserMessage; - uint16 bootLoaderVersion; - BOOL bPasswordCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD)? TRUE : FALSE; - BOOL bPimCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PIM)? TRUE : FALSE; - - BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion); - - if (bootLoaderVersion != VERSION_NUM) - Warning ("BOOT_LOADER_VERSION_INCORRECT_PREFERENCES", hwndDlg); - - SendMessage (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE), EM_LIMITTEXT, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, 0); - SetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage.c_str()); - - CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_PIM_PROMPT, (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_PIM) ? BST_CHECKED : BST_UNCHECKED); - CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT, (userConfig & TC_BOOT_USER_CFG_FLAG_SILENT_MODE) ? BST_CHECKED : BST_UNCHECKED); - CheckDlgButton (hwndDlg, IDC_ALLOW_ESC_PBA_BYPASS, (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_ESC) ? BST_UNCHECKED : BST_CHECKED); - CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD, bPasswordCacheEnabled ? BST_CHECKED : BST_UNCHECKED); - CheckDlgButton (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION, (driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION) ? BST_CHECKED : BST_UNCHECKED); - EnableWindow (GetDlgItem (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM), bPasswordCacheEnabled); - CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? BST_CHECKED : BST_UNCHECKED); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP), GetString("CUSTOM_BOOT_LOADER_MESSAGE_HELP")); - } - catch (Exception &e) - { - e.Show (hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - } - return 0; - - case WM_COMMAND: - - switch (lw) - { - case IDCANCEL: - EndDialog (hwndDlg, lw); - return 1; - - case IDOK: - { - VOLUME_PROPERTIES_STRUCT prop; - - if (!BootEncObj->GetStatus().DriveMounted) - { - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - try - { - BootEncObj->GetVolumeProperties (&prop); - } - catch (Exception &e) - { - e.Show (hwndDlg); - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - char customUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1]; - GetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage, sizeof (customUserMessage)); - - byte userConfig; - try - { - BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig); - } - catch (Exception &e) - { - e.Show (hwndDlg); - return 1; - } - - if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_PIM_PROMPT)) - userConfig |= TC_BOOT_USER_CFG_FLAG_DISABLE_PIM; - else - userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_PIM; - - if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT)) - userConfig |= TC_BOOT_USER_CFG_FLAG_SILENT_MODE; - else - userConfig &= ~TC_BOOT_USER_CFG_FLAG_SILENT_MODE; - - if (!IsDlgButtonChecked (hwndDlg, IDC_ALLOW_ESC_PBA_BYPASS)) - userConfig |= TC_BOOT_USER_CFG_FLAG_DISABLE_ESC; - else - userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_ESC; - - try - { - BOOL bPasswordCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD); - BOOL bPimCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM); - BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim); - SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD, bPasswordCacheEnabled); - SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? TRUE : FALSE); - SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION, IsDlgButtonChecked (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION)); - } - catch (Exception &e) - { - e.Show (hwndDlg); - return 1; - } - - EndDialog (hwndDlg, lw); - return 1; - } - - case IDC_DISABLE_BOOT_LOADER_PIM_PROMPT: - if ((IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_PIM_PROMPT)) - && AskWarnYesNo ("DISABLE_BOOT_LOADER_PIM_PROMPT", hwndDlg) == IDNO) - { - CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_PIM_PROMPT, BST_UNCHECKED); - } - - case IDC_DISABLE_BOOT_LOADER_OUTPUT: - if ((IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT)) - && AskWarnYesNo ("CUSTOM_BOOT_LOADER_MESSAGE_PROMPT", hwndDlg) == IDNO) - { - CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT, BST_UNCHECKED); - } - - break; - - case IDC_BOOT_LOADER_CACHE_PASSWORD: - if (IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD)) - { - Warning ("BOOT_PASSWORD_CACHE_KEYBOARD_WARNING", hwndDlg); - EnableWindow (GetDlgItem (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM), TRUE); - } - else - { - EnableWindow (GetDlgItem (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM), FALSE); - } - - break; - } - return 0; - } - - return 0; -} - - -void MountSelectedVolume (HWND hwndDlg, BOOL mountWithOptions) -{ - if (!VolumeSelected(hwndDlg)) - { - Warning ("NO_VOLUME_SELECTED", hwndDlg); - } - else if (LOWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) == TC_MLIST_ITEM_FREE) - { - mountOptions = defaultMountOptions; - bPrebootPasswordDlgMode = FALSE; - - if (mountWithOptions || GetAsyncKeyState (VK_CONTROL) < 0) - { - /* Priority is given to command line parameters - * Default values used only when nothing specified in command line - */ - if (CmdVolumePkcs5 == 0) - mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5; - else - mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5; - mountOptions.ProtectedHidVolPim = CmdVolumePim; - if (IDCANCEL == DialogBoxParamW (hInst, - MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg, - (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions)) - return; - - if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles) - { - wchar_t selectedVolume [TC_MAX_PATH + 1]; - GetVolumePath (hwndDlg, selectedVolume, ARRAYSIZE (selectedVolume)); - KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, selectedVolume); - } - } - - if (CheckMountList (hwndDlg, FALSE)) - _beginthread (mountThreadFunction, 0, hwndDlg); - } - else - Warning ("SELECT_FREE_DRIVE", hwndDlg); -} - -static BOOL HandleDriveListMouseWheelEvent (UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL bListMustBePointed) -{ - static BOOL eventHandlerActive = FALSE; - if (eventHandlerActive) - return 0; - - RECT listRect; - int mouseX = GET_X_LPARAM (lParam); - int mouseY = GET_Y_LPARAM (lParam); - - GetWindowRect (GetDlgItem (MainDlg, IDC_DRIVELIST), &listRect); - - // Determine if the mouse pointer is within the main drive list - bool bListPointed = (mouseX >= listRect.left && mouseX <= listRect.right - && mouseY >= listRect.top && mouseY <= listRect.bottom); - - if (bListMustBePointed && bListPointed - || !bListMustBePointed) - { - eventHandlerActive = TRUE; - - if (!bListMustBePointed && bListPointed) - SetFocus (GetDlgItem (MainDlg, IDC_DRIVELIST)); - - SendMessage (GetDlgItem (MainDlg, IDC_DRIVELIST), uMsg, wParam, lParam); - - eventHandlerActive = FALSE; - return 0; // Do not process this event any further e.g. to prevent two lists from being scrolled at once - } - - return 1; -} - - -static LRESULT CALLBACK MouseWheelProc (HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam) -{ - WNDPROC wp = (WNDPROC) GetWindowLongPtrW (hwnd, GWLP_USERDATA); - - switch (message) - { - case WM_MOUSEWHEEL: - - if (HandleDriveListMouseWheelEvent (message, wParam, lParam, TRUE) == 0) - return 0; // Do not process this event any further e.g. to prevent two lists from being scrolled at once - } - - return CallWindowProcW (wp, hwnd, message, wParam, lParam); -} - - -void HookMouseWheel (HWND hwndDlg, UINT ctrlId) -{ - HWND hwndCtrl = GetDlgItem (hwndDlg, ctrlId); - - SetWindowLongPtrW (hwndCtrl, GWLP_USERDATA, (LONG_PTR) GetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC)); - SetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC, (LONG_PTR) MouseWheelProc); -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" +#include "cpu.h" + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "Apidrvr.h" +#include "BootEncryption.h" +#include "Cmdline.h" +#include "Crypto.h" +#include "Dlgcode.h" +#include "Combo.h" +#include "Favorites.h" +#include "Hotkeys.h" +#include "Keyfiles.h" +#include "Language.h" +#include "MainCom.h" +#include "Mount.h" +#include "Pkcs5.h" +#include "Random.h" +#include "Registry.h" +#include "Resource.h" +#include "Password.h" +#include "Xml.h" +#include "../Boot/Windows/BootCommon.h" +#include "../Common/Dictionary.h" +#include "../Common/Common.h" +#include "../Common/Resource.h" +#include "../Common/SecurityToken.h" +#include "../Platform/Finally.h" +#include "../Platform/ForEach.h" + +#include + +#include + +typedef BOOL (WINAPI *WTSREGISTERSESSIONNOTIFICATION)(HWND, DWORD); +typedef BOOL (WINAPI *WTSUNREGISTERSESSIONNOTIFICATION)(HWND); + +using namespace VeraCrypt; + +enum timer_ids +{ + TIMER_ID_MAIN = 0xff, + TIMER_ID_KEYB_LAYOUT_GUARD +}; + +enum hidden_os_read_only_notif_mode +{ + TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_NONE = 0, + TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_COMPACT, + TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_DISABLED +}; + +#define TIMER_INTERVAL_MAIN 500 +#define TIMER_INTERVAL_KEYB_LAYOUT_GUARD 10 + +BootEncryption *BootEncObj = NULL; +BootEncryptionStatus BootEncStatus; +BootEncryptionStatus RecentBootEncStatus; + +BOOL bExplore = FALSE; /* Display explorer window after mount */ +BOOL bBeep = FALSE; /* Donot beep after mount */ +wchar_t szFileName[TC_MAX_PATH+1]; /* Volume to mount */ +wchar_t szDriveLetter[3]; /* Drive Letter to mount */ +wchar_t commandLineDrive = 0; +BOOL bCacheInDriver = FALSE; /* Cache any passwords we see */ +BOOL bCacheInDriverDefault = FALSE; +BOOL bCacheDuringMultipleMount = FALSE; +BOOL bCmdCacheDuringMultipleMount = FALSE; +BOOL bIncludePimInCache = FALSE; +BOOL bTryEmptyPasswordWhenKeyfileUsed = FALSE; +BOOL bCmdTryEmptyPasswordWhenKeyfileUsed = FALSE; +BOOL bCmdTryEmptyPasswordWhenKeyfileUsedValid = FALSE; +BOOL bHistoryCmdLine = FALSE; /* History control is always disabled */ +BOOL bUseDifferentTrayIconIfVolMounted = TRUE; +BOOL bCloseDismountedWindows=TRUE; /* Close all open explorer windows of dismounted volume */ +BOOL bWipeCacheOnExit = FALSE; /* Wipe password from chace on exit */ +BOOL bWipeCacheOnAutoDismount = TRUE; +BOOL bEnableBkgTask = FALSE; +BOOL bCloseBkgTaskWhenNoVolumes = FALSE; +BOOL bDismountOnLogOff = TRUE; +BOOL bDismountOnSessionLocked = TRUE; +BOOL bDismountOnScreenSaver = TRUE; +BOOL bDismountOnPowerSaving = FALSE; +BOOL bForceAutoDismount = TRUE; +BOOL bForceMount = FALSE; /* Mount volume even if host file/device already in use */ +BOOL bForceUnmount = FALSE; /* Unmount volume even if it cannot be locked */ +BOOL bWipe = FALSE; /* Wipe driver passwords */ +BOOL bAuto = FALSE; /* Do everything without user input */ +BOOL LogOn = FALSE; +BOOL bAutoMountDevices = FALSE; /* Auto-mount devices */ +BOOL bAutoMountFavorites = FALSE; +BOOL bPlaySoundOnSuccessfulHkDismount = TRUE; +BOOL bDisplayBalloonOnSuccessfulHkDismount = TRUE; +BOOL bHibernationPreventionNotified = FALSE; /* TRUE if the user has been notified that hibernation was prevented (system encryption) during the session. */ +BOOL bHiddenSysLeakProtNotifiedDuringSession = FALSE; /* TRUE if the user has been notified during the session that unencrypted filesystems and non-hidden TrueCrypt volumes are mounted as read-only under hidden OS. */ +BOOL CloseSecurityTokenSessionsAfterMount = FALSE; + +BOOL Quit = FALSE; /* Exit after processing command line */ +BOOL ComServerMode = FALSE; +BOOL ServiceMode = FALSE; +BOOL UsePreferences = TRUE; + +int HiddenSysLeakProtectionNotificationStatus = TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_NONE; +int MaxVolumeIdleTime = -120; +int nCurrentShowType = 0; /* current display mode, mount, unmount etc */ +int nSelectedDriveIndex = -1; /* Item number of selected drive */ + +int cmdUnmountDrive = -2; /* Volume drive letter to unmount (-1 = all) */ +Password VolumePassword; /* Password used for mounting volumes */ +Password CmdVolumePassword; /* Password passed from command line */ +char CmdTokenPin [SecurityToken::MaxPasswordLength + 1] = {0}; +int VolumePkcs5 = 0; +int CmdVolumePkcs5 = 0; +int VolumePim = -1; +int CmdVolumePim = -1; +int DefaultVolumePkcs5 = 0; +BOOL VolumeTrueCryptMode = FALSE; +BOOL CmdVolumeTrueCryptMode = FALSE; +BOOL DefaultVolumeTrueCryptMode = FALSE; +BOOL CmdVolumePasswordValid = FALSE; +MountOptions CmdMountOptions; +BOOL CmdMountOptionsValid = FALSE; +MountOptions mountOptions; +MountOptions defaultMountOptions; +KeyFile *FirstCmdKeyFile; + +HBITMAP hbmLogoBitmapRescaled = NULL; +wchar_t OrigKeyboardLayout [8+1] = L"00000409"; +BOOL bKeyboardLayoutChanged = FALSE; /* TRUE if the keyboard layout was changed to the standard US keyboard layout (from any other layout). */ +BOOL bKeybLayoutAltKeyWarningShown = FALSE; /* TRUE if the user has been informed that it is not possible to type characters by pressing keys while the right Alt key is held down. */ + +static KeyFilesDlgParam hidVolProtKeyFilesParam; + +static MOUNT_LIST_STRUCT LastKnownMountList; +VOLUME_NOTIFICATIONS_LIST VolumeNotificationsList; +static DWORD LastKnownLogicalDrives; + +static HANDLE TaskBarIconMutex = NULL; +static BOOL MainWindowHidden = FALSE; +static int pwdChangeDlgMode = PCDM_CHANGE_PASSWORD; +static int bSysEncPwdChangeDlgMode = FALSE; +static int bPrebootPasswordDlgMode = FALSE; +static int NoCmdLineArgs; +static BOOL CmdLineVolumeSpecified; +static int LastDriveListVolumeColumnWidth; +// WTS handling +static HMODULE hWtsLib = NULL; +static WTSREGISTERSESSIONNOTIFICATION fnWtsRegisterSessionNotification = NULL; +static WTSUNREGISTERSESSIONNOTIFICATION fnWtsUnRegisterSessionNotification = NULL; + +static void RegisterWtsNotification(HWND hWnd) +{ + if (!hWtsLib) + { + wchar_t dllPath[MAX_PATH]; + if (GetSystemDirectory(dllPath, MAX_PATH)) + StringCbCatW(dllPath, sizeof(dllPath), L"\\wtsapi32.dll"); + else + StringCbCopyW(dllPath, sizeof(dllPath), L"c:\\Windows\\System32\\wtsapi32.dll"); + + hWtsLib = LoadLibrary(dllPath); + if (hWtsLib) + { + fnWtsRegisterSessionNotification = (WTSREGISTERSESSIONNOTIFICATION) GetProcAddress(hWtsLib, "WTSRegisterSessionNotification" ); + fnWtsUnRegisterSessionNotification = (WTSUNREGISTERSESSIONNOTIFICATION) GetProcAddress(hWtsLib, "WTSUnRegisterSessionNotification" ); + if ( !fnWtsRegisterSessionNotification + || !fnWtsUnRegisterSessionNotification + || !fnWtsRegisterSessionNotification( hWnd, NOTIFY_FOR_THIS_SESSION ) + ) + { + fnWtsRegisterSessionNotification = NULL; + fnWtsUnRegisterSessionNotification = NULL; + FreeLibrary(hWtsLib); + hWtsLib = NULL; + } + } + } +} + +static void UnregisterWtsNotification(HWND hWnd) +{ + if (hWtsLib && fnWtsUnRegisterSessionNotification) + { + fnWtsUnRegisterSessionNotification(hWnd); + FreeLibrary(hWtsLib); + hWtsLib = NULL; + fnWtsRegisterSessionNotification = NULL; + fnWtsUnRegisterSessionNotification = NULL; + } +} + +static void localcleanup (void) +{ + // Wipe command line + char *c = GetCommandLineA (); + wchar_t *wc = GetCommandLineW (); + burn(c, strlen (c)); + burn(wc, wcslen (wc) * sizeof (wchar_t)); + + /* Delete buffered bitmaps (if any) */ + if (hbmLogoBitmapRescaled != NULL) + { + DeleteObject ((HGDIOBJ) hbmLogoBitmapRescaled); + hbmLogoBitmapRescaled = NULL; + } + + /* These items should have already been cleared by the functions that used them, but we're going to + clear them for extra security. */ + burn (&VolumePassword, sizeof (VolumePassword)); + burn (&CmdVolumePassword, sizeof (CmdVolumePassword)); + burn (&VolumePkcs5, sizeof (VolumePkcs5)); + burn (&CmdVolumePkcs5, sizeof (CmdVolumePkcs5)); + burn (&VolumePim, sizeof (VolumePim)); + burn (&CmdVolumePim, sizeof (CmdVolumePim)); + burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); + burn (&CmdVolumeTrueCryptMode, sizeof (CmdVolumeTrueCryptMode)); + burn (&mountOptions, sizeof (mountOptions)); + burn (&defaultMountOptions, sizeof (defaultMountOptions)); + burn (szFileName, sizeof(szFileName)); + burn (&CmdTokenPin, sizeof (CmdTokenPin)); + + /* Cleanup common code resources */ + cleanup (); + + if (BootEncObj != NULL) + { + delete BootEncObj; + BootEncObj = NULL; + } + + RandStop (TRUE); +} + +void RefreshMainDlg (HWND hwndDlg) +{ + int drive = (wchar_t) (HIWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST)))); + + MoveEditToCombo (GetDlgItem (hwndDlg, IDC_VOLUME), bHistory); + LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), drive); + EnableDisableButtons (hwndDlg); +} + +void EndMainDlg (HWND hwndDlg) +{ + MoveEditToCombo (GetDlgItem (hwndDlg, IDC_VOLUME), bHistory); + + if (UsePreferences) + SaveSettings (hwndDlg); + + if (bWipeCacheOnExit) + { + DWORD dwResult; + DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); + } + + if (!bHistory) + { + SetWindowText (GetDlgItem (hwndDlg, IDC_VOLUME), L""); + ClearHistory (GetDlgItem (hwndDlg, IDC_VOLUME)); + } + + if (TaskBarIconMutex != NULL) + { + MainWindowHidden = TRUE; + ShowWindow (hwndDlg, SW_HIDE); + } + else + { + KillTimer (hwndDlg, TIMER_ID_MAIN); + TaskBarIconRemove (hwndDlg); + UnregisterWtsNotification(hwndDlg); + EndDialog (hwndDlg, 0); + } +} + +static void InitMainDialog (HWND hwndDlg) +{ + MENUITEMINFOW info; + char *popupTexts[] = {"MENU_VOLUMES", "MENU_SYSTEM_ENCRYPTION", "MENU_FAVORITES", "MENU_TOOLS", "MENU_SETTINGS", "MENU_HELP", "MENU_WEBSITE", 0}; + wchar_t *str; + int i; + + /* Call the common dialog init code */ + InitDialog (hwndDlg); + LocalizeDialog (hwndDlg, NULL); + + SetWindowLongPtrW (hwndDlg, DWLP_USER, (LONG_PTR) (IsAdmin() ? TC_MAIN_WINDOW_FLAG_ADMIN_PRIVILEGES : 0)); + + DragAcceptFiles (hwndDlg, TRUE); + + SendMessageW (GetDlgItem (hwndDlg, IDC_VOLUME), CB_LIMITTEXT, TC_MAX_PATH, 0); + SetWindowTextW (hwndDlg, (IsAdmin() && !IsBuiltInAdmin() && IsUacSupported() && !IsNonInstallMode()) ? (wstring (lpszTitle) + L" [" + GetString ("ADMINISTRATOR") + L"]").c_str() : lpszTitle); + + // Help file name + InitHelpFileName(); + + // Localize menu strings + for (i = 40001; str = (wchar_t *)GetDictionaryValueByInt (i); i++) + { + info.cbSize = sizeof (info); + info.fMask = MIIM_TYPE; + info.fType = MFT_STRING; + info.dwTypeData = str; + info.cch = (UINT) wcslen (str); + + SetMenuItemInfoW (GetMenu (hwndDlg), i, FALSE, &info); + } + + for (i = 0; popupTexts[i] != 0; i++) + { + str = GetString (popupTexts[i]); + + info.cbSize = sizeof (info); + info.fMask = MIIM_TYPE; + + if (strcmp (popupTexts[i], "MENU_WEBSITE") == 0) + info.fType = MFT_STRING | MFT_RIGHTJUSTIFY; + else + info.fType = MFT_STRING; + + if (strcmp (popupTexts[i], "MENU_FAVORITES") == 0) + FavoriteVolumesMenu = GetSubMenu (GetMenu (hwndDlg), i); + + info.dwTypeData = str; + info.cch = (UINT) wcslen (str); + + SetMenuItemInfoW (GetMenu (hwndDlg), i, TRUE, &info); + } + + // Disable menu item for changing system header key derivation algorithm until it's implemented + EnableMenuItem (GetMenu (hwndDlg), IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO, MF_GRAYED); + + try + { + LoadFavoriteVolumes(); + } + catch (Exception &e) + { + e.Show (NULL); + } + + // Resize the logo bitmap if the user has a non-default DPI + if (ScreenDPI != USER_DEFAULT_SCREEN_DPI + && hbmLogoBitmapRescaled == NULL) // If not re-called (e.g. after language pack change) + { + hbmLogoBitmapRescaled = RenderBitmap (MAKEINTRESOURCE (IDB_LOGO_288DPI), + GetDlgItem (hwndDlg, IDC_LOGO), + 0, 0, 0, 0, FALSE, TRUE); + } + + BuildTree (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST)); + + if (*szDriveLetter != 0) + { + SelectItem (GetDlgItem (hwndDlg, IDC_DRIVELIST), *szDriveLetter); + + if(nSelectedDriveIndex > SendMessage (GetDlgItem (hwndDlg, IDC_DRIVELIST), LVM_GETITEMCOUNT, 0, 0)/2) + SendMessage(GetDlgItem (hwndDlg, IDC_DRIVELIST), LVM_SCROLL, 0, 10000); + } + else + { + SendMessage(hwndDlg, WM_NEXTDLGCTL, (WPARAM) GetDlgItem (hwndDlg, IDC_DRIVELIST), 1L); + } + + SendMessage (GetDlgItem (hwndDlg, IDC_NO_HISTORY), BM_SETCHECK, bHistory ? BST_UNCHECKED : BST_CHECKED, 0); + EnableDisableButtons (hwndDlg); +} + +void EnableDisableButtons (HWND hwndDlg) +{ + HWND hOKButton = GetDlgItem (hwndDlg, IDOK); + WORD x; + + x = LOWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))); + + EnableMenuItem (GetMenu (hwndDlg), IDM_MOUNT_VOLUME, MF_ENABLED); + EnableMenuItem (GetMenu (hwndDlg), IDM_MOUNT_VOLUME_OPTIONS, MF_ENABLED); + EnableMenuItem (GetMenu (hwndDlg), IDM_BACKUP_VOL_HEADER, MF_ENABLED); + EnableMenuItem (GetMenu (hwndDlg), IDM_RESTORE_VOL_HEADER, MF_ENABLED); + EnableMenuItem (GetMenu (hwndDlg), IDM_CHANGE_PASSWORD, MF_ENABLED); + EnableWindow (hOKButton, TRUE); + + switch (x) + { + case TC_MLIST_ITEM_NONSYS_VOL: + { + SetWindowTextW (hOKButton, GetString ("UNMOUNT_BUTTON")); + EnableWindow (hOKButton, TRUE); + EnableMenuItem (GetMenu (hwndDlg), IDM_UNMOUNT_VOLUME, MF_ENABLED); + + EnableWindow (GetDlgItem (hwndDlg, IDC_VOLUME_PROPERTIES), TRUE); + EnableMenuItem (GetMenu (hwndDlg), IDM_VOLUME_PROPERTIES, MF_ENABLED); + } + break; + + case TC_MLIST_ITEM_SYS_PARTITION: + case TC_MLIST_ITEM_SYS_DRIVE: + EnableWindow (hOKButton, FALSE); + SetWindowTextW (hOKButton, GetString ("MOUNT_BUTTON")); + EnableWindow (GetDlgItem (hwndDlg, IDC_VOLUME_PROPERTIES), TRUE); + EnableMenuItem (GetMenu (hwndDlg), IDM_UNMOUNT_VOLUME, MF_GRAYED); + break; + + case TC_MLIST_ITEM_FREE: + default: + SetWindowTextW (hOKButton, GetString ("MOUNT_BUTTON")); + EnableWindow (GetDlgItem (hwndDlg, IDC_VOLUME_PROPERTIES), FALSE); + EnableMenuItem (GetMenu (hwndDlg), IDM_VOLUME_PROPERTIES, MF_GRAYED); + EnableMenuItem (GetMenu (hwndDlg), IDM_UNMOUNT_VOLUME, MF_GRAYED); + } + + EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_CACHE), !IsPasswordCacheEmpty()); + EnableMenuItem (GetMenu (hwndDlg), IDM_WIPE_CACHE, IsPasswordCacheEmpty() ? MF_GRAYED:MF_ENABLED); + EnableMenuItem (GetMenu (hwndDlg), IDM_CLEAR_HISTORY, IsComboEmpty (GetDlgItem (hwndDlg, IDC_VOLUME)) ? MF_GRAYED:MF_ENABLED); +} + +BOOL VolumeSelected (HWND hwndDlg) +{ + return (GetWindowTextLength (GetDlgItem (hwndDlg, IDC_VOLUME)) > 0); +} + +void GetVolumePath (HWND hwndDlg, LPWSTR szPath, int nMaxCount) +{ + GetWindowText (GetDlgItem (hwndDlg, IDC_VOLUME), szPath, nMaxCount); + CorrectFileName (szPath); +} + +/* Returns TRUE if the last partition/drive selected via the Select Device dialog box was the system +partition/drive and if it is encrypted. + WARNING: This function is very fast but not always reliable (for example, if the user manually types + a device path before Select Device is invoked during the session; after the Select Device dialog + has been invoked at least once, the correct system device paths are cached). Therefore, it must NOT + be used before performing any dangerous operations (such as header backup restore or formatting a + supposedly non-system device) -- instead use IsSystemDevicePath(path, hwndDlg, TRUE) for such + purposes. This function can be used only for preliminary GUI checks requiring very fast responses. */ +BOOL ActiveSysEncDeviceSelected (void) +{ + try + { + BootEncStatus = BootEncObj->GetStatus(); + + if (BootEncStatus.DriveEncrypted) + { + int retCode = 0; + + GetVolumePath (MainDlg, szFileName, ARRAYSIZE (szFileName)); + + retCode = IsSystemDevicePath (szFileName, MainDlg, FALSE); + + return (WholeSysDriveEncryption(FALSE) ? (retCode == 2 || retCode == 1) : (retCode == 1)); + } + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + return FALSE; +} + +// When a function does not require the affected volume to be dismounted, there may be cases where we have two valid +// paths selected in the main window and we cannot be sure which of them the user really intends to apply the function to. +// This function asks the user to explicitly select either the volume path specified in the input field below the main +// drive list (whether mounted or not), or the path to the volume selected in the main drive list. If, however, both +// of the GUI elements contain the same volume (or one of them does not contain any path), this function does not +// ask the user and returns the volume path directly (no selection ambiguity). +// If driveNoPtr is not NULL, and the volume is mounted, its drive letter is returned in *driveNoPtr (if no valid drive +// letter is resolved, -1 is stored instead). +static wstring ResolveAmbiguousSelection (HWND hwndDlg, int *driveNoPtr) +{ + LPARAM selectedDrive = GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST)); + + wchar_t volPathInputField [TC_MAX_PATH]; + + wchar_t volPathDriveListW [TC_MAX_PATH]; + wstring volPathDriveListStr; + + wstring retPath; + + VOLUME_PROPERTIES_STRUCT prop; + DWORD dwResult; + + BOOL useInputField = TRUE; + + memset (&prop, 0, sizeof(prop)); + + BOOL ambig = (LOWORD (selectedDrive) != TC_MLIST_ITEM_FREE && LOWORD (selectedDrive) != 0xffff && HIWORD (selectedDrive) != 0xffff + && VolumeSelected (MainDlg)); + + if (VolumeSelected (MainDlg)) + { + // volPathInputField will contain the volume path (if any) from the input field below the drive list + GetVolumePath (MainDlg, volPathInputField, ARRAYSIZE (volPathInputField)); + + if (!ambig) + retPath = (wstring) volPathInputField; + } + + if (LOWORD (selectedDrive) != TC_MLIST_ITEM_FREE && LOWORD (selectedDrive) != 0xffff && HIWORD (selectedDrive) != 0xffff) + { + // A volume is selected in the main drive list. + + switch (LOWORD (selectedDrive)) + { + case TC_MLIST_ITEM_NONSYS_VOL: + prop.driveNo = HIWORD (selectedDrive) - L'A'; + + if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &dwResult, NULL) || dwResult == 0) + { + // The driver did not return any path for this drive letter (the volume may have been dismounted). + + // Return whatever is in the input field below the drive list (even if empty) + return ((wstring) volPathInputField); + } + + // volPathDriveListWStr will contain the volume path selected in the main drive list + volPathDriveListStr = (wstring) prop.wszVolume; + break; + + case TC_MLIST_ITEM_SYS_PARTITION: + + GetSysDevicePaths (MainDlg); + + if (bCachedSysDevicePathsValid) + { + volPathDriveListStr = (wstring) SysPartitionDevicePath; + } + + break; + + case TC_MLIST_ITEM_SYS_DRIVE: + + GetSysDevicePaths (MainDlg); + + if (bCachedSysDevicePathsValid) + { + volPathDriveListStr = (wstring) SysDriveDevicePath; + } + + break; + } + + if (!ambig) + { + useInputField = FALSE; + retPath = volPathDriveListStr; + } + } + + if (ambig) + { + /* We have two paths. Compare them and if they don't match, ask the user to select one of them. Otherwise, return the path without asking. */ + + if (wmemcmp (volPathDriveListStr.c_str (), L"\\??\\", 4) == 0) + { + // The volume path starts with "\\??\\" which is used for file-hosted containers. We're going to strip this prefix. + + volPathDriveListStr = (wstring) (volPathDriveListStr.c_str () + 4); + } + + StringCbCopyW (volPathDriveListW, sizeof(volPathDriveListW), volPathDriveListStr.c_str ()); + + if (wcscmp (((wmemcmp (volPathDriveListW, L"\\??\\", 4) == 0) ? volPathDriveListW + 4 : volPathDriveListW), volPathInputField) != 0) + { + // The path selected in the input field is different from the path to the volume selected + // in the drive lettter list. We have to resolve possible ambiguity. + + wchar_t *tmp[] = {L"", L"", L"", L"", L"", 0}; + const int maxVolPathLen = 80; + + if (volPathDriveListStr.length () > maxVolPathLen) + { + // Ellipsis (path too long) + volPathDriveListStr = wstring (L"...") + volPathDriveListStr.substr (volPathDriveListStr.length () - maxVolPathLen, maxVolPathLen); + } + + wstring volPathInputFieldWStr (volPathInputField); + + if (volPathInputFieldWStr.length () > maxVolPathLen) + { + // Ellipsis (path too long) + volPathInputFieldWStr = wstring (L"...") + volPathInputFieldWStr.substr (volPathInputFieldWStr.length () - maxVolPathLen, maxVolPathLen); + } + + tmp[1] = GetString ("AMBIGUOUS_VOL_SELECTION"); + tmp[2] = (wchar_t *) volPathDriveListStr.c_str(); + tmp[3] = (wchar_t *) volPathInputFieldWStr.c_str(); + tmp[4] = GetString ("IDCANCEL"); + + switch (AskMultiChoice ((void **) tmp, FALSE, hwndDlg)) + { + case 1: + retPath = volPathDriveListStr; + break; + + case 2: + retPath = (wstring) volPathInputField; + break; + + default: + if (driveNoPtr != NULL) + *driveNoPtr = -1; + + return wstring (L""); + } + } + else + { + // Both selected paths are the same + retPath = (wstring) volPathInputField; + } + } + + if (driveNoPtr != NULL) + *driveNoPtr = GetMountedVolumeDriveNo ((wchar_t *) retPath.c_str ()); + + + if (wmemcmp (retPath.c_str (), L"\\??\\", 4) == 0) + { + // The selected volume path starts with "\\??\\" which is used for file-hosted containers. We're going to strip this prefix. + + retPath = (wstring) (retPath.c_str () + 4); + } + + return retPath; +} + +void LoadSettingsAndCheckModified (HWND hwndDlg, BOOL bOnlyCheckModified, BOOL* pbSettingsModified, BOOL* pbHistoryModified) +{ + char langid[6] = {0}; + if (!bOnlyCheckModified) + EnableHwEncryption ((ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE); + + WipeAlgorithmId savedWipeAlgorithm = TC_WIPE_NONE; + + if (!bOnlyCheckModified) + LoadSysEncSettings (); + + if (!bOnlyCheckModified && LoadNonSysInPlaceEncSettings (&savedWipeAlgorithm) != 0) + bInPlaceEncNonSysPending = TRUE; + + // If the config file has already been loaded during this session + if (ConfigBuffer != NULL) + { + free (ConfigBuffer); + ConfigBuffer = NULL; + } + + // Options + ConfigReadCompareInt ("OpenExplorerWindowAfterMount", FALSE, &bExplore, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("UseDifferentTrayIconIfVolumesMounted", TRUE, &bUseDifferentTrayIconIfVolMounted, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("SaveVolumeHistory", FALSE, &bHistory, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("CachePasswords", FALSE, &bCacheInDriverDefault, bOnlyCheckModified, pbSettingsModified); + if (!bOnlyCheckModified) + bCacheInDriver = bCacheInDriverDefault; + + ConfigReadCompareInt ("CachePasswordDuringMultipleMount", FALSE, &bCacheDuringMultipleMount, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("WipePasswordCacheOnExit", FALSE, &bWipeCacheOnExit, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("WipeCacheOnAutoDismount", TRUE, &bWipeCacheOnAutoDismount, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("IncludePimInCache", FALSE, &bIncludePimInCache, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("TryEmptyPasswordWhenKeyfileUsed",FALSE, &bTryEmptyPasswordWhenKeyfileUsed, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("StartOnLogon", FALSE, &bStartOnLogon, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("MountDevicesOnLogon", FALSE, &bMountDevicesOnLogon, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("MountFavoritesOnLogon", FALSE, &bMountFavoritesOnLogon, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("EnableBackgroundTask", TRUE, &bEnableBkgTask, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("CloseBackgroundTaskOnNoVolumes", FALSE, &bCloseBkgTaskWhenNoVolumes, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("DismountOnLogOff", !(IsServerOS() && IsAdmin()), &bDismountOnLogOff, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("DismountOnSessionLocked", FALSE, &bDismountOnSessionLocked, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("DismountOnPowerSaving", FALSE, &bDismountOnPowerSaving, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("DismountOnScreenSaver", FALSE, &bDismountOnScreenSaver, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("ForceAutoDismount", TRUE, &bForceAutoDismount, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("MaxVolumeIdleTime", -60, &MaxVolumeIdleTime, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("HiddenSectorDetectionStatus", 0, &HiddenSectorDetectionStatus, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("UseKeyfiles", FALSE, &defaultKeyFilesParam.EnableKeyFiles, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("PreserveTimestamps", TRUE, &defaultMountOptions.PreserveTimestamp, bOnlyCheckModified, pbSettingsModified); + if (!bOnlyCheckModified) + bPreserveTimestamp = defaultMountOptions.PreserveTimestamp; + + ConfigReadCompareInt ("ShowDisconnectedNetworkDrives", FALSE, &bShowDisconnectedNetworkDrives, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("HideWaitingDialog", FALSE, &bHideWaitingDialog, bOnlyCheckModified, pbSettingsModified); + + ConfigReadCompareInt ("MountVolumesRemovable", FALSE, &defaultMountOptions.Removable, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("MountVolumesReadOnly", FALSE, &defaultMountOptions.ReadOnly, bOnlyCheckModified, pbSettingsModified); + + if (!bOnlyCheckModified) + { + defaultMountOptions.ProtectHiddenVolume = FALSE; + defaultMountOptions.ProtectedHidVolPkcs5Prf = 0; + defaultMountOptions.ProtectedHidVolPim = 0; + defaultMountOptions.PartitionInInactiveSysEncScope = FALSE; + defaultMountOptions.RecoveryMode = FALSE; + defaultMountOptions.UseBackupHeader = FALSE; + + mountOptions = defaultMountOptions; + } + + ConfigReadCompareInt ("CloseSecurityTokenSessionsAfterMount", 0, &CloseSecurityTokenSessionsAfterMount, bOnlyCheckModified, pbSettingsModified); + + if (IsHiddenOSRunning()) + ConfigReadCompareInt ("HiddenSystemLeakProtNotifStatus", TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_NONE, &HiddenSysLeakProtectionNotificationStatus, bOnlyCheckModified, pbSettingsModified); + + // Drive letter - command line arg overrides registry + if (!bOnlyCheckModified && bHistory && szDriveLetter[0] == 0) + { + char szTmp[3] = {0}; + ConfigReadString ("LastSelectedDrive", "", szTmp, sizeof (szTmp)); + MultiByteToWideChar (CP_UTF8, 0, szTmp, -1, szDriveLetter, ARRAYSIZE (szDriveLetter)); + } + if (bHistory && pbSettingsModified) + { + // only check for last drive modification if history enabled + char szTmp[32] = {0}; + LPARAM lLetter; + lLetter = GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST)); + if (LOWORD (lLetter) != 0xffff) + StringCbPrintfA (szTmp, sizeof(szTmp), "%lc:", (wchar_t) HIWORD (lLetter)); + + ConfigReadCompareString ("LastSelectedDrive", "", szTmp, sizeof (szTmp), bOnlyCheckModified, pbSettingsModified); + } + + { + char szTmp[MAX_PATH]; + WideCharToMultiByte (CP_UTF8, 0, SecurityTokenLibraryPath, -1, szTmp, MAX_PATH, NULL, NULL); + ConfigReadCompareString ("SecurityTokenLibrary", "", szTmp, sizeof (szTmp) - 1, bOnlyCheckModified, pbSettingsModified); + MultiByteToWideChar (CP_UTF8, 0, szTmp, -1, SecurityTokenLibraryPath, ARRAYSIZE (SecurityTokenLibraryPath)); + if (!bOnlyCheckModified && SecurityTokenLibraryPath[0]) + { + InitSecurityTokenLibrary(hwndDlg); + } + } + + // Hotkeys + ConfigReadCompareInt ("PlaySoundOnHotkeyMountDismount", TRUE, &bPlaySoundOnSuccessfulHkDismount, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("DisplayMsgBoxOnHotkeyDismount", TRUE, &bDisplayBalloonOnSuccessfulHkDismount, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyModAutoMountDevices", 0, (int*) &Hotkeys [HK_AUTOMOUNT_DEVICES].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyCodeAutoMountDevices", 0, (int*) &Hotkeys [HK_AUTOMOUNT_DEVICES].vKeyCode, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyModDismountAll", 0, (int*) &Hotkeys [HK_DISMOUNT_ALL].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyCodeDismountAll", 0, (int*) &Hotkeys [HK_DISMOUNT_ALL].vKeyCode, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyModWipeCache", 0, (int*) &Hotkeys [HK_WIPE_CACHE].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyCodeWipeCache", 0, (int*) &Hotkeys [HK_WIPE_CACHE].vKeyCode, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyModDismountAllWipe", 0, (int*) &Hotkeys [HK_DISMOUNT_ALL_AND_WIPE].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyCodeDismountAllWipe", 0, (int*) &Hotkeys [HK_DISMOUNT_ALL_AND_WIPE].vKeyCode, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyModForceDismountAllWipe", 0, (int*) &Hotkeys [HK_FORCE_DISMOUNT_ALL_AND_WIPE].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyCodeForceDismountAllWipe", 0, (int*) &Hotkeys [HK_FORCE_DISMOUNT_ALL_AND_WIPE].vKeyCode, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyModForceDismountAllWipeExit", 0, (int*) &Hotkeys [HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyCodeForceDismountAllWipeExit", 0, (int*) &Hotkeys [HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT].vKeyCode, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyModMountFavoriteVolumes", 0, (int*) &Hotkeys [HK_MOUNT_FAVORITE_VOLUMES].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyCodeMountFavoriteVolumes", 0, (int*) &Hotkeys [HK_MOUNT_FAVORITE_VOLUMES].vKeyCode, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyModShowHideMainWindow", 0, (int*) &Hotkeys [HK_SHOW_HIDE_MAIN_WINDOW].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyCodeShowHideMainWindow", 0, (int*) &Hotkeys [HK_SHOW_HIDE_MAIN_WINDOW].vKeyCode, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyModCloseSecurityTokenSessions", 0, (int*) &Hotkeys [HK_CLOSE_SECURITY_TOKEN_SESSIONS].vKeyModifiers, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("HotkeyCodeCloseSecurityTokenSessions", 0, (int*) &Hotkeys [HK_CLOSE_SECURITY_TOKEN_SESSIONS].vKeyCode, bOnlyCheckModified, pbSettingsModified); + + // History + if (bHistoryCmdLine != TRUE) + { + LoadCombo (GetDlgItem (MainDlg, IDC_VOLUME), bHistory, bOnlyCheckModified, pbHistoryModified); + if (!bOnlyCheckModified && CmdLineVolumeSpecified) + SetWindowText (GetDlgItem (MainDlg, IDC_VOLUME), szFileName); + } + + // Mount Options + ConfigReadCompareInt ("DefaultPRF", 0, &DefaultVolumePkcs5, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("DefaultTrueCryptMode", FALSE, &DefaultVolumeTrueCryptMode, bOnlyCheckModified, pbSettingsModified); + + if (bOnlyCheckModified) + { + if (!IsNonInstallMode ()) + { + ConfigReadString ("Language", "", langid, sizeof (langid)); + // when installed, if no preferred language set by user, English is set default + // + if (langid [0] == 0) + StringCbCopyA (langid, sizeof(langid), "en"); + + if (pbSettingsModified && strcmp (langid, GetPreferredLangId ())) + *pbSettingsModified = TRUE; + } + else + { + StringCbCopyA (langid, sizeof(langid), GetPreferredLangId ()); + ConfigReadCompareString ("Language", "", langid, sizeof (langid), TRUE, pbSettingsModified); + } + } + + if (DefaultVolumePkcs5 < 0 || DefaultVolumePkcs5 > LAST_PRF_ID) + DefaultVolumePkcs5 = 0; + if (DefaultVolumeTrueCryptMode != TRUE && DefaultVolumeTrueCryptMode != FALSE) + DefaultVolumeTrueCryptMode = FALSE; + +} + +void LoadSettings ( HWND hwndDlg ) +{ + LoadSettingsAndCheckModified (hwndDlg, FALSE, NULL, NULL); +} + +void SaveSettings (HWND hwndDlg) +{ + WaitCursor (); + + // Check first if modifications ocurred before writing to the settings and history files + // This avoids leaking information about VeraCrypt usage when user only mount volumes without changing setttings or history + BOOL bSettingsChanged = FALSE; + BOOL bHistoryChanged = FALSE; + + LoadSettingsAndCheckModified (hwndDlg, TRUE, &bSettingsChanged, &bHistoryChanged); + + if (bSettingsChanged) + { + char szTmp[32] = {0}; + LPARAM lLetter; + + // Options + ConfigWriteBegin (); + + ConfigWriteInt ("OpenExplorerWindowAfterMount", bExplore); + ConfigWriteInt ("UseDifferentTrayIconIfVolumesMounted", bUseDifferentTrayIconIfVolMounted); + ConfigWriteInt ("SaveVolumeHistory", bHistory); + + ConfigWriteInt ("CachePasswords", bCacheInDriverDefault); + ConfigWriteInt ("CachePasswordDuringMultipleMount", bCacheDuringMultipleMount); + ConfigWriteInt ("WipePasswordCacheOnExit", bWipeCacheOnExit); + ConfigWriteInt ("WipeCacheOnAutoDismount", bWipeCacheOnAutoDismount); + + ConfigWriteInt ("IncludePimInCache", bIncludePimInCache); + + ConfigWriteInt ("TryEmptyPasswordWhenKeyfileUsed", bTryEmptyPasswordWhenKeyfileUsed); + + ConfigWriteInt ("StartOnLogon", bStartOnLogon); + ConfigWriteInt ("MountDevicesOnLogon", bMountDevicesOnLogon); + ConfigWriteInt ("MountFavoritesOnLogon", bMountFavoritesOnLogon); + + ConfigWriteInt ("MountVolumesReadOnly", defaultMountOptions.ReadOnly); + ConfigWriteInt ("MountVolumesRemovable", defaultMountOptions.Removable); + ConfigWriteInt ("PreserveTimestamps", defaultMountOptions.PreserveTimestamp); + ConfigWriteInt ("ShowDisconnectedNetworkDrives",bShowDisconnectedNetworkDrives); + ConfigWriteInt ("HideWaitingDialog", bHideWaitingDialog); + + ConfigWriteInt ("EnableBackgroundTask", bEnableBkgTask); + ConfigWriteInt ("CloseBackgroundTaskOnNoVolumes", bCloseBkgTaskWhenNoVolumes); + + ConfigWriteInt ("DismountOnLogOff", bDismountOnLogOff); + ConfigWriteInt ("DismountOnSessionLocked", bDismountOnSessionLocked); + ConfigWriteInt ("DismountOnPowerSaving", bDismountOnPowerSaving); + ConfigWriteInt ("DismountOnScreenSaver", bDismountOnScreenSaver); + ConfigWriteInt ("ForceAutoDismount", bForceAutoDismount); + ConfigWriteInt ("MaxVolumeIdleTime", MaxVolumeIdleTime); + + ConfigWriteInt ("HiddenSectorDetectionStatus", HiddenSectorDetectionStatus); + + ConfigWriteInt ("UseKeyfiles", defaultKeyFilesParam.EnableKeyFiles); + + if (IsHiddenOSRunning()) + ConfigWriteInt ("HiddenSystemLeakProtNotifStatus", HiddenSysLeakProtectionNotificationStatus); + + // save last selected drive only when history enabled + if (bHistory) + { + // Drive Letter + lLetter = GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST)); + if (LOWORD (lLetter) != 0xffff) + StringCbPrintfA (szTmp, sizeof(szTmp), "%lc:", (wchar_t) HIWORD (lLetter)); + ConfigWriteString ("LastSelectedDrive", szTmp); + } + + ConfigWriteInt ("CloseSecurityTokenSessionsAfterMount", CloseSecurityTokenSessionsAfterMount); + + // Hotkeys + ConfigWriteInt ("HotkeyModAutoMountDevices", Hotkeys[HK_AUTOMOUNT_DEVICES].vKeyModifiers); + ConfigWriteInt ("HotkeyCodeAutoMountDevices", Hotkeys[HK_AUTOMOUNT_DEVICES].vKeyCode); + ConfigWriteInt ("HotkeyModDismountAll", Hotkeys[HK_DISMOUNT_ALL].vKeyModifiers); + ConfigWriteInt ("HotkeyCodeDismountAll", Hotkeys[HK_DISMOUNT_ALL].vKeyCode); + ConfigWriteInt ("HotkeyModWipeCache", Hotkeys[HK_WIPE_CACHE].vKeyModifiers); + ConfigWriteInt ("HotkeyCodeWipeCache", Hotkeys[HK_WIPE_CACHE].vKeyCode); + ConfigWriteInt ("HotkeyModDismountAllWipe", Hotkeys[HK_DISMOUNT_ALL_AND_WIPE].vKeyModifiers); + ConfigWriteInt ("HotkeyCodeDismountAllWipe", Hotkeys[HK_DISMOUNT_ALL_AND_WIPE].vKeyCode); + ConfigWriteInt ("HotkeyModForceDismountAllWipe", Hotkeys[HK_FORCE_DISMOUNT_ALL_AND_WIPE].vKeyModifiers); + ConfigWriteInt ("HotkeyCodeForceDismountAllWipe", Hotkeys[HK_FORCE_DISMOUNT_ALL_AND_WIPE].vKeyCode); + ConfigWriteInt ("HotkeyModForceDismountAllWipeExit", Hotkeys[HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT].vKeyModifiers); + ConfigWriteInt ("HotkeyCodeForceDismountAllWipeExit", Hotkeys[HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT].vKeyCode); + ConfigWriteInt ("HotkeyModMountFavoriteVolumes", Hotkeys[HK_MOUNT_FAVORITE_VOLUMES].vKeyModifiers); + ConfigWriteInt ("HotkeyCodeMountFavoriteVolumes", Hotkeys[HK_MOUNT_FAVORITE_VOLUMES].vKeyCode); + ConfigWriteInt ("HotkeyModShowHideMainWindow", Hotkeys[HK_SHOW_HIDE_MAIN_WINDOW].vKeyModifiers); + ConfigWriteInt ("HotkeyCodeShowHideMainWindow", Hotkeys[HK_SHOW_HIDE_MAIN_WINDOW].vKeyCode); + ConfigWriteInt ("HotkeyModCloseSecurityTokenSessions", Hotkeys[HK_CLOSE_SECURITY_TOKEN_SESSIONS].vKeyModifiers); + ConfigWriteInt ("HotkeyCodeCloseSecurityTokenSessions", Hotkeys[HK_CLOSE_SECURITY_TOKEN_SESSIONS].vKeyCode); + ConfigWriteInt ("PlaySoundOnHotkeyMountDismount", bPlaySoundOnSuccessfulHkDismount); + ConfigWriteInt ("DisplayMsgBoxOnHotkeyDismount", bDisplayBalloonOnSuccessfulHkDismount); + + // Language + ConfigWriteString ("Language", GetPreferredLangId ()); + + // PKCS#11 Library Path + ConfigWriteStringW ("SecurityTokenLibrary", SecurityTokenLibraryPath[0] ? SecurityTokenLibraryPath : L""); + + // Mount Options + ConfigWriteInt ("DefaultPRF", DefaultVolumePkcs5); + ConfigWriteInt ("DefaultTrueCryptMode", DefaultVolumeTrueCryptMode); + + ConfigWriteEnd (hwndDlg); + } + + if (bHistoryChanged) + { + // History + DumpCombo (GetDlgItem (MainDlg, IDC_VOLUME), IsButtonChecked (GetDlgItem (MainDlg, IDC_NO_HISTORY))); + } + + NormalCursor (); +} + +// Returns TRUE if system encryption or decryption had been or is in progress and has not been completed +static BOOL SysEncryptionOrDecryptionRequired (void) +{ + /* If you update this function, revise SysEncryptionOrDecryptionRequired() in Tcformat.c as well. */ + + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + return (SystemEncryptionStatus == SYSENC_STATUS_ENCRYPTING + || SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING + || + ( + BootEncStatus.DriveMounted + && + ( + BootEncStatus.ConfiguredEncryptedAreaStart != BootEncStatus.EncryptedAreaStart + || BootEncStatus.ConfiguredEncryptedAreaEnd != BootEncStatus.EncryptedAreaEnd + ) + ) + ); +} + +// Returns TRUE if the system partition/drive is completely encrypted +static BOOL SysDriveOrPartitionFullyEncrypted (BOOL bSilent) +{ + /* If you update this function, revise SysDriveOrPartitionFullyEncrypted() in Tcformat.c as well. */ + + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + if (!bSilent) + e.Show (MainDlg); + } + + return (!BootEncStatus.SetupInProgress + && BootEncStatus.ConfiguredEncryptedAreaEnd != 0 + && BootEncStatus.ConfiguredEncryptedAreaEnd != -1 + && BootEncStatus.ConfiguredEncryptedAreaStart == BootEncStatus.EncryptedAreaStart + && BootEncStatus.ConfiguredEncryptedAreaEnd == BootEncStatus.EncryptedAreaEnd); +} + +// Returns TRUE if the system partition/drive is being filtered by the TrueCrypt driver and the key data +// was successfully decrypted (the device is fully ready to be encrypted or decrypted). Note that this +// function does not examine whether the system device is encrypted or not (or to what extent). +static BOOL SysEncDeviceActive (BOOL bSilent) +{ + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + if (!bSilent) + e.Show (MainDlg); + + return FALSE; + } + + return (BootEncStatus.DriveMounted); +} + +// Returns TRUE if the entire system drive (as opposed to the system partition only) of the currently running OS is (or is to be) encrypted +BOOL WholeSysDriveEncryption (BOOL bSilent) +{ + try + { + BootEncStatus = BootEncObj->GetStatus(); + + if (BootEncStatus.BootDriveLength.QuadPart < 1) // paranoid check + return FALSE; + else + return (BootEncStatus.ConfiguredEncryptedAreaStart == TC_BOOT_LOADER_AREA_SIZE + && BootEncStatus.ConfiguredEncryptedAreaEnd >= BootEncStatus.BootDriveLength.QuadPart - 1); + } + catch (Exception &e) + { + if (!bSilent) + e.Show (MainDlg); + + return FALSE; + } +} + +// Returns the size of the system drive/partition (if encrypted) in bytes +unsigned __int64 GetSysEncDeviceSize (BOOL bSilent) +{ + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + if (!bSilent) + e.Show (MainDlg); + return 1; + } + + if ( BootEncStatus.ConfiguredEncryptedAreaEnd < 0 + || BootEncStatus.ConfiguredEncryptedAreaStart < 0 + || BootEncStatus.ConfiguredEncryptedAreaEnd < BootEncStatus.ConfiguredEncryptedAreaStart + ) + return 1; // we return 1 to avoid devision by zero + else + return ((unsigned __int64)(BootEncStatus.ConfiguredEncryptedAreaEnd - BootEncStatus.ConfiguredEncryptedAreaStart)) + 1; +} + +// Returns the current size of the encrypted area of the system drive/partition in bytes +unsigned __int64 GetSysEncDeviceEncryptedPartSize (BOOL bSilent) +{ + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + if (!bSilent) + e.Show (MainDlg); + return 0; + } + + if ( BootEncStatus.EncryptedAreaEnd < 0 + || BootEncStatus.EncryptedAreaStart < 0 + || BootEncStatus.EncryptedAreaEnd < BootEncStatus.EncryptedAreaStart + ) + return 0; + else + return ((unsigned __int64)(BootEncStatus.EncryptedAreaEnd - BootEncStatus.EncryptedAreaStart)) + 1; +} + + +static void PopulateSysEncContextMenu (HMENU popup, BOOL bToolsOnly) +{ + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + if (!bToolsOnly && !IsHiddenOSRunning()) + { + if (SysEncryptionOrDecryptionRequired ()) + { + if (!BootEncStatus.SetupInProgress) + AppendMenuW (popup, MF_STRING, IDM_SYSENC_RESUME, GetString ("IDM_SYSENC_RESUME")); + + if (SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING) + AppendMenuW (popup, MF_STRING, IDM_PERMANENTLY_DECRYPT_SYS, GetString ("PERMANENTLY_DECRYPT")); + + AppendMenuW (popup, MF_STRING, IDM_ENCRYPT_SYSTEM_DEVICE, GetString ("ENCRYPT")); + AppendMenu (popup, MF_SEPARATOR, 0, L""); + } + } + + AppendMenuW (popup, MF_STRING, IDM_CHANGE_SYS_PASSWORD, GetString ("IDM_CHANGE_SYS_PASSWORD")); + // AppendMenuW (popup, MF_STRING, IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO, GetString ("IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO")); + + AppendMenu (popup, MF_SEPARATOR, 0, L""); + AppendMenuW (popup, MF_STRING, IDM_SYS_ENC_SETTINGS, GetString ("IDM_SYS_ENC_SETTINGS")); + + if (!IsHiddenOSRunning()) + { + AppendMenu (popup, MF_SEPARATOR, 0, L""); + AppendMenuW (popup, MF_STRING, IDM_CREATE_RESCUE_DISK, GetString ("IDM_CREATE_RESCUE_DISK")); + AppendMenuW (popup, MF_STRING, IDM_VERIFY_RESCUE_DISK, GetString ("IDM_VERIFY_RESCUE_DISK")); + AppendMenuW (popup, MF_STRING, IDM_VERIFY_RESCUE_DISK_ISO, GetString ("IDM_VERIFY_RESCUE_DISK_ISO")); + } + + if (!bToolsOnly) + { + if (SysDriveOrPartitionFullyEncrypted (FALSE) && !IsHiddenOSRunning()) + { + AppendMenu (popup, MF_SEPARATOR, 0, L""); + AppendMenuW (popup, MF_STRING, IDM_PERMANENTLY_DECRYPT_SYS, GetString ("PERMANENTLY_DECRYPT")); + } + AppendMenu (popup, MF_SEPARATOR, 0, L""); + AppendMenuW (popup, MF_STRING, IDM_VOLUME_PROPERTIES, GetString ("IDPM_PROPERTIES")); + } +} + + +// WARNING: This function may take a long time to complete. To prevent data corruption, it MUST be called before +// mounting a partition (as a regular volume) that is within key scope of system encryption. +// Returns TRUE if the partition can be mounted as a partition within key scope of inactive system encryption. +// If devicePath is empty, the currently selected partition in the GUI is checked. +BOOL CheckSysEncMountWithoutPBA (HWND hwndDlg, const wchar_t *devicePath, BOOL quiet) +{ + BOOL tmpbDevice; + wchar_t szDevicePath [TC_MAX_PATH+1]; + wchar_t szDiskFile [TC_MAX_PATH+1]; + + if (wcslen (devicePath) < 2) + { + GetVolumePath (MainDlg, szDevicePath, ARRAYSIZE (szDevicePath)); + CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), szDevicePath, &tmpbDevice); + + if (!tmpbDevice) + { + if (!quiet) + Warning ("NO_SYSENC_PARTITION_SELECTED", hwndDlg); + + return FALSE; + } + + if (LOWORD (GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST))) != TC_MLIST_ITEM_FREE) + { + if (!quiet) + Warning ("SELECT_FREE_DRIVE", hwndDlg); + + return FALSE; + } + } + else + StringCbCopyW (szDevicePath, sizeof(szDevicePath), devicePath); + + wchar_t *partionPortion = wcsrchr (szDevicePath, L'\\'); + + if (!partionPortion + || !_wcsicmp (partionPortion, L"\\Partition0")) + { + // Only partitions are supported (not whole drives) + if (!quiet) + Warning ("NO_SYSENC_PARTITION_SELECTED", hwndDlg); + + return FALSE; + } + + try + { + BootEncStatus = BootEncObj->GetStatus(); + + if (BootEncStatus.DriveMounted) + { + int retCode = 0; + int driveNo; + wchar_t parentDrivePath [TC_MAX_PATH+1]; + + if (swscanf (szDevicePath, L"\\Device\\Harddisk%d\\Partition", &driveNo) != 1) + { + if (!quiet) + Error ("INVALID_PATH", hwndDlg); + + return FALSE; + } + + StringCbPrintfW (parentDrivePath, + sizeof (parentDrivePath), + L"\\Device\\Harddisk%d\\Partition0", + driveNo); + + WaitCursor (); + + // This is critical (re-mounting a mounted system volume as a normal volume could cause data corruption) + // so we force the slower but reliable method + retCode = IsSystemDevicePath (parentDrivePath, MainDlg, TRUE); + + NormalCursor(); + + if (retCode != 2) + return TRUE; + else + { + // The partition is located on active system drive + + if (!quiet) + Warning ("MOUNT_WITHOUT_PBA_VOL_ON_ACTIVE_SYSENC_DRIVE", hwndDlg); + + return FALSE; + } + } + else + return TRUE; + } + catch (Exception &e) + { + NormalCursor(); + e.Show (hwndDlg); + } + + return FALSE; +} + + +// Returns TRUE if the host drive of the specified partition contains a portion of the TrueCrypt Boot Loader +// and if the drive is not within key scope of active system encryption (e.g. the system drive of the running OS). +// If bPrebootPasswordDlgMode is TRUE, this function returns FALSE (because the check would be redundant). +BOOL TCBootLoaderOnInactiveSysEncDrive (wchar_t *szDevicePath) +{ + try + { + int driveNo; + wchar_t parentDrivePath [TC_MAX_PATH+1]; + + if (bPrebootPasswordDlgMode) + return FALSE; + + + if (swscanf (szDevicePath, L"\\Device\\Harddisk%d\\Partition", &driveNo) != 1) + return FALSE; + + StringCbPrintfW (parentDrivePath, + sizeof (parentDrivePath), + L"\\Device\\Harddisk%d\\Partition0", + driveNo); + + BootEncStatus = BootEncObj->GetStatus(); + + if (BootEncStatus.DriveMounted + && IsSystemDevicePath (parentDrivePath, MainDlg, FALSE) == 2) + { + // The partition is within key scope of active system encryption + return FALSE; + } + + return ((BOOL) BootEncObj->IsBootLoaderOnDrive (parentDrivePath)); + } + catch (...) + { + return FALSE; + } + +} + + +BOOL SelectItem (HWND hTree, wchar_t nLetter) +{ + if (nLetter == 0) + { + // The caller specified an invalid drive letter (typically because it is unknown). + // Find out which drive letter is currently selected in the list and use it. + nLetter = (wchar_t) (HIWORD (GetSelectedLong (hTree))); + } + + int i; + LVITEM item; + + for (i = 0; i < ListView_GetItemCount(hTree); i++) + { + memset(&item, 0, sizeof(LVITEM)); + item.mask = LVIF_PARAM; + item.iItem = i; + + if (ListView_GetItem (hTree, &item) == FALSE) + return FALSE; + else + { + if (HIWORD (item.lParam) == nLetter) + { + memset(&item, 0, sizeof(LVITEM)); + item.state = LVIS_FOCUSED|LVIS_SELECTED; + item.stateMask = LVIS_FOCUSED|LVIS_SELECTED; + item.mask = LVIF_STATE; + item.iItem = i; + SendMessage(hTree, LVM_SETITEMSTATE, i, (LPARAM) &item); + return TRUE; + } + } + } + + return TRUE; +} + + +static void LaunchVolCreationWizard (HWND hwndDlg, const wchar_t *arg) +{ + wchar_t t[TC_MAX_PATH + 1024] = {L'"',0}; + wchar_t *tmp; + + GetModuleFileName (NULL, t+1, ARRAYSIZE(t)-1); + + tmp = wcsrchr (t, L'\\'); + if (tmp) + { + STARTUPINFO si; + PROCESS_INFORMATION pi; + wchar_t formatExeName[64]; + wchar_t* suffix = NULL; + ZeroMemory (&si, sizeof (si)); + + StringCbCopyW (formatExeName, sizeof (formatExeName), L"\\VeraCrypt Format"); + + // check if there is a suffix in VeraCrypt file name + // in order to use the same for "VeraCrypt Format" + suffix = wcsrchr (tmp + 1, L'-'); + if (suffix) + { + StringCbCatW (formatExeName, sizeof (formatExeName), suffix); + StringCbCatW (formatExeName, sizeof (formatExeName), L"\""); + } + else + StringCbCatW (formatExeName, sizeof (formatExeName), L".exe\""); + + *tmp = 0; + StringCbCatW (t, sizeof(t), formatExeName); + + if (!FileExists(t)) + Error ("VOL_CREATION_WIZARD_NOT_FOUND", hwndDlg); // Display a user-friendly error message and advise what to do + + if (wcslen (arg) > 0) + { + StringCbCatW (t, sizeof(t), L" "); + StringCbCatW (t, sizeof(t), arg); + } + + if (!CreateProcess (NULL, (LPWSTR) t, NULL, NULL, FALSE, NORMAL_PRIORITY_CLASS, NULL, NULL, &si, &pi)) + { + handleWin32Error (hwndDlg, SRC_POS); + } + else + { + CloseHandle (pi.hProcess); + CloseHandle (pi.hThread); + } + } +} + +static void LaunchVolExpander (HWND hwndDlg) +{ + wchar_t t[TC_MAX_PATH + TC_MAX_PATH] = {L'"',0}; + wchar_t *tmp; + + GetModuleFileName (NULL, t+1, ARRAYSIZE(t)-1); + + tmp = wcsrchr (t, L'\\'); + if (tmp) + { + wchar_t expanderExeName[64]; + wchar_t* suffix = NULL; + + StringCbCopyW (expanderExeName, sizeof (expanderExeName), L"\\VeraCryptExpander"); + + // check if there is a suffix in VeraCrypt file name + // in order to use the same for "VeraCrypt Format" + suffix = wcsrchr (tmp + 1, L'-'); + if (suffix) + { + StringCbCatW (expanderExeName, sizeof (expanderExeName), suffix); + StringCbCatW (expanderExeName, sizeof (expanderExeName), L"\""); + } + else + StringCbCatW (expanderExeName, sizeof (expanderExeName), L".exe\""); + + *tmp = 0; + StringCbCatW (t, sizeof(t), expanderExeName); + + if (!FileExists(t)) + Error ("VOL_EXPANDER_NOT_FOUND", hwndDlg); // Display a user-friendly error message and advise what to do + else if (((int)ShellExecuteW (NULL, (!IsAdmin() && IsUacSupported()) ? L"runas" : L"open", t, NULL, NULL, SW_SHOW)) <= 32) + { + handleWin32Error (hwndDlg, SRC_POS); + } + } +} + + +// Fills drive list +// drive>0 = update only the corresponding drive subitems +void LoadDriveLetters (HWND hwndDlg, HWND hTree, int drive) +{ + // Remember the top-most visible item + int lastTopMostVisibleItem = ListView_GetTopIndex (hTree); + + wchar_t *szDriveLetters[]= + {L"A:", L"B:", L"C:", L"D:", + L"E:", L"F:", L"G:", L"H:", L"I:", L"J:", L"K:", + L"L:", L"M:", L"N:", L"O:", L"P:", L"Q:", L"R:", + L"S:", L"T:", L"U:", L"V:", L"W:", L"X:", L"Y:", + L"Z:"}; + + DWORD dwResult; + BOOL bResult; + DWORD dwUsedDrives; + MOUNT_LIST_STRUCT driver; + VOLUME_PROPERTIES_STRUCT propSysEnc; + wchar_t sysDriveLetter = 0; + + BOOL bSysEnc = FALSE; + BOOL bWholeSysDriveEncryption = FALSE; + + LVITEM listItem; + int item = 0; + char i; + + try + { + BootEncStatus = BootEncObj->GetStatus(); + if (bSysEnc = BootEncStatus.DriveMounted) + { + BootEncObj->GetVolumeProperties (&propSysEnc); + } + } + catch (...) + { + bSysEnc = FALSE; + } + + ZeroMemory (&driver, sizeof (driver)); + bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &driver, + sizeof (driver), &driver, sizeof (driver), &dwResult, + NULL); + memcpy (&LastKnownMountList, &driver, sizeof (driver)); + + if (bResult == FALSE) + { + KillTimer (MainDlg, TIMER_ID_MAIN); + handleWin32Error (hTree, SRC_POS); + AbortProcessSilent(); + } + + LastKnownLogicalDrives = dwUsedDrives = GetUsedLogicalDrives (); + if (dwUsedDrives == 0) + Warning ("DRIVELETTERS", hwndDlg); + + if(drive == 0) + ListView_DeleteAllItems(hTree); + + if (bSysEnc) + { + bWholeSysDriveEncryption = WholeSysDriveEncryption (TRUE); + + sysDriveLetter = GetSystemDriveLetter (); + } + + /* System drive */ + + if (bWholeSysDriveEncryption) + { + int curDrive = 0; + + if (drive > 0) + { + LVITEM tmp; + memset(&tmp, 0, sizeof(LVITEM)); + tmp.mask = LVIF_PARAM; + tmp.iItem = item; + if (ListView_GetItem (hTree, &tmp)) + curDrive = HIWORD(tmp.lParam); + } + + { + wchar_t szTmp[1024]; + wchar_t szTmpW[1024]; + + memset(&listItem, 0, sizeof(listItem)); + + listItem.mask = LVIF_TEXT | LVIF_IMAGE | LVIF_PARAM; + listItem.iImage = 2; + listItem.iItem = item++; + + listItem.pszText = szTmp; + szTmp[0] = L' '; + szTmp[1] = 0; + + listItem.lParam = MAKELONG (TC_MLIST_ITEM_SYS_DRIVE, ENC_SYSDRIVE_PSEUDO_DRIVE_LETTER); + + if(drive == 0) + ListView_InsertItem (hTree, &listItem); + else + ListView_SetItem (hTree, &listItem); + + listItem.mask=LVIF_TEXT; + + // Fully encrypted + if (SysDriveOrPartitionFullyEncrypted (TRUE)) + { + StringCbCopyW (szTmpW, sizeof(szTmpW), GetString ("SYSTEM_DRIVE")); + } + else + { + // Partially encrypted + + if (BootEncStatus.SetupInProgress) + { + // Currently encrypting/decrypting + + if (BootEncStatus.SetupMode != SetupDecryption) + { + StringCbPrintfW (szTmpW, + sizeof szTmpW, + GetString ("SYSTEM_DRIVE_ENCRYPTING"), + (double) GetSysEncDeviceEncryptedPartSize (TRUE) / (double) GetSysEncDeviceSize (TRUE) * 100.0); + } + else + { + StringCbPrintfW (szTmpW, + sizeof szTmpW, + GetString ("SYSTEM_DRIVE_DECRYPTING"), + 100.0 - ((double) GetSysEncDeviceEncryptedPartSize (TRUE) / (double) GetSysEncDeviceSize (TRUE) * 100.0)); + } + } + else + { + StringCbPrintfW (szTmpW, + sizeof szTmpW, + GetString ("SYSTEM_DRIVE_PARTIALLY_ENCRYPTED"), + (double) GetSysEncDeviceEncryptedPartSize (TRUE) / (double) GetSysEncDeviceSize (TRUE) * 100.0); + } + } + + ListSubItemSet (hTree, listItem.iItem, 1, szTmpW); + + GetSizeString (GetSysEncDeviceSize(TRUE), szTmpW, sizeof(szTmpW)); + ListSubItemSet (hTree, listItem.iItem, 2, szTmpW); + + if (propSysEnc.ea >= EAGetFirst() && propSysEnc.ea <= EAGetCount()) + { + EAGetName (szTmp, propSysEnc.ea, 1); + } + else + { + szTmp[0] = L'?'; + szTmp[1] = 0; + } + listItem.iSubItem = 3; + ListView_SetItem (hTree, &listItem); + + ListSubItemSet (hTree, listItem.iItem, 4, GetString (IsHiddenOSRunning() ? "HIDDEN" : "SYSTEM_VOLUME_TYPE_ADJECTIVE")); + } + } + + /* Drive letters */ + + for (i = 0; i < 26; i++) + { + int curDrive = 0; + + BOOL bSysEncPartition = (bSysEnc && !bWholeSysDriveEncryption && sysDriveLetter == *((wchar_t *) szDriveLetters[i])); + + if (drive > 0) + { + LVITEM tmp; + memset(&tmp, 0, sizeof(LVITEM)); + tmp.mask = LVIF_PARAM; + tmp.iItem = item; + if (ListView_GetItem (hTree, &tmp)) + curDrive = HIWORD(tmp.lParam); + } + + if (driver.ulMountedDrives & (1 << i) + || bSysEncPartition) + { + wchar_t szTmp[1024]; + wchar_t szTmpW[1024]; + wchar_t *ws; + + memset(&listItem, 0, sizeof(listItem)); + + listItem.mask = LVIF_TEXT | LVIF_IMAGE | LVIF_PARAM; + listItem.iImage = bSysEncPartition ? 2 : 1; + listItem.iItem = item++; + + if (drive > 0 && drive != curDrive) + continue; + + listItem.lParam = MAKELONG ( + bSysEncPartition ? TC_MLIST_ITEM_SYS_PARTITION : TC_MLIST_ITEM_NONSYS_VOL, + i + L'A'); + + listItem.pszText = szDriveLetters[i]; + + if (drive == 0) + ListView_InsertItem (hTree, &listItem); + else + ListView_SetItem (hTree, &listItem); + + listItem.mask=LVIF_TEXT; + listItem.pszText = szTmp; + + if (bSysEncPartition) + { + // Fully encrypted + if (SysDriveOrPartitionFullyEncrypted (TRUE)) + { + StringCbCopyW (szTmpW, sizeof(szTmpW), GetString (IsHiddenOSRunning() ? "HIDDEN_SYSTEM_PARTITION" : "SYSTEM_PARTITION")); + } + else + { + // Partially encrypted + + if (BootEncStatus.SetupInProgress) + { + // Currently encrypting/decrypting + + if (BootEncStatus.SetupMode != SetupDecryption) + { + StringCbPrintfW (szTmpW, + sizeof szTmpW, + GetString ("SYSTEM_PARTITION_ENCRYPTING"), + (double) GetSysEncDeviceEncryptedPartSize (TRUE) / (double) GetSysEncDeviceSize (TRUE) * 100.0); + } + else + { + StringCbPrintfW (szTmpW, + sizeof szTmpW, + GetString ("SYSTEM_PARTITION_DECRYPTING"), + 100.0 - ((double) GetSysEncDeviceEncryptedPartSize (TRUE) / (double) GetSysEncDeviceSize (TRUE) * 100.0)); + } + } + else + { + StringCbPrintfW (szTmpW, + sizeof szTmpW, + GetString ("SYSTEM_PARTITION_PARTIALLY_ENCRYPTED"), + (double) GetSysEncDeviceEncryptedPartSize (TRUE) / (double) GetSysEncDeviceSize (TRUE) * 100.0); + } + } + + ListSubItemSet (hTree, listItem.iItem, 1, szTmpW); + } + else + { + wchar_t *path = driver.wszVolume[i]; + + if (wmemcmp (path, L"\\??\\", 4) == 0) + path += 4; + + listItem.iSubItem = 1; + + // first check label used for mounting. If empty, look for it in favorites. + bool useInExplorer = false; + wstring label = (wchar_t *) driver.wszLabel[i]; + if (label.empty()) + label = GetFavoriteVolumeLabel (path, useInExplorer); + if (!label.empty()) + ListSubItemSet (hTree, listItem.iItem, 1, (wchar_t *) label.c_str()); + else + ListSubItemSet (hTree, listItem.iItem, 1, (wchar_t *) FitPathInGfxWidth (hTree, hUserFont, ListView_GetColumnWidth (hTree, 1) - GetTextGfxWidth (hTree, L"___", hUserFont), path).c_str()); + } + + GetSizeString (bSysEncPartition ? GetSysEncDeviceSize(TRUE) : driver.diskLength[i], szTmpW, sizeof(szTmpW)); + ListSubItemSet (hTree, listItem.iItem, 2, szTmpW); + + EAGetName (szTmp, bSysEncPartition ? propSysEnc.ea : driver.ea[i], 1); + listItem.iSubItem = 3; + ListView_SetItem (hTree, &listItem); + + if (bSysEncPartition) + { + ws = GetString (IsHiddenOSRunning() ? "HIDDEN" : "SYSTEM_VOLUME_TYPE_ADJECTIVE"); + VolumeNotificationsList.bHidVolDamagePrevReported[i] = FALSE; + ListSubItemSet (hTree, listItem.iItem, 4, ws); + } + else + { + switch (driver.volumeType[i]) + { + case PROP_VOL_TYPE_NORMAL: + ws = GetString ("NORMAL"); + break; + case PROP_VOL_TYPE_HIDDEN: + ws = GetString ("HIDDEN"); + break; + case PROP_VOL_TYPE_OUTER: + ws = GetString ("OUTER"); // Normal/outer volume (hidden volume protected) + break; + case PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED: + ws = GetString ("OUTER_VOL_WRITE_PREVENTED"); // Normal/outer volume (hidden volume protected AND write denied) + break; + default: + ws = L"?"; + } + + if (driver.truecryptMode[i]) + { + StringCbPrintfW (szTmpW, sizeof(szTmpW), L"TrueCrypt-%s", ws); + ListSubItemSet (hTree, listItem.iItem, 4, szTmpW); + } + else + ListSubItemSet (hTree, listItem.iItem, 4, ws); + + if (driver.volumeType[i] == PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED) // Normal/outer volume (hidden volume protected AND write denied) + { + if (!VolumeNotificationsList.bHidVolDamagePrevReported[i]) + { + wchar_t szTmp[4096]; + + VolumeNotificationsList.bHidVolDamagePrevReported[i] = TRUE; + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("DAMAGE_TO_HIDDEN_VOLUME_PREVENTED"), i+L'A'); + SetForegroundWindow (GetParent(hTree)); + MessageBoxW (GetParent(hTree), szTmp, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); + } + } + else + { + VolumeNotificationsList.bHidVolDamagePrevReported[i] = FALSE; + } + } + } + else + { + VolumeNotificationsList.bHidVolDamagePrevReported[i] = FALSE; + + if (!(dwUsedDrives & 1 << i)) + { + if(drive > 0 && drive != HIWORD (GetSelectedLong (hTree))) + { + item++; + continue; + } + + memset(&listItem,0,sizeof(listItem)); + + listItem.mask = LVIF_TEXT | LVIF_IMAGE | LVIF_PARAM; + listItem.iImage = 0; + listItem.iItem = item++; + listItem.pszText = szDriveLetters[i]; + listItem.lParam = MAKELONG (TC_MLIST_ITEM_FREE, i + 'A'); + + if(drive == 0) + ListView_InsertItem (hTree, &listItem); + else + ListView_SetItem (hTree, &listItem); + + listItem.mask=LVIF_TEXT; + listItem.pszText = L""; + listItem.iSubItem = 1; + ListView_SetItem (hTree, &listItem); + listItem.iSubItem = 2; + ListView_SetItem (hTree, &listItem); + listItem.iSubItem = 3; + ListView_SetItem (hTree, &listItem); + listItem.iSubItem = 4; + ListView_SetItem (hTree, &listItem); + + } + } + } + + // Restore the original scroll position (the topmost item that was visible when we were called) and the + // last selected item. + SetListScrollHPos (hTree, lastTopMostVisibleItem); + SelectItem (hTree, 0); +} + +static void PasswordChangeEnable (HWND hwndDlg, int button, int passwordId, BOOL keyFilesEnabled, + int newPasswordId, int newVerifyId, BOOL newKeyFilesEnabled) +{ + char password[MAX_PASSWORD + 1]; + char newPassword[MAX_PASSWORD + 1]; + char newVerify[MAX_PASSWORD + 1]; + wchar_t tmp[MAX_PASSWORD + 1]; + BOOL bEnable = TRUE; + int passwordUtf8Len, newPasswordUtf8Len, newVerifyUtf8Len; + + GetWindowText (GetDlgItem (hwndDlg, passwordId), tmp, ARRAYSIZE (tmp)); + passwordUtf8Len = WideCharToMultiByte (CP_UTF8, 0, tmp, -1, password, sizeof (password), NULL, NULL); + + if (pwdChangeDlgMode == PCDM_CHANGE_PKCS5_PRF) + newKeyFilesEnabled = keyFilesEnabled; + + switch (pwdChangeDlgMode) + { + case PCDM_REMOVE_ALL_KEYFILES_FROM_VOL: + case PCDM_ADD_REMOVE_VOL_KEYFILES: + case PCDM_CHANGE_PKCS5_PRF: + memcpy (newPassword, password, sizeof (newPassword)); + memcpy (newVerify, password, sizeof (newVerify)); + newPasswordUtf8Len = passwordUtf8Len; + newVerifyUtf8Len = passwordUtf8Len; + break; + + default: + GetWindowText (GetDlgItem (hwndDlg, newPasswordId), tmp, ARRAYSIZE (tmp)); + newPasswordUtf8Len = WideCharToMultiByte (CP_UTF8, 0, tmp, -1, newPassword, sizeof (newPassword), NULL, NULL); + GetWindowText (GetDlgItem (hwndDlg, newVerifyId), tmp, ARRAYSIZE (tmp)); + newVerifyUtf8Len = WideCharToMultiByte (CP_UTF8, 0, tmp, -1, newVerify, sizeof (newVerify), NULL, NULL); + + } + + if (passwordUtf8Len <= 0 || (!keyFilesEnabled && ((passwordUtf8Len - 1) < MIN_PASSWORD))) + bEnable = FALSE; + else if (strcmp (newPassword, newVerify) != 0) + bEnable = FALSE; + else if ((newPasswordUtf8Len <= 0) || (!newKeyFilesEnabled && ((newPasswordUtf8Len - 1) < MIN_PASSWORD))) + bEnable = FALSE; + + burn (password, sizeof (password)); + burn (newPassword, sizeof (newPassword)); + burn (newVerify, sizeof (newVerify)); + burn (tmp, sizeof (tmp)); + + EnableWindow (GetDlgItem (hwndDlg, button), bEnable); +} + +// implementation for support of change password operation in wait dialog mechanism + +typedef struct +{ + Password *oldPassword; + int old_pkcs5; + int old_pim; + Password *newPassword; + int pkcs5; + int pim; + int wipePassCount; + BOOL truecryptMode; + int* pnStatus; +} ChangePwdThreadParam; + +void CALLBACK ChangePwdWaitThreadProc(void* pArg, HWND hwndDlg) +{ + ChangePwdThreadParam* pThreadParam = (ChangePwdThreadParam*) pArg; + + if (bSysEncPwdChangeDlgMode) + { + // System + + try + { + VOLUME_PROPERTIES_STRUCT properties; + BootEncObj->GetVolumeProperties(&properties); + pThreadParam->old_pkcs5 = properties.pkcs5; + } + catch(...) + {} + + pThreadParam->pkcs5 = 0; // PKCS-5 PRF unchanged (currently we can't change PRF of system encryption) + + try + { + *pThreadParam->pnStatus = BootEncObj->ChangePassword (pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pim, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pim, pThreadParam->wipePassCount, hwndDlg); + } + catch (Exception &e) + { + e.Show (hwndDlg); + *(pThreadParam->pnStatus) = ERR_OS_ERROR; + } + } + else + { + // Non-system + + *pThreadParam->pnStatus = ChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pim, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pim, pThreadParam->wipePassCount, hwndDlg); + + if (*pThreadParam->pnStatus == ERR_OS_ERROR + && GetLastError () == ERROR_ACCESS_DENIED + && IsUacSupported () + && IsVolumeDeviceHosted (szFileName)) + { + *pThreadParam->pnStatus = UacChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pim, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pim, pThreadParam->wipePassCount, hwndDlg); + } + } +} + +// implementation for support of backup header operation in wait dialog mechanism + +typedef struct +{ + BOOL bRequireConfirmation; + wchar_t *lpszVolume; + size_t cchVolume; + int* iResult; +} BackupHeaderThreadParam; + +void CALLBACK BackupHeaderWaitThreadProc(void* pArg, HWND hwndDlg) +{ + BackupHeaderThreadParam* pThreadParam = (BackupHeaderThreadParam*) pArg; + + if (TranslateVolumeID (hwndDlg, pThreadParam->lpszVolume, pThreadParam->cchVolume)) + { + if (!IsAdmin () && IsUacSupported () && IsVolumeDeviceHosted (pThreadParam->lpszVolume)) + *(pThreadParam->iResult) = UacBackupVolumeHeader (hwndDlg, pThreadParam->bRequireConfirmation, pThreadParam->lpszVolume); + else + *(pThreadParam->iResult) = BackupVolumeHeader (hwndDlg, pThreadParam->bRequireConfirmation, pThreadParam->lpszVolume); + } + else + *(pThreadParam->iResult) = ERR_OS_ERROR; +} + +// implementation for support of restoring header operation in wait dialog mechanism + +typedef struct +{ + wchar_t *lpszVolume; + size_t cchVolume; + int* iResult; +} RestoreHeaderThreadParam; + +void CALLBACK RestoreHeaderWaitThreadProc(void* pArg, HWND hwndDlg) +{ + RestoreHeaderThreadParam* pThreadParam = (RestoreHeaderThreadParam*) pArg; + + if (TranslateVolumeID (hwndDlg, pThreadParam->lpszVolume, pThreadParam->cchVolume)) + { + if (!IsAdmin () && IsUacSupported () && IsVolumeDeviceHosted (pThreadParam->lpszVolume)) + *(pThreadParam->iResult) = UacRestoreVolumeHeader (hwndDlg, pThreadParam->lpszVolume); + else + *(pThreadParam->iResult) = RestoreVolumeHeader (hwndDlg, pThreadParam->lpszVolume); + } + else + *(pThreadParam->iResult) = ERR_OS_ERROR; +} + +/* Except in response to the WM_INITDIALOG message, the dialog box procedure + should return nonzero if it processes the message, and zero if it does + not. - see DialogProc */ +BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + static KeyFilesDlgParam newKeyFilesParam; + static BOOL PimValueChangedWarning = FALSE; + static int* NewPimValuePtr = NULL; + + WORD lw = LOWORD (wParam); + WORD hw = HIWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + LPARAM nIndex, nSelectedIndex = 0; + HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID); + int i; + WipeAlgorithmId headerWipeMode = TC_WIPE_3_DOD_5220; + int EffectiveVolumePkcs5 = CmdVolumePkcs5; + BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode; + int EffectiveVolumePim = CmdVolumePim; + + /* Priority is given to command line parameters + * Default values used only when nothing specified in command line + */ + if (EffectiveVolumePkcs5 == 0) + EffectiveVolumePkcs5 = DefaultVolumePkcs5; + if (!EffectiveVolumeTrueCryptMode) + EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode; + + NewPimValuePtr = (int*) lParam; + + PimValueChangedWarning = FALSE; + + ZeroMemory (&newKeyFilesParam, sizeof (newKeyFilesParam)); + if (NewPimValuePtr) + { + /* we are in the case of a volume. Store its name to use it in the key file dialog + * this will help avoid using the current container file as a key file + */ + StringCbCopyW (newKeyFilesParam.VolumeFileName, sizeof (newKeyFilesParam.VolumeFileName), szFileName); + } + + SetWindowTextW (hwndDlg, GetString ("IDD_PASSWORDCHANGE_DLG")); + LocalizeDialog (hwndDlg, "IDD_PASSWORDCHANGE_DLG"); + + SendMessage (GetDlgItem (hwndDlg, IDC_OLD_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_VERIFY), EM_LIMITTEXT, MAX_PASSWORD, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_OLD_PIM), EM_LIMITTEXT, MAX_PIM, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_PIM), EM_LIMITTEXT, MAX_PIM, 0); + EnableWindow (GetDlgItem (hwndDlg, IDOK), FALSE); + + SetCheckBox (hwndDlg, IDC_ENABLE_KEYFILES, KeyFilesEnable); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), TRUE); + + /* Add PRF algorithm list for current password */ + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + + nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); + + for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) + { + nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); + if (i == EffectiveVolumePkcs5) + { + nSelectedIndex = nIndex; + } + } + + SendMessage (hComboBox, CB_SETCURSEL, nSelectedIndex, 0); + + /* check TrueCrypt Mode if it was set as default*/ + SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, EffectiveVolumeTrueCryptMode); + + /* set default PIM if set in the command line*/ + if (EffectiveVolumePim > 0) + { + SetCheckBox (hwndDlg, IDC_PIM_ENABLE, TRUE); + ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDT_OLD_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_OLD_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_OLD_PIM_HELP), SW_SHOW); + SetPim (hwndDlg, IDC_OLD_PIM, EffectiveVolumePim); + } + + /* Add PRF algorithm list for new password */ + hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + + nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("UNCHANGED")); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); + + for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) + { + if (!HashIsDeprecated (i)) + { + nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); + } + } + + SendMessage (hComboBox, CB_SETCURSEL, 0, 0); + + PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, FALSE, TRUE); + SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &headerWipeMode); + + switch (pwdChangeDlgMode) + { + case PCDM_CHANGE_PKCS5_PRF: + SetWindowTextW (hwndDlg, GetString ("IDD_PCDM_CHANGE_PKCS5_PRF")); + LocalizeDialog (hwndDlg, "IDD_PCDM_CHANGE_PKCS5_PRF"); + EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_PIM_ENABLE), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE); + break; + + case PCDM_ADD_REMOVE_VOL_KEYFILES: + SetWindowTextW (hwndDlg, GetString ("IDD_PCDM_ADD_REMOVE_VOL_KEYFILES")); + LocalizeDialog (hwndDlg, "IDD_PCDM_ADD_REMOVE_VOL_KEYFILES"); + newKeyFilesParam.EnableKeyFiles = TRUE; + EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_PIM_ENABLE), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PKCS5_PRF), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), FALSE); + break; + + case PCDM_REMOVE_ALL_KEYFILES_FROM_VOL: + newKeyFilesParam.EnableKeyFiles = FALSE; + SetWindowTextW (hwndDlg, GetString ("IDD_PCDM_REMOVE_ALL_KEYFILES_FROM_VOL")); + LocalizeDialog (hwndDlg, "IDD_PCDM_REMOVE_ALL_KEYFILES_FROM_VOL"); + KeyFilesEnable = TRUE; + SetCheckBox (hwndDlg, IDC_ENABLE_KEYFILES, TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_KEYFILES), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_PIM_ENABLE), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PKCS5_PRF), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), FALSE); + break; + + case PCDM_CHANGE_PASSWORD: + default: + // NOP + break; + }; + + if (bSysEncPwdChangeDlgMode) + { + /* No support for changing the password of TrueCrypt system partition */ + SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE); + + ToBootPwdField (hwndDlg, IDC_PASSWORD); + ToBootPwdField (hwndDlg, IDC_VERIFY); + ToBootPwdField (hwndDlg, IDC_OLD_PASSWORD); + + if ((DWORD) GetKeyboardLayout (NULL) != 0x00000409 && (DWORD) GetKeyboardLayout (NULL) != 0x04090409) + { + DWORD keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); + + if (keybLayout != 0x00000409 && keybLayout != 0x04090409) + { + Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 0; + } + + bKeyboardLayoutChanged = TRUE; + } + + + /* for system encryption, we can't change the PRF */ + EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PKCS5_PRF), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), FALSE); + + if (SetTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0) + { + Error ("CANNOT_SET_TIMER", hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 0; + } + + newKeyFilesParam.EnableKeyFiles = FALSE; + KeyFilesEnable = FALSE; + SetCheckBox (hwndDlg, IDC_ENABLE_KEYFILES, FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_KEYFILES), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE); + } + + CheckCapsLock (hwndDlg, FALSE); + + return 0; + } + + case WM_TIMER: + switch (wParam) + { + case TIMER_ID_KEYB_LAYOUT_GUARD: + if (bSysEncPwdChangeDlgMode) + { + DWORD keybLayout = (DWORD) GetKeyboardLayout (NULL); + + /* Watch the keyboard layout */ + + if (keybLayout != 0x00000409 && keybLayout != 0x04090409) + { + // Keyboard layout is not standard US + + // Attempt to wipe passwords stored in the input field buffers + wchar_t tmp[MAX_PASSWORD+1]; + wmemset (tmp, L'X', MAX_PASSWORD); + tmp [MAX_PASSWORD] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_OLD_PASSWORD), tmp); + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); + SetWindowText (GetDlgItem (hwndDlg, IDC_VERIFY), tmp); + + SetWindowText (GetDlgItem (hwndDlg, IDC_OLD_PASSWORD), L""); + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), L""); + SetWindowText (GetDlgItem (hwndDlg, IDC_VERIFY), L""); + + keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); + + if (keybLayout != 0x00000409 && keybLayout != 0x04090409) + { + KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); + Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + bKeyboardLayoutChanged = TRUE; + + wchar_t szTmp [4096]; + StringCbCopyW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_CHANGE_PREVENTED")); + StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); + StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION")); + MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); + } + + + /* Watch the right Alt key (which is used to enter various characters on non-US keyboards) */ + + if (bKeyboardLayoutChanged && !bKeybLayoutAltKeyWarningShown) + { + if (GetAsyncKeyState (VK_RMENU) < 0) + { + bKeybLayoutAltKeyWarningShown = TRUE; + + wchar_t szTmp [4096]; + StringCbCopyW (szTmp, sizeof(szTmp), GetString ("ALT_KEY_CHARS_NOT_FOR_SYS_ENCRYPTION")); + StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); + StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION")); + MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONINFORMATION | MB_SETFOREGROUND | MB_TOPMOST); + } + } + } + return 1; + } + return 0; + + case WM_CTLCOLORSTATIC: + { + if (PimValueChangedWarning && ((HWND)lParam == GetDlgItem(hwndDlg, IDC_PIM_HELP)) ) + { + // we're about to draw the static + // set the text colour in (HDC)lParam + SetBkMode((HDC)wParam,TRANSPARENT); + SetTextColor((HDC)wParam, RGB(255,0,0)); + // NOTE: per documentation as pointed out by selbie, GetSolidBrush would leak a GDI handle. + return (BOOL)GetSysColorBrush(COLOR_MENU); + } + } + return 0; + + case WM_COMMAND: + if (lw == IDCANCEL) + { + // Attempt to wipe passwords stored in the input field buffers + wchar_t tmp[MAX_PASSWORD+1]; + wmemset (tmp, L'X', MAX_PASSWORD); + tmp[MAX_PASSWORD] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); + SetWindowText (GetDlgItem (hwndDlg, IDC_OLD_PASSWORD), tmp); + SetWindowText (GetDlgItem (hwndDlg, IDC_VERIFY), tmp); + RestoreDefaultKeyFilesParam (); + + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + if (hw == EN_CHANGE) + { + PasswordChangeEnable (hwndDlg, IDOK, + IDC_OLD_PASSWORD, + KeyFilesEnable && FirstKeyFile != NULL, + IDC_PASSWORD, IDC_VERIFY, + newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL); + + if ((lw == IDC_OLD_PIM) && IsWindowEnabled (GetDlgItem (hwndDlg, IDC_PIM))) + { + wchar_t tmp[MAX_PIM+1] = {0}; + GetDlgItemText (hwndDlg, IDC_OLD_PIM, tmp, MAX_PIM + 1); + SetDlgItemText (hwndDlg, IDC_PIM, tmp); + } + + if (lw == IDC_PIM) + { + if(GetPim (hwndDlg, IDC_OLD_PIM) != GetPim (hwndDlg, IDC_PIM)) + { + PimValueChangedWarning = TRUE; + SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, GetString (bSysEncPwdChangeDlgMode? "PIM_SYSENC_CHANGE_WARNING" : "PIM_CHANGE_WARNING")); + } + else + { + PimValueChangedWarning = FALSE; + SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, (wchar_t *) GetDictionaryValueByInt (IDC_PIM_HELP)); + } + } + + return 1; + } + + if (lw == IDC_PIM_ENABLE) + { + ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDT_OLD_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_OLD_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_OLD_PIM_HELP), SW_SHOW); + + // check also the "Use PIM" for the new password if it is enabled + if (IsWindowEnabled (GetDlgItem (hwndDlg, IDC_NEW_PIM_ENABLE))) + { + SetCheckBox (hwndDlg, IDC_NEW_PIM_ENABLE, TRUE); + + ShowWindow (GetDlgItem (hwndDlg, IDC_NEW_PIM_ENABLE), SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); + } + + SetFocus (GetDlgItem (hwndDlg, IDC_OLD_PIM)); + + return 1; + } + + if (lw == IDC_NEW_PIM_ENABLE) + { + ShowWindow (GetDlgItem (hwndDlg, IDC_NEW_PIM_ENABLE), SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); + + SetFocus (GetDlgItem (hwndDlg, IDC_PIM)); + + return 1; + } + + if (lw == IDC_KEYFILES) + { + if (bSysEncPwdChangeDlgMode) + { + Warning ("KEYFILES_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", hwndDlg); + return 1; + } + + KeyFilesDlgParam param; + param.EnableKeyFiles = KeyFilesEnable; + param.FirstKeyFile = FirstKeyFile; + + if (IDOK == DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, + (DLGPROC) KeyFilesDlgProc, (LPARAM) ¶m)) + { + KeyFilesEnable = param.EnableKeyFiles; + FirstKeyFile = param.FirstKeyFile; + + SetCheckBox (hwndDlg, IDC_ENABLE_KEYFILES, KeyFilesEnable); + } + + PasswordChangeEnable (hwndDlg, IDOK, + IDC_OLD_PASSWORD, + KeyFilesEnable && FirstKeyFile != NULL, + IDC_PASSWORD, IDC_VERIFY, + newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL); + + return 1; + } + + + if (lw == IDC_NEW_KEYFILES) + { + if (bSysEncPwdChangeDlgMode) + { + Warning ("KEYFILES_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", hwndDlg); + return 1; + } + + if (IDOK == DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, + (DLGPROC) KeyFilesDlgProc, (LPARAM) &newKeyFilesParam)) + { + SetCheckBox (hwndDlg, IDC_ENABLE_NEW_KEYFILES, newKeyFilesParam.EnableKeyFiles); + + VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (hwndDlg, IDOK), GetDlgItem (hwndDlg, IDC_PASSWORD), + GetDlgItem (hwndDlg, IDC_VERIFY), NULL, NULL, + newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL); + } + + PasswordChangeEnable (hwndDlg, IDOK, + IDC_OLD_PASSWORD, + KeyFilesEnable && FirstKeyFile != NULL, + IDC_PASSWORD, IDC_VERIFY, + newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL); + + return 1; + } + + if (lw == IDC_ENABLE_KEYFILES) + { + KeyFilesEnable = GetCheckBox (hwndDlg, IDC_ENABLE_KEYFILES); + + PasswordChangeEnable (hwndDlg, IDOK, + IDC_OLD_PASSWORD, + KeyFilesEnable && FirstKeyFile != NULL, + IDC_PASSWORD, IDC_VERIFY, + newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL); + + return 1; + } + + if (lw == IDC_ENABLE_NEW_KEYFILES) + { + newKeyFilesParam.EnableKeyFiles = GetCheckBox (hwndDlg, IDC_ENABLE_NEW_KEYFILES); + + PasswordChangeEnable (hwndDlg, IDOK, + IDC_OLD_PASSWORD, + KeyFilesEnable && FirstKeyFile != NULL, + IDC_PASSWORD, IDC_VERIFY, + newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL); + + return 1; + } + + if (hw == CBN_SELCHANGE) + { + switch (lw) + { + case IDC_PKCS5_PRF_ID: + if (bSysEncPwdChangeDlgMode) + { + int new_hash_algo_id = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, + SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); + + if (new_hash_algo_id != 0 && !HashForSystemEncryption(new_hash_algo_id)) + { + int new_hash_algo_id = DEFAULT_HASH_ALGORITHM_BOOT; + Info ("ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", hwndDlg); + SelectAlgo (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), &new_hash_algo_id); + } + } + break; + } + return 1; + + } + + if (lw == IDC_TRUECRYPT_MODE) + { + BOOL bEnablePim = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE) ? FALSE: TRUE; + EnableWindow (GetDlgItem (hwndDlg, IDT_OLD_PIM), bEnablePim); + EnableWindow (GetDlgItem (hwndDlg, IDC_OLD_PIM), bEnablePim); + EnableWindow (GetDlgItem (hwndDlg, IDC_OLD_PIM_HELP), bEnablePim); + } + + if (lw == IDC_SHOW_PASSWORD_CHPWD_ORI) + { + HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_ORI, IDC_OLD_PASSWORD, IDC_OLD_PIM); + return 1; + } + + if (lw == IDC_SHOW_PASSWORD_CHPWD_NEW) + { + HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW, IDC_PASSWORD, IDC_VERIFY); + HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW, IDC_PIM, 0); + return 1; + } + + if (lw == IDOK) + { + HWND hParent = GetParent (hwndDlg); + Password oldPassword; + Password newPassword; + WipeAlgorithmId headerWiperMode = (WipeAlgorithmId) SendMessage ( + GetDlgItem (hwndDlg, IDC_WIPE_MODE), + CB_GETITEMDATA, + SendMessage (GetDlgItem (hwndDlg, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0), + 0); + int nStatus; + int old_pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), CB_GETITEMDATA, + SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), CB_GETCURSEL, 0, 0), 0); + int pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, + SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); + BOOL truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); + + int old_pim = GetPim (hwndDlg, IDC_OLD_PIM); + int pim = GetPim (hwndDlg, IDC_PIM); + + if (truecryptMode && (old_pkcs5 == SHA256)) + { + Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); + return 1; + } + else if (truecryptMode && (old_pim != 0)) + { + Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); + return 1; + } + + if (bSysEncPwdChangeDlgMode && !CheckPasswordCharEncoding (GetDlgItem (hwndDlg, IDC_PASSWORD), NULL)) + { + Error ("UNSUPPORTED_CHARS_IN_PWD", hwndDlg); + return 1; + } + + if (bSysEncPwdChangeDlgMode && (pim > MAX_BOOT_PIM_VALUE)) + { + SetFocus (GetDlgItem(hwndDlg, IDC_PIM)); + Error ("PIM_SYSENC_TOO_BIG", hwndDlg); + return 1; + } + + if (!bSysEncPwdChangeDlgMode && (pim > MAX_PIM_VALUE)) + { + SetFocus (GetDlgItem(hwndDlg, IDC_PIM)); + Error ("PIM_TOO_BIG", hwndDlg); + return 1; + } + + if (pwdChangeDlgMode == PCDM_CHANGE_PKCS5_PRF) + { + newKeyFilesParam.EnableKeyFiles = KeyFilesEnable; + } + else if (!(newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL) + && pwdChangeDlgMode == PCDM_CHANGE_PASSWORD) + { + if (!CheckPasswordLength (hwndDlg, GetWindowTextLength(GetDlgItem (hwndDlg, IDC_PASSWORD)), pim, bSysEncPwdChangeDlgMode, FALSE, FALSE)) + return 1; + } + + GetVolumePath (hParent, szFileName, ARRAYSIZE (szFileName)); + + if (GetPassword (hwndDlg, IDC_OLD_PASSWORD, (LPSTR) oldPassword.Text, sizeof (oldPassword.Text), TRUE)) + oldPassword.Length = (unsigned __int32) strlen ((char *) oldPassword.Text); + else + { + return 1; + } + + switch (pwdChangeDlgMode) + { + case PCDM_REMOVE_ALL_KEYFILES_FROM_VOL: + case PCDM_ADD_REMOVE_VOL_KEYFILES: + case PCDM_CHANGE_PKCS5_PRF: + memcpy (newPassword.Text, oldPassword.Text, sizeof (newPassword.Text)); + newPassword.Length = (unsigned __int32) strlen ((char *) oldPassword.Text); + pim = old_pim; + break; + + default: + if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) newPassword.Text, sizeof (newPassword.Text), TRUE)) + newPassword.Length = (unsigned __int32) strlen ((char *) newPassword.Text); + else + return 1; + } + + WaitCursor (); + + if (KeyFilesEnable) + KeyFilesApply (hwndDlg, &oldPassword, FirstKeyFile, szFileName); + + if (newKeyFilesParam.EnableKeyFiles) + { + if (!KeyFilesApply (hwndDlg, &newPassword, pwdChangeDlgMode == PCDM_CHANGE_PKCS5_PRF ? FirstKeyFile : newKeyFilesParam.FirstKeyFile, szFileName)) + { + nStatus = ERR_DONT_REPORT; + goto err; + } + } + + ChangePwdThreadParam changePwdParam; + changePwdParam.oldPassword = &oldPassword; + changePwdParam.old_pkcs5 = old_pkcs5; + changePwdParam.old_pim = old_pim; + changePwdParam.newPassword = &newPassword; + changePwdParam.pkcs5 = pkcs5; + changePwdParam.pim = pim; + changePwdParam.wipePassCount = GetWipePassCount(headerWiperMode); + changePwdParam.pnStatus = &nStatus; + changePwdParam.truecryptMode = truecryptMode; + + ShowWaitDialog(hwndDlg, TRUE, ChangePwdWaitThreadProc, &changePwdParam); + +err: + // notify the caller in case the PIM has changed + if (NewPimValuePtr) + { + if (pim != old_pim) + *NewPimValuePtr = pim; + else + *NewPimValuePtr = -1; + } + + burn (&oldPassword, sizeof (oldPassword)); + burn (&newPassword, sizeof (newPassword)); + burn (&old_pim, sizeof(old_pim)); + burn (&pim, sizeof(pim)); + + NormalCursor (); + + if (nStatus == 0) + { + // Attempt to wipe passwords stored in the input field buffers + wchar_t tmp[MAX_PASSWORD+1]; + wmemset (tmp, L'X', MAX_PASSWORD); + tmp[MAX_PASSWORD] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); + SetWindowText (GetDlgItem (hwndDlg, IDC_OLD_PASSWORD), tmp); + SetWindowText (GetDlgItem (hwndDlg, IDC_VERIFY), tmp); + + KeyFileRemoveAll (&newKeyFilesParam.FirstKeyFile); + RestoreDefaultKeyFilesParam (); + + if (bSysEncPwdChangeDlgMode) + { + KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); + } + + EndDialog (hwndDlg, IDOK); + } + return 1; + } + return 0; + } + + return 0; +} + +static wchar_t PasswordDlgVolume[MAX_PATH + 1]; +static BOOL PasswordDialogDisableMountOptions; +static char *PasswordDialogTitleStringId; + +/* Except in response to the WM_INITDIALOG message, the dialog box procedure + should return nonzero if it processes the message, and zero if it does + not. - see DialogProc */ +BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + static Password *szXPwd; + static int *pkcs5; + static int *pim; + static BOOL* truecryptMode; + + switch (msg) + { + case WM_INITDIALOG: + { + int i, nIndex, defaultPrfIndex = 0; + szXPwd = ((PasswordDlgParam *) lParam) -> password; + pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5; + pim = ((PasswordDlgParam *) lParam) -> pim; + truecryptMode = ((PasswordDlgParam *) lParam) -> truecryptMode; + LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG"); + DragAcceptFiles (hwndDlg, TRUE); + + if (PasswordDialogTitleStringId) + { + SetWindowTextW (hwndDlg, GetString (PasswordDialogTitleStringId)); + } + else if (wcslen (PasswordDlgVolume) > 0) + { + wchar_t s[1024]; + RECT rect; + GetWindowRect (hwndDlg, &rect); + + bool useInExplorer = false; + wstring label = GetFavoriteVolumeLabel (PasswordDlgVolume, useInExplorer); + if (!label.empty()) + { + StringCbPrintfW (s, sizeof(s), GetString ("ENTER_PASSWORD_FOR_LABEL"), label.c_str()); + if (useInExplorer) + StringCbCopyW (mountOptions.Label, sizeof (mountOptions.Label), label.c_str()); + } + else + { + StringCbPrintfW (s, sizeof(s), GetString ("ENTER_PASSWORD_FOR"), L"___"); + StringCbPrintfW (s, sizeof(s), GetString ("ENTER_PASSWORD_FOR"), FitPathInGfxWidth (hwndDlg, WindowTitleBarFont, rect.right - rect.left - GetTextGfxWidth (hwndDlg, s, WindowTitleBarFont), PasswordDlgVolume).c_str()); + } + + SetWindowTextW (hwndDlg, s); + } + + /* Populate the PRF algorithms list */ + HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + + nIndex = (int) SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); + + for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) + { + nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); + if (*pkcs5 && (*pkcs5 == i)) + defaultPrfIndex = nIndex; + } + + /* make autodetection the default unless a specific PRF was specified in the command line */ + SendMessage (hComboBox, CB_SETCURSEL, defaultPrfIndex, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_CACHE), BM_SETCHECK, bCacheInDriver ? BST_CHECKED:BST_UNCHECKED, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_PIM), EM_LIMITTEXT, MAX_PIM, 0); + + SetPim (hwndDlg, IDC_PIM, *pim); + + /* make PIM field visible if a PIM value has been explicitely specified */ + if (*pim > 0) + { + SetCheckBox (hwndDlg, IDC_PIM_ENABLE, TRUE); + ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); + } + + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); + + mountOptions.PartitionInInactiveSysEncScope = bPrebootPasswordDlgMode; + + if (bPrebootPasswordDlgMode) + { + SendMessage (hwndDlg, TC_APPMSG_PREBOOT_PASSWORD_MODE, 0, 0); + } + + if (PasswordDialogDisableMountOptions) + { + EnableWindow (GetDlgItem (hwndDlg, IDC_CACHE), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_OPTIONS), FALSE); + /* Disable TrueCrypt mode option in case of backup/restore header operation */ + SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE); + } + else if (*truecryptMode) + { + /* Check TrueCryptMode if it is enabled on the command line */ + SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, TRUE); + } + + if (!SetForegroundWindow (hwndDlg) && (FavoriteMountOnArrivalInProgress || LogOn)) + { + SetWindowPos (hwndDlg, HWND_TOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); + + FLASHWINFO flash; + flash.cbSize = sizeof (flash); + flash.dwFlags = FLASHW_ALL | FLASHW_TIMERNOFG; + flash.dwTimeout = 0; + flash.hwnd = hwndDlg; + flash.uCount = 0; + + FlashWindowEx (&flash); + + SetWindowPos (hwndDlg, HWND_NOTOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE); + } + } + return 0; + + case TC_APPMSG_PREBOOT_PASSWORD_MODE: + { + /* Repopulate the PRF algorithms list with algorithms that support system encryption */ + HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + + int i, defaultPrfIndex = 0, nIndex = (int) SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); + + for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) + { + if (HashForSystemEncryption(i)) + { + nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); + if (*pkcs5 && (*pkcs5 == i)) + defaultPrfIndex = nIndex; + } + } + + /* make autodetection the default unless a specific PRF was specified in the command line */ + SendMessage (hComboBox, CB_SETCURSEL, defaultPrfIndex, 0); + + ToBootPwdField (hwndDlg, IDC_PASSWORD); + + // Attempt to wipe the password stored in the input field buffer + wchar_t tmp[MAX_PASSWORD+1]; + wmemset (tmp, L'X', MAX_PASSWORD); + tmp [MAX_PASSWORD] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), L""); + + StringCbPrintfW (OrigKeyboardLayout, sizeof(OrigKeyboardLayout),L"%08X", (DWORD) GetKeyboardLayout (NULL) & 0xFFFF); + + DWORD keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); + + if (keybLayout != 0x00000409 && keybLayout != 0x04090409) + { + Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + if (SetTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0) + { + Error ("CANNOT_SET_TIMER", hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + if (GetCheckBox (hwndDlg, IDC_SHOW_PASSWORD)) + { + // simulate hiding password + SetCheckBox (hwndDlg, IDC_SHOW_PASSWORD, FALSE); + + HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD, IDC_PASSWORD, IDC_PIM); + } + + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), FALSE); + + SetPim (hwndDlg, IDC_PIM, *pim); + + bPrebootPasswordDlgMode = TRUE; + } + return 1; + + case WM_TIMER: + switch (wParam) + { + case TIMER_ID_KEYB_LAYOUT_GUARD: + if (bPrebootPasswordDlgMode) + { + DWORD keybLayout = (DWORD) GetKeyboardLayout (NULL); + + if (keybLayout != 0x00000409 && keybLayout != 0x04090409) + { + // Keyboard layout is not standard US + + // Attempt to wipe the password stored in the input field buffer + wchar_t tmp[MAX_PASSWORD+1]; + wmemset (tmp, L'X', MAX_PASSWORD); + tmp [MAX_PASSWORD] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), L""); + + keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE); + + if (keybLayout != 0x00000409 && keybLayout != 0x04090409) + { + KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); + Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + wchar_t szTmp [4096]; + StringCbCopyW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_CHANGE_PREVENTED")); + StringCbCatW (szTmp, sizeof(szTmp), L"\n\n"); + StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION")); + MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); + } + } + return 1; + } + return 0; + + case WM_COMMAND: + + if (lw == IDC_MOUNT_OPTIONS) + { + /* Use default PRF specified by the user if any */ + if (mountOptions.ProtectedHidVolPkcs5Prf == 0) + mountOptions.ProtectedHidVolPkcs5Prf = *pkcs5; + if (mountOptions.ProtectedHidVolPim == 0) + mountOptions.ProtectedHidVolPim = *pim; + DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg, + (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions); + + if (!bPrebootPasswordDlgMode && mountOptions.PartitionInInactiveSysEncScope) + SendMessage (hwndDlg, TC_APPMSG_PREBOOT_PASSWORD_MODE, 0, 0); + + return 1; + } + + if (lw == IDC_PIM_ENABLE) + { + ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); + + SetFocus (GetDlgItem (hwndDlg, IDC_PIM)); + return 1; + } + + if (lw == IDC_SHOW_PASSWORD) + { + HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD, IDC_PASSWORD, IDC_PIM); + return 1; + } + + if (lw == IDC_TRUECRYPT_MODE) + { + BOOL bEnablePim = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE) ? FALSE: TRUE; + EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), bEnablePim); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), bEnablePim); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), bEnablePim); + } + + if (lw == IDC_KEY_FILES) + { + KeyFilesDlgParam param; + param.EnableKeyFiles = KeyFilesEnable; + param.FirstKeyFile = FirstKeyFile; + + if (IDOK == DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, + (DLGPROC) KeyFilesDlgProc, (LPARAM) ¶m)) + { + KeyFilesEnable = param.EnableKeyFiles; + FirstKeyFile = param.FirstKeyFile; + + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); + } + + return 1; + } + + if (lw == IDC_KEYFILES_ENABLE) + { + KeyFilesEnable = GetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE); + + return 1; + } + + if (lw == IDCANCEL || lw == IDOK) + { + wchar_t tmp[MAX_PASSWORD+1]; + + if (lw == IDOK) + { + if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles) + KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, wcslen (PasswordDlgVolume) > 0 ? PasswordDlgVolume : NULL); + + if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, MAX_PASSWORD + 1, TRUE)) + szXPwd->Length = (unsigned __int32) strlen ((char *) szXPwd->Text); + else + return 1; + + bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE)); + *pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); + *truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); + + *pim = GetPim (hwndDlg, IDC_PIM); + + /* SHA-256 is not supported by TrueCrypt */ + if ( (*truecryptMode) + && ((*pkcs5 == SHA256) || (mountOptions.ProtectHiddenVolume && mountOptions.ProtectedHidVolPkcs5Prf == SHA256)) + ) + { + Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); + return 1; + } + + if ( (*truecryptMode) + && (*pim != 0) + ) + { + Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); + return 1; + } + } + + // Attempt to wipe password stored in the input field buffer + wmemset (tmp, L'X', MAX_PASSWORD); + tmp[MAX_PASSWORD] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp); + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), tmp); + + if (hidVolProtKeyFilesParam.FirstKeyFile != NULL) + { + KeyFileRemoveAll (&hidVolProtKeyFilesParam.FirstKeyFile); + hidVolProtKeyFilesParam.EnableKeyFiles = FALSE; + } + + if (bPrebootPasswordDlgMode) + { + KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD); + + // Restore the original keyboard layout + if (LoadKeyboardLayout (OrigKeyboardLayout, KLF_ACTIVATE | KLF_SUBSTITUTE_OK) == NULL) + Warning ("CANNOT_RESTORE_KEYBOARD_LAYOUT", hwndDlg); + } + + EndDialog (hwndDlg, lw); + return 1; + } + return 0; + + case WM_CONTEXTMENU: + { + RECT buttonRect; + GetWindowRect (GetDlgItem (hwndDlg, IDC_KEY_FILES), &buttonRect); + + if (LOWORD (lParam) >= buttonRect.left && LOWORD (lParam) <= buttonRect.right + && HIWORD (lParam) >= buttonRect.top && HIWORD (lParam) <= buttonRect.bottom) + { + // The "Keyfiles" button has been right-clicked + + KeyFilesDlgParam param; + param.EnableKeyFiles = KeyFilesEnable; + param.FirstKeyFile = FirstKeyFile; + + POINT popupPos; + popupPos.x = buttonRect.left + 2; + popupPos.y = buttonRect.top + 2; + + if (KeyfilesPopupMenu (hwndDlg, popupPos, ¶m)) + { + KeyFilesEnable = param.EnableKeyFiles; + FirstKeyFile = param.FirstKeyFile; + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); + } + } + } + break; + + case WM_DROPFILES: + { + HDROP hdrop = (HDROP) wParam; + int i = 0, count = DragQueryFile (hdrop, 0xFFFFFFFF, NULL, 0); + + while (count-- > 0) + { + KeyFile *kf = (KeyFile *) malloc (sizeof (KeyFile)); + if (kf) + { + DragQueryFile (hdrop, i++, kf->FileName, ARRAYSIZE (kf->FileName)); + FirstKeyFile = KeyFileAdd (FirstKeyFile, kf); + KeyFilesEnable = TRUE; + } + } + + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); + DragFinish (hdrop); + } + return 1; + } + + return 0; +} + +static void PreferencesDlgEnableButtons (HWND hwndDlg) +{ + BOOL back = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_BKG_TASK_ENABLE)); + BOOL idle = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE)); + BOOL installed = !IsNonInstallMode(); + BOOL wtsEnabled = (hWtsLib != NULL) ? TRUE : FALSE; + + EnableWindow (GetDlgItem (hwndDlg, IDC_CLOSE_BKG_TASK_WHEN_NOVOL), back && installed); + EnableWindow (GetDlgItem (hwndDlg, IDT_LOGON), installed); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_LOGON_START), back && installed); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_LOGON_MOUNT_DEVICES), installed); + EnableWindow (GetDlgItem (hwndDlg, IDT_AUTO_DISMOUNT), back); + EnableWindow (GetDlgItem (hwndDlg, IDT_AUTO_DISMOUNT_ON), back); + EnableWindow (GetDlgItem (hwndDlg, IDT_MINUTES), back); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_LOGOFF), back); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SESSION_LOCKED), back && wtsEnabled); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_POWERSAVING), back); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SCREENSAVER), back); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE), back); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE_TIME), back && idle); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_FORCE_AUTO_DISMOUNT), back); +} + +BOOL CALLBACK PreferencesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + static BOOL PreferencesDialogActive = FALSE; + static HWND ActivePreferencesDialogWindow; + + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + if (PreferencesDialogActive) + { + ShowWindow (ActivePreferencesDialogWindow, SW_SHOW); + SetForegroundWindow (ActivePreferencesDialogWindow); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + ActivePreferencesDialogWindow = hwndDlg; + PreferencesDialogActive = TRUE; + + LocalizeDialog (hwndDlg, "IDD_PREFERENCES_DLG"); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_OPEN_EXPLORER), BM_SETCHECK, + bExplore ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_USE_DIFF_TRAY_ICON_IF_VOL_MOUNTED), BM_SETCHECK, + bUseDifferentTrayIconIfVolMounted ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PRESERVE_TIMESTAMPS), BM_SETCHECK, + defaultMountOptions.PreserveTimestamp ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_SHOW_DISCONNECTED_NETWORK_DRIVES), BM_SETCHECK, + bShowDisconnectedNetworkDrives ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_HIDE_WAITING_DIALOG), BM_SETCHECK, + bHideWaitingDialog ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT), BM_SETCHECK, + bCacheDuringMultipleMount ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_WIPE_CACHE_ON_EXIT), BM_SETCHECK, + bWipeCacheOnExit ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_WIPE_CACHE_ON_AUTODISMOUNT), BM_SETCHECK, + bWipeCacheOnAutoDismount ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PASSWORDS), BM_SETCHECK, + bCacheInDriver ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PIM), BM_SETCHECK, + bIncludePimInCache? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_MOUNT_READONLY), BM_SETCHECK, + defaultMountOptions.ReadOnly ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_MOUNT_REMOVABLE), BM_SETCHECK, + defaultMountOptions.Removable ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_LOGON_START), BM_SETCHECK, + bStartOnLogon ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_LOGON_MOUNT_DEVICES), BM_SETCHECK, + bMountDevicesOnLogon ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_BKG_TASK_ENABLE), BM_SETCHECK, + bEnableBkgTask ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_CLOSE_BKG_TASK_WHEN_NOVOL), BM_SETCHECK, + bCloseBkgTaskWhenNoVolumes || IsNonInstallMode() ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_LOGOFF), BM_SETCHECK, + bDismountOnLogOff ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SESSION_LOCKED), BM_SETCHECK, + bDismountOnSessionLocked ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_POWERSAVING), BM_SETCHECK, + bDismountOnPowerSaving ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SCREENSAVER), BM_SETCHECK, + bDismountOnScreenSaver ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_FORCE_AUTO_DISMOUNT), BM_SETCHECK, + bForceAutoDismount ? BST_CHECKED:BST_UNCHECKED, 0); + + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE), BM_SETCHECK, + MaxVolumeIdleTime > 0 ? BST_CHECKED:BST_UNCHECKED, 0); + + SetDlgItemInt (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE_TIME, abs (MaxVolumeIdleTime), FALSE); + + PreferencesDlgEnableButtons (hwndDlg); + } + return 0; + + case WM_COMMAND: + + if (lw == IDC_PREF_BKG_TASK_ENABLE && !IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_BKG_TASK_ENABLE))) + { + if (AskWarnNoYes ("CONFIRM_BACKGROUND_TASK_DISABLED", hwndDlg) == IDNO) + SetCheckBox (hwndDlg, IDC_PREF_BKG_TASK_ENABLE, TRUE); + } + + // Forced dismount disabled warning + if (lw == IDC_PREF_DISMOUNT_INACTIVE + || lw == IDC_PREF_DISMOUNT_LOGOFF + || lw == IDC_PREF_DISMOUNT_SESSION_LOCKED + || lw == IDC_PREF_DISMOUNT_POWERSAVING + || lw == IDC_PREF_DISMOUNT_SCREENSAVER + || lw == IDC_PREF_FORCE_AUTO_DISMOUNT) + { + BOOL i = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE)); + BOOL l = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_LOGOFF)); + BOOL sl = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SESSION_LOCKED)); + BOOL p = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_POWERSAVING)); + BOOL s = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SCREENSAVER)); + BOOL q = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_FORCE_AUTO_DISMOUNT)); + + if (!q) + { + if (lw == IDC_PREF_FORCE_AUTO_DISMOUNT && (i || l || sl || p || s)) + { + if (AskWarnNoYes ("CONFIRM_NO_FORCED_AUTODISMOUNT", hwndDlg) == IDNO) + SetCheckBox (hwndDlg, IDC_PREF_FORCE_AUTO_DISMOUNT, TRUE); + } + else if ((lw == IDC_PREF_DISMOUNT_INACTIVE && i + || lw == IDC_PREF_DISMOUNT_LOGOFF && l + || lw == IDC_PREF_DISMOUNT_SESSION_LOCKED && sl + || lw == IDC_PREF_DISMOUNT_POWERSAVING && p + || lw == IDC_PREF_DISMOUNT_SCREENSAVER && s)) + Warning ("WARN_PREF_AUTO_DISMOUNT", hwndDlg); + } + + if (p && lw == IDC_PREF_DISMOUNT_POWERSAVING) + Warning ("WARN_PREF_AUTO_DISMOUNT_ON_POWER", hwndDlg); + } + + if (lw == IDCANCEL) + { + PreferencesDialogActive = FALSE; + EndDialog (hwndDlg, lw); + return 1; + } + + if (lw == IDOK) + { + WaitCursor (); + + bExplore = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_OPEN_EXPLORER)); + bUseDifferentTrayIconIfVolMounted = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_USE_DIFF_TRAY_ICON_IF_VOL_MOUNTED)); + bPreserveTimestamp = defaultMountOptions.PreserveTimestamp = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PRESERVE_TIMESTAMPS)); + bShowDisconnectedNetworkDrives = IsButtonChecked (GetDlgItem (hwndDlg, IDC_SHOW_DISCONNECTED_NETWORK_DRIVES)); + bHideWaitingDialog = IsButtonChecked (GetDlgItem (hwndDlg, IDC_HIDE_WAITING_DIALOG)); + bCacheDuringMultipleMount = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT)); + bWipeCacheOnExit = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_WIPE_CACHE_ON_EXIT)); + bWipeCacheOnAutoDismount = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_WIPE_CACHE_ON_AUTODISMOUNT)); + bCacheInDriverDefault = bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PASSWORDS)); + bIncludePimInCache = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PIM)); + defaultMountOptions.ReadOnly = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_MOUNT_READONLY)); + defaultMountOptions.Removable = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_MOUNT_REMOVABLE)); + bEnableBkgTask = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_BKG_TASK_ENABLE)); + bCloseBkgTaskWhenNoVolumes = IsNonInstallMode() ? bCloseBkgTaskWhenNoVolumes : IsButtonChecked (GetDlgItem (hwndDlg, IDC_CLOSE_BKG_TASK_WHEN_NOVOL)); + bDismountOnLogOff = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_LOGOFF)); + bDismountOnSessionLocked = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SESSION_LOCKED)); + bDismountOnPowerSaving = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_POWERSAVING)); + bDismountOnScreenSaver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_SCREENSAVER)); + bForceAutoDismount = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_FORCE_AUTO_DISMOUNT)); + MaxVolumeIdleTime = GetDlgItemInt (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE_TIME, NULL, FALSE) + * (IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_DISMOUNT_INACTIVE)) ? 1 : -1); + bStartOnLogon = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_LOGON_START)); + bMountDevicesOnLogon = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_LOGON_MOUNT_DEVICES)); + + ManageStartupSeq (); + + SaveSettings (hwndDlg); + + NormalCursor (); + + PreferencesDialogActive = FALSE; + EndDialog (hwndDlg, lw); + return 1; + } + + if (lw == IDC_MORE_SETTINGS) + { + HMENU popup = CreatePopupMenu (); + if (popup) + { + AppendMenuW (popup, MF_STRING, IDM_LANGUAGE, GetString ("IDM_LANGUAGE")); + AppendMenuW (popup, MF_STRING, IDM_HOTKEY_SETTINGS, GetString ("IDM_HOTKEY_SETTINGS")); + AppendMenuW (popup, MF_STRING, IDM_PERFORMANCE_SETTINGS, GetString ("IDM_PERFORMANCE_SETTINGS")); + AppendMenuW (popup, MF_STRING, IDM_SYSENC_SETTINGS, GetString ("IDM_SYSENC_SETTINGS")); + AppendMenuW (popup, MF_STRING, IDM_SYS_FAVORITES_SETTINGS, GetString ("IDM_SYS_FAVORITES_SETTINGS")); + AppendMenuW (popup, MF_STRING, IDM_DEFAULT_KEYFILES, GetString ("IDM_DEFAULT_KEYFILES")); + AppendMenuW (popup, MF_STRING, IDM_DEFAULT_MOUNT_PARAMETERS, GetString ("IDM_DEFAULT_MOUNT_PARAMETERS")); + AppendMenuW (popup, MF_STRING, IDM_TOKEN_PREFERENCES, GetString ("IDM_TOKEN_PREFERENCES")); + + RECT rect; + GetWindowRect (GetDlgItem (hwndDlg, IDC_MORE_SETTINGS), &rect); + + int menuItem = TrackPopupMenu (popup, TPM_RETURNCMD | TPM_LEFTBUTTON, rect.left + 2, rect.top + 2, 0, hwndDlg, NULL); + DestroyMenu (popup); + + SendMessage (MainDlg, WM_COMMAND, menuItem, NULL); + return 1; + } + else + return 0; + } + + if (HIWORD (wParam) == BN_CLICKED) + { + PreferencesDlgEnableButtons (hwndDlg); + return 1; + } + + return 0; + } + + return 0; +} + + +BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + static MountOptions *mountOptions; + + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + BOOL protect; + + mountOptions = (MountOptions *) lParam; + + LocalizeDialog (hwndDlg, "IDD_MOUNT_OPTIONS"); + + SendDlgItemMessage (hwndDlg, IDC_MOUNT_READONLY, BM_SETCHECK, + mountOptions->ReadOnly ? BST_CHECKED : BST_UNCHECKED, 0); + SendDlgItemMessage (hwndDlg, IDC_MOUNT_REMOVABLE, BM_SETCHECK, + mountOptions->Removable ? BST_CHECKED : BST_UNCHECKED, 0); + SendDlgItemMessage (hwndDlg, IDC_PROTECT_HIDDEN_VOL, BM_SETCHECK, + mountOptions->ProtectHiddenVolume ? BST_CHECKED : BST_UNCHECKED, 0); + + SendDlgItemMessage (hwndDlg, IDC_PROTECT_HIDDEN_VOL, BM_SETCHECK, + mountOptions->ProtectHiddenVolume ? BST_CHECKED : BST_UNCHECKED, 0); + + mountOptions->PartitionInInactiveSysEncScope = bPrebootPasswordDlgMode; + + SendDlgItemMessage (hwndDlg, IDC_MOUNT_SYSENC_PART_WITHOUT_PBA, BM_SETCHECK, + bPrebootPasswordDlgMode ? BST_CHECKED : BST_UNCHECKED, 0); + + SendDlgItemMessage (hwndDlg, IDC_USE_EMBEDDED_HEADER_BAK, BM_SETCHECK, + mountOptions->UseBackupHeader ? BST_CHECKED : BST_UNCHECKED, 0); + + EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_SYSENC_PART_WITHOUT_PBA), !bPrebootPasswordDlgMode); + + SetDlgItemTextW (hwndDlg, IDC_VOLUME_LABEL, mountOptions->Label); + SendDlgItemMessage (hwndDlg, IDC_VOLUME_LABEL, EM_LIMITTEXT, 32, 0); // 32 is the maximum possible length for a drive label in Windows + + /* Add PRF algorithm list for hidden volume password */ + HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + + int i, nSelectedIndex = 0, nIndex = (int) SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); + + for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) + { + nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); + /* if a PRF was selected previously, select it */ + if (i == mountOptions->ProtectedHidVolPkcs5Prf) + nSelectedIndex = nIndex; + } + + SendMessage (hComboBox, CB_SETCURSEL, nSelectedIndex, 0); + + protect = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL)); + + EnableWindow (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL), !IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY))); + EnableWindow (GetDlgItem (hwndDlg, IDT_HIDDEN_VOL_PROTECTION), !IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY))); + EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_MO), protect); + EnableWindow (GetDlgItem (hwndDlg, IDT_HIDDEN_PROT_PASSWD), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_HIDVOL_PROT), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT), protect); + EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), protect); + EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), protect); + + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT, hidVolProtKeyFilesParam.EnableKeyFiles); + + SendDlgItemMessage (hwndDlg, IDC_PASSWORD_PROT_HIDVOL, EM_LIMITTEXT, MAX_PASSWORD, 0); + SendDlgItemMessage (hwndDlg, IDC_PIM, EM_LIMITTEXT, MAX_PIM, 0); + + if (mountOptions->ProtectedHidVolPassword.Length > 0) + { + wchar_t szTmp[MAX_PASSWORD + 1]; + if (0 == MultiByteToWideChar (CP_UTF8, 0, (LPSTR) mountOptions->ProtectedHidVolPassword.Text, -1, szTmp, MAX_PASSWORD + 1)) + szTmp [0] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), szTmp); + burn (szTmp, sizeof (szTmp)); + } + + SetPim (hwndDlg, IDC_PIM, mountOptions->ProtectedHidVolPim); + + /* make PIM field visible if a PIM value has been explicitely specified */ + if (mountOptions->ProtectedHidVolPim > 0) + { + SetCheckBox (hwndDlg, IDC_PIM_ENABLE, TRUE); + ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); + } + + ToHyperlink (hwndDlg, IDC_LINK_HIDVOL_PROTECTION_INFO); + + } + return 0; + + case WM_CONTEXTMENU: + { + RECT buttonRect; + GetWindowRect (GetDlgItem (hwndDlg, IDC_KEYFILES_HIDVOL_PROT), &buttonRect); + + if (IsButtonChecked (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL)) + && LOWORD (lParam) >= buttonRect.left && LOWORD (lParam) <= buttonRect.right + && HIWORD (lParam) >= buttonRect.top && HIWORD (lParam) <= buttonRect.bottom) + { + // The "Keyfiles" button has been right-clicked + + POINT popupPos; + popupPos.x = buttonRect.left + 2; + popupPos.y = buttonRect.top + 2; + + if (KeyfilesPopupMenu (hwndDlg, popupPos, &hidVolProtKeyFilesParam)) + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT, hidVolProtKeyFilesParam.EnableKeyFiles); + } + } + break; + + case WM_COMMAND: + + if (lw == IDC_KEYFILES_HIDVOL_PROT) + { + if (IDOK == DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, + (DLGPROC) KeyFilesDlgProc, (LPARAM) &hidVolProtKeyFilesParam)) + { + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT, hidVolProtKeyFilesParam.EnableKeyFiles); + } + } + + if (lw == IDC_KEYFILES_ENABLE_HIDVOL_PROT) + { + hidVolProtKeyFilesParam.EnableKeyFiles = GetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT); + + return 0; + } + + if (lw == IDC_SHOW_PASSWORD_MO) + { + HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD_MO, IDC_PASSWORD_PROT_HIDVOL, IDC_PIM); + return 1; + } + + if (lw == IDC_PIM_ENABLE) + { + ShowWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), SW_HIDE); + ShowWindow (GetDlgItem( hwndDlg, IDT_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM), SW_SHOW); + ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_HELP), SW_SHOW); + + SetFocus (GetDlgItem (hwndDlg, IDC_PIM)); + return 1; + } + + if (lw == IDC_LINK_HIDVOL_PROTECTION_INFO) + { + Applink ("hiddenvolprotection", TRUE, ""); + } + + if (lw == IDCANCEL) + { + wchar_t tmp[MAX_PASSWORD+1]; + + // Cleanup + wmemset (tmp, L'X', MAX_PASSWORD); + tmp[MAX_PASSWORD] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), tmp); + + EndDialog (hwndDlg, lw); + return 1; + } + + if (lw == IDOK) + { + wchar_t tmp[MAX_PASSWORD+1]; + + mountOptions->ReadOnly = IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY)); + mountOptions->Removable = IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_REMOVABLE)); + mountOptions->ProtectHiddenVolume = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL)); + mountOptions->PartitionInInactiveSysEncScope = IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_SYSENC_PART_WITHOUT_PBA)); + mountOptions->UseBackupHeader = IsButtonChecked (GetDlgItem (hwndDlg, IDC_USE_EMBEDDED_HEADER_BAK)); + + GetDlgItemTextW (hwndDlg, IDC_VOLUME_LABEL, mountOptions->Label, sizeof (mountOptions->Label) /sizeof (wchar_t)); + + if (mountOptions->ProtectHiddenVolume) + { + GetPassword (hwndDlg, IDC_PASSWORD_PROT_HIDVOL, + (LPSTR) mountOptions->ProtectedHidVolPassword.Text, MAX_PASSWORD + 1, + FALSE); + + mountOptions->ProtectedHidVolPassword.Length = (unsigned __int32) strlen ((char *) mountOptions->ProtectedHidVolPassword.Text); + + mountOptions->ProtectedHidVolPkcs5Prf = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, + SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); + + mountOptions->ProtectedHidVolPim = GetPim (hwndDlg, IDC_PIM); + } + + // Cleanup + wmemset (tmp, L'X', MAX_PASSWORD); + tmp[MAX_PASSWORD] = 0; + SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), tmp); + + if ((mountOptions->ProtectHiddenVolume && !bEnableBkgTask) + && (AskWarnYesNo ("HIDVOL_PROT_BKG_TASK_WARNING", hwndDlg) == IDYES)) + { + bEnableBkgTask = TRUE; + TaskBarIconAdd (MainDlg); + } + + EndDialog (hwndDlg, lw); + return 1; + } + + if (lw == IDC_MOUNT_READONLY || lw == IDC_PROTECT_HIDDEN_VOL) + { + BOOL protect; + + if (lw == IDC_MOUNT_READONLY) + { + SendDlgItemMessage (hwndDlg, IDC_PROTECT_HIDDEN_VOL, BM_SETCHECK, BST_UNCHECKED, 0); + EnableWindow (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL), !IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY))); + EnableWindow (GetDlgItem (hwndDlg, IDT_HIDDEN_VOL_PROTECTION), !IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY))); + } + + protect = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL)); + + EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD_PROT_HIDVOL), protect); + EnableWindow (GetDlgItem (hwndDlg, IDT_HIDDEN_PROT_PASSWD), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_MO), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_HIDVOL_PROT), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT), protect); + EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), protect); + EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), protect); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_ENABLE), protect); + + return 1; + } + + return 0; + } + + return 0; +} + + +// Returns the block size (in bits) of the cipher with which the volume mounted as the +// specified drive letter is encrypted. In case of a cascade of ciphers with different +// block sizes the function returns the smallest block size. +int GetCipherBlockSizeByDriveNo (int nDosDriveNo) +{ + VOLUME_PROPERTIES_STRUCT prop; + DWORD dwResult; + + int blockSize = 0, cipherID; + + memset (&prop, 0, sizeof(prop)); + prop.driveNo = nDosDriveNo; + + if (DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &dwResult, NULL)) + { + if ( (prop.driveNo == nDosDriveNo) + && (prop.ea >= EAGetFirst() && prop.ea <= EAGetCount()) + ) + { + for (cipherID = EAGetLastCipher (prop.ea); + cipherID != 0; + cipherID = EAGetPreviousCipher (prop.ea, cipherID)) + { + if (blockSize > 0) + blockSize = min (blockSize, CipherGetBlockSize (cipherID) * 8); + else + blockSize = CipherGetBlockSize (cipherID) * 8; + } + } + } + + return blockSize; +} + + +// Returns the mode of operation in which the volume mounted as the specified drive letter is encrypted. +int GetModeOfOperationByDriveNo (int nDosDriveNo) +{ + VOLUME_PROPERTIES_STRUCT prop; + DWORD dwResult; + + memset (&prop, 0, sizeof(prop)); + prop.driveNo = nDosDriveNo; + + if (DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &dwResult, NULL)) + { + if ( (prop.driveNo == nDosDriveNo) + && (prop.ea >= EAGetFirst() && prop.ea <= EAGetCount()) + && (prop.mode >= FIRST_MODE_OF_OPERATION_ID && prop.mode < MODE_ENUM_END_ID) + ) + { + return prop.mode; + } + } + + return 0; +} + +void DisplayVolumePropertiesListContextMenu (HWND hwndDlg, LPARAM lParam) +{ + /* Volume Properties list context menu */ + DWORD mPos; + int menuItem; + HWND hList = GetDlgItem (hwndDlg, IDC_VOLUME_PROPERTIES_LIST); + int hItem = ListView_GetSelectionMark (hList); + + SetFocus (hList); + + if (hItem >= 0) + { + HMENU popup = CreatePopupMenu (); + AppendMenuW (popup, MF_STRING, IDPM_COPY_VALUE_TO_CLIPBOARD, GetString ("IDPM_COPY_VALUE_TO_CLIPBOARD")); + + if (lParam) + { + mPos=GetMessagePos(); + } + else + { + POINT pt = {0}; + if (ListView_GetItemPosition (hList, hItem, &pt)) + { + pt.x += 2 + ::GetSystemMetrics(SM_CXICON); + pt.y += 2; + } + ClientToScreen (hList, &pt); + mPos = MAKELONG (pt.x, pt.y); + } + + menuItem = TrackPopupMenu (popup, + TPM_RETURNCMD | TPM_LEFTBUTTON, + GET_X_LPARAM(mPos), + GET_Y_LPARAM(mPos), + 0, + hwndDlg, + NULL); + + DestroyMenu (popup); + + switch (menuItem) + { + case IDPM_COPY_VALUE_TO_CLIPBOARD: + { + wchar_t valueText[256] = {0}; + ListView_GetItemText (hList, hItem, 1, valueText, ARRAYSIZE (valueText)); + CopyTextToClipboard (valueText); + } + break; + } + } +} + + +BOOL CALLBACK VolumePropertiesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + BOOL bSysEnc = (BOOL) lParam; + BOOL bSysEncWholeDrive = FALSE; + WORD lw = LOWORD (wParam); + int i = 0; + + switch (msg) + { + case WM_INITDIALOG: + { + VOLUME_PROPERTIES_STRUCT prop; + DWORD dwResult; + + LVCOLUMNW lvCol; + HWND list = GetDlgItem (hwndDlg, IDC_VOLUME_PROPERTIES_LIST); + wchar_t szTmp[1024]; + wchar_t sw[1024]; + wchar_t *s; + + if (bSysEnc) + { + try + { + BootEncStatus = BootEncObj->GetStatus(); + bSysEncWholeDrive = WholeSysDriveEncryption(FALSE); + } + catch (Exception &e) + { + e.Show (MainDlg); + return 0; + } + + if (!BootEncStatus.DriveEncrypted && !BootEncStatus.DriveMounted) + return 0; + } + else + { + switch (LOWORD (GetSelectedLong (GetDlgItem (GetParent(hwndDlg), IDC_DRIVELIST)))) + { + case TC_MLIST_ITEM_FREE: + + // No mounted volume + EndDialog (hwndDlg, IDOK); + return 0; + + case TC_MLIST_ITEM_NONSYS_VOL: + // NOP + break; + + case TC_MLIST_ITEM_SYS_DRIVE: + // Encrypted system drive + bSysEnc = TRUE; + bSysEncWholeDrive = TRUE; + break; + + case TC_MLIST_ITEM_SYS_PARTITION: + // Encrypted system partition + bSysEnc = TRUE; + bSysEncWholeDrive = FALSE; + break; + } + } + + LocalizeDialog (hwndDlg, "IDD_VOLUME_PROPERTIES"); + + SendMessage (list,LVM_SETEXTENDEDLISTVIEWSTYLE, 0, + LVS_EX_FULLROWSELECT + |LVS_EX_HEADERDRAGDROP + |LVS_EX_LABELTIP + ); + + memset (&lvCol,0,sizeof(lvCol)); + lvCol.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; + lvCol.pszText = GetString ("VALUE"); + lvCol.cx = CompensateXDPI (208); + lvCol.fmt = LVCFMT_LEFT; + SendMessage (list,LVM_INSERTCOLUMNW,0,(LPARAM)&lvCol); + + lvCol.pszText = GetString ("PROPERTY"); + lvCol.cx = CompensateXDPI (192); + lvCol.fmt = LVCFMT_LEFT; + SendMessage (list,LVM_INSERTCOLUMNW,0,(LPARAM)&lvCol); + + memset (&prop, 0, sizeof(prop)); + prop.driveNo = HIWORD (GetSelectedLong (GetDlgItem (GetParent(hwndDlg), IDC_DRIVELIST))) - L'A'; + + if (bSysEnc) + { + try + { + BootEncStatus = BootEncObj->GetStatus(); + if (!BootEncStatus.DriveEncrypted && !BootEncStatus.DriveMounted) + return 0; + + BootEncObj->GetVolumeProperties (&prop); + } + catch (Exception &e) + { + e.Show (MainDlg); + return 0; + } + } + else + { + if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &dwResult, NULL) || dwResult == 0) + return 0; + } + + // Location + ListItemAdd (list, i, GetString ("LOCATION")); + if (bSysEnc) + ListSubItemSet (list, i++, 1, GetString (bSysEncWholeDrive ? "SYSTEM_DRIVE" : IsHiddenOSRunning() ? "HIDDEN_SYSTEM_PARTITION" : "SYSTEM_PARTITION")); + else + ListSubItemSet (list, i++, 1, (wchar_t *) (prop.wszVolume[1] != L'?' ? prop.wszVolume : prop.wszVolume + 4)); + + if (!bSysEnc && IsVolumeDeviceHosted ((wchar_t *) (prop.wszVolume[1] != L'?' ? prop.wszVolume : prop.wszVolume + 4))) + { + // Volume ID + std::wstring hexID = ArrayToHexWideString (prop.volumeID, sizeof (prop.volumeID)); + ListItemAdd (list, i, GetString ("VOLUME_ID")); + + ListSubItemSet (list, i++, 1, hexID.c_str()); + } + + + // Size + ListItemAdd (list, i, GetString ("SIZE")); + StringCbPrintfW (sw, sizeof(sw), L"%I64u %s", prop.diskLength, GetString ("BYTES")); + ListSubItemSet (list, i++, 1, sw); + + // Type + ListItemAdd (list, i, GetString ("TYPE")); + if (bSysEnc) + ListSubItemSet (list, i++, 1, GetString (IsHiddenOSRunning() ? "TYPE_HIDDEN_SYSTEM_ADJECTIVE" : "SYSTEM_VOLUME_TYPE_ADJECTIVE")); + else + { + bool truecryptMode = prop.pkcs5Iterations == get_pkcs5_iteration_count(prop.pkcs5, 0, TRUE, prop.partitionInInactiveSysEncScope); + s = prop.hiddenVolume ? GetString ("HIDDEN") : + (prop.hiddenVolProtection != HIDVOL_PROT_STATUS_NONE ? GetString ("OUTER") : GetString ("NORMAL")); + + if (truecryptMode) + { + StringCbPrintfW (sw, sizeof(sw), L"TrueCrypt - %s", s); + ListSubItemSet (list, i++, 1, sw); + } + else + ListSubItemSet (list, i++, 1, s); + } + + if (!bSysEnc) + { + // Write protection + ListItemAdd (list, i, GetString ("READ_ONLY")); + + if (prop.readOnly || prop.hiddenVolProtection == HIDVOL_PROT_STATUS_ACTION_TAKEN) + s = GetString ("UISTR_YES"); + else + s = GetString ("UISTR_NO"); + + ListSubItemSet (list, i++, 1, s); + + // Hidden Volume Protection + ListItemAdd (list, i, GetString ("HIDDEN_VOL_PROTECTION")); + if (prop.hiddenVolume) + s = GetString ("NOT_APPLICABLE_OR_NOT_AVAILABLE"); + else if (prop.hiddenVolProtection == HIDVOL_PROT_STATUS_NONE) + s = GetString ("UISTR_NO"); + else if (prop.hiddenVolProtection == HIDVOL_PROT_STATUS_ACTIVE) + s = GetString ("UISTR_YES"); + else if (prop.hiddenVolProtection == HIDVOL_PROT_STATUS_ACTION_TAKEN) + s = GetString ("HID_VOL_DAMAGE_PREVENTED"); + + ListSubItemSet (list, i++, 1, s); + } + + // Encryption algorithm + ListItemAdd (list, i, GetString ("ENCRYPTION_ALGORITHM")); + + if (prop.ea < EAGetFirst() || prop.ea > EAGetCount ()) + { + ListSubItemSet (list, i, 1, L"?"); + return 1; + } + + EAGetName (szTmp, prop.ea, 1); + ListSubItemSet (list, i++, 1, szTmp); + + // Key size(s) + { + wchar_t name[128]; + int size = EAGetKeySize (prop.ea); + EAGetName (name, prop.ea, 1); + + // Primary key + ListItemAdd (list, i, GetString ("KEY_SIZE")); + StringCbPrintfW (sw, sizeof(sw), L"%d %s", size * 8, GetString ("BITS")); + ListSubItemSet (list, i++, 1, sw); + + if (wcscmp (EAGetModeName (prop.ea, prop.mode, TRUE), L"XTS") == 0) + { + // Secondary key (XTS) + + ListItemAdd (list, i, GetString ("SECONDARY_KEY_SIZE_XTS")); + ListSubItemSet (list, i++, 1, sw); + } + } + + // Block size + ListItemAdd (list, i, GetString ("BLOCK_SIZE")); + + StringCbPrintfW (sw, sizeof(sw), L"%d ", CipherGetBlockSize (EAGetFirstCipher(prop.ea))*8); + StringCbCatW (sw, sizeof(sw), GetString ("BITS")); + ListSubItemSet (list, i++, 1, sw); + + // Mode + ListItemAdd (list, i, GetString ("MODE_OF_OPERATION")); + ListSubItemSet (list, i++, 1, EAGetModeName (prop.ea, prop.mode, TRUE)); + + // PKCS 5 PRF + ListItemAdd (list, i, GetString ("PKCS5_PRF")); + if (prop.volumePim == 0) + ListSubItemSet (list, i++, 1, get_pkcs5_prf_name (prop.pkcs5)); + else + { + StringCbPrintfW (szTmp, sizeof(szTmp), L"%s (Dynamic)", get_pkcs5_prf_name (prop.pkcs5)); + ListSubItemSet (list, i++, 1, szTmp); + } + +#if 0 + // PCKS 5 iterations + ListItemAdd (list, i, GetString ("PKCS5_ITERATIONS")); + sprintf (szTmp, "%d", prop.pkcs5Iterations); + ListSubItemSet (list, i++, 1, szTmp); +#endif + +#if 0 + { + // Legacy + + FILETIME ft, curFt; + LARGE_INTEGER ft64, curFt64; + SYSTEMTIME st; + wchar_t date[128]; + memset (date, 0, sizeof (date)); + + // Volume date + ListItemAdd (list, i, GetString ("VOLUME_CREATE_DATE")); + *(unsigned __int64 *)(&ft) = prop.volumeCreationTime; + FileTimeToSystemTime (&ft, &st); + GetDateFormatW (LOCALE_USER_DEFAULT, 0, &st, 0, sw, sizeof (sw)/2); + swprintf (date, L"%s ", sw); + GetTimeFormatW (LOCALE_USER_DEFAULT, 0, &st, 0, sw, sizeof (sw)/2); + wcscat (date, sw); + ListSubItemSet (list, i++, 1, date); + + // Header date + ListItemAdd (list, i, GetString ("VOLUME_HEADER_DATE")); + *(unsigned __int64 *)(&ft) = prop.headerCreationTime; + FileTimeToSystemTime (&ft, &st); + GetDateFormatW (LOCALE_USER_DEFAULT, 0, &st, 0, sw, sizeof (sw)/2); + swprintf (date, L"%s ", sw); + GetTimeFormatW (LOCALE_USER_DEFAULT, 0, &st, 0, sw, sizeof (sw)/2); + wcscat (date, sw); + + GetLocalTime (&st); + SystemTimeToFileTime (&st, &curFt); + curFt64.HighPart = curFt.dwHighDateTime; + curFt64.LowPart = curFt.dwLowDateTime; + ft64.HighPart = ft.dwHighDateTime; + ft64.LowPart = ft.dwLowDateTime; + swprintf (date + wcslen (date), GetString ("VOLUME_HEADER_DAYS") + , (curFt64.QuadPart - ft64.QuadPart)/(24LL*3600*10000000)); + ListSubItemSet (list, i++, 1, date); + } +#endif // 0 + + if (!bSysEnc || IsHiddenOSRunning()) + { + // Volume format version + ListItemAdd (list, i, GetString ("VOLUME_FORMAT_VERSION")); + StringCbPrintfW (szTmp, sizeof(szTmp), L"%d", prop.volFormatVersion); + ListSubItemSet (list, i++, 1, szTmp); + + // Backup header + ListItemAdd (list, i, GetString ("BACKUP_HEADER")); + ListSubItemSet (list, i++, 1, GetString (prop.volFormatVersion > 1 ? "UISTR_YES" : "UISTR_NO")); + } + + // Total data read + ListItemAdd (list, i, GetString ("TOTAL_DATA_READ")); + GetSizeString (prop.totalBytesRead, sw, sizeof(sw)); + ListSubItemSet (list, i++, 1, sw); + + // Total data written + ListItemAdd (list, i, GetString ("TOTAL_DATA_WRITTEN")); + GetSizeString (prop.totalBytesWritten, sw, sizeof(sw)); + ListSubItemSet (list, i++, 1, sw); + + if (bSysEnc) + { + // TrueCrypt Boot Loader version + ListItemAdd (list, i, GetString ("VC_BOOT_LOADER_VERSION")); + ListSubItemSet (list, i++, 1, GetUserFriendlyVersionString (BootEncStatus.BootLoaderVersion).c_str()); + + // Encrypted portion + ListItemAdd (list, i, GetString ("ENCRYPTED_PORTION")); + if (GetSysEncDeviceEncryptedPartSize (FALSE) == GetSysEncDeviceSize (FALSE)) + ListSubItemSet (list, i++, 1, GetString ("ENCRYPTED_PORTION_FULLY_ENCRYPTED")); + else if (GetSysEncDeviceEncryptedPartSize (FALSE) <= 1) + ListSubItemSet (list, i++, 1, GetString ("ENCRYPTED_PORTION_NOT_ENCRYPTED")); + else + { + + StringCbPrintfW (sw, + sizeof sw, + GetString ("PROCESSED_PORTION_X_PERCENT"), + (double) GetSysEncDeviceEncryptedPartSize (FALSE) / (double) GetSysEncDeviceSize (FALSE) * 100.0); + + ListSubItemSet (list, i++, 1, sw); + } + } + + return 0; + } + + case WM_NOTIFY: + + if(wParam == IDC_VOLUME_PROPERTIES_LIST) + { + /* Right click */ + + switch (((NM_LISTVIEW *) lParam)->hdr.code) + { + case NM_RCLICK: + case LVN_BEGINRDRAG: + /* If the mouse was moving while the right mouse button is pressed, popup menu would + not open, because drag&drop operation would be initiated. Therefore, we're handling + RMB drag-and-drop operations as well. */ + { + + DisplayVolumePropertiesListContextMenu (hwndDlg, lParam); + + return 1; + } + } + } + return 0; + + case WM_CONTEXTMENU: + { + HWND hList = GetDlgItem (hwndDlg, IDC_VOLUME_PROPERTIES_LIST); + // only handle if it is coming from keyboard and if the drive + // list has focus. The other cases are handled elsewhere + if ( (-1 == GET_X_LPARAM(lParam)) + && (-1 == GET_Y_LPARAM(lParam)) + && (GetFocus () == hList) + ) + { + DisplayVolumePropertiesListContextMenu (hwndDlg, NULL); + } + } + return 0; + + case WM_COMMAND: + if (lw == IDOK) + { + EndDialog (hwndDlg, lw); + return 1; + } + return 0; + + case WM_CLOSE: + EndDialog (hwndDlg, lw); + return 1; + } + + return 0; +} + + +BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + static BOOL bAutoRunWarningDisplayed = FALSE; + + switch (msg) + { + case WM_INITDIALOG: + { + WCHAR i; + int index; + WCHAR drive[] = { 0, L':', 0 }; + + LocalizeDialog (hwndDlg, "IDD_TRAVELER_DLG"); + + SendDlgItemMessage (hwndDlg, IDC_COPY_WIZARD, BM_SETCHECK, + BST_CHECKED, 0); + + SendDlgItemMessage (hwndDlg, IDC_COPY_EXPANDER, BM_SETCHECK, + BST_CHECKED, 0); + + SendDlgItemMessage (hwndDlg, IDC_TRAVEL_OPEN_EXPLORER, BM_SETCHECK, + BST_CHECKED, 0); + + SendDlgItemMessage (hwndDlg, IDC_AUTORUN_DISABLE, BM_SETCHECK, + BST_CHECKED, 0); + + SendDlgItemMessage (hwndDlg, IDC_DRIVELIST, CB_RESETCONTENT, 0, 0); + + index = (int) SendDlgItemMessageW (hwndDlg, IDC_DRIVELIST, CB_ADDSTRING, 0, (LPARAM) GetString ("FIRST_AVAILABLE")); + SendDlgItemMessage (hwndDlg, IDC_DRIVELIST, CB_SETITEMDATA, index, (LPARAM) 0); + + for (i = L'A'; i <= L'Z'; i++) + { + if (i == L'C') + continue; + drive[0] = i; + index = (int) SendDlgItemMessageW (hwndDlg, IDC_DRIVELIST, CB_ADDSTRING, 0, (LPARAM) drive); + SendDlgItemMessageW (hwndDlg, IDC_DRIVELIST, CB_SETITEMDATA, index, (LPARAM) i); + } + + SendDlgItemMessageW (hwndDlg, IDC_DRIVELIST, CB_SETCURSEL, 0, 0); + + return 0; + } + + case WM_CTLCOLORSTATIC: + { + HDC hdc = (HDC) wParam; + HWND hw = (HWND) lParam; + if (hw == GetDlgItem(hwndDlg, IDC_DIRECTORY)) + { + // This the directory field. Make its background like normal edit + HBRUSH hbr = GetSysColorBrush (COLOR_WINDOW); + ::SelectObject(hdc, hbr); + return (BOOL) hbr; + } + } + return 0; + + case WM_COMMAND: + + if (HIWORD (wParam) == BN_CLICKED + && (lw == IDC_AUTORUN_DISABLE || lw == IDC_AUTORUN_MOUNT || lw == IDC_AUTORUN_START )) + { + BOOL enabled = IsButtonChecked (GetDlgItem (hwndDlg, IDC_AUTORUN_MOUNT)); + + EnableWindow (GetDlgItem (hwndDlg, IDC_BROWSE_FILES), enabled); + EnableWindow (GetDlgItem (hwndDlg, IDC_VOLUME_NAME), enabled); + EnableWindow (GetDlgItem (hwndDlg, IDC_TRAVEL_OPEN_EXPLORER), enabled); + EnableWindow (GetDlgItem (hwndDlg, IDC_TRAV_CACHE_PASSWORDS), enabled); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PIM), enabled); + EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY), enabled); + EnableWindow (GetDlgItem (hwndDlg, IDC_DRIVELIST), enabled); + EnableWindow (GetDlgItem (hwndDlg, IDT_TRAVELER_MOUNT), enabled); + EnableWindow (GetDlgItem (hwndDlg, IDT_MOUNT_LETTER), enabled); + EnableWindow (GetDlgItem (hwndDlg, IDT_MOUNT_SETTINGS), enabled); + + if (!bAutoRunWarningDisplayed + && (lw == IDC_AUTORUN_MOUNT || lw == IDC_AUTORUN_START)) + { + bAutoRunWarningDisplayed = TRUE; + Warning ("AUTORUN_MAY_NOT_ALWAYS_WORK", hwndDlg); + } + + return 1; + } + + if (lw == IDC_BROWSE_FILES) + { + wchar_t dstDir[MAX_PATH]; + wchar_t volName[MAX_PATH] = { 0 }; + + GetDlgItemText (hwndDlg, IDC_DIRECTORY, dstDir, ARRAYSIZE (dstDir)); + + if (BrowseFilesInDir (hwndDlg, "OPEN_TITLE", dstDir, volName, bHistory, FALSE, NULL)) + SetDlgItemText (hwndDlg, IDC_VOLUME_NAME, wcschr (volName, L'\\') + 1); + + return 1; + } + + if (lw == IDC_BROWSE_DIRS) + { + wchar_t dstPath[MAX_PATH * 2]; + GetDlgItemText (hwndDlg, IDC_DIRECTORY, dstPath, ARRAYSIZE (dstPath)); + + if (BrowseDirectories (hwndDlg, "SELECT_DEST_DIR", dstPath)) + SetDlgItemText (hwndDlg, IDC_DIRECTORY, dstPath); + + return 1; + } + + if (lw == IDCANCEL || lw == IDCLOSE) + { + EndDialog (hwndDlg, lw); + return 1; + } + + if (lw == IDC_CREATE) + { + + BOOL copyWizard, copyExpander, bExplore, bCacheInDriver, bIncludePimInCache, bAutoRun, bAutoMount, bMountReadOnly; + WCHAR dstDir[MAX_PATH + 1]; + WCHAR srcPath[1024 + MAX_PATH + 1]; + WCHAR dstPath[2*MAX_PATH + 1]; + WCHAR appDir[1024]; + WCHAR volName[MAX_PATH + 2]; + int drive; + WCHAR* ptr; + + GetDlgItemTextW (hwndDlg, IDC_DIRECTORY, dstDir, array_capacity (dstDir)); + volName[0] = 0; + GetDlgItemTextW (hwndDlg, IDC_VOLUME_NAME, volName + 1, (array_capacity (volName)) - 1); + + drive = (int) SendDlgItemMessage (hwndDlg, IDC_DRIVELIST, CB_GETCURSEL, 0, 0); + drive = (int) SendDlgItemMessage (hwndDlg, IDC_DRIVELIST, CB_GETITEMDATA, drive, 0); + + copyWizard = IsButtonChecked (GetDlgItem (hwndDlg, IDC_COPY_WIZARD)); + copyExpander = IsButtonChecked (GetDlgItem (hwndDlg, IDC_COPY_EXPANDER)); + bExplore = IsButtonChecked (GetDlgItem (hwndDlg, IDC_TRAVEL_OPEN_EXPLORER)); + bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_TRAV_CACHE_PASSWORDS)); + bIncludePimInCache = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PIM)); + bMountReadOnly = IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY)); + bAutoRun = !IsButtonChecked (GetDlgItem (hwndDlg, IDC_AUTORUN_DISABLE)); + bAutoMount = IsButtonChecked (GetDlgItem (hwndDlg, IDC_AUTORUN_MOUNT)); + + if (dstDir[0] == 0) + { + SetFocus (GetDlgItem (hwndDlg, IDC_DIRECTORY)); + MessageBoxW (hwndDlg, GetString ("NO_PATH_SELECTED"), lpszTitle, MB_ICONEXCLAMATION); + return 1; + } + + + if (bAutoMount && volName[1] == 0) + { + SetFocus (GetDlgItem (hwndDlg, IDC_VOLUME_NAME)); + MessageBoxW (hwndDlg, GetString ("NO_FILE_SELECTED"), lpszTitle, MB_ICONEXCLAMATION); + return 1; + } + + if (volName[1] != 0) + { + volName[0] = L'"'; + StringCbCatW (volName, sizeof(volName), L"\""); + } + + GetModuleFileNameW (NULL, appDir, array_capacity (appDir)); + if (ptr = wcsrchr (appDir, L'\\')) + ptr[0] = 0; + + WaitCursor (); + + StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt", dstDir); + if (!CreateDirectoryW (dstPath, NULL)) + { + handleWin32Error (hwndDlg, SRC_POS); + goto stop; + } + + // Main app 32-bit + if (Is64BitOs () && !IsNonInstallMode ()) + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt-x86.exe", appDir); + else + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt.exe", appDir); + StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCrypt.exe", dstDir); + if (!TCCopyFile (srcPath, dstPath)) + { + handleWin32Error (hwndDlg, SRC_POS); + goto stop; + } + + // Main app 64-bit + if (Is64BitOs () && !IsNonInstallMode ()) + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt.exe", appDir); + else + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt-x64.exe", appDir); + StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCrypt-x64.exe", dstDir); + if (!TCCopyFile (srcPath, dstPath)) + { + handleWin32Error (hwndDlg, SRC_POS); + goto stop; + } + + // Wizard + if (copyWizard) + { + // Wizard 32-bit + if (Is64BitOs () && !IsNonInstallMode ()) + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt Format-x86.exe", appDir); + else + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt Format.exe", appDir); + StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCrypt Format.exe", dstDir); + if (!TCCopyFile (srcPath, dstPath)) + { + handleWin32Error (hwndDlg, SRC_POS); + goto stop; + } + + // Wizard 64-bit + if (Is64BitOs () && !IsNonInstallMode ()) + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt Format.exe", appDir); + else + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt Format-x64.exe", appDir); + StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCrypt Format-x64.exe", dstDir); + if (!TCCopyFile (srcPath, dstPath)) + { + handleWin32Error (hwndDlg, SRC_POS); + goto stop; + } + } + + // Expander + if (copyExpander) + { + // Expander 32-bit + if (Is64BitOs () && !IsNonInstallMode ()) + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCryptExpander-x86.exe", appDir); + else + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCryptExpander.exe", appDir); + StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCryptExpander.exe", dstDir); + if (!TCCopyFile (srcPath, dstPath)) + { + handleWin32Error (hwndDlg, SRC_POS); + goto stop; + } + + // Expander 64-bit + if (Is64BitOs () && !IsNonInstallMode ()) + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCryptExpander.exe", appDir); + else + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCryptExpander-x64.exe", appDir); + StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCryptExpander-x64.exe", dstDir); + if (!TCCopyFile (srcPath, dstPath)) + { + handleWin32Error (hwndDlg, SRC_POS); + goto stop; + } + } + + // Driver + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\veracrypt.sys", appDir); + StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\veracrypt.sys", dstDir); + if (!TCCopyFile (srcPath, dstPath)) + { + handleWin32Error (hwndDlg, SRC_POS); + goto stop; + } + + // Driver x64 + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\veracrypt-x64.sys", appDir); + StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\veracrypt-x64.sys", dstDir); + if (!TCCopyFile (srcPath, dstPath)) + { + handleWin32Error (hwndDlg, SRC_POS); + goto stop; + } + + if (strcmp (GetPreferredLangId (), "en") != 0) + { + // Language pack + StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\Language.%hs.xml", appDir, GetPreferredLangId ()); + StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\Language.%hs.xml", dstDir, GetPreferredLangId ()); + TCCopyFile (srcPath, dstPath); + } + + // AutoRun + StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\autorun.inf", dstDir); + DeleteFileW (dstPath); + if (bAutoRun) + { + FILE *af; + wchar_t autoMount[2*MAX_PATH + 2]; + wchar_t driveLetter[] = { L' ', L'/', L'l', L' ', (wchar_t) drive, 0 }; + + af = _wfopen (dstPath, L"w,ccs=UNICODE"); + + if (af == NULL) + { + MessageBoxW (hwndDlg, GetString ("CANT_CREATE_AUTORUN"), lpszTitle, MB_ICONERROR); + goto stop; + } + + StringCbPrintfW (autoMount, sizeof(autoMount), L"VeraCrypt\\VeraCrypt.exe /q background%s%s%s%s /m rm /v %s", + drive > 0 ? driveLetter : L"", + bExplore ? L" /e" : L"", + bCacheInDriver ? (bIncludePimInCache? L" /c p" : L" /c y") : L"", + bMountReadOnly ? L" /m ro" : L"", + volName); + + fwprintf (af, L"[autorun]\nlabel=%s\nicon=VeraCrypt\\VeraCrypt.exe\n", GetString ("TC_TRAVELER_DISK")); + fwprintf (af, L"action=%s\n", bAutoMount ? GetString ("MOUNT_TC_VOLUME") : GetString ("IDC_PREF_LOGON_START")); + fwprintf (af, L"open=%s\n", bAutoMount ? autoMount : L"VeraCrypt\\VeraCrypt.exe"); + fwprintf (af, L"shell\\start=%s\nshell\\start\\command=VeraCrypt\\VeraCrypt.exe\n", GetString ("IDC_PREF_LOGON_START")); + fwprintf (af, L"shell\\dismount=%s\nshell\\dismount\\command=VeraCrypt\\VeraCrypt.exe /q /d\n", GetString ("DISMOUNT_ALL_TC_VOLUMES")); + + CheckFileStreamWriteErrors (hwndDlg, af, dstPath); + fclose (af); + } + MessageBoxW (hwndDlg, GetString ("TRAVELER_DISK_CREATED"), lpszTitle, MB_ICONINFORMATION); + +stop: + NormalCursor (); + return 1; + } + return 0; + } + + return 0; +} + +void BuildTree (HWND hwndDlg, HWND hTree) +{ + HIMAGELIST hList; + HBITMAP hBitmap, hBitmapMask; + LVCOLUMNW lvCol; + + ListView_DeleteColumn (hTree,0); + ListView_DeleteColumn (hTree,0); + ListView_DeleteColumn (hTree,0); + ListView_DeleteColumn (hTree,0); + ListView_DeleteColumn (hTree,0); + ListView_DeleteColumn (hTree,0); + + SendMessage(hTree,LVM_SETEXTENDEDLISTVIEWSTYLE,0, + LVS_EX_FULLROWSELECT + |LVS_EX_HEADERDRAGDROP + ); + + memset(&lvCol,0,sizeof(lvCol)); + + lvCol.mask = LVCF_TEXT|LVCF_WIDTH|LVCF_SUBITEM|LVCF_FMT; + lvCol.pszText = GetString ("DRIVE"); + lvCol.cx = CompensateXDPI (38); + lvCol.fmt = LVCFMT_COL_HAS_IMAGES|LVCFMT_LEFT ; + SendMessage (hTree,LVM_INSERTCOLUMNW,0,(LPARAM)&lvCol); + + lvCol.pszText = GetString ("VOLUME"); + lvCol.cx = CompensateXDPI (200); + lvCol.fmt = LVCFMT_LEFT; + SendMessage (hTree,LVM_INSERTCOLUMNW,1,(LPARAM)&lvCol); + LastDriveListVolumeColumnWidth = ListView_GetColumnWidth (hTree, 1); + + lvCol.pszText = GetString ("SIZE"); + lvCol.cx = CompensateXDPI (55); + lvCol.fmt = LVCFMT_RIGHT; + SendMessage (hTree,LVM_INSERTCOLUMNW,2,(LPARAM)&lvCol); + + lvCol.pszText = GetString ("ENCRYPTION_ALGORITHM_LV"); + lvCol.cx = CompensateXDPI (123); + lvCol.fmt = LVCFMT_LEFT; + SendMessage (hTree,LVM_INSERTCOLUMNW,3,(LPARAM)&lvCol); + + lvCol.pszText = GetString ("TYPE"); + lvCol.cx = CompensateXDPI (100); + lvCol.fmt = LVCFMT_LEFT; + SendMessage (hTree,LVM_INSERTCOLUMNW,4,(LPARAM)&lvCol); + + // Regular drive icon + + hBitmap = LoadBitmap (hInst, MAKEINTRESOURCE (IDB_DRIVEICON)); + if (hBitmap == NULL) + return; + hBitmapMask = LoadBitmap (hInst, MAKEINTRESOURCE (IDB_DRIVEICON_MASK)); + + hList = CreateImageList (16, 12, ILC_COLOR8|ILC_MASK, 2, 2); + if (AddBitmapToImageList (hList, hBitmap, hBitmapMask) == -1) + { + DeleteObject (hBitmap); + DeleteObject (hBitmapMask); + return; + } + else + { + DeleteObject (hBitmap); + DeleteObject (hBitmapMask); + } + + // System drive icon + + hBitmap = LoadBitmap (hInst, MAKEINTRESOURCE (IDB_SYS_DRIVEICON)); + if (hBitmap == NULL) + return; + hBitmapMask = LoadBitmap (hInst, MAKEINTRESOURCE (IDB_SYS_DRIVEICON_MASK)); + + if (AddBitmapToImageList (hList, hBitmap, hBitmapMask) == -1) + { + DeleteObject (hBitmap); + DeleteObject (hBitmapMask); + return; + } + else + { + DeleteObject (hBitmap); + DeleteObject (hBitmapMask); + } + + ListView_SetImageList (hTree, hList, LVSIL_NORMAL); + ListView_SetImageList (hTree, hList, LVSIL_SMALL); + + LoadDriveLetters (hwndDlg, hTree, 0); +} + +LPARAM GetSelectedLong (HWND hTree) +{ + int hItem = ListView_GetSelectionMark (hTree); + LVITEM item; + + if (nSelectedDriveIndex >= 0) + hItem = nSelectedDriveIndex; + + memset(&item, 0, sizeof(LVITEM)); + item.mask = LVIF_PARAM; + item.iItem = hItem; + + if ( (ListView_GetItemCount (hTree) < 1) + || (ListView_GetItem (hTree, &item) == FALSE) + ) + return MAKELONG (0xffff, 0xffff); + else + return item.lParam; +} + +LPARAM GetItemLong (HWND hTree, int itemNo) +{ + LVITEM item; + + memset(&item, 0, sizeof(LVITEM)); + item.mask = LVIF_PARAM; + item.iItem = itemNo; + + if (ListView_GetItem (hTree, &item) == FALSE) + return MAKELONG (0xffff, 0xffff); + else + return item.lParam; +} + +static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, int *pim, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions) +{ + INT_PTR result; + PasswordDlgParam dlgParam; + + PasswordDialogTitleStringId = titleStringId; + PasswordDialogDisableMountOptions = !enableMountOptions; + + dlgParam.password = password; + dlgParam.pkcs5 = pkcs5; + dlgParam.pim = pim; + dlgParam.truecryptMode = truecryptMode; + + result = DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_PASSWORD_DLG), hwndDlg, + (DLGPROC) PasswordDlgProc, (LPARAM) &dlgParam); + + if (result != IDOK) + { + password->Length = 0; + *pkcs5 = 0; + *pim = -1; + *truecryptMode = FALSE; + burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); + burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); + } + + return result == IDOK; +} + +// GUI actions + +static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim) +{ + BOOL status = FALSE; + wchar_t fileName[MAX_PATH]; + int mounted = 0, EffectiveVolumePkcs5 = CmdVolumePkcs5; + BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode; + int EffectiveVolumePim = (pim < 0)? CmdVolumePim : pim; + BOOL bEffectiveCacheDuringMultipleMount = bCmdCacheDuringMultipleMount? TRUE: bCacheDuringMultipleMount; + BOOL bEffectiveTryEmptyPasswordWhenKeyfileUsed = bCmdTryEmptyPasswordWhenKeyfileUsedValid? bCmdTryEmptyPasswordWhenKeyfileUsed : bTryEmptyPasswordWhenKeyfileUsed; + BOOL bUseCmdVolumePassword = CmdVolumePasswordValid && ((CmdVolumePassword.Length > 0) || (KeyFilesEnable && FirstKeyFile)); + + /* Priority is given to command line parameters + * Default values used only when nothing specified in command line + */ + if (EffectiveVolumePkcs5 == 0) + EffectiveVolumePkcs5 = DefaultVolumePkcs5; + if (!EffectiveVolumeTrueCryptMode) + EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode; + + bPrebootPasswordDlgMode = mountOptions.PartitionInInactiveSysEncScope; + + if (nDosDriveNo == -1) + nDosDriveNo = HIWORD (GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST))) - L'A'; + + if (!MultipleMountOperationInProgress) + { + VolumePassword.Length = 0; + VolumePkcs5 = 0; + VolumeTrueCryptMode = FALSE; + VolumePim = -1; + } + + if (szFileName == NULL) + { + GetVolumePath (hwndDlg, fileName, ARRAYSIZE (fileName)); + } + else + StringCchCopyW (fileName, ARRAYSIZE (fileName), szFileName); + + if (wcslen(fileName) == 0) + { + status = FALSE; + goto ret; + } + + if (!TranslateVolumeID (hwndDlg, fileName, ARRAYSIZE (fileName))) + { + status = FALSE; + goto ret; + } + + szFileName = fileName; + + if (IsMountedVolume (szFileName)) + { + Warning ("VOL_ALREADY_MOUNTED", hwndDlg); + status = FALSE; + goto ret; + } + + if (!VolumePathExists (szFileName)) + { + if (!MultipleMountOperationInProgress) + handleWin32Error (hwndDlg, SRC_POS); + + status = FALSE; + goto ret; + } + + ResetWrongPwdRetryCount (); + + WaitCursor (); + + if (!bUseCmdVolumePassword) + { + // First try cached passwords and if they fail ask user for a new one + // try TrueCrypt mode first since it is quick, only if no custom pim specified + if (EffectiveVolumePim <= 0) + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); + if (!mounted) + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); + + // If keyfiles are enabled, test empty password first + if (!mounted && KeyFilesEnable && FirstKeyFile && bEffectiveTryEmptyPasswordWhenKeyfileUsed) + { + Password emptyPassword; + emptyPassword.Length = 0; + + KeyFilesApply (hwndDlg, &emptyPassword, FirstKeyFile, szFileName); + // try TrueCrypt mode first since it is quick, only if no custom pim specified + if (EffectiveVolumePim <= 0) + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); + if (!mounted) + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); + + burn (&emptyPassword, sizeof (emptyPassword)); + } + } + + // Test password and/or keyfiles used for the previous volume + if (!mounted && bEffectiveCacheDuringMultipleMount && MultipleMountOperationInProgress && VolumePassword.Length != 0) + { + // try TrueCrypt mode first as it is quick, only if no custom pim specified + if (EffectiveVolumePim <= 0) + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); + if (!mounted) + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); + } + + NormalCursor (); + + if (mounted) + { + + // Check for problematic file extensions (exe, dll, sys) + if (CheckFileExtension(szFileName)) + Warning ("EXE_FILE_EXTENSION_MOUNT_WARNING", hwndDlg); + } + + while (mounted == 0) + { + if (bUseCmdVolumePassword) + { + VolumePassword = CmdVolumePassword; + VolumePkcs5 = EffectiveVolumePkcs5; + VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode; + VolumePim = EffectiveVolumePim; + } + else if (!Silent) + { + int GuiPkcs5 = EffectiveVolumePkcs5; + BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode; + int GuiPim = EffectiveVolumePim; + StringCbCopyW (PasswordDlgVolume, sizeof(PasswordDlgVolume), szFileName); + + if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &GuiTrueCryptMode, NULL, TRUE)) + goto ret; + else + { + VolumePkcs5 = GuiPkcs5; + VolumeTrueCryptMode = GuiTrueCryptMode; + VolumePim = GuiPim; + burn (&GuiPkcs5, sizeof(GuiPkcs5)); + burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode)); + burn (&GuiPim, sizeof(GuiPim)); + } + } + + WaitCursor (); + + if (KeyFilesEnable) + KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, szFileName); + + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, !Silent); + NormalCursor (); + + // Check for problematic file extensions (exe, dll, sys) + if (mounted > 0 && CheckFileExtension (szFileName)) + Warning ("EXE_FILE_EXTENSION_MOUNT_WARNING", hwndDlg); + + if (!MultipleMountOperationInProgress) + { + burn (&VolumePassword, sizeof (VolumePassword)); + burn (&VolumePkcs5, sizeof (VolumePkcs5)); + burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); + burn (&VolumePim, sizeof (VolumePim)); + } + + burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); + burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); + + if (CmdVolumePassword.Length > 0 || Silent) + break; + } + + if (mounted > 0) + { + status = TRUE; + + if (bBeep) + MessageBeep (0xFFFFFFFF); + + RefreshMainDlg(MainDlg); + + if (bExplore) + { + WaitCursor(); + OpenVolumeExplorerWindow (nDosDriveNo); + NormalCursor(); + } + + if (mountOptions.ProtectHiddenVolume) + Info ("HIDVOL_PROT_WARN_AFTER_MOUNT", hwndDlg); + } + +ret: + if (!MultipleMountOperationInProgress) + { + burn (&VolumePassword, sizeof (VolumePassword)); + burn (&VolumePkcs5, sizeof (VolumePkcs5)); + burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); + burn (&VolumePim, sizeof (VolumePim)); + } + + burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); + burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); + + RestoreDefaultKeyFilesParam (); + + if (UsePreferences) + bCacheInDriver = bCacheInDriverDefault; + + if (status && CloseSecurityTokenSessionsAfterMount && !MultipleMountOperationInProgress) + SecurityToken::CloseAllSessions(); + + return status; +} + + +static BOOL Dismount (HWND hwndDlg, int nDosDriveNo) +{ + BOOL status = FALSE; + WaitCursor (); + + if (nDosDriveNo == -2) + nDosDriveNo = (char) (HIWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) - L'A'); + + if (bCloseDismountedWindows) + { + CloseVolumeExplorerWindows (hwndDlg, nDosDriveNo); + } + + if (UnmountVolume (hwndDlg, nDosDriveNo, bForceUnmount)) + { + status = TRUE; + + if (bBeep) + MessageBeep (0xFFFFFFFF); + RefreshMainDlg (hwndDlg); + + if (nCurrentOS == WIN_2000 && RemoteSession && !IsAdmin ()) + LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), 0); + } + + NormalCursor (); + return status; +} + +void __cdecl mountThreadFunction (void *hwndDlgArg) +{ + HWND hwndDlg =(HWND) hwndDlgArg; + BOOL bIsForeground = (GetForegroundWindow () == hwndDlg)? TRUE : FALSE; + // Disable parent dialog during processing to avoid user interaction + EnableWindow(hwndDlg, FALSE); + finally_do_arg2 (HWND, hwndDlg, BOOL, bIsForeground, { EnableWindow(finally_arg, TRUE); if (finally_arg2) BringToForeground (finally_arg); bPrebootPasswordDlgMode = FALSE;}); + + Mount (hwndDlg, -1, 0, -1); +} + +typedef struct +{ + UNMOUNT_STRUCT* punmount; + BOOL interact; + int dismountMaxRetries; + int dismountAutoRetryDelay; + BOOL* pbResult; + DWORD* pdwResult; + DWORD dwLastError; + BOOL bReturn; +} DismountAllThreadParam; + +void CALLBACK DismountAllThreadProc(void* pArg, HWND hwndDlg) +{ + DismountAllThreadParam* pThreadParam = (DismountAllThreadParam*) pArg; + UNMOUNT_STRUCT* punmount = pThreadParam->punmount; + BOOL* pbResult = pThreadParam->pbResult; + DWORD* pdwResult = pThreadParam->pdwResult; + int dismountMaxRetries = pThreadParam->dismountMaxRetries; + int dismountAutoRetryDelay = pThreadParam->dismountAutoRetryDelay; + + do + { + *pbResult = DeviceIoControl (hDriver, TC_IOCTL_DISMOUNT_ALL_VOLUMES, punmount, + sizeof (UNMOUNT_STRUCT), punmount, sizeof (UNMOUNT_STRUCT), pdwResult, NULL); + + if ( punmount->nDosDriveNo < 0 || punmount->nDosDriveNo > 25 + || (punmount->ignoreOpenFiles != TRUE && punmount->ignoreOpenFiles != FALSE) + || (punmount->HiddenVolumeProtectionTriggered != TRUE && punmount->HiddenVolumeProtectionTriggered != FALSE) + || (punmount->nReturnCode < 0) + ) + { + if (*pbResult) + SetLastError (ERROR_INTERNAL_ERROR); + *pbResult = FALSE; + } + + if (*pbResult == FALSE) + { + NormalCursor(); + handleWin32Error (hwndDlg, SRC_POS); + pThreadParam->dwLastError = GetLastError (); + pThreadParam->bReturn = FALSE; + return; + } + + if (punmount->nReturnCode == ERR_SUCCESS + && punmount->HiddenVolumeProtectionTriggered + && !VolumeNotificationsList.bHidVolDamagePrevReported [punmount->nDosDriveNo] + && pThreadParam->interact + && !Silent) + { + wchar_t msg[4096]; + + VolumeNotificationsList.bHidVolDamagePrevReported [punmount->nDosDriveNo] = TRUE; + + StringCbPrintfW (msg, sizeof(msg), GetString ("DAMAGE_TO_HIDDEN_VOLUME_PREVENTED"), punmount->nDosDriveNo + L'A'); + SetForegroundWindow (hwndDlg); + MessageBoxW (hwndDlg, msg, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); + + punmount->HiddenVolumeProtectionTriggered = FALSE; + continue; + } + + if (punmount->nReturnCode == ERR_FILES_OPEN) + Sleep (dismountAutoRetryDelay); + else + break; + + } while (--dismountMaxRetries > 0); + + pThreadParam->dwLastError = GetLastError (); + pThreadParam->bReturn = TRUE; +} + +static BOOL DismountAll (HWND hwndDlg, BOOL forceUnmount, BOOL interact, int dismountMaxRetries, int dismountAutoRetryDelay) +{ + BOOL status = TRUE; + MOUNT_LIST_STRUCT mountList = {0}; + DWORD dwResult; + UNMOUNT_STRUCT unmount = {0}; + BOOL bResult; + MOUNT_LIST_STRUCT prevMountList = {0}; + int i; + DismountAllThreadParam dismountAllThreadParam; + +retry: + WaitCursor(); + + DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mountList, sizeof (mountList), &mountList, sizeof (mountList), &dwResult, NULL); + + if (mountList.ulMountedDrives == 0) + { + NormalCursor(); + return TRUE; + } + + BroadcastDeviceChange (DBT_DEVICEREMOVEPENDING, 0, mountList.ulMountedDrives); + + memcpy (&prevMountList, &mountList, sizeof (mountList)); + + for (i = 0; i < 26; i++) + { + if (mountList.ulMountedDrives & (1 << i)) + { + if (bCloseDismountedWindows) + CloseVolumeExplorerWindows (hwndDlg, i); + } + } + + unmount.nDosDriveNo = 0; + unmount.ignoreOpenFiles = forceUnmount; + + dismountAllThreadParam.punmount = &unmount; + dismountAllThreadParam.interact = interact; + dismountAllThreadParam.dismountMaxRetries = dismountMaxRetries; + dismountAllThreadParam.dismountAutoRetryDelay = dismountAutoRetryDelay; + dismountAllThreadParam.pbResult = &bResult; + dismountAllThreadParam.pdwResult = &dwResult; + dismountAllThreadParam.dwLastError = ERROR_SUCCESS; + dismountAllThreadParam.bReturn = TRUE; + + if (interact && !Silent) + { + + ShowWaitDialog (hwndDlg, FALSE, DismountAllThreadProc, &dismountAllThreadParam); + } + else + DismountAllThreadProc (&dismountAllThreadParam, hwndDlg); + + SetLastError (dismountAllThreadParam.dwLastError); + + if (!dismountAllThreadParam.bReturn) + return FALSE; + + memset (&mountList, 0, sizeof (mountList)); + DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mountList, sizeof (mountList), &mountList, sizeof (mountList), &dwResult, NULL); + + // remove any custom label from registry + for (i = 0; i < 26; i++) + { + if ((prevMountList.ulMountedDrives & (1 << i)) && (!(mountList.ulMountedDrives & (1 << i))) && wcslen (prevMountList.wszLabel[i])) + { + UpdateDriveCustomLabel (i, prevMountList.wszLabel[i], FALSE); + } + } + + BroadcastDeviceChange (DBT_DEVICEREMOVECOMPLETE, 0, prevMountList.ulMountedDrives & ~mountList.ulMountedDrives); + + RefreshMainDlg (hwndDlg); + + if (nCurrentOS == WIN_2000 && RemoteSession && !IsAdmin ()) + LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), 0); + + NormalCursor(); + + if (unmount.nReturnCode != 0) + { + if (forceUnmount) + status = FALSE; + + if (unmount.nReturnCode == ERR_FILES_OPEN) + { + if (interact && IDYES == AskWarnYesNoTopmost ("UNMOUNTALL_LOCK_FAILED", hwndDlg)) + { + forceUnmount = TRUE; + goto retry; + } + + if (IsOSAtLeast (WIN_7)) + { + // Undo SHCNE_DRIVEREMOVED + DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, NULL, 0, &mountList, sizeof (mountList), &dwResult, NULL); + + for (i = 0; i < 26; i++) + { + if (mountList.ulMountedDrives & (1 << i)) + { + wchar_t root[] = { (wchar_t) i + L'A', L':', L'\\', 0 }; + SHChangeNotify (SHCNE_DRIVEADD, SHCNF_PATH, root, NULL); + } + } + } + + return FALSE; + } + + if (interact) + MessageBoxW (hwndDlg, GetString ("UNMOUNT_FAILED"), lpszTitle, MB_ICONERROR); + } + else + { + if (bBeep) + MessageBeep (0xFFFFFFFF); + } + + return status; +} + +static BOOL MountAllDevicesThreadCode (HWND hwndDlg, BOOL bPasswordPrompt) +{ + HWND driveList = GetDlgItem (MainDlg, IDC_DRIVELIST); + int selDrive = ListView_GetSelectionMark (driveList); + BOOL shared = FALSE, status = FALSE, bHeaderBakRetry = FALSE; + int mountedVolCount = 0; + vector devices; + int EffectiveVolumePkcs5 = CmdVolumePkcs5; + BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode; + + /* Priority is given to command line parameters + * Default values used only when nothing specified in command line + */ + if (EffectiveVolumePkcs5 == 0) + EffectiveVolumePkcs5 = DefaultVolumePkcs5; + if (!EffectiveVolumeTrueCryptMode) + EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode; + + VolumePassword.Length = 0; + mountOptions = defaultMountOptions; + bPrebootPasswordDlgMode = FALSE; + VolumePim = -1; + + if (selDrive == -1) + selDrive = 0; + + ResetWrongPwdRetryCount (); + + MultipleMountOperationInProgress = TRUE; + + do + { + if (!bHeaderBakRetry) + { + if (!CmdVolumePasswordValid && bPasswordPrompt) + { + int GuiPkcs5 = EffectiveVolumePkcs5; + BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode; + int GuiPim = CmdVolumePim; + PasswordDlgVolume[0] = '\0'; + if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &GuiTrueCryptMode, NULL, TRUE)) + goto ret; + else + { + VolumePkcs5 = GuiPkcs5; + VolumeTrueCryptMode = GuiTrueCryptMode; + VolumePim = GuiPim; + burn (&GuiPkcs5, sizeof(GuiPkcs5)); + burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode)); + burn (&GuiPim, sizeof(GuiPim)); + } + } + else if (CmdVolumePasswordValid) + { + bPasswordPrompt = FALSE; + VolumePassword = CmdVolumePassword; + VolumePkcs5 = EffectiveVolumePkcs5; + VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode; + VolumePim = CmdVolumePim; + } + + WaitCursor(); + + if (FirstCmdKeyFile) + KeyFilesApply (hwndDlg, &VolumePassword, FirstCmdKeyFile, NULL); + else if (KeyFilesEnable) + KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, NULL); + + } + + if (devices.empty()) + devices = GetAvailableHostDevices (true, false, true, true); + foreach (const HostDevice &drive, devices) + { + vector partitions = drive.Partitions; + partitions.insert (partitions.begin(), drive); + + foreach (const HostDevice &device, partitions) + { + wchar_t szFileName[TC_MAX_PATH]; + StringCbCopyW (szFileName, sizeof (szFileName), device.Path.c_str()); + BOOL mounted = IsMountedVolume (szFileName); + + // Skip other partitions of the disk if partition0 (whole disk) is mounted + if (!device.IsPartition && mounted) + break; + + if (device.Floppy) + break; + + if (device.HasUnencryptedFilesystem && !mountOptions.UseBackupHeader && !bHeaderBakRetry) + continue; + + if (!mounted) + { + int nDosDriveNo; + int driveAItem = -1, driveBItem = -1; + + while (LOWORD (GetItemLong (driveList, selDrive)) != 0xffff) + { + if(LOWORD (GetItemLong (driveList, selDrive)) != TC_MLIST_ITEM_FREE) + { + selDrive++; + continue; + } + nDosDriveNo = HIWORD(GetItemLong (driveList, selDrive)) - L'A'; + + /* don't use drives A: and B: for now until no other free drive found */ + if (nDosDriveNo == 0) + { + driveAItem = selDrive; + selDrive++; + continue; + } + if (nDosDriveNo == 1) + { + driveBItem = selDrive; + selDrive++; + continue; + } + break; + } + + if (LOWORD (GetItemLong (driveList, selDrive)) == 0xffff) + { + /* use A: or B: if available as a last resort */ + if (driveAItem >= 0) + { + nDosDriveNo = 0; + selDrive = driveAItem; + } + else if (driveBItem >= 0) + { + nDosDriveNo = 1; + selDrive = driveBItem; + } + else + goto ret; + } + + // First try user password then cached passwords + if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, TRUE, FALSE)) > 0 + || ((VolumePassword.Length > 0) && ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, TRUE, FALSE)) > 0))) + { + // A volume has been successfully mounted + + ResetWrongPwdRetryCount (); + + if (mounted == 2) + shared = TRUE; + + LoadDriveLetters (hwndDlg, driveList, (HIWORD (GetItemLong (GetDlgItem (MainDlg, IDC_DRIVELIST), selDrive)))); + selDrive++; + + if (bExplore) + { + WaitCursor(); + OpenVolumeExplorerWindow (nDosDriveNo); + NormalCursor(); + } + + if (bBeep) + MessageBeep (0xFFFFFFFF); + + status = TRUE; + + mountedVolCount++; + + // Skip other partitions of the disk if partition0 (whole disk) has been mounted + if (!device.IsPartition) + break; + } + } + } + } + + if (mountedVolCount < 1) + { + // Failed to mount any volume + + IncreaseWrongPwdRetryCount (1); + + if (WrongPwdRetryCountOverLimit () + && !mountOptions.UseBackupHeader + && !bHeaderBakRetry) + { + // Retry using embedded header backup (if any) + mountOptions.UseBackupHeader = TRUE; + bHeaderBakRetry = TRUE; + } + else if (bHeaderBakRetry) + { + mountOptions.UseBackupHeader = defaultMountOptions.UseBackupHeader; + bHeaderBakRetry = FALSE; + } + + if (!Silent && !bHeaderBakRetry) + { + WCHAR szTmp[4096]; + + StringCbPrintfW (szTmp, sizeof(szTmp), GetString (KeyFilesEnable || FirstCmdKeyFile ? "PASSWORD_OR_KEYFILE_WRONG_AUTOMOUNT" : "PASSWORD_WRONG_AUTOMOUNT")); + if (CheckCapsLock (hwndDlg, TRUE)) + StringCbCatW (szTmp, sizeof(szTmp), GetString ("PASSWORD_WRONG_CAPSLOCK_ON")); + + MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONWARNING); + } + } + else if (bHeaderBakRetry) + { + // We have successfully mounted a volume using the header backup embedded in the volume (the header is damaged) + mountOptions.UseBackupHeader = defaultMountOptions.UseBackupHeader; + bHeaderBakRetry = FALSE; + + if (!Silent) + Warning ("HEADER_DAMAGED_AUTO_USED_HEADER_BAK", hwndDlg); + } + + if (!bHeaderBakRetry) + { + burn (&VolumePassword, sizeof (VolumePassword)); + burn (&VolumePkcs5, sizeof (VolumePkcs5)); + burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); + burn (&VolumePim, sizeof (VolumePim)); + burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); + burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); + } + + } while (bPasswordPrompt && mountedVolCount < 1); + + /* One or more volumes successfully mounted */ + + ResetWrongPwdRetryCount (); + + if (shared) + Warning ("DEVICE_IN_USE_INFO", hwndDlg); + + if (mountOptions.ProtectHiddenVolume) + { + if (mountedVolCount > 1) + Info ("HIDVOL_PROT_WARN_AFTER_MOUNT_PLURAL", hwndDlg); + else if (mountedVolCount == 1) + Info ("HIDVOL_PROT_WARN_AFTER_MOUNT", hwndDlg); + } + + if (status && CloseSecurityTokenSessionsAfterMount) + SecurityToken::CloseAllSessions(); + +ret: + MultipleMountOperationInProgress = FALSE; + + burn (&VolumePassword, sizeof (VolumePassword)); + burn (&VolumePkcs5, sizeof (VolumePkcs5)); + burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); + burn (&VolumePim, sizeof (VolumePim)); + burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); + burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); + + mountOptions.UseBackupHeader = defaultMountOptions.UseBackupHeader; + + RestoreDefaultKeyFilesParam (); + + if (UsePreferences) + bCacheInDriver = bCacheInDriverDefault; + + EnableDisableButtons (MainDlg); + + NormalCursor(); + + return status; +} + +typedef struct +{ + BOOL bPasswordPrompt; + BOOL bRet; +} MountAllDevicesThreadParam; + +void CALLBACK mountAllDevicesThreadProc(void* pArg, HWND hwndDlg) +{ + MountAllDevicesThreadParam* threadParam =(MountAllDevicesThreadParam*) pArg; + BOOL bPasswordPrompt = threadParam->bPasswordPrompt; + + threadParam->bRet = MountAllDevicesThreadCode (hwndDlg, bPasswordPrompt); +} + +static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt) +{ + MountAllDevicesThreadParam param; + param.bPasswordPrompt = bPasswordPrompt; + param.bRet = FALSE; + + ShowWaitDialog (hwndDlg, FALSE, mountAllDevicesThreadProc, ¶m); + + return param.bRet; +} + +static void ChangePassword (HWND hwndDlg) +{ + INT_PTR result; + int newPimValue = -1; + + GetVolumePath (hwndDlg, szFileName, ARRAYSIZE (szFileName)); + + if (!TranslateVolumeID (hwndDlg, szFileName, ARRAYSIZE (szFileName))) + { + return; + } + + if (IsMountedVolume (szFileName)) + { + Warning (pwdChangeDlgMode == PCDM_CHANGE_PKCS5_PRF ? "MOUNTED_NO_PKCS5_PRF_CHANGE" : "MOUNTED_NOPWCHANGE", hwndDlg); + return; + } + + if (!VolumePathExists (szFileName)) + { + handleWin32Error (hwndDlg, SRC_POS); + return; + } + + bSysEncPwdChangeDlgMode = FALSE; + + result = DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_PASSWORDCHANGE_DLG), hwndDlg, + (DLGPROC) PasswordChangeDlgProc, (LPARAM) &newPimValue); + + if (result == IDOK) + { + switch (pwdChangeDlgMode) + { + case PCDM_CHANGE_PKCS5_PRF: + Info ("PKCS5_PRF_CHANGED", hwndDlg); + break; + + case PCDM_ADD_REMOVE_VOL_KEYFILES: + case PCDM_REMOVE_ALL_KEYFILES_FROM_VOL: + Info ("KEYFILE_CHANGED", hwndDlg); + break; + + case PCDM_CHANGE_PASSWORD: + default: + { + Info ("PASSWORD_CHANGED", hwndDlg); + if (newPimValue != -1) + { + // update the encoded volue in favorite XML if found + bool bFavoriteFound = false; + for (vector ::iterator favorite = FavoriteVolumes.begin(); + favorite != FavoriteVolumes.end(); favorite++) + { + if (favorite->Path == szFileName) + { + bFavoriteFound = true; + favorite->Pim = newPimValue; + SaveFavoriteVolumes (hwndDlg, FavoriteVolumes, false); + break; + } + } + + if (!bFavoriteFound) + { + for (vector ::iterator favorite = SystemFavoriteVolumes.begin(); + favorite != SystemFavoriteVolumes.end(); favorite++) + { + if (favorite->Path == szFileName) + { + bFavoriteFound = true; + favorite->Pim = newPimValue; + + if (AskYesNo("FAVORITE_PIM_CHANGED", hwndDlg) == IDYES) + { + SaveFavoriteVolumes (hwndDlg, SystemFavoriteVolumes, true); + } + break; + } + } + } + } + } + } + } +} + +// Change password of the system partition/drive +static void ChangeSysEncPassword (HWND hwndDlg, BOOL bOnlyChangeKDF) +{ + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + if (!BootEncStatus.DriveEncrypted + && !BootEncStatus.DriveMounted + && !BootEncStatus.VolumeHeaderPresent + && !SysEncryptionOrDecryptionRequired ()) + { + Warning ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg); + return; + } + + if (SysEncryptionOrDecryptionRequired () + || BootEncStatus.SetupInProgress) + { + Warning ("SYSTEM_ENCRYPTION_NOT_COMPLETED", hwndDlg); + return; + } + + if (CreateSysEncMutex ()) // If no instance of the wizard is currently taking care of system encryption + { + StringCbPrintfW (OrigKeyboardLayout, sizeof(OrigKeyboardLayout), L"%08X", (DWORD) GetKeyboardLayout (NULL) & 0xFFFF); + + bSysEncPwdChangeDlgMode = TRUE; + + if (bOnlyChangeKDF) + pwdChangeDlgMode = PCDM_CHANGE_PKCS5_PRF; + else + pwdChangeDlgMode = PCDM_CHANGE_PASSWORD; + + + INT_PTR result = DialogBoxW (hInst, MAKEINTRESOURCEW (IDD_PASSWORDCHANGE_DLG), hwndDlg, (DLGPROC) PasswordChangeDlgProc); + + bSysEncPwdChangeDlgMode = FALSE; + + if (bKeyboardLayoutChanged) + { + // Restore the original keyboard layout + if (LoadKeyboardLayout (OrigKeyboardLayout, KLF_ACTIVATE | KLF_SUBSTITUTE_OK) == NULL) + Warning ("CANNOT_RESTORE_KEYBOARD_LAYOUT", hwndDlg); + else + bKeyboardLayoutChanged = FALSE; + } + + bKeybLayoutAltKeyWarningShown = FALSE; + + if (result == IDOK) + { + switch (pwdChangeDlgMode) + { + case PCDM_CHANGE_PKCS5_PRF: + Info ("PKCS5_PRF_CHANGED", hwndDlg); + + if (!IsHiddenOSRunning()) + { + if (AskWarnYesNo ("SYS_HKD_ALGO_CHANGED_ASK_RESCUE_DISK", hwndDlg) == IDYES) + CreateRescueDisk (hwndDlg); + } + + break; + + case PCDM_ADD_REMOVE_VOL_KEYFILES: + case PCDM_REMOVE_ALL_KEYFILES_FROM_VOL: + // NOP - Keyfiles are not supported for system encryption + break; + + case PCDM_CHANGE_PASSWORD: + default: + Info ("PASSWORD_CHANGED", hwndDlg); + + if (!IsHiddenOSRunning()) + { + if (AskWarnYesNo ("SYS_PASSWORD_CHANGED_ASK_RESCUE_DISK", hwndDlg) == IDYES) + CreateRescueDisk (hwndDlg); + } + } + } + + CloseSysEncMutex (); + } + else + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); +} + +// Initiates or resumes encryption of the system partition/drive +static void EncryptSystemDevice (HWND hwndDlg) +{ + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + if (!BootEncStatus.DriveEncrypted + && !BootEncStatus.DriveMounted + && !SysEncryptionOrDecryptionRequired ()) + { + // System partition/drive is not encrypted (nothing to resume). Initiate the process. + + if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption + { + LaunchVolCreationWizard (hwndDlg, L"/sysenc"); + } + else + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); + + return; + } + else if (SysEncryptionOrDecryptionRequired ()) + { + // System partition/drive encryption already initiated but is incomplete -- attempt to resume the process. + // Note that this also covers the pretest phase and paused decryption (reverses decrypting and starts encrypting) + + if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption + { + LaunchVolCreationWizard (hwndDlg, L"/sysenc"); + } + else + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); + } + else if (SysDriveOrPartitionFullyEncrypted (FALSE)) + { + // System partition/drive appears to be fully encrypted + Info ("SYS_PARTITION_OR_DRIVE_APPEARS_FULLY_ENCRYPTED", hwndDlg); + return; + } +} + +// Initiates decryption of the system partition/drive +static void DecryptSystemDevice (HWND hwndDlg) +{ + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + if (!BootEncStatus.DriveEncrypted + && !BootEncStatus.DriveMounted + && !BootEncStatus.DeviceFilterActive + && !BootEncStatus.VolumeHeaderPresent + && !SysEncryptionOrDecryptionRequired ()) + { + Warning ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg); + return; + } + + if (IsHiddenOSRunning()) + { + Warning ("CANNOT_DECRYPT_HIDDEN_OS", hwndDlg); + return; + } + + if (AskNoYes ("CONFIRM_DECRYPT_SYS_DEVICE", hwndDlg) == IDNO) + return; + + if (AskWarnNoYes ("CONFIRM_DECRYPT_SYS_DEVICE_CAUTION", hwndDlg) == IDNO) + return; + + if (CreateSysEncMutex ()) // If no instance of the wizard is currently taking care of system encryption + { + try + { + // User-mode app may have crashed and its mutex may have gotten lost, so we need to check the driver status too + if (BootEncStatus.SetupInProgress) + { + int attempts = 20; + + BootEncObj->AbortSetup (); + while (BootEncStatus.SetupInProgress && attempts > 0) + { + Sleep (100); + BootEncStatus = BootEncObj->GetStatus(); + attempts--; + WaitCursor(); + } + } + } + catch (Exception &e) + { + e.Show (MainDlg); + } + NormalCursor (); + + if (BootEncStatus.SetupInProgress) + { + CloseSysEncMutex (); + Error ("SYS_ENCRYPTION_OR_DECRYPTION_IN_PROGRESS", hwndDlg); + return; + } + + CloseSysEncMutex (); + LaunchVolCreationWizard (hwndDlg, L"/dsysenc"); + } + else + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); +} + +// Initiates the process of creation of a hidden operating system +static void CreateHiddenOS (HWND hwndDlg) +{ + + // Display brief information as to what a hidden operating system is and what it's good for. This needs to be + // done, because if the system partition/drive is currently encrypted, the wizard will not display any + // such information, but will exit (displaying only an error meessage). + Info("HIDDEN_OS_PREINFO", hwndDlg); + + LaunchVolCreationWizard (hwndDlg, L"/isysenc"); +} + +static void DecryptNonSysDevice (HWND hwndDlg, BOOL bResolveAmbiguousSelection, BOOL bUseDriveListSel) +{ + wstring scPath; + + if (bResolveAmbiguousSelection) + { + scPath = ResolveAmbiguousSelection (hwndDlg, NULL); + + if (scPath.empty ()) + { + // The user selected Cancel + return; + } + } + else if (bUseDriveListSel) + { + // Decrypt mounted volume selected in the main drive list + + LPARAM lLetter = GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST)); + + if (LOWORD (lLetter) != 0xffff) + { + VOLUME_PROPERTIES_STRUCT prop; + DWORD bytesReturned; + + memset (&prop, 0, sizeof (prop)); + prop.driveNo = (wchar_t) HIWORD (lLetter) - L'A'; + + if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &bytesReturned, NULL)) + { + handleWin32Error (MainDlg, SRC_POS); + return; + } + + scPath = prop.wszVolume; + } + else + return; + } + else + { + // Decrypt volume specified in the input field below the main drive list + + wchar_t volPath [TC_MAX_PATH]; + + GetVolumePath (MainDlg, volPath, ARRAYSIZE (volPath)); + + scPath = volPath; + } + + if (scPath.empty ()) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + return; + } + + WaitCursor(); + + switch (IsSystemDevicePath (scPath.c_str (), MainDlg, TRUE)) + { + case 1: + case 2: + // The user wants to decrypt the system partition/drive. Divert to the appropriate function. + + NormalCursor (); + + DecryptSystemDevice (hwndDlg); + return; + } + + WaitCursor(); + + // Make sure the user is not attempting to decrypt a partition on an entirely encrypted system drive. + if (IsNonSysPartitionOnSysDrive (scPath.c_str ()) == 1) + { + if (WholeSysDriveEncryption (TRUE)) + { + // The system drive is entirely encrypted and the encrypted OS is running + + NormalCursor (); + + Warning ("CANT_DECRYPT_PARTITION_ON_ENTIRELY_ENCRYPTED_SYS_DRIVE", hwndDlg); + return; + } + } + else if (TCBootLoaderOnInactiveSysEncDrive ((wchar_t *) scPath.c_str ())) + { + // The system drive MAY be entirely encrypted (external access without PBA) and the potentially encrypted OS is not running + + NormalCursor (); + + Warning ("CANT_DECRYPT_PARTITION_ON_ENTIRELY_ENCRYPTED_SYS_DRIVE_UNSURE", hwndDlg); + + // We allow the user to continue as we don't know if the drive is really an encrypted system drive. + // If it is, the user has been warned and he will not be able to start decrypting, because the + // format wizard will not enable (nor will it allow the user to enable) the mount option for + // external without-PBA access (the user will receive the 'Incorrect password' error message). + } + + NormalCursor (); + + + if (AskNoYesString ((wstring (GetString ("CONFIRM_DECRYPT_NON_SYS_DEVICE")) + L"\n\n" + scPath).c_str(), hwndDlg) == IDNO) + return; + + if (AskWarnNoYes ("CONFIRM_DECRYPT_NON_SYS_DEVICE_CAUTION", hwndDlg) == IDNO) + return; + + LaunchVolCreationWizard (hwndDlg, (wstring (L"/inplacedec \"") + scPath + L"\"").c_str ()); +} + +// Blindly attempts (without any checks) to instruct the wizard to resume whatever system encryption process +// had been interrupted or not started but scheduled or exptected to start. +static void ResumeInterruptedSysEncProcess (HWND hwndDlg) +{ + if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption + { + LaunchVolCreationWizard (MainDlg, L"/csysenc"); + } + else + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); +} + +void CreateRescueDisk (HWND hwndDlg) +{ + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + if (IsHiddenOSRunning()) + { + Warning ("CANNOT_CREATE_RESCUE_DISK_ON_HIDDEN_OS", hwndDlg); + return; + } + + if (!BootEncStatus.DriveEncrypted + && !BootEncStatus.DriveMounted + && !BootEncStatus.VolumeHeaderPresent + && !SysEncryptionOrDecryptionRequired ()) + { + Warning ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg); + return; + } + + if (SysEncryptionOrDecryptionRequired () + || BootEncStatus.SetupInProgress) + { + Warning ("SYSTEM_ENCRYPTION_NOT_COMPLETED", hwndDlg); + return; + } + + if (CreateSysEncMutex ()) // If no instance of the wizard is currently taking care of system encryption + { + try + { + wchar_t szTmp [8096]; + wchar_t szRescueDiskISO [TC_MAX_PATH+1]; + + if (AskOkCancel ("RESCUE_DISK_NON_WIZARD_CREATION_SELECT_PATH", hwndDlg) != IDOK) + { + CloseSysEncMutex (); + return; + } + + wchar_t initialDir[MAX_PATH]; + SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, initialDir); + + if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, TRUE, NULL, L"VeraCrypt Rescue Disk.iso", L"iso")) + { + CloseSysEncMutex (); + return; + } + + WaitCursor(); + BootEncObj->CreateRescueIsoImage (false, szRescueDiskISO); + + StringCbPrintfW (szTmp, sizeof szTmp, + GetString (IsWindowsIsoBurnerAvailable() ? "RESCUE_DISK_NON_WIZARD_CREATION_WIN_ISOBURN" : "RESCUE_DISK_NON_WIZARD_CREATION_BURN"), + szRescueDiskISO); + + if (IsWindowsIsoBurnerAvailable()) + { + if (AskYesNoString (szTmp, hwndDlg) == IDYES) + LaunchWindowsIsoBurner (MainDlg, szRescueDiskISO); + } + else + InfoDirect (szTmp, hwndDlg); + } + catch (Exception &e) + { + e.Show (hwndDlg); + Error ("ERROR_CREATING_RESCUE_DISK", hwndDlg); + } + CloseSysEncMutex (); + + NormalCursor (); + } + else + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); +} + +static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile) +{ + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + if (!BootEncStatus.DriveEncrypted + && !BootEncStatus.DriveMounted + && !BootEncStatus.VolumeHeaderPresent + && !SysEncryptionOrDecryptionRequired ()) + { + Warning ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg); + return; + } + + if (SysEncryptionOrDecryptionRequired () + || BootEncStatus.SetupInProgress) + { + Warning ("SYSTEM_ENCRYPTION_NOT_COMPLETED", hwndDlg); + return; + } + + if (CreateSysEncMutex ()) // If no instance of the wizard is currently taking care of system encryption + { + try + { + if (!checkIsoFile && (AskOkCancel ("RESCUE_DISK_NON_WIZARD_CHECK_INSERT", hwndDlg) != IDOK)) + { + CloseSysEncMutex (); + return; + } + + // Create a temporary up-to-date rescue disk image in RAM (with it the CD/DVD content will be compared) + BootEncObj->CreateRescueIsoImage (false, L""); + + + if (checkIsoFile) + { + wchar_t szRescueDiskISO [TC_MAX_PATH+1]; + wchar_t initialDir[MAX_PATH]; + SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, initialDir); + + if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, FALSE, NULL, L"VeraCrypt Rescue Disk.iso", L"iso")) + { + CloseSysEncMutex (); + return; + } + + WaitCursor(); + if (!BootEncObj->VerifyRescueDiskIsoImage (szRescueDiskISO)) + Error ("RESCUE_DISK_ISO_IMAGE_CHECK_FAILED", hwndDlg); + else + Info ("RESCUE_DISK_ISO_IMAGE_CHECK_PASSED", hwndDlg); + } + else + { + WaitCursor(); + if (!BootEncObj->VerifyRescueDisk ()) + Error ("RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg); + else + Info ("RESCUE_DISK_NON_WIZARD_CHECK_PASSED", hwndDlg); + } + } + catch (Exception &e) + { + e.Show (MainDlg); + Error ("RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg); + } + CloseSysEncMutex (); + + NormalCursor (); + } + else + Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); +} + +static void ShowSystemEncryptionStatus (HWND hwndDlg) +{ + try + { + BootEncStatus = BootEncObj->GetStatus(); + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + if (GetAsyncKeyState (VK_SHIFT) < 0 && GetAsyncKeyState (VK_CONTROL) < 0) + { + // Ctrl+Shift held (for debugging purposes) + + DebugMsgBox ("Debugging information for system encryption:\n\nDeviceFilterActive: %d\nBootLoaderVersion: %x\nSetupInProgress: %d\nSetupMode: %d\nVolumeHeaderPresent: %d\nDriveMounted: %d\nDriveEncrypted: %d\n" + "HiddenSystem: %d\nHiddenSystemPartitionStart: %I64d\n" + "ConfiguredEncryptedAreaStart: %I64d\nConfiguredEncryptedAreaEnd: %I64d\nEncryptedAreaStart: %I64d\nEncryptedAreaEnd: %I64d\nEncrypted: %I64d%%", + BootEncStatus.DeviceFilterActive, + BootEncStatus.BootLoaderVersion, + BootEncStatus.SetupInProgress, + BootEncStatus.SetupMode, + BootEncStatus.VolumeHeaderPresent, + BootEncStatus.DriveMounted, + BootEncStatus.DriveEncrypted, + BootEncStatus.HiddenSystem ? 1 : 0, + BootEncStatus.HiddenSystemPartitionStart, + BootEncStatus.ConfiguredEncryptedAreaStart, + BootEncStatus.ConfiguredEncryptedAreaEnd, + BootEncStatus.EncryptedAreaStart, + BootEncStatus.EncryptedAreaEnd, + !BootEncStatus.DriveEncrypted ? 0 : (BootEncStatus.EncryptedAreaEnd + 1 - BootEncStatus.EncryptedAreaStart) * 100I64 / (BootEncStatus.ConfiguredEncryptedAreaEnd + 1 - BootEncStatus.ConfiguredEncryptedAreaStart)); + } + + if (!BootEncStatus.DriveEncrypted && !BootEncStatus.DriveMounted) + { + Info ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg); + return; + } + + DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_VOLUME_PROPERTIES), hwndDlg, + (DLGPROC) VolumePropertiesDlgProc, (LPARAM) TRUE); + +} + +static void ResumeInterruptedNonSysInplaceEncProcess (BOOL bDecrypt) +{ + // IMPORTANT: This function must not check any config files! Otherwise, if a config file was lost or corrupt, + // the user would not be able resume encryption and the data on the volume would be inaccessible. + + LaunchVolCreationWizard (MainDlg, bDecrypt? L"/resumeinplacedec" : L"/zinplace"); +} + +BOOL SelectContainer (HWND hwndDlg) +{ + if (BrowseFiles (hwndDlg, "OPEN_VOL_TITLE", szFileName, bHistory, FALSE, NULL) == FALSE) + return FALSE; + + AddComboItem (GetDlgItem (hwndDlg, IDC_VOLUME), szFileName, bHistory); + EnableDisableButtons (hwndDlg); + SetFocus (GetDlgItem (hwndDlg, IDC_DRIVELIST)); + return TRUE; +} + +BOOL SelectPartition (HWND hwndDlg) +{ + RawDevicesDlgParam param; + param.pszFileName = szFileName; + INT_PTR nResult = DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_RAWDEVICES_DLG), hwndDlg, + (DLGPROC) RawDevicesDlgProc, (LPARAM) & param); + if (nResult == IDOK) + { + AddComboItem (GetDlgItem (hwndDlg, IDC_VOLUME), szFileName, bHistory); + EnableDisableButtons (hwndDlg); + SetFocus (GetDlgItem (hwndDlg, IDC_DRIVELIST)); + return TRUE; + } + + return FALSE; +} + +static void WipeCache (HWND hwndDlg, BOOL silent) +{ + DWORD dwResult; + BOOL bResult; + + bResult = DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); + if (hwndDlg == NULL) + return; + + if (bResult == FALSE) + handleWin32Error (hwndDlg, SRC_POS); + else + { + EnableDisableButtons (hwndDlg); + + if (!silent) + InfoBalloon ("PASSWORD_CACHE_WIPED_SHORT", "PASSWORD_CACHE_WIPED", hwndDlg); + } +} + +static void Benchmark (HWND hwndDlg) +{ + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_BENCHMARK_DLG), hwndDlg, + (DLGPROC) BenchmarkDlgProc, (LPARAM) NULL); +} + + +static BOOL CheckMountList (HWND hwndDlg, BOOL bForceTaskBarUpdate) +{ + MOUNT_LIST_STRUCT current; + static BootEncryptionStatus newBootEncStatus; + static BOOL lastbUseDifferentTrayIconIfVolMounted = bUseDifferentTrayIconIfVolMounted; + static uint32 lastUlMountedDrives = 0; + + GetMountList (¤t); + + if ((bForceTaskBarUpdate || current.ulMountedDrives != lastUlMountedDrives || bUseDifferentTrayIconIfVolMounted != lastbUseDifferentTrayIconIfVolMounted) + && TaskBarIconMutex != NULL) + { + lastUlMountedDrives = current.ulMountedDrives; + lastbUseDifferentTrayIconIfVolMounted = bUseDifferentTrayIconIfVolMounted; + + TaskBarIconChange (MainDlg, current.ulMountedDrives != 0 && bUseDifferentTrayIconIfVolMounted ? IDI_TRUECRYPT_MOUNTED_ICON : IDI_TRUECRYPT_ICON); + } + + if (bForceTaskBarUpdate) + { + return TRUE; + } + + if (LastKnownLogicalDrives != GetUsedLogicalDrives() + || memcmp (&LastKnownMountList, ¤t, sizeof (current)) != 0) + { + wchar_t selDrive; + + WaitCursor (); + LastKnownMountList = current; + + selDrive = (wchar_t) HIWORD (GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST))); + LoadDriveLetters (hwndDlg, GetDlgItem (MainDlg, IDC_DRIVELIST), 0); + NormalCursor (); + + if (selDrive != ((wchar_t) 0xFFFF) && (current.ulMountedDrives & (1 << (selDrive - L'A'))) == 0 && !IsDriveAvailable (selDrive - L'A')) + { + nSelectedDriveIndex = -1; + return FALSE; + } + + if (selDrive != ((wchar_t) 0xFFFF)) + SelectItem (GetDlgItem (MainDlg, IDC_DRIVELIST),selDrive); + } + + try + { + newBootEncStatus = BootEncObj->GetStatus(); + + if (newBootEncStatus.SetupInProgress != RecentBootEncStatus.SetupInProgress + || newBootEncStatus.EncryptedAreaEnd != RecentBootEncStatus.EncryptedAreaEnd + || newBootEncStatus.DriveEncrypted != RecentBootEncStatus.DriveEncrypted + || newBootEncStatus.DriveMounted != RecentBootEncStatus.DriveMounted + || newBootEncStatus.SetupMode != RecentBootEncStatus.SetupMode + || newBootEncStatus.EncryptedAreaStart != RecentBootEncStatus.EncryptedAreaStart) + { + /* System encryption status change */ + + wchar_t selDrive; + int driveLetterToRefresh; + + if (RecentBootEncStatus.DriveMounted == newBootEncStatus.DriveMounted) // If an icon (and whole new line) for a system device isn't to be added/removed + { + // Partial refresh + if (WholeSysDriveEncryption (TRUE)) + { + // System drive (not just partition) + driveLetterToRefresh = ENC_SYSDRIVE_PSEUDO_DRIVE_LETTER; + } + else + { + // System partition + driveLetterToRefresh = GetSystemDriveLetter (); + } + } + else + { + // Full rebuild of the mount list + driveLetterToRefresh = 0; + } + + selDrive = (wchar_t) HIWORD (GetSelectedLong (GetDlgItem (MainDlg, IDC_DRIVELIST))); + LoadDriveLetters (hwndDlg, GetDlgItem (MainDlg, IDC_DRIVELIST), driveLetterToRefresh); + + RecentBootEncStatus = newBootEncStatus; + + if (selDrive != ((wchar_t) 0xFFFF) && (current.ulMountedDrives & (1 << (selDrive - L'A'))) == 0 && !IsDriveAvailable (selDrive - L'A')) + { + nSelectedDriveIndex = -1; + } + + if (selDrive != ((wchar_t) 0xFFFF)) + { + SelectItem (GetDlgItem (MainDlg, IDC_DRIVELIST),selDrive); + } + } + + /* Miscellaneous notifications */ + + // Hibernation prevention notifications + if (newBootEncStatus.HibernationPreventionCount != RecentBootEncStatus.HibernationPreventionCount + && !bHibernationPreventionNotified) + { + bHibernationPreventionNotified = TRUE; + RecentBootEncStatus.HibernationPreventionCount = newBootEncStatus.HibernationPreventionCount; + + if (IsHiddenOSRunning() && BootEncObj->GetSystemDriveConfiguration().ExtraBootPartitionPresent) + WarningTopMost ("HIDDEN_OS_HIBERNATION_PREVENTED", hwndDlg); + else + WarningTopMost ("SYS_ENC_HIBERNATION_PREVENTED", hwndDlg); + } + + // Write mode prevention (hidden OS leak protection) + if (IsHiddenOSRunning()) + { + if (newBootEncStatus.HiddenSysLeakProtectionCount != RecentBootEncStatus.HiddenSysLeakProtectionCount + && !bHiddenSysLeakProtNotifiedDuringSession) + { + bHiddenSysLeakProtNotifiedDuringSession = TRUE; + + switch (HiddenSysLeakProtectionNotificationStatus) + { + case TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_COMPACT: + { + char *tmp[] = {0, "HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO", "SHOW_MORE_INFORMATION", "DO_NOT_SHOW_THIS_AGAIN", "CONTINUE", 0}; + switch (AskMultiChoice ((void **) tmp, FALSE, hwndDlg)) + { + case 1: + InfoDirect ((wstring (GetString ("HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO")) + + L"\n\n" + + GetString ("HIDDEN_OS_WRITE_PROTECTION_EXPLANATION") + + L"\n\n\n" + + GetString ("DECOY_TO_HIDDEN_OS_DATA_TRANSFER_HOWTO")).c_str(), hwndDlg); + break; + + case 2: + // No more warnings will be shown + if (ConfigBuffer == NULL) + { + // We need to load the config file because it is not done automatically when + // launched from the sys startup sequence (and SaveSettings would start by _loading_ + // the settings to cache). + LoadSettings (MainDlg); + } + HiddenSysLeakProtectionNotificationStatus = TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_DISABLED; + SaveSettings (MainDlg); + break; + + default: + // NOP + break; + } + } + break; + + case TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_DISABLED: + // NOP + break; + + case TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_NONE: + default: + { + // First time warning -- include technical explanation + InfoDirect ((wstring (GetString ("HIDDEN_OS_WRITE_PROTECTION_BRIEF_INFO")) + + L"\n\n" + + GetString ("HIDDEN_OS_WRITE_PROTECTION_EXPLANATION") + + L"\n\n\n" + + GetString ("DECOY_TO_HIDDEN_OS_DATA_TRANSFER_HOWTO")).c_str(), hwndDlg); + + // Further warnings will not include the explanation (and will allow disabling) + + if (ConfigBuffer == NULL) + { + // We need to load the config file because it is not done automatically when + // launched from the sys startup sequence (and SaveSettings would start by _loading_ + // the settings to cache). + LoadSettings (MainDlg); + } + HiddenSysLeakProtectionNotificationStatus = TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_COMPACT; + SaveSettings (MainDlg); + } + break; + } + } + } + } + catch (...) + { + // NOP + } + + return TRUE; +} + + +void DisplayDriveListContextMenu (HWND hwndDlg, LPARAM lParam) +{ + /* Drive list context menu */ + DWORD mPos; + int menuItem; + HMENU popup = CreatePopupMenu (); + HWND hList = GetDlgItem (hwndDlg, IDC_DRIVELIST); + + SetFocus (hList); + + switch (LOWORD (GetSelectedLong (hList))) + { + case TC_MLIST_ITEM_FREE: + + // No mounted volume at this drive letter + + AppendMenuW (popup, MF_STRING, IDM_MOUNT_VOLUME, GetString ("IDM_MOUNT_VOLUME")); + AppendMenu (popup, MF_SEPARATOR, 0, L""); + AppendMenuW (popup, MF_STRING, IDPM_SELECT_FILE_AND_MOUNT, GetString ("SELECT_FILE_AND_MOUNT")); + AppendMenuW (popup, MF_STRING, IDPM_SELECT_DEVICE_AND_MOUNT, GetString ("SELECT_DEVICE_AND_MOUNT")); + break; + + case TC_MLIST_ITEM_NONSYS_VOL: + + // There's a mounted non-system volume at this drive letter + + AppendMenuW (popup, MF_STRING, IDM_UNMOUNT_VOLUME, GetString ("DISMOUNT")); + AppendMenuW (popup, MF_STRING, IDPM_OPEN_VOLUME, GetString ("OPEN")); + AppendMenu (popup, MF_SEPARATOR, 0, L""); + AppendMenuW (popup, MF_STRING, IDPM_CHECK_FILESYS, GetString ("IDPM_CHECK_FILESYS")); + AppendMenuW (popup, MF_STRING, IDPM_REPAIR_FILESYS, GetString ("IDPM_REPAIR_FILESYS")); + AppendMenu (popup, MF_SEPARATOR, 0, L""); + AppendMenuW (popup, MF_STRING, IDPM_ADD_TO_FAVORITES, GetString ("IDPM_ADD_TO_FAVORITES")); + AppendMenuW (popup, MF_STRING, IDPM_ADD_TO_SYSTEM_FAVORITES, GetString ("IDPM_ADD_TO_SYSTEM_FAVORITES")); + AppendMenu (popup, MF_SEPARATOR, 0, L""); + AppendMenuW (popup, MF_STRING, IDM_DECRYPT_NONSYS_VOL, GetString ("IDM_DECRYPT_NONSYS_VOL")); + AppendMenu (popup, MF_SEPARATOR, 0, L""); + AppendMenuW (popup, MF_STRING, IDM_VOLUME_PROPERTIES, GetString ("IDPM_PROPERTIES")); + break; + + case TC_MLIST_ITEM_SYS_PARTITION: + case TC_MLIST_ITEM_SYS_DRIVE: + + // System partition/drive + + PopulateSysEncContextMenu (popup, FALSE); + break; + } + + if (lParam) + { + mPos=GetMessagePos(); + } + else + { + POINT pt = {0}; + if (ListView_GetItemPosition (hList, nSelectedDriveIndex, &pt)) + { + pt.x += 2 + ::GetSystemMetrics(SM_CXICON); + pt.y += 2; + } + ClientToScreen (hList, &pt); + mPos = MAKELONG (pt.x, pt.y); + } + + menuItem = TrackPopupMenu (popup, + TPM_RETURNCMD | TPM_LEFTBUTTON, + GET_X_LPARAM(mPos), + GET_Y_LPARAM(mPos), + 0, + hwndDlg, + NULL); + + DestroyMenu (popup); + + switch (menuItem) + { + case IDPM_SELECT_FILE_AND_MOUNT: + if (SelectContainer (hwndDlg)) + MountSelectedVolume (hwndDlg, FALSE); + break; + + case IDPM_SELECT_DEVICE_AND_MOUNT: + if (SelectPartition (hwndDlg)) + MountSelectedVolume (hwndDlg, FALSE); + break; + + case IDPM_CHECK_FILESYS: + case IDPM_REPAIR_FILESYS: + { + LPARAM lLetter = GetSelectedLong (hList); + + if (LOWORD (lLetter) != 0xffff) + CheckFilesystem (hwndDlg, (wchar_t) HIWORD (lLetter) - L'A', menuItem == IDPM_REPAIR_FILESYS); + } + break; + + case IDM_UNMOUNT_VOLUME: + if (CheckMountList (hwndDlg, FALSE)) + Dismount (hwndDlg, -2); + break; + + case IDM_DECRYPT_NONSYS_VOL: + if (CheckMountList (hwndDlg, FALSE)) + DecryptNonSysDevice (hwndDlg, FALSE, TRUE); + break; + + case IDPM_OPEN_VOLUME: + { + LPARAM state; + if (lParam) + nSelectedDriveIndex = ((LPNMITEMACTIVATE)lParam)->iItem; + else + nSelectedDriveIndex = ListView_GetSelectionMark (hList); + state = GetItemLong (hList, nSelectedDriveIndex ); + + WaitCursor (); + OpenVolumeExplorerWindow (HIWORD(state) - L'A'); + NormalCursor (); + } + break; + + case IDM_VOLUME_PROPERTIES: + DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_VOLUME_PROPERTIES), hwndDlg, + (DLGPROC) VolumePropertiesDlgProc, (LPARAM) FALSE); + break; + + case IDM_MOUNT_VOLUME: + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + mountOptions = defaultMountOptions; + bPrebootPasswordDlgMode = FALSE; + + if (CheckMountList (hwndDlg, FALSE)) + _beginthread(mountThreadFunction, 0, hwndDlg); + } + break; + + case IDPM_ADD_TO_FAVORITES: + case IDPM_ADD_TO_SYSTEM_FAVORITES: + { + LPARAM selectedDrive = GetSelectedLong (hList); + + if (LOWORD (selectedDrive) == TC_MLIST_ITEM_NONSYS_VOL) + AddMountedVolumeToFavorites (hwndDlg, HIWORD (selectedDrive) - L'A', menuItem == IDPM_ADD_TO_SYSTEM_FAVORITES); + } + break; + + default: + SendMessage (MainDlg, WM_COMMAND, menuItem, NULL); + break; + } +} + + +/* Except in response to the WM_INITDIALOG and WM_ENDSESSION messages, the dialog box procedure + should return nonzero if it processes a message, and zero if it does not. */ +BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) +{ + static UINT taskBarCreatedMsg; + WORD lw = LOWORD (wParam); + WORD hw = HIWORD (wParam); + + switch (uMsg) + { + case WM_HOTKEY: + + HandleHotKey (hwndDlg, wParam); + return 1; + + case WM_INITDIALOG: + { + int exitCode = 0; + + MainDlg = hwndDlg; + + if (IsTrueCryptInstallerRunning()) + AbortProcess ("TC_INSTALLER_IS_RUNNING"); + + // Set critical default options in case UsePreferences is false + bPreserveTimestamp = defaultMountOptions.PreserveTimestamp = TRUE; + bShowDisconnectedNetworkDrives = FALSE; + bHideWaitingDialog = FALSE; + + ResetWrongPwdRetryCount (); + + ExtractCommandLine (hwndDlg, (wchar_t *) lParam); + + try + { + BootEncObj->SetParentWindow (hwndDlg); + BootEncStatus = BootEncObj->GetStatus(); + RecentBootEncStatus = BootEncStatus; + } + catch (...) + { + // NOP + } + + if (UsePreferences) + { + // General preferences + LoadSettings (hwndDlg); + + // Keyfiles + LoadDefaultKeyFilesParam (); + RestoreDefaultKeyFilesParam (); + } + + if (ComServerMode) + { + InitDialog (hwndDlg); + + if (!ComServerMain ()) + { + handleWin32Error (hwndDlg, SRC_POS); + exit (1); + } + exit (0); + } + + if (CmdMountOptionsValid) + mountOptions = CmdMountOptions; + + InitMainDialog (hwndDlg); + + try + { + if (IsHiddenOSRunning()) + { + uint32 driverConfig = ReadDriverConfigurationFlags(); + if (BootEncObj->GetInstalledBootLoaderVersion() != VERSION_NUM) + Warning ("UPDATE_TC_IN_HIDDEN_OS_TOO", hwndDlg); + if ( !(driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION) + && !BootEncObj->CheckBootloaderFingerprint ()) + Warning ("BOOT_LOADER_FINGERPRINT_CHECK_FAILED", hwndDlg); + } + else if (SysDriveOrPartitionFullyEncrypted (TRUE)) + { + uint32 driverConfig = ReadDriverConfigurationFlags(); + if (BootEncObj->GetInstalledBootLoaderVersion() != VERSION_NUM) + { + Warning ("BOOT_LOADER_VERSION_DIFFERENT_FROM_DRIVER_VERSION", hwndDlg); + } + if ( !(driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION) + && !BootEncObj->CheckBootloaderFingerprint ()) + Warning ("BOOT_LOADER_FINGERPRINT_CHECK_FAILED", hwndDlg); + } + } + catch (...) { } + + // Automount + if (bAuto || (Quit && szFileName[0] != 0)) + { + // No drive letter specified on command line + if (commandLineDrive == 0) + szDriveLetter[0] = (wchar_t) GetFirstAvailableDrive () + L'A'; + + if (bAutoMountDevices) + { + defaultMountOptions = mountOptions; + if (FirstCmdKeyFile) + { + KeyFilesEnable = defaultKeyFilesParam.EnableKeyFiles = TRUE; + KeyFileCloneAll (FirstCmdKeyFile, &FirstKeyFile); + KeyFileCloneAll (FirstCmdKeyFile, &defaultKeyFilesParam.FirstKeyFile); + } + + if (!MountAllDevices (hwndDlg, !Silent && !CmdVolumePasswordValid && IsPasswordCacheEmpty())) + exitCode = 1; + } + + if (bAutoMountFavorites) + { + defaultMountOptions = mountOptions; + if (FirstCmdKeyFile) + { + KeyFilesEnable = defaultKeyFilesParam.EnableKeyFiles = TRUE; + KeyFileCloneAll (FirstCmdKeyFile, &FirstKeyFile); + KeyFileCloneAll (FirstCmdKeyFile, &defaultKeyFilesParam.FirstKeyFile); + } + + if (!MountFavoriteVolumes (hwndDlg, FALSE, LogOn)) + exitCode = 1; + } + + if (szFileName[0] != 0 && !TranslateVolumeID (hwndDlg, szFileName, ARRAYSIZE (szFileName))) + { + exitCode = 1; + } + else if (szFileName[0] != 0 && !IsMountedVolume (szFileName)) + { + BOOL mounted = FALSE; + int EffectiveVolumePkcs5 = CmdVolumePkcs5; + BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode; + BOOL bEffectiveTryEmptyPasswordWhenKeyfileUsed = bCmdTryEmptyPasswordWhenKeyfileUsedValid? bCmdTryEmptyPasswordWhenKeyfileUsed : bTryEmptyPasswordWhenKeyfileUsed; + + if (!VolumePathExists (szFileName)) + { + handleWin32Error (hwndDlg, SRC_POS); + } + else + { + /* Priority is given to command line parameters + * Default values used only when nothing specified in command line + */ + if (EffectiveVolumePkcs5 == 0) + EffectiveVolumePkcs5 = DefaultVolumePkcs5; + if (!EffectiveVolumeTrueCryptMode) + EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode; + + // Command line password or keyfiles + if (CmdVolumePassword.Length != 0 || (FirstCmdKeyFile && (CmdVolumePasswordValid || bEffectiveTryEmptyPasswordWhenKeyfileUsed))) + { + BOOL reportBadPasswd = CmdVolumePassword.Length > 0; + + if (FirstCmdKeyFile) + KeyFilesApplyWithPin (hwndDlg, &CmdVolumePassword, CmdTokenPin, FirstCmdKeyFile, szFileName); + + mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', + szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, + &mountOptions, Silent, reportBadPasswd); + + burn (&CmdVolumePassword, sizeof (CmdVolumePassword)); + } + else + { + // Cached password + mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, NULL, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); + } + + if (FirstCmdKeyFile) + { + KeyFileRemoveAll (&FirstKeyFile); + FirstKeyFile = FirstCmdKeyFile; + KeyFilesEnable = TRUE; + } + + // Ask user for password + while (!mounted && !Silent) + { + int GuiPkcs5 = EffectiveVolumePkcs5; + int GuiPim = CmdVolumePim; + BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode; + VolumePassword.Length = 0; + + StringCbCopyW (PasswordDlgVolume, sizeof(PasswordDlgVolume),szFileName); + if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &GuiTrueCryptMode, NULL, TRUE)) + break; + else + { + VolumePkcs5 = GuiPkcs5; + VolumePim = GuiPim; + VolumeTrueCryptMode = GuiTrueCryptMode; + burn (&GuiPkcs5, sizeof(GuiPkcs5)); + burn (&GuiPim, sizeof(GuiPim)); + burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode)); + } + + WaitCursor (); + + if (KeyFilesEnable && FirstKeyFile) + KeyFilesApplyWithPin (hwndDlg, &VolumePassword, CmdTokenPin, FirstKeyFile, szFileName); + + mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, FALSE, TRUE); + + burn (&VolumePassword, sizeof (VolumePassword)); + burn (&VolumePkcs5, sizeof (VolumePkcs5)); + burn (&VolumePim, sizeof (VolumePim)); + burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); + burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); + burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); + + NormalCursor (); + } + } + + if (UsePreferences) + { + RestoreDefaultKeyFilesParam (); + bCacheInDriver = bCacheInDriverDefault; + } + + if (mounted > 0) + { + if (bBeep) + MessageBeep (0xFFFFFFFF); + + if (bExplore) + OpenVolumeExplorerWindow (szDriveLetter[0] - L'A'); + + RefreshMainDlg(hwndDlg); + + if(!Silent) + { + // Check for problematic file extensions (exe, dll, sys) + if (CheckFileExtension (szFileName)) + Warning ("EXE_FILE_EXTENSION_MOUNT_WARNING", hwndDlg); + } + } + else + exitCode = 1; + } + else if (bExplore && GetMountedVolumeDriveNo (szFileName) != -1) + OpenVolumeExplorerWindow (GetMountedVolumeDriveNo (szFileName)); + else if (szFileName[0] != 0 && IsMountedVolume (szFileName)) + Warning ("VOL_ALREADY_MOUNTED", hwndDlg); + + if (!Quit) + RefreshMainDlg(hwndDlg); + } + + // Wipe cache + if (bWipe) + WipeCache (hwndDlg, Silent); + + // Wipe command line password + if (CmdVolumePassword.Length != 0) + { + burn (&CmdVolumePassword, sizeof (CmdVolumePassword)); + CmdVolumePassword.Length = 0; + } + + // Wipe command line keyfiles + if (FirstCmdKeyFile) + { + if (defaultKeyFilesParam.FirstKeyFile) + KeyFileRemoveAll (&defaultKeyFilesParam.FirstKeyFile); + + defaultKeyFilesParam.EnableKeyFiles = FALSE; + + if (!Quit) + { + LoadSettings (hwndDlg); + LoadDefaultKeyFilesParam (); + RestoreDefaultKeyFilesParam (); + } + } + + // Dismount + if (cmdUnmountDrive >= 0) + { + MOUNT_LIST_STRUCT mountList; + DWORD bytesReturned; + + if (DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, NULL, 0, &mountList, sizeof (mountList), &bytesReturned, NULL) + && (mountList.ulMountedDrives & (1 << cmdUnmountDrive)) == 0) + { + Error ("NO_VOLUME_MOUNTED_TO_DRIVE", hwndDlg); + exitCode = 1; + } + else if (!Dismount (hwndDlg, cmdUnmountDrive)) + exitCode = 1; + } + else if (cmdUnmountDrive == -1) + { + if (!DismountAll (hwndDlg, bForceUnmount, !Silent, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY)) + exitCode = 1; + } + + // TaskBar icon + if (bEnableBkgTask) + TaskBarIconAdd (hwndDlg); + + // Quit + if (Quit) + { + if (TaskBarIconMutex == NULL) + exit (exitCode); + + MainWindowHidden = TRUE; + + LoadSettings (hwndDlg); + LoadDefaultKeyFilesParam (); + RestoreDefaultKeyFilesParam (); + + if (!bEnableBkgTask) + { + if (TaskBarIconMutex) + TaskBarIconRemove (hwndDlg); + exit (exitCode); + } + } + + // No command line arguments or only /volume => bring active instance + // to foreground if available + if (NoCmdLineArgs == 0 || (CmdLineVolumeSpecified && NoCmdLineArgs <= 2)) + { + HWND h = hwndDlg; + EnumWindows (FindTCWindowEnum, (LPARAM) &h); + + if (h != hwndDlg + && (!IsAdmin() || (GetWindowLongPtrW (h, DWLP_USER) & TC_MAIN_WINDOW_FLAG_ADMIN_PRIVILEGES) != 0)) + { + if (CmdLineVolumeSpecified) + { + COPYDATASTRUCT cd; + memcpy (&cd.dwData, WM_COPY_SET_VOLUME_NAME, 4); + cd.lpData = szFileName; + cd.cbData = (DWORD) ((wcslen (szFileName) + 1) * sizeof (wchar_t)); + + SendMessage (h, WM_COPYDATA, (WPARAM)hwndDlg, (LPARAM)&cd); + } + + SendMessage (h, TC_APPMSG_MOUNT_SHOW_WINDOW, 0, 0); + + ShowWindow (h, SW_SHOW); + SetForegroundWindow (h); + + if (TaskBarIconMutex == NULL) + exit (0); + } + } + + HookMouseWheel (hwndDlg, IDC_VOLUME); + + // Register hot keys + if (!RegisterAllHotkeys (hwndDlg, Hotkeys) + && TaskBarIconMutex != NULL) // Warn only if we are the first instance of TrueCrypt + Warning("HOTKEY_REGISTRATION_ERROR", hwndDlg); + + Silent = FALSE; + + GetMountList (&LastKnownMountList); + SetTimer (hwndDlg, TIMER_ID_MAIN, TIMER_INTERVAL_MAIN, NULL); + + taskBarCreatedMsg = RegisterWindowMessage (L"TaskbarCreated"); + + AllowMessageInUIPI (taskBarCreatedMsg); + + SetFocus (GetDlgItem (hwndDlg, IDC_DRIVELIST)); + + /* Check system encryption status */ + + if (!Quit) // Do not care about system encryption or in-place encryption if we were launched from the system startup sequence (the wizard was added to it too). + { + if (SysEncryptionOrDecryptionRequired ()) + { + if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption + { + // We shouldn't block the mutex at this point + + if (SystemEncryptionStatus == SYSENC_STATUS_PRETEST + || AskWarnYesNo ("SYSTEM_ENCRYPTION_RESUME_PROMPT", hwndDlg) == IDYES) + { + // The wizard was not launched during the system startup seq, or the user may have forgotten + // to resume the encryption/decryption process. + + + LaunchVolCreationWizard (hwndDlg, L"/csysenc"); + } + } + } + + if (bInPlaceEncNonSysPending && !NonSysInplaceEncInProgressElsewhere()) + { + BOOL bDecrypt = FALSE; + if (AskNonSysInPlaceEncryptionResume(hwndDlg, &bDecrypt) == IDYES) + ResumeInterruptedNonSysInplaceEncProcess (bDecrypt); + } + } + + if (TaskBarIconMutex != NULL) + RegisterWtsNotification(hwndDlg); + DoPostInstallTasks (hwndDlg); + ResetCurrentDirectory (); + } + return 0; + + case WM_MOUSEWHEEL: + return HandleDriveListMouseWheelEvent (uMsg, wParam, lParam, FALSE); + + case WM_CONTEXTMENU: + { + HWND hList = GetDlgItem (hwndDlg, IDC_DRIVELIST); + // only handle if it is coming from keyboard and if the drive + // list has focus. The other cases are handled elsewhere + if ( (-1 == GET_X_LPARAM(lParam)) + && (-1 == GET_Y_LPARAM(lParam)) + && (GetFocus () == hList) + ) + { + INT item = ListView_GetSelectionMark (hList); + if (item >= 0) + { + nSelectedDriveIndex = item; + DisplayDriveListContextMenu (hwndDlg, NULL); + } + } + } + break; + + case WM_WINDOWPOSCHANGING: + if (MainWindowHidden) + { + // Prevent window from being shown + PWINDOWPOS wp = (PWINDOWPOS)lParam; + wp->flags &= ~SWP_SHOWWINDOW; + return 0; + } + return 1; + + case WM_SYSCOMMAND: + if (lw == IDC_ABOUT) + { + DialogBoxW (hInst, MAKEINTRESOURCEW (IDD_ABOUT_DLG), hwndDlg, (DLGPROC) AboutDlgProc); + return 1; + } + return 0; + + case WM_HELP: + OpenPageHelp (hwndDlg, 0); + return 1; + + case WM_WTSSESSION_CHANGE: + if (TaskBarIconMutex != NULL) + { + if (bDismountOnSessionLocked && ((WTS_SESSION_LOCK == wParam) || (WTS_CONSOLE_DISCONNECT == wParam) || (WTS_REMOTE_DISCONNECT == wParam))) + { + // Auto-dismount when session is locked + DWORD dwResult; + + if (bWipeCacheOnAutoDismount) + { + DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); + SecurityToken::CloseAllSessions(); + } + + DismountAll (hwndDlg, bForceAutoDismount, TRUE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY); + } + } + return 0; + + case WM_ENDSESSION: + if (TaskBarIconMutex != NULL) + { + if (bDismountOnLogOff) + { + // Auto-dismount when user logs off + DWORD dwResult; + + if (bWipeCacheOnAutoDismount) + DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); + + DismountAll (hwndDlg, bForceAutoDismount, FALSE, 1, 0); + } + + TaskBarIconRemove (hwndDlg); + UnregisterWtsNotification(hwndDlg); + } + EndMainDlg (hwndDlg); + localcleanup (); + return 0; + + case WM_POWERBROADCAST: + if (wParam == PBT_APMSUSPEND + && TaskBarIconMutex != NULL && bDismountOnPowerSaving) + { + // Auto-dismount when entering power-saving mode + DWORD dwResult; + + if (bWipeCacheOnAutoDismount) + { + DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); + SecurityToken::CloseAllSessions(); + } + + DismountAll (hwndDlg, bForceAutoDismount, TRUE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY); + } + return 0; + + case WM_TIMER: + { + // Check mount list and update GUI if needed + CheckMountList (hwndDlg, FALSE); + + // Cache status + if (IsPasswordCacheEmpty() == IsWindowEnabled (GetDlgItem (hwndDlg, IDC_WIPE_CACHE))) + EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_CACHE), !IsPasswordCacheEmpty()); + + // Check driver warning flags + DWORD bytesOut; + GetWarningFlagsRequest warnings; + if (DeviceIoControl (hDriver, TC_IOCTL_GET_WARNING_FLAGS, NULL, 0, &warnings, sizeof (warnings), &bytesOut, NULL)) + { + if (warnings.SystemFavoriteVolumeDirty) + WarningTopMost ("SYS_FAVORITE_VOLUME_DIRTY", hwndDlg); + + if (warnings.PagingFileCreationPrevented) + WarningTopMost ("PAGING_FILE_CREATION_PREVENTED", hwndDlg); + } + + if (TaskBarIconMutex != NULL) + { + + // Idle auto-dismount + if (MaxVolumeIdleTime > 0) + DismountIdleVolumes (); + + // Screen saver auto-dismount + if (bDismountOnScreenSaver) + { + static BOOL previousState = FALSE; + BOOL running = FALSE; + SystemParametersInfo (SPI_GETSCREENSAVERRUNNING, 0, &running, 0); + + if (running && !previousState) + { + DWORD dwResult; + previousState = TRUE; + + if (bWipeCacheOnAutoDismount) + { + DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); + SecurityToken::CloseAllSessions(); + } + + DismountAll (hwndDlg, bForceAutoDismount, FALSE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY); + } + else + { + previousState = running; + } + } + + // Auto-mount favorite volumes on arrival +#if TIMER_INTERVAL_MAIN != 500 +#error TIMER_INTERVAL_MAIN != 500 +#endif + static int favoritesAutoMountTimerDivisor = 0; + if ((++favoritesAutoMountTimerDivisor & 1) && !FavoritesOnArrivalMountRequired.empty()) + { + static bool reentry = false; + if (reentry) + break; + + reentry = true; + + foreach (FavoriteVolume favorite, FavoritesOnArrivalMountRequired) + { + if (favorite.UseVolumeID) + { + if (IsMountedVolumeID (favorite.VolumeID)) + continue; + + std::wstring volDevPath = FindDeviceByVolumeID (favorite.VolumeID); + if (volDevPath.length() > 0) + { + favorite.Path = volDevPath; + favorite.DisconnectedDevice = false; + } + else + continue; + } + else if (!favorite.VolumePathId.empty()) + { + if (IsMountedVolume (favorite.Path.c_str())) + continue; + + wchar_t volDevPath[TC_MAX_PATH]; + if (QueryDosDevice (favorite.VolumePathId.substr (4, favorite.VolumePathId.size() - 5).c_str(), volDevPath, TC_MAX_PATH) == 0) + continue; + + favorite.DisconnectedDevice = false; + } + else if (favorite.Path.find (L"\\\\?\\Volume{") == 0) + { + wstring resolvedPath = VolumeGuidPathToDevicePath (favorite.Path); + if (resolvedPath.empty()) + continue; + + favorite.DisconnectedDevice = false; + favorite.VolumePathId = favorite.Path; + favorite.Path = resolvedPath; + } + + if (IsMountedVolume (favorite.Path.c_str())) + continue; + + if (!IsVolumeDeviceHosted (favorite.Path.c_str())) + { + if (!FileExists (favorite.Path.c_str())) + continue; + } + else if (favorite.VolumePathId.empty()) + continue; + + bool mountedAndNotDisconnected = false; + foreach (FavoriteVolume mountedFavorite, FavoritesMountedOnArrivalStillConnected) + { + if (favorite.Path == mountedFavorite.Path) + { + mountedAndNotDisconnected = true; + break; + } + } + + if (!mountedAndNotDisconnected) + { + FavoriteMountOnArrivalInProgress = TRUE; + MountFavoriteVolumes (hwndDlg, FALSE, FALSE, FALSE, favorite); + FavoriteMountOnArrivalInProgress = FALSE; + + FavoritesMountedOnArrivalStillConnected.push_back (favorite); + } + } + + bool deleted; + for (list ::iterator favorite = FavoritesMountedOnArrivalStillConnected.begin(); + favorite != FavoritesMountedOnArrivalStillConnected.end(); + deleted ? favorite : ++favorite) + { + deleted = false; + + if (IsMountedVolume (favorite->Path.c_str())) + continue; + + if (!IsVolumeDeviceHosted (favorite->Path.c_str())) + { + if (FileExists (favorite->Path.c_str())) + continue; + } + + wchar_t volDevPath[TC_MAX_PATH]; + if (favorite->VolumePathId.size() > 5 + && QueryDosDevice (favorite->VolumePathId.substr (4, favorite->VolumePathId.size() - 5).c_str(), volDevPath, TC_MAX_PATH) != 0) + { + continue; + } + + // set DisconnectedDevice field on FavoritesOnArrivalMountRequired element + foreach (FavoriteVolume onArrivalFavorite, FavoritesOnArrivalMountRequired) + { + if (onArrivalFavorite.Path == favorite->Path) + { + onArrivalFavorite.DisconnectedDevice = true; + break; + } + } + + favorite = FavoritesMountedOnArrivalStillConnected.erase (favorite); + deleted = true; + } + + reentry = false; + } + } + + // Exit background process in non-install mode or if no volume mounted + // and no other instance active + if (LastKnownMountList.ulMountedDrives == 0 + && MainWindowHidden +#ifndef _DEBUG + && (bCloseBkgTaskWhenNoVolumes || IsNonInstallMode ()) + && !SysEncDeviceActive (TRUE) +#endif + && GetDriverRefCount () < 2) + { + TaskBarIconRemove (hwndDlg); + UnregisterWtsNotification(hwndDlg); + EndMainDlg (hwndDlg); + } + } + return 1; + + case TC_APPMSG_TASKBAR_ICON: + { + switch (lParam) + { + case WM_LBUTTONDOWN: + SetForegroundWindow (hwndDlg); + MainWindowHidden = FALSE; + ShowWindow (hwndDlg, SW_SHOW); + ShowWindow (hwndDlg, SW_RESTORE); + return 1; + + case WM_RBUTTONUP: + { + POINT pos; + HMENU popup = CreatePopupMenu (); + int sel, i, n; + + if (MainWindowHidden) + { + AppendMenuW (popup, MF_STRING, IDM_SHOW_HIDE, GetString ("SHOW_TC")); + AppendMenu (popup, MF_SEPARATOR, 0, L""); + } + else if (bEnableBkgTask + && (!(LastKnownMountList.ulMountedDrives == 0 + && (bCloseBkgTaskWhenNoVolumes || IsNonInstallMode ()) + && !SysEncDeviceActive (TRUE) + && GetDriverRefCount () < 2))) + { + AppendMenuW (popup, MF_STRING, IDM_SHOW_HIDE, GetString ("HIDE_TC")); + AppendMenu (popup, MF_SEPARATOR, 0, L""); + } + AppendMenuW (popup, MF_STRING, IDM_MOUNTALL, GetString ("IDC_MOUNTALL")); + AppendMenuW (popup, MF_STRING, IDM_MOUNT_FAVORITE_VOLUMES, GetString ("IDM_MOUNT_FAVORITE_VOLUMES")); + AppendMenuW (popup, MF_STRING, IDM_UNMOUNTALL, GetString ("IDC_UNMOUNTALL")); + AppendMenu (popup, MF_SEPARATOR, 0, L""); + + for (n = 0; n < 2; n++) + { + for (i = 0; i < 26; i++) + { + if (LastKnownMountList.ulMountedDrives & (1 << i)) + { + wchar_t s[1024]; + wchar_t *vol = (wchar_t *) LastKnownMountList.wszVolume[i]; + + if (wcsstr (vol, L"\\??\\")) vol += 4; + + // first check label used for mounting. If empty, look for it in favorites. + bool useInExplorer = false; + wstring label = (wchar_t *) LastKnownMountList.wszLabel[i]; + if (label.empty()) + label = GetFavoriteVolumeLabel (vol, useInExplorer); + + StringCbPrintfW (s, sizeof(s), L"%s %c: (%s)", + GetString (n==0 ? "OPEN" : "DISMOUNT"), + i + L'A', + label.empty() ? vol : label.c_str()); + AppendMenuW (popup, MF_STRING, n*26 + TRAYICON_MENU_DRIVE_OFFSET + i, s); + } + } + if (LastKnownMountList.ulMountedDrives != 0) + AppendMenu (popup, MF_SEPARATOR, 0, L""); + } + + AppendMenuW (popup, MF_STRING, IDM_HELP, GetString ("MENU_HELP")); + AppendMenuW (popup, MF_STRING, IDM_HOMEPAGE_SYSTRAY, GetString ("HOMEPAGE")); + AppendMenuW (popup, MF_STRING, IDM_PREFERENCES, GetString ("IDM_PREFERENCES")); + AppendMenuW (popup, MF_STRING, IDM_ABOUT, GetString ("IDM_ABOUT")); + AppendMenu (popup, MF_SEPARATOR, 0, L""); + AppendMenuW (popup, MF_STRING, IDCANCEL, GetString ("EXIT")); + + GetCursorPos (&pos); + + SetForegroundWindow(hwndDlg); + + sel = TrackPopupMenu (popup, + TPM_RETURNCMD | TPM_LEFTALIGN | TPM_BOTTOMALIGN | TPM_RIGHTBUTTON, + pos.x, + pos.y, + 0, + hwndDlg, + NULL); + + if (sel >= TRAYICON_MENU_DRIVE_OFFSET && sel < TRAYICON_MENU_DRIVE_OFFSET + 26) + { + OpenVolumeExplorerWindow (sel - TRAYICON_MENU_DRIVE_OFFSET); + } + else if (sel >= TRAYICON_MENU_DRIVE_OFFSET + 26 && sel < TRAYICON_MENU_DRIVE_OFFSET + 26*2) + { + if (CheckMountList (hwndDlg, FALSE)) + { + if (Dismount (hwndDlg, sel - TRAYICON_MENU_DRIVE_OFFSET - 26)) + { + wchar_t txt [2048]; + StringCbPrintfW (txt, sizeof(txt), GetString ("VOLUME_MOUNTED_AS_DRIVE_LETTER_X_DISMOUNTED"), sel - TRAYICON_MENU_DRIVE_OFFSET - 26 + L'A'); + + InfoBalloonDirect (GetString ("SUCCESSFULLY_DISMOUNTED"), txt, hwndDlg); + } + } + } + else if (sel == IDM_SHOW_HIDE) + { + ChangeMainWindowVisibility (); + } + else if (sel == IDM_HOMEPAGE_SYSTRAY) + { + Applink ("home", TRUE, ""); + } + else if (sel == IDCANCEL) + { + if ((LastKnownMountList.ulMountedDrives == 0 + && !SysEncDeviceActive (TRUE)) + || AskWarnNoYes ("CONFIRM_EXIT", hwndDlg) == IDYES) + { + // Close all other TC windows + EnumWindows (CloseTCWindowsEnum, 0); + + TaskBarIconRemove (hwndDlg); + UnregisterWtsNotification(hwndDlg); + SendMessage (hwndDlg, WM_COMMAND, sel, 0); + } + } + else + { + SendMessage (hwndDlg, WM_COMMAND, sel, 0); + } + + PostMessage(hwndDlg, WM_NULL, 0, 0); + DestroyMenu (popup); + } + return 1; + } + } + + return 0; + + case TC_APPMSG_CLOSE_BKG_TASK: + if (TaskBarIconMutex != NULL) + TaskBarIconRemove (hwndDlg); + UnregisterWtsNotification(hwndDlg); + + return 1; + + case TC_APPMSG_SYSENC_CONFIG_UPDATE: + LoadSysEncSettings (); + + // The wizard added VeraCrypt.exe to the system startup sequence or performed other operations that + // require us to update our cached settings. + LoadSettings (hwndDlg); + + return 1; + + case WM_DEVICECHANGE: + if (!IgnoreWmDeviceChange && wParam != DBT_DEVICEARRIVAL) + { + // Check if any host device has been removed and force dismount of volumes accordingly + PDEV_BROADCAST_HDR hdr = (PDEV_BROADCAST_HDR) lParam; + int m; + + GetMountList (&LastKnownMountList); + + if (wParam == DBT_DEVICEREMOVECOMPLETE && hdr->dbch_devicetype == DBT_DEVTYP_VOLUME) + { + // File-hosted volumes + PDEV_BROADCAST_VOLUME vol = (PDEV_BROADCAST_VOLUME) lParam; + int i; + + for (i = 0; i < 26; i++) + { + if ((vol->dbcv_unitmask & (1 << i)) && !(GetUsedLogicalDrives() & (1 << i))) + { + for (m = 0; m < 26; m++) + { + if (LastKnownMountList.ulMountedDrives & (1 << m)) + { + wchar_t *vol = (wchar_t *) LastKnownMountList.wszVolume[m]; + + if (wcsstr (vol, L"\\??\\") == vol) + vol += 4; + + if (vol[1] == L':' && i == (vol[0] - (vol[0] <= L'Z' ? L'A' : L'a'))) + { + UnmountVolume (hwndDlg, m, TRUE); + WarningBalloon ("HOST_DEVICE_REMOVAL_DISMOUNT_WARN_TITLE", "HOST_DEVICE_REMOVAL_DISMOUNT_WARN", hwndDlg); + } + } + } + } + } + } + + // Device-hosted volumes + for (m = 0; m < 26; m++) + { + if (LastKnownMountList.ulMountedDrives & (1 << m)) + { + wchar_t *vol = (wchar_t *) LastKnownMountList.wszVolume[m]; + + if (wcsstr (vol, L"\\??\\") == vol) + vol += 4; + + if (IsVolumeDeviceHosted (vol)) + { + OPEN_TEST_STRUCT ots = {0}; + + if (!OpenDevice (vol, &ots, FALSE, FALSE, NULL)) + { + UnmountVolume (hwndDlg, m, TRUE); + WarningBalloon ("HOST_DEVICE_REMOVAL_DISMOUNT_WARN_TITLE", "HOST_DEVICE_REMOVAL_DISMOUNT_WARN", hwndDlg); + } + } + } + } + + // Favorite volumes + UpdateDeviceHostedFavoriteVolumes(); + + return 1; + } + return 0; + + case WM_NOTIFY: + + if(wParam == IDC_DRIVELIST) + { + if (((LPNMHDR) lParam)->code == NM_CUSTOMDRAW) + { + int width = ListView_GetColumnWidth (GetDlgItem (hwndDlg, IDC_DRIVELIST), 1); + if (width != LastDriveListVolumeColumnWidth) + { + LastDriveListVolumeColumnWidth = width; + LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), 0); + } + return 0; + } + + /* Single click within drive list */ + if (((LPNMHDR) lParam)->code == LVN_ITEMCHANGED && (((LPNMLISTVIEW) lParam)->uNewState & LVIS_FOCUSED )) + { + nSelectedDriveIndex = ((LPNMLISTVIEW) lParam)->iItem; + EnableDisableButtons (hwndDlg); + return 1; + } + + /* Double click within drive list */ + if (((LPNMHDR) lParam)->code == LVN_ITEMACTIVATE) + { + LPARAM state = GetItemLong (GetDlgItem (hwndDlg, IDC_DRIVELIST), ((LPNMITEMACTIVATE)lParam)->iItem ); + nSelectedDriveIndex = ((LPNMITEMACTIVATE)lParam)->iItem; + if (LOWORD(state) == TC_MLIST_ITEM_NONSYS_VOL || LOWORD(state) == TC_MLIST_ITEM_SYS_PARTITION) + { + // Open explorer window for mounted volume + WaitCursor (); + OpenVolumeExplorerWindow (HIWORD(state) - L'A'); + NormalCursor (); + } + else if (LOWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) == TC_MLIST_ITEM_FREE) + { + mountOptions = defaultMountOptions; + bPrebootPasswordDlgMode = FALSE; + + if (GetAsyncKeyState (VK_CONTROL) < 0) + { + /* Priority is given to command line parameters + * Default values used only when nothing specified in command line + */ + if (CmdVolumePkcs5 == 0) + mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5; + else + mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5; + mountOptions.ProtectedHidVolPim = CmdVolumePim; + + if (IDCANCEL == DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg, + (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions)) + return 1; + + if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles) + { + wchar_t selectedVolume [TC_MAX_PATH + 1]; + GetVolumePath (hwndDlg, selectedVolume, ARRAYSIZE (selectedVolume)); + KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, selectedVolume); + } + } + + if (CheckMountList (hwndDlg, FALSE)) + _beginthread(mountThreadFunction, 0, hwndDlg); + } + return 1; + } + + /* Right click and drag&drop operations */ + + switch (((NM_LISTVIEW *) lParam)->hdr.code) + { + case NM_RCLICK: + case LVN_BEGINRDRAG: + /* If the mouse was moving while the right mouse button is pressed, popup menu would + not open, because drag&drop operation would be initiated. Therefore, we're handling + RMB drag-and-drop operations as well. */ + { + + DisplayDriveListContextMenu (hwndDlg, lParam); + + return 1; + } + } + } + return 0; + + case WM_ERASEBKGND: + return 0; + + case WM_COMMAND: + + if (lw == IDCANCEL || lw == IDC_EXIT) + { + EndMainDlg (hwndDlg); + return 1; + } + + if (lw == IDHELP || lw == IDM_HELP) + { + OpenPageHelp (hwndDlg, 0); + return 1; + } + + if (lw == IDM_ABOUT || lw == IDC_LOGO) + { + DialogBoxW (hInst, MAKEINTRESOURCEW (IDD_ABOUT_DLG), hwndDlg, (DLGPROC) AboutDlgProc); + return 1; + } + + if (lw == IDOK && LOWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) == TC_MLIST_ITEM_NONSYS_VOL + || lw == IDM_UNMOUNT_VOLUME) + { + if (lw == IDM_UNMOUNT_VOLUME && LOWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) != TC_MLIST_ITEM_NONSYS_VOL) + { + Warning ("SELECT_A_MOUNTED_VOLUME", hwndDlg); + return 1; + } + + if (CheckMountList (hwndDlg, FALSE)) + Dismount (hwndDlg, -2); + return 1; + } + + if ((lw == IDOK || lw == IDM_MOUNT_VOLUME || lw == IDM_MOUNT_VOLUME_OPTIONS || lw == IDC_MOUNTALL || lw == IDM_MOUNTALL) + && LOWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) == 0xffff) + { + MessageBoxW (hwndDlg, GetString ("SELECT_FREE_DRIVE"), L"VeraCrypt", MB_ICONEXCLAMATION); + return 1; + } + + if ((lw == IDOK || lw == IDM_MOUNT_VOLUME || lw == IDM_MOUNT_VOLUME_OPTIONS)) + { + MountSelectedVolume (hwndDlg, lw == IDM_MOUNT_VOLUME_OPTIONS); + return 1; + } + + if (lw == IDC_UNMOUNTALL || lw == IDM_UNMOUNTALL) + { + if (DismountAll (hwndDlg, bForceUnmount, TRUE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY) + && lw == IDM_UNMOUNTALL) // If initiated via the systray menu + { + InfoBalloon ("SUCCESSFULLY_DISMOUNTED", "MOUNTED_VOLUMES_DISMOUNTED", hwndDlg); + } + + return 1; + } + + if (lw == IDC_MOUNTALL || lw == IDM_MOUNTALL) + { + // If Shift key is down and the password cache isn't empty, bypass password prompt + MountAllDevices (hwndDlg, !(GetAsyncKeyState (VK_SHIFT) < 0 && !IsPasswordCacheEmpty())); + return 1; + } + + if (lw == IDC_SELECT_FILE || lw == IDM_SELECT_FILE) + { + SelectContainer (hwndDlg); + return 1; + } + + if (lw == IDC_SELECT_DEVICE || lw == IDM_SELECT_DEVICE) + { + SelectPartition (hwndDlg); + return 1; + } + + // System Encryption menu + switch (lw) + { + case IDM_ENCRYPT_SYSTEM_DEVICE: + EncryptSystemDevice (hwndDlg); + break; + case IDM_PERMANENTLY_DECRYPT_SYS: + DecryptSystemDevice (hwndDlg); + break; + case IDM_CREATE_HIDDEN_OS: + CreateHiddenOS (hwndDlg); + break; + case IDM_SYSENC_RESUME: + ResumeInterruptedSysEncProcess (hwndDlg); + break; + case IDM_SYSTEM_ENCRYPTION_STATUS: + ShowSystemEncryptionStatus (hwndDlg); + break; + case IDM_CHANGE_SYS_PASSWORD: + ChangeSysEncPassword (hwndDlg, FALSE); + break; + case IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO: + ChangeSysEncPassword (hwndDlg, TRUE); + break; + case IDM_CREATE_RESCUE_DISK: + CreateRescueDisk (hwndDlg); + break; + case IDM_VERIFY_RESCUE_DISK: + VerifyRescueDisk (hwndDlg, false); + break; + case IDM_VERIFY_RESCUE_DISK_ISO: + VerifyRescueDisk (hwndDlg, true); + break; + case IDM_MOUNT_SYSENC_PART_WITHOUT_PBA: + + if (CheckSysEncMountWithoutPBA (hwndDlg, L"", FALSE)) + { + mountOptions = defaultMountOptions; + mountOptions.PartitionInInactiveSysEncScope = TRUE; + bPrebootPasswordDlgMode = TRUE; + + if (CheckMountList (hwndDlg, FALSE)) + _beginthread(mountThreadFunction, 0, hwndDlg); + } + break; + } + + if (lw == IDC_VOLUME_TOOLS) + { + /* Volume Tools popup menu */ + + int menuItem; + wchar_t volPath[TC_MAX_PATH]; /* Volume to mount */ + HMENU popup = CreatePopupMenu (); + RECT rect; + + if (ActiveSysEncDeviceSelected ()) + { + PopulateSysEncContextMenu (popup, TRUE); + } + else + { + AppendMenuW (popup, MF_STRING, IDM_CHANGE_PASSWORD, GetString ("IDM_CHANGE_PASSWORD")); + AppendMenuW (popup, MF_STRING, IDM_CHANGE_HEADER_KEY_DERIV_ALGO, GetString ("IDM_CHANGE_HEADER_KEY_DERIV_ALGO")); + AppendMenu (popup, MF_SEPARATOR, 0, L""); + AppendMenuW (popup, MF_STRING, IDM_ADD_REMOVE_VOL_KEYFILES, GetString ("IDM_ADD_REMOVE_VOL_KEYFILES")); + AppendMenuW (popup, MF_STRING, IDM_REMOVE_ALL_KEYFILES_FROM_VOL, GetString ("IDM_REMOVE_ALL_KEYFILES_FROM_VOL")); + AppendMenu (popup, MF_SEPARATOR, 0, L""); + AppendMenuW (popup, MF_STRING, IDM_DECRYPT_NONSYS_VOL, GetString ("IDM_DECRYPT_NONSYS_VOL")); + AppendMenu (popup, MF_SEPARATOR, 0, NULL); + AppendMenuW (popup, MF_STRING, IDM_BACKUP_VOL_HEADER, GetString ("IDM_BACKUP_VOL_HEADER")); + AppendMenuW (popup, MF_STRING, IDM_RESTORE_VOL_HEADER, GetString ("IDM_RESTORE_VOL_HEADER")); + } + + GetWindowRect (GetDlgItem (hwndDlg, IDC_VOLUME_TOOLS), &rect); + + menuItem = TrackPopupMenu (popup, + TPM_RETURNCMD | TPM_LEFTBUTTON, + rect.left + 2, + rect.top + 2, + 0, + hwndDlg, + NULL); + + DestroyMenu (popup); + + switch (menuItem) + { + case IDM_DECRYPT_NONSYS_VOL: + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + DecryptNonSysDevice (hwndDlg, TRUE, FALSE); + } + break; + + case IDM_CHANGE_PASSWORD: + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + pwdChangeDlgMode = PCDM_CHANGE_PASSWORD; + ChangePassword (hwndDlg); + } + break; + + case IDM_CHANGE_HEADER_KEY_DERIV_ALGO: + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + pwdChangeDlgMode = PCDM_CHANGE_PKCS5_PRF; + ChangePassword (hwndDlg); + } + break; + + case IDM_ADD_REMOVE_VOL_KEYFILES: + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + pwdChangeDlgMode = PCDM_ADD_REMOVE_VOL_KEYFILES; + ChangePassword (hwndDlg); + } + break; + + case IDM_REMOVE_ALL_KEYFILES_FROM_VOL: + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + pwdChangeDlgMode = PCDM_REMOVE_ALL_KEYFILES_FROM_VOL; + ChangePassword (hwndDlg); + } + break; + + case IDM_BACKUP_VOL_HEADER: + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + GetVolumePath (hwndDlg, volPath, ARRAYSIZE (volPath)); + + WaitCursor (); + + int iStatus = 0; + BackupHeaderThreadParam threadParam; + threadParam.bRequireConfirmation = TRUE; + threadParam.lpszVolume = volPath; + threadParam.cchVolume = ARRAYSIZE (volPath); + threadParam.iResult = &iStatus; + + ShowWaitDialog (hwndDlg, TRUE, BackupHeaderWaitThreadProc, &threadParam); + + NormalCursor (); + } + break; + + case IDM_RESTORE_VOL_HEADER: + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + GetVolumePath (hwndDlg, volPath, ARRAYSIZE (volPath)); + + WaitCursor (); + + int iStatus = 0; + RestoreHeaderThreadParam threadParam; + threadParam.lpszVolume = volPath; + threadParam.cchVolume = ARRAYSIZE (volPath); + threadParam.iResult = &iStatus; + + ShowWaitDialog(hwndDlg, TRUE, RestoreHeaderWaitThreadProc, &threadParam); + + NormalCursor (); + } + break; + + default: + SendMessage (MainDlg, WM_COMMAND, menuItem, NULL); + break; + } + return 1; + } + + if (lw == IDM_DECRYPT_NONSYS_VOL) + { + LPARAM selectedDrive = GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST)); + + if (LOWORD (selectedDrive) == TC_MLIST_ITEM_FREE && !VolumeSelected (MainDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + DecryptNonSysDevice (hwndDlg, TRUE, FALSE); + } + + return 1; + } + + if (lw == IDM_CHANGE_PASSWORD) + { + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + if (ActiveSysEncDeviceSelected ()) + { + ChangeSysEncPassword (hwndDlg, FALSE); + } + else + { + pwdChangeDlgMode = PCDM_CHANGE_PASSWORD; + ChangePassword (hwndDlg); + } + } + return 1; + } + + if (lw == IDM_CHANGE_HEADER_KEY_DERIV_ALGO) + { + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + if (ActiveSysEncDeviceSelected ()) + { + ChangeSysEncPassword (hwndDlg, TRUE); + } + else + { + pwdChangeDlgMode = PCDM_CHANGE_PKCS5_PRF; + ChangePassword (hwndDlg); + } + } + return 1; + } + + if (lw == IDC_WIPE_CACHE || lw == IDM_WIPE_CACHE) + { + WipeCache (hwndDlg, FALSE); + return 1; + } + + if (lw == IDM_CLEAR_HISTORY) + { + ClearHistory (GetDlgItem (hwndDlg, IDC_VOLUME)); + EnableDisableButtons (hwndDlg); + return 1; + } + + if (lw == IDC_CREATE_VOLUME || lw == IDM_CREATE_VOLUME || lw == IDM_VOLUME_WIZARD) + { + LaunchVolCreationWizard (hwndDlg, L""); + return 1; + } + + if (lw == IDM_VOLUME_EXPANDER) + { + LaunchVolExpander (hwndDlg); + return 1; + } + + if (lw == IDM_ADD_REMOVE_VOL_KEYFILES) + { + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + pwdChangeDlgMode = PCDM_ADD_REMOVE_VOL_KEYFILES; + ChangePassword (hwndDlg); + } + return 1; + } + + if (lw == IDM_REMOVE_ALL_KEYFILES_FROM_VOL) + { + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + pwdChangeDlgMode = PCDM_REMOVE_ALL_KEYFILES_FROM_VOL; + ChangePassword (hwndDlg); + } + return 1; + } + + if (lw == IDM_MANAGE_TOKEN_KEYFILES) + { + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_TOKEN_KEYFILES), hwndDlg, (DLGPROC) SecurityTokenKeyfileDlgProc, NULL); + return 1; + } + + if (lw == IDM_CLOSE_ALL_TOKEN_SESSIONS) + { + { + WaitCursor(); + finally_do ({ NormalCursor(); }); + + SecurityToken::CloseAllSessions(); + } + + InfoBalloon (NULL, "ALL_TOKEN_SESSIONS_CLOSED", hwndDlg); + + return 1; + } + + if (lw == IDM_KEYFILE_GENERATOR) + { + DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_KEYFILE_GENERATOR), hwndDlg, + (DLGPROC) KeyfileGeneratorDlgProc, (LPARAM) 0); + + return 1; + } + + if (lw == IDM_DONATE) + { + Applink ("donate", TRUE, ""); + return 1; + } + + if (lw == IDM_LICENSE) + { + TextInfoDialogBox (TC_TBXID_LEGAL_NOTICES); + return 1; + } + + if (lw == IDM_WEBSITE) + { + Applink ("website", TRUE, ""); + return 1; + } + else if (lw == IDM_HOMEPAGE) + { + Applink ("homepage", TRUE, ""); + return 1; + } + else if (lw == IDM_ONLINE_TUTORIAL) + { + Applink ("tutorial", TRUE, ""); + return 1; + } + else if (lw == IDM_ONLINE_HELP) + { + OpenOnlineHelp (); + return 1; + } + else if (lw == IDM_FAQ) + { + Applink ("faq", TRUE, ""); + return 1; + } + else if (lw == IDM_TC_DOWNLOADS) + { + Applink ("downloads", TRUE, ""); + return 1; + } + else if (lw == IDM_NEWS) + { + Applink ("news", TRUE, ""); + return 1; + } + else if (lw == IDM_VERSION_HISTORY) + { + Applink ("history", TRUE, ""); + return 1; + } + else if (lw == IDM_CONTACT) + { + Applink ("contact", FALSE, ""); + return 1; + } + + if (lw == IDM_PREFERENCES) + { + if (IDOK == DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_PREFERENCES_DLG), hwndDlg, + (DLGPROC) PreferencesDlgProc, (LPARAM) 0)) + { + if (bEnableBkgTask) + { + TaskBarIconAdd (hwndDlg); + RegisterWtsNotification(hwndDlg); + } + else + { + TaskBarIconRemove (hwndDlg); + UnregisterWtsNotification(hwndDlg); + if (MainWindowHidden) + EndMainDlg (hwndDlg); + } + } + return 1; + } + + if (lw == IDM_HOTKEY_SETTINGS) + { + DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_HOTKEYS_DLG), hwndDlg, + (DLGPROC) HotkeysDlgProc, (LPARAM) 0); + return 1; + } + + if (lw == IDM_PERFORMANCE_SETTINGS) + { + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_PERFORMANCE_SETTINGS), hwndDlg, (DLGPROC) PerformanceSettingsDlgProc, 0); + return 1; + } + + if (lw == IDM_DEFAULT_KEYFILES) + { + KeyfileDefaultsDlg (hwndDlg); + return 1; + } + + if (lw == IDM_DEFAULT_MOUNT_PARAMETERS) + { + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_DEFAULT_MOUNT_PARAMETERS), hwndDlg, (DLGPROC) DefaultMountParametersDlgProc, 0); + return 1; + } + + if (lw == IDM_ADD_VOLUME_TO_FAVORITES || lw == IDM_ADD_VOLUME_TO_SYSTEM_FAVORITES) + { + LPARAM selectedDrive = GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST)); + + wchar_t volPathLower[TC_MAX_PATH]; + + // volPathLower will contain the volume path (if any) from the input field below the drive list + GetVolumePath (hwndDlg, volPathLower, ARRAYSIZE (volPathLower)); + + if (LOWORD (selectedDrive) != TC_MLIST_ITEM_NONSYS_VOL + && !(VolumeSelected (hwndDlg) && IsMountedVolume (volPathLower))) + { + Warning ("SELECT_A_MOUNTED_VOLUME", hwndDlg); + + return 1; + } + + int driveNo; + + if (VolumeSelected (hwndDlg) + && IsMountedVolume (volPathLower)) + { + TranslateVolumeID (hwndDlg, volPathLower, ARRAYSIZE (volPathLower)); + + if (LOWORD (selectedDrive) != TC_MLIST_ITEM_NONSYS_VOL) + { + driveNo = GetMountedVolumeDriveNo (volPathLower); + } + else + { + /* We need to resolve selection ambiguity. Two different mounted volumes are currently + selected (one in the drive letter list and the other in the input field below the list). */ + + VOLUME_PROPERTIES_STRUCT prop; + DWORD dwResult; + + memset (&prop, 0, sizeof(prop)); + prop.driveNo = HIWORD (selectedDrive) - L'A'; + + if (!DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof (prop), &prop, sizeof (prop), &dwResult, NULL) || dwResult == 0) + { + Warning ("SELECT_A_MOUNTED_VOLUME", hwndDlg); + return 1; + } + + // volPathHigher will contain the volume path selected in the main drive list + wstring volPathHigher (prop.wszVolume); + + if (wcscmp (((wmemcmp (prop.wszVolume, L"\\??\\", 4) == 0) ? (wchar_t *) prop.wszVolume + 4 : prop.wszVolume), volPathLower) != 0) + { + // The path selected in the input field is different from the path to the volume selected + // in the drive lettter list. We have to resolve possible ambiguity. + + wchar_t *tmp[] = {L"", L"", L"", L"", L"", 0}; + const int maxVolPathLen = 80; + + if (volPathHigher.length () > maxVolPathLen) + { + volPathHigher = wstring (L"...") + volPathHigher.substr (volPathHigher.length () - maxVolPathLen, maxVolPathLen); + } + + wstring volPathLowerWStr (volPathLower); + + if (volPathLowerWStr.length () > maxVolPathLen) + { + volPathLowerWStr = wstring (L"...") + volPathLowerWStr.substr (volPathLowerWStr.length () - maxVolPathLen, maxVolPathLen); + } + + tmp[1] = GetString ("AMBIGUOUS_VOL_SELECTION"); + tmp[2] = (wchar_t *) volPathHigher.c_str(); + tmp[3] = (wchar_t *) volPathLowerWStr.c_str(); + tmp[4] = GetString ("IDCANCEL"); + + switch (AskMultiChoice ((void **) tmp, FALSE, hwndDlg)) + { + case 1: + driveNo = HIWORD (selectedDrive) - L'A'; + break; + + case 2: + driveNo = GetMountedVolumeDriveNo (volPathLower); + break; + + default: + return 1; + } + } + else + { + driveNo = HIWORD (selectedDrive) - L'A'; + } + } + } + else + { + driveNo = HIWORD (selectedDrive) - L'A'; + } + + AddMountedVolumeToFavorites (hwndDlg, driveNo, lw == IDM_ADD_VOLUME_TO_SYSTEM_FAVORITES); + + return 1; + } + + if (lw == IDM_ORGANIZE_FAVORITES || lw == IDM_ORGANIZE_SYSTEM_FAVORITES) + { + OrganizeFavoriteVolumes (hwndDlg, lw == IDM_ORGANIZE_SYSTEM_FAVORITES); + return 1; + } + + if (lw == IDM_TOKEN_PREFERENCES) + { + SecurityTokenPreferencesDialog (hwndDlg); + return 1; + } + + if (lw == IDM_SYSENC_SETTINGS || lw == IDM_SYS_ENC_SETTINGS) + { + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_SETTINGS), hwndDlg, (DLGPROC) BootLoaderPreferencesDlgProc, 0); + return 1; + } + + if (lw == IDM_SYS_FAVORITES_SETTINGS) + { + OrganizeFavoriteVolumes (hwndDlg, true); + return 1; + } + + if (lw == IDM_BENCHMARK) + { + Benchmark (hwndDlg); + return 1; + } + + if (lw == IDM_TRAVELER) + { + DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_TRAVELER_DLG), hwndDlg, + (DLGPROC) TravelerDlgProc, (LPARAM) 0); + return 1; + } + + if (lw == IDM_BACKUP_VOL_HEADER) + { + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + wchar_t volPath[TC_MAX_PATH]; /* Volume to mount */ + + GetVolumePath (hwndDlg, volPath, ARRAYSIZE (volPath)); + + WaitCursor (); + + int iStatus = 0; + BackupHeaderThreadParam threadParam; + threadParam.bRequireConfirmation = TRUE; + threadParam.lpszVolume = volPath; + threadParam.cchVolume = ARRAYSIZE (volPath); + threadParam.iResult = &iStatus; + + ShowWaitDialog (hwndDlg, TRUE, BackupHeaderWaitThreadProc, &threadParam); + + NormalCursor (); + } + return 1; + } + + if (lw == IDM_RESTORE_VOL_HEADER) + { + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else + { + wchar_t volPath[TC_MAX_PATH]; /* Volume to mount */ + + GetVolumePath (hwndDlg, volPath, ARRAYSIZE (volPath)); + + WaitCursor (); + + int iStatus = 0; + RestoreHeaderThreadParam threadParam; + threadParam.lpszVolume = volPath; + threadParam.cchVolume = ARRAYSIZE (volPath); + threadParam.iResult = &iStatus; + + ShowWaitDialog(hwndDlg, TRUE, RestoreHeaderWaitThreadProc, &threadParam); + + NormalCursor (); + } + return 1; + } + + if (lw == IDM_LANGUAGE) + { + BOOL p; + if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_LANGUAGE), hwndDlg, + (DLGPROC) LanguageDlgProc, (LPARAM) 0) == IDOK) + { + LoadLanguageFile (); + SaveSettings (hwndDlg); + + p = LocalizationActive; + LocalizationActive = TRUE; + InitMainDialog (hwndDlg); + InvalidateRect (hwndDlg, NULL, FALSE); + LocalizationActive = p; + DrawMenuBar (hwndDlg); + } + return 1; + } + + if (lw == IDM_TEST_VECTORS) + { + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_CIPHER_TEST_DLG), hwndDlg, (DLGPROC) CipherTestDialogProc, (LPARAM) 1); + return 1; + } + + if (lw == IDM_REFRESH_DRIVE_LETTERS) + { + DWORD driveMap = GetUsedLogicalDrives (); + + WaitCursor (); + + if (!(nCurrentOS == WIN_2000 && RemoteSession)) + { + BroadcastDeviceChange (DBT_DEVICEREMOVECOMPLETE, 0, ~driveMap); + Sleep (100); + BroadcastDeviceChange (DBT_DEVICEARRIVAL, 0, driveMap); + } + + LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), 0); + + if (nSelectedDriveIndex >= 0) + { + SelectItem (GetDlgItem (hwndDlg, IDC_DRIVELIST), + (wchar_t) HIWORD (GetItemLong (GetDlgItem (hwndDlg, IDC_DRIVELIST), nSelectedDriveIndex))); + } + + NormalCursor (); + return 1; + } + + if (lw == IDM_MOUNT_FAVORITE_VOLUMES) + { + _beginthread(mountFavoriteVolumeThreadFunction, 0, NULL); + return 1; + } + + if (lw == IDM_RESUME_INTERRUPTED_PROC) + { + // Ask the user to select encryption, decryption, or cancel + BOOL bDecrypt = FALSE; + char *tmpStr[] = {0, + "CHOOSE_ENCRYPT_OR_DECRYPT", + "ENCRYPT", + "DECRYPT", + "IDCANCEL", + 0}; + + switch (AskMultiChoice ((void **) tmpStr, FALSE, hwndDlg)) + { + case 1: + bDecrypt = FALSE; + break; + case 2: + bDecrypt = TRUE; + break; + default: + return 1; + } + ResumeInterruptedNonSysInplaceEncProcess (bDecrypt); + return 1; + } + + if (lw == IDC_VOLUME_PROPERTIES || lw == IDM_VOLUME_PROPERTIES) + { + DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_VOLUME_PROPERTIES), hwndDlg, + (DLGPROC) VolumePropertiesDlgProc, (LPARAM) 0); + return 1; + } + + if (lw == IDC_VOLUME && hw == CBN_EDITCHANGE) + { + EnableDisableButtons (hwndDlg); + return 1; + } + + if (lw == IDC_VOLUME && hw == CBN_SELCHANGE) + { + UpdateComboOrder (GetDlgItem (hwndDlg, IDC_VOLUME)); + MoveEditToCombo ((HWND) lParam, bHistory); + PostMessage (hwndDlg, TC_APPMSG_MOUNT_ENABLE_DISABLE_CONTROLS, 0, 0); + return 1; + } + + if (lw == IDC_NO_HISTORY) + { + if (!(bHistory = !IsButtonChecked (GetDlgItem (hwndDlg, IDC_NO_HISTORY)))) + ClearHistory (GetDlgItem (hwndDlg, IDC_VOLUME)); + + return 1; + } + + if (lw >= TC_FAVORITE_MENU_CMD_ID_OFFSET && lw < TC_FAVORITE_MENU_CMD_ID_OFFSET_END) + { + size_t favoriteIndex = lw - TC_FAVORITE_MENU_CMD_ID_OFFSET; + + if (favoriteIndex < FavoriteVolumes.size()) + { + if ((FavoriteVolumes[favoriteIndex].UseVolumeID && IsMountedVolumeID (FavoriteVolumes[favoriteIndex].VolumeID)) + || (!FavoriteVolumes[favoriteIndex].UseVolumeID && IsMountedVolume (FavoriteVolumes[favoriteIndex].Path.c_str())) + ) + { + std::wstring volName; + WaitCursor(); + if (FavoriteVolumes[favoriteIndex].UseVolumeID) + volName = FindDeviceByVolumeID (FavoriteVolumes[favoriteIndex].VolumeID); + else + volName = FavoriteVolumes[favoriteIndex].Path; + OpenVolumeExplorerWindow (GetMountedVolumeDriveNo ((wchar_t*) FavoriteVolumes[favoriteIndex].Path.c_str())); + NormalCursor(); + } + else + { + mountFavoriteVolumeThreadParam* pParam = (mountFavoriteVolumeThreadParam*) calloc(1, sizeof(mountFavoriteVolumeThreadParam)); + pParam->systemFavorites = FALSE; + pParam->logOnMount = FALSE; + pParam->hotKeyMount = FALSE; + pParam->favoriteVolumeToMount = &FavoriteVolumes[favoriteIndex]; + + _beginthread(mountFavoriteVolumeThreadFunction, 0, pParam); + } + } + + return 1; + } + + return 0; + + case WM_DROPFILES: + { + HDROP hdrop = (HDROP) wParam; + DragQueryFile (hdrop, 0, szFileName, ARRAYSIZE (szFileName)); + DragFinish (hdrop); + + AddComboItem (GetDlgItem (hwndDlg, IDC_VOLUME), szFileName, bHistory); + EnableDisableButtons (hwndDlg); + SetFocus (GetDlgItem (hwndDlg, IDC_DRIVELIST)); + } + return 1; + + case TC_APPMSG_MOUNT_ENABLE_DISABLE_CONTROLS: + EnableDisableButtons (hwndDlg); + return 1; + + case TC_APPMSG_MOUNT_SHOW_WINDOW: + MainWindowHidden = FALSE; + ShowWindow (hwndDlg, SW_SHOW); + ShowWindow (hwndDlg, SW_RESTORE); + return 1; + + case WM_COPYDATA: + { + PCOPYDATASTRUCT cd = (PCOPYDATASTRUCT)lParam; + if (memcmp (&cd->dwData, WM_COPY_SET_VOLUME_NAME, 4) == 0) + { + if (cd->cbData > 0) + { + ((wchar_t *) cd->lpData)[(cd->cbData / sizeof (wchar_t)) - 1] = 0; + AddComboItem (GetDlgItem (hwndDlg, IDC_VOLUME), (wchar_t *)cd->lpData, bHistory); + } + + EnableDisableButtons (hwndDlg); + SetFocus (GetDlgItem (hwndDlg, IDC_DRIVELIST)); + } + } + return 1; + + case WM_CLOSE: + EndMainDlg (hwndDlg); + return 1; + + case WM_INITMENUPOPUP: + { + // disable "Set Header Key Derivation Algorithm" entry in "Volumes" menu + // "Volumes" menu is the first (index 0) submenu of the main menu + if ((HMENU) wParam == GetSubMenu (GetMenu (hwndDlg), 0)) + { + if (ActiveSysEncDeviceSelected ()) + EnableMenuItem (GetMenu (hwndDlg), IDM_CHANGE_HEADER_KEY_DERIV_ALGO, MF_GRAYED); + else + EnableMenuItem (GetMenu (hwndDlg), IDM_CHANGE_HEADER_KEY_DERIV_ALGO, MF_ENABLED); + } + } + return 1; + + default: + // Recreate tray icon if Explorer restarted + if (taskBarCreatedMsg != 0 && uMsg == taskBarCreatedMsg && TaskBarIconMutex != NULL) + { + TaskBarIconRemove (hwndDlg); + TaskBarIconAdd (hwndDlg); + CheckMountList(hwndDlg, TRUE); + return 1; + } + } + + return 0; +} + +void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine) +{ + wchar_t **lpszCommandLineArgs = NULL; /* Array of command line arguments */ + int nNoCommandLineArgs; /* The number of arguments in the array */ + wchar_t tmpPath[MAX_PATH * 2]; + + /* Defaults */ + mountOptions.PreserveTimestamp = TRUE; + + if (_wcsicmp (lpszCommandLine, L"-Embedding") == 0) + { + ComServerMode = TRUE; + return; + } + + /* Extract command line arguments */ + NoCmdLineArgs = nNoCommandLineArgs = Win32CommandLine (&lpszCommandLineArgs); + + if (nNoCommandLineArgs > 0) + { + int i; + + for (i = 0; i < nNoCommandLineArgs; i++) + { + enum + { + OptionAuto, + OptionBeep, + OptionCache, + CommandDismount, + OptionExplore, + OptionForce, + CommandHelp, + OptionHistory, + OptionKeyfile, + OptionLetter, + OptionMountOption, + OptionPassword, + OptionQuit, + OptionSilent, + OptionTokenLib, + OptionTokenPin, + OptionVolume, + CommandWipeCache, + OptionPkcs5, + OptionTrueCryptMode, + OptionPim, + OptionTryEmptyPassword, + OptionNoWaitDlg, + }; + + argument args[]= + { + { OptionAuto, L"/auto", L"/a", FALSE }, + { OptionBeep, L"/beep", L"/b", FALSE }, + { OptionCache, L"/cache", L"/c", FALSE }, + { CommandDismount, L"/dismount", L"/d", FALSE }, + { OptionExplore, L"/explore", L"/e", FALSE }, + { OptionForce, L"/force", L"/f", FALSE }, + { OptionPkcs5, L"/hash", NULL , FALSE }, + { CommandHelp, L"/help", L"/?", FALSE }, + { OptionHistory, L"/history", L"/h", FALSE }, + { OptionKeyfile, L"/keyfile", L"/k", FALSE }, + { OptionLetter, L"/letter", L"/l", FALSE }, + { OptionMountOption, L"/mountoption", L"/m", FALSE }, + { OptionPassword, L"/password", L"/p", FALSE }, + { OptionPim, L"/pim", NULL, FALSE }, + { OptionQuit, L"/quit", L"/q", FALSE }, + { OptionSilent, L"/silent", L"/s", FALSE }, + { OptionTokenLib, L"/tokenlib", NULL, FALSE }, + { OptionTokenPin, L"/tokenpin", NULL, FALSE }, + { OptionTrueCryptMode, L"/truecrypt", L"/tc", FALSE }, + { OptionVolume, L"/volume", L"/v", FALSE }, + { CommandWipeCache, L"/wipecache", L"/w", FALSE }, + { OptionTryEmptyPassword, L"/tryemptypass", NULL, FALSE }, + { OptionNoWaitDlg, L"/nowaitdlg", NULL, FALSE }, + }; + + argumentspec as; + + as.args = args; + as.arg_cnt = sizeof(args)/ sizeof(args[0]); + + switch (GetArgumentID (&as, lpszCommandLineArgs[i])) + { + case OptionAuto: + { + wchar_t szTmp[32] = {0}; + bAuto = TRUE; + + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, + &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) + { + if (!_wcsicmp (szTmp, L"devices")) + bAutoMountDevices = TRUE; + else if (!_wcsicmp (szTmp, L"favorites")) + bAutoMountFavorites = TRUE; + else if (!_wcsicmp (szTmp, L"logon")) + LogOn = TRUE; + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + } + break; + + case OptionBeep: + bBeep = TRUE; + break; + + case OptionTryEmptyPassword: + { + wchar_t szTmp[16] = {0}; + bCmdTryEmptyPasswordWhenKeyfileUsed = TRUE; + bCmdTryEmptyPasswordWhenKeyfileUsedValid = TRUE; + + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, + szTmp, ARRAYSIZE (szTmp))) + { + if (!_wcsicmp(szTmp,L"n") || !_wcsicmp(szTmp,L"no")) + bCmdTryEmptyPasswordWhenKeyfileUsed = FALSE; + else if (!_wcsicmp(szTmp,L"y") || !_wcsicmp(szTmp,L"yes")) + bCmdTryEmptyPasswordWhenKeyfileUsed = TRUE; + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + } + break; + + case OptionNoWaitDlg: + { + wchar_t szTmp[16] = {0}; + bCmdHideWaitingDialog = TRUE; + bCmdHideWaitingDialogValid = TRUE; + + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, + szTmp, ARRAYSIZE (szTmp))) + { + if (!_wcsicmp(szTmp,L"n") || !_wcsicmp(szTmp,L"no")) + bCmdHideWaitingDialog = FALSE; + else if (!_wcsicmp(szTmp,L"y") || !_wcsicmp(szTmp,L"yes")) + bCmdHideWaitingDialog = TRUE; + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + } + break; + + case OptionCache: + { + wchar_t szTmp[16] = {0}; + bCacheInDriver = TRUE; + bIncludePimInCache = FALSE; + + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, + szTmp, ARRAYSIZE (szTmp))) + { + if (!_wcsicmp(szTmp,L"n") || !_wcsicmp(szTmp,L"no")) + bCacheInDriver = FALSE; + else if (!_wcsicmp(szTmp,L"y") || !_wcsicmp(szTmp,L"yes")) + bCacheInDriver = TRUE; + else if (!_wcsicmp(szTmp,L"p") || !_wcsicmp(szTmp,L"pim")) + { + bCacheInDriver = TRUE; + bIncludePimInCache = TRUE; + } + else if (!_wcsicmp(szTmp,L"f") || !_wcsicmp(szTmp,L"favorites")) + { + bCacheInDriver = FALSE; + bCmdCacheDuringMultipleMount = TRUE; + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + } + break; + + case CommandDismount: + + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, + szDriveLetter, ARRAYSIZE (szDriveLetter))) + { + if ( (wcslen(szDriveLetter) == 1) + || (wcslen(szDriveLetter) == 2 && szDriveLetter[1] == L':') + ) + { + cmdUnmountDrive = towupper(szDriveLetter[0]) - L'A'; + if ((cmdUnmountDrive < 0) || (cmdUnmountDrive > (L'Z' - L'A'))) + AbortProcess ("BAD_DRIVE_LETTER"); + } + else + AbortProcess ("BAD_DRIVE_LETTER"); + + } + else + cmdUnmountDrive = -1; + + break; + + case OptionExplore: + bExplore = TRUE; + break; + + case OptionForce: + bForceMount = TRUE; + bForceUnmount = TRUE; + break; + + case OptionKeyfile: + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, + nNoCommandLineArgs, tmpPath, ARRAYSIZE (tmpPath))) + { + KeyFile *kf; + RelativePath2Absolute (tmpPath); + kf = (KeyFile *) malloc (sizeof (KeyFile)); + if (kf) + { + StringCchCopyW (kf->FileName, ARRAYSIZE(kf->FileName), tmpPath); + FirstCmdKeyFile = KeyFileAdd (FirstCmdKeyFile, kf); + } + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + + break; + + case OptionLetter: + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, + szDriveLetter, ARRAYSIZE (szDriveLetter))) + { + if ( (wcslen(szDriveLetter) == 1) + || (wcslen(szDriveLetter) == 2 && szDriveLetter[1] == L':') + ) + { + commandLineDrive = *szDriveLetter = (wchar_t) towupper (*szDriveLetter); + + if (commandLineDrive < L'A' || commandLineDrive > L'Z') + AbortProcess ("BAD_DRIVE_LETTER"); + } + else + AbortProcess ("BAD_DRIVE_LETTER"); + } + else + AbortProcess ("BAD_DRIVE_LETTER"); + + break; + + case OptionHistory: + { + wchar_t szTmp[8] = {0}; + bHistory = bHistoryCmdLine = TRUE; + + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, + szTmp, ARRAYSIZE (szTmp))) + { + if (!_wcsicmp(szTmp,L"n") || !_wcsicmp(szTmp,L"no")) + bHistory = FALSE; + else if (!_wcsicmp(szTmp,L"y") || !_wcsicmp(szTmp,L"yes")) + bHistory = TRUE; + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + } + break; + + case OptionMountOption: + { + wchar_t szTmp[64] = {0}; + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, + &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) + { + if (!_wcsicmp (szTmp, L"ro") || !_wcsicmp (szTmp, L"readonly")) + mountOptions.ReadOnly = TRUE; + + else if (!_wcsicmp (szTmp, L"rm") || !_wcsicmp (szTmp, L"removable")) + mountOptions.Removable = TRUE; + + else if (!_wcsicmp (szTmp, L"ts") || !_wcsicmp (szTmp, L"timestamp")) + mountOptions.PreserveTimestamp = FALSE; + + else if (!_wcsicmp (szTmp, L"sm") || !_wcsicmp (szTmp, L"system")) + mountOptions.PartitionInInactiveSysEncScope = bPrebootPasswordDlgMode = TRUE; + + else if (!_wcsicmp (szTmp, L"bk") || !_wcsicmp (szTmp, L"headerbak")) + mountOptions.UseBackupHeader = TRUE; + + else if (!_wcsicmp (szTmp, L"recovery")) + mountOptions.RecoveryMode = TRUE; + else if ((wcslen(szTmp) > 6) && (wcslen(szTmp) <= 38) && !_wcsnicmp (szTmp, L"label=", 6)) + { + // get the label + StringCbCopyW (mountOptions.Label, sizeof (mountOptions.Label), &szTmp[6]); + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + + CmdMountOptions = mountOptions; + CmdMountOptionsValid = TRUE; + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + break; + + case OptionPassword: + { + wchar_t szTmp[MAX_PASSWORD + 1]; + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, + szTmp, ARRAYSIZE (szTmp))) + { + int iLen = WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, (char*) CmdVolumePassword.Text, MAX_PASSWORD + 1, NULL, NULL); + burn (szTmp, sizeof (szTmp)); + if (iLen > 0) + { + CmdVolumePassword.Length = (unsigned __int32) (iLen - 1); + CmdVolumePasswordValid = TRUE; + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + break; + + case OptionVolume: + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, + nNoCommandLineArgs, szFileName, ARRAYSIZE (szFileName))) + { + RelativePath2Absolute (szFileName); + AddComboItem (GetDlgItem (hwndDlg, IDC_VOLUME), szFileName, bHistory); + CmdLineVolumeSpecified = TRUE; + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + break; + + case OptionQuit: + { + wchar_t szTmp[32] = {0}; + + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, + &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) + { + if (!_wcsicmp (szTmp, L"UAC")) // Used to indicate non-install elevation + break; + + else if (!_wcsicmp (szTmp, L"preferences")) + { + Quit = TRUE; + UsePreferences = TRUE; + break; + } + + else if (!_wcsicmp (szTmp, L"background")) + bEnableBkgTask = TRUE; + + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + + Quit = TRUE; + UsePreferences = FALSE; + } + break; + + case OptionSilent: + Silent = TRUE; + break; + + case OptionTokenLib: + if (GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, SecurityTokenLibraryPath, ARRAYSIZE (SecurityTokenLibraryPath)) == HAS_ARGUMENT) + InitSecurityTokenLibrary(hwndDlg); + else + AbortProcess ("COMMAND_LINE_ERROR"); + + break; + + case OptionTokenPin: + { + wchar_t szTmp[SecurityToken::MaxPasswordLength + 1] = {0}; + if (GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp)) == HAS_ARGUMENT) + { + if (0 == WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, CmdTokenPin, array_capacity (CmdTokenPin), nullptr, nullptr)) + AbortProcess ("COMMAND_LINE_ERROR"); + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + + break; + + case CommandWipeCache: + bWipe = TRUE; + break; + + case CommandHelp: + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_COMMANDHELP_DLG), hwndDlg, (DLGPROC) + CommandHelpDlgProc, (LPARAM) &as); + exit(0); + break; + + case OptionPkcs5: + { + wchar_t szTmp[32] = {0}; + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, + &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) + { + if (_wcsicmp(szTmp, L"sha512") == 0 || _wcsicmp(szTmp, L"sha-512") == 0) + CmdVolumePkcs5 = SHA512; + else if (_wcsicmp(szTmp, L"whirlpool") == 0) + CmdVolumePkcs5 = WHIRLPOOL; + else if (_wcsicmp(szTmp, L"sha256") == 0 || _wcsicmp(szTmp, L"sha-256") == 0) + CmdVolumePkcs5 = SHA256; + else if (_wcsicmp(szTmp, L"ripemd160") == 0 || _wcsicmp(szTmp, L"ripemd-160") == 0) + CmdVolumePkcs5 = RIPEMD160; + else + { + CmdVolumePkcs5 = 0; + AbortProcess ("COMMAND_LINE_ERROR"); + } + + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + break; + + case OptionPim: + { + wchar_t szTmp[32] = {0}; + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, + &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) + { + wchar_t* endPtr = NULL; + CmdVolumePim = (int) wcstol(szTmp, &endPtr, 0); + if (CmdVolumePim < 0 || CmdVolumePim > MAX_PIM_VALUE || endPtr == szTmp || *endPtr != L'\0') + { + CmdVolumePim = 0; + AbortProcess ("COMMAND_LINE_ERROR"); + } + + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + break; + + case OptionTrueCryptMode: + CmdVolumeTrueCryptMode = TRUE; + break; + + // no option = file name if there is only one argument + default: + { + if (nNoCommandLineArgs == 1) + { + StringCbCopyW (szFileName, array_capacity (szFileName), lpszCommandLineArgs[i]); + RelativePath2Absolute (szFileName); + + CmdLineVolumeSpecified = TRUE; + AddComboItem (GetDlgItem (hwndDlg, IDC_VOLUME), szFileName, bHistory); + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + } + } + } + + /* Free up the command line arguments */ + while (--nNoCommandLineArgs >= 0) + { + free (lpszCommandLineArgs[nNoCommandLineArgs]); + } + + if (lpszCommandLineArgs) + free (lpszCommandLineArgs); +} + + +static SERVICE_STATUS SystemFavoritesServiceStatus; +static SERVICE_STATUS_HANDLE SystemFavoritesServiceStatusHandle; + +static void SystemFavoritesServiceLogMessage (const wstring &errorMessage, WORD wType) +{ + HANDLE eventSource = RegisterEventSource (NULL, TC_SYSTEM_FAVORITES_SERVICE_NAME); + + if (eventSource) + { + LPCTSTR strings[] = { TC_SYSTEM_FAVORITES_SERVICE_NAME, errorMessage.c_str() }; + ReportEvent (eventSource, wType, 0, 0xC0000000 + wType, NULL, array_capacity (strings), 0, strings, NULL); + + DeregisterEventSource (eventSource); + } +} + +static void SystemFavoritesServiceLogError (const wstring &errorMessage) +{ + SystemFavoritesServiceLogMessage (errorMessage, EVENTLOG_ERROR_TYPE); +} + +static void SystemFavoritesServiceLogWarning (const wstring &warningMessage) +{ + SystemFavoritesServiceLogMessage (warningMessage, EVENTLOG_WARNING_TYPE); +} + +static void SystemFavoritesServiceLogInfo (const wstring &infoMessage) +{ + SystemFavoritesServiceLogMessage (infoMessage, EVENTLOG_INFORMATION_TYPE); +} + + +static void SystemFavoritesServiceSetStatus (DWORD status, DWORD waitHint = 0) +{ + SystemFavoritesServiceStatus.dwCurrentState = status; + SystemFavoritesServiceStatus.dwWaitHint = waitHint; + SystemFavoritesServiceStatus.dwWin32ExitCode = NO_ERROR; + + SetServiceStatus (SystemFavoritesServiceStatusHandle, &SystemFavoritesServiceStatus); +} + + +static VOID WINAPI SystemFavoritesServiceCtrlHandler (DWORD control) +{ + if (control == SERVICE_CONTROL_STOP) + SystemFavoritesServiceSetStatus (SERVICE_STOP_PENDING); + else + SystemFavoritesServiceSetStatus (SystemFavoritesServiceStatus.dwCurrentState); +} + + +static VOID WINAPI SystemFavoritesServiceMain (DWORD argc, LPTSTR *argv) +{ + BOOL status = FALSE; + memset (&SystemFavoritesServiceStatus, 0, sizeof (SystemFavoritesServiceStatus)); + SystemFavoritesServiceStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS; + + SystemFavoritesServiceStatusHandle = RegisterServiceCtrlHandler (TC_SYSTEM_FAVORITES_SERVICE_NAME, SystemFavoritesServiceCtrlHandler); + if (!SystemFavoritesServiceStatusHandle) + return; + + SystemFavoritesServiceSetStatus (SERVICE_START_PENDING, 120000); + + SystemFavoritesServiceLogInfo (wstring (L"Starting System Favorites mounting process")); + + try + { + status = MountFavoriteVolumes (NULL, TRUE); + } + catch (...) { } + + if (status) + { + SystemFavoritesServiceLogInfo (wstring (L"System Favorites mounting process finished")); + } + else + { + SystemFavoritesServiceLogError (wstring (L"System Favorites mounting process failed.")); + } + + SystemFavoritesServiceSetStatus (SERVICE_RUNNING); + SystemFavoritesServiceSetStatus (SERVICE_STOPPED); +} + + +static BOOL StartSystemFavoritesService () +{ + ServiceMode = TRUE; + Silent = TRUE; + DeviceChangeBroadcastDisabled = TRUE; + bShowDisconnectedNetworkDrives = TRUE; + bHideWaitingDialog = TRUE; + + InitOSVersionInfo(); + + if (DriverAttach() != ERR_SUCCESS) + return FALSE; + + SERVICE_TABLE_ENTRY serviceTable[2]; + serviceTable[0].lpServiceName = TC_SYSTEM_FAVORITES_SERVICE_NAME; + serviceTable[0].lpServiceProc = SystemFavoritesServiceMain; + + serviceTable[1].lpServiceName = NULL; + serviceTable[1].lpServiceProc = NULL; + + BOOL result = StartServiceCtrlDispatcher (serviceTable); + + if (!(ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD)) + WipeCache (NULL, TRUE); + + return result; +} + +#ifndef VCEXPANDER +int WINAPI wWinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, wchar_t *lpszCommandLine, int nCmdShow) +{ + int argc; + LPWSTR *argv = CommandLineToArgvW (GetCommandLineW(), &argc); + + if (argv && argc == 2 && wstring (TC_SYSTEM_FAVORITES_SERVICE_CMDLINE_OPTION) == argv[1]) + return StartSystemFavoritesService() ? 0 : 1; + + int status; + atexit (localcleanup); + SetProcessShutdownParameters (0x100, 0); + + VirtualLock (&VolumePassword, sizeof (VolumePassword)); + VirtualLock (&CmdVolumePassword, sizeof (CmdVolumePassword)); + VirtualLock (&mountOptions, sizeof (mountOptions)); + VirtualLock (&defaultMountOptions, sizeof (defaultMountOptions)); + VirtualLock (&szFileName, sizeof(szFileName)); + VirtualLock (&CmdTokenPin, sizeof (CmdTokenPin)); + + DetectX86Features (); + + try + { + BootEncObj = new BootEncryption (NULL); + } + catch (Exception &e) + { + e.Show (NULL); + } + + if (BootEncObj == NULL) + AbortProcess ("INIT_SYS_ENC"); + + InitApp (hInstance, lpszCommandLine); + + RegisterRedTick(hInstance); + + /* Allocate, dup, then store away the application title */ + lpszTitle = L"VeraCrypt"; + + status = DriverAttach (); + if (status != 0) + { + if (status == ERR_OS_ERROR) + handleWin32Error (NULL, SRC_POS); + else + handleError (NULL, status, SRC_POS); + + AbortProcess ("NODRIVER"); + } + + /* Create the main dialog box */ + DialogBoxParamW (hInstance, MAKEINTRESOURCEW (IDD_MOUNT_DLG), NULL, (DLGPROC) MainDialogProc, + (LPARAM) lpszCommandLine); + + FinalizeApp (); + /* Terminate */ + return 0; +} +#endif + + +BOOL TaskBarIconAdd (HWND hwnd) +{ + NOTIFYICONDATAW tnid; + + ZeroMemory (&tnid, sizeof (tnid)); + + // Only one icon may be created + if (TaskBarIconMutex != NULL) return TRUE; + + TaskBarIconMutex = CreateMutex (NULL, TRUE, L"VeraCryptTaskBarIcon"); + if (TaskBarIconMutex == NULL || GetLastError () == ERROR_ALREADY_EXISTS) + { + if (TaskBarIconMutex != NULL) + { + CloseHandle(TaskBarIconMutex); + TaskBarIconMutex = NULL; + } + return FALSE; + } + + tnid.cbSize = sizeof (NOTIFYICONDATAW); + tnid.hWnd = hwnd; + tnid.uID = IDI_TRUECRYPT_ICON; + tnid.uFlags = NIF_MESSAGE | NIF_ICON | NIF_TIP; + tnid.uCallbackMessage = TC_APPMSG_TASKBAR_ICON; + tnid.hIcon = (HICON) LoadImage (hInst, MAKEINTRESOURCE (IDI_TRUECRYPT_ICON), + IMAGE_ICON, + ScreenDPI >= 120 ? 0 : 16, + ScreenDPI >= 120 ? 0 : 16, + (ScreenDPI >= 120 ? LR_DEFAULTSIZE : 0) + | LR_SHARED + | (nCurrentOS != WIN_2000 ? LR_DEFAULTCOLOR : LR_VGACOLOR)); // Windows 2000 cannot display more than 16 fixed colors in notification tray + + StringCbCopyW (tnid.szTip, sizeof(tnid.szTip), L"VeraCrypt"); + + return Shell_NotifyIconW (NIM_ADD, &tnid); +} + + +BOOL TaskBarIconRemove (HWND hwnd) +{ + if (TaskBarIconMutex != NULL) + { + NOTIFYICONDATA tnid; + BOOL res; + + ZeroMemory (&tnid, sizeof (tnid)); + tnid.cbSize = sizeof(NOTIFYICONDATA); + tnid.hWnd = hwnd; + tnid.uID = IDI_TRUECRYPT_ICON; + + res = Shell_NotifyIcon (NIM_DELETE, &tnid); + if (TaskBarIconMutex) + { + CloseHandle (TaskBarIconMutex); + TaskBarIconMutex = NULL; + } + return res; + } + else + return FALSE; +} + + +BOOL TaskBarIconChange (HWND hwnd, int iconId) +{ + if (TaskBarIconMutex == NULL) + return FALSE; + + NOTIFYICONDATA tnid; + + ZeroMemory (&tnid, sizeof (tnid)); + + tnid.cbSize = sizeof (tnid); + tnid.hWnd = hwnd; + tnid.uID = IDI_TRUECRYPT_ICON; + tnid.uFlags = NIF_ICON; + tnid.hIcon = (HICON) LoadImage (hInst, MAKEINTRESOURCE (iconId), + IMAGE_ICON, + ScreenDPI >= 120 ? 0 : 16, + ScreenDPI >= 120 ? 0 : 16, + (ScreenDPI >= 120 ? LR_DEFAULTSIZE : 0) + | LR_SHARED + | (nCurrentOS != WIN_2000 ? LR_DEFAULTCOLOR : LR_VGACOLOR)); // Windows 2000 cannot display more than 16 fixed colors in notification tray + + return Shell_NotifyIcon (NIM_MODIFY, &tnid); +} + + +void DismountIdleVolumes () +{ + static DWORD lastMinTickCount; + static int InactivityTime[26]; + static unsigned __int64 LastRead[26], LastWritten[26]; + static int LastId[26]; + + VOLUME_PROPERTIES_STRUCT prop; + DWORD dwResult; + BOOL bResult; + int i; + + if (GetTickCount() > lastMinTickCount && GetTickCount() - lastMinTickCount < 60 * 1000) + return; + + lastMinTickCount = GetTickCount(); + + for (i = 0; i < 26; i++) + { + if (LastKnownMountList.ulMountedDrives & (1 << i)) + { + memset (&prop, 0, sizeof(prop)); + prop.driveNo = i; + + bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_VOLUME_PROPERTIES, &prop, + sizeof (prop), &prop, sizeof (prop), &dwResult, NULL); + + if ( bResult + && ( (prop.driveNo == i) && prop.uniqueId >= 0 + && prop.ea >= EAGetFirst() && prop.ea <= EAGetCount() + && prop.mode >= FIRST_MODE_OF_OPERATION_ID && prop.mode <= LAST_MODE_OF_OPERATION + && prop.pkcs5 >= FIRST_PRF_ID && prop.pkcs5 <= LAST_PRF_ID + && prop.pkcs5Iterations > 0 + && prop.hiddenVolProtection >= 0 && prop.volFormatVersion >= 0 + && prop.volumePim >= 0 + ) + ) + { + if (LastRead[i] == prop.totalBytesRead + && LastWritten[i] == prop.totalBytesWritten + && LastId[i] == prop.uniqueId) + { + if (++InactivityTime[i] >= MaxVolumeIdleTime) + { + BroadcastDeviceChange (DBT_DEVICEREMOVEPENDING, i, 0); + + if (bCloseDismountedWindows && CloseVolumeExplorerWindows (MainDlg, i)) + Sleep (250); + + if (DriverUnmountVolume (MainDlg, i, bForceAutoDismount) == 0) + { + InactivityTime[i] = 0; + BroadcastDeviceChange (DBT_DEVICEREMOVECOMPLETE, i, 0); + + if (bWipeCacheOnAutoDismount) + { + DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); + SecurityToken::CloseAllSessions(); + } + } + } + } + else + { + InactivityTime[i] = 0; + LastRead[i] = prop.totalBytesRead; + LastWritten[i] = prop.totalBytesWritten; + LastId[i] = prop.uniqueId; + } + } + } + } +} + +static BOOL MountFavoriteVolumeBase (HWND hwnd, const FavoriteVolume &favorite, BOOL& lastbExplore, BOOL& userForcedReadOnly, BOOL systemFavorites, BOOL logOnMount, BOOL hotKeyMount, const FavoriteVolume &favoriteVolumeToMount) +{ + BOOL status = TRUE; + int drive; + std::wstring effectiveVolumePath; + drive = towupper (favorite.MountPoint[0]) - L'A'; + + if ((drive < MIN_MOUNTED_VOLUME_DRIVE_NUMBER) || (drive > MAX_MOUNTED_VOLUME_DRIVE_NUMBER)) + { + if (!systemFavorites) + Error ("DRIVE_LETTER_UNAVAILABLE", MainDlg); + else if (ServiceMode && systemFavorites) + { + SystemFavoritesServiceLogError (wstring (L"The drive letter ") + (wchar_t) (drive + L'A') + wstring (L" used by favorite \"") + favorite.Path + L"\" is invalid.\nThis system favorite will not be mounted"); + } + return FALSE; + } + + mountOptions.ReadOnly = favorite.ReadOnly || userForcedReadOnly; + mountOptions.Removable = favorite.Removable; + if (favorite.UseLabelInExplorer && !favorite.Label.empty()) + StringCbCopyW (mountOptions.Label, sizeof (mountOptions.Label), favorite.Label.c_str()); + else + ZeroMemory (mountOptions.Label, sizeof (mountOptions.Label)); + + if (favorite.UseVolumeID && !IsRepeatedByteArray (0, favorite.VolumeID, sizeof (favorite.VolumeID))) + { + effectiveVolumePath = FindDeviceByVolumeID (favorite.VolumeID); + } + else + effectiveVolumePath = favorite.Path; + + if (favorite.SystemEncryption) + { + mountOptions.PartitionInInactiveSysEncScope = TRUE; + bPrebootPasswordDlgMode = TRUE; + } + else + { + mountOptions.PartitionInInactiveSysEncScope = FALSE; + bPrebootPasswordDlgMode = FALSE; + } + + if ((LastKnownMountList.ulMountedDrives & (1 << drive)) == 0) + { + MountVolumesAsSystemFavorite = systemFavorites; + + wstring mountPoint = (wchar_t) (drive + L'A') + wstring (L":\\"); + wchar_t prevVolumeAtMountPoint[MAX_PATH] = { 0 }; + + if (systemFavorites) + { + // Partitions of new drives are assigned free drive letters by Windows on boot. Make sure this does not prevent system favorite volumes + // from being mounted. Each partition (using the same drive letter as a system favorite volume) is assigned another free drive letter. + + if (GetVolumeNameForVolumeMountPoint (mountPoint.c_str(), prevVolumeAtMountPoint, ARRAYSIZE (prevVolumeAtMountPoint))) + DeleteVolumeMountPoint (mountPoint.c_str()); + else + prevVolumeAtMountPoint[0] = 0; + } + + lastbExplore = bExplore; + + bExplore = (BOOL) favorite.OpenExplorerWindow; + + if (!systemFavorites + && !logOnMount + && !hotKeyMount + && !favoriteVolumeToMount.Path.empty() + && GetAsyncKeyState (VK_CONTROL) < 0) + { + /* Priority is given to command line parameters + * Default values used only when nothing specified in command line + */ + if (CmdVolumePkcs5 == 0) + mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5; + else + mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5; + mountOptions.ProtectedHidVolPim = CmdVolumePim; + if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwnd, (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions) == IDCANCEL) + { + status = FALSE; + goto skipMount; + } + } + + BOOL prevReadOnly = mountOptions.ReadOnly; + + if (ServiceMode) + SystemFavoritesServiceLogInfo (wstring (L"Mounting system favorite \"") + effectiveVolumePath + L"\""); + + status = Mount (hwnd, drive, (wchar_t *) effectiveVolumePath.c_str(), favorite.Pim); + + if (ServiceMode) + { + // Update the service status to avoid being killed + SystemFavoritesServiceStatus.dwCheckPoint++; + SystemFavoritesServiceSetStatus (SERVICE_START_PENDING, 120000); + + if (status) + { + SystemFavoritesServiceLogInfo (wstring (L"Favorite \"") + effectiveVolumePath + wstring (L"\" mounted successfully as ") + (wchar_t) (drive + L'A') + L":"); + } + else + { + SystemFavoritesServiceLogError (wstring (L"Favorite \"") + effectiveVolumePath + L"\" failed to mount"); + } + } + + if (status && mountOptions.ReadOnly != prevReadOnly) + userForcedReadOnly = mountOptions.ReadOnly; + +skipMount: + bExplore = lastbExplore; + + if (systemFavorites && prevVolumeAtMountPoint[0]) + { + if (status) + { + int freeDrive = GetFirstAvailableDrive(); + if (freeDrive != -1) + { + mountPoint[0] = (wchar_t) (freeDrive + L'A'); + SetVolumeMountPoint (mountPoint.c_str(), prevVolumeAtMountPoint); + } + } + else + SetVolumeMountPoint (mountPoint.c_str(), prevVolumeAtMountPoint); + } + + LoadDriveLetters (MainDlg, GetDlgItem (MainDlg, IDC_DRIVELIST), 0); + + MountVolumesAsSystemFavorite = FALSE; + + if (ServiceMode && LastMountedVolumeDirty) + { + DWORD bytesOut; + DeviceIoControl (hDriver, TC_IOCTL_SET_SYSTEM_FAVORITE_VOLUME_DIRTY, NULL, 0, NULL, 0, &bytesOut, NULL); + + SystemFavoritesServiceLogError (wstring (L"The filesystem of the volume mounted as ") + (wchar_t) (drive + L'A') + L": was not cleanly dismounted and needs to be checked for errors."); + } + } + else if (!systemFavorites && !favoriteVolumeToMount.Path.empty()) + Error ("DRIVE_LETTER_UNAVAILABLE", MainDlg); + else if (ServiceMode && systemFavorites) + { + SystemFavoritesServiceLogError (wstring (L"The drive letter ") + (wchar_t) (drive + L'A') + wstring (L" used by favorite \"") + effectiveVolumePath + L"\" is already taken.\nThis system favorite will not be mounted"); + } + + return status; +} + + +BOOL MountFavoriteVolumes (HWND hwnd, BOOL systemFavorites, BOOL logOnMount, BOOL hotKeyMount, const FavoriteVolume &favoriteVolumeToMount) +{ + BOOL bRet = TRUE, status = TRUE; + BOOL lastbExplore; + BOOL userForcedReadOnly = FALSE; + + if (ServiceMode) + { + // in service case, intialize some global variable here. + LastKnownMountList.ulMountedDrives = 0; + LoadDriveLetters (MainDlg, GetDlgItem (MainDlg, IDC_DRIVELIST), 0); + } + + mountOptions = defaultMountOptions; + + VolumePassword.Length = 0; + MultipleMountOperationInProgress = (favoriteVolumeToMount.Path.empty() || FavoriteMountOnArrivalInProgress); + + vector favorites, skippedSystemFavorites; + + if (systemFavorites) + { + try + { + if (ServiceMode) + SystemFavoritesServiceLogInfo (wstring (L"Reading System Favorites XML file")); + LoadFavoriteVolumes (favorites, true); + + if (ServiceMode) + { + wchar_t szTmp[32]; + StringCbPrintf (szTmp, sizeof(szTmp), L"%d", (int) favorites.size()); + SystemFavoritesServiceLogInfo (wstring (L"Loaded ") + szTmp + wstring (L" favorites from the file")); + + /* correct set the connected state of the system favorites */ + for (vector ::iterator favorite = favorites.begin(); + favorite != favorites.end(); favorite++) + { + if (favorite->UseVolumeID) + { + std::wstring path = FindDeviceByVolumeID (favorite->VolumeID); + if (path.empty ()) + { + favorite->DisconnectedDevice = true; + } + else + { + favorite->DisconnectedDevice = false; + favorite->Path = path; + favorite->UseVolumeID = false; /* force the use of real path to avoid calling FindDeviceByVolumeID again */ + } + } + } + } + } + catch (...) + { + if (ServiceMode) + SystemFavoritesServiceLogError (wstring (L"An error occured while reading System Favorites XML file")); + return false; + } + } + else if (!favoriteVolumeToMount.Path.empty()) + favorites.push_back (favoriteVolumeToMount); + else + favorites = FavoriteVolumes; + + foreach (const FavoriteVolume &favorite, favorites) + { + if (ServiceMode && systemFavorites && favorite.DisconnectedDevice) + { + skippedSystemFavorites.push_back (favorite); + if (favorite.UseVolumeID) + SystemFavoritesServiceLogWarning (wstring (L"Favorite \"ID:") + ArrayToHexWideString (favorite.VolumeID, sizeof (favorite.VolumeID)) + L"\" is disconnected. It will be ignored."); + else + SystemFavoritesServiceLogWarning (wstring (L"Favorite \"") + favorite.Path + L"\" is disconnected. It will be ignored."); + } + + if (favorite.DisconnectedDevice + || (logOnMount && !favorite.MountOnLogOn) + || (hotKeyMount && favorite.DisableHotkeyMount)) + { + continue; + } + + status = MountFavoriteVolumeBase (hwnd, favorite, lastbExplore, userForcedReadOnly, systemFavorites, logOnMount, hotKeyMount, favoriteVolumeToMount); + if (!status) + bRet = FALSE; + } + + if (systemFavorites && ServiceMode && !skippedSystemFavorites.empty()) + { + // Some drives need more time to initialize correctly. + // We retry 4 times after sleeping 5 seconds + int retryCounter = 0; + size_t remainingFavorites = skippedSystemFavorites.size(); + while ((remainingFavorites > 0) && (retryCounter++ < 4)) + { + Sleep (5000); + + SystemFavoritesServiceLogInfo (wstring (L"Trying to mount skipped system favorites")); + + // Update the service status to avoid being killed + SystemFavoritesServiceStatus.dwCheckPoint++; + SystemFavoritesServiceSetStatus (SERVICE_START_PENDING, 120000); + + for (vector ::iterator favorite = skippedSystemFavorites.begin(); + favorite != skippedSystemFavorites.end(); favorite++) + { + if (favorite->DisconnectedDevice) + { + // check if the favorite is here and get its path + wstring resolvedPath; + if (favorite->UseVolumeID) + { + resolvedPath = FindDeviceByVolumeID (favorite->VolumeID); + } + else + resolvedPath = VolumeGuidPathToDevicePath (favorite->Path); + if (!resolvedPath.empty()) + { + favorite->DisconnectedDevice = false; + favorite->VolumePathId = favorite->Path; + favorite->Path = resolvedPath; + + remainingFavorites--; + + // favorite OK. + if (favorite->UseVolumeID) + SystemFavoritesServiceLogInfo (wstring (L"Favorite \"ID:") + ArrayToHexWideString (favorite->VolumeID, sizeof (favorite->VolumeID)) + L"\" is connected. Performing mount."); + else + SystemFavoritesServiceLogInfo (wstring (L"Favorite \"") + favorite->VolumePathId + L"\" is connected. Performing mount."); + + status = MountFavoriteVolumeBase (hwnd, *favorite, lastbExplore, userForcedReadOnly, systemFavorites, logOnMount, hotKeyMount, favoriteVolumeToMount); + if (!status) + bRet = FALSE; + } + } + } + + if (remainingFavorites == 0) + SystemFavoritesServiceLogInfo (wstring (L"All skipped system favorites have been processed")); + else + { + wchar_t szTmp[32]; + StringCbPrintfW (szTmp, sizeof(szTmp), L"%d", (int) remainingFavorites); + SystemFavoritesServiceLogWarning (wstring (L"Number of unprocessed system favorites is ") + szTmp); + } + } + } + + MultipleMountOperationInProgress = FALSE; + burn (&VolumePassword, sizeof (VolumePassword)); + burn (&VolumePkcs5, sizeof (VolumePkcs5)); + burn (&VolumePim, sizeof (VolumePim)); + burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); + + if (bRet && CloseSecurityTokenSessionsAfterMount) + SecurityToken::CloseAllSessions(); + + return bRet; +} + +void CALLBACK mountFavoriteVolumeCallbackFunction (void *pArg, HWND hwnd) +{ + mountFavoriteVolumeThreadParam* pParam = (mountFavoriteVolumeThreadParam*) pArg; + + if (pParam) + { + if (pParam->favoriteVolumeToMount) + MountFavoriteVolumes (hwnd, pParam->systemFavorites, pParam->logOnMount, pParam->hotKeyMount, *(pParam->favoriteVolumeToMount)); + else + MountFavoriteVolumes (hwnd, pParam->systemFavorites, pParam->logOnMount, pParam->hotKeyMount); + + free (pParam); + } + else + MountFavoriteVolumes (hwnd); +} + +void __cdecl mountFavoriteVolumeThreadFunction (void *pArg) +{ + ShowWaitDialog (MainDlg, FALSE, mountFavoriteVolumeCallbackFunction, pArg); +} + +static void SaveDefaultKeyFilesParam (HWND hwnd) +{ + if (defaultKeyFilesParam.FirstKeyFile == NULL) + { + /* No keyfiles selected */ + _wremove (GetConfigPath (TC_APPD_FILENAME_DEFAULT_KEYFILES)); + } + else + { + FILE *f; + KeyFile *kf = FirstKeyFile; + + f = _wfopen (GetConfigPath (TC_APPD_FILENAME_DEFAULT_KEYFILES), L"w,ccs=UTF-8"); + if (f == NULL) + { + handleWin32Error (MainDlg, SRC_POS); + return; + } + + XmlWriteHeader (f); + + fputws (L"\n\t", f); + + while (kf != NULL) + { + wchar_t q[TC_MAX_PATH * 2]; + + XmlQuoteTextW (kf->FileName, q, ARRAYSIZE (q)); + fwprintf (f, L"\n\t\t%s", q); + + kf = kf->Next; + } + + fputws (L"\n\t", f); + + XmlWriteFooter (f); + + CheckFileStreamWriteErrors (hwnd, f, TC_APPD_FILENAME_DEFAULT_KEYFILES); + fclose (f); + return; + } +} + + +static void KeyfileDefaultsDlg (HWND hwndDlg) +{ + KeyFilesDlgParam param; + + param.EnableKeyFiles = defaultKeyFilesParam.EnableKeyFiles; + param.FirstKeyFile = defaultKeyFilesParam.FirstKeyFile; + + if (DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg, + (DLGPROC) KeyFilesDlgProc, (LPARAM) ¶m) == IDOK) + { + if (!param.EnableKeyFiles || AskWarnYesNo ("CONFIRM_SAVE_DEFAULT_KEYFILES", hwndDlg) == IDYES) + { + KeyFileRemoveAll (&defaultKeyFilesParam.FirstKeyFile); + defaultKeyFilesParam.EnableKeyFiles = param.EnableKeyFiles; + defaultKeyFilesParam.FirstKeyFile = param.FirstKeyFile; + + RestoreDefaultKeyFilesParam (); + SaveDefaultKeyFilesParam (hwndDlg); + } + } +} + + +static void HandleHotKey (HWND hwndDlg, WPARAM wParam) +{ + DWORD dwResult; + BOOL success = TRUE; + + switch (wParam) + { + case HK_AUTOMOUNT_DEVICES: + MountAllDevices (hwndDlg, TRUE); + break; + + case HK_DISMOUNT_ALL: + case HK_DISMOUNT_ALL_AND_WIPE: + + if (wParam == HK_DISMOUNT_ALL_AND_WIPE) + WipeCache (hwndDlg, TRUE); + + if (DismountAll (hwndDlg, FALSE, TRUE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY)) + { + if (bDisplayBalloonOnSuccessfulHkDismount) + InfoBalloon ("SUCCESSFULLY_DISMOUNTED", (wParam == HK_DISMOUNT_ALL_AND_WIPE ? "VOLUMES_DISMOUNTED_CACHE_WIPED" : "MOUNTED_VOLUMES_DISMOUNTED"), hwndDlg); + + if (bPlaySoundOnSuccessfulHkDismount) + MessageBeep (0xFFFFFFFF); + } + + break; + + case HK_WIPE_CACHE: + WipeCache (hwndDlg, FALSE); + + break; + + case HK_FORCE_DISMOUNT_ALL_AND_WIPE: + success = DismountAll (hwndDlg, TRUE, FALSE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY); + success &= DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); + if (success) + { + if (bDisplayBalloonOnSuccessfulHkDismount) + InfoBalloon ("SUCCESSFULLY_DISMOUNTED", "VOLUMES_DISMOUNTED_CACHE_WIPED", hwndDlg); + + if (bPlaySoundOnSuccessfulHkDismount) + MessageBeep (0xFFFFFFFF); + } + break; + + case HK_FORCE_DISMOUNT_ALL_AND_WIPE_AND_EXIT: + success = DismountAll (hwndDlg, TRUE, FALSE, UNMOUNT_MAX_AUTO_RETRIES, UNMOUNT_AUTO_RETRY_DELAY); + success &= DeviceIoControl (hDriver, TC_IOCTL_WIPE_PASSWORD_CACHE, NULL, 0, NULL, 0, &dwResult, NULL); + if (success) + { + if (bDisplayBalloonOnSuccessfulHkDismount) + InfoBalloon ("SUCCESSFULLY_DISMOUNTED", "VOLUMES_DISMOUNTED_CACHE_WIPED", hwndDlg); + + if (bPlaySoundOnSuccessfulHkDismount) + MessageBeep (0xFFFFFFFF); + } + TaskBarIconRemove (hwndDlg); + UnregisterWtsNotification(hwndDlg); + EndMainDlg (hwndDlg); + break; + + case HK_MOUNT_FAVORITE_VOLUMES: + { + mountFavoriteVolumeThreadParam* pParam = (mountFavoriteVolumeThreadParam*) calloc(1, sizeof(mountFavoriteVolumeThreadParam)); + pParam->systemFavorites = FALSE; + pParam->logOnMount = FALSE; + pParam->hotKeyMount = TRUE; + pParam->favoriteVolumeToMount = NULL; + + _beginthread(mountFavoriteVolumeThreadFunction, 0, pParam); + } + break; + + case HK_SHOW_HIDE_MAIN_WINDOW: + ChangeMainWindowVisibility (); + break; + + case HK_CLOSE_SECURITY_TOKEN_SESSIONS: + SecurityToken::CloseAllSessions(); + + InfoBalloon (NULL, "ALL_TOKEN_SESSIONS_CLOSED", hwndDlg); + + break; + } +} + + +void ChangeMainWindowVisibility () +{ + MainWindowHidden = !MainWindowHidden; + + if (!MainWindowHidden) + SetForegroundWindow (MainDlg); + + ShowWindow (MainDlg, !MainWindowHidden ? SW_SHOW : SW_HIDE); + + if (!MainWindowHidden) + ShowWindow (MainDlg, SW_RESTORE); +} + + +int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const wchar_t *lpszVolume) +{ + int nStatus = ERR_OS_ERROR; + wchar_t szTmp[4096]; + int fBackup = -1; + OpenVolumeContext volume; + OpenVolumeContext hiddenVolume; + Password hiddenVolPassword; + int hiddenVolPkcs5 = 0, hiddenVolPim = 0; + byte temporaryKey[MASTER_KEYDATA_SIZE]; + byte originalK2[MASTER_KEYDATA_SIZE]; + int EffectiveVolumePkcs5 = CmdVolumePkcs5; + int EffectiveVolumePim = CmdVolumePim; + + /* Priority is given to command line parameters + * Default values used only when nothing specified in command line + */ + if (EffectiveVolumePkcs5 == 0) + EffectiveVolumePkcs5 = DefaultVolumePkcs5; + + if (!lpszVolume) + { + nStatus = ERR_OUTOFMEMORY; + handleError (hwndDlg, nStatus, SRC_POS); + return nStatus; + } + + volume.VolumeIsOpen = FALSE; + hiddenVolume.VolumeIsOpen = FALSE; + + switch (IsSystemDevicePath (lpszVolume, hwndDlg, TRUE)) + { + case 1: + case 2: + if (AskErrNoYes ("BACKUP_HEADER_NOT_FOR_SYS_DEVICE", hwndDlg) == IDYES) + CreateRescueDisk (hwndDlg); + + return 0; + } + + if (IsMountedVolume (lpszVolume)) + { + Warning ("DISMOUNT_FIRST", hwndDlg); + goto ret; + } + + if (!VolumePathExists (lpszVolume)) + { + handleWin32Error (hwndDlg, SRC_POS); + goto ret; + } + + Info ("EXTERNAL_VOL_HEADER_BAK_FIRST_INFO", hwndDlg); + + + WaitCursor(); + + // Open both types of volumes + for (int type = TC_VOLUME_TYPE_NORMAL; type <= TC_VOLUME_TYPE_HIDDEN; ++type) + { + OpenVolumeContext *askVol = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolume : &volume); + Password *askPassword = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolPassword : &VolumePassword); + int* askPkcs5 = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolPkcs5 : &VolumePkcs5); + int* askPim = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolPim : &VolumePim); + + while (TRUE) + { + int GuiPkcs5 = ((EffectiveVolumePkcs5 > 0) && (*askPkcs5 == 0))? EffectiveVolumePkcs5 : *askPkcs5; + int GuiPim = ((EffectiveVolumePim > 0) && (*askPim <= 0))? EffectiveVolumePim : *askPim; + if (!AskVolumePassword (hwndDlg, askPassword, &GuiPkcs5, &GuiPim, &VolumeTrueCryptMode, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE)) + { + nStatus = ERR_SUCCESS; + goto ret; + } + else + { + *askPkcs5 = GuiPkcs5; + *askPim = GuiPim; + burn (&GuiPkcs5, sizeof (GuiPkcs5)); + burn (&GuiPim, sizeof (GuiPim)); + } + + WaitCursor(); + + if (KeyFilesEnable && FirstKeyFile) + KeyFilesApply (hwndDlg, askPassword, FirstKeyFile, lpszVolume); + + nStatus = OpenVolume (askVol, lpszVolume, askPassword, *askPkcs5, *askPim, VolumeTrueCryptMode, FALSE, bPreserveTimestamp, FALSE); + + NormalCursor(); + + if (nStatus == ERR_SUCCESS) + { + if ((type == TC_VOLUME_TYPE_NORMAL && askVol->CryptoInfo->hiddenVolume) + || (type == TC_VOLUME_TYPE_HIDDEN && !askVol->CryptoInfo->hiddenVolume)) + { + CloseVolume (askVol); + handleError (hwndDlg, ERR_PASSWORD_WRONG, SRC_POS); + continue; + } + + RandSetHashFunction (askVol->CryptoInfo->pkcs5); + + if (type == TC_VOLUME_TYPE_NORMAL) + { + // Ask the user if there is a hidden volume + char *volTypeChoices[] = {0, "DOES_VOLUME_CONTAIN_HIDDEN", "VOLUME_CONTAINS_HIDDEN", "VOLUME_DOES_NOT_CONTAIN_HIDDEN", "IDCANCEL", 0}; + switch (AskMultiChoice ((void **) volTypeChoices, FALSE, hwndDlg)) + { + case 1: + break; + case 2: + goto noHidden; + + default: + nStatus = ERR_SUCCESS; + goto ret; + } + } + + break; + } + + if (nStatus != ERR_PASSWORD_WRONG) + goto error; + + handleError (hwndDlg, nStatus, SRC_POS); + } + } +noHidden: + + if (hiddenVolume.VolumeIsOpen && volume.CryptoInfo->LegacyVolume != hiddenVolume.CryptoInfo->LegacyVolume) + { + nStatus = ERR_PARAMETER_INCORRECT; + goto error; + } + + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CONFIRM_VOL_HEADER_BAK"), lpszVolume); + + if (bRequireConfirmation + && (MessageBoxW (hwndDlg, szTmp, lpszTitle, YES_NO|MB_ICONQUESTION|MB_DEFBUTTON1) == IDNO)) + goto ret; + + /* Select backup file */ + if (!BrowseFiles (hwndDlg, "OPEN_TITLE", szFileName, bHistory, TRUE, NULL)) + goto ret; + + /* Conceive the backup file */ + if ((fBackup = _wopen(szFileName, _O_CREAT|_O_TRUNC|_O_WRONLY|_O_BINARY, _S_IREAD|_S_IWRITE)) == -1) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + // Backup headers + + byte backup[TC_VOLUME_HEADER_GROUP_SIZE]; + + bool legacyVolume = volume.CryptoInfo->LegacyVolume ? true : false; + int backupFileSize = legacyVolume ? TC_VOLUME_HEADER_SIZE_LEGACY * 2 : TC_VOLUME_HEADER_GROUP_SIZE; + + // Fill backup buffer with random data + memcpy (originalK2, volume.CryptoInfo->k2, sizeof (volume.CryptoInfo->k2)); + + if (Randinit() != ERR_SUCCESS) + { + if (CryptoAPILastError == ERROR_SUCCESS) + nStatus = ERR_RAND_INIT_FAILED; + else + nStatus = ERR_CAPI_INIT_FAILED; + goto error; + } + + /* force the display of the random enriching dialog */ + SetRandomPoolEnrichedByUserStatus (FALSE); + + NormalCursor(); + UserEnrichRandomPool (hwndDlg); + WaitCursor(); + + // Temporary keys + if (!RandgetBytes (hwndDlg, temporaryKey, EAGetKeySize (volume.CryptoInfo->ea), TRUE) + || !RandgetBytes (hwndDlg, volume.CryptoInfo->k2, sizeof (volume.CryptoInfo->k2), FALSE)) + { + nStatus = ERR_PARAMETER_INCORRECT; + goto error; + } + + if (EAInit (volume.CryptoInfo->ea, temporaryKey, volume.CryptoInfo->ks) != ERR_SUCCESS || !EAInitMode (volume.CryptoInfo)) + { + nStatus = ERR_PARAMETER_INCORRECT; + goto error; + } + + EncryptBuffer (backup, backupFileSize, volume.CryptoInfo); + + memcpy (volume.CryptoInfo->k2, originalK2, sizeof (volume.CryptoInfo->k2)); + if (EAInit (volume.CryptoInfo->ea, volume.CryptoInfo->master_keydata, volume.CryptoInfo->ks) != ERR_SUCCESS || !EAInitMode (volume.CryptoInfo)) + { + nStatus = ERR_PARAMETER_INCORRECT; + goto error; + } + + // Store header encrypted with a new key + nStatus = ReEncryptVolumeHeader (hwndDlg, (char *) backup, FALSE, volume.CryptoInfo, &VolumePassword, VolumePim, FALSE); + if (nStatus != ERR_SUCCESS) + goto error; + + if (hiddenVolume.VolumeIsOpen) + { + nStatus = ReEncryptVolumeHeader (hwndDlg, (char *) backup + (legacyVolume ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE), + FALSE, hiddenVolume.CryptoInfo, &hiddenVolPassword, hiddenVolPim, FALSE); + + if (nStatus != ERR_SUCCESS) + goto error; + } + + if (_write (fBackup, backup, backupFileSize) == -1) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + /* Backup has been successfully created */ + Warning("VOL_HEADER_BACKED_UP", hwndDlg); + +ret: + nStatus = ERR_SUCCESS; + +error: + DWORD dwError = GetLastError (); + + CloseVolume (&volume); + CloseVolume (&hiddenVolume); + + if (fBackup != -1) + _close (fBackup); + + SetLastError (dwError); + if (nStatus != 0) + handleError (hwndDlg, nStatus, SRC_POS); + + burn (&VolumePassword, sizeof (VolumePassword)); + burn (&VolumePkcs5, sizeof (VolumePkcs5)); + burn (&VolumePim, sizeof (VolumePim)); + burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); + burn (&hiddenVolPassword, sizeof (hiddenVolPassword)); + burn (temporaryKey, sizeof (temporaryKey)); + burn (originalK2, sizeof (originalK2)); + + RestoreDefaultKeyFilesParam(); + RandStop (FALSE); + NormalCursor(); + + return nStatus; +} + + +int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume) +{ + int nDosLinkCreated = -1, nStatus = ERR_OS_ERROR; + wchar_t szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH]; + wchar_t szFileName[TC_MAX_PATH]; + wchar_t szDosDevice[TC_MAX_PATH]; + void *dev = INVALID_HANDLE_VALUE; + DWORD dwError; + BOOL bDevice; + unsigned __int64 hostSize = 0; + FILETIME ftCreationTime; + FILETIME ftLastWriteTime; + FILETIME ftLastAccessTime; + wchar_t szTmp[4096]; + BOOL bTimeStampValid = FALSE; + HANDLE fBackup = INVALID_HANDLE_VALUE; + LARGE_INTEGER headerOffset; + CRYPTO_INFO *restoredCryptoInfo = NULL; + int EffectiveVolumePkcs5 = CmdVolumePkcs5; + int EffectiveVolumePim = CmdVolumePim; + + /* Priority is given to command line parameters + * Default values used only when nothing specified in command line + */ + if (EffectiveVolumePkcs5 == 0) + EffectiveVolumePkcs5 = DefaultVolumePkcs5; + + if (!lpszVolume) + { + nStatus = ERR_OUTOFMEMORY; + handleError (hwndDlg, nStatus, SRC_POS); + return nStatus; + } + + switch (IsSystemDevicePath (lpszVolume, hwndDlg, TRUE)) + { + case 1: + case 2: + if (AskErrNoYes ("RESTORE_HEADER_NOT_FOR_SYS_DEVICE", hwndDlg) == IDYES) + CreateRescueDisk (hwndDlg); + + return 0; + + case -1: + // In some environments (such as PE), the system volume is not located on a hard drive. + // Therefore, we must interpret this return code as "Not a system device path" (otherwise, + // it would not be possible to restore headers on non-system devices in such environments). + // Note that this is rather safe, because bReliableRequired is set to TRUE. + + // NOP + break; + } + + if (IsMountedVolume (lpszVolume)) + { + Warning ("DISMOUNT_FIRST", hwndDlg); + return 0; + } + + if (!VolumePathExists (lpszVolume)) + { + handleWin32Error (hwndDlg, SRC_POS); + return 0; + } + + BOOL restoreInternalBackup; + + // Ask the user to select the type of backup (internal/external) + char *volTypeChoices[] = {0, "HEADER_RESTORE_EXTERNAL_INTERNAL", "HEADER_RESTORE_INTERNAL", "HEADER_RESTORE_EXTERNAL", "IDCANCEL", 0}; + switch (AskMultiChoice ((void **) volTypeChoices, FALSE, hwndDlg)) + { + case 1: + restoreInternalBackup = TRUE; + break; + case 2: + restoreInternalBackup = FALSE; + break; + default: + return 0; + } + + OpenVolumeContext volume; + volume.VolumeIsOpen = FALSE; + + /* force the display of the random enriching dialog */ + SetRandomPoolEnrichedByUserStatus (FALSE); + + WaitCursor(); + + if (restoreInternalBackup) + { + // Restore header from the internal backup + + // Open the volume using backup header + while (TRUE) + { + int GuiPkcs5 = ((EffectiveVolumePkcs5 > 0) && (VolumePkcs5 == 0))? EffectiveVolumePkcs5 : VolumePkcs5; + int GuiPim = ((EffectiveVolumePim > 0) && (VolumePim <= 0))? EffectiveVolumePim : VolumePim; + StringCbCopyW (PasswordDlgVolume, sizeof(PasswordDlgVolume), lpszVolume); + if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &VolumeTrueCryptMode, NULL, FALSE)) + { + nStatus = ERR_SUCCESS; + goto ret; + } + else + { + VolumePkcs5 = GuiPkcs5; + VolumePim = GuiPim; + burn (&GuiPkcs5, sizeof (GuiPkcs5)); + burn (&GuiPim, sizeof (GuiPim)); + } + + WaitCursor(); + + if (KeyFilesEnable && FirstKeyFile) + KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, lpszVolume); + + nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode,TRUE, bPreserveTimestamp, TRUE); + + NormalCursor(); + + if (nStatus == ERR_SUCCESS) + break; + + if (nStatus != ERR_PASSWORD_WRONG) + goto error; + + handleError (hwndDlg, nStatus, SRC_POS); + } + + if (volume.CryptoInfo->LegacyVolume) + { + Error ("VOLUME_HAS_NO_BACKUP_HEADER", hwndDlg); + nStatus = ERROR_SUCCESS; + goto error; + } + + // Create a new header with a new salt + char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; + + nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, volume.CryptoInfo, &VolumePassword, VolumePim, FALSE); + if (nStatus != 0) + goto error; + + headerOffset.QuadPart = volume.CryptoInfo->hiddenVolume ? TC_HIDDEN_VOLUME_HEADER_OFFSET : TC_VOLUME_HEADER_OFFSET; + if (!SetFilePointerEx (volume.HostFileHandle, headerOffset, NULL, FILE_BEGIN)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + if (!WriteEffectiveVolumeHeader (volume.IsDevice, volume.HostFileHandle, (byte *) buffer)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + } + else + { + // Restore header from an external backup + + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CONFIRM_VOL_HEADER_RESTORE"), lpszVolume); + + if (MessageBoxW (hwndDlg, szTmp, lpszTitle, YES_NO|MB_ICONWARNING|MB_DEFBUTTON2) == IDNO) + { + nStatus = ERR_SUCCESS; + goto ret; + } + + /* Select backup file */ + if (!BrowseFiles (hwndDlg, "OPEN_TITLE", szFileName, bHistory, FALSE, NULL)) + { + nStatus = ERR_SUCCESS; + goto ret; + } + + /* Open the backup file */ + fBackup = CreateFile (szFileName, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL); + if (fBackup == INVALID_HANDLE_VALUE) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + // Determine size of the backup file + LARGE_INTEGER backupSize; + if (!GetFileSizeEx (fBackup, &backupSize)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + CreateFullVolumePath (szDiskFile, sizeof(szDiskFile), lpszVolume, &bDevice); + + if (bDevice == FALSE) + StringCbCopyW (szCFDevice, sizeof(szCFDevice), szDiskFile); + else + { + nDosLinkCreated = FakeDosNameForDevice (szDiskFile, szDosDevice, sizeof(szDosDevice),szCFDevice, sizeof(szCFDevice),FALSE); + if (nDosLinkCreated != 0) + goto error; + } + + // Open the volume + dev = CreateFile (szCFDevice, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL); + + if (dev == INVALID_HANDLE_VALUE) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + // Determine volume host size + if (bDevice) + { + PARTITION_INFORMATION diskInfo; + DWORD dwResult; + BOOL bResult; + + bResult = GetPartitionInfo (lpszVolume, &diskInfo); + + if (bResult) + { + hostSize = diskInfo.PartitionLength.QuadPart; + } + else + { + DISK_GEOMETRY driveInfo; + + bResult = DeviceIoControl (dev, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, + &driveInfo, sizeof (driveInfo), &dwResult, NULL); + + if (!bResult) + goto error; + + hostSize = driveInfo.Cylinders.QuadPart * driveInfo.BytesPerSector * + driveInfo.SectorsPerTrack * driveInfo.TracksPerCylinder; + } + + if (hostSize == 0) + { + nStatus = ERR_VOL_SIZE_WRONG; + goto error; + } + } + else + { + LARGE_INTEGER fileSize; + if (!GetFileSizeEx (dev, &fileSize)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + hostSize = fileSize.QuadPart; + } + + if (!bDevice && bPreserveTimestamp) + { + /* Remember the container modification/creation date and time. */ + + if (GetFileTime ((HANDLE) dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime) == 0) + bTimeStampValid = FALSE; + else + bTimeStampValid = TRUE; + } + + /* Read the volume header from the backup file */ + char buffer[TC_VOLUME_HEADER_GROUP_SIZE]; + + DWORD bytesRead; + if (!ReadFile (fBackup, buffer, sizeof (buffer), &bytesRead, NULL)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + if (bytesRead != backupSize.QuadPart) + { + nStatus = ERR_VOL_SIZE_WRONG; + goto error; + } + + LARGE_INTEGER headerOffset; + LARGE_INTEGER headerBackupOffset; + bool legacyBackup; + int headerOffsetBackupFile; + + // Determine the format of the backup file + switch (backupSize.QuadPart) + { + case TC_VOLUME_HEADER_GROUP_SIZE: + legacyBackup = false; + break; + + case TC_VOLUME_HEADER_SIZE_LEGACY * 2: + legacyBackup = true; + break; + + default: + Error ("HEADER_BACKUP_SIZE_INCORRECT", hwndDlg); + nStatus = ERR_SUCCESS; + goto error; + } + + // Open the header + while (TRUE) + { + int GuiPkcs5 = ((EffectiveVolumePkcs5 > 0) && (VolumePkcs5 == 0))? EffectiveVolumePkcs5 : VolumePkcs5; + int GuiPim = ((EffectiveVolumePim > 0) && (VolumePim <= 0))? EffectiveVolumePim : VolumePim; + if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &VolumeTrueCryptMode, "ENTER_HEADER_BACKUP_PASSWORD", FALSE)) + { + nStatus = ERR_SUCCESS; + goto ret; + } + else + { + VolumePkcs5 = GuiPkcs5; + VolumePim = GuiPim; + burn (&GuiPkcs5, sizeof (GuiPkcs5)); + burn (&GuiPim, sizeof (GuiPim)); + } + + if (KeyFilesEnable && FirstKeyFile) + KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, bDevice? NULL : lpszVolume); + + // Decrypt volume header + headerOffsetBackupFile = 0; + for (int type = TC_VOLUME_TYPE_NORMAL; type <= TC_VOLUME_TYPE_HIDDEN; ++type) + { + if (type == TC_VOLUME_TYPE_HIDDEN) + headerOffsetBackupFile += (legacyBackup ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE); + + nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, &restoredCryptoInfo, NULL); + if (nStatus == ERR_SUCCESS) + break; + } + + if (nStatus == ERR_SUCCESS) + break; + + if (nStatus != ERR_PASSWORD_WRONG) + goto error; + + handleError (hwndDlg, nStatus, SRC_POS); + } + + BOOL hiddenVol = restoredCryptoInfo->hiddenVolume; + + if (legacyBackup) + { + headerOffset.QuadPart = hiddenVol ? hostSize - TC_HIDDEN_VOLUME_HEADER_OFFSET_LEGACY : TC_VOLUME_HEADER_OFFSET; + } + else + { + headerOffset.QuadPart = hiddenVol ? TC_HIDDEN_VOLUME_HEADER_OFFSET : TC_VOLUME_HEADER_OFFSET; + headerBackupOffset.QuadPart = hiddenVol ? hostSize - TC_VOLUME_HEADER_SIZE : hostSize - TC_VOLUME_HEADER_GROUP_SIZE; + } + + WaitCursor(); + + // Restore header encrypted with a new key + nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, restoredCryptoInfo, &VolumePassword, VolumePim, FALSE); + if (nStatus != ERR_SUCCESS) + goto error; + + if (!SetFilePointerEx (dev, headerOffset, NULL, FILE_BEGIN)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + if (!WriteEffectiveVolumeHeader (bDevice, dev, (byte *) buffer)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + if (!restoredCryptoInfo->LegacyVolume) + { + // Restore backup header encrypted with a new key + nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, restoredCryptoInfo, &VolumePassword, VolumePim, FALSE); + if (nStatus != ERR_SUCCESS) + goto error; + + if (!SetFilePointerEx (dev, headerBackupOffset, NULL, FILE_BEGIN)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + + if (!WriteEffectiveVolumeHeader (bDevice, dev, (byte *) buffer)) + { + nStatus = ERR_OS_ERROR; + goto error; + } + } + } + + + /* Volume header has been successfully restored */ + + Info("VOL_HEADER_RESTORED", hwndDlg); +ret: + nStatus = ERR_SUCCESS; + +error: + dwError = GetLastError (); + NormalCursor(); + + if (restoreInternalBackup) + { + CloseVolume (&volume); + } + else + { + if (restoredCryptoInfo) + crypto_close (restoredCryptoInfo); + + if (bTimeStampValid) + SetFileTime (dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime); + + if (dev != INVALID_HANDLE_VALUE) + CloseHandle (dev); + + if (fBackup != INVALID_HANDLE_VALUE) + CloseHandle (fBackup); + + if (nDosLinkCreated == 0) + RemoveFakeDosName (szDiskFile, szDosDevice); + } + + SetLastError (dwError); + if (nStatus != 0) + handleError (hwndDlg, nStatus, SRC_POS); + + burn (&VolumePassword, sizeof (VolumePassword)); + burn (&VolumePkcs5, sizeof (VolumePkcs5)); + burn (&VolumePim, sizeof (VolumePim)); + burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); + RestoreDefaultKeyFilesParam(); + RandStop (FALSE); + NormalCursor(); + + return nStatus; +} + + +void SetDriverConfigurationFlag (uint32 flag, BOOL state) +{ + BootEncObj->SetDriverConfigurationFlag (flag, state ? true : false); +} + + +static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + LocalizeDialog (hwndDlg, "IDD_PERFORMANCE_SETTINGS"); + + uint32 driverConfig = ReadDriverConfigurationFlags(); + CheckDlgButton (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION, (driverConfig & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? BST_UNCHECKED : BST_CHECKED); + CheckDlgButton (hwndDlg, IDC_ENABLE_EXTENDED_IOCTL_SUPPORT, (driverConfig & TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL) ? BST_CHECKED : BST_UNCHECKED); + + SYSTEM_INFO sysInfo; + GetSystemInfo (&sysInfo); + + HWND freeCpuCombo = GetDlgItem (hwndDlg, IDC_ENCRYPTION_FREE_CPU_COUNT); + uint32 encryptionFreeCpuCount = ReadEncryptionThreadPoolFreeCpuCountLimit(); + + if (encryptionFreeCpuCount > sysInfo.dwNumberOfProcessors - 1) + encryptionFreeCpuCount = sysInfo.dwNumberOfProcessors - 1; + + for (uint32 i = 1; i < sysInfo.dwNumberOfProcessors; ++i) + { + wstringstream s; + s << i; + AddComboPair (freeCpuCombo, s.str().c_str(), i); + } + + if (sysInfo.dwNumberOfProcessors < 2 || encryptionFreeCpuCount == 0) + EnableWindow (freeCpuCombo, FALSE); + + if (sysInfo.dwNumberOfProcessors < 2) + EnableWindow (GetDlgItem (hwndDlg, IDC_LIMIT_ENC_THREAD_POOL), FALSE); + + if (encryptionFreeCpuCount != 0) + { + CheckDlgButton (hwndDlg, IDC_LIMIT_ENC_THREAD_POOL, BST_CHECKED); + SendMessage (freeCpuCombo, CB_SETCURSEL, encryptionFreeCpuCount - 1, 0); + } + + SetWindowTextW (GetDlgItem (hwndDlg, IDT_LIMIT_ENC_THREAD_POOL_NOTE), GetString("LIMIT_ENC_THREAD_POOL_NOTE")); + + SetDlgItemTextW (hwndDlg, IDC_HW_AES_SUPPORTED_BY_CPU, (wstring (L" ") + (GetString (is_aes_hw_cpu_supported() ? "UISTR_YES" : "UISTR_NO"))).c_str()); + + ToHyperlink (hwndDlg, IDC_MORE_INFO_ON_HW_ACCELERATION); + ToHyperlink (hwndDlg, IDC_MORE_INFO_ON_THREAD_BASED_PARALLELIZATION); + } + return 0; + + case WM_COMMAND: + + switch (lw) + { + case IDCANCEL: + EndDialog (hwndDlg, lw); + return 1; + + case IDOK: + { + if (IsNonInstallMode()) + { + Error ("FEATURE_REQUIRES_INSTALLATION", hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + BOOL disableHW = !IsDlgButtonChecked (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION); + BOOL enableExtendedIOCTL = IsDlgButtonChecked (hwndDlg, IDC_ENABLE_EXTENDED_IOCTL_SUPPORT); + + try + { + VOLUME_PROPERTIES_STRUCT prop; + try + { + BootEncStatus = BootEncObj->GetStatus(); + BootEncObj->GetVolumeProperties (&prop); + } + catch (...) + { + BootEncStatus.DriveMounted = false; + } + + if (BootEncStatus.DriveMounted) + { + byte userConfig; + string customUserMessage; + uint16 bootLoaderVersion; + + BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion); + + if (bootLoaderVersion != VERSION_NUM) + Warning ("BOOT_LOADER_VERSION_INCORRECT_PREFERENCES", hwndDlg); + + if (disableHW) + userConfig |= TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION; + else + userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION; + + BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim); + } + + SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION, disableHW); + SetDriverConfigurationFlag (TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL, enableExtendedIOCTL); + + DWORD bytesReturned; + if (!DeviceIoControl (hDriver, TC_IOCTL_REREAD_DRIVER_CONFIG, NULL, 0, NULL, 0, &bytesReturned, NULL)) + handleWin32Error (hwndDlg, SRC_POS); + + EnableHwEncryption (!disableHW); + + uint32 cpuFreeCount = 0; + if (IsDlgButtonChecked (hwndDlg, IDC_LIMIT_ENC_THREAD_POOL)) + { + LRESULT cpuFreeItem = SendMessage (GetDlgItem (hwndDlg, IDC_ENCRYPTION_FREE_CPU_COUNT), CB_GETCURSEL, 0, 0); + if (cpuFreeItem != CB_ERR) + cpuFreeCount = (uint32) (cpuFreeItem + 1); + } + + if (ReadEncryptionThreadPoolFreeCpuCountLimit() != cpuFreeCount) + { + BootEncObj->WriteLocalMachineRegistryDwordValue (L"SYSTEM\\CurrentControlSet\\Services\\veracrypt", TC_ENCRYPTION_FREE_CPU_COUNT_REG_VALUE_NAME, cpuFreeCount); + Warning ("SETTING_REQUIRES_REBOOT", hwndDlg); + } + + EndDialog (hwndDlg, lw); + return 1; + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + } + return 1; + + case IDC_ENABLE_HARDWARE_ENCRYPTION: + if (!IsDlgButtonChecked (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION) + && AskWarnYesNo ("CONFIRM_SETTING_DEGRADES_PERFORMANCE", hwndDlg) == IDNO) + { + CheckDlgButton (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION, BST_CHECKED); + } + return 1; + + case IDC_LIMIT_ENC_THREAD_POOL: + if (IsDlgButtonChecked (hwndDlg, IDC_LIMIT_ENC_THREAD_POOL) + && AskWarnYesNo ("CONFIRM_SETTING_DEGRADES_PERFORMANCE", hwndDlg) == IDNO) + { + CheckDlgButton (hwndDlg, IDC_LIMIT_ENC_THREAD_POOL, BST_UNCHECKED); + } + else + { + SendMessage (GetDlgItem (hwndDlg, IDC_ENCRYPTION_FREE_CPU_COUNT), CB_SETCURSEL, 0, 0); + Warning ("SETTING_REQUIRES_REBOOT", hwndDlg); // Warn the user before he thinks about benchmarking + } + + EnableWindow (GetDlgItem (hwndDlg, IDC_ENCRYPTION_FREE_CPU_COUNT), IsDlgButtonChecked (hwndDlg, IDC_LIMIT_ENC_THREAD_POOL)); + return 1; + + case IDC_BENCHMARK: + Benchmark (hwndDlg); + return 1; + + case IDC_MORE_INFO_ON_HW_ACCELERATION: + Applink ("hwacceleration", TRUE, ""); + return 1; + + case IDC_MORE_INFO_ON_THREAD_BASED_PARALLELIZATION: + Applink ("parallelization", TRUE, ""); + return 1; + } + + return 0; + } + + return 0; +} + + +static BOOL CALLBACK SecurityTokenPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + LocalizeDialog (hwndDlg, "IDD_TOKEN_PREFERENCES"); + SetDlgItemText (hwndDlg, IDC_PKCS11_MODULE, SecurityTokenLibraryPath); + CheckDlgButton (hwndDlg, IDC_CLOSE_TOKEN_SESSION_AFTER_MOUNT, CloseSecurityTokenSessionsAfterMount ? BST_CHECKED : BST_UNCHECKED); + + SetWindowTextW (GetDlgItem (hwndDlg, IDT_PKCS11_LIB_HELP), GetString("PKCS11_LIB_LOCATION_HELP")); + + return 0; + + case WM_COMMAND: + + switch (lw) + { + case IDCANCEL: + EndDialog (hwndDlg, lw); + return 1; + + case IDOK: + { + wchar_t securityTokenLibraryPath[MAX_PATH]; + GetDlgItemText (hwndDlg, IDC_PKCS11_MODULE, securityTokenLibraryPath, ARRAYSIZE (securityTokenLibraryPath)); + + if (securityTokenLibraryPath[0] == 0) + { + try + { + SecurityToken::CloseLibrary(); + } + catch (...) { } + + SecurityTokenLibraryPath[0] = 0; + } + else + { + wchar_t prevSecurityTokenLibraryPath[MAX_PATH]; + StringCbCopyW (prevSecurityTokenLibraryPath, sizeof(prevSecurityTokenLibraryPath), SecurityTokenLibraryPath); + StringCbCopyW (SecurityTokenLibraryPath, sizeof(SecurityTokenLibraryPath), securityTokenLibraryPath); + + if (!InitSecurityTokenLibrary(hwndDlg)) + { + StringCbCopyW (SecurityTokenLibraryPath, sizeof(SecurityTokenLibraryPath), prevSecurityTokenLibraryPath); + return 1; + } + } + + CloseSecurityTokenSessionsAfterMount = (IsDlgButtonChecked (hwndDlg, IDC_CLOSE_TOKEN_SESSION_AFTER_MOUNT) == BST_CHECKED); + + WaitCursor (); + SaveSettings (hwndDlg); + NormalCursor (); + + EndDialog (hwndDlg, lw); + return 1; + } + + case IDC_AUTO_DETECT_PKCS11_MODULE: + { + wchar_t systemDir[MAX_PATH]; + GetSystemDirectory (systemDir, ARRAYSIZE (systemDir)); + WIN32_FIND_DATA findData; + bool found = false; + + WaitCursor(); + + HANDLE find = FindFirstFile ((wstring (systemDir) + L"\\*.dll").c_str(), &findData); + while (!found && find != INVALID_HANDLE_VALUE) + { + wstring dllPathname = wstring (systemDir) + L"\\" + findData.cFileName; + DWORD fileSize; + + char *file = LoadFile (dllPathname.c_str(), &fileSize); + if (file) + { + const char *functionName = "C_GetFunctionList"; + size_t strLen = strlen (functionName); + + if (fileSize > strLen) + { + for (size_t i = 0; i < fileSize - strLen; ++i) + { + if (memcmp (file + i, functionName, strLen) == 0) + { + HMODULE module = LoadLibrary (dllPathname.c_str()); + if (module) + { + if (GetProcAddress (module, functionName)) + { + SetDlgItemText (hwndDlg, IDC_PKCS11_MODULE, dllPathname.c_str()); + found = true; + + FreeLibrary (module); + break; + } + + FreeLibrary (module); + } + } + } + } + + free (file); + } + + if (!FindNextFile (find, &findData)) + break; + } + + if (find != INVALID_HANDLE_VALUE) + FindClose (find); + + NormalCursor(); + + if (!found) + Warning ("PKCS11_MODULE_AUTO_DETECTION_FAILED", hwndDlg); + + return 1; + } + + case IDC_SELECT_PKCS11_MODULE: + { + wchar_t securityTokenLibraryPath[MAX_PATH]; + wchar_t systemDir[MAX_PATH]; + wchar_t browseFilter[1024]; + + Info ("SELECT_PKCS11_MODULE_HELP", hwndDlg); + + StringCbPrintfW (browseFilter, sizeof(browseFilter), L"%ls (*.dll)%c*.dll%c%c", GetString ("DLL_FILES"), 0, 0, 0); + GetSystemDirectory (systemDir, ARRAYSIZE (systemDir)); + + if (BrowseFilesInDir (hwndDlg, "SELECT_PKCS11_MODULE", systemDir, securityTokenLibraryPath, TRUE, FALSE, browseFilter)) + SetDlgItemText (hwndDlg, IDC_PKCS11_MODULE, securityTokenLibraryPath); + return 1; + } + } + return 0; + } + + return 0; +} + +static BOOL CALLBACK DefaultMountParametersDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + LocalizeDialog (hwndDlg, "IDD_DEFAULT_MOUNT_PARAMETERS"); + + SendMessage (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), BM_SETCHECK, + DefaultVolumeTrueCryptMode ? BST_CHECKED:BST_UNCHECKED, 0); + + /* Populate the PRF algorithms list */ + int i, nIndex, defaultPrfIndex = 0; + HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + + nIndex = (int) SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); + + for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) + { + nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); + if (DefaultVolumePkcs5 && (DefaultVolumePkcs5 == i)) + defaultPrfIndex = nIndex; + } + + /* make autodetection the default unless a specific PRF was specified in the command line */ + SendMessage (hComboBox, CB_SETCURSEL, defaultPrfIndex, 0); + + return 0; + } + + case WM_COMMAND: + + switch (lw) + { + case IDCANCEL: + EndDialog (hwndDlg, lw); + return 1; + + case IDOK: + { + int pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); + BOOL truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); + /* SHA-256 is not supported by TrueCrypt */ + if ( (truecryptMode) + && (pkcs5 == SHA256) + ) + { + Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); + } + else + { + WaitCursor (); + DefaultVolumeTrueCryptMode = truecryptMode; + DefaultVolumePkcs5 = pkcs5; + + SaveSettings (hwndDlg); + + NormalCursor (); + EndDialog (hwndDlg, lw); + } + return 1; + } + + } + return 0; + } + + return 0; +} + +void SecurityTokenPreferencesDialog (HWND hwndDlg) +{ + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_TOKEN_PREFERENCES), hwndDlg, (DLGPROC) SecurityTokenPreferencesDlgProc, 0); +} + + +static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + { + if (!BootEncObj->GetStatus().DriveMounted) + { + Warning ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + try + { + LocalizeDialog (hwndDlg, "IDD_SYSENC_SETTINGS"); + + uint32 driverConfig = ReadDriverConfigurationFlags(); + byte userConfig; + string customUserMessage; + uint16 bootLoaderVersion; + BOOL bPasswordCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD)? TRUE : FALSE; + BOOL bPimCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PIM)? TRUE : FALSE; + + BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion); + + if (bootLoaderVersion != VERSION_NUM) + Warning ("BOOT_LOADER_VERSION_INCORRECT_PREFERENCES", hwndDlg); + + SendMessage (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE), EM_LIMITTEXT, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, 0); + SetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage.c_str()); + + CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_PIM_PROMPT, (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_PIM) ? BST_CHECKED : BST_UNCHECKED); + CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT, (userConfig & TC_BOOT_USER_CFG_FLAG_SILENT_MODE) ? BST_CHECKED : BST_UNCHECKED); + CheckDlgButton (hwndDlg, IDC_ALLOW_ESC_PBA_BYPASS, (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_ESC) ? BST_UNCHECKED : BST_CHECKED); + CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD, bPasswordCacheEnabled ? BST_CHECKED : BST_UNCHECKED); + CheckDlgButton (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION, (driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION) ? BST_CHECKED : BST_UNCHECKED); + EnableWindow (GetDlgItem (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM), bPasswordCacheEnabled); + CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? BST_CHECKED : BST_UNCHECKED); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP), GetString("CUSTOM_BOOT_LOADER_MESSAGE_HELP")); + } + catch (Exception &e) + { + e.Show (hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + } + return 0; + + case WM_COMMAND: + + switch (lw) + { + case IDCANCEL: + EndDialog (hwndDlg, lw); + return 1; + + case IDOK: + { + VOLUME_PROPERTIES_STRUCT prop; + + if (!BootEncObj->GetStatus().DriveMounted) + { + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + try + { + BootEncObj->GetVolumeProperties (&prop); + } + catch (Exception &e) + { + e.Show (hwndDlg); + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + char customUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1]; + GetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage, sizeof (customUserMessage)); + + byte userConfig; + try + { + BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig); + } + catch (Exception &e) + { + e.Show (hwndDlg); + return 1; + } + + if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_PIM_PROMPT)) + userConfig |= TC_BOOT_USER_CFG_FLAG_DISABLE_PIM; + else + userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_PIM; + + if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT)) + userConfig |= TC_BOOT_USER_CFG_FLAG_SILENT_MODE; + else + userConfig &= ~TC_BOOT_USER_CFG_FLAG_SILENT_MODE; + + if (!IsDlgButtonChecked (hwndDlg, IDC_ALLOW_ESC_PBA_BYPASS)) + userConfig |= TC_BOOT_USER_CFG_FLAG_DISABLE_ESC; + else + userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_ESC; + + try + { + BOOL bPasswordCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD); + BOOL bPimCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM); + BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim); + SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD, bPasswordCacheEnabled); + SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? TRUE : FALSE); + SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION, IsDlgButtonChecked (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION)); + } + catch (Exception &e) + { + e.Show (hwndDlg); + return 1; + } + + EndDialog (hwndDlg, lw); + return 1; + } + + case IDC_DISABLE_BOOT_LOADER_PIM_PROMPT: + if ((IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_PIM_PROMPT)) + && AskWarnYesNo ("DISABLE_BOOT_LOADER_PIM_PROMPT", hwndDlg) == IDNO) + { + CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_PIM_PROMPT, BST_UNCHECKED); + } + + case IDC_DISABLE_BOOT_LOADER_OUTPUT: + if ((IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT)) + && AskWarnYesNo ("CUSTOM_BOOT_LOADER_MESSAGE_PROMPT", hwndDlg) == IDNO) + { + CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT, BST_UNCHECKED); + } + + break; + + case IDC_BOOT_LOADER_CACHE_PASSWORD: + if (IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD)) + { + Warning ("BOOT_PASSWORD_CACHE_KEYBOARD_WARNING", hwndDlg); + EnableWindow (GetDlgItem (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM), TRUE); + } + else + { + EnableWindow (GetDlgItem (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM), FALSE); + } + + break; + } + return 0; + } + + return 0; +} + + +void MountSelectedVolume (HWND hwndDlg, BOOL mountWithOptions) +{ + if (!VolumeSelected(hwndDlg)) + { + Warning ("NO_VOLUME_SELECTED", hwndDlg); + } + else if (LOWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) == TC_MLIST_ITEM_FREE) + { + mountOptions = defaultMountOptions; + bPrebootPasswordDlgMode = FALSE; + + if (mountWithOptions || GetAsyncKeyState (VK_CONTROL) < 0) + { + /* Priority is given to command line parameters + * Default values used only when nothing specified in command line + */ + if (CmdVolumePkcs5 == 0) + mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5; + else + mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5; + mountOptions.ProtectedHidVolPim = CmdVolumePim; + if (IDCANCEL == DialogBoxParamW (hInst, + MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg, + (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions)) + return; + + if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles) + { + wchar_t selectedVolume [TC_MAX_PATH + 1]; + GetVolumePath (hwndDlg, selectedVolume, ARRAYSIZE (selectedVolume)); + KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, selectedVolume); + } + } + + if (CheckMountList (hwndDlg, FALSE)) + _beginthread (mountThreadFunction, 0, hwndDlg); + } + else + Warning ("SELECT_FREE_DRIVE", hwndDlg); +} + +static BOOL HandleDriveListMouseWheelEvent (UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL bListMustBePointed) +{ + static BOOL eventHandlerActive = FALSE; + if (eventHandlerActive) + return 0; + + RECT listRect; + int mouseX = GET_X_LPARAM (lParam); + int mouseY = GET_Y_LPARAM (lParam); + + GetWindowRect (GetDlgItem (MainDlg, IDC_DRIVELIST), &listRect); + + // Determine if the mouse pointer is within the main drive list + bool bListPointed = (mouseX >= listRect.left && mouseX <= listRect.right + && mouseY >= listRect.top && mouseY <= listRect.bottom); + + if (bListMustBePointed && bListPointed + || !bListMustBePointed) + { + eventHandlerActive = TRUE; + + if (!bListMustBePointed && bListPointed) + SetFocus (GetDlgItem (MainDlg, IDC_DRIVELIST)); + + SendMessage (GetDlgItem (MainDlg, IDC_DRIVELIST), uMsg, wParam, lParam); + + eventHandlerActive = FALSE; + return 0; // Do not process this event any further e.g. to prevent two lists from being scrolled at once + } + + return 1; +} + + +static LRESULT CALLBACK MouseWheelProc (HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam) +{ + WNDPROC wp = (WNDPROC) GetWindowLongPtrW (hwnd, GWLP_USERDATA); + + switch (message) + { + case WM_MOUSEWHEEL: + + if (HandleDriveListMouseWheelEvent (message, wParam, lParam, TRUE) == 0) + return 0; // Do not process this event any further e.g. to prevent two lists from being scrolled at once + } + + return CallWindowProcW (wp, hwnd, message, wParam, lParam); +} + + +void HookMouseWheel (HWND hwndDlg, UINT ctrlId) +{ + HWND hwndCtrl = GetDlgItem (hwndDlg, ctrlId); + + SetWindowLongPtrW (hwndCtrl, GWLP_USERDATA, (LONG_PTR) GetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC)); + SetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC, (LONG_PTR) MouseWheelProc); +} diff --git a/src/Mount/Mount.h b/src/Mount/Mount.h index 3bf0f78c..8e6a8e15 100644 --- a/src/Mount/Mount.h +++ b/src/Mount/Mount.h @@ -1,133 +1,133 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifdef __cplusplus - -#include "Favorites.h" - -extern "C" { -#endif - -enum mount_list_item_types -{ - TC_MLIST_ITEM_FREE = 0, - TC_MLIST_ITEM_NONSYS_VOL, - TC_MLIST_ITEM_SYS_PARTITION, - TC_MLIST_ITEM_SYS_DRIVE -}; - -#define TC_MAIN_WINDOW_FLAG_ADMIN_PRIVILEGES 0x1 - -#define TRAYICON_MENU_DRIVE_OFFSET 9000 -#define TC_FAVORITE_MENU_CMD_ID_OFFSET 10000 -#define TC_FAVORITE_MENU_CMD_ID_OFFSET_END (TC_FAVORITE_MENU_CMD_ID_OFFSET + 1000) - -#define WM_COPY_SET_VOLUME_NAME "VNAM" - -#define ENC_SYSDRIVE_PSEUDO_DRIVE_LETTER ('A' - 1) - -/* Password Change dialog modes */ -enum -{ - PCDM_CHANGE_PASSWORD = 0, - PCDM_CHANGE_PKCS5_PRF, - PCDM_ADD_REMOVE_VOL_KEYFILES, - PCDM_REMOVE_ALL_KEYFILES_FROM_VOL -}; - -typedef struct -{ - BOOL bHidVolDamagePrevReported[26]; -} VOLUME_NOTIFICATIONS_LIST; - -typedef struct -{ - Password *password; - int* pkcs5; - int* pim; - BOOL* truecryptMode; -} PasswordDlgParam; - -extern VOLUME_NOTIFICATIONS_LIST VolumeNotificationsList; - -extern BOOL bEnableBkgTask; -extern BOOL bCloseBkgTaskWhenNoVolumes; -extern BOOL bPlaySoundOnSuccessfulHkDismount; -extern BOOL bDisplayBalloonOnSuccessfulHkDismount; -extern BOOL bExplore; -extern BOOL bTryEmptyPasswordWhenKeyfileUsed; - -static void localcleanup ( void ); -void EndMainDlg ( HWND hwndDlg ); -void EnableDisableButtons ( HWND hwndDlg ); -BOOL VolumeSelected (HWND hwndDlg ); -void LoadSettings ( HWND hwndDlg ); -void SaveSettings ( HWND hwndDlg ); -BOOL SelectItem ( HWND hTree , wchar_t nLetter ); -void LoadDriveLetters ( HWND hwndDlg, HWND hTree, int drive ); -BOOL CALLBACK PasswordChangeDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); -BOOL CALLBACK PasswordDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); -BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); -void BuildTree ( HWND hwndDlg, HWND hTree ); -LPARAM GetSelectedLong ( HWND hTree ); -LPARAM GetItemLong ( HWND hTree, int itemNo ); -BOOL CALLBACK CommandHelpDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); -BOOL CALLBACK MainDialogProc ( HWND hwndDlg , UINT uMsg , WPARAM wParam , LPARAM lParam ); -void ExtractCommandLine ( HWND hwndDlg , wchar_t *lpszCommandLine ); -static void WipeCache (HWND hwndDlg, BOOL silent); -void OpenVolumeExplorerWindow (int driveNo); -BOOL TaskBarIconAdd (HWND hwnd); -BOOL TaskBarIconRemove (HWND hwnd); -BOOL TaskBarIconChange (HWND hwnd, int iconId); -void DismountIdleVolumes (); -static void SaveDefaultKeyFilesParam (HWND hwnd); -static BOOL Dismount (HWND hwndDlg, int nDosDriveNo); -static BOOL DismountAll (HWND hwndDlg, BOOL forceUnmount, BOOL interact, int dismountMaxRetries, int dismountAutoRetryDelay); -static void KeyfileDefaultsDlg (HWND hwndDlg); -static void HandleHotKey (HWND hwndDlg, WPARAM wParam); -static BOOL CheckMountList (HWND hwndDlg, BOOL bForceTaskBarUpdate); -int GetCipherBlockSizeByDriveNo (int nDosDriveNo); -int GetModeOfOperationByDriveNo (int nDosDriveNo); -void ChangeMainWindowVisibility (); -void LaunchVolCreationWizard (HWND hwndDlg); -BOOL WholeSysDriveEncryption (BOOL bSilent); -BOOL CheckSysEncMountWithoutPBA (HWND hwndDlg, const wchar_t *devicePath, BOOL quiet); -BOOL TCBootLoaderOnInactiveSysEncDrive (wchar_t *szDevicePath); -void CreateRescueDisk (HWND hwndDlg); -int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const wchar_t *lpszVolume); -int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume); -void SecurityTokenPreferencesDialog (HWND hwndDlg); -static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); -static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); -void MountSelectedVolume (HWND hwndDlg, BOOL mountWithOptions); -uint32 ReadDriverConfigurationFlags (); -void HookMouseWheel (HWND hwndDlg, UINT ctrlId); -static BOOL HandleDriveListMouseWheelEvent (UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL bListMustBePointed); -static BOOL CALLBACK DefaultMountParametersDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); - -#ifdef __cplusplus -} - -typedef struct -{ - BOOL systemFavorites; - BOOL logOnMount; - BOOL hotKeyMount; - VeraCrypt::FavoriteVolume* favoriteVolumeToMount; -} mountFavoriteVolumeThreadParam; - -void SetDriverConfigurationFlag (uint32 flag, BOOL state); -BOOL MountFavoriteVolumes (HWND hwnd, BOOL systemFavorites = FALSE, BOOL logOnMount = FALSE, BOOL hotKeyMount = FALSE, const VeraCrypt::FavoriteVolume &favoriteVolumeToMount = VeraCrypt::FavoriteVolume()); -void __cdecl mountFavoriteVolumeThreadFunction (void *pArg); - -#endif +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifdef __cplusplus + +#include "Favorites.h" + +extern "C" { +#endif + +enum mount_list_item_types +{ + TC_MLIST_ITEM_FREE = 0, + TC_MLIST_ITEM_NONSYS_VOL, + TC_MLIST_ITEM_SYS_PARTITION, + TC_MLIST_ITEM_SYS_DRIVE +}; + +#define TC_MAIN_WINDOW_FLAG_ADMIN_PRIVILEGES 0x1 + +#define TRAYICON_MENU_DRIVE_OFFSET 9000 +#define TC_FAVORITE_MENU_CMD_ID_OFFSET 10000 +#define TC_FAVORITE_MENU_CMD_ID_OFFSET_END (TC_FAVORITE_MENU_CMD_ID_OFFSET + 1000) + +#define WM_COPY_SET_VOLUME_NAME "VNAM" + +#define ENC_SYSDRIVE_PSEUDO_DRIVE_LETTER ('A' - 1) + +/* Password Change dialog modes */ +enum +{ + PCDM_CHANGE_PASSWORD = 0, + PCDM_CHANGE_PKCS5_PRF, + PCDM_ADD_REMOVE_VOL_KEYFILES, + PCDM_REMOVE_ALL_KEYFILES_FROM_VOL +}; + +typedef struct +{ + BOOL bHidVolDamagePrevReported[26]; +} VOLUME_NOTIFICATIONS_LIST; + +typedef struct +{ + Password *password; + int* pkcs5; + int* pim; + BOOL* truecryptMode; +} PasswordDlgParam; + +extern VOLUME_NOTIFICATIONS_LIST VolumeNotificationsList; + +extern BOOL bEnableBkgTask; +extern BOOL bCloseBkgTaskWhenNoVolumes; +extern BOOL bPlaySoundOnSuccessfulHkDismount; +extern BOOL bDisplayBalloonOnSuccessfulHkDismount; +extern BOOL bExplore; +extern BOOL bTryEmptyPasswordWhenKeyfileUsed; + +static void localcleanup ( void ); +void EndMainDlg ( HWND hwndDlg ); +void EnableDisableButtons ( HWND hwndDlg ); +BOOL VolumeSelected (HWND hwndDlg ); +void LoadSettings ( HWND hwndDlg ); +void SaveSettings ( HWND hwndDlg ); +BOOL SelectItem ( HWND hTree , wchar_t nLetter ); +void LoadDriveLetters ( HWND hwndDlg, HWND hTree, int drive ); +BOOL CALLBACK PasswordChangeDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); +BOOL CALLBACK PasswordDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); +BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); +void BuildTree ( HWND hwndDlg, HWND hTree ); +LPARAM GetSelectedLong ( HWND hTree ); +LPARAM GetItemLong ( HWND hTree, int itemNo ); +BOOL CALLBACK CommandHelpDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); +BOOL CALLBACK MainDialogProc ( HWND hwndDlg , UINT uMsg , WPARAM wParam , LPARAM lParam ); +void ExtractCommandLine ( HWND hwndDlg , wchar_t *lpszCommandLine ); +static void WipeCache (HWND hwndDlg, BOOL silent); +void OpenVolumeExplorerWindow (int driveNo); +BOOL TaskBarIconAdd (HWND hwnd); +BOOL TaskBarIconRemove (HWND hwnd); +BOOL TaskBarIconChange (HWND hwnd, int iconId); +void DismountIdleVolumes (); +static void SaveDefaultKeyFilesParam (HWND hwnd); +static BOOL Dismount (HWND hwndDlg, int nDosDriveNo); +static BOOL DismountAll (HWND hwndDlg, BOOL forceUnmount, BOOL interact, int dismountMaxRetries, int dismountAutoRetryDelay); +static void KeyfileDefaultsDlg (HWND hwndDlg); +static void HandleHotKey (HWND hwndDlg, WPARAM wParam); +static BOOL CheckMountList (HWND hwndDlg, BOOL bForceTaskBarUpdate); +int GetCipherBlockSizeByDriveNo (int nDosDriveNo); +int GetModeOfOperationByDriveNo (int nDosDriveNo); +void ChangeMainWindowVisibility (); +void LaunchVolCreationWizard (HWND hwndDlg); +BOOL WholeSysDriveEncryption (BOOL bSilent); +BOOL CheckSysEncMountWithoutPBA (HWND hwndDlg, const wchar_t *devicePath, BOOL quiet); +BOOL TCBootLoaderOnInactiveSysEncDrive (wchar_t *szDevicePath); +void CreateRescueDisk (HWND hwndDlg); +int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const wchar_t *lpszVolume); +int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume); +void SecurityTokenPreferencesDialog (HWND hwndDlg); +static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); +static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); +void MountSelectedVolume (HWND hwndDlg, BOOL mountWithOptions); +uint32 ReadDriverConfigurationFlags (); +void HookMouseWheel (HWND hwndDlg, UINT ctrlId); +static BOOL HandleDriveListMouseWheelEvent (UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL bListMustBePointed); +static BOOL CALLBACK DefaultMountParametersDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam); + +#ifdef __cplusplus +} + +typedef struct +{ + BOOL systemFavorites; + BOOL logOnMount; + BOOL hotKeyMount; + VeraCrypt::FavoriteVolume* favoriteVolumeToMount; +} mountFavoriteVolumeThreadParam; + +void SetDriverConfigurationFlag (uint32 flag, BOOL state); +BOOL MountFavoriteVolumes (HWND hwnd, BOOL systemFavorites = FALSE, BOOL logOnMount = FALSE, BOOL hotKeyMount = FALSE, const VeraCrypt::FavoriteVolume &favoriteVolumeToMount = VeraCrypt::FavoriteVolume()); +void __cdecl mountFavoriteVolumeThreadFunction (void *pArg); + +#endif diff --git a/src/Mount/Mount.manifest b/src/Mount/Mount.manifest index 255a867e..5d4cb896 100644 --- a/src/Mount/Mount.manifest +++ b/src/Mount/Mount.manifest @@ -1,33 +1,33 @@ - - - - - - - - - - - - true - - - - - - - - - - - - - + + + + + + + + + + + + true + + + + + + + + + + + + + \ No newline at end of file diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc index 4aad9360..1c45b89c 100644 --- a/src/Mount/Mount.rc +++ b/src/Mount/Mount.rc @@ -1,713 +1,713 @@ -// Microsoft Visual C++ generated resource script. -// -#include "resource.h" - -#define APSTUDIO_READONLY_SYMBOLS -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 2 resource. -// -#include "afxres.h" -#include "..\\common\\resource.h" - -///////////////////////////////////////////////////////////////////////////// -#undef APSTUDIO_READONLY_SYMBOLS - -///////////////////////////////////////////////////////////////////////////// -// English (U.S.) resources - -#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU) -#ifdef _WIN32 -LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US -#pragma code_page(1252) -#endif //_WIN32 - -///////////////////////////////////////////////////////////////////////////// -// -// HEADER -// - -IDR_MOUNT_RSRC_HEADER HEADER "resource.h" - -///////////////////////////////////////////////////////////////////////////// -// -// TYPELIB -// - -IDR_MOUNT_TLB TYPELIB "Mount.tlb" - -///////////////////////////////////////////////////////////////////////////// -// -// Dialog -// - -IDD_PREFERENCES_DLG DIALOGEX 0, 0, 336, 333 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - Preferences" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "Mount volumes as read-only",IDC_PREF_MOUNT_READONLY, - "Button",BS_AUTOCHECKBOX | BS_MULTILINE | WS_TABSTOP,11,11,150,16 - CONTROL "Mount volumes as removable media",IDC_PREF_MOUNT_REMOVABLE, - "Button",BS_AUTOCHECKBOX | BS_MULTILINE | WS_TABSTOP,162,11,165,16 - CONTROL "Enabled",IDC_PREF_BKG_TASK_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,44,111,10 - CONTROL "Exit when there are no mounted volumes",IDC_CLOSE_BKG_TASK_WHEN_NOVOL, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,140,44,188,10 - CONTROL "Start VeraCrypt Background Task",IDC_PREF_LOGON_START, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,75,126,10 - CONTROL "Mount all device-hosted VeraCrypt volumes",IDC_PREF_LOGON_MOUNT_DEVICES, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,140,75,188,10 - CONTROL "User logs off",IDC_PREF_DISMOUNT_LOGOFF,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,81,104,114,11 - CONTROL "User session locked",IDC_PREF_DISMOUNT_SESSION_LOCKED, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,197,105,130,11 - CONTROL "Screen saver is launched",IDC_PREF_DISMOUNT_SCREENSAVER, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,81,116,114,10 - CONTROL "Entering power saving mode",IDC_PREF_DISMOUNT_POWERSAVING, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,197,115,130,11 - CONTROL "Auto-dismount volume after no data has been read/written to it for",IDC_PREF_DISMOUNT_INACTIVE, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,128,246,11 - EDITTEXT IDC_PREF_DISMOUNT_INACTIVE_TIME,258,127,27,12,ES_AUTOHSCROLL | ES_NUMBER,WS_EX_RIGHT - CONTROL "Force auto-dismount even if volume contains open files or directories",IDC_PREF_FORCE_AUTO_DISMOUNT, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,141,294,10 - CONTROL "Open Explorer window for successfully mounted volume",IDC_PREF_OPEN_EXPLORER, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,171,316,11 - CONTROL "Use a different taskbar icon when there are mounted volumes",IDC_PREF_USE_DIFF_TRAY_ICON_IF_VOL_MOUNTED, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,184,314,10 - CONTROL "Preserve modification timestamp of file containers",IDC_PRESERVE_TIMESTAMPS, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,196,316,10 - CONTROL "Make disconnected network drives available for mounting",IDC_SHOW_DISCONNECTED_NETWORK_DRIVES, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,208,316,10 - CONTROL "Cache passwords in driver memory",IDC_PREF_CACHE_PASSWORDS, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,254,146,11 - CONTROL "Wipe cached passwords on exit",IDC_PREF_WIPE_CACHE_ON_EXIT, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,162,254,165,11 - CONTROL "Temporary Cache password during ""Mount Favorite Volumes"" operations",IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,268,294,11 - CONTROL "Wipe cached passwords on auto-dismount",IDC_PREF_WIPE_CACHE_ON_AUTODISMOUNT, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,282,296,11 - CONTROL "Include PIM when caching a password",IDC_PREF_CACHE_PIM, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,296,296,10 - PUSHBUTTON "More Settings...",IDC_MORE_SETTINGS,5,317,85,14 - DEFPUSHBUTTON "OK",IDOK,225,317,50,14 - PUSHBUTTON "Cancel",IDCANCEL,281,317,50,14 - GROUPBOX "Windows",IDT_WINDOWS_RELATED_SETTING,4,160,328,76 - GROUPBOX "Default Mount Options",IDT_DEFAULT_MOUNT_OPTIONS,4,3,328,26 - GROUPBOX "VeraCrypt Background Task",IDT_TASKBAR_ICON,4,33,328,26 - GROUPBOX "Auto-Dismount",IDT_AUTO_DISMOUNT,4,94,328,62 - LTEXT "minutes",IDT_MINUTES,289,129,39,10 - LTEXT "Dismount all when:",IDT_AUTO_DISMOUNT_ON,9,104,71,20 - GROUPBOX "Password Cache",IDT_PW_CACHE_OPTIONS,4,243,328,68 - GROUPBOX "Actions to perform upon logon to Windows",IDT_LOGON,4,63,328,28 - CONTROL "Don't show wait message dialog when performing operations",IDC_HIDE_WAITING_DIALOG, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,220,316,10 -END - -IDD_VOLUME_PROPERTIES DIALOGEX 60, 30, 284, 224 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt Volume Properties" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - DEFPUSHBUTTON "OK",IDOK,114,203,55,14 - CONTROL "",IDC_VOLUME_PROPERTIES_LIST,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,6,269,192 -END - -IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 346, 245 -STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "Change Password or Keyfiles" -CLASS "VeraCryptCustomDlg" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - EDITTEXT IDC_OLD_PASSWORD,89,14,181,13,ES_PASSWORD | ES_AUTOHSCROLL - COMBOBOX IDC_PKCS5_OLD_PRF_ID,89,33,97,90,CBS_DROPDOWNLIST | WS_TABSTOP - CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,193,35,83,10 - EDITTEXT IDC_OLD_PIM,89,51,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE - CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,59,115,10 - CONTROL "Use keyfiles",IDC_ENABLE_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,72,109,10 - PUSHBUTTON "Keyfiles...",IDC_KEYFILES,203,70,67,14 - CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_ORI,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,85,138,10,WS_EX_TRANSPARENT - EDITTEXT IDC_PASSWORD,89,121,181,13,ES_PASSWORD | ES_AUTOHSCROLL - EDITTEXT IDC_VERIFY,89,137,181,13,ES_PASSWORD | ES_AUTOHSCROLL - EDITTEXT IDC_PIM,89,154,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE - CONTROL "Use PIM",IDC_NEW_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,161,97,10 - CONTROL "Use keyfiles",IDC_ENABLE_NEW_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,172,110,11 - PUSHBUTTON "Keyfiles...",IDC_NEW_KEYFILES,202,170,68,14 - CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_NEW,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,184,180,11,WS_EX_TRANSPARENT - COMBOBOX IDC_PKCS5_PRF_ID,89,199,181,90,CBS_DROPDOWNLIST | WS_TABSTOP - COMBOBOX IDC_WIPE_MODE,89,218,181,90,CBS_DROPDOWNLIST | WS_TABSTOP - DEFPUSHBUTTON "OK",IDOK,280,7,59,14 - PUSHBUTTON "Cancel",IDCANCEL,280,24,59,14 - RTEXT "Password:",IDT_PASSWORD,12,16,72,8 - RTEXT "Password:",IDT_NEW_PASSWORD,8,124,76,8 - RTEXT "Confirm Password:",IDT_CONFIRM_PASSWORD,9,140,75,16 - RTEXT "PKCS-5 PRF:",IDT_NEW_PKCS5_PRF,9,200,74,10,SS_CENTERIMAGE - GROUPBOX "Current",IDT_CURRENT,6,3,270,97 - GROUPBOX "New",IDT_NEW,6,108,270,130 - RTEXT "Wipe mode:",IDT_WIPE_MODE,9,220,74,8,0,WS_EX_RIGHT - RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,12,34,74,10,SS_CENTERIMAGE - RTEXT "Volume PIM:",IDT_OLD_PIM,12,54,74,10,NOT WS_VISIBLE - LTEXT "(Empty or 0 for default iterations)",IDC_OLD_PIM_HELP,135,54,196,8,NOT WS_VISIBLE - RTEXT "Volume PIM:",IDT_PIM,9,157,75,16,NOT WS_VISIBLE - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,135,157,197,8,NOT WS_VISIBLE -END - -IDD_MOUNT_DLG DIALOGEX 0, 0, 375, 271 -STYLE DS_SETFONT | DS_SETFOREGROUND | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt" -MENU IDR_MENU -CLASS "VeraCryptCustomDlg" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - CONTROL "",IDC_DRIVELIST,"SysListView32",LVS_REPORT | LVS_SINGLESEL | LVS_SHOWSELALWAYS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,8,5,360,135 - PUSHBUTTON "&Create Volume",IDC_CREATE_VOLUME,16,159,84,14 - PUSHBUTTON "&Volume Properties...",IDC_VOLUME_PROPERTIES,146,159,84,14 - PUSHBUTTON "&Wipe Cache",IDC_WIPE_CACHE,276,159,84,14 - COMBOBOX IDC_VOLUME,56,192,212,74,CBS_DROPDOWN | CBS_AUTOHSCROLL | WS_VSCROLL | WS_TABSTOP - CONTROL "&Never save history",IDC_NO_HISTORY,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,56,213,122,10 - PUSHBUTTON "Volume &Tools...",IDC_VOLUME_TOOLS,184,211,84,14 - PUSHBUTTON "Select &File...",IDC_SELECT_FILE,276,192,84,14 - PUSHBUTTON "Select D&evice...",IDC_SELECT_DEVICE,276,211,84,14 - DEFPUSHBUTTON "OK",IDOK,8,243,84,18,WS_GROUP - PUSHBUTTON "&Auto-Mount Devices",IDC_MOUNTALL,100,243,84,18 - PUSHBUTTON "Di&smount All",IDC_UNMOUNTALL,192,243,84,18,WS_GROUP - PUSHBUTTON "E&xit",IDC_EXIT,284,243,84,18,WS_GROUP - CONTROL 112,IDC_LOGO,"Static",SS_BITMAP | SS_NOTIFY | WS_BORDER,13,190,33,31 - GROUPBOX "Volume",IDT_VOLUME,8,179,360,53 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,2,0,372,147 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,282,242,88,20 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,190,242,88,20 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,6,242,88,20 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,98,242,88,20 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,2,151,372,119 -END - -IDD_PASSWORD_DLG DIALOGEX 0, 0, 330, 103 -STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_VISIBLE | WS_CAPTION -CAPTION "Enter VeraCrypt Volume Password" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - EDITTEXT IDC_PASSWORD,69,8,179,14,ES_PASSWORD | ES_AUTOHSCROLL - COMBOBOX IDC_PKCS5_PRF_ID,69,26,96,90,CBS_DROPDOWNLIST | WS_TABSTOP - CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,170,28,76,10 - EDITTEXT IDC_PIM,69,43,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE - CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,48,97,10 - CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,61,153,10 - CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,74,83,10 - CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,87,99,11 - PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,173,84,75,14 - PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,252,84,69,14 - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,115,46,199,8,NOT WS_VISIBLE - DEFPUSHBUTTON "OK",IDOK,252,8,69,14 - PUSHBUTTON "Cancel",IDCANCEL,252,25,69,14 - RTEXT "Password:",IDT_PASSWORD,0,10,65,13 - RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,27,65,11 - RTEXT "Volume PIM:",IDT_PIM,0,46,65,8,NOT WS_VISIBLE -END - -IDD_TRAVELER_DLG DIALOGEX 0, 0, 300, 299 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt Traveler Disk Setup" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - EDITTEXT IDC_DIRECTORY,17,29,205,13,ES_AUTOHSCROLL | ES_READONLY - PUSHBUTTON "Browse...",IDC_BROWSE_DIRS,228,28,57,14 - CONTROL "Include VeraCrypt Volume Creation Wizard",IDC_COPY_WIZARD, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,19,48,258,10 - CONTROL "Do nothing",IDC_AUTORUN_DISABLE,"Button",BS_AUTORADIOBUTTON,15,115,262,10 - CONTROL "&Start VeraCrypt",IDC_AUTORUN_START,"Button",BS_AUTORADIOBUTTON,15,126,262,11 - CONTROL "&Auto-mount VeraCrypt volume (specified below)",IDC_AUTORUN_MOUNT, - "Button",BS_AUTORADIOBUTTON,15,138,262,11 - EDITTEXT IDC_VOLUME_NAME,21,175,194,13,ES_AUTOHSCROLL | WS_DISABLED - PUSHBUTTON "Browse...",IDC_BROWSE_FILES,221,174,57,14,WS_DISABLED - COMBOBOX IDC_DRIVELIST,120,193,96,69,CBS_DROPDOWNLIST | WS_DISABLED | WS_VSCROLL | WS_TABSTOP - CONTROL "Open &Explorer window for mounted volume",IDC_TRAVEL_OPEN_EXPLORER, - "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,22,211,256,10 - CONTROL "Mount volume as read-&only",IDC_MOUNT_READONLY,"Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,22,224,256,10 - CONTROL "&Cache password in driver memory",IDC_TRAV_CACHE_PASSWORDS, - "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,22,237,256,10 - DEFPUSHBUTTON "Create",IDC_CREATE,173,278,57,14 - PUSHBUTTON "Close",IDCLOSE,236,278,57,14 - GROUPBOX "File Settings",IDT_FILE_SETTINGS,6,7,287,71 - GROUPBOX "AutoRun Configuration (autorun.inf)",IDT_AUTORUN,5,88,288,185 - LTEXT "VeraCrypt volume to mount (relative to traveler disk root):",IDT_TRAVELER_MOUNT,21,165,248,8,WS_DISABLED - RTEXT "Mount volume as drive letter:",IDT_MOUNT_LETTER,18,195,99,8,WS_DISABLED - LTEXT "Create traveler disk files at (traveler disk root directory):",IDT_TRAVEL_ROOT,18,19,259,8 - GROUPBOX "Mount Settings",IDT_MOUNT_SETTINGS,13,152,272,114,WS_DISABLED - LTEXT "Upon insertion of traveler disk: ",IDT_TRAVEL_INSERTION,13,102,263,8 - CONTROL "Include VeraCrypt Volume Expander",IDC_COPY_EXPANDER, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,19,62,258,10 - CONTROL "Include PIM when caching a password",IDC_PREF_CACHE_PIM, - "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,22,250,256,10 -END - -IDD_HOTKEYS_DLG DIALOGEX 0, 0, 389, 257 -STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - System-Wide Hot Keys" -CLASS "VeraCryptCustomDlg" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - CONTROL "",IDC_HOTKEY_LIST,"SysListView32",LVS_REPORT | LVS_SINGLESEL | LVS_SHOWSELALWAYS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,7,375,115 - EDITTEXT IDC_HOTKEY_KEY,108,140,190,13,ES_AUTOHSCROLL - PUSHBUTTON "Assign",IDC_HOTKEY_ASSIGN,304,140,59,14 - CONTROL "Ctrl",IDC_HK_MOD_CTRL,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,109,158,46,10,WS_EX_TRANSPARENT - CONTROL "Shift",IDC_HK_MOD_SHIFT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,162,158,49,10,WS_EX_TRANSPARENT - CONTROL "Alt",IDC_HK_MOD_ALT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,216,158,43,10,WS_EX_TRANSPARENT - CONTROL "Win",IDC_HK_MOD_WIN,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,266,158,34,10,WS_EX_TRANSPARENT - PUSHBUTTON "Remove",IDC_HOTKEY_REMOVE,304,158,59,14 - CONTROL "Play system notification sound after successful hot-key dismount",IDC_HK_DISMOUNT_PLAY_SOUND, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,15,201,348,10 - CONTROL "Display balloon tooltip after successful hot-key dismount",IDC_HK_DISMOUNT_BALLOON_TOOLTIP, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,15,213,351,10,WS_EX_TRANSPARENT - DEFPUSHBUTTON "OK",IDOK,260,236,59,14 - PUSHBUTTON "Cancel",IDCANCEL,323,236,59,14 - PUSHBUTTON "Reset",IDC_RESET_HOTKEYS,7,236,59,14 - RTEXT "Key to assign:",IDT_HOTKEY_KEY,15,142,86,8 - GROUPBOX "Hot Key Options",IDT_DISMOUNT_ACTION,7,188,375,42 - GROUPBOX "Shortcut",IDT_ASSIGN_HOTKEY,7,127,375,53 -END - -IDD_TOKEN_PREFERENCES DIALOGEX 0, 0, 316, 199 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - Security Token Preferences" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - EDITTEXT IDC_PKCS11_MODULE,16,23,204,13,ES_AUTOHSCROLL - PUSHBUTTON "Select &Library...",IDC_SELECT_PKCS11_MODULE,226,22,75,14 - PUSHBUTTON "Auto-&Detect Library",IDC_AUTO_DETECT_PKCS11_MODULE,16,41,112,14 - CONTROL "&Close token session (log out) after a volume is successfully mounted",IDC_CLOSE_TOKEN_SESSION_AFTER_MOUNT, - "Button",BS_AUTOCHECKBOX | WS_GROUP | WS_TABSTOP,16,154,284,9 - DEFPUSHBUTTON "OK",IDOK,205,178,50,14 - PUSHBUTTON "Cancel",IDCANCEL,259,178,50,14 - GROUPBOX "PKCS #11 Library Path",IDT_PKCS11_LIB_PATH,7,7,302,129 - GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,7,140,302,30 - LTEXT "",IDT_PKCS11_LIB_HELP,16,63,286,65 -END - -IDD_SYSENC_SETTINGS DIALOGEX 0, 0, 370, 286 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - System Encryption Settings" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "Do not &show any texts in the pre-boot authentication screen (except the below custom message)",IDC_DISABLE_BOOT_LOADER_OUTPUT, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,37,339,9 - EDITTEXT IDC_CUSTOM_BOOT_LOADER_MESSAGE,18,67,216,14,ES_AUTOHSCROLL - CONTROL "&Cache pre-boot authentication password in driver memory (for mounting of non-system volumes)",IDC_BOOT_LOADER_CACHE_PASSWORD, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,192,339,10 - CONTROL "Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager)",IDC_ALLOW_ESC_PBA_BYPASS, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,222,340,10 - DEFPUSHBUTTON "OK",IDOK,257,262,50,14 - PUSHBUTTON "Cancel",IDCANCEL,313,262,50,14 - LTEXT "Display this custom message in the pre-boot authentication screen (24 characters maximum):",IDT_CUSTOM_BOOT_LOADER_MESSAGE,18,56,337,8 - GROUPBOX "Boot Loader Screen Options",IDT_BOOT_LOADER_SCREEN_OPTIONS,8,7,355,165 - GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,8,177,355,75 - LTEXT "",IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP,18,89,337,73 - CONTROL "Disable ""Evil Maid"" attack detection",IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,237,340,10 - CONTROL "Include PIM when caching pre-boot authentication password",IDC_BOOT_LOADER_CACHE_PIM, - "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,18,207,340,10 - CONTROL "Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk)",IDC_DISABLE_BOOT_LOADER_PIM_PROMPT, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,20,339,9 -END - -IDD_PERFORMANCE_SETTINGS DIALOGEX 0, 0, 370, 248 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - Performance Options" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "",IDC_HW_AES_SUPPORTED_BY_CPU,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,294,21,57,12,WS_EX_CLIENTEDGE - CONTROL "Accelerate AES encryption/decryption by using the AES instructions of the processor (if available)",IDC_ENABLE_HARDWARE_ENCRYPTION, - "Button",BS_AUTOCHECKBOX | BS_MULTILINE | WS_TABSTOP,18,41,340,17 - LTEXT "More information",IDC_MORE_INFO_ON_HW_ACCELERATION,18,61,165,10,SS_NOTIFY - CONTROL "Do not use the following number of processors for encryption/decryption:",IDC_LIMIT_ENC_THREAD_POOL, - "Button",BS_AUTOCHECKBOX | BS_TOP | WS_TABSTOP,18,103,283,11 - COMBOBOX IDC_ENCRYPTION_FREE_CPU_COUNT,304,101,48,51,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP - LTEXT "More information",IDC_MORE_INFO_ON_THREAD_BASED_PARALLELIZATION,18,159,165,10,SS_NOTIFY - PUSHBUTTON "&Benchmark",IDC_BENCHMARK,7,227,59,14 - DEFPUSHBUTTON "OK",IDOK,257,227,50,14 - PUSHBUTTON "Cancel",IDCANCEL,313,227,50,14 - LTEXT "Processor (CPU) in this computer supports hardware acceleration for AES:",IDT_HW_AES_SUPPORTED_BY_CPU,18,23,273,9 - GROUPBOX "Hardware Acceleration",IDT_ACCELERATION_OPTIONS,7,6,355,74 - GROUPBOX "Thread-Based Parallelization",IDT_PARALLELIZATION_OPTIONS,7,84,355,93 - LTEXT "",IDT_LIMIT_ENC_THREAD_POOL_NOTE,18,126,334,33 - GROUPBOX "Driver Configuration",IDT_DRIVER_OPTIONS,7,183,356,36 - CONTROL "Enable extended disk control codes support",IDC_ENABLE_EXTENDED_IOCTL_SUPPORT, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,198,337,10 -END - -IDD_FAVORITE_VOLUMES DIALOGEX 0, 0, 380, 368 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - Favorite Volumes" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "",IDC_FAVORITE_VOLUMES_LIST,"SysListView32",LVS_REPORT | LVS_SINGLESEL | LVS_SHOWSELALWAYS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,7,366,92 - PUSHBUTTON "Move &Up",IDC_FAVORITE_MOVE_UP,7,104,63,14 - PUSHBUTTON "Move &Down",IDC_FAVORITE_MOVE_DOWN,74,104,63,14 - PUSHBUTTON "&Remove",IDC_FAVORITE_REMOVE,310,104,63,14 - EDITTEXT IDC_FAVORITE_LABEL,18,225,344,13,ES_AUTOHSCROLL - CONTROL "Mount selected volume as read-o&nly",IDC_FAVORITE_MOUNT_READONLY, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,255,349,10 - CONTROL "Mount selected volume as remo&vable medium",IDC_FAVORITE_MOUNT_REMOVABLE, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,269,349,10 - CONTROL "Mount selected volume upon log&on",IDC_FAVORITE_MOUNT_ON_LOGON, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,283,349,10 - CONTROL "Mount selected volume when its host device gets &connected",IDC_FAVORITE_MOUNT_ON_ARRIVAL, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,297,349,10 - CONTROL "Open &Explorer window for selected volume when successfully mounted",IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,311,349,11 - CONTROL "Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed",IDC_FAVORITE_DISABLE_HOTKEY, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,326,349,11 - LTEXT "Help on favorite volumes",IDC_FAVORITES_HELP_LINK,17,351,237,10,SS_NOTIFY - DEFPUSHBUTTON "OK",IDOK,269,347,50,14 - PUSHBUTTON "Cancel",IDCANCEL,323,347,50,14 - GROUPBOX "",IDC_FAV_VOL_OPTIONS_GROUP_BOX,7,123,366,219 - LTEXT "Label of selected favorite volume:",IDT_FAVORITE_LABEL,18,215,202,8 - GROUPBOX "Global Settings",IDC_FAV_VOL_OPTIONS_GLOBAL_SETTINGS_BOX,7,300,366,42 - EDITTEXT IDC_PIM,18,183,42,13,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,64,185,189,8 - LTEXT "Volume PIM:",IDT_PIM,18,173,65,8 - CONTROL "Display PIM",IDC_SHOW_PIM,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,199,150,10 - CONTROL "Use favorite label as Explorer drive label",IDC_FAVORITE_USE_LABEL_IN_EXPLORER, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,242,349,10 - LTEXT "Volume ID:",IDT_VOLUME_ID,18,131,57,8 - EDITTEXT IDC_FAVORITE_VOLUME_ID,18,141,344,14,ES_AUTOHSCROLL | ES_READONLY - CONTROL "Use Volume ID to mount favorite",IDC_FAVORITE_USE_VOLUME_ID, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,159,337,10 -END - -IDD_DEFAULT_MOUNT_PARAMETERS DIALOGEX 0, 0, 167, 65 -STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt - Mount Parameters" -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - DEFPUSHBUTTON "OK",IDOK,57,44,50,14 - PUSHBUTTON "Cancel",IDCANCEL,111,44,50,14 - COMBOBOX IDC_PKCS5_PRF_ID,57,24,103,90,CBS_DROPDOWNLIST | WS_TABSTOP - LTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,8,26,44,11 - CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,7,7,76,10 -END - - -///////////////////////////////////////////////////////////////////////////// -// -// DESIGNINFO -// - -#ifdef APSTUDIO_INVOKED -GUIDELINES DESIGNINFO -BEGIN - IDD_PREFERENCES_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 329 - TOPMARGIN, 7 - BOTTOMMARGIN, 331 - END - - IDD_VOLUME_PROPERTIES, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 277 - TOPMARGIN, 7 - BOTTOMMARGIN, 217 - END - - IDD_PASSWORDCHANGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 339 - TOPMARGIN, 7 - BOTTOMMARGIN, 238 - END - - IDD_MOUNT_DLG, DIALOG - BEGIN - RIGHTMARGIN, 369 - BOTTOMMARGIN, 269 - END - - IDD_PASSWORD_DLG, DIALOG - BEGIN - RIGHTMARGIN, 321 - BOTTOMMARGIN, 98 - END - - IDD_TRAVELER_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 293 - TOPMARGIN, 7 - BOTTOMMARGIN, 292 - END - - IDD_HOTKEYS_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 382 - TOPMARGIN, 7 - BOTTOMMARGIN, 250 - END - - IDD_TOKEN_PREFERENCES, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 309 - TOPMARGIN, 7 - BOTTOMMARGIN, 192 - END - - IDD_SYSENC_SETTINGS, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 363 - TOPMARGIN, 7 - BOTTOMMARGIN, 276 - END - - IDD_PERFORMANCE_SETTINGS, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 363 - TOPMARGIN, 7 - BOTTOMMARGIN, 241 - END - - IDD_FAVORITE_VOLUMES, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 373 - TOPMARGIN, 7 - BOTTOMMARGIN, 361 - END - - IDD_DEFAULT_MOUNT_PARAMETERS, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 160 - TOPMARGIN, 7 - BOTTOMMARGIN, 58 - END -END -#endif // APSTUDIO_INVOKED - - -///////////////////////////////////////////////////////////////////////////// -// -// Version -// - -VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,17,22,0 - PRODUCTVERSION 1,17,22,0 - FILEFLAGSMASK 0x17L -#ifdef _DEBUG - FILEFLAGS 0x1L -#else - FILEFLAGS 0x0L -#endif - FILEOS 0x4L - FILETYPE 0x1L - FILESUBTYPE 0x0L -BEGIN - BLOCK "StringFileInfo" - BEGIN - BLOCK "040904b0" - BEGIN - VALUE "CompanyName", "IDRIX" - VALUE "FileDescription", "VeraCrypt" - VALUE "FileVersion", "1.17" - VALUE "LegalTrademarks", "VeraCrypt" - VALUE "OriginalFilename", "VeraCrypt.exe" - VALUE "ProductName", "VeraCrypt" - VALUE "ProductVersion", "1.17" - END - END - BLOCK "VarFileInfo" - BEGIN - VALUE "Translation", 0x409, 1200 - END -END - - -#ifdef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// TEXTINCLUDE -// - -1 TEXTINCLUDE -BEGIN - "resource.h\0" -END - -2 TEXTINCLUDE -BEGIN - "#include ""afxres.h""\r\n" - "#include ""..\\\\common\\\\resource.h""\r\n" - "\0" -END - -3 TEXTINCLUDE -BEGIN - "#include ""..\\\\common\\\\common.rc""\r\n" - "\0" -END - -#endif // APSTUDIO_INVOKED - - -///////////////////////////////////////////////////////////////////////////// -// -// Bitmap -// - -IDB_DRIVEICON BITMAP "Drive_icon_96dpi.bmp" -IDB_DRIVEICON_MASK BITMAP "Drive_icon_mask_96dpi.bmp" -IDB_LOGO_96DPI BITMAP "Logo_96dpi.bmp" -IDB_LOGO_288DPI BITMAP "Logo_288dpi.bmp" -IDB_SYS_DRIVEICON BITMAP "System_drive_icon_96dpi.bmp" -IDB_SYS_DRIVEICON_MASK BITMAP "System_drive_icon_mask_96dpi.bmp" - -///////////////////////////////////////////////////////////////////////////// -// -// Menu -// - -IDR_MENU MENU -BEGIN - POPUP "&Volumes" - BEGIN - MENUITEM "Select File...", IDM_SELECT_FILE - MENUITEM "Select Device...", IDM_SELECT_DEVICE - MENUITEM SEPARATOR - MENUITEM "Create New Volume...", IDM_CREATE_VOLUME - MENUITEM "Permanently Decrypt...", IDM_DECRYPT_NONSYS_VOL - MENUITEM "Resume Interrupted Process", IDM_RESUME_INTERRUPTED_PROC - MENUITEM SEPARATOR - MENUITEM "Mount Volume", IDM_MOUNT_VOLUME - MENUITEM "Mount Volume with Options", IDM_MOUNT_VOLUME_OPTIONS - MENUITEM "Auto-Mount All Device-Hosted Volumes", IDM_MOUNTALL - MENUITEM SEPARATOR - MENUITEM "Dismount Volume", IDM_UNMOUNT_VOLUME - MENUITEM "Dismount All Mounted Volumes", IDM_UNMOUNTALL - MENUITEM SEPARATOR - MENUITEM "Change Volume Password...", IDM_CHANGE_PASSWORD - MENUITEM "Add/Remove Keyfiles to/from Volume...", IDM_ADD_REMOVE_VOL_KEYFILES - MENUITEM "Remove All Keyfiles from Volume...", IDM_REMOVE_ALL_KEYFILES_FROM_VOL - MENUITEM "Set Header Key Derivation Algorithm...", IDM_CHANGE_HEADER_KEY_DERIV_ALGO - MENUITEM SEPARATOR - MENUITEM "Volume Properties", IDM_VOLUME_PROPERTIES - END - POPUP "S&ystem" - BEGIN - MENUITEM "Encrypt System Partition/Drive...", IDM_ENCRYPT_SYSTEM_DEVICE - MENUITEM "Permanently Decrypt System Partition/Drive", IDM_PERMANENTLY_DECRYPT_SYS - MENUITEM "Resume Interrupted Process", IDM_SYSENC_RESUME - MENUITEM SEPARATOR - MENUITEM "Create Hidden Operating System...", IDM_CREATE_HIDDEN_OS - MENUITEM SEPARATOR - MENUITEM "Create Rescue Disk...", IDM_CREATE_RESCUE_DISK - MENUITEM "Verify Rescue Disk", IDM_VERIFY_RESCUE_DISK - MENUITEM "Verify Rescue Disk ISO Image", IDM_VERIFY_RESCUE_DISK_ISO - MENUITEM SEPARATOR - MENUITEM "Mount Without Pre-Boot &Authentication...", IDM_MOUNT_SYSENC_PART_WITHOUT_PBA - MENUITEM SEPARATOR - MENUITEM "Change Password...", IDM_CHANGE_SYS_PASSWORD - MENUITEM "Set Header Key Derivation Algorithm...", IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO - MENUITEM SEPARATOR - MENUITEM "Properties...", IDM_SYSTEM_ENCRYPTION_STATUS - MENUITEM SEPARATOR - MENUITEM "Settings...", IDM_SYS_ENC_SETTINGS - END - POPUP "Favor&ites" - BEGIN - MENUITEM "Add Mounted Volume to Favorites...", IDM_ADD_VOLUME_TO_FAVORITES - MENUITEM "Add Mounted Volume to System Favorites...", IDM_ADD_VOLUME_TO_SYSTEM_FAVORITES - MENUITEM SEPARATOR - MENUITEM "Organize Favorite Volumes...", IDM_ORGANIZE_FAVORITES - MENUITEM "Organize System Favorite Volumes...", IDM_ORGANIZE_SYSTEM_FAVORITES - MENUITEM SEPARATOR - MENUITEM "Mount Favorite Volumes", IDM_MOUNT_FAVORITE_VOLUMES - END - POPUP "T&ools" - BEGIN - MENUITEM "Benchmark...", IDM_BENCHMARK - MENUITEM "Test Vectors...", IDM_TEST_VECTORS - MENUITEM SEPARATOR - MENUITEM "Traveler Disk Setup...", IDM_TRAVELER - MENUITEM "Volume Expander", IDM_VOLUME_EXPANDER - MENUITEM "Volume Creation Wizard", IDM_VOLUME_WIZARD - MENUITEM SEPARATOR - MENUITEM "Keyfile Generator", IDM_KEYFILE_GENERATOR - MENUITEM "Manage Security Token Keyfiles...", IDM_MANAGE_TOKEN_KEYFILES - MENUITEM "Close All Security Token Sessions", IDM_CLOSE_ALL_TOKEN_SESSIONS - MENUITEM SEPARATOR - MENUITEM "Backup Volume Header...", IDM_BACKUP_VOL_HEADER - MENUITEM "Restore Volume Header...", IDM_RESTORE_VOL_HEADER - MENUITEM SEPARATOR - MENUITEM "Refresh Drive Letters", IDM_REFRESH_DRIVE_LETTERS - MENUITEM SEPARATOR - MENUITEM "Clear Volume History", IDM_CLEAR_HISTORY - MENUITEM "Wipe Cached Passwords", IDM_WIPE_CACHE - END - POPUP "Settin&gs" - BEGIN - MENUITEM "Language...", IDM_LANGUAGE - MENUITEM "Hot Keys...", IDM_HOTKEY_SETTINGS - MENUITEM SEPARATOR - MENUITEM "System Encryption...", IDM_SYSENC_SETTINGS - MENUITEM "System Favorite Volumes...", IDM_SYS_FAVORITES_SETTINGS - MENUITEM SEPARATOR - MENUITEM "Performance/Driver Configuration", IDM_PERFORMANCE_SETTINGS - MENUITEM SEPARATOR - MENUITEM "Default Keyfiles...", IDM_DEFAULT_KEYFILES - MENUITEM "Default Mount Parameters...", IDM_DEFAULT_MOUNT_PARAMETERS - MENUITEM "Security Tokens...", IDM_TOKEN_PREFERENCES - MENUITEM SEPARATOR - MENUITEM "Preferences...", IDM_PREFERENCES - END - POPUP "Hel&p" - BEGIN - MENUITEM "User's Guide", IDM_HELP - MENUITEM "Online Help", IDM_ONLINE_HELP - MENUITEM "Beginner's Tutorial", IDM_ONLINE_TUTORIAL - MENUITEM "Frequently Asked Questions", IDM_FAQ - MENUITEM SEPARATOR - MENUITEM "VeraCrypt Website", IDM_WEBSITE - MENUITEM "Downloads", IDM_TC_DOWNLOADS - MENUITEM "News", IDM_NEWS - MENUITEM "Version History", IDM_VERSION_HISTORY - MENUITEM SEPARATOR - MENUITEM "Donate now...", IDM_DONATE - MENUITEM "Contact", IDM_CONTACT - MENUITEM "Legal Notices", IDM_LICENSE - MENUITEM "About", IDM_ABOUT - END - MENUITEM "&Homepage ", IDM_HOMEPAGE -END - - -///////////////////////////////////////////////////////////////////////////// -// -// String Table -// - -STRINGTABLE -BEGIN - IDS_UACSTRING "VeraCrypt" -END - -#endif // English (U.S.) resources -///////////////////////////////////////////////////////////////////////////// - - - -#ifndef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 3 resource. -// -#include "..\\common\\common.rc" - -///////////////////////////////////////////////////////////////////////////// -#endif // not APSTUDIO_INVOKED - +// Microsoft Visual C++ generated resource script. +// +#include "resource.h" + +#define APSTUDIO_READONLY_SYMBOLS +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 2 resource. +// +#include "afxres.h" +#include "..\\common\\resource.h" + +///////////////////////////////////////////////////////////////////////////// +#undef APSTUDIO_READONLY_SYMBOLS + +///////////////////////////////////////////////////////////////////////////// +// English (U.S.) resources + +#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU) +#ifdef _WIN32 +LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US +#pragma code_page(1252) +#endif //_WIN32 + +///////////////////////////////////////////////////////////////////////////// +// +// HEADER +// + +IDR_MOUNT_RSRC_HEADER HEADER "resource.h" + +///////////////////////////////////////////////////////////////////////////// +// +// TYPELIB +// + +IDR_MOUNT_TLB TYPELIB "Mount.tlb" + +///////////////////////////////////////////////////////////////////////////// +// +// Dialog +// + +IDD_PREFERENCES_DLG DIALOGEX 0, 0, 336, 333 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - Preferences" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "Mount volumes as read-only",IDC_PREF_MOUNT_READONLY, + "Button",BS_AUTOCHECKBOX | BS_MULTILINE | WS_TABSTOP,11,11,150,16 + CONTROL "Mount volumes as removable media",IDC_PREF_MOUNT_REMOVABLE, + "Button",BS_AUTOCHECKBOX | BS_MULTILINE | WS_TABSTOP,162,11,165,16 + CONTROL "Enabled",IDC_PREF_BKG_TASK_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,44,111,10 + CONTROL "Exit when there are no mounted volumes",IDC_CLOSE_BKG_TASK_WHEN_NOVOL, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,140,44,188,10 + CONTROL "Start VeraCrypt Background Task",IDC_PREF_LOGON_START, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,75,126,10 + CONTROL "Mount all device-hosted VeraCrypt volumes",IDC_PREF_LOGON_MOUNT_DEVICES, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,140,75,188,10 + CONTROL "User logs off",IDC_PREF_DISMOUNT_LOGOFF,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,81,104,114,11 + CONTROL "User session locked",IDC_PREF_DISMOUNT_SESSION_LOCKED, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,197,105,130,11 + CONTROL "Screen saver is launched",IDC_PREF_DISMOUNT_SCREENSAVER, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,81,116,114,10 + CONTROL "Entering power saving mode",IDC_PREF_DISMOUNT_POWERSAVING, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,197,115,130,11 + CONTROL "Auto-dismount volume after no data has been read/written to it for",IDC_PREF_DISMOUNT_INACTIVE, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,128,246,11 + EDITTEXT IDC_PREF_DISMOUNT_INACTIVE_TIME,258,127,27,12,ES_AUTOHSCROLL | ES_NUMBER,WS_EX_RIGHT + CONTROL "Force auto-dismount even if volume contains open files or directories",IDC_PREF_FORCE_AUTO_DISMOUNT, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,141,294,10 + CONTROL "Open Explorer window for successfully mounted volume",IDC_PREF_OPEN_EXPLORER, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,171,316,11 + CONTROL "Use a different taskbar icon when there are mounted volumes",IDC_PREF_USE_DIFF_TRAY_ICON_IF_VOL_MOUNTED, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,184,314,10 + CONTROL "Preserve modification timestamp of file containers",IDC_PRESERVE_TIMESTAMPS, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,196,316,10 + CONTROL "Make disconnected network drives available for mounting",IDC_SHOW_DISCONNECTED_NETWORK_DRIVES, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,208,316,10 + CONTROL "Cache passwords in driver memory",IDC_PREF_CACHE_PASSWORDS, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,254,146,11 + CONTROL "Wipe cached passwords on exit",IDC_PREF_WIPE_CACHE_ON_EXIT, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,162,254,165,11 + CONTROL "Temporary Cache password during ""Mount Favorite Volumes"" operations",IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,268,294,11 + CONTROL "Wipe cached passwords on auto-dismount",IDC_PREF_WIPE_CACHE_ON_AUTODISMOUNT, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,282,296,11 + CONTROL "Include PIM when caching a password",IDC_PREF_CACHE_PIM, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,296,296,10 + PUSHBUTTON "More Settings...",IDC_MORE_SETTINGS,5,317,85,14 + DEFPUSHBUTTON "OK",IDOK,225,317,50,14 + PUSHBUTTON "Cancel",IDCANCEL,281,317,50,14 + GROUPBOX "Windows",IDT_WINDOWS_RELATED_SETTING,4,160,328,76 + GROUPBOX "Default Mount Options",IDT_DEFAULT_MOUNT_OPTIONS,4,3,328,26 + GROUPBOX "VeraCrypt Background Task",IDT_TASKBAR_ICON,4,33,328,26 + GROUPBOX "Auto-Dismount",IDT_AUTO_DISMOUNT,4,94,328,62 + LTEXT "minutes",IDT_MINUTES,289,129,39,10 + LTEXT "Dismount all when:",IDT_AUTO_DISMOUNT_ON,9,104,71,20 + GROUPBOX "Password Cache",IDT_PW_CACHE_OPTIONS,4,243,328,68 + GROUPBOX "Actions to perform upon logon to Windows",IDT_LOGON,4,63,328,28 + CONTROL "Don't show wait message dialog when performing operations",IDC_HIDE_WAITING_DIALOG, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,220,316,10 +END + +IDD_VOLUME_PROPERTIES DIALOGEX 60, 30, 284, 224 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt Volume Properties" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + DEFPUSHBUTTON "OK",IDOK,114,203,55,14 + CONTROL "",IDC_VOLUME_PROPERTIES_LIST,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,6,269,192 +END + +IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 346, 245 +STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "Change Password or Keyfiles" +CLASS "VeraCryptCustomDlg" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + EDITTEXT IDC_OLD_PASSWORD,89,14,181,13,ES_PASSWORD | ES_AUTOHSCROLL + COMBOBOX IDC_PKCS5_OLD_PRF_ID,89,33,97,90,CBS_DROPDOWNLIST | WS_TABSTOP + CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,193,35,83,10 + EDITTEXT IDC_OLD_PIM,89,51,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE + CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,59,115,10 + CONTROL "Use keyfiles",IDC_ENABLE_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,72,109,10 + PUSHBUTTON "Keyfiles...",IDC_KEYFILES,203,70,67,14 + CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_ORI,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,85,138,10,WS_EX_TRANSPARENT + EDITTEXT IDC_PASSWORD,89,121,181,13,ES_PASSWORD | ES_AUTOHSCROLL + EDITTEXT IDC_VERIFY,89,137,181,13,ES_PASSWORD | ES_AUTOHSCROLL + EDITTEXT IDC_PIM,89,154,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE + CONTROL "Use PIM",IDC_NEW_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,161,97,10 + CONTROL "Use keyfiles",IDC_ENABLE_NEW_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,172,110,11 + PUSHBUTTON "Keyfiles...",IDC_NEW_KEYFILES,202,170,68,14 + CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_NEW,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,184,180,11,WS_EX_TRANSPARENT + COMBOBOX IDC_PKCS5_PRF_ID,89,199,181,90,CBS_DROPDOWNLIST | WS_TABSTOP + COMBOBOX IDC_WIPE_MODE,89,218,181,90,CBS_DROPDOWNLIST | WS_TABSTOP + DEFPUSHBUTTON "OK",IDOK,280,7,59,14 + PUSHBUTTON "Cancel",IDCANCEL,280,24,59,14 + RTEXT "Password:",IDT_PASSWORD,12,16,72,8 + RTEXT "Password:",IDT_NEW_PASSWORD,8,124,76,8 + RTEXT "Confirm Password:",IDT_CONFIRM_PASSWORD,9,140,75,16 + RTEXT "PKCS-5 PRF:",IDT_NEW_PKCS5_PRF,9,200,74,10,SS_CENTERIMAGE + GROUPBOX "Current",IDT_CURRENT,6,3,270,97 + GROUPBOX "New",IDT_NEW,6,108,270,130 + RTEXT "Wipe mode:",IDT_WIPE_MODE,9,220,74,8,0,WS_EX_RIGHT + RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,12,34,74,10,SS_CENTERIMAGE + RTEXT "Volume PIM:",IDT_OLD_PIM,12,54,74,10,NOT WS_VISIBLE + LTEXT "(Empty or 0 for default iterations)",IDC_OLD_PIM_HELP,135,54,196,8,NOT WS_VISIBLE + RTEXT "Volume PIM:",IDT_PIM,9,157,75,16,NOT WS_VISIBLE + LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,135,157,197,8,NOT WS_VISIBLE +END + +IDD_MOUNT_DLG DIALOGEX 0, 0, 375, 271 +STYLE DS_SETFONT | DS_SETFOREGROUND | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt" +MENU IDR_MENU +CLASS "VeraCryptCustomDlg" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + CONTROL "",IDC_DRIVELIST,"SysListView32",LVS_REPORT | LVS_SINGLESEL | LVS_SHOWSELALWAYS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,8,5,360,135 + PUSHBUTTON "&Create Volume",IDC_CREATE_VOLUME,16,159,84,14 + PUSHBUTTON "&Volume Properties...",IDC_VOLUME_PROPERTIES,146,159,84,14 + PUSHBUTTON "&Wipe Cache",IDC_WIPE_CACHE,276,159,84,14 + COMBOBOX IDC_VOLUME,56,192,212,74,CBS_DROPDOWN | CBS_AUTOHSCROLL | WS_VSCROLL | WS_TABSTOP + CONTROL "&Never save history",IDC_NO_HISTORY,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,56,213,122,10 + PUSHBUTTON "Volume &Tools...",IDC_VOLUME_TOOLS,184,211,84,14 + PUSHBUTTON "Select &File...",IDC_SELECT_FILE,276,192,84,14 + PUSHBUTTON "Select D&evice...",IDC_SELECT_DEVICE,276,211,84,14 + DEFPUSHBUTTON "OK",IDOK,8,243,84,18,WS_GROUP + PUSHBUTTON "&Auto-Mount Devices",IDC_MOUNTALL,100,243,84,18 + PUSHBUTTON "Di&smount All",IDC_UNMOUNTALL,192,243,84,18,WS_GROUP + PUSHBUTTON "E&xit",IDC_EXIT,284,243,84,18,WS_GROUP + CONTROL 112,IDC_LOGO,"Static",SS_BITMAP | SS_NOTIFY | WS_BORDER,13,190,33,31 + GROUPBOX "Volume",IDT_VOLUME,8,179,360,53 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,2,0,372,147 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,282,242,88,20 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,190,242,88,20 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,6,242,88,20 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,98,242,88,20 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,2,151,372,119 +END + +IDD_PASSWORD_DLG DIALOGEX 0, 0, 330, 103 +STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_VISIBLE | WS_CAPTION +CAPTION "Enter VeraCrypt Volume Password" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + EDITTEXT IDC_PASSWORD,69,8,179,14,ES_PASSWORD | ES_AUTOHSCROLL + COMBOBOX IDC_PKCS5_PRF_ID,69,26,96,90,CBS_DROPDOWNLIST | WS_TABSTOP + CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,170,28,76,10 + EDITTEXT IDC_PIM,69,43,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE + CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,48,97,10 + CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,61,153,10 + CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,74,83,10 + CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,87,99,11 + PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,173,84,75,14 + PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,252,84,69,14 + LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,115,46,199,8,NOT WS_VISIBLE + DEFPUSHBUTTON "OK",IDOK,252,8,69,14 + PUSHBUTTON "Cancel",IDCANCEL,252,25,69,14 + RTEXT "Password:",IDT_PASSWORD,0,10,65,13 + RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,27,65,11 + RTEXT "Volume PIM:",IDT_PIM,0,46,65,8,NOT WS_VISIBLE +END + +IDD_TRAVELER_DLG DIALOGEX 0, 0, 300, 299 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt Traveler Disk Setup" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + EDITTEXT IDC_DIRECTORY,17,29,205,13,ES_AUTOHSCROLL | ES_READONLY + PUSHBUTTON "Browse...",IDC_BROWSE_DIRS,228,28,57,14 + CONTROL "Include VeraCrypt Volume Creation Wizard",IDC_COPY_WIZARD, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,19,48,258,10 + CONTROL "Do nothing",IDC_AUTORUN_DISABLE,"Button",BS_AUTORADIOBUTTON,15,115,262,10 + CONTROL "&Start VeraCrypt",IDC_AUTORUN_START,"Button",BS_AUTORADIOBUTTON,15,126,262,11 + CONTROL "&Auto-mount VeraCrypt volume (specified below)",IDC_AUTORUN_MOUNT, + "Button",BS_AUTORADIOBUTTON,15,138,262,11 + EDITTEXT IDC_VOLUME_NAME,21,175,194,13,ES_AUTOHSCROLL | WS_DISABLED + PUSHBUTTON "Browse...",IDC_BROWSE_FILES,221,174,57,14,WS_DISABLED + COMBOBOX IDC_DRIVELIST,120,193,96,69,CBS_DROPDOWNLIST | WS_DISABLED | WS_VSCROLL | WS_TABSTOP + CONTROL "Open &Explorer window for mounted volume",IDC_TRAVEL_OPEN_EXPLORER, + "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,22,211,256,10 + CONTROL "Mount volume as read-&only",IDC_MOUNT_READONLY,"Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,22,224,256,10 + CONTROL "&Cache password in driver memory",IDC_TRAV_CACHE_PASSWORDS, + "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,22,237,256,10 + DEFPUSHBUTTON "Create",IDC_CREATE,173,278,57,14 + PUSHBUTTON "Close",IDCLOSE,236,278,57,14 + GROUPBOX "File Settings",IDT_FILE_SETTINGS,6,7,287,71 + GROUPBOX "AutoRun Configuration (autorun.inf)",IDT_AUTORUN,5,88,288,185 + LTEXT "VeraCrypt volume to mount (relative to traveler disk root):",IDT_TRAVELER_MOUNT,21,165,248,8,WS_DISABLED + RTEXT "Mount volume as drive letter:",IDT_MOUNT_LETTER,18,195,99,8,WS_DISABLED + LTEXT "Create traveler disk files at (traveler disk root directory):",IDT_TRAVEL_ROOT,18,19,259,8 + GROUPBOX "Mount Settings",IDT_MOUNT_SETTINGS,13,152,272,114,WS_DISABLED + LTEXT "Upon insertion of traveler disk: ",IDT_TRAVEL_INSERTION,13,102,263,8 + CONTROL "Include VeraCrypt Volume Expander",IDC_COPY_EXPANDER, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,19,62,258,10 + CONTROL "Include PIM when caching a password",IDC_PREF_CACHE_PIM, + "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,22,250,256,10 +END + +IDD_HOTKEYS_DLG DIALOGEX 0, 0, 389, 257 +STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - System-Wide Hot Keys" +CLASS "VeraCryptCustomDlg" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + CONTROL "",IDC_HOTKEY_LIST,"SysListView32",LVS_REPORT | LVS_SINGLESEL | LVS_SHOWSELALWAYS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,7,375,115 + EDITTEXT IDC_HOTKEY_KEY,108,140,190,13,ES_AUTOHSCROLL + PUSHBUTTON "Assign",IDC_HOTKEY_ASSIGN,304,140,59,14 + CONTROL "Ctrl",IDC_HK_MOD_CTRL,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,109,158,46,10,WS_EX_TRANSPARENT + CONTROL "Shift",IDC_HK_MOD_SHIFT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,162,158,49,10,WS_EX_TRANSPARENT + CONTROL "Alt",IDC_HK_MOD_ALT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,216,158,43,10,WS_EX_TRANSPARENT + CONTROL "Win",IDC_HK_MOD_WIN,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,266,158,34,10,WS_EX_TRANSPARENT + PUSHBUTTON "Remove",IDC_HOTKEY_REMOVE,304,158,59,14 + CONTROL "Play system notification sound after successful hot-key dismount",IDC_HK_DISMOUNT_PLAY_SOUND, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,15,201,348,10 + CONTROL "Display balloon tooltip after successful hot-key dismount",IDC_HK_DISMOUNT_BALLOON_TOOLTIP, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,15,213,351,10,WS_EX_TRANSPARENT + DEFPUSHBUTTON "OK",IDOK,260,236,59,14 + PUSHBUTTON "Cancel",IDCANCEL,323,236,59,14 + PUSHBUTTON "Reset",IDC_RESET_HOTKEYS,7,236,59,14 + RTEXT "Key to assign:",IDT_HOTKEY_KEY,15,142,86,8 + GROUPBOX "Hot Key Options",IDT_DISMOUNT_ACTION,7,188,375,42 + GROUPBOX "Shortcut",IDT_ASSIGN_HOTKEY,7,127,375,53 +END + +IDD_TOKEN_PREFERENCES DIALOGEX 0, 0, 316, 199 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - Security Token Preferences" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + EDITTEXT IDC_PKCS11_MODULE,16,23,204,13,ES_AUTOHSCROLL + PUSHBUTTON "Select &Library...",IDC_SELECT_PKCS11_MODULE,226,22,75,14 + PUSHBUTTON "Auto-&Detect Library",IDC_AUTO_DETECT_PKCS11_MODULE,16,41,112,14 + CONTROL "&Close token session (log out) after a volume is successfully mounted",IDC_CLOSE_TOKEN_SESSION_AFTER_MOUNT, + "Button",BS_AUTOCHECKBOX | WS_GROUP | WS_TABSTOP,16,154,284,9 + DEFPUSHBUTTON "OK",IDOK,205,178,50,14 + PUSHBUTTON "Cancel",IDCANCEL,259,178,50,14 + GROUPBOX "PKCS #11 Library Path",IDT_PKCS11_LIB_PATH,7,7,302,129 + GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,7,140,302,30 + LTEXT "",IDT_PKCS11_LIB_HELP,16,63,286,65 +END + +IDD_SYSENC_SETTINGS DIALOGEX 0, 0, 370, 286 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - System Encryption Settings" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "Do not &show any texts in the pre-boot authentication screen (except the below custom message)",IDC_DISABLE_BOOT_LOADER_OUTPUT, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,37,339,9 + EDITTEXT IDC_CUSTOM_BOOT_LOADER_MESSAGE,18,67,216,14,ES_AUTOHSCROLL + CONTROL "&Cache pre-boot authentication password in driver memory (for mounting of non-system volumes)",IDC_BOOT_LOADER_CACHE_PASSWORD, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,192,339,10 + CONTROL "Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager)",IDC_ALLOW_ESC_PBA_BYPASS, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,222,340,10 + DEFPUSHBUTTON "OK",IDOK,257,262,50,14 + PUSHBUTTON "Cancel",IDCANCEL,313,262,50,14 + LTEXT "Display this custom message in the pre-boot authentication screen (24 characters maximum):",IDT_CUSTOM_BOOT_LOADER_MESSAGE,18,56,337,8 + GROUPBOX "Boot Loader Screen Options",IDT_BOOT_LOADER_SCREEN_OPTIONS,8,7,355,165 + GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,8,177,355,75 + LTEXT "",IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP,18,89,337,73 + CONTROL "Disable ""Evil Maid"" attack detection",IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,237,340,10 + CONTROL "Include PIM when caching pre-boot authentication password",IDC_BOOT_LOADER_CACHE_PIM, + "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,18,207,340,10 + CONTROL "Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk)",IDC_DISABLE_BOOT_LOADER_PIM_PROMPT, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,20,339,9 +END + +IDD_PERFORMANCE_SETTINGS DIALOGEX 0, 0, 370, 248 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - Performance Options" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "",IDC_HW_AES_SUPPORTED_BY_CPU,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,294,21,57,12,WS_EX_CLIENTEDGE + CONTROL "Accelerate AES encryption/decryption by using the AES instructions of the processor (if available)",IDC_ENABLE_HARDWARE_ENCRYPTION, + "Button",BS_AUTOCHECKBOX | BS_MULTILINE | WS_TABSTOP,18,41,340,17 + LTEXT "More information",IDC_MORE_INFO_ON_HW_ACCELERATION,18,61,165,10,SS_NOTIFY + CONTROL "Do not use the following number of processors for encryption/decryption:",IDC_LIMIT_ENC_THREAD_POOL, + "Button",BS_AUTOCHECKBOX | BS_TOP | WS_TABSTOP,18,103,283,11 + COMBOBOX IDC_ENCRYPTION_FREE_CPU_COUNT,304,101,48,51,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP + LTEXT "More information",IDC_MORE_INFO_ON_THREAD_BASED_PARALLELIZATION,18,159,165,10,SS_NOTIFY + PUSHBUTTON "&Benchmark",IDC_BENCHMARK,7,227,59,14 + DEFPUSHBUTTON "OK",IDOK,257,227,50,14 + PUSHBUTTON "Cancel",IDCANCEL,313,227,50,14 + LTEXT "Processor (CPU) in this computer supports hardware acceleration for AES:",IDT_HW_AES_SUPPORTED_BY_CPU,18,23,273,9 + GROUPBOX "Hardware Acceleration",IDT_ACCELERATION_OPTIONS,7,6,355,74 + GROUPBOX "Thread-Based Parallelization",IDT_PARALLELIZATION_OPTIONS,7,84,355,93 + LTEXT "",IDT_LIMIT_ENC_THREAD_POOL_NOTE,18,126,334,33 + GROUPBOX "Driver Configuration",IDT_DRIVER_OPTIONS,7,183,356,36 + CONTROL "Enable extended disk control codes support",IDC_ENABLE_EXTENDED_IOCTL_SUPPORT, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,198,337,10 +END + +IDD_FAVORITE_VOLUMES DIALOGEX 0, 0, 380, 368 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - Favorite Volumes" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "",IDC_FAVORITE_VOLUMES_LIST,"SysListView32",LVS_REPORT | LVS_SINGLESEL | LVS_SHOWSELALWAYS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,7,366,92 + PUSHBUTTON "Move &Up",IDC_FAVORITE_MOVE_UP,7,104,63,14 + PUSHBUTTON "Move &Down",IDC_FAVORITE_MOVE_DOWN,74,104,63,14 + PUSHBUTTON "&Remove",IDC_FAVORITE_REMOVE,310,104,63,14 + EDITTEXT IDC_FAVORITE_LABEL,18,225,344,13,ES_AUTOHSCROLL + CONTROL "Mount selected volume as read-o&nly",IDC_FAVORITE_MOUNT_READONLY, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,255,349,10 + CONTROL "Mount selected volume as remo&vable medium",IDC_FAVORITE_MOUNT_REMOVABLE, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,269,349,10 + CONTROL "Mount selected volume upon log&on",IDC_FAVORITE_MOUNT_ON_LOGON, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,283,349,10 + CONTROL "Mount selected volume when its host device gets &connected",IDC_FAVORITE_MOUNT_ON_ARRIVAL, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,297,349,10 + CONTROL "Open &Explorer window for selected volume when successfully mounted",IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,311,349,11 + CONTROL "Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed",IDC_FAVORITE_DISABLE_HOTKEY, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,326,349,11 + LTEXT "Help on favorite volumes",IDC_FAVORITES_HELP_LINK,17,351,237,10,SS_NOTIFY + DEFPUSHBUTTON "OK",IDOK,269,347,50,14 + PUSHBUTTON "Cancel",IDCANCEL,323,347,50,14 + GROUPBOX "",IDC_FAV_VOL_OPTIONS_GROUP_BOX,7,123,366,219 + LTEXT "Label of selected favorite volume:",IDT_FAVORITE_LABEL,18,215,202,8 + GROUPBOX "Global Settings",IDC_FAV_VOL_OPTIONS_GLOBAL_SETTINGS_BOX,7,300,366,42 + EDITTEXT IDC_PIM,18,183,42,13,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER + LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,64,185,189,8 + LTEXT "Volume PIM:",IDT_PIM,18,173,65,8 + CONTROL "Display PIM",IDC_SHOW_PIM,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,199,150,10 + CONTROL "Use favorite label as Explorer drive label",IDC_FAVORITE_USE_LABEL_IN_EXPLORER, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,242,349,10 + LTEXT "Volume ID:",IDT_VOLUME_ID,18,131,57,8 + EDITTEXT IDC_FAVORITE_VOLUME_ID,18,141,344,14,ES_AUTOHSCROLL | ES_READONLY + CONTROL "Use Volume ID to mount favorite",IDC_FAVORITE_USE_VOLUME_ID, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,159,337,10 +END + +IDD_DEFAULT_MOUNT_PARAMETERS DIALOGEX 0, 0, 167, 65 +STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt - Mount Parameters" +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + DEFPUSHBUTTON "OK",IDOK,57,44,50,14 + PUSHBUTTON "Cancel",IDCANCEL,111,44,50,14 + COMBOBOX IDC_PKCS5_PRF_ID,57,24,103,90,CBS_DROPDOWNLIST | WS_TABSTOP + LTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,8,26,44,11 + CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,7,7,76,10 +END + + +///////////////////////////////////////////////////////////////////////////// +// +// DESIGNINFO +// + +#ifdef APSTUDIO_INVOKED +GUIDELINES DESIGNINFO +BEGIN + IDD_PREFERENCES_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 329 + TOPMARGIN, 7 + BOTTOMMARGIN, 331 + END + + IDD_VOLUME_PROPERTIES, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 277 + TOPMARGIN, 7 + BOTTOMMARGIN, 217 + END + + IDD_PASSWORDCHANGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 339 + TOPMARGIN, 7 + BOTTOMMARGIN, 238 + END + + IDD_MOUNT_DLG, DIALOG + BEGIN + RIGHTMARGIN, 369 + BOTTOMMARGIN, 269 + END + + IDD_PASSWORD_DLG, DIALOG + BEGIN + RIGHTMARGIN, 321 + BOTTOMMARGIN, 98 + END + + IDD_TRAVELER_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 293 + TOPMARGIN, 7 + BOTTOMMARGIN, 292 + END + + IDD_HOTKEYS_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 382 + TOPMARGIN, 7 + BOTTOMMARGIN, 250 + END + + IDD_TOKEN_PREFERENCES, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 309 + TOPMARGIN, 7 + BOTTOMMARGIN, 192 + END + + IDD_SYSENC_SETTINGS, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 363 + TOPMARGIN, 7 + BOTTOMMARGIN, 276 + END + + IDD_PERFORMANCE_SETTINGS, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 363 + TOPMARGIN, 7 + BOTTOMMARGIN, 241 + END + + IDD_FAVORITE_VOLUMES, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 373 + TOPMARGIN, 7 + BOTTOMMARGIN, 361 + END + + IDD_DEFAULT_MOUNT_PARAMETERS, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 160 + TOPMARGIN, 7 + BOTTOMMARGIN, 58 + END +END +#endif // APSTUDIO_INVOKED + + +///////////////////////////////////////////////////////////////////////////// +// +// Version +// + +VS_VERSION_INFO VERSIONINFO + FILEVERSION 1,17,22,0 + PRODUCTVERSION 1,17,22,0 + FILEFLAGSMASK 0x17L +#ifdef _DEBUG + FILEFLAGS 0x1L +#else + FILEFLAGS 0x0L +#endif + FILEOS 0x4L + FILETYPE 0x1L + FILESUBTYPE 0x0L +BEGIN + BLOCK "StringFileInfo" + BEGIN + BLOCK "040904b0" + BEGIN + VALUE "CompanyName", "IDRIX" + VALUE "FileDescription", "VeraCrypt" + VALUE "FileVersion", "1.17" + VALUE "LegalTrademarks", "VeraCrypt" + VALUE "OriginalFilename", "VeraCrypt.exe" + VALUE "ProductName", "VeraCrypt" + VALUE "ProductVersion", "1.17" + END + END + BLOCK "VarFileInfo" + BEGIN + VALUE "Translation", 0x409, 1200 + END +END + + +#ifdef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// TEXTINCLUDE +// + +1 TEXTINCLUDE +BEGIN + "resource.h\0" +END + +2 TEXTINCLUDE +BEGIN + "#include ""afxres.h""\r\n" + "#include ""..\\\\common\\\\resource.h""\r\n" + "\0" +END + +3 TEXTINCLUDE +BEGIN + "#include ""..\\\\common\\\\common.rc""\r\n" + "\0" +END + +#endif // APSTUDIO_INVOKED + + +///////////////////////////////////////////////////////////////////////////// +// +// Bitmap +// + +IDB_DRIVEICON BITMAP "Drive_icon_96dpi.bmp" +IDB_DRIVEICON_MASK BITMAP "Drive_icon_mask_96dpi.bmp" +IDB_LOGO_96DPI BITMAP "Logo_96dpi.bmp" +IDB_LOGO_288DPI BITMAP "Logo_288dpi.bmp" +IDB_SYS_DRIVEICON BITMAP "System_drive_icon_96dpi.bmp" +IDB_SYS_DRIVEICON_MASK BITMAP "System_drive_icon_mask_96dpi.bmp" + +///////////////////////////////////////////////////////////////////////////// +// +// Menu +// + +IDR_MENU MENU +BEGIN + POPUP "&Volumes" + BEGIN + MENUITEM "Select File...", IDM_SELECT_FILE + MENUITEM "Select Device...", IDM_SELECT_DEVICE + MENUITEM SEPARATOR + MENUITEM "Create New Volume...", IDM_CREATE_VOLUME + MENUITEM "Permanently Decrypt...", IDM_DECRYPT_NONSYS_VOL + MENUITEM "Resume Interrupted Process", IDM_RESUME_INTERRUPTED_PROC + MENUITEM SEPARATOR + MENUITEM "Mount Volume", IDM_MOUNT_VOLUME + MENUITEM "Mount Volume with Options", IDM_MOUNT_VOLUME_OPTIONS + MENUITEM "Auto-Mount All Device-Hosted Volumes", IDM_MOUNTALL + MENUITEM SEPARATOR + MENUITEM "Dismount Volume", IDM_UNMOUNT_VOLUME + MENUITEM "Dismount All Mounted Volumes", IDM_UNMOUNTALL + MENUITEM SEPARATOR + MENUITEM "Change Volume Password...", IDM_CHANGE_PASSWORD + MENUITEM "Add/Remove Keyfiles to/from Volume...", IDM_ADD_REMOVE_VOL_KEYFILES + MENUITEM "Remove All Keyfiles from Volume...", IDM_REMOVE_ALL_KEYFILES_FROM_VOL + MENUITEM "Set Header Key Derivation Algorithm...", IDM_CHANGE_HEADER_KEY_DERIV_ALGO + MENUITEM SEPARATOR + MENUITEM "Volume Properties", IDM_VOLUME_PROPERTIES + END + POPUP "S&ystem" + BEGIN + MENUITEM "Encrypt System Partition/Drive...", IDM_ENCRYPT_SYSTEM_DEVICE + MENUITEM "Permanently Decrypt System Partition/Drive", IDM_PERMANENTLY_DECRYPT_SYS + MENUITEM "Resume Interrupted Process", IDM_SYSENC_RESUME + MENUITEM SEPARATOR + MENUITEM "Create Hidden Operating System...", IDM_CREATE_HIDDEN_OS + MENUITEM SEPARATOR + MENUITEM "Create Rescue Disk...", IDM_CREATE_RESCUE_DISK + MENUITEM "Verify Rescue Disk", IDM_VERIFY_RESCUE_DISK + MENUITEM "Verify Rescue Disk ISO Image", IDM_VERIFY_RESCUE_DISK_ISO + MENUITEM SEPARATOR + MENUITEM "Mount Without Pre-Boot &Authentication...", IDM_MOUNT_SYSENC_PART_WITHOUT_PBA + MENUITEM SEPARATOR + MENUITEM "Change Password...", IDM_CHANGE_SYS_PASSWORD + MENUITEM "Set Header Key Derivation Algorithm...", IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO + MENUITEM SEPARATOR + MENUITEM "Properties...", IDM_SYSTEM_ENCRYPTION_STATUS + MENUITEM SEPARATOR + MENUITEM "Settings...", IDM_SYS_ENC_SETTINGS + END + POPUP "Favor&ites" + BEGIN + MENUITEM "Add Mounted Volume to Favorites...", IDM_ADD_VOLUME_TO_FAVORITES + MENUITEM "Add Mounted Volume to System Favorites...", IDM_ADD_VOLUME_TO_SYSTEM_FAVORITES + MENUITEM SEPARATOR + MENUITEM "Organize Favorite Volumes...", IDM_ORGANIZE_FAVORITES + MENUITEM "Organize System Favorite Volumes...", IDM_ORGANIZE_SYSTEM_FAVORITES + MENUITEM SEPARATOR + MENUITEM "Mount Favorite Volumes", IDM_MOUNT_FAVORITE_VOLUMES + END + POPUP "T&ools" + BEGIN + MENUITEM "Benchmark...", IDM_BENCHMARK + MENUITEM "Test Vectors...", IDM_TEST_VECTORS + MENUITEM SEPARATOR + MENUITEM "Traveler Disk Setup...", IDM_TRAVELER + MENUITEM "Volume Expander", IDM_VOLUME_EXPANDER + MENUITEM "Volume Creation Wizard", IDM_VOLUME_WIZARD + MENUITEM SEPARATOR + MENUITEM "Keyfile Generator", IDM_KEYFILE_GENERATOR + MENUITEM "Manage Security Token Keyfiles...", IDM_MANAGE_TOKEN_KEYFILES + MENUITEM "Close All Security Token Sessions", IDM_CLOSE_ALL_TOKEN_SESSIONS + MENUITEM SEPARATOR + MENUITEM "Backup Volume Header...", IDM_BACKUP_VOL_HEADER + MENUITEM "Restore Volume Header...", IDM_RESTORE_VOL_HEADER + MENUITEM SEPARATOR + MENUITEM "Refresh Drive Letters", IDM_REFRESH_DRIVE_LETTERS + MENUITEM SEPARATOR + MENUITEM "Clear Volume History", IDM_CLEAR_HISTORY + MENUITEM "Wipe Cached Passwords", IDM_WIPE_CACHE + END + POPUP "Settin&gs" + BEGIN + MENUITEM "Language...", IDM_LANGUAGE + MENUITEM "Hot Keys...", IDM_HOTKEY_SETTINGS + MENUITEM SEPARATOR + MENUITEM "System Encryption...", IDM_SYSENC_SETTINGS + MENUITEM "System Favorite Volumes...", IDM_SYS_FAVORITES_SETTINGS + MENUITEM SEPARATOR + MENUITEM "Performance/Driver Configuration", IDM_PERFORMANCE_SETTINGS + MENUITEM SEPARATOR + MENUITEM "Default Keyfiles...", IDM_DEFAULT_KEYFILES + MENUITEM "Default Mount Parameters...", IDM_DEFAULT_MOUNT_PARAMETERS + MENUITEM "Security Tokens...", IDM_TOKEN_PREFERENCES + MENUITEM SEPARATOR + MENUITEM "Preferences...", IDM_PREFERENCES + END + POPUP "Hel&p" + BEGIN + MENUITEM "User's Guide", IDM_HELP + MENUITEM "Online Help", IDM_ONLINE_HELP + MENUITEM "Beginner's Tutorial", IDM_ONLINE_TUTORIAL + MENUITEM "Frequently Asked Questions", IDM_FAQ + MENUITEM SEPARATOR + MENUITEM "VeraCrypt Website", IDM_WEBSITE + MENUITEM "Downloads", IDM_TC_DOWNLOADS + MENUITEM "News", IDM_NEWS + MENUITEM "Version History", IDM_VERSION_HISTORY + MENUITEM SEPARATOR + MENUITEM "Donate now...", IDM_DONATE + MENUITEM "Contact", IDM_CONTACT + MENUITEM "Legal Notices", IDM_LICENSE + MENUITEM "About", IDM_ABOUT + END + MENUITEM "&Homepage ", IDM_HOMEPAGE +END + + +///////////////////////////////////////////////////////////////////////////// +// +// String Table +// + +STRINGTABLE +BEGIN + IDS_UACSTRING "VeraCrypt" +END + +#endif // English (U.S.) resources +///////////////////////////////////////////////////////////////////////////// + + + +#ifndef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 3 resource. +// +#include "..\\common\\common.rc" + +///////////////////////////////////////////////////////////////////////////// +#endif // not APSTUDIO_INVOKED + diff --git a/src/Mount/Mount.vcproj b/src/Mount/Mount.vcproj index 64163c7c..c9a6ebc5 100644 --- a/src/Mount/Mount.vcproj +++ b/src/Mount/Mount.vcproj @@ -1,1027 +1,1027 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h index 210cfde2..fee7905b 100644 --- a/src/Mount/Resource.h +++ b/src/Mount/Resource.h @@ -1,263 +1,263 @@ -//{{NO_DEPENDENCIES}} -// Microsoft Visual C++ generated include file. -// Used by Mount.rc -// -#define IDR_MOUNT_TLB 1 -#define IDD_MOUNT_DLG 101 -#define IDD_PASSWORDCHANGE_DLG 102 -#define IDB_DRIVEICON 103 -#define IDD_PASSWORD_DLG 104 -#define IDB_DRIVEICON_MASK 105 -#define IDR_MENU 106 -#define IDD_PREFERENCES_DLG 107 -#define IDD_VOLUME_PROPERTIES 108 -#define IDR_MOUNT_RSRC_HEADER 109 -#define IDS_UACSTRING 110 -#define IDB_LOGO_288DPI 111 -#define IDB_LOGO_96DPI 112 -#define IDB_SYS_DRIVEICON 113 -#define IDB_SYS_DRIVEICON_MASK 114 -#define IDD_TOKEN_PREFERENCES 115 -#define IDD_SYSENC_SETTINGS 116 -#define IDD_FAVORITE_VOLUMES 117 -#define IDD_DEFAULT_MOUNT_PARAMETERS 118 -#define IDC_PREF_MOUNT_READONLY 1000 -#define IDC_PREF_MOUNT_REMOVABLE 1001 -#define IDC_VERIFY 1002 -#define IDC_PREF_BKG_TASK_ENABLE 1003 -#define IDC_OLD_PASSWORD 1004 -#define IDC_CACHE 1005 -#define IDC_NO_HISTORY 1006 -#define IDC_DRIVELIST 1007 -#define IDC_PREF_OPEN_EXPLORER 1008 -#define IDC_ENABLE_KEYFILES 1009 -#define IDC_VOLUME_PROPERTIES_LIST 1010 -#define IDC_PREF_USE_DIFF_TRAY_ICON_IF_VOL_MOUNTED 1011 -#define IDC_ENABLE_NEW_KEYFILES 1012 -#define IDC_PRESERVE_TIMESTAMPS 1013 -#define IDC_PREF_WIPE_CACHE_ON_EXIT 1014 -#define IDC_PREF_CACHE_PASSWORDS 1016 -#define IDC_DIRECTORY 1017 -#define IDC_PREF_DISMOUNT_LOGOFF 1018 -#define IDC_BROWSE_DIRS 1019 -#define IDC_PREF_DISMOUNT_INACTIVE 1020 -#define IDC_AUTORUN_DISABLE 1021 -#define IDC_AUTORUN_START 1022 -#define IDC_BENCHMARK 1023 -#define IDC_AUTORUN_MOUNT 1024 -#define IDC_VOLUME_NAME 1025 -#define IDC_COPY_WIZARD 1026 -#define IDC_MOUNT_OPTIONS 1027 -#define IDT_TRAVELER_MOUNT 1028 -#define IDT_MOUNT_LETTER 1029 -#define IDT_MOUNT_SETTINGS 1030 -#define IDC_KEY_FILES 1031 -#define IDC_NEW_KEYFILES 1032 -#define IDC_KEYFILES 1033 -#define IDC_VOLUME 1034 -#define IDC_PASSWORD 1035 -#define IDC_BROWSE_FILES 1036 -#define IDC_SELECT_DEVICE 1037 -#define IDC_CREATE_VOLUME 1038 -#define IDC_VOLUME_TOOLS 1039 -#define IDC_WIPE_CACHE 1040 -#define IDC_MOUNTALL 1041 -#define IDD_TRAVELER_DLG 1042 -#define IDC_SELECT_FILE 1043 -#define IDD_HOTKEYS_DLG 1044 -#define IDC_VOLUME_PROPERTIES 1045 -#define IDT_FILE_SETTINGS 1046 -#define IDD_PERFORMANCE_SETTINGS 1047 -#define IDT_AUTORUN 1048 -#define IDT_TRAVEL_INSERTION 1049 -#define IDT_TRAVEL_ROOT 1050 -#define IDT_VOLUME 1051 -#define IDT_PASSWORD 1052 -#define IDT_CURRENT 1053 -#define IDT_NEW 1054 -#define IDT_NEW_PASSWORD 1055 -#define IDT_CONFIRM_PASSWORD 1056 -#define IDT_PW_CACHE_OPTIONS 1058 -#define IDT_DEFAULT_MOUNT_OPTIONS 1059 -#define IDT_WINDOWS_RELATED_SETTING 1060 -#define IDC_CREATE 1061 -#define IDC_EXIT 1062 -#define IDC_TRAVEL_OPEN_EXPLORER 1063 -#define IDC_TRAV_CACHE_PASSWORDS 1064 -#define IDC_UNMOUNTALL 1065 -#define IDT_TASKBAR_ICON 1066 -#define IDT_AUTO_DISMOUNT 1067 -#define IDC_PREF_FORCE_AUTO_DISMOUNT 1068 -#define IDC_PREF_DISMOUNT_INACTIVE_TIME 1069 -#define IDT_MINUTES 1070 -#define IDC_PREF_DISMOUNT_SCREENSAVER 1071 -#define IDC_PREF_DISMOUNT_POWERSAVING 1072 -#define IDT_AUTO_DISMOUNT_ON 1073 -#define IDC_PREF_WIPE_CACHE_ON_AUTODISMOUNT 1074 -#define IDC_CLOSE_BKG_TASK_WHEN_NOVOL 1075 -#define IDC_MORE_INFO_ON_HW_ACCELERATION 1076 -#define IDT_LOGON 1077 -#define IDC_MORE_INFO_ON_THREAD_BASED_PARALLELIZATION 1078 -#define IDC_PREF_LOGON_START 1079 -#define IDC_PREF_LOGON_MOUNT_DEVICES 1080 -#define IDC_SHOW_PASSWORD_CHPWD_NEW 1081 -#define IDC_HK_DISMOUNT_BALLOON_TOOLTIP 1082 -#define IDC_SHOW_PASSWORD_CHPWD_ORI 1083 -#define IDC_HK_DISMOUNT_PLAY_SOUND 1084 -#define IDC_HOTKEY_ASSIGN 1085 -#define IDC_HOTKEY_REMOVE 1086 -#define IDC_HOTKEY_KEY 1087 -#define IDT_HOTKEY_KEY 1088 -#define IDC_HOTKEY_LIST 1089 -#define IDC_RESET_HOTKEYS 1090 -#define IDT_DISMOUNT_ACTION 1091 -#define IDT_ASSIGN_HOTKEY 1092 -#define IDC_HK_MOD_SHIFT 1093 -#define IDC_HK_MOD_CTRL 1094 -#define IDC_HK_MOD_ALT 1095 -#define IDC_HK_MOD_WIN 1096 -#define IDC_SHOW_PASSWORD 1097 -#define IDC_LOGO 1098 -#define IDT_PKCS11_LIB_PATH 1099 -#define IDC_PKCS11_MODULE 1100 -#define IDC_SELECT_PKCS11_MODULE 1101 -#define IDC_AUTO_DETECT_PKCS11_MODULE 1102 -#define IDC_CLOSE_TOKEN_SESSION_AFTER_MOUNT 1103 -#define IDT_SECURITY_OPTIONS 1104 -#define IDC_DISABLE_BOOT_LOADER_OUTPUT 1105 -#define IDC_ALLOW_ESC_PBA_BYPASS 1106 -#define IDC_CUSTOM_BOOT_LOADER_MESSAGE 1107 -#define IDC_BOOT_LOADER_CACHE_PASSWORD 1108 -#define IDC_MORE_SETTINGS 1109 -#define IDT_CUSTOM_BOOT_LOADER_MESSAGE 1110 -#define IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP 1111 -#define IDT_BOOT_LOADER_SCREEN_OPTIONS 1112 -#define IDT_PKCS11_LIB_HELP 1113 -#define IDT_ACCELERATION_OPTIONS 1114 -#define IDC_ENABLE_HARDWARE_ENCRYPTION 1115 -#define IDC_FAVORITE_VOLUMES_LIST 1116 -#define IDC_FAVORITE_MOUNT_READONLY 1117 -#define IDC_FAVORITE_MOUNT_REMOVABLE 1118 -#define IDC_FAVORITE_MOUNT_ON_ARRIVAL 1119 -#define IDC_FAVORITE_LABEL 1120 -#define IDT_FAVORITE_LABEL 1121 -#define IDC_FAVORITE_MOUNT_ON_LOGON 1122 -#define IDC_FAVORITE_DISABLE_HOTKEY 1123 -#define IDC_FAVORITE_MOVE_UP 1124 -#define IDC_FAVORITE_MOVE_DOWN 1125 -#define IDC_FAVORITE_REMOVE 1126 -#define IDT_HW_AES_SUPPORTED_BY_CPU 1127 -#define IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT 1128 -#define IDC_HW_AES_SUPPORTED_BY_CPU 1129 -#define IDC_LIMIT_ENC_THREAD_POOL 1130 -#define IDC_ENCRYPTION_FREE_CPU_COUNT 1131 -#define IDT_PARALLELIZATION_OPTIONS 1132 -#define IDT_LIMIT_ENC_THREAD_POOL_NOTE 1133 -#define IDC_FAV_VOL_OPTIONS_GROUP_BOX 1134 -#define IDC_FAVORITES_HELP_LINK 1135 -#define IDC_FAV_VOL_OPTIONS_GLOBAL_SETTINGS_BOX 1136 -#define IDC_PREF_DISMOUNT_SESSION_LOCKED 1137 -#define IDT_NEW_PKCS5_PRF 1138 -#define IDC_PKCS5_OLD_PRF_ID 1139 -#define IDC_TRUECRYPT_MODE 1140 -#define IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT 1141 -#define IDT_OLD_PIM 1142 -#define IDC_OLD_PIM 1143 -#define IDC_OLD_PIM_HELP 1144 -#define IDC_NEW_PIM_ENABLE 1145 -#define IDC_SHOW_PIM 1146 -#define IDC_FAVORITE_USE_LABEL_IN_EXPLORER 1147 -#define IDC_COPY_EXPANDER 1148 -#define IDT_DRIVER_OPTIONS 1149 -#define IDC_ENABLE_EXTENDED_IOCTL_SUPPORT 1150 -#define IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION 1151 -#define IDC_WIPE_MODE 1152 -#define IDT_WIPE_MODE 1153 -#define IDC_PREF_CACHE_PIM 1154 -#define IDC_BOOT_LOADER_CACHE_PIM 1155 -#define IDC_SHOW_DISCONNECTED_NETWORK_DRIVES 1156 -#define IDT_VOLUME_ID 1157 -#define IDC_FAVORITE_VOLUME_ID 1158 -#define IDC_FAVORITE_USE_VOLUME_ID 1159 -#define IDC_DISABLE_BOOT_LOADER_PIM_PROMPT 1160 -#define IDC_HIDE_WAITING_DIALOG 1161 -#define IDM_HELP 40001 -#define IDM_ABOUT 40002 -#define IDM_UNMOUNT_VOLUME 40003 -#define IDM_CLEAR_HISTORY 40004 -#define IDM_BENCHMARK 40005 -#define IDM_TRAVELER 40006 -#define IDM_MOUNT_VOLUME_OPTIONS 40007 -#define IDM_FAQ 40008 -#define IDM_REFRESH_DRIVE_LETTERS 40009 -#define IDM_DEFAULT_KEYFILES 40010 -#define IDM_WEBSITE 40011 -#define IDM_MOUNTALL 40012 -#define IDM_UNMOUNTALL 40013 -#define IDM_MOUNT_VOLUME 40014 -#define IDM_CHANGE_PASSWORD 40015 -#define IDM_VOLUME_WIZARD 40016 -#define IDM_CREATE_VOLUME 40017 -#define IDM_WIPE_CACHE 40018 -#define IDM_PREFERENCES 40019 -#define IDM_LICENSE 40020 -#define IDM_SELECT_FILE 40021 -#define IDM_SELECT_DEVICE 40022 -#define IDM_VOLUME_PROPERTIES 40023 -#define IDM_LANGUAGE 40024 -#define IDM_MOUNT_FAVORITE_VOLUMES 40025 -#define IDM_BACKUP_VOL_HEADER 40026 -#define IDM_RESTORE_VOL_HEADER 40027 -#define IDM_HOTKEY_SETTINGS 40028 -#define IDM_TC_DOWNLOADS 40029 -#define IDM_NEWS 40030 -#define IDM_CONTACT 40031 -#define IDM_VERSION_HISTORY 40032 -#define IDM_HOMEPAGE 40033 -#define IDM_TEST_VECTORS 40034 -#define IDM_ADD_REMOVE_VOL_KEYFILES 40035 -#define IDM_REMOVE_ALL_KEYFILES_FROM_VOL 40036 -#define IDM_CHANGE_HEADER_KEY_DERIV_ALGO 40037 -#define IDM_KEYFILE_GENERATOR 40038 -#define IDM_ONLINE_TUTORIAL 40039 -#define IDM_ONLINE_HELP 40040 -#define IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO 40041 -#define IDM_CHANGE_SYS_PASSWORD 40042 -#define IDM_CREATE_RESCUE_DISK 40043 -#define IDM_PERMANENTLY_DECRYPT_SYS 40044 -#define IDM_VERIFY_RESCUE_DISK 40045 -#define IDM_SYSTEM_ENCRYPTION_STATUS 40046 -#define IDM_ENCRYPT_SYSTEM_DEVICE 40047 -#define IDM_SYSENC_RESUME 40048 -#define IDM_MOUNT_SYSENC_PART_WITHOUT_PBA 40049 -#define IDM_CREATE_HIDDEN_OS 40050 -#define IDM_TOKEN_PREFERENCES 40051 -#define IDM_CLOSE_ALL_TOKEN_SESSIONS 40052 -#define IDM_SYS_ENC_SETTINGS 40053 -#define IDM_SYSENC_SETTINGS 40054 -#define IDM_RESUME_INTERRUPTED_PROC 40055 -#define IDM_MANAGE_TOKEN_KEYFILES 40056 -#define IDM_SYS_FAVORITES_SETTINGS 40057 -#define IDM_ORGANIZE_FAVORITES 40058 -#define IDM_ORGANIZE_SYSTEM_FAVORITES 40059 -#define IDM_ADD_VOLUME_TO_FAVORITES 40060 -#define IDM_ADD_VOLUME_TO_SYSTEM_FAVORITES 40061 -#define IDM_PERFORMANCE_SETTINGS 40062 -#define IDM_ANALYZE_SYSTEM_CRASH 40063 -#define IDM_DONATE 40064 -#define IDM_VOLUME_EXPANDER 40065 -#define IDM_DEFAULT_MOUNT_PARAMETERS 40066 -#define IDM_DECRYPT_NONSYS_VOL 40067 -#define IDM_VERIFY_RESCUE_DISK_ISO 40068 - -// Next default values for new objects -// -#ifdef APSTUDIO_INVOKED -#ifndef APSTUDIO_READONLY_SYMBOLS -#define _APS_NO_MFC 1 -#define _APS_NEXT_RESOURCE_VALUE 119 -#define _APS_NEXT_COMMAND_VALUE 40069 -#define _APS_NEXT_CONTROL_VALUE 1162 -#define _APS_NEXT_SYMED_VALUE 101 -#endif -#endif +//{{NO_DEPENDENCIES}} +// Microsoft Visual C++ generated include file. +// Used by Mount.rc +// +#define IDR_MOUNT_TLB 1 +#define IDD_MOUNT_DLG 101 +#define IDD_PASSWORDCHANGE_DLG 102 +#define IDB_DRIVEICON 103 +#define IDD_PASSWORD_DLG 104 +#define IDB_DRIVEICON_MASK 105 +#define IDR_MENU 106 +#define IDD_PREFERENCES_DLG 107 +#define IDD_VOLUME_PROPERTIES 108 +#define IDR_MOUNT_RSRC_HEADER 109 +#define IDS_UACSTRING 110 +#define IDB_LOGO_288DPI 111 +#define IDB_LOGO_96DPI 112 +#define IDB_SYS_DRIVEICON 113 +#define IDB_SYS_DRIVEICON_MASK 114 +#define IDD_TOKEN_PREFERENCES 115 +#define IDD_SYSENC_SETTINGS 116 +#define IDD_FAVORITE_VOLUMES 117 +#define IDD_DEFAULT_MOUNT_PARAMETERS 118 +#define IDC_PREF_MOUNT_READONLY 1000 +#define IDC_PREF_MOUNT_REMOVABLE 1001 +#define IDC_VERIFY 1002 +#define IDC_PREF_BKG_TASK_ENABLE 1003 +#define IDC_OLD_PASSWORD 1004 +#define IDC_CACHE 1005 +#define IDC_NO_HISTORY 1006 +#define IDC_DRIVELIST 1007 +#define IDC_PREF_OPEN_EXPLORER 1008 +#define IDC_ENABLE_KEYFILES 1009 +#define IDC_VOLUME_PROPERTIES_LIST 1010 +#define IDC_PREF_USE_DIFF_TRAY_ICON_IF_VOL_MOUNTED 1011 +#define IDC_ENABLE_NEW_KEYFILES 1012 +#define IDC_PRESERVE_TIMESTAMPS 1013 +#define IDC_PREF_WIPE_CACHE_ON_EXIT 1014 +#define IDC_PREF_CACHE_PASSWORDS 1016 +#define IDC_DIRECTORY 1017 +#define IDC_PREF_DISMOUNT_LOGOFF 1018 +#define IDC_BROWSE_DIRS 1019 +#define IDC_PREF_DISMOUNT_INACTIVE 1020 +#define IDC_AUTORUN_DISABLE 1021 +#define IDC_AUTORUN_START 1022 +#define IDC_BENCHMARK 1023 +#define IDC_AUTORUN_MOUNT 1024 +#define IDC_VOLUME_NAME 1025 +#define IDC_COPY_WIZARD 1026 +#define IDC_MOUNT_OPTIONS 1027 +#define IDT_TRAVELER_MOUNT 1028 +#define IDT_MOUNT_LETTER 1029 +#define IDT_MOUNT_SETTINGS 1030 +#define IDC_KEY_FILES 1031 +#define IDC_NEW_KEYFILES 1032 +#define IDC_KEYFILES 1033 +#define IDC_VOLUME 1034 +#define IDC_PASSWORD 1035 +#define IDC_BROWSE_FILES 1036 +#define IDC_SELECT_DEVICE 1037 +#define IDC_CREATE_VOLUME 1038 +#define IDC_VOLUME_TOOLS 1039 +#define IDC_WIPE_CACHE 1040 +#define IDC_MOUNTALL 1041 +#define IDD_TRAVELER_DLG 1042 +#define IDC_SELECT_FILE 1043 +#define IDD_HOTKEYS_DLG 1044 +#define IDC_VOLUME_PROPERTIES 1045 +#define IDT_FILE_SETTINGS 1046 +#define IDD_PERFORMANCE_SETTINGS 1047 +#define IDT_AUTORUN 1048 +#define IDT_TRAVEL_INSERTION 1049 +#define IDT_TRAVEL_ROOT 1050 +#define IDT_VOLUME 1051 +#define IDT_PASSWORD 1052 +#define IDT_CURRENT 1053 +#define IDT_NEW 1054 +#define IDT_NEW_PASSWORD 1055 +#define IDT_CONFIRM_PASSWORD 1056 +#define IDT_PW_CACHE_OPTIONS 1058 +#define IDT_DEFAULT_MOUNT_OPTIONS 1059 +#define IDT_WINDOWS_RELATED_SETTING 1060 +#define IDC_CREATE 1061 +#define IDC_EXIT 1062 +#define IDC_TRAVEL_OPEN_EXPLORER 1063 +#define IDC_TRAV_CACHE_PASSWORDS 1064 +#define IDC_UNMOUNTALL 1065 +#define IDT_TASKBAR_ICON 1066 +#define IDT_AUTO_DISMOUNT 1067 +#define IDC_PREF_FORCE_AUTO_DISMOUNT 1068 +#define IDC_PREF_DISMOUNT_INACTIVE_TIME 1069 +#define IDT_MINUTES 1070 +#define IDC_PREF_DISMOUNT_SCREENSAVER 1071 +#define IDC_PREF_DISMOUNT_POWERSAVING 1072 +#define IDT_AUTO_DISMOUNT_ON 1073 +#define IDC_PREF_WIPE_CACHE_ON_AUTODISMOUNT 1074 +#define IDC_CLOSE_BKG_TASK_WHEN_NOVOL 1075 +#define IDC_MORE_INFO_ON_HW_ACCELERATION 1076 +#define IDT_LOGON 1077 +#define IDC_MORE_INFO_ON_THREAD_BASED_PARALLELIZATION 1078 +#define IDC_PREF_LOGON_START 1079 +#define IDC_PREF_LOGON_MOUNT_DEVICES 1080 +#define IDC_SHOW_PASSWORD_CHPWD_NEW 1081 +#define IDC_HK_DISMOUNT_BALLOON_TOOLTIP 1082 +#define IDC_SHOW_PASSWORD_CHPWD_ORI 1083 +#define IDC_HK_DISMOUNT_PLAY_SOUND 1084 +#define IDC_HOTKEY_ASSIGN 1085 +#define IDC_HOTKEY_REMOVE 1086 +#define IDC_HOTKEY_KEY 1087 +#define IDT_HOTKEY_KEY 1088 +#define IDC_HOTKEY_LIST 1089 +#define IDC_RESET_HOTKEYS 1090 +#define IDT_DISMOUNT_ACTION 1091 +#define IDT_ASSIGN_HOTKEY 1092 +#define IDC_HK_MOD_SHIFT 1093 +#define IDC_HK_MOD_CTRL 1094 +#define IDC_HK_MOD_ALT 1095 +#define IDC_HK_MOD_WIN 1096 +#define IDC_SHOW_PASSWORD 1097 +#define IDC_LOGO 1098 +#define IDT_PKCS11_LIB_PATH 1099 +#define IDC_PKCS11_MODULE 1100 +#define IDC_SELECT_PKCS11_MODULE 1101 +#define IDC_AUTO_DETECT_PKCS11_MODULE 1102 +#define IDC_CLOSE_TOKEN_SESSION_AFTER_MOUNT 1103 +#define IDT_SECURITY_OPTIONS 1104 +#define IDC_DISABLE_BOOT_LOADER_OUTPUT 1105 +#define IDC_ALLOW_ESC_PBA_BYPASS 1106 +#define IDC_CUSTOM_BOOT_LOADER_MESSAGE 1107 +#define IDC_BOOT_LOADER_CACHE_PASSWORD 1108 +#define IDC_MORE_SETTINGS 1109 +#define IDT_CUSTOM_BOOT_LOADER_MESSAGE 1110 +#define IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP 1111 +#define IDT_BOOT_LOADER_SCREEN_OPTIONS 1112 +#define IDT_PKCS11_LIB_HELP 1113 +#define IDT_ACCELERATION_OPTIONS 1114 +#define IDC_ENABLE_HARDWARE_ENCRYPTION 1115 +#define IDC_FAVORITE_VOLUMES_LIST 1116 +#define IDC_FAVORITE_MOUNT_READONLY 1117 +#define IDC_FAVORITE_MOUNT_REMOVABLE 1118 +#define IDC_FAVORITE_MOUNT_ON_ARRIVAL 1119 +#define IDC_FAVORITE_LABEL 1120 +#define IDT_FAVORITE_LABEL 1121 +#define IDC_FAVORITE_MOUNT_ON_LOGON 1122 +#define IDC_FAVORITE_DISABLE_HOTKEY 1123 +#define IDC_FAVORITE_MOVE_UP 1124 +#define IDC_FAVORITE_MOVE_DOWN 1125 +#define IDC_FAVORITE_REMOVE 1126 +#define IDT_HW_AES_SUPPORTED_BY_CPU 1127 +#define IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT 1128 +#define IDC_HW_AES_SUPPORTED_BY_CPU 1129 +#define IDC_LIMIT_ENC_THREAD_POOL 1130 +#define IDC_ENCRYPTION_FREE_CPU_COUNT 1131 +#define IDT_PARALLELIZATION_OPTIONS 1132 +#define IDT_LIMIT_ENC_THREAD_POOL_NOTE 1133 +#define IDC_FAV_VOL_OPTIONS_GROUP_BOX 1134 +#define IDC_FAVORITES_HELP_LINK 1135 +#define IDC_FAV_VOL_OPTIONS_GLOBAL_SETTINGS_BOX 1136 +#define IDC_PREF_DISMOUNT_SESSION_LOCKED 1137 +#define IDT_NEW_PKCS5_PRF 1138 +#define IDC_PKCS5_OLD_PRF_ID 1139 +#define IDC_TRUECRYPT_MODE 1140 +#define IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT 1141 +#define IDT_OLD_PIM 1142 +#define IDC_OLD_PIM 1143 +#define IDC_OLD_PIM_HELP 1144 +#define IDC_NEW_PIM_ENABLE 1145 +#define IDC_SHOW_PIM 1146 +#define IDC_FAVORITE_USE_LABEL_IN_EXPLORER 1147 +#define IDC_COPY_EXPANDER 1148 +#define IDT_DRIVER_OPTIONS 1149 +#define IDC_ENABLE_EXTENDED_IOCTL_SUPPORT 1150 +#define IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION 1151 +#define IDC_WIPE_MODE 1152 +#define IDT_WIPE_MODE 1153 +#define IDC_PREF_CACHE_PIM 1154 +#define IDC_BOOT_LOADER_CACHE_PIM 1155 +#define IDC_SHOW_DISCONNECTED_NETWORK_DRIVES 1156 +#define IDT_VOLUME_ID 1157 +#define IDC_FAVORITE_VOLUME_ID 1158 +#define IDC_FAVORITE_USE_VOLUME_ID 1159 +#define IDC_DISABLE_BOOT_LOADER_PIM_PROMPT 1160 +#define IDC_HIDE_WAITING_DIALOG 1161 +#define IDM_HELP 40001 +#define IDM_ABOUT 40002 +#define IDM_UNMOUNT_VOLUME 40003 +#define IDM_CLEAR_HISTORY 40004 +#define IDM_BENCHMARK 40005 +#define IDM_TRAVELER 40006 +#define IDM_MOUNT_VOLUME_OPTIONS 40007 +#define IDM_FAQ 40008 +#define IDM_REFRESH_DRIVE_LETTERS 40009 +#define IDM_DEFAULT_KEYFILES 40010 +#define IDM_WEBSITE 40011 +#define IDM_MOUNTALL 40012 +#define IDM_UNMOUNTALL 40013 +#define IDM_MOUNT_VOLUME 40014 +#define IDM_CHANGE_PASSWORD 40015 +#define IDM_VOLUME_WIZARD 40016 +#define IDM_CREATE_VOLUME 40017 +#define IDM_WIPE_CACHE 40018 +#define IDM_PREFERENCES 40019 +#define IDM_LICENSE 40020 +#define IDM_SELECT_FILE 40021 +#define IDM_SELECT_DEVICE 40022 +#define IDM_VOLUME_PROPERTIES 40023 +#define IDM_LANGUAGE 40024 +#define IDM_MOUNT_FAVORITE_VOLUMES 40025 +#define IDM_BACKUP_VOL_HEADER 40026 +#define IDM_RESTORE_VOL_HEADER 40027 +#define IDM_HOTKEY_SETTINGS 40028 +#define IDM_TC_DOWNLOADS 40029 +#define IDM_NEWS 40030 +#define IDM_CONTACT 40031 +#define IDM_VERSION_HISTORY 40032 +#define IDM_HOMEPAGE 40033 +#define IDM_TEST_VECTORS 40034 +#define IDM_ADD_REMOVE_VOL_KEYFILES 40035 +#define IDM_REMOVE_ALL_KEYFILES_FROM_VOL 40036 +#define IDM_CHANGE_HEADER_KEY_DERIV_ALGO 40037 +#define IDM_KEYFILE_GENERATOR 40038 +#define IDM_ONLINE_TUTORIAL 40039 +#define IDM_ONLINE_HELP 40040 +#define IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO 40041 +#define IDM_CHANGE_SYS_PASSWORD 40042 +#define IDM_CREATE_RESCUE_DISK 40043 +#define IDM_PERMANENTLY_DECRYPT_SYS 40044 +#define IDM_VERIFY_RESCUE_DISK 40045 +#define IDM_SYSTEM_ENCRYPTION_STATUS 40046 +#define IDM_ENCRYPT_SYSTEM_DEVICE 40047 +#define IDM_SYSENC_RESUME 40048 +#define IDM_MOUNT_SYSENC_PART_WITHOUT_PBA 40049 +#define IDM_CREATE_HIDDEN_OS 40050 +#define IDM_TOKEN_PREFERENCES 40051 +#define IDM_CLOSE_ALL_TOKEN_SESSIONS 40052 +#define IDM_SYS_ENC_SETTINGS 40053 +#define IDM_SYSENC_SETTINGS 40054 +#define IDM_RESUME_INTERRUPTED_PROC 40055 +#define IDM_MANAGE_TOKEN_KEYFILES 40056 +#define IDM_SYS_FAVORITES_SETTINGS 40057 +#define IDM_ORGANIZE_FAVORITES 40058 +#define IDM_ORGANIZE_SYSTEM_FAVORITES 40059 +#define IDM_ADD_VOLUME_TO_FAVORITES 40060 +#define IDM_ADD_VOLUME_TO_SYSTEM_FAVORITES 40061 +#define IDM_PERFORMANCE_SETTINGS 40062 +#define IDM_ANALYZE_SYSTEM_CRASH 40063 +#define IDM_DONATE 40064 +#define IDM_VOLUME_EXPANDER 40065 +#define IDM_DEFAULT_MOUNT_PARAMETERS 40066 +#define IDM_DECRYPT_NONSYS_VOL 40067 +#define IDM_VERIFY_RESCUE_DISK_ISO 40068 + +// Next default values for new objects +// +#ifdef APSTUDIO_INVOKED +#ifndef APSTUDIO_READONLY_SYMBOLS +#define _APS_NO_MFC 1 +#define _APS_NEXT_RESOURCE_VALUE 119 +#define _APS_NEXT_COMMAND_VALUE 40069 +#define _APS_NEXT_CONTROL_VALUE 1162 +#define _APS_NEXT_SYMED_VALUE 101 +#endif +#endif diff --git a/src/PKCS11/cryptoki.h b/src/PKCS11/cryptoki.h index 7d85ca80..f457b3e9 100644 --- a/src/PKCS11/cryptoki.h +++ b/src/PKCS11/cryptoki.h @@ -1,66 +1,66 @@ -/* cryptoki.h include file for PKCS #11. */ -/* $Revision: 1.4 $ */ - -/* License to copy and use this software is granted provided that it is - * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface - * (Cryptoki)" in all material mentioning or referencing this software. - - * License is also granted to make and use derivative works provided that - * such works are identified as "derived from the RSA Security Inc. PKCS #11 - * Cryptographic Token Interface (Cryptoki)" in all material mentioning or - * referencing the derived work. - - * RSA Security Inc. makes no representations concerning either the - * merchantability of this software or the suitability of this software for - * any particular purpose. It is provided "as is" without express or implied - * warranty of any kind. - */ - -/* This is a sample file containing the top level include directives - * for building Win32 Cryptoki libraries and applications. - */ - -#ifndef ___CRYPTOKI_H_INC___ -#define ___CRYPTOKI_H_INC___ - -#pragma pack(push, cryptoki, 1) - -/* Specifies that the function is a DLL entry point. */ -#define CK_IMPORT_SPEC __declspec(dllimport) - -/* Define CRYPTOKI_EXPORTS during the build of cryptoki libraries. Do - * not define it in applications. - */ -#ifdef CRYPTOKI_EXPORTS -/* Specified that the function is an exported DLL entry point. */ -#define CK_EXPORT_SPEC __declspec(dllexport) -#else -#define CK_EXPORT_SPEC CK_IMPORT_SPEC -#endif - -/* Ensures the calling convention for Win32 builds */ -#define CK_CALL_SPEC __cdecl - -#define CK_PTR * - -#define CK_DEFINE_FUNCTION(returnType, name) \ - returnType CK_EXPORT_SPEC CK_CALL_SPEC name - -#define CK_DECLARE_FUNCTION(returnType, name) \ - returnType CK_EXPORT_SPEC CK_CALL_SPEC name - -#define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ - returnType CK_IMPORT_SPEC (CK_CALL_SPEC CK_PTR name) - -#define CK_CALLBACK_FUNCTION(returnType, name) \ - returnType (CK_CALL_SPEC CK_PTR name) - -#ifndef NULL_PTR -#define NULL_PTR 0 -#endif - -#include "pkcs11.h" - -#pragma pack(pop, cryptoki) - -#endif /* ___CRYPTOKI_H_INC___ */ +/* cryptoki.h include file for PKCS #11. */ +/* $Revision: 1.4 $ */ + +/* License to copy and use this software is granted provided that it is + * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface + * (Cryptoki)" in all material mentioning or referencing this software. + + * License is also granted to make and use derivative works provided that + * such works are identified as "derived from the RSA Security Inc. PKCS #11 + * Cryptographic Token Interface (Cryptoki)" in all material mentioning or + * referencing the derived work. + + * RSA Security Inc. makes no representations concerning either the + * merchantability of this software or the suitability of this software for + * any particular purpose. It is provided "as is" without express or implied + * warranty of any kind. + */ + +/* This is a sample file containing the top level include directives + * for building Win32 Cryptoki libraries and applications. + */ + +#ifndef ___CRYPTOKI_H_INC___ +#define ___CRYPTOKI_H_INC___ + +#pragma pack(push, cryptoki, 1) + +/* Specifies that the function is a DLL entry point. */ +#define CK_IMPORT_SPEC __declspec(dllimport) + +/* Define CRYPTOKI_EXPORTS during the build of cryptoki libraries. Do + * not define it in applications. + */ +#ifdef CRYPTOKI_EXPORTS +/* Specified that the function is an exported DLL entry point. */ +#define CK_EXPORT_SPEC __declspec(dllexport) +#else +#define CK_EXPORT_SPEC CK_IMPORT_SPEC +#endif + +/* Ensures the calling convention for Win32 builds */ +#define CK_CALL_SPEC __cdecl + +#define CK_PTR * + +#define CK_DEFINE_FUNCTION(returnType, name) \ + returnType CK_EXPORT_SPEC CK_CALL_SPEC name + +#define CK_DECLARE_FUNCTION(returnType, name) \ + returnType CK_EXPORT_SPEC CK_CALL_SPEC name + +#define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ + returnType CK_IMPORT_SPEC (CK_CALL_SPEC CK_PTR name) + +#define CK_CALLBACK_FUNCTION(returnType, name) \ + returnType (CK_CALL_SPEC CK_PTR name) + +#ifndef NULL_PTR +#define NULL_PTR 0 +#endif + +#include "pkcs11.h" + +#pragma pack(pop, cryptoki) + +#endif /* ___CRYPTOKI_H_INC___ */ diff --git a/src/PKCS11/pkcs11.h b/src/PKCS11/pkcs11.h index 5afbb7ac..6c612204 100644 --- a/src/PKCS11/pkcs11.h +++ b/src/PKCS11/pkcs11.h @@ -1,299 +1,299 @@ -/* pkcs11.h include file for PKCS #11. */ -/* $Revision: 1.4 $ */ - -/* License to copy and use this software is granted provided that it is - * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface - * (Cryptoki)" in all material mentioning or referencing this software. - - * License is also granted to make and use derivative works provided that - * such works are identified as "derived from the RSA Security Inc. PKCS #11 - * Cryptographic Token Interface (Cryptoki)" in all material mentioning or - * referencing the derived work. - - * RSA Security Inc. makes no representations concerning either the - * merchantability of this software or the suitability of this software for - * any particular purpose. It is provided "as is" without express or implied - * warranty of any kind. - */ - -#ifndef _PKCS11_H_ -#define _PKCS11_H_ 1 - -#ifdef __cplusplus -extern "C" { -#endif - -/* Before including this file (pkcs11.h) (or pkcs11t.h by - * itself), 6 platform-specific macros must be defined. These - * macros are described below, and typical definitions for them - * are also given. Be advised that these definitions can depend - * on both the platform and the compiler used (and possibly also - * on whether a Cryptoki library is linked statically or - * dynamically). - * - * In addition to defining these 6 macros, the packing convention - * for Cryptoki structures should be set. The Cryptoki - * convention on packing is that structures should be 1-byte - * aligned. - * - * If you're using Microsoft Developer Studio 5.0 to produce - * Win32 stuff, this might be done by using the following - * preprocessor directive before including pkcs11.h or pkcs11t.h: - * - * #pragma pack(push, cryptoki, 1) - * - * and using the following preprocessor directive after including - * pkcs11.h or pkcs11t.h: - * - * #pragma pack(pop, cryptoki) - * - * If you're using an earlier version of Microsoft Developer - * Studio to produce Win16 stuff, this might be done by using - * the following preprocessor directive before including - * pkcs11.h or pkcs11t.h: - * - * #pragma pack(1) - * - * In a UNIX environment, you're on your own for this. You might - * not need to do (or be able to do!) anything. - * - * - * Now for the macros: - * - * - * 1. CK_PTR: The indirection string for making a pointer to an - * object. It can be used like this: - * - * typedef CK_BYTE CK_PTR CK_BYTE_PTR; - * - * If you're using Microsoft Developer Studio 5.0 to produce - * Win32 stuff, it might be defined by: - * - * #define CK_PTR * - * - * If you're using an earlier version of Microsoft Developer - * Studio to produce Win16 stuff, it might be defined by: - * - * #define CK_PTR far * - * - * In a typical UNIX environment, it might be defined by: - * - * #define CK_PTR * - * - * - * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes - * an exportable Cryptoki library function definition out of a - * return type and a function name. It should be used in the - * following fashion to define the exposed Cryptoki functions in - * a Cryptoki library: - * - * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)( - * CK_VOID_PTR pReserved - * ) - * { - * ... - * } - * - * If you're using Microsoft Developer Studio 5.0 to define a - * function in a Win32 Cryptoki .dll, it might be defined by: - * - * #define CK_DEFINE_FUNCTION(returnType, name) \ - * returnType __declspec(dllexport) name - * - * If you're using an earlier version of Microsoft Developer - * Studio to define a function in a Win16 Cryptoki .dll, it - * might be defined by: - * - * #define CK_DEFINE_FUNCTION(returnType, name) \ - * returnType __export _far _pascal name - * - * In a UNIX environment, it might be defined by: - * - * #define CK_DEFINE_FUNCTION(returnType, name) \ - * returnType name - * - * - * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes - * an importable Cryptoki library function declaration out of a - * return type and a function name. It should be used in the - * following fashion: - * - * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)( - * CK_VOID_PTR pReserved - * ); - * - * If you're using Microsoft Developer Studio 5.0 to declare a - * function in a Win32 Cryptoki .dll, it might be defined by: - * - * #define CK_DECLARE_FUNCTION(returnType, name) \ - * returnType __declspec(dllimport) name - * - * If you're using an earlier version of Microsoft Developer - * Studio to declare a function in a Win16 Cryptoki .dll, it - * might be defined by: - * - * #define CK_DECLARE_FUNCTION(returnType, name) \ - * returnType __export _far _pascal name - * - * In a UNIX environment, it might be defined by: - * - * #define CK_DECLARE_FUNCTION(returnType, name) \ - * returnType name - * - * - * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro - * which makes a Cryptoki API function pointer declaration or - * function pointer type declaration out of a return type and a - * function name. It should be used in the following fashion: - * - * // Define funcPtr to be a pointer to a Cryptoki API function - * // taking arguments args and returning CK_RV. - * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args); - * - * or - * - * // Define funcPtrType to be the type of a pointer to a - * // Cryptoki API function taking arguments args and returning - * // CK_RV, and then define funcPtr to be a variable of type - * // funcPtrType. - * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args); - * funcPtrType funcPtr; - * - * If you're using Microsoft Developer Studio 5.0 to access - * functions in a Win32 Cryptoki .dll, in might be defined by: - * - * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ - * returnType __declspec(dllimport) (* name) - * - * If you're using an earlier version of Microsoft Developer - * Studio to access functions in a Win16 Cryptoki .dll, it might - * be defined by: - * - * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ - * returnType __export _far _pascal (* name) - * - * In a UNIX environment, it might be defined by: - * - * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ - * returnType (* name) - * - * - * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes - * a function pointer type for an application callback out of - * a return type for the callback and a name for the callback. - * It should be used in the following fashion: - * - * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args); - * - * to declare a function pointer, myCallback, to a callback - * which takes arguments args and returns a CK_RV. It can also - * be used like this: - * - * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args); - * myCallbackType myCallback; - * - * If you're using Microsoft Developer Studio 5.0 to do Win32 - * Cryptoki development, it might be defined by: - * - * #define CK_CALLBACK_FUNCTION(returnType, name) \ - * returnType (* name) - * - * If you're using an earlier version of Microsoft Developer - * Studio to do Win16 development, it might be defined by: - * - * #define CK_CALLBACK_FUNCTION(returnType, name) \ - * returnType _far _pascal (* name) - * - * In a UNIX environment, it might be defined by: - * - * #define CK_CALLBACK_FUNCTION(returnType, name) \ - * returnType (* name) - * - * - * 6. NULL_PTR: This macro is the value of a NULL pointer. - * - * In any ANSI/ISO C environment (and in many others as well), - * this should best be defined by - * - * #ifndef NULL_PTR - * #define NULL_PTR 0 - * #endif - */ - - -/* All the various Cryptoki types and #define'd values are in the - * file pkcs11t.h. */ -#include "pkcs11t.h" - -#define __PASTE(x,y) x##y - - -/* ============================================================== - * Define the "extern" form of all the entry points. - * ============================================================== - */ - -#define CK_NEED_ARG_LIST 1 -#define CK_PKCS11_FUNCTION_INFO(name) \ - extern CK_DECLARE_FUNCTION(CK_RV, name) - -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. */ -#include "pkcs11f.h" - -#undef CK_NEED_ARG_LIST -#undef CK_PKCS11_FUNCTION_INFO - - -/* ============================================================== - * Define the typedef form of all the entry points. That is, for - * each Cryptoki function C_XXX, define a type CK_C_XXX which is - * a pointer to that kind of function. - * ============================================================== - */ - -#define CK_NEED_ARG_LIST 1 -#define CK_PKCS11_FUNCTION_INFO(name) \ - typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name)) - -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. */ -#include "pkcs11f.h" - -#undef CK_NEED_ARG_LIST -#undef CK_PKCS11_FUNCTION_INFO - - -/* ============================================================== - * Define structed vector of entry points. A CK_FUNCTION_LIST - * contains a CK_VERSION indicating a library's Cryptoki version - * and then a whole slew of function pointers to the routines in - * the library. This type was declared, but not defined, in - * pkcs11t.h. - * ============================================================== - */ - -#define CK_PKCS11_FUNCTION_INFO(name) \ - __PASTE(CK_,name) name; - -struct CK_FUNCTION_LIST { - - CK_VERSION version; /* Cryptoki version */ - -/* Pile all the function pointers into the CK_FUNCTION_LIST. */ -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. */ -#include "pkcs11f.h" - -}; - -#undef CK_PKCS11_FUNCTION_INFO - - -#undef __PASTE - -#ifdef __cplusplus -} -#endif - -#endif +/* pkcs11.h include file for PKCS #11. */ +/* $Revision: 1.4 $ */ + +/* License to copy and use this software is granted provided that it is + * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface + * (Cryptoki)" in all material mentioning or referencing this software. + + * License is also granted to make and use derivative works provided that + * such works are identified as "derived from the RSA Security Inc. PKCS #11 + * Cryptographic Token Interface (Cryptoki)" in all material mentioning or + * referencing the derived work. + + * RSA Security Inc. makes no representations concerning either the + * merchantability of this software or the suitability of this software for + * any particular purpose. It is provided "as is" without express or implied + * warranty of any kind. + */ + +#ifndef _PKCS11_H_ +#define _PKCS11_H_ 1 + +#ifdef __cplusplus +extern "C" { +#endif + +/* Before including this file (pkcs11.h) (or pkcs11t.h by + * itself), 6 platform-specific macros must be defined. These + * macros are described below, and typical definitions for them + * are also given. Be advised that these definitions can depend + * on both the platform and the compiler used (and possibly also + * on whether a Cryptoki library is linked statically or + * dynamically). + * + * In addition to defining these 6 macros, the packing convention + * for Cryptoki structures should be set. The Cryptoki + * convention on packing is that structures should be 1-byte + * aligned. + * + * If you're using Microsoft Developer Studio 5.0 to produce + * Win32 stuff, this might be done by using the following + * preprocessor directive before including pkcs11.h or pkcs11t.h: + * + * #pragma pack(push, cryptoki, 1) + * + * and using the following preprocessor directive after including + * pkcs11.h or pkcs11t.h: + * + * #pragma pack(pop, cryptoki) + * + * If you're using an earlier version of Microsoft Developer + * Studio to produce Win16 stuff, this might be done by using + * the following preprocessor directive before including + * pkcs11.h or pkcs11t.h: + * + * #pragma pack(1) + * + * In a UNIX environment, you're on your own for this. You might + * not need to do (or be able to do!) anything. + * + * + * Now for the macros: + * + * + * 1. CK_PTR: The indirection string for making a pointer to an + * object. It can be used like this: + * + * typedef CK_BYTE CK_PTR CK_BYTE_PTR; + * + * If you're using Microsoft Developer Studio 5.0 to produce + * Win32 stuff, it might be defined by: + * + * #define CK_PTR * + * + * If you're using an earlier version of Microsoft Developer + * Studio to produce Win16 stuff, it might be defined by: + * + * #define CK_PTR far * + * + * In a typical UNIX environment, it might be defined by: + * + * #define CK_PTR * + * + * + * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes + * an exportable Cryptoki library function definition out of a + * return type and a function name. It should be used in the + * following fashion to define the exposed Cryptoki functions in + * a Cryptoki library: + * + * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)( + * CK_VOID_PTR pReserved + * ) + * { + * ... + * } + * + * If you're using Microsoft Developer Studio 5.0 to define a + * function in a Win32 Cryptoki .dll, it might be defined by: + * + * #define CK_DEFINE_FUNCTION(returnType, name) \ + * returnType __declspec(dllexport) name + * + * If you're using an earlier version of Microsoft Developer + * Studio to define a function in a Win16 Cryptoki .dll, it + * might be defined by: + * + * #define CK_DEFINE_FUNCTION(returnType, name) \ + * returnType __export _far _pascal name + * + * In a UNIX environment, it might be defined by: + * + * #define CK_DEFINE_FUNCTION(returnType, name) \ + * returnType name + * + * + * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes + * an importable Cryptoki library function declaration out of a + * return type and a function name. It should be used in the + * following fashion: + * + * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)( + * CK_VOID_PTR pReserved + * ); + * + * If you're using Microsoft Developer Studio 5.0 to declare a + * function in a Win32 Cryptoki .dll, it might be defined by: + * + * #define CK_DECLARE_FUNCTION(returnType, name) \ + * returnType __declspec(dllimport) name + * + * If you're using an earlier version of Microsoft Developer + * Studio to declare a function in a Win16 Cryptoki .dll, it + * might be defined by: + * + * #define CK_DECLARE_FUNCTION(returnType, name) \ + * returnType __export _far _pascal name + * + * In a UNIX environment, it might be defined by: + * + * #define CK_DECLARE_FUNCTION(returnType, name) \ + * returnType name + * + * + * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro + * which makes a Cryptoki API function pointer declaration or + * function pointer type declaration out of a return type and a + * function name. It should be used in the following fashion: + * + * // Define funcPtr to be a pointer to a Cryptoki API function + * // taking arguments args and returning CK_RV. + * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args); + * + * or + * + * // Define funcPtrType to be the type of a pointer to a + * // Cryptoki API function taking arguments args and returning + * // CK_RV, and then define funcPtr to be a variable of type + * // funcPtrType. + * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args); + * funcPtrType funcPtr; + * + * If you're using Microsoft Developer Studio 5.0 to access + * functions in a Win32 Cryptoki .dll, in might be defined by: + * + * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ + * returnType __declspec(dllimport) (* name) + * + * If you're using an earlier version of Microsoft Developer + * Studio to access functions in a Win16 Cryptoki .dll, it might + * be defined by: + * + * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ + * returnType __export _far _pascal (* name) + * + * In a UNIX environment, it might be defined by: + * + * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ + * returnType (* name) + * + * + * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes + * a function pointer type for an application callback out of + * a return type for the callback and a name for the callback. + * It should be used in the following fashion: + * + * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args); + * + * to declare a function pointer, myCallback, to a callback + * which takes arguments args and returns a CK_RV. It can also + * be used like this: + * + * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args); + * myCallbackType myCallback; + * + * If you're using Microsoft Developer Studio 5.0 to do Win32 + * Cryptoki development, it might be defined by: + * + * #define CK_CALLBACK_FUNCTION(returnType, name) \ + * returnType (* name) + * + * If you're using an earlier version of Microsoft Developer + * Studio to do Win16 development, it might be defined by: + * + * #define CK_CALLBACK_FUNCTION(returnType, name) \ + * returnType _far _pascal (* name) + * + * In a UNIX environment, it might be defined by: + * + * #define CK_CALLBACK_FUNCTION(returnType, name) \ + * returnType (* name) + * + * + * 6. NULL_PTR: This macro is the value of a NULL pointer. + * + * In any ANSI/ISO C environment (and in many others as well), + * this should best be defined by + * + * #ifndef NULL_PTR + * #define NULL_PTR 0 + * #endif + */ + + +/* All the various Cryptoki types and #define'd values are in the + * file pkcs11t.h. */ +#include "pkcs11t.h" + +#define __PASTE(x,y) x##y + + +/* ============================================================== + * Define the "extern" form of all the entry points. + * ============================================================== + */ + +#define CK_NEED_ARG_LIST 1 +#define CK_PKCS11_FUNCTION_INFO(name) \ + extern CK_DECLARE_FUNCTION(CK_RV, name) + +/* pkcs11f.h has all the information about the Cryptoki + * function prototypes. */ +#include "pkcs11f.h" + +#undef CK_NEED_ARG_LIST +#undef CK_PKCS11_FUNCTION_INFO + + +/* ============================================================== + * Define the typedef form of all the entry points. That is, for + * each Cryptoki function C_XXX, define a type CK_C_XXX which is + * a pointer to that kind of function. + * ============================================================== + */ + +#define CK_NEED_ARG_LIST 1 +#define CK_PKCS11_FUNCTION_INFO(name) \ + typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name)) + +/* pkcs11f.h has all the information about the Cryptoki + * function prototypes. */ +#include "pkcs11f.h" + +#undef CK_NEED_ARG_LIST +#undef CK_PKCS11_FUNCTION_INFO + + +/* ============================================================== + * Define structed vector of entry points. A CK_FUNCTION_LIST + * contains a CK_VERSION indicating a library's Cryptoki version + * and then a whole slew of function pointers to the routines in + * the library. This type was declared, but not defined, in + * pkcs11t.h. + * ============================================================== + */ + +#define CK_PKCS11_FUNCTION_INFO(name) \ + __PASTE(CK_,name) name; + +struct CK_FUNCTION_LIST { + + CK_VERSION version; /* Cryptoki version */ + +/* Pile all the function pointers into the CK_FUNCTION_LIST. */ +/* pkcs11f.h has all the information about the Cryptoki + * function prototypes. */ +#include "pkcs11f.h" + +}; + +#undef CK_PKCS11_FUNCTION_INFO + + +#undef __PASTE + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/PKCS11/pkcs11f.h b/src/PKCS11/pkcs11f.h index 30097535..a479384e 100644 --- a/src/PKCS11/pkcs11f.h +++ b/src/PKCS11/pkcs11f.h @@ -1,912 +1,912 @@ -/* pkcs11f.h include file for PKCS #11. */ -/* $Revision: 1.4 $ */ - -/* License to copy and use this software is granted provided that it is - * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface - * (Cryptoki)" in all material mentioning or referencing this software. - - * License is also granted to make and use derivative works provided that - * such works are identified as "derived from the RSA Security Inc. PKCS #11 - * Cryptographic Token Interface (Cryptoki)" in all material mentioning or - * referencing the derived work. - - * RSA Security Inc. makes no representations concerning either the - * merchantability of this software or the suitability of this software for - * any particular purpose. It is provided "as is" without express or implied - * warranty of any kind. - */ - -/* This header file contains pretty much everything about all the */ -/* Cryptoki function prototypes. Because this information is */ -/* used for more than just declaring function prototypes, the */ -/* order of the functions appearing herein is important, and */ -/* should not be altered. */ - -/* General-purpose */ - -/* C_Initialize initializes the Cryptoki library. */ -CK_PKCS11_FUNCTION_INFO(C_Initialize) -#ifdef CK_NEED_ARG_LIST -( - CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets - * cast to CK_C_INITIALIZE_ARGS_PTR - * and dereferenced */ -); -#endif - - -/* C_Finalize indicates that an application is done with the - * Cryptoki library. */ -CK_PKCS11_FUNCTION_INFO(C_Finalize) -#ifdef CK_NEED_ARG_LIST -( - CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */ -); -#endif - - -/* C_GetInfo returns general information about Cryptoki. */ -CK_PKCS11_FUNCTION_INFO(C_GetInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_INFO_PTR pInfo /* location that receives information */ -); -#endif - - -/* C_GetFunctionList returns the function list. */ -CK_PKCS11_FUNCTION_INFO(C_GetFunctionList) -#ifdef CK_NEED_ARG_LIST -( - CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to - * function list */ -); -#endif - - - -/* Slot and token management */ - -/* C_GetSlotList obtains a list of slots in the system. */ -CK_PKCS11_FUNCTION_INFO(C_GetSlotList) -#ifdef CK_NEED_ARG_LIST -( - CK_BBOOL tokenPresent, /* only slots with tokens? */ - CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ - CK_ULONG_PTR pulCount /* receives number of slots */ -); -#endif - - -/* C_GetSlotInfo obtains information about a particular slot in - * the system. */ -CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* the ID of the slot */ - CK_SLOT_INFO_PTR pInfo /* receives the slot information */ -); -#endif - - -/* C_GetTokenInfo obtains information about a particular token - * in the system. */ -CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_TOKEN_INFO_PTR pInfo /* receives the token information */ -); -#endif - - -/* C_GetMechanismList obtains a list of mechanism types - * supported by a token. */ -CK_PKCS11_FUNCTION_INFO(C_GetMechanismList) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of token's slot */ - CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ - CK_ULONG_PTR pulCount /* gets # of mechs. */ -); -#endif - - -/* C_GetMechanismInfo obtains information about a particular - * mechanism possibly supported by a token. */ -CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_MECHANISM_TYPE type, /* type of mechanism */ - CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ -); -#endif - - -/* C_InitToken initializes a token. */ -CK_PKCS11_FUNCTION_INFO(C_InitToken) -#ifdef CK_NEED_ARG_LIST -/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */ -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ - CK_ULONG ulPinLen, /* length in bytes of the PIN */ - CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ -); -#endif - - -/* C_InitPIN initializes the normal user's PIN. */ -CK_PKCS11_FUNCTION_INFO(C_InitPIN) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ - CK_ULONG ulPinLen /* length in bytes of the PIN */ -); -#endif - - -/* C_SetPIN modifies the PIN of the user who is logged in. */ -CK_PKCS11_FUNCTION_INFO(C_SetPIN) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ - CK_ULONG ulOldLen, /* length of the old PIN */ - CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ - CK_ULONG ulNewLen /* length of the new PIN */ -); -#endif - - - -/* Session management */ - -/* C_OpenSession opens a session between an application and a - * token. */ -CK_PKCS11_FUNCTION_INFO(C_OpenSession) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* the slot's ID */ - CK_FLAGS flags, /* from CK_SESSION_INFO */ - CK_VOID_PTR pApplication, /* passed to callback */ - CK_NOTIFY Notify, /* callback function */ - CK_SESSION_HANDLE_PTR phSession /* gets session handle */ -); -#endif - - -/* C_CloseSession closes a session between an application and a - * token. */ -CK_PKCS11_FUNCTION_INFO(C_CloseSession) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - -/* C_CloseAllSessions closes all sessions with a token. */ -CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID /* the token's slot */ -); -#endif - - -/* C_GetSessionInfo obtains information about the session. */ -CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_SESSION_INFO_PTR pInfo /* receives session info */ -); -#endif - - -/* C_GetOperationState obtains the state of the cryptographic operation - * in a session. */ -CK_PKCS11_FUNCTION_INFO(C_GetOperationState) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pOperationState, /* gets state */ - CK_ULONG_PTR pulOperationStateLen /* gets state length */ -); -#endif - - -/* C_SetOperationState restores the state of the cryptographic - * operation in a session. */ -CK_PKCS11_FUNCTION_INFO(C_SetOperationState) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pOperationState, /* holds state */ - CK_ULONG ulOperationStateLen, /* holds state length */ - CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ - CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ -); -#endif - - -/* C_Login logs a user into a token. */ -CK_PKCS11_FUNCTION_INFO(C_Login) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_USER_TYPE userType, /* the user type */ - CK_UTF8CHAR_PTR pPin, /* the user's PIN */ - CK_ULONG ulPinLen /* the length of the PIN */ -); -#endif - - -/* C_Logout logs a user out from a token. */ -CK_PKCS11_FUNCTION_INFO(C_Logout) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - - -/* Object management */ - -/* C_CreateObject creates a new object. */ -CK_PKCS11_FUNCTION_INFO(C_CreateObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ - CK_ULONG ulCount, /* attributes in template */ - CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ -); -#endif - - -/* C_CopyObject copies an object, creating a new object for the - * copy. */ -CK_PKCS11_FUNCTION_INFO(C_CopyObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ - CK_ULONG ulCount, /* attributes in template */ - CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ -); -#endif - - -/* C_DestroyObject destroys an object. */ -CK_PKCS11_FUNCTION_INFO(C_DestroyObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject /* the object's handle */ -); -#endif - - -/* C_GetObjectSize gets the size of an object in bytes. */ -CK_PKCS11_FUNCTION_INFO(C_GetObjectSize) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ULONG_PTR pulSize /* receives size of object */ -); -#endif - - -/* C_GetAttributeValue obtains the value of one or more object - * attributes. */ -CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ - CK_ULONG ulCount /* attributes in template */ -); -#endif - - -/* C_SetAttributeValue modifies the value of one or more object - * attributes */ -CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ - CK_ULONG ulCount /* attributes in template */ -); -#endif - - -/* C_FindObjectsInit initializes a search for token and session - * objects that match a template. */ -CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ - CK_ULONG ulCount /* attrs in search template */ -); -#endif - - -/* C_FindObjects continues a search for token and session - * objects that match a template, obtaining additional object - * handles. */ -CK_PKCS11_FUNCTION_INFO(C_FindObjects) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ - CK_ULONG ulMaxObjectCount, /* max handles to get */ - CK_ULONG_PTR pulObjectCount /* actual # returned */ -); -#endif - - -/* C_FindObjectsFinal finishes a search for token and session - * objects. */ -CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - - -/* Encryption and decryption */ - -/* C_EncryptInit initializes an encryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_EncryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of encryption key */ -); -#endif - - -/* C_Encrypt encrypts single-part data. */ -CK_PKCS11_FUNCTION_INFO(C_Encrypt) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pData, /* the plaintext data */ - CK_ULONG ulDataLen, /* bytes of plaintext */ - CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ -); -#endif - - -/* C_EncryptUpdate continues a multiple-part encryption - * operation. */ -CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext data len */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ -); -#endif - - -/* C_EncryptFinal finishes a multiple-part encryption - * operation. */ -CK_PKCS11_FUNCTION_INFO(C_EncryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session handle */ - CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ - CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ -); -#endif - - -/* C_DecryptInit initializes a decryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_DecryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of decryption key */ -); -#endif - - -/* C_Decrypt decrypts encrypted data in a single part. */ -CK_PKCS11_FUNCTION_INFO(C_Decrypt) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedData, /* ciphertext */ - CK_ULONG ulEncryptedDataLen, /* ciphertext length */ - CK_BYTE_PTR pData, /* gets plaintext */ - CK_ULONG_PTR pulDataLen /* gets p-text size */ -); -#endif - - -/* C_DecryptUpdate continues a multiple-part decryption - * operation. */ -CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* encrypted data */ - CK_ULONG ulEncryptedPartLen, /* input length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* p-text size */ -); -#endif - - -/* C_DecryptFinal finishes a multiple-part decryption - * operation. */ -CK_PKCS11_FUNCTION_INFO(C_DecryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pLastPart, /* gets plaintext */ - CK_ULONG_PTR pulLastPartLen /* p-text size */ -); -#endif - - - -/* Message digesting */ - -/* C_DigestInit initializes a message-digesting operation. */ -CK_PKCS11_FUNCTION_INFO(C_DigestInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ -); -#endif - - -/* C_Digest digests data in a single part. */ -CK_PKCS11_FUNCTION_INFO(C_Digest) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* data to be digested */ - CK_ULONG ulDataLen, /* bytes of data to digest */ - CK_BYTE_PTR pDigest, /* gets the message digest */ - CK_ULONG_PTR pulDigestLen /* gets digest length */ -); -#endif - - -/* C_DigestUpdate continues a multiple-part message-digesting - * operation. */ -CK_PKCS11_FUNCTION_INFO(C_DigestUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* data to be digested */ - CK_ULONG ulPartLen /* bytes of data to be digested */ -); -#endif - - -/* C_DigestKey continues a multi-part message-digesting - * operation, by digesting the value of a secret key as part of - * the data already digested. */ -CK_PKCS11_FUNCTION_INFO(C_DigestKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hKey /* secret key to digest */ -); -#endif - - -/* C_DigestFinal finishes a multiple-part message-digesting - * operation. */ -CK_PKCS11_FUNCTION_INFO(C_DigestFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pDigest, /* gets the message digest */ - CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ -); -#endif - - - -/* Signing and MACing */ - -/* C_SignInit initializes a signature (private key encryption) - * operation, where the signature is (will be) an appendix to - * the data, and plaintext cannot be recovered from the - *signature. */ -CK_PKCS11_FUNCTION_INFO(C_SignInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ - CK_OBJECT_HANDLE hKey /* handle of signature key */ -); -#endif - - -/* C_Sign signs (encrypts with private key) data in a single - * part, where the signature is (will be) an appendix to the - * data, and plaintext cannot be recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_Sign) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* the data to sign */ - CK_ULONG ulDataLen, /* count of bytes to sign */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - -/* C_SignUpdate continues a multiple-part signature operation, - * where the signature is (will be) an appendix to the data, - * and plaintext cannot be recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_SignUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* the data to sign */ - CK_ULONG ulPartLen /* count of bytes to sign */ -); -#endif - - -/* C_SignFinal finishes a multiple-part signature operation, - * returning the signature. */ -CK_PKCS11_FUNCTION_INFO(C_SignFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - -/* C_SignRecoverInit initializes a signature operation, where - * the data can be recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ - CK_OBJECT_HANDLE hKey /* handle of the signature key */ -); -#endif - - -/* C_SignRecover signs data in a single operation, where the - * data can be recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_SignRecover) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* the data to sign */ - CK_ULONG ulDataLen, /* count of bytes to sign */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - - -/* Verifying signatures and MACs */ - -/* C_VerifyInit initializes a verification operation, where the - * signature is an appendix to the data, and plaintext cannot - * cannot be recovered from the signature (e.g. DSA). */ -CK_PKCS11_FUNCTION_INFO(C_VerifyInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ - CK_OBJECT_HANDLE hKey /* verification key */ -); -#endif - - -/* C_Verify verifies a signature in a single-part operation, - * where the signature is an appendix to the data, and plaintext - * cannot be recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_Verify) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* signed data */ - CK_ULONG ulDataLen, /* length of signed data */ - CK_BYTE_PTR pSignature, /* signature */ - CK_ULONG ulSignatureLen /* signature length*/ -); -#endif - - -/* C_VerifyUpdate continues a multiple-part verification - * operation, where the signature is an appendix to the data, - * and plaintext cannot be recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* signed data */ - CK_ULONG ulPartLen /* length of signed data */ -); -#endif - - -/* C_VerifyFinal finishes a multiple-part verification - * operation, checking the signature. */ -CK_PKCS11_FUNCTION_INFO(C_VerifyFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* signature to verify */ - CK_ULONG ulSignatureLen /* signature length */ -); -#endif - - -/* C_VerifyRecoverInit initializes a signature verification - * operation, where the data is recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ - CK_OBJECT_HANDLE hKey /* verification key */ -); -#endif - - -/* C_VerifyRecover verifies a signature in a single-part - * operation, where the data is recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_VerifyRecover) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* signature to verify */ - CK_ULONG ulSignatureLen, /* signature length */ - CK_BYTE_PTR pData, /* gets signed data */ - CK_ULONG_PTR pulDataLen /* gets signed data len */ -); -#endif - - - -/* Dual-function cryptographic operations */ - -/* C_DigestEncryptUpdate continues a multiple-part digesting - * and encryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext length */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ -); -#endif - - -/* C_DecryptDigestUpdate continues a multiple-part decryption and - * digesting operation. */ -CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* ciphertext */ - CK_ULONG ulEncryptedPartLen, /* ciphertext length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* gets plaintext len */ -); -#endif - - -/* C_SignEncryptUpdate continues a multiple-part signing and - * encryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext length */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ -); -#endif - - -/* C_DecryptVerifyUpdate continues a multiple-part decryption and - * verify operation. */ -CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* ciphertext */ - CK_ULONG ulEncryptedPartLen, /* ciphertext length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* gets p-text length */ -); -#endif - - - -/* Key management */ - -/* C_GenerateKey generates a secret key, creating a new key - * object. */ -CK_PKCS11_FUNCTION_INFO(C_GenerateKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* key generation mech. */ - CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ - CK_ULONG ulCount, /* # of attrs in template */ - CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ -); -#endif - - -/* C_GenerateKeyPair generates a public-key/private-key pair, - * creating new key objects. */ -CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session - * handle */ - CK_MECHANISM_PTR pMechanism, /* key-gen - * mech. */ - CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template - * for pub. - * key */ - CK_ULONG ulPublicKeyAttributeCount, /* # pub. - * attrs. */ - CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template - * for priv. - * key */ - CK_ULONG ulPrivateKeyAttributeCount, /* # priv. - * attrs. */ - CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. - * key - * handle */ - CK_OBJECT_HANDLE_PTR phPrivateKey /* gets - * priv. key - * handle */ -); -#endif - - -/* C_WrapKey wraps (i.e., encrypts) a key. */ -CK_PKCS11_FUNCTION_INFO(C_WrapKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ - CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ - CK_OBJECT_HANDLE hKey, /* key to be wrapped */ - CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ - CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ -); -#endif - - -/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new - * key object. */ -CK_PKCS11_FUNCTION_INFO(C_UnwrapKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ - CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ - CK_BYTE_PTR pWrappedKey, /* the wrapped key */ - CK_ULONG ulWrappedKeyLen, /* wrapped key len */ - CK_ATTRIBUTE_PTR pTemplate, /* new key template */ - CK_ULONG ulAttributeCount, /* template length */ - CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ -); -#endif - - -/* C_DeriveKey derives a key from a base key, creating a new key - * object. */ -CK_PKCS11_FUNCTION_INFO(C_DeriveKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ - CK_OBJECT_HANDLE hBaseKey, /* base key */ - CK_ATTRIBUTE_PTR pTemplate, /* new key template */ - CK_ULONG ulAttributeCount, /* template length */ - CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ -); -#endif - - - -/* Random number generation */ - -/* C_SeedRandom mixes additional seed material into the token's - * random number generator. */ -CK_PKCS11_FUNCTION_INFO(C_SeedRandom) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSeed, /* the seed material */ - CK_ULONG ulSeedLen /* length of seed material */ -); -#endif - - -/* C_GenerateRandom generates random data. */ -CK_PKCS11_FUNCTION_INFO(C_GenerateRandom) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR RandomData, /* receives the random data */ - CK_ULONG ulRandomLen /* # of bytes to generate */ -); -#endif - - - -/* Parallel function management */ - -/* C_GetFunctionStatus is a legacy function; it obtains an - * updated status of a function running in parallel with an - * application. */ -CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - -/* C_CancelFunction is a legacy function; it cancels a function - * running in parallel. */ -CK_PKCS11_FUNCTION_INFO(C_CancelFunction) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - - -/* Functions added in for Cryptoki Version 2.01 or later */ - -/* C_WaitForSlotEvent waits for a slot event (token insertion, - * removal, etc.) to occur. */ -CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent) -#ifdef CK_NEED_ARG_LIST -( - CK_FLAGS flags, /* blocking/nonblocking flag */ - CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ - CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */ -); -#endif +/* pkcs11f.h include file for PKCS #11. */ +/* $Revision: 1.4 $ */ + +/* License to copy and use this software is granted provided that it is + * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface + * (Cryptoki)" in all material mentioning or referencing this software. + + * License is also granted to make and use derivative works provided that + * such works are identified as "derived from the RSA Security Inc. PKCS #11 + * Cryptographic Token Interface (Cryptoki)" in all material mentioning or + * referencing the derived work. + + * RSA Security Inc. makes no representations concerning either the + * merchantability of this software or the suitability of this software for + * any particular purpose. It is provided "as is" without express or implied + * warranty of any kind. + */ + +/* This header file contains pretty much everything about all the */ +/* Cryptoki function prototypes. Because this information is */ +/* used for more than just declaring function prototypes, the */ +/* order of the functions appearing herein is important, and */ +/* should not be altered. */ + +/* General-purpose */ + +/* C_Initialize initializes the Cryptoki library. */ +CK_PKCS11_FUNCTION_INFO(C_Initialize) +#ifdef CK_NEED_ARG_LIST +( + CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets + * cast to CK_C_INITIALIZE_ARGS_PTR + * and dereferenced */ +); +#endif + + +/* C_Finalize indicates that an application is done with the + * Cryptoki library. */ +CK_PKCS11_FUNCTION_INFO(C_Finalize) +#ifdef CK_NEED_ARG_LIST +( + CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */ +); +#endif + + +/* C_GetInfo returns general information about Cryptoki. */ +CK_PKCS11_FUNCTION_INFO(C_GetInfo) +#ifdef CK_NEED_ARG_LIST +( + CK_INFO_PTR pInfo /* location that receives information */ +); +#endif + + +/* C_GetFunctionList returns the function list. */ +CK_PKCS11_FUNCTION_INFO(C_GetFunctionList) +#ifdef CK_NEED_ARG_LIST +( + CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to + * function list */ +); +#endif + + + +/* Slot and token management */ + +/* C_GetSlotList obtains a list of slots in the system. */ +CK_PKCS11_FUNCTION_INFO(C_GetSlotList) +#ifdef CK_NEED_ARG_LIST +( + CK_BBOOL tokenPresent, /* only slots with tokens? */ + CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ + CK_ULONG_PTR pulCount /* receives number of slots */ +); +#endif + + +/* C_GetSlotInfo obtains information about a particular slot in + * the system. */ +CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo) +#ifdef CK_NEED_ARG_LIST +( + CK_SLOT_ID slotID, /* the ID of the slot */ + CK_SLOT_INFO_PTR pInfo /* receives the slot information */ +); +#endif + + +/* C_GetTokenInfo obtains information about a particular token + * in the system. */ +CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo) +#ifdef CK_NEED_ARG_LIST +( + CK_SLOT_ID slotID, /* ID of the token's slot */ + CK_TOKEN_INFO_PTR pInfo /* receives the token information */ +); +#endif + + +/* C_GetMechanismList obtains a list of mechanism types + * supported by a token. */ +CK_PKCS11_FUNCTION_INFO(C_GetMechanismList) +#ifdef CK_NEED_ARG_LIST +( + CK_SLOT_ID slotID, /* ID of token's slot */ + CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ + CK_ULONG_PTR pulCount /* gets # of mechs. */ +); +#endif + + +/* C_GetMechanismInfo obtains information about a particular + * mechanism possibly supported by a token. */ +CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo) +#ifdef CK_NEED_ARG_LIST +( + CK_SLOT_ID slotID, /* ID of the token's slot */ + CK_MECHANISM_TYPE type, /* type of mechanism */ + CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ +); +#endif + + +/* C_InitToken initializes a token. */ +CK_PKCS11_FUNCTION_INFO(C_InitToken) +#ifdef CK_NEED_ARG_LIST +/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */ +( + CK_SLOT_ID slotID, /* ID of the token's slot */ + CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ + CK_ULONG ulPinLen, /* length in bytes of the PIN */ + CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ +); +#endif + + +/* C_InitPIN initializes the normal user's PIN. */ +CK_PKCS11_FUNCTION_INFO(C_InitPIN) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ + CK_ULONG ulPinLen /* length in bytes of the PIN */ +); +#endif + + +/* C_SetPIN modifies the PIN of the user who is logged in. */ +CK_PKCS11_FUNCTION_INFO(C_SetPIN) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ + CK_ULONG ulOldLen, /* length of the old PIN */ + CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ + CK_ULONG ulNewLen /* length of the new PIN */ +); +#endif + + + +/* Session management */ + +/* C_OpenSession opens a session between an application and a + * token. */ +CK_PKCS11_FUNCTION_INFO(C_OpenSession) +#ifdef CK_NEED_ARG_LIST +( + CK_SLOT_ID slotID, /* the slot's ID */ + CK_FLAGS flags, /* from CK_SESSION_INFO */ + CK_VOID_PTR pApplication, /* passed to callback */ + CK_NOTIFY Notify, /* callback function */ + CK_SESSION_HANDLE_PTR phSession /* gets session handle */ +); +#endif + + +/* C_CloseSession closes a session between an application and a + * token. */ +CK_PKCS11_FUNCTION_INFO(C_CloseSession) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession /* the session's handle */ +); +#endif + + +/* C_CloseAllSessions closes all sessions with a token. */ +CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions) +#ifdef CK_NEED_ARG_LIST +( + CK_SLOT_ID slotID /* the token's slot */ +); +#endif + + +/* C_GetSessionInfo obtains information about the session. */ +CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_SESSION_INFO_PTR pInfo /* receives session info */ +); +#endif + + +/* C_GetOperationState obtains the state of the cryptographic operation + * in a session. */ +CK_PKCS11_FUNCTION_INFO(C_GetOperationState) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session's handle */ + CK_BYTE_PTR pOperationState, /* gets state */ + CK_ULONG_PTR pulOperationStateLen /* gets state length */ +); +#endif + + +/* C_SetOperationState restores the state of the cryptographic + * operation in a session. */ +CK_PKCS11_FUNCTION_INFO(C_SetOperationState) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session's handle */ + CK_BYTE_PTR pOperationState, /* holds state */ + CK_ULONG ulOperationStateLen, /* holds state length */ + CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ + CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ +); +#endif + + +/* C_Login logs a user into a token. */ +CK_PKCS11_FUNCTION_INFO(C_Login) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_USER_TYPE userType, /* the user type */ + CK_UTF8CHAR_PTR pPin, /* the user's PIN */ + CK_ULONG ulPinLen /* the length of the PIN */ +); +#endif + + +/* C_Logout logs a user out from a token. */ +CK_PKCS11_FUNCTION_INFO(C_Logout) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession /* the session's handle */ +); +#endif + + + +/* Object management */ + +/* C_CreateObject creates a new object. */ +CK_PKCS11_FUNCTION_INFO(C_CreateObject) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ + CK_ULONG ulCount, /* attributes in template */ + CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ +); +#endif + + +/* C_CopyObject copies an object, creating a new object for the + * copy. */ +CK_PKCS11_FUNCTION_INFO(C_CopyObject) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_OBJECT_HANDLE hObject, /* the object's handle */ + CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ + CK_ULONG ulCount, /* attributes in template */ + CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ +); +#endif + + +/* C_DestroyObject destroys an object. */ +CK_PKCS11_FUNCTION_INFO(C_DestroyObject) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_OBJECT_HANDLE hObject /* the object's handle */ +); +#endif + + +/* C_GetObjectSize gets the size of an object in bytes. */ +CK_PKCS11_FUNCTION_INFO(C_GetObjectSize) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_OBJECT_HANDLE hObject, /* the object's handle */ + CK_ULONG_PTR pulSize /* receives size of object */ +); +#endif + + +/* C_GetAttributeValue obtains the value of one or more object + * attributes. */ +CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_OBJECT_HANDLE hObject, /* the object's handle */ + CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ + CK_ULONG ulCount /* attributes in template */ +); +#endif + + +/* C_SetAttributeValue modifies the value of one or more object + * attributes */ +CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_OBJECT_HANDLE hObject, /* the object's handle */ + CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ + CK_ULONG ulCount /* attributes in template */ +); +#endif + + +/* C_FindObjectsInit initializes a search for token and session + * objects that match a template. */ +CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ + CK_ULONG ulCount /* attrs in search template */ +); +#endif + + +/* C_FindObjects continues a search for token and session + * objects that match a template, obtaining additional object + * handles. */ +CK_PKCS11_FUNCTION_INFO(C_FindObjects) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session's handle */ + CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ + CK_ULONG ulMaxObjectCount, /* max handles to get */ + CK_ULONG_PTR pulObjectCount /* actual # returned */ +); +#endif + + +/* C_FindObjectsFinal finishes a search for token and session + * objects. */ +CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession /* the session's handle */ +); +#endif + + + +/* Encryption and decryption */ + +/* C_EncryptInit initializes an encryption operation. */ +CK_PKCS11_FUNCTION_INFO(C_EncryptInit) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ + CK_OBJECT_HANDLE hKey /* handle of encryption key */ +); +#endif + + +/* C_Encrypt encrypts single-part data. */ +CK_PKCS11_FUNCTION_INFO(C_Encrypt) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session's handle */ + CK_BYTE_PTR pData, /* the plaintext data */ + CK_ULONG ulDataLen, /* bytes of plaintext */ + CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ + CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ +); +#endif + + +/* C_EncryptUpdate continues a multiple-part encryption + * operation. */ +CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session's handle */ + CK_BYTE_PTR pPart, /* the plaintext data */ + CK_ULONG ulPartLen, /* plaintext data len */ + CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ + CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ +); +#endif + + +/* C_EncryptFinal finishes a multiple-part encryption + * operation. */ +CK_PKCS11_FUNCTION_INFO(C_EncryptFinal) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session handle */ + CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ + CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ +); +#endif + + +/* C_DecryptInit initializes a decryption operation. */ +CK_PKCS11_FUNCTION_INFO(C_DecryptInit) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ + CK_OBJECT_HANDLE hKey /* handle of decryption key */ +); +#endif + + +/* C_Decrypt decrypts encrypted data in a single part. */ +CK_PKCS11_FUNCTION_INFO(C_Decrypt) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session's handle */ + CK_BYTE_PTR pEncryptedData, /* ciphertext */ + CK_ULONG ulEncryptedDataLen, /* ciphertext length */ + CK_BYTE_PTR pData, /* gets plaintext */ + CK_ULONG_PTR pulDataLen /* gets p-text size */ +); +#endif + + +/* C_DecryptUpdate continues a multiple-part decryption + * operation. */ +CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session's handle */ + CK_BYTE_PTR pEncryptedPart, /* encrypted data */ + CK_ULONG ulEncryptedPartLen, /* input length */ + CK_BYTE_PTR pPart, /* gets plaintext */ + CK_ULONG_PTR pulPartLen /* p-text size */ +); +#endif + + +/* C_DecryptFinal finishes a multiple-part decryption + * operation. */ +CK_PKCS11_FUNCTION_INFO(C_DecryptFinal) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR pLastPart, /* gets plaintext */ + CK_ULONG_PTR pulLastPartLen /* p-text size */ +); +#endif + + + +/* Message digesting */ + +/* C_DigestInit initializes a message-digesting operation. */ +CK_PKCS11_FUNCTION_INFO(C_DigestInit) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ +); +#endif + + +/* C_Digest digests data in a single part. */ +CK_PKCS11_FUNCTION_INFO(C_Digest) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR pData, /* data to be digested */ + CK_ULONG ulDataLen, /* bytes of data to digest */ + CK_BYTE_PTR pDigest, /* gets the message digest */ + CK_ULONG_PTR pulDigestLen /* gets digest length */ +); +#endif + + +/* C_DigestUpdate continues a multiple-part message-digesting + * operation. */ +CK_PKCS11_FUNCTION_INFO(C_DigestUpdate) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR pPart, /* data to be digested */ + CK_ULONG ulPartLen /* bytes of data to be digested */ +); +#endif + + +/* C_DigestKey continues a multi-part message-digesting + * operation, by digesting the value of a secret key as part of + * the data already digested. */ +CK_PKCS11_FUNCTION_INFO(C_DigestKey) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_OBJECT_HANDLE hKey /* secret key to digest */ +); +#endif + + +/* C_DigestFinal finishes a multiple-part message-digesting + * operation. */ +CK_PKCS11_FUNCTION_INFO(C_DigestFinal) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR pDigest, /* gets the message digest */ + CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ +); +#endif + + + +/* Signing and MACing */ + +/* C_SignInit initializes a signature (private key encryption) + * operation, where the signature is (will be) an appendix to + * the data, and plaintext cannot be recovered from the + *signature. */ +CK_PKCS11_FUNCTION_INFO(C_SignInit) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ + CK_OBJECT_HANDLE hKey /* handle of signature key */ +); +#endif + + +/* C_Sign signs (encrypts with private key) data in a single + * part, where the signature is (will be) an appendix to the + * data, and plaintext cannot be recovered from the signature. */ +CK_PKCS11_FUNCTION_INFO(C_Sign) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR pData, /* the data to sign */ + CK_ULONG ulDataLen, /* count of bytes to sign */ + CK_BYTE_PTR pSignature, /* gets the signature */ + CK_ULONG_PTR pulSignatureLen /* gets signature length */ +); +#endif + + +/* C_SignUpdate continues a multiple-part signature operation, + * where the signature is (will be) an appendix to the data, + * and plaintext cannot be recovered from the signature. */ +CK_PKCS11_FUNCTION_INFO(C_SignUpdate) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR pPart, /* the data to sign */ + CK_ULONG ulPartLen /* count of bytes to sign */ +); +#endif + + +/* C_SignFinal finishes a multiple-part signature operation, + * returning the signature. */ +CK_PKCS11_FUNCTION_INFO(C_SignFinal) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR pSignature, /* gets the signature */ + CK_ULONG_PTR pulSignatureLen /* gets signature length */ +); +#endif + + +/* C_SignRecoverInit initializes a signature operation, where + * the data can be recovered from the signature. */ +CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ + CK_OBJECT_HANDLE hKey /* handle of the signature key */ +); +#endif + + +/* C_SignRecover signs data in a single operation, where the + * data can be recovered from the signature. */ +CK_PKCS11_FUNCTION_INFO(C_SignRecover) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR pData, /* the data to sign */ + CK_ULONG ulDataLen, /* count of bytes to sign */ + CK_BYTE_PTR pSignature, /* gets the signature */ + CK_ULONG_PTR pulSignatureLen /* gets signature length */ +); +#endif + + + +/* Verifying signatures and MACs */ + +/* C_VerifyInit initializes a verification operation, where the + * signature is an appendix to the data, and plaintext cannot + * cannot be recovered from the signature (e.g. DSA). */ +CK_PKCS11_FUNCTION_INFO(C_VerifyInit) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ + CK_OBJECT_HANDLE hKey /* verification key */ +); +#endif + + +/* C_Verify verifies a signature in a single-part operation, + * where the signature is an appendix to the data, and plaintext + * cannot be recovered from the signature. */ +CK_PKCS11_FUNCTION_INFO(C_Verify) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR pData, /* signed data */ + CK_ULONG ulDataLen, /* length of signed data */ + CK_BYTE_PTR pSignature, /* signature */ + CK_ULONG ulSignatureLen /* signature length*/ +); +#endif + + +/* C_VerifyUpdate continues a multiple-part verification + * operation, where the signature is an appendix to the data, + * and plaintext cannot be recovered from the signature. */ +CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR pPart, /* signed data */ + CK_ULONG ulPartLen /* length of signed data */ +); +#endif + + +/* C_VerifyFinal finishes a multiple-part verification + * operation, checking the signature. */ +CK_PKCS11_FUNCTION_INFO(C_VerifyFinal) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR pSignature, /* signature to verify */ + CK_ULONG ulSignatureLen /* signature length */ +); +#endif + + +/* C_VerifyRecoverInit initializes a signature verification + * operation, where the data is recovered from the signature. */ +CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ + CK_OBJECT_HANDLE hKey /* verification key */ +); +#endif + + +/* C_VerifyRecover verifies a signature in a single-part + * operation, where the data is recovered from the signature. */ +CK_PKCS11_FUNCTION_INFO(C_VerifyRecover) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR pSignature, /* signature to verify */ + CK_ULONG ulSignatureLen, /* signature length */ + CK_BYTE_PTR pData, /* gets signed data */ + CK_ULONG_PTR pulDataLen /* gets signed data len */ +); +#endif + + + +/* Dual-function cryptographic operations */ + +/* C_DigestEncryptUpdate continues a multiple-part digesting + * and encryption operation. */ +CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session's handle */ + CK_BYTE_PTR pPart, /* the plaintext data */ + CK_ULONG ulPartLen, /* plaintext length */ + CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ + CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ +); +#endif + + +/* C_DecryptDigestUpdate continues a multiple-part decryption and + * digesting operation. */ +CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session's handle */ + CK_BYTE_PTR pEncryptedPart, /* ciphertext */ + CK_ULONG ulEncryptedPartLen, /* ciphertext length */ + CK_BYTE_PTR pPart, /* gets plaintext */ + CK_ULONG_PTR pulPartLen /* gets plaintext len */ +); +#endif + + +/* C_SignEncryptUpdate continues a multiple-part signing and + * encryption operation. */ +CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session's handle */ + CK_BYTE_PTR pPart, /* the plaintext data */ + CK_ULONG ulPartLen, /* plaintext length */ + CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ + CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ +); +#endif + + +/* C_DecryptVerifyUpdate continues a multiple-part decryption and + * verify operation. */ +CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session's handle */ + CK_BYTE_PTR pEncryptedPart, /* ciphertext */ + CK_ULONG ulEncryptedPartLen, /* ciphertext length */ + CK_BYTE_PTR pPart, /* gets plaintext */ + CK_ULONG_PTR pulPartLen /* gets p-text length */ +); +#endif + + + +/* Key management */ + +/* C_GenerateKey generates a secret key, creating a new key + * object. */ +CK_PKCS11_FUNCTION_INFO(C_GenerateKey) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_MECHANISM_PTR pMechanism, /* key generation mech. */ + CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ + CK_ULONG ulCount, /* # of attrs in template */ + CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ +); +#endif + + +/* C_GenerateKeyPair generates a public-key/private-key pair, + * creating new key objects. */ +CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session + * handle */ + CK_MECHANISM_PTR pMechanism, /* key-gen + * mech. */ + CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template + * for pub. + * key */ + CK_ULONG ulPublicKeyAttributeCount, /* # pub. + * attrs. */ + CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template + * for priv. + * key */ + CK_ULONG ulPrivateKeyAttributeCount, /* # priv. + * attrs. */ + CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. + * key + * handle */ + CK_OBJECT_HANDLE_PTR phPrivateKey /* gets + * priv. key + * handle */ +); +#endif + + +/* C_WrapKey wraps (i.e., encrypts) a key. */ +CK_PKCS11_FUNCTION_INFO(C_WrapKey) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ + CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ + CK_OBJECT_HANDLE hKey, /* key to be wrapped */ + CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ + CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ +); +#endif + + +/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new + * key object. */ +CK_PKCS11_FUNCTION_INFO(C_UnwrapKey) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session's handle */ + CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ + CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ + CK_BYTE_PTR pWrappedKey, /* the wrapped key */ + CK_ULONG ulWrappedKeyLen, /* wrapped key len */ + CK_ATTRIBUTE_PTR pTemplate, /* new key template */ + CK_ULONG ulAttributeCount, /* template length */ + CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ +); +#endif + + +/* C_DeriveKey derives a key from a base key, creating a new key + * object. */ +CK_PKCS11_FUNCTION_INFO(C_DeriveKey) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* session's handle */ + CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ + CK_OBJECT_HANDLE hBaseKey, /* base key */ + CK_ATTRIBUTE_PTR pTemplate, /* new key template */ + CK_ULONG ulAttributeCount, /* template length */ + CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ +); +#endif + + + +/* Random number generation */ + +/* C_SeedRandom mixes additional seed material into the token's + * random number generator. */ +CK_PKCS11_FUNCTION_INFO(C_SeedRandom) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR pSeed, /* the seed material */ + CK_ULONG ulSeedLen /* length of seed material */ +); +#endif + + +/* C_GenerateRandom generates random data. */ +CK_PKCS11_FUNCTION_INFO(C_GenerateRandom) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_BYTE_PTR RandomData, /* receives the random data */ + CK_ULONG ulRandomLen /* # of bytes to generate */ +); +#endif + + + +/* Parallel function management */ + +/* C_GetFunctionStatus is a legacy function; it obtains an + * updated status of a function running in parallel with an + * application. */ +CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession /* the session's handle */ +); +#endif + + +/* C_CancelFunction is a legacy function; it cancels a function + * running in parallel. */ +CK_PKCS11_FUNCTION_INFO(C_CancelFunction) +#ifdef CK_NEED_ARG_LIST +( + CK_SESSION_HANDLE hSession /* the session's handle */ +); +#endif + + + +/* Functions added in for Cryptoki Version 2.01 or later */ + +/* C_WaitForSlotEvent waits for a slot event (token insertion, + * removal, etc.) to occur. */ +CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent) +#ifdef CK_NEED_ARG_LIST +( + CK_FLAGS flags, /* blocking/nonblocking flag */ + CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ + CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */ +); +#endif diff --git a/src/PKCS11/pkcs11t.h b/src/PKCS11/pkcs11t.h index ff6b4e70..4c9d938d 100644 --- a/src/PKCS11/pkcs11t.h +++ b/src/PKCS11/pkcs11t.h @@ -1,1885 +1,1885 @@ -/* pkcs11t.h include file for PKCS #11. */ -/* $Revision: 1.10 $ */ - -/* License to copy and use this software is granted provided that it is - * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface - * (Cryptoki)" in all material mentioning or referencing this software. - - * License is also granted to make and use derivative works provided that - * such works are identified as "derived from the RSA Security Inc. PKCS #11 - * Cryptographic Token Interface (Cryptoki)" in all material mentioning or - * referencing the derived work. - - * RSA Security Inc. makes no representations concerning either the - * merchantability of this software or the suitability of this software for - * any particular purpose. It is provided "as is" without express or implied - * warranty of any kind. - */ - -/* See top of pkcs11.h for information about the macros that - * must be defined and the structure-packing conventions that - * must be set before including this file. */ - -#ifndef _PKCS11T_H_ -#define _PKCS11T_H_ 1 - -#define CRYPTOKI_VERSION_MAJOR 2 -#define CRYPTOKI_VERSION_MINOR 20 -#define CRYPTOKI_VERSION_AMENDMENT 3 - -#define CK_TRUE 1 -#define CK_FALSE 0 - -#ifndef CK_DISABLE_TRUE_FALSE -#ifndef FALSE -#define FALSE CK_FALSE -#endif - -#ifndef TRUE -#define TRUE CK_TRUE -#endif -#endif - -/* an unsigned 8-bit value */ -typedef unsigned char CK_BYTE; - -/* an unsigned 8-bit character */ -typedef CK_BYTE CK_CHAR; - -/* an 8-bit UTF-8 character */ -typedef CK_BYTE CK_UTF8CHAR; - -/* a BYTE-sized Boolean flag */ -typedef CK_BYTE CK_BBOOL; - -/* an unsigned value, at least 32 bits long */ -typedef unsigned long int CK_ULONG; - -/* a signed value, the same size as a CK_ULONG */ -/* CK_LONG is new for v2.0 */ -typedef long int CK_LONG; - -/* at least 32 bits; each bit is a Boolean flag */ -typedef CK_ULONG CK_FLAGS; - - -/* some special values for certain CK_ULONG variables */ -#define CK_UNAVAILABLE_INFORMATION (~0UL) -#define CK_EFFECTIVELY_INFINITE 0 - - -typedef CK_BYTE CK_PTR CK_BYTE_PTR; -typedef CK_CHAR CK_PTR CK_CHAR_PTR; -typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; -typedef CK_ULONG CK_PTR CK_ULONG_PTR; -typedef void CK_PTR CK_VOID_PTR; - -/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ -typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; - - -/* The following value is always invalid if used as a session */ -/* handle or object handle */ -#define CK_INVALID_HANDLE 0 - - -typedef struct CK_VERSION { - CK_BYTE major; /* integer portion of version number */ - CK_BYTE minor; /* 1/100ths portion of version number */ -} CK_VERSION; - -typedef CK_VERSION CK_PTR CK_VERSION_PTR; - - -typedef struct CK_INFO { - /* manufacturerID and libraryDecription have been changed from - * CK_CHAR to CK_UTF8CHAR for v2.10 */ - CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_FLAGS flags; /* must be zero */ - - /* libraryDescription and libraryVersion are new for v2.0 */ - CK_UTF8CHAR libraryDescription[32]; /* blank padded */ - CK_VERSION libraryVersion; /* version of library */ -} CK_INFO; - -typedef CK_INFO CK_PTR CK_INFO_PTR; - - -/* CK_NOTIFICATION enumerates the types of notifications that - * Cryptoki provides to an application */ -/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG - * for v2.0 */ -typedef CK_ULONG CK_NOTIFICATION; -#define CKN_SURRENDER 0 - -/* The following notification is new for PKCS #11 v2.20 amendment 3 */ -#define CKN_OTP_CHANGED 1 - - -typedef CK_ULONG CK_SLOT_ID; - -typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; - - -/* CK_SLOT_INFO provides information about a slot */ -typedef struct CK_SLOT_INFO { - /* slotDescription and manufacturerID have been changed from - * CK_CHAR to CK_UTF8CHAR for v2.10 */ - CK_UTF8CHAR slotDescription[64]; /* blank padded */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_FLAGS flags; - - /* hardwareVersion and firmwareVersion are new for v2.0 */ - CK_VERSION hardwareVersion; /* version of hardware */ - CK_VERSION firmwareVersion; /* version of firmware */ -} CK_SLOT_INFO; - -/* flags: bit flags that provide capabilities of the slot - * Bit Flag Mask Meaning - */ -#define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */ -#define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/ -#define CKF_HW_SLOT 0x00000004 /* hardware slot */ - -typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; - - -/* CK_TOKEN_INFO provides information about a token */ -typedef struct CK_TOKEN_INFO { - /* label, manufacturerID, and model have been changed from - * CK_CHAR to CK_UTF8CHAR for v2.10 */ - CK_UTF8CHAR label[32]; /* blank padded */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_UTF8CHAR model[16]; /* blank padded */ - CK_CHAR serialNumber[16]; /* blank padded */ - CK_FLAGS flags; /* see below */ - - /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount, - * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been - * changed from CK_USHORT to CK_ULONG for v2.0 */ - CK_ULONG ulMaxSessionCount; /* max open sessions */ - CK_ULONG ulSessionCount; /* sess. now open */ - CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ - CK_ULONG ulRwSessionCount; /* R/W sess. now open */ - CK_ULONG ulMaxPinLen; /* in bytes */ - CK_ULONG ulMinPinLen; /* in bytes */ - CK_ULONG ulTotalPublicMemory; /* in bytes */ - CK_ULONG ulFreePublicMemory; /* in bytes */ - CK_ULONG ulTotalPrivateMemory; /* in bytes */ - CK_ULONG ulFreePrivateMemory; /* in bytes */ - - /* hardwareVersion, firmwareVersion, and time are new for - * v2.0 */ - CK_VERSION hardwareVersion; /* version of hardware */ - CK_VERSION firmwareVersion; /* version of firmware */ - CK_CHAR utcTime[16]; /* time */ -} CK_TOKEN_INFO; - -/* The flags parameter is defined as follows: - * Bit Flag Mask Meaning - */ -#define CKF_RNG 0x00000001 /* has random # - * generator */ -#define CKF_WRITE_PROTECTED 0x00000002 /* token is - * write- - * protected */ -#define CKF_LOGIN_REQUIRED 0x00000004 /* user must - * login */ -#define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's - * PIN is set */ - -/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, - * that means that *every* time the state of cryptographic - * operations of a session is successfully saved, all keys - * needed to continue those operations are stored in the state */ -#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020 - -/* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means - * that the token has some sort of clock. The time on that - * clock is returned in the token info structure */ -#define CKF_CLOCK_ON_TOKEN 0x00000040 - -/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is - * set, that means that there is some way for the user to login - * without sending a PIN through the Cryptoki library itself */ -#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100 - -/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, - * that means that a single session with the token can perform - * dual simultaneous cryptographic operations (digest and - * encrypt; decrypt and digest; sign and encrypt; and decrypt - * and sign) */ -#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 - -/* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the - * token has been initialized using C_InitializeToken or an - * equivalent mechanism outside the scope of PKCS #11. - * Calling C_InitializeToken when this flag is set will cause - * the token to be reinitialized. */ -#define CKF_TOKEN_INITIALIZED 0x00000400 - -/* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is - * true, the token supports secondary authentication for - * private key objects. This flag is deprecated in v2.11 and - onwards. */ -#define CKF_SECONDARY_AUTHENTICATION 0x00000800 - -/* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an - * incorrect user login PIN has been entered at least once - * since the last successful authentication. */ -#define CKF_USER_PIN_COUNT_LOW 0x00010000 - -/* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true, - * supplying an incorrect user PIN will it to become locked. */ -#define CKF_USER_PIN_FINAL_TRY 0x00020000 - -/* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the - * user PIN has been locked. User login to the token is not - * possible. */ -#define CKF_USER_PIN_LOCKED 0x00040000 - -/* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, - * the user PIN value is the default value set by token - * initialization or manufacturing, or the PIN has been - * expired by the card. */ -#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000 - -/* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an - * incorrect SO login PIN has been entered at least once since - * the last successful authentication. */ -#define CKF_SO_PIN_COUNT_LOW 0x00100000 - -/* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true, - * supplying an incorrect SO PIN will it to become locked. */ -#define CKF_SO_PIN_FINAL_TRY 0x00200000 - -/* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO - * PIN has been locked. SO login to the token is not possible. - */ -#define CKF_SO_PIN_LOCKED 0x00400000 - -/* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true, - * the SO PIN value is the default value set by token - * initialization or manufacturing, or the PIN has been - * expired by the card. */ -#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000 - -typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; - - -/* CK_SESSION_HANDLE is a Cryptoki-assigned value that - * identifies a session */ -typedef CK_ULONG CK_SESSION_HANDLE; - -typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; - - -/* CK_USER_TYPE enumerates the types of Cryptoki users */ -/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for - * v2.0 */ -typedef CK_ULONG CK_USER_TYPE; -/* Security Officer */ -#define CKU_SO 0 -/* Normal user */ -#define CKU_USER 1 -/* Context specific (added in v2.20) */ -#define CKU_CONTEXT_SPECIFIC 2 - -/* CK_STATE enumerates the session states */ -/* CK_STATE has been changed from an enum to a CK_ULONG for - * v2.0 */ -typedef CK_ULONG CK_STATE; -#define CKS_RO_PUBLIC_SESSION 0 -#define CKS_RO_USER_FUNCTIONS 1 -#define CKS_RW_PUBLIC_SESSION 2 -#define CKS_RW_USER_FUNCTIONS 3 -#define CKS_RW_SO_FUNCTIONS 4 - - -/* CK_SESSION_INFO provides information about a session */ -typedef struct CK_SESSION_INFO { - CK_SLOT_ID slotID; - CK_STATE state; - CK_FLAGS flags; /* see below */ - - /* ulDeviceError was changed from CK_USHORT to CK_ULONG for - * v2.0 */ - CK_ULONG ulDeviceError; /* device-dependent error code */ -} CK_SESSION_INFO; - -/* The flags are defined in the following table: - * Bit Flag Mask Meaning - */ -#define CKF_RW_SESSION 0x00000002 /* session is r/w */ -#define CKF_SERIAL_SESSION 0x00000004 /* no parallel */ - -typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; - - -/* CK_OBJECT_HANDLE is a token-specific identifier for an - * object */ -typedef CK_ULONG CK_OBJECT_HANDLE; - -typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; - - -/* CK_OBJECT_CLASS is a value that identifies the classes (or - * types) of objects that Cryptoki recognizes. It is defined - * as follows: */ -/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for - * v2.0 */ -typedef CK_ULONG CK_OBJECT_CLASS; - -/* The following classes of objects are defined: */ -/* CKO_HW_FEATURE is new for v2.10 */ -/* CKO_DOMAIN_PARAMETERS is new for v2.11 */ -/* CKO_MECHANISM is new for v2.20 */ -#define CKO_DATA 0x00000000 -#define CKO_CERTIFICATE 0x00000001 -#define CKO_PUBLIC_KEY 0x00000002 -#define CKO_PRIVATE_KEY 0x00000003 -#define CKO_SECRET_KEY 0x00000004 -#define CKO_HW_FEATURE 0x00000005 -#define CKO_DOMAIN_PARAMETERS 0x00000006 -#define CKO_MECHANISM 0x00000007 - -/* CKO_OTP_KEY is new for PKCS #11 v2.20 amendment 1 */ -#define CKO_OTP_KEY 0x00000008 - -#define CKO_VENDOR_DEFINED 0x80000000 - -typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; - -/* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a - * value that identifies the hardware feature type of an object - * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */ -typedef CK_ULONG CK_HW_FEATURE_TYPE; - -/* The following hardware feature types are defined */ -/* CKH_USER_INTERFACE is new for v2.20 */ -#define CKH_MONOTONIC_COUNTER 0x00000001 -#define CKH_CLOCK 0x00000002 -#define CKH_USER_INTERFACE 0x00000003 -#define CKH_VENDOR_DEFINED 0x80000000 - -/* CK_KEY_TYPE is a value that identifies a key type */ -/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */ -typedef CK_ULONG CK_KEY_TYPE; - -/* the following key types are defined: */ -#define CKK_RSA 0x00000000 -#define CKK_DSA 0x00000001 -#define CKK_DH 0x00000002 - -/* CKK_ECDSA and CKK_KEA are new for v2.0 */ -/* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */ -#define CKK_ECDSA 0x00000003 -#define CKK_EC 0x00000003 -#define CKK_X9_42_DH 0x00000004 -#define CKK_KEA 0x00000005 - -#define CKK_GENERIC_SECRET 0x00000010 -#define CKK_RC2 0x00000011 -#define CKK_RC4 0x00000012 -#define CKK_DES 0x00000013 -#define CKK_DES2 0x00000014 -#define CKK_DES3 0x00000015 - -/* all these key types are new for v2.0 */ -#define CKK_CAST 0x00000016 -#define CKK_CAST3 0x00000017 -/* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */ -#define CKK_CAST5 0x00000018 -#define CKK_CAST128 0x00000018 -#define CKK_RC5 0x00000019 -#define CKK_IDEA 0x0000001A -#define CKK_SKIPJACK 0x0000001B -#define CKK_BATON 0x0000001C -#define CKK_JUNIPER 0x0000001D -#define CKK_CDMF 0x0000001E -#define CKK_AES 0x0000001F - -/* BlowFish and TwoFish are new for v2.20 */ -#define CKK_BLOWFISH 0x00000020 -#define CKK_TWOFISH 0x00000021 - -/* SecurID, HOTP, and ACTI are new for PKCS #11 v2.20 amendment 1 */ -#define CKK_SECURID 0x00000022 -#define CKK_HOTP 0x00000023 -#define CKK_ACTI 0x00000024 - -/* Camellia is new for PKCS #11 v2.20 amendment 3 */ -#define CKK_CAMELLIA 0x00000025 -/* ARIA is new for PKCS #11 v2.20 amendment 3 */ -#define CKK_ARIA 0x00000026 - - -#define CKK_VENDOR_DEFINED 0x80000000 - - -/* CK_CERTIFICATE_TYPE is a value that identifies a certificate - * type */ -/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG - * for v2.0 */ -typedef CK_ULONG CK_CERTIFICATE_TYPE; - -/* The following certificate types are defined: */ -/* CKC_X_509_ATTR_CERT is new for v2.10 */ -/* CKC_WTLS is new for v2.20 */ -#define CKC_X_509 0x00000000 -#define CKC_X_509_ATTR_CERT 0x00000001 -#define CKC_WTLS 0x00000002 -#define CKC_VENDOR_DEFINED 0x80000000 - - -/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute - * type */ -/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for - * v2.0 */ -typedef CK_ULONG CK_ATTRIBUTE_TYPE; - -/* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which - consists of an array of values. */ -#define CKF_ARRAY_ATTRIBUTE 0x40000000 - -/* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 - and relates to the CKA_OTP_FORMAT attribute */ -#define CK_OTP_FORMAT_DECIMAL 0 -#define CK_OTP_FORMAT_HEXADECIMAL 1 -#define CK_OTP_FORMAT_ALPHANUMERIC 2 -#define CK_OTP_FORMAT_BINARY 3 - -/* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 - and relates to the CKA_OTP_..._REQUIREMENT attributes */ -#define CK_OTP_PARAM_IGNORED 0 -#define CK_OTP_PARAM_OPTIONAL 1 -#define CK_OTP_PARAM_MANDATORY 2 - -/* The following attribute types are defined: */ -#define CKA_CLASS 0x00000000 -#define CKA_TOKEN 0x00000001 -#define CKA_PRIVATE 0x00000002 -#define CKA_LABEL 0x00000003 -#define CKA_APPLICATION 0x00000010 -#define CKA_VALUE 0x00000011 - -/* CKA_OBJECT_ID is new for v2.10 */ -#define CKA_OBJECT_ID 0x00000012 - -#define CKA_CERTIFICATE_TYPE 0x00000080 -#define CKA_ISSUER 0x00000081 -#define CKA_SERIAL_NUMBER 0x00000082 - -/* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new - * for v2.10 */ -#define CKA_AC_ISSUER 0x00000083 -#define CKA_OWNER 0x00000084 -#define CKA_ATTR_TYPES 0x00000085 - -/* CKA_TRUSTED is new for v2.11 */ -#define CKA_TRUSTED 0x00000086 - -/* CKA_CERTIFICATE_CATEGORY ... - * CKA_CHECK_VALUE are new for v2.20 */ -#define CKA_CERTIFICATE_CATEGORY 0x00000087 -#define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088 -#define CKA_URL 0x00000089 -#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008A -#define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008B -#define CKA_CHECK_VALUE 0x00000090 - -#define CKA_KEY_TYPE 0x00000100 -#define CKA_SUBJECT 0x00000101 -#define CKA_ID 0x00000102 -#define CKA_SENSITIVE 0x00000103 -#define CKA_ENCRYPT 0x00000104 -#define CKA_DECRYPT 0x00000105 -#define CKA_WRAP 0x00000106 -#define CKA_UNWRAP 0x00000107 -#define CKA_SIGN 0x00000108 -#define CKA_SIGN_RECOVER 0x00000109 -#define CKA_VERIFY 0x0000010A -#define CKA_VERIFY_RECOVER 0x0000010B -#define CKA_DERIVE 0x0000010C -#define CKA_START_DATE 0x00000110 -#define CKA_END_DATE 0x00000111 -#define CKA_MODULUS 0x00000120 -#define CKA_MODULUS_BITS 0x00000121 -#define CKA_PUBLIC_EXPONENT 0x00000122 -#define CKA_PRIVATE_EXPONENT 0x00000123 -#define CKA_PRIME_1 0x00000124 -#define CKA_PRIME_2 0x00000125 -#define CKA_EXPONENT_1 0x00000126 -#define CKA_EXPONENT_2 0x00000127 -#define CKA_COEFFICIENT 0x00000128 -#define CKA_PRIME 0x00000130 -#define CKA_SUBPRIME 0x00000131 -#define CKA_BASE 0x00000132 - -/* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */ -#define CKA_PRIME_BITS 0x00000133 -#define CKA_SUBPRIME_BITS 0x00000134 -#define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS -/* (To retain backwards-compatibility) */ - -#define CKA_VALUE_BITS 0x00000160 -#define CKA_VALUE_LEN 0x00000161 - -/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, - * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS, - * and CKA_EC_POINT are new for v2.0 */ -#define CKA_EXTRACTABLE 0x00000162 -#define CKA_LOCAL 0x00000163 -#define CKA_NEVER_EXTRACTABLE 0x00000164 -#define CKA_ALWAYS_SENSITIVE 0x00000165 - -/* CKA_KEY_GEN_MECHANISM is new for v2.11 */ -#define CKA_KEY_GEN_MECHANISM 0x00000166 - -#define CKA_MODIFIABLE 0x00000170 - -/* CKA_ECDSA_PARAMS is deprecated in v2.11, - * CKA_EC_PARAMS is preferred. */ -#define CKA_ECDSA_PARAMS 0x00000180 -#define CKA_EC_PARAMS 0x00000180 - -#define CKA_EC_POINT 0x00000181 - -/* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS, - * are new for v2.10. Deprecated in v2.11 and onwards. */ -#define CKA_SECONDARY_AUTH 0x00000200 -#define CKA_AUTH_PIN_FLAGS 0x00000201 - -/* CKA_ALWAYS_AUTHENTICATE ... - * CKA_UNWRAP_TEMPLATE are new for v2.20 */ -#define CKA_ALWAYS_AUTHENTICATE 0x00000202 - -#define CKA_WRAP_WITH_TRUSTED 0x00000210 -#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211) -#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212) - -/* CKA_OTP... atttributes are new for PKCS #11 v2.20 amendment 3. */ -#define CKA_OTP_FORMAT 0x00000220 -#define CKA_OTP_LENGTH 0x00000221 -#define CKA_OTP_TIME_INTERVAL 0x00000222 -#define CKA_OTP_USER_FRIENDLY_MODE 0x00000223 -#define CKA_OTP_CHALLENGE_REQUIREMENT 0x00000224 -#define CKA_OTP_TIME_REQUIREMENT 0x00000225 -#define CKA_OTP_COUNTER_REQUIREMENT 0x00000226 -#define CKA_OTP_PIN_REQUIREMENT 0x00000227 -#define CKA_OTP_COUNTER 0x0000022E -#define CKA_OTP_TIME 0x0000022F -#define CKA_OTP_USER_IDENTIFIER 0x0000022A -#define CKA_OTP_SERVICE_IDENTIFIER 0x0000022B -#define CKA_OTP_SERVICE_LOGO 0x0000022C -#define CKA_OTP_SERVICE_LOGO_TYPE 0x0000022D - - -/* CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET - * are new for v2.10 */ -#define CKA_HW_FEATURE_TYPE 0x00000300 -#define CKA_RESET_ON_INIT 0x00000301 -#define CKA_HAS_RESET 0x00000302 - -/* The following attributes are new for v2.20 */ -#define CKA_PIXEL_X 0x00000400 -#define CKA_PIXEL_Y 0x00000401 -#define CKA_RESOLUTION 0x00000402 -#define CKA_CHAR_ROWS 0x00000403 -#define CKA_CHAR_COLUMNS 0x00000404 -#define CKA_COLOR 0x00000405 -#define CKA_BITS_PER_PIXEL 0x00000406 -#define CKA_CHAR_SETS 0x00000480 -#define CKA_ENCODING_METHODS 0x00000481 -#define CKA_MIME_TYPES 0x00000482 -#define CKA_MECHANISM_TYPE 0x00000500 -#define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501 -#define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502 -#define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503 -#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE|0x00000600) - -#define CKA_VENDOR_DEFINED 0x80000000 - -/* CK_ATTRIBUTE is a structure that includes the type, length - * and value of an attribute */ -typedef struct CK_ATTRIBUTE { - CK_ATTRIBUTE_TYPE type; - CK_VOID_PTR pValue; - - /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */ - CK_ULONG ulValueLen; /* in bytes */ -} CK_ATTRIBUTE; - -typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; - - -/* CK_DATE is a structure that defines a date */ -typedef struct CK_DATE{ - CK_CHAR year[4]; /* the year ("1900" - "9999") */ - CK_CHAR month[2]; /* the month ("01" - "12") */ - CK_CHAR day[2]; /* the day ("01" - "31") */ -} CK_DATE; - - -/* CK_MECHANISM_TYPE is a value that identifies a mechanism - * type */ -/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for - * v2.0 */ -typedef CK_ULONG CK_MECHANISM_TYPE; - -/* the following mechanism types are defined: */ -#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000 -#define CKM_RSA_PKCS 0x00000001 -#define CKM_RSA_9796 0x00000002 -#define CKM_RSA_X_509 0x00000003 - -/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS - * are new for v2.0. They are mechanisms which hash and sign */ -#define CKM_MD2_RSA_PKCS 0x00000004 -#define CKM_MD5_RSA_PKCS 0x00000005 -#define CKM_SHA1_RSA_PKCS 0x00000006 - -/* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and - * CKM_RSA_PKCS_OAEP are new for v2.10 */ -#define CKM_RIPEMD128_RSA_PKCS 0x00000007 -#define CKM_RIPEMD160_RSA_PKCS 0x00000008 -#define CKM_RSA_PKCS_OAEP 0x00000009 - -/* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31, - * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */ -#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A -#define CKM_RSA_X9_31 0x0000000B -#define CKM_SHA1_RSA_X9_31 0x0000000C -#define CKM_RSA_PKCS_PSS 0x0000000D -#define CKM_SHA1_RSA_PKCS_PSS 0x0000000E - -#define CKM_DSA_KEY_PAIR_GEN 0x00000010 -#define CKM_DSA 0x00000011 -#define CKM_DSA_SHA1 0x00000012 -#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020 -#define CKM_DH_PKCS_DERIVE 0x00000021 - -/* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE, - * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for - * v2.11 */ -#define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030 -#define CKM_X9_42_DH_DERIVE 0x00000031 -#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032 -#define CKM_X9_42_MQV_DERIVE 0x00000033 - -/* CKM_SHA256/384/512 are new for v2.20 */ -#define CKM_SHA256_RSA_PKCS 0x00000040 -#define CKM_SHA384_RSA_PKCS 0x00000041 -#define CKM_SHA512_RSA_PKCS 0x00000042 -#define CKM_SHA256_RSA_PKCS_PSS 0x00000043 -#define CKM_SHA384_RSA_PKCS_PSS 0x00000044 -#define CKM_SHA512_RSA_PKCS_PSS 0x00000045 - -/* SHA-224 RSA mechanisms are new for PKCS #11 v2.20 amendment 3 */ -#define CKM_SHA224_RSA_PKCS 0x00000046 -#define CKM_SHA224_RSA_PKCS_PSS 0x00000047 - -#define CKM_RC2_KEY_GEN 0x00000100 -#define CKM_RC2_ECB 0x00000101 -#define CKM_RC2_CBC 0x00000102 -#define CKM_RC2_MAC 0x00000103 - -/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */ -#define CKM_RC2_MAC_GENERAL 0x00000104 -#define CKM_RC2_CBC_PAD 0x00000105 - -#define CKM_RC4_KEY_GEN 0x00000110 -#define CKM_RC4 0x00000111 -#define CKM_DES_KEY_GEN 0x00000120 -#define CKM_DES_ECB 0x00000121 -#define CKM_DES_CBC 0x00000122 -#define CKM_DES_MAC 0x00000123 - -/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */ -#define CKM_DES_MAC_GENERAL 0x00000124 -#define CKM_DES_CBC_PAD 0x00000125 - -#define CKM_DES2_KEY_GEN 0x00000130 -#define CKM_DES3_KEY_GEN 0x00000131 -#define CKM_DES3_ECB 0x00000132 -#define CKM_DES3_CBC 0x00000133 -#define CKM_DES3_MAC 0x00000134 - -/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, - * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, - * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */ -#define CKM_DES3_MAC_GENERAL 0x00000135 -#define CKM_DES3_CBC_PAD 0x00000136 -#define CKM_CDMF_KEY_GEN 0x00000140 -#define CKM_CDMF_ECB 0x00000141 -#define CKM_CDMF_CBC 0x00000142 -#define CKM_CDMF_MAC 0x00000143 -#define CKM_CDMF_MAC_GENERAL 0x00000144 -#define CKM_CDMF_CBC_PAD 0x00000145 - -/* the following four DES mechanisms are new for v2.20 */ -#define CKM_DES_OFB64 0x00000150 -#define CKM_DES_OFB8 0x00000151 -#define CKM_DES_CFB64 0x00000152 -#define CKM_DES_CFB8 0x00000153 - -#define CKM_MD2 0x00000200 - -/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */ -#define CKM_MD2_HMAC 0x00000201 -#define CKM_MD2_HMAC_GENERAL 0x00000202 - -#define CKM_MD5 0x00000210 - -/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */ -#define CKM_MD5_HMAC 0x00000211 -#define CKM_MD5_HMAC_GENERAL 0x00000212 - -#define CKM_SHA_1 0x00000220 - -/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */ -#define CKM_SHA_1_HMAC 0x00000221 -#define CKM_SHA_1_HMAC_GENERAL 0x00000222 - -/* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, - * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC, - * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */ -#define CKM_RIPEMD128 0x00000230 -#define CKM_RIPEMD128_HMAC 0x00000231 -#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232 -#define CKM_RIPEMD160 0x00000240 -#define CKM_RIPEMD160_HMAC 0x00000241 -#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242 - -/* CKM_SHA256/384/512 are new for v2.20 */ -#define CKM_SHA256 0x00000250 -#define CKM_SHA256_HMAC 0x00000251 -#define CKM_SHA256_HMAC_GENERAL 0x00000252 - -/* SHA-224 is new for PKCS #11 v2.20 amendment 3 */ -#define CKM_SHA224 0x00000255 -#define CKM_SHA224_HMAC 0x00000256 -#define CKM_SHA224_HMAC_GENERAL 0x00000257 - -#define CKM_SHA384 0x00000260 -#define CKM_SHA384_HMAC 0x00000261 -#define CKM_SHA384_HMAC_GENERAL 0x00000262 -#define CKM_SHA512 0x00000270 -#define CKM_SHA512_HMAC 0x00000271 -#define CKM_SHA512_HMAC_GENERAL 0x00000272 - -/* SecurID is new for PKCS #11 v2.20 amendment 1 */ -#define CKM_SECURID_KEY_GEN 0x00000280 -#define CKM_SECURID 0x00000282 - -/* HOTP is new for PKCS #11 v2.20 amendment 1 */ -#define CKM_HOTP_KEY_GEN 0x00000290 -#define CKM_HOTP 0x00000291 - -/* ACTI is new for PKCS #11 v2.20 amendment 1 */ -#define CKM_ACTI 0x000002A0 -#define CKM_ACTI_KEY_GEN 0x000002A1 - -/* All of the following mechanisms are new for v2.0 */ -/* Note that CAST128 and CAST5 are the same algorithm */ -#define CKM_CAST_KEY_GEN 0x00000300 -#define CKM_CAST_ECB 0x00000301 -#define CKM_CAST_CBC 0x00000302 -#define CKM_CAST_MAC 0x00000303 -#define CKM_CAST_MAC_GENERAL 0x00000304 -#define CKM_CAST_CBC_PAD 0x00000305 -#define CKM_CAST3_KEY_GEN 0x00000310 -#define CKM_CAST3_ECB 0x00000311 -#define CKM_CAST3_CBC 0x00000312 -#define CKM_CAST3_MAC 0x00000313 -#define CKM_CAST3_MAC_GENERAL 0x00000314 -#define CKM_CAST3_CBC_PAD 0x00000315 -#define CKM_CAST5_KEY_GEN 0x00000320 -#define CKM_CAST128_KEY_GEN 0x00000320 -#define CKM_CAST5_ECB 0x00000321 -#define CKM_CAST128_ECB 0x00000321 -#define CKM_CAST5_CBC 0x00000322 -#define CKM_CAST128_CBC 0x00000322 -#define CKM_CAST5_MAC 0x00000323 -#define CKM_CAST128_MAC 0x00000323 -#define CKM_CAST5_MAC_GENERAL 0x00000324 -#define CKM_CAST128_MAC_GENERAL 0x00000324 -#define CKM_CAST5_CBC_PAD 0x00000325 -#define CKM_CAST128_CBC_PAD 0x00000325 -#define CKM_RC5_KEY_GEN 0x00000330 -#define CKM_RC5_ECB 0x00000331 -#define CKM_RC5_CBC 0x00000332 -#define CKM_RC5_MAC 0x00000333 -#define CKM_RC5_MAC_GENERAL 0x00000334 -#define CKM_RC5_CBC_PAD 0x00000335 -#define CKM_IDEA_KEY_GEN 0x00000340 -#define CKM_IDEA_ECB 0x00000341 -#define CKM_IDEA_CBC 0x00000342 -#define CKM_IDEA_MAC 0x00000343 -#define CKM_IDEA_MAC_GENERAL 0x00000344 -#define CKM_IDEA_CBC_PAD 0x00000345 -#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350 -#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360 -#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362 -#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363 -#define CKM_XOR_BASE_AND_DATA 0x00000364 -#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365 -#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370 -#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371 -#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372 - -/* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN, - * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and - * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */ -#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373 -#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374 -#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375 -#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376 -#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377 - -/* CKM_TLS_PRF is new for v2.20 */ -#define CKM_TLS_PRF 0x00000378 - -#define CKM_SSL3_MD5_MAC 0x00000380 -#define CKM_SSL3_SHA1_MAC 0x00000381 -#define CKM_MD5_KEY_DERIVATION 0x00000390 -#define CKM_MD2_KEY_DERIVATION 0x00000391 -#define CKM_SHA1_KEY_DERIVATION 0x00000392 - -/* CKM_SHA256/384/512 are new for v2.20 */ -#define CKM_SHA256_KEY_DERIVATION 0x00000393 -#define CKM_SHA384_KEY_DERIVATION 0x00000394 -#define CKM_SHA512_KEY_DERIVATION 0x00000395 - -/* SHA-224 key derivation is new for PKCS #11 v2.20 amendment 3 */ -#define CKM_SHA224_KEY_DERIVATION 0x00000396 - -#define CKM_PBE_MD2_DES_CBC 0x000003A0 -#define CKM_PBE_MD5_DES_CBC 0x000003A1 -#define CKM_PBE_MD5_CAST_CBC 0x000003A2 -#define CKM_PBE_MD5_CAST3_CBC 0x000003A3 -#define CKM_PBE_MD5_CAST5_CBC 0x000003A4 -#define CKM_PBE_MD5_CAST128_CBC 0x000003A4 -#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5 -#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5 -#define CKM_PBE_SHA1_RC4_128 0x000003A6 -#define CKM_PBE_SHA1_RC4_40 0x000003A7 -#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8 -#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9 -#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA -#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB - -/* CKM_PKCS5_PBKD2 is new for v2.10 */ -#define CKM_PKCS5_PBKD2 0x000003B0 - -#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0 - -/* WTLS mechanisms are new for v2.20 */ -#define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0 -#define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1 -#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2 -#define CKM_WTLS_PRF 0x000003D3 -#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4 -#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5 - -#define CKM_KEY_WRAP_LYNKS 0x00000400 -#define CKM_KEY_WRAP_SET_OAEP 0x00000401 - -/* CKM_CMS_SIG is new for v2.20 */ -#define CKM_CMS_SIG 0x00000500 - -/* CKM_KIP mechanisms are new for PKCS #11 v2.20 amendment 2 */ -#define CKM_KIP_DERIVE 0x00000510 -#define CKM_KIP_WRAP 0x00000511 -#define CKM_KIP_MAC 0x00000512 - -/* Camellia is new for PKCS #11 v2.20 amendment 3 */ -#define CKM_CAMELLIA_KEY_GEN 0x00000550 -#define CKM_CAMELLIA_ECB 0x00000551 -#define CKM_CAMELLIA_CBC 0x00000552 -#define CKM_CAMELLIA_MAC 0x00000553 -#define CKM_CAMELLIA_MAC_GENERAL 0x00000554 -#define CKM_CAMELLIA_CBC_PAD 0x00000555 -#define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556 -#define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557 -#define CKM_CAMELLIA_CTR 0x00000558 - -/* ARIA is new for PKCS #11 v2.20 amendment 3 */ -#define CKM_ARIA_KEY_GEN 0x00000560 -#define CKM_ARIA_ECB 0x00000561 -#define CKM_ARIA_CBC 0x00000562 -#define CKM_ARIA_MAC 0x00000563 -#define CKM_ARIA_MAC_GENERAL 0x00000564 -#define CKM_ARIA_CBC_PAD 0x00000565 -#define CKM_ARIA_ECB_ENCRYPT_DATA 0x00000566 -#define CKM_ARIA_CBC_ENCRYPT_DATA 0x00000567 - -/* Fortezza mechanisms */ -#define CKM_SKIPJACK_KEY_GEN 0x00001000 -#define CKM_SKIPJACK_ECB64 0x00001001 -#define CKM_SKIPJACK_CBC64 0x00001002 -#define CKM_SKIPJACK_OFB64 0x00001003 -#define CKM_SKIPJACK_CFB64 0x00001004 -#define CKM_SKIPJACK_CFB32 0x00001005 -#define CKM_SKIPJACK_CFB16 0x00001006 -#define CKM_SKIPJACK_CFB8 0x00001007 -#define CKM_SKIPJACK_WRAP 0x00001008 -#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009 -#define CKM_SKIPJACK_RELAYX 0x0000100a -#define CKM_KEA_KEY_PAIR_GEN 0x00001010 -#define CKM_KEA_KEY_DERIVE 0x00001011 -#define CKM_FORTEZZA_TIMESTAMP 0x00001020 -#define CKM_BATON_KEY_GEN 0x00001030 -#define CKM_BATON_ECB128 0x00001031 -#define CKM_BATON_ECB96 0x00001032 -#define CKM_BATON_CBC128 0x00001033 -#define CKM_BATON_COUNTER 0x00001034 -#define CKM_BATON_SHUFFLE 0x00001035 -#define CKM_BATON_WRAP 0x00001036 - -/* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11, - * CKM_EC_KEY_PAIR_GEN is preferred */ -#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 -#define CKM_EC_KEY_PAIR_GEN 0x00001040 - -#define CKM_ECDSA 0x00001041 -#define CKM_ECDSA_SHA1 0x00001042 - -/* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE - * are new for v2.11 */ -#define CKM_ECDH1_DERIVE 0x00001050 -#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051 -#define CKM_ECMQV_DERIVE 0x00001052 - -#define CKM_JUNIPER_KEY_GEN 0x00001060 -#define CKM_JUNIPER_ECB128 0x00001061 -#define CKM_JUNIPER_CBC128 0x00001062 -#define CKM_JUNIPER_COUNTER 0x00001063 -#define CKM_JUNIPER_SHUFFLE 0x00001064 -#define CKM_JUNIPER_WRAP 0x00001065 -#define CKM_FASTHASH 0x00001070 - -/* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC, - * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN, - * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are - * new for v2.11 */ -#define CKM_AES_KEY_GEN 0x00001080 -#define CKM_AES_ECB 0x00001081 -#define CKM_AES_CBC 0x00001082 -#define CKM_AES_MAC 0x00001083 -#define CKM_AES_MAC_GENERAL 0x00001084 -#define CKM_AES_CBC_PAD 0x00001085 - -/* AES counter mode is new for PKCS #11 v2.20 amendment 3 */ -#define CKM_AES_CTR 0x00001086 - -/* BlowFish and TwoFish are new for v2.20 */ -#define CKM_BLOWFISH_KEY_GEN 0x00001090 -#define CKM_BLOWFISH_CBC 0x00001091 -#define CKM_TWOFISH_KEY_GEN 0x00001092 -#define CKM_TWOFISH_CBC 0x00001093 - - -/* CKM_xxx_ENCRYPT_DATA mechanisms are new for v2.20 */ -#define CKM_DES_ECB_ENCRYPT_DATA 0x00001100 -#define CKM_DES_CBC_ENCRYPT_DATA 0x00001101 -#define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102 -#define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103 -#define CKM_AES_ECB_ENCRYPT_DATA 0x00001104 -#define CKM_AES_CBC_ENCRYPT_DATA 0x00001105 - -#define CKM_DSA_PARAMETER_GEN 0x00002000 -#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001 -#define CKM_X9_42_DH_PARAMETER_GEN 0x00002002 - -#define CKM_VENDOR_DEFINED 0x80000000 - -typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; - - -/* CK_MECHANISM is a structure that specifies a particular - * mechanism */ -typedef struct CK_MECHANISM { - CK_MECHANISM_TYPE mechanism; - CK_VOID_PTR pParameter; - - /* ulParameterLen was changed from CK_USHORT to CK_ULONG for - * v2.0 */ - CK_ULONG ulParameterLen; /* in bytes */ -} CK_MECHANISM; - -typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; - - -/* CK_MECHANISM_INFO provides information about a particular - * mechanism */ -typedef struct CK_MECHANISM_INFO { - CK_ULONG ulMinKeySize; - CK_ULONG ulMaxKeySize; - CK_FLAGS flags; -} CK_MECHANISM_INFO; - -/* The flags are defined as follows: - * Bit Flag Mask Meaning */ -#define CKF_HW 0x00000001 /* performed by HW */ - -/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, - * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER, - * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP, - * and CKF_DERIVE are new for v2.0. They specify whether or not - * a mechanism can be used for a particular task */ -#define CKF_ENCRYPT 0x00000100 -#define CKF_DECRYPT 0x00000200 -#define CKF_DIGEST 0x00000400 -#define CKF_SIGN 0x00000800 -#define CKF_SIGN_RECOVER 0x00001000 -#define CKF_VERIFY 0x00002000 -#define CKF_VERIFY_RECOVER 0x00004000 -#define CKF_GENERATE 0x00008000 -#define CKF_GENERATE_KEY_PAIR 0x00010000 -#define CKF_WRAP 0x00020000 -#define CKF_UNWRAP 0x00040000 -#define CKF_DERIVE 0x00080000 - -/* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE, - * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They - * describe a token's EC capabilities not available in mechanism - * information. */ -#define CKF_EC_F_P 0x00100000 -#define CKF_EC_F_2M 0x00200000 -#define CKF_EC_ECPARAMETERS 0x00400000 -#define CKF_EC_NAMEDCURVE 0x00800000 -#define CKF_EC_UNCOMPRESS 0x01000000 -#define CKF_EC_COMPRESS 0x02000000 - -#define CKF_EXTENSION 0x80000000 /* FALSE for this version */ - -typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; - - -/* CK_RV is a value that identifies the return value of a - * Cryptoki function */ -/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ -typedef CK_ULONG CK_RV; - -#define CKR_OK 0x00000000 -#define CKR_CANCEL 0x00000001 -#define CKR_HOST_MEMORY 0x00000002 -#define CKR_SLOT_ID_INVALID 0x00000003 - -/* CKR_FLAGS_INVALID was removed for v2.0 */ - -/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ -#define CKR_GENERAL_ERROR 0x00000005 -#define CKR_FUNCTION_FAILED 0x00000006 - -/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, - * and CKR_CANT_LOCK are new for v2.01 */ -#define CKR_ARGUMENTS_BAD 0x00000007 -#define CKR_NO_EVENT 0x00000008 -#define CKR_NEED_TO_CREATE_THREADS 0x00000009 -#define CKR_CANT_LOCK 0x0000000A - -#define CKR_ATTRIBUTE_READ_ONLY 0x00000010 -#define CKR_ATTRIBUTE_SENSITIVE 0x00000011 -#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 -#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 -#define CKR_DATA_INVALID 0x00000020 -#define CKR_DATA_LEN_RANGE 0x00000021 -#define CKR_DEVICE_ERROR 0x00000030 -#define CKR_DEVICE_MEMORY 0x00000031 -#define CKR_DEVICE_REMOVED 0x00000032 -#define CKR_ENCRYPTED_DATA_INVALID 0x00000040 -#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 -#define CKR_FUNCTION_CANCELED 0x00000050 -#define CKR_FUNCTION_NOT_PARALLEL 0x00000051 - -/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ -#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054 - -#define CKR_KEY_HANDLE_INVALID 0x00000060 - -/* CKR_KEY_SENSITIVE was removed for v2.0 */ - -#define CKR_KEY_SIZE_RANGE 0x00000062 -#define CKR_KEY_TYPE_INCONSISTENT 0x00000063 - -/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, - * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, - * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for - * v2.0 */ -#define CKR_KEY_NOT_NEEDED 0x00000064 -#define CKR_KEY_CHANGED 0x00000065 -#define CKR_KEY_NEEDED 0x00000066 -#define CKR_KEY_INDIGESTIBLE 0x00000067 -#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 -#define CKR_KEY_NOT_WRAPPABLE 0x00000069 -#define CKR_KEY_UNEXTRACTABLE 0x0000006A - -#define CKR_MECHANISM_INVALID 0x00000070 -#define CKR_MECHANISM_PARAM_INVALID 0x00000071 - -/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID - * were removed for v2.0 */ -#define CKR_OBJECT_HANDLE_INVALID 0x00000082 -#define CKR_OPERATION_ACTIVE 0x00000090 -#define CKR_OPERATION_NOT_INITIALIZED 0x00000091 -#define CKR_PIN_INCORRECT 0x000000A0 -#define CKR_PIN_INVALID 0x000000A1 -#define CKR_PIN_LEN_RANGE 0x000000A2 - -/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ -#define CKR_PIN_EXPIRED 0x000000A3 -#define CKR_PIN_LOCKED 0x000000A4 - -#define CKR_SESSION_CLOSED 0x000000B0 -#define CKR_SESSION_COUNT 0x000000B1 -#define CKR_SESSION_HANDLE_INVALID 0x000000B3 -#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 -#define CKR_SESSION_READ_ONLY 0x000000B5 -#define CKR_SESSION_EXISTS 0x000000B6 - -/* CKR_SESSION_READ_ONLY_EXISTS and - * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ -#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7 -#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8 - -#define CKR_SIGNATURE_INVALID 0x000000C0 -#define CKR_SIGNATURE_LEN_RANGE 0x000000C1 -#define CKR_TEMPLATE_INCOMPLETE 0x000000D0 -#define CKR_TEMPLATE_INCONSISTENT 0x000000D1 -#define CKR_TOKEN_NOT_PRESENT 0x000000E0 -#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1 -#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2 -#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0 -#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1 -#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2 -#define CKR_USER_ALREADY_LOGGED_IN 0x00000100 -#define CKR_USER_NOT_LOGGED_IN 0x00000101 -#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102 -#define CKR_USER_TYPE_INVALID 0x00000103 - -/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES - * are new to v2.01 */ -#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104 -#define CKR_USER_TOO_MANY_TYPES 0x00000105 - -#define CKR_WRAPPED_KEY_INVALID 0x00000110 -#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 -#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 -#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114 -#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115 -#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 - -/* These are new to v2.0 */ -#define CKR_RANDOM_NO_RNG 0x00000121 - -/* These are new to v2.11 */ -#define CKR_DOMAIN_PARAMS_INVALID 0x00000130 - -/* These are new to v2.0 */ -#define CKR_BUFFER_TOO_SMALL 0x00000150 -#define CKR_SAVED_STATE_INVALID 0x00000160 -#define CKR_INFORMATION_SENSITIVE 0x00000170 -#define CKR_STATE_UNSAVEABLE 0x00000180 - -/* These are new to v2.01 */ -#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 -#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 -#define CKR_MUTEX_BAD 0x000001A0 -#define CKR_MUTEX_NOT_LOCKED 0x000001A1 - -/* The following return values are new for PKCS #11 v2.20 amendment 3 */ -#define CKR_NEW_PIN_MODE 0x000001B0 -#define CKR_NEXT_OTP 0x000001B1 - -/* This is new to v2.20 */ -#define CKR_FUNCTION_REJECTED 0x00000200 - -#define CKR_VENDOR_DEFINED 0x80000000 - - -/* CK_NOTIFY is an application callback that processes events */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_NOTIFICATION event, - CK_VOID_PTR pApplication /* passed to C_OpenSession */ -); - - -/* CK_FUNCTION_LIST is a structure holding a Cryptoki spec - * version and pointers of appropriate types to all the - * Cryptoki functions */ -/* CK_FUNCTION_LIST is new for v2.0 */ -typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; - -typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; - -typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; - - -/* CK_CREATEMUTEX is an application callback for creating a - * mutex object */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( - CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ -); - - -/* CK_DESTROYMUTEX is an application callback for destroying a - * mutex object */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - - -/* CK_LOCKMUTEX is an application callback for locking a mutex */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - - -/* CK_UNLOCKMUTEX is an application callback for unlocking a - * mutex */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - - -/* CK_C_INITIALIZE_ARGS provides the optional arguments to - * C_Initialize */ -typedef struct CK_C_INITIALIZE_ARGS { - CK_CREATEMUTEX CreateMutex; - CK_DESTROYMUTEX DestroyMutex; - CK_LOCKMUTEX LockMutex; - CK_UNLOCKMUTEX UnlockMutex; - CK_FLAGS flags; - CK_VOID_PTR pReserved; -} CK_C_INITIALIZE_ARGS; - -/* flags: bit flags that provide capabilities of the slot - * Bit Flag Mask Meaning - */ -#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 -#define CKF_OS_LOCKING_OK 0x00000002 - -typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; - - -/* additional flags for parameters to functions */ - -/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ -#define CKF_DONT_BLOCK 1 - -/* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10. - * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message - * Generation Function (MGF) applied to a message block when - * formatting a message block for the PKCS #1 OAEP encryption - * scheme. */ -typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; - -typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; - -/* The following MGFs are defined */ -/* CKG_MGF1_SHA256, CKG_MGF1_SHA384, and CKG_MGF1_SHA512 - * are new for v2.20 */ -#define CKG_MGF1_SHA1 0x00000001 -#define CKG_MGF1_SHA256 0x00000002 -#define CKG_MGF1_SHA384 0x00000003 -#define CKG_MGF1_SHA512 0x00000004 -/* SHA-224 is new for PKCS #11 v2.20 amendment 3 */ -#define CKG_MGF1_SHA224 0x00000005 - -/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10. - * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source - * of the encoding parameter when formatting a message block - * for the PKCS #1 OAEP encryption scheme. */ -typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; - -typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; - -/* The following encoding parameter sources are defined */ -#define CKZ_DATA_SPECIFIED 0x00000001 - -/* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10. - * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the - * CKM_RSA_PKCS_OAEP mechanism. */ -typedef struct CK_RSA_PKCS_OAEP_PARAMS { - CK_MECHANISM_TYPE hashAlg; - CK_RSA_PKCS_MGF_TYPE mgf; - CK_RSA_PKCS_OAEP_SOURCE_TYPE source; - CK_VOID_PTR pSourceData; - CK_ULONG ulSourceDataLen; -} CK_RSA_PKCS_OAEP_PARAMS; - -typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; - -/* CK_RSA_PKCS_PSS_PARAMS is new for v2.11. - * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the - * CKM_RSA_PKCS_PSS mechanism(s). */ -typedef struct CK_RSA_PKCS_PSS_PARAMS { - CK_MECHANISM_TYPE hashAlg; - CK_RSA_PKCS_MGF_TYPE mgf; - CK_ULONG sLen; -} CK_RSA_PKCS_PSS_PARAMS; - -typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR; - -/* CK_EC_KDF_TYPE is new for v2.11. */ -typedef CK_ULONG CK_EC_KDF_TYPE; - -/* The following EC Key Derivation Functions are defined */ -#define CKD_NULL 0x00000001 -#define CKD_SHA1_KDF 0x00000002 - -/* CK_ECDH1_DERIVE_PARAMS is new for v2.11. - * CK_ECDH1_DERIVE_PARAMS provides the parameters to the - * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms, - * where each party contributes one key pair. - */ -typedef struct CK_ECDH1_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; -} CK_ECDH1_DERIVE_PARAMS; - -typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR; - - -/* CK_ECDH2_DERIVE_PARAMS is new for v2.11. - * CK_ECDH2_DERIVE_PARAMS provides the parameters to the - * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */ -typedef struct CK_ECDH2_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; -} CK_ECDH2_DERIVE_PARAMS; - -typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR; - -typedef struct CK_ECMQV_DERIVE_PARAMS { - CK_EC_KDF_TYPE kdf; - CK_ULONG ulSharedDataLen; - CK_BYTE_PTR pSharedData; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; - CK_OBJECT_HANDLE publicKey; -} CK_ECMQV_DERIVE_PARAMS; - -typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR; - -/* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the - * CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */ -typedef CK_ULONG CK_X9_42_DH_KDF_TYPE; -typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR; - -/* The following X9.42 DH key derivation functions are defined - (besides CKD_NULL already defined : */ -#define CKD_SHA1_KDF_ASN1 0x00000003 -#define CKD_SHA1_KDF_CONCATENATE 0x00000004 - -/* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11. - * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the - * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party - * contributes one key pair */ -typedef struct CK_X9_42_DH1_DERIVE_PARAMS { - CK_X9_42_DH_KDF_TYPE kdf; - CK_ULONG ulOtherInfoLen; - CK_BYTE_PTR pOtherInfo; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; -} CK_X9_42_DH1_DERIVE_PARAMS; - -typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR; - -/* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11. - * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the - * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation - * mechanisms, where each party contributes two key pairs */ -typedef struct CK_X9_42_DH2_DERIVE_PARAMS { - CK_X9_42_DH_KDF_TYPE kdf; - CK_ULONG ulOtherInfoLen; - CK_BYTE_PTR pOtherInfo; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; -} CK_X9_42_DH2_DERIVE_PARAMS; - -typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR; - -typedef struct CK_X9_42_MQV_DERIVE_PARAMS { - CK_X9_42_DH_KDF_TYPE kdf; - CK_ULONG ulOtherInfoLen; - CK_BYTE_PTR pOtherInfo; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPrivateDataLen; - CK_OBJECT_HANDLE hPrivateData; - CK_ULONG ulPublicDataLen2; - CK_BYTE_PTR pPublicData2; - CK_OBJECT_HANDLE publicKey; -} CK_X9_42_MQV_DERIVE_PARAMS; - -typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR; - -/* CK_KEA_DERIVE_PARAMS provides the parameters to the - * CKM_KEA_DERIVE mechanism */ -/* CK_KEA_DERIVE_PARAMS is new for v2.0 */ -typedef struct CK_KEA_DERIVE_PARAMS { - CK_BBOOL isSender; - CK_ULONG ulRandomLen; - CK_BYTE_PTR pRandomA; - CK_BYTE_PTR pRandomB; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; -} CK_KEA_DERIVE_PARAMS; - -typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; - - -/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and - * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just - * holds the effective keysize */ -typedef CK_ULONG CK_RC2_PARAMS; - -typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; - - -/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC - * mechanism */ -typedef struct CK_RC2_CBC_PARAMS { - /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for - * v2.0 */ - CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ - - CK_BYTE iv[8]; /* IV for CBC mode */ -} CK_RC2_CBC_PARAMS; - -typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; - - -/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the - * CKM_RC2_MAC_GENERAL mechanism */ -/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */ -typedef struct CK_RC2_MAC_GENERAL_PARAMS { - CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ - CK_ULONG ulMacLength; /* Length of MAC in bytes */ -} CK_RC2_MAC_GENERAL_PARAMS; - -typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \ - CK_RC2_MAC_GENERAL_PARAMS_PTR; - - -/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and - * CKM_RC5_MAC mechanisms */ -/* CK_RC5_PARAMS is new for v2.0 */ -typedef struct CK_RC5_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ -} CK_RC5_PARAMS; - -typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; - - -/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC - * mechanism */ -/* CK_RC5_CBC_PARAMS is new for v2.0 */ -typedef struct CK_RC5_CBC_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ - CK_BYTE_PTR pIv; /* pointer to IV */ - CK_ULONG ulIvLen; /* length of IV in bytes */ -} CK_RC5_CBC_PARAMS; - -typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; - - -/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the - * CKM_RC5_MAC_GENERAL mechanism */ -/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */ -typedef struct CK_RC5_MAC_GENERAL_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ - CK_ULONG ulMacLength; /* Length of MAC in bytes */ -} CK_RC5_MAC_GENERAL_PARAMS; - -typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \ - CK_RC5_MAC_GENERAL_PARAMS_PTR; - - -/* CK_MAC_GENERAL_PARAMS provides the parameters to most block - * ciphers' MAC_GENERAL mechanisms. Its value is the length of - * the MAC */ -/* CK_MAC_GENERAL_PARAMS is new for v2.0 */ -typedef CK_ULONG CK_MAC_GENERAL_PARAMS; - -typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; - -/* CK_DES/AES_ECB/CBC_ENCRYPT_DATA_PARAMS are new for v2.20 */ -typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[8]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_DES_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR; - -typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_AES_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; - -/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the - * CKM_SKIPJACK_PRIVATE_WRAP mechanism */ -/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */ -typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { - CK_ULONG ulPasswordLen; - CK_BYTE_PTR pPassword; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPAndGLen; - CK_ULONG ulQLen; - CK_ULONG ulRandomLen; - CK_BYTE_PTR pRandomA; - CK_BYTE_PTR pPrimeP; - CK_BYTE_PTR pBaseG; - CK_BYTE_PTR pSubprimeQ; -} CK_SKIPJACK_PRIVATE_WRAP_PARAMS; - -typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \ - CK_SKIPJACK_PRIVATE_WRAP_PTR; - - -/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the - * CKM_SKIPJACK_RELAYX mechanism */ -/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */ -typedef struct CK_SKIPJACK_RELAYX_PARAMS { - CK_ULONG ulOldWrappedXLen; - CK_BYTE_PTR pOldWrappedX; - CK_ULONG ulOldPasswordLen; - CK_BYTE_PTR pOldPassword; - CK_ULONG ulOldPublicDataLen; - CK_BYTE_PTR pOldPublicData; - CK_ULONG ulOldRandomLen; - CK_BYTE_PTR pOldRandomA; - CK_ULONG ulNewPasswordLen; - CK_BYTE_PTR pNewPassword; - CK_ULONG ulNewPublicDataLen; - CK_BYTE_PTR pNewPublicData; - CK_ULONG ulNewRandomLen; - CK_BYTE_PTR pNewRandomA; -} CK_SKIPJACK_RELAYX_PARAMS; - -typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \ - CK_SKIPJACK_RELAYX_PARAMS_PTR; - - -typedef struct CK_PBE_PARAMS { - CK_BYTE_PTR pInitVector; - CK_UTF8CHAR_PTR pPassword; - CK_ULONG ulPasswordLen; - CK_BYTE_PTR pSalt; - CK_ULONG ulSaltLen; - CK_ULONG ulIteration; -} CK_PBE_PARAMS; - -typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; - - -/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the - * CKM_KEY_WRAP_SET_OAEP mechanism */ -/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */ -typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { - CK_BYTE bBC; /* block contents byte */ - CK_BYTE_PTR pX; /* extra data */ - CK_ULONG ulXLen; /* length of extra data in bytes */ -} CK_KEY_WRAP_SET_OAEP_PARAMS; - -typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \ - CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; - - -typedef struct CK_SSL3_RANDOM_DATA { - CK_BYTE_PTR pClientRandom; - CK_ULONG ulClientRandomLen; - CK_BYTE_PTR pServerRandom; - CK_ULONG ulServerRandomLen; -} CK_SSL3_RANDOM_DATA; - - -typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { - CK_SSL3_RANDOM_DATA RandomInfo; - CK_VERSION_PTR pVersion; -} CK_SSL3_MASTER_KEY_DERIVE_PARAMS; - -typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \ - CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; - - -typedef struct CK_SSL3_KEY_MAT_OUT { - CK_OBJECT_HANDLE hClientMacSecret; - CK_OBJECT_HANDLE hServerMacSecret; - CK_OBJECT_HANDLE hClientKey; - CK_OBJECT_HANDLE hServerKey; - CK_BYTE_PTR pIVClient; - CK_BYTE_PTR pIVServer; -} CK_SSL3_KEY_MAT_OUT; - -typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; - - -typedef struct CK_SSL3_KEY_MAT_PARAMS { - CK_ULONG ulMacSizeInBits; - CK_ULONG ulKeySizeInBits; - CK_ULONG ulIVSizeInBits; - CK_BBOOL bIsExport; - CK_SSL3_RANDOM_DATA RandomInfo; - CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; -} CK_SSL3_KEY_MAT_PARAMS; - -typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; - -/* CK_TLS_PRF_PARAMS is new for version 2.20 */ -typedef struct CK_TLS_PRF_PARAMS { - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; - CK_BYTE_PTR pLabel; - CK_ULONG ulLabelLen; - CK_BYTE_PTR pOutput; - CK_ULONG_PTR pulOutputLen; -} CK_TLS_PRF_PARAMS; - -typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR; - -/* WTLS is new for version 2.20 */ -typedef struct CK_WTLS_RANDOM_DATA { - CK_BYTE_PTR pClientRandom; - CK_ULONG ulClientRandomLen; - CK_BYTE_PTR pServerRandom; - CK_ULONG ulServerRandomLen; -} CK_WTLS_RANDOM_DATA; - -typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR; - -typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS { - CK_MECHANISM_TYPE DigestMechanism; - CK_WTLS_RANDOM_DATA RandomInfo; - CK_BYTE_PTR pVersion; -} CK_WTLS_MASTER_KEY_DERIVE_PARAMS; - -typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR \ - CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR; - -typedef struct CK_WTLS_PRF_PARAMS { - CK_MECHANISM_TYPE DigestMechanism; - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; - CK_BYTE_PTR pLabel; - CK_ULONG ulLabelLen; - CK_BYTE_PTR pOutput; - CK_ULONG_PTR pulOutputLen; -} CK_WTLS_PRF_PARAMS; - -typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR; - -typedef struct CK_WTLS_KEY_MAT_OUT { - CK_OBJECT_HANDLE hMacSecret; - CK_OBJECT_HANDLE hKey; - CK_BYTE_PTR pIV; -} CK_WTLS_KEY_MAT_OUT; - -typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR; - -typedef struct CK_WTLS_KEY_MAT_PARAMS { - CK_MECHANISM_TYPE DigestMechanism; - CK_ULONG ulMacSizeInBits; - CK_ULONG ulKeySizeInBits; - CK_ULONG ulIVSizeInBits; - CK_ULONG ulSequenceNumber; - CK_BBOOL bIsExport; - CK_WTLS_RANDOM_DATA RandomInfo; - CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial; -} CK_WTLS_KEY_MAT_PARAMS; - -typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR; - -/* CMS is new for version 2.20 */ -typedef struct CK_CMS_SIG_PARAMS { - CK_OBJECT_HANDLE certificateHandle; - CK_MECHANISM_PTR pSigningMechanism; - CK_MECHANISM_PTR pDigestMechanism; - CK_UTF8CHAR_PTR pContentType; - CK_BYTE_PTR pRequestedAttributes; - CK_ULONG ulRequestedAttributesLen; - CK_BYTE_PTR pRequiredAttributes; - CK_ULONG ulRequiredAttributesLen; -} CK_CMS_SIG_PARAMS; - -typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR; - -typedef struct CK_KEY_DERIVATION_STRING_DATA { - CK_BYTE_PTR pData; - CK_ULONG ulLen; -} CK_KEY_DERIVATION_STRING_DATA; - -typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \ - CK_KEY_DERIVATION_STRING_DATA_PTR; - - -/* The CK_EXTRACT_PARAMS is used for the - * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit - * of the base key should be used as the first bit of the - * derived key */ -/* CK_EXTRACT_PARAMS is new for v2.0 */ -typedef CK_ULONG CK_EXTRACT_PARAMS; - -typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; - -/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10. - * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to - * indicate the Pseudo-Random Function (PRF) used to generate - * key bits using PKCS #5 PBKDF2. */ -typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE; - -typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; - -/* The following PRFs are defined in PKCS #5 v2.0. */ -#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001 - - -/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10. - * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the - * source of the salt value when deriving a key using PKCS #5 - * PBKDF2. */ -typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE; - -typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR; - -/* The following salt value sources are defined in PKCS #5 v2.0. */ -#define CKZ_SALT_SPECIFIED 0x00000001 - -/* CK_PKCS5_PBKD2_PARAMS is new for v2.10. - * CK_PKCS5_PBKD2_PARAMS is a structure that provides the - * parameters to the CKM_PKCS5_PBKD2 mechanism. */ -typedef struct CK_PKCS5_PBKD2_PARAMS { - CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; - CK_VOID_PTR pSaltSourceData; - CK_ULONG ulSaltSourceDataLen; - CK_ULONG iterations; - CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; - CK_VOID_PTR pPrfData; - CK_ULONG ulPrfDataLen; - CK_UTF8CHAR_PTR pPassword; - CK_ULONG_PTR ulPasswordLen; -} CK_PKCS5_PBKD2_PARAMS; - -typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR; - -/* All CK_OTP structs are new for PKCS #11 v2.20 amendment 3 */ - -typedef CK_ULONG CK_OTP_PARAM_TYPE; -typedef CK_OTP_PARAM_TYPE CK_PARAM_TYPE; /* B/w compatibility */ - -typedef struct CK_OTP_PARAM { - CK_OTP_PARAM_TYPE type; - CK_VOID_PTR pValue; - CK_ULONG ulValueLen; -} CK_OTP_PARAM; - -typedef CK_OTP_PARAM CK_PTR CK_OTP_PARAM_PTR; - -typedef struct CK_OTP_PARAMS { - CK_OTP_PARAM_PTR pParams; - CK_ULONG ulCount; -} CK_OTP_PARAMS; - -typedef CK_OTP_PARAMS CK_PTR CK_OTP_PARAMS_PTR; - -typedef struct CK_OTP_SIGNATURE_INFO { - CK_OTP_PARAM_PTR pParams; - CK_ULONG ulCount; -} CK_OTP_SIGNATURE_INFO; - -typedef CK_OTP_SIGNATURE_INFO CK_PTR CK_OTP_SIGNATURE_INFO_PTR; - -/* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 */ -#define CK_OTP_VALUE 0 -#define CK_OTP_PIN 1 -#define CK_OTP_CHALLENGE 2 -#define CK_OTP_TIME 3 -#define CK_OTP_COUNTER 4 -#define CK_OTP_FLAGS 5 -#define CK_OTP_OUTPUT_LENGTH 6 -#define CK_OTP_OUTPUT_FORMAT 7 - -/* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 */ -#define CKF_NEXT_OTP 0x00000001 -#define CKF_EXCLUDE_TIME 0x00000002 -#define CKF_EXCLUDE_COUNTER 0x00000004 -#define CKF_EXCLUDE_CHALLENGE 0x00000008 -#define CKF_EXCLUDE_PIN 0x00000010 -#define CKF_USER_FRIENDLY_OTP 0x00000020 - -/* CK_KIP_PARAMS is new for PKCS #11 v2.20 amendment 2 */ -typedef struct CK_KIP_PARAMS { - CK_MECHANISM_PTR pMechanism; - CK_OBJECT_HANDLE hKey; - CK_BYTE_PTR pSeed; - CK_ULONG ulSeedLen; -} CK_KIP_PARAMS; - -typedef CK_KIP_PARAMS CK_PTR CK_KIP_PARAMS_PTR; - -/* CK_AES_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */ -typedef struct CK_AES_CTR_PARAMS { - CK_ULONG ulCounterBits; - CK_BYTE cb[16]; -} CK_AES_CTR_PARAMS; - -typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR; - -/* CK_CAMELLIA_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */ -typedef struct CK_CAMELLIA_CTR_PARAMS { - CK_ULONG ulCounterBits; - CK_BYTE cb[16]; -} CK_CAMELLIA_CTR_PARAMS; - -typedef CK_CAMELLIA_CTR_PARAMS CK_PTR CK_CAMELLIA_CTR_PARAMS_PTR; - -/* CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */ -typedef struct CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR; - -/* CK_ARIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */ -typedef struct CK_ARIA_CBC_ENCRYPT_DATA_PARAMS { - CK_BYTE iv[16]; - CK_BYTE_PTR pData; - CK_ULONG length; -} CK_ARIA_CBC_ENCRYPT_DATA_PARAMS; - -typedef CK_ARIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR; - -#endif +/* pkcs11t.h include file for PKCS #11. */ +/* $Revision: 1.10 $ */ + +/* License to copy and use this software is granted provided that it is + * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface + * (Cryptoki)" in all material mentioning or referencing this software. + + * License is also granted to make and use derivative works provided that + * such works are identified as "derived from the RSA Security Inc. PKCS #11 + * Cryptographic Token Interface (Cryptoki)" in all material mentioning or + * referencing the derived work. + + * RSA Security Inc. makes no representations concerning either the + * merchantability of this software or the suitability of this software for + * any particular purpose. It is provided "as is" without express or implied + * warranty of any kind. + */ + +/* See top of pkcs11.h for information about the macros that + * must be defined and the structure-packing conventions that + * must be set before including this file. */ + +#ifndef _PKCS11T_H_ +#define _PKCS11T_H_ 1 + +#define CRYPTOKI_VERSION_MAJOR 2 +#define CRYPTOKI_VERSION_MINOR 20 +#define CRYPTOKI_VERSION_AMENDMENT 3 + +#define CK_TRUE 1 +#define CK_FALSE 0 + +#ifndef CK_DISABLE_TRUE_FALSE +#ifndef FALSE +#define FALSE CK_FALSE +#endif + +#ifndef TRUE +#define TRUE CK_TRUE +#endif +#endif + +/* an unsigned 8-bit value */ +typedef unsigned char CK_BYTE; + +/* an unsigned 8-bit character */ +typedef CK_BYTE CK_CHAR; + +/* an 8-bit UTF-8 character */ +typedef CK_BYTE CK_UTF8CHAR; + +/* a BYTE-sized Boolean flag */ +typedef CK_BYTE CK_BBOOL; + +/* an unsigned value, at least 32 bits long */ +typedef unsigned long int CK_ULONG; + +/* a signed value, the same size as a CK_ULONG */ +/* CK_LONG is new for v2.0 */ +typedef long int CK_LONG; + +/* at least 32 bits; each bit is a Boolean flag */ +typedef CK_ULONG CK_FLAGS; + + +/* some special values for certain CK_ULONG variables */ +#define CK_UNAVAILABLE_INFORMATION (~0UL) +#define CK_EFFECTIVELY_INFINITE 0 + + +typedef CK_BYTE CK_PTR CK_BYTE_PTR; +typedef CK_CHAR CK_PTR CK_CHAR_PTR; +typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; +typedef CK_ULONG CK_PTR CK_ULONG_PTR; +typedef void CK_PTR CK_VOID_PTR; + +/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ +typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; + + +/* The following value is always invalid if used as a session */ +/* handle or object handle */ +#define CK_INVALID_HANDLE 0 + + +typedef struct CK_VERSION { + CK_BYTE major; /* integer portion of version number */ + CK_BYTE minor; /* 1/100ths portion of version number */ +} CK_VERSION; + +typedef CK_VERSION CK_PTR CK_VERSION_PTR; + + +typedef struct CK_INFO { + /* manufacturerID and libraryDecription have been changed from + * CK_CHAR to CK_UTF8CHAR for v2.10 */ + CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ + CK_UTF8CHAR manufacturerID[32]; /* blank padded */ + CK_FLAGS flags; /* must be zero */ + + /* libraryDescription and libraryVersion are new for v2.0 */ + CK_UTF8CHAR libraryDescription[32]; /* blank padded */ + CK_VERSION libraryVersion; /* version of library */ +} CK_INFO; + +typedef CK_INFO CK_PTR CK_INFO_PTR; + + +/* CK_NOTIFICATION enumerates the types of notifications that + * Cryptoki provides to an application */ +/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG + * for v2.0 */ +typedef CK_ULONG CK_NOTIFICATION; +#define CKN_SURRENDER 0 + +/* The following notification is new for PKCS #11 v2.20 amendment 3 */ +#define CKN_OTP_CHANGED 1 + + +typedef CK_ULONG CK_SLOT_ID; + +typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; + + +/* CK_SLOT_INFO provides information about a slot */ +typedef struct CK_SLOT_INFO { + /* slotDescription and manufacturerID have been changed from + * CK_CHAR to CK_UTF8CHAR for v2.10 */ + CK_UTF8CHAR slotDescription[64]; /* blank padded */ + CK_UTF8CHAR manufacturerID[32]; /* blank padded */ + CK_FLAGS flags; + + /* hardwareVersion and firmwareVersion are new for v2.0 */ + CK_VERSION hardwareVersion; /* version of hardware */ + CK_VERSION firmwareVersion; /* version of firmware */ +} CK_SLOT_INFO; + +/* flags: bit flags that provide capabilities of the slot + * Bit Flag Mask Meaning + */ +#define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */ +#define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/ +#define CKF_HW_SLOT 0x00000004 /* hardware slot */ + +typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; + + +/* CK_TOKEN_INFO provides information about a token */ +typedef struct CK_TOKEN_INFO { + /* label, manufacturerID, and model have been changed from + * CK_CHAR to CK_UTF8CHAR for v2.10 */ + CK_UTF8CHAR label[32]; /* blank padded */ + CK_UTF8CHAR manufacturerID[32]; /* blank padded */ + CK_UTF8CHAR model[16]; /* blank padded */ + CK_CHAR serialNumber[16]; /* blank padded */ + CK_FLAGS flags; /* see below */ + + /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount, + * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been + * changed from CK_USHORT to CK_ULONG for v2.0 */ + CK_ULONG ulMaxSessionCount; /* max open sessions */ + CK_ULONG ulSessionCount; /* sess. now open */ + CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ + CK_ULONG ulRwSessionCount; /* R/W sess. now open */ + CK_ULONG ulMaxPinLen; /* in bytes */ + CK_ULONG ulMinPinLen; /* in bytes */ + CK_ULONG ulTotalPublicMemory; /* in bytes */ + CK_ULONG ulFreePublicMemory; /* in bytes */ + CK_ULONG ulTotalPrivateMemory; /* in bytes */ + CK_ULONG ulFreePrivateMemory; /* in bytes */ + + /* hardwareVersion, firmwareVersion, and time are new for + * v2.0 */ + CK_VERSION hardwareVersion; /* version of hardware */ + CK_VERSION firmwareVersion; /* version of firmware */ + CK_CHAR utcTime[16]; /* time */ +} CK_TOKEN_INFO; + +/* The flags parameter is defined as follows: + * Bit Flag Mask Meaning + */ +#define CKF_RNG 0x00000001 /* has random # + * generator */ +#define CKF_WRITE_PROTECTED 0x00000002 /* token is + * write- + * protected */ +#define CKF_LOGIN_REQUIRED 0x00000004 /* user must + * login */ +#define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's + * PIN is set */ + +/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, + * that means that *every* time the state of cryptographic + * operations of a session is successfully saved, all keys + * needed to continue those operations are stored in the state */ +#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020 + +/* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means + * that the token has some sort of clock. The time on that + * clock is returned in the token info structure */ +#define CKF_CLOCK_ON_TOKEN 0x00000040 + +/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is + * set, that means that there is some way for the user to login + * without sending a PIN through the Cryptoki library itself */ +#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100 + +/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, + * that means that a single session with the token can perform + * dual simultaneous cryptographic operations (digest and + * encrypt; decrypt and digest; sign and encrypt; and decrypt + * and sign) */ +#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 + +/* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the + * token has been initialized using C_InitializeToken or an + * equivalent mechanism outside the scope of PKCS #11. + * Calling C_InitializeToken when this flag is set will cause + * the token to be reinitialized. */ +#define CKF_TOKEN_INITIALIZED 0x00000400 + +/* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is + * true, the token supports secondary authentication for + * private key objects. This flag is deprecated in v2.11 and + onwards. */ +#define CKF_SECONDARY_AUTHENTICATION 0x00000800 + +/* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an + * incorrect user login PIN has been entered at least once + * since the last successful authentication. */ +#define CKF_USER_PIN_COUNT_LOW 0x00010000 + +/* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true, + * supplying an incorrect user PIN will it to become locked. */ +#define CKF_USER_PIN_FINAL_TRY 0x00020000 + +/* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the + * user PIN has been locked. User login to the token is not + * possible. */ +#define CKF_USER_PIN_LOCKED 0x00040000 + +/* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, + * the user PIN value is the default value set by token + * initialization or manufacturing, or the PIN has been + * expired by the card. */ +#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000 + +/* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an + * incorrect SO login PIN has been entered at least once since + * the last successful authentication. */ +#define CKF_SO_PIN_COUNT_LOW 0x00100000 + +/* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true, + * supplying an incorrect SO PIN will it to become locked. */ +#define CKF_SO_PIN_FINAL_TRY 0x00200000 + +/* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO + * PIN has been locked. SO login to the token is not possible. + */ +#define CKF_SO_PIN_LOCKED 0x00400000 + +/* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true, + * the SO PIN value is the default value set by token + * initialization or manufacturing, or the PIN has been + * expired by the card. */ +#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000 + +typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; + + +/* CK_SESSION_HANDLE is a Cryptoki-assigned value that + * identifies a session */ +typedef CK_ULONG CK_SESSION_HANDLE; + +typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; + + +/* CK_USER_TYPE enumerates the types of Cryptoki users */ +/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for + * v2.0 */ +typedef CK_ULONG CK_USER_TYPE; +/* Security Officer */ +#define CKU_SO 0 +/* Normal user */ +#define CKU_USER 1 +/* Context specific (added in v2.20) */ +#define CKU_CONTEXT_SPECIFIC 2 + +/* CK_STATE enumerates the session states */ +/* CK_STATE has been changed from an enum to a CK_ULONG for + * v2.0 */ +typedef CK_ULONG CK_STATE; +#define CKS_RO_PUBLIC_SESSION 0 +#define CKS_RO_USER_FUNCTIONS 1 +#define CKS_RW_PUBLIC_SESSION 2 +#define CKS_RW_USER_FUNCTIONS 3 +#define CKS_RW_SO_FUNCTIONS 4 + + +/* CK_SESSION_INFO provides information about a session */ +typedef struct CK_SESSION_INFO { + CK_SLOT_ID slotID; + CK_STATE state; + CK_FLAGS flags; /* see below */ + + /* ulDeviceError was changed from CK_USHORT to CK_ULONG for + * v2.0 */ + CK_ULONG ulDeviceError; /* device-dependent error code */ +} CK_SESSION_INFO; + +/* The flags are defined in the following table: + * Bit Flag Mask Meaning + */ +#define CKF_RW_SESSION 0x00000002 /* session is r/w */ +#define CKF_SERIAL_SESSION 0x00000004 /* no parallel */ + +typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; + + +/* CK_OBJECT_HANDLE is a token-specific identifier for an + * object */ +typedef CK_ULONG CK_OBJECT_HANDLE; + +typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; + + +/* CK_OBJECT_CLASS is a value that identifies the classes (or + * types) of objects that Cryptoki recognizes. It is defined + * as follows: */ +/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for + * v2.0 */ +typedef CK_ULONG CK_OBJECT_CLASS; + +/* The following classes of objects are defined: */ +/* CKO_HW_FEATURE is new for v2.10 */ +/* CKO_DOMAIN_PARAMETERS is new for v2.11 */ +/* CKO_MECHANISM is new for v2.20 */ +#define CKO_DATA 0x00000000 +#define CKO_CERTIFICATE 0x00000001 +#define CKO_PUBLIC_KEY 0x00000002 +#define CKO_PRIVATE_KEY 0x00000003 +#define CKO_SECRET_KEY 0x00000004 +#define CKO_HW_FEATURE 0x00000005 +#define CKO_DOMAIN_PARAMETERS 0x00000006 +#define CKO_MECHANISM 0x00000007 + +/* CKO_OTP_KEY is new for PKCS #11 v2.20 amendment 1 */ +#define CKO_OTP_KEY 0x00000008 + +#define CKO_VENDOR_DEFINED 0x80000000 + +typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; + +/* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a + * value that identifies the hardware feature type of an object + * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */ +typedef CK_ULONG CK_HW_FEATURE_TYPE; + +/* The following hardware feature types are defined */ +/* CKH_USER_INTERFACE is new for v2.20 */ +#define CKH_MONOTONIC_COUNTER 0x00000001 +#define CKH_CLOCK 0x00000002 +#define CKH_USER_INTERFACE 0x00000003 +#define CKH_VENDOR_DEFINED 0x80000000 + +/* CK_KEY_TYPE is a value that identifies a key type */ +/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */ +typedef CK_ULONG CK_KEY_TYPE; + +/* the following key types are defined: */ +#define CKK_RSA 0x00000000 +#define CKK_DSA 0x00000001 +#define CKK_DH 0x00000002 + +/* CKK_ECDSA and CKK_KEA are new for v2.0 */ +/* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */ +#define CKK_ECDSA 0x00000003 +#define CKK_EC 0x00000003 +#define CKK_X9_42_DH 0x00000004 +#define CKK_KEA 0x00000005 + +#define CKK_GENERIC_SECRET 0x00000010 +#define CKK_RC2 0x00000011 +#define CKK_RC4 0x00000012 +#define CKK_DES 0x00000013 +#define CKK_DES2 0x00000014 +#define CKK_DES3 0x00000015 + +/* all these key types are new for v2.0 */ +#define CKK_CAST 0x00000016 +#define CKK_CAST3 0x00000017 +/* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */ +#define CKK_CAST5 0x00000018 +#define CKK_CAST128 0x00000018 +#define CKK_RC5 0x00000019 +#define CKK_IDEA 0x0000001A +#define CKK_SKIPJACK 0x0000001B +#define CKK_BATON 0x0000001C +#define CKK_JUNIPER 0x0000001D +#define CKK_CDMF 0x0000001E +#define CKK_AES 0x0000001F + +/* BlowFish and TwoFish are new for v2.20 */ +#define CKK_BLOWFISH 0x00000020 +#define CKK_TWOFISH 0x00000021 + +/* SecurID, HOTP, and ACTI are new for PKCS #11 v2.20 amendment 1 */ +#define CKK_SECURID 0x00000022 +#define CKK_HOTP 0x00000023 +#define CKK_ACTI 0x00000024 + +/* Camellia is new for PKCS #11 v2.20 amendment 3 */ +#define CKK_CAMELLIA 0x00000025 +/* ARIA is new for PKCS #11 v2.20 amendment 3 */ +#define CKK_ARIA 0x00000026 + + +#define CKK_VENDOR_DEFINED 0x80000000 + + +/* CK_CERTIFICATE_TYPE is a value that identifies a certificate + * type */ +/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG + * for v2.0 */ +typedef CK_ULONG CK_CERTIFICATE_TYPE; + +/* The following certificate types are defined: */ +/* CKC_X_509_ATTR_CERT is new for v2.10 */ +/* CKC_WTLS is new for v2.20 */ +#define CKC_X_509 0x00000000 +#define CKC_X_509_ATTR_CERT 0x00000001 +#define CKC_WTLS 0x00000002 +#define CKC_VENDOR_DEFINED 0x80000000 + + +/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute + * type */ +/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for + * v2.0 */ +typedef CK_ULONG CK_ATTRIBUTE_TYPE; + +/* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which + consists of an array of values. */ +#define CKF_ARRAY_ATTRIBUTE 0x40000000 + +/* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 + and relates to the CKA_OTP_FORMAT attribute */ +#define CK_OTP_FORMAT_DECIMAL 0 +#define CK_OTP_FORMAT_HEXADECIMAL 1 +#define CK_OTP_FORMAT_ALPHANUMERIC 2 +#define CK_OTP_FORMAT_BINARY 3 + +/* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 + and relates to the CKA_OTP_..._REQUIREMENT attributes */ +#define CK_OTP_PARAM_IGNORED 0 +#define CK_OTP_PARAM_OPTIONAL 1 +#define CK_OTP_PARAM_MANDATORY 2 + +/* The following attribute types are defined: */ +#define CKA_CLASS 0x00000000 +#define CKA_TOKEN 0x00000001 +#define CKA_PRIVATE 0x00000002 +#define CKA_LABEL 0x00000003 +#define CKA_APPLICATION 0x00000010 +#define CKA_VALUE 0x00000011 + +/* CKA_OBJECT_ID is new for v2.10 */ +#define CKA_OBJECT_ID 0x00000012 + +#define CKA_CERTIFICATE_TYPE 0x00000080 +#define CKA_ISSUER 0x00000081 +#define CKA_SERIAL_NUMBER 0x00000082 + +/* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new + * for v2.10 */ +#define CKA_AC_ISSUER 0x00000083 +#define CKA_OWNER 0x00000084 +#define CKA_ATTR_TYPES 0x00000085 + +/* CKA_TRUSTED is new for v2.11 */ +#define CKA_TRUSTED 0x00000086 + +/* CKA_CERTIFICATE_CATEGORY ... + * CKA_CHECK_VALUE are new for v2.20 */ +#define CKA_CERTIFICATE_CATEGORY 0x00000087 +#define CKA_JAVA_MIDP_SECURITY_DOMAIN 0x00000088 +#define CKA_URL 0x00000089 +#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008A +#define CKA_HASH_OF_ISSUER_PUBLIC_KEY 0x0000008B +#define CKA_CHECK_VALUE 0x00000090 + +#define CKA_KEY_TYPE 0x00000100 +#define CKA_SUBJECT 0x00000101 +#define CKA_ID 0x00000102 +#define CKA_SENSITIVE 0x00000103 +#define CKA_ENCRYPT 0x00000104 +#define CKA_DECRYPT 0x00000105 +#define CKA_WRAP 0x00000106 +#define CKA_UNWRAP 0x00000107 +#define CKA_SIGN 0x00000108 +#define CKA_SIGN_RECOVER 0x00000109 +#define CKA_VERIFY 0x0000010A +#define CKA_VERIFY_RECOVER 0x0000010B +#define CKA_DERIVE 0x0000010C +#define CKA_START_DATE 0x00000110 +#define CKA_END_DATE 0x00000111 +#define CKA_MODULUS 0x00000120 +#define CKA_MODULUS_BITS 0x00000121 +#define CKA_PUBLIC_EXPONENT 0x00000122 +#define CKA_PRIVATE_EXPONENT 0x00000123 +#define CKA_PRIME_1 0x00000124 +#define CKA_PRIME_2 0x00000125 +#define CKA_EXPONENT_1 0x00000126 +#define CKA_EXPONENT_2 0x00000127 +#define CKA_COEFFICIENT 0x00000128 +#define CKA_PRIME 0x00000130 +#define CKA_SUBPRIME 0x00000131 +#define CKA_BASE 0x00000132 + +/* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */ +#define CKA_PRIME_BITS 0x00000133 +#define CKA_SUBPRIME_BITS 0x00000134 +#define CKA_SUB_PRIME_BITS CKA_SUBPRIME_BITS +/* (To retain backwards-compatibility) */ + +#define CKA_VALUE_BITS 0x00000160 +#define CKA_VALUE_LEN 0x00000161 + +/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, + * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS, + * and CKA_EC_POINT are new for v2.0 */ +#define CKA_EXTRACTABLE 0x00000162 +#define CKA_LOCAL 0x00000163 +#define CKA_NEVER_EXTRACTABLE 0x00000164 +#define CKA_ALWAYS_SENSITIVE 0x00000165 + +/* CKA_KEY_GEN_MECHANISM is new for v2.11 */ +#define CKA_KEY_GEN_MECHANISM 0x00000166 + +#define CKA_MODIFIABLE 0x00000170 + +/* CKA_ECDSA_PARAMS is deprecated in v2.11, + * CKA_EC_PARAMS is preferred. */ +#define CKA_ECDSA_PARAMS 0x00000180 +#define CKA_EC_PARAMS 0x00000180 + +#define CKA_EC_POINT 0x00000181 + +/* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS, + * are new for v2.10. Deprecated in v2.11 and onwards. */ +#define CKA_SECONDARY_AUTH 0x00000200 +#define CKA_AUTH_PIN_FLAGS 0x00000201 + +/* CKA_ALWAYS_AUTHENTICATE ... + * CKA_UNWRAP_TEMPLATE are new for v2.20 */ +#define CKA_ALWAYS_AUTHENTICATE 0x00000202 + +#define CKA_WRAP_WITH_TRUSTED 0x00000210 +#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000211) +#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE|0x00000212) + +/* CKA_OTP... atttributes are new for PKCS #11 v2.20 amendment 3. */ +#define CKA_OTP_FORMAT 0x00000220 +#define CKA_OTP_LENGTH 0x00000221 +#define CKA_OTP_TIME_INTERVAL 0x00000222 +#define CKA_OTP_USER_FRIENDLY_MODE 0x00000223 +#define CKA_OTP_CHALLENGE_REQUIREMENT 0x00000224 +#define CKA_OTP_TIME_REQUIREMENT 0x00000225 +#define CKA_OTP_COUNTER_REQUIREMENT 0x00000226 +#define CKA_OTP_PIN_REQUIREMENT 0x00000227 +#define CKA_OTP_COUNTER 0x0000022E +#define CKA_OTP_TIME 0x0000022F +#define CKA_OTP_USER_IDENTIFIER 0x0000022A +#define CKA_OTP_SERVICE_IDENTIFIER 0x0000022B +#define CKA_OTP_SERVICE_LOGO 0x0000022C +#define CKA_OTP_SERVICE_LOGO_TYPE 0x0000022D + + +/* CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET + * are new for v2.10 */ +#define CKA_HW_FEATURE_TYPE 0x00000300 +#define CKA_RESET_ON_INIT 0x00000301 +#define CKA_HAS_RESET 0x00000302 + +/* The following attributes are new for v2.20 */ +#define CKA_PIXEL_X 0x00000400 +#define CKA_PIXEL_Y 0x00000401 +#define CKA_RESOLUTION 0x00000402 +#define CKA_CHAR_ROWS 0x00000403 +#define CKA_CHAR_COLUMNS 0x00000404 +#define CKA_COLOR 0x00000405 +#define CKA_BITS_PER_PIXEL 0x00000406 +#define CKA_CHAR_SETS 0x00000480 +#define CKA_ENCODING_METHODS 0x00000481 +#define CKA_MIME_TYPES 0x00000482 +#define CKA_MECHANISM_TYPE 0x00000500 +#define CKA_REQUIRED_CMS_ATTRIBUTES 0x00000501 +#define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502 +#define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503 +#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE|0x00000600) + +#define CKA_VENDOR_DEFINED 0x80000000 + +/* CK_ATTRIBUTE is a structure that includes the type, length + * and value of an attribute */ +typedef struct CK_ATTRIBUTE { + CK_ATTRIBUTE_TYPE type; + CK_VOID_PTR pValue; + + /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */ + CK_ULONG ulValueLen; /* in bytes */ +} CK_ATTRIBUTE; + +typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; + + +/* CK_DATE is a structure that defines a date */ +typedef struct CK_DATE{ + CK_CHAR year[4]; /* the year ("1900" - "9999") */ + CK_CHAR month[2]; /* the month ("01" - "12") */ + CK_CHAR day[2]; /* the day ("01" - "31") */ +} CK_DATE; + + +/* CK_MECHANISM_TYPE is a value that identifies a mechanism + * type */ +/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for + * v2.0 */ +typedef CK_ULONG CK_MECHANISM_TYPE; + +/* the following mechanism types are defined: */ +#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000 +#define CKM_RSA_PKCS 0x00000001 +#define CKM_RSA_9796 0x00000002 +#define CKM_RSA_X_509 0x00000003 + +/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS + * are new for v2.0. They are mechanisms which hash and sign */ +#define CKM_MD2_RSA_PKCS 0x00000004 +#define CKM_MD5_RSA_PKCS 0x00000005 +#define CKM_SHA1_RSA_PKCS 0x00000006 + +/* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and + * CKM_RSA_PKCS_OAEP are new for v2.10 */ +#define CKM_RIPEMD128_RSA_PKCS 0x00000007 +#define CKM_RIPEMD160_RSA_PKCS 0x00000008 +#define CKM_RSA_PKCS_OAEP 0x00000009 + +/* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31, + * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */ +#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A +#define CKM_RSA_X9_31 0x0000000B +#define CKM_SHA1_RSA_X9_31 0x0000000C +#define CKM_RSA_PKCS_PSS 0x0000000D +#define CKM_SHA1_RSA_PKCS_PSS 0x0000000E + +#define CKM_DSA_KEY_PAIR_GEN 0x00000010 +#define CKM_DSA 0x00000011 +#define CKM_DSA_SHA1 0x00000012 +#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020 +#define CKM_DH_PKCS_DERIVE 0x00000021 + +/* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE, + * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for + * v2.11 */ +#define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030 +#define CKM_X9_42_DH_DERIVE 0x00000031 +#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032 +#define CKM_X9_42_MQV_DERIVE 0x00000033 + +/* CKM_SHA256/384/512 are new for v2.20 */ +#define CKM_SHA256_RSA_PKCS 0x00000040 +#define CKM_SHA384_RSA_PKCS 0x00000041 +#define CKM_SHA512_RSA_PKCS 0x00000042 +#define CKM_SHA256_RSA_PKCS_PSS 0x00000043 +#define CKM_SHA384_RSA_PKCS_PSS 0x00000044 +#define CKM_SHA512_RSA_PKCS_PSS 0x00000045 + +/* SHA-224 RSA mechanisms are new for PKCS #11 v2.20 amendment 3 */ +#define CKM_SHA224_RSA_PKCS 0x00000046 +#define CKM_SHA224_RSA_PKCS_PSS 0x00000047 + +#define CKM_RC2_KEY_GEN 0x00000100 +#define CKM_RC2_ECB 0x00000101 +#define CKM_RC2_CBC 0x00000102 +#define CKM_RC2_MAC 0x00000103 + +/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */ +#define CKM_RC2_MAC_GENERAL 0x00000104 +#define CKM_RC2_CBC_PAD 0x00000105 + +#define CKM_RC4_KEY_GEN 0x00000110 +#define CKM_RC4 0x00000111 +#define CKM_DES_KEY_GEN 0x00000120 +#define CKM_DES_ECB 0x00000121 +#define CKM_DES_CBC 0x00000122 +#define CKM_DES_MAC 0x00000123 + +/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */ +#define CKM_DES_MAC_GENERAL 0x00000124 +#define CKM_DES_CBC_PAD 0x00000125 + +#define CKM_DES2_KEY_GEN 0x00000130 +#define CKM_DES3_KEY_GEN 0x00000131 +#define CKM_DES3_ECB 0x00000132 +#define CKM_DES3_CBC 0x00000133 +#define CKM_DES3_MAC 0x00000134 + +/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, + * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, + * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */ +#define CKM_DES3_MAC_GENERAL 0x00000135 +#define CKM_DES3_CBC_PAD 0x00000136 +#define CKM_CDMF_KEY_GEN 0x00000140 +#define CKM_CDMF_ECB 0x00000141 +#define CKM_CDMF_CBC 0x00000142 +#define CKM_CDMF_MAC 0x00000143 +#define CKM_CDMF_MAC_GENERAL 0x00000144 +#define CKM_CDMF_CBC_PAD 0x00000145 + +/* the following four DES mechanisms are new for v2.20 */ +#define CKM_DES_OFB64 0x00000150 +#define CKM_DES_OFB8 0x00000151 +#define CKM_DES_CFB64 0x00000152 +#define CKM_DES_CFB8 0x00000153 + +#define CKM_MD2 0x00000200 + +/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */ +#define CKM_MD2_HMAC 0x00000201 +#define CKM_MD2_HMAC_GENERAL 0x00000202 + +#define CKM_MD5 0x00000210 + +/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */ +#define CKM_MD5_HMAC 0x00000211 +#define CKM_MD5_HMAC_GENERAL 0x00000212 + +#define CKM_SHA_1 0x00000220 + +/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */ +#define CKM_SHA_1_HMAC 0x00000221 +#define CKM_SHA_1_HMAC_GENERAL 0x00000222 + +/* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, + * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC, + * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */ +#define CKM_RIPEMD128 0x00000230 +#define CKM_RIPEMD128_HMAC 0x00000231 +#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232 +#define CKM_RIPEMD160 0x00000240 +#define CKM_RIPEMD160_HMAC 0x00000241 +#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242 + +/* CKM_SHA256/384/512 are new for v2.20 */ +#define CKM_SHA256 0x00000250 +#define CKM_SHA256_HMAC 0x00000251 +#define CKM_SHA256_HMAC_GENERAL 0x00000252 + +/* SHA-224 is new for PKCS #11 v2.20 amendment 3 */ +#define CKM_SHA224 0x00000255 +#define CKM_SHA224_HMAC 0x00000256 +#define CKM_SHA224_HMAC_GENERAL 0x00000257 + +#define CKM_SHA384 0x00000260 +#define CKM_SHA384_HMAC 0x00000261 +#define CKM_SHA384_HMAC_GENERAL 0x00000262 +#define CKM_SHA512 0x00000270 +#define CKM_SHA512_HMAC 0x00000271 +#define CKM_SHA512_HMAC_GENERAL 0x00000272 + +/* SecurID is new for PKCS #11 v2.20 amendment 1 */ +#define CKM_SECURID_KEY_GEN 0x00000280 +#define CKM_SECURID 0x00000282 + +/* HOTP is new for PKCS #11 v2.20 amendment 1 */ +#define CKM_HOTP_KEY_GEN 0x00000290 +#define CKM_HOTP 0x00000291 + +/* ACTI is new for PKCS #11 v2.20 amendment 1 */ +#define CKM_ACTI 0x000002A0 +#define CKM_ACTI_KEY_GEN 0x000002A1 + +/* All of the following mechanisms are new for v2.0 */ +/* Note that CAST128 and CAST5 are the same algorithm */ +#define CKM_CAST_KEY_GEN 0x00000300 +#define CKM_CAST_ECB 0x00000301 +#define CKM_CAST_CBC 0x00000302 +#define CKM_CAST_MAC 0x00000303 +#define CKM_CAST_MAC_GENERAL 0x00000304 +#define CKM_CAST_CBC_PAD 0x00000305 +#define CKM_CAST3_KEY_GEN 0x00000310 +#define CKM_CAST3_ECB 0x00000311 +#define CKM_CAST3_CBC 0x00000312 +#define CKM_CAST3_MAC 0x00000313 +#define CKM_CAST3_MAC_GENERAL 0x00000314 +#define CKM_CAST3_CBC_PAD 0x00000315 +#define CKM_CAST5_KEY_GEN 0x00000320 +#define CKM_CAST128_KEY_GEN 0x00000320 +#define CKM_CAST5_ECB 0x00000321 +#define CKM_CAST128_ECB 0x00000321 +#define CKM_CAST5_CBC 0x00000322 +#define CKM_CAST128_CBC 0x00000322 +#define CKM_CAST5_MAC 0x00000323 +#define CKM_CAST128_MAC 0x00000323 +#define CKM_CAST5_MAC_GENERAL 0x00000324 +#define CKM_CAST128_MAC_GENERAL 0x00000324 +#define CKM_CAST5_CBC_PAD 0x00000325 +#define CKM_CAST128_CBC_PAD 0x00000325 +#define CKM_RC5_KEY_GEN 0x00000330 +#define CKM_RC5_ECB 0x00000331 +#define CKM_RC5_CBC 0x00000332 +#define CKM_RC5_MAC 0x00000333 +#define CKM_RC5_MAC_GENERAL 0x00000334 +#define CKM_RC5_CBC_PAD 0x00000335 +#define CKM_IDEA_KEY_GEN 0x00000340 +#define CKM_IDEA_ECB 0x00000341 +#define CKM_IDEA_CBC 0x00000342 +#define CKM_IDEA_MAC 0x00000343 +#define CKM_IDEA_MAC_GENERAL 0x00000344 +#define CKM_IDEA_CBC_PAD 0x00000345 +#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350 +#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360 +#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362 +#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363 +#define CKM_XOR_BASE_AND_DATA 0x00000364 +#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365 +#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370 +#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371 +#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372 + +/* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN, + * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and + * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */ +#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373 +#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374 +#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375 +#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376 +#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377 + +/* CKM_TLS_PRF is new for v2.20 */ +#define CKM_TLS_PRF 0x00000378 + +#define CKM_SSL3_MD5_MAC 0x00000380 +#define CKM_SSL3_SHA1_MAC 0x00000381 +#define CKM_MD5_KEY_DERIVATION 0x00000390 +#define CKM_MD2_KEY_DERIVATION 0x00000391 +#define CKM_SHA1_KEY_DERIVATION 0x00000392 + +/* CKM_SHA256/384/512 are new for v2.20 */ +#define CKM_SHA256_KEY_DERIVATION 0x00000393 +#define CKM_SHA384_KEY_DERIVATION 0x00000394 +#define CKM_SHA512_KEY_DERIVATION 0x00000395 + +/* SHA-224 key derivation is new for PKCS #11 v2.20 amendment 3 */ +#define CKM_SHA224_KEY_DERIVATION 0x00000396 + +#define CKM_PBE_MD2_DES_CBC 0x000003A0 +#define CKM_PBE_MD5_DES_CBC 0x000003A1 +#define CKM_PBE_MD5_CAST_CBC 0x000003A2 +#define CKM_PBE_MD5_CAST3_CBC 0x000003A3 +#define CKM_PBE_MD5_CAST5_CBC 0x000003A4 +#define CKM_PBE_MD5_CAST128_CBC 0x000003A4 +#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5 +#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5 +#define CKM_PBE_SHA1_RC4_128 0x000003A6 +#define CKM_PBE_SHA1_RC4_40 0x000003A7 +#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8 +#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9 +#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA +#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB + +/* CKM_PKCS5_PBKD2 is new for v2.10 */ +#define CKM_PKCS5_PBKD2 0x000003B0 + +#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0 + +/* WTLS mechanisms are new for v2.20 */ +#define CKM_WTLS_PRE_MASTER_KEY_GEN 0x000003D0 +#define CKM_WTLS_MASTER_KEY_DERIVE 0x000003D1 +#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC 0x000003D2 +#define CKM_WTLS_PRF 0x000003D3 +#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4 +#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5 + +#define CKM_KEY_WRAP_LYNKS 0x00000400 +#define CKM_KEY_WRAP_SET_OAEP 0x00000401 + +/* CKM_CMS_SIG is new for v2.20 */ +#define CKM_CMS_SIG 0x00000500 + +/* CKM_KIP mechanisms are new for PKCS #11 v2.20 amendment 2 */ +#define CKM_KIP_DERIVE 0x00000510 +#define CKM_KIP_WRAP 0x00000511 +#define CKM_KIP_MAC 0x00000512 + +/* Camellia is new for PKCS #11 v2.20 amendment 3 */ +#define CKM_CAMELLIA_KEY_GEN 0x00000550 +#define CKM_CAMELLIA_ECB 0x00000551 +#define CKM_CAMELLIA_CBC 0x00000552 +#define CKM_CAMELLIA_MAC 0x00000553 +#define CKM_CAMELLIA_MAC_GENERAL 0x00000554 +#define CKM_CAMELLIA_CBC_PAD 0x00000555 +#define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556 +#define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557 +#define CKM_CAMELLIA_CTR 0x00000558 + +/* ARIA is new for PKCS #11 v2.20 amendment 3 */ +#define CKM_ARIA_KEY_GEN 0x00000560 +#define CKM_ARIA_ECB 0x00000561 +#define CKM_ARIA_CBC 0x00000562 +#define CKM_ARIA_MAC 0x00000563 +#define CKM_ARIA_MAC_GENERAL 0x00000564 +#define CKM_ARIA_CBC_PAD 0x00000565 +#define CKM_ARIA_ECB_ENCRYPT_DATA 0x00000566 +#define CKM_ARIA_CBC_ENCRYPT_DATA 0x00000567 + +/* Fortezza mechanisms */ +#define CKM_SKIPJACK_KEY_GEN 0x00001000 +#define CKM_SKIPJACK_ECB64 0x00001001 +#define CKM_SKIPJACK_CBC64 0x00001002 +#define CKM_SKIPJACK_OFB64 0x00001003 +#define CKM_SKIPJACK_CFB64 0x00001004 +#define CKM_SKIPJACK_CFB32 0x00001005 +#define CKM_SKIPJACK_CFB16 0x00001006 +#define CKM_SKIPJACK_CFB8 0x00001007 +#define CKM_SKIPJACK_WRAP 0x00001008 +#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009 +#define CKM_SKIPJACK_RELAYX 0x0000100a +#define CKM_KEA_KEY_PAIR_GEN 0x00001010 +#define CKM_KEA_KEY_DERIVE 0x00001011 +#define CKM_FORTEZZA_TIMESTAMP 0x00001020 +#define CKM_BATON_KEY_GEN 0x00001030 +#define CKM_BATON_ECB128 0x00001031 +#define CKM_BATON_ECB96 0x00001032 +#define CKM_BATON_CBC128 0x00001033 +#define CKM_BATON_COUNTER 0x00001034 +#define CKM_BATON_SHUFFLE 0x00001035 +#define CKM_BATON_WRAP 0x00001036 + +/* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11, + * CKM_EC_KEY_PAIR_GEN is preferred */ +#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 +#define CKM_EC_KEY_PAIR_GEN 0x00001040 + +#define CKM_ECDSA 0x00001041 +#define CKM_ECDSA_SHA1 0x00001042 + +/* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE + * are new for v2.11 */ +#define CKM_ECDH1_DERIVE 0x00001050 +#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051 +#define CKM_ECMQV_DERIVE 0x00001052 + +#define CKM_JUNIPER_KEY_GEN 0x00001060 +#define CKM_JUNIPER_ECB128 0x00001061 +#define CKM_JUNIPER_CBC128 0x00001062 +#define CKM_JUNIPER_COUNTER 0x00001063 +#define CKM_JUNIPER_SHUFFLE 0x00001064 +#define CKM_JUNIPER_WRAP 0x00001065 +#define CKM_FASTHASH 0x00001070 + +/* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC, + * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN, + * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are + * new for v2.11 */ +#define CKM_AES_KEY_GEN 0x00001080 +#define CKM_AES_ECB 0x00001081 +#define CKM_AES_CBC 0x00001082 +#define CKM_AES_MAC 0x00001083 +#define CKM_AES_MAC_GENERAL 0x00001084 +#define CKM_AES_CBC_PAD 0x00001085 + +/* AES counter mode is new for PKCS #11 v2.20 amendment 3 */ +#define CKM_AES_CTR 0x00001086 + +/* BlowFish and TwoFish are new for v2.20 */ +#define CKM_BLOWFISH_KEY_GEN 0x00001090 +#define CKM_BLOWFISH_CBC 0x00001091 +#define CKM_TWOFISH_KEY_GEN 0x00001092 +#define CKM_TWOFISH_CBC 0x00001093 + + +/* CKM_xxx_ENCRYPT_DATA mechanisms are new for v2.20 */ +#define CKM_DES_ECB_ENCRYPT_DATA 0x00001100 +#define CKM_DES_CBC_ENCRYPT_DATA 0x00001101 +#define CKM_DES3_ECB_ENCRYPT_DATA 0x00001102 +#define CKM_DES3_CBC_ENCRYPT_DATA 0x00001103 +#define CKM_AES_ECB_ENCRYPT_DATA 0x00001104 +#define CKM_AES_CBC_ENCRYPT_DATA 0x00001105 + +#define CKM_DSA_PARAMETER_GEN 0x00002000 +#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001 +#define CKM_X9_42_DH_PARAMETER_GEN 0x00002002 + +#define CKM_VENDOR_DEFINED 0x80000000 + +typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; + + +/* CK_MECHANISM is a structure that specifies a particular + * mechanism */ +typedef struct CK_MECHANISM { + CK_MECHANISM_TYPE mechanism; + CK_VOID_PTR pParameter; + + /* ulParameterLen was changed from CK_USHORT to CK_ULONG for + * v2.0 */ + CK_ULONG ulParameterLen; /* in bytes */ +} CK_MECHANISM; + +typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; + + +/* CK_MECHANISM_INFO provides information about a particular + * mechanism */ +typedef struct CK_MECHANISM_INFO { + CK_ULONG ulMinKeySize; + CK_ULONG ulMaxKeySize; + CK_FLAGS flags; +} CK_MECHANISM_INFO; + +/* The flags are defined as follows: + * Bit Flag Mask Meaning */ +#define CKF_HW 0x00000001 /* performed by HW */ + +/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, + * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER, + * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP, + * and CKF_DERIVE are new for v2.0. They specify whether or not + * a mechanism can be used for a particular task */ +#define CKF_ENCRYPT 0x00000100 +#define CKF_DECRYPT 0x00000200 +#define CKF_DIGEST 0x00000400 +#define CKF_SIGN 0x00000800 +#define CKF_SIGN_RECOVER 0x00001000 +#define CKF_VERIFY 0x00002000 +#define CKF_VERIFY_RECOVER 0x00004000 +#define CKF_GENERATE 0x00008000 +#define CKF_GENERATE_KEY_PAIR 0x00010000 +#define CKF_WRAP 0x00020000 +#define CKF_UNWRAP 0x00040000 +#define CKF_DERIVE 0x00080000 + +/* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE, + * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They + * describe a token's EC capabilities not available in mechanism + * information. */ +#define CKF_EC_F_P 0x00100000 +#define CKF_EC_F_2M 0x00200000 +#define CKF_EC_ECPARAMETERS 0x00400000 +#define CKF_EC_NAMEDCURVE 0x00800000 +#define CKF_EC_UNCOMPRESS 0x01000000 +#define CKF_EC_COMPRESS 0x02000000 + +#define CKF_EXTENSION 0x80000000 /* FALSE for this version */ + +typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; + + +/* CK_RV is a value that identifies the return value of a + * Cryptoki function */ +/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ +typedef CK_ULONG CK_RV; + +#define CKR_OK 0x00000000 +#define CKR_CANCEL 0x00000001 +#define CKR_HOST_MEMORY 0x00000002 +#define CKR_SLOT_ID_INVALID 0x00000003 + +/* CKR_FLAGS_INVALID was removed for v2.0 */ + +/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ +#define CKR_GENERAL_ERROR 0x00000005 +#define CKR_FUNCTION_FAILED 0x00000006 + +/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, + * and CKR_CANT_LOCK are new for v2.01 */ +#define CKR_ARGUMENTS_BAD 0x00000007 +#define CKR_NO_EVENT 0x00000008 +#define CKR_NEED_TO_CREATE_THREADS 0x00000009 +#define CKR_CANT_LOCK 0x0000000A + +#define CKR_ATTRIBUTE_READ_ONLY 0x00000010 +#define CKR_ATTRIBUTE_SENSITIVE 0x00000011 +#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 +#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 +#define CKR_DATA_INVALID 0x00000020 +#define CKR_DATA_LEN_RANGE 0x00000021 +#define CKR_DEVICE_ERROR 0x00000030 +#define CKR_DEVICE_MEMORY 0x00000031 +#define CKR_DEVICE_REMOVED 0x00000032 +#define CKR_ENCRYPTED_DATA_INVALID 0x00000040 +#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 +#define CKR_FUNCTION_CANCELED 0x00000050 +#define CKR_FUNCTION_NOT_PARALLEL 0x00000051 + +/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ +#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054 + +#define CKR_KEY_HANDLE_INVALID 0x00000060 + +/* CKR_KEY_SENSITIVE was removed for v2.0 */ + +#define CKR_KEY_SIZE_RANGE 0x00000062 +#define CKR_KEY_TYPE_INCONSISTENT 0x00000063 + +/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, + * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, + * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for + * v2.0 */ +#define CKR_KEY_NOT_NEEDED 0x00000064 +#define CKR_KEY_CHANGED 0x00000065 +#define CKR_KEY_NEEDED 0x00000066 +#define CKR_KEY_INDIGESTIBLE 0x00000067 +#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 +#define CKR_KEY_NOT_WRAPPABLE 0x00000069 +#define CKR_KEY_UNEXTRACTABLE 0x0000006A + +#define CKR_MECHANISM_INVALID 0x00000070 +#define CKR_MECHANISM_PARAM_INVALID 0x00000071 + +/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID + * were removed for v2.0 */ +#define CKR_OBJECT_HANDLE_INVALID 0x00000082 +#define CKR_OPERATION_ACTIVE 0x00000090 +#define CKR_OPERATION_NOT_INITIALIZED 0x00000091 +#define CKR_PIN_INCORRECT 0x000000A0 +#define CKR_PIN_INVALID 0x000000A1 +#define CKR_PIN_LEN_RANGE 0x000000A2 + +/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ +#define CKR_PIN_EXPIRED 0x000000A3 +#define CKR_PIN_LOCKED 0x000000A4 + +#define CKR_SESSION_CLOSED 0x000000B0 +#define CKR_SESSION_COUNT 0x000000B1 +#define CKR_SESSION_HANDLE_INVALID 0x000000B3 +#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 +#define CKR_SESSION_READ_ONLY 0x000000B5 +#define CKR_SESSION_EXISTS 0x000000B6 + +/* CKR_SESSION_READ_ONLY_EXISTS and + * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ +#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7 +#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8 + +#define CKR_SIGNATURE_INVALID 0x000000C0 +#define CKR_SIGNATURE_LEN_RANGE 0x000000C1 +#define CKR_TEMPLATE_INCOMPLETE 0x000000D0 +#define CKR_TEMPLATE_INCONSISTENT 0x000000D1 +#define CKR_TOKEN_NOT_PRESENT 0x000000E0 +#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1 +#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2 +#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0 +#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1 +#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2 +#define CKR_USER_ALREADY_LOGGED_IN 0x00000100 +#define CKR_USER_NOT_LOGGED_IN 0x00000101 +#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102 +#define CKR_USER_TYPE_INVALID 0x00000103 + +/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES + * are new to v2.01 */ +#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104 +#define CKR_USER_TOO_MANY_TYPES 0x00000105 + +#define CKR_WRAPPED_KEY_INVALID 0x00000110 +#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 +#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 +#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114 +#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115 +#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 + +/* These are new to v2.0 */ +#define CKR_RANDOM_NO_RNG 0x00000121 + +/* These are new to v2.11 */ +#define CKR_DOMAIN_PARAMS_INVALID 0x00000130 + +/* These are new to v2.0 */ +#define CKR_BUFFER_TOO_SMALL 0x00000150 +#define CKR_SAVED_STATE_INVALID 0x00000160 +#define CKR_INFORMATION_SENSITIVE 0x00000170 +#define CKR_STATE_UNSAVEABLE 0x00000180 + +/* These are new to v2.01 */ +#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 +#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 +#define CKR_MUTEX_BAD 0x000001A0 +#define CKR_MUTEX_NOT_LOCKED 0x000001A1 + +/* The following return values are new for PKCS #11 v2.20 amendment 3 */ +#define CKR_NEW_PIN_MODE 0x000001B0 +#define CKR_NEXT_OTP 0x000001B1 + +/* This is new to v2.20 */ +#define CKR_FUNCTION_REJECTED 0x00000200 + +#define CKR_VENDOR_DEFINED 0x80000000 + + +/* CK_NOTIFY is an application callback that processes events */ +typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)( + CK_SESSION_HANDLE hSession, /* the session's handle */ + CK_NOTIFICATION event, + CK_VOID_PTR pApplication /* passed to C_OpenSession */ +); + + +/* CK_FUNCTION_LIST is a structure holding a Cryptoki spec + * version and pointers of appropriate types to all the + * Cryptoki functions */ +/* CK_FUNCTION_LIST is new for v2.0 */ +typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; + +typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; + +typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; + + +/* CK_CREATEMUTEX is an application callback for creating a + * mutex object */ +typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( + CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ +); + + +/* CK_DESTROYMUTEX is an application callback for destroying a + * mutex object */ +typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)( + CK_VOID_PTR pMutex /* pointer to mutex */ +); + + +/* CK_LOCKMUTEX is an application callback for locking a mutex */ +typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)( + CK_VOID_PTR pMutex /* pointer to mutex */ +); + + +/* CK_UNLOCKMUTEX is an application callback for unlocking a + * mutex */ +typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)( + CK_VOID_PTR pMutex /* pointer to mutex */ +); + + +/* CK_C_INITIALIZE_ARGS provides the optional arguments to + * C_Initialize */ +typedef struct CK_C_INITIALIZE_ARGS { + CK_CREATEMUTEX CreateMutex; + CK_DESTROYMUTEX DestroyMutex; + CK_LOCKMUTEX LockMutex; + CK_UNLOCKMUTEX UnlockMutex; + CK_FLAGS flags; + CK_VOID_PTR pReserved; +} CK_C_INITIALIZE_ARGS; + +/* flags: bit flags that provide capabilities of the slot + * Bit Flag Mask Meaning + */ +#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 +#define CKF_OS_LOCKING_OK 0x00000002 + +typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; + + +/* additional flags for parameters to functions */ + +/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ +#define CKF_DONT_BLOCK 1 + +/* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10. + * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message + * Generation Function (MGF) applied to a message block when + * formatting a message block for the PKCS #1 OAEP encryption + * scheme. */ +typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; + +typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; + +/* The following MGFs are defined */ +/* CKG_MGF1_SHA256, CKG_MGF1_SHA384, and CKG_MGF1_SHA512 + * are new for v2.20 */ +#define CKG_MGF1_SHA1 0x00000001 +#define CKG_MGF1_SHA256 0x00000002 +#define CKG_MGF1_SHA384 0x00000003 +#define CKG_MGF1_SHA512 0x00000004 +/* SHA-224 is new for PKCS #11 v2.20 amendment 3 */ +#define CKG_MGF1_SHA224 0x00000005 + +/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10. + * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source + * of the encoding parameter when formatting a message block + * for the PKCS #1 OAEP encryption scheme. */ +typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; + +typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; + +/* The following encoding parameter sources are defined */ +#define CKZ_DATA_SPECIFIED 0x00000001 + +/* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10. + * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the + * CKM_RSA_PKCS_OAEP mechanism. */ +typedef struct CK_RSA_PKCS_OAEP_PARAMS { + CK_MECHANISM_TYPE hashAlg; + CK_RSA_PKCS_MGF_TYPE mgf; + CK_RSA_PKCS_OAEP_SOURCE_TYPE source; + CK_VOID_PTR pSourceData; + CK_ULONG ulSourceDataLen; +} CK_RSA_PKCS_OAEP_PARAMS; + +typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; + +/* CK_RSA_PKCS_PSS_PARAMS is new for v2.11. + * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the + * CKM_RSA_PKCS_PSS mechanism(s). */ +typedef struct CK_RSA_PKCS_PSS_PARAMS { + CK_MECHANISM_TYPE hashAlg; + CK_RSA_PKCS_MGF_TYPE mgf; + CK_ULONG sLen; +} CK_RSA_PKCS_PSS_PARAMS; + +typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR; + +/* CK_EC_KDF_TYPE is new for v2.11. */ +typedef CK_ULONG CK_EC_KDF_TYPE; + +/* The following EC Key Derivation Functions are defined */ +#define CKD_NULL 0x00000001 +#define CKD_SHA1_KDF 0x00000002 + +/* CK_ECDH1_DERIVE_PARAMS is new for v2.11. + * CK_ECDH1_DERIVE_PARAMS provides the parameters to the + * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms, + * where each party contributes one key pair. + */ +typedef struct CK_ECDH1_DERIVE_PARAMS { + CK_EC_KDF_TYPE kdf; + CK_ULONG ulSharedDataLen; + CK_BYTE_PTR pSharedData; + CK_ULONG ulPublicDataLen; + CK_BYTE_PTR pPublicData; +} CK_ECDH1_DERIVE_PARAMS; + +typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR; + + +/* CK_ECDH2_DERIVE_PARAMS is new for v2.11. + * CK_ECDH2_DERIVE_PARAMS provides the parameters to the + * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */ +typedef struct CK_ECDH2_DERIVE_PARAMS { + CK_EC_KDF_TYPE kdf; + CK_ULONG ulSharedDataLen; + CK_BYTE_PTR pSharedData; + CK_ULONG ulPublicDataLen; + CK_BYTE_PTR pPublicData; + CK_ULONG ulPrivateDataLen; + CK_OBJECT_HANDLE hPrivateData; + CK_ULONG ulPublicDataLen2; + CK_BYTE_PTR pPublicData2; +} CK_ECDH2_DERIVE_PARAMS; + +typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR; + +typedef struct CK_ECMQV_DERIVE_PARAMS { + CK_EC_KDF_TYPE kdf; + CK_ULONG ulSharedDataLen; + CK_BYTE_PTR pSharedData; + CK_ULONG ulPublicDataLen; + CK_BYTE_PTR pPublicData; + CK_ULONG ulPrivateDataLen; + CK_OBJECT_HANDLE hPrivateData; + CK_ULONG ulPublicDataLen2; + CK_BYTE_PTR pPublicData2; + CK_OBJECT_HANDLE publicKey; +} CK_ECMQV_DERIVE_PARAMS; + +typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR; + +/* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the + * CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */ +typedef CK_ULONG CK_X9_42_DH_KDF_TYPE; +typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR; + +/* The following X9.42 DH key derivation functions are defined + (besides CKD_NULL already defined : */ +#define CKD_SHA1_KDF_ASN1 0x00000003 +#define CKD_SHA1_KDF_CONCATENATE 0x00000004 + +/* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11. + * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the + * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party + * contributes one key pair */ +typedef struct CK_X9_42_DH1_DERIVE_PARAMS { + CK_X9_42_DH_KDF_TYPE kdf; + CK_ULONG ulOtherInfoLen; + CK_BYTE_PTR pOtherInfo; + CK_ULONG ulPublicDataLen; + CK_BYTE_PTR pPublicData; +} CK_X9_42_DH1_DERIVE_PARAMS; + +typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR; + +/* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11. + * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the + * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation + * mechanisms, where each party contributes two key pairs */ +typedef struct CK_X9_42_DH2_DERIVE_PARAMS { + CK_X9_42_DH_KDF_TYPE kdf; + CK_ULONG ulOtherInfoLen; + CK_BYTE_PTR pOtherInfo; + CK_ULONG ulPublicDataLen; + CK_BYTE_PTR pPublicData; + CK_ULONG ulPrivateDataLen; + CK_OBJECT_HANDLE hPrivateData; + CK_ULONG ulPublicDataLen2; + CK_BYTE_PTR pPublicData2; +} CK_X9_42_DH2_DERIVE_PARAMS; + +typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR; + +typedef struct CK_X9_42_MQV_DERIVE_PARAMS { + CK_X9_42_DH_KDF_TYPE kdf; + CK_ULONG ulOtherInfoLen; + CK_BYTE_PTR pOtherInfo; + CK_ULONG ulPublicDataLen; + CK_BYTE_PTR pPublicData; + CK_ULONG ulPrivateDataLen; + CK_OBJECT_HANDLE hPrivateData; + CK_ULONG ulPublicDataLen2; + CK_BYTE_PTR pPublicData2; + CK_OBJECT_HANDLE publicKey; +} CK_X9_42_MQV_DERIVE_PARAMS; + +typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR; + +/* CK_KEA_DERIVE_PARAMS provides the parameters to the + * CKM_KEA_DERIVE mechanism */ +/* CK_KEA_DERIVE_PARAMS is new for v2.0 */ +typedef struct CK_KEA_DERIVE_PARAMS { + CK_BBOOL isSender; + CK_ULONG ulRandomLen; + CK_BYTE_PTR pRandomA; + CK_BYTE_PTR pRandomB; + CK_ULONG ulPublicDataLen; + CK_BYTE_PTR pPublicData; +} CK_KEA_DERIVE_PARAMS; + +typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; + + +/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and + * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just + * holds the effective keysize */ +typedef CK_ULONG CK_RC2_PARAMS; + +typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; + + +/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC + * mechanism */ +typedef struct CK_RC2_CBC_PARAMS { + /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for + * v2.0 */ + CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ + + CK_BYTE iv[8]; /* IV for CBC mode */ +} CK_RC2_CBC_PARAMS; + +typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; + + +/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the + * CKM_RC2_MAC_GENERAL mechanism */ +/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */ +typedef struct CK_RC2_MAC_GENERAL_PARAMS { + CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ + CK_ULONG ulMacLength; /* Length of MAC in bytes */ +} CK_RC2_MAC_GENERAL_PARAMS; + +typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \ + CK_RC2_MAC_GENERAL_PARAMS_PTR; + + +/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and + * CKM_RC5_MAC mechanisms */ +/* CK_RC5_PARAMS is new for v2.0 */ +typedef struct CK_RC5_PARAMS { + CK_ULONG ulWordsize; /* wordsize in bits */ + CK_ULONG ulRounds; /* number of rounds */ +} CK_RC5_PARAMS; + +typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; + + +/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC + * mechanism */ +/* CK_RC5_CBC_PARAMS is new for v2.0 */ +typedef struct CK_RC5_CBC_PARAMS { + CK_ULONG ulWordsize; /* wordsize in bits */ + CK_ULONG ulRounds; /* number of rounds */ + CK_BYTE_PTR pIv; /* pointer to IV */ + CK_ULONG ulIvLen; /* length of IV in bytes */ +} CK_RC5_CBC_PARAMS; + +typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; + + +/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the + * CKM_RC5_MAC_GENERAL mechanism */ +/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */ +typedef struct CK_RC5_MAC_GENERAL_PARAMS { + CK_ULONG ulWordsize; /* wordsize in bits */ + CK_ULONG ulRounds; /* number of rounds */ + CK_ULONG ulMacLength; /* Length of MAC in bytes */ +} CK_RC5_MAC_GENERAL_PARAMS; + +typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \ + CK_RC5_MAC_GENERAL_PARAMS_PTR; + + +/* CK_MAC_GENERAL_PARAMS provides the parameters to most block + * ciphers' MAC_GENERAL mechanisms. Its value is the length of + * the MAC */ +/* CK_MAC_GENERAL_PARAMS is new for v2.0 */ +typedef CK_ULONG CK_MAC_GENERAL_PARAMS; + +typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; + +/* CK_DES/AES_ECB/CBC_ENCRYPT_DATA_PARAMS are new for v2.20 */ +typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS { + CK_BYTE iv[8]; + CK_BYTE_PTR pData; + CK_ULONG length; +} CK_DES_CBC_ENCRYPT_DATA_PARAMS; + +typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR; + +typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS { + CK_BYTE iv[16]; + CK_BYTE_PTR pData; + CK_ULONG length; +} CK_AES_CBC_ENCRYPT_DATA_PARAMS; + +typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR; + +/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the + * CKM_SKIPJACK_PRIVATE_WRAP mechanism */ +/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */ +typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { + CK_ULONG ulPasswordLen; + CK_BYTE_PTR pPassword; + CK_ULONG ulPublicDataLen; + CK_BYTE_PTR pPublicData; + CK_ULONG ulPAndGLen; + CK_ULONG ulQLen; + CK_ULONG ulRandomLen; + CK_BYTE_PTR pRandomA; + CK_BYTE_PTR pPrimeP; + CK_BYTE_PTR pBaseG; + CK_BYTE_PTR pSubprimeQ; +} CK_SKIPJACK_PRIVATE_WRAP_PARAMS; + +typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \ + CK_SKIPJACK_PRIVATE_WRAP_PTR; + + +/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the + * CKM_SKIPJACK_RELAYX mechanism */ +/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */ +typedef struct CK_SKIPJACK_RELAYX_PARAMS { + CK_ULONG ulOldWrappedXLen; + CK_BYTE_PTR pOldWrappedX; + CK_ULONG ulOldPasswordLen; + CK_BYTE_PTR pOldPassword; + CK_ULONG ulOldPublicDataLen; + CK_BYTE_PTR pOldPublicData; + CK_ULONG ulOldRandomLen; + CK_BYTE_PTR pOldRandomA; + CK_ULONG ulNewPasswordLen; + CK_BYTE_PTR pNewPassword; + CK_ULONG ulNewPublicDataLen; + CK_BYTE_PTR pNewPublicData; + CK_ULONG ulNewRandomLen; + CK_BYTE_PTR pNewRandomA; +} CK_SKIPJACK_RELAYX_PARAMS; + +typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \ + CK_SKIPJACK_RELAYX_PARAMS_PTR; + + +typedef struct CK_PBE_PARAMS { + CK_BYTE_PTR pInitVector; + CK_UTF8CHAR_PTR pPassword; + CK_ULONG ulPasswordLen; + CK_BYTE_PTR pSalt; + CK_ULONG ulSaltLen; + CK_ULONG ulIteration; +} CK_PBE_PARAMS; + +typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; + + +/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the + * CKM_KEY_WRAP_SET_OAEP mechanism */ +/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */ +typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { + CK_BYTE bBC; /* block contents byte */ + CK_BYTE_PTR pX; /* extra data */ + CK_ULONG ulXLen; /* length of extra data in bytes */ +} CK_KEY_WRAP_SET_OAEP_PARAMS; + +typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \ + CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; + + +typedef struct CK_SSL3_RANDOM_DATA { + CK_BYTE_PTR pClientRandom; + CK_ULONG ulClientRandomLen; + CK_BYTE_PTR pServerRandom; + CK_ULONG ulServerRandomLen; +} CK_SSL3_RANDOM_DATA; + + +typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { + CK_SSL3_RANDOM_DATA RandomInfo; + CK_VERSION_PTR pVersion; +} CK_SSL3_MASTER_KEY_DERIVE_PARAMS; + +typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \ + CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; + + +typedef struct CK_SSL3_KEY_MAT_OUT { + CK_OBJECT_HANDLE hClientMacSecret; + CK_OBJECT_HANDLE hServerMacSecret; + CK_OBJECT_HANDLE hClientKey; + CK_OBJECT_HANDLE hServerKey; + CK_BYTE_PTR pIVClient; + CK_BYTE_PTR pIVServer; +} CK_SSL3_KEY_MAT_OUT; + +typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; + + +typedef struct CK_SSL3_KEY_MAT_PARAMS { + CK_ULONG ulMacSizeInBits; + CK_ULONG ulKeySizeInBits; + CK_ULONG ulIVSizeInBits; + CK_BBOOL bIsExport; + CK_SSL3_RANDOM_DATA RandomInfo; + CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; +} CK_SSL3_KEY_MAT_PARAMS; + +typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; + +/* CK_TLS_PRF_PARAMS is new for version 2.20 */ +typedef struct CK_TLS_PRF_PARAMS { + CK_BYTE_PTR pSeed; + CK_ULONG ulSeedLen; + CK_BYTE_PTR pLabel; + CK_ULONG ulLabelLen; + CK_BYTE_PTR pOutput; + CK_ULONG_PTR pulOutputLen; +} CK_TLS_PRF_PARAMS; + +typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR; + +/* WTLS is new for version 2.20 */ +typedef struct CK_WTLS_RANDOM_DATA { + CK_BYTE_PTR pClientRandom; + CK_ULONG ulClientRandomLen; + CK_BYTE_PTR pServerRandom; + CK_ULONG ulServerRandomLen; +} CK_WTLS_RANDOM_DATA; + +typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR; + +typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS { + CK_MECHANISM_TYPE DigestMechanism; + CK_WTLS_RANDOM_DATA RandomInfo; + CK_BYTE_PTR pVersion; +} CK_WTLS_MASTER_KEY_DERIVE_PARAMS; + +typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR \ + CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR; + +typedef struct CK_WTLS_PRF_PARAMS { + CK_MECHANISM_TYPE DigestMechanism; + CK_BYTE_PTR pSeed; + CK_ULONG ulSeedLen; + CK_BYTE_PTR pLabel; + CK_ULONG ulLabelLen; + CK_BYTE_PTR pOutput; + CK_ULONG_PTR pulOutputLen; +} CK_WTLS_PRF_PARAMS; + +typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR; + +typedef struct CK_WTLS_KEY_MAT_OUT { + CK_OBJECT_HANDLE hMacSecret; + CK_OBJECT_HANDLE hKey; + CK_BYTE_PTR pIV; +} CK_WTLS_KEY_MAT_OUT; + +typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR; + +typedef struct CK_WTLS_KEY_MAT_PARAMS { + CK_MECHANISM_TYPE DigestMechanism; + CK_ULONG ulMacSizeInBits; + CK_ULONG ulKeySizeInBits; + CK_ULONG ulIVSizeInBits; + CK_ULONG ulSequenceNumber; + CK_BBOOL bIsExport; + CK_WTLS_RANDOM_DATA RandomInfo; + CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial; +} CK_WTLS_KEY_MAT_PARAMS; + +typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR; + +/* CMS is new for version 2.20 */ +typedef struct CK_CMS_SIG_PARAMS { + CK_OBJECT_HANDLE certificateHandle; + CK_MECHANISM_PTR pSigningMechanism; + CK_MECHANISM_PTR pDigestMechanism; + CK_UTF8CHAR_PTR pContentType; + CK_BYTE_PTR pRequestedAttributes; + CK_ULONG ulRequestedAttributesLen; + CK_BYTE_PTR pRequiredAttributes; + CK_ULONG ulRequiredAttributesLen; +} CK_CMS_SIG_PARAMS; + +typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR; + +typedef struct CK_KEY_DERIVATION_STRING_DATA { + CK_BYTE_PTR pData; + CK_ULONG ulLen; +} CK_KEY_DERIVATION_STRING_DATA; + +typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \ + CK_KEY_DERIVATION_STRING_DATA_PTR; + + +/* The CK_EXTRACT_PARAMS is used for the + * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit + * of the base key should be used as the first bit of the + * derived key */ +/* CK_EXTRACT_PARAMS is new for v2.0 */ +typedef CK_ULONG CK_EXTRACT_PARAMS; + +typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; + +/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10. + * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to + * indicate the Pseudo-Random Function (PRF) used to generate + * key bits using PKCS #5 PBKDF2. */ +typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE; + +typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; + +/* The following PRFs are defined in PKCS #5 v2.0. */ +#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001 + + +/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10. + * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the + * source of the salt value when deriving a key using PKCS #5 + * PBKDF2. */ +typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE; + +typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR; + +/* The following salt value sources are defined in PKCS #5 v2.0. */ +#define CKZ_SALT_SPECIFIED 0x00000001 + +/* CK_PKCS5_PBKD2_PARAMS is new for v2.10. + * CK_PKCS5_PBKD2_PARAMS is a structure that provides the + * parameters to the CKM_PKCS5_PBKD2 mechanism. */ +typedef struct CK_PKCS5_PBKD2_PARAMS { + CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; + CK_VOID_PTR pSaltSourceData; + CK_ULONG ulSaltSourceDataLen; + CK_ULONG iterations; + CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; + CK_VOID_PTR pPrfData; + CK_ULONG ulPrfDataLen; + CK_UTF8CHAR_PTR pPassword; + CK_ULONG_PTR ulPasswordLen; +} CK_PKCS5_PBKD2_PARAMS; + +typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR; + +/* All CK_OTP structs are new for PKCS #11 v2.20 amendment 3 */ + +typedef CK_ULONG CK_OTP_PARAM_TYPE; +typedef CK_OTP_PARAM_TYPE CK_PARAM_TYPE; /* B/w compatibility */ + +typedef struct CK_OTP_PARAM { + CK_OTP_PARAM_TYPE type; + CK_VOID_PTR pValue; + CK_ULONG ulValueLen; +} CK_OTP_PARAM; + +typedef CK_OTP_PARAM CK_PTR CK_OTP_PARAM_PTR; + +typedef struct CK_OTP_PARAMS { + CK_OTP_PARAM_PTR pParams; + CK_ULONG ulCount; +} CK_OTP_PARAMS; + +typedef CK_OTP_PARAMS CK_PTR CK_OTP_PARAMS_PTR; + +typedef struct CK_OTP_SIGNATURE_INFO { + CK_OTP_PARAM_PTR pParams; + CK_ULONG ulCount; +} CK_OTP_SIGNATURE_INFO; + +typedef CK_OTP_SIGNATURE_INFO CK_PTR CK_OTP_SIGNATURE_INFO_PTR; + +/* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 */ +#define CK_OTP_VALUE 0 +#define CK_OTP_PIN 1 +#define CK_OTP_CHALLENGE 2 +#define CK_OTP_TIME 3 +#define CK_OTP_COUNTER 4 +#define CK_OTP_FLAGS 5 +#define CK_OTP_OUTPUT_LENGTH 6 +#define CK_OTP_OUTPUT_FORMAT 7 + +/* The following OTP-related defines are new for PKCS #11 v2.20 amendment 1 */ +#define CKF_NEXT_OTP 0x00000001 +#define CKF_EXCLUDE_TIME 0x00000002 +#define CKF_EXCLUDE_COUNTER 0x00000004 +#define CKF_EXCLUDE_CHALLENGE 0x00000008 +#define CKF_EXCLUDE_PIN 0x00000010 +#define CKF_USER_FRIENDLY_OTP 0x00000020 + +/* CK_KIP_PARAMS is new for PKCS #11 v2.20 amendment 2 */ +typedef struct CK_KIP_PARAMS { + CK_MECHANISM_PTR pMechanism; + CK_OBJECT_HANDLE hKey; + CK_BYTE_PTR pSeed; + CK_ULONG ulSeedLen; +} CK_KIP_PARAMS; + +typedef CK_KIP_PARAMS CK_PTR CK_KIP_PARAMS_PTR; + +/* CK_AES_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */ +typedef struct CK_AES_CTR_PARAMS { + CK_ULONG ulCounterBits; + CK_BYTE cb[16]; +} CK_AES_CTR_PARAMS; + +typedef CK_AES_CTR_PARAMS CK_PTR CK_AES_CTR_PARAMS_PTR; + +/* CK_CAMELLIA_CTR_PARAMS is new for PKCS #11 v2.20 amendment 3 */ +typedef struct CK_CAMELLIA_CTR_PARAMS { + CK_ULONG ulCounterBits; + CK_BYTE cb[16]; +} CK_CAMELLIA_CTR_PARAMS; + +typedef CK_CAMELLIA_CTR_PARAMS CK_PTR CK_CAMELLIA_CTR_PARAMS_PTR; + +/* CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */ +typedef struct CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS { + CK_BYTE iv[16]; + CK_BYTE_PTR pData; + CK_ULONG length; +} CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS; + +typedef CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_CAMELLIA_CBC_ENCRYPT_DATA_PARAMS_PTR; + +/* CK_ARIA_CBC_ENCRYPT_DATA_PARAMS is new for PKCS #11 v2.20 amendment 3 */ +typedef struct CK_ARIA_CBC_ENCRYPT_DATA_PARAMS { + CK_BYTE iv[16]; + CK_BYTE_PTR pData; + CK_ULONG length; +} CK_ARIA_CBC_ENCRYPT_DATA_PARAMS; + +typedef CK_ARIA_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_ARIA_CBC_ENCRYPT_DATA_PARAMS_PTR; + +#endif diff --git a/src/Platform/Buffer.cpp b/src/Platform/Buffer.cpp index 4b2ac528..2d2a9217 100644 --- a/src/Platform/Buffer.cpp +++ b/src/Platform/Buffer.cpp @@ -8,143 +8,143 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#include "Buffer.h" -#include "Exception.h" - -namespace VeraCrypt -{ - Buffer::Buffer () : DataPtr (nullptr), DataSize (0) - { - } - - Buffer::Buffer (size_t size) : DataPtr (nullptr), DataSize (0) - { - Allocate (size); - } - - Buffer::~Buffer () - { - if (DataPtr != nullptr) - Free (); - } - - void Buffer::Allocate (size_t size) - { - if (size < 1) - throw ParameterIncorrect (SRC_POS); - - if (DataPtr != nullptr) - { - if (DataSize == size) - return; - Free(); - } - - try - { - DataPtr = static_cast (Memory::Allocate (size)); - DataSize = size; - } - catch (...) - { - DataPtr = nullptr; - DataSize = 0; - throw; - } - } - - void Buffer::CopyFrom (const ConstBufferPtr &bufferPtr) - { - if (!IsAllocated ()) - { - if (bufferPtr.Size()) - Allocate (bufferPtr.Size()); - } - else if (bufferPtr.Size() > DataSize) - throw ParameterTooLarge (SRC_POS); - - if (bufferPtr.Size()) - Memory::Copy (DataPtr, bufferPtr.Get(), bufferPtr.Size()); - } - - void Buffer::Erase () - { - if (DataSize > 0) - Memory::Erase (DataPtr, DataSize); - } - - void Buffer::Free () - { - if (DataPtr == nullptr) - throw NotInitialized (SRC_POS); - - Memory::Free (DataPtr); - DataPtr = nullptr; - DataSize = 0; - } - - BufferPtr Buffer::GetRange (size_t offset, size_t size) const - { - if (offset + size > DataSize) - throw ParameterIncorrect (SRC_POS); - - return BufferPtr (DataPtr + offset, size); - } - - void Buffer::Zero () - { - if (DataSize > 0) - Memory::Zero (DataPtr, DataSize); - } - - SecureBuffer::SecureBuffer (size_t size) - { - Allocate (size); - } - - SecureBuffer::~SecureBuffer () - { - if (DataPtr != nullptr && DataSize != 0) - Free (); - } - - void SecureBuffer::Allocate (size_t size) - { - Buffer::Allocate (size); - } - - void SecureBuffer::Free () - { - if (DataPtr == nullptr) - throw NotInitialized (SRC_POS); - - Erase (); - Buffer::Free (); - } - - void BufferPtr::CopyFrom (const ConstBufferPtr &bufferPtr) const - { - if (bufferPtr.Size() > DataSize) - throw ParameterTooLarge (SRC_POS); - - Memory::Copy (DataPtr, bufferPtr.Get(), bufferPtr.Size()); - } - - BufferPtr BufferPtr::GetRange (size_t offset, size_t size) const - { - if (offset + size > DataSize) - throw ParameterIncorrect (SRC_POS); - - return BufferPtr (DataPtr + offset, size); - } - - ConstBufferPtr ConstBufferPtr::GetRange (size_t offset, size_t size) const - { - if (offset + size > DataSize) - throw ParameterIncorrect (SRC_POS); - - return ConstBufferPtr (DataPtr + offset, size); - } -} +*/ + +#include "Buffer.h" +#include "Exception.h" + +namespace VeraCrypt +{ + Buffer::Buffer () : DataPtr (nullptr), DataSize (0) + { + } + + Buffer::Buffer (size_t size) : DataPtr (nullptr), DataSize (0) + { + Allocate (size); + } + + Buffer::~Buffer () + { + if (DataPtr != nullptr) + Free (); + } + + void Buffer::Allocate (size_t size) + { + if (size < 1) + throw ParameterIncorrect (SRC_POS); + + if (DataPtr != nullptr) + { + if (DataSize == size) + return; + Free(); + } + + try + { + DataPtr = static_cast (Memory::Allocate (size)); + DataSize = size; + } + catch (...) + { + DataPtr = nullptr; + DataSize = 0; + throw; + } + } + + void Buffer::CopyFrom (const ConstBufferPtr &bufferPtr) + { + if (!IsAllocated ()) + { + if (bufferPtr.Size()) + Allocate (bufferPtr.Size()); + } + else if (bufferPtr.Size() > DataSize) + throw ParameterTooLarge (SRC_POS); + + if (bufferPtr.Size()) + Memory::Copy (DataPtr, bufferPtr.Get(), bufferPtr.Size()); + } + + void Buffer::Erase () + { + if (DataSize > 0) + Memory::Erase (DataPtr, DataSize); + } + + void Buffer::Free () + { + if (DataPtr == nullptr) + throw NotInitialized (SRC_POS); + + Memory::Free (DataPtr); + DataPtr = nullptr; + DataSize = 0; + } + + BufferPtr Buffer::GetRange (size_t offset, size_t size) const + { + if (offset + size > DataSize) + throw ParameterIncorrect (SRC_POS); + + return BufferPtr (DataPtr + offset, size); + } + + void Buffer::Zero () + { + if (DataSize > 0) + Memory::Zero (DataPtr, DataSize); + } + + SecureBuffer::SecureBuffer (size_t size) + { + Allocate (size); + } + + SecureBuffer::~SecureBuffer () + { + if (DataPtr != nullptr && DataSize != 0) + Free (); + } + + void SecureBuffer::Allocate (size_t size) + { + Buffer::Allocate (size); + } + + void SecureBuffer::Free () + { + if (DataPtr == nullptr) + throw NotInitialized (SRC_POS); + + Erase (); + Buffer::Free (); + } + + void BufferPtr::CopyFrom (const ConstBufferPtr &bufferPtr) const + { + if (bufferPtr.Size() > DataSize) + throw ParameterTooLarge (SRC_POS); + + Memory::Copy (DataPtr, bufferPtr.Get(), bufferPtr.Size()); + } + + BufferPtr BufferPtr::GetRange (size_t offset, size_t size) const + { + if (offset + size > DataSize) + throw ParameterIncorrect (SRC_POS); + + return BufferPtr (DataPtr + offset, size); + } + + ConstBufferPtr ConstBufferPtr::GetRange (size_t offset, size_t size) const + { + if (offset + size > DataSize) + throw ParameterIncorrect (SRC_POS); + + return ConstBufferPtr (DataPtr + offset, size); + } +} diff --git a/src/Platform/Buffer.h b/src/Platform/Buffer.h index 532ad212..3d2d5f53 100644 --- a/src/Platform/Buffer.h +++ b/src/Platform/Buffer.h @@ -8,112 +8,112 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_Buffer -#define TC_HEADER_Platform_Buffer - -#include "PlatformBase.h" -#include "Memory.h" - -namespace VeraCrypt -{ - - class ConstBufferPtr - { - public: - ConstBufferPtr () - : DataPtr (nullptr), DataSize (0) { } - ConstBufferPtr (const byte *data, size_t size) - : DataPtr (data), DataSize (size) { } - virtual ~ConstBufferPtr () { } - - operator const byte * () const { return DataPtr; } - - bool IsDataEqual (const ConstBufferPtr &other) const { return Memory::Compare (DataPtr, DataSize, other.DataPtr, other.DataSize) == 0; } - const byte *Get () const { return DataPtr; } - ConstBufferPtr GetRange (size_t offset, size_t size) const; - void Set (const byte *data, size_t size) { DataPtr = data; DataSize = size; } - size_t Size () const { return DataSize; } - - protected: - const byte *DataPtr; - size_t DataSize; - }; - - - class BufferPtr - { - public: - BufferPtr () - : DataPtr (nullptr), DataSize (0) { } - BufferPtr (byte *data, size_t size) - : DataPtr (data), DataSize (size) { } - virtual ~BufferPtr () { } - - operator byte * () const { return DataPtr; } - void CopyFrom (const ConstBufferPtr &bufferPtr) const; - void Erase () const { Zero(); } - byte *Get () const { return DataPtr; } - BufferPtr GetRange (size_t offset, size_t size) const; - void Set (byte *data, size_t size) { DataPtr = data; DataSize = size; } - size_t Size () const { return DataSize; } - void Zero () const { Memory::Zero (DataPtr, DataSize); } - - operator ConstBufferPtr () const { return ConstBufferPtr (DataPtr, DataSize); } - - protected: - byte *DataPtr; - size_t DataSize; - }; - - class Buffer - { - public: - Buffer (); - Buffer (size_t size); - Buffer (const ConstBufferPtr &bufferPtr) { CopyFrom (bufferPtr); } - virtual ~Buffer (); - - virtual void Allocate (size_t size); - virtual void CopyFrom (const ConstBufferPtr &bufferPtr); - virtual byte *Ptr () const { return DataPtr; } - virtual void Erase (); - virtual void Free (); - virtual BufferPtr GetRange (size_t offset, size_t size) const; - virtual size_t Size () const { return DataSize; } - virtual bool IsAllocated () const { return DataSize != 0; } - virtual void Zero (); - - virtual operator byte * () const { return DataPtr; } - virtual operator BufferPtr () const { return BufferPtr (DataPtr, DataSize); } - virtual operator ConstBufferPtr () const { return ConstBufferPtr (DataPtr, DataSize); } - - protected: - byte *DataPtr; - size_t DataSize; - - private: - Buffer (const Buffer &); - Buffer &operator= (const Buffer &); - }; - - class SecureBuffer : public Buffer - { - public: - SecureBuffer () { } - SecureBuffer (size_t size); - SecureBuffer (const ConstBufferPtr &bufferPtr) { CopyFrom (bufferPtr); } - virtual ~SecureBuffer (); - - virtual void Allocate (size_t size); - virtual void Free (); - - private: - SecureBuffer (const SecureBuffer &); - SecureBuffer &operator= (const SecureBuffer &); - }; - -} - -#endif // TC_HEADER_Platform_Buffer +*/ + +#ifndef TC_HEADER_Platform_Buffer +#define TC_HEADER_Platform_Buffer + +#include "PlatformBase.h" +#include "Memory.h" + +namespace VeraCrypt +{ + + class ConstBufferPtr + { + public: + ConstBufferPtr () + : DataPtr (nullptr), DataSize (0) { } + ConstBufferPtr (const byte *data, size_t size) + : DataPtr (data), DataSize (size) { } + virtual ~ConstBufferPtr () { } + + operator const byte * () const { return DataPtr; } + + bool IsDataEqual (const ConstBufferPtr &other) const { return Memory::Compare (DataPtr, DataSize, other.DataPtr, other.DataSize) == 0; } + const byte *Get () const { return DataPtr; } + ConstBufferPtr GetRange (size_t offset, size_t size) const; + void Set (const byte *data, size_t size) { DataPtr = data; DataSize = size; } + size_t Size () const { return DataSize; } + + protected: + const byte *DataPtr; + size_t DataSize; + }; + + + class BufferPtr + { + public: + BufferPtr () + : DataPtr (nullptr), DataSize (0) { } + BufferPtr (byte *data, size_t size) + : DataPtr (data), DataSize (size) { } + virtual ~BufferPtr () { } + + operator byte * () const { return DataPtr; } + void CopyFrom (const ConstBufferPtr &bufferPtr) const; + void Erase () const { Zero(); } + byte *Get () const { return DataPtr; } + BufferPtr GetRange (size_t offset, size_t size) const; + void Set (byte *data, size_t size) { DataPtr = data; DataSize = size; } + size_t Size () const { return DataSize; } + void Zero () const { Memory::Zero (DataPtr, DataSize); } + + operator ConstBufferPtr () const { return ConstBufferPtr (DataPtr, DataSize); } + + protected: + byte *DataPtr; + size_t DataSize; + }; + + class Buffer + { + public: + Buffer (); + Buffer (size_t size); + Buffer (const ConstBufferPtr &bufferPtr) { CopyFrom (bufferPtr); } + virtual ~Buffer (); + + virtual void Allocate (size_t size); + virtual void CopyFrom (const ConstBufferPtr &bufferPtr); + virtual byte *Ptr () const { return DataPtr; } + virtual void Erase (); + virtual void Free (); + virtual BufferPtr GetRange (size_t offset, size_t size) const; + virtual size_t Size () const { return DataSize; } + virtual bool IsAllocated () const { return DataSize != 0; } + virtual void Zero (); + + virtual operator byte * () const { return DataPtr; } + virtual operator BufferPtr () const { return BufferPtr (DataPtr, DataSize); } + virtual operator ConstBufferPtr () const { return ConstBufferPtr (DataPtr, DataSize); } + + protected: + byte *DataPtr; + size_t DataSize; + + private: + Buffer (const Buffer &); + Buffer &operator= (const Buffer &); + }; + + class SecureBuffer : public Buffer + { + public: + SecureBuffer () { } + SecureBuffer (size_t size); + SecureBuffer (const ConstBufferPtr &bufferPtr) { CopyFrom (bufferPtr); } + virtual ~SecureBuffer (); + + virtual void Allocate (size_t size); + virtual void Free (); + + private: + SecureBuffer (const SecureBuffer &); + SecureBuffer &operator= (const SecureBuffer &); + }; + +} + +#endif // TC_HEADER_Platform_Buffer diff --git a/src/Platform/Directory.h b/src/Platform/Directory.h index 923c2248..574be3b2 100644 --- a/src/Platform/Directory.h +++ b/src/Platform/Directory.h @@ -8,26 +8,26 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_Directory -#define TC_HEADER_Platform_Directory - -#include "PlatformBase.h" -#include "FilesystemPath.h" - -namespace VeraCrypt -{ - class Directory - { - public: - static void Create (const DirectoryPath &path); - static DirectoryPath AppendSeparator (const DirectoryPath &path); - static FilePathList GetFilePaths (const DirectoryPath &path = L".", bool regularFilesOnly = true); - - private: - Directory (); - }; -} - -#endif // TC_HEADER_Platform_Directory +*/ + +#ifndef TC_HEADER_Platform_Directory +#define TC_HEADER_Platform_Directory + +#include "PlatformBase.h" +#include "FilesystemPath.h" + +namespace VeraCrypt +{ + class Directory + { + public: + static void Create (const DirectoryPath &path); + static DirectoryPath AppendSeparator (const DirectoryPath &path); + static FilePathList GetFilePaths (const DirectoryPath &path = L".", bool regularFilesOnly = true); + + private: + Directory (); + }; +} + +#endif // TC_HEADER_Platform_Directory diff --git a/src/Platform/Event.cpp b/src/Platform/Event.cpp index e3a7362c..d6e51182 100644 --- a/src/Platform/Event.cpp +++ b/src/Platform/Event.cpp @@ -8,44 +8,44 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#include "Event.h" - -namespace VeraCrypt -{ - void Event::Connect (const EventConnectorBase &connector) - { - ScopeLock lock (HandlersMutex); - ConnectedHandlers.push_back (shared_ptr (connector.CloneNew())); - } - - void Event::Disconnect (void *handler) - { - ScopeLock lock (HandlersMutex); - - EventHandlerList newConnectedHandlers; - foreach (shared_ptr h, ConnectedHandlers) - { - if (h->GetHandler() != handler) - newConnectedHandlers.push_back (h); - } - - ConnectedHandlers = newConnectedHandlers; - } - - void Event::Raise () - { - EventArgs args; - Raise (args); - } - - void Event::Raise (EventArgs &args) - { - ScopeLock lock (HandlersMutex); - foreach_ref (EventConnectorBase &handler, ConnectedHandlers) - { - handler (args); - } - } -} +*/ + +#include "Event.h" + +namespace VeraCrypt +{ + void Event::Connect (const EventConnectorBase &connector) + { + ScopeLock lock (HandlersMutex); + ConnectedHandlers.push_back (shared_ptr (connector.CloneNew())); + } + + void Event::Disconnect (void *handler) + { + ScopeLock lock (HandlersMutex); + + EventHandlerList newConnectedHandlers; + foreach (shared_ptr h, ConnectedHandlers) + { + if (h->GetHandler() != handler) + newConnectedHandlers.push_back (h); + } + + ConnectedHandlers = newConnectedHandlers; + } + + void Event::Raise () + { + EventArgs args; + Raise (args); + } + + void Event::Raise (EventArgs &args) + { + ScopeLock lock (HandlersMutex); + foreach_ref (EventConnectorBase &handler, ConnectedHandlers) + { + handler (args); + } + } +} diff --git a/src/Platform/Event.h b/src/Platform/Event.h index bdfc67da..b28bc90d 100644 --- a/src/Platform/Event.h +++ b/src/Platform/Event.h @@ -8,83 +8,83 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_Event -#define TC_HEADER_Platform_Event - -#include "PlatformBase.h" -#include "ForEach.h" -#include "Mutex.h" -#include "SharedPtr.h" - -namespace VeraCrypt -{ - struct EventArgs - { - virtual ~EventArgs () { } - }; - - class EventConnectorBase - { - public: - virtual ~EventConnectorBase () { } - virtual void operator() (EventArgs &args) = 0; - - virtual EventConnectorBase *CloneNew () const = 0; - virtual void *GetHandler () const = 0; - }; - - typedef list < shared_ptr > EventHandlerList; - - template - class EventConnector : public EventConnectorBase - { - public: - typedef void (T::*EventHandlerFunction) (EventArgs &); - - EventConnector (T *handler, EventHandlerFunction function) - : Handler (handler), Function (function) { } - - virtual void operator() (EventArgs &args) { (Handler->*Function) (args); } - - virtual EventConnectorBase *CloneNew () const { return new EventConnector (*this); } - virtual void *GetHandler () const { return Handler; } - - protected: - T *Handler; - EventHandlerFunction Function; - }; - - class Event - { - public: - Event () { } - virtual ~Event () { } - - void Connect (const EventConnectorBase &connector); - void Disconnect (void *handler); - void Raise (); - void Raise (EventArgs &args); - - protected: - EventHandlerList ConnectedHandlers; - Mutex HandlersMutex; - - private: - Event (const Event &); - Event &operator= (const Event &); - }; - - struct ExceptionEventArgs : public EventArgs - { - ExceptionEventArgs (exception &ex) : mException (ex) { } - exception &mException; - - private: - ExceptionEventArgs (const ExceptionEventArgs &); - ExceptionEventArgs &operator= (const ExceptionEventArgs &); - }; -} - -#endif // TC_HEADER_Platform_Event +*/ + +#ifndef TC_HEADER_Platform_Event +#define TC_HEADER_Platform_Event + +#include "PlatformBase.h" +#include "ForEach.h" +#include "Mutex.h" +#include "SharedPtr.h" + +namespace VeraCrypt +{ + struct EventArgs + { + virtual ~EventArgs () { } + }; + + class EventConnectorBase + { + public: + virtual ~EventConnectorBase () { } + virtual void operator() (EventArgs &args) = 0; + + virtual EventConnectorBase *CloneNew () const = 0; + virtual void *GetHandler () const = 0; + }; + + typedef list < shared_ptr > EventHandlerList; + + template + class EventConnector : public EventConnectorBase + { + public: + typedef void (T::*EventHandlerFunction) (EventArgs &); + + EventConnector (T *handler, EventHandlerFunction function) + : Handler (handler), Function (function) { } + + virtual void operator() (EventArgs &args) { (Handler->*Function) (args); } + + virtual EventConnectorBase *CloneNew () const { return new EventConnector (*this); } + virtual void *GetHandler () const { return Handler; } + + protected: + T *Handler; + EventHandlerFunction Function; + }; + + class Event + { + public: + Event () { } + virtual ~Event () { } + + void Connect (const EventConnectorBase &connector); + void Disconnect (void *handler); + void Raise (); + void Raise (EventArgs &args); + + protected: + EventHandlerList ConnectedHandlers; + Mutex HandlersMutex; + + private: + Event (const Event &); + Event &operator= (const Event &); + }; + + struct ExceptionEventArgs : public EventArgs + { + ExceptionEventArgs (exception &ex) : mException (ex) { } + exception &mException; + + private: + ExceptionEventArgs (const ExceptionEventArgs &); + ExceptionEventArgs &operator= (const ExceptionEventArgs &); + }; +} + +#endif // TC_HEADER_Platform_Event diff --git a/src/Platform/Exception.cpp b/src/Platform/Exception.cpp index c2fcd586..31d25b88 100644 --- a/src/Platform/Exception.cpp +++ b/src/Platform/Exception.cpp @@ -8,49 +8,49 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#include "Exception.h" -#include "SerializerFactory.h" - -namespace VeraCrypt -{ - void Exception::Deserialize (shared_ptr stream) - { - Serializer sr (stream); - sr.Deserialize ("Message", Message); - sr.Deserialize ("Subject", Subject); - } - - void Exception::Serialize (shared_ptr stream) const - { - Serializable::Serialize (stream); - Serializer sr (stream); - sr.Serialize ("Message", Message); - sr.Serialize ("Subject", Subject); - } - - void ExecutedProcessFailed::Deserialize (shared_ptr stream) - { - Exception::Deserialize (stream); - Serializer sr (stream); - sr.Deserialize ("Command", Command); - sr.Deserialize ("ExitCode", ExitCode); - sr.Deserialize ("ErrorOutput", ErrorOutput); - } - - void ExecutedProcessFailed::Serialize (shared_ptr stream) const - { - Exception::Serialize (stream); - Serializer sr (stream); - sr.Serialize ("Command", Command); - sr.Serialize ("ExitCode", ExitCode); - sr.Serialize ("ErrorOutput", ErrorOutput); - } - -#define TC_EXCEPTION(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE) -#undef TC_EXCEPTION_NODECL -#define TC_EXCEPTION_NODECL(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE) - - TC_SERIALIZER_FACTORY_ADD_EXCEPTION_SET (Exception); -} +*/ + +#include "Exception.h" +#include "SerializerFactory.h" + +namespace VeraCrypt +{ + void Exception::Deserialize (shared_ptr stream) + { + Serializer sr (stream); + sr.Deserialize ("Message", Message); + sr.Deserialize ("Subject", Subject); + } + + void Exception::Serialize (shared_ptr stream) const + { + Serializable::Serialize (stream); + Serializer sr (stream); + sr.Serialize ("Message", Message); + sr.Serialize ("Subject", Subject); + } + + void ExecutedProcessFailed::Deserialize (shared_ptr stream) + { + Exception::Deserialize (stream); + Serializer sr (stream); + sr.Deserialize ("Command", Command); + sr.Deserialize ("ExitCode", ExitCode); + sr.Deserialize ("ErrorOutput", ErrorOutput); + } + + void ExecutedProcessFailed::Serialize (shared_ptr stream) const + { + Exception::Serialize (stream); + Serializer sr (stream); + sr.Serialize ("Command", Command); + sr.Serialize ("ExitCode", ExitCode); + sr.Serialize ("ErrorOutput", ErrorOutput); + } + +#define TC_EXCEPTION(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE) +#undef TC_EXCEPTION_NODECL +#define TC_EXCEPTION_NODECL(TYPE) TC_SERIALIZER_FACTORY_ADD(TYPE) + + TC_SERIALIZER_FACTORY_ADD_EXCEPTION_SET (Exception); +} diff --git a/src/Platform/Exception.h b/src/Platform/Exception.h index f2ba64bc..1a5769ef 100644 --- a/src/Platform/Exception.h +++ b/src/Platform/Exception.h @@ -8,109 +8,109 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_Exception -#define TC_HEADER_Platform_Exception - -#include -#include "PlatformBase.h" -#include "Serializable.h" - -namespace VeraCrypt -{ -#define TC_SERIALIZABLE_EXCEPTION(TYPE) TC_SERIALIZABLE (TYPE); \ - virtual Exception *CloneNew () { return new TYPE (*this); } \ - virtual void Throw () const { throw *this; } - - struct Exception : public exception, public Serializable - { - public: - Exception () { } - Exception (const string &message) : Message (message) { } - Exception (const string &message, const wstring &subject) : Message (message), Subject (subject) { } - virtual ~Exception () throw () { } - - TC_SERIALIZABLE_EXCEPTION (Exception); - - virtual const char *what () const throw () { return Message.c_str(); } - virtual const wstring &GetSubject() const { return Subject; } - - protected: - string Message; - wstring Subject; - }; - - struct ExecutedProcessFailed : public Exception - { - ExecutedProcessFailed () { } - ExecutedProcessFailed (const string &message, const string &command, int exitCode, const string &errorOutput) - : Exception (message), Command (command), ExitCode (exitCode), ErrorOutput (errorOutput) { } - virtual ~ExecutedProcessFailed () throw () { } - - TC_SERIALIZABLE_EXCEPTION (ExecutedProcessFailed); - - string GetCommand () const { return Command; } - int64 GetExitCode () const { return ExitCode; } - string GetErrorOutput () const { return ErrorOutput; } - - protected: - string Command; - int64 ExitCode; - string ErrorOutput; - }; - -#define TC_EXCEPTION_DECL(NAME,BASE) \ - struct NAME : public BASE \ - { \ - NAME () { } \ - NAME (const string &message) : BASE (message) { } \ - NAME (const string &message, const wstring &subject) : BASE (message, subject) { } \ - virtual Exception *CloneNew () { return new NAME (*this); } \ - static Serializable *GetNewSerializable () { return new NAME (); } \ - virtual void Throw () const { throw *this; } \ - } - -#define TC_EXCEPTION_NODECL(dummy) // -#define TC_EXCEPTION(NAME) TC_EXCEPTION_DECL(NAME,Exception) - -#ifdef TC_EXCEPTION_SET -#undef TC_EXCEPTION_SET -#endif -#define TC_EXCEPTION_SET \ - TC_EXCEPTION_NODECL (Exception); \ - TC_EXCEPTION_NODECL (ExecutedProcessFailed); \ - TC_EXCEPTION (AlreadyInitialized); \ - TC_EXCEPTION (AssertionFailed); \ - TC_EXCEPTION (ExternalException); \ - TC_EXCEPTION (InsufficientData); \ - TC_EXCEPTION (NotApplicable); \ - TC_EXCEPTION (NotImplemented); \ - TC_EXCEPTION (NotInitialized); \ - TC_EXCEPTION (ParameterIncorrect); \ - TC_EXCEPTION (ParameterTooLarge); \ - TC_EXCEPTION (PartitionDeviceRequired); \ - TC_EXCEPTION (StringConversionFailed); \ - TC_EXCEPTION (TestFailed); \ - TC_EXCEPTION (TimeOut); \ +*/ + +#ifndef TC_HEADER_Platform_Exception +#define TC_HEADER_Platform_Exception + +#include +#include "PlatformBase.h" +#include "Serializable.h" + +namespace VeraCrypt +{ +#define TC_SERIALIZABLE_EXCEPTION(TYPE) TC_SERIALIZABLE (TYPE); \ + virtual Exception *CloneNew () { return new TYPE (*this); } \ + virtual void Throw () const { throw *this; } + + struct Exception : public exception, public Serializable + { + public: + Exception () { } + Exception (const string &message) : Message (message) { } + Exception (const string &message, const wstring &subject) : Message (message), Subject (subject) { } + virtual ~Exception () throw () { } + + TC_SERIALIZABLE_EXCEPTION (Exception); + + virtual const char *what () const throw () { return Message.c_str(); } + virtual const wstring &GetSubject() const { return Subject; } + + protected: + string Message; + wstring Subject; + }; + + struct ExecutedProcessFailed : public Exception + { + ExecutedProcessFailed () { } + ExecutedProcessFailed (const string &message, const string &command, int exitCode, const string &errorOutput) + : Exception (message), Command (command), ExitCode (exitCode), ErrorOutput (errorOutput) { } + virtual ~ExecutedProcessFailed () throw () { } + + TC_SERIALIZABLE_EXCEPTION (ExecutedProcessFailed); + + string GetCommand () const { return Command; } + int64 GetExitCode () const { return ExitCode; } + string GetErrorOutput () const { return ErrorOutput; } + + protected: + string Command; + int64 ExitCode; + string ErrorOutput; + }; + +#define TC_EXCEPTION_DECL(NAME,BASE) \ + struct NAME : public BASE \ + { \ + NAME () { } \ + NAME (const string &message) : BASE (message) { } \ + NAME (const string &message, const wstring &subject) : BASE (message, subject) { } \ + virtual Exception *CloneNew () { return new NAME (*this); } \ + static Serializable *GetNewSerializable () { return new NAME (); } \ + virtual void Throw () const { throw *this; } \ + } + +#define TC_EXCEPTION_NODECL(dummy) // +#define TC_EXCEPTION(NAME) TC_EXCEPTION_DECL(NAME,Exception) + +#ifdef TC_EXCEPTION_SET +#undef TC_EXCEPTION_SET +#endif +#define TC_EXCEPTION_SET \ + TC_EXCEPTION_NODECL (Exception); \ + TC_EXCEPTION_NODECL (ExecutedProcessFailed); \ + TC_EXCEPTION (AlreadyInitialized); \ + TC_EXCEPTION (AssertionFailed); \ + TC_EXCEPTION (ExternalException); \ + TC_EXCEPTION (InsufficientData); \ + TC_EXCEPTION (NotApplicable); \ + TC_EXCEPTION (NotImplemented); \ + TC_EXCEPTION (NotInitialized); \ + TC_EXCEPTION (ParameterIncorrect); \ + TC_EXCEPTION (ParameterTooLarge); \ + TC_EXCEPTION (PartitionDeviceRequired); \ + TC_EXCEPTION (StringConversionFailed); \ + TC_EXCEPTION (TestFailed); \ + TC_EXCEPTION (TimeOut); \ TC_EXCEPTION (UnknownException); \ TC_EXCEPTION (UnsupportedAlgoInTrueCryptMode); \ - TC_EXCEPTION (UnsupportedTrueCryptFormat); \ - TC_EXCEPTION (UserAbort) - - TC_EXCEPTION_SET; - -#undef TC_EXCEPTION -} - -#ifdef assert -# undef assert -#endif - -#ifdef DEBUG -# define assert(condition) do { if (!(condition)) throw AssertionFailed (SRC_POS); } while (false) -#else -# define assert(condition) ((void) 0) -#endif - -#endif // TC_HEADER_Platform_Exception + TC_EXCEPTION (UnsupportedTrueCryptFormat); \ + TC_EXCEPTION (UserAbort) + + TC_EXCEPTION_SET; + +#undef TC_EXCEPTION +} + +#ifdef assert +# undef assert +#endif + +#ifdef DEBUG +# define assert(condition) do { if (!(condition)) throw AssertionFailed (SRC_POS); } while (false) +#else +# define assert(condition) ((void) 0) +#endif + +#endif // TC_HEADER_Platform_Exception diff --git a/src/Platform/File.h b/src/Platform/File.h index ea4fef93..d23ac6b1 100644 --- a/src/Platform/File.h +++ b/src/Platform/File.h @@ -8,107 +8,107 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_File -#define TC_HEADER_Platform_File - -#include "PlatformBase.h" -#include "Buffer.h" -#include "FilesystemPath.h" -#include "SystemException.h" - -namespace VeraCrypt -{ - class File - { - public: - enum FileOpenMode - { - CreateReadWrite, - CreateWrite, - OpenRead, - OpenWrite, - OpenReadWrite - }; - - enum FileShareMode - { - ShareNone, - ShareRead, - ShareReadWrite, - ShareReadWriteIgnoreLock - }; - - enum FileOpenFlags - { - // Bitmap - FlagsNone = 0, - PreserveTimestamps = 1 << 0, - DisableWriteCaching = 1 << 1 - }; - -#ifdef TC_WINDOWS - typedef FILE* SystemFileHandleType; -#else - typedef int SystemFileHandleType; -#endif - - File () : FileIsOpen (false), SharedHandle (false) { } - virtual ~File (); - - void AssignSystemHandle (SystemFileHandleType openFileHandle, bool sharedHandle = true) - { - if (FileIsOpen) - Close(); - FileHandle = openFileHandle; - FileIsOpen = true; - SharedHandle = sharedHandle; - } - - void Close (); - static void Copy (const FilePath &sourcePath, const FilePath &destinationPath, bool preserveTimestamps = true); - void Delete (); - void Flush () const; - uint32 GetDeviceSectorSize () const; - static size_t GetOptimalReadSize () { return OptimalReadSize; } - static size_t GetOptimalWriteSize () { return OptimalWriteSize; } - uint64 GetPartitionDeviceStartOffset () const; - bool IsOpen () const { return FileIsOpen; } - FilePath GetPath () const; - uint64 Length () const; - void Open (const FilePath &path, FileOpenMode mode = OpenRead, FileShareMode shareMode = ShareReadWrite, FileOpenFlags flags = FlagsNone); - uint64 Read (const BufferPtr &buffer) const; - void ReadCompleteBuffer (const BufferPtr &buffer) const; - uint64 ReadAt (const BufferPtr &buffer, uint64 position) const; - void SeekAt (uint64 position) const; - void SeekEnd (int ofset) const; - void Write (const ConstBufferPtr &buffer) const; - void Write (const ConstBufferPtr &buffer, size_t length) const { Write (buffer.GetRange (0, length)); } - void WriteAt (const ConstBufferPtr &buffer, uint64 position) const; - - protected: - void ValidateState () const; - - static const size_t OptimalReadSize = 256 * 1024; - static const size_t OptimalWriteSize = 256 * 1024; - - bool FileIsOpen; - FileOpenFlags mFileOpenFlags; - bool SharedHandle; - FilePath Path; - SystemFileHandleType FileHandle; - -#ifdef TC_WINDOWS -#else - time_t AccTime; - time_t ModTime; -#endif - - private: - File (const File &); - File &operator= (const File &); - }; -} - -#endif // TC_HEADER_Platform_File +*/ + +#ifndef TC_HEADER_Platform_File +#define TC_HEADER_Platform_File + +#include "PlatformBase.h" +#include "Buffer.h" +#include "FilesystemPath.h" +#include "SystemException.h" + +namespace VeraCrypt +{ + class File + { + public: + enum FileOpenMode + { + CreateReadWrite, + CreateWrite, + OpenRead, + OpenWrite, + OpenReadWrite + }; + + enum FileShareMode + { + ShareNone, + ShareRead, + ShareReadWrite, + ShareReadWriteIgnoreLock + }; + + enum FileOpenFlags + { + // Bitmap + FlagsNone = 0, + PreserveTimestamps = 1 << 0, + DisableWriteCaching = 1 << 1 + }; + +#ifdef TC_WINDOWS + typedef FILE* SystemFileHandleType; +#else + typedef int SystemFileHandleType; +#endif + + File () : FileIsOpen (false), SharedHandle (false) { } + virtual ~File (); + + void AssignSystemHandle (SystemFileHandleType openFileHandle, bool sharedHandle = true) + { + if (FileIsOpen) + Close(); + FileHandle = openFileHandle; + FileIsOpen = true; + SharedHandle = sharedHandle; + } + + void Close (); + static void Copy (const FilePath &sourcePath, const FilePath &destinationPath, bool preserveTimestamps = true); + void Delete (); + void Flush () const; + uint32 GetDeviceSectorSize () const; + static size_t GetOptimalReadSize () { return OptimalReadSize; } + static size_t GetOptimalWriteSize () { return OptimalWriteSize; } + uint64 GetPartitionDeviceStartOffset () const; + bool IsOpen () const { return FileIsOpen; } + FilePath GetPath () const; + uint64 Length () const; + void Open (const FilePath &path, FileOpenMode mode = OpenRead, FileShareMode shareMode = ShareReadWrite, FileOpenFlags flags = FlagsNone); + uint64 Read (const BufferPtr &buffer) const; + void ReadCompleteBuffer (const BufferPtr &buffer) const; + uint64 ReadAt (const BufferPtr &buffer, uint64 position) const; + void SeekAt (uint64 position) const; + void SeekEnd (int ofset) const; + void Write (const ConstBufferPtr &buffer) const; + void Write (const ConstBufferPtr &buffer, size_t length) const { Write (buffer.GetRange (0, length)); } + void WriteAt (const ConstBufferPtr &buffer, uint64 position) const; + + protected: + void ValidateState () const; + + static const size_t OptimalReadSize = 256 * 1024; + static const size_t OptimalWriteSize = 256 * 1024; + + bool FileIsOpen; + FileOpenFlags mFileOpenFlags; + bool SharedHandle; + FilePath Path; + SystemFileHandleType FileHandle; + +#ifdef TC_WINDOWS +#else + time_t AccTime; + time_t ModTime; +#endif + + private: + File (const File &); + File &operator= (const File &); + }; +} + +#endif // TC_HEADER_Platform_File diff --git a/src/Platform/FileCommon.cpp b/src/Platform/FileCommon.cpp index e9b77540..934211bd 100644 --- a/src/Platform/FileCommon.cpp +++ b/src/Platform/FileCommon.cpp @@ -8,84 +8,84 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#include "File.h" -#ifdef TC_UNIX -#include -#include -#include -#include -#endif - -namespace VeraCrypt -{ - File::~File () - { - try - { - if (FileIsOpen) - Close(); - } - catch (...) { } - } - - void File::Copy (const FilePath &sourcePath, const FilePath &destinationPath, bool preserveTimestamps) - { - File source; - source.Open (sourcePath); - - File destination; - destination.Open (destinationPath, CreateWrite); - - SecureBuffer buffer (OptimalReadSize); - uint64 len; - - while ((len = source.Read (buffer)) > 0) - { - destination.Write (buffer, static_cast (len)); - } - - if (preserveTimestamps) - { - destination.Flush(); -#ifndef TC_WINDOWS - struct stat statData; - throw_sys_sub_if (stat (string (sourcePath).c_str(), &statData) == -1, wstring (sourcePath)); - - struct utimbuf u; - u.actime = statData.st_atime; - u.modtime = statData.st_mtime; - throw_sys_sub_if (utime (string (destinationPath).c_str(), &u) == -1, wstring (destinationPath)); -#endif - } - } - - FilePath File::GetPath () const - { - if_debug (ValidateState()); - return Path; - } - - void File::ReadCompleteBuffer (const BufferPtr &buffer) const - { - size_t dataLeft = buffer.Size(); - size_t offset = 0; - - while (dataLeft > 0) - { - size_t dataRead = static_cast (Read (buffer.GetRange (offset, dataLeft))); - if (dataRead == 0) - throw InsufficientData (SRC_POS); - - dataLeft -= dataRead; - offset += dataRead; - } - } - - void File::ValidateState () const - { - if (!FileIsOpen) - throw NotInitialized (SRC_POS); - } -} +*/ + +#include "File.h" +#ifdef TC_UNIX +#include +#include +#include +#include +#endif + +namespace VeraCrypt +{ + File::~File () + { + try + { + if (FileIsOpen) + Close(); + } + catch (...) { } + } + + void File::Copy (const FilePath &sourcePath, const FilePath &destinationPath, bool preserveTimestamps) + { + File source; + source.Open (sourcePath); + + File destination; + destination.Open (destinationPath, CreateWrite); + + SecureBuffer buffer (OptimalReadSize); + uint64 len; + + while ((len = source.Read (buffer)) > 0) + { + destination.Write (buffer, static_cast (len)); + } + + if (preserveTimestamps) + { + destination.Flush(); +#ifndef TC_WINDOWS + struct stat statData; + throw_sys_sub_if (stat (string (sourcePath).c_str(), &statData) == -1, wstring (sourcePath)); + + struct utimbuf u; + u.actime = statData.st_atime; + u.modtime = statData.st_mtime; + throw_sys_sub_if (utime (string (destinationPath).c_str(), &u) == -1, wstring (destinationPath)); +#endif + } + } + + FilePath File::GetPath () const + { + if_debug (ValidateState()); + return Path; + } + + void File::ReadCompleteBuffer (const BufferPtr &buffer) const + { + size_t dataLeft = buffer.Size(); + size_t offset = 0; + + while (dataLeft > 0) + { + size_t dataRead = static_cast (Read (buffer.GetRange (offset, dataLeft))); + if (dataRead == 0) + throw InsufficientData (SRC_POS); + + dataLeft -= dataRead; + offset += dataRead; + } + } + + void File::ValidateState () const + { + if (!FileIsOpen) + throw NotInitialized (SRC_POS); + } +} diff --git a/src/Platform/FileStream.h b/src/Platform/FileStream.h index 40b0c159..55c431ff 100644 --- a/src/Platform/FileStream.h +++ b/src/Platform/FileStream.h @@ -8,55 +8,55 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_FileStream -#define TC_HEADER_Platform_FileStream - -#include "PlatformBase.h" -#include "File.h" -#include "SharedPtr.h" -#include "Stream.h" - -namespace VeraCrypt -{ - class FileStream : public Stream - { - public: - FileStream (shared_ptr file) : DataFile (file) { } - FileStream (File::SystemFileHandleType openFileHandle) { DataFile.reset (new File ()); DataFile->AssignSystemHandle (openFileHandle); } - virtual ~FileStream () { } - - virtual uint64 Read (const BufferPtr &buffer) - { - return DataFile->Read (buffer); - } - - virtual void ReadCompleteBuffer (const BufferPtr &buffer) - { - DataFile->ReadCompleteBuffer (buffer); - } - - virtual string ReadToEnd () - { - string str; - vector buffer (4096); - uint64 len; - - while ((len = DataFile->Read (BufferPtr (reinterpret_cast (&buffer[0]), buffer.size()))) > 0) - str.insert (str.end(), buffer.begin(), buffer.begin() + static_cast (len)); - - return str; - } - - virtual void Write (const ConstBufferPtr &data) - { - DataFile->Write (data); - } - - protected: - shared_ptr DataFile; - }; -} - -#endif // TC_HEADER_Platform_FileStream +*/ + +#ifndef TC_HEADER_Platform_FileStream +#define TC_HEADER_Platform_FileStream + +#include "PlatformBase.h" +#include "File.h" +#include "SharedPtr.h" +#include "Stream.h" + +namespace VeraCrypt +{ + class FileStream : public Stream + { + public: + FileStream (shared_ptr file) : DataFile (file) { } + FileStream (File::SystemFileHandleType openFileHandle) { DataFile.reset (new File ()); DataFile->AssignSystemHandle (openFileHandle); } + virtual ~FileStream () { } + + virtual uint64 Read (const BufferPtr &buffer) + { + return DataFile->Read (buffer); + } + + virtual void ReadCompleteBuffer (const BufferPtr &buffer) + { + DataFile->ReadCompleteBuffer (buffer); + } + + virtual string ReadToEnd () + { + string str; + vector buffer (4096); + uint64 len; + + while ((len = DataFile->Read (BufferPtr (reinterpret_cast (&buffer[0]), buffer.size()))) > 0) + str.insert (str.end(), buffer.begin(), buffer.begin() + static_cast (len)); + + return str; + } + + virtual void Write (const ConstBufferPtr &data) + { + DataFile->Write (data); + } + + protected: + shared_ptr DataFile; + }; +} + +#endif // TC_HEADER_Platform_FileStream diff --git a/src/Platform/FilesystemPath.h b/src/Platform/FilesystemPath.h index d3b07189..83fcc5b3 100644 --- a/src/Platform/FilesystemPath.h +++ b/src/Platform/FilesystemPath.h @@ -8,70 +8,70 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_FilesystemPath -#define TC_HEADER_Platform_FilesystemPath - -#include "PlatformBase.h" -#include "Platform/User.h" -#include "SharedPtr.h" -#include "StringConverter.h" - -namespace VeraCrypt -{ - struct FilesystemPathType - { - enum Enum - { - Unknown, - File, - Directory, - SymbolickLink, - BlockDevice, - CharacterDevice - }; - }; - - class FilesystemPath - { - public: - FilesystemPath () { } - FilesystemPath (const char *path) : Path (StringConverter::ToWide (path)) { } - FilesystemPath (string path) : Path (StringConverter::ToWide (path)) { } - FilesystemPath (const wchar_t *path) : Path (path) { } - FilesystemPath (wstring path) : Path (path) { } - virtual ~FilesystemPath () { } - - bool operator== (const FilesystemPath &other) const { return Path == other.Path; } - bool operator!= (const FilesystemPath &other) const { return Path != other.Path; } - operator string () const { return StringConverter::ToSingle (Path); } - operator wstring () const { return Path; } - - void Delete () const; - UserId GetOwner () const; - FilesystemPathType::Enum GetType () const; - bool IsBlockDevice () const throw () { try { return GetType() == FilesystemPathType::BlockDevice; } catch (...) { return false; }; } - bool IsCharacterDevice () const throw () { try { return GetType() == FilesystemPathType::CharacterDevice; } catch (...) { return false; }; } - bool IsDevice () const throw () { return IsBlockDevice() || IsCharacterDevice(); } - bool IsDirectory () const throw () { try { return GetType() == FilesystemPathType::Directory; } catch (...) { return false; } } - bool IsEmpty () const throw () { try { return Path.empty(); } catch (...) { return false; } } - bool IsFile () const throw () { try { return GetType() == FilesystemPathType::File; } catch (...) { return false; } } - FilesystemPath ToBaseName () const; - FilesystemPath ToHostDriveOfPartition () const; - - static const int MaxSize = 260; - - protected: - wstring Path; - }; - - typedef FilesystemPath DevicePath; - typedef FilesystemPath DirectoryPath; - typedef FilesystemPath FilePath; - - typedef list < shared_ptr > DirectoryPathList; - typedef list < shared_ptr > FilePathList; -} - -#endif // TC_HEADER_Platform_FilesystemPath +*/ + +#ifndef TC_HEADER_Platform_FilesystemPath +#define TC_HEADER_Platform_FilesystemPath + +#include "PlatformBase.h" +#include "Platform/User.h" +#include "SharedPtr.h" +#include "StringConverter.h" + +namespace VeraCrypt +{ + struct FilesystemPathType + { + enum Enum + { + Unknown, + File, + Directory, + SymbolickLink, + BlockDevice, + CharacterDevice + }; + }; + + class FilesystemPath + { + public: + FilesystemPath () { } + FilesystemPath (const char *path) : Path (StringConverter::ToWide (path)) { } + FilesystemPath (string path) : Path (StringConverter::ToWide (path)) { } + FilesystemPath (const wchar_t *path) : Path (path) { } + FilesystemPath (wstring path) : Path (path) { } + virtual ~FilesystemPath () { } + + bool operator== (const FilesystemPath &other) const { return Path == other.Path; } + bool operator!= (const FilesystemPath &other) const { return Path != other.Path; } + operator string () const { return StringConverter::ToSingle (Path); } + operator wstring () const { return Path; } + + void Delete () const; + UserId GetOwner () const; + FilesystemPathType::Enum GetType () const; + bool IsBlockDevice () const throw () { try { return GetType() == FilesystemPathType::BlockDevice; } catch (...) { return false; }; } + bool IsCharacterDevice () const throw () { try { return GetType() == FilesystemPathType::CharacterDevice; } catch (...) { return false; }; } + bool IsDevice () const throw () { return IsBlockDevice() || IsCharacterDevice(); } + bool IsDirectory () const throw () { try { return GetType() == FilesystemPathType::Directory; } catch (...) { return false; } } + bool IsEmpty () const throw () { try { return Path.empty(); } catch (...) { return false; } } + bool IsFile () const throw () { try { return GetType() == FilesystemPathType::File; } catch (...) { return false; } } + FilesystemPath ToBaseName () const; + FilesystemPath ToHostDriveOfPartition () const; + + static const int MaxSize = 260; + + protected: + wstring Path; + }; + + typedef FilesystemPath DevicePath; + typedef FilesystemPath DirectoryPath; + typedef FilesystemPath FilePath; + + typedef list < shared_ptr > DirectoryPathList; + typedef list < shared_ptr > FilePathList; +} + +#endif // TC_HEADER_Platform_FilesystemPath diff --git a/src/Platform/Finally.h b/src/Platform/Finally.h index c411fc4b..5fa2e904 100644 --- a/src/Platform/Finally.h +++ b/src/Platform/Finally.h @@ -8,43 +8,43 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_Finally -#define TC_HEADER_Platform_Finally - -#include "PlatformBase.h" - -// Execute code when leaving scope -#define finally_do(code) \ -struct TC_JOIN(Finally,__LINE__) \ -{ \ - TC_JOIN(~Finally,__LINE__) () { try { code } catch (...) { } } \ -} \ -TC_UNUSED_VAR \ -TC_JOIN(finally,__LINE__) - -// Execute code with argument 'finally_arg' when leaving scope -#define finally_do_arg(argType, arg, code) \ -struct TC_JOIN(Finally,__LINE__) \ -{ \ - TC_JOIN(Finally,__LINE__) (argType a) : finally_arg (a) { } \ - TC_JOIN(~Finally,__LINE__) () { try { code } catch (...) { } } \ - argType finally_arg; \ -} \ -TC_UNUSED_VAR \ -TC_JOIN(finally,__LINE__) (arg) - -#define finally_do_arg2(argType, arg, argType2, arg2, code) \ -struct TC_JOIN(Finally,__LINE__) \ -{ \ - TC_JOIN(Finally,__LINE__) (argType a, argType2 a2) : finally_arg (a), finally_arg2 (a2) { } \ - TC_JOIN(~Finally,__LINE__) () { try { code } catch (...) { } } \ - argType finally_arg; \ - argType2 finally_arg2; \ -} \ -TC_UNUSED_VAR \ -TC_JOIN(finally,__LINE__) (arg, arg2) - - -#endif // TC_HEADER_Platform_Finally +*/ + +#ifndef TC_HEADER_Platform_Finally +#define TC_HEADER_Platform_Finally + +#include "PlatformBase.h" + +// Execute code when leaving scope +#define finally_do(code) \ +struct TC_JOIN(Finally,__LINE__) \ +{ \ + TC_JOIN(~Finally,__LINE__) () { try { code } catch (...) { } } \ +} \ +TC_UNUSED_VAR \ +TC_JOIN(finally,__LINE__) + +// Execute code with argument 'finally_arg' when leaving scope +#define finally_do_arg(argType, arg, code) \ +struct TC_JOIN(Finally,__LINE__) \ +{ \ + TC_JOIN(Finally,__LINE__) (argType a) : finally_arg (a) { } \ + TC_JOIN(~Finally,__LINE__) () { try { code } catch (...) { } } \ + argType finally_arg; \ +} \ +TC_UNUSED_VAR \ +TC_JOIN(finally,__LINE__) (arg) + +#define finally_do_arg2(argType, arg, argType2, arg2, code) \ +struct TC_JOIN(Finally,__LINE__) \ +{ \ + TC_JOIN(Finally,__LINE__) (argType a, argType2 a2) : finally_arg (a), finally_arg2 (a2) { } \ + TC_JOIN(~Finally,__LINE__) () { try { code } catch (...) { } } \ + argType finally_arg; \ + argType2 finally_arg2; \ +} \ +TC_UNUSED_VAR \ +TC_JOIN(finally,__LINE__) (arg, arg2) + + +#endif // TC_HEADER_Platform_Finally diff --git a/src/Platform/ForEach.h b/src/Platform/ForEach.h index 3ffe67fb..e0fb121f 100644 --- a/src/Platform/ForEach.h +++ b/src/Platform/ForEach.h @@ -8,115 +8,115 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_ForEach -#define TC_HEADER_Platform_ForEach - -namespace VeraCrypt -{ - class ForEach - { - public: - struct Container - { - Container () : InnerContinue (true), InnerEndCondition (false) { } - virtual ~Container () { } - - void Continue () const { InnerContinue = true; } - bool InnerIsNotEnd () const { return InnerEndCondition = !InnerEndCondition; } - virtual bool IsNotEnd () const = 0; - virtual void Next () const = 0; - - mutable bool InnerContinue; - mutable bool InnerEndCondition; - }; - - protected: - template - struct ContainerForward : Container - { - ContainerForward (const T &container) - : ContainerCopy (container), EndIterator (ContainerCopy.end()), Iterator (ContainerCopy.begin()) { } - - virtual bool IsNotEnd () const { bool r = InnerContinue && Iterator != EndIterator; InnerContinue = false; return r; } - virtual void Next () const { ++Iterator; } - - const T ContainerCopy; // Support for temporary objects - typename T::const_iterator EndIterator; - mutable typename T::const_iterator Iterator; - - private: - ContainerForward &operator= (const ContainerForward &); - }; - - template - struct ContainerReverse : Container - { - ContainerReverse (const T &container) - : ContainerCopy (container), EndIterator (ContainerCopy.rend()), Iterator (ContainerCopy.rbegin()) { } - - virtual bool IsNotEnd () const { bool r = InnerContinue && Iterator != EndIterator; InnerContinue = false; return r; } - virtual void Next () const { ++Iterator; } - - const T ContainerCopy; - typename T::const_reverse_iterator EndIterator; - mutable typename T::const_reverse_iterator Iterator; - - private: - ContainerReverse &operator= (const ContainerReverse &); - }; - - public: - template - static ContainerForward GetContainerForward (const T &container) - { - return ContainerForward (container); - } - - template - static ContainerReverse GetContainerReverse (const T &container) - { - return ContainerReverse (container); - } - - protected: - template - struct TypeWrapper { }; - - public: - template - static TypeWrapper ToTypeWrapper (const T &x) { return TypeWrapper (); } - - struct TypeWrapperDummy - { - template - operator TypeWrapper () const { return TypeWrapper (); } - }; - - template - static const ContainerForward &GetContainerForward (const Container &forEachContainer, const TypeWrapper &) - { - return static_cast &> (forEachContainer); - } - - template - static const ContainerReverse &GetContainerReverse (const Container &forEachContainer, const TypeWrapper &) - { - return static_cast &> (forEachContainer); - } - }; -} - - -#define FOREACH_TEMPLATE(dereference,listType,variable,listInstance) \ - for (const ForEach::Container &forEachContainer = ForEach::GetContainer##listType (listInstance); forEachContainer.IsNotEnd(); forEachContainer.Next()) \ - for (variable = dereference(ForEach::GetContainer##listType (forEachContainer, (true ? ForEach::TypeWrapperDummy() : ForEach::ToTypeWrapper (listInstance))).Iterator); forEachContainer.InnerIsNotEnd(); forEachContainer.Continue()) - -#define foreach(variable,listInstance) FOREACH_TEMPLATE(*, Forward, variable, listInstance) -#define foreach_ref(variable,listInstance) FOREACH_TEMPLATE(**, Forward, variable, listInstance) -#define foreach_reverse(variable,listInstance) FOREACH_TEMPLATE(*, Reverse, variable, listInstance) -#define foreach_reverse_ref(variable,listInstance) FOREACH_TEMPLATE(**, Reverse, variable, listInstance) - - -#endif // TC_HEADER_Platform_ForEach +*/ + +#ifndef TC_HEADER_Platform_ForEach +#define TC_HEADER_Platform_ForEach + +namespace VeraCrypt +{ + class ForEach + { + public: + struct Container + { + Container () : InnerContinue (true), InnerEndCondition (false) { } + virtual ~Container () { } + + void Continue () const { InnerContinue = true; } + bool InnerIsNotEnd () const { return InnerEndCondition = !InnerEndCondition; } + virtual bool IsNotEnd () const = 0; + virtual void Next () const = 0; + + mutable bool InnerContinue; + mutable bool InnerEndCondition; + }; + + protected: + template + struct ContainerForward : Container + { + ContainerForward (const T &container) + : ContainerCopy (container), EndIterator (ContainerCopy.end()), Iterator (ContainerCopy.begin()) { } + + virtual bool IsNotEnd () const { bool r = InnerContinue && Iterator != EndIterator; InnerContinue = false; return r; } + virtual void Next () const { ++Iterator; } + + const T ContainerCopy; // Support for temporary objects + typename T::const_iterator EndIterator; + mutable typename T::const_iterator Iterator; + + private: + ContainerForward &operator= (const ContainerForward &); + }; + + template + struct ContainerReverse : Container + { + ContainerReverse (const T &container) + : ContainerCopy (container), EndIterator (ContainerCopy.rend()), Iterator (ContainerCopy.rbegin()) { } + + virtual bool IsNotEnd () const { bool r = InnerContinue && Iterator != EndIterator; InnerContinue = false; return r; } + virtual void Next () const { ++Iterator; } + + const T ContainerCopy; + typename T::const_reverse_iterator EndIterator; + mutable typename T::const_reverse_iterator Iterator; + + private: + ContainerReverse &operator= (const ContainerReverse &); + }; + + public: + template + static ContainerForward GetContainerForward (const T &container) + { + return ContainerForward (container); + } + + template + static ContainerReverse GetContainerReverse (const T &container) + { + return ContainerReverse (container); + } + + protected: + template + struct TypeWrapper { }; + + public: + template + static TypeWrapper ToTypeWrapper (const T &x) { return TypeWrapper (); } + + struct TypeWrapperDummy + { + template + operator TypeWrapper () const { return TypeWrapper (); } + }; + + template + static const ContainerForward &GetContainerForward (const Container &forEachContainer, const TypeWrapper &) + { + return static_cast &> (forEachContainer); + } + + template + static const ContainerReverse &GetContainerReverse (const Container &forEachContainer, const TypeWrapper &) + { + return static_cast &> (forEachContainer); + } + }; +} + + +#define FOREACH_TEMPLATE(dereference,listType,variable,listInstance) \ + for (const ForEach::Container &forEachContainer = ForEach::GetContainer##listType (listInstance); forEachContainer.IsNotEnd(); forEachContainer.Next()) \ + for (variable = dereference(ForEach::GetContainer##listType (forEachContainer, (true ? ForEach::TypeWrapperDummy() : ForEach::ToTypeWrapper (listInstance))).Iterator); forEachContainer.InnerIsNotEnd(); forEachContainer.Continue()) + +#define foreach(variable,listInstance) FOREACH_TEMPLATE(*, Forward, variable, listInstance) +#define foreach_ref(variable,listInstance) FOREACH_TEMPLATE(**, Forward, variable, listInstance) +#define foreach_reverse(variable,listInstance) FOREACH_TEMPLATE(*, Reverse, variable, listInstance) +#define foreach_reverse_ref(variable,listInstance) FOREACH_TEMPLATE(**, Reverse, variable, listInstance) + + +#endif // TC_HEADER_Platform_ForEach diff --git a/src/Platform/Functor.h b/src/Platform/Functor.h index 234b4f2f..9bc96949 100644 --- a/src/Platform/Functor.h +++ b/src/Platform/Functor.h @@ -8,26 +8,26 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_Functor -#define TC_HEADER_Platform_Functor - -#include "PlatformBase.h" - -namespace VeraCrypt -{ - struct Functor - { - virtual ~Functor () { } - virtual void operator() () = 0; - }; - - struct GetStringFunctor - { - virtual ~GetStringFunctor () { } - virtual void operator() (string &str) = 0; - }; -} - -#endif // TC_HEADER_Platform_Functor +*/ + +#ifndef TC_HEADER_Platform_Functor +#define TC_HEADER_Platform_Functor + +#include "PlatformBase.h" + +namespace VeraCrypt +{ + struct Functor + { + virtual ~Functor () { } + virtual void operator() () = 0; + }; + + struct GetStringFunctor + { + virtual ~GetStringFunctor () { } + virtual void operator() (string &str) = 0; + }; +} + +#endif // TC_HEADER_Platform_Functor diff --git a/src/Platform/Memory.cpp b/src/Platform/Memory.cpp index 7a543a8c..f84a8741 100644 --- a/src/Platform/Memory.cpp +++ b/src/Platform/Memory.cpp @@ -8,55 +8,55 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#include "Common/Tcdefs.h" -#include "Memory.h" -#include "Exception.h" - -namespace VeraCrypt -{ - void *Memory::Allocate (std::size_t size) - { - if (size < 1) - throw ParameterIncorrect (SRC_POS); - - void *bufPtr = malloc (size); - if (!bufPtr) - throw bad_alloc(); - - return bufPtr; - } - - int Memory::Compare (const void *memory1, size_t size1, const void *memory2, size_t size2) - { - if (size1 > size2) - return 1; - else if (size1 < size2) - return -1; - - return memcmp (memory1, memory2, size1); - } - - void Memory::Copy (void *memoryDestination, const void *memorySource, size_t size) - { - assert (memoryDestination != nullptr && memorySource != nullptr); - memcpy (memoryDestination, memorySource, size); - } - - void Memory::Erase (void *memory, size_t size) - { - burn (memory, size); - } - - void Memory::Zero (void *memory, size_t size) - { - memset (memory, 0, size); - } - - void Memory::Free (void *memory) - { - assert (memory != nullptr); - free (memory); - } -} +*/ + +#include "Common/Tcdefs.h" +#include "Memory.h" +#include "Exception.h" + +namespace VeraCrypt +{ + void *Memory::Allocate (std::size_t size) + { + if (size < 1) + throw ParameterIncorrect (SRC_POS); + + void *bufPtr = malloc (size); + if (!bufPtr) + throw bad_alloc(); + + return bufPtr; + } + + int Memory::Compare (const void *memory1, size_t size1, const void *memory2, size_t size2) + { + if (size1 > size2) + return 1; + else if (size1 < size2) + return -1; + + return memcmp (memory1, memory2, size1); + } + + void Memory::Copy (void *memoryDestination, const void *memorySource, size_t size) + { + assert (memoryDestination != nullptr && memorySource != nullptr); + memcpy (memoryDestination, memorySource, size); + } + + void Memory::Erase (void *memory, size_t size) + { + burn (memory, size); + } + + void Memory::Zero (void *memory, size_t size) + { + memset (memory, 0, size); + } + + void Memory::Free (void *memory) + { + assert (memory != nullptr); + free (memory); + } +} diff --git a/src/Platform/Memory.h b/src/Platform/Memory.h index ddf1205c..dca1e5e2 100644 --- a/src/Platform/Memory.h +++ b/src/Platform/Memory.h @@ -8,171 +8,171 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_Memory -#define TC_HEADER_Platform_Memory - -#include -#include -#include "PlatformBase.h" - -#ifdef TC_WINDOWS - -# ifndef LITTLE_ENDIAN -# define LITTLE_ENDIAN 1234 -# endif -# ifndef BYTE_ORDER -# define BYTE_ORDER LITTLE_ENDIAN -# endif - -#elif !defined(BYTE_ORDER) - -# ifdef TC_MACOSX -# include -# elif defined (TC_BSD) -# include -# elif defined (TC_SOLARIS) -# include -# define LITTLE_ENDIAN 1234 -# define BIG_ENDIAN 4321 -# ifdef _BIG_ENDIAN -# define BYTE_ORDER BIG_ENDIAN -# else -# define BYTE_ORDER LITTLE_ENDIAN -# endif -# else -# include -# endif - -# ifndef BYTE_ORDER -# ifndef __BYTE_ORDER -# error Byte ordering cannot be determined (BYTE_ORDER undefined). -# endif - -# define BYTE_ORDER __BYTE_ORDER -# endif - -# ifndef LITTLE_ENDIAN -# define LITTLE_ENDIAN __LITTLE_ENDIAN -# endif - -# ifndef BIG_ENDIAN -# define BIG_ENDIAN __BIG_ENDIAN -# endif - -#endif // !BYTE_ORDER - -#if BYTE_ORDER != BIG_ENDIAN && BYTE_ORDER != LITTLE_ENDIAN -# error Unsupported byte ordering detected. -#endif - -namespace VeraCrypt -{ - class Memory - { - public: - static void *Allocate (size_t size); - static int Compare (const void *memory1, size_t size1, const void *memory2, size_t size2); - static void Copy (void *memoryDestination, const void *memorySource, size_t size); - static void Erase (void *memory, size_t size); - static void Free (void *memory); - static void Zero (void *memory, size_t size); - }; - - class Endian - { - public: - static byte Big (const byte &x) - { - return x; - } - - static uint16 Big (const uint16 &x) - { -#if BYTE_ORDER == BIG_ENDIAN - return x; -#else - return MirrorBytes (x); -#endif - } - - static uint32 Big (const uint32 &x) - { -#if BYTE_ORDER == BIG_ENDIAN - return x; -#else - return MirrorBytes (x); -#endif - } - - static uint64 Big (const uint64 &x) - { -#if BYTE_ORDER == BIG_ENDIAN - return x; -#else - return MirrorBytes (x); -#endif - } - - static byte Little (const byte &x) - { - return x; - } - - static uint16 Little (const uint16 &x) - { -#if BYTE_ORDER == LITTLE_ENDIAN - return x; -#else - return MirrorBytes (x); -#endif - } - - static uint32 Little (const uint32 &x) - { -#if BYTE_ORDER == LITTLE_ENDIAN - return x; -#else - return MirrorBytes (x); -#endif - } - - static uint64 Little (const uint64 &x) - { -#if BYTE_ORDER == LITTLE_ENDIAN - return x; -#else - return MirrorBytes (x); -#endif - } - - protected: - static uint16 MirrorBytes (const uint16 &x) - { - return (x << 8) | (x >> 8); - } - - static uint32 MirrorBytes (const uint32 &x) - { - uint32 n = (byte) x; - n <<= 8; n |= (byte) (x >> 8); - n <<= 8; n |= (byte) (x >> 16); - return (n << 8) | (byte) (x >> 24); - } - - static uint64 MirrorBytes (const uint64 &x) - { - uint64 n = (byte) x; - n <<= 8; n |= (byte) (x >> 8); - n <<= 8; n |= (byte) (x >> 16); - n <<= 8; n |= (byte) (x >> 24); - n <<= 8; n |= (byte) (x >> 32); - n <<= 8; n |= (byte) (x >> 40); - n <<= 8; n |= (byte) (x >> 48); - return (n << 8) | (byte) (x >> 56); - } - }; -} - -#endif // TC_HEADER_Platform_Memory +*/ + +#ifndef TC_HEADER_Platform_Memory +#define TC_HEADER_Platform_Memory + +#include +#include +#include "PlatformBase.h" + +#ifdef TC_WINDOWS + +# ifndef LITTLE_ENDIAN +# define LITTLE_ENDIAN 1234 +# endif +# ifndef BYTE_ORDER +# define BYTE_ORDER LITTLE_ENDIAN +# endif + +#elif !defined(BYTE_ORDER) + +# ifdef TC_MACOSX +# include +# elif defined (TC_BSD) +# include +# elif defined (TC_SOLARIS) +# include +# define LITTLE_ENDIAN 1234 +# define BIG_ENDIAN 4321 +# ifdef _BIG_ENDIAN +# define BYTE_ORDER BIG_ENDIAN +# else +# define BYTE_ORDER LITTLE_ENDIAN +# endif +# else +# include +# endif + +# ifndef BYTE_ORDER +# ifndef __BYTE_ORDER +# error Byte ordering cannot be determined (BYTE_ORDER undefined). +# endif + +# define BYTE_ORDER __BYTE_ORDER +# endif + +# ifndef LITTLE_ENDIAN +# define LITTLE_ENDIAN __LITTLE_ENDIAN +# endif + +# ifndef BIG_ENDIAN +# define BIG_ENDIAN __BIG_ENDIAN +# endif + +#endif // !BYTE_ORDER + +#if BYTE_ORDER != BIG_ENDIAN && BYTE_ORDER != LITTLE_ENDIAN +# error Unsupported byte ordering detected. +#endif + +namespace VeraCrypt +{ + class Memory + { + public: + static void *Allocate (size_t size); + static int Compare (const void *memory1, size_t size1, const void *memory2, size_t size2); + static void Copy (void *memoryDestination, const void *memorySource, size_t size); + static void Erase (void *memory, size_t size); + static void Free (void *memory); + static void Zero (void *memory, size_t size); + }; + + class Endian + { + public: + static byte Big (const byte &x) + { + return x; + } + + static uint16 Big (const uint16 &x) + { +#if BYTE_ORDER == BIG_ENDIAN + return x; +#else + return MirrorBytes (x); +#endif + } + + static uint32 Big (const uint32 &x) + { +#if BYTE_ORDER == BIG_ENDIAN + return x; +#else + return MirrorBytes (x); +#endif + } + + static uint64 Big (const uint64 &x) + { +#if BYTE_ORDER == BIG_ENDIAN + return x; +#else + return MirrorBytes (x); +#endif + } + + static byte Little (const byte &x) + { + return x; + } + + static uint16 Little (const uint16 &x) + { +#if BYTE_ORDER == LITTLE_ENDIAN + return x; +#else + return MirrorBytes (x); +#endif + } + + static uint32 Little (const uint32 &x) + { +#if BYTE_ORDER == LITTLE_ENDIAN + return x; +#else + return MirrorBytes (x); +#endif + } + + static uint64 Little (const uint64 &x) + { +#if BYTE_ORDER == LITTLE_ENDIAN + return x; +#else + return MirrorBytes (x); +#endif + } + + protected: + static uint16 MirrorBytes (const uint16 &x) + { + return (x << 8) | (x >> 8); + } + + static uint32 MirrorBytes (const uint32 &x) + { + uint32 n = (byte) x; + n <<= 8; n |= (byte) (x >> 8); + n <<= 8; n |= (byte) (x >> 16); + return (n << 8) | (byte) (x >> 24); + } + + static uint64 MirrorBytes (const uint64 &x) + { + uint64 n = (byte) x; + n <<= 8; n |= (byte) (x >> 8); + n <<= 8; n |= (byte) (x >> 16); + n <<= 8; n |= (byte) (x >> 24); + n <<= 8; n |= (byte) (x >> 32); + n <<= 8; n |= (byte) (x >> 40); + n <<= 8; n |= (byte) (x >> 48); + return (n << 8) | (byte) (x >> 56); + } + }; +} + +#endif // TC_HEADER_Platform_Memory diff --git a/src/Platform/MemoryStream.cpp b/src/Platform/MemoryStream.cpp index 24e311e6..b4b17cdc 100644 --- a/src/Platform/MemoryStream.cpp +++ b/src/Platform/MemoryStream.cpp @@ -8,44 +8,44 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#include "Exception.h" -#include "MemoryStream.h" - -namespace VeraCrypt -{ - MemoryStream::MemoryStream (const ConstBufferPtr &data) : - ReadPosition (0) - { - Data = vector (data.Size()); - BufferPtr (&Data[0], Data.size()).CopyFrom (data); - } - - uint64 MemoryStream::Read (const BufferPtr &buffer) - { - if (Data.size() == 0) - throw ParameterIncorrect (SRC_POS); - - ConstBufferPtr streamBuf (*this); - size_t len = buffer.Size(); - if (streamBuf.Size() - ReadPosition < len) - len = streamBuf.Size() - ReadPosition; - - BufferPtr(buffer).CopyFrom (streamBuf.GetRange (ReadPosition, len)); - ReadPosition += len; - return len; - } - - void MemoryStream::ReadCompleteBuffer (const BufferPtr &buffer) - { - if (Read (buffer) != buffer.Size()) - throw InsufficientData (SRC_POS); - } - - void MemoryStream::Write (const ConstBufferPtr &data) - { - for (uint64 i = 0; i < data.Size(); i++) - Data.push_back (data[i]); - } -} +*/ + +#include "Exception.h" +#include "MemoryStream.h" + +namespace VeraCrypt +{ + MemoryStream::MemoryStream (const ConstBufferPtr &data) : + ReadPosition (0) + { + Data = vector (data.Size()); + BufferPtr (&Data[0], Data.size()).CopyFrom (data); + } + + uint64 MemoryStream::Read (const BufferPtr &buffer) + { + if (Data.size() == 0) + throw ParameterIncorrect (SRC_POS); + + ConstBufferPtr streamBuf (*this); + size_t len = buffer.Size(); + if (streamBuf.Size() - ReadPosition < len) + len = streamBuf.Size() - ReadPosition; + + BufferPtr(buffer).CopyFrom (streamBuf.GetRange (ReadPosition, len)); + ReadPosition += len; + return len; + } + + void MemoryStream::ReadCompleteBuffer (const BufferPtr &buffer) + { + if (Read (buffer) != buffer.Size()) + throw InsufficientData (SRC_POS); + } + + void MemoryStream::Write (const ConstBufferPtr &data) + { + for (uint64 i = 0; i < data.Size(); i++) + Data.push_back (data[i]); + } +} diff --git a/src/Platform/MemoryStream.h b/src/Platform/MemoryStream.h index 5591286a..b3d19c7a 100644 --- a/src/Platform/MemoryStream.h +++ b/src/Platform/MemoryStream.h @@ -8,33 +8,33 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_MemoryStream -#define TC_HEADER_Platform_MemoryStream - -#include "PlatformBase.h" -#include "Stream.h" - -namespace VeraCrypt -{ - class MemoryStream : public Stream - { - public: - MemoryStream () : ReadPosition (0) { } - MemoryStream (const ConstBufferPtr &data); - virtual ~MemoryStream () { } - - operator ConstBufferPtr () const { return ConstBufferPtr (&Data[0], Data.size()); } - - virtual uint64 Read (const BufferPtr &buffer); - virtual void ReadCompleteBuffer (const BufferPtr &buffer); - virtual void Write (const ConstBufferPtr &data); - - protected: - vector Data; - size_t ReadPosition; - }; -} - -#endif // TC_HEADER_Platform_MemoryStream +*/ + +#ifndef TC_HEADER_Platform_MemoryStream +#define TC_HEADER_Platform_MemoryStream + +#include "PlatformBase.h" +#include "Stream.h" + +namespace VeraCrypt +{ + class MemoryStream : public Stream + { + public: + MemoryStream () : ReadPosition (0) { } + MemoryStream (const ConstBufferPtr &data); + virtual ~MemoryStream () { } + + operator ConstBufferPtr () const { return ConstBufferPtr (&Data[0], Data.size()); } + + virtual uint64 Read (const BufferPtr &buffer); + virtual void ReadCompleteBuffer (const BufferPtr &buffer); + virtual void Write (const ConstBufferPtr &data); + + protected: + vector Data; + size_t ReadPosition; + }; +} + +#endif // TC_HEADER_Platform_MemoryStream diff --git a/src/Platform/Mutex.h b/src/Platform/Mutex.h index f97173b4..c8786952 100644 --- a/src/Platform/Mutex.h +++ b/src/Platform/Mutex.h @@ -8,58 +8,58 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_Mutex -#define TC_HEADER_Platform_Mutex - -#ifdef TC_WINDOWS -# include "System.h" -#else -# include -#endif -#include "PlatformBase.h" - -namespace VeraCrypt -{ - class Mutex - { -#ifdef TC_WINDOWS - typedef CRITICAL_SECTION SystemMutex_t; -#else - typedef pthread_mutex_t SystemMutex_t; -#endif - - public: - Mutex (); - ~Mutex (); - - SystemMutex_t *GetSystemHandle () { return &SystemMutex; } - void Lock (); - void Unlock (); - - protected: - bool Initialized; - SystemMutex_t SystemMutex; - - private: - Mutex (const Mutex &); - Mutex &operator= (const Mutex &); - }; - - class ScopeLock - { - public: - ScopeLock (Mutex &mutex) : ScopeMutex (mutex) { mutex.Lock(); } - ~ScopeLock () { ScopeMutex.Unlock(); } - - protected: - Mutex &ScopeMutex; - - private: - ScopeLock (const ScopeLock &); - ScopeLock &operator= (const ScopeLock &); - }; -} - -#endif // TC_HEADER_Platform_Mutex +*/ + +#ifndef TC_HEADER_Platform_Mutex +#define TC_HEADER_Platform_Mutex + +#ifdef TC_WINDOWS +# include "System.h" +#else +# include +#endif +#include "PlatformBase.h" + +namespace VeraCrypt +{ + class Mutex + { +#ifdef TC_WINDOWS + typedef CRITICAL_SECTION SystemMutex_t; +#else + typedef pthread_mutex_t SystemMutex_t; +#endif + + public: + Mutex (); + ~Mutex (); + + SystemMutex_t *GetSystemHandle () { return &SystemMutex; } + void Lock (); + void Unlock (); + + protected: + bool Initialized; + SystemMutex_t SystemMutex; + + private: + Mutex (const Mutex &); + Mutex &operator= (const Mutex &); + }; + + class ScopeLock + { + public: + ScopeLock (Mutex &mutex) : ScopeMutex (mutex) { mutex.Lock(); } + ~ScopeLock () { ScopeMutex.Unlock(); } + + protected: + Mutex &ScopeMutex; + + private: + ScopeLock (const ScopeLock &); + ScopeLock &operator= (const ScopeLock &); + }; +} + +#endif // TC_HEADER_Platform_Mutex diff --git a/src/Platform/Platform.h b/src/Platform/Platform.h index 3de41399..9e8a4cca 100644 --- a/src/Platform/Platform.h +++ b/src/Platform/Platform.h @@ -8,25 +8,25 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform -#define TC_HEADER_Platform - -#include "PlatformBase.h" -#include "Buffer.h" -#include "Exception.h" -#include "Directory.h" -#include "Event.h" -#include "File.h" -#include "FilesystemPath.h" -#include "Finally.h" -#include "ForEach.h" -#include "Functor.h" -#include "Memory.h" -#include "Mutex.h" -#include "SharedPtr.h" -#include "SystemException.h" -#include "Thread.h" - -#endif // TC_HEADER_Platform +*/ + +#ifndef TC_HEADER_Platform +#define TC_HEADER_Platform + +#include "PlatformBase.h" +#include "Buffer.h" +#include "Exception.h" +#include "Directory.h" +#include "Event.h" +#include "File.h" +#include "FilesystemPath.h" +#include "Finally.h" +#include "ForEach.h" +#include "Functor.h" +#include "Memory.h" +#include "Mutex.h" +#include "SharedPtr.h" +#include "SystemException.h" +#include "Thread.h" + +#endif // TC_HEADER_Platform diff --git a/src/Platform/Platform.make b/src/Platform/Platform.make index 9d02d8aa..4d142317 100644 --- a/src/Platform/Platform.make +++ b/src/Platform/Platform.make @@ -1,39 +1,39 @@ -# -# Derived from source code of TrueCrypt 7.1a, which is -# Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed -# by the TrueCrypt License 3.0. -# -# Modifications and additions to the original source code (contained in this file) -# and all other portions of this file are Copyright (c) 2013-2016 IDRIX -# and are governed by the Apache License 2.0 the full text of which is -# contained in the file License.txt included in VeraCrypt binary and source -# code distribution packages. -# - -OBJS := Buffer.o -OBJS += Exception.o -OBJS += Event.o -OBJS += FileCommon.o -OBJS += MemoryStream.o -OBJS += Memory.o -OBJS += PlatformTest.o -OBJS += Serializable.o -OBJS += Serializer.o -OBJS += SerializerFactory.o -OBJS += StringConverter.o -OBJS += TextReader.o -OBJS += Unix/Directory.o -OBJS += Unix/File.o -OBJS += Unix/FilesystemPath.o -OBJS += Unix/Mutex.o -OBJS += Unix/Pipe.o -OBJS += Unix/Poller.o -OBJS += Unix/Process.o -OBJS += Unix/SyncEvent.o -OBJS += Unix/SystemException.o -OBJS += Unix/SystemInfo.o -OBJS += Unix/SystemLog.o -OBJS += Unix/Thread.o -OBJS += Unix/Time.o - -include $(BUILD_INC)/Makefile.inc +# +# Derived from source code of TrueCrypt 7.1a, which is +# Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed +# by the TrueCrypt License 3.0. +# +# Modifications and additions to the original source code (contained in this file) +# and all other portions of this file are Copyright (c) 2013-2016 IDRIX +# and are governed by the Apache License 2.0 the full text of which is +# contained in the file License.txt included in VeraCrypt binary and source +# code distribution packages. +# + +OBJS := Buffer.o +OBJS += Exception.o +OBJS += Event.o +OBJS += FileCommon.o +OBJS += MemoryStream.o +OBJS += Memory.o +OBJS += PlatformTest.o +OBJS += Serializable.o +OBJS += Serializer.o +OBJS += SerializerFactory.o +OBJS += StringConverter.o +OBJS += TextReader.o +OBJS += Unix/Directory.o +OBJS += Unix/File.o +OBJS += Unix/FilesystemPath.o +OBJS += Unix/Mutex.o +OBJS += Unix/Pipe.o +OBJS += Unix/Poller.o +OBJS += Unix/Process.o +OBJS += Unix/SyncEvent.o +OBJS += Unix/SystemException.o +OBJS += Unix/SystemInfo.o +OBJS += Unix/SystemLog.o +OBJS += Unix/Thread.o +OBJS += Unix/Time.o + +include $(BUILD_INC)/Makefile.inc diff --git a/src/Platform/PlatformBase.h b/src/Platform/PlatformBase.h index 1a6b5945..652069c4 100644 --- a/src/Platform/PlatformBase.h +++ b/src/Platform/PlatformBase.h @@ -8,131 +8,131 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_PlatformBase -#define TC_HEADER_Platform_PlatformBase - -#include -#include -#include -#include -#include -#include -#include - -#ifndef _MSC_VER -#include -#endif - -using namespace std; - -#ifdef nullptr -#undef nullptr -#endif - -#if !(defined(_MSC_VER) && _MSC_VER >= 1600) -#define nullptr 0 -#endif - -namespace VeraCrypt -{ -#ifdef _MSC_VER -# ifndef TC_INT_TYPES_DEFINED - typedef __int8 int8; - typedef __int16 int16; - typedef __int32 int32; - typedef __int64 int64; - typedef unsigned __int8 byte; - typedef unsigned __int16 uint16; - typedef unsigned __int32 uint32; - typedef unsigned __int64 uint64; -# endif -#else - typedef int8_t int8; - typedef int16_t int16; - typedef int32_t int32; - typedef int64_t int64; - typedef uint8_t byte; - typedef uint16_t uint16; - typedef uint32_t uint32; - typedef uint64_t uint64; -#endif -} - -#if (defined(_WIN32) || defined(_WIN64)) && !defined(TC_WINDOWS) -# define TC_WINDOWS -#endif - -#if defined(_DEBUG) && !defined(DEBUG) -# define DEBUG -#endif - -#ifndef TC_TO_STRING -# define TC_TO_STRING2(n) #n -# define TC_TO_STRING(n) TC_TO_STRING2(n) -#endif - -#define TC_JOIN_ARGS(a,b) a##b -#define TC_JOIN(a,b) TC_JOIN_ARGS(a,b) - -#ifdef __GNUC__ - template string GetFunctionName (T pos) - { - string s (pos); - size_t p = s.find ('('); - if (p == string::npos) - return s; - s = s.substr (0, p); - p = s.find_last_of (" "); - if (p == string::npos) - return s; - return s.substr (p + 1); - } -# define SRC_POS (GetFunctionName (__PRETTY_FUNCTION__) += ":" TC_TO_STRING(__LINE__)) -# define TC_UNUSED_VAR __attribute__ ((unused)) -#else -# define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) -# define TC_UNUSED_VAR -#endif - -#ifdef trace_point -# undef trace_point -#endif - -#ifdef trace_msg -# undef trace_msg -#endif - -#ifdef DEBUG -# define if_debug(...) __VA_ARGS__ - -# ifdef TC_WINDOWS -# define trace_point OutputDebugStringA ((string (SRC_POS) + "\n").c_str()) -# define trace_msg(stream_args) do { stringstream s; s << (SRC_POS) << ": " << stream_args << endl; OutputDebugStringA (s.str().c_str()); } while (0) -# define trace_msgw(stream_args) do { wstringstream s; s << (SRC_POS) << L": " << stream_args << endl; OutputDebugStringW (s.str().c_str()); } while (0) -# else -# include -# define trace_point cerr << (SRC_POS) << endl -# define trace_msg(stream_args) cerr << (SRC_POS) << ": " << stream_args << endl -# define trace_msgw(stream_args) cerr << (SRC_POS); wcerr << L": " << stream_args << endl -# endif - -# include "Platform/SystemLog.h" -# define trace_log_point SystemLog::WriteError (SRC_POS) -# define trace_log_msg(stream_args) do { stringstream s; s << (SRC_POS) << ": " << stream_args; SystemLog::WriteError (s.str()); } while (0) - -#else -# define if_debug(...) -# define trace_point -# define trace_msg(...) -# define trace_msgw(...) -# define trace_log_point -# define trace_log_msg(...) -#endif - -#define trace_val(VAL) trace_msg (#VAL << '=' << (VAL)); - -#define array_capacity(arr) (sizeof (arr) / sizeof ((arr)[0])) - -#endif // TC_HEADER_Platform_PlatformBase +*/ + +#ifndef TC_HEADER_Platform_PlatformBase +#define TC_HEADER_Platform_PlatformBase + +#include +#include +#include +#include +#include +#include +#include + +#ifndef _MSC_VER +#include +#endif + +using namespace std; + +#ifdef nullptr +#undef nullptr +#endif + +#if !(defined(_MSC_VER) && _MSC_VER >= 1600) +#define nullptr 0 +#endif + +namespace VeraCrypt +{ +#ifdef _MSC_VER +# ifndef TC_INT_TYPES_DEFINED + typedef __int8 int8; + typedef __int16 int16; + typedef __int32 int32; + typedef __int64 int64; + typedef unsigned __int8 byte; + typedef unsigned __int16 uint16; + typedef unsigned __int32 uint32; + typedef unsigned __int64 uint64; +# endif +#else + typedef int8_t int8; + typedef int16_t int16; + typedef int32_t int32; + typedef int64_t int64; + typedef uint8_t byte; + typedef uint16_t uint16; + typedef uint32_t uint32; + typedef uint64_t uint64; +#endif +} + +#if (defined(_WIN32) || defined(_WIN64)) && !defined(TC_WINDOWS) +# define TC_WINDOWS +#endif + +#if defined(_DEBUG) && !defined(DEBUG) +# define DEBUG +#endif + +#ifndef TC_TO_STRING +# define TC_TO_STRING2(n) #n +# define TC_TO_STRING(n) TC_TO_STRING2(n) +#endif + +#define TC_JOIN_ARGS(a,b) a##b +#define TC_JOIN(a,b) TC_JOIN_ARGS(a,b) + +#ifdef __GNUC__ + template string GetFunctionName (T pos) + { + string s (pos); + size_t p = s.find ('('); + if (p == string::npos) + return s; + s = s.substr (0, p); + p = s.find_last_of (" "); + if (p == string::npos) + return s; + return s.substr (p + 1); + } +# define SRC_POS (GetFunctionName (__PRETTY_FUNCTION__) += ":" TC_TO_STRING(__LINE__)) +# define TC_UNUSED_VAR __attribute__ ((unused)) +#else +# define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) +# define TC_UNUSED_VAR +#endif + +#ifdef trace_point +# undef trace_point +#endif + +#ifdef trace_msg +# undef trace_msg +#endif + +#ifdef DEBUG +# define if_debug(...) __VA_ARGS__ + +# ifdef TC_WINDOWS +# define trace_point OutputDebugStringA ((string (SRC_POS) + "\n").c_str()) +# define trace_msg(stream_args) do { stringstream s; s << (SRC_POS) << ": " << stream_args << endl; OutputDebugStringA (s.str().c_str()); } while (0) +# define trace_msgw(stream_args) do { wstringstream s; s << (SRC_POS) << L": " << stream_args << endl; OutputDebugStringW (s.str().c_str()); } while (0) +# else +# include +# define trace_point cerr << (SRC_POS) << endl +# define trace_msg(stream_args) cerr << (SRC_POS) << ": " << stream_args << endl +# define trace_msgw(stream_args) cerr << (SRC_POS); wcerr << L": " << stream_args << endl +# endif + +# include "Platform/SystemLog.h" +# define trace_log_point SystemLog::WriteError (SRC_POS) +# define trace_log_msg(stream_args) do { stringstream s; s << (SRC_POS) << ": " << stream_args; SystemLog::WriteError (s.str()); } while (0) + +#else +# define if_debug(...) +# define trace_point +# define trace_msg(...) +# define trace_msgw(...) +# define trace_log_point +# define trace_log_msg(...) +#endif + +#define trace_val(VAL) trace_msg (#VAL << '=' << (VAL)); + +#define array_capacity(arr) (sizeof (arr) / sizeof ((arr)[0])) + +#endif // TC_HEADER_Platform_PlatformBase diff --git a/src/Platform/PlatformTest.cpp b/src/Platform/PlatformTest.cpp index dc871e4e..d6fcef3c 100644 --- a/src/Platform/PlatformTest.cpp +++ b/src/Platform/PlatformTest.cpp @@ -8,347 +8,347 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#include "PlatformTest.h" -#include "Exception.h" -#include "FileStream.h" -#include "Finally.h" -#include "ForEach.h" -#include "MemoryStream.h" -#include "Mutex.h" -#include "Serializable.h" -#include "SharedPtr.h" -#include "StringConverter.h" -#include "SyncEvent.h" -#include "Thread.h" -#include "Common/Tcdefs.h" - -namespace VeraCrypt -{ - // make_shared_auto, File, Stream, MemoryStream, Endian, Serializer, Serializable - void PlatformTest::SerializerTest () - { - shared_ptr stream (new MemoryStream); - -#if 0 - make_shared_auto (File, file); - finally_do_arg (File&, *file, { if (finally_arg.IsOpen()) finally_arg.Delete(); }); - - try - { - file->Open ("veracrypt-serializer-test.tmp", File::CreateReadWrite); - stream = shared_ptr (new FileStream (file)); - } - catch (...) { } -#endif - - Serializer ser (stream); - - uint32 i32 = 0x12345678; - uint64 i64 = 0x0123456789abcdefULL; - string str = "string test"; - wstring wstr = L"wstring test"; - - string convStr = "test"; - StringConverter::ToSingle (wstr, convStr); - if (convStr != "wstring test") - throw TestFailed (SRC_POS); - - StringConverter::Erase (convStr); - if (convStr != " ") - throw TestFailed (SRC_POS); - - wstring wEraseTest = L"erase test"; - StringConverter::Erase (wEraseTest); - if (wEraseTest != L" ") - throw TestFailed (SRC_POS); - - list stringList; - stringList.push_back (str + "1"); - stringList.push_back (str + "2"); - stringList.push_back (str + "3"); - - list wstringList; - wstringList.push_back (wstr + L"1"); - wstringList.push_back (wstr + L"2"); - wstringList.push_back (wstr + L"3"); - - Buffer buffer (10); - for (size_t i = 0; i < buffer.Size(); i++) - buffer[i] = (byte) i; - - ser.Serialize ("int32", i32); - ser.Serialize ("int64", i64); - ser.Serialize ("string", str); - ser.Serialize ("wstring", wstr); - ser.Serialize ("stringList", stringList); - ser.Serialize ("wstringList", wstringList); - ser.Serialize ("buffer", ConstBufferPtr (buffer)); - - ExecutedProcessFailed ex (SRC_POS, "cmd", -123, "error output"); - ex.Serialize (stream); - - list < shared_ptr > exList; - exList.push_back (make_shared (ExecutedProcessFailed (SRC_POS, "cmd", -123, "error output1"))); - exList.push_back (make_shared (ExecutedProcessFailed (SRC_POS, "cmd", -234, "error output2"))); - exList.push_back (make_shared (ExecutedProcessFailed (SRC_POS, "cmd", -567, "error output3"))); - Serializable::SerializeList (stream, exList); - -#if 0 - if (file->IsOpen()) - file->SeekAt (0); -#endif - - uint32 di32; - ser.Deserialize ("int32", di32); - if (i32 != di32) - throw TestFailed (SRC_POS); - - uint64 di64; - ser.Deserialize ("int64", di64); - if (i64 != di64) - throw TestFailed (SRC_POS); - - string dstr; - ser.Deserialize ("string", dstr); - if (str != dstr) - throw TestFailed (SRC_POS); - - wstring dwstr; - ser.Deserialize ("wstring", dwstr); - if (str != dstr) - throw TestFailed (SRC_POS); - - int i = 1; - foreach (string item, ser.DeserializeStringList ("stringList")) - { - stringstream s; - s << str << i++; - if (item != s.str()) - throw TestFailed (SRC_POS); - } - - i = 1; - foreach (wstring item, ser.DeserializeWStringList ("wstringList")) - { - wstringstream s; - s << wstr << i++; - if (item != s.str()) - throw TestFailed (SRC_POS); - } - - Buffer dbuffer (10); - ser.Deserialize ("buffer", buffer); - for (size_t i = 0; i < buffer.Size(); i++) - if (buffer[i] != (byte) i) - throw TestFailed (SRC_POS); - - shared_ptr dex = Serializable::DeserializeNew (stream); - if (!dex - || dex->GetCommand() != "cmd" - || dex->GetExitCode() != -123 - || dex->GetErrorOutput() != "error output") - throw TestFailed (SRC_POS); - - list < shared_ptr > dexList; - Serializable::DeserializeList (stream, dexList); - i = 1; - foreach_ref (const ExecutedProcessFailed &ex, dexList) - { - stringstream s; - s << "error output" << i++; - if (ex.GetErrorOutput() != s.str()) - throw TestFailed (SRC_POS); - } - } - - // shared_ptr, Mutex, ScopeLock, SyncEvent, Thread - static struct - { - shared_ptr SharedIntPtr; - Mutex IntMutex; - SyncEvent ExitAllowedEvent; - } ThreadTestData; - - void PlatformTest::ThreadTest () - { - Mutex mutex; - mutex.Lock(); - mutex.Unlock(); - - const int maxThreads = 3; - ThreadTestData.SharedIntPtr.reset (new int (0)); - - for (int i = 0; i < maxThreads; i++) - { - Thread t; - t.Start (&ThreadTestProc, (void *) &ThreadTestData); - } - - for (int i = 0; i < 50; i++) - { - { - ScopeLock sl (ThreadTestData.IntMutex); - if (*ThreadTestData.SharedIntPtr == maxThreads) - break; - } - - Thread::Sleep(100); - } - - if (*ThreadTestData.SharedIntPtr != maxThreads) - throw TestFailed (SRC_POS); - - for (int i = 0; i < 60000; i++) - { - ThreadTestData.ExitAllowedEvent.Signal(); - Thread::Sleep(1); - - ScopeLock sl (ThreadTestData.IntMutex); - if (*ThreadTestData.SharedIntPtr == 0) - break; - } - - if (*ThreadTestData.SharedIntPtr != 0) - throw TestFailed (SRC_POS); - } - - TC_THREAD_PROC PlatformTest::ThreadTestProc (void *arg) - { - - if (arg != (void *) &ThreadTestData) - return 0; - - { - ScopeLock sl (ThreadTestData.IntMutex); - ++(*ThreadTestData.SharedIntPtr); - } - - ThreadTestData.ExitAllowedEvent.Wait(); - - { - ScopeLock sl (ThreadTestData.IntMutex); - --(*ThreadTestData.SharedIntPtr); - } - - return 0; - } - - bool PlatformTest::TestAll () - { - // Integer types - if (sizeof (byte) != 1 || sizeof (int8) != 1 || sizeof (__int8) != 1) throw TestFailed (SRC_POS); - if (sizeof (uint16) != 2 || sizeof (int16) != 2 || sizeof (__int16) != 2) throw TestFailed (SRC_POS); - if (sizeof (uint32) != 4 || sizeof (int32) != 4 || sizeof (__int32) != 4) throw TestFailed (SRC_POS); - if (sizeof (uint64) != 8 || sizeof (int64) != 8) throw TestFailed (SRC_POS); - - // Exception handling - TestFlag = false; - try - { - try - { - throw TestFailed (SRC_POS); - } - catch (...) - { - throw; - } - return false; - } - catch (Exception &) - { - TestFlag = true; - } - if (!TestFlag) - return false; - - // RTTI - RttiTest rtti; - RttiTestBase &rttiBaseRef = rtti; - RttiTestBase *rttiBasePtr = &rtti; - - if (typeid (rttiBaseRef) != typeid (rtti)) - throw TestFailed (SRC_POS); - - if (typeid (*rttiBasePtr) != typeid (rtti)) - throw TestFailed (SRC_POS); - - if (dynamic_cast (rttiBasePtr) == nullptr) - throw TestFailed (SRC_POS); - - try - { - dynamic_cast (rttiBaseRef); - } - catch (...) - { - throw TestFailed (SRC_POS); - } - - // finally - TestFlag = false; - { - finally_do ({ TestFlag = true; }); - if (TestFlag) - throw TestFailed (SRC_POS); - } - if (!TestFlag) - throw TestFailed (SRC_POS); - - TestFlag = false; - { - finally_do_arg (bool*, &TestFlag, { *finally_arg = true; }); - if (TestFlag) - throw TestFailed (SRC_POS); - } - if (!TestFlag) - throw TestFailed (SRC_POS); - - TestFlag = false; - int tesFlag2 = 0; - { - finally_do_arg2 (bool*, &TestFlag, int*, &tesFlag2, { *finally_arg = true; *finally_arg2 = 2; }); - if (TestFlag || tesFlag2 != 0) - throw TestFailed (SRC_POS); - } - if (!TestFlag || tesFlag2 != 2) - throw TestFailed (SRC_POS); - - // uint64, vector, list, string, wstring, stringstream, wstringstream - // shared_ptr, make_shared, StringConverter, foreach - list > numList; - - numList.push_front (make_shared (StringConverter::ToUInt64 (StringConverter::FromNumber ((uint64) 0xFFFFffffFFFFfffeULL)))); - numList.push_front (make_shared (StringConverter::ToUInt32 (StringConverter::GetTrailingNumber ("str2")))); - numList.push_front (make_shared (3)); - - list testList; - wstringstream wstream (L"test"); - foreach_reverse_ref (uint64 n, numList) - { - wstream.str (L""); - wstream << L"str" << n; - testList.push_back (wstream.str()); - } - - stringstream sstream; - sstream << "dummy"; - sstream.str (""); - sstream << "str18446744073709551614,str2" << " str" << StringConverter::Trim (StringConverter::ToSingle (L"\t 3 \r\n")); - foreach (const string &s, StringConverter::Split (sstream.str(), ", ")) - { - if (testList.front() != StringConverter::ToWide (s)) - throw TestFailed (SRC_POS); - testList.pop_front(); - } - - SerializerTest(); - ThreadTest(); - - return true; - } - - bool PlatformTest::TestFlag; -} +*/ + +#include "PlatformTest.h" +#include "Exception.h" +#include "FileStream.h" +#include "Finally.h" +#include "ForEach.h" +#include "MemoryStream.h" +#include "Mutex.h" +#include "Serializable.h" +#include "SharedPtr.h" +#include "StringConverter.h" +#include "SyncEvent.h" +#include "Thread.h" +#include "Common/Tcdefs.h" + +namespace VeraCrypt +{ + // make_shared_auto, File, Stream, MemoryStream, Endian, Serializer, Serializable + void PlatformTest::SerializerTest () + { + shared_ptr stream (new MemoryStream); + +#if 0 + make_shared_auto (File, file); + finally_do_arg (File&, *file, { if (finally_arg.IsOpen()) finally_arg.Delete(); }); + + try + { + file->Open ("veracrypt-serializer-test.tmp", File::CreateReadWrite); + stream = shared_ptr (new FileStream (file)); + } + catch (...) { } +#endif + + Serializer ser (stream); + + uint32 i32 = 0x12345678; + uint64 i64 = 0x0123456789abcdefULL; + string str = "string test"; + wstring wstr = L"wstring test"; + + string convStr = "test"; + StringConverter::ToSingle (wstr, convStr); + if (convStr != "wstring test") + throw TestFailed (SRC_POS); + + StringConverter::Erase (convStr); + if (convStr != " ") + throw TestFailed (SRC_POS); + + wstring wEraseTest = L"erase test"; + StringConverter::Erase (wEraseTest); + if (wEraseTest != L" ") + throw TestFailed (SRC_POS); + + list stringList; + stringList.push_back (str + "1"); + stringList.push_back (str + "2"); + stringList.push_back (str + "3"); + + list wstringList; + wstringList.push_back (wstr + L"1"); + wstringList.push_back (wstr + L"2"); + wstringList.push_back (wstr + L"3"); + + Buffer buffer (10); + for (size_t i = 0; i < buffer.Size(); i++) + buffer[i] = (byte) i; + + ser.Serialize ("int32", i32); + ser.Serialize ("int64", i64); + ser.Serialize ("string", str); + ser.Serialize ("wstring", wstr); + ser.Serialize ("stringList", stringList); + ser.Serialize ("wstringList", wstringList); + ser.Serialize ("buffer", ConstBufferPtr (buffer)); + + ExecutedProcessFailed ex (SRC_POS, "cmd", -123, "error output"); + ex.Serialize (stream); + + list < shared_ptr > exList; + exList.push_back (make_shared (ExecutedProcessFailed (SRC_POS, "cmd", -123, "error output1"))); + exList.push_back (make_shared (ExecutedProcessFailed (SRC_POS, "cmd", -234, "error output2"))); + exList.push_back (make_shared (ExecutedProcessFailed (SRC_POS, "cmd", -567, "error output3"))); + Serializable::SerializeList (stream, exList); + +#if 0 + if (file->IsOpen()) + file->SeekAt (0); +#endif + + uint32 di32; + ser.Deserialize ("int32", di32); + if (i32 != di32) + throw TestFailed (SRC_POS); + + uint64 di64; + ser.Deserialize ("int64", di64); + if (i64 != di64) + throw TestFailed (SRC_POS); + + string dstr; + ser.Deserialize ("string", dstr); + if (str != dstr) + throw TestFailed (SRC_POS); + + wstring dwstr; + ser.Deserialize ("wstring", dwstr); + if (str != dstr) + throw TestFailed (SRC_POS); + + int i = 1; + foreach (string item, ser.DeserializeStringList ("stringList")) + { + stringstream s; + s << str << i++; + if (item != s.str()) + throw TestFailed (SRC_POS); + } + + i = 1; + foreach (wstring item, ser.DeserializeWStringList ("wstringList")) + { + wstringstream s; + s << wstr << i++; + if (item != s.str()) + throw TestFailed (SRC_POS); + } + + Buffer dbuffer (10); + ser.Deserialize ("buffer", buffer); + for (size_t i = 0; i < buffer.Size(); i++) + if (buffer[i] != (byte) i) + throw TestFailed (SRC_POS); + + shared_ptr dex = Serializable::DeserializeNew (stream); + if (!dex + || dex->GetCommand() != "cmd" + || dex->GetExitCode() != -123 + || dex->GetErrorOutput() != "error output") + throw TestFailed (SRC_POS); + + list < shared_ptr > dexList; + Serializable::DeserializeList (stream, dexList); + i = 1; + foreach_ref (const ExecutedProcessFailed &ex, dexList) + { + stringstream s; + s << "error output" << i++; + if (ex.GetErrorOutput() != s.str()) + throw TestFailed (SRC_POS); + } + } + + // shared_ptr, Mutex, ScopeLock, SyncEvent, Thread + static struct + { + shared_ptr SharedIntPtr; + Mutex IntMutex; + SyncEvent ExitAllowedEvent; + } ThreadTestData; + + void PlatformTest::ThreadTest () + { + Mutex mutex; + mutex.Lock(); + mutex.Unlock(); + + const int maxThreads = 3; + ThreadTestData.SharedIntPtr.reset (new int (0)); + + for (int i = 0; i < maxThreads; i++) + { + Thread t; + t.Start (&ThreadTestProc, (void *) &ThreadTestData); + } + + for (int i = 0; i < 50; i++) + { + { + ScopeLock sl (ThreadTestData.IntMutex); + if (*ThreadTestData.SharedIntPtr == maxThreads) + break; + } + + Thread::Sleep(100); + } + + if (*ThreadTestData.SharedIntPtr != maxThreads) + throw TestFailed (SRC_POS); + + for (int i = 0; i < 60000; i++) + { + ThreadTestData.ExitAllowedEvent.Signal(); + Thread::Sleep(1); + + ScopeLock sl (ThreadTestData.IntMutex); + if (*ThreadTestData.SharedIntPtr == 0) + break; + } + + if (*ThreadTestData.SharedIntPtr != 0) + throw TestFailed (SRC_POS); + } + + TC_THREAD_PROC PlatformTest::ThreadTestProc (void *arg) + { + + if (arg != (void *) &ThreadTestData) + return 0; + + { + ScopeLock sl (ThreadTestData.IntMutex); + ++(*ThreadTestData.SharedIntPtr); + } + + ThreadTestData.ExitAllowedEvent.Wait(); + + { + ScopeLock sl (ThreadTestData.IntMutex); + --(*ThreadTestData.SharedIntPtr); + } + + return 0; + } + + bool PlatformTest::TestAll () + { + // Integer types + if (sizeof (byte) != 1 || sizeof (int8) != 1 || sizeof (__int8) != 1) throw TestFailed (SRC_POS); + if (sizeof (uint16) != 2 || sizeof (int16) != 2 || sizeof (__int16) != 2) throw TestFailed (SRC_POS); + if (sizeof (uint32) != 4 || sizeof (int32) != 4 || sizeof (__int32) != 4) throw TestFailed (SRC_POS); + if (sizeof (uint64) != 8 || sizeof (int64) != 8) throw TestFailed (SRC_POS); + + // Exception handling + TestFlag = false; + try + { + try + { + throw TestFailed (SRC_POS); + } + catch (...) + { + throw; + } + return false; + } + catch (Exception &) + { + TestFlag = true; + } + if (!TestFlag) + return false; + + // RTTI + RttiTest rtti; + RttiTestBase &rttiBaseRef = rtti; + RttiTestBase *rttiBasePtr = &rtti; + + if (typeid (rttiBaseRef) != typeid (rtti)) + throw TestFailed (SRC_POS); + + if (typeid (*rttiBasePtr) != typeid (rtti)) + throw TestFailed (SRC_POS); + + if (dynamic_cast (rttiBasePtr) == nullptr) + throw TestFailed (SRC_POS); + + try + { + dynamic_cast (rttiBaseRef); + } + catch (...) + { + throw TestFailed (SRC_POS); + } + + // finally + TestFlag = false; + { + finally_do ({ TestFlag = true; }); + if (TestFlag) + throw TestFailed (SRC_POS); + } + if (!TestFlag) + throw TestFailed (SRC_POS); + + TestFlag = false; + { + finally_do_arg (bool*, &TestFlag, { *finally_arg = true; }); + if (TestFlag) + throw TestFailed (SRC_POS); + } + if (!TestFlag) + throw TestFailed (SRC_POS); + + TestFlag = false; + int tesFlag2 = 0; + { + finally_do_arg2 (bool*, &TestFlag, int*, &tesFlag2, { *finally_arg = true; *finally_arg2 = 2; }); + if (TestFlag || tesFlag2 != 0) + throw TestFailed (SRC_POS); + } + if (!TestFlag || tesFlag2 != 2) + throw TestFailed (SRC_POS); + + // uint64, vector, list, string, wstring, stringstream, wstringstream + // shared_ptr, make_shared, StringConverter, foreach + list > numList; + + numList.push_front (make_shared (StringConverter::ToUInt64 (StringConverter::FromNumber ((uint64) 0xFFFFffffFFFFfffeULL)))); + numList.push_front (make_shared (StringConverter::ToUInt32 (StringConverter::GetTrailingNumber ("str2")))); + numList.push_front (make_shared (3)); + + list testList; + wstringstream wstream (L"test"); + foreach_reverse_ref (uint64 n, numList) + { + wstream.str (L""); + wstream << L"str" << n; + testList.push_back (wstream.str()); + } + + stringstream sstream; + sstream << "dummy"; + sstream.str (""); + sstream << "str18446744073709551614,str2" << " str" << StringConverter::Trim (StringConverter::ToSingle (L"\t 3 \r\n")); + foreach (const string &s, StringConverter::Split (sstream.str(), ", ")) + { + if (testList.front() != StringConverter::ToWide (s)) + throw TestFailed (SRC_POS); + testList.pop_front(); + } + + SerializerTest(); + ThreadTest(); + + return true; + } + + bool PlatformTest::TestFlag; +} diff --git a/src/Platform/PlatformTest.h b/src/Platform/PlatformTest.h index ff6978dd..e4dfb7ae 100644 --- a/src/Platform/PlatformTest.h +++ b/src/Platform/PlatformTest.h @@ -8,40 +8,40 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_PlatformTest -#define TC_HEADER_Platform_PlatformTest - -#include "PlatformBase.h" -#include "Thread.h" - -namespace VeraCrypt -{ - class PlatformTest - { - public: - static bool TestAll (); - - protected: - class RttiTestBase - { - public: - virtual ~RttiTestBase () { }; - }; - - class RttiTest : public RttiTestBase { - public: - virtual ~RttiTest () { }; - }; - - PlatformTest (); - static void SerializerTest (); - static void ThreadTest (); - static TC_THREAD_PROC ThreadTestProc (void *param); - - static bool TestFlag; - }; -} - -#endif // TC_HEADER_Platform_PlatformTest +*/ + +#ifndef TC_HEADER_Platform_PlatformTest +#define TC_HEADER_Platform_PlatformTest + +#include "PlatformBase.h" +#include "Thread.h" + +namespace VeraCrypt +{ + class PlatformTest + { + public: + static bool TestAll (); + + protected: + class RttiTestBase + { + public: + virtual ~RttiTestBase () { }; + }; + + class RttiTest : public RttiTestBase { + public: + virtual ~RttiTest () { }; + }; + + PlatformTest (); + static void SerializerTest (); + static void ThreadTest (); + static TC_THREAD_PROC ThreadTestProc (void *param); + + static bool TestFlag; + }; +} + +#endif // TC_HEADER_Platform_PlatformTest diff --git a/src/Platform/Serializable.cpp b/src/Platform/Serializable.cpp index 0ffb2771..8ff2c829 100644 --- a/src/Platform/Serializable.cpp +++ b/src/Platform/Serializable.cpp @@ -8,36 +8,36 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#include "Serializable.h" -#include "SerializerFactory.h" - -namespace VeraCrypt -{ - string Serializable::DeserializeHeader (shared_ptr stream) - { - Serializer sr (stream); - return sr.DeserializeString ("SerializableName"); - } - - Serializable *Serializable::DeserializeNew (shared_ptr stream) - { - string name = Serializable::DeserializeHeader (stream); - Serializable *serializable = SerializerFactory::GetNewSerializable (name); - serializable->Deserialize (stream); - - return serializable; - } - - void Serializable::Serialize (shared_ptr stream) const - { - Serializer sr (stream); - Serializable::SerializeHeader (sr, SerializerFactory::GetName (typeid (*this))); - } - - void Serializable::SerializeHeader (Serializer &serializer, const string &name) - { - serializer.Serialize ("SerializableName", name); - } -} +*/ + +#include "Serializable.h" +#include "SerializerFactory.h" + +namespace VeraCrypt +{ + string Serializable::DeserializeHeader (shared_ptr stream) + { + Serializer sr (stream); + return sr.DeserializeString ("SerializableName"); + } + + Serializable *Serializable::DeserializeNew (shared_ptr stream) + { + string name = Serializable::DeserializeHeader (stream); + Serializable *serializable = SerializerFactory::GetNewSerializable (name); + serializable->Deserialize (stream); + + return serializable; + } + + void Serializable::Serialize (shared_ptr stream) const + { + Serializer sr (stream); + Serializable::SerializeHeader (sr, SerializerFactory::GetName (typeid (*this))); + } + + void Serializable::SerializeHeader (Serializer &serializer, const string &name) + { + serializer.Serialize ("SerializableName", name); + } +} diff --git a/src/Platform/Serializable.h b/src/Platform/Serializable.h index 1248c630..64c859f6 100644 --- a/src/Platform/Serializable.h +++ b/src/Platform/Serializable.h @@ -8,79 +8,79 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_Serializable -#define TC_HEADER_Platform_Serializable - -#include -#include "PlatformBase.h" -#include "ForEach.h" -#include "Serializer.h" -#include "SerializerFactory.h" - -namespace VeraCrypt -{ - class Serializable - { - public: - virtual ~Serializable () { } - - virtual void Deserialize (shared_ptr stream) = 0; - static string DeserializeHeader (shared_ptr stream); - static Serializable *DeserializeNew (shared_ptr stream); - - template - static shared_ptr DeserializeNew (shared_ptr stream) - { - shared_ptr p (dynamic_cast (DeserializeNew (stream))); - if (!p) - throw std::runtime_error (SRC_POS); - return p; - } - - template - static void DeserializeList (shared_ptr stream, list < shared_ptr > &dataList) - { - if (DeserializeHeader (stream) != string ("list<") + SerializerFactory::GetName (typeid (T)) + ">") - throw std::runtime_error (SRC_POS); - - Serializer sr (stream); - uint64 listSize; - sr.Deserialize ("ListSize", listSize); - - for (size_t i = 0; i < listSize; i++) - { - shared_ptr p (dynamic_cast (DeserializeNew (stream))); - if (!p) - throw std::runtime_error (SRC_POS); - dataList.push_back (p); - } - } - - virtual void Serialize (shared_ptr stream) const; - - template - static void SerializeList (shared_ptr stream, const list < shared_ptr > &dataList) - { - Serializer sr (stream); - SerializeHeader (sr, string ("list<") + SerializerFactory::GetName (typeid (T)) + ">"); - - sr.Serialize ("ListSize", (uint64) dataList.size()); - foreach_ref (const T &item, dataList) - item.Serialize (stream); - } - - static void SerializeHeader (Serializer &serializer, const string &name); - - protected: - Serializable () { } - }; -} - -#define TC_SERIALIZABLE(TYPE) \ - static Serializable *GetNewSerializable () { return new TYPE(); } \ - virtual void Deserialize (shared_ptr stream); \ - virtual void Serialize (shared_ptr stream) const - -#endif // TC_HEADER_Platform_Serializable +*/ + +#ifndef TC_HEADER_Platform_Serializable +#define TC_HEADER_Platform_Serializable + +#include +#include "PlatformBase.h" +#include "ForEach.h" +#include "Serializer.h" +#include "SerializerFactory.h" + +namespace VeraCrypt +{ + class Serializable + { + public: + virtual ~Serializable () { } + + virtual void Deserialize (shared_ptr stream) = 0; + static string DeserializeHeader (shared_ptr stream); + static Serializable *DeserializeNew (shared_ptr stream); + + template + static shared_ptr DeserializeNew (shared_ptr stream) + { + shared_ptr p (dynamic_cast (DeserializeNew (stream))); + if (!p) + throw std::runtime_error (SRC_POS); + return p; + } + + template + static void DeserializeList (shared_ptr stream, list < shared_ptr > &dataList) + { + if (DeserializeHeader (stream) != string ("list<") + SerializerFactory::GetName (typeid (T)) + ">") + throw std::runtime_error (SRC_POS); + + Serializer sr (stream); + uint64 listSize; + sr.Deserialize ("ListSize", listSize); + + for (size_t i = 0; i < listSize; i++) + { + shared_ptr p (dynamic_cast (DeserializeNew (stream))); + if (!p) + throw std::runtime_error (SRC_POS); + dataList.push_back (p); + } + } + + virtual void Serialize (shared_ptr stream) const; + + template + static void SerializeList (shared_ptr stream, const list < shared_ptr > &dataList) + { + Serializer sr (stream); + SerializeHeader (sr, string ("list<") + SerializerFactory::GetName (typeid (T)) + ">"); + + sr.Serialize ("ListSize", (uint64) dataList.size()); + foreach_ref (const T &item, dataList) + item.Serialize (stream); + } + + static void SerializeHeader (Serializer &serializer, const string &name); + + protected: + Serializable () { } + }; +} + +#define TC_SERIALIZABLE(TYPE) \ + static Serializable *GetNewSerializable () { return new TYPE(); } \ + virtual void Deserialize (shared_ptr stream); \ + virtual void Serialize (shared_ptr stream) const + +#endif // TC_HEADER_Platform_Serializable diff --git a/src/Platform/Serializer.cpp b/src/Platform/Serializer.cpp index f30f2212..1ac71cd1 100644 --- a/src/Platform/Serializer.cpp +++ b/src/Platform/Serializer.cpp @@ -8,296 +8,296 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#include "Exception.h" -#include "ForEach.h" -#include "Memory.h" -#include "Serializer.h" - -namespace VeraCrypt -{ - template - T Serializer::Deserialize () - { - uint64 size; - DataStream->ReadCompleteBuffer (BufferPtr ((byte *) &size, sizeof (size))); - - if (Endian::Big (size) != sizeof (T)) - throw ParameterIncorrect (SRC_POS); - - T data; - DataStream->ReadCompleteBuffer (BufferPtr ((byte *) &data, sizeof (data))); - - return Endian::Big (data); - } - - void Serializer::Deserialize (const string &name, bool &data) - { - ValidateName (name); - data = Deserialize () == 1; - } - - void Serializer::Deserialize (const string &name, byte &data) - { - ValidateName (name); - data = Deserialize (); - } - - void Serializer::Deserialize (const string &name, int32 &data) - { - ValidateName (name); - data = (int32) Deserialize (); - } - - void Serializer::Deserialize (const string &name, int64 &data) - { - ValidateName (name); - data = (int64) Deserialize (); - } - - void Serializer::Deserialize (const string &name, uint32 &data) - { - ValidateName (name); - data = Deserialize (); - } - - void Serializer::Deserialize (const string &name, uint64 &data) - { - ValidateName (name); - data = Deserialize (); - } - - void Serializer::Deserialize (const string &name, string &data) - { - ValidateName (name); - data = DeserializeString (); - } - - void Serializer::Deserialize (const string &name, wstring &data) - { - ValidateName (name); - data = DeserializeWString (); - } - - void Serializer::Deserialize (const string &name, const BufferPtr &data) - { - ValidateName (name); - - uint64 size = Deserialize (); - if (data.Size() != size) - throw ParameterIncorrect (SRC_POS); - - DataStream->ReadCompleteBuffer (data); - } - - bool Serializer::DeserializeBool (const string &name) - { - bool data; - Deserialize (name, data); - return data; - } - - int32 Serializer::DeserializeInt32 (const string &name) - { - ValidateName (name); - return Deserialize (); - } - - int64 Serializer::DeserializeInt64 (const string &name) - { - ValidateName (name); - return Deserialize (); - } - - uint32 Serializer::DeserializeUInt32 (const string &name) - { - ValidateName (name); - return Deserialize (); - } - - uint64 Serializer::DeserializeUInt64 (const string &name) - { - ValidateName (name); - return Deserialize (); - } - - string Serializer::DeserializeString () - { - uint64 size = Deserialize (); - - vector data ((size_t) size); - DataStream->ReadCompleteBuffer (BufferPtr ((byte *) &data[0], (size_t) size)); - - return string (&data[0]); - } - - string Serializer::DeserializeString (const string &name) - { - ValidateName (name); - return DeserializeString (); - } - - list Serializer::DeserializeStringList (const string &name) - { - ValidateName (name); - list deserializedList; - uint64 listSize = Deserialize (); - - for (size_t i = 0; i < listSize; i++) - deserializedList.push_back (DeserializeString ()); - - return deserializedList; - } - - wstring Serializer::DeserializeWString () - { - uint64 size = Deserialize (); - - vector data ((size_t) size / sizeof (wchar_t)); - DataStream->ReadCompleteBuffer (BufferPtr ((byte *) &data[0], (size_t) size)); - - return wstring (&data[0]); - } - - list Serializer::DeserializeWStringList (const string &name) - { - ValidateName (name); - list deserializedList; - uint64 listSize = Deserialize (); - - for (size_t i = 0; i < listSize; i++) - deserializedList.push_back (DeserializeWString ()); - - return deserializedList; - } - - wstring Serializer::DeserializeWString (const string &name) - { - ValidateName (name); - return DeserializeWString (); - } - - template - void Serializer::Serialize (T data) - { - uint64 size = Endian::Big (uint64 (sizeof (data))); - DataStream->Write (ConstBufferPtr ((byte *) &size, sizeof (size))); - - data = Endian::Big (data); - DataStream->Write (ConstBufferPtr ((byte *) &data, sizeof (data))); - } - - void Serializer::Serialize (const string &name, bool data) - { - SerializeString (name); - byte d = data ? 1 : 0; - Serialize (d); - } - - void Serializer::Serialize (const string &name, byte data) - { - SerializeString (name); - Serialize (data); - } - - void Serializer::Serialize (const string &name, const char *data) - { - Serialize (name, string (data)); - } - - void Serializer::Serialize (const string &name, int32 data) - { - SerializeString (name); - Serialize ((uint32) data); - } - - void Serializer::Serialize (const string &name, int64 data) - { - SerializeString (name); - Serialize ((uint64) data); - } - - void Serializer::Serialize (const string &name, uint32 data) - { - SerializeString (name); - Serialize (data); - } - - void Serializer::Serialize (const string &name, uint64 data) - { - SerializeString (name); - Serialize (data); - } - - void Serializer::Serialize (const string &name, const string &data) - { - SerializeString (name); - SerializeString (data); - } - - void Serializer::Serialize (const string &name, const wchar_t *data) - { - Serialize (name, wstring (data)); - } - - void Serializer::Serialize (const string &name, const wstring &data) - { - SerializeString (name); - SerializeWString (data); - } - - void Serializer::Serialize (const string &name, const list &stringList) - { - SerializeString (name); - - uint64 listSize = stringList.size(); - Serialize (listSize); - - foreach (const string &item, stringList) - SerializeString (item); - } - - void Serializer::Serialize (const string &name, const list &stringList) - { - SerializeString (name); - - uint64 listSize = stringList.size(); - Serialize (listSize); - - foreach (const wstring &item, stringList) - SerializeWString (item); - } - - void Serializer::Serialize (const string &name, const ConstBufferPtr &data) - { - SerializeString (name); - - uint64 size = data.Size(); - Serialize (size); - - DataStream->Write (data); - } - - void Serializer::SerializeString (const string &data) - { - Serialize ((uint64) data.size() + 1); - DataStream->Write (ConstBufferPtr ((byte *) (data.data() ? data.data() : data.c_str()), data.size() + 1)); - } - - void Serializer::SerializeWString (const wstring &data) - { - uint64 size = (data.size() + 1) * sizeof (wchar_t); - Serialize (size); - DataStream->Write (ConstBufferPtr ((byte *) (data.data() ? data.data() : data.c_str()), (size_t) size)); - } - - void Serializer::ValidateName (const string &name) - { - string dName = DeserializeString(); - if (dName != name) - { - throw ParameterIncorrect (SRC_POS); - } - } -} +*/ + +#include "Exception.h" +#include "ForEach.h" +#include "Memory.h" +#include "Serializer.h" + +namespace VeraCrypt +{ + template + T Serializer::Deserialize () + { + uint64 size; + DataStream->ReadCompleteBuffer (BufferPtr ((byte *) &size, sizeof (size))); + + if (Endian::Big (size) != sizeof (T)) + throw ParameterIncorrect (SRC_POS); + + T data; + DataStream->ReadCompleteBuffer (BufferPtr ((byte *) &data, sizeof (data))); + + return Endian::Big (data); + } + + void Serializer::Deserialize (const string &name, bool &data) + { + ValidateName (name); + data = Deserialize () == 1; + } + + void Serializer::Deserialize (const string &name, byte &data) + { + ValidateName (name); + data = Deserialize (); + } + + void Serializer::Deserialize (const string &name, int32 &data) + { + ValidateName (name); + data = (int32) Deserialize (); + } + + void Serializer::Deserialize (const string &name, int64 &data) + { + ValidateName (name); + data = (int64) Deserialize (); + } + + void Serializer::Deserialize (const string &name, uint32 &data) + { + ValidateName (name); + data = Deserialize (); + } + + void Serializer::Deserialize (const string &name, uint64 &data) + { + ValidateName (name); + data = Deserialize (); + } + + void Serializer::Deserialize (const string &name, string &data) + { + ValidateName (name); + data = DeserializeString (); + } + + void Serializer::Deserialize (const string &name, wstring &data) + { + ValidateName (name); + data = DeserializeWString (); + } + + void Serializer::Deserialize (const string &name, const BufferPtr &data) + { + ValidateName (name); + + uint64 size = Deserialize (); + if (data.Size() != size) + throw ParameterIncorrect (SRC_POS); + + DataStream->ReadCompleteBuffer (data); + } + + bool Serializer::DeserializeBool (const string &name) + { + bool data; + Deserialize (name, data); + return data; + } + + int32 Serializer::DeserializeInt32 (const string &name) + { + ValidateName (name); + return Deserialize (); + } + + int64 Serializer::DeserializeInt64 (const string &name) + { + ValidateName (name); + return Deserialize (); + } + + uint32 Serializer::DeserializeUInt32 (const string &name) + { + ValidateName (name); + return Deserialize (); + } + + uint64 Serializer::DeserializeUInt64 (const string &name) + { + ValidateName (name); + return Deserialize (); + } + + string Serializer::DeserializeString () + { + uint64 size = Deserialize (); + + vector data ((size_t) size); + DataStream->ReadCompleteBuffer (BufferPtr ((byte *) &data[0], (size_t) size)); + + return string (&data[0]); + } + + string Serializer::DeserializeString (const string &name) + { + ValidateName (name); + return DeserializeString (); + } + + list Serializer::DeserializeStringList (const string &name) + { + ValidateName (name); + list deserializedList; + uint64 listSize = Deserialize (); + + for (size_t i = 0; i < listSize; i++) + deserializedList.push_back (DeserializeString ()); + + return deserializedList; + } + + wstring Serializer::DeserializeWString () + { + uint64 size = Deserialize (); + + vector data ((size_t) size / sizeof (wchar_t)); + DataStream->ReadCompleteBuffer (BufferPtr ((byte *) &data[0], (size_t) size)); + + return wstring (&data[0]); + } + + list Serializer::DeserializeWStringList (const string &name) + { + ValidateName (name); + list deserializedList; + uint64 listSize = Deserialize (); + + for (size_t i = 0; i < listSize; i++) + deserializedList.push_back (DeserializeWString ()); + + return deserializedList; + } + + wstring Serializer::DeserializeWString (const string &name) + { + ValidateName (name); + return DeserializeWString (); + } + + template + void Serializer::Serialize (T data) + { + uint64 size = Endian::Big (uint64 (sizeof (data))); + DataStream->Write (ConstBufferPtr ((byte *) &size, sizeof (size))); + + data = Endian::Big (data); + DataStream->Write (ConstBufferPtr ((byte *) &data, sizeof (data))); + } + + void Serializer::Serialize (const string &name, bool data) + { + SerializeString (name); + byte d = data ? 1 : 0; + Serialize (d); + } + + void Serializer::Serialize (const string &name, byte data) + { + SerializeString (name); + Serialize (data); + } + + void Serializer::Serialize (const string &name, const char *data) + { + Serialize (name, string (data)); + } + + void Serializer::Serialize (const string &name, int32 data) + { + SerializeString (name); + Serialize ((uint32) data); + } + + void Serializer::Serialize (const string &name, int64 data) + { + SerializeString (name); + Serialize ((uint64) data); + } + + void Serializer::Serialize (const string &name, uint32 data) + { + SerializeString (name); + Serialize (data); + } + + void Serializer::Serialize (const string &name, uint64 data) + { + SerializeString (name); + Serialize (data); + } + + void Serializer::Serialize (const string &name, const string &data) + { + SerializeString (name); + SerializeString (data); + } + + void Serializer::Serialize (const string &name, const wchar_t *data) + { + Serialize (name, wstring (data)); + } + + void Serializer::Serialize (const string &name, const wstring &data) + { + SerializeString (name); + SerializeWString (data); + } + + void Serializer::Serialize (const string &name, const list &stringList) + { + SerializeString (name); + + uint64 listSize = stringList.size(); + Serialize (listSize); + + foreach (const string &item, stringList) + SerializeString (item); + } + + void Serializer::Serialize (const string &name, const list &stringList) + { + SerializeString (name); + + uint64 listSize = stringList.size(); + Serialize (listSize); + + foreach (const wstring &item, stringList) + SerializeWString (item); + } + + void Serializer::Serialize (const string &name, const ConstBufferPtr &data) + { + SerializeString (name); + + uint64 size = data.Size(); + Serialize (size); + + DataStream->Write (data); + } + + void Serializer::SerializeString (const string &data) + { + Serialize ((uint64) data.size() + 1); + DataStream->Write (ConstBufferPtr ((byte *) (data.data() ? data.data() : data.c_str()), data.size() + 1)); + } + + void Serializer::SerializeWString (const wstring &data) + { + uint64 size = (data.size() + 1) * sizeof (wchar_t); + Serialize (size); + DataStream->Write (ConstBufferPtr ((byte *) (data.data() ? data.data() : data.c_str()), (size_t) size)); + } + + void Serializer::ValidateName (const string &name) + { + string dName = DeserializeString(); + if (dName != name) + { + throw ParameterIncorrect (SRC_POS); + } + } +} diff --git a/src/Platform/Serializer.h b/src/Platform/Serializer.h index 67760c45..50065b9a 100644 --- a/src/Platform/Serializer.h +++ b/src/Platform/Serializer.h @@ -8,71 +8,71 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_Serializer -#define TC_HEADER_Platform_Serializer - -#include "PlatformBase.h" -#include "Buffer.h" -#include "SharedPtr.h" -#include "Stream.h" - -namespace VeraCrypt -{ - class Serializer - { - public: - Serializer (shared_ptr stream) : DataStream (stream) { } - virtual ~Serializer () { } - - void Deserialize (const string &name, bool &data); - void Deserialize (const string &name, byte &data); - void Deserialize (const string &name, int32 &data); - void Deserialize (const string &name, int64 &data); - void Deserialize (const string &name, uint32 &data); - void Deserialize (const string &name, uint64 &data); - void Deserialize (const string &name, string &data); - void Deserialize (const string &name, wstring &data); - void Deserialize (const string &name, const BufferPtr &data); - bool DeserializeBool (const string &name); - int32 DeserializeInt32 (const string &name); - int64 DeserializeInt64 (const string &name); - uint32 DeserializeUInt32 (const string &name); - uint64 DeserializeUInt64 (const string &name); - string DeserializeString (const string &name); - list DeserializeStringList (const string &name); - wstring DeserializeWString (const string &name); - list DeserializeWStringList (const string &name); - void Serialize (const string &name, bool data); - void Serialize (const string &name, byte data); - void Serialize (const string &name, const char *data); - void Serialize (const string &name, int32 data); - void Serialize (const string &name, int64 data); - void Serialize (const string &name, uint32 data); - void Serialize (const string &name, uint64 data); - void Serialize (const string &name, const string &data); - void Serialize (const string &name, const wstring &data); - void Serialize (const string &name, const wchar_t *data); - void Serialize (const string &name, const list &stringList); - void Serialize (const string &name, const list &stringList); - void Serialize (const string &name, const ConstBufferPtr &data); - - protected: - template T Deserialize (); - string DeserializeString (); - wstring DeserializeWString (); - template void Serialize (T data); - void SerializeString (const string &data); - void SerializeWString (const wstring &data); - void ValidateName (const string &name); - - shared_ptr DataStream; - - private: - Serializer (const Serializer &); - Serializer &operator= (const Serializer &); - }; -} - -#endif // TC_HEADER_Platform_Serializer +*/ + +#ifndef TC_HEADER_Platform_Serializer +#define TC_HEADER_Platform_Serializer + +#include "PlatformBase.h" +#include "Buffer.h" +#include "SharedPtr.h" +#include "Stream.h" + +namespace VeraCrypt +{ + class Serializer + { + public: + Serializer (shared_ptr stream) : DataStream (stream) { } + virtual ~Serializer () { } + + void Deserialize (const string &name, bool &data); + void Deserialize (const string &name, byte &data); + void Deserialize (const string &name, int32 &data); + void Deserialize (const string &name, int64 &data); + void Deserialize (const string &name, uint32 &data); + void Deserialize (const string &name, uint64 &data); + void Deserialize (const string &name, string &data); + void Deserialize (const string &name, wstring &data); + void Deserialize (const string &name, const BufferPtr &data); + bool DeserializeBool (const string &name); + int32 DeserializeInt32 (const string &name); + int64 DeserializeInt64 (const string &name); + uint32 DeserializeUInt32 (const string &name); + uint64 DeserializeUInt64 (const string &name); + string DeserializeString (const string &name); + list DeserializeStringList (const string &name); + wstring DeserializeWString (const string &name); + list DeserializeWStringList (const string &name); + void Serialize (const string &name, bool data); + void Serialize (const string &name, byte data); + void Serialize (const string &name, const char *data); + void Serialize (const string &name, int32 data); + void Serialize (const string &name, int64 data); + void Serialize (const string &name, uint32 data); + void Serialize (const string &name, uint64 data); + void Serialize (const string &name, const string &data); + void Serialize (const string &name, const wstring &data); + void Serialize (const string &name, const wchar_t *data); + void Serialize (const string &name, const list &stringList); + void Serialize (const string &name, const list &stringList); + void Serialize (const string &name, const ConstBufferPtr &data); + + protected: + template T Deserialize (); + string DeserializeString (); + wstring DeserializeWString (); + template void Serialize (T data); + void SerializeString (const string &data); + void SerializeWString (const wstring &data); + void ValidateName (const string &name); + + shared_ptr DataStream; + + private: + Serializer (const Serializer &); + Serializer &operator= (const Serializer &); + }; +} + +#endif // TC_HEADER_Platform_Serializer diff --git a/src/Platform/SerializerFactory.cpp b/src/Platform/SerializerFactory.cpp index 663bbea1..aca002ca 100644 --- a/src/Platform/SerializerFactory.cpp +++ b/src/Platform/SerializerFactory.cpp @@ -8,51 +8,51 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#include -#include "SerializerFactory.h" - -namespace VeraCrypt -{ - void SerializerFactory::Deinitialize () - { - if (--UseCount == 0) - { - delete NameToTypeMap; - delete TypeToNameMap; - } - } - - string SerializerFactory::GetName (const type_info &typeInfo) - { - string typeName = StringConverter::GetTypeName (typeInfo); - if (TypeToNameMap->find (typeName) == TypeToNameMap->end()) - throw std::runtime_error (SRC_POS); - - return (*TypeToNameMap)[typeName]; - } - - Serializable *SerializerFactory::GetNewSerializable (const string &typeName) - { - if (NameToTypeMap->find (typeName) == NameToTypeMap->end()) - throw std::runtime_error (SRC_POS); - - return (*NameToTypeMap)[typeName].GetNewPtr(); - } - - void SerializerFactory::Initialize () - { - if (UseCount == 0) - { - NameToTypeMap = new map ; - TypeToNameMap = new map ; - } - - ++UseCount; - } - - map *SerializerFactory::NameToTypeMap; - map *SerializerFactory::TypeToNameMap; - int SerializerFactory::UseCount; -} +*/ + +#include +#include "SerializerFactory.h" + +namespace VeraCrypt +{ + void SerializerFactory::Deinitialize () + { + if (--UseCount == 0) + { + delete NameToTypeMap; + delete TypeToNameMap; + } + } + + string SerializerFactory::GetName (const type_info &typeInfo) + { + string typeName = StringConverter::GetTypeName (typeInfo); + if (TypeToNameMap->find (typeName) == TypeToNameMap->end()) + throw std::runtime_error (SRC_POS); + + return (*TypeToNameMap)[typeName]; + } + + Serializable *SerializerFactory::GetNewSerializable (const string &typeName) + { + if (NameToTypeMap->find (typeName) == NameToTypeMap->end()) + throw std::runtime_error (SRC_POS); + + return (*NameToTypeMap)[typeName].GetNewPtr(); + } + + void SerializerFactory::Initialize () + { + if (UseCount == 0) + { + NameToTypeMap = new map ; + TypeToNameMap = new map ; + } + + ++UseCount; + } + + map *SerializerFactory::NameToTypeMap; + map *SerializerFactory::TypeToNameMap; + int SerializerFactory::UseCount; +} diff --git a/src/Platform/SerializerFactory.h b/src/Platform/SerializerFactory.h index c63dbcf8..e3f7a892 100644 --- a/src/Platform/SerializerFactory.h +++ b/src/Platform/SerializerFactory.h @@ -8,90 +8,90 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_SerializerFactory -#define TC_HEADER_Platform_SerializerFactory - -#include -#include "PlatformBase.h" -#include "StringConverter.h" - -namespace VeraCrypt -{ - class Serializable; - - class SerializerFactory - { - public: - ~SerializerFactory (); - - static void Deinitialize (); - static string GetName (const type_info &typeInfo); - static Serializable *GetNewSerializable (const string &typeName); - static void Initialize (); - - struct MapEntry - { - MapEntry () { } - MapEntry (const string &typeName, Serializable* (*getNewPtr) ()) - : TypeName (typeName), GetNewPtr (getNewPtr) { } - - MapEntry &operator= (const MapEntry &right) - { - TypeName = right.TypeName; - GetNewPtr = right.GetNewPtr; - return *this; - } - - string TypeName; - Serializable* (*GetNewPtr) (); - }; - - static map *NameToTypeMap; - static map *TypeToNameMap; - - protected: - SerializerFactory (); - - static int UseCount; - }; - -} - -#define TC_SERIALIZER_FACTORY_ADD_EXCEPTION_SET(TYPE) \ - struct TYPE##SerializerFactoryInitializer \ - { \ - TYPE##SerializerFactoryInitializer () \ - { \ - SerializerFactory::Initialize(); \ - TC_EXCEPTION_SET; \ - } \ - ~TYPE##SerializerFactoryInitializer () \ - { \ - SerializerFactory::Deinitialize(); \ - } \ - }; \ - static TYPE##SerializerFactoryInitializer TYPE##SerializerFactoryInitializer - -#define TC_SERIALIZER_FACTORY_ADD_CLASS(TYPE) \ - struct TYPE##SerializerFactoryInitializer \ - { \ - TYPE##SerializerFactoryInitializer () \ - { \ - SerializerFactory::Initialize(); \ - TC_SERIALIZER_FACTORY_ADD (TYPE); \ - } \ - ~TYPE##SerializerFactoryInitializer () \ - { \ - SerializerFactory::Deinitialize(); \ - } \ - }; \ - static TYPE##SerializerFactoryInitializer TYPE##SerializerFactoryInitializerInst - -#define TC_SERIALIZER_FACTORY_ADD(TYPE) \ - (*SerializerFactory::NameToTypeMap)[#TYPE] = SerializerFactory::MapEntry (StringConverter::GetTypeName (typeid (TYPE)), &TYPE::GetNewSerializable); \ - (*SerializerFactory::TypeToNameMap)[StringConverter::GetTypeName (typeid (TYPE))] = #TYPE - - -#endif // TC_HEADER_Platform_SerializerFactory +*/ + +#ifndef TC_HEADER_Platform_SerializerFactory +#define TC_HEADER_Platform_SerializerFactory + +#include +#include "PlatformBase.h" +#include "StringConverter.h" + +namespace VeraCrypt +{ + class Serializable; + + class SerializerFactory + { + public: + ~SerializerFactory (); + + static void Deinitialize (); + static string GetName (const type_info &typeInfo); + static Serializable *GetNewSerializable (const string &typeName); + static void Initialize (); + + struct MapEntry + { + MapEntry () { } + MapEntry (const string &typeName, Serializable* (*getNewPtr) ()) + : TypeName (typeName), GetNewPtr (getNewPtr) { } + + MapEntry &operator= (const MapEntry &right) + { + TypeName = right.TypeName; + GetNewPtr = right.GetNewPtr; + return *this; + } + + string TypeName; + Serializable* (*GetNewPtr) (); + }; + + static map *NameToTypeMap; + static map *TypeToNameMap; + + protected: + SerializerFactory (); + + static int UseCount; + }; + +} + +#define TC_SERIALIZER_FACTORY_ADD_EXCEPTION_SET(TYPE) \ + struct TYPE##SerializerFactoryInitializer \ + { \ + TYPE##SerializerFactoryInitializer () \ + { \ + SerializerFactory::Initialize(); \ + TC_EXCEPTION_SET; \ + } \ + ~TYPE##SerializerFactoryInitializer () \ + { \ + SerializerFactory::Deinitialize(); \ + } \ + }; \ + static TYPE##SerializerFactoryInitializer TYPE##SerializerFactoryInitializer + +#define TC_SERIALIZER_FACTORY_ADD_CLASS(TYPE) \ + struct TYPE##SerializerFactoryInitializer \ + { \ + TYPE##SerializerFactoryInitializer () \ + { \ + SerializerFactory::Initialize(); \ + TC_SERIALIZER_FACTORY_ADD (TYPE); \ + } \ + ~TYPE##SerializerFactoryInitializer () \ + { \ + SerializerFactory::Deinitialize(); \ + } \ + }; \ + static TYPE##SerializerFactoryInitializer TYPE##SerializerFactoryInitializerInst + +#define TC_SERIALIZER_FACTORY_ADD(TYPE) \ + (*SerializerFactory::NameToTypeMap)[#TYPE] = SerializerFactory::MapEntry (StringConverter::GetTypeName (typeid (TYPE)), &TYPE::GetNewSerializable); \ + (*SerializerFactory::TypeToNameMap)[StringConverter::GetTypeName (typeid (TYPE))] = #TYPE + + +#endif // TC_HEADER_Platform_SerializerFactory diff --git a/src/Platform/SharedPtr.h b/src/Platform/SharedPtr.h index 0bc7bdcf..ce49469b 100644 --- a/src/Platform/SharedPtr.h +++ b/src/Platform/SharedPtr.h @@ -8,159 +8,159 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_SharedPtr -#define TC_HEADER_Platform_SharedPtr - -#include -#include "SharedVal.h" - -#ifdef nullptr - -namespace VeraCrypt -{ - template - class SharedPtr - { - public: - explicit SharedPtr () - : Pointer (nullptr), UseCount (nullptr) { } - - explicit SharedPtr (T *pointer) - : Pointer (pointer), UseCount (new SharedVal (1)) { } - - SharedPtr (const SharedPtr &source) - { - CopyFrom (source); - } - - ~SharedPtr () - { - Release(); - } - - SharedPtr &operator= (const SharedPtr &source) - { - if (&source == this) - return *this; - - Release(); - CopyFrom (source); - return *this; - } - - bool operator == (const SharedPtr &other) - { - return get() == other.get(); - } - - bool operator != (const SharedPtr &other) - { - return get() != other.get(); - } - - T &operator* () const - { -#ifdef DEBUG - if (Pointer == nullptr) - throw std::runtime_error (SRC_POS); -#endif - return *Pointer; - } - - T *operator-> () const - { -#ifdef DEBUG - if (Pointer == nullptr) - throw std::runtime_error (SRC_POS); -#endif - return Pointer; - } - - operator bool () const - { - return Pointer != nullptr; - } - - T *get () const - { - return Pointer; - } - - void reset () - { - Release(); - } - - void reset (T *pointer) - { - *this = SharedPtr (pointer); - } - - uint64 use_count () const - { - if (!UseCount) - return 0; - - return *UseCount; - } - - protected: - void CopyFrom (const SharedPtr &source) - { - Pointer = source.Pointer; - UseCount = source.UseCount; - - if (UseCount) - UseCount->Increment(); - } - - void Release () - { - if (UseCount != nullptr) - { - if (UseCount->Decrement() == 0) - { - if (Pointer != nullptr) - delete Pointer; - delete UseCount; - } - - Pointer = nullptr; - UseCount = nullptr; - } - } - - T *Pointer; - SharedVal *UseCount; - }; - -#ifdef shared_ptr -#undef shared_ptr -#endif -#define shared_ptr VeraCrypt::SharedPtr - -#ifdef make_shared -#undef make_shared -#endif - - template shared_ptr make_shared () - { - return shared_ptr (new T ()); - } - - template shared_ptr make_shared (const A &arg) - { - return shared_ptr (new T (arg)); - } - -#define make_shared VeraCrypt::make_shared - -} - -#endif // nullptr - -#define make_shared_auto(typeName,instanceName) shared_ptr instanceName (new typeName ()) - -#endif // TC_HEADER_Platform_SharedPtr +*/ + +#ifndef TC_HEADER_Platform_SharedPtr +#define TC_HEADER_Platform_SharedPtr + +#include +#include "SharedVal.h" + +#ifdef nullptr + +namespace VeraCrypt +{ + template + class SharedPtr + { + public: + explicit SharedPtr () + : Pointer (nullptr), UseCount (nullptr) { } + + explicit SharedPtr (T *pointer) + : Pointer (pointer), UseCount (new SharedVal (1)) { } + + SharedPtr (const SharedPtr &source) + { + CopyFrom (source); + } + + ~SharedPtr () + { + Release(); + } + + SharedPtr &operator= (const SharedPtr &source) + { + if (&source == this) + return *this; + + Release(); + CopyFrom (source); + return *this; + } + + bool operator == (const SharedPtr &other) + { + return get() == other.get(); + } + + bool operator != (const SharedPtr &other) + { + return get() != other.get(); + } + + T &operator* () const + { +#ifdef DEBUG + if (Pointer == nullptr) + throw std::runtime_error (SRC_POS); +#endif + return *Pointer; + } + + T *operator-> () const + { +#ifdef DEBUG + if (Pointer == nullptr) + throw std::runtime_error (SRC_POS); +#endif + return Pointer; + } + + operator bool () const + { + return Pointer != nullptr; + } + + T *get () const + { + return Pointer; + } + + void reset () + { + Release(); + } + + void reset (T *pointer) + { + *this = SharedPtr (pointer); + } + + uint64 use_count () const + { + if (!UseCount) + return 0; + + return *UseCount; + } + + protected: + void CopyFrom (const SharedPtr &source) + { + Pointer = source.Pointer; + UseCount = source.UseCount; + + if (UseCount) + UseCount->Increment(); + } + + void Release () + { + if (UseCount != nullptr) + { + if (UseCount->Decrement() == 0) + { + if (Pointer != nullptr) + delete Pointer; + delete UseCount; + } + + Pointer = nullptr; + UseCount = nullptr; + } + } + + T *Pointer; + SharedVal *UseCount; + }; + +#ifdef shared_ptr +#undef shared_ptr +#endif +#define shared_ptr VeraCrypt::SharedPtr + +#ifdef make_shared +#undef make_shared +#endif + + template shared_ptr make_shared () + { + return shared_ptr (new T ()); + } + + template shared_ptr make_shared (const A &arg) + { + return shared_ptr (new T (arg)); + } + +#define make_shared VeraCrypt::make_shared + +} + +#endif // nullptr + +#define make_shared_auto(typeName,instanceName) shared_ptr instanceName (new typeName ()) + +#endif // TC_HEADER_Platform_SharedPtr diff --git a/src/Platform/SharedVal.h b/src/Platform/SharedVal.h index 1a1e98cc..ffdc7e84 100644 --- a/src/Platform/SharedVal.h +++ b/src/Platform/SharedVal.h @@ -8,68 +8,68 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_SharedVal -#define TC_HEADER_Platform_SharedVal - -#include "PlatformBase.h" -#include "Mutex.h" - -namespace VeraCrypt -{ - template - class SharedVal - { - public: - SharedVal () { } - explicit SharedVal (T value) : Value (value) { } - virtual ~SharedVal () { } - - operator T () - { - return Get (); - } - - T Decrement () - { - ValMutex.Lock(); - T r = --Value; - ValMutex.Unlock(); - return r; - } - - T Get () - { - ValMutex.Lock(); - T r = Value; - ValMutex.Unlock(); - return r; - } - - T Increment () - { - ValMutex.Lock(); - T r = ++Value; - ValMutex.Unlock(); - return r; - } - - void Set (T value) - { - ValMutex.Lock(); - Value = value; - ValMutex.Unlock(); - } - - protected: - volatile T Value; - Mutex ValMutex; - - private: - SharedVal (const SharedVal &); - SharedVal &operator= (const SharedVal &); - }; -} - -#endif // TC_HEADER_Platform_SharedVal +*/ + +#ifndef TC_HEADER_Platform_SharedVal +#define TC_HEADER_Platform_SharedVal + +#include "PlatformBase.h" +#include "Mutex.h" + +namespace VeraCrypt +{ + template + class SharedVal + { + public: + SharedVal () { } + explicit SharedVal (T value) : Value (value) { } + virtual ~SharedVal () { } + + operator T () + { + return Get (); + } + + T Decrement () + { + ValMutex.Lock(); + T r = --Value; + ValMutex.Unlock(); + return r; + } + + T Get () + { + ValMutex.Lock(); + T r = Value; + ValMutex.Unlock(); + return r; + } + + T Increment () + { + ValMutex.Lock(); + T r = ++Value; + ValMutex.Unlock(); + return r; + } + + void Set (T value) + { + ValMutex.Lock(); + Value = value; + ValMutex.Unlock(); + } + + protected: + volatile T Value; + Mutex ValMutex; + + private: + SharedVal (const SharedVal &); + SharedVal &operator= (const SharedVal &); + }; +} + +#endif // TC_HEADER_Platform_SharedVal diff --git a/src/Platform/Stream.h b/src/Platform/Stream.h index 3f2ddc2d..293a66f1 100644 --- a/src/Platform/Stream.h +++ b/src/Platform/Stream.h @@ -8,31 +8,31 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_Stream -#define TC_HEADER_Platform_Stream - -#include "PlatformBase.h" -#include "Buffer.h" - -namespace VeraCrypt -{ - class Stream - { - public: - virtual ~Stream () { } - virtual uint64 Read (const BufferPtr &buffer) = 0; - virtual void ReadCompleteBuffer (const BufferPtr &buffer) = 0; - virtual void Write (const ConstBufferPtr &data) = 0; - - protected: - Stream () { }; - - private: - Stream (const Stream &); - Stream &operator= (const Stream &); - }; -} - -#endif // TC_HEADER_Platform_Stream +*/ + +#ifndef TC_HEADER_Platform_Stream +#define TC_HEADER_Platform_Stream + +#include "PlatformBase.h" +#include "Buffer.h" + +namespace VeraCrypt +{ + class Stream + { + public: + virtual ~Stream () { } + virtual uint64 Read (const BufferPtr &buffer) = 0; + virtual void ReadCompleteBuffer (const BufferPtr &buffer) = 0; + virtual void Write (const ConstBufferPtr &data) = 0; + + protected: + Stream () { }; + + private: + Stream (const Stream &); + Stream &operator= (const Stream &); + }; +} + +#endif // TC_HEADER_Platform_Stream diff --git a/src/Platform/StringConverter.cpp b/src/Platform/StringConverter.cpp index 3e99e0f2..d5c17e88 100644 --- a/src/Platform/StringConverter.cpp +++ b/src/Platform/StringConverter.cpp @@ -8,412 +8,412 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifdef __GNUC__ -# include -#endif -#include -#include -#include "Buffer.h" -#include "Exception.h" -#include "ForEach.h" -#include "StringConverter.h" -#include "SystemException.h" - -namespace VeraCrypt -{ - void StringConverter::Erase (string &str) - { - for (size_t i = 0; i < str.size(); ++i) - { - str[i] = ' '; - } - } - - void StringConverter::Erase (wstring &str) - { - for (size_t i = 0; i < str.size(); ++i) - { - str[i] = ' '; - } - } - - wstring StringConverter::FromNumber (double number) - { - wstringstream s; - s << number; - return s.str(); - } - - wstring StringConverter::FromNumber (int32 number) - { - wstringstream s; - s << number; - return s.str(); - } - - wstring StringConverter::FromNumber (uint32 number) - { - wstringstream s; - s << number; - return s.str(); - } - - wstring StringConverter::FromNumber (int64 number) - { - wstringstream s; - s << number; - return s.str(); - } - - wstring StringConverter::FromNumber (uint64 number) - { - wstringstream s; - s << number; - return s.str(); - } - - string StringConverter::GetTrailingNumber (const string &str) - { - size_t start = str.find_last_not_of ("0123456789"); - if (start == string::npos) - return str; - - string s = str.substr (start + 1); - if (s.empty ()) - throw ParameterIncorrect (SRC_POS); - - return s; - } - - string StringConverter::GetTypeName (const type_info &typeInfo) - { - try - { -#ifdef _MSC_VER - // type_info::name() leaks memory as of MS VC++ 8.0 - string rawName (typeInfo.raw_name()); - - size_t cut1 = (rawName.find (".?A") != string::npos) ? 4 : string::npos; - size_t cut2 = rawName.find ("@"); - size_t cut3 = rawName.find ("@@"); - - if (cut1 == string::npos || cut2 == string::npos || cut3 == string::npos) - return typeInfo.name(); - - return rawName.substr (cut2 + 1, cut3 - cut2 - 1) + "::" + rawName.substr (cut1, cut2 - cut1); - -#elif defined (__GNUC__) - int status; - char *name = abi::__cxa_demangle (typeInfo.name(), nullptr, nullptr, &status); - - if (name) - { - string s (name); - free (name); - return s; - } -#endif - } - catch (...) { } - - return typeInfo.name(); - } - - wstring StringConverter::QuoteSpaces (const wstring &str) - { - if (str.find (L' ') == string::npos) - return str; - - wstring escaped (L"'"); - foreach (wchar_t c, str) - { - if (c == L'\'') - escaped += L'\''; - escaped += c; - } - return escaped + L'\''; - } - - vector StringConverter::Split (const string &str, const string &separators, bool returnEmptyFields) - { - vector elements; - - if (!returnEmptyFields) - { - size_t p = 0; - while ((p = str.find_first_not_of (separators, p)) != string::npos) - { - size_t end = str.find_first_of (separators, p); - if (end == string::npos) - { - elements.push_back (str.substr (p)); - break; - } - - elements.push_back (str.substr (p, end - p)); - p = end; - } - } - else - { - string element; - elements.push_back (element); - foreach (char c, str) - { - if (separators.find (c) != string::npos) - { - element.erase(); - elements.push_back (element); - } - else - { - elements.back() += c; - } - } - } - - return elements; - } - - string StringConverter::StripTrailingNumber (const string &str) - { - size_t start = str.find_last_not_of ("0123456789"); - if (start == string::npos) - return ""; - - return str.substr (0, start + 1); - } - - wstring StringConverter::ToExceptionString (const exception &ex) - { - const SystemException *sysEx = dynamic_cast (&ex); - if (sysEx) - return ToWide (sysEx->what()) + L": " + sysEx->SystemText() + L": " + sysEx->GetSubject(); - - if (ex.what() && !string (ex.what()).empty()) - return ToWide (GetTypeName (typeid (ex)) + ": " + ex.what()); - - return ToWide (GetTypeName (typeid (ex))); - } - - string StringConverter::ToLower (const string &str) - { - string s; - foreach (char c, str) - s += tolower (c, locale()); - return s; - } - - string StringConverter::ToSingle (const wstring &wstr, bool noThrow) - { - string str; - ToSingle (wstr, str, noThrow); - return str; - } - - void StringConverter::ToSingle (const wstring &wstr, string &str, bool noThrow) - { - try - { - mbstate_t mbState; - Memory::Zero (&mbState, sizeof (mbState)); - const wchar_t *src = wstr.c_str(); - - size_t size = wcsrtombs (nullptr, &src, 0, &mbState); - if (size == (size_t) -1) - throw StringConversionFailed (SRC_POS, wstr); - - vector buf (size + 1); - Memory::Zero (&mbState, sizeof (mbState)); - - if ((size = wcsrtombs (&buf[0], &src, buf.size(), &mbState)) == (size_t) -1) - throw StringConversionFailed (SRC_POS, wstr); - - str.clear(); - str.insert (0, &buf.front(), size); - Memory::Erase (&buf.front(), buf.size()); - } - catch (...) - { - if (!noThrow) - throw; - } - } - - uint32 StringConverter::ToUInt32 (const string &str) - { - uint32 n; - stringstream ss (str); - - ss >> n; - if (ss.fail() || n == 0xffffFFFFU) - throw ParameterIncorrect (SRC_POS); - - return n; - } - - uint32 StringConverter::ToUInt32 (const wstring &str) - { - uint32 n; - wstringstream ss (str); - - ss >> n; - if (ss.fail() || n == 0xffffFFFFU) - throw ParameterIncorrect (SRC_POS); - - return n; +*/ + +#ifdef __GNUC__ +# include +#endif +#include +#include +#include "Buffer.h" +#include "Exception.h" +#include "ForEach.h" +#include "StringConverter.h" +#include "SystemException.h" + +namespace VeraCrypt +{ + void StringConverter::Erase (string &str) + { + for (size_t i = 0; i < str.size(); ++i) + { + str[i] = ' '; + } + } + + void StringConverter::Erase (wstring &str) + { + for (size_t i = 0; i < str.size(); ++i) + { + str[i] = ' '; + } + } + + wstring StringConverter::FromNumber (double number) + { + wstringstream s; + s << number; + return s.str(); + } + + wstring StringConverter::FromNumber (int32 number) + { + wstringstream s; + s << number; + return s.str(); + } + + wstring StringConverter::FromNumber (uint32 number) + { + wstringstream s; + s << number; + return s.str(); + } + + wstring StringConverter::FromNumber (int64 number) + { + wstringstream s; + s << number; + return s.str(); } - int32 StringConverter::ToInt32 (const string &str) - { - int32 n; - stringstream ss (str); - - ss >> n; - if (ss.fail() || n == 0x7fffFFFF || n == -0x7fffFFFF) - throw ParameterIncorrect (SRC_POS); - - return n; - } - - int32 StringConverter::ToInt32 (const wstring &str) - { - int32 n; - wstringstream ss (str); - - ss >> n; - if (ss.fail() || n == 0x7fffFFFF || n == -0x7fffFFFF) - throw ParameterIncorrect (SRC_POS); - - return n; - } - - uint64 StringConverter::ToUInt64 (const string &str) - { - uint64 n; - stringstream ss (str); - - ss >> n; - if (ss.fail() || n == 0xffffFFFFffffFFFFULL) - throw ParameterIncorrect (SRC_POS); - - return n; - } - - uint64 StringConverter::ToUInt64 (const wstring &str) - { - uint64 n; - wstringstream ss (str); - - ss >> n; - if (ss.fail() || n == 0xffffFFFFffffFFFFULL) - throw ParameterIncorrect (SRC_POS); - - return n; + wstring StringConverter::FromNumber (uint64 number) + { + wstringstream s; + s << number; + return s.str(); + } + + string StringConverter::GetTrailingNumber (const string &str) + { + size_t start = str.find_last_not_of ("0123456789"); + if (start == string::npos) + return str; + + string s = str.substr (start + 1); + if (s.empty ()) + throw ParameterIncorrect (SRC_POS); + + return s; + } + + string StringConverter::GetTypeName (const type_info &typeInfo) + { + try + { +#ifdef _MSC_VER + // type_info::name() leaks memory as of MS VC++ 8.0 + string rawName (typeInfo.raw_name()); + + size_t cut1 = (rawName.find (".?A") != string::npos) ? 4 : string::npos; + size_t cut2 = rawName.find ("@"); + size_t cut3 = rawName.find ("@@"); + + if (cut1 == string::npos || cut2 == string::npos || cut3 == string::npos) + return typeInfo.name(); + + return rawName.substr (cut2 + 1, cut3 - cut2 - 1) + "::" + rawName.substr (cut1, cut2 - cut1); + +#elif defined (__GNUC__) + int status; + char *name = abi::__cxa_demangle (typeInfo.name(), nullptr, nullptr, &status); + + if (name) + { + string s (name); + free (name); + return s; + } +#endif + } + catch (...) { } + + return typeInfo.name(); + } + + wstring StringConverter::QuoteSpaces (const wstring &str) + { + if (str.find (L' ') == string::npos) + return str; + + wstring escaped (L"'"); + foreach (wchar_t c, str) + { + if (c == L'\'') + escaped += L'\''; + escaped += c; + } + return escaped + L'\''; + } + + vector StringConverter::Split (const string &str, const string &separators, bool returnEmptyFields) + { + vector elements; + + if (!returnEmptyFields) + { + size_t p = 0; + while ((p = str.find_first_not_of (separators, p)) != string::npos) + { + size_t end = str.find_first_of (separators, p); + if (end == string::npos) + { + elements.push_back (str.substr (p)); + break; + } + + elements.push_back (str.substr (p, end - p)); + p = end; + } + } + else + { + string element; + elements.push_back (element); + foreach (char c, str) + { + if (separators.find (c) != string::npos) + { + element.erase(); + elements.push_back (element); + } + else + { + elements.back() += c; + } + } + } + + return elements; + } + + string StringConverter::StripTrailingNumber (const string &str) + { + size_t start = str.find_last_not_of ("0123456789"); + if (start == string::npos) + return ""; + + return str.substr (0, start + 1); + } + + wstring StringConverter::ToExceptionString (const exception &ex) + { + const SystemException *sysEx = dynamic_cast (&ex); + if (sysEx) + return ToWide (sysEx->what()) + L": " + sysEx->SystemText() + L": " + sysEx->GetSubject(); + + if (ex.what() && !string (ex.what()).empty()) + return ToWide (GetTypeName (typeid (ex)) + ": " + ex.what()); + + return ToWide (GetTypeName (typeid (ex))); + } + + string StringConverter::ToLower (const string &str) + { + string s; + foreach (char c, str) + s += tolower (c, locale()); + return s; + } + + string StringConverter::ToSingle (const wstring &wstr, bool noThrow) + { + string str; + ToSingle (wstr, str, noThrow); + return str; + } + + void StringConverter::ToSingle (const wstring &wstr, string &str, bool noThrow) + { + try + { + mbstate_t mbState; + Memory::Zero (&mbState, sizeof (mbState)); + const wchar_t *src = wstr.c_str(); + + size_t size = wcsrtombs (nullptr, &src, 0, &mbState); + if (size == (size_t) -1) + throw StringConversionFailed (SRC_POS, wstr); + + vector buf (size + 1); + Memory::Zero (&mbState, sizeof (mbState)); + + if ((size = wcsrtombs (&buf[0], &src, buf.size(), &mbState)) == (size_t) -1) + throw StringConversionFailed (SRC_POS, wstr); + + str.clear(); + str.insert (0, &buf.front(), size); + Memory::Erase (&buf.front(), buf.size()); + } + catch (...) + { + if (!noThrow) + throw; + } } - int64 StringConverter::ToInt64 (const string &str) - { - int64 n; - stringstream ss (str); - - ss >> n; - if (ss.fail() || n == 0x7fffFFFFffffFFFFLL || n == -0x7fffFFFFffffFFFFLL) - throw ParameterIncorrect (SRC_POS); - - return n; - } - - int64 StringConverter::ToInt64 (const wstring &str) - { - int64 n; - wstringstream ss (str); - - ss >> n; - if (ss.fail() || n == 0x7fffFFFFffffFFFFLL || n == -0x7fffFFFFffffFFFFLL) - throw ParameterIncorrect (SRC_POS); - - return n; - } - - string StringConverter::ToUpper (const string &str) - { - string s; - foreach (char c, str) - s += toupper (c, locale()); - return s; - } - - wstring StringConverter::ToWide (const string &str, bool noThrow) - { - try - { - mbstate_t mbState; - Memory::Zero (&mbState, sizeof (mbState)); - const char *src = str.c_str(); - - size_t size = mbsrtowcs (nullptr, &src, 0, &mbState); - if (size == (size_t) -1) - throw StringConversionFailed (SRC_POS); - - vector buf (size + 1); - Memory::Zero (&mbState, sizeof (mbState)); - - if ((size = mbsrtowcs (&buf[0], &src, buf.size(), &mbState)) == (size_t) -1) - throw StringConversionFailed (SRC_POS); - - wstring s; - s.insert (s.begin(), buf.begin(), buf.begin() + size); - return s; - } - catch (...) - { - if (noThrow) - return L""; - throw; - } - } - - void StringConverter::ToWideBuffer (const wstring &str, wchar_t *buffer, size_t bufferSize) - { - if (str.length() < 1) - { - buffer[0] = 0; - return; - } - - BufferPtr ( - (byte *) buffer, - bufferSize).CopyFrom ( - ConstBufferPtr ((byte *) (wstring (str).c_str()), - (str.length() + 1) * sizeof (wchar_t) - ) - ); - } - - string StringConverter::Trim (const string &str) - { - size_t start = 0; - size_t end = str.size(); - if (end < 1) - return str; - - foreach (char c, str) - { - if (c > ' ') - break; - ++start; - } - - foreach_reverse (char c, str) - { - if (c > ' ') - break; - --end; - } - - return str.substr (start, end - start); - } -} + uint32 StringConverter::ToUInt32 (const string &str) + { + uint32 n; + stringstream ss (str); + + ss >> n; + if (ss.fail() || n == 0xffffFFFFU) + throw ParameterIncorrect (SRC_POS); + + return n; + } + + uint32 StringConverter::ToUInt32 (const wstring &str) + { + uint32 n; + wstringstream ss (str); + + ss >> n; + if (ss.fail() || n == 0xffffFFFFU) + throw ParameterIncorrect (SRC_POS); + + return n; + } + + int32 StringConverter::ToInt32 (const string &str) + { + int32 n; + stringstream ss (str); + + ss >> n; + if (ss.fail() || n == 0x7fffFFFF || n == -0x7fffFFFF) + throw ParameterIncorrect (SRC_POS); + + return n; + } + + int32 StringConverter::ToInt32 (const wstring &str) + { + int32 n; + wstringstream ss (str); + + ss >> n; + if (ss.fail() || n == 0x7fffFFFF || n == -0x7fffFFFF) + throw ParameterIncorrect (SRC_POS); + + return n; + } + + uint64 StringConverter::ToUInt64 (const string &str) + { + uint64 n; + stringstream ss (str); + + ss >> n; + if (ss.fail() || n == 0xffffFFFFffffFFFFULL) + throw ParameterIncorrect (SRC_POS); + + return n; + } + + uint64 StringConverter::ToUInt64 (const wstring &str) + { + uint64 n; + wstringstream ss (str); + + ss >> n; + if (ss.fail() || n == 0xffffFFFFffffFFFFULL) + throw ParameterIncorrect (SRC_POS); + + return n; + } + + int64 StringConverter::ToInt64 (const string &str) + { + int64 n; + stringstream ss (str); + + ss >> n; + if (ss.fail() || n == 0x7fffFFFFffffFFFFLL || n == -0x7fffFFFFffffFFFFLL) + throw ParameterIncorrect (SRC_POS); + + return n; + } + + int64 StringConverter::ToInt64 (const wstring &str) + { + int64 n; + wstringstream ss (str); + + ss >> n; + if (ss.fail() || n == 0x7fffFFFFffffFFFFLL || n == -0x7fffFFFFffffFFFFLL) + throw ParameterIncorrect (SRC_POS); + + return n; + } + + string StringConverter::ToUpper (const string &str) + { + string s; + foreach (char c, str) + s += toupper (c, locale()); + return s; + } + + wstring StringConverter::ToWide (const string &str, bool noThrow) + { + try + { + mbstate_t mbState; + Memory::Zero (&mbState, sizeof (mbState)); + const char *src = str.c_str(); + + size_t size = mbsrtowcs (nullptr, &src, 0, &mbState); + if (size == (size_t) -1) + throw StringConversionFailed (SRC_POS); + + vector buf (size + 1); + Memory::Zero (&mbState, sizeof (mbState)); + + if ((size = mbsrtowcs (&buf[0], &src, buf.size(), &mbState)) == (size_t) -1) + throw StringConversionFailed (SRC_POS); + + wstring s; + s.insert (s.begin(), buf.begin(), buf.begin() + size); + return s; + } + catch (...) + { + if (noThrow) + return L""; + throw; + } + } + + void StringConverter::ToWideBuffer (const wstring &str, wchar_t *buffer, size_t bufferSize) + { + if (str.length() < 1) + { + buffer[0] = 0; + return; + } + + BufferPtr ( + (byte *) buffer, + bufferSize).CopyFrom ( + ConstBufferPtr ((byte *) (wstring (str).c_str()), + (str.length() + 1) * sizeof (wchar_t) + ) + ); + } + + string StringConverter::Trim (const string &str) + { + size_t start = 0; + size_t end = str.size(); + if (end < 1) + return str; + + foreach (char c, str) + { + if (c > ' ') + break; + ++start; + } + + foreach_reverse (char c, str) + { + if (c > ' ') + break; + --end; + } + + return str.substr (start, end - start); + } +} diff --git a/src/Platform/StringConverter.h b/src/Platform/StringConverter.h index 13d61f53..6c412437 100644 --- a/src/Platform/StringConverter.h +++ b/src/Platform/StringConverter.h @@ -8,61 +8,61 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_StringConverter -#define TC_HEADER_Platform_StringConverter - -#include -#include "PlatformBase.h" - -namespace VeraCrypt -{ - class StringConverter - { - public: - static void Erase (string &str); - static void Erase (wstring &str); - static wstring FromNumber (double number); - static wstring FromNumber (int32 number); - static wstring FromNumber (uint32 number); - static wstring FromNumber (int64 number); - static wstring FromNumber (uint64 number); - static string GetTrailingNumber (const string &str); - static string GetTypeName (const type_info &typeInfo); - static wstring QuoteSpaces (const wstring &str); - static vector Split (const string &str, const string &separators = " \t\r\n", bool returnEmptyFields = false); - static string StripTrailingNumber (const string &str); - static wstring ToExceptionString (const exception &ex); - static string ToLower (const string &str); - static uint32 ToUInt32 (const string &str); +*/ + +#ifndef TC_HEADER_Platform_StringConverter +#define TC_HEADER_Platform_StringConverter + +#include +#include "PlatformBase.h" + +namespace VeraCrypt +{ + class StringConverter + { + public: + static void Erase (string &str); + static void Erase (wstring &str); + static wstring FromNumber (double number); + static wstring FromNumber (int32 number); + static wstring FromNumber (uint32 number); + static wstring FromNumber (int64 number); + static wstring FromNumber (uint64 number); + static string GetTrailingNumber (const string &str); + static string GetTypeName (const type_info &typeInfo); + static wstring QuoteSpaces (const wstring &str); + static vector Split (const string &str, const string &separators = " \t\r\n", bool returnEmptyFields = false); + static string StripTrailingNumber (const string &str); + static wstring ToExceptionString (const exception &ex); + static string ToLower (const string &str); + static uint32 ToUInt32 (const string &str); static uint32 ToUInt32 (const wstring &str); - static int32 ToInt32 (const string &str); - static int32 ToInt32 (const wstring &str); - static uint64 ToUInt64 (const string &str); + static int32 ToInt32 (const string &str); + static int32 ToInt32 (const wstring &str); + static uint64 ToUInt64 (const string &str); static uint64 ToUInt64 (const wstring &str); - static int64 ToInt64 (const string &str); - static int64 ToInt64 (const wstring &str); - static string ToSingle (double number) { return ToSingle (FromNumber (number)); } - static string ToSingle (int32 number) { return ToSingle (FromNumber (number)); } - static string ToSingle (uint32 number) { return ToSingle (FromNumber (number)); } - static string ToSingle (int64 number) { return ToSingle (FromNumber (number)); } - static string ToSingle (uint64 number) { return ToSingle (FromNumber (number)); } - static string ToSingle (const wstring &wstr, bool noThrow = false); - static void ToSingle (const wstring &wstr, string &str, bool noThrow = false); - static string ToUpper (const string &str); - static wstring ToWide (double number) { return FromNumber (number); } - static wstring ToWide (int32 number) { return FromNumber (number); } - static wstring ToWide (uint32 number) { return FromNumber (number); } - static wstring ToWide (int64 number) { return FromNumber (number); } - static wstring ToWide (uint64 number) { return FromNumber (number); } - static wstring ToWide (const string &str, bool noThrow = false); - static void ToWideBuffer (const wstring &str, wchar_t *buffer, size_t bufferSize); - static string Trim (const string &str); - - private: - StringConverter (); - }; -} - -#endif // TC_HEADER_Platform_StringConverter + static int64 ToInt64 (const string &str); + static int64 ToInt64 (const wstring &str); + static string ToSingle (double number) { return ToSingle (FromNumber (number)); } + static string ToSingle (int32 number) { return ToSingle (FromNumber (number)); } + static string ToSingle (uint32 number) { return ToSingle (FromNumber (number)); } + static string ToSingle (int64 number) { return ToSingle (FromNumber (number)); } + static string ToSingle (uint64 number) { return ToSingle (FromNumber (number)); } + static string ToSingle (const wstring &wstr, bool noThrow = false); + static void ToSingle (const wstring &wstr, string &str, bool noThrow = false); + static string ToUpper (const string &str); + static wstring ToWide (double number) { return FromNumber (number); } + static wstring ToWide (int32 number) { return FromNumber (number); } + static wstring ToWide (uint32 number) { return FromNumber (number); } + static wstring ToWide (int64 number) { return FromNumber (number); } + static wstring ToWide (uint64 number) { return FromNumber (number); } + static wstring ToWide (const string &str, bool noThrow = false); + static void ToWideBuffer (const wstring &str, wchar_t *buffer, size_t bufferSize); + static string Trim (const string &str); + + private: + StringConverter (); + }; +} + +#endif // TC_HEADER_Platform_StringConverter diff --git a/src/Platform/SyncEvent.h b/src/Platform/SyncEvent.h index cc46e2c8..cea6610c 100644 --- a/src/Platform/SyncEvent.h +++ b/src/Platform/SyncEvent.h @@ -8,44 +8,44 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_SyncEvent -#define TC_HEADER_Platform_SyncEvent - -#ifdef TC_WINDOWS -# include "System.h" -#else -# include -#endif -#include "PlatformBase.h" -#include "Mutex.h" - -namespace VeraCrypt -{ - class SyncEvent - { - public: - SyncEvent (); - ~SyncEvent (); - - void Signal (); - void Wait (); - - protected: - bool Initialized; -#ifdef TC_WINDOWS - HANDLE SystemSyncEvent; -#else - volatile bool Signaled; - pthread_cond_t SystemSyncEvent; - Mutex EventMutex; -#endif - - private: - SyncEvent (const SyncEvent &); - SyncEvent &operator= (const SyncEvent &); - }; -} - -#endif // TC_HEADER_Platform_SyncEvent +*/ + +#ifndef TC_HEADER_Platform_SyncEvent +#define TC_HEADER_Platform_SyncEvent + +#ifdef TC_WINDOWS +# include "System.h" +#else +# include +#endif +#include "PlatformBase.h" +#include "Mutex.h" + +namespace VeraCrypt +{ + class SyncEvent + { + public: + SyncEvent (); + ~SyncEvent (); + + void Signal (); + void Wait (); + + protected: + bool Initialized; +#ifdef TC_WINDOWS + HANDLE SystemSyncEvent; +#else + volatile bool Signaled; + pthread_cond_t SystemSyncEvent; + Mutex EventMutex; +#endif + + private: + SyncEvent (const SyncEvent &); + SyncEvent &operator= (const SyncEvent &); + }; +} + +#endif // TC_HEADER_Platform_SyncEvent diff --git a/src/Platform/System.h b/src/Platform/System.h index 7cb79715..85385d85 100644 --- a/src/Platform/System.h +++ b/src/Platform/System.h @@ -8,13 +8,13 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_System -#define TC_HEADER_Platform_System - -#ifdef TC_WINDOWS -#include "Windows/System.h" -#endif - -#endif // TC_HEADER_Platform_System +*/ + +#ifndef TC_HEADER_Platform_System +#define TC_HEADER_Platform_System + +#ifdef TC_WINDOWS +#include "Windows/System.h" +#endif + +#endif // TC_HEADER_Platform_System diff --git a/src/Platform/SystemException.h b/src/Platform/SystemException.h index aac5856e..f4e6e9ab 100644 --- a/src/Platform/SystemException.h +++ b/src/Platform/SystemException.h @@ -8,43 +8,43 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_SystemException -#define TC_HEADER_Platform_SystemException - -#include "PlatformBase.h" -#include "Exception.h" - -namespace VeraCrypt -{ - class SystemException : public Exception - { - public: - SystemException (); - SystemException (const string &message); - SystemException (const string &message, const string &subject); - SystemException (const string &message, const wstring &subject); - SystemException (const string &message, int64 errorCode) - : Exception (message), ErrorCode (errorCode) { } - virtual ~SystemException () throw () { } - - TC_SERIALIZABLE_EXCEPTION (SystemException); - - int64 GetErrorCode () const { return ErrorCode; } - bool IsError () const; - wstring SystemText () const; - - protected: - int64 ErrorCode; - }; - -#undef TC_EXCEPTION_SET -#define TC_EXCEPTION_SET \ - TC_EXCEPTION_NODECL (SystemException); -} - -#define throw_sys_if(condition) do { if (condition) throw SystemException (SRC_POS); } while (false) -#define throw_sys_sub_if(condition,subject) do { if (condition) throw SystemException (SRC_POS, (subject)); } while (false) - -#endif // TC_HEADER_Platform_SystemException +*/ + +#ifndef TC_HEADER_Platform_SystemException +#define TC_HEADER_Platform_SystemException + +#include "PlatformBase.h" +#include "Exception.h" + +namespace VeraCrypt +{ + class SystemException : public Exception + { + public: + SystemException (); + SystemException (const string &message); + SystemException (const string &message, const string &subject); + SystemException (const string &message, const wstring &subject); + SystemException (const string &message, int64 errorCode) + : Exception (message), ErrorCode (errorCode) { } + virtual ~SystemException () throw () { } + + TC_SERIALIZABLE_EXCEPTION (SystemException); + + int64 GetErrorCode () const { return ErrorCode; } + bool IsError () const; + wstring SystemText () const; + + protected: + int64 ErrorCode; + }; + +#undef TC_EXCEPTION_SET +#define TC_EXCEPTION_SET \ + TC_EXCEPTION_NODECL (SystemException); +} + +#define throw_sys_if(condition) do { if (condition) throw SystemException (SRC_POS); } while (false) +#define throw_sys_sub_if(condition,subject) do { if (condition) throw SystemException (SRC_POS, (subject)); } while (false) + +#endif // TC_HEADER_Platform_SystemException diff --git a/src/Platform/SystemInfo.h b/src/Platform/SystemInfo.h index 88412045..d8b29b77 100644 --- a/src/Platform/SystemInfo.h +++ b/src/Platform/SystemInfo.h @@ -8,25 +8,25 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_SystemInfo -#define TC_HEADER_Platform_SystemInfo - -#include "PlatformBase.h" - -namespace VeraCrypt -{ - class SystemInfo - { - public: - static wstring GetPlatformName (); - static vector GetVersion (); - static bool IsVersionAtLeast (int versionNumber1, int versionNumber2, int versionNumber3 = 0); - - protected: - SystemInfo (); - }; -} - -#endif // TC_HEADER_Platform_SystemInfo +*/ + +#ifndef TC_HEADER_Platform_SystemInfo +#define TC_HEADER_Platform_SystemInfo + +#include "PlatformBase.h" + +namespace VeraCrypt +{ + class SystemInfo + { + public: + static wstring GetPlatformName (); + static vector GetVersion (); + static bool IsVersionAtLeast (int versionNumber1, int versionNumber2, int versionNumber3 = 0); + + protected: + SystemInfo (); + }; +} + +#endif // TC_HEADER_Platform_SystemInfo diff --git a/src/Platform/SystemLog.h b/src/Platform/SystemLog.h index 41abc7be..eea7783f 100644 --- a/src/Platform/SystemLog.h +++ b/src/Platform/SystemLog.h @@ -8,39 +8,39 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_SystemLog -#define TC_HEADER_Platform_SystemLog - -#include "Platform/PlatformBase.h" -#include "Platform/StringConverter.h" - -namespace VeraCrypt -{ - class SystemLog - { - public: - static void WriteDebug (const string &debugMessage); - static void WriteError (const string &errorMessage); - - static void WriteException (const exception &ex) - { - WriteError (string ("exception: ") + StringConverter::ToSingle (StringConverter::ToExceptionString (ex))); - } - - protected: - SystemLog (); - }; - -#ifdef DEBUG -# define tracelog_point do { stringstream s; s << (SRC_POS); SystemLog::WriteError (s.str()); } while (false) -# define tracelog_msg(stream_args) do { stringstream s; s << (SRC_POS) << ": " << stream_args; SystemLog::WriteError (s.str()); } while (false) -#else -# define tracelog_point -# define tracelog_msg(stream_args) while (false) { stringstream s; s << stream_args; } -#endif - -} - -#endif // TC_HEADER_Platform_SystemLog +*/ + +#ifndef TC_HEADER_Platform_SystemLog +#define TC_HEADER_Platform_SystemLog + +#include "Platform/PlatformBase.h" +#include "Platform/StringConverter.h" + +namespace VeraCrypt +{ + class SystemLog + { + public: + static void WriteDebug (const string &debugMessage); + static void WriteError (const string &errorMessage); + + static void WriteException (const exception &ex) + { + WriteError (string ("exception: ") + StringConverter::ToSingle (StringConverter::ToExceptionString (ex))); + } + + protected: + SystemLog (); + }; + +#ifdef DEBUG +# define tracelog_point do { stringstream s; s << (SRC_POS); SystemLog::WriteError (s.str()); } while (false) +# define tracelog_msg(stream_args) do { stringstream s; s << (SRC_POS) << ": " << stream_args; SystemLog::WriteError (s.str()); } while (false) +#else +# define tracelog_point +# define tracelog_msg(stream_args) while (false) { stringstream s; s << stream_args; } +#endif + +} + +#endif // TC_HEADER_Platform_SystemLog diff --git a/src/Platform/TextReader.cpp b/src/Platform/TextReader.cpp index 91f9ed09..dcb1cd16 100644 --- a/src/Platform/TextReader.cpp +++ b/src/Platform/TextReader.cpp @@ -8,34 +8,34 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#include "TextReader.h" - -namespace VeraCrypt -{ - TextReader::TextReader (const FilePath &path) - { - InputFile.reset (new File); - InputFile->Open (path); - InputStream = shared_ptr (new FileStream (InputFile)); - } - - bool TextReader::ReadLine (string &outputString) - { - outputString.erase(); - - char c; - while (InputStream->Read (BufferPtr ((byte *) &c, sizeof (c))) == sizeof (c)) - { - if (c == '\r') - continue; - - if (c == '\n') - return true; - - outputString += c; - } - return !outputString.empty(); - } -} +*/ + +#include "TextReader.h" + +namespace VeraCrypt +{ + TextReader::TextReader (const FilePath &path) + { + InputFile.reset (new File); + InputFile->Open (path); + InputStream = shared_ptr (new FileStream (InputFile)); + } + + bool TextReader::ReadLine (string &outputString) + { + outputString.erase(); + + char c; + while (InputStream->Read (BufferPtr ((byte *) &c, sizeof (c))) == sizeof (c)) + { + if (c == '\r') + continue; + + if (c == '\n') + return true; + + outputString += c; + } + return !outputString.empty(); + } +} diff --git a/src/Platform/TextReader.h b/src/Platform/TextReader.h index bd866bcd..91006df6 100644 --- a/src/Platform/TextReader.h +++ b/src/Platform/TextReader.h @@ -8,32 +8,32 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_TextReader -#define TC_HEADER_Platform_TextReader - -#include "PlatformBase.h" -#include "FileStream.h" -#include "FilesystemPath.h" -#include "SharedPtr.h" -#include "Stream.h" - -namespace VeraCrypt -{ - class TextReader - { - public: - TextReader (const FilePath &path); - TextReader (shared_ptr stream) : InputStream (stream) { } - virtual ~TextReader () { } - - virtual bool ReadLine (string &outputString); - - protected: - shared_ptr InputFile; - shared_ptr InputStream; - }; -} - -#endif // TC_HEADER_Platform_TextReader +*/ + +#ifndef TC_HEADER_Platform_TextReader +#define TC_HEADER_Platform_TextReader + +#include "PlatformBase.h" +#include "FileStream.h" +#include "FilesystemPath.h" +#include "SharedPtr.h" +#include "Stream.h" + +namespace VeraCrypt +{ + class TextReader + { + public: + TextReader (const FilePath &path); + TextReader (shared_ptr stream) : InputStream (stream) { } + virtual ~TextReader () { } + + virtual bool ReadLine (string &outputString); + + protected: + shared_ptr InputFile; + shared_ptr InputStream; + }; +} + +#endif // TC_HEADER_Platform_TextReader diff --git a/src/Platform/Thread.h b/src/Platform/Thread.h index c9f462e1..4ec73e5e 100644 --- a/src/Platform/Thread.h +++ b/src/Platform/Thread.h @@ -8,71 +8,71 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_Thread -#define TC_HEADER_Platform_Thread - -#ifdef TC_WINDOWS -# include "System.h" -# define TC_THREAD_PROC DWORD WINAPI -#else -# include -# define TC_THREAD_PROC void* -#endif -#include "PlatformBase.h" -#include "Functor.h" -#include "SharedPtr.h" -#include "SyncEvent.h" - -namespace VeraCrypt -{ - class Thread - { - public: -#ifdef TC_WINDOWS - typedef HANDLE ThreadSystemHandle; - typedef LPTHREAD_START_ROUTINE ThreadProcPtr; -#else - typedef pthread_t ThreadSystemHandle; - typedef void* (*ThreadProcPtr) (void *); -#endif - Thread () { }; - virtual ~Thread () { }; - - void Join () const; - void Start (ThreadProcPtr threadProc, void *parameter = nullptr); - - void Start (Functor *functor) - { - Start (Thread::FunctorEntry, (void *)functor); - } - - static void Sleep (uint32 milliSeconds); - - protected: - static TC_THREAD_PROC FunctorEntry (void *functorArg) - { - Functor *functor = (Functor *) functorArg; - try - { - (*functor) (); - } - catch (...) { } - - delete functor; - return 0; - } - - static const size_t MinThreadStackSize = 1024 * 1024; - - ThreadSystemHandle SystemHandle; - - private: - Thread (const Thread &); - Thread &operator= (const Thread &); - }; - -} - -#endif // TC_HEADER_Platform_Thread +*/ + +#ifndef TC_HEADER_Platform_Thread +#define TC_HEADER_Platform_Thread + +#ifdef TC_WINDOWS +# include "System.h" +# define TC_THREAD_PROC DWORD WINAPI +#else +# include +# define TC_THREAD_PROC void* +#endif +#include "PlatformBase.h" +#include "Functor.h" +#include "SharedPtr.h" +#include "SyncEvent.h" + +namespace VeraCrypt +{ + class Thread + { + public: +#ifdef TC_WINDOWS + typedef HANDLE ThreadSystemHandle; + typedef LPTHREAD_START_ROUTINE ThreadProcPtr; +#else + typedef pthread_t ThreadSystemHandle; + typedef void* (*ThreadProcPtr) (void *); +#endif + Thread () { }; + virtual ~Thread () { }; + + void Join () const; + void Start (ThreadProcPtr threadProc, void *parameter = nullptr); + + void Start (Functor *functor) + { + Start (Thread::FunctorEntry, (void *)functor); + } + + static void Sleep (uint32 milliSeconds); + + protected: + static TC_THREAD_PROC FunctorEntry (void *functorArg) + { + Functor *functor = (Functor *) functorArg; + try + { + (*functor) (); + } + catch (...) { } + + delete functor; + return 0; + } + + static const size_t MinThreadStackSize = 1024 * 1024; + + ThreadSystemHandle SystemHandle; + + private: + Thread (const Thread &); + Thread &operator= (const Thread &); + }; + +} + +#endif // TC_HEADER_Platform_Thread diff --git a/src/Platform/Time.h b/src/Platform/Time.h index 6acd79af..9fade923 100644 --- a/src/Platform/Time.h +++ b/src/Platform/Time.h @@ -8,27 +8,27 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_Time -#define TC_HEADER_Platform_Time - -#include "PlatformBase.h" - -namespace VeraCrypt -{ - class Time - { - public: - Time () { } - virtual ~Time () { } - - static uint64 GetCurrent (); // Returns time in hundreds of nanoseconds since 1601/01/01 - - private: - Time (const Time &); - Time &operator= (const Time &); - }; -} - -#endif // TC_HEADER_Platform_Time +*/ + +#ifndef TC_HEADER_Platform_Time +#define TC_HEADER_Platform_Time + +#include "PlatformBase.h" + +namespace VeraCrypt +{ + class Time + { + public: + Time () { } + virtual ~Time () { } + + static uint64 GetCurrent (); // Returns time in hundreds of nanoseconds since 1601/01/01 + + private: + Time (const Time &); + Time &operator= (const Time &); + }; +} + +#endif // TC_HEADER_Platform_Time diff --git a/src/Platform/User.h b/src/Platform/User.h index d53f1c91..34c00527 100644 --- a/src/Platform/User.h +++ b/src/Platform/User.h @@ -8,29 +8,29 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifndef TC_HEADER_Platform_User -#define TC_HEADER_Platform_User - -#include "PlatformBase.h" - -#ifdef TC_UNIX -#include -#include -#endif - -namespace VeraCrypt -{ - struct UserId - { - UserId () { } -#ifdef TC_UNIX - UserId (uid_t systemId) : SystemId (systemId) { } - - uid_t SystemId; -#endif - }; -} - -#endif // TC_HEADER_Platform_User +*/ + +#ifndef TC_HEADER_Platform_User +#define TC_HEADER_Platform_User + +#include "PlatformBase.h" + +#ifdef TC_UNIX +#include +#include +#endif + +namespace VeraCrypt +{ + struct UserId + { + UserId () { } +#ifdef TC_UNIX + UserId (uid_t systemId) : SystemId (systemId) { } + + uid_t SystemId; +#endif + }; +} + +#endif // TC_HEADER_Platform_User diff --git a/src/Readme.txt b/src/Readme.txt index 02864800..faf1683f 100644 --- a/src/Readme.txt +++ b/src/Readme.txt @@ -1,265 +1,265 @@ -This archive contains the source code of VeraCrypt. -It is based on original TrueCrypt 7.1a with security enhancements and modifications. - - -Important -========= - -You may use the source code contained in this archive only if you accept and -agree to the license terms contained in the file 'License.txt', which is -included in this archive. - -Note that the license specifies, for example, that a derived work must not be -called 'TrueCrypt' or 'VeraCrypt' - - - -Contents -======== - -I. Windows - Requirements for Building VeraCrypt for Windows - Instructions for Building VeraCrypt for Windows - Instructions for Signing and Packaging VeraCrypt for Windows - -II. Linux and Mac OS X - Requirements for Building VeraCrypt for Linux and Mac OS X - Instructions for Building VeraCrypt for Linux and Mac OS X - Mac OS X specifics - -III. FreeBSD and OpenSolaris - -IV. Third-Party Developers (Contributors) - -V. Legal Information - -VI. Further Information - - - -I. Windows -========== - -Requirements for Building VeraCrypt for Windows: ------------------------------------------------- - -- Microsoft Visual C++ 2008 SP1 (Professional Edition or compatible) -- Microsoft Visual C++ 1.52 (available from MSDN Subscriber Downloads) -- Microsoft Windows SDK for Windows 7 (configured for Visual C++) -- Microsoft Windows SDK for Windows 8.1 (needed for SHA-256 code signing) -- Microsoft Windows Driver Kit 7.1.0 (build 7600.16385.1) -- RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20 - header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20) -- NASM assembler 2.08 or compatible -- gzip compressor -- upx packer (available at http://upx.sourceforge.net/) - -IMPORTANT: - -The 64-bit editions of Windows Vista and later versions of Windows, and in -some cases (e.g. playback of HD DVD content) also the 32-bit editions, do not -allow the VeraCrypt driver to run without an appropriate digital signature. -Therefore, all .sys files in official VeraCrypt binary packages are digitally -signed with the digital certificate of the IDRIX, which was -issued by Thawte certification authority. At the end of each official .exe and -.sys file, there are embedded digital signatures and all related certificates -(i.e. all certificates in the relevant certification chain, such as the -certification authority certificates, CA-MS cross-certificate, and the -IDRIX certificate). -Keep this in mind if you compile VeraCrypt -and compare your binaries with the official binaries. If your binaries are -unsigned, the sizes of the official binaries will usually be approximately -10 KB greater than sizes of your binaries (there may be further differences -if you use a different version of the compiler, or if you install a different -or no service pack for Visual Studio, or different hotfixes for it, or if you -use different versions of the required SDKs). - - -Instructions for Building VeraCrypt for Windows: ------------------------------------------------- - -1) Create an environment variable 'MSVC16_ROOT' pointing to the folder 'MSVC15' - extracted from the Visual C++ 1.52 self-extracting package. - - Note: The 16-bit installer MSVC15\SETUP.EXE cannot be run on 64-bit Windows, - but it is actually not necessary to run it. You only need to extract the - folder 'MSVC15', which contains the 32-bit binaries required to build the - VeraCrypt Boot Loader. - -2) If you have installed the Windows Driver Development Kit in another - directory than '%SYSTEMDRIVE%\WinDDK', create an environment variable - 'WINDDK_ROOT' pointing to the DDK installation directory. - -3) Copy the PKCS #11 header files to a standard include path or create an - environment variable 'PKCS11_INC' pointing to the directory where - the PKCS #11 header files are installed. - -4) Open the solution file 'VeraCrypt.sln' in Microsoft Visual Studio 2008. - -5) Select 'All' as the active solution configuration. - -6) Build the solution. - -7) If successful, there should be newly built VeraCrypt binaries in the - 'Release' folder. - -Instructions for Signing and Packaging VeraCrypt for Windows: -------------------------------------------------------------- - -First, create an environment variable 'WSDK81' pointing to the Windows SDK -for Windows 8.1 installation directory. -The folder "Signing" contains a batch file (sign.bat) that will sign all -VeraCrypt components using a code signing certificate present on the -certificate store and also build the final installation setup. -The batch file suppose that the code signing certificate is issued by Thawt. -This is the case for IDRIX's certificate. If yours is issued by another CA, -then you should put the Root and Intermediate certificates in the "Signing" -folder and then modify sign.bat accordingly. - - -II. Linux and Mac OS X -====================== - -Requirements for Building VeraCrypt for Linux and Mac OS X: ------------------------------------------------------------ - -- GNU Make -- GNU C++ Compiler 4.0 or compatible -- Apple Xcode (Mac OS X only) -- NASM assembler 2.08 or compatible (x86/x64 architecture only) -- pkg-config -- makeself (Linux only) -- wxWidgets 3.0 shared library and header files installed or - wxWidgets 3.0 library source code (available at http://www.wxwidgets.org) -- FUSE library and header files (available at https://github.com/libfuse/libfuse - and https://osxfuse.github.io/) -- RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20 - header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20). - They are already included in the source tree under the directory PKCS11 but - it is possible to override it using the environment variable 'PKCS11_INC'. - - -Instructions for Building VeraCrypt for Linux and Mac OS X: ------------------------------------------------------------ - -1) Change the current directory to the root of the VeraCrypt source code. - -2) If you have no wxWidgets shared library installed, run the following - command to configure the wxWidgets static library for VeraCrypt and to - build it: - - $ make WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild - - The variable WX_ROOT must point to the location of the source code of the - wxWidgets library. Output files will be placed in the './wxrelease/' - directory. - -3) To build VeraCrypt, run the following command: - - $ make - - or if you have no wxWidgets shared library installed: - - $ make WXSTATIC=1 - -4) If successful, the VeraCrypt executable should be located in the directory - 'Main'. - -By default, a universal executable supporting both graphical and text user -interface (through the switch --text) is built. -On Linux, a console-only executable, which requires no GUI library, can be -built using the 'NOGUI' parameter: - - $ make NOGUI=1 WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild - $ make NOGUI=1 WXSTATIC=1 - -On MacOSX, building a console-only executable is not supported. - -Mac OS X specifics: ------------------------------------------------------------ - -Under MacOSX, the SDK for OSX 10.7 is used by default. To use another version -of the SDK (i.e. 10.6), you can export the environment variable VC_OSX_TARGET: - - $ export VC_OSX_TARGET=10.6 - - -Before building under MacOSX, pkg-config must be installed if not yet available. -Get it from http://pkgconfig.freedesktop.org/releases/pkg-config-0.28.tar.gz and -compile using the following commands : - - $ ./configure --with-internal-glib - $ make - $ sudo make install - -After making sure pkg-config is available, download and install OSXFuse from -https://osxfuse.github.io/ (MacFUSE compatibility layer must selected) - -The script build_veracrypt_macosx.sh available under "src/Build" performs the -full build of VeraCrypt including the creation of the installer pkg. It expects -to find the wxWidgets 3.0.2 sources at the same level as where you put -VeraCrypt sources (i.e. if "src" path is "/Users/joe/Projects/VeraCrypt/src" -then wxWidgets should be at "/Users/joe/Projects/wxWidgets-wxWidgets-3.0.2") - -The build process uses Code Signing certificates whose ID is specified in -src/Main/Main.make (lines 167 & 169). You'll have to modify these lines to put -the ID of your Code Signing certificates or comment them if you don't have one. - -Because of incompatibility issues with OSXFUSE, the SDK 10.9 generates a -VeraCrypt binary that has issues communicating with the OSXFUSE kernel extension. -Thus, we recommend to use the SDK 10.8 or earlier for building VeraCrypt. - - - -III. FreeBSD and OpenSolaris -============================ - -FreeBSD and OpenSolaris are not yet supported. - - - -IV. Third-Party Developers (Contributors) -========================================= - -If you intend to implement a feature, please contact us first to make sure: - -1) That the feature has not been implemented (we may have already implemented - it, but haven't released the code yet). -2) That the feature is acceptable. -3) Whether we need help of third-party developers with implementing the feature. - -Information on how to contact us can be found at: -https://veracrypt.codeplex.com/ - - - -V. Legal Information -==================== - -Copyright Information ---------------------- - -This software as a whole: -Copyright (c) 2013-2015 IDRIX. All rights reserved. - -Portions of this software: -Copyright (c) 2003-2012 TrueCrypt Developers Association. All rights reserved. -Copyright (c) 1998-2000 Paul Le Roux. All rights reserved. -Copyright (c) 1998-2008 Brian Gladman, Worcester, UK. All rights reserved. -Copyright (c) 2002-2004 Mark Adler. All rights reserved. -For more information, please see the legal notices attached to parts of the -source code. - -Trademark Information ---------------------- - -Any trademarks contained in the source code, binaries, and/or in the -documentation, are the sole property of their respective owners. - - - -VI. Further Information -======================= - -http://www.veracrypt.fr - +This archive contains the source code of VeraCrypt. +It is based on original TrueCrypt 7.1a with security enhancements and modifications. + + +Important +========= + +You may use the source code contained in this archive only if you accept and +agree to the license terms contained in the file 'License.txt', which is +included in this archive. + +Note that the license specifies, for example, that a derived work must not be +called 'TrueCrypt' or 'VeraCrypt' + + + +Contents +======== + +I. Windows + Requirements for Building VeraCrypt for Windows + Instructions for Building VeraCrypt for Windows + Instructions for Signing and Packaging VeraCrypt for Windows + +II. Linux and Mac OS X + Requirements for Building VeraCrypt for Linux and Mac OS X + Instructions for Building VeraCrypt for Linux and Mac OS X + Mac OS X specifics + +III. FreeBSD and OpenSolaris + +IV. Third-Party Developers (Contributors) + +V. Legal Information + +VI. Further Information + + + +I. Windows +========== + +Requirements for Building VeraCrypt for Windows: +------------------------------------------------ + +- Microsoft Visual C++ 2008 SP1 (Professional Edition or compatible) +- Microsoft Visual C++ 1.52 (available from MSDN Subscriber Downloads) +- Microsoft Windows SDK for Windows 7 (configured for Visual C++) +- Microsoft Windows SDK for Windows 8.1 (needed for SHA-256 code signing) +- Microsoft Windows Driver Kit 7.1.0 (build 7600.16385.1) +- RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20 + header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20) +- NASM assembler 2.08 or compatible +- gzip compressor +- upx packer (available at http://upx.sourceforge.net/) + +IMPORTANT: + +The 64-bit editions of Windows Vista and later versions of Windows, and in +some cases (e.g. playback of HD DVD content) also the 32-bit editions, do not +allow the VeraCrypt driver to run without an appropriate digital signature. +Therefore, all .sys files in official VeraCrypt binary packages are digitally +signed with the digital certificate of the IDRIX, which was +issued by Thawte certification authority. At the end of each official .exe and +.sys file, there are embedded digital signatures and all related certificates +(i.e. all certificates in the relevant certification chain, such as the +certification authority certificates, CA-MS cross-certificate, and the +IDRIX certificate). +Keep this in mind if you compile VeraCrypt +and compare your binaries with the official binaries. If your binaries are +unsigned, the sizes of the official binaries will usually be approximately +10 KB greater than sizes of your binaries (there may be further differences +if you use a different version of the compiler, or if you install a different +or no service pack for Visual Studio, or different hotfixes for it, or if you +use different versions of the required SDKs). + + +Instructions for Building VeraCrypt for Windows: +------------------------------------------------ + +1) Create an environment variable 'MSVC16_ROOT' pointing to the folder 'MSVC15' + extracted from the Visual C++ 1.52 self-extracting package. + + Note: The 16-bit installer MSVC15\SETUP.EXE cannot be run on 64-bit Windows, + but it is actually not necessary to run it. You only need to extract the + folder 'MSVC15', which contains the 32-bit binaries required to build the + VeraCrypt Boot Loader. + +2) If you have installed the Windows Driver Development Kit in another + directory than '%SYSTEMDRIVE%\WinDDK', create an environment variable + 'WINDDK_ROOT' pointing to the DDK installation directory. + +3) Copy the PKCS #11 header files to a standard include path or create an + environment variable 'PKCS11_INC' pointing to the directory where + the PKCS #11 header files are installed. + +4) Open the solution file 'VeraCrypt.sln' in Microsoft Visual Studio 2008. + +5) Select 'All' as the active solution configuration. + +6) Build the solution. + +7) If successful, there should be newly built VeraCrypt binaries in the + 'Release' folder. + +Instructions for Signing and Packaging VeraCrypt for Windows: +------------------------------------------------------------- + +First, create an environment variable 'WSDK81' pointing to the Windows SDK +for Windows 8.1 installation directory. +The folder "Signing" contains a batch file (sign.bat) that will sign all +VeraCrypt components using a code signing certificate present on the +certificate store and also build the final installation setup. +The batch file suppose that the code signing certificate is issued by Thawt. +This is the case for IDRIX's certificate. If yours is issued by another CA, +then you should put the Root and Intermediate certificates in the "Signing" +folder and then modify sign.bat accordingly. + + +II. Linux and Mac OS X +====================== + +Requirements for Building VeraCrypt for Linux and Mac OS X: +----------------------------------------------------------- + +- GNU Make +- GNU C++ Compiler 4.0 or compatible +- Apple Xcode (Mac OS X only) +- NASM assembler 2.08 or compatible (x86/x64 architecture only) +- pkg-config +- makeself (Linux only) +- wxWidgets 3.0 shared library and header files installed or + wxWidgets 3.0 library source code (available at http://www.wxwidgets.org) +- FUSE library and header files (available at https://github.com/libfuse/libfuse + and https://osxfuse.github.io/) +- RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20 + header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20). + They are already included in the source tree under the directory PKCS11 but + it is possible to override it using the environment variable 'PKCS11_INC'. + + +Instructions for Building VeraCrypt for Linux and Mac OS X: +----------------------------------------------------------- + +1) Change the current directory to the root of the VeraCrypt source code. + +2) If you have no wxWidgets shared library installed, run the following + command to configure the wxWidgets static library for VeraCrypt and to + build it: + + $ make WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild + + The variable WX_ROOT must point to the location of the source code of the + wxWidgets library. Output files will be placed in the './wxrelease/' + directory. + +3) To build VeraCrypt, run the following command: + + $ make + + or if you have no wxWidgets shared library installed: + + $ make WXSTATIC=1 + +4) If successful, the VeraCrypt executable should be located in the directory + 'Main'. + +By default, a universal executable supporting both graphical and text user +interface (through the switch --text) is built. +On Linux, a console-only executable, which requires no GUI library, can be +built using the 'NOGUI' parameter: + + $ make NOGUI=1 WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild + $ make NOGUI=1 WXSTATIC=1 + +On MacOSX, building a console-only executable is not supported. + +Mac OS X specifics: +----------------------------------------------------------- + +Under MacOSX, the SDK for OSX 10.7 is used by default. To use another version +of the SDK (i.e. 10.6), you can export the environment variable VC_OSX_TARGET: + + $ export VC_OSX_TARGET=10.6 + + +Before building under MacOSX, pkg-config must be installed if not yet available. +Get it from http://pkgconfig.freedesktop.org/releases/pkg-config-0.28.tar.gz and +compile using the following commands : + + $ ./configure --with-internal-glib + $ make + $ sudo make install + +After making sure pkg-config is available, download and install OSXFuse from +https://osxfuse.github.io/ (MacFUSE compatibility layer must selected) + +The script build_veracrypt_macosx.sh available under "src/Build" performs the +full build of VeraCrypt including the creation of the installer pkg. It expects +to find the wxWidgets 3.0.2 sources at the same level as where you put +VeraCrypt sources (i.e. if "src" path is "/Users/joe/Projects/VeraCrypt/src" +then wxWidgets should be at "/Users/joe/Projects/wxWidgets-wxWidgets-3.0.2") + +The build process uses Code Signing certificates whose ID is specified in +src/Main/Main.make (lines 167 & 169). You'll have to modify these lines to put +the ID of your Code Signing certificates or comment them if you don't have one. + +Because of incompatibility issues with OSXFUSE, the SDK 10.9 generates a +VeraCrypt binary that has issues communicating with the OSXFUSE kernel extension. +Thus, we recommend to use the SDK 10.8 or earlier for building VeraCrypt. + + + +III. FreeBSD and OpenSolaris +============================ + +FreeBSD and OpenSolaris are not yet supported. + + + +IV. Third-Party Developers (Contributors) +========================================= + +If you intend to implement a feature, please contact us first to make sure: + +1) That the feature has not been implemented (we may have already implemented + it, but haven't released the code yet). +2) That the feature is acceptable. +3) Whether we need help of third-party developers with implementing the feature. + +Information on how to contact us can be found at: +https://veracrypt.codeplex.com/ + + + +V. Legal Information +==================== + +Copyright Information +--------------------- + +This software as a whole: +Copyright (c) 2013-2015 IDRIX. All rights reserved. + +Portions of this software: +Copyright (c) 2003-2012 TrueCrypt Developers Association. All rights reserved. +Copyright (c) 1998-2000 Paul Le Roux. All rights reserved. +Copyright (c) 1998-2008 Brian Gladman, Worcester, UK. All rights reserved. +Copyright (c) 2002-2004 Mark Adler. All rights reserved. +For more information, please see the legal notices attached to parts of the +source code. + +Trademark Information +--------------------- + +Any trademarks contained in the source code, binaries, and/or in the +documentation, are the sole property of their respective owners. + + + +VI. Further Information +======================= + +http://www.veracrypt.fr + diff --git a/src/Release/Setup Files/LICENSE b/src/Release/Setup Files/LICENSE index 7c96fa48..cacdfb62 100644 --- a/src/Release/Setup Files/LICENSE +++ b/src/Release/Setup Files/LICENSE @@ -1,190 +1,190 @@ - Apache License - Version 2.0, January 2004 - https://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -Copyright 2013-2015 IDRIX - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - https://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + +1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + +2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + +3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + +4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + +5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + +6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + +8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + +END OF TERMS AND CONDITIONS + +Copyright 2013-2015 IDRIX + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + https://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and limitations under the License. \ No newline at end of file diff --git a/src/Release/Setup Files/License.txt b/src/Release/Setup Files/License.txt index c174ef1b..44c0c657 100644 --- a/src/Release/Setup Files/License.txt +++ b/src/Release/Setup Files/License.txt @@ -1,702 +1,702 @@ -VeraCrypt License -Software distributed under this license is distributed on an "AS -IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND -DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO -USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE -SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE -BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT -ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE -SOFTWARE, NOR ANY PART(S) THEREOF. - -VeraCrypt is multi-licensed under Apache License 2.0 and -the TrueCrypt License version 3.0, a verbatim copy of both -licenses can be found below. - -This license does not grant you rights to use any -contributors' name, logo, or trademarks, including IDRIX, -VeraCrypt and all derivative names. -For example, the following names are not allowed: VeraCrypt, -VeraCrypt+, VeraCrypt Professional, iVeraCrypt, etc. Nor any -other names confusingly similar to the name VeraCrypt (e.g., -Vera-Crypt, Vera Crypt, VerKrypt, etc.) -____________________________________________________________ - - Apache License - Version 2.0, January 2004 - https://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. -____________________________________________________________ - -TrueCrypt License Version 3.0 - -Software distributed under this license is distributed on an "AS -IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND -DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO -USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE -SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE -BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT -ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE -SOFTWARE, NOR ANY PART(S) THEREOF. - - -I. Definitions - -1. "This Product" means the work (including, but not limited to, -source code, graphics, texts, and accompanying files) made -available under and governed by this version of this license -("License"), as may be indicated by, but is not limited to, -copyright notice(s) attached to or included in the work. - -2. "You" means (and "Your" refers to) an individual or a legal -entity (e.g., a non-profit organization, commercial -organization, government agency, etc.) exercising permissions -granted by this License. - -3. "Modification" means (and "modify" refers to) any alteration -of This Product, including, but not limited to, addition to or -deletion from the substance or structure of This Product, -translation into another language, repackaging, alteration or -removal of any file included with This Product, and addition of -any new files to This Product. - -4. "Your Product" means This Product modified by You, or any -work You derive from (or base on) any part of This Product. In -addition, "Your Product" means any work in which You include any -(modified or unmodified) portion of This Product. However, if -the work in which you include it is an aggregate software -distribution (such as an operating system distribution or a -cover CD-ROM of a magazine) containing multiple separate -products, then the term "Your Product" includes only those -products (in the aggregate software distribution) that use, -include, or depend on a modified or unmodified version of This -Product (and the term "Your Product" does not include the whole -aggregate software distribution). For the purposes of this -License, a product suite consisting of two or more products is -considered a single product (operating system distributions and -cover media of magazines are not considered product suites). - -5. "Distribution" means (and "distribute" refers to), regardless -of means or methods, conveyance, transfer, providing, or making -available of This/Your Product or portions thereof to third -parties (including, but not limited to, making This/Your -Product, or portions thereof, available for download to third -parties, whether or not any third party has downloaded the -product, or any portion thereof, made available for download). - - - -II. Use, Copying, and Distribution of This Product - -1. Provided that You comply with all applicable terms and -conditions of this License, You may make copies of This Product -(unmodified) and distribute copies of This Product (unmodified) -that are not included in another product forming Your Product -(except as permitted under Chapter III). Note: For terms and -conditions for copying and distribution of modified versions of -This Product, see Chapter III. - -2. Provided that You comply with all applicable terms and -conditions of this License, You may use This Product freely (see -also Chapter III) on any number of computers/systems for non- -commercial and/or commercial purposes. - - - -III. Modification, Derivation, and Inclusion in Other Products - -1. If all conditions specified in the following paragraphs in -this Chapter (III) are met (for exceptions, see Section III.2) -and if You comply with all other applicable terms and conditions -of this License, You may modify This Product (thus forming Your -Product), derive new works from This Product or portions thereof -(thus forming Your Product), include This Product or portions -thereof in another product (thus forming Your Product, unless -defined otherwise in Chapter I), and You may use (for non- -commercial and/or commercial purposes), copy, and/or distribute -Your Product. - - a. The name of Your Product (or of Your modified version of - This Product) must not contain the name TrueCrypt (for - example, the following names are not allowed: TrueCrypt, - TrueCrypt+, TrueCrypt Professional, iTrueCrypt, etc.) nor - any other names confusingly similar to the name TrueCrypt - (e.g., True-Crypt, True Crypt, TruKrypt, etc.) - - All occurrences of the name TrueCrypt that could reasonably - be considered to identify Your Product must be removed from - Your Product and from any associated materials. Logo(s) - included in (or attached to) Your Product (and in/to - associated materials) must not incorporate and must not be - confusingly similar to any of the TrueCrypt logos - (including, but not limited to, the non-textual logo - consisting primarily of a key in stylized form) or - portion(s) thereof. All graphics contained in This Product - (logos, icons, etc.) must be removed from Your Product (or - from Your modified version of This Product) and from any - associated materials. - - b. The following phrases must be removed from Your Product - and from any associated materials, except the text of this - License: "A TrueCrypt Foundation Release", "Released by - TrueCrypt Foundation", "This is a TrueCrypt Foundation - release." - - c. Phrase "Based on TrueCrypt, freely available at - http://www.truecrypt.org/" must be displayed by Your Product - (if technically feasible) and contained in its - documentation. Alternatively, if This Product or its portion - You included in Your Product constitutes only a minor - portion of Your Product, phrase "Portions of this product - are based in part on TrueCrypt, freely available at - http://www.truecrypt.org/" may be displayed instead. In each - of the cases mentioned above in this paragraph, - "http://www.truecrypt.org/" must be a hyperlink (if - technically feasible) pointing to http://www.truecrypt.org/ - and You may freely choose the location within the user - interface (if there is any) of Your Product (e.g., an - "About" window, etc.) and the way in which Your Product will - display the respective phrase. - - Your Product (and any associated materials, e.g., the - documentation, the content of the official web site of Your - Product, etc.) must not present any Internet address - containing the domain name truecrypt.org (or any domain name - that forwards to the domain name truecrypt.org) in a manner - that might suggest that it is where information about Your - Product may be obtained or where bugs found in Your Product - may be reported or where support for Your Product may be - available or otherwise attempt to indicate that the domain - name truecrypt.org is associated with Your Product. - - d. The complete source code of Your Product must be freely - and publicly available (for exceptions, see Section III.2) - at least until You cease to distribute Your Product. This - condition can be met in one or both of the following ways: - (i) You include the complete source code of Your Product - with every copy of Your Product that You make and distribute - and You make all such copies of Your Product available to - the general public free of charge, and/or (ii) You include - information (valid and correct at least until You cease to - distribute Your Product) about where the complete source - code of Your Product can be obtained free of charge (e.g., - an Internet address) or for a reasonable reproduction fee - with every copy of Your Product that You make and distribute - and, if there is a web site officially associated with Your - Product, You include the aforementioned information about - the source code on a freely and publicly accessible web - page to which such web site links via an easily viewable - hyperlink (at least until You cease to distribute Your - Product). - - The source code of Your Product must not be deliberately - obfuscated and it must not be in an intermediate form (e.g., - the output of a preprocessor). Source code means the - preferred form in which a programmer would usually modify - the program. - - Portions of the source code of Your Product not contained in - This Product (e.g., portions added by You in creating Your - Product, whether created by You or by third parties) must be - available under license(s) that (however, see also - Subsection III.1.e) allow(s) anyone to modify and derive new - works from the portions of the source code that are not - contained in This Product and to use, copy, and redistribute - such modifications and/or derivative works. The license(s) - must be perpetual, non-exclusive, royalty-free, no-charge, - and worldwide, and must not invalidate, weaken, restrict, - interpret, amend, modify, interfere with or otherwise affect - any part, term, provision, or clause of this License. The - text(s) of the license(s) must be included with every copy - of Your Product that You make and distribute. - - e. You must not change the license terms of This Product in - any way (adding any new terms is considered changing the - license terms even if the original terms are retained), - which means, e.g., that no part of This Product may be put - under another license. You must keep intact all the legal - notices contained in the source code files. You must include - the following items with every copy of Your Product that You - make and distribute: a clear and conspicuous notice stating - that Your Product or portion(s) thereof is/are governed by - this version of the TrueCrypt License, a verbatim copy of - this version of the TrueCrypt License (as contained herein), - a clear and conspicuous notice containing information about - where the included copy of the License can be found, and an - appropriate copyright notice. - - -2. You are not obligated to comply with Subsection III.1.d if -Your Product is not distributed (i.e., Your Product is available -only to You). - - - -IV. Disclaimer of Liability, Disclaimer of Warranty, -Indemnification - -You expressly acknowledge and agree to the following: - -1. IN NO EVENT WILL ANY (CO)AUTHOR OF THIS PRODUCT, OR ANY -APPLICABLE INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY WHO -MAY COPY AND/OR (RE)DISTRIBUTE THIS PRODUCT OR PORTIONS THEREOF, -AS MAY BE PERMITTED HEREIN, BE LIABLE TO YOU OR TO ANY OTHER -PARTY FOR ANY DAMAGES, INCLUDING, BUT NOT LIMITED TO, ANY -DIRECT, INDIRECT, GENERAL, SPECIAL, INCIDENTAL, PUNITIVE, -EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED -TO, CORRUPTION OR LOSS OF DATA, ANY LOSSES SUSTAINED BY YOU OR -THIRD PARTIES, A FAILURE OF THIS PRODUCT TO OPERATE WITH ANY -OTHER PRODUCT, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR -BUSINESS INTERRUPTION), WHETHER IN CONTRACT, STRICT LIABILITY, -TORT (INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE) OR OTHERWISE, -ARISING OUT OF THE USE, COPYING, MODIFICATION, OR -(RE)DISTRIBUTION OF THIS PRODUCT (OR A PORTION THEREOF) OR OF -YOUR PRODUCT (OR A PORTION THEREOF), OR INABILITY TO USE THIS -PRODUCT (OR A PORTION THEREOF), EVEN IF SUCH DAMAGES (OR THE -POSSIBILITY OF SUCH DAMAGES) ARE/WERE PREDICTABLE OR KNOWN TO -ANY (CO)AUTHOR, INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY. - -2. THIS PRODUCT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY -KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT -LIMITED TO, THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A -PARTICULAR PURPOSE, AND NON-INFRINGEMENT. THE ENTIRE RISK AS TO -THE QUALITY AND PERFORMANCE OF THIS PRODUCT IS WITH YOU. SHOULD -THIS PRODUCT PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL -NECESSARY SERVICING, REPAIR, OR CORRECTION. - -3. THIS PRODUCT MAY INCORPORATE IMPLEMENTATIONS OF CRYPTOGRAPHIC -ALGORITHMS THAT ARE REGULATED (E.G., SUBJECT TO EXPORT/IMPORT -CONTROL REGULATIONS) OR ILLEGAL IN SOME COUNTRIES. IT IS SOLELY -YOUR RESPONSIBILITY TO VERIFY THAT IT IS LEGAL TO IMPORT AND/OR -(RE)EXPORT AND/OR USE THIS PRODUCT (OR PORTIONS THEREOF) IN -COUNTRIES WHERE YOU INTEND TO USE IT AND/OR TO WHICH YOU INTEND -TO IMPORT IT AND/OR FROM WHICH YOU INTEND TO EXPORT IT, AND IT -IS SOLELY YOUR RESPONSIBILITY TO COMPLY WITH ANY APPLICABLE -REGULATIONS, RESTRICTIONS, AND LAWS. - -4. YOU SHALL INDEMNIFY, DEFEND AND HOLD ALL (CO)AUTHORS OF THIS -PRODUCT, AND APPLICABLE INTELLECTUAL-PROPERTY OWNERS, HARMLESS -FROM AND AGAINST ANY AND ALL LIABILITY, DAMAGES, LOSSES, -SETTLEMENTS, PENALTIES, FINES, COSTS, EXPENSES (INCLUDING -REASONABLE ATTORNEYS' FEES), DEMANDS, CAUSES OF ACTION, CLAIMS, -ACTIONS, PROCEEDINGS, AND SUITS, DIRECTLY RELATED TO OR ARISING -OUT OF YOUR USE, INABILITY TO USE, COPYING, (RE)DISTRIBUTION, -IMPORT AND/OR (RE)EXPORT OF THIS PRODUCT (OR PORTIONS THEREOF) -AND/OR YOUR BREACH OF ANY TERM OF THIS LICENSE. - - - -V. Trademarks - -This License does not grant permission to use trademarks -associated with (or applying to) This Product, except for fair -use as defined by applicable law and except for use expressly -permitted or required by this License. Any attempt otherwise to -use trademarks associated with (or applying to) This Product -automatically and immediately terminates Your rights under This -License and may constitute trademark infringement (which may be -prosecuted). - - - -VI. General Terms and Conditions, Miscellaneous Provisions - -1. ANYONE WHO USES AND/OR COPIES AND/OR MODIFIES AND/OR CREATES -DERIVATIVE WORKS OF AND/OR (RE)DISTRIBUTES THIS PRODUCT, OR ANY -PORTION(S) THEREOF, IS, BY SUCH ACTION(S), AGREEING TO BE BOUND -BY AND ACCEPTING ALL TERMS AND CONDITIONS OF THIS LICENSE (AND -THE RESPONSIBILITIES AND OBLIGATIONS CONTAINED IN THIS LICENSE). -IF YOU DO NOT ACCEPT (AND AGREE TO BE BOUND BY) ALL TERMS AND -CONDITIONS OF THIS LICENSE, DO NOT USE, COPY, MODIFY, CREATE -DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY -PORTION(S) THEREOF. - -2. YOU MAY NOT USE, MODIFY, COPY, CREATE DERIVATIVE WORKS OF, -(RE)DISTRIBUTE, OR SUBLICENSE THIS PRODUCT, OR PORTION(S) -THEREOF, EXCEPT AS EXPRESSLY PROVIDED IN THIS LICENSE (EVEN IF -APPLICABLE LAW GIVES YOU MORE RIGHTS). ANY ATTEMPT (EVEN IF -PERMITTED BY APPLICABLE LAW) OTHERWISE TO USE, MODIFY, COPY, -CREATE DERIVATIVE WORKS OF, (RE)DISTRIBUTE, OR SUBLICENSE THIS -PRODUCT, OR PORTION(S) THEREOF, AUTOMATICALLY AND IMMEDIATELY -TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN CONSTITUTE -COPYRIGHT INFRINGEMENT (WHICH MAY BE PROSECUTED). ANY CONDITIONS -AND RESTRICTIONS CONTAINED IN THIS LICENSE ARE ALSO LIMITATIONS -ON THE SCOPE OF THIS LICENSE AND ALSO DEFINE THE SCOPE OF YOUR -RIGHTS UNDER THIS LICENSE. YOUR FAILURE TO COMPLY WITH THE TERMS -AND CONDITIONS OF THIS LICENSE OR FAILURE TO PERFORM ANY -APPLICABLE OBLIGATION IMPOSED BY THIS LICENSE AUTOMATICALLY AND -IMMEDIATELY TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN -CAUSE OR BE CONSIDERED COPYRIGHT INFRINGEMENT (WHICH MAY BE -PROSECUTED). NOTHING IN THIS LICENSE SHALL IMPLY OR BE CONSTRUED -AS A PROMISE, OBLIGATION, OR COVENANT NOT TO SUE FOR COPYRIGHT -OR TRADEMARK INFRINGEMENT IF YOU DO NOT COMPLY WITH THE TERMS -AND CONDITIONS OF THIS LICENSE. - -3. This License does not constitute or imply a waiver of any -intellectual property rights except as may be otherwise -expressly provided in this License. This License does not -transfer, assign, or convey any intellectual property rights -(e.g., it does not transfer ownership of copyrights or -trademarks). - -4. Subject to the terms and conditions of this License, You may -allow a third party to use Your copy of This Product (or a copy -that You make and distribute, or Your Product) provided that the -third party explicitly accepts and agrees to be bound by all -terms and conditions of this License and the third party is not -prohibited from using This Product (or portions thereof) by this -License (see, e.g., Section VI.7) or by applicable law. However, -You are not obligated to ensure that the third party accepts -(and agrees to be bound by all terms of) this License if You -distribute only the self-extracting package (containing This -Product) that does not allow the user to install (nor extract) -the files contained in the package until he or she accepts and -agrees to be bound by all terms and conditions of this License. - -5. Without specific prior written permission from the authors of -This Product (or from their common representative), You must not -use the name of This Product, the names of the authors of This -Product, or the names of the legal entities (or informal groups) -of which the authors were/are members/employees, to endorse or -promote Your Product or any work in which You include a modified -or unmodified version of This Product, or to endorse or promote -You or Your affiliates, or in a way that might suggest that Your -Product (or any work in which You include a modified or -unmodified version of This Product), You, or Your affiliates -is/are endorsed by one or more authors of This Product, or in a -way that might suggest that one or more authors of This Product -is/are affiliated with You (or Your affiliates) or directly -participated in the creation of Your Product or of any work in -which You include a modified or unmodified version of This -Product. - -6. IF YOU ARE NOT SURE WHETHER YOU UNDERSTAND ALL PARTS OF THIS -LICENSE OR IF YOU ARE NOT SURE WHETHER YOU CAN COMPLY WITH ALL -TERMS AND CONDITIONS OF THIS LICENSE, YOU MUST NOT USE, COPY, -MODIFY, CREATE DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS -PRODUCT, NOR ANY PORTION(S) OF IT. YOU SHOULD CONSULT WITH A -LAWYER. - -7. IF (IN RELEVANT CONTEXT) ANY PROVISION OF CHAPTER IV OF THIS -LICENSE IS UNENFORCEABLE, INVALID, OR PROHIBITED UNDER -APPLICABLE LAW IN YOUR JURISDICTION, YOU HAVE NO RIGHTS UNDER -THIS LICENSE AND YOU MUST NOT USE, COPY, MODIFY, CREATE -DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY -PORTION(S) THEREOF. - -8. Except as otherwise provided in this License, if any -provision of this License, or a portion thereof, is found to be -invalid or unenforceable under applicable law, it shall not -affect the validity or enforceability of the remainder of this -License, and such invalid or unenforceable provision shall be -construed to reflect the original intent of the provision and -shall be enforced to the maximum extent permitted by applicable -law so as to effect the original intent of the provision as -closely as possible. - -____________________________________________________________ - - -Third-Party Licenses - -This Product contains components that were created by third -parties and that are governed by third-party licenses, which are -contained hereinafter (separated by lines consisting of -underscores). Each of the third-party licenses applies only to -(portions of) the source code file(s) in which the third-party -license is contained or in which it is explicitly referenced, -and to compiled or otherwise processed forms of such source -code. None of the third-party licenses applies to This Product -as a whole, even when it uses terms such as "product", -"program", or any other equivalent terms/phrases. This Product -as a whole is governed by the TrueCrypt License (see above). -Some of the third-party components have been modified by the -authors of This Product. Unless otherwise stated, such -modifications and additions are governed by the TrueCrypt -License (see above). Note: Unless otherwise stated, graphics and -files that are not part of the source code are governed by the -TrueCrypt License. - -____________________________________________________________ - -License agreement for Encryption for the Masses. - -Copyright (C) 1998-2000 Paul Le Roux. All Rights Reserved. - -This product can be copied and distributed free of charge, -including source code. - -You may modify this product and source code, and distribute such -modifications, and you may derive new works based on this -product, provided that: - -1. Any product which is simply derived from this product cannot -be called E4M, or Encryption for the Masses. - -2. If you use any of the source code in your product, and your -product is distributed with source code, you must include this -notice with those portions of this source code that you use. - -Or, - -If your product is distributed in binary form only, you must -display on any packaging, and marketing materials which -reference your product, a notice which states: - -"This product uses components written by Paul Le Roux -" - -3. If you use any of the source code originally by Eric Young, -you must in addition follow his terms and conditions. - -4. Nothing requires that you accept this License, as you have -not signed it. However, nothing else grants you permission to -modify or distribute the product or its derivative works. - -These actions are prohibited by law if you do not accept this -License. - -5. If any of these license terms is found to be to broad in -scope, and declared invalid by any court or legal process, you -agree that all other terms shall not be so affected, and shall -remain valid and enforceable. - -6. THIS PROGRAM IS DISTRIBUTED FREE OF CHARGE, THEREFORE THERE -IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY -APPLICABLE LAW. UNLESS OTHERWISE STATED THE PROGRAM IS PROVIDED -"AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR -IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE -ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS -WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE -COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - -7. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN -WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY -MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE -LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, -INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR -INABILITY TO USE THE PROGRAM, INCLUDING BUT NOT LIMITED TO LOSS -OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH -ANY OTHER PROGRAMS, EVEN IF SUCH HOLDER OR OTHER PARTY HAD -PREVIOUSLY BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. -____________________________________________________________ - -Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. -All rights reserved. - -LICENSE TERMS - -The free distribution and use of this software is allowed (with -or without changes) provided that: - - 1. source code distributions include the above copyright - notice, this list of conditions and the following - disclaimer; - - 2. binary distributions include the above copyright notice, - this list of conditions and the following disclaimer in - their documentation; - - 3. the name of the copyright holder is not used to endorse - products built using this software without specific written - permission. - -DISCLAIMER - -This software is provided 'as is' with no explicit or implied -warranties in respect of its properties, including, but not -limited to, correctness and/or fitness for purpose. -____________________________________________________________ - -Copyright (C) 2002-2004 Mark Adler, all rights reserved -version 1.8, 9 Jan 2004 - -This software is provided 'as-is', without any express or -implied warranty. In no event will the author be held liable -for any damages arising from the use of this software. - -Permission is granted to anyone to use this software for any -purpose, including commercial applications, and to alter it and -redistribute it freely, subject to the following restrictions: - -1. The origin of this software must not be misrepresented; you - must not claim that you wrote the original software. If you - use this software in a product, an acknowledgment in the - product documentation would be appreciated but is not - required. -2. Altered source versions must be plainly marked as such, and - must not be misrepresented as being the original software. -3. This notice may not be removed or altered from any source - distribution. -____________________________________________________________ +VeraCrypt License +Software distributed under this license is distributed on an "AS +IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND +DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO +USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE +SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE +BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT +ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE +SOFTWARE, NOR ANY PART(S) THEREOF. + +VeraCrypt is multi-licensed under Apache License 2.0 and +the TrueCrypt License version 3.0, a verbatim copy of both +licenses can be found below. + +This license does not grant you rights to use any +contributors' name, logo, or trademarks, including IDRIX, +VeraCrypt and all derivative names. +For example, the following names are not allowed: VeraCrypt, +VeraCrypt+, VeraCrypt Professional, iVeraCrypt, etc. Nor any +other names confusingly similar to the name VeraCrypt (e.g., +Vera-Crypt, Vera Crypt, VerKrypt, etc.) +____________________________________________________________ + + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + +1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + +2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + +3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + +4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + +5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + +6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + +8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. +____________________________________________________________ + +TrueCrypt License Version 3.0 + +Software distributed under this license is distributed on an "AS +IS" BASIS WITHOUT WARRANTIES OF ANY KIND. THE AUTHORS AND +DISTRIBUTORS OF THE SOFTWARE DISCLAIM ANY LIABILITY. ANYONE WHO +USES, COPIES, MODIFIES, OR (RE)DISTRIBUTES ANY PART OF THE +SOFTWARE IS, BY SUCH ACTION(S), ACCEPTING AND AGREEING TO BE +BOUND BY ALL TERMS AND CONDITIONS OF THIS LICENSE. IF YOU DO NOT +ACCEPT THEM, DO NOT USE, COPY, MODIFY, NOR (RE)DISTRIBUTE THE +SOFTWARE, NOR ANY PART(S) THEREOF. + + +I. Definitions + +1. "This Product" means the work (including, but not limited to, +source code, graphics, texts, and accompanying files) made +available under and governed by this version of this license +("License"), as may be indicated by, but is not limited to, +copyright notice(s) attached to or included in the work. + +2. "You" means (and "Your" refers to) an individual or a legal +entity (e.g., a non-profit organization, commercial +organization, government agency, etc.) exercising permissions +granted by this License. + +3. "Modification" means (and "modify" refers to) any alteration +of This Product, including, but not limited to, addition to or +deletion from the substance or structure of This Product, +translation into another language, repackaging, alteration or +removal of any file included with This Product, and addition of +any new files to This Product. + +4. "Your Product" means This Product modified by You, or any +work You derive from (or base on) any part of This Product. In +addition, "Your Product" means any work in which You include any +(modified or unmodified) portion of This Product. However, if +the work in which you include it is an aggregate software +distribution (such as an operating system distribution or a +cover CD-ROM of a magazine) containing multiple separate +products, then the term "Your Product" includes only those +products (in the aggregate software distribution) that use, +include, or depend on a modified or unmodified version of This +Product (and the term "Your Product" does not include the whole +aggregate software distribution). For the purposes of this +License, a product suite consisting of two or more products is +considered a single product (operating system distributions and +cover media of magazines are not considered product suites). + +5. "Distribution" means (and "distribute" refers to), regardless +of means or methods, conveyance, transfer, providing, or making +available of This/Your Product or portions thereof to third +parties (including, but not limited to, making This/Your +Product, or portions thereof, available for download to third +parties, whether or not any third party has downloaded the +product, or any portion thereof, made available for download). + + + +II. Use, Copying, and Distribution of This Product + +1. Provided that You comply with all applicable terms and +conditions of this License, You may make copies of This Product +(unmodified) and distribute copies of This Product (unmodified) +that are not included in another product forming Your Product +(except as permitted under Chapter III). Note: For terms and +conditions for copying and distribution of modified versions of +This Product, see Chapter III. + +2. Provided that You comply with all applicable terms and +conditions of this License, You may use This Product freely (see +also Chapter III) on any number of computers/systems for non- +commercial and/or commercial purposes. + + + +III. Modification, Derivation, and Inclusion in Other Products + +1. If all conditions specified in the following paragraphs in +this Chapter (III) are met (for exceptions, see Section III.2) +and if You comply with all other applicable terms and conditions +of this License, You may modify This Product (thus forming Your +Product), derive new works from This Product or portions thereof +(thus forming Your Product), include This Product or portions +thereof in another product (thus forming Your Product, unless +defined otherwise in Chapter I), and You may use (for non- +commercial and/or commercial purposes), copy, and/or distribute +Your Product. + + a. The name of Your Product (or of Your modified version of + This Product) must not contain the name TrueCrypt (for + example, the following names are not allowed: TrueCrypt, + TrueCrypt+, TrueCrypt Professional, iTrueCrypt, etc.) nor + any other names confusingly similar to the name TrueCrypt + (e.g., True-Crypt, True Crypt, TruKrypt, etc.) + + All occurrences of the name TrueCrypt that could reasonably + be considered to identify Your Product must be removed from + Your Product and from any associated materials. Logo(s) + included in (or attached to) Your Product (and in/to + associated materials) must not incorporate and must not be + confusingly similar to any of the TrueCrypt logos + (including, but not limited to, the non-textual logo + consisting primarily of a key in stylized form) or + portion(s) thereof. All graphics contained in This Product + (logos, icons, etc.) must be removed from Your Product (or + from Your modified version of This Product) and from any + associated materials. + + b. The following phrases must be removed from Your Product + and from any associated materials, except the text of this + License: "A TrueCrypt Foundation Release", "Released by + TrueCrypt Foundation", "This is a TrueCrypt Foundation + release." + + c. Phrase "Based on TrueCrypt, freely available at + http://www.truecrypt.org/" must be displayed by Your Product + (if technically feasible) and contained in its + documentation. Alternatively, if This Product or its portion + You included in Your Product constitutes only a minor + portion of Your Product, phrase "Portions of this product + are based in part on TrueCrypt, freely available at + http://www.truecrypt.org/" may be displayed instead. In each + of the cases mentioned above in this paragraph, + "http://www.truecrypt.org/" must be a hyperlink (if + technically feasible) pointing to http://www.truecrypt.org/ + and You may freely choose the location within the user + interface (if there is any) of Your Product (e.g., an + "About" window, etc.) and the way in which Your Product will + display the respective phrase. + + Your Product (and any associated materials, e.g., the + documentation, the content of the official web site of Your + Product, etc.) must not present any Internet address + containing the domain name truecrypt.org (or any domain name + that forwards to the domain name truecrypt.org) in a manner + that might suggest that it is where information about Your + Product may be obtained or where bugs found in Your Product + may be reported or where support for Your Product may be + available or otherwise attempt to indicate that the domain + name truecrypt.org is associated with Your Product. + + d. The complete source code of Your Product must be freely + and publicly available (for exceptions, see Section III.2) + at least until You cease to distribute Your Product. This + condition can be met in one or both of the following ways: + (i) You include the complete source code of Your Product + with every copy of Your Product that You make and distribute + and You make all such copies of Your Product available to + the general public free of charge, and/or (ii) You include + information (valid and correct at least until You cease to + distribute Your Product) about where the complete source + code of Your Product can be obtained free of charge (e.g., + an Internet address) or for a reasonable reproduction fee + with every copy of Your Product that You make and distribute + and, if there is a web site officially associated with Your + Product, You include the aforementioned information about + the source code on a freely and publicly accessible web + page to which such web site links via an easily viewable + hyperlink (at least until You cease to distribute Your + Product). + + The source code of Your Product must not be deliberately + obfuscated and it must not be in an intermediate form (e.g., + the output of a preprocessor). Source code means the + preferred form in which a programmer would usually modify + the program. + + Portions of the source code of Your Product not contained in + This Product (e.g., portions added by You in creating Your + Product, whether created by You or by third parties) must be + available under license(s) that (however, see also + Subsection III.1.e) allow(s) anyone to modify and derive new + works from the portions of the source code that are not + contained in This Product and to use, copy, and redistribute + such modifications and/or derivative works. The license(s) + must be perpetual, non-exclusive, royalty-free, no-charge, + and worldwide, and must not invalidate, weaken, restrict, + interpret, amend, modify, interfere with or otherwise affect + any part, term, provision, or clause of this License. The + text(s) of the license(s) must be included with every copy + of Your Product that You make and distribute. + + e. You must not change the license terms of This Product in + any way (adding any new terms is considered changing the + license terms even if the original terms are retained), + which means, e.g., that no part of This Product may be put + under another license. You must keep intact all the legal + notices contained in the source code files. You must include + the following items with every copy of Your Product that You + make and distribute: a clear and conspicuous notice stating + that Your Product or portion(s) thereof is/are governed by + this version of the TrueCrypt License, a verbatim copy of + this version of the TrueCrypt License (as contained herein), + a clear and conspicuous notice containing information about + where the included copy of the License can be found, and an + appropriate copyright notice. + + +2. You are not obligated to comply with Subsection III.1.d if +Your Product is not distributed (i.e., Your Product is available +only to You). + + + +IV. Disclaimer of Liability, Disclaimer of Warranty, +Indemnification + +You expressly acknowledge and agree to the following: + +1. IN NO EVENT WILL ANY (CO)AUTHOR OF THIS PRODUCT, OR ANY +APPLICABLE INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY WHO +MAY COPY AND/OR (RE)DISTRIBUTE THIS PRODUCT OR PORTIONS THEREOF, +AS MAY BE PERMITTED HEREIN, BE LIABLE TO YOU OR TO ANY OTHER +PARTY FOR ANY DAMAGES, INCLUDING, BUT NOT LIMITED TO, ANY +DIRECT, INDIRECT, GENERAL, SPECIAL, INCIDENTAL, PUNITIVE, +EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +TO, CORRUPTION OR LOSS OF DATA, ANY LOSSES SUSTAINED BY YOU OR +THIRD PARTIES, A FAILURE OF THIS PRODUCT TO OPERATE WITH ANY +OTHER PRODUCT, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR +BUSINESS INTERRUPTION), WHETHER IN CONTRACT, STRICT LIABILITY, +TORT (INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE) OR OTHERWISE, +ARISING OUT OF THE USE, COPYING, MODIFICATION, OR +(RE)DISTRIBUTION OF THIS PRODUCT (OR A PORTION THEREOF) OR OF +YOUR PRODUCT (OR A PORTION THEREOF), OR INABILITY TO USE THIS +PRODUCT (OR A PORTION THEREOF), EVEN IF SUCH DAMAGES (OR THE +POSSIBILITY OF SUCH DAMAGES) ARE/WERE PREDICTABLE OR KNOWN TO +ANY (CO)AUTHOR, INTELLECTUAL-PROPERTY OWNER, OR ANY OTHER PARTY. + +2. THIS PRODUCT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY +KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT +LIMITED TO, THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A +PARTICULAR PURPOSE, AND NON-INFRINGEMENT. THE ENTIRE RISK AS TO +THE QUALITY AND PERFORMANCE OF THIS PRODUCT IS WITH YOU. SHOULD +THIS PRODUCT PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL +NECESSARY SERVICING, REPAIR, OR CORRECTION. + +3. THIS PRODUCT MAY INCORPORATE IMPLEMENTATIONS OF CRYPTOGRAPHIC +ALGORITHMS THAT ARE REGULATED (E.G., SUBJECT TO EXPORT/IMPORT +CONTROL REGULATIONS) OR ILLEGAL IN SOME COUNTRIES. IT IS SOLELY +YOUR RESPONSIBILITY TO VERIFY THAT IT IS LEGAL TO IMPORT AND/OR +(RE)EXPORT AND/OR USE THIS PRODUCT (OR PORTIONS THEREOF) IN +COUNTRIES WHERE YOU INTEND TO USE IT AND/OR TO WHICH YOU INTEND +TO IMPORT IT AND/OR FROM WHICH YOU INTEND TO EXPORT IT, AND IT +IS SOLELY YOUR RESPONSIBILITY TO COMPLY WITH ANY APPLICABLE +REGULATIONS, RESTRICTIONS, AND LAWS. + +4. YOU SHALL INDEMNIFY, DEFEND AND HOLD ALL (CO)AUTHORS OF THIS +PRODUCT, AND APPLICABLE INTELLECTUAL-PROPERTY OWNERS, HARMLESS +FROM AND AGAINST ANY AND ALL LIABILITY, DAMAGES, LOSSES, +SETTLEMENTS, PENALTIES, FINES, COSTS, EXPENSES (INCLUDING +REASONABLE ATTORNEYS' FEES), DEMANDS, CAUSES OF ACTION, CLAIMS, +ACTIONS, PROCEEDINGS, AND SUITS, DIRECTLY RELATED TO OR ARISING +OUT OF YOUR USE, INABILITY TO USE, COPYING, (RE)DISTRIBUTION, +IMPORT AND/OR (RE)EXPORT OF THIS PRODUCT (OR PORTIONS THEREOF) +AND/OR YOUR BREACH OF ANY TERM OF THIS LICENSE. + + + +V. Trademarks + +This License does not grant permission to use trademarks +associated with (or applying to) This Product, except for fair +use as defined by applicable law and except for use expressly +permitted or required by this License. Any attempt otherwise to +use trademarks associated with (or applying to) This Product +automatically and immediately terminates Your rights under This +License and may constitute trademark infringement (which may be +prosecuted). + + + +VI. General Terms and Conditions, Miscellaneous Provisions + +1. ANYONE WHO USES AND/OR COPIES AND/OR MODIFIES AND/OR CREATES +DERIVATIVE WORKS OF AND/OR (RE)DISTRIBUTES THIS PRODUCT, OR ANY +PORTION(S) THEREOF, IS, BY SUCH ACTION(S), AGREEING TO BE BOUND +BY AND ACCEPTING ALL TERMS AND CONDITIONS OF THIS LICENSE (AND +THE RESPONSIBILITIES AND OBLIGATIONS CONTAINED IN THIS LICENSE). +IF YOU DO NOT ACCEPT (AND AGREE TO BE BOUND BY) ALL TERMS AND +CONDITIONS OF THIS LICENSE, DO NOT USE, COPY, MODIFY, CREATE +DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY +PORTION(S) THEREOF. + +2. YOU MAY NOT USE, MODIFY, COPY, CREATE DERIVATIVE WORKS OF, +(RE)DISTRIBUTE, OR SUBLICENSE THIS PRODUCT, OR PORTION(S) +THEREOF, EXCEPT AS EXPRESSLY PROVIDED IN THIS LICENSE (EVEN IF +APPLICABLE LAW GIVES YOU MORE RIGHTS). ANY ATTEMPT (EVEN IF +PERMITTED BY APPLICABLE LAW) OTHERWISE TO USE, MODIFY, COPY, +CREATE DERIVATIVE WORKS OF, (RE)DISTRIBUTE, OR SUBLICENSE THIS +PRODUCT, OR PORTION(S) THEREOF, AUTOMATICALLY AND IMMEDIATELY +TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN CONSTITUTE +COPYRIGHT INFRINGEMENT (WHICH MAY BE PROSECUTED). ANY CONDITIONS +AND RESTRICTIONS CONTAINED IN THIS LICENSE ARE ALSO LIMITATIONS +ON THE SCOPE OF THIS LICENSE AND ALSO DEFINE THE SCOPE OF YOUR +RIGHTS UNDER THIS LICENSE. YOUR FAILURE TO COMPLY WITH THE TERMS +AND CONDITIONS OF THIS LICENSE OR FAILURE TO PERFORM ANY +APPLICABLE OBLIGATION IMPOSED BY THIS LICENSE AUTOMATICALLY AND +IMMEDIATELY TERMINATES YOUR RIGHTS UNDER THIS LICENSE AND CAN +CAUSE OR BE CONSIDERED COPYRIGHT INFRINGEMENT (WHICH MAY BE +PROSECUTED). NOTHING IN THIS LICENSE SHALL IMPLY OR BE CONSTRUED +AS A PROMISE, OBLIGATION, OR COVENANT NOT TO SUE FOR COPYRIGHT +OR TRADEMARK INFRINGEMENT IF YOU DO NOT COMPLY WITH THE TERMS +AND CONDITIONS OF THIS LICENSE. + +3. This License does not constitute or imply a waiver of any +intellectual property rights except as may be otherwise +expressly provided in this License. This License does not +transfer, assign, or convey any intellectual property rights +(e.g., it does not transfer ownership of copyrights or +trademarks). + +4. Subject to the terms and conditions of this License, You may +allow a third party to use Your copy of This Product (or a copy +that You make and distribute, or Your Product) provided that the +third party explicitly accepts and agrees to be bound by all +terms and conditions of this License and the third party is not +prohibited from using This Product (or portions thereof) by this +License (see, e.g., Section VI.7) or by applicable law. However, +You are not obligated to ensure that the third party accepts +(and agrees to be bound by all terms of) this License if You +distribute only the self-extracting package (containing This +Product) that does not allow the user to install (nor extract) +the files contained in the package until he or she accepts and +agrees to be bound by all terms and conditions of this License. + +5. Without specific prior written permission from the authors of +This Product (or from their common representative), You must not +use the name of This Product, the names of the authors of This +Product, or the names of the legal entities (or informal groups) +of which the authors were/are members/employees, to endorse or +promote Your Product or any work in which You include a modified +or unmodified version of This Product, or to endorse or promote +You or Your affiliates, or in a way that might suggest that Your +Product (or any work in which You include a modified or +unmodified version of This Product), You, or Your affiliates +is/are endorsed by one or more authors of This Product, or in a +way that might suggest that one or more authors of This Product +is/are affiliated with You (or Your affiliates) or directly +participated in the creation of Your Product or of any work in +which You include a modified or unmodified version of This +Product. + +6. IF YOU ARE NOT SURE WHETHER YOU UNDERSTAND ALL PARTS OF THIS +LICENSE OR IF YOU ARE NOT SURE WHETHER YOU CAN COMPLY WITH ALL +TERMS AND CONDITIONS OF THIS LICENSE, YOU MUST NOT USE, COPY, +MODIFY, CREATE DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS +PRODUCT, NOR ANY PORTION(S) OF IT. YOU SHOULD CONSULT WITH A +LAWYER. + +7. IF (IN RELEVANT CONTEXT) ANY PROVISION OF CHAPTER IV OF THIS +LICENSE IS UNENFORCEABLE, INVALID, OR PROHIBITED UNDER +APPLICABLE LAW IN YOUR JURISDICTION, YOU HAVE NO RIGHTS UNDER +THIS LICENSE AND YOU MUST NOT USE, COPY, MODIFY, CREATE +DERIVATIVE WORKS OF, NOR (RE)DISTRIBUTE THIS PRODUCT, NOR ANY +PORTION(S) THEREOF. + +8. Except as otherwise provided in this License, if any +provision of this License, or a portion thereof, is found to be +invalid or unenforceable under applicable law, it shall not +affect the validity or enforceability of the remainder of this +License, and such invalid or unenforceable provision shall be +construed to reflect the original intent of the provision and +shall be enforced to the maximum extent permitted by applicable +law so as to effect the original intent of the provision as +closely as possible. + +____________________________________________________________ + + +Third-Party Licenses + +This Product contains components that were created by third +parties and that are governed by third-party licenses, which are +contained hereinafter (separated by lines consisting of +underscores). Each of the third-party licenses applies only to +(portions of) the source code file(s) in which the third-party +license is contained or in which it is explicitly referenced, +and to compiled or otherwise processed forms of such source +code. None of the third-party licenses applies to This Product +as a whole, even when it uses terms such as "product", +"program", or any other equivalent terms/phrases. This Product +as a whole is governed by the TrueCrypt License (see above). +Some of the third-party components have been modified by the +authors of This Product. Unless otherwise stated, such +modifications and additions are governed by the TrueCrypt +License (see above). Note: Unless otherwise stated, graphics and +files that are not part of the source code are governed by the +TrueCrypt License. + +____________________________________________________________ + +License agreement for Encryption for the Masses. + +Copyright (C) 1998-2000 Paul Le Roux. All Rights Reserved. + +This product can be copied and distributed free of charge, +including source code. + +You may modify this product and source code, and distribute such +modifications, and you may derive new works based on this +product, provided that: + +1. Any product which is simply derived from this product cannot +be called E4M, or Encryption for the Masses. + +2. If you use any of the source code in your product, and your +product is distributed with source code, you must include this +notice with those portions of this source code that you use. + +Or, + +If your product is distributed in binary form only, you must +display on any packaging, and marketing materials which +reference your product, a notice which states: + +"This product uses components written by Paul Le Roux +" + +3. If you use any of the source code originally by Eric Young, +you must in addition follow his terms and conditions. + +4. Nothing requires that you accept this License, as you have +not signed it. However, nothing else grants you permission to +modify or distribute the product or its derivative works. + +These actions are prohibited by law if you do not accept this +License. + +5. If any of these license terms is found to be to broad in +scope, and declared invalid by any court or legal process, you +agree that all other terms shall not be so affected, and shall +remain valid and enforceable. + +6. THIS PROGRAM IS DISTRIBUTED FREE OF CHARGE, THEREFORE THERE +IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. UNLESS OTHERWISE STATED THE PROGRAM IS PROVIDED +"AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR +IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE +ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS +WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE +COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + +7. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN +WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY +MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE +LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, +INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR +INABILITY TO USE THE PROGRAM, INCLUDING BUT NOT LIMITED TO LOSS +OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH +ANY OTHER PROGRAMS, EVEN IF SUCH HOLDER OR OTHER PARTY HAD +PREVIOUSLY BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. +____________________________________________________________ + +Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. +All rights reserved. + +LICENSE TERMS + +The free distribution and use of this software is allowed (with +or without changes) provided that: + + 1. source code distributions include the above copyright + notice, this list of conditions and the following + disclaimer; + + 2. binary distributions include the above copyright notice, + this list of conditions and the following disclaimer in + their documentation; + + 3. the name of the copyright holder is not used to endorse + products built using this software without specific written + permission. + +DISCLAIMER + +This software is provided 'as is' with no explicit or implied +warranties in respect of its properties, including, but not +limited to, correctness and/or fitness for purpose. +____________________________________________________________ + +Copyright (C) 2002-2004 Mark Adler, all rights reserved +version 1.8, 9 Jan 2004 + +This software is provided 'as-is', without any express or +implied warranty. In no event will the author be held liable +for any damages arising from the use of this software. + +Permission is granted to anyone to use this software for any +purpose, including commercial applications, and to alter it and +redistribute it freely, subject to the following restrictions: + +1. The origin of this software must not be misrepresented; you + must not claim that you wrote the original software. If you + use this software in a product, an acknowledgment in the + product documentation would be appreciated but is not + required. +2. Altered source versions must be plainly marked as such, and + must not be misrepresented as being the original software. +3. This notice may not be removed or altered from any source + distribution. +____________________________________________________________ diff --git a/src/Release/Setup Files/NOTICE b/src/Release/Setup Files/NOTICE index 51a0fa62..42ae8da9 100644 --- a/src/Release/Setup Files/NOTICE +++ b/src/Release/Setup Files/NOTICE @@ -1,134 +1,134 @@ -Copyright 2013-2016 IDRIX - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -____________________________________________________________ - -Copyright (c) 2008-2012 TrueCrypt Developers Association. All rights reserved. - -Governed by the TrueCrypt License 3.0 the full text of which is contained in -the file License.txt included in TrueCrypt binary and source code distribution -packages. -____________________________________________________________ - -License agreement for Encryption for the Masses. - -Copyright (C) 1998-2000 Paul Le Roux. All Rights Reserved. - -This product can be copied and distributed free of charge, -including source code. - -You may modify this product and source code, and distribute such -modifications, and you may derive new works based on this -product, provided that: - -1. Any product which is simply derived from this product cannot -be called E4M, or Encryption for the Masses. - -2. If you use any of the source code in your product, and your -product is distributed with source code, you must include this -notice with those portions of this source code that you use. - -Or, - -If your product is distributed in binary form only, you must -display on any packaging, and marketing materials which -reference your product, a notice which states: - -"This product uses components written by Paul Le Roux -" - -3. If you use any of the source code originally by Eric Young, -you must in addition follow his terms and conditions. - -4. Nothing requires that you accept this License, as you have -not signed it. However, nothing else grants you permission to -modify or distribute the product or its derivative works. - -These actions are prohibited by law if you do not accept this -License. - -5. If any of these license terms is found to be to broad in -scope, and declared invalid by any court or legal process, you -agree that all other terms shall not be so affected, and shall -remain valid and enforceable. - -6. THIS PROGRAM IS DISTRIBUTED FREE OF CHARGE, THEREFORE THERE -IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY -APPLICABLE LAW. UNLESS OTHERWISE STATED THE PROGRAM IS PROVIDED -"AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR -IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE -ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS -WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE -COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - -7. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN -WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY -MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE -LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, -INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR -INABILITY TO USE THE PROGRAM, INCLUDING BUT NOT LIMITED TO LOSS -OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH -ANY OTHER PROGRAMS, EVEN IF SUCH HOLDER OR OTHER PARTY HAD -PREVIOUSLY BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. -____________________________________________________________ - -Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. -All rights reserved. - -LICENSE TERMS - -The free distribution and use of this software is allowed (with -or without changes) provided that: - - 1. source code distributions include the above copyright - notice, this list of conditions and the following - disclaimer; - - 2. binary distributions include the above copyright notice, - this list of conditions and the following disclaimer in - their documentation; - - 3. the name of the copyright holder is not used to endorse - products built using this software without specific written - permission. - -DISCLAIMER - -This software is provided 'as is' with no explicit or implied -warranties in respect of its properties, including, but not -limited to, correctness and/or fitness for purpose. -____________________________________________________________ - -Copyright (C) 2002-2004 Mark Adler, all rights reserved -version 1.8, 9 Jan 2004 - -This software is provided 'as-is', without any express or -implied warranty. In no event will the author be held liable -for any damages arising from the use of this software. - -Permission is granted to anyone to use this software for any -purpose, including commercial applications, and to alter it and -redistribute it freely, subject to the following restrictions: - -1. The origin of this software must not be misrepresented; you - must not claim that you wrote the original software. If you - use this software in a product, an acknowledgment in the - product documentation would be appreciated but is not - required. -2. Altered source versions must be plainly marked as such, and - must not be misrepresented as being the original software. -3. This notice may not be removed or altered from any source - distribution. -____________________________________________________________ +Copyright 2013-2016 IDRIX + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +____________________________________________________________ + +Copyright (c) 2008-2012 TrueCrypt Developers Association. All rights reserved. + +Governed by the TrueCrypt License 3.0 the full text of which is contained in +the file License.txt included in TrueCrypt binary and source code distribution +packages. +____________________________________________________________ + +License agreement for Encryption for the Masses. + +Copyright (C) 1998-2000 Paul Le Roux. All Rights Reserved. + +This product can be copied and distributed free of charge, +including source code. + +You may modify this product and source code, and distribute such +modifications, and you may derive new works based on this +product, provided that: + +1. Any product which is simply derived from this product cannot +be called E4M, or Encryption for the Masses. + +2. If you use any of the source code in your product, and your +product is distributed with source code, you must include this +notice with those portions of this source code that you use. + +Or, + +If your product is distributed in binary form only, you must +display on any packaging, and marketing materials which +reference your product, a notice which states: + +"This product uses components written by Paul Le Roux +" + +3. If you use any of the source code originally by Eric Young, +you must in addition follow his terms and conditions. + +4. Nothing requires that you accept this License, as you have +not signed it. However, nothing else grants you permission to +modify or distribute the product or its derivative works. + +These actions are prohibited by law if you do not accept this +License. + +5. If any of these license terms is found to be to broad in +scope, and declared invalid by any court or legal process, you +agree that all other terms shall not be so affected, and shall +remain valid and enforceable. + +6. THIS PROGRAM IS DISTRIBUTED FREE OF CHARGE, THEREFORE THERE +IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. UNLESS OTHERWISE STATED THE PROGRAM IS PROVIDED +"AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR +IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE +ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS +WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE +COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + +7. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN +WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY +MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE +LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, +INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR +INABILITY TO USE THE PROGRAM, INCLUDING BUT NOT LIMITED TO LOSS +OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH +ANY OTHER PROGRAMS, EVEN IF SUCH HOLDER OR OTHER PARTY HAD +PREVIOUSLY BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. +____________________________________________________________ + +Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. +All rights reserved. + +LICENSE TERMS + +The free distribution and use of this software is allowed (with +or without changes) provided that: + + 1. source code distributions include the above copyright + notice, this list of conditions and the following + disclaimer; + + 2. binary distributions include the above copyright notice, + this list of conditions and the following disclaimer in + their documentation; + + 3. the name of the copyright holder is not used to endorse + products built using this software without specific written + permission. + +DISCLAIMER + +This software is provided 'as is' with no explicit or implied +warranties in respect of its properties, including, but not +limited to, correctness and/or fitness for purpose. +____________________________________________________________ + +Copyright (C) 2002-2004 Mark Adler, all rights reserved +version 1.8, 9 Jan 2004 + +This software is provided 'as-is', without any express or +implied warranty. In no event will the author be held liable +for any damages arising from the use of this software. + +Permission is granted to anyone to use this software for any +purpose, including commercial applications, and to alter it and +redistribute it freely, subject to the following restrictions: + +1. The origin of this software must not be misrepresented; you + must not claim that you wrote the original software. If you + use this software in a product, an acknowledgment in the + product documentation would be appreciated but is not + required. +2. Altered source versions must be plainly marked as such, and + must not be misrepresented as being the original software. +3. This notice may not be removed or altered from any source + distribution. +____________________________________________________________ diff --git a/src/Resources/Icons/VeraCrypt-128x128.xpm b/src/Resources/Icons/VeraCrypt-128x128.xpm index 42c5189a..74938988 100644 --- a/src/Resources/Icons/VeraCrypt-128x128.xpm +++ b/src/Resources/Icons/VeraCrypt-128x128.xpm @@ -1,1296 +1,1296 @@ -/* XPM */ -static const char *VeraCryptIcon128x128[] = { -"128 128 1165 2", -" c None", -". c #FFFFFF", -"+ c #FEFEFF", -"@ c #FDFEFF", -"# c #FEFFFF", -"$ c #FEFEFE", -"% c #FEFFFE", -"& c #75D0E9", -"* c #3EBDE0", -"= c #4BC2E2", -"- c #48C1E2", -"; c #49C1E2", -"> c #43C0E2", -", c #5CC5E4", -"' c #F3FAFC", -") c #FDFEFE", -"! c #BDE4D8", -"~ c #89CCB6", -"{ c #93D0BC", -"] c #91D0BB", -"^ c #90CFBB", -"/ c #A7D8C7", -"( c #B3DCCD", -"_ c #B1DBCC", -": c #B2DBCD", -"< c #AEDACA", -"[ c #C0E2D5", -"} c #FCFEFF", -"| c #B4E5F3", -"1 c #00A3D4", -"2 c #01A8D6", -"3 c #00A7D6", -"4 c #03A7D6", -"5 c #009DCF", -"6 c #8CD5EA", -"7 c #FBFEFE", -"8 c #EDF8F4", -"9 c #58BB9F", -"0 c #55B899", -"a c #66BDA0", -"b c #63BC9F", -"c c #61BB9E", -"d c #6DBFA4", -"e c #81C6AE", -"f c #8FCCB5", -"g c #91CCB6", -"h c #90CCB6", -"i c #92CDB7", -"j c #8ACAB2", -"k c #D7EDE5", -"l c #5EC8E5", -"m c #0FADD9", -"n c #0BACD8", -"o c #0BACD9", -"p c #10A9D6", -"q c #0DA5D2", -"r c #18AAD5", -"s c #E2F4FA", -"t c #95D4C1", -"u c #46B494", -"v c #58BB9E", -"w c #6BBFA4", -"x c #6DC0A5", -"y c #6EC0A5", -"z c #85C8B1", -"A c #86C9B2", -"B c #8DCBB5", -"C c #98D0BB", -"D c #97D0BB", -"E c #98D1BC", -"F c #91CDB7", -"G c #DBF3F9", -"H c #11ADD9", -"I c #06AAD8", -"J c #09ABD8", -"K c #08ABD8", -"L c #09AAD7", -"M c #0EA6D3", -"N c #12A7D4", -"O c #00A0D0", -"P c #67C7E3", -"Q c #FCFEFE", -"R c #D8EFE8", -"S c #4FB899", -"T c #53B99B", -"U c #50B99A", -"V c #5CBC9F", -"W c #6DBFA5", -"X c #69BEA3", -"Y c #79C4AB", -"Z c #87C9B2", -"` c #92CDB8", -" . c #97CFBA", -".. c #96CFBA", -"+. c #95CFB9", -"@. c #EAF5F1", -"#. c #81D4EB", -"$. c #00A5D5", -"%. c #0CACD9", -"&. c #0CA7D4", -"*. c #0FA6D3", -"=. c #08A4D2", -"-. c #C5EAF4", -";. c #7CCAB3", -">. c #49B596", -",. c #54BA9C", -"'. c #52B99B", -"). c #66BEA2", -"!. c #6CBFA4", -"~. c #6ABFA3", -"{. c #6FC0A6", -"]. c #84C8B1", -"^. c #89CAB3", -"/. c #C2E3D7", -"(. c #F2FBFD", -"_. c #28B5DC", -":. c #01A8D7", -"<. c #0AACD8", -"[. c #0AA9D6", -"}. c #11A7D4", -"|. c #02A1D1", -"1. c #45BADD", -"2. c #C0E5DB", -"3. c #48B595", -"4. c #58BB9D", -"5. c #7DC5AD", -"6. c #84C8B0", -"7. c #90CCB7", -"8. c #97CFBB", -"9. c #94CEB9", -"0. c #9ED2BF", -"a. c #F5FBF9", -"b. c #A6E1F1", -"c. c #00A6D6", -"d. c #0DA7D4", -"e. c #A3DDEE", -"f. c #F6FBFA", -"g. c #66C1A7", -"h. c #4DB798", -"i. c #53BA9C", -"j. c #63BDA1", -"k. c #72C2A8", -"l. c #86C8B2", -"m. c #95CFBA", -"n. c #D2EAE1", -"o. c #46BFE1", -"p. c #0BA8D5", -"q. c #10A7D3", -"r. c #28AFD8", -"s. c #F1FAFC", -"t. c #A6DBCB", -"u. c #55BA9D", -"v. c #51B99B", -"w. c #55BA9C", -"x. c #81C6AF", -"y. c #A9D8C6", -"z. c #C8ECF6", -"A. c #06A9D7", -"B. c #12A8D4", -"C. c #7ED0E8", -"D. c #E6F5F0", -"E. c #56BB9D", -"F. c #50B89A", -"G. c #5EBCA0", -"H. c #76C3AA", -"I. c #E1F1EB", -"J. c #69CCE7", -"K. c #0CADD9", -"L. c #0CA8D5", -"M. c #0DA5D3", -"N. c #D8F1F8", -"O. c #8CD0BC", -"P. c #47B495", -"Q. c #68BEA3", -"R. c #86C8B1", -"S. c #8BCAB4", -"T. c #99D0BC", -"U. c #8FCCB6", -"V. c #B7DED0", -"W. c #E4F6FB", -"X. c #18B0DA", -"Y. c #06A8D6", -"Z. c #00A1D0", -"`. c #5AC2E1", -" + c #D0ECE4", -".+ c #4CB697", -"++ c #5CBB9F", -"@+ c #84C7B0", -"#+ c #EEF7F4", -"$+ c #8FD8ED", -"%+ c #00A1D1", -"&+ c #13A7D3", -"*+ c #11A7D3", -"=+ c #05A2D1", -"-+ c #BAE5F2", -";+ c #73C6AF", -">+ c #4AB697", -",+ c #4FB89A", -"'+ c #68BFA3", -")+ c #8CCBB5", -"!+ c #89CAB4", -"~+ c #8ACAB4", -"{+ c #C9E6DC", -"]+ c #F9FDFE", -"^+ c #3DACD8", -"/+ c #1099CF", -"(+ c #1B9ED1", -"_+ c #199DD1", -":+ c #0F99CF", -"<+ c #47A7D7", -"[+ c #FDFDFE", -"}+ c #ABE0D3", -"|+ c #35B291", -"1+ c #49B89B", -"2+ c #46B799", -"3+ c #48B89A", -"4+ c #3CB394", -"5+ c #BAE4D8", -"6+ c #FBFDFB", -"7+ c #F0F8F5", -"8+ c #F2F9F6", -"9+ c #F1F9F6", -"0+ c #FBFDFD", -"a+ c #B7E0F1", -"b+ c #0F97CF", -"c+ c #1D9DD1", -"d+ c #1A9CD1", -"e+ c #2199D1", -"f+ c #1584C9", -"g+ c #9FCEE9", -"h+ c #FCFDFE", -"i+ c #EFF9F7", -"j+ c #43B99D", -"k+ c #33B293", -"l+ c #46B89A", -"m+ c #44B799", -"n+ c #47B89A", -"o+ c #3AB393", -"p+ c #73C9B3", -"q+ c #5DB9DE", -"r+ c #0D96CE", -"s+ c #1D9DD2", -"t+ c #2390CE", -"u+ c #1F8ACC", -"v+ c #3295D0", -"w+ c #EBF4FA", -"x+ c #FCFEFD", -"y+ c #8CD4C3", -"z+ c #25AE8D", -"A+ c #36B496", -"B+ c #3FB698", -"C+ c #45B799", -"D+ c #41B698", -"E+ c #D7F0E9", -"F+ c #D5EDF7", -"G+ c #1B9CD1", -"H+ c #199CD1", -"I+ c #1E95CF", -"J+ c #248CCD", -"K+ c #278FCE", -"L+ c #1485C9", -"M+ c #7EBCE1", -"N+ c #D9F1EB", -"O+ c #33B394", -"P+ c #35B495", -"Q+ c #47B89B", -"R+ c #37B292", -"S+ c #8ED4C2", -"T+ c #7FC8E5", -"U+ c #0A95CE", -"V+ c #1E9ED2", -"W+ c #1B9BD1", -"X+ c #238ECD", -"Y+ c #238DCD", -"Z+ c #218CCC", -"`+ c #D2E8F5", -" @ c #6DC9B3", -".@ c #27AF8E", -"+@ c #32B394", -"@@ c #3CB596", -"#@ c #45B79A", -"$@ c #41B697", -"%@ c #4FBB9F", -"&@ c #ECF8F5", -"*@ c #EEF8FC", -"=@ c #2EA5D5", -"-@ c #159AD0", -";@ c #1B9DD1", -">@ c #2093CF", -",@ c #268FCE", -"'@ c #1787CA", -")@ c #5DABDA", -"!@ c #BEE7DD", -"~@ c #29AF8F", -"{@ c #34B394", -"]@ c #42B798", -"^@ c #ABDFD1", -"/@ c #A2D7EC", -"(@ c #0B95CE", -"_@ c #1A9DD1", -":@ c #1C99D0", -"<@ c #268ECE", -"[@ c #B5D8EE", -"}@ c #F9FDFC", -"|@ c #53BEA5", -"1@ c #2BB090", -"2@ c #39B596", -"3@ c #3DB495", -"4@ c #63C3AA", -"5@ c #FBFEFD", -"6@ c #49B0DA", -"7@ c #2190CE", -"8@ c #258ECD", -"9@ c #1C89CB", -"0@ c #419DD4", -"a@ c #F7FBFD", -"b@ c #A0DBCD", -"c@ c #25AE8C", -"d@ c #37B496", -"e@ c #40B698", -"f@ c #3BB494", -"g@ c #C6E9E0", -"h@ c #C3E5F3", -"i@ c #1299CF", -"j@ c #1C9CD1", -"k@ c #1D97D0", -"l@ c #1385CA", -"m@ c #93C7E7", -"n@ c #E8F6F3", -"o@ c #3DB799", -"p@ c #30B292", -"q@ c #34B395", -"r@ c #37B495", -"s@ c #39B393", -"t@ c #7CCDB8", -"u@ c #69BEE1", -"v@ c #0B96CE", -"w@ c #1E9DD2", -"x@ c #228FCD", -"y@ c #248DCD", -"z@ c #208CCC", -"A@ c #2B91CF", -"B@ c #E3F0F9", -"C@ c #80CFBC", -"D@ c #25AD8C", -"E@ c #36B395", -"F@ c #32B293", -"G@ c #3EB597", -"H@ c #44B698", -"I@ c #45B89A", -"J@ c #DFF3EE", -"K@ c #E0F1F9", -"L@ c #20A0D3", -"M@ c #1C94CF", -"N@ c #1486CA", -"O@ c #72B6DF", -"P@ c #D1EFE8", -"Q@ c #2FB595", -"R@ c #35B697", -"S@ c #34B697", -"T@ c #33B697", -"U@ c #39B899", -"V@ c #37B494", -"W@ c #98D7C6", -"X@ c #8DCAE7", -"Y@ c #1385C9", -"Z@ c #288ECD", -"`@ c #248CCC", -" # c #258CCC", -".# c #1E88CB", -"+# c #C9E2F2", -"@# c #60B8A1", -"## c #25A182", -"$# c #33A689", -"%# c #30A588", -"&# c #31A689", -"*# c #2AA384", -"=# c #4AB196", -"-# c #F3FBF9", -";# c #F5F9FC", -"># c #4395CE", -",# c #2182C5", -"'# c #2A87C7", -")# c #2886C7", -"!# c #2B88C8", -"~# c #1D7EC3", -"{# c #5196CC", -"]# c #B2E1E6", -"^# c #197B71", -"/# c #236349", -"(# c #216750", -"_# c #21664E", -":# c #22674F", -"<# c #1F634B", -"[# c #2D8B70", -"}# c #D6EFE8", -"|# c #B2D4EB", -"1# c #1B7FC4", -"2# c #2887C8", -"3# c #277FC2", -"4# c #116DB7", -"5# c #A8CAE5", -"6# c #F4FAFA", -"7# c #45B0B8", -"8# c #269EA6", -"9# c #246D57", -"0# c #21664D", -"a# c #21674F", -"b# c #216850", -"c# c #20644D", -"d# c #27765D", -"e# c #239B7B", -"f# c #63B7A0", -"g# c #5EA4D5", -"h# c #1D80C4", -"i# c #2783C5", -"j# c #2178BC", -"k# c #1A73BA", -"l# c #3685C3", -"m# c #F1F6FB", -"n# c #92D0D4", -"o# c #1E9CA5", -"p# c #32AAB5", -"q# c #288C87", -"r# c #206348", -"s# c #216851", -"t# c #2C9477", -"u# c #32A385", -"v# c #23997A", -"w# c #B8DED4", -"x# c #D0E5F3", -"y# c #2484C6", -"z# c #2986C7", -"A# c #2887C7", -"B# c #227BBF", -"C# c #1F76BB", -"D# c #247ABD", -"E# c #106DB7", -"F# c #86B5DB", -"G# c #DFF1F3", -"H# c #31A6AF", -"I# c #2BA3AC", -"J# c #2EA4AD", -"K# c #2DA5AF", -"L# c #237362", -"M# c #20644B", -"N# c #20634B", -"O# c #277E63", -"P# c #30A384", -"Q# c #319F81", -"R# c #289C7D", -"S# c #4CAC93", -"T# c #F8FCFB", -"U# c #7DB6DD", -"V# c #197EC3", -"W# c #2C88C8", -"X# c #2987C8", -"Y# c #2581C4", -"Z# c #2077BC", -"`# c #2177BC", -" $ c #1F76BC", -".$ c #2378BD", -"+$ c #DAE8F4", -"@$ c #72C2C8", -"#$ c #209EA8", -"$$ c #30A5AE", -"%$ c #2DA3AC", -"&$ c #2EA7B2", -"*$ c #2A9595", -"=$ c #21654B", -"-$ c #226B52", -";$ c #2E9B7D", -">$ c #2FA082", -",$ c #2F9F81", -"'$ c #33A183", -")$ c #209878", -"!$ c #9BD1C2", -"~$ c #E9F3F9", -"{$ c #358DCA", -"]$ c #2987C7", -"^$ c #2179BD", -"/$ c #2076BC", -"($ c #2379BD", -"_$ c #126FB8", -":$ c #65A1D1", -"<$ c #C5E6E8", -"[$ c #25A0AA", -"}$ c #2FA5AE", -"|$ c #2DA4AD", -"1$ c #2EA8B3", -"2$ c #257C6F", -"3$ c #206349", -"4$ c #29876C", -"5$ c #30A385", -"6$ c #2F9E80", -"7$ c #309F82", -"8$ c #2C9E7F", -"9$ c #39A387", -"0$ c #E7F4F0", -"a$ c #9EC8E6", -"b$ c #247EC2", -"c$ c #2278BD", -"d$ c #1671B9", -"e$ c #BDD7EB", -"f$ c #55B5BD", -"g$ c #24A0A9", -"h$ c #2DA4AC", -"i$ c #2DA6B0", -"j$ c #2C9DA1", -"k$ c #247158", -"l$ c #32A183", -"m$ c #219878", -"n$ c #7EC4B1", -"o$ c #FBFDFE", -"p$ c #4C9AD0", -"q$ c #1F81C5", -"r$ c #2784C6", -"s$ c #1771B9", -"t$ c #478FC7", -"u$ c #A6D9DC", -"v$ c #1F9EA7", -"w$ c #2DA3AB", -"x$ c #2EA8B4", -"y$ c #27857E", -"z$ c #21654D", -"A$ c #2C9074", -"B$ c #30A284", -"C$ c #309F81", -"D$ c #2B9D7F", -"E$ c #D1EAE3", -"F$ c #BEDAEE", -"G$ c #1E80C4", -"H$ c #237CC0", -"I$ c #2479BD", -"J$ c #9CC3E1", -"K$ c #FFFEFF", -"L$ c #EDF7F8", -"M$ c #3DABB3", -"N$ c #29A2AB", -"O$ c #2EA5AE", -"P$ c #2DA5AE", -"Q$ c #2DA3AA", -"R$ c #226E5A", -"S$ c #267A60", -"T$ c #32A083", -"U$ c #249A7A", -"V$ c #63B7A1", -"W$ c #69AAD8", -"X$ c #1C80C4", -"Y$ c #2A84C5", -"Z$ c #2076BB", -"`$ c #1C74BB", -" % c #2E7FC0", -".% c #E6F0F7", -"+% c #85CAD0", -"@% c #1E9DA7", -"#% c #31A6AE", -"$% c #298F8D", -"%% c #216349", -"&% c #226951", -"*% c #2D987B", -"=% c #2FA182", -"-% c #B7DED4", -";% c #F9FCFB", -">% c #FCFDFD", -",% c #DAEAF5", -"'% c #2A87C8", -")% c #207BBF", -"!% c #1F78BD", -"~% c #237ABE", -"{% c #0E6EB7", -"]% c #81B2DA", -"^% c #E3F5F3", -"/% c #29A3AC", -"(% c #2DA5AD", -"_% c #2EA8B1", -":% c #227363", -"<% c #278265", -"[% c #31A587", -"}% c #31A183", -"|% c #289D7E", -"1% c #4CAD93", -"2% c #87B5DB", -"3% c #1467B3", -"4% c #2874B9", -"5% c #2472B8", -"6% c #2171B7", -"7% c #2E76BB", -"8% c #4DA7BA", -"9% c #289FAC", -"0% c #30A0AF", -"a% c #2EA0AE", -"b% c #2EA0AD", -"c% c #2CA1B1", -"d% c #329A9F", -"e% c #35997B", -"f% c #319B7E", -"g% c #2C987A", -"h% c #2D987A", -"i% c #2F997C", -"j% c #239374", -"k% c #7FBFAD", -"l% c #B9DDD4", -"m% c #AFD8CD", -"n% c #ACD6CB", -"o% c #AAD5CA", -"p% c #ABD6CA", -"q% c #A5D4C7", -"r% c #E2F3EF", -"s% c #F0F4F9", -"t% c #3E76B7", -"u% c #2664AE", -"v% c #2C69B1", -"w% c #2B68B0", -"x% c #2A68AF", -"y% c #2D69B5", -"z% c #1F639C", -"A% c #127187", -"B% c #339BB3", -"C% c #2E96AE", -"D% c #2F97AF", -"E% c #3299B0", -"F% c #1F8FA8", -"G% c #B1D8E4", -"H% c #7FB9A5", -"I% c #198364", -"J% c #2D8E71", -"K% c #2A8C6F", -"L% c #2B8C6F", -"M% c #1E8464", -"N% c #1F9071", -"O% c #209374", -"P% c #209273", -"Q% c #239273", -"R% c #139474", -"S% c #67C4B0", -"T% c #A9C3E0", -"U% c #1C60AC", -"V% c #2D6BB2", -"W% c #2A69B1", -"X% c #126783", -"Y% c #0C6375", -"Z% c #258AA1", -"`% c #319BB2", -" & c #2F97AE", -".& c #2F98AF", -"+& c #3199B0", -"@& c #2694AC", -"#& c #55ABBD", -"$& c #E1EFEB", -"%& c #309074", -"&& c #288C6F", -"*& c #2B8D71", -"=& c #2A8D70", -"-& c #2A8E71", -";& c #288A6C", -">& c #298667", -",& c #2D9073", -"'& c #329C7F", -")& c #319B7F", -"!& c #30AC90", -"~& c #20A88A", -"{& c #BCE4DB", -"]& c #5788C1", -"^& c #2062AD", -"/& c #2A69B0", -"(& c #2C69B5", -"_& c #1D6798", -":& c #0B6576", -"<& c #0C6379", -"[& c #136E83", -"}& c #2794AC", -"|& c #C5E2E9", -"1& c #93C5B6", -"2& c #1B8566", -"3& c #2E8F73", -"4& c #298C6F", -"5& c #278768", -"6& c #2C9678", -"7& c #2E9A7D", -"8& c #2E997C", -"9& c #2E977A", -"0& c #2CA386", -"a& c #2DAE92", -"b& c #23A98B", -"c& c #4CB9A0", -"d& c #C8D8EB", -"e& c #2364AE", -"f& c #2B6AB1", -"g& c #2B69B2", -"h& c #2769AC", -"i& c #0E657D", -"j& c #0C6579", -"k& c #0E667B", -"l& c #0A6176", -"m& c #208298", -"n& c #329CB3", -"o& c #2E97AE", -"p& c #329AB0", -"q& c #2292AA", -"r& c #73BAC9", -"s& c #F5FAF8", -"t& c #449B82", -"u& c #248A6B", -"v& c #2C8E71", -"w& c #28896B", -"x& c #278767", -"y& c #278667", -"z& c #298C6D", -"A& c #2E987B", -"B& c #2E9B7E", -"C& c #2BAB8E", -"D& c #2BAC8F", -"E& c #2FAD91", -"F& c #1CA687", -"G& c #9CD8CB", -"H& c #749DCC", -"I& c #1C5FAC", -"J& c #18678F", -"K& c #0D657B", -"L& c #0D657A", -"M& c #0C6479", -"N& c #0F687D", -"O& c #2C94AB", -"P& c #3099B0", -"Q& c #3098AF", -"R& c #2D97AE", -"S& c #339AB1", -"T& c #DFEFF3", -"U& c #B3D6CC", -"V& c #1D8667", -"W& c #2D8F72", -"X& c #2A8D71", -"Y& c #298B6E", -"Z& c #2C9376", -"`& c #2CA689", -" * c #2BAD90", -".* c #2CAC90", -"+* c #28AB8D", -"@* c #36B095", -"#* c #E7F6F2", -"$* c #E3EBF5", -"%* c #316EB4", -"&* c #2867B0", -"** c #2C69B4", -"=* c #2468A5", -"-* c #0C6578", -";* c #0B6176", -">* c #1B7A90", -",* c #319CB3", -"'* c #339AB0", -")* c #2091A9", -"!* c #92C9D5", -"~* c #5FA994", -"{* c #1F8769", -"]* c #288869", -"^* c #2D9E81", -"/* c #1DA687", -"(* c #7CCBBA", -"_* c #95B4D8", -":* c #1B5EAB", -"<* c #2E6CB2", -"[* c #2B69B3", -"}* c #146687", -"|* c #0B6577", -"1* c #288EA5", -"2* c #309AB1", -"3* c #2995AD", -"4* c #47A4B8", -"5* c #F4F9FB", -"6* c #D1E6E0", -"7* c #278B6E", -"8* c #298A6C", -"9* c #278666", -"0* c #2A9072", -"a* c #2E9A7E", -"b* c #2CA88B", -"c* c #2CAC8F", -"d* c #27AA8D", -"e* c #CFECE5", -"f* c #F6F9FC", -"g* c #467DBB", -"h* c #1F679D", -"i* c #0D667B", -"j* c #0B6277", -"k* c #167287", -"l* c #B2D9E1", -"m* c #7EBAA8", -"n* c #2E8F72", -"o* c #278869", -"p* c #2D977A", -"q* c #2DA184", -"r* c #2EAD90", -"s* c #20A889", -"t* c #5DC0AA", -"u* c #B5CBE4", -"v* c #1E60AD", -"w* c #2D6BB3", -"x* c #2969AF", -"y* c #106580", -"z* c #24879D", -"A* c #349DB4", -"B* c #2492AA", -"C* c #60B0C2", -"D* c #E9F3F0", -"E* c #379478", -"F* c #268B6D", -"G* c #2B8E71", -"H* c #288A6B", -"I* c #2A8E6F", -"J* c #2EAD91", -"K* c #1EA788", -"L* c #B1E0D6", -"M* c #608FC4", -"N* c #2262B2", -"O* c #226C98", -"P* c #0E6778", -"Q* c #12677D", -"R* c #11677C", -"S* c #10667A", -"T* c #156E83", -"U* c #2B96AE", -"V* c #CFE7EC", -"W* c #9FCBBE", -"X* c #1B8667", -"Y* c #308F73", -"Z* c #2A896A", -"`* c #2A886A", -" = c #30977A", -".= c #329A7E", -"+= c #2FA588", -"@= c #2EAF92", -"#= c #30AE92", -"$= c #28AB8E", -"%= c #47B79E", -"&= c #F5FBFA", -"*= c #D5E1F1", -"== c #1C62A3", -"-= c #005971", -";= c #015A71", -">= c #005A71", -",= c #005B72", -"'= c #01586E", -")= c #026E87", -"!= c #80C2D0", -"~= c #FBFDFC", -"{= c #4C9F86", -"]= c #107B5A", -"^= c #1A805E", -"/= c #187F5D", -"(= c #187E5D", -"_= c #198261", -":= c #1E9677", -"<= c #1CA787", -"[= c #0CA07F", -"}= c #83CEBE", -"|= c #B2CDD9", -"1= c #8FB8C1", -"2= c #96BDC6", -"3= c #95BCC5", -"4= c #95BBC4", -"5= c #94BCC6", -"6= c #E9F4F6", -"7= c #D4E8E2", -"8= c #9AC7B8", -"9= c #A1CBBE", -"0= c #A0CABD", -"a= c #A0C9BC", -"b= c #A2D5C9", -"c= c #A2DCCF", -"d= c #A2DBCE", -"e= c #A3DBCE", -"f= c #A0DACD", -"g= c #AADED2", -"h= c #FDFDFD", -"i= c #FCFCFC", -"j= c #939392", -"k= c #696968", -"l= c #797978", -"m= c #F0F0F0", -"n= c #D3D3D3", -"o= c #6D6D6C", -"p= c #C1C1C0", -"q= c #BEBEBE", -"r= c #626261", -"s= c #3E3E3C", -"t= c #3C3C3A", -"u= c #484846", -"v= c #9F9F9E", -"w= c #FBFBFB", -"x= c #7F7F7E", -"y= c #000000", -"z= c #080806", -"A= c #BBBBBA", -"B= c #F9F9F9", -"C= c #80807F", -"D= c #0E0E0C", -"E= c #CDCDCC", -"F= c #FAFAFA", -"G= c #FCFCFB", -"H= c #F7F7F7", -"I= c #090907", -"J= c #515150", -"K= c #8D8D8C", -"L= c #989898", -"M= c #656563", -"N= c #818180", -"O= c #DBDBDB", -"P= c #CECECE", -"Q= c #D0D0CF", -"R= c #1F1F1D", -"S= c #11110F", -"T= c #7C7C7B", -"U= c #4E4E4C", -"V= c #686866", -"W= c #0C0C0B", -"X= c #C4C4C4", -"Y= c #31312F", -"Z= c #434341", -"`= c #0D0D0B", -" - c #434342", -".- c #D6D6D6", -"+- c #20201E", -"@- c #90908F", -"#- c #CCCCCB", -"$- c #757574", -"%- c #585857", -"&- c #6E6E6D", -"*- c #C5C5C4", -"=- c #DADADA", -"-- c #7B7B7A", -";- c #9E9E9E", -">- c #ECECEC", -",- c #747473", -"'- c #838382", -")- c #C6C6C5", -"!- c #5E5E5D", -"~- c #DEDEDE", -"{- c #CBCBCA", -"]- c #040402", -"^- c #A0A09F", -"/- c #C1C1C1", -"(- c #A9A9A8", -"_- c #F5F5F4", -":- c #737371", -"<- c #AFAFAE", -"[- c #8E8E8D", -"}- c #F3F3F3", -"|- c #B2B2B1", -"1- c #9C9C9B", -"2- c #A5A5A4", -"3- c #EAEAEA", -"4- c #5F5F5D", -"5- c #EDEDED", -"6- c #888886", -"7- c #252523", -"8- c #888885", -"9- c #ABABAA", -"0- c #828281", -"a- c #D2D2D1", -"b- c #979796", -"c- c #D2D2D2", -"d- c #A3A3A2", -"e- c #10100E", -"f- c #070706", -"g- c #1C1C1A", -"h- c #070705", -"i- c #0F0F0D", -"j- c #AAAAA9", -"k- c #B7B7B6", -"l- c #2F2F2E", -"m- c #51514F", -"n- c #3F3F3E", -"o- c #272726", -"p- c #191916", -"q- c #060604", -"r- c #2A2A28", -"s- c #DDDDDC", -"t- c #7D7D7C", -"u- c #191917", -"v- c #7E7E7D", -"w- c #2C2C2A", -"x- c #525250", -"y- c #161614", -"z- c #A7A7A6", -"A- c #C2C2C2", -"B- c #B1B1B0", -"C- c #F8F8F8", -"D- c #3D3D3B", -"E- c #41413F", -"F- c #595958", -"G- c #6C6C6A", -"H- c #131311", -"I- c #343433", -"J- c #F1F1F1", -"K- c #5B5B5A", -"L- c #222220", -"M- c #373735", -"N- c #565655", -"O- c #C7C7C7", -"P- c #0F0F0C", -"Q- c #575756", -"R- c #4C4C4A", -"S- c #E3E3E3", -"T- c #151513", -"U- c #B4B4B3", -"V- c #0B0B09", -"W- c #343432", -"X- c #C6C6C6", -"Y- c #171715", -"Z- c #525251", -"`- c #8E8E8C", -" ; c #B2B2B2", -".; c #D5D5D5", -"+; c #30302F", -"@; c #555554", -"#; c #353534", -"$; c #9B9B9A", -"%; c #030301", -"&; c #767674", -"*; c #353533", -"=; c #575755", -"-; c #0D0D0A", -";; c #CACAC9", -">; c #5E5E5C", -",; c #0C0C0A", -"'; c #777776", -"); c #30302E", -"!; c #717170", -"~; c #646463", -"{; c #F5F5F5", -"]; c #2B2B29", -"^; c #0A0A07", -"/; c #8F8F8E", -"(; c #A8A8A7", -"_; c #949493", -":; c #DFDFDF", -"<; c #141412", -"[; c #121210", -"}; c #848482", -"|; c #A2A2A1", -"1; c #5F5F5E", -"2; c #474745", -"3; c #262624", -"4; c #545452", -"5; c #E2E2E2", -"6; c #666664", -"7; c #3E3E3D", -"8; c #70706F", -"9; c #40403F", -"0; c #B0B0AF", -"a; c #1E1E1D", -"b; c #D4D4D4", -"c; c #030303", -"d; c #040403", -"e; c #050503", -"f; c #D0D0D0", -"g; c #E8E8E7", -"h; c #383836", -"i; c #020200", -"j; c #141413", -"k; c #424240", -"l; c #2B2B2A", -"m; c #EEEEEE", -"n; c #929291", -"o; c #E4E4E4", -"p; c #999998", -"q; c #1E1E1C", -"r; c #919190", -"s; c #4A4A48", -"t; c #232321", -"u; c #C0C0C0", -"v; c #292927", -"w; c #585856", -"x; c #4E4E4D", -"y; c #939393", -"z; c #0A0A08", -"A; c #2E2E2C", -"B; c #BBBBBB", -"C; c #C9C9C8", -"D; c #BCBCBB", -"E; c #C8C8C8", -"F; c #B6B6B6", -"G; c #878786", -"H; c #050502", -"I; c #DCDCDB", -"J; c #535351", -"K; c #B5B5B4", -"L; c #A6A6A5", -"M; c #181816", -"N; c #4B4B49", -"O; c #BDBDBC", -"P; c #181815", -"Q; c #474746", -"R; c #FAFAF9", -"S; c #656564", -"T; c #1A1A18", -"U; c #242423", -"V; c #10100D", -"W; c #959594", -"X; c #D1D1D0", -"Y; c #EEEEED", -"Z; c #CFCFCF", -"`; c #D6D6D5", -" > c #B9B9B8", -".> c #71716F", -"+> c #313130", -"@> c #CBCBCB", -"#> c #616160", -"$> c #484847", -"%> c #EFEFEF", -"&> c #BABAB9", -"*> c #212120", -"=> c #5D5D5B", -"-> c #5C5C5B", -";> c #E8E8E8", -">> c #6B6B69", -",> c #6F6F6E", -"'> c #DBDBDA", -")> c #8A8A89", -"!> c #020201", -"~> c #575757", -"{> c #BDBDBD", -"]> c #060603", -"^> c #0C0C09", -"/> c #131312", -"(> c #50504F", -"_> c #E6E6E6", -":> c #444442", -"<> c #858584", -"[> c #5B5B59", -"}> c #767675", -"|> c #888887", -"1> c #8C8C8B", -"2> c #979795", -"3> c #E9E9E9", -"4> c #626260", -"5> c #6B6B6A", -"6> c #6F6F6D", -"7> c #C0C0BF", -"8> c #565654", -"9> c #737372", -"0> c #D5D5D4", -"a> c #ADADAC", -"b> c #545453", -"c> c #A4A4A3", -"d> c #B5B5B5", -"e> c #444443", -"f> c #595957", -"g> c #C3C3C2", -"h> c #494948", -"i> c #3D3D3C", -"j> c #E7E7E7", -"k> c #666665", -"l> c #323230", -"m> c #9E9E9D", -"n> c #FEFEFD", -"o> c #CFCFCE", -"p> c #A8A8A8", -"q> c #535352", -"r> c #FDFDFC", -"s> c #B8B8B8", -"t> c #60605F", -"u> c #6D6D6B", -"v> c #E0E0DF", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . + @ @ @ @ @ @ @ @ @ @ @ @ @ # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ $ $ $ $ $ $ $ $ $ $ $ $ $ % % % % % % % % % % % % % % . . . . ", -" . . . # # . . . . . . . . . . . . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . # . & * = - - - - - - - - ; > , ' . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . ! ~ { ] ] ] ] ] ] ] ] ] ] ^ / ( _ _ _ _ _ _ _ _ _ : < [ . . . . . ", -" . . . . } . | 1 2 3 3 3 3 3 3 3 3 3 4 5 6 . 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . % . 8 9 0 a b b b b b b b b b c d e f g h h h h h h h h i j k . $ . . . . ", -" . . . . . @ . l 3 m n n n n n n n o p q r s . + . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . t u v w x x x x x x x x x y z A B C D D D D D D D E F ( . # . . . . . ", -" . . . . . . @ . G H I J K K K K K K L M N O P . Q . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . R S T U V W w w w w w w w X Y Z z z ` ...............+.@.. % . . . . . . ", -" . . . . . . . 7 . #.$.%.K K K K K K &.M M *.=.-.. @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . % . ;.>.,.'.'.).!.w w w w w ~.{.z z z ].^. ...........C f /.. $ . . . . . . . ", -" . . . . . . . . # . (._.:.<.K K K K [.M M M }.|.1.. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . 2.3.,.'.'.U 4.!.w w w w w X 5.Z z z z 6.7.8....... .9.0.a.. # . . . . . . . . ", -" . . . . . . . . . Q . b.c.o K K K K d.M M M M }.O e.. Q . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . f.g.h.i.'.'.'.U j.W w w w X k.l.z z z z ].Z m.......C f n.. $ . . . . . . . . . ", -" . . . . . . . . . . . # . o.3 n K K p.M M M M M q.=.r.s.. # . . . . . . . . . . . . . . . . . . . . . . . . . . . Q . t.u u.'.'.'.'.v.w.w w w w w x.l.z z z z z 6.B 8...D i y.$ . . . . . . . . . . . . ", -" . . . . . . . . . . . . @ . z.A.J K L M M M M M M M B.O C.. 7 . . . . . . . . . . . . . . . . . . . . . . . . . . % . D.E.F.T '.'.'.'.'.U G.W w X H.Z z z z z z z z z 9. .8.i I.. $ . . . . . . . . . . . . ", -" . . . . . . . . . . . . . Q . J.$.K.L.M M M M M M M *.M.N N.. @ . . . . . . . . . . . . . . . . . . . . . . . . . ) . O.P.u.'.'.'.'.'.'.'.T Q.w x ].R.z z z z z z z 6.S.T.U.V.. $ . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . # . W.X.Y.*.M M M M M M M M N Z.`.. } . . . . . . . . . . . . . . . . . . . . . . . . ) . +.+i.'.'.'.'.'.'.'.'.U ++w Y R.@+@+@+@+@+@+@+@+@+@+U.C #+. # . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . 7 . $+%+&+*.*.*.*.*.*.*.*.*.*+=+-+. } . . . . . . . . . . . . . . . . . . . . . . . # % ;+>+,.'.'.'.'.'.'.'.'.T ,+'+)+!+!+!+!+!+!+!+!+!+!+~+R.{+. $ . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . # . ]+^+/+(+_+_+_+_+_+_+_+_+(+:+<+[+. . . . . . . . . . . . . . . . . . . . . . . Q . }+|+1+2+2+2+2+2+2+2+2+2+3+4+5+6+7+8+8+8+8+8+8+8+8+8+8+9+0+. . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . Q . a+b+c+d+d+d+d+d+d+d+d+_+e+f+g+. h+. . . . . . . . . . . . . . . . . . . . # . i+j+k+l+m+m+m+m+m+m+m+m+n+o+p+. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . @ . q+r+s+d+d+d+d+d+d+d+d+t+u+v+w+. + . . . . . . . . . . . . . . . . . . . x+. y+z+A+B+C+m+m+m+m+m+m+m+m+D+E+. Q # # # # # # # # # # # # . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . @ . F+G+H+G+d+d+d+d+d+_+I+J+K+L+M+. h+. . . . . . . . . . . . . . . . . . ) . N+O+O+O+P+m+m+m+m+m+m+m+Q+R+S+. Q . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . Q . T+U+V+d+d+d+d+d+W+X+Y+Y+Y+Z+`+. @ . . . . . . . . . . . . . . . . . ) . @.@A+O++@@@C+m+m+m+m+#@$@%@&@. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . # . *@=@-@;@d+d+d+_+>@J+Y+Y+,@'@)@. @ . . . . . . . . . . . . . . . . ) . !@~@P+O+O+O+{@]@C+m+m+m+Q+R+^@. Q . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . Q . /@(@V+d+d+_@:@Y+Y+Y+Y+Y+<@'@[@. Q . . . . . . . . . . . . . . # . }@|@1@P+O+O+O++@2@C+m+m+l+3@4@5@. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . # . 6@b+s+d+_@7@J+Y+Y+Y+Y+8@9@0@a@. # . . . . . . . . . . . . . x+. b@c@d@O+O+O+O+O+O+e@C+m+l+f@g@. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . @ . h@i@j@_@k@J+Y+Y+Y+Y+Y+Y+K+l@m@. h+. . . . . . . . . . . . % . n@o@p@q@O+O+O+O+O++@r@C+Q+s@t@. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . Q . u@v@w@x@Y+Y+Y+Y+Y+Y+Y+y@z@A@B@. + . . . . . . . . . . . Q . C@D@E@k+k+k+k+k+k+k+F@G@H@I@J@. $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . K@L@M@J+Y+Y+Y+Y+Y+Y+Y+Y+K+N@O@. h+. . . . . . . . . . ) . P@Q@R@S@S@S@S@S@S@S@S@T@U@V@W@. Q . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. X@Y@Z@`@`@`@`@`@`@`@`@`@ #.#+#. ) . . . . . . . . . % . @###$#%#%#%#%#%#%#%#%#&#*#=#-#. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . ;#>#,#'#)#)#)#)#)#)#)#)#!#~#{#. # . . . . . . . . Q . ]#^#/#(#_#_#_#_#_#_#_#_#:#<#[#}#. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. |#1#!#)#)#)#)#)#)#)#)#2#3#4#5#. h+. . . . . . # . 6#7#8#9#0#(#a#a#a#a#a#a#b#c#d#e#f#. $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . g#h#!#)#)#)#)#)#)#2#i#j#k#l#m#. + . . . . . Q . n#o#p#q#r#s#a#a#a#a#a#a#a#_#t#u#v#w#. x+. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . x#y#z#)#)#)#)#)#)#A#B#C#D#E#F#. h+. . . . $ . G#H#I#J#K#L#M#b#a#a#a#a#b#N#O#P#Q#R#S#T#. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. U#V#W#)#)#)#)#X#Y#C#Z#`# $.$+$. @ . . . ) . @$#$$$%$&$*$=$(#a#a#a#a#_#-$;$>$,$'$)$!$. x+. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . ~${$y#]$)#)#)#)#^$/$Z#Z#($_$:$. ) . . ) . <$[$}$|$|$%$1$2$3$s#a#a#b#N#4$5$6$,$7$8$9$0$. $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. a$V#W#)#)#X#b$C#Z#Z#Z#Z#c$d$e$. h+. . + f$g$}$|$|$h$i$j$s#_#a#b#c#k$>$,$,$,$,$l$m$n$. x+. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . o$p$q$'#)#r$Z#Z#Z#Z#Z#Z#c$s$t$h+. h+. u$v$$$|$|$|$|$w$x$y$r#s#a#z$A$B$6$,$,$,$,$C$D$E$. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Q . F$G$'#X#H$C#Z#Z#Z#Z#Z#Z#I$4#J$. K$L$M$N$O$|$|$|$|$|$P$Q$R$0#c#S$P#6$,$,$,$,$,$T$U$V$. $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . W$X$Y$Z$Z#Z#Z#Z#Z#Z#Z#j#`$ %.%. +%@%#%|$|$|$|$|$|$w$1$$%%%&%*%=%,$,$,$,$,$,$,$T$v#-%. ;%>%>%>%>%>%>%>%>%>%>%>%>%% . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . @ . ,%'%)%!%!%!%!%!%!%!%!%!%~%{%]%^%/%(%(%(%(%(%(%(%(%(%h$_%:%<%[%,$>$>$>$>$>$>$>$}%|%1%T#. # . . . . . . . . . . . % . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. 2%3%4%5%5%5%5%5%5%5%5%5%6%7%8%9%0%a%a%a%a%a%a%a%a%b%c%d%e%f%g%h%h%h%h%h%h%h%h%i%j%k%l%m%n%o%o%o%o%o%o%o%o%p%q%r%. % . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . s%t%u%v%w%w%w%w%w%w%w%x%y%z%A%B%C%D%D%D%D%D%D%D%D%E%F%G%H%I%J%K%K%K%K%K%K%K%K%K%L%M%N%O%P%P%P%P%P%P%P%P%P%Q%R%S%. ) . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. T%U%V%W%W%W%W%W%W%W%W%W%X%Y%Z%`% &.&.&.&.&.&.&+&@&#&. $&%&&&*&=&=&=&=&=&=&=&-&;&>&,&'&f%f%f%f%f%f%f%f%f%)&!&~&{&. Q . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . ]&^&V%W%W%W%W%W%/&(&_&:&<&[&.&.&.&.&.&.&.&.&+&}&|&. . 1&2&3&=&=&=&=&=&=&=&4&5&5&5&6&7&8&8&8&8&8&8&8&9&0&a&b&c&}@. # . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [+. d&e&f&W%W%W%W%W%g&h&i&j&k&l&m&n&o&.&.&.&.&p&q&r&. Q . s&t&u&v&=&=&=&=&=&=&w&x&5&y&z&7&8&8&8&8&8&8&A&B&C&D&E&F&G&. x+. . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. H&I&V%W%W%W%/&(&J&:&K&L&M&N&O&P&.&.&.&Q&R&S&T&. $ x+. U&V&W&=&=&=&=&X&Y&5&5&5&5&y&Z&7&8&8&8&8&8&A&`& *D&.*+*@*#*. % . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ . $*%*&*f&W%/&**=*-*L&L&L&k&;*>*,*o&.&.&'*)*!*. h+. . $ . ~*{*W&=&=&=&=&]*5&5&5&5&y&w&8&8&8&8&8&A&^* *D&D&D&E&/*(*. x+. . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. _*:*<*W%W%[*}*|*K&L&L&L&L&M&1*2* &+&3*4*5*. # . . ) . 6*7*=&=&=&X&8*x&5&5&5&5&5&9*0*a*8&8&8&8&b* *D&D&D&D&c*d*e*. ) . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . f*g*e&f&(&h*|*K&L&L&L&L&i*j*k*2*D%E%q&l*. Q . . . . x+. m*2&n*=&K%5&5&5&5&5&5&5&5&o*p*7&8&A&q* *D&D&D&D&D&r*s*t*. $ . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. u*v*w*x*y*-*L&L&L&L&L&L&i*j*z*A*B*C*. + . . . . . $ . D*E*F*G*H*x&5&5&5&5&5&5&5&y&I*7&A&7&C&D&D&D&D&D&D&D&J*K*L*. Q . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . M*N*O*P*Q*R*R*R*R*R*R*R*S*T*E%U*V*. ) . . . . . . >%. W*X*Y*Z*Z*Z*Z*Z*Z*Z*Z*Z*Z*`* =.=+=@=J*J*J*J*J*J*J*#=$=%=&=. # . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . *===-=;=>=>=>=>=>=>=>=>=,='=)=!=. Q . . . . . . . . . ~={=]=^=/=/=/=/=/=/=/=/=/=(=_=:=<=F&F&F&F&F&F&F&F&F&s*[=}=. Q . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ . |=1=2=3=3=3=3=3=3=3=3=3=4=5=6=. # . . . . . . . . $ . 7=8=9=0=0=0=0=0=0=0=0=0=0=a=b=c=d=d=d=d=d=d=d=d=d=e=f=g=) . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . . . . . . . . . . . . . . + . . . . . . . . . . . # $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+0+0+0+0+0+0+0+0+0+0+0+0+0++ . . . . . . . . . . . . ) >%>%>%>%>%>%>%>%>%>%>%>%>%>%x+x+x+x+x+x+x+x+x+x+x+x+x+. . . . . . . . . . . ", -" . . . . . . . . . . . . . . . h=i=i=. . . . $ i=i=$ . . . . . . . . . . . . . . . . . . . . . . . . . . i=i=$ $ h=i=. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ h=. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h=h=. . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . $ . j=k=l=m=. i=. n=o=k=p=. h=. . . . . . . . . . . . . . . . . . . . . $ h=. q=r=s=t=u=v=. $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . w=. x=y=z=A=. B=. C=y=D=E=. F=G=h=i=i=. . $ w=i=$ G=h=. i=w=h=h=w=h=. $ . H=r=I=J=K=L=M=N=. w=i=$ w=$ h=w=$ . . . i=i=. i=h=$ w=i=w=$ . $ $ O=P=. w=. . . . . . . . . . . . . ", -" . . . . . . . . . . . h=. Q=R=S=T=. i=. u=D=U=. h=$ . . . . h=. . . . $ . . . . . . . . $ $ $ . V=W=X=. h=. . . . . $ $ . . . . $ . . . . . . . $ $ . . . $ h=. . Y=k=. w=. . . . . . . . . . . . . ", -" . . . . . . . . . . $ . h=Z=`= -i=. .-+-`=@-. . #-$-%-&-*-. . =---;->-,-'-. )-N=!-!-C=~-. . {-]-^-. F=w=w=w=i=. /-(-_-:-<-#-[-}-. h=. |-1-. 2-)-3---4-@-5-. >-6-7-u=8-9-. $ . . . . . . . . . . ", -" . . . . . . . . . . . i=. 0-`=R=a-. b-`=R=c-. d-e-f-g-h-i-j-. k-y=l-m-y=n-. o-y=p-`=q-r-s-. t-u->-. $ . . . w=. v-w-x-y-z-A-y=B-. $ C-g-!-. D-E-E-F-G-H-I-J-3-K-L-M-N-[-. h=. . . . . . . . . . ", -" . . . . . . . . . . h=. O-u-P-L=. Q-h-R-. S-+-T-U-. b-V-W-. X-Y-+-y-Z-`-. ;.;h=E=+;h-C=. @;#;. . . . . . w=. $;%;&;. $ . *;=;. . A=-;;;. >;I=k-. . .;,;';. . );!;. G=. . . . . . . . . . . ", -" . . . . . . . . . . $ . B=s=z=~;{;];^;/;. 1-I=);(; ;_;R=u-:;P=<;[;};. i=. H=|;1;2;3;i-1;. 4;M-. . . . . . w=. _;D=:;. B=. /;H-5;. 6;M-. . 4;7;. w=B=. 4-Y=. . l-8;. B=. . . . . . . . . . . ", -" . . . . . . . . . . i=. --q-9;0;T-a;b;. '-D=R=c;y=d;i-e;b;f;H-[;k-. $ g;h;i;j;k;l;D=K-. !;g-m;. $ . . . w=. n;u-5-. i=. o;[;p;. q;r;. . x-s;. h=i=. t-t;C-. l-8;. i=. . . . . . . . . . ", -" . . . . . . . . . i=. u;S=v;w;`=x;. . y;z;A;B;C;p=*-D;i=E;T-H-F;. . G;H;+;I;. J;e;>;. K;y=L;. F=w=w=i=F=. n;M;m;. $ h=. F-N;O;P;o;. . Z-Q;. R;C-. S;+;. . );!;. B=. . . . . . . . . ", -" . . . . . . . . . $ . {;#;T;U;V;W;. . X;<;u-C=o;Y;Z;`;. *-T;Y- >. . .>,;+>o;@>v;[;#>. h=$>H-;;. h=. . w=. _;g-%>. $ i=. &>*>k;=>. F=. ->M;~-. . ;>Y-,-. . Y=>>. i=. . . . . . . . . ", -" . . . . . . . . . i=. ,>y=e-H-'>. w=. )>,;!>I=[;y=~>. {>]>i; ;. . &>^>D=/>S=T;y=(>. . _>:>h-J=<>K=[>}>. |>z=5-. $ $ . i=u=e;B;. F=. =>M;h;1>2>3;w-3>. . 4>S=C=B;. h=. . . . . . ", -" . . . . . . . . . h=. @>5>6>1>. . . $ . 7>!;8>w;8;&>. O=$-9>0>. i=. a>b>x;c>d>k=L=. h=. B=9-[>E-e>f>9-. {>}>{;. $ . B=. r=W-. . i=. m-(>g>h>i>$-j>. h=. S-k>l>m>. i=. . . . . . ", -" . . . . . . . . . . $ . . . $ . . . h=. . . . . . . . . . . . . $ . . . . . . . . . n>$ . . . . . . . . . . . . h=. o>`=p>. i=h=. q>R-. h=. . $ $ . . $ . . . . . . . . . . ", -" . . . . . . . . . . $ i=i=i=. . . . . i=i=h=h=G=i=. $ G=G=$ . . . i=h=h=i=r>G=r>. . . $ i=i=$ $ i=i=. h=G=. . . $ s>T-w;. $ . h=. R-e>. F=$ w=h=. . . $ i=$ h=. . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ . ;>M;t>{;. $ . h=. u>k>. h=. . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i=v>$ $ $ . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h=$ . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h=. . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" "}; +/* XPM */ +static const char *VeraCryptIcon128x128[] = { +"128 128 1165 2", +" c None", +". c #FFFFFF", +"+ c #FEFEFF", +"@ c #FDFEFF", +"# c #FEFFFF", +"$ c #FEFEFE", +"% c #FEFFFE", +"& c #75D0E9", +"* c #3EBDE0", +"= c #4BC2E2", +"- c #48C1E2", +"; c #49C1E2", +"> c #43C0E2", +", c #5CC5E4", +"' c #F3FAFC", +") c #FDFEFE", +"! c #BDE4D8", +"~ c #89CCB6", +"{ c #93D0BC", +"] c #91D0BB", +"^ c #90CFBB", +"/ c #A7D8C7", +"( c #B3DCCD", +"_ c #B1DBCC", +": c #B2DBCD", +"< c #AEDACA", +"[ c #C0E2D5", +"} c #FCFEFF", +"| c #B4E5F3", +"1 c #00A3D4", +"2 c #01A8D6", +"3 c #00A7D6", +"4 c #03A7D6", +"5 c #009DCF", +"6 c #8CD5EA", +"7 c #FBFEFE", +"8 c #EDF8F4", +"9 c #58BB9F", +"0 c #55B899", +"a c #66BDA0", +"b c #63BC9F", +"c c #61BB9E", +"d c #6DBFA4", +"e c #81C6AE", +"f c #8FCCB5", +"g c #91CCB6", +"h c #90CCB6", +"i c #92CDB7", +"j c #8ACAB2", +"k c #D7EDE5", +"l c #5EC8E5", +"m c #0FADD9", +"n c #0BACD8", +"o c #0BACD9", +"p c #10A9D6", +"q c #0DA5D2", +"r c #18AAD5", +"s c #E2F4FA", +"t c #95D4C1", +"u c #46B494", +"v c #58BB9E", +"w c #6BBFA4", +"x c #6DC0A5", +"y c #6EC0A5", +"z c #85C8B1", +"A c #86C9B2", +"B c #8DCBB5", +"C c #98D0BB", +"D c #97D0BB", +"E c #98D1BC", +"F c #91CDB7", +"G c #DBF3F9", +"H c #11ADD9", +"I c #06AAD8", +"J c #09ABD8", +"K c #08ABD8", +"L c #09AAD7", +"M c #0EA6D3", +"N c #12A7D4", +"O c #00A0D0", +"P c #67C7E3", +"Q c #FCFEFE", +"R c #D8EFE8", +"S c #4FB899", +"T c #53B99B", +"U c #50B99A", +"V c #5CBC9F", +"W c #6DBFA5", +"X c #69BEA3", +"Y c #79C4AB", +"Z c #87C9B2", +"` c #92CDB8", +" . c #97CFBA", +".. c #96CFBA", +"+. c #95CFB9", +"@. c #EAF5F1", +"#. c #81D4EB", +"$. c #00A5D5", +"%. c #0CACD9", +"&. c #0CA7D4", +"*. c #0FA6D3", +"=. c #08A4D2", +"-. c #C5EAF4", +";. c #7CCAB3", +">. c #49B596", +",. c #54BA9C", +"'. c #52B99B", +"). c #66BEA2", +"!. c #6CBFA4", +"~. c #6ABFA3", +"{. c #6FC0A6", +"]. c #84C8B1", +"^. c #89CAB3", +"/. c #C2E3D7", +"(. c #F2FBFD", +"_. c #28B5DC", +":. c #01A8D7", +"<. c #0AACD8", +"[. c #0AA9D6", +"}. c #11A7D4", +"|. c #02A1D1", +"1. c #45BADD", +"2. c #C0E5DB", +"3. c #48B595", +"4. c #58BB9D", +"5. c #7DC5AD", +"6. c #84C8B0", +"7. c #90CCB7", +"8. c #97CFBB", +"9. c #94CEB9", +"0. c #9ED2BF", +"a. c #F5FBF9", +"b. c #A6E1F1", +"c. c #00A6D6", +"d. c #0DA7D4", +"e. c #A3DDEE", +"f. c #F6FBFA", +"g. c #66C1A7", +"h. c #4DB798", +"i. c #53BA9C", +"j. c #63BDA1", +"k. c #72C2A8", +"l. c #86C8B2", +"m. c #95CFBA", +"n. c #D2EAE1", +"o. c #46BFE1", +"p. c #0BA8D5", +"q. c #10A7D3", +"r. c #28AFD8", +"s. c #F1FAFC", +"t. c #A6DBCB", +"u. c #55BA9D", +"v. c #51B99B", +"w. c #55BA9C", +"x. c #81C6AF", +"y. c #A9D8C6", +"z. c #C8ECF6", +"A. c #06A9D7", +"B. c #12A8D4", +"C. c #7ED0E8", +"D. c #E6F5F0", +"E. c #56BB9D", +"F. c #50B89A", +"G. c #5EBCA0", +"H. c #76C3AA", +"I. c #E1F1EB", +"J. c #69CCE7", +"K. c #0CADD9", +"L. c #0CA8D5", +"M. c #0DA5D3", +"N. c #D8F1F8", +"O. c #8CD0BC", +"P. c #47B495", +"Q. c #68BEA3", +"R. c #86C8B1", +"S. c #8BCAB4", +"T. c #99D0BC", +"U. c #8FCCB6", +"V. c #B7DED0", +"W. c #E4F6FB", +"X. c #18B0DA", +"Y. c #06A8D6", +"Z. c #00A1D0", +"`. c #5AC2E1", +" + c #D0ECE4", +".+ c #4CB697", +"++ c #5CBB9F", +"@+ c #84C7B0", +"#+ c #EEF7F4", +"$+ c #8FD8ED", +"%+ c #00A1D1", +"&+ c #13A7D3", +"*+ c #11A7D3", +"=+ c #05A2D1", +"-+ c #BAE5F2", +";+ c #73C6AF", +">+ c #4AB697", +",+ c #4FB89A", +"'+ c #68BFA3", +")+ c #8CCBB5", +"!+ c #89CAB4", +"~+ c #8ACAB4", +"{+ c #C9E6DC", +"]+ c #F9FDFE", +"^+ c #3DACD8", +"/+ c #1099CF", +"(+ c #1B9ED1", +"_+ c #199DD1", +":+ c #0F99CF", +"<+ c #47A7D7", +"[+ c #FDFDFE", +"}+ c #ABE0D3", +"|+ c #35B291", +"1+ c #49B89B", +"2+ c #46B799", +"3+ c #48B89A", +"4+ c #3CB394", +"5+ c #BAE4D8", +"6+ c #FBFDFB", +"7+ c #F0F8F5", +"8+ c #F2F9F6", +"9+ c #F1F9F6", +"0+ c #FBFDFD", +"a+ c #B7E0F1", +"b+ c #0F97CF", +"c+ c #1D9DD1", +"d+ c #1A9CD1", +"e+ c #2199D1", +"f+ c #1584C9", +"g+ c #9FCEE9", +"h+ c #FCFDFE", +"i+ c #EFF9F7", +"j+ c #43B99D", +"k+ c #33B293", +"l+ c #46B89A", +"m+ c #44B799", +"n+ c #47B89A", +"o+ c #3AB393", +"p+ c #73C9B3", +"q+ c #5DB9DE", +"r+ c #0D96CE", +"s+ c #1D9DD2", +"t+ c #2390CE", +"u+ c #1F8ACC", +"v+ c #3295D0", +"w+ c #EBF4FA", +"x+ c #FCFEFD", +"y+ c #8CD4C3", +"z+ c #25AE8D", +"A+ c #36B496", +"B+ c #3FB698", +"C+ c #45B799", +"D+ c #41B698", +"E+ c #D7F0E9", +"F+ c #D5EDF7", +"G+ c #1B9CD1", +"H+ c #199CD1", +"I+ c #1E95CF", +"J+ c #248CCD", +"K+ c #278FCE", +"L+ c #1485C9", +"M+ c #7EBCE1", +"N+ c #D9F1EB", +"O+ c #33B394", +"P+ c #35B495", +"Q+ c #47B89B", +"R+ c #37B292", +"S+ c #8ED4C2", +"T+ c #7FC8E5", +"U+ c #0A95CE", +"V+ c #1E9ED2", +"W+ c #1B9BD1", +"X+ c #238ECD", +"Y+ c #238DCD", +"Z+ c #218CCC", +"`+ c #D2E8F5", +" @ c #6DC9B3", +".@ c #27AF8E", +"+@ c #32B394", +"@@ c #3CB596", +"#@ c #45B79A", +"$@ c #41B697", +"%@ c #4FBB9F", +"&@ c #ECF8F5", +"*@ c #EEF8FC", +"=@ c #2EA5D5", +"-@ c #159AD0", +";@ c #1B9DD1", +">@ c #2093CF", +",@ c #268FCE", +"'@ c #1787CA", +")@ c #5DABDA", +"!@ c #BEE7DD", +"~@ c #29AF8F", +"{@ c #34B394", +"]@ c #42B798", +"^@ c #ABDFD1", +"/@ c #A2D7EC", +"(@ c #0B95CE", +"_@ c #1A9DD1", +":@ c #1C99D0", +"<@ c #268ECE", +"[@ c #B5D8EE", +"}@ c #F9FDFC", +"|@ c #53BEA5", +"1@ c #2BB090", +"2@ c #39B596", +"3@ c #3DB495", +"4@ c #63C3AA", +"5@ c #FBFEFD", +"6@ c #49B0DA", +"7@ c #2190CE", +"8@ c #258ECD", +"9@ c #1C89CB", +"0@ c #419DD4", +"a@ c #F7FBFD", +"b@ c #A0DBCD", +"c@ c #25AE8C", +"d@ c #37B496", +"e@ c #40B698", +"f@ c #3BB494", +"g@ c #C6E9E0", +"h@ c #C3E5F3", +"i@ c #1299CF", +"j@ c #1C9CD1", +"k@ c #1D97D0", +"l@ c #1385CA", +"m@ c #93C7E7", +"n@ c #E8F6F3", +"o@ c #3DB799", +"p@ c #30B292", +"q@ c #34B395", +"r@ c #37B495", +"s@ c #39B393", +"t@ c #7CCDB8", +"u@ c #69BEE1", +"v@ c #0B96CE", +"w@ c #1E9DD2", +"x@ c #228FCD", +"y@ c #248DCD", +"z@ c #208CCC", +"A@ c #2B91CF", +"B@ c #E3F0F9", +"C@ c #80CFBC", +"D@ c #25AD8C", +"E@ c #36B395", +"F@ c #32B293", +"G@ c #3EB597", +"H@ c #44B698", +"I@ c #45B89A", +"J@ c #DFF3EE", +"K@ c #E0F1F9", +"L@ c #20A0D3", +"M@ c #1C94CF", +"N@ c #1486CA", +"O@ c #72B6DF", +"P@ c #D1EFE8", +"Q@ c #2FB595", +"R@ c #35B697", +"S@ c #34B697", +"T@ c #33B697", +"U@ c #39B899", +"V@ c #37B494", +"W@ c #98D7C6", +"X@ c #8DCAE7", +"Y@ c #1385C9", +"Z@ c #288ECD", +"`@ c #248CCC", +" # c #258CCC", +".# c #1E88CB", +"+# c #C9E2F2", +"@# c #60B8A1", +"## c #25A182", +"$# c #33A689", +"%# c #30A588", +"&# c #31A689", +"*# c #2AA384", +"=# c #4AB196", +"-# c #F3FBF9", +";# c #F5F9FC", +"># c #4395CE", +",# c #2182C5", +"'# c #2A87C7", +")# c #2886C7", +"!# c #2B88C8", +"~# c #1D7EC3", +"{# c #5196CC", +"]# c #B2E1E6", +"^# c #197B71", +"/# c #236349", +"(# c #216750", +"_# c #21664E", +":# c #22674F", +"<# c #1F634B", +"[# c #2D8B70", +"}# c #D6EFE8", +"|# c #B2D4EB", +"1# c #1B7FC4", +"2# c #2887C8", +"3# c #277FC2", +"4# c #116DB7", +"5# c #A8CAE5", +"6# c #F4FAFA", +"7# c #45B0B8", +"8# c #269EA6", +"9# c #246D57", +"0# c #21664D", +"a# c #21674F", +"b# c #216850", +"c# c #20644D", +"d# c #27765D", +"e# c #239B7B", +"f# c #63B7A0", +"g# c #5EA4D5", +"h# c #1D80C4", +"i# c #2783C5", +"j# c #2178BC", +"k# c #1A73BA", +"l# c #3685C3", +"m# c #F1F6FB", +"n# c #92D0D4", +"o# c #1E9CA5", +"p# c #32AAB5", +"q# c #288C87", +"r# c #206348", +"s# c #216851", +"t# c #2C9477", +"u# c #32A385", +"v# c #23997A", +"w# c #B8DED4", +"x# c #D0E5F3", +"y# c #2484C6", +"z# c #2986C7", +"A# c #2887C7", +"B# c #227BBF", +"C# c #1F76BB", +"D# c #247ABD", +"E# c #106DB7", +"F# c #86B5DB", +"G# c #DFF1F3", +"H# c #31A6AF", +"I# c #2BA3AC", +"J# c #2EA4AD", +"K# c #2DA5AF", +"L# c #237362", +"M# c #20644B", +"N# c #20634B", +"O# c #277E63", +"P# c #30A384", +"Q# c #319F81", +"R# c #289C7D", +"S# c #4CAC93", +"T# c #F8FCFB", +"U# c #7DB6DD", +"V# c #197EC3", +"W# c #2C88C8", +"X# c #2987C8", +"Y# c #2581C4", +"Z# c #2077BC", +"`# c #2177BC", +" $ c #1F76BC", +".$ c #2378BD", +"+$ c #DAE8F4", +"@$ c #72C2C8", +"#$ c #209EA8", +"$$ c #30A5AE", +"%$ c #2DA3AC", +"&$ c #2EA7B2", +"*$ c #2A9595", +"=$ c #21654B", +"-$ c #226B52", +";$ c #2E9B7D", +">$ c #2FA082", +",$ c #2F9F81", +"'$ c #33A183", +")$ c #209878", +"!$ c #9BD1C2", +"~$ c #E9F3F9", +"{$ c #358DCA", +"]$ c #2987C7", +"^$ c #2179BD", +"/$ c #2076BC", +"($ c #2379BD", +"_$ c #126FB8", +":$ c #65A1D1", +"<$ c #C5E6E8", +"[$ c #25A0AA", +"}$ c #2FA5AE", +"|$ c #2DA4AD", +"1$ c #2EA8B3", +"2$ c #257C6F", +"3$ c #206349", +"4$ c #29876C", +"5$ c #30A385", +"6$ c #2F9E80", +"7$ c #309F82", +"8$ c #2C9E7F", +"9$ c #39A387", +"0$ c #E7F4F0", +"a$ c #9EC8E6", +"b$ c #247EC2", +"c$ c #2278BD", +"d$ c #1671B9", +"e$ c #BDD7EB", +"f$ c #55B5BD", +"g$ c #24A0A9", +"h$ c #2DA4AC", +"i$ c #2DA6B0", +"j$ c #2C9DA1", +"k$ c #247158", +"l$ c #32A183", +"m$ c #219878", +"n$ c #7EC4B1", +"o$ c #FBFDFE", +"p$ c #4C9AD0", +"q$ c #1F81C5", +"r$ c #2784C6", +"s$ c #1771B9", +"t$ c #478FC7", +"u$ c #A6D9DC", +"v$ c #1F9EA7", +"w$ c #2DA3AB", +"x$ c #2EA8B4", +"y$ c #27857E", +"z$ c #21654D", +"A$ c #2C9074", +"B$ c #30A284", +"C$ c #309F81", +"D$ c #2B9D7F", +"E$ c #D1EAE3", +"F$ c #BEDAEE", +"G$ c #1E80C4", +"H$ c #237CC0", +"I$ c #2479BD", +"J$ c #9CC3E1", +"K$ c #FFFEFF", +"L$ c #EDF7F8", +"M$ c #3DABB3", +"N$ c #29A2AB", +"O$ c #2EA5AE", +"P$ c #2DA5AE", +"Q$ c #2DA3AA", +"R$ c #226E5A", +"S$ c #267A60", +"T$ c #32A083", +"U$ c #249A7A", +"V$ c #63B7A1", +"W$ c #69AAD8", +"X$ c #1C80C4", +"Y$ c #2A84C5", +"Z$ c #2076BB", +"`$ c #1C74BB", +" % c #2E7FC0", +".% c #E6F0F7", +"+% c #85CAD0", +"@% c #1E9DA7", +"#% c #31A6AE", +"$% c #298F8D", +"%% c #216349", +"&% c #226951", +"*% c #2D987B", +"=% c #2FA182", +"-% c #B7DED4", +";% c #F9FCFB", +">% c #FCFDFD", +",% c #DAEAF5", +"'% c #2A87C8", +")% c #207BBF", +"!% c #1F78BD", +"~% c #237ABE", +"{% c #0E6EB7", +"]% c #81B2DA", +"^% c #E3F5F3", +"/% c #29A3AC", +"(% c #2DA5AD", +"_% c #2EA8B1", +":% c #227363", +"<% c #278265", +"[% c #31A587", +"}% c #31A183", +"|% c #289D7E", +"1% c #4CAD93", +"2% c #87B5DB", +"3% c #1467B3", +"4% c #2874B9", +"5% c #2472B8", +"6% c #2171B7", +"7% c #2E76BB", +"8% c #4DA7BA", +"9% c #289FAC", +"0% c #30A0AF", +"a% c #2EA0AE", +"b% c #2EA0AD", +"c% c #2CA1B1", +"d% c #329A9F", +"e% c #35997B", +"f% c #319B7E", +"g% c #2C987A", +"h% c #2D987A", +"i% c #2F997C", +"j% c #239374", +"k% c #7FBFAD", +"l% c #B9DDD4", +"m% c #AFD8CD", +"n% c #ACD6CB", +"o% c #AAD5CA", +"p% c #ABD6CA", +"q% c #A5D4C7", +"r% c #E2F3EF", +"s% c #F0F4F9", +"t% c #3E76B7", +"u% c #2664AE", +"v% c #2C69B1", +"w% c #2B68B0", +"x% c #2A68AF", +"y% c #2D69B5", +"z% c #1F639C", +"A% c #127187", +"B% c #339BB3", +"C% c #2E96AE", +"D% c #2F97AF", +"E% c #3299B0", +"F% c #1F8FA8", +"G% c #B1D8E4", +"H% c #7FB9A5", +"I% c #198364", +"J% c #2D8E71", +"K% c #2A8C6F", +"L% c #2B8C6F", +"M% c #1E8464", +"N% c #1F9071", +"O% c #209374", +"P% c #209273", +"Q% c #239273", +"R% c #139474", +"S% c #67C4B0", +"T% c #A9C3E0", +"U% c #1C60AC", +"V% c #2D6BB2", +"W% c #2A69B1", +"X% c #126783", +"Y% c #0C6375", +"Z% c #258AA1", +"`% c #319BB2", +" & c #2F97AE", +".& c #2F98AF", +"+& c #3199B0", +"@& c #2694AC", +"#& c #55ABBD", +"$& c #E1EFEB", +"%& c #309074", +"&& c #288C6F", +"*& c #2B8D71", +"=& c #2A8D70", +"-& c #2A8E71", +";& c #288A6C", +">& c #298667", +",& c #2D9073", +"'& c #329C7F", +")& c #319B7F", +"!& c #30AC90", +"~& c #20A88A", +"{& c #BCE4DB", +"]& c #5788C1", +"^& c #2062AD", +"/& c #2A69B0", +"(& c #2C69B5", +"_& c #1D6798", +":& c #0B6576", +"<& c #0C6379", +"[& c #136E83", +"}& c #2794AC", +"|& c #C5E2E9", +"1& c #93C5B6", +"2& c #1B8566", +"3& c #2E8F73", +"4& c #298C6F", +"5& c #278768", +"6& c #2C9678", +"7& c #2E9A7D", +"8& c #2E997C", +"9& c #2E977A", +"0& c #2CA386", +"a& c #2DAE92", +"b& c #23A98B", +"c& c #4CB9A0", +"d& c #C8D8EB", +"e& c #2364AE", +"f& c #2B6AB1", +"g& c #2B69B2", +"h& c #2769AC", +"i& c #0E657D", +"j& c #0C6579", +"k& c #0E667B", +"l& c #0A6176", +"m& c #208298", +"n& c #329CB3", +"o& c #2E97AE", +"p& c #329AB0", +"q& c #2292AA", +"r& c #73BAC9", +"s& c #F5FAF8", +"t& c #449B82", +"u& c #248A6B", +"v& c #2C8E71", +"w& c #28896B", +"x& c #278767", +"y& c #278667", +"z& c #298C6D", +"A& c #2E987B", +"B& c #2E9B7E", +"C& c #2BAB8E", +"D& c #2BAC8F", +"E& c #2FAD91", +"F& c #1CA687", +"G& c #9CD8CB", +"H& c #749DCC", +"I& c #1C5FAC", +"J& c #18678F", +"K& c #0D657B", +"L& c #0D657A", +"M& c #0C6479", +"N& c #0F687D", +"O& c #2C94AB", +"P& c #3099B0", +"Q& c #3098AF", +"R& c #2D97AE", +"S& c #339AB1", +"T& c #DFEFF3", +"U& c #B3D6CC", +"V& c #1D8667", +"W& c #2D8F72", +"X& c #2A8D71", +"Y& c #298B6E", +"Z& c #2C9376", +"`& c #2CA689", +" * c #2BAD90", +".* c #2CAC90", +"+* c #28AB8D", +"@* c #36B095", +"#* c #E7F6F2", +"$* c #E3EBF5", +"%* c #316EB4", +"&* c #2867B0", +"** c #2C69B4", +"=* c #2468A5", +"-* c #0C6578", +";* c #0B6176", +">* c #1B7A90", +",* c #319CB3", +"'* c #339AB0", +")* c #2091A9", +"!* c #92C9D5", +"~* c #5FA994", +"{* c #1F8769", +"]* c #288869", +"^* c #2D9E81", +"/* c #1DA687", +"(* c #7CCBBA", +"_* c #95B4D8", +":* c #1B5EAB", +"<* c #2E6CB2", +"[* c #2B69B3", +"}* c #146687", +"|* c #0B6577", +"1* c #288EA5", +"2* c #309AB1", +"3* c #2995AD", +"4* c #47A4B8", +"5* c #F4F9FB", +"6* c #D1E6E0", +"7* c #278B6E", +"8* c #298A6C", +"9* c #278666", +"0* c #2A9072", +"a* c #2E9A7E", +"b* c #2CA88B", +"c* c #2CAC8F", +"d* c #27AA8D", +"e* c #CFECE5", +"f* c #F6F9FC", +"g* c #467DBB", +"h* c #1F679D", +"i* c #0D667B", +"j* c #0B6277", +"k* c #167287", +"l* c #B2D9E1", +"m* c #7EBAA8", +"n* c #2E8F72", +"o* c #278869", +"p* c #2D977A", +"q* c #2DA184", +"r* c #2EAD90", +"s* c #20A889", +"t* c #5DC0AA", +"u* c #B5CBE4", +"v* c #1E60AD", +"w* c #2D6BB3", +"x* c #2969AF", +"y* c #106580", +"z* c #24879D", +"A* c #349DB4", +"B* c #2492AA", +"C* c #60B0C2", +"D* c #E9F3F0", +"E* c #379478", +"F* c #268B6D", +"G* c #2B8E71", +"H* c #288A6B", +"I* c #2A8E6F", +"J* c #2EAD91", +"K* c #1EA788", +"L* c #B1E0D6", +"M* c #608FC4", +"N* c #2262B2", +"O* c #226C98", +"P* c #0E6778", +"Q* c #12677D", +"R* c #11677C", +"S* c #10667A", +"T* c #156E83", +"U* c #2B96AE", +"V* c #CFE7EC", +"W* c #9FCBBE", +"X* c #1B8667", +"Y* c #308F73", +"Z* c #2A896A", +"`* c #2A886A", +" = c #30977A", +".= c #329A7E", +"+= c #2FA588", +"@= c #2EAF92", +"#= c #30AE92", +"$= c #28AB8E", +"%= c #47B79E", +"&= c #F5FBFA", +"*= c #D5E1F1", +"== c #1C62A3", +"-= c #005971", +";= c #015A71", +">= c #005A71", +",= c #005B72", +"'= c #01586E", +")= c #026E87", +"!= c #80C2D0", +"~= c #FBFDFC", +"{= c #4C9F86", +"]= c #107B5A", +"^= c #1A805E", +"/= c #187F5D", +"(= c #187E5D", +"_= c #198261", +":= c #1E9677", +"<= c #1CA787", +"[= c #0CA07F", +"}= c #83CEBE", +"|= c #B2CDD9", +"1= c #8FB8C1", +"2= c #96BDC6", +"3= c #95BCC5", +"4= c #95BBC4", +"5= c #94BCC6", +"6= c #E9F4F6", +"7= c #D4E8E2", +"8= c #9AC7B8", +"9= c #A1CBBE", +"0= c #A0CABD", +"a= c #A0C9BC", +"b= c #A2D5C9", +"c= c #A2DCCF", +"d= c #A2DBCE", +"e= c #A3DBCE", +"f= c #A0DACD", +"g= c #AADED2", +"h= c #FDFDFD", +"i= c #FCFCFC", +"j= c #939392", +"k= c #696968", +"l= c #797978", +"m= c #F0F0F0", +"n= c #D3D3D3", +"o= c #6D6D6C", +"p= c #C1C1C0", +"q= c #BEBEBE", +"r= c #626261", +"s= c #3E3E3C", +"t= c #3C3C3A", +"u= c #484846", +"v= c #9F9F9E", +"w= c #FBFBFB", +"x= c #7F7F7E", +"y= c #000000", +"z= c #080806", +"A= c #BBBBBA", +"B= c #F9F9F9", +"C= c #80807F", +"D= c #0E0E0C", +"E= c #CDCDCC", +"F= c #FAFAFA", +"G= c #FCFCFB", +"H= c #F7F7F7", +"I= c #090907", +"J= c #515150", +"K= c #8D8D8C", +"L= c #989898", +"M= c #656563", +"N= c #818180", +"O= c #DBDBDB", +"P= c #CECECE", +"Q= c #D0D0CF", +"R= c #1F1F1D", +"S= c #11110F", +"T= c #7C7C7B", +"U= c #4E4E4C", +"V= c #686866", +"W= c #0C0C0B", +"X= c #C4C4C4", +"Y= c #31312F", +"Z= c #434341", +"`= c #0D0D0B", +" - c #434342", +".- c #D6D6D6", +"+- c #20201E", +"@- c #90908F", +"#- c #CCCCCB", +"$- c #757574", +"%- c #585857", +"&- c #6E6E6D", +"*- c #C5C5C4", +"=- c #DADADA", +"-- c #7B7B7A", +";- c #9E9E9E", +">- c #ECECEC", +",- c #747473", +"'- c #838382", +")- c #C6C6C5", +"!- c #5E5E5D", +"~- c #DEDEDE", +"{- c #CBCBCA", +"]- c #040402", +"^- c #A0A09F", +"/- c #C1C1C1", +"(- c #A9A9A8", +"_- c #F5F5F4", +":- c #737371", +"<- c #AFAFAE", +"[- c #8E8E8D", +"}- c #F3F3F3", +"|- c #B2B2B1", +"1- c #9C9C9B", +"2- c #A5A5A4", +"3- c #EAEAEA", +"4- c #5F5F5D", +"5- c #EDEDED", +"6- c #888886", +"7- c #252523", +"8- c #888885", +"9- c #ABABAA", +"0- c #828281", +"a- c #D2D2D1", +"b- c #979796", +"c- c #D2D2D2", +"d- c #A3A3A2", +"e- c #10100E", +"f- c #070706", +"g- c #1C1C1A", +"h- c #070705", +"i- c #0F0F0D", +"j- c #AAAAA9", +"k- c #B7B7B6", +"l- c #2F2F2E", +"m- c #51514F", +"n- c #3F3F3E", +"o- c #272726", +"p- c #191916", +"q- c #060604", +"r- c #2A2A28", +"s- c #DDDDDC", +"t- c #7D7D7C", +"u- c #191917", +"v- c #7E7E7D", +"w- c #2C2C2A", +"x- c #525250", +"y- c #161614", +"z- c #A7A7A6", +"A- c #C2C2C2", +"B- c #B1B1B0", +"C- c #F8F8F8", +"D- c #3D3D3B", +"E- c #41413F", +"F- c #595958", +"G- c #6C6C6A", +"H- c #131311", +"I- c #343433", +"J- c #F1F1F1", +"K- c #5B5B5A", +"L- c #222220", +"M- c #373735", +"N- c #565655", +"O- c #C7C7C7", +"P- c #0F0F0C", +"Q- c #575756", +"R- c #4C4C4A", +"S- c #E3E3E3", +"T- c #151513", +"U- c #B4B4B3", +"V- c #0B0B09", +"W- c #343432", +"X- c #C6C6C6", +"Y- c #171715", +"Z- c #525251", +"`- c #8E8E8C", +" ; c #B2B2B2", +".; c #D5D5D5", +"+; c #30302F", +"@; c #555554", +"#; c #353534", +"$; c #9B9B9A", +"%; c #030301", +"&; c #767674", +"*; c #353533", +"=; c #575755", +"-; c #0D0D0A", +";; c #CACAC9", +">; c #5E5E5C", +",; c #0C0C0A", +"'; c #777776", +"); c #30302E", +"!; c #717170", +"~; c #646463", +"{; c #F5F5F5", +"]; c #2B2B29", +"^; c #0A0A07", +"/; c #8F8F8E", +"(; c #A8A8A7", +"_; c #949493", +":; c #DFDFDF", +"<; c #141412", +"[; c #121210", +"}; c #848482", +"|; c #A2A2A1", +"1; c #5F5F5E", +"2; c #474745", +"3; c #262624", +"4; c #545452", +"5; c #E2E2E2", +"6; c #666664", +"7; c #3E3E3D", +"8; c #70706F", +"9; c #40403F", +"0; c #B0B0AF", +"a; c #1E1E1D", +"b; c #D4D4D4", +"c; c #030303", +"d; c #040403", +"e; c #050503", +"f; c #D0D0D0", +"g; c #E8E8E7", +"h; c #383836", +"i; c #020200", +"j; c #141413", +"k; c #424240", +"l; c #2B2B2A", +"m; c #EEEEEE", +"n; c #929291", +"o; c #E4E4E4", +"p; c #999998", +"q; c #1E1E1C", +"r; c #919190", +"s; c #4A4A48", +"t; c #232321", +"u; c #C0C0C0", +"v; c #292927", +"w; c #585856", +"x; c #4E4E4D", +"y; c #939393", +"z; c #0A0A08", +"A; c #2E2E2C", +"B; c #BBBBBB", +"C; c #C9C9C8", +"D; c #BCBCBB", +"E; c #C8C8C8", +"F; c #B6B6B6", +"G; c #878786", +"H; c #050502", +"I; c #DCDCDB", +"J; c #535351", +"K; c #B5B5B4", +"L; c #A6A6A5", +"M; c #181816", +"N; c #4B4B49", +"O; c #BDBDBC", +"P; c #181815", +"Q; c #474746", +"R; c #FAFAF9", +"S; c #656564", +"T; c #1A1A18", +"U; c #242423", +"V; c #10100D", +"W; c #959594", +"X; c #D1D1D0", +"Y; c #EEEEED", +"Z; c #CFCFCF", +"`; c #D6D6D5", +" > c #B9B9B8", +".> c #71716F", +"+> c #313130", +"@> c #CBCBCB", +"#> c #616160", +"$> c #484847", +"%> c #EFEFEF", +"&> c #BABAB9", +"*> c #212120", +"=> c #5D5D5B", +"-> c #5C5C5B", +";> c #E8E8E8", +">> c #6B6B69", +",> c #6F6F6E", +"'> c #DBDBDA", +")> c #8A8A89", +"!> c #020201", +"~> c #575757", +"{> c #BDBDBD", +"]> c #060603", +"^> c #0C0C09", +"/> c #131312", +"(> c #50504F", +"_> c #E6E6E6", +":> c #444442", +"<> c #858584", +"[> c #5B5B59", +"}> c #767675", +"|> c #888887", +"1> c #8C8C8B", +"2> c #979795", +"3> c #E9E9E9", +"4> c #626260", +"5> c #6B6B6A", +"6> c #6F6F6D", +"7> c #C0C0BF", +"8> c #565654", +"9> c #737372", +"0> c #D5D5D4", +"a> c #ADADAC", +"b> c #545453", +"c> c #A4A4A3", +"d> c #B5B5B5", +"e> c #444443", +"f> c #595957", +"g> c #C3C3C2", +"h> c #494948", +"i> c #3D3D3C", +"j> c #E7E7E7", +"k> c #666665", +"l> c #323230", +"m> c #9E9E9D", +"n> c #FEFEFD", +"o> c #CFCFCE", +"p> c #A8A8A8", +"q> c #535352", +"r> c #FDFDFC", +"s> c #B8B8B8", +"t> c #60605F", +"u> c #6D6D6B", +"v> c #E0E0DF", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . + @ @ @ @ @ @ @ @ @ @ @ @ @ # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ $ $ $ $ $ $ $ $ $ $ $ $ $ % % % % % % % % % % % % % % . . . . ", +" . . . # # . . . . . . . . . . . . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . # . & * = - - - - - - - - ; > , ' . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . ! ~ { ] ] ] ] ] ] ] ] ] ] ^ / ( _ _ _ _ _ _ _ _ _ : < [ . . . . . ", +" . . . . } . | 1 2 3 3 3 3 3 3 3 3 3 4 5 6 . 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . % . 8 9 0 a b b b b b b b b b c d e f g h h h h h h h h i j k . $ . . . . ", +" . . . . . @ . l 3 m n n n n n n n o p q r s . + . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . t u v w x x x x x x x x x y z A B C D D D D D D D E F ( . # . . . . . ", +" . . . . . . @ . G H I J K K K K K K L M N O P . Q . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . R S T U V W w w w w w w w X Y Z z z ` ...............+.@.. % . . . . . . ", +" . . . . . . . 7 . #.$.%.K K K K K K &.M M *.=.-.. @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . % . ;.>.,.'.'.).!.w w w w w ~.{.z z z ].^. ...........C f /.. $ . . . . . . . ", +" . . . . . . . . # . (._.:.<.K K K K [.M M M }.|.1.. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . 2.3.,.'.'.U 4.!.w w w w w X 5.Z z z z 6.7.8....... .9.0.a.. # . . . . . . . . ", +" . . . . . . . . . Q . b.c.o K K K K d.M M M M }.O e.. Q . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . f.g.h.i.'.'.'.U j.W w w w X k.l.z z z z ].Z m.......C f n.. $ . . . . . . . . . ", +" . . . . . . . . . . . # . o.3 n K K p.M M M M M q.=.r.s.. # . . . . . . . . . . . . . . . . . . . . . . . . . . . Q . t.u u.'.'.'.'.v.w.w w w w w x.l.z z z z z 6.B 8...D i y.$ . . . . . . . . . . . . ", +" . . . . . . . . . . . . @ . z.A.J K L M M M M M M M B.O C.. 7 . . . . . . . . . . . . . . . . . . . . . . . . . . % . D.E.F.T '.'.'.'.'.U G.W w X H.Z z z z z z z z z 9. .8.i I.. $ . . . . . . . . . . . . ", +" . . . . . . . . . . . . . Q . J.$.K.L.M M M M M M M *.M.N N.. @ . . . . . . . . . . . . . . . . . . . . . . . . . ) . O.P.u.'.'.'.'.'.'.'.T Q.w x ].R.z z z z z z z 6.S.T.U.V.. $ . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . # . W.X.Y.*.M M M M M M M M N Z.`.. } . . . . . . . . . . . . . . . . . . . . . . . . ) . +.+i.'.'.'.'.'.'.'.'.U ++w Y R.@+@+@+@+@+@+@+@+@+@+U.C #+. # . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . 7 . $+%+&+*.*.*.*.*.*.*.*.*.*+=+-+. } . . . . . . . . . . . . . . . . . . . . . . . # % ;+>+,.'.'.'.'.'.'.'.'.T ,+'+)+!+!+!+!+!+!+!+!+!+!+~+R.{+. $ . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . # . ]+^+/+(+_+_+_+_+_+_+_+_+(+:+<+[+. . . . . . . . . . . . . . . . . . . . . . . Q . }+|+1+2+2+2+2+2+2+2+2+2+3+4+5+6+7+8+8+8+8+8+8+8+8+8+8+9+0+. . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . Q . a+b+c+d+d+d+d+d+d+d+d+_+e+f+g+. h+. . . . . . . . . . . . . . . . . . . . # . i+j+k+l+m+m+m+m+m+m+m+m+n+o+p+. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . @ . q+r+s+d+d+d+d+d+d+d+d+t+u+v+w+. + . . . . . . . . . . . . . . . . . . . x+. y+z+A+B+C+m+m+m+m+m+m+m+m+D+E+. Q # # # # # # # # # # # # . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . @ . F+G+H+G+d+d+d+d+d+_+I+J+K+L+M+. h+. . . . . . . . . . . . . . . . . . ) . N+O+O+O+P+m+m+m+m+m+m+m+Q+R+S+. Q . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . Q . T+U+V+d+d+d+d+d+W+X+Y+Y+Y+Z+`+. @ . . . . . . . . . . . . . . . . . ) . @.@A+O++@@@C+m+m+m+m+#@$@%@&@. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . # . *@=@-@;@d+d+d+_+>@J+Y+Y+,@'@)@. @ . . . . . . . . . . . . . . . . ) . !@~@P+O+O+O+{@]@C+m+m+m+Q+R+^@. Q . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . Q . /@(@V+d+d+_@:@Y+Y+Y+Y+Y+<@'@[@. Q . . . . . . . . . . . . . . # . }@|@1@P+O+O+O++@2@C+m+m+l+3@4@5@. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . # . 6@b+s+d+_@7@J+Y+Y+Y+Y+8@9@0@a@. # . . . . . . . . . . . . . x+. b@c@d@O+O+O+O+O+O+e@C+m+l+f@g@. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . @ . h@i@j@_@k@J+Y+Y+Y+Y+Y+Y+K+l@m@. h+. . . . . . . . . . . . % . n@o@p@q@O+O+O+O+O++@r@C+Q+s@t@. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . Q . u@v@w@x@Y+Y+Y+Y+Y+Y+Y+y@z@A@B@. + . . . . . . . . . . . Q . C@D@E@k+k+k+k+k+k+k+F@G@H@I@J@. $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . K@L@M@J+Y+Y+Y+Y+Y+Y+Y+Y+K+N@O@. h+. . . . . . . . . . ) . P@Q@R@S@S@S@S@S@S@S@S@T@U@V@W@. Q . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. X@Y@Z@`@`@`@`@`@`@`@`@`@ #.#+#. ) . . . . . . . . . % . @###$#%#%#%#%#%#%#%#%#&#*#=#-#. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . ;#>#,#'#)#)#)#)#)#)#)#)#!#~#{#. # . . . . . . . . Q . ]#^#/#(#_#_#_#_#_#_#_#_#:#<#[#}#. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. |#1#!#)#)#)#)#)#)#)#)#2#3#4#5#. h+. . . . . . # . 6#7#8#9#0#(#a#a#a#a#a#a#b#c#d#e#f#. $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . g#h#!#)#)#)#)#)#)#2#i#j#k#l#m#. + . . . . . Q . n#o#p#q#r#s#a#a#a#a#a#a#a#_#t#u#v#w#. x+. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . x#y#z#)#)#)#)#)#)#A#B#C#D#E#F#. h+. . . . $ . G#H#I#J#K#L#M#b#a#a#a#a#b#N#O#P#Q#R#S#T#. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. U#V#W#)#)#)#)#X#Y#C#Z#`# $.$+$. @ . . . ) . @$#$$$%$&$*$=$(#a#a#a#a#_#-$;$>$,$'$)$!$. x+. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . ~${$y#]$)#)#)#)#^$/$Z#Z#($_$:$. ) . . ) . <$[$}$|$|$%$1$2$3$s#a#a#b#N#4$5$6$,$7$8$9$0$. $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. a$V#W#)#)#X#b$C#Z#Z#Z#Z#c$d$e$. h+. . + f$g$}$|$|$h$i$j$s#_#a#b#c#k$>$,$,$,$,$l$m$n$. x+. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . o$p$q$'#)#r$Z#Z#Z#Z#Z#Z#c$s$t$h+. h+. u$v$$$|$|$|$|$w$x$y$r#s#a#z$A$B$6$,$,$,$,$C$D$E$. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Q . F$G$'#X#H$C#Z#Z#Z#Z#Z#Z#I$4#J$. K$L$M$N$O$|$|$|$|$|$P$Q$R$0#c#S$P#6$,$,$,$,$,$T$U$V$. $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . W$X$Y$Z$Z#Z#Z#Z#Z#Z#Z#j#`$ %.%. +%@%#%|$|$|$|$|$|$w$1$$%%%&%*%=%,$,$,$,$,$,$,$T$v#-%. ;%>%>%>%>%>%>%>%>%>%>%>%>%% . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . @ . ,%'%)%!%!%!%!%!%!%!%!%!%~%{%]%^%/%(%(%(%(%(%(%(%(%(%h$_%:%<%[%,$>$>$>$>$>$>$>$}%|%1%T#. # . . . . . . . . . . . % . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. 2%3%4%5%5%5%5%5%5%5%5%5%6%7%8%9%0%a%a%a%a%a%a%a%a%b%c%d%e%f%g%h%h%h%h%h%h%h%h%i%j%k%l%m%n%o%o%o%o%o%o%o%o%p%q%r%. % . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . s%t%u%v%w%w%w%w%w%w%w%x%y%z%A%B%C%D%D%D%D%D%D%D%D%E%F%G%H%I%J%K%K%K%K%K%K%K%K%K%L%M%N%O%P%P%P%P%P%P%P%P%P%Q%R%S%. ) . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. T%U%V%W%W%W%W%W%W%W%W%W%X%Y%Z%`% &.&.&.&.&.&.&+&@&#&. $&%&&&*&=&=&=&=&=&=&=&-&;&>&,&'&f%f%f%f%f%f%f%f%f%)&!&~&{&. Q . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . ]&^&V%W%W%W%W%W%/&(&_&:&<&[&.&.&.&.&.&.&.&.&+&}&|&. . 1&2&3&=&=&=&=&=&=&=&4&5&5&5&6&7&8&8&8&8&8&8&8&9&0&a&b&c&}@. # . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [+. d&e&f&W%W%W%W%W%g&h&i&j&k&l&m&n&o&.&.&.&.&p&q&r&. Q . s&t&u&v&=&=&=&=&=&=&w&x&5&y&z&7&8&8&8&8&8&8&A&B&C&D&E&F&G&. x+. . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. H&I&V%W%W%W%/&(&J&:&K&L&M&N&O&P&.&.&.&Q&R&S&T&. $ x+. U&V&W&=&=&=&=&X&Y&5&5&5&5&y&Z&7&8&8&8&8&8&A&`& *D&.*+*@*#*. % . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ . $*%*&*f&W%/&**=*-*L&L&L&k&;*>*,*o&.&.&'*)*!*. h+. . $ . ~*{*W&=&=&=&=&]*5&5&5&5&y&w&8&8&8&8&8&A&^* *D&D&D&E&/*(*. x+. . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. _*:*<*W%W%[*}*|*K&L&L&L&L&M&1*2* &+&3*4*5*. # . . ) . 6*7*=&=&=&X&8*x&5&5&5&5&5&9*0*a*8&8&8&8&b* *D&D&D&D&c*d*e*. ) . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . f*g*e&f&(&h*|*K&L&L&L&L&i*j*k*2*D%E%q&l*. Q . . . . x+. m*2&n*=&K%5&5&5&5&5&5&5&5&o*p*7&8&A&q* *D&D&D&D&D&r*s*t*. $ . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+. u*v*w*x*y*-*L&L&L&L&L&L&i*j*z*A*B*C*. + . . . . . $ . D*E*F*G*H*x&5&5&5&5&5&5&5&y&I*7&A&7&C&D&D&D&D&D&D&D&J*K*L*. Q . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . M*N*O*P*Q*R*R*R*R*R*R*R*S*T*E%U*V*. ) . . . . . . >%. W*X*Y*Z*Z*Z*Z*Z*Z*Z*Z*Z*Z*`* =.=+=@=J*J*J*J*J*J*J*#=$=%=&=. # . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . *===-=;=>=>=>=>=>=>=>=>=,='=)=!=. Q . . . . . . . . . ~={=]=^=/=/=/=/=/=/=/=/=/=(=_=:=<=F&F&F&F&F&F&F&F&F&s*[=}=. Q . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ . |=1=2=3=3=3=3=3=3=3=3=3=4=5=6=. # . . . . . . . . $ . 7=8=9=0=0=0=0=0=0=0=0=0=0=a=b=c=d=d=d=d=d=d=d=d=d=e=f=g=) . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . . . . . . . . . . . . . . + . . . . . . . . . . . # $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h+0+0+0+0+0+0+0+0+0+0+0+0+0++ . . . . . . . . . . . . ) >%>%>%>%>%>%>%>%>%>%>%>%>%>%x+x+x+x+x+x+x+x+x+x+x+x+x+. . . . . . . . . . . ", +" . . . . . . . . . . . . . . . h=i=i=. . . . $ i=i=$ . . . . . . . . . . . . . . . . . . . . . . . . . . i=i=$ $ h=i=. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ h=. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h=h=. . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . $ . j=k=l=m=. i=. n=o=k=p=. h=. . . . . . . . . . . . . . . . . . . . . $ h=. q=r=s=t=u=v=. $ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . w=. x=y=z=A=. B=. C=y=D=E=. F=G=h=i=i=. . $ w=i=$ G=h=. i=w=h=h=w=h=. $ . H=r=I=J=K=L=M=N=. w=i=$ w=$ h=w=$ . . . i=i=. i=h=$ w=i=w=$ . $ $ O=P=. w=. . . . . . . . . . . . . ", +" . . . . . . . . . . . h=. Q=R=S=T=. i=. u=D=U=. h=$ . . . . h=. . . . $ . . . . . . . . $ $ $ . V=W=X=. h=. . . . . $ $ . . . . $ . . . . . . . $ $ . . . $ h=. . Y=k=. w=. . . . . . . . . . . . . ", +" . . . . . . . . . . $ . h=Z=`= -i=. .-+-`=@-. . #-$-%-&-*-. . =---;->-,-'-. )-N=!-!-C=~-. . {-]-^-. F=w=w=w=i=. /-(-_-:-<-#-[-}-. h=. |-1-. 2-)-3---4-@-5-. >-6-7-u=8-9-. $ . . . . . . . . . . ", +" . . . . . . . . . . . i=. 0-`=R=a-. b-`=R=c-. d-e-f-g-h-i-j-. k-y=l-m-y=n-. o-y=p-`=q-r-s-. t-u->-. $ . . . w=. v-w-x-y-z-A-y=B-. $ C-g-!-. D-E-E-F-G-H-I-J-3-K-L-M-N-[-. h=. . . . . . . . . . ", +" . . . . . . . . . . h=. O-u-P-L=. Q-h-R-. S-+-T-U-. b-V-W-. X-Y-+-y-Z-`-. ;.;h=E=+;h-C=. @;#;. . . . . . w=. $;%;&;. $ . *;=;. . A=-;;;. >;I=k-. . .;,;';. . );!;. G=. . . . . . . . . . . ", +" . . . . . . . . . . $ . B=s=z=~;{;];^;/;. 1-I=);(; ;_;R=u-:;P=<;[;};. i=. H=|;1;2;3;i-1;. 4;M-. . . . . . w=. _;D=:;. B=. /;H-5;. 6;M-. . 4;7;. w=B=. 4-Y=. . l-8;. B=. . . . . . . . . . . ", +" . . . . . . . . . . i=. --q-9;0;T-a;b;. '-D=R=c;y=d;i-e;b;f;H-[;k-. $ g;h;i;j;k;l;D=K-. !;g-m;. $ . . . w=. n;u-5-. i=. o;[;p;. q;r;. . x-s;. h=i=. t-t;C-. l-8;. i=. . . . . . . . . . ", +" . . . . . . . . . i=. u;S=v;w;`=x;. . y;z;A;B;C;p=*-D;i=E;T-H-F;. . G;H;+;I;. J;e;>;. K;y=L;. F=w=w=i=F=. n;M;m;. $ h=. F-N;O;P;o;. . Z-Q;. R;C-. S;+;. . );!;. B=. . . . . . . . . ", +" . . . . . . . . . $ . {;#;T;U;V;W;. . X;<;u-C=o;Y;Z;`;. *-T;Y- >. . .>,;+>o;@>v;[;#>. h=$>H-;;. h=. . w=. _;g-%>. $ i=. &>*>k;=>. F=. ->M;~-. . ;>Y-,-. . Y=>>. i=. . . . . . . . . ", +" . . . . . . . . . i=. ,>y=e-H-'>. w=. )>,;!>I=[;y=~>. {>]>i; ;. . &>^>D=/>S=T;y=(>. . _>:>h-J=<>K=[>}>. |>z=5-. $ $ . i=u=e;B;. F=. =>M;h;1>2>3;w-3>. . 4>S=C=B;. h=. . . . . . ", +" . . . . . . . . . h=. @>5>6>1>. . . $ . 7>!;8>w;8;&>. O=$-9>0>. i=. a>b>x;c>d>k=L=. h=. B=9-[>E-e>f>9-. {>}>{;. $ . B=. r=W-. . i=. m-(>g>h>i>$-j>. h=. S-k>l>m>. i=. . . . . . ", +" . . . . . . . . . . $ . . . $ . . . h=. . . . . . . . . . . . . $ . . . . . . . . . n>$ . . . . . . . . . . . . h=. o>`=p>. i=h=. q>R-. h=. . $ $ . . $ . . . . . . . . . . ", +" . . . . . . . . . . $ i=i=i=. . . . . i=i=h=h=G=i=. $ G=G=$ . . . i=h=h=i=r>G=r>. . . $ i=i=$ $ i=i=. h=G=. . . $ s>T-w;. $ . h=. R-e>. F=$ w=h=. . . $ i=$ h=. . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ . ;>M;t>{;. $ . h=. u>k>. h=. . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i=v>$ $ $ . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h=$ . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h=. . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" "}; diff --git a/src/Resources/Icons/VeraCrypt-16x16.xpm b/src/Resources/Icons/VeraCrypt-16x16.xpm index 082ae182..e243e187 100644 --- a/src/Resources/Icons/VeraCrypt-16x16.xpm +++ b/src/Resources/Icons/VeraCrypt-16x16.xpm @@ -1,105 +1,105 @@ -/* XPM */ -static const char *VeraCryptIcon16x16[] = { -"16 16 86 1", -" c None", -". c #FFFFFF", -"+ c #FDFEFF", -"@ c #FDFEFE", -"# c #FEFEFE", -"$ c #FEFFFE", -"% c #FEFFFF", -"& c #FEFEFF", -"* c #FCFEFE", -"= c #60C9E6", -"- c #6FCDE7", -"; c #C4E7DC", -"> c #8ACCB7", -", c #A0D4C2", -"' c #BFE1D4", -") c #FCFEFD", -"! c #8CD6EC", -"~ c #0096CC", -"{ c #B8E2F1", -"] c #F1F9F7", -"^ c #51BA9C", -"/ c #68C0A5", -"( c #9FD3C0", -"_ c #CFE9E0", -": c #3FA8D7", -"< c #399CD3", -"[ c #F9FCFD", -"} c #87D4C1", -"| c #38B495", -"1 c #E2F4EF", -"2 c #C5E0F1", -"3 c #0C79C1", -"4 c #A0C7E5", -"5 c #E6F8F6", -"6 c #1A7C68", -"7 c #479A80", -"8 c #FBFFFF", -"9 c #FCFDFD", -"0 c #66A1D1", -"a c #2B74BA", -"b c #5AB3C3", -"c c #288F93", -"d c #248C6C", -"e c #89C6B6", -"f c #C5E2DB", -"g c #E4F3EF", -"h c #E1E9F6", -"i c #24679C", -"j c #026B83", -"k c #BAE2ED", -"l c #7CB8A3", -"m c #0E7A59", -"n c #159271", -"o c #60C2AC", -"p c #EEEEEE", -"q c #E6E6E6", -"r c #FFFEFF", -"s c #DCE9EC", -"t c #CEDFE3", -"u c #EEECEC", -"v c #F0F7F4", -"w c #D6E9E3", -"x c #D5EBE5", -"y c #CEEAE4", -"z c #FAFDFD", -"A c #CBCBCA", -"B c #777775", -"C c #8E8E8E", -"D c #A29F9E", -"E c #959190", -"F c #D0D1D0", -"G c #C6C5C5", -"H c #BFBCBC", -"I c #B1ADAD", -"J c #DCD9D9", -"K c #F6F6F6", -"L c #DFDFDE", -"M c #DEDEDE", -"N c #DFDFDF", -"O c #D9DADA", -"P c #EDEDED", -"Q c #E5E6E5", -"R c #CECFCE", -"S c #DEDFDE", -"T c #F4F5F5", -"U c #FDFDFD", -" ", -" ........ ", -" ++....@@#$ ", -" %.&..%%... ", -" *=-.%@.;>,') ", -" .!~{..]^/(_. ", -" %..:<[.}|1.@.. ", -"..@.2345678.@...", -"...9.0abcdefg.$.", -" ..@.hijklmno.$ ", -" .pqrstuvwxyz ", -" .ABCDEFGHIJ. ", -" KLMNOPQRST ", -" ##....#... ", -" UUUU#### ", -" "}; +/* XPM */ +static const char *VeraCryptIcon16x16[] = { +"16 16 86 1", +" c None", +". c #FFFFFF", +"+ c #FDFEFF", +"@ c #FDFEFE", +"# c #FEFEFE", +"$ c #FEFFFE", +"% c #FEFFFF", +"& c #FEFEFF", +"* c #FCFEFE", +"= c #60C9E6", +"- c #6FCDE7", +"; c #C4E7DC", +"> c #8ACCB7", +", c #A0D4C2", +"' c #BFE1D4", +") c #FCFEFD", +"! c #8CD6EC", +"~ c #0096CC", +"{ c #B8E2F1", +"] c #F1F9F7", +"^ c #51BA9C", +"/ c #68C0A5", +"( c #9FD3C0", +"_ c #CFE9E0", +": c #3FA8D7", +"< c #399CD3", +"[ c #F9FCFD", +"} c #87D4C1", +"| c #38B495", +"1 c #E2F4EF", +"2 c #C5E0F1", +"3 c #0C79C1", +"4 c #A0C7E5", +"5 c #E6F8F6", +"6 c #1A7C68", +"7 c #479A80", +"8 c #FBFFFF", +"9 c #FCFDFD", +"0 c #66A1D1", +"a c #2B74BA", +"b c #5AB3C3", +"c c #288F93", +"d c #248C6C", +"e c #89C6B6", +"f c #C5E2DB", +"g c #E4F3EF", +"h c #E1E9F6", +"i c #24679C", +"j c #026B83", +"k c #BAE2ED", +"l c #7CB8A3", +"m c #0E7A59", +"n c #159271", +"o c #60C2AC", +"p c #EEEEEE", +"q c #E6E6E6", +"r c #FFFEFF", +"s c #DCE9EC", +"t c #CEDFE3", +"u c #EEECEC", +"v c #F0F7F4", +"w c #D6E9E3", +"x c #D5EBE5", +"y c #CEEAE4", +"z c #FAFDFD", +"A c #CBCBCA", +"B c #777775", +"C c #8E8E8E", +"D c #A29F9E", +"E c #959190", +"F c #D0D1D0", +"G c #C6C5C5", +"H c #BFBCBC", +"I c #B1ADAD", +"J c #DCD9D9", +"K c #F6F6F6", +"L c #DFDFDE", +"M c #DEDEDE", +"N c #DFDFDF", +"O c #D9DADA", +"P c #EDEDED", +"Q c #E5E6E5", +"R c #CECFCE", +"S c #DEDFDE", +"T c #F4F5F5", +"U c #FDFDFD", +" ", +" ........ ", +" ++....@@#$ ", +" %.&..%%... ", +" *=-.%@.;>,') ", +" .!~{..]^/(_. ", +" %..:<[.}|1.@.. ", +"..@.2345678.@...", +"...9.0abcdefg.$.", +" ..@.hijklmno.$ ", +" .pqrstuvwxyz ", +" .ABCDEFGHIJ. ", +" KLMNOPQRST ", +" ##....#... ", +" UUUU#### ", +" "}; diff --git a/src/Resources/Icons/VeraCrypt-256x256.xpm b/src/Resources/Icons/VeraCrypt-256x256.xpm index 7c9107fe..aa72e83b 100644 --- a/src/Resources/Icons/VeraCrypt-256x256.xpm +++ b/src/Resources/Icons/VeraCrypt-256x256.xpm @@ -1,2029 +1,2029 @@ -/* XPM */ -static const char *VeraCryptIcon256x256[] = { -"256 256 1770 2", -" c None", -". c #FFFFFF", -"+ c #FCFEFF", -"@ c #FBFEFE", -"# c #FCFEFE", -"$ c #FDFEFD", -"% c #FCFEFD", -"& c #FDFEFE", -"* c #FEFFFF", -"= c #9DDEEF", -"- c #7DD3EB", -"; c #85D6EB", -"> c #83D5EB", -", c #7CD2EA", -"' c #B1E3F2", -") c #FDFEFF", -"! c #C4E6DC", -"~ c #B2DDCF", -"{ c #B6DFD2", -"] c #B5DFD2", -"^ c #B3DED1", -"/ c #BDE2D5", -"( c #CBE7DD", -"_ c #CAE7DC", -": c #CAE6DC", -"< c #CFE9DF", -"[ c #96DAEE", -"} c #009FD3", -"| c #03A6D6", -"1 c #00A5D5", -"2 c #01A6D5", -"3 c #00A2D3", -"4 c #13A7D4", -"5 c #DFF3F9", -"6 c #D9EFE9", -"7 c #4CB697", -"8 c #5DBA9C", -"9 c #61BA9D", -"0 c #60BA9D", -"a c #77C2A9", -"b c #8BCAB3", -"c c #8FCBB5", -"d c #8ECBB5", -"e c #90CCB6", -"f c #86C8B0", -"g c #C2E3D7", -"h c #FEFEFE", -"i c #47C0E2", -"j c #00A8D7", -"k c #0FADDA", -"l c #0CACD9", -"m c #0CADD9", -"n c #15AAD6", -"o c #00A0D0", -"p c #62C5E2", -"q c #7DCAB4", -"r c #48B596", -"s c #62BEA2", -"t c #6FC0A6", -"u c #6DC0A6", -"v c #6EC0A6", -"w c #6CBFA5", -"x c #7AC5AC", -"y c #88C9B3", -"z c #8ACAB4", -"A c #98D0BB", -"B c #99D0BC", -"C c #95CEB9", -"D c #A5D6C4", -"E c #FAFDFC", -"F c #C6ECF6", -"G c #05AAD7", -"H c #09ABD8", -"I c #08ABD8", -"J c #0AA9D6", -"K c #0EA6D3", -"L c #0FA7D3", -"M c #07A3D2", -"N c #C2E8F4", -"O c #C0E5DB", -"P c #48B595", -"Q c #54BA9C", -"R c #52B99B", -"S c #66BEA2", -"T c #6CBFA4", -"U c #6BBFA4", -"V c #6ABFA4", -"W c #6EC0A5", -"X c #84C8B0", -"Y c #86C8B1", -"Z c #84C8B1", -"` c #90CCB7", -" . c #97CFBB", -".. c #96CFBA", -"+. c #97D0BB", -"@. c #D9EEE6", -"#. c #67CBE7", -"$. c #0DA7D4", -"%. c #11A7D4", -"&. c #03A2D1", -"*. c #41B9DC", -"=. c #F6FBFA", -"-. c #67C2A7", -";. c #4DB798", -">. c #50B99A", -",. c #59BB9D", -"'. c #69BFA3", -"). c #7CC5AD", -"!. c #87C9B2", -"~. c #85C8B1", -"{. c #95CEBA", -"]. c #91CCB7", -"^. c #B0DBCB", -"/. c #FEFFFE", -"(. c #E2F5FB", -"_. c #17AFDA", -":. c #05AAD8", -"<. c #0BA9D6", -"[. c #12A7D4", -"}. c #9FDBED", -"|. c #A6DBCB", -"1. c #46B494", -"2. c #55BA9D", -"3. c #51B99A", -"4. c #63BDA1", -"5. c #6DBFA5", -"6. c #6ABEA3", -"7. c #71C1A7", -"8. c #8DCBB5", -"9. c #94CEB9", -"0. c #E7F4EF", -"a. c #8CD8ED", -"b. c #09AAD7", -"c. c #10A7D3", -"d. c #08A4D2", -"e. c #25AED7", -"f. c #EEF9FC", -"g. c #E5F4F0", -"h. c #57BB9E", -"i. c #51B89A", -"j. c #53B99B", -"k. c #51B99B", -"l. c #55BA9C", -"m. c #7FC6AE", -"n. c #86C8B2", -"o. c #97CFBA", -"p. c #8FCCB5", -"q. c #BFE2D5", -"r. c #F7FDFE", -"s. c #30B8DE", -"t. c #0AACD8", -"u. c #0CA8D5", -"v. c #12A8D4", -"w. c #7ACEE7", -"x. c #8CD0BC", -"y. c #47B595", -"z. c #5FBCA0", -"A. c #69BEA3", -"B. c #75C3A9", -"C. c #87C8B2", -"D. c #9CD2BE", -"E. c #F4FAF8", -"F. c #B0E4F3", -"G. c #00A7D6", -"H. c #0BACD8", -"I. c #0FA6D3", -"J. c #0DA5D3", -"K. c #10A7D4", -"L. c #D4EFF7", -"M. c #D0ECE4", -"N. c #4CB798", -"O. c #53BA9C", -"P. c #68BEA3", -"Q. c #83C7B0", -"R. c #91CDB8", -"S. c #8FCCB6", -"T. c #50C3E3", -"U. c #00A6D6", -"V. c #0BACD9", -"W. c #00A1D0", -"X. c #56C0E0", -"Y. c #74C7AF", -"Z. c #4AB697", -"`. c #5BBB9E", -" + c #79C4AB", -".+ c #92CDB7", -"++ c #A7D7C5", -"@+ c #D1EFF8", -"#+ c #0BABD8", -"$+ c #07ABD8", -"%+ c #04A2D1", -"&+ c #B6E4F2", -"*+ c #B7E2D5", -"=+ c #47B594", -"-+ c #65BEA2", -";+ c #6ABFA3", -">+ c #6FC1A6", -",+ c #91CDB7", -"'+ c #DEF0EA", -")+ c #74CFE9", -"!+ c #36B5DA", -"~+ c #F9FDFE", -"{+ c #F2F9F7", -"]+ c #61BFA3", -"^+ c #4EB899", -"/+ c #53B99C", -"(+ c #57BA9D", -"_+ c #7DC6AD", -":+ c #86C9B1", -"<+ c #B5DDCE", -"[+ c #EBF8FC", -"}+ c #1FB2DB", -"|+ c #03A9D7", -"1+ c #0BA8D5", -"2+ c #93D7EB", -"3+ c #9DD7C6", -"4+ c #50B99B", -"5+ c #62BDA1", -"6+ c #72C1A8", -"7+ c #86C9B2", -"8+ c #8CCBB5", -"9+ c #95CFBA", -"0+ c #ECF6F2", -"a+ c #99DCEF", -"b+ c #00A6D5", -"c+ c #0AA5D2", -"d+ c #1DACD6", -"e+ c #E6F6FA", -"f+ c #DEF2EC", -"g+ c #80C6AF", -"h+ c #93CEB8", -"i+ c #C5E4D9", -"j+ c #FDFFFF", -"k+ c #3BBCE0", -"l+ c #6DC9E4", -"m+ c #83CDB7", -"n+ c #5EBC9F", -"o+ c #76C3AA", -"p+ c #89CAB3", -"q+ c #A0D4C0", -"r+ c #F7FBFA", -"s+ c #BDE9F5", -"t+ c #02A8D7", -"u+ c #09ACD8", -"v+ c #0BA5D2", -"w+ c #CAEBF5", -"x+ c #C8E8DF", -"y+ c #4AB596", -"z+ c #67BEA3", -"A+ c #6DC0A5", -"B+ c #D4EBE3", -"C+ c #5DC8E5", -"D+ c #01A1D1", -"E+ c #4BBCDE", -"F+ c #6DC4AA", -"G+ c #5ABB9E", -"H+ c #7AC4AC", -"I+ c #ACD9C9", -"J+ c #DBF3F9", -"K+ c #11AED9", -"L+ c #06AAD8", -"M+ c #A9DFEF", -"N+ c #AEDED0", -"O+ c #64BDA2", -"P+ c #70C1A6", -"Q+ c #8DCCB6", -"R+ c #E4F3ED", -"S+ c #2DB2D9", -"T+ c #F3FBFD", -"U+ c #EBF7F3", -"V+ c #5BBDA0", -"W+ c #4FB89A", -"X+ c #56BA9D", -"Y+ c #7EC6AE", -"Z+ c #BAE0D2", -"`+ c #29B5DD", -" @ c #01A8D7", -".@ c #86D2E9", -"+@ c #93D3C0", -"@@ c #47B494", -"#@ c #60BCA0", -"$@ c #74C2A8", -"%@ c #8BCBB4", -"&@ c #95CFB9", -"*@ c #9AD0BC", -"=@ c #F1F8F5", -"-@ c #A7E1F1", -";@ c #0CA5D3", -">@ c #15A9D4", -",@ c #DCF2F9", -"'@ c #D7EFE8", -")@ c #4FB799", -"!@ c #53BA9B", -"~@ c #82C7AF", -"{@ c #92CDB8", -"]@ c #FEFEFF", -"^@ c #48C0E2", -"/@ c #60C4E2", -"(@ c #7BCAB2", -"_@ c #49B596", -":@ c #5CBC9F", -"<@ c #78C4AB", -"[@ c #93CDB8", -"}@ c #A4D5C3", -"|@ c #C9ECF6", -"1@ c #0AAAD7", -"2@ c #C0E8F3", -"3@ c #BFE5D9", -"4@ c #90CDB7", -"5@ c #91CDB6", -"6@ c #DAEEE7", -"7@ c #6ACCE7", -"8@ c #00A0D1", -"9@ c #12A7D3", -"0@ c #40B8DC", -"a@ c #F6FBF9", -"b@ c #66C1A6", -"c@ c #55B99B", -"d@ c #7BC5AC", -"e@ c #85C8B2", -"f@ c #87C9B3", -"g@ c #83C7AF", -"h@ c #B2DCCD", -"i@ c #E5F5FA", -"j@ c #26A3D4", -"k@ c #159CD1", -"l@ c #1A9DD1", -"m@ c #199DD1", -"n@ c #1C9FD2", -"o@ c #0C94CE", -"p@ c #A5D1EB", -"q@ c #98D8C8", -"r@ c #37B291", -"s@ c #4AB89B", -"t@ c #46B799", -"u@ c #47B79A", -"v@ c #41B596", -"w@ c #5BBFA4", -"x@ c #E6F4F0", -"y@ c #ECF7F3", -"z@ c #EAF6F2", -"A@ c #EBF6F2", -"B@ c #EAF5F2", -"C@ c #96D1EA", -"D@ c #0B95CE", -"E@ c #1E9ED2", -"F@ c #1A9CD1", -"G@ c #1B9DD1", -"H@ c #1C8ECD", -"I@ c #3796D1", -"J@ c #EEF7FB", -"K@ c #E0F3EF", -"L@ c #37B597", -"M@ c #38B495", -"N@ c #45B79A", -"O@ c #43B799", -"P@ c #44B799", -"Q@ c #47B89A", -"R@ c #38B392", -"S@ c #B6E3D7", -"T@ c #F9FCFE", -"U@ c #3FACD9", -"V@ c #1198CF", -"W@ c #1C9DD1", -"X@ c #1D97D0", -"Y@ c #278ECE", -"Z@ c #1385CA", -"`@ c #84C0E3", -" # c #FCFDFE", -".# c #77CCB8", -"+# c #26AE8D", -"@# c #36B496", -"## c #41B698", -"$# c #45B799", -"%# c #46B89A", -"&# c #3BB394", -"*# c #6DC7B0", -"=# c #B7E0F0", -"-# c #0F97CF", -";# c #228FCE", -"># c #248DCD", -",# c #228DCD", -"'# c #258ECD", -")# c #D7EAF6", -"!# c #C8EAE2", -"~# c #2CB090", -"{# c #35B495", -"]# c #32B394", -"^# c #37B496", -"/# c #3FB596", -"(# c #D1EDE6", -"_# c #5DB9DF", -":# c #0D96CE", -"<# c #1D9DD2", -"[# c #1E95CF", -"}# c #248CCD", -"|# c #238DCD", -"1# c #268FCE", -"2# c #1686CA", -"3# c #63AEDC", -"4# c #5BC2AA", -"5# c #2AB08F", -"6# c #33B394", -"7# c #3EB697", -"8# c #47B89B", -"9# c #38B292", -"0# c #87D1BD", -"a# c #D5EDF7", -"b# c #199BD1", -"c# c #1B9CD1", -"d# c #1B9AD0", -"e# c #238ECD", -"f# c #1988CB", -"g# c #BADBEF", -"h# c #AADFD3", -"i# c #42B698", -"j# c #4CBA9D", -"k# c #E6F6F2", -"l# c #7FC8E5", -"m# c #0A95CE", -"n# c #1F93CF", -"o# c #1B89CB", -"p# c #469FD5", -"q# c #EEF9F6", -"r# c #44B99D", -"s# c #2FB192", -"t# c #34B395", -"u# c #3CB597", -"v# c #37B292", -"w# c #A4DCCD", -"x# c #EEF8FB", -"y# c #2EA5D5", -"z# c #159AD0", -"A# c #1C99D0", -"B# c #278FCE", -"C# c #1485CA", -"D# c #99CAE8", -"E# c #8AD3C2", -"F# c #25AE8D", -"G# c #34B394", -"H# c #3EB496", -"I# c #5EC1A7", -"J# c #F7FCFB", -"K# c #A2D7EC", -"L# c #0C96CE", -"M# c #2191CE", -"N# c #248ECD", -"O# c #208BCC", -"P# c #3094D0", -"Q# c #E7F3FA", -"R# c #D8F0EB", -"S# c #39B496", -"T# c #3AB394", -"U# c #BFE7DC", -"V# c #4AB1DA", -"W# c #238CCD", -"X# c #78B9E1", -"Y# c #6DC8B3", -"Z# c #27AF8E", -"`# c #40B698", -" $ c #3AB393", -".$ c #76CAB4", -"+$ c #C3E5F3", -"@$ c #1399D0", -"#$ c #1A9BD1", -"$$ c #CEE5F4", -"%$ c #BDE6DD", -"&$ c #29AF8F", -"*$ c #37B495", -"=$ c #43B798", -"-$ c #D8F0EA", -";$ c #69BEE1", -">$ c #0B96CE", -",$ c #1F94CF", -"'$ c #268ECE", -")$ c #1887CA", -"!$ c #59A9D9", -"~$ c #F8FCFC", -"{$ c #52BEA5", -"]$ c #91D4C3", -"^$ c #DFF1F9", -"/$ c #229FD3", -"($ c #189BD1", -"_$ c #1786CA", -":$ c #AED5ED", -"<$ c #9FDBCD", -"[$ c #25AE8C", -"}$ c #40B697", -"|$ c #51BCA0", -"1$ c #EDF8F6", -"2$ c #8DCEE8", -"3$ c #2092CE", -"4$ c #1C89CB", -"5$ c #3E9BD3", -"6$ c #F3F9FC", -"7$ c #E7F6F3", -"8$ c #3DB69A", -"9$ c #30B293", -"0$ c #3BB596", -"a$ c #ADDFD2", -"b$ c #F4FAFD", -"c$ c #38A9D7", -"d$ c #1C98D0", -"e$ c #1385C9", -"f$ c #8EC5E5", -"g$ c #7FCFBD", -"h$ c #3DB495", -"i$ c #65C4AB", -"j$ c #AEDCEF", -"k$ c #0E97CE", -"l$ c #2190CE", -"m$ c #218CCD", -"n$ c #2990CE", -"o$ c #DEEEF8", -"p$ c #CFEDE6", -"q$ c #38B496", -"r$ c #3CB495", -"s$ c #C8EAE1", -"t$ c #55B5DD", -"u$ c #1E96CF", -"v$ c #1586CA", -"w$ c #6DB3DE", -"x$ c #63C5AE", -"y$ c #36B495", -"z$ c #3FB697", -"A$ c #39B393", -"B$ c #7FCDB9", -"C$ c #CEEAF5", -"D$ c #189BD0", -"E$ c #1B9BD1", -"F$ c #228ECD", -"G$ c #C4E0F1", -"H$ c #B3E2D7", -"I$ c #27AE8E", -"J$ c #E0F3EE", -"K$ c #75C4E3", -"L$ c #258ECE", -"M$ c #4EA3D7", -"N$ c #F3FAF9", -"O$ c #4ABBA0", -"P$ c #2DB191", -"Q$ c #3DB597", -"R$ c #9BD8C9", -"S$ c #E8F5FA", -"T$ c #29A2D4", -"U$ c #169AD0", -"V$ c #1C9AD0", -"W$ c #A3CFEA", -"X$ c #94D7C8", -"Y$ c #58BEA4", -"Z$ c #F3FAF8", -"`$ c #99D3EB", -" % c #1E9DD2", -".% c #1E8BCC", -"+% c #3697D1", -"@% c #EDF6FB", -"#% c #DEF3EE", -"$% c #32B293", -"%% c #3AB596", -"&% c #B6E3D8", -"*% c #FAFDFE", -"=% c #42ADD9", -"-% c #1099CF", -";% c #1F98D0", -">% c #82BEE3", -",% c #75CAB6", -"'% c #26AD8C", -")% c #36B395", -"!% c #33B293", -"~% c #43B698", -"{% c #3BB393", -"]% c #6EC7B0", -"^% c #BBE2F1", -"/% c #1098CF", -"(% c #2491CE", -"_% c #D5E9F6", -":% c #C7ECE4", -"<% c #2DB595", -"[% c #36B899", -"}% c #34B898", -"|% c #33B898", -"1% c #39B99A", -"2% c #43B99A", -"3% c #D1EDE5", -"4% c #64B2DC", -"5% c #1883C8", -"6% c #288DCC", -"7% c #258BCB", -"8% c #1884C9", -"9% c #63ABD9", -"0% c #55AD97", -"a% c #249778", -"b% c #2F9C80", -"c% c #2D9B7E", -"d% c #309C80", -"e% c #229576", -"f% c #70BEA9", -"g% c #D9E9F5", -"h% c #2A87C7", -"i% c #2785C7", -"j% c #2986C7", -"k% c #2886C7", -"l% c #2B88C8", -"m% c #1875BC", -"n% c #B7D3E9", -"o% c #A7DCE2", -"p% c #1A817C", -"q% c #236047", -"r% c #20644D", -"s% c #20634B", -"t% c #21624B", -"u% c #1E654D", -"v% c #3A9D82", -"w% c #E2F3EF", -"x% c #88BCE0", -"y% c #197EC3", -"z% c #2C88C8", -"A% c #2887C8", -"B% c #2883C4", -"C% c #1772B9", -"D% c #438DC6", -"E% c #F8FBFD", -"F% c #EDF7F8", -"G% c #3EABB4", -"H% c #29A4AD", -"I% c #257462", -"J% c #21654C", -"K% c #216951", -"L% c #216850", -"M% c #20644C", -"N% c #2D8A6E", -"O% c #219D7C", -"P% c #78C0AC", -"Q% c #F0F6FB", -"R% c #3C91CD", -"S% c #2383C6", -"T% c #2987C7", -"U% c #2179BD", -"V% c #2379BD", -"W% c #116EB7", -"X% c #97C0E0", -"Y% c #85CBD0", -"Z% c #1E9DA6", -"`% c #31A9B4", -" & c #2A9494", -".& c #21654B", -"+& c #21674F", -"@& c #20654D", -"#& c #247258", -"$& c #30A082", -"%& c #309F82", -"&& c #299D7E", -"*& c #CCE7E0", -"=& c #A8CEE8", -"-& c #1B7FC4", -";& c #2987C8", -">& c #247FC2", -",& c #1F76BB", -"'& c #2178BD", -")& c #1D75BB", -"!& c #2C7EC0", -"~& c #E5EFF7", -"{& c #D5EDEF", -"]& c #2CA4AD", -"^& c #2DA4AD", -"/& c #2DA3AC", -"(& c #2EA8B2", -"_& c #257C6E", -":& c #206349", -"<& c #21684F", -"[& c #2B9074", -"}& c #30A284", -"|& c #319F82", -"1& c #259A7B", -"2& c #5EB59E", -"3& c #56A0D3", -"4& c #1E80C4", -"5& c #2B87C8", -"6& c #2784C6", -"7& c #2078BC", -"8& c #2077BC", -"9& c #2479BD", -"0& c #116EB8", -"a& c #74AAD5", -"b& c #67BDC4", -"c& c #219FA8", -"d& c #30A5AE", -"e& c #2DA6B0", -"f& c #2C9CA0", -"g& c #216851", -"h& c #21674E", -"i& c #20634C", -"j& c #267A60", -"k& c #2F9E80", -"l& c #2F9F81", -"m& c #32A083", -"n& c #23997A", -"o& c #B1DBD0", -"p& c #C8E0F1", -"q& c #2283C5", -"r& c #237CC0", -"s& c #2076BB", -"t& c #1C74BB", -"u& c #CBDFEF", -"v& c #BAE1E4", -"w& c #239FA9", -"x& c #2FA5AE", -"y& c #2DA3AB", -"z& c #2EA8B4", -"A& c #27857C", -"B& c #206348", -"C& c #21664F", -"D& c #216950", -"E& c #2D987B", -"F& c #30A183", -"G& c #31A082", -"H& c #299C7D", -"I& c #47AA90", -"J& c #73B0DB", -"K& c #1A7EC3", -"L& c #2683C5", -"M& c #1570B8", -"N& c #5597CC", -"O& c #4CB1B9", -"P& c #26A1AA", -"Q& c #2DA5AE", -"R& c #2DA2AA", -"S& c #226E5A", -"T& c #216750", -"U& c #288369", -"V& c #30A385", -"W& c #33A183", -"X& c #209878", -"Y& c #95CEBF", -"Z& c #E1EEF7", -"`& c #308AC9", -" * c #2685C6", -".* c #227BBE", -"+* c #136FB8", -"@* c #ACCCE6", -"#* c #9BD4D8", -"$* c #1F9EA7", -"%* c #30A6AE", -"&* c #2EA8B3", -"** c #298F8C", -"=* c #236F56", -"-* c #309F81", -";* c #2D9E80", -">* c #36A285", -",* c #E2F2ED", -"'* c #95C3E3", -")* c #197DC3", -"!* c #2581C3", -"~* c #2278BC", -"{* c #1973BA", -"]* c #3A87C4", -"^* c #F3F7FB", -"/* c #E5F4F5", -"(* c #37A8B1", -"_* c #2AA3AC", -":* c #2EA4AD", -"<* c #247665", -"[* c #20644A", -"}* c #2A8D71", -"|* c #30A384", -"1* c #32A183", -"2* c #229979", -"3* c #77C0AD", -"4* c #F6FAFC", -"5* c #4596CE", -"6* c #2182C5", -"7* c #106DB7", -"8* c #8BB8DC", -"9* c #7BC6CB", -"0* c #2EA7B1", -"a* c #2B9799", -"b* c #21664D", -"c* c #25775D", -"d* c #30A283", -"e* c #CAE7DF", -"f* c #B4D5EC", -"g* c #1C80C4", -"h* c #247EC1", -"i* c #2177BC", -"j* c #1E76BB", -"k* c #257ABE", -"l* c #DCEAF4", -"m* c #CDE9EB", -"n* c #28A2AB", -"o* c #267F73", -"p* c #2D9678", -"q* c #2F9E81", -"r* c #31A083", -"s* c #5DB49D", -"t* c #61A6D6", -"u* c #1C7FC4", -"v* c #2887C7", -"w* c #126EB8", -"x* c #68A3D2", -"y* c #5DB9C0", -"z* c #2DA4AC", -"A* c #2DA5AF", -"B* c #2C9FA4", -"C* c #226A54", -"D* c #21664E", -"E* c #278065", -"F* c #239979", -"G* c #AFDACE", -"H* c #D2E6F3", -"I* c #2685C7", -"J* c #227CC0", -"K* c #2278BD", -"L* c #1772BA", -"M* c #C1D9EC", -"N* c #FDFDFE", -"O* c #AFDCE0", -"P* c #209EA8", -"Q* c #278882", -"R* c #226C54", -"S* c #2E9C7E", -"T* c #2FA082", -"U* c #46AA8F", -"V* c #80B7DE", -"W* c #2682C4", -"X* c #1671B9", -"Y* c #4B91C9", -"Z* c #F2FAFA", -"`* c #44AEB6", -" = c #27A1AB", -".= c #23715E", -"+= c #20654B", -"@= c #2A8A6E", -"#= c #94CDBE", -"$= c #EBF3FA", -"%= c #378ECB", -"&= c #2484C6", -"*= c #227ABE", -"== c #A0C5E2", -"-= c #8FCFD3", -";= c #1E9DA7", -">= c #31A6AE", -",= c #2A9291", -"'= c #24735A", -")= c #35A285", -"!= c #E1F1ED", -"~= c #A0CAE6", -"{= c #2580C2", -"]= c #2178BC", -"^= c #1B74BB", -"/= c #3282C2", -"(= c #ECF4F9", -"_= c #DDF0F2", -":= c #31A6AF", -"<= c #2CA3AC", -"[= c #2EA7B2", -"}= c #24796A", -"|= c #20634A", -"1= c #2C9376", -"2= c #77C0AC", -"3= c #FBFDFE", -"4= c #4E9BD1", -"5= c #1F81C5", -"6= c #2A87C8", -"7= c #2885C6", -"8= c #2078BD", -"9= c #7FB1D9", -"0= c #70C1C7", -"a= c #2EA6B1", -"b= c #2B9A9D", -"c= c #267C62", -"d= c #C0DCEF", -"e= c #247DC1", -"f= c #1F77BC", -"g= c #D3E4F2", -"h= c #C3E5E8", -"i= c #25A0AA", -"j= c #268379", -"k= c #226A52", -"l= c #2E9A7C", -"m= c #6BACD8", -"n= c #1B7EC4", -"o= c #2783C5", -"p= c #5E9DCF", -"q= c #54B5BC", -"r= c #24A0AA", -"s= c #2CA1A8", -"t= c #226D57", -"u= c #29866B", -"v= c #DBEBF6", -"w= c #227BBF", -"x= c #2279BD", -"y= c #1570B9", -"z= c #B5D2E9", -"A= c #F9FCFD", -"B= c #A4D8DC", -"C= c #1F9EA8", -"D= c #288C88", -"E= c #237058", -"F= c #8CBEE1", -"G= c #2C89C9", -"H= c #2681C3", -"I= c #1872BA", -"J= c #418BC6", -"K= c #EBF6F7", -"L= c #3CABB3", -"M= c #29A2AC", -"N= c #2EA5AD", -"O= c #247462", -"P= c #21654E", -"Q= c #2B8F73", -"R= c #F1F7FB", -"S= c #3F93CD", -"T= c #237ABE", -"U= c #2076BC", -"V= c #92BDDE", -"W= c #81C7CE", -"X= c #1E9EA7", -"Y= c #2A9696", -"Z= c #216149", -"`= c #25795F", -" - c #2EA283", -".- c #2E9D7F", -"+- c #35A284", -"@- c #FBFDFD", -"#- c #ADD1EA", -"$- c #1778BE", -"%- c #2179BC", -"&- c #1B75BB", -"*- c #3282C3", -"=- c #BADDE8", -"-- c #31A7AE", -";- c #2BA4AD", -">- c #2DA5AD", -",- c #2FA8B2", -"'- c #217D70", -")- c #319778", -"!- c #36A588", -"~- c #35A185", -"{- c #30A083", -"]- c #568DC5", -"^- c #1D66B0", -"/- c #2A6FB5", -"(- c #276DB4", -"_- c #286EB4", -":- c #2569B3", -"<- c #2381A2", -"[- c #2F9FAF", -"}- c #2E9BAE", -"|- c #2E9CAE", -"1- c #309DAE", -"2- c #2899AE", -"3- c #55AEB4", -"4- c #409C7E", -"5- c #339579", -"6- c #35967A", -"7- c #2D9375", -"8- c #2B9274", -"9- c #2B9174", -"0- c #2B9073", -"a- c #5FAE98", -"b- c #65B49F", -"c- c #64B39E", -"d- c #65B39E", -"e- c #60B19B", -"f- c #59AE97", -"g- c #5AAE97", -"h- c #5CAF98", -"i- c #50AA92", -"j- c #97D4C6", -"k- c #CAD9EB", -"l- c #2564AE", -"m- c #2C69B1", -"n- c #2B68B0", -"o- c #2B68AF", -"p- c #2C68B4", -"q- c #22679E", -"r- c #0C6578", -"s- c #2B90A9", -"t- c #3099B1", -"u- c #2F97AF", -"v- c #3097AF", -"w- c #2E97AE", -"x- c #3098AF", -"y- c #E8F3F9", -"z- c #81BBA8", -"A- c #188364", -"B- c #2C8D70", -"C- c #2A8C6F", -"D- c #2A8D70", -"E- c #278769", -"F- c #1E8767", -"G- c #239476", -"H- c #239375", -"I- c #249476", -"J- c #259476", -"K- c #269375", -"L- c #229C7D", -"M- c #28AC8E", -"N- c #D8EFEA", -"O- c #769FCD", -"P- c #1C5FAC", -"Q- c #2D6BB2", -"R- c #2A69B1", -"S- c #2969B0", -"T- c #126783", -"U- c #0A6275", -"V- c #18768C", -"W- c #319BB2", -"X- c #2F97AE", -"Y- c #2F98AF", -"Z- c #339AB0", -"`- c #2091A9", -" ; c #8FC7D3", -".; c #E6F2EF", -"+; c #379479", -"@; c #278B6E", -"#; c #2B8E71", -"$; c #298C6E", -"%; c #298768", -"&; c #2E9578", -"*; c #319B7F", -"=; c #319A7E", -"-; c #309A7D", -";; c #309B7E", -">; c #30AD91", -",; c #1FA889", -"'; c #68C4AF", -"); c #E3EBF5", -"!; c #326FB4", -"~; c #2867B0", -"{; c #2B6AB1", -"]; c #2A69B0", -"^; c #2C69B5", -"/; c #1C6797", -"(; c #0B6576", -"_; c #0E657B", -":; c #0B6378", -"<; c #268AA1", -"[; c #3199B0", -"}; c #2995AD", -"|; c #45A3B8", -"1; c #F2F9FA", -"2; c #9ECBBE", -"3; c #1B8566", -"4; c #2D8F72", -"5; c #28886A", -"6; c #278768", -"7; c #278667", -"8; c #288A6B", -"9; c #2E997C", -"0; c #2E987B", -"a; c #2DA487", -"b; c #2BAD90", -"c; c #2DAD90", -"d; c #21A889", -"e; c #BBE4DB", -"f; c #97B6D9", -"g; c #1B5EAC", -"h; c #2E6CB2", -"i; c #2B69B2", -"j; c #2768AB", -"k; c #0E657C", -"l; c #0D6579", -"m; c #0E667B", -"n; c #136F84", -"o; c #3299B0", -"p; c #2292AA", -"q; c #AFD8E0", -"r; c #FAFCFB", -"s; c #4DA088", -"t; c #22896A", -"u; c #2C8E71", -"v; c #298B6D", -"w; c #278666", -"x; c #2B9173", -"y; c #2E9A7D", -"z; c #2D9C7F", -"A; c #2BAC8F", -"B; c #23A98B", -"C; c #4BB9A0", -"D; c #F8FCFB", -"E; c #F6F9FC", -"F; c #477EBC", -"G; c #2364AE", -"H; c #2C6AB2", -"I; c #18678E", -"J; c #0D657B", -"K; c #0D657A", -"L; c #0A6176", -"M; c #208399", -"N; c #329CB3", -"O; c #2593AB", -"P; c #5EAFC1", -"Q; c #BEDCD3", -"R; c #20886A", -"S; c #2A8D6F", -"T; c #278869", -"U; c #288869", -"V; c #2D977A", -"W; c #2E997D", -"X; c #2CA78A", -"Y; c #2FAD91", -"Z; c #1CA687", -"`; c #9BD8CA", -" > c #B6CCE4", -".> c #1F61AD", -"+> c #2C69B4", -"@> c #2368A4", -"#> c #0C6579", -"$> c #0C6479", -"%> c #0F697E", -"&> c #2D94AB", -"*> c #3099B0", -"=> c #2A95AD", -"-> c #CCE6EC", -";> c #69AF9A", -">> c #1D8667", -",> c #298A6C", -"'> c #278767", -")> c #2A8E70", -"!> c #2D9F82", -"~> c #2CAC90", -"{> c #28AB8E", -"]> c #36B095", -"^> c #E7F5F2", -"/> c #6391C6", -"(> c #1E61AD", -"_> c #2B69B3", -":> c #146687", -"<> c #0B6577", -"[> c #1C7A90", -"}> c #329AB0", -"|> c #2291AA", -"1> c #7BBECC", -"2> c #D9EBE5", -"3> c #298C6F", -"4> c #2B8D70", -"5> c #2D9578", -"6> c #2BA98C", -"7> c #1DA687", -"8> c #7BCCBA", -"9> c #D3E0EF", -"0> c #2968B0", -"a> c #1F689C", -"b> c #298FA5", -"c> c #319AB1", -"d> c #2C97AE", -"e> c #389DB2", -"f> c #E5F2F5", -"g> c #FCFDFD", -"h> c #89C0B0", -"i> c #2E8F72", -"j> c #28896A", -"k> c #298C6D", -"l> c #2DA285", -"m> c #27AB8D", -"n> c #CEECE5", -"o> c #82A7D1", -"p> c #1B5FAC", -"q> c #2A69B2", -"r> c #2969AE", -"s> c #10667F", -"t> c #0D667B", -"u> c #0B6277", -"v> c #167388", -"w> c #309AB1", -"x> c #9BCDD8", -"y> c #F0F7F5", -"z> c #3E987D", -"A> c #258A6C", -"B> c #298B6E", -"C> c #2B9375", -"D> c #2E9B7E", -"E> c #2BAB8E", -"F> c #2EAD90", -"G> c #20A88A", -"H> c #5DC0A9", -"I> c #ECF1F8", -"J> c #3974B7", -"K> c #2666B0", -"L> c #1B6794", -"M> c #24879E", -"N> c #2894AC", -"O> c #4DA7BB", -"P> c #F8FBFC", -"Q> c #A9D1C6", -"R> c #2CA588", -"S> c #2EAD91", -"T> c #1EA788", -"U> c #AFE0D5", -"V> c #A2BEDD", -"W> c #2668A9", -"X> c #0C6378", -"Y> c #126C81", -"Z> c #2492AB", -"`> c #B9DCE4", -" , c #57A58E", -"., c #208869", -"+, c #2D8E72", -"@, c #298A6D", -"#, c #2B9072", -"$, c #2D9D80", -"%, c #25AA8C", -"&, c #43B59C", -"*, c #5184BF", -"=, c #2163AE", -"-, c #2C6BB2", -";, c #16668B", -">, c #1F7F96", -",, c #319CB3", -"', c #68B4C5", -"), c #C9E2DB", -"!, c #24896C", -"~, c #2A8C70", -"{, c #278868", -"], c #2D9779", -"^, c #2CA88B", -"/, c #90D4C5", -"(, c #C2D4E9", -"_, c #2263AE", -":, c #2268A2", -"<, c #0D6479", -"[, c #0E677C", -"}, c #2B92A9", -"|, c #2E98AF", -"1, c #D5EAEF", -"2, c #74B5A2", -"3, c #1C8567", -"4, c #298D6F", -"5, c #2DA083", -"6, c #2CAC8F", -"7, c #29AB8E", -"8, c #30AE92", -"9, c #DEF2ED", -"0, c #6E98CA", -"a, c #1D60AC", -"b, c #126684", -"c, c #19788D", -"d, c #86C3D0", -"e, c #E2EFEB", -"f, c #329175", -"g, c #288C6E", -"h, c #2B8D71", -"i, c #2C9477", -"j, c #2BAA8D", -"k, c #70C7B3", -"l, c #DCE6F2", -"m, c #2B69B1", -"n, c #1E6799", -"o, c #278CA3", -"p, c #3099AF", -"q, c #2B96AD", -"r, c #3FA0B5", -"s, c #EDF6F8", -"t, c #96C7B8", -"u, c #288A6C", -"v, c #2DA386", -"w, c #C4E8E0", -"x, c #8EB0D6", -"y, c #2869AD", -"z, c #0F657E", -"A, c #157086", -"B, c #2191AA", -"C, c #A5D2DD", -"D, c #F6FAF9", -"E, c #479D83", -"F, c #23896B", -"G, c #2E9C7F", -"H, c #22A88A", -"I, c #53BCA4", -"J, c #F2F6FA", -"K, c #4179BA", -"L, c #2465AF", -"M, c #196791", -"N, c #0A6277", -"O, c #22849B", -"P, c #329BB3", -"Q, c #2694AC", -"R, c #56ABBE", -"S, c #B5D7CD", -"T, c #1E8768", -"U, c #2D987A", -"V, c #2CA689", -"W, c #1DA788", -"X, c #A4DBCF", -"Y, c #AEC5E1", -"Z, c #2468A7", -"`, c #106A80", -" ' c #2D95AC", -".' c #2794AC", -"+' c #C4E2E8", -"@' c #61AB95", -"#' c #2A8F70", -"$' c #2D9E81", -"%' c #2CAD90", -"&' c #27AA8D", -"*' c #3CB398", -"=' c #EDF8F5", -"-' c #5B8BC3", -";' c #156689", -">' c #1D7D93", -",' c #329BB2", -"'' c #72B9C9", -")' c #D2E7E1", -"!' c #288C6F", -"~' c #2D9679", -"{' c #2CA98C", -"]' c #1CA688", -"^' c #84CFBE", -"/' c #CCDBEC", -"(' c #2566B0", -"_' c #2A6AB0", -":' c #20689F", -"<' c #2A90A7", -"[' c #2D97AE", -"}' c #DEEEF2", -"|' c #80BBAA", -"1' c #1C8566", -"2' c #28896B", -"3' c #2DA184", -"4' c #2AAC8F", -"5' c #D5EFE9", -"6' c #79A1CE", -"7' c #1D5FAC", -"8' c #2F6CB2", -"9' c #136783", -"0' c #0E6679", -"a' c #0F667B", -"b' c #0F677C", -"c' c #0D6378", -"d' c #19768B", -"e' c #369DB4", -"f' c #2090A9", -"g' c #91C8D5", -"h' c #EBF4F1", -"i' c #38957A", -"j' c #278C6E", -"k' c #2D8D70", -"l' c #298869", -"m' c #288768", -"n' c #2D9477", -"o' c #2DAC8F", -"p' c #67C4AF", -"q' c #E5EDF5", -"r' c #346FB8", -"s' c #0F5F90", -"t' c #046072", -"u' c #056076", -"v' c #046075", -"w' c #045E74", -"x' c #168199", -"y' c #47A6BA", -"z' c #F2F8FA", -"A' c #A2CDC0", -"B' c #178263", -"C' c #228566", -"D' c #1F8363", -"E' c #1F8262", -"F' c #208666", -"G' c #279476", -"H' c #25A284", -"I' c #23AA8C", -"J' c #26AA8C", -"K' c #18A585", -"L' c #B3E1D7", -"M' c #A1BED9", -"N' c #2A768E", -"O' c #36808F", -"P' c #347E8F", -"Q' c #347F90", -"R' c #357D8E", -"S' c #308194", -"T' c #B5DBE3", -"U' c #66AC97", -"V' c #44977C", -"W' c #4B9B81", -"X' c #4A9A80", -"Y' c #4A987E", -"Z' c #4DA58C", -"`' c #4DBAA2", -" ) c #4DB9A1", -".) c #4FBAA2", -"+) c #46B69D", -"@) c #6DC5B1", -"#) c #FDFDFD", -"$) c #FCFCFC", -"%) c #FBFBFB", -"&) c #D5D5D5", -"*) c #C2C2C2", -"=) c #C6C6C6", -"-) c #C5C5C5", -";) c #C4C4C4", -">) c #CACACA", -",) c #E4E4E4", -"') c #C1C1C1", -")) c #F9F9F9", -"!) c #DBDBDA", -"~) c #A9A9A8", -"{) c #848483", -"]) c #747473", -"^) c #757573", -"/) c #767675", -"() c #8A8A89", -"_) c #ADADAC", -":) c #DEDEDE", -"<) c #858584", -"[) c #020200", -"}) c #171715", -"|) c #141412", -"1) c #121210", -"2) c #161614", -"3) c #D9D9D9", -"4) c #6E6E6C", -"5) c #040402", -"6) c #151513", -"7) c #0A0A07", -"8) c #3F3F3D", -"9) c #B1B1B0", -"0) c #4E4E4C", -"a) c #20201E", -"b) c #10100E", -"c) c #090907", -"d) c #060604", -"e) c #050503", -"f) c #070705", -"g) c #131311", -"h) c #181816", -"i) c #8F8F8E", -"j) c #D2D2D2", -"k) c #1C1C1A", -"l) c #1F1F1D", -"m) c #232321", -"n) c #0F0F0D", -"o) c #9F9F9E", -"p) c #F6F6F6", -"q) c #373736", -"r) c #191917", -"s) c #10100D", -"t) c #90908F", -"u) c #E3E3E2", -"v) c #565654", -"w) c #0E0E0C", -"x) c #30302E", -"y) c #444443", -"z) c #4C4C4B", -"A) c #424240", -"B) c #2E2E2C", -"C) c #1B1B19", -"D) c #000000", -"E) c #A6A6A6", -"F) c #434341", -"G) c #5E5E5D", -"H) c #C6C6C5", -"I) c #1E1E1D", -"J) c #1E1E1C", -"K) c #1D1D1B", -"L) c #D4D4D4", -"M) c #D6D6D5", -"N) c #2D2D2B", -"O) c #21211F", -"P) c #777776", -"Q) c #EFEFEE", -"R) c #FDFDFC", -"S) c #EDEDED", -"T) c #C5C5C4", -"U) c #7D7D7C", -"V) c #E6E6E5", -"W) c #EBEBEB", -"X) c #696968", -"Y) c #D8D8D8", -"Z) c #858583", -"`) c #0E0E0B", -" ! c #0D0D0B", -".! c #141411", -"+! c #494947", -"@! c #E8E8E7", -"#! c #31312F", -"$! c #171714", -"%! c #454543", -"&! c #5C5C5A", -"*! c #CDCDCD", -"=! c #C9C9C8", -"-! c #131310", -";! c #BABABA", -">! c #474746", -",! c #929291", -"'! c #646462", -")! c #464645", -"!! c #F3F3F2", -"~! c #D0D0D0", -"{! c #3E3E3C", -"]! c #7A7A79", -"^! c #E3E3E3", -"/! c #B3B3B2", -"(! c #9D9D9C", -"_! c #9B9B9A", -":! c #EFEFEF", -"~ c #F0F0F0", -",~ c #292927", -"'~ c #7B7B7A", -")~ c #D7D7D7", -"!~ c #4F4F4D", -"~~ c #0A0A08", -"{~ c #8C8C8A", -"]~ c #5B5B5A", -"^~ c #9E9E9D", -"/~ c #C0C0C0", -"(~ c #0C0C0B", -"_~ c #A3A3A2", -":~ c #9A9A99", -"<~ c #E8E8E8", -"[~ c #1A1A18", -"}~ c #DADADA", -"|~ c #C2C2C1", -"1~ c #2A2A28", -"2~ c #DBDBDB", -"3~ c #80807F", -"4~ c #828281", -"5~ c #686867", -"6~ c #373735", -"7~ c #424241", -"8~ c #ADADAD", -"9~ c #262624", -"0~ c #191916", -"a~ c #2C2C2B", -"b~ c #EAEAEA", -"c~ c #525251", -"d~ c #B8B8B7", -"e~ c #4F4F4E", -"f~ c #0C0C0A", -"g~ c #AAAAA9", -"h~ c #C1C1C0", -"i~ c #454544", -"j~ c #989897", -"k~ c #C0C0BF", -"l~ c #B5B5B4", -"m~ c #E5E5E4", -"n~ c #5A5A59", -"o~ c #B1B1B1", -"p~ c #11110E", -"q~ c #3B3B3A", -"r~ c #F4F4F4", -"s~ c #F0F0F1", -"t~ c #6B6B69", -"u~ c #898988", -"v~ c #A2A2A2", -"w~ c #DCDCDC", -"x~ c #CECECD", -"y~ c #555554", -"z~ c #343432", -"A~ c #A1A1A1", -"B~ c #6F6F6E", -"C~ c #919190", -"D~ c #444442", -"E~ c #30302F", -"F~ c #F1F1F0", -"G~ c #575756", -"H~ c #D1D1D0", -"I~ c #BBBBBA", -"J~ c #717170", -"K~ c #AFAFAF", -"L~ c #ACACAC", -"M~ c #C9C9C9", -"N~ c #EEEEEE", -"O~ c #E9E9E9", -"P~ c #646463", -"Q~ c #FFFFFE", -"R~ c #81817F", -"S~ c #767674", -"T~ c #595957", -"U~ c #D2D2D1", -"V~ c #A8A8A7", -"W~ c #565655", -"X~ c #323230", -"Y~ c #B9B9B9", -"Z~ c #5D5D5C", -"`~ c #161613", -" { c #B0B0B0", -".{ c #DCDCDB", -"+{ c #868685", -"@{ c #6C6C6A", -"#{ c #ACACAB", -"${ c #656564", -"%{ c #E1E1E1", -"&{ c #151512", -"*{ c #696967", -"={ c #D0D0CF", -"-{ c #6F6F6D", -";{ c #CECECE", -">{ c #353533", -",{ c #4B4B4A", -"'{ c #4E4E4D", -"){ c #A1A1A0", -"!{ c #A4A4A3", -"~{ c #575755", -"{{ c #B0B0AF", -"]{ c #C7C7C6", -"^{ c #494948", -"/{ c #474745", -"({ c #9B9B9B", -"_{ c #20201F", -":{ c #E7E7E7", -"<{ c #0F0F0C", -"[{ c #BDBDBD", -"}{ c #5F5F5E", -"|{ c #555553", -"1{ c #DDDDDD", -"2{ c #12120F", -"3{ c #E0E0DF", -"4{ c #999998", -"5{ c #727271", -"6{ c #878786", -"7{ c #4D4D4C", -"8{ c #DFDFDF", -"9{ c #D4D4D3", -"0{ c #DDDDDC", -"a{ c #3D3D3C", -"b{ c #666665", -"c{ c #545453", -"d{ c #71716F", -"e{ c #1F1F1E", -"f{ c #484847", -"g{ c #959594", -"h{ c #4B4B49", -"i{ c #D1D1D1", -"j{ c #40403F", -"k{ c #7C7C7A", -"l{ c #979796", -"m{ c #262625", -"n{ c #F3F3F3", -"o{ c #585856", -"p{ c #464644", -"q{ c #595958", -"r{ c #BEBEBD", -"s{ c #FCFCFB", -"t{ c #A7A7A6", -"u{ c #1C1C19", -"v{ c #B9B9B8", -"w{ c #BCBCBB", -"x{ c #A5A5A5", -"y{ c #969695", -"z{ c #626261", -"A{ c #B4B4B4", -"B{ c #4A4A49", -"C{ c #CFCFCF", -"D{ c #1B1B18", -"E{ c #60605F", -"F{ c #A6A6A5", -"G{ c #0D0D0A", -"H{ c #272726", -"I{ c #22221F", -"J{ c #777775", -"K{ c #F4F4F3", -"L{ c #6E6E6D", -"M{ c #1C1C1B", -"N{ c #E2E2E1", -"O{ c #080805", -"P{ c #8E8E8E", -"Q{ c #737372", -"R{ c #AFAFAE", -"S{ c #282826", -"T{ c #393937", -"U{ c #A7A7A7", -"V{ c #5A5A58", -"W{ c #2C2C2A", -"X{ c #545452", -"Y{ c #070704", -"Z{ c #B3B3B3", -"`{ c #F9F9F8", -" ] c #8C8C8B", -".] c #70706F", -"+] c #A6A6A4", -"@] c #D3D3D2", -"#] c #949493", -"$] c #393938", -"%] c #030301", -"&] c #050502", -"*] c #ABABAB", -"=] c #838382", -"-] c #B2B2B1", -";] c #CCCCCB", -">] c #CFCFCE", -",] c #C8C8C8", -"'] c #8F8F8D", -")] c #9B9B99", -"!] c #5C5C5B", -"~] c #666664", -"{] c #888887", -"]] c #656563", -"^] c #4F4F4C", -"/] c #CBCBCA", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . + @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ % % % % % % % % % % % % % % % % % % % % % % % % % % & & & & & & & & & & & & & & & & & & & & & & & & & & & & . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . * . = - ; > > > > > > > > > > > > > > > > > > > > > > ; , ' . ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ! ~ { ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ^ / ( _ ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( : < & . . . . . . . . . ", -" . . . . . . . . + . [ } | 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 2 3 4 5 . ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . 6 7 8 9 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 a b c d d d d d d d d d d d d d d d d d d d d d d e f g . h . . . . . . . . ", -" . . . . . . . . . . * . i j k l l l l l l l l l l l l l l l l l l l l l m n o p . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . q r s t u v v v v v v v v v v v v v v v v v v v v v w x y z A A A A A A A A A A A A A A A A A A A A A A B C D E . . . . . . . . . . . ", -" . . . . . . . . . . ) . F G H I I I I I I I I I I I I I I I I I I I I I J K L M N . + . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . O P Q R S T U U U U U U U U U U U U U U U U U U U U V W X Y Z ` .........................................+.e @.. h . . . . . . . . . . ", -" . . . . . . . . . . . . # . #.1 l I I I I I I I I I I I I I I I I I I I I $.K %.&.*.. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . =.-.;.Q >.,.w U U U U U U U U U U U U U U U U U U U U '.).!.~.~.!.{.......................................+.].^.. /.. . . . . . . . . . . . ", -" . . . . . . . . . . . . . * . (._.:.H I I I I I I I I I I I I I I I I I I <.K K K [.o }.. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . |.1.2.R R 3.4.5.U U U U U U U U U U U U U U U U U U 6.7.Y ~.~.~.X 8. .......................................9.0.. /.. . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . @ . a.1 l I I I I I I I I I I I I I I I I I b.K K K K c.d.e.f.. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . /.. g.h.i.j.R R k.l.U U U U U U U U U U U U U U U U U U U V m.n.~.~.~.~.~.9.o.................................A p.q.. h . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . * . r.s.j t.I I I I I I I I I I I I I I I I u.K K K K K v.o w.. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . x.y.2.R R R R >.z.5.U U U U U U U U U U U U U U U U A.B.C.~.~.~.~.~.X z ...............................o.9.D.E.. * . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . + . F.G.H.I I I I I I I I I I I I I I I b.K K K K K K I.J.K.L.. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . M.N.O.R R R R R R j.P.T U U U U U U U U U U U U U U U w Q.Y ~.~.~.~.~.~.X R. .............................A S.< . & . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . ) . T.U.V.I I I I I I I I I I I I I I $.K K K K K K K %.W.X.. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h Y.Z.Q R R R R R R >.`.T U U U U U U U U U U U U U U A. +!.~.~.~.~.~.~.~.Z y ............................ ..+++% . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . ) . @+#+$+H I I I I I I I I I I I I J K K K K K K K K K c.%+&+. + . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . *+=+l.R R R R R R R R k.-+w U U U U U U U U U U U U ;+>+~.~.~.~.~.~.~.~.~.~.X S. ......................... .,+'+. h . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . + . )+1 l I I I I I I I I I I I I $.K K K K K K K K K c.%+!+~+. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . {+]+^+/+R R R R R R R R 3.(+T U U U U U U U U U U U U A._+!.~.~.~.~.~.~.~.~.~.~.:+C ......................A e <+. /.. . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . * . [+}+|+t.I I I I I I I I I I 1+K K K K K K K K K K K [.o 2+. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . 3+1.2.R R R R R R R R R R 4+5+5.U U U U U U U U U U A.6+7+~.~.~.~.~.~.~.~.~.~.~.X 8+ .....................9+..0+. /.. . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . # . a+b+l I I I I I I I I I b.K K K K K K K K K K K K I.c+d+e+. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . f+j.R R R R R R R R R R R R k.Q V U U U U U U U U U U U g+n.~.~.~.~.~.~.~.~.~.~.~.~.~.h+o.................A p.i+. h . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . j+k+G.H.I I I I I I I I u.K K K K K K K K K K K K K [.o l+. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . m+P Q R R R R R R R R R R R R >.n+5.U U U U U U U U A.o+!.~.~.~.~.~.~.~.~.~.~.~.~.~.X p+o...............o.h+q+r+. . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . + . s+t+u+I I I I I I I J K K K K K K K K K K K K K K K K v+w+. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . x+y+Q R R R R R R R R R R R R R R R z+T U U U U U U V A+X ~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.Z ` .............+.e B+. h . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . + . C+b+l I I I I I I $.K K K K K K K K K K K K K K K %.D+E+. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E F+7 Q R R R R R R R R R R R R R R >.G+w U U U U U U A.H+!.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.Z !.............+.,+I+. . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . J+K+L+H I I I I <.K K K K K K K K K K K K K K K K K %.D+M+. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . N+1.2.R R R R R R R R R R R R R R R R 3.O+5.U U U U ;+P+Y ~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.X Q+ .........o.h+R+. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . @ . > 1 l I I I H $.K K K K K K K K K K K K K K K K K c.M S+T+. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . /.. U+V+W+j.R R R R R R R R R R R R R R R R k.X+U U U U U ;+Y+!.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.9.o.....A p.Z+. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . T+`+ @t.I I 1+K K K K K K K K K K K K K K K K K K K v.o .@. @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . +@@@2.R R R R R R R R R R R R R R R R R R >.#@5.U U A.$@n.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.X %@o.....&@*@=@. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . -@U.H.I b.K K K K K K K K K K K K K K K K K K K K I.;@>@,@. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . '@)@j.R R R R R R R R R R R R R R R R R R R k.!@A.T V T ~@Y ~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.Z {@o.A p.( . & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. ^@G.V.u.K K K K K K K K K K K K K K K K K K K K K [.o /@. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . (@_@Q R R R R R R R R R R R R R R R R R R R R >.:@5.A.<@!.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.Z p++.[@}@E . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . |@L+1@I.K K K K K K K K K K K K K K K K K K K K K K L M 2@. + . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . 3@P Q R R R R R R R R R R R R R R R R R R R R R R k.S t Q.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.X 4@5@6@. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . 7@8@9@K K K K K K K K K K K K K K K K K K K K K K %.&.0@* . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . a@b@;.O.R R R R R R R R R R R R R R R R R R R R R R R c@d@y e@n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.f@g@h@. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. i@j@k@l@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@n@o@p@. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . % . q@r@s@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@u@v@w@x@y@z@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@B@a@. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . C@D@E@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@G@H@I@J@. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . K@L@M@N@O@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@Q@R@S@. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . T@U@V@W@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@m@X@Y@Z@`@. #. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . .#+#@###$#P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@%#&#*#. /././././././././././././././././././././././././././.* . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . =#-#W@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@;#>#,#'#)#. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . !#~#{#]#^#$#P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@$#/#(#. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . _#:#<#F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@m@[#}#|#1#2#3#. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & 4#5#{#6#]#7#$#P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@8#9#0#. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . a#W@b#c#F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@d#e#|#|#|#'#f#g#. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . h#+#@#6#6#]#{#P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@$#i#j#k#. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . l#m#E@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@l@n#}#|#|#|#'#o#p#T@. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . q#r#s#t#6#6#6#]#u#$#P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@8#v#w#. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . x#y#z#W@F@F@F@F@F@F@F@F@F@F@F@F@F@F@m@A#|#|#|#|#|#|#B#C#D#. #. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . E#F#^#6#6#6#6#6#G#i#$#P@P@P@P@P@P@P@P@P@P@P@P@P@P@%#H#I#J#. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . K#L#<#F@F@F@F@F@F@F@F@F@F@F@F@F@F@l@M#}#|#|#|#|#|#N#O#P#Q#. ]@. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . R#6#6#6#6#6#6#6#6#]#S#$#P@P@P@P@P@P@P@P@P@P@P@P@P@P@%#T#U#. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * * V#-#<#F@F@F@F@F@F@F@F@F@F@F@F@m@X@W#|#|#|#|#|#|#|#B#C#X#. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . Y#Z#@#6#6#6#6#6#6#6#6#`#$#P@P@P@P@P@P@P@P@P@P@P@P@Q@ $.$. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . +$@$G@F@F@F@F@F@F@F@F@F@F@F@F@#$;#|#|#|#|#|#|#|#|#|#|#O#$$. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . %$&${#6#6#6#6#6#6#6#6#]#*$P@P@P@P@P@P@P@P@P@P@P@P@P@P@=$-$. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . ;$>$E@F@F@F@F@F@F@F@F@F@F@m@,$}#|#|#|#|#|#|#|#|#|#'$)$!$. ]@. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . ~${$~#{#6#6#6#6#6#6#6#6#6#]#7#$#P@P@P@P@P@P@P@P@P@P@8#v#]$. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. ^$/$($c#F@F@F@F@F@F@F@F@l@d#|#|#|#|#|#|#|#|#|#|#|#|#'$_$:$. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . % . <$[$@#6#6#6#6#6#6#6#6#6#6#6#{#O@P@P@P@P@P@P@P@P@P@N@}$|$1$. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . 2$m#E@F@F@F@F@F@F@F@F@m@3$}#|#|#|#|#|#|#|#|#|#|#|#'#4$5$6$. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . /.. 7$8$9$G#6#6#6#6#6#6#6#6#6#6#6#]#0$$#P@P@P@P@P@P@P@P@8#9#a$. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . b$c$@$W@F@F@F@F@F@F@m@d$}#|#|#|#|#|#|#|#|#|#|#|#|#|#B#e$f$. #. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . g$F#@#6#6#6#6#6#6#6#6#6#6#6#6#6#6#i#$#P@P@P@P@P@P@%#h$i$% . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . j$k$<#F@F@F@F@F@F@F@l$W#|#|#|#|#|#|#|#|#|#|#|#|#|#>#m$n$o$. ]@. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . p$s#G#6#6#6#6#6#6#6#6#6#6#6#6#6#6#]#q$$#P@P@P@P@P@P@%#r$s$. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . t$k$<#F@F@F@F@m@u$}#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#1#v$w$. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . /.. x$&$y$6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#]#z$$#P@P@P@P@8#A$B$. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . C$D$F@F@F@F@F@E$F$|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#'#o#G$. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . H$I$y$6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#]#y$P@P@P@P@$#=$8#J$. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . K$m#E@F@F@m@n#}#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#L$f#M$) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . N$O$P${#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#]#Q$$#P@P@8#v#R$. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. S$T$U$c#l@V$|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#B#v$W$. #. . . . . . . . . . . . . . . . . . . . . . . . . . . % . X$F#^#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#G#=$P@N@/#Y$Z$. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . `$m# %m@M#}#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#N#.%+%@%. * . . . . . . . . . . . . . . . . . . . . . . . . . h . #%^#$%G#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#]#%%$#Q@A$&%. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . *%=%-%;%}#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#B#C#>%. #. . . . . . . . . . . . . . . . . . . . . . . . . & . ,%'%)%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%~%{%]%. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . ^%/%(%|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#>#,#e#_%. ) . . . . . . . . . . . . . . . . . . . . . . . & . :%<%[%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%|%1%2%3%. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . 4%5%6%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%6%8%9%. ) . . . . . . . . . . . . . . . . . . . . . . . . ) 0%a%b%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%d%e%f%. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . g%h%i%j%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%l%m%n%. #. . . . . . . . . . . . . . . . . . . . . # . o%p%q%r%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%t%u%v%w%. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. x%y%z%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%A%B%C%D%E%. * . . . . . . . . . . . . . . . . . . . * . F%G%H%I%J%K%L%L%L%L%L%L%L%L%L%L%L%L%L%L%L%L%L%L%L%L%K%M%N%O%P%. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . Q%R%S%T%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%U%V%W%X%. #. . . . . . . . . . . . . . . . . . . # . Y%Z%`% &.&L%+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&L%@&#&$&%&&&*&. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. =&-&l%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%;&>&,&'&)&!&~&. ]@. . . . . . . . . . . . . . . . . & . {&]&^&/&(&_&:&L%+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&<&@&[&}&|&1&2&. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3&4&5&k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%6&7&8&8&9&0&a&. #. . . . . . . . . . . . . . . . . & . b&c&d&/&e&f&g&h&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&L%i&j&}&k&l&m&n&o&. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . p&q&T%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%A%r&s&8&8&8&8&t&u&. & . . . . . . . . . . . . . . . # . v&w&x&^&^&y&z&A&B&g&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&C&D&E&F&l&l&G&H&I&E.. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . J&K&z%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%A%L&8&8&8&8&8&V%M&N&. ]@. . . . . . . . . . . . . . * . ~$O&P&x&^&^&^&Q&R&S&J%T&+&+&+&+&+&+&+&+&+&+&+&+&+&+&L%s%U&V&k&l&l&l&W&X&Y&. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. Z&`& *j%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%.*s&8&8&8&8&8&V%+*@*. #. . . . . . . . . . . . . # . #*$*%*^&^&^&^&y&&***:&L%+&+&+&+&+&+&+&+&+&+&+&+&+&+&@&=*k&l&l&l&l&l&-*;*>*,*. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. '*)*z%k%k%k%k%k%k%k%k%k%k%k%k%k%A%!*s&8&8&8&8&8&8&~*{*]*^*. * . . . . . . . . . . . ]@. /*(*_*:*^&^&^&^&^&/&e&<*[*L%+&+&+&+&+&+&+&+&+&+&+&+&L%M%}*|*k&l&l&l&l&l&1*2*3*. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . 4*5*6*h%k%k%k%k%k%k%k%k%k%k%k%k%i%U%8&8&8&8&8&8&8&8&9&7*8*. #. . . . . . . . . . . # . 9*$*d&^&^&^&^&^&^&/&0*a*b*+&+&+&+&+&+&+&+&+&+&+&+&L%M%c*d*l&l&l&l&l&l&l&l&$&H&e*. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . f*g*l%k%k%k%k%k%k%k%k%k%k%k%;&h*,&8&8&8&8&8&8&8&8&i*j*k*l*. ) . . . . . . . . . & . m*n*:*^&^&^&^&^&^&^&^&/&&*o*B&g&+&+&+&+&+&+&+&+&+&+&+&+&p*F&q*l&l&l&l&l&l&l&r*1&s*. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . t*u*l%k%k%k%k%k%k%k%k%k%v*6&8&8&8&8&8&8&8&8&8&8&8&V%w*x*. & . . . . . . . . . * . y*w&d&^&^&^&^&^&^&^&^&z*A*B*C*D*+&+&+&+&+&+&+&+&+&L%i&E*|*k&l&l&l&l&l&l&l&l&l&m&F*G*. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . H*I*k%k%k%k%k%k%k%k%k%k%A%J*,&8&8&8&8&8&8&8&8&8&8&8&K*L*M*. N*. . . . . . . # . O*P*d&^&^&^&^&^&^&^&^&^&^&y&z&Q*B&g&+&+&+&+&+&+&+&+&D*R*S*T*l&l&l&l&l&l&l&l&l&l&G&H&U*Z$. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . V*y%z%k%k%k%k%k%k%k%;&W*s&8&8&8&8&8&8&8&8&8&8&8&8&K*X*Y*& . . . . . . . * . Z*`* =x&^&^&^&^&^&^&^&^&^&^&^&^&z*.=+=L%+&+&+&+&+&+&L%i&@=|*k&l&l&l&l&l&l&l&l&l&l&l&W&X&#=. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. $=%=&=T%k%k%k%k%k%k%k%*=s&8&8&8&8&8&8&8&8&8&8&8&8&8&V%w*==. #. . . . . # . -=;=>=^&^&^&^&^&^&^&^&^&^&^&^&/&&*,=[*L%+&+&+&+&+&L%M%'=T*l&l&l&l&l&l&l&l&l&l&l&l&l&-*;*)=!=. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. ~=K&l%k%k%k%k%k%A%{=s&8&8&8&8&8&8&8&8&8&8&8&8&8&8&]=^=/=(=. ]@. . . & . _=:=<=:*^&^&^&^&^&^&^&^&^&^&^&^&^&/&[=}=|=L%+&+&+&+&+&D*1=}&k&l&l&l&l&l&l&l&l&l&l&l&l&l&1*2*2=. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3=4=5=6=k%k%k%k%7=8=8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&9&W%9=. #. . . & . 0=P*d&^&^&^&^&^&^&^&^&^&^&^&^&^&^&/&a=b=+&+&+&+&+&L%i&c=|*k&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&$&H&e*. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . d=5=h%k%k%k%A%e=s&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&f=g=. & . & . h=i=x&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&y&z&j=B&g&+&+&D*k=l=T*l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&r*1&s*. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . m=n=l%k%A%o=8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&V%+*p=. ) * . # q=r=x&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&Q&s=t=b*T&L%i&u=|*k&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&m&F*G*. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . v=l%i%j%;&w=,&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&x=y=z=. A=. B=C=d&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&y&z&D=:&K%@&E=l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&G&H&U*Z$. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. F=y%G=H=s&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&K*I=J=4*. K=L=M=N=^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&A*O=+=P=Q=}&k&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&W&X&#=. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . R=S=q&T=U=8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&9&7*V=. W=X=>=^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&/&[=Y=Z=`= -.-l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&-*;*+-!=. @-& & & h * * * * * * * * * * * * * * * * * * * * * /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. #-$-K*7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&%-&-*-=---;->->->->->->->->->->->->->->->->->->->->->->-z*,-'-)-!-~-{-T*l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&1*2*3*. & . . . . . . . . . . . . . . . . . . . . . . . . . . /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. ]-^-/-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-_-:-<-[-}-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-1-2-3-4-5-6-7-8-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-0-a-b-c-c-d-e-f-g-g-g-g-g-g-g-g-g-g-g-g-g-g-g-g-g-g-h-i-j-. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . N*. k-l-m-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-o-p-q-r-s-t-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-v-w-x-y-z-A-B-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-D-E-F-G-H-H-H-I-J-J-J-J-J-J-J-J-J-J-J-J-J-J-J-J-J-J-J-K-L-M-N-. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. O-P-Q-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-S-T-U-V-W-X-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Z-`- ;. .;+;@;#;D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-$;E-%;&;*;=;=;-;-;-;-;-;-;-;-;-;-;-;-;-;-;-;-;-;-;-;-;;;>;,;';. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. );!;~;{;R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-];^;/;(;_;:;<;W-X-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-[;};|;1;h . 2;3;4;D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-5;6;7;8;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;0;a;b;c;d;e;. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. f;g;h;R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-i;j;k;l;m;:;n;Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-o;p;q;. #. r;s;t;u;D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-v;6;6;6;w;x;y;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;0;z;A;A;c;B;C;D;. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . E;F;G;H;R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-];^;I;(;J;K;m;L;M;N;w-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-o;O;P;. * . % . Q;R;u;D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-S;T;6;6;6;6;U;V;W;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;0;X;b;A;A;Y;Z;`;. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. >.>Q-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-];+>@>#>K;K;K;K;$>%>&>*>Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-x-=>->. & . . & . ;>>>4;D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-}*,>'>6;6;6;6;7;)>y;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;0;!>b;A;A;A;~>{>]>^>. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . />(>Q-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-_>:><>J;K;K;K;m;L;[>N;w-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-}>|>1>. # . . . & . 2>u;3>4>D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-C-6;6;6;6;6;6;6;6;5>y;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;6>b;A;A;A;A;Y;7>8>. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . 9>0>R-R-R-R-R-R-R-R-R-R-R-R-R-R-];^;a>(;J;K;K;K;K;K;K;K;b>c>X-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-x-d>e>f>. ]@. . . . g>. h>3;i>D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-j>'>6;6;6;6;6;6;7;k>y;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;0;l>b;A;A;A;A;A;A;A;m>n>. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. o>p>h;R-R-R-R-R-R-R-R-R-R-R-R-q>r>s>#>K;K;K;K;K;K;t>u>v>w>Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Z-`-x>. #. . . . . /.. y>z>A>#;D-D-D-D-D-D-D-D-D-D-D-D-}*B>6;6;6;6;6;6;6;6;6;7;C>y;9;9;9;9;9;9;9;9;9;9;9;9;9;0;D>E>A;A;A;A;A;A;A;F>G>H>. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. I>J>K>{;R-R-R-R-R-R-R-R-R-R-];^;L>(;J;K;K;K;K;K;K;K;t>u>M>W-w-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-[;N>O>P>. * . . . . . . g>. Q>>>4;D-D-D-D-D-D-D-D-D-D-D-D-D-U;6;6;6;6;6;6;6;6;6;7;j>0;9;9;9;9;9;9;9;9;9;9;9;9;9;0;R>b;A;A;A;A;A;A;A;A;S>T>U>. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. V>P-Q-R-R-R-R-R-R-R-R-R-R-_>W>J;K;K;K;K;K;K;K;K;K;K;X>Y>X-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-[;Z>`>. # . . . . . . . . /.. ,.,+,D-D-D-D-D-D-D-D-D-D-D-@,6;6;6;6;6;6;6;6;6;6;6;7;#,y;9;9;9;9;9;9;9;9;9;9;9;0;$,b;A;A;A;A;A;A;A;A;A;c;%,&,N$. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3=*,=,-,R-R-R-R-R-R-R-R-];+>;,<>J;K;K;K;K;K;K;K;K;K;m;L;>,,,w-Y-Y-Y-Y-Y-Y-Y-Y-o;Z>',. & . . . . . . . . . $ . ),!,#;D-D-D-D-D-D-D-D-D-D-~,{,6;6;6;6;6;6;6;6;6;6;6;6;6;],y;9;9;9;9;9;9;9;9;9;9;0;^,b;A;A;A;A;A;A;A;A;A;A;Y;Z;/,. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . N*. (,_,H;R-R-R-R-R-R-R-];+>:,r-K;K;K;K;K;K;K;K;K;K;K;K;<,[,},*>Y-Y-Y-Y-Y-Y-Y-Y-Y-|,1,. & . . . . . . . . . . $ . 2,3,i>D-D-D-D-D-D-D-D-D-,>6;6;6;6;6;6;6;6;6;6;6;6;6;7;4,y;9;9;9;9;9;9;9;9;9;0;5,b;A;A;A;A;A;A;A;A;A;A;A;6,7,8,9,. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . N*. 0,a,Q-R-R-R-R-R-R-R-R-b,r-J;K;K;K;K;K;K;K;K;K;K;K;m;u>c,W-X-Y-Y-Y-Y-Y-Y-Z-`-d,. # . . . . . . . . . . . h . e,f,g,h,D-D-D-D-D-D-D-3>6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;7;i,y;9;9;9;9;9;9;9;9;y;j,b;A;A;A;A;A;A;A;A;A;A;A;A;S>T>k,. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . l,h;0>m,R-R-R-R-];^;n,(;J;K;K;K;K;K;K;K;K;K;K;K;K;K;K;$>o,W-X-Y-Y-Y-Y-p,q,r,s,. * . . . . . . . . . . . . g>. t,3;i>D-D-D-D-D-D-}*j>'>6;6;6;6;6;6;6;6;6;6;6;6;6;6;7;u,9;9;9;9;9;9;9;9;0;v,b;A;A;A;A;A;A;A;A;A;A;A;A;A;A;c;B;w,. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. x,g;h;R-R-R-R-i;y,z,#>K;K;K;K;K;K;K;K;K;K;K;K;K;K;t>:;A,*>Y-Y-Y-Y-Y-}>B,C,. # . . . . . . . . . . . . . * . D,E,F,u;D-D-D-D-}*B>6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;7;8-y;9;9;9;9;9;0;G,A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;c;H,I,# . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. J,K,L,H;R-R-];^;M,(;J;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;t>N,O,P,w-Y-Y-[;Q,R, #. . . . . . . . . . . . . . . . % . S,T,4;D-D-D-D-D-T;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;j>U,9;9;9;9;9;0;V,b;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;S>W,X,. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. Y,a,Q-R-];_>Z,#>K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;$>`, '*>Y-Y-[;.'+'. & . . . . . . . . . . . . . . . . & . @'T,4;D-D-}*,>'>6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;7;#'y;9;9;9;0;$'b;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;%'&'*'='. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. -'.>Q-R-_>;'<>J;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;m;L;>','w-}>p;''. & . . . . . . . . . . . . . . . . . & . )'!'D-D-D-C-E-6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;~'y;9;9;9;{'b;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;Y;]'^'. # . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . N*. /'('_'^;:'<>J;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;<'c>['Z-}'. & . . . . . . . . . . . . . . . . . . % . |'1'i>D-2'6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;7;$;y;9;0;3'b;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;4'5'. & . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. 6'7'8'9'0'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'b'c'd'e'f'g'. # . . . . . . . . . . . . . . . . . . . h . h'i'j'k'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'm'n';;;;o'c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;8,d;p'. h . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. q'r's't'u'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'u'w'x'y'z'. * . . . . . . . . . . . . . . . . . . . . g>. A'B'C'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'E'F'G'H'I'B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;J'K'L'. # . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. M'N'O'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'Q'R'S'T'. # . . . . . . . . . . . . . . . . . . . . . . . D;U'V'W'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'Y'Z'`' ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ).)+)@). . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@h g>N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*g>h * . . . . . . . . . . . . . . . . . . . . . . . . h h $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ & & & & & & & & & & & & & & & & & & & & & & & & & ]@E # . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. . . . . . . . . . . . . . . . . . . . . . . . . . . * . . . . . . . . . . . . . . . . . . . . . . . . . * * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * * * * * * * * * * * * * * * * * * * * * * * * * * * . . . . . . . . . . . . . . . . . . . . . . . . . . . . * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #)$)$)$)$)$). . . . . . . . . h $)$)$)$)$). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #)$)%)$)$)$)%)$)#). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $)h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . h . &)*)=)-);)>)$). . . . . . h . ,)')=)-)-)=))). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #)#). h !)~){)])^)/)()_):). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . %). <)[)})|)1)2)3). #). . . . $). 4)5)2)6)7)8). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #)h N*9)0)a)b)c)d)e)f)c)g)h)i). $). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h $)$). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . #). j)k)l)l)m)n)o). $). . . h . p)q)r)a)m)s)t). $). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #). u)v)b)1)w)h)x)y)z)A)B)C)D)E). $). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . h F)6)l)a)b)G). #). . . #). H)6)I)J)K)C)L). #). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #). M)N)1)h)O)P)=)Q)R)h %)S)T)U)V). h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . W)9)X)Y). #). . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . $). Z)`)O)J)r)N)S). h . . $). <) !O)l).!+!. . . . . . #)$)%)%)$)#). . . . . . . h h h h h . . h $)%)#). . . . h $)$)%)%)%)$)h . . . . . . h . @!#!2)$!%!!). h . . . . . . . h . . . h h . . . . $)$). . h h h . . . . . . . . . h h h . . . h h . . . . #)$)$)#). . . . . . . $). &!e) !*!. $)h . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . #). =!})J)K)l)-!;!. $). . . . >!|)l)O) !,!. $). . #)#). . . . . . #)$). . . . . . . . . . . #)h . . . . . $)#). . . . . . . . $)h . . . . #). '!b)h))!!!. %)$)h h . h h $)$). . . . . . . . #)h . . . . . . . h . . . . . . . h . . . . . . . . . . $)h . . . . #)$). . . . . #). v)|)l)~!. #). . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . h . %){!6)l)a)w)]!. $). #). 3)K)K)J)K)K)Y). #). #)h . ^!/!(!_!~)M)h . #). . . . :!^!)3!4!_!5!6!7!. #)h . . R). 8!6)K)9!0!. %). . . . . . . . . . . . #)a!b!%)h . c!d!-)e!%)f!a!g!h . . . . . . . #)a!c!f!#). h!b!g!#)#). i!j!H)-)k!h . #). . . #)f!. v)1)k)2!. f!c!$). . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . $). l!w)a)l)6)m!#). h $). 4!w)a)l)g)n!. h . $). o!p!O)q!n)n)n)r!s!d!. #). $). t!u!v!w!x!. 9)y!g)D)z!. i!A!B!N)2)b)w)w)n)|)C!D!)). h . $). E!1)q!l!. %). . . . . . . . . . . h . [!F!G!H!. I!{!h)})J!K!L!L!M!!). #). . . $). N!N)x)O!. . P!G!Q!R!. S!A)K)-!2)9!n!T!. #)R). U!x)V!W!k)K)X!Y!Z!N)`!. $). . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . $). *)6)l)J)K)k) ~. #)#). .~q!a)O) !1!. $)$). 9)K)w)K)9!k)K)m)J)q!+~`!. R)$). @~#~O)n)$~%~g)})&~q!*~. :!G!#~J)O)a)l)9!m)l)r)=~-~%). #). ;~x)r)r)U!. #). . . . . . . . . . . h . >~,~[)'~8!1)w)n)q!)~. !~n)~~{~. $). . . #). ]~ !#~^~. . {)e)J)L)4)[)f)k)O)1)g)6)n)i). i!. /~D)(~h)J)K)n)~~w)D)_~. %). . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . h . p)M!})I)O) !:~. i!. <~,~[~J)k)l)}~. %). |~6)[~m)[~g)x)1~q!K)9!r)a)2~. i!. 3~w)m)}){!m!6)m)W!b)4~. . 5~ !q!q!K)m)2)q!J)J)m)=~i). i!. U!h)h)M!p). h . . . . . . . . . . . h . f!6~w)p!8)=~7~]!*~~. R). %{&~g)F!#). %). 4!b)&{n~. $). . . . %). D!q!g)*{. $)#). G~q!k)={. #). . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . $). -{w)a)O)`)U). ;{[~K)a)1)s!. #). p)>{h)l)[~1~0),{z)z)'{Q!C)K)a)w)){. . P!f~O)l)g)z). $)%)$)#). #). |~v)a)n)w)1)1)[~J)K)a)w)^~. . !{q!|)T~. #). . . . . . . . . . . . h . a!6~2)a)Y). #). . . . h . ~{|)g){{. )). ^~q!q!i). $)%). 4!q!b)u~. %). . . . #). ]{h)6)^{. . R). G~q!k)={. #). . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . $). /!q!a)l)g)/{. ({ !_{a)w)4!. i!. :{9~C)J)K)C)6)2)2)2)6)r)a)a)m)q!_!. . P!f~O)a)<{J~. $). . . h . ()q!q!K)m)C)1)n)2)J)K)a)w)_!. . [{|)h)Z!)). h . . . . . . . . . . . h . a!6~6)G!~t~w)O)k)O):). $). K!&~C)J)J)[~b)q!q!q!q!b)w)w)1)D)4{. . P!f~O)a)w)5{. $). . $). 5!7)l)O)J)2{z~${6{7{6)l)a)w)4!. . 8{9!k)k)9{. #). . . . . . . . . . . h . a!6~6)G!K!. h . . . . h . 7!>{2)&~3{. 0{W!n)G). #). %). 4!2{n)D!. %). . . . #). J!&~|)a{i!. $). G~q!k)={. #). . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . #). b{n)a)l)|)`!%!|)O)1)c{. h h . [!1~[~l)r)#!^)d{5{5{5{5{5{5{])E!d!. . P!f~O)a)w)5{. $). h . ))6~})e{l)6){)i!$). {) !O)a)w)4!. %). f{})b){). %). . . . . . . . . . . h . a!6~6)G!K!. h . . . . . $). 3~q!q!g{. :~q!|)o~. $). %). 4!2{s)D!. %). . . . #). x~[~|)h{. h #). G~q!k)={. #). . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . $). #{n)a)l)2)B!y!r)O)`)(!. $). . . F!6)a)h)z~F~. h . . . . . . . . %). P!f~O)a)w)5{. $). #). i{r)J)l)6)j{%). p). k{`)_{a)w)4!. e!. l{w)l)m{8{. %). . . . . . . . . . h . a!6~6)G!K!. h . . . . . #). &)l)1),{. W~f~6~n{. h . %). 4!q!b)4~. %). . . . %). _~q!1)E!. $)#). o{q!k)={. #). . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . h . :{,~[~J)K)a)K)J)C)9!8{. #). $). '~ !O)a)q!O!)). h . . . . $)$)h %). P!f~O)a)w)5{. $). $). %~1)l)l)|)p{. . . i!i~6)l)a)w)4!. i!. >~X~[~|)s!e!. %)$)h h h h #)$)$). h . a!6~6)G!K!. h . . . . . . #). q{n)G!r{x)~~@~. $). . %). 4!b)h)D~s{#)#). . #)$). $~2)b)t{. $)#). ~{1)u{;{. $)h . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . #). G)b)a)K)k)K)a)q!T~. #). . #). L)[~J)J)l)q!V!i)v{H)w{x{z!c{:!. i!. P!f~O)a)w)5{. $). #). U~r)J)K)J)h)y{>~}~z{|)l)K)a)w)4!. %)$). A{b)O)g)n!k!. h . . . . . . . . h . a!6~6)G!K!. h . . . . . . $). {{b)l)B{a)r)C{. #). . %). 4!w)m)2{1!. #)h h #). ){|)D{C!>~. h #). E{g)|)/!. $). . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . $). F{w)a)K)K)K)a)w)5!. $). . . #). ()=~a)a)a)2)G{q!g)1)n)w)2{~!. )). P!f~O)a)w)5{. $). h . $)V!6)O)K)k)g)H{K)|)C)k)K)a)w)(!. %). $). l{ !K)})I{J{|~<~p)a!K{3{v{L{j!. . a!6~6)G!K!. h . . . . . . h . r~>{})M{g)e~. h . . . %). 4!`)9!})|)+{S). . n{,!C)a)#~){. $). %). +{s)r)h{b~h ;~%). . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . #). N{W!K)a)l)a)K)m)%{. #). . . . h . @~w)g)K)9!&~m)m)m)m)W!O{^~. g!. P{ !9!O)n)Q{. $). . $). 9) ![~O)O)m)J)k)g)#!a)K)9!w)g{. %). . R). R{S{n)$!b)})1~T{Z!>{W!6)D)4!. h a!M!2)S{V). h . . . . . . . $). {)w)&~n)U{. $). . . %). 4!n)r)V{1~[)W{X{v)#!1)h)~~@~. #). . #). H~g)K)[~1~D~L!8{. #). . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . #). |{Y{2)g)2)f)T~. #). . . . . . #). A!n!k)n) ! !f~ !b)K)L!Z{. `{. ]=~K)k)~~.]. $). . . #). +]W!`)w)w)w)})J{@]a)})K)c)]!. $). . . $). <~4~>{r)b)~~f)f)O{`)C)B)F{. . p)z~q!m)K!. h . . . . . . . #). x~[~h)>{7!. h . . . %). 4!2{w)#]9{$] ![)%]c)-!x)_~. #). . . . #). #]6)n)G{&]c)j). #). . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . h . 8{')=)-)=)*)m~. h . . . . . . h #). h 3)*]C~=]()l{-] ~i!. . h . @!;]H~H~d!N{. h . . . . #). :{){U)U)j~ ~. %)@]>]H~d!8{. h . . . . $)h . f!,]o)<)*~4~']V~U!r~. h . #)M)x~U~i!. . . . . . . . . %). )]|)b)D!. $). . . . %). 4!2{s) ]. 7!v{()]!+{-]>~. $). . . . . . h . @]D!z!{)V~r~. h . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $)h . . . . . . . . h h . . . . . . . . . . . . . . . . $). . . . . . #)h . . . . . . . . . . . . #)$). . . . . . . . . . h . . . . . . . . . . . . . . . #). <~B)|)B)W). h . . . . %). 4!2{n)P!. i!. . . . . . $). . . . . . . . #). . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . #)$)$)$)$)$)h . . . . . . . . . . . . #)$)%)$)%)%)$)#). . . . . h #)#)#)#)h . . . . . . . . h %)$)$)%)#). . #)#)#)#)h . . . . . . . . . h #)%)%)$)$)%)$)#)h . . . . #)#)#). . . . . . . . %)h . !]6)n)#]. $). . . . . %). 4!2{n)P!. i!$)$)$)%)$)h . . . . . . . . . . #)%)$)%)s{]@. . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . p)~]|)&{/{i!. h . . . . . %). 4!2{n)P!. %). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . c!o~V!|)h)&~Y). #). . . . . . %). (!6)-!t). %). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $). ')#~r)q!,~U!. #). . . . . . . %). l{e)%]{]. %). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . F~S{|)]]^!. $). . . . . . . . $). l~^]n!3!. $). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . {{/]. h #). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #)#). . . . . . . . . . . . h #)#)h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $)#). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" ", -" "}; +/* XPM */ +static const char *VeraCryptIcon256x256[] = { +"256 256 1770 2", +" c None", +". c #FFFFFF", +"+ c #FCFEFF", +"@ c #FBFEFE", +"# c #FCFEFE", +"$ c #FDFEFD", +"% c #FCFEFD", +"& c #FDFEFE", +"* c #FEFFFF", +"= c #9DDEEF", +"- c #7DD3EB", +"; c #85D6EB", +"> c #83D5EB", +", c #7CD2EA", +"' c #B1E3F2", +") c #FDFEFF", +"! c #C4E6DC", +"~ c #B2DDCF", +"{ c #B6DFD2", +"] c #B5DFD2", +"^ c #B3DED1", +"/ c #BDE2D5", +"( c #CBE7DD", +"_ c #CAE7DC", +": c #CAE6DC", +"< c #CFE9DF", +"[ c #96DAEE", +"} c #009FD3", +"| c #03A6D6", +"1 c #00A5D5", +"2 c #01A6D5", +"3 c #00A2D3", +"4 c #13A7D4", +"5 c #DFF3F9", +"6 c #D9EFE9", +"7 c #4CB697", +"8 c #5DBA9C", +"9 c #61BA9D", +"0 c #60BA9D", +"a c #77C2A9", +"b c #8BCAB3", +"c c #8FCBB5", +"d c #8ECBB5", +"e c #90CCB6", +"f c #86C8B0", +"g c #C2E3D7", +"h c #FEFEFE", +"i c #47C0E2", +"j c #00A8D7", +"k c #0FADDA", +"l c #0CACD9", +"m c #0CADD9", +"n c #15AAD6", +"o c #00A0D0", +"p c #62C5E2", +"q c #7DCAB4", +"r c #48B596", +"s c #62BEA2", +"t c #6FC0A6", +"u c #6DC0A6", +"v c #6EC0A6", +"w c #6CBFA5", +"x c #7AC5AC", +"y c #88C9B3", +"z c #8ACAB4", +"A c #98D0BB", +"B c #99D0BC", +"C c #95CEB9", +"D c #A5D6C4", +"E c #FAFDFC", +"F c #C6ECF6", +"G c #05AAD7", +"H c #09ABD8", +"I c #08ABD8", +"J c #0AA9D6", +"K c #0EA6D3", +"L c #0FA7D3", +"M c #07A3D2", +"N c #C2E8F4", +"O c #C0E5DB", +"P c #48B595", +"Q c #54BA9C", +"R c #52B99B", +"S c #66BEA2", +"T c #6CBFA4", +"U c #6BBFA4", +"V c #6ABFA4", +"W c #6EC0A5", +"X c #84C8B0", +"Y c #86C8B1", +"Z c #84C8B1", +"` c #90CCB7", +" . c #97CFBB", +".. c #96CFBA", +"+. c #97D0BB", +"@. c #D9EEE6", +"#. c #67CBE7", +"$. c #0DA7D4", +"%. c #11A7D4", +"&. c #03A2D1", +"*. c #41B9DC", +"=. c #F6FBFA", +"-. c #67C2A7", +";. c #4DB798", +">. c #50B99A", +",. c #59BB9D", +"'. c #69BFA3", +"). c #7CC5AD", +"!. c #87C9B2", +"~. c #85C8B1", +"{. c #95CEBA", +"]. c #91CCB7", +"^. c #B0DBCB", +"/. c #FEFFFE", +"(. c #E2F5FB", +"_. c #17AFDA", +":. c #05AAD8", +"<. c #0BA9D6", +"[. c #12A7D4", +"}. c #9FDBED", +"|. c #A6DBCB", +"1. c #46B494", +"2. c #55BA9D", +"3. c #51B99A", +"4. c #63BDA1", +"5. c #6DBFA5", +"6. c #6ABEA3", +"7. c #71C1A7", +"8. c #8DCBB5", +"9. c #94CEB9", +"0. c #E7F4EF", +"a. c #8CD8ED", +"b. c #09AAD7", +"c. c #10A7D3", +"d. c #08A4D2", +"e. c #25AED7", +"f. c #EEF9FC", +"g. c #E5F4F0", +"h. c #57BB9E", +"i. c #51B89A", +"j. c #53B99B", +"k. c #51B99B", +"l. c #55BA9C", +"m. c #7FC6AE", +"n. c #86C8B2", +"o. c #97CFBA", +"p. c #8FCCB5", +"q. c #BFE2D5", +"r. c #F7FDFE", +"s. c #30B8DE", +"t. c #0AACD8", +"u. c #0CA8D5", +"v. c #12A8D4", +"w. c #7ACEE7", +"x. c #8CD0BC", +"y. c #47B595", +"z. c #5FBCA0", +"A. c #69BEA3", +"B. c #75C3A9", +"C. c #87C8B2", +"D. c #9CD2BE", +"E. c #F4FAF8", +"F. c #B0E4F3", +"G. c #00A7D6", +"H. c #0BACD8", +"I. c #0FA6D3", +"J. c #0DA5D3", +"K. c #10A7D4", +"L. c #D4EFF7", +"M. c #D0ECE4", +"N. c #4CB798", +"O. c #53BA9C", +"P. c #68BEA3", +"Q. c #83C7B0", +"R. c #91CDB8", +"S. c #8FCCB6", +"T. c #50C3E3", +"U. c #00A6D6", +"V. c #0BACD9", +"W. c #00A1D0", +"X. c #56C0E0", +"Y. c #74C7AF", +"Z. c #4AB697", +"`. c #5BBB9E", +" + c #79C4AB", +".+ c #92CDB7", +"++ c #A7D7C5", +"@+ c #D1EFF8", +"#+ c #0BABD8", +"$+ c #07ABD8", +"%+ c #04A2D1", +"&+ c #B6E4F2", +"*+ c #B7E2D5", +"=+ c #47B594", +"-+ c #65BEA2", +";+ c #6ABFA3", +">+ c #6FC1A6", +",+ c #91CDB7", +"'+ c #DEF0EA", +")+ c #74CFE9", +"!+ c #36B5DA", +"~+ c #F9FDFE", +"{+ c #F2F9F7", +"]+ c #61BFA3", +"^+ c #4EB899", +"/+ c #53B99C", +"(+ c #57BA9D", +"_+ c #7DC6AD", +":+ c #86C9B1", +"<+ c #B5DDCE", +"[+ c #EBF8FC", +"}+ c #1FB2DB", +"|+ c #03A9D7", +"1+ c #0BA8D5", +"2+ c #93D7EB", +"3+ c #9DD7C6", +"4+ c #50B99B", +"5+ c #62BDA1", +"6+ c #72C1A8", +"7+ c #86C9B2", +"8+ c #8CCBB5", +"9+ c #95CFBA", +"0+ c #ECF6F2", +"a+ c #99DCEF", +"b+ c #00A6D5", +"c+ c #0AA5D2", +"d+ c #1DACD6", +"e+ c #E6F6FA", +"f+ c #DEF2EC", +"g+ c #80C6AF", +"h+ c #93CEB8", +"i+ c #C5E4D9", +"j+ c #FDFFFF", +"k+ c #3BBCE0", +"l+ c #6DC9E4", +"m+ c #83CDB7", +"n+ c #5EBC9F", +"o+ c #76C3AA", +"p+ c #89CAB3", +"q+ c #A0D4C0", +"r+ c #F7FBFA", +"s+ c #BDE9F5", +"t+ c #02A8D7", +"u+ c #09ACD8", +"v+ c #0BA5D2", +"w+ c #CAEBF5", +"x+ c #C8E8DF", +"y+ c #4AB596", +"z+ c #67BEA3", +"A+ c #6DC0A5", +"B+ c #D4EBE3", +"C+ c #5DC8E5", +"D+ c #01A1D1", +"E+ c #4BBCDE", +"F+ c #6DC4AA", +"G+ c #5ABB9E", +"H+ c #7AC4AC", +"I+ c #ACD9C9", +"J+ c #DBF3F9", +"K+ c #11AED9", +"L+ c #06AAD8", +"M+ c #A9DFEF", +"N+ c #AEDED0", +"O+ c #64BDA2", +"P+ c #70C1A6", +"Q+ c #8DCCB6", +"R+ c #E4F3ED", +"S+ c #2DB2D9", +"T+ c #F3FBFD", +"U+ c #EBF7F3", +"V+ c #5BBDA0", +"W+ c #4FB89A", +"X+ c #56BA9D", +"Y+ c #7EC6AE", +"Z+ c #BAE0D2", +"`+ c #29B5DD", +" @ c #01A8D7", +".@ c #86D2E9", +"+@ c #93D3C0", +"@@ c #47B494", +"#@ c #60BCA0", +"$@ c #74C2A8", +"%@ c #8BCBB4", +"&@ c #95CFB9", +"*@ c #9AD0BC", +"=@ c #F1F8F5", +"-@ c #A7E1F1", +";@ c #0CA5D3", +">@ c #15A9D4", +",@ c #DCF2F9", +"'@ c #D7EFE8", +")@ c #4FB799", +"!@ c #53BA9B", +"~@ c #82C7AF", +"{@ c #92CDB8", +"]@ c #FEFEFF", +"^@ c #48C0E2", +"/@ c #60C4E2", +"(@ c #7BCAB2", +"_@ c #49B596", +":@ c #5CBC9F", +"<@ c #78C4AB", +"[@ c #93CDB8", +"}@ c #A4D5C3", +"|@ c #C9ECF6", +"1@ c #0AAAD7", +"2@ c #C0E8F3", +"3@ c #BFE5D9", +"4@ c #90CDB7", +"5@ c #91CDB6", +"6@ c #DAEEE7", +"7@ c #6ACCE7", +"8@ c #00A0D1", +"9@ c #12A7D3", +"0@ c #40B8DC", +"a@ c #F6FBF9", +"b@ c #66C1A6", +"c@ c #55B99B", +"d@ c #7BC5AC", +"e@ c #85C8B2", +"f@ c #87C9B3", +"g@ c #83C7AF", +"h@ c #B2DCCD", +"i@ c #E5F5FA", +"j@ c #26A3D4", +"k@ c #159CD1", +"l@ c #1A9DD1", +"m@ c #199DD1", +"n@ c #1C9FD2", +"o@ c #0C94CE", +"p@ c #A5D1EB", +"q@ c #98D8C8", +"r@ c #37B291", +"s@ c #4AB89B", +"t@ c #46B799", +"u@ c #47B79A", +"v@ c #41B596", +"w@ c #5BBFA4", +"x@ c #E6F4F0", +"y@ c #ECF7F3", +"z@ c #EAF6F2", +"A@ c #EBF6F2", +"B@ c #EAF5F2", +"C@ c #96D1EA", +"D@ c #0B95CE", +"E@ c #1E9ED2", +"F@ c #1A9CD1", +"G@ c #1B9DD1", +"H@ c #1C8ECD", +"I@ c #3796D1", +"J@ c #EEF7FB", +"K@ c #E0F3EF", +"L@ c #37B597", +"M@ c #38B495", +"N@ c #45B79A", +"O@ c #43B799", +"P@ c #44B799", +"Q@ c #47B89A", +"R@ c #38B392", +"S@ c #B6E3D7", +"T@ c #F9FCFE", +"U@ c #3FACD9", +"V@ c #1198CF", +"W@ c #1C9DD1", +"X@ c #1D97D0", +"Y@ c #278ECE", +"Z@ c #1385CA", +"`@ c #84C0E3", +" # c #FCFDFE", +".# c #77CCB8", +"+# c #26AE8D", +"@# c #36B496", +"## c #41B698", +"$# c #45B799", +"%# c #46B89A", +"&# c #3BB394", +"*# c #6DC7B0", +"=# c #B7E0F0", +"-# c #0F97CF", +";# c #228FCE", +"># c #248DCD", +",# c #228DCD", +"'# c #258ECD", +")# c #D7EAF6", +"!# c #C8EAE2", +"~# c #2CB090", +"{# c #35B495", +"]# c #32B394", +"^# c #37B496", +"/# c #3FB596", +"(# c #D1EDE6", +"_# c #5DB9DF", +":# c #0D96CE", +"<# c #1D9DD2", +"[# c #1E95CF", +"}# c #248CCD", +"|# c #238DCD", +"1# c #268FCE", +"2# c #1686CA", +"3# c #63AEDC", +"4# c #5BC2AA", +"5# c #2AB08F", +"6# c #33B394", +"7# c #3EB697", +"8# c #47B89B", +"9# c #38B292", +"0# c #87D1BD", +"a# c #D5EDF7", +"b# c #199BD1", +"c# c #1B9CD1", +"d# c #1B9AD0", +"e# c #238ECD", +"f# c #1988CB", +"g# c #BADBEF", +"h# c #AADFD3", +"i# c #42B698", +"j# c #4CBA9D", +"k# c #E6F6F2", +"l# c #7FC8E5", +"m# c #0A95CE", +"n# c #1F93CF", +"o# c #1B89CB", +"p# c #469FD5", +"q# c #EEF9F6", +"r# c #44B99D", +"s# c #2FB192", +"t# c #34B395", +"u# c #3CB597", +"v# c #37B292", +"w# c #A4DCCD", +"x# c #EEF8FB", +"y# c #2EA5D5", +"z# c #159AD0", +"A# c #1C99D0", +"B# c #278FCE", +"C# c #1485CA", +"D# c #99CAE8", +"E# c #8AD3C2", +"F# c #25AE8D", +"G# c #34B394", +"H# c #3EB496", +"I# c #5EC1A7", +"J# c #F7FCFB", +"K# c #A2D7EC", +"L# c #0C96CE", +"M# c #2191CE", +"N# c #248ECD", +"O# c #208BCC", +"P# c #3094D0", +"Q# c #E7F3FA", +"R# c #D8F0EB", +"S# c #39B496", +"T# c #3AB394", +"U# c #BFE7DC", +"V# c #4AB1DA", +"W# c #238CCD", +"X# c #78B9E1", +"Y# c #6DC8B3", +"Z# c #27AF8E", +"`# c #40B698", +" $ c #3AB393", +".$ c #76CAB4", +"+$ c #C3E5F3", +"@$ c #1399D0", +"#$ c #1A9BD1", +"$$ c #CEE5F4", +"%$ c #BDE6DD", +"&$ c #29AF8F", +"*$ c #37B495", +"=$ c #43B798", +"-$ c #D8F0EA", +";$ c #69BEE1", +">$ c #0B96CE", +",$ c #1F94CF", +"'$ c #268ECE", +")$ c #1887CA", +"!$ c #59A9D9", +"~$ c #F8FCFC", +"{$ c #52BEA5", +"]$ c #91D4C3", +"^$ c #DFF1F9", +"/$ c #229FD3", +"($ c #189BD1", +"_$ c #1786CA", +":$ c #AED5ED", +"<$ c #9FDBCD", +"[$ c #25AE8C", +"}$ c #40B697", +"|$ c #51BCA0", +"1$ c #EDF8F6", +"2$ c #8DCEE8", +"3$ c #2092CE", +"4$ c #1C89CB", +"5$ c #3E9BD3", +"6$ c #F3F9FC", +"7$ c #E7F6F3", +"8$ c #3DB69A", +"9$ c #30B293", +"0$ c #3BB596", +"a$ c #ADDFD2", +"b$ c #F4FAFD", +"c$ c #38A9D7", +"d$ c #1C98D0", +"e$ c #1385C9", +"f$ c #8EC5E5", +"g$ c #7FCFBD", +"h$ c #3DB495", +"i$ c #65C4AB", +"j$ c #AEDCEF", +"k$ c #0E97CE", +"l$ c #2190CE", +"m$ c #218CCD", +"n$ c #2990CE", +"o$ c #DEEEF8", +"p$ c #CFEDE6", +"q$ c #38B496", +"r$ c #3CB495", +"s$ c #C8EAE1", +"t$ c #55B5DD", +"u$ c #1E96CF", +"v$ c #1586CA", +"w$ c #6DB3DE", +"x$ c #63C5AE", +"y$ c #36B495", +"z$ c #3FB697", +"A$ c #39B393", +"B$ c #7FCDB9", +"C$ c #CEEAF5", +"D$ c #189BD0", +"E$ c #1B9BD1", +"F$ c #228ECD", +"G$ c #C4E0F1", +"H$ c #B3E2D7", +"I$ c #27AE8E", +"J$ c #E0F3EE", +"K$ c #75C4E3", +"L$ c #258ECE", +"M$ c #4EA3D7", +"N$ c #F3FAF9", +"O$ c #4ABBA0", +"P$ c #2DB191", +"Q$ c #3DB597", +"R$ c #9BD8C9", +"S$ c #E8F5FA", +"T$ c #29A2D4", +"U$ c #169AD0", +"V$ c #1C9AD0", +"W$ c #A3CFEA", +"X$ c #94D7C8", +"Y$ c #58BEA4", +"Z$ c #F3FAF8", +"`$ c #99D3EB", +" % c #1E9DD2", +".% c #1E8BCC", +"+% c #3697D1", +"@% c #EDF6FB", +"#% c #DEF3EE", +"$% c #32B293", +"%% c #3AB596", +"&% c #B6E3D8", +"*% c #FAFDFE", +"=% c #42ADD9", +"-% c #1099CF", +";% c #1F98D0", +">% c #82BEE3", +",% c #75CAB6", +"'% c #26AD8C", +")% c #36B395", +"!% c #33B293", +"~% c #43B698", +"{% c #3BB393", +"]% c #6EC7B0", +"^% c #BBE2F1", +"/% c #1098CF", +"(% c #2491CE", +"_% c #D5E9F6", +":% c #C7ECE4", +"<% c #2DB595", +"[% c #36B899", +"}% c #34B898", +"|% c #33B898", +"1% c #39B99A", +"2% c #43B99A", +"3% c #D1EDE5", +"4% c #64B2DC", +"5% c #1883C8", +"6% c #288DCC", +"7% c #258BCB", +"8% c #1884C9", +"9% c #63ABD9", +"0% c #55AD97", +"a% c #249778", +"b% c #2F9C80", +"c% c #2D9B7E", +"d% c #309C80", +"e% c #229576", +"f% c #70BEA9", +"g% c #D9E9F5", +"h% c #2A87C7", +"i% c #2785C7", +"j% c #2986C7", +"k% c #2886C7", +"l% c #2B88C8", +"m% c #1875BC", +"n% c #B7D3E9", +"o% c #A7DCE2", +"p% c #1A817C", +"q% c #236047", +"r% c #20644D", +"s% c #20634B", +"t% c #21624B", +"u% c #1E654D", +"v% c #3A9D82", +"w% c #E2F3EF", +"x% c #88BCE0", +"y% c #197EC3", +"z% c #2C88C8", +"A% c #2887C8", +"B% c #2883C4", +"C% c #1772B9", +"D% c #438DC6", +"E% c #F8FBFD", +"F% c #EDF7F8", +"G% c #3EABB4", +"H% c #29A4AD", +"I% c #257462", +"J% c #21654C", +"K% c #216951", +"L% c #216850", +"M% c #20644C", +"N% c #2D8A6E", +"O% c #219D7C", +"P% c #78C0AC", +"Q% c #F0F6FB", +"R% c #3C91CD", +"S% c #2383C6", +"T% c #2987C7", +"U% c #2179BD", +"V% c #2379BD", +"W% c #116EB7", +"X% c #97C0E0", +"Y% c #85CBD0", +"Z% c #1E9DA6", +"`% c #31A9B4", +" & c #2A9494", +".& c #21654B", +"+& c #21674F", +"@& c #20654D", +"#& c #247258", +"$& c #30A082", +"%& c #309F82", +"&& c #299D7E", +"*& c #CCE7E0", +"=& c #A8CEE8", +"-& c #1B7FC4", +";& c #2987C8", +">& c #247FC2", +",& c #1F76BB", +"'& c #2178BD", +")& c #1D75BB", +"!& c #2C7EC0", +"~& c #E5EFF7", +"{& c #D5EDEF", +"]& c #2CA4AD", +"^& c #2DA4AD", +"/& c #2DA3AC", +"(& c #2EA8B2", +"_& c #257C6E", +":& c #206349", +"<& c #21684F", +"[& c #2B9074", +"}& c #30A284", +"|& c #319F82", +"1& c #259A7B", +"2& c #5EB59E", +"3& c #56A0D3", +"4& c #1E80C4", +"5& c #2B87C8", +"6& c #2784C6", +"7& c #2078BC", +"8& c #2077BC", +"9& c #2479BD", +"0& c #116EB8", +"a& c #74AAD5", +"b& c #67BDC4", +"c& c #219FA8", +"d& c #30A5AE", +"e& c #2DA6B0", +"f& c #2C9CA0", +"g& c #216851", +"h& c #21674E", +"i& c #20634C", +"j& c #267A60", +"k& c #2F9E80", +"l& c #2F9F81", +"m& c #32A083", +"n& c #23997A", +"o& c #B1DBD0", +"p& c #C8E0F1", +"q& c #2283C5", +"r& c #237CC0", +"s& c #2076BB", +"t& c #1C74BB", +"u& c #CBDFEF", +"v& c #BAE1E4", +"w& c #239FA9", +"x& c #2FA5AE", +"y& c #2DA3AB", +"z& c #2EA8B4", +"A& c #27857C", +"B& c #206348", +"C& c #21664F", +"D& c #216950", +"E& c #2D987B", +"F& c #30A183", +"G& c #31A082", +"H& c #299C7D", +"I& c #47AA90", +"J& c #73B0DB", +"K& c #1A7EC3", +"L& c #2683C5", +"M& c #1570B8", +"N& c #5597CC", +"O& c #4CB1B9", +"P& c #26A1AA", +"Q& c #2DA5AE", +"R& c #2DA2AA", +"S& c #226E5A", +"T& c #216750", +"U& c #288369", +"V& c #30A385", +"W& c #33A183", +"X& c #209878", +"Y& c #95CEBF", +"Z& c #E1EEF7", +"`& c #308AC9", +" * c #2685C6", +".* c #227BBE", +"+* c #136FB8", +"@* c #ACCCE6", +"#* c #9BD4D8", +"$* c #1F9EA7", +"%* c #30A6AE", +"&* c #2EA8B3", +"** c #298F8C", +"=* c #236F56", +"-* c #309F81", +";* c #2D9E80", +">* c #36A285", +",* c #E2F2ED", +"'* c #95C3E3", +")* c #197DC3", +"!* c #2581C3", +"~* c #2278BC", +"{* c #1973BA", +"]* c #3A87C4", +"^* c #F3F7FB", +"/* c #E5F4F5", +"(* c #37A8B1", +"_* c #2AA3AC", +":* c #2EA4AD", +"<* c #247665", +"[* c #20644A", +"}* c #2A8D71", +"|* c #30A384", +"1* c #32A183", +"2* c #229979", +"3* c #77C0AD", +"4* c #F6FAFC", +"5* c #4596CE", +"6* c #2182C5", +"7* c #106DB7", +"8* c #8BB8DC", +"9* c #7BC6CB", +"0* c #2EA7B1", +"a* c #2B9799", +"b* c #21664D", +"c* c #25775D", +"d* c #30A283", +"e* c #CAE7DF", +"f* c #B4D5EC", +"g* c #1C80C4", +"h* c #247EC1", +"i* c #2177BC", +"j* c #1E76BB", +"k* c #257ABE", +"l* c #DCEAF4", +"m* c #CDE9EB", +"n* c #28A2AB", +"o* c #267F73", +"p* c #2D9678", +"q* c #2F9E81", +"r* c #31A083", +"s* c #5DB49D", +"t* c #61A6D6", +"u* c #1C7FC4", +"v* c #2887C7", +"w* c #126EB8", +"x* c #68A3D2", +"y* c #5DB9C0", +"z* c #2DA4AC", +"A* c #2DA5AF", +"B* c #2C9FA4", +"C* c #226A54", +"D* c #21664E", +"E* c #278065", +"F* c #239979", +"G* c #AFDACE", +"H* c #D2E6F3", +"I* c #2685C7", +"J* c #227CC0", +"K* c #2278BD", +"L* c #1772BA", +"M* c #C1D9EC", +"N* c #FDFDFE", +"O* c #AFDCE0", +"P* c #209EA8", +"Q* c #278882", +"R* c #226C54", +"S* c #2E9C7E", +"T* c #2FA082", +"U* c #46AA8F", +"V* c #80B7DE", +"W* c #2682C4", +"X* c #1671B9", +"Y* c #4B91C9", +"Z* c #F2FAFA", +"`* c #44AEB6", +" = c #27A1AB", +".= c #23715E", +"+= c #20654B", +"@= c #2A8A6E", +"#= c #94CDBE", +"$= c #EBF3FA", +"%= c #378ECB", +"&= c #2484C6", +"*= c #227ABE", +"== c #A0C5E2", +"-= c #8FCFD3", +";= c #1E9DA7", +">= c #31A6AE", +",= c #2A9291", +"'= c #24735A", +")= c #35A285", +"!= c #E1F1ED", +"~= c #A0CAE6", +"{= c #2580C2", +"]= c #2178BC", +"^= c #1B74BB", +"/= c #3282C2", +"(= c #ECF4F9", +"_= c #DDF0F2", +":= c #31A6AF", +"<= c #2CA3AC", +"[= c #2EA7B2", +"}= c #24796A", +"|= c #20634A", +"1= c #2C9376", +"2= c #77C0AC", +"3= c #FBFDFE", +"4= c #4E9BD1", +"5= c #1F81C5", +"6= c #2A87C8", +"7= c #2885C6", +"8= c #2078BD", +"9= c #7FB1D9", +"0= c #70C1C7", +"a= c #2EA6B1", +"b= c #2B9A9D", +"c= c #267C62", +"d= c #C0DCEF", +"e= c #247DC1", +"f= c #1F77BC", +"g= c #D3E4F2", +"h= c #C3E5E8", +"i= c #25A0AA", +"j= c #268379", +"k= c #226A52", +"l= c #2E9A7C", +"m= c #6BACD8", +"n= c #1B7EC4", +"o= c #2783C5", +"p= c #5E9DCF", +"q= c #54B5BC", +"r= c #24A0AA", +"s= c #2CA1A8", +"t= c #226D57", +"u= c #29866B", +"v= c #DBEBF6", +"w= c #227BBF", +"x= c #2279BD", +"y= c #1570B9", +"z= c #B5D2E9", +"A= c #F9FCFD", +"B= c #A4D8DC", +"C= c #1F9EA8", +"D= c #288C88", +"E= c #237058", +"F= c #8CBEE1", +"G= c #2C89C9", +"H= c #2681C3", +"I= c #1872BA", +"J= c #418BC6", +"K= c #EBF6F7", +"L= c #3CABB3", +"M= c #29A2AC", +"N= c #2EA5AD", +"O= c #247462", +"P= c #21654E", +"Q= c #2B8F73", +"R= c #F1F7FB", +"S= c #3F93CD", +"T= c #237ABE", +"U= c #2076BC", +"V= c #92BDDE", +"W= c #81C7CE", +"X= c #1E9EA7", +"Y= c #2A9696", +"Z= c #216149", +"`= c #25795F", +" - c #2EA283", +".- c #2E9D7F", +"+- c #35A284", +"@- c #FBFDFD", +"#- c #ADD1EA", +"$- c #1778BE", +"%- c #2179BC", +"&- c #1B75BB", +"*- c #3282C3", +"=- c #BADDE8", +"-- c #31A7AE", +";- c #2BA4AD", +">- c #2DA5AD", +",- c #2FA8B2", +"'- c #217D70", +")- c #319778", +"!- c #36A588", +"~- c #35A185", +"{- c #30A083", +"]- c #568DC5", +"^- c #1D66B0", +"/- c #2A6FB5", +"(- c #276DB4", +"_- c #286EB4", +":- c #2569B3", +"<- c #2381A2", +"[- c #2F9FAF", +"}- c #2E9BAE", +"|- c #2E9CAE", +"1- c #309DAE", +"2- c #2899AE", +"3- c #55AEB4", +"4- c #409C7E", +"5- c #339579", +"6- c #35967A", +"7- c #2D9375", +"8- c #2B9274", +"9- c #2B9174", +"0- c #2B9073", +"a- c #5FAE98", +"b- c #65B49F", +"c- c #64B39E", +"d- c #65B39E", +"e- c #60B19B", +"f- c #59AE97", +"g- c #5AAE97", +"h- c #5CAF98", +"i- c #50AA92", +"j- c #97D4C6", +"k- c #CAD9EB", +"l- c #2564AE", +"m- c #2C69B1", +"n- c #2B68B0", +"o- c #2B68AF", +"p- c #2C68B4", +"q- c #22679E", +"r- c #0C6578", +"s- c #2B90A9", +"t- c #3099B1", +"u- c #2F97AF", +"v- c #3097AF", +"w- c #2E97AE", +"x- c #3098AF", +"y- c #E8F3F9", +"z- c #81BBA8", +"A- c #188364", +"B- c #2C8D70", +"C- c #2A8C6F", +"D- c #2A8D70", +"E- c #278769", +"F- c #1E8767", +"G- c #239476", +"H- c #239375", +"I- c #249476", +"J- c #259476", +"K- c #269375", +"L- c #229C7D", +"M- c #28AC8E", +"N- c #D8EFEA", +"O- c #769FCD", +"P- c #1C5FAC", +"Q- c #2D6BB2", +"R- c #2A69B1", +"S- c #2969B0", +"T- c #126783", +"U- c #0A6275", +"V- c #18768C", +"W- c #319BB2", +"X- c #2F97AE", +"Y- c #2F98AF", +"Z- c #339AB0", +"`- c #2091A9", +" ; c #8FC7D3", +".; c #E6F2EF", +"+; c #379479", +"@; c #278B6E", +"#; c #2B8E71", +"$; c #298C6E", +"%; c #298768", +"&; c #2E9578", +"*; c #319B7F", +"=; c #319A7E", +"-; c #309A7D", +";; c #309B7E", +">; c #30AD91", +",; c #1FA889", +"'; c #68C4AF", +"); c #E3EBF5", +"!; c #326FB4", +"~; c #2867B0", +"{; c #2B6AB1", +"]; c #2A69B0", +"^; c #2C69B5", +"/; c #1C6797", +"(; c #0B6576", +"_; c #0E657B", +":; c #0B6378", +"<; c #268AA1", +"[; c #3199B0", +"}; c #2995AD", +"|; c #45A3B8", +"1; c #F2F9FA", +"2; c #9ECBBE", +"3; c #1B8566", +"4; c #2D8F72", +"5; c #28886A", +"6; c #278768", +"7; c #278667", +"8; c #288A6B", +"9; c #2E997C", +"0; c #2E987B", +"a; c #2DA487", +"b; c #2BAD90", +"c; c #2DAD90", +"d; c #21A889", +"e; c #BBE4DB", +"f; c #97B6D9", +"g; c #1B5EAC", +"h; c #2E6CB2", +"i; c #2B69B2", +"j; c #2768AB", +"k; c #0E657C", +"l; c #0D6579", +"m; c #0E667B", +"n; c #136F84", +"o; c #3299B0", +"p; c #2292AA", +"q; c #AFD8E0", +"r; c #FAFCFB", +"s; c #4DA088", +"t; c #22896A", +"u; c #2C8E71", +"v; c #298B6D", +"w; c #278666", +"x; c #2B9173", +"y; c #2E9A7D", +"z; c #2D9C7F", +"A; c #2BAC8F", +"B; c #23A98B", +"C; c #4BB9A0", +"D; c #F8FCFB", +"E; c #F6F9FC", +"F; c #477EBC", +"G; c #2364AE", +"H; c #2C6AB2", +"I; c #18678E", +"J; c #0D657B", +"K; c #0D657A", +"L; c #0A6176", +"M; c #208399", +"N; c #329CB3", +"O; c #2593AB", +"P; c #5EAFC1", +"Q; c #BEDCD3", +"R; c #20886A", +"S; c #2A8D6F", +"T; c #278869", +"U; c #288869", +"V; c #2D977A", +"W; c #2E997D", +"X; c #2CA78A", +"Y; c #2FAD91", +"Z; c #1CA687", +"`; c #9BD8CA", +" > c #B6CCE4", +".> c #1F61AD", +"+> c #2C69B4", +"@> c #2368A4", +"#> c #0C6579", +"$> c #0C6479", +"%> c #0F697E", +"&> c #2D94AB", +"*> c #3099B0", +"=> c #2A95AD", +"-> c #CCE6EC", +";> c #69AF9A", +">> c #1D8667", +",> c #298A6C", +"'> c #278767", +")> c #2A8E70", +"!> c #2D9F82", +"~> c #2CAC90", +"{> c #28AB8E", +"]> c #36B095", +"^> c #E7F5F2", +"/> c #6391C6", +"(> c #1E61AD", +"_> c #2B69B3", +":> c #146687", +"<> c #0B6577", +"[> c #1C7A90", +"}> c #329AB0", +"|> c #2291AA", +"1> c #7BBECC", +"2> c #D9EBE5", +"3> c #298C6F", +"4> c #2B8D70", +"5> c #2D9578", +"6> c #2BA98C", +"7> c #1DA687", +"8> c #7BCCBA", +"9> c #D3E0EF", +"0> c #2968B0", +"a> c #1F689C", +"b> c #298FA5", +"c> c #319AB1", +"d> c #2C97AE", +"e> c #389DB2", +"f> c #E5F2F5", +"g> c #FCFDFD", +"h> c #89C0B0", +"i> c #2E8F72", +"j> c #28896A", +"k> c #298C6D", +"l> c #2DA285", +"m> c #27AB8D", +"n> c #CEECE5", +"o> c #82A7D1", +"p> c #1B5FAC", +"q> c #2A69B2", +"r> c #2969AE", +"s> c #10667F", +"t> c #0D667B", +"u> c #0B6277", +"v> c #167388", +"w> c #309AB1", +"x> c #9BCDD8", +"y> c #F0F7F5", +"z> c #3E987D", +"A> c #258A6C", +"B> c #298B6E", +"C> c #2B9375", +"D> c #2E9B7E", +"E> c #2BAB8E", +"F> c #2EAD90", +"G> c #20A88A", +"H> c #5DC0A9", +"I> c #ECF1F8", +"J> c #3974B7", +"K> c #2666B0", +"L> c #1B6794", +"M> c #24879E", +"N> c #2894AC", +"O> c #4DA7BB", +"P> c #F8FBFC", +"Q> c #A9D1C6", +"R> c #2CA588", +"S> c #2EAD91", +"T> c #1EA788", +"U> c #AFE0D5", +"V> c #A2BEDD", +"W> c #2668A9", +"X> c #0C6378", +"Y> c #126C81", +"Z> c #2492AB", +"`> c #B9DCE4", +" , c #57A58E", +"., c #208869", +"+, c #2D8E72", +"@, c #298A6D", +"#, c #2B9072", +"$, c #2D9D80", +"%, c #25AA8C", +"&, c #43B59C", +"*, c #5184BF", +"=, c #2163AE", +"-, c #2C6BB2", +";, c #16668B", +">, c #1F7F96", +",, c #319CB3", +"', c #68B4C5", +"), c #C9E2DB", +"!, c #24896C", +"~, c #2A8C70", +"{, c #278868", +"], c #2D9779", +"^, c #2CA88B", +"/, c #90D4C5", +"(, c #C2D4E9", +"_, c #2263AE", +":, c #2268A2", +"<, c #0D6479", +"[, c #0E677C", +"}, c #2B92A9", +"|, c #2E98AF", +"1, c #D5EAEF", +"2, c #74B5A2", +"3, c #1C8567", +"4, c #298D6F", +"5, c #2DA083", +"6, c #2CAC8F", +"7, c #29AB8E", +"8, c #30AE92", +"9, c #DEF2ED", +"0, c #6E98CA", +"a, c #1D60AC", +"b, c #126684", +"c, c #19788D", +"d, c #86C3D0", +"e, c #E2EFEB", +"f, c #329175", +"g, c #288C6E", +"h, c #2B8D71", +"i, c #2C9477", +"j, c #2BAA8D", +"k, c #70C7B3", +"l, c #DCE6F2", +"m, c #2B69B1", +"n, c #1E6799", +"o, c #278CA3", +"p, c #3099AF", +"q, c #2B96AD", +"r, c #3FA0B5", +"s, c #EDF6F8", +"t, c #96C7B8", +"u, c #288A6C", +"v, c #2DA386", +"w, c #C4E8E0", +"x, c #8EB0D6", +"y, c #2869AD", +"z, c #0F657E", +"A, c #157086", +"B, c #2191AA", +"C, c #A5D2DD", +"D, c #F6FAF9", +"E, c #479D83", +"F, c #23896B", +"G, c #2E9C7F", +"H, c #22A88A", +"I, c #53BCA4", +"J, c #F2F6FA", +"K, c #4179BA", +"L, c #2465AF", +"M, c #196791", +"N, c #0A6277", +"O, c #22849B", +"P, c #329BB3", +"Q, c #2694AC", +"R, c #56ABBE", +"S, c #B5D7CD", +"T, c #1E8768", +"U, c #2D987A", +"V, c #2CA689", +"W, c #1DA788", +"X, c #A4DBCF", +"Y, c #AEC5E1", +"Z, c #2468A7", +"`, c #106A80", +" ' c #2D95AC", +".' c #2794AC", +"+' c #C4E2E8", +"@' c #61AB95", +"#' c #2A8F70", +"$' c #2D9E81", +"%' c #2CAD90", +"&' c #27AA8D", +"*' c #3CB398", +"=' c #EDF8F5", +"-' c #5B8BC3", +";' c #156689", +">' c #1D7D93", +",' c #329BB2", +"'' c #72B9C9", +")' c #D2E7E1", +"!' c #288C6F", +"~' c #2D9679", +"{' c #2CA98C", +"]' c #1CA688", +"^' c #84CFBE", +"/' c #CCDBEC", +"(' c #2566B0", +"_' c #2A6AB0", +":' c #20689F", +"<' c #2A90A7", +"[' c #2D97AE", +"}' c #DEEEF2", +"|' c #80BBAA", +"1' c #1C8566", +"2' c #28896B", +"3' c #2DA184", +"4' c #2AAC8F", +"5' c #D5EFE9", +"6' c #79A1CE", +"7' c #1D5FAC", +"8' c #2F6CB2", +"9' c #136783", +"0' c #0E6679", +"a' c #0F667B", +"b' c #0F677C", +"c' c #0D6378", +"d' c #19768B", +"e' c #369DB4", +"f' c #2090A9", +"g' c #91C8D5", +"h' c #EBF4F1", +"i' c #38957A", +"j' c #278C6E", +"k' c #2D8D70", +"l' c #298869", +"m' c #288768", +"n' c #2D9477", +"o' c #2DAC8F", +"p' c #67C4AF", +"q' c #E5EDF5", +"r' c #346FB8", +"s' c #0F5F90", +"t' c #046072", +"u' c #056076", +"v' c #046075", +"w' c #045E74", +"x' c #168199", +"y' c #47A6BA", +"z' c #F2F8FA", +"A' c #A2CDC0", +"B' c #178263", +"C' c #228566", +"D' c #1F8363", +"E' c #1F8262", +"F' c #208666", +"G' c #279476", +"H' c #25A284", +"I' c #23AA8C", +"J' c #26AA8C", +"K' c #18A585", +"L' c #B3E1D7", +"M' c #A1BED9", +"N' c #2A768E", +"O' c #36808F", +"P' c #347E8F", +"Q' c #347F90", +"R' c #357D8E", +"S' c #308194", +"T' c #B5DBE3", +"U' c #66AC97", +"V' c #44977C", +"W' c #4B9B81", +"X' c #4A9A80", +"Y' c #4A987E", +"Z' c #4DA58C", +"`' c #4DBAA2", +" ) c #4DB9A1", +".) c #4FBAA2", +"+) c #46B69D", +"@) c #6DC5B1", +"#) c #FDFDFD", +"$) c #FCFCFC", +"%) c #FBFBFB", +"&) c #D5D5D5", +"*) c #C2C2C2", +"=) c #C6C6C6", +"-) c #C5C5C5", +";) c #C4C4C4", +">) c #CACACA", +",) c #E4E4E4", +"') c #C1C1C1", +")) c #F9F9F9", +"!) c #DBDBDA", +"~) c #A9A9A8", +"{) c #848483", +"]) c #747473", +"^) c #757573", +"/) c #767675", +"() c #8A8A89", +"_) c #ADADAC", +":) c #DEDEDE", +"<) c #858584", +"[) c #020200", +"}) c #171715", +"|) c #141412", +"1) c #121210", +"2) c #161614", +"3) c #D9D9D9", +"4) c #6E6E6C", +"5) c #040402", +"6) c #151513", +"7) c #0A0A07", +"8) c #3F3F3D", +"9) c #B1B1B0", +"0) c #4E4E4C", +"a) c #20201E", +"b) c #10100E", +"c) c #090907", +"d) c #060604", +"e) c #050503", +"f) c #070705", +"g) c #131311", +"h) c #181816", +"i) c #8F8F8E", +"j) c #D2D2D2", +"k) c #1C1C1A", +"l) c #1F1F1D", +"m) c #232321", +"n) c #0F0F0D", +"o) c #9F9F9E", +"p) c #F6F6F6", +"q) c #373736", +"r) c #191917", +"s) c #10100D", +"t) c #90908F", +"u) c #E3E3E2", +"v) c #565654", +"w) c #0E0E0C", +"x) c #30302E", +"y) c #444443", +"z) c #4C4C4B", +"A) c #424240", +"B) c #2E2E2C", +"C) c #1B1B19", +"D) c #000000", +"E) c #A6A6A6", +"F) c #434341", +"G) c #5E5E5D", +"H) c #C6C6C5", +"I) c #1E1E1D", +"J) c #1E1E1C", +"K) c #1D1D1B", +"L) c #D4D4D4", +"M) c #D6D6D5", +"N) c #2D2D2B", +"O) c #21211F", +"P) c #777776", +"Q) c #EFEFEE", +"R) c #FDFDFC", +"S) c #EDEDED", +"T) c #C5C5C4", +"U) c #7D7D7C", +"V) c #E6E6E5", +"W) c #EBEBEB", +"X) c #696968", +"Y) c #D8D8D8", +"Z) c #858583", +"`) c #0E0E0B", +" ! c #0D0D0B", +".! c #141411", +"+! c #494947", +"@! c #E8E8E7", +"#! c #31312F", +"$! c #171714", +"%! c #454543", +"&! c #5C5C5A", +"*! c #CDCDCD", +"=! c #C9C9C8", +"-! c #131310", +";! c #BABABA", +">! c #474746", +",! c #929291", +"'! c #646462", +")! c #464645", +"!! c #F3F3F2", +"~! c #D0D0D0", +"{! c #3E3E3C", +"]! c #7A7A79", +"^! c #E3E3E3", +"/! c #B3B3B2", +"(! c #9D9D9C", +"_! c #9B9B9A", +":! c #EFEFEF", +"~ c #F0F0F0", +",~ c #292927", +"'~ c #7B7B7A", +")~ c #D7D7D7", +"!~ c #4F4F4D", +"~~ c #0A0A08", +"{~ c #8C8C8A", +"]~ c #5B5B5A", +"^~ c #9E9E9D", +"/~ c #C0C0C0", +"(~ c #0C0C0B", +"_~ c #A3A3A2", +":~ c #9A9A99", +"<~ c #E8E8E8", +"[~ c #1A1A18", +"}~ c #DADADA", +"|~ c #C2C2C1", +"1~ c #2A2A28", +"2~ c #DBDBDB", +"3~ c #80807F", +"4~ c #828281", +"5~ c #686867", +"6~ c #373735", +"7~ c #424241", +"8~ c #ADADAD", +"9~ c #262624", +"0~ c #191916", +"a~ c #2C2C2B", +"b~ c #EAEAEA", +"c~ c #525251", +"d~ c #B8B8B7", +"e~ c #4F4F4E", +"f~ c #0C0C0A", +"g~ c #AAAAA9", +"h~ c #C1C1C0", +"i~ c #454544", +"j~ c #989897", +"k~ c #C0C0BF", +"l~ c #B5B5B4", +"m~ c #E5E5E4", +"n~ c #5A5A59", +"o~ c #B1B1B1", +"p~ c #11110E", +"q~ c #3B3B3A", +"r~ c #F4F4F4", +"s~ c #F0F0F1", +"t~ c #6B6B69", +"u~ c #898988", +"v~ c #A2A2A2", +"w~ c #DCDCDC", +"x~ c #CECECD", +"y~ c #555554", +"z~ c #343432", +"A~ c #A1A1A1", +"B~ c #6F6F6E", +"C~ c #919190", +"D~ c #444442", +"E~ c #30302F", +"F~ c #F1F1F0", +"G~ c #575756", +"H~ c #D1D1D0", +"I~ c #BBBBBA", +"J~ c #717170", +"K~ c #AFAFAF", +"L~ c #ACACAC", +"M~ c #C9C9C9", +"N~ c #EEEEEE", +"O~ c #E9E9E9", +"P~ c #646463", +"Q~ c #FFFFFE", +"R~ c #81817F", +"S~ c #767674", +"T~ c #595957", +"U~ c #D2D2D1", +"V~ c #A8A8A7", +"W~ c #565655", +"X~ c #323230", +"Y~ c #B9B9B9", +"Z~ c #5D5D5C", +"`~ c #161613", +" { c #B0B0B0", +".{ c #DCDCDB", +"+{ c #868685", +"@{ c #6C6C6A", +"#{ c #ACACAB", +"${ c #656564", +"%{ c #E1E1E1", +"&{ c #151512", +"*{ c #696967", +"={ c #D0D0CF", +"-{ c #6F6F6D", +";{ c #CECECE", +">{ c #353533", +",{ c #4B4B4A", +"'{ c #4E4E4D", +"){ c #A1A1A0", +"!{ c #A4A4A3", +"~{ c #575755", +"{{ c #B0B0AF", +"]{ c #C7C7C6", +"^{ c #494948", +"/{ c #474745", +"({ c #9B9B9B", +"_{ c #20201F", +":{ c #E7E7E7", +"<{ c #0F0F0C", +"[{ c #BDBDBD", +"}{ c #5F5F5E", +"|{ c #555553", +"1{ c #DDDDDD", +"2{ c #12120F", +"3{ c #E0E0DF", +"4{ c #999998", +"5{ c #727271", +"6{ c #878786", +"7{ c #4D4D4C", +"8{ c #DFDFDF", +"9{ c #D4D4D3", +"0{ c #DDDDDC", +"a{ c #3D3D3C", +"b{ c #666665", +"c{ c #545453", +"d{ c #71716F", +"e{ c #1F1F1E", +"f{ c #484847", +"g{ c #959594", +"h{ c #4B4B49", +"i{ c #D1D1D1", +"j{ c #40403F", +"k{ c #7C7C7A", +"l{ c #979796", +"m{ c #262625", +"n{ c #F3F3F3", +"o{ c #585856", +"p{ c #464644", +"q{ c #595958", +"r{ c #BEBEBD", +"s{ c #FCFCFB", +"t{ c #A7A7A6", +"u{ c #1C1C19", +"v{ c #B9B9B8", +"w{ c #BCBCBB", +"x{ c #A5A5A5", +"y{ c #969695", +"z{ c #626261", +"A{ c #B4B4B4", +"B{ c #4A4A49", +"C{ c #CFCFCF", +"D{ c #1B1B18", +"E{ c #60605F", +"F{ c #A6A6A5", +"G{ c #0D0D0A", +"H{ c #272726", +"I{ c #22221F", +"J{ c #777775", +"K{ c #F4F4F3", +"L{ c #6E6E6D", +"M{ c #1C1C1B", +"N{ c #E2E2E1", +"O{ c #080805", +"P{ c #8E8E8E", +"Q{ c #737372", +"R{ c #AFAFAE", +"S{ c #282826", +"T{ c #393937", +"U{ c #A7A7A7", +"V{ c #5A5A58", +"W{ c #2C2C2A", +"X{ c #545452", +"Y{ c #070704", +"Z{ c #B3B3B3", +"`{ c #F9F9F8", +" ] c #8C8C8B", +".] c #70706F", +"+] c #A6A6A4", +"@] c #D3D3D2", +"#] c #949493", +"$] c #393938", +"%] c #030301", +"&] c #050502", +"*] c #ABABAB", +"=] c #838382", +"-] c #B2B2B1", +";] c #CCCCCB", +">] c #CFCFCE", +",] c #C8C8C8", +"'] c #8F8F8D", +")] c #9B9B99", +"!] c #5C5C5B", +"~] c #666664", +"{] c #888887", +"]] c #656563", +"^] c #4F4F4C", +"/] c #CBCBCA", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . + @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ % % % % % % % % % % % % % % % % % % % % % % % % % % & & & & & & & & & & & & & & & & & & & & & & & & & & & & . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . * . = - ; > > > > > > > > > > > > > > > > > > > > > > ; , ' . ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ! ~ { ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ^ / ( _ ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( : < & . . . . . . . . . ", +" . . . . . . . . + . [ } | 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 2 3 4 5 . ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . 6 7 8 9 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 a b c d d d d d d d d d d d d d d d d d d d d d d e f g . h . . . . . . . . ", +" . . . . . . . . . . * . i j k l l l l l l l l l l l l l l l l l l l l l m n o p . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . q r s t u v v v v v v v v v v v v v v v v v v v v v w x y z A A A A A A A A A A A A A A A A A A A A A A B C D E . . . . . . . . . . . ", +" . . . . . . . . . . ) . F G H I I I I I I I I I I I I I I I I I I I I I J K L M N . + . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . O P Q R S T U U U U U U U U U U U U U U U U U U U U V W X Y Z ` .........................................+.e @.. h . . . . . . . . . . ", +" . . . . . . . . . . . . # . #.1 l I I I I I I I I I I I I I I I I I I I I $.K %.&.*.. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . =.-.;.Q >.,.w U U U U U U U U U U U U U U U U U U U U '.).!.~.~.!.{.......................................+.].^.. /.. . . . . . . . . . . . ", +" . . . . . . . . . . . . . * . (._.:.H I I I I I I I I I I I I I I I I I I <.K K K [.o }.. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . |.1.2.R R 3.4.5.U U U U U U U U U U U U U U U U U U 6.7.Y ~.~.~.X 8. .......................................9.0.. /.. . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . @ . a.1 l I I I I I I I I I I I I I I I I I b.K K K K c.d.e.f.. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . /.. g.h.i.j.R R k.l.U U U U U U U U U U U U U U U U U U U V m.n.~.~.~.~.~.9.o.................................A p.q.. h . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . * . r.s.j t.I I I I I I I I I I I I I I I I u.K K K K K v.o w.. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . x.y.2.R R R R >.z.5.U U U U U U U U U U U U U U U U A.B.C.~.~.~.~.~.X z ...............................o.9.D.E.. * . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . + . F.G.H.I I I I I I I I I I I I I I I b.K K K K K K I.J.K.L.. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . M.N.O.R R R R R R j.P.T U U U U U U U U U U U U U U U w Q.Y ~.~.~.~.~.~.X R. .............................A S.< . & . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . ) . T.U.V.I I I I I I I I I I I I I I $.K K K K K K K %.W.X.. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h Y.Z.Q R R R R R R >.`.T U U U U U U U U U U U U U U A. +!.~.~.~.~.~.~.~.Z y ............................ ..+++% . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . ) . @+#+$+H I I I I I I I I I I I I J K K K K K K K K K c.%+&+. + . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . *+=+l.R R R R R R R R k.-+w U U U U U U U U U U U U ;+>+~.~.~.~.~.~.~.~.~.~.X S. ......................... .,+'+. h . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . + . )+1 l I I I I I I I I I I I I $.K K K K K K K K K c.%+!+~+. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . {+]+^+/+R R R R R R R R 3.(+T U U U U U U U U U U U U A._+!.~.~.~.~.~.~.~.~.~.~.:+C ......................A e <+. /.. . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . * . [+}+|+t.I I I I I I I I I I 1+K K K K K K K K K K K [.o 2+. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . 3+1.2.R R R R R R R R R R 4+5+5.U U U U U U U U U U A.6+7+~.~.~.~.~.~.~.~.~.~.~.X 8+ .....................9+..0+. /.. . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . # . a+b+l I I I I I I I I I b.K K K K K K K K K K K K I.c+d+e+. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . f+j.R R R R R R R R R R R R k.Q V U U U U U U U U U U U g+n.~.~.~.~.~.~.~.~.~.~.~.~.~.h+o.................A p.i+. h . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . j+k+G.H.I I I I I I I I u.K K K K K K K K K K K K K [.o l+. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . m+P Q R R R R R R R R R R R R >.n+5.U U U U U U U U A.o+!.~.~.~.~.~.~.~.~.~.~.~.~.~.X p+o...............o.h+q+r+. . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . + . s+t+u+I I I I I I I J K K K K K K K K K K K K K K K K v+w+. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . x+y+Q R R R R R R R R R R R R R R R z+T U U U U U U V A+X ~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.Z ` .............+.e B+. h . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . + . C+b+l I I I I I I $.K K K K K K K K K K K K K K K %.D+E+. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E F+7 Q R R R R R R R R R R R R R R >.G+w U U U U U U A.H+!.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.Z !.............+.,+I+. . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . J+K+L+H I I I I <.K K K K K K K K K K K K K K K K K %.D+M+. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . N+1.2.R R R R R R R R R R R R R R R R 3.O+5.U U U U ;+P+Y ~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.X Q+ .........o.h+R+. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . @ . > 1 l I I I H $.K K K K K K K K K K K K K K K K K c.M S+T+. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . /.. U+V+W+j.R R R R R R R R R R R R R R R R k.X+U U U U U ;+Y+!.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.9.o.....A p.Z+. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . T+`+ @t.I I 1+K K K K K K K K K K K K K K K K K K K v.o .@. @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . +@@@2.R R R R R R R R R R R R R R R R R R >.#@5.U U A.$@n.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.X %@o.....&@*@=@. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . -@U.H.I b.K K K K K K K K K K K K K K K K K K K K I.;@>@,@. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . '@)@j.R R R R R R R R R R R R R R R R R R R k.!@A.T V T ~@Y ~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.Z {@o.A p.( . & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. ^@G.V.u.K K K K K K K K K K K K K K K K K K K K K [.o /@. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . (@_@Q R R R R R R R R R R R R R R R R R R R R >.:@5.A.<@!.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.Z p++.[@}@E . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . |@L+1@I.K K K K K K K K K K K K K K K K K K K K K K L M 2@. + . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . 3@P Q R R R R R R R R R R R R R R R R R R R R R R k.S t Q.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.X 4@5@6@. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + . 7@8@9@K K K K K K K K K K K K K K K K K K K K K K %.&.0@* . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . a@b@;.O.R R R R R R R R R R R R R R R R R R R R R R R c@d@y e@n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.f@g@h@. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. i@j@k@l@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@m@n@o@p@. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . % . q@r@s@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@t@u@v@w@x@y@z@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@A@B@a@. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . C@D@E@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@G@H@I@J@. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . K@L@M@N@O@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@Q@R@S@. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . T@U@V@W@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@m@X@Y@Z@`@. #. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . .#+#@###$#P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@%#&#*#. /././././././././././././././././././././././././././.* . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . =#-#W@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@;#>#,#'#)#. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . !#~#{#]#^#$#P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@$#/#(#. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . _#:#<#F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@m@[#}#|#1#2#3#. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & 4#5#{#6#]#7#$#P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@8#9#0#. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . a#W@b#c#F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@d#e#|#|#|#'#f#g#. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . h#+#@#6#6#]#{#P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@$#i#j#k#. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . l#m#E@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@F@l@n#}#|#|#|#'#o#p#T@. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . q#r#s#t#6#6#6#]#u#$#P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@P@8#v#w#. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . x#y#z#W@F@F@F@F@F@F@F@F@F@F@F@F@F@F@m@A#|#|#|#|#|#|#B#C#D#. #. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . E#F#^#6#6#6#6#6#G#i#$#P@P@P@P@P@P@P@P@P@P@P@P@P@P@%#H#I#J#. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . K#L#<#F@F@F@F@F@F@F@F@F@F@F@F@F@F@l@M#}#|#|#|#|#|#N#O#P#Q#. ]@. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . R#6#6#6#6#6#6#6#6#]#S#$#P@P@P@P@P@P@P@P@P@P@P@P@P@P@%#T#U#. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * * V#-#<#F@F@F@F@F@F@F@F@F@F@F@F@m@X@W#|#|#|#|#|#|#|#B#C#X#. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . Y#Z#@#6#6#6#6#6#6#6#6#`#$#P@P@P@P@P@P@P@P@P@P@P@P@Q@ $.$. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . +$@$G@F@F@F@F@F@F@F@F@F@F@F@F@#$;#|#|#|#|#|#|#|#|#|#|#O#$$. ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . %$&${#6#6#6#6#6#6#6#6#]#*$P@P@P@P@P@P@P@P@P@P@P@P@P@P@=$-$. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . ;$>$E@F@F@F@F@F@F@F@F@F@F@m@,$}#|#|#|#|#|#|#|#|#|#'$)$!$. ]@. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . ~${$~#{#6#6#6#6#6#6#6#6#6#]#7#$#P@P@P@P@P@P@P@P@P@P@8#v#]$. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. ^$/$($c#F@F@F@F@F@F@F@F@l@d#|#|#|#|#|#|#|#|#|#|#|#|#'$_$:$. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . % . <$[$@#6#6#6#6#6#6#6#6#6#6#6#{#O@P@P@P@P@P@P@P@P@P@N@}$|$1$. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . 2$m#E@F@F@F@F@F@F@F@F@m@3$}#|#|#|#|#|#|#|#|#|#|#|#'#4$5$6$. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . /.. 7$8$9$G#6#6#6#6#6#6#6#6#6#6#6#]#0$$#P@P@P@P@P@P@P@P@8#9#a$. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . b$c$@$W@F@F@F@F@F@F@m@d$}#|#|#|#|#|#|#|#|#|#|#|#|#|#B#e$f$. #. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . g$F#@#6#6#6#6#6#6#6#6#6#6#6#6#6#6#i#$#P@P@P@P@P@P@%#h$i$% . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . j$k$<#F@F@F@F@F@F@F@l$W#|#|#|#|#|#|#|#|#|#|#|#|#|#>#m$n$o$. ]@. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . p$s#G#6#6#6#6#6#6#6#6#6#6#6#6#6#6#]#q$$#P@P@P@P@P@P@%#r$s$. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . t$k$<#F@F@F@F@m@u$}#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#1#v$w$. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . /.. x$&$y$6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#]#z$$#P@P@P@P@8#A$B$. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . C$D$F@F@F@F@F@E$F$|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#'#o#G$. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . H$I$y$6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#]#y$P@P@P@P@$#=$8#J$. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . K$m#E@F@F@m@n#}#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#L$f#M$) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . N$O$P${#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#]#Q$$#P@P@8#v#R$. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. S$T$U$c#l@V$|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#B#v$W$. #. . . . . . . . . . . . . . . . . . . . . . . . . . . % . X$F#^#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#G#=$P@N@/#Y$Z$. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . `$m# %m@M#}#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#N#.%+%@%. * . . . . . . . . . . . . . . . . . . . . . . . . . h . #%^#$%G#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#6#]#%%$#Q@A$&%. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . *%=%-%;%}#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#B#C#>%. #. . . . . . . . . . . . . . . . . . . . . . . . . & . ,%'%)%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%!%~%{%]%. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . ^%/%(%|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#|#>#,#e#_%. ) . . . . . . . . . . . . . . . . . . . . . . . & . :%<%[%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%}%|%1%2%3%. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . 4%5%6%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%7%6%8%9%. ) . . . . . . . . . . . . . . . . . . . . . . . . ) 0%a%b%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%d%e%f%. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . g%h%i%j%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%l%m%n%. #. . . . . . . . . . . . . . . . . . . . . # . o%p%q%r%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%t%u%v%w%. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. x%y%z%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%A%B%C%D%E%. * . . . . . . . . . . . . . . . . . . . * . F%G%H%I%J%K%L%L%L%L%L%L%L%L%L%L%L%L%L%L%L%L%L%L%L%L%K%M%N%O%P%. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . Q%R%S%T%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%U%V%W%X%. #. . . . . . . . . . . . . . . . . . . # . Y%Z%`% &.&L%+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&L%@&#&$&%&&&*&. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. =&-&l%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%;&>&,&'&)&!&~&. ]@. . . . . . . . . . . . . . . . . & . {&]&^&/&(&_&:&L%+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&<&@&[&}&|&1&2&. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3&4&5&k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%6&7&8&8&9&0&a&. #. . . . . . . . . . . . . . . . . & . b&c&d&/&e&f&g&h&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&L%i&j&}&k&l&m&n&o&. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . p&q&T%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%A%r&s&8&8&8&8&t&u&. & . . . . . . . . . . . . . . . # . v&w&x&^&^&y&z&A&B&g&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&+&C&D&E&F&l&l&G&H&I&E.. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . J&K&z%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%A%L&8&8&8&8&8&V%M&N&. ]@. . . . . . . . . . . . . . * . ~$O&P&x&^&^&^&Q&R&S&J%T&+&+&+&+&+&+&+&+&+&+&+&+&+&+&L%s%U&V&k&l&l&l&W&X&Y&. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. Z&`& *j%k%k%k%k%k%k%k%k%k%k%k%k%k%k%k%.*s&8&8&8&8&8&V%+*@*. #. . . . . . . . . . . . . # . #*$*%*^&^&^&^&y&&***:&L%+&+&+&+&+&+&+&+&+&+&+&+&+&+&@&=*k&l&l&l&l&l&-*;*>*,*. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. '*)*z%k%k%k%k%k%k%k%k%k%k%k%k%k%A%!*s&8&8&8&8&8&8&~*{*]*^*. * . . . . . . . . . . . ]@. /*(*_*:*^&^&^&^&^&/&e&<*[*L%+&+&+&+&+&+&+&+&+&+&+&+&L%M%}*|*k&l&l&l&l&l&1*2*3*. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . 4*5*6*h%k%k%k%k%k%k%k%k%k%k%k%k%i%U%8&8&8&8&8&8&8&8&9&7*8*. #. . . . . . . . . . . # . 9*$*d&^&^&^&^&^&^&/&0*a*b*+&+&+&+&+&+&+&+&+&+&+&+&L%M%c*d*l&l&l&l&l&l&l&l&$&H&e*. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . f*g*l%k%k%k%k%k%k%k%k%k%k%k%;&h*,&8&8&8&8&8&8&8&8&i*j*k*l*. ) . . . . . . . . . & . m*n*:*^&^&^&^&^&^&^&^&/&&*o*B&g&+&+&+&+&+&+&+&+&+&+&+&+&p*F&q*l&l&l&l&l&l&l&r*1&s*. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . t*u*l%k%k%k%k%k%k%k%k%k%v*6&8&8&8&8&8&8&8&8&8&8&8&V%w*x*. & . . . . . . . . . * . y*w&d&^&^&^&^&^&^&^&^&z*A*B*C*D*+&+&+&+&+&+&+&+&+&L%i&E*|*k&l&l&l&l&l&l&l&l&l&m&F*G*. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . H*I*k%k%k%k%k%k%k%k%k%k%A%J*,&8&8&8&8&8&8&8&8&8&8&8&K*L*M*. N*. . . . . . . # . O*P*d&^&^&^&^&^&^&^&^&^&^&y&z&Q*B&g&+&+&+&+&+&+&+&+&D*R*S*T*l&l&l&l&l&l&l&l&l&l&G&H&U*Z$. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . # . V*y%z%k%k%k%k%k%k%k%;&W*s&8&8&8&8&8&8&8&8&8&8&8&8&K*X*Y*& . . . . . . . * . Z*`* =x&^&^&^&^&^&^&^&^&^&^&^&^&z*.=+=L%+&+&+&+&+&+&L%i&@=|*k&l&l&l&l&l&l&l&l&l&l&l&W&X&#=. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. $=%=&=T%k%k%k%k%k%k%k%*=s&8&8&8&8&8&8&8&8&8&8&8&8&8&V%w*==. #. . . . . # . -=;=>=^&^&^&^&^&^&^&^&^&^&^&^&/&&*,=[*L%+&+&+&+&+&L%M%'=T*l&l&l&l&l&l&l&l&l&l&l&l&l&-*;*)=!=. h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. ~=K&l%k%k%k%k%k%A%{=s&8&8&8&8&8&8&8&8&8&8&8&8&8&8&]=^=/=(=. ]@. . . & . _=:=<=:*^&^&^&^&^&^&^&^&^&^&^&^&^&/&[=}=|=L%+&+&+&+&+&D*1=}&k&l&l&l&l&l&l&l&l&l&l&l&l&l&1*2*2=. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3=4=5=6=k%k%k%k%7=8=8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&9&W%9=. #. . . & . 0=P*d&^&^&^&^&^&^&^&^&^&^&^&^&^&^&/&a=b=+&+&+&+&+&L%i&c=|*k&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&$&H&e*. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . d=5=h%k%k%k%A%e=s&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&f=g=. & . & . h=i=x&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&y&z&j=B&g&+&+&D*k=l=T*l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&r*1&s*. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . m=n=l%k%A%o=8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&V%+*p=. ) * . # q=r=x&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&Q&s=t=b*T&L%i&u=|*k&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&m&F*G*. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . v=l%i%j%;&w=,&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&x=y=z=. A=. B=C=d&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&y&z&D=:&K%@&E=l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&G&H&U*Z$. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. F=y%G=H=s&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&K*I=J=4*. K=L=M=N=^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&A*O=+=P=Q=}&k&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&W&X&#=. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . R=S=q&T=U=8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&8&9&7*V=. W=X=>=^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&^&/&[=Y=Z=`= -.-l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&-*;*+-!=. @-& & & h * * * * * * * * * * * * * * * * * * * * * /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. #-$-K*7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&7&%-&-*-=---;->->->->->->->->->->->->->->->->->->->->->->-z*,-'-)-!-~-{-T*l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&l&1*2*3*. & . . . . . . . . . . . . . . . . . . . . . . . . . . /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. ]-^-/-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-(-_-:-<-[-}-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-1-2-3-4-5-6-7-8-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-9-0-a-b-c-c-d-e-f-g-g-g-g-g-g-g-g-g-g-g-g-g-g-g-g-g-g-h-i-j-. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . N*. k-l-m-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-n-o-p-q-r-s-t-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-u-v-w-x-y-z-A-B-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-D-E-F-G-H-H-H-I-J-J-J-J-J-J-J-J-J-J-J-J-J-J-J-J-J-J-J-K-L-M-N-. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. O-P-Q-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-S-T-U-V-W-X-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Z-`- ;. .;+;@;#;D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-$;E-%;&;*;=;=;-;-;-;-;-;-;-;-;-;-;-;-;-;-;-;-;-;-;-;-;;;>;,;';. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. );!;~;{;R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-];^;/;(;_;:;<;W-X-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-[;};|;1;h . 2;3;4;D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-5;6;7;8;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;0;a;b;c;d;e;. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. f;g;h;R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-i;j;k;l;m;:;n;Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-o;p;q;. #. r;s;t;u;D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-v;6;6;6;w;x;y;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;0;z;A;A;c;B;C;D;. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * . E;F;G;H;R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-];^;I;(;J;K;m;L;M;N;w-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-o;O;P;. * . % . Q;R;u;D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-S;T;6;6;6;6;U;V;W;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;0;X;b;A;A;Y;Z;`;. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. >.>Q-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-];+>@>#>K;K;K;K;$>%>&>*>Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-x-=>->. & . . & . ;>>>4;D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-}*,>'>6;6;6;6;7;)>y;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;0;!>b;A;A;A;~>{>]>^>. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . />(>Q-R-R-R-R-R-R-R-R-R-R-R-R-R-R-R-_>:><>J;K;K;K;m;L;[>N;w-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-}>|>1>. # . . . & . 2>u;3>4>D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-C-6;6;6;6;6;6;6;6;5>y;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;6>b;A;A;A;A;Y;7>8>. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . 9>0>R-R-R-R-R-R-R-R-R-R-R-R-R-R-];^;a>(;J;K;K;K;K;K;K;K;b>c>X-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-x-d>e>f>. ]@. . . . g>. h>3;i>D-D-D-D-D-D-D-D-D-D-D-D-D-D-D-j>'>6;6;6;6;6;6;7;k>y;9;9;9;9;9;9;9;9;9;9;9;9;9;9;9;0;l>b;A;A;A;A;A;A;A;m>n>. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. o>p>h;R-R-R-R-R-R-R-R-R-R-R-R-q>r>s>#>K;K;K;K;K;K;t>u>v>w>Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Z-`-x>. #. . . . . /.. y>z>A>#;D-D-D-D-D-D-D-D-D-D-D-D-}*B>6;6;6;6;6;6;6;6;6;7;C>y;9;9;9;9;9;9;9;9;9;9;9;9;9;0;D>E>A;A;A;A;A;A;A;F>G>H>. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. I>J>K>{;R-R-R-R-R-R-R-R-R-R-];^;L>(;J;K;K;K;K;K;K;K;t>u>M>W-w-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-[;N>O>P>. * . . . . . . g>. Q>>>4;D-D-D-D-D-D-D-D-D-D-D-D-D-U;6;6;6;6;6;6;6;6;6;7;j>0;9;9;9;9;9;9;9;9;9;9;9;9;9;0;R>b;A;A;A;A;A;A;A;A;S>T>U>. # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. V>P-Q-R-R-R-R-R-R-R-R-R-R-_>W>J;K;K;K;K;K;K;K;K;K;K;X>Y>X-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-Y-[;Z>`>. # . . . . . . . . /.. ,.,+,D-D-D-D-D-D-D-D-D-D-D-@,6;6;6;6;6;6;6;6;6;6;6;7;#,y;9;9;9;9;9;9;9;9;9;9;9;0;$,b;A;A;A;A;A;A;A;A;A;c;%,&,N$. * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3=*,=,-,R-R-R-R-R-R-R-R-];+>;,<>J;K;K;K;K;K;K;K;K;K;m;L;>,,,w-Y-Y-Y-Y-Y-Y-Y-Y-o;Z>',. & . . . . . . . . . $ . ),!,#;D-D-D-D-D-D-D-D-D-D-~,{,6;6;6;6;6;6;6;6;6;6;6;6;6;],y;9;9;9;9;9;9;9;9;9;9;0;^,b;A;A;A;A;A;A;A;A;A;A;Y;Z;/,. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . N*. (,_,H;R-R-R-R-R-R-R-];+>:,r-K;K;K;K;K;K;K;K;K;K;K;K;<,[,},*>Y-Y-Y-Y-Y-Y-Y-Y-Y-|,1,. & . . . . . . . . . . $ . 2,3,i>D-D-D-D-D-D-D-D-D-,>6;6;6;6;6;6;6;6;6;6;6;6;6;7;4,y;9;9;9;9;9;9;9;9;9;0;5,b;A;A;A;A;A;A;A;A;A;A;A;6,7,8,9,. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . N*. 0,a,Q-R-R-R-R-R-R-R-R-b,r-J;K;K;K;K;K;K;K;K;K;K;K;m;u>c,W-X-Y-Y-Y-Y-Y-Y-Z-`-d,. # . . . . . . . . . . . h . e,f,g,h,D-D-D-D-D-D-D-3>6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;7;i,y;9;9;9;9;9;9;9;9;y;j,b;A;A;A;A;A;A;A;A;A;A;A;A;S>T>k,. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . & . l,h;0>m,R-R-R-R-];^;n,(;J;K;K;K;K;K;K;K;K;K;K;K;K;K;K;$>o,W-X-Y-Y-Y-Y-p,q,r,s,. * . . . . . . . . . . . . g>. t,3;i>D-D-D-D-D-D-}*j>'>6;6;6;6;6;6;6;6;6;6;6;6;6;6;7;u,9;9;9;9;9;9;9;9;0;v,b;A;A;A;A;A;A;A;A;A;A;A;A;A;A;c;B;w,. & . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. x,g;h;R-R-R-R-i;y,z,#>K;K;K;K;K;K;K;K;K;K;K;K;K;K;t>:;A,*>Y-Y-Y-Y-Y-}>B,C,. # . . . . . . . . . . . . . * . D,E,F,u;D-D-D-D-}*B>6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;7;8-y;9;9;9;9;9;0;G,A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;c;H,I,# . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. J,K,L,H;R-R-];^;M,(;J;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;t>N,O,P,w-Y-Y-[;Q,R, #. . . . . . . . . . . . . . . . % . S,T,4;D-D-D-D-D-T;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;j>U,9;9;9;9;9;0;V,b;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;S>W,X,. % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. Y,a,Q-R-];_>Z,#>K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;$>`, '*>Y-Y-[;.'+'. & . . . . . . . . . . . . . . . . & . @'T,4;D-D-}*,>'>6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;7;#'y;9;9;9;0;$'b;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;%'&'*'='. /.. . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. -'.>Q-R-_>;'<>J;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;m;L;>','w-}>p;''. & . . . . . . . . . . . . . . . . . & . )'!'D-D-D-C-E-6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;~'y;9;9;9;{'b;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;Y;]'^'. # . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . N*. /'('_'^;:'<>J;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;K;<'c>['Z-}'. & . . . . . . . . . . . . . . . . . . % . |'1'i>D-2'6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;6;7;$;y;9;0;3'b;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;A;4'5'. & . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. 6'7'8'9'0'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'b'c'd'e'f'g'. # . . . . . . . . . . . . . . . . . . . h . h'i'j'k'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'l'm'n';;;;o'c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;c;8,d;p'. h . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. q'r's't'u'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'v'u'w'x'y'z'. * . . . . . . . . . . . . . . . . . . . . g>. A'B'C'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'D'E'F'G'H'I'B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;B;J'K'L'. # . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #. M'N'O'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'P'Q'R'S'T'. # . . . . . . . . . . . . . . . . . . . . . . . D;U'V'W'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'X'Y'Z'`' ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ).)+)@). . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@h g>N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*N*g>h * . . . . . . . . . . . . . . . . . . . . . . . . h h $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ & & & & & & & & & & & & & & & & & & & & & & & & & ]@E # . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ]@. . . . . . . . . . . . . . . . . . . . . . . . . . . * . . . . . . . . . . . . . . . . . . . . . . . . . * * . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . * * * * * * * * * * * * * * * * * * * * * * * * * * * . . . . . . . . . . . . . . . . . . . . . . . . . . . . * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #)$)$)$)$)$). . . . . . . . . h $)$)$)$)$). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #)$)%)$)$)$)%)$)#). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $)h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . h . &)*)=)-);)>)$). . . . . . h . ,)')=)-)-)=))). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #)#). h !)~){)])^)/)()_):). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . %). <)[)})|)1)2)3). #). . . . $). 4)5)2)6)7)8). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #)h N*9)0)a)b)c)d)e)f)c)g)h)i). $). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h $)$). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . #). j)k)l)l)m)n)o). $). . . h . p)q)r)a)m)s)t). $). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #). u)v)b)1)w)h)x)y)z)A)B)C)D)E). $). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . h F)6)l)a)b)G). #). . . #). H)6)I)J)K)C)L). #). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #). M)N)1)h)O)P)=)Q)R)h %)S)T)U)V). h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . W)9)X)Y). #). . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . $). Z)`)O)J)r)N)S). h . . $). <) !O)l).!+!. . . . . . #)$)%)%)$)#). . . . . . . h h h h h . . h $)%)#). . . . h $)$)%)%)%)$)h . . . . . . h . @!#!2)$!%!!). h . . . . . . . h . . . h h . . . . $)$). . h h h . . . . . . . . . h h h . . . h h . . . . #)$)$)#). . . . . . . $). &!e) !*!. $)h . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . #). =!})J)K)l)-!;!. $). . . . >!|)l)O) !,!. $). . #)#). . . . . . #)$). . . . . . . . . . . #)h . . . . . $)#). . . . . . . . $)h . . . . #). '!b)h))!!!. %)$)h h . h h $)$). . . . . . . . #)h . . . . . . . h . . . . . . . h . . . . . . . . . . $)h . . . . #)$). . . . . #). v)|)l)~!. #). . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . h . %){!6)l)a)w)]!. $). #). 3)K)K)J)K)K)Y). #). #)h . ^!/!(!_!~)M)h . #). . . . :!^!)3!4!_!5!6!7!. #)h . . R). 8!6)K)9!0!. %). . . . . . . . . . . . #)a!b!%)h . c!d!-)e!%)f!a!g!h . . . . . . . #)a!c!f!#). h!b!g!#)#). i!j!H)-)k!h . #). . . #)f!. v)1)k)2!. f!c!$). . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . $). l!w)a)l)6)m!#). h $). 4!w)a)l)g)n!. h . $). o!p!O)q!n)n)n)r!s!d!. #). $). t!u!v!w!x!. 9)y!g)D)z!. i!A!B!N)2)b)w)w)n)|)C!D!)). h . $). E!1)q!l!. %). . . . . . . . . . . h . [!F!G!H!. I!{!h)})J!K!L!L!M!!). #). . . $). N!N)x)O!. . P!G!Q!R!. S!A)K)-!2)9!n!T!. #)R). U!x)V!W!k)K)X!Y!Z!N)`!. $). . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . $). *)6)l)J)K)k) ~. #)#). .~q!a)O) !1!. $)$). 9)K)w)K)9!k)K)m)J)q!+~`!. R)$). @~#~O)n)$~%~g)})&~q!*~. :!G!#~J)O)a)l)9!m)l)r)=~-~%). #). ;~x)r)r)U!. #). . . . . . . . . . . h . >~,~[)'~8!1)w)n)q!)~. !~n)~~{~. $). . . #). ]~ !#~^~. . {)e)J)L)4)[)f)k)O)1)g)6)n)i). i!. /~D)(~h)J)K)n)~~w)D)_~. %). . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . h . p)M!})I)O) !:~. i!. <~,~[~J)k)l)}~. %). |~6)[~m)[~g)x)1~q!K)9!r)a)2~. i!. 3~w)m)}){!m!6)m)W!b)4~. . 5~ !q!q!K)m)2)q!J)J)m)=~i). i!. U!h)h)M!p). h . . . . . . . . . . . h . f!6~w)p!8)=~7~]!*~~. R). %{&~g)F!#). %). 4!b)&{n~. $). . . . %). D!q!g)*{. $)#). G~q!k)={. #). . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . $). -{w)a)O)`)U). ;{[~K)a)1)s!. #). p)>{h)l)[~1~0),{z)z)'{Q!C)K)a)w)){. . P!f~O)l)g)z). $)%)$)#). #). |~v)a)n)w)1)1)[~J)K)a)w)^~. . !{q!|)T~. #). . . . . . . . . . . . h . a!6~2)a)Y). #). . . . h . ~{|)g){{. )). ^~q!q!i). $)%). 4!q!b)u~. %). . . . #). ]{h)6)^{. . R). G~q!k)={. #). . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . $). /!q!a)l)g)/{. ({ !_{a)w)4!. i!. :{9~C)J)K)C)6)2)2)2)6)r)a)a)m)q!_!. . P!f~O)a)<{J~. $). . . h . ()q!q!K)m)C)1)n)2)J)K)a)w)_!. . [{|)h)Z!)). h . . . . . . . . . . . h . a!6~6)G!~t~w)O)k)O):). $). K!&~C)J)J)[~b)q!q!q!q!b)w)w)1)D)4{. . P!f~O)a)w)5{. $). . $). 5!7)l)O)J)2{z~${6{7{6)l)a)w)4!. . 8{9!k)k)9{. #). . . . . . . . . . . h . a!6~6)G!K!. h . . . . h . 7!>{2)&~3{. 0{W!n)G). #). %). 4!2{n)D!. %). . . . #). J!&~|)a{i!. $). G~q!k)={. #). . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . #). b{n)a)l)|)`!%!|)O)1)c{. h h . [!1~[~l)r)#!^)d{5{5{5{5{5{5{])E!d!. . P!f~O)a)w)5{. $). h . ))6~})e{l)6){)i!$). {) !O)a)w)4!. %). f{})b){). %). . . . . . . . . . . h . a!6~6)G!K!. h . . . . . $). 3~q!q!g{. :~q!|)o~. $). %). 4!2{s)D!. %). . . . #). x~[~|)h{. h #). G~q!k)={. #). . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . $). #{n)a)l)2)B!y!r)O)`)(!. $). . . F!6)a)h)z~F~. h . . . . . . . . %). P!f~O)a)w)5{. $). #). i{r)J)l)6)j{%). p). k{`)_{a)w)4!. e!. l{w)l)m{8{. %). . . . . . . . . . h . a!6~6)G!K!. h . . . . . #). &)l)1),{. W~f~6~n{. h . %). 4!q!b)4~. %). . . . %). _~q!1)E!. $)#). o{q!k)={. #). . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . h . :{,~[~J)K)a)K)J)C)9!8{. #). $). '~ !O)a)q!O!)). h . . . . $)$)h %). P!f~O)a)w)5{. $). $). %~1)l)l)|)p{. . . i!i~6)l)a)w)4!. i!. >~X~[~|)s!e!. %)$)h h h h #)$)$). h . a!6~6)G!K!. h . . . . . . #). q{n)G!r{x)~~@~. $). . %). 4!b)h)D~s{#)#). . #)$). $~2)b)t{. $)#). ~{1)u{;{. $)h . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . #). G)b)a)K)k)K)a)q!T~. #). . #). L)[~J)J)l)q!V!i)v{H)w{x{z!c{:!. i!. P!f~O)a)w)5{. $). #). U~r)J)K)J)h)y{>~}~z{|)l)K)a)w)4!. %)$). A{b)O)g)n!k!. h . . . . . . . . h . a!6~6)G!K!. h . . . . . . $). {{b)l)B{a)r)C{. #). . %). 4!w)m)2{1!. #)h h #). ){|)D{C!>~. h #). E{g)|)/!. $). . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . $). F{w)a)K)K)K)a)w)5!. $). . . #). ()=~a)a)a)2)G{q!g)1)n)w)2{~!. )). P!f~O)a)w)5{. $). h . $)V!6)O)K)k)g)H{K)|)C)k)K)a)w)(!. %). $). l{ !K)})I{J{|~<~p)a!K{3{v{L{j!. . a!6~6)G!K!. h . . . . . . h . r~>{})M{g)e~. h . . . %). 4!`)9!})|)+{S). . n{,!C)a)#~){. $). %). +{s)r)h{b~h ;~%). . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . #). N{W!K)a)l)a)K)m)%{. #). . . . h . @~w)g)K)9!&~m)m)m)m)W!O{^~. g!. P{ !9!O)n)Q{. $). . $). 9) ![~O)O)m)J)k)g)#!a)K)9!w)g{. %). . R). R{S{n)$!b)})1~T{Z!>{W!6)D)4!. h a!M!2)S{V). h . . . . . . . $). {)w)&~n)U{. $). . . %). 4!n)r)V{1~[)W{X{v)#!1)h)~~@~. #). . #). H~g)K)[~1~D~L!8{. #). . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . #). |{Y{2)g)2)f)T~. #). . . . . . #). A!n!k)n) ! !f~ !b)K)L!Z{. `{. ]=~K)k)~~.]. $). . . #). +]W!`)w)w)w)})J{@]a)})K)c)]!. $). . . $). <~4~>{r)b)~~f)f)O{`)C)B)F{. . p)z~q!m)K!. h . . . . . . . #). x~[~h)>{7!. h . . . %). 4!2{w)#]9{$] ![)%]c)-!x)_~. #). . . . #). #]6)n)G{&]c)j). #). . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . h . 8{')=)-)=)*)m~. h . . . . . . h #). h 3)*]C~=]()l{-] ~i!. . h . @!;]H~H~d!N{. h . . . . #). :{){U)U)j~ ~. %)@]>]H~d!8{. h . . . . $)h . f!,]o)<)*~4~']V~U!r~. h . #)M)x~U~i!. . . . . . . . . %). )]|)b)D!. $). . . . %). 4!2{s) ]. 7!v{()]!+{-]>~. $). . . . . . h . @]D!z!{)V~r~. h . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $)h . . . . . . . . h h . . . . . . . . . . . . . . . . $). . . . . . #)h . . . . . . . . . . . . #)$). . . . . . . . . . h . . . . . . . . . . . . . . . #). <~B)|)B)W). h . . . . %). 4!2{n)P!. i!. . . . . . $). . . . . . . . #). . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . #)$)$)$)$)$)h . . . . . . . . . . . . #)$)%)$)%)%)$)#). . . . . h #)#)#)#)h . . . . . . . . h %)$)$)%)#). . #)#)#)#)h . . . . . . . . . h #)%)%)$)$)%)$)#)h . . . . #)#)#). . . . . . . . %)h . !]6)n)#]. $). . . . . %). 4!2{n)P!. i!$)$)$)%)$)h . . . . . . . . . . #)%)$)%)s{]@. . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . p)~]|)&{/{i!. h . . . . . %). 4!2{n)P!. %). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . c!o~V!|)h)&~Y). #). . . . . . %). (!6)-!t). %). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $). ')#~r)q!,~U!. #). . . . . . . %). l{e)%]{]. %). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . F~S{|)]]^!. $). . . . . . . . $). l~^]n!3!. $). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . h . {{/]. h #). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . #)#). . . . . . . . . . . . h #)#)h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $)#). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" ", +" "}; diff --git a/src/Resources/Icons/VeraCrypt-48x48.xpm b/src/Resources/Icons/VeraCrypt-48x48.xpm index 7debeb8d..1e2966f5 100644 --- a/src/Resources/Icons/VeraCrypt-48x48.xpm +++ b/src/Resources/Icons/VeraCrypt-48x48.xpm @@ -1,486 +1,486 @@ -/* XPM */ -static const char *VeraCryptIcon48x48[] = { -"48 48 435 2", -" c None", -". c #FFFFFF", -"+ c #FEFFFF", -"@ c #FDFEFF", -"# c #FEFEFE", -"$ c #FEFFFE", -"% c #EFF9FC", -"& c #CDEEF7", -"* c #D5F1F8", -"= c #D3F0F8", -"- c #D1EFF8", -"; c #DBF2F9", -"> c #FDFEFE", -", c #E7F5F1", -"' c #E4F3EF", -") c #E5F4EF", -"! c #E4F3EE", -"~ c #EAF6F2", -"{ c #EDF6F3", -"] c #ECF6F3", -"^ c #EAF5F1", -"/ c #F8FCFA", -"( c #EAF8FC", -"_ c #1CB1DB", -": c #01A8D7", -"< c #07ABD8", -"[ c #04AAD8", -"} c #0DA8D5", -"| c #CFEDF6", -"1 c #CFECE4", -"2 c #5ABA9D", -"3 c #6CBFA4", -"4 c #69BEA3", -"5 c #8ACAB3", -"6 c #96CFBA", -"7 c #95CEB9", -"8 c #93CEB8", -"9 c #9BD2BE", -"0 c #F4FAF8", -"a c #FCFEFE", -"b c #99DCEF", -"c c #00A5D5", -"d c #0BADD9", -"e c #0DABD8", -"f c #00A1D0", -"g c #4EBEDF", -"h c #73C6AE", -"i c #4AB696", -"j c #6ABFA4", -"k c #6ABEA3", -"l c #7EC5AD", -"m c #86C9B2", -"n c #92CDB8", -"o c #99D0BC", -"p c #8FCCB5", -"q c #D0EAE0", -"r c #3ABBE0", -"s c #00A8D7", -"t c #10A8D5", -"u c #12A7D3", -"v c #01A1D1", -"w c #AEE1F0", -"x c #B7E2D5", -"y c #46B494", -"z c #53BA9C", -"A c #5ABB9E", -"B c #6CBFA5", -"C c #74C2A9", -"D c #88C9B3", -"E c #85C8B1", -"F c #8BCBB5", -"G c #A8D7C6", -"H c #FCFEFF", -"I c #BCE8F5", -"J c #03A6D5", -"K c #0FA7D3", -"L c #05A3D2", -"M c #2FB3D9", -"N c #F6FCFD", -"O c #F1F9F7", -"P c #61BFA3", -"Q c #4FB899", -"R c #54B99C", -"S c #53B99B", -"T c #5FBC9F", -"U c #7CC4AB", -"V c #80C5AE", -"W c #7FC5AD", -"X c #88C9B2", -"Y c #E1F1EB", -"Z c #63BFE1", -"` c #0898CF", -" . c #1AA0D3", -".. c #1BA1D3", -"+. c #0697CE", -"@. c #91CBE7", -"#. c #FCFDFE", -"$. c #91D5C4", -"%. c #3BB392", -"&. c #4BB99C", -"*. c #4BB99B", -"=. c #3CB393", -"-. c #8DD2BF", -";. c #E8F4EF", -">. c #DBEFE8", -",. c #DDF0E9", -"'. c #DCEFE8", -"). c #E2F2EC", -"!. c #DDF0F8", -"~. c #209ED2", -"{. c #199AD1", -"]. c #1C9DD2", -"^. c #1C94CF", -"/. c #2C90CF", -"(. c #E3F1F9", -"_. c #FEFEFF", -":. c #D9F1EB", -"<. c #31B394", -"[. c #3EB697", -"}. c #46B89A", -"|. c #40B697", -"1. c #4FBB9F", -"2. c #EDF8F5", -"3. c #89CCE7", -"4. c #0995CE", -"5. c #1E9DD1", -"6. c #2690CE", -"7. c #1585CA", -"8. c #72B6DF", -"9. c #6CC7B1", -"0. c #26AD8D", -"a. c #38B495", -"b. c #47B799", -"c. c #37B291", -"d. c #ACDFD2", -"e. c #FAFDFD", -"f. c #F4FAFD", -"g. c #34A9D7", -"h. c #1891CE", -"i. c #268DCD", -"j. c #248ECD", -"k. c #1C8ACC", -"l. c #C8E3F3", -"m. c #BEEAE0", -"n. c #2AB493", -"o. c #37B999", -"p. c #34B899", -"q. c #36B797", -"r. c #67C5AC", -"s. c #FBFDFD", -"t. c #ADD9ED", -"u. c #1785C8", -"v. c #288CCC", -"w. c #1A85C9", -"x. c #54A3D6", -"y. c #F9FCFD", -"z. c #4DA991", -"A. c #26987A", -"B. c #2F9C7F", -"C. c #249779", -"D. c #BCE2D8", -"E. c #FCFEFD", -"F. c #5CA2D4", -"G. c #1D80C4", -"H. c #2B87C8", -"I. c #2C89C8", -"J. c #1575BC", -"K. c #A8C9E4", -"L. c #9DD8DE", -"M. c #177A73", -"N. c #236046", -"O. c #20654D", -"P. c #22614A", -"Q. c #196F54", -"R. c #7FC5B3", -"S. c #CEE4F2", -"T. c #2384C6", -"U. c #2987C8", -"V. c #2884C6", -"W. c #1A73BA", -"X. c #3684C2", -"Y. c #EFF6FA", -"Z. c #E6F4F5", -"`. c #37A9B2", -" + c #2AA2AA", -".+ c #246F5B", -"++ c #21664D", -"@+ c #226951", -"#+ c #2E997C", -"$+ c #289E7F", -"%+ c #CCE7E0", -"&+ c #7BB4DC", -"*+ c #1A7FC4", -"=+ c #267DC0", -"-+ c #2378BC", -";+ c #106DB7", -">+ c #83B4DA", -",+ c #79C4CB", -"'+ c #1E9DA6", -")+ c #31AAB5", -"!+ c #29908D", -"~+ c #215F45", -"{+ c #288469", -"]+ c #33A586", -"^+ c #24997A", -"/+ c #5EB59E", -"(+ c #E8F3FA", -"_+ c #3187C6", -":+ c #1C74BB", -"<+ c #2278BD", -"[+ c #1D75BB", -"}+ c #2C7CC0", -"|+ c #ABD5E3", -"1+ c #2FA6AD", -"2+ c #2CA3AD", -"3+ c #2DA4AD", -"4+ c #2EA5AF", -"5+ c #1E7B6A", -"6+ c #2E9A7B", -"7+ c #30A082", -"8+ c #32A083", -"9+ c #229979", -"0+ c #B1DBD0", -"a+ c #F9FCFB", -"b+ c #FCFDFD", -"c+ c #FDFDFD", -"d+ c #9BBBDC", -"e+ c #1960AD", -"f+ c #2D6EB4", -"g+ c #296CB3", -"h+ c #2768B1", -"i+ c #1A7798", -"j+ c #2F9DAF", -"k+ c #2F99AF", -"l+ c #309AAF", -"m+ c #2B98B0", -"n+ c #81C2C3", -"o+ c #329374", -"p+ c #298E72", -"q+ c #2C8F72", -"r+ c #298E71", -"s+ c #309174", -"t+ c #4DA78F", -"u+ c #4AA78E", -"v+ c #4BA88F", -"w+ c #49A58C", -"x+ c #4FB098", -"y+ c #E3F5F1", -"z+ c #FAFBFD", -"A+ c #4C80BD", -"B+ c #2263AD", -"C+ c #2E6AB5", -"D+ c #21689E", -"E+ c #0B6274", -"F+ c #278AA2", -"G+ c #349CB3", -"H+ c #2492AA", -"I+ c #5BADBF", -"J+ c #77B6A3", -"K+ c #1B8466", -"L+ c #2D8E72", -"M+ c #2A8C6F", -"N+ c #258565", -"O+ c #238D6E", -"P+ c #28987A", -"Q+ c #279577", -"R+ c #2A987B", -"S+ c #17A282", -"T+ c #77CAB8", -"U+ c #BCD0E6", -"V+ c #2062AE", -"W+ c #2F6DB2", -"X+ c #156983", -"Y+ c #0F6578", -"Z+ c #187187", -"`+ c #349CB2", -" @ c #2995AD", -".@ c #CBE5EB", -"+@ c #E3F0ED", -"@@ c #329276", -"#@ c #2A8D71", -"$@ c #2D8C6E", -"%@ c #2B896A", -"&@ c #2C8A6C", -"*@ c #329A7E", -"=@ c #339A7E", -"-@ c #32A68A", -";@ c #31B094", -">@ c #29AB8D", -",@ c #CDEBE5", -"'@ c #6894CB", -")@ c #005487", -"!@ c #015C6D", -"~@ c #015B72", -"{@ c #01586E", -"]@ c #04728B", -"^@ c #7DC1D0", -"/@ c #F9FCFC", -"(@ c #99C9BB", -"_@ c #0E7D5B", -":@ c #197F5E", -"<@ c #177E5D", -"[@ c #177D5C", -"}@ c #1A8463", -"|@ c #1E9778", -"1@ c #1CA687", -"2@ c #1FA788", -"3@ c #12A282", -"4@ c #49B89F", -"5@ c #FCFCFC", -"6@ c #DDE7F1", -"7@ c #79A9B8", -"8@ c #7EADB7", -"9@ c #7EACB7", -"0@ c #7DABB6", -"a@ c #7DAEBA", -"b@ c #E5F2F4", -"c@ c #F3F9F7", -"d@ c #91C3B3", -"e@ c #89BDAD", -"f@ c #8CBEAE", -"g@ c #8BBEAE", -"h@ c #8BBDAD", -"i@ c #8DCDBD", -"j@ c #8DD3C4", -"k@ c #8CD1C2", -"l@ c #8FD3C4", -"m@ c #86D0BF", -"n@ c #E2F4EF", -"o@ c #FCFCFB", -"p@ c #C5C5C4", -"q@ c #949493", -"r@ c #989897", -"s@ c #C4C4C4", -"t@ c #F8F9F9", -"u@ c #A5A5A5", -"v@ c #8E8E8D", -"w@ c #CBCBCB", -"x@ c #FAFCFC", -"y@ c #FAFCFB", -"z@ c #F0F1F0", -"A@ c #FBFEFD", -"B@ c #D2D2D2", -"C@ c #323230", -"D@ c #F0F0EF", -"E@ c #3A3A38", -"F@ c #CCCCCC", -"G@ c #A8A8A7", -"H@ c #ABABAB", -"I@ c #EEEEEE", -"J@ c #A3A3A3", -"K@ c #ACACAB", -"L@ c #C1C1C0", -"M@ c #898988", -"N@ c #E6E6E6", -"O@ c #A5A5A4", -"P@ c #F5F5F5", -"Q@ c #C0C0BF", -"R@ c #B6B6B5", -"S@ c #CACAC9", -"T@ c #FBFBFB", -"U@ c #C9C9C8", -"V@ c #A6A6A6", -"W@ c #BFBFBE", -"X@ c #D3D3D2", -"Y@ c #5D5D5C", -"Z@ c #E7E7E7", -"`@ c #5A5A58", -" # c #7D7D7C", -".# c #717170", -"+# c #969695", -"@# c #4B4B49", -"## c #434342", -"$# c #959594", -"%# c #2C2C2A", -"&# c #AAAAAA", -"*# c #B5B5B4", -"=# c #393938", -"-# c #646463", -";# c #8A8A89", -"># c #E2E2E1", -",# c #666664", -"'# c #DCDCDC", -")# c #8B8B8A", -"!# c #B7B7B7", -"~# c #9C9C9B", -"{# c #80807F", -"]# c #CDCDCD", -"^# c #979796", -"/# c #888887", -"(# c #010100", -"_# c #B7B7B6", -":# c #8D8D8C", -"<# c #3B3B39", -"[# c #939392", -"}# c #AFAFAE", -"|# c #444442", -"1# c #F3F3F3", -"2# c #474746", -"3# c #626261", -"4# c #585856", -"5# c #A1A1A0", -"6# c #A4A4A3", -"7# c #555553", -"8# c #E1E1E1", -"9# c #8C8C8B", -"0# c #EFEFEF", -"a# c #A4A4A4", -"b# c #A9A9A8", -"c# c #929291", -"d# c #E0E0E0", -"e# c #6F6F6D", -"f# c #ECECEC", -"g# c #F1F1F1", -"h# c #818180", -"i# c #DADADA", -"j# c #7E7E7D", -"k# c #9F9F9E", -"l# c #9C9C9C", -"m# c #8F8F8E", -"n# c #CACACA", -"o# c #BCBCBC", -"p# c #E5E5E5", -"q# c #6A6A69", -"r# c #7C7C7B", -"s# c #A7A7A6", -"t# c #D8D8D8", -"u# c #9A9A99", -"v# c #CDCDCC", -"w# c #A0A09F", -"x# c #F0F0F0", -"y# c #FFFFFE", -"z# c #FDFDFC", -"A# c #FEFEFD", -"B# c #F6F6F6", -" ", -" ", -" ", -" . ", -" . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" + @ @ @ @ @ . . . . . . . . . . . . . . . # # # # # $ $ $ $ $ . ", -" . . . . . . + . . . . . . . . . . . . . $ . . . . . . . . . . . ", -" . % & * = - ; + . . . . . . . . . . . . . > , ' ) ) ! ~ { ] { ^ / . ", -" @ . ( _ : < [ } | . @ . . . . . . . . . > . 1 2 3 4 4 3 5 6 7 8 9 0 . $ ", -" . a . b c d e f g . @ . . . . . . . . . . $ h i j 3 k l m n o p q . # . ", -" . . . . + r s t u v w . a . . . . . . . > . x y z A B C D E F 8 G > . . . . ", -" . . . H . I J K K L M N . + . . . . . + . O P Q R S T U V W l X Y . # . . . ", -" . . . . . a . Z ` ...+.@.. #.. . . . . a . $.%.&.*.=.-.;.>.,.'.).$ . . . . . . ", -" . . . . . @ . !.~.{.].^./.(.. _.. . . > . :.<.[.}.|.1.2.. $ . . . + . . . . . . ", -" . . . . . . . a . 3.4.5.6.7.8.. a . . . > . 9.0.a.b.c.d.. e.> > > # . . . . . . . . ", -" . . . . . . . . + . f.g.h.i.j.k.l.. @ . > . m.n.o.p.q.r.s.. . . . . . . . . . . . . . . ", -" . . . . . . . . . a . t.u.v.v.w.x.. + + . y.z.A.B.B.C.D.. E.. . . . . . . . . . . . . . ", -" . . . . . . . . . . . _.. F.G.H.I.J.K.. y.. L.M.N.O.P.Q.R.. > . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . > . S.T.U.V.W.X.Y.. Z.`. +.+++@+#+$+%+. > + + + + . . . . . . . . . . ", -" . . . . . . . . . . . . #.. &+*+=+-+;+>+. ,+'+)+!+~+{+]+^+/+. . . . . + + . . . . . . . . . ", -" . . . . . . . . . . . . _.. (+_+:+<+[+}+|+1+2+3+4+5+6+7+8+9+0+. a+b+b+c+$ . . . . . . . . . ", -" . . . . . . . . . . . . #.. d+e+f+g+h+i+j+k+l+m+n+o+p+q+r+s+t+u+v+w+x+y+. # . . . . . . ", -" . . . . . . . . . . . . . . z+A+B+C+D+E+F+G+H+I+. J+K+L+M+N+O+P+Q+R+S+T+. a . . . . . . ", -" . . . . . . . . . . . . #.. U+V+W+X+Y+Z+`+ @.@. +@@@#@$@%@&@*@=@-@;@>@,@. > . . . . ", -" . . . . . . . . . . . . > . '@)@!@~@{@]@^@. /@. (@_@:@<@[@}@|@1@2@3@4@> . + . . ", -" . . . . . . # 5@. c+# . # . 6@7@8@9@0@a@b@. c+. c@d@e@f@g@h@i@j@k@l@m@n@. # . . ", -" . . . . . . . # . . o@5@# 5@. . . . . . . . 5@5@. . . . . . . . . . . . . . ", -" . . . c+. p@q@. r@s@. c+. . _.# . + t@u@v@w@. c+> x@> $ . . y@z@+ A@+ . . . ", -" . . c+. B@C@D@E@F@G@H@I@J@K@L@M@N@G@O@. P@Q@R@S@T@U@w@V@W@X@Y@Z@. # . . ", -" . . . # . `@ #.#+#@###$#%#&#*#=#-#;#>#. c+,#'#)#!#~#{#]#^#G@/#T@. . . . ", -" . . T@. r@(#_#:#<#[#}#|#1#2#3#4#5#6#. I@ #. w@7#8#9#0#a#b#c#. c+. . ", -" . # . d#e#f#g#h#9#i#[#c+q@j#k#T@l#m#n#o#. p#q#. r#/#s#. +#t#. # ", -" . . . # . # . . . . . . . . . # . . . # . u#v#. w#x#. # . . . . ", -" . . # 5@y## 5@c+# z#. 5@5@z#. 5@# # A## B## . . # c+# c+. . ", -" . . . . . . . . . . . . . . . . . . . . # # . # . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . . . ", -" . . . . . . . . . . . . . . . . . . . . . . . . ", -" . ", -" ", -" ", -" "}; +/* XPM */ +static const char *VeraCryptIcon48x48[] = { +"48 48 435 2", +" c None", +". c #FFFFFF", +"+ c #FEFFFF", +"@ c #FDFEFF", +"# c #FEFEFE", +"$ c #FEFFFE", +"% c #EFF9FC", +"& c #CDEEF7", +"* c #D5F1F8", +"= c #D3F0F8", +"- c #D1EFF8", +"; c #DBF2F9", +"> c #FDFEFE", +", c #E7F5F1", +"' c #E4F3EF", +") c #E5F4EF", +"! c #E4F3EE", +"~ c #EAF6F2", +"{ c #EDF6F3", +"] c #ECF6F3", +"^ c #EAF5F1", +"/ c #F8FCFA", +"( c #EAF8FC", +"_ c #1CB1DB", +": c #01A8D7", +"< c #07ABD8", +"[ c #04AAD8", +"} c #0DA8D5", +"| c #CFEDF6", +"1 c #CFECE4", +"2 c #5ABA9D", +"3 c #6CBFA4", +"4 c #69BEA3", +"5 c #8ACAB3", +"6 c #96CFBA", +"7 c #95CEB9", +"8 c #93CEB8", +"9 c #9BD2BE", +"0 c #F4FAF8", +"a c #FCFEFE", +"b c #99DCEF", +"c c #00A5D5", +"d c #0BADD9", +"e c #0DABD8", +"f c #00A1D0", +"g c #4EBEDF", +"h c #73C6AE", +"i c #4AB696", +"j c #6ABFA4", +"k c #6ABEA3", +"l c #7EC5AD", +"m c #86C9B2", +"n c #92CDB8", +"o c #99D0BC", +"p c #8FCCB5", +"q c #D0EAE0", +"r c #3ABBE0", +"s c #00A8D7", +"t c #10A8D5", +"u c #12A7D3", +"v c #01A1D1", +"w c #AEE1F0", +"x c #B7E2D5", +"y c #46B494", +"z c #53BA9C", +"A c #5ABB9E", +"B c #6CBFA5", +"C c #74C2A9", +"D c #88C9B3", +"E c #85C8B1", +"F c #8BCBB5", +"G c #A8D7C6", +"H c #FCFEFF", +"I c #BCE8F5", +"J c #03A6D5", +"K c #0FA7D3", +"L c #05A3D2", +"M c #2FB3D9", +"N c #F6FCFD", +"O c #F1F9F7", +"P c #61BFA3", +"Q c #4FB899", +"R c #54B99C", +"S c #53B99B", +"T c #5FBC9F", +"U c #7CC4AB", +"V c #80C5AE", +"W c #7FC5AD", +"X c #88C9B2", +"Y c #E1F1EB", +"Z c #63BFE1", +"` c #0898CF", +" . c #1AA0D3", +".. c #1BA1D3", +"+. c #0697CE", +"@. c #91CBE7", +"#. c #FCFDFE", +"$. c #91D5C4", +"%. c #3BB392", +"&. c #4BB99C", +"*. c #4BB99B", +"=. c #3CB393", +"-. c #8DD2BF", +";. c #E8F4EF", +">. c #DBEFE8", +",. c #DDF0E9", +"'. c #DCEFE8", +"). c #E2F2EC", +"!. c #DDF0F8", +"~. c #209ED2", +"{. c #199AD1", +"]. c #1C9DD2", +"^. c #1C94CF", +"/. c #2C90CF", +"(. c #E3F1F9", +"_. c #FEFEFF", +":. c #D9F1EB", +"<. c #31B394", +"[. c #3EB697", +"}. c #46B89A", +"|. c #40B697", +"1. c #4FBB9F", +"2. c #EDF8F5", +"3. c #89CCE7", +"4. c #0995CE", +"5. c #1E9DD1", +"6. c #2690CE", +"7. c #1585CA", +"8. c #72B6DF", +"9. c #6CC7B1", +"0. c #26AD8D", +"a. c #38B495", +"b. c #47B799", +"c. c #37B291", +"d. c #ACDFD2", +"e. c #FAFDFD", +"f. c #F4FAFD", +"g. c #34A9D7", +"h. c #1891CE", +"i. c #268DCD", +"j. c #248ECD", +"k. c #1C8ACC", +"l. c #C8E3F3", +"m. c #BEEAE0", +"n. c #2AB493", +"o. c #37B999", +"p. c #34B899", +"q. c #36B797", +"r. c #67C5AC", +"s. c #FBFDFD", +"t. c #ADD9ED", +"u. c #1785C8", +"v. c #288CCC", +"w. c #1A85C9", +"x. c #54A3D6", +"y. c #F9FCFD", +"z. c #4DA991", +"A. c #26987A", +"B. c #2F9C7F", +"C. c #249779", +"D. c #BCE2D8", +"E. c #FCFEFD", +"F. c #5CA2D4", +"G. c #1D80C4", +"H. c #2B87C8", +"I. c #2C89C8", +"J. c #1575BC", +"K. c #A8C9E4", +"L. c #9DD8DE", +"M. c #177A73", +"N. c #236046", +"O. c #20654D", +"P. c #22614A", +"Q. c #196F54", +"R. c #7FC5B3", +"S. c #CEE4F2", +"T. c #2384C6", +"U. c #2987C8", +"V. c #2884C6", +"W. c #1A73BA", +"X. c #3684C2", +"Y. c #EFF6FA", +"Z. c #E6F4F5", +"`. c #37A9B2", +" + c #2AA2AA", +".+ c #246F5B", +"++ c #21664D", +"@+ c #226951", +"#+ c #2E997C", +"$+ c #289E7F", +"%+ c #CCE7E0", +"&+ c #7BB4DC", +"*+ c #1A7FC4", +"=+ c #267DC0", +"-+ c #2378BC", +";+ c #106DB7", +">+ c #83B4DA", +",+ c #79C4CB", +"'+ c #1E9DA6", +")+ c #31AAB5", +"!+ c #29908D", +"~+ c #215F45", +"{+ c #288469", +"]+ c #33A586", +"^+ c #24997A", +"/+ c #5EB59E", +"(+ c #E8F3FA", +"_+ c #3187C6", +":+ c #1C74BB", +"<+ c #2278BD", +"[+ c #1D75BB", +"}+ c #2C7CC0", +"|+ c #ABD5E3", +"1+ c #2FA6AD", +"2+ c #2CA3AD", +"3+ c #2DA4AD", +"4+ c #2EA5AF", +"5+ c #1E7B6A", +"6+ c #2E9A7B", +"7+ c #30A082", +"8+ c #32A083", +"9+ c #229979", +"0+ c #B1DBD0", +"a+ c #F9FCFB", +"b+ c #FCFDFD", +"c+ c #FDFDFD", +"d+ c #9BBBDC", +"e+ c #1960AD", +"f+ c #2D6EB4", +"g+ c #296CB3", +"h+ c #2768B1", +"i+ c #1A7798", +"j+ c #2F9DAF", +"k+ c #2F99AF", +"l+ c #309AAF", +"m+ c #2B98B0", +"n+ c #81C2C3", +"o+ c #329374", +"p+ c #298E72", +"q+ c #2C8F72", +"r+ c #298E71", +"s+ c #309174", +"t+ c #4DA78F", +"u+ c #4AA78E", +"v+ c #4BA88F", +"w+ c #49A58C", +"x+ c #4FB098", +"y+ c #E3F5F1", +"z+ c #FAFBFD", +"A+ c #4C80BD", +"B+ c #2263AD", +"C+ c #2E6AB5", +"D+ c #21689E", +"E+ c #0B6274", +"F+ c #278AA2", +"G+ c #349CB3", +"H+ c #2492AA", +"I+ c #5BADBF", +"J+ c #77B6A3", +"K+ c #1B8466", +"L+ c #2D8E72", +"M+ c #2A8C6F", +"N+ c #258565", +"O+ c #238D6E", +"P+ c #28987A", +"Q+ c #279577", +"R+ c #2A987B", +"S+ c #17A282", +"T+ c #77CAB8", +"U+ c #BCD0E6", +"V+ c #2062AE", +"W+ c #2F6DB2", +"X+ c #156983", +"Y+ c #0F6578", +"Z+ c #187187", +"`+ c #349CB2", +" @ c #2995AD", +".@ c #CBE5EB", +"+@ c #E3F0ED", +"@@ c #329276", +"#@ c #2A8D71", +"$@ c #2D8C6E", +"%@ c #2B896A", +"&@ c #2C8A6C", +"*@ c #329A7E", +"=@ c #339A7E", +"-@ c #32A68A", +";@ c #31B094", +">@ c #29AB8D", +",@ c #CDEBE5", +"'@ c #6894CB", +")@ c #005487", +"!@ c #015C6D", +"~@ c #015B72", +"{@ c #01586E", +"]@ c #04728B", +"^@ c #7DC1D0", +"/@ c #F9FCFC", +"(@ c #99C9BB", +"_@ c #0E7D5B", +":@ c #197F5E", +"<@ c #177E5D", +"[@ c #177D5C", +"}@ c #1A8463", +"|@ c #1E9778", +"1@ c #1CA687", +"2@ c #1FA788", +"3@ c #12A282", +"4@ c #49B89F", +"5@ c #FCFCFC", +"6@ c #DDE7F1", +"7@ c #79A9B8", +"8@ c #7EADB7", +"9@ c #7EACB7", +"0@ c #7DABB6", +"a@ c #7DAEBA", +"b@ c #E5F2F4", +"c@ c #F3F9F7", +"d@ c #91C3B3", +"e@ c #89BDAD", +"f@ c #8CBEAE", +"g@ c #8BBEAE", +"h@ c #8BBDAD", +"i@ c #8DCDBD", +"j@ c #8DD3C4", +"k@ c #8CD1C2", +"l@ c #8FD3C4", +"m@ c #86D0BF", +"n@ c #E2F4EF", +"o@ c #FCFCFB", +"p@ c #C5C5C4", +"q@ c #949493", +"r@ c #989897", +"s@ c #C4C4C4", +"t@ c #F8F9F9", +"u@ c #A5A5A5", +"v@ c #8E8E8D", +"w@ c #CBCBCB", +"x@ c #FAFCFC", +"y@ c #FAFCFB", +"z@ c #F0F1F0", +"A@ c #FBFEFD", +"B@ c #D2D2D2", +"C@ c #323230", +"D@ c #F0F0EF", +"E@ c #3A3A38", +"F@ c #CCCCCC", +"G@ c #A8A8A7", +"H@ c #ABABAB", +"I@ c #EEEEEE", +"J@ c #A3A3A3", +"K@ c #ACACAB", +"L@ c #C1C1C0", +"M@ c #898988", +"N@ c #E6E6E6", +"O@ c #A5A5A4", +"P@ c #F5F5F5", +"Q@ c #C0C0BF", +"R@ c #B6B6B5", +"S@ c #CACAC9", +"T@ c #FBFBFB", +"U@ c #C9C9C8", +"V@ c #A6A6A6", +"W@ c #BFBFBE", +"X@ c #D3D3D2", +"Y@ c #5D5D5C", +"Z@ c #E7E7E7", +"`@ c #5A5A58", +" # c #7D7D7C", +".# c #717170", +"+# c #969695", +"@# c #4B4B49", +"## c #434342", +"$# c #959594", +"%# c #2C2C2A", +"&# c #AAAAAA", +"*# c #B5B5B4", +"=# c #393938", +"-# c #646463", +";# c #8A8A89", +"># c #E2E2E1", +",# c #666664", +"'# c #DCDCDC", +")# c #8B8B8A", +"!# c #B7B7B7", +"~# c #9C9C9B", +"{# c #80807F", +"]# c #CDCDCD", +"^# c #979796", +"/# c #888887", +"(# c #010100", +"_# c #B7B7B6", +":# c #8D8D8C", +"<# c #3B3B39", +"[# c #939392", +"}# c #AFAFAE", +"|# c #444442", +"1# c #F3F3F3", +"2# c #474746", +"3# c #626261", +"4# c #585856", +"5# c #A1A1A0", +"6# c #A4A4A3", +"7# c #555553", +"8# c #E1E1E1", +"9# c #8C8C8B", +"0# c #EFEFEF", +"a# c #A4A4A4", +"b# c #A9A9A8", +"c# c #929291", +"d# c #E0E0E0", +"e# c #6F6F6D", +"f# c #ECECEC", +"g# c #F1F1F1", +"h# c #818180", +"i# c #DADADA", +"j# c #7E7E7D", +"k# c #9F9F9E", +"l# c #9C9C9C", +"m# c #8F8F8E", +"n# c #CACACA", +"o# c #BCBCBC", +"p# c #E5E5E5", +"q# c #6A6A69", +"r# c #7C7C7B", +"s# c #A7A7A6", +"t# c #D8D8D8", +"u# c #9A9A99", +"v# c #CDCDCC", +"w# c #A0A09F", +"x# c #F0F0F0", +"y# c #FFFFFE", +"z# c #FDFDFC", +"A# c #FEFEFD", +"B# c #F6F6F6", +" ", +" ", +" ", +" . ", +" . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" + @ @ @ @ @ . . . . . . . . . . . . . . . # # # # # $ $ $ $ $ . ", +" . . . . . . + . . . . . . . . . . . . . $ . . . . . . . . . . . ", +" . % & * = - ; + . . . . . . . . . . . . . > , ' ) ) ! ~ { ] { ^ / . ", +" @ . ( _ : < [ } | . @ . . . . . . . . . > . 1 2 3 4 4 3 5 6 7 8 9 0 . $ ", +" . a . b c d e f g . @ . . . . . . . . . . $ h i j 3 k l m n o p q . # . ", +" . . . . + r s t u v w . a . . . . . . . > . x y z A B C D E F 8 G > . . . . ", +" . . . H . I J K K L M N . + . . . . . + . O P Q R S T U V W l X Y . # . . . ", +" . . . . . a . Z ` ...+.@.. #.. . . . . a . $.%.&.*.=.-.;.>.,.'.).$ . . . . . . ", +" . . . . . @ . !.~.{.].^./.(.. _.. . . > . :.<.[.}.|.1.2.. $ . . . + . . . . . . ", +" . . . . . . . a . 3.4.5.6.7.8.. a . . . > . 9.0.a.b.c.d.. e.> > > # . . . . . . . . ", +" . . . . . . . . + . f.g.h.i.j.k.l.. @ . > . m.n.o.p.q.r.s.. . . . . . . . . . . . . . . ", +" . . . . . . . . . a . t.u.v.v.w.x.. + + . y.z.A.B.B.C.D.. E.. . . . . . . . . . . . . . ", +" . . . . . . . . . . . _.. F.G.H.I.J.K.. y.. L.M.N.O.P.Q.R.. > . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . > . S.T.U.V.W.X.Y.. Z.`. +.+++@+#+$+%+. > + + + + . . . . . . . . . . ", +" . . . . . . . . . . . . #.. &+*+=+-+;+>+. ,+'+)+!+~+{+]+^+/+. . . . . + + . . . . . . . . . ", +" . . . . . . . . . . . . _.. (+_+:+<+[+}+|+1+2+3+4+5+6+7+8+9+0+. a+b+b+c+$ . . . . . . . . . ", +" . . . . . . . . . . . . #.. d+e+f+g+h+i+j+k+l+m+n+o+p+q+r+s+t+u+v+w+x+y+. # . . . . . . ", +" . . . . . . . . . . . . . . z+A+B+C+D+E+F+G+H+I+. J+K+L+M+N+O+P+Q+R+S+T+. a . . . . . . ", +" . . . . . . . . . . . . #.. U+V+W+X+Y+Z+`+ @.@. +@@@#@$@%@&@*@=@-@;@>@,@. > . . . . ", +" . . . . . . . . . . . . > . '@)@!@~@{@]@^@. /@. (@_@:@<@[@}@|@1@2@3@4@> . + . . ", +" . . . . . . # 5@. c+# . # . 6@7@8@9@0@a@b@. c+. c@d@e@f@g@h@i@j@k@l@m@n@. # . . ", +" . . . . . . . # . . o@5@# 5@. . . . . . . . 5@5@. . . . . . . . . . . . . . ", +" . . . c+. p@q@. r@s@. c+. . _.# . + t@u@v@w@. c+> x@> $ . . y@z@+ A@+ . . . ", +" . . c+. B@C@D@E@F@G@H@I@J@K@L@M@N@G@O@. P@Q@R@S@T@U@w@V@W@X@Y@Z@. # . . ", +" . . . # . `@ #.#+#@###$#%#&#*#=#-#;#>#. c+,#'#)#!#~#{#]#^#G@/#T@. . . . ", +" . . T@. r@(#_#:#<#[#}#|#1#2#3#4#5#6#. I@ #. w@7#8#9#0#a#b#c#. c+. . ", +" . # . d#e#f#g#h#9#i#[#c+q@j#k#T@l#m#n#o#. p#q#. r#/#s#. +#t#. # ", +" . . . # . # . . . . . . . . . # . . . # . u#v#. w#x#. # . . . . ", +" . . # 5@y## 5@c+# z#. 5@5@z#. 5@# # A## B## . . # c+# c+. . ", +" . . . . . . . . . . . . . . . . . . . . # # . # . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . . . ", +" . . . . . . . . . . . . . . . . . . . . . . . . ", +" . ", +" ", +" ", +" "}; diff --git a/src/Setup/ComSetup.cpp b/src/Setup/ComSetup.cpp index 5e45f8e3..24e5262f 100644 --- a/src/Setup/ComSetup.cpp +++ b/src/Setup/ComSetup.cpp @@ -1,103 +1,103 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#define TC_MAIN_COM_VERSION_MAJOR 2 -#define TC_MAIN_COM_VERSION_MINOR 7 - -#define TC_FORMAT_COM_VERSION_MAJOR 2 -#define TC_FORMAT_COM_VERSION_MINOR 5 - -#include -#include -#include -#include -#include "ComSetup.h" -#include "Dlgcode.h" -#include "Resource.h" -#include "../Mount/MainCom_i.c" -#include "../Format/FormatCom_i.c" - - -extern "C" BOOL RegisterComServers (wchar_t *modulePath) -{ - BOOL ret = TRUE; - wchar_t mainModule[1024], formatModule[1024]; - CComPtr tl, tl2; - - wsprintfW (mainModule, L"%sVeraCrypt.exe", modulePath); - wsprintfW (formatModule, L"%sVeraCrypt Format.exe", modulePath); - - UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR, 0, SYS_WIN32); - UnRegisterTypeLib (LIBID_TrueCryptFormatCom, TC_FORMAT_COM_VERSION_MAJOR, TC_FORMAT_COM_VERSION_MINOR, 0, SYS_WIN32); - // unregister older versions that may still exist - UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-3, 0, SYS_WIN32); - UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-2, 0, SYS_WIN32); - UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-1, 0, SYS_WIN32); - UnRegisterTypeLib (LIBID_TrueCryptFormatCom, TC_FORMAT_COM_VERSION_MAJOR, TC_FORMAT_COM_VERSION_MINOR-1, 0, SYS_WIN32); - - wchar_t setupModule[MAX_PATH]; - GetModuleFileNameW (NULL, setupModule, sizeof (setupModule) / sizeof (setupModule[0])); - - CRegObject ro; - HRESULT r; - - if (!SUCCEEDED (r = ro.FinalConstruct ()) - || !SUCCEEDED (r = ro.AddReplacement (L"MAIN_MODULE", mainModule)) - || !SUCCEEDED (r = ro.AddReplacement (L"FORMAT_MODULE", formatModule)) - || !SUCCEEDED (r = ro.ResourceRegister (setupModule, IDR_COMREG, L"REGISTRY")) - || !SUCCEEDED (r = LoadTypeLib (mainModule, &tl)) - || !SUCCEEDED (r = RegisterTypeLib (tl, mainModule, 0)) - || !SUCCEEDED (r = LoadTypeLib (formatModule, &tl2)) - || !SUCCEEDED (r = RegisterTypeLib (tl2, formatModule, 0))) - { - MessageBox (MainDlg, _com_error (r).ErrorMessage(), _T(TC_APP_NAME), MB_ICONERROR); - ret = FALSE; - } - - ro.FinalRelease (); - return ret; -} - - -extern "C" BOOL UnregisterComServers (wchar_t *modulePath) -{ - BOOL ret; - - if (UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR, 0, SYS_WIN32) != S_OK) - return FALSE; - if (UnRegisterTypeLib (LIBID_TrueCryptFormatCom, TC_FORMAT_COM_VERSION_MAJOR, TC_FORMAT_COM_VERSION_MINOR, 0, SYS_WIN32) != S_OK) - return FALSE; - - // unregister older versions that may still exist - UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-3, 0, SYS_WIN32); - UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-2, 0, SYS_WIN32); - UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-1, 0, SYS_WIN32); - UnRegisterTypeLib (LIBID_TrueCryptFormatCom, TC_FORMAT_COM_VERSION_MAJOR, TC_FORMAT_COM_VERSION_MINOR-1, 0, SYS_WIN32); - - wchar_t module[1024]; - CRegObject ro; - ro.FinalConstruct (); - - wsprintfW (module, L"%sVeraCrypt.exe", modulePath); - ro.AddReplacement (L"MAIN_MODULE", module); - - wsprintfW (module, L"%sVeraCrypt Format.exe", modulePath); - ro.AddReplacement (L"FORMAT_MODULE", module); - - wchar_t setupModule[MAX_PATH]; - GetModuleFileNameW (NULL, setupModule, sizeof (setupModule) / sizeof (setupModule[0])); - - ret = ro.ResourceUnregister (setupModule, IDR_COMREG, L"REGISTRY") == S_OK; - - ro.FinalRelease (); - return ret; -} +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#define TC_MAIN_COM_VERSION_MAJOR 2 +#define TC_MAIN_COM_VERSION_MINOR 7 + +#define TC_FORMAT_COM_VERSION_MAJOR 2 +#define TC_FORMAT_COM_VERSION_MINOR 5 + +#include +#include +#include +#include +#include "ComSetup.h" +#include "Dlgcode.h" +#include "Resource.h" +#include "../Mount/MainCom_i.c" +#include "../Format/FormatCom_i.c" + + +extern "C" BOOL RegisterComServers (wchar_t *modulePath) +{ + BOOL ret = TRUE; + wchar_t mainModule[1024], formatModule[1024]; + CComPtr tl, tl2; + + wsprintfW (mainModule, L"%sVeraCrypt.exe", modulePath); + wsprintfW (formatModule, L"%sVeraCrypt Format.exe", modulePath); + + UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR, 0, SYS_WIN32); + UnRegisterTypeLib (LIBID_TrueCryptFormatCom, TC_FORMAT_COM_VERSION_MAJOR, TC_FORMAT_COM_VERSION_MINOR, 0, SYS_WIN32); + // unregister older versions that may still exist + UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-3, 0, SYS_WIN32); + UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-2, 0, SYS_WIN32); + UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-1, 0, SYS_WIN32); + UnRegisterTypeLib (LIBID_TrueCryptFormatCom, TC_FORMAT_COM_VERSION_MAJOR, TC_FORMAT_COM_VERSION_MINOR-1, 0, SYS_WIN32); + + wchar_t setupModule[MAX_PATH]; + GetModuleFileNameW (NULL, setupModule, sizeof (setupModule) / sizeof (setupModule[0])); + + CRegObject ro; + HRESULT r; + + if (!SUCCEEDED (r = ro.FinalConstruct ()) + || !SUCCEEDED (r = ro.AddReplacement (L"MAIN_MODULE", mainModule)) + || !SUCCEEDED (r = ro.AddReplacement (L"FORMAT_MODULE", formatModule)) + || !SUCCEEDED (r = ro.ResourceRegister (setupModule, IDR_COMREG, L"REGISTRY")) + || !SUCCEEDED (r = LoadTypeLib (mainModule, &tl)) + || !SUCCEEDED (r = RegisterTypeLib (tl, mainModule, 0)) + || !SUCCEEDED (r = LoadTypeLib (formatModule, &tl2)) + || !SUCCEEDED (r = RegisterTypeLib (tl2, formatModule, 0))) + { + MessageBox (MainDlg, _com_error (r).ErrorMessage(), _T(TC_APP_NAME), MB_ICONERROR); + ret = FALSE; + } + + ro.FinalRelease (); + return ret; +} + + +extern "C" BOOL UnregisterComServers (wchar_t *modulePath) +{ + BOOL ret; + + if (UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR, 0, SYS_WIN32) != S_OK) + return FALSE; + if (UnRegisterTypeLib (LIBID_TrueCryptFormatCom, TC_FORMAT_COM_VERSION_MAJOR, TC_FORMAT_COM_VERSION_MINOR, 0, SYS_WIN32) != S_OK) + return FALSE; + + // unregister older versions that may still exist + UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-3, 0, SYS_WIN32); + UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-2, 0, SYS_WIN32); + UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-1, 0, SYS_WIN32); + UnRegisterTypeLib (LIBID_TrueCryptFormatCom, TC_FORMAT_COM_VERSION_MAJOR, TC_FORMAT_COM_VERSION_MINOR-1, 0, SYS_WIN32); + + wchar_t module[1024]; + CRegObject ro; + ro.FinalConstruct (); + + wsprintfW (module, L"%sVeraCrypt.exe", modulePath); + ro.AddReplacement (L"MAIN_MODULE", module); + + wsprintfW (module, L"%sVeraCrypt Format.exe", modulePath); + ro.AddReplacement (L"FORMAT_MODULE", module); + + wchar_t setupModule[MAX_PATH]; + GetModuleFileNameW (NULL, setupModule, sizeof (setupModule) / sizeof (setupModule[0])); + + ret = ro.ResourceUnregister (setupModule, IDR_COMREG, L"REGISTRY") == S_OK; + + ro.FinalRelease (); + return ret; +} diff --git a/src/Setup/ComSetup.h b/src/Setup/ComSetup.h index 0e3bbd5f..56e30139 100644 --- a/src/Setup/ComSetup.h +++ b/src/Setup/ComSetup.h @@ -8,15 +8,15 @@ and are governed by the Apache License 2.0 the full text of which is contained in the file License.txt included in VeraCrypt binary and source code distribution packages. -*/ - -#ifdef __cplusplus -extern "C" { -#endif - -BOOL RegisterComServers (wchar_t *modulePath); -BOOL UnregisterComServers (wchar_t *modulePath); - -#ifdef __cplusplus -} -#endif +*/ + +#ifdef __cplusplus +extern "C" { +#endif + +BOOL RegisterComServers (wchar_t *modulePath); +BOOL UnregisterComServers (wchar_t *modulePath); + +#ifdef __cplusplus +} +#endif diff --git a/src/Setup/ComSetup.rgs b/src/Setup/ComSetup.rgs index 19ee8be7..ed927913 100644 --- a/src/Setup/ComSetup.rgs +++ b/src/Setup/ComSetup.rgs @@ -1,92 +1,92 @@ -HKCR -{ - ForceRemove VeraCrypt.1 = s 'VeraCrypt class' - { - CLSID = s '{FE8B3B95-C80C-41f7-830F-FBA271C26F7E}' - } - - ForceRemove VeraCrypt = s 'VeraCrypt class' - { - CLSID = s '{FE8B3B95-C80C-41f7-830F-FBA271C26F7E}' - CurVer = s 'VeraCrypt.1' - } - - NoRemove CLSID - { - ForceRemove {FE8B3B95-C80C-41f7-830F-FBA271C26F7E} = s 'VeraCrypt class' - { - ProgID = s 'VeraCrypt.1' - VersionIndependentProgID = s 'VeraCrypt' - LocalServer32 = s '"%MAIN_MODULE%"' - - TypeLib = s '{9ACF6176-5FC4-4690-A025-B3306A50EB6A}' - - Elevation - { - val Enabled = d 1 - val IconReference = s '@%MAIN_MODULE%,-501' - } - - val AppId = s '{FE8B3B95-C80C-41f7-830F-FBA271C26F7E}' - val LocalizedString = s '@%MAIN_MODULE%,-110' - } - } - - NoRemove AppId - { - ForceRemove {FE8B3B95-C80C-41f7-830F-FBA271C26F7E} = s 'VeraCrypt class' - { - val AccessPermission = b 010004803000000040000000000000001400000002001c000100000000001400070000000101000000000005040000000102000000000005200000002002000001020000000000052000000020020000 - } - - ForceRemove VeraCrypt.exe - { - val AppId = s '{FE8B3B95-C80C-41f7-830F-FBA271C26F7E}' - } - } - - ForceRemove VeraCryptFormat.1 = s 'VeraCryptFormat class' - { - CLSID = s '{A96D3797-9F31-49f4-A0CE-9657392CF789}' - } - - ForceRemove VeraCryptFormat = s 'VeraCryptFormat class' - { - CLSID = s '{A96D3797-9F31-49f4-A0CE-9657392CF789}' - CurVer = s 'VeraCryptFormat.1' - } - - NoRemove CLSID - { - ForceRemove {A96D3797-9F31-49f4-A0CE-9657392CF789} = s 'VeraCryptFormat class' - { - ProgID = s 'VeraCryptFormat.1' - VersionIndependentProgID = s 'VeraCryptFormat' - LocalServer32 = s '"%FORMAT_MODULE%"' - - TypeLib = s '{56327DDA-F1A7-4e13-B128-520D129BDEF6}' - - Elevation - { - val Enabled = d 1 - val IconReference = s '@%FORMAT_MODULE%,-501' - } - - val AppId = s '{A96D3797-9F31-49f4-A0CE-9657392CF789}' - val LocalizedString = s '@%FORMAT_MODULE%,-112' - } - } - - NoRemove AppId - { - ForceRemove {A96D3797-9F31-49f4-A0CE-9657392CF789} = s 'VeraCryptFormat class' - { - val AccessPermission = b 010004803000000040000000000000001400000002001c000100000000001400070000000101000000000005040000000102000000000005200000002002000001020000000000052000000020020000 - } - - ForceRemove 'VeraCrypt Format.exe' - { - val AppId = s '{A96D3797-9F31-49f4-A0CE-9657392CF789}' - } - } +HKCR +{ + ForceRemove VeraCrypt.1 = s 'VeraCrypt class' + { + CLSID = s '{FE8B3B95-C80C-41f7-830F-FBA271C26F7E}' + } + + ForceRemove VeraCrypt = s 'VeraCrypt class' + { + CLSID = s '{FE8B3B95-C80C-41f7-830F-FBA271C26F7E}' + CurVer = s 'VeraCrypt.1' + } + + NoRemove CLSID + { + ForceRemove {FE8B3B95-C80C-41f7-830F-FBA271C26F7E} = s 'VeraCrypt class' + { + ProgID = s 'VeraCrypt.1' + VersionIndependentProgID = s 'VeraCrypt' + LocalServer32 = s '"%MAIN_MODULE%"' + + TypeLib = s '{9ACF6176-5FC4-4690-A025-B3306A50EB6A}' + + Elevation + { + val Enabled = d 1 + val IconReference = s '@%MAIN_MODULE%,-501' + } + + val AppId = s '{FE8B3B95-C80C-41f7-830F-FBA271C26F7E}' + val LocalizedString = s '@%MAIN_MODULE%,-110' + } + } + + NoRemove AppId + { + ForceRemove {FE8B3B95-C80C-41f7-830F-FBA271C26F7E} = s 'VeraCrypt class' + { + val AccessPermission = b 010004803000000040000000000000001400000002001c000100000000001400070000000101000000000005040000000102000000000005200000002002000001020000000000052000000020020000 + } + + ForceRemove VeraCrypt.exe + { + val AppId = s '{FE8B3B95-C80C-41f7-830F-FBA271C26F7E}' + } + } + + ForceRemove VeraCryptFormat.1 = s 'VeraCryptFormat class' + { + CLSID = s '{A96D3797-9F31-49f4-A0CE-9657392CF789}' + } + + ForceRemove VeraCryptFormat = s 'VeraCryptFormat class' + { + CLSID = s '{A96D3797-9F31-49f4-A0CE-9657392CF789}' + CurVer = s 'VeraCryptFormat.1' + } + + NoRemove CLSID + { + ForceRemove {A96D3797-9F31-49f4-A0CE-9657392CF789} = s 'VeraCryptFormat class' + { + ProgID = s 'VeraCryptFormat.1' + VersionIndependentProgID = s 'VeraCryptFormat' + LocalServer32 = s '"%FORMAT_MODULE%"' + + TypeLib = s '{56327DDA-F1A7-4e13-B128-520D129BDEF6}' + + Elevation + { + val Enabled = d 1 + val IconReference = s '@%FORMAT_MODULE%,-501' + } + + val AppId = s '{A96D3797-9F31-49f4-A0CE-9657392CF789}' + val LocalizedString = s '@%FORMAT_MODULE%,-112' + } + } + + NoRemove AppId + { + ForceRemove {A96D3797-9F31-49f4-A0CE-9657392CF789} = s 'VeraCryptFormat class' + { + val AccessPermission = b 010004803000000040000000000000001400000002001c000100000000001400070000000101000000000005040000000102000000000005200000002002000001020000000000052000000020020000 + } + + ForceRemove 'VeraCrypt Format.exe' + { + val AppId = s '{A96D3797-9F31-49f4-A0CE-9657392CF789}' + } + } } \ No newline at end of file diff --git a/src/Setup/Dir.c b/src/Setup/Dir.c index c4bab5d6..342ff748 100644 --- a/src/Setup/Dir.c +++ b/src/Setup/Dir.c @@ -1,110 +1,110 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" - -#include -#include -#include -#include -#include -#include -#include - -#include "Dir.h" - -/* create full directory tree. returns 0 for success, -1 if failure */ -int -mkfulldir (wchar_t *oriPath, BOOL bCheckonly) -{ - struct _stat st; - wchar_t *uniq_file; - wchar_t path [TC_MAX_PATH]; - - StringCbCopyW (path, TC_MAX_PATH, oriPath); - - if (wcslen (path) == 3 && path[1] == L':') - goto is_root; /* keep final slash in root if present */ - - /* strip final forward or backslash if we have one! */ - uniq_file = wcsrchr (path, L'\\'); - if (uniq_file && uniq_file[1] == L'\0') - uniq_file[0] = L'\0'; - else - { - uniq_file = wcsrchr (path, L'/'); - if (uniq_file && uniq_file[1] == L'\0') - uniq_file[0] = L'\0'; - } - - is_root: - if (bCheckonly) - return _wstat (path, &st); - - if (_wstat (path, &st)) - return mkfulldir_internal (path); - else - return 0; -} - - -int -mkfulldir_internal (wchar_t *path) -{ - wchar_t *token; - struct _stat st; - static wchar_t tokpath[_MAX_PATH]; - static wchar_t trail[_MAX_PATH]; - - StringCbCopyW (tokpath, _MAX_PATH, path); - trail[0] = L'\0'; - - token = wcstok (tokpath, L"\\/"); - - if (tokpath[0] == L'\\' && tokpath[1] == L'\\') - { /* unc */ - trail[0] = tokpath[0]; - trail[1] = tokpath[1]; - trail[2] = L'\0'; - if (token) - { - StringCbCatW (trail, _MAX_PATH, token); - StringCbCatW (trail, _MAX_PATH, L"\\"); - token = wcstok (NULL, L"\\/"); - if (token) - { /* get share name */ - StringCbCatW (trail, _MAX_PATH, token); - StringCbCatW (trail, _MAX_PATH, L"\\"); - } - token = wcstok (NULL, L"\\/"); - } - } - - if (tokpath[1] == L':') - { /* drive letter */ - StringCbCatW (trail, _MAX_PATH, tokpath); - StringCbCatW (trail, _MAX_PATH, L"\\"); - token = wcstok (NULL, L"\\/"); - } - - while (token != NULL) - { - int x; - StringCbCatW (trail, _MAX_PATH, token); - x = _wmkdir (trail); - StringCbCatW (trail, _MAX_PATH, L"\\"); - token = wcstok (NULL, L"\\/"); - } - - return _wstat (path, &st); -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" + +#include +#include +#include +#include +#include +#include +#include + +#include "Dir.h" + +/* create full directory tree. returns 0 for success, -1 if failure */ +int +mkfulldir (wchar_t *oriPath, BOOL bCheckonly) +{ + struct _stat st; + wchar_t *uniq_file; + wchar_t path [TC_MAX_PATH]; + + StringCbCopyW (path, TC_MAX_PATH, oriPath); + + if (wcslen (path) == 3 && path[1] == L':') + goto is_root; /* keep final slash in root if present */ + + /* strip final forward or backslash if we have one! */ + uniq_file = wcsrchr (path, L'\\'); + if (uniq_file && uniq_file[1] == L'\0') + uniq_file[0] = L'\0'; + else + { + uniq_file = wcsrchr (path, L'/'); + if (uniq_file && uniq_file[1] == L'\0') + uniq_file[0] = L'\0'; + } + + is_root: + if (bCheckonly) + return _wstat (path, &st); + + if (_wstat (path, &st)) + return mkfulldir_internal (path); + else + return 0; +} + + +int +mkfulldir_internal (wchar_t *path) +{ + wchar_t *token; + struct _stat st; + static wchar_t tokpath[_MAX_PATH]; + static wchar_t trail[_MAX_PATH]; + + StringCbCopyW (tokpath, _MAX_PATH, path); + trail[0] = L'\0'; + + token = wcstok (tokpath, L"\\/"); + + if (tokpath[0] == L'\\' && tokpath[1] == L'\\') + { /* unc */ + trail[0] = tokpath[0]; + trail[1] = tokpath[1]; + trail[2] = L'\0'; + if (token) + { + StringCbCatW (trail, _MAX_PATH, token); + StringCbCatW (trail, _MAX_PATH, L"\\"); + token = wcstok (NULL, L"\\/"); + if (token) + { /* get share name */ + StringCbCatW (trail, _MAX_PATH, token); + StringCbCatW (trail, _MAX_PATH, L"\\"); + } + token = wcstok (NULL, L"\\/"); + } + } + + if (tokpath[1] == L':') + { /* drive letter */ + StringCbCatW (trail, _MAX_PATH, tokpath); + StringCbCatW (trail, _MAX_PATH, L"\\"); + token = wcstok (NULL, L"\\/"); + } + + while (token != NULL) + { + int x; + StringCbCatW (trail, _MAX_PATH, token); + x = _wmkdir (trail); + StringCbCatW (trail, _MAX_PATH, L"\\"); + token = wcstok (NULL, L"\\/"); + } + + return _wstat (path, &st); +} diff --git a/src/Setup/Dir.h b/src/Setup/Dir.h index 42707a38..2126bb42 100644 --- a/src/Setup/Dir.h +++ b/src/Setup/Dir.h @@ -1,23 +1,23 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifdef __cplusplus -extern "C" { -#endif - -int mkfulldir ( wchar_t *path , BOOL bCheckonly ); -int mkfulldir_internal ( wchar_t *path ); - -#ifdef __cplusplus -} -#endif +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifdef __cplusplus +extern "C" { +#endif + +int mkfulldir ( wchar_t *path , BOOL bCheckonly ); +int mkfulldir_internal ( wchar_t *path ); + +#ifdef __cplusplus +} +#endif diff --git a/src/Setup/Resource.h b/src/Setup/Resource.h index 2baaefe0..bbbd4766 100644 --- a/src/Setup/Resource.h +++ b/src/Setup/Resource.h @@ -1,64 +1,64 @@ -//{{NO_DEPENDENCIES}} -// Microsoft Visual C++ generated include file. -// Used by Setup.rc -// -#define IDR_COMREG 10 -#define IDD_INSTALL 101 -#define IDD_INSTALL_OPTIONS_PAGE_DLG 102 -#define IDD_UNINSTALL 103 -#define IDI_SETUP 104 -#define IDR_SETUP_RSRC_HEADER 105 -#define IDD_EXTRACTION_OPTIONS_PAGE_DLG 106 -#define IDB_SETUP_WIZARD 107 -#define IDD_INTRO_PAGE_DLG 108 -#define IDB_SETUP_WIZARD_BKG 109 -#define IDD_INFO_PAGE_DLG 110 -#define IDD_INSTL_DLG 111 -#define IDD_WIZARD_MODE_PAGE_DLG 112 -#define IDD_PROGRESS_PAGE_DLG 113 -#define IDD_DONATIONS_PAGE_DLG 114 -#define IDC_DESTINATION 1000 -#define IDC_BOX_TITLE 1001 -#define IDC_BROWSE 1002 -#define IDC_BOX_INFO 1003 -#define IDC_LICENSE 1004 -#define IDC_BOX_HELP 1005 -#define IDC_LICENSE_TEXT 1006 -#define IDC_BOX_HELP2 1007 -#define IDC_FILE_TYPE 1008 -#define IDT_UNINSTALL_DIR 1009 -#define IDC_PROG_GROUP 1010 -#define IDC_SYSTEM_RESTORE 1011 -#define IDC_DESKTOP_ICON 1012 -#define IDC_ALL_USERS 1013 -#define IDT_INSTALL_DESTINATION 1014 -#define IDC_UNINSTALL 1015 -#define IDC_PROGRESS_BAR 1016 -#define IDC_LOG_WINDOW 1017 -#define IDC_SETUP_WIZARD_BKG 1018 -#define IDC_SETUP_WIZARD_GFX_AREA 1019 -#define IDC_HR 1020 -#define IDC_OPEN_CONTAINING_FOLDER 1021 -#define IDC_AGREE 1022 -#define IDC_HR_BOTTOM 1023 -#define IDC_WIZARD_MODE_INSTALL 1024 -#define IDC_WIZARD_MODE_EXTRACT_ONLY 1025 -#define IDC_NEXT 1026 -#define IDC_PREV 1027 -#define IDT_EXTRACT_DESTINATION 1028 -#define IDC_POS_BOX 1029 -#define IDC_BITMAP_SETUP_WIZARD 1030 -#define IDC_MAIN_CONTENT_CANVAS 1031 -#define IDC_DONATE 1032 - -// Next default values for new objects -// -#ifdef APSTUDIO_INVOKED -#ifndef APSTUDIO_READONLY_SYMBOLS -#define _APS_NO_MFC 1 -#define _APS_NEXT_RESOURCE_VALUE 115 -#define _APS_NEXT_COMMAND_VALUE 40001 -#define _APS_NEXT_CONTROL_VALUE 1033 -#define _APS_NEXT_SYMED_VALUE 101 -#endif -#endif +//{{NO_DEPENDENCIES}} +// Microsoft Visual C++ generated include file. +// Used by Setup.rc +// +#define IDR_COMREG 10 +#define IDD_INSTALL 101 +#define IDD_INSTALL_OPTIONS_PAGE_DLG 102 +#define IDD_UNINSTALL 103 +#define IDI_SETUP 104 +#define IDR_SETUP_RSRC_HEADER 105 +#define IDD_EXTRACTION_OPTIONS_PAGE_DLG 106 +#define IDB_SETUP_WIZARD 107 +#define IDD_INTRO_PAGE_DLG 108 +#define IDB_SETUP_WIZARD_BKG 109 +#define IDD_INFO_PAGE_DLG 110 +#define IDD_INSTL_DLG 111 +#define IDD_WIZARD_MODE_PAGE_DLG 112 +#define IDD_PROGRESS_PAGE_DLG 113 +#define IDD_DONATIONS_PAGE_DLG 114 +#define IDC_DESTINATION 1000 +#define IDC_BOX_TITLE 1001 +#define IDC_BROWSE 1002 +#define IDC_BOX_INFO 1003 +#define IDC_LICENSE 1004 +#define IDC_BOX_HELP 1005 +#define IDC_LICENSE_TEXT 1006 +#define IDC_BOX_HELP2 1007 +#define IDC_FILE_TYPE 1008 +#define IDT_UNINSTALL_DIR 1009 +#define IDC_PROG_GROUP 1010 +#define IDC_SYSTEM_RESTORE 1011 +#define IDC_DESKTOP_ICON 1012 +#define IDC_ALL_USERS 1013 +#define IDT_INSTALL_DESTINATION 1014 +#define IDC_UNINSTALL 1015 +#define IDC_PROGRESS_BAR 1016 +#define IDC_LOG_WINDOW 1017 +#define IDC_SETUP_WIZARD_BKG 1018 +#define IDC_SETUP_WIZARD_GFX_AREA 1019 +#define IDC_HR 1020 +#define IDC_OPEN_CONTAINING_FOLDER 1021 +#define IDC_AGREE 1022 +#define IDC_HR_BOTTOM 1023 +#define IDC_WIZARD_MODE_INSTALL 1024 +#define IDC_WIZARD_MODE_EXTRACT_ONLY 1025 +#define IDC_NEXT 1026 +#define IDC_PREV 1027 +#define IDT_EXTRACT_DESTINATION 1028 +#define IDC_POS_BOX 1029 +#define IDC_BITMAP_SETUP_WIZARD 1030 +#define IDC_MAIN_CONTENT_CANVAS 1031 +#define IDC_DONATE 1032 + +// Next default values for new objects +// +#ifdef APSTUDIO_INVOKED +#ifndef APSTUDIO_READONLY_SYMBOLS +#define _APS_NO_MFC 1 +#define _APS_NEXT_RESOURCE_VALUE 115 +#define _APS_NEXT_COMMAND_VALUE 40001 +#define _APS_NEXT_CONTROL_VALUE 1033 +#define _APS_NEXT_SYMED_VALUE 101 +#endif +#endif diff --git a/src/Setup/SelfExtract.c b/src/Setup/SelfExtract.c index 42326efc..e427e44c 100644 --- a/src/Setup/SelfExtract.c +++ b/src/Setup/SelfExtract.c @@ -1,788 +1,788 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Tcdefs.h" - -#include "Inflate.h" -#include "SelfExtract.h" -#include "Wizard.h" -#include "Setup.h" -#include "Crc.h" -#include "Endian.h" -#include "Dlgcode.h" -#include "Dir.h" -#include "Language.h" -#include "Resource.h" -#include -#include - -#ifndef SRC_POS -#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) -#endif - -#define OutputPackageFile L"VeraCrypt Setup " _T(VERSION_STRING) L".exe" - -#define MAG_START_MARKER "TCINSTRT" -#define MAG_END_MARKER_OBFUSCATED "T/C/I/N/S/C/R/C" -#define PIPE_BUFFER_LEN (4 * BYTES_PER_KB) - -unsigned char MagEndMarker [sizeof (MAG_END_MARKER_OBFUSCATED)]; -wchar_t DestExtractPath [TC_MAX_PATH]; -DECOMPRESSED_FILE Decompressed_Files [NBR_COMPRESSED_FILES]; - -volatile char *PipeWriteBuf = NULL; -volatile HANDLE hChildStdinWrite = INVALID_HANDLE_VALUE; -unsigned char *DecompressedData = NULL; - - - -void SelfExtractStartupInit (void) -{ - DeobfuscateMagEndMarker (); -} - - -// The end marker must be included in the self-extracting exe only once, not twice (used e.g. -// by IsSelfExtractingPackage()) and that's why MAG_END_MARKER_OBFUSCATED is obfuscated and -// needs to be deobfuscated using this function at startup. -static void DeobfuscateMagEndMarker (void) -{ - int i; - - for (i = 0; i < sizeof (MAG_END_MARKER_OBFUSCATED); i += 2) - MagEndMarker [i/2] = MAG_END_MARKER_OBFUSCATED [i]; - - MagEndMarker [i/2] = 0; -} - - -static void PkgError (wchar_t *msg) -{ - MessageBox (NULL, msg, L"VeraCrypt", MB_ICONERROR | MB_SETFOREGROUND | MB_TOPMOST); -} - - -static void PkgWarning (wchar_t *msg) -{ - MessageBox (NULL, msg, L"VeraCrypt", MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); -} - - -static void PkgInfo (wchar_t *msg) -{ - MessageBox (NULL, msg, L"VeraCrypt", MB_ICONINFORMATION | MB_SETFOREGROUND | MB_TOPMOST); -} - - -// Returns 0 if decompression fails or, if successful, returns the size of the decompressed data -static int DecompressBuffer (char *out, char *in, int len) -{ - return (DecompressDeflatedData (out, in, len)); // Inflate -} - - -static void __cdecl PipeWriteThread (void *len) -{ - int sendBufSize = PIPE_BUFFER_LEN, bytesSent = 0; - int bytesToSend = *((int *) len), bytesSentTotal = 0; - - if (PipeWriteBuf == NULL || (HANDLE) hChildStdinWrite == INVALID_HANDLE_VALUE) - { - PkgError (L"Failed sending data to the STDIN pipe"); - return; - } - - while (bytesToSend > 0) - { - if (bytesToSend < PIPE_BUFFER_LEN) - sendBufSize = bytesToSend; - - if (!WriteFile ((HANDLE) hChildStdinWrite, (char *) PipeWriteBuf + bytesSentTotal, sendBufSize, &bytesSent, NULL) - || bytesSent == 0 - || bytesSent != sendBufSize) - { - PkgError (L"Failed sending data to the STDIN pipe"); - return; - } - - bytesToSend -= bytesSent; - bytesSentTotal += bytesSent; - } - - // Closing the pipe causes the child process to stop reading from it - - if (!CloseHandle (hChildStdinWrite)) - { - PkgError (L"Cannot close pipe"); - return; - } -} - - -// Returns 0 if compression fails or, if successful, the size of the compressed data -static int CompressBuffer (char *out, char *in, int len) -{ - SECURITY_ATTRIBUTES securityAttrib; - DWORD bytesReceived = 0; - HANDLE hChildStdoutWrite = INVALID_HANDLE_VALUE; - HANDLE hChildStdoutRead = INVALID_HANDLE_VALUE; - HANDLE hChildStdinRead = INVALID_HANDLE_VALUE; - STARTUPINFO startupInfo; - PROCESS_INFORMATION procInfo; - char pipeBuffer [PIPE_BUFFER_LEN]; - int res_len = 0; - BOOL bGzipHeaderRead = FALSE; - wchar_t szGzipCmd[64]; - - ZeroMemory (&startupInfo, sizeof (startupInfo)); - ZeroMemory (&procInfo, sizeof (procInfo)); - - // Pipe handle inheritance - securityAttrib.bInheritHandle = TRUE; - securityAttrib.nLength = sizeof (securityAttrib); - securityAttrib.lpSecurityDescriptor = NULL; - - if (!CreatePipe (&hChildStdoutRead, &hChildStdoutWrite, &securityAttrib, 0)) - { - PkgError (L"Cannot create STDOUT pipe."); - return 0; - } - SetHandleInformation (hChildStdoutRead, HANDLE_FLAG_INHERIT, 0); - - if (!CreatePipe (&hChildStdinRead, &((HANDLE) hChildStdinWrite), &securityAttrib, 0)) - { - PkgError (L"Cannot create STDIN pipe."); - CloseHandle(hChildStdoutWrite); - CloseHandle(hChildStdoutRead); - return 0; - } - SetHandleInformation (hChildStdinWrite, HANDLE_FLAG_INHERIT, 0); - - // Create a child process that will compress the data - - startupInfo.wShowWindow = SW_HIDE; - startupInfo.hStdInput = hChildStdinRead; - startupInfo.hStdOutput = hChildStdoutWrite; - startupInfo.cb = sizeof (startupInfo); - startupInfo.hStdError = hChildStdoutWrite; - startupInfo.dwFlags |= STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW; - - StringCchCopyW (szGzipCmd, ARRAYSIZE (szGzipCmd), L"gzip --best"); - if (!CreateProcess (NULL, szGzipCmd, NULL, NULL, TRUE, 0, NULL, NULL, &startupInfo, &procInfo)) - { - PkgError (L"Error: Cannot run gzip.\n\nBefore you can create a self-extracting VeraCrypt package, you need to have the open-source 'gzip' compression tool placed in any directory in the search path for executable files (for example, in 'C:\\Windows\\').\n\nNote: gzip can be freely downloaded e.g. from www.gzip.org"); - CloseHandle(hChildStdoutWrite); - CloseHandle(hChildStdoutRead); - CloseHandle(hChildStdinRead); - CloseHandle(hChildStdinWrite); - return 0; - } - - CloseHandle (procInfo.hProcess); - CloseHandle (procInfo.hThread); - - // Start sending the uncompressed data to the pipe (STDIN) - PipeWriteBuf = in; - _beginthread (PipeWriteThread, PIPE_BUFFER_LEN * 2, (void *) &len); - - if (!CloseHandle (hChildStdoutWrite)) - { - PkgError (L"Cannot close STDOUT write"); - CloseHandle(hChildStdoutRead); - CloseHandle(hChildStdinRead); - return 0; - } - - bGzipHeaderRead = FALSE; - - // Read the compressed data from the pipe (sent by the child process to STDOUT) - while (TRUE) - { - if (!ReadFile (hChildStdoutRead, pipeBuffer, bGzipHeaderRead ? PIPE_BUFFER_LEN : 10, &bytesReceived, NULL)) - break; - - if (bGzipHeaderRead) - { - memcpy (out + res_len, pipeBuffer, bytesReceived); - res_len += bytesReceived; - } - else - bGzipHeaderRead = TRUE; // Skip the 10-byte gzip header - } - - CloseHandle(hChildStdoutRead); - CloseHandle(hChildStdinRead); - return res_len - 8; // A gzip stream ends with a CRC-32 hash and a 32-bit size (those 8 bytes need to be chopped off) -} - - -// Clears all bytes that change when an exe file is digitally signed, except the data that are appended. -// If those bytes weren't cleared, CRC-32 checks would fail after signing. -static void WipeSignatureAreas (char *buffer) -{ - // Clear bytes 0x130-0x1ff - memset (buffer + 0x130, 0, 0x200 - 0x130); -} - - -BOOL MakeSelfExtractingPackage (HWND hwndDlg, wchar_t *szDestDir) -{ - int i, x; - wchar_t inputFile [TC_MAX_PATH]; - wchar_t outputFile [TC_MAX_PATH]; - wchar_t szTmpFilePath [TC_MAX_PATH]; - unsigned char szTmp32bit [4] = {0}; - unsigned char *szTmp32bitPtr = szTmp32bit; - unsigned char *buffer = NULL, *compressedBuffer = NULL; - unsigned char *bufIndex = NULL; - wchar_t tmpStr [2048]; - int bufLen = 0, compressedDataLen = 0, uncompressedDataLen = 0; - - x = wcslen (szDestDir); - if (x < 2) - goto err; - - if (szDestDir[x - 1] != L'\\') - StringCbCatW (szDestDir, MAX_PATH, L"\\"); - - GetModuleFileName (NULL, inputFile, ARRAYSIZE (inputFile)); - - StringCchCopyW (outputFile, ARRAYSIZE(outputFile), szDestDir); - StringCchCatW (outputFile, ARRAYSIZE(outputFile), OutputPackageFile); - - // Clone 'VeraCrypt Setup.exe' to create the base of the new self-extracting archive - - if (!TCCopyFile (inputFile, outputFile)) - { - handleWin32Error (hwndDlg, SRC_POS); - PkgError (L"Cannot copy 'VeraCrypt Setup.exe' to the package"); - goto err; - } - - // Determine the buffer size needed for all the files and meta data and check if all required files exist - - bufLen = 0; - - for (i = 0; i < sizeof (szCompressedFiles) / sizeof (szCompressedFiles[0]); i++) - { - StringCbPrintfW (szTmpFilePath, sizeof(szTmpFilePath), L"%s%s", szDestDir, szCompressedFiles[i]); - - if (!FileExists (szTmpFilePath)) - { - wchar_t tmpstr [1000]; - - StringCbPrintfW (tmpstr, sizeof(tmpstr), L"File not found:\n\n'%s'", szTmpFilePath); - if (_wremove (outputFile)) - StringCbCatW (tmpstr, sizeof(tmpstr), L"\nFailed also to delete package file"); - PkgError (tmpstr); - goto err; - } - - bufLen += (int) GetFileSize64 (szTmpFilePath); - - bufLen += 2; // 16-bit filename length - bufLen += (wcslen(szCompressedFiles[i]) * sizeof (wchar_t)); // Filename - bufLen += 4; // CRC-32 - bufLen += 4; // 32-bit file length - } - - buffer = malloc (bufLen + 524288); // + 512K reserve - if (buffer == NULL) - { - PkgError (L"Cannot allocate memory for uncompressed data"); - if (_wremove (outputFile)) - PkgError (L"Cannot allocate memory for uncompressed data.\nFailed also to delete package file"); - else - PkgError (L"Cannot allocate memory for uncompressed data"); - goto err; - } - - - // Write the start marker - if (!SaveBufferToFile (MAG_START_MARKER, outputFile, strlen (MAG_START_MARKER), TRUE, FALSE)) - { - if (_wremove (outputFile)) - PkgError (L"Cannot write the start marker\nFailed also to delete package file"); - else - PkgError (L"Cannot write the start marker"); - goto err; - } - - - bufIndex = buffer; - - // Copy all required files and their meta data to the buffer - for (i = 0; i < sizeof (szCompressedFiles) / sizeof (szCompressedFiles[0]); i++) - { - DWORD tmpFileSize; - unsigned char *tmpBuffer; - - StringCbPrintfW (szTmpFilePath, sizeof(szTmpFilePath), L"%s%s", szDestDir, szCompressedFiles[i]); - - tmpBuffer = LoadFile (szTmpFilePath, &tmpFileSize); - - if (tmpBuffer == NULL) - { - wchar_t tmpstr [1000]; - - StringCbPrintfW (tmpstr, sizeof(tmpstr), L"Cannot load file \n'%s'", szTmpFilePath); - if (_wremove (outputFile)) - StringCbCatW (tmpstr, sizeof(tmpstr), L"\nFailed also to delete package file"); - PkgError (tmpstr); - goto err; - } - - // Copy the filename length to the main buffer - mputWord (bufIndex, (WORD) wcslen(szCompressedFiles[i])); - - // Copy the filename to the main buffer - wmemcpy ((wchar_t*)bufIndex, szCompressedFiles[i], wcslen(szCompressedFiles[i])); - bufIndex += (wcslen(szCompressedFiles[i]) * sizeof (wchar_t)); - - // Compute CRC-32 hash of the uncompressed file and copy it to the main buffer - mputLong (bufIndex, GetCrc32 (tmpBuffer, tmpFileSize)); - - // Copy the file length to the main buffer - mputLong (bufIndex, (unsigned __int32) tmpFileSize); - - // Copy the file contents to the main buffer - memcpy (bufIndex, tmpBuffer, tmpFileSize); - bufIndex += tmpFileSize; - - free (tmpBuffer); - } - - // Calculate the total size of the uncompressed data - uncompressedDataLen = (int) (bufIndex - buffer); - - // Write total size of the uncompressed data - szTmp32bitPtr = szTmp32bit; - mputLong (szTmp32bitPtr, (unsigned __int32) uncompressedDataLen); - if (!SaveBufferToFile (szTmp32bit, outputFile, sizeof (szTmp32bit), TRUE, FALSE)) - { - if (_wremove (outputFile)) - PkgError (L"Cannot write the total size of the uncompressed data.\nFailed also to delete package file"); - else - PkgError (L"Cannot write the total size of the uncompressed data"); - goto err; - } - - // Compress all the files and meta data in the buffer to create a solid archive - - // Test to make Coverity happy. It will always be false - if (uncompressedDataLen >= (INT_MAX - 524288)) - { - if (_wremove (outputFile)) - PkgError (L"Cannot allocate memory for compressed data.\nFailed also to delete package file"); - else - PkgError (L"Cannot allocate memory for compressed data"); - goto err; - } - - compressedBuffer = malloc (uncompressedDataLen + 524288); // + 512K reserve - if (compressedBuffer == NULL) - { - if (_wremove (outputFile)) - PkgError (L"Cannot allocate memory for compressed data.\nFailed also to delete package file"); - else - PkgError (L"Cannot allocate memory for compressed data"); - goto err; - } - - compressedDataLen = CompressBuffer (compressedBuffer, buffer, uncompressedDataLen); - if (compressedDataLen <= 0) - { - if (_wremove (outputFile)) - PkgError (L"Failed to compress the data.\nFailed also to delete package file"); - else - PkgError (L"Failed to compress the data"); - goto err; - } - - free (buffer); - buffer = NULL; - - // Write the total size of the compressed data - szTmp32bitPtr = szTmp32bit; - mputLong (szTmp32bitPtr, (unsigned __int32) compressedDataLen); - if (!SaveBufferToFile (szTmp32bit, outputFile, sizeof (szTmp32bit), TRUE, FALSE)) - { - if (_wremove (outputFile)) - PkgError (L"Cannot write the total size of the compressed data.\nFailed also to delete package file"); - else - PkgError (L"Cannot write the total size of the compressed data"); - goto err; - } - - // Write the compressed data - if (!SaveBufferToFile (compressedBuffer, outputFile, compressedDataLen, TRUE, FALSE)) - { - if (_wremove (outputFile)) - PkgError (L"Cannot write compressed data to the package.\nFailed also to delete package file"); - else - PkgError (L"Cannot write compressed data to the package"); - goto err; - } - - // Write the end marker - if (!SaveBufferToFile (MagEndMarker, outputFile, strlen (MagEndMarker), TRUE, FALSE)) - { - if (_wremove (outputFile)) - PkgError (L"Cannot write the end marker.\nFailed also to delete package file"); - else - PkgError (L"Cannot write the end marker"); - goto err; - } - - free (compressedBuffer); - compressedBuffer = NULL; - - // Compute and write CRC-32 hash of the entire package - { - DWORD tmpFileSize; - char *tmpBuffer; - - tmpBuffer = LoadFile (outputFile, &tmpFileSize); - - if (tmpBuffer == NULL) - { - handleWin32Error (hwndDlg, SRC_POS); - if (_wremove (outputFile)) - PkgError (L"Cannot load the package to compute CRC.\nFailed also to delete package file"); - else - PkgError (L"Cannot load the package to compute CRC"); - goto err; - } - - // Zero all bytes that change when the exe is digitally signed (except appended blocks). - WipeSignatureAreas (tmpBuffer); - - szTmp32bitPtr = szTmp32bit; - mputLong (szTmp32bitPtr, GetCrc32 (tmpBuffer, tmpFileSize)); - free (tmpBuffer); - - if (!SaveBufferToFile (szTmp32bit, outputFile, sizeof (szTmp32bit), TRUE, FALSE)) - { - if (_wremove (outputFile)) - PkgError (L"Cannot write the total size of the compressed data.\nFailed also to delete package file"); - else - PkgError (L"Cannot write the total size of the compressed data"); - goto err; - } - } - - StringCbPrintfW (tmpStr, sizeof(tmpStr), L"Self-extracting package successfully created (%s)", outputFile); - PkgInfo (tmpStr); - return TRUE; - -err: - if (buffer) - free (buffer); - if (compressedBuffer) - free (compressedBuffer); - - return FALSE; -} - - -// Verifies the CRC-32 of the whole self-extracting package (except the digital signature areas, if present) -BOOL VerifyPackageIntegrity (void) -{ - int fileDataEndPos = 0; - int fileDataStartPos = 0; - unsigned __int32 crc = 0; - unsigned char *tmpBuffer; - int tmpFileSize; - wchar_t path [TC_MAX_PATH]; - - GetModuleFileName (NULL, path, ARRAYSIZE (path)); - - fileDataEndPos = (int) FindStringInFile (path, MagEndMarker, strlen (MagEndMarker)); - if (fileDataEndPos < 0) - { - Error ("DIST_PACKAGE_CORRUPTED", NULL); - return FALSE; - } - fileDataEndPos--; - - fileDataStartPos = (int) FindStringInFile (path, MAG_START_MARKER, strlen (MAG_START_MARKER)); - if (fileDataStartPos < 0) - { - Error ("DIST_PACKAGE_CORRUPTED", NULL); - return FALSE; - } - fileDataStartPos += strlen (MAG_START_MARKER); - - - if (!LoadInt32 (path, &crc, fileDataEndPos + strlen (MagEndMarker) + 1)) - { - Error ("CANT_VERIFY_PACKAGE_INTEGRITY", NULL); - return FALSE; - } - - // Compute the CRC-32 hash of the whole file (except the digital signature area, if present) - tmpBuffer = LoadFile (path, &tmpFileSize); - - if (tmpBuffer == NULL) - { - Error ("CANT_VERIFY_PACKAGE_INTEGRITY", NULL); - return FALSE; - } - - // Zero all bytes that change when an exe is digitally signed (except appended blocks). - WipeSignatureAreas (tmpBuffer); - - if (crc != GetCrc32 (tmpBuffer, fileDataEndPos + 1 + strlen (MagEndMarker))) - { - free (tmpBuffer); - Error ("DIST_PACKAGE_CORRUPTED", NULL); - return FALSE; - } - - free (tmpBuffer); - - return TRUE; -} - - -// Determines whether we are a self-extracting package -BOOL IsSelfExtractingPackage (void) -{ - wchar_t path [TC_MAX_PATH]; - - GetModuleFileName (NULL, path, ARRAYSIZE (path)); - - return (FindStringInFile (path, MagEndMarker, strlen (MagEndMarker)) != -1); -} - - -static void FreeAllFileBuffers (void) -{ - int fileNo; - - if (DecompressedData != NULL) - { - free (DecompressedData); - DecompressedData = NULL; - } - - for (fileNo = 0; fileNo < NBR_COMPRESSED_FILES; fileNo++) - { - Decompressed_Files[fileNo].fileName = NULL; - Decompressed_Files[fileNo].fileContent = NULL; - Decompressed_Files[fileNo].fileNameLength = 0; - Decompressed_Files[fileNo].fileLength = 0; - Decompressed_Files[fileNo].crc = 0; - } -} - - -// Assumes that VerifyPackageIntegrity() has been used. Returns TRUE, if successful (otherwise FALSE). -// Creates a table of pointers to buffers containing the following objects for each file: -// filename size, filename (not null-terminated!), file size, file CRC-32, uncompressed file contents. -// For details, see the definition of the DECOMPRESSED_FILE structure. -BOOL SelfExtractInMemory (wchar_t *path) -{ - int filePos = 0, fileNo = 0; - int fileDataEndPos = 0; - int fileDataStartPos = 0; - int uncompressedLen = 0; - int compressedLen = 0; - unsigned char *compressedData = NULL; - unsigned char *bufPos = NULL, *bufEndPos = NULL; - - FreeAllFileBuffers(); - - fileDataEndPos = (int) FindStringInFile (path, MagEndMarker, strlen (MagEndMarker)); - if (fileDataEndPos < 0) - { - Error ("CANNOT_READ_FROM_PACKAGE", NULL); - return FALSE; - } - - fileDataEndPos--; - - fileDataStartPos = (int) FindStringInFile (path, MAG_START_MARKER, strlen (MAG_START_MARKER)); - if (fileDataStartPos < 0) - { - Error ("CANNOT_READ_FROM_PACKAGE", NULL); - return FALSE; - } - - fileDataStartPos += strlen (MAG_START_MARKER); - - filePos = fileDataStartPos; - - // Read the stored total size of the uncompressed data - if (!LoadInt32 (path, &uncompressedLen, filePos)) - { - Error ("CANNOT_READ_FROM_PACKAGE", NULL); - return FALSE; - } - - filePos += 4; - - // Read the stored total size of the compressed data - if (!LoadInt32 (path, &compressedLen, filePos)) - { - Error ("CANNOT_READ_FROM_PACKAGE", NULL); - return FALSE; - } - - filePos += 4; - - if (compressedLen != fileDataEndPos - fileDataStartPos - 8 + 1) - { - Error ("DIST_PACKAGE_CORRUPTED", NULL); - } - - DecompressedData = malloc (uncompressedLen + 524288); // + 512K reserve - if (DecompressedData == NULL) - { - Error ("ERR_MEM_ALLOC", NULL); - return FALSE; - } - - bufPos = DecompressedData; - bufEndPos = bufPos + uncompressedLen - 1; - - compressedData = LoadFileBlock (path, filePos, compressedLen); - - if (compressedData == NULL) - { - free (DecompressedData); - DecompressedData = NULL; - - Error ("CANNOT_READ_FROM_PACKAGE", NULL); - return FALSE; - } - - // Decompress the data - if (DecompressBuffer (DecompressedData, compressedData, compressedLen) != uncompressedLen) - { - Error ("DIST_PACKAGE_CORRUPTED", NULL); - goto sem_end; - } - - while (bufPos <= bufEndPos && fileNo < NBR_COMPRESSED_FILES) - { - // Filename length - Decompressed_Files[fileNo].fileNameLength = mgetWord (bufPos); - - // Filename - Decompressed_Files[fileNo].fileName = (wchar_t*) bufPos; - bufPos += (Decompressed_Files[fileNo].fileNameLength * sizeof (wchar_t)); - - // CRC-32 of the file - Decompressed_Files[fileNo].crc = mgetLong (bufPos); - - // File length - Decompressed_Files[fileNo].fileLength = mgetLong (bufPos); - - // File content - Decompressed_Files[fileNo].fileContent = bufPos; - bufPos += Decompressed_Files[fileNo].fileLength; - - // Verify CRC-32 of the file (to verify that it didn't get corrupted while creating the solid archive). - if (Decompressed_Files[fileNo].crc - != GetCrc32 (Decompressed_Files[fileNo].fileContent, Decompressed_Files[fileNo].fileLength)) - { - Error ("DIST_PACKAGE_CORRUPTED", NULL); - goto sem_end; - } - - fileNo++; - } - - if (fileNo < NBR_COMPRESSED_FILES) - { - Error ("DIST_PACKAGE_CORRUPTED", NULL); - goto sem_end; - } - - free (compressedData); - return TRUE; - -sem_end: - FreeAllFileBuffers(); - free (compressedData); - return FALSE; -} - - -void __cdecl ExtractAllFilesThread (void *hwndDlg) -{ - int fileNo; - BOOL bSuccess = FALSE; - wchar_t packageFile [TC_MAX_PATH]; - - InvalidateRect (GetDlgItem (GetParent (hwndDlg), IDD_INSTL_DLG), NULL, TRUE); - - ClearLogWindow (hwndDlg); - - GetModuleFileName (NULL, packageFile, ARRAYSIZE (packageFile)); - - if (!(bSuccess = SelfExtractInMemory (packageFile))) - goto eaf_end; - - if (mkfulldir (DestExtractPath, TRUE) != 0) - { - if (mkfulldir (DestExtractPath, FALSE) != 0) - { - wchar_t szTmp[TC_MAX_PATH]; - - handleWin32Error (hwndDlg, SRC_POS); - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CANT_CREATE_FOLDER"), DestExtractPath); - MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONHAND); - bSuccess = FALSE; - goto eaf_end; - } - } - - for (fileNo = 0; fileNo < NBR_COMPRESSED_FILES; fileNo++) - { - wchar_t fileName [TC_MAX_PATH] = {0}; - wchar_t filePath [TC_MAX_PATH] = {0}; - - // Filename - StringCchCopyNW (fileName, ARRAYSIZE(fileName), Decompressed_Files[fileNo].fileName, Decompressed_Files[fileNo].fileNameLength); - StringCchCopyW (filePath, ARRAYSIZE(filePath), DestExtractPath); - StringCchCatW (filePath, ARRAYSIZE(filePath), fileName); - - StatusMessageParam (hwndDlg, "EXTRACTING_VERB", filePath); - - // Write the file - if (!SaveBufferToFile ( - Decompressed_Files[fileNo].fileContent, - filePath, - Decompressed_Files[fileNo].fileLength, - FALSE, FALSE)) - { - wchar_t szTmp[512]; - - StringCbPrintfW (szTmp, sizeof (szTmp), GetString ("CANNOT_WRITE_FILE_X"), filePath); - MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONERROR | MB_SETFOREGROUND | MB_TOPMOST); - bSuccess = FALSE; - goto eaf_end; - } - UpdateProgressBarProc ((int) (100 * ((float) fileNo / NBR_COMPRESSED_FILES))); - } - -eaf_end: - FreeAllFileBuffers(); - - if (bSuccess) - PostMessage (MainDlg, TC_APPMSG_EXTRACTION_SUCCESS, 0, 0); - else - PostMessage (MainDlg, TC_APPMSG_EXTRACTION_FAILURE, 0, 0); -} - +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Tcdefs.h" + +#include "Inflate.h" +#include "SelfExtract.h" +#include "Wizard.h" +#include "Setup.h" +#include "Crc.h" +#include "Endian.h" +#include "Dlgcode.h" +#include "Dir.h" +#include "Language.h" +#include "Resource.h" +#include +#include + +#ifndef SRC_POS +#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__)) +#endif + +#define OutputPackageFile L"VeraCrypt Setup " _T(VERSION_STRING) L".exe" + +#define MAG_START_MARKER "TCINSTRT" +#define MAG_END_MARKER_OBFUSCATED "T/C/I/N/S/C/R/C" +#define PIPE_BUFFER_LEN (4 * BYTES_PER_KB) + +unsigned char MagEndMarker [sizeof (MAG_END_MARKER_OBFUSCATED)]; +wchar_t DestExtractPath [TC_MAX_PATH]; +DECOMPRESSED_FILE Decompressed_Files [NBR_COMPRESSED_FILES]; + +volatile char *PipeWriteBuf = NULL; +volatile HANDLE hChildStdinWrite = INVALID_HANDLE_VALUE; +unsigned char *DecompressedData = NULL; + + + +void SelfExtractStartupInit (void) +{ + DeobfuscateMagEndMarker (); +} + + +// The end marker must be included in the self-extracting exe only once, not twice (used e.g. +// by IsSelfExtractingPackage()) and that's why MAG_END_MARKER_OBFUSCATED is obfuscated and +// needs to be deobfuscated using this function at startup. +static void DeobfuscateMagEndMarker (void) +{ + int i; + + for (i = 0; i < sizeof (MAG_END_MARKER_OBFUSCATED); i += 2) + MagEndMarker [i/2] = MAG_END_MARKER_OBFUSCATED [i]; + + MagEndMarker [i/2] = 0; +} + + +static void PkgError (wchar_t *msg) +{ + MessageBox (NULL, msg, L"VeraCrypt", MB_ICONERROR | MB_SETFOREGROUND | MB_TOPMOST); +} + + +static void PkgWarning (wchar_t *msg) +{ + MessageBox (NULL, msg, L"VeraCrypt", MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST); +} + + +static void PkgInfo (wchar_t *msg) +{ + MessageBox (NULL, msg, L"VeraCrypt", MB_ICONINFORMATION | MB_SETFOREGROUND | MB_TOPMOST); +} + + +// Returns 0 if decompression fails or, if successful, returns the size of the decompressed data +static int DecompressBuffer (char *out, char *in, int len) +{ + return (DecompressDeflatedData (out, in, len)); // Inflate +} + + +static void __cdecl PipeWriteThread (void *len) +{ + int sendBufSize = PIPE_BUFFER_LEN, bytesSent = 0; + int bytesToSend = *((int *) len), bytesSentTotal = 0; + + if (PipeWriteBuf == NULL || (HANDLE) hChildStdinWrite == INVALID_HANDLE_VALUE) + { + PkgError (L"Failed sending data to the STDIN pipe"); + return; + } + + while (bytesToSend > 0) + { + if (bytesToSend < PIPE_BUFFER_LEN) + sendBufSize = bytesToSend; + + if (!WriteFile ((HANDLE) hChildStdinWrite, (char *) PipeWriteBuf + bytesSentTotal, sendBufSize, &bytesSent, NULL) + || bytesSent == 0 + || bytesSent != sendBufSize) + { + PkgError (L"Failed sending data to the STDIN pipe"); + return; + } + + bytesToSend -= bytesSent; + bytesSentTotal += bytesSent; + } + + // Closing the pipe causes the child process to stop reading from it + + if (!CloseHandle (hChildStdinWrite)) + { + PkgError (L"Cannot close pipe"); + return; + } +} + + +// Returns 0 if compression fails or, if successful, the size of the compressed data +static int CompressBuffer (char *out, char *in, int len) +{ + SECURITY_ATTRIBUTES securityAttrib; + DWORD bytesReceived = 0; + HANDLE hChildStdoutWrite = INVALID_HANDLE_VALUE; + HANDLE hChildStdoutRead = INVALID_HANDLE_VALUE; + HANDLE hChildStdinRead = INVALID_HANDLE_VALUE; + STARTUPINFO startupInfo; + PROCESS_INFORMATION procInfo; + char pipeBuffer [PIPE_BUFFER_LEN]; + int res_len = 0; + BOOL bGzipHeaderRead = FALSE; + wchar_t szGzipCmd[64]; + + ZeroMemory (&startupInfo, sizeof (startupInfo)); + ZeroMemory (&procInfo, sizeof (procInfo)); + + // Pipe handle inheritance + securityAttrib.bInheritHandle = TRUE; + securityAttrib.nLength = sizeof (securityAttrib); + securityAttrib.lpSecurityDescriptor = NULL; + + if (!CreatePipe (&hChildStdoutRead, &hChildStdoutWrite, &securityAttrib, 0)) + { + PkgError (L"Cannot create STDOUT pipe."); + return 0; + } + SetHandleInformation (hChildStdoutRead, HANDLE_FLAG_INHERIT, 0); + + if (!CreatePipe (&hChildStdinRead, &((HANDLE) hChildStdinWrite), &securityAttrib, 0)) + { + PkgError (L"Cannot create STDIN pipe."); + CloseHandle(hChildStdoutWrite); + CloseHandle(hChildStdoutRead); + return 0; + } + SetHandleInformation (hChildStdinWrite, HANDLE_FLAG_INHERIT, 0); + + // Create a child process that will compress the data + + startupInfo.wShowWindow = SW_HIDE; + startupInfo.hStdInput = hChildStdinRead; + startupInfo.hStdOutput = hChildStdoutWrite; + startupInfo.cb = sizeof (startupInfo); + startupInfo.hStdError = hChildStdoutWrite; + startupInfo.dwFlags |= STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW; + + StringCchCopyW (szGzipCmd, ARRAYSIZE (szGzipCmd), L"gzip --best"); + if (!CreateProcess (NULL, szGzipCmd, NULL, NULL, TRUE, 0, NULL, NULL, &startupInfo, &procInfo)) + { + PkgError (L"Error: Cannot run gzip.\n\nBefore you can create a self-extracting VeraCrypt package, you need to have the open-source 'gzip' compression tool placed in any directory in the search path for executable files (for example, in 'C:\\Windows\\').\n\nNote: gzip can be freely downloaded e.g. from www.gzip.org"); + CloseHandle(hChildStdoutWrite); + CloseHandle(hChildStdoutRead); + CloseHandle(hChildStdinRead); + CloseHandle(hChildStdinWrite); + return 0; + } + + CloseHandle (procInfo.hProcess); + CloseHandle (procInfo.hThread); + + // Start sending the uncompressed data to the pipe (STDIN) + PipeWriteBuf = in; + _beginthread (PipeWriteThread, PIPE_BUFFER_LEN * 2, (void *) &len); + + if (!CloseHandle (hChildStdoutWrite)) + { + PkgError (L"Cannot close STDOUT write"); + CloseHandle(hChildStdoutRead); + CloseHandle(hChildStdinRead); + return 0; + } + + bGzipHeaderRead = FALSE; + + // Read the compressed data from the pipe (sent by the child process to STDOUT) + while (TRUE) + { + if (!ReadFile (hChildStdoutRead, pipeBuffer, bGzipHeaderRead ? PIPE_BUFFER_LEN : 10, &bytesReceived, NULL)) + break; + + if (bGzipHeaderRead) + { + memcpy (out + res_len, pipeBuffer, bytesReceived); + res_len += bytesReceived; + } + else + bGzipHeaderRead = TRUE; // Skip the 10-byte gzip header + } + + CloseHandle(hChildStdoutRead); + CloseHandle(hChildStdinRead); + return res_len - 8; // A gzip stream ends with a CRC-32 hash and a 32-bit size (those 8 bytes need to be chopped off) +} + + +// Clears all bytes that change when an exe file is digitally signed, except the data that are appended. +// If those bytes weren't cleared, CRC-32 checks would fail after signing. +static void WipeSignatureAreas (char *buffer) +{ + // Clear bytes 0x130-0x1ff + memset (buffer + 0x130, 0, 0x200 - 0x130); +} + + +BOOL MakeSelfExtractingPackage (HWND hwndDlg, wchar_t *szDestDir) +{ + int i, x; + wchar_t inputFile [TC_MAX_PATH]; + wchar_t outputFile [TC_MAX_PATH]; + wchar_t szTmpFilePath [TC_MAX_PATH]; + unsigned char szTmp32bit [4] = {0}; + unsigned char *szTmp32bitPtr = szTmp32bit; + unsigned char *buffer = NULL, *compressedBuffer = NULL; + unsigned char *bufIndex = NULL; + wchar_t tmpStr [2048]; + int bufLen = 0, compressedDataLen = 0, uncompressedDataLen = 0; + + x = wcslen (szDestDir); + if (x < 2) + goto err; + + if (szDestDir[x - 1] != L'\\') + StringCbCatW (szDestDir, MAX_PATH, L"\\"); + + GetModuleFileName (NULL, inputFile, ARRAYSIZE (inputFile)); + + StringCchCopyW (outputFile, ARRAYSIZE(outputFile), szDestDir); + StringCchCatW (outputFile, ARRAYSIZE(outputFile), OutputPackageFile); + + // Clone 'VeraCrypt Setup.exe' to create the base of the new self-extracting archive + + if (!TCCopyFile (inputFile, outputFile)) + { + handleWin32Error (hwndDlg, SRC_POS); + PkgError (L"Cannot copy 'VeraCrypt Setup.exe' to the package"); + goto err; + } + + // Determine the buffer size needed for all the files and meta data and check if all required files exist + + bufLen = 0; + + for (i = 0; i < sizeof (szCompressedFiles) / sizeof (szCompressedFiles[0]); i++) + { + StringCbPrintfW (szTmpFilePath, sizeof(szTmpFilePath), L"%s%s", szDestDir, szCompressedFiles[i]); + + if (!FileExists (szTmpFilePath)) + { + wchar_t tmpstr [1000]; + + StringCbPrintfW (tmpstr, sizeof(tmpstr), L"File not found:\n\n'%s'", szTmpFilePath); + if (_wremove (outputFile)) + StringCbCatW (tmpstr, sizeof(tmpstr), L"\nFailed also to delete package file"); + PkgError (tmpstr); + goto err; + } + + bufLen += (int) GetFileSize64 (szTmpFilePath); + + bufLen += 2; // 16-bit filename length + bufLen += (wcslen(szCompressedFiles[i]) * sizeof (wchar_t)); // Filename + bufLen += 4; // CRC-32 + bufLen += 4; // 32-bit file length + } + + buffer = malloc (bufLen + 524288); // + 512K reserve + if (buffer == NULL) + { + PkgError (L"Cannot allocate memory for uncompressed data"); + if (_wremove (outputFile)) + PkgError (L"Cannot allocate memory for uncompressed data.\nFailed also to delete package file"); + else + PkgError (L"Cannot allocate memory for uncompressed data"); + goto err; + } + + + // Write the start marker + if (!SaveBufferToFile (MAG_START_MARKER, outputFile, strlen (MAG_START_MARKER), TRUE, FALSE)) + { + if (_wremove (outputFile)) + PkgError (L"Cannot write the start marker\nFailed also to delete package file"); + else + PkgError (L"Cannot write the start marker"); + goto err; + } + + + bufIndex = buffer; + + // Copy all required files and their meta data to the buffer + for (i = 0; i < sizeof (szCompressedFiles) / sizeof (szCompressedFiles[0]); i++) + { + DWORD tmpFileSize; + unsigned char *tmpBuffer; + + StringCbPrintfW (szTmpFilePath, sizeof(szTmpFilePath), L"%s%s", szDestDir, szCompressedFiles[i]); + + tmpBuffer = LoadFile (szTmpFilePath, &tmpFileSize); + + if (tmpBuffer == NULL) + { + wchar_t tmpstr [1000]; + + StringCbPrintfW (tmpstr, sizeof(tmpstr), L"Cannot load file \n'%s'", szTmpFilePath); + if (_wremove (outputFile)) + StringCbCatW (tmpstr, sizeof(tmpstr), L"\nFailed also to delete package file"); + PkgError (tmpstr); + goto err; + } + + // Copy the filename length to the main buffer + mputWord (bufIndex, (WORD) wcslen(szCompressedFiles[i])); + + // Copy the filename to the main buffer + wmemcpy ((wchar_t*)bufIndex, szCompressedFiles[i], wcslen(szCompressedFiles[i])); + bufIndex += (wcslen(szCompressedFiles[i]) * sizeof (wchar_t)); + + // Compute CRC-32 hash of the uncompressed file and copy it to the main buffer + mputLong (bufIndex, GetCrc32 (tmpBuffer, tmpFileSize)); + + // Copy the file length to the main buffer + mputLong (bufIndex, (unsigned __int32) tmpFileSize); + + // Copy the file contents to the main buffer + memcpy (bufIndex, tmpBuffer, tmpFileSize); + bufIndex += tmpFileSize; + + free (tmpBuffer); + } + + // Calculate the total size of the uncompressed data + uncompressedDataLen = (int) (bufIndex - buffer); + + // Write total size of the uncompressed data + szTmp32bitPtr = szTmp32bit; + mputLong (szTmp32bitPtr, (unsigned __int32) uncompressedDataLen); + if (!SaveBufferToFile (szTmp32bit, outputFile, sizeof (szTmp32bit), TRUE, FALSE)) + { + if (_wremove (outputFile)) + PkgError (L"Cannot write the total size of the uncompressed data.\nFailed also to delete package file"); + else + PkgError (L"Cannot write the total size of the uncompressed data"); + goto err; + } + + // Compress all the files and meta data in the buffer to create a solid archive + + // Test to make Coverity happy. It will always be false + if (uncompressedDataLen >= (INT_MAX - 524288)) + { + if (_wremove (outputFile)) + PkgError (L"Cannot allocate memory for compressed data.\nFailed also to delete package file"); + else + PkgError (L"Cannot allocate memory for compressed data"); + goto err; + } + + compressedBuffer = malloc (uncompressedDataLen + 524288); // + 512K reserve + if (compressedBuffer == NULL) + { + if (_wremove (outputFile)) + PkgError (L"Cannot allocate memory for compressed data.\nFailed also to delete package file"); + else + PkgError (L"Cannot allocate memory for compressed data"); + goto err; + } + + compressedDataLen = CompressBuffer (compressedBuffer, buffer, uncompressedDataLen); + if (compressedDataLen <= 0) + { + if (_wremove (outputFile)) + PkgError (L"Failed to compress the data.\nFailed also to delete package file"); + else + PkgError (L"Failed to compress the data"); + goto err; + } + + free (buffer); + buffer = NULL; + + // Write the total size of the compressed data + szTmp32bitPtr = szTmp32bit; + mputLong (szTmp32bitPtr, (unsigned __int32) compressedDataLen); + if (!SaveBufferToFile (szTmp32bit, outputFile, sizeof (szTmp32bit), TRUE, FALSE)) + { + if (_wremove (outputFile)) + PkgError (L"Cannot write the total size of the compressed data.\nFailed also to delete package file"); + else + PkgError (L"Cannot write the total size of the compressed data"); + goto err; + } + + // Write the compressed data + if (!SaveBufferToFile (compressedBuffer, outputFile, compressedDataLen, TRUE, FALSE)) + { + if (_wremove (outputFile)) + PkgError (L"Cannot write compressed data to the package.\nFailed also to delete package file"); + else + PkgError (L"Cannot write compressed data to the package"); + goto err; + } + + // Write the end marker + if (!SaveBufferToFile (MagEndMarker, outputFile, strlen (MagEndMarker), TRUE, FALSE)) + { + if (_wremove (outputFile)) + PkgError (L"Cannot write the end marker.\nFailed also to delete package file"); + else + PkgError (L"Cannot write the end marker"); + goto err; + } + + free (compressedBuffer); + compressedBuffer = NULL; + + // Compute and write CRC-32 hash of the entire package + { + DWORD tmpFileSize; + char *tmpBuffer; + + tmpBuffer = LoadFile (outputFile, &tmpFileSize); + + if (tmpBuffer == NULL) + { + handleWin32Error (hwndDlg, SRC_POS); + if (_wremove (outputFile)) + PkgError (L"Cannot load the package to compute CRC.\nFailed also to delete package file"); + else + PkgError (L"Cannot load the package to compute CRC"); + goto err; + } + + // Zero all bytes that change when the exe is digitally signed (except appended blocks). + WipeSignatureAreas (tmpBuffer); + + szTmp32bitPtr = szTmp32bit; + mputLong (szTmp32bitPtr, GetCrc32 (tmpBuffer, tmpFileSize)); + free (tmpBuffer); + + if (!SaveBufferToFile (szTmp32bit, outputFile, sizeof (szTmp32bit), TRUE, FALSE)) + { + if (_wremove (outputFile)) + PkgError (L"Cannot write the total size of the compressed data.\nFailed also to delete package file"); + else + PkgError (L"Cannot write the total size of the compressed data"); + goto err; + } + } + + StringCbPrintfW (tmpStr, sizeof(tmpStr), L"Self-extracting package successfully created (%s)", outputFile); + PkgInfo (tmpStr); + return TRUE; + +err: + if (buffer) + free (buffer); + if (compressedBuffer) + free (compressedBuffer); + + return FALSE; +} + + +// Verifies the CRC-32 of the whole self-extracting package (except the digital signature areas, if present) +BOOL VerifyPackageIntegrity (void) +{ + int fileDataEndPos = 0; + int fileDataStartPos = 0; + unsigned __int32 crc = 0; + unsigned char *tmpBuffer; + int tmpFileSize; + wchar_t path [TC_MAX_PATH]; + + GetModuleFileName (NULL, path, ARRAYSIZE (path)); + + fileDataEndPos = (int) FindStringInFile (path, MagEndMarker, strlen (MagEndMarker)); + if (fileDataEndPos < 0) + { + Error ("DIST_PACKAGE_CORRUPTED", NULL); + return FALSE; + } + fileDataEndPos--; + + fileDataStartPos = (int) FindStringInFile (path, MAG_START_MARKER, strlen (MAG_START_MARKER)); + if (fileDataStartPos < 0) + { + Error ("DIST_PACKAGE_CORRUPTED", NULL); + return FALSE; + } + fileDataStartPos += strlen (MAG_START_MARKER); + + + if (!LoadInt32 (path, &crc, fileDataEndPos + strlen (MagEndMarker) + 1)) + { + Error ("CANT_VERIFY_PACKAGE_INTEGRITY", NULL); + return FALSE; + } + + // Compute the CRC-32 hash of the whole file (except the digital signature area, if present) + tmpBuffer = LoadFile (path, &tmpFileSize); + + if (tmpBuffer == NULL) + { + Error ("CANT_VERIFY_PACKAGE_INTEGRITY", NULL); + return FALSE; + } + + // Zero all bytes that change when an exe is digitally signed (except appended blocks). + WipeSignatureAreas (tmpBuffer); + + if (crc != GetCrc32 (tmpBuffer, fileDataEndPos + 1 + strlen (MagEndMarker))) + { + free (tmpBuffer); + Error ("DIST_PACKAGE_CORRUPTED", NULL); + return FALSE; + } + + free (tmpBuffer); + + return TRUE; +} + + +// Determines whether we are a self-extracting package +BOOL IsSelfExtractingPackage (void) +{ + wchar_t path [TC_MAX_PATH]; + + GetModuleFileName (NULL, path, ARRAYSIZE (path)); + + return (FindStringInFile (path, MagEndMarker, strlen (MagEndMarker)) != -1); +} + + +static void FreeAllFileBuffers (void) +{ + int fileNo; + + if (DecompressedData != NULL) + { + free (DecompressedData); + DecompressedData = NULL; + } + + for (fileNo = 0; fileNo < NBR_COMPRESSED_FILES; fileNo++) + { + Decompressed_Files[fileNo].fileName = NULL; + Decompressed_Files[fileNo].fileContent = NULL; + Decompressed_Files[fileNo].fileNameLength = 0; + Decompressed_Files[fileNo].fileLength = 0; + Decompressed_Files[fileNo].crc = 0; + } +} + + +// Assumes that VerifyPackageIntegrity() has been used. Returns TRUE, if successful (otherwise FALSE). +// Creates a table of pointers to buffers containing the following objects for each file: +// filename size, filename (not null-terminated!), file size, file CRC-32, uncompressed file contents. +// For details, see the definition of the DECOMPRESSED_FILE structure. +BOOL SelfExtractInMemory (wchar_t *path) +{ + int filePos = 0, fileNo = 0; + int fileDataEndPos = 0; + int fileDataStartPos = 0; + int uncompressedLen = 0; + int compressedLen = 0; + unsigned char *compressedData = NULL; + unsigned char *bufPos = NULL, *bufEndPos = NULL; + + FreeAllFileBuffers(); + + fileDataEndPos = (int) FindStringInFile (path, MagEndMarker, strlen (MagEndMarker)); + if (fileDataEndPos < 0) + { + Error ("CANNOT_READ_FROM_PACKAGE", NULL); + return FALSE; + } + + fileDataEndPos--; + + fileDataStartPos = (int) FindStringInFile (path, MAG_START_MARKER, strlen (MAG_START_MARKER)); + if (fileDataStartPos < 0) + { + Error ("CANNOT_READ_FROM_PACKAGE", NULL); + return FALSE; + } + + fileDataStartPos += strlen (MAG_START_MARKER); + + filePos = fileDataStartPos; + + // Read the stored total size of the uncompressed data + if (!LoadInt32 (path, &uncompressedLen, filePos)) + { + Error ("CANNOT_READ_FROM_PACKAGE", NULL); + return FALSE; + } + + filePos += 4; + + // Read the stored total size of the compressed data + if (!LoadInt32 (path, &compressedLen, filePos)) + { + Error ("CANNOT_READ_FROM_PACKAGE", NULL); + return FALSE; + } + + filePos += 4; + + if (compressedLen != fileDataEndPos - fileDataStartPos - 8 + 1) + { + Error ("DIST_PACKAGE_CORRUPTED", NULL); + } + + DecompressedData = malloc (uncompressedLen + 524288); // + 512K reserve + if (DecompressedData == NULL) + { + Error ("ERR_MEM_ALLOC", NULL); + return FALSE; + } + + bufPos = DecompressedData; + bufEndPos = bufPos + uncompressedLen - 1; + + compressedData = LoadFileBlock (path, filePos, compressedLen); + + if (compressedData == NULL) + { + free (DecompressedData); + DecompressedData = NULL; + + Error ("CANNOT_READ_FROM_PACKAGE", NULL); + return FALSE; + } + + // Decompress the data + if (DecompressBuffer (DecompressedData, compressedData, compressedLen) != uncompressedLen) + { + Error ("DIST_PACKAGE_CORRUPTED", NULL); + goto sem_end; + } + + while (bufPos <= bufEndPos && fileNo < NBR_COMPRESSED_FILES) + { + // Filename length + Decompressed_Files[fileNo].fileNameLength = mgetWord (bufPos); + + // Filename + Decompressed_Files[fileNo].fileName = (wchar_t*) bufPos; + bufPos += (Decompressed_Files[fileNo].fileNameLength * sizeof (wchar_t)); + + // CRC-32 of the file + Decompressed_Files[fileNo].crc = mgetLong (bufPos); + + // File length + Decompressed_Files[fileNo].fileLength = mgetLong (bufPos); + + // File content + Decompressed_Files[fileNo].fileContent = bufPos; + bufPos += Decompressed_Files[fileNo].fileLength; + + // Verify CRC-32 of the file (to verify that it didn't get corrupted while creating the solid archive). + if (Decompressed_Files[fileNo].crc + != GetCrc32 (Decompressed_Files[fileNo].fileContent, Decompressed_Files[fileNo].fileLength)) + { + Error ("DIST_PACKAGE_CORRUPTED", NULL); + goto sem_end; + } + + fileNo++; + } + + if (fileNo < NBR_COMPRESSED_FILES) + { + Error ("DIST_PACKAGE_CORRUPTED", NULL); + goto sem_end; + } + + free (compressedData); + return TRUE; + +sem_end: + FreeAllFileBuffers(); + free (compressedData); + return FALSE; +} + + +void __cdecl ExtractAllFilesThread (void *hwndDlg) +{ + int fileNo; + BOOL bSuccess = FALSE; + wchar_t packageFile [TC_MAX_PATH]; + + InvalidateRect (GetDlgItem (GetParent (hwndDlg), IDD_INSTL_DLG), NULL, TRUE); + + ClearLogWindow (hwndDlg); + + GetModuleFileName (NULL, packageFile, ARRAYSIZE (packageFile)); + + if (!(bSuccess = SelfExtractInMemory (packageFile))) + goto eaf_end; + + if (mkfulldir (DestExtractPath, TRUE) != 0) + { + if (mkfulldir (DestExtractPath, FALSE) != 0) + { + wchar_t szTmp[TC_MAX_PATH]; + + handleWin32Error (hwndDlg, SRC_POS); + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CANT_CREATE_FOLDER"), DestExtractPath); + MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONHAND); + bSuccess = FALSE; + goto eaf_end; + } + } + + for (fileNo = 0; fileNo < NBR_COMPRESSED_FILES; fileNo++) + { + wchar_t fileName [TC_MAX_PATH] = {0}; + wchar_t filePath [TC_MAX_PATH] = {0}; + + // Filename + StringCchCopyNW (fileName, ARRAYSIZE(fileName), Decompressed_Files[fileNo].fileName, Decompressed_Files[fileNo].fileNameLength); + StringCchCopyW (filePath, ARRAYSIZE(filePath), DestExtractPath); + StringCchCatW (filePath, ARRAYSIZE(filePath), fileName); + + StatusMessageParam (hwndDlg, "EXTRACTING_VERB", filePath); + + // Write the file + if (!SaveBufferToFile ( + Decompressed_Files[fileNo].fileContent, + filePath, + Decompressed_Files[fileNo].fileLength, + FALSE, FALSE)) + { + wchar_t szTmp[512]; + + StringCbPrintfW (szTmp, sizeof (szTmp), GetString ("CANNOT_WRITE_FILE_X"), filePath); + MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONERROR | MB_SETFOREGROUND | MB_TOPMOST); + bSuccess = FALSE; + goto eaf_end; + } + UpdateProgressBarProc ((int) (100 * ((float) fileNo / NBR_COMPRESSED_FILES))); + } + +eaf_end: + FreeAllFileBuffers(); + + if (bSuccess) + PostMessage (MainDlg, TC_APPMSG_EXTRACTION_SUCCESS, 0, 0); + else + PostMessage (MainDlg, TC_APPMSG_EXTRACTION_FAILURE, 0, 0); +} + diff --git a/src/Setup/SelfExtract.h b/src/Setup/SelfExtract.h index a93f4901..529b24d7 100644 --- a/src/Setup/SelfExtract.h +++ b/src/Setup/SelfExtract.h @@ -1,43 +1,43 @@ -/* - Derived from source code of TrueCrypt 7.1a, which is - Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed - by the TrueCrypt License 3.0. - - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. -*/ - -#include "Setup.h" - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct -{ - // WARNING: file name is NOT null-terminated (use fileNameLength). - wchar_t *fileName; - int fileNameLength; - uint32 crc; - __int32 fileLength; - unsigned char *fileContent; -} DECOMPRESSED_FILE; - -extern DECOMPRESSED_FILE Decompressed_Files [NBR_COMPRESSED_FILES]; - -void SelfExtractStartupInit (void); -BOOL SelfExtractInMemory (wchar_t *path); -void __cdecl ExtractAllFilesThread (void *hwndDlg); -BOOL MakeSelfExtractingPackage (HWND hwndDlg, wchar_t *szDestDir); -BOOL VerifyPackageIntegrity (void); -BOOL IsSelfExtractingPackage (void); -static void DeobfuscateMagEndMarker (void); - -extern wchar_t DestExtractPath [TC_MAX_PATH]; - -#ifdef __cplusplus -} -#endif +/* + Derived from source code of TrueCrypt 7.1a, which is + Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed + by the TrueCrypt License 3.0. + + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. +*/ + +#include "Setup.h" + +#ifdef __cplusplus +extern "C" { +#endif + +typedef struct +{ + // WARNING: file name is NOT null-terminated (use fileNameLength). + wchar_t *fileName; + int fileNameLength; + uint32 crc; + __int32 fileLength; + unsigned char *fileContent; +} DECOMPRESSED_FILE; + +extern DECOMPRESSED_FILE Decompressed_Files [NBR_COMPRESSED_FILES]; + +void SelfExtractStartupInit (void); +BOOL SelfExtractInMemory (wchar_t *path); +void __cdecl ExtractAllFilesThread (void *hwndDlg); +BOOL MakeSelfExtractingPackage (HWND hwndDlg, wchar_t *szDestDir); +BOOL VerifyPackageIntegrity (void); +BOOL IsSelfExtractingPackage (void); +static void DeobfuscateMagEndMarker (void); + +extern wchar_t DestExtractPath [TC_MAX_PATH]; + +#ifdef __cplusplus +} +#endif diff --git a/src/Setup/Setup.c b/src/Setup/Setup.c index 7c382986..899c1583 100644 --- a/src/Setup/Setup.c +++ b/src/Setup/Setup.c @@ -1,2632 +1,2632 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" -#include -#include -#include -#include -#include -#include -#include - -#include "Apidrvr.h" -#include "BootEncryption.h" -#include "Boot/Windows/BootCommon.h" -#include "Combo.h" -#include "ComSetup.h" -#include "Dlgcode.h" -#include "Language.h" -#include "Registry.h" -#include "Resource.h" - -#include "Dir.h" -#include "Setup.h" -#include "SelfExtract.h" -#include "Wizard.h" - -#include "../Common/Resource.h" - -using namespace VeraCrypt; - -#pragma warning( disable : 4201 ) -#pragma warning( disable : 4115 ) - -#include - -#pragma warning( default : 4201 ) -#pragma warning( default : 4115 ) - -#include - -wchar_t InstallationPath[TC_MAX_PATH]; -wchar_t SetupFilesDir[TC_MAX_PATH]; -wchar_t UninstallBatch[MAX_PATH]; - -BOOL bUninstall = FALSE; -BOOL bRestartRequired = FALSE; -BOOL bMakePackage = FALSE; -BOOL bDone = FALSE; -BOOL Rollback = FALSE; -BOOL bUpgrade = FALSE; -BOOL bDowngrade = FALSE; -BOOL SystemEncryptionUpdate = FALSE; -BOOL PortableMode = FALSE; -BOOL bRepairMode = FALSE; -BOOL bReinstallMode = FALSE; -BOOL bChangeMode = FALSE; -BOOL bDevm = FALSE; -BOOL bPossiblyFirstTimeInstall = FALSE; -BOOL bUninstallInProgress = FALSE; -BOOL UnloadDriver = TRUE; - -BOOL bSystemRestore = TRUE; -BOOL bDisableSwapFiles = FALSE; -BOOL bForAllUsers = TRUE; -BOOL bRegisterFileExt = TRUE; -BOOL bAddToStartMenu = TRUE; -BOOL bDesktopIcon = TRUE; - -BOOL bDesktopIconStatusDetermined = FALSE; - -HMODULE volatile SystemRestoreDll = 0; - -void localcleanup (void) -{ - localcleanupwiz (); - cleanup (); - - CloseAppSetupMutex (); -} - -BOOL ForceDeleteFile (LPCWSTR szFileName) -{ - if (!DeleteFile (szFileName)) - { - /* delete the renamed file when the machine reboots */ - return MoveFileEx (szFileName, NULL, MOVEFILE_DELAY_UNTIL_REBOOT); - } - else - return TRUE; -} - -BOOL StatDeleteFile (wchar_t *lpszFile, BOOL bCheckForOldFile) -{ - struct __stat64 st; - - if (bCheckForOldFile) - { - wchar_t szOldPath[MAX_PATH + 1]; - StringCbCopyW (szOldPath, sizeof(szOldPath), lpszFile); - StringCbCatW (szOldPath, sizeof(szOldPath), VC_FILENAME_RENAMED_SUFFIX); - - if (_wstat64 (szOldPath, &st) == 0) - { - ForceDeleteFile (szOldPath); - } - } - - if (_wstat64 (lpszFile, &st) == 0) - return ForceDeleteFile (lpszFile); - else - return TRUE; -} - -BOOL StatRemoveDirectory (wchar_t *lpszDir) -{ - struct __stat64 st; - - if (_wstat64 (lpszDir, &st) == 0) - { - BOOL bStatus = RemoveDirectory (lpszDir); - if (!bStatus) - { - /* force removal of the non empty directory */ - wchar_t szOpPath[TC_MAX_PATH + 1] = {0}; - SHFILEOPSTRUCTW op; - - StringCchCopyW(szOpPath, ARRAYSIZE(szOpPath)-1, lpszDir); - ZeroMemory(&op, sizeof(op)); - op.wFunc = FO_DELETE; - op.pFrom = szOpPath; - op.fFlags = FOF_SILENT | FOF_NOCONFIRMATION | FOF_NOERRORUI | FOF_NOCONFIRMMKDIR; - - if ((0 == SHFileOperation(&op)) && (!op.fAnyOperationsAborted)) - bStatus = TRUE; - } - return bStatus; - } - else - return TRUE; -} - - -/* Recursively set the given OWNER security descriptor to the key and its subkeys */ -static void RecursiveSetOwner (HKEY hKey, PSECURITY_DESCRIPTOR pSD) -{ - LSTATUS status = 0; - DWORD dwIndex = 0, dwMaxNameLen = 0, dwNameLen = 0, numberSubKeys = 0; - HKEY hSubKey; - - if ( (ERROR_SUCCESS == status) && (ERROR_SUCCESS == RegQueryInfoKey(hKey, NULL, NULL, NULL, &numberSubKeys, &dwMaxNameLen, NULL, NULL, NULL, NULL, NULL, NULL)) - && (numberSubKeys >= 1) - ) - { - dwMaxNameLen++; - wchar_t* szNameValue = new wchar_t[dwMaxNameLen]; - while (true) - { - dwNameLen = dwMaxNameLen; - status = RegEnumKeyExW (hKey, dwIndex++, szNameValue, &dwNameLen, NULL, NULL, NULL, NULL); - if (status == ERROR_SUCCESS) - { - status = RegOpenKeyExW (hKey, szNameValue, 0, WRITE_OWNER | KEY_READ , &hSubKey); - if (ERROR_SUCCESS == status) - { - RecursiveSetOwner (hSubKey, pSD); - RegCloseKey(hSubKey); - } - } - else - break; - } - delete [] szNameValue; - } - - RegSetKeySecurity (hKey, OWNER_SECURITY_INFORMATION, pSD); -} - -/* Recursively set the given DACL security descriptor to the key and its subkeys */ -static void RecursiveSetDACL (HKEY hKey, const wchar_t* SubKeyName, PSECURITY_DESCRIPTOR pSD) -{ - HKEY hSubKey; - DWORD dwIndex = 0, dwMaxNameLen = 0, dwNameLen = 0, numberSubKeys = 0; - LSTATUS status = RegOpenKeyExW(hKey, SubKeyName, 0, WRITE_DAC | KEY_READ /*| ACCESS_SYSTEM_SECURITY*/, &hSubKey); - if (status == ERROR_SUCCESS) - { - status = RegSetKeySecurity (hSubKey, DACL_SECURITY_INFORMATION, pSD); - if (status == ERROR_SUCCESS) - { - RegCloseKey(hSubKey); - status = RegOpenKeyExW(hKey, SubKeyName, 0, WRITE_DAC | KEY_READ , &hSubKey); - } - - if ( (ERROR_SUCCESS == status) - && (ERROR_SUCCESS == RegQueryInfoKeyW(hSubKey, NULL, NULL, NULL, &numberSubKeys, &dwMaxNameLen, NULL, NULL, NULL, NULL, NULL, NULL)) - && (numberSubKeys >= 1) - ) - { - dwMaxNameLen++; - wchar_t* szNameValue = new wchar_t[dwMaxNameLen]; - while (true) - { - dwNameLen = dwMaxNameLen; - status = RegEnumKeyExW (hSubKey, dwIndex++, szNameValue, &dwNameLen, NULL, NULL, NULL, NULL); - if (status == ERROR_SUCCESS) - { - RecursiveSetDACL (hSubKey, szNameValue, pSD); - } - else - break; - } - delete [] szNameValue; - } - } -} - -/* Correct the key permissions to allow its deletion */ -static void AllowKeyAccess(HKEY Key,const wchar_t* SubKeyName) -{ - LSTATUS RegResult; - HKEY SvcKey = NULL; - DWORD dwLength = 0; - HANDLE Token = NULL; - PTOKEN_USER pTokenUser = NULL; - std::string sNewSD; - - RegResult = RegOpenKeyExW(Key, SubKeyName, 0, WRITE_OWNER | KEY_READ, &SvcKey); - if (RegResult==ERROR_SUCCESS) - { - if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &Token)) - { - if (!GetTokenInformation(Token, TokenUser, pTokenUser, 0, &dwLength)) - { - if (GetLastError() ==ERROR_INSUFFICIENT_BUFFER) - { - pTokenUser = (PTOKEN_USER) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwLength); - if (pTokenUser) - { - if (GetTokenInformation(Token, TokenUser, pTokenUser, dwLength, &dwLength)) - { - SECURITY_DESCRIPTOR SecDesc; - if ( InitializeSecurityDescriptor(&SecDesc, SECURITY_DESCRIPTOR_REVISION) - && SetSecurityDescriptorDacl(&SecDesc, TRUE, NULL, FALSE) // NULL DACL: full access to everyone - && SetSecurityDescriptorOwner(&SecDesc, pTokenUser->User.Sid, FALSE) - ) - { - RecursiveSetOwner(SvcKey, &SecDesc); - } - } - - } - } - } - } - RegCloseKey(SvcKey); - } - - if (pTokenUser) - { - PSID pSid = pTokenUser->User.Sid; - DWORD dwAclSize = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + ::GetLengthSid(pSid) - sizeof(DWORD); - PACL pDacl = (PACL) new BYTE[dwAclSize]; - if (pDacl) - { - if (TRUE == ::InitializeAcl(pDacl, dwAclSize, ACL_REVISION)) - { - if (TRUE == AddAccessAllowedAceEx(pDacl, ACL_REVISION, CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE, WRITE_DAC | KEY_ALL_ACCESS, pSid)) - { - SECURITY_DESCRIPTOR SecDesc; - if (TRUE == ::InitializeSecurityDescriptor(&SecDesc, SECURITY_DESCRIPTOR_REVISION)) - { - if (TRUE == ::SetSecurityDescriptorDacl(&SecDesc, TRUE, pDacl, FALSE)) - { - RecursiveSetDACL (Key, SubKeyName, &SecDesc); - } - } - } - } - delete [] pDacl; - } - } - - if (pTokenUser) - HeapFree(GetProcessHeap(), 0, pTokenUser); - if (Token) - CloseHandle(Token); -} - -void SearchAndDeleteRegistrySubString (HKEY hKey, const wchar_t *subKey, const wchar_t *str, BOOL bEnumSubKeys, const wchar_t* enumMatchSubStr) -{ - HKEY hSubKey = 0; - LSTATUS status = 0; - DWORD dwIndex = 0, dwType, dwValueNameLen, dwDataLen; - std::list subKeysList; - size_t subStringLength = str? wcslen(str) : 0; - - if (bEnumSubKeys) - { - DWORD dwMaxNameLen = 0; - if (ERROR_SUCCESS == RegQueryInfoKey(hKey, NULL, NULL, NULL, NULL, &dwMaxNameLen, NULL, NULL, NULL, NULL, NULL, NULL)) - { - dwMaxNameLen++; - wchar_t* szNameValue = new wchar_t[dwMaxNameLen]; - dwIndex = 0; - while (true) - { - dwValueNameLen = dwMaxNameLen; - status = RegEnumKeyExW (hKey, dwIndex++, szNameValue, &dwValueNameLen, NULL, NULL, NULL, NULL); - if (status == ERROR_SUCCESS) - { - if (enumMatchSubStr && !wcsstr(szNameValue, enumMatchSubStr)) - continue; - std::wstring entryName = szNameValue; - entryName += L"\\"; - entryName += subKey; - entryName += L"\\"; - subKeysList.push_back(entryName); - } - else - break; - } - delete [] szNameValue; - } - } - else - { - subKeysList.push_back(subKey); - } - - for (std::list::iterator ItSubKey = subKeysList.begin(); ItSubKey != subKeysList.end(); ItSubKey++) - { - // if the string to search for is empty, delete the sub key, otherwise, look for matching value and delete them - if (subStringLength == 0) - { - if (ERROR_ACCESS_DENIED == DeleteRegistryKey (hKey, ItSubKey->c_str())) - { - // grant permission to delete - AllowKeyAccess (hKey, ItSubKey->c_str()); - - // try again - DeleteRegistryKey (hKey, ItSubKey->c_str()); - } - } - else - { - if (RegOpenKeyExW (hKey, ItSubKey->c_str(), 0, KEY_ALL_ACCESS, &hSubKey) == ERROR_SUCCESS) - { - DWORD dwMaxNameLen = 0, dwMaxDataLen = 0; - if (ERROR_SUCCESS == RegQueryInfoKey(hSubKey, NULL, NULL, NULL, NULL, NULL, NULL, NULL, &dwMaxNameLen, &dwMaxDataLen, NULL, NULL)) - { - dwMaxNameLen++; - wchar_t* szNameValue = new wchar_t[dwMaxNameLen]; - LPBYTE pbData = new BYTE[dwMaxDataLen]; - - std::list foundEntries; - dwIndex = 0; - do - { - dwValueNameLen = dwMaxNameLen; - dwDataLen = dwMaxDataLen; - status = RegEnumValueW(hSubKey, dwIndex++, szNameValue, &dwValueNameLen, NULL, &dwType, pbData, &dwDataLen); - if (status == ERROR_SUCCESS) - { - if ( (wcslen(szNameValue) >= subStringLength && wcsstr(szNameValue, str)) - || (dwType == REG_SZ && wcslen((wchar_t*) pbData) >= subStringLength && wcsstr((wchar_t*) pbData, str)) - ) - { - foundEntries.push_back(szNameValue); - } - } - } while ((status == ERROR_SUCCESS) || (status == ERROR_MORE_DATA)); // we ignore ERROR_MORE_DATA errors since - // we are sure to use the correct sizes - - // delete the entries - if (!foundEntries.empty()) - { - for (std::list::iterator It = foundEntries.begin(); - It != foundEntries.end(); It++) - { - RegDeleteValueW (hSubKey, It->c_str()); - } - } - - delete [] szNameValue; - delete [] pbData; - } - - - RegCloseKey (hSubKey); - } - } - } -} - -/* Set the given privilege of the current process */ -BOOL SetPrivilege(LPTSTR szPrivilegeName, BOOL bEnable) -{ - TOKEN_PRIVILEGES tp; - LUID luid; - HANDLE hProcessToken; - BOOL bStatus = FALSE; - - if ( OpenProcessToken(GetCurrentProcess(), - TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, - &hProcessToken) ) - { - if ( LookupPrivilegeValue( - NULL, - szPrivilegeName, - &luid ) ) - { - - tp.PrivilegeCount = 1; - tp.Privileges[0].Luid = luid; - tp.Privileges[0].Attributes = bEnable? SE_PRIVILEGE_ENABLED : SE_PRIVILEGE_REMOVED; - - // Enable the privilege - bStatus = AdjustTokenPrivileges( - hProcessToken, - FALSE, - &tp, - sizeof(TOKEN_PRIVILEGES), - (PTOKEN_PRIVILEGES) NULL, - (PDWORD) NULL); - } - - CloseHandle(hProcessToken); - } - - return bStatus; -} - -/* - * Creates a VT_LPWSTR propvariant. - * we use our own implementation to use SHStrDupW function pointer - * that we retreive ourselves to avoid dll hijacking attacks - */ -inline HRESULT VCInitPropVariantFromString(__in PCWSTR psz, __out PROPVARIANT *ppropvar) -{ - ppropvar->vt = VT_LPWSTR; - HRESULT hr = VCStrDupW(psz, &ppropvar->pwszVal); - if (FAILED(hr)) - { - PropVariantInit(ppropvar); - } - return hr; -} - -HRESULT CreateLink (wchar_t *lpszPathObj, wchar_t *lpszArguments, - wchar_t *lpszPathLink, const wchar_t* iconFile, int iconIndex) -{ - HRESULT hres; - IShellLink *psl; - - /* Get a pointer to the IShellLink interface. */ - hres = CoCreateInstance (CLSID_ShellLink, NULL, - CLSCTX_INPROC_SERVER, IID_IShellLink, (LPVOID *) &psl); - if (SUCCEEDED (hres)) - { - IPersistFile *ppf; - - /* Set the path to the shortcut target, and add the - description. */ - psl->SetPath (lpszPathObj); - psl->SetArguments (lpszArguments); - if (iconFile) - { - psl->SetIconLocation (iconFile, iconIndex); - } - - // Application ID - if (_tcsstr (lpszPathObj, _T(TC_APP_NAME) _T(".exe"))) - { - IPropertyStore *propStore; - - if (SUCCEEDED (psl->QueryInterface (IID_PPV_ARGS (&propStore)))) - { - PROPVARIANT propVariant; - if (SUCCEEDED (VCInitPropVariantFromString (TC_APPLICATION_ID, &propVariant))) - { - if (SUCCEEDED (propStore->SetValue (PKEY_AppUserModel_ID, propVariant))) - propStore->Commit(); - - PropVariantClear (&propVariant); - } - - propStore->Release(); - } - } - - /* Query IShellLink for the IPersistFile interface for saving - the shortcut in persistent storage. */ - hres = psl->QueryInterface (IID_IPersistFile, - (void **) &ppf); - - if (SUCCEEDED (hres)) - { - /* Save the link by calling IPersistFile::Save. */ - hres = ppf->Save (lpszPathLink, TRUE); - ppf->Release (); - } - psl->Release (); - } - return hres; -} - -BOOL IsSystemRestoreEnabled () -{ - BOOL bEnabled = FALSE; - HKEY hKey; - DWORD dwValue = 0, cbValue = sizeof (DWORD); - wchar_t szRegPath[MAX_PATH]; - GetRestorePointRegKeyName (szRegPath, sizeof (szRegPath)); - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, szRegPath, 0, KEY_READ | KEY_WOW64_64KEY, &hKey) == ERROR_SUCCESS) - { - if (IsOSAtLeast (WIN_VISTA)) - { - if ( (ERROR_SUCCESS == RegQueryValueEx (hKey, L"RPSessionInterval", NULL, NULL, (LPBYTE) &dwValue, &cbValue)) - && (dwValue == 1) - ) - { - bEnabled = TRUE; - } - } - else - { - if ( (ERROR_SUCCESS == RegQueryValueEx (hKey, L"DisableSR", NULL, NULL, (LPBYTE) &dwValue, &cbValue)) - && (dwValue == 0) - ) - { - bEnabled = TRUE; - } - } - - - RegCloseKey (hKey); - } - - return bEnabled; -} - -void GetProgramPath (HWND hwndDlg, wchar_t *path) -{ - ITEMIDLIST *i; - HRESULT res; - - if (bForAllUsers) - res = SHGetSpecialFolderLocation (hwndDlg, CSIDL_COMMON_PROGRAMS, &i); - else - res = SHGetSpecialFolderLocation (hwndDlg, CSIDL_PROGRAMS, &i); - - SHGetPathFromIDList (i, path); -} - -void StatusMessage (HWND hwndDlg, char *stringId) -{ - if (Rollback) - return; - - SendMessageW (GetDlgItem (hwndDlg, IDC_LOG_WINDOW), LB_ADDSTRING, 0, (LPARAM) GetString (stringId)); - - SendDlgItemMessage (hwndDlg, IDC_LOG_WINDOW, LB_SETTOPINDEX, - SendDlgItemMessage (hwndDlg, IDC_LOG_WINDOW, LB_GETCOUNT, 0, 0) - 1, 0); -} - -void StatusMessageParam (HWND hwndDlg, char *stringId, wchar_t *param) -{ - wchar_t szTmp[1024]; - - if (Rollback) - return; - - StringCbPrintfW (szTmp, sizeof(szTmp), L"%s %s", GetString (stringId), param); - SendMessageW (GetDlgItem (hwndDlg, IDC_LOG_WINDOW), LB_ADDSTRING, 0, (LPARAM) szTmp); - - SendDlgItemMessage (hwndDlg, IDC_LOG_WINDOW, LB_SETTOPINDEX, - SendDlgItemMessage (hwndDlg, IDC_LOG_WINDOW, LB_GETCOUNT, 0, 0) - 1, 0); -} - -void ClearLogWindow (HWND hwndDlg) -{ - SendMessage (GetDlgItem (hwndDlg, IDC_LOG_WINDOW), LB_RESETCONTENT, 0, 0); -} - -void RegMessage (HWND hwndDlg, wchar_t *txt) -{ - StatusMessageParam (hwndDlg, "ADDING_REG", txt); -} - -void CopyMessage (HWND hwndDlg, wchar_t *txt) -{ - StatusMessageParam (hwndDlg, "INSTALLING", txt); -} - -void RemoveMessage (HWND hwndDlg, wchar_t *txt) -{ - if (!Rollback) - StatusMessageParam (hwndDlg, "REMOVING", txt); -} - -void IconMessage (HWND hwndDlg, wchar_t *txt) -{ - StatusMessageParam (hwndDlg, "ADDING_ICON", txt); -} - -void DetermineUpgradeDowngradeStatus (BOOL bCloseDriverHandle, LONG *driverVersionPtr) -{ - LONG driverVersion = VERSION_NUM; - int status = 0; - - if (hDriver == INVALID_HANDLE_VALUE) - status = DriverAttach(); - - if ((status == 0) && (hDriver != INVALID_HANDLE_VALUE)) - { - DWORD dwResult; - BOOL bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &driverVersion, sizeof (driverVersion), &dwResult, NULL); - - if (!bResult) - bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_DRIVER_VERSION, NULL, 0, &driverVersion, sizeof (driverVersion), &dwResult, NULL); - - - bUpgrade = (bResult && driverVersion <= VERSION_NUM); - bDowngrade = (bResult && driverVersion > VERSION_NUM); - bReinstallMode = (bResult && driverVersion == VERSION_NUM); - - PortableMode = DeviceIoControl (hDriver, TC_IOCTL_GET_PORTABLE_MODE_STATUS, NULL, 0, NULL, 0, &dwResult, NULL); - - if (bCloseDriverHandle) - { - CloseHandle (hDriver); - hDriver = INVALID_HANDLE_VALUE; - } - } - - *driverVersionPtr = driverVersion; -} - - -static BOOL IsFileInUse (const wstring &filePath) -{ - HANDLE useTestHandle = CreateFile (filePath.c_str(), GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL); - - if (useTestHandle != INVALID_HANDLE_VALUE) - CloseHandle (useTestHandle); - else if (GetLastError() == ERROR_SHARING_VIOLATION) - return TRUE; - - return FALSE; -} - - -BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) -{ - /* WARNING: Note that, despite its name, this function is used during UNinstallation as well. */ - - wchar_t szTmp[TC_MAX_PATH]; - BOOL bOK = TRUE; - int i, x, fileNo; - wchar_t curFileName [TC_MAX_PATH] = {0}; - - if (!bUninstall && !bDevm) - { - // Self-extract all files to memory - - GetModuleFileName (NULL, szTmp, ARRAYSIZE (szTmp)); - - if (!SelfExtractInMemory (szTmp)) - return FALSE; - } - - x = wcslen (szDestDir); - if (x < 2) - return FALSE; - - if (szDestDir[x - 1] != L'\\') - StringCbCatW (szDestDir, MAX_PATH, L"\\"); - - for (i = 0; i < sizeof (szFiles) / sizeof (szFiles[0]); i++) - { - BOOL bResult, driver64 = FALSE; - wchar_t szDir[TC_MAX_PATH]; - - if (wcsstr (szFiles[i], L"VeraCrypt Setup") != 0) - { - if (bUninstall) - continue; // Prevent 'access denied' error - - if (bRepairMode) - continue; // Destination = target - } - - // skip files that don't apply to the current architecture - if ( (Is64BitOs () && (wcscmp (szFiles[i], L"AVeraCrypt-x64.exe") == 0)) - || (Is64BitOs () && (wcscmp (szFiles[i], L"AVeraCryptExpander-x64.exe") == 0)) - || (Is64BitOs () && (wcscmp (szFiles[i], L"AVeraCrypt Format-x64.exe") == 0)) - || (!Is64BitOs () && (wcscmp (szFiles[i], L"AVeraCrypt-x86.exe") == 0)) - || (!Is64BitOs () && (wcscmp (szFiles[i], L"AVeraCryptExpander-x86.exe") == 0)) - || (!Is64BitOs () && (wcscmp (szFiles[i], L"AVeraCrypt Format-x86.exe") == 0)) - ) - { - continue; - } - - if (*szFiles[i] == L'A') - StringCbCopyW (szDir, sizeof(szDir), szDestDir); - else if (*szFiles[i] == L'D') - { - if (Is64BitOs ()) - driver64 = TRUE; - - GetSystemDirectory (szDir, ARRAYSIZE (szDir)); - - x = wcslen (szDir); - if (szDir[x - 1] != L'\\') - StringCbCatW (szDir, sizeof(szDir), L"\\"); - - StringCbCatW (szDir, sizeof(szDir), L"Drivers\\"); - } - else if (*szFiles[i] == L'W') - GetWindowsDirectory (szDir, ARRAYSIZE (szDir)); - - if (*szFiles[i] == L'I') - continue; - - StringCbPrintfW (szTmp, sizeof(szTmp), L"%s%s", szDir, szFiles[i] + 1); - - if (bUninstall == FALSE) - CopyMessage (hwndDlg, szTmp); - else - RemoveMessage (hwndDlg, szTmp); - - if (bUninstall == FALSE) - { - SetCurrentDirectory (SetupFilesDir); - - if (wcsstr (szFiles[i], L"VeraCrypt Setup") != 0) - { - // Copy ourselves (the distribution package) to the destination location as 'VeraCrypt Setup.exe' - - wchar_t mp[MAX_PATH]; - - GetModuleFileName (NULL, mp, ARRAYSIZE (mp)); - bResult = TCCopyFile (mp, szTmp); - } - else - { - StringCchCopyNW (curFileName, ARRAYSIZE(curFileName), szFiles[i] + 1, wcslen (szFiles[i]) - 1); - curFileName [wcslen (szFiles[i]) - 1] = 0; - - if (Is64BitOs () - && wcscmp (szFiles[i], L"Dveracrypt.sys") == 0) - { - StringCbCopyNW (curFileName, sizeof(curFileName), FILENAME_64BIT_DRIVER, sizeof (FILENAME_64BIT_DRIVER)); - } - - if (Is64BitOs () - && wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0) - { - StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt-x64.exe", sizeof (L"VeraCrypt-x64.exe")); - } - - if (Is64BitOs () - && wcscmp (szFiles[i], L"AVeraCrypt-x86.exe") == 0) - { - StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt.exe", sizeof (L"VeraCrypt.exe")); - } - - if (Is64BitOs () - && wcscmp (szFiles[i], L"AVeraCryptExpander.exe") == 0) - { - StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCryptExpander-x64.exe", sizeof (L"VeraCryptExpander-x64.exe")); - } - - if (Is64BitOs () - && wcscmp (szFiles[i], L"AVeraCryptExpander-x86.exe") == 0) - { - StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCryptExpander.exe", sizeof (L"VeraCryptExpander.exe")); - } - - if (Is64BitOs () - && wcscmp (szFiles[i], L"AVeraCrypt Format.exe") == 0) - { - StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt Format-x64.exe", sizeof (L"VeraCrypt Format-x64.exe")); - } - - if (Is64BitOs () - && wcscmp (szFiles[i], L"AVeraCrypt Format-x86.exe") == 0) - { - StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt Format.exe", sizeof (L"VeraCrypt Format.exe")); - } - - if (!bDevm) - { - bResult = FALSE; - - // Find the correct decompressed file in memory - for (fileNo = 0; fileNo < NBR_COMPRESSED_FILES; fileNo++) - { - // Write the file (stored in memory) directly to the destination location - // (there will be no temporary files). - if (wmemcmp ( - curFileName, - Decompressed_Files[fileNo].fileName, - min (wcslen (curFileName), (size_t) Decompressed_Files[fileNo].fileNameLength)) == 0) - { - // Dump filter driver cannot be installed to SysWOW64 directory - if (driver64 && !EnableWow64FsRedirection (FALSE)) - { - handleWin32Error (hwndDlg, SRC_POS); - bResult = FALSE; - goto err; - } - - bResult = SaveBufferToFile ( - (char *) Decompressed_Files[fileNo].fileContent, - szTmp, - Decompressed_Files[fileNo].fileLength, - FALSE, - TRUE); - - if (driver64) - { - if (!EnableWow64FsRedirection (TRUE)) - { - handleWin32Error (hwndDlg, SRC_POS); - bResult = FALSE; - goto err; - } - - if (!bResult) - goto err; - - } - - break; - } - } - } - else - { - if (driver64) - EnableWow64FsRedirection (FALSE); - - bResult = TCCopyFile (curFileName, szTmp); - - if (driver64) - EnableWow64FsRedirection (TRUE); - } - - if (bResult && wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0) - { - if (Is64BitOs ()) - EnableWow64FsRedirection (FALSE); - - wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); - wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); - wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false); - wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true); - - if ( FileExists (servicePath.c_str()) - || (Is64BitOs () && FileExists (serviceLegacyPath.c_str())) - ) - { - CopyMessage (hwndDlg, (wchar_t *) servicePath.c_str()); - bResult = CopyFile (szTmp, servicePath.c_str(), FALSE); - } - - if (bResult && Is64BitOs () - && FileExists (favoritesLegacyFile.c_str()) - && !FileExists (favoritesFile.c_str())) - { - // copy the favorites XML file to the native system directory - bResult = CopyFile (favoritesLegacyFile.c_str(), favoritesFile.c_str(), FALSE); - } - - if (bResult && Is64BitOs () && FileExists (favoritesFile.c_str()) && FileExists (servicePath.c_str())) - { - // Update the path of the service - BootEncryption BootEncObj (hwndDlg); - - try - { - if (BootEncObj.GetDriverServiceStartType() == SERVICE_BOOT_START) - { - BootEncObj.UpdateSystemFavoritesService (); - } - } - catch (...) {} - } - - if (Is64BitOs ()) - { - // delete files from legacy path - if (FileExists (favoritesLegacyFile.c_str())) - { - RemoveMessage (hwndDlg, (wchar_t *) favoritesLegacyFile.c_str()); - ForceDeleteFile (favoritesLegacyFile.c_str()); - } - - if (FileExists (serviceLegacyPath.c_str())) - { - RemoveMessage (hwndDlg, (wchar_t *) serviceLegacyPath.c_str()); - ForceDeleteFile (serviceLegacyPath.c_str()); - } - - EnableWow64FsRedirection (TRUE); - } - } - } - } - else - { - if (driver64) - EnableWow64FsRedirection (FALSE); - bResult = StatDeleteFile (szTmp, TRUE); - if (driver64) - EnableWow64FsRedirection (TRUE); - - if (bResult && wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0) - { - if (Is64BitOs ()) - EnableWow64FsRedirection (FALSE); - - wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); - wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); - wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false); - wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true); - - // delete all files related to system favorites service - if (FileExists (favoritesFile.c_str())) - { - RemoveMessage (hwndDlg, (wchar_t *) favoritesFile.c_str()); - ForceDeleteFile (favoritesFile.c_str()); - } - - if (FileExists (servicePath.c_str())) - { - RemoveMessage (hwndDlg, (wchar_t *) servicePath.c_str()); - ForceDeleteFile (servicePath.c_str()); - } - - if (Is64BitOs ()) - { - if (FileExists (favoritesLegacyFile.c_str())) - { - RemoveMessage (hwndDlg, (wchar_t *) favoritesLegacyFile.c_str()); - ForceDeleteFile (favoritesLegacyFile.c_str()); - } - - if (FileExists (serviceLegacyPath.c_str())) - { - RemoveMessage (hwndDlg, (wchar_t *) serviceLegacyPath.c_str()); - ForceDeleteFile (serviceLegacyPath.c_str()); - } - - EnableWow64FsRedirection (TRUE); - } - } - } - -err: - if (bResult == FALSE) - { - LPVOID lpMsgBuf; - DWORD dwError = GetLastError (); - wchar_t szTmp2[700]; - wchar_t szErrorValue[16]; - wchar_t* pszDesc; - - FormatMessage ( - FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, - NULL, - dwError, - MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT), /* Default language */ - (wchar_t *) &lpMsgBuf, - 0, - NULL - ); - - if (lpMsgBuf) - pszDesc = (wchar_t*) lpMsgBuf; - else - { - StringCbPrintfW (szErrorValue, sizeof (szErrorValue), L"0x%.8X", dwError); - pszDesc = szErrorValue; - } - - if (bUninstall == FALSE) - StringCbPrintfW (szTmp2, sizeof(szTmp2), GetString ("INSTALL_OF_FAILED"), szTmp, pszDesc); - else - StringCbPrintfW (szTmp2, sizeof(szTmp2), GetString ("UNINSTALL_OF_FAILED"), szTmp, pszDesc); - - if (lpMsgBuf) LocalFree (lpMsgBuf); - - if (!Silent && MessageBoxW (hwndDlg, szTmp2, lpszTitle, MB_YESNO | MB_ICONHAND) != IDYES) - return FALSE; - } - } - - // Language pack - if (bUninstall == FALSE) - { - WIN32_FIND_DATA f; - HANDLE h; - - SetCurrentDirectory (SetupFilesDir); - h = FindFirstFile (L"Language.*.xml", &f); - - if (h != INVALID_HANDLE_VALUE) - { - wchar_t d[MAX_PATH*2]; - StringCbPrintfW (d, sizeof(d), L"%s%s", szDestDir, f.cFileName); - CopyMessage (hwndDlg, d); - TCCopyFile (f.cFileName, d); - FindClose (h); - } - - SetCurrentDirectory (SetupFilesDir); - SetCurrentDirectory (L"Setup files"); - h = FindFirstFile (L"VeraCrypt User Guide.*.pdf", &f); - if (h != INVALID_HANDLE_VALUE) - { - wchar_t d[MAX_PATH*2]; - StringCbPrintfW (d, sizeof(d), L"%s%s", szDestDir, f.cFileName); - CopyMessage (hwndDlg, d); - TCCopyFile (f.cFileName, d); - FindClose (h); - } - SetCurrentDirectory (SetupFilesDir); - } - - return bOK; -} - -BOOL DoRegInstall (HWND hwndDlg, wchar_t *szDestDir, BOOL bInstallType) -{ - wchar_t szDir[TC_MAX_PATH], *key; - wchar_t szTmp[TC_MAX_PATH*4]; - HKEY hkey = 0; - BOOL bSlash, bOK = FALSE; - DWORD dw; - int x; - - if (SystemEncryptionUpdate) - { - if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt", - 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE | KEY_WOW64_32KEY, NULL, &hkey, &dw) == ERROR_SUCCESS) - { - StringCbCopyW (szTmp, sizeof(szTmp), _T(VERSION_STRING)); - RegSetValueEx (hkey, L"DisplayVersion", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)); - - StringCbCopyW (szTmp, sizeof(szTmp), _T(TC_HOMEPAGE)); - RegSetValueEx (hkey, L"URLInfoAbout", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)); - - RegCloseKey (hkey); - } - - return TRUE; - } - - StringCbCopyW (szDir, sizeof(szDir), szDestDir); - x = wcslen (szDestDir); - if (szDestDir[x - 1] == L'\\') - bSlash = TRUE; - else - bSlash = FALSE; - - if (bSlash == FALSE) - StringCbCatW (szDir, sizeof(szDir), L"\\"); - - if (bInstallType) - { - - key = L"Software\\Classes\\VeraCryptVolume"; - RegMessage (hwndDlg, key); - if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, - key, - 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS) - goto error; - - StringCbCopyW (szTmp, sizeof(szTmp), L"VeraCrypt Volume"); - if (RegSetValueEx (hkey, L"", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) - goto error; - - StringCbPrintfW (szTmp, sizeof(szTmp), L"%ws", TC_APPLICATION_ID); - if (RegSetValueEx (hkey, L"AppUserModelID", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) - goto error; - - RegCloseKey (hkey); - hkey = 0; - - key = L"Software\\Classes\\VeraCryptVolume\\DefaultIcon"; - RegMessage (hwndDlg, key); - if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, - key, - 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS) - goto error; - - StringCbPrintfW (szTmp, sizeof(szTmp), L"%sVeraCrypt.exe,1", szDir); - if (RegSetValueEx (hkey, L"", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) - goto error; - - RegCloseKey (hkey); - hkey = 0; - - key = L"Software\\Classes\\VeraCryptVolume\\Shell\\open\\command"; - RegMessage (hwndDlg, key); - if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, - key, - 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS) - goto error; - - StringCbPrintfW (szTmp, sizeof(szTmp), L"\"%sVeraCrypt.exe\" /v \"%%1\"", szDir ); - if (RegSetValueEx (hkey, L"", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) - goto error; - - RegCloseKey (hkey); - hkey = 0; - - key = L"Software\\Classes\\.hc"; - BOOL typeClassChanged = TRUE; - wchar_t typeClass[256]; - DWORD typeClassSize = sizeof (typeClass); - - if (ReadLocalMachineRegistryString (key, L"", typeClass, &typeClassSize) && typeClassSize > 0 && wcscmp (typeClass, L"VeraCryptVolume") == 0) - typeClassChanged = FALSE; - - RegMessage (hwndDlg, key); - if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, - key, - 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS) - goto error; - - StringCbCopyW (szTmp, sizeof(szTmp), L"VeraCryptVolume"); - if (RegSetValueEx (hkey, L"", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) - goto error; - - RegCloseKey (hkey); - hkey = 0; - - if (typeClassChanged) - SHChangeNotify (SHCNE_ASSOCCHANGED, SHCNF_IDLIST, NULL, NULL); - } - - key = L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt"; - RegMessage (hwndDlg, key); - if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, - key, - 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE | KEY_WOW64_32KEY, NULL, &hkey, &dw) != ERROR_SUCCESS) - goto error; - - /* IMPORTANT: IF YOU CHANGE THIS IN ANY WAY, REVISE AND UPDATE SetInstallationPath() ACCORDINGLY! */ - StringCbPrintfW (szTmp, sizeof(szTmp), L"\"%sVeraCrypt Setup.exe\" /u", szDir); - if (RegSetValueEx (hkey, L"UninstallString", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) - goto error; - - StringCbPrintfW (szTmp, sizeof(szTmp), L"\"%sVeraCrypt Setup.exe\" /c", szDir); - if (RegSetValueEx (hkey, L"ModifyPath", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) - goto error; - - StringCbPrintfW (szTmp, sizeof(szTmp), L"\"%sVeraCrypt Setup.exe\"", szDir); - if (RegSetValueEx (hkey, L"DisplayIcon", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) - goto error; - - StringCbCopyW (szTmp, sizeof(szTmp), _T(VERSION_STRING)); - if (RegSetValueEx (hkey, L"DisplayVersion", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) - goto error; - - StringCbCopyW (szTmp, sizeof(szTmp), L"VeraCrypt"); - if (RegSetValueEx (hkey, L"DisplayName", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) - goto error; - - StringCbCopyW (szTmp, sizeof(szTmp), L"IDRIX"); - if (RegSetValueEx (hkey, L"Publisher", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) - goto error; - - StringCbCopyW (szTmp, sizeof(szTmp), _T(TC_HOMEPAGE)); - if (RegSetValueEx (hkey, L"URLInfoAbout", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) - goto error; - - bOK = TRUE; - -error: - if (hkey != 0) - RegCloseKey (hkey); - - if (bOK == FALSE) - { - handleWin32Error (hwndDlg, SRC_POS); - Error ("REG_INSTALL_FAILED", hwndDlg); - } - - // Register COM servers for UAC - if (IsOSAtLeast (WIN_VISTA)) - { - if (!RegisterComServers (szDir)) - { - Error ("COM_REG_FAILED", hwndDlg); - return FALSE; - } - } - - return bOK; -} - -BOOL DoApplicationDataUninstall (HWND hwndDlg) -{ - wchar_t path[MAX_PATH]; - wchar_t path2[MAX_PATH]; - BOOL bOK = TRUE; - - StatusMessage (hwndDlg, "REMOVING_APPDATA"); - - SHGetFolderPath (NULL, CSIDL_APPDATA, NULL, 0, path); - StringCbCatW (path, sizeof(path), L"\\VeraCrypt\\"); - - // Delete favorite volumes file - StringCbPrintfW (path2, sizeof(path2), L"%s%s", path, TC_APPD_FILENAME_FAVORITE_VOLUMES); - RemoveMessage (hwndDlg, path2); - StatDeleteFile (path2, FALSE); - - // Delete keyfile defaults - StringCbPrintfW (path2, sizeof(path2), L"%s%s", path, TC_APPD_FILENAME_DEFAULT_KEYFILES); - RemoveMessage (hwndDlg, path2); - StatDeleteFile (path2, FALSE); - - // Delete history file - StringCbPrintfW (path2, sizeof(path2), L"%s%s", path, TC_APPD_FILENAME_HISTORY); - RemoveMessage (hwndDlg, path2); - StatDeleteFile (path2, FALSE); - - // Delete configuration file - StringCbPrintfW (path2, sizeof(path2), L"%s%s", path, TC_APPD_FILENAME_CONFIGURATION); - RemoveMessage (hwndDlg, path2); - StatDeleteFile (path2, FALSE); - - // Delete system encryption configuration file - StringCbPrintfW (path2, sizeof(path2), L"%s%s", path, TC_APPD_FILENAME_SYSTEM_ENCRYPTION); - RemoveMessage (hwndDlg, path2); - StatDeleteFile (path2, FALSE); - - SHGetFolderPath (NULL, CSIDL_APPDATA, NULL, 0, path); - StringCbCatW (path, sizeof(path), L"\\VeraCrypt"); - RemoveMessage (hwndDlg, path); - if (!StatRemoveDirectory (path)) - { - handleWin32Error (hwndDlg, SRC_POS); - bOK = FALSE; - } - - // remove VeraCrypt under common appdata - if (SUCCEEDED (SHGetFolderPath (NULL, CSIDL_COMMON_APPDATA | CSIDL_FLAG_CREATE, NULL, 0, path))) - { - StringCbCatW (path, sizeof(path), L"\\VeraCrypt"); - - // Delete original bootloader - StringCbPrintfW (path2, sizeof(path2), L"%s\\%s", path, TC_SYS_BOOT_LOADER_BACKUP_NAME); - RemoveMessage (hwndDlg, path2); - StatDeleteFile (path2, FALSE); - - // remove VeraCrypt folder - RemoveMessage (hwndDlg, path); - StatRemoveDirectory (path); - } - - - return bOK; -} - -BOOL DoRegUninstall (HWND hwndDlg, BOOL bRemoveDeprecated) -{ - wchar_t regk [64]; - typedef LSTATUS (WINAPI *RegDeleteKeyExWFn) (HKEY hKey,LPCWSTR lpSubKey,REGSAM samDesired,WORD Reserved); - RegDeleteKeyExWFn RegDeleteKeyExWPtr = NULL; - HMODULE hAdvapiDll = LoadLibrary (L"Advapi32.dll"); - if (hAdvapiDll) - { - RegDeleteKeyExWPtr = (RegDeleteKeyExWFn) GetProcAddress(hAdvapiDll, "RegDeleteKeyExW"); - } - - // Unregister COM servers - if (!bRemoveDeprecated && IsOSAtLeast (WIN_VISTA)) - { - if (!UnregisterComServers (InstallationPath)) - StatusMessage (hwndDlg, "COM_DEREG_FAILED"); - } - - if (!bRemoveDeprecated) - StatusMessage (hwndDlg, "REMOVING_REG"); - - if (RegDeleteKeyExWPtr) - { - RegDeleteKeyExWPtr (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt", KEY_WOW64_32KEY, 0); - RegDeleteKeyExWPtr (HKEY_CURRENT_USER, L"Software\\VeraCrypt", KEY_WOW64_32KEY, 0); - } - else - { - RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt"); - RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\VeraCrypt"); - } - RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\Classes\\VeraCryptVolume\\Shell\\open\\command"); - RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\Classes\\VeraCryptVolume\\Shell\\open"); - RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\Classes\\VeraCryptVolume\\Shell"); - RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\Classes\\VeraCryptVolume\\DefaultIcon"); - RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\Classes\\VeraCryptVolume"); - - if (!bRemoveDeprecated) - { - HKEY hKey; - GetStartupRegKeyName (regk, sizeof(regk)); - DeleteRegistryValue (regk, L"VeraCrypt"); - - DeleteRegistryKey (HKEY_LOCAL_MACHINE, L"Software\\Classes\\.hc"); - - // enable the SE_TAKE_OWNERSHIP_NAME privilege for this operation - SetPrivilege (SE_TAKE_OWNERSHIP_NAME, TRUE); - - // clean MuiCache list from VeraCrypt entries - SearchAndDeleteRegistrySubString (HKEY_CLASSES_ROOT, L"Local Settings\\Software\\Microsoft\\Windows\\Shell\\MuiCache", L"VeraCrypt", FALSE, NULL); - - // clean other VeraCrypt entries from all users - SearchAndDeleteRegistrySubString (HKEY_USERS, L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.hc", NULL, TRUE, NULL); - SearchAndDeleteRegistrySubString (HKEY_USERS, L"Software\\Microsoft\\Windows NT\\CurrentVersion\\AppCompatFlags\\Compatibility Assistant\\Persisted", L"VeraCrypt", TRUE, NULL); - SearchAndDeleteRegistrySubString (HKEY_USERS, L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartPage\\NewShortcuts", L"VeraCrypt", TRUE, NULL); - - if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, L"SYSTEM", 0, KEY_ALL_ACCESS | WRITE_DAC | WRITE_OWNER, &hKey) == ERROR_SUCCESS) - { - SearchAndDeleteRegistrySubString (hKey, L"Enum\\Root\\LEGACY_VERACRYPT", NULL, TRUE, L"ControlSet"); - SearchAndDeleteRegistrySubString (hKey, L"services\\veracrypt", NULL, TRUE, L"ControlSet"); - RegCloseKey(hKey); - } - - // disable the SE_TAKE_OWNERSHIP_NAME privilege for this operation - SetPrivilege (SE_TAKE_OWNERSHIP_NAME, FALSE); - - SHChangeNotify (SHCNE_ASSOCCHANGED, SHCNF_IDLIST, NULL, NULL); - } - - if (hAdvapiDll) - FreeLibrary (hAdvapiDll); - - return TRUE; -} - - -BOOL DoServiceUninstall (HWND hwndDlg, wchar_t *lpszService) -{ - SC_HANDLE hManager, hService = NULL; - BOOL bOK = FALSE, bRet; - SERVICE_STATUS status; - BOOL firstTry = TRUE; - int x; - - memset (&status, 0, sizeof (status)); /* Keep VC6 quiet */ - -retry: - - hManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); - if (hManager == NULL) - goto error; - - hService = OpenService (hManager, lpszService, SERVICE_ALL_ACCESS); - if (hService == NULL) - goto error; - - if (wcscmp (L"veracrypt", lpszService) == 0) - { - try - { - BootEncryption bootEnc (hwndDlg); - if (bootEnc.GetDriverServiceStartType() == SERVICE_BOOT_START) - { - try { bootEnc.RegisterFilterDriver (false, BootEncryption::DriveFilter); } catch (...) { } - try { bootEnc.RegisterFilterDriver (false, BootEncryption::VolumeFilter); } catch (...) { } - try { bootEnc.RegisterFilterDriver (false, BootEncryption::DumpFilter); } catch (...) { } - } - } - catch (...) { } - - StatusMessage (hwndDlg, "STOPPING_DRIVER"); - } - else - StatusMessageParam (hwndDlg, "STOPPING", lpszService); - -#define WAIT_PERIOD 3 - - for (x = 0; x < WAIT_PERIOD; x++) - { - bRet = QueryServiceStatus (hService, &status); - if (bRet != TRUE) - goto error; - - if (status.dwCurrentState != SERVICE_START_PENDING && - status.dwCurrentState != SERVICE_STOP_PENDING && - status.dwCurrentState != SERVICE_CONTINUE_PENDING) - break; - - Sleep (1000); - } - - if (status.dwCurrentState != SERVICE_STOPPED) - { - bRet = ControlService (hService, SERVICE_CONTROL_STOP, &status); - if (bRet == FALSE) - goto try_delete; - - for (x = 0; x < WAIT_PERIOD; x++) - { - bRet = QueryServiceStatus (hService, &status); - if (bRet != TRUE) - goto error; - - if (status.dwCurrentState != SERVICE_START_PENDING && - status.dwCurrentState != SERVICE_STOP_PENDING && - status.dwCurrentState != SERVICE_CONTINUE_PENDING) - break; - - Sleep (1000); - } - - if (status.dwCurrentState != SERVICE_STOPPED && status.dwCurrentState != SERVICE_STOP_PENDING) - goto error; - } - -try_delete: - - if (wcscmp (L"veracrypt", lpszService) == 0) - StatusMessage (hwndDlg, "REMOVING_DRIVER"); - else - StatusMessageParam (hwndDlg, "REMOVING", lpszService); - - if (hService != NULL) - { - CloseServiceHandle (hService); - hService = NULL; - } - - if (hManager != NULL) - { - CloseServiceHandle (hManager); - hManager = NULL; - } - - hManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); - if (hManager == NULL) - goto error; - - hService = OpenService (hManager, lpszService, SERVICE_ALL_ACCESS); - if (hService == NULL) - goto error; - - bRet = DeleteService (hService); - if (bRet == FALSE) - { - if (firstTry && GetLastError () == ERROR_SERVICE_MARKED_FOR_DELETE) - { - // Second try for an eventual no-install driver instance - CloseServiceHandle (hService); - CloseServiceHandle (hManager); - hService = NULL; - hManager = NULL; - - Sleep(1000); - firstTry = FALSE; - goto retry; - } - - goto error; - } - - bOK = TRUE; - -error: - - if (bOK == FALSE && GetLastError ()!= ERROR_SERVICE_DOES_NOT_EXIST) - { - handleWin32Error (hwndDlg, SRC_POS); - MessageBoxW (hwndDlg, GetString ("DRIVER_UINSTALL_FAILED"), lpszTitle, MB_ICONHAND); - } - else - bOK = TRUE; - - if (hService != NULL) - CloseServiceHandle (hService); - - if (hManager != NULL) - CloseServiceHandle (hManager); - - return bOK; -} - - -BOOL DoDriverUnload (HWND hwndDlg) -{ - BOOL bOK = TRUE; - int status; - - status = DriverAttach (); - if (status != 0) - { - if (status == ERR_OS_ERROR && GetLastError () != ERROR_FILE_NOT_FOUND) - { - handleWin32Error (hwndDlg, SRC_POS); - AbortProcess ("NODRIVER"); - } - - if (status != ERR_OS_ERROR) - { - handleError (NULL, status, SRC_POS); - AbortProcess ("NODRIVER"); - } - } - - if (hDriver != INVALID_HANDLE_VALUE) - { - MOUNT_LIST_STRUCT driver; - LONG driverVersion = VERSION_NUM; - int refCount; - DWORD dwResult; - BOOL bResult; - - // Try to determine if it's upgrade (and not reinstall, downgrade, or first-time install). - DetermineUpgradeDowngradeStatus (FALSE, &driverVersion); - - // Test for encrypted boot drive - try - { - BootEncryption bootEnc (hwndDlg); - if (bootEnc.GetDriverServiceStartType() == SERVICE_BOOT_START) - { - try - { - // Check hidden OS update consistency - if (IsHiddenOSRunning()) - { - if (bootEnc.GetInstalledBootLoaderVersion() != VERSION_NUM) - { - if (AskWarnNoYes ("UPDATE_TC_IN_DECOY_OS_FIRST", hwndDlg) == IDNO) - AbortProcessSilent (); - } - } - } - catch (...) { } - - if (bUninstallInProgress && !bootEnc.GetStatus().DriveMounted) - { - try { bootEnc.RegisterFilterDriver (false, BootEncryption::DriveFilter); } catch (...) { } - try { bootEnc.RegisterFilterDriver (false, BootEncryption::VolumeFilter); } catch (...) { } - try { bootEnc.RegisterFilterDriver (false, BootEncryption::DumpFilter); } catch (...) { } - bootEnc.SetDriverServiceStartType (SERVICE_SYSTEM_START); - } - else if (bUninstallInProgress || bDowngrade) - { - Error (bDowngrade ? "SETUP_FAILED_BOOT_DRIVE_ENCRYPTED_DOWNGRADE" : "SETUP_FAILED_BOOT_DRIVE_ENCRYPTED", hwndDlg); - return FALSE; - } - else - { - if (CurrentOSMajor == 6 && CurrentOSMinor == 0 && CurrentOSServicePack < 1) - AbortProcess ("SYS_ENCRYPTION_UPGRADE_UNSUPPORTED_ON_VISTA_SP0"); - - SystemEncryptionUpdate = TRUE; - PortableMode = FALSE; - } - } - } - catch (...) { } - - if (!bUninstall - && (bUpgrade || SystemEncryptionUpdate) - && (!bDevm || SystemEncryptionUpdate)) - { - UnloadDriver = FALSE; - } - - if (PortableMode && !SystemEncryptionUpdate) - UnloadDriver = TRUE; - - if (UnloadDriver) - { - int volumesMounted = 0; - - // Check mounted volumes - bResult = DeviceIoControl (hDriver, TC_IOCTL_IS_ANY_VOLUME_MOUNTED, NULL, 0, &volumesMounted, sizeof (volumesMounted), &dwResult, NULL); - - if (!bResult) - { - bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES, NULL, 0, &driver, sizeof (driver), &dwResult, NULL); - if (bResult) - volumesMounted = driver.ulMountedDrives; - } - - if (bResult) - { - if (volumesMounted != 0) - { - bOK = FALSE; - MessageBoxW (hwndDlg, GetString ("DISMOUNT_ALL_FIRST"), lpszTitle, MB_ICONHAND); - } - } - else - { - bOK = FALSE; - handleWin32Error (hwndDlg, SRC_POS); - } - } - - // Try to close all open TC windows - if (bOK) - { - BOOL TCWindowClosed = FALSE; - - EnumWindows (CloseTCWindowsEnum, (LPARAM) &TCWindowClosed); - - if (TCWindowClosed) - Sleep (2000); - } - - // Test for any applications attached to driver - if (!bUpgrade) - { - bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DEVICE_REFCOUNT, &refCount, sizeof (refCount), &refCount, - sizeof (refCount), &dwResult, NULL); - - if (bOK && bResult && refCount > 1) - { - MessageBoxW (hwndDlg, GetString ("CLOSE_TC_FIRST"), lpszTitle, MB_ICONSTOP); - bOK = FALSE; - } - } - - if (!bOK || UnloadDriver) - { - CloseHandle (hDriver); - hDriver = INVALID_HANDLE_VALUE; - } - } - else - { - // Note that the driver may have already been unloaded during this session (e.g. retry after an error, etc.) so it is not - // guaranteed that the user is installing VeraCrypt for the first time now (we also cannot know if the user has already - // installed and used VeraCrypt on another system before). - bPossiblyFirstTimeInstall = TRUE; - } - - return bOK; -} - - -BOOL UpgradeBootLoader (HWND hwndDlg) -{ - if (!SystemEncryptionUpdate) - return TRUE; - - try - { - BootEncryption bootEnc (hwndDlg); - uint64 bootLoaderVersion = bootEnc.GetInstalledBootLoaderVersion(); - if ((bootLoaderVersion < VERSION_NUM) || (bReinstallMode && (bootLoaderVersion == VERSION_NUM))) - { - StatusMessage (hwndDlg, "INSTALLER_UPDATING_BOOT_LOADER"); - - bootEnc.InstallBootLoader (true); - - if (bootEnc.GetInstalledBootLoaderVersion() <= TC_RESCUE_DISK_UPGRADE_NOTICE_MAX_VERSION) - Info (IsHiddenOSRunning() ? "BOOT_LOADER_UPGRADE_OK_HIDDEN_OS" : "BOOT_LOADER_UPGRADE_OK", hwndDlg); - } - return TRUE; - } - catch (Exception &e) - { - e.Show (hwndDlg); - } - catch (...) { } - - Error ("BOOT_LOADER_UPGRADE_FAILED", hwndDlg); - return FALSE; -} - - -BOOL DoShortcutsUninstall (HWND hwndDlg, wchar_t *szDestDir) -{ - wchar_t szLinkDir[TC_MAX_PATH]; - wchar_t szTmp2[TC_MAX_PATH]; - BOOL bSlash, bOK = FALSE; - HRESULT hOle; - int x; - BOOL allUsers = FALSE; - - hOle = OleInitialize (NULL); - - // User start menu - SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_PROGRAMS, 0); - x = wcslen (szLinkDir); - if (szLinkDir[x - 1] == L'\\') - bSlash = TRUE; - else - bSlash = FALSE; - - if (bSlash == FALSE) - StringCbCatW (szLinkDir, sizeof(szLinkDir), L"\\"); - - StringCbCatW (szLinkDir, sizeof(szLinkDir), L"VeraCrypt"); - - // Global start menu - { - struct _stat st; - wchar_t path[TC_MAX_PATH]; - - SHGetSpecialFolderPath (hwndDlg, path, CSIDL_COMMON_PROGRAMS, 0); - StringCbCatW (path, sizeof(path), L"\\VeraCrypt"); - - if (_wstat (path, &st) == 0) - { - StringCbCopyW (szLinkDir, sizeof(szLinkDir), path); - allUsers = TRUE; - } - } - - // Start menu entries - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt.lnk"); - RemoveMessage (hwndDlg, szTmp2); - if (StatDeleteFile (szTmp2, FALSE) == FALSE) - goto error; - - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCryptExpander.lnk"); - RemoveMessage (hwndDlg, szTmp2); - if (StatDeleteFile (szTmp2, FALSE) == FALSE) - goto error; - - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt Website.url"); - RemoveMessage (hwndDlg, szTmp2); - if (StatDeleteFile (szTmp2, FALSE) == FALSE) - goto error; - - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\Uninstall VeraCrypt.lnk"); - RemoveMessage (hwndDlg, szTmp2); - if (StatDeleteFile (szTmp2, FALSE) == FALSE) - goto error; - - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt User's Guide.lnk"); - StatDeleteFile (szTmp2, FALSE); - - // Start menu group - RemoveMessage ((HWND) hwndDlg, szLinkDir); - if (StatRemoveDirectory (szLinkDir) == FALSE) - handleWin32Error ((HWND) hwndDlg, SRC_POS); - - // Desktop icon - - if (allUsers) - SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_COMMON_DESKTOPDIRECTORY, 0); - else - SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_DESKTOPDIRECTORY, 0); - - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt.lnk"); - - RemoveMessage (hwndDlg, szTmp2); - if (StatDeleteFile (szTmp2, FALSE) == FALSE) - goto error; - - bOK = TRUE; - -error: - OleUninitialize (); - - return bOK; -} - -BOOL DoShortcutsInstall (HWND hwndDlg, wchar_t *szDestDir, BOOL bProgGroup, BOOL bDesktopIcon) -{ - wchar_t szLinkDir[TC_MAX_PATH], szDir[TC_MAX_PATH]; - wchar_t szTmp[TC_MAX_PATH], szTmp2[TC_MAX_PATH], szTmp3[TC_MAX_PATH]; - BOOL bSlash, bOK = FALSE; - HRESULT hOle; - int x; - - if (bProgGroup == FALSE && bDesktopIcon == FALSE) - return TRUE; - - hOle = OleInitialize (NULL); - - GetProgramPath (hwndDlg, szLinkDir); - - x = wcslen (szLinkDir); - if (szLinkDir[x - 1] == L'\\') - bSlash = TRUE; - else - bSlash = FALSE; - - if (bSlash == FALSE) - StringCbCatW (szLinkDir, sizeof(szLinkDir), L"\\"); - - StringCbCatW (szLinkDir, sizeof(szLinkDir), L"VeraCrypt"); - - StringCbCopyW (szDir, sizeof(szDir), szDestDir); - x = wcslen (szDestDir); - if (szDestDir[x - 1] == L'\\') - bSlash = TRUE; - else - bSlash = FALSE; - - if (bSlash == FALSE) - StringCbCatW (szDir, sizeof(szDir), L"\\"); - - if (bProgGroup) - { - FILE *f; - - if (mkfulldir (szLinkDir, TRUE) != 0) - { - if (mkfulldir (szLinkDir, FALSE) != 0) - { - wchar_t szTmpW[TC_MAX_PATH]; - - handleWin32Error (hwndDlg, SRC_POS); - StringCbPrintfW (szTmpW, sizeof(szTmpW), GetString ("CANT_CREATE_FOLDER"), szLinkDir); - MessageBoxW (hwndDlg, szTmpW, lpszTitle, MB_ICONHAND); - goto error; - } - } - - StringCbPrintfW (szTmp, sizeof(szTmp), L"%s%s", szDir, L"VeraCrypt.exe"); - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt.lnk"); - - IconMessage (hwndDlg, szTmp2); - if (CreateLink (szTmp, L"", szTmp2, NULL, -1) != S_OK) - goto error; - - StringCbPrintfW (szTmp, sizeof(szTmp), L"%s%s", szDir, L"VeraCryptExpander.exe"); - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCryptExpander.lnk"); - - IconMessage (hwndDlg, szTmp2); - if (CreateLink (szTmp, L"", szTmp2, NULL, -1) != S_OK) - goto error; - - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt Website.url"); - IconMessage (hwndDlg, szTmp2); - f = _wfopen (szTmp2, L"w"); - if (f) - { - fprintf (f, "[InternetShortcut]\nURL=%s\n", TC_APPLINK); - - CheckFileStreamWriteErrors (hwndDlg, f, szTmp2); - fclose (f); - } - else - goto error; - - StringCbPrintfW (szTmp, sizeof(szTmp), L"%s%s", szDir, L"VeraCrypt Setup.exe"); - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\Uninstall VeraCrypt.lnk"); - if (GetSystemDirectory (szTmp3, ARRAYSIZE(szTmp3))) - { - StringCbCatW (szTmp3, sizeof(szTmp3), L"\\control.exe"); - } - else - StringCbCopyW(szTmp3, sizeof(szTmp3), L"C:\\Windows\\System32\\control.exe"); - - IconMessage (hwndDlg, szTmp2); - if (CreateLink (szTmp3, L"appwiz.cpl", szTmp2, szTmp, 0) != S_OK) - goto error; - - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt User's Guide.lnk"); - StatDeleteFile (szTmp2, FALSE); - } - - if (bDesktopIcon) - { - StringCbCopyW (szDir, sizeof(szDir), szDestDir); - x = wcslen (szDestDir); - if (szDestDir[x - 1] == L'\\') - bSlash = TRUE; - else - bSlash = FALSE; - - if (bSlash == FALSE) - StringCbCatW (szDir, sizeof(szDir), L"\\"); - - if (bForAllUsers) - SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_COMMON_DESKTOPDIRECTORY, 0); - else - SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_DESKTOPDIRECTORY, 0); - - StringCbPrintfW (szTmp, sizeof(szTmp), L"%s%s", szDir, L"VeraCrypt.exe"); - StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt.lnk"); - - IconMessage (hwndDlg, szTmp2); - - if (CreateLink (szTmp, L"", szTmp2, NULL, -1) != S_OK) - goto error; - } - - bOK = TRUE; - -error: - OleUninitialize (); - - return bOK; -} - - -void OutcomePrompt (HWND hwndDlg, BOOL bOK) -{ - if (bOK) - { - EnableWindow (GetDlgItem ((HWND) hwndDlg, IDCANCEL), FALSE); - - bDone = TRUE; - - if (bUninstall == FALSE) - { - if (bDevm) - PostMessage (MainDlg, WM_CLOSE, 0, 0); - else if (bPossiblyFirstTimeInstall || bRepairMode || (!bUpgrade && !bDowngrade)) - Info ("INSTALL_OK", hwndDlg); - else - Info ("SETUP_UPDATE_OK", hwndDlg); - } - else - { - wchar_t str[4096]; - - StringCbPrintfW (str, sizeof(str), GetString ("UNINSTALL_OK"), InstallationPath); - MessageBoxW (hwndDlg, str, lpszTitle, MB_ICONASTERISK); - } - } - else - { - if (bUninstall == FALSE) - Error ("INSTALL_FAILED", hwndDlg); - else - Error ("UNINSTALL_FAILED", hwndDlg); - } -} - -static void SetSystemRestorePoint (HWND hwndDlg, BOOL finalize) -{ - static RESTOREPOINTINFO RestPtInfo; - static STATEMGRSTATUS SMgrStatus; - static BOOL failed = FALSE; - static BOOL (__stdcall *_SRSetRestorePoint)(PRESTOREPOINTINFO, PSTATEMGRSTATUS); - - if (!SystemRestoreDll) return; - - _SRSetRestorePoint = (BOOL (__stdcall *)(PRESTOREPOINTINFO, PSTATEMGRSTATUS))GetProcAddress (SystemRestoreDll,"SRSetRestorePointW"); - if (_SRSetRestorePoint == 0) - { - FreeLibrary (SystemRestoreDll); - SystemRestoreDll = 0; - return; - } - - if (!finalize) - { - StatusMessage (hwndDlg, "CREATING_SYS_RESTORE"); - - RestPtInfo.dwEventType = BEGIN_SYSTEM_CHANGE; - RestPtInfo.dwRestorePtType = bUninstall ? APPLICATION_UNINSTALL : APPLICATION_INSTALL | DEVICE_DRIVER_INSTALL; - RestPtInfo.llSequenceNumber = 0; - StringCbCopyW (RestPtInfo.szDescription, sizeof(RestPtInfo.szDescription), bUninstall ? L"VeraCrypt uninstallation" : L"VeraCrypt installation"); - - if(!_SRSetRestorePoint (&RestPtInfo, &SMgrStatus)) - { - StatusMessage (hwndDlg, "FAILED_SYS_RESTORE"); - failed = TRUE; - } - } - else if (!failed) - { - RestPtInfo.dwEventType = END_SYSTEM_CHANGE; - RestPtInfo.llSequenceNumber = SMgrStatus.llSequenceNumber; - - if(!_SRSetRestorePoint(&RestPtInfo, &SMgrStatus)) - { - StatusMessage (hwndDlg, "FAILED_SYS_RESTORE"); - } - } -} - -void DoUninstall (void *arg) -{ - HWND hwndDlg = (HWND) arg; - BOOL bOK = TRUE; - BOOL bTempSkipSysRestore = FALSE; - - if (!Rollback) - EnableWindow (GetDlgItem ((HWND) hwndDlg, IDC_UNINSTALL), FALSE); - - WaitCursor (); - - if (!Rollback) - { - ClearLogWindow (hwndDlg); - } - - if (DoDriverUnload (hwndDlg) == FALSE) - { - bOK = FALSE; - bTempSkipSysRestore = TRUE; // Volumes are possibly mounted; defer System Restore point creation for this uninstall attempt. - } - else - { - if (!Rollback && bSystemRestore && !bTempSkipSysRestore) - SetSystemRestorePoint (hwndDlg, FALSE); - - if (DoServiceUninstall (hwndDlg, L"veracrypt") == FALSE) - { - bOK = FALSE; - } - else if (DoRegUninstall ((HWND) hwndDlg, FALSE) == FALSE) - { - bOK = FALSE; - } - else if (DoFilesInstall ((HWND) hwndDlg, InstallationPath) == FALSE) - { - bOK = FALSE; - } - else if (DoShortcutsUninstall (hwndDlg, InstallationPath) == FALSE) - { - bOK = FALSE; - } - else if (!DoApplicationDataUninstall (hwndDlg)) - { - bOK = FALSE; - } - else - { - wchar_t temp[MAX_PATH]; - FILE *f; - - // Deprecated service - DoServiceUninstall (hwndDlg, L"VeraCryptService"); - - GetTempPath (ARRAYSIZE (temp), temp); - StringCbPrintfW (UninstallBatch, sizeof (UninstallBatch), L"%sVeraCrypt-Uninstall.bat", temp); - - UninstallBatch [ARRAYSIZE(UninstallBatch)-1] = 0; - - // Create uninstall batch - f = _wfopen (UninstallBatch, L"w"); - if (!f) - bOK = FALSE; - else - { - fwprintf (f,L":loop\n" - L"del \"%s%s\"\n" - L"if exist \"%s%s\" goto loop\n" - L"rmdir \"%s\"\n" - L"del \"%s\"", - InstallationPath, L"VeraCrypt Setup.exe", - InstallationPath, L"VeraCrypt Setup.exe", - InstallationPath, - UninstallBatch - ); - - CheckFileStreamWriteErrors (hwndDlg, f, UninstallBatch); - fclose (f); - } - } - } - - NormalCursor (); - - if (Rollback) - return; - - if (bSystemRestore && !bTempSkipSysRestore) - SetSystemRestorePoint (hwndDlg, TRUE); - - if (bOK) - PostMessage (hwndDlg, TC_APPMSG_UNINSTALL_SUCCESS, 0, 0); - else - bUninstallInProgress = FALSE; - - EnableWindow (GetDlgItem ((HWND) hwndDlg, IDC_UNINSTALL), TRUE); - OutcomePrompt (hwndDlg, bOK); -} - -void DoInstall (void *arg) -{ - HWND hwndDlg = (HWND) arg; - BOOL bOK = TRUE; - wchar_t path[MAX_PATH]; - - BootEncryption bootEnc (hwndDlg); - - // Refresh the main GUI (wizard thread) - InvalidateRect (MainDlg, NULL, TRUE); - - ClearLogWindow (hwndDlg); - - if (mkfulldir (InstallationPath, TRUE) != 0) - { - if (mkfulldir (InstallationPath, FALSE) != 0) - { - wchar_t szTmp[TC_MAX_PATH]; - - handleWin32Error (hwndDlg, SRC_POS); - StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CANT_CREATE_FOLDER"), InstallationPath); - MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONHAND); - Error ("INSTALL_FAILED", hwndDlg); - PostMessage (MainDlg, TC_APPMSG_INSTALL_FAILURE, 0, 0); - return; - } - } - - UpdateProgressBarProc(2); - - if (DoDriverUnload (hwndDlg) == FALSE) - { - NormalCursor (); - PostMessage (MainDlg, TC_APPMSG_INSTALL_FAILURE, 0, 0); - return; - } - - if (bUpgrade - && (IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L".exe") - || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L"-x86.exe") - || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L"-x64.exe") - || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L" Format.exe") - || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L" Format-x86.exe") - || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L" Format-x64.exe") - || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L"Expander.exe") - || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L"Expander-x86.exe") - || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L"Expander-x64.exe") - || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L" Setup.exe") - ) - ) - { - NormalCursor (); - Error ("CLOSE_TC_FIRST", hwndDlg); - PostMessage (MainDlg, TC_APPMSG_INSTALL_FAILURE, 0, 0); - return; - } - - UpdateProgressBarProc(12); - - if (bSystemRestore) - SetSystemRestorePoint (hwndDlg, FALSE); - - UpdateProgressBarProc(48); - - if (bDisableSwapFiles - && IsPagingFileActive (FALSE)) - { - if (!DisablePagingFile()) - { - handleWin32Error (hwndDlg, SRC_POS); - Error ("FAILED_TO_DISABLE_PAGING_FILES", hwndDlg); - } - else - bRestartRequired = TRUE; - } - - UpdateProgressBarProc(50); - - // Remove deprecated - DoServiceUninstall (hwndDlg, L"VeraCryptService"); - - UpdateProgressBarProc(55); - - if (!SystemEncryptionUpdate) - DoRegUninstall ((HWND) hwndDlg, TRUE); - - UpdateProgressBarProc(61); - - GetWindowsDirectory (path, ARRAYSIZE (path)); - StringCbCatW (path, sizeof (path), L"\\VeraCrypt Setup.exe"); - StatDeleteFile (path, FALSE); - - if (UpdateProgressBarProc(63) && UnloadDriver && DoServiceUninstall (hwndDlg, L"veracrypt") == FALSE) - { - bOK = FALSE; - } - else if (UpdateProgressBarProc(72) && DoFilesInstall ((HWND) hwndDlg, InstallationPath) == FALSE) - { - bOK = FALSE; - } - else if (UpdateProgressBarProc(80) && DoRegInstall ((HWND) hwndDlg, InstallationPath, bRegisterFileExt) == FALSE) - { - bOK = FALSE; - } - else if (UpdateProgressBarProc(85) && UnloadDriver && DoDriverInstall (hwndDlg) == FALSE) - { - bOK = FALSE; - } - else if (UpdateProgressBarProc(90) && SystemEncryptionUpdate && UpgradeBootLoader (hwndDlg) == FALSE) - { - bOK = FALSE; - } - else if (UpdateProgressBarProc(93) && DoShortcutsInstall (hwndDlg, InstallationPath, bAddToStartMenu, bDesktopIcon) == FALSE) - { - bOK = FALSE; - } - - if (!UnloadDriver) - bRestartRequired = TRUE; - - try - { - bootEnc.RenameDeprecatedSystemLoaderBackup(); - } - catch (...) { } - - if (bOK) - UpdateProgressBarProc(97); - - if (bSystemRestore) - SetSystemRestorePoint (hwndDlg, TRUE); - - if (bOK) - { - UpdateProgressBarProc(100); - UninstallBatch[0] = 0; - StatusMessage (hwndDlg, "INSTALL_COMPLETED"); - } - else - { - UpdateProgressBarProc(0); - - if (!SystemEncryptionUpdate) - { - bUninstall = TRUE; - Rollback = TRUE; - Silent = TRUE; - - DoUninstall (hwndDlg); - - bUninstall = FALSE; - Rollback = FALSE; - Silent = FALSE; - - StatusMessage (hwndDlg, "ROLLBACK"); - } - else - { - Warning ("SYS_ENC_UPGRADE_FAILED", hwndDlg); - } - } - - OutcomePrompt (hwndDlg, bOK); - - if (bOK && !bUninstall && !bDowngrade && !bRepairMode && !bDevm) - { - if (!IsHiddenOSRunning()) // A hidden OS user should not see the post-install notes twice (on decoy OS and then on hidden OS). - { - if (bRestartRequired || SystemEncryptionUpdate) - { - // Restart required - - if (bUpgrade) - { - SavePostInstallTasksSettings (TC_POST_INSTALL_CFG_RELEASE_NOTES); - } - else if (bPossiblyFirstTimeInstall) - { - SavePostInstallTasksSettings (TC_POST_INSTALL_CFG_TUTORIAL); - } - } - else - { - // No restart will be required - - if (bUpgrade) - { - bPromptReleaseNotes = TRUE; - } - else if (bPossiblyFirstTimeInstall) - { - bPromptTutorial = TRUE; - } - } - } - } - - PostMessage (MainDlg, bOK ? TC_APPMSG_INSTALL_SUCCESS : TC_APPMSG_INSTALL_FAILURE, 0, 0); -} - - -void SetInstallationPath (HWND hwndDlg) -{ - HKEY hkey; - BOOL bInstallPathDetermined = FALSE; - wchar_t path[MAX_PATH+20]; - ITEMIDLIST *itemList; - - memset (InstallationPath, 0, sizeof (InstallationPath)); - - // Determine if VeraCrypt is already installed and try to determine its "Program Files" location - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt", 0, KEY_READ | KEY_WOW64_32KEY, &hkey) == ERROR_SUCCESS) - { - /* Default 'UninstallString' registry strings written by VeraCrypt: - ------------------------------------------------------------------------------------ - 5.0+ "C:\Program Files\VeraCrypt\VeraCrypt Setup.exe" /u - */ - - wchar_t rv[MAX_PATH*4]; - DWORD size = sizeof (rv); - if (RegQueryValueEx (hkey, L"UninstallString", 0, 0, (LPBYTE) &rv, &size) == ERROR_SUCCESS && wcsrchr (rv, L'/')) - { - size_t len = 0; - - // Cut and paste the location (path) where VeraCrypt is installed to InstallationPath - if (rv[0] == L'"') - { - len = wcsrchr (rv, L'/') - rv - 2; - StringCchCopyNW (InstallationPath, ARRAYSIZE(InstallationPath), rv + 1, len); - InstallationPath [len] = 0; - bInstallPathDetermined = TRUE; - - if (InstallationPath [wcslen (InstallationPath) - 1] != L'\\') - { - len = wcsrchr (InstallationPath, L'\\') - InstallationPath; - InstallationPath [len] = 0; - } - } - - } - RegCloseKey (hkey); - } - - if (bInstallPathDetermined) - { - wchar_t mp[MAX_PATH]; - - // Determine whether we were launched from the folder where VeraCrypt is installed - GetModuleFileName (NULL, mp, ARRAYSIZE (mp)); - if (wcsncmp (InstallationPath, mp, min (wcslen(InstallationPath), wcslen(mp))) == 0) - { - // We were launched from the folder where VeraCrypt is installed - - if (!IsNonInstallMode() && !bDevm) - bChangeMode = TRUE; - } - } - else - { - /* VeraCrypt is not installed or it wasn't possible to determine where it is installed. */ - - // Default "Program Files" path. - SHGetSpecialFolderLocation (hwndDlg, CSIDL_PROGRAM_FILES, &itemList); - SHGetPathFromIDList (itemList, path); - - if (Is64BitOs()) - { - // Use a unified default installation path (registry redirection of %ProgramFiles% does not work if the installation path is user-selectable) - wstring s = path; - size_t p = s.find (L" (x86)"); - if (p != wstring::npos) - { - s = s.substr (0, p); - if (_waccess (s.c_str(), 0) != -1) - StringCbCopyW (path, sizeof (path), s.c_str()); - } - } - - StringCbCatW (path, sizeof(path), L"\\VeraCrypt\\"); - StringCbCopyW (InstallationPath, sizeof(InstallationPath), path); - } - - // Make sure the path ends with a backslash - if (InstallationPath [wcslen (InstallationPath) - 1] != L'\\') - { - StringCbCatW (InstallationPath, sizeof(InstallationPath), L"\\"); - } -} - - -// Handler for uninstall only (install is handled by the wizard) -BOOL CALLBACK UninstallDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - - switch (msg) - { - case WM_INITDIALOG: - - MainDlg = hwndDlg; - - if (!CreateAppSetupMutex ()) - AbortProcess ("TC_INSTALLER_IS_RUNNING"); - - InitDialog (hwndDlg); - LocalizeDialog (hwndDlg, NULL); - - SetWindowTextW (hwndDlg, lpszTitle); - - // System Restore - SetCheckBox (hwndDlg, IDC_SYSTEM_RESTORE, bSystemRestore); - if (SystemRestoreDll == 0) - { - SetCheckBox (hwndDlg, IDC_SYSTEM_RESTORE, FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_SYSTEM_RESTORE), FALSE); - } - - SetFocus (GetDlgItem (hwndDlg, IDC_UNINSTALL)); - - return 1; - - case WM_SYSCOMMAND: - if (lw == IDC_ABOUT) - { - DialogBoxW (hInst, MAKEINTRESOURCEW (IDD_ABOUT_DLG), hwndDlg, (DLGPROC) AboutDlgProc); - return 1; - } - return 0; - - case WM_COMMAND: - if (lw == IDC_UNINSTALL) - { - if (bDone) - { - bUninstallInProgress = FALSE; - PostMessage (hwndDlg, WM_CLOSE, 0, 0); - return 1; - } - - bUninstallInProgress = TRUE; - - WaitCursor (); - - if (bUninstall) - _beginthread (DoUninstall, 0, (void *) hwndDlg); - - return 1; - } - - if (lw == IDC_SYSTEM_RESTORE) - { - bSystemRestore = IsButtonChecked (GetDlgItem (hwndDlg, IDC_SYSTEM_RESTORE)); - return 1; - } - - if (lw == IDCANCEL) - { - PostMessage (hwndDlg, WM_CLOSE, 0, 0); - return 1; - } - - return 0; - - case TC_APPMSG_UNINSTALL_SUCCESS: - SetWindowTextW (GetDlgItem ((HWND) hwndDlg, IDC_UNINSTALL), GetString ("FINALIZE")); - NormalCursor (); - return 1; - - case WM_CLOSE: - if (bUninstallInProgress) - { - NormalCursor(); - if (AskNoYes("CONFIRM_EXIT_UNIVERSAL", hwndDlg) == IDNO) - { - return 1; - } - WaitCursor (); - } - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - return 0; -} - - -int WINAPI wWinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, wchar_t *lpszCommandLine, int nCmdShow) -{ - atexit (localcleanup); - - SelfExtractStartupInit(); - - lpszTitle = L"VeraCrypt Setup"; - - /* Call InitApp to initialize the common code */ - InitApp (hInstance, NULL); - - if (IsAdmin () != TRUE) - if (MessageBoxW (NULL, GetString ("SETUP_ADMIN"), lpszTitle, MB_YESNO | MB_ICONQUESTION) != IDYES) - { - FinalizeApp (); - exit (1); - } - - /* Setup directory */ - { - wchar_t *s; - GetModuleFileName (NULL, SetupFilesDir, ARRAYSIZE (SetupFilesDir)); - s = wcsrchr (SetupFilesDir, L'\\'); - if (s) - s[1] = 0; - } - - /* Parse command line arguments */ - - if (lpszCommandLine[0] == L'/') - { - if (lpszCommandLine[1] == L'u') - { - // Uninstall: /u - - bUninstall = TRUE; - } - else if (lpszCommandLine[1] == L'c') - { - // Change: /c - - bChangeMode = TRUE; - } - else if (lpszCommandLine[1] == L'p') - { - // Create self-extracting package: /p - - bMakePackage = TRUE; - } - else if (lpszCommandLine[1] == L'd') - { - // Dev mode: /d - bDevm = TRUE; - } - } - - if (bMakePackage) - { - /* Create self-extracting package */ - - MakeSelfExtractingPackage (NULL, SetupFilesDir); - } - else - { - SetInstallationPath (NULL); - - if (!bUninstall) - { - if (IsSelfExtractingPackage()) - { - if (!VerifyPackageIntegrity()) - { - // Package corrupted - exit (1); - } - bDevm = FALSE; - } - else if (!bDevm) - { - MessageBox (NULL, L"Error: This installer file does not contain any compressed files.\n\nTo create a self-extracting installation package (with embedded compressed files), run:\n\"VeraCrypt Setup.exe\" /p", L"VeraCrypt", MB_ICONERROR | MB_SETFOREGROUND | MB_TOPMOST); - FinalizeApp (); - exit (1); - } - - if (bChangeMode) - { - /* VeraCrypt is already installed on this system and we were launched from the Program Files folder */ - - char *tmpStr[] = {0, "SELECT_AN_ACTION", "REPAIR_REINSTALL", "UNINSTALL", "EXIT", 0}; - - // Ask the user to select either Repair or Unistallation - switch (AskMultiChoice ((void **) tmpStr, FALSE, NULL)) - { - case 1: - bRepairMode = TRUE; - break; - case 2: - bUninstall = TRUE; - break; - default: - FinalizeApp (); - exit (1); - } - } - } - - // System Restore - if (IsSystemRestoreEnabled ()) - { - wchar_t dllPath[MAX_PATH]; - if (GetSystemDirectory (dllPath, MAX_PATH)) - { - StringCbCatW(dllPath, sizeof(dllPath), L"\\srclient.dll"); - } - else - StringCbCopyW(dllPath, sizeof(dllPath), L"C:\\Windows\\System32\\srclient.dll"); - SystemRestoreDll = LoadLibrary (dllPath); - } - else - SystemRestoreDll = 0; - - if (!bUninstall) - { - /* Create the main dialog for install */ - - DialogBoxParamW (hInstance, MAKEINTRESOURCEW (IDD_INSTL_DLG), NULL, (DLGPROC) MainDialogProc, - (LPARAM)lpszCommandLine); - } - else - { - /* Create the main dialog for uninstall */ - - DialogBoxW (hInstance, MAKEINTRESOURCEW (IDD_UNINSTALL), NULL, (DLGPROC) UninstallDlgProc); - - if (UninstallBatch[0]) - { - STARTUPINFO si; - PROCESS_INFORMATION pi; - - ZeroMemory (&si, sizeof (si)); - si.cb = sizeof (si); - si.dwFlags = STARTF_USESHOWWINDOW; - si.wShowWindow = SW_HIDE; - - if (!CreateProcess (UninstallBatch, NULL, NULL, NULL, FALSE, IDLE_PRIORITY_CLASS, NULL, NULL, &si, &pi)) - DeleteFile (UninstallBatch); - else - { - CloseHandle (pi.hProcess); - CloseHandle (pi.hThread); - } - } - } - } - FinalizeApp (); - return 0; -} +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" +#include +#include +#include +#include +#include +#include +#include + +#include "Apidrvr.h" +#include "BootEncryption.h" +#include "Boot/Windows/BootCommon.h" +#include "Combo.h" +#include "ComSetup.h" +#include "Dlgcode.h" +#include "Language.h" +#include "Registry.h" +#include "Resource.h" + +#include "Dir.h" +#include "Setup.h" +#include "SelfExtract.h" +#include "Wizard.h" + +#include "../Common/Resource.h" + +using namespace VeraCrypt; + +#pragma warning( disable : 4201 ) +#pragma warning( disable : 4115 ) + +#include + +#pragma warning( default : 4201 ) +#pragma warning( default : 4115 ) + +#include + +wchar_t InstallationPath[TC_MAX_PATH]; +wchar_t SetupFilesDir[TC_MAX_PATH]; +wchar_t UninstallBatch[MAX_PATH]; + +BOOL bUninstall = FALSE; +BOOL bRestartRequired = FALSE; +BOOL bMakePackage = FALSE; +BOOL bDone = FALSE; +BOOL Rollback = FALSE; +BOOL bUpgrade = FALSE; +BOOL bDowngrade = FALSE; +BOOL SystemEncryptionUpdate = FALSE; +BOOL PortableMode = FALSE; +BOOL bRepairMode = FALSE; +BOOL bReinstallMode = FALSE; +BOOL bChangeMode = FALSE; +BOOL bDevm = FALSE; +BOOL bPossiblyFirstTimeInstall = FALSE; +BOOL bUninstallInProgress = FALSE; +BOOL UnloadDriver = TRUE; + +BOOL bSystemRestore = TRUE; +BOOL bDisableSwapFiles = FALSE; +BOOL bForAllUsers = TRUE; +BOOL bRegisterFileExt = TRUE; +BOOL bAddToStartMenu = TRUE; +BOOL bDesktopIcon = TRUE; + +BOOL bDesktopIconStatusDetermined = FALSE; + +HMODULE volatile SystemRestoreDll = 0; + +void localcleanup (void) +{ + localcleanupwiz (); + cleanup (); + + CloseAppSetupMutex (); +} + +BOOL ForceDeleteFile (LPCWSTR szFileName) +{ + if (!DeleteFile (szFileName)) + { + /* delete the renamed file when the machine reboots */ + return MoveFileEx (szFileName, NULL, MOVEFILE_DELAY_UNTIL_REBOOT); + } + else + return TRUE; +} + +BOOL StatDeleteFile (wchar_t *lpszFile, BOOL bCheckForOldFile) +{ + struct __stat64 st; + + if (bCheckForOldFile) + { + wchar_t szOldPath[MAX_PATH + 1]; + StringCbCopyW (szOldPath, sizeof(szOldPath), lpszFile); + StringCbCatW (szOldPath, sizeof(szOldPath), VC_FILENAME_RENAMED_SUFFIX); + + if (_wstat64 (szOldPath, &st) == 0) + { + ForceDeleteFile (szOldPath); + } + } + + if (_wstat64 (lpszFile, &st) == 0) + return ForceDeleteFile (lpszFile); + else + return TRUE; +} + +BOOL StatRemoveDirectory (wchar_t *lpszDir) +{ + struct __stat64 st; + + if (_wstat64 (lpszDir, &st) == 0) + { + BOOL bStatus = RemoveDirectory (lpszDir); + if (!bStatus) + { + /* force removal of the non empty directory */ + wchar_t szOpPath[TC_MAX_PATH + 1] = {0}; + SHFILEOPSTRUCTW op; + + StringCchCopyW(szOpPath, ARRAYSIZE(szOpPath)-1, lpszDir); + ZeroMemory(&op, sizeof(op)); + op.wFunc = FO_DELETE; + op.pFrom = szOpPath; + op.fFlags = FOF_SILENT | FOF_NOCONFIRMATION | FOF_NOERRORUI | FOF_NOCONFIRMMKDIR; + + if ((0 == SHFileOperation(&op)) && (!op.fAnyOperationsAborted)) + bStatus = TRUE; + } + return bStatus; + } + else + return TRUE; +} + + +/* Recursively set the given OWNER security descriptor to the key and its subkeys */ +static void RecursiveSetOwner (HKEY hKey, PSECURITY_DESCRIPTOR pSD) +{ + LSTATUS status = 0; + DWORD dwIndex = 0, dwMaxNameLen = 0, dwNameLen = 0, numberSubKeys = 0; + HKEY hSubKey; + + if ( (ERROR_SUCCESS == status) && (ERROR_SUCCESS == RegQueryInfoKey(hKey, NULL, NULL, NULL, &numberSubKeys, &dwMaxNameLen, NULL, NULL, NULL, NULL, NULL, NULL)) + && (numberSubKeys >= 1) + ) + { + dwMaxNameLen++; + wchar_t* szNameValue = new wchar_t[dwMaxNameLen]; + while (true) + { + dwNameLen = dwMaxNameLen; + status = RegEnumKeyExW (hKey, dwIndex++, szNameValue, &dwNameLen, NULL, NULL, NULL, NULL); + if (status == ERROR_SUCCESS) + { + status = RegOpenKeyExW (hKey, szNameValue, 0, WRITE_OWNER | KEY_READ , &hSubKey); + if (ERROR_SUCCESS == status) + { + RecursiveSetOwner (hSubKey, pSD); + RegCloseKey(hSubKey); + } + } + else + break; + } + delete [] szNameValue; + } + + RegSetKeySecurity (hKey, OWNER_SECURITY_INFORMATION, pSD); +} + +/* Recursively set the given DACL security descriptor to the key and its subkeys */ +static void RecursiveSetDACL (HKEY hKey, const wchar_t* SubKeyName, PSECURITY_DESCRIPTOR pSD) +{ + HKEY hSubKey; + DWORD dwIndex = 0, dwMaxNameLen = 0, dwNameLen = 0, numberSubKeys = 0; + LSTATUS status = RegOpenKeyExW(hKey, SubKeyName, 0, WRITE_DAC | KEY_READ /*| ACCESS_SYSTEM_SECURITY*/, &hSubKey); + if (status == ERROR_SUCCESS) + { + status = RegSetKeySecurity (hSubKey, DACL_SECURITY_INFORMATION, pSD); + if (status == ERROR_SUCCESS) + { + RegCloseKey(hSubKey); + status = RegOpenKeyExW(hKey, SubKeyName, 0, WRITE_DAC | KEY_READ , &hSubKey); + } + + if ( (ERROR_SUCCESS == status) + && (ERROR_SUCCESS == RegQueryInfoKeyW(hSubKey, NULL, NULL, NULL, &numberSubKeys, &dwMaxNameLen, NULL, NULL, NULL, NULL, NULL, NULL)) + && (numberSubKeys >= 1) + ) + { + dwMaxNameLen++; + wchar_t* szNameValue = new wchar_t[dwMaxNameLen]; + while (true) + { + dwNameLen = dwMaxNameLen; + status = RegEnumKeyExW (hSubKey, dwIndex++, szNameValue, &dwNameLen, NULL, NULL, NULL, NULL); + if (status == ERROR_SUCCESS) + { + RecursiveSetDACL (hSubKey, szNameValue, pSD); + } + else + break; + } + delete [] szNameValue; + } + } +} + +/* Correct the key permissions to allow its deletion */ +static void AllowKeyAccess(HKEY Key,const wchar_t* SubKeyName) +{ + LSTATUS RegResult; + HKEY SvcKey = NULL; + DWORD dwLength = 0; + HANDLE Token = NULL; + PTOKEN_USER pTokenUser = NULL; + std::string sNewSD; + + RegResult = RegOpenKeyExW(Key, SubKeyName, 0, WRITE_OWNER | KEY_READ, &SvcKey); + if (RegResult==ERROR_SUCCESS) + { + if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &Token)) + { + if (!GetTokenInformation(Token, TokenUser, pTokenUser, 0, &dwLength)) + { + if (GetLastError() ==ERROR_INSUFFICIENT_BUFFER) + { + pTokenUser = (PTOKEN_USER) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwLength); + if (pTokenUser) + { + if (GetTokenInformation(Token, TokenUser, pTokenUser, dwLength, &dwLength)) + { + SECURITY_DESCRIPTOR SecDesc; + if ( InitializeSecurityDescriptor(&SecDesc, SECURITY_DESCRIPTOR_REVISION) + && SetSecurityDescriptorDacl(&SecDesc, TRUE, NULL, FALSE) // NULL DACL: full access to everyone + && SetSecurityDescriptorOwner(&SecDesc, pTokenUser->User.Sid, FALSE) + ) + { + RecursiveSetOwner(SvcKey, &SecDesc); + } + } + + } + } + } + } + RegCloseKey(SvcKey); + } + + if (pTokenUser) + { + PSID pSid = pTokenUser->User.Sid; + DWORD dwAclSize = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + ::GetLengthSid(pSid) - sizeof(DWORD); + PACL pDacl = (PACL) new BYTE[dwAclSize]; + if (pDacl) + { + if (TRUE == ::InitializeAcl(pDacl, dwAclSize, ACL_REVISION)) + { + if (TRUE == AddAccessAllowedAceEx(pDacl, ACL_REVISION, CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE, WRITE_DAC | KEY_ALL_ACCESS, pSid)) + { + SECURITY_DESCRIPTOR SecDesc; + if (TRUE == ::InitializeSecurityDescriptor(&SecDesc, SECURITY_DESCRIPTOR_REVISION)) + { + if (TRUE == ::SetSecurityDescriptorDacl(&SecDesc, TRUE, pDacl, FALSE)) + { + RecursiveSetDACL (Key, SubKeyName, &SecDesc); + } + } + } + } + delete [] pDacl; + } + } + + if (pTokenUser) + HeapFree(GetProcessHeap(), 0, pTokenUser); + if (Token) + CloseHandle(Token); +} + +void SearchAndDeleteRegistrySubString (HKEY hKey, const wchar_t *subKey, const wchar_t *str, BOOL bEnumSubKeys, const wchar_t* enumMatchSubStr) +{ + HKEY hSubKey = 0; + LSTATUS status = 0; + DWORD dwIndex = 0, dwType, dwValueNameLen, dwDataLen; + std::list subKeysList; + size_t subStringLength = str? wcslen(str) : 0; + + if (bEnumSubKeys) + { + DWORD dwMaxNameLen = 0; + if (ERROR_SUCCESS == RegQueryInfoKey(hKey, NULL, NULL, NULL, NULL, &dwMaxNameLen, NULL, NULL, NULL, NULL, NULL, NULL)) + { + dwMaxNameLen++; + wchar_t* szNameValue = new wchar_t[dwMaxNameLen]; + dwIndex = 0; + while (true) + { + dwValueNameLen = dwMaxNameLen; + status = RegEnumKeyExW (hKey, dwIndex++, szNameValue, &dwValueNameLen, NULL, NULL, NULL, NULL); + if (status == ERROR_SUCCESS) + { + if (enumMatchSubStr && !wcsstr(szNameValue, enumMatchSubStr)) + continue; + std::wstring entryName = szNameValue; + entryName += L"\\"; + entryName += subKey; + entryName += L"\\"; + subKeysList.push_back(entryName); + } + else + break; + } + delete [] szNameValue; + } + } + else + { + subKeysList.push_back(subKey); + } + + for (std::list::iterator ItSubKey = subKeysList.begin(); ItSubKey != subKeysList.end(); ItSubKey++) + { + // if the string to search for is empty, delete the sub key, otherwise, look for matching value and delete them + if (subStringLength == 0) + { + if (ERROR_ACCESS_DENIED == DeleteRegistryKey (hKey, ItSubKey->c_str())) + { + // grant permission to delete + AllowKeyAccess (hKey, ItSubKey->c_str()); + + // try again + DeleteRegistryKey (hKey, ItSubKey->c_str()); + } + } + else + { + if (RegOpenKeyExW (hKey, ItSubKey->c_str(), 0, KEY_ALL_ACCESS, &hSubKey) == ERROR_SUCCESS) + { + DWORD dwMaxNameLen = 0, dwMaxDataLen = 0; + if (ERROR_SUCCESS == RegQueryInfoKey(hSubKey, NULL, NULL, NULL, NULL, NULL, NULL, NULL, &dwMaxNameLen, &dwMaxDataLen, NULL, NULL)) + { + dwMaxNameLen++; + wchar_t* szNameValue = new wchar_t[dwMaxNameLen]; + LPBYTE pbData = new BYTE[dwMaxDataLen]; + + std::list foundEntries; + dwIndex = 0; + do + { + dwValueNameLen = dwMaxNameLen; + dwDataLen = dwMaxDataLen; + status = RegEnumValueW(hSubKey, dwIndex++, szNameValue, &dwValueNameLen, NULL, &dwType, pbData, &dwDataLen); + if (status == ERROR_SUCCESS) + { + if ( (wcslen(szNameValue) >= subStringLength && wcsstr(szNameValue, str)) + || (dwType == REG_SZ && wcslen((wchar_t*) pbData) >= subStringLength && wcsstr((wchar_t*) pbData, str)) + ) + { + foundEntries.push_back(szNameValue); + } + } + } while ((status == ERROR_SUCCESS) || (status == ERROR_MORE_DATA)); // we ignore ERROR_MORE_DATA errors since + // we are sure to use the correct sizes + + // delete the entries + if (!foundEntries.empty()) + { + for (std::list::iterator It = foundEntries.begin(); + It != foundEntries.end(); It++) + { + RegDeleteValueW (hSubKey, It->c_str()); + } + } + + delete [] szNameValue; + delete [] pbData; + } + + + RegCloseKey (hSubKey); + } + } + } +} + +/* Set the given privilege of the current process */ +BOOL SetPrivilege(LPTSTR szPrivilegeName, BOOL bEnable) +{ + TOKEN_PRIVILEGES tp; + LUID luid; + HANDLE hProcessToken; + BOOL bStatus = FALSE; + + if ( OpenProcessToken(GetCurrentProcess(), + TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, + &hProcessToken) ) + { + if ( LookupPrivilegeValue( + NULL, + szPrivilegeName, + &luid ) ) + { + + tp.PrivilegeCount = 1; + tp.Privileges[0].Luid = luid; + tp.Privileges[0].Attributes = bEnable? SE_PRIVILEGE_ENABLED : SE_PRIVILEGE_REMOVED; + + // Enable the privilege + bStatus = AdjustTokenPrivileges( + hProcessToken, + FALSE, + &tp, + sizeof(TOKEN_PRIVILEGES), + (PTOKEN_PRIVILEGES) NULL, + (PDWORD) NULL); + } + + CloseHandle(hProcessToken); + } + + return bStatus; +} + +/* + * Creates a VT_LPWSTR propvariant. + * we use our own implementation to use SHStrDupW function pointer + * that we retreive ourselves to avoid dll hijacking attacks + */ +inline HRESULT VCInitPropVariantFromString(__in PCWSTR psz, __out PROPVARIANT *ppropvar) +{ + ppropvar->vt = VT_LPWSTR; + HRESULT hr = VCStrDupW(psz, &ppropvar->pwszVal); + if (FAILED(hr)) + { + PropVariantInit(ppropvar); + } + return hr; +} + +HRESULT CreateLink (wchar_t *lpszPathObj, wchar_t *lpszArguments, + wchar_t *lpszPathLink, const wchar_t* iconFile, int iconIndex) +{ + HRESULT hres; + IShellLink *psl; + + /* Get a pointer to the IShellLink interface. */ + hres = CoCreateInstance (CLSID_ShellLink, NULL, + CLSCTX_INPROC_SERVER, IID_IShellLink, (LPVOID *) &psl); + if (SUCCEEDED (hres)) + { + IPersistFile *ppf; + + /* Set the path to the shortcut target, and add the + description. */ + psl->SetPath (lpszPathObj); + psl->SetArguments (lpszArguments); + if (iconFile) + { + psl->SetIconLocation (iconFile, iconIndex); + } + + // Application ID + if (_tcsstr (lpszPathObj, _T(TC_APP_NAME) _T(".exe"))) + { + IPropertyStore *propStore; + + if (SUCCEEDED (psl->QueryInterface (IID_PPV_ARGS (&propStore)))) + { + PROPVARIANT propVariant; + if (SUCCEEDED (VCInitPropVariantFromString (TC_APPLICATION_ID, &propVariant))) + { + if (SUCCEEDED (propStore->SetValue (PKEY_AppUserModel_ID, propVariant))) + propStore->Commit(); + + PropVariantClear (&propVariant); + } + + propStore->Release(); + } + } + + /* Query IShellLink for the IPersistFile interface for saving + the shortcut in persistent storage. */ + hres = psl->QueryInterface (IID_IPersistFile, + (void **) &ppf); + + if (SUCCEEDED (hres)) + { + /* Save the link by calling IPersistFile::Save. */ + hres = ppf->Save (lpszPathLink, TRUE); + ppf->Release (); + } + psl->Release (); + } + return hres; +} + +BOOL IsSystemRestoreEnabled () +{ + BOOL bEnabled = FALSE; + HKEY hKey; + DWORD dwValue = 0, cbValue = sizeof (DWORD); + wchar_t szRegPath[MAX_PATH]; + GetRestorePointRegKeyName (szRegPath, sizeof (szRegPath)); + if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, szRegPath, 0, KEY_READ | KEY_WOW64_64KEY, &hKey) == ERROR_SUCCESS) + { + if (IsOSAtLeast (WIN_VISTA)) + { + if ( (ERROR_SUCCESS == RegQueryValueEx (hKey, L"RPSessionInterval", NULL, NULL, (LPBYTE) &dwValue, &cbValue)) + && (dwValue == 1) + ) + { + bEnabled = TRUE; + } + } + else + { + if ( (ERROR_SUCCESS == RegQueryValueEx (hKey, L"DisableSR", NULL, NULL, (LPBYTE) &dwValue, &cbValue)) + && (dwValue == 0) + ) + { + bEnabled = TRUE; + } + } + + + RegCloseKey (hKey); + } + + return bEnabled; +} + +void GetProgramPath (HWND hwndDlg, wchar_t *path) +{ + ITEMIDLIST *i; + HRESULT res; + + if (bForAllUsers) + res = SHGetSpecialFolderLocation (hwndDlg, CSIDL_COMMON_PROGRAMS, &i); + else + res = SHGetSpecialFolderLocation (hwndDlg, CSIDL_PROGRAMS, &i); + + SHGetPathFromIDList (i, path); +} + +void StatusMessage (HWND hwndDlg, char *stringId) +{ + if (Rollback) + return; + + SendMessageW (GetDlgItem (hwndDlg, IDC_LOG_WINDOW), LB_ADDSTRING, 0, (LPARAM) GetString (stringId)); + + SendDlgItemMessage (hwndDlg, IDC_LOG_WINDOW, LB_SETTOPINDEX, + SendDlgItemMessage (hwndDlg, IDC_LOG_WINDOW, LB_GETCOUNT, 0, 0) - 1, 0); +} + +void StatusMessageParam (HWND hwndDlg, char *stringId, wchar_t *param) +{ + wchar_t szTmp[1024]; + + if (Rollback) + return; + + StringCbPrintfW (szTmp, sizeof(szTmp), L"%s %s", GetString (stringId), param); + SendMessageW (GetDlgItem (hwndDlg, IDC_LOG_WINDOW), LB_ADDSTRING, 0, (LPARAM) szTmp); + + SendDlgItemMessage (hwndDlg, IDC_LOG_WINDOW, LB_SETTOPINDEX, + SendDlgItemMessage (hwndDlg, IDC_LOG_WINDOW, LB_GETCOUNT, 0, 0) - 1, 0); +} + +void ClearLogWindow (HWND hwndDlg) +{ + SendMessage (GetDlgItem (hwndDlg, IDC_LOG_WINDOW), LB_RESETCONTENT, 0, 0); +} + +void RegMessage (HWND hwndDlg, wchar_t *txt) +{ + StatusMessageParam (hwndDlg, "ADDING_REG", txt); +} + +void CopyMessage (HWND hwndDlg, wchar_t *txt) +{ + StatusMessageParam (hwndDlg, "INSTALLING", txt); +} + +void RemoveMessage (HWND hwndDlg, wchar_t *txt) +{ + if (!Rollback) + StatusMessageParam (hwndDlg, "REMOVING", txt); +} + +void IconMessage (HWND hwndDlg, wchar_t *txt) +{ + StatusMessageParam (hwndDlg, "ADDING_ICON", txt); +} + +void DetermineUpgradeDowngradeStatus (BOOL bCloseDriverHandle, LONG *driverVersionPtr) +{ + LONG driverVersion = VERSION_NUM; + int status = 0; + + if (hDriver == INVALID_HANDLE_VALUE) + status = DriverAttach(); + + if ((status == 0) && (hDriver != INVALID_HANDLE_VALUE)) + { + DWORD dwResult; + BOOL bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &driverVersion, sizeof (driverVersion), &dwResult, NULL); + + if (!bResult) + bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_DRIVER_VERSION, NULL, 0, &driverVersion, sizeof (driverVersion), &dwResult, NULL); + + + bUpgrade = (bResult && driverVersion <= VERSION_NUM); + bDowngrade = (bResult && driverVersion > VERSION_NUM); + bReinstallMode = (bResult && driverVersion == VERSION_NUM); + + PortableMode = DeviceIoControl (hDriver, TC_IOCTL_GET_PORTABLE_MODE_STATUS, NULL, 0, NULL, 0, &dwResult, NULL); + + if (bCloseDriverHandle) + { + CloseHandle (hDriver); + hDriver = INVALID_HANDLE_VALUE; + } + } + + *driverVersionPtr = driverVersion; +} + + +static BOOL IsFileInUse (const wstring &filePath) +{ + HANDLE useTestHandle = CreateFile (filePath.c_str(), GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL); + + if (useTestHandle != INVALID_HANDLE_VALUE) + CloseHandle (useTestHandle); + else if (GetLastError() == ERROR_SHARING_VIOLATION) + return TRUE; + + return FALSE; +} + + +BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir) +{ + /* WARNING: Note that, despite its name, this function is used during UNinstallation as well. */ + + wchar_t szTmp[TC_MAX_PATH]; + BOOL bOK = TRUE; + int i, x, fileNo; + wchar_t curFileName [TC_MAX_PATH] = {0}; + + if (!bUninstall && !bDevm) + { + // Self-extract all files to memory + + GetModuleFileName (NULL, szTmp, ARRAYSIZE (szTmp)); + + if (!SelfExtractInMemory (szTmp)) + return FALSE; + } + + x = wcslen (szDestDir); + if (x < 2) + return FALSE; + + if (szDestDir[x - 1] != L'\\') + StringCbCatW (szDestDir, MAX_PATH, L"\\"); + + for (i = 0; i < sizeof (szFiles) / sizeof (szFiles[0]); i++) + { + BOOL bResult, driver64 = FALSE; + wchar_t szDir[TC_MAX_PATH]; + + if (wcsstr (szFiles[i], L"VeraCrypt Setup") != 0) + { + if (bUninstall) + continue; // Prevent 'access denied' error + + if (bRepairMode) + continue; // Destination = target + } + + // skip files that don't apply to the current architecture + if ( (Is64BitOs () && (wcscmp (szFiles[i], L"AVeraCrypt-x64.exe") == 0)) + || (Is64BitOs () && (wcscmp (szFiles[i], L"AVeraCryptExpander-x64.exe") == 0)) + || (Is64BitOs () && (wcscmp (szFiles[i], L"AVeraCrypt Format-x64.exe") == 0)) + || (!Is64BitOs () && (wcscmp (szFiles[i], L"AVeraCrypt-x86.exe") == 0)) + || (!Is64BitOs () && (wcscmp (szFiles[i], L"AVeraCryptExpander-x86.exe") == 0)) + || (!Is64BitOs () && (wcscmp (szFiles[i], L"AVeraCrypt Format-x86.exe") == 0)) + ) + { + continue; + } + + if (*szFiles[i] == L'A') + StringCbCopyW (szDir, sizeof(szDir), szDestDir); + else if (*szFiles[i] == L'D') + { + if (Is64BitOs ()) + driver64 = TRUE; + + GetSystemDirectory (szDir, ARRAYSIZE (szDir)); + + x = wcslen (szDir); + if (szDir[x - 1] != L'\\') + StringCbCatW (szDir, sizeof(szDir), L"\\"); + + StringCbCatW (szDir, sizeof(szDir), L"Drivers\\"); + } + else if (*szFiles[i] == L'W') + GetWindowsDirectory (szDir, ARRAYSIZE (szDir)); + + if (*szFiles[i] == L'I') + continue; + + StringCbPrintfW (szTmp, sizeof(szTmp), L"%s%s", szDir, szFiles[i] + 1); + + if (bUninstall == FALSE) + CopyMessage (hwndDlg, szTmp); + else + RemoveMessage (hwndDlg, szTmp); + + if (bUninstall == FALSE) + { + SetCurrentDirectory (SetupFilesDir); + + if (wcsstr (szFiles[i], L"VeraCrypt Setup") != 0) + { + // Copy ourselves (the distribution package) to the destination location as 'VeraCrypt Setup.exe' + + wchar_t mp[MAX_PATH]; + + GetModuleFileName (NULL, mp, ARRAYSIZE (mp)); + bResult = TCCopyFile (mp, szTmp); + } + else + { + StringCchCopyNW (curFileName, ARRAYSIZE(curFileName), szFiles[i] + 1, wcslen (szFiles[i]) - 1); + curFileName [wcslen (szFiles[i]) - 1] = 0; + + if (Is64BitOs () + && wcscmp (szFiles[i], L"Dveracrypt.sys") == 0) + { + StringCbCopyNW (curFileName, sizeof(curFileName), FILENAME_64BIT_DRIVER, sizeof (FILENAME_64BIT_DRIVER)); + } + + if (Is64BitOs () + && wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0) + { + StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt-x64.exe", sizeof (L"VeraCrypt-x64.exe")); + } + + if (Is64BitOs () + && wcscmp (szFiles[i], L"AVeraCrypt-x86.exe") == 0) + { + StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt.exe", sizeof (L"VeraCrypt.exe")); + } + + if (Is64BitOs () + && wcscmp (szFiles[i], L"AVeraCryptExpander.exe") == 0) + { + StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCryptExpander-x64.exe", sizeof (L"VeraCryptExpander-x64.exe")); + } + + if (Is64BitOs () + && wcscmp (szFiles[i], L"AVeraCryptExpander-x86.exe") == 0) + { + StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCryptExpander.exe", sizeof (L"VeraCryptExpander.exe")); + } + + if (Is64BitOs () + && wcscmp (szFiles[i], L"AVeraCrypt Format.exe") == 0) + { + StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt Format-x64.exe", sizeof (L"VeraCrypt Format-x64.exe")); + } + + if (Is64BitOs () + && wcscmp (szFiles[i], L"AVeraCrypt Format-x86.exe") == 0) + { + StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt Format.exe", sizeof (L"VeraCrypt Format.exe")); + } + + if (!bDevm) + { + bResult = FALSE; + + // Find the correct decompressed file in memory + for (fileNo = 0; fileNo < NBR_COMPRESSED_FILES; fileNo++) + { + // Write the file (stored in memory) directly to the destination location + // (there will be no temporary files). + if (wmemcmp ( + curFileName, + Decompressed_Files[fileNo].fileName, + min (wcslen (curFileName), (size_t) Decompressed_Files[fileNo].fileNameLength)) == 0) + { + // Dump filter driver cannot be installed to SysWOW64 directory + if (driver64 && !EnableWow64FsRedirection (FALSE)) + { + handleWin32Error (hwndDlg, SRC_POS); + bResult = FALSE; + goto err; + } + + bResult = SaveBufferToFile ( + (char *) Decompressed_Files[fileNo].fileContent, + szTmp, + Decompressed_Files[fileNo].fileLength, + FALSE, + TRUE); + + if (driver64) + { + if (!EnableWow64FsRedirection (TRUE)) + { + handleWin32Error (hwndDlg, SRC_POS); + bResult = FALSE; + goto err; + } + + if (!bResult) + goto err; + + } + + break; + } + } + } + else + { + if (driver64) + EnableWow64FsRedirection (FALSE); + + bResult = TCCopyFile (curFileName, szTmp); + + if (driver64) + EnableWow64FsRedirection (TRUE); + } + + if (bResult && wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0) + { + if (Is64BitOs ()) + EnableWow64FsRedirection (FALSE); + + wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); + wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); + wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false); + wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true); + + if ( FileExists (servicePath.c_str()) + || (Is64BitOs () && FileExists (serviceLegacyPath.c_str())) + ) + { + CopyMessage (hwndDlg, (wchar_t *) servicePath.c_str()); + bResult = CopyFile (szTmp, servicePath.c_str(), FALSE); + } + + if (bResult && Is64BitOs () + && FileExists (favoritesLegacyFile.c_str()) + && !FileExists (favoritesFile.c_str())) + { + // copy the favorites XML file to the native system directory + bResult = CopyFile (favoritesLegacyFile.c_str(), favoritesFile.c_str(), FALSE); + } + + if (bResult && Is64BitOs () && FileExists (favoritesFile.c_str()) && FileExists (servicePath.c_str())) + { + // Update the path of the service + BootEncryption BootEncObj (hwndDlg); + + try + { + if (BootEncObj.GetDriverServiceStartType() == SERVICE_BOOT_START) + { + BootEncObj.UpdateSystemFavoritesService (); + } + } + catch (...) {} + } + + if (Is64BitOs ()) + { + // delete files from legacy path + if (FileExists (favoritesLegacyFile.c_str())) + { + RemoveMessage (hwndDlg, (wchar_t *) favoritesLegacyFile.c_str()); + ForceDeleteFile (favoritesLegacyFile.c_str()); + } + + if (FileExists (serviceLegacyPath.c_str())) + { + RemoveMessage (hwndDlg, (wchar_t *) serviceLegacyPath.c_str()); + ForceDeleteFile (serviceLegacyPath.c_str()); + } + + EnableWow64FsRedirection (TRUE); + } + } + } + } + else + { + if (driver64) + EnableWow64FsRedirection (FALSE); + bResult = StatDeleteFile (szTmp, TRUE); + if (driver64) + EnableWow64FsRedirection (TRUE); + + if (bResult && wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0) + { + if (Is64BitOs ()) + EnableWow64FsRedirection (FALSE); + + wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); + wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); + wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false); + wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true); + + // delete all files related to system favorites service + if (FileExists (favoritesFile.c_str())) + { + RemoveMessage (hwndDlg, (wchar_t *) favoritesFile.c_str()); + ForceDeleteFile (favoritesFile.c_str()); + } + + if (FileExists (servicePath.c_str())) + { + RemoveMessage (hwndDlg, (wchar_t *) servicePath.c_str()); + ForceDeleteFile (servicePath.c_str()); + } + + if (Is64BitOs ()) + { + if (FileExists (favoritesLegacyFile.c_str())) + { + RemoveMessage (hwndDlg, (wchar_t *) favoritesLegacyFile.c_str()); + ForceDeleteFile (favoritesLegacyFile.c_str()); + } + + if (FileExists (serviceLegacyPath.c_str())) + { + RemoveMessage (hwndDlg, (wchar_t *) serviceLegacyPath.c_str()); + ForceDeleteFile (serviceLegacyPath.c_str()); + } + + EnableWow64FsRedirection (TRUE); + } + } + } + +err: + if (bResult == FALSE) + { + LPVOID lpMsgBuf; + DWORD dwError = GetLastError (); + wchar_t szTmp2[700]; + wchar_t szErrorValue[16]; + wchar_t* pszDesc; + + FormatMessage ( + FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, + NULL, + dwError, + MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT), /* Default language */ + (wchar_t *) &lpMsgBuf, + 0, + NULL + ); + + if (lpMsgBuf) + pszDesc = (wchar_t*) lpMsgBuf; + else + { + StringCbPrintfW (szErrorValue, sizeof (szErrorValue), L"0x%.8X", dwError); + pszDesc = szErrorValue; + } + + if (bUninstall == FALSE) + StringCbPrintfW (szTmp2, sizeof(szTmp2), GetString ("INSTALL_OF_FAILED"), szTmp, pszDesc); + else + StringCbPrintfW (szTmp2, sizeof(szTmp2), GetString ("UNINSTALL_OF_FAILED"), szTmp, pszDesc); + + if (lpMsgBuf) LocalFree (lpMsgBuf); + + if (!Silent && MessageBoxW (hwndDlg, szTmp2, lpszTitle, MB_YESNO | MB_ICONHAND) != IDYES) + return FALSE; + } + } + + // Language pack + if (bUninstall == FALSE) + { + WIN32_FIND_DATA f; + HANDLE h; + + SetCurrentDirectory (SetupFilesDir); + h = FindFirstFile (L"Language.*.xml", &f); + + if (h != INVALID_HANDLE_VALUE) + { + wchar_t d[MAX_PATH*2]; + StringCbPrintfW (d, sizeof(d), L"%s%s", szDestDir, f.cFileName); + CopyMessage (hwndDlg, d); + TCCopyFile (f.cFileName, d); + FindClose (h); + } + + SetCurrentDirectory (SetupFilesDir); + SetCurrentDirectory (L"Setup files"); + h = FindFirstFile (L"VeraCrypt User Guide.*.pdf", &f); + if (h != INVALID_HANDLE_VALUE) + { + wchar_t d[MAX_PATH*2]; + StringCbPrintfW (d, sizeof(d), L"%s%s", szDestDir, f.cFileName); + CopyMessage (hwndDlg, d); + TCCopyFile (f.cFileName, d); + FindClose (h); + } + SetCurrentDirectory (SetupFilesDir); + } + + return bOK; +} + +BOOL DoRegInstall (HWND hwndDlg, wchar_t *szDestDir, BOOL bInstallType) +{ + wchar_t szDir[TC_MAX_PATH], *key; + wchar_t szTmp[TC_MAX_PATH*4]; + HKEY hkey = 0; + BOOL bSlash, bOK = FALSE; + DWORD dw; + int x; + + if (SystemEncryptionUpdate) + { + if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt", + 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE | KEY_WOW64_32KEY, NULL, &hkey, &dw) == ERROR_SUCCESS) + { + StringCbCopyW (szTmp, sizeof(szTmp), _T(VERSION_STRING)); + RegSetValueEx (hkey, L"DisplayVersion", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)); + + StringCbCopyW (szTmp, sizeof(szTmp), _T(TC_HOMEPAGE)); + RegSetValueEx (hkey, L"URLInfoAbout", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)); + + RegCloseKey (hkey); + } + + return TRUE; + } + + StringCbCopyW (szDir, sizeof(szDir), szDestDir); + x = wcslen (szDestDir); + if (szDestDir[x - 1] == L'\\') + bSlash = TRUE; + else + bSlash = FALSE; + + if (bSlash == FALSE) + StringCbCatW (szDir, sizeof(szDir), L"\\"); + + if (bInstallType) + { + + key = L"Software\\Classes\\VeraCryptVolume"; + RegMessage (hwndDlg, key); + if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, + key, + 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS) + goto error; + + StringCbCopyW (szTmp, sizeof(szTmp), L"VeraCrypt Volume"); + if (RegSetValueEx (hkey, L"", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) + goto error; + + StringCbPrintfW (szTmp, sizeof(szTmp), L"%ws", TC_APPLICATION_ID); + if (RegSetValueEx (hkey, L"AppUserModelID", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) + goto error; + + RegCloseKey (hkey); + hkey = 0; + + key = L"Software\\Classes\\VeraCryptVolume\\DefaultIcon"; + RegMessage (hwndDlg, key); + if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, + key, + 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS) + goto error; + + StringCbPrintfW (szTmp, sizeof(szTmp), L"%sVeraCrypt.exe,1", szDir); + if (RegSetValueEx (hkey, L"", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) + goto error; + + RegCloseKey (hkey); + hkey = 0; + + key = L"Software\\Classes\\VeraCryptVolume\\Shell\\open\\command"; + RegMessage (hwndDlg, key); + if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, + key, + 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS) + goto error; + + StringCbPrintfW (szTmp, sizeof(szTmp), L"\"%sVeraCrypt.exe\" /v \"%%1\"", szDir ); + if (RegSetValueEx (hkey, L"", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) + goto error; + + RegCloseKey (hkey); + hkey = 0; + + key = L"Software\\Classes\\.hc"; + BOOL typeClassChanged = TRUE; + wchar_t typeClass[256]; + DWORD typeClassSize = sizeof (typeClass); + + if (ReadLocalMachineRegistryString (key, L"", typeClass, &typeClassSize) && typeClassSize > 0 && wcscmp (typeClass, L"VeraCryptVolume") == 0) + typeClassChanged = FALSE; + + RegMessage (hwndDlg, key); + if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, + key, + 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hkey, &dw) != ERROR_SUCCESS) + goto error; + + StringCbCopyW (szTmp, sizeof(szTmp), L"VeraCryptVolume"); + if (RegSetValueEx (hkey, L"", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) + goto error; + + RegCloseKey (hkey); + hkey = 0; + + if (typeClassChanged) + SHChangeNotify (SHCNE_ASSOCCHANGED, SHCNF_IDLIST, NULL, NULL); + } + + key = L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt"; + RegMessage (hwndDlg, key); + if (RegCreateKeyEx (HKEY_LOCAL_MACHINE, + key, + 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE | KEY_WOW64_32KEY, NULL, &hkey, &dw) != ERROR_SUCCESS) + goto error; + + /* IMPORTANT: IF YOU CHANGE THIS IN ANY WAY, REVISE AND UPDATE SetInstallationPath() ACCORDINGLY! */ + StringCbPrintfW (szTmp, sizeof(szTmp), L"\"%sVeraCrypt Setup.exe\" /u", szDir); + if (RegSetValueEx (hkey, L"UninstallString", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) + goto error; + + StringCbPrintfW (szTmp, sizeof(szTmp), L"\"%sVeraCrypt Setup.exe\" /c", szDir); + if (RegSetValueEx (hkey, L"ModifyPath", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) + goto error; + + StringCbPrintfW (szTmp, sizeof(szTmp), L"\"%sVeraCrypt Setup.exe\"", szDir); + if (RegSetValueEx (hkey, L"DisplayIcon", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) + goto error; + + StringCbCopyW (szTmp, sizeof(szTmp), _T(VERSION_STRING)); + if (RegSetValueEx (hkey, L"DisplayVersion", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) + goto error; + + StringCbCopyW (szTmp, sizeof(szTmp), L"VeraCrypt"); + if (RegSetValueEx (hkey, L"DisplayName", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) + goto error; + + StringCbCopyW (szTmp, sizeof(szTmp), L"IDRIX"); + if (RegSetValueEx (hkey, L"Publisher", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) + goto error; + + StringCbCopyW (szTmp, sizeof(szTmp), _T(TC_HOMEPAGE)); + if (RegSetValueEx (hkey, L"URLInfoAbout", 0, REG_SZ, (BYTE *) szTmp, (wcslen (szTmp) + 1) * sizeof (wchar_t)) != ERROR_SUCCESS) + goto error; + + bOK = TRUE; + +error: + if (hkey != 0) + RegCloseKey (hkey); + + if (bOK == FALSE) + { + handleWin32Error (hwndDlg, SRC_POS); + Error ("REG_INSTALL_FAILED", hwndDlg); + } + + // Register COM servers for UAC + if (IsOSAtLeast (WIN_VISTA)) + { + if (!RegisterComServers (szDir)) + { + Error ("COM_REG_FAILED", hwndDlg); + return FALSE; + } + } + + return bOK; +} + +BOOL DoApplicationDataUninstall (HWND hwndDlg) +{ + wchar_t path[MAX_PATH]; + wchar_t path2[MAX_PATH]; + BOOL bOK = TRUE; + + StatusMessage (hwndDlg, "REMOVING_APPDATA"); + + SHGetFolderPath (NULL, CSIDL_APPDATA, NULL, 0, path); + StringCbCatW (path, sizeof(path), L"\\VeraCrypt\\"); + + // Delete favorite volumes file + StringCbPrintfW (path2, sizeof(path2), L"%s%s", path, TC_APPD_FILENAME_FAVORITE_VOLUMES); + RemoveMessage (hwndDlg, path2); + StatDeleteFile (path2, FALSE); + + // Delete keyfile defaults + StringCbPrintfW (path2, sizeof(path2), L"%s%s", path, TC_APPD_FILENAME_DEFAULT_KEYFILES); + RemoveMessage (hwndDlg, path2); + StatDeleteFile (path2, FALSE); + + // Delete history file + StringCbPrintfW (path2, sizeof(path2), L"%s%s", path, TC_APPD_FILENAME_HISTORY); + RemoveMessage (hwndDlg, path2); + StatDeleteFile (path2, FALSE); + + // Delete configuration file + StringCbPrintfW (path2, sizeof(path2), L"%s%s", path, TC_APPD_FILENAME_CONFIGURATION); + RemoveMessage (hwndDlg, path2); + StatDeleteFile (path2, FALSE); + + // Delete system encryption configuration file + StringCbPrintfW (path2, sizeof(path2), L"%s%s", path, TC_APPD_FILENAME_SYSTEM_ENCRYPTION); + RemoveMessage (hwndDlg, path2); + StatDeleteFile (path2, FALSE); + + SHGetFolderPath (NULL, CSIDL_APPDATA, NULL, 0, path); + StringCbCatW (path, sizeof(path), L"\\VeraCrypt"); + RemoveMessage (hwndDlg, path); + if (!StatRemoveDirectory (path)) + { + handleWin32Error (hwndDlg, SRC_POS); + bOK = FALSE; + } + + // remove VeraCrypt under common appdata + if (SUCCEEDED (SHGetFolderPath (NULL, CSIDL_COMMON_APPDATA | CSIDL_FLAG_CREATE, NULL, 0, path))) + { + StringCbCatW (path, sizeof(path), L"\\VeraCrypt"); + + // Delete original bootloader + StringCbPrintfW (path2, sizeof(path2), L"%s\\%s", path, TC_SYS_BOOT_LOADER_BACKUP_NAME); + RemoveMessage (hwndDlg, path2); + StatDeleteFile (path2, FALSE); + + // remove VeraCrypt folder + RemoveMessage (hwndDlg, path); + StatRemoveDirectory (path); + } + + + return bOK; +} + +BOOL DoRegUninstall (HWND hwndDlg, BOOL bRemoveDeprecated) +{ + wchar_t regk [64]; + typedef LSTATUS (WINAPI *RegDeleteKeyExWFn) (HKEY hKey,LPCWSTR lpSubKey,REGSAM samDesired,WORD Reserved); + RegDeleteKeyExWFn RegDeleteKeyExWPtr = NULL; + HMODULE hAdvapiDll = LoadLibrary (L"Advapi32.dll"); + if (hAdvapiDll) + { + RegDeleteKeyExWPtr = (RegDeleteKeyExWFn) GetProcAddress(hAdvapiDll, "RegDeleteKeyExW"); + } + + // Unregister COM servers + if (!bRemoveDeprecated && IsOSAtLeast (WIN_VISTA)) + { + if (!UnregisterComServers (InstallationPath)) + StatusMessage (hwndDlg, "COM_DEREG_FAILED"); + } + + if (!bRemoveDeprecated) + StatusMessage (hwndDlg, "REMOVING_REG"); + + if (RegDeleteKeyExWPtr) + { + RegDeleteKeyExWPtr (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt", KEY_WOW64_32KEY, 0); + RegDeleteKeyExWPtr (HKEY_CURRENT_USER, L"Software\\VeraCrypt", KEY_WOW64_32KEY, 0); + } + else + { + RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt"); + RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\VeraCrypt"); + } + RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\Classes\\VeraCryptVolume\\Shell\\open\\command"); + RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\Classes\\VeraCryptVolume\\Shell\\open"); + RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\Classes\\VeraCryptVolume\\Shell"); + RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\Classes\\VeraCryptVolume\\DefaultIcon"); + RegDeleteKey (HKEY_LOCAL_MACHINE, L"Software\\Classes\\VeraCryptVolume"); + + if (!bRemoveDeprecated) + { + HKEY hKey; + GetStartupRegKeyName (regk, sizeof(regk)); + DeleteRegistryValue (regk, L"VeraCrypt"); + + DeleteRegistryKey (HKEY_LOCAL_MACHINE, L"Software\\Classes\\.hc"); + + // enable the SE_TAKE_OWNERSHIP_NAME privilege for this operation + SetPrivilege (SE_TAKE_OWNERSHIP_NAME, TRUE); + + // clean MuiCache list from VeraCrypt entries + SearchAndDeleteRegistrySubString (HKEY_CLASSES_ROOT, L"Local Settings\\Software\\Microsoft\\Windows\\Shell\\MuiCache", L"VeraCrypt", FALSE, NULL); + + // clean other VeraCrypt entries from all users + SearchAndDeleteRegistrySubString (HKEY_USERS, L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.hc", NULL, TRUE, NULL); + SearchAndDeleteRegistrySubString (HKEY_USERS, L"Software\\Microsoft\\Windows NT\\CurrentVersion\\AppCompatFlags\\Compatibility Assistant\\Persisted", L"VeraCrypt", TRUE, NULL); + SearchAndDeleteRegistrySubString (HKEY_USERS, L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartPage\\NewShortcuts", L"VeraCrypt", TRUE, NULL); + + if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, L"SYSTEM", 0, KEY_ALL_ACCESS | WRITE_DAC | WRITE_OWNER, &hKey) == ERROR_SUCCESS) + { + SearchAndDeleteRegistrySubString (hKey, L"Enum\\Root\\LEGACY_VERACRYPT", NULL, TRUE, L"ControlSet"); + SearchAndDeleteRegistrySubString (hKey, L"services\\veracrypt", NULL, TRUE, L"ControlSet"); + RegCloseKey(hKey); + } + + // disable the SE_TAKE_OWNERSHIP_NAME privilege for this operation + SetPrivilege (SE_TAKE_OWNERSHIP_NAME, FALSE); + + SHChangeNotify (SHCNE_ASSOCCHANGED, SHCNF_IDLIST, NULL, NULL); + } + + if (hAdvapiDll) + FreeLibrary (hAdvapiDll); + + return TRUE; +} + + +BOOL DoServiceUninstall (HWND hwndDlg, wchar_t *lpszService) +{ + SC_HANDLE hManager, hService = NULL; + BOOL bOK = FALSE, bRet; + SERVICE_STATUS status; + BOOL firstTry = TRUE; + int x; + + memset (&status, 0, sizeof (status)); /* Keep VC6 quiet */ + +retry: + + hManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); + if (hManager == NULL) + goto error; + + hService = OpenService (hManager, lpszService, SERVICE_ALL_ACCESS); + if (hService == NULL) + goto error; + + if (wcscmp (L"veracrypt", lpszService) == 0) + { + try + { + BootEncryption bootEnc (hwndDlg); + if (bootEnc.GetDriverServiceStartType() == SERVICE_BOOT_START) + { + try { bootEnc.RegisterFilterDriver (false, BootEncryption::DriveFilter); } catch (...) { } + try { bootEnc.RegisterFilterDriver (false, BootEncryption::VolumeFilter); } catch (...) { } + try { bootEnc.RegisterFilterDriver (false, BootEncryption::DumpFilter); } catch (...) { } + } + } + catch (...) { } + + StatusMessage (hwndDlg, "STOPPING_DRIVER"); + } + else + StatusMessageParam (hwndDlg, "STOPPING", lpszService); + +#define WAIT_PERIOD 3 + + for (x = 0; x < WAIT_PERIOD; x++) + { + bRet = QueryServiceStatus (hService, &status); + if (bRet != TRUE) + goto error; + + if (status.dwCurrentState != SERVICE_START_PENDING && + status.dwCurrentState != SERVICE_STOP_PENDING && + status.dwCurrentState != SERVICE_CONTINUE_PENDING) + break; + + Sleep (1000); + } + + if (status.dwCurrentState != SERVICE_STOPPED) + { + bRet = ControlService (hService, SERVICE_CONTROL_STOP, &status); + if (bRet == FALSE) + goto try_delete; + + for (x = 0; x < WAIT_PERIOD; x++) + { + bRet = QueryServiceStatus (hService, &status); + if (bRet != TRUE) + goto error; + + if (status.dwCurrentState != SERVICE_START_PENDING && + status.dwCurrentState != SERVICE_STOP_PENDING && + status.dwCurrentState != SERVICE_CONTINUE_PENDING) + break; + + Sleep (1000); + } + + if (status.dwCurrentState != SERVICE_STOPPED && status.dwCurrentState != SERVICE_STOP_PENDING) + goto error; + } + +try_delete: + + if (wcscmp (L"veracrypt", lpszService) == 0) + StatusMessage (hwndDlg, "REMOVING_DRIVER"); + else + StatusMessageParam (hwndDlg, "REMOVING", lpszService); + + if (hService != NULL) + { + CloseServiceHandle (hService); + hService = NULL; + } + + if (hManager != NULL) + { + CloseServiceHandle (hManager); + hManager = NULL; + } + + hManager = OpenSCManager (NULL, NULL, SC_MANAGER_ALL_ACCESS); + if (hManager == NULL) + goto error; + + hService = OpenService (hManager, lpszService, SERVICE_ALL_ACCESS); + if (hService == NULL) + goto error; + + bRet = DeleteService (hService); + if (bRet == FALSE) + { + if (firstTry && GetLastError () == ERROR_SERVICE_MARKED_FOR_DELETE) + { + // Second try for an eventual no-install driver instance + CloseServiceHandle (hService); + CloseServiceHandle (hManager); + hService = NULL; + hManager = NULL; + + Sleep(1000); + firstTry = FALSE; + goto retry; + } + + goto error; + } + + bOK = TRUE; + +error: + + if (bOK == FALSE && GetLastError ()!= ERROR_SERVICE_DOES_NOT_EXIST) + { + handleWin32Error (hwndDlg, SRC_POS); + MessageBoxW (hwndDlg, GetString ("DRIVER_UINSTALL_FAILED"), lpszTitle, MB_ICONHAND); + } + else + bOK = TRUE; + + if (hService != NULL) + CloseServiceHandle (hService); + + if (hManager != NULL) + CloseServiceHandle (hManager); + + return bOK; +} + + +BOOL DoDriverUnload (HWND hwndDlg) +{ + BOOL bOK = TRUE; + int status; + + status = DriverAttach (); + if (status != 0) + { + if (status == ERR_OS_ERROR && GetLastError () != ERROR_FILE_NOT_FOUND) + { + handleWin32Error (hwndDlg, SRC_POS); + AbortProcess ("NODRIVER"); + } + + if (status != ERR_OS_ERROR) + { + handleError (NULL, status, SRC_POS); + AbortProcess ("NODRIVER"); + } + } + + if (hDriver != INVALID_HANDLE_VALUE) + { + MOUNT_LIST_STRUCT driver; + LONG driverVersion = VERSION_NUM; + int refCount; + DWORD dwResult; + BOOL bResult; + + // Try to determine if it's upgrade (and not reinstall, downgrade, or first-time install). + DetermineUpgradeDowngradeStatus (FALSE, &driverVersion); + + // Test for encrypted boot drive + try + { + BootEncryption bootEnc (hwndDlg); + if (bootEnc.GetDriverServiceStartType() == SERVICE_BOOT_START) + { + try + { + // Check hidden OS update consistency + if (IsHiddenOSRunning()) + { + if (bootEnc.GetInstalledBootLoaderVersion() != VERSION_NUM) + { + if (AskWarnNoYes ("UPDATE_TC_IN_DECOY_OS_FIRST", hwndDlg) == IDNO) + AbortProcessSilent (); + } + } + } + catch (...) { } + + if (bUninstallInProgress && !bootEnc.GetStatus().DriveMounted) + { + try { bootEnc.RegisterFilterDriver (false, BootEncryption::DriveFilter); } catch (...) { } + try { bootEnc.RegisterFilterDriver (false, BootEncryption::VolumeFilter); } catch (...) { } + try { bootEnc.RegisterFilterDriver (false, BootEncryption::DumpFilter); } catch (...) { } + bootEnc.SetDriverServiceStartType (SERVICE_SYSTEM_START); + } + else if (bUninstallInProgress || bDowngrade) + { + Error (bDowngrade ? "SETUP_FAILED_BOOT_DRIVE_ENCRYPTED_DOWNGRADE" : "SETUP_FAILED_BOOT_DRIVE_ENCRYPTED", hwndDlg); + return FALSE; + } + else + { + if (CurrentOSMajor == 6 && CurrentOSMinor == 0 && CurrentOSServicePack < 1) + AbortProcess ("SYS_ENCRYPTION_UPGRADE_UNSUPPORTED_ON_VISTA_SP0"); + + SystemEncryptionUpdate = TRUE; + PortableMode = FALSE; + } + } + } + catch (...) { } + + if (!bUninstall + && (bUpgrade || SystemEncryptionUpdate) + && (!bDevm || SystemEncryptionUpdate)) + { + UnloadDriver = FALSE; + } + + if (PortableMode && !SystemEncryptionUpdate) + UnloadDriver = TRUE; + + if (UnloadDriver) + { + int volumesMounted = 0; + + // Check mounted volumes + bResult = DeviceIoControl (hDriver, TC_IOCTL_IS_ANY_VOLUME_MOUNTED, NULL, 0, &volumesMounted, sizeof (volumesMounted), &dwResult, NULL); + + if (!bResult) + { + bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES, NULL, 0, &driver, sizeof (driver), &dwResult, NULL); + if (bResult) + volumesMounted = driver.ulMountedDrives; + } + + if (bResult) + { + if (volumesMounted != 0) + { + bOK = FALSE; + MessageBoxW (hwndDlg, GetString ("DISMOUNT_ALL_FIRST"), lpszTitle, MB_ICONHAND); + } + } + else + { + bOK = FALSE; + handleWin32Error (hwndDlg, SRC_POS); + } + } + + // Try to close all open TC windows + if (bOK) + { + BOOL TCWindowClosed = FALSE; + + EnumWindows (CloseTCWindowsEnum, (LPARAM) &TCWindowClosed); + + if (TCWindowClosed) + Sleep (2000); + } + + // Test for any applications attached to driver + if (!bUpgrade) + { + bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DEVICE_REFCOUNT, &refCount, sizeof (refCount), &refCount, + sizeof (refCount), &dwResult, NULL); + + if (bOK && bResult && refCount > 1) + { + MessageBoxW (hwndDlg, GetString ("CLOSE_TC_FIRST"), lpszTitle, MB_ICONSTOP); + bOK = FALSE; + } + } + + if (!bOK || UnloadDriver) + { + CloseHandle (hDriver); + hDriver = INVALID_HANDLE_VALUE; + } + } + else + { + // Note that the driver may have already been unloaded during this session (e.g. retry after an error, etc.) so it is not + // guaranteed that the user is installing VeraCrypt for the first time now (we also cannot know if the user has already + // installed and used VeraCrypt on another system before). + bPossiblyFirstTimeInstall = TRUE; + } + + return bOK; +} + + +BOOL UpgradeBootLoader (HWND hwndDlg) +{ + if (!SystemEncryptionUpdate) + return TRUE; + + try + { + BootEncryption bootEnc (hwndDlg); + uint64 bootLoaderVersion = bootEnc.GetInstalledBootLoaderVersion(); + if ((bootLoaderVersion < VERSION_NUM) || (bReinstallMode && (bootLoaderVersion == VERSION_NUM))) + { + StatusMessage (hwndDlg, "INSTALLER_UPDATING_BOOT_LOADER"); + + bootEnc.InstallBootLoader (true); + + if (bootEnc.GetInstalledBootLoaderVersion() <= TC_RESCUE_DISK_UPGRADE_NOTICE_MAX_VERSION) + Info (IsHiddenOSRunning() ? "BOOT_LOADER_UPGRADE_OK_HIDDEN_OS" : "BOOT_LOADER_UPGRADE_OK", hwndDlg); + } + return TRUE; + } + catch (Exception &e) + { + e.Show (hwndDlg); + } + catch (...) { } + + Error ("BOOT_LOADER_UPGRADE_FAILED", hwndDlg); + return FALSE; +} + + +BOOL DoShortcutsUninstall (HWND hwndDlg, wchar_t *szDestDir) +{ + wchar_t szLinkDir[TC_MAX_PATH]; + wchar_t szTmp2[TC_MAX_PATH]; + BOOL bSlash, bOK = FALSE; + HRESULT hOle; + int x; + BOOL allUsers = FALSE; + + hOle = OleInitialize (NULL); + + // User start menu + SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_PROGRAMS, 0); + x = wcslen (szLinkDir); + if (szLinkDir[x - 1] == L'\\') + bSlash = TRUE; + else + bSlash = FALSE; + + if (bSlash == FALSE) + StringCbCatW (szLinkDir, sizeof(szLinkDir), L"\\"); + + StringCbCatW (szLinkDir, sizeof(szLinkDir), L"VeraCrypt"); + + // Global start menu + { + struct _stat st; + wchar_t path[TC_MAX_PATH]; + + SHGetSpecialFolderPath (hwndDlg, path, CSIDL_COMMON_PROGRAMS, 0); + StringCbCatW (path, sizeof(path), L"\\VeraCrypt"); + + if (_wstat (path, &st) == 0) + { + StringCbCopyW (szLinkDir, sizeof(szLinkDir), path); + allUsers = TRUE; + } + } + + // Start menu entries + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt.lnk"); + RemoveMessage (hwndDlg, szTmp2); + if (StatDeleteFile (szTmp2, FALSE) == FALSE) + goto error; + + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCryptExpander.lnk"); + RemoveMessage (hwndDlg, szTmp2); + if (StatDeleteFile (szTmp2, FALSE) == FALSE) + goto error; + + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt Website.url"); + RemoveMessage (hwndDlg, szTmp2); + if (StatDeleteFile (szTmp2, FALSE) == FALSE) + goto error; + + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\Uninstall VeraCrypt.lnk"); + RemoveMessage (hwndDlg, szTmp2); + if (StatDeleteFile (szTmp2, FALSE) == FALSE) + goto error; + + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt User's Guide.lnk"); + StatDeleteFile (szTmp2, FALSE); + + // Start menu group + RemoveMessage ((HWND) hwndDlg, szLinkDir); + if (StatRemoveDirectory (szLinkDir) == FALSE) + handleWin32Error ((HWND) hwndDlg, SRC_POS); + + // Desktop icon + + if (allUsers) + SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_COMMON_DESKTOPDIRECTORY, 0); + else + SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_DESKTOPDIRECTORY, 0); + + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt.lnk"); + + RemoveMessage (hwndDlg, szTmp2); + if (StatDeleteFile (szTmp2, FALSE) == FALSE) + goto error; + + bOK = TRUE; + +error: + OleUninitialize (); + + return bOK; +} + +BOOL DoShortcutsInstall (HWND hwndDlg, wchar_t *szDestDir, BOOL bProgGroup, BOOL bDesktopIcon) +{ + wchar_t szLinkDir[TC_MAX_PATH], szDir[TC_MAX_PATH]; + wchar_t szTmp[TC_MAX_PATH], szTmp2[TC_MAX_PATH], szTmp3[TC_MAX_PATH]; + BOOL bSlash, bOK = FALSE; + HRESULT hOle; + int x; + + if (bProgGroup == FALSE && bDesktopIcon == FALSE) + return TRUE; + + hOle = OleInitialize (NULL); + + GetProgramPath (hwndDlg, szLinkDir); + + x = wcslen (szLinkDir); + if (szLinkDir[x - 1] == L'\\') + bSlash = TRUE; + else + bSlash = FALSE; + + if (bSlash == FALSE) + StringCbCatW (szLinkDir, sizeof(szLinkDir), L"\\"); + + StringCbCatW (szLinkDir, sizeof(szLinkDir), L"VeraCrypt"); + + StringCbCopyW (szDir, sizeof(szDir), szDestDir); + x = wcslen (szDestDir); + if (szDestDir[x - 1] == L'\\') + bSlash = TRUE; + else + bSlash = FALSE; + + if (bSlash == FALSE) + StringCbCatW (szDir, sizeof(szDir), L"\\"); + + if (bProgGroup) + { + FILE *f; + + if (mkfulldir (szLinkDir, TRUE) != 0) + { + if (mkfulldir (szLinkDir, FALSE) != 0) + { + wchar_t szTmpW[TC_MAX_PATH]; + + handleWin32Error (hwndDlg, SRC_POS); + StringCbPrintfW (szTmpW, sizeof(szTmpW), GetString ("CANT_CREATE_FOLDER"), szLinkDir); + MessageBoxW (hwndDlg, szTmpW, lpszTitle, MB_ICONHAND); + goto error; + } + } + + StringCbPrintfW (szTmp, sizeof(szTmp), L"%s%s", szDir, L"VeraCrypt.exe"); + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt.lnk"); + + IconMessage (hwndDlg, szTmp2); + if (CreateLink (szTmp, L"", szTmp2, NULL, -1) != S_OK) + goto error; + + StringCbPrintfW (szTmp, sizeof(szTmp), L"%s%s", szDir, L"VeraCryptExpander.exe"); + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCryptExpander.lnk"); + + IconMessage (hwndDlg, szTmp2); + if (CreateLink (szTmp, L"", szTmp2, NULL, -1) != S_OK) + goto error; + + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt Website.url"); + IconMessage (hwndDlg, szTmp2); + f = _wfopen (szTmp2, L"w"); + if (f) + { + fprintf (f, "[InternetShortcut]\nURL=%s\n", TC_APPLINK); + + CheckFileStreamWriteErrors (hwndDlg, f, szTmp2); + fclose (f); + } + else + goto error; + + StringCbPrintfW (szTmp, sizeof(szTmp), L"%s%s", szDir, L"VeraCrypt Setup.exe"); + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\Uninstall VeraCrypt.lnk"); + if (GetSystemDirectory (szTmp3, ARRAYSIZE(szTmp3))) + { + StringCbCatW (szTmp3, sizeof(szTmp3), L"\\control.exe"); + } + else + StringCbCopyW(szTmp3, sizeof(szTmp3), L"C:\\Windows\\System32\\control.exe"); + + IconMessage (hwndDlg, szTmp2); + if (CreateLink (szTmp3, L"appwiz.cpl", szTmp2, szTmp, 0) != S_OK) + goto error; + + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt User's Guide.lnk"); + StatDeleteFile (szTmp2, FALSE); + } + + if (bDesktopIcon) + { + StringCbCopyW (szDir, sizeof(szDir), szDestDir); + x = wcslen (szDestDir); + if (szDestDir[x - 1] == L'\\') + bSlash = TRUE; + else + bSlash = FALSE; + + if (bSlash == FALSE) + StringCbCatW (szDir, sizeof(szDir), L"\\"); + + if (bForAllUsers) + SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_COMMON_DESKTOPDIRECTORY, 0); + else + SHGetSpecialFolderPath (hwndDlg, szLinkDir, CSIDL_DESKTOPDIRECTORY, 0); + + StringCbPrintfW (szTmp, sizeof(szTmp), L"%s%s", szDir, L"VeraCrypt.exe"); + StringCbPrintfW (szTmp2, sizeof(szTmp2), L"%s%s", szLinkDir, L"\\VeraCrypt.lnk"); + + IconMessage (hwndDlg, szTmp2); + + if (CreateLink (szTmp, L"", szTmp2, NULL, -1) != S_OK) + goto error; + } + + bOK = TRUE; + +error: + OleUninitialize (); + + return bOK; +} + + +void OutcomePrompt (HWND hwndDlg, BOOL bOK) +{ + if (bOK) + { + EnableWindow (GetDlgItem ((HWND) hwndDlg, IDCANCEL), FALSE); + + bDone = TRUE; + + if (bUninstall == FALSE) + { + if (bDevm) + PostMessage (MainDlg, WM_CLOSE, 0, 0); + else if (bPossiblyFirstTimeInstall || bRepairMode || (!bUpgrade && !bDowngrade)) + Info ("INSTALL_OK", hwndDlg); + else + Info ("SETUP_UPDATE_OK", hwndDlg); + } + else + { + wchar_t str[4096]; + + StringCbPrintfW (str, sizeof(str), GetString ("UNINSTALL_OK"), InstallationPath); + MessageBoxW (hwndDlg, str, lpszTitle, MB_ICONASTERISK); + } + } + else + { + if (bUninstall == FALSE) + Error ("INSTALL_FAILED", hwndDlg); + else + Error ("UNINSTALL_FAILED", hwndDlg); + } +} + +static void SetSystemRestorePoint (HWND hwndDlg, BOOL finalize) +{ + static RESTOREPOINTINFO RestPtInfo; + static STATEMGRSTATUS SMgrStatus; + static BOOL failed = FALSE; + static BOOL (__stdcall *_SRSetRestorePoint)(PRESTOREPOINTINFO, PSTATEMGRSTATUS); + + if (!SystemRestoreDll) return; + + _SRSetRestorePoint = (BOOL (__stdcall *)(PRESTOREPOINTINFO, PSTATEMGRSTATUS))GetProcAddress (SystemRestoreDll,"SRSetRestorePointW"); + if (_SRSetRestorePoint == 0) + { + FreeLibrary (SystemRestoreDll); + SystemRestoreDll = 0; + return; + } + + if (!finalize) + { + StatusMessage (hwndDlg, "CREATING_SYS_RESTORE"); + + RestPtInfo.dwEventType = BEGIN_SYSTEM_CHANGE; + RestPtInfo.dwRestorePtType = bUninstall ? APPLICATION_UNINSTALL : APPLICATION_INSTALL | DEVICE_DRIVER_INSTALL; + RestPtInfo.llSequenceNumber = 0; + StringCbCopyW (RestPtInfo.szDescription, sizeof(RestPtInfo.szDescription), bUninstall ? L"VeraCrypt uninstallation" : L"VeraCrypt installation"); + + if(!_SRSetRestorePoint (&RestPtInfo, &SMgrStatus)) + { + StatusMessage (hwndDlg, "FAILED_SYS_RESTORE"); + failed = TRUE; + } + } + else if (!failed) + { + RestPtInfo.dwEventType = END_SYSTEM_CHANGE; + RestPtInfo.llSequenceNumber = SMgrStatus.llSequenceNumber; + + if(!_SRSetRestorePoint(&RestPtInfo, &SMgrStatus)) + { + StatusMessage (hwndDlg, "FAILED_SYS_RESTORE"); + } + } +} + +void DoUninstall (void *arg) +{ + HWND hwndDlg = (HWND) arg; + BOOL bOK = TRUE; + BOOL bTempSkipSysRestore = FALSE; + + if (!Rollback) + EnableWindow (GetDlgItem ((HWND) hwndDlg, IDC_UNINSTALL), FALSE); + + WaitCursor (); + + if (!Rollback) + { + ClearLogWindow (hwndDlg); + } + + if (DoDriverUnload (hwndDlg) == FALSE) + { + bOK = FALSE; + bTempSkipSysRestore = TRUE; // Volumes are possibly mounted; defer System Restore point creation for this uninstall attempt. + } + else + { + if (!Rollback && bSystemRestore && !bTempSkipSysRestore) + SetSystemRestorePoint (hwndDlg, FALSE); + + if (DoServiceUninstall (hwndDlg, L"veracrypt") == FALSE) + { + bOK = FALSE; + } + else if (DoRegUninstall ((HWND) hwndDlg, FALSE) == FALSE) + { + bOK = FALSE; + } + else if (DoFilesInstall ((HWND) hwndDlg, InstallationPath) == FALSE) + { + bOK = FALSE; + } + else if (DoShortcutsUninstall (hwndDlg, InstallationPath) == FALSE) + { + bOK = FALSE; + } + else if (!DoApplicationDataUninstall (hwndDlg)) + { + bOK = FALSE; + } + else + { + wchar_t temp[MAX_PATH]; + FILE *f; + + // Deprecated service + DoServiceUninstall (hwndDlg, L"VeraCryptService"); + + GetTempPath (ARRAYSIZE (temp), temp); + StringCbPrintfW (UninstallBatch, sizeof (UninstallBatch), L"%sVeraCrypt-Uninstall.bat", temp); + + UninstallBatch [ARRAYSIZE(UninstallBatch)-1] = 0; + + // Create uninstall batch + f = _wfopen (UninstallBatch, L"w"); + if (!f) + bOK = FALSE; + else + { + fwprintf (f,L":loop\n" + L"del \"%s%s\"\n" + L"if exist \"%s%s\" goto loop\n" + L"rmdir \"%s\"\n" + L"del \"%s\"", + InstallationPath, L"VeraCrypt Setup.exe", + InstallationPath, L"VeraCrypt Setup.exe", + InstallationPath, + UninstallBatch + ); + + CheckFileStreamWriteErrors (hwndDlg, f, UninstallBatch); + fclose (f); + } + } + } + + NormalCursor (); + + if (Rollback) + return; + + if (bSystemRestore && !bTempSkipSysRestore) + SetSystemRestorePoint (hwndDlg, TRUE); + + if (bOK) + PostMessage (hwndDlg, TC_APPMSG_UNINSTALL_SUCCESS, 0, 0); + else + bUninstallInProgress = FALSE; + + EnableWindow (GetDlgItem ((HWND) hwndDlg, IDC_UNINSTALL), TRUE); + OutcomePrompt (hwndDlg, bOK); +} + +void DoInstall (void *arg) +{ + HWND hwndDlg = (HWND) arg; + BOOL bOK = TRUE; + wchar_t path[MAX_PATH]; + + BootEncryption bootEnc (hwndDlg); + + // Refresh the main GUI (wizard thread) + InvalidateRect (MainDlg, NULL, TRUE); + + ClearLogWindow (hwndDlg); + + if (mkfulldir (InstallationPath, TRUE) != 0) + { + if (mkfulldir (InstallationPath, FALSE) != 0) + { + wchar_t szTmp[TC_MAX_PATH]; + + handleWin32Error (hwndDlg, SRC_POS); + StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("CANT_CREATE_FOLDER"), InstallationPath); + MessageBoxW (hwndDlg, szTmp, lpszTitle, MB_ICONHAND); + Error ("INSTALL_FAILED", hwndDlg); + PostMessage (MainDlg, TC_APPMSG_INSTALL_FAILURE, 0, 0); + return; + } + } + + UpdateProgressBarProc(2); + + if (DoDriverUnload (hwndDlg) == FALSE) + { + NormalCursor (); + PostMessage (MainDlg, TC_APPMSG_INSTALL_FAILURE, 0, 0); + return; + } + + if (bUpgrade + && (IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L".exe") + || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L"-x86.exe") + || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L"-x64.exe") + || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L" Format.exe") + || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L" Format-x86.exe") + || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L" Format-x64.exe") + || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L"Expander.exe") + || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L"Expander-x86.exe") + || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L"Expander-x64.exe") + || IsFileInUse (wstring (InstallationPath) + L'\\' + _T(TC_APP_NAME) L" Setup.exe") + ) + ) + { + NormalCursor (); + Error ("CLOSE_TC_FIRST", hwndDlg); + PostMessage (MainDlg, TC_APPMSG_INSTALL_FAILURE, 0, 0); + return; + } + + UpdateProgressBarProc(12); + + if (bSystemRestore) + SetSystemRestorePoint (hwndDlg, FALSE); + + UpdateProgressBarProc(48); + + if (bDisableSwapFiles + && IsPagingFileActive (FALSE)) + { + if (!DisablePagingFile()) + { + handleWin32Error (hwndDlg, SRC_POS); + Error ("FAILED_TO_DISABLE_PAGING_FILES", hwndDlg); + } + else + bRestartRequired = TRUE; + } + + UpdateProgressBarProc(50); + + // Remove deprecated + DoServiceUninstall (hwndDlg, L"VeraCryptService"); + + UpdateProgressBarProc(55); + + if (!SystemEncryptionUpdate) + DoRegUninstall ((HWND) hwndDlg, TRUE); + + UpdateProgressBarProc(61); + + GetWindowsDirectory (path, ARRAYSIZE (path)); + StringCbCatW (path, sizeof (path), L"\\VeraCrypt Setup.exe"); + StatDeleteFile (path, FALSE); + + if (UpdateProgressBarProc(63) && UnloadDriver && DoServiceUninstall (hwndDlg, L"veracrypt") == FALSE) + { + bOK = FALSE; + } + else if (UpdateProgressBarProc(72) && DoFilesInstall ((HWND) hwndDlg, InstallationPath) == FALSE) + { + bOK = FALSE; + } + else if (UpdateProgressBarProc(80) && DoRegInstall ((HWND) hwndDlg, InstallationPath, bRegisterFileExt) == FALSE) + { + bOK = FALSE; + } + else if (UpdateProgressBarProc(85) && UnloadDriver && DoDriverInstall (hwndDlg) == FALSE) + { + bOK = FALSE; + } + else if (UpdateProgressBarProc(90) && SystemEncryptionUpdate && UpgradeBootLoader (hwndDlg) == FALSE) + { + bOK = FALSE; + } + else if (UpdateProgressBarProc(93) && DoShortcutsInstall (hwndDlg, InstallationPath, bAddToStartMenu, bDesktopIcon) == FALSE) + { + bOK = FALSE; + } + + if (!UnloadDriver) + bRestartRequired = TRUE; + + try + { + bootEnc.RenameDeprecatedSystemLoaderBackup(); + } + catch (...) { } + + if (bOK) + UpdateProgressBarProc(97); + + if (bSystemRestore) + SetSystemRestorePoint (hwndDlg, TRUE); + + if (bOK) + { + UpdateProgressBarProc(100); + UninstallBatch[0] = 0; + StatusMessage (hwndDlg, "INSTALL_COMPLETED"); + } + else + { + UpdateProgressBarProc(0); + + if (!SystemEncryptionUpdate) + { + bUninstall = TRUE; + Rollback = TRUE; + Silent = TRUE; + + DoUninstall (hwndDlg); + + bUninstall = FALSE; + Rollback = FALSE; + Silent = FALSE; + + StatusMessage (hwndDlg, "ROLLBACK"); + } + else + { + Warning ("SYS_ENC_UPGRADE_FAILED", hwndDlg); + } + } + + OutcomePrompt (hwndDlg, bOK); + + if (bOK && !bUninstall && !bDowngrade && !bRepairMode && !bDevm) + { + if (!IsHiddenOSRunning()) // A hidden OS user should not see the post-install notes twice (on decoy OS and then on hidden OS). + { + if (bRestartRequired || SystemEncryptionUpdate) + { + // Restart required + + if (bUpgrade) + { + SavePostInstallTasksSettings (TC_POST_INSTALL_CFG_RELEASE_NOTES); + } + else if (bPossiblyFirstTimeInstall) + { + SavePostInstallTasksSettings (TC_POST_INSTALL_CFG_TUTORIAL); + } + } + else + { + // No restart will be required + + if (bUpgrade) + { + bPromptReleaseNotes = TRUE; + } + else if (bPossiblyFirstTimeInstall) + { + bPromptTutorial = TRUE; + } + } + } + } + + PostMessage (MainDlg, bOK ? TC_APPMSG_INSTALL_SUCCESS : TC_APPMSG_INSTALL_FAILURE, 0, 0); +} + + +void SetInstallationPath (HWND hwndDlg) +{ + HKEY hkey; + BOOL bInstallPathDetermined = FALSE; + wchar_t path[MAX_PATH+20]; + ITEMIDLIST *itemList; + + memset (InstallationPath, 0, sizeof (InstallationPath)); + + // Determine if VeraCrypt is already installed and try to determine its "Program Files" location + if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt", 0, KEY_READ | KEY_WOW64_32KEY, &hkey) == ERROR_SUCCESS) + { + /* Default 'UninstallString' registry strings written by VeraCrypt: + ------------------------------------------------------------------------------------ + 5.0+ "C:\Program Files\VeraCrypt\VeraCrypt Setup.exe" /u + */ + + wchar_t rv[MAX_PATH*4]; + DWORD size = sizeof (rv); + if (RegQueryValueEx (hkey, L"UninstallString", 0, 0, (LPBYTE) &rv, &size) == ERROR_SUCCESS && wcsrchr (rv, L'/')) + { + size_t len = 0; + + // Cut and paste the location (path) where VeraCrypt is installed to InstallationPath + if (rv[0] == L'"') + { + len = wcsrchr (rv, L'/') - rv - 2; + StringCchCopyNW (InstallationPath, ARRAYSIZE(InstallationPath), rv + 1, len); + InstallationPath [len] = 0; + bInstallPathDetermined = TRUE; + + if (InstallationPath [wcslen (InstallationPath) - 1] != L'\\') + { + len = wcsrchr (InstallationPath, L'\\') - InstallationPath; + InstallationPath [len] = 0; + } + } + + } + RegCloseKey (hkey); + } + + if (bInstallPathDetermined) + { + wchar_t mp[MAX_PATH]; + + // Determine whether we were launched from the folder where VeraCrypt is installed + GetModuleFileName (NULL, mp, ARRAYSIZE (mp)); + if (wcsncmp (InstallationPath, mp, min (wcslen(InstallationPath), wcslen(mp))) == 0) + { + // We were launched from the folder where VeraCrypt is installed + + if (!IsNonInstallMode() && !bDevm) + bChangeMode = TRUE; + } + } + else + { + /* VeraCrypt is not installed or it wasn't possible to determine where it is installed. */ + + // Default "Program Files" path. + SHGetSpecialFolderLocation (hwndDlg, CSIDL_PROGRAM_FILES, &itemList); + SHGetPathFromIDList (itemList, path); + + if (Is64BitOs()) + { + // Use a unified default installation path (registry redirection of %ProgramFiles% does not work if the installation path is user-selectable) + wstring s = path; + size_t p = s.find (L" (x86)"); + if (p != wstring::npos) + { + s = s.substr (0, p); + if (_waccess (s.c_str(), 0) != -1) + StringCbCopyW (path, sizeof (path), s.c_str()); + } + } + + StringCbCatW (path, sizeof(path), L"\\VeraCrypt\\"); + StringCbCopyW (InstallationPath, sizeof(InstallationPath), path); + } + + // Make sure the path ends with a backslash + if (InstallationPath [wcslen (InstallationPath) - 1] != L'\\') + { + StringCbCatW (InstallationPath, sizeof(InstallationPath), L"\\"); + } +} + + +// Handler for uninstall only (install is handled by the wizard) +BOOL CALLBACK UninstallDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + + switch (msg) + { + case WM_INITDIALOG: + + MainDlg = hwndDlg; + + if (!CreateAppSetupMutex ()) + AbortProcess ("TC_INSTALLER_IS_RUNNING"); + + InitDialog (hwndDlg); + LocalizeDialog (hwndDlg, NULL); + + SetWindowTextW (hwndDlg, lpszTitle); + + // System Restore + SetCheckBox (hwndDlg, IDC_SYSTEM_RESTORE, bSystemRestore); + if (SystemRestoreDll == 0) + { + SetCheckBox (hwndDlg, IDC_SYSTEM_RESTORE, FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_SYSTEM_RESTORE), FALSE); + } + + SetFocus (GetDlgItem (hwndDlg, IDC_UNINSTALL)); + + return 1; + + case WM_SYSCOMMAND: + if (lw == IDC_ABOUT) + { + DialogBoxW (hInst, MAKEINTRESOURCEW (IDD_ABOUT_DLG), hwndDlg, (DLGPROC) AboutDlgProc); + return 1; + } + return 0; + + case WM_COMMAND: + if (lw == IDC_UNINSTALL) + { + if (bDone) + { + bUninstallInProgress = FALSE; + PostMessage (hwndDlg, WM_CLOSE, 0, 0); + return 1; + } + + bUninstallInProgress = TRUE; + + WaitCursor (); + + if (bUninstall) + _beginthread (DoUninstall, 0, (void *) hwndDlg); + + return 1; + } + + if (lw == IDC_SYSTEM_RESTORE) + { + bSystemRestore = IsButtonChecked (GetDlgItem (hwndDlg, IDC_SYSTEM_RESTORE)); + return 1; + } + + if (lw == IDCANCEL) + { + PostMessage (hwndDlg, WM_CLOSE, 0, 0); + return 1; + } + + return 0; + + case TC_APPMSG_UNINSTALL_SUCCESS: + SetWindowTextW (GetDlgItem ((HWND) hwndDlg, IDC_UNINSTALL), GetString ("FINALIZE")); + NormalCursor (); + return 1; + + case WM_CLOSE: + if (bUninstallInProgress) + { + NormalCursor(); + if (AskNoYes("CONFIRM_EXIT_UNIVERSAL", hwndDlg) == IDNO) + { + return 1; + } + WaitCursor (); + } + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + return 0; +} + + +int WINAPI wWinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, wchar_t *lpszCommandLine, int nCmdShow) +{ + atexit (localcleanup); + + SelfExtractStartupInit(); + + lpszTitle = L"VeraCrypt Setup"; + + /* Call InitApp to initialize the common code */ + InitApp (hInstance, NULL); + + if (IsAdmin () != TRUE) + if (MessageBoxW (NULL, GetString ("SETUP_ADMIN"), lpszTitle, MB_YESNO | MB_ICONQUESTION) != IDYES) + { + FinalizeApp (); + exit (1); + } + + /* Setup directory */ + { + wchar_t *s; + GetModuleFileName (NULL, SetupFilesDir, ARRAYSIZE (SetupFilesDir)); + s = wcsrchr (SetupFilesDir, L'\\'); + if (s) + s[1] = 0; + } + + /* Parse command line arguments */ + + if (lpszCommandLine[0] == L'/') + { + if (lpszCommandLine[1] == L'u') + { + // Uninstall: /u + + bUninstall = TRUE; + } + else if (lpszCommandLine[1] == L'c') + { + // Change: /c + + bChangeMode = TRUE; + } + else if (lpszCommandLine[1] == L'p') + { + // Create self-extracting package: /p + + bMakePackage = TRUE; + } + else if (lpszCommandLine[1] == L'd') + { + // Dev mode: /d + bDevm = TRUE; + } + } + + if (bMakePackage) + { + /* Create self-extracting package */ + + MakeSelfExtractingPackage (NULL, SetupFilesDir); + } + else + { + SetInstallationPath (NULL); + + if (!bUninstall) + { + if (IsSelfExtractingPackage()) + { + if (!VerifyPackageIntegrity()) + { + // Package corrupted + exit (1); + } + bDevm = FALSE; + } + else if (!bDevm) + { + MessageBox (NULL, L"Error: This installer file does not contain any compressed files.\n\nTo create a self-extracting installation package (with embedded compressed files), run:\n\"VeraCrypt Setup.exe\" /p", L"VeraCrypt", MB_ICONERROR | MB_SETFOREGROUND | MB_TOPMOST); + FinalizeApp (); + exit (1); + } + + if (bChangeMode) + { + /* VeraCrypt is already installed on this system and we were launched from the Program Files folder */ + + char *tmpStr[] = {0, "SELECT_AN_ACTION", "REPAIR_REINSTALL", "UNINSTALL", "EXIT", 0}; + + // Ask the user to select either Repair or Unistallation + switch (AskMultiChoice ((void **) tmpStr, FALSE, NULL)) + { + case 1: + bRepairMode = TRUE; + break; + case 2: + bUninstall = TRUE; + break; + default: + FinalizeApp (); + exit (1); + } + } + } + + // System Restore + if (IsSystemRestoreEnabled ()) + { + wchar_t dllPath[MAX_PATH]; + if (GetSystemDirectory (dllPath, MAX_PATH)) + { + StringCbCatW(dllPath, sizeof(dllPath), L"\\srclient.dll"); + } + else + StringCbCopyW(dllPath, sizeof(dllPath), L"C:\\Windows\\System32\\srclient.dll"); + SystemRestoreDll = LoadLibrary (dllPath); + } + else + SystemRestoreDll = 0; + + if (!bUninstall) + { + /* Create the main dialog for install */ + + DialogBoxParamW (hInstance, MAKEINTRESOURCEW (IDD_INSTL_DLG), NULL, (DLGPROC) MainDialogProc, + (LPARAM)lpszCommandLine); + } + else + { + /* Create the main dialog for uninstall */ + + DialogBoxW (hInstance, MAKEINTRESOURCEW (IDD_UNINSTALL), NULL, (DLGPROC) UninstallDlgProc); + + if (UninstallBatch[0]) + { + STARTUPINFO si; + PROCESS_INFORMATION pi; + + ZeroMemory (&si, sizeof (si)); + si.cb = sizeof (si); + si.dwFlags = STARTF_USESHOWWINDOW; + si.wShowWindow = SW_HIDE; + + if (!CreateProcess (UninstallBatch, NULL, NULL, NULL, FALSE, IDLE_PRIORITY_CLASS, NULL, NULL, &si, &pi)) + DeleteFile (UninstallBatch); + else + { + CloseHandle (pi.hProcess); + CloseHandle (pi.hThread); + } + } + } + } + FinalizeApp (); + return 0; +} diff --git a/src/Setup/Setup.h b/src/Setup/Setup.h index 0de3417a..da31f3cd 100644 --- a/src/Setup/Setup.h +++ b/src/Setup/Setup.h @@ -1,190 +1,190 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifndef SETUP_H -#define SETUP_H - -#ifdef __cplusplus -extern "C" { -#endif - -// Specifies what files to install, where (determined by the prefix), and in what order -static wchar_t *szFiles[]= -{ - L"AVeraCrypt User Guide.pdf", - L"ALicense.txt", - L"ALICENSE", - L"ANOTICE", - L"AVeraCrypt.exe", - L"AVeraCryptExpander.exe", - L"AVeraCrypt Format.exe", - L"AVeraCrypt-x86.exe", - L"AVeraCryptExpander-x86.exe", - L"AVeraCrypt Format-x86.exe", - L"AVeraCrypt-x64.exe", - L"AVeraCryptExpander-x64.exe", - L"AVeraCrypt Format-x64.exe", - L"Averacrypt.sys", - L"Averacrypt-x64.sys", - L"Dveracrypt.sys", - L"AVeraCrypt Setup.exe", - L"ALanguage.ar.xml", - L"ALanguage.be.xml", - L"ALanguage.bg.xml", - L"ALanguage.ca.xml", - L"ALanguage.cs.xml", - L"ALanguage.da.xml", - L"ALanguage.de.xml", - L"ALanguage.el.xml", - L"ALanguage.es.xml", - L"ALanguage.et.xml", - L"ALanguage.eu.xml", - L"ALanguage.fa.xml", - L"ALanguage.fi.xml", - L"ALanguage.fr.xml", - L"ALanguage.hu.xml", - L"ALanguage.id.xml", - L"ALanguage.it.xml", - L"ALanguage.ja.xml", - L"ALanguage.ka.xml", - L"ALanguage.ko.xml", - L"ALanguage.lv.xml", - L"ALanguage.my.xml", - L"ALanguage.nl.xml", - L"ALanguage.nn.xml", - L"ALanguage.pl.xml", - L"ALanguage.pt-br.xml", - L"ALanguage.ru.xml", - L"ALanguage.sk.xml", - L"ALanguage.sl.xml", - L"ALanguage.sv.xml", - L"ALanguage.tr.xml", - L"ALanguage.uk.xml", - L"ALanguage.uz.xml", - L"ALanguage.vi.xml", - L"ALanguage.zh-cn.xml", - L"ALanguage.zh-hk.xml", - L"ALanguage.zh-tw.xml" -}; - -// Specifies what files are included in self-extracting packages (no other files will be packaged or extracted). -static wchar_t *szCompressedFiles[]= -{ - L"VeraCrypt User Guide.pdf", - L"License.txt", - L"LICENSE", - L"NOTICE", - L"VeraCrypt.exe", - L"VeraCryptExpander.exe", - L"VeraCrypt Format.exe", - L"VeraCrypt-x64.exe", - L"VeraCryptExpander-x64.exe", - L"VeraCrypt Format-x64.exe", - L"veracrypt.sys", - L"veracrypt-x64.sys", - L"Language.ar.xml", - L"Language.be.xml", - L"Language.bg.xml", - L"Language.ca.xml", - L"Language.cs.xml", - L"Language.da.xml", - L"Language.de.xml", - L"Language.el.xml", - L"Language.es.xml", - L"Language.et.xml", - L"Language.eu.xml", - L"Language.fa.xml", - L"Language.fi.xml", - L"Language.fr.xml", - L"Language.hu.xml", - L"Language.id.xml", - L"Language.it.xml", - L"Language.ja.xml", - L"Language.ka.xml", - L"Language.ko.xml", - L"Language.lv.xml", - L"Language.my.xml", - L"Language.nl.xml", - L"Language.nn.xml", - L"Language.pl.xml", - L"Language.pt-br.xml", - L"Language.ru.xml", - L"Language.sk.xml", - L"Language.sl.xml", - L"Language.sv.xml", - L"Language.tr.xml", - L"Language.uk.xml", - L"Language.uz.xml", - L"Language.vi.xml", - L"Language.zh-cn.xml", - L"Language.zh-hk.xml", - L"Language.zh-tw.xml" -}; - -#define FILENAME_64BIT_DRIVER L"veracrypt-x64.sys" -#define NBR_COMPRESSED_FILES (sizeof(szCompressedFiles) / sizeof(szCompressedFiles[0])) - -void localcleanup (void); -BOOL StatDeleteFile ( wchar_t *lpszFile, BOOL bCheckForOldFile ); -BOOL StatRemoveDirectory ( wchar_t *lpszDir ); -HRESULT CreateLink ( wchar_t *lpszPathObj , wchar_t *lpszArguments , wchar_t *lpszPathLink ); -void GetProgramPath ( HWND hwndDlg , wchar_t *path ); -void StatusMessage (HWND hwndDlg, char *stringId); -void StatusMessageParam (HWND hwndDlg, char *stringId, wchar_t *param); -void ClearLogWindow (HWND hwndDlg); -void RegMessage ( HWND hwndDlg , wchar_t *txt ); -void RegRemoveMessage (HWND hwndDlg, wchar_t *txt); -void CopyMessage ( HWND hwndDlg , wchar_t *txt ); -void RemoveMessage ( HWND hwndDlg , wchar_t *txt ); -void IconMessage ( HWND hwndDlg , wchar_t *txt ); -static int CALLBACK BrowseCallbackProc ( HWND hwnd , UINT uMsg , LPARAM lp , LPARAM pData ); -void LoadLicense ( HWND hwndDlg ); -void DetermineUpgradeDowngradeStatus (BOOL bCloseDriverHandle, LONG *driverVersionPtr); -BOOL DoFilesInstall ( HWND hwndDlg , wchar_t *szDestDir ); -BOOL DoRegInstall ( HWND hwndDlg , wchar_t *szDestDir , BOOL bInstallType ); -BOOL DoRegUninstall (HWND hwndDlg, BOOL bRemoveDeprecated); -BOOL DoServiceUninstall ( HWND hwndDlg , wchar_t *lpszService ); -BOOL DoDriverUnload ( HWND hwndDlg ); -BOOL DoShortcutsInstall ( HWND hwndDlg , wchar_t *szDestDir , BOOL bProgGroup, BOOL bDesktopIcon ); -BOOL DoShortcutsUninstall (HWND hwndDlg, wchar_t *szDestDir); -void OutcomePrompt ( HWND hwndDlg , BOOL bOK ); -void DoUninstall ( void *hwndDlg ); -void DoInstall ( void *hwndDlg ); -void SetInstallationPath (HWND hwndDlg); -BOOL UpgradeBootLoader (HWND hwndDlg); -BOOL CALLBACK InstallDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); - -extern BOOL bDevm; -extern BOOL Rollback; -extern BOOL bUpgrade; -extern BOOL bPossiblyFirstTimeInstall; -extern BOOL bRepairMode; -extern BOOL bReinstallMode; -extern BOOL bSystemRestore; -extern BOOL bDisableSwapFiles; -extern BOOL bForAllUsers; -extern BOOL bRegisterFileExt; -extern BOOL bAddToStartMenu; -extern BOOL bDesktopIcon; -extern BOOL bDesktopIconStatusDetermined; -extern BOOL SystemEncryptionUpdate; -extern BOOL bRestartRequired; -extern HMODULE volatile SystemRestoreDll; -extern wchar_t InstallationPath[TC_MAX_PATH]; -extern wchar_t SetupFilesDir[TC_MAX_PATH]; - -#ifdef __cplusplus -} -#endif - -#endif // #ifndef SETUP_H +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifndef SETUP_H +#define SETUP_H + +#ifdef __cplusplus +extern "C" { +#endif + +// Specifies what files to install, where (determined by the prefix), and in what order +static wchar_t *szFiles[]= +{ + L"AVeraCrypt User Guide.pdf", + L"ALicense.txt", + L"ALICENSE", + L"ANOTICE", + L"AVeraCrypt.exe", + L"AVeraCryptExpander.exe", + L"AVeraCrypt Format.exe", + L"AVeraCrypt-x86.exe", + L"AVeraCryptExpander-x86.exe", + L"AVeraCrypt Format-x86.exe", + L"AVeraCrypt-x64.exe", + L"AVeraCryptExpander-x64.exe", + L"AVeraCrypt Format-x64.exe", + L"Averacrypt.sys", + L"Averacrypt-x64.sys", + L"Dveracrypt.sys", + L"AVeraCrypt Setup.exe", + L"ALanguage.ar.xml", + L"ALanguage.be.xml", + L"ALanguage.bg.xml", + L"ALanguage.ca.xml", + L"ALanguage.cs.xml", + L"ALanguage.da.xml", + L"ALanguage.de.xml", + L"ALanguage.el.xml", + L"ALanguage.es.xml", + L"ALanguage.et.xml", + L"ALanguage.eu.xml", + L"ALanguage.fa.xml", + L"ALanguage.fi.xml", + L"ALanguage.fr.xml", + L"ALanguage.hu.xml", + L"ALanguage.id.xml", + L"ALanguage.it.xml", + L"ALanguage.ja.xml", + L"ALanguage.ka.xml", + L"ALanguage.ko.xml", + L"ALanguage.lv.xml", + L"ALanguage.my.xml", + L"ALanguage.nl.xml", + L"ALanguage.nn.xml", + L"ALanguage.pl.xml", + L"ALanguage.pt-br.xml", + L"ALanguage.ru.xml", + L"ALanguage.sk.xml", + L"ALanguage.sl.xml", + L"ALanguage.sv.xml", + L"ALanguage.tr.xml", + L"ALanguage.uk.xml", + L"ALanguage.uz.xml", + L"ALanguage.vi.xml", + L"ALanguage.zh-cn.xml", + L"ALanguage.zh-hk.xml", + L"ALanguage.zh-tw.xml" +}; + +// Specifies what files are included in self-extracting packages (no other files will be packaged or extracted). +static wchar_t *szCompressedFiles[]= +{ + L"VeraCrypt User Guide.pdf", + L"License.txt", + L"LICENSE", + L"NOTICE", + L"VeraCrypt.exe", + L"VeraCryptExpander.exe", + L"VeraCrypt Format.exe", + L"VeraCrypt-x64.exe", + L"VeraCryptExpander-x64.exe", + L"VeraCrypt Format-x64.exe", + L"veracrypt.sys", + L"veracrypt-x64.sys", + L"Language.ar.xml", + L"Language.be.xml", + L"Language.bg.xml", + L"Language.ca.xml", + L"Language.cs.xml", + L"Language.da.xml", + L"Language.de.xml", + L"Language.el.xml", + L"Language.es.xml", + L"Language.et.xml", + L"Language.eu.xml", + L"Language.fa.xml", + L"Language.fi.xml", + L"Language.fr.xml", + L"Language.hu.xml", + L"Language.id.xml", + L"Language.it.xml", + L"Language.ja.xml", + L"Language.ka.xml", + L"Language.ko.xml", + L"Language.lv.xml", + L"Language.my.xml", + L"Language.nl.xml", + L"Language.nn.xml", + L"Language.pl.xml", + L"Language.pt-br.xml", + L"Language.ru.xml", + L"Language.sk.xml", + L"Language.sl.xml", + L"Language.sv.xml", + L"Language.tr.xml", + L"Language.uk.xml", + L"Language.uz.xml", + L"Language.vi.xml", + L"Language.zh-cn.xml", + L"Language.zh-hk.xml", + L"Language.zh-tw.xml" +}; + +#define FILENAME_64BIT_DRIVER L"veracrypt-x64.sys" +#define NBR_COMPRESSED_FILES (sizeof(szCompressedFiles) / sizeof(szCompressedFiles[0])) + +void localcleanup (void); +BOOL StatDeleteFile ( wchar_t *lpszFile, BOOL bCheckForOldFile ); +BOOL StatRemoveDirectory ( wchar_t *lpszDir ); +HRESULT CreateLink ( wchar_t *lpszPathObj , wchar_t *lpszArguments , wchar_t *lpszPathLink ); +void GetProgramPath ( HWND hwndDlg , wchar_t *path ); +void StatusMessage (HWND hwndDlg, char *stringId); +void StatusMessageParam (HWND hwndDlg, char *stringId, wchar_t *param); +void ClearLogWindow (HWND hwndDlg); +void RegMessage ( HWND hwndDlg , wchar_t *txt ); +void RegRemoveMessage (HWND hwndDlg, wchar_t *txt); +void CopyMessage ( HWND hwndDlg , wchar_t *txt ); +void RemoveMessage ( HWND hwndDlg , wchar_t *txt ); +void IconMessage ( HWND hwndDlg , wchar_t *txt ); +static int CALLBACK BrowseCallbackProc ( HWND hwnd , UINT uMsg , LPARAM lp , LPARAM pData ); +void LoadLicense ( HWND hwndDlg ); +void DetermineUpgradeDowngradeStatus (BOOL bCloseDriverHandle, LONG *driverVersionPtr); +BOOL DoFilesInstall ( HWND hwndDlg , wchar_t *szDestDir ); +BOOL DoRegInstall ( HWND hwndDlg , wchar_t *szDestDir , BOOL bInstallType ); +BOOL DoRegUninstall (HWND hwndDlg, BOOL bRemoveDeprecated); +BOOL DoServiceUninstall ( HWND hwndDlg , wchar_t *lpszService ); +BOOL DoDriverUnload ( HWND hwndDlg ); +BOOL DoShortcutsInstall ( HWND hwndDlg , wchar_t *szDestDir , BOOL bProgGroup, BOOL bDesktopIcon ); +BOOL DoShortcutsUninstall (HWND hwndDlg, wchar_t *szDestDir); +void OutcomePrompt ( HWND hwndDlg , BOOL bOK ); +void DoUninstall ( void *hwndDlg ); +void DoInstall ( void *hwndDlg ); +void SetInstallationPath (HWND hwndDlg); +BOOL UpgradeBootLoader (HWND hwndDlg); +BOOL CALLBACK InstallDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam ); + +extern BOOL bDevm; +extern BOOL Rollback; +extern BOOL bUpgrade; +extern BOOL bPossiblyFirstTimeInstall; +extern BOOL bRepairMode; +extern BOOL bReinstallMode; +extern BOOL bSystemRestore; +extern BOOL bDisableSwapFiles; +extern BOOL bForAllUsers; +extern BOOL bRegisterFileExt; +extern BOOL bAddToStartMenu; +extern BOOL bDesktopIcon; +extern BOOL bDesktopIconStatusDetermined; +extern BOOL SystemEncryptionUpdate; +extern BOOL bRestartRequired; +extern HMODULE volatile SystemRestoreDll; +extern wchar_t InstallationPath[TC_MAX_PATH]; +extern wchar_t SetupFilesDir[TC_MAX_PATH]; + +#ifdef __cplusplus +} +#endif + +#endif // #ifndef SETUP_H diff --git a/src/Setup/Setup.manifest b/src/Setup/Setup.manifest index db2b8e62..afd4c1c0 100644 --- a/src/Setup/Setup.manifest +++ b/src/Setup/Setup.manifest @@ -1,33 +1,33 @@ - - - - - - - - - - - - true - - - - - - - - - - - - - + + + + + + + + + + + + true + + + + + + + + + + + + + \ No newline at end of file diff --git a/src/Setup/Setup.rc b/src/Setup/Setup.rc index 2223505b..bdb89be1 100644 --- a/src/Setup/Setup.rc +++ b/src/Setup/Setup.rc @@ -1,327 +1,327 @@ -// Microsoft Visual C++ generated resource script. -// -#include "resource.h" - -#define APSTUDIO_READONLY_SYMBOLS -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 2 resource. -// -#include "afxres.h" -#include "..\\common\\resource.h" - -///////////////////////////////////////////////////////////////////////////// -#undef APSTUDIO_READONLY_SYMBOLS - -///////////////////////////////////////////////////////////////////////////// -// English (U.S.) resources - -#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU) -#ifdef _WIN32 -LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US -#pragma code_page(1252) -#endif //_WIN32 - -///////////////////////////////////////////////////////////////////////////// -// -// Version -// - -VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,17,22,0 - PRODUCTVERSION 1,17,22,0 - FILEFLAGSMASK 0x17L -#ifdef _DEBUG - FILEFLAGS 0x1L -#else - FILEFLAGS 0x0L -#endif - FILEOS 0x4L - FILETYPE 0x1L - FILESUBTYPE 0x0L -BEGIN - BLOCK "StringFileInfo" - BEGIN - BLOCK "040904b0" - BEGIN - VALUE "CompanyName", "IDRIX" - VALUE "FileDescription", "VeraCrypt Setup" - VALUE "FileVersion", "1.17" - VALUE "LegalTrademarks", "VeraCrypt" - VALUE "OriginalFilename", "VeraCrypt Setup.exe" - VALUE "ProductName", "VeraCrypt" - VALUE "ProductVersion", "1.17" - END - END - BLOCK "VarFileInfo" - BEGIN - VALUE "Translation", 0x409, 1200 - END -END - - -///////////////////////////////////////////////////////////////////////////// -// -// HEADER -// - -IDR_SETUP_RSRC_HEADER HEADER "resource.h" - -///////////////////////////////////////////////////////////////////////////// -// -// REGISTRY -// - -IDR_COMREG REGISTRY "ComSetup.rgs" - -///////////////////////////////////////////////////////////////////////////// -// -// Dialog -// - -IDD_UNINSTALL DIALOGEX 0, 0, 349, 234 -STYLE DS_SETFONT | DS_SETFOREGROUND | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "Uninstall VeraCrypt" -CLASS "VeraCryptCustomDlg" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - LTEXT "Click Uninstall to remove VeraCrypt from this system.",IDT_UNINSTALL_DIR,8,8,334,8 - LISTBOX IDC_LOG_WINDOW,7,21,335,179,LBS_NOINTEGRALHEIGHT | LBS_NOSEL | WS_VSCROLL - DEFPUSHBUTTON "&Uninstall",IDC_UNINSTALL,236,213,50,14 - PUSHBUTTON "Cancel",IDCANCEL,292,213,50,14 - CONTROL "Create System &Restore point",IDC_SYSTEM_RESTORE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,10,215,194,10 - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,206,347,1,WS_EX_STATICEDGE - CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,1,348,1,WS_EX_STATICEDGE -END - -IDD_INSTALL_OPTIONS_PAGE_DLG DIALOGEX 0, 0, 346, 152 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - EDITTEXT IDC_DESTINATION,11,41,260,13,ES_AUTOHSCROLL - PUSHBUTTON "Bro&wse...",IDC_BROWSE,278,40,59,14 - CONTROL "Install &for all users",IDC_ALL_USERS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,77,168,11 - CONTROL "Associate the .hc file &extension with VeraCrypt",IDC_FILE_TYPE, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,113,232,11 - CONTROL "Add VeraCrypt to &Start menu",IDC_PROG_GROUP,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,89,168,11 - CONTROL "Create System &Restore point",IDC_SYSTEM_RESTORE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,125,194,11 - CONTROL "Add VeraCrypt icon to &desktop",IDC_DESKTOP_ICON,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,101,168,11 - LTEXT "Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created.",IDT_INSTALL_DESTINATION,11,14,319,25 -END - -IDD_INFO_PAGE_DLG DIALOGEX 0, 0, 217, 156 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - LTEXT "",IDC_BOX_HELP,0,10,217,146 -END - -IDD_INTRO_PAGE_DLG DIALOGEX 0, 0, 346, 152 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "",IDC_LICENSE_TEXT,"RichEdit20A",ES_MULTILINE | ES_READONLY | ES_NUMBER | WS_BORDER | WS_VSCROLL | WS_TABSTOP,0,23,345,108 - CONTROL "",IDC_AGREE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,2,137,126,10 - LTEXT "",IDC_BOX_HELP,0,0,346,22 -END - -IDD_INSTL_DLG DIALOGEX 0, 0, 374, 231 -STYLE DS_SETFONT | DS_SETFOREGROUND | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "VeraCrypt Setup Wizard" -CLASS "VeraCryptCustomDlg" -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - PUSHBUTTON "&Help",IDHELP,150,211,50,14 - PUSHBUTTON "",IDC_PREV,209,211,50,14 - DEFPUSHBUTTON "",IDC_NEXT,259,211,50,14 - PUSHBUTTON "Cancel",IDCANCEL,317,211,50,14 - LTEXT "",IDC_BOX_TITLE,11,5,324,12,0,WS_EX_TRANSPARENT - CONTROL 107,IDC_BITMAP_SETUP_WIZARD,"Static",SS_BITMAP | SS_NOTIFY,139,3,228,30 - CONTROL 109,IDC_SETUP_WIZARD_BKG,"Static",SS_BITMAP,0,0,11,10 - CONTROL "",IDC_SETUP_WIZARD_GFX_AREA,"Static",SS_GRAYRECT | NOT WS_VISIBLE,0,0,378,36,WS_EX_TRANSPARENT | WS_EX_STATICEDGE - CONTROL "",IDC_HR_BOTTOM,"Static",SS_ETCHEDHORZ,67,204,306,1,WS_EX_STATICEDGE - CONTROL "",IDC_HR,"Static",SS_ETCHEDHORZ,0,35,399,1,WS_EX_STATICEDGE - LTEXT "VeraCrypt Installer",IDC_STATIC,4,200,62,8,WS_DISABLED - LTEXT "",IDC_BOX_INFO,18,18,317,13,0,WS_EX_TRANSPARENT - LTEXT "",IDC_MAIN_CONTENT_CANVAS,0,36,374,164 - LTEXT "",IDC_POS_BOX,14,42,346,155,0,WS_EX_TRANSPARENT -END - -IDD_EXTRACTION_OPTIONS_PAGE_DLG DIALOGEX 0, 0, 346, 152 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - PUSHBUTTON "Bro&wse...",IDC_BROWSE,277,32,62,14 - EDITTEXT IDC_DESTINATION,6,33,264,12,ES_AUTOHSCROLL - LTEXT "Please select or type the location where you want to place the extracted files:",IDT_EXTRACT_DESTINATION,6,15,333,17 - CONTROL "&Open the destination location when finished",IDC_OPEN_CONTAINING_FOLDER, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,91,318,16 - LTEXT "",IDC_BOX_HELP,6,56,333,32 -END - -IDD_WIZARD_MODE_PAGE_DLG DIALOGEX 0, 0, 346, 152 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - CONTROL "&Install",IDC_WIZARD_MODE_INSTALL,"Button",BS_AUTORADIOBUTTON,6,14,232,10 - CONTROL "&Extract",IDC_WIZARD_MODE_EXTRACT_ONLY,"Button",BS_AUTORADIOBUTTON,6,60,232,10 - LTEXT "",IDC_BOX_HELP,42,77,286,64 - LTEXT "",IDC_BOX_HELP2,42,30,286,29 -END - -IDD_PROGRESS_PAGE_DLG DIALOGEX 0, 0, 346, 152 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -FONT 8, "MS Shell Dlg", 400, 0, 0x1 -BEGIN - LISTBOX IDC_LOG_WINDOW,0,1,345,131,LBS_NOINTEGRALHEIGHT | LBS_DISABLENOSCROLL | LBS_NOSEL | WS_VSCROLL - CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,0,139,345,12 -END - -IDD_DONATIONS_PAGE_DLG DIALOGEX 0, 0, 346, 152 -STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD -EXSTYLE WS_EX_TRANSPARENT -FONT 8, "MS Shell Dlg", 0, 0, 0x0 -BEGIN - PUSHBUTTON "Donate now...",IDC_DONATE,124,94,96,14 -END - - -///////////////////////////////////////////////////////////////////////////// -// -// Icon -// - -// Icon with lowest ID value placed first to ensure application icon -// remains consistent on all systems. -IDI_SETUP ICON "Setup.ico" - -#ifdef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// TEXTINCLUDE -// - -1 TEXTINCLUDE -BEGIN - "resource.h\0" -END - -2 TEXTINCLUDE -BEGIN - "#include ""afxres.h""\r\n" - "#include ""..\\\\common\\\\resource.h""\r\n" - "\0" -END - -3 TEXTINCLUDE -BEGIN - "#include ""..\\\\common\\\\common.rc""\r\n" - "\0" -END - -#endif // APSTUDIO_INVOKED - - -///////////////////////////////////////////////////////////////////////////// -// -// DESIGNINFO -// - -#ifdef APSTUDIO_INVOKED -GUIDELINES DESIGNINFO -BEGIN - IDD_UNINSTALL, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 342 - TOPMARGIN, 7 - BOTTOMMARGIN, 229 - END - - IDD_INSTALL_OPTIONS_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 339 - TOPMARGIN, 7 - BOTTOMMARGIN, 147 - END - - IDD_INFO_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 210 - TOPMARGIN, 7 - BOTTOMMARGIN, 149 - END - - IDD_INTRO_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 339 - TOPMARGIN, 7 - BOTTOMMARGIN, 145 - END - - IDD_INSTL_DLG, DIALOG - BEGIN - RIGHTMARGIN, 367 - TOPMARGIN, 1 - BOTTOMMARGIN, 229 - HORZGUIDE, 196 - END - - IDD_EXTRACTION_OPTIONS_PAGE_DLG, DIALOG - BEGIN - RIGHTMARGIN, 343 - BOTTOMMARGIN, 147 - END - - IDD_WIZARD_MODE_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 339 - TOPMARGIN, 7 - BOTTOMMARGIN, 145 - END - - IDD_PROGRESS_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 339 - TOPMARGIN, 7 - BOTTOMMARGIN, 145 - END - - IDD_DONATIONS_PAGE_DLG, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 339 - TOPMARGIN, 7 - BOTTOMMARGIN, 147 - END -END -#endif // APSTUDIO_INVOKED - - -///////////////////////////////////////////////////////////////////////////// -// -// Bitmap -// - -IDB_SETUP_WIZARD BITMAP "VeraCrypt_setup.bmp" -IDB_SETUP_WIZARD_BKG BITMAP "VeraCrypt_setup_background.bmp" -#endif // English (U.S.) resources -///////////////////////////////////////////////////////////////////////////// - - - -#ifndef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 3 resource. -// -#include "..\\common\\common.rc" - -///////////////////////////////////////////////////////////////////////////// -#endif // not APSTUDIO_INVOKED - +// Microsoft Visual C++ generated resource script. +// +#include "resource.h" + +#define APSTUDIO_READONLY_SYMBOLS +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 2 resource. +// +#include "afxres.h" +#include "..\\common\\resource.h" + +///////////////////////////////////////////////////////////////////////////// +#undef APSTUDIO_READONLY_SYMBOLS + +///////////////////////////////////////////////////////////////////////////// +// English (U.S.) resources + +#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU) +#ifdef _WIN32 +LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US +#pragma code_page(1252) +#endif //_WIN32 + +///////////////////////////////////////////////////////////////////////////// +// +// Version +// + +VS_VERSION_INFO VERSIONINFO + FILEVERSION 1,17,22,0 + PRODUCTVERSION 1,17,22,0 + FILEFLAGSMASK 0x17L +#ifdef _DEBUG + FILEFLAGS 0x1L +#else + FILEFLAGS 0x0L +#endif + FILEOS 0x4L + FILETYPE 0x1L + FILESUBTYPE 0x0L +BEGIN + BLOCK "StringFileInfo" + BEGIN + BLOCK "040904b0" + BEGIN + VALUE "CompanyName", "IDRIX" + VALUE "FileDescription", "VeraCrypt Setup" + VALUE "FileVersion", "1.17" + VALUE "LegalTrademarks", "VeraCrypt" + VALUE "OriginalFilename", "VeraCrypt Setup.exe" + VALUE "ProductName", "VeraCrypt" + VALUE "ProductVersion", "1.17" + END + END + BLOCK "VarFileInfo" + BEGIN + VALUE "Translation", 0x409, 1200 + END +END + + +///////////////////////////////////////////////////////////////////////////// +// +// HEADER +// + +IDR_SETUP_RSRC_HEADER HEADER "resource.h" + +///////////////////////////////////////////////////////////////////////////// +// +// REGISTRY +// + +IDR_COMREG REGISTRY "ComSetup.rgs" + +///////////////////////////////////////////////////////////////////////////// +// +// Dialog +// + +IDD_UNINSTALL DIALOGEX 0, 0, 349, 234 +STYLE DS_SETFONT | DS_SETFOREGROUND | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "Uninstall VeraCrypt" +CLASS "VeraCryptCustomDlg" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + LTEXT "Click Uninstall to remove VeraCrypt from this system.",IDT_UNINSTALL_DIR,8,8,334,8 + LISTBOX IDC_LOG_WINDOW,7,21,335,179,LBS_NOINTEGRALHEIGHT | LBS_NOSEL | WS_VSCROLL + DEFPUSHBUTTON "&Uninstall",IDC_UNINSTALL,236,213,50,14 + PUSHBUTTON "Cancel",IDCANCEL,292,213,50,14 + CONTROL "Create System &Restore point",IDC_SYSTEM_RESTORE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,10,215,194,10 + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,206,347,1,WS_EX_STATICEDGE + CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,1,348,1,WS_EX_STATICEDGE +END + +IDD_INSTALL_OPTIONS_PAGE_DLG DIALOGEX 0, 0, 346, 152 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + EDITTEXT IDC_DESTINATION,11,41,260,13,ES_AUTOHSCROLL + PUSHBUTTON "Bro&wse...",IDC_BROWSE,278,40,59,14 + CONTROL "Install &for all users",IDC_ALL_USERS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,77,168,11 + CONTROL "Associate the .hc file &extension with VeraCrypt",IDC_FILE_TYPE, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,113,232,11 + CONTROL "Add VeraCrypt to &Start menu",IDC_PROG_GROUP,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,89,168,11 + CONTROL "Create System &Restore point",IDC_SYSTEM_RESTORE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,125,194,11 + CONTROL "Add VeraCrypt icon to &desktop",IDC_DESKTOP_ICON,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,101,168,11 + LTEXT "Please select or type the location where you want to install the VeraCrypt program files. If the specified folder does not exist, it will be automatically created.",IDT_INSTALL_DESTINATION,11,14,319,25 +END + +IDD_INFO_PAGE_DLG DIALOGEX 0, 0, 217, 156 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + LTEXT "",IDC_BOX_HELP,0,10,217,146 +END + +IDD_INTRO_PAGE_DLG DIALOGEX 0, 0, 346, 152 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "",IDC_LICENSE_TEXT,"RichEdit20A",ES_MULTILINE | ES_READONLY | ES_NUMBER | WS_BORDER | WS_VSCROLL | WS_TABSTOP,0,23,345,108 + CONTROL "",IDC_AGREE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,2,137,126,10 + LTEXT "",IDC_BOX_HELP,0,0,346,22 +END + +IDD_INSTL_DLG DIALOGEX 0, 0, 374, 231 +STYLE DS_SETFONT | DS_SETFOREGROUND | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU +CAPTION "VeraCrypt Setup Wizard" +CLASS "VeraCryptCustomDlg" +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + PUSHBUTTON "&Help",IDHELP,150,211,50,14 + PUSHBUTTON "",IDC_PREV,209,211,50,14 + DEFPUSHBUTTON "",IDC_NEXT,259,211,50,14 + PUSHBUTTON "Cancel",IDCANCEL,317,211,50,14 + LTEXT "",IDC_BOX_TITLE,11,5,324,12,0,WS_EX_TRANSPARENT + CONTROL 107,IDC_BITMAP_SETUP_WIZARD,"Static",SS_BITMAP | SS_NOTIFY,139,3,228,30 + CONTROL 109,IDC_SETUP_WIZARD_BKG,"Static",SS_BITMAP,0,0,11,10 + CONTROL "",IDC_SETUP_WIZARD_GFX_AREA,"Static",SS_GRAYRECT | NOT WS_VISIBLE,0,0,378,36,WS_EX_TRANSPARENT | WS_EX_STATICEDGE + CONTROL "",IDC_HR_BOTTOM,"Static",SS_ETCHEDHORZ,67,204,306,1,WS_EX_STATICEDGE + CONTROL "",IDC_HR,"Static",SS_ETCHEDHORZ,0,35,399,1,WS_EX_STATICEDGE + LTEXT "VeraCrypt Installer",IDC_STATIC,4,200,62,8,WS_DISABLED + LTEXT "",IDC_BOX_INFO,18,18,317,13,0,WS_EX_TRANSPARENT + LTEXT "",IDC_MAIN_CONTENT_CANVAS,0,36,374,164 + LTEXT "",IDC_POS_BOX,14,42,346,155,0,WS_EX_TRANSPARENT +END + +IDD_EXTRACTION_OPTIONS_PAGE_DLG DIALOGEX 0, 0, 346, 152 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + PUSHBUTTON "Bro&wse...",IDC_BROWSE,277,32,62,14 + EDITTEXT IDC_DESTINATION,6,33,264,12,ES_AUTOHSCROLL + LTEXT "Please select or type the location where you want to place the extracted files:",IDT_EXTRACT_DESTINATION,6,15,333,17 + CONTROL "&Open the destination location when finished",IDC_OPEN_CONTAINING_FOLDER, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,91,318,16 + LTEXT "",IDC_BOX_HELP,6,56,333,32 +END + +IDD_WIZARD_MODE_PAGE_DLG DIALOGEX 0, 0, 346, 152 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + CONTROL "&Install",IDC_WIZARD_MODE_INSTALL,"Button",BS_AUTORADIOBUTTON,6,14,232,10 + CONTROL "&Extract",IDC_WIZARD_MODE_EXTRACT_ONLY,"Button",BS_AUTORADIOBUTTON,6,60,232,10 + LTEXT "",IDC_BOX_HELP,42,77,286,64 + LTEXT "",IDC_BOX_HELP2,42,30,286,29 +END + +IDD_PROGRESS_PAGE_DLG DIALOGEX 0, 0, 346, 152 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +FONT 8, "MS Shell Dlg", 400, 0, 0x1 +BEGIN + LISTBOX IDC_LOG_WINDOW,0,1,345,131,LBS_NOINTEGRALHEIGHT | LBS_DISABLENOSCROLL | LBS_NOSEL | WS_VSCROLL + CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,0,139,345,12 +END + +IDD_DONATIONS_PAGE_DLG DIALOGEX 0, 0, 346, 152 +STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD +EXSTYLE WS_EX_TRANSPARENT +FONT 8, "MS Shell Dlg", 0, 0, 0x0 +BEGIN + PUSHBUTTON "Donate now...",IDC_DONATE,124,94,96,14 +END + + +///////////////////////////////////////////////////////////////////////////// +// +// Icon +// + +// Icon with lowest ID value placed first to ensure application icon +// remains consistent on all systems. +IDI_SETUP ICON "Setup.ico" + +#ifdef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// TEXTINCLUDE +// + +1 TEXTINCLUDE +BEGIN + "resource.h\0" +END + +2 TEXTINCLUDE +BEGIN + "#include ""afxres.h""\r\n" + "#include ""..\\\\common\\\\resource.h""\r\n" + "\0" +END + +3 TEXTINCLUDE +BEGIN + "#include ""..\\\\common\\\\common.rc""\r\n" + "\0" +END + +#endif // APSTUDIO_INVOKED + + +///////////////////////////////////////////////////////////////////////////// +// +// DESIGNINFO +// + +#ifdef APSTUDIO_INVOKED +GUIDELINES DESIGNINFO +BEGIN + IDD_UNINSTALL, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 342 + TOPMARGIN, 7 + BOTTOMMARGIN, 229 + END + + IDD_INSTALL_OPTIONS_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 339 + TOPMARGIN, 7 + BOTTOMMARGIN, 147 + END + + IDD_INFO_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 210 + TOPMARGIN, 7 + BOTTOMMARGIN, 149 + END + + IDD_INTRO_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 339 + TOPMARGIN, 7 + BOTTOMMARGIN, 145 + END + + IDD_INSTL_DLG, DIALOG + BEGIN + RIGHTMARGIN, 367 + TOPMARGIN, 1 + BOTTOMMARGIN, 229 + HORZGUIDE, 196 + END + + IDD_EXTRACTION_OPTIONS_PAGE_DLG, DIALOG + BEGIN + RIGHTMARGIN, 343 + BOTTOMMARGIN, 147 + END + + IDD_WIZARD_MODE_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 339 + TOPMARGIN, 7 + BOTTOMMARGIN, 145 + END + + IDD_PROGRESS_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 339 + TOPMARGIN, 7 + BOTTOMMARGIN, 145 + END + + IDD_DONATIONS_PAGE_DLG, DIALOG + BEGIN + LEFTMARGIN, 7 + RIGHTMARGIN, 339 + TOPMARGIN, 7 + BOTTOMMARGIN, 147 + END +END +#endif // APSTUDIO_INVOKED + + +///////////////////////////////////////////////////////////////////////////// +// +// Bitmap +// + +IDB_SETUP_WIZARD BITMAP "VeraCrypt_setup.bmp" +IDB_SETUP_WIZARD_BKG BITMAP "VeraCrypt_setup_background.bmp" +#endif // English (U.S.) resources +///////////////////////////////////////////////////////////////////////////// + + + +#ifndef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 3 resource. +// +#include "..\\common\\common.rc" + +///////////////////////////////////////////////////////////////////////////// +#endif // not APSTUDIO_INVOKED + diff --git a/src/Setup/Setup.vcproj b/src/Setup/Setup.vcproj index 05a67aa0..a1a6a81f 100644 --- a/src/Setup/Setup.vcproj +++ b/src/Setup/Setup.vcproj @@ -1,484 +1,484 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/Setup/Wizard.c b/src/Setup/Wizard.c index a5ee418b..42ea42c9 100644 --- a/src/Setup/Wizard.c +++ b/src/Setup/Wizard.c @@ -1,1195 +1,1195 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#include "Tcdefs.h" -#include -#include -#include -#include -#include "SelfExtract.h" -#include "Wizard.h" -#include "Dlgcode.h" -#include "Language.h" -#include "Common/Resource.h" -#include "Resource.h" -#include "Setup.h" -#include -#include - -using namespace std; - -enum wizard_pages -{ - INTRO_PAGE, - WIZARD_MODE_PAGE, - INSTALL_OPTIONS_PAGE, - INSTALL_PROGRESS_PAGE, - EXTRACTION_OPTIONS_PAGE, - EXTRACTION_PROGRESS_PAGE, - DONATIONS_PAGE -}; - -HWND hCurPage = NULL; /* Handle to current wizard page */ -int nCurPageNo = -1; /* The current wizard page */ -wchar_t WizardDestInstallPath [TC_MAX_PATH]; -wchar_t WizardDestExtractPath [TC_MAX_PATH]; -wchar_t SelfFile [TC_MAX_PATH]; - -HBITMAP hbmWizardBitmapRescaled = NULL; - -BOOL bExtractOnly = FALSE; -BOOL bLicenseAccepted = FALSE; -BOOL bOpenContainingFolder = TRUE; -BOOL bExtractionSuccessful = FALSE; -BOOL bStartInstall = FALSE; -BOOL bStartExtraction = FALSE; -BOOL bInProgress = FALSE; -BOOL bPromptTutorial = FALSE; -BOOL bPromptReleaseNotes = FALSE; - -int nPbar = 0; /* Control ID of progress bar */ - -static HFONT hDonTextFont; -static BOOL OsPrngAvailable; -static HCRYPTPROV hCryptProv; -static int DonColorSchemeId; -static COLORREF DonTextColor; -static COLORREF DonBkgColor; - -wstring DonText = L""; - -void localcleanupwiz (void) -{ - /* Delete buffered bitmaps (if any) */ - if (hbmWizardBitmapRescaled != NULL) - { - DeleteObject ((HGDIOBJ) hbmWizardBitmapRescaled); - hbmWizardBitmapRescaled = NULL; - } - - if (hCryptProv != 0) - { - OsPrngAvailable = FALSE; - CryptReleaseContext (hCryptProv, 0); - hCryptProv = 0; - } - - if (hDonTextFont != NULL) - { - DeleteObject (hDonTextFont); - hDonTextFont = NULL; - } -} - -static void InitWizardDestInstallPath (void) -{ - if (wcslen (WizardDestInstallPath) < 2) - { - StringCbCopyW (WizardDestInstallPath, sizeof(WizardDestInstallPath), InstallationPath); - if (WizardDestInstallPath [wcslen (WizardDestInstallPath) - 1] != L'\\') - { - StringCbCatW (WizardDestInstallPath, sizeof(WizardDestInstallPath), L"\\"); - } - } -} - -void LoadPage (HWND hwndDlg, int nPageNo) -{ - RECT rD, rW; - - if (hCurPage != NULL) - { - DestroyWindow (hCurPage); - } - - InvalidateRect (GetDlgItem (MainDlg, IDC_MAIN_CONTENT_CANVAS), NULL, TRUE); - - GetWindowRect (GetDlgItem (hwndDlg, IDC_POS_BOX), &rW); - - nCurPageNo = nPageNo; - - switch (nPageNo) - { - case INTRO_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INTRO_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case WIZARD_MODE_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_WIZARD_MODE_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case INSTALL_OPTIONS_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INSTALL_OPTIONS_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case INSTALL_PROGRESS_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PROGRESS_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case EXTRACTION_OPTIONS_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_EXTRACTION_OPTIONS_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case EXTRACTION_PROGRESS_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PROGRESS_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - - case DONATIONS_PAGE: - hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_DONATIONS_PAGE_DLG), hwndDlg, - (DLGPROC) PageDialogProc); - break; - } - - rD.left = 15; - rD.top = 45; - rD.right = 0; - rD.bottom = 0; - MapDialogRect (hwndDlg, &rD); - - if (hCurPage != NULL) - { - MoveWindow (hCurPage, rD.left, rD.top, rW.right - rW.left, rW.bottom - rW.top, TRUE); - ShowWindow (hCurPage, SW_SHOWNORMAL); - } - - /* Refresh the graphics (white background of some texts, etc.) */ - RefreshUIGFX (); -} - - -static int GetDonVal (int minVal, int maxVal) -{ - static BOOL prngInitialized = FALSE; - static unsigned __int8 buffer [2]; - - if (!prngInitialized) - { - if (!CryptAcquireContext (&hCryptProv, NULL, NULL, PROV_RSA_FULL, 0) - && !CryptAcquireContext (&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET)) - OsPrngAvailable = FALSE; - else - OsPrngAvailable = TRUE; - - srand ((unsigned int) time (NULL)); - rand(); // Generate and discard the inital value, as it always appears to be somewhat non-random. - - prngInitialized = TRUE; - } - - if (OsPrngAvailable && CryptGenRandom (hCryptProv, sizeof (buffer), buffer) != 0) - { - return ((int) ((double) *((uint16 *) buffer) / (0xFFFF+1) * (maxVal + 1 - minVal)) + minVal); - } - else - return ((int) ((double) rand() / (RAND_MAX+1) * (maxVal + 1 - minVal)) + minVal); -} - - -/* Except in response to the WM_INITDIALOG message, the dialog box procedure - should return nonzero if it processes the message, and zero if it does - not. - see DialogProc */ -BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) -{ - static char PageDebugId[128]; - WORD lw = LOWORD (wParam); - WORD hw = HIWORD (wParam); - - hCurPage = hwndDlg; - - switch (uMsg) - { - case WM_INITDIALOG: - LocalizeDialog (hwndDlg, "IDD_INSTL_DLG"); - - StringCbPrintfA (PageDebugId, sizeof(PageDebugId), "SETUP_WIZARD_PAGE_%d", nCurPageNo); - LastDialogId = PageDebugId; - - switch (nCurPageNo) - { - case INTRO_PAGE: - { - char *licenseText = NULL; - - licenseText = GetLegalNotices (); - if (licenseText != NULL) - { - SetWindowTextA (GetDlgItem (hwndDlg, IDC_LICENSE_TEXT), licenseText); - free (licenseText); - } - else - { - Error("CANNOT_DISPLAY_LICENSE", hwndDlg); - exit (1); - } - - /* For legal reasons, some of the following texts cannot be localized by third parties. */ - - SetCheckBox (hwndDlg, IDC_AGREE, bLicenseAccepted); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), L"Please read the license terms"); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), L"You must accept these license terms before you can use, extract, or install VeraCrypt."); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), L"IMPORTANT: By checking the checkbox below, you accept these license terms and signify that you understand and agree to them. Please click the 'arrow down' icon to see the rest of the license."); // Cannot be localized by third parties (for legal reasons). - //SendMessage (GetDlgItem (hwndDlg, IDC_BOX_HELP), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_AGREE), L"I &accept the license terms"); // Cannot be localized by third parties (for legal reasons). - //SetWindowTextW (GetDlgItem (hwndDlg, IDC_DISAGREE), L"I &do not accept the license terms"); - - //SendMessage (GetDlgItem (hwndDlg, IDC_AGREE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - //SendMessage (GetDlgItem (hwndDlg, IDC_DISAGREE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - - EnableWindow (GetDlgItem (hwndDlg, IDC_AGREE), TRUE); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), bLicenseAccepted); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), bLicenseAccepted); - - // Left margin for license text - SendMessage (GetDlgItem (hwndDlg, IDC_LICENSE_TEXT), EM_SETMARGINS, (WPARAM) EC_LEFTMARGIN, (LPARAM) CompensateXDPI (4)); - } - return 1; - - case WIZARD_MODE_PAGE: - { - LONG driverVersion; - - DetermineUpgradeDowngradeStatus (TRUE, &driverVersion); - - if (bRepairMode || bReinstallMode) - { - SetWindowTextW (GetDlgItem (hwndDlg, IDC_WIZARD_MODE_INSTALL), GetString ("REPAIR_REINSTALL")); - bExtractOnly = FALSE; - } - else if (bUpgrade) - SetWindowTextW (GetDlgItem (hwndDlg, IDC_WIZARD_MODE_INSTALL), GetString ("UPGRADE")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SETUP_MODE_TITLE")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), GetString ("SETUP_MODE_INFO")); - - SendMessage (GetDlgItem (hwndDlg, IDC_WIZARD_MODE_INSTALL), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - SendMessage (GetDlgItem (hwndDlg, IDC_WIZARD_MODE_EXTRACT_ONLY), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - - CheckButton (GetDlgItem (hwndDlg, bExtractOnly ? IDC_WIZARD_MODE_EXTRACT_ONLY : IDC_WIZARD_MODE_INSTALL)); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SETUP_MODE_HELP_EXTRACT")); - - if (!bRepairMode) - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP2), GetString (bUpgrade ? "SETUP_MODE_HELP_UPGRADE" : "SETUP_MODE_HELP_INSTALL")); - - EnableWindow (GetDlgItem (hwndDlg, IDC_WIZARD_MODE_EXTRACT_ONLY), !bRepairMode); - EnableWindow (GetDlgItem (hwndDlg, IDC_BOX_HELP), !bRepairMode); - EnableWindow (GetDlgItem (hwndDlg, IDC_WIZARD_MODE_INSTALL), TRUE); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - } - return 1; - - case EXTRACTION_OPTIONS_PAGE: - - if (wcslen(WizardDestExtractPath) < 2) - { - StringCbCopyW (WizardDestExtractPath, sizeof(WizardDestExtractPath), SetupFilesDir); - StringCbCatNW (WizardDestExtractPath, sizeof(WizardDestExtractPath), L"VeraCrypt\\", ARRAYSIZE (WizardDestExtractPath) - wcslen (WizardDestExtractPath) - 1); - } - - SendMessage (GetDlgItem (hwndDlg, IDC_DESTINATION), EM_LIMITTEXT, TC_MAX_PATH - 1, 0); - - SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestExtractPath); - - SetCheckBox (hwndDlg, IDC_OPEN_CONTAINING_FOLDER, bOpenContainingFolder); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("EXTRACTION_OPTIONS_TITLE")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), GetString ("EXTRACTION_OPTIONS_INFO")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("AUTO_FOLDER_CREATION")); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("EXTRACT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); - - return 1; - - case EXTRACTION_PROGRESS_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("EXTRACTING_VERB")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), GetString ("EXTRACTION_PROGRESS_INFO")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - - if (bStartExtraction) - { - /* Start extraction */ - - LastDialogId = "EXTRACTION_IN_PROGRESS"; - - WaitCursor (); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), FALSE); - - if (WizardDestExtractPath [wcslen(WizardDestExtractPath)-1] != L'\\') - StringCbCatW (WizardDestExtractPath, sizeof(WizardDestExtractPath), L"\\"); - - StringCbCopyW (DestExtractPath, sizeof(DestExtractPath), WizardDestExtractPath); - - InitProgressBar (); - - bInProgress = TRUE; - bStartExtraction = FALSE; - - _beginthread (ExtractAllFilesThread, 0, (void *) hwndDlg); - } - else - { - NormalCursor (); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); - } - - return 1; - - case INSTALL_OPTIONS_PAGE: - { - LONG driverVersion; - - DetermineUpgradeDowngradeStatus (TRUE, &driverVersion); - - if (!bDesktopIconStatusDetermined) - { - bDesktopIcon = !bUpgrade; - bDesktopIconStatusDetermined = TRUE; - } - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SETUP_OPTIONS_TITLE")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), GetString ("SETUP_OPTIONS_INFO")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("AUTO_FOLDER_CREATION")); - - InitWizardDestInstallPath (); - - SendMessage (GetDlgItem (hwndDlg, IDC_DESTINATION), EM_LIMITTEXT, TC_MAX_PATH - 1, 0); - - SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestInstallPath); - - if (bUpgrade) - { - SetWindowTextW (GetDlgItem (hwndDlg, IDT_INSTALL_DESTINATION), GetString ("SETUP_UPGRADE_DESTINATION")); - EnableWindow (GetDlgItem (hwndDlg, IDC_DESTINATION), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_BROWSE), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_ALL_USERS), FALSE); - - wchar_t path[MAX_PATH]; - SHGetSpecialFolderPath (hwndDlg, path, CSIDL_COMMON_PROGRAMS, 0); - bForAllUsers = (_waccess ((wstring (path) + L"\\" _T(TC_APP_NAME)).c_str(), 0) == 0); - } - - // System Restore - SetCheckBox (hwndDlg, IDC_SYSTEM_RESTORE, bSystemRestore); - if (SystemRestoreDll == 0) - { - SetCheckBox (hwndDlg, IDC_SYSTEM_RESTORE, FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_SYSTEM_RESTORE), FALSE); - } - - SetCheckBox (hwndDlg, IDC_ALL_USERS, bForAllUsers); - SetCheckBox (hwndDlg, IDC_FILE_TYPE, bRegisterFileExt); - SetCheckBox (hwndDlg, IDC_PROG_GROUP, bAddToStartMenu); - SetCheckBox (hwndDlg, IDC_DESKTOP_ICON, bDesktopIcon); - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString (bUpgrade ? "UPGRADE" : "INSTALL")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); - } - return 1; - - case INSTALL_PROGRESS_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SETUP_PROGRESS_TITLE")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), GetString ("SETUP_PROGRESS_INFO")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); - - if (bStartInstall) - { - /* Start install */ - - LastDialogId = "INSTALL_IN_PROGRESS"; - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), FALSE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), FALSE); - - InitProgressBar (); - - if (WizardDestInstallPath [wcslen(WizardDestInstallPath)-1] != L'\\') - StringCbCatW (WizardDestInstallPath, sizeof(WizardDestInstallPath), L"\\"); - - StringCbCopyW (InstallationPath, sizeof(InstallationPath), WizardDestInstallPath); - - WaitCursor (); - - bInProgress = TRUE; - bStartInstall = FALSE; - - _beginthread (DoInstall, 0, (void *) hwndDlg); - } - else - { - NormalCursor (); - - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE); - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); - - } - - return 1; - - case DONATIONS_PAGE: - - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bExtractOnly ? "EXTRACTION_FINISHED_TITLE_DON" : (bUpgrade ? "SETUP_FINISHED_UPGRADE_TITLE_DON" : "SETUP_FINISHED_TITLE_DON"))); - SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), GetString ("SETUP_FINISHED_INFO_DON")); - - DonText = L"Please consider making a donation."; - - - // Colors - - switch (DonColorSchemeId) - { - case 2: - // NOP - Default OS colors (foreground and background) - break; - - case 3: - // Red - DonTextColor = RGB (255, 255, 255); - DonBkgColor = RGB (255, 0, 0); - break; - - case 4: - // Yellow - DonTextColor = RGB (255, 15, 49); - DonBkgColor = RGB (255, 255, 0); - break; - - case 5: - // Light red - DonTextColor = RGB (255, 255, 255); - DonBkgColor = RGB (255, 141, 144); - break; - - case 6: - // Pink - DonTextColor = RGB (255, 255, 255); - DonBkgColor = RGB (248, 148, 207); - break; - - case 7: - // White + red text - DonTextColor = RGB (255, 15, 49); - DonBkgColor = RGB (255, 255, 255); - break; - - case 8: - // Blue - DonTextColor = RGB (255, 255, 255); - DonBkgColor = RGB (54, 140, 255); - break; - - case 9: - // Green - DonTextColor = RGB (255, 255, 255); - DonBkgColor = RGB (70, 180, 80); - break; - } - - { - // Font - - LOGFONTW lf; - memset (&lf, 0, sizeof(lf)); - - // Main font - StringCbCopyW (lf.lfFaceName, sizeof (lf.lfFaceName),L"Times New Roman"); - lf.lfHeight = CompensateDPIFont (-21); - lf.lfWeight = FW_NORMAL; - lf.lfWidth = 0; - lf.lfEscapement = 0; - lf.lfOrientation = 0; - lf.lfItalic = FALSE; - lf.lfUnderline = FALSE; - lf.lfStrikeOut = FALSE; - lf.lfCharSet = DEFAULT_CHARSET; - lf.lfOutPrecision = OUT_DEFAULT_PRECIS; - lf.lfClipPrecision = CLIP_DEFAULT_PRECIS; - lf.lfQuality = PROOF_QUALITY; - lf.lfPitchAndFamily = FF_DONTCARE; - hDonTextFont = CreateFontIndirectW (&lf); - - if (hDonTextFont == NULL) - AbortProcessSilent (); - } - - return 1; - } - - return 0; - - case WM_HELP: - if (bLicenseAccepted) - OpenPageHelp (GetParent (hwndDlg), nCurPageNo); - - return 1; - - case WM_ENDSESSION: - - bPromptTutorial = FALSE; - bPromptReleaseNotes = FALSE; - - EndDialog (MainDlg, 0); - localcleanup (); - return 0; - - - case WM_COMMAND: - - if (lw == IDC_AGREE && nCurPageNo == INTRO_PAGE) - { - EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), IsButtonChecked (GetDlgItem (hwndDlg, IDC_AGREE))); - return 1; - } - - if (lw == IDC_WIZARD_MODE_EXTRACT_ONLY && nCurPageNo == WIZARD_MODE_PAGE) - { - bExtractOnly = TRUE; - return 1; - } - - if (lw == IDC_WIZARD_MODE_INSTALL && nCurPageNo == WIZARD_MODE_PAGE) - { - bExtractOnly = FALSE; - return 1; - } - - if ( nCurPageNo == EXTRACTION_OPTIONS_PAGE && hw == EN_CHANGE ) - { - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), (GetWindowTextLength (GetDlgItem (hCurPage, IDC_DESTINATION)) > 1)); - return 1; - } - - if ( nCurPageNo == INSTALL_OPTIONS_PAGE && hw == EN_CHANGE ) - { - EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), (GetWindowTextLength (GetDlgItem (hCurPage, IDC_DESTINATION)) > 1)); - return 1; - } - - if ( nCurPageNo == EXTRACTION_OPTIONS_PAGE ) - { - switch (lw) - { - case IDC_BROWSE: - if (BrowseDirectories (hwndDlg, "SELECT_DEST_DIR", WizardDestExtractPath)) - { - if (WizardDestExtractPath [wcslen(WizardDestExtractPath)-1] != L'\\') - { - StringCbCatW (WizardDestExtractPath, sizeof(WizardDestExtractPath), L"\\"); - } - SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestExtractPath); - } - return 1; - - case IDC_OPEN_CONTAINING_FOLDER: - bOpenContainingFolder = IsButtonChecked (GetDlgItem (hCurPage, IDC_OPEN_CONTAINING_FOLDER)); - return 1; - } - } - - if ( nCurPageNo == INSTALL_OPTIONS_PAGE ) - { - switch (lw) - { - case IDC_BROWSE: - if (BrowseDirectories (hwndDlg, "SELECT_DEST_DIR", WizardDestInstallPath)) - { - if (WizardDestInstallPath [wcslen(WizardDestInstallPath)-1] != L'\\') - { - StringCbCatW (WizardDestInstallPath, sizeof(WizardDestInstallPath), L"\\"); - } - SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestInstallPath); - } - return 1; - - case IDC_SYSTEM_RESTORE: - bSystemRestore = IsButtonChecked (GetDlgItem (hCurPage, IDC_SYSTEM_RESTORE)); - return 1; - - case IDC_ALL_USERS: - bForAllUsers = IsButtonChecked (GetDlgItem (hCurPage, IDC_ALL_USERS)); - return 1; - - case IDC_FILE_TYPE: - bRegisterFileExt = IsButtonChecked (GetDlgItem (hCurPage, IDC_FILE_TYPE)); - return 1; - - case IDC_PROG_GROUP: - bAddToStartMenu = IsButtonChecked (GetDlgItem (hCurPage, IDC_PROG_GROUP)); - return 1; - - case IDC_DESKTOP_ICON: - bDesktopIcon = IsButtonChecked (GetDlgItem (hCurPage, IDC_DESKTOP_ICON)); - return 1; - - } - } - - if (nCurPageNo == DONATIONS_PAGE) - { - switch (lw) - { - case IDC_DONATE: - { - char tmpstr [200]; - - StringCbPrintfA (tmpstr, sizeof(tmpstr), "&ref=%d", DonColorSchemeId); - - Applink ("donate", FALSE, tmpstr); - } - return 1; - } - } - - return 0; - - - case WM_PAINT: - - if (nCurPageNo == DONATIONS_PAGE) - { - PAINTSTRUCT tmpPaintStruct; - HDC hdc = BeginPaint (hCurPage, &tmpPaintStruct); - - if (hdc == NULL) - AbortProcessSilent (); - - SelectObject (hdc, hDonTextFont); - - if (DonColorSchemeId != 2) - { - HBRUSH tmpBrush = CreateSolidBrush (DonBkgColor); - - if (tmpBrush == NULL) - AbortProcessSilent (); - - RECT trect; - - trect.left = 0; - trect.right = CompensateXDPI (526); - trect.top = 0; - trect.bottom = CompensateYDPI (246); - - FillRect (hdc, &trect, tmpBrush); - - SetTextColor (hdc, DonTextColor); - SetBkColor (hdc, DonBkgColor); - } - - SetTextAlign(hdc, TA_CENTER); - - TextOutW (hdc, - CompensateXDPI (258), - CompensateYDPI (70), - DonText.c_str(), - DonText.length()); - - EndPaint (hCurPage, &tmpPaintStruct); - ReleaseDC (hCurPage, hdc); - } - return 0; - - } - - return 0; -} - -void InitProgressBar (void) -{ - HWND hProgressBar = GetDlgItem (hCurPage, nPbar); - SendMessage (hProgressBar, PBM_SETRANGE32, 0, 100); - SendMessage (hProgressBar, PBM_SETSTEP, 1, 0); - InvalidateRect (hProgressBar, NULL, TRUE); -} - -// Must always return TRUE -BOOL UpdateProgressBarProc (int nPercent) -{ - HWND hProgressBar = GetDlgItem (hCurPage, nPbar); - SendMessage (hProgressBar, PBM_SETPOS, (int) (100.0 * nPercent / 100), 0); - InvalidateRect (hProgressBar, NULL, TRUE); - ShowWindow(hProgressBar, SW_HIDE); - ShowWindow(hProgressBar, SW_SHOW); - // Prevent the IDC_LOG_WINDOW item from partially disappearing at higher DPIs - ShowWindow(GetDlgItem (hCurPage, IDC_LOG_WINDOW), SW_HIDE); - ShowWindow(GetDlgItem (hCurPage, IDC_LOG_WINDOW), SW_SHOW); - RefreshUIGFX(); - return TRUE; -} - -void RefreshUIGFX (void) -{ - InvalidateRect (GetDlgItem (MainDlg, IDC_SETUP_WIZARD_BKG), NULL, TRUE); - InvalidateRect (GetDlgItem (MainDlg, IDC_BOX_TITLE), NULL, TRUE); - InvalidateRect (GetDlgItem (MainDlg, IDC_BOX_INFO), NULL, TRUE); - InvalidateRect (GetDlgItem (MainDlg, IDC_BITMAP_SETUP_WIZARD), NULL, TRUE); - InvalidateRect (GetDlgItem (MainDlg, IDC_HR), NULL, TRUE); - // Prevent these items from disappearing at higher DPIs - ShowWindow(GetDlgItem(MainDlg, IDC_HR), SW_HIDE); - ShowWindow(GetDlgItem(MainDlg, IDC_HR), SW_SHOW); - ShowWindow(GetDlgItem(MainDlg, IDC_HR_BOTTOM), SW_HIDE); - ShowWindow(GetDlgItem(MainDlg, IDC_HR_BOTTOM), SW_SHOW); - ShowWindow(GetDlgItem(MainDlg, IDC_BOX_INFO), SW_HIDE); - ShowWindow(GetDlgItem(MainDlg, IDC_BOX_INFO), SW_SHOW); - ShowWindow(GetDlgItem(MainDlg, IDC_BOX_TITLE), SW_HIDE); - ShowWindow(GetDlgItem(MainDlg, IDC_BOX_TITLE), SW_SHOW); -} - - -/* Except in response to the WM_INITDIALOG message, the dialog box procedure - should return nonzero if it processes the message, and zero if it does - not. - see DialogProc */ -BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) -{ - WORD lw = LOWORD (wParam); - - switch (uMsg) - { - case WM_INITDIALOG: - { - RECT rec; - - GetModuleFileName (NULL, SelfFile, ARRAYSIZE (SelfFile)); - - MainDlg = hwndDlg; - - if (!CreateAppSetupMutex ()) - AbortProcess ("TC_INSTALLER_IS_RUNNING"); - - InitDialog (hwndDlg); - LocalizeDialog (hwndDlg, "IDD_INSTL_DLG"); - - // Resize the bitmap if the user has a non-default DPI - if (ScreenDPI != USER_DEFAULT_SCREEN_DPI) - { - hbmWizardBitmapRescaled = RenderBitmap (MAKEINTRESOURCE (IDB_SETUP_WIZARD), - GetDlgItem (hwndDlg, IDC_BITMAP_SETUP_WIZARD), - 0, 0, 0, 0, FALSE, TRUE); - } - - // Gfx area background (must not keep aspect ratio; must retain Windows-imposed distortion) - GetClientRect (GetDlgItem (hwndDlg, IDC_SETUP_WIZARD_GFX_AREA), &rec); - SetWindowPos (GetDlgItem (hwndDlg, IDC_SETUP_WIZARD_BKG), HWND_TOP, 0, 0, rec.right, rec.bottom, SWP_NOMOVE); - - nPbar = IDC_PROGRESS_BAR; - - SendMessage (GetDlgItem (hwndDlg, IDC_BOX_TITLE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); - - SetWindowText (hwndDlg, L"VeraCrypt Setup " _T(VERSION_STRING)); - - DonColorSchemeId = GetDonVal (2, 9); - - if (bDevm) - { - InitWizardDestInstallPath (); - bSystemRestore = FALSE; - bRegisterFileExt = FALSE; - bAddToStartMenu = FALSE; - bDesktopIcon = TRUE; - bLicenseAccepted = TRUE; - bStartInstall = TRUE; - LoadPage (hwndDlg, INSTALL_PROGRESS_PAGE); - } - else - LoadPage (hwndDlg, INTRO_PAGE); - - } - return 0; - - case WM_SYSCOMMAND: - if (lw == IDC_ABOUT) - { - if (bLicenseAccepted) - DialogBoxW (hInst, MAKEINTRESOURCEW (IDD_ABOUT_DLG), hwndDlg, (DLGPROC) AboutDlgProc); - - return 1; - } - return 0; - - case WM_HELP: - if (bLicenseAccepted) - OpenPageHelp (hwndDlg, nCurPageNo); - - return 1; - - - case WM_COMMAND: - if (lw == IDHELP) - { - if (bLicenseAccepted) - OpenPageHelp (hwndDlg, nCurPageNo); - - return 1; - } - if (lw == IDCANCEL) - { - PostMessage (hwndDlg, WM_CLOSE, 0, 0); - return 1; - } - if (lw == IDC_NEXT) - { - if (nCurPageNo == INTRO_PAGE) - { - if (!IsButtonChecked (GetDlgItem (hCurPage, IDC_AGREE))) - { - bLicenseAccepted = FALSE; - return 1; - } - bLicenseAccepted = TRUE; - EnableWindow (GetDlgItem (hwndDlg, IDHELP), TRUE); - - if (nCurrentOS == WIN_2000) - { - WarningDirect (L"Warning: Please note that this may be the last version of VeraCrypt that supports Windows 2000. If you want to be able to upgrade to future versions of VeraCrypt (which is highly recommended), you will need to upgrade to Windows XP or a later version of Windows.\n\nNote: Microsoft stopped issuing security updates for Windows 2000 to the general public on 7/13/2010 (the last non-security update for Windows 2000 was issued to the general public in 2005).", hwndDlg); - - - HKEY hkey; - - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Updates\\Windows 2000\\SP5\\Update Rollup 1", 0, KEY_READ, &hkey) != ERROR_SUCCESS) - { - ErrorDirect (L"VeraCrypt requires Update Rollup 1 for Windows 2000 SP4 to be installed.\n\nFor more information, see http://support.microsoft.com/kb/891861", hwndDlg); - AbortProcessSilent (); - } - - RegCloseKey (hkey); - } - } - - else if (nCurPageNo == WIZARD_MODE_PAGE) - { - if (IsButtonChecked (GetDlgItem (hCurPage, IDC_WIZARD_MODE_EXTRACT_ONLY))) - { - Info ("TRAVELER_LIMITATIONS_NOTE", hwndDlg); - - if (IsUacSupported() - && AskWarnYesNo ("TRAVELER_UAC_NOTE", hwndDlg) == IDNO) - { - return 1; - } - - bExtractOnly = TRUE; - nCurPageNo = EXTRACTION_OPTIONS_PAGE - 1; - } - } - - else if (nCurPageNo == EXTRACTION_OPTIONS_PAGE) - { - GetWindowText (GetDlgItem (hCurPage, IDC_DESTINATION), WizardDestExtractPath, ARRAYSIZE (WizardDestExtractPath)); - - bStartExtraction = TRUE; - } - - else if (nCurPageNo == INSTALL_OPTIONS_PAGE) - { - GetWindowText (GetDlgItem (hCurPage, IDC_DESTINATION), WizardDestInstallPath, ARRAYSIZE (WizardDestInstallPath)); - - bStartInstall = TRUE; - } - - else if (nCurPageNo == INSTALL_PROGRESS_PAGE) - { - PostMessage (hwndDlg, WM_CLOSE, 0, 0); - return 1; - } - - else if (nCurPageNo == EXTRACTION_PROGRESS_PAGE) - { - PostMessage (hwndDlg, WM_CLOSE, 0, 0); - return 1; - } - - else if (nCurPageNo == DONATIONS_PAGE) - { - // 'Finish' button clicked - - PostMessage (hwndDlg, WM_CLOSE, 0, 0); - - return 1; - } - - LoadPage (hwndDlg, ++nCurPageNo); - - return 1; - } - - if (lw == IDC_PREV) - { - if (nCurPageNo == WIZARD_MODE_PAGE) - { - bExtractOnly = IsButtonChecked (GetDlgItem (hCurPage, IDC_WIZARD_MODE_EXTRACT_ONLY)); - } - - else if (nCurPageNo == EXTRACTION_OPTIONS_PAGE) - { - GetWindowText (GetDlgItem (hCurPage, IDC_DESTINATION), WizardDestExtractPath, ARRAYSIZE (WizardDestExtractPath)); - nCurPageNo = WIZARD_MODE_PAGE + 1; - } - - else if (nCurPageNo == INSTALL_OPTIONS_PAGE) - { - GetWindowText (GetDlgItem (hCurPage, IDC_DESTINATION), WizardDestInstallPath, ARRAYSIZE (WizardDestInstallPath)); - } - - LoadPage (hwndDlg, --nCurPageNo); - - return 1; - } - - return 0; - - - - case WM_PAINT: - - if (nCurPageNo == DONATIONS_PAGE && DonColorSchemeId != 2) - { - HWND hwndItem = GetDlgItem (MainDlg, IDC_MAIN_CONTENT_CANVAS); - - PAINTSTRUCT tmpPaintStruct; - HDC hdc = BeginPaint (hwndItem, &tmpPaintStruct); - - if (DonColorSchemeId != 2) - { - HBRUSH tmpBrush = CreateSolidBrush (DonBkgColor); - - RECT trect; - - trect.left = CompensateXDPI (1); - trect.right = CompensateXDPI (560); - trect.top = CompensateYDPI (DonColorSchemeId == 7 ? 11 : 0); - trect.bottom = CompensateYDPI (260); - - FillRect (hdc, &trect, tmpBrush); - } - - EndPaint(hwndItem, &tmpPaintStruct); - ReleaseDC (hwndItem, hdc); - } - return 0; - - - - case WM_CTLCOLORSTATIC: - - if ((HWND) lParam != GetDlgItem (MainDlg, IDC_MAIN_CONTENT_CANVAS)) - { - /* This maintains the background under the transparent-backround texts. The above 'if' statement allows - colored background to be erased automatically when leaving a page that uses it. */ - - SetBkMode ((HDC) wParam, TRANSPARENT); - return ((LONG) (HBRUSH) (GetStockObject (NULL_BRUSH))); - } - - - case WM_ERASEBKGND: - - return 0; - - - - case TC_APPMSG_INSTALL_SUCCESS: - - /* Installation completed successfully */ - - bInProgress = FALSE; - - nCurPageNo = DONATIONS_PAGE; - LoadPage (hwndDlg, DONATIONS_PAGE); - - NormalCursor (); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_NEXT), GetString ("FINALIZE")); - - EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDHELP), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), FALSE); - - - RefreshUIGFX (); - return 1; - - case TC_APPMSG_INSTALL_FAILURE: - - /* Installation failed */ - - bInProgress = FALSE; - - NormalCursor (); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_TITLE), GetString ("INSTALL_FAILED")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_INFO), L""); - - SetWindowTextW (GetDlgItem (hwndDlg, IDCANCEL), GetString ("IDCLOSE")); - EnableWindow (GetDlgItem (hwndDlg, IDHELP), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), TRUE); - - RefreshUIGFX(); - - return 1; - - case TC_APPMSG_EXTRACTION_SUCCESS: - - /* Extraction completed successfully */ - - UpdateProgressBarProc(100); - - bInProgress = FALSE; - bExtractionSuccessful = TRUE; - - NormalCursor (); - - StatusMessage (hCurPage, "EXTRACTION_FINISHED_INFO"); - - EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDHELP), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), FALSE); - - RefreshUIGFX (); - - Info ("EXTRACTION_FINISHED_INFO", hwndDlg); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_NEXT), GetString ("FINALIZE")); - - nCurPageNo = DONATIONS_PAGE; - LoadPage (hwndDlg, DONATIONS_PAGE); - - return 1; - - case TC_APPMSG_EXTRACTION_FAILURE: - - /* Extraction failed */ - - bInProgress = FALSE; - - NormalCursor (); - - StatusMessage (hCurPage, "EXTRACTION_FAILED"); - - UpdateProgressBarProc(0); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_TITLE), GetString ("EXTRACTION_FAILED")); - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_INFO), L""); - - SetWindowTextW (GetDlgItem (hwndDlg, IDCANCEL), GetString ("IDCLOSE")); - EnableWindow (GetDlgItem (hwndDlg, IDHELP), TRUE); - EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), FALSE); - EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), TRUE); - - RefreshUIGFX(); - - Error ("EXTRACTION_FAILED", hwndDlg); - - return 1; - - case WM_CLOSE: - - if (!bDevm) - { - if (bInProgress) - { - NormalCursor(); - if (AskNoYes("CONFIRM_EXIT_UNIVERSAL", hwndDlg) == IDNO) - { - return 1; - } - WaitCursor (); - } - - if (bOpenContainingFolder && bExtractOnly && bExtractionSuccessful) - { - ShellExecute (NULL, L"open", WizardDestExtractPath, NULL, NULL, SW_SHOWNORMAL); - } - else - { - if (bPromptReleaseNotes - && AskYesNo ("AFTER_UPGRADE_RELEASE_NOTES", hwndDlg) == IDYES) - { - Applink ("releasenotes", TRUE, ""); - } - - bPromptReleaseNotes = FALSE; - - if (bPromptTutorial - && AskYesNo ("AFTER_INSTALL_TUTORIAL", hwndDlg) == IDYES) - { - Applink ("beginnerstutorial", TRUE, ""); - } - - bPromptTutorial = FALSE; - } - - if (bRestartRequired - && AskYesNo (bUpgrade ? "UPGRADE_OK_REBOOT_REQUIRED" : "CONFIRM_RESTART", hwndDlg) == IDYES) - { - RestartComputer(); - } - } - - EndDialog (hwndDlg, IDCANCEL); - return 1; - } - - return 0; -} - - +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#include "Tcdefs.h" +#include +#include +#include +#include +#include "SelfExtract.h" +#include "Wizard.h" +#include "Dlgcode.h" +#include "Language.h" +#include "Common/Resource.h" +#include "Resource.h" +#include "Setup.h" +#include +#include + +using namespace std; + +enum wizard_pages +{ + INTRO_PAGE, + WIZARD_MODE_PAGE, + INSTALL_OPTIONS_PAGE, + INSTALL_PROGRESS_PAGE, + EXTRACTION_OPTIONS_PAGE, + EXTRACTION_PROGRESS_PAGE, + DONATIONS_PAGE +}; + +HWND hCurPage = NULL; /* Handle to current wizard page */ +int nCurPageNo = -1; /* The current wizard page */ +wchar_t WizardDestInstallPath [TC_MAX_PATH]; +wchar_t WizardDestExtractPath [TC_MAX_PATH]; +wchar_t SelfFile [TC_MAX_PATH]; + +HBITMAP hbmWizardBitmapRescaled = NULL; + +BOOL bExtractOnly = FALSE; +BOOL bLicenseAccepted = FALSE; +BOOL bOpenContainingFolder = TRUE; +BOOL bExtractionSuccessful = FALSE; +BOOL bStartInstall = FALSE; +BOOL bStartExtraction = FALSE; +BOOL bInProgress = FALSE; +BOOL bPromptTutorial = FALSE; +BOOL bPromptReleaseNotes = FALSE; + +int nPbar = 0; /* Control ID of progress bar */ + +static HFONT hDonTextFont; +static BOOL OsPrngAvailable; +static HCRYPTPROV hCryptProv; +static int DonColorSchemeId; +static COLORREF DonTextColor; +static COLORREF DonBkgColor; + +wstring DonText = L""; + +void localcleanupwiz (void) +{ + /* Delete buffered bitmaps (if any) */ + if (hbmWizardBitmapRescaled != NULL) + { + DeleteObject ((HGDIOBJ) hbmWizardBitmapRescaled); + hbmWizardBitmapRescaled = NULL; + } + + if (hCryptProv != 0) + { + OsPrngAvailable = FALSE; + CryptReleaseContext (hCryptProv, 0); + hCryptProv = 0; + } + + if (hDonTextFont != NULL) + { + DeleteObject (hDonTextFont); + hDonTextFont = NULL; + } +} + +static void InitWizardDestInstallPath (void) +{ + if (wcslen (WizardDestInstallPath) < 2) + { + StringCbCopyW (WizardDestInstallPath, sizeof(WizardDestInstallPath), InstallationPath); + if (WizardDestInstallPath [wcslen (WizardDestInstallPath) - 1] != L'\\') + { + StringCbCatW (WizardDestInstallPath, sizeof(WizardDestInstallPath), L"\\"); + } + } +} + +void LoadPage (HWND hwndDlg, int nPageNo) +{ + RECT rD, rW; + + if (hCurPage != NULL) + { + DestroyWindow (hCurPage); + } + + InvalidateRect (GetDlgItem (MainDlg, IDC_MAIN_CONTENT_CANVAS), NULL, TRUE); + + GetWindowRect (GetDlgItem (hwndDlg, IDC_POS_BOX), &rW); + + nCurPageNo = nPageNo; + + switch (nPageNo) + { + case INTRO_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INTRO_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case WIZARD_MODE_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_WIZARD_MODE_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case INSTALL_OPTIONS_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_INSTALL_OPTIONS_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case INSTALL_PROGRESS_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PROGRESS_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case EXTRACTION_OPTIONS_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_EXTRACTION_OPTIONS_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case EXTRACTION_PROGRESS_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PROGRESS_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + + case DONATIONS_PAGE: + hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_DONATIONS_PAGE_DLG), hwndDlg, + (DLGPROC) PageDialogProc); + break; + } + + rD.left = 15; + rD.top = 45; + rD.right = 0; + rD.bottom = 0; + MapDialogRect (hwndDlg, &rD); + + if (hCurPage != NULL) + { + MoveWindow (hCurPage, rD.left, rD.top, rW.right - rW.left, rW.bottom - rW.top, TRUE); + ShowWindow (hCurPage, SW_SHOWNORMAL); + } + + /* Refresh the graphics (white background of some texts, etc.) */ + RefreshUIGFX (); +} + + +static int GetDonVal (int minVal, int maxVal) +{ + static BOOL prngInitialized = FALSE; + static unsigned __int8 buffer [2]; + + if (!prngInitialized) + { + if (!CryptAcquireContext (&hCryptProv, NULL, NULL, PROV_RSA_FULL, 0) + && !CryptAcquireContext (&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET)) + OsPrngAvailable = FALSE; + else + OsPrngAvailable = TRUE; + + srand ((unsigned int) time (NULL)); + rand(); // Generate and discard the inital value, as it always appears to be somewhat non-random. + + prngInitialized = TRUE; + } + + if (OsPrngAvailable && CryptGenRandom (hCryptProv, sizeof (buffer), buffer) != 0) + { + return ((int) ((double) *((uint16 *) buffer) / (0xFFFF+1) * (maxVal + 1 - minVal)) + minVal); + } + else + return ((int) ((double) rand() / (RAND_MAX+1) * (maxVal + 1 - minVal)) + minVal); +} + + +/* Except in response to the WM_INITDIALOG message, the dialog box procedure + should return nonzero if it processes the message, and zero if it does + not. - see DialogProc */ +BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) +{ + static char PageDebugId[128]; + WORD lw = LOWORD (wParam); + WORD hw = HIWORD (wParam); + + hCurPage = hwndDlg; + + switch (uMsg) + { + case WM_INITDIALOG: + LocalizeDialog (hwndDlg, "IDD_INSTL_DLG"); + + StringCbPrintfA (PageDebugId, sizeof(PageDebugId), "SETUP_WIZARD_PAGE_%d", nCurPageNo); + LastDialogId = PageDebugId; + + switch (nCurPageNo) + { + case INTRO_PAGE: + { + char *licenseText = NULL; + + licenseText = GetLegalNotices (); + if (licenseText != NULL) + { + SetWindowTextA (GetDlgItem (hwndDlg, IDC_LICENSE_TEXT), licenseText); + free (licenseText); + } + else + { + Error("CANNOT_DISPLAY_LICENSE", hwndDlg); + exit (1); + } + + /* For legal reasons, some of the following texts cannot be localized by third parties. */ + + SetCheckBox (hwndDlg, IDC_AGREE, bLicenseAccepted); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), L"Please read the license terms"); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), L"You must accept these license terms before you can use, extract, or install VeraCrypt."); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), L"IMPORTANT: By checking the checkbox below, you accept these license terms and signify that you understand and agree to them. Please click the 'arrow down' icon to see the rest of the license."); // Cannot be localized by third parties (for legal reasons). + //SendMessage (GetDlgItem (hwndDlg, IDC_BOX_HELP), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_AGREE), L"I &accept the license terms"); // Cannot be localized by third parties (for legal reasons). + //SetWindowTextW (GetDlgItem (hwndDlg, IDC_DISAGREE), L"I &do not accept the license terms"); + + //SendMessage (GetDlgItem (hwndDlg, IDC_AGREE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + //SendMessage (GetDlgItem (hwndDlg, IDC_DISAGREE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + + EnableWindow (GetDlgItem (hwndDlg, IDC_AGREE), TRUE); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), bLicenseAccepted); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), bLicenseAccepted); + + // Left margin for license text + SendMessage (GetDlgItem (hwndDlg, IDC_LICENSE_TEXT), EM_SETMARGINS, (WPARAM) EC_LEFTMARGIN, (LPARAM) CompensateXDPI (4)); + } + return 1; + + case WIZARD_MODE_PAGE: + { + LONG driverVersion; + + DetermineUpgradeDowngradeStatus (TRUE, &driverVersion); + + if (bRepairMode || bReinstallMode) + { + SetWindowTextW (GetDlgItem (hwndDlg, IDC_WIZARD_MODE_INSTALL), GetString ("REPAIR_REINSTALL")); + bExtractOnly = FALSE; + } + else if (bUpgrade) + SetWindowTextW (GetDlgItem (hwndDlg, IDC_WIZARD_MODE_INSTALL), GetString ("UPGRADE")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SETUP_MODE_TITLE")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), GetString ("SETUP_MODE_INFO")); + + SendMessage (GetDlgItem (hwndDlg, IDC_WIZARD_MODE_INSTALL), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + SendMessage (GetDlgItem (hwndDlg, IDC_WIZARD_MODE_EXTRACT_ONLY), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + + CheckButton (GetDlgItem (hwndDlg, bExtractOnly ? IDC_WIZARD_MODE_EXTRACT_ONLY : IDC_WIZARD_MODE_INSTALL)); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SETUP_MODE_HELP_EXTRACT")); + + if (!bRepairMode) + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP2), GetString (bUpgrade ? "SETUP_MODE_HELP_UPGRADE" : "SETUP_MODE_HELP_INSTALL")); + + EnableWindow (GetDlgItem (hwndDlg, IDC_WIZARD_MODE_EXTRACT_ONLY), !bRepairMode); + EnableWindow (GetDlgItem (hwndDlg, IDC_BOX_HELP), !bRepairMode); + EnableWindow (GetDlgItem (hwndDlg, IDC_WIZARD_MODE_INSTALL), TRUE); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL")); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + } + return 1; + + case EXTRACTION_OPTIONS_PAGE: + + if (wcslen(WizardDestExtractPath) < 2) + { + StringCbCopyW (WizardDestExtractPath, sizeof(WizardDestExtractPath), SetupFilesDir); + StringCbCatNW (WizardDestExtractPath, sizeof(WizardDestExtractPath), L"VeraCrypt\\", ARRAYSIZE (WizardDestExtractPath) - wcslen (WizardDestExtractPath) - 1); + } + + SendMessage (GetDlgItem (hwndDlg, IDC_DESTINATION), EM_LIMITTEXT, TC_MAX_PATH - 1, 0); + + SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestExtractPath); + + SetCheckBox (hwndDlg, IDC_OPEN_CONTAINING_FOLDER, bOpenContainingFolder); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("EXTRACTION_OPTIONS_TITLE")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), GetString ("EXTRACTION_OPTIONS_INFO")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("AUTO_FOLDER_CREATION")); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("EXTRACT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); + + return 1; + + case EXTRACTION_PROGRESS_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("EXTRACTING_VERB")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), GetString ("EXTRACTION_PROGRESS_INFO")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + + if (bStartExtraction) + { + /* Start extraction */ + + LastDialogId = "EXTRACTION_IN_PROGRESS"; + + WaitCursor (); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), FALSE); + + if (WizardDestExtractPath [wcslen(WizardDestExtractPath)-1] != L'\\') + StringCbCatW (WizardDestExtractPath, sizeof(WizardDestExtractPath), L"\\"); + + StringCbCopyW (DestExtractPath, sizeof(DestExtractPath), WizardDestExtractPath); + + InitProgressBar (); + + bInProgress = TRUE; + bStartExtraction = FALSE; + + _beginthread (ExtractAllFilesThread, 0, (void *) hwndDlg); + } + else + { + NormalCursor (); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); + } + + return 1; + + case INSTALL_OPTIONS_PAGE: + { + LONG driverVersion; + + DetermineUpgradeDowngradeStatus (TRUE, &driverVersion); + + if (!bDesktopIconStatusDetermined) + { + bDesktopIcon = !bUpgrade; + bDesktopIconStatusDetermined = TRUE; + } + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SETUP_OPTIONS_TITLE")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), GetString ("SETUP_OPTIONS_INFO")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("AUTO_FOLDER_CREATION")); + + InitWizardDestInstallPath (); + + SendMessage (GetDlgItem (hwndDlg, IDC_DESTINATION), EM_LIMITTEXT, TC_MAX_PATH - 1, 0); + + SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestInstallPath); + + if (bUpgrade) + { + SetWindowTextW (GetDlgItem (hwndDlg, IDT_INSTALL_DESTINATION), GetString ("SETUP_UPGRADE_DESTINATION")); + EnableWindow (GetDlgItem (hwndDlg, IDC_DESTINATION), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_BROWSE), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_ALL_USERS), FALSE); + + wchar_t path[MAX_PATH]; + SHGetSpecialFolderPath (hwndDlg, path, CSIDL_COMMON_PROGRAMS, 0); + bForAllUsers = (_waccess ((wstring (path) + L"\\" _T(TC_APP_NAME)).c_str(), 0) == 0); + } + + // System Restore + SetCheckBox (hwndDlg, IDC_SYSTEM_RESTORE, bSystemRestore); + if (SystemRestoreDll == 0) + { + SetCheckBox (hwndDlg, IDC_SYSTEM_RESTORE, FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_SYSTEM_RESTORE), FALSE); + } + + SetCheckBox (hwndDlg, IDC_ALL_USERS, bForAllUsers); + SetCheckBox (hwndDlg, IDC_FILE_TYPE, bRegisterFileExt); + SetCheckBox (hwndDlg, IDC_PROG_GROUP, bAddToStartMenu); + SetCheckBox (hwndDlg, IDC_DESKTOP_ICON, bDesktopIcon); + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString (bUpgrade ? "UPGRADE" : "INSTALL")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); + } + return 1; + + case INSTALL_PROGRESS_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SETUP_PROGRESS_TITLE")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), GetString ("SETUP_PROGRESS_INFO")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV")); + + if (bStartInstall) + { + /* Start install */ + + LastDialogId = "INSTALL_IN_PROGRESS"; + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT")); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), FALSE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), FALSE); + + InitProgressBar (); + + if (WizardDestInstallPath [wcslen(WizardDestInstallPath)-1] != L'\\') + StringCbCatW (WizardDestInstallPath, sizeof(WizardDestInstallPath), L"\\"); + + StringCbCopyW (InstallationPath, sizeof(InstallationPath), WizardDestInstallPath); + + WaitCursor (); + + bInProgress = TRUE; + bStartInstall = FALSE; + + _beginthread (DoInstall, 0, (void *) hwndDlg); + } + else + { + NormalCursor (); + + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE); + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE); + + } + + return 1; + + case DONATIONS_PAGE: + + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bExtractOnly ? "EXTRACTION_FINISHED_TITLE_DON" : (bUpgrade ? "SETUP_FINISHED_UPGRADE_TITLE_DON" : "SETUP_FINISHED_TITLE_DON"))); + SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_INFO), GetString ("SETUP_FINISHED_INFO_DON")); + + DonText = L"Please consider making a donation."; + + + // Colors + + switch (DonColorSchemeId) + { + case 2: + // NOP - Default OS colors (foreground and background) + break; + + case 3: + // Red + DonTextColor = RGB (255, 255, 255); + DonBkgColor = RGB (255, 0, 0); + break; + + case 4: + // Yellow + DonTextColor = RGB (255, 15, 49); + DonBkgColor = RGB (255, 255, 0); + break; + + case 5: + // Light red + DonTextColor = RGB (255, 255, 255); + DonBkgColor = RGB (255, 141, 144); + break; + + case 6: + // Pink + DonTextColor = RGB (255, 255, 255); + DonBkgColor = RGB (248, 148, 207); + break; + + case 7: + // White + red text + DonTextColor = RGB (255, 15, 49); + DonBkgColor = RGB (255, 255, 255); + break; + + case 8: + // Blue + DonTextColor = RGB (255, 255, 255); + DonBkgColor = RGB (54, 140, 255); + break; + + case 9: + // Green + DonTextColor = RGB (255, 255, 255); + DonBkgColor = RGB (70, 180, 80); + break; + } + + { + // Font + + LOGFONTW lf; + memset (&lf, 0, sizeof(lf)); + + // Main font + StringCbCopyW (lf.lfFaceName, sizeof (lf.lfFaceName),L"Times New Roman"); + lf.lfHeight = CompensateDPIFont (-21); + lf.lfWeight = FW_NORMAL; + lf.lfWidth = 0; + lf.lfEscapement = 0; + lf.lfOrientation = 0; + lf.lfItalic = FALSE; + lf.lfUnderline = FALSE; + lf.lfStrikeOut = FALSE; + lf.lfCharSet = DEFAULT_CHARSET; + lf.lfOutPrecision = OUT_DEFAULT_PRECIS; + lf.lfClipPrecision = CLIP_DEFAULT_PRECIS; + lf.lfQuality = PROOF_QUALITY; + lf.lfPitchAndFamily = FF_DONTCARE; + hDonTextFont = CreateFontIndirectW (&lf); + + if (hDonTextFont == NULL) + AbortProcessSilent (); + } + + return 1; + } + + return 0; + + case WM_HELP: + if (bLicenseAccepted) + OpenPageHelp (GetParent (hwndDlg), nCurPageNo); + + return 1; + + case WM_ENDSESSION: + + bPromptTutorial = FALSE; + bPromptReleaseNotes = FALSE; + + EndDialog (MainDlg, 0); + localcleanup (); + return 0; + + + case WM_COMMAND: + + if (lw == IDC_AGREE && nCurPageNo == INTRO_PAGE) + { + EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), IsButtonChecked (GetDlgItem (hwndDlg, IDC_AGREE))); + return 1; + } + + if (lw == IDC_WIZARD_MODE_EXTRACT_ONLY && nCurPageNo == WIZARD_MODE_PAGE) + { + bExtractOnly = TRUE; + return 1; + } + + if (lw == IDC_WIZARD_MODE_INSTALL && nCurPageNo == WIZARD_MODE_PAGE) + { + bExtractOnly = FALSE; + return 1; + } + + if ( nCurPageNo == EXTRACTION_OPTIONS_PAGE && hw == EN_CHANGE ) + { + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), (GetWindowTextLength (GetDlgItem (hCurPage, IDC_DESTINATION)) > 1)); + return 1; + } + + if ( nCurPageNo == INSTALL_OPTIONS_PAGE && hw == EN_CHANGE ) + { + EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), (GetWindowTextLength (GetDlgItem (hCurPage, IDC_DESTINATION)) > 1)); + return 1; + } + + if ( nCurPageNo == EXTRACTION_OPTIONS_PAGE ) + { + switch (lw) + { + case IDC_BROWSE: + if (BrowseDirectories (hwndDlg, "SELECT_DEST_DIR", WizardDestExtractPath)) + { + if (WizardDestExtractPath [wcslen(WizardDestExtractPath)-1] != L'\\') + { + StringCbCatW (WizardDestExtractPath, sizeof(WizardDestExtractPath), L"\\"); + } + SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestExtractPath); + } + return 1; + + case IDC_OPEN_CONTAINING_FOLDER: + bOpenContainingFolder = IsButtonChecked (GetDlgItem (hCurPage, IDC_OPEN_CONTAINING_FOLDER)); + return 1; + } + } + + if ( nCurPageNo == INSTALL_OPTIONS_PAGE ) + { + switch (lw) + { + case IDC_BROWSE: + if (BrowseDirectories (hwndDlg, "SELECT_DEST_DIR", WizardDestInstallPath)) + { + if (WizardDestInstallPath [wcslen(WizardDestInstallPath)-1] != L'\\') + { + StringCbCatW (WizardDestInstallPath, sizeof(WizardDestInstallPath), L"\\"); + } + SetDlgItemText (hwndDlg, IDC_DESTINATION, WizardDestInstallPath); + } + return 1; + + case IDC_SYSTEM_RESTORE: + bSystemRestore = IsButtonChecked (GetDlgItem (hCurPage, IDC_SYSTEM_RESTORE)); + return 1; + + case IDC_ALL_USERS: + bForAllUsers = IsButtonChecked (GetDlgItem (hCurPage, IDC_ALL_USERS)); + return 1; + + case IDC_FILE_TYPE: + bRegisterFileExt = IsButtonChecked (GetDlgItem (hCurPage, IDC_FILE_TYPE)); + return 1; + + case IDC_PROG_GROUP: + bAddToStartMenu = IsButtonChecked (GetDlgItem (hCurPage, IDC_PROG_GROUP)); + return 1; + + case IDC_DESKTOP_ICON: + bDesktopIcon = IsButtonChecked (GetDlgItem (hCurPage, IDC_DESKTOP_ICON)); + return 1; + + } + } + + if (nCurPageNo == DONATIONS_PAGE) + { + switch (lw) + { + case IDC_DONATE: + { + char tmpstr [200]; + + StringCbPrintfA (tmpstr, sizeof(tmpstr), "&ref=%d", DonColorSchemeId); + + Applink ("donate", FALSE, tmpstr); + } + return 1; + } + } + + return 0; + + + case WM_PAINT: + + if (nCurPageNo == DONATIONS_PAGE) + { + PAINTSTRUCT tmpPaintStruct; + HDC hdc = BeginPaint (hCurPage, &tmpPaintStruct); + + if (hdc == NULL) + AbortProcessSilent (); + + SelectObject (hdc, hDonTextFont); + + if (DonColorSchemeId != 2) + { + HBRUSH tmpBrush = CreateSolidBrush (DonBkgColor); + + if (tmpBrush == NULL) + AbortProcessSilent (); + + RECT trect; + + trect.left = 0; + trect.right = CompensateXDPI (526); + trect.top = 0; + trect.bottom = CompensateYDPI (246); + + FillRect (hdc, &trect, tmpBrush); + + SetTextColor (hdc, DonTextColor); + SetBkColor (hdc, DonBkgColor); + } + + SetTextAlign(hdc, TA_CENTER); + + TextOutW (hdc, + CompensateXDPI (258), + CompensateYDPI (70), + DonText.c_str(), + DonText.length()); + + EndPaint (hCurPage, &tmpPaintStruct); + ReleaseDC (hCurPage, hdc); + } + return 0; + + } + + return 0; +} + +void InitProgressBar (void) +{ + HWND hProgressBar = GetDlgItem (hCurPage, nPbar); + SendMessage (hProgressBar, PBM_SETRANGE32, 0, 100); + SendMessage (hProgressBar, PBM_SETSTEP, 1, 0); + InvalidateRect (hProgressBar, NULL, TRUE); +} + +// Must always return TRUE +BOOL UpdateProgressBarProc (int nPercent) +{ + HWND hProgressBar = GetDlgItem (hCurPage, nPbar); + SendMessage (hProgressBar, PBM_SETPOS, (int) (100.0 * nPercent / 100), 0); + InvalidateRect (hProgressBar, NULL, TRUE); + ShowWindow(hProgressBar, SW_HIDE); + ShowWindow(hProgressBar, SW_SHOW); + // Prevent the IDC_LOG_WINDOW item from partially disappearing at higher DPIs + ShowWindow(GetDlgItem (hCurPage, IDC_LOG_WINDOW), SW_HIDE); + ShowWindow(GetDlgItem (hCurPage, IDC_LOG_WINDOW), SW_SHOW); + RefreshUIGFX(); + return TRUE; +} + +void RefreshUIGFX (void) +{ + InvalidateRect (GetDlgItem (MainDlg, IDC_SETUP_WIZARD_BKG), NULL, TRUE); + InvalidateRect (GetDlgItem (MainDlg, IDC_BOX_TITLE), NULL, TRUE); + InvalidateRect (GetDlgItem (MainDlg, IDC_BOX_INFO), NULL, TRUE); + InvalidateRect (GetDlgItem (MainDlg, IDC_BITMAP_SETUP_WIZARD), NULL, TRUE); + InvalidateRect (GetDlgItem (MainDlg, IDC_HR), NULL, TRUE); + // Prevent these items from disappearing at higher DPIs + ShowWindow(GetDlgItem(MainDlg, IDC_HR), SW_HIDE); + ShowWindow(GetDlgItem(MainDlg, IDC_HR), SW_SHOW); + ShowWindow(GetDlgItem(MainDlg, IDC_HR_BOTTOM), SW_HIDE); + ShowWindow(GetDlgItem(MainDlg, IDC_HR_BOTTOM), SW_SHOW); + ShowWindow(GetDlgItem(MainDlg, IDC_BOX_INFO), SW_HIDE); + ShowWindow(GetDlgItem(MainDlg, IDC_BOX_INFO), SW_SHOW); + ShowWindow(GetDlgItem(MainDlg, IDC_BOX_TITLE), SW_HIDE); + ShowWindow(GetDlgItem(MainDlg, IDC_BOX_TITLE), SW_SHOW); +} + + +/* Except in response to the WM_INITDIALOG message, the dialog box procedure + should return nonzero if it processes the message, and zero if it does + not. - see DialogProc */ +BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) +{ + WORD lw = LOWORD (wParam); + + switch (uMsg) + { + case WM_INITDIALOG: + { + RECT rec; + + GetModuleFileName (NULL, SelfFile, ARRAYSIZE (SelfFile)); + + MainDlg = hwndDlg; + + if (!CreateAppSetupMutex ()) + AbortProcess ("TC_INSTALLER_IS_RUNNING"); + + InitDialog (hwndDlg); + LocalizeDialog (hwndDlg, "IDD_INSTL_DLG"); + + // Resize the bitmap if the user has a non-default DPI + if (ScreenDPI != USER_DEFAULT_SCREEN_DPI) + { + hbmWizardBitmapRescaled = RenderBitmap (MAKEINTRESOURCE (IDB_SETUP_WIZARD), + GetDlgItem (hwndDlg, IDC_BITMAP_SETUP_WIZARD), + 0, 0, 0, 0, FALSE, TRUE); + } + + // Gfx area background (must not keep aspect ratio; must retain Windows-imposed distortion) + GetClientRect (GetDlgItem (hwndDlg, IDC_SETUP_WIZARD_GFX_AREA), &rec); + SetWindowPos (GetDlgItem (hwndDlg, IDC_SETUP_WIZARD_BKG), HWND_TOP, 0, 0, rec.right, rec.bottom, SWP_NOMOVE); + + nPbar = IDC_PROGRESS_BAR; + + SendMessage (GetDlgItem (hwndDlg, IDC_BOX_TITLE), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE); + + SetWindowText (hwndDlg, L"VeraCrypt Setup " _T(VERSION_STRING)); + + DonColorSchemeId = GetDonVal (2, 9); + + if (bDevm) + { + InitWizardDestInstallPath (); + bSystemRestore = FALSE; + bRegisterFileExt = FALSE; + bAddToStartMenu = FALSE; + bDesktopIcon = TRUE; + bLicenseAccepted = TRUE; + bStartInstall = TRUE; + LoadPage (hwndDlg, INSTALL_PROGRESS_PAGE); + } + else + LoadPage (hwndDlg, INTRO_PAGE); + + } + return 0; + + case WM_SYSCOMMAND: + if (lw == IDC_ABOUT) + { + if (bLicenseAccepted) + DialogBoxW (hInst, MAKEINTRESOURCEW (IDD_ABOUT_DLG), hwndDlg, (DLGPROC) AboutDlgProc); + + return 1; + } + return 0; + + case WM_HELP: + if (bLicenseAccepted) + OpenPageHelp (hwndDlg, nCurPageNo); + + return 1; + + + case WM_COMMAND: + if (lw == IDHELP) + { + if (bLicenseAccepted) + OpenPageHelp (hwndDlg, nCurPageNo); + + return 1; + } + if (lw == IDCANCEL) + { + PostMessage (hwndDlg, WM_CLOSE, 0, 0); + return 1; + } + if (lw == IDC_NEXT) + { + if (nCurPageNo == INTRO_PAGE) + { + if (!IsButtonChecked (GetDlgItem (hCurPage, IDC_AGREE))) + { + bLicenseAccepted = FALSE; + return 1; + } + bLicenseAccepted = TRUE; + EnableWindow (GetDlgItem (hwndDlg, IDHELP), TRUE); + + if (nCurrentOS == WIN_2000) + { + WarningDirect (L"Warning: Please note that this may be the last version of VeraCrypt that supports Windows 2000. If you want to be able to upgrade to future versions of VeraCrypt (which is highly recommended), you will need to upgrade to Windows XP or a later version of Windows.\n\nNote: Microsoft stopped issuing security updates for Windows 2000 to the general public on 7/13/2010 (the last non-security update for Windows 2000 was issued to the general public in 2005).", hwndDlg); + + + HKEY hkey; + + if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Updates\\Windows 2000\\SP5\\Update Rollup 1", 0, KEY_READ, &hkey) != ERROR_SUCCESS) + { + ErrorDirect (L"VeraCrypt requires Update Rollup 1 for Windows 2000 SP4 to be installed.\n\nFor more information, see http://support.microsoft.com/kb/891861", hwndDlg); + AbortProcessSilent (); + } + + RegCloseKey (hkey); + } + } + + else if (nCurPageNo == WIZARD_MODE_PAGE) + { + if (IsButtonChecked (GetDlgItem (hCurPage, IDC_WIZARD_MODE_EXTRACT_ONLY))) + { + Info ("TRAVELER_LIMITATIONS_NOTE", hwndDlg); + + if (IsUacSupported() + && AskWarnYesNo ("TRAVELER_UAC_NOTE", hwndDlg) == IDNO) + { + return 1; + } + + bExtractOnly = TRUE; + nCurPageNo = EXTRACTION_OPTIONS_PAGE - 1; + } + } + + else if (nCurPageNo == EXTRACTION_OPTIONS_PAGE) + { + GetWindowText (GetDlgItem (hCurPage, IDC_DESTINATION), WizardDestExtractPath, ARRAYSIZE (WizardDestExtractPath)); + + bStartExtraction = TRUE; + } + + else if (nCurPageNo == INSTALL_OPTIONS_PAGE) + { + GetWindowText (GetDlgItem (hCurPage, IDC_DESTINATION), WizardDestInstallPath, ARRAYSIZE (WizardDestInstallPath)); + + bStartInstall = TRUE; + } + + else if (nCurPageNo == INSTALL_PROGRESS_PAGE) + { + PostMessage (hwndDlg, WM_CLOSE, 0, 0); + return 1; + } + + else if (nCurPageNo == EXTRACTION_PROGRESS_PAGE) + { + PostMessage (hwndDlg, WM_CLOSE, 0, 0); + return 1; + } + + else if (nCurPageNo == DONATIONS_PAGE) + { + // 'Finish' button clicked + + PostMessage (hwndDlg, WM_CLOSE, 0, 0); + + return 1; + } + + LoadPage (hwndDlg, ++nCurPageNo); + + return 1; + } + + if (lw == IDC_PREV) + { + if (nCurPageNo == WIZARD_MODE_PAGE) + { + bExtractOnly = IsButtonChecked (GetDlgItem (hCurPage, IDC_WIZARD_MODE_EXTRACT_ONLY)); + } + + else if (nCurPageNo == EXTRACTION_OPTIONS_PAGE) + { + GetWindowText (GetDlgItem (hCurPage, IDC_DESTINATION), WizardDestExtractPath, ARRAYSIZE (WizardDestExtractPath)); + nCurPageNo = WIZARD_MODE_PAGE + 1; + } + + else if (nCurPageNo == INSTALL_OPTIONS_PAGE) + { + GetWindowText (GetDlgItem (hCurPage, IDC_DESTINATION), WizardDestInstallPath, ARRAYSIZE (WizardDestInstallPath)); + } + + LoadPage (hwndDlg, --nCurPageNo); + + return 1; + } + + return 0; + + + + case WM_PAINT: + + if (nCurPageNo == DONATIONS_PAGE && DonColorSchemeId != 2) + { + HWND hwndItem = GetDlgItem (MainDlg, IDC_MAIN_CONTENT_CANVAS); + + PAINTSTRUCT tmpPaintStruct; + HDC hdc = BeginPaint (hwndItem, &tmpPaintStruct); + + if (DonColorSchemeId != 2) + { + HBRUSH tmpBrush = CreateSolidBrush (DonBkgColor); + + RECT trect; + + trect.left = CompensateXDPI (1); + trect.right = CompensateXDPI (560); + trect.top = CompensateYDPI (DonColorSchemeId == 7 ? 11 : 0); + trect.bottom = CompensateYDPI (260); + + FillRect (hdc, &trect, tmpBrush); + } + + EndPaint(hwndItem, &tmpPaintStruct); + ReleaseDC (hwndItem, hdc); + } + return 0; + + + + case WM_CTLCOLORSTATIC: + + if ((HWND) lParam != GetDlgItem (MainDlg, IDC_MAIN_CONTENT_CANVAS)) + { + /* This maintains the background under the transparent-backround texts. The above 'if' statement allows + colored background to be erased automatically when leaving a page that uses it. */ + + SetBkMode ((HDC) wParam, TRANSPARENT); + return ((LONG) (HBRUSH) (GetStockObject (NULL_BRUSH))); + } + + + case WM_ERASEBKGND: + + return 0; + + + + case TC_APPMSG_INSTALL_SUCCESS: + + /* Installation completed successfully */ + + bInProgress = FALSE; + + nCurPageNo = DONATIONS_PAGE; + LoadPage (hwndDlg, DONATIONS_PAGE); + + NormalCursor (); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_NEXT), GetString ("FINALIZE")); + + EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDHELP), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), FALSE); + + + RefreshUIGFX (); + return 1; + + case TC_APPMSG_INSTALL_FAILURE: + + /* Installation failed */ + + bInProgress = FALSE; + + NormalCursor (); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_TITLE), GetString ("INSTALL_FAILED")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_INFO), L""); + + SetWindowTextW (GetDlgItem (hwndDlg, IDCANCEL), GetString ("IDCLOSE")); + EnableWindow (GetDlgItem (hwndDlg, IDHELP), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), TRUE); + + RefreshUIGFX(); + + return 1; + + case TC_APPMSG_EXTRACTION_SUCCESS: + + /* Extraction completed successfully */ + + UpdateProgressBarProc(100); + + bInProgress = FALSE; + bExtractionSuccessful = TRUE; + + NormalCursor (); + + StatusMessage (hCurPage, "EXTRACTION_FINISHED_INFO"); + + EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDHELP), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), FALSE); + + RefreshUIGFX (); + + Info ("EXTRACTION_FINISHED_INFO", hwndDlg); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_NEXT), GetString ("FINALIZE")); + + nCurPageNo = DONATIONS_PAGE; + LoadPage (hwndDlg, DONATIONS_PAGE); + + return 1; + + case TC_APPMSG_EXTRACTION_FAILURE: + + /* Extraction failed */ + + bInProgress = FALSE; + + NormalCursor (); + + StatusMessage (hCurPage, "EXTRACTION_FAILED"); + + UpdateProgressBarProc(0); + + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_TITLE), GetString ("EXTRACTION_FAILED")); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_INFO), L""); + + SetWindowTextW (GetDlgItem (hwndDlg, IDCANCEL), GetString ("IDCLOSE")); + EnableWindow (GetDlgItem (hwndDlg, IDHELP), TRUE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PREV), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_NEXT), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDCANCEL), TRUE); + + RefreshUIGFX(); + + Error ("EXTRACTION_FAILED", hwndDlg); + + return 1; + + case WM_CLOSE: + + if (!bDevm) + { + if (bInProgress) + { + NormalCursor(); + if (AskNoYes("CONFIRM_EXIT_UNIVERSAL", hwndDlg) == IDNO) + { + return 1; + } + WaitCursor (); + } + + if (bOpenContainingFolder && bExtractOnly && bExtractionSuccessful) + { + ShellExecute (NULL, L"open", WizardDestExtractPath, NULL, NULL, SW_SHOWNORMAL); + } + else + { + if (bPromptReleaseNotes + && AskYesNo ("AFTER_UPGRADE_RELEASE_NOTES", hwndDlg) == IDYES) + { + Applink ("releasenotes", TRUE, ""); + } + + bPromptReleaseNotes = FALSE; + + if (bPromptTutorial + && AskYesNo ("AFTER_INSTALL_TUTORIAL", hwndDlg) == IDYES) + { + Applink ("beginnerstutorial", TRUE, ""); + } + + bPromptTutorial = FALSE; + } + + if (bRestartRequired + && AskYesNo (bUpgrade ? "UPGRADE_OK_REBOOT_REQUIRED" : "CONFIRM_RESTART", hwndDlg) == IDYES) + { + RestartComputer(); + } + } + + EndDialog (hwndDlg, IDCANCEL); + return 1; + } + + return 0; +} + + diff --git a/src/Setup/Wizard.h b/src/Setup/Wizard.h index fefc297f..3d178e24 100644 --- a/src/Setup/Wizard.h +++ b/src/Setup/Wizard.h @@ -1,31 +1,31 @@ -/* - Legal Notice: Some portions of the source code contained in this file were - derived from the source code of TrueCrypt 7.1a, which is - Copyright (c) 2003-2012 TrueCrypt Developers Association and which is - governed by the TrueCrypt License 3.0, also from the source code of - Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux - and which is governed by the 'License Agreement for Encryption for the Masses' - Modifications and additions to the original source code (contained in this file) - and all other portions of this file are Copyright (c) 2013-2016 IDRIX - and are governed by the Apache License 2.0 the full text of which is - contained in the file License.txt included in VeraCrypt binary and source - code distribution packages. */ - -#ifdef __cplusplus -extern "C" { -#endif - -void InitProgressBar (void); -BOOL UpdateProgressBarProc (int nPercent); -void RefreshUIGFX (void); -void localcleanupwiz (void); - -BOOL CALLBACK PageDialogProc ( HWND hwndDlg , UINT uMsg , WPARAM wParam , LPARAM lParam ); -BOOL CALLBACK MainDialogProc ( HWND hwndDlg , UINT uMsg , WPARAM wParam , LPARAM lParam ); - -extern BOOL bPromptTutorial; -extern BOOL bPromptReleaseNotes; - -#ifdef __cplusplus -} -#endif +/* + Legal Notice: Some portions of the source code contained in this file were + derived from the source code of TrueCrypt 7.1a, which is + Copyright (c) 2003-2012 TrueCrypt Developers Association and which is + governed by the TrueCrypt License 3.0, also from the source code of + Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux + and which is governed by the 'License Agreement for Encryption for the Masses' + Modifications and additions to the original source code (contained in this file) + and all other portions of this file are Copyright (c) 2013-2016 IDRIX + and are governed by the Apache License 2.0 the full text of which is + contained in the file License.txt included in VeraCrypt binary and source + code distribution packages. */ + +#ifdef __cplusplus +extern "C" { +#endif + +void InitProgressBar (void); +BOOL UpdateProgressBarProc (int nPercent); +void RefreshUIGFX (void); +void localcleanupwiz (void); + +BOOL CALLBACK PageDialogProc ( HWND hwndDlg , UINT uMsg , WPARAM wParam , LPARAM lParam ); +BOOL CALLBACK MainDialogProc ( HWND hwndDlg , UINT uMsg , WPARAM wParam , LPARAM lParam ); + +extern BOOL bPromptTutorial; +extern BOOL bPromptReleaseNotes; + +#ifdef __cplusplus +} +#endif diff --git a/src/Signing/GlobalSign_R1Cross.cer b/src/Signing/GlobalSign_R1Cross.cer index 9274e71e..d90a4800 100644 --- a/src/Signing/GlobalSign_R1Cross.cer +++ b/src/Signing/GlobalSign_R1Cross.cer @@ -1,26 +1,26 @@ ------BEGIN CERTIFICATE----- -MIIEXTCCA0WgAwIBAgILBAAAAAABJQcd+a8wDQYJKoZIhvcNAQELBQAwVzELMAkG -A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv -b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0wOTExMTgxMDAw -MDBaFw0xOTAzMTgxMDAwMDBaMEwxIDAeBgNVBAsTF0dsb2JhbFNpZ24gUm9vdCBD -QSAtIFIzMRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCV2kHkGeCIW9cCDtoTK -KJ79BXYRxa2IcvxGAkPHsoqdBF8kyy5L4WCCRuFSqwyBR3Bs3WTR6/Usow+CPQwr -rpfXthSGEHm7OxOAd4wI4UnSamIvH176lmjfiSeVOJ8G1z7JyyZZDXPesMjpJg6D -FcbvW4vSBGDKSaYo9mk79svIKJHlnYphVzesdBTcdOA67nIvLpz70Lu/9T0A4QYz -6IIrrlOmOhZzjN1BDiA6wLSnoemyT5AuMmDpV8u5BJJoaOU4JmB1sp93/5EU764g -SfytQBVI0QIxYRleuJfvrXe3ZJp6v1/BE++bYvsNbOBUaRapA9pu6YOTcXbGaYWC -FwIDAQABo4IBMzCCAS8wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w -HQYDVR0OBBYEFI/wS3+oLkUkrk1Q+mOai97i3Ru8MEYGA1UdIAQ/MD0wOwYEVR0g -ADAzMDEGCCsGAQUFBwIBFiVodHRwOi8vd3d3Lmdsb2JhbHNpZ24ubmV0L3JlcG9z -aXRvcnkvMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5u -ZXQvcm9vdC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzABhjNodHRwOi8v -b2NzcC5nbG9iYWxzaWduLmNvbS9FeHRlbmRlZFNTTFNIQTI1NkNBQ3Jvc3MwHwYD -VR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswDQYJKoZIhvcNAQELBQADggEB -AEJSqX6iz1s7y0vduvhXWdMkpHdy72JEN4LtBu4E1RZfJKMU3GxUBWqwmz3agTna -rSjblW+Bg/XNYrFFJLHdKeUIVJWVjPAdBl8a1kY/E0AXSBEWm0dN0Tq1D1cckjDQ -+LIlOwrN9of5x7JX0z99pYwUzpyox59Gk9pZ+nldZSA1RFpPwZCdwVSSVtw0yPXB -A9BdwFlInAD8laDx0Xb3FjbIE5J/LSvAuIDxJiYfQU1Svx6XuwGCCOcV9sHVNCrM -9eTDh3pXgeHW10KGYgF34qnEeob0BDh6B2p9AOxz96gLNHjFnrPvuDhADowzU8h1 -7F8+6nVe/4IOdBXcGQXzujE= ------END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEXTCCA0WgAwIBAgILBAAAAAABJQcd+a8wDQYJKoZIhvcNAQELBQAwVzELMAkG +A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv +b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0wOTExMTgxMDAw +MDBaFw0xOTAzMTgxMDAwMDBaMEwxIDAeBgNVBAsTF0dsb2JhbFNpZ24gUm9vdCBD +QSAtIFIzMRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCV2kHkGeCIW9cCDtoTK +KJ79BXYRxa2IcvxGAkPHsoqdBF8kyy5L4WCCRuFSqwyBR3Bs3WTR6/Usow+CPQwr +rpfXthSGEHm7OxOAd4wI4UnSamIvH176lmjfiSeVOJ8G1z7JyyZZDXPesMjpJg6D +FcbvW4vSBGDKSaYo9mk79svIKJHlnYphVzesdBTcdOA67nIvLpz70Lu/9T0A4QYz +6IIrrlOmOhZzjN1BDiA6wLSnoemyT5AuMmDpV8u5BJJoaOU4JmB1sp93/5EU764g +SfytQBVI0QIxYRleuJfvrXe3ZJp6v1/BE++bYvsNbOBUaRapA9pu6YOTcXbGaYWC +FwIDAQABo4IBMzCCAS8wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w +HQYDVR0OBBYEFI/wS3+oLkUkrk1Q+mOai97i3Ru8MEYGA1UdIAQ/MD0wOwYEVR0g +ADAzMDEGCCsGAQUFBwIBFiVodHRwOi8vd3d3Lmdsb2JhbHNpZ24ubmV0L3JlcG9z +aXRvcnkvMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5u +ZXQvcm9vdC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzABhjNodHRwOi8v +b2NzcC5nbG9iYWxzaWduLmNvbS9FeHRlbmRlZFNTTFNIQTI1NkNBQ3Jvc3MwHwYD +VR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswDQYJKoZIhvcNAQELBQADggEB +AEJSqX6iz1s7y0vduvhXWdMkpHdy72JEN4LtBu4E1RZfJKMU3GxUBWqwmz3agTna +rSjblW+Bg/XNYrFFJLHdKeUIVJWVjPAdBl8a1kY/E0AXSBEWm0dN0Tq1D1cckjDQ ++LIlOwrN9of5x7JX0z99pYwUzpyox59Gk9pZ+nldZSA1RFpPwZCdwVSSVtw0yPXB +A9BdwFlInAD8laDx0Xb3FjbIE5J/LSvAuIDxJiYfQU1Svx6XuwGCCOcV9sHVNCrM +9eTDh3pXgeHW10KGYgF34qnEeob0BDh6B2p9AOxz96gLNHjFnrPvuDhADowzU8h1 +7F8+6nVe/4IOdBXcGQXzujE= +-----END CERTIFICATE----- diff --git a/src/Signing/GlobalSign_Root_CA_MS_Cross_Cert.crt b/src/Signing/GlobalSign_Root_CA_MS_Cross_Cert.crt index 32c4b620..c66b91d2 100644 --- a/src/Signing/GlobalSign_Root_CA_MS_Cross_Cert.crt +++ b/src/Signing/GlobalSign_Root_CA_MS_Cross_Cert.crt @@ -1,30 +1,30 @@ ------BEGIN CERTIFICATE----- -MIIFJjCCAw6gAwIBAgIKYSkVJwAAAAAAKjANBgkqhkiG9w0BAQUFADB/MQswCQYD -VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe -MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSkwJwYDVQQDEyBNaWNyb3Nv -ZnQgQ29kZSBWZXJpZmljYXRpb24gUm9vdDAeFw0xMTA0MTUxOTU1MDhaFw0yMTA0 -MTUyMDA1MDhaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52 -LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxTaWduIFJvb3Qg -Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZjc6j40+Kfvvx -i4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6scTHAH -oT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4 -bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVt -bNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlw -R5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N89iFo7+ryUp9/ -k5DPAgMBAAGjgcswgcgwEQYDVR0gBAowCDAGBgRVHSAAMAsGA1UdDwQEAwIBhjAP -BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzAf -BgNVHSMEGDAWgBRi+wohW39DbhHaCVRQa/XSlnHxnjBVBgNVHR8ETjBMMEqgSKBG -hkRodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNy -b3NvZnRDb2RlVmVyaWZSb290LmNybDANBgkqhkiG9w0BAQUFAAOCAgEAX/jQZXRq -gcamylsDtpFK6Eu97yuhQvDvtKWtzTOJ7AuVhaxiUBEIqljSWqCDEOWmM3ryWvLF -/nh88JyD3xkK2XOWAC3WLM3pFNQdneg/PBp295BO+wE1CmyTE6DDVutnoOTRepbe -wmfxkPgKe/UyG5TsX3UfjRs02mxYp8stJ54iJrfJqjDMB3e4NuOCAbU5PMyN2adf -fyOzh3/bV5iRi9fOJSDjnWRP3Yf3K2hJAxjgpd98X2hkTTaDjUeB8ungqGmr+nsW -PAWkSeqIMBkKbHMFUXjf1B3dOtR/LeROVL6DQx56dDO0pOvXcHO8KgKYiWbu9ryP -dJN44ykCWlpD4ljOfM+aytI2iTviX9omBU7I1OcskQ4Xl8W+7osTESMjKU/6g9BQ -9rr61T2zFz30/wNKoyXc5nVh0fo1CGvWJ0TQaLeNReDrhSzIoV1hRHQWDllYrtK1 -7qW81tcHarYpeP2XZ2fdjU8XlE/S7QyvlyQ3w6Kcgdpr4UO2V3tM7L95Exnnn+hE -6UeBt15wHpH4PdF7J/ULcFZDSAXdqS+rhhAdCxLjGtBMbnXe1kWzC3SIh5NcVkpB -Apr3rreZ2LZ/iPoR8kV89NcbkcAc8aD71AgKQRoUKs706zRIbmaHntVLejl/uw49 -OGHPc1cG5BIGa9lrUwjNcBjCLU+XRpG8qfA= ------END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFJjCCAw6gAwIBAgIKYSkVJwAAAAAAKjANBgkqhkiG9w0BAQUFADB/MQswCQYD +VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe +MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSkwJwYDVQQDEyBNaWNyb3Nv +ZnQgQ29kZSBWZXJpZmljYXRpb24gUm9vdDAeFw0xMTA0MTUxOTU1MDhaFw0yMTA0 +MTUyMDA1MDhaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52 +LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxTaWduIFJvb3Qg +Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZjc6j40+Kfvvx +i4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6scTHAH +oT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4 +bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVt +bNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlw +R5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N89iFo7+ryUp9/ +k5DPAgMBAAGjgcswgcgwEQYDVR0gBAowCDAGBgRVHSAAMAsGA1UdDwQEAwIBhjAP +BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzAf +BgNVHSMEGDAWgBRi+wohW39DbhHaCVRQa/XSlnHxnjBVBgNVHR8ETjBMMEqgSKBG +hkRodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNy +b3NvZnRDb2RlVmVyaWZSb290LmNybDANBgkqhkiG9w0BAQUFAAOCAgEAX/jQZXRq +gcamylsDtpFK6Eu97yuhQvDvtKWtzTOJ7AuVhaxiUBEIqljSWqCDEOWmM3ryWvLF +/nh88JyD3xkK2XOWAC3WLM3pFNQdneg/PBp295BO+wE1CmyTE6DDVutnoOTRepbe +wmfxkPgKe/UyG5TsX3UfjRs02mxYp8stJ54iJrfJqjDMB3e4NuOCAbU5PMyN2adf +fyOzh3/bV5iRi9fOJSDjnWRP3Yf3K2hJAxjgpd98X2hkTTaDjUeB8ungqGmr+nsW +PAWkSeqIMBkKbHMFUXjf1B3dOtR/LeROVL6DQx56dDO0pOvXcHO8KgKYiWbu9ryP +dJN44ykCWlpD4ljOfM+aytI2iTviX9omBU7I1OcskQ4Xl8W+7osTESMjKU/6g9BQ +9rr61T2zFz30/wNKoyXc5nVh0fo1CGvWJ0TQaLeNReDrhSzIoV1hRHQWDllYrtK1 +7qW81tcHarYpeP2XZ2fdjU8XlE/S7QyvlyQ3w6Kcgdpr4UO2V3tM7L95Exnnn+hE +6UeBt15wHpH4PdF7J/ULcFZDSAXdqS+rhhAdCxLjGtBMbnXe1kWzC3SIh5NcVkpB +Apr3rreZ2LZ/iPoR8kV89NcbkcAc8aD71AgKQRoUKs706zRIbmaHntVLejl/uw49 +OGHPc1cG5BIGa9lrUwjNcBjCLU+XRpG8qfA= +-----END CERTIFICATE----- diff --git a/src/Signing/Thawt_CodeSigning_CA.crt b/src/Signing/Thawt_CodeSigning_CA.crt index e46f7b48..8a257922 100644 --- a/src/Signing/Thawt_CodeSigning_CA.crt +++ b/src/Signing/Thawt_CodeSigning_CA.crt @@ -1,27 +1,27 @@ ------BEGIN CERTIFICATE----- -MIIEnDCCA4SgAwIBAgIQR5dNeHOlvKsNL7NwGS/OXjANBgkqhkiG9w0BAQUFADCB -qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf -Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw -MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV -BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTAwMjA4MDAwMDAwWhcNMjAw -MjA3MjM1OTU5WjBKMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMu -MSQwIgYDVQQDExtUaGF3dGUgQ29kZSBTaWduaW5nIENBIC0gRzIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3i891W58l2n45sJPbONOpI9CC+ukkflwL -joP45npZ5qPFmKeZ0kT/AKalOQSK2imI6tui8xyZFSbCsfT84QxHqQkRBgogkrnH -oASMXJQZq1slLB1ifnANzmFs3SuCyc5dSF/3wr68QSMeTyld10+89MUq/GPmfCZO -mad5QZ4QSnp5ycaG94aV0ibOPBgq1nzOr82tu/eCLHAmN0XlD0cixgEovS6DXGqk -R8Hn0NhrgUY/IRf1B8VDWqZnLLh7YBG1g+71dApycUQ9WP7oGqs4w1nbf244fXbH -cmmYNpZX02Yc0lSRBC5UGbDcPbUiXobVKn4g313merFl/sUCTjEtAgMBAAGjggEc -MIIBGDASBgNVHRMBAf8ECDAGAQH/AgEAMDQGA1UdHwQtMCswKaAnoCWGI2h0dHA6 -Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQQ0EuY3JsMA4GA1UdDwEB/wQEAwIBBjAy -BggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnRoYXd0ZS5j -b20wHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMDMCkGA1UdEQQiMCCkHjAc -MRowGAYDVQQDExFWZXJpU2lnbk1QS0ktMi0xMDAdBgNVHQ4EFgQU1A1lP3q9NMb+ -R+dMDcC98t4Vq3EwHwYDVR0jBBgwFoAUe1tFz6/Oy3r9MZIaarbzRutXSFAwDQYJ -KoZIhvcNAQEFBQADggEBAFb+U1zhx568p+1+U21qFEtRjEBegF+qpOgv7zjIBMnK -Ps/fOlhOsNS2Y8UpV/oCBZpFTWjbKhvUND2fAMNay5VJpW7hsMX8QU1BSm/Td8jX -OI3kGd4Y8x8VZYNtRQxT+QqaLqVdv28ygRiSGWpVAK1jHFIGflXZKWiuSnwYmnmI -ayMj2Cc4KimHdsr7x7ZiIx/telZM3ZwyW/U9DEYYlTsqI2iDZEHZAG0PGSQVaHK9 -xXFnbqxM25DrUaUaYgfQvmoARzxyL+xPYT5zhc5aCre6wBwTdeMiOSjdbR0JRp1P -uuhAgZHGpM6UchsBzypuFWeVia59t7fN+Qo9dbZrPCU= +-----BEGIN CERTIFICATE----- +MIIEnDCCA4SgAwIBAgIQR5dNeHOlvKsNL7NwGS/OXjANBgkqhkiG9w0BAQUFADCB +qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf +Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw +MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV +BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTAwMjA4MDAwMDAwWhcNMjAw +MjA3MjM1OTU5WjBKMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMu +MSQwIgYDVQQDExtUaGF3dGUgQ29kZSBTaWduaW5nIENBIC0gRzIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3i891W58l2n45sJPbONOpI9CC+ukkflwL +joP45npZ5qPFmKeZ0kT/AKalOQSK2imI6tui8xyZFSbCsfT84QxHqQkRBgogkrnH +oASMXJQZq1slLB1ifnANzmFs3SuCyc5dSF/3wr68QSMeTyld10+89MUq/GPmfCZO +mad5QZ4QSnp5ycaG94aV0ibOPBgq1nzOr82tu/eCLHAmN0XlD0cixgEovS6DXGqk +R8Hn0NhrgUY/IRf1B8VDWqZnLLh7YBG1g+71dApycUQ9WP7oGqs4w1nbf244fXbH +cmmYNpZX02Yc0lSRBC5UGbDcPbUiXobVKn4g313merFl/sUCTjEtAgMBAAGjggEc +MIIBGDASBgNVHRMBAf8ECDAGAQH/AgEAMDQGA1UdHwQtMCswKaAnoCWGI2h0dHA6 +Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQQ0EuY3JsMA4GA1UdDwEB/wQEAwIBBjAy +BggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnRoYXd0ZS5j +b20wHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMDMCkGA1UdEQQiMCCkHjAc +MRowGAYDVQQDExFWZXJpU2lnbk1QS0ktMi0xMDAdBgNVHQ4EFgQU1A1lP3q9NMb+ +R+dMDcC98t4Vq3EwHwYDVR0jBBgwFoAUe1tFz6/Oy3r9MZIaarbzRutXSFAwDQYJ +KoZIhvcNAQEFBQADggEBAFb+U1zhx568p+1+U21qFEtRjEBegF+qpOgv7zjIBMnK +Ps/fOlhOsNS2Y8UpV/oCBZpFTWjbKhvUND2fAMNay5VJpW7hsMX8QU1BSm/Td8jX +OI3kGd4Y8x8VZYNtRQxT+QqaLqVdv28ygRiSGWpVAK1jHFIGflXZKWiuSnwYmnmI +ayMj2Cc4KimHdsr7x7ZiIx/telZM3ZwyW/U9DEYYlTsqI2iDZEHZAG0PGSQVaHK9 +xXFnbqxM25DrUaUaYgfQvmoARzxyL+xPYT5zhc5aCre6wBwTdeMiOSjdbR0JRp1P +uuhAgZHGpM6UchsBzypuFWeVia59t7fN+Qo9dbZrPCU= -----END CERTIFICATE----- \ No newline at end of file diff --git a/src/Signing/sign.bat b/src/Signing/sign.bat index bf53325c..a163dac5 100644 --- a/src/Signing/sign.bat +++ b/src/Signing/sign.bat @@ -1,27 +1,27 @@ -PATH=%PATH%;%WSDK81%\bin\x86 - -rem sign using SHA-1 -signtool sign /v /a /n IDRIX /i Thawte /ac thawte_Primary_MS_Cross_Cert.cer /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" -signtool sign /v /a /n IDRIX /i Thawte /ac Thawt_CodeSigning_CA.crt /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" - -rem sign using SHA-256 -signtool sign /v /a /n "IDRIX SARL" /i GlobalSign /ac GlobalSign_Root_CA_MS_Cross_Cert.crt /as /fd sha256 /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" -signtool sign /v /a /n "IDRIX SARL" /i GlobalSign /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /as /fd sha256 /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" - - -cd "..\Release\Setup Files\" - -copy /V /Y ..\..\..\Translations\*.xml . - -"VeraCrypt Setup.exe" /p - -del *.xml - -cd "..\..\Signing" - -rem sign using SHA-1 -signtool sign /v /a /n IDRIX /i Thawte /ac Thawt_CodeSigning_CA.crt /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt Setup 1.17.exe" -rem sign using SHA-256 -signtool sign /v /a /n "IDRIX SARL" /i GlobalSign /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /as /fd sha256 /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "..\Release\Setup Files\VeraCrypt Setup 1.17.exe" - -pause +PATH=%PATH%;%WSDK81%\bin\x86 + +rem sign using SHA-1 +signtool sign /v /a /n IDRIX /i Thawte /ac thawte_Primary_MS_Cross_Cert.cer /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" +signtool sign /v /a /n IDRIX /i Thawte /ac Thawt_CodeSigning_CA.crt /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" + +rem sign using SHA-256 +signtool sign /v /a /n "IDRIX SARL" /i GlobalSign /ac GlobalSign_Root_CA_MS_Cross_Cert.crt /as /fd sha256 /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" +signtool sign /v /a /n "IDRIX SARL" /i GlobalSign /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /as /fd sha256 /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" + + +cd "..\Release\Setup Files\" + +copy /V /Y ..\..\..\Translations\*.xml . + +"VeraCrypt Setup.exe" /p + +del *.xml + +cd "..\..\Signing" + +rem sign using SHA-1 +signtool sign /v /a /n IDRIX /i Thawte /ac Thawt_CodeSigning_CA.crt /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt Setup 1.17.exe" +rem sign using SHA-256 +signtool sign /v /a /n "IDRIX SARL" /i GlobalSign /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /as /fd sha256 /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "..\Release\Setup Files\VeraCrypt Setup 1.17.exe" + +pause diff --git a/src/Signing/sign_test.bat b/src/Signing/sign_test.bat index 1cfe94aa..eb9c492a 100644 --- a/src/Signing/sign_test.bat +++ b/src/Signing/sign_test.bat @@ -1,32 +1,32 @@ -PATH=%PATH%;%WSDK81%\bin\x86 - -set PFXNAME=TestCertificate\idrix_codeSign.pfx -set PFXPASSWORD=idrix -set PFXCA=TestCertificate\idrix_TestRootCA.crt -set SHA256PFXNAME=TestCertificate\idrix_Sha256CodeSign.pfx -set SHA256PFXPASSWORD=idrix -set SHA256PFXCA=TestCertificate\idrix_SHA256TestRootCA.crt - -rem sign using SHA-1 -signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac %PFXCA% /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" - -rem sign using SHA-256 -signtool sign /v /a /f %SHA256PFXNAME% /p %SHA256PFXPASSWORD% /ac %SHA256PFXCA% /as /fd sha256 /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" - -cd "..\Release\Setup Files\" - -copy /V /Y ..\..\..\Translations\*.xml . - -"VeraCrypt Setup.exe" /p - -del *.xml - -cd "..\..\Signing" - -rem sign using SHA-1 -signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac %PFXCA% /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt Setup 1.17.exe" - -rem sign using SHA-256 -signtool sign /v /a /f %SHA256PFXNAME% /p %SHA256PFXPASSWORD% /ac %SHA256PFXCA% /as /fd sha256 /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "..\Release\Setup Files\VeraCrypt Setup 1.17.exe" - +PATH=%PATH%;%WSDK81%\bin\x86 + +set PFXNAME=TestCertificate\idrix_codeSign.pfx +set PFXPASSWORD=idrix +set PFXCA=TestCertificate\idrix_TestRootCA.crt +set SHA256PFXNAME=TestCertificate\idrix_Sha256CodeSign.pfx +set SHA256PFXPASSWORD=idrix +set SHA256PFXCA=TestCertificate\idrix_SHA256TestRootCA.crt + +rem sign using SHA-1 +signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac %PFXCA% /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" + +rem sign using SHA-256 +signtool sign /v /a /f %SHA256PFXNAME% /p %SHA256PFXPASSWORD% /ac %SHA256PFXCA% /as /fd sha256 /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" + +cd "..\Release\Setup Files\" + +copy /V /Y ..\..\..\Translations\*.xml . + +"VeraCrypt Setup.exe" /p + +del *.xml + +cd "..\..\Signing" + +rem sign using SHA-1 +signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac %PFXCA% /fd sha1 /t http://timestamp.verisign.com/scripts/timestamp.dll "..\Release\Setup Files\VeraCrypt Setup 1.17.exe" + +rem sign using SHA-256 +signtool sign /v /a /f %SHA256PFXNAME% /p %SHA256PFXPASSWORD% /ac %SHA256PFXCA% /as /fd sha256 /tr http://timestamp.globalsign.com/?signature=sha2 /td SHA256 "..\Release\Setup Files\VeraCrypt Setup 1.17.exe" + pause \ No newline at end of file diff --git a/src/Signing/thawte_Primary_MS_Cross_Cert.cer b/src/Signing/thawte_Primary_MS_Cross_Cert.cer index d5e09da0..4389935b 100644 --- a/src/Signing/thawte_Primary_MS_Cross_Cert.cer +++ b/src/Signing/thawte_Primary_MS_Cross_Cert.cer @@ -1,32 +1,32 @@ ------BEGIN CERTIFICATE----- -MIIFeTCCA2GgAwIBAgIKYR+wpAAAAAAAHTANBgkqhkiG9w0BAQUFADB/MQswCQYD -VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe -MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSkwJwYDVQQDEyBNaWNyb3Nv -ZnQgQ29kZSBWZXJpZmljYXRpb24gUm9vdDAeFw0xMTAyMjIxOTMxNTdaFw0yMTAy -MjIxOTQxNTdaMIGpMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu -MSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYD -VQQLEy8oYykgMjAwNiB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ug -b25seTEfMB0GA1UEAxMWdGhhd3RlIFByaW1hcnkgUm9vdCBDQTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAKyg8PuAWdScx6TPnaFZcwkQRQwNLG5o8Wxb -SGhJWTf8CzMZwnd/zBAtlTQc5utNCacc0rjJlzYCt4nUJF8GwMxElJSNAmJv61rd -EY0omlyEkBB6Db10Zi9qOKDi1VRE6x0Hnwe6b+7p/U4LKfU+hKAB8Zyr+Bx+iaTo -odhxZQ2jUXvuvNIiYA25W53fuvxRWwuvmLLpLukE6GKH3ivI107BTGQe3c+HWLpK -T8poBx0cnUrG1S+RzHxxchzFwGfrMv3JklyU2oXAm79TfSsJ9IydkR+XalLL3gk2 -pHfYe4dQRNU+bilp+zlJJh4JpYB7QC3r6CeFyf5h/X7mfJcd1Z0CAwEAAaOByzCB -yDARBgNVHSAECjAIMAYGBFUdIAAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMC -AYYwHQYDVR0OBBYEFHtbRc+vzst6/TGSGmq280brV0hQMB8GA1UdIwQYMBaAFGL7 -CiFbf0NuEdoJVFBr9dKWcfGeMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly9jcmwu -bWljcm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY3Jvc29mdENvZGVWZXJp -ZlJvb3QuY3JsMA0GCSqGSIb3DQEBBQUAA4ICAQAtzHG16LqU/17mRGcAe2r8QSw+ -5w5BhVqxKpMrqVuJ8vcrSZyAA/KXuOdgqA7X/V3lRUZ1lPTtHJ3hZiKLYfsp8sao -vfOHyY9/R+HAWLZKGqLn9xhgaWnggwaeJsd1xAwNedp0a1K5+ujqM1m5uxjdKRoU -39NqNyd6naDaz//8IsT68An/M+k+F7ocx0LPzidD0wwMVYEwPblgYM4C7OGe6B3c -hSzgoY2WbZWsF6RxPqFnQbYoHSzjthXlt+Wi9iVthuMgrPn4MU+OYpuYMzdtavc1 -Uj6Q/rA7X8W4UqngbqBHmieel66iSp5TGTnsNX7GWd464Kr1M/BqvaCCGBLeoYxF -cMor1i6VkUWZWlwkAEm9I7MM7KQ99bnh0bGCWjjuo/uhq0g6jF3/oGUiP9PT/kmQ -2xRGo4UuilVLCas4sqtjoAjR/a1I4nPYErzCbKUW+tCawF44ODorcY5VOqxCGXof -DUIg56tdjGiAUkyhwNSI0CMh+5ATCQB7STevqd9IYCKr9PbCNjv4UTw0u8WG5Drh -n0uQ/lRhAksVnDQXaqlLjUy2nSMmyDrx1rgFzdodYkAYOi8bQc06mToKqdHXfrjE -r/e4yYAQXtVd9s56mgLFD2OB77Vk6fxb2NJhmmjDfPnHjfkeh9X6LPgWrp2rBo/I -bcdBzaFOhOPawm68+w== ------END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFeTCCA2GgAwIBAgIKYR+wpAAAAAAAHTANBgkqhkiG9w0BAQUFADB/MQswCQYD +VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe +MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSkwJwYDVQQDEyBNaWNyb3Nv +ZnQgQ29kZSBWZXJpZmljYXRpb24gUm9vdDAeFw0xMTAyMjIxOTMxNTdaFw0yMTAy +MjIxOTQxNTdaMIGpMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu +MSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYD +VQQLEy8oYykgMjAwNiB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ug +b25seTEfMB0GA1UEAxMWdGhhd3RlIFByaW1hcnkgUm9vdCBDQTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAKyg8PuAWdScx6TPnaFZcwkQRQwNLG5o8Wxb +SGhJWTf8CzMZwnd/zBAtlTQc5utNCacc0rjJlzYCt4nUJF8GwMxElJSNAmJv61rd +EY0omlyEkBB6Db10Zi9qOKDi1VRE6x0Hnwe6b+7p/U4LKfU+hKAB8Zyr+Bx+iaTo +odhxZQ2jUXvuvNIiYA25W53fuvxRWwuvmLLpLukE6GKH3ivI107BTGQe3c+HWLpK +T8poBx0cnUrG1S+RzHxxchzFwGfrMv3JklyU2oXAm79TfSsJ9IydkR+XalLL3gk2 +pHfYe4dQRNU+bilp+zlJJh4JpYB7QC3r6CeFyf5h/X7mfJcd1Z0CAwEAAaOByzCB +yDARBgNVHSAECjAIMAYGBFUdIAAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMC +AYYwHQYDVR0OBBYEFHtbRc+vzst6/TGSGmq280brV0hQMB8GA1UdIwQYMBaAFGL7 +CiFbf0NuEdoJVFBr9dKWcfGeMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly9jcmwu +bWljcm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY3Jvc29mdENvZGVWZXJp +ZlJvb3QuY3JsMA0GCSqGSIb3DQEBBQUAA4ICAQAtzHG16LqU/17mRGcAe2r8QSw+ +5w5BhVqxKpMrqVuJ8vcrSZyAA/KXuOdgqA7X/V3lRUZ1lPTtHJ3hZiKLYfsp8sao +vfOHyY9/R+HAWLZKGqLn9xhgaWnggwaeJsd1xAwNedp0a1K5+ujqM1m5uxjdKRoU +39NqNyd6naDaz//8IsT68An/M+k+F7ocx0LPzidD0wwMVYEwPblgYM4C7OGe6B3c +hSzgoY2WbZWsF6RxPqFnQbYoHSzjthXlt+Wi9iVthuMgrPn4MU+OYpuYMzdtavc1 +Uj6Q/rA7X8W4UqngbqBHmieel66iSp5TGTnsNX7GWd464Kr1M/BqvaCCGBLeoYxF +cMor1i6VkUWZWlwkAEm9I7MM7KQ99bnh0bGCWjjuo/uhq0g6jF3/oGUiP9PT/kmQ +2xRGo4UuilVLCas4sqtjoAjR/a1I4nPYErzCbKUW+tCawF44ODorcY5VOqxCGXof +DUIg56tdjGiAUkyhwNSI0CMh+5ATCQB7STevqd9IYCKr9PbCNjv4UTw0u8WG5Drh +n0uQ/lRhAksVnDQXaqlLjUy2nSMmyDrx1rgFzdodYkAYOi8bQc06mToKqdHXfrjE +r/e4yYAQXtVd9s56mgLFD2OB77Vk6fxb2NJhmmjDfPnHjfkeh9X6LPgWrp2rBo/I +bcdBzaFOhOPawm68+w== +-----END CERTIFICATE----- diff --git a/src/VeraCrypt.sln b/src/VeraCrypt.sln index c4caa8ab..c5b77d86 100644 --- a/src/VeraCrypt.sln +++ b/src/VeraCrypt.sln @@ -1,474 +1,474 @@ -Microsoft Visual Studio Solution File, Format Version 10.00 -# Visual Studio 2008 -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Crypto", "Crypto\Crypto.vcproj", "{993245CF-6B70-47EE-91BB-39F8FC6DC0E7}" - ProjectSection(ProjectDependencies) = postProject - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Driver", "Driver\Driver.vcproj", "{EF5EF444-18D0-40D7-8DFA-775EC4448602}" - ProjectSection(ProjectDependencies) = postProject - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Format", "Format\Format.vcproj", "{9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}" - ProjectSection(ProjectDependencies) = postProject - {EF5EF444-18D0-40D7-8DFA-775EC4448602} = {EF5EF444-18D0-40D7-8DFA-775EC4448602} - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7} = {993245CF-6B70-47EE-91BB-39F8FC6DC0E7} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Mount", "Mount\Mount.vcproj", "{E4C40F94-E7F9-4981-86E4-186B46F993F3}" - ProjectSection(ProjectDependencies) = postProject - {EF5EF444-18D0-40D7-8DFA-775EC4448602} = {EF5EF444-18D0-40D7-8DFA-775EC4448602} - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7} = {993245CF-6B70-47EE-91BB-39F8FC6DC0E7} - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF} = {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Setup", "Setup\Setup.vcproj", "{DF5F654D-BD44-4E31-B92E-B68074DC37A8}" - ProjectSection(ProjectDependencies) = postProject - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827} = {9715FF1D-599B-4BBC-AD96-BEF6E08FF827} - {E4C40F94-E7F9-4981-86E4-186B46F993F3} = {E4C40F94-E7F9-4981-86E4-186B46F993F3} - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF} = {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Boot", "Boot\Windows\Boot.vcproj", "{8B7F059F-E4C7-4E11-88F5-EE8B8433072E}" -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ExpandVolume", "ExpandVolume\ExpandVolume.vcproj", "{9715FF1D-599B-4BBC-AD96-BEF6E08FF827}" - ProjectSection(ProjectDependencies) = postProject - {EF5EF444-18D0-40D7-8DFA-775EC4448602} = {EF5EF444-18D0-40D7-8DFA-775EC4448602} - {E4C40F94-E7F9-4981-86E4-186B46F993F3} = {E4C40F94-E7F9-4981-86E4-186B46F993F3} - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF} = {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF} - EndProjectSection -EndProject -Global - GlobalSection(SolutionConfigurationPlatforms) = preSolution - All Debug|Win32 = All Debug|Win32 - All Debug|x64 = All Debug|x64 - All|Win32 = All|Win32 - All|x64 = All|x64 - Boot Loader|Win32 = Boot Loader|Win32 - Boot Loader|x64 = Boot Loader|x64 - Boot|Win32 = Boot|Win32 - Boot|x64 = Boot|x64 - Debug|Win32 = Debug|Win32 - Debug|x64 = Debug|x64 - Driver Debug|Win32 = Driver Debug|Win32 - Driver Debug|x64 = Driver Debug|x64 - Driver x64 Debug|Win32 = Driver x64 Debug|Win32 - Driver x64 Debug|x64 = Driver x64 Debug|x64 - Driver x64|Win32 = Driver x64|Win32 - Driver x64|x64 = Driver x64|x64 - Driver x86 Debug|Win32 = Driver x86 Debug|Win32 - Driver x86 Debug|x64 = Driver x86 Debug|x64 - Driver x86|Win32 = Driver x86|Win32 - Driver x86|x64 = Driver x86|x64 - Driver|Win32 = Driver|Win32 - Driver|x64 = Driver|x64 - Format Debug|Win32 = Format Debug|Win32 - Format Debug|x64 = Format Debug|x64 - Format|Win32 = Format|Win32 - Format|x64 = Format|x64 - Mount Debug|Win32 = Mount Debug|Win32 - Mount Debug|x64 = Mount Debug|x64 - Mount|Win32 = Mount|Win32 - Mount|x64 = Mount|x64 - Release|Win32 = Release|Win32 - Release|x64 = Release|x64 - Setup Debug|Win32 = Setup Debug|Win32 - Setup Debug|x64 = Setup Debug|x64 - Setup|Win32 = Setup|Win32 - Setup|x64 = Setup|x64 - EndGlobalSection - GlobalSection(ProjectConfigurationPlatforms) = postSolution - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All Debug|Win32.ActiveCfg = Debug|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All Debug|Win32.Build.0 = Debug|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All Debug|x64.ActiveCfg = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All Debug|x64.Build.0 = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All|Win32.ActiveCfg = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All|Win32.Build.0 = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All|x64.ActiveCfg = Release|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All|x64.Build.0 = Release|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Boot Loader|Win32.ActiveCfg = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Boot Loader|x64.ActiveCfg = Release|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Boot Loader|x64.Build.0 = Release|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Boot|Win32.ActiveCfg = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Boot|x64.ActiveCfg = Release|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Boot|x64.Build.0 = Release|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Debug|Win32.ActiveCfg = Debug|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Debug|Win32.Build.0 = Debug|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Debug|x64.ActiveCfg = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Debug|x64.Build.0 = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver Debug|Win32.ActiveCfg = Debug|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver Debug|x64.ActiveCfg = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver Debug|x64.Build.0 = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x64 Debug|Win32.ActiveCfg = Debug|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x64 Debug|x64.ActiveCfg = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x64 Debug|x64.Build.0 = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x64|Win32.ActiveCfg = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x64|x64.ActiveCfg = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x64|x64.Build.0 = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x86 Debug|Win32.ActiveCfg = Debug|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x86 Debug|x64.ActiveCfg = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x86 Debug|x64.Build.0 = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x86|Win32.ActiveCfg = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x86|x64.ActiveCfg = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x86|x64.Build.0 = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver|Win32.ActiveCfg = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver|x64.ActiveCfg = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver|x64.Build.0 = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format Debug|Win32.ActiveCfg = Debug|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format Debug|Win32.Build.0 = Debug|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format Debug|x64.ActiveCfg = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format Debug|x64.Build.0 = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format|Win32.ActiveCfg = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format|Win32.Build.0 = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format|x64.ActiveCfg = Release|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format|x64.Build.0 = Release|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount Debug|Win32.ActiveCfg = Debug|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount Debug|Win32.Build.0 = Debug|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount Debug|x64.ActiveCfg = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount Debug|x64.Build.0 = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount|Win32.ActiveCfg = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount|Win32.Build.0 = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount|x64.ActiveCfg = Release|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount|x64.Build.0 = Release|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Release|Win32.ActiveCfg = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Release|Win32.Build.0 = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Release|x64.ActiveCfg = Release|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Release|x64.Build.0 = Release|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Setup Debug|Win32.ActiveCfg = Debug|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Setup Debug|x64.ActiveCfg = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Setup Debug|x64.Build.0 = Debug|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Setup|Win32.ActiveCfg = Release|Win32 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Setup|x64.ActiveCfg = Release|x64 - {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Setup|x64.Build.0 = Release|x64 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.All Debug|Win32.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.All Debug|Win32.Build.0 = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.All Debug|x64.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.All|Win32.ActiveCfg = Release|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.All|Win32.Build.0 = Release|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.All|x64.ActiveCfg = Release|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Boot Loader|Win32.ActiveCfg = Release|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Boot Loader|x64.ActiveCfg = Debug x64|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Boot|Win32.ActiveCfg = Release|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Boot|x64.ActiveCfg = Debug x64|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Debug|Win32.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Debug|Win32.Build.0 = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Debug|x64.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver Debug|Win32.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver Debug|Win32.Build.0 = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver Debug|x64.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x64 Debug|Win32.ActiveCfg = Debug x64|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x64 Debug|Win32.Build.0 = Debug x64|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x64 Debug|x64.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x64|Win32.ActiveCfg = Release x64|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x64|Win32.Build.0 = Release x64|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x64|x64.ActiveCfg = Debug x64|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x86 Debug|Win32.ActiveCfg = Debug x86|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x86 Debug|Win32.Build.0 = Debug x86|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x86 Debug|x64.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x86|Win32.ActiveCfg = Release x86|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x86|Win32.Build.0 = Release x86|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x86|x64.ActiveCfg = Debug x64|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver|Win32.ActiveCfg = Release|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver|Win32.Build.0 = Release|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver|x64.ActiveCfg = Debug x64|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Format Debug|Win32.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Format Debug|x64.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Format|Win32.ActiveCfg = Release|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Format|x64.ActiveCfg = Debug x64|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Mount Debug|Win32.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Mount Debug|x64.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Mount|Win32.ActiveCfg = Release|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Mount|x64.ActiveCfg = Debug x64|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Release|Win32.ActiveCfg = Release|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Release|Win32.Build.0 = Release|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Release|x64.ActiveCfg = Release|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Setup Debug|Win32.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Setup Debug|x64.ActiveCfg = Debug|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Setup|Win32.ActiveCfg = Release|Win32 - {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Setup|x64.ActiveCfg = Debug x64|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All Debug|Win32.ActiveCfg = Debug|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All Debug|Win32.Build.0 = Debug|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All Debug|x64.ActiveCfg = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All Debug|x64.Build.0 = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All|Win32.ActiveCfg = Release|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All|Win32.Build.0 = Release|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All|x64.ActiveCfg = Release|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All|x64.Build.0 = Release|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Boot Loader|Win32.ActiveCfg = Release|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Boot Loader|x64.ActiveCfg = Release|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Boot Loader|x64.Build.0 = Release|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Boot|Win32.ActiveCfg = Release|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Boot|x64.ActiveCfg = Release|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Boot|x64.Build.0 = Release|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Debug|Win32.ActiveCfg = Debug|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Debug|Win32.Build.0 = Debug|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Debug|x64.ActiveCfg = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Debug|x64.Build.0 = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver Debug|Win32.ActiveCfg = Debug|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver Debug|x64.ActiveCfg = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver Debug|x64.Build.0 = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x64 Debug|Win32.ActiveCfg = Debug|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x64 Debug|x64.ActiveCfg = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x64 Debug|x64.Build.0 = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x64|Win32.ActiveCfg = Release|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x64|x64.ActiveCfg = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x64|x64.Build.0 = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x86 Debug|Win32.ActiveCfg = Debug|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x86 Debug|x64.ActiveCfg = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x86 Debug|x64.Build.0 = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x86|Win32.ActiveCfg = Release|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x86|x64.ActiveCfg = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x86|x64.Build.0 = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver|Win32.ActiveCfg = Release|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver|x64.ActiveCfg = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver|x64.Build.0 = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format Debug|Win32.ActiveCfg = Debug|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format Debug|Win32.Build.0 = Debug|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format Debug|x64.ActiveCfg = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format Debug|x64.Build.0 = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format|Win32.ActiveCfg = Release|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format|Win32.Build.0 = Release|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format|x64.ActiveCfg = Release|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format|x64.Build.0 = Release|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Mount Debug|Win32.ActiveCfg = Debug|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Mount Debug|x64.ActiveCfg = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Mount Debug|x64.Build.0 = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Mount|Win32.ActiveCfg = Release|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Mount|x64.ActiveCfg = Release|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Mount|x64.Build.0 = Release|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Release|Win32.ActiveCfg = Release|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Release|Win32.Build.0 = Release|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Release|x64.ActiveCfg = Release|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Release|x64.Build.0 = Release|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Setup Debug|Win32.ActiveCfg = Debug|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Setup Debug|x64.ActiveCfg = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Setup Debug|x64.Build.0 = Debug|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Setup|Win32.ActiveCfg = Release|Win32 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Setup|x64.ActiveCfg = Release|x64 - {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Setup|x64.Build.0 = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All Debug|Win32.ActiveCfg = Debug|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All Debug|Win32.Build.0 = Debug|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All Debug|x64.ActiveCfg = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All Debug|x64.Build.0 = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All|Win32.ActiveCfg = Release|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All|Win32.Build.0 = Release|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All|x64.ActiveCfg = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All|x64.Build.0 = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Boot Loader|Win32.ActiveCfg = Release|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Boot Loader|x64.ActiveCfg = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Boot Loader|x64.Build.0 = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Boot|Win32.ActiveCfg = Release|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Boot|x64.ActiveCfg = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Boot|x64.Build.0 = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Debug|Win32.ActiveCfg = Debug|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Debug|Win32.Build.0 = Debug|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Debug|x64.ActiveCfg = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Debug|x64.Build.0 = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver Debug|Win32.ActiveCfg = Debug|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver Debug|x64.ActiveCfg = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver Debug|x64.Build.0 = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x64 Debug|Win32.ActiveCfg = Debug|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x64 Debug|x64.ActiveCfg = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x64 Debug|x64.Build.0 = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x64|Win32.ActiveCfg = Release|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x64|x64.ActiveCfg = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x64|x64.Build.0 = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x86 Debug|Win32.ActiveCfg = Debug|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x86 Debug|x64.ActiveCfg = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x86 Debug|x64.Build.0 = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x86|Win32.ActiveCfg = Release|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x86|x64.ActiveCfg = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x86|x64.Build.0 = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver|Win32.ActiveCfg = Release|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver|x64.ActiveCfg = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver|x64.Build.0 = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Format Debug|Win32.ActiveCfg = Debug|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Format Debug|x64.ActiveCfg = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Format Debug|x64.Build.0 = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Format|Win32.ActiveCfg = Release|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Format|x64.ActiveCfg = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Format|x64.Build.0 = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount Debug|Win32.ActiveCfg = Debug|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount Debug|Win32.Build.0 = Debug|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount Debug|x64.ActiveCfg = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount Debug|x64.Build.0 = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount|Win32.ActiveCfg = Release|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount|Win32.Build.0 = Release|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount|x64.ActiveCfg = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount|x64.Build.0 = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Release|Win32.ActiveCfg = Release|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Release|Win32.Build.0 = Release|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Release|x64.ActiveCfg = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Release|x64.Build.0 = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Setup Debug|Win32.ActiveCfg = Debug|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Setup Debug|x64.ActiveCfg = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Setup Debug|x64.Build.0 = Debug|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Setup|Win32.ActiveCfg = Release|Win32 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Setup|x64.ActiveCfg = Release|x64 - {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Setup|x64.Build.0 = Release|x64 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.All Debug|Win32.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.All Debug|Win32.Build.0 = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.All Debug|x64.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.All|Win32.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.All|Win32.Build.0 = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.All|x64.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Boot Loader|Win32.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Boot Loader|x64.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Boot|Win32.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Boot|x64.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Debug|Win32.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Debug|Win32.Build.0 = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Debug|x64.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver Debug|Win32.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver Debug|x64.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x64 Debug|Win32.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x64 Debug|x64.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x64|Win32.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x64|x64.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x86 Debug|Win32.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x86 Debug|x64.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x86|Win32.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x86|x64.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver|Win32.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver|x64.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Format Debug|Win32.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Format Debug|x64.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Format|Win32.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Format|x64.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Mount Debug|Win32.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Mount Debug|x64.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Mount|Win32.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Mount|x64.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Release|Win32.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Release|Win32.Build.0 = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Release|x64.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Setup Debug|Win32.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Setup Debug|Win32.Build.0 = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Setup Debug|x64.ActiveCfg = Debug|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Setup|Win32.ActiveCfg = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Setup|Win32.Build.0 = Release|Win32 - {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Setup|x64.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.All Debug|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.All Debug|Win32.Build.0 = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.All Debug|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.All|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.All|Win32.Build.0 = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.All|x64.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Boot Loader|Win32.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Boot Loader|Win32.Build.0 = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Boot Loader|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Boot|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Boot|Win32.Build.0 = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Boot|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Debug|Win32.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Debug|Win32.Build.0 = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Debug|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver Debug|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver Debug|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x64 Debug|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x64 Debug|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x64|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x64|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x86 Debug|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x86 Debug|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x86|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x86|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Format Debug|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Format Debug|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Format|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Format|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Mount Debug|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Mount Debug|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Mount|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Mount|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Release|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Release|Win32.Build.0 = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Release|x64.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Setup Debug|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Setup Debug|x64.ActiveCfg = Release Loader|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Setup|Win32.ActiveCfg = Release|Win32 - {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Setup|x64.ActiveCfg = Release Loader|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All Debug|Win32.ActiveCfg = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All Debug|Win32.Build.0 = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All Debug|x64.ActiveCfg = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All Debug|x64.Build.0 = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All|Win32.ActiveCfg = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All|Win32.Build.0 = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All|x64.ActiveCfg = Release|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All|x64.Build.0 = Release|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot Loader|Win32.ActiveCfg = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot Loader|Win32.Build.0 = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot Loader|x64.ActiveCfg = Release|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot Loader|x64.Build.0 = Release|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot|Win32.ActiveCfg = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot|Win32.Build.0 = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot|x64.ActiveCfg = Release|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot|x64.Build.0 = Release|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Debug|Win32.ActiveCfg = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Debug|Win32.Build.0 = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Debug|x64.ActiveCfg = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Debug|x64.Build.0 = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver Debug|Win32.ActiveCfg = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver Debug|Win32.Build.0 = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver Debug|x64.ActiveCfg = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver Debug|x64.Build.0 = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64 Debug|Win32.ActiveCfg = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64 Debug|Win32.Build.0 = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64 Debug|x64.ActiveCfg = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64 Debug|x64.Build.0 = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64|Win32.ActiveCfg = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64|Win32.Build.0 = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64|x64.ActiveCfg = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64|x64.Build.0 = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86 Debug|Win32.ActiveCfg = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86 Debug|Win32.Build.0 = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86 Debug|x64.ActiveCfg = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86 Debug|x64.Build.0 = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86|Win32.ActiveCfg = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86|Win32.Build.0 = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86|x64.ActiveCfg = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86|x64.Build.0 = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver|Win32.ActiveCfg = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver|Win32.Build.0 = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver|x64.ActiveCfg = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver|x64.Build.0 = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format Debug|Win32.ActiveCfg = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format Debug|Win32.Build.0 = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format Debug|x64.ActiveCfg = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format Debug|x64.Build.0 = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format|Win32.ActiveCfg = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format|Win32.Build.0 = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format|x64.ActiveCfg = Release|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format|x64.Build.0 = Release|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount Debug|Win32.ActiveCfg = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount Debug|Win32.Build.0 = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount Debug|x64.ActiveCfg = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount Debug|x64.Build.0 = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount|Win32.ActiveCfg = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount|Win32.Build.0 = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount|x64.ActiveCfg = Release|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount|x64.Build.0 = Release|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Release|Win32.ActiveCfg = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Release|Win32.Build.0 = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Release|x64.ActiveCfg = Release|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Release|x64.Build.0 = Release|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup Debug|Win32.ActiveCfg = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup Debug|Win32.Build.0 = Debug|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup Debug|x64.ActiveCfg = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup Debug|x64.Build.0 = Debug|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup|Win32.ActiveCfg = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup|Win32.Build.0 = Release|Win32 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup|x64.ActiveCfg = Release|x64 - {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup|x64.Build.0 = Release|x64 - EndGlobalSection - GlobalSection(SolutionProperties) = preSolution - HideSolutionNode = FALSE - EndGlobalSection -EndGlobal +Microsoft Visual Studio Solution File, Format Version 10.00 +# Visual Studio 2008 +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Crypto", "Crypto\Crypto.vcproj", "{993245CF-6B70-47EE-91BB-39F8FC6DC0E7}" + ProjectSection(ProjectDependencies) = postProject + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Driver", "Driver\Driver.vcproj", "{EF5EF444-18D0-40D7-8DFA-775EC4448602}" + ProjectSection(ProjectDependencies) = postProject + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Format", "Format\Format.vcproj", "{9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}" + ProjectSection(ProjectDependencies) = postProject + {EF5EF444-18D0-40D7-8DFA-775EC4448602} = {EF5EF444-18D0-40D7-8DFA-775EC4448602} + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7} = {993245CF-6B70-47EE-91BB-39F8FC6DC0E7} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Mount", "Mount\Mount.vcproj", "{E4C40F94-E7F9-4981-86E4-186B46F993F3}" + ProjectSection(ProjectDependencies) = postProject + {EF5EF444-18D0-40D7-8DFA-775EC4448602} = {EF5EF444-18D0-40D7-8DFA-775EC4448602} + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7} = {993245CF-6B70-47EE-91BB-39F8FC6DC0E7} + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF} = {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Setup", "Setup\Setup.vcproj", "{DF5F654D-BD44-4E31-B92E-B68074DC37A8}" + ProjectSection(ProjectDependencies) = postProject + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827} = {9715FF1D-599B-4BBC-AD96-BEF6E08FF827} + {E4C40F94-E7F9-4981-86E4-186B46F993F3} = {E4C40F94-E7F9-4981-86E4-186B46F993F3} + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF} = {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Boot", "Boot\Windows\Boot.vcproj", "{8B7F059F-E4C7-4E11-88F5-EE8B8433072E}" +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ExpandVolume", "ExpandVolume\ExpandVolume.vcproj", "{9715FF1D-599B-4BBC-AD96-BEF6E08FF827}" + ProjectSection(ProjectDependencies) = postProject + {EF5EF444-18D0-40D7-8DFA-775EC4448602} = {EF5EF444-18D0-40D7-8DFA-775EC4448602} + {E4C40F94-E7F9-4981-86E4-186B46F993F3} = {E4C40F94-E7F9-4981-86E4-186B46F993F3} + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E} + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF} = {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF} + EndProjectSection +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + All Debug|Win32 = All Debug|Win32 + All Debug|x64 = All Debug|x64 + All|Win32 = All|Win32 + All|x64 = All|x64 + Boot Loader|Win32 = Boot Loader|Win32 + Boot Loader|x64 = Boot Loader|x64 + Boot|Win32 = Boot|Win32 + Boot|x64 = Boot|x64 + Debug|Win32 = Debug|Win32 + Debug|x64 = Debug|x64 + Driver Debug|Win32 = Driver Debug|Win32 + Driver Debug|x64 = Driver Debug|x64 + Driver x64 Debug|Win32 = Driver x64 Debug|Win32 + Driver x64 Debug|x64 = Driver x64 Debug|x64 + Driver x64|Win32 = Driver x64|Win32 + Driver x64|x64 = Driver x64|x64 + Driver x86 Debug|Win32 = Driver x86 Debug|Win32 + Driver x86 Debug|x64 = Driver x86 Debug|x64 + Driver x86|Win32 = Driver x86|Win32 + Driver x86|x64 = Driver x86|x64 + Driver|Win32 = Driver|Win32 + Driver|x64 = Driver|x64 + Format Debug|Win32 = Format Debug|Win32 + Format Debug|x64 = Format Debug|x64 + Format|Win32 = Format|Win32 + Format|x64 = Format|x64 + Mount Debug|Win32 = Mount Debug|Win32 + Mount Debug|x64 = Mount Debug|x64 + Mount|Win32 = Mount|Win32 + Mount|x64 = Mount|x64 + Release|Win32 = Release|Win32 + Release|x64 = Release|x64 + Setup Debug|Win32 = Setup Debug|Win32 + Setup Debug|x64 = Setup Debug|x64 + Setup|Win32 = Setup|Win32 + Setup|x64 = Setup|x64 + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All Debug|Win32.ActiveCfg = Debug|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All Debug|Win32.Build.0 = Debug|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All Debug|x64.ActiveCfg = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All Debug|x64.Build.0 = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All|Win32.ActiveCfg = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All|Win32.Build.0 = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All|x64.ActiveCfg = Release|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.All|x64.Build.0 = Release|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Boot Loader|Win32.ActiveCfg = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Boot Loader|x64.ActiveCfg = Release|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Boot Loader|x64.Build.0 = Release|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Boot|Win32.ActiveCfg = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Boot|x64.ActiveCfg = Release|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Boot|x64.Build.0 = Release|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Debug|Win32.ActiveCfg = Debug|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Debug|Win32.Build.0 = Debug|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Debug|x64.ActiveCfg = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Debug|x64.Build.0 = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver Debug|Win32.ActiveCfg = Debug|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver Debug|x64.ActiveCfg = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver Debug|x64.Build.0 = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x64 Debug|Win32.ActiveCfg = Debug|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x64 Debug|x64.ActiveCfg = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x64 Debug|x64.Build.0 = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x64|Win32.ActiveCfg = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x64|x64.ActiveCfg = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x64|x64.Build.0 = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x86 Debug|Win32.ActiveCfg = Debug|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x86 Debug|x64.ActiveCfg = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x86 Debug|x64.Build.0 = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x86|Win32.ActiveCfg = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x86|x64.ActiveCfg = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver x86|x64.Build.0 = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver|Win32.ActiveCfg = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver|x64.ActiveCfg = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Driver|x64.Build.0 = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format Debug|Win32.ActiveCfg = Debug|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format Debug|Win32.Build.0 = Debug|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format Debug|x64.ActiveCfg = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format Debug|x64.Build.0 = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format|Win32.ActiveCfg = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format|Win32.Build.0 = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format|x64.ActiveCfg = Release|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Format|x64.Build.0 = Release|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount Debug|Win32.ActiveCfg = Debug|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount Debug|Win32.Build.0 = Debug|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount Debug|x64.ActiveCfg = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount Debug|x64.Build.0 = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount|Win32.ActiveCfg = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount|Win32.Build.0 = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount|x64.ActiveCfg = Release|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Mount|x64.Build.0 = Release|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Release|Win32.ActiveCfg = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Release|Win32.Build.0 = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Release|x64.ActiveCfg = Release|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Release|x64.Build.0 = Release|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Setup Debug|Win32.ActiveCfg = Debug|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Setup Debug|x64.ActiveCfg = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Setup Debug|x64.Build.0 = Debug|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Setup|Win32.ActiveCfg = Release|Win32 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Setup|x64.ActiveCfg = Release|x64 + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}.Setup|x64.Build.0 = Release|x64 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.All Debug|Win32.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.All Debug|Win32.Build.0 = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.All Debug|x64.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.All|Win32.ActiveCfg = Release|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.All|Win32.Build.0 = Release|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.All|x64.ActiveCfg = Release|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Boot Loader|Win32.ActiveCfg = Release|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Boot Loader|x64.ActiveCfg = Debug x64|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Boot|Win32.ActiveCfg = Release|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Boot|x64.ActiveCfg = Debug x64|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Debug|Win32.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Debug|Win32.Build.0 = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Debug|x64.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver Debug|Win32.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver Debug|Win32.Build.0 = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver Debug|x64.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x64 Debug|Win32.ActiveCfg = Debug x64|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x64 Debug|Win32.Build.0 = Debug x64|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x64 Debug|x64.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x64|Win32.ActiveCfg = Release x64|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x64|Win32.Build.0 = Release x64|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x64|x64.ActiveCfg = Debug x64|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x86 Debug|Win32.ActiveCfg = Debug x86|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x86 Debug|Win32.Build.0 = Debug x86|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x86 Debug|x64.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x86|Win32.ActiveCfg = Release x86|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x86|Win32.Build.0 = Release x86|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver x86|x64.ActiveCfg = Debug x64|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver|Win32.ActiveCfg = Release|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver|Win32.Build.0 = Release|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Driver|x64.ActiveCfg = Debug x64|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Format Debug|Win32.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Format Debug|x64.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Format|Win32.ActiveCfg = Release|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Format|x64.ActiveCfg = Debug x64|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Mount Debug|Win32.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Mount Debug|x64.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Mount|Win32.ActiveCfg = Release|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Mount|x64.ActiveCfg = Debug x64|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Release|Win32.ActiveCfg = Release|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Release|Win32.Build.0 = Release|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Release|x64.ActiveCfg = Release|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Setup Debug|Win32.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Setup Debug|x64.ActiveCfg = Debug|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Setup|Win32.ActiveCfg = Release|Win32 + {EF5EF444-18D0-40D7-8DFA-775EC4448602}.Setup|x64.ActiveCfg = Debug x64|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All Debug|Win32.ActiveCfg = Debug|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All Debug|Win32.Build.0 = Debug|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All Debug|x64.ActiveCfg = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All Debug|x64.Build.0 = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All|Win32.ActiveCfg = Release|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All|Win32.Build.0 = Release|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All|x64.ActiveCfg = Release|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.All|x64.Build.0 = Release|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Boot Loader|Win32.ActiveCfg = Release|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Boot Loader|x64.ActiveCfg = Release|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Boot Loader|x64.Build.0 = Release|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Boot|Win32.ActiveCfg = Release|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Boot|x64.ActiveCfg = Release|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Boot|x64.Build.0 = Release|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Debug|Win32.ActiveCfg = Debug|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Debug|Win32.Build.0 = Debug|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Debug|x64.ActiveCfg = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Debug|x64.Build.0 = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver Debug|Win32.ActiveCfg = Debug|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver Debug|x64.ActiveCfg = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver Debug|x64.Build.0 = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x64 Debug|Win32.ActiveCfg = Debug|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x64 Debug|x64.ActiveCfg = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x64 Debug|x64.Build.0 = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x64|Win32.ActiveCfg = Release|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x64|x64.ActiveCfg = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x64|x64.Build.0 = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x86 Debug|Win32.ActiveCfg = Debug|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x86 Debug|x64.ActiveCfg = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x86 Debug|x64.Build.0 = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x86|Win32.ActiveCfg = Release|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x86|x64.ActiveCfg = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver x86|x64.Build.0 = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver|Win32.ActiveCfg = Release|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver|x64.ActiveCfg = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Driver|x64.Build.0 = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format Debug|Win32.ActiveCfg = Debug|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format Debug|Win32.Build.0 = Debug|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format Debug|x64.ActiveCfg = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format Debug|x64.Build.0 = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format|Win32.ActiveCfg = Release|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format|Win32.Build.0 = Release|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format|x64.ActiveCfg = Release|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Format|x64.Build.0 = Release|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Mount Debug|Win32.ActiveCfg = Debug|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Mount Debug|x64.ActiveCfg = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Mount Debug|x64.Build.0 = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Mount|Win32.ActiveCfg = Release|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Mount|x64.ActiveCfg = Release|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Mount|x64.Build.0 = Release|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Release|Win32.ActiveCfg = Release|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Release|Win32.Build.0 = Release|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Release|x64.ActiveCfg = Release|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Release|x64.Build.0 = Release|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Setup Debug|Win32.ActiveCfg = Debug|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Setup Debug|x64.ActiveCfg = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Setup Debug|x64.Build.0 = Debug|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Setup|Win32.ActiveCfg = Release|Win32 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Setup|x64.ActiveCfg = Release|x64 + {9DC1ABE2-D18B-48FB-81D2-8C50ADC57BCF}.Setup|x64.Build.0 = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All Debug|Win32.ActiveCfg = Debug|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All Debug|Win32.Build.0 = Debug|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All Debug|x64.ActiveCfg = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All Debug|x64.Build.0 = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All|Win32.ActiveCfg = Release|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All|Win32.Build.0 = Release|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All|x64.ActiveCfg = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.All|x64.Build.0 = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Boot Loader|Win32.ActiveCfg = Release|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Boot Loader|x64.ActiveCfg = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Boot Loader|x64.Build.0 = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Boot|Win32.ActiveCfg = Release|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Boot|x64.ActiveCfg = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Boot|x64.Build.0 = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Debug|Win32.ActiveCfg = Debug|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Debug|Win32.Build.0 = Debug|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Debug|x64.ActiveCfg = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Debug|x64.Build.0 = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver Debug|Win32.ActiveCfg = Debug|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver Debug|x64.ActiveCfg = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver Debug|x64.Build.0 = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x64 Debug|Win32.ActiveCfg = Debug|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x64 Debug|x64.ActiveCfg = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x64 Debug|x64.Build.0 = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x64|Win32.ActiveCfg = Release|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x64|x64.ActiveCfg = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x64|x64.Build.0 = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x86 Debug|Win32.ActiveCfg = Debug|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x86 Debug|x64.ActiveCfg = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x86 Debug|x64.Build.0 = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x86|Win32.ActiveCfg = Release|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x86|x64.ActiveCfg = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver x86|x64.Build.0 = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver|Win32.ActiveCfg = Release|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver|x64.ActiveCfg = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Driver|x64.Build.0 = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Format Debug|Win32.ActiveCfg = Debug|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Format Debug|x64.ActiveCfg = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Format Debug|x64.Build.0 = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Format|Win32.ActiveCfg = Release|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Format|x64.ActiveCfg = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Format|x64.Build.0 = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount Debug|Win32.ActiveCfg = Debug|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount Debug|Win32.Build.0 = Debug|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount Debug|x64.ActiveCfg = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount Debug|x64.Build.0 = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount|Win32.ActiveCfg = Release|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount|Win32.Build.0 = Release|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount|x64.ActiveCfg = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Mount|x64.Build.0 = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Release|Win32.ActiveCfg = Release|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Release|Win32.Build.0 = Release|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Release|x64.ActiveCfg = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Release|x64.Build.0 = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Setup Debug|Win32.ActiveCfg = Debug|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Setup Debug|x64.ActiveCfg = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Setup Debug|x64.Build.0 = Debug|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Setup|Win32.ActiveCfg = Release|Win32 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Setup|x64.ActiveCfg = Release|x64 + {E4C40F94-E7F9-4981-86E4-186B46F993F3}.Setup|x64.Build.0 = Release|x64 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.All Debug|Win32.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.All Debug|Win32.Build.0 = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.All Debug|x64.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.All|Win32.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.All|Win32.Build.0 = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.All|x64.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Boot Loader|Win32.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Boot Loader|x64.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Boot|Win32.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Boot|x64.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Debug|Win32.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Debug|Win32.Build.0 = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Debug|x64.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver Debug|Win32.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver Debug|x64.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x64 Debug|Win32.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x64 Debug|x64.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x64|Win32.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x64|x64.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x86 Debug|Win32.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x86 Debug|x64.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x86|Win32.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver x86|x64.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver|Win32.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Driver|x64.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Format Debug|Win32.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Format Debug|x64.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Format|Win32.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Format|x64.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Mount Debug|Win32.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Mount Debug|x64.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Mount|Win32.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Mount|x64.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Release|Win32.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Release|Win32.Build.0 = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Release|x64.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Setup Debug|Win32.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Setup Debug|Win32.Build.0 = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Setup Debug|x64.ActiveCfg = Debug|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Setup|Win32.ActiveCfg = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Setup|Win32.Build.0 = Release|Win32 + {DF5F654D-BD44-4E31-B92E-B68074DC37A8}.Setup|x64.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.All Debug|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.All Debug|Win32.Build.0 = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.All Debug|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.All|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.All|Win32.Build.0 = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.All|x64.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Boot Loader|Win32.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Boot Loader|Win32.Build.0 = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Boot Loader|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Boot|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Boot|Win32.Build.0 = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Boot|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Debug|Win32.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Debug|Win32.Build.0 = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Debug|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver Debug|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver Debug|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x64 Debug|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x64 Debug|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x64|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x64|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x86 Debug|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x86 Debug|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x86|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver x86|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Driver|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Format Debug|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Format Debug|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Format|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Format|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Mount Debug|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Mount Debug|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Mount|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Mount|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Release|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Release|Win32.Build.0 = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Release|x64.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Setup Debug|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Setup Debug|x64.ActiveCfg = Release Loader|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Setup|Win32.ActiveCfg = Release|Win32 + {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}.Setup|x64.ActiveCfg = Release Loader|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All Debug|Win32.ActiveCfg = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All Debug|Win32.Build.0 = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All Debug|x64.ActiveCfg = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All Debug|x64.Build.0 = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All|Win32.ActiveCfg = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All|Win32.Build.0 = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All|x64.ActiveCfg = Release|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.All|x64.Build.0 = Release|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot Loader|Win32.ActiveCfg = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot Loader|Win32.Build.0 = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot Loader|x64.ActiveCfg = Release|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot Loader|x64.Build.0 = Release|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot|Win32.ActiveCfg = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot|Win32.Build.0 = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot|x64.ActiveCfg = Release|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Boot|x64.Build.0 = Release|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Debug|Win32.ActiveCfg = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Debug|Win32.Build.0 = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Debug|x64.ActiveCfg = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Debug|x64.Build.0 = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver Debug|Win32.ActiveCfg = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver Debug|Win32.Build.0 = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver Debug|x64.ActiveCfg = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver Debug|x64.Build.0 = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64 Debug|Win32.ActiveCfg = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64 Debug|Win32.Build.0 = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64 Debug|x64.ActiveCfg = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64 Debug|x64.Build.0 = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64|Win32.ActiveCfg = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64|Win32.Build.0 = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64|x64.ActiveCfg = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x64|x64.Build.0 = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86 Debug|Win32.ActiveCfg = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86 Debug|Win32.Build.0 = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86 Debug|x64.ActiveCfg = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86 Debug|x64.Build.0 = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86|Win32.ActiveCfg = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86|Win32.Build.0 = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86|x64.ActiveCfg = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver x86|x64.Build.0 = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver|Win32.ActiveCfg = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver|Win32.Build.0 = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver|x64.ActiveCfg = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Driver|x64.Build.0 = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format Debug|Win32.ActiveCfg = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format Debug|Win32.Build.0 = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format Debug|x64.ActiveCfg = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format Debug|x64.Build.0 = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format|Win32.ActiveCfg = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format|Win32.Build.0 = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format|x64.ActiveCfg = Release|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Format|x64.Build.0 = Release|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount Debug|Win32.ActiveCfg = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount Debug|Win32.Build.0 = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount Debug|x64.ActiveCfg = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount Debug|x64.Build.0 = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount|Win32.ActiveCfg = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount|Win32.Build.0 = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount|x64.ActiveCfg = Release|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Mount|x64.Build.0 = Release|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Release|Win32.ActiveCfg = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Release|Win32.Build.0 = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Release|x64.ActiveCfg = Release|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Release|x64.Build.0 = Release|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup Debug|Win32.ActiveCfg = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup Debug|Win32.Build.0 = Debug|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup Debug|x64.ActiveCfg = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup Debug|x64.Build.0 = Debug|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup|Win32.ActiveCfg = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup|Win32.Build.0 = Release|Win32 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup|x64.ActiveCfg = Release|x64 + {9715FF1D-599B-4BBC-AD96-BEF6E08FF827}.Setup|x64.Build.0 = Release|x64 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection +EndGlobal -- cgit v1.2.3